]> git.saurik.com Git - apple/xnu.git/blame - bsd/kern/posix_shm.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-792.10.96.tar.gz
[apple/xnu.git] / bsd / kern / posix_shm.c
CommitLineData
1c79356b 1/*
e5568f75 2 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
1c79356b
A		 3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
37839358
A		 6 * The contents of this file constitute Original Code as defined in and
7 * are subject to the Apple Public Source License Version 1.1 (the
8 * "License"). You may not use this file except in compliance with the
9 * License. Please obtain a copy of the License at
10 * http://www.apple.com/publicsource and read it before using this file.
1c79356b 11 *
37839358
A		 12 * This Original Code and all software distributed under the License are
13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
1c79356b
A		 14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
37839358
A		 16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17 * License for the specific language governing rights and limitations
18 * under the License.
1c79356b
A		 19 *
20 * @APPLE_LICENSE_HEADER_END@
21 */
22/*
23 * Copyright (c) 1990, 1996-1998 Apple Computer, Inc.
24 * All Rights Reserved.
25 */
26/*
9bccf70c 27 * posix_shm.c : Support for POSIX shared memory APIs
1c79356b
A		 28 *
29 * File: posix_shm.c
30 * Author: Ananthakrishna Ramesh
31 *
32 * HISTORY
33 * 2-Sep-1999 A.Ramesh
34 * Created for MacOSX
35 *
36 */
37
38#include <sys/cdefs.h>
39#include <sys/param.h>
40#include <sys/systm.h>
41#include <sys/kernel.h>
91447636 42#include <sys/file_internal.h>
1c79356b
A		 43#include <sys/filedesc.h>
44#include <sys/stat.h>
91447636
A		 45#include <sys/proc_internal.h>
46#include <sys/kauth.h>
1c79356b
A		 47#include <sys/mount.h>
48#include <sys/namei.h>
49#include <sys/vnode.h>
50#include <sys/ioctl.h>
51#include <sys/tty.h>
52#include <sys/malloc.h>
53#include <sys/mman.h>
91447636
A		 54#include <sys/stat.h>
55#include <sys/sysproto.h>
c0fea474 56#include <sys/proc_info.h>
e5568f75
A		 57
58#include <bsm/audit_kernel.h>
59
1c79356b 60#include <mach/mach_types.h>
91447636
A		 61#include <mach/mach_vm.h>
62#include <mach/vm_map.h>
1c79356b
A		 63#include <mach/vm_prot.h>
64#include <mach/vm_inherit.h>
65#include <mach/kern_return.h>
66#include <mach/memory_object_control.h>
67
91447636
A		 68#include <vm/vm_map.h>
69#include <vm/vm_protos.h>
70#include <vm/vm_shared_memory_server.h>
71
72#if KTRACE
73#include <sys/ktrace.h>
74#endif
1c79356b 75
91447636
A		 76#define f_flag f_fglob->fg_flag
77#define f_type f_fglob->fg_type
78#define f_msgcount f_fglob->fg_msgcount
79#define f_cred f_fglob->fg_cred
80#define f_ops f_fglob->fg_ops
81#define f_offset f_fglob->fg_offset
82#define f_data f_fglob->fg_data
1c79356b
A		 83#define PSHMNAMLEN 31 /* maximum name segment length we bother with */
84
c0fea474 85
1c79356b
A		 86struct pshminfo {
87 unsigned int pshm_flags;
88 unsigned int pshm_usecount;
89 off_t pshm_length;
90 mode_t pshm_mode;
91 uid_t pshm_uid;
92 gid_t pshm_gid;
93 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
94 void * pshm_memobject;
95#if DIAGNOSTIC
96 unsigned int pshm_readcount;
97 unsigned int pshm_writecount;
98 struct proc * pshm_proc;
99#endif /* DIAGNOSTIC */
100};
101#define PSHMINFO_NULL (struct pshminfo *)0
102
103#define PSHM_NONE 1
104#define PSHM_DEFINED 2
105#define PSHM_ALLOCATED 4
106#define PSHM_MAPPED 8
107#define PSHM_INUSE 0x10
108#define PSHM_REMOVED 0x20
109#define PSHM_INCREATE 0x40
110#define PSHM_INDELETE 0x80
111
112struct pshmcache {
113 LIST_ENTRY(pshmcache) pshm_hash; /* hash chain */
114 struct pshminfo *pshminfo; /* vnode the name refers to */
115 int pshm_nlen; /* length of name */
116 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
117};
118#define PSHMCACHE_NULL (struct pshmcache *)0
119
120struct pshmstats {
121 long goodhits; /* hits that we can really use */
122 long neghits; /* negative hits that we can use */
123 long badhits; /* hits we must drop */
124 long falsehits; /* hits with id mismatch */
125 long miss; /* misses */
126 long longnames; /* long names that ignore cache */
127};
128
129struct pshmname {
130 char *pshm_nameptr; /* pointer to looked up name */
131 long pshm_namelen; /* length of looked up component */
132 u_long pshm_hash; /* hash value of looked up name */
133};
134
135struct pshmnode {
91447636
A		 136 off_t mapp_addr;
137 user_size_t map_size;
1c79356b
A		 138 struct pshminfo *pinfo;
139 unsigned int pshm_usecount;
140#if DIAGNOSTIC
141 unsigned int readcnt;
142 unsigned int writecnt;
143#endif
144};
145#define PSHMNODE_NULL (struct pshmnode *)0
146
147
148#define PSHMHASH(pnp) \
149 (&pshmhashtbl[(pnp)->pshm_hash & pshmhash])
91447636 150
1c79356b
A		 151LIST_HEAD(pshmhashhead, pshmcache) *pshmhashtbl; /* Hash Table */
152u_long pshmhash; /* size of hash table - 1 */
153long pshmnument; /* number of cache entries allocated */
154struct pshmstats pshmstats; /* cache effectiveness statistics */
155
91447636
A		 156static int pshm_read (struct fileproc *fp, struct uio *uio,
157 kauth_cred_t cred, int flags, struct proc *p);
158static int pshm_write (struct fileproc *fp, struct uio *uio,
159 kauth_cred_t cred, int flags, struct proc *p);
160static int pshm_ioctl (struct fileproc *fp, u_long com,
161 caddr_t data, struct proc *p);
162static int pshm_select (struct fileproc *fp, int which, void *wql, struct proc *p);
163static int pshm_close(struct pshmnode *pnode);
164static int pshm_closefile (struct fileglob *fg, struct proc *p);
165
166static int pshm_kqfilter(struct fileproc *fp, struct knote *kn, struct proc *p);
167
168int pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, struct proc *p);
169static int pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp);
170static void pshm_cache_delete(struct pshmcache *pcp);
171#if NOT_USED
172static void pshm_cache_purge(void);
173#endif /* NOT_USED */
174static int pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
175 struct pshmcache **pcache);
55e303ae 176
1c79356b 177struct fileops pshmops =
91447636
A		 178 { pshm_read, pshm_write, pshm_ioctl, pshm_select, pshm_closefile, pshm_kqfilter, 0 };
179
180static lck_grp_t *psx_shm_subsys_lck_grp;
181static lck_grp_attr_t *psx_shm_subsys_lck_grp_attr;
182static lck_attr_t *psx_shm_subsys_lck_attr;
183static lck_mtx_t psx_shm_subsys_mutex;
184
185#define PSHM_SUBSYS_LOCK() lck_mtx_lock(& psx_shm_subsys_mutex)
186#define PSHM_SUBSYS_UNLOCK() lck_mtx_unlock(& psx_shm_subsys_mutex)
187
188
189/* Initialize the mutex governing access to the posix shm subsystem */
190__private_extern__ void
191pshm_lock_init( void )
192{
193
194 psx_shm_subsys_lck_grp_attr = lck_grp_attr_alloc_init();
91447636
A		 195
196 psx_shm_subsys_lck_grp = lck_grp_alloc_init("posix shared memory", psx_shm_subsys_lck_grp_attr);
197
198 psx_shm_subsys_lck_attr = lck_attr_alloc_init();
91447636
A		 199 lck_mtx_init(& psx_shm_subsys_mutex, psx_shm_subsys_lck_grp, psx_shm_subsys_lck_attr);
200}
1c79356b 201
1c79356b
A		 202/*
203 * Lookup an entry in the cache
204 *
205 *
206 * status of -1 is returned if matches
207 * If the lookup determines that the name does not exist
208 * (negative cacheing), a status of ENOENT is returned. If the lookup
209 * fails, a status of zero is returned.
210 */
211
91447636
A		 212static int
213pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
214 struct pshmcache **pcache)
1c79356b 215{
91447636
A		 216 struct pshmcache *pcp, *nnp;
217 struct pshmhashhead *pcpp;
1c79356b
A		 218
219 if (pnp->pshm_namelen > PSHMNAMLEN) {
220 pshmstats.longnames++;
221 return (0);
222 }
223
224 pcpp = PSHMHASH(pnp);
225 for (pcp = pcpp->lh_first; pcp != 0; pcp = nnp) {
226 nnp = pcp->pshm_hash.le_next;
227 if (pcp->pshm_nlen == pnp->pshm_namelen &&
228 !bcmp(pcp->pshm_name, pnp->pshm_nameptr, (u_int)pcp-> pshm_nlen))
229 break;
230 }
231
232 if (pcp == 0) {
233 pshmstats.miss++;
234 return (0);
235 }
236
237 /* We found a "positive" match, return the vnode */
238 if (pcp->pshminfo) {
239 pshmstats.goodhits++;
240 /* TOUCH(ncp); */
241 *pshmp = pcp->pshminfo;
242 *pcache = pcp;
243 return (-1);
244 }
245
246 /*
247 * We found a "negative" match, ENOENT notifies client of this match.
248 * The nc_vpid field records whether this is a whiteout.
249 */
250 pshmstats.neghits++;
251 return (ENOENT);
252}
253
254/*
255 * Add an entry to the cache.
91447636 256 * XXX should be static?
1c79356b 257 */
91447636
A		 258static int
259pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp)
1c79356b 260{
91447636 261 struct pshmhashhead *pcpp;
55e303ae
A		 262 struct pshminfo *dpinfo;
263 struct pshmcache *dpcp;
1c79356b
A		 264
265#if DIAGNOSTIC
266 if (pnp->pshm_namelen > NCHNAMLEN)
267 panic("cache_enter: name too long");
268#endif
269
91447636 270
1c79356b
A		 271 /* if the entry has already been added by some one else return */
272 if (pshm_cache_search(&dpinfo, pnp, &dpcp) == -1) {
1c79356b
A		 273 return(EEXIST);
274 }
275 pshmnument++;
276
1c79356b
A		 277 /*
278 * Fill in cache info, if vp is NULL this is a "negative" cache entry.
279 * For negative entries, we have to record whether it is a whiteout.
280 * the whiteout flag is stored in the nc_vpid field which is
281 * otherwise unused.
282 */
283 pcp->pshminfo = pshmp;
284 pcp->pshm_nlen = pnp->pshm_namelen;
285 bcopy(pnp->pshm_nameptr, pcp->pshm_name, (unsigned)pcp->pshm_nlen);
286 pcpp = PSHMHASH(pnp);
287#if DIAGNOSTIC
288 {
91447636 289 struct pshmcache *p;
1c79356b
A		 290
291 for (p = pcpp->lh_first; p != 0; p = p->pshm_hash.le_next)
292 if (p == pcp)
293 panic("cache_enter: duplicate");
294 }
295#endif
296 LIST_INSERT_HEAD(pcpp, pcp, pshm_hash);
297 return(0);
298}
299
300/*
301 * Name cache initialization, from vfs_init() when we are booting
302 */
303void
91447636 304pshm_cache_init(void)
1c79356b
A		 305{
306 pshmhashtbl = hashinit(desiredvnodes, M_SHM, &pshmhash);
307}
308
91447636 309#if NOT_USED
1c79356b
A		 310/*
311 * Invalidate a all entries to particular vnode.
312 *
313 * We actually just increment the v_id, that will do it. The entries will
314 * be purged by lookup as they get found. If the v_id wraps around, we
315 * need to ditch the entire cache, to avoid confusion. No valid vnode will
316 * ever have (v_id == 0).
317 */
91447636 318static void
1c79356b
A		 319pshm_cache_purge(void)
320{
321 struct pshmcache *pcp;
322 struct pshmhashhead *pcpp;
323
324 for (pcpp = &pshmhashtbl[pshmhash]; pcpp >= pshmhashtbl; pcpp--) {
91447636 325 while ( (pcp = pcpp->lh_first) )
1c79356b
A		 326 pshm_cache_delete(pcp);
327 }
328}
91447636 329#endif /* NOT_USED */
1c79356b 330
91447636
A		 331static void
332pshm_cache_delete(struct pshmcache *pcp)
1c79356b
A		 333{
334#if DIAGNOSTIC
335 if (pcp->pshm_hash.le_prev == 0)
336 panic("namecache purge le_prev");
337 if (pcp->pshm_hash.le_next == pcp)
338 panic("namecache purge le_next");
339#endif /* DIAGNOSTIC */
340 LIST_REMOVE(pcp, pshm_hash);
341 pcp->pshm_hash.le_prev = 0;
342 pshmnument--;
343}
344
345
1c79356b 346int
91447636 347shm_open(struct proc *p, struct shm_open_args *uap, register_t *retval)
1c79356b 348{
91447636
A		 349 struct fileproc *fp;
350 size_t i;
351 struct fileproc *nfp;
352 int indx, error;
1c79356b
A		 353 struct pshmname nd;
354 struct pshminfo *pinfo;
1c79356b
A		 355 char * pnbuf;
356 char * nameptr;
357 char * cp;
358 size_t pathlen, plen;
359 int fmode ;
360 int cmode = uap->mode;
361 int incache = 0;
362 struct pshmnode * pnode = PSHMNODE_NULL;
363 struct pshmcache * pcache = PSHMCACHE_NULL;
91447636 364 struct pshmcache *pcp;
9bccf70c 365 int pinfo_alloc=0;
1c79356b 366
e5568f75
A		 367 AUDIT_ARG(fflags, uap->oflag);
368 AUDIT_ARG(mode, uap->mode);
91447636 369
1c79356b
A		 370 pinfo = PSHMINFO_NULL;
371
91447636
A		 372 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
373 if (pnbuf == NULL) {
374 return(ENOSPC);
375 }
376
1c79356b 377 pathlen = MAXPATHLEN;
91447636 378 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
1c79356b
A		 379 if (error) {
380 goto bad;
381 }
e5568f75 382 AUDIT_ARG(text, pnbuf);
1c79356b
A		 383 if (pathlen > PSHMNAMLEN) {
384 error = ENAMETOOLONG;
385 goto bad;
386 }
387
388
389#ifdef PSXSHM_NAME_RESTRICT
390 nameptr = pnbuf;
391 if (*nameptr == '/') {
392 while (*(nameptr++) == '/') {
393 plen--;
394 error = EINVAL;
395 goto bad;
396 }
397 } else {
398 error = EINVAL;
399 goto bad;
400 }
401#endif /* PSXSHM_NAME_RESTRICT */
402
403 plen = pathlen;
404 nameptr = pnbuf;
405 nd.pshm_nameptr = nameptr;
406 nd.pshm_namelen = plen;
407 nd. pshm_hash =0;
408
409 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
410 nd.pshm_hash += (unsigned char)*cp * i;
411 }
412
91447636
A		 413#if KTRACE
414 if (KTRPOINT(p, KTR_NAMEI))
415 ktrnamei(p->p_tracep, nameptr);
416#endif
417
418 PSHM_SUBSYS_LOCK();
1c79356b
A		 419 error = pshm_cache_search(&pinfo, &nd, &pcache);
420
421 if (error == ENOENT) {
91447636 422 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 423 error = EINVAL;
424 goto bad;
425
426 }
427 if (!error) {
428 incache = 0;
429 } else
430 incache = 1;
431 fmode = FFLAGS(uap->oflag);
55e303ae 432 if ((fmode & (FREAD | FWRITE))==0) {
91447636 433 PSHM_SUBSYS_UNLOCK();
55e303ae
A		 434 error = EINVAL;
435 goto bad;
436 }
1c79356b 437
91447636
A		 438 /*
439 * XXXXXXXXXX TBD XXXXXXXXXX
440 * There is a race that existed with the funnels as well.
441 * Need to be fixed later
442 */
443 PSHM_SUBSYS_UNLOCK();
444 error = falloc(p, &nfp, &indx);
445 if (error )
55e303ae 446 goto bad;
91447636
A		 447 PSHM_SUBSYS_LOCK();
448
1c79356b
A		 449 fp = nfp;
450
451 cmode &= ALLPERMS;
452
453 if (fmode & O_CREAT) {
454 if ((fmode & O_EXCL) && incache) {
e5568f75
A		 455 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
456 pinfo->pshm_gid, pinfo->pshm_mode);
457
1c79356b
A		 458 /* shm obj exists and opened O_EXCL */
459#if notyet
460 if (pinfo->pshm_flags & PSHM_INDELETE) {
461 }
462#endif
463 error = EEXIST;
91447636 464 PSHM_SUBSYS_UNLOCK();
9bccf70c 465 goto bad1;
1c79356b
A		 466 }
467 if (!incache) {
91447636 468 PSHM_SUBSYS_UNLOCK();
1c79356b 469 /* create a new one */
91447636
A		 470 MALLOC(pinfo, struct pshminfo *, sizeof(struct pshminfo), M_SHM, M_WAITOK|M_ZERO);
471 if (pinfo == NULL) {
472 error = ENOSPC;
473 goto bad1;
474 }
475 PSHM_SUBSYS_LOCK();
476 pinfo_alloc = 1;
1c79356b 477 pinfo->pshm_flags = PSHM_DEFINED | PSHM_INCREATE;
91447636 478 pinfo->pshm_usecount = 1; /* existence reference */
1c79356b 479 pinfo->pshm_mode = cmode;
91447636
A		 480 pinfo->pshm_uid = kauth_cred_getuid(kauth_cred_get());
481 pinfo->pshm_gid = kauth_cred_get()->cr_gid;
c0fea474
A		 482 bcopy(pnbuf, &pinfo->pshm_name[0], PSHMNAMLEN);
483 pinfo->pshm_name[PSHMNAMLEN]=0;
1c79356b
A		 484 } else {
485 /* already exists */
486 if( pinfo->pshm_flags & PSHM_INDELETE) {
91447636 487 PSHM_SUBSYS_UNLOCK();
1c79356b 488 error = ENOENT;
9bccf70c 489 goto bad1;
1c79356b 490 }
91447636
A		 491 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
492 pinfo->pshm_gid, pinfo->pshm_mode);
493 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
494 PSHM_SUBSYS_UNLOCK();
9bccf70c 495 goto bad1;
91447636 496 }
1c79356b
A		 497 }
498 } else {
499 if (!incache) {
500 /* O_CREAT is not set and the shm obecj does not exist */
91447636 501 PSHM_SUBSYS_UNLOCK();
1c79356b 502 error = ENOENT;
9bccf70c 503 goto bad1;
1c79356b
A		 504 }
505 if( pinfo->pshm_flags & PSHM_INDELETE) {
91447636 506 PSHM_SUBSYS_UNLOCK();
1c79356b 507 error = ENOENT;
9bccf70c 508 goto bad1;
1c79356b 509 }
91447636
A		 510 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
511 PSHM_SUBSYS_UNLOCK();
9bccf70c 512 goto bad1;
91447636 513 }
1c79356b
A		 514 }
515 if (fmode & O_TRUNC) {
91447636 516 PSHM_SUBSYS_UNLOCK();
1c79356b 517 error = EINVAL;
9bccf70c 518 goto bad2;
1c79356b
A		 519 }
520#if DIAGNOSTIC
521 if (fmode & FWRITE)
522 pinfo->pshm_writecount++;
523 if (fmode & FREAD)
524 pinfo->pshm_readcount++;
525#endif
91447636
A		 526 PSHM_SUBSYS_UNLOCK();
527 MALLOC(pnode, struct pshmnode *, sizeof(struct pshmnode), M_SHM, M_WAITOK|M_ZERO);
528 if (pnode == NULL) {
529 error = ENOSPC;
530 goto bad2;
531 }
532 if (!incache) {
533 /*
534 * We allocate a new entry if we are less than the maximum
535 * allowed and the one at the front of the LRU list is in use.
536 * Otherwise we use the one at the front of the LRU list.
537 */
538 MALLOC(pcp, struct pshmcache *, sizeof(struct pshmcache), M_SHM, M_WAITOK|M_ZERO);
539 if (pcp == NULL) {
540 error = ENOSPC;
541 goto bad2;
542 }
543
544 }
545 PSHM_SUBSYS_LOCK();
1c79356b
A		 546
547 if (!incache) {
91447636
A		 548 if ( (error = pshm_cache_add(pinfo, &nd, pcp)) ) {
549 PSHM_SUBSYS_UNLOCK();
550 FREE(pcp, M_SHM);
551 goto bad3;
1c79356b
A		 552 }
553 }
554 pinfo->pshm_flags &= ~PSHM_INCREATE;
91447636 555 pinfo->pshm_usecount++; /* extra reference for the new fd */
1c79356b 556 pnode->pinfo = pinfo;
91447636
A		 557
558 PSHM_SUBSYS_UNLOCK();
559 proc_fdlock(p);
1c79356b
A		 560 fp->f_flag = fmode & FMASK;
561 fp->f_type = DTYPE_PSXSHM;
562 fp->f_ops = &pshmops;
563 fp->f_data = (caddr_t)pnode;
564 *fdflags(p, indx) &= ~UF_RESERVED;
91447636
A		 565 fp_drop(p, indx, fp, 1);
566 proc_fdunlock(p);
567
1c79356b 568 *retval = indx;
55e303ae 569 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1c79356b 570 return (0);
9bccf70c 571bad3:
91447636 572 FREE(pnode, M_SHM);
1c79356b 573
9bccf70c
A		 574bad2:
575 if (pinfo_alloc)
91447636 576 FREE(pinfo, M_SHM);
1c79356b 577bad1:
91447636 578 fp_free(p, indx, fp);
1c79356b 579bad:
55e303ae 580 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1c79356b
A		 581 return (error);
582}
583
584
1c79356b 585int
91447636
A		 586pshm_truncate(__unused struct proc *p, struct fileproc *fp, __unused int fd,
587 off_t length, __unused register_t *retval)
1c79356b
A		 588{
589 struct pshminfo * pinfo;
590 struct pshmnode * pnode ;
591 kern_return_t kret;
c0fea474 592 mach_vm_offset_t user_addr;
91447636 593 mem_entry_name_port_t mem_object;
c0fea474 594 mach_vm_size_t size;
1c79356b
A		 595
596 if (fp->f_type != DTYPE_PSXSHM) {
597 return(EINVAL);
598 }
599
600
601 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
602 return(EINVAL);
603
91447636
A		 604 PSHM_SUBSYS_LOCK();
605 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
606 PSHM_SUBSYS_UNLOCK();
1c79356b 607 return(EINVAL);
91447636 608 }
1c79356b
A		 609 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))
610 != PSHM_DEFINED) {
91447636 611 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 612 return(EINVAL);
613 }
614
91447636 615 PSHM_SUBSYS_UNLOCK();
55e303ae 616 size = round_page_64(length);
c0fea474 617 kret = mach_vm_allocate(current_map(), &user_addr, size, VM_FLAGS_ANYWHERE);
1c79356b
A		 618 if (kret != KERN_SUCCESS)
619 goto out;
620
c0fea474 621 kret = mach_make_memory_entry_64 (current_map(), &size,
1c79356b
A		 622 user_addr, VM_PROT_DEFAULT, &mem_object, 0);
623
624 if (kret != KERN_SUCCESS)
625 goto out;
626
c0fea474 627 mach_vm_deallocate(current_map(), user_addr, size);
1c79356b 628
91447636 629 PSHM_SUBSYS_LOCK();
1c79356b
A		 630 pinfo->pshm_flags &= ~PSHM_DEFINED;
631 pinfo->pshm_flags = PSHM_ALLOCATED;
91447636 632 pinfo->pshm_memobject = (void *)mem_object;
1c79356b 633 pinfo->pshm_length = size;
91447636 634 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 635 return(0);
636
637out:
638 switch (kret) {
639 case KERN_INVALID_ADDRESS:
640 case KERN_NO_SPACE:
641 return (ENOMEM);
642 case KERN_PROTECTION_FAILURE:
643 return (EACCES);
644 default:
645 return (EINVAL);
646
647 }
648}
649
650int
91447636 651pshm_stat(struct pshmnode *pnode, struct stat *sb)
1c79356b
A		 652{
653 struct pshminfo *pinfo;
654
91447636
A		 655 PSHM_SUBSYS_LOCK();
656 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL){
657 PSHM_SUBSYS_UNLOCK();
1c79356b 658 return(EINVAL);
91447636 659 }
1c79356b
A		 660
661 bzero(sb, sizeof(struct stat));
662 sb->st_mode = pinfo->pshm_mode;
663 sb->st_uid = pinfo->pshm_uid;
664 sb->st_gid = pinfo->pshm_gid;
665 sb->st_size = pinfo->pshm_length;
91447636 666 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 667
668 return(0);
669}
670
91447636
A		 671/*
672 * This is called only from shm_open which holds pshm_lock();
673 * XXX This code is repeated many times
674 */
1c79356b 675int
91447636 676pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, __unused struct proc *p)
1c79356b
A		 677{
678 mode_t mask;
91447636 679 int is_member;
1c79356b
A		 680
681 /* Otherwise, user id 0 always gets access. */
91447636 682 if (!suser(cred, NULL))
1c79356b
A		 683 return (0);
684
685 mask = 0;
686
687 /* Otherwise, check the owner. */
91447636 688 if (kauth_cred_getuid(cred) == pinfo->pshm_uid) {
1c79356b
A		 689 if (mode & FREAD)
690 mask |= S_IRUSR;
691 if (mode & FWRITE)
692 mask |= S_IWUSR;
693 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
694 }
695
696 /* Otherwise, check the groups. */
91447636
A		 697 if (kauth_cred_ismember_gid(cred, pinfo->pshm_gid, &is_member) == 0 && is_member) {
698 if (mode & FREAD)
699 mask |= S_IRGRP;
700 if (mode & FWRITE)
701 mask |= S_IWGRP;
702 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
703 }
1c79356b
A		 704
705 /* Otherwise, check everyone else. */
706 if (mode & FREAD)
707 mask |= S_IROTH;
708 if (mode & FWRITE)
709 mask |= S_IWOTH;
710 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
711}
9bccf70c 712
1c79356b 713int
91447636 714pshm_mmap(struct proc *p, struct mmap_args *uap, user_addr_t *retval, struct fileproc *fp, off_t pageoff)
1c79356b 715{
91447636
A		 716 mach_vm_offset_t user_addr = (mach_vm_offset_t)uap->addr;
717 mach_vm_size_t user_size = (mach_vm_size_t)uap->len ;
1c79356b
A		 718 int prot = uap->prot;
719 int flags = uap->flags;
720 vm_object_offset_t file_pos = (vm_object_offset_t)uap->pos;
721 int fd = uap->fd;
722 vm_map_t user_map;
91447636
A		 723 int alloc_flags;
724 boolean_t docow;
1c79356b
A		 725 kern_return_t kret;
726 struct pshminfo * pinfo;
727 struct pshmnode * pnode;
728 void * mem_object;
729
730 if (user_size == 0)
731 return(0);
732
733 if ((flags & MAP_SHARED) == 0)
734 return(EINVAL);
735
736
737 if ((prot & PROT_WRITE) && ((fp->f_flag & FWRITE) == 0)) {
738 return(EPERM);
739 }
740
741 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
742 return(EINVAL);
743
91447636
A		 744 PSHM_SUBSYS_LOCK();
745 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
746 PSHM_SUBSYS_UNLOCK();
1c79356b 747 return(EINVAL);
91447636 748 }
1c79356b
A		 749
750 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
91447636 751 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 752 return(EINVAL);
753 }
91447636
A		 754 if ((off_t)user_size > pinfo->pshm_length) {
755 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 756 return(EINVAL);
757 }
91447636
A		 758 if ((off_t)(user_size + file_pos) > pinfo->pshm_length) {
759 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 760 return(EINVAL);
761 }
762 if ((mem_object = pinfo->pshm_memobject) == NULL) {
91447636 763 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 764 return(EINVAL);
765 }
766
91447636
A		 767
768 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 769 user_map = current_map();
770
771 if ((flags & MAP_FIXED) == 0) {
91447636
A		 772 alloc_flags = VM_FLAGS_ANYWHERE;
773 user_addr = mach_vm_round_page(user_addr);
1c79356b 774 } else {
91447636 775 if (user_addr != mach_vm_trunc_page(user_addr))
1c79356b 776 return (EINVAL);
91447636
A		 777 /*
778 * We do not get rid of the existing mappings here because
779 * it wouldn't be atomic (see comment in mmap()). We let
780 * Mach VM know that we want it to replace any existing
781 * mapping with the new one.
782 */
783 alloc_flags = VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE;
1c79356b
A		 784 }
785 docow = FALSE;
786
91447636
A		 787 kret = mach_vm_map(user_map, &user_addr, user_size,
788 0, alloc_flags, pinfo->pshm_memobject, file_pos, docow,
1c79356b 789 prot, VM_PROT_DEFAULT,
91447636 790 VM_INHERIT_SHARE);
1c79356b
A		 791 if (kret != KERN_SUCCESS)
792 goto out;
91447636
A		 793 /* LP64todo - this should be superfluous at this point */
794 kret = mach_vm_inherit(user_map, user_addr, user_size,
1c79356b
A		 795 VM_INHERIT_SHARE);
796 if (kret != KERN_SUCCESS) {
91447636 797 (void) mach_vm_deallocate(user_map, user_addr, user_size);
1c79356b
A		 798 goto out;
799 }
91447636 800 PSHM_SUBSYS_LOCK();
1c79356b
A		 801 pnode->mapp_addr = user_addr;
802 pnode->map_size = user_size;
803 pinfo->pshm_flags |= (PSHM_MAPPED | PSHM_INUSE);
91447636 804 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 805out:
806 switch (kret) {
807 case KERN_SUCCESS:
91447636 808 *retval = (user_addr + pageoff);
1c79356b
A		 809 return (0);
810 case KERN_INVALID_ADDRESS:
811 case KERN_NO_SPACE:
812 return (ENOMEM);
813 case KERN_PROTECTION_FAILURE:
814 return (EACCES);
815 default:
816 return (EINVAL);
817 }
818
819}
820
1c79356b 821int
91447636
A		 822shm_unlink(__unused struct proc *p, struct shm_unlink_args *uap,
823 __unused register_t *retval)
1c79356b 824{
91447636 825 size_t i;
1c79356b
A		 826 int error=0;
827 struct pshmname nd;
828 struct pshminfo *pinfo;
1c79356b
A		 829 char * pnbuf;
830 char * nameptr;
831 char * cp;
832 size_t pathlen, plen;
1c79356b 833 int incache = 0;
1c79356b 834 struct pshmcache *pcache = PSHMCACHE_NULL;
1c79356b
A		 835
836 pinfo = PSHMINFO_NULL;
837
91447636
A		 838 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
839 if (pnbuf == NULL) {
840 return(ENOSPC); /* XXX non-standard */
841 }
1c79356b 842 pathlen = MAXPATHLEN;
91447636 843 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
1c79356b
A		 844 if (error) {
845 goto bad;
846 }
e5568f75 847 AUDIT_ARG(text, pnbuf);
1c79356b
A		 848 if (pathlen > PSHMNAMLEN) {
849 error = ENAMETOOLONG;
850 goto bad;
851 }
852
853
854#ifdef PSXSHM_NAME_RESTRICT
855 nameptr = pnbuf;
856 if (*nameptr == '/') {
857 while (*(nameptr++) == '/') {
858 plen--;
859 error = EINVAL;
860 goto bad;
861 }
862 } else {
863 error = EINVAL;
864 goto bad;
865 }
866#endif /* PSXSHM_NAME_RESTRICT */
867
868 plen = pathlen;
869 nameptr = pnbuf;
870 nd.pshm_nameptr = nameptr;
871 nd.pshm_namelen = plen;
872 nd. pshm_hash =0;
873
874 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
875 nd.pshm_hash += (unsigned char)*cp * i;
876 }
877
91447636 878 PSHM_SUBSYS_LOCK();
1c79356b
A		 879 error = pshm_cache_search(&pinfo, &nd, &pcache);
880
881 if (error == ENOENT) {
91447636 882 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 883 error = EINVAL;
884 goto bad;
885
886 }
887 if (!error) {
91447636 888 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 889 error = EINVAL;
890 goto bad;
891 } else
892 incache = 1;
893
894 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))==0) {
91447636 895 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 896 return (EINVAL);
897 }
898
899 if (pinfo->pshm_flags & PSHM_INDELETE) {
91447636 900 PSHM_SUBSYS_UNLOCK();
1c79356b
A		 901 error = 0;
902 goto bad;
903 }
904
e5568f75
A		 905 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid, pinfo->pshm_gid,
906 pinfo->pshm_mode);
91447636
A		 907
908 /*
909 * JMM - How should permissions be checked?
910 */
911
1c79356b 912 pinfo->pshm_flags |= PSHM_INDELETE;
1c79356b 913 pshm_cache_delete(pcache);
1c79356b 914 pinfo->pshm_flags |= PSHM_REMOVED;
91447636
A		 915 /* release the existence reference */
916 if (!--pinfo->pshm_usecount) {
917 PSHM_SUBSYS_UNLOCK();
918 /*
919 * If this is the last reference going away on the object,
920 * then we need to destroy the backing object. The name
921 * has an implied but uncounted reference on the object,
922 * once it's created, since it's used as a rendesvous, and
923 * therefore may be subsequently reopened.
924 */
925 if (pinfo->pshm_memobject != NULL)
926 mach_memory_entry_port_release(pinfo->pshm_memobject);
927 PSHM_SUBSYS_LOCK();
928 FREE(pinfo,M_SHM);
929 }
930 PSHM_SUBSYS_UNLOCK();
931 FREE(pcache, M_SHM);
1c79356b
A		 932 error = 0;
933bad:
55e303ae 934 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1c79356b 935 return (error);
1c79356b 936}
1c79356b 937
91447636
A		 938/* already called locked */
939static int
940pshm_close(struct pshmnode *pnode)
1c79356b
A		 941{
942 int error=0;
91447636 943 struct pshminfo *pinfo;
1c79356b
A		 944
945 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL)
946 return(EINVAL);
947
948 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
949 return(EINVAL);
950 }
951#if DIAGNOSTIC
952 if(!pinfo->pshm_usecount) {
953 kprintf("negative usecount in pshm_close\n");
954 }
955#endif /* DIAGNOSTIC */
91447636 956 pinfo->pshm_usecount--; /* release this fd's reference */
1c79356b
A		 957
958 if ((pinfo->pshm_flags & PSHM_REMOVED) && !pinfo->pshm_usecount) {
91447636
A		 959 PSHM_SUBSYS_UNLOCK();
960 /*
961 * If this is the last reference going away on the object,
962 * then we need to destroy the backing object.
963 */
964 if (pinfo->pshm_memobject != NULL)
965 mach_memory_entry_port_release(pinfo->pshm_memobject);
966 PSHM_SUBSYS_LOCK();
967 FREE(pinfo,M_SHM);
968 }
969 FREE(pnode, M_SHM);
1c79356b
A		 970 return (error);
971}
9bccf70c 972
91447636 973/* struct proc passed to match prototype for struct fileops */
9bccf70c 974static int
91447636 975pshm_closefile(struct fileglob *fg, __unused struct proc *p)
9bccf70c 976{
91447636
A		 977 int error;
978
979 PSHM_SUBSYS_LOCK();
980 error = pshm_close(((struct pshmnode *)fg->fg_data));
981 PSHM_SUBSYS_UNLOCK();
982 return(error);
9bccf70c
A		 983}
984
985static int
91447636
A		 986pshm_read(__unused struct fileproc *fp, __unused struct uio *uio,
987 __unused kauth_cred_t cred, __unused int flags,
988 __unused struct proc *p)
1c79356b 989{
91447636 990 return(ENOTSUP);
1c79356b 991}
9bccf70c
A		 992
993static int
91447636
A		 994pshm_write(__unused struct fileproc *fp, __unused struct uio *uio,
995 __unused kauth_cred_t cred, __unused int flags,
996 __unused struct proc *p)
1c79356b 997{
91447636 998 return(ENOTSUP);
1c79356b 999}
9bccf70c
A		 1000
1001static int
91447636
A		 1002pshm_ioctl(__unused struct fileproc *fp, __unused u_long com,
1003 __unused caddr_t data, __unused struct proc *p)
1c79356b 1004{
91447636 1005 return(ENOTSUP);
1c79356b 1006}
9bccf70c
A		 1007
1008static int
91447636
A		 1009pshm_select(__unused struct fileproc *fp, __unused int which, __unused void *wql,
1010 __unused struct proc *p)
1c79356b 1011{
91447636 1012 return(ENOTSUP);
1c79356b 1013}
55e303ae
A		 1014
1015static int
91447636
A		 1016pshm_kqfilter(__unused struct fileproc *fp, __unused struct knote *kn,
1017 __unused struct proc *p)
55e303ae 1018{
91447636 1019 return(ENOTSUP);
55e303ae 1020}
c0fea474
A		 1021
1022int
1023fill_pshminfo(struct pshmnode * pshm, struct pshm_info * info)
1024{
1025 struct pshminfo *pinfo;
1026 struct stat *sb;
1027
1028 PSHM_SUBSYS_LOCK();
1029 if ((pinfo = pshm->pinfo) == PSHMINFO_NULL){
1030 PSHM_SUBSYS_UNLOCK();
1031 return(EINVAL);
1032 }
1033
1034 sb = &info->pshm_stat;
1035
1036 bzero(sb, sizeof(struct stat));
1037 sb->st_mode = pinfo->pshm_mode;
1038 sb->st_uid = pinfo->pshm_uid;
1039 sb->st_gid = pinfo->pshm_gid;
1040 sb->st_size = pinfo->pshm_length;
1041
1042 info->pshm_mappaddr = pshm->mapp_addr;
1043 bcopy(&pinfo->pshm_name[0], &info->pshm_name[0], PSHMNAMLEN+1);
1044
1045 PSHM_SUBSYS_UNLOCK();
1046 return(0);
1047}
1048
1049
mirror of XNU