1 | /* |
2 | * Copyright (c) 2000-2021 Apple Computer, Inc. All rights reserved. |
3 | * |
4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ |
5 | * |
6 | * This file contains Original Code and/or Modifications of Original Code |
7 | * as defined in and that are subject to the Apple Public Source License |
8 | * Version 2.0 (the 'License'). You may not use this file except in |
9 | * compliance with the License. The rights granted to you under the License |
10 | * may not be used to create, or enable the creation or redistribution of, |
11 | * unlawful or unlicensed copies of an Apple operating system, or to |
12 | * circumvent, violate, or enable the circumvention or violation of, any |
13 | * terms of an Apple operating system software license agreement. |
14 | * |
15 | * Please obtain a copy of the License at |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. |
17 | * |
18 | * The Original Code and all software distributed under the License are |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
23 | * Please see the License for the specific language governing rights and |
24 | * limitations under the License. |
25 | * |
26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ |
27 | */ |
28 | /* |
29 | * @OSF_COPYRIGHT@ |
30 | */ |
31 | /* |
32 | * Mach Operating System |
33 | * Copyright (c) 1991,1990,1989,1988,1987 Carnegie Mellon University |
34 | * All Rights Reserved. |
35 | * |
36 | * Permission to use, copy, modify and distribute this software and its |
37 | * documentation is hereby granted, provided that both the copyright |
38 | * notice and this permission notice appear in all copies of the |
39 | * software, derivative works or modified versions, and any portions |
40 | * thereof, and that both notices appear in supporting documentation. |
41 | * |
42 | * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" |
43 | * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR |
44 | * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. |
45 | * |
46 | * Carnegie Mellon requests users of this software to return to |
47 | * |
48 | * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU |
49 | * School of Computer Science |
50 | * Carnegie Mellon University |
51 | * Pittsburgh PA 15213-3890 |
52 | * |
53 | * any improvements or extensions that they make and grant Carnegie Mellon |
54 | * the rights to redistribute these changes. |
55 | */ |
56 | /* |
57 | */ |
58 | /* |
59 | * File: mach/vm_prot.h |
60 | * Author: Avadis Tevanian, Jr., Michael Wayne Young |
61 | * |
62 | * Virtual memory protection definitions. |
63 | * |
64 | */ |
65 | |
66 | #ifndef _MACH_VM_PROT_H_ |
67 | #define _MACH_VM_PROT_H_ |
68 | |
69 | /* |
70 | * Types defined: |
71 | * |
72 | * vm_prot_t VM protection values. |
73 | */ |
74 | |
75 | typedef int vm_prot_t; |
76 | |
77 | /* |
78 | * Protection values, defined as bits within the vm_prot_t type |
79 | */ |
80 | |
81 | #define VM_PROT_NONE ((vm_prot_t) 0x00) |
82 | |
83 | #define VM_PROT_READ ((vm_prot_t) 0x01) /* read permission */ |
84 | #define VM_PROT_WRITE ((vm_prot_t) 0x02) /* write permission */ |
85 | #define VM_PROT_EXECUTE ((vm_prot_t) 0x04) /* execute permission */ |
86 | |
87 | /* |
88 | * The default protection for newly-created virtual memory |
89 | */ |
90 | |
91 | #define VM_PROT_DEFAULT (VM_PROT_READ|VM_PROT_WRITE) |
92 | |
93 | /* |
94 | * The maximum privileges possible, for parameter checking. |
95 | */ |
96 | |
97 | #define VM_PROT_ALL (VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE) |
98 | |
99 | /* |
100 | * This is an alias to VM_PROT_EXECUTE to identify callers that |
101 | * want to allocate an hardware assisted Read-only/read-write |
102 | * trusted path in userland. |
103 | */ |
104 | #define VM_PROT_RORW_TP (VM_PROT_EXECUTE) |
105 | |
106 | /* |
107 | * An invalid protection value. |
108 | * Used only by memory_object_lock_request to indicate no change |
109 | * to page locks. Using -1 here is a bad idea because it |
110 | * looks like VM_PROT_ALL and then some. |
111 | */ |
112 | |
113 | #define VM_PROT_NO_CHANGE_LEGACY ((vm_prot_t) 0x08) |
114 | #define VM_PROT_NO_CHANGE ((vm_prot_t) 0x01000000) |
115 | |
116 | /* |
117 | * When a caller finds that he cannot obtain write permission on a |
118 | * mapped entry, the following flag can be used. The entry will |
119 | * be made "needs copy" effectively copying the object (using COW), |
120 | * and write permission will be added to the maximum protections |
121 | * for the associated entry. |
122 | */ |
123 | |
124 | #define VM_PROT_COPY ((vm_prot_t) 0x10) |
125 | |
126 | |
127 | /* |
128 | * Another invalid protection value. |
129 | * Used only by memory_object_data_request upon an object |
130 | * which has specified a copy_call copy strategy. It is used |
131 | * when the kernel wants a page belonging to a copy of the |
132 | * object, and is only asking the object as a result of |
133 | * following a shadow chain. This solves the race between pages |
134 | * being pushed up by the memory manager and the kernel |
135 | * walking down the shadow chain. |
136 | */ |
137 | |
138 | #define VM_PROT_WANTS_COPY ((vm_prot_t) 0x10) |
139 | |
140 | #ifdef PRIVATE |
141 | /* |
142 | * The caller wants this memory region treated as if it had a valid |
143 | * code signature. |
144 | */ |
145 | |
146 | #define VM_PROT_TRUSTED ((vm_prot_t) 0x20) |
147 | #endif /* PRIVATE */ |
148 | |
149 | /* |
150 | * Another invalid protection value. |
151 | * Indicates that the other protection bits are to be applied as a mask |
152 | * against the actual protection bits of the map entry. |
153 | */ |
154 | #define VM_PROT_IS_MASK ((vm_prot_t) 0x40) |
155 | |
156 | /* |
157 | * Another invalid protection value to support execute-only protection. |
158 | * VM_PROT_STRIP_READ is a special marker that tells mprotect to not |
159 | * set VM_PROT_READ. We have to do it this way because existing code |
160 | * expects the system to set VM_PROT_READ if VM_PROT_EXECUTE is set. |
161 | * VM_PROT_EXECUTE_ONLY is just a convenience value to indicate that |
162 | * the memory should be executable and explicitly not readable. It will |
163 | * be ignored on platforms that do not support this type of protection. |
164 | */ |
165 | #define VM_PROT_STRIP_READ ((vm_prot_t) 0x80) |
166 | #define VM_PROT_EXECUTE_ONLY (VM_PROT_EXECUTE|VM_PROT_STRIP_READ) |
167 | |
168 | #ifdef PRIVATE |
169 | /* |
170 | * When using VM_PROT_COPY, fail instead of copying an executable mapping, |
171 | * since that could cause code-signing violations. |
172 | */ |
173 | #define VM_PROT_COPY_FAIL_IF_EXECUTABLE ((vm_prot_t)0x100) |
174 | #endif /* PRIVATE */ |
175 | |
176 | /* |
177 | * Another invalid protection value to support pager TPRO protection. |
178 | * VM_PROT_TPRO is a special marker that tells the a pager to |
179 | * set TPRO flags on a given entry. We do it this way to prevent |
180 | * bloating the pager structures and it allows dyld to pass through |
181 | * this flag in lieue of specifying explicit VM flags, allowing us to handle |
182 | * the final permissions internally. |
183 | */ |
184 | #define VM_PROT_TPRO ((vm_prot_t) 0x200) |
185 | |
186 | #if defined(__x86_64__) |
187 | /* |
188 | * Another invalid protection value to support specifying different |
189 | * execute permissions for user- and supervisor- modes. When |
190 | * MBE is enabled in a VM, VM_PROT_EXECUTE is used to indicate |
191 | * supervisor-mode execute permission, and VM_PROT_UEXEC specifies |
192 | * user-mode execute permission. Currently only used by the |
193 | * x86 Hypervisor kext. |
194 | */ |
195 | #define VM_PROT_UEXEC ((vm_prot_t) 0x8) /* User-mode Execute Permission */ |
196 | |
197 | #define VM_PROT_ALLEXEC (VM_PROT_EXECUTE | VM_PROT_UEXEC) |
198 | #else |
199 | #define VM_PROT_ALLEXEC (VM_PROT_EXECUTE) |
200 | #endif /* defined(__x86_64__) */ |
201 | |
202 | |
203 | #endif /* _MACH_VM_PROT_H_ */ |
204 | |