On 07/02/2024 04:45, Chaitanya S Prakash wrote:
From: Chaitanya S Prakash chaitanyas.prakash@arm.com
Reservations are contiguous ranges of virtual addresses that exactly match the bounds of an owning capability. When an owning capability is passed to a syscall, its bounds are first verified against the existing reservation. If the reservation created for the nulll derived capability
s/nulll/null/
Also I'd explicitly say "that would be created", because no reservation is actually created in such a situation.
is found to overlap with any existing reservation, the syscall fails with a -ERESERVATION error code.
According to the spec, the lifetime of reservations is generally undefined. While the reservation is eventually destroyed and the address range is made available, there should be no assumption as to when that will happen. But in the current implementation, the reservation is destroyed as soon as the last mapping is unmapped. Here a test is added to ensure that mmap(owning_cap, ...MAP_FIXED) fails even if the
The mmap() call should fail not "even if" but *because* the reservation has been destroyed. That's why we have to rely on reservations being destroyed synchronously for this test.
Kevin