]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/posix_shm.c
projects / apple / xnu.git / blob
? search:


f206e2dc10d25bdb9df6b0a1919605fa0185167f
[apple/xnu.git] / bsd / kern / posix_shm.c
1 /*
2 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_OSREFERENCE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the
10 * License may not be used to create, or enable the creation or
11 * redistribution of, unlawful or unlicensed copies of an Apple operating
12 * system, or to circumvent, violate, or enable the circumvention or
13 * violation of, any terms of an Apple operating system software license
14 * agreement.
15 *
16 * Please obtain a copy of the License at
17 * http://www.opensource.apple.com/apsl/ and read it before using this
18 * file.
19 *
20 * The Original Code and all software distributed under the License are
21 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
22 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
23 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
24 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
25 * Please see the License for the specific language governing rights and
26 * limitations under the License.
27 *
28 * @APPLE_LICENSE_OSREFERENCE_HEADER_END@
29 */
30 /*
31 * Copyright (c) 1990, 1996-1998 Apple Computer, Inc.
32 * All Rights Reserved.
33 */
34 /*
35 * posix_shm.c : Support for POSIX shared memory APIs
36 *
37 * File: posix_shm.c
38 * Author: Ananthakrishna Ramesh
39 *
40 * HISTORY
41 * 2-Sep-1999 A.Ramesh
42 * Created for MacOSX
43 *
44 */
45
46 #include <sys/cdefs.h>
47 #include <sys/param.h>
48 #include <sys/systm.h>
49 #include <sys/kernel.h>
50 #include <sys/file_internal.h>
51 #include <sys/filedesc.h>
52 #include <sys/stat.h>
53 #include <sys/proc_internal.h>
54 #include <sys/kauth.h>
55 #include <sys/mount.h>
56 #include <sys/namei.h>
57 #include <sys/vnode.h>
58 #include <sys/ioctl.h>
59 #include <sys/tty.h>
60 #include <sys/malloc.h>
61 #include <sys/mman.h>
62 #include <sys/stat.h>
63 #include <sys/sysproto.h>
64 #include <sys/proc_info.h>
65
66 #include <bsm/audit_kernel.h>
67
68 #include <mach/mach_types.h>
69 #include <mach/mach_vm.h>
70 #include <mach/vm_map.h>
71 #include <mach/vm_prot.h>
72 #include <mach/vm_inherit.h>
73 #include <mach/kern_return.h>
74 #include <mach/memory_object_control.h>
75
76 #include <vm/vm_map.h>
77 #include <vm/vm_protos.h>
78 #include <vm/vm_shared_memory_server.h>
79
80 #if KTRACE
81 #include <sys/ktrace.h>
82 #endif
83
84 #define f_flag f_fglob->fg_flag
85 #define f_type f_fglob->fg_type
86 #define f_msgcount f_fglob->fg_msgcount
87 #define f_cred f_fglob->fg_cred
88 #define f_ops f_fglob->fg_ops
89 #define f_offset f_fglob->fg_offset
90 #define f_data f_fglob->fg_data
91 #define PSHMNAMLEN 31 /* maximum name segment length we bother with */
92
93
94 struct pshminfo {
95 unsigned int pshm_flags;
96 unsigned int pshm_usecount;
97 off_t pshm_length;
98 mode_t pshm_mode;
99 uid_t pshm_uid;
100 gid_t pshm_gid;
101 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
102 void * pshm_memobject;
103 #if DIAGNOSTIC
104 unsigned int pshm_readcount;
105 unsigned int pshm_writecount;
106 struct proc * pshm_proc;
107 #endif /* DIAGNOSTIC */
108 };
109 #define PSHMINFO_NULL (struct pshminfo *)0
110
111 #define PSHM_NONE 1
112 #define PSHM_DEFINED 2
113 #define PSHM_ALLOCATED 4
114 #define PSHM_MAPPED 8
115 #define PSHM_INUSE 0x10
116 #define PSHM_REMOVED 0x20
117 #define PSHM_INCREATE 0x40
118 #define PSHM_INDELETE 0x80
119
120 struct pshmcache {
121 LIST_ENTRY(pshmcache) pshm_hash; /* hash chain */
122 struct pshminfo *pshminfo; /* vnode the name refers to */
123 int pshm_nlen; /* length of name */
124 char pshm_name[PSHMNAMLEN + 1]; /* segment name */
125 };
126 #define PSHMCACHE_NULL (struct pshmcache *)0
127
128 struct pshmstats {
129 long goodhits; /* hits that we can really use */
130 long neghits; /* negative hits that we can use */
131 long badhits; /* hits we must drop */
132 long falsehits; /* hits with id mismatch */
133 long miss; /* misses */
134 long longnames; /* long names that ignore cache */
135 };
136
137 struct pshmname {
138 char *pshm_nameptr; /* pointer to looked up name */
139 long pshm_namelen; /* length of looked up component */
140 u_long pshm_hash; /* hash value of looked up name */
141 };
142
143 struct pshmnode {
144 off_t mapp_addr;
145 user_size_t map_size;
146 struct pshminfo *pinfo;
147 unsigned int pshm_usecount;
148 #if DIAGNOSTIC
149 unsigned int readcnt;
150 unsigned int writecnt;
151 #endif
152 };
153 #define PSHMNODE_NULL (struct pshmnode *)0
154
155
156 #define PSHMHASH(pnp) \
157 (&pshmhashtbl[(pnp)->pshm_hash & pshmhash])
158
159 LIST_HEAD(pshmhashhead, pshmcache) *pshmhashtbl; /* Hash Table */
160 u_long pshmhash; /* size of hash table - 1 */
161 long pshmnument; /* number of cache entries allocated */
162 struct pshmstats pshmstats; /* cache effectiveness statistics */
163
164 static int pshm_read (struct fileproc *fp, struct uio *uio,
165 kauth_cred_t cred, int flags, struct proc *p);
166 static int pshm_write (struct fileproc *fp, struct uio *uio,
167 kauth_cred_t cred, int flags, struct proc *p);
168 static int pshm_ioctl (struct fileproc *fp, u_long com,
169 caddr_t data, struct proc *p);
170 static int pshm_select (struct fileproc *fp, int which, void *wql, struct proc *p);
171 static int pshm_close(struct pshmnode *pnode);
172 static int pshm_closefile (struct fileglob *fg, struct proc *p);
173
174 static int pshm_kqfilter(struct fileproc *fp, struct knote *kn, struct proc *p);
175
176 int pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, struct proc *p);
177 static int pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp);
178 static void pshm_cache_delete(struct pshmcache *pcp);
179 #if NOT_USED
180 static void pshm_cache_purge(void);
181 #endif /* NOT_USED */
182 static int pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
183 struct pshmcache **pcache);
184
185 struct fileops pshmops =
186 { pshm_read, pshm_write, pshm_ioctl, pshm_select, pshm_closefile, pshm_kqfilter, 0 };
187
188 static lck_grp_t *psx_shm_subsys_lck_grp;
189 static lck_grp_attr_t *psx_shm_subsys_lck_grp_attr;
190 static lck_attr_t *psx_shm_subsys_lck_attr;
191 static lck_mtx_t psx_shm_subsys_mutex;
192
193 #define PSHM_SUBSYS_LOCK() lck_mtx_lock(& psx_shm_subsys_mutex)
194 #define PSHM_SUBSYS_UNLOCK() lck_mtx_unlock(& psx_shm_subsys_mutex)
195
196
197 /* Initialize the mutex governing access to the posix shm subsystem */
198 __private_extern__ void
199 pshm_lock_init( void )
200 {
201
202 psx_shm_subsys_lck_grp_attr = lck_grp_attr_alloc_init();
203
204 psx_shm_subsys_lck_grp = lck_grp_alloc_init("posix shared memory", psx_shm_subsys_lck_grp_attr);
205
206 psx_shm_subsys_lck_attr = lck_attr_alloc_init();
207 lck_mtx_init(& psx_shm_subsys_mutex, psx_shm_subsys_lck_grp, psx_shm_subsys_lck_attr);
208 }
209
210 /*
211 * Lookup an entry in the cache
212 *
213 *
214 * status of -1 is returned if matches
215 * If the lookup determines that the name does not exist
216 * (negative cacheing), a status of ENOENT is returned. If the lookup
217 * fails, a status of zero is returned.
218 */
219
220 static int
221 pshm_cache_search(struct pshminfo **pshmp, struct pshmname *pnp,
222 struct pshmcache **pcache)
223 {
224 struct pshmcache *pcp, *nnp;
225 struct pshmhashhead *pcpp;
226
227 if (pnp->pshm_namelen > PSHMNAMLEN) {
228 pshmstats.longnames++;
229 return (0);
230 }
231
232 pcpp = PSHMHASH(pnp);
233 for (pcp = pcpp->lh_first; pcp != 0; pcp = nnp) {
234 nnp = pcp->pshm_hash.le_next;
235 if (pcp->pshm_nlen == pnp->pshm_namelen &&
236 !bcmp(pcp->pshm_name, pnp->pshm_nameptr, (u_int)pcp-> pshm_nlen))
237 break;
238 }
239
240 if (pcp == 0) {
241 pshmstats.miss++;
242 return (0);
243 }
244
245 /* We found a "positive" match, return the vnode */
246 if (pcp->pshminfo) {
247 pshmstats.goodhits++;
248 /* TOUCH(ncp); */
249 *pshmp = pcp->pshminfo;
250 *pcache = pcp;
251 return (-1);
252 }
253
254 /*
255 * We found a "negative" match, ENOENT notifies client of this match.
256 * The nc_vpid field records whether this is a whiteout.
257 */
258 pshmstats.neghits++;
259 return (ENOENT);
260 }
261
262 /*
263 * Add an entry to the cache.
264 * XXX should be static?
265 */
266 static int
267 pshm_cache_add(struct pshminfo *pshmp, struct pshmname *pnp, struct pshmcache *pcp)
268 {
269 struct pshmhashhead *pcpp;
270 struct pshminfo *dpinfo;
271 struct pshmcache *dpcp;
272
273 #if DIAGNOSTIC
274 if (pnp->pshm_namelen > NCHNAMLEN)
275 panic("cache_enter: name too long");
276 #endif
277
278
279 /* if the entry has already been added by some one else return */
280 if (pshm_cache_search(&dpinfo, pnp, &dpcp) == -1) {
281 return(EEXIST);
282 }
283 pshmnument++;
284
285 /*
286 * Fill in cache info, if vp is NULL this is a "negative" cache entry.
287 * For negative entries, we have to record whether it is a whiteout.
288 * the whiteout flag is stored in the nc_vpid field which is
289 * otherwise unused.
290 */
291 pcp->pshminfo = pshmp;
292 pcp->pshm_nlen = pnp->pshm_namelen;
293 bcopy(pnp->pshm_nameptr, pcp->pshm_name, (unsigned)pcp->pshm_nlen);
294 pcpp = PSHMHASH(pnp);
295 #if DIAGNOSTIC
296 {
297 struct pshmcache *p;
298
299 for (p = pcpp->lh_first; p != 0; p = p->pshm_hash.le_next)
300 if (p == pcp)
301 panic("cache_enter: duplicate");
302 }
303 #endif
304 LIST_INSERT_HEAD(pcpp, pcp, pshm_hash);
305 return(0);
306 }
307
308 /*
309 * Name cache initialization, from vfs_init() when we are booting
310 */
311 void
312 pshm_cache_init(void)
313 {
314 pshmhashtbl = hashinit(desiredvnodes, M_SHM, &pshmhash);
315 }
316
317 #if NOT_USED
318 /*
319 * Invalidate a all entries to particular vnode.
320 *
321 * We actually just increment the v_id, that will do it. The entries will
322 * be purged by lookup as they get found. If the v_id wraps around, we
323 * need to ditch the entire cache, to avoid confusion. No valid vnode will
324 * ever have (v_id == 0).
325 */
326 static void
327 pshm_cache_purge(void)
328 {
329 struct pshmcache *pcp;
330 struct pshmhashhead *pcpp;
331
332 for (pcpp = &pshmhashtbl[pshmhash]; pcpp >= pshmhashtbl; pcpp--) {
333 while ( (pcp = pcpp->lh_first) )
334 pshm_cache_delete(pcp);
335 }
336 }
337 #endif /* NOT_USED */
338
339 static void
340 pshm_cache_delete(struct pshmcache *pcp)
341 {
342 #if DIAGNOSTIC
343 if (pcp->pshm_hash.le_prev == 0)
344 panic("namecache purge le_prev");
345 if (pcp->pshm_hash.le_next == pcp)
346 panic("namecache purge le_next");
347 #endif /* DIAGNOSTIC */
348 LIST_REMOVE(pcp, pshm_hash);
349 pcp->pshm_hash.le_prev = 0;
350 pshmnument--;
351 }
352
353
354 int
355 shm_open(struct proc *p, struct shm_open_args *uap, register_t *retval)
356 {
357 struct fileproc *fp;
358 size_t i;
359 struct fileproc *nfp;
360 int indx, error;
361 struct pshmname nd;
362 struct pshminfo *pinfo;
363 char * pnbuf;
364 char * nameptr;
365 char * cp;
366 size_t pathlen, plen;
367 int fmode ;
368 int cmode = uap->mode;
369 int incache = 0;
370 struct pshmnode * pnode = PSHMNODE_NULL;
371 struct pshmcache * pcache = PSHMCACHE_NULL;
372 struct pshmcache *pcp;
373 int pinfo_alloc=0;
374
375 AUDIT_ARG(fflags, uap->oflag);
376 AUDIT_ARG(mode, uap->mode);
377
378 pinfo = PSHMINFO_NULL;
379
380 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
381 if (pnbuf == NULL) {
382 return(ENOSPC);
383 }
384
385 pathlen = MAXPATHLEN;
386 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
387 if (error) {
388 goto bad;
389 }
390 AUDIT_ARG(text, pnbuf);
391 if (pathlen > PSHMNAMLEN) {
392 error = ENAMETOOLONG;
393 goto bad;
394 }
395
396
397 #ifdef PSXSHM_NAME_RESTRICT
398 nameptr = pnbuf;
399 if (*nameptr == '/') {
400 while (*(nameptr++) == '/') {
401 plen--;
402 error = EINVAL;
403 goto bad;
404 }
405 } else {
406 error = EINVAL;
407 goto bad;
408 }
409 #endif /* PSXSHM_NAME_RESTRICT */
410
411 plen = pathlen;
412 nameptr = pnbuf;
413 nd.pshm_nameptr = nameptr;
414 nd.pshm_namelen = plen;
415 nd. pshm_hash =0;
416
417 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
418 nd.pshm_hash += (unsigned char)*cp * i;
419 }
420
421 #if KTRACE
422 if (KTRPOINT(p, KTR_NAMEI))
423 ktrnamei(p->p_tracep, nameptr);
424 #endif
425
426 PSHM_SUBSYS_LOCK();
427 error = pshm_cache_search(&pinfo, &nd, &pcache);
428
429 if (error == ENOENT) {
430 PSHM_SUBSYS_UNLOCK();
431 error = EINVAL;
432 goto bad;
433
434 }
435 if (!error) {
436 incache = 0;
437 } else
438 incache = 1;
439 fmode = FFLAGS(uap->oflag);
440 if ((fmode & (FREAD | FWRITE))==0) {
441 PSHM_SUBSYS_UNLOCK();
442 error = EINVAL;
443 goto bad;
444 }
445
446 /*
447 * XXXXXXXXXX TBD XXXXXXXXXX
448 * There is a race that existed with the funnels as well.
449 * Need to be fixed later
450 */
451 PSHM_SUBSYS_UNLOCK();
452 error = falloc(p, &nfp, &indx);
453 if (error )
454 goto bad;
455 PSHM_SUBSYS_LOCK();
456
457 fp = nfp;
458
459 cmode &= ALLPERMS;
460
461 if (fmode & O_CREAT) {
462 if ((fmode & O_EXCL) && incache) {
463 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
464 pinfo->pshm_gid, pinfo->pshm_mode);
465
466 /* shm obj exists and opened O_EXCL */
467 #if notyet
468 if (pinfo->pshm_flags & PSHM_INDELETE) {
469 }
470 #endif
471 error = EEXIST;
472 PSHM_SUBSYS_UNLOCK();
473 goto bad1;
474 }
475 if (!incache) {
476 PSHM_SUBSYS_UNLOCK();
477 /* create a new one */
478 MALLOC(pinfo, struct pshminfo *, sizeof(struct pshminfo), M_SHM, M_WAITOK|M_ZERO);
479 if (pinfo == NULL) {
480 error = ENOSPC;
481 goto bad1;
482 }
483 PSHM_SUBSYS_LOCK();
484 pinfo_alloc = 1;
485 pinfo->pshm_flags = PSHM_DEFINED | PSHM_INCREATE;
486 pinfo->pshm_usecount = 1; /* existence reference */
487 pinfo->pshm_mode = cmode;
488 pinfo->pshm_uid = kauth_cred_getuid(kauth_cred_get());
489 pinfo->pshm_gid = kauth_cred_get()->cr_gid;
490 bcopy(pnbuf, &pinfo->pshm_name[0], PSHMNAMLEN);
491 pinfo->pshm_name[PSHMNAMLEN]=0;
492 } else {
493 /* already exists */
494 if( pinfo->pshm_flags & PSHM_INDELETE) {
495 PSHM_SUBSYS_UNLOCK();
496 error = ENOENT;
497 goto bad1;
498 }
499 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid,
500 pinfo->pshm_gid, pinfo->pshm_mode);
501 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
502 PSHM_SUBSYS_UNLOCK();
503 goto bad1;
504 }
505 }
506 } else {
507 if (!incache) {
508 /* O_CREAT is not set and the shm obecj does not exist */
509 PSHM_SUBSYS_UNLOCK();
510 error = ENOENT;
511 goto bad1;
512 }
513 if( pinfo->pshm_flags & PSHM_INDELETE) {
514 PSHM_SUBSYS_UNLOCK();
515 error = ENOENT;
516 goto bad1;
517 }
518 if ( (error = pshm_access(pinfo, fmode, kauth_cred_get(), p)) ) {
519 PSHM_SUBSYS_UNLOCK();
520 goto bad1;
521 }
522 }
523 if (fmode & O_TRUNC) {
524 PSHM_SUBSYS_UNLOCK();
525 error = EINVAL;
526 goto bad2;
527 }
528 #if DIAGNOSTIC
529 if (fmode & FWRITE)
530 pinfo->pshm_writecount++;
531 if (fmode & FREAD)
532 pinfo->pshm_readcount++;
533 #endif
534 PSHM_SUBSYS_UNLOCK();
535 MALLOC(pnode, struct pshmnode *, sizeof(struct pshmnode), M_SHM, M_WAITOK|M_ZERO);
536 if (pnode == NULL) {
537 error = ENOSPC;
538 goto bad2;
539 }
540 if (!incache) {
541 /*
542 * We allocate a new entry if we are less than the maximum
543 * allowed and the one at the front of the LRU list is in use.
544 * Otherwise we use the one at the front of the LRU list.
545 */
546 MALLOC(pcp, struct pshmcache *, sizeof(struct pshmcache), M_SHM, M_WAITOK|M_ZERO);
547 if (pcp == NULL) {
548 error = ENOSPC;
549 goto bad2;
550 }
551
552 }
553 PSHM_SUBSYS_LOCK();
554
555 if (!incache) {
556 if ( (error = pshm_cache_add(pinfo, &nd, pcp)) ) {
557 PSHM_SUBSYS_UNLOCK();
558 FREE(pcp, M_SHM);
559 goto bad3;
560 }
561 }
562 pinfo->pshm_flags &= ~PSHM_INCREATE;
563 pinfo->pshm_usecount++; /* extra reference for the new fd */
564 pnode->pinfo = pinfo;
565
566 PSHM_SUBSYS_UNLOCK();
567 proc_fdlock(p);
568 fp->f_flag = fmode & FMASK;
569 fp->f_type = DTYPE_PSXSHM;
570 fp->f_ops = &pshmops;
571 fp->f_data = (caddr_t)pnode;
572 *fdflags(p, indx) &= ~UF_RESERVED;
573 fp_drop(p, indx, fp, 1);
574 proc_fdunlock(p);
575
576 *retval = indx;
577 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
578 return (0);
579 bad3:
580 FREE(pnode, M_SHM);
581
582 bad2:
583 if (pinfo_alloc)
584 FREE(pinfo, M_SHM);
585 bad1:
586 fp_free(p, indx, fp);
587 bad:
588 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
589 return (error);
590 }
591
592
593 int
594 pshm_truncate(__unused struct proc *p, struct fileproc *fp, __unused int fd,
595 off_t length, __unused register_t *retval)
596 {
597 struct pshminfo * pinfo;
598 struct pshmnode * pnode ;
599 kern_return_t kret;
600 mach_vm_offset_t user_addr;
601 mem_entry_name_port_t mem_object;
602 mach_vm_size_t size;
603
604 if (fp->f_type != DTYPE_PSXSHM) {
605 return(EINVAL);
606 }
607
608
609 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
610 return(EINVAL);
611
612 PSHM_SUBSYS_LOCK();
613 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
614 PSHM_SUBSYS_UNLOCK();
615 return(EINVAL);
616 }
617 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))
618 != PSHM_DEFINED) {
619 PSHM_SUBSYS_UNLOCK();
620 return(EINVAL);
621 }
622
623 PSHM_SUBSYS_UNLOCK();
624 size = round_page_64(length);
625 kret = mach_vm_allocate(current_map(), &user_addr, size, VM_FLAGS_ANYWHERE);
626 if (kret != KERN_SUCCESS)
627 goto out;
628
629 kret = mach_make_memory_entry_64 (current_map(), &size,
630 user_addr, VM_PROT_DEFAULT, &mem_object, 0);
631
632 if (kret != KERN_SUCCESS)
633 goto out;
634
635 mach_vm_deallocate(current_map(), user_addr, size);
636
637 PSHM_SUBSYS_LOCK();
638 pinfo->pshm_flags &= ~PSHM_DEFINED;
639 pinfo->pshm_flags = PSHM_ALLOCATED;
640 pinfo->pshm_memobject = (void *)mem_object;
641 pinfo->pshm_length = size;
642 PSHM_SUBSYS_UNLOCK();
643 return(0);
644
645 out:
646 switch (kret) {
647 case KERN_INVALID_ADDRESS:
648 case KERN_NO_SPACE:
649 return (ENOMEM);
650 case KERN_PROTECTION_FAILURE:
651 return (EACCES);
652 default:
653 return (EINVAL);
654
655 }
656 }
657
658 int
659 pshm_stat(struct pshmnode *pnode, struct stat *sb)
660 {
661 struct pshminfo *pinfo;
662
663 PSHM_SUBSYS_LOCK();
664 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL){
665 PSHM_SUBSYS_UNLOCK();
666 return(EINVAL);
667 }
668
669 bzero(sb, sizeof(struct stat));
670 sb->st_mode = pinfo->pshm_mode;
671 sb->st_uid = pinfo->pshm_uid;
672 sb->st_gid = pinfo->pshm_gid;
673 sb->st_size = pinfo->pshm_length;
674 PSHM_SUBSYS_UNLOCK();
675
676 return(0);
677 }
678
679 /*
680 * This is called only from shm_open which holds pshm_lock();
681 * XXX This code is repeated many times
682 */
683 int
684 pshm_access(struct pshminfo *pinfo, int mode, kauth_cred_t cred, __unused struct proc *p)
685 {
686 mode_t mask;
687 int is_member;
688
689 /* Otherwise, user id 0 always gets access. */
690 if (!suser(cred, NULL))
691 return (0);
692
693 mask = 0;
694
695 /* Otherwise, check the owner. */
696 if (kauth_cred_getuid(cred) == pinfo->pshm_uid) {
697 if (mode & FREAD)
698 mask |= S_IRUSR;
699 if (mode & FWRITE)
700 mask |= S_IWUSR;
701 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
702 }
703
704 /* Otherwise, check the groups. */
705 if (kauth_cred_ismember_gid(cred, pinfo->pshm_gid, &is_member) == 0 && is_member) {
706 if (mode & FREAD)
707 mask |= S_IRGRP;
708 if (mode & FWRITE)
709 mask |= S_IWGRP;
710 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
711 }
712
713 /* Otherwise, check everyone else. */
714 if (mode & FREAD)
715 mask |= S_IROTH;
716 if (mode & FWRITE)
717 mask |= S_IWOTH;
718 return ((pinfo->pshm_mode & mask) == mask ? 0 : EACCES);
719 }
720
721 int
722 pshm_mmap(struct proc *p, struct mmap_args *uap, user_addr_t *retval, struct fileproc *fp, off_t pageoff)
723 {
724 mach_vm_offset_t user_addr = (mach_vm_offset_t)uap->addr;
725 mach_vm_size_t user_size = (mach_vm_size_t)uap->len ;
726 int prot = uap->prot;
727 int flags = uap->flags;
728 vm_object_offset_t file_pos = (vm_object_offset_t)uap->pos;
729 int fd = uap->fd;
730 vm_map_t user_map;
731 int alloc_flags;
732 boolean_t docow;
733 kern_return_t kret;
734 struct pshminfo * pinfo;
735 struct pshmnode * pnode;
736 void * mem_object;
737
738 if (user_size == 0)
739 return(0);
740
741 if ((flags & MAP_SHARED) == 0)
742 return(EINVAL);
743
744
745 if ((prot & PROT_WRITE) && ((fp->f_flag & FWRITE) == 0)) {
746 return(EPERM);
747 }
748
749 if (((pnode = (struct pshmnode *)fp->f_data)) == PSHMNODE_NULL )
750 return(EINVAL);
751
752 PSHM_SUBSYS_LOCK();
753 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL) {
754 PSHM_SUBSYS_UNLOCK();
755 return(EINVAL);
756 }
757
758 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
759 PSHM_SUBSYS_UNLOCK();
760 return(EINVAL);
761 }
762 if ((off_t)user_size > pinfo->pshm_length) {
763 PSHM_SUBSYS_UNLOCK();
764 return(EINVAL);
765 }
766 if ((off_t)(user_size + file_pos) > pinfo->pshm_length) {
767 PSHM_SUBSYS_UNLOCK();
768 return(EINVAL);
769 }
770 if ((mem_object = pinfo->pshm_memobject) == NULL) {
771 PSHM_SUBSYS_UNLOCK();
772 return(EINVAL);
773 }
774
775
776 PSHM_SUBSYS_UNLOCK();
777 user_map = current_map();
778
779 if ((flags & MAP_FIXED) == 0) {
780 alloc_flags = VM_FLAGS_ANYWHERE;
781 user_addr = mach_vm_round_page(user_addr);
782 } else {
783 if (user_addr != mach_vm_trunc_page(user_addr))
784 return (EINVAL);
785 /*
786 * We do not get rid of the existing mappings here because
787 * it wouldn't be atomic (see comment in mmap()). We let
788 * Mach VM know that we want it to replace any existing
789 * mapping with the new one.
790 */
791 alloc_flags = VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE;
792 }
793 docow = FALSE;
794
795 kret = mach_vm_map(user_map, &user_addr, user_size,
796 0, alloc_flags, pinfo->pshm_memobject, file_pos, docow,
797 prot, VM_PROT_DEFAULT,
798 VM_INHERIT_SHARE);
799 if (kret != KERN_SUCCESS)
800 goto out;
801 /* LP64todo - this should be superfluous at this point */
802 kret = mach_vm_inherit(user_map, user_addr, user_size,
803 VM_INHERIT_SHARE);
804 if (kret != KERN_SUCCESS) {
805 (void) mach_vm_deallocate(user_map, user_addr, user_size);
806 goto out;
807 }
808 PSHM_SUBSYS_LOCK();
809 pnode->mapp_addr = user_addr;
810 pnode->map_size = user_size;
811 pinfo->pshm_flags |= (PSHM_MAPPED | PSHM_INUSE);
812 PSHM_SUBSYS_UNLOCK();
813 out:
814 switch (kret) {
815 case KERN_SUCCESS:
816 *retval = (user_addr + pageoff);
817 return (0);
818 case KERN_INVALID_ADDRESS:
819 case KERN_NO_SPACE:
820 return (ENOMEM);
821 case KERN_PROTECTION_FAILURE:
822 return (EACCES);
823 default:
824 return (EINVAL);
825 }
826
827 }
828
829 int
830 shm_unlink(__unused struct proc *p, struct shm_unlink_args *uap,
831 __unused register_t *retval)
832 {
833 size_t i;
834 int error=0;
835 struct pshmname nd;
836 struct pshminfo *pinfo;
837 char * pnbuf;
838 char * nameptr;
839 char * cp;
840 size_t pathlen, plen;
841 int incache = 0;
842 struct pshmcache *pcache = PSHMCACHE_NULL;
843
844 pinfo = PSHMINFO_NULL;
845
846 MALLOC_ZONE(pnbuf, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
847 if (pnbuf == NULL) {
848 return(ENOSPC); /* XXX non-standard */
849 }
850 pathlen = MAXPATHLEN;
851 error = copyinstr(uap->name, (void *)pnbuf, MAXPATHLEN, &pathlen);
852 if (error) {
853 goto bad;
854 }
855 AUDIT_ARG(text, pnbuf);
856 if (pathlen > PSHMNAMLEN) {
857 error = ENAMETOOLONG;
858 goto bad;
859 }
860
861
862 #ifdef PSXSHM_NAME_RESTRICT
863 nameptr = pnbuf;
864 if (*nameptr == '/') {
865 while (*(nameptr++) == '/') {
866 plen--;
867 error = EINVAL;
868 goto bad;
869 }
870 } else {
871 error = EINVAL;
872 goto bad;
873 }
874 #endif /* PSXSHM_NAME_RESTRICT */
875
876 plen = pathlen;
877 nameptr = pnbuf;
878 nd.pshm_nameptr = nameptr;
879 nd.pshm_namelen = plen;
880 nd. pshm_hash =0;
881
882 for (cp = nameptr, i=1; *cp != 0 && i <= plen; i++, cp++) {
883 nd.pshm_hash += (unsigned char)*cp * i;
884 }
885
886 PSHM_SUBSYS_LOCK();
887 error = pshm_cache_search(&pinfo, &nd, &pcache);
888
889 if (error == ENOENT) {
890 PSHM_SUBSYS_UNLOCK();
891 error = EINVAL;
892 goto bad;
893
894 }
895 if (!error) {
896 PSHM_SUBSYS_UNLOCK();
897 error = EINVAL;
898 goto bad;
899 } else
900 incache = 1;
901
902 if ((pinfo->pshm_flags & (PSHM_DEFINED | PSHM_ALLOCATED))==0) {
903 PSHM_SUBSYS_UNLOCK();
904 return (EINVAL);
905 }
906
907 if (pinfo->pshm_flags & PSHM_INDELETE) {
908 PSHM_SUBSYS_UNLOCK();
909 error = 0;
910 goto bad;
911 }
912
913 AUDIT_ARG(posix_ipc_perm, pinfo->pshm_uid, pinfo->pshm_gid,
914 pinfo->pshm_mode);
915
916 /*
917 * JMM - How should permissions be checked?
918 */
919
920 pinfo->pshm_flags |= PSHM_INDELETE;
921 pshm_cache_delete(pcache);
922 pinfo->pshm_flags |= PSHM_REMOVED;
923 /* release the existence reference */
924 if (!--pinfo->pshm_usecount) {
925 PSHM_SUBSYS_UNLOCK();
926 /*
927 * If this is the last reference going away on the object,
928 * then we need to destroy the backing object. The name
929 * has an implied but uncounted reference on the object,
930 * once it's created, since it's used as a rendesvous, and
931 * therefore may be subsequently reopened.
932 */
933 if (pinfo->pshm_memobject != NULL)
934 mach_memory_entry_port_release(pinfo->pshm_memobject);
935 PSHM_SUBSYS_LOCK();
936 FREE(pinfo,M_SHM);
937 }
938 PSHM_SUBSYS_UNLOCK();
939 FREE(pcache, M_SHM);
940 error = 0;
941 bad:
942 FREE_ZONE(pnbuf, MAXPATHLEN, M_NAMEI);
943 return (error);
944 }
945
946 /* already called locked */
947 static int
948 pshm_close(struct pshmnode *pnode)
949 {
950 int error=0;
951 struct pshminfo *pinfo;
952
953 if ((pinfo = pnode->pinfo) == PSHMINFO_NULL)
954 return(EINVAL);
955
956 if ((pinfo->pshm_flags & PSHM_ALLOCATED) != PSHM_ALLOCATED) {
957 return(EINVAL);
958 }
959 #if DIAGNOSTIC
960 if(!pinfo->pshm_usecount) {
961 kprintf("negative usecount in pshm_close\n");
962 }
963 #endif /* DIAGNOSTIC */
964 pinfo->pshm_usecount--; /* release this fd's reference */
965
966 if ((pinfo->pshm_flags & PSHM_REMOVED) && !pinfo->pshm_usecount) {
967 PSHM_SUBSYS_UNLOCK();
968 /*
969 * If this is the last reference going away on the object,
970 * then we need to destroy the backing object.
971 */
972 if (pinfo->pshm_memobject != NULL)
973 mach_memory_entry_port_release(pinfo->pshm_memobject);
974 PSHM_SUBSYS_LOCK();
975 FREE(pinfo,M_SHM);
976 }
977 FREE(pnode, M_SHM);
978 return (error);
979 }
980
981 /* struct proc passed to match prototype for struct fileops */
982 static int
983 pshm_closefile(struct fileglob *fg, __unused struct proc *p)
984 {
985 int error;
986
987 PSHM_SUBSYS_LOCK();
988 error = pshm_close(((struct pshmnode *)fg->fg_data));
989 PSHM_SUBSYS_UNLOCK();
990 return(error);
991 }
992
993 static int
994 pshm_read(__unused struct fileproc *fp, __unused struct uio *uio,
995 __unused kauth_cred_t cred, __unused int flags,
996 __unused struct proc *p)
997 {
998 return(ENOTSUP);
999 }
1000
1001 static int
1002 pshm_write(__unused struct fileproc *fp, __unused struct uio *uio,
1003 __unused kauth_cred_t cred, __unused int flags,
1004 __unused struct proc *p)
1005 {
1006 return(ENOTSUP);
1007 }
1008
1009 static int
1010 pshm_ioctl(__unused struct fileproc *fp, __unused u_long com,
1011 __unused caddr_t data, __unused struct proc *p)
1012 {
1013 return(ENOTSUP);
1014 }
1015
1016 static int
1017 pshm_select(__unused struct fileproc *fp, __unused int which, __unused void *wql,
1018 __unused struct proc *p)
1019 {
1020 return(ENOTSUP);
1021 }
1022
1023 static int
1024 pshm_kqfilter(__unused struct fileproc *fp, __unused struct knote *kn,
1025 __unused struct proc *p)
1026 {
1027 return(ENOTSUP);
1028 }
1029
1030 int
1031 fill_pshminfo(struct pshmnode * pshm, struct pshm_info * info)
1032 {
1033 struct pshminfo *pinfo;
1034 struct stat *sb;
1035
1036 PSHM_SUBSYS_LOCK();
1037 if ((pinfo = pshm->pinfo) == PSHMINFO_NULL){
1038 PSHM_SUBSYS_UNLOCK();
1039 return(EINVAL);
1040 }
1041
1042 sb = &info->pshm_stat;
1043
1044 bzero(sb, sizeof(struct stat));
1045 sb->st_mode = pinfo->pshm_mode;
1046 sb->st_uid = pinfo->pshm_uid;
1047 sb->st_gid = pinfo->pshm_gid;
1048 sb->st_size = pinfo->pshm_length;
1049
1050 info->pshm_mappaddr = pshm->mapp_addr;
1051 bcopy(&pinfo->pshm_name[0], &info->pshm_name[0], PSHMNAMLEN+1);
1052
1053 PSHM_SUBSYS_UNLOCK();
1054 return(0);
1055 }
1056
1057
mirror of XNU