]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/posix_shm.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-1228.5.18.tar.gz
[apple/xnu.git] / bsd / kern / posix_shm.c
1 /*
2 * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1990, 1996-1998 Apple Computer, Inc.
30 * All Rights Reserved.
31 */
32 /*
33 * posix_shm.c : Support for POSIX shared memory APIs
34 *
35 * File: posix_shm.c
36 * Author: Ananthakrishna Ramesh
37 *
38 * HISTORY
39 * 2-Sep-1999 A.Ramesh
40 * Created for MacOSX
41 *
42 */
43 /*
44 * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
45 * support for mandatory and extensible security protections. This notice
46 * is included in support of clause 2.2 (b) of the Apple Public License,
47 * Version 2.0.
48 */
49
50 #include <sys/cdefs.h>
51 #include <sys/param.h>
52 #include <sys/systm.h>
53 #include <sys/kernel.h>
54 #include <sys/file_internal.h>
55 #include <sys/filedesc.h>
56 #include <sys/stat.h>
57 #include <sys/proc_internal.h>
58 #include <sys/kauth.h>
59 #include <sys/mount.h>
60 #include <sys/namei.h>
61 #include <sys/vnode.h>
62 #include <sys/vnode_internal.h>
63 #include <sys/ioctl.h>
64 #include <sys/tty.h>
65 #include <sys/malloc.h>
66 #include <sys/mman.h>
67 #include <sys/stat.h>
68 #include <sys/sysproto.h>
69 #include <sys/proc_info.h>
70 #include <bsm/audit_kernel.h>
71
72 #if CONFIG_MACF
73 #include <security/mac_framework.h>
74 #endif
75
76 #include <mach/mach_types.h>
77 #include <mach/mach_vm.h>
78 #include <mach/vm_map.h>
79 #include <mach/vm_prot.h>
80 #include <mach/vm_inherit.h>
81 #include <mach/kern_return.h>
82 #include <mach/memory_object_control.h>
83
84 #include <vm/vm_map.h>
85 #include <vm/vm_protos.h>
86
87 #define f_flag f_fglob->fg_flag
88 #define f_type f_fglob->fg_type
89 #define f_msgcount f_fglob->fg_msgcount
90 #define f_cred f_fglob->fg_cred
91 #define f_ops f_fglob->fg_ops
92 #define f_offset f_fglob->fg_offset
93 #define f_data f_fglob->fg_data
94 #define PSHMNAMLEN 31 /* maximum name segment length we bother with */
95
96 struct pshminfo {
97 unsigned int pshm_flags;
98 unsigned int pshm_usecount;
99 off_t pshm_length;
100 mode_t pshm_mode;
101 uid_t pshm_uid;
102 gid_t pshm_gid;
103 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
104 void * pshm_memobject;
105 #if DIAGNOSTIC
106 unsigned int pshm_readcount;
107 unsigned int pshm_writecount;
108 proc_t pshm_proc;
109 #endif /* DIAGNOSTIC */
110 struct label* pshm_label;
111 };
112 #define PSHMINFO_NULL (struct pshminfo *)0
113
114 #define PSHM_NONE 1
115 #define PSHM_DEFINED 2
116 #define PSHM_ALLOCATED 4
117 #define PSHM_MAPPED 8
118 #define PSHM_INUSE 0x10
119 #define PSHM_REMOVED 0x20
120 #define PSHM_INCREATE 0x40
121 #define PSHM_INDELETE 0x80
122
123 struct pshmcache {
124 LIST_ENTRY(pshmcache) pshm_hash; /* hash chain */
125 struct pshminfo *pshminfo; /* vnode the name refers to */
126 int pshm_nlen; /* length of name */
127 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
128 };
129 #define PSHMCACHE_NULL (struct pshmcache *)0
130
131 struct pshmstats {
132 long goodhits; /* hits that we can really use */
133 long neghits; /* negative hits that we can use */
134 long badhits; /* hits we must drop */
135 long falsehits; /* hits with id mismatch */
136 long miss; /* misses */
137 long longnames; /* long names that ignore cache */
138 };
139
140 struct pshmname {
141 char *pshm_nameptr; /* pointer to looked up name */
142 long pshm_namelen; /* length of looked up component */
143 u_long pshm_hash; /* hash value of looked up name */
144 };
145
146 struct pshmnode {
147 off_t mapp_addr;
148 user_size_t map_size;
149 struct pshminfo *pinfo;
150 unsigned int pshm_usecount;
151 #if DIAGNOSTIC
152 unsigned int readcnt;
153 unsigned int writecnt;
154 #endif
155 };
156 #define PSHMNODE_NULL (struct pshmnode *)0
157
158
159 #define PSHMHASH(pnp) \
160 (&pshmhashtbl[(pnp)->pshm_hash & pshmhash])
161
162 LIST_HEAD(pshmhashhead, pshmcache) *pshmhashtbl; /* Hash Table */
163 u_long pshmhash; /* size of hash table - 1 */
164 long pshmnument; /* number of cache entries allocated */
165 struct pshmstats pshmstats; /* cache effectiveness statistics */
166
167 static int pshm_read (struct fileproc *fp, struct uio *uio,
168 int flags, vfs_context_t ctx);
169 static int pshm_write (struct fileproc *fp, struct uio *uio,
170 int flags, vfs_context_t ctx);
171 static int pshm_ioctl (struct fileproc *fp, u_long com,
172 caddr_t data, vfs_context_t ctx);
173 static int pshm_select (struct fileproc *fp, int which, void *wql, vfs_context_t ctx);
174 static int pshm_close(struct pshmnode *pnode);
175 static int pshm_closefile (struct fileglob *fg, vfs_context_t ctx);
176
177 static int pshm_kqfilter(struct fileproc *fp, struct knote *kn, vfs_context_t ctx);
178
179 int pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, proc_t p);
180 static int pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp);
181 static void pshm_cache_delete(struct pshmcache *pcp);
182 #if NOT_USED
183 static void pshm_cache_purge(void);
184 #endif /* NOT_USED */
185 static int pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
186 struct pshmcache **pcache);
187
188 struct fileops pshmops =
189 { pshm_read, pshm_write, pshm_ioctl, pshm_select, pshm_closefile, pshm_kqfilter, 0 };
190
191 static lck_grp_t *psx_shm_subsys_lck_grp;
192 static lck_grp_attr_t *psx_shm_subsys_lck_grp_attr;
193 static lck_attr_t *psx_shm_subsys_lck_attr;
194 static lck_mtx_t psx_shm_subsys_mutex;
195
196 #define PSHM_SUBSYS_LOCK() lck_mtx_lock(& psx_shm_subsys_mutex)
197 #define PSHM_SUBSYS_UNLOCK() lck_mtx_unlock(& psx_shm_subsys_mutex)
198
199
200 /* Initialize the mutex governing access to the posix shm subsystem */
201 __private_extern__ void
202 pshm_lock_init( void )
203 {
204
205 psx_shm_subsys_lck_grp_attr = lck_grp_attr_alloc_init();
206
207 psx_shm_subsys_lck_grp = lck_grp_alloc_init("posix shared memory", psx_shm_subsys_lck_grp_attr);
208
209 psx_shm_subsys_lck_attr = lck_attr_alloc_init();
210 lck_mtx_init(& psx_shm_subsys_mutex, psx_shm_subsys_lck_grp, psx_shm_subsys_lck_attr);
211 }
212
213 /*
214 * Lookup an entry in the cache
215 *
216 *
217 * status of -1 is returned if matches
218 * If the lookup determines that the name does not exist
219 * (negative cacheing), a status of ENOENT is returned. If the lookup
220 * fails, a status of zero is returned.
221 */
222
223 static int
224 pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
225 struct pshmcache **pcache)
226 {
227 struct pshmcache *pcp, *nnp;
228 struct pshmhashhead *pcpp;
229
230 if (pnp->pshm_namelen > PSHMNAMLEN) {
231 pshmstats.longnames++;
232 return (0);
233 }
234
235 pcpp = PSHMHASH(pnp);
236 for (pcp = pcpp->lh_first; pcp != 0; pcp = nnp) {
237 nnp = pcp->pshm_hash.le_next;
238 if (pcp->pshm_nlen == pnp->pshm_namelen &&
239 !bcmp(pcp->pshm_name, pnp->pshm_nameptr, (u_int)pcp-> pshm_nlen))
240 break;
241 }
242
243 if (pcp == 0) {
244 pshmstats.miss++;
245 return (0);
246 }
247
248 /* We found a "positive" match, return the vnode */
249 if (pcp->pshminfo) {
250 pshmstats.goodhits++;
251 /* TOUCH(ncp); */
252 *pshmp = pcp->pshminfo;
253 *pcache = pcp;
254 return (-1);
255 }
256
257 /*
258 * We found a "negative" match, ENOENT notifies client of this match.
259 * The nc_vpid field records whether this is a whiteout.
260 */
261 pshmstats.neghits++;
262 return (ENOENT);
263 }
264
265 /*
266 * Add an entry to the cache.
267 * XXX should be static?
268 */
269 static int
270 pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp)
271 {
272 struct pshmhashhead *pcpp;
273 struct pshminfo *dpinfo;
274 struct pshmcache *dpcp;
275
276 #if DIAGNOSTIC
277 if (pnp->pshm_namelen > PSHMNAMLEN)
278 panic("cache_enter: name too long");
279 #endif
280
281
282 /* if the entry has already been added by some one else return */
283 if (pshm_cache_search(&dpinfo, pnp, &dpcp) == -1) {
284 return(EEXIST);
285 }
286 pshmnument++;
287
288 /*
289 * Fill in cache info, if vp is NULL this is a "negative" cache entry.
290 * For negative entries, we have to record whether it is a whiteout.
291 * the whiteout flag is stored in the nc_vpid field which is
292 * otherwise unused.
293 */
294 pcp->pshminfo = pshmp;
295 pcp->pshm_nlen = pnp->pshm_namelen;
296 bcopy(pnp->pshm_nameptr, pcp->pshm_name, (unsigned)pcp->pshm_nlen);
297 pcpp = PSHMHASH(pnp);
298 #if DIAGNOSTIC
299 {
300 struct pshmcache *p;
301
302 for (p = pcpp->lh_first; p != 0; p = p->pshm_hash.le_next)
303 if (p == pcp)
304 panic("cache_enter: duplicate");
305 }
306 #endif
307 LIST_INSERT_HEAD(pcpp, pcp, pshm_hash);
308 return(0);
309 }
310
311 /*
312 * Name cache initialization, from vfs_init() when we are booting
313 */
314 void
315 pshm_cache_init(void)
316 {
317 pshmhashtbl = hashinit(desiredvnodes / 8, M_SHM, &pshmhash);
318 }
319
320 #if NOT_USED
321 /*
322 * Invalidate a all entries to particular vnode.
323 *
324 * We actually just increment the v_id, that will do it. The entries will
325 * be purged by lookup as they get found. If the v_id wraps around, we
326 * need to ditch the entire cache, to avoid confusion. No valid vnode will
327 * ever have (v_id == 0).
328 */
329 static void
330 pshm_cache_purge(void)
331 {
332 struct pshmcache *pcp;
333 struct pshmhashhead *pcpp;
334
335 for (pcpp = &pshmhashtbl[pshmhash]; pcpp >= pshmhashtbl; pcpp--) {
336 while ( (pcp = pcpp->lh_first) )
337 pshm_cache_delete(pcp);
338 }
339 }
340 #endif /* NOT_USED */
341
342 static void
343 pshm_cache_delete(struct pshmcache *pcp)
344 {
345 #if DIAGNOSTIC
346 if (pcp->pshm_hash.le_prev == 0)
347 panic("namecache purge le_prev");
348 if (pcp->pshm_hash.le_next == pcp)
349 panic("namecache purge le_next");
350 #endif /* DIAGNOSTIC */
351 LIST_REMOVE(pcp, pshm_hash);
352 pcp->pshm_hash.le_prev = 0;
353 pshmnument--;
354 }
355
356
357 int
358 shm_open(proc_t p, struct shm_open_args *uap, register_t *retval)
359 {
360 struct fileproc *fp;
361 size_t i;
362 struct fileproc *nfp;
363 int indx, error;
364 struct pshmname nd;
365 struct pshminfo *pinfo;
366 char * pnbuf;
367 char * nameptr;
368 char * cp;
369 size_t pathlen, plen;
370 int fmode ;
371 int cmode = uap->mode;
372 int incache = 0;
373 struct pshmnode * pnode = PSHMNODE_NULL;
374 struct pshmcache * pcache = PSHMCACHE_NULL;
375 struct pshmcache *pcp = NULL; /* protected by !incache */
376 int pinfo_alloc=0;
377
378 AUDIT_ARG(fflags, uap->oflag);
379 AUDIT_ARG(mode, uap->mode);
380
381 pinfo = PSHMINFO_NULL;
382
383 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
384 if (pnbuf == NULL) {
385 return(ENOSPC);
386 }
387
388 pathlen = MAXPATHLEN;
389 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
390 if (error) {
391 goto bad;
392 }
393 AUDIT_ARG(text, pnbuf);
394 if (pathlen > PSHMNAMLEN) {
395 error = ENAMETOOLONG;
396 goto bad;
397 }
398
399
400 #ifdef PSXSHM_NAME_RESTRICT
401 nameptr = pnbuf;
402 if (*nameptr == '/') {
403 while (*(nameptr++) == '/') {
404 plen--;
405 error = EINVAL;
406 goto bad;
407 }
408 } else {
409 error = EINVAL;
410 goto bad;
411 }
412 #endif /* PSXSHM_NAME_RESTRICT */
413
414 plen = pathlen;
415 nameptr = pnbuf;
416 nd.pshm_nameptr = nameptr;
417 nd.pshm_namelen = plen;
418 nd. pshm_hash =0;
419
420 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
421 nd.pshm_hash += (unsigned char)*cp * i;
422 }
423
424 PSHM_SUBSYS_LOCK();
425 error = pshm_cache_search(&pinfo, &nd, &pcache);
426
427 if (error == ENOENT) {
428 PSHM_SUBSYS_UNLOCK();
429 error = EINVAL;
430 goto bad;
431
432 }
433 if (!error) {
434 incache = 0;
435 } else
436 incache = 1;
437 fmode = FFLAGS(uap->oflag);
438 if ((fmode & (FREAD | FWRITE))==0) {
439 PSHM_SUBSYS_UNLOCK();
440 error = EINVAL;
441 goto bad;
442 }
443
444 /*
445 * XXXXXXXXXX TBD XXXXXXXXXX
446 * There is a race that existed with the funnels as well.
447 * Need to be fixed later
448 */
449 PSHM_SUBSYS_UNLOCK();
450 error = falloc(p, &nfp, &indx, vfs_context_current());
451 if (error )
452 goto bad;
453 PSHM_SUBSYS_LOCK();
454
455 fp = nfp;
456
457 cmode &= ALLPERMS;
458
459 if (fmode & O_CREAT) {
460 if ((fmode & O_EXCL) && incache) {
461 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
462 pinfo->pshm_gid, pinfo->pshm_mode);
463
464 /* shm obj exists and opened O_EXCL */
465 #if notyet
466 if (pinfo->pshm_flags & PSHM_INDELETE) {
467 }
468 #endif
469 error = EEXIST;
470 PSHM_SUBSYS_UNLOCK();
471 goto bad1;
472 }
473 if (!incache) {
474 PSHM_SUBSYS_UNLOCK();
475 /* create a new one */
476 MALLOC(pinfo, struct pshminfo *, sizeof(struct pshminfo), M_SHM, M_WAITOK|M_ZERO);
477 if (pinfo == NULL) {
478 error = ENOSPC;
479 goto bad1;
480 }
481 PSHM_SUBSYS_LOCK();
482 pinfo_alloc = 1;
483 pinfo->pshm_flags = PSHM_DEFINED | PSHM_INCREATE;
484 pinfo->pshm_usecount = 1; /* existence reference */
485 pinfo->pshm_mode = cmode;
486 pinfo->pshm_uid = kauth_cred_getuid(kauth_cred_get());
487 pinfo->pshm_gid = kauth_cred_get()->cr_gid;
488 bcopy(pnbuf, &pinfo->pshm_name[0], PSHMNAMLEN);
489 pinfo->pshm_name[PSHMNAMLEN]=0;
490 #if CONFIG_MACF
491 PSHM_SUBSYS_UNLOCK();
492 mac_posixshm_label_init(pinfo);
493 PSHM_SUBSYS_LOCK();
494 error = mac_posixshm_check_create(kauth_cred_get(), nameptr);
495 if (error) {
496 PSHM_SUBSYS_UNLOCK();
497 goto bad2;
498 }
499 mac_posixshm_label_associate(kauth_cred_get(), pinfo, nameptr);
500 #endif
501 } else {
502 /* already exists */
503 if( pinfo->pshm_flags & PSHM_INDELETE) {
504 PSHM_SUBSYS_UNLOCK();
505 error = ENOENT;
506 goto bad1;
507 }
508 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
509 pinfo->pshm_gid, pinfo->pshm_mode);
510 #if CONFIG_MACF
511 if ((error = mac_posixshm_check_open(
512 kauth_cred_get(), pinfo))) {
513 PSHM_SUBSYS_UNLOCK();
514 goto bad1;
515 }
516 #endif
517 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
518 PSHM_SUBSYS_UNLOCK();
519 goto bad1;
520 }
521 }
522 } else {
523 if (!incache) {
524 /* O_CREAT is not set and the shm obecj does not exist */
525 PSHM_SUBSYS_UNLOCK();
526 error = ENOENT;
527 goto bad1;
528 }
529 if( pinfo->pshm_flags & PSHM_INDELETE) {
530 PSHM_SUBSYS_UNLOCK();
531 error = ENOENT;
532 goto bad1;
533 }
534 #if CONFIG_MACF
535 if ((error = mac_posixshm_check_open(
536 kauth_cred_get(), pinfo))) {
537 PSHM_SUBSYS_UNLOCK();
538 goto bad1;
539 }
540 #endif
541
542 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
543 PSHM_SUBSYS_UNLOCK();
544 goto bad1;
545 }
546 }
547 if (fmode & O_TRUNC) {
548 PSHM_SUBSYS_UNLOCK();
549 error = EINVAL;
550 goto bad2;
551 }
552 #if DIAGNOSTIC
553 if (fmode & FWRITE)
554 pinfo->pshm_writecount++;
555 if (fmode & FREAD)
556 pinfo->pshm_readcount++;
557 #endif
558 PSHM_SUBSYS_UNLOCK();
559 MALLOC(pnode, struct pshmnode *, sizeof(struct pshmnode), M_SHM, M_WAITOK|M_ZERO);
560 if (pnode == NULL) {
561 error = ENOSPC;
562 goto bad2;
563 }
564 if (!incache) {
565 /*
566 * We allocate a new entry if we are less than the maximum
567 * allowed and the one at the front of the LRU list is in use.
568 * Otherwise we use the one at the front of the LRU list.
569 */
570 MALLOC(pcp, struct pshmcache *, sizeof(struct pshmcache), M_SHM, M_WAITOK|M_ZERO);
571 if (pcp == NULL) {
572 error = ENOSPC;
573 goto bad2;
574 }
575
576 }
577 PSHM_SUBSYS_LOCK();
578
579 if (!incache) {
580 if ( (error = pshm_cache_add(pinfo, &nd, pcp)) ) {
581 PSHM_SUBSYS_UNLOCK();
582 FREE(pcp, M_SHM);
583 goto bad3;
584 }
585 }
586 pinfo->pshm_flags &= ~PSHM_INCREATE;
587 pinfo->pshm_usecount++; /* extra reference for the new fd */
588 pnode->pinfo = pinfo;
589
590 PSHM_SUBSYS_UNLOCK();
591 proc_fdlock(p);
592 fp->f_flag = fmode & FMASK;
593 fp->f_type = DTYPE_PSXSHM;
594 fp->f_ops = &pshmops;
595 fp->f_data = (caddr_t)pnode;
596 *fdflags(p, indx) |= UF_EXCLOSE;
597 procfdtbl_releasefd(p, indx, NULL);
598 fp_drop(p, indx, fp, 1);
599 proc_fdunlock(p);
600
601 *retval = indx;
602 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
603 return (0);
604 bad3:
605 FREE(pnode, M_SHM);
606
607 bad2:
608 if (pinfo_alloc) {
609 #if CONFIG_MACF
610 mac_posixshm_label_destroy(pinfo);
611 #endif
612 FREE(pinfo, M_SHM);
613 }
614 bad1:
615 fp_free(p, indx, fp);
616 bad:
617 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
618 return (error);
619 }
620
621
622 int
623 pshm_truncate(__unused proc_t p, struct fileproc *fp, __unused int fd,
624 off_t length, __unused register_t *retval)
625 {
626 struct pshminfo * pinfo;
627 struct pshmnode * pnode ;
628 kern_return_t kret;
629 mach_vm_offset_t user_addr;
630 mem_entry_name_port_t mem_object;
631 mach_vm_size_t size;
632 #if CONFIG_MACF
633 int error;
634 #endif
635
636 if (fp->f_type != DTYPE_PSXSHM) {
637 return(EINVAL);
638 }
639
640
641 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
642 return(EINVAL);
643
644 PSHM_SUBSYS_LOCK();
645 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
646 PSHM_SUBSYS_UNLOCK();
647 return(EINVAL);
648 }
649 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))
650 != PSHM_DEFINED) {
651 PSHM_SUBSYS_UNLOCK();
652 return(EINVAL);
653 }
654 #if CONFIG_MACF
655 error = mac_posixshm_check_truncate(kauth_cred_get(), pinfo, size);
656 if (error) {
657 PSHM_SUBSYS_UNLOCK();
658 return(error);
659 }
660 #endif
661 PSHM_SUBSYS_UNLOCK();
662 size = round_page_64(length);
663 kret = mach_vm_allocate(current_map(), &user_addr, size, VM_FLAGS_ANYWHERE);
664 if (kret != KERN_SUCCESS)
665 goto out;
666
667 kret = mach_make_memory_entry_64 (current_map(), &size,
668 user_addr, VM_PROT_DEFAULT, &mem_object, 0);
669
670 if (kret != KERN_SUCCESS)
671 goto out;
672
673 mach_vm_deallocate(current_map(), user_addr, size);
674
675 PSHM_SUBSYS_LOCK();
676 pinfo->pshm_flags &= ~PSHM_DEFINED;
677 pinfo->pshm_flags = PSHM_ALLOCATED;
678 pinfo->pshm_memobject = (void *)mem_object;
679 pinfo->pshm_length = size;
680 PSHM_SUBSYS_UNLOCK();
681 return(0);
682
683 out:
684 switch (kret) {
685 case KERN_INVALID_ADDRESS:
686 case KERN_NO_SPACE:
687 return (ENOMEM);
688 case KERN_PROTECTION_FAILURE:
689 return (EACCES);
690 default:
691 return (EINVAL);
692
693 }
694 }
695
696 int
697 pshm_stat(struct pshmnode *pnode, void *ub, int isstat64)
698 {
699 struct stat *sb = (struct stat *)0; /* warning avoidance ; protected by isstat64 */
700 struct stat64 * sb64 = (struct stat64 *)0; /* warning avoidance ; protected by isstat64 */
701 struct pshminfo *pinfo;
702 #if CONFIG_MACF
703 int error;
704 #endif
705
706 PSHM_SUBSYS_LOCK();
707 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL){
708 PSHM_SUBSYS_UNLOCK();
709 return(EINVAL);
710 }
711
712 #if CONFIG_MACF
713 error = mac_posixshm_check_stat(kauth_cred_get(), pinfo);
714 if (error) {
715 PSHM_SUBSYS_UNLOCK();
716 return(error);
717 }
718 #endif
719
720 if (isstat64 != 0) {
721 sb64 = (struct stat64 *)ub;
722 bzero(sb64, sizeof(struct stat64));
723 sb64->st_mode = pinfo->pshm_mode;
724 sb64->st_uid = pinfo->pshm_uid;
725 sb64->st_gid = pinfo->pshm_gid;
726 sb64->st_size = pinfo->pshm_length;
727 } else {
728 sb = (struct stat *)ub;
729 bzero(sb, sizeof(struct stat));
730 sb->st_mode = pinfo->pshm_mode;
731 sb->st_uid = pinfo->pshm_uid;
732 sb->st_gid = pinfo->pshm_gid;
733 sb->st_size = pinfo->pshm_length;
734 }
735 PSHM_SUBSYS_UNLOCK();
736
737 return(0);
738 }
739
740 /*
741 * This is called only from shm_open which holds pshm_lock();
742 * XXX This code is repeated many times
743 */
744 int
745 pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, __unused proc_t p)
746 {
747 mode_t mask;
748 int is_member;
749
750 /* Otherwise, user id 0 always gets access. */
751 if (!suser(cred, NULL))
752 return (0);
753
754 mask = 0;
755
756 /* Otherwise, check the owner. */
757 if (kauth_cred_getuid(cred) == pinfo->pshm_uid) {
758 if (mode & FREAD)
759 mask |= S_IRUSR;
760 if (mode & FWRITE)
761 mask |= S_IWUSR;
762 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
763 }
764
765 /* Otherwise, check the groups. */
766 if (kauth_cred_ismember_gid(cred, pinfo->pshm_gid, &is_member) == 0 && is_member) {
767 if (mode & FREAD)
768 mask |= S_IRGRP;
769 if (mode & FWRITE)
770 mask |= S_IWGRP;
771 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
772 }
773
774 /* Otherwise, check everyone else. */
775 if (mode & FREAD)
776 mask |= S_IROTH;
777 if (mode & FWRITE)
778 mask |= S_IWOTH;
779 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
780 }
781
782 int
783 pshm_mmap(__unused proc_t p, struct mmap_args *uap, user_addr_t *retval, struct fileproc *fp, off_t pageoff)
784 {
785 mach_vm_offset_t user_addr = (mach_vm_offset_t)uap->addr;
786 mach_vm_size_t user_size = (mach_vm_size_t)uap->len ;
787 int prot = uap->prot;
788 int flags = uap->flags;
789 vm_object_offset_t file_pos = (vm_object_offset_t)uap->pos;
790 vm_map_t user_map;
791 int alloc_flags;
792 boolean_t docow;
793 kern_return_t kret;
794 struct pshminfo * pinfo;
795 struct pshmnode * pnode;
796 void * mem_object;
797 #if CONFIG_MACF
798 int error;
799 #endif
800
801 if (user_size == 0)
802 return(0);
803
804 if ((flags & MAP_SHARED) == 0)
805 return(EINVAL);
806
807
808 if ((prot & PROT_WRITE) && ((fp->f_flag & FWRITE) == 0)) {
809 return(EPERM);
810 }
811
812 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
813 return(EINVAL);
814
815 PSHM_SUBSYS_LOCK();
816 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
817 PSHM_SUBSYS_UNLOCK();
818 return(EINVAL);
819 }
820
821 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
822 PSHM_SUBSYS_UNLOCK();
823 return(EINVAL);
824 }
825 if ((off_t)user_size > pinfo->pshm_length) {
826 PSHM_SUBSYS_UNLOCK();
827 return(EINVAL);
828 }
829 if ((off_t)(user_size + file_pos) > pinfo->pshm_length) {
830 PSHM_SUBSYS_UNLOCK();
831 return(EINVAL);
832 }
833 if ((mem_object = pinfo->pshm_memobject) == NULL) {
834 PSHM_SUBSYS_UNLOCK();
835 return(EINVAL);
836 }
837
838 #if CONFIG_MACF
839 error = mac_posixshm_check_mmap(kauth_cred_get(), pinfo, prot, flags);
840 if (error) {
841 PSHM_SUBSYS_UNLOCK();
842 return(error);
843 }
844 #endif
845
846 PSHM_SUBSYS_UNLOCK();
847 user_map = current_map();
848
849 if ((flags & MAP_FIXED) == 0) {
850 alloc_flags = VM_FLAGS_ANYWHERE;
851 user_addr = mach_vm_round_page(user_addr);
852 } else {
853 if (user_addr != mach_vm_trunc_page(user_addr))
854 return (EINVAL);
855 /*
856 * We do not get rid of the existing mappings here because
857 * it wouldn't be atomic (see comment in mmap()). We let
858 * Mach VM know that we want it to replace any existing
859 * mapping with the new one.
860 */
861 alloc_flags = VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE;
862 }
863 docow = FALSE;
864
865 kret = vm_map_enter_mem_object(user_map, &user_addr, user_size,
866 0, alloc_flags,
867 pinfo->pshm_memobject, file_pos, docow,
868 prot, VM_PROT_DEFAULT,
869 VM_INHERIT_SHARE);
870 if (kret != KERN_SUCCESS)
871 goto out;
872 /* LP64todo - this should be superfluous at this point */
873 kret = mach_vm_inherit(user_map, user_addr, user_size,
874 VM_INHERIT_SHARE);
875 if (kret != KERN_SUCCESS) {
876 (void) mach_vm_deallocate(user_map, user_addr, user_size);
877 goto out;
878 }
879 PSHM_SUBSYS_LOCK();
880 pnode->mapp_addr = user_addr;
881 pnode->map_size = user_size;
882 pinfo->pshm_flags |= (PSHM_MAPPED | PSHM_INUSE);
883 PSHM_SUBSYS_UNLOCK();
884 out:
885 switch (kret) {
886 case KERN_SUCCESS:
887 *retval = (user_addr + pageoff);
888 return (0);
889 case KERN_INVALID_ADDRESS:
890 case KERN_NO_SPACE:
891 return (ENOMEM);
892 case KERN_PROTECTION_FAILURE:
893 return (EACCES);
894 default:
895 return (EINVAL);
896 }
897
898 }
899
900 int
901 shm_unlink(__unused proc_t p, struct shm_unlink_args *uap,
902 __unused register_t *retval)
903 {
904 size_t i;
905 int error=0;
906 struct pshmname nd;
907 struct pshminfo *pinfo;
908 char * pnbuf;
909 char * nameptr;
910 char * cp;
911 size_t pathlen, plen;
912 int incache = 0;
913 struct pshmcache *pcache = PSHMCACHE_NULL;
914
915 pinfo = PSHMINFO_NULL;
916
917 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
918 if (pnbuf == NULL) {
919 return(ENOSPC); /* XXX non-standard */
920 }
921 pathlen = MAXPATHLEN;
922 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
923 if (error) {
924 goto bad;
925 }
926 AUDIT_ARG(text, pnbuf);
927 if (pathlen > PSHMNAMLEN) {
928 error = ENAMETOOLONG;
929 goto bad;
930 }
931
932
933 #ifdef PSXSHM_NAME_RESTRICT
934 nameptr = pnbuf;
935 if (*nameptr == '/') {
936 while (*(nameptr++) == '/') {
937 plen--;
938 error = EINVAL;
939 goto bad;
940 }
941 } else {
942 error = EINVAL;
943 goto bad;
944 }
945 #endif /* PSXSHM_NAME_RESTRICT */
946
947 plen = pathlen;
948 nameptr = pnbuf;
949 nd.pshm_nameptr = nameptr;
950 nd.pshm_namelen = plen;
951 nd. pshm_hash =0;
952
953 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
954 nd.pshm_hash += (unsigned char)*cp * i;
955 }
956
957 PSHM_SUBSYS_LOCK();
958 error = pshm_cache_search(&pinfo, &nd, &pcache);
959
960 if (error == ENOENT) {
961 PSHM_SUBSYS_UNLOCK();
962 error = EINVAL;
963 goto bad;
964
965 }
966 if (!error) {
967 PSHM_SUBSYS_UNLOCK();
968 error = EINVAL;
969 goto bad;
970 } else
971 incache = 1;
972
973 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))==0) {
974 PSHM_SUBSYS_UNLOCK();
975 error = EINVAL;
976 goto bad;
977 }
978
979 if (pinfo->pshm_flags & PSHM_INDELETE) {
980 PSHM_SUBSYS_UNLOCK();
981 error = 0;
982 goto bad;
983 }
984 #if CONFIG_MACF
985 error = mac_posixshm_check_unlink(kauth_cred_get(), pinfo, nameptr);
986 if (error) {
987 PSHM_SUBSYS_UNLOCK();
988 goto bad;
989 }
990 #endif
991
992 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid, pinfo->pshm_gid,
993 pinfo->pshm_mode);
994
995 /*
996 * JMM - How should permissions be checked?
997 */
998
999 pinfo->pshm_flags |= PSHM_INDELETE;
1000 pshm_cache_delete(pcache);
1001 pinfo->pshm_flags |= PSHM_REMOVED;
1002 /* release the existence reference */
1003 if (!--pinfo->pshm_usecount) {
1004 PSHM_SUBSYS_UNLOCK();
1005 /*
1006 * If this is the last reference going away on the object,
1007 * then we need to destroy the backing object. The name
1008 * has an implied but uncounted reference on the object,
1009 * once it's created, since it's used as a rendesvous, and
1010 * therefore may be subsequently reopened.
1011 */
1012 if (pinfo->pshm_memobject != NULL)
1013 mach_memory_entry_port_release(pinfo->pshm_memobject);
1014 PSHM_SUBSYS_LOCK();
1015 FREE(pinfo,M_SHM);
1016 }
1017 PSHM_SUBSYS_UNLOCK();
1018 FREE(pcache, M_SHM);
1019 error = 0;
1020 bad:
1021 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
1022 return (error);
1023 }
1024
1025 /* already called locked */
1026 static int
1027 pshm_close(struct pshmnode *pnode)
1028 {
1029 int error=0;
1030 struct pshminfo *pinfo;
1031
1032 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL)
1033 return(EINVAL);
1034
1035 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
1036 return(EINVAL);
1037 }
1038 #if DIAGNOSTIC
1039 if(!pinfo->pshm_usecount) {
1040 kprintf("negative usecount in pshm_close\n");
1041 }
1042 #endif /* DIAGNOSTIC */
1043 pinfo->pshm_usecount--; /* release this fd's reference */
1044
1045 if ((pinfo->pshm_flags & PSHM_REMOVED) && !pinfo->pshm_usecount) {
1046 PSHM_SUBSYS_UNLOCK();
1047 /*
1048 * If this is the last reference going away on the object,
1049 * then we need to destroy the backing object.
1050 */
1051 if (pinfo->pshm_memobject != NULL)
1052 mach_memory_entry_port_release(pinfo->pshm_memobject);
1053 PSHM_SUBSYS_LOCK();
1054 #if CONFIG_MACF
1055 mac_posixshm_label_destroy(pinfo);
1056 #endif
1057 FREE(pinfo,M_SHM);
1058 }
1059 FREE(pnode, M_SHM);
1060 return (error);
1061 }
1062
1063 /* vfs_context_t passed to match prototype for struct fileops */
1064 static int
1065 pshm_closefile(struct fileglob *fg, __unused vfs_context_t ctx)
1066 {
1067 int error;
1068
1069 PSHM_SUBSYS_LOCK();
1070 error = pshm_close(((struct pshmnode *)fg->fg_data));
1071 PSHM_SUBSYS_UNLOCK();
1072 return(error);
1073 }
1074
1075 static int
1076 pshm_read(__unused struct fileproc *fp, __unused struct uio *uio,
1077 __unused int flags, __unused vfs_context_t ctx)
1078 {
1079 return(ENOTSUP);
1080 }
1081
1082 static int
1083 pshm_write(__unused struct fileproc *fp, __unused struct uio *uio,
1084 __unused int flags, __unused vfs_context_t ctx)
1085 {
1086 return(ENOTSUP);
1087 }
1088
1089 static int
1090 pshm_ioctl(__unused struct fileproc *fp, __unused u_long com,
1091 __unused caddr_t data, __unused vfs_context_t ctx)
1092 {
1093 return(ENOTSUP);
1094 }
1095
1096 static int
1097 pshm_select(__unused struct fileproc *fp, __unused int which, __unused void *wql,
1098 __unused vfs_context_t ctx)
1099 {
1100 return(ENOTSUP);
1101 }
1102
1103 static int
1104 pshm_kqfilter(__unused struct fileproc *fp, __unused struct knote *kn,
1105 __unused vfs_context_t ctx)
1106 {
1107 return(ENOTSUP);
1108 }
1109
1110 int
1111 fill_pshminfo(struct pshmnode * pshm, struct pshm_info * info)
1112 {
1113 struct pshminfo *pinfo;
1114 struct vinfo_stat *sb;
1115
1116 PSHM_SUBSYS_LOCK();
1117 if ((pinfo = pshm->pinfo) == PSHMINFO_NULL){
1118 PSHM_SUBSYS_UNLOCK();
1119 return(EINVAL);
1120 }
1121
1122 sb = &info->pshm_stat;
1123
1124 bzero(sb, sizeof(struct vinfo_stat));
1125 sb->vst_mode = pinfo->pshm_mode;
1126 sb->vst_uid = pinfo->pshm_uid;
1127 sb->vst_gid = pinfo->pshm_gid;
1128 sb->vst_size = pinfo->pshm_length;
1129
1130 info->pshm_mappaddr = pshm->mapp_addr;
1131 bcopy(&pinfo->pshm_name[0], &info->pshm_name[0], PSHMNAMLEN+1);
1132
1133 PSHM_SUBSYS_UNLOCK();
1134 return(0);
1135 }
1136
1137 #if CONFIG_MACF
1138 void
1139 pshm_label_associate(struct fileproc *fp, struct vnode *vp, vfs_context_t ctx)
1140 {
1141 struct pshmnode *pnode;
1142 struct pshminfo *pshm;
1143
1144 PSHM_SUBSYS_LOCK();
1145 pnode = (struct pshmnode *)fp->f_fglob->fg_data;
1146 if (pnode != NULL) {
1147 pshm = pnode->pinfo;
1148 if (pshm != NULL)
1149 mac_posixshm_vnode_label_associate(
1150 vfs_context_ucred(ctx), pshm, pshm->pshm_label,
1151 vp, vp->v_label);
1152 }
1153 PSHM_SUBSYS_UNLOCK();
1154 }
1155 #endif
mirror of XNU