Changeset 23610 in vbox

Timestamp:

Oct 7, 2009 9:22:10 PM (16 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

53284

Message:

IPRT,VMM,SUPDrv,VBGLR0: Added a parameter to RTR0MemObjLockUser/Kernel that indicates read/write intent so we can correctly lock readonly memory on Windows and OS/2. (Guest property strings, see #4238.)

Location:

trunk

Files:

• include/iprt/memobj.h (modified) (3 diffs)
• src/VBox/Additions/common/VBoxGuestLib/HGCMInternal.cpp (modified) (17 diffs)
• src/VBox/Additions/common/VBoxGuestLib/SysHlp.cpp (modified) (1 diff)
• src/VBox/HostDrivers/Support/SUPDrv.c (modified) (2 diffs)
• src/VBox/HostDrivers/Support/SUPDrvIOC.h (modified) (1 diff)
• src/VBox/HostDrivers/Support/SUPLib.cpp (modified) (3 diffs)
• src/VBox/HostDrivers/Support/win/SUPDrvA-win.asm (modified) (1 diff)
• src/VBox/Runtime/include/internal/memobj.h (modified) (2 diffs)
• src/VBox/Runtime/r0drv/darwin/memobj-r0drv-darwin.cpp (modified) (2 diffs)
• src/VBox/Runtime/r0drv/freebsd/memobj-r0drv-freebsd.c (modified) (2 diffs)
• src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c (modified) (4 diffs)
• src/VBox/Runtime/r0drv/memobj-r0drv.cpp (modified) (5 diffs)
• src/VBox/Runtime/r0drv/nt/memobj-r0drv-nt.cpp (modified) (4 diffs)
• src/VBox/Runtime/r0drv/os2/memobj-r0drv-os2.cpp (modified) (4 diffs)
• src/VBox/Runtime/r0drv/solaris/memobj-r0drv-solaris.c (modified) (2 diffs)
• src/VBox/Runtime/r0drv/solaris/vbi/memobj-r0drv-solaris.c (modified) (2 diffs)
• src/VBox/VMM/VMMR0/GMMR0.cpp (modified) (1 diff)

trunk/include/iprt/memobj.h

@@ -146 +146 @@
  * @returns IPRT status code.
  * @param   pMemObj         Where to store the ring-0 memory object handle.
- * @param   R3Ptr           User virtual address. This is rounded down to a page boundrary.
- * @param   cb              Number of bytes to lock. This is rounded up to nearest page boundrary.
- * @param   R0Process       The process to lock pages in. NIL_R0PROCESS is an alias for the current one.
- *
- * @remarks RTR0MemGetAddressR3() and RTR0MemGetAddress() will return the rounded
+ * @param   R3Ptr           User virtual address. This is rounded down to a page
+ *                          boundrary.
+ * @param   cb              Number of bytes to lock. This is rounded up to
+ *                          nearest page boundrary.
+ * @param   fAccess         The desired access, a combination of RTMEM_PROT_READ
+ *                          and RTMEM_PROT_WRITE.
+ * @param   R0Process       The process to lock pages in. NIL_R0PROCESS is an
+ *                          alias for the current one.
+ *
+ * @remarks RTR0MemGetAddressR3() and RTR0MemGetAddress() will return therounded
  *          down address.
+ *
  * @remarks Linux: This API requires that the memory begin locked is in a memory
  *          mapping that is not required in any forked off child process. This
@@ -157 +163 @@
  *          lifting it.
  */
-RTR0DECL(int) RTR0MemObjLockUser(PRTR0MEMOBJ pMemObj, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process);
+RTR0DECL(int) RTR0MemObjLockUser(PRTR0MEMOBJ pMemObj, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process);
 
 /**
@@ -166 +172 @@
  * @param   pv              Kernel virtual address. This is rounded down to a page boundrary.
  * @param   cb              Number of bytes to lock. This is rounded up to nearest page boundrary.
+ * @param   fAccess         The desired access, a combination of RTMEM_PROT_READ
+ *                          and RTMEM_PROT_WRITE.
  *
  * @remark  RTR0MemGetAddress() will return the rounded down address.
  */
-RTR0DECL(int) RTR0MemObjLockKernel(PRTR0MEMOBJ pMemObj, void *pv, size_t cb);
+RTR0DECL(int) RTR0MemObjLockKernel(PRTR0MEMOBJ pMemObj, void *pv, size_t cb, uint32_t fAccess);
 
 /**

trunk/src/VBox/Additions/common/VBoxGuestLib/HGCMInternal.cpp

@@ -47 +47 @@
 /** Linux needs to use bounce buffers since RTR0MemObjLockUser has unwanted
  *  side effects. */
-# define USE_BOUNCH_BUFFERS
+# define USE_BOUNCE_BUFFERS
 #endif
 
@@ -64 +64 @@
         uint32_t    iParm;
         RTR0MEMOBJ  hObj;
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
         void       *pvSmallBuf;
 #endif
@@ -274 +274 @@
                 if (cb != 0)
                 {
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
                     void       *pvSmallBuf = NULL;
 #endif
@@ -280 +280 @@
                     RTR0MEMOBJ  hObj;
                     int         rc;
+                    uint32_t    fAccess =    pSrcParm->type == VMMDevHGCMParmType_LinAddr_In
+                                          || pSrcParm->type == VMMDevHGCMParmType_LinAddr_Locked_In
+                                        ? RTMEM_PROT_READ
+                                        : RTMEM_PROT_READ | RTMEM_PROT_WRITE;
 
                     AssertReturn(iLockBuf < RT_ELEMENTS(pParmInfo->aLockBufs), VERR_INVALID_PARAMETER);
@@ -286 +290 @@
                         AssertMsgReturn(cb <= VBGLR0_MAX_HGCM_KERNEL_PARM, ("%#x > %#x\n", cb, VBGLR0_MAX_HGCM_KERNEL_PARM),
                                         VERR_OUT_OF_RANGE);
-                        rc = RTR0MemObjLockKernel(&hObj, (void *)pSrcParm->u.Pointer.u.linearAddr, cb);
+                        rc = RTR0MemObjLockKernel(&hObj, (void *)pSrcParm->u.Pointer.u.linearAddr, cb, fAccess);
                         if (RT_FAILURE(rc))
                         {
@@ -306 +310 @@
                         }
 
-#ifndef USE_BOUNCH_BUFFERS
-                        rc = RTR0MemObjLockUser(&hObj, (RTR3PTR)pSrcParm->u.Pointer.u.linearAddr, cb, NIL_RTR0PROCESS);
+#ifndef USE_BOUNCE_BUFFERS
+                        rc = RTR0MemObjLockUser(&hObj, (RTR3PTR)pSrcParm->u.Pointer.u.linearAddr, cb, fAccess, NIL_RTR0PROCESS);
                         if (RT_FAILURE(rc))
                         {
@@ -317 +321 @@
                               iParm, pSrcParm->type, cb, pSrcParm->u.Pointer.u.linearAddr, hObj));
 
-#else  /* USE_BOUNCH_BUFFERS */
+#else  /* USE_BOUNCE_BUFFERS */
                         /*
                          * This is a bit massive, but we don't want to waste a
@@ -347 +351 @@
                                 }
                             }
-                            rc = RTR0MemObjLockKernel(&hObj, pvSmallBuf, cb);
+                            rc = RTR0MemObjLockKernel(&hObj, pvSmallBuf, cb, fAccess);
                             if (RT_FAILURE(rc))
                             {
@@ -380 +384 @@
                                   iParm, pSrcParm->type, cb, pSrcParm->u.Pointer.u.linearAddr, hObj));
                         }
-#endif /* USE_BOUNCH_BUFFERS */
+#endif /* USE_BOUNCE_BUFFERS */
                     }
 
                     pParmInfo->aLockBufs[iLockBuf].iParm      = iParm;
                     pParmInfo->aLockBufs[iLockBuf].hObj       = hObj;
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
                     pParmInfo->aLockBufs[iLockBuf].pvSmallBuf = pvSmallBuf;
 #endif
@@ -541 +545 @@
                 if (pSrcParm->u.Pointer.size != 0)
                 {
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
                     void      *pvSmallBuf = pParmInfo->aLockBufs[iLockBuf].pvSmallBuf;
 #endif
@@ -557 +561 @@
                         pDstParm->u.PageList.offset = offExtra;
                         pDstPgLst->flags            = vbglR0HGCMInternalLinAddrTypeToPageListFlags(pSrcParm->type);
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
                         if (fIsUser)
                             pDstPgLst->offFirstPage = (uintptr_t)pvSmallBuf & PAGE_OFFSET_MASK;
@@ -576 +580 @@
                         pDstParm->type = vbglR0HGCMInternalConvertLinAddrType(pSrcParm->type);
                         pDstParm->u.Pointer.size = pSrcParm->u.Pointer.size;
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
                         if (fIsUser)
                             pDstParm->u.Pointer.u.linearAddr = pvSmallBuf
@@ -749 +753 @@
     HGCMFunctionParameter       *pDstParm = VBOXGUEST_HGCM_CALL_PARMS(pCallInfo);
     uint32_t    cParms   = pCallInfo->cParms;
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
     uint32_t    iLockBuf = 0;
 #endif
@@ -777 +781 @@
             case VMMDevHGCMParmType_LinAddr_Locked_In:
             case VMMDevHGCMParmType_LinAddr_In:
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
                 if (    fIsUser
                     &&  iLockBuf < pParmInfo->cLockBufs
@@ -798 +802 @@
             case VMMDevHGCMParmType_LinAddr:
             {
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
                 if (fIsUser)
                 {
@@ -830 +834 @@
     }
 
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
     Assert(!fIsUser || pParmInfo->cLockBufs == iLockBuf);
 #endif
@@ -904 +908 @@
         {
             RTR0MemObjFree(ParmInfo.aLockBufs[ParmInfo.cLockBufs].hObj, false /*fFreeMappings*/);
-#ifdef USE_BOUNCH_BUFFERS
+#ifdef USE_BOUNCE_BUFFERS
             RTMemTmpFree(ParmInfo.aLockBufs[ParmInfo.cLockBufs].pvSmallBuf);
 #endif

trunk/src/VBox/Additions/common/VBoxGuestLib/SysHlp.cpp

@@ -100 +100 @@
      *       know they aren't pagable.
      */
-    RTR0MEMOBJ MemObj = NIL_RTR0MEMOBJ;
+    RTR0MEMOBJ  MemObj = NIL_RTR0MEMOBJ;
+    uint32_t    fAccess = RTMEM_PROT_READ | (fWriteAccess ? RTMEM_PROT_WRITE : 0);
     if ((fFlags & VBGLR0_HGCMCALL_F_MODE_MASK) == VBGLR0_HGCMCALL_F_USER)
-        rc = RTR0MemObjLockUser(&MemObj, (RTR3PTR)pv, u32Size, NIL_RTR0PROCESS);
+        rc = RTR0MemObjLockUser(&MemObj, (RTR3PTR)pv, u32Size, fAccess, NIL_RTR0PROCESS);
     else
-        rc = RTR0MemObjLockKernel(&MemObj, pv, u32Size);
+        rc = RTR0MemObjLockKernel(&MemObj, pv, u32Size, fAccess);
     if (RT_SUCCESS(rc))
         *ppvCtx = MemObj;

trunk/src/VBox/HostDrivers/Support/SUPDrv.c

@@ -203 +203 @@
 DECLASM(int)    UNWIND_WRAP(RTR0MemObjAllocCont)(PRTR0MEMOBJ pMemObj, size_t cb, bool fExecutable);
 DECLASM(int)    UNWIND_WRAP(RTR0MemObjEnterPhys)(PRTR0MEMOBJ pMemObj, RTHCPHYS Phys, size_t cb);
-DECLASM(int)    UNWIND_WRAP(RTR0MemObjLockUser)(PRTR0MEMOBJ pMemObj, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process);
+DECLASM(int)    UNWIND_WRAP(RTR0MemObjLockUser)(PRTR0MEMOBJ pMemObj, RTR3PTR R3Ptr, size_t cb, uint32_t fFlags, RTR0PROCESS R0Process);
 DECLASM(int)    UNWIND_WRAP(RTR0MemObjMapKernel)(PRTR0MEMOBJ pMemObj, RTR0MEMOBJ MemObjToMap, void *pvFixed, size_t uAlignment, unsigned fProt);
 DECLASM(int)    UNWIND_WRAP(RTR0MemObjMapKernelEx)(PRTR0MEMOBJ pMemObj, RTR0MEMOBJ MemObjToMap, void *pvFixed, size_t uAlignment, unsigned fProt, size_t offSub, size_t cbSub);
@@ -2321 +2321 @@
      */
     Mem.eType = MEMREF_TYPE_LOCKED;
-    rc = RTR0MemObjLockUser(&Mem.MemObj, pvR3, cb, RTR0ProcHandleSelf());
+    rc = RTR0MemObjLockUser(&Mem.MemObj, pvR3, cb, RTMEM_PROT_READ | RTMEM_PROT_WRITE, RTR0ProcHandleSelf());
     if (RT_SUCCESS(rc))
     {

trunk/src/VBox/HostDrivers/Support/SUPDrvIOC.h

@@ -197 +197 @@
  *          - Nothing.
  */
-#define SUPDRV_IOC_VERSION                              0x000f0000
+#define SUPDRV_IOC_VERSION                              0x00100000
 
 /** SUP_IOCTL_COOKIE. */

trunk/src/VBox/HostDrivers/Support/SUPLib.cpp

@@ -272 +272 @@
         strcpy(CookieReq.u.In.szMagic, SUPCOOKIE_MAGIC);
         CookieReq.u.In.u32ReqVersion = SUPDRV_IOC_VERSION;
-        const uint32_t MinVersion = (SUPDRV_IOC_VERSION & 0xffff0000) == 0x000f0000
-                                  ?  0x000f0000
-                                  :  SUPDRV_IOC_VERSION & 0xffff0000;
-        CookieReq.u.In.u32MinVersion = MinVersion;
+        const uint32_t uMinVersion = (SUPDRV_IOC_VERSION & 0xffff0000) == 0x00100000
+                                   ?  0x00100000
+                                   :  SUPDRV_IOC_VERSION & 0xffff0000;
+        CookieReq.u.In.u32MinVersion = uMinVersion;
         rc = suplibOsIOCtl(&g_supLibData, SUP_IOCTL_COOKIE, &CookieReq, SUP_IOCTL_COOKIE_SIZE);
         if (    RT_SUCCESS(rc)
@@ -281 +281 @@
         {
             if (    (CookieReq.u.Out.u32SessionVersion & 0xffff0000) == (SUPDRV_IOC_VERSION & 0xffff0000)
-                &&  CookieReq.u.Out.u32SessionVersion >= MinVersion)
+                &&  CookieReq.u.Out.u32SessionVersion >= uMinVersion)
             {
                 /*
@@ -348 +348 @@
             {
                 LogRel(("Support driver version mismatch: SessionVersion=%#x DriverVersion=%#x ClientVersion=%#x MinVersion=%#x\n",
-                        CookieReq.u.Out.u32SessionVersion, CookieReq.u.Out.u32DriverVersion, SUPDRV_IOC_VERSION, MinVersion));
+                        CookieReq.u.Out.u32SessionVersion, CookieReq.u.Out.u32DriverVersion, SUPDRV_IOC_VERSION, uMinVersion));
                 rc = VERR_VM_DRIVER_VERSION_MISMATCH;
             }

trunk/src/VBox/HostDrivers/Support/win/SUPDrvA-win.asm

@@ -99 +99 @@
 NtWrapDyn2DrvFunctionWithAllRegParams  supdrvNtWrap, RTR0MemObjAllocCont
 NtWrapDyn2DrvFunctionWithAllRegParams  supdrvNtWrap, RTR0MemObjEnterPhys
-NtWrapDyn2DrvFunctionWithAllRegParams  supdrvNtWrap, RTR0MemObjLockUser
+NtWrapDyn2DrvFunctionWith5Params       supdrvNtWrap, RTR0MemObjLockUser
 NtWrapDyn2DrvFunctionWith5Params       supdrvNtWrap, RTR0MemObjMapKernel
 NtWrapDyn2DrvFunctionWith7Params       supdrvNtWrap, RTR0MemObjMapKernelEx

trunk/src/VBox/Runtime/include/internal/memobj.h

@@ -335 +335 @@
  * @param   R3Ptr           User virtual address, page aligned.
  * @param   cb              Number of bytes to lock, page aligned.
+ * @param   fAccess         The desired access, a combination of RTMEM_PROT_READ
+ *                          and RTMEM_PROT_WRITE.
  * @param   R0Process       The process to lock pages in.
  */
-int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process);
+int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process);
 
 /**
@@ -346 +348 @@
  * @param   pv              Kernel virtual address, page aligned.
  * @param   cb              Number of bytes to lock, page aligned.
- */
-int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb);
+ * @param   fAccess         The desired access, a combination of RTMEM_PROT_READ
+ *                          and RTMEM_PROT_WRITE.
+ */
+int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fAccess);
 
 /**

trunk/src/VBox/Runtime/r0drv/darwin/memobj-r0drv-darwin.cpp

@@ -655 +655 @@
  * @return IPRT status code.
  *
- * @param ppMem     Where to store the memory object pointer.
- * @param pv        First page.
- * @param cb        Number of bytes.
- * @param Task      The task \a pv and \a cb refers to.
+ * @param   ppMem           Where to store the memory object pointer.
+ * @param   pv              First page.
+ * @param   cb              Number of bytes.
+ * @param   fAccess         The desired access, a combination of RTMEM_PROT_READ
+ *                          and RTMEM_PROT_WRITE.
+ * @param   Task            The task \a pv and \a cb refers to.
  */
-static int rtR0MemObjNativeLock(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, task_t Task)
-{
+static int rtR0MemObjNativeLock(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fAccess, task_t Task)
+{
+    NOREF(fAccess);
 #ifdef USE_VM_MAP_WIRE
     vm_map_t Map = get_task_map(Task);
@@ -729 +732 @@
 
 
-int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process)
-{
-    return rtR0MemObjNativeLock(ppMem, (void *)R3Ptr, cb, (task_t)R0Process);
-}
-
-
-int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb)
-{
-    return rtR0MemObjNativeLock(ppMem, pv, cb, kernel_task);
+int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process)
+{
+    return rtR0MemObjNativeLock(ppMem, (void *)R3Ptr, cb, fAccess, (task_t)R0Process);
+}
+
+
+int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fAccess)
+{
+    return rtR0MemObjNativeLock(ppMem, pv, cb, fAccess, kernel_task);
 }
 

trunk/src/VBox/Runtime/r0drv/freebsd/memobj-r0drv-freebsd.c

@@ -378 +378 @@
 
 
-int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process)
+int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process)
 {
     int rc;
+    NOREF(fAccess);
 
     /* create the object. */
@@ -406 +407 @@
 
 
-int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb)
+int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fAccess)
 {
     int rc;
+    NOREF(fAccess);
 
     /* create the object. */

trunk/src/VBox/Runtime/r0drv/linux/memobj-r0drv-linux.c

@@ -734 +734 @@
 
 
-int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process)
+int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process)
 {
     const int cPages = cb >> PAGE_SHIFT;
@@ -741 +741 @@
     PRTR0MEMOBJLNX pMemLnx;
     int rc = VERR_NO_MEMORY;
+    NOREF(fAccess);
 
     /*
@@ -830 +831 @@
 
 
-int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb)
+int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fFlags)
 {
     void           *pvLast = (uint8_t *)pv + cb - 1;
@@ -839 +840 @@
     uint8_t        *pbPage;
     size_t          iPage;
+    NOREF(fAccess);
 
     /*

trunk/src/VBox/Runtime/r0drv/memobj-r0drv.cpp

@@ -492 +492 @@
  * @returns IPRT status code.
  * @param   pMemObj         Where to store the ring-0 memory object handle.
- * @param   R3Ptr           User virtual address. This is rounded down to a page boundrary.
- * @param   cb              Number of bytes to lock. This is rounded up to nearest page boundrary.
- * @param   R0Process       The process to lock pages in. NIL_R0PROCESS is an alias for the current one.
+ * @param   R3Ptr           User virtual address. This is rounded down to a page
+ *                          boundrary.
+ * @param   cb              Number of bytes to lock. This is rounded up to
+ *                          nearest page boundrary.
+ * @param   fAccess         The desired access, a combination of RTMEM_PROT_READ
+ *                          and RTMEM_PROT_WRITE.
+ * @param   R0Process       The process to lock pages in. NIL_R0PROCESS is an
+ *                          alias for the current one.
  *
  * @remarks RTR0MemGetAddressR3() and RTR0MemGetAddress() will return therounded
@@ -504 +509 @@
  *          lifting it.
  */
-RTR0DECL(int) RTR0MemObjLockUser(PRTR0MEMOBJ pMemObj, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process)
+RTR0DECL(int) RTR0MemObjLockUser(PRTR0MEMOBJ pMemObj, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process)
 {
     /* sanity checks. */
@@ -515 +520 @@
     if (R0Process == NIL_RTR0PROCESS)
         R0Process = RTR0ProcHandleSelf();
+    AssertReturn(!(fAccess & ~(RTMEM_PROT_READ | RTMEM_PROT_WRITE)), VERR_INVALID_PARAMETER);
+    AssertReturn(fAccess, VERR_INVALID_PARAMETER);
     RT_ASSERT_PREEMPTIBLE();
 
     /* do the locking. */
-    return rtR0MemObjNativeLockUser(pMemObj, R3PtrAligned, cbAligned, R0Process);
+    return rtR0MemObjNativeLockUser(pMemObj, R3PtrAligned, cbAligned, fAccess, R0Process);
 }
 RT_EXPORT_SYMBOL(RTR0MemObjLockUser);
@@ -530 +537 @@
  * @param   pv              Kernel virtual address. This is rounded down to a page boundrary.
  * @param   cb              Number of bytes to lock. This is rounded up to nearest page boundrary.
+ * @param   fAccess         The desired access, a combination of RTMEM_PROT_READ
+ *                          and RTMEM_PROT_WRITE.
  *
  * @remark  RTR0MemGetAddress() will return the rounded down address.
  */
-RTR0DECL(int) RTR0MemObjLockKernel(PRTR0MEMOBJ pMemObj, void *pv, size_t cb)
+RTR0DECL(int) RTR0MemObjLockKernel(PRTR0MEMOBJ pMemObj, void *pv, size_t cb, uint32_t fAccess)
 {
     /* sanity checks. */
@@ -543 +552 @@
     AssertReturn(cb <= cbAligned, VERR_INVALID_PARAMETER);
     AssertPtrReturn(pvAligned, VERR_INVALID_POINTER);
+    AssertReturn(!(fAccess & ~(RTMEM_PROT_READ | RTMEM_PROT_WRITE)), VERR_INVALID_PARAMETER);
+    AssertReturn(fAccess, VERR_INVALID_PARAMETER);
     RT_ASSERT_PREEMPTIBLE();
 
     /* do the allocation. */
-    return rtR0MemObjNativeLockKernel(pMemObj, pvAligned, cbAligned);
+    return rtR0MemObjNativeLockKernel(pMemObj, pvAligned, cbAligned, fAccess);
 }
 RT_EXPORT_SYMBOL(RTR0MemObjLockKernel);

trunk/src/VBox/Runtime/r0drv/nt/memobj-r0drv-nt.cpp

@@ -501 +501 @@
  * @return IPRT status code.
  *
- * @param ppMem     Where to store the memory object pointer.
- * @param pv        First page.
- * @param cb        Number of bytes.
- * @param R0Process The process \a pv and \a cb refers to.
+ * @param   ppMem           Where to store the memory object pointer.
+ * @param   pv              First page.
+ * @param   cb              Number of bytes.
+ * @param   fAccess         The desired access, a combination of RTMEM_PROT_READ
+ *                          and RTMEM_PROT_WRITE.
+ * @param   R0Process       The process \a pv and \a cb refers to.
  */
-static int rtR0MemObjNtLock(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, RTR0PROCESS R0Process)
+static int rtR0MemObjNtLock(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process)
 {
     /*
@@ -549 +551 @@
         __try
         {
-            MmProbeAndLockPages(pMdl, R0Process == NIL_RTR0PROCESS ? KernelMode : UserMode, IoModifyAccess);
+            MmProbeAndLockPages(pMdl,
+                                R0Process == NIL_RTR0PROCESS ? KernelMode : UserMode,
+                                fAccess == RTMEM_PROT_READ
+                                ? IoReadAccess
+                                : fAccess == RTMEM_PROT_WRITE
+                                ? IoWriteAccess
+                                : IoModifyAccess);
 
             pMemNt->apMdls[iMdl] = pMdl;
@@ -561 +569 @@
         }
 
-        if (R0Process != NIL_RTR0PROCESS )
+        if (R0Process != NIL_RTR0PROCESS)
         {
             /* Make sure the user process can't change the allocation. */
-            pMemNt->pvSecureMem = MmSecureVirtualMemory(pv, cb, PAGE_READWRITE);
+            pMemNt->pvSecureMem = MmSecureVirtualMemory(pv, cb,
+                                                        fAccess & RTMEM_PROT_WRITE
+                                                        ? PAGE_READWRITE
+                                                        : PAGE_READONLY);
             if (!pMemNt->pvSecureMem)
             {
@@ -604 +615 @@
 
 
-int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process)
+int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process)
 {
     AssertMsgReturn(R0Process == RTR0ProcHandleSelf(), ("%p != %p\n", R0Process, RTR0ProcHandleSelf()), VERR_NOT_SUPPORTED);
     /* (Can use MmProbeAndLockProcessPages if we need to mess with other processes later.) */
-    return rtR0MemObjNtLock(ppMem, (void *)R3Ptr, cb, R0Process);
-}
-
-
-int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb)
-{
-    return rtR0MemObjNtLock(ppMem, pv, cb, NIL_RTR0PROCESS);
+    return rtR0MemObjNtLock(ppMem, (void *)R3Ptr, cb, fAccess, R0Process);
+}
+
+
+int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fAccess)
+{
+    return rtR0MemObjNtLock(ppMem, pv, cb, fAccess, NIL_RTR0PROCESS);
 }
 

trunk/src/VBox/Runtime/r0drv/os2/memobj-r0drv-os2.cpp

@@ -242 +242 @@
 
 
-int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process)
+int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process)
 {
     AssertMsgReturn(R0Process == RTR0ProcHandleSelf(), ("%p != %p\n", R0Process, RTR0ProcHandleSelf()), VERR_NOT_SUPPORTED);
@@ -254 +254 @@
     /* lock it. */
     ULONG cPagesRet = cPages;
-    int rc = KernVMLock(VMDHL_LONG | VMDHL_WRITE, (void *)R3Ptr, cb, &pMemOs2->Lock, &pMemOs2->aPages[0], &cPagesRet);
+    int rc = KernVMLock(VMDHL_LONG | (fAccess & RTMEM_PROT_WRITE ? VMDHL_WRITE : 0),
+                        (void *)R3Ptr, cb, &pMemOs2->Lock, &pMemOs2->aPages[0], &cPagesRet);
     if (!rc)
     {
@@ -269 +270 @@
 
 
-int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb)
+int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fAccess)
 {
     /* create the object. */
@@ -279 +280 @@
     /* lock it. */
     ULONG cPagesRet = cPages;
-    int rc = KernVMLock(VMDHL_LONG | VMDHL_WRITE, pv, cb, &pMemOs2->Lock, &pMemOs2->aPages[0], &cPagesRet);
+    int rc = KernVMLock(VMDHL_LONG | (fAccess & RTMEM_PROT_WRITE ? VMDHL_WRITE : 0),
+                        pv, cb, &pMemOs2->Lock, &pMemOs2->aPages[0], &cPagesRet);
     if (!rc)
     {

trunk/src/VBox/Runtime/r0drv/solaris/memobj-r0drv-solaris.c

@@ -272 +272 @@
 
 
-int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process)
+int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process)
 {
     AssertReturn(R0Process == RTR0ProcHandleSelf(), VERR_INVALID_PARAMETER);
+    NOREF(fAccess);
 
     /* Create the locking object */
@@ -306 +307 @@
 
 
-int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb)
-{
+int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fAccess)
+{
+    NOREF(fAccess);
+
     /* Create the locking object */
     PRTR0MEMOBJSOLARIS pMemSolaris = (PRTR0MEMOBJSOLARIS)rtR0MemObjNew(sizeof(*pMemSolaris), RTR0MEMOBJTYPE_LOCK, pv, cb);

trunk/src/VBox/Runtime/r0drv/solaris/vbi/memobj-r0drv-solaris.c

@@ -213 +213 @@
 
 
-int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, RTR0PROCESS R0Process)
+int rtR0MemObjNativeLockUser(PPRTR0MEMOBJINTERNAL ppMem, RTR3PTR R3Ptr, size_t cb, uint32_t fAccess, RTR0PROCESS R0Process)
 {
     AssertReturn(R0Process == RTR0ProcHandleSelf(), VERR_INVALID_PARAMETER);
+    NOREF(fAccess);
 
     /* Create the locking object */
@@ -239 +240 @@
 
 
-int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb)
-{
+int rtR0MemObjNativeLockKernel(PPRTR0MEMOBJINTERNAL ppMem, void *pv, size_t cb, uint32_t fAccess)
+{
+    NOREF(fAccess);
+
     PRTR0MEMOBJSOLARIS pMemSolaris = (PRTR0MEMOBJSOLARIS)rtR0MemObjNew(sizeof(*pMemSolaris), RTR0MEMOBJTYPE_LOCK, pv, cb);
     if (!pMemSolaris)

trunk/src/VBox/VMM/VMMR0/GMMR0.cpp

@@ -3105 +3105 @@
      */
     RTR0MEMOBJ MemObj;
-    rc = RTR0MemObjLockUser(&MemObj, pvR3, GMM_CHUNK_SIZE, NIL_RTR0PROCESS);
+    rc = RTR0MemObjLockUser(&MemObj, pvR3, GMM_CHUNK_SIZE, RTMEM_PROT_READ | RTMEM_PROT_WRITE, NIL_RTR0PROCESS);
     if (RT_SUCCESS(rc))
     {