]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/posix_shm.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-1504.15.3.tar.gz
[apple/xnu.git] / bsd / kern / posix_shm.c
1 /*
2 * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1990, 1996-1998 Apple Computer, Inc.
30 * All Rights Reserved.
31 */
32 /*
33 * posix_shm.c : Support for POSIX shared memory APIs
34 *
35 * File: posix_shm.c
36 * Author: Ananthakrishna Ramesh
37 *
38 * HISTORY
39 * 2-Sep-1999 A.Ramesh
40 * Created for MacOSX
41 *
42 */
43 /*
44 * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
45 * support for mandatory and extensible security protections. This notice
46 * is included in support of clause 2.2 (b) of the Apple Public License,
47 * Version 2.0.
48 */
49
50 #include <sys/cdefs.h>
51 #include <sys/param.h>
52 #include <sys/systm.h>
53 #include <sys/kernel.h>
54 #include <sys/file_internal.h>
55 #include <sys/filedesc.h>
56 #include <sys/stat.h>
57 #include <sys/proc_internal.h>
58 #include <sys/kauth.h>
59 #include <sys/mount.h>
60 #include <sys/namei.h>
61 #include <sys/vnode.h>
62 #include <sys/vnode_internal.h>
63 #include <sys/ioctl.h>
64 #include <sys/tty.h>
65 #include <sys/malloc.h>
66 #include <sys/mman.h>
67 #include <sys/stat.h>
68 #include <sys/sysproto.h>
69 #include <sys/proc_info.h>
70 #include <security/audit/audit.h>
71
72 #if CONFIG_MACF
73 #include <security/mac_framework.h>
74 #endif
75
76 #include <mach/mach_types.h>
77 #include <mach/mach_vm.h>
78 #include <mach/vm_map.h>
79 #include <mach/vm_prot.h>
80 #include <mach/vm_inherit.h>
81 #include <mach/kern_return.h>
82 #include <mach/memory_object_control.h>
83
84 #include <vm/vm_map.h>
85 #include <vm/vm_protos.h>
86
87 #define f_flag f_fglob->fg_flag
88 #define f_type f_fglob->fg_type
89 #define f_msgcount f_fglob->fg_msgcount
90 #define f_cred f_fglob->fg_cred
91 #define f_ops f_fglob->fg_ops
92 #define f_offset f_fglob->fg_offset
93 #define f_data f_fglob->fg_data
94 #define PSHMNAMLEN 31 /* maximum name segment length we bother with */
95
96 struct pshmobj {
97 void * pshmo_memobject;
98 memory_object_size_t pshmo_size;
99 struct pshmobj * pshmo_next;
100 };
101
102 struct pshminfo {
103 unsigned int pshm_flags;
104 unsigned int pshm_usecount;
105 off_t pshm_length;
106 mode_t pshm_mode;
107 uid_t pshm_uid;
108 gid_t pshm_gid;
109 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
110 struct pshmobj *pshm_memobjects;
111 #if DIAGNOSTIC
112 unsigned int pshm_readcount;
113 unsigned int pshm_writecount;
114 proc_t pshm_proc;
115 #endif /* DIAGNOSTIC */
116 struct label* pshm_label;
117 };
118 #define PSHMINFO_NULL (struct pshminfo *)0
119
120 #define PSHM_NONE 0x001
121 #define PSHM_DEFINED 0x002
122 #define PSHM_ALLOCATED 0x004
123 #define PSHM_MAPPED 0x008
124 #define PSHM_INUSE 0x010
125 #define PSHM_REMOVED 0x020
126 #define PSHM_INCREATE 0x040
127 #define PSHM_INDELETE 0x080
128 #define PSHM_ALLOCATING 0x100
129
130 struct pshmcache {
131 LIST_ENTRY(pshmcache) pshm_hash; /* hash chain */
132 struct pshminfo *pshminfo; /* vnode the name refers to */
133 int pshm_nlen; /* length of name */
134 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
135 };
136 #define PSHMCACHE_NULL (struct pshmcache *)0
137
138 struct pshmstats {
139 long goodhits; /* hits that we can really use */
140 long neghits; /* negative hits that we can use */
141 long badhits; /* hits we must drop */
142 long falsehits; /* hits with id mismatch */
143 long miss; /* misses */
144 long longnames; /* long names that ignore cache */
145 };
146
147 struct pshmname {
148 char *pshm_nameptr; /* pointer to looked up name */
149 long pshm_namelen; /* length of looked up component */
150 u_long pshm_hash; /* hash value of looked up name */
151 };
152
153 struct pshmnode {
154 off_t mapp_addr;
155 user_size_t map_size; /* XXX unused ? */
156 struct pshminfo *pinfo;
157 unsigned int pshm_usecount;
158 #if DIAGNOSTIC
159 unsigned int readcnt;
160 unsigned int writecnt;
161 #endif
162 };
163 #define PSHMNODE_NULL (struct pshmnode *)0
164
165
166 #define PSHMHASH(pnp) \
167 (&pshmhashtbl[(pnp)->pshm_hash & pshmhash])
168
169 LIST_HEAD(pshmhashhead, pshmcache) *pshmhashtbl; /* Hash Table */
170 u_long pshmhash; /* size of hash table - 1 */
171 long pshmnument; /* number of cache entries allocated */
172 struct pshmstats pshmstats; /* cache effectiveness statistics */
173
174 static int pshm_read (struct fileproc *fp, struct uio *uio,
175 int flags, vfs_context_t ctx);
176 static int pshm_write (struct fileproc *fp, struct uio *uio,
177 int flags, vfs_context_t ctx);
178 static int pshm_ioctl (struct fileproc *fp, u_long com,
179 caddr_t data, vfs_context_t ctx);
180 static int pshm_select (struct fileproc *fp, int which, void *wql, vfs_context_t ctx);
181 static int pshm_close(struct pshmnode *pnode);
182 static int pshm_closefile (struct fileglob *fg, vfs_context_t ctx);
183
184 static int pshm_kqfilter(struct fileproc *fp, struct knote *kn, vfs_context_t ctx);
185
186 int pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, proc_t p);
187 static int pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp);
188 static void pshm_cache_delete(struct pshmcache *pcp);
189 #if NOT_USED
190 static void pshm_cache_purge(void);
191 #endif /* NOT_USED */
192 static int pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
193 struct pshmcache **pcache);
194
195 struct fileops pshmops =
196 { pshm_read, pshm_write, pshm_ioctl, pshm_select, pshm_closefile, pshm_kqfilter, 0 };
197
198 static lck_grp_t *psx_shm_subsys_lck_grp;
199 static lck_grp_attr_t *psx_shm_subsys_lck_grp_attr;
200 static lck_attr_t *psx_shm_subsys_lck_attr;
201 static lck_mtx_t psx_shm_subsys_mutex;
202
203 #define PSHM_SUBSYS_LOCK() lck_mtx_lock(& psx_shm_subsys_mutex)
204 #define PSHM_SUBSYS_UNLOCK() lck_mtx_unlock(& psx_shm_subsys_mutex)
205
206
207 /* Initialize the mutex governing access to the posix shm subsystem */
208 __private_extern__ void
209 pshm_lock_init( void )
210 {
211
212 psx_shm_subsys_lck_grp_attr = lck_grp_attr_alloc_init();
213
214 psx_shm_subsys_lck_grp = lck_grp_alloc_init("posix shared memory", psx_shm_subsys_lck_grp_attr);
215
216 psx_shm_subsys_lck_attr = lck_attr_alloc_init();
217 lck_mtx_init(& psx_shm_subsys_mutex, psx_shm_subsys_lck_grp, psx_shm_subsys_lck_attr);
218 }
219
220 /*
221 * Lookup an entry in the cache
222 *
223 *
224 * status of -1 is returned if matches
225 * If the lookup determines that the name does not exist
226 * (negative cacheing), a status of ENOENT is returned. If the lookup
227 * fails, a status of zero is returned.
228 */
229
230 static int
231 pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
232 struct pshmcache **pcache)
233 {
234 struct pshmcache *pcp, *nnp;
235 struct pshmhashhead *pcpp;
236
237 if (pnp->pshm_namelen > PSHMNAMLEN) {
238 pshmstats.longnames++;
239 return (0);
240 }
241
242 pcpp = PSHMHASH(pnp);
243 for (pcp = pcpp->lh_first; pcp != 0; pcp = nnp) {
244 nnp = pcp->pshm_hash.le_next;
245 if (pcp->pshm_nlen == pnp->pshm_namelen &&
246 !bcmp(pcp->pshm_name, pnp->pshm_nameptr, (u_int)pcp-> pshm_nlen))
247 break;
248 }
249
250 if (pcp == 0) {
251 pshmstats.miss++;
252 return (0);
253 }
254
255 /* We found a "positive" match, return the vnode */
256 if (pcp->pshminfo) {
257 pshmstats.goodhits++;
258 /* TOUCH(ncp); */
259 *pshmp = pcp->pshminfo;
260 *pcache = pcp;
261 return (-1);
262 }
263
264 /*
265 * We found a "negative" match, ENOENT notifies client of this match.
266 * The nc_vpid field records whether this is a whiteout.
267 */
268 pshmstats.neghits++;
269 return (ENOENT);
270 }
271
272 /*
273 * Add an entry to the cache.
274 * XXX should be static?
275 */
276 static int
277 pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp)
278 {
279 struct pshmhashhead *pcpp;
280 struct pshminfo *dpinfo;
281 struct pshmcache *dpcp;
282
283 #if DIAGNOSTIC
284 if (pnp->pshm_namelen > PSHMNAMLEN)
285 panic("cache_enter: name too long");
286 #endif
287
288
289 /* if the entry has already been added by some one else return */
290 if (pshm_cache_search(&dpinfo, pnp, &dpcp) == -1) {
291 return(EEXIST);
292 }
293 pshmnument++;
294
295 /*
296 * Fill in cache info, if vp is NULL this is a "negative" cache entry.
297 * For negative entries, we have to record whether it is a whiteout.
298 * the whiteout flag is stored in the nc_vpid field which is
299 * otherwise unused.
300 */
301 pcp->pshminfo = pshmp;
302 pcp->pshm_nlen = pnp->pshm_namelen;
303 bcopy(pnp->pshm_nameptr, pcp->pshm_name, (unsigned)pcp->pshm_nlen);
304 pcpp = PSHMHASH(pnp);
305 #if DIAGNOSTIC
306 {
307 struct pshmcache *p;
308
309 for (p = pcpp->lh_first; p != 0; p = p->pshm_hash.le_next)
310 if (p == pcp)
311 panic("cache_enter: duplicate");
312 }
313 #endif
314 LIST_INSERT_HEAD(pcpp, pcp, pshm_hash);
315 return(0);
316 }
317
318 /*
319 * Name cache initialization, from vfs_init() when we are booting
320 */
321 void
322 pshm_cache_init(void)
323 {
324 pshmhashtbl = hashinit(desiredvnodes / 8, M_SHM, &pshmhash);
325 }
326
327 #if NOT_USED
328 /*
329 * Invalidate a all entries to particular vnode.
330 *
331 * We actually just increment the v_id, that will do it. The entries will
332 * be purged by lookup as they get found. If the v_id wraps around, we
333 * need to ditch the entire cache, to avoid confusion. No valid vnode will
334 * ever have (v_id == 0).
335 */
336 static void
337 pshm_cache_purge(void)
338 {
339 struct pshmcache *pcp;
340 struct pshmhashhead *pcpp;
341
342 for (pcpp = &pshmhashtbl[pshmhash]; pcpp >= pshmhashtbl; pcpp--) {
343 while ( (pcp = pcpp->lh_first) )
344 pshm_cache_delete(pcp);
345 }
346 }
347 #endif /* NOT_USED */
348
349 static void
350 pshm_cache_delete(struct pshmcache *pcp)
351 {
352 #if DIAGNOSTIC
353 if (pcp->pshm_hash.le_prev == 0)
354 panic("namecache purge le_prev");
355 if (pcp->pshm_hash.le_next == pcp)
356 panic("namecache purge le_next");
357 #endif /* DIAGNOSTIC */
358 LIST_REMOVE(pcp, pshm_hash);
359 pcp->pshm_hash.le_prev = 0;
360 pshmnument--;
361 }
362
363
364 int
365 shm_open(proc_t p, struct shm_open_args *uap, int32_t *retval)
366 {
367 size_t i;
368 int indx, error;
369 struct pshmname nd;
370 struct pshminfo *pinfo;
371 struct fileproc *fp = NULL;
372 char *pnbuf = NULL;
373 struct pshminfo *new_pinfo = PSHMINFO_NULL;
374 struct pshmnode *new_pnode = PSHMNODE_NULL;
375 struct pshmcache *pcache = PSHMCACHE_NULL; /* ignored on return */
376 char * nameptr;
377 char * cp;
378 size_t pathlen, plen;
379 int fmode ;
380 int cmode = uap->mode;
381 int incache = 0;
382 struct pshmcache *pcp = NULL;
383
384 AUDIT_ARG(fflags, uap->oflag);
385 AUDIT_ARG(mode, uap->mode);
386
387 pinfo = PSHMINFO_NULL;
388
389 /*
390 * Preallocate everything we might need up front to avoid taking
391 * and dropping the lock, opening us up to race conditions.
392 */
393 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
394 if (pnbuf == NULL) {
395 error = ENOSPC;
396 goto bad;
397 }
398
399 pathlen = MAXPATHLEN;
400 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
401 if (error) {
402 goto bad;
403 }
404 AUDIT_ARG(text, pnbuf);
405 if (pathlen > PSHMNAMLEN) {
406 error = ENAMETOOLONG;
407 goto bad;
408 }
409 #ifdef PSXSHM_NAME_RESTRICT
410 nameptr = pnbuf;
411 if (*nameptr == '/') {
412 while (*(nameptr++) == '/') {
413 plen--;
414 error = EINVAL;
415 goto bad;
416 }
417 } else {
418 error = EINVAL;
419 goto bad;
420 }
421 #endif /* PSXSHM_NAME_RESTRICT */
422
423 plen = pathlen;
424 nameptr = pnbuf;
425 nd.pshm_nameptr = nameptr;
426 nd.pshm_namelen = plen;
427 nd. pshm_hash =0;
428
429 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
430 nd.pshm_hash += (unsigned char)*cp * i;
431 }
432
433 /*
434 * attempt to allocate a new fp; if unsuccessful, the fp will be
435 * left unmodified (NULL).
436 */
437 error = falloc(p, &fp, &indx, vfs_context_current());
438 if (error)
439 goto bad;
440
441 /*
442 * We allocate a new entry if we are less than the maximum
443 * allowed and the one at the front of the LRU list is in use.
444 * Otherwise we use the one at the front of the LRU list.
445 */
446 MALLOC(pcp, struct pshmcache *, sizeof(struct pshmcache), M_SHM, M_WAITOK|M_ZERO);
447 if (pcp == NULL) {
448 error = ENOSPC;
449 goto bad;
450 }
451
452 MALLOC(new_pinfo, struct pshminfo *, sizeof(struct pshminfo), M_SHM, M_WAITOK|M_ZERO);
453 if (new_pinfo == PSHMINFO_NULL) {
454 error = ENOSPC;
455 goto bad;
456 }
457 #if CONFIG_MACF
458 mac_posixshm_label_init(new_pinfo);
459 #endif
460
461 MALLOC(new_pnode, struct pshmnode *, sizeof(struct pshmnode), M_SHM, M_WAITOK|M_ZERO);
462 if (new_pnode == PSHMNODE_NULL) {
463 error = ENOSPC;
464 goto bad;
465 }
466
467 PSHM_SUBSYS_LOCK();
468
469 error = pshm_cache_search(&pinfo, &nd, &pcache);
470
471 if (error == ENOENT) {
472 error = EINVAL;
473 goto bad_locked;
474
475 }
476 if (!error) {
477 incache = 0;
478 } else
479 incache = 1;
480 fmode = FFLAGS(uap->oflag);
481 if ((fmode & (FREAD | FWRITE))==0) {
482 error = EINVAL;
483 goto bad_locked;
484 }
485
486 cmode &= ALLPERMS;
487
488 if (fmode & O_CREAT) {
489 if (incache) {
490 /* already exists */
491 if ((fmode & O_EXCL)) {
492 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
493 pinfo->pshm_gid,
494 pinfo->pshm_mode);
495
496 /* shm obj exists and opened O_EXCL */
497 error = EEXIST;
498 goto bad_locked;
499 }
500
501 if( pinfo->pshm_flags & PSHM_INDELETE) {
502 error = ENOENT;
503 goto bad_locked;
504 }
505 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
506 pinfo->pshm_gid, pinfo->pshm_mode);
507 #if CONFIG_MACF
508 if ((error = mac_posixshm_check_open(kauth_cred_get(), pinfo))) {
509 goto bad_locked;
510 }
511 #endif
512 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
513 goto bad_locked;
514 }
515 } else {
516 /* create a new one (commit the allocation) */
517 pinfo = new_pinfo;
518 pinfo->pshm_flags = PSHM_DEFINED | PSHM_INCREATE;
519 pinfo->pshm_usecount = 1; /* existence reference */
520 pinfo->pshm_mode = cmode;
521 pinfo->pshm_uid = kauth_cred_getuid(kauth_cred_get());
522 pinfo->pshm_gid = kauth_cred_get()->cr_gid;
523 bcopy(pnbuf, &pinfo->pshm_name[0], PSHMNAMLEN);
524 pinfo->pshm_name[PSHMNAMLEN]=0;
525 #if CONFIG_MACF
526 error = mac_posixshm_check_create(kauth_cred_get(), nameptr);
527 if (error) {
528 goto bad_locked;
529 }
530 mac_posixshm_label_associate(kauth_cred_get(), pinfo, nameptr);
531 #endif
532 }
533 } else {
534 if (!incache) {
535 /* O_CREAT is not set and the object does not exist */
536 error = ENOENT;
537 goto bad_locked;
538 }
539 if( pinfo->pshm_flags & PSHM_INDELETE) {
540 error = ENOENT;
541 goto bad_locked;
542 }
543 #if CONFIG_MACF
544 if ((error = mac_posixshm_check_open(kauth_cred_get(), pinfo))) {
545 goto bad_locked;
546 }
547 #endif
548
549 if ((error = pshm_access(pinfo, fmode, kauth_cred_get(), p))) {
550 goto bad_locked;
551 }
552 }
553 if (fmode & O_TRUNC) {
554 error = EINVAL;
555 goto bad_locked;
556 }
557 #if DIAGNOSTIC
558 if (fmode & FWRITE)
559 pinfo->pshm_writecount++;
560 if (fmode & FREAD)
561 pinfo->pshm_readcount++;
562 #endif
563 if (!incache) {
564 /* if successful, this will consume the pcp */
565 if ( (error = pshm_cache_add(pinfo, &nd, pcp)) ) {
566 goto bad_locked;
567 }
568 }
569 pinfo->pshm_flags &= ~PSHM_INCREATE;
570 pinfo->pshm_usecount++; /* extra reference for the new fd */
571 new_pnode->pinfo = pinfo;
572
573 PSHM_SUBSYS_UNLOCK();
574
575 /*
576 * if incache, we did not use the new pcp or new_pinfo and must
577 * free them
578 */
579 if (incache) {
580 FREE(pcp, M_SHM);
581
582 if (new_pinfo != PSHMINFO_NULL) {
583 #if CONFIG_MACF
584 mac_posixshm_label_destroy(new_pinfo);
585 #endif
586 FREE(new_pinfo, M_SHM);
587 }
588 }
589
590 proc_fdlock(p);
591 fp->f_flag = fmode & FMASK;
592 fp->f_type = DTYPE_PSXSHM;
593 fp->f_ops = &pshmops;
594 fp->f_data = (caddr_t)new_pnode;
595 *fdflags(p, indx) |= UF_EXCLOSE;
596 procfdtbl_releasefd(p, indx, NULL);
597 fp_drop(p, indx, fp, 1);
598 proc_fdunlock(p);
599
600 *retval = indx;
601 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
602 return (0);
603
604 bad_locked:
605 PSHM_SUBSYS_UNLOCK();
606 bad:
607 if (pcp != NULL)
608 FREE(pcp, M_SHM);
609
610 if (new_pnode != PSHMNODE_NULL)
611 FREE(new_pnode, M_SHM);
612
613 if (fp != NULL)
614 fp_free(p, indx, fp);
615
616 if (new_pinfo != PSHMINFO_NULL) {
617 #if CONFIG_MACF
618 mac_posixshm_label_destroy(new_pinfo);
619 #endif
620 FREE(new_pinfo, M_SHM);
621 }
622 if (pnbuf != NULL)
623 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
624 return (error);
625 }
626
627
628 int
629 pshm_truncate(__unused proc_t p, struct fileproc *fp, __unused int fd,
630 off_t length, __unused int32_t *retval)
631 {
632 struct pshminfo * pinfo;
633 struct pshmnode * pnode ;
634 kern_return_t kret;
635 mem_entry_name_port_t mem_object;
636 mach_vm_size_t size, total_size, alloc_size;
637 struct pshmobj *pshmobj, *pshmobj_next, **pshmobj_next_p;
638 #if CONFIG_MACF
639 int error;
640 #endif
641
642 if (fp->f_type != DTYPE_PSXSHM) {
643 return(EINVAL);
644 }
645
646
647 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
648 return(EINVAL);
649
650 PSHM_SUBSYS_LOCK();
651 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
652 PSHM_SUBSYS_UNLOCK();
653 return(EINVAL);
654 }
655 if ((pinfo->pshm_flags & (PSHM_DEFINED|PSHM_ALLOCATING|PSHM_ALLOCATED))
656 != PSHM_DEFINED) {
657 PSHM_SUBSYS_UNLOCK();
658 return(EINVAL);
659 }
660 #if CONFIG_MACF
661 error = mac_posixshm_check_truncate(kauth_cred_get(), pinfo, size);
662 if (error) {
663 PSHM_SUBSYS_UNLOCK();
664 return(error);
665 }
666 #endif
667
668 pinfo->pshm_flags |= PSHM_ALLOCATING;
669 total_size = round_page_64(length);
670 pshmobj_next_p = &pinfo->pshm_memobjects;
671
672 for (alloc_size = 0;
673 alloc_size < total_size;
674 alloc_size += size) {
675
676 PSHM_SUBSYS_UNLOCK();
677
678 size = MIN(total_size - alloc_size, ANON_MAX_SIZE);
679 kret = mach_make_memory_entry_64(
680 VM_MAP_NULL,
681 &size,
682 0,
683 MAP_MEM_NAMED_CREATE | VM_PROT_DEFAULT,
684 &mem_object,
685 0);
686
687 if (kret != KERN_SUCCESS)
688 goto out;
689
690 MALLOC(pshmobj, struct pshmobj *, sizeof (struct pshmobj),
691 M_SHM, M_WAITOK);
692 if (pshmobj == NULL) {
693 kret = KERN_NO_SPACE;
694 mach_memory_entry_port_release(mem_object);
695 mem_object = NULL;
696 goto out;
697 }
698
699 PSHM_SUBSYS_LOCK();
700
701 pshmobj->pshmo_memobject = (void *) mem_object;
702 pshmobj->pshmo_size = size;
703 pshmobj->pshmo_next = NULL;
704
705 *pshmobj_next_p = pshmobj;
706 pshmobj_next_p = &pshmobj->pshmo_next;
707 }
708
709 pinfo->pshm_flags = PSHM_ALLOCATED;
710 pinfo->pshm_length = total_size;
711 PSHM_SUBSYS_UNLOCK();
712 return(0);
713
714 out:
715 PSHM_SUBSYS_LOCK();
716 for (pshmobj = pinfo->pshm_memobjects;
717 pshmobj != NULL;
718 pshmobj = pshmobj_next) {
719 pshmobj_next = pshmobj->pshmo_next;
720 mach_memory_entry_port_release(pshmobj->pshmo_memobject);
721 FREE(pshmobj, M_SHM);
722 }
723 pinfo->pshm_memobjects = NULL;
724 pinfo->pshm_flags &= ~PSHM_ALLOCATING;
725 PSHM_SUBSYS_UNLOCK();
726
727 switch (kret) {
728 case KERN_INVALID_ADDRESS:
729 case KERN_NO_SPACE:
730 return (ENOMEM);
731 case KERN_PROTECTION_FAILURE:
732 return (EACCES);
733 default:
734 return (EINVAL);
735
736 }
737 }
738
739 int
740 pshm_stat(struct pshmnode *pnode, void *ub, int isstat64)
741 {
742 struct stat *sb = (struct stat *)0; /* warning avoidance ; protected by isstat64 */
743 struct stat64 * sb64 = (struct stat64 *)0; /* warning avoidance ; protected by isstat64 */
744 struct pshminfo *pinfo;
745 #if CONFIG_MACF
746 int error;
747 #endif
748
749 PSHM_SUBSYS_LOCK();
750 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL){
751 PSHM_SUBSYS_UNLOCK();
752 return(EINVAL);
753 }
754
755 #if CONFIG_MACF
756 error = mac_posixshm_check_stat(kauth_cred_get(), pinfo);
757 if (error) {
758 PSHM_SUBSYS_UNLOCK();
759 return(error);
760 }
761 #endif
762
763 if (isstat64 != 0) {
764 sb64 = (struct stat64 *)ub;
765 bzero(sb64, sizeof(struct stat64));
766 sb64->st_mode = pinfo->pshm_mode;
767 sb64->st_uid = pinfo->pshm_uid;
768 sb64->st_gid = pinfo->pshm_gid;
769 sb64->st_size = pinfo->pshm_length;
770 } else {
771 sb = (struct stat *)ub;
772 bzero(sb, sizeof(struct stat));
773 sb->st_mode = pinfo->pshm_mode;
774 sb->st_uid = pinfo->pshm_uid;
775 sb->st_gid = pinfo->pshm_gid;
776 sb->st_size = pinfo->pshm_length;
777 }
778 PSHM_SUBSYS_UNLOCK();
779
780 return(0);
781 }
782
783 /*
784 * This is called only from shm_open which holds pshm_lock();
785 * XXX This code is repeated many times
786 */
787 int
788 pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, __unused proc_t p)
789 {
790 mode_t mask;
791 int is_member;
792
793 /* Otherwise, user id 0 always gets access. */
794 if (!suser(cred, NULL))
795 return (0);
796
797 mask = 0;
798
799 /* Otherwise, check the owner. */
800 if (kauth_cred_getuid(cred) == pinfo->pshm_uid) {
801 if (mode & FREAD)
802 mask |= S_IRUSR;
803 if (mode & FWRITE)
804 mask |= S_IWUSR;
805 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
806 }
807
808 /* Otherwise, check the groups. */
809 if (kauth_cred_ismember_gid(cred, pinfo->pshm_gid, &is_member) == 0 && is_member) {
810 if (mode & FREAD)
811 mask |= S_IRGRP;
812 if (mode & FWRITE)
813 mask |= S_IWGRP;
814 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
815 }
816
817 /* Otherwise, check everyone else. */
818 if (mode & FREAD)
819 mask |= S_IROTH;
820 if (mode & FWRITE)
821 mask |= S_IWOTH;
822 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
823 }
824
825 int
826 pshm_mmap(__unused proc_t p, struct mmap_args *uap, user_addr_t *retval, struct fileproc *fp, off_t pageoff)
827 {
828 mach_vm_offset_t user_addr = (mach_vm_offset_t)uap->addr;
829 mach_vm_size_t user_size = (mach_vm_size_t)uap->len ;
830 mach_vm_offset_t user_start_addr;
831 mach_vm_size_t map_size, mapped_size;
832 int prot = uap->prot;
833 int flags = uap->flags;
834 vm_object_offset_t file_pos = (vm_object_offset_t)uap->pos;
835 vm_object_offset_t map_pos;
836 vm_map_t user_map;
837 int alloc_flags;
838 boolean_t docow;
839 kern_return_t kret;
840 struct pshminfo * pinfo;
841 struct pshmnode * pnode;
842 struct pshmobj * pshmobj;
843 #if CONFIG_MACF
844 int error;
845 #endif
846
847 if (user_size == 0)
848 return(0);
849
850 if ((flags & MAP_SHARED) == 0)
851 return(EINVAL);
852
853
854 if ((prot & PROT_WRITE) && ((fp->f_flag & FWRITE) == 0)) {
855 return(EPERM);
856 }
857
858 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
859 return(EINVAL);
860
861 PSHM_SUBSYS_LOCK();
862 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
863 PSHM_SUBSYS_UNLOCK();
864 return(EINVAL);
865 }
866
867 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
868 PSHM_SUBSYS_UNLOCK();
869 return(EINVAL);
870 }
871 if ((off_t)user_size > pinfo->pshm_length) {
872 PSHM_SUBSYS_UNLOCK();
873 return(EINVAL);
874 }
875 if ((off_t)(user_size + file_pos) > pinfo->pshm_length) {
876 PSHM_SUBSYS_UNLOCK();
877 return(EINVAL);
878 }
879 if ((pshmobj = pinfo->pshm_memobjects) == NULL) {
880 PSHM_SUBSYS_UNLOCK();
881 return(EINVAL);
882 }
883
884 #if CONFIG_MACF
885 error = mac_posixshm_check_mmap(kauth_cred_get(), pinfo, prot, flags);
886 if (error) {
887 PSHM_SUBSYS_UNLOCK();
888 return(error);
889 }
890 #endif
891
892 PSHM_SUBSYS_UNLOCK();
893 user_map = current_map();
894
895 if ((flags & MAP_FIXED) == 0) {
896 alloc_flags = VM_FLAGS_ANYWHERE;
897 user_addr = mach_vm_round_page(user_addr);
898 } else {
899 if (user_addr != mach_vm_trunc_page(user_addr))
900 return (EINVAL);
901 /*
902 * We do not get rid of the existing mappings here because
903 * it wouldn't be atomic (see comment in mmap()). We let
904 * Mach VM know that we want it to replace any existing
905 * mapping with the new one.
906 */
907 alloc_flags = VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE;
908 }
909 docow = FALSE;
910
911 mapped_size = 0;
912
913 /* reserver the entire space first... */
914 kret = vm_map_enter_mem_object(user_map,
915 &user_addr,
916 user_size,
917 0,
918 alloc_flags,
919 IPC_PORT_NULL,
920 0,
921 FALSE,
922 VM_PROT_NONE,
923 VM_PROT_NONE,
924 VM_INHERIT_NONE);
925 user_start_addr = user_addr;
926 if (kret != KERN_SUCCESS) {
927 goto out;
928 }
929
930 /* ... and overwrite with the real mappings */
931 for (map_pos = 0, pshmobj = pinfo->pshm_memobjects;
932 user_size != 0;
933 map_pos += pshmobj->pshmo_size, pshmobj = pshmobj->pshmo_next) {
934 if (pshmobj == NULL) {
935 /* nothing there to map !? */
936 goto out;
937 }
938 if (file_pos >= map_pos + pshmobj->pshmo_size) {
939 continue;
940 }
941 map_size = pshmobj->pshmo_size - (file_pos - map_pos);
942 if (map_size > user_size) {
943 map_size = user_size;
944 }
945 kret = vm_map_enter_mem_object(
946 user_map,
947 &user_addr,
948 map_size,
949 0,
950 VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE,
951 pshmobj->pshmo_memobject,
952 file_pos - map_pos,
953 docow,
954 prot,
955 VM_PROT_DEFAULT,
956 VM_INHERIT_SHARE);
957 if (kret != KERN_SUCCESS)
958 goto out;
959
960 user_addr += map_size;
961 user_size -= map_size;
962 mapped_size += map_size;
963 file_pos += map_size;
964 }
965
966 PSHM_SUBSYS_LOCK();
967 pnode->mapp_addr = user_start_addr;
968 pnode->map_size = mapped_size;
969 pinfo->pshm_flags |= (PSHM_MAPPED | PSHM_INUSE);
970 PSHM_SUBSYS_UNLOCK();
971 out:
972 if (kret != KERN_SUCCESS) {
973 if (mapped_size != 0) {
974 (void) mach_vm_deallocate(current_map(),
975 user_start_addr,
976 mapped_size);
977 }
978 }
979
980 switch (kret) {
981 case KERN_SUCCESS:
982 *retval = (user_start_addr + pageoff);
983 return (0);
984 case KERN_INVALID_ADDRESS:
985 case KERN_NO_SPACE:
986 return (ENOMEM);
987 case KERN_PROTECTION_FAILURE:
988 return (EACCES);
989 default:
990 return (EINVAL);
991 }
992
993 }
994
995 int
996 shm_unlink(__unused proc_t p, struct shm_unlink_args *uap,
997 __unused int32_t *retval)
998 {
999 size_t i;
1000 int error=0;
1001 struct pshmname nd;
1002 struct pshminfo *pinfo;
1003 char * pnbuf;
1004 char * nameptr;
1005 char * cp;
1006 size_t pathlen, plen;
1007 int incache = 0;
1008 struct pshmcache *pcache = PSHMCACHE_NULL;
1009 struct pshmobj *pshmobj, *pshmobj_next;
1010
1011 pinfo = PSHMINFO_NULL;
1012
1013 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
1014 if (pnbuf == NULL) {
1015 return(ENOSPC); /* XXX non-standard */
1016 }
1017 pathlen = MAXPATHLEN;
1018 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
1019 if (error) {
1020 goto bad;
1021 }
1022 AUDIT_ARG(text, pnbuf);
1023 if (pathlen > PSHMNAMLEN) {
1024 error = ENAMETOOLONG;
1025 goto bad;
1026 }
1027
1028
1029 #ifdef PSXSHM_NAME_RESTRICT
1030 nameptr = pnbuf;
1031 if (*nameptr == '/') {
1032 while (*(nameptr++) == '/') {
1033 plen--;
1034 error = EINVAL;
1035 goto bad;
1036 }
1037 } else {
1038 error = EINVAL;
1039 goto bad;
1040 }
1041 #endif /* PSXSHM_NAME_RESTRICT */
1042
1043 plen = pathlen;
1044 nameptr = pnbuf;
1045 nd.pshm_nameptr = nameptr;
1046 nd.pshm_namelen = plen;
1047 nd. pshm_hash =0;
1048
1049 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
1050 nd.pshm_hash += (unsigned char)*cp * i;
1051 }
1052
1053 PSHM_SUBSYS_LOCK();
1054 error = pshm_cache_search(&pinfo, &nd, &pcache);
1055
1056 if (error == ENOENT) {
1057 PSHM_SUBSYS_UNLOCK();
1058 error = EINVAL;
1059 goto bad;
1060
1061 }
1062 if (!error) {
1063 PSHM_SUBSYS_UNLOCK();
1064 error = EINVAL;
1065 goto bad;
1066 } else
1067 incache = 1;
1068
1069 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))==0) {
1070 PSHM_SUBSYS_UNLOCK();
1071 error = EINVAL;
1072 goto bad;
1073 }
1074
1075 if (pinfo->pshm_flags & PSHM_ALLOCATING) {
1076 /* XXX should we wait for flag to clear and then proceed ? */
1077 PSHM_SUBSYS_UNLOCK();
1078 error = EAGAIN;
1079 goto bad;
1080 }
1081
1082 if (pinfo->pshm_flags & PSHM_INDELETE) {
1083 PSHM_SUBSYS_UNLOCK();
1084 error = 0;
1085 goto bad;
1086 }
1087 #if CONFIG_MACF
1088 error = mac_posixshm_check_unlink(kauth_cred_get(), pinfo, nameptr);
1089 if (error) {
1090 PSHM_SUBSYS_UNLOCK();
1091 goto bad;
1092 }
1093 #endif
1094
1095 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid, pinfo->pshm_gid,
1096 pinfo->pshm_mode);
1097
1098 /*
1099 * JMM - How should permissions be checked?
1100 */
1101
1102 pinfo->pshm_flags |= PSHM_INDELETE;
1103 pshm_cache_delete(pcache);
1104 pinfo->pshm_flags |= PSHM_REMOVED;
1105 /* release the existence reference */
1106 if (!--pinfo->pshm_usecount) {
1107 PSHM_SUBSYS_UNLOCK();
1108 /*
1109 * If this is the last reference going away on the object,
1110 * then we need to destroy the backing object. The name
1111 * has an implied but uncounted reference on the object,
1112 * once it's created, since it's used as a rendezvous, and
1113 * therefore may be subsequently reopened.
1114 */
1115 for (pshmobj = pinfo->pshm_memobjects;
1116 pshmobj != NULL;
1117 pshmobj = pshmobj_next) {
1118 mach_memory_entry_port_release(pshmobj->pshmo_memobject);
1119 pshmobj_next = pshmobj->pshmo_next;
1120 FREE(pshmobj, M_SHM);
1121 }
1122 FREE(pinfo,M_SHM);
1123 } else {
1124 PSHM_SUBSYS_UNLOCK();
1125 }
1126 FREE(pcache, M_SHM);
1127 error = 0;
1128 bad:
1129 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1130 return (error);
1131 }
1132
1133 /* already called locked */
1134 static int
1135 pshm_close(struct pshmnode *pnode)
1136 {
1137 int error=0;
1138 struct pshminfo *pinfo;
1139 struct pshmobj *pshmobj, *pshmobj_next;
1140
1141 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL)
1142 return(EINVAL);
1143
1144 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
1145 return(EINVAL);
1146 }
1147 #if DIAGNOSTIC
1148 if(!pinfo->pshm_usecount) {
1149 kprintf("negative usecount in pshm_close\n");
1150 }
1151 #endif /* DIAGNOSTIC */
1152 pinfo->pshm_usecount--; /* release this fd's reference */
1153
1154 if ((pinfo->pshm_flags & PSHM_REMOVED) && !pinfo->pshm_usecount) {
1155 #if CONFIG_MACF
1156 mac_posixshm_label_destroy(pinfo);
1157 #endif
1158 PSHM_SUBSYS_UNLOCK();
1159 /*
1160 * If this is the last reference going away on the object,
1161 * then we need to destroy the backing object.
1162 */
1163 for (pshmobj = pinfo->pshm_memobjects;
1164 pshmobj != NULL;
1165 pshmobj = pshmobj_next) {
1166 mach_memory_entry_port_release(pshmobj->pshmo_memobject);
1167 pshmobj_next = pshmobj->pshmo_next;
1168 FREE(pshmobj, M_SHM);
1169 }
1170 PSHM_SUBSYS_LOCK();
1171 FREE(pinfo,M_SHM);
1172 }
1173 FREE(pnode, M_SHM);
1174 return (error);
1175 }
1176
1177 /* vfs_context_t passed to match prototype for struct fileops */
1178 static int
1179 pshm_closefile(struct fileglob *fg, __unused vfs_context_t ctx)
1180 {
1181 int error;
1182
1183 PSHM_SUBSYS_LOCK();
1184 error = pshm_close(((struct pshmnode *)fg->fg_data));
1185 PSHM_SUBSYS_UNLOCK();
1186 return(error);
1187 }
1188
1189 static int
1190 pshm_read(__unused struct fileproc *fp, __unused struct uio *uio,
1191 __unused int flags, __unused vfs_context_t ctx)
1192 {
1193 return(ENOTSUP);
1194 }
1195
1196 static int
1197 pshm_write(__unused struct fileproc *fp, __unused struct uio *uio,
1198 __unused int flags, __unused vfs_context_t ctx)
1199 {
1200 return(ENOTSUP);
1201 }
1202
1203 static int
1204 pshm_ioctl(__unused struct fileproc *fp, __unused u_long com,
1205 __unused caddr_t data, __unused vfs_context_t ctx)
1206 {
1207 return(ENOTSUP);
1208 }
1209
1210 static int
1211 pshm_select(__unused struct fileproc *fp, __unused int which, __unused void *wql,
1212 __unused vfs_context_t ctx)
1213 {
1214 return(ENOTSUP);
1215 }
1216
1217 static int
1218 pshm_kqfilter(__unused struct fileproc *fp, __unused struct knote *kn,
1219 __unused vfs_context_t ctx)
1220 {
1221 return(ENOTSUP);
1222 }
1223
1224 int
1225 fill_pshminfo(struct pshmnode * pshm, struct pshm_info * info)
1226 {
1227 struct pshminfo *pinfo;
1228 struct vinfo_stat *sb;
1229
1230 PSHM_SUBSYS_LOCK();
1231 if ((pinfo = pshm->pinfo) == PSHMINFO_NULL){
1232 PSHM_SUBSYS_UNLOCK();
1233 return(EINVAL);
1234 }
1235
1236 sb = &info->pshm_stat;
1237
1238 bzero(sb, sizeof(struct vinfo_stat));
1239 sb->vst_mode = pinfo->pshm_mode;
1240 sb->vst_uid = pinfo->pshm_uid;
1241 sb->vst_gid = pinfo->pshm_gid;
1242 sb->vst_size = pinfo->pshm_length;
1243
1244 info->pshm_mappaddr = pshm->mapp_addr;
1245 bcopy(&pinfo->pshm_name[0], &info->pshm_name[0], PSHMNAMLEN+1);
1246
1247 PSHM_SUBSYS_UNLOCK();
1248 return(0);
1249 }
1250
1251 #if CONFIG_MACF
1252 void
1253 pshm_label_associate(struct fileproc *fp, struct vnode *vp, vfs_context_t ctx)
1254 {
1255 struct pshmnode *pnode;
1256 struct pshminfo *pshm;
1257
1258 PSHM_SUBSYS_LOCK();
1259 pnode = (struct pshmnode *)fp->f_fglob->fg_data;
1260 if (pnode != NULL) {
1261 pshm = pnode->pinfo;
1262 if (pshm != NULL)
1263 mac_posixshm_vnode_label_associate(
1264 vfs_context_ucred(ctx), pshm, pshm->pshm_label,
1265 vp, vp->v_label);
1266 }
1267 PSHM_SUBSYS_UNLOCK();
1268 }
1269 #endif
mirror of XNU