1 /*
2 * Copyright (c) 2023 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 #ifndef _VM_VM_MAP_XNU_H_
30 #define _VM_VM_MAP_XNU_H_
31
32 #ifdef XNU_KERNEL_PRIVATE
33
34 #include <sys/cdefs.h>
35 #include <vm/vm_map.h>
36
37
38 __BEGIN_DECLS
39
40 extern void vm_map_reference(vm_map_t map);
41 extern vm_map_t current_map(void);
42
43 /* Setup reserved areas in a new VM map */
44 extern kern_return_t vm_map_exec(
45 vm_map_t new_map,
46 task_t task,
47 boolean_t is64bit,
48 void *fsroot,
49 cpu_type_t cpu,
50 cpu_subtype_t cpu_subtype,
51 boolean_t reslide,
52 boolean_t is_driverkit,
53 uint32_t rsr_version);
54
55
56
57 #ifdef MACH_KERNEL_PRIVATE
58
59 #define current_map_fast() (current_thread()->map)
60 #define current_map() (current_map_fast())
61
62 /*
63 * Types defined:
64 *
65 * vm_map_t the high-level address map data structure.
66 * vm_map_entry_t an entry in an address map.
67 * vm_map_version_t a timestamp of a map, for use with vm_map_lookup
68 * vm_map_copy_t represents memory copied from an address map,
69 * used for inter-map copy operations
70 */
71 typedef struct vm_map_entry *vm_map_entry_t;
72 #define VM_MAP_ENTRY_NULL ((vm_map_entry_t) NULL)
73
74
75 #define named_entry_lock_init(object) lck_mtx_init(&(object)->Lock, &vm_object_lck_grp, &vm_object_lck_attr)
76 #define named_entry_lock_destroy(object) lck_mtx_destroy(&(object)->Lock, &vm_object_lck_grp)
77 #define named_entry_lock(object) lck_mtx_lock(&(object)->Lock)
78 #define named_entry_unlock(object) lck_mtx_unlock(&(object)->Lock)
79
80 /*
81 * Type: vm_named_entry_t [internal use only]
82 *
83 * Description:
84 * Description of a mapping to a memory cache object.
85 *
86 * Implementation:
87 * While the handle to this object is used as a means to map
88 * and pass around the right to map regions backed by pagers
89 * of all sorts, the named_entry itself is only manipulated
90 * by the kernel. Named entries hold information on the
91 * right to map a region of a cached object. Namely,
92 * the target cache object, the beginning and ending of the
93 * region to be mapped, and the permissions, (read, write)
94 * with which it can be mapped.
95 *
96 */
97
98 struct vm_named_entry {
99 decl_lck_mtx_data(, Lock); /* Synchronization */
100 union {
101 vm_map_t map; /* map backing submap */
102 vm_map_copy_t copy; /* a VM map copy */
103 } backing;
104 vm_object_offset_t offset; /* offset into object */
105 vm_object_size_t size; /* size of region */
106 vm_object_offset_t data_offset; /* offset to first byte of data */
107 unsigned int /* Is backing.xxx : */
108 /* unsigned */ access:8, /* MAP_MEM_* */
109 /* vm_prot_t */ protection:4, /* access permissions */
110 /* boolean_t */ is_object:1, /* ... a VM object (wrapped in a VM map copy) */
111 /* boolean_t */ internal:1, /* ... an internal object */
112 /* boolean_t */ is_sub_map:1, /* ... a submap? */
113 /* boolean_t */ is_copy:1, /* ... a VM map copy */
114 /* boolean_t */ is_fully_owned:1; /* ... all objects are owned */
115 #if VM_NAMED_ENTRY_DEBUG
116 uint32_t named_entry_bt; /* btref_t */
117 #endif /* VM_NAMED_ENTRY_DEBUG */
118 };
119
120 /*
121 * Bit 3 of the protection and max_protection bitfields in a vm_map_entry
122 * does not correspond to bit 3 of a vm_prot_t, so these macros provide a means
123 * to convert between the "packed" representation in the vm_map_entry's fields
124 * and the equivalent bits defined in vm_prot_t.
125 */
126 #if defined(__x86_64__)
127 #define VM_VALID_VMPROTECT_FLAGS (VM_PROT_ALL | VM_PROT_COPY | VM_PROT_UEXEC)
128 #else
129 #define VM_VALID_VMPROTECT_FLAGS (VM_PROT_ALL | VM_PROT_COPY)
130 #endif
131
132 /*
133 * FOOTPRINT ACCOUNTING:
134 * The "memory footprint" is better described in the pmap layer.
135 *
136 * At the VM level, these 2 vm_map_entry_t fields are relevant:
137 * iokit_mapped:
138 * For an "iokit_mapped" entry, we add the size of the entry to the
139 * footprint when the entry is entered into the map and we subtract that
140 * size when the entry is removed. No other accounting should take place.
141 * "use_pmap" should be FALSE but is not taken into account.
142 * use_pmap: (only when is_sub_map is FALSE)
143 * This indicates if we should ask the pmap layer to account for pages
144 * in this mapping. If FALSE, we expect that another form of accounting
145 * is being used (e.g. "iokit_mapped" or the explicit accounting of
146 * non-volatile purgable memory).
147 *
148 * So the logic is mostly:
149 * if entry->is_sub_map == TRUE
150 * anything in a submap does not count for the footprint
151 * else if entry->iokit_mapped == TRUE
152 * footprint includes the entire virtual size of this entry
153 * else if entry->use_pmap == FALSE
154 * tell pmap NOT to account for pages being pmap_enter()'d from this
155 * mapping (i.e. use "alternate accounting")
156 * else
157 * pmap will account for pages being pmap_enter()'d from this mapping
158 * as it sees fit (only if anonymous, etc...)
159 */
160
161 #define VME_ALIAS_BITS 12
162 #define VME_ALIAS_MASK ((1u << VME_ALIAS_BITS) - 1)
163 #define VME_OFFSET_SHIFT VME_ALIAS_BITS
164 #define VME_OFFSET_BITS (64 - VME_ALIAS_BITS)
165 #define VME_SUBMAP_SHIFT 2
166 #define VME_SUBMAP_BITS (sizeof(vm_offset_t) * 8 - VME_SUBMAP_SHIFT)
167
168 struct vm_map_entry {
169 struct vm_map_links links; /* links to other entries */
170 #define vme_prev links.prev
171 #define vme_next links.next
172 #define vme_start links.start
173 #define vme_end links.end
174
175 struct vm_map_store store;
176
177 union {
178 vm_offset_t vme_object_value;
179 struct {
180 vm_offset_t vme_atomic:1; /* entry cannot be split/coalesced */
181 vm_offset_t is_sub_map:1; /* Is "object" a submap? */
182 vm_offset_t vme_submap:VME_SUBMAP_BITS;
183 };
184 struct {
185 uint32_t vme_ctx_atomic : 1;
186 uint32_t vme_ctx_is_sub_map : 1;
187 uint32_t vme_context : 30;
188
189 /**
190 * If vme_kernel_object==1 && KASAN,
191 * vme_object_or_delta holds the delta.
192 *
193 * If vme_kernel_object==1 && !KASAN,
194 * vme_tag_btref holds a btref when vme_alias is equal to the "vmtaglog"
195 * boot-arg.
196 *
197 * If vme_kernel_object==0,
198 * vme_object_or_delta holds the packed vm object.
199 */
200 union {
201 vm_page_object_t vme_object_or_delta;
202 btref_t vme_tag_btref;
203 };
204 };
205 };
206
207 unsigned long long
208 /* vm_tag_t */ vme_alias:VME_ALIAS_BITS, /* entry VM tag */
209 /* vm_object_offset_t*/ vme_offset:VME_OFFSET_BITS, /* offset into object */
210
211 /* boolean_t */ is_shared:1, /* region is shared */
212 /* boolean_t */__unused1:1,
213 /* boolean_t */in_transition:1, /* Entry being changed */
214 /* boolean_t */ needs_wakeup:1, /* Waiters on in_transition */
215 /* behavior is not defined for submap type */
216 /* vm_behavior_t */ behavior:2, /* user paging behavior hint */
217 /* boolean_t */ needs_copy:1, /* object need to be copied? */
218
219 /* Only in task maps: */
220 #if defined(__arm64e__)
221 /*
222 * On ARM, the fourth protection bit is unused (UEXEC is x86_64 only).
223 * We reuse it here to keep track of mappings that have hardware support
224 * for read-only/read-write trusted paths.
225 */
226 /* vm_prot_t-like */ protection:3, /* protection code */
227 /* boolean_t */ used_for_tpro:1,
228 #else /* __arm64e__ */
229 /* vm_prot_t-like */protection:4, /* protection code, bit3=UEXEC */
230 #endif /* __arm64e__ */
231
232 /* vm_prot_t-like */ max_protection:4, /* maximum protection, bit3=UEXEC */
233 /* vm_inherit_t */ inheritance:2, /* inheritance */
234
235 /*
236 * use_pmap is overloaded:
237 * if "is_sub_map":
238 * use a nested pmap?
239 * else (i.e. if object):
240 * use pmap accounting
241 * for footprint?
242 */
243 /* boolean_t */ use_pmap:1,
244 /* boolean_t */ no_cache:1, /* should new pages be cached? */
245 /* boolean_t */ vme_permanent:1, /* mapping can not be removed */
246 /* boolean_t */ superpage_size:1, /* use superpages of a certain size */
247 /* boolean_t */ map_aligned:1, /* align to map's page size */
248 /*
249 * zero out the wired pages of this entry
250 * if is being deleted without unwiring them
251 */
252 /* boolean_t */ zero_wired_pages:1,
253 /* boolean_t */ used_for_jit:1,
254 /* boolean_t */ csm_associated:1, /* code signing monitor will validate */
255
256 /* iokit accounting: use the virtual size rather than resident size: */
257 /* boolean_t */ iokit_acct:1,
258 /* boolean_t */ vme_resilient_codesign:1,
259 /* boolean_t */ vme_resilient_media:1,
260 /* boolean_t */ vme_xnu_user_debug:1,
261 /* boolean_t */ vme_no_copy_on_read:1,
262 /* boolean_t */ translated_allow_execute:1, /* execute in translated processes */
263 /* boolean_t */ vme_kernel_object:1; /* vme_object is a kernel_object */
264
265 unsigned short wired_count; /* can be paged if = 0 */
266 unsigned short user_wired_count; /* for vm_wire */
267
268 #if DEBUG
269 #define MAP_ENTRY_CREATION_DEBUG (1)
270 #define MAP_ENTRY_INSERTION_DEBUG (1)
271 #endif /* DEBUG */
272 #if MAP_ENTRY_CREATION_DEBUG
273 struct vm_map_header *vme_creation_maphdr;
274 uint32_t vme_creation_bt; /* btref_t */
275 #endif /* MAP_ENTRY_CREATION_DEBUG */
276 #if MAP_ENTRY_INSERTION_DEBUG
277 uint32_t vme_insertion_bt; /* btref_t */
278 vm_map_offset_t vme_start_original;
279 vm_map_offset_t vme_end_original;
280 #endif /* MAP_ENTRY_INSERTION_DEBUG */
281 };
282
283 #define VME_ALIAS(entry) \
284 ((entry)->vme_alias)
285
286 static inline vm_map_t
_VME_SUBMAP(vm_map_entry_t entry)287 _VME_SUBMAP(
288 vm_map_entry_t entry)
289 {
290 __builtin_assume(entry->vme_submap);
291 return (vm_map_t)(entry->vme_submap << VME_SUBMAP_SHIFT);
292 }
293 #define VME_SUBMAP(entry) ({ assert((entry)->is_sub_map); _VME_SUBMAP(entry); })
294
295 static inline void
VME_SUBMAP_SET(vm_map_entry_t entry,vm_map_t submap)296 VME_SUBMAP_SET(
297 vm_map_entry_t entry,
298 vm_map_t submap)
299 {
300 __builtin_assume(((vm_offset_t)submap & 3) == 0);
301
302 entry->is_sub_map = true;
303 entry->vme_submap = (vm_offset_t)submap >> VME_SUBMAP_SHIFT;
304 }
305
306 static inline vm_object_t
_VME_OBJECT(vm_map_entry_t entry)307 _VME_OBJECT(
308 vm_map_entry_t entry)
309 {
310 vm_object_t object;
311
312 if (!entry->vme_kernel_object) {
313 object = VM_OBJECT_UNPACK(entry->vme_object_or_delta);
314 __builtin_assume(!is_kernel_object(object));
315 } else {
316 object = kernel_object_default;
317 }
318 return object;
319 }
320 #define VME_OBJECT(entry) ({ assert(!(entry)->is_sub_map); _VME_OBJECT(entry); })
321
322
323 static inline vm_object_offset_t
VME_OFFSET(vm_map_entry_t entry)324 VME_OFFSET(
325 vm_map_entry_t entry)
326 {
327 return entry->vme_offset << VME_OFFSET_SHIFT;
328 }
329
330
331 #if (DEBUG || DEVELOPMENT) && !KASAN
332 #define VM_BTLOG_TAGS 1
333 #else
334 #define VM_BTLOG_TAGS 0
335 #endif
336
337
338 /*
339 * Convenience macros for dealing with superpages
340 * SUPERPAGE_NBASEPAGES is architecture dependent and defined in pmap.h
341 */
342 #define SUPERPAGE_SIZE (PAGE_SIZE*SUPERPAGE_NBASEPAGES)
343 #define SUPERPAGE_MASK (-SUPERPAGE_SIZE)
344 #define SUPERPAGE_ROUND_DOWN(a) (a & SUPERPAGE_MASK)
345 #define SUPERPAGE_ROUND_UP(a) ((a + SUPERPAGE_SIZE-1) & SUPERPAGE_MASK)
346
347 /*
348 * wired_counts are unsigned short. This value is used to safeguard
349 * against any mishaps due to runaway user programs.
350 */
351 #define MAX_WIRE_COUNT 65535
352
353 typedef struct vm_map_user_range {
354 vm_map_address_t vmur_min_address __kernel_data_semantics;
355
356 vm_map_address_t vmur_max_address : 56 __kernel_data_semantics;
357 vm_map_range_id_t vmur_range_id : 8;
358 } *vm_map_user_range_t;
359
360 /*
361 * Type: vm_map_t [exported; contents invisible]
362 *
363 * Description:
364 * An address map -- a directory relating valid
365 * regions of a task's address space to the corresponding
366 * virtual memory objects.
367 *
368 * Implementation:
369 * Maps are doubly-linked lists of map entries, sorted
370 * by address. One hint is used to start
371 * searches again from the last successful search,
372 * insertion, or removal. Another hint is used to
373 * quickly find free space.
374 *
375 * Note:
376 * vm_map_relocate_early_elem() knows about this layout,
377 * and needs to be kept in sync.
378 */
379 struct _vm_map {
380 lck_rw_t lock; /* map lock */
381 struct vm_map_header hdr; /* Map entry header */
382 #define min_offset hdr.links.start /* start of range */
383 #define max_offset hdr.links.end /* end of range */
384 pmap_t XNU_PTRAUTH_SIGNED_PTR("_vm_map.pmap") pmap; /* Physical map */
385 vm_map_size_t size; /* virtual size */
386 uint64_t size_limit; /* rlimit on address space size */
387 uint64_t data_limit; /* rlimit on data size */
388 vm_map_size_t user_wire_limit;/* rlimit on user locked memory */
389 vm_map_size_t user_wire_size; /* current size of user locked memory in this map */
390 #if __x86_64__
391 vm_map_offset_t vmmap_high_start;
392 #endif /* __x86_64__ */
393
394 os_ref_atomic_t map_refcnt; /* Reference count */
395
396 #if CONFIG_MAP_RANGES
397 #define VM_MAP_EXTRA_RANGES_MAX 1024
398 struct mach_vm_range default_range;
399 struct mach_vm_range data_range;
400 struct mach_vm_range large_file_range;
401
402 uint16_t extra_ranges_count;
403 vm_map_user_range_t extra_ranges;
404 #endif /* CONFIG_MAP_RANGES */
405
406 union {
407 /*
408 * If map->disable_vmentry_reuse == TRUE:
409 * the end address of the highest allocated vm_map_entry_t.
410 */
411 vm_map_offset_t vmu1_highest_entry_end;
412 /*
413 * For a nested VM map:
414 * the lowest address in this nested VM map that we would
415 * expect to be unnested under normal operation (i.e. for
416 * regular copy-on-write on DATA section).
417 */
418 vm_map_offset_t vmu1_lowest_unnestable_start;
419 } vmu1;
420 #define highest_entry_end vmu1.vmu1_highest_entry_end
421 #define lowest_unnestable_start vmu1.vmu1_lowest_unnestable_start
422 vm_map_entry_t hint; /* hint for quick lookups */
423 union {
424 struct vm_map_links* vmmap_hole_hint; /* hint for quick hole lookups */
425 struct vm_map_corpse_footprint_header *vmmap_corpse_footprint;
426 } vmmap_u_1;
427 #define hole_hint vmmap_u_1.vmmap_hole_hint
428 #define vmmap_corpse_footprint vmmap_u_1.vmmap_corpse_footprint
429 union {
430 vm_map_entry_t _first_free; /* First free space hint */
431 struct vm_map_links* _holes; /* links all holes between entries */
432 } f_s; /* Union for free space data structures being used */
433
434 #define first_free f_s._first_free
435 #define holes_list f_s._holes
436
437 unsigned int
438 /* boolean_t */ wait_for_space:1, /* Should callers wait for space? */
439 /* boolean_t */ wiring_required:1, /* All memory wired? */
440 /* boolean_t */ no_zero_fill:1, /* No zero fill absent pages */
441 /* boolean_t */ mapped_in_other_pmaps:1, /* has this submap been mapped in maps that use a different pmap */
442 /* boolean_t */ switch_protect:1, /* Protect map from write faults while switched */
443 /* boolean_t */ disable_vmentry_reuse:1, /* All vm entries should keep using newer and higher addresses in the map */
444 /* boolean_t */ map_disallow_data_exec:1, /* Disallow execution from data pages on exec-permissive architectures */
445 /* boolean_t */ holelistenabled:1,
446 /* boolean_t */ is_nested_map:1,
447 /* boolean_t */ map_disallow_new_exec:1, /* Disallow new executable code */
448 /* boolean_t */ jit_entry_exists:1,
449 /* boolean_t */ has_corpse_footprint:1,
450 /* boolean_t */ terminated:1,
451 /* boolean_t */ is_alien:1, /* for platform simulation, i.e. PLATFORM_IOS on OSX */
452 /* boolean_t */ cs_enforcement:1, /* code-signing enforcement */
453 /* boolean_t */ cs_debugged:1, /* code-signed but debugged */
454 /* boolean_t */ reserved_regions:1, /* has reserved regions. The map size that userspace sees should ignore these. */
455 /* boolean_t */ single_jit:1, /* only allow one JIT mapping */
456 /* boolean_t */ never_faults:1, /* this map should never cause faults */
457 /* boolean_t */ uses_user_ranges:1, /* has the map been configured to use user VM ranges */
458 /* boolean_t */ tpro_enforcement:1, /* enforce TPRO propagation */
459 /* boolean_t */ corpse_source:1, /* map is being used to create a corpse for diagnostics.*/
460 /* reserved */ res0:1,
461 /* reserved */pad:9;
462 unsigned int timestamp; /* Version number */
463 /*
464 * Weak reference to the task that owns this map. This will be NULL if the
465 * map has terminated, so you must have a task reference to be able to safely
466 * access this. Under the map lock, you can safely acquire a task reference
467 * if owning_task is not NULL, since vm_map_terminate requires the map lock.
468 */
469 task_t owning_task;
470 };
471
472 #define CAST_TO_VM_MAP_ENTRY(x) ((struct vm_map_entry *)(uintptr_t)(x))
473 #define vm_map_to_entry(map) CAST_TO_VM_MAP_ENTRY(&(map)->hdr.links)
474 #define vm_map_first_entry(map) ((map)->hdr.links.next)
475 #define vm_map_last_entry(map) ((map)->hdr.links.prev)
476
477 /*
478 * Type: vm_map_version_t [exported; contents invisible]
479 *
480 * Description:
481 * Map versions may be used to quickly validate a previous
482 * lookup operation.
483 *
484 * Usage note:
485 * Because they are bulky objects, map versions are usually
486 * passed by reference.
487 *
488 * Implementation:
489 * Just a timestamp for the main map.
490 */
491 typedef struct vm_map_version {
492 unsigned int main_timestamp;
493 } vm_map_version_t;
494
495 /*
496 * Type: vm_map_copy_t [exported; contents invisible]
497 *
498 * Description:
499 * A map copy object represents a region of virtual memory
500 * that has been copied from an address map but is still
501 * in transit.
502 *
503 * A map copy object may only be used by a single thread
504 * at a time.
505 *
506 * Implementation:
507 * There are two formats for map copy objects.
508 * The first is very similar to the main
509 * address map in structure, and as a result, some
510 * of the internal maintenance functions/macros can
511 * be used with either address maps or map copy objects.
512 *
513 * The map copy object contains a header links
514 * entry onto which the other entries that represent
515 * the region are chained.
516 *
517 * The second format is a kernel buffer copy object - for data
518 * small enough that physical copies were the most efficient
519 * method. This method uses a zero-sized array unioned with
520 * other format-specific data in the 'c_u' member. This unsized
521 * array overlaps the other elements and allows us to use this
522 * extra structure space for physical memory copies. On 64-bit
523 * systems this saves ~64 bytes per vm_map_copy.
524 */
525
526 struct vm_map_copy {
527 #define VM_MAP_COPY_ENTRY_LIST 1
528 #define VM_MAP_COPY_KERNEL_BUFFER 2
529 uint16_t type;
530 bool is_kernel_range;
531 bool is_user_range;
532 vm_map_range_id_t orig_range;
533 vm_object_offset_t offset;
534 vm_map_size_t size;
535 union {
536 struct vm_map_header hdr; /* ENTRY_LIST */
537 void *XNU_PTRAUTH_SIGNED_PTR("vm_map_copy.kdata") kdata; /* KERNEL_BUFFER */
538 } c_u;
539 };
540
541
542 ZONE_DECLARE_ID(ZONE_ID_VM_MAP_ENTRY, struct vm_map_entry);
543 #define vm_map_entry_zone (&zone_array[ZONE_ID_VM_MAP_ENTRY])
544
545 ZONE_DECLARE_ID(ZONE_ID_VM_MAP_HOLES, struct vm_map_links);
546 #define vm_map_holes_zone (&zone_array[ZONE_ID_VM_MAP_HOLES])
547
548 ZONE_DECLARE_ID(ZONE_ID_VM_MAP, struct _vm_map);
549 #define vm_map_zone (&zone_array[ZONE_ID_VM_MAP])
550
551
552 #define cpy_hdr c_u.hdr
553 #define cpy_kdata c_u.kdata
554
555 #define VM_MAP_COPY_PAGE_SHIFT(copy) ((copy)->cpy_hdr.page_shift)
556 #define VM_MAP_COPY_PAGE_SIZE(copy) (1 << VM_MAP_COPY_PAGE_SHIFT((copy)))
557 #define VM_MAP_COPY_PAGE_MASK(copy) (VM_MAP_COPY_PAGE_SIZE((copy)) - 1)
558
559 /*
560 * Useful macros for entry list copy objects
561 */
562
563 #define vm_map_copy_to_entry(copy) CAST_TO_VM_MAP_ENTRY(&(copy)->cpy_hdr.links)
564 #define vm_map_copy_first_entry(copy) \
565 ((copy)->cpy_hdr.links.next)
566 #define vm_map_copy_last_entry(copy) \
567 ((copy)->cpy_hdr.links.prev)
568
569
570 /*
571 * Macros: vm_map_lock, etc. [internal use only]
572 * Description:
573 * Perform locking on the data portion of a map.
574 * When multiple maps are to be locked, order by map address.
575 * (See vm_map.c::vm_remap())
576 */
577
578 #define vm_map_lock_init(map) \
579 ((map)->timestamp = 0 , \
580 lck_rw_init(&(map)->lock, &vm_map_lck_grp, &vm_map_lck_rw_attr))
581
582 #define vm_map_lock(map) \
583 MACRO_BEGIN \
584 DTRACE_VM(vm_map_lock_w); \
585 lck_rw_lock_exclusive(&(map)->lock); \
586 MACRO_END
587
588 #define vm_map_unlock(map) \
589 MACRO_BEGIN \
590 DTRACE_VM(vm_map_unlock_w); \
591 (map)->timestamp++; \
592 lck_rw_done(&(map)->lock); \
593 MACRO_END
594
595 #define vm_map_lock_read(map) \
596 MACRO_BEGIN \
597 DTRACE_VM(vm_map_lock_r); \
598 lck_rw_lock_shared(&(map)->lock); \
599 MACRO_END
600
601 #define vm_map_unlock_read(map) \
602 MACRO_BEGIN \
603 DTRACE_VM(vm_map_unlock_r); \
604 lck_rw_done(&(map)->lock); \
605 MACRO_END
606
607 #define vm_map_lock_write_to_read(map) \
608 MACRO_BEGIN \
609 DTRACE_VM(vm_map_lock_downgrade); \
610 (map)->timestamp++; \
611 lck_rw_lock_exclusive_to_shared(&(map)->lock); \
612 MACRO_END
613
614 #define vm_map_lock_assert_held(map) \
615 LCK_RW_ASSERT(&(map)->lock, LCK_RW_ASSERT_HELD)
616 #define vm_map_lock_assert_shared(map) \
617 LCK_RW_ASSERT(&(map)->lock, LCK_RW_ASSERT_SHARED)
618 #define vm_map_lock_assert_exclusive(map) \
619 LCK_RW_ASSERT(&(map)->lock, LCK_RW_ASSERT_EXCLUSIVE)
620 #define vm_map_lock_assert_notheld(map) \
621 LCK_RW_ASSERT(&(map)->lock, LCK_RW_ASSERT_NOTHELD)
622
623 /*
624 * Exported procedures that operate on vm_map_t.
625 */
626
627 /* Lookup map entry containing or the specified address in the given map */
628 extern boolean_t vm_map_lookup_entry(
629 vm_map_t map,
630 vm_map_address_t address,
631 vm_map_entry_t *entry); /* OUT */
632
633
634 /*
635 * Functions implemented as macros
636 */
637 #define vm_map_min(map) ((map)->min_offset)
638 /* Lowest valid address in
639 * a map */
640
641 #define vm_map_max(map) ((map)->max_offset)
642 /* Highest valid address */
643
644 #define vm_map_pmap(map) ((map)->pmap)
645 /* Physical map associated
646 * with this address map */
647
648 /* Gain a reference to an existing map */
649 extern void vm_map_reference(
650 vm_map_t map);
651
652 /*
653 * Wait and wakeup macros for in_transition map entries.
654 */
655 #define vm_map_entry_wait(map, interruptible) \
656 ((map)->timestamp++ , \
657 lck_rw_sleep(&(map)->lock, LCK_SLEEP_EXCLUSIVE|LCK_SLEEP_PROMOTED_PRI, \
658 (event_t)&(map)->hdr, interruptible))
659
660
661 #define vm_map_entry_wakeup(map) \
662 thread_wakeup((event_t)(&(map)->hdr))
663
664
665 extern void vm_map_inherit_limits(
666 vm_map_t new_map,
667 const struct _vm_map *old_map);
668
669 /* Create a new task map using an existing task map as a template. */
670 extern vm_map_t vm_map_fork(
671 ledger_t ledger,
672 vm_map_t old_map,
673 int options);
674
675 #define VM_MAP_FORK_SHARE_IF_INHERIT_NONE 0x00000001
676 #define VM_MAP_FORK_PRESERVE_PURGEABLE 0x00000002
677 #define VM_MAP_FORK_CORPSE_FOOTPRINT 0x00000004
678 #define VM_MAP_FORK_SHARE_IF_OWNED 0x00000008
679
680
681 extern kern_return_t vm_map_query_volatile(
682 vm_map_t map,
683 mach_vm_size_t *volatile_virtual_size_p,
684 mach_vm_size_t *volatile_resident_size_p,
685 mach_vm_size_t *volatile_compressed_size_p,
686 mach_vm_size_t *volatile_pmap_size_p,
687 mach_vm_size_t *volatile_compressed_pmap_size_p);
688
689
690 extern kern_return_t vm_map_set_cache_attr(
691 vm_map_t map,
692 vm_map_offset_t va);
693
694
695 extern void vm_map_copy_footprint_ledgers(
696 task_t old_task,
697 task_t new_task);
698
699
700 /**
701 * Represents a single region of virtual address space that should be reserved
702 * (pre-mapped) in a user address space.
703 */
704 struct vm_reserved_region {
705 const char *vmrr_name;
706 vm_map_offset_t vmrr_addr;
707 vm_map_size_t vmrr_size;
708 };
709
710 /**
711 * Return back a machine-dependent array of address space regions that should be
712 * reserved by the VM. This function is defined in the machine-dependent
713 * machine_routines.c files.
714 */
715 extern size_t ml_get_vm_reserved_regions(
716 bool vm_is64bit,
717 const struct vm_reserved_region **regions);
718
719 /**
720 * Explicitly preallocates a floating point save area. This function is defined
721 * in the machine-dependent machine_routines.c files.
722 */
723 extern void ml_fp_save_area_prealloc(void);
724
725 #endif /* MACH_KERNEL_PRIVATE */
726
727 /*
728 * Read and write from a kernel buffer to a specified map.
729 */
730 extern kern_return_t vm_map_write_user(
731 vm_map_t map,
732 void *src_p,
733 vm_map_offset_ut dst_addr_u,
734 vm_size_ut size_u);
735
736 extern kern_return_t vm_map_read_user(
737 vm_map_t map,
738 vm_map_offset_ut src_addr_u,
739 void *dst_p,
740 vm_size_ut size_u);
741
742 extern vm_map_size_t vm_map_adjusted_size(vm_map_t map);
743
744 typedef struct {
745 vm_map_t map;
746 task_t task;
747 } vm_map_switch_context_t;
748 extern vm_map_switch_context_t vm_map_switch_to(vm_map_t map);
749 extern void vm_map_switch_back(vm_map_switch_context_t ctx);
750
751 extern boolean_t vm_map_cs_enforcement(
752 vm_map_t map);
753 extern void vm_map_cs_enforcement_set(
754 vm_map_t map,
755 boolean_t val);
756
757 extern void vm_map_cs_debugged_set(
758 vm_map_t map,
759 boolean_t val);
760
761 extern kern_return_t vm_map_cs_wx_enable(vm_map_t map);
762 extern kern_return_t vm_map_csm_allow_jit(vm_map_t map);
763
764
765 extern void vm_map_will_allocate_early_map(
766 vm_map_t *map_owner);
767
768 extern void vm_map_relocate_early_maps(
769 vm_offset_t delta);
770
771 extern void vm_map_relocate_early_elem(
772 uint32_t zone_id,
773 vm_offset_t new_addr,
774 vm_offset_t delta);
775
776 /* wire down a region */
777
778 /* never fails */
779 extern vm_map_t vm_map_create_options(
780 pmap_t pmap,
781 vm_map_offset_t min_off,
782 vm_map_offset_t max_off,
783 vm_map_create_options_t options);
784
785 extern boolean_t vm_kernel_map_is_kernel(vm_map_t map);
786
787 /*!
788 * @function vm_map_enter_mem_object_control()
789 *
790 * @brief
791 * Enters a mapping of @c initial_size bytes at @c *address (subject to
792 * fixed/anywhere semantics, see @c VM_FLAGS_FIXED/VM_FLAGS_ANYWHERE ).
793 * The pages will come from a memory object paged in by the @c control pager,
794 * and the caller may specify an @c offset into the object.
795 *
796 * @param target_map The map into which to enter the mapping.
797 * @param address [in] Pointer to the address at which to enter the
798 * mapping (or use as a hint for anywhere
799 * mappings).
800 * No alignment is required, the function will
801 * round this down to a page boundary in the
802 * @c target_map.
803 * [out] On success, it will be filled with the address
804 * at which the object data is made available, and
805 * will have the same misalignment into
806 * @c target_map as @c offset.
807 * On failure, it remains unmodified.
808 * @param initial_size Size of the mapping to enter.
809 * Must be non-zero.
810 * No alignment is required.
811 * @param mask An alignment mask the mapping must respect.
812 * @param vmk_flags The vm map kernel flags to influence this call.
813 * @param control The pager-managed memory object which is the source
814 * of the pages.
815 * @param offset The offset into the memory object to use when
816 * paging.
817 * @c vm_map_enter, which is called into by
818 * @c vm_map_enter_mem_object_control, requires that
819 * @c offset be page-aligned for either @c target_map
820 * pages or kernel pages.
821 * @param needs_copy Boolean which can be set to request that the mapped
822 * pages be a copy of the memory object's pages.
823 * @param cur_protection Effective protection that should be set for the
824 * mapping.
825 * @param max_protection Max protection that should be allowed for the
826 * mapping. Should at least cover @c cur_protection.
827 * @param inheritance Inheritance policy for the mapping.
828 *
829 * @returns @c KERN_SUCCESS if the mapping was successfully entered, an error
830 * code otherwise.
831 */
832 extern kern_return_t vm_map_enter_mem_object_control(
833 vm_map_t target_map,
834 vm_map_offset_ut *address,
835 vm_map_size_ut initial_size,
836 vm_map_offset_ut mask,
837 vm_map_kernel_flags_t vmk_flags,
838 memory_object_control_t control,
839 vm_object_offset_ut offset,
840 boolean_t needs_copy,
841 vm_prot_ut cur_protection,
842 vm_prot_ut max_protection,
843 vm_inherit_ut inheritance);
844
845 /* Must be executed on a new task's map before the task is enabled for IPC access */
846 extern void vm_map_setup(vm_map_t map, task_t task); /* always succeeds */
847
848 extern kern_return_t vm_map_terminate(
849 vm_map_t map);
850
851 /* Overwrite existing memory with a copy */
852 extern kern_return_t vm_map_copy_overwrite(
853 vm_map_t dst_map,
854 vm_map_address_ut dst_addr_u,
855 vm_map_copy_t copy,
856 vm_map_size_ut copy_size_u,
857 boolean_t interruptible);
858
859 /* returns TRUE if size of vm_map_copy == *size, FALSE otherwise */
860 extern boolean_t vm_map_copy_validate_size(
861 vm_map_t dst_map,
862 vm_map_copy_t copy,
863 vm_map_size_t *size);
864
865 extern kern_return_t vm_map_copyout_size(
866 vm_map_t dst_map,
867 vm_map_address_t *dst_addr, /* OUT */
868 vm_map_copy_t copy,
869 vm_map_size_ut copy_size);
870
871 extern void vm_map_disable_NX(
872 vm_map_t map);
873
874 extern void vm_map_disallow_data_exec(
875 vm_map_t map);
876
877 extern void vm_map_set_64bit(
878 vm_map_t map);
879
880 extern void vm_map_set_32bit(
881 vm_map_t map);
882
883 extern void vm_map_set_jumbo(
884 vm_map_t map);
885
886 #if XNU_PLATFORM_iPhoneOS && EXTENDED_USER_VA_SUPPORT
887 extern void vm_map_set_extra_jumbo(
888 vm_map_t map);
889 #endif /* XNU_PLATFORM_iPhoneOS && EXTENDED_USER_VA_SUPPORT */
890
891 extern void vm_map_set_jit_entitled(
892 vm_map_t map);
893
894 extern void vm_map_set_max_addr(
895 vm_map_t map,
896 vm_map_offset_t new_max_offset,
897 bool extra_jumbo);
898
899 extern boolean_t vm_map_has_hard_pagezero(
900 vm_map_t map,
901 vm_map_offset_t pagezero_size);
902
903 extern void vm_commit_pagezero_status(vm_map_t tmap);
904
905 extern boolean_t vm_map_tpro(
906 vm_map_t map);
907
908 extern void vm_map_set_tpro(
909 vm_map_t map);
910
911
912 extern void vm_map_set_tpro_enforcement(
913 vm_map_t map);
914
915 extern boolean_t vm_map_set_tpro_range(
916 vm_map_t map,
917 vm_map_address_t start,
918 vm_map_address_t end);
919
920 extern boolean_t vm_map_is_64bit(
921 vm_map_t map);
922
923 extern kern_return_t vm_map_raise_max_offset(
924 vm_map_t map,
925 vm_map_offset_t new_max_offset);
926
927 extern kern_return_t vm_map_raise_min_offset(
928 vm_map_t map,
929 vm_map_offset_t new_min_offset);
930
931 #if XNU_TARGET_OS_OSX
932 extern void vm_map_set_high_start(
933 vm_map_t map,
934 vm_map_offset_t high_start);
935 #endif /* XNU_TARGET_OS_OSX */
936
937
938 extern vm_map_offset_t vm_compute_max_offset(
939 boolean_t is64);
940
941 extern void vm_map_get_max_aslr_slide_section(
942 vm_map_t map,
943 int64_t *max_sections,
944 int64_t *section_size);
945
946 extern uint64_t vm_map_get_max_aslr_slide_pages(
947 vm_map_t map);
948
949 extern uint64_t vm_map_get_max_loader_aslr_slide_pages(
950 vm_map_t map);
951
952 extern kern_return_t vm_map_set_size_limit(
953 vm_map_t map,
954 uint64_t limit);
955
956 extern kern_return_t vm_map_set_data_limit(
957 vm_map_t map,
958 uint64_t limit);
959
960 extern void vm_map_set_user_wire_limit(
961 vm_map_t map,
962 vm_size_t limit);
963
964 extern void vm_map_switch_protect(
965 vm_map_t map,
966 boolean_t val);
967
968 extern boolean_t vm_map_page_aligned(
969 vm_map_offset_t offset,
970 vm_map_offset_t mask);
971
972 extern bool vm_map_range_overflows(
973 vm_map_t map,
974 vm_map_offset_t addr,
975 vm_map_size_t size);
976
977 /* Support for vm_map ranges */
978 extern kern_return_t vm_map_range_configure(
979 vm_map_t map,
980 bool needs_extra_jumbo_va);
981
982
983
984 /*!
985 * @function vm_map_kernel_flags_update_range_id()
986 *
987 * @brief
988 * Updates the @c vmkf_range_id field with the adequate value
989 * according to the policy for specified map and tag set in @c vmk_flags.
990 *
991 * @discussion
992 * This function is meant to be called by Mach VM entry points,
993 * which matters for the kernel: allocations with pointers _MUST_
994 * be allocated with @c kmem_*() functions.
995 *
996 * If the range ID is already set, it is preserved.
997 */
998 extern void vm_map_kernel_flags_update_range_id(
999 vm_map_kernel_flags_t *flags,
1000 vm_map_t map,
1001 vm_map_size_t size);
1002
1003 #if XNU_TARGET_OS_OSX
1004 extern void vm_map_mark_alien(vm_map_t map);
1005 extern void vm_map_single_jit(vm_map_t map);
1006 #endif /* XNU_TARGET_OS_OSX */
1007
1008 extern kern_return_t vm_map_page_info(
1009 vm_map_t map,
1010 vm_map_offset_ut offset,
1011 vm_page_info_flavor_t flavor,
1012 vm_page_info_t info,
1013 mach_msg_type_number_t *count);
1014
1015 extern kern_return_t vm_map_page_range_info_internal(
1016 vm_map_t map,
1017 vm_map_offset_ut start_offset,
1018 vm_map_offset_ut end_offset,
1019 int effective_page_shift,
1020 vm_page_info_flavor_t flavor,
1021 vm_page_info_t info,
1022 mach_msg_type_number_t *count);
1023
1024 #ifdef MACH_KERNEL_PRIVATE
1025
1026 /*
1027 * Internal macros for rounding and truncation of vm_map offsets and sizes
1028 */
1029 #define VM_MAP_ROUND_PAGE(x, pgmask) (((vm_map_offset_t)(x) + (pgmask)) & ~((signed)(pgmask)))
1030 #define VM_MAP_TRUNC_PAGE(x, pgmask) ((vm_map_offset_t)(x) & ~((signed)(pgmask)))
1031
1032 /*
1033 * Macros for rounding and truncation of vm_map offsets and sizes
1034 */
1035 static inline int
VM_MAP_PAGE_SHIFT(vm_map_t map)1036 VM_MAP_PAGE_SHIFT(
1037 vm_map_t map)
1038 {
1039 int shift = map ? map->hdr.page_shift : PAGE_SHIFT;
1040 /*
1041 * help ubsan and codegen in general,
1042 * cannot use PAGE_{MIN,MAX}_SHIFT
1043 * because of testing code which
1044 * tests 16k aligned maps on 4k only systems.
1045 */
1046 __builtin_assume(shift >= 12 && shift <= 14);
1047 return shift;
1048 }
1049
1050 #define VM_MAP_PAGE_SIZE(map) (1 << VM_MAP_PAGE_SHIFT((map)))
1051 #define VM_MAP_PAGE_MASK(map) (VM_MAP_PAGE_SIZE((map)) - 1)
1052 #define VM_MAP_PAGE_ALIGNED(x, pgmask) (((x) & (pgmask)) == 0)
1053
1054 #endif /* MACH_KERNEL_PRIVATE */
1055
1056
1057 extern kern_return_t vm_map_set_page_shift(vm_map_t map, int pageshift);
1058 extern bool vm_map_is_exotic(vm_map_t map);
1059 extern bool vm_map_is_alien(vm_map_t map);
1060 extern pmap_t vm_map_get_pmap(vm_map_t map);
1061
1062 extern void vm_map_guard_exception(vm_map_offset_t gap_start, unsigned reason);
1063
1064
1065 extern bool vm_map_is_corpse_source(vm_map_t map);
1066 extern void vm_map_set_corpse_source(vm_map_t map);
1067 extern void vm_map_unset_corpse_source(vm_map_t map);
1068
1069 #if CONFIG_DYNAMIC_CODE_SIGNING
1070
1071 extern kern_return_t vm_map_sign(vm_map_t map,
1072 vm_map_offset_t start,
1073 vm_map_offset_t end);
1074
1075 #endif /* CONFIG_DYNAMIC_CODE_SIGNING */
1076 #if CONFIG_FREEZE
1077
1078 extern kern_return_t vm_map_freeze(
1079 task_t task,
1080 unsigned int *purgeable_count,
1081 unsigned int *wired_count,
1082 unsigned int *clean_count,
1083 unsigned int *dirty_count,
1084 unsigned int dirty_budget,
1085 unsigned int *shared_count,
1086 int *freezer_error_code,
1087 boolean_t eval_only);
1088
1089 __enum_decl(freezer_error_code_t, int, {
1090 FREEZER_ERROR_GENERIC = -1,
1091 FREEZER_ERROR_EXCESS_SHARED_MEMORY = -2,
1092 FREEZER_ERROR_LOW_PRIVATE_SHARED_RATIO = -3,
1093 FREEZER_ERROR_NO_COMPRESSOR_SPACE = -4,
1094 FREEZER_ERROR_NO_SWAP_SPACE = -5,
1095 FREEZER_ERROR_NO_SLOTS = -6,
1096 });
1097
1098 #endif /* CONFIG_FREEZE */
1099
1100 extern kern_return_t vm_map_partial_reap(
1101 vm_map_t map,
1102 unsigned int *reclaimed_resident,
1103 unsigned int *reclaimed_compressed);
1104
1105 /*
1106 * In some cases, we don't have a real VM object but still want to return a
1107 * unique ID (to avoid a memory region looking like shared memory), so build
1108 * a fake pointer based on the map's ledger and the index of the ledger being
1109 * reported.
1110 */
1111 #define VM_OBJECT_ID_FAKE(map, ledger_id) ((uint32_t)(uintptr_t)VM_KERNEL_ADDRHASH((int*)((map)->pmap->ledger)+(ledger_id)))
1112
1113 #if DEVELOPMENT || DEBUG
1114
1115 extern int vm_map_disconnect_page_mappings(
1116 vm_map_t map,
1117 boolean_t);
1118
1119 extern kern_return_t vm_map_inject_error(vm_map_t map, vm_map_offset_t vaddr);
1120
1121 extern kern_return_t vm_map_entries_foreach(vm_map_t map, kern_return_t (^count_handler)(int nentries),
1122 kern_return_t (^entry_handler)(void* entry));
1123 extern kern_return_t vm_map_dump_entry_and_compressor_pager(void* entry, char *buf, size_t *count);
1124
1125 #endif /* DEVELOPMENT || DEBUG */
1126
1127 boolean_t kdp_vm_map_is_acquired_exclusive(vm_map_t map);
1128
1129 boolean_t vm_map_entry_has_device_pager(vm_map_t, vm_map_offset_t vaddr);
1130
1131
1132 #ifdef VM_SCAN_FOR_SHADOW_CHAIN
1133 int vm_map_shadow_max(vm_map_t map);
1134 #endif
1135
1136 bool vm_map_is_map_size_valid(vm_map_t target_map, vm_size_t size, bool no_soft_limit);
1137
1138 __END_DECLS
1139
1140 #endif /* XNU_KERNEL_PRIVATE */
1141 #endif /* _VM_VM_MAP_XNU_H_ */
1142