]> git.saurik.com Git - apple/xnu.git/blame - bsd/kern/posix_shm.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-792.17.14.tar.gz
[apple/xnu.git] / bsd / kern / posix_shm.c
CommitLineData
1c79356b 1/*
5d5c5d0d
A		 2 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
3 *
8f6c56a5 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b 5 *
8f6c56a5
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
8ad349bb 24 * limitations under the License.
8f6c56a5
A		 25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b
A		 27 */
28/*
29 * Copyright (c) 1990, 1996-1998 Apple Computer, Inc.
30 * All Rights Reserved.
31 */
32/*
9bccf70c 33 * posix_shm.c : Support for POSIX shared memory APIs
1c79356b
A		 34 *
35 * File: posix_shm.c
36 * Author: Ananthakrishna Ramesh
37 *
38 * HISTORY
39 * 2-Sep-1999 A.Ramesh
40 * Created for MacOSX
41 *
42 */
43
44#include <sys/cdefs.h>
45#include <sys/param.h>
46#include <sys/systm.h>
47#include <sys/kernel.h>
91447636 48#include <sys/file_internal.h>
1c79356b
A		 49#include <sys/filedesc.h>
50#include <sys/stat.h>
91447636
A		 51#include <sys/proc_internal.h>
52#include <sys/kauth.h>
1c79356b
A		 53#include <sys/mount.h>
54#include <sys/namei.h>
55#include <sys/vnode.h>
56#include <sys/ioctl.h>
57#include <sys/tty.h>
58#include <sys/malloc.h>
59#include <sys/mman.h>
91447636
A		 60#include <sys/stat.h>
61#include <sys/sysproto.h>
e5568f75
A		 62
63#include <bsm/audit_kernel.h>
64
1c79356b 65#include <mach/mach_types.h>
91447636
A		 66#include <mach/mach_vm.h>
67#include <mach/vm_map.h>
1c79356b
A		 68#include <mach/vm_prot.h>
69#include <mach/vm_inherit.h>
70#include <mach/kern_return.h>
71#include <mach/memory_object_control.h>
72
91447636
A		 73#include <vm/vm_map.h>
74#include <vm/vm_protos.h>
75#include <vm/vm_shared_memory_server.h>
76
77#if KTRACE
78#include <sys/ktrace.h>
79#endif
1c79356b 80
91447636
A		 81#define f_flag f_fglob->fg_flag
82#define f_type f_fglob->fg_type
83#define f_msgcount f_fglob->fg_msgcount
84#define f_cred f_fglob->fg_cred
85#define f_ops f_fglob->fg_ops
86#define f_offset f_fglob->fg_offset
87#define f_data f_fglob->fg_data
1c79356b
A		 88#define PSHMNAMLEN 31 /* maximum name segment length we bother with */
89
90struct pshminfo {
91 unsigned int pshm_flags;
92 unsigned int pshm_usecount;
93 off_t pshm_length;
94 mode_t pshm_mode;
95 uid_t pshm_uid;
96 gid_t pshm_gid;
97 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
98 void * pshm_memobject;
99#if DIAGNOSTIC
100 unsigned int pshm_readcount;
101 unsigned int pshm_writecount;
102 struct proc * pshm_proc;
103#endif /* DIAGNOSTIC */
104};
105#define PSHMINFO_NULL (struct pshminfo *)0
106
107#define PSHM_NONE 1
108#define PSHM_DEFINED 2
109#define PSHM_ALLOCATED 4
110#define PSHM_MAPPED 8
111#define PSHM_INUSE 0x10
112#define PSHM_REMOVED 0x20
113#define PSHM_INCREATE 0x40
114#define PSHM_INDELETE 0x80
115
116struct pshmcache {
117 LIST_ENTRY(pshmcache) pshm_hash; /* hash chain */
118 struct pshminfo *pshminfo; /* vnode the name refers to */
119 int pshm_nlen; /* length of name */
120 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
121};
122#define PSHMCACHE_NULL (struct pshmcache *)0
123
124struct pshmstats {
125 long goodhits; /* hits that we can really use */
126 long neghits; /* negative hits that we can use */
127 long badhits; /* hits we must drop */
128 long falsehits; /* hits with id mismatch */
129 long miss; /* misses */
130 long longnames; /* long names that ignore cache */
131};
132
133struct pshmname {
134 char *pshm_nameptr; /* pointer to looked up name */
135 long pshm_namelen; /* length of looked up component */
136 u_long pshm_hash; /* hash value of looked up name */
137};
138
139struct pshmnode {
91447636
A		 140 off_t mapp_addr;
141 user_size_t map_size;
1c79356b
A		 142 struct pshminfo *pinfo;
143 unsigned int pshm_usecount;
144#if DIAGNOSTIC
145 unsigned int readcnt;
146 unsigned int writecnt;
147#endif
148};
149#define PSHMNODE_NULL (struct pshmnode *)0
150
151
152#define PSHMHASH(pnp) \
153 (&pshmhashtbl[(pnp)->pshm_hash & pshmhash])
91447636 154
1c79356b
A		 155LIST_HEAD(pshmhashhead, pshmcache) *pshmhashtbl; /* Hash Table */
156u_long pshmhash; /* size of hash table - 1 */
157long pshmnument; /* number of cache entries allocated */
158struct pshmstats pshmstats; /* cache effectiveness statistics */
159
91447636
A		 160static int pshm_read (struct fileproc *fp, struct uio *uio,
161 kauth_cred_t cred, int flags, struct proc *p);
162static int pshm_write (struct fileproc *fp, struct uio *uio,
163 kauth_cred_t cred, int flags, struct proc *p);
164static int pshm_ioctl (struct fileproc *fp, u_long com,
165 caddr_t data, struct proc *p);
166static int pshm_select (struct fileproc *fp, int which, void *wql, struct proc *p);
167static int pshm_close(struct pshmnode *pnode);
168static int pshm_closefile (struct fileglob *fg, struct proc *p);
169
170static int pshm_kqfilter(struct fileproc *fp, struct knote *kn, struct proc *p);
171
172int pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, struct proc *p);
173static int pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp);
174static void pshm_cache_delete(struct pshmcache *pcp);
175#if NOT_USED
176static void pshm_cache_purge(void);
177#endif /* NOT_USED */
178static int pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
179 struct pshmcache **pcache);
55e303ae 180
1c79356b 181struct fileops pshmops =
91447636
A		 182 { pshm_read, pshm_write, pshm_ioctl, pshm_select, pshm_closefile, pshm_kqfilter, 0 };
183
184static lck_grp_t *psx_shm_subsys_lck_grp;
185static lck_grp_attr_t *psx_shm_subsys_lck_grp_attr;
186static lck_attr_t *psx_shm_subsys_lck_attr;
187static lck_mtx_t psx_shm_subsys_mutex;
188
189#define PSHM_SUBSYS_LOCK() lck_mtx_lock(& psx_shm_subsys_mutex)
190#define PSHM_SUBSYS_UNLOCK() lck_mtx_unlock(& psx_shm_subsys_mutex)
191
192
193/* Initialize the mutex governing access to the posix shm subsystem */
194__private_extern__ void
195pshm_lock_init( void )
196{
197
198 psx_shm_subsys_lck_grp_attr = lck_grp_attr_alloc_init();
8f6c56a5 199 lck_grp_attr_setstat(psx_shm_subsys_lck_grp_attr);
91447636
A		 200
201 psx_shm_subsys_lck_grp = lck_grp_alloc_init("posix shared memory", psx_shm_subsys_lck_grp_attr);
202
203 psx_shm_subsys_lck_attr = lck_attr_alloc_init();
8f6c56a5 204 /* lck_attr_setdebug(psx_shm_subsys_lck_attr); */
91447636
A		 205 lck_mtx_init(& psx_shm_subsys_mutex, psx_shm_subsys_lck_grp, psx_shm_subsys_lck_attr);
206}
1c79356b 207
1c79356b
A		 208/*
209 * Lookup an entry in the cache
210 *
211 *
212 * status of -1 is returned if matches
213 * If the lookup determines that the name does not exist
214 * (negative cacheing), a status of ENOENT is returned. If the lookup
215 * fails, a status of zero is returned.
216 */
217
91447636
A		 218static int
219pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
220 struct pshmcache **pcache)
1c79356b 221{
91447636
A		 222 struct pshmcache *pcp, *nnp;
223 struct pshmhashhead *pcpp;
1c79356b
A		 224
225 if (pnp->pshm_namelen > PSHMNAMLEN) {
226 pshmstats.longnames++;
227 return (0);
228 }
229
230 pcpp = PSHMHASH(pnp);
231 for (pcp = pcpp->lh_first; pcp != 0; pcp = nnp) {
232 nnp = pcp->pshm_hash.le_next;
233 if (pcp->pshm_nlen == pnp->pshm_namelen &&
234 !bcmp(pcp->pshm_name, pnp->pshm_nameptr, (u_int)pcp-> pshm_nlen))
235 break;
236 }
237
238 if (pcp == 0) {
239 pshmstats.miss++;
240 return (0);
241 }
242
243 /* We found a "positive" match, return the vnode */
244 if (pcp->pshminfo) {
245 pshmstats.goodhits++;
246 /* TOUCH(ncp); */
247 *pshmp = pcp->pshminfo;
248 *pcache = pcp;
249 return (-1);
250 }
251
252 /*
253 * We found a "negative" match, ENOENT notifies client of this match.
254 * The nc_vpid field records whether this is a whiteout.
255 */
256 pshmstats.neghits++;
257 return (ENOENT);
258}
259
260/*
261 * Add an entry to the cache.
91447636 262 * XXX should be static?
1c79356b 263 */
91447636
A		 264static int
265pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp)
1c79356b 266{
91447636 267 struct pshmhashhead *pcpp;
55e303ae
A		 268 struct pshminfo *dpinfo;
269 struct pshmcache *dpcp;
1c79356b
A		 270
271#if DIAGNOSTIC
272 if (pnp->pshm_namelen > NCHNAMLEN)
273 panic("cache_enter: name too long");
274#endif
275
91447636 276
1c79356b
A		 277 /* if the entry has already been added by some one else return */
278 if (pshm_cache_search(&dpinfo, pnp, &dpcp) == -1) {
1c79356b
A		 279 return(EEXIST);
280 }
281 pshmnument++;
282
1c79356b
A		 283 /*
284 * Fill in cache info, if vp is NULL this is a "negative" cache entry.
285 * For negative entries, we have to record whether it is a whiteout.
286 * the whiteout flag is stored in the nc_vpid field which is
287 * otherwise unused.
288 */
289 pcp->pshminfo = pshmp;
290 pcp->pshm_nlen = pnp->pshm_namelen;
291 bcopy(pnp->pshm_nameptr, pcp->pshm_name, (unsigned)pcp->pshm_nlen);
292 pcpp = PSHMHASH(pnp);
293#if DIAGNOSTIC
294 {
91447636 295 struct pshmcache *p;
1c79356b
A		 296
297 for (p = pcpp->lh_first; p != 0; p = p->pshm_hash.le_next)
298 if (p == pcp)
299 panic("cache_enter: duplicate");
300 }
301#endif
302 LIST_INSERT_HEAD(pcpp, pcp, pshm_hash);
303 return(0);
304}
305
306/*
307 * Name cache initialization, from vfs_init() when we are booting
308 */
309void
91447636 310pshm_cache_init(void)
1c79356b
A		 311{
312 pshmhashtbl = hashinit(desiredvnodes, M_SHM, &pshmhash);
313}
314
91447636 315#if NOT_USED
1c79356b
A		 316/*
317 * Invalidate a all entries to particular vnode.
318 *
319 * We actually just increment the v_id, that will do it. The entries will
320 * be purged by lookup as they get found. If the v_id wraps around, we
321 * need to ditch the entire cache, to avoid confusion. No valid vnode will
322 * ever have (v_id == 0).
323 */
91447636 324static void
1c79356b
A		 325pshm_cache_purge(void)
326{
327 struct pshmcache *pcp;
328 struct pshmhashhead *pcpp;
329
330 for (pcpp = &pshmhashtbl[pshmhash]; pcpp >= pshmhashtbl; pcpp--) {
91447636 331 while ( (pcp = pcpp->lh_first) )
1c79356b
A		 332 pshm_cache_delete(pcp);
333 }
334}
91447636 335#endif /* NOT_USED */
1c79356b 336
91447636
A		 337static void
338pshm_cache_delete(struct pshmcache *pcp)
1c79356b
A		 339{
340#if DIAGNOSTIC
341 if (pcp->pshm_hash.le_prev == 0)
342 panic("namecache purge le_prev");
343 if (pcp->pshm_hash.le_next == pcp)
344 panic("namecache purge le_next");
345#endif /* DIAGNOSTIC */
346 LIST_REMOVE(pcp, pshm_hash);
347 pcp->pshm_hash.le_prev = 0;
348 pshmnument--;
349}
350
351
1c79356b 352int
91447636 353shm_open(struct proc *p, struct shm_open_args *uap, register_t *retval)
1c79356b 354{
91447636
A		 355 struct fileproc *fp;
356 size_t i;
357 struct fileproc *nfp;
358 int indx, error;
1c79356b
A		 359 struct pshmname nd;
360 struct pshminfo *pinfo;
1c79356b
A		 361 char * pnbuf;
362 char * nameptr;
363 char * cp;
364 size_t pathlen, plen;
365 int fmode ;
366 int cmode = uap->mode;
367 int incache = 0;
368 struct pshmnode * pnode = PSHMNODE_NULL;
369 struct pshmcache * pcache = PSHMCACHE_NULL;
91447636 370 struct pshmcache *pcp;
9bccf70c 371 int pinfo_alloc=0;
1c79356b 372
e5568f75
A		 373 AUDIT_ARG(fflags, uap->oflag);
374 AUDIT_ARG(mode, uap->mode);
91447636 375
1c79356b
A		 376 pinfo = PSHMINFO_NULL;
377
91447636
A		 378 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
379 if (pnbuf == NULL) {
380 return(ENOSPC);
381 }
382
1c79356b 383 pathlen = MAXPATHLEN;
91447636 384 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
1c79356b
A		 385 if (error) {
386 goto bad;
387 }
e5568f75 388 AUDIT_ARG(text, pnbuf);
1c79356b
A		 389 if (pathlen > PSHMNAMLEN) {
390 error = ENAMETOOLONG;
391 goto bad;
392 }
393
394
395#ifdef PSXSHM_NAME_RESTRICT
396 nameptr = pnbuf;
397 if (*nameptr == '/') {
398 while (*(nameptr++) == '/') {
399 plen--;
400 error = EINVAL;
401 goto bad;
402 }
403 } else {
404 error = EINVAL;
405 goto bad;
406 }
407#endif /* PSXSHM_NAME_RESTRICT */
408
409 plen = pathlen;
410 nameptr = pnbuf;
411 nd.pshm_nameptr = nameptr;
412 nd.pshm_namelen = plen;
413 nd. pshm_hash =0;
414
415 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
416 nd.pshm_hash += (unsigned char)*cp * i;
417 }
418
91447636
A		 419#if KTRACE
420 if (KTRPOINT(p, KTR_NAMEI))
421 ktrnamei(p->p_tracep, nameptr);
422#endif
423
424 PSHM_SUBSYS_LOCK();
1c79356b
A		 425 error = pshm_cache_search(&pinfo, &nd, &pcache);
426
427 if (error == ENOENT) {
91447636 428 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 429 error = EINVAL;
430 goto bad;
431
432 }
433 if (!error) {
434 incache = 0;
435 } else
436 incache = 1;
437 fmode = FFLAGS(uap->oflag);
55e303ae 438 if ((fmode & (FREAD | FWRITE))==0) {
91447636 439 PSHM_SUBSYS_UNLOCK();
55e303ae
A		 440 error = EINVAL;
441 goto bad;
442 }
1c79356b 443
91447636
A		 444 /*
445 * XXXXXXXXXX TBD XXXXXXXXXX
446 * There is a race that existed with the funnels as well.
447 * Need to be fixed later
448 */
449 PSHM_SUBSYS_UNLOCK();
450 error = falloc(p, &nfp, &indx);
451 if (error )
55e303ae 452 goto bad;
91447636
A		 453 PSHM_SUBSYS_LOCK();
454
1c79356b
A		 455 fp = nfp;
456
457 cmode &= ALLPERMS;
458
459 if (fmode & O_CREAT) {
460 if ((fmode & O_EXCL) && incache) {
e5568f75
A		 461 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
462 pinfo->pshm_gid, pinfo->pshm_mode);
463
1c79356b
A		 464 /* shm obj exists and opened O_EXCL */
465#if notyet
466 if (pinfo->pshm_flags & PSHM_INDELETE) {
467 }
468#endif
469 error = EEXIST;
91447636 470 PSHM_SUBSYS_UNLOCK();
9bccf70c 471 goto bad1;
1c79356b
A		 472 }
473 if (!incache) {
91447636 474 PSHM_SUBSYS_UNLOCK();
1c79356b 475 /* create a new one */
91447636
A		 476 MALLOC(pinfo, struct pshminfo *, sizeof(struct pshminfo), M_SHM, M_WAITOK|M_ZERO);
477 if (pinfo == NULL) {
478 error = ENOSPC;
479 goto bad1;
480 }
481 PSHM_SUBSYS_LOCK();
482 pinfo_alloc = 1;
1c79356b 483 pinfo->pshm_flags = PSHM_DEFINED | PSHM_INCREATE;
91447636 484 pinfo->pshm_usecount = 1; /* existence reference */
1c79356b 485 pinfo->pshm_mode = cmode;
91447636
A		 486 pinfo->pshm_uid = kauth_cred_getuid(kauth_cred_get());
487 pinfo->pshm_gid = kauth_cred_get()->cr_gid;
1c79356b
A		 488 } else {
489 /* already exists */
490 if( pinfo->pshm_flags & PSHM_INDELETE) {
91447636 491 PSHM_SUBSYS_UNLOCK();
1c79356b 492 error = ENOENT;
9bccf70c 493 goto bad1;
1c79356b 494 }
91447636
A		 495 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
496 pinfo->pshm_gid, pinfo->pshm_mode);
497 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
498 PSHM_SUBSYS_UNLOCK();
9bccf70c 499 goto bad1;
91447636 500 }
1c79356b
A		 501 }
502 } else {
503 if (!incache) {
504 /* O_CREAT is not set and the shm obecj does not exist */
91447636 505 PSHM_SUBSYS_UNLOCK();
1c79356b 506 error = ENOENT;
9bccf70c 507 goto bad1;
1c79356b
A		 508 }
509 if( pinfo->pshm_flags & PSHM_INDELETE) {
91447636 510 PSHM_SUBSYS_UNLOCK();
1c79356b 511 error = ENOENT;
9bccf70c 512 goto bad1;
1c79356b 513 }
91447636
A		 514 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
515 PSHM_SUBSYS_UNLOCK();
9bccf70c 516 goto bad1;
91447636 517 }
1c79356b
A		 518 }
519 if (fmode & O_TRUNC) {
91447636 520 PSHM_SUBSYS_UNLOCK();
1c79356b 521 error = EINVAL;
9bccf70c 522 goto bad2;
1c79356b
A		 523 }
524#if DIAGNOSTIC
525 if (fmode & FWRITE)
526 pinfo->pshm_writecount++;
527 if (fmode & FREAD)
528 pinfo->pshm_readcount++;
529#endif
91447636
A		 530 PSHM_SUBSYS_UNLOCK();
531 MALLOC(pnode, struct pshmnode *, sizeof(struct pshmnode), M_SHM, M_WAITOK|M_ZERO);
532 if (pnode == NULL) {
533 error = ENOSPC;
534 goto bad2;
535 }
536 if (!incache) {
537 /*
538 * We allocate a new entry if we are less than the maximum
539 * allowed and the one at the front of the LRU list is in use.
540 * Otherwise we use the one at the front of the LRU list.
541 */
542 MALLOC(pcp, struct pshmcache *, sizeof(struct pshmcache), M_SHM, M_WAITOK|M_ZERO);
543 if (pcp == NULL) {
544 error = ENOSPC;
545 goto bad2;
546 }
547
548 }
549 PSHM_SUBSYS_LOCK();
1c79356b
A		 550
551 if (!incache) {
91447636
A		 552 if ( (error = pshm_cache_add(pinfo, &nd, pcp)) ) {
553 PSHM_SUBSYS_UNLOCK();
554 FREE(pcp, M_SHM);
555 goto bad3;
1c79356b
A		 556 }
557 }
558 pinfo->pshm_flags &= ~PSHM_INCREATE;
91447636 559 pinfo->pshm_usecount++; /* extra reference for the new fd */
1c79356b 560 pnode->pinfo = pinfo;
91447636
A		 561
562 PSHM_SUBSYS_UNLOCK();
563 proc_fdlock(p);
1c79356b
A		 564 fp->f_flag = fmode & FMASK;
565 fp->f_type = DTYPE_PSXSHM;
566 fp->f_ops = &pshmops;
567 fp->f_data = (caddr_t)pnode;
568 *fdflags(p, indx) &= ~UF_RESERVED;
91447636
A		 569 fp_drop(p, indx, fp, 1);
570 proc_fdunlock(p);
571
1c79356b 572 *retval = indx;
55e303ae 573 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1c79356b 574 return (0);
9bccf70c 575bad3:
91447636 576 FREE(pnode, M_SHM);
1c79356b 577
9bccf70c
A		 578bad2:
579 if (pinfo_alloc)
91447636 580 FREE(pinfo, M_SHM);
1c79356b 581bad1:
91447636 582 fp_free(p, indx, fp);
1c79356b 583bad:
55e303ae 584 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1c79356b
A		 585 return (error);
586}
587
588
1c79356b 589int
91447636
A		 590pshm_truncate(__unused struct proc *p, struct fileproc *fp, __unused int fd,
591 off_t length, __unused register_t *retval)
1c79356b
A		 592{
593 struct pshminfo * pinfo;
594 struct pshmnode * pnode ;
595 kern_return_t kret;
8f6c56a5 596 vm_offset_t user_addr;
91447636 597 mem_entry_name_port_t mem_object;
8f6c56a5 598 vm_size_t size;
1c79356b
A		 599
600 if (fp->f_type != DTYPE_PSXSHM) {
601 return(EINVAL);
602 }
603
604
605 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
606 return(EINVAL);
607
91447636
A		 608 PSHM_SUBSYS_LOCK();
609 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
610 PSHM_SUBSYS_UNLOCK();
1c79356b 611 return(EINVAL);
91447636 612 }
1c79356b
A		 613 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))
614 != PSHM_DEFINED) {
91447636 615 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 616 return(EINVAL);
617 }
618
91447636 619 PSHM_SUBSYS_UNLOCK();
55e303ae 620 size = round_page_64(length);
8f6c56a5 621 kret = vm_allocate(current_map(), &user_addr, size, VM_FLAGS_ANYWHERE);
1c79356b
A		 622 if (kret != KERN_SUCCESS)
623 goto out;
624
8f6c56a5 625 kret = mach_make_memory_entry (current_map(), &size,
1c79356b
A		 626 user_addr, VM_PROT_DEFAULT, &mem_object, 0);
627
628 if (kret != KERN_SUCCESS)
629 goto out;
630
8f6c56a5 631 vm_deallocate(current_map(), user_addr, size);
1c79356b 632
91447636 633 PSHM_SUBSYS_LOCK();
1c79356b
A		 634 pinfo->pshm_flags &= ~PSHM_DEFINED;
635 pinfo->pshm_flags = PSHM_ALLOCATED;
91447636 636 pinfo->pshm_memobject = (void *)mem_object;
1c79356b 637 pinfo->pshm_length = size;
91447636 638 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 639 return(0);
640
641out:
642 switch (kret) {
643 case KERN_INVALID_ADDRESS:
644 case KERN_NO_SPACE:
645 return (ENOMEM);
646 case KERN_PROTECTION_FAILURE:
647 return (EACCES);
648 default:
649 return (EINVAL);
650
651 }
652}
653
654int
91447636 655pshm_stat(struct pshmnode *pnode, struct stat *sb)
1c79356b
A		 656{
657 struct pshminfo *pinfo;
658
91447636
A		 659 PSHM_SUBSYS_LOCK();
660 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL){
661 PSHM_SUBSYS_UNLOCK();
1c79356b 662 return(EINVAL);
91447636 663 }
1c79356b
A		 664
665 bzero(sb, sizeof(struct stat));
666 sb->st_mode = pinfo->pshm_mode;
667 sb->st_uid = pinfo->pshm_uid;
668 sb->st_gid = pinfo->pshm_gid;
669 sb->st_size = pinfo->pshm_length;
91447636 670 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 671
672 return(0);
673}
674
91447636
A		 675/*
676 * This is called only from shm_open which holds pshm_lock();
677 * XXX This code is repeated many times
678 */
1c79356b 679int
91447636 680pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, __unused struct proc *p)
1c79356b
A		 681{
682 mode_t mask;
91447636 683 int is_member;
1c79356b
A		 684
685 /* Otherwise, user id 0 always gets access. */
91447636 686 if (!suser(cred, NULL))
1c79356b
A		 687 return (0);
688
689 mask = 0;
690
691 /* Otherwise, check the owner. */
91447636 692 if (kauth_cred_getuid(cred) == pinfo->pshm_uid) {
1c79356b
A		 693 if (mode & FREAD)
694 mask |= S_IRUSR;
695 if (mode & FWRITE)
696 mask |= S_IWUSR;
697 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
698 }
699
700 /* Otherwise, check the groups. */
91447636
A		 701 if (kauth_cred_ismember_gid(cred, pinfo->pshm_gid, &is_member) == 0 && is_member) {
702 if (mode & FREAD)
703 mask |= S_IRGRP;
704 if (mode & FWRITE)
705 mask |= S_IWGRP;
706 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
707 }
1c79356b
A		 708
709 /* Otherwise, check everyone else. */
710 if (mode & FREAD)
711 mask |= S_IROTH;
712 if (mode & FWRITE)
713 mask |= S_IWOTH;
714 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
715}
9bccf70c 716
1c79356b 717int
91447636 718pshm_mmap(struct proc *p, struct mmap_args *uap, user_addr_t *retval, struct fileproc *fp, off_t pageoff)
1c79356b 719{
91447636
A		 720 mach_vm_offset_t user_addr = (mach_vm_offset_t)uap->addr;
721 mach_vm_size_t user_size = (mach_vm_size_t)uap->len ;
1c79356b
A		 722 int prot = uap->prot;
723 int flags = uap->flags;
724 vm_object_offset_t file_pos = (vm_object_offset_t)uap->pos;
725 int fd = uap->fd;
726 vm_map_t user_map;
91447636
A		 727 int alloc_flags;
728 boolean_t docow;
1c79356b
A		 729 kern_return_t kret;
730 struct pshminfo * pinfo;
731 struct pshmnode * pnode;
732 void * mem_object;
733
734 if (user_size == 0)
735 return(0);
736
737 if ((flags & MAP_SHARED) == 0)
738 return(EINVAL);
739
740
741 if ((prot & PROT_WRITE) && ((fp->f_flag & FWRITE) == 0)) {
742 return(EPERM);
743 }
744
745 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
746 return(EINVAL);
747
91447636
A		 748 PSHM_SUBSYS_LOCK();
749 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
750 PSHM_SUBSYS_UNLOCK();
1c79356b 751 return(EINVAL);
91447636 752 }
1c79356b
A		 753
754 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
91447636 755 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 756 return(EINVAL);
757 }
91447636
A		 758 if ((off_t)user_size > pinfo->pshm_length) {
759 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 760 return(EINVAL);
761 }
91447636
A		 762 if ((off_t)(user_size + file_pos) > pinfo->pshm_length) {
763 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 764 return(EINVAL);
765 }
766 if ((mem_object = pinfo->pshm_memobject) == NULL) {
91447636 767 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 768 return(EINVAL);
769 }
770
91447636
A		 771
772 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 773 user_map = current_map();
774
775 if ((flags & MAP_FIXED) == 0) {
91447636
A		 776 alloc_flags = VM_FLAGS_ANYWHERE;
777 user_addr = mach_vm_round_page(user_addr);
1c79356b 778 } else {
91447636 779 if (user_addr != mach_vm_trunc_page(user_addr))
1c79356b 780 return (EINVAL);
91447636
A		 781 /*
782 * We do not get rid of the existing mappings here because
783 * it wouldn't be atomic (see comment in mmap()). We let
784 * Mach VM know that we want it to replace any existing
785 * mapping with the new one.
786 */
787 alloc_flags = VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE;
1c79356b
A		 788 }
789 docow = FALSE;
790
91447636
A		 791 kret = mach_vm_map(user_map, &user_addr, user_size,
792 0, alloc_flags, pinfo->pshm_memobject, file_pos, docow,
1c79356b 793 prot, VM_PROT_DEFAULT,
91447636 794 VM_INHERIT_SHARE);
1c79356b
A		 795 if (kret != KERN_SUCCESS)
796 goto out;
91447636
A		 797 /* LP64todo - this should be superfluous at this point */
798 kret = mach_vm_inherit(user_map, user_addr, user_size,
1c79356b
A		 799 VM_INHERIT_SHARE);
800 if (kret != KERN_SUCCESS) {
91447636 801 (void) mach_vm_deallocate(user_map, user_addr, user_size);
1c79356b
A		 802 goto out;
803 }
91447636 804 PSHM_SUBSYS_LOCK();
1c79356b
A		 805 pnode->mapp_addr = user_addr;
806 pnode->map_size = user_size;
807 pinfo->pshm_flags |= (PSHM_MAPPED | PSHM_INUSE);
91447636 808 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 809out:
810 switch (kret) {
811 case KERN_SUCCESS:
91447636 812 *retval = (user_addr + pageoff);
1c79356b
A		 813 return (0);
814 case KERN_INVALID_ADDRESS:
815 case KERN_NO_SPACE:
816 return (ENOMEM);
817 case KERN_PROTECTION_FAILURE:
818 return (EACCES);
819 default:
820 return (EINVAL);
821 }
822
823}
824
1c79356b 825int
91447636
A		 826shm_unlink(__unused struct proc *p, struct shm_unlink_args *uap,
827 __unused register_t *retval)
1c79356b 828{
91447636 829 size_t i;
1c79356b
A		 830 int error=0;
831 struct pshmname nd;
832 struct pshminfo *pinfo;
1c79356b
A		 833 char * pnbuf;
834 char * nameptr;
835 char * cp;
836 size_t pathlen, plen;
1c79356b 837 int incache = 0;
1c79356b 838 struct pshmcache *pcache = PSHMCACHE_NULL;
1c79356b
A		 839
840 pinfo = PSHMINFO_NULL;
841
91447636
A		 842 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
843 if (pnbuf == NULL) {
844 return(ENOSPC); /* XXX non-standard */
845 }
1c79356b 846 pathlen = MAXPATHLEN;
91447636 847 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
1c79356b
A		 848 if (error) {
849 goto bad;
850 }
e5568f75 851 AUDIT_ARG(text, pnbuf);
1c79356b
A		 852 if (pathlen > PSHMNAMLEN) {
853 error = ENAMETOOLONG;
854 goto bad;
855 }
856
857
858#ifdef PSXSHM_NAME_RESTRICT
859 nameptr = pnbuf;
860 if (*nameptr == '/') {
861 while (*(nameptr++) == '/') {
862 plen--;
863 error = EINVAL;
864 goto bad;
865 }
866 } else {
867 error = EINVAL;
868 goto bad;
869 }
870#endif /* PSXSHM_NAME_RESTRICT */
871
872 plen = pathlen;
873 nameptr = pnbuf;
874 nd.pshm_nameptr = nameptr;
875 nd.pshm_namelen = plen;
876 nd. pshm_hash =0;
877
878 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
879 nd.pshm_hash += (unsigned char)*cp * i;
880 }
881
91447636 882 PSHM_SUBSYS_LOCK();
1c79356b
A		 883 error = pshm_cache_search(&pinfo, &nd, &pcache);
884
885 if (error == ENOENT) {
91447636 886 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 887 error = EINVAL;
888 goto bad;
889
890 }
891 if (!error) {
91447636 892 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 893 error = EINVAL;
894 goto bad;
895 } else
896 incache = 1;
897
898 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))==0) {
91447636 899 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 900 return (EINVAL);
901 }
902
903 if (pinfo->pshm_flags & PSHM_INDELETE) {
91447636 904 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 905 error = 0;
906 goto bad;
907 }
908
e5568f75
A		 909 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid, pinfo->pshm_gid,
910 pinfo->pshm_mode);
91447636
A		 911
912 /*
913 * JMM - How should permissions be checked?
914 */
915
1c79356b 916 pinfo->pshm_flags |= PSHM_INDELETE;
1c79356b 917 pshm_cache_delete(pcache);
1c79356b 918 pinfo->pshm_flags |= PSHM_REMOVED;
91447636
A		 919 /* release the existence reference */
920 if (!--pinfo->pshm_usecount) {
921 PSHM_SUBSYS_UNLOCK();
922 /*
923 * If this is the last reference going away on the object,
924 * then we need to destroy the backing object. The name
925 * has an implied but uncounted reference on the object,
926 * once it's created, since it's used as a rendesvous, and
927 * therefore may be subsequently reopened.
928 */
929 if (pinfo->pshm_memobject != NULL)
930 mach_memory_entry_port_release(pinfo->pshm_memobject);
931 PSHM_SUBSYS_LOCK();
932 FREE(pinfo,M_SHM);
933 }
934 PSHM_SUBSYS_UNLOCK();
935 FREE(pcache, M_SHM);
1c79356b
A		 936 error = 0;
937bad:
55e303ae 938 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1c79356b 939 return (error);
1c79356b 940}
1c79356b 941
91447636
A		 942/* already called locked */
943static int
944pshm_close(struct pshmnode *pnode)
1c79356b
A		 945{
946 int error=0;
91447636 947 struct pshminfo *pinfo;
1c79356b
A		 948
949 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL)
950 return(EINVAL);
951
952 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
953 return(EINVAL);
954 }
955#if DIAGNOSTIC
956 if(!pinfo->pshm_usecount) {
957 kprintf("negative usecount in pshm_close\n");
958 }
959#endif /* DIAGNOSTIC */
91447636 960 pinfo->pshm_usecount--; /* release this fd's reference */
1c79356b
A		 961
962 if ((pinfo->pshm_flags & PSHM_REMOVED) && !pinfo->pshm_usecount) {
91447636
A		 963 PSHM_SUBSYS_UNLOCK();
964 /*
965 * If this is the last reference going away on the object,
966 * then we need to destroy the backing object.
967 */
968 if (pinfo->pshm_memobject != NULL)
969 mach_memory_entry_port_release(pinfo->pshm_memobject);
970 PSHM_SUBSYS_LOCK();
971 FREE(pinfo,M_SHM);
972 }
973 FREE(pnode, M_SHM);
1c79356b
A		 974 return (error);
975}
9bccf70c 976
91447636 977/* struct proc passed to match prototype for struct fileops */
9bccf70c 978static int
91447636 979pshm_closefile(struct fileglob *fg, __unused struct proc *p)
9bccf70c 980{
91447636
A		 981 int error;
982
983 PSHM_SUBSYS_LOCK();
984 error = pshm_close(((struct pshmnode *)fg->fg_data));
985 PSHM_SUBSYS_UNLOCK();
986 return(error);
9bccf70c
A		 987}
988
989static int
91447636
A		 990pshm_read(__unused struct fileproc *fp, __unused struct uio *uio,
991 __unused kauth_cred_t cred, __unused int flags,
992 __unused struct proc *p)
1c79356b 993{
91447636 994 return(ENOTSUP);
1c79356b 995}
9bccf70c
A		 996
997static int
91447636
A		 998pshm_write(__unused struct fileproc *fp, __unused struct uio *uio,
999 __unused kauth_cred_t cred, __unused int flags,
1000 __unused struct proc *p)
1c79356b 1001{
91447636 1002 return(ENOTSUP);
1c79356b 1003}
9bccf70c
A		 1004
1005static int
91447636
A		 1006pshm_ioctl(__unused struct fileproc *fp, __unused u_long com,
1007 __unused caddr_t data, __unused struct proc *p)
1c79356b 1008{
91447636 1009 return(ENOTSUP);
1c79356b 1010}
9bccf70c
A		 1011
1012static int
91447636
A		 1013pshm_select(__unused struct fileproc *fp, __unused int which, __unused void *wql,
1014 __unused struct proc *p)
1c79356b 1015{
91447636 1016 return(ENOTSUP);
1c79356b 1017}
55e303ae
A		 1018
1019static int
91447636
A		 1020pshm_kqfilter(__unused struct fileproc *fp, __unused struct knote *kn,
1021 __unused struct proc *p)
55e303ae 1022{
91447636 1023 return(ENOTSUP);
55e303ae 1024}
mirror of XNU