/* * Copyright (c) 2000-2006 Apple Computer, Inc. All rights reserved. * * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ * * This file contains Original Code and/or Modifications of Original Code * as defined in and that are subject to the Apple Public Source License * Version 2.0 (the 'License'). You may not use this file except in * compliance with the License. The rights granted to you under the License * may not be used to create, or enable the creation or redistribution of, * unlawful or unlicensed copies of an Apple operating system, or to * circumvent, violate, or enable the circumvention or violation of, any * terms of an Apple operating system software license agreement. * * Please obtain a copy of the License at * http://www.opensource.apple.com/apsl/ and read it before using this file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. * Please see the License for the specific language governing rights and * limitations under the License. * * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ */ /* * @OSF_COPYRIGHT@ */ /* * Mach Operating System * Copyright (c) 1991,1990,1989,1988,1987 Carnegie Mellon University * All Rights Reserved. * * Permission to use, copy, modify and distribute this software and its * documentation is hereby granted, provided that both the copyright * notice and this permission notice appear in all copies of the * software, derivative works or modified versions, and any portions * thereof, and that both notices appear in supporting documentation. * * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. * * Carnegie Mellon requests users of this software to return to * * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU * School of Computer Science * Carnegie Mellon University * Pittsburgh PA 15213-3890 * * any improvements or extensions that they make and grant Carnegie Mellon * the rights to redistribute these changes. */ /* */ /* * File: mach/vm_param.h * Author: Avadis Tevanian, Jr., Michael Wayne Young * Date: 1985 * * Machine independent virtual memory parameters. * */ #ifndef _MACH_VM_PARAM_H_ #define _MACH_VM_PARAM_H_ #include <mach/machine/vm_param.h> #ifdef KERNEL #ifndef ASSEMBLER #include <mach/vm_types.h> #endif /* ASSEMBLER */ /* * The machine independent pages are refered to as PAGES. A page * is some number of hardware pages, depending on the target machine. */ #ifndef ASSEMBLER #define PAGE_SIZE_64 (unsigned long long)PAGE_SIZE /* pagesize in addr units */ #define PAGE_MASK_64 (unsigned long long)PAGE_MASK /* mask for off in page */ /* * Convert addresses to pages and vice versa. No rounding is used. * The atop_32 and ptoa_32 macros should not be use on 64 bit types. * The round_page_64 and trunc_page_64 macros should be used instead. */ #define atop_32(x) ((uint32_t)(x) >> PAGE_SHIFT) #define ptoa_32(x) ((uint32_t)(x) << PAGE_SHIFT) #define atop_64(x) ((uint64_t)(x) >> PAGE_SHIFT) #define ptoa_64(x) ((uint64_t)(x) << PAGE_SHIFT) #define atop_kernel(x) ((vm_address_t)(x) >> PAGE_SHIFT) #define ptoa_kernel(x) ((vm_address_t)(x) << PAGE_SHIFT) /* * While the following block is enabled, the legacy atop and ptoa * macros will behave correctly. If not, they will generate * invalid lvalue errors. */ #if 1 #define atop(x) ((vm_address_t)(x) >> PAGE_SHIFT) #define ptoa(x) ((vm_address_t)(x) << PAGE_SHIFT) #else #define atop(x) (0UL = 0) #define ptoa(x) (0UL = 0) #endif /* * Page-size rounding macros for the Public fixed-width VM types. */ #define mach_vm_round_page(x) (((mach_vm_offset_t)(x) + PAGE_MASK) & ~((signed)PAGE_MASK)) #define mach_vm_trunc_page(x) ((mach_vm_offset_t)(x) & ~((signed)PAGE_MASK)) #define memory_object_round_page(x) (((memory_object_offset_t)(x) + PAGE_MASK) & ~((signed)PAGE_MASK)) #define memory_object_trunc_page(x) ((memory_object_offset_t)(x) & ~((signed)PAGE_MASK)) /* * Rounding macros for the legacy (scalable with the current task's * address space size) VM types. */ #define round_page(x) (((vm_offset_t)(x) + PAGE_MASK) & ~((vm_offset_t)PAGE_MASK)) #define trunc_page(x) ((vm_offset_t)(x) & ~((vm_offset_t)PAGE_MASK)) /* * Round off or truncate to the nearest page. These will work * for either addresses or counts. (i.e. 1 byte rounds to 1 page * bytes. The round_page_32 and trunc_page_32 macros should not be * use on 64 bit types. The round_page_64 and trunc_page_64 macros * should be used instead. * * These should only be used in the rare case the size of the address * or length is hard-coded as 32 or 64 bit. Otherwise, the macros * associated with the specific VM type should be used. */ #define round_page_32(x) (((uint32_t)(x) + PAGE_MASK) & ~((uint32_t)PAGE_MASK)) #define trunc_page_32(x) ((uint32_t)(x) & ~((uint32_t)PAGE_MASK)) #define round_page_64(x) (((uint64_t)(x) + PAGE_MASK_64) & ~((uint64_t)PAGE_MASK_64)) #define trunc_page_64(x) ((uint64_t)(x) & ~((uint64_t)PAGE_MASK_64)) /* * Enable the following block to find uses of xxx_32 macros that should * be xxx_64. These macros only work in C code, not C++. The resulting * binaries are not functional. Look for invalid lvalue errors in * the compiler output. * * Enabling the following block will also find use of the xxx_64 macros * that have been passed pointers. The parameters should be case to an * unsigned long type first. Look for invalid operands to binary + error * in the compiler output. */ #if 0 #undef atop_32 #undef ptoa_32 #undef round_page_32 #undef trunc_page_32 #undef atop_64 #undef ptoa_64 #undef round_page_64 #undef trunc_page_64 #ifndef __cplusplus #define atop_32(x) \ (__builtin_choose_expr (sizeof(x) != sizeof(uint64_t), \ (*(long *)0), \ (0UL)) = 0) #define ptoa_32(x) \ (__builtin_choose_expr (sizeof(x) != sizeof(uint64_t), \ (*(long *)0), \ (0UL)) = 0) #define round_page_32(x) \ (__builtin_choose_expr (sizeof(x) != sizeof(uint64_t), \ (*(long *)0), \ (0UL)) = 0) #define trunc_page_32(x) \ (__builtin_choose_expr (sizeof(x) != sizeof(uint64_t), \ (*(long *)0), \ (0UL)) = 0) #else #define atop_32(x) (0) #define ptoa_32(x) (0) #define round_page_32(x) (0) #define trunc_page_32(x) (0) #endif /* ! __cplusplus */ #define atop_64(x) ((uint64_t)((x) + (uint8_t *)0)) #define ptoa_64(x) ((uint64_t)((x) + (uint8_t *)0)) #define round_page_64(x) ((uint64_t)((x) + (uint8_t *)0)) #define trunc_page_64(x) ((uint64_t)((x) + (uint8_t *)0)) #endif /* * Determine whether an address is page-aligned, or a count is * an exact page multiple. */ #define page_aligned(x) (((x) & PAGE_MASK) == 0) extern vm_size_t mem_size; /* 32-bit size of memory - limited by maxmem - deprecated */ extern uint64_t max_mem; /* 64-bit size of memory - limited by maxmem */ /* * The default pager does not handle 64-bit offsets inside its objects, * so this limits the size of anonymous memory objects to 4GB minus 1 page. * When we need to allocate a chunk of anonymous memory over that size, * we have to allocate more than one chunk. */ #define ANON_MAX_SIZE 0xFFFFF000ULL /* * Work-around for <rdar://problem/6626493> * Break large anonymous memory areas into 128MB chunks to alleviate * the cost of copying when copy-on-write is not possible because a small * portion of it being wired. */ #define ANON_CHUNK_SIZE (128ULL * 1024 * 1024) /* 128MB */ #ifdef XNU_KERNEL_PRIVATE extern uint64_t mem_actual; /* 64-bit size of memory - not limited by maxmem */ extern uint64_t sane_size; /* Memory size to use for defaults calculations */ extern addr64_t vm_last_addr; /* Highest kernel virtual address known to the VM system */ extern const vm_offset_t vm_min_kernel_address; extern const vm_offset_t vm_max_kernel_address; extern vm_offset_t vm_kernel_stext; extern vm_offset_t vm_kernel_etext; extern vm_offset_t vm_kernel_base; extern vm_offset_t vm_kernel_top; extern vm_offset_t vm_kernel_slide; extern vm_offset_t vm_hib_base; extern vm_offset_t vm_kernel_addrperm; extern vm_offset_t vm_kext_base; extern vm_offset_t vm_kext_top; extern vm_offset_t vm_prelink_stext; extern vm_offset_t vm_prelink_etext; extern vm_offset_t vm_prelink_sinfo; extern vm_offset_t vm_prelink_einfo; extern vm_offset_t vm_slinkedit; extern vm_offset_t vm_elinkedit; #define VM_KERNEL_IS_SLID(_o) \ (((vm_offset_t)(_o) >= vm_kernel_base) && \ ((vm_offset_t)(_o) <= vm_kernel_top)) #define VM_KERNEL_IS_KEXT(_o) \ (((vm_offset_t)(_o) >= vm_kext_base) && \ ((vm_offset_t)(_o) < vm_kext_top)) #define VM_KERNEL_IS_PRELINKTEXT(_o) \ (((vm_offset_t)(_o) >= vm_prelink_stext) && \ ((vm_offset_t)(_o) < vm_prelink_etext)) #define VM_KERNEL_IS_PRELINKINFO(_o) \ (((vm_offset_t)(_o) >= vm_prelink_sinfo) && \ ((vm_offset_t)(_o) < vm_prelink_einfo)) #define VM_KERNEL_IS_KEXT_LINKEDIT(_o) \ (((vm_offset_t)(_o) >= vm_slinkedit) && \ ((vm_offset_t)(_o) < vm_elinkedit)) #define VM_KERNEL_SLIDE(_u) \ ((vm_offset_t)(_u) + vm_kernel_slide) /* * The following macros are to be used when exposing kernel addresses to * userspace via any of the various debug or info facilities that might exist * (e.g. stackshot, proc_info syscall, etc.). It is important to understand * the goal of each macro and choose the right one depending on what you are * trying to do. Misuse of these macros can result in critical data leaks * which in turn lead to all sorts of system vulnerabilities. * * Note that in general the ideal goal is to protect addresses from userspace * in a way that is reversible assuming you know the permutation and/or slide. * * The macros are as follows: * * VM_KERNEL_UNSLIDE: * Use this macro when you are exposing an address to userspace which is * a "static" kernel or kext address (i.e. coming from text or data * sections). These are the addresses which get "slid" via ASLR on kernel * or kext load, and it's precisely the slide value we are trying to * protect from userspace. * * VM_KERNEL_ADDRPERM: * Use this macro when you are exposing an address to userspace which is * coming from the kernel's "heap". Since these adresses are not "loaded" * from anywhere, there is no slide applied and we instead apply the * permutation value to obscure the address. * * VM_KERNEL_UNSLIDE_OR_ADDRPERM: * Use this macro when you are exposing an address to userspace that could * come from either kernel text/data *or* the heap. This is a rare case, * but one that does come up and must be handled correctly. * * Nesting of these macros should be considered invalid. */ #define VM_KERNEL_UNSLIDE(_v) \ ((VM_KERNEL_IS_SLID(_v) || \ VM_KERNEL_IS_KEXT(_v) || \ VM_KERNEL_IS_PRELINKTEXT(_v) || \ VM_KERNEL_IS_PRELINKINFO(_v) || \ VM_KERNEL_IS_KEXT_LINKEDIT(_v)) ? \ (vm_offset_t)(_v) - vm_kernel_slide : \ (vm_offset_t)(_v)) #define VM_KERNEL_ADDRPERM(_v) \ (((vm_offset_t)(_v) == 0) ? \ (vm_offset_t)(0) : \ (vm_offset_t)(_v) + vm_kernel_addrperm) #define VM_KERNEL_UNSLIDE_OR_PERM(_v) \ ((VM_KERNEL_IS_SLID(_v) || \ VM_KERNEL_IS_KEXT(_v) || \ VM_KERNEL_IS_PRELINKTEXT(_v) || \ VM_KERNEL_IS_PRELINKINFO(_v) || \ VM_KERNEL_IS_KEXT_LINKEDIT(_v)) ? \ (vm_offset_t)(_v) - vm_kernel_slide : \ VM_KERNEL_ADDRPERM(_v)) #endif /* XNU_KERNEL_PRIVATE */ extern vm_size_t page_size; extern vm_size_t page_mask; extern int page_shift; /* We need a way to get rid of compiler warnings when we cast from */ /* a 64 bit value to an address (which may be 32 bits or 64-bits). */ /* An intptr_t is used convert the value to the right precision, and */ /* then to an address. This macro is also used to convert addresses */ /* to 32-bit integers, which is a hard failure for a 64-bit kernel */ #include <stdint.h> #ifndef __CAST_DOWN_CHECK #define __CAST_DOWN_CHECK #define CAST_DOWN( type, addr ) \ ( ((type)((uintptr_t) (addr)/(sizeof(type) < sizeof(uintptr_t) ? 0 : 1))) ) #define CAST_DOWN_EXPLICIT( type, addr ) ( ((type)((uintptr_t) (addr))) ) #endif /* __CAST_DOWN_CHECK */ #endif /* ASSEMBLER */ #endif /* KERNEL */ #endif /* _MACH_VM_PARAM_H_ */