sysv_shm.c revision 1.24
1/* $NetBSD: sysv_shm.c,v 1.24 1994/08/22 23:37:17 deraadt Exp $ */ 2 3/* 4 * Copyright (c) 1994 Adam Glass and Charles Hannum. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. All advertising materials mentioning features or use of this software 15 * must display the following acknowledgement: 16 * This product includes software developed by Adam Glass and Charles 17 * Hannum. 18 * 4. The names of the authors may not be used to endorse or promote products 19 * derived from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR 22 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 23 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 24 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 26 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33#include <sys/types.h> 34#include <sys/param.h> 35#include <sys/kernel.h> 36#include <sys/shm.h> 37#include <sys/proc.h> 38#include <sys/uio.h> 39#include <sys/time.h> 40#include <sys/malloc.h> 41#include <sys/mman.h> 42#include <sys/systm.h> 43#include <sys/stat.h> 44 45#include <vm/vm.h> 46#include <vm/vm_map.h> 47#include <vm/vm_map.h> 48#include <vm/vm_kern.h> 49 50/* 51 * Provides the following externally accessible functions: 52 * 53 * shminit(void); initialization 54 * shmexit(struct proc *) cleanup 55 * shmfork(struct proc *, struct proc *, int) fork handling 56 * shmsys(arg1, arg2, arg3, arg4); shm{at,ctl,dt,get}(arg2, arg3, arg4) 57 * 58 * Structures: 59 * shmsegs (an array of 'struct shmid_ds') 60 * per proc array of 'struct shmmap_state' 61 */ 62 63int shmat(), shmctl(), shmdt(), shmget(); 64int (*shmcalls[])() = { shmat, shmctl, shmdt, shmget }; 65 66#define SHMSEG_FREE 0x0200 67#define SHMSEG_REMOVED 0x0400 68#define SHMSEG_ALLOCATED 0x0800 69#define SHMSEG_WANTED 0x1000 70 71vm_map_t sysvshm_map; 72int shm_last_free, shm_nused, shm_committed; 73 74struct shm_handle { 75 vm_offset_t kva; 76}; 77 78struct shmmap_state { 79 vm_offset_t va; 80 int shmid; 81}; 82 83static void shm_deallocate_segment __P((struct shmid_ds *)); 84static int shm_find_segment_by_key __P((key_t)); 85static struct shmid_ds *shm_find_segment_by_shmid __P((int)); 86static int shm_delete_mapping __P((struct proc *, struct shmmap_state *)); 87 88static int 89shm_find_segment_by_key(key) 90 key_t key; 91{ 92 int i; 93 94 for (i = 0; i < shminfo.shmmni; i++) 95 if ((shmsegs[i].shm_perm.mode & SHMSEG_ALLOCATED) && 96 shmsegs[i].shm_perm.key == key) 97 return i; 98 return -1; 99} 100 101static struct shmid_ds * 102shm_find_segment_by_shmid(shmid) 103 int shmid; 104{ 105 int segnum; 106 struct shmid_ds *shmseg; 107 108 segnum = IPCID_TO_IX(shmid); 109 if (segnum < 0 || segnum >= shminfo.shmmni) 110 return NULL; 111 shmseg = &shmsegs[segnum]; 112 if ((shmseg->shm_perm.mode & (SHMSEG_ALLOCATED | SHMSEG_REMOVED)) 113 != SHMSEG_ALLOCATED || 114 shmseg->shm_perm.seq != IPCID_TO_SEQ(shmid)) 115 return NULL; 116 return shmseg; 117} 118 119static void 120shm_deallocate_segment(shmseg) 121 struct shmid_ds *shmseg; 122{ 123 struct shm_handle *shm_handle; 124 size_t size; 125 126 shm_handle = shmseg->shm_internal; 127 size = (shmseg->shm_segsz + CLOFSET) & ~CLOFSET; 128 vm_deallocate(sysvshm_map, shm_handle->kva, size); 129 free((caddr_t)shm_handle, M_SHM); 130 shmseg->shm_internal = NULL; 131 shm_committed -= btoc(size); 132 shmseg->shm_perm.mode = SHMSEG_FREE; 133} 134 135static int 136shm_delete_mapping(p, shmmap_s) 137 struct proc *p; 138 struct shmmap_state *shmmap_s; 139{ 140 struct shmid_ds *shmseg; 141 int segnum, result; 142 size_t size; 143 144 segnum = IPCID_TO_IX(shmmap_s->shmid); 145 shmseg = &shmsegs[segnum]; 146 size = (shmseg->shm_segsz + CLOFSET) & ~CLOFSET; 147 result = vm_deallocate(&p->p_vmspace->vm_map, shmmap_s->va, size); 148 if (result != KERN_SUCCESS) 149 return EINVAL; 150 shmmap_s->shmid = -1; 151 shmseg->shm_dtime = time.tv_sec; 152 if ((--shmseg->shm_nattch <= 0) && 153 (shmseg->shm_perm.mode & SHMSEG_REMOVED)) { 154 shm_deallocate_segment(shmseg); 155 shm_last_free = segnum; 156 } 157 return 0; 158} 159 160struct shmdt_args { 161 void *shmaddr; 162}; 163int 164shmdt(p, uap, retval) 165 struct proc *p; 166 struct shmdt_args *uap; 167 int *retval; 168{ 169 struct shmmap_state *shmmap_s; 170 int i; 171 172 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 173 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 174 if (shmmap_s->shmid != -1 && 175 shmmap_s->va == (vm_offset_t)uap->shmaddr) 176 break; 177 if (i == shminfo.shmseg) 178 return EINVAL; 179 return shm_delete_mapping(p, shmmap_s); 180} 181 182struct shmat_args { 183 int shmid; 184 void *shmaddr; 185 int shmflg; 186}; 187int 188shmat(p, uap, retval) 189 struct proc *p; 190 struct shmat_args *uap; 191 int *retval; 192{ 193 int error, i, flags; 194 struct ucred *cred = p->p_ucred; 195 struct shmid_ds *shmseg; 196 struct shmmap_state *shmmap_s = NULL; 197 vm_offset_t attach_va; 198 vm_prot_t prot; 199 vm_size_t size; 200 201 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 202 if (shmmap_s == NULL) { 203 size = shminfo.shmseg * sizeof(struct shmmap_state); 204 shmmap_s = malloc(size, M_SHM, M_WAITOK); 205 for (i = 0; i < shminfo.shmseg; i++) 206 shmmap_s[i].shmid = -1; 207 p->p_vmspace->vm_shm = (caddr_t)shmmap_s; 208 } 209 shmseg = shm_find_segment_by_shmid(uap->shmid); 210 if (shmseg == NULL) 211 return EINVAL; 212 if (error = ipcperm(cred, &shmseg->shm_perm, 213 (uap->shmflg & SHM_RDONLY) ? IPC_R : IPC_R|IPC_W)) 214 return error; 215 for (i = 0; i < shminfo.shmseg; i++) { 216 if (shmmap_s->shmid == -1) 217 break; 218 shmmap_s++; 219 } 220 if (i >= shminfo.shmseg) 221 return EMFILE; 222 size = (shmseg->shm_segsz + CLOFSET) & ~CLOFSET; 223 prot = VM_PROT_READ; 224 if ((uap->shmflg & SHM_RDONLY) == 0) 225 prot |= VM_PROT_WRITE; 226 flags = MAP_ANON | MAP_SHARED; 227 if (uap->shmaddr) { 228 flags |= MAP_FIXED; 229 if (uap->shmflg & SHM_RND) 230 attach_va = (vm_offset_t)uap->shmaddr & ~(SHMLBA-1); 231 else if (((vm_offset_t)uap->shmaddr & (SHMLBA-1)) == 0) 232 attach_va = (vm_offset_t)uap->shmaddr; 233 else 234 return EINVAL; 235 } else { 236 /* This is just a hint to vm_mmap() about where to put it. */ 237 attach_va = round_page(p->p_vmspace->vm_daddr + MAXDSIZ); 238 } 239 error = vm_mmap(&p->p_vmspace->vm_map, &attach_va, size, prot, 240 VM_PROT_DEFAULT, flags, (caddr_t) uap->shmid, 0); 241 if (error) 242 return error; 243 shmmap_s->va = attach_va; 244 shmmap_s->shmid = uap->shmid; 245 shmseg->shm_lpid = p->p_pid; 246 shmseg->shm_atime = time.tv_sec; 247 shmseg->shm_nattch++; 248 *retval = attach_va; 249 return 0; 250} 251 252struct shmctl_args { 253 int shmid; 254 int cmd; 255 struct shmat_ds *ubuf; 256}; 257int 258shmctl(p, uap, retval) 259 struct proc *p; 260 struct shmctl_args *uap; 261 int *retval; 262{ 263 int error, segnum; 264 struct ucred *cred = p->p_ucred; 265 struct shmid_ds inbuf; 266 struct shmid_ds *shmseg; 267 268 shmseg = shm_find_segment_by_shmid(uap->shmid); 269 if (shmseg == NULL) 270 return EINVAL; 271 switch (uap->cmd) { 272 case IPC_STAT: 273 if (error = ipcperm(cred, &shmseg->shm_perm, IPC_R)) 274 return error; 275 if (error = copyout((caddr_t)shmseg, uap->ubuf, sizeof(inbuf))) 276 return error; 277 break; 278 case IPC_SET: 279 if (error = ipcperm(cred, &shmseg->shm_perm, IPC_M)) 280 return error; 281 if (error = copyin(uap->ubuf, (caddr_t)&inbuf, sizeof(inbuf))) 282 return error; 283 shmseg->shm_perm.uid = inbuf.shm_perm.uid; 284 shmseg->shm_perm.gid = inbuf.shm_perm.gid; 285 shmseg->shm_perm.mode = 286 (shmseg->shm_perm.mode & ~ACCESSPERMS) | 287 (inbuf.shm_perm.mode & ACCESSPERMS); 288 shmseg->shm_ctime = time.tv_sec; 289 break; 290 case IPC_RMID: 291 if (error = ipcperm(cred, &shmseg->shm_perm, IPC_M)) 292 return error; 293 shmseg->shm_perm.key = IPC_PRIVATE; 294 shmseg->shm_perm.mode |= SHMSEG_REMOVED; 295 if (shmseg->shm_nattch <= 0) { 296 shm_deallocate_segment(shmseg); 297 shm_last_free = IPCID_TO_IX(uap->shmid); 298 } 299 break; 300#if 0 301 case SHM_LOCK: 302 case SHM_UNLOCK: 303#endif 304 default: 305 return EINVAL; 306 } 307 return 0; 308} 309 310struct shmget_args { 311 key_t key; 312 size_t size; 313 int shmflg; 314}; 315static int 316shmget_existing(p, uap, mode, segnum, retval) 317 struct proc *p; 318 struct shmget_args *uap; 319 int mode; 320 int segnum; 321 int *retval; 322{ 323 struct shmid_ds *shmseg; 324 struct ucred *cred = p->p_ucred; 325 int error; 326 327 shmseg = &shmsegs[segnum]; 328 if (shmseg->shm_perm.mode & SHMSEG_REMOVED) { 329 /* 330 * This segment is in the process of being allocated. Wait 331 * until it's done, and look the key up again (in case the 332 * allocation failed or it was freed). 333 */ 334 shmseg->shm_perm.mode |= SHMSEG_WANTED; 335 if (error = 336 tsleep((caddr_t)shmseg, PLOCK | PCATCH, "shmget", 0)) 337 return error; 338 return EAGAIN; 339 } 340 if (error = ipcperm(cred, &shmseg->shm_perm, mode)) 341 return error; 342 if (uap->size && uap->size > shmseg->shm_segsz) 343 return EINVAL; 344 if (uap->shmflg & (IPC_CREAT | IPC_EXCL) == (IPC_CREAT | IPC_EXCL)) 345 return EEXIST; 346 *retval = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 347 return 0; 348} 349 350static int 351shmget_allocate_segment(p, uap, mode, retval) 352 struct proc *p; 353 struct shmget_args *uap; 354 int mode; 355 int *retval; 356{ 357 int i, segnum, result, shmid, size; 358 struct ucred *cred = p->p_ucred; 359 struct shmid_ds *shmseg; 360 struct shm_handle *shm_handle; 361 362 if (uap->size < shminfo.shmmin || uap->size > shminfo.shmmax) 363 return EINVAL; 364 if (shm_nused >= shminfo.shmmni) /* any shmids left? */ 365 return ENOSPC; 366 size = (uap->size + CLOFSET) & ~CLOFSET; 367 if (shm_committed + btoc(size) > shminfo.shmall) 368 return ENOMEM; 369 if (shm_last_free < 0) { 370 for (i = 0; i < shminfo.shmmni; i++) 371 if (shmsegs[i].shm_perm.mode & SHMSEG_FREE) 372 break; 373 if (i == shminfo.shmmni) 374 panic("shmseg free count inconsistent"); 375 segnum = i; 376 } else { 377 segnum = shm_last_free; 378 shm_last_free = -1; 379 } 380 shmseg = &shmsegs[segnum]; 381 /* 382 * In case we sleep in malloc(), mark the segment present but deleted 383 * so that noone else tries to create the same key. 384 */ 385 shmseg->shm_perm.mode = SHMSEG_ALLOCATED | SHMSEG_REMOVED; 386 shmseg->shm_perm.key = uap->key; 387 shmseg->shm_perm.seq = (shmseg->shm_perm.seq + 1) & 0x7fff; 388 shm_handle = (struct shm_handle *) 389 malloc(sizeof(struct shm_handle), M_SHM, M_WAITOK); 390 shmid = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 391 result = vm_mmap(sysvshm_map, &shm_handle->kva, size, VM_PROT_ALL, 392 VM_PROT_DEFAULT, MAP_ANON, (caddr_t) shmid, 0); 393 if (result != KERN_SUCCESS) { 394 shmseg->shm_perm.mode = SHMSEG_FREE; 395 shm_last_free = segnum; 396 free((caddr_t)shm_handle, M_SHM); 397 /* Just in case. */ 398 wakeup((caddr_t)shmseg); 399 return ENOMEM; 400 } 401 shmseg->shm_internal = shm_handle; 402 shmseg->shm_perm.cuid = shmseg->shm_perm.uid = cred->cr_uid; 403 shmseg->shm_perm.cgid = shmseg->shm_perm.gid = cred->cr_gid; 404 shmseg->shm_perm.mode = (shmseg->shm_perm.mode & SHMSEG_WANTED) | 405 (mode & ACCESSPERMS) | SHMSEG_ALLOCATED; 406 shmseg->shm_segsz = uap->size; 407 shmseg->shm_cpid = p->p_pid; 408 shmseg->shm_lpid = shmseg->shm_nattch = 0; 409 shmseg->shm_atime = shmseg->shm_dtime = 0; 410 shmseg->shm_ctime = time.tv_sec; 411 shm_committed += btoc(size); 412 shm_nused++; 413 if (shmseg->shm_perm.mode & SHMSEG_WANTED) { 414 /* 415 * Somebody else wanted this key while we were asleep. Wake 416 * them up now. 417 */ 418 shmseg->shm_perm.mode &= ~SHMSEG_WANTED; 419 wakeup((caddr_t)shmseg); 420 } 421 *retval = shmid; 422 return 0; 423} 424 425int 426shmget(p, uap, retval) 427 struct proc *p; 428 struct shmget_args *uap; 429 int *retval; 430{ 431 int segnum, mode, error; 432 struct shmid_ds *shmseg; 433 434 mode = uap->shmflg & ACCESSPERMS; 435 if (uap->key != IPC_PRIVATE) { 436 again: 437 segnum = shm_find_segment_by_key(uap->key); 438 if (segnum >= 0) { 439 error = shmget_existing(p, uap, mode, segnum, retval); 440 if (error == EAGAIN) 441 goto again; 442 return error; 443 } 444 if ((uap->shmflg & IPC_CREAT) == 0) 445 return ENOENT; 446 } 447 return shmget_allocate_segment(p, uap, mode, retval); 448} 449 450struct shmsys_args { 451 u_int which; 452}; 453int 454shmsys(p, uap, retval) 455 struct proc *p; 456 struct shmsys_args *uap; 457 int *retval; 458{ 459 460 if (uap->which >= sizeof(shmcalls)/sizeof(shmcalls[0])) 461 return EINVAL; 462 return ((*shmcalls[uap->which])(p, &uap[1], retval)); 463} 464 465void 466shmfork(p1, p2, isvfork) 467 struct proc *p1, *p2; 468 int isvfork; 469{ 470 struct shmmap_state *shmmap_s; 471 size_t size; 472 int i; 473 474 size = shminfo.shmseg * sizeof(struct shmmap_state); 475 shmmap_s = malloc(size, M_SHM, M_WAITOK); 476 bcopy((caddr_t)p1->p_vmspace->vm_shm, (caddr_t)shmmap_s, size); 477 p2->p_vmspace->vm_shm = (caddr_t)shmmap_s; 478 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 479 if (shmmap_s->shmid != -1) 480 shmsegs[IPCID_TO_IX(shmmap_s->shmid)].shm_nattch++; 481} 482 483void 484shmexit(p) 485 struct proc *p; 486{ 487 struct shmmap_state *shmmap_s; 488 struct shmid_ds *shmseg; 489 int i; 490 491 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 492 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 493 if (shmmap_s->shmid != -1) 494 shm_delete_mapping(p, shmmap_s); 495 free((caddr_t)p->p_vmspace->vm_shm, M_SHM); 496 p->p_vmspace->vm_shm = NULL; 497} 498 499void 500shminit() 501{ 502 int i; 503 vm_offset_t garbage1, garbage2; 504 505 shminfo.shmmax *= NBPG; 506 507 /* actually this *should* be pageable. SHM_{LOCK,UNLOCK} */ 508 sysvshm_map = kmem_suballoc(kernel_map, &garbage1, &garbage2, 509 shminfo.shmall * NBPG, TRUE); 510 for (i = 0; i < shminfo.shmmni; i++) { 511 shmsegs[i].shm_perm.mode = SHMSEG_FREE; 512 shmsegs[i].shm_perm.seq = 0; 513 } 514 shm_last_free = 0; 515 shm_nused = 0; 516 shm_committed = 0; 517} 518