1 /*-
2 * Copyright (c) 2004 Tim J. Robbins
3 * Copyright (c) 2002 Doug Rabson
4 * Copyright (c) 2000 Marcel Moolenaar
5 * Copyright (c) 1994-1995 Søren Schmidt
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer
13 * in this position and unchanged.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. The name of the author may not be used to endorse or promote products
18 * derived from this software without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
21 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
22 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
23 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
24 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
25 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
29 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 *
31 * $FreeBSD: releng/11.0/sys/compat/linux/linux_mmap.c 303007 2016-07-18 16:38:06Z dchagin $
32 */
33
34 #include <sys/cdefs.h>
35 __FBSDID("$FreeBSD: releng/11.0/sys/compat/linux/linux_mmap.c 303007 2016-07-18 16:38:06Z dchagin $");
36
37 #include <sys/capsicum.h>
38 #include <sys/file.h>
39 #include <sys/imgact.h>
40 #include <sys/ktr.h>
41 #include <sys/mman.h>
42 #include <sys/proc.h>
43 #include <sys/resourcevar.h>
44 #include <sys/sysent.h>
45 #include <sys/sysproto.h>
46
47 #include <vm/pmap.h>
48 #include <vm/vm_map.h>
49
50 #include <compat/linux/linux_emul.h>
51 #include <compat/linux/linux_mmap.h>
52 #include <compat/linux/linux_persona.h>
53 #include <compat/linux/linux_util.h>
54
55
56 #define STACK_SIZE (2 * 1024 * 1024)
57 #define GUARD_SIZE (4 * PAGE_SIZE)
58
59 #if defined(__amd64__)
60 static void linux_fixup_prot(struct thread *td, int *prot);
61 #endif
62
63
64 int
65 linux_mmap_common(struct thread *td, uintptr_t addr, size_t len, int prot,
66 int flags, int fd, off_t pos)
67 {
68 struct proc *p = td->td_proc;
69 struct vmspace *vms = td->td_proc->p_vmspace;
70 struct mmap_args /* {
71 caddr_t addr;
72 size_t len;
73 int prot;
74 int flags;
75 int fd;
76 off_t pos;
77 } */ bsd_args;
78 int error;
79 struct file *fp;
80
81 cap_rights_t rights;
82 LINUX_CTR6(mmap2, "0x%lx, %ld, %ld, 0x%08lx, %ld, 0x%lx",
83 addr, len, prot, flags, fd, pos);
84
85 error = 0;
86 bsd_args.flags = 0;
87 fp = NULL;
88
89 /*
90 * Linux mmap(2):
91 * You must specify exactly one of MAP_SHARED and MAP_PRIVATE
92 */
93 if (!((flags & LINUX_MAP_SHARED) ^ (flags & LINUX_MAP_PRIVATE)))
94 return (EINVAL);
95
96 if (flags & LINUX_MAP_SHARED)
97 bsd_args.flags |= MAP_SHARED;
98 if (flags & LINUX_MAP_PRIVATE)
99 bsd_args.flags |= MAP_PRIVATE;
100 if (flags & LINUX_MAP_FIXED)
101 bsd_args.flags |= MAP_FIXED;
102 if (flags & LINUX_MAP_ANON) {
103 /* Enforce pos to be on page boundary, then ignore. */
104 if ((pos & PAGE_MASK) != 0)
105 return (EINVAL);
106 pos = 0;
107 bsd_args.flags |= MAP_ANON;
108 } else
109 bsd_args.flags |= MAP_NOSYNC;
110 if (flags & LINUX_MAP_GROWSDOWN)
111 bsd_args.flags |= MAP_STACK;
112
113 /*
114 * PROT_READ, PROT_WRITE, or PROT_EXEC implies PROT_READ and PROT_EXEC
115 * on Linux/i386 if the binary requires executable stack.
116 * We do this only for IA32 emulation as on native i386 this is does not
117 * make sense without PAE.
118 *
119 * XXX. Linux checks that the file system is not mounted with noexec.
120 */
121 bsd_args.prot = prot;
122 #if defined(__amd64__)
123 linux_fixup_prot(td, &bsd_args.prot);
124 #endif
125
126 /* Linux does not check file descriptor when MAP_ANONYMOUS is set. */
127 bsd_args.fd = (bsd_args.flags & MAP_ANON) ? -1 : fd;
128 if (bsd_args.fd != -1) {
129 /*
130 * Linux follows Solaris mmap(2) description:
131 * The file descriptor fildes is opened with
132 * read permission, regardless of the
133 * protection options specified.
134 */
135
136 error = fget(td, bsd_args.fd,
137 cap_rights_init(&rights, CAP_MMAP), &fp);
138 if (error != 0)
139 return (error);
140 if (fp->f_type != DTYPE_VNODE) {
141 fdrop(fp, td);
142 return (EINVAL);
143 }
144
145 /* Linux mmap() just fails for O_WRONLY files */
146 if (!(fp->f_flag & FREAD)) {
147 fdrop(fp, td);
148 return (EACCES);
149 }
150
151 fdrop(fp, td);
152 }
153
154 if (flags & LINUX_MAP_GROWSDOWN) {
155 /*
156 * The Linux MAP_GROWSDOWN option does not limit auto
157 * growth of the region. Linux mmap with this option
158 * takes as addr the initial BOS, and as len, the initial
159 * region size. It can then grow down from addr without
160 * limit. However, Linux threads has an implicit internal
161 * limit to stack size of STACK_SIZE. Its just not
162 * enforced explicitly in Linux. But, here we impose
163 * a limit of (STACK_SIZE - GUARD_SIZE) on the stack
164 * region, since we can do this with our mmap.
165 *
166 * Our mmap with MAP_STACK takes addr as the maximum
167 * downsize limit on BOS, and as len the max size of
168 * the region. It then maps the top SGROWSIZ bytes,
169 * and auto grows the region down, up to the limit
170 * in addr.
171 *
172 * If we don't use the MAP_STACK option, the effect
173 * of this code is to allocate a stack region of a
174 * fixed size of (STACK_SIZE - GUARD_SIZE).
175 */
176
177 if ((caddr_t)addr + len > vms->vm_maxsaddr) {
178 /*
179 * Some Linux apps will attempt to mmap
180 * thread stacks near the top of their
181 * address space. If their TOS is greater
182 * than vm_maxsaddr, vm_map_growstack()
183 * will confuse the thread stack with the
184 * process stack and deliver a SEGV if they
185 * attempt to grow the thread stack past their
186 * current stacksize rlimit. To avoid this,
187 * adjust vm_maxsaddr upwards to reflect
188 * the current stacksize rlimit rather
189 * than the maximum possible stacksize.
190 * It would be better to adjust the
191 * mmap'ed region, but some apps do not check
192 * mmap's return value.
193 */
194 PROC_LOCK(p);
195 vms->vm_maxsaddr = (char *)p->p_sysent->sv_usrstack -
196 lim_cur_proc(p, RLIMIT_STACK);
197 PROC_UNLOCK(p);
198 }
199
200 /*
201 * This gives us our maximum stack size and a new BOS.
202 * If we're using VM_STACK, then mmap will just map
203 * the top SGROWSIZ bytes, and let the stack grow down
204 * to the limit at BOS. If we're not using VM_STACK
205 * we map the full stack, since we don't have a way
206 * to autogrow it.
207 */
208 if (len > STACK_SIZE - GUARD_SIZE) {
209 bsd_args.addr = (caddr_t)addr;
210 bsd_args.len = len;
211 } else {
212 bsd_args.addr = (caddr_t)addr -
213 (STACK_SIZE - GUARD_SIZE - len);
214 bsd_args.len = STACK_SIZE - GUARD_SIZE;
215 }
216 } else {
217 bsd_args.addr = (caddr_t)addr;
218 bsd_args.len = len;
219 }
220 bsd_args.pos = pos;
221
222 error = sys_mmap(td, &bsd_args);
223
224 LINUX_CTR2(mmap2, "return: %d (%p)", error, td->td_retval[0]);
225
226 return (error);
227 }
228
229 int
230 linux_mprotect_common(struct thread *td, uintptr_t addr, size_t len, int prot)
231 {
232 struct mprotect_args bsd_args;
233
234 bsd_args.addr = (void *)addr;
235 bsd_args.len = len;
236 bsd_args.prot = prot;
237
238 #if defined(__amd64__)
239 linux_fixup_prot(td, &bsd_args.prot);
240 #endif
241 return (sys_mprotect(td, &bsd_args));
242 }
243
244 #if defined(__amd64__)
245 static void
246 linux_fixup_prot(struct thread *td, int *prot)
247 {
248 struct linux_pemuldata *pem;
249
250 if (SV_PROC_FLAG(td->td_proc, SV_ILP32) && *prot & PROT_READ) {
251 pem = pem_find(td->td_proc);
252 if (pem->persona & LINUX_READ_IMPLIES_EXEC)
253 *prot |= PROT_EXEC;
254 }
255
256 }
257 #endif
Cache object: d81058d32880adffe67231cbd488f9a1
|