]> git.saurik.com Git - apple/xnu.git/blame - bsd/kern/posix_shm.c
xnu-3248.60.10.tar.gz
[apple/xnu.git] / bsd / kern / posix_shm.c
CommitLineData
1c79356b 1/*
2d21ac55 2 * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
5d5c5d0d 3 *
2d21ac55 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b 5 *
2d21ac55
A
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
8f6c56a5 14 *
2d21ac55
A
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5
A
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55
A
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
8f6c56a5 25 *
2d21ac55 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b
A
27 */
28/*
29 * Copyright (c) 1990, 1996-1998 Apple Computer, Inc.
30 * All Rights Reserved.
31 */
32/*
9bccf70c 33 * posix_shm.c : Support for POSIX shared memory APIs
1c79356b
A
34 *
35 * File: posix_shm.c
36 * Author: Ananthakrishna Ramesh
37 *
38 * HISTORY
39 * 2-Sep-1999 A.Ramesh
40 * Created for MacOSX
41 *
42 */
2d21ac55
A
43/*
44 * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
45 * support for mandatory and extensible security protections. This notice
46 * is included in support of clause 2.2 (b) of the Apple Public License,
47 * Version 2.0.
48 */
1c79356b
A
49
50#include <sys/cdefs.h>
51#include <sys/param.h>
52#include <sys/systm.h>
53#include <sys/kernel.h>
91447636 54#include <sys/file_internal.h>
1c79356b
A
55#include <sys/filedesc.h>
56#include <sys/stat.h>
91447636
A
57#include <sys/proc_internal.h>
58#include <sys/kauth.h>
1c79356b
A
59#include <sys/mount.h>
60#include <sys/namei.h>
61#include <sys/vnode.h>
2d21ac55 62#include <sys/vnode_internal.h>
1c79356b
A
63#include <sys/ioctl.h>
64#include <sys/tty.h>
65#include <sys/malloc.h>
66#include <sys/mman.h>
91447636
A
67#include <sys/stat.h>
68#include <sys/sysproto.h>
0c530ab8 69#include <sys/proc_info.h>
b0d623f7 70#include <security/audit/audit.h>
e5568f75 71
2d21ac55
A
72#if CONFIG_MACF
73#include <security/mac_framework.h>
74#endif
75
1c79356b 76#include <mach/mach_types.h>
91447636
A
77#include <mach/mach_vm.h>
78#include <mach/vm_map.h>
1c79356b
A
79#include <mach/vm_prot.h>
80#include <mach/vm_inherit.h>
81#include <mach/kern_return.h>
82#include <mach/memory_object_control.h>
83
91447636
A
84#include <vm/vm_map.h>
85#include <vm/vm_protos.h>
1c79356b 86
91447636 87#define f_flag f_fglob->fg_flag
39236c6e 88#define f_type f_fglob->fg_ops->fo_type
91447636
A
89#define f_msgcount f_fglob->fg_msgcount
90#define f_cred f_fglob->fg_cred
91#define f_ops f_fglob->fg_ops
92#define f_offset f_fglob->fg_offset
93#define f_data f_fglob->fg_data
1c79356b
A
94#define PSHMNAMLEN 31 /* maximum name segment length we bother with */
95
b0d623f7
A
96struct pshmobj {
97 void * pshmo_memobject;
98 memory_object_size_t pshmo_size;
99 struct pshmobj * pshmo_next;
100};
101
1c79356b
A
102struct pshminfo {
103 unsigned int pshm_flags;
104 unsigned int pshm_usecount;
105 off_t pshm_length;
106 mode_t pshm_mode;
107 uid_t pshm_uid;
108 gid_t pshm_gid;
109 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
b0d623f7 110 struct pshmobj *pshm_memobjects;
1c79356b
A
111#if DIAGNOSTIC
112 unsigned int pshm_readcount;
113 unsigned int pshm_writecount;
2d21ac55 114 proc_t pshm_proc;
1c79356b 115#endif /* DIAGNOSTIC */
2d21ac55 116 struct label* pshm_label;
1c79356b
A
117};
118#define PSHMINFO_NULL (struct pshminfo *)0
119
b0d623f7
A
120#define PSHM_NONE 0x001
121#define PSHM_DEFINED 0x002
122#define PSHM_ALLOCATED 0x004
123#define PSHM_MAPPED 0x008
124#define PSHM_INUSE 0x010
125#define PSHM_REMOVED 0x020
126#define PSHM_INCREATE 0x040
127#define PSHM_INDELETE 0x080
128#define PSHM_ALLOCATING 0x100
1c79356b
A
129
130struct pshmcache {
131 LIST_ENTRY(pshmcache) pshm_hash; /* hash chain */
132 struct pshminfo *pshminfo; /* vnode the name refers to */
133 int pshm_nlen; /* length of name */
134 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
135};
136#define PSHMCACHE_NULL (struct pshmcache *)0
137
490019cf
A
138#define PSHMCACHE_NOTFOUND (0)
139#define PSHMCACHE_FOUND (-1)
140#define PSHMCACHE_NEGATIVE (ENOENT)
141
1c79356b
A
142struct pshmstats {
143 long goodhits; /* hits that we can really use */
144 long neghits; /* negative hits that we can use */
145 long badhits; /* hits we must drop */
146 long falsehits; /* hits with id mismatch */
147 long miss; /* misses */
148 long longnames; /* long names that ignore cache */
149};
150
151struct pshmname {
152 char *pshm_nameptr; /* pointer to looked up name */
153 long pshm_namelen; /* length of looked up component */
154 u_long pshm_hash; /* hash value of looked up name */
155};
156
157struct pshmnode {
91447636 158 off_t mapp_addr;
b0d623f7 159 user_size_t map_size; /* XXX unused ? */
1c79356b
A
160 struct pshminfo *pinfo;
161 unsigned int pshm_usecount;
162#if DIAGNOSTIC
163 unsigned int readcnt;
164 unsigned int writecnt;
165#endif
166};
167#define PSHMNODE_NULL (struct pshmnode *)0
168
169
170#define PSHMHASH(pnp) \
171 (&pshmhashtbl[(pnp)->pshm_hash & pshmhash])
91447636 172
1c79356b
A
173LIST_HEAD(pshmhashhead, pshmcache) *pshmhashtbl; /* Hash Table */
174u_long pshmhash; /* size of hash table - 1 */
175long pshmnument; /* number of cache entries allocated */
176struct pshmstats pshmstats; /* cache effectiveness statistics */
177
91447636 178static int pshm_read (struct fileproc *fp, struct uio *uio,
2d21ac55 179 int flags, vfs_context_t ctx);
91447636 180static int pshm_write (struct fileproc *fp, struct uio *uio,
2d21ac55 181 int flags, vfs_context_t ctx);
91447636 182static int pshm_ioctl (struct fileproc *fp, u_long com,
2d21ac55
A
183 caddr_t data, vfs_context_t ctx);
184static int pshm_select (struct fileproc *fp, int which, void *wql, vfs_context_t ctx);
6d2010ae 185static int pshm_close(struct pshminfo *pinfo, int dropref);
2d21ac55 186static int pshm_closefile (struct fileglob *fg, vfs_context_t ctx);
91447636 187
2d21ac55 188static int pshm_kqfilter(struct fileproc *fp, struct knote *kn, vfs_context_t ctx);
91447636 189
2d21ac55 190int pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, proc_t p);
490019cf
A
191int pshm_cache_purge_all(proc_t p);
192
91447636
A
193static int pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp);
194static void pshm_cache_delete(struct pshmcache *pcp);
91447636 195static int pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
6d2010ae 196 struct pshmcache **pcache, int addref);
490019cf 197static int pshm_unlink_internal(struct pshminfo *pinfo, struct pshmcache *pcache);
55e303ae 198
39236c6e
A
199static const struct fileops pshmops = {
200 DTYPE_PSXSHM,
201 pshm_read,
202 pshm_write,
203 pshm_ioctl,
204 pshm_select,
205 pshm_closefile,
206 pshm_kqfilter,
207 0
208};
91447636
A
209
210static lck_grp_t *psx_shm_subsys_lck_grp;
211static lck_grp_attr_t *psx_shm_subsys_lck_grp_attr;
212static lck_attr_t *psx_shm_subsys_lck_attr;
213static lck_mtx_t psx_shm_subsys_mutex;
214
215#define PSHM_SUBSYS_LOCK() lck_mtx_lock(& psx_shm_subsys_mutex)
216#define PSHM_SUBSYS_UNLOCK() lck_mtx_unlock(& psx_shm_subsys_mutex)
490019cf 217#define PSHM_SUBSYS_ASSERT_HELD() lck_mtx_assert(&psx_shm_subsys_mutex, LCK_MTX_ASSERT_OWNED)
91447636
A
218
219
220/* Initialize the mutex governing access to the posix shm subsystem */
221__private_extern__ void
222pshm_lock_init( void )
223{
224
225 psx_shm_subsys_lck_grp_attr = lck_grp_attr_alloc_init();
91447636
A
226
227 psx_shm_subsys_lck_grp = lck_grp_alloc_init("posix shared memory", psx_shm_subsys_lck_grp_attr);
228
229 psx_shm_subsys_lck_attr = lck_attr_alloc_init();
91447636
A
230 lck_mtx_init(& psx_shm_subsys_mutex, psx_shm_subsys_lck_grp, psx_shm_subsys_lck_attr);
231}
1c79356b 232
1c79356b
A
233/*
234 * Lookup an entry in the cache
235 *
236 *
237 * status of -1 is returned if matches
238 * If the lookup determines that the name does not exist
239 * (negative cacheing), a status of ENOENT is returned. If the lookup
240 * fails, a status of zero is returned.
241 */
242
91447636
A
243static int
244pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
6d2010ae 245 struct pshmcache **pcache, int addref)
1c79356b 246{
91447636
A
247 struct pshmcache *pcp, *nnp;
248 struct pshmhashhead *pcpp;
1c79356b
A
249
250 if (pnp->pshm_namelen > PSHMNAMLEN) {
251 pshmstats.longnames++;
490019cf 252 return PSHMCACHE_NOTFOUND;
1c79356b
A
253 }
254
255 pcpp = PSHMHASH(pnp);
256 for (pcp = pcpp->lh_first; pcp != 0; pcp = nnp) {
257 nnp = pcp->pshm_hash.le_next;
258 if (pcp->pshm_nlen == pnp->pshm_namelen &&
259 !bcmp(pcp->pshm_name, pnp->pshm_nameptr, (u_int)pcp-> pshm_nlen))
260 break;
261 }
262
263 if (pcp == 0) {
264 pshmstats.miss++;
490019cf 265 return PSHMCACHE_NOTFOUND;
1c79356b
A
266 }
267
268 /* We found a "positive" match, return the vnode */
269 if (pcp->pshminfo) {
270 pshmstats.goodhits++;
271 /* TOUCH(ncp); */
272 *pshmp = pcp->pshminfo;
273 *pcache = pcp;
6d2010ae
A
274 if (addref)
275 pcp->pshminfo->pshm_usecount++;
490019cf 276 return PSHMCACHE_FOUND;
1c79356b
A
277 }
278
279 /*
280 * We found a "negative" match, ENOENT notifies client of this match.
1c79356b
A
281 */
282 pshmstats.neghits++;
490019cf 283 return PSHMCACHE_NEGATIVE;
1c79356b
A
284}
285
286/*
287 * Add an entry to the cache.
91447636 288 * XXX should be static?
1c79356b 289 */
91447636
A
290static int
291pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp)
1c79356b 292{
91447636 293 struct pshmhashhead *pcpp;
55e303ae
A
294 struct pshminfo *dpinfo;
295 struct pshmcache *dpcp;
1c79356b
A
296
297#if DIAGNOSTIC
2d21ac55 298 if (pnp->pshm_namelen > PSHMNAMLEN)
1c79356b
A
299 panic("cache_enter: name too long");
300#endif
301
91447636 302
1c79356b 303 /* if the entry has already been added by some one else return */
490019cf
A
304 if (pshm_cache_search(&dpinfo, pnp, &dpcp, 0) == PSHMCACHE_FOUND) {
305 return EEXIST;
1c79356b
A
306 }
307 pshmnument++;
308
1c79356b
A
309 /*
310 * Fill in cache info, if vp is NULL this is a "negative" cache entry.
1c79356b
A
311 */
312 pcp->pshminfo = pshmp;
313 pcp->pshm_nlen = pnp->pshm_namelen;
314 bcopy(pnp->pshm_nameptr, pcp->pshm_name, (unsigned)pcp->pshm_nlen);
315 pcpp = PSHMHASH(pnp);
316#if DIAGNOSTIC
317 {
91447636 318 struct pshmcache *p;
1c79356b
A
319
320 for (p = pcpp->lh_first; p != 0; p = p->pshm_hash.le_next)
321 if (p == pcp)
322 panic("cache_enter: duplicate");
323 }
324#endif
325 LIST_INSERT_HEAD(pcpp, pcp, pshm_hash);
490019cf 326 return 0;
1c79356b
A
327}
328
329/*
330 * Name cache initialization, from vfs_init() when we are booting
331 */
332void
91447636 333pshm_cache_init(void)
1c79356b 334{
2d21ac55 335 pshmhashtbl = hashinit(desiredvnodes / 8, M_SHM, &pshmhash);
1c79356b
A
336}
337
338/*
490019cf
A
339 * Invalidate all entries and delete all objects associated with it. Entire
340 * non Kernel entries are going away. Just dump'em all
341 *
1c79356b
A
342 * We actually just increment the v_id, that will do it. The entries will
343 * be purged by lookup as they get found. If the v_id wraps around, we
344 * need to ditch the entire cache, to avoid confusion. No valid vnode will
345 * ever have (v_id == 0).
346 */
490019cf
A
347int
348pshm_cache_purge_all(__unused proc_t p)
1c79356b 349{
490019cf 350 struct pshmcache *pcp, *tmppcp;
1c79356b 351 struct pshmhashhead *pcpp;
490019cf
A
352 int error = 0;
353
354 if (kauth_cred_issuser(kauth_cred_get()) == 0)
355 return EPERM;
1c79356b 356
490019cf 357 PSHM_SUBSYS_LOCK();
1c79356b 358 for (pcpp = &pshmhashtbl[pshmhash]; pcpp >= pshmhashtbl; pcpp--) {
490019cf
A
359 LIST_FOREACH_SAFE(pcp, pcpp, pshm_hash, tmppcp) {
360 assert(pcp->pshm_nlen);
361 error = pshm_unlink_internal(pcp->pshminfo, pcp);
362 if (error)
363 goto out;
364 }
1c79356b 365 }
490019cf
A
366 assert(pshmnument == 0);
367
368out:
369 PSHM_SUBSYS_UNLOCK();
370
371 if (error)
372 printf("%s: Error %d removing shm cache: %ld remain!\n",
373 __func__, error, pshmnument);
374 return error;
1c79356b
A
375}
376
91447636
A
377static void
378pshm_cache_delete(struct pshmcache *pcp)
1c79356b
A
379{
380#if DIAGNOSTIC
381 if (pcp->pshm_hash.le_prev == 0)
382 panic("namecache purge le_prev");
383 if (pcp->pshm_hash.le_next == pcp)
384 panic("namecache purge le_next");
385#endif /* DIAGNOSTIC */
386 LIST_REMOVE(pcp, pshm_hash);
387 pcp->pshm_hash.le_prev = 0;
388 pshmnument--;
389}
390
391
1c79356b 392int
b0d623f7 393shm_open(proc_t p, struct shm_open_args *uap, int32_t *retval)
1c79356b 394{
91447636 395 size_t i;
91447636 396 int indx, error;
1c79356b
A
397 struct pshmname nd;
398 struct pshminfo *pinfo;
b0d623f7
A
399 struct fileproc *fp = NULL;
400 char *pnbuf = NULL;
401 struct pshminfo *new_pinfo = PSHMINFO_NULL;
402 struct pshmnode *new_pnode = PSHMNODE_NULL;
403 struct pshmcache *pcache = PSHMCACHE_NULL; /* ignored on return */
1c79356b
A
404 char * nameptr;
405 char * cp;
406 size_t pathlen, plen;
407 int fmode ;
408 int cmode = uap->mode;
409 int incache = 0;
b0d623f7 410 struct pshmcache *pcp = NULL;
1c79356b 411
e5568f75
A
412 AUDIT_ARG(fflags, uap->oflag);
413 AUDIT_ARG(mode, uap->mode);
91447636 414
1c79356b
A
415 pinfo = PSHMINFO_NULL;
416
b0d623f7
A
417 /*
418 * Preallocate everything we might need up front to avoid taking
419 * and dropping the lock, opening us up to race conditions.
420 */
91447636
A
421 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
422 if (pnbuf == NULL) {
b0d623f7
A
423 error = ENOSPC;
424 goto bad;
91447636
A
425 }
426
1c79356b 427 pathlen = MAXPATHLEN;
91447636 428 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
1c79356b
A
429 if (error) {
430 goto bad;
431 }
e5568f75 432 AUDIT_ARG(text, pnbuf);
1c79356b
A
433 if (pathlen > PSHMNAMLEN) {
434 error = ENAMETOOLONG;
435 goto bad;
436 }
1c79356b
A
437#ifdef PSXSHM_NAME_RESTRICT
438 nameptr = pnbuf;
439 if (*nameptr == '/') {
440 while (*(nameptr++) == '/') {
441 plen--;
442 error = EINVAL;
443 goto bad;
444 }
2d21ac55 445 } else {
1c79356b
A
446 error = EINVAL;
447 goto bad;
448 }
449#endif /* PSXSHM_NAME_RESTRICT */
450
451 plen = pathlen;
452 nameptr = pnbuf;
453 nd.pshm_nameptr = nameptr;
454 nd.pshm_namelen = plen;
455 nd. pshm_hash =0;
456
2d21ac55
A
457 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
458 nd.pshm_hash += (unsigned char)*cp * i;
1c79356b
A
459 }
460
b0d623f7
A
461 /*
462 * attempt to allocate a new fp; if unsuccessful, the fp will be
463 * left unmodified (NULL).
464 */
465 error = falloc(p, &fp, &indx, vfs_context_current());
466 if (error)
467 goto bad;
468
6d2010ae
A
469 cmode &= ALLPERMS;
470
471 fmode = FFLAGS(uap->oflag);
472 if ((fmode & (FREAD | FWRITE)) == 0) {
473 error = EINVAL;
474 goto bad;
475 }
476
b0d623f7
A
477 /*
478 * We allocate a new entry if we are less than the maximum
479 * allowed and the one at the front of the LRU list is in use.
480 * Otherwise we use the one at the front of the LRU list.
481 */
482 MALLOC(pcp, struct pshmcache *, sizeof(struct pshmcache), M_SHM, M_WAITOK|M_ZERO);
483 if (pcp == NULL) {
484 error = ENOSPC;
485 goto bad;
486 }
487
488 MALLOC(new_pinfo, struct pshminfo *, sizeof(struct pshminfo), M_SHM, M_WAITOK|M_ZERO);
489 if (new_pinfo == PSHMINFO_NULL) {
490 error = ENOSPC;
491 goto bad;
492 }
493#if CONFIG_MACF
494 mac_posixshm_label_init(new_pinfo);
495#endif
496
497 MALLOC(new_pnode, struct pshmnode *, sizeof(struct pshmnode), M_SHM, M_WAITOK|M_ZERO);
498 if (new_pnode == PSHMNODE_NULL) {
499 error = ENOSPC;
500 goto bad;
501 }
502
91447636 503 PSHM_SUBSYS_LOCK();
b0d623f7 504
6d2010ae
A
505 /*
506 * If we find the entry in the cache, this will take a reference,
507 * allowing us to unlock it for the permissions check.
508 */
509 error = pshm_cache_search(&pinfo, &nd, &pcache, 1);
510
511 PSHM_SUBSYS_UNLOCK();
1c79356b 512
490019cf 513 if (error == PSHMCACHE_NEGATIVE) {
1c79356b 514 error = EINVAL;
6d2010ae 515 goto bad;
1c79356b 516 }
6d2010ae 517
490019cf 518 if (error == PSHMCACHE_NOTFOUND) {
1c79356b 519 incache = 0;
6d2010ae
A
520 if (fmode & O_CREAT) {
521 /* create a new one (commit the allocation) */
522 pinfo = new_pinfo;
523 pinfo->pshm_flags = PSHM_DEFINED | PSHM_INCREATE;
524 pinfo->pshm_usecount = 1; /* existence reference */
525 pinfo->pshm_mode = cmode;
526 pinfo->pshm_uid = kauth_getuid();
527 pinfo->pshm_gid = kauth_getgid();
316670eb
A
528 bcopy(pnbuf, &pinfo->pshm_name[0], pathlen);
529 pinfo->pshm_name[pathlen]=0;
6d2010ae
A
530#if CONFIG_MACF
531 error = mac_posixshm_check_create(kauth_cred_get(), nameptr);
532 if (error) {
533 goto bad;
534 }
535 mac_posixshm_label_associate(kauth_cred_get(), pinfo, nameptr);
536#endif
537 }
538 } else {
1c79356b 539 incache = 1;
6d2010ae 540 if (fmode & O_CREAT) {
b0d623f7
A
541 /* already exists */
542 if ((fmode & O_EXCL)) {
543 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
544 pinfo->pshm_gid,
545 pinfo->pshm_mode);
546
547 /* shm obj exists and opened O_EXCL */
548 error = EEXIST;
6d2010ae 549 goto bad;
b0d623f7
A
550 }
551
552 if( pinfo->pshm_flags & PSHM_INDELETE) {
553 error = ENOENT;
6d2010ae 554 goto bad;
b0d623f7 555 }
e5568f75 556 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
2d21ac55 557 pinfo->pshm_gid, pinfo->pshm_mode);
b0d623f7 558#if CONFIG_MACF
316670eb 559 if ((error = mac_posixshm_check_open(kauth_cred_get(), pinfo, fmode))) {
6d2010ae 560 goto bad;
2d21ac55 561 }
b0d623f7
A
562#endif
563 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
6d2010ae 564 goto bad;
2d21ac55 565 }
2d21ac55 566 }
6d2010ae
A
567 }
568 if (!(fmode & O_CREAT)) {
1c79356b 569 if (!incache) {
b0d623f7 570 /* O_CREAT is not set and the object does not exist */
1c79356b 571 error = ENOENT;
6d2010ae 572 goto bad;
1c79356b
A
573 }
574 if( pinfo->pshm_flags & PSHM_INDELETE) {
575 error = ENOENT;
6d2010ae 576 goto bad;
1c79356b 577 }
2d21ac55 578#if CONFIG_MACF
316670eb 579 if ((error = mac_posixshm_check_open(kauth_cred_get(), pinfo, fmode))) {
6d2010ae 580 goto bad;
2d21ac55
A
581 }
582#endif
583
b0d623f7 584 if ((error = pshm_access(pinfo, fmode, kauth_cred_get(), p))) {
6d2010ae 585 goto bad;
91447636 586 }
1c79356b
A
587 }
588 if (fmode & O_TRUNC) {
589 error = EINVAL;
6d2010ae 590 goto bad;
1c79356b 591 }
6d2010ae
A
592
593
594 PSHM_SUBSYS_LOCK();
595
1c79356b
A
596#if DIAGNOSTIC
597 if (fmode & FWRITE)
598 pinfo->pshm_writecount++;
599 if (fmode & FREAD)
600 pinfo->pshm_readcount++;
601#endif
1c79356b 602 if (!incache) {
b0d623f7 603 /* if successful, this will consume the pcp */
91447636 604 if ( (error = pshm_cache_add(pinfo, &nd, pcp)) ) {
b0d623f7 605 goto bad_locked;
1c79356b 606 }
6d2010ae
A
607 /*
608 * add reference for the new entry; otherwise, we obtained
609 * one from the cache hit earlier.
610 */
611 pinfo->pshm_usecount++;
1c79356b
A
612 }
613 pinfo->pshm_flags &= ~PSHM_INCREATE;
b0d623f7 614 new_pnode->pinfo = pinfo;
91447636
A
615
616 PSHM_SUBSYS_UNLOCK();
b0d623f7
A
617
618 /*
619 * if incache, we did not use the new pcp or new_pinfo and must
620 * free them
621 */
622 if (incache) {
623 FREE(pcp, M_SHM);
624
625 if (new_pinfo != PSHMINFO_NULL) {
626#if CONFIG_MACF
627 mac_posixshm_label_destroy(new_pinfo);
628#endif
629 FREE(new_pinfo, M_SHM);
630 }
631 }
632
91447636 633 proc_fdlock(p);
1c79356b 634 fp->f_flag = fmode & FMASK;
1c79356b 635 fp->f_ops = &pshmops;
b0d623f7 636 fp->f_data = (caddr_t)new_pnode;
2d21ac55 637 *fdflags(p, indx) |= UF_EXCLOSE;
6601e61a 638 procfdtbl_releasefd(p, indx, NULL);
91447636
A
639 fp_drop(p, indx, fp, 1);
640 proc_fdunlock(p);
641
1c79356b 642 *retval = indx;
55e303ae 643 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1c79356b 644 return (0);
2d21ac55 645
b0d623f7
A
646bad_locked:
647 PSHM_SUBSYS_UNLOCK();
648bad:
6d2010ae
A
649 /*
650 * If we obtained the entry from the cache, we need to drop the
651 * reference; holding the reference may have prevented unlinking,
652 * so we need to call pshm_close() to get the full effect.
653 */
654 if (incache) {
655 PSHM_SUBSYS_LOCK();
656 pshm_close(pinfo, 1);
657 PSHM_SUBSYS_UNLOCK();
658 }
659
b0d623f7
A
660 if (pcp != NULL)
661 FREE(pcp, M_SHM);
662
663 if (new_pnode != PSHMNODE_NULL)
664 FREE(new_pnode, M_SHM);
665
666 if (fp != NULL)
667 fp_free(p, indx, fp);
668
669 if (new_pinfo != PSHMINFO_NULL) {
2d21ac55 670#if CONFIG_MACF
b0d623f7 671 mac_posixshm_label_destroy(new_pinfo);
2d21ac55 672#endif
b0d623f7 673 FREE(new_pinfo, M_SHM);
2d21ac55 674 }
b0d623f7
A
675 if (pnbuf != NULL)
676 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1c79356b
A
677 return (error);
678}
679
680
1c79356b 681int
2d21ac55 682pshm_truncate(__unused proc_t p, struct fileproc *fp, __unused int fd,
b0d623f7 683 off_t length, __unused int32_t *retval)
1c79356b
A
684{
685 struct pshminfo * pinfo;
686 struct pshmnode * pnode ;
687 kern_return_t kret;
91447636 688 mem_entry_name_port_t mem_object;
6d2010ae
A
689 mach_vm_size_t total_size, alloc_size;
690 memory_object_size_t mosize;
b0d623f7 691 struct pshmobj *pshmobj, *pshmobj_next, **pshmobj_next_p;
39236c6e 692 vm_map_t user_map;
2d21ac55
A
693#if CONFIG_MACF
694 int error;
695#endif
1c79356b 696
39236c6e
A
697 user_map = current_map();
698
1c79356b
A
699 if (fp->f_type != DTYPE_PSXSHM) {
700 return(EINVAL);
701 }
702
703
704 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
705 return(EINVAL);
706
91447636
A
707 PSHM_SUBSYS_LOCK();
708 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
709 PSHM_SUBSYS_UNLOCK();
1c79356b 710 return(EINVAL);
91447636 711 }
b0d623f7 712 if ((pinfo->pshm_flags & (PSHM_DEFINED|PSHM_ALLOCATING|PSHM_ALLOCATED))
1c79356b 713 != PSHM_DEFINED) {
91447636 714 PSHM_SUBSYS_UNLOCK();
1c79356b
A
715 return(EINVAL);
716 }
2d21ac55 717#if CONFIG_MACF
6d2010ae 718 error = mac_posixshm_check_truncate(kauth_cred_get(), pinfo, length);
2d21ac55
A
719 if (error) {
720 PSHM_SUBSYS_UNLOCK();
721 return(error);
722 }
723#endif
1c79356b 724
b0d623f7 725 pinfo->pshm_flags |= PSHM_ALLOCATING;
39236c6e
A
726 total_size = vm_map_round_page(length,
727 vm_map_page_mask(user_map));
b0d623f7 728 pshmobj_next_p = &pinfo->pshm_memobjects;
1c79356b 729
b0d623f7
A
730 for (alloc_size = 0;
731 alloc_size < total_size;
6d2010ae 732 alloc_size += mosize) {
1c79356b 733
b0d623f7
A
734 PSHM_SUBSYS_UNLOCK();
735
6d2010ae 736 mosize = MIN(total_size - alloc_size, ANON_MAX_SIZE);
b0d623f7
A
737 kret = mach_make_memory_entry_64(
738 VM_MAP_NULL,
6d2010ae 739 &mosize,
b0d623f7
A
740 0,
741 MAP_MEM_NAMED_CREATE | VM_PROT_DEFAULT,
742 &mem_object,
743 0);
744
745 if (kret != KERN_SUCCESS)
746 goto out;
747
748 MALLOC(pshmobj, struct pshmobj *, sizeof (struct pshmobj),
749 M_SHM, M_WAITOK);
750 if (pshmobj == NULL) {
751 kret = KERN_NO_SPACE;
752 mach_memory_entry_port_release(mem_object);
753 mem_object = NULL;
754 goto out;
755 }
756
757 PSHM_SUBSYS_LOCK();
758
759 pshmobj->pshmo_memobject = (void *) mem_object;
6d2010ae 760 pshmobj->pshmo_size = mosize;
b0d623f7
A
761 pshmobj->pshmo_next = NULL;
762
763 *pshmobj_next_p = pshmobj;
764 pshmobj_next_p = &pshmobj->pshmo_next;
765 }
766
3e170ce0
A
767 pinfo->pshm_flags |= PSHM_ALLOCATED;
768 pinfo->pshm_flags &= ~(PSHM_ALLOCATING);
b0d623f7 769 pinfo->pshm_length = total_size;
91447636 770 PSHM_SUBSYS_UNLOCK();
1c79356b
A
771 return(0);
772
773out:
b0d623f7
A
774 PSHM_SUBSYS_LOCK();
775 for (pshmobj = pinfo->pshm_memobjects;
776 pshmobj != NULL;
777 pshmobj = pshmobj_next) {
778 pshmobj_next = pshmobj->pshmo_next;
779 mach_memory_entry_port_release(pshmobj->pshmo_memobject);
780 FREE(pshmobj, M_SHM);
781 }
782 pinfo->pshm_memobjects = NULL;
783 pinfo->pshm_flags &= ~PSHM_ALLOCATING;
784 PSHM_SUBSYS_UNLOCK();
785
1c79356b
A
786 switch (kret) {
787 case KERN_INVALID_ADDRESS:
788 case KERN_NO_SPACE:
789 return (ENOMEM);
790 case KERN_PROTECTION_FAILURE:
791 return (EACCES);
792 default:
793 return (EINVAL);
794
795 }
796}
797
798int
2d21ac55 799pshm_stat(struct pshmnode *pnode, void *ub, int isstat64)
1c79356b 800{
2d21ac55
A
801 struct stat *sb = (struct stat *)0; /* warning avoidance ; protected by isstat64 */
802 struct stat64 * sb64 = (struct stat64 *)0; /* warning avoidance ; protected by isstat64 */
1c79356b 803 struct pshminfo *pinfo;
2d21ac55
A
804#if CONFIG_MACF
805 int error;
806#endif
1c79356b 807
91447636
A
808 PSHM_SUBSYS_LOCK();
809 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL){
810 PSHM_SUBSYS_UNLOCK();
1c79356b 811 return(EINVAL);
91447636 812 }
1c79356b 813
2d21ac55
A
814#if CONFIG_MACF
815 error = mac_posixshm_check_stat(kauth_cred_get(), pinfo);
816 if (error) {
817 PSHM_SUBSYS_UNLOCK();
818 return(error);
819 }
820#endif
821
822 if (isstat64 != 0) {
823 sb64 = (struct stat64 *)ub;
824 bzero(sb64, sizeof(struct stat64));
825 sb64->st_mode = pinfo->pshm_mode;
826 sb64->st_uid = pinfo->pshm_uid;
827 sb64->st_gid = pinfo->pshm_gid;
828 sb64->st_size = pinfo->pshm_length;
829 } else {
830 sb = (struct stat *)ub;
831 bzero(sb, sizeof(struct stat));
832 sb->st_mode = pinfo->pshm_mode;
833 sb->st_uid = pinfo->pshm_uid;
834 sb->st_gid = pinfo->pshm_gid;
835 sb->st_size = pinfo->pshm_length;
836 }
91447636 837 PSHM_SUBSYS_UNLOCK();
1c79356b
A
838
839 return(0);
840}
841
91447636
A
842/*
843 * This is called only from shm_open which holds pshm_lock();
844 * XXX This code is repeated many times
845 */
1c79356b 846int
2d21ac55 847pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, __unused proc_t p)
1c79356b 848{
6d2010ae
A
849 int mode_req = ((mode & FREAD) ? S_IRUSR : 0) |
850 ((mode & FWRITE) ? S_IWUSR : 0);
1c79356b
A
851
852 /* Otherwise, user id 0 always gets access. */
91447636 853 if (!suser(cred, NULL))
1c79356b
A
854 return (0);
855
6d2010ae 856 return(posix_cred_access(cred, pinfo->pshm_uid, pinfo->pshm_gid, pinfo->pshm_mode, mode_req));
1c79356b 857}
9bccf70c 858
1c79356b 859int
2d21ac55 860pshm_mmap(__unused proc_t p, struct mmap_args *uap, user_addr_t *retval, struct fileproc *fp, off_t pageoff)
1c79356b 861{
316670eb
A
862 vm_map_offset_t user_addr = (vm_map_offset_t)uap->addr;
863 vm_map_size_t user_size = (vm_map_size_t)uap->len ;
864 vm_map_offset_t user_start_addr;
865 vm_map_size_t map_size, mapped_size;
1c79356b
A
866 int prot = uap->prot;
867 int flags = uap->flags;
868 vm_object_offset_t file_pos = (vm_object_offset_t)uap->pos;
b0d623f7 869 vm_object_offset_t map_pos;
1c79356b 870 vm_map_t user_map;
91447636
A
871 int alloc_flags;
872 boolean_t docow;
1c79356b
A
873 kern_return_t kret;
874 struct pshminfo * pinfo;
875 struct pshmnode * pnode;
b0d623f7 876 struct pshmobj * pshmobj;
2d21ac55
A
877#if CONFIG_MACF
878 int error;
879#endif
1c79356b
A
880
881 if (user_size == 0)
882 return(0);
883
884 if ((flags & MAP_SHARED) == 0)
885 return(EINVAL);
886
887
888 if ((prot & PROT_WRITE) && ((fp->f_flag & FWRITE) == 0)) {
889 return(EPERM);
890 }
891
892 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
893 return(EINVAL);
894
91447636
A
895 PSHM_SUBSYS_LOCK();
896 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
897 PSHM_SUBSYS_UNLOCK();
1c79356b 898 return(EINVAL);
91447636 899 }
1c79356b
A
900
901 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
91447636 902 PSHM_SUBSYS_UNLOCK();
1c79356b
A
903 return(EINVAL);
904 }
91447636
A
905 if ((off_t)user_size > pinfo->pshm_length) {
906 PSHM_SUBSYS_UNLOCK();
1c79356b
A
907 return(EINVAL);
908 }
91447636
A
909 if ((off_t)(user_size + file_pos) > pinfo->pshm_length) {
910 PSHM_SUBSYS_UNLOCK();
1c79356b
A
911 return(EINVAL);
912 }
b0d623f7 913 if ((pshmobj = pinfo->pshm_memobjects) == NULL) {
91447636 914 PSHM_SUBSYS_UNLOCK();
1c79356b
A
915 return(EINVAL);
916 }
917
2d21ac55
A
918#if CONFIG_MACF
919 error = mac_posixshm_check_mmap(kauth_cred_get(), pinfo, prot, flags);
920 if (error) {
921 PSHM_SUBSYS_UNLOCK();
922 return(error);
923 }
924#endif
91447636
A
925
926 PSHM_SUBSYS_UNLOCK();
1c79356b
A
927 user_map = current_map();
928
929 if ((flags & MAP_FIXED) == 0) {
91447636 930 alloc_flags = VM_FLAGS_ANYWHERE;
39236c6e
A
931 user_addr = vm_map_round_page(user_addr,
932 vm_map_page_mask(user_map));
1c79356b 933 } else {
39236c6e
A
934 if (user_addr != vm_map_round_page(user_addr,
935 vm_map_page_mask(user_map)))
1c79356b 936 return (EINVAL);
91447636
A
937 /*
938 * We do not get rid of the existing mappings here because
939 * it wouldn't be atomic (see comment in mmap()). We let
940 * Mach VM know that we want it to replace any existing
941 * mapping with the new one.
942 */
943 alloc_flags = VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE;
1c79356b
A
944 }
945 docow = FALSE;
946
b0d623f7
A
947 mapped_size = 0;
948
949 /* reserver the entire space first... */
950 kret = vm_map_enter_mem_object(user_map,
951 &user_addr,
952 user_size,
953 0,
954 alloc_flags,
955 IPC_PORT_NULL,
956 0,
957 FALSE,
958 VM_PROT_NONE,
959 VM_PROT_NONE,
960 VM_INHERIT_NONE);
961 user_start_addr = user_addr;
1c79356b 962 if (kret != KERN_SUCCESS) {
1c79356b
A
963 goto out;
964 }
b0d623f7
A
965
966 /* ... and overwrite with the real mappings */
967 for (map_pos = 0, pshmobj = pinfo->pshm_memobjects;
968 user_size != 0;
969 map_pos += pshmobj->pshmo_size, pshmobj = pshmobj->pshmo_next) {
970 if (pshmobj == NULL) {
971 /* nothing there to map !? */
972 goto out;
973 }
974 if (file_pos >= map_pos + pshmobj->pshmo_size) {
975 continue;
976 }
977 map_size = pshmobj->pshmo_size - (file_pos - map_pos);
978 if (map_size > user_size) {
979 map_size = user_size;
980 }
981 kret = vm_map_enter_mem_object(
982 user_map,
983 &user_addr,
984 map_size,
985 0,
986 VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE,
987 pshmobj->pshmo_memobject,
988 file_pos - map_pos,
989 docow,
990 prot,
991 VM_PROT_DEFAULT,
992 VM_INHERIT_SHARE);
993 if (kret != KERN_SUCCESS)
994 goto out;
995
996 user_addr += map_size;
997 user_size -= map_size;
998 mapped_size += map_size;
999 file_pos += map_size;
1000 }
1001
91447636 1002 PSHM_SUBSYS_LOCK();
b0d623f7
A
1003 pnode->mapp_addr = user_start_addr;
1004 pnode->map_size = mapped_size;
1c79356b 1005 pinfo->pshm_flags |= (PSHM_MAPPED | PSHM_INUSE);
91447636 1006 PSHM_SUBSYS_UNLOCK();
1c79356b 1007out:
b0d623f7
A
1008 if (kret != KERN_SUCCESS) {
1009 if (mapped_size != 0) {
1010 (void) mach_vm_deallocate(current_map(),
1011 user_start_addr,
1012 mapped_size);
1013 }
1014 }
1015
1c79356b
A
1016 switch (kret) {
1017 case KERN_SUCCESS:
b0d623f7 1018 *retval = (user_start_addr + pageoff);
1c79356b
A
1019 return (0);
1020 case KERN_INVALID_ADDRESS:
1021 case KERN_NO_SPACE:
1022 return (ENOMEM);
1023 case KERN_PROTECTION_FAILURE:
1024 return (EACCES);
1025 default:
1026 return (EINVAL);
1027 }
1028
1029}
1030
490019cf
A
1031static int
1032pshm_unlink_internal(struct pshminfo *pinfo, struct pshmcache *pcache)
1033{
1034 struct pshmobj *pshmobj, *pshmobj_next;
1035
1036 PSHM_SUBSYS_ASSERT_HELD();
1037
1038 if (!pinfo || !pcache)
1039 return EINVAL;
1040
1041 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED)) == 0)
1042 return EINVAL;
1043
1044 if (pinfo->pshm_flags & PSHM_INDELETE)
1045 return 0;
1046
1047 pinfo->pshm_flags |= PSHM_INDELETE;
1048 pinfo->pshm_usecount--;
1049
1050 pshm_cache_delete(pcache);
1051 pinfo->pshm_flags |= PSHM_REMOVED;
1052
1053 /* release the existence reference */
1054 if (!pinfo->pshm_usecount) {
1055#if CONFIG_MACF
1056 mac_posixshm_label_destroy(pinfo);
1057#endif
1058 /*
1059 * If this is the last reference going away on the object,
1060 * then we need to destroy the backing object. The name
1061 * has an implied but uncounted reference on the object,
1062 * once it's created, since it's used as a rendezvous, and
1063 * therefore may be subsequently reopened.
1064 */
1065 for (pshmobj = pinfo->pshm_memobjects;
1066 pshmobj != NULL;
1067 pshmobj = pshmobj_next) {
1068 mach_memory_entry_port_release(pshmobj->pshmo_memobject);
1069 pshmobj_next = pshmobj->pshmo_next;
1070 FREE(pshmobj, M_SHM);
1071 }
1072 FREE(pinfo,M_SHM);
1073 }
1074
1075 FREE(pcache, M_SHM);
1076
1077 return 0;
1078}
1079
1c79356b 1080int
490019cf 1081shm_unlink(proc_t p, struct shm_unlink_args *uap, __unused int32_t *retval)
1c79356b 1082{
91447636 1083 size_t i;
490019cf
A
1084 char * pnbuf;
1085 size_t pathlen;
1086 int error = 0;
1087
1c79356b
A
1088 struct pshmname nd;
1089 struct pshminfo *pinfo;
1c79356b
A
1090 char * nameptr;
1091 char * cp;
1c79356b 1092 struct pshmcache *pcache = PSHMCACHE_NULL;
1c79356b
A
1093
1094 pinfo = PSHMINFO_NULL;
1095
490019cf 1096
91447636
A
1097 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
1098 if (pnbuf == NULL) {
1099 return(ENOSPC); /* XXX non-standard */
1100 }
1c79356b 1101 pathlen = MAXPATHLEN;
91447636 1102 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
1c79356b
A
1103 if (error) {
1104 goto bad;
1105 }
e5568f75 1106 AUDIT_ARG(text, pnbuf);
1c79356b
A
1107 if (pathlen > PSHMNAMLEN) {
1108 error = ENAMETOOLONG;
1109 goto bad;
1110 }
1111
490019cf 1112 nameptr = pnbuf;
1c79356b
A
1113
1114#ifdef PSXSHM_NAME_RESTRICT
1c79356b
A
1115 if (*nameptr == '/') {
1116 while (*(nameptr++) == '/') {
490019cf 1117 pathlen--;
1c79356b
A
1118 error = EINVAL;
1119 goto bad;
1120 }
1121 } else {
1122 error = EINVAL;
1123 goto bad;
1124 }
1125#endif /* PSXSHM_NAME_RESTRICT */
1126
1c79356b 1127 nd.pshm_nameptr = nameptr;
490019cf
A
1128 nd.pshm_namelen = pathlen;
1129 nd.pshm_hash = 0;
1c79356b 1130
490019cf 1131 for (cp = nameptr, i=1; *cp != 0 && i <= pathlen; i++, cp++) {
1c79356b
A
1132 nd.pshm_hash += (unsigned char)*cp * i;
1133 }
1134
91447636 1135 PSHM_SUBSYS_LOCK();
6d2010ae 1136 error = pshm_cache_search(&pinfo, &nd, &pcache, 0);
1c79356b 1137
39236c6e 1138 /* During unlink lookup failure also implies ENOENT */
490019cf 1139 if (error != PSHMCACHE_FOUND) {
91447636 1140 PSHM_SUBSYS_UNLOCK();
39236c6e 1141 error = ENOENT;
1c79356b 1142 goto bad;
490019cf
A
1143
1144 }
1c79356b
A
1145
1146 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))==0) {
91447636 1147 PSHM_SUBSYS_UNLOCK();
2d21ac55
A
1148 error = EINVAL;
1149 goto bad;
1c79356b
A
1150 }
1151
b0d623f7
A
1152 if (pinfo->pshm_flags & PSHM_ALLOCATING) {
1153 /* XXX should we wait for flag to clear and then proceed ? */
1154 PSHM_SUBSYS_UNLOCK();
1155 error = EAGAIN;
1156 goto bad;
1157 }
1158
1c79356b 1159 if (pinfo->pshm_flags & PSHM_INDELETE) {
91447636 1160 PSHM_SUBSYS_UNLOCK();
1c79356b
A
1161 error = 0;
1162 goto bad;
1163 }
490019cf 1164
2d21ac55
A
1165#if CONFIG_MACF
1166 error = mac_posixshm_check_unlink(kauth_cred_get(), pinfo, nameptr);
1167 if (error) {
1168 PSHM_SUBSYS_UNLOCK();
1169 goto bad;
1170 }
1171#endif
1c79356b 1172
e5568f75
A
1173 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid, pinfo->pshm_gid,
1174 pinfo->pshm_mode);
91447636 1175
316670eb 1176 /*
490019cf
A
1177 * following file semantics, unlink should be allowed
1178 * for users with write permission only.
91447636 1179 */
316670eb
A
1180 if ( (error = pshm_access(pinfo, FWRITE, kauth_cred_get(), p)) ) {
1181 PSHM_SUBSYS_UNLOCK();
1182 goto bad;
1183 }
91447636 1184
490019cf
A
1185 error = pshm_unlink_internal(pinfo, pcache);
1186 PSHM_SUBSYS_UNLOCK();
1187
1c79356b 1188bad:
55e303ae 1189 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
490019cf 1190 return error;
1c79356b 1191}
1c79356b 1192
91447636
A
1193/* already called locked */
1194static int
6d2010ae 1195pshm_close(struct pshminfo *pinfo, int dropref)
1c79356b 1196{
6d2010ae 1197 int error = 0;
b0d623f7 1198 struct pshmobj *pshmobj, *pshmobj_next;
1c79356b 1199
6d2010ae
A
1200 /*
1201 * If we are dropping the reference we took on the cache object, don't
1202 * enforce the allocation requirement.
1203 */
1204 if ( !dropref && ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED)) {
1c79356b
A
1205 return(EINVAL);
1206 }
1207#if DIAGNOSTIC
1208 if(!pinfo->pshm_usecount) {
1209 kprintf("negative usecount in pshm_close\n");
1210 }
1211#endif /* DIAGNOSTIC */
91447636 1212 pinfo->pshm_usecount--; /* release this fd's reference */
1c79356b
A
1213
1214 if ((pinfo->pshm_flags & PSHM_REMOVED) && !pinfo->pshm_usecount) {
b0d623f7
A
1215#if CONFIG_MACF
1216 mac_posixshm_label_destroy(pinfo);
1217#endif
91447636
A
1218 PSHM_SUBSYS_UNLOCK();
1219 /*
1220 * If this is the last reference going away on the object,
1221 * then we need to destroy the backing object.
1222 */
b0d623f7
A
1223 for (pshmobj = pinfo->pshm_memobjects;
1224 pshmobj != NULL;
1225 pshmobj = pshmobj_next) {
1226 mach_memory_entry_port_release(pshmobj->pshmo_memobject);
1227 pshmobj_next = pshmobj->pshmo_next;
1228 FREE(pshmobj, M_SHM);
1229 }
91447636
A
1230 PSHM_SUBSYS_LOCK();
1231 FREE(pinfo,M_SHM);
1232 }
1c79356b
A
1233 return (error);
1234}
9bccf70c 1235
2d21ac55 1236/* vfs_context_t passed to match prototype for struct fileops */
9bccf70c 1237static int
2d21ac55 1238pshm_closefile(struct fileglob *fg, __unused vfs_context_t ctx)
9bccf70c 1239{
6d2010ae
A
1240 int error = EINVAL;
1241 struct pshmnode *pnode;
91447636
A
1242
1243 PSHM_SUBSYS_LOCK();
6d2010ae
A
1244
1245 if ((pnode = (struct pshmnode *)fg->fg_data) != NULL) {
1246 if (pnode->pinfo != PSHMINFO_NULL) {
1247 error = pshm_close(pnode->pinfo, 0);
1248 }
1249 FREE(pnode, M_SHM);
1250 }
1251
91447636 1252 PSHM_SUBSYS_UNLOCK();
6d2010ae 1253
91447636 1254 return(error);
9bccf70c
A
1255}
1256
1257static int
91447636 1258pshm_read(__unused struct fileproc *fp, __unused struct uio *uio,
2d21ac55 1259 __unused int flags, __unused vfs_context_t ctx)
1c79356b 1260{
91447636 1261 return(ENOTSUP);
1c79356b 1262}
9bccf70c
A
1263
1264static int
91447636 1265pshm_write(__unused struct fileproc *fp, __unused struct uio *uio,
2d21ac55 1266 __unused int flags, __unused vfs_context_t ctx)
1c79356b 1267{
91447636 1268 return(ENOTSUP);
1c79356b 1269}
9bccf70c
A
1270
1271static int
91447636 1272pshm_ioctl(__unused struct fileproc *fp, __unused u_long com,
2d21ac55 1273 __unused caddr_t data, __unused vfs_context_t ctx)
1c79356b 1274{
91447636 1275 return(ENOTSUP);
1c79356b 1276}
9bccf70c
A
1277
1278static int
91447636 1279pshm_select(__unused struct fileproc *fp, __unused int which, __unused void *wql,
2d21ac55 1280 __unused vfs_context_t ctx)
1c79356b 1281{
91447636 1282 return(ENOTSUP);
1c79356b 1283}
55e303ae
A
1284
1285static int
91447636 1286pshm_kqfilter(__unused struct fileproc *fp, __unused struct knote *kn,
2d21ac55 1287 __unused vfs_context_t ctx)
55e303ae 1288{
91447636 1289 return(ENOTSUP);
55e303ae 1290}
0c530ab8
A
1291
1292int
1293fill_pshminfo(struct pshmnode * pshm, struct pshm_info * info)
1294{
1295 struct pshminfo *pinfo;
2d21ac55 1296 struct vinfo_stat *sb;
0c530ab8
A
1297
1298 PSHM_SUBSYS_LOCK();
1299 if ((pinfo = pshm->pinfo) == PSHMINFO_NULL){
1300 PSHM_SUBSYS_UNLOCK();
1301 return(EINVAL);
1302 }
1303
1304 sb = &info->pshm_stat;
1305
2d21ac55
A
1306 bzero(sb, sizeof(struct vinfo_stat));
1307 sb->vst_mode = pinfo->pshm_mode;
1308 sb->vst_uid = pinfo->pshm_uid;
1309 sb->vst_gid = pinfo->pshm_gid;
1310 sb->vst_size = pinfo->pshm_length;
0c530ab8
A
1311
1312 info->pshm_mappaddr = pshm->mapp_addr;
1313 bcopy(&pinfo->pshm_name[0], &info->pshm_name[0], PSHMNAMLEN+1);
1314
1315 PSHM_SUBSYS_UNLOCK();
1316 return(0);
1317}
1318
2d21ac55
A
1319#if CONFIG_MACF
1320void
1321pshm_label_associate(struct fileproc *fp, struct vnode *vp, vfs_context_t ctx)
1322{
1323 struct pshmnode *pnode;
1324 struct pshminfo *pshm;
0c530ab8 1325
2d21ac55
A
1326 PSHM_SUBSYS_LOCK();
1327 pnode = (struct pshmnode *)fp->f_fglob->fg_data;
1328 if (pnode != NULL) {
1329 pshm = pnode->pinfo;
1330 if (pshm != NULL)
1331 mac_posixshm_vnode_label_associate(
1332 vfs_context_ucred(ctx), pshm, pshm->pshm_label,
1333 vp, vp->v_label);
1334 }
1335 PSHM_SUBSYS_UNLOCK();
1336}
1337#endif