This seems like a perfectly reasonable extension to mmap(2) and mprotect(2).
Endeavor to apply reviewer suggestions.
- Document new error case in mprotect(2).
- No period at the end of sysctl description.
- Verify that prot isn't larger than max_prot.
- Avoid the need for a goto in mmprotect().
- Add a KASSERT that cap_maxprot is contained in max_prot.
- Always enable INTx interrupts in a PCI passthrough device when starting a guest.
Rename uint128_add to the more appropriate uint128_add64
Fix the last few comments I've added and this is ready to go.
Fails with WITHOUT_CAPSICUM...