From owner-svn-src-all@freebsd.org Mon Feb 27 11:27:48 2017 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C542ECEF44D; Mon, 27 Feb 2017 11:27:48 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 933A6A65; Mon, 27 Feb 2017 11:27:48 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v1RBRllX037488; Mon, 27 Feb 2017 11:27:47 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v1RBRkYG037478; Mon, 27 Feb 2017 11:27:46 GMT (envelope-from kib@FreeBSD.org) Message-Id: <201702271127.v1RBRkYG037478@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Mon, 27 Feb 2017 11:27:46 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r314334 - in stable/11/sys: compat/cloudabi compat/freebsd32 compat/linux kern sys vm X-SVN-Group: stable-11 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Feb 2017 11:27:48 -0000 Author: kib Date: Mon Feb 27 11:27:46 2017 New Revision: 314334 URL: https://svnweb.freebsd.org/changeset/base/314334 Log: MFC kern_mmap(9) and related helpers. MFC r302514 (by rwatson): Audit file-descriptor arguments to I/O system calls such as read(2), write(2), dup(2), and mmap(2). MFC r302524 (by rwatson): When mmap(2) is used with a vnode, capture vnode attributes in the audit trail. MFC r313352 (by trasz): Add kern_vm_mmap2(), kern_vm_mprotect(), kern_vm_msync(), kern_vm_munlock(), kern_vm_munmap(), and kern_vm_madvise(). MFC r313655: Change type of the prot parameter for kern_vm_mmap() from vm_prot_t to int. MFC r313696: Rework r313352. Modified: stable/11/sys/compat/cloudabi/cloudabi_mem.c stable/11/sys/compat/freebsd32/freebsd32_misc.c stable/11/sys/compat/linux/linux_misc.c stable/11/sys/compat/linux/linux_mmap.c stable/11/sys/kern/kern_descrip.c stable/11/sys/kern/sys_generic.c stable/11/sys/kern/vfs_aio.c stable/11/sys/sys/syscallsubr.h stable/11/sys/vm/vm_extern.h stable/11/sys/vm/vm_mmap.c Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/compat/cloudabi/cloudabi_mem.c ============================================================================== --- stable/11/sys/compat/cloudabi/cloudabi_mem.c Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/compat/cloudabi/cloudabi_mem.c Mon Feb 27 11:27:46 2017 (r314334) @@ -28,7 +28,8 @@ __FBSDID("$FreeBSD$"); #include #include -#include +#include +#include #include @@ -62,137 +63,116 @@ int cloudabi_sys_mem_advise(struct thread *td, struct cloudabi_sys_mem_advise_args *uap) { - struct madvise_args madvise_args = { - .addr = uap->addr, - .len = uap->len - }; + int behav; switch (uap->advice) { case CLOUDABI_ADVICE_DONTNEED: - madvise_args.behav = MADV_DONTNEED; + behav = MADV_DONTNEED; break; case CLOUDABI_ADVICE_NORMAL: - madvise_args.behav = MADV_NORMAL; + behav = MADV_NORMAL; break; case CLOUDABI_ADVICE_RANDOM: - madvise_args.behav = MADV_RANDOM; + behav = MADV_RANDOM; break; case CLOUDABI_ADVICE_SEQUENTIAL: - madvise_args.behav = MADV_SEQUENTIAL; + behav = MADV_SEQUENTIAL; break; case CLOUDABI_ADVICE_WILLNEED: - madvise_args.behav = MADV_WILLNEED; + behav = MADV_WILLNEED; break; default: return (EINVAL); } - return (sys_madvise(td, &madvise_args)); + return (kern_madvise(td, (uintptr_t)uap->addr, uap->len, + behav)); } int cloudabi_sys_mem_lock(struct thread *td, struct cloudabi_sys_mem_lock_args *uap) { - struct mlock_args mlock_args = { - .addr = uap->addr, - .len = uap->len - }; - return (sys_mlock(td, &mlock_args)); + return (kern_mlock(td->td_proc, td->td_ucred, + __DECONST(uintptr_t, uap->addr), uap->len)); } int cloudabi_sys_mem_map(struct thread *td, struct cloudabi_sys_mem_map_args *uap) { - struct mmap_args mmap_args = { - .addr = uap->addr, - .len = uap->len, - .fd = uap->fd, - .pos = uap->off - }; - int error; + int error, flags, prot; /* Translate flags. */ + flags = 0; if (uap->flags & CLOUDABI_MAP_ANON) - mmap_args.flags |= MAP_ANON; + flags |= MAP_ANON; if (uap->flags & CLOUDABI_MAP_FIXED) - mmap_args.flags |= MAP_FIXED; + flags |= MAP_FIXED; if (uap->flags & CLOUDABI_MAP_PRIVATE) - mmap_args.flags |= MAP_PRIVATE; + flags |= MAP_PRIVATE; if (uap->flags & CLOUDABI_MAP_SHARED) - mmap_args.flags |= MAP_SHARED; + flags |= MAP_SHARED; /* Translate protection. */ - error = convert_mprot(uap->prot, &mmap_args.prot); + error = convert_mprot(uap->prot, &prot); if (error != 0) return (error); - return (sys_mmap(td, &mmap_args)); + return (kern_mmap(td, (uintptr_t)uap->addr, uap->len, prot, flags, + uap->fd, uap->off)); } int cloudabi_sys_mem_protect(struct thread *td, struct cloudabi_sys_mem_protect_args *uap) { - struct mprotect_args mprotect_args = { - .addr = uap->addr, - .len = uap->len, - }; - int error; + int error, prot; /* Translate protection. */ - error = convert_mprot(uap->prot, &mprotect_args.prot); + error = convert_mprot(uap->prot, &prot); if (error != 0) return (error); - return (sys_mprotect(td, &mprotect_args)); + return (kern_mprotect(td, (uintptr_t)uap->addr, uap->len, + prot)); } int cloudabi_sys_mem_sync(struct thread *td, struct cloudabi_sys_mem_sync_args *uap) { - struct msync_args msync_args = { - .addr = uap->addr, - .len = uap->len, - }; + int flags; /* Convert flags. */ switch (uap->flags & (CLOUDABI_MS_ASYNC | CLOUDABI_MS_SYNC)) { case CLOUDABI_MS_ASYNC: - msync_args.flags |= MS_ASYNC; + flags = MS_ASYNC; break; case CLOUDABI_MS_SYNC: - msync_args.flags |= MS_SYNC; + flags = MS_SYNC; break; default: return (EINVAL); } if ((uap->flags & CLOUDABI_MS_INVALIDATE) != 0) - msync_args.flags |= MS_INVALIDATE; + flags |= MS_INVALIDATE; - return (sys_msync(td, &msync_args)); + return (kern_msync(td, (uintptr_t)uap->addr, uap->len, + flags)); } int cloudabi_sys_mem_unlock(struct thread *td, struct cloudabi_sys_mem_unlock_args *uap) { - struct munlock_args munlock_args = { - .addr = uap->addr, - .len = uap->len - }; - return (sys_munlock(td, &munlock_args)); + return (kern_munlock(td, __DECONST(uintptr_t, uap->addr), + uap->len)); } int cloudabi_sys_mem_unmap(struct thread *td, struct cloudabi_sys_mem_unmap_args *uap) { - struct munmap_args munmap_args = { - .addr = uap->addr, - .len = uap->len - }; - return (sys_munmap(td, &munmap_args)); + return (kern_munmap(td, (uintptr_t)uap->addr, uap->len)); } Modified: stable/11/sys/compat/freebsd32/freebsd32_misc.c ============================================================================== --- stable/11/sys/compat/freebsd32/freebsd32_misc.c Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/compat/freebsd32/freebsd32_misc.c Mon Feb 27 11:27:46 2017 (r314334) @@ -449,42 +449,30 @@ freebsd32_fexecve(struct thread *td, str int freebsd32_mprotect(struct thread *td, struct freebsd32_mprotect_args *uap) { - struct mprotect_args ap; + int prot; - ap.addr = PTRIN(uap->addr); - ap.len = uap->len; - ap.prot = uap->prot; + prot = uap->prot; #if defined(__amd64__) - if (i386_read_exec && (ap.prot & PROT_READ) != 0) - ap.prot |= PROT_EXEC; + if (i386_read_exec && (prot & PROT_READ) != 0) + prot |= PROT_EXEC; #endif - return (sys_mprotect(td, &ap)); + return (kern_mprotect(td, (uintptr_t)PTRIN(uap->addr), uap->len, + prot)); } int freebsd32_mmap(struct thread *td, struct freebsd32_mmap_args *uap) { - struct mmap_args ap; - vm_offset_t addr = (vm_offset_t) uap->addr; - vm_size_t len = uap->len; - int prot = uap->prot; - int flags = uap->flags; - int fd = uap->fd; - off_t pos = PAIR32TO64(off_t,uap->pos); + int prot; + prot = uap->prot; #if defined(__amd64__) if (i386_read_exec && (prot & PROT_READ)) prot |= PROT_EXEC; #endif - ap.addr = (void *) addr; - ap.len = len; - ap.prot = prot; - ap.flags = flags; - ap.fd = fd; - ap.pos = pos; - - return (sys_mmap(td, &ap)); + return (kern_mmap(td, (uintptr_t)uap->addr, uap->len, prot, + uap->flags, uap->fd, PAIR32TO64(off_t, uap->pos))); } #ifdef COMPAT_FREEBSD6 @@ -492,17 +480,16 @@ int freebsd6_freebsd32_mmap(struct thread *td, struct freebsd6_freebsd32_mmap_args *uap) { - struct freebsd32_mmap_args ap; + int prot; - ap.addr = uap->addr; - ap.len = uap->len; - ap.prot = uap->prot; - ap.flags = uap->flags; - ap.fd = uap->fd; - ap.pos1 = uap->pos1; - ap.pos2 = uap->pos2; + prot = uap->prot; +#if defined(__amd64__) + if (i386_read_exec && (prot & PROT_READ)) + prot |= PROT_EXEC; +#endif - return (freebsd32_mmap(td, &ap)); + return (kern_mmap(td, (uintptr_t)uap->addr, uap->len, prot, + uap->flags, uap->fd, PAIR32TO64(off_t, uap->pos))); } #endif Modified: stable/11/sys/compat/linux/linux_misc.c ============================================================================== --- stable/11/sys/compat/linux/linux_misc.c Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/compat/linux/linux_misc.c Mon Feb 27 11:27:46 2017 (r314334) @@ -585,10 +585,8 @@ select_out: int linux_mremap(struct thread *td, struct linux_mremap_args *args) { - struct munmap_args /* { - void *addr; - size_t len; - } */ bsd_args; + uintptr_t addr; + size_t len; int error = 0; #ifdef DEBUG @@ -623,10 +621,9 @@ linux_mremap(struct thread *td, struct l } if (args->new_len < args->old_len) { - bsd_args.addr = - (caddr_t)((uintptr_t)args->addr + args->new_len); - bsd_args.len = args->old_len - args->new_len; - error = sys_munmap(td, &bsd_args); + addr = args->addr + args->new_len; + len = args->old_len - args->new_len; + error = kern_munmap(td, addr, len); } td->td_retval[0] = error ? 0 : (uintptr_t)args->addr; @@ -640,13 +637,9 @@ linux_mremap(struct thread *td, struct l int linux_msync(struct thread *td, struct linux_msync_args *args) { - struct msync_args bsd_args; - bsd_args.addr = (caddr_t)(uintptr_t)args->addr; - bsd_args.len = (uintptr_t)args->len; - bsd_args.flags = args->fl & ~LINUX_MS_SYNC; - - return (sys_msync(td, &bsd_args)); + return (kern_msync(td, args->addr, args->len, + args->fl & ~LINUX_MS_SYNC)); } int Modified: stable/11/sys/compat/linux/linux_mmap.c ============================================================================== --- stable/11/sys/compat/linux/linux_mmap.c Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/compat/linux/linux_mmap.c Mon Feb 27 11:27:46 2017 (r314334) @@ -41,10 +41,12 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include +#include #include #include @@ -67,15 +69,7 @@ linux_mmap_common(struct thread *td, uin { struct proc *p = td->td_proc; struct vmspace *vms = td->td_proc->p_vmspace; - struct mmap_args /* { - caddr_t addr; - size_t len; - int prot; - int flags; - int fd; - off_t pos; - } */ bsd_args; - int error; + int bsd_flags, error; struct file *fp; cap_rights_t rights; @@ -83,7 +77,7 @@ linux_mmap_common(struct thread *td, uin addr, len, prot, flags, fd, pos); error = 0; - bsd_args.flags = 0; + bsd_flags = 0; fp = NULL; /* @@ -94,21 +88,21 @@ linux_mmap_common(struct thread *td, uin return (EINVAL); if (flags & LINUX_MAP_SHARED) - bsd_args.flags |= MAP_SHARED; + bsd_flags |= MAP_SHARED; if (flags & LINUX_MAP_PRIVATE) - bsd_args.flags |= MAP_PRIVATE; + bsd_flags |= MAP_PRIVATE; if (flags & LINUX_MAP_FIXED) - bsd_args.flags |= MAP_FIXED; + bsd_flags |= MAP_FIXED; if (flags & LINUX_MAP_ANON) { /* Enforce pos to be on page boundary, then ignore. */ if ((pos & PAGE_MASK) != 0) return (EINVAL); pos = 0; - bsd_args.flags |= MAP_ANON; + bsd_flags |= MAP_ANON; } else - bsd_args.flags |= MAP_NOSYNC; + bsd_flags |= MAP_NOSYNC; if (flags & LINUX_MAP_GROWSDOWN) - bsd_args.flags |= MAP_STACK; + bsd_flags |= MAP_STACK; /* * PROT_READ, PROT_WRITE, or PROT_EXEC implies PROT_READ and PROT_EXEC @@ -118,14 +112,13 @@ linux_mmap_common(struct thread *td, uin * * XXX. Linux checks that the file system is not mounted with noexec. */ - bsd_args.prot = prot; #if defined(__amd64__) - linux_fixup_prot(td, &bsd_args.prot); + linux_fixup_prot(td, &prot); #endif /* Linux does not check file descriptor when MAP_ANONYMOUS is set. */ - bsd_args.fd = (bsd_args.flags & MAP_ANON) ? -1 : fd; - if (bsd_args.fd != -1) { + fd = (bsd_flags & MAP_ANON) ? -1 : fd; + if (fd != -1) { /* * Linux follows Solaris mmap(2) description: * The file descriptor fildes is opened with @@ -133,8 +126,7 @@ linux_mmap_common(struct thread *td, uin * protection options specified. */ - error = fget(td, bsd_args.fd, - cap_rights_init(&rights, CAP_MMAP), &fp); + error = fget(td, fd, cap_rights_init(&rights, CAP_MMAP), &fp); if (error != 0) return (error); if (fp->f_type != DTYPE_VNODE) { @@ -205,21 +197,13 @@ linux_mmap_common(struct thread *td, uin * we map the full stack, since we don't have a way * to autogrow it. */ - if (len > STACK_SIZE - GUARD_SIZE) { - bsd_args.addr = (caddr_t)addr; - bsd_args.len = len; - } else { - bsd_args.addr = (caddr_t)addr - - (STACK_SIZE - GUARD_SIZE - len); - bsd_args.len = STACK_SIZE - GUARD_SIZE; + if (len <= STACK_SIZE - GUARD_SIZE) { + addr = addr - (STACK_SIZE - GUARD_SIZE - len); + len = STACK_SIZE - GUARD_SIZE; } - } else { - bsd_args.addr = (caddr_t)addr; - bsd_args.len = len; } - bsd_args.pos = pos; - error = sys_mmap(td, &bsd_args); + error = kern_mmap(td, addr, len, prot, bsd_flags, fd, pos); LINUX_CTR2(mmap2, "return: %d (%p)", error, td->td_retval[0]); @@ -229,16 +213,11 @@ linux_mmap_common(struct thread *td, uin int linux_mprotect_common(struct thread *td, uintptr_t addr, size_t len, int prot) { - struct mprotect_args bsd_args; - - bsd_args.addr = (void *)addr; - bsd_args.len = len; - bsd_args.prot = prot; #if defined(__amd64__) - linux_fixup_prot(td, &bsd_args.prot); + linux_fixup_prot(td, &prot); #endif - return (sys_mprotect(td, &bsd_args)); + return (kern_mprotect(td, addr, len, prot)); } #if defined(__amd64__) Modified: stable/11/sys/kern/kern_descrip.c ============================================================================== --- stable/11/sys/kern/kern_descrip.c Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/kern/kern_descrip.c Mon Feb 27 11:27:46 2017 (r314334) @@ -820,6 +820,9 @@ kern_dup(struct thread *td, u_int mode, MPASS((flags & ~(FDDUP_FLAG_CLOEXEC)) == 0); MPASS(mode < FDDUP_LASTMODE); + AUDIT_ARG_FD(old); + /* XXXRW: if (flags & FDDUP_FIXED) AUDIT_ARG_FD2(new); */ + /* * Verify we have a valid descriptor to dup from and possibly to * dup to. Unlike dup() and dup2(), fcntl()'s F_DUPFD should Modified: stable/11/sys/kern/sys_generic.c ============================================================================== --- stable/11/sys/kern/sys_generic.c Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/kern/sys_generic.c Mon Feb 27 11:27:46 2017 (r314334) @@ -363,6 +363,8 @@ dofileread(td, fd, fp, auio, offset, fla struct uio *ktruio = NULL; #endif + AUDIT_ARG_FD(fd); + /* Finish zero length reads right here */ if (auio->uio_resid == 0) { td->td_retval[0] = 0; @@ -576,6 +578,7 @@ dofilewrite(td, fd, fp, auio, offset, fl struct uio *ktruio = NULL; #endif + AUDIT_ARG_FD(fd); auio->uio_rw = UIO_WRITE; auio->uio_td = td; auio->uio_offset = offset; Modified: stable/11/sys/kern/vfs_aio.c ============================================================================== --- stable/11/sys/kern/vfs_aio.c Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/kern/vfs_aio.c Mon Feb 27 11:27:46 2017 (r314334) @@ -45,6 +45,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -858,12 +859,9 @@ aio_process_mlock(struct kaiocb *job) ("%s: opcode %d", __func__, job->uaiocb.aio_lio_opcode)); aio_switch_vmspace(job); - error = vm_mlock(job->userproc, job->cred, - __DEVOLATILE(void *, cb->aio_buf), cb->aio_nbytes); - if (error) - aio_complete(job, -1, error); - else - aio_complete(job, 0, 0); + error = kern_mlock(job->userproc, job->cred, + __DEVOLATILE(uintptr_t, cb->aio_buf), cb->aio_nbytes); + aio_complete(job, error != 0 ? -1 : 0, error); } static void Modified: stable/11/sys/sys/syscallsubr.h ============================================================================== --- stable/11/sys/sys/syscallsubr.h Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/sys/syscallsubr.h Mon Feb 27 11:27:46 2017 (r314334) @@ -138,15 +138,24 @@ int kern_linkat(struct thread *td, int f char *path2, enum uio_seg segflg, int follow); int kern_lutimes(struct thread *td, char *path, enum uio_seg pathseg, struct timeval *tptr, enum uio_seg tptrseg); +int kern_madvise(struct thread *td, uintptr_t addr, size_t len, int behav); int kern_mkdirat(struct thread *td, int fd, char *path, enum uio_seg segflg, int mode); int kern_mkfifoat(struct thread *td, int fd, char *path, enum uio_seg pathseg, int mode); int kern_mknodat(struct thread *td, int fd, char *path, enum uio_seg pathseg, int mode, int dev); +int kern_mlock(struct proc *proc, struct ucred *cred, uintptr_t addr, + size_t len); +int kern_mmap(struct thread *td, uintptr_t addr, size_t size, int prot, + int flags, int fd, off_t pos); +int kern_mprotect(struct thread *td, uintptr_t addr, size_t size, int prot); int kern_msgctl(struct thread *, int, int, struct msqid_ds *); int kern_msgrcv(struct thread *, int, void *, size_t, long, int, long *); int kern_msgsnd(struct thread *, int, const void *, size_t, int, long); +int kern_msync(struct thread *td, uintptr_t addr, size_t size, int flags); +int kern_munlock(struct thread *td, uintptr_t addr, size_t size); +int kern_munmap(struct thread *td, uintptr_t addr, size_t size); int kern_nanosleep(struct thread *td, struct timespec *rqt, struct timespec *rmt); int kern_ogetdirentries(struct thread *td, struct ogetdirentries_args *uap, Modified: stable/11/sys/vm/vm_extern.h ============================================================================== --- stable/11/sys/vm/vm_extern.h Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/vm/vm_extern.h Mon Feb 27 11:27:46 2017 (r314334) @@ -114,6 +114,5 @@ struct sf_buf *vm_imgact_map_page(vm_obj void vm_imgact_unmap_page(struct sf_buf *sf); void vm_thread_dispose(struct thread *td); int vm_thread_new(struct thread *td, int pages); -int vm_mlock(struct proc *, struct ucred *, const void *, size_t); #endif /* _KERNEL */ #endif /* !_VM_EXTERN_H_ */ Modified: stable/11/sys/vm/vm_mmap.c ============================================================================== --- stable/11/sys/vm/vm_mmap.c Mon Feb 27 11:10:36 2017 (r314333) +++ stable/11/sys/vm/vm_mmap.c Mon Feb 27 11:27:46 2017 (r314334) @@ -74,6 +74,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include @@ -169,26 +170,29 @@ struct mmap_args { #endif int -sys_mmap(td, uap) - struct thread *td; - struct mmap_args *uap; +sys_mmap(struct thread *td, struct mmap_args *uap) { + + return (kern_mmap(td, (uintptr_t)uap->addr, uap->len, uap->prot, + uap->flags, uap->fd, uap->pos)); +} + +int +kern_mmap(struct thread *td, uintptr_t addr0, size_t size, int prot, int flags, + int fd, off_t pos) +{ + struct vmspace *vms; struct file *fp; vm_offset_t addr; - vm_size_t size, pageoff; + vm_size_t pageoff; vm_prot_t cap_maxprot; - int align, error, flags, prot; - off_t pos; - struct vmspace *vms = td->td_proc->p_vmspace; + int align, error; cap_rights_t rights; - addr = (vm_offset_t) uap->addr; - size = uap->len; - prot = uap->prot; - flags = uap->flags; - pos = uap->pos; - + vms = td->td_proc->p_vmspace; fp = NULL; + AUDIT_ARG_FD(fd); + addr = addr0; /* * Ignore old flags that used to be defined but did not do anything. @@ -205,8 +209,8 @@ sys_mmap(td, uap) * pos. */ if (!SV_CURPROC_FLAG(SV_AOUT)) { - if ((uap->len == 0 && curproc->p_osrel >= P_OSREL_MAP_ANON) || - ((flags & MAP_ANON) != 0 && (uap->fd != -1 || pos != 0))) + if ((size == 0 && curproc->p_osrel >= P_OSREL_MAP_ANON) || + ((flags & MAP_ANON) != 0 && (fd != -1 || pos != 0))) return (EINVAL); } else { if ((flags & MAP_ANON) != 0) @@ -214,7 +218,7 @@ sys_mmap(td, uap) } if (flags & MAP_STACK) { - if ((uap->fd != -1) || + if ((fd != -1) || ((prot & (PROT_READ | PROT_WRITE)) != (PROT_READ | PROT_WRITE))) return (EINVAL); flags |= MAP_ANON; @@ -334,7 +338,7 @@ sys_mmap(td, uap) } if (prot & PROT_EXEC) cap_rights_set(&rights, CAP_MMAP_X); - error = fget_mmap(td, uap->fd, &rights, &cap_maxprot, &fp); + error = fget_mmap(td, fd, &rights, &cap_maxprot, &fp); if (error != 0) goto done; if ((flags & (MAP_SHARED | MAP_PRIVATE)) == 0 && @@ -361,15 +365,9 @@ done: int freebsd6_mmap(struct thread *td, struct freebsd6_mmap_args *uap) { - struct mmap_args oargs; - oargs.addr = uap->addr; - oargs.len = uap->len; - oargs.prot = uap->prot; - oargs.flags = uap->flags; - oargs.fd = uap->fd; - oargs.pos = uap->pos; - return (sys_mmap(td, &oargs)); + return (kern_mmap(td, (uintptr_t)uap->addr, uap->len, uap->prot, + uap->flags, uap->fd, uap->pos)); } #endif @@ -385,11 +383,8 @@ struct ommap_args { }; #endif int -ommap(td, uap) - struct thread *td; - struct ommap_args *uap; +ommap(struct thread *td, struct ommap_args *uap) { - struct mmap_args nargs; static const char cvtbsdprot[8] = { 0, PROT_EXEC, @@ -400,36 +395,34 @@ ommap(td, uap) PROT_WRITE | PROT_READ, PROT_EXEC | PROT_WRITE | PROT_READ, }; + int flags, prot; #define OMAP_ANON 0x0002 #define OMAP_COPY 0x0020 #define OMAP_SHARED 0x0010 #define OMAP_FIXED 0x0100 - nargs.addr = uap->addr; - nargs.len = uap->len; - nargs.prot = cvtbsdprot[uap->prot & 0x7]; + prot = cvtbsdprot[uap->prot & 0x7]; #ifdef COMPAT_FREEBSD32 #if defined(__amd64__) if (i386_read_exec && SV_PROC_FLAG(td->td_proc, SV_ILP32) && - nargs.prot != 0) - nargs.prot |= PROT_EXEC; + prot != 0) + prot |= PROT_EXEC; #endif #endif - nargs.flags = 0; + flags = 0; if (uap->flags & OMAP_ANON) - nargs.flags |= MAP_ANON; + flags |= MAP_ANON; if (uap->flags & OMAP_COPY) - nargs.flags |= MAP_COPY; + flags |= MAP_COPY; if (uap->flags & OMAP_SHARED) - nargs.flags |= MAP_SHARED; + flags |= MAP_SHARED; else - nargs.flags |= MAP_PRIVATE; + flags |= MAP_PRIVATE; if (uap->flags & OMAP_FIXED) - nargs.flags |= MAP_FIXED; - nargs.fd = uap->fd; - nargs.pos = uap->pos; - return (sys_mmap(td, &nargs)); + flags |= MAP_FIXED; + return (kern_mmap(td, (uintptr_t)uap->addr, uap->len, prot, flags, + uap->fd, uap->pos)); } #endif /* COMPAT_43 */ @@ -442,20 +435,21 @@ struct msync_args { }; #endif int -sys_msync(td, uap) - struct thread *td; - struct msync_args *uap; +sys_msync(struct thread *td, struct msync_args *uap) +{ + + return (kern_msync(td, (uintptr_t)uap->addr, uap->len, uap->flags)); +} + +int +kern_msync(struct thread *td, uintptr_t addr0, size_t size, int flags) { vm_offset_t addr; - vm_size_t size, pageoff; - int flags; + vm_size_t pageoff; vm_map_t map; int rv; - addr = (vm_offset_t) uap->addr; - size = uap->len; - flags = uap->flags; - + addr = addr0; pageoff = (addr & PAGE_MASK); addr -= pageoff; size += pageoff; @@ -494,23 +488,27 @@ struct munmap_args { }; #endif int -sys_munmap(td, uap) - struct thread *td; - struct munmap_args *uap; +sys_munmap(struct thread *td, struct munmap_args *uap) +{ + + return (kern_munmap(td, (uintptr_t)uap->addr, uap->len)); +} + +int +kern_munmap(struct thread *td, uintptr_t addr0, size_t size) { #ifdef HWPMC_HOOKS struct pmckern_map_out pkm; vm_map_entry_t entry; #endif vm_offset_t addr; - vm_size_t size, pageoff; + vm_size_t pageoff; vm_map_t map; - addr = (vm_offset_t) uap->addr; - size = uap->len; if (size == 0) return (EINVAL); + addr = addr0; pageoff = (addr & PAGE_MASK); addr -= pageoff; size += pageoff; @@ -567,18 +565,20 @@ struct mprotect_args { }; #endif int -sys_mprotect(td, uap) - struct thread *td; - struct mprotect_args *uap; +sys_mprotect(struct thread *td, struct mprotect_args *uap) { - vm_offset_t addr; - vm_size_t size, pageoff; - vm_prot_t prot; - addr = (vm_offset_t) uap->addr; - size = uap->len; - prot = uap->prot & VM_PROT_ALL; + return (kern_mprotect(td, (uintptr_t)uap->addr, uap->len, uap->prot)); +} +int +kern_mprotect(struct thread *td, uintptr_t addr0, size_t size, int prot) +{ + vm_offset_t addr; + vm_size_t pageoff; + + addr = addr0; + prot = (prot & VM_PROT_ALL); pageoff = (addr & PAGE_MASK); addr -= pageoff; size += pageoff; @@ -644,15 +644,22 @@ struct madvise_args { int sys_madvise(struct thread *td, struct madvise_args *uap) { - vm_offset_t start, end; + + return (kern_madvise(td, (uintptr_t)uap->addr, uap->len, uap->behav)); +} + +int +kern_madvise(struct thread *td, uintptr_t addr0, size_t len, int behav) +{ vm_map_t map; + vm_offset_t addr, end, start; int flags; /* * Check for our special case, advising the swap pager we are * "immortal." */ - if (uap->behav == MADV_PROTECT) { + if (behav == MADV_PROTECT) { flags = PPROT_SET; return (kern_procctl(td, P_PID, td->td_proc->p_pid, PROC_SPROTECT, &flags)); @@ -661,27 +668,27 @@ sys_madvise(struct thread *td, struct ma /* * Check for illegal behavior */ - if (uap->behav < 0 || uap->behav > MADV_CORE) + if (behav < 0 || behav > MADV_CORE) return (EINVAL); /* * Check for illegal addresses. Watch out for address wrap... Note * that VM_*_ADDRESS are not constants due to casts (argh). */ map = &td->td_proc->p_vmspace->vm_map; - if ((vm_offset_t)uap->addr < vm_map_min(map) || - (vm_offset_t)uap->addr + uap->len > vm_map_max(map)) + addr = addr0; + if (addr < vm_map_min(map) || addr + len > vm_map_max(map)) return (EINVAL); - if (((vm_offset_t) uap->addr + uap->len) < (vm_offset_t) uap->addr) + if ((addr + len) < addr) return (EINVAL); /* * Since this routine is only advisory, we default to conservative * behavior. */ - start = trunc_page((vm_offset_t) uap->addr); - end = round_page((vm_offset_t) uap->addr + uap->len); + start = trunc_page(addr); + end = round_page(addr + len); - if (vm_map_madvise(map, start, end, uap->behav)) + if (vm_map_madvise(map, start, end, behav)) return (EINVAL); return (0); } @@ -952,11 +959,12 @@ int sys_mlock(struct thread *td, struct mlock_args *uap) { - return (vm_mlock(td->td_proc, td->td_ucred, uap->addr, uap->len)); + return (kern_mlock(td->td_proc, td->td_ucred, + __DECONST(uintptr_t, uap->addr), uap->len)); } int -vm_mlock(struct proc *proc, struct ucred *cred, const void *addr0, size_t len) +kern_mlock(struct proc *proc, struct ucred *cred, uintptr_t addr0, size_t len) { vm_offset_t addr, end, last, start; vm_size_t npages, size; @@ -967,7 +975,7 @@ vm_mlock(struct proc *proc, struct ucred error = priv_check_cred(cred, PRIV_VM_MLOCK, 0); if (error) return (error); - addr = (vm_offset_t)addr0; + addr = addr0; size = len; last = addr + size; start = trunc_page(addr); @@ -1124,12 +1132,16 @@ struct munlock_args { }; #endif int -sys_munlock(td, uap) - struct thread *td; - struct munlock_args *uap; +sys_munlock(struct thread *td, struct munlock_args *uap) +{ + + return (kern_munlock(td, (uintptr_t)uap->addr, uap->len)); +} + +int +kern_munlock(struct thread *td, uintptr_t addr0, size_t size) { vm_offset_t addr, end, last, start; - vm_size_t size; #ifdef RACCT vm_map_t map; #endif @@ -1138,8 +1150,7 @@ sys_munlock(td, uap) error = priv_check(td, PRIV_VM_MUNLOCK); if (error) return (error); - addr = (vm_offset_t)uap->addr; - size = uap->len; + addr = addr0; last = addr + size; start = trunc_page(addr); end = round_page(last); @@ -1184,6 +1195,7 @@ vm_mmap_vnode(struct thread *td, vm_size locktype = LK_SHARED; if ((error = vget(vp, locktype, td)) != 0) return (error); + AUDIT_ARG_VNODE1(vp); foff = *foffp; flags = *flagsp; obj = vp->v_object;