From eaee9424a120c289abc3eeeff331cb0d45efe971 Mon Sep 17 00:00:00 2001 From: Samuel Thibault Date: Thu, 9 Jul 2015 14:13:25 +0200 Subject: Allow non-privileged tasks to wire 64KiB task memory * doc/mach.texi (vm_wire): Document that the host port does not have to be privileged. * include/mach/mach_hosts.defs (vm_wire): Use mach_port_t instead of host_priv_t. * vm/vm_map.h (vm_map): Add user_wired field. * vm/vm_map.c (vm_map_setup): Initialize user_wired field to 0. (vm_map_pageable_common, vm_map_entry_delete, vm_map_copy_overwrite, vm_map_copyout_page_list, vm_map_copyin_page_list): When switching user_wired_count field of entry between 0 and non-0, accumulate the corresponding size into the user_wired field of map. * vm/vm_user.c (vm_wire): Turn host parameter into port parameter, and inline a version of convert_port_to_host_priv which records whether the host port is privileged or not. When it is not privileged, check whether the additional amount to user_wired will overcome 64KiB. --- doc/mach.texi | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'doc') diff --git a/doc/mach.texi b/doc/mach.texi index 59872c9..6fc79f7 100644 --- a/doc/mach.texi +++ b/doc/mach.texi @@ -3241,14 +3241,15 @@ successfully set and @code{KERN_INVALID_ADDRESS} if an invalid or non-allocated address was specified. @end deftypefun -@deftypefun kern_return_t vm_wire (@w{host_priv_t @var{host_priv}}, @w{vm_task_t @var{target_task}}, @w{vm_address_t @var{address}}, @w{vm_size_t @var{size}}, @w{vm_prot_t @var{access}}) -The function @code{vm_wire} allows privileged applications to control -memory pageability. @var{host_priv} is the privileged host port for the +@deftypefun kern_return_t vm_wire (@w{host_t @var{host}}, @w{vm_task_t @var{target_task}}, @w{vm_address_t @var{address}}, @w{vm_size_t @var{size}}, @w{vm_prot_t @var{access}}) +The function @code{vm_wire} allows applications to control +memory pageability. @var{host} is the host port for the host on which @var{target_task} resides. @var{address} is the starting address, which will be rounded down to a page boundary. @var{size} is the size in bytes of the region for which protection is to change, and will be rounded up to give a page boundary. @var{access} specifies the -types of accesses that must not cause page faults. +types of accesses that must not cause page faults. If the host port is +not privileged, the amount of memory is limited per task. The semantics of a successful @code{vm_wire} operation are that memory in the specified range will not cause page faults for any accesses @@ -3257,7 +3258,7 @@ access argument of @code{VM_PROT_READ | VM_PROT_WRITE}. A special case is that @code{VM_PROT_NONE} makes the memory pageable. The function returns @code{KERN_SUCCESS} if the call succeeded, -@code{KERN_INVALID_HOST} if @var{host_priv} was not the privileged host +@code{KERN_INVALID_HOST} if @var{host} was not a valid host port, @code{KERN_INVALID_TASK} if @var{task} was not a valid task, @code{KERN_INVALID_VALUE} if @var{access} specified an invalid access mode, @code{KERN_FAILURE} if some memory in the specified range is not @@ -3265,7 +3266,7 @@ present or has an inappropriate protection value, and @code{KERN_INVALID_ARGUMENT} if unwiring (@var{access} is @code{VM_PROT_NONE}) and the memory is not already wired. -The @code{vm_wire} call is actually an RPC to @var{host_priv}, normally +The @code{vm_wire} call is actually an RPC to @var{host}, normally a send right for a privileged host port, but potentially any send right. In addition to the normal diagnostic return codes from the call's server (normally the kernel), the call may return @code{mach_msg} return codes. -- cgit v1.2.3