1 /* 2 * Copyright (c) 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * The Mach Operating System project at Carnegie-Mellon University. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * from: @(#)vm_map.c 8.3 (Berkeley) 1/12/94 37 * 38 * 39 * Copyright (c) 1987, 1990 Carnegie-Mellon University. 40 * All rights reserved. 41 * 42 * Authors: Avadis Tevanian, Jr., Michael Wayne Young 43 * 44 * Permission to use, copy, modify and distribute this software and 45 * its documentation is hereby granted, provided that both the copyright 46 * notice and this permission notice appear in all copies of the 47 * software, derivative works or modified versions, and any portions 48 * thereof, and that both notices appear in supporting documentation. 49 * 50 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" 51 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND 52 * FOR ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. 53 * 54 * Carnegie Mellon requests users of this software to return to 55 * 56 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU 57 * School of Computer Science 58 * Carnegie Mellon University 59 * Pittsburgh PA 15213-3890 60 * 61 * any improvements or extensions that they make and grant Carnegie the 62 * rights to redistribute these changes. 63 * 64 * $Id: vm_map.c,v 1.146 1999/02/01 08:49:30 dillon Exp $ 65 */ 66 67 /* 68 * Virtual memory mapping module. 69 */ 70 71 #include <sys/param.h> 72 #include <sys/systm.h> 73 #include <sys/malloc.h> 74 #include <sys/proc.h> 75 #include <sys/vmmeter.h> 76 #include <sys/mman.h> 77 #include <sys/vnode.h> 78 #include <sys/resourcevar.h> 79 80 #include <vm/vm.h> 81 #include <vm/vm_param.h> 82 #include <vm/vm_prot.h> 83 #include <vm/vm_inherit.h> 84 #include <sys/lock.h> 85 #include <vm/pmap.h> 86 #include <vm/vm_map.h> 87 #include <vm/vm_page.h> 88 #include <vm/vm_object.h> 89 #include <vm/vm_pager.h> 90 #include <vm/vm_kern.h> 91 #include <vm/vm_extern.h> 92 #include <vm/default_pager.h> 93 #include <vm/swap_pager.h> 94 #include <vm/vm_zone.h> 95 96 /* 97 * Virtual memory maps provide for the mapping, protection, 98 * and sharing of virtual memory objects. In addition, 99 * this module provides for an efficient virtual copy of 100 * memory from one map to another. 101 * 102 * Synchronization is required prior to most operations. 103 * 104 * Maps consist of an ordered doubly-linked list of simple 105 * entries; a single hint is used to speed up lookups. 106 * 107 * In order to properly represent the sharing of virtual 108 * memory regions among maps, the map structure is bi-level. 109 * Top-level ("address") maps refer to regions of sharable 110 * virtual memory. These regions are implemented as 111 * ("sharing") maps, which then refer to the actual virtual 112 * memory objects. When two address maps "share" memory, 113 * their top-level maps both have references to the same 114 * sharing map. When memory is virtual-copied from one 115 * address map to another, the references in the sharing 116 * maps are actually copied -- no copying occurs at the 117 * virtual memory object level. 118 * 119 * Since portions of maps are specified by start/end addreses, 120 * which may not align with existing map entries, all 121 * routines merely "clip" entries to these start/end values. 122 * [That is, an entry is split into two, bordering at a 123 * start or end value.] Note that these clippings may not 124 * always be necessary (as the two resulting entries are then 125 * not changed); however, the clipping is done for convenience. 126 * No attempt is currently made to "glue back together" two 127 * abutting entries. 128 * 129 * As mentioned above, virtual copy operations are performed 130 * by copying VM object references from one sharing map to 131 * another, and then marking both regions as copy-on-write. 132 * It is important to note that only one writeable reference 133 * to a VM object region exists in any map -- this means that 134 * shadow object creation can be delayed until a write operation 135 * occurs. 136 */ 137 138 /* 139 * vm_map_startup: 140 * 141 * Initialize the vm_map module. Must be called before 142 * any other vm_map routines. 143 * 144 * Map and entry structures are allocated from the general 145 * purpose memory pool with some exceptions: 146 * 147 * - The kernel map and kmem submap are allocated statically. 148 * - Kernel map entries are allocated out of a static pool. 149 * 150 * These restrictions are necessary since malloc() uses the 151 * maps and requires map entries. 152 */ 153 154 extern char kstack[]; 155 extern int inmprotect; 156 157 static struct vm_zone kmapentzone_store, mapentzone_store, mapzone_store; 158 static vm_zone_t mapentzone, kmapentzone, mapzone, vmspace_zone; 159 static struct vm_object kmapentobj, mapentobj, mapobj; 160 #define MAP_ENTRY_INIT 128 161 static struct vm_map_entry map_entry_init[MAX_MAPENT]; 162 static struct vm_map_entry kmap_entry_init[MAX_KMAPENT]; 163 static struct vm_map map_init[MAX_KMAP]; 164 165 static void _vm_map_clip_end __P((vm_map_t, vm_map_entry_t, vm_offset_t)); 166 static void _vm_map_clip_start __P((vm_map_t, vm_map_entry_t, vm_offset_t)); 167 static vm_map_entry_t vm_map_entry_create __P((vm_map_t)); 168 static void vm_map_entry_delete __P((vm_map_t, vm_map_entry_t)); 169 static void vm_map_entry_dispose __P((vm_map_t, vm_map_entry_t)); 170 static void vm_map_entry_unwire __P((vm_map_t, vm_map_entry_t)); 171 static void vm_map_copy_entry __P((vm_map_t, vm_map_t, vm_map_entry_t, 172 vm_map_entry_t)); 173 static void vm_map_split __P((vm_map_entry_t)); 174 175 void 176 vm_map_startup() 177 { 178 mapzone = &mapzone_store; 179 zbootinit(mapzone, "MAP", sizeof (struct vm_map), 180 map_init, MAX_KMAP); 181 kmapentzone = &kmapentzone_store; 182 zbootinit(kmapentzone, "KMAP ENTRY", sizeof (struct vm_map_entry), 183 kmap_entry_init, MAX_KMAPENT); 184 mapentzone = &mapentzone_store; 185 zbootinit(mapentzone, "MAP ENTRY", sizeof (struct vm_map_entry), 186 map_entry_init, MAX_MAPENT); 187 } 188 189 /* 190 * Allocate a vmspace structure, including a vm_map and pmap, 191 * and initialize those structures. The refcnt is set to 1. 192 * The remaining fields must be initialized by the caller. 193 */ 194 struct vmspace * 195 vmspace_alloc(min, max) 196 vm_offset_t min, max; 197 { 198 struct vmspace *vm; 199 200 vm = zalloc(vmspace_zone); 201 bzero(&vm->vm_map, sizeof vm->vm_map); 202 vm_map_init(&vm->vm_map, min, max); 203 pmap_pinit(&vm->vm_pmap); 204 vm->vm_map.pmap = &vm->vm_pmap; /* XXX */ 205 vm->vm_refcnt = 1; 206 vm->vm_shm = NULL; 207 return (vm); 208 } 209 210 void 211 vm_init2(void) { 212 zinitna(kmapentzone, &kmapentobj, 213 NULL, 0, cnt.v_page_count / 4, ZONE_INTERRUPT, 1); 214 zinitna(mapentzone, &mapentobj, 215 NULL, 0, 0, 0, 1); 216 zinitna(mapzone, &mapobj, 217 NULL, 0, 0, 0, 1); 218 vmspace_zone = zinit("VMSPACE", sizeof (struct vmspace), 0, 0, 3); 219 pmap_init2(); 220 vm_object_init2(); 221 } 222 223 void 224 vmspace_free(vm) 225 struct vmspace *vm; 226 { 227 228 if (vm->vm_refcnt == 0) 229 panic("vmspace_free: attempt to free already freed vmspace"); 230 231 if (--vm->vm_refcnt == 0) { 232 233 /* 234 * Lock the map, to wait out all other references to it. 235 * Delete all of the mappings and pages they hold, then call 236 * the pmap module to reclaim anything left. 237 */ 238 vm_map_lock(&vm->vm_map); 239 (void) vm_map_delete(&vm->vm_map, vm->vm_map.min_offset, 240 vm->vm_map.max_offset); 241 vm_map_unlock(&vm->vm_map); 242 243 pmap_release(&vm->vm_pmap); 244 zfree(vmspace_zone, vm); 245 } 246 } 247 248 /* 249 * vm_map_create: 250 * 251 * Creates and returns a new empty VM map with 252 * the given physical map structure, and having 253 * the given lower and upper address bounds. 254 */ 255 vm_map_t 256 vm_map_create(pmap, min, max) 257 pmap_t pmap; 258 vm_offset_t min, max; 259 { 260 vm_map_t result; 261 262 result = zalloc(mapzone); 263 vm_map_init(result, min, max); 264 result->pmap = pmap; 265 return (result); 266 } 267 268 /* 269 * Initialize an existing vm_map structure 270 * such as that in the vmspace structure. 271 * The pmap is set elsewhere. 272 */ 273 void 274 vm_map_init(map, min, max) 275 struct vm_map *map; 276 vm_offset_t min, max; 277 { 278 map->header.next = map->header.prev = &map->header; 279 map->nentries = 0; 280 map->size = 0; 281 map->is_main_map = TRUE; 282 map->system_map = 0; 283 map->min_offset = min; 284 map->max_offset = max; 285 map->first_free = &map->header; 286 map->hint = &map->header; 287 map->timestamp = 0; 288 lockinit(&map->lock, PVM, "thrd_sleep", 0, LK_NOPAUSE); 289 } 290 291 /* 292 * vm_map_entry_dispose: [ internal use only ] 293 * 294 * Inverse of vm_map_entry_create. 295 */ 296 static void 297 vm_map_entry_dispose(map, entry) 298 vm_map_t map; 299 vm_map_entry_t entry; 300 { 301 zfree((map->system_map || !mapentzone) ? kmapentzone : mapentzone, entry); 302 } 303 304 /* 305 * vm_map_entry_create: [ internal use only ] 306 * 307 * Allocates a VM map entry for insertion. 308 * No entry fields are filled in. This routine is 309 */ 310 static vm_map_entry_t 311 vm_map_entry_create(map) 312 vm_map_t map; 313 { 314 return zalloc((map->system_map || !mapentzone) ? kmapentzone : mapentzone); 315 } 316 317 /* 318 * vm_map_entry_{un,}link: 319 * 320 * Insert/remove entries from maps. 321 */ 322 #define vm_map_entry_link(map, after_where, entry) \ 323 { \ 324 (map)->nentries++; \ 325 (map)->timestamp++; \ 326 (entry)->prev = (after_where); \ 327 (entry)->next = (after_where)->next; \ 328 (entry)->prev->next = (entry); \ 329 (entry)->next->prev = (entry); \ 330 } 331 #define vm_map_entry_unlink(map, entry) \ 332 { \ 333 (map)->nentries--; \ 334 (map)->timestamp++; \ 335 (entry)->next->prev = (entry)->prev; \ 336 (entry)->prev->next = (entry)->next; \ 337 } 338 339 /* 340 * SAVE_HINT: 341 * 342 * Saves the specified entry as the hint for 343 * future lookups. 344 */ 345 #define SAVE_HINT(map,value) \ 346 (map)->hint = (value); 347 348 /* 349 * vm_map_lookup_entry: [ internal use only ] 350 * 351 * Finds the map entry containing (or 352 * immediately preceding) the specified address 353 * in the given map; the entry is returned 354 * in the "entry" parameter. The boolean 355 * result indicates whether the address is 356 * actually contained in the map. 357 */ 358 boolean_t 359 vm_map_lookup_entry(map, address, entry) 360 vm_map_t map; 361 vm_offset_t address; 362 vm_map_entry_t *entry; /* OUT */ 363 { 364 vm_map_entry_t cur; 365 vm_map_entry_t last; 366 367 /* 368 * Start looking either from the head of the list, or from the hint. 369 */ 370 371 cur = map->hint; 372 373 if (cur == &map->header) 374 cur = cur->next; 375 376 if (address >= cur->start) { 377 /* 378 * Go from hint to end of list. 379 * 380 * But first, make a quick check to see if we are already looking 381 * at the entry we want (which is usually the case). Note also 382 * that we don't need to save the hint here... it is the same 383 * hint (unless we are at the header, in which case the hint 384 * didn't buy us anything anyway). 385 */ 386 last = &map->header; 387 if ((cur != last) && (cur->end > address)) { 388 *entry = cur; 389 return (TRUE); 390 } 391 } else { 392 /* 393 * Go from start to hint, *inclusively* 394 */ 395 last = cur->next; 396 cur = map->header.next; 397 } 398 399 /* 400 * Search linearly 401 */ 402 403 while (cur != last) { 404 if (cur->end > address) { 405 if (address >= cur->start) { 406 /* 407 * Save this lookup for future hints, and 408 * return 409 */ 410 411 *entry = cur; 412 SAVE_HINT(map, cur); 413 return (TRUE); 414 } 415 break; 416 } 417 cur = cur->next; 418 } 419 *entry = cur->prev; 420 SAVE_HINT(map, *entry); 421 return (FALSE); 422 } 423 424 /* 425 * vm_map_insert: 426 * 427 * Inserts the given whole VM object into the target 428 * map at the specified address range. The object's 429 * size should match that of the address range. 430 * 431 * Requires that the map be locked, and leaves it so. 432 */ 433 int 434 vm_map_insert(vm_map_t map, vm_object_t object, vm_ooffset_t offset, 435 vm_offset_t start, vm_offset_t end, vm_prot_t prot, vm_prot_t max, 436 int cow) 437 { 438 vm_map_entry_t new_entry; 439 vm_map_entry_t prev_entry; 440 vm_map_entry_t temp_entry; 441 #if 0 442 vm_object_t prev_object; 443 #endif 444 u_char protoeflags; 445 446 if ((object != NULL) && (cow & MAP_NOFAULT)) { 447 panic("vm_map_insert: paradoxical MAP_NOFAULT request"); 448 } 449 450 /* 451 * Check that the start and end points are not bogus. 452 */ 453 454 if ((start < map->min_offset) || (end > map->max_offset) || 455 (start >= end)) 456 return (KERN_INVALID_ADDRESS); 457 458 /* 459 * Find the entry prior to the proposed starting address; if it's part 460 * of an existing entry, this range is bogus. 461 */ 462 463 if (vm_map_lookup_entry(map, start, &temp_entry)) 464 return (KERN_NO_SPACE); 465 466 prev_entry = temp_entry; 467 468 /* 469 * Assert that the next entry doesn't overlap the end point. 470 */ 471 472 if ((prev_entry->next != &map->header) && 473 (prev_entry->next->start < end)) 474 return (KERN_NO_SPACE); 475 476 protoeflags = 0; 477 if (cow & MAP_COPY_NEEDED) 478 protoeflags |= MAP_ENTRY_NEEDS_COPY; 479 480 if (cow & MAP_COPY_ON_WRITE) 481 protoeflags |= MAP_ENTRY_COW; 482 483 if (cow & MAP_NOFAULT) 484 protoeflags |= MAP_ENTRY_NOFAULT; 485 486 /* 487 * See if we can avoid creating a new entry by extending one of our 488 * neighbors. Or at least extend the object. 489 */ 490 491 if ( 492 (object == NULL) && 493 (prev_entry != &map->header) && 494 ((prev_entry->eflags & (MAP_ENTRY_IS_A_MAP | MAP_ENTRY_IS_SUB_MAP)) == 0) && 495 ((prev_entry->object.vm_object == NULL) || 496 (prev_entry->object.vm_object->type == OBJT_DEFAULT) || 497 (prev_entry->object.vm_object->type == OBJT_SWAP)) && 498 (prev_entry->end == start) && 499 (prev_entry->wired_count == 0) 500 ) { 501 if ((protoeflags == prev_entry->eflags) && 502 ((cow & MAP_NOFAULT) || 503 vm_object_coalesce(prev_entry->object.vm_object, 504 OFF_TO_IDX(prev_entry->offset), 505 (vm_size_t) (prev_entry->end - prev_entry->start), 506 (vm_size_t) (end - prev_entry->end)))) { 507 508 /* 509 * Coalesced the two objects. Can we extend the 510 * previous map entry to include the new range? 511 */ 512 if ((prev_entry->inheritance == VM_INHERIT_DEFAULT) && 513 (prev_entry->protection == prot) && 514 (prev_entry->max_protection == max)) { 515 516 map->size += (end - prev_entry->end); 517 prev_entry->end = end; 518 #if 0 519 /* 520 * (no longer applies) 521 */ 522 if ((cow & MAP_NOFAULT) == 0) { 523 prev_object = prev_entry->object.vm_object; 524 default_pager_convert_to_swapq(prev_object); 525 } 526 #endif 527 return (KERN_SUCCESS); 528 } 529 else { 530 object = prev_entry->object.vm_object; 531 offset = prev_entry->offset + (prev_entry->end - 532 prev_entry->start); 533 534 vm_object_reference(object); 535 } 536 } 537 } 538 539 /* 540 * Create a new entry 541 */ 542 543 new_entry = vm_map_entry_create(map); 544 new_entry->start = start; 545 new_entry->end = end; 546 547 new_entry->eflags = protoeflags; 548 new_entry->object.vm_object = object; 549 new_entry->offset = offset; 550 new_entry->avail_ssize = 0; 551 552 if (object) { 553 if ((object->ref_count > 1) || (object->shadow_count != 0)) { 554 vm_object_clear_flag(object, OBJ_ONEMAPPING); 555 } else { 556 vm_object_set_flag(object, OBJ_ONEMAPPING); 557 } 558 } 559 560 if (map->is_main_map) { 561 new_entry->inheritance = VM_INHERIT_DEFAULT; 562 new_entry->protection = prot; 563 new_entry->max_protection = max; 564 new_entry->wired_count = 0; 565 } 566 /* 567 * Insert the new entry into the list 568 */ 569 570 vm_map_entry_link(map, prev_entry, new_entry); 571 map->size += new_entry->end - new_entry->start; 572 573 /* 574 * Update the free space hint 575 */ 576 if ((map->first_free == prev_entry) && 577 (prev_entry->end >= new_entry->start)) 578 map->first_free = new_entry; 579 580 #if 0 581 /* 582 * (no longer applies) 583 */ 584 default_pager_convert_to_swapq(object); 585 #endif 586 return (KERN_SUCCESS); 587 } 588 589 int 590 vm_map_stack (vm_map_t map, vm_offset_t addrbos, vm_size_t max_ssize, 591 vm_prot_t prot, vm_prot_t max, int cow) 592 { 593 vm_map_entry_t prev_entry; 594 vm_map_entry_t new_stack_entry; 595 vm_size_t init_ssize; 596 int rv; 597 598 if (VM_MIN_ADDRESS > 0 && addrbos < VM_MIN_ADDRESS) 599 return (KERN_NO_SPACE); 600 601 if (max_ssize < SGROWSIZ) 602 init_ssize = max_ssize; 603 else 604 init_ssize = SGROWSIZ; 605 606 vm_map_lock(map); 607 608 /* If addr is already mapped, no go */ 609 if (vm_map_lookup_entry(map, addrbos, &prev_entry)) { 610 vm_map_unlock(map); 611 return (KERN_NO_SPACE); 612 } 613 614 /* If we can't accomodate max_ssize in the current mapping, 615 * no go. However, we need to be aware that subsequent user 616 * mappings might map into the space we have reserved for 617 * stack, and currently this space is not protected. 618 * 619 * Hopefully we will at least detect this condition 620 * when we try to grow the stack. 621 */ 622 if ((prev_entry->next != &map->header) && 623 (prev_entry->next->start < addrbos + max_ssize)) { 624 vm_map_unlock(map); 625 return (KERN_NO_SPACE); 626 } 627 628 /* We initially map a stack of only init_ssize. We will 629 * grow as needed later. Since this is to be a grow 630 * down stack, we map at the top of the range. 631 * 632 * Note: we would normally expect prot and max to be 633 * VM_PROT_ALL, and cow to be 0. Possibly we should 634 * eliminate these as input parameters, and just 635 * pass these values here in the insert call. 636 */ 637 rv = vm_map_insert(map, NULL, 0, addrbos + max_ssize - init_ssize, 638 addrbos + max_ssize, prot, max, cow); 639 640 /* Now set the avail_ssize amount */ 641 if (rv == KERN_SUCCESS){ 642 new_stack_entry = prev_entry->next; 643 if (new_stack_entry->end != addrbos + max_ssize || 644 new_stack_entry->start != addrbos + max_ssize - init_ssize) 645 panic ("Bad entry start/end for new stack entry"); 646 else 647 new_stack_entry->avail_ssize = max_ssize - init_ssize; 648 } 649 650 vm_map_unlock(map); 651 return (rv); 652 } 653 654 /* Attempts to grow a vm stack entry. Returns KERN_SUCCESS if the 655 * desired address is already mapped, or if we successfully grow 656 * the stack. Also returns KERN_SUCCESS if addr is outside the 657 * stack range (this is strange, but preserves compatibility with 658 * the grow function in vm_machdep.c). 659 */ 660 int 661 vm_map_growstack (struct proc *p, vm_offset_t addr) 662 { 663 vm_map_entry_t prev_entry; 664 vm_map_entry_t stack_entry; 665 vm_map_entry_t new_stack_entry; 666 struct vmspace *vm = p->p_vmspace; 667 vm_map_t map = &vm->vm_map; 668 vm_offset_t end; 669 int grow_amount; 670 int rv; 671 int is_procstack = 0; 672 673 vm_map_lock(map); 674 675 /* If addr is already in the entry range, no need to grow.*/ 676 if (vm_map_lookup_entry(map, addr, &prev_entry)) { 677 vm_map_unlock(map); 678 return (KERN_SUCCESS); 679 } 680 681 if ((stack_entry = prev_entry->next) == &map->header) { 682 vm_map_unlock(map); 683 return (KERN_SUCCESS); 684 } 685 if (prev_entry == &map->header) 686 end = stack_entry->start - stack_entry->avail_ssize; 687 else 688 end = prev_entry->end; 689 690 /* This next test mimics the old grow function in vm_machdep.c. 691 * It really doesn't quite make sense, but we do it anyway 692 * for compatibility. 693 * 694 * If not growable stack, return success. This signals the 695 * caller to proceed as he would normally with normal vm. 696 */ 697 if (stack_entry->avail_ssize < 1 || 698 addr >= stack_entry->start || 699 addr < stack_entry->start - stack_entry->avail_ssize) { 700 vm_map_unlock(map); 701 return (KERN_SUCCESS); 702 } 703 704 /* Find the minimum grow amount */ 705 grow_amount = roundup (stack_entry->start - addr, PAGE_SIZE); 706 if (grow_amount > stack_entry->avail_ssize) { 707 vm_map_unlock(map); 708 return (KERN_NO_SPACE); 709 } 710 711 /* If there is no longer enough space between the entries 712 * nogo, and adjust the available space. Note: this 713 * should only happen if the user has mapped into the 714 * stack area after the stack was created, and is 715 * probably an error. 716 * 717 * This also effectively destroys any guard page the user 718 * might have intended by limiting the stack size. 719 */ 720 if (grow_amount > stack_entry->start - end) { 721 stack_entry->avail_ssize = stack_entry->start - end; 722 vm_map_unlock(map); 723 return (KERN_NO_SPACE); 724 } 725 726 if (addr >= (vm_offset_t)vm->vm_maxsaddr) 727 is_procstack = 1; 728 729 /* If this is the main process stack, see if we're over the 730 * stack limit. 731 */ 732 if (is_procstack && (vm->vm_ssize + grow_amount > 733 p->p_rlimit[RLIMIT_STACK].rlim_cur)) { 734 vm_map_unlock(map); 735 return (KERN_NO_SPACE); 736 } 737 738 /* Round up the grow amount modulo SGROWSIZ */ 739 grow_amount = roundup (grow_amount, SGROWSIZ); 740 if (grow_amount > stack_entry->avail_ssize) { 741 grow_amount = stack_entry->avail_ssize; 742 } 743 if (is_procstack && (vm->vm_ssize + grow_amount > 744 p->p_rlimit[RLIMIT_STACK].rlim_cur)) { 745 grow_amount = p->p_rlimit[RLIMIT_STACK].rlim_cur - 746 vm->vm_ssize; 747 } 748 749 /* Get the preliminary new entry start value */ 750 addr = stack_entry->start - grow_amount; 751 752 /* If this puts us into the previous entry, cut back our growth 753 * to the available space. Also, see the note above. 754 */ 755 if (addr < end) { 756 stack_entry->avail_ssize = stack_entry->start - end; 757 addr = end; 758 } 759 760 rv = vm_map_insert(map, NULL, 0, addr, stack_entry->start, 761 stack_entry->protection, 762 stack_entry->max_protection, 763 0); 764 765 /* Adjust the available stack space by the amount we grew. */ 766 if (rv == KERN_SUCCESS) { 767 new_stack_entry = prev_entry->next; 768 if (new_stack_entry->end != stack_entry->start || 769 new_stack_entry->start != addr) 770 panic ("Bad stack grow start/end in new stack entry"); 771 else { 772 new_stack_entry->avail_ssize = stack_entry->avail_ssize - 773 (new_stack_entry->end - 774 new_stack_entry->start); 775 if (is_procstack) 776 vm->vm_ssize += new_stack_entry->end - 777 new_stack_entry->start; 778 } 779 } 780 781 vm_map_unlock(map); 782 return (rv); 783 784 } 785 786 /* 787 * Find sufficient space for `length' bytes in the given map, starting at 788 * `start'. The map must be locked. Returns 0 on success, 1 on no space. 789 */ 790 int 791 vm_map_findspace(map, start, length, addr) 792 vm_map_t map; 793 vm_offset_t start; 794 vm_size_t length; 795 vm_offset_t *addr; 796 { 797 vm_map_entry_t entry, next; 798 vm_offset_t end; 799 800 if (start < map->min_offset) 801 start = map->min_offset; 802 if (start > map->max_offset) 803 return (1); 804 805 /* 806 * Look for the first possible address; if there's already something 807 * at this address, we have to start after it. 808 */ 809 if (start == map->min_offset) { 810 if ((entry = map->first_free) != &map->header) 811 start = entry->end; 812 } else { 813 vm_map_entry_t tmp; 814 815 if (vm_map_lookup_entry(map, start, &tmp)) 816 start = tmp->end; 817 entry = tmp; 818 } 819 820 /* 821 * Look through the rest of the map, trying to fit a new region in the 822 * gap between existing regions, or after the very last region. 823 */ 824 for (;; start = (entry = next)->end) { 825 /* 826 * Find the end of the proposed new region. Be sure we didn't 827 * go beyond the end of the map, or wrap around the address; 828 * if so, we lose. Otherwise, if this is the last entry, or 829 * if the proposed new region fits before the next entry, we 830 * win. 831 */ 832 end = start + length; 833 if (end > map->max_offset || end < start) 834 return (1); 835 next = entry->next; 836 if (next == &map->header || next->start >= end) 837 break; 838 } 839 SAVE_HINT(map, entry); 840 *addr = start; 841 if (map == kernel_map) { 842 vm_offset_t ksize; 843 if ((ksize = round_page(start + length)) > kernel_vm_end) { 844 pmap_growkernel(ksize); 845 } 846 } 847 return (0); 848 } 849 850 /* 851 * vm_map_find finds an unallocated region in the target address 852 * map with the given length. The search is defined to be 853 * first-fit from the specified address; the region found is 854 * returned in the same parameter. 855 * 856 */ 857 int 858 vm_map_find(vm_map_t map, vm_object_t object, vm_ooffset_t offset, 859 vm_offset_t *addr, /* IN/OUT */ 860 vm_size_t length, boolean_t find_space, vm_prot_t prot, 861 vm_prot_t max, int cow) 862 { 863 vm_offset_t start; 864 int result, s = 0; 865 866 start = *addr; 867 868 if (map == kmem_map || map == mb_map) 869 s = splvm(); 870 871 vm_map_lock(map); 872 if (find_space) { 873 if (vm_map_findspace(map, start, length, addr)) { 874 vm_map_unlock(map); 875 if (map == kmem_map || map == mb_map) 876 splx(s); 877 return (KERN_NO_SPACE); 878 } 879 start = *addr; 880 } 881 result = vm_map_insert(map, object, offset, 882 start, start + length, prot, max, cow); 883 vm_map_unlock(map); 884 885 if (map == kmem_map || map == mb_map) 886 splx(s); 887 888 return (result); 889 } 890 891 /* 892 * vm_map_simplify_entry: 893 * 894 * Simplify the given map entry by merging with either neighbor. 895 */ 896 void 897 vm_map_simplify_entry(map, entry) 898 vm_map_t map; 899 vm_map_entry_t entry; 900 { 901 vm_map_entry_t next, prev; 902 vm_size_t prevsize, esize; 903 904 if (entry->eflags & (MAP_ENTRY_IS_SUB_MAP|MAP_ENTRY_IS_A_MAP)) 905 return; 906 907 prev = entry->prev; 908 if (prev != &map->header) { 909 prevsize = prev->end - prev->start; 910 if ( (prev->end == entry->start) && 911 (prev->object.vm_object == entry->object.vm_object) && 912 (!prev->object.vm_object || 913 (prev->offset + prevsize == entry->offset)) && 914 (prev->eflags == entry->eflags) && 915 (prev->protection == entry->protection) && 916 (prev->max_protection == entry->max_protection) && 917 (prev->inheritance == entry->inheritance) && 918 (prev->wired_count == entry->wired_count)) { 919 if (map->first_free == prev) 920 map->first_free = entry; 921 if (map->hint == prev) 922 map->hint = entry; 923 vm_map_entry_unlink(map, prev); 924 entry->start = prev->start; 925 entry->offset = prev->offset; 926 if (prev->object.vm_object) 927 vm_object_deallocate(prev->object.vm_object); 928 vm_map_entry_dispose(map, prev); 929 } 930 } 931 932 next = entry->next; 933 if (next != &map->header) { 934 esize = entry->end - entry->start; 935 if ((entry->end == next->start) && 936 (next->object.vm_object == entry->object.vm_object) && 937 (!entry->object.vm_object || 938 (entry->offset + esize == next->offset)) && 939 (next->eflags == entry->eflags) && 940 (next->protection == entry->protection) && 941 (next->max_protection == entry->max_protection) && 942 (next->inheritance == entry->inheritance) && 943 (next->wired_count == entry->wired_count)) { 944 if (map->first_free == next) 945 map->first_free = entry; 946 if (map->hint == next) 947 map->hint = entry; 948 vm_map_entry_unlink(map, next); 949 entry->end = next->end; 950 if (next->object.vm_object) 951 vm_object_deallocate(next->object.vm_object); 952 vm_map_entry_dispose(map, next); 953 } 954 } 955 } 956 /* 957 * vm_map_clip_start: [ internal use only ] 958 * 959 * Asserts that the given entry begins at or after 960 * the specified address; if necessary, 961 * it splits the entry into two. 962 */ 963 #define vm_map_clip_start(map, entry, startaddr) \ 964 { \ 965 if (startaddr > entry->start) \ 966 _vm_map_clip_start(map, entry, startaddr); \ 967 else if (entry->object.vm_object && (entry->object.vm_object->ref_count == 1)) \ 968 vm_object_set_flag(entry->object.vm_object, OBJ_ONEMAPPING); \ 969 } 970 971 /* 972 * This routine is called only when it is known that 973 * the entry must be split. 974 */ 975 static void 976 _vm_map_clip_start(map, entry, start) 977 vm_map_t map; 978 vm_map_entry_t entry; 979 vm_offset_t start; 980 { 981 vm_map_entry_t new_entry; 982 983 /* 984 * Split off the front portion -- note that we must insert the new 985 * entry BEFORE this one, so that this entry has the specified 986 * starting address. 987 */ 988 989 vm_map_simplify_entry(map, entry); 990 991 /* 992 * If there is no object backing this entry, we might as well create 993 * one now. If we defer it, an object can get created after the map 994 * is clipped, and individual objects will be created for the split-up 995 * map. This is a bit of a hack, but is also about the best place to 996 * put this improvement. 997 */ 998 999 if (entry->object.vm_object == NULL) { 1000 vm_object_t object; 1001 object = vm_object_allocate(OBJT_DEFAULT, 1002 atop(entry->end - entry->start)); 1003 entry->object.vm_object = object; 1004 entry->offset = 0; 1005 } 1006 1007 new_entry = vm_map_entry_create(map); 1008 *new_entry = *entry; 1009 1010 new_entry->end = start; 1011 entry->offset += (start - entry->start); 1012 entry->start = start; 1013 1014 vm_map_entry_link(map, entry->prev, new_entry); 1015 1016 if ((entry->eflags & (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_IS_SUB_MAP)) == 0) { 1017 if (new_entry->object.vm_object->ref_count == 1) 1018 vm_object_set_flag(new_entry->object.vm_object, 1019 OBJ_ONEMAPPING); 1020 vm_object_reference(new_entry->object.vm_object); 1021 } 1022 } 1023 1024 /* 1025 * vm_map_clip_end: [ internal use only ] 1026 * 1027 * Asserts that the given entry ends at or before 1028 * the specified address; if necessary, 1029 * it splits the entry into two. 1030 */ 1031 1032 #define vm_map_clip_end(map, entry, endaddr) \ 1033 { \ 1034 if (endaddr < entry->end) \ 1035 _vm_map_clip_end(map, entry, endaddr); \ 1036 else if (entry->object.vm_object && (entry->object.vm_object->ref_count == 1)) \ 1037 vm_object_set_flag(entry->object.vm_object, OBJ_ONEMAPPING); \ 1038 } 1039 1040 /* 1041 * This routine is called only when it is known that 1042 * the entry must be split. 1043 */ 1044 static void 1045 _vm_map_clip_end(map, entry, end) 1046 vm_map_t map; 1047 vm_map_entry_t entry; 1048 vm_offset_t end; 1049 { 1050 vm_map_entry_t new_entry; 1051 1052 /* 1053 * If there is no object backing this entry, we might as well create 1054 * one now. If we defer it, an object can get created after the map 1055 * is clipped, and individual objects will be created for the split-up 1056 * map. This is a bit of a hack, but is also about the best place to 1057 * put this improvement. 1058 */ 1059 1060 if (entry->object.vm_object == NULL) { 1061 vm_object_t object; 1062 object = vm_object_allocate(OBJT_DEFAULT, 1063 atop(entry->end - entry->start)); 1064 entry->object.vm_object = object; 1065 entry->offset = 0; 1066 } 1067 1068 /* 1069 * Create a new entry and insert it AFTER the specified entry 1070 */ 1071 1072 new_entry = vm_map_entry_create(map); 1073 *new_entry = *entry; 1074 1075 new_entry->start = entry->end = end; 1076 new_entry->offset += (end - entry->start); 1077 1078 vm_map_entry_link(map, entry, new_entry); 1079 1080 if ((entry->eflags & (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_IS_SUB_MAP)) == 0) { 1081 if (new_entry->object.vm_object->ref_count == 1) 1082 vm_object_set_flag(new_entry->object.vm_object, 1083 OBJ_ONEMAPPING); 1084 vm_object_reference(new_entry->object.vm_object); 1085 } 1086 } 1087 1088 /* 1089 * VM_MAP_RANGE_CHECK: [ internal use only ] 1090 * 1091 * Asserts that the starting and ending region 1092 * addresses fall within the valid range of the map. 1093 */ 1094 #define VM_MAP_RANGE_CHECK(map, start, end) \ 1095 { \ 1096 if (start < vm_map_min(map)) \ 1097 start = vm_map_min(map); \ 1098 if (end > vm_map_max(map)) \ 1099 end = vm_map_max(map); \ 1100 if (start > end) \ 1101 start = end; \ 1102 } 1103 1104 /* 1105 * vm_map_submap: [ kernel use only ] 1106 * 1107 * Mark the given range as handled by a subordinate map. 1108 * 1109 * This range must have been created with vm_map_find, 1110 * and no other operations may have been performed on this 1111 * range prior to calling vm_map_submap. 1112 * 1113 * Only a limited number of operations can be performed 1114 * within this rage after calling vm_map_submap: 1115 * vm_fault 1116 * [Don't try vm_map_copy!] 1117 * 1118 * To remove a submapping, one must first remove the 1119 * range from the superior map, and then destroy the 1120 * submap (if desired). [Better yet, don't try it.] 1121 */ 1122 int 1123 vm_map_submap(map, start, end, submap) 1124 vm_map_t map; 1125 vm_offset_t start; 1126 vm_offset_t end; 1127 vm_map_t submap; 1128 { 1129 vm_map_entry_t entry; 1130 int result = KERN_INVALID_ARGUMENT; 1131 1132 vm_map_lock(map); 1133 1134 VM_MAP_RANGE_CHECK(map, start, end); 1135 1136 if (vm_map_lookup_entry(map, start, &entry)) { 1137 vm_map_clip_start(map, entry, start); 1138 } else 1139 entry = entry->next; 1140 1141 vm_map_clip_end(map, entry, end); 1142 1143 if ((entry->start == start) && (entry->end == end) && 1144 ((entry->eflags & (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_COW)) == 0) && 1145 (entry->object.vm_object == NULL)) { 1146 entry->object.sub_map = submap; 1147 entry->eflags |= MAP_ENTRY_IS_SUB_MAP; 1148 result = KERN_SUCCESS; 1149 } 1150 vm_map_unlock(map); 1151 1152 return (result); 1153 } 1154 1155 /* 1156 * vm_map_protect: 1157 * 1158 * Sets the protection of the specified address 1159 * region in the target map. If "set_max" is 1160 * specified, the maximum protection is to be set; 1161 * otherwise, only the current protection is affected. 1162 */ 1163 int 1164 vm_map_protect(vm_map_t map, vm_offset_t start, vm_offset_t end, 1165 vm_prot_t new_prot, boolean_t set_max) 1166 { 1167 vm_map_entry_t current; 1168 vm_map_entry_t entry; 1169 1170 vm_map_lock(map); 1171 1172 VM_MAP_RANGE_CHECK(map, start, end); 1173 1174 if (vm_map_lookup_entry(map, start, &entry)) { 1175 vm_map_clip_start(map, entry, start); 1176 } else { 1177 entry = entry->next; 1178 } 1179 1180 /* 1181 * Make a first pass to check for protection violations. 1182 */ 1183 1184 current = entry; 1185 while ((current != &map->header) && (current->start < end)) { 1186 if (current->eflags & MAP_ENTRY_IS_SUB_MAP) { 1187 vm_map_unlock(map); 1188 return (KERN_INVALID_ARGUMENT); 1189 } 1190 if ((new_prot & current->max_protection) != new_prot) { 1191 vm_map_unlock(map); 1192 return (KERN_PROTECTION_FAILURE); 1193 } 1194 current = current->next; 1195 } 1196 1197 /* 1198 * Go back and fix up protections. [Note that clipping is not 1199 * necessary the second time.] 1200 */ 1201 1202 current = entry; 1203 1204 while ((current != &map->header) && (current->start < end)) { 1205 vm_prot_t old_prot; 1206 1207 vm_map_clip_end(map, current, end); 1208 1209 old_prot = current->protection; 1210 if (set_max) 1211 current->protection = 1212 (current->max_protection = new_prot) & 1213 old_prot; 1214 else 1215 current->protection = new_prot; 1216 1217 /* 1218 * Update physical map if necessary. Worry about copy-on-write 1219 * here -- CHECK THIS XXX 1220 */ 1221 1222 if (current->protection != old_prot) { 1223 #define MASK(entry) (((entry)->eflags & MAP_ENTRY_COW) ? ~VM_PROT_WRITE : \ 1224 VM_PROT_ALL) 1225 1226 if (current->eflags & MAP_ENTRY_IS_A_MAP) { 1227 vm_map_entry_t share_entry; 1228 vm_offset_t share_end; 1229 1230 vm_map_lock(current->object.share_map); 1231 (void) vm_map_lookup_entry( 1232 current->object.share_map, 1233 current->offset, 1234 &share_entry); 1235 share_end = current->offset + 1236 (current->end - current->start); 1237 while ((share_entry != 1238 ¤t->object.share_map->header) && 1239 (share_entry->start < share_end)) { 1240 1241 pmap_protect(map->pmap, 1242 (qmax(share_entry->start, 1243 current->offset) - 1244 current->offset + 1245 current->start), 1246 min(share_entry->end, 1247 share_end) - 1248 current->offset + 1249 current->start, 1250 current->protection & 1251 MASK(share_entry)); 1252 1253 share_entry = share_entry->next; 1254 } 1255 vm_map_unlock(current->object.share_map); 1256 } else 1257 pmap_protect(map->pmap, current->start, 1258 current->end, 1259 current->protection & MASK(entry)); 1260 #undef MASK 1261 } 1262 1263 vm_map_simplify_entry(map, current); 1264 1265 current = current->next; 1266 } 1267 1268 map->timestamp++; 1269 vm_map_unlock(map); 1270 return (KERN_SUCCESS); 1271 } 1272 1273 /* 1274 * vm_map_madvise: 1275 * 1276 * This routine traverses a processes map handling the madvise 1277 * system call. 1278 */ 1279 void 1280 vm_map_madvise(map, pmap, start, end, advise) 1281 vm_map_t map; 1282 pmap_t pmap; 1283 vm_offset_t start, end; 1284 int advise; 1285 { 1286 vm_map_entry_t current; 1287 vm_map_entry_t entry; 1288 1289 vm_map_lock(map); 1290 1291 VM_MAP_RANGE_CHECK(map, start, end); 1292 1293 if (vm_map_lookup_entry(map, start, &entry)) { 1294 vm_map_clip_start(map, entry, start); 1295 } else 1296 entry = entry->next; 1297 1298 for(current = entry; 1299 (current != &map->header) && (current->start < end); 1300 current = current->next) { 1301 vm_size_t size; 1302 1303 if (current->eflags & (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_IS_SUB_MAP)) { 1304 continue; 1305 } 1306 1307 vm_map_clip_end(map, current, end); 1308 size = current->end - current->start; 1309 1310 /* 1311 * Create an object if needed 1312 */ 1313 if (current->object.vm_object == NULL) { 1314 vm_object_t object; 1315 if ((advise == MADV_FREE) || (advise == MADV_DONTNEED)) 1316 continue; 1317 object = vm_object_allocate(OBJT_DEFAULT, OFF_TO_IDX(size)); 1318 current->object.vm_object = object; 1319 current->offset = 0; 1320 } 1321 1322 switch (advise) { 1323 case MADV_NORMAL: 1324 current->object.vm_object->behavior = OBJ_NORMAL; 1325 break; 1326 case MADV_SEQUENTIAL: 1327 current->object.vm_object->behavior = OBJ_SEQUENTIAL; 1328 break; 1329 case MADV_RANDOM: 1330 current->object.vm_object->behavior = OBJ_RANDOM; 1331 break; 1332 /* 1333 * Right now, we could handle DONTNEED and WILLNEED with common code. 1334 * They are mostly the same, except for the potential async reads (NYI). 1335 */ 1336 case MADV_FREE: 1337 case MADV_DONTNEED: 1338 { 1339 vm_pindex_t pindex; 1340 int count; 1341 pindex = OFF_TO_IDX(current->offset); 1342 count = OFF_TO_IDX(size); 1343 /* 1344 * MADV_DONTNEED removes the page from all 1345 * pmaps, so pmap_remove is not necessary. 1346 */ 1347 vm_object_madvise(current->object.vm_object, 1348 pindex, count, advise); 1349 } 1350 break; 1351 1352 case MADV_WILLNEED: 1353 { 1354 vm_pindex_t pindex; 1355 int count; 1356 pindex = OFF_TO_IDX(current->offset); 1357 count = OFF_TO_IDX(size); 1358 vm_object_madvise(current->object.vm_object, 1359 pindex, count, advise); 1360 pmap_object_init_pt(pmap, current->start, 1361 current->object.vm_object, pindex, 1362 (count << PAGE_SHIFT), 0); 1363 } 1364 break; 1365 1366 default: 1367 break; 1368 } 1369 } 1370 1371 map->timestamp++; 1372 vm_map_simplify_entry(map, entry); 1373 vm_map_unlock(map); 1374 return; 1375 } 1376 1377 1378 /* 1379 * vm_map_inherit: 1380 * 1381 * Sets the inheritance of the specified address 1382 * range in the target map. Inheritance 1383 * affects how the map will be shared with 1384 * child maps at the time of vm_map_fork. 1385 */ 1386 int 1387 vm_map_inherit(vm_map_t map, vm_offset_t start, vm_offset_t end, 1388 vm_inherit_t new_inheritance) 1389 { 1390 vm_map_entry_t entry; 1391 vm_map_entry_t temp_entry; 1392 1393 switch (new_inheritance) { 1394 case VM_INHERIT_NONE: 1395 case VM_INHERIT_COPY: 1396 case VM_INHERIT_SHARE: 1397 break; 1398 default: 1399 return (KERN_INVALID_ARGUMENT); 1400 } 1401 1402 vm_map_lock(map); 1403 1404 VM_MAP_RANGE_CHECK(map, start, end); 1405 1406 if (vm_map_lookup_entry(map, start, &temp_entry)) { 1407 entry = temp_entry; 1408 vm_map_clip_start(map, entry, start); 1409 } else 1410 entry = temp_entry->next; 1411 1412 while ((entry != &map->header) && (entry->start < end)) { 1413 vm_map_clip_end(map, entry, end); 1414 1415 entry->inheritance = new_inheritance; 1416 1417 entry = entry->next; 1418 } 1419 1420 vm_map_simplify_entry(map, temp_entry); 1421 map->timestamp++; 1422 vm_map_unlock(map); 1423 return (KERN_SUCCESS); 1424 } 1425 1426 /* 1427 * Implement the semantics of mlock 1428 */ 1429 int 1430 vm_map_user_pageable(map, start, end, new_pageable) 1431 vm_map_t map; 1432 vm_offset_t start; 1433 vm_offset_t end; 1434 boolean_t new_pageable; 1435 { 1436 vm_map_entry_t entry; 1437 vm_map_entry_t start_entry; 1438 vm_offset_t estart; 1439 int rv; 1440 1441 vm_map_lock(map); 1442 VM_MAP_RANGE_CHECK(map, start, end); 1443 1444 if (vm_map_lookup_entry(map, start, &start_entry) == FALSE) { 1445 vm_map_unlock(map); 1446 return (KERN_INVALID_ADDRESS); 1447 } 1448 1449 if (new_pageable) { 1450 1451 entry = start_entry; 1452 vm_map_clip_start(map, entry, start); 1453 1454 /* 1455 * Now decrement the wiring count for each region. If a region 1456 * becomes completely unwired, unwire its physical pages and 1457 * mappings. 1458 */ 1459 vm_map_set_recursive(map); 1460 1461 entry = start_entry; 1462 while ((entry != &map->header) && (entry->start < end)) { 1463 if (entry->eflags & MAP_ENTRY_USER_WIRED) { 1464 vm_map_clip_end(map, entry, end); 1465 entry->eflags &= ~MAP_ENTRY_USER_WIRED; 1466 entry->wired_count--; 1467 if (entry->wired_count == 0) 1468 vm_fault_unwire(map, entry->start, entry->end); 1469 } 1470 vm_map_simplify_entry(map,entry); 1471 entry = entry->next; 1472 } 1473 vm_map_clear_recursive(map); 1474 } else { 1475 1476 entry = start_entry; 1477 1478 while ((entry != &map->header) && (entry->start < end)) { 1479 1480 if (entry->eflags & MAP_ENTRY_USER_WIRED) { 1481 entry = entry->next; 1482 continue; 1483 } 1484 1485 if (entry->wired_count != 0) { 1486 entry->wired_count++; 1487 entry->eflags |= MAP_ENTRY_USER_WIRED; 1488 entry = entry->next; 1489 continue; 1490 } 1491 1492 /* Here on entry being newly wired */ 1493 1494 if ((entry->eflags & (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_IS_SUB_MAP)) == 0) { 1495 int copyflag = entry->eflags & MAP_ENTRY_NEEDS_COPY; 1496 if (copyflag && ((entry->protection & VM_PROT_WRITE) != 0)) { 1497 1498 vm_object_shadow(&entry->object.vm_object, 1499 &entry->offset, 1500 atop(entry->end - entry->start)); 1501 entry->eflags &= ~MAP_ENTRY_NEEDS_COPY; 1502 1503 } else if (entry->object.vm_object == NULL) { 1504 1505 entry->object.vm_object = 1506 vm_object_allocate(OBJT_DEFAULT, 1507 atop(entry->end - entry->start)); 1508 entry->offset = (vm_offset_t) 0; 1509 1510 } 1511 #if 0 1512 /* 1513 * (no longer applies) 1514 */ 1515 default_pager_convert_to_swapq(entry->object.vm_object); 1516 #endif 1517 } 1518 1519 vm_map_clip_start(map, entry, start); 1520 vm_map_clip_end(map, entry, end); 1521 1522 entry->wired_count++; 1523 entry->eflags |= MAP_ENTRY_USER_WIRED; 1524 estart = entry->start; 1525 1526 /* First we need to allow map modifications */ 1527 vm_map_set_recursive(map); 1528 vm_map_lock_downgrade(map); 1529 map->timestamp++; 1530 1531 rv = vm_fault_user_wire(map, entry->start, entry->end); 1532 if (rv) { 1533 1534 entry->wired_count--; 1535 entry->eflags &= ~MAP_ENTRY_USER_WIRED; 1536 1537 vm_map_clear_recursive(map); 1538 vm_map_unlock(map); 1539 1540 (void) vm_map_user_pageable(map, start, entry->start, TRUE); 1541 return rv; 1542 } 1543 1544 vm_map_clear_recursive(map); 1545 if (vm_map_lock_upgrade(map)) { 1546 vm_map_lock(map); 1547 if (vm_map_lookup_entry(map, estart, &entry) 1548 == FALSE) { 1549 vm_map_unlock(map); 1550 (void) vm_map_user_pageable(map, 1551 start, 1552 estart, 1553 TRUE); 1554 return (KERN_INVALID_ADDRESS); 1555 } 1556 } 1557 vm_map_simplify_entry(map,entry); 1558 } 1559 } 1560 map->timestamp++; 1561 vm_map_unlock(map); 1562 return KERN_SUCCESS; 1563 } 1564 1565 /* 1566 * vm_map_pageable: 1567 * 1568 * Sets the pageability of the specified address 1569 * range in the target map. Regions specified 1570 * as not pageable require locked-down physical 1571 * memory and physical page maps. 1572 * 1573 * The map must not be locked, but a reference 1574 * must remain to the map throughout the call. 1575 */ 1576 int 1577 vm_map_pageable(map, start, end, new_pageable) 1578 vm_map_t map; 1579 vm_offset_t start; 1580 vm_offset_t end; 1581 boolean_t new_pageable; 1582 { 1583 vm_map_entry_t entry; 1584 vm_map_entry_t start_entry; 1585 vm_offset_t failed = 0; 1586 int rv; 1587 1588 vm_map_lock(map); 1589 1590 VM_MAP_RANGE_CHECK(map, start, end); 1591 1592 /* 1593 * Only one pageability change may take place at one time, since 1594 * vm_fault assumes it will be called only once for each 1595 * wiring/unwiring. Therefore, we have to make sure we're actually 1596 * changing the pageability for the entire region. We do so before 1597 * making any changes. 1598 */ 1599 1600 if (vm_map_lookup_entry(map, start, &start_entry) == FALSE) { 1601 vm_map_unlock(map); 1602 return (KERN_INVALID_ADDRESS); 1603 } 1604 entry = start_entry; 1605 1606 /* 1607 * Actions are rather different for wiring and unwiring, so we have 1608 * two separate cases. 1609 */ 1610 1611 if (new_pageable) { 1612 1613 vm_map_clip_start(map, entry, start); 1614 1615 /* 1616 * Unwiring. First ensure that the range to be unwired is 1617 * really wired down and that there are no holes. 1618 */ 1619 while ((entry != &map->header) && (entry->start < end)) { 1620 1621 if (entry->wired_count == 0 || 1622 (entry->end < end && 1623 (entry->next == &map->header || 1624 entry->next->start > entry->end))) { 1625 vm_map_unlock(map); 1626 return (KERN_INVALID_ARGUMENT); 1627 } 1628 entry = entry->next; 1629 } 1630 1631 /* 1632 * Now decrement the wiring count for each region. If a region 1633 * becomes completely unwired, unwire its physical pages and 1634 * mappings. 1635 */ 1636 vm_map_set_recursive(map); 1637 1638 entry = start_entry; 1639 while ((entry != &map->header) && (entry->start < end)) { 1640 vm_map_clip_end(map, entry, end); 1641 1642 entry->wired_count--; 1643 if (entry->wired_count == 0) 1644 vm_fault_unwire(map, entry->start, entry->end); 1645 1646 entry = entry->next; 1647 } 1648 vm_map_simplify_entry(map, start_entry); 1649 vm_map_clear_recursive(map); 1650 } else { 1651 /* 1652 * Wiring. We must do this in two passes: 1653 * 1654 * 1. Holding the write lock, we create any shadow or zero-fill 1655 * objects that need to be created. Then we clip each map 1656 * entry to the region to be wired and increment its wiring 1657 * count. We create objects before clipping the map entries 1658 * to avoid object proliferation. 1659 * 1660 * 2. We downgrade to a read lock, and call vm_fault_wire to 1661 * fault in the pages for any newly wired area (wired_count is 1662 * 1). 1663 * 1664 * Downgrading to a read lock for vm_fault_wire avoids a possible 1665 * deadlock with another process that may have faulted on one 1666 * of the pages to be wired (it would mark the page busy, 1667 * blocking us, then in turn block on the map lock that we 1668 * hold). Because of problems in the recursive lock package, 1669 * we cannot upgrade to a write lock in vm_map_lookup. Thus, 1670 * any actions that require the write lock must be done 1671 * beforehand. Because we keep the read lock on the map, the 1672 * copy-on-write status of the entries we modify here cannot 1673 * change. 1674 */ 1675 1676 /* 1677 * Pass 1. 1678 */ 1679 while ((entry != &map->header) && (entry->start < end)) { 1680 if (entry->wired_count == 0) { 1681 1682 /* 1683 * Perform actions of vm_map_lookup that need 1684 * the write lock on the map: create a shadow 1685 * object for a copy-on-write region, or an 1686 * object for a zero-fill region. 1687 * 1688 * We don't have to do this for entries that 1689 * point to sharing maps, because we won't 1690 * hold the lock on the sharing map. 1691 */ 1692 if ((entry->eflags & (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_IS_SUB_MAP)) == 0) { 1693 int copyflag = entry->eflags & MAP_ENTRY_NEEDS_COPY; 1694 if (copyflag && 1695 ((entry->protection & VM_PROT_WRITE) != 0)) { 1696 1697 vm_object_shadow(&entry->object.vm_object, 1698 &entry->offset, 1699 atop(entry->end - entry->start)); 1700 entry->eflags &= ~MAP_ENTRY_NEEDS_COPY; 1701 } else if (entry->object.vm_object == NULL) { 1702 entry->object.vm_object = 1703 vm_object_allocate(OBJT_DEFAULT, 1704 atop(entry->end - entry->start)); 1705 entry->offset = (vm_offset_t) 0; 1706 } 1707 #if 0 1708 /* 1709 * (no longer applies) 1710 */ 1711 default_pager_convert_to_swapq(entry->object.vm_object); 1712 #endif 1713 } 1714 } 1715 vm_map_clip_start(map, entry, start); 1716 vm_map_clip_end(map, entry, end); 1717 entry->wired_count++; 1718 1719 /* 1720 * Check for holes 1721 */ 1722 if (entry->end < end && 1723 (entry->next == &map->header || 1724 entry->next->start > entry->end)) { 1725 /* 1726 * Found one. Object creation actions do not 1727 * need to be undone, but the wired counts 1728 * need to be restored. 1729 */ 1730 while (entry != &map->header && entry->end > start) { 1731 entry->wired_count--; 1732 entry = entry->prev; 1733 } 1734 map->timestamp++; 1735 vm_map_unlock(map); 1736 return (KERN_INVALID_ARGUMENT); 1737 } 1738 entry = entry->next; 1739 } 1740 1741 /* 1742 * Pass 2. 1743 */ 1744 1745 /* 1746 * HACK HACK HACK HACK 1747 * 1748 * If we are wiring in the kernel map or a submap of it, 1749 * unlock the map to avoid deadlocks. We trust that the 1750 * kernel is well-behaved, and therefore will not do 1751 * anything destructive to this region of the map while 1752 * we have it unlocked. We cannot trust user processes 1753 * to do the same. 1754 * 1755 * HACK HACK HACK HACK 1756 */ 1757 if (vm_map_pmap(map) == kernel_pmap) { 1758 vm_map_unlock(map); /* trust me ... */ 1759 } else { 1760 vm_map_set_recursive(map); 1761 vm_map_lock_downgrade(map); 1762 } 1763 1764 rv = 0; 1765 entry = start_entry; 1766 while (entry != &map->header && entry->start < end) { 1767 /* 1768 * If vm_fault_wire fails for any page we need to undo 1769 * what has been done. We decrement the wiring count 1770 * for those pages which have not yet been wired (now) 1771 * and unwire those that have (later). 1772 * 1773 * XXX this violates the locking protocol on the map, 1774 * needs to be fixed. 1775 */ 1776 if (rv) 1777 entry->wired_count--; 1778 else if (entry->wired_count == 1) { 1779 rv = vm_fault_wire(map, entry->start, entry->end); 1780 if (rv) { 1781 failed = entry->start; 1782 entry->wired_count--; 1783 } 1784 } 1785 entry = entry->next; 1786 } 1787 1788 if (vm_map_pmap(map) == kernel_pmap) { 1789 vm_map_lock(map); 1790 } else { 1791 vm_map_clear_recursive(map); 1792 } 1793 if (rv) { 1794 vm_map_unlock(map); 1795 (void) vm_map_pageable(map, start, failed, TRUE); 1796 return (rv); 1797 } 1798 vm_map_simplify_entry(map, start_entry); 1799 } 1800 1801 vm_map_unlock(map); 1802 1803 map->timestamp++; 1804 return (KERN_SUCCESS); 1805 } 1806 1807 /* 1808 * vm_map_clean 1809 * 1810 * Push any dirty cached pages in the address range to their pager. 1811 * If syncio is TRUE, dirty pages are written synchronously. 1812 * If invalidate is TRUE, any cached pages are freed as well. 1813 * 1814 * Returns an error if any part of the specified range is not mapped. 1815 */ 1816 int 1817 vm_map_clean(map, start, end, syncio, invalidate) 1818 vm_map_t map; 1819 vm_offset_t start; 1820 vm_offset_t end; 1821 boolean_t syncio; 1822 boolean_t invalidate; 1823 { 1824 vm_map_entry_t current; 1825 vm_map_entry_t entry; 1826 vm_size_t size; 1827 vm_object_t object; 1828 vm_ooffset_t offset; 1829 1830 vm_map_lock_read(map); 1831 VM_MAP_RANGE_CHECK(map, start, end); 1832 if (!vm_map_lookup_entry(map, start, &entry)) { 1833 vm_map_unlock_read(map); 1834 return (KERN_INVALID_ADDRESS); 1835 } 1836 /* 1837 * Make a first pass to check for holes. 1838 */ 1839 for (current = entry; current->start < end; current = current->next) { 1840 if (current->eflags & MAP_ENTRY_IS_SUB_MAP) { 1841 vm_map_unlock_read(map); 1842 return (KERN_INVALID_ARGUMENT); 1843 } 1844 if (end > current->end && 1845 (current->next == &map->header || 1846 current->end != current->next->start)) { 1847 vm_map_unlock_read(map); 1848 return (KERN_INVALID_ADDRESS); 1849 } 1850 } 1851 1852 if (invalidate) 1853 pmap_remove(vm_map_pmap(map), start, end); 1854 /* 1855 * Make a second pass, cleaning/uncaching pages from the indicated 1856 * objects as we go. 1857 */ 1858 for (current = entry; current->start < end; current = current->next) { 1859 offset = current->offset + (start - current->start); 1860 size = (end <= current->end ? end : current->end) - start; 1861 if (current->eflags & (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_IS_SUB_MAP)) { 1862 vm_map_t smap; 1863 vm_map_entry_t tentry; 1864 vm_size_t tsize; 1865 1866 smap = current->object.share_map; 1867 vm_map_lock_read(smap); 1868 (void) vm_map_lookup_entry(smap, offset, &tentry); 1869 tsize = tentry->end - offset; 1870 if (tsize < size) 1871 size = tsize; 1872 object = tentry->object.vm_object; 1873 offset = tentry->offset + (offset - tentry->start); 1874 vm_map_unlock_read(smap); 1875 } else { 1876 object = current->object.vm_object; 1877 } 1878 /* 1879 * Note that there is absolutely no sense in writing out 1880 * anonymous objects, so we track down the vnode object 1881 * to write out. 1882 * We invalidate (remove) all pages from the address space 1883 * anyway, for semantic correctness. 1884 */ 1885 while (object->backing_object) { 1886 object = object->backing_object; 1887 offset += object->backing_object_offset; 1888 if (object->size < OFF_TO_IDX( offset + size)) 1889 size = IDX_TO_OFF(object->size) - offset; 1890 } 1891 if (object && (object->type == OBJT_VNODE)) { 1892 /* 1893 * Flush pages if writing is allowed. XXX should we continue 1894 * on an error? 1895 * 1896 * XXX Doing async I/O and then removing all the pages from 1897 * the object before it completes is probably a very bad 1898 * idea. 1899 */ 1900 if (current->protection & VM_PROT_WRITE) { 1901 int flags; 1902 if (object->type == OBJT_VNODE) 1903 vn_lock(object->handle, LK_EXCLUSIVE | LK_RETRY, curproc); 1904 flags = (syncio || invalidate) ? OBJPC_SYNC : 0; 1905 flags |= invalidate ? OBJPC_INVAL : 0; 1906 vm_object_page_clean(object, 1907 OFF_TO_IDX(offset), 1908 OFF_TO_IDX(offset + size + PAGE_MASK), 1909 flags); 1910 if (invalidate) { 1911 vm_object_pip_wait(object, "objmcl"); 1912 vm_object_page_remove(object, 1913 OFF_TO_IDX(offset), 1914 OFF_TO_IDX(offset + size + PAGE_MASK), 1915 FALSE); 1916 } 1917 if (object->type == OBJT_VNODE) 1918 VOP_UNLOCK(object->handle, 0, curproc); 1919 } 1920 } 1921 start += size; 1922 } 1923 1924 vm_map_unlock_read(map); 1925 return (KERN_SUCCESS); 1926 } 1927 1928 /* 1929 * vm_map_entry_unwire: [ internal use only ] 1930 * 1931 * Make the region specified by this entry pageable. 1932 * 1933 * The map in question should be locked. 1934 * [This is the reason for this routine's existence.] 1935 */ 1936 static void 1937 vm_map_entry_unwire(map, entry) 1938 vm_map_t map; 1939 vm_map_entry_t entry; 1940 { 1941 vm_fault_unwire(map, entry->start, entry->end); 1942 entry->wired_count = 0; 1943 } 1944 1945 /* 1946 * vm_map_entry_delete: [ internal use only ] 1947 * 1948 * Deallocate the given entry from the target map. 1949 */ 1950 static void 1951 vm_map_entry_delete(map, entry) 1952 vm_map_t map; 1953 vm_map_entry_t entry; 1954 { 1955 vm_map_entry_unlink(map, entry); 1956 map->size -= entry->end - entry->start; 1957 1958 if ((entry->eflags & (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_IS_SUB_MAP)) == 0) { 1959 vm_object_deallocate(entry->object.vm_object); 1960 } 1961 1962 vm_map_entry_dispose(map, entry); 1963 } 1964 1965 /* 1966 * vm_map_delete: [ internal use only ] 1967 * 1968 * Deallocates the given address range from the target 1969 * map. 1970 * 1971 * When called with a sharing map, removes pages from 1972 * that region from all physical maps. 1973 */ 1974 int 1975 vm_map_delete(map, start, end) 1976 vm_map_t map; 1977 vm_offset_t start; 1978 vm_offset_t end; 1979 { 1980 vm_object_t object; 1981 vm_map_entry_t entry; 1982 vm_map_entry_t first_entry; 1983 1984 /* 1985 * Find the start of the region, and clip it 1986 */ 1987 1988 if (!vm_map_lookup_entry(map, start, &first_entry)) { 1989 entry = first_entry->next; 1990 object = entry->object.vm_object; 1991 if (object && (object->ref_count == 1) && (object->shadow_count == 0)) 1992 vm_object_set_flag(object, OBJ_ONEMAPPING); 1993 } else { 1994 entry = first_entry; 1995 vm_map_clip_start(map, entry, start); 1996 /* 1997 * Fix the lookup hint now, rather than each time though the 1998 * loop. 1999 */ 2000 SAVE_HINT(map, entry->prev); 2001 } 2002 2003 /* 2004 * Save the free space hint 2005 */ 2006 2007 if (entry == &map->header) { 2008 map->first_free = &map->header; 2009 } else if (map->first_free->start >= start) { 2010 map->first_free = entry->prev; 2011 } 2012 2013 /* 2014 * Step through all entries in this region 2015 */ 2016 2017 while ((entry != &map->header) && (entry->start < end)) { 2018 vm_map_entry_t next; 2019 vm_offset_t s, e; 2020 vm_pindex_t offidxstart, offidxend, count; 2021 2022 vm_map_clip_end(map, entry, end); 2023 2024 s = entry->start; 2025 e = entry->end; 2026 next = entry->next; 2027 2028 offidxstart = OFF_TO_IDX(entry->offset); 2029 count = OFF_TO_IDX(e - s); 2030 object = entry->object.vm_object; 2031 2032 /* 2033 * Unwire before removing addresses from the pmap; otherwise, 2034 * unwiring will put the entries back in the pmap. 2035 */ 2036 if (entry->wired_count != 0) { 2037 vm_map_entry_unwire(map, entry); 2038 } 2039 2040 offidxend = offidxstart + count; 2041 /* 2042 * If this is a sharing map, we must remove *all* references 2043 * to this data, since we can't find all of the physical maps 2044 * which are sharing it. 2045 */ 2046 2047 if ((object == kernel_object) || (object == kmem_object)) { 2048 vm_object_page_remove(object, offidxstart, offidxend, FALSE); 2049 } else if (!map->is_main_map) { 2050 vm_object_pmap_remove(object, offidxstart, offidxend); 2051 } else { 2052 pmap_remove(map->pmap, s, e); 2053 if (object && 2054 ((object->flags & (OBJ_NOSPLIT|OBJ_ONEMAPPING)) == OBJ_ONEMAPPING) && 2055 ((object->type == OBJT_SWAP) || (object->type == OBJT_DEFAULT))) { 2056 vm_object_collapse(object); 2057 vm_object_page_remove(object, offidxstart, offidxend, FALSE); 2058 if (object->type == OBJT_SWAP) { 2059 swap_pager_freespace(object, offidxstart, count); 2060 } 2061 2062 if ((offidxend >= object->size) && 2063 (offidxstart < object->size)) { 2064 object->size = offidxstart; 2065 } 2066 } 2067 } 2068 2069 /* 2070 * Delete the entry (which may delete the object) only after 2071 * removing all pmap entries pointing to its pages. 2072 * (Otherwise, its page frames may be reallocated, and any 2073 * modify bits will be set in the wrong object!) 2074 */ 2075 vm_map_entry_delete(map, entry); 2076 entry = next; 2077 } 2078 return (KERN_SUCCESS); 2079 } 2080 2081 /* 2082 * vm_map_remove: 2083 * 2084 * Remove the given address range from the target map. 2085 * This is the exported form of vm_map_delete. 2086 */ 2087 int 2088 vm_map_remove(map, start, end) 2089 vm_map_t map; 2090 vm_offset_t start; 2091 vm_offset_t end; 2092 { 2093 int result, s = 0; 2094 2095 if (map == kmem_map || map == mb_map) 2096 s = splvm(); 2097 2098 vm_map_lock(map); 2099 VM_MAP_RANGE_CHECK(map, start, end); 2100 result = vm_map_delete(map, start, end); 2101 vm_map_unlock(map); 2102 2103 if (map == kmem_map || map == mb_map) 2104 splx(s); 2105 2106 return (result); 2107 } 2108 2109 /* 2110 * vm_map_check_protection: 2111 * 2112 * Assert that the target map allows the specified 2113 * privilege on the entire address region given. 2114 * The entire region must be allocated. 2115 */ 2116 boolean_t 2117 vm_map_check_protection(vm_map_t map, vm_offset_t start, vm_offset_t end, 2118 vm_prot_t protection) 2119 { 2120 vm_map_entry_t entry; 2121 vm_map_entry_t tmp_entry; 2122 2123 if (!vm_map_lookup_entry(map, start, &tmp_entry)) { 2124 return (FALSE); 2125 } 2126 entry = tmp_entry; 2127 2128 while (start < end) { 2129 if (entry == &map->header) { 2130 return (FALSE); 2131 } 2132 /* 2133 * No holes allowed! 2134 */ 2135 2136 if (start < entry->start) { 2137 return (FALSE); 2138 } 2139 /* 2140 * Check protection associated with entry. 2141 */ 2142 2143 if ((entry->protection & protection) != protection) { 2144 return (FALSE); 2145 } 2146 /* go to next entry */ 2147 2148 start = entry->end; 2149 entry = entry->next; 2150 } 2151 return (TRUE); 2152 } 2153 2154 /* 2155 * Split the pages in a map entry into a new object. This affords 2156 * easier removal of unused pages, and keeps object inheritance from 2157 * being a negative impact on memory usage. 2158 */ 2159 static void 2160 vm_map_split(entry) 2161 vm_map_entry_t entry; 2162 { 2163 vm_page_t m; 2164 vm_object_t orig_object, new_object, source; 2165 vm_offset_t s, e; 2166 vm_pindex_t offidxstart, offidxend, idx; 2167 vm_size_t size; 2168 vm_ooffset_t offset; 2169 2170 orig_object = entry->object.vm_object; 2171 if (orig_object->type != OBJT_DEFAULT && orig_object->type != OBJT_SWAP) 2172 return; 2173 if (orig_object->ref_count <= 1) 2174 return; 2175 2176 offset = entry->offset; 2177 s = entry->start; 2178 e = entry->end; 2179 2180 offidxstart = OFF_TO_IDX(offset); 2181 offidxend = offidxstart + OFF_TO_IDX(e - s); 2182 size = offidxend - offidxstart; 2183 2184 new_object = vm_pager_allocate(orig_object->type, 2185 NULL, IDX_TO_OFF(size), VM_PROT_ALL, 0LL); 2186 if (new_object == NULL) 2187 return; 2188 2189 source = orig_object->backing_object; 2190 if (source != NULL) { 2191 vm_object_reference(source); /* Referenced by new_object */ 2192 TAILQ_INSERT_TAIL(&source->shadow_head, 2193 new_object, shadow_list); 2194 vm_object_clear_flag(source, OBJ_ONEMAPPING); 2195 new_object->backing_object_offset = 2196 orig_object->backing_object_offset + IDX_TO_OFF(offidxstart); 2197 new_object->backing_object = source; 2198 source->shadow_count++; 2199 source->generation++; 2200 } 2201 2202 for (idx = 0; idx < size; idx++) { 2203 vm_page_t m; 2204 2205 retry: 2206 m = vm_page_lookup(orig_object, offidxstart + idx); 2207 if (m == NULL) 2208 continue; 2209 2210 /* 2211 * We must wait for pending I/O to complete before we can 2212 * rename the page. 2213 */ 2214 if (vm_page_sleep_busy(m, TRUE, "spltwt")) 2215 goto retry; 2216 2217 vm_page_busy(m); 2218 vm_page_protect(m, VM_PROT_NONE); 2219 vm_page_rename(m, new_object, idx); 2220 /* page automatically made dirty by rename and cache handled */ 2221 vm_page_busy(m); 2222 } 2223 2224 if (orig_object->type == OBJT_SWAP) { 2225 vm_object_pip_add(orig_object, 1); 2226 /* 2227 * copy orig_object pages into new_object 2228 * and destroy unneeded pages in 2229 * shadow object. 2230 */ 2231 swap_pager_copy(orig_object, new_object, offidxstart, 0); 2232 vm_object_pip_wakeup(orig_object); 2233 } 2234 2235 for (idx = 0; idx < size; idx++) { 2236 m = vm_page_lookup(new_object, idx); 2237 if (m) { 2238 vm_page_wakeup(m); 2239 } 2240 } 2241 2242 entry->object.vm_object = new_object; 2243 entry->offset = 0LL; 2244 vm_object_deallocate(orig_object); 2245 } 2246 2247 /* 2248 * vm_map_copy_entry: 2249 * 2250 * Copies the contents of the source entry to the destination 2251 * entry. The entries *must* be aligned properly. 2252 */ 2253 static void 2254 vm_map_copy_entry(src_map, dst_map, src_entry, dst_entry) 2255 vm_map_t src_map, dst_map; 2256 vm_map_entry_t src_entry, dst_entry; 2257 { 2258 vm_object_t src_object; 2259 2260 if ((dst_entry->eflags|src_entry->eflags) & 2261 (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_IS_SUB_MAP)) 2262 return; 2263 2264 if (src_entry->wired_count == 0) { 2265 2266 /* 2267 * If the source entry is marked needs_copy, it is already 2268 * write-protected. 2269 */ 2270 if ((src_entry->eflags & MAP_ENTRY_NEEDS_COPY) == 0) { 2271 pmap_protect(src_map->pmap, 2272 src_entry->start, 2273 src_entry->end, 2274 src_entry->protection & ~VM_PROT_WRITE); 2275 } 2276 2277 /* 2278 * Make a copy of the object. 2279 */ 2280 if ((src_object = src_entry->object.vm_object) != NULL) { 2281 2282 if ((src_object->handle == NULL) && 2283 (src_object->type == OBJT_DEFAULT || 2284 src_object->type == OBJT_SWAP)) { 2285 vm_object_collapse(src_object); 2286 if ((src_object->flags & (OBJ_NOSPLIT|OBJ_ONEMAPPING)) == OBJ_ONEMAPPING) { 2287 vm_map_split(src_entry); 2288 src_map->timestamp++; 2289 src_object = src_entry->object.vm_object; 2290 } 2291 } 2292 2293 vm_object_reference(src_object); 2294 vm_object_clear_flag(src_object, OBJ_ONEMAPPING); 2295 dst_entry->object.vm_object = src_object; 2296 src_entry->eflags |= (MAP_ENTRY_COW|MAP_ENTRY_NEEDS_COPY); 2297 dst_entry->eflags |= (MAP_ENTRY_COW|MAP_ENTRY_NEEDS_COPY); 2298 dst_entry->offset = src_entry->offset; 2299 } else { 2300 dst_entry->object.vm_object = NULL; 2301 dst_entry->offset = 0; 2302 } 2303 2304 pmap_copy(dst_map->pmap, src_map->pmap, dst_entry->start, 2305 dst_entry->end - dst_entry->start, src_entry->start); 2306 } else { 2307 /* 2308 * Of course, wired down pages can't be set copy-on-write. 2309 * Cause wired pages to be copied into the new map by 2310 * simulating faults (the new pages are pageable) 2311 */ 2312 vm_fault_copy_entry(dst_map, src_map, dst_entry, src_entry); 2313 } 2314 } 2315 2316 /* 2317 * vmspace_fork: 2318 * Create a new process vmspace structure and vm_map 2319 * based on those of an existing process. The new map 2320 * is based on the old map, according to the inheritance 2321 * values on the regions in that map. 2322 * 2323 * The source map must not be locked. 2324 */ 2325 struct vmspace * 2326 vmspace_fork(vm1) 2327 struct vmspace *vm1; 2328 { 2329 struct vmspace *vm2; 2330 vm_map_t old_map = &vm1->vm_map; 2331 vm_map_t new_map; 2332 vm_map_entry_t old_entry; 2333 vm_map_entry_t new_entry; 2334 pmap_t new_pmap; 2335 vm_object_t object; 2336 2337 vm_map_lock(old_map); 2338 2339 vm2 = vmspace_alloc(old_map->min_offset, old_map->max_offset); 2340 bcopy(&vm1->vm_startcopy, &vm2->vm_startcopy, 2341 (caddr_t) (vm1 + 1) - (caddr_t) &vm1->vm_startcopy); 2342 new_pmap = &vm2->vm_pmap; /* XXX */ 2343 new_map = &vm2->vm_map; /* XXX */ 2344 new_map->timestamp = 1; 2345 2346 old_entry = old_map->header.next; 2347 2348 while (old_entry != &old_map->header) { 2349 if (old_entry->eflags & MAP_ENTRY_IS_SUB_MAP) 2350 panic("vm_map_fork: encountered a submap"); 2351 2352 switch (old_entry->inheritance) { 2353 case VM_INHERIT_NONE: 2354 break; 2355 2356 case VM_INHERIT_SHARE: 2357 /* 2358 * Clone the entry, creating the shared object if necessary. 2359 */ 2360 object = old_entry->object.vm_object; 2361 if (object == NULL) { 2362 object = vm_object_allocate(OBJT_DEFAULT, 2363 atop(old_entry->end - old_entry->start)); 2364 old_entry->object.vm_object = object; 2365 old_entry->offset = (vm_offset_t) 0; 2366 } else if (old_entry->eflags & MAP_ENTRY_NEEDS_COPY) { 2367 vm_object_shadow(&old_entry->object.vm_object, 2368 &old_entry->offset, 2369 atop(old_entry->end - old_entry->start)); 2370 old_entry->eflags &= ~MAP_ENTRY_NEEDS_COPY; 2371 object = old_entry->object.vm_object; 2372 } 2373 vm_object_clear_flag(object, OBJ_ONEMAPPING); 2374 2375 /* 2376 * Clone the entry, referencing the sharing map. 2377 */ 2378 new_entry = vm_map_entry_create(new_map); 2379 *new_entry = *old_entry; 2380 new_entry->wired_count = 0; 2381 vm_object_reference(object); 2382 2383 /* 2384 * Insert the entry into the new map -- we know we're 2385 * inserting at the end of the new map. 2386 */ 2387 2388 vm_map_entry_link(new_map, new_map->header.prev, 2389 new_entry); 2390 2391 /* 2392 * Update the physical map 2393 */ 2394 2395 pmap_copy(new_map->pmap, old_map->pmap, 2396 new_entry->start, 2397 (old_entry->end - old_entry->start), 2398 old_entry->start); 2399 break; 2400 2401 case VM_INHERIT_COPY: 2402 /* 2403 * Clone the entry and link into the map. 2404 */ 2405 new_entry = vm_map_entry_create(new_map); 2406 *new_entry = *old_entry; 2407 new_entry->wired_count = 0; 2408 new_entry->object.vm_object = NULL; 2409 new_entry->eflags &= ~MAP_ENTRY_IS_A_MAP; 2410 vm_map_entry_link(new_map, new_map->header.prev, 2411 new_entry); 2412 vm_map_copy_entry(old_map, new_map, old_entry, 2413 new_entry); 2414 break; 2415 } 2416 old_entry = old_entry->next; 2417 } 2418 2419 new_map->size = old_map->size; 2420 vm_map_unlock(old_map); 2421 old_map->timestamp++; 2422 2423 return (vm2); 2424 } 2425 2426 /* 2427 * Unshare the specified VM space for exec. If other processes are 2428 * mapped to it, then create a new one. The new vmspace is null. 2429 */ 2430 2431 void 2432 vmspace_exec(struct proc *p) { 2433 struct vmspace *oldvmspace = p->p_vmspace; 2434 struct vmspace *newvmspace; 2435 vm_map_t map = &p->p_vmspace->vm_map; 2436 2437 newvmspace = vmspace_alloc(map->min_offset, map->max_offset); 2438 bcopy(&oldvmspace->vm_startcopy, &newvmspace->vm_startcopy, 2439 (caddr_t) (newvmspace + 1) - (caddr_t) &newvmspace->vm_startcopy); 2440 /* 2441 * This code is written like this for prototype purposes. The 2442 * goal is to avoid running down the vmspace here, but let the 2443 * other process's that are still using the vmspace to finally 2444 * run it down. Even though there is little or no chance of blocking 2445 * here, it is a good idea to keep this form for future mods. 2446 */ 2447 vmspace_free(oldvmspace); 2448 p->p_vmspace = newvmspace; 2449 if (p == curproc) 2450 pmap_activate(p); 2451 } 2452 2453 /* 2454 * Unshare the specified VM space for forcing COW. This 2455 * is called by rfork, for the (RFMEM|RFPROC) == 0 case. 2456 */ 2457 2458 void 2459 vmspace_unshare(struct proc *p) { 2460 struct vmspace *oldvmspace = p->p_vmspace; 2461 struct vmspace *newvmspace; 2462 2463 if (oldvmspace->vm_refcnt == 1) 2464 return; 2465 newvmspace = vmspace_fork(oldvmspace); 2466 vmspace_free(oldvmspace); 2467 p->p_vmspace = newvmspace; 2468 if (p == curproc) 2469 pmap_activate(p); 2470 } 2471 2472 2473 /* 2474 * vm_map_lookup: 2475 * 2476 * Finds the VM object, offset, and 2477 * protection for a given virtual address in the 2478 * specified map, assuming a page fault of the 2479 * type specified. 2480 * 2481 * Leaves the map in question locked for read; return 2482 * values are guaranteed until a vm_map_lookup_done 2483 * call is performed. Note that the map argument 2484 * is in/out; the returned map must be used in 2485 * the call to vm_map_lookup_done. 2486 * 2487 * A handle (out_entry) is returned for use in 2488 * vm_map_lookup_done, to make that fast. 2489 * 2490 * If a lookup is requested with "write protection" 2491 * specified, the map may be changed to perform virtual 2492 * copying operations, although the data referenced will 2493 * remain the same. 2494 */ 2495 int 2496 vm_map_lookup(vm_map_t *var_map, /* IN/OUT */ 2497 vm_offset_t vaddr, 2498 vm_prot_t fault_typea, 2499 vm_map_entry_t *out_entry, /* OUT */ 2500 vm_object_t *object, /* OUT */ 2501 vm_pindex_t *pindex, /* OUT */ 2502 vm_prot_t *out_prot, /* OUT */ 2503 boolean_t *wired) /* OUT */ 2504 { 2505 vm_map_t share_map; 2506 vm_offset_t share_offset; 2507 vm_map_entry_t entry; 2508 vm_map_t map = *var_map; 2509 vm_prot_t prot; 2510 boolean_t su; 2511 vm_prot_t fault_type = fault_typea; 2512 2513 RetryLookup:; 2514 2515 /* 2516 * Lookup the faulting address. 2517 */ 2518 2519 vm_map_lock_read(map); 2520 2521 #define RETURN(why) \ 2522 { \ 2523 vm_map_unlock_read(map); \ 2524 return(why); \ 2525 } 2526 2527 /* 2528 * If the map has an interesting hint, try it before calling full 2529 * blown lookup routine. 2530 */ 2531 2532 entry = map->hint; 2533 2534 *out_entry = entry; 2535 2536 if ((entry == &map->header) || 2537 (vaddr < entry->start) || (vaddr >= entry->end)) { 2538 vm_map_entry_t tmp_entry; 2539 2540 /* 2541 * Entry was either not a valid hint, or the vaddr was not 2542 * contained in the entry, so do a full lookup. 2543 */ 2544 if (!vm_map_lookup_entry(map, vaddr, &tmp_entry)) 2545 RETURN(KERN_INVALID_ADDRESS); 2546 2547 entry = tmp_entry; 2548 *out_entry = entry; 2549 } 2550 2551 /* 2552 * Handle submaps. 2553 */ 2554 2555 if (entry->eflags & MAP_ENTRY_IS_SUB_MAP) { 2556 vm_map_t old_map = map; 2557 2558 *var_map = map = entry->object.sub_map; 2559 vm_map_unlock_read(old_map); 2560 goto RetryLookup; 2561 } 2562 2563 /* 2564 * Check whether this task is allowed to have this page. 2565 * Note the special case for MAP_ENTRY_COW 2566 * pages with an override. This is to implement a forced 2567 * COW for debuggers. 2568 */ 2569 2570 if (fault_type & VM_PROT_OVERRIDE_WRITE) 2571 prot = entry->max_protection; 2572 else 2573 prot = entry->protection; 2574 2575 fault_type &= (VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE); 2576 if ((fault_type & prot) != fault_type) { 2577 RETURN(KERN_PROTECTION_FAILURE); 2578 } 2579 2580 if (entry->wired_count && (fault_type & VM_PROT_WRITE) && 2581 (entry->eflags & MAP_ENTRY_COW) && 2582 (fault_typea & VM_PROT_OVERRIDE_WRITE) == 0) { 2583 RETURN(KERN_PROTECTION_FAILURE); 2584 } 2585 2586 /* 2587 * If this page is not pageable, we have to get it for all possible 2588 * accesses. 2589 */ 2590 2591 *wired = (entry->wired_count != 0); 2592 if (*wired) 2593 prot = fault_type = entry->protection; 2594 2595 /* 2596 * If we don't already have a VM object, track it down. 2597 */ 2598 2599 su = (entry->eflags & MAP_ENTRY_IS_A_MAP) == 0; 2600 if (su) { 2601 share_map = map; 2602 share_offset = vaddr; 2603 } else { 2604 vm_map_entry_t share_entry; 2605 2606 /* 2607 * Compute the sharing map, and offset into it. 2608 */ 2609 2610 share_map = entry->object.share_map; 2611 share_offset = (vaddr - entry->start) + entry->offset; 2612 2613 /* 2614 * Look for the backing store object and offset 2615 */ 2616 2617 vm_map_lock_read(share_map); 2618 2619 if (!vm_map_lookup_entry(share_map, share_offset, 2620 &share_entry)) { 2621 vm_map_unlock_read(share_map); 2622 RETURN(KERN_INVALID_ADDRESS); 2623 } 2624 entry = share_entry; 2625 } 2626 2627 /* 2628 * If the entry was copy-on-write, we either ... 2629 */ 2630 2631 if (entry->eflags & MAP_ENTRY_NEEDS_COPY) { 2632 /* 2633 * If we want to write the page, we may as well handle that 2634 * now since we've got the sharing map locked. 2635 * 2636 * If we don't need to write the page, we just demote the 2637 * permissions allowed. 2638 */ 2639 2640 if (fault_type & VM_PROT_WRITE) { 2641 /* 2642 * Make a new object, and place it in the object 2643 * chain. Note that no new references have appeared 2644 * -- one just moved from the share map to the new 2645 * object. 2646 */ 2647 2648 if (vm_map_lock_upgrade(share_map)) { 2649 if (share_map != map) 2650 vm_map_unlock_read(map); 2651 2652 goto RetryLookup; 2653 } 2654 vm_object_shadow( 2655 &entry->object.vm_object, 2656 &entry->offset, 2657 atop(entry->end - entry->start)); 2658 2659 entry->eflags &= ~MAP_ENTRY_NEEDS_COPY; 2660 vm_map_lock_downgrade(share_map); 2661 } else { 2662 /* 2663 * We're attempting to read a copy-on-write page -- 2664 * don't allow writes. 2665 */ 2666 2667 prot &= ~VM_PROT_WRITE; 2668 } 2669 } 2670 2671 /* 2672 * Create an object if necessary. 2673 */ 2674 if (entry->object.vm_object == NULL) { 2675 2676 if (vm_map_lock_upgrade(share_map)) { 2677 if (share_map != map) 2678 vm_map_unlock_read(map); 2679 goto RetryLookup; 2680 } 2681 entry->object.vm_object = vm_object_allocate(OBJT_DEFAULT, 2682 atop(entry->end - entry->start)); 2683 entry->offset = 0; 2684 vm_map_lock_downgrade(share_map); 2685 } 2686 2687 #if 0 2688 /* 2689 * (no longer applies) 2690 */ 2691 if (entry->object.vm_object->type == OBJT_DEFAULT) 2692 default_pager_convert_to_swapq(entry->object.vm_object); 2693 #endif 2694 /* 2695 * Return the object/offset from this entry. If the entry was 2696 * copy-on-write or empty, it has been fixed up. 2697 */ 2698 2699 *pindex = OFF_TO_IDX((share_offset - entry->start) + entry->offset); 2700 *object = entry->object.vm_object; 2701 2702 /* 2703 * Return whether this is the only map sharing this data. 2704 */ 2705 2706 *out_prot = prot; 2707 return (KERN_SUCCESS); 2708 2709 #undef RETURN 2710 } 2711 2712 /* 2713 * vm_map_lookup_done: 2714 * 2715 * Releases locks acquired by a vm_map_lookup 2716 * (according to the handle returned by that lookup). 2717 */ 2718 2719 void 2720 vm_map_lookup_done(map, entry) 2721 vm_map_t map; 2722 vm_map_entry_t entry; 2723 { 2724 /* 2725 * If this entry references a map, unlock it first. 2726 */ 2727 2728 if (entry->eflags & MAP_ENTRY_IS_A_MAP) 2729 vm_map_unlock_read(entry->object.share_map); 2730 2731 /* 2732 * Unlock the main-level map 2733 */ 2734 2735 vm_map_unlock_read(map); 2736 } 2737 2738 /* 2739 * Implement uiomove with VM operations. This handles (and collateral changes) 2740 * support every combination of source object modification, and COW type 2741 * operations. 2742 */ 2743 int 2744 vm_uiomove(mapa, srcobject, cp, cnta, uaddra, npages) 2745 vm_map_t mapa; 2746 vm_object_t srcobject; 2747 off_t cp; 2748 int cnta; 2749 vm_offset_t uaddra; 2750 int *npages; 2751 { 2752 vm_map_t map; 2753 vm_object_t first_object, oldobject, object; 2754 vm_map_entry_t entry; 2755 vm_prot_t prot; 2756 boolean_t wired; 2757 int tcnt, rv; 2758 vm_offset_t uaddr, start, end, tend; 2759 vm_pindex_t first_pindex, osize, oindex; 2760 off_t ooffset; 2761 int cnt; 2762 2763 if (npages) 2764 *npages = 0; 2765 2766 cnt = cnta; 2767 uaddr = uaddra; 2768 2769 while (cnt > 0) { 2770 map = mapa; 2771 2772 if ((vm_map_lookup(&map, uaddr, 2773 VM_PROT_READ, &entry, &first_object, 2774 &first_pindex, &prot, &wired)) != KERN_SUCCESS) { 2775 return EFAULT; 2776 } 2777 2778 vm_map_clip_start(map, entry, uaddr); 2779 2780 tcnt = cnt; 2781 tend = uaddr + tcnt; 2782 if (tend > entry->end) { 2783 tcnt = entry->end - uaddr; 2784 tend = entry->end; 2785 } 2786 2787 vm_map_clip_end(map, entry, tend); 2788 2789 start = entry->start; 2790 end = entry->end; 2791 2792 osize = atop(tcnt); 2793 2794 oindex = OFF_TO_IDX(cp); 2795 if (npages) { 2796 vm_pindex_t idx; 2797 for (idx = 0; idx < osize; idx++) { 2798 vm_page_t m; 2799 if ((m = vm_page_lookup(srcobject, oindex + idx)) == NULL) { 2800 vm_map_lookup_done(map, entry); 2801 return 0; 2802 } 2803 /* 2804 * disallow busy or invalid pages, but allow 2805 * m->busy pages if they are entirely valid. 2806 */ 2807 if ((m->flags & PG_BUSY) || 2808 ((m->valid & VM_PAGE_BITS_ALL) != VM_PAGE_BITS_ALL)) { 2809 vm_map_lookup_done(map, entry); 2810 return 0; 2811 } 2812 } 2813 } 2814 2815 /* 2816 * If we are changing an existing map entry, just redirect 2817 * the object, and change mappings. 2818 */ 2819 if ((first_object->type == OBJT_VNODE) && 2820 ((oldobject = entry->object.vm_object) == first_object)) { 2821 2822 if ((entry->offset != cp) || (oldobject != srcobject)) { 2823 /* 2824 * Remove old window into the file 2825 */ 2826 pmap_remove (map->pmap, uaddr, tend); 2827 2828 /* 2829 * Force copy on write for mmaped regions 2830 */ 2831 vm_object_pmap_copy_1 (srcobject, oindex, oindex + osize); 2832 2833 /* 2834 * Point the object appropriately 2835 */ 2836 if (oldobject != srcobject) { 2837 2838 /* 2839 * Set the object optimization hint flag 2840 */ 2841 vm_object_set_flag(srcobject, OBJ_OPT); 2842 vm_object_reference(srcobject); 2843 entry->object.vm_object = srcobject; 2844 2845 if (oldobject) { 2846 vm_object_deallocate(oldobject); 2847 } 2848 } 2849 2850 entry->offset = cp; 2851 map->timestamp++; 2852 } else { 2853 pmap_remove (map->pmap, uaddr, tend); 2854 } 2855 2856 } else if ((first_object->ref_count == 1) && 2857 (first_object->size == osize) && 2858 ((first_object->type == OBJT_DEFAULT) || 2859 (first_object->type == OBJT_SWAP)) ) { 2860 2861 oldobject = first_object->backing_object; 2862 2863 if ((first_object->backing_object_offset != cp) || 2864 (oldobject != srcobject)) { 2865 /* 2866 * Remove old window into the file 2867 */ 2868 pmap_remove (map->pmap, uaddr, tend); 2869 2870 /* 2871 * Remove unneeded old pages 2872 */ 2873 if (first_object->resident_page_count) { 2874 vm_object_page_remove (first_object, 0, 0, 0); 2875 } 2876 2877 /* 2878 * Invalidate swap space 2879 */ 2880 if (first_object->type == OBJT_SWAP) { 2881 swap_pager_freespace(first_object, 2882 0, 2883 first_object->size); 2884 } 2885 2886 /* 2887 * Force copy on write for mmaped regions 2888 */ 2889 vm_object_pmap_copy_1 (srcobject, oindex, oindex + osize); 2890 2891 /* 2892 * Point the object appropriately 2893 */ 2894 if (oldobject != srcobject) { 2895 2896 /* 2897 * Set the object optimization hint flag 2898 */ 2899 vm_object_set_flag(srcobject, OBJ_OPT); 2900 vm_object_reference(srcobject); 2901 2902 if (oldobject) { 2903 TAILQ_REMOVE(&oldobject->shadow_head, 2904 first_object, shadow_list); 2905 oldobject->shadow_count--; 2906 vm_object_deallocate(oldobject); 2907 } 2908 2909 TAILQ_INSERT_TAIL(&srcobject->shadow_head, 2910 first_object, shadow_list); 2911 srcobject->shadow_count++; 2912 2913 first_object->backing_object = srcobject; 2914 } 2915 first_object->backing_object_offset = cp; 2916 map->timestamp++; 2917 } else { 2918 pmap_remove (map->pmap, uaddr, tend); 2919 } 2920 /* 2921 * Otherwise, we have to do a logical mmap. 2922 */ 2923 } else { 2924 2925 vm_object_set_flag(srcobject, OBJ_OPT); 2926 vm_object_reference(srcobject); 2927 2928 pmap_remove (map->pmap, uaddr, tend); 2929 2930 vm_object_pmap_copy_1 (srcobject, oindex, oindex + osize); 2931 vm_map_lock_upgrade(map); 2932 2933 if (entry == &map->header) { 2934 map->first_free = &map->header; 2935 } else if (map->first_free->start >= start) { 2936 map->first_free = entry->prev; 2937 } 2938 2939 SAVE_HINT(map, entry->prev); 2940 vm_map_entry_delete(map, entry); 2941 2942 object = srcobject; 2943 ooffset = cp; 2944 #if 0 2945 vm_object_shadow(&object, &ooffset, osize); 2946 #endif 2947 2948 rv = vm_map_insert(map, object, ooffset, start, tend, 2949 VM_PROT_ALL, VM_PROT_ALL, MAP_COPY_ON_WRITE|MAP_COPY_NEEDED); 2950 2951 if (rv != KERN_SUCCESS) 2952 panic("vm_uiomove: could not insert new entry: %d", rv); 2953 } 2954 2955 /* 2956 * Map the window directly, if it is already in memory 2957 */ 2958 pmap_object_init_pt(map->pmap, uaddr, 2959 srcobject, oindex, tcnt, 0); 2960 2961 map->timestamp++; 2962 vm_map_unlock(map); 2963 2964 cnt -= tcnt; 2965 uaddr += tcnt; 2966 cp += tcnt; 2967 if (npages) 2968 *npages += osize; 2969 } 2970 return 0; 2971 } 2972 2973 /* 2974 * Performs the copy_on_write operations necessary to allow the virtual copies 2975 * into user space to work. This has to be called for write(2) system calls 2976 * from other processes, file unlinking, and file size shrinkage. 2977 */ 2978 void 2979 vm_freeze_copyopts(object, froma, toa) 2980 vm_object_t object; 2981 vm_pindex_t froma, toa; 2982 { 2983 int rv; 2984 vm_object_t robject; 2985 vm_pindex_t idx; 2986 2987 if ((object == NULL) || 2988 ((object->flags & OBJ_OPT) == 0)) 2989 return; 2990 2991 if (object->shadow_count > object->ref_count) 2992 panic("vm_freeze_copyopts: sc > rc"); 2993 2994 while((robject = TAILQ_FIRST(&object->shadow_head)) != NULL) { 2995 vm_pindex_t bo_pindex; 2996 vm_page_t m_in, m_out; 2997 2998 bo_pindex = OFF_TO_IDX(robject->backing_object_offset); 2999 3000 vm_object_reference(robject); 3001 3002 vm_object_pip_wait(robject, "objfrz"); 3003 3004 if (robject->ref_count == 1) { 3005 vm_object_deallocate(robject); 3006 continue; 3007 } 3008 3009 vm_object_pip_add(robject, 1); 3010 3011 for (idx = 0; idx < robject->size; idx++) { 3012 3013 m_out = vm_page_grab(robject, idx, 3014 VM_ALLOC_NORMAL | VM_ALLOC_RETRY); 3015 3016 if (m_out->valid == 0) { 3017 m_in = vm_page_grab(object, bo_pindex + idx, 3018 VM_ALLOC_NORMAL | VM_ALLOC_RETRY); 3019 if (m_in->valid == 0) { 3020 rv = vm_pager_get_pages(object, &m_in, 1, 0); 3021 if (rv != VM_PAGER_OK) { 3022 printf("vm_freeze_copyopts: cannot read page from file: %x\n", m_in->pindex); 3023 continue; 3024 } 3025 vm_page_deactivate(m_in); 3026 } 3027 3028 vm_page_protect(m_in, VM_PROT_NONE); 3029 pmap_copy_page(VM_PAGE_TO_PHYS(m_in), VM_PAGE_TO_PHYS(m_out)); 3030 m_out->valid = m_in->valid; 3031 vm_page_dirty(m_out); 3032 vm_page_activate(m_out); 3033 vm_page_wakeup(m_in); 3034 } 3035 vm_page_wakeup(m_out); 3036 } 3037 3038 object->shadow_count--; 3039 object->ref_count--; 3040 TAILQ_REMOVE(&object->shadow_head, robject, shadow_list); 3041 robject->backing_object = NULL; 3042 robject->backing_object_offset = 0; 3043 3044 vm_object_pip_wakeup(robject); 3045 vm_object_deallocate(robject); 3046 } 3047 3048 vm_object_clear_flag(object, OBJ_OPT); 3049 } 3050 3051 #include "opt_ddb.h" 3052 #ifdef DDB 3053 #include <sys/kernel.h> 3054 3055 #include <ddb/ddb.h> 3056 3057 /* 3058 * vm_map_print: [ debug ] 3059 */ 3060 DB_SHOW_COMMAND(map, vm_map_print) 3061 { 3062 static int nlines; 3063 /* XXX convert args. */ 3064 vm_map_t map = (vm_map_t)addr; 3065 boolean_t full = have_addr; 3066 3067 vm_map_entry_t entry; 3068 3069 db_iprintf("%s map %p: pmap=%p, nentries=%d, version=%u\n", 3070 (map->is_main_map ? "Task" : "Share"), (void *)map, 3071 (void *)map->pmap, map->nentries, map->timestamp); 3072 nlines++; 3073 3074 if (!full && db_indent) 3075 return; 3076 3077 db_indent += 2; 3078 for (entry = map->header.next; entry != &map->header; 3079 entry = entry->next) { 3080 #if 0 3081 if (nlines > 18) { 3082 db_printf("--More--"); 3083 cngetc(); 3084 db_printf("\r"); 3085 nlines = 0; 3086 } 3087 #endif 3088 3089 db_iprintf("map entry %p: start=%p, end=%p\n", 3090 (void *)entry, (void *)entry->start, (void *)entry->end); 3091 nlines++; 3092 if (map->is_main_map) { 3093 static char *inheritance_name[4] = 3094 {"share", "copy", "none", "donate_copy"}; 3095 3096 db_iprintf(" prot=%x/%x/%s", 3097 entry->protection, 3098 entry->max_protection, 3099 inheritance_name[(int)(unsigned char)entry->inheritance]); 3100 if (entry->wired_count != 0) 3101 db_printf(", wired"); 3102 } 3103 if (entry->eflags & (MAP_ENTRY_IS_A_MAP|MAP_ENTRY_IS_SUB_MAP)) { 3104 /* XXX no %qd in kernel. Truncate entry->offset. */ 3105 db_printf(", share=%p, offset=0x%lx\n", 3106 (void *)entry->object.share_map, 3107 (long)entry->offset); 3108 nlines++; 3109 if ((entry->prev == &map->header) || 3110 ((entry->prev->eflags & MAP_ENTRY_IS_A_MAP) == 0) || 3111 (entry->prev->object.share_map != 3112 entry->object.share_map)) { 3113 db_indent += 2; 3114 vm_map_print((db_expr_t)(intptr_t) 3115 entry->object.share_map, 3116 full, 0, (char *)0); 3117 db_indent -= 2; 3118 } 3119 } else { 3120 /* XXX no %qd in kernel. Truncate entry->offset. */ 3121 db_printf(", object=%p, offset=0x%lx", 3122 (void *)entry->object.vm_object, 3123 (long)entry->offset); 3124 if (entry->eflags & MAP_ENTRY_COW) 3125 db_printf(", copy (%s)", 3126 (entry->eflags & MAP_ENTRY_NEEDS_COPY) ? "needed" : "done"); 3127 db_printf("\n"); 3128 nlines++; 3129 3130 if ((entry->prev == &map->header) || 3131 (entry->prev->eflags & MAP_ENTRY_IS_A_MAP) || 3132 (entry->prev->object.vm_object != 3133 entry->object.vm_object)) { 3134 db_indent += 2; 3135 vm_object_print((db_expr_t)(intptr_t) 3136 entry->object.vm_object, 3137 full, 0, (char *)0); 3138 nlines += 4; 3139 db_indent -= 2; 3140 } 3141 } 3142 } 3143 db_indent -= 2; 3144 if (db_indent == 0) 3145 nlines = 0; 3146 } 3147 3148 3149 DB_SHOW_COMMAND(procvm, procvm) 3150 { 3151 struct proc *p; 3152 3153 if (have_addr) { 3154 p = (struct proc *) addr; 3155 } else { 3156 p = curproc; 3157 } 3158 3159 db_printf("p = %p, vmspace = %p, map = %p, pmap = %p\n", 3160 (void *)p, (void *)p->p_vmspace, (void *)&p->p_vmspace->vm_map, 3161 (void *)&p->p_vmspace->vm_pmap); 3162 3163 vm_map_print((db_expr_t)(intptr_t)&p->p_vmspace->vm_map, 1, 0, NULL); 3164 } 3165 3166 #endif /* DDB */ 3167