sysv_shm.c revision 35669
1/* $Id: sysv_shm.c,v 1.35 1998/03/30 09:50:46 phk Exp $ */ 2/* $NetBSD: sysv_shm.c,v 1.23 1994/07/04 23:25:12 glass Exp $ */ 3 4/* 5 * Copyright (c) 1994 Adam Glass and Charles Hannum. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by Adam Glass and Charles 18 * Hannum. 19 * 4. The names of the authors may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34#include "opt_compat.h" 35#include "opt_rlimit.h" 36 37#include <sys/param.h> 38#include <sys/systm.h> 39#include <sys/sysproto.h> 40#include <sys/kernel.h> 41#include <sys/shm.h> 42#include <sys/proc.h> 43#include <sys/malloc.h> 44#include <sys/mman.h> 45#include <sys/stat.h> 46#include <sys/sysent.h> 47 48#include <vm/vm.h> 49#include <vm/vm_param.h> 50#include <vm/vm_prot.h> 51#include <sys/lock.h> 52#include <vm/pmap.h> 53#include <vm/vm_object.h> 54#include <vm/vm_map.h> 55#include <vm/vm_pager.h> 56#include <vm/vm_inherit.h> 57 58#ifndef _SYS_SYSPROTO_H_ 59struct shmat_args; 60extern int shmat __P((struct proc *p, struct shmat_args *uap)); 61struct shmctl_args; 62extern int shmctl __P((struct proc *p, struct shmctl_args *uap)); 63struct shmdt_args; 64extern int shmdt __P((struct proc *p, struct shmdt_args *uap)); 65struct shmget_args; 66extern int shmget __P((struct proc *p, struct shmget_args *uap)); 67#endif 68 69static MALLOC_DEFINE(M_SHM, "shm", "SVID compatible shared memory segments"); 70 71static void shminit __P((void *)); 72SYSINIT(sysv_shm, SI_SUB_SYSV_SHM, SI_ORDER_FIRST, shminit, NULL) 73 74struct oshmctl_args; 75static int oshmctl __P((struct proc *p, struct oshmctl_args *uap)); 76static int shmget_allocate_segment __P((struct proc *p, struct shmget_args *uap, int mode)); 77static int shmget_existing __P((struct proc *p, struct shmget_args *uap, int mode, int segnum)); 78 79/* XXX casting to (sy_call_t *) is bogus, as usual. */ 80static sy_call_t *shmcalls[] = { 81 (sy_call_t *)shmat, (sy_call_t *)oshmctl, 82 (sy_call_t *)shmdt, (sy_call_t *)shmget, 83 (sy_call_t *)shmctl 84}; 85 86#define SHMSEG_FREE 0x0200 87#define SHMSEG_REMOVED 0x0400 88#define SHMSEG_ALLOCATED 0x0800 89#define SHMSEG_WANTED 0x1000 90 91static int shm_last_free, shm_nused, shm_committed; 92struct shmid_ds *shmsegs; 93 94struct shm_handle { 95 /* vm_offset_t kva; */ 96 vm_object_t shm_object; 97}; 98 99struct shmmap_state { 100 vm_offset_t va; 101 int shmid; 102}; 103 104static void shm_deallocate_segment __P((struct shmid_ds *)); 105static int shm_find_segment_by_key __P((key_t)); 106static struct shmid_ds *shm_find_segment_by_shmid __P((int)); 107static int shm_delete_mapping __P((struct proc *, struct shmmap_state *)); 108 109static int 110shm_find_segment_by_key(key) 111 key_t key; 112{ 113 int i; 114 115 for (i = 0; i < shminfo.shmmni; i++) 116 if ((shmsegs[i].shm_perm.mode & SHMSEG_ALLOCATED) && 117 shmsegs[i].shm_perm.key == key) 118 return i; 119 return -1; 120} 121 122static struct shmid_ds * 123shm_find_segment_by_shmid(shmid) 124 int shmid; 125{ 126 int segnum; 127 struct shmid_ds *shmseg; 128 129 segnum = IPCID_TO_IX(shmid); 130 if (segnum < 0 || segnum >= shminfo.shmmni) 131 return NULL; 132 shmseg = &shmsegs[segnum]; 133 if ((shmseg->shm_perm.mode & (SHMSEG_ALLOCATED | SHMSEG_REMOVED)) 134 != SHMSEG_ALLOCATED || 135 shmseg->shm_perm.seq != IPCID_TO_SEQ(shmid)) 136 return NULL; 137 return shmseg; 138} 139 140static void 141shm_deallocate_segment(shmseg) 142 struct shmid_ds *shmseg; 143{ 144 struct shm_handle *shm_handle; 145 size_t size; 146 147 shm_handle = shmseg->shm_internal; 148 shm_handle->shm_object->shadow_count--; 149 vm_object_deallocate(shm_handle->shm_object); 150 free((caddr_t)shm_handle, M_SHM); 151 shmseg->shm_internal = NULL; 152 size = round_page(shmseg->shm_segsz); 153 shm_committed -= btoc(size); 154 shm_nused--; 155 shmseg->shm_perm.mode = SHMSEG_FREE; 156} 157 158static int 159shm_delete_mapping(p, shmmap_s) 160 struct proc *p; 161 struct shmmap_state *shmmap_s; 162{ 163 struct shmid_ds *shmseg; 164 int segnum, result; 165 size_t size; 166 167 segnum = IPCID_TO_IX(shmmap_s->shmid); 168 shmseg = &shmsegs[segnum]; 169 size = round_page(shmseg->shm_segsz); 170 result = vm_map_remove(&p->p_vmspace->vm_map, shmmap_s->va, shmmap_s->va + size); 171 if (result != KERN_SUCCESS) 172 return EINVAL; 173 shmmap_s->shmid = -1; 174 shmseg->shm_dtime = time_second; 175 if ((--shmseg->shm_nattch <= 0) && 176 (shmseg->shm_perm.mode & SHMSEG_REMOVED)) { 177 shm_deallocate_segment(shmseg); 178 shm_last_free = segnum; 179 } 180 return 0; 181} 182 183#ifndef _SYS_SYSPROTO_H_ 184struct shmdt_args { 185 void *shmaddr; 186}; 187#endif 188 189int 190shmdt(p, uap) 191 struct proc *p; 192 struct shmdt_args *uap; 193{ 194 struct shmmap_state *shmmap_s; 195 int i; 196 197 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 198 if (shmmap_s == NULL) 199 return EINVAL; 200 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 201 if (shmmap_s->shmid != -1 && 202 shmmap_s->va == (vm_offset_t)uap->shmaddr) 203 break; 204 if (i == shminfo.shmseg) 205 return EINVAL; 206 return shm_delete_mapping(p, shmmap_s); 207} 208 209#ifndef _SYS_SYSPROTO_H_ 210struct shmat_args { 211 int shmid; 212 void *shmaddr; 213 int shmflg; 214}; 215#endif 216 217int 218shmat(p, uap) 219 struct proc *p; 220 struct shmat_args *uap; 221{ 222 int error, i, flags; 223 struct ucred *cred = p->p_ucred; 224 struct shmid_ds *shmseg; 225 struct shmmap_state *shmmap_s = NULL; 226 struct shm_handle *shm_handle; 227 vm_offset_t attach_va; 228 vm_prot_t prot; 229 vm_size_t size; 230 int rv; 231 232 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 233 if (shmmap_s == NULL) { 234 size = shminfo.shmseg * sizeof(struct shmmap_state); 235 shmmap_s = malloc(size, M_SHM, M_WAITOK); 236 for (i = 0; i < shminfo.shmseg; i++) 237 shmmap_s[i].shmid = -1; 238 p->p_vmspace->vm_shm = (caddr_t)shmmap_s; 239 } 240 shmseg = shm_find_segment_by_shmid(uap->shmid); 241 if (shmseg == NULL) 242 return EINVAL; 243 error = ipcperm(cred, &shmseg->shm_perm, 244 (uap->shmflg & SHM_RDONLY) ? IPC_R : IPC_R|IPC_W); 245 if (error) 246 return error; 247 for (i = 0; i < shminfo.shmseg; i++) { 248 if (shmmap_s->shmid == -1) 249 break; 250 shmmap_s++; 251 } 252 if (i >= shminfo.shmseg) 253 return EMFILE; 254 size = round_page(shmseg->shm_segsz); 255 prot = VM_PROT_READ; 256 if ((uap->shmflg & SHM_RDONLY) == 0) 257 prot |= VM_PROT_WRITE; 258 flags = MAP_ANON | MAP_SHARED; 259 if (uap->shmaddr) { 260 flags |= MAP_FIXED; 261 if (uap->shmflg & SHM_RND) 262 attach_va = (vm_offset_t)uap->shmaddr & ~(SHMLBA-1); 263 else if (((vm_offset_t)uap->shmaddr & (SHMLBA-1)) == 0) 264 attach_va = (vm_offset_t)uap->shmaddr; 265 else 266 return EINVAL; 267 } else { 268 /* This is just a hint to vm_map_find() about where to put it. */ 269 attach_va = round_page(p->p_vmspace->vm_taddr + MAXTSIZ + MAXDSIZ); 270 } 271 272 shm_handle = shmseg->shm_internal; 273 vm_object_reference(shm_handle->shm_object); 274 rv = vm_map_find(&p->p_vmspace->vm_map, shm_handle->shm_object, 275 0, &attach_va, size, (flags & MAP_FIXED)?0:1, prot, prot, 0); 276 if (rv != KERN_SUCCESS) { 277 return ENOMEM; 278 } 279 vm_map_inherit(&p->p_vmspace->vm_map, 280 attach_va, attach_va + size, VM_INHERIT_SHARE); 281 282 shmmap_s->va = attach_va; 283 shmmap_s->shmid = uap->shmid; 284 shmseg->shm_lpid = p->p_pid; 285 shmseg->shm_atime = time_second; 286 shmseg->shm_nattch++; 287 p->p_retval[0] = attach_va; 288 return 0; 289} 290 291struct oshmid_ds { 292 struct ipc_perm shm_perm; /* operation perms */ 293 int shm_segsz; /* size of segment (bytes) */ 294 ushort shm_cpid; /* pid, creator */ 295 ushort shm_lpid; /* pid, last operation */ 296 short shm_nattch; /* no. of current attaches */ 297 time_t shm_atime; /* last attach time */ 298 time_t shm_dtime; /* last detach time */ 299 time_t shm_ctime; /* last change time */ 300 void *shm_handle; /* internal handle for shm segment */ 301}; 302 303struct oshmctl_args { 304 int shmid; 305 int cmd; 306 struct oshmid_ds *ubuf; 307}; 308 309static int 310oshmctl(p, uap) 311 struct proc *p; 312 struct oshmctl_args *uap; 313{ 314#ifdef COMPAT_43 315 int error; 316 struct ucred *cred = p->p_ucred; 317 struct shmid_ds *shmseg; 318 struct oshmid_ds outbuf; 319 320 shmseg = shm_find_segment_by_shmid(uap->shmid); 321 if (shmseg == NULL) 322 return EINVAL; 323 switch (uap->cmd) { 324 case IPC_STAT: 325 error = ipcperm(cred, &shmseg->shm_perm, IPC_R); 326 if (error) 327 return error; 328 outbuf.shm_perm = shmseg->shm_perm; 329 outbuf.shm_segsz = shmseg->shm_segsz; 330 outbuf.shm_cpid = shmseg->shm_cpid; 331 outbuf.shm_lpid = shmseg->shm_lpid; 332 outbuf.shm_nattch = shmseg->shm_nattch; 333 outbuf.shm_atime = shmseg->shm_atime; 334 outbuf.shm_dtime = shmseg->shm_dtime; 335 outbuf.shm_ctime = shmseg->shm_ctime; 336 outbuf.shm_handle = shmseg->shm_internal; 337 error = copyout((caddr_t)&outbuf, uap->ubuf, sizeof(outbuf)); 338 if (error) 339 return error; 340 break; 341 default: 342 /* XXX casting to (sy_call_t *) is bogus, as usual. */ 343 return ((sy_call_t *)shmctl)(p, uap); 344 } 345 return 0; 346#else 347 return EINVAL; 348#endif 349} 350 351#ifndef _SYS_SYSPROTO_H_ 352struct shmctl_args { 353 int shmid; 354 int cmd; 355 struct shmid_ds *buf; 356}; 357#endif 358 359int 360shmctl(p, uap) 361 struct proc *p; 362 struct shmctl_args *uap; 363{ 364 int error; 365 struct ucred *cred = p->p_ucred; 366 struct shmid_ds inbuf; 367 struct shmid_ds *shmseg; 368 369 shmseg = shm_find_segment_by_shmid(uap->shmid); 370 if (shmseg == NULL) 371 return EINVAL; 372 switch (uap->cmd) { 373 case IPC_STAT: 374 error = ipcperm(cred, &shmseg->shm_perm, IPC_R); 375 if (error) 376 return error; 377 error = copyout((caddr_t)shmseg, uap->buf, sizeof(inbuf)); 378 if (error) 379 return error; 380 break; 381 case IPC_SET: 382 error = ipcperm(cred, &shmseg->shm_perm, IPC_M); 383 if (error) 384 return error; 385 error = copyin(uap->buf, (caddr_t)&inbuf, sizeof(inbuf)); 386 if (error) 387 return error; 388 shmseg->shm_perm.uid = inbuf.shm_perm.uid; 389 shmseg->shm_perm.gid = inbuf.shm_perm.gid; 390 shmseg->shm_perm.mode = 391 (shmseg->shm_perm.mode & ~ACCESSPERMS) | 392 (inbuf.shm_perm.mode & ACCESSPERMS); 393 shmseg->shm_ctime = time_second; 394 break; 395 case IPC_RMID: 396 error = ipcperm(cred, &shmseg->shm_perm, IPC_M); 397 if (error) 398 return error; 399 shmseg->shm_perm.key = IPC_PRIVATE; 400 shmseg->shm_perm.mode |= SHMSEG_REMOVED; 401 if (shmseg->shm_nattch <= 0) { 402 shm_deallocate_segment(shmseg); 403 shm_last_free = IPCID_TO_IX(uap->shmid); 404 } 405 break; 406#if 0 407 case SHM_LOCK: 408 case SHM_UNLOCK: 409#endif 410 default: 411 return EINVAL; 412 } 413 return 0; 414} 415 416#ifndef _SYS_SYSPROTO_H_ 417struct shmget_args { 418 key_t key; 419 size_t size; 420 int shmflg; 421}; 422#endif 423 424static int 425shmget_existing(p, uap, mode, segnum) 426 struct proc *p; 427 struct shmget_args *uap; 428 int mode; 429 int segnum; 430{ 431 struct shmid_ds *shmseg; 432 struct ucred *cred = p->p_ucred; 433 int error; 434 435 shmseg = &shmsegs[segnum]; 436 if (shmseg->shm_perm.mode & SHMSEG_REMOVED) { 437 /* 438 * This segment is in the process of being allocated. Wait 439 * until it's done, and look the key up again (in case the 440 * allocation failed or it was freed). 441 */ 442 shmseg->shm_perm.mode |= SHMSEG_WANTED; 443 error = tsleep((caddr_t)shmseg, PLOCK | PCATCH, "shmget", 0); 444 if (error) 445 return error; 446 return EAGAIN; 447 } 448 error = ipcperm(cred, &shmseg->shm_perm, mode); 449 if (error) 450 return error; 451 if (uap->size && uap->size > shmseg->shm_segsz) 452 return EINVAL; 453 if ((uap->shmflg & (IPC_CREAT | IPC_EXCL)) == (IPC_CREAT | IPC_EXCL)) 454 return EEXIST; 455 p->p_retval[0] = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 456 return 0; 457} 458 459static int 460shmget_allocate_segment(p, uap, mode) 461 struct proc *p; 462 struct shmget_args *uap; 463 int mode; 464{ 465 int i, segnum, shmid, size; 466 struct ucred *cred = p->p_ucred; 467 struct shmid_ds *shmseg; 468 struct shm_handle *shm_handle; 469 470 if (uap->size < shminfo.shmmin || uap->size > shminfo.shmmax) 471 return EINVAL; 472 if (shm_nused >= shminfo.shmmni) /* any shmids left? */ 473 return ENOSPC; 474 size = round_page(uap->size); 475 if (shm_committed + btoc(size) > shminfo.shmall) 476 return ENOMEM; 477 if (shm_last_free < 0) { 478 for (i = 0; i < shminfo.shmmni; i++) 479 if (shmsegs[i].shm_perm.mode & SHMSEG_FREE) 480 break; 481 if (i == shminfo.shmmni) 482 panic("shmseg free count inconsistent"); 483 segnum = i; 484 } else { 485 segnum = shm_last_free; 486 shm_last_free = -1; 487 } 488 shmseg = &shmsegs[segnum]; 489 /* 490 * In case we sleep in malloc(), mark the segment present but deleted 491 * so that noone else tries to create the same key. 492 */ 493 shmseg->shm_perm.mode = SHMSEG_ALLOCATED | SHMSEG_REMOVED; 494 shmseg->shm_perm.key = uap->key; 495 shmseg->shm_perm.seq = (shmseg->shm_perm.seq + 1) & 0x7fff; 496 shm_handle = (struct shm_handle *) 497 malloc(sizeof(struct shm_handle), M_SHM, M_WAITOK); 498 shmid = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 499 500 /* 501 * We make sure that we have allocated a pager before we need 502 * to. 503 */ 504 shm_handle->shm_object = 505 vm_pager_allocate(OBJT_SWAP, 0, OFF_TO_IDX(size), 506 VM_PROT_DEFAULT, 0); 507 shm_handle->shm_object->shadow_count++; 508 shm_handle->shm_object->flags &= ~OBJ_ONEMAPPING; 509 510 shmseg->shm_internal = shm_handle; 511 shmseg->shm_perm.cuid = shmseg->shm_perm.uid = cred->cr_uid; 512 shmseg->shm_perm.cgid = shmseg->shm_perm.gid = cred->cr_gid; 513 shmseg->shm_perm.mode = (shmseg->shm_perm.mode & SHMSEG_WANTED) | 514 (mode & ACCESSPERMS) | SHMSEG_ALLOCATED; 515 shmseg->shm_segsz = uap->size; 516 shmseg->shm_cpid = p->p_pid; 517 shmseg->shm_lpid = shmseg->shm_nattch = 0; 518 shmseg->shm_atime = shmseg->shm_dtime = 0; 519 shmseg->shm_ctime = time_second; 520 shm_committed += btoc(size); 521 shm_nused++; 522 if (shmseg->shm_perm.mode & SHMSEG_WANTED) { 523 /* 524 * Somebody else wanted this key while we were asleep. Wake 525 * them up now. 526 */ 527 shmseg->shm_perm.mode &= ~SHMSEG_WANTED; 528 wakeup((caddr_t)shmseg); 529 } 530 p->p_retval[0] = shmid; 531 return 0; 532} 533 534int 535shmget(p, uap) 536 struct proc *p; 537 struct shmget_args *uap; 538{ 539 int segnum, mode, error; 540 541 mode = uap->shmflg & ACCESSPERMS; 542 if (uap->key != IPC_PRIVATE) { 543 again: 544 segnum = shm_find_segment_by_key(uap->key); 545 if (segnum >= 0) { 546 error = shmget_existing(p, uap, mode, segnum); 547 if (error == EAGAIN) 548 goto again; 549 return error; 550 } 551 if ((uap->shmflg & IPC_CREAT) == 0) 552 return ENOENT; 553 } 554 return shmget_allocate_segment(p, uap, mode); 555} 556 557int 558shmsys(p, uap) 559 struct proc *p; 560 /* XXX actually varargs. */ 561 struct shmsys_args /* { 562 u_int which; 563 int a2; 564 int a3; 565 int a4; 566 } */ *uap; 567{ 568 569 if (uap->which >= sizeof(shmcalls)/sizeof(shmcalls[0])) 570 return EINVAL; 571 return ((*shmcalls[uap->which])(p, &uap->a2)); 572} 573 574void 575shmfork(p1, p2) 576 struct proc *p1, *p2; 577{ 578 struct shmmap_state *shmmap_s; 579 size_t size; 580 int i; 581 582 size = shminfo.shmseg * sizeof(struct shmmap_state); 583 shmmap_s = malloc(size, M_SHM, M_WAITOK); 584 bcopy((caddr_t)p1->p_vmspace->vm_shm, (caddr_t)shmmap_s, size); 585 p2->p_vmspace->vm_shm = (caddr_t)shmmap_s; 586 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 587 if (shmmap_s->shmid != -1) 588 shmsegs[IPCID_TO_IX(shmmap_s->shmid)].shm_nattch++; 589} 590 591void 592shmexit(p) 593 struct proc *p; 594{ 595 struct shmmap_state *shmmap_s; 596 int i; 597 598 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 599 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 600 if (shmmap_s->shmid != -1) 601 shm_delete_mapping(p, shmmap_s); 602 free((caddr_t)p->p_vmspace->vm_shm, M_SHM); 603 p->p_vmspace->vm_shm = NULL; 604} 605 606void 607shminit(dummy) 608 void *dummy; 609{ 610 int i; 611 for (i = 0; i < shminfo.shmmni; i++) { 612 shmsegs[i].shm_perm.mode = SHMSEG_FREE; 613 shmsegs[i].shm_perm.seq = 0; 614 } 615 shm_last_free = 0; 616 shm_nused = 0; 617 shm_committed = 0; 618} 619