Loading...
bsd/dev/memdev.c xnu-12377.121.6 xnu-6153.41.3
--- xnu/xnu-12377.121.6/bsd/dev/memdev.c
+++ xnu/xnu-6153.41.3/bsd/dev/memdev.c
@@ -92,7 +92,7 @@
 #include <libkern/libkern.h>
 
 #include <vm/pmap.h>
-#include <vm/vm_pager_xnu.h>
+#include <vm/vm_pager.h>
 #include <mach/memory_object_types.h>
 #include <kern/debug.h>
 
@@ -130,7 +130,7 @@
  *	D_CANFREE	We support B_FREEBUF
  */
 
-static const struct bdevsw mdevbdevsw = {
+static struct bdevsw mdevbdevsw = {
 	.d_open     = mdevopen,
 	.d_close    = mdevclose,
 	.d_strategy = mdevstrategy,
@@ -140,7 +140,7 @@
 	.d_type     = D_DISK,
 };
 
-static const struct cdevsw mdevcdevsw = {
+static struct cdevsw mdevcdevsw = {
 	.d_open       = mdevopen,
 	.d_close      = mdevclose,
 	.d_read       = mdevrw,
@@ -158,8 +158,8 @@
 };
 
 struct mdev {
-	uint64_t        mdBase;         /* base page number (pages are assumed to be 4K). Multiply by 4096 to find actual address */
-	uint32_t        mdSize;         /* size in pages (pages are assumed to be 4K). Multiply by 4096 to find actual size. */
+	uint64_t        mdBase;         /* file size in bytes */
+	uint32_t        mdSize;         /* file size in bytes */
 	int                     mdFlags;        /* flags */
 	int                     mdSecsize;      /* sector size */
 	int                     mdBDev;         /* Block device number */
@@ -196,7 +196,7 @@
 
 	devid = minor(dev);                                                                     /* Get minor device number */
 
-	if (devid >= NB_MAX_MDEVICES || devid < 0) {
+	if (devid >= NB_MAX_MDEVICES) {
 		return ENXIO;                                                                 /* Not valid */
 	}
 	if ((flags & FWRITE) && (mdev[devid].mdFlags & mdRO)) {
@@ -211,26 +211,24 @@
 	int                     status;
 	addr64_t                mdata;
 	int                     devid;
-	enum uio_seg            saveflag;
-	int                     count;
+	enum uio_seg    saveflag;
 
 	devid = minor(dev);                                                                     /* Get minor device number */
 
-	if (devid >= NB_MAX_MDEVICES || devid < 0) {
+	if (devid >= NB_MAX_MDEVICES) {
 		return ENXIO;                                                                 /* Not valid */
 	}
 	if (!(mdev[devid].mdFlags & mdInited)) {
 		return ENXIO;                                 /* Have we actually been defined yet? */
 	}
-	if (uio->uio_offset < 0) {
-		return EINVAL;  /* invalid offset */
-	}
-	if (uio_resid(uio) < 0) {
-		return EINVAL;
-	}
 	mdata = ((addr64_t)mdev[devid].mdBase << 12) + uio->uio_offset; /* Point to the area in "file" */
 
 	saveflag = uio->uio_segflg;                                                     /* Remember what the request is */
+#if LP64_DEBUG
+	if (UIO_IS_USER_SPACE(uio) == 0 && UIO_IS_SYS_SPACE(uio) == 0) {
+		panic("mdevrw - invalid uio_segflg\n");
+	}
+#endif /* LP64_DEBUG */
 	/* Make sure we are moving from physical ram if physical device */
 	if (mdev[devid].mdFlags & mdPhys) {
 		if (uio->uio_segflg == UIO_USERSPACE64) {
@@ -241,14 +239,7 @@
 			uio->uio_segflg = UIO_PHYS_USERSPACE;
 		}
 	}
-
-	if (uio->uio_offset > (mdev[devid].mdSize << 12)) {
-		count = 0;
-	} else {
-		count = imin(uio_resid(uio), (mdev[devid].mdSize << 12) - uio->uio_offset);
-	}
-
-	status = uiomove64(mdata, count, uio);     /* Move the data */
+	status = uiomove64(mdata, uio_resid(uio), uio);         /* Move the data */
 	uio->uio_segflg = saveflag;                                                     /* Restore the flag */
 
 	return status;
@@ -289,14 +280,14 @@
 	}
 
 	if ((blkoff + buf_count(bp)) > (mdev[devid].mdSize << 12)) {            /* Will this read go past end? */
-		buf_setcount(bp, (uint32_t)((mdev[devid].mdSize << 12) - blkoff));  /* Yes, trim to max */
+		buf_setcount(bp, ((mdev[devid].mdSize << 12) - blkoff));        /* Yes, trim to max */
 	}
 	/*
 	 * make sure the buffer's data area is
 	 * accessible
 	 */
 	if (buf_map(bp, (caddr_t *)&vaddr)) {
-		panic("ramstrategy: buf_map failed");
+		panic("ramstrategy: buf_map failed\n");
 	}
 
 	fvaddr = (mdev[devid].mdBase << 12) + blkoff;           /* Point to offset into ram disk */
@@ -313,11 +304,11 @@
 
 				pp = pmap_find_phys(kernel_pmap, (addr64_t)((uintptr_t)vaddr)); /* Get the sink physical address */
 				if (!pp) {                                                               /* Not found, what gives? */
-					panic("mdevstrategy: sink address %016llX not mapped", (addr64_t)((uintptr_t)vaddr));
+					panic("mdevstrategy: sink address %016llX not mapped\n", (addr64_t)((uintptr_t)vaddr));
 				}
 				paddr = (addr64_t)(((addr64_t)pp << 12) | (addr64_t)(vaddr & 4095));    /* Get actual address */
 				bcopy_phys(fvaddr, paddr, csize);               /* Copy this on in */
-				mapping_set_mod((ppnum_t)(paddr >> 12));        /* Make sure we know that it is modified */
+				mapping_set_mod(paddr >> 12);                   /* Make sure we know that it is modified */
 
 				left = left - csize;                                    /* Calculate what is left */
 				vaddr = vaddr + csize;                                  /* Move to next sink address */
@@ -336,7 +327,7 @@
 
 				pp = pmap_find_phys(kernel_pmap, (addr64_t)((uintptr_t)vaddr)); /* Get the source physical address */
 				if (!pp) {                                                               /* Not found, what gives? */
-					panic("mdevstrategy: source address %016llX not mapped", (addr64_t)((uintptr_t)vaddr));
+					panic("mdevstrategy: source address %016llX not mapped\n", (addr64_t)((uintptr_t)vaddr));
 				}
 				paddr = (addr64_t)(((addr64_t)pp << 12) | (addr64_t)(vaddr & 4095));    /* Get actual address */
 
@@ -384,7 +375,7 @@
 
 	devid = minor(dev);                                                                     /* Get minor device number */
 
-	if (devid >= NB_MAX_MDEVICES || devid < 0) {
+	if (devid >= NB_MAX_MDEVICES) {
 		return ENXIO;                                                                 /* Not valid */
 	}
 	error = proc_suser(p);                  /* Are we superman? */
@@ -450,7 +441,7 @@
 		}
 		memdev_info->mi_mdev = TRUE;
 		memdev_info->mi_phys = (mdev[devid].mdFlags & mdPhys) ? TRUE : FALSE;
-		memdev_info->mi_base = (uint32_t)mdev[devid].mdBase;
+		memdev_info->mi_base = mdev[devid].mdBase;
 		memdev_info->mi_size = mdev[devid].mdSize;
 		break;
 
@@ -468,7 +459,7 @@
 	int devid;
 
 	devid = minor(dev);                                                                     /* Get minor device number */
-	if (devid >= NB_MAX_MDEVICES || devid < 0) {
+	if (devid >= NB_MAX_MDEVICES) {
 		return ENXIO;                                                                 /* Not valid */
 	}
 	if ((mdev[devid].mdFlags & mdInited) == 0) {
@@ -646,18 +637,18 @@
 				continue;                                                               /* Skip check */
 			}
 			if (!(((base + size - 1) < mdev[i].mdBase) || ((mdev[i].mdBase + mdev[i].mdSize - 1) < base))) { /* Is there any overlap? */
-				panic("mdevadd: attempt to add overlapping memory device at %016llX-%016llX", mdev[i].mdBase, mdev[i].mdBase + mdev[i].mdSize - 1);
+				panic("mdevadd: attempt to add overlapping memory device at %016llX-%016llX\n", mdev[i].mdBase, mdev[i].mdBase + mdev[i].mdSize - 1);
 			}
 		}
 		if (devid < 0) {                                                                 /* Do we have free slots? */
-			panic("mdevadd: attempt to add more than %d memory devices", NB_MAX_MDEVICES);
+			panic("mdevadd: attempt to add more than %d memory devices\n", NB_MAX_MDEVICES);
 		}
 	} else {
 		if (devid >= NB_MAX_MDEVICES) {                                                          /* Giving us something bogus? */
-			panic("mdevadd: attempt to explicitly add a bogus memory device: %08X", devid);
+			panic("mdevadd: attempt to explicitly add a bogus memory device: %08X\n", devid);
 		}
 		if (mdev[devid].mdFlags & mdInited) {                    /* Already there? */
-			panic("mdevadd: attempt to explicitly add a previously defined memory device: %08X", devid);
+			panic("mdevadd: attempt to explicitly add a previously defined memory device: %08X\n", devid);
 		}
 	}