4 * (C) Copyright 1994 Linus Torvalds
5 * (C) Copyright 2002 Christoph Hellwig
7 * Address space accounting code <alan@redhat.com>
8 * (C) Copyright 2002 Red Hat Inc, All Rights Reserved
12 #include <linux/hugetlb.h>
13 #include <linux/slab.h>
14 #include <linux/shm.h>
15 #include <linux/mman.h>
17 #include <linux/highmem.h>
18 #include <linux/security.h>
19 #include <linux/mempolicy.h>
20 #include <linux/personality.h>
21 #include <linux/syscalls.h>
23 #include <asm/uaccess.h>
24 #include <asm/pgtable.h>
25 #include <asm/cacheflush.h>
26 #include <asm/tlbflush.h>
28 static void change_pte_range(struct mm_struct *mm, pmd_t *pmd,
29 unsigned long addr, unsigned long end, pgprot_t newprot)
34 pte = pte_offset_map_lock(mm, pmd, addr, &ptl);
36 if (pte_present(*pte)) {
39 /* Avoid an SMP race with hardware updated dirty/clean
40 * bits by wiping the pte and then setting the new pte
43 ptent = pte_modify(ptep_get_and_clear(mm, addr, pte), newprot);
44 set_pte_at(mm, addr, pte, ptent);
45 lazy_mmu_prot_update(ptent);
47 } while (pte++, addr += PAGE_SIZE, addr != end);
48 pte_unmap_unlock(pte - 1, ptl);
51 static inline void change_pmd_range(struct mm_struct *mm, pud_t *pud,
52 unsigned long addr, unsigned long end, pgprot_t newprot)
57 pmd = pmd_offset(pud, addr);
59 next = pmd_addr_end(addr, end);
60 if (pmd_none_or_clear_bad(pmd))
62 change_pte_range(mm, pmd, addr, next, newprot);
63 } while (pmd++, addr = next, addr != end);
66 static inline void change_pud_range(struct mm_struct *mm, pgd_t *pgd,
67 unsigned long addr, unsigned long end, pgprot_t newprot)
72 pud = pud_offset(pgd, addr);
74 next = pud_addr_end(addr, end);
75 if (pud_none_or_clear_bad(pud))
77 change_pmd_range(mm, pud, addr, next, newprot);
78 } while (pud++, addr = next, addr != end);
81 static void change_protection(struct vm_area_struct *vma,
82 unsigned long addr, unsigned long end, pgprot_t newprot)
84 struct mm_struct *mm = vma->vm_mm;
87 unsigned long start = addr;
90 pgd = pgd_offset(mm, addr);
91 flush_cache_range(vma, addr, end);
93 next = pgd_addr_end(addr, end);
94 if (pgd_none_or_clear_bad(pgd))
96 change_pud_range(mm, pgd, addr, next, newprot);
97 } while (pgd++, addr = next, addr != end);
98 flush_tlb_range(vma, start, end);
102 mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev,
103 unsigned long start, unsigned long end, unsigned long newflags)
105 struct mm_struct *mm = vma->vm_mm;
106 unsigned long oldflags = vma->vm_flags;
107 long nrpages = (end - start) >> PAGE_SHIFT;
108 unsigned long charged = 0;
113 if (newflags == oldflags) {
119 * If we make a private mapping writable we increase our commit;
120 * but (without finer accounting) cannot reduce our commit if we
121 * make it unwritable again.
123 * FIXME? We haven't defined a VM_NORESERVE flag, so mprotecting
124 * a MAP_NORESERVE private mapping to writable will now reserve.
126 if (newflags & VM_WRITE) {
127 if (oldflags & VM_RESERVED) {
128 BUG_ON(oldflags & VM_WRITE);
129 printk(KERN_WARNING "program %s is using MAP_PRIVATE, "
130 "PROT_WRITE mprotect of VM_RESERVED memory, "
131 "which is deprecated. Please report this to "
132 "linux-kernel@vger.kernel.org\n",current->comm);
135 if (!(oldflags & (VM_ACCOUNT|VM_WRITE|VM_SHARED|VM_HUGETLB))) {
137 if (security_vm_enough_memory(charged))
139 newflags |= VM_ACCOUNT;
143 newprot = protection_map[newflags & 0xf];
146 * First try to merge with previous and/or next vma.
148 pgoff = vma->vm_pgoff + ((start - vma->vm_start) >> PAGE_SHIFT);
149 *pprev = vma_merge(mm, *pprev, start, end, newflags,
150 vma->anon_vma, vma->vm_file, pgoff, vma_policy(vma));
158 if (start != vma->vm_start) {
159 error = split_vma(mm, vma, start, 1);
164 if (end != vma->vm_end) {
165 error = split_vma(mm, vma, end, 0);
172 * vm_flags and vm_page_prot are protected by the mmap_sem
173 * held in write mode.
175 vma->vm_flags = newflags;
176 vma->vm_page_prot = newprot;
177 change_protection(vma, start, end, newprot);
178 vm_stat_account(mm, oldflags, vma->vm_file, -nrpages);
179 vm_stat_account(mm, newflags, vma->vm_file, nrpages);
183 vm_unacct_memory(charged);
188 sys_mprotect(unsigned long start, size_t len, unsigned long prot)
190 unsigned long vm_flags, nstart, end, tmp, reqprot;
191 struct vm_area_struct *vma, *prev;
193 const int grows = prot & (PROT_GROWSDOWN|PROT_GROWSUP);
194 prot &= ~(PROT_GROWSDOWN|PROT_GROWSUP);
195 if (grows == (PROT_GROWSDOWN|PROT_GROWSUP)) /* can't be both */
198 if (start & ~PAGE_MASK)
202 len = PAGE_ALIGN(len);
206 if (prot & ~(PROT_READ | PROT_WRITE | PROT_EXEC | PROT_SEM))
211 * Does the application expect PROT_READ to imply PROT_EXEC:
213 if (unlikely((prot & PROT_READ) &&
214 (current->personality & READ_IMPLIES_EXEC)))
217 vm_flags = calc_vm_prot_bits(prot);
219 down_write(¤t->mm->mmap_sem);
221 vma = find_vma_prev(current->mm, start, &prev);
225 if (unlikely(grows & PROT_GROWSDOWN)) {
226 if (vma->vm_start >= end)
228 start = vma->vm_start;
230 if (!(vma->vm_flags & VM_GROWSDOWN))
234 if (vma->vm_start > start)
236 if (unlikely(grows & PROT_GROWSUP)) {
239 if (!(vma->vm_flags & VM_GROWSUP))
243 if (start > vma->vm_start)
246 for (nstart = start ; ; ) {
247 unsigned long newflags;
249 /* Here we know that vma->vm_start <= nstart < vma->vm_end. */
251 if (is_vm_hugetlb_page(vma)) {
256 newflags = vm_flags | (vma->vm_flags & ~(VM_READ | VM_WRITE | VM_EXEC));
258 /* newflags >> 4 shift VM_MAY% in place of VM_% */
259 if ((newflags & ~(newflags >> 4)) & (VM_READ | VM_WRITE | VM_EXEC)) {
264 error = security_file_mprotect(vma, reqprot, prot);
271 error = mprotect_fixup(vma, &prev, nstart, tmp, newflags);
276 if (nstart < prev->vm_end)
277 nstart = prev->vm_end;
282 if (!vma || vma->vm_start != nstart) {
288 up_write(¤t->mm->mmap_sem);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob