]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/sysv_sem.c
projects / apple / xnu.git / blob
? search:


8c4c3d47c81e31f7188b664cf77211d9ae4e61f6
[apple/xnu.git] / bsd / kern / sysv_sem.c
1 /*
2 * Copyright (c) 2000-2003 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved.
7 *
8 * This file contains Original Code and/or Modifications of Original Code
9 * as defined in and that are subject to the Apple Public Source License
10 * Version 2.0 (the 'License'). You may not use this file except in
11 * compliance with the License. Please obtain a copy of the License at
12 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * file.
14 *
15 * The Original Code and all software distributed under the License are
16 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
17 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
18 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
20 * Please see the License for the specific language governing rights and
21 * limitations under the License.
22 *
23 * @APPLE_LICENSE_HEADER_END@
24 */
25 /*
26 * Implementation of SVID semaphores
27 *
28 * Author: Daniel Boulet
29 *
30 * This software is provided ``AS IS'' without any warranties of any kind.
31 */
32 /*
33 * John Bellardo modified the implementation for Darwin. 12/2000
34 */
35
36 #include <sys/param.h>
37 #include <sys/systm.h>
38 #include <sys/kernel.h>
39 #include <sys/proc.h>
40 #include <sys/sem.h>
41 #include <sys/malloc.h>
42 #include <mach/mach_types.h>
43
44 #include <sys/filedesc.h>
45 #include <sys/file.h>
46 #include <sys/kern_audit.h>
47 #include <sys/sysctl.h>
48
49 /*#include <sys/sysproto.h>*/
50 /*#include <sys/sysent.h>*/
51
52 /* Uncomment this line to see the debugging output */
53 /* #define SEM_DEBUG */
54
55 /* Macros to deal with the semaphore subsystem lock. The lock currently uses
56 * the semlock_holder static variable as a mutex. NULL means no lock, any
57 * value other than NULL means locked. semlock_holder is used because it was
58 * present in the code before the Darwin port, and for no other reason.
59 * When the time comes to relax the funnel requirements of the kernel only
60 * these macros should need to be changed. A spin lock would work well.
61 */
62 /* Aquire the lock */
63 #define SUBSYSTEM_LOCK_AQUIRE(p) { sysv_sem_aquiring_threads++; \
64 while (semlock_holder != NULL) \
65 (void) tsleep((caddr_t)&semlock_holder, (PZERO - 4), "sysvsem", 0); \
66 semlock_holder = p; \
67 sysv_sem_aquiring_threads--; }
68
69 /* Release the lock */
70 #define SUBSYSTEM_LOCK_RELEASE { semlock_holder = NULL; wakeup((caddr_t)&semlock_holder); }
71
72 /* Release the lock and return a value */
73 #define UNLOCK_AND_RETURN(ret) { SUBSYSTEM_LOCK_RELEASE; return(ret); }
74
75 #define M_SYSVSEM M_SUBPROC
76
77 #if 0
78 static void seminit __P((void *));
79 SYSINIT(sysv_sem, SI_SUB_SYSV_SEM, SI_ORDER_FIRST, seminit, NULL)
80 #endif 0
81
82 /* Hard system limits to avoid resource starvation / DOS attacks.
83 * These are not needed if we can make the semaphore pages swappable.
84 */
85 static struct seminfo limitseminfo = {
86 SEMMAP, /* # of entries in semaphore map */
87 SEMMNI, /* # of semaphore identifiers */
88 SEMMNS, /* # of semaphores in system */
89 SEMMNU, /* # of undo structures in system */
90 SEMMSL, /* max # of semaphores per id */
91 SEMOPM, /* max # of operations per semop call */
92 SEMUME, /* max # of undo entries per process */
93 SEMUSZ, /* size in bytes of undo structure */
94 SEMVMX, /* semaphore maximum value */
95 SEMAEM /* adjust on exit max value */
96 };
97
98 /* Current system allocations. We use this structure to track how many
99 * resources we have allocated so far. This way we can set large hard limits
100 * and not allocate the memory for them up front.
101 */
102 struct seminfo seminfo = {
103 SEMMAP, /* Unused, # of entries in semaphore map */
104 0, /* # of semaphore identifiers */
105 0, /* # of semaphores in system */
106 0, /* # of undo entries in system */
107 SEMMSL, /* max # of semaphores per id */
108 SEMOPM, /* max # of operations per semop call */
109 SEMUME, /* max # of undo entries per process */
110 SEMUSZ, /* size in bytes of undo structure */
111 SEMVMX, /* semaphore maximum value */
112 SEMAEM /* adjust on exit max value */
113 };
114
115 /* A counter so the module unload code knows when there are no more processes using
116 * the sysv_sem code */
117 static long sysv_sem_sleeping_threads = 0;
118 static long sysv_sem_aquiring_threads = 0;
119
120 struct semctl_args;
121 int semctl __P((struct proc *p, struct semctl_args *uap, int *));
122 struct semget_args;
123 int semget __P((struct proc *p, struct semget_args *uap, int *));
124 struct semop_args;
125 int semop __P((struct proc *p, struct semop_args *uap, int *));
126 struct semconfig_args;
127 int semconfig __P((struct proc *p, struct semconfig_args *uap, int *));
128
129
130 static struct sem_undo *semu_alloc __P((struct proc *p));
131 static int semundo_adjust __P((struct proc *p, struct sem_undo **supptr,
132 int semid, int semnum, int adjval));
133 static void semundo_clear __P((int semid, int semnum));
134
135 typedef int sy_call_t __P((struct proc *, void *, int *));
136
137 /* XXX casting to (sy_call_t *) is bogus, as usual. */
138 static sy_call_t *semcalls[] = {
139 (sy_call_t *)semctl, (sy_call_t *)semget,
140 (sy_call_t *)semop, (sy_call_t *)semconfig
141 };
142
143 static int semtot = 0; /* # of used semaphores */
144 struct semid_ds *sema = NULL; /* semaphore id pool */
145 struct sem *sem = NULL; /* semaphore pool */
146 static struct sem_undo *semu_list = NULL; /* list of active undo structures */
147 struct sem_undo *semu = NULL; /* semaphore undo pool */
148
149 static struct proc *semlock_holder = NULL;
150
151 /* seminit no longer needed. The data structures are grown dynamically */
152 void
153 seminit()
154 {
155 }
156
157 /*
158 * Entry point for all SEM calls
159 *
160 * In Darwin this is no longer the entry point. It will be removed after
161 * the code has been tested better.
162 */
163 struct semsys_args {
164 u_int which;
165 int a2;
166 int a3;
167 int a4;
168 int a5;
169 };
170 int
171 semsys(p, uap, retval)
172 struct proc *p;
173 /* XXX actually varargs. */
174 struct semsys_args *uap;
175 register_t *retval;
176 {
177
178 /* The individual calls handling the locking now */
179 /*while (semlock_holder != NULL && semlock_holder != p)
180 (void) tsleep((caddr_t)&semlock_holder, (PZERO - 4), "semsys", 0);
181 */
182
183 if (uap->which >= sizeof(semcalls)/sizeof(semcalls[0]))
184 return (EINVAL);
185 return ((*semcalls[uap->which])(p, &uap->a2, retval));
186 }
187
188 /*
189 * Lock or unlock the entire semaphore facility.
190 *
191 * This will probably eventually evolve into a general purpose semaphore
192 * facility status enquiry mechanism (I don't like the "read /dev/kmem"
193 * approach currently taken by ipcs and the amount of info that we want
194 * to be able to extract for ipcs is probably beyond what the capability
195 * of the getkerninfo facility.
196 *
197 * At the time that the current version of semconfig was written, ipcs is
198 * the only user of the semconfig facility. It uses it to ensure that the
199 * semaphore facility data structures remain static while it fishes around
200 * in /dev/kmem.
201 */
202
203 #ifndef _SYS_SYSPROTO_H_
204 struct semconfig_args {
205 semconfig_ctl_t flag;
206 };
207 #endif
208
209 int
210 semconfig(p, uap, retval)
211 struct proc *p;
212 struct semconfig_args *uap;
213 register_t *retval;
214 {
215 int eval = 0;
216
217 switch (uap->flag) {
218 case SEM_CONFIG_FREEZE:
219 SUBSYSTEM_LOCK_AQUIRE(p);
220 break;
221
222 case SEM_CONFIG_THAW:
223 SUBSYSTEM_LOCK_RELEASE;
224 break;
225
226 default:
227 printf("semconfig: unknown flag parameter value (%d) - ignored\n",
228 uap->flag);
229 eval = EINVAL;
230 break;
231 }
232
233 *retval = 0;
234 return(eval);
235 }
236
237 /* Expand the semu array to the given capacity. If the expansion fails
238 * return 0, otherwise return 1.
239 *
240 * Assumes we already have the subsystem lock.
241 */
242 static int
243 grow_semu_array(newSize)
244 int newSize;
245 {
246 register int i, j;
247 register struct sem_undo *newSemu;
248 if (newSize <= seminfo.semmnu)
249 return 0;
250 if (newSize > limitseminfo.semmnu) /* enforce hard limit */
251 {
252 #ifdef SEM_DEBUG
253 printf("undo structure hard limit of %d reached, requested %d\n",
254 limitseminfo.semmnu, newSize);
255 #endif
256 return 0;
257 }
258 newSize = (newSize/SEMMNU_INC + 1) * SEMMNU_INC;
259 newSize = newSize > limitseminfo.semmnu ? limitseminfo.semmnu : newSize;
260
261 #ifdef SEM_DEBUG
262 printf("growing semu[] from %d to %d\n", seminfo.semmnu, newSize);
263 #endif
264 MALLOC(newSemu, struct sem_undo*, sizeof(struct sem_undo)*newSize,
265 M_SYSVSEM, M_WAITOK);
266 if (NULL == newSemu)
267 {
268 #ifdef SEM_DEBUG
269 printf("allocation failed. no changes made.\n");
270 #endif
271 return 0;
272 }
273
274 /* Initialize our structure. */
275 for (i = 0; i < seminfo.semmnu; i++)
276 {
277 newSemu[i] = semu[i];
278 for(j = 0; j < SEMUME; j++) /* Is this really needed? */
279 newSemu[i].un_ent[j] = semu[i].un_ent[j];
280 }
281 for (i = seminfo.semmnu; i < newSize; i++)
282 {
283 newSemu[i].un_proc = NULL;
284 }
285
286 /* Clean up the old array */
287 if (semu)
288 FREE(semu, M_SYSVSEM);
289
290 semu = newSemu;
291 seminfo.semmnu = newSize;
292 #ifdef SEM_DEBUG
293 printf("expansion successful\n");
294 #endif
295 return 1;
296 }
297
298 /*
299 * Expand the sema array to the given capacity. If the expansion fails
300 * we return 0, otherwise we return 1.
301 *
302 * Assumes we already have the subsystem lock.
303 */
304 static int
305 grow_sema_array(newSize)
306 int newSize;
307 {
308 register struct semid_ds *newSema;
309 register int i;
310
311 if (newSize <= seminfo.semmni)
312 return 0;
313 if (newSize > limitseminfo.semmni) /* enforce hard limit */
314 {
315 #ifdef SEM_DEBUG
316 printf("identifier hard limit of %d reached, requested %d\n",
317 limitseminfo.semmni, newSize);
318 #endif
319 return 0;
320 }
321 newSize = (newSize/SEMMNI_INC + 1) * SEMMNI_INC;
322 newSize = newSize > limitseminfo.semmni ? limitseminfo.semmni : newSize;
323
324 #ifdef SEM_DEBUG
325 printf("growing sema[] from %d to %d\n", seminfo.semmni, newSize);
326 #endif
327 MALLOC(newSema, struct semid_ds*, sizeof(struct semid_ds)*newSize,
328 M_SYSVSEM, M_WAITOK);
329 if (NULL == newSema)
330 {
331 #ifdef SEM_DEBUG
332 printf("allocation failed. no changes made.\n");
333 #endif
334 return 0;
335 }
336
337 /* Initialize our new ids, and copy over the old ones */
338 for (i = 0; i < seminfo.semmni; i++)
339 {
340 newSema[i] = sema[i];
341 /* This is a hack. What we really want to be able to
342 * do is change the value a process is waiting on
343 * without waking it up, but I don't know how to do
344 * this with the existing code, so we wake up the
345 * process and let it do a lot of work to determine the
346 * semaphore set is really not available yet, and then
347 * sleep on the correct, reallocated semid_ds pointer.
348 */
349 if (sema[i].sem_perm.mode & SEM_ALLOC)
350 wakeup((caddr_t)&sema[i]);
351 }
352
353 for (i = seminfo.semmni; i < newSize; i++)
354 {
355 newSema[i].sem_base = 0;
356 newSema[i].sem_perm.mode = 0;
357 }
358
359 /* Clean up the old array */
360 if (sema)
361 FREE(sema, M_SYSVSEM);
362
363 sema = newSema;
364 seminfo.semmni = newSize;
365 #ifdef SEM_DEBUG
366 printf("expansion successful\n");
367 #endif
368 return 1;
369 }
370
371 /*
372 * Expand the sem array to the given capacity. If the expansion fails
373 * we return 0 (fail), otherwise we return 1 (success).
374 *
375 * Assumes we already hold the subsystem lock.
376 */
377 static int
378 grow_sem_array(newSize)
379 int newSize;
380 {
381 register struct sem *newSem = NULL;
382 register int i;
383
384 if (newSize < semtot)
385 return 0;
386 if (newSize > limitseminfo.semmns) /* enforce hard limit */
387 {
388 #ifdef SEM_DEBUG
389 printf("semaphore hard limit of %d reached, requested %d\n",
390 limitseminfo.semmns, newSize);
391 #endif
392 return 0;
393 }
394 newSize = (newSize/SEMMNS_INC + 1) * SEMMNS_INC;
395 newSize = newSize > limitseminfo.semmns ? limitseminfo.semmns : newSize;
396
397 #ifdef SEM_DEBUG
398 printf("growing sem array from %d to %d\n", seminfo.semmns, newSize);
399 #endif
400 MALLOC(newSem, struct sem*, sizeof(struct sem)*newSize,
401 M_SYSVSEM, M_WAITOK);
402 if (NULL == newSem)
403 {
404 #ifdef SEM_DEBUG
405 printf("allocation failed. no changes made.\n");
406 #endif
407 return 0;
408 }
409
410 /* We have our new memory, now copy the old contents over */
411 if (sem)
412 for(i = 0; i < seminfo.semmns; i++)
413 newSem[i] = sem[i];
414
415 /* Update our id structures to point to the new semaphores */
416 for(i = 0; i < seminfo.semmni; i++)
417 if (sema[i].sem_perm.mode & SEM_ALLOC) /* ID in use */
418 {
419 if (newSem > sem)
420 sema[i].sem_base += newSem - sem;
421 else
422 sema[i].sem_base -= sem - newSem;
423 }
424
425 /* clean up the old array */
426 if (sem)
427 FREE(sem, M_SYSVSEM);
428
429 sem = newSem;
430 seminfo.semmns = newSize;
431 #ifdef SEM_DEBUG
432 printf("expansion complete\n");
433 #endif
434 return 1;
435 }
436
437 /*
438 * Allocate a new sem_undo structure for a process
439 * (returns ptr to structure or NULL if no more room)
440 *
441 * Assumes we already hold the subsystem lock.
442 */
443
444 static struct sem_undo *
445 semu_alloc(p)
446 struct proc *p;
447 {
448 register int i;
449 register struct sem_undo *suptr;
450 register struct sem_undo **supptr;
451 int attempt;
452
453 /*
454 * Try twice to allocate something.
455 * (we'll purge any empty structures after the first pass so
456 * two passes are always enough)
457 */
458
459 for (attempt = 0; attempt < 2; attempt++) {
460 /*
461 * Look for a free structure.
462 * Fill it in and return it if we find one.
463 */
464
465 for (i = 0; i < seminfo.semmnu; i++) {
466 suptr = SEMU(i);
467 if (suptr->un_proc == NULL) {
468 suptr->un_next = semu_list;
469 semu_list = suptr;
470 suptr->un_cnt = 0;
471 suptr->un_proc = p;
472 return(suptr);
473 }
474 }
475
476 /*
477 * We didn't find a free one, if this is the first attempt
478 * then try to free some structures.
479 */
480
481 if (attempt == 0) {
482 /* All the structures are in use - try to free some */
483 int did_something = 0;
484
485 supptr = &semu_list;
486 while ((suptr = *supptr) != NULL) {
487 if (suptr->un_cnt == 0) {
488 suptr->un_proc = NULL;
489 *supptr = suptr->un_next;
490 did_something = 1;
491 } else
492 supptr = &(suptr->un_next);
493 }
494
495 /* If we didn't free anything. Try expanding
496 * the semu[] array. If that doesn't work
497 * then fail. We expand last to get the
498 * most reuse out of existing resources.
499 */
500 if (!did_something)
501 if (!grow_semu_array(seminfo.semmnu + 1))
502 return(NULL);
503 } else {
504 /*
505 * The second pass failed even though we freed
506 * something after the first pass!
507 * This is IMPOSSIBLE!
508 */
509 panic("semu_alloc - second attempt failed");
510 }
511 }
512 return (NULL);
513 }
514
515 /*
516 * Adjust a particular entry for a particular proc
517 *
518 * Assumes we already hold the subsystem lock.
519 */
520
521 static int
522 semundo_adjust(p, supptr, semid, semnum, adjval)
523 register struct proc *p;
524 struct sem_undo **supptr;
525 int semid, semnum;
526 int adjval;
527 {
528 register struct sem_undo *suptr;
529 register struct undo *sunptr;
530 int i;
531
532 /* Look for and remember the sem_undo if the caller doesn't provide
533 it */
534
535 suptr = *supptr;
536 if (suptr == NULL) {
537 for (suptr = semu_list; suptr != NULL;
538 suptr = suptr->un_next) {
539 if (suptr->un_proc == p) {
540 *supptr = suptr;
541 break;
542 }
543 }
544 if (suptr == NULL) {
545 if (adjval == 0)
546 return(0);
547 suptr = semu_alloc(p);
548 if (suptr == NULL)
549 return(ENOSPC);
550 *supptr = suptr;
551 }
552 }
553
554 /*
555 * Look for the requested entry and adjust it (delete if adjval becomes
556 * 0).
557 */
558 sunptr = &suptr->un_ent[0];
559 for (i = 0; i < suptr->un_cnt; i++, sunptr++) {
560 if (sunptr->un_id != semid || sunptr->un_num != semnum)
561 continue;
562 if (adjval == 0)
563 sunptr->un_adjval = 0;
564 else
565 sunptr->un_adjval += adjval;
566 if (sunptr->un_adjval == 0) {
567 suptr->un_cnt--;
568 if (i < suptr->un_cnt)
569 suptr->un_ent[i] =
570 suptr->un_ent[suptr->un_cnt];
571 }
572 return(0);
573 }
574
575 /* Didn't find the right entry - create it */
576 if (adjval == 0)
577 return(0);
578 if (suptr->un_cnt != limitseminfo.semume) {
579 sunptr = &suptr->un_ent[suptr->un_cnt];
580 suptr->un_cnt++;
581 sunptr->un_adjval = adjval;
582 sunptr->un_id = semid; sunptr->un_num = semnum;
583 } else
584 return(EINVAL);
585 return(0);
586 }
587
588 /* Assumes we already hold the subsystem lock.
589 */
590 static void
591 semundo_clear(semid, semnum)
592 int semid, semnum;
593 {
594 register struct sem_undo *suptr;
595
596 for (suptr = semu_list; suptr != NULL; suptr = suptr->un_next) {
597 register struct undo *sunptr = &suptr->un_ent[0];
598 register int i = 0;
599
600 while (i < suptr->un_cnt) {
601 if (sunptr->un_id == semid) {
602 if (semnum == -1 || sunptr->un_num == semnum) {
603 suptr->un_cnt--;
604 if (i < suptr->un_cnt) {
605 suptr->un_ent[i] =
606 suptr->un_ent[suptr->un_cnt];
607 continue;
608 }
609 }
610 if (semnum != -1)
611 break;
612 }
613 i++, sunptr++;
614 }
615 }
616 }
617
618 /*
619 * Note that the user-mode half of this passes a union, not a pointer
620 */
621 #ifndef _SYS_SYSPROTO_H_
622 struct semctl_args {
623 int semid;
624 int semnum;
625 int cmd;
626 union semun arg;
627 };
628 #endif
629
630 int
631 semctl(p, uap, retval)
632 struct proc *p;
633 register struct semctl_args *uap;
634 register_t *retval;
635 {
636 int semid = uap->semid;
637 int semnum = uap->semnum;
638 int cmd = uap->cmd;
639 union semun arg = uap->arg;
640 union semun real_arg;
641 struct ucred *cred = p->p_ucred;
642 int i, rval, eval;
643 struct semid_ds sbuf;
644 register struct semid_ds *semaptr;
645
646 AUDIT_ARG(svipc_cmd, cmd);
647 AUDIT_ARG(svipc_id, semid);
648 SUBSYSTEM_LOCK_AQUIRE(p);
649 #ifdef SEM_DEBUG
650 printf("call to semctl(%d, %d, %d, 0x%x)\n", semid, semnum, cmd, arg);
651 #endif
652
653 semid = IPCID_TO_IX(semid);
654 if (semid < 0 || semid >= seminfo.semmni)
655 {
656 #ifdef SEM_DEBUG
657 printf("Invalid semid\n");
658 #endif
659 UNLOCK_AND_RETURN(EINVAL);
660 }
661
662 semaptr = &sema[semid];
663 if ((semaptr->sem_perm.mode & SEM_ALLOC) == 0 ||
664 semaptr->sem_perm.seq != IPCID_TO_SEQ(uap->semid))
665 UNLOCK_AND_RETURN(EINVAL);
666
667 eval = 0;
668 rval = 0;
669
670 switch (cmd) {
671 case IPC_RMID:
672 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_M)))
673 UNLOCK_AND_RETURN(eval);
674 semaptr->sem_perm.cuid = cred->cr_uid;
675 semaptr->sem_perm.uid = cred->cr_uid;
676 semtot -= semaptr->sem_nsems;
677 for (i = semaptr->sem_base - sem; i < semtot; i++)
678 sem[i] = sem[i + semaptr->sem_nsems];
679 for (i = 0; i < seminfo.semmni; i++) {
680 if ((sema[i].sem_perm.mode & SEM_ALLOC) &&
681 sema[i].sem_base > semaptr->sem_base)
682 sema[i].sem_base -= semaptr->sem_nsems;
683 }
684 semaptr->sem_perm.mode = 0;
685 semundo_clear(semid, -1);
686 wakeup((caddr_t)semaptr);
687 break;
688
689 case IPC_SET:
690 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_M)))
691 UNLOCK_AND_RETURN(eval);
692 /*if ((eval = copyin(arg, &real_arg, sizeof(real_arg))) != 0)
693 UNLOCK_AND_RETURN(eval);*/
694 if ((eval = copyin(arg.buf, (caddr_t)&sbuf,
695 sizeof(sbuf))) != 0)
696 UNLOCK_AND_RETURN(eval);
697 semaptr->sem_perm.uid = sbuf.sem_perm.uid;
698 semaptr->sem_perm.gid = sbuf.sem_perm.gid;
699 semaptr->sem_perm.mode = (semaptr->sem_perm.mode & ~0777) |
700 (sbuf.sem_perm.mode & 0777);
701 semaptr->sem_ctime = time_second;
702 break;
703
704 case IPC_STAT:
705 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
706 UNLOCK_AND_RETURN(eval);
707 /*if ((eval = copyin(arg, &real_arg, sizeof(real_arg))) != 0)
708 UNLOCK_AND_RETURN(eval);*/
709 eval = copyout((caddr_t)semaptr, arg.buf,
710 sizeof(struct semid_ds));
711 break;
712
713 case GETNCNT:
714 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
715 UNLOCK_AND_RETURN(eval);
716 if (semnum < 0 || semnum >= semaptr->sem_nsems)
717 UNLOCK_AND_RETURN(EINVAL);
718 rval = semaptr->sem_base[semnum].semncnt;
719 break;
720
721 case GETPID:
722 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
723 UNLOCK_AND_RETURN(eval);
724 if (semnum < 0 || semnum >= semaptr->sem_nsems)
725 UNLOCK_AND_RETURN(EINVAL);
726 rval = semaptr->sem_base[semnum].sempid;
727 break;
728
729 case GETVAL:
730 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
731 UNLOCK_AND_RETURN(eval);
732 if (semnum < 0 || semnum >= semaptr->sem_nsems)
733 UNLOCK_AND_RETURN(EINVAL);
734 rval = semaptr->sem_base[semnum].semval;
735 break;
736
737 case GETALL:
738 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
739 UNLOCK_AND_RETURN(eval);
740 /*if ((eval = copyin(arg, &real_arg, sizeof(real_arg))) != 0)
741 UNLOCK_AND_RETURN(eval);*/
742 for (i = 0; i < semaptr->sem_nsems; i++) {
743 eval = copyout((caddr_t)&semaptr->sem_base[i].semval,
744 &arg.array[i], sizeof(arg.array[0]));
745 if (eval != 0)
746 break;
747 }
748 break;
749
750 case GETZCNT:
751 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
752 UNLOCK_AND_RETURN(eval);
753 if (semnum < 0 || semnum >= semaptr->sem_nsems)
754 UNLOCK_AND_RETURN(EINVAL);
755 rval = semaptr->sem_base[semnum].semzcnt;
756 break;
757
758 case SETVAL:
759 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_W)))
760 {
761 #ifdef SEM_DEBUG
762 printf("Invalid credentials for write\n");
763 #endif
764 UNLOCK_AND_RETURN(eval);
765 }
766 if (semnum < 0 || semnum >= semaptr->sem_nsems)
767 {
768 #ifdef SEM_DEBUG
769 printf("Invalid number out of range for set\n");
770 #endif
771 UNLOCK_AND_RETURN(EINVAL);
772 }
773 /*if ((eval = copyin(arg, &real_arg, sizeof(real_arg))) != 0)
774 {
775 #ifdef SEM_DEBUG
776 printf("Error during value copyin\n");
777 #endif
778 UNLOCK_AND_RETURN(eval);
779 }*/
780 semaptr->sem_base[semnum].semval = arg.val;
781 semundo_clear(semid, semnum);
782 wakeup((caddr_t)semaptr);
783 break;
784
785 case SETALL:
786 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_W)))
787 UNLOCK_AND_RETURN(eval);
788 /*if ((eval = copyin(arg, &real_arg, sizeof(real_arg))) != 0)
789 UNLOCK_AND_RETURN(eval);*/
790 for (i = 0; i < semaptr->sem_nsems; i++) {
791 eval = copyin(&arg.array[i],
792 (caddr_t)&semaptr->sem_base[i].semval,
793 sizeof(arg.array[0]));
794 if (eval != 0)
795 break;
796 }
797 semundo_clear(semid, -1);
798 wakeup((caddr_t)semaptr);
799 break;
800
801 default:
802 UNLOCK_AND_RETURN(EINVAL);
803 }
804
805 if (eval == 0)
806 *retval = rval;
807 UNLOCK_AND_RETURN(eval);
808 }
809
810 #ifndef _SYS_SYSPROTO_H_
811 struct semget_args {
812 key_t key;
813 int nsems;
814 int semflg;
815 };
816 #endif
817
818 int
819 semget(p, uap, retval)
820 struct proc *p;
821 register struct semget_args *uap;
822 register_t *retval;
823 {
824 int semid, eval;
825 int key = uap->key;
826 int nsems = uap->nsems;
827 int semflg = uap->semflg;
828 struct ucred *cred = p->p_ucred;
829
830 SUBSYSTEM_LOCK_AQUIRE(p);
831 #ifdef SEM_DEBUG
832 if (key != IPC_PRIVATE)
833 printf("semget(0x%x, %d, 0%o)\n", key, nsems, semflg);
834 else
835 printf("semget(IPC_PRIVATE, %d, 0%o)\n", nsems, semflg);
836 #endif
837
838 if (key != IPC_PRIVATE) {
839 for (semid = 0; semid < seminfo.semmni; semid++) {
840 if ((sema[semid].sem_perm.mode & SEM_ALLOC) &&
841 sema[semid].sem_perm.key == key)
842 break;
843 }
844 if (semid < seminfo.semmni) {
845 #ifdef SEM_DEBUG
846 printf("found public key\n");
847 #endif
848 if ((eval = ipcperm(cred, &sema[semid].sem_perm,
849 semflg & 0700)))
850 UNLOCK_AND_RETURN(eval);
851 if (nsems > 0 && sema[semid].sem_nsems < nsems) {
852 #ifdef SEM_DEBUG
853 printf("too small\n");
854 #endif
855 UNLOCK_AND_RETURN(EINVAL);
856 }
857 if ((semflg & IPC_CREAT) && (semflg & IPC_EXCL)) {
858 #ifdef SEM_DEBUG
859 printf("not exclusive\n");
860 #endif
861 UNLOCK_AND_RETURN(EEXIST);
862 }
863 goto found;
864 }
865 }
866
867 #ifdef SEM_DEBUG
868 printf("need to allocate an id for the request\n");
869 #endif
870 if (key == IPC_PRIVATE || (semflg & IPC_CREAT)) {
871 if (nsems <= 0 || nsems > limitseminfo.semmsl) {
872 #ifdef SEM_DEBUG
873 printf("nsems out of range (0<%d<=%d)\n", nsems,
874 seminfo.semmsl);
875 #endif
876 UNLOCK_AND_RETURN(EINVAL);
877 }
878 if (nsems > seminfo.semmns - semtot) {
879 #ifdef SEM_DEBUG
880 printf("not enough semaphores left (need %d, got %d)\n",
881 nsems, seminfo.semmns - semtot);
882 #endif
883 if (!grow_sem_array(semtot + nsems))
884 {
885 #ifdef SEM_DEBUG
886 printf("failed to grow the sem array\n");
887 #endif
888 UNLOCK_AND_RETURN(ENOSPC);
889 }
890 }
891 for (semid = 0; semid < seminfo.semmni; semid++) {
892 if ((sema[semid].sem_perm.mode & SEM_ALLOC) == 0)
893 break;
894 }
895 if (semid == seminfo.semmni) {
896 #ifdef SEM_DEBUG
897 printf("no more id's available\n");
898 #endif
899 if (!grow_sema_array(seminfo.semmni + 1))
900 {
901 #ifdef SEM_DEBUG
902 printf("failed to grow sema array\n");
903 #endif
904 UNLOCK_AND_RETURN(ENOSPC);
905 }
906 }
907 #ifdef SEM_DEBUG
908 printf("semid %d is available\n", semid);
909 #endif
910 sema[semid].sem_perm.key = key;
911 sema[semid].sem_perm.cuid = cred->cr_uid;
912 sema[semid].sem_perm.uid = cred->cr_uid;
913 sema[semid].sem_perm.cgid = cred->cr_gid;
914 sema[semid].sem_perm.gid = cred->cr_gid;
915 sema[semid].sem_perm.mode = (semflg & 0777) | SEM_ALLOC;
916 sema[semid].sem_perm.seq =
917 (sema[semid].sem_perm.seq + 1) & 0x7fff;
918 sema[semid].sem_nsems = nsems;
919 sema[semid].sem_otime = 0;
920 sema[semid].sem_ctime = time_second;
921 sema[semid].sem_base = &sem[semtot];
922 semtot += nsems;
923 bzero(sema[semid].sem_base,
924 sizeof(sema[semid].sem_base[0])*nsems);
925 #ifdef SEM_DEBUG
926 printf("sembase = 0x%x, next = 0x%x\n", sema[semid].sem_base,
927 &sem[semtot]);
928 #endif
929 } else {
930 #ifdef SEM_DEBUG
931 printf("didn't find it and wasn't asked to create it\n");
932 #endif
933 UNLOCK_AND_RETURN(ENOENT);
934 }
935
936 found:
937 *retval = IXSEQ_TO_IPCID(semid, sema[semid].sem_perm);
938 AUDIT_ARG(svipc_id, *retval);
939 #ifdef SEM_DEBUG
940 printf("semget is done, returning %d\n", *retval);
941 #endif
942 SUBSYSTEM_LOCK_RELEASE;
943 return(0);
944 }
945
946 #ifndef _SYS_SYSPROTO_H_
947 struct semop_args {
948 int semid;
949 struct sembuf *sops;
950 int nsops;
951 };
952 #endif
953
954 int
955 semop(p, uap, retval)
956 struct proc *p;
957 register struct semop_args *uap;
958 register_t *retval;
959 {
960 int semid = uap->semid;
961 int nsops = uap->nsops;
962 struct sembuf sops[MAX_SOPS];
963 register struct semid_ds *semaptr;
964 register struct sembuf *sopptr;
965 register struct sem *semptr;
966 struct sem_undo *suptr = NULL;
967 struct ucred *cred = p->p_ucred;
968 int i, j, eval;
969 int do_wakeup, do_undos;
970
971 AUDIT_ARG(svipc_id, uap->semid);
972 SUBSYSTEM_LOCK_AQUIRE(p);
973 #ifdef SEM_DEBUG
974 printf("call to semop(%d, 0x%x, %d)\n", semid, sops, nsops);
975 #endif
976
977 semid = IPCID_TO_IX(semid); /* Convert back to zero origin */
978
979 if (semid < 0 || semid >= seminfo.semmni)
980 UNLOCK_AND_RETURN(EINVAL);
981
982 semaptr = &sema[semid];
983 if ((semaptr->sem_perm.mode & SEM_ALLOC) == 0)
984 UNLOCK_AND_RETURN(EINVAL);
985 if (semaptr->sem_perm.seq != IPCID_TO_SEQ(uap->semid))
986 UNLOCK_AND_RETURN(EINVAL);
987
988 if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_W))) {
989 #ifdef SEM_DEBUG
990 printf("eval = %d from ipaccess\n", eval);
991 #endif
992 UNLOCK_AND_RETURN(eval);
993 }
994
995 if (nsops > MAX_SOPS) {
996 #ifdef SEM_DEBUG
997 printf("too many sops (max=%d, nsops=%d)\n", MAX_SOPS, nsops);
998 #endif
999 UNLOCK_AND_RETURN(E2BIG);
1000 }
1001
1002 if ((eval = copyin(uap->sops, &sops, nsops * sizeof(sops[0]))) != 0) {
1003 #ifdef SEM_DEBUG
1004 printf("eval = %d from copyin(%08x, %08x, %ld)\n", eval,
1005 uap->sops, &sops, nsops * sizeof(sops[0]));
1006 #endif
1007 UNLOCK_AND_RETURN(eval);
1008 }
1009
1010 /*
1011 * Loop trying to satisfy the vector of requests.
1012 * If we reach a point where we must wait, any requests already
1013 * performed are rolled back and we go to sleep until some other
1014 * process wakes us up. At this point, we start all over again.
1015 *
1016 * This ensures that from the perspective of other tasks, a set
1017 * of requests is atomic (never partially satisfied).
1018 */
1019 do_undos = 0;
1020
1021 for (;;) {
1022 do_wakeup = 0;
1023
1024 for (i = 0; i < nsops; i++) {
1025 sopptr = &sops[i];
1026
1027 if (sopptr->sem_num >= semaptr->sem_nsems)
1028 UNLOCK_AND_RETURN(EFBIG);
1029
1030 semptr = &semaptr->sem_base[sopptr->sem_num];
1031
1032 #ifdef SEM_DEBUG
1033 printf("semop: semaptr=%x, sem_base=%x, semptr=%x, sem[%d]=%d : op=%d, flag=%s\n",
1034 semaptr, semaptr->sem_base, semptr,
1035 sopptr->sem_num, semptr->semval, sopptr->sem_op,
1036 (sopptr->sem_flg & IPC_NOWAIT) ? "nowait" : "wait");
1037 #endif
1038
1039 if (sopptr->sem_op < 0) {
1040 if (semptr->semval + sopptr->sem_op < 0) {
1041 #ifdef SEM_DEBUG
1042 printf("semop: can't do it now\n");
1043 #endif
1044 break;
1045 } else {
1046 semptr->semval += sopptr->sem_op;
1047 if (semptr->semval == 0 &&
1048 semptr->semzcnt > 0)
1049 do_wakeup = 1;
1050 }
1051 if (sopptr->sem_flg & SEM_UNDO)
1052 do_undos = 1;
1053 } else if (sopptr->sem_op == 0) {
1054 if (semptr->semval > 0) {
1055 #ifdef SEM_DEBUG
1056 printf("semop: not zero now\n");
1057 #endif
1058 break;
1059 }
1060 } else {
1061 if (semptr->semncnt > 0)
1062 do_wakeup = 1;
1063 semptr->semval += sopptr->sem_op;
1064 if (sopptr->sem_flg & SEM_UNDO)
1065 do_undos = 1;
1066 }
1067 }
1068
1069 /*
1070 * Did we get through the entire vector?
1071 */
1072 if (i >= nsops)
1073 goto done;
1074
1075 /*
1076 * No ... rollback anything that we've already done
1077 */
1078 #ifdef SEM_DEBUG
1079 printf("semop: rollback 0 through %d\n", i-1);
1080 #endif
1081 for (j = 0; j < i; j++)
1082 semaptr->sem_base[sops[j].sem_num].semval -=
1083 sops[j].sem_op;
1084
1085 /*
1086 * If the request that we couldn't satisfy has the
1087 * NOWAIT flag set then return with EAGAIN.
1088 */
1089 if (sopptr->sem_flg & IPC_NOWAIT)
1090 UNLOCK_AND_RETURN(EAGAIN);
1091
1092 if (sopptr->sem_op == 0)
1093 semptr->semzcnt++;
1094 else
1095 semptr->semncnt++;
1096
1097 #ifdef SEM_DEBUG
1098 printf("semop: good night!\n");
1099 #endif
1100 /* Release our lock on the semaphore subsystem so
1101 * another thread can get at the semaphore we are
1102 * waiting for. We will get the lock back after we
1103 * wake up.
1104 */
1105 SUBSYSTEM_LOCK_RELEASE;
1106 sysv_sem_sleeping_threads++;
1107 eval = tsleep((caddr_t)semaptr, (PZERO - 4) | PCATCH,
1108 "semwait", 0);
1109 sysv_sem_sleeping_threads--;
1110
1111 #ifdef SEM_DEBUG
1112 printf("semop: good morning (eval=%d)!\n", eval);
1113 #endif
1114 /* There is no need to get the lock if we are just
1115 * going to return without performing more semaphore
1116 * operations.
1117 */
1118 if (eval != 0)
1119 return(EINTR);
1120
1121 SUBSYSTEM_LOCK_AQUIRE(p); /* Get it back */
1122 suptr = NULL; /* sem_undo may have been reallocated */
1123 semaptr = &sema[semid]; /* sema may have been reallocated */
1124
1125
1126 #ifdef SEM_DEBUG
1127 printf("semop: good morning!\n");
1128 #endif
1129
1130 /*
1131 * Make sure that the semaphore still exists
1132 */
1133 if ((semaptr->sem_perm.mode & SEM_ALLOC) == 0 ||
1134 semaptr->sem_perm.seq != IPCID_TO_SEQ(uap->semid)) {
1135 /* The man page says to return EIDRM. */
1136 /* Unfortunately, BSD doesn't define that code! */
1137 #ifdef EIDRM
1138 UNLOCK_AND_RETURN(EIDRM);
1139 #else
1140 UNLOCK_AND_RETURN(EINVAL);
1141 #endif
1142 }
1143
1144 /*
1145 * The semaphore is still alive. Readjust the count of
1146 * waiting processes. semptr needs to be recomputed
1147 * because the sem[] may have been reallocated while
1148 * we were sleeping, updating our sem_base pointer.
1149 */
1150 semptr = &semaptr->sem_base[sopptr->sem_num];
1151 if (sopptr->sem_op == 0)
1152 semptr->semzcnt--;
1153 else
1154 semptr->semncnt--;
1155 }
1156
1157 done:
1158 /*
1159 * Process any SEM_UNDO requests.
1160 */
1161 if (do_undos) {
1162 for (i = 0; i < nsops; i++) {
1163 /*
1164 * We only need to deal with SEM_UNDO's for non-zero
1165 * op's.
1166 */
1167 int adjval;
1168
1169 if ((sops[i].sem_flg & SEM_UNDO) == 0)
1170 continue;
1171 adjval = sops[i].sem_op;
1172 if (adjval == 0)
1173 continue;
1174 eval = semundo_adjust(p, &suptr, semid,
1175 sops[i].sem_num, -adjval);
1176 if (eval == 0)
1177 continue;
1178
1179 /*
1180 * Oh-Oh! We ran out of either sem_undo's or undo's.
1181 * Rollback the adjustments to this point and then
1182 * rollback the semaphore ups and down so we can return
1183 * with an error with all structures restored. We
1184 * rollback the undo's in the exact reverse order that
1185 * we applied them. This guarantees that we won't run
1186 * out of space as we roll things back out.
1187 */
1188 for (j = i - 1; j >= 0; j--) {
1189 if ((sops[j].sem_flg & SEM_UNDO) == 0)
1190 continue;
1191 adjval = sops[j].sem_op;
1192 if (adjval == 0)
1193 continue;
1194 if (semundo_adjust(p, &suptr, semid,
1195 sops[j].sem_num, adjval) != 0)
1196 panic("semop - can't undo undos");
1197 }
1198
1199 for (j = 0; j < nsops; j++)
1200 semaptr->sem_base[sops[j].sem_num].semval -=
1201 sops[j].sem_op;
1202
1203 #ifdef SEM_DEBUG
1204 printf("eval = %d from semundo_adjust\n", eval);
1205 #endif
1206 UNLOCK_AND_RETURN(eval);
1207 } /* loop through the sops */
1208 } /* if (do_undos) */
1209
1210 /* We're definitely done - set the sempid's */
1211 for (i = 0; i < nsops; i++) {
1212 sopptr = &sops[i];
1213 semptr = &semaptr->sem_base[sopptr->sem_num];
1214 semptr->sempid = p->p_pid;
1215 }
1216
1217 /* Do a wakeup if any semaphore was up'd.
1218 * we will release our lock on the semaphore subsystem before
1219 * we wakeup other processes to prevent a little thrashing.
1220 * Note that this is fine because we are done using the
1221 * semaphore structures at this point in time. We only use
1222 * a local variable pointer value, and the retval
1223 * parameter.
1224 * Note 2: Future use of sem_wakeup may reqiure the lock.
1225 */
1226 SUBSYSTEM_LOCK_RELEASE;
1227 if (do_wakeup) {
1228 #ifdef SEM_DEBUG
1229 printf("semop: doing wakeup\n");
1230 #ifdef SEM_WAKEUP
1231 sem_wakeup((caddr_t)semaptr);
1232 #else
1233 wakeup((caddr_t)semaptr);
1234 #endif
1235 printf("semop: back from wakeup\n");
1236 #else
1237 wakeup((caddr_t)semaptr);
1238 #endif
1239 }
1240 #ifdef SEM_DEBUG
1241 printf("semop: done\n");
1242 #endif
1243 *retval = 0;
1244 return(0);
1245 }
1246
1247 /*
1248 * Go through the undo structures for this process and apply the adjustments to
1249 * semaphores.
1250 */
1251 void
1252 semexit(p)
1253 struct proc *p;
1254 {
1255 register struct sem_undo *suptr;
1256 register struct sem_undo **supptr;
1257 int did_something;
1258
1259 /* If we have not allocated our semaphores yet there can't be
1260 * anything to undo, but we need the lock to prevent
1261 * dynamic memory race conditions.
1262 */
1263 SUBSYSTEM_LOCK_AQUIRE(p);
1264 if (!sem)
1265 {
1266 SUBSYSTEM_LOCK_RELEASE;
1267 return;
1268 }
1269 did_something = 0;
1270
1271 /*
1272 * Go through the chain of undo vectors looking for one
1273 * associated with this process.
1274 */
1275
1276 for (supptr = &semu_list; (suptr = *supptr) != NULL;
1277 supptr = &suptr->un_next) {
1278 if (suptr->un_proc == p)
1279 break;
1280 }
1281
1282 if (suptr == NULL)
1283 goto unlock;
1284
1285 #ifdef SEM_DEBUG
1286 printf("proc @%08x has undo structure with %d entries\n", p,
1287 suptr->un_cnt);
1288 #endif
1289
1290 /*
1291 * If there are any active undo elements then process them.
1292 */
1293 if (suptr->un_cnt > 0) {
1294 int ix;
1295
1296 for (ix = 0; ix < suptr->un_cnt; ix++) {
1297 int semid = suptr->un_ent[ix].un_id;
1298 int semnum = suptr->un_ent[ix].un_num;
1299 int adjval = suptr->un_ent[ix].un_adjval;
1300 struct semid_ds *semaptr;
1301
1302 semaptr = &sema[semid];
1303 if ((semaptr->sem_perm.mode & SEM_ALLOC) == 0)
1304 panic("semexit - semid not allocated");
1305 if (semnum >= semaptr->sem_nsems)
1306 panic("semexit - semnum out of range");
1307
1308 #ifdef SEM_DEBUG
1309 printf("semexit: %08x id=%d num=%d(adj=%d) ; sem=%d\n",
1310 suptr->un_proc, suptr->un_ent[ix].un_id,
1311 suptr->un_ent[ix].un_num,
1312 suptr->un_ent[ix].un_adjval,
1313 semaptr->sem_base[semnum].semval);
1314 #endif
1315
1316 if (adjval < 0) {
1317 if (semaptr->sem_base[semnum].semval < -adjval)
1318 semaptr->sem_base[semnum].semval = 0;
1319 else
1320 semaptr->sem_base[semnum].semval +=
1321 adjval;
1322 } else
1323 semaptr->sem_base[semnum].semval += adjval;
1324
1325 /* Maybe we should build a list of semaptr's to wake
1326 * up, finish all access to data structures, release the
1327 * subsystem lock, and wake all the processes. Something
1328 * to think about. It wouldn't buy us anything unless
1329 * wakeup had the potential to block, or the syscall
1330 * funnel state was changed to allow multiple threads
1331 * in the BSD code at once.
1332 */
1333 #ifdef SEM_WAKEUP
1334 sem_wakeup((caddr_t)semaptr);
1335 #else
1336 wakeup((caddr_t)semaptr);
1337 #endif
1338 #ifdef SEM_DEBUG
1339 printf("semexit: back from wakeup\n");
1340 #endif
1341 }
1342 }
1343
1344 /*
1345 * Deallocate the undo vector.
1346 */
1347 #ifdef SEM_DEBUG
1348 printf("removing vector\n");
1349 #endif
1350 suptr->un_proc = NULL;
1351 *supptr = suptr->un_next;
1352
1353 unlock:
1354 /*
1355 * There is a semaphore leak (i.e. memory leak) in this code.
1356 * We should be deleting the IPC_PRIVATE semaphores when they are
1357 * no longer needed, and we dont. We would have to track which processes
1358 * know about which IPC_PRIVATE semaphores, updating the list after
1359 * every fork. We can't just delete them semaphore when the process
1360 * that created it dies, because that process may well have forked
1361 * some children. So we need to wait until all of it's children have
1362 * died, and so on. Maybe we should tag each IPC_PRIVATE sempahore
1363 * with the creating group ID, count the number of processes left in
1364 * that group, and delete the semaphore when the group is gone.
1365 * Until that code gets implemented we will leak IPC_PRIVATE semaphores.
1366 * There is an upper bound on the size of our semaphore array, so
1367 * leaking the semaphores should not work as a DOS attack.
1368 *
1369 * Please note that the original BSD code this file is based on had the
1370 * same leaky semaphore problem.
1371 */
1372
1373 SUBSYSTEM_LOCK_RELEASE;
1374 }
1375 /* (struct sysctl_oid *oidp, void *arg1, int arg2, \
1376 struct sysctl_req *req) */
1377 static int
1378 sysctl_seminfo SYSCTL_HANDLER_ARGS
1379 {
1380 int error = 0;
1381
1382 error = SYSCTL_OUT(req, arg1, sizeof(int));
1383 if (error || !req->newptr)
1384 return(error);
1385
1386 SUBSYSTEM_LOCK_AQUIRE(current_proc());
1387 /* Set the values only if shared memory is not initialised */
1388 if ((sem == (struct sem *) 0) &&
1389 (sema == (struct semid_ds *) 0) &&
1390 (semu == (struct semid_ds *) 0) &&
1391 (semu_list == (struct sem_undo *) 0)) {
1392 if (error = SYSCTL_IN(req, arg1, sizeof(int))) {
1393 goto out;
1394 }
1395 } else
1396 error = EINVAL;
1397 out:
1398 SUBSYSTEM_LOCK_RELEASE;
1399 return(error);
1400
1401 }
1402
1403 /* SYSCTL_NODE(_kern, KERN_SYSV, sysv, CTLFLAG_RW, 0, "SYSV"); */
1404 extern struct sysctl_oid_list sysctl__kern_sysv_children;
1405 SYSCTL_PROC(_kern_sysv, KSYSV_SEMMNI, semmni, CTLTYPE_INT | CTLFLAG_RW,
1406 &limitseminfo.semmni, 0, &sysctl_seminfo ,"I","semmni");
1407
1408 SYSCTL_PROC(_kern_sysv, KSYSV_SEMMNS, semmns, CTLTYPE_INT | CTLFLAG_RW,
1409 &limitseminfo.semmns, 0, &sysctl_seminfo ,"I","semmns");
1410
1411 SYSCTL_PROC(_kern_sysv, KSYSV_SEMMNU, semmnu, CTLTYPE_INT | CTLFLAG_RW,
1412 &limitseminfo.semmnu, 0, &sysctl_seminfo ,"I","semmnu");
1413
1414 SYSCTL_PROC(_kern_sysv, KSYSV_SEMMSL, semmsl, CTLTYPE_INT | CTLFLAG_RW,
1415 &limitseminfo.semmsl, 0, &sysctl_seminfo ,"I","semmsl");
1416
1417 SYSCTL_PROC(_kern_sysv, KSYSV_SEMUNE, semume, CTLTYPE_INT | CTLFLAG_RW,
1418 &limitseminfo.semume, 0, &sysctl_seminfo ,"I","semume");
1419
1420
mirror of XNU