]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/posix_shm.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-792.22.5.tar.gz
[apple/xnu.git] / bsd / kern / posix_shm.c
1 /*
2 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1990, 1996-1998 Apple Computer, Inc.
30 * All Rights Reserved.
31 */
32 /*
33 * posix_shm.c : Support for POSIX shared memory APIs
34 *
35 * File: posix_shm.c
36 * Author: Ananthakrishna Ramesh
37 *
38 * HISTORY
39 * 2-Sep-1999 A.Ramesh
40 * Created for MacOSX
41 *
42 */
43
44 #include <sys/cdefs.h>
45 #include <sys/param.h>
46 #include <sys/systm.h>
47 #include <sys/kernel.h>
48 #include <sys/file_internal.h>
49 #include <sys/filedesc.h>
50 #include <sys/stat.h>
51 #include <sys/proc_internal.h>
52 #include <sys/kauth.h>
53 #include <sys/mount.h>
54 #include <sys/namei.h>
55 #include <sys/vnode.h>
56 #include <sys/ioctl.h>
57 #include <sys/tty.h>
58 #include <sys/malloc.h>
59 #include <sys/mman.h>
60 #include <sys/stat.h>
61 #include <sys/sysproto.h>
62 #include <sys/proc_info.h>
63
64 #include <bsm/audit_kernel.h>
65
66 #include <mach/mach_types.h>
67 #include <mach/mach_vm.h>
68 #include <mach/vm_map.h>
69 #include <mach/vm_prot.h>
70 #include <mach/vm_inherit.h>
71 #include <mach/kern_return.h>
72 #include <mach/memory_object_control.h>
73
74 #include <vm/vm_map.h>
75 #include <vm/vm_protos.h>
76 #include <vm/vm_shared_memory_server.h>
77
78 #if KTRACE
79 #include <sys/ktrace.h>
80 #endif
81
82 #define f_flag f_fglob->fg_flag
83 #define f_type f_fglob->fg_type
84 #define f_msgcount f_fglob->fg_msgcount
85 #define f_cred f_fglob->fg_cred
86 #define f_ops f_fglob->fg_ops
87 #define f_offset f_fglob->fg_offset
88 #define f_data f_fglob->fg_data
89 #define PSHMNAMLEN 31 /* maximum name segment length we bother with */
90
91
92 struct pshminfo {
93 unsigned int pshm_flags;
94 unsigned int pshm_usecount;
95 off_t pshm_length;
96 mode_t pshm_mode;
97 uid_t pshm_uid;
98 gid_t pshm_gid;
99 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
100 void * pshm_memobject;
101 #if DIAGNOSTIC
102 unsigned int pshm_readcount;
103 unsigned int pshm_writecount;
104 struct proc * pshm_proc;
105 #endif /* DIAGNOSTIC */
106 };
107 #define PSHMINFO_NULL (struct pshminfo *)0
108
109 #define PSHM_NONE 1
110 #define PSHM_DEFINED 2
111 #define PSHM_ALLOCATED 4
112 #define PSHM_MAPPED 8
113 #define PSHM_INUSE 0x10
114 #define PSHM_REMOVED 0x20
115 #define PSHM_INCREATE 0x40
116 #define PSHM_INDELETE 0x80
117
118 struct pshmcache {
119 LIST_ENTRY(pshmcache) pshm_hash; /* hash chain */
120 struct pshminfo *pshminfo; /* vnode the name refers to */
121 int pshm_nlen; /* length of name */
122 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
123 };
124 #define PSHMCACHE_NULL (struct pshmcache *)0
125
126 struct pshmstats {
127 long goodhits; /* hits that we can really use */
128 long neghits; /* negative hits that we can use */
129 long badhits; /* hits we must drop */
130 long falsehits; /* hits with id mismatch */
131 long miss; /* misses */
132 long longnames; /* long names that ignore cache */
133 };
134
135 struct pshmname {
136 char *pshm_nameptr; /* pointer to looked up name */
137 long pshm_namelen; /* length of looked up component */
138 u_long pshm_hash; /* hash value of looked up name */
139 };
140
141 struct pshmnode {
142 off_t mapp_addr;
143 user_size_t map_size;
144 struct pshminfo *pinfo;
145 unsigned int pshm_usecount;
146 #if DIAGNOSTIC
147 unsigned int readcnt;
148 unsigned int writecnt;
149 #endif
150 };
151 #define PSHMNODE_NULL (struct pshmnode *)0
152
153
154 #define PSHMHASH(pnp) \
155 (&pshmhashtbl[(pnp)->pshm_hash & pshmhash])
156
157 LIST_HEAD(pshmhashhead, pshmcache) *pshmhashtbl; /* Hash Table */
158 u_long pshmhash; /* size of hash table - 1 */
159 long pshmnument; /* number of cache entries allocated */
160 struct pshmstats pshmstats; /* cache effectiveness statistics */
161
162 static int pshm_read (struct fileproc *fp, struct uio *uio,
163 kauth_cred_t cred, int flags, struct proc *p);
164 static int pshm_write (struct fileproc *fp, struct uio *uio,
165 kauth_cred_t cred, int flags, struct proc *p);
166 static int pshm_ioctl (struct fileproc *fp, u_long com,
167 caddr_t data, struct proc *p);
168 static int pshm_select (struct fileproc *fp, int which, void *wql, struct proc *p);
169 static int pshm_close(struct pshmnode *pnode);
170 static int pshm_closefile (struct fileglob *fg, struct proc *p);
171
172 static int pshm_kqfilter(struct fileproc *fp, struct knote *kn, struct proc *p);
173
174 int pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, struct proc *p);
175 static int pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp);
176 static void pshm_cache_delete(struct pshmcache *pcp);
177 #if NOT_USED
178 static void pshm_cache_purge(void);
179 #endif /* NOT_USED */
180 static int pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
181 struct pshmcache **pcache);
182
183 struct fileops pshmops =
184 { pshm_read, pshm_write, pshm_ioctl, pshm_select, pshm_closefile, pshm_kqfilter, 0 };
185
186 static lck_grp_t *psx_shm_subsys_lck_grp;
187 static lck_grp_attr_t *psx_shm_subsys_lck_grp_attr;
188 static lck_attr_t *psx_shm_subsys_lck_attr;
189 static lck_mtx_t psx_shm_subsys_mutex;
190
191 #define PSHM_SUBSYS_LOCK() lck_mtx_lock(& psx_shm_subsys_mutex)
192 #define PSHM_SUBSYS_UNLOCK() lck_mtx_unlock(& psx_shm_subsys_mutex)
193
194
195 /* Initialize the mutex governing access to the posix shm subsystem */
196 __private_extern__ void
197 pshm_lock_init( void )
198 {
199
200 psx_shm_subsys_lck_grp_attr = lck_grp_attr_alloc_init();
201
202 psx_shm_subsys_lck_grp = lck_grp_alloc_init("posix shared memory", psx_shm_subsys_lck_grp_attr);
203
204 psx_shm_subsys_lck_attr = lck_attr_alloc_init();
205 lck_mtx_init(& psx_shm_subsys_mutex, psx_shm_subsys_lck_grp, psx_shm_subsys_lck_attr);
206 }
207
208 /*
209 * Lookup an entry in the cache
210 *
211 *
212 * status of -1 is returned if matches
213 * If the lookup determines that the name does not exist
214 * (negative cacheing), a status of ENOENT is returned. If the lookup
215 * fails, a status of zero is returned.
216 */
217
218 static int
219 pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
220 struct pshmcache **pcache)
221 {
222 struct pshmcache *pcp, *nnp;
223 struct pshmhashhead *pcpp;
224
225 if (pnp->pshm_namelen > PSHMNAMLEN) {
226 pshmstats.longnames++;
227 return (0);
228 }
229
230 pcpp = PSHMHASH(pnp);
231 for (pcp = pcpp->lh_first; pcp != 0; pcp = nnp) {
232 nnp = pcp->pshm_hash.le_next;
233 if (pcp->pshm_nlen == pnp->pshm_namelen &&
234 !bcmp(pcp->pshm_name, pnp->pshm_nameptr, (u_int)pcp-> pshm_nlen))
235 break;
236 }
237
238 if (pcp == 0) {
239 pshmstats.miss++;
240 return (0);
241 }
242
243 /* We found a "positive" match, return the vnode */
244 if (pcp->pshminfo) {
245 pshmstats.goodhits++;
246 /* TOUCH(ncp); */
247 *pshmp = pcp->pshminfo;
248 *pcache = pcp;
249 return (-1);
250 }
251
252 /*
253 * We found a "negative" match, ENOENT notifies client of this match.
254 * The nc_vpid field records whether this is a whiteout.
255 */
256 pshmstats.neghits++;
257 return (ENOENT);
258 }
259
260 /*
261 * Add an entry to the cache.
262 * XXX should be static?
263 */
264 static int
265 pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp)
266 {
267 struct pshmhashhead *pcpp;
268 struct pshminfo *dpinfo;
269 struct pshmcache *dpcp;
270
271 #if DIAGNOSTIC
272 if (pnp->pshm_namelen > NCHNAMLEN)
273 panic("cache_enter: name too long");
274 #endif
275
276
277 /* if the entry has already been added by some one else return */
278 if (pshm_cache_search(&dpinfo, pnp, &dpcp) == -1) {
279 return(EEXIST);
280 }
281 pshmnument++;
282
283 /*
284 * Fill in cache info, if vp is NULL this is a "negative" cache entry.
285 * For negative entries, we have to record whether it is a whiteout.
286 * the whiteout flag is stored in the nc_vpid field which is
287 * otherwise unused.
288 */
289 pcp->pshminfo = pshmp;
290 pcp->pshm_nlen = pnp->pshm_namelen;
291 bcopy(pnp->pshm_nameptr, pcp->pshm_name, (unsigned)pcp->pshm_nlen);
292 pcpp = PSHMHASH(pnp);
293 #if DIAGNOSTIC
294 {
295 struct pshmcache *p;
296
297 for (p = pcpp->lh_first; p != 0; p = p->pshm_hash.le_next)
298 if (p == pcp)
299 panic("cache_enter: duplicate");
300 }
301 #endif
302 LIST_INSERT_HEAD(pcpp, pcp, pshm_hash);
303 return(0);
304 }
305
306 /*
307 * Name cache initialization, from vfs_init() when we are booting
308 */
309 void
310 pshm_cache_init(void)
311 {
312 pshmhashtbl = hashinit(desiredvnodes, M_SHM, &pshmhash);
313 }
314
315 #if NOT_USED
316 /*
317 * Invalidate a all entries to particular vnode.
318 *
319 * We actually just increment the v_id, that will do it. The entries will
320 * be purged by lookup as they get found. If the v_id wraps around, we
321 * need to ditch the entire cache, to avoid confusion. No valid vnode will
322 * ever have (v_id == 0).
323 */
324 static void
325 pshm_cache_purge(void)
326 {
327 struct pshmcache *pcp;
328 struct pshmhashhead *pcpp;
329
330 for (pcpp = &pshmhashtbl[pshmhash]; pcpp >= pshmhashtbl; pcpp--) {
331 while ( (pcp = pcpp->lh_first) )
332 pshm_cache_delete(pcp);
333 }
334 }
335 #endif /* NOT_USED */
336
337 static void
338 pshm_cache_delete(struct pshmcache *pcp)
339 {
340 #if DIAGNOSTIC
341 if (pcp->pshm_hash.le_prev == 0)
342 panic("namecache purge le_prev");
343 if (pcp->pshm_hash.le_next == pcp)
344 panic("namecache purge le_next");
345 #endif /* DIAGNOSTIC */
346 LIST_REMOVE(pcp, pshm_hash);
347 pcp->pshm_hash.le_prev = 0;
348 pshmnument--;
349 }
350
351
352 int
353 shm_open(struct proc *p, struct shm_open_args *uap, register_t *retval)
354 {
355 struct fileproc *fp;
356 size_t i;
357 struct fileproc *nfp;
358 int indx, error;
359 struct pshmname nd;
360 struct pshminfo *pinfo;
361 char * pnbuf;
362 char * nameptr;
363 char * cp;
364 size_t pathlen, plen;
365 int fmode ;
366 int cmode = uap->mode;
367 int incache = 0;
368 struct pshmnode * pnode = PSHMNODE_NULL;
369 struct pshmcache * pcache = PSHMCACHE_NULL;
370 struct pshmcache *pcp;
371 int pinfo_alloc=0;
372
373 AUDIT_ARG(fflags, uap->oflag);
374 AUDIT_ARG(mode, uap->mode);
375
376 pinfo = PSHMINFO_NULL;
377
378 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
379 if (pnbuf == NULL) {
380 return(ENOSPC);
381 }
382
383 pathlen = MAXPATHLEN;
384 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
385 if (error) {
386 goto bad;
387 }
388 AUDIT_ARG(text, pnbuf);
389 if (pathlen > PSHMNAMLEN) {
390 error = ENAMETOOLONG;
391 goto bad;
392 }
393
394
395 #ifdef PSXSHM_NAME_RESTRICT
396 nameptr = pnbuf;
397 if (*nameptr == '/') {
398 while (*(nameptr++) == '/') {
399 plen--;
400 error = EINVAL;
401 goto bad;
402 }
403 } else {
404 error = EINVAL;
405 goto bad;
406 }
407 #endif /* PSXSHM_NAME_RESTRICT */
408
409 plen = pathlen;
410 nameptr = pnbuf;
411 nd.pshm_nameptr = nameptr;
412 nd.pshm_namelen = plen;
413 nd. pshm_hash =0;
414
415 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
416 nd.pshm_hash += (unsigned char)*cp * i;
417 }
418
419 #if KTRACE
420 if (KTRPOINT(p, KTR_NAMEI))
421 ktrnamei(p->p_tracep, nameptr);
422 #endif
423
424 PSHM_SUBSYS_LOCK();
425 error = pshm_cache_search(&pinfo, &nd, &pcache);
426
427 if (error == ENOENT) {
428 PSHM_SUBSYS_UNLOCK();
429 error = EINVAL;
430 goto bad;
431
432 }
433 if (!error) {
434 incache = 0;
435 } else
436 incache = 1;
437 fmode = FFLAGS(uap->oflag);
438 if ((fmode & (FREAD | FWRITE))==0) {
439 PSHM_SUBSYS_UNLOCK();
440 error = EINVAL;
441 goto bad;
442 }
443
444 /*
445 * XXXXXXXXXX TBD XXXXXXXXXX
446 * There is a race that existed with the funnels as well.
447 * Need to be fixed later
448 */
449 PSHM_SUBSYS_UNLOCK();
450 error = falloc(p, &nfp, &indx);
451 if (error )
452 goto bad;
453 PSHM_SUBSYS_LOCK();
454
455 fp = nfp;
456
457 cmode &= ALLPERMS;
458
459 if (fmode & O_CREAT) {
460 if ((fmode & O_EXCL) && incache) {
461 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
462 pinfo->pshm_gid, pinfo->pshm_mode);
463
464 /* shm obj exists and opened O_EXCL */
465 #if notyet
466 if (pinfo->pshm_flags & PSHM_INDELETE) {
467 }
468 #endif
469 error = EEXIST;
470 PSHM_SUBSYS_UNLOCK();
471 goto bad1;
472 }
473 if (!incache) {
474 PSHM_SUBSYS_UNLOCK();
475 /* create a new one */
476 MALLOC(pinfo, struct pshminfo *, sizeof(struct pshminfo), M_SHM, M_WAITOK|M_ZERO);
477 if (pinfo == NULL) {
478 error = ENOSPC;
479 goto bad1;
480 }
481 PSHM_SUBSYS_LOCK();
482 pinfo_alloc = 1;
483 pinfo->pshm_flags = PSHM_DEFINED | PSHM_INCREATE;
484 pinfo->pshm_usecount = 1; /* existence reference */
485 pinfo->pshm_mode = cmode;
486 pinfo->pshm_uid = kauth_cred_getuid(kauth_cred_get());
487 pinfo->pshm_gid = kauth_cred_get()->cr_gid;
488 bcopy(pnbuf, &pinfo->pshm_name[0], PSHMNAMLEN);
489 pinfo->pshm_name[PSHMNAMLEN]=0;
490 } else {
491 /* already exists */
492 if( pinfo->pshm_flags & PSHM_INDELETE) {
493 PSHM_SUBSYS_UNLOCK();
494 error = ENOENT;
495 goto bad1;
496 }
497 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
498 pinfo->pshm_gid, pinfo->pshm_mode);
499 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
500 PSHM_SUBSYS_UNLOCK();
501 goto bad1;
502 }
503 }
504 } else {
505 if (!incache) {
506 /* O_CREAT is not set and the shm obecj does not exist */
507 PSHM_SUBSYS_UNLOCK();
508 error = ENOENT;
509 goto bad1;
510 }
511 if( pinfo->pshm_flags & PSHM_INDELETE) {
512 PSHM_SUBSYS_UNLOCK();
513 error = ENOENT;
514 goto bad1;
515 }
516 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
517 PSHM_SUBSYS_UNLOCK();
518 goto bad1;
519 }
520 }
521 if (fmode & O_TRUNC) {
522 PSHM_SUBSYS_UNLOCK();
523 error = EINVAL;
524 goto bad2;
525 }
526 #if DIAGNOSTIC
527 if (fmode & FWRITE)
528 pinfo->pshm_writecount++;
529 if (fmode & FREAD)
530 pinfo->pshm_readcount++;
531 #endif
532 PSHM_SUBSYS_UNLOCK();
533 MALLOC(pnode, struct pshmnode *, sizeof(struct pshmnode), M_SHM, M_WAITOK|M_ZERO);
534 if (pnode == NULL) {
535 error = ENOSPC;
536 goto bad2;
537 }
538 if (!incache) {
539 /*
540 * We allocate a new entry if we are less than the maximum
541 * allowed and the one at the front of the LRU list is in use.
542 * Otherwise we use the one at the front of the LRU list.
543 */
544 MALLOC(pcp, struct pshmcache *, sizeof(struct pshmcache), M_SHM, M_WAITOK|M_ZERO);
545 if (pcp == NULL) {
546 error = ENOSPC;
547 goto bad2;
548 }
549
550 }
551 PSHM_SUBSYS_LOCK();
552
553 if (!incache) {
554 if ( (error = pshm_cache_add(pinfo, &nd, pcp)) ) {
555 PSHM_SUBSYS_UNLOCK();
556 FREE(pcp, M_SHM);
557 goto bad3;
558 }
559 }
560 pinfo->pshm_flags &= ~PSHM_INCREATE;
561 pinfo->pshm_usecount++; /* extra reference for the new fd */
562 pnode->pinfo = pinfo;
563
564 PSHM_SUBSYS_UNLOCK();
565 proc_fdlock(p);
566 fp->f_flag = fmode & FMASK;
567 fp->f_type = DTYPE_PSXSHM;
568 fp->f_ops = &pshmops;
569 fp->f_data = (caddr_t)pnode;
570 *fdflags(p, indx) &= ~UF_RESERVED;
571 fp_drop(p, indx, fp, 1);
572 proc_fdunlock(p);
573
574 *retval = indx;
575 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
576 return (0);
577 bad3:
578 FREE(pnode, M_SHM);
579
580 bad2:
581 if (pinfo_alloc)
582 FREE(pinfo, M_SHM);
583 bad1:
584 fp_free(p, indx, fp);
585 bad:
586 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
587 return (error);
588 }
589
590
591 int
592 pshm_truncate(__unused struct proc *p, struct fileproc *fp, __unused int fd,
593 off_t length, __unused register_t *retval)
594 {
595 struct pshminfo * pinfo;
596 struct pshmnode * pnode ;
597 kern_return_t kret;
598 mach_vm_offset_t user_addr;
599 mem_entry_name_port_t mem_object;
600 mach_vm_size_t size;
601
602 if (fp->f_type != DTYPE_PSXSHM) {
603 return(EINVAL);
604 }
605
606
607 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
608 return(EINVAL);
609
610 PSHM_SUBSYS_LOCK();
611 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
612 PSHM_SUBSYS_UNLOCK();
613 return(EINVAL);
614 }
615 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))
616 != PSHM_DEFINED) {
617 PSHM_SUBSYS_UNLOCK();
618 return(EINVAL);
619 }
620
621 PSHM_SUBSYS_UNLOCK();
622 size = round_page_64(length);
623 kret = mach_vm_allocate(current_map(), &user_addr, size, VM_FLAGS_ANYWHERE);
624 if (kret != KERN_SUCCESS)
625 goto out;
626
627 kret = mach_make_memory_entry_64 (current_map(), &size,
628 user_addr, VM_PROT_DEFAULT, &mem_object, 0);
629
630 if (kret != KERN_SUCCESS)
631 goto out;
632
633 mach_vm_deallocate(current_map(), user_addr, size);
634
635 PSHM_SUBSYS_LOCK();
636 pinfo->pshm_flags &= ~PSHM_DEFINED;
637 pinfo->pshm_flags = PSHM_ALLOCATED;
638 pinfo->pshm_memobject = (void *)mem_object;
639 pinfo->pshm_length = size;
640 PSHM_SUBSYS_UNLOCK();
641 return(0);
642
643 out:
644 switch (kret) {
645 case KERN_INVALID_ADDRESS:
646 case KERN_NO_SPACE:
647 return (ENOMEM);
648 case KERN_PROTECTION_FAILURE:
649 return (EACCES);
650 default:
651 return (EINVAL);
652
653 }
654 }
655
656 int
657 pshm_stat(struct pshmnode *pnode, struct stat *sb)
658 {
659 struct pshminfo *pinfo;
660
661 PSHM_SUBSYS_LOCK();
662 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL){
663 PSHM_SUBSYS_UNLOCK();
664 return(EINVAL);
665 }
666
667 bzero(sb, sizeof(struct stat));
668 sb->st_mode = pinfo->pshm_mode;
669 sb->st_uid = pinfo->pshm_uid;
670 sb->st_gid = pinfo->pshm_gid;
671 sb->st_size = pinfo->pshm_length;
672 PSHM_SUBSYS_UNLOCK();
673
674 return(0);
675 }
676
677 /*
678 * This is called only from shm_open which holds pshm_lock();
679 * XXX This code is repeated many times
680 */
681 int
682 pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, __unused struct proc *p)
683 {
684 mode_t mask;
685 int is_member;
686
687 /* Otherwise, user id 0 always gets access. */
688 if (!suser(cred, NULL))
689 return (0);
690
691 mask = 0;
692
693 /* Otherwise, check the owner. */
694 if (kauth_cred_getuid(cred) == pinfo->pshm_uid) {
695 if (mode & FREAD)
696 mask |= S_IRUSR;
697 if (mode & FWRITE)
698 mask |= S_IWUSR;
699 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
700 }
701
702 /* Otherwise, check the groups. */
703 if (kauth_cred_ismember_gid(cred, pinfo->pshm_gid, &is_member) == 0 && is_member) {
704 if (mode & FREAD)
705 mask |= S_IRGRP;
706 if (mode & FWRITE)
707 mask |= S_IWGRP;
708 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
709 }
710
711 /* Otherwise, check everyone else. */
712 if (mode & FREAD)
713 mask |= S_IROTH;
714 if (mode & FWRITE)
715 mask |= S_IWOTH;
716 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
717 }
718
719 int
720 pshm_mmap(struct proc *p, struct mmap_args *uap, user_addr_t *retval, struct fileproc *fp, off_t pageoff)
721 {
722 mach_vm_offset_t user_addr = (mach_vm_offset_t)uap->addr;
723 mach_vm_size_t user_size = (mach_vm_size_t)uap->len ;
724 int prot = uap->prot;
725 int flags = uap->flags;
726 vm_object_offset_t file_pos = (vm_object_offset_t)uap->pos;
727 int fd = uap->fd;
728 vm_map_t user_map;
729 int alloc_flags;
730 boolean_t docow;
731 kern_return_t kret;
732 struct pshminfo * pinfo;
733 struct pshmnode * pnode;
734 void * mem_object;
735
736 if (user_size == 0)
737 return(0);
738
739 if ((flags & MAP_SHARED) == 0)
740 return(EINVAL);
741
742
743 if ((prot & PROT_WRITE) && ((fp->f_flag & FWRITE) == 0)) {
744 return(EPERM);
745 }
746
747 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
748 return(EINVAL);
749
750 PSHM_SUBSYS_LOCK();
751 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
752 PSHM_SUBSYS_UNLOCK();
753 return(EINVAL);
754 }
755
756 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
757 PSHM_SUBSYS_UNLOCK();
758 return(EINVAL);
759 }
760 if ((off_t)user_size > pinfo->pshm_length) {
761 PSHM_SUBSYS_UNLOCK();
762 return(EINVAL);
763 }
764 if ((off_t)(user_size + file_pos) > pinfo->pshm_length) {
765 PSHM_SUBSYS_UNLOCK();
766 return(EINVAL);
767 }
768 if ((mem_object = pinfo->pshm_memobject) == NULL) {
769 PSHM_SUBSYS_UNLOCK();
770 return(EINVAL);
771 }
772
773
774 PSHM_SUBSYS_UNLOCK();
775 user_map = current_map();
776
777 if ((flags & MAP_FIXED) == 0) {
778 alloc_flags = VM_FLAGS_ANYWHERE;
779 user_addr = mach_vm_round_page(user_addr);
780 } else {
781 if (user_addr != mach_vm_trunc_page(user_addr))
782 return (EINVAL);
783 /*
784 * We do not get rid of the existing mappings here because
785 * it wouldn't be atomic (see comment in mmap()). We let
786 * Mach VM know that we want it to replace any existing
787 * mapping with the new one.
788 */
789 alloc_flags = VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE;
790 }
791 docow = FALSE;
792
793 kret = mach_vm_map(user_map, &user_addr, user_size,
794 0, alloc_flags, pinfo->pshm_memobject, file_pos, docow,
795 prot, VM_PROT_DEFAULT,
796 VM_INHERIT_SHARE);
797 if (kret != KERN_SUCCESS)
798 goto out;
799 /* LP64todo - this should be superfluous at this point */
800 kret = mach_vm_inherit(user_map, user_addr, user_size,
801 VM_INHERIT_SHARE);
802 if (kret != KERN_SUCCESS) {
803 (void) mach_vm_deallocate(user_map, user_addr, user_size);
804 goto out;
805 }
806 PSHM_SUBSYS_LOCK();
807 pnode->mapp_addr = user_addr;
808 pnode->map_size = user_size;
809 pinfo->pshm_flags |= (PSHM_MAPPED | PSHM_INUSE);
810 PSHM_SUBSYS_UNLOCK();
811 out:
812 switch (kret) {
813 case KERN_SUCCESS:
814 *retval = (user_addr + pageoff);
815 return (0);
816 case KERN_INVALID_ADDRESS:
817 case KERN_NO_SPACE:
818 return (ENOMEM);
819 case KERN_PROTECTION_FAILURE:
820 return (EACCES);
821 default:
822 return (EINVAL);
823 }
824
825 }
826
827 int
828 shm_unlink(__unused struct proc *p, struct shm_unlink_args *uap,
829 __unused register_t *retval)
830 {
831 size_t i;
832 int error=0;
833 struct pshmname nd;
834 struct pshminfo *pinfo;
835 char * pnbuf;
836 char * nameptr;
837 char * cp;
838 size_t pathlen, plen;
839 int incache = 0;
840 struct pshmcache *pcache = PSHMCACHE_NULL;
841
842 pinfo = PSHMINFO_NULL;
843
844 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
845 if (pnbuf == NULL) {
846 return(ENOSPC); /* XXX non-standard */
847 }
848 pathlen = MAXPATHLEN;
849 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
850 if (error) {
851 goto bad;
852 }
853 AUDIT_ARG(text, pnbuf);
854 if (pathlen > PSHMNAMLEN) {
855 error = ENAMETOOLONG;
856 goto bad;
857 }
858
859
860 #ifdef PSXSHM_NAME_RESTRICT
861 nameptr = pnbuf;
862 if (*nameptr == '/') {
863 while (*(nameptr++) == '/') {
864 plen--;
865 error = EINVAL;
866 goto bad;
867 }
868 } else {
869 error = EINVAL;
870 goto bad;
871 }
872 #endif /* PSXSHM_NAME_RESTRICT */
873
874 plen = pathlen;
875 nameptr = pnbuf;
876 nd.pshm_nameptr = nameptr;
877 nd.pshm_namelen = plen;
878 nd. pshm_hash =0;
879
880 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
881 nd.pshm_hash += (unsigned char)*cp * i;
882 }
883
884 PSHM_SUBSYS_LOCK();
885 error = pshm_cache_search(&pinfo, &nd, &pcache);
886
887 if (error == ENOENT) {
888 PSHM_SUBSYS_UNLOCK();
889 error = EINVAL;
890 goto bad;
891
892 }
893 if (!error) {
894 PSHM_SUBSYS_UNLOCK();
895 error = EINVAL;
896 goto bad;
897 } else
898 incache = 1;
899
900 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))==0) {
901 PSHM_SUBSYS_UNLOCK();
902 return (EINVAL);
903 }
904
905 if (pinfo->pshm_flags & PSHM_INDELETE) {
906 PSHM_SUBSYS_UNLOCK();
907 error = 0;
908 goto bad;
909 }
910
911 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid, pinfo->pshm_gid,
912 pinfo->pshm_mode);
913
914 /*
915 * JMM - How should permissions be checked?
916 */
917
918 pinfo->pshm_flags |= PSHM_INDELETE;
919 pshm_cache_delete(pcache);
920 pinfo->pshm_flags |= PSHM_REMOVED;
921 /* release the existence reference */
922 if (!--pinfo->pshm_usecount) {
923 PSHM_SUBSYS_UNLOCK();
924 /*
925 * If this is the last reference going away on the object,
926 * then we need to destroy the backing object. The name
927 * has an implied but uncounted reference on the object,
928 * once it's created, since it's used as a rendesvous, and
929 * therefore may be subsequently reopened.
930 */
931 if (pinfo->pshm_memobject != NULL)
932 mach_memory_entry_port_release(pinfo->pshm_memobject);
933 PSHM_SUBSYS_LOCK();
934 FREE(pinfo,M_SHM);
935 }
936 PSHM_SUBSYS_UNLOCK();
937 FREE(pcache, M_SHM);
938 error = 0;
939 bad:
940 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
941 return (error);
942 }
943
944 /* already called locked */
945 static int
946 pshm_close(struct pshmnode *pnode)
947 {
948 int error=0;
949 struct pshminfo *pinfo;
950
951 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL)
952 return(EINVAL);
953
954 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
955 return(EINVAL);
956 }
957 #if DIAGNOSTIC
958 if(!pinfo->pshm_usecount) {
959 kprintf("negative usecount in pshm_close\n");
960 }
961 #endif /* DIAGNOSTIC */
962 pinfo->pshm_usecount--; /* release this fd's reference */
963
964 if ((pinfo->pshm_flags & PSHM_REMOVED) && !pinfo->pshm_usecount) {
965 PSHM_SUBSYS_UNLOCK();
966 /*
967 * If this is the last reference going away on the object,
968 * then we need to destroy the backing object.
969 */
970 if (pinfo->pshm_memobject != NULL)
971 mach_memory_entry_port_release(pinfo->pshm_memobject);
972 PSHM_SUBSYS_LOCK();
973 FREE(pinfo,M_SHM);
974 }
975 FREE(pnode, M_SHM);
976 return (error);
977 }
978
979 /* struct proc passed to match prototype for struct fileops */
980 static int
981 pshm_closefile(struct fileglob *fg, __unused struct proc *p)
982 {
983 int error;
984
985 PSHM_SUBSYS_LOCK();
986 error = pshm_close(((struct pshmnode *)fg->fg_data));
987 PSHM_SUBSYS_UNLOCK();
988 return(error);
989 }
990
991 static int
992 pshm_read(__unused struct fileproc *fp, __unused struct uio *uio,
993 __unused kauth_cred_t cred, __unused int flags,
994 __unused struct proc *p)
995 {
996 return(ENOTSUP);
997 }
998
999 static int
1000 pshm_write(__unused struct fileproc *fp, __unused struct uio *uio,
1001 __unused kauth_cred_t cred, __unused int flags,
1002 __unused struct proc *p)
1003 {
1004 return(ENOTSUP);
1005 }
1006
1007 static int
1008 pshm_ioctl(__unused struct fileproc *fp, __unused u_long com,
1009 __unused caddr_t data, __unused struct proc *p)
1010 {
1011 return(ENOTSUP);
1012 }
1013
1014 static int
1015 pshm_select(__unused struct fileproc *fp, __unused int which, __unused void *wql,
1016 __unused struct proc *p)
1017 {
1018 return(ENOTSUP);
1019 }
1020
1021 static int
1022 pshm_kqfilter(__unused struct fileproc *fp, __unused struct knote *kn,
1023 __unused struct proc *p)
1024 {
1025 return(ENOTSUP);
1026 }
1027
1028 int
1029 fill_pshminfo(struct pshmnode * pshm, struct pshm_info * info)
1030 {
1031 struct pshminfo *pinfo;
1032 struct stat *sb;
1033
1034 PSHM_SUBSYS_LOCK();
1035 if ((pinfo = pshm->pinfo) == PSHMINFO_NULL){
1036 PSHM_SUBSYS_UNLOCK();
1037 return(EINVAL);
1038 }
1039
1040 sb = &info->pshm_stat;
1041
1042 bzero(sb, sizeof(struct stat));
1043 sb->st_mode = pinfo->pshm_mode;
1044 sb->st_uid = pinfo->pshm_uid;
1045 sb->st_gid = pinfo->pshm_gid;
1046 sb->st_size = pinfo->pshm_length;
1047
1048 info->pshm_mappaddr = pshm->mapp_addr;
1049 bcopy(&pinfo->pshm_name[0], &info->pshm_name[0], PSHMNAMLEN+1);
1050
1051 PSHM_SUBSYS_UNLOCK();
1052 return(0);
1053 }
1054
1055
mirror of XNU