128993443SEd Schouten /*- 228993443SEd Schouten * Copyright (c) 1982, 1986, 1991, 1993 328993443SEd Schouten * The Regents of the University of California. All rights reserved. 428993443SEd Schouten * (c) UNIX System Laboratories, Inc. 528993443SEd Schouten * All or some portions of this file are derived from material licensed 628993443SEd Schouten * to the University of California by American Telephone and Telegraph 728993443SEd Schouten * Co. or Unix System Laboratories, Inc. and are reproduced herein with 828993443SEd Schouten * the permission of UNIX System Laboratories, Inc. 928993443SEd Schouten * 1028993443SEd Schouten * Redistribution and use in source and binary forms, with or without 1128993443SEd Schouten * modification, are permitted provided that the following conditions 1228993443SEd Schouten * are met: 1328993443SEd Schouten * 1. Redistributions of source code must retain the above copyright 1428993443SEd Schouten * notice, this list of conditions and the following disclaimer. 1528993443SEd Schouten * 2. Redistributions in binary form must reproduce the above copyright 1628993443SEd Schouten * notice, this list of conditions and the following disclaimer in the 1728993443SEd Schouten * documentation and/or other materials provided with the distribution. 1828993443SEd Schouten * 4. Neither the name of the University nor the names of its contributors 1928993443SEd Schouten * may be used to endorse or promote products derived from this software 2028993443SEd Schouten * without specific prior written permission. 2128993443SEd Schouten * 2228993443SEd Schouten * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 2328993443SEd Schouten * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2428993443SEd Schouten * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2528993443SEd Schouten * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 2628993443SEd Schouten * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2728993443SEd Schouten * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2828993443SEd Schouten * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2928993443SEd Schouten * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 3028993443SEd Schouten * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3128993443SEd Schouten * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3228993443SEd Schouten * SUCH DAMAGE. 3328993443SEd Schouten * 3428993443SEd Schouten * @(#)kern_subr.c 8.3 (Berkeley) 1/21/94 3528993443SEd Schouten */ 3628993443SEd Schouten 3728993443SEd Schouten #include <sys/cdefs.h> 3828993443SEd Schouten __FBSDID("$FreeBSD$"); 3928993443SEd Schouten 4028993443SEd Schouten #include <sys/param.h> 4128993443SEd Schouten #include <sys/systm.h> 4228993443SEd Schouten #include <sys/kernel.h> 4328993443SEd Schouten #include <sys/limits.h> 4428993443SEd Schouten #include <sys/lock.h> 450f502d1cSKonstantin Belousov #include <sys/mman.h> 4628993443SEd Schouten #include <sys/proc.h> 470f502d1cSKonstantin Belousov #include <sys/resourcevar.h> 4889f6b863SAttilio Rao #include <sys/rwlock.h> 4928993443SEd Schouten #include <sys/sched.h> 5028993443SEd Schouten #include <sys/sysctl.h> 5128993443SEd Schouten #include <sys/vnode.h> 5228993443SEd Schouten 5328993443SEd Schouten #include <vm/vm.h> 541c771f92SKonstantin Belousov #include <vm/vm_param.h> 550f502d1cSKonstantin Belousov #include <vm/vm_extern.h> 5628993443SEd Schouten #include <vm/vm_page.h> 57e946b949SAttilio Rao #include <vm/vm_pageout.h> 5828993443SEd Schouten #include <vm/vm_map.h> 5928993443SEd Schouten 60*f0188618SHans Petter Selasky SYSCTL_INT(_kern, KERN_IOV_MAX, iov_max, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, UIO_MAXIOV, 6128993443SEd Schouten "Maximum number of elements in an I/O vector; sysconf(_SC_IOV_MAX)"); 6228993443SEd Schouten 632801687dSKonstantin Belousov static int uiomove_faultflag(void *cp, int n, struct uio *uio, int nofault); 642801687dSKonstantin Belousov 6528993443SEd Schouten int 662801687dSKonstantin Belousov copyin_nofault(const void *udaddr, void *kaddr, size_t len) 672801687dSKonstantin Belousov { 682801687dSKonstantin Belousov int error, save; 692801687dSKonstantin Belousov 702801687dSKonstantin Belousov save = vm_fault_disable_pagefaults(); 712801687dSKonstantin Belousov error = copyin(udaddr, kaddr, len); 722801687dSKonstantin Belousov vm_fault_enable_pagefaults(save); 732801687dSKonstantin Belousov return (error); 742801687dSKonstantin Belousov } 752801687dSKonstantin Belousov 762801687dSKonstantin Belousov int 772801687dSKonstantin Belousov copyout_nofault(const void *kaddr, void *udaddr, size_t len) 782801687dSKonstantin Belousov { 792801687dSKonstantin Belousov int error, save; 802801687dSKonstantin Belousov 812801687dSKonstantin Belousov save = vm_fault_disable_pagefaults(); 822801687dSKonstantin Belousov error = copyout(kaddr, udaddr, len); 832801687dSKonstantin Belousov vm_fault_enable_pagefaults(save); 842801687dSKonstantin Belousov return (error); 852801687dSKonstantin Belousov } 862801687dSKonstantin Belousov 87dd0b4fb6SKonstantin Belousov #define PHYS_PAGE_COUNT(len) (howmany(len, PAGE_SIZE) + 1) 88dd0b4fb6SKonstantin Belousov 89dd0b4fb6SKonstantin Belousov int 90dd0b4fb6SKonstantin Belousov physcopyin(void *src, vm_paddr_t dst, size_t len) 91dd0b4fb6SKonstantin Belousov { 92dd0b4fb6SKonstantin Belousov vm_page_t m[PHYS_PAGE_COUNT(len)]; 93dd0b4fb6SKonstantin Belousov struct iovec iov[1]; 94dd0b4fb6SKonstantin Belousov struct uio uio; 95dd0b4fb6SKonstantin Belousov int i; 96dd0b4fb6SKonstantin Belousov 97dd0b4fb6SKonstantin Belousov iov[0].iov_base = src; 98dd0b4fb6SKonstantin Belousov iov[0].iov_len = len; 99dd0b4fb6SKonstantin Belousov uio.uio_iov = iov; 100dd0b4fb6SKonstantin Belousov uio.uio_iovcnt = 1; 101dd0b4fb6SKonstantin Belousov uio.uio_offset = 0; 102dd0b4fb6SKonstantin Belousov uio.uio_resid = len; 103dd0b4fb6SKonstantin Belousov uio.uio_segflg = UIO_SYSSPACE; 104dd0b4fb6SKonstantin Belousov uio.uio_rw = UIO_WRITE; 105dd0b4fb6SKonstantin Belousov for (i = 0; i < PHYS_PAGE_COUNT(len); i++, dst += PAGE_SIZE) 106dd0b4fb6SKonstantin Belousov m[i] = PHYS_TO_VM_PAGE(dst); 107dd0b4fb6SKonstantin Belousov return (uiomove_fromphys(m, dst & PAGE_MASK, len, &uio)); 108dd0b4fb6SKonstantin Belousov } 109dd0b4fb6SKonstantin Belousov 110dd0b4fb6SKonstantin Belousov int 111dd0b4fb6SKonstantin Belousov physcopyout(vm_paddr_t src, void *dst, size_t len) 112dd0b4fb6SKonstantin Belousov { 113dd0b4fb6SKonstantin Belousov vm_page_t m[PHYS_PAGE_COUNT(len)]; 114dd0b4fb6SKonstantin Belousov struct iovec iov[1]; 115dd0b4fb6SKonstantin Belousov struct uio uio; 116dd0b4fb6SKonstantin Belousov int i; 117dd0b4fb6SKonstantin Belousov 118dd0b4fb6SKonstantin Belousov iov[0].iov_base = dst; 119dd0b4fb6SKonstantin Belousov iov[0].iov_len = len; 120dd0b4fb6SKonstantin Belousov uio.uio_iov = iov; 121dd0b4fb6SKonstantin Belousov uio.uio_iovcnt = 1; 122dd0b4fb6SKonstantin Belousov uio.uio_offset = 0; 123dd0b4fb6SKonstantin Belousov uio.uio_resid = len; 124dd0b4fb6SKonstantin Belousov uio.uio_segflg = UIO_SYSSPACE; 125dd0b4fb6SKonstantin Belousov uio.uio_rw = UIO_READ; 126dd0b4fb6SKonstantin Belousov for (i = 0; i < PHYS_PAGE_COUNT(len); i++, src += PAGE_SIZE) 127dd0b4fb6SKonstantin Belousov m[i] = PHYS_TO_VM_PAGE(src); 128dd0b4fb6SKonstantin Belousov return (uiomove_fromphys(m, src & PAGE_MASK, len, &uio)); 129dd0b4fb6SKonstantin Belousov } 130dd0b4fb6SKonstantin Belousov 131dd0b4fb6SKonstantin Belousov #undef PHYS_PAGE_COUNT 132dd0b4fb6SKonstantin Belousov 1332801687dSKonstantin Belousov int 13428993443SEd Schouten uiomove(void *cp, int n, struct uio *uio) 13528993443SEd Schouten { 1362801687dSKonstantin Belousov 1372801687dSKonstantin Belousov return (uiomove_faultflag(cp, n, uio, 0)); 1382801687dSKonstantin Belousov } 1392801687dSKonstantin Belousov 1402801687dSKonstantin Belousov int 1412801687dSKonstantin Belousov uiomove_nofault(void *cp, int n, struct uio *uio) 1422801687dSKonstantin Belousov { 1432801687dSKonstantin Belousov 1442801687dSKonstantin Belousov return (uiomove_faultflag(cp, n, uio, 1)); 1452801687dSKonstantin Belousov } 1462801687dSKonstantin Belousov 1472801687dSKonstantin Belousov static int 1482801687dSKonstantin Belousov uiomove_faultflag(void *cp, int n, struct uio *uio, int nofault) 1492801687dSKonstantin Belousov { 1502801687dSKonstantin Belousov struct thread *td; 15128993443SEd Schouten struct iovec *iov; 152526d0bd5SKonstantin Belousov size_t cnt; 1532801687dSKonstantin Belousov int error, newflags, save; 1542801687dSKonstantin Belousov 1552801687dSKonstantin Belousov td = curthread; 1562801687dSKonstantin Belousov error = 0; 15728993443SEd Schouten 15828993443SEd Schouten KASSERT(uio->uio_rw == UIO_READ || uio->uio_rw == UIO_WRITE, 15928993443SEd Schouten ("uiomove: mode")); 1602801687dSKonstantin Belousov KASSERT(uio->uio_segflg != UIO_USERSPACE || uio->uio_td == td, 16128993443SEd Schouten ("uiomove proc")); 1622801687dSKonstantin Belousov if (!nofault) 16328993443SEd Schouten WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 16428993443SEd Schouten "Calling uiomove()"); 16528993443SEd Schouten 1662801687dSKonstantin Belousov /* XXX does it make a sense to set TDP_DEADLKTREAT for UIO_SYSSPACE ? */ 1672801687dSKonstantin Belousov newflags = TDP_DEADLKTREAT; 1685730afc9SAlan Cox if (uio->uio_segflg == UIO_USERSPACE && nofault) { 1695730afc9SAlan Cox /* 1705730afc9SAlan Cox * Fail if a non-spurious page fault occurs. 1715730afc9SAlan Cox */ 1725730afc9SAlan Cox newflags |= TDP_NOFAULTING | TDP_RESETSPUR; 1735730afc9SAlan Cox } 1742801687dSKonstantin Belousov save = curthread_pflags_set(newflags); 17528993443SEd Schouten 17628993443SEd Schouten while (n > 0 && uio->uio_resid) { 17728993443SEd Schouten iov = uio->uio_iov; 17828993443SEd Schouten cnt = iov->iov_len; 17928993443SEd Schouten if (cnt == 0) { 18028993443SEd Schouten uio->uio_iov++; 18128993443SEd Schouten uio->uio_iovcnt--; 18228993443SEd Schouten continue; 18328993443SEd Schouten } 18428993443SEd Schouten if (cnt > n) 18528993443SEd Schouten cnt = n; 18628993443SEd Schouten 18728993443SEd Schouten switch (uio->uio_segflg) { 18828993443SEd Schouten 18928993443SEd Schouten case UIO_USERSPACE: 19008b163faSMatthew D Fleming maybe_yield(); 19128993443SEd Schouten if (uio->uio_rw == UIO_READ) 19228993443SEd Schouten error = copyout(cp, iov->iov_base, cnt); 19328993443SEd Schouten else 19428993443SEd Schouten error = copyin(iov->iov_base, cp, cnt); 19528993443SEd Schouten if (error) 19628993443SEd Schouten goto out; 19728993443SEd Schouten break; 19828993443SEd Schouten 19928993443SEd Schouten case UIO_SYSSPACE: 20028993443SEd Schouten if (uio->uio_rw == UIO_READ) 20128993443SEd Schouten bcopy(cp, iov->iov_base, cnt); 20228993443SEd Schouten else 20328993443SEd Schouten bcopy(iov->iov_base, cp, cnt); 20428993443SEd Schouten break; 20528993443SEd Schouten case UIO_NOCOPY: 20628993443SEd Schouten break; 20728993443SEd Schouten } 20828993443SEd Schouten iov->iov_base = (char *)iov->iov_base + cnt; 20928993443SEd Schouten iov->iov_len -= cnt; 21028993443SEd Schouten uio->uio_resid -= cnt; 21128993443SEd Schouten uio->uio_offset += cnt; 21228993443SEd Schouten cp = (char *)cp + cnt; 21328993443SEd Schouten n -= cnt; 21428993443SEd Schouten } 21528993443SEd Schouten out: 2162801687dSKonstantin Belousov curthread_pflags_restore(save); 21728993443SEd Schouten return (error); 21828993443SEd Schouten } 21928993443SEd Schouten 22028993443SEd Schouten /* 22128993443SEd Schouten * Wrapper for uiomove() that validates the arguments against a known-good 22228993443SEd Schouten * kernel buffer. Currently, uiomove accepts a signed (n) argument, which 22328993443SEd Schouten * is almost definitely a bad thing, so we catch that here as well. We 22428993443SEd Schouten * return a runtime failure, but it might be desirable to generate a runtime 22528993443SEd Schouten * assertion failure instead. 22628993443SEd Schouten */ 22728993443SEd Schouten int 22828993443SEd Schouten uiomove_frombuf(void *buf, int buflen, struct uio *uio) 22928993443SEd Schouten { 230526d0bd5SKonstantin Belousov size_t offset, n; 23128993443SEd Schouten 23228993443SEd Schouten if (uio->uio_offset < 0 || uio->uio_resid < 0 || 23328993443SEd Schouten (offset = uio->uio_offset) != uio->uio_offset) 23428993443SEd Schouten return (EINVAL); 23528993443SEd Schouten if (buflen <= 0 || offset >= buflen) 23628993443SEd Schouten return (0); 237526d0bd5SKonstantin Belousov if ((n = buflen - offset) > IOSIZE_MAX) 23828993443SEd Schouten return (EINVAL); 23928993443SEd Schouten return (uiomove((char *)buf + offset, n, uio)); 24028993443SEd Schouten } 24128993443SEd Schouten 24228993443SEd Schouten /* 24328993443SEd Schouten * Give next character to user as result of read. 24428993443SEd Schouten */ 24528993443SEd Schouten int 24628993443SEd Schouten ureadc(int c, struct uio *uio) 24728993443SEd Schouten { 24828993443SEd Schouten struct iovec *iov; 24928993443SEd Schouten char *iov_base; 25028993443SEd Schouten 25128993443SEd Schouten WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, 25228993443SEd Schouten "Calling ureadc()"); 25328993443SEd Schouten 25428993443SEd Schouten again: 25528993443SEd Schouten if (uio->uio_iovcnt == 0 || uio->uio_resid == 0) 25628993443SEd Schouten panic("ureadc"); 25728993443SEd Schouten iov = uio->uio_iov; 25828993443SEd Schouten if (iov->iov_len == 0) { 25928993443SEd Schouten uio->uio_iovcnt--; 26028993443SEd Schouten uio->uio_iov++; 26128993443SEd Schouten goto again; 26228993443SEd Schouten } 26328993443SEd Schouten switch (uio->uio_segflg) { 26428993443SEd Schouten 26528993443SEd Schouten case UIO_USERSPACE: 26628993443SEd Schouten if (subyte(iov->iov_base, c) < 0) 26728993443SEd Schouten return (EFAULT); 26828993443SEd Schouten break; 26928993443SEd Schouten 27028993443SEd Schouten case UIO_SYSSPACE: 27128993443SEd Schouten iov_base = iov->iov_base; 27228993443SEd Schouten *iov_base = c; 27328993443SEd Schouten break; 27428993443SEd Schouten 27528993443SEd Schouten case UIO_NOCOPY: 27628993443SEd Schouten break; 27728993443SEd Schouten } 27828993443SEd Schouten iov->iov_base = (char *)iov->iov_base + 1; 27928993443SEd Schouten iov->iov_len--; 28028993443SEd Schouten uio->uio_resid--; 28128993443SEd Schouten uio->uio_offset++; 28228993443SEd Schouten return (0); 28328993443SEd Schouten } 28428993443SEd Schouten 28528993443SEd Schouten int 28628993443SEd Schouten copyinfrom(const void * __restrict src, void * __restrict dst, size_t len, 28728993443SEd Schouten int seg) 28828993443SEd Schouten { 28928993443SEd Schouten int error = 0; 29028993443SEd Schouten 29128993443SEd Schouten switch (seg) { 29228993443SEd Schouten case UIO_USERSPACE: 29328993443SEd Schouten error = copyin(src, dst, len); 29428993443SEd Schouten break; 29528993443SEd Schouten case UIO_SYSSPACE: 29628993443SEd Schouten bcopy(src, dst, len); 29728993443SEd Schouten break; 29828993443SEd Schouten default: 29928993443SEd Schouten panic("copyinfrom: bad seg %d\n", seg); 30028993443SEd Schouten } 30128993443SEd Schouten return (error); 30228993443SEd Schouten } 30328993443SEd Schouten 30428993443SEd Schouten int 30528993443SEd Schouten copyinstrfrom(const void * __restrict src, void * __restrict dst, size_t len, 30628993443SEd Schouten size_t * __restrict copied, int seg) 30728993443SEd Schouten { 30828993443SEd Schouten int error = 0; 30928993443SEd Schouten 31028993443SEd Schouten switch (seg) { 31128993443SEd Schouten case UIO_USERSPACE: 31228993443SEd Schouten error = copyinstr(src, dst, len, copied); 31328993443SEd Schouten break; 31428993443SEd Schouten case UIO_SYSSPACE: 31528993443SEd Schouten error = copystr(src, dst, len, copied); 31628993443SEd Schouten break; 31728993443SEd Schouten default: 31828993443SEd Schouten panic("copyinstrfrom: bad seg %d\n", seg); 31928993443SEd Schouten } 32028993443SEd Schouten return (error); 32128993443SEd Schouten } 32228993443SEd Schouten 32328993443SEd Schouten int 324cfb09e00SAlfred Perlstein copyiniov(const struct iovec *iovp, u_int iovcnt, struct iovec **iov, int error) 32528993443SEd Schouten { 32628993443SEd Schouten u_int iovlen; 32728993443SEd Schouten 32828993443SEd Schouten *iov = NULL; 32928993443SEd Schouten if (iovcnt > UIO_MAXIOV) 33028993443SEd Schouten return (error); 33128993443SEd Schouten iovlen = iovcnt * sizeof (struct iovec); 33228993443SEd Schouten *iov = malloc(iovlen, M_IOV, M_WAITOK); 33328993443SEd Schouten error = copyin(iovp, *iov, iovlen); 33428993443SEd Schouten if (error) { 33528993443SEd Schouten free(*iov, M_IOV); 33628993443SEd Schouten *iov = NULL; 33728993443SEd Schouten } 33828993443SEd Schouten return (error); 33928993443SEd Schouten } 34028993443SEd Schouten 34128993443SEd Schouten int 342cfb09e00SAlfred Perlstein copyinuio(const struct iovec *iovp, u_int iovcnt, struct uio **uiop) 34328993443SEd Schouten { 34428993443SEd Schouten struct iovec *iov; 34528993443SEd Schouten struct uio *uio; 34628993443SEd Schouten u_int iovlen; 34728993443SEd Schouten int error, i; 34828993443SEd Schouten 34928993443SEd Schouten *uiop = NULL; 35028993443SEd Schouten if (iovcnt > UIO_MAXIOV) 35128993443SEd Schouten return (EINVAL); 35228993443SEd Schouten iovlen = iovcnt * sizeof (struct iovec); 35328993443SEd Schouten uio = malloc(iovlen + sizeof *uio, M_IOV, M_WAITOK); 35428993443SEd Schouten iov = (struct iovec *)(uio + 1); 35528993443SEd Schouten error = copyin(iovp, iov, iovlen); 35628993443SEd Schouten if (error) { 35728993443SEd Schouten free(uio, M_IOV); 35828993443SEd Schouten return (error); 35928993443SEd Schouten } 36028993443SEd Schouten uio->uio_iov = iov; 36128993443SEd Schouten uio->uio_iovcnt = iovcnt; 36228993443SEd Schouten uio->uio_segflg = UIO_USERSPACE; 36328993443SEd Schouten uio->uio_offset = -1; 36428993443SEd Schouten uio->uio_resid = 0; 36528993443SEd Schouten for (i = 0; i < iovcnt; i++) { 366526d0bd5SKonstantin Belousov if (iov->iov_len > IOSIZE_MAX - uio->uio_resid) { 36728993443SEd Schouten free(uio, M_IOV); 36828993443SEd Schouten return (EINVAL); 36928993443SEd Schouten } 37028993443SEd Schouten uio->uio_resid += iov->iov_len; 37128993443SEd Schouten iov++; 37228993443SEd Schouten } 37328993443SEd Schouten *uiop = uio; 37428993443SEd Schouten return (0); 37528993443SEd Schouten } 37628993443SEd Schouten 37728993443SEd Schouten struct uio * 37828993443SEd Schouten cloneuio(struct uio *uiop) 37928993443SEd Schouten { 38028993443SEd Schouten struct uio *uio; 38128993443SEd Schouten int iovlen; 38228993443SEd Schouten 38328993443SEd Schouten iovlen = uiop->uio_iovcnt * sizeof (struct iovec); 38428993443SEd Schouten uio = malloc(iovlen + sizeof *uio, M_IOV, M_WAITOK); 38528993443SEd Schouten *uio = *uiop; 38628993443SEd Schouten uio->uio_iov = (struct iovec *)(uio + 1); 38728993443SEd Schouten bcopy(uiop->uio_iov, uio->uio_iov, iovlen); 38828993443SEd Schouten return (uio); 38928993443SEd Schouten } 3900f502d1cSKonstantin Belousov 3910f502d1cSKonstantin Belousov /* 3920f502d1cSKonstantin Belousov * Map some anonymous memory in user space of size sz, rounded up to the page 3930f502d1cSKonstantin Belousov * boundary. 3940f502d1cSKonstantin Belousov */ 3950f502d1cSKonstantin Belousov int 3960f502d1cSKonstantin Belousov copyout_map(struct thread *td, vm_offset_t *addr, size_t sz) 3970f502d1cSKonstantin Belousov { 398cce6e354SKonstantin Belousov struct vmspace *vms; 3990f502d1cSKonstantin Belousov int error; 4000f502d1cSKonstantin Belousov vm_size_t size; 4010f502d1cSKonstantin Belousov 402cce6e354SKonstantin Belousov vms = td->td_proc->p_vmspace; 403cce6e354SKonstantin Belousov 4040f502d1cSKonstantin Belousov /* 4050f502d1cSKonstantin Belousov * Map somewhere after heap in process memory. 4060f502d1cSKonstantin Belousov */ 4070f502d1cSKonstantin Belousov PROC_LOCK(td->td_proc); 4080f502d1cSKonstantin Belousov *addr = round_page((vm_offset_t)vms->vm_daddr + 4090f502d1cSKonstantin Belousov lim_max(td->td_proc, RLIMIT_DATA)); 4100f502d1cSKonstantin Belousov PROC_UNLOCK(td->td_proc); 4110f502d1cSKonstantin Belousov 4120f502d1cSKonstantin Belousov /* round size up to page boundry */ 4130f502d1cSKonstantin Belousov size = (vm_size_t)round_page(sz); 4140f502d1cSKonstantin Belousov 4150f502d1cSKonstantin Belousov error = vm_mmap(&vms->vm_map, addr, size, PROT_READ | PROT_WRITE, 4160f502d1cSKonstantin Belousov VM_PROT_ALL, MAP_PRIVATE | MAP_ANON, OBJT_DEFAULT, NULL, 0); 4170f502d1cSKonstantin Belousov 4180f502d1cSKonstantin Belousov return (error); 4190f502d1cSKonstantin Belousov } 4200f502d1cSKonstantin Belousov 4210f502d1cSKonstantin Belousov /* 4220f502d1cSKonstantin Belousov * Unmap memory in user space. 4230f502d1cSKonstantin Belousov */ 4240f502d1cSKonstantin Belousov int 4250f502d1cSKonstantin Belousov copyout_unmap(struct thread *td, vm_offset_t addr, size_t sz) 4260f502d1cSKonstantin Belousov { 4270f502d1cSKonstantin Belousov vm_map_t map; 4280f502d1cSKonstantin Belousov vm_size_t size; 4290f502d1cSKonstantin Belousov 430937060a8SKonstantin Belousov if (sz == 0) 431937060a8SKonstantin Belousov return (0); 432937060a8SKonstantin Belousov 4330f502d1cSKonstantin Belousov map = &td->td_proc->p_vmspace->vm_map; 4340f502d1cSKonstantin Belousov size = (vm_size_t)round_page(sz); 4350f502d1cSKonstantin Belousov 436cea8f30aSKonstantin Belousov if (vm_map_remove(map, addr, addr + size) != KERN_SUCCESS) 4370f502d1cSKonstantin Belousov return (EINVAL); 4380f502d1cSKonstantin Belousov 4390f502d1cSKonstantin Belousov return (0); 4400f502d1cSKonstantin Belousov } 441