1 /* $NetBSD: sysv_ipc.c,v 1.39 2019/04/10 10:03:50 pgoyette Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 2007 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Charles M. Hannum. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: sysv_ipc.c,v 1.39 2019/04/10 10:03:50 pgoyette Exp $"); 34 35 #ifdef _KERNEL_OPT 36 #include "opt_sysv.h" 37 #include "opt_sysvparam.h" 38 #include "opt_compat_netbsd.h" 39 #endif 40 41 #include <sys/syscall.h> 42 #include <sys/syscallargs.h> 43 #include <sys/syscallvar.h> 44 #include <sys/param.h> 45 #include <sys/kernel.h> 46 #include <sys/proc.h> 47 #include <sys/ipc.h> 48 #ifdef SYSVMSG 49 #include <sys/msg.h> 50 #endif 51 #ifdef SYSVSEM 52 #include <sys/sem.h> 53 #endif 54 #ifdef SYSVSHM 55 #include <sys/shm.h> 56 #endif 57 #include <sys/systm.h> 58 #include <sys/kmem.h> 59 #include <sys/module.h> 60 #include <sys/mount.h> 61 #include <sys/vnode.h> 62 #include <sys/stat.h> 63 #include <sys/sysctl.h> 64 #include <sys/kauth.h> 65 #include <sys/compat_stub.h> 66 67 #include <compat/common/compat_sysv_mod.h> /* for sysctl routine vector */ 68 69 /* 70 * Values in support of System V compatible shared memory. XXX 71 * (originally located in sys/conf/param.c) 72 */ 73 #ifdef SYSVSHM 74 #if !defined(SHMMAX) && defined(SHMMAXPGS) 75 #define SHMMAX SHMMAXPGS /* shminit() performs a `*= PAGE_SIZE' */ 76 #elif !defined(SHMMAX) 77 #define SHMMAX 0 78 #endif 79 #ifndef SHMMIN 80 #define SHMMIN 1 81 #endif 82 #ifndef SHMMNI 83 #define SHMMNI 128 /* <64k, see IPCID_TO_IX in ipc.h */ 84 #endif 85 #ifndef SHMSEG 86 #define SHMSEG 128 87 #endif 88 89 struct shminfo shminfo = { 90 SHMMAX, 91 SHMMIN, 92 SHMMNI, 93 SHMSEG, 94 0 95 }; 96 #endif 97 98 /* 99 * Values in support of System V compatible semaphores. 100 */ 101 #ifdef SYSVSEM 102 struct seminfo seminfo = { 103 SEMMAP, /* # of entries in semaphore map */ 104 SEMMNI, /* # of semaphore identifiers */ 105 SEMMNS, /* # of semaphores in system */ 106 SEMMNU, /* # of undo structures in system */ 107 SEMMSL, /* max # of semaphores per id */ 108 SEMOPM, /* max # of operations per semop call */ 109 SEMUME, /* max # of undo entries per process */ 110 SEMUSZ, /* size in bytes of undo structure */ 111 SEMVMX, /* semaphore maximum value */ 112 SEMAEM /* adjust on exit max value */ 113 }; 114 #endif 115 116 /* 117 * Values in support of System V compatible messages. 118 */ 119 #ifdef SYSVMSG 120 struct msginfo msginfo = { 121 MSGMAX, /* max chars in a message */ 122 MSGMNI, /* # of message queue identifiers */ 123 MSGMNB, /* max chars in a queue */ 124 MSGTQL, /* max messages in system */ 125 MSGSSZ, /* size of a message segment */ 126 /* (must be small power of 2 greater than 4) */ 127 MSGSEG /* number of message segments */ 128 }; 129 #endif 130 131 MODULE(MODULE_CLASS_EXEC, sysv_ipc, NULL); 132 133 SYSCTL_SETUP_PROTO(sysctl_ipc_setup); 134 135 static struct sysctllog *sysctl_sysvipc_clog = NULL; 136 137 static const struct syscall_package sysvipc_syscalls[] = { 138 #if defined(SYSVSHM) 139 { SYS___shmctl50, 0, (sy_call_t *)sys___shmctl50 }, 140 { SYS_shmat, 0, (sy_call_t *)sys_shmat }, 141 { SYS_shmdt, 0, (sy_call_t *)sys_shmdt }, 142 { SYS_shmget, 0, (sy_call_t *)sys_shmget }, 143 #endif /* SYSVSHM */ 144 145 #if defined(SYSVSEM) 146 { SYS_____semctl50, 0, (sy_call_t *)sys_____semctl50 }, 147 { SYS_semget, 0, (sy_call_t *)sys_semget }, 148 { SYS_semop, 0, (sy_call_t *)sys_semop }, 149 { SYS_semconfig, 0, (sy_call_t *)sys_semconfig }, 150 #endif /* SYSVSEM */ 151 152 #if defined(SYSVMSG) 153 { SYS___msgctl50, 0, (sy_call_t *)sys___msgctl50 }, 154 { SYS_msgget, 0, (sy_call_t *)sys_msgget }, 155 { SYS_msgsnd, 0, (sy_call_t *)sys_msgsnd }, 156 { SYS_msgrcv, 0, (sy_call_t *)sys_msgrcv }, 157 #endif /* SYSVMSG */ 158 { 0, 0, NULL } 159 }; 160 161 static int 162 sysv_ipc_modcmd(modcmd_t cmd, void *arg) 163 { 164 int error = 0; 165 166 switch (cmd) { 167 case MODULE_CMD_INIT: 168 /* Set up the kauth listener */ 169 sysvipcinit(); 170 171 /* Link the system calls */ 172 error = syscall_establish(NULL, sysvipc_syscalls); 173 if (error) { 174 sysvipcfini(); 175 return error; 176 } 177 178 /* 179 * Initialize each sub-component, including their 180 * sysctl data 181 */ 182 #ifdef SYSVSHM 183 error = shminit(&sysctl_sysvipc_clog); 184 if (error != 0) 185 return error; 186 #endif 187 #ifdef SYSVSEM 188 error = seminit(&sysctl_sysvipc_clog); 189 if (error != 0) { 190 #ifdef SYSVSHM 191 shmfini(); 192 #endif 193 return error; 194 } 195 #endif 196 #ifdef SYSVMSG 197 error = msginit(&sysctl_sysvipc_clog); 198 if (error != 0) { 199 #ifdef SYSVSEM 200 semfini(); 201 #endif 202 #ifdef SYSVSHM 203 shmfini(); 204 #endif 205 return error; 206 } 207 #endif 208 209 #ifdef _MODULE 210 /* Set up the common sysctl tree */ 211 sysctl_ipc_setup(&sysctl_sysvipc_clog); 212 #endif 213 break; 214 case MODULE_CMD_FINI: 215 /* 216 * Make sure no subcomponents are active. Each one 217 * tells us if it is busy, and if it was _not_ busy, 218 * we assume it has already done its own clean-up. 219 * So we might need to re-init any components that 220 * are successfully fini'd if we find one that is 221 * still busy. 222 */ 223 #ifdef SYSVSHM 224 if (shmfini()) { 225 return EBUSY; 226 } 227 #endif 228 #ifdef SYSVSEM 229 if (semfini()) { 230 #ifdef SYSVSHM 231 shminit(NULL); 232 #endif 233 return EBUSY; 234 } 235 #endif 236 #ifdef SYSVMSG 237 if (msgfini()) { 238 #ifdef SYSVSEM 239 seminit(NULL); 240 #endif 241 #ifdef SYSVSHM 242 shminit(NULL); 243 #endif 244 return EBUSY; 245 } 246 #endif 247 248 #ifdef _MODULE 249 /* Remove the sysctl sub-trees */ 250 sysctl_teardown(&sysctl_sysvipc_clog); 251 #endif 252 253 /* Unlink the system calls. */ 254 error = syscall_disestablish(NULL, sysvipc_syscalls); 255 if (error) 256 return error; 257 258 /* Remove the kauth listener */ 259 sysvipcfini(); 260 break; 261 default: 262 return ENOTTY; 263 } 264 return error; 265 } 266 267 static kauth_listener_t sysvipc_listener = NULL; 268 269 static int 270 sysvipc_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, 271 void *arg0, void *arg1, void *arg2, void *arg3) 272 { 273 mode_t mask; 274 int ismember = 0; 275 struct ipc_perm *perm; 276 int mode; 277 enum kauth_system_req req; 278 279 req = (enum kauth_system_req)arg0; 280 281 if (!(action == KAUTH_SYSTEM_SYSVIPC && 282 req == KAUTH_REQ_SYSTEM_SYSVIPC_BYPASS)) 283 return KAUTH_RESULT_DEFER; 284 285 perm = arg1; 286 mode = (int)(uintptr_t)arg2; 287 288 if (mode == IPC_M) { 289 if (kauth_cred_geteuid(cred) == perm->uid || 290 kauth_cred_geteuid(cred) == perm->cuid) 291 return (KAUTH_RESULT_ALLOW); 292 return (KAUTH_RESULT_DEFER); /* EPERM */ 293 } 294 295 mask = 0; 296 297 if (kauth_cred_geteuid(cred) == perm->uid || 298 kauth_cred_geteuid(cred) == perm->cuid) { 299 if (mode & IPC_R) 300 mask |= S_IRUSR; 301 if (mode & IPC_W) 302 mask |= S_IWUSR; 303 return ((perm->mode & mask) == mask ? KAUTH_RESULT_ALLOW : KAUTH_RESULT_DEFER /* EACCES */); 304 } 305 306 if (kauth_cred_getegid(cred) == perm->gid || 307 (kauth_cred_ismember_gid(cred, perm->gid, &ismember) == 0 && ismember) || 308 kauth_cred_getegid(cred) == perm->cgid || 309 (kauth_cred_ismember_gid(cred, perm->cgid, &ismember) == 0 && ismember)) { 310 if (mode & IPC_R) 311 mask |= S_IRGRP; 312 if (mode & IPC_W) 313 mask |= S_IWGRP; 314 return ((perm->mode & mask) == mask ? KAUTH_RESULT_ALLOW : KAUTH_RESULT_DEFER /* EACCES */); 315 } 316 317 if (mode & IPC_R) 318 mask |= S_IROTH; 319 if (mode & IPC_W) 320 mask |= S_IWOTH; 321 return ((perm->mode & mask) == mask ? KAUTH_RESULT_ALLOW : KAUTH_RESULT_DEFER /* EACCES */); 322 } 323 324 /* 325 * Check for ipc permission 326 */ 327 328 int 329 ipcperm(kauth_cred_t cred, struct ipc_perm *perm, int mode) 330 { 331 int error; 332 333 error = kauth_authorize_system(cred, KAUTH_SYSTEM_SYSVIPC, 334 KAUTH_REQ_SYSTEM_SYSVIPC_BYPASS, perm, KAUTH_ARG(mode), NULL); 335 if (error == 0) 336 return (0); 337 338 /* Adjust EPERM and EACCES errors until there's a better way to do this. */ 339 if (mode != IPC_M) 340 error = EACCES; 341 342 return error; 343 } 344 345 void 346 sysvipcfini(void) 347 { 348 349 KASSERT(sysvipc_listener != NULL); 350 kauth_unlisten_scope(sysvipc_listener); 351 sysvipc_listener = NULL; 352 } 353 354 void 355 sysvipcinit(void) 356 { 357 358 KASSERT(sysvipc_listener == NULL); 359 360 sysvipc_listener = kauth_listen_scope(KAUTH_SCOPE_SYSTEM, 361 sysvipc_listener_cb, NULL); 362 } 363 364 static int 365 stub_sysvipc50_sysctl(SYSCTLFN_ARGS) 366 { 367 return EPASSTHROUGH; 368 } 369 370 static int 371 sysctl_kern_sysvipc(SYSCTLFN_ARGS) 372 { 373 void *where = oldp; 374 size_t sz, *sizep = oldlenp; 375 #ifdef SYSVMSG 376 struct msg_sysctl_info *msgsi = NULL; 377 #endif 378 #ifdef SYSVSEM 379 struct sem_sysctl_info *semsi = NULL; 380 #endif 381 #ifdef SYSVSHM 382 struct shm_sysctl_info *shmsi = NULL; 383 #endif 384 size_t infosize, dssize, tsize, buflen; 385 void *bf = NULL; 386 char *start; 387 int32_t nds; 388 int i, error, ret; 389 390 /* 391 * If present, call the compat sysctl() code. If it handles the request 392 * completely (either success or error), return. Otherwise fallthrough 393 * to the non-compat sysctl code. 394 */ 395 396 MODULE_HOOK_CALL(sysvipc_sysctl_50_hook, (SYSCTLFN_CALL(rnode)), 397 stub_sysvipc50_sysctl(SYSCTLFN_CALL(rnode)), error); 398 if (error != EPASSTHROUGH) 399 return error; 400 401 if (namelen != 1) 402 return EINVAL; 403 404 start = where; 405 buflen = *sizep; 406 407 switch (*name) { 408 case KERN_SYSVIPC_MSG_INFO: 409 #ifdef SYSVMSG 410 infosize = sizeof(msgsi->msginfo); 411 nds = msginfo.msgmni; 412 dssize = sizeof(msgsi->msgids[0]); 413 break; 414 #else 415 return EINVAL; 416 #endif 417 case KERN_SYSVIPC_SEM_INFO: 418 #ifdef SYSVSEM 419 infosize = sizeof(semsi->seminfo); 420 nds = seminfo.semmni; 421 dssize = sizeof(semsi->semids[0]); 422 break; 423 #else 424 return EINVAL; 425 #endif 426 case KERN_SYSVIPC_SHM_INFO: 427 #ifdef SYSVSHM 428 infosize = sizeof(shmsi->shminfo); 429 nds = shminfo.shmmni; 430 dssize = sizeof(shmsi->shmids[0]); 431 break; 432 #else 433 return EINVAL; 434 #endif 435 default: 436 return EINVAL; 437 } 438 /* 439 * Round infosize to 64 bit boundary if requesting more than just 440 * the info structure or getting the total data size. 441 */ 442 if (where == NULL || *sizep > infosize) 443 infosize = roundup(infosize, sizeof(quad_t)); 444 tsize = infosize + nds * dssize; 445 446 /* Return just the total size required. */ 447 if (where == NULL) { 448 *sizep = tsize; 449 return 0; 450 } 451 452 /* Not enough room for even the info struct. */ 453 if (buflen < infosize) { 454 *sizep = 0; 455 return ENOMEM; 456 } 457 sz = uimin(tsize, buflen); 458 bf = kmem_zalloc(sz, KM_SLEEP); 459 460 switch (*name) { 461 #ifdef SYSVMSG 462 case KERN_SYSVIPC_MSG_INFO: 463 msgsi = (struct msg_sysctl_info *)bf; 464 msgsi->msginfo = msginfo; 465 break; 466 #endif 467 #ifdef SYSVSEM 468 case KERN_SYSVIPC_SEM_INFO: 469 semsi = (struct sem_sysctl_info *)bf; 470 semsi->seminfo = seminfo; 471 break; 472 #endif 473 #ifdef SYSVSHM 474 case KERN_SYSVIPC_SHM_INFO: 475 shmsi = (struct shm_sysctl_info *)bf; 476 shmsi->shminfo = shminfo; 477 break; 478 #endif 479 } 480 buflen -= infosize; 481 482 ret = 0; 483 if (buflen > 0) { 484 /* Fill in the IPC data structures. */ 485 for (i = 0; i < nds; i++) { 486 if (buflen < dssize) { 487 ret = ENOMEM; 488 break; 489 } 490 switch (*name) { 491 #ifdef SYSVMSG 492 case KERN_SYSVIPC_MSG_INFO: 493 mutex_enter(&msgmutex); 494 SYSCTL_FILL_MSG(msqs[i].msq_u, msgsi->msgids[i]); 495 mutex_exit(&msgmutex); 496 break; 497 #endif 498 #ifdef SYSVSEM 499 case KERN_SYSVIPC_SEM_INFO: 500 SYSCTL_FILL_SEM(sema[i], semsi->semids[i]); 501 break; 502 #endif 503 #ifdef SYSVSHM 504 case KERN_SYSVIPC_SHM_INFO: 505 SYSCTL_FILL_SHM(shmsegs[i], shmsi->shmids[i]); 506 break; 507 #endif 508 } 509 buflen -= dssize; 510 } 511 } 512 *sizep -= buflen; 513 error = copyout(bf, start, *sizep); 514 /* If copyout succeeded, use return code set earlier. */ 515 if (error == 0) 516 error = ret; 517 if (bf) 518 kmem_free(bf, sz); 519 return error; 520 } 521 522 SYSCTL_SETUP(sysctl_ipc_setup, "sysctl kern.ipc subtree setup") 523 { 524 525 sysctl_createv(clog, 0, NULL, NULL, 526 CTLFLAG_PERMANENT, 527 CTLTYPE_NODE, "ipc", 528 SYSCTL_DESCR("SysV IPC options"), 529 NULL, 0, NULL, 0, 530 CTL_KERN, KERN_SYSVIPC, CTL_EOL); 531 532 sysctl_createv(clog, 0, NULL, NULL, 533 CTLFLAG_PERMANENT, 534 CTLTYPE_STRUCT, "sysvipc_info", 535 SYSCTL_DESCR("System V style IPC information"), 536 sysctl_kern_sysvipc, 0, NULL, 0, 537 CTL_KERN, KERN_SYSVIPC, KERN_SYSVIPC_INFO, CTL_EOL); 538 } 539