TOPIC   #  NAME           DESCRIPTION
-----  --- ------------   ------------------------------------------------
memory  45 brk            - change data segment size
memory 150 mlock          - disable paging for some parts of memory 
memory 152 mlockall       - disable paging for calling process
memory  90 mmap           - map or unmap files or devices into memory
memory 125 mprotect       - control allowable accesses to a region of memory
memory 163 mremap         - re-map a virtual memory address
memory 144 msync          - synchronize a file with a memory map
memory 151 munlock        - reenable paging for some parts of memory
memory 153 munlockall     - reenable paging for calling process
memory  91 munmap         - unmap files or devices into memory

----------------------------------------------------------------------------
memory  45 brk            - change data segment size
----------------------------------------------------------------------------
  mov eax,045
  mov   ebx,new_end
  int   80h

       brk  sets  the  end  of  the  data  segment  to  the value specified by
       end_data_segment, when that value is reasonable, the system  does  have
       enough  memory  and  the process does not exceed its max data size (see
       setrlimit(2)).

       sbrk increments the program's data  space  by  increment  bytes.   sbrk
       isn't a system call, it is just a C library wrapper.  Calling sbrk with
       an increment of 0 can be used to find the current location of the  pro-
       gram break.

RETURN VALUE
       On  success,  brk returns zero, and sbrk returns a pointer to the start
       of the new area.  On error, -1 is returned, and errno is set to ENOMEM.

SEE ALSO
       execve(2), getrlimit(2), malloc(3)


----------------------------------------------------------------------------
memory 150 mlock          - disable paging for some parts of memory 
----------------------------------------------------------------------------
  mov  eax,150
  mov  ebx,addr
  mov  ecx,len
  int  80h

       mlock disables paging for the memory in the range starting at addr with
       length len bytes. All pages which contain a part of the specified  mem-
       ory  range are guaranteed be resident in RAM when the mlock system call
       returns successfully and they are guaranteed to stay in RAM  until  the
       pages  are  unlocked  by  munlock  or  munlockall,  until the pages are
       unmapped via munmap, or until the process terminates or starts  another
       program  with exec.  Child processes do not inherit page locks across a
       fork.

       Memory locking has two  main  applications:  real-time  algorithms  and
       high-security data processing. Real-time applications require determin-
       istic timing, and, like scheduling, paging is one major cause of  unex-
       pected  program  execution  delays. Real-time applications will usually
       also switch to a real-time scheduler with sched_setscheduler.   Crypto-
       graphic  security  software often handles critical bytes like passwords
       or secret keys as data structures. As a result of paging, these secrets
       could  be  transferred  onto a persistent swap store medium, where they
       might be accessible to the enemy long after the security  software  has
       erased  the secrets in RAM and terminated.  (But be aware that the sus-
       pend mode on laptops and some desktop computers will save a copy of the
       system's RAM to disk, regardless of memory locks.)

       Memory  locks  do not stack, i.e., pages which have been locked several
       times by calls to mlock or mlockall will be unlocked by a  single  call
       to  munlock  for the corresponding range or by munlockall.  Pages which
       are mapped to several locations or by  several  processes  stay  locked
       into  RAM  as long as they are locked at least at one location or by at
       least one process.

       On POSIX systems on which mlock and munlock are available,  _POSIX_MEM-
       LOCK_RANGE  is  defined in <unistd.h> and the value PAGESIZE from <lim-
       its.h> indicates the number of bytes per page.

NOTES
       With the Linux system call, addr is automatically rounded down  to  the
       nearest  page boundary.  However, POSIX 1003.1-2001 allows an implemen-
       tation to require that addr is page aligned, so  portable  applications
       should ensure this.

RETURN VALUE
       On success, mlock returns zero.  On error, -1 is returned, errno is set
       appropriately, and no changes are made to  any  locks  in  the  address
       space of the process.

ERRORS
       ENOMEM Some  of  the  specified  address  range  does not correspond to
              mapped pages in the address space of the process or the  process
              tried to exceed the maximum number of allowed locked pages.

       EPERM  The  calling  process does not have appropriate privileges. Only
              root processes are allowed to lock pages.

       EINVAL (Not on Linux) addr was not a multiple of the page size.

       Linux adds

       EINVAL len was negative.


SEE ALSO
       mlockall(2), munlock(2), munlockall(2), munmap(2), setrlimit(2)

----------------------------------------------------------------------------
memory 152 mlockall       - disable paging for calling process
----------------------------------------------------------------------------
  mov  eax,152
  mov  ebx,flags
  int  80h

       munlockall reenables paging for all pages mapped into the address space
       of the calling process.

       Memory locks do not stack, i.e., pages which have been  locked  several
       times  by  calls to mlock or mlockall will be unlocked by a single call
       to munlockall.  Pages which are mapped to several locations or by  sev-
       eral processes stay locked into RAM as long as they are locked at least
       at one location or by at least one process.

       On POSIX systems  on  which  mlockall  and  munlockall  are  available,
       _POSIX_MEMLOCK is defined in <unistd.h> .

RETURN VALUE
       On  success,  munlockall  returns  zero.   On error, -1 is returned and
       errno is set appropriately.

SEE ALSO
       mlockall(2), mlock(2), munlock(2)
----------------------------------------------------------------------------
memory  90 mmap           - map or unmap files or devices into memory
----------------------------------------------------------------------------
  start dword
  length dword linux.size_t;
  prot   dword 
  flags  dword
  fd     dword
  offset dword linux.off_t

  lea  ebx, start
  mov  eax,090
  int  80h

       The mmap function asks to map length bytes starting  at  offset  offset
       from  the  file  (or  other object) specified by the file descriptor fd
       into memory, preferably at address start.  This  latter  address  is  a
       hint  only,  and is usually specified as 0.  The actual place where the
       object is mapped is returned by mmap, and is never 0.

       The prot argument describes the desired memory protection (and must not
       conflict  with the open mode of the file). It is either PROT_NONE or is
       the bitwise OR of one or more of the other PROT_* flags.

       PROT_EXEC  Pages may be executed.

       PROT_READ  Pages may be read.

       PROT_WRITE Pages may be written.

       PROT_NONE  Pages may not be accessed.

       The flags parameter specifies the type of the  mapped  object,  mapping
       options  and  whether modifications made to the mapped copy of the page
       are private to the process or are to be shared with  other  references.
       It has bits

       MAP_FIXED  Do  not  select  a different address than the one specified.
                  If the specified address cannot be used, mmap will fail.  If
                  MAP_FIXED  is  specified,  start  must  be a multiple of the
                  pagesize.  Use of this option is discouraged.

       MAP_SHARED Share this mapping with all other processes  that  map  this
                  object.   Storing  to the region is equivalent to writing to
                  the file.  The  file  may  not  actually  be  updated  until
                  msync(2) or munmap(2) are called.

       MAP_PRIVATE
                  Create  a  private  copy-on-write  mapping.   Stores  to the
                  region do not affect the original file.  It  is  unspecified
                  whether  changes  made  to  the file after the mmap call are
                  visible in the mapped region.

       You must specify exactly one of MAP_SHARED and MAP_PRIVATE.

       The above three flags are described in POSIX.1b (formerly POSIX.4)  and
       SUSv2.  Linux also knows about the following non-standard flags:

       MAP_DENYWRITE
              This  flag is ignored.  (Long ago, it signalled that attempts to
              write to the underlying file should fail with ETXTBUSY. But this
              was a source of denial-of-service attacks.)

       MAP_EXECUTABLE
              This flag is ignored.

       MAP_NORESERVE
              (Used  together  with  MAP_PRIVATE.)  Do  not reserve swap space
              pages for this mapping. When swap space is reserved, one has the
              guarantee  that  it  is possible to modify this private copy-on-
              write region.  When it is not reserved  one  might  get  SIGSEGV
              upon a write when no memory is available.

       MAP_LOCKED
              (Linux  2.5.37  and  later)  Lock the pages of the mapped region
              into memory in the manner of mlock().  This flag is  ignored  in
              older kernels.

       MAP_GROWSDOWN
              Used for stacks. Indicates to the kernel VM system that the map-
              ping should extend downwards in memory.

       MAP_ANONYMOUS
              The mapping is not backed by any file; the fd and  offset  argu-
              ments  are ignored.  This flag in conjunction with MAP_SHARED is
              implemented since Linux 2.4.

       MAP_ANON
              Alias for MAP_ANONYMOUS. Deprecated.

       MAP_FILE
              Compatibility flag. Ignored.

       MAP_32BIT
              Put the mapping into the first 2GB of the process address space.
              Ignored  when MAP_FIXED is set. This flag is currently only sup-
              ported on x86-64 for 64bit programs.

       Some systems document the additional flags MAP_AUTOGROW, MAP_AUTORESRV,
       MAP_COPY, and MAP_LOCAL.

       fd  should  be a valid file descriptor, unless MAP_ANONYMOUS is set, in
       which case the argument is ignored.

       offset should be a multiple of the page size as  returned  by  getpage-
       size(2).

       Memory  mapped  by  mmap  is  preserved  across  fork(2), with the same
       attributes.

       A file is mapped in multiples of the page size. For a file that is  not
       a  multiple  of  the  page  size,  the  remaining memory is zeroed when
       mapped, and writes to that region are not written out to the file.  The
       effect  of changing the size of the underlying file of a mapping on the
       pages that correspond to added  or  removed  regions  of  the  file  is
       unspecified.


RETURN VALUE
       On success, mmap returns a pointer to the mapped area.  On  error,  the
       value  MAP_FAILED  (that is, (void *) -1) is returned, and errno is set
       appropriately.  On success, munmap returns 0, on failure -1, and  errno
       is set (probably to EINVAL).

NOTES
       It  is  architecture  dependent whether PROT_READ includes PROT_EXEC or
       not. Portable programs should always set PROT_EXEC if  they  intend  to
       execute code in the new mapping.

ERRORS
       EBADF  fd  is  not  a  valid file descriptor (and MAP_ANONYMOUS was not
              set).

       EACCES A file descriptor refers to a non-regular file.  Or  MAP_PRIVATE
              was  requested,  but  fd is not open for reading.  Or MAP_SHARED
              was requested and PROT_WRITE is set,  but  fd  is  not  open  in
              read/write (O_RDWR) mode.  Or PROT_WRITE is set, but the file is
              append-only.

       EINVAL We don't like start or length or offset.  (E.g.,  they  are  too
              large, or not aligned on a PAGESIZE boundary.)

       ETXTBSY
              MAP_DENYWRITE was set but the object specified by fd is open for
              writing.

       EAGAIN The file has been locked, or too much memory has been locked.

       ENOMEM No memory is available, or the process's maximum number of  map-
              pings would have been exceeded.

       ENODEV The underlying filesystem of the specified file does not support
              memory mapping.

       Use of a mapped region can result in these signals:

       SIGSEGV
              Attempted write into a region specified to mmap as read-only.

       SIGBUS Attempted access to a portion of the buffer that does not corre-
              spond  to  the  file  (for  example, beyond the end of the file,
              including the case  where  another  process  has  truncated  the
              file).

SEE ALSO
       getpagesize(2),  mlock(2),  mmap2(2), mremap(2), msync(2), shm_open(2),
       B.O. Gallmeister, POSIX.4, O'Reilly, pp. 128-129 and 389-391.


----------------------------------------------------------------------------
memory 125 mprotect       - control allowable accesses to a region of memory
----------------------------------------------------------------------------
  mov  eax,125
  mov  ebx,addr
  mov  ecx,len
  mov  edx,prot
  int  80h

       The  function  mprotect specifies the desired protection for the memory
       page(s) containing part or all of the interval  [addr,addr+len-1].   If
       an  access  is  disallowed  by  the  protection  given  it, the program
       receives a SIGSEGV.

       prot is a bitwise-or of the following values:

       PROT_NONE  The memory cannot be accessed at all.

       PROT_READ  The memory can be read.

       PROT_WRITE The memory can be written to.

       PROT_EXEC  The memory can contain executing code.

       The new protection replaces any existing protection.  For  example,  if
       the  memory  had previously been marked PROT_READ, and mprotect is then
       called with prot PROT_WRITE, it will no longer be readable.

RETURN VALUE
       On success, mprotect returns zero.  On error, -1 is returned, and errno
       is set appropriately.

ERRORS
       EINVAL addr is not a valid pointer, or not a multiple of PAGESIZE.

       EFAULT The memory cannot be accessed.

       EACCES The  memory cannot be given the specified access.  This can hap-
              pen, for example, if you mmap(2) a file to which you have  read-
              only access, then ask mprotect to mark it PROT_WRITE.

       ENOMEM Internal kernel structures could not be allocated.

EXAMPLE
       #include <stdio.h>
       #include <stdlib.h>
       #include <errno.h>
       #include <sys/mman.h>

       #include <limits.h>    /* for PAGESIZE */
       #ifndef PAGESIZE
       #define PAGESIZE 4096
       #endif

       int
       main(void)
       {
           char *p;
           char c;

           /* Allocate a buffer; it will have the default
              protection of PROT_READ|PROT_WRITE. */
           p = malloc(1024+PAGESIZE-1);
           if (!p) {
               perror("Couldn't malloc(1024)");
               exit(errno);
           }

           /* Align to a multiple of PAGESIZE, assumed to be a power of two */
           p = (char *)(((int) p + PAGESIZE-1) & ~(PAGESIZE-1));

           c = p[666];         /* Read; ok */
           p[666] = 42;        /* Write; ok */

           /* Mark the buffer read-only. */
           if (mprotect(p, 1024, PROT_READ)) {
               perror("Couldn't mprotect");
               exit(errno);
           }

           c = p[666];         /* Read; ok */
           p[666] = 42;        /* Write; program dies on SIGSEGV */

           exit(0);
       }

SEE ALSO
       mmap(2)

----------------------------------------------------------------------------
memory 163 mremap         - re-map a virtual memory address
----------------------------------------------------------------------------
  old_address dword
  old_size linux.size_t
  new_size linux.size_t
  flags dword

  mov  eax,163
  mov  ebx,old_address
  mov  ecx,old_size
  mov  edx,new_size
  mov  esi,flags
  int  80h

       mremap expands (or shrinks) an  existing  memory  mapping,  potentially
       moving  it  at  the same time (controlled by the flags argument and the
       available virtual address space).

       old_address is the old address of the virtual  memory  block  that  you
       want  to  expand  (or  shrink).   Note  that old_address has to be page
       aligned. old_size  is  the  old  size  of  the  virtual  memory  block.
       new_size  is  the  requested size of the virtual memory block after the
       resize.

       The flags argument is a bitmap of flags.

       In Linux the memory is divided into pages.  A user process has (one or)
       several  linear  virtual  memory segments.  Each virtual memory segment
       has one or more mappings to real memory  pages  (in  the  page  table).
       Each  virtual  memory  segment  has its own protection (access rights),
       which may cause a segmentation violation  if  the  memory  is  accessed
       incorrectly  (e.g., writing to a read-only segment).  Accessing virtual
       memory outside of the segments will also cause  a  segmentation  viola-
       tion.

       mremap  uses  the  Linux page table scheme.  mremap changes the mapping
       between virtual addresses and memory pages.  This can be used to imple-
       ment a very efficient realloc.


FLAGS
       MREMAP_MAYMOVE
              indicates  if  the  operation should fail, or change the virtual
              address if the resize cannot be  done  at  the  current  virtual
              address.


RETURN VALUE
       On success mremap returns a pointer to the new virtual memory area.  On
       error, the value MAP_FAILED (that is, (void *)  -1)  is  returned,  and
       errno is set appropriately.


ERRORS
       EINVAL An  invalid  argument was given. Most likely old_address was not
              page aligned.

       EFAULT "Segmentation fault." Some address in the range  old_address  to
              old_address+old_size  is  an  invalid virtual memory address for
              this process.  You can also get EFAULT even if there exist  map-
              pings  that  cover  the whole address space requested, but those
              mappings are of different types.

       EAGAIN The memory segment is locked and cannot be re-mapped.

       ENOMEM The memory area  cannot  be  expanded  at  the  current  virtual
              address,  and  the MREMAP_MAYMOVE flag is not set in flags.  Or,
              there is not enough (virtual) memory available.

NOTES
       With current  glibc  includes,  in  order  to  get  the  definition  of
       MREMAP_MAYMOVE,   you  need  to  define  _GNU_SOURCE  before  including
       <sys/mman.h>.

CONFORMING TO
       This call is  Linux-specific,  and  should  not  be  used  in  programs
       intended  to  be  portable.   4.2BSD had a (never actually implemented)
       mremap(2) call with completely different semantics.

SEE ALSO
       getpagesize(2), realloc(3), malloc(3), brk(2), sbrk(2), mmap(2)

       Your favorite OS text book for more information on paged memory.  (Mod-
       ern  Operating Systems by Andrew S. Tannenbaum, Inside Linux by Randolf
       Bentson, The Design of the UNIX Operating System by Maurice J. Bach.)


----------------------------------------------------------------------------
memory 144 msync          - synchronize a file with a memory map
----------------------------------------------------------------------------
  mov  eax,144
  mov  ebx,start
  mov  ecx,length
  mov  edx,flags
  int  80h

       msync  flushes  changes  made  to  the  in-core copy of a file that was
       mapped into memory using mmap(2) back to disk.   Without  use  of  this
       call  there  is  no guarantee that changes are written back before mun-
       map(2) is called.  To be more precise, the part of the file that corre-
       sponds to the memory area starting at start and having length length is
       updated.  The flags argument may have the bits  MS_ASYNC,  MS_SYNC  and
       MS_INVALIDATE  set, but not both MS_ASYNC and MS_SYNC.  MS_ASYNC speci-
       fies that an update be scheduled, but  the  call  returns  immediately.
       MS_SYNC asks for an update and waits for it to complete.  MS_INVALIDATE
       asks to invalidate other mappings of the same file (so that they can be
       updated with the fresh values just written).

RETURN VALUE
       On  success,  zero is returned.  On error, -1 is returned, and errno is
       set appropriately.

ERRORS
       EINVAL start is not a multiple of  PAGESIZE,  or  any  bit  other  than
              MS_ASYNC | MS_INVALIDATE | MS_SYNC is set in flags.

       ENOMEM The indicated memory (or part of it) was not mapped.

SEE ALSO
       mmap(2),  B.O. Gallmeister, POSIX.4, O'Reilly, pp. 128-129 and 389-391.

----------------------------------------------------------------------------
memory 151 munlock        - reenable paging for some parts of memory
----------------------------------------------------------------------------
  mov  eax,151
  mov  ebx,addr
  mov  ecx,len
  int  80h

       munlock  reenables  paging for the memory in the range starting at addr
       with length len bytes. All pages which contain a part of the  specified
       memory  range can after calling munlock be moved to external swap space
       again by the kernel.

       Memory locks do not stack, i.e., pages which have been  locked  several
       times  by  calls to mlock or mlockall will be unlocked by a single call
       to munlock for the corresponding range or by munlockall.   Pages  which
       are  mapped  to  several  locations or by several processes stay locked
       into RAM as long as they are locked at least at one location or  by  at
       least one process.

       On  POSIX systems on which mlock and munlock are available, _POSIX_MEM-
       LOCK_RANGE is defined in <unistd.h> and the value PAGESIZE  from  <lim-
       its.h> indicates the number of bytes per page.

RETURN VALUE
       On  success,  munlock returns zero.  On error, -1 is returned, errno is
       set appropriately, and no changes are made to any locks in the  address
       space of the process.

ERRORS
       ENOMEM Some  of  the  specified  address  range  does not correspond to
              mapped pages in the address space of the process.

       EINVAL (Not on Linux) addr was not a multiple of the page size.

       Linux adds

       EINVAL len was negative.

SEE ALSO
       mlock(2), mlockall(2), munlockall(2)

----------------------------------------------------------------------------
memory 153 munlockall     - reenable paging for calling process
----------------------------------------------------------------------------
  mov  eax,153
  int  80h

       munlockall reenables paging for all pages mapped into the address space
       of the calling process.

       Memory locks do not stack, i.e., pages which have been  locked  several
       times  by  calls to mlock or mlockall will be unlocked by a single call
       to munlockall.  Pages which are mapped to several locations or by  sev-
       eral processes stay locked into RAM as long as they are locked at least
       at one location or by at least one process.

       On POSIX systems  on  which  mlockall  and  munlockall  are  available,
       _POSIX_MEMLOCK is defined in <unistd.h> .

RETURN VALUE
       On  success,  munlockall  returns  zero.   On error, -1 is returned and
       errno is set appropriately.

SEE ALSO
       mlockall(2), mlock(2), munlock(2)


----------------------------------------------------------------------------
memory  91 munmap         - unmap files or devices into memory
----------------------------------------------------------------------------
  start dword
  length dword linux.size_t;
  prot   dword 
  flags  dword
  fd     dword
  offset dword linux.off_t

  // munmap: closes a memory mapped file.
  mov  eax,091
  mov  ebx,start
  mov  ecx,length
  int  80h

       The  munmap  system call deletes the mappings for the specified address
       range, and causes further references to addresses within the  range  to
       generate  invalid  memory references.  The region is also automatically
       unmapped when the process is terminated.  On the  other  hand,  closing
       the file descriptor does not unmap the region.

       The  address  start must be a multiple of the page size. All pages con-
       taining a part of the indicated range are unmapped, and subsequent ref-
       erences to these pages will generate SIGSEGV. It is not an error if the
       indicated range does not contain any mapped pages.

       For file-backed mappings, the st_atime field for the mapped file may be
       updated at any time between the mmap() and the corresponding unmapping;
       the first reference to a mapped page will update the field  if  it  has
       not been already.

       The  st_ctime  and st_mtime field for a file mapped with PROT_WRITE and
       MAP_SHARED will be updated after a write  to  the  mapped  region,  and
       before  a  subsequent msync() with the MS_SYNC or MS_ASYNC flag, if one
       occurs.

RETURN VALUE
       On success, munmap returns 0, on failure -1, and  errno
       is set (probably to EINVAL).


ERRORS
       EINVAL We don't like start or length or offset.  (E.g.,  they  are  too
              large, or not aligned on a PAGESIZE boundary.)

SEE ALSO
       getpagesize(2),  mlock(2),  mmap2(2), mremap(2), msync(2), shm_open(2),
       B.O. Gallmeister, POSIX.4, O'Reilly, pp. 128-129 and 389-391.


