1 /*- 2 * Copyright (c) 1988 University of Utah. 3 * Copyright (c) 1991, 1993 4 * The Regents of the University of California. All rights reserved. 5 * 6 * This code is derived from software contributed to Berkeley by 7 * the Systems Programming Group of the University of Utah Computer 8 * Science Department. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 4. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * from: Utah $Hdr: vm_mmap.c 1.6 91/10/21$ 35 * 36 * @(#)vm_mmap.c 8.4 (Berkeley) 1/12/94 37 */ 38 39 /* 40 * Mapped file (mmap) interface to VM 41 */ 42 43 #include <sys/cdefs.h> 44 __FBSDID("$FreeBSD$"); 45 46 #include "opt_compat.h" 47 #include "opt_hwpmc_hooks.h" 48 #include "opt_mac.h" 49 50 #include <sys/param.h> 51 #include <sys/systm.h> 52 #include <sys/kernel.h> 53 #include <sys/lock.h> 54 #include <sys/mutex.h> 55 #include <sys/sysproto.h> 56 #include <sys/filedesc.h> 57 #include <sys/priv.h> 58 #include <sys/proc.h> 59 #include <sys/resource.h> 60 #include <sys/resourcevar.h> 61 #include <sys/vnode.h> 62 #include <sys/fcntl.h> 63 #include <sys/file.h> 64 #include <sys/mman.h> 65 #include <sys/mount.h> 66 #include <sys/conf.h> 67 #include <sys/stat.h> 68 #include <sys/vmmeter.h> 69 #include <sys/sysctl.h> 70 71 #include <security/mac/mac_framework.h> 72 73 #include <vm/vm.h> 74 #include <vm/vm_param.h> 75 #include <vm/pmap.h> 76 #include <vm/vm_map.h> 77 #include <vm/vm_object.h> 78 #include <vm/vm_page.h> 79 #include <vm/vm_pager.h> 80 #include <vm/vm_pageout.h> 81 #include <vm/vm_extern.h> 82 #include <vm/vm_page.h> 83 #include <vm/vm_kern.h> 84 85 #ifdef HWPMC_HOOKS 86 #include <sys/pmckern.h> 87 #endif 88 89 #ifndef _SYS_SYSPROTO_H_ 90 struct sbrk_args { 91 int incr; 92 }; 93 #endif 94 95 static int max_proc_mmap; 96 SYSCTL_INT(_vm, OID_AUTO, max_proc_mmap, CTLFLAG_RW, &max_proc_mmap, 0, ""); 97 98 /* 99 * Set the maximum number of vm_map_entry structures per process. Roughly 100 * speaking vm_map_entry structures are tiny, so allowing them to eat 1/100 101 * of our KVM malloc space still results in generous limits. We want a 102 * default that is good enough to prevent the kernel running out of resources 103 * if attacked from compromised user account but generous enough such that 104 * multi-threaded processes are not unduly inconvenienced. 105 */ 106 static void vmmapentry_rsrc_init(void *); 107 SYSINIT(vmmersrc, SI_SUB_KVM_RSRC, SI_ORDER_FIRST, vmmapentry_rsrc_init, 108 NULL); 109 110 static void 111 vmmapentry_rsrc_init(dummy) 112 void *dummy; 113 { 114 max_proc_mmap = vm_kmem_size / sizeof(struct vm_map_entry); 115 max_proc_mmap /= 100; 116 } 117 118 static int vm_mmap_vnode(struct thread *, vm_size_t, vm_prot_t, vm_prot_t *, 119 int *, struct vnode *, vm_ooffset_t, vm_object_t *); 120 static int vm_mmap_cdev(struct thread *, vm_size_t, vm_prot_t, vm_prot_t *, 121 int *, struct cdev *, vm_ooffset_t, vm_object_t *); 122 static int vm_mmap_shm(struct thread *, vm_size_t, vm_prot_t, vm_prot_t *, 123 int *, struct shmfd *, vm_ooffset_t, vm_object_t *); 124 125 /* 126 * MPSAFE 127 */ 128 /* ARGSUSED */ 129 int 130 sbrk(td, uap) 131 struct thread *td; 132 struct sbrk_args *uap; 133 { 134 /* Not yet implemented */ 135 return (EOPNOTSUPP); 136 } 137 138 #ifndef _SYS_SYSPROTO_H_ 139 struct sstk_args { 140 int incr; 141 }; 142 #endif 143 144 /* 145 * MPSAFE 146 */ 147 /* ARGSUSED */ 148 int 149 sstk(td, uap) 150 struct thread *td; 151 struct sstk_args *uap; 152 { 153 /* Not yet implemented */ 154 return (EOPNOTSUPP); 155 } 156 157 #if defined(COMPAT_43) 158 #ifndef _SYS_SYSPROTO_H_ 159 struct getpagesize_args { 160 int dummy; 161 }; 162 #endif 163 164 /* ARGSUSED */ 165 int 166 ogetpagesize(td, uap) 167 struct thread *td; 168 struct getpagesize_args *uap; 169 { 170 /* MP SAFE */ 171 td->td_retval[0] = PAGE_SIZE; 172 return (0); 173 } 174 #endif /* COMPAT_43 */ 175 176 177 /* 178 * Memory Map (mmap) system call. Note that the file offset 179 * and address are allowed to be NOT page aligned, though if 180 * the MAP_FIXED flag it set, both must have the same remainder 181 * modulo the PAGE_SIZE (POSIX 1003.1b). If the address is not 182 * page-aligned, the actual mapping starts at trunc_page(addr) 183 * and the return value is adjusted up by the page offset. 184 * 185 * Generally speaking, only character devices which are themselves 186 * memory-based, such as a video framebuffer, can be mmap'd. Otherwise 187 * there would be no cache coherency between a descriptor and a VM mapping 188 * both to the same character device. 189 * 190 * Block devices can be mmap'd no matter what they represent. Cache coherency 191 * is maintained as long as you do not write directly to the underlying 192 * character device. 193 */ 194 #ifndef _SYS_SYSPROTO_H_ 195 struct mmap_args { 196 void *addr; 197 size_t len; 198 int prot; 199 int flags; 200 int fd; 201 long pad; 202 off_t pos; 203 }; 204 #endif 205 206 /* 207 * MPSAFE 208 */ 209 int 210 mmap(td, uap) 211 struct thread *td; 212 struct mmap_args *uap; 213 { 214 #ifdef HWPMC_HOOKS 215 struct pmckern_map_in pkm; 216 #endif 217 struct file *fp; 218 struct vnode *vp; 219 vm_offset_t addr; 220 vm_size_t size, pageoff; 221 vm_prot_t prot, maxprot; 222 void *handle; 223 objtype_t handle_type; 224 int flags, error; 225 off_t pos; 226 struct vmspace *vms = td->td_proc->p_vmspace; 227 228 addr = (vm_offset_t) uap->addr; 229 size = uap->len; 230 prot = uap->prot & VM_PROT_ALL; 231 flags = uap->flags; 232 pos = uap->pos; 233 234 fp = NULL; 235 /* make sure mapping fits into numeric range etc */ 236 if ((ssize_t) uap->len < 0 || 237 ((flags & MAP_ANON) && uap->fd != -1)) 238 return (EINVAL); 239 240 if (flags & MAP_STACK) { 241 if ((uap->fd != -1) || 242 ((prot & (PROT_READ | PROT_WRITE)) != (PROT_READ | PROT_WRITE))) 243 return (EINVAL); 244 flags |= MAP_ANON; 245 pos = 0; 246 } 247 248 /* 249 * Align the file position to a page boundary, 250 * and save its page offset component. 251 */ 252 pageoff = (pos & PAGE_MASK); 253 pos -= pageoff; 254 255 /* Adjust size for rounding (on both ends). */ 256 size += pageoff; /* low end... */ 257 size = (vm_size_t) round_page(size); /* hi end */ 258 259 /* 260 * Check for illegal addresses. Watch out for address wrap... Note 261 * that VM_*_ADDRESS are not constants due to casts (argh). 262 */ 263 if (flags & MAP_FIXED) { 264 /* 265 * The specified address must have the same remainder 266 * as the file offset taken modulo PAGE_SIZE, so it 267 * should be aligned after adjustment by pageoff. 268 */ 269 addr -= pageoff; 270 if (addr & PAGE_MASK) 271 return (EINVAL); 272 /* Address range must be all in user VM space. */ 273 if (addr < vm_map_min(&vms->vm_map) || 274 addr + size > vm_map_max(&vms->vm_map)) 275 return (EINVAL); 276 if (addr + size < addr) 277 return (EINVAL); 278 } else { 279 /* 280 * XXX for non-fixed mappings where no hint is provided or 281 * the hint would fall in the potential heap space, 282 * place it after the end of the largest possible heap. 283 * 284 * There should really be a pmap call to determine a reasonable 285 * location. 286 */ 287 PROC_LOCK(td->td_proc); 288 if (addr == 0 || 289 (addr >= round_page((vm_offset_t)vms->vm_taddr) && 290 addr < round_page((vm_offset_t)vms->vm_daddr + 291 lim_max(td->td_proc, RLIMIT_DATA)))) 292 addr = round_page((vm_offset_t)vms->vm_daddr + 293 lim_max(td->td_proc, RLIMIT_DATA)); 294 PROC_UNLOCK(td->td_proc); 295 } 296 if (flags & MAP_ANON) { 297 /* 298 * Mapping blank space is trivial. 299 */ 300 handle = NULL; 301 handle_type = OBJT_DEFAULT; 302 maxprot = VM_PROT_ALL; 303 pos = 0; 304 } else { 305 /* 306 * Mapping file, get fp for validation and 307 * don't let the descriptor disappear on us if we block. 308 */ 309 if ((error = fget(td, uap->fd, &fp)) != 0) 310 goto done; 311 if (fp->f_type == DTYPE_SHM) { 312 handle = fp->f_data; 313 handle_type = OBJT_SWAP; 314 maxprot = VM_PROT_NONE; 315 316 /* FREAD should always be set. */ 317 if (fp->f_flag & FREAD) 318 maxprot |= VM_PROT_EXECUTE | VM_PROT_READ; 319 if (fp->f_flag & FWRITE) 320 maxprot |= VM_PROT_WRITE; 321 goto map; 322 } 323 if (fp->f_type != DTYPE_VNODE) { 324 error = ENODEV; 325 goto done; 326 } 327 #if defined(COMPAT_FREEBSD7) || defined(COMPAT_FREEBSD6) || \ 328 defined(COMPAT_FREEBSD5) || defined(COMPAT_FREEBSD4) 329 /* 330 * POSIX shared-memory objects are defined to have 331 * kernel persistence, and are not defined to support 332 * read(2)/write(2) -- or even open(2). Thus, we can 333 * use MAP_ASYNC to trade on-disk coherence for speed. 334 * The shm_open(3) library routine turns on the FPOSIXSHM 335 * flag to request this behavior. 336 */ 337 if (fp->f_flag & FPOSIXSHM) 338 flags |= MAP_NOSYNC; 339 #endif 340 vp = fp->f_vnode; 341 /* 342 * Ensure that file and memory protections are 343 * compatible. Note that we only worry about 344 * writability if mapping is shared; in this case, 345 * current and max prot are dictated by the open file. 346 * XXX use the vnode instead? Problem is: what 347 * credentials do we use for determination? What if 348 * proc does a setuid? 349 */ 350 if (vp->v_mount != NULL && vp->v_mount->mnt_flag & MNT_NOEXEC) 351 maxprot = VM_PROT_NONE; 352 else 353 maxprot = VM_PROT_EXECUTE; 354 if (fp->f_flag & FREAD) { 355 maxprot |= VM_PROT_READ; 356 } else if (prot & PROT_READ) { 357 error = EACCES; 358 goto done; 359 } 360 /* 361 * If we are sharing potential changes (either via 362 * MAP_SHARED or via the implicit sharing of character 363 * device mappings), and we are trying to get write 364 * permission although we opened it without asking 365 * for it, bail out. 366 */ 367 if ((flags & MAP_SHARED) != 0) { 368 if ((fp->f_flag & FWRITE) != 0) { 369 maxprot |= VM_PROT_WRITE; 370 } else if ((prot & PROT_WRITE) != 0) { 371 error = EACCES; 372 goto done; 373 } 374 } else if (vp->v_type != VCHR || (fp->f_flag & FWRITE) != 0) { 375 maxprot |= VM_PROT_WRITE; 376 } 377 handle = (void *)vp; 378 handle_type = OBJT_VNODE; 379 } 380 map: 381 382 /* 383 * Do not allow more then a certain number of vm_map_entry structures 384 * per process. Scale with the number of rforks sharing the map 385 * to make the limit reasonable for threads. 386 */ 387 if (max_proc_mmap && 388 vms->vm_map.nentries >= max_proc_mmap * vms->vm_refcnt) { 389 error = ENOMEM; 390 goto done; 391 } 392 393 error = vm_mmap(&vms->vm_map, &addr, size, prot, maxprot, 394 flags, handle_type, handle, pos); 395 #ifdef HWPMC_HOOKS 396 /* inform hwpmc(4) if an executable is being mapped */ 397 if (error == 0 && handle_type == OBJT_VNODE && 398 (prot & PROT_EXEC)) { 399 pkm.pm_file = handle; 400 pkm.pm_address = (uintptr_t) addr; 401 PMC_CALL_HOOK(td, PMC_FN_MMAP, (void *) &pkm); 402 } 403 #endif 404 if (error == 0) 405 td->td_retval[0] = (register_t) (addr + pageoff); 406 done: 407 if (fp) 408 fdrop(fp, td); 409 410 return (error); 411 } 412 413 int 414 freebsd6_mmap(struct thread *td, struct freebsd6_mmap_args *uap) 415 { 416 struct mmap_args oargs; 417 418 oargs.addr = uap->addr; 419 oargs.len = uap->len; 420 oargs.prot = uap->prot; 421 oargs.flags = uap->flags; 422 oargs.fd = uap->fd; 423 oargs.pos = uap->pos; 424 return (mmap(td, &oargs)); 425 } 426 427 #ifdef COMPAT_43 428 #ifndef _SYS_SYSPROTO_H_ 429 struct ommap_args { 430 caddr_t addr; 431 int len; 432 int prot; 433 int flags; 434 int fd; 435 long pos; 436 }; 437 #endif 438 int 439 ommap(td, uap) 440 struct thread *td; 441 struct ommap_args *uap; 442 { 443 struct mmap_args nargs; 444 static const char cvtbsdprot[8] = { 445 0, 446 PROT_EXEC, 447 PROT_WRITE, 448 PROT_EXEC | PROT_WRITE, 449 PROT_READ, 450 PROT_EXEC | PROT_READ, 451 PROT_WRITE | PROT_READ, 452 PROT_EXEC | PROT_WRITE | PROT_READ, 453 }; 454 455 #define OMAP_ANON 0x0002 456 #define OMAP_COPY 0x0020 457 #define OMAP_SHARED 0x0010 458 #define OMAP_FIXED 0x0100 459 460 nargs.addr = uap->addr; 461 nargs.len = uap->len; 462 nargs.prot = cvtbsdprot[uap->prot & 0x7]; 463 nargs.flags = 0; 464 if (uap->flags & OMAP_ANON) 465 nargs.flags |= MAP_ANON; 466 if (uap->flags & OMAP_COPY) 467 nargs.flags |= MAP_COPY; 468 if (uap->flags & OMAP_SHARED) 469 nargs.flags |= MAP_SHARED; 470 else 471 nargs.flags |= MAP_PRIVATE; 472 if (uap->flags & OMAP_FIXED) 473 nargs.flags |= MAP_FIXED; 474 nargs.fd = uap->fd; 475 nargs.pos = uap->pos; 476 return (mmap(td, &nargs)); 477 } 478 #endif /* COMPAT_43 */ 479 480 481 #ifndef _SYS_SYSPROTO_H_ 482 struct msync_args { 483 void *addr; 484 size_t len; 485 int flags; 486 }; 487 #endif 488 /* 489 * MPSAFE 490 */ 491 int 492 msync(td, uap) 493 struct thread *td; 494 struct msync_args *uap; 495 { 496 vm_offset_t addr; 497 vm_size_t size, pageoff; 498 int flags; 499 vm_map_t map; 500 int rv; 501 502 addr = (vm_offset_t) uap->addr; 503 size = uap->len; 504 flags = uap->flags; 505 506 pageoff = (addr & PAGE_MASK); 507 addr -= pageoff; 508 size += pageoff; 509 size = (vm_size_t) round_page(size); 510 if (addr + size < addr) 511 return (EINVAL); 512 513 if ((flags & (MS_ASYNC|MS_INVALIDATE)) == (MS_ASYNC|MS_INVALIDATE)) 514 return (EINVAL); 515 516 map = &td->td_proc->p_vmspace->vm_map; 517 518 /* 519 * Clean the pages and interpret the return value. 520 */ 521 rv = vm_map_sync(map, addr, addr + size, (flags & MS_ASYNC) == 0, 522 (flags & MS_INVALIDATE) != 0); 523 switch (rv) { 524 case KERN_SUCCESS: 525 return (0); 526 case KERN_INVALID_ADDRESS: 527 return (EINVAL); /* Sun returns ENOMEM? */ 528 case KERN_INVALID_ARGUMENT: 529 return (EBUSY); 530 default: 531 return (EINVAL); 532 } 533 } 534 535 #ifndef _SYS_SYSPROTO_H_ 536 struct munmap_args { 537 void *addr; 538 size_t len; 539 }; 540 #endif 541 /* 542 * MPSAFE 543 */ 544 int 545 munmap(td, uap) 546 struct thread *td; 547 struct munmap_args *uap; 548 { 549 #ifdef HWPMC_HOOKS 550 struct pmckern_map_out pkm; 551 vm_map_entry_t entry; 552 #endif 553 vm_offset_t addr; 554 vm_size_t size, pageoff; 555 vm_map_t map; 556 557 addr = (vm_offset_t) uap->addr; 558 size = uap->len; 559 if (size == 0) 560 return (EINVAL); 561 562 pageoff = (addr & PAGE_MASK); 563 addr -= pageoff; 564 size += pageoff; 565 size = (vm_size_t) round_page(size); 566 if (addr + size < addr) 567 return (EINVAL); 568 569 /* 570 * Check for illegal addresses. Watch out for address wrap... 571 */ 572 map = &td->td_proc->p_vmspace->vm_map; 573 if (addr < vm_map_min(map) || addr + size > vm_map_max(map)) 574 return (EINVAL); 575 vm_map_lock(map); 576 #ifdef HWPMC_HOOKS 577 /* 578 * Inform hwpmc if the address range being unmapped contains 579 * an executable region. 580 */ 581 if (vm_map_lookup_entry(map, addr, &entry)) { 582 for (; 583 entry != &map->header && entry->start < addr + size; 584 entry = entry->next) { 585 if (vm_map_check_protection(map, entry->start, 586 entry->end, VM_PROT_EXECUTE) == TRUE) { 587 pkm.pm_address = (uintptr_t) addr; 588 pkm.pm_size = (size_t) size; 589 PMC_CALL_HOOK(td, PMC_FN_MUNMAP, 590 (void *) &pkm); 591 break; 592 } 593 } 594 } 595 #endif 596 /* returns nothing but KERN_SUCCESS anyway */ 597 vm_map_delete(map, addr, addr + size); 598 vm_map_unlock(map); 599 return (0); 600 } 601 602 #ifndef _SYS_SYSPROTO_H_ 603 struct mprotect_args { 604 const void *addr; 605 size_t len; 606 int prot; 607 }; 608 #endif 609 /* 610 * MPSAFE 611 */ 612 int 613 mprotect(td, uap) 614 struct thread *td; 615 struct mprotect_args *uap; 616 { 617 vm_offset_t addr; 618 vm_size_t size, pageoff; 619 vm_prot_t prot; 620 621 addr = (vm_offset_t) uap->addr; 622 size = uap->len; 623 prot = uap->prot & VM_PROT_ALL; 624 #if defined(VM_PROT_READ_IS_EXEC) 625 if (prot & VM_PROT_READ) 626 prot |= VM_PROT_EXECUTE; 627 #endif 628 629 pageoff = (addr & PAGE_MASK); 630 addr -= pageoff; 631 size += pageoff; 632 size = (vm_size_t) round_page(size); 633 if (addr + size < addr) 634 return (EINVAL); 635 636 switch (vm_map_protect(&td->td_proc->p_vmspace->vm_map, addr, 637 addr + size, prot, FALSE)) { 638 case KERN_SUCCESS: 639 return (0); 640 case KERN_PROTECTION_FAILURE: 641 return (EACCES); 642 } 643 return (EINVAL); 644 } 645 646 #ifndef _SYS_SYSPROTO_H_ 647 struct minherit_args { 648 void *addr; 649 size_t len; 650 int inherit; 651 }; 652 #endif 653 /* 654 * MPSAFE 655 */ 656 int 657 minherit(td, uap) 658 struct thread *td; 659 struct minherit_args *uap; 660 { 661 vm_offset_t addr; 662 vm_size_t size, pageoff; 663 vm_inherit_t inherit; 664 665 addr = (vm_offset_t)uap->addr; 666 size = uap->len; 667 inherit = uap->inherit; 668 669 pageoff = (addr & PAGE_MASK); 670 addr -= pageoff; 671 size += pageoff; 672 size = (vm_size_t) round_page(size); 673 if (addr + size < addr) 674 return (EINVAL); 675 676 switch (vm_map_inherit(&td->td_proc->p_vmspace->vm_map, addr, 677 addr + size, inherit)) { 678 case KERN_SUCCESS: 679 return (0); 680 case KERN_PROTECTION_FAILURE: 681 return (EACCES); 682 } 683 return (EINVAL); 684 } 685 686 #ifndef _SYS_SYSPROTO_H_ 687 struct madvise_args { 688 void *addr; 689 size_t len; 690 int behav; 691 }; 692 #endif 693 694 /* 695 * MPSAFE 696 */ 697 /* ARGSUSED */ 698 int 699 madvise(td, uap) 700 struct thread *td; 701 struct madvise_args *uap; 702 { 703 vm_offset_t start, end; 704 vm_map_t map; 705 struct proc *p; 706 int error; 707 708 /* 709 * Check for our special case, advising the swap pager we are 710 * "immortal." 711 */ 712 if (uap->behav == MADV_PROTECT) { 713 error = priv_check(td, PRIV_VM_MADV_PROTECT); 714 if (error == 0) { 715 p = td->td_proc; 716 PROC_LOCK(p); 717 p->p_flag |= P_PROTECTED; 718 PROC_UNLOCK(p); 719 } 720 return (error); 721 } 722 /* 723 * Check for illegal behavior 724 */ 725 if (uap->behav < 0 || uap->behav > MADV_CORE) 726 return (EINVAL); 727 /* 728 * Check for illegal addresses. Watch out for address wrap... Note 729 * that VM_*_ADDRESS are not constants due to casts (argh). 730 */ 731 map = &td->td_proc->p_vmspace->vm_map; 732 if ((vm_offset_t)uap->addr < vm_map_min(map) || 733 (vm_offset_t)uap->addr + uap->len > vm_map_max(map)) 734 return (EINVAL); 735 if (((vm_offset_t) uap->addr + uap->len) < (vm_offset_t) uap->addr) 736 return (EINVAL); 737 738 /* 739 * Since this routine is only advisory, we default to conservative 740 * behavior. 741 */ 742 start = trunc_page((vm_offset_t) uap->addr); 743 end = round_page((vm_offset_t) uap->addr + uap->len); 744 745 if (vm_map_madvise(map, start, end, uap->behav)) 746 return (EINVAL); 747 return (0); 748 } 749 750 #ifndef _SYS_SYSPROTO_H_ 751 struct mincore_args { 752 const void *addr; 753 size_t len; 754 char *vec; 755 }; 756 #endif 757 758 /* 759 * MPSAFE 760 */ 761 /* ARGSUSED */ 762 int 763 mincore(td, uap) 764 struct thread *td; 765 struct mincore_args *uap; 766 { 767 vm_offset_t addr, first_addr; 768 vm_offset_t end, cend; 769 pmap_t pmap; 770 vm_map_t map; 771 char *vec; 772 int error = 0; 773 int vecindex, lastvecindex; 774 vm_map_entry_t current; 775 vm_map_entry_t entry; 776 int mincoreinfo; 777 unsigned int timestamp; 778 779 /* 780 * Make sure that the addresses presented are valid for user 781 * mode. 782 */ 783 first_addr = addr = trunc_page((vm_offset_t) uap->addr); 784 end = addr + (vm_size_t)round_page(uap->len); 785 map = &td->td_proc->p_vmspace->vm_map; 786 if (end > vm_map_max(map) || end < addr) 787 return (ENOMEM); 788 789 /* 790 * Address of byte vector 791 */ 792 vec = uap->vec; 793 794 pmap = vmspace_pmap(td->td_proc->p_vmspace); 795 796 vm_map_lock_read(map); 797 RestartScan: 798 timestamp = map->timestamp; 799 800 if (!vm_map_lookup_entry(map, addr, &entry)) { 801 vm_map_unlock_read(map); 802 return (ENOMEM); 803 } 804 805 /* 806 * Do this on a map entry basis so that if the pages are not 807 * in the current processes address space, we can easily look 808 * up the pages elsewhere. 809 */ 810 lastvecindex = -1; 811 for (current = entry; 812 (current != &map->header) && (current->start < end); 813 current = current->next) { 814 815 /* 816 * check for contiguity 817 */ 818 if (current->end < end && 819 (entry->next == &map->header || 820 current->next->start > current->end)) { 821 vm_map_unlock_read(map); 822 return (ENOMEM); 823 } 824 825 /* 826 * ignore submaps (for now) or null objects 827 */ 828 if ((current->eflags & MAP_ENTRY_IS_SUB_MAP) || 829 current->object.vm_object == NULL) 830 continue; 831 832 /* 833 * limit this scan to the current map entry and the 834 * limits for the mincore call 835 */ 836 if (addr < current->start) 837 addr = current->start; 838 cend = current->end; 839 if (cend > end) 840 cend = end; 841 842 /* 843 * scan this entry one page at a time 844 */ 845 while (addr < cend) { 846 /* 847 * Check pmap first, it is likely faster, also 848 * it can provide info as to whether we are the 849 * one referencing or modifying the page. 850 */ 851 mincoreinfo = pmap_mincore(pmap, addr); 852 if (!mincoreinfo) { 853 vm_pindex_t pindex; 854 vm_ooffset_t offset; 855 vm_page_t m; 856 /* 857 * calculate the page index into the object 858 */ 859 offset = current->offset + (addr - current->start); 860 pindex = OFF_TO_IDX(offset); 861 VM_OBJECT_LOCK(current->object.vm_object); 862 m = vm_page_lookup(current->object.vm_object, 863 pindex); 864 /* 865 * if the page is resident, then gather information about 866 * it. 867 */ 868 if (m != NULL && m->valid != 0) { 869 mincoreinfo = MINCORE_INCORE; 870 vm_page_lock_queues(); 871 if (m->dirty || 872 pmap_is_modified(m)) 873 mincoreinfo |= MINCORE_MODIFIED_OTHER; 874 if ((m->flags & PG_REFERENCED) || 875 pmap_ts_referenced(m)) { 876 vm_page_flag_set(m, PG_REFERENCED); 877 mincoreinfo |= MINCORE_REFERENCED_OTHER; 878 } 879 vm_page_unlock_queues(); 880 } 881 VM_OBJECT_UNLOCK(current->object.vm_object); 882 } 883 884 /* 885 * subyte may page fault. In case it needs to modify 886 * the map, we release the lock. 887 */ 888 vm_map_unlock_read(map); 889 890 /* 891 * calculate index into user supplied byte vector 892 */ 893 vecindex = OFF_TO_IDX(addr - first_addr); 894 895 /* 896 * If we have skipped map entries, we need to make sure that 897 * the byte vector is zeroed for those skipped entries. 898 */ 899 while ((lastvecindex + 1) < vecindex) { 900 error = subyte(vec + lastvecindex, 0); 901 if (error) { 902 error = EFAULT; 903 goto done2; 904 } 905 ++lastvecindex; 906 } 907 908 /* 909 * Pass the page information to the user 910 */ 911 error = subyte(vec + vecindex, mincoreinfo); 912 if (error) { 913 error = EFAULT; 914 goto done2; 915 } 916 917 /* 918 * If the map has changed, due to the subyte, the previous 919 * output may be invalid. 920 */ 921 vm_map_lock_read(map); 922 if (timestamp != map->timestamp) 923 goto RestartScan; 924 925 lastvecindex = vecindex; 926 addr += PAGE_SIZE; 927 } 928 } 929 930 /* 931 * subyte may page fault. In case it needs to modify 932 * the map, we release the lock. 933 */ 934 vm_map_unlock_read(map); 935 936 /* 937 * Zero the last entries in the byte vector. 938 */ 939 vecindex = OFF_TO_IDX(end - first_addr); 940 while ((lastvecindex + 1) < vecindex) { 941 error = subyte(vec + lastvecindex, 0); 942 if (error) { 943 error = EFAULT; 944 goto done2; 945 } 946 ++lastvecindex; 947 } 948 949 /* 950 * If the map has changed, due to the subyte, the previous 951 * output may be invalid. 952 */ 953 vm_map_lock_read(map); 954 if (timestamp != map->timestamp) 955 goto RestartScan; 956 vm_map_unlock_read(map); 957 done2: 958 return (error); 959 } 960 961 #ifndef _SYS_SYSPROTO_H_ 962 struct mlock_args { 963 const void *addr; 964 size_t len; 965 }; 966 #endif 967 /* 968 * MPSAFE 969 */ 970 int 971 mlock(td, uap) 972 struct thread *td; 973 struct mlock_args *uap; 974 { 975 struct proc *proc; 976 vm_offset_t addr, end, last, start; 977 vm_size_t npages, size; 978 int error; 979 980 error = priv_check(td, PRIV_VM_MLOCK); 981 if (error) 982 return (error); 983 addr = (vm_offset_t)uap->addr; 984 size = uap->len; 985 last = addr + size; 986 start = trunc_page(addr); 987 end = round_page(last); 988 if (last < addr || end < addr) 989 return (EINVAL); 990 npages = atop(end - start); 991 if (npages > vm_page_max_wired) 992 return (ENOMEM); 993 proc = td->td_proc; 994 PROC_LOCK(proc); 995 if (ptoa(npages + 996 pmap_wired_count(vm_map_pmap(&proc->p_vmspace->vm_map))) > 997 lim_cur(proc, RLIMIT_MEMLOCK)) { 998 PROC_UNLOCK(proc); 999 return (ENOMEM); 1000 } 1001 PROC_UNLOCK(proc); 1002 if (npages + cnt.v_wire_count > vm_page_max_wired) 1003 return (EAGAIN); 1004 error = vm_map_wire(&proc->p_vmspace->vm_map, start, end, 1005 VM_MAP_WIRE_USER | VM_MAP_WIRE_NOHOLES); 1006 return (error == KERN_SUCCESS ? 0 : ENOMEM); 1007 } 1008 1009 #ifndef _SYS_SYSPROTO_H_ 1010 struct mlockall_args { 1011 int how; 1012 }; 1013 #endif 1014 1015 /* 1016 * MPSAFE 1017 */ 1018 int 1019 mlockall(td, uap) 1020 struct thread *td; 1021 struct mlockall_args *uap; 1022 { 1023 vm_map_t map; 1024 int error; 1025 1026 map = &td->td_proc->p_vmspace->vm_map; 1027 error = 0; 1028 1029 if ((uap->how == 0) || ((uap->how & ~(MCL_CURRENT|MCL_FUTURE)) != 0)) 1030 return (EINVAL); 1031 1032 #if 0 1033 /* 1034 * If wiring all pages in the process would cause it to exceed 1035 * a hard resource limit, return ENOMEM. 1036 */ 1037 PROC_LOCK(td->td_proc); 1038 if (map->size - ptoa(pmap_wired_count(vm_map_pmap(map)) > 1039 lim_cur(td->td_proc, RLIMIT_MEMLOCK))) { 1040 PROC_UNLOCK(td->td_proc); 1041 return (ENOMEM); 1042 } 1043 PROC_UNLOCK(td->td_proc); 1044 #else 1045 error = priv_check(td, PRIV_VM_MLOCK); 1046 if (error) 1047 return (error); 1048 #endif 1049 1050 if (uap->how & MCL_FUTURE) { 1051 vm_map_lock(map); 1052 vm_map_modflags(map, MAP_WIREFUTURE, 0); 1053 vm_map_unlock(map); 1054 error = 0; 1055 } 1056 1057 if (uap->how & MCL_CURRENT) { 1058 /* 1059 * P1003.1-2001 mandates that all currently mapped pages 1060 * will be memory resident and locked (wired) upon return 1061 * from mlockall(). vm_map_wire() will wire pages, by 1062 * calling vm_fault_wire() for each page in the region. 1063 */ 1064 error = vm_map_wire(map, vm_map_min(map), vm_map_max(map), 1065 VM_MAP_WIRE_USER|VM_MAP_WIRE_HOLESOK); 1066 error = (error == KERN_SUCCESS ? 0 : EAGAIN); 1067 } 1068 1069 return (error); 1070 } 1071 1072 #ifndef _SYS_SYSPROTO_H_ 1073 struct munlockall_args { 1074 register_t dummy; 1075 }; 1076 #endif 1077 1078 /* 1079 * MPSAFE 1080 */ 1081 int 1082 munlockall(td, uap) 1083 struct thread *td; 1084 struct munlockall_args *uap; 1085 { 1086 vm_map_t map; 1087 int error; 1088 1089 map = &td->td_proc->p_vmspace->vm_map; 1090 error = priv_check(td, PRIV_VM_MUNLOCK); 1091 if (error) 1092 return (error); 1093 1094 /* Clear the MAP_WIREFUTURE flag from this vm_map. */ 1095 vm_map_lock(map); 1096 vm_map_modflags(map, 0, MAP_WIREFUTURE); 1097 vm_map_unlock(map); 1098 1099 /* Forcibly unwire all pages. */ 1100 error = vm_map_unwire(map, vm_map_min(map), vm_map_max(map), 1101 VM_MAP_WIRE_USER|VM_MAP_WIRE_HOLESOK); 1102 1103 return (error); 1104 } 1105 1106 #ifndef _SYS_SYSPROTO_H_ 1107 struct munlock_args { 1108 const void *addr; 1109 size_t len; 1110 }; 1111 #endif 1112 /* 1113 * MPSAFE 1114 */ 1115 int 1116 munlock(td, uap) 1117 struct thread *td; 1118 struct munlock_args *uap; 1119 { 1120 vm_offset_t addr, end, last, start; 1121 vm_size_t size; 1122 int error; 1123 1124 error = priv_check(td, PRIV_VM_MUNLOCK); 1125 if (error) 1126 return (error); 1127 addr = (vm_offset_t)uap->addr; 1128 size = uap->len; 1129 last = addr + size; 1130 start = trunc_page(addr); 1131 end = round_page(last); 1132 if (last < addr || end < addr) 1133 return (EINVAL); 1134 error = vm_map_unwire(&td->td_proc->p_vmspace->vm_map, start, end, 1135 VM_MAP_WIRE_USER | VM_MAP_WIRE_NOHOLES); 1136 return (error == KERN_SUCCESS ? 0 : ENOMEM); 1137 } 1138 1139 /* 1140 * vm_mmap_vnode() 1141 * 1142 * MPSAFE 1143 * 1144 * Helper function for vm_mmap. Perform sanity check specific for mmap 1145 * operations on vnodes. 1146 */ 1147 int 1148 vm_mmap_vnode(struct thread *td, vm_size_t objsize, 1149 vm_prot_t prot, vm_prot_t *maxprotp, int *flagsp, 1150 struct vnode *vp, vm_ooffset_t foff, vm_object_t *objp) 1151 { 1152 struct vattr va; 1153 void *handle; 1154 vm_object_t obj; 1155 struct mount *mp; 1156 struct cdevsw *dsw; 1157 int error, flags, type; 1158 int vfslocked; 1159 1160 mp = vp->v_mount; 1161 vfslocked = VFS_LOCK_GIANT(mp); 1162 if ((error = vget(vp, LK_EXCLUSIVE, td)) != 0) { 1163 VFS_UNLOCK_GIANT(vfslocked); 1164 return (error); 1165 } 1166 flags = *flagsp; 1167 obj = vp->v_object; 1168 if (vp->v_type == VREG) { 1169 /* 1170 * Get the proper underlying object 1171 */ 1172 if (obj == NULL) { 1173 error = EINVAL; 1174 goto done; 1175 } 1176 if (obj->handle != vp) { 1177 vput(vp); 1178 vp = (struct vnode*)obj->handle; 1179 vget(vp, LK_EXCLUSIVE, td); 1180 } 1181 type = OBJT_VNODE; 1182 handle = vp; 1183 } else if (vp->v_type == VCHR) { 1184 type = OBJT_DEVICE; 1185 handle = vp->v_rdev; 1186 1187 dsw = dev_refthread(handle); 1188 if (dsw == NULL) { 1189 error = ENXIO; 1190 goto done; 1191 } 1192 if (dsw->d_flags & D_MMAP_ANON) { 1193 dev_relthread(handle); 1194 *maxprotp = VM_PROT_ALL; 1195 *flagsp |= MAP_ANON; 1196 error = 0; 1197 goto done; 1198 } 1199 dev_relthread(handle); 1200 /* 1201 * cdevs does not provide private mappings of any kind. 1202 */ 1203 if ((*maxprotp & VM_PROT_WRITE) == 0 && 1204 (prot & PROT_WRITE) != 0) { 1205 error = EACCES; 1206 goto done; 1207 } 1208 if (flags & (MAP_PRIVATE|MAP_COPY)) { 1209 error = EINVAL; 1210 goto done; 1211 } 1212 /* 1213 * Force device mappings to be shared. 1214 */ 1215 flags |= MAP_SHARED; 1216 } else { 1217 error = EINVAL; 1218 goto done; 1219 } 1220 if ((error = VOP_GETATTR(vp, &va, td->td_ucred, td))) { 1221 goto done; 1222 } 1223 #ifdef MAC 1224 error = mac_vnode_check_mmap(td->td_ucred, vp, prot, flags); 1225 if (error != 0) 1226 goto done; 1227 #endif 1228 if ((flags & MAP_SHARED) != 0) { 1229 if ((va.va_flags & (SF_SNAPSHOT|IMMUTABLE|APPEND)) != 0) { 1230 if (prot & PROT_WRITE) { 1231 error = EPERM; 1232 goto done; 1233 } 1234 *maxprotp &= ~VM_PROT_WRITE; 1235 } 1236 } 1237 /* 1238 * If it is a regular file without any references 1239 * we do not need to sync it. 1240 * Adjust object size to be the size of actual file. 1241 */ 1242 if (vp->v_type == VREG) { 1243 objsize = round_page(va.va_size); 1244 if (va.va_nlink == 0) 1245 flags |= MAP_NOSYNC; 1246 } 1247 obj = vm_pager_allocate(type, handle, objsize, prot, foff); 1248 if (obj == NULL) { 1249 error = (type == OBJT_DEVICE ? EINVAL : ENOMEM); 1250 goto done; 1251 } 1252 *objp = obj; 1253 *flagsp = flags; 1254 vfs_mark_atime(vp, td); 1255 1256 done: 1257 vput(vp); 1258 VFS_UNLOCK_GIANT(vfslocked); 1259 return (error); 1260 } 1261 1262 /* 1263 * vm_mmap_cdev() 1264 * 1265 * MPSAFE 1266 * 1267 * Helper function for vm_mmap. Perform sanity check specific for mmap 1268 * operations on cdevs. 1269 */ 1270 int 1271 vm_mmap_cdev(struct thread *td, vm_size_t objsize, 1272 vm_prot_t prot, vm_prot_t *maxprotp, int *flagsp, 1273 struct cdev *cdev, vm_ooffset_t foff, vm_object_t *objp) 1274 { 1275 vm_object_t obj; 1276 struct cdevsw *dsw; 1277 int flags; 1278 1279 flags = *flagsp; 1280 1281 dsw = dev_refthread(cdev); 1282 if (dsw == NULL) 1283 return (ENXIO); 1284 if (dsw->d_flags & D_MMAP_ANON) { 1285 dev_relthread(cdev); 1286 *maxprotp = VM_PROT_ALL; 1287 *flagsp |= MAP_ANON; 1288 return (0); 1289 } 1290 dev_relthread(cdev); 1291 /* 1292 * cdevs does not provide private mappings of any kind. 1293 */ 1294 if ((*maxprotp & VM_PROT_WRITE) == 0 && 1295 (prot & PROT_WRITE) != 0) 1296 return (EACCES); 1297 if (flags & (MAP_PRIVATE|MAP_COPY)) 1298 return (EINVAL); 1299 /* 1300 * Force device mappings to be shared. 1301 */ 1302 flags |= MAP_SHARED; 1303 #ifdef MAC_XXX 1304 error = mac_check_cdev_mmap(td->td_ucred, cdev, prot); 1305 if (error != 0) 1306 return (error); 1307 #endif 1308 obj = vm_pager_allocate(OBJT_DEVICE, cdev, objsize, prot, foff); 1309 if (obj == NULL) 1310 return (EINVAL); 1311 *objp = obj; 1312 *flagsp = flags; 1313 return (0); 1314 } 1315 1316 /* 1317 * vm_mmap_shm() 1318 * 1319 * MPSAFE 1320 * 1321 * Helper function for vm_mmap. Perform sanity check specific for mmap 1322 * operations on shm file descriptors. 1323 */ 1324 int 1325 vm_mmap_shm(struct thread *td, vm_size_t objsize, 1326 vm_prot_t prot, vm_prot_t *maxprotp, int *flagsp, 1327 struct shmfd *shmfd, vm_ooffset_t foff, vm_object_t *objp) 1328 { 1329 int error; 1330 1331 if ((*maxprotp & VM_PROT_WRITE) == 0 && 1332 (prot & PROT_WRITE) != 0) 1333 return (EACCES); 1334 #ifdef MAC 1335 error = mac_posixshm_check_mmap(td->td_ucred, shmfd, prot, *flagsp); 1336 if (error != 0) 1337 return (error); 1338 #endif 1339 error = shm_mmap(shmfd, objsize, foff, objp); 1340 if (error) 1341 return (error); 1342 return (0); 1343 } 1344 1345 /* 1346 * vm_mmap() 1347 * 1348 * MPSAFE 1349 * 1350 * Internal version of mmap. Currently used by mmap, exec, and sys5 1351 * shared memory. Handle is either a vnode pointer or NULL for MAP_ANON. 1352 */ 1353 int 1354 vm_mmap(vm_map_t map, vm_offset_t *addr, vm_size_t size, vm_prot_t prot, 1355 vm_prot_t maxprot, int flags, 1356 objtype_t handle_type, void *handle, 1357 vm_ooffset_t foff) 1358 { 1359 boolean_t fitit; 1360 vm_object_t object = NULL; 1361 int rv = KERN_SUCCESS; 1362 int docow, error; 1363 struct thread *td = curthread; 1364 1365 if (size == 0) 1366 return (0); 1367 1368 size = round_page(size); 1369 1370 PROC_LOCK(td->td_proc); 1371 if (td->td_proc->p_vmspace->vm_map.size + size > 1372 lim_cur(td->td_proc, RLIMIT_VMEM)) { 1373 PROC_UNLOCK(td->td_proc); 1374 return(ENOMEM); 1375 } 1376 PROC_UNLOCK(td->td_proc); 1377 1378 /* 1379 * We currently can only deal with page aligned file offsets. 1380 * The check is here rather than in the syscall because the 1381 * kernel calls this function internally for other mmaping 1382 * operations (such as in exec) and non-aligned offsets will 1383 * cause pmap inconsistencies...so we want to be sure to 1384 * disallow this in all cases. 1385 */ 1386 if (foff & PAGE_MASK) 1387 return (EINVAL); 1388 1389 if ((flags & MAP_FIXED) == 0) { 1390 fitit = TRUE; 1391 *addr = round_page(*addr); 1392 } else { 1393 if (*addr != trunc_page(*addr)) 1394 return (EINVAL); 1395 fitit = FALSE; 1396 } 1397 /* 1398 * Lookup/allocate object. 1399 */ 1400 switch (handle_type) { 1401 case OBJT_DEVICE: 1402 error = vm_mmap_cdev(td, size, prot, &maxprot, &flags, 1403 handle, foff, &object); 1404 break; 1405 case OBJT_VNODE: 1406 error = vm_mmap_vnode(td, size, prot, &maxprot, &flags, 1407 handle, foff, &object); 1408 break; 1409 case OBJT_SWAP: 1410 error = vm_mmap_shm(td, size, prot, &maxprot, &flags, 1411 handle, foff, &object); 1412 break; 1413 case OBJT_DEFAULT: 1414 if (handle == NULL) { 1415 error = 0; 1416 break; 1417 } 1418 /* FALLTHROUGH */ 1419 default: 1420 error = EINVAL; 1421 break; 1422 } 1423 if (error) 1424 return (error); 1425 if (flags & MAP_ANON) { 1426 object = NULL; 1427 docow = 0; 1428 /* 1429 * Unnamed anonymous regions always start at 0. 1430 */ 1431 if (handle == 0) 1432 foff = 0; 1433 } else { 1434 docow = MAP_PREFAULT_PARTIAL; 1435 } 1436 1437 if ((flags & (MAP_ANON|MAP_SHARED)) == 0) 1438 docow |= MAP_COPY_ON_WRITE; 1439 if (flags & MAP_NOSYNC) 1440 docow |= MAP_DISABLE_SYNCER; 1441 if (flags & MAP_NOCORE) 1442 docow |= MAP_DISABLE_COREDUMP; 1443 1444 #if defined(VM_PROT_READ_IS_EXEC) 1445 if (prot & VM_PROT_READ) 1446 prot |= VM_PROT_EXECUTE; 1447 1448 if (maxprot & VM_PROT_READ) 1449 maxprot |= VM_PROT_EXECUTE; 1450 #endif 1451 1452 if (flags & MAP_STACK) 1453 rv = vm_map_stack(map, *addr, size, prot, maxprot, 1454 docow | MAP_STACK_GROWS_DOWN); 1455 else if (fitit) 1456 rv = vm_map_find(map, object, foff, addr, size, 1457 object != NULL && object->type == OBJT_DEVICE ? 1458 VMFS_ALIGNED_SPACE : VMFS_ANY_SPACE, prot, maxprot, docow); 1459 else 1460 rv = vm_map_fixed(map, object, foff, *addr, size, 1461 prot, maxprot, docow); 1462 1463 if (rv != KERN_SUCCESS) { 1464 /* 1465 * Lose the object reference. Will destroy the 1466 * object if it's an unnamed anonymous mapping 1467 * or named anonymous without other references. 1468 */ 1469 vm_object_deallocate(object); 1470 } else if (flags & MAP_SHARED) { 1471 /* 1472 * Shared memory is also shared with children. 1473 */ 1474 rv = vm_map_inherit(map, *addr, *addr + size, VM_INHERIT_SHARE); 1475 if (rv != KERN_SUCCESS) 1476 (void) vm_map_remove(map, *addr, *addr + size); 1477 } 1478 1479 /* 1480 * If the process has requested that all future mappings 1481 * be wired, then heed this. 1482 */ 1483 if ((rv == KERN_SUCCESS) && (map->flags & MAP_WIREFUTURE)) 1484 vm_map_wire(map, *addr, *addr + size, 1485 VM_MAP_WIRE_USER|VM_MAP_WIRE_NOHOLES); 1486 1487 switch (rv) { 1488 case KERN_SUCCESS: 1489 return (0); 1490 case KERN_INVALID_ADDRESS: 1491 case KERN_NO_SPACE: 1492 return (ENOMEM); 1493 case KERN_PROTECTION_FAILURE: 1494 return (EACCES); 1495 default: 1496 return (EINVAL); 1497 } 1498 } 1499