sysv_shm.c revision 209580
1/* $NetBSD: sysv_shm.c,v 1.23 1994/07/04 23:25:12 glass Exp $ */ 2/*- 3 * Copyright (c) 1994 Adam Glass and Charles Hannum. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by Adam Glass and Charles 16 * Hannum. 17 * 4. The names of the authors may not be used to endorse or promote products 18 * derived from this software without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR 21 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 22 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 23 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 25 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 29 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 */ 31/*- 32 * Copyright (c) 2003-2005 McAfee, Inc. 33 * All rights reserved. 34 * 35 * This software was developed for the FreeBSD Project in part by McAfee 36 * Research, the Security Research Division of McAfee, Inc under DARPA/SPAWAR 37 * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research 38 * program. 39 * 40 * Redistribution and use in source and binary forms, with or without 41 * modification, are permitted provided that the following conditions 42 * are met: 43 * 1. Redistributions of source code must retain the above copyright 44 * notice, this list of conditions and the following disclaimer. 45 * 2. Redistributions in binary form must reproduce the above copyright 46 * notice, this list of conditions and the following disclaimer in the 47 * documentation and/or other materials provided with the distribution. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 */ 61 62#include <sys/cdefs.h> 63__FBSDID("$FreeBSD: head/sys/kern/sysv_shm.c 209580 2010-06-28 18:12:42Z kib $"); 64 65#include "opt_compat.h" 66#include "opt_sysvipc.h" 67 68#include <sys/param.h> 69#include <sys/systm.h> 70#include <sys/kernel.h> 71#include <sys/limits.h> 72#include <sys/lock.h> 73#include <sys/sysctl.h> 74#include <sys/shm.h> 75#include <sys/proc.h> 76#include <sys/malloc.h> 77#include <sys/mman.h> 78#include <sys/module.h> 79#include <sys/mutex.h> 80#include <sys/resourcevar.h> 81#include <sys/stat.h> 82#include <sys/syscall.h> 83#include <sys/syscallsubr.h> 84#include <sys/sysent.h> 85#include <sys/sysproto.h> 86#include <sys/jail.h> 87 88#include <security/mac/mac_framework.h> 89 90#include <vm/vm.h> 91#include <vm/vm_param.h> 92#include <vm/pmap.h> 93#include <vm/vm_object.h> 94#include <vm/vm_map.h> 95#include <vm/vm_page.h> 96#include <vm/vm_pager.h> 97 98static MALLOC_DEFINE(M_SHM, "shm", "SVID compatible shared memory segments"); 99 100static int shmget_allocate_segment(struct thread *td, 101 struct shmget_args *uap, int mode); 102static int shmget_existing(struct thread *td, struct shmget_args *uap, 103 int mode, int segnum); 104 105#define SHMSEG_FREE 0x0200 106#define SHMSEG_REMOVED 0x0400 107#define SHMSEG_ALLOCATED 0x0800 108#define SHMSEG_WANTED 0x1000 109 110static int shm_last_free, shm_nused, shmalloced; 111vm_size_t shm_committed; 112static struct shmid_kernel *shmsegs; 113 114struct shmmap_state { 115 vm_offset_t va; 116 int shmid; 117}; 118 119static void shm_deallocate_segment(struct shmid_kernel *); 120static int shm_find_segment_by_key(key_t); 121static struct shmid_kernel *shm_find_segment_by_shmid(int); 122static struct shmid_kernel *shm_find_segment_by_shmidx(int); 123static int shm_delete_mapping(struct vmspace *vm, struct shmmap_state *); 124static void shmrealloc(void); 125static int shminit(void); 126static int sysvshm_modload(struct module *, int, void *); 127static int shmunload(void); 128static void shmexit_myhook(struct vmspace *vm); 129static void shmfork_myhook(struct proc *p1, struct proc *p2); 130static int sysctl_shmsegs(SYSCTL_HANDLER_ARGS); 131 132/* 133 * Tuneable values. 134 */ 135#ifndef SHMMAXPGS 136#define SHMMAXPGS 131072 /* Note: sysv shared memory is swap backed. */ 137#endif 138#ifndef SHMMAX 139#define SHMMAX (SHMMAXPGS*PAGE_SIZE) 140#endif 141#ifndef SHMMIN 142#define SHMMIN 1 143#endif 144#ifndef SHMMNI 145#define SHMMNI 192 146#endif 147#ifndef SHMSEG 148#define SHMSEG 128 149#endif 150#ifndef SHMALL 151#define SHMALL (SHMMAXPGS) 152#endif 153 154struct shminfo shminfo = { 155 SHMMAX, 156 SHMMIN, 157 SHMMNI, 158 SHMSEG, 159 SHMALL 160}; 161 162static int shm_use_phys; 163static int shm_allow_removed; 164 165SYSCTL_ULONG(_kern_ipc, OID_AUTO, shmmax, CTLFLAG_RW, &shminfo.shmmax, 0, 166 "Maximum shared memory segment size"); 167SYSCTL_ULONG(_kern_ipc, OID_AUTO, shmmin, CTLFLAG_RW, &shminfo.shmmin, 0, 168 "Minimum shared memory segment size"); 169SYSCTL_ULONG(_kern_ipc, OID_AUTO, shmmni, CTLFLAG_RDTUN, &shminfo.shmmni, 0, 170 "Number of shared memory identifiers"); 171SYSCTL_ULONG(_kern_ipc, OID_AUTO, shmseg, CTLFLAG_RDTUN, &shminfo.shmseg, 0, 172 "Number of segments per process"); 173SYSCTL_ULONG(_kern_ipc, OID_AUTO, shmall, CTLFLAG_RW, &shminfo.shmall, 0, 174 "Maximum number of pages available for shared memory"); 175SYSCTL_INT(_kern_ipc, OID_AUTO, shm_use_phys, CTLFLAG_RW, 176 &shm_use_phys, 0, "Enable/Disable locking of shared memory pages in core"); 177SYSCTL_INT(_kern_ipc, OID_AUTO, shm_allow_removed, CTLFLAG_RW, 178 &shm_allow_removed, 0, 179 "Enable/Disable attachment to attached segments marked for removal"); 180SYSCTL_PROC(_kern_ipc, OID_AUTO, shmsegs, CTLFLAG_RD, 181 NULL, 0, sysctl_shmsegs, "", 182 "Current number of shared memory segments allocated"); 183 184static int 185shm_find_segment_by_key(key) 186 key_t key; 187{ 188 int i; 189 190 for (i = 0; i < shmalloced; i++) 191 if ((shmsegs[i].u.shm_perm.mode & SHMSEG_ALLOCATED) && 192 shmsegs[i].u.shm_perm.key == key) 193 return (i); 194 return (-1); 195} 196 197static struct shmid_kernel * 198shm_find_segment_by_shmid(int shmid) 199{ 200 int segnum; 201 struct shmid_kernel *shmseg; 202 203 segnum = IPCID_TO_IX(shmid); 204 if (segnum < 0 || segnum >= shmalloced) 205 return (NULL); 206 shmseg = &shmsegs[segnum]; 207 if ((shmseg->u.shm_perm.mode & SHMSEG_ALLOCATED) == 0 || 208 (!shm_allow_removed && 209 (shmseg->u.shm_perm.mode & SHMSEG_REMOVED) != 0) || 210 shmseg->u.shm_perm.seq != IPCID_TO_SEQ(shmid)) 211 return (NULL); 212 return (shmseg); 213} 214 215static struct shmid_kernel * 216shm_find_segment_by_shmidx(int segnum) 217{ 218 struct shmid_kernel *shmseg; 219 220 if (segnum < 0 || segnum >= shmalloced) 221 return (NULL); 222 shmseg = &shmsegs[segnum]; 223 if ((shmseg->u.shm_perm.mode & SHMSEG_ALLOCATED) == 0 || 224 (!shm_allow_removed && 225 (shmseg->u.shm_perm.mode & SHMSEG_REMOVED) != 0)) 226 return (NULL); 227 return (shmseg); 228} 229 230static void 231shm_deallocate_segment(shmseg) 232 struct shmid_kernel *shmseg; 233{ 234 vm_size_t size; 235 236 GIANT_REQUIRED; 237 238 vm_object_deallocate(shmseg->object); 239 shmseg->object = NULL; 240 size = round_page(shmseg->u.shm_segsz); 241 shm_committed -= btoc(size); 242 shm_nused--; 243 shmseg->u.shm_perm.mode = SHMSEG_FREE; 244#ifdef MAC 245 mac_sysvshm_cleanup(shmseg); 246#endif 247} 248 249static int 250shm_delete_mapping(struct vmspace *vm, struct shmmap_state *shmmap_s) 251{ 252 struct shmid_kernel *shmseg; 253 int segnum, result; 254 vm_size_t size; 255 256 GIANT_REQUIRED; 257 258 segnum = IPCID_TO_IX(shmmap_s->shmid); 259 shmseg = &shmsegs[segnum]; 260 size = round_page(shmseg->u.shm_segsz); 261 result = vm_map_remove(&vm->vm_map, shmmap_s->va, shmmap_s->va + size); 262 if (result != KERN_SUCCESS) 263 return (EINVAL); 264 shmmap_s->shmid = -1; 265 shmseg->u.shm_dtime = time_second; 266 if ((--shmseg->u.shm_nattch <= 0) && 267 (shmseg->u.shm_perm.mode & SHMSEG_REMOVED)) { 268 shm_deallocate_segment(shmseg); 269 shm_last_free = segnum; 270 } 271 return (0); 272} 273 274#ifndef _SYS_SYSPROTO_H_ 275struct shmdt_args { 276 const void *shmaddr; 277}; 278#endif 279int 280shmdt(td, uap) 281 struct thread *td; 282 struct shmdt_args *uap; 283{ 284 struct proc *p = td->td_proc; 285 struct shmmap_state *shmmap_s; 286#ifdef MAC 287 struct shmid_kernel *shmsegptr; 288#endif 289 int i; 290 int error = 0; 291 292 if (!prison_allow(td->td_ucred, PR_ALLOW_SYSVIPC)) 293 return (ENOSYS); 294 mtx_lock(&Giant); 295 shmmap_s = p->p_vmspace->vm_shm; 296 if (shmmap_s == NULL) { 297 error = EINVAL; 298 goto done2; 299 } 300 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) { 301 if (shmmap_s->shmid != -1 && 302 shmmap_s->va == (vm_offset_t)uap->shmaddr) { 303 break; 304 } 305 } 306 if (i == shminfo.shmseg) { 307 error = EINVAL; 308 goto done2; 309 } 310#ifdef MAC 311 shmsegptr = &shmsegs[IPCID_TO_IX(shmmap_s->shmid)]; 312 error = mac_sysvshm_check_shmdt(td->td_ucred, shmsegptr); 313 if (error != 0) 314 goto done2; 315#endif 316 error = shm_delete_mapping(p->p_vmspace, shmmap_s); 317done2: 318 mtx_unlock(&Giant); 319 return (error); 320} 321 322#ifndef _SYS_SYSPROTO_H_ 323struct shmat_args { 324 int shmid; 325 const void *shmaddr; 326 int shmflg; 327}; 328#endif 329int 330kern_shmat(td, shmid, shmaddr, shmflg) 331 struct thread *td; 332 int shmid; 333 const void *shmaddr; 334 int shmflg; 335{ 336 struct proc *p = td->td_proc; 337 int i, flags; 338 struct shmid_kernel *shmseg; 339 struct shmmap_state *shmmap_s = NULL; 340 vm_offset_t attach_va; 341 vm_prot_t prot; 342 vm_size_t size; 343 int rv; 344 int error = 0; 345 346 if (!prison_allow(td->td_ucred, PR_ALLOW_SYSVIPC)) 347 return (ENOSYS); 348 mtx_lock(&Giant); 349 shmmap_s = p->p_vmspace->vm_shm; 350 if (shmmap_s == NULL) { 351 shmmap_s = malloc(shminfo.shmseg * sizeof(struct shmmap_state), 352 M_SHM, M_WAITOK); 353 for (i = 0; i < shminfo.shmseg; i++) 354 shmmap_s[i].shmid = -1; 355 p->p_vmspace->vm_shm = shmmap_s; 356 } 357 shmseg = shm_find_segment_by_shmid(shmid); 358 if (shmseg == NULL) { 359 error = EINVAL; 360 goto done2; 361 } 362 error = ipcperm(td, &shmseg->u.shm_perm, 363 (shmflg & SHM_RDONLY) ? IPC_R : IPC_R|IPC_W); 364 if (error) 365 goto done2; 366#ifdef MAC 367 error = mac_sysvshm_check_shmat(td->td_ucred, shmseg, shmflg); 368 if (error != 0) 369 goto done2; 370#endif 371 for (i = 0; i < shminfo.shmseg; i++) { 372 if (shmmap_s->shmid == -1) 373 break; 374 shmmap_s++; 375 } 376 if (i >= shminfo.shmseg) { 377 error = EMFILE; 378 goto done2; 379 } 380 size = round_page(shmseg->u.shm_segsz); 381 prot = VM_PROT_READ; 382 if ((shmflg & SHM_RDONLY) == 0) 383 prot |= VM_PROT_WRITE; 384 flags = MAP_ANON | MAP_SHARED; 385 if (shmaddr) { 386 flags |= MAP_FIXED; 387 if (shmflg & SHM_RND) { 388 attach_va = (vm_offset_t)shmaddr & ~(SHMLBA-1); 389 } else if (((vm_offset_t)shmaddr & (SHMLBA-1)) == 0) { 390 attach_va = (vm_offset_t)shmaddr; 391 } else { 392 error = EINVAL; 393 goto done2; 394 } 395 } else { 396 /* 397 * This is just a hint to vm_map_find() about where to 398 * put it. 399 */ 400 PROC_LOCK(p); 401 attach_va = round_page((vm_offset_t)p->p_vmspace->vm_daddr + 402 lim_max(p, RLIMIT_DATA)); 403 PROC_UNLOCK(p); 404 } 405 406 vm_object_reference(shmseg->object); 407 rv = vm_map_find(&p->p_vmspace->vm_map, shmseg->object, 408 0, &attach_va, size, (flags & MAP_FIXED) ? VMFS_NO_SPACE : 409 VMFS_ANY_SPACE, prot, prot, 0); 410 if (rv != KERN_SUCCESS) { 411 vm_object_deallocate(shmseg->object); 412 error = ENOMEM; 413 goto done2; 414 } 415 vm_map_inherit(&p->p_vmspace->vm_map, 416 attach_va, attach_va + size, VM_INHERIT_SHARE); 417 418 shmmap_s->va = attach_va; 419 shmmap_s->shmid = shmid; 420 shmseg->u.shm_lpid = p->p_pid; 421 shmseg->u.shm_atime = time_second; 422 shmseg->u.shm_nattch++; 423 td->td_retval[0] = attach_va; 424done2: 425 mtx_unlock(&Giant); 426 return (error); 427} 428 429int 430shmat(td, uap) 431 struct thread *td; 432 struct shmat_args *uap; 433{ 434 return kern_shmat(td, uap->shmid, uap->shmaddr, uap->shmflg); 435} 436 437int 438kern_shmctl(td, shmid, cmd, buf, bufsz) 439 struct thread *td; 440 int shmid; 441 int cmd; 442 void *buf; 443 size_t *bufsz; 444{ 445 int error = 0; 446 struct shmid_kernel *shmseg; 447 448 if (!prison_allow(td->td_ucred, PR_ALLOW_SYSVIPC)) 449 return (ENOSYS); 450 451 mtx_lock(&Giant); 452 switch (cmd) { 453 /* 454 * It is possible that kern_shmctl is being called from the Linux ABI 455 * layer, in which case, we will need to implement IPC_INFO. It should 456 * be noted that other shmctl calls will be funneled through here for 457 * Linix binaries as well. 458 * 459 * NB: The Linux ABI layer will convert this data to structure(s) more 460 * consistent with the Linux ABI. 461 */ 462 case IPC_INFO: 463 memcpy(buf, &shminfo, sizeof(shminfo)); 464 if (bufsz) 465 *bufsz = sizeof(shminfo); 466 td->td_retval[0] = shmalloced; 467 goto done2; 468 case SHM_INFO: { 469 struct shm_info shm_info; 470 shm_info.used_ids = shm_nused; 471 shm_info.shm_rss = 0; /*XXX where to get from ? */ 472 shm_info.shm_tot = 0; /*XXX where to get from ? */ 473 shm_info.shm_swp = 0; /*XXX where to get from ? */ 474 shm_info.swap_attempts = 0; /*XXX where to get from ? */ 475 shm_info.swap_successes = 0; /*XXX where to get from ? */ 476 memcpy(buf, &shm_info, sizeof(shm_info)); 477 if (bufsz) 478 *bufsz = sizeof(shm_info); 479 td->td_retval[0] = shmalloced; 480 goto done2; 481 } 482 } 483 if (cmd == SHM_STAT) 484 shmseg = shm_find_segment_by_shmidx(shmid); 485 else 486 shmseg = shm_find_segment_by_shmid(shmid); 487 if (shmseg == NULL) { 488 error = EINVAL; 489 goto done2; 490 } 491#ifdef MAC 492 error = mac_sysvshm_check_shmctl(td->td_ucred, shmseg, cmd); 493 if (error != 0) 494 goto done2; 495#endif 496 switch (cmd) { 497 case SHM_STAT: 498 case IPC_STAT: 499 error = ipcperm(td, &shmseg->u.shm_perm, IPC_R); 500 if (error) 501 goto done2; 502 memcpy(buf, &shmseg->u, sizeof(struct shmid_ds)); 503 if (bufsz) 504 *bufsz = sizeof(struct shmid_ds); 505 if (cmd == SHM_STAT) 506 td->td_retval[0] = IXSEQ_TO_IPCID(shmid, shmseg->u.shm_perm); 507 break; 508 case IPC_SET: { 509 struct shmid_ds *shmid; 510 511 shmid = (struct shmid_ds *)buf; 512 error = ipcperm(td, &shmseg->u.shm_perm, IPC_M); 513 if (error) 514 goto done2; 515 shmseg->u.shm_perm.uid = shmid->shm_perm.uid; 516 shmseg->u.shm_perm.gid = shmid->shm_perm.gid; 517 shmseg->u.shm_perm.mode = 518 (shmseg->u.shm_perm.mode & ~ACCESSPERMS) | 519 (shmid->shm_perm.mode & ACCESSPERMS); 520 shmseg->u.shm_ctime = time_second; 521 break; 522 } 523 case IPC_RMID: 524 error = ipcperm(td, &shmseg->u.shm_perm, IPC_M); 525 if (error) 526 goto done2; 527 shmseg->u.shm_perm.key = IPC_PRIVATE; 528 shmseg->u.shm_perm.mode |= SHMSEG_REMOVED; 529 if (shmseg->u.shm_nattch <= 0) { 530 shm_deallocate_segment(shmseg); 531 shm_last_free = IPCID_TO_IX(shmid); 532 } 533 break; 534#if 0 535 case SHM_LOCK: 536 case SHM_UNLOCK: 537#endif 538 default: 539 error = EINVAL; 540 break; 541 } 542done2: 543 mtx_unlock(&Giant); 544 return (error); 545} 546 547#ifndef _SYS_SYSPROTO_H_ 548struct shmctl_args { 549 int shmid; 550 int cmd; 551 struct shmid_ds *buf; 552}; 553#endif 554int 555shmctl(td, uap) 556 struct thread *td; 557 struct shmctl_args *uap; 558{ 559 int error = 0; 560 struct shmid_ds buf; 561 size_t bufsz; 562 563 /* 564 * The only reason IPC_INFO, SHM_INFO, SHM_STAT exists is to support 565 * Linux binaries. If we see the call come through the FreeBSD ABI, 566 * return an error back to the user since we do not to support this. 567 */ 568 if (uap->cmd == IPC_INFO || uap->cmd == SHM_INFO || 569 uap->cmd == SHM_STAT) 570 return (EINVAL); 571 572 /* IPC_SET needs to copyin the buffer before calling kern_shmctl */ 573 if (uap->cmd == IPC_SET) { 574 if ((error = copyin(uap->buf, &buf, sizeof(struct shmid_ds)))) 575 goto done; 576 } 577 578 error = kern_shmctl(td, uap->shmid, uap->cmd, (void *)&buf, &bufsz); 579 if (error) 580 goto done; 581 582 /* Cases in which we need to copyout */ 583 switch (uap->cmd) { 584 case IPC_STAT: 585 error = copyout(&buf, uap->buf, bufsz); 586 break; 587 } 588 589done: 590 if (error) { 591 /* Invalidate the return value */ 592 td->td_retval[0] = -1; 593 } 594 return (error); 595} 596 597 598static int 599shmget_existing(td, uap, mode, segnum) 600 struct thread *td; 601 struct shmget_args *uap; 602 int mode; 603 int segnum; 604{ 605 struct shmid_kernel *shmseg; 606 int error; 607 608 shmseg = &shmsegs[segnum]; 609 if (shmseg->u.shm_perm.mode & SHMSEG_REMOVED) { 610 /* 611 * This segment is in the process of being allocated. Wait 612 * until it's done, and look the key up again (in case the 613 * allocation failed or it was freed). 614 */ 615 shmseg->u.shm_perm.mode |= SHMSEG_WANTED; 616 error = tsleep(shmseg, PLOCK | PCATCH, "shmget", 0); 617 if (error) 618 return (error); 619 return (EAGAIN); 620 } 621 if ((uap->shmflg & (IPC_CREAT | IPC_EXCL)) == (IPC_CREAT | IPC_EXCL)) 622 return (EEXIST); 623#ifdef MAC 624 error = mac_sysvshm_check_shmget(td->td_ucred, shmseg, uap->shmflg); 625 if (error != 0) 626 return (error); 627#endif 628 if (uap->size != 0 && uap->size > shmseg->u.shm_segsz) 629 return (EINVAL); 630 td->td_retval[0] = IXSEQ_TO_IPCID(segnum, shmseg->u.shm_perm); 631 return (0); 632} 633 634static int 635shmget_allocate_segment(td, uap, mode) 636 struct thread *td; 637 struct shmget_args *uap; 638 int mode; 639{ 640 int i, segnum, shmid; 641 size_t size; 642 struct ucred *cred = td->td_ucred; 643 struct shmid_kernel *shmseg; 644 vm_object_t shm_object; 645 646 GIANT_REQUIRED; 647 648 if (uap->size < shminfo.shmmin || uap->size > shminfo.shmmax) 649 return (EINVAL); 650 if (shm_nused >= shminfo.shmmni) /* Any shmids left? */ 651 return (ENOSPC); 652 size = round_page(uap->size); 653 if (shm_committed + btoc(size) > shminfo.shmall) 654 return (ENOMEM); 655 if (shm_last_free < 0) { 656 shmrealloc(); /* Maybe expand the shmsegs[] array. */ 657 for (i = 0; i < shmalloced; i++) 658 if (shmsegs[i].u.shm_perm.mode & SHMSEG_FREE) 659 break; 660 if (i == shmalloced) 661 return (ENOSPC); 662 segnum = i; 663 } else { 664 segnum = shm_last_free; 665 shm_last_free = -1; 666 } 667 shmseg = &shmsegs[segnum]; 668 /* 669 * In case we sleep in malloc(), mark the segment present but deleted 670 * so that noone else tries to create the same key. 671 */ 672 shmseg->u.shm_perm.mode = SHMSEG_ALLOCATED | SHMSEG_REMOVED; 673 shmseg->u.shm_perm.key = uap->key; 674 shmseg->u.shm_perm.seq = (shmseg->u.shm_perm.seq + 1) & 0x7fff; 675 shmid = IXSEQ_TO_IPCID(segnum, shmseg->u.shm_perm); 676 677 /* 678 * We make sure that we have allocated a pager before we need 679 * to. 680 */ 681 shm_object = vm_pager_allocate(shm_use_phys ? OBJT_PHYS : OBJT_SWAP, 682 0, size, VM_PROT_DEFAULT, 0, cred); 683 if (shm_object == NULL) 684 return (ENOMEM); 685 VM_OBJECT_LOCK(shm_object); 686 vm_object_clear_flag(shm_object, OBJ_ONEMAPPING); 687 vm_object_set_flag(shm_object, OBJ_NOSPLIT); 688 VM_OBJECT_UNLOCK(shm_object); 689 690 shmseg->object = shm_object; 691 shmseg->u.shm_perm.cuid = shmseg->u.shm_perm.uid = cred->cr_uid; 692 shmseg->u.shm_perm.cgid = shmseg->u.shm_perm.gid = cred->cr_gid; 693 shmseg->u.shm_perm.mode = (shmseg->u.shm_perm.mode & SHMSEG_WANTED) | 694 (mode & ACCESSPERMS) | SHMSEG_ALLOCATED; 695 shmseg->u.shm_segsz = uap->size; 696 shmseg->u.shm_cpid = td->td_proc->p_pid; 697 shmseg->u.shm_lpid = shmseg->u.shm_nattch = 0; 698 shmseg->u.shm_atime = shmseg->u.shm_dtime = 0; 699#ifdef MAC 700 mac_sysvshm_create(cred, shmseg); 701#endif 702 shmseg->u.shm_ctime = time_second; 703 shm_committed += btoc(size); 704 shm_nused++; 705 if (shmseg->u.shm_perm.mode & SHMSEG_WANTED) { 706 /* 707 * Somebody else wanted this key while we were asleep. Wake 708 * them up now. 709 */ 710 shmseg->u.shm_perm.mode &= ~SHMSEG_WANTED; 711 wakeup(shmseg); 712 } 713 td->td_retval[0] = shmid; 714 return (0); 715} 716 717#ifndef _SYS_SYSPROTO_H_ 718struct shmget_args { 719 key_t key; 720 size_t size; 721 int shmflg; 722}; 723#endif 724int 725shmget(td, uap) 726 struct thread *td; 727 struct shmget_args *uap; 728{ 729 int segnum, mode; 730 int error; 731 732 if (!prison_allow(td->td_ucred, PR_ALLOW_SYSVIPC)) 733 return (ENOSYS); 734 mtx_lock(&Giant); 735 mode = uap->shmflg & ACCESSPERMS; 736 if (uap->key != IPC_PRIVATE) { 737 again: 738 segnum = shm_find_segment_by_key(uap->key); 739 if (segnum >= 0) { 740 error = shmget_existing(td, uap, mode, segnum); 741 if (error == EAGAIN) 742 goto again; 743 goto done2; 744 } 745 if ((uap->shmflg & IPC_CREAT) == 0) { 746 error = ENOENT; 747 goto done2; 748 } 749 } 750 error = shmget_allocate_segment(td, uap, mode); 751done2: 752 mtx_unlock(&Giant); 753 return (error); 754} 755 756static void 757shmfork_myhook(p1, p2) 758 struct proc *p1, *p2; 759{ 760 struct shmmap_state *shmmap_s; 761 size_t size; 762 int i; 763 764 mtx_lock(&Giant); 765 size = shminfo.shmseg * sizeof(struct shmmap_state); 766 shmmap_s = malloc(size, M_SHM, M_WAITOK); 767 bcopy(p1->p_vmspace->vm_shm, shmmap_s, size); 768 p2->p_vmspace->vm_shm = shmmap_s; 769 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 770 if (shmmap_s->shmid != -1) 771 shmsegs[IPCID_TO_IX(shmmap_s->shmid)].u.shm_nattch++; 772 mtx_unlock(&Giant); 773} 774 775static void 776shmexit_myhook(struct vmspace *vm) 777{ 778 struct shmmap_state *base, *shm; 779 int i; 780 781 if ((base = vm->vm_shm) != NULL) { 782 vm->vm_shm = NULL; 783 mtx_lock(&Giant); 784 for (i = 0, shm = base; i < shminfo.shmseg; i++, shm++) { 785 if (shm->shmid != -1) 786 shm_delete_mapping(vm, shm); 787 } 788 mtx_unlock(&Giant); 789 free(base, M_SHM); 790 } 791} 792 793static void 794shmrealloc(void) 795{ 796 int i; 797 struct shmid_kernel *newsegs; 798 799 if (shmalloced >= shminfo.shmmni) 800 return; 801 802 newsegs = malloc(shminfo.shmmni * sizeof(*newsegs), M_SHM, M_WAITOK); 803 if (newsegs == NULL) 804 return; 805 for (i = 0; i < shmalloced; i++) 806 bcopy(&shmsegs[i], &newsegs[i], sizeof(newsegs[0])); 807 for (; i < shminfo.shmmni; i++) { 808 shmsegs[i].u.shm_perm.mode = SHMSEG_FREE; 809 shmsegs[i].u.shm_perm.seq = 0; 810#ifdef MAC 811 mac_sysvshm_init(&shmsegs[i]); 812#endif 813 } 814 free(shmsegs, M_SHM); 815 shmsegs = newsegs; 816 shmalloced = shminfo.shmmni; 817} 818 819static struct syscall_helper_data shm_syscalls[] = { 820 SYSCALL_INIT_HELPER(shmat), 821 SYSCALL_INIT_HELPER(shmctl), 822 SYSCALL_INIT_HELPER(shmdt), 823 SYSCALL_INIT_HELPER(shmget), 824#if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ 825 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) 826 SYSCALL_INIT_HELPER(freebsd7_shmctl), 827#endif 828#if defined(__i386__) && (defined(COMPAT_FREEBSD4) || defined(COMPAT_43)) 829 SYSCALL_INIT_HELPER(shmsys), 830#endif 831 SYSCALL_INIT_LAST 832}; 833 834#ifdef COMPAT_FREEBSD32 835#include <compat/freebsd32/freebsd32.h> 836#include <compat/freebsd32/freebsd32_ipc.h> 837#include <compat/freebsd32/freebsd32_proto.h> 838#include <compat/freebsd32/freebsd32_signal.h> 839#include <compat/freebsd32/freebsd32_syscall.h> 840#include <compat/freebsd32/freebsd32_util.h> 841 842static struct syscall_helper_data shm32_syscalls[] = { 843 SYSCALL32_INIT_HELPER(shmat), 844 SYSCALL32_INIT_HELPER(shmdt), 845 SYSCALL32_INIT_HELPER(shmget), 846 SYSCALL32_INIT_HELPER(freebsd32_shmsys), 847 SYSCALL32_INIT_HELPER(freebsd32_shmctl), 848#if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ 849 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) 850 SYSCALL32_INIT_HELPER(freebsd7_freebsd32_shmctl), 851#endif 852 SYSCALL_INIT_LAST 853}; 854#endif 855 856static int 857shminit() 858{ 859 int i, error; 860 861#ifndef BURN_BRIDGES 862 if (TUNABLE_ULONG_FETCH("kern.ipc.shmmaxpgs", &shminfo.shmall) != 0) 863 printf("kern.ipc.shmmaxpgs is now called kern.ipc.shmall!\n"); 864#endif 865 TUNABLE_ULONG_FETCH("kern.ipc.shmall", &shminfo.shmall); 866 867 /* Initialize shmmax dealing with possible overflow. */ 868 for (i = PAGE_SIZE; i > 0; i--) { 869 shminfo.shmmax = shminfo.shmall * i; 870 if (shminfo.shmmax >= shminfo.shmall) 871 break; 872 } 873 874 TUNABLE_ULONG_FETCH("kern.ipc.shmmin", &shminfo.shmmin); 875 TUNABLE_ULONG_FETCH("kern.ipc.shmmni", &shminfo.shmmni); 876 TUNABLE_ULONG_FETCH("kern.ipc.shmseg", &shminfo.shmseg); 877 TUNABLE_INT_FETCH("kern.ipc.shm_use_phys", &shm_use_phys); 878 879 shmalloced = shminfo.shmmni; 880 shmsegs = malloc(shmalloced * sizeof(shmsegs[0]), M_SHM, M_WAITOK); 881 if (shmsegs == NULL) 882 panic("cannot allocate initial memory for sysvshm"); 883 for (i = 0; i < shmalloced; i++) { 884 shmsegs[i].u.shm_perm.mode = SHMSEG_FREE; 885 shmsegs[i].u.shm_perm.seq = 0; 886#ifdef MAC 887 mac_sysvshm_init(&shmsegs[i]); 888#endif 889 } 890 shm_last_free = 0; 891 shm_nused = 0; 892 shm_committed = 0; 893 shmexit_hook = &shmexit_myhook; 894 shmfork_hook = &shmfork_myhook; 895 896 error = syscall_helper_register(shm_syscalls); 897 if (error != 0) 898 return (error); 899#ifdef COMPAT_FREEBSD32 900 error = syscall32_helper_register(shm32_syscalls); 901 if (error != 0) 902 return (error); 903#endif 904 return (0); 905} 906 907static int 908shmunload() 909{ 910#ifdef MAC 911 int i; 912#endif 913 914 if (shm_nused > 0) 915 return (EBUSY); 916 917#ifdef COMPAT_FREEBSD32 918 syscall32_helper_unregister(shm32_syscalls); 919#endif 920 syscall_helper_unregister(shm_syscalls); 921 922 for (i = 0; i < shmalloced; i++) { 923#ifdef MAC 924 mac_sysvshm_destroy(&shmsegs[i]); 925#endif 926 /* 927 * Objects might be still mapped into the processes 928 * address spaces. Actual free would happen on the 929 * last mapping destruction. 930 */ 931 if (shmsegs[i].u.shm_perm.mode != SHMSEG_FREE) 932 vm_object_deallocate(shmsegs[i].object); 933 } 934 free(shmsegs, M_SHM); 935 shmexit_hook = NULL; 936 shmfork_hook = NULL; 937 return (0); 938} 939 940static int 941sysctl_shmsegs(SYSCTL_HANDLER_ARGS) 942{ 943 944 return (SYSCTL_OUT(req, shmsegs, shmalloced * sizeof(shmsegs[0]))); 945} 946 947#if defined(__i386__) && (defined(COMPAT_FREEBSD4) || defined(COMPAT_43)) 948struct oshmid_ds { 949 struct ipc_perm_old shm_perm; /* operation perms */ 950 int shm_segsz; /* size of segment (bytes) */ 951 u_short shm_cpid; /* pid, creator */ 952 u_short shm_lpid; /* pid, last operation */ 953 short shm_nattch; /* no. of current attaches */ 954 time_t shm_atime; /* last attach time */ 955 time_t shm_dtime; /* last detach time */ 956 time_t shm_ctime; /* last change time */ 957 void *shm_handle; /* internal handle for shm segment */ 958}; 959 960struct oshmctl_args { 961 int shmid; 962 int cmd; 963 struct oshmid_ds *ubuf; 964}; 965 966static int 967oshmctl(struct thread *td, struct oshmctl_args *uap) 968{ 969#ifdef COMPAT_43 970 int error = 0; 971 struct shmid_kernel *shmseg; 972 struct oshmid_ds outbuf; 973 974 if (!prison_allow(td->td_ucred, PR_ALLOW_SYSVIPC)) 975 return (ENOSYS); 976 mtx_lock(&Giant); 977 shmseg = shm_find_segment_by_shmid(uap->shmid); 978 if (shmseg == NULL) { 979 error = EINVAL; 980 goto done2; 981 } 982 switch (uap->cmd) { 983 case IPC_STAT: 984 error = ipcperm(td, &shmseg->u.shm_perm, IPC_R); 985 if (error) 986 goto done2; 987#ifdef MAC 988 error = mac_sysvshm_check_shmctl(td->td_ucred, shmseg, uap->cmd); 989 if (error != 0) 990 goto done2; 991#endif 992 ipcperm_new2old(&shmseg->u.shm_perm, &outbuf.shm_perm); 993 outbuf.shm_segsz = shmseg->u.shm_segsz; 994 outbuf.shm_cpid = shmseg->u.shm_cpid; 995 outbuf.shm_lpid = shmseg->u.shm_lpid; 996 outbuf.shm_nattch = shmseg->u.shm_nattch; 997 outbuf.shm_atime = shmseg->u.shm_atime; 998 outbuf.shm_dtime = shmseg->u.shm_dtime; 999 outbuf.shm_ctime = shmseg->u.shm_ctime; 1000 outbuf.shm_handle = shmseg->object; 1001 error = copyout(&outbuf, uap->ubuf, sizeof(outbuf)); 1002 if (error) 1003 goto done2; 1004 break; 1005 default: 1006 error = freebsd7_shmctl(td, (struct freebsd7_shmctl_args *)uap); 1007 break; 1008 } 1009done2: 1010 mtx_unlock(&Giant); 1011 return (error); 1012#else 1013 return (EINVAL); 1014#endif 1015} 1016 1017/* XXX casting to (sy_call_t *) is bogus, as usual. */ 1018static sy_call_t *shmcalls[] = { 1019 (sy_call_t *)shmat, (sy_call_t *)oshmctl, 1020 (sy_call_t *)shmdt, (sy_call_t *)shmget, 1021 (sy_call_t *)freebsd7_shmctl 1022}; 1023 1024int 1025shmsys(td, uap) 1026 struct thread *td; 1027 /* XXX actually varargs. */ 1028 struct shmsys_args /* { 1029 int which; 1030 int a2; 1031 int a3; 1032 int a4; 1033 } */ *uap; 1034{ 1035 int error; 1036 1037 if (!prison_allow(td->td_ucred, PR_ALLOW_SYSVIPC)) 1038 return (ENOSYS); 1039 if (uap->which < 0 || 1040 uap->which >= sizeof(shmcalls)/sizeof(shmcalls[0])) 1041 return (EINVAL); 1042 mtx_lock(&Giant); 1043 error = (*shmcalls[uap->which])(td, &uap->a2); 1044 mtx_unlock(&Giant); 1045 return (error); 1046} 1047 1048#endif /* i386 && (COMPAT_FREEBSD4 || COMPAT_43) */ 1049 1050#ifdef COMPAT_FREEBSD32 1051 1052int 1053freebsd32_shmsys(struct thread *td, struct freebsd32_shmsys_args *uap) 1054{ 1055 1056#if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ 1057 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) 1058 switch (uap->which) { 1059 case 0: { /* shmat */ 1060 struct shmat_args ap; 1061 1062 ap.shmid = uap->a2; 1063 ap.shmaddr = PTRIN(uap->a3); 1064 ap.shmflg = uap->a4; 1065 return (sysent[SYS_shmat].sy_call(td, &ap)); 1066 } 1067 case 2: { /* shmdt */ 1068 struct shmdt_args ap; 1069 1070 ap.shmaddr = PTRIN(uap->a2); 1071 return (sysent[SYS_shmdt].sy_call(td, &ap)); 1072 } 1073 case 3: { /* shmget */ 1074 struct shmget_args ap; 1075 1076 ap.key = uap->a2; 1077 ap.size = uap->a3; 1078 ap.shmflg = uap->a4; 1079 return (sysent[SYS_shmget].sy_call(td, &ap)); 1080 } 1081 case 4: { /* shmctl */ 1082 struct freebsd7_freebsd32_shmctl_args ap; 1083 1084 ap.shmid = uap->a2; 1085 ap.cmd = uap->a3; 1086 ap.buf = PTRIN(uap->a4); 1087 return (freebsd7_freebsd32_shmctl(td, &ap)); 1088 } 1089 case 1: /* oshmctl */ 1090 default: 1091 return (EINVAL); 1092 } 1093#else 1094 return (nosys(td, NULL)); 1095#endif 1096} 1097 1098#if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ 1099 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) 1100int 1101freebsd7_freebsd32_shmctl(struct thread *td, 1102 struct freebsd7_freebsd32_shmctl_args *uap) 1103{ 1104 int error = 0; 1105 union { 1106 struct shmid_ds shmid_ds; 1107 struct shm_info shm_info; 1108 struct shminfo shminfo; 1109 } u; 1110 union { 1111 struct shmid_ds32_old shmid_ds32; 1112 struct shm_info32 shm_info32; 1113 struct shminfo32 shminfo32; 1114 } u32; 1115 size_t sz; 1116 1117 if (uap->cmd == IPC_SET) { 1118 if ((error = copyin(uap->buf, &u32.shmid_ds32, 1119 sizeof(u32.shmid_ds32)))) 1120 goto done; 1121 freebsd32_ipcperm_old_in(&u32.shmid_ds32.shm_perm, 1122 &u.shmid_ds.shm_perm); 1123 CP(u32.shmid_ds32, u.shmid_ds, shm_segsz); 1124 CP(u32.shmid_ds32, u.shmid_ds, shm_lpid); 1125 CP(u32.shmid_ds32, u.shmid_ds, shm_cpid); 1126 CP(u32.shmid_ds32, u.shmid_ds, shm_nattch); 1127 CP(u32.shmid_ds32, u.shmid_ds, shm_atime); 1128 CP(u32.shmid_ds32, u.shmid_ds, shm_dtime); 1129 CP(u32.shmid_ds32, u.shmid_ds, shm_ctime); 1130 } 1131 1132 error = kern_shmctl(td, uap->shmid, uap->cmd, (void *)&u, &sz); 1133 if (error) 1134 goto done; 1135 1136 /* Cases in which we need to copyout */ 1137 switch (uap->cmd) { 1138 case IPC_INFO: 1139 CP(u.shminfo, u32.shminfo32, shmmax); 1140 CP(u.shminfo, u32.shminfo32, shmmin); 1141 CP(u.shminfo, u32.shminfo32, shmmni); 1142 CP(u.shminfo, u32.shminfo32, shmseg); 1143 CP(u.shminfo, u32.shminfo32, shmall); 1144 error = copyout(&u32.shminfo32, uap->buf, 1145 sizeof(u32.shminfo32)); 1146 break; 1147 case SHM_INFO: 1148 CP(u.shm_info, u32.shm_info32, used_ids); 1149 CP(u.shm_info, u32.shm_info32, shm_rss); 1150 CP(u.shm_info, u32.shm_info32, shm_tot); 1151 CP(u.shm_info, u32.shm_info32, shm_swp); 1152 CP(u.shm_info, u32.shm_info32, swap_attempts); 1153 CP(u.shm_info, u32.shm_info32, swap_successes); 1154 error = copyout(&u32.shm_info32, uap->buf, 1155 sizeof(u32.shm_info32)); 1156 break; 1157 case SHM_STAT: 1158 case IPC_STAT: 1159 freebsd32_ipcperm_old_out(&u.shmid_ds.shm_perm, 1160 &u32.shmid_ds32.shm_perm); 1161 if (u.shmid_ds.shm_segsz > INT32_MAX) 1162 u32.shmid_ds32.shm_segsz = INT32_MAX; 1163 else 1164 CP(u.shmid_ds, u32.shmid_ds32, shm_segsz); 1165 CP(u.shmid_ds, u32.shmid_ds32, shm_lpid); 1166 CP(u.shmid_ds, u32.shmid_ds32, shm_cpid); 1167 CP(u.shmid_ds, u32.shmid_ds32, shm_nattch); 1168 CP(u.shmid_ds, u32.shmid_ds32, shm_atime); 1169 CP(u.shmid_ds, u32.shmid_ds32, shm_dtime); 1170 CP(u.shmid_ds, u32.shmid_ds32, shm_ctime); 1171 u32.shmid_ds32.shm_internal = 0; 1172 error = copyout(&u32.shmid_ds32, uap->buf, 1173 sizeof(u32.shmid_ds32)); 1174 break; 1175 } 1176 1177done: 1178 if (error) { 1179 /* Invalidate the return value */ 1180 td->td_retval[0] = -1; 1181 } 1182 return (error); 1183} 1184#endif 1185 1186int 1187freebsd32_shmctl(struct thread *td, struct freebsd32_shmctl_args *uap) 1188{ 1189 int error = 0; 1190 union { 1191 struct shmid_ds shmid_ds; 1192 struct shm_info shm_info; 1193 struct shminfo shminfo; 1194 } u; 1195 union { 1196 struct shmid_ds32 shmid_ds32; 1197 struct shm_info32 shm_info32; 1198 struct shminfo32 shminfo32; 1199 } u32; 1200 size_t sz; 1201 1202 if (uap->cmd == IPC_SET) { 1203 if ((error = copyin(uap->buf, &u32.shmid_ds32, 1204 sizeof(u32.shmid_ds32)))) 1205 goto done; 1206 freebsd32_ipcperm_in(&u32.shmid_ds32.shm_perm, 1207 &u.shmid_ds.shm_perm); 1208 CP(u32.shmid_ds32, u.shmid_ds, shm_segsz); 1209 CP(u32.shmid_ds32, u.shmid_ds, shm_lpid); 1210 CP(u32.shmid_ds32, u.shmid_ds, shm_cpid); 1211 CP(u32.shmid_ds32, u.shmid_ds, shm_nattch); 1212 CP(u32.shmid_ds32, u.shmid_ds, shm_atime); 1213 CP(u32.shmid_ds32, u.shmid_ds, shm_dtime); 1214 CP(u32.shmid_ds32, u.shmid_ds, shm_ctime); 1215 } 1216 1217 error = kern_shmctl(td, uap->shmid, uap->cmd, (void *)&u, &sz); 1218 if (error) 1219 goto done; 1220 1221 /* Cases in which we need to copyout */ 1222 switch (uap->cmd) { 1223 case IPC_INFO: 1224 CP(u.shminfo, u32.shminfo32, shmmax); 1225 CP(u.shminfo, u32.shminfo32, shmmin); 1226 CP(u.shminfo, u32.shminfo32, shmmni); 1227 CP(u.shminfo, u32.shminfo32, shmseg); 1228 CP(u.shminfo, u32.shminfo32, shmall); 1229 error = copyout(&u32.shminfo32, uap->buf, 1230 sizeof(u32.shminfo32)); 1231 break; 1232 case SHM_INFO: 1233 CP(u.shm_info, u32.shm_info32, used_ids); 1234 CP(u.shm_info, u32.shm_info32, shm_rss); 1235 CP(u.shm_info, u32.shm_info32, shm_tot); 1236 CP(u.shm_info, u32.shm_info32, shm_swp); 1237 CP(u.shm_info, u32.shm_info32, swap_attempts); 1238 CP(u.shm_info, u32.shm_info32, swap_successes); 1239 error = copyout(&u32.shm_info32, uap->buf, 1240 sizeof(u32.shm_info32)); 1241 break; 1242 case SHM_STAT: 1243 case IPC_STAT: 1244 freebsd32_ipcperm_out(&u.shmid_ds.shm_perm, 1245 &u32.shmid_ds32.shm_perm); 1246 if (u.shmid_ds.shm_segsz > INT32_MAX) 1247 u32.shmid_ds32.shm_segsz = INT32_MAX; 1248 else 1249 CP(u.shmid_ds, u32.shmid_ds32, shm_segsz); 1250 CP(u.shmid_ds, u32.shmid_ds32, shm_lpid); 1251 CP(u.shmid_ds, u32.shmid_ds32, shm_cpid); 1252 CP(u.shmid_ds, u32.shmid_ds32, shm_nattch); 1253 CP(u.shmid_ds, u32.shmid_ds32, shm_atime); 1254 CP(u.shmid_ds, u32.shmid_ds32, shm_dtime); 1255 CP(u.shmid_ds, u32.shmid_ds32, shm_ctime); 1256 error = copyout(&u32.shmid_ds32, uap->buf, 1257 sizeof(u32.shmid_ds32)); 1258 break; 1259 } 1260 1261done: 1262 if (error) { 1263 /* Invalidate the return value */ 1264 td->td_retval[0] = -1; 1265 } 1266 return (error); 1267} 1268#endif 1269 1270#if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ 1271 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) 1272 1273#ifndef CP 1274#define CP(src, dst, fld) do { (dst).fld = (src).fld; } while (0) 1275#endif 1276 1277#ifndef _SYS_SYSPROTO_H_ 1278struct freebsd7_shmctl_args { 1279 int shmid; 1280 int cmd; 1281 struct shmid_ds_old *buf; 1282}; 1283#endif 1284int 1285freebsd7_shmctl(td, uap) 1286 struct thread *td; 1287 struct freebsd7_shmctl_args *uap; 1288{ 1289 int error = 0; 1290 struct shmid_ds_old old; 1291 struct shmid_ds buf; 1292 size_t bufsz; 1293 1294 /* 1295 * The only reason IPC_INFO, SHM_INFO, SHM_STAT exists is to support 1296 * Linux binaries. If we see the call come through the FreeBSD ABI, 1297 * return an error back to the user since we do not to support this. 1298 */ 1299 if (uap->cmd == IPC_INFO || uap->cmd == SHM_INFO || 1300 uap->cmd == SHM_STAT) 1301 return (EINVAL); 1302 1303 /* IPC_SET needs to copyin the buffer before calling kern_shmctl */ 1304 if (uap->cmd == IPC_SET) { 1305 if ((error = copyin(uap->buf, &old, sizeof(old)))) 1306 goto done; 1307 ipcperm_old2new(&old.shm_perm, &buf.shm_perm); 1308 CP(old, buf, shm_segsz); 1309 CP(old, buf, shm_lpid); 1310 CP(old, buf, shm_cpid); 1311 CP(old, buf, shm_nattch); 1312 CP(old, buf, shm_atime); 1313 CP(old, buf, shm_dtime); 1314 CP(old, buf, shm_ctime); 1315 } 1316 1317 error = kern_shmctl(td, uap->shmid, uap->cmd, (void *)&buf, &bufsz); 1318 if (error) 1319 goto done; 1320 1321 /* Cases in which we need to copyout */ 1322 switch (uap->cmd) { 1323 case IPC_STAT: 1324 ipcperm_new2old(&buf.shm_perm, &old.shm_perm); 1325 if (buf.shm_segsz > INT_MAX) 1326 old.shm_segsz = INT_MAX; 1327 else 1328 CP(buf, old, shm_segsz); 1329 CP(buf, old, shm_lpid); 1330 CP(buf, old, shm_cpid); 1331 if (buf.shm_nattch > SHRT_MAX) 1332 old.shm_nattch = SHRT_MAX; 1333 else 1334 CP(buf, old, shm_nattch); 1335 CP(buf, old, shm_atime); 1336 CP(buf, old, shm_dtime); 1337 CP(buf, old, shm_ctime); 1338 old.shm_internal = NULL; 1339 error = copyout(&old, uap->buf, sizeof(old)); 1340 break; 1341 } 1342 1343done: 1344 if (error) { 1345 /* Invalidate the return value */ 1346 td->td_retval[0] = -1; 1347 } 1348 return (error); 1349} 1350 1351#endif /* COMPAT_FREEBSD4 || COMPAT_FREEBSD5 || COMPAT_FREEBSD6 || 1352 COMPAT_FREEBSD7 */ 1353 1354static int 1355sysvshm_modload(struct module *module, int cmd, void *arg) 1356{ 1357 int error = 0; 1358 1359 switch (cmd) { 1360 case MOD_LOAD: 1361 error = shminit(); 1362 if (error != 0) 1363 shmunload(); 1364 break; 1365 case MOD_UNLOAD: 1366 error = shmunload(); 1367 break; 1368 case MOD_SHUTDOWN: 1369 break; 1370 default: 1371 error = EINVAL; 1372 break; 1373 } 1374 return (error); 1375} 1376 1377static moduledata_t sysvshm_mod = { 1378 "sysvshm", 1379 &sysvshm_modload, 1380 NULL 1381}; 1382 1383DECLARE_MODULE(sysvshm, sysvshm_mod, SI_SUB_SYSV_SHM, SI_ORDER_FIRST); 1384MODULE_VERSION(sysvshm, 1); 1385