| sysv_msg.c (139804) | sysv_msg.c (140614) |
|---|---|
| 1/*- 2 * Implementation of SVID messages 3 * 4 * Author: Daniel Boulet 5 * 6 * Copyright 1993 Daniel Boulet and RTMX Inc. 7 * 8 * This system call was implemented by Daniel Boulet under contract from RTMX. 9 * 10 * Redistribution and use in source forms, with and without modification, 11 * are permitted provided that this entire comment appears intact. 12 * 13 * Redistribution in binary form may occur without any restrictions. 14 * Obviously, it would be nice if you gave credit where credit is due 15 * but requiring it would be too onerous. 16 * 17 * This software is provided ``AS IS'' without any warranties of any kind. 18 */ | 1/*- 2 * Implementation of SVID messages 3 * 4 * Author: Daniel Boulet 5 * 6 * Copyright 1993 Daniel Boulet and RTMX Inc. 7 * 8 * This system call was implemented by Daniel Boulet under contract from RTMX. 9 * 10 * Redistribution and use in source forms, with and without modification, 11 * are permitted provided that this entire comment appears intact. 12 * 13 * Redistribution in binary form may occur without any restrictions. 14 * Obviously, it would be nice if you gave credit where credit is due 15 * but requiring it would be too onerous. 16 * 17 * This software is provided ``AS IS'' without any warranties of any kind. 18 */ |
| 19/*- 20 * Copyright (c) 2003-2005 McAfee, Inc. 21 * All rights reserved. 22 * 23 * This software was developed for the FreeBSD Project in part by McAfee 24 * Research, the Security Research Division of McAfee, Inc under DARPA/SPAWAR 25 * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research 26 * program. 27 * 28 * Redistribution and use in source and binary forms, with or without 29 * modification, are permitted provided that the following conditions 30 * are met: 31 * 1. Redistributions of source code must retain the above copyright 32 * notice, this list of conditions and the following disclaimer. 33 * 2. Redistributions in binary form must reproduce the above copyright 34 * notice, this list of conditions and the following disclaimer in the 35 * documentation and/or other materials provided with the distribution. 36 * 37 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 38 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 40 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 41 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 42 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 43 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 45 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 46 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 47 * SUCH DAMAGE. 48 */ |
|
| 19 20#include <sys/cdefs.h> | 49 50#include <sys/cdefs.h> |
| 21__FBSDID("$FreeBSD: head/sys/kern/sysv_msg.c 139804 2005-01-06 23:35:40Z imp $"); | 51__FBSDID("$FreeBSD: head/sys/kern/sysv_msg.c 140614 2005-01-22 18:51:43Z rwatson $"); |
| 22 23#include "opt_sysvipc.h" | 52 53#include "opt_sysvipc.h" |
| 54#include "opt_mac.h" |
|
| 24 25#include <sys/param.h> 26#include <sys/systm.h> 27#include <sys/sysproto.h> 28#include <sys/kernel.h> 29#include <sys/proc.h> 30#include <sys/lock.h> | 55 56#include <sys/param.h> 57#include <sys/systm.h> 58#include <sys/sysproto.h> 59#include <sys/kernel.h> 60#include <sys/proc.h> 61#include <sys/lock.h> |
| 62#include <sys/mac.h> |
|
| 31#include <sys/mutex.h> 32#include <sys/module.h> 33#include <sys/msg.h> 34#include <sys/syscall.h> 35#include <sys/sysent.h> 36#include <sys/sysctl.h> 37#include <sys/malloc.h> 38#include <sys/jail.h> --- 4 unchanged lines hidden (view full) --- 43static int msgunload(void); 44static int sysvmsg_modload(struct module *, int, void *); 45 46#ifdef MSG_DEBUG 47#define DPRINTF(a) printf a 48#else 49#define DPRINTF(a) 50#endif | 63#include <sys/mutex.h> 64#include <sys/module.h> 65#include <sys/msg.h> 66#include <sys/syscall.h> 67#include <sys/sysent.h> 68#include <sys/sysctl.h> 69#include <sys/malloc.h> 70#include <sys/jail.h> --- 4 unchanged lines hidden (view full) --- 75static int msgunload(void); 76static int sysvmsg_modload(struct module *, int, void *); 77 78#ifdef MSG_DEBUG 79#define DPRINTF(a) printf a 80#else 81#define DPRINTF(a) 82#endif |
| 83#ifdef MAC_DEBUG 84#define MPRINTF(a) printf a 85#else 86#define MPRINTF(a) 87#endif |
|
| 51 52static void msg_freehdr(struct msg *msghdr); 53 54/* XXX casting to (sy_call_t *) is bogus, as usual. */ 55static sy_call_t *msgcalls[] = { 56 (sy_call_t *)msgctl, (sy_call_t *)msgget, 57 (sy_call_t *)msgsnd, (sy_call_t *)msgrcv 58}; --- 124 unchanged lines hidden (view full) --- 183 if (msghdrs == NULL) 184 panic("msghdrs is NULL"); 185 186 for (i = 0; i < msginfo.msgtql; i++) { 187 msghdrs[i].msg_type = 0; 188 if (i > 0) 189 msghdrs[i-1].msg_next = &msghdrs[i]; 190 msghdrs[i].msg_next = NULL; | 88 89static void msg_freehdr(struct msg *msghdr); 90 91/* XXX casting to (sy_call_t *) is bogus, as usual. */ 92static sy_call_t *msgcalls[] = { 93 (sy_call_t *)msgctl, (sy_call_t *)msgget, 94 (sy_call_t *)msgsnd, (sy_call_t *)msgrcv 95}; --- 124 unchanged lines hidden (view full) --- 220 if (msghdrs == NULL) 221 panic("msghdrs is NULL"); 222 223 for (i = 0; i < msginfo.msgtql; i++) { 224 msghdrs[i].msg_type = 0; 225 if (i > 0) 226 msghdrs[i-1].msg_next = &msghdrs[i]; 227 msghdrs[i].msg_next = NULL; |
| 228#ifdef MAC 229 mac_init_sysv_msgmsg(&msghdrs[i]); 230#endif |
|
| 191 } 192 free_msghdrs = &msghdrs[0]; 193 194 if (msqids == NULL) 195 panic("msqids is NULL"); 196 197 for (i = 0; i < msginfo.msgmni; i++) { 198 msqids[i].u.msg_qbytes = 0; /* implies entry is available */ 199 msqids[i].u.msg_perm.seq = 0; /* reset to a known value */ 200 msqids[i].u.msg_perm.mode = 0; | 231 } 232 free_msghdrs = &msghdrs[0]; 233 234 if (msqids == NULL) 235 panic("msqids is NULL"); 236 237 for (i = 0; i < msginfo.msgmni; i++) { 238 msqids[i].u.msg_qbytes = 0; /* implies entry is available */ 239 msqids[i].u.msg_perm.seq = 0; /* reset to a known value */ 240 msqids[i].u.msg_perm.mode = 0; |
| 241#ifdef MAC 242 mac_init_sysv_msgqueue(&msqids[i]); 243#endif |
|
| 201 } 202 mtx_init(&msq_mtx, "msq", NULL, MTX_DEF); 203} 204 205static int 206msgunload() 207{ 208 struct msqid_kernel *msqkptr; 209 int msqid; | 244 } 245 mtx_init(&msq_mtx, "msq", NULL, MTX_DEF); 246} 247 248static int 249msgunload() 250{ 251 struct msqid_kernel *msqkptr; 252 int msqid; |
| 253#ifdef MAC 254 int i; 255#endif |
|
| 210 211 for (msqid = 0; msqid < msginfo.msgmni; msqid++) { 212 /* 213 * Look for an unallocated and unlocked msqid_ds. 214 * msqid_ds's can be locked by msgsnd or msgrcv while 215 * they are copying the message in/out. We can't 216 * re-use the entry until they release it. 217 */ 218 msqkptr = &msqids[msqid]; 219 if (msqkptr->u.msg_qbytes != 0 || 220 (msqkptr->u.msg_perm.mode & MSG_LOCKED) != 0) 221 break; 222 } 223 if (msqid != msginfo.msgmni) 224 return (EBUSY); 225 | 256 257 for (msqid = 0; msqid < msginfo.msgmni; msqid++) { 258 /* 259 * Look for an unallocated and unlocked msqid_ds. 260 * msqid_ds's can be locked by msgsnd or msgrcv while 261 * they are copying the message in/out. We can't 262 * re-use the entry until they release it. 263 */ 264 msqkptr = &msqids[msqid]; 265 if (msqkptr->u.msg_qbytes != 0 || 266 (msqkptr->u.msg_perm.mode & MSG_LOCKED) != 0) 267 break; 268 } 269 if (msqid != msginfo.msgmni) 270 return (EBUSY); 271 |
| 272#ifdef MAC 273 for (i = 0; i < msginfo.msgtql; i++) 274 mac_destroy_sysv_msgmsg(&msghdrs[i]); 275 for (msqid = 0; msqid < msginfo.msgmni; msqid++) 276 mac_destroy_sysv_msgqueue(&msqids[msqid]); 277#endif |
|
| 226 free(msgpool, M_MSG); 227 free(msgmaps, M_MSG); 228 free(msghdrs, M_MSG); 229 free(msqids, M_MSG); 230 mtx_destroy(&msq_mtx); 231 return (0); 232} 233 --- 81 unchanged lines hidden (view full) --- 315 msghdr->msg_ts -= msginfo.msgssz; 316 else 317 msghdr->msg_ts = 0; 318 } 319 if (msghdr->msg_spot != -1) 320 panic("msghdr->msg_spot != -1"); 321 msghdr->msg_next = free_msghdrs; 322 free_msghdrs = msghdr; | 278 free(msgpool, M_MSG); 279 free(msgmaps, M_MSG); 280 free(msghdrs, M_MSG); 281 free(msqids, M_MSG); 282 mtx_destroy(&msq_mtx); 283 return (0); 284} 285 --- 81 unchanged lines hidden (view full) --- 367 msghdr->msg_ts -= msginfo.msgssz; 368 else 369 msghdr->msg_ts = 0; 370 } 371 if (msghdr->msg_spot != -1) 372 panic("msghdr->msg_spot != -1"); 373 msghdr->msg_next = free_msghdrs; 374 free_msghdrs = msghdr; |
| 375#ifdef MAC 376 mac_cleanup_sysv_msgmsg(msghdr); 377#endif |
|
| 323} 324 325#ifndef _SYS_SYSPROTO_H_ 326struct msgctl_args { 327 int msqid; 328 int cmd; 329 struct msqid_ds *buf; 330}; --- 37 unchanged lines hidden (view full) --- 368 error = EINVAL; 369 goto done2; 370 } 371 if (msqkptr->u.msg_perm.seq != IPCID_TO_SEQ(uap->msqid)) { 372 DPRINTF(("wrong sequence number\n")); 373 error = EINVAL; 374 goto done2; 375 } | 378} 379 380#ifndef _SYS_SYSPROTO_H_ 381struct msgctl_args { 382 int msqid; 383 int cmd; 384 struct msqid_ds *buf; 385}; --- 37 unchanged lines hidden (view full) --- 423 error = EINVAL; 424 goto done2; 425 } 426 if (msqkptr->u.msg_perm.seq != IPCID_TO_SEQ(uap->msqid)) { 427 DPRINTF(("wrong sequence number\n")); 428 error = EINVAL; 429 goto done2; 430 } |
| 431#ifdef MAC 432 error = mac_check_sysv_msqctl(td->td_ucred, msqkptr, cmd); 433 if (error != 0) { 434 MPRINTF(("mac_check_sysv_msqctl returned %d\n", error)); 435 goto done2; 436 } 437#endif |
|
| 376 377 error = 0; 378 rval = 0; 379 380 switch (cmd) { 381 382 case IPC_RMID: 383 { 384 struct msg *msghdr; 385 if ((error = ipcperm(td, &msqkptr->u.msg_perm, IPC_M))) 386 goto done2; 387 | 438 439 error = 0; 440 rval = 0; 441 442 switch (cmd) { 443 444 case IPC_RMID: 445 { 446 struct msg *msghdr; 447 if ((error = ipcperm(td, &msqkptr->u.msg_perm, IPC_M))) 448 goto done2; 449 |
| 450#ifdef MAC 451 /* 452 * Check that the thread has MAC access permissions to 453 * individual msghdrs. Note: We need to do this in a 454 * separate loop because the actual loop alters the 455 * msq/msghdr info as it progresses, and there is no going 456 * back if half the way through we discover that the 457 * thread cannot free a certain msghdr. The msq will get 458 * into an inconsistent state. 459 */ 460 for (msghdr = msqkptr->u.msg_first; msghdr != NULL; 461 msghdr = msghdr->msg_next) { 462 error = mac_check_sysv_msgrmid(td->td_ucred, msghdr); 463 if (error != 0) { 464 MPRINTF(("mac_check_sysv_msgrmid returned %d\n", 465 error)); 466 goto done2; 467 } 468 } 469#endif 470 |
|
| 388 /* Free the message headers */ 389 msghdr = msqkptr->u.msg_first; 390 while (msghdr != NULL) { 391 struct msg *msghdr_tmp; 392 393 /* Free the segments of each message */ 394 msqkptr->u.msg_cbytes -= msghdr->msg_ts; 395 msqkptr->u.msg_qnum--; --- 4 unchanged lines hidden (view full) --- 400 401 if (msqkptr->u.msg_cbytes != 0) 402 panic("msg_cbytes is screwed up"); 403 if (msqkptr->u.msg_qnum != 0) 404 panic("msg_qnum is screwed up"); 405 406 msqkptr->u.msg_qbytes = 0; /* Mark it as free */ 407 | 471 /* Free the message headers */ 472 msghdr = msqkptr->u.msg_first; 473 while (msghdr != NULL) { 474 struct msg *msghdr_tmp; 475 476 /* Free the segments of each message */ 477 msqkptr->u.msg_cbytes -= msghdr->msg_ts; 478 msqkptr->u.msg_qnum--; --- 4 unchanged lines hidden (view full) --- 483 484 if (msqkptr->u.msg_cbytes != 0) 485 panic("msg_cbytes is screwed up"); 486 if (msqkptr->u.msg_qnum != 0) 487 panic("msg_qnum is screwed up"); 488 489 msqkptr->u.msg_qbytes = 0; /* Mark it as free */ 490 |
| 491#ifdef MAC 492 mac_cleanup_sysv_msgqueue(msqkptr); 493#endif 494 |
|
| 408 wakeup(msqkptr); 409 } 410 411 break; 412 413 case IPC_SET: 414 if ((error = ipcperm(td, &msqkptr->u.msg_perm, IPC_M))) 415 goto done2; --- 84 unchanged lines hidden (view full) --- 500 goto done2; 501 } 502 if ((error = ipcperm(td, &msqkptr->u.msg_perm, 503 msgflg & 0700))) { 504 DPRINTF(("requester doesn't have 0%o access\n", 505 msgflg & 0700)); 506 goto done2; 507 } | 495 wakeup(msqkptr); 496 } 497 498 break; 499 500 case IPC_SET: 501 if ((error = ipcperm(td, &msqkptr->u.msg_perm, IPC_M))) 502 goto done2; --- 84 unchanged lines hidden (view full) --- 587 goto done2; 588 } 589 if ((error = ipcperm(td, &msqkptr->u.msg_perm, 590 msgflg & 0700))) { 591 DPRINTF(("requester doesn't have 0%o access\n", 592 msgflg & 0700)); 593 goto done2; 594 } |
| 595#ifdef MAC 596 error = mac_check_sysv_msqget(cred, msqkptr); 597 if (error != 0) { 598 MPRINTF(("mac_check_sysv_msqget returned %d\n", 599 error)); 600 goto done2; 601 } 602#endif |
|
| 508 goto found; 509 } 510 } 511 512 DPRINTF(("need to allocate the msqid_ds\n")); 513 if (key == IPC_PRIVATE || (msgflg & IPC_CREAT)) { 514 for (msqid = 0; msqid < msginfo.msgmni; msqid++) { 515 /* --- 26 unchanged lines hidden (view full) --- 542 msqkptr->u.msg_cbytes = 0; 543 msqkptr->u.msg_qnum = 0; 544 msqkptr->u.msg_qbytes = msginfo.msgmnb; 545 msqkptr->u.msg_lspid = 0; 546 msqkptr->u.msg_lrpid = 0; 547 msqkptr->u.msg_stime = 0; 548 msqkptr->u.msg_rtime = 0; 549 msqkptr->u.msg_ctime = time_second; | 603 goto found; 604 } 605 } 606 607 DPRINTF(("need to allocate the msqid_ds\n")); 608 if (key == IPC_PRIVATE || (msgflg & IPC_CREAT)) { 609 for (msqid = 0; msqid < msginfo.msgmni; msqid++) { 610 /* --- 26 unchanged lines hidden (view full) --- 637 msqkptr->u.msg_cbytes = 0; 638 msqkptr->u.msg_qnum = 0; 639 msqkptr->u.msg_qbytes = msginfo.msgmnb; 640 msqkptr->u.msg_lspid = 0; 641 msqkptr->u.msg_lrpid = 0; 642 msqkptr->u.msg_stime = 0; 643 msqkptr->u.msg_rtime = 0; 644 msqkptr->u.msg_ctime = time_second; |
| 645#ifdef MAC 646 mac_create_sysv_msgqueue(cred, msqkptr); 647#endif |
|
| 550 } else { 551 DPRINTF(("didn't find it and wasn't asked to create it\n")); 552 error = ENOENT; 553 goto done2; 554 } 555 556found: 557 /* Construct the unique msqid */ --- 56 unchanged lines hidden (view full) --- 614 goto done2; 615 } 616 617 if ((error = ipcperm(td, &msqkptr->u.msg_perm, IPC_W))) { 618 DPRINTF(("requester doesn't have write access\n")); 619 goto done2; 620 } 621 | 648 } else { 649 DPRINTF(("didn't find it and wasn't asked to create it\n")); 650 error = ENOENT; 651 goto done2; 652 } 653 654found: 655 /* Construct the unique msqid */ --- 56 unchanged lines hidden (view full) --- 712 goto done2; 713 } 714 715 if ((error = ipcperm(td, &msqkptr->u.msg_perm, IPC_W))) { 716 DPRINTF(("requester doesn't have write access\n")); 717 goto done2; 718 } 719 |
| 720#ifdef MAC 721 error = mac_check_sysv_msqsnd(td->td_ucred, msqkptr); 722 if (error != 0) { 723 MPRINTF(("mac_check_sysv_msqsnd returned %d\n", error)); 724 goto done2; 725 } 726#endif 727 |
|
| 622 segs_needed = (msgsz + msginfo.msgssz - 1) / msginfo.msgssz; 623 DPRINTF(("msgsz=%d, msgssz=%d, segs_needed=%d\n", msgsz, msginfo.msgssz, 624 segs_needed)); 625 for (;;) { 626 int need_more_resources = 0; 627 628 /* 629 * check msgsz --- 97 unchanged lines hidden (view full) --- 727 /* 728 * Allocate a message header 729 */ 730 731 msghdr = free_msghdrs; 732 free_msghdrs = msghdr->msg_next; 733 msghdr->msg_spot = -1; 734 msghdr->msg_ts = msgsz; | 728 segs_needed = (msgsz + msginfo.msgssz - 1) / msginfo.msgssz; 729 DPRINTF(("msgsz=%d, msgssz=%d, segs_needed=%d\n", msgsz, msginfo.msgssz, 730 segs_needed)); 731 for (;;) { 732 int need_more_resources = 0; 733 734 /* 735 * check msgsz --- 97 unchanged lines hidden (view full) --- 833 /* 834 * Allocate a message header 835 */ 836 837 msghdr = free_msghdrs; 838 free_msghdrs = msghdr->msg_next; 839 msghdr->msg_spot = -1; 840 msghdr->msg_ts = msgsz; |
| 841#ifdef MAC 842 /* 843 * XXXMAC: Should the mac_check_sysv_msgmsq check follow here 844 * immediately? Or, should it be checked just before the msg is 845 * enqueued in the msgq (as it is done now)? 846 */ 847 mac_create_sysv_msgmsg(td->td_ucred, msqkptr, msghdr); 848#endif |
|
| 735 736 /* 737 * Allocate space for the message 738 */ 739 740 while (segs_needed > 0) { 741 if (nfree_msgmaps <= 0) 742 panic("not enough msgmaps"); --- 88 unchanged lines hidden (view full) --- 831 832 if (msqkptr->u.msg_qbytes == 0) { 833 msg_freehdr(msghdr); 834 wakeup(msqkptr); 835 error = EIDRM; 836 goto done2; 837 } 838 | 849 850 /* 851 * Allocate space for the message 852 */ 853 854 while (segs_needed > 0) { 855 if (nfree_msgmaps <= 0) 856 panic("not enough msgmaps"); --- 88 unchanged lines hidden (view full) --- 945 946 if (msqkptr->u.msg_qbytes == 0) { 947 msg_freehdr(msghdr); 948 wakeup(msqkptr); 949 error = EIDRM; 950 goto done2; 951 } 952 |
| 953#ifdef MAC |
|
| 839 /* | 954 /* |
| 955 * Note: Since the task/thread allocates the msghdr and usually 956 * primes it with its own MAC label, for a majority of policies, it 957 * won't be necessary to check whether the msghdr has access 958 * permissions to the msgq. The mac_check_sysv_msqsnd check would 959 * suffice in that case. However, this hook may be required where 960 * individual policies derive a non-identical label for the msghdr 961 * from the current thread label and may want to check the msghdr 962 * enqueue permissions, along with read/write permissions to the 963 * msgq. 964 */ 965 error = mac_check_sysv_msgmsq(td->td_ucred, msghdr, msqkptr); 966 if (error != 0) { 967 MPRINTF(("mac_check_sysv_msqmsq returned %d\n", error)); 968 msg_freehdr(msghdr); 969 wakeup(msqkptr); 970 goto done2; 971 } 972#endif 973 974 /* |
|
| 840 * Put the message into the queue 841 */ 842 if (msqkptr->u.msg_first == NULL) { 843 msqkptr->u.msg_first = msghdr; 844 msqkptr->u.msg_last = msghdr; 845 } else { 846 msqkptr->u.msg_last->msg_next = msghdr; 847 msqkptr->u.msg_last = msghdr; --- 68 unchanged lines hidden (view full) --- 916 goto done2; 917 } 918 919 if ((error = ipcperm(td, &msqkptr->u.msg_perm, IPC_R))) { 920 DPRINTF(("requester doesn't have read access\n")); 921 goto done2; 922 } 923 | 975 * Put the message into the queue 976 */ 977 if (msqkptr->u.msg_first == NULL) { 978 msqkptr->u.msg_first = msghdr; 979 msqkptr->u.msg_last = msghdr; 980 } else { 981 msqkptr->u.msg_last->msg_next = msghdr; 982 msqkptr->u.msg_last = msghdr; --- 68 unchanged lines hidden (view full) --- 1051 goto done2; 1052 } 1053 1054 if ((error = ipcperm(td, &msqkptr->u.msg_perm, IPC_R))) { 1055 DPRINTF(("requester doesn't have read access\n")); 1056 goto done2; 1057 } 1058 |
| 1059#ifdef MAC 1060 error = mac_check_sysv_msqrcv(td->td_ucred, msqkptr); 1061 if (error != 0) { 1062 MPRINTF(("mac_check_sysv_msqrcv returned %d\n", error)); 1063 goto done2; 1064 } 1065#endif 1066 |
|
| 924 msghdr = NULL; 925 while (msghdr == NULL) { 926 if (msgtyp == 0) { 927 msghdr = msqkptr->u.msg_first; 928 if (msghdr != NULL) { 929 if (msgsz < msghdr->msg_ts && 930 (msgflg & MSG_NOERROR) == 0) { 931 DPRINTF(("first message on the queue " 932 "is too big (want %d, got %d)\n", 933 msgsz, msghdr->msg_ts)); 934 error = E2BIG; 935 goto done2; 936 } | 1067 msghdr = NULL; 1068 while (msghdr == NULL) { 1069 if (msgtyp == 0) { 1070 msghdr = msqkptr->u.msg_first; 1071 if (msghdr != NULL) { 1072 if (msgsz < msghdr->msg_ts && 1073 (msgflg & MSG_NOERROR) == 0) { 1074 DPRINTF(("first message on the queue " 1075 "is too big (want %d, got %d)\n", 1076 msgsz, msghdr->msg_ts)); 1077 error = E2BIG; 1078 goto done2; 1079 } |
| 1080#ifdef MAC 1081 error = mac_check_sysv_msgrcv(td->td_ucred, 1082 msghdr); 1083 if (error != 0) { 1084 MPRINTF(("mac_check_sysv_msgrcv " 1085 "returned %d\n", error)); 1086 goto done2; 1087 } 1088#endif |
|
| 937 if (msqkptr->u.msg_first == msqkptr->u.msg_last) { 938 msqkptr->u.msg_first = NULL; 939 msqkptr->u.msg_last = NULL; 940 } else { 941 msqkptr->u.msg_first = msghdr->msg_next; 942 if (msqkptr->u.msg_first == NULL) 943 panic("msg_first/last screwed up #1"); 944 } --- 23 unchanged lines hidden (view full) --- 968 (msgflg & MSG_NOERROR) == 0) { 969 DPRINTF(("requested message " 970 "on the queue is too big " 971 "(want %d, got %d)\n", 972 msgsz, msghdr->msg_ts)); 973 error = E2BIG; 974 goto done2; 975 } | 1089 if (msqkptr->u.msg_first == msqkptr->u.msg_last) { 1090 msqkptr->u.msg_first = NULL; 1091 msqkptr->u.msg_last = NULL; 1092 } else { 1093 msqkptr->u.msg_first = msghdr->msg_next; 1094 if (msqkptr->u.msg_first == NULL) 1095 panic("msg_first/last screwed up #1"); 1096 } --- 23 unchanged lines hidden (view full) --- 1120 (msgflg & MSG_NOERROR) == 0) { 1121 DPRINTF(("requested message " 1122 "on the queue is too big " 1123 "(want %d, got %d)\n", 1124 msgsz, msghdr->msg_ts)); 1125 error = E2BIG; 1126 goto done2; 1127 } |
| 1128#ifdef MAC 1129 error = mac_check_sysv_msgrcv( 1130 td->td_ucred, msghdr); 1131 if (error != 0) { 1132 MPRINTF(("mac_check_sysv_" 1133 "msgrcv returned %d\n", 1134 error)); 1135 goto done2; 1136 } 1137#endif |
|
| 976 *prev = msghdr->msg_next; 977 if (msghdr == msqkptr->u.msg_last) { 978 if (previous == NULL) { 979 if (prev != 980 &msqkptr->u.msg_first) 981 panic("msg_first/last screwed up #2"); 982 msqkptr->u.msg_first = 983 NULL; --- 163 unchanged lines hidden --- | 1138 *prev = msghdr->msg_next; 1139 if (msghdr == msqkptr->u.msg_last) { 1140 if (previous == NULL) { 1141 if (prev != 1142 &msqkptr->u.msg_first) 1143 panic("msg_first/last screwed up #2"); 1144 msqkptr->u.msg_first = 1145 NULL; --- 163 unchanged lines hidden --- |