|
1 /* |
|
2 * mmap support for qemu |
|
3 * |
|
4 * Copyright (c) 2003 - 2008 Fabrice Bellard |
|
5 * |
|
6 * This program is free software; you can redistribute it and/or modify |
|
7 * it under the terms of the GNU General Public License as published by |
|
8 * the Free Software Foundation; either version 2 of the License, or |
|
9 * (at your option) any later version. |
|
10 * |
|
11 * This program is distributed in the hope that it will be useful, |
|
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
14 * GNU General Public License for more details. |
|
15 * |
|
16 * You should have received a copy of the GNU General Public License |
|
17 * along with this program; if not, write to the Free Software |
|
18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
|
19 */ |
|
20 #include <stdlib.h> |
|
21 #include <stdio.h> |
|
22 #include <stdarg.h> |
|
23 #include <string.h> |
|
24 #include <unistd.h> |
|
25 #include <errno.h> |
|
26 #include <sys/mman.h> |
|
27 |
|
28 #include "qemu.h" |
|
29 #include "qemu-common.h" |
|
30 #include "bsd-mman.h" |
|
31 |
|
32 //#define DEBUG_MMAP |
|
33 |
|
34 #if defined(USE_NPTL) |
|
35 pthread_mutex_t mmap_mutex; |
|
36 static int __thread mmap_lock_count; |
|
37 |
|
38 void mmap_lock(void) |
|
39 { |
|
40 if (mmap_lock_count++ == 0) { |
|
41 pthread_mutex_lock(&mmap_mutex); |
|
42 } |
|
43 } |
|
44 |
|
45 void mmap_unlock(void) |
|
46 { |
|
47 if (--mmap_lock_count == 0) { |
|
48 pthread_mutex_unlock(&mmap_mutex); |
|
49 } |
|
50 } |
|
51 |
|
52 /* Grab lock to make sure things are in a consistent state after fork(). */ |
|
53 void mmap_fork_start(void) |
|
54 { |
|
55 if (mmap_lock_count) |
|
56 abort(); |
|
57 pthread_mutex_lock(&mmap_mutex); |
|
58 } |
|
59 |
|
60 void mmap_fork_end(int child) |
|
61 { |
|
62 if (child) |
|
63 pthread_mutex_init(&mmap_mutex, NULL); |
|
64 else |
|
65 pthread_mutex_unlock(&mmap_mutex); |
|
66 } |
|
67 #else |
|
68 /* We aren't threadsafe to start with, so no need to worry about locking. */ |
|
69 void mmap_lock(void) |
|
70 { |
|
71 } |
|
72 |
|
73 void mmap_unlock(void) |
|
74 { |
|
75 } |
|
76 #endif |
|
77 |
|
78 void *qemu_vmalloc(size_t size) |
|
79 { |
|
80 void *p; |
|
81 unsigned long addr; |
|
82 mmap_lock(); |
|
83 /* Use map and mark the pages as used. */ |
|
84 p = mmap(NULL, size, PROT_READ | PROT_WRITE, |
|
85 MAP_PRIVATE | MAP_ANON, -1, 0); |
|
86 |
|
87 addr = (unsigned long)p; |
|
88 if (addr == (target_ulong) addr) { |
|
89 /* Allocated region overlaps guest address space. |
|
90 This may recurse. */ |
|
91 page_set_flags(addr & TARGET_PAGE_MASK, TARGET_PAGE_ALIGN(addr + size), |
|
92 PAGE_RESERVED); |
|
93 } |
|
94 |
|
95 mmap_unlock(); |
|
96 return p; |
|
97 } |
|
98 |
|
99 void *qemu_malloc(size_t size) |
|
100 { |
|
101 char * p; |
|
102 size += 16; |
|
103 p = qemu_vmalloc(size); |
|
104 *(size_t *)p = size; |
|
105 return p + 16; |
|
106 } |
|
107 |
|
108 /* We use map, which is always zero initialized. */ |
|
109 void * qemu_mallocz(size_t size) |
|
110 { |
|
111 return qemu_malloc(size); |
|
112 } |
|
113 |
|
114 void qemu_free(void *ptr) |
|
115 { |
|
116 /* FIXME: We should unmark the reserved pages here. However this gets |
|
117 complicated when one target page spans multiple host pages, so we |
|
118 don't bother. */ |
|
119 size_t *p; |
|
120 p = (size_t *)((char *)ptr - 16); |
|
121 munmap(p, *p); |
|
122 } |
|
123 |
|
124 /* NOTE: all the constants are the HOST ones, but addresses are target. */ |
|
125 int target_mprotect(abi_ulong start, abi_ulong len, int prot) |
|
126 { |
|
127 abi_ulong end, host_start, host_end, addr; |
|
128 int prot1, ret; |
|
129 |
|
130 #ifdef DEBUG_MMAP |
|
131 printf("mprotect: start=0x" TARGET_FMT_lx |
|
132 " len=0x" TARGET_FMT_lx " prot=%c%c%c\n", start, len, |
|
133 prot & PROT_READ ? 'r' : '-', |
|
134 prot & PROT_WRITE ? 'w' : '-', |
|
135 prot & PROT_EXEC ? 'x' : '-'); |
|
136 #endif |
|
137 |
|
138 if ((start & ~TARGET_PAGE_MASK) != 0) |
|
139 return -EINVAL; |
|
140 len = TARGET_PAGE_ALIGN(len); |
|
141 end = start + len; |
|
142 if (end < start) |
|
143 return -EINVAL; |
|
144 prot &= PROT_READ | PROT_WRITE | PROT_EXEC; |
|
145 if (len == 0) |
|
146 return 0; |
|
147 |
|
148 mmap_lock(); |
|
149 host_start = start & qemu_host_page_mask; |
|
150 host_end = HOST_PAGE_ALIGN(end); |
|
151 if (start > host_start) { |
|
152 /* handle host page containing start */ |
|
153 prot1 = prot; |
|
154 for(addr = host_start; addr < start; addr += TARGET_PAGE_SIZE) { |
|
155 prot1 |= page_get_flags(addr); |
|
156 } |
|
157 if (host_end == host_start + qemu_host_page_size) { |
|
158 for(addr = end; addr < host_end; addr += TARGET_PAGE_SIZE) { |
|
159 prot1 |= page_get_flags(addr); |
|
160 } |
|
161 end = host_end; |
|
162 } |
|
163 ret = mprotect(g2h(host_start), qemu_host_page_size, prot1 & PAGE_BITS); |
|
164 if (ret != 0) |
|
165 goto error; |
|
166 host_start += qemu_host_page_size; |
|
167 } |
|
168 if (end < host_end) { |
|
169 prot1 = prot; |
|
170 for(addr = end; addr < host_end; addr += TARGET_PAGE_SIZE) { |
|
171 prot1 |= page_get_flags(addr); |
|
172 } |
|
173 ret = mprotect(g2h(host_end - qemu_host_page_size), qemu_host_page_size, |
|
174 prot1 & PAGE_BITS); |
|
175 if (ret != 0) |
|
176 goto error; |
|
177 host_end -= qemu_host_page_size; |
|
178 } |
|
179 |
|
180 /* handle the pages in the middle */ |
|
181 if (host_start < host_end) { |
|
182 ret = mprotect(g2h(host_start), host_end - host_start, prot); |
|
183 if (ret != 0) |
|
184 goto error; |
|
185 } |
|
186 page_set_flags(start, start + len, prot | PAGE_VALID); |
|
187 mmap_unlock(); |
|
188 return 0; |
|
189 error: |
|
190 mmap_unlock(); |
|
191 return ret; |
|
192 } |
|
193 |
|
194 /* map an incomplete host page */ |
|
195 static int mmap_frag(abi_ulong real_start, |
|
196 abi_ulong start, abi_ulong end, |
|
197 int prot, int flags, int fd, abi_ulong offset) |
|
198 { |
|
199 abi_ulong real_end, addr; |
|
200 void *host_start; |
|
201 int prot1, prot_new; |
|
202 |
|
203 real_end = real_start + qemu_host_page_size; |
|
204 host_start = g2h(real_start); |
|
205 |
|
206 /* get the protection of the target pages outside the mapping */ |
|
207 prot1 = 0; |
|
208 for(addr = real_start; addr < real_end; addr++) { |
|
209 if (addr < start || addr >= end) |
|
210 prot1 |= page_get_flags(addr); |
|
211 } |
|
212 |
|
213 if (prot1 == 0) { |
|
214 /* no page was there, so we allocate one */ |
|
215 void *p = mmap(host_start, qemu_host_page_size, prot, |
|
216 flags | MAP_ANON, -1, 0); |
|
217 if (p == MAP_FAILED) |
|
218 return -1; |
|
219 prot1 = prot; |
|
220 } |
|
221 prot1 &= PAGE_BITS; |
|
222 |
|
223 prot_new = prot | prot1; |
|
224 if (!(flags & MAP_ANON)) { |
|
225 /* msync() won't work here, so we return an error if write is |
|
226 possible while it is a shared mapping */ |
|
227 if ((flags & TARGET_BSD_MAP_FLAGMASK) == MAP_SHARED && |
|
228 (prot & PROT_WRITE)) |
|
229 return -EINVAL; |
|
230 |
|
231 /* adjust protection to be able to read */ |
|
232 if (!(prot1 & PROT_WRITE)) |
|
233 mprotect(host_start, qemu_host_page_size, prot1 | PROT_WRITE); |
|
234 |
|
235 /* read the corresponding file data */ |
|
236 pread(fd, g2h(start), end - start, offset); |
|
237 |
|
238 /* put final protection */ |
|
239 if (prot_new != (prot1 | PROT_WRITE)) |
|
240 mprotect(host_start, qemu_host_page_size, prot_new); |
|
241 } else { |
|
242 /* just update the protection */ |
|
243 if (prot_new != prot1) { |
|
244 mprotect(host_start, qemu_host_page_size, prot_new); |
|
245 } |
|
246 } |
|
247 return 0; |
|
248 } |
|
249 |
|
250 #if defined(__CYGWIN__) |
|
251 /* Cygwin doesn't have a whole lot of address space. */ |
|
252 static abi_ulong mmap_next_start = 0x18000000; |
|
253 #else |
|
254 static abi_ulong mmap_next_start = 0x40000000; |
|
255 #endif |
|
256 |
|
257 unsigned long last_brk; |
|
258 |
|
259 /* find a free memory area of size 'size'. The search starts at |
|
260 'start'. If 'start' == 0, then a default start address is used. |
|
261 Return -1 if error. |
|
262 */ |
|
263 /* page_init() marks pages used by the host as reserved to be sure not |
|
264 to use them. */ |
|
265 static abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size) |
|
266 { |
|
267 abi_ulong addr, addr1, addr_start; |
|
268 int prot; |
|
269 unsigned long new_brk; |
|
270 |
|
271 new_brk = (unsigned long)sbrk(0); |
|
272 if (last_brk && last_brk < new_brk && last_brk == (target_ulong)last_brk) { |
|
273 /* This is a hack to catch the host allocating memory with brk(). |
|
274 If it uses mmap then we loose. |
|
275 FIXME: We really want to avoid the host allocating memory in |
|
276 the first place, and maybe leave some slack to avoid switching |
|
277 to mmap. */ |
|
278 page_set_flags(last_brk & TARGET_PAGE_MASK, |
|
279 TARGET_PAGE_ALIGN(new_brk), |
|
280 PAGE_RESERVED); |
|
281 } |
|
282 last_brk = new_brk; |
|
283 |
|
284 size = HOST_PAGE_ALIGN(size); |
|
285 start = start & qemu_host_page_mask; |
|
286 addr = start; |
|
287 if (addr == 0) |
|
288 addr = mmap_next_start; |
|
289 addr_start = addr; |
|
290 for(;;) { |
|
291 prot = 0; |
|
292 for(addr1 = addr; addr1 < (addr + size); addr1 += TARGET_PAGE_SIZE) { |
|
293 prot |= page_get_flags(addr1); |
|
294 } |
|
295 if (prot == 0) |
|
296 break; |
|
297 addr += qemu_host_page_size; |
|
298 /* we found nothing */ |
|
299 if (addr == addr_start) |
|
300 return (abi_ulong)-1; |
|
301 } |
|
302 if (start == 0) |
|
303 mmap_next_start = addr + size; |
|
304 return addr; |
|
305 } |
|
306 |
|
307 /* NOTE: all the constants are the HOST ones */ |
|
308 abi_long target_mmap(abi_ulong start, abi_ulong len, int prot, |
|
309 int flags, int fd, abi_ulong offset) |
|
310 { |
|
311 abi_ulong ret, end, real_start, real_end, retaddr, host_offset, host_len; |
|
312 unsigned long host_start; |
|
313 |
|
314 mmap_lock(); |
|
315 #ifdef DEBUG_MMAP |
|
316 { |
|
317 printf("mmap: start=0x" TARGET_FMT_lx |
|
318 " len=0x" TARGET_FMT_lx " prot=%c%c%c flags=", |
|
319 start, len, |
|
320 prot & PROT_READ ? 'r' : '-', |
|
321 prot & PROT_WRITE ? 'w' : '-', |
|
322 prot & PROT_EXEC ? 'x' : '-'); |
|
323 if (flags & MAP_FIXED) |
|
324 printf("MAP_FIXED "); |
|
325 if (flags & MAP_ANON) |
|
326 printf("MAP_ANON "); |
|
327 switch(flags & TARGET_BSD_MAP_FLAGMASK) { |
|
328 case MAP_PRIVATE: |
|
329 printf("MAP_PRIVATE "); |
|
330 break; |
|
331 case MAP_SHARED: |
|
332 printf("MAP_SHARED "); |
|
333 break; |
|
334 default: |
|
335 printf("[MAP_FLAGMASK=0x%x] ", flags & TARGET_BSD_MAP_FLAGMASK); |
|
336 break; |
|
337 } |
|
338 printf("fd=%d offset=" TARGET_FMT_lx "\n", fd, offset); |
|
339 } |
|
340 #endif |
|
341 |
|
342 if (offset & ~TARGET_PAGE_MASK) { |
|
343 errno = EINVAL; |
|
344 goto fail; |
|
345 } |
|
346 |
|
347 len = TARGET_PAGE_ALIGN(len); |
|
348 if (len == 0) |
|
349 goto the_end; |
|
350 real_start = start & qemu_host_page_mask; |
|
351 |
|
352 if (!(flags & MAP_FIXED)) { |
|
353 abi_ulong mmap_start; |
|
354 void *p; |
|
355 host_offset = offset & qemu_host_page_mask; |
|
356 host_len = len + offset - host_offset; |
|
357 host_len = HOST_PAGE_ALIGN(host_len); |
|
358 mmap_start = mmap_find_vma(real_start, host_len); |
|
359 if (mmap_start == (abi_ulong)-1) { |
|
360 errno = ENOMEM; |
|
361 goto fail; |
|
362 } |
|
363 /* Note: we prefer to control the mapping address. It is |
|
364 especially important if qemu_host_page_size > |
|
365 qemu_real_host_page_size */ |
|
366 p = mmap(g2h(mmap_start), |
|
367 host_len, prot, flags | MAP_FIXED, fd, host_offset); |
|
368 if (p == MAP_FAILED) |
|
369 goto fail; |
|
370 /* update start so that it points to the file position at 'offset' */ |
|
371 host_start = (unsigned long)p; |
|
372 if (!(flags & MAP_ANON)) |
|
373 host_start += offset - host_offset; |
|
374 start = h2g(host_start); |
|
375 } else { |
|
376 int flg; |
|
377 target_ulong addr; |
|
378 |
|
379 if (start & ~TARGET_PAGE_MASK) { |
|
380 errno = EINVAL; |
|
381 goto fail; |
|
382 } |
|
383 end = start + len; |
|
384 real_end = HOST_PAGE_ALIGN(end); |
|
385 |
|
386 for(addr = real_start; addr < real_end; addr += TARGET_PAGE_SIZE) { |
|
387 flg = page_get_flags(addr); |
|
388 if (flg & PAGE_RESERVED) { |
|
389 errno = ENXIO; |
|
390 goto fail; |
|
391 } |
|
392 } |
|
393 |
|
394 /* worst case: we cannot map the file because the offset is not |
|
395 aligned, so we read it */ |
|
396 if (!(flags & MAP_ANON) && |
|
397 (offset & ~qemu_host_page_mask) != (start & ~qemu_host_page_mask)) { |
|
398 /* msync() won't work here, so we return an error if write is |
|
399 possible while it is a shared mapping */ |
|
400 if ((flags & TARGET_BSD_MAP_FLAGMASK) == MAP_SHARED && |
|
401 (prot & PROT_WRITE)) { |
|
402 errno = EINVAL; |
|
403 goto fail; |
|
404 } |
|
405 retaddr = target_mmap(start, len, prot | PROT_WRITE, |
|
406 MAP_FIXED | MAP_PRIVATE | MAP_ANON, |
|
407 -1, 0); |
|
408 if (retaddr == -1) |
|
409 goto fail; |
|
410 pread(fd, g2h(start), len, offset); |
|
411 if (!(prot & PROT_WRITE)) { |
|
412 ret = target_mprotect(start, len, prot); |
|
413 if (ret != 0) { |
|
414 start = ret; |
|
415 goto the_end; |
|
416 } |
|
417 } |
|
418 goto the_end; |
|
419 } |
|
420 |
|
421 /* handle the start of the mapping */ |
|
422 if (start > real_start) { |
|
423 if (real_end == real_start + qemu_host_page_size) { |
|
424 /* one single host page */ |
|
425 ret = mmap_frag(real_start, start, end, |
|
426 prot, flags, fd, offset); |
|
427 if (ret == -1) |
|
428 goto fail; |
|
429 goto the_end1; |
|
430 } |
|
431 ret = mmap_frag(real_start, start, real_start + qemu_host_page_size, |
|
432 prot, flags, fd, offset); |
|
433 if (ret == -1) |
|
434 goto fail; |
|
435 real_start += qemu_host_page_size; |
|
436 } |
|
437 /* handle the end of the mapping */ |
|
438 if (end < real_end) { |
|
439 ret = mmap_frag(real_end - qemu_host_page_size, |
|
440 real_end - qemu_host_page_size, real_end, |
|
441 prot, flags, fd, |
|
442 offset + real_end - qemu_host_page_size - start); |
|
443 if (ret == -1) |
|
444 goto fail; |
|
445 real_end -= qemu_host_page_size; |
|
446 } |
|
447 |
|
448 /* map the middle (easier) */ |
|
449 if (real_start < real_end) { |
|
450 void *p; |
|
451 unsigned long offset1; |
|
452 if (flags & MAP_ANON) |
|
453 offset1 = 0; |
|
454 else |
|
455 offset1 = offset + real_start - start; |
|
456 p = mmap(g2h(real_start), real_end - real_start, |
|
457 prot, flags, fd, offset1); |
|
458 if (p == MAP_FAILED) |
|
459 goto fail; |
|
460 } |
|
461 } |
|
462 the_end1: |
|
463 page_set_flags(start, start + len, prot | PAGE_VALID); |
|
464 the_end: |
|
465 #ifdef DEBUG_MMAP |
|
466 printf("ret=0x" TARGET_FMT_lx "\n", start); |
|
467 page_dump(stdout); |
|
468 printf("\n"); |
|
469 #endif |
|
470 mmap_unlock(); |
|
471 return start; |
|
472 fail: |
|
473 mmap_unlock(); |
|
474 return -1; |
|
475 } |
|
476 |
|
477 int target_munmap(abi_ulong start, abi_ulong len) |
|
478 { |
|
479 abi_ulong end, real_start, real_end, addr; |
|
480 int prot, ret; |
|
481 |
|
482 #ifdef DEBUG_MMAP |
|
483 printf("munmap: start=0x%lx len=0x%lx\n", start, len); |
|
484 #endif |
|
485 if (start & ~TARGET_PAGE_MASK) |
|
486 return -EINVAL; |
|
487 len = TARGET_PAGE_ALIGN(len); |
|
488 if (len == 0) |
|
489 return -EINVAL; |
|
490 mmap_lock(); |
|
491 end = start + len; |
|
492 real_start = start & qemu_host_page_mask; |
|
493 real_end = HOST_PAGE_ALIGN(end); |
|
494 |
|
495 if (start > real_start) { |
|
496 /* handle host page containing start */ |
|
497 prot = 0; |
|
498 for(addr = real_start; addr < start; addr += TARGET_PAGE_SIZE) { |
|
499 prot |= page_get_flags(addr); |
|
500 } |
|
501 if (real_end == real_start + qemu_host_page_size) { |
|
502 for(addr = end; addr < real_end; addr += TARGET_PAGE_SIZE) { |
|
503 prot |= page_get_flags(addr); |
|
504 } |
|
505 end = real_end; |
|
506 } |
|
507 if (prot != 0) |
|
508 real_start += qemu_host_page_size; |
|
509 } |
|
510 if (end < real_end) { |
|
511 prot = 0; |
|
512 for(addr = end; addr < real_end; addr += TARGET_PAGE_SIZE) { |
|
513 prot |= page_get_flags(addr); |
|
514 } |
|
515 if (prot != 0) |
|
516 real_end -= qemu_host_page_size; |
|
517 } |
|
518 |
|
519 ret = 0; |
|
520 /* unmap what we can */ |
|
521 if (real_start < real_end) { |
|
522 ret = munmap(g2h(real_start), real_end - real_start); |
|
523 } |
|
524 |
|
525 if (ret == 0) |
|
526 page_set_flags(start, start + len, 0); |
|
527 mmap_unlock(); |
|
528 return ret; |
|
529 } |
|
530 |
|
531 int target_msync(abi_ulong start, abi_ulong len, int flags) |
|
532 { |
|
533 abi_ulong end; |
|
534 |
|
535 if (start & ~TARGET_PAGE_MASK) |
|
536 return -EINVAL; |
|
537 len = TARGET_PAGE_ALIGN(len); |
|
538 end = start + len; |
|
539 if (end < start) |
|
540 return -EINVAL; |
|
541 if (end == start) |
|
542 return 0; |
|
543 |
|
544 start &= qemu_host_page_mask; |
|
545 return msync(g2h(start), end - start, flags); |
|
546 } |