1 /* $NetBSD: sysv_shm.c,v 1.41 1998/01/03 02:50:32 thorpej Exp $ */ 2 3 /* 4 * Copyright (c) 1994 Adam Glass and Charles Hannum. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. All advertising materials mentioning features or use of this software 15 * must display the following acknowledgement: 16 * This product includes software developed by Adam Glass and Charles 17 * Hannum. 18 * 4. The names of the authors may not be used to endorse or promote products 19 * derived from this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR 22 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 23 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 24 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 26 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #include <sys/types.h> 34 #include <sys/param.h> 35 #include <sys/kernel.h> 36 #include <sys/shm.h> 37 #include <sys/proc.h> 38 #include <sys/uio.h> 39 #include <sys/time.h> 40 #include <sys/malloc.h> 41 #include <sys/mman.h> 42 #include <sys/systm.h> 43 #include <sys/stat.h> 44 45 #include <sys/mount.h> 46 #include <sys/syscallargs.h> 47 48 #include <vm/vm.h> 49 #include <vm/vm_map.h> 50 #include <vm/vm_map.h> 51 #include <vm/vm_kern.h> 52 53 struct shmid_ds *shm_find_segment_by_shmid __P((int)); 54 55 /* 56 * Provides the following externally accessible functions: 57 * 58 * shminit(void); initialization 59 * shmexit(struct vmspace *) cleanup 60 * shmfork(struct vmspace *, struct vmspace *) fork handling 61 * shmsys(arg1, arg2, arg3, arg4); shm{at,ctl,dt,get}(arg2, arg3, arg4) 62 * 63 * Structures: 64 * shmsegs (an array of 'struct shmid_ds') 65 * per proc array of 'struct shmmap_state' 66 */ 67 68 #define SHMSEG_FREE 0x0200 69 #define SHMSEG_REMOVED 0x0400 70 #define SHMSEG_ALLOCATED 0x0800 71 #define SHMSEG_WANTED 0x1000 72 73 int shm_last_free, shm_nused, shm_committed; 74 75 struct shm_handle { 76 vm_object_t shm_object; 77 }; 78 79 struct shmmap_state { 80 vm_offset_t va; 81 int shmid; 82 }; 83 84 static int shm_find_segment_by_key __P((key_t)); 85 static void shm_deallocate_segment __P((struct shmid_ds *)); 86 static int shm_delete_mapping __P((struct vmspace *, struct shmmap_state *)); 87 static int shmget_existing __P((struct proc *, struct sys_shmget_args *, 88 int, int, register_t *)); 89 static int shmget_allocate_segment __P((struct proc *, struct sys_shmget_args *, 90 int, register_t *)); 91 92 static int 93 shm_find_segment_by_key(key) 94 key_t key; 95 { 96 int i; 97 98 for (i = 0; i < shminfo.shmmni; i++) 99 if ((shmsegs[i].shm_perm.mode & SHMSEG_ALLOCATED) && 100 shmsegs[i].shm_perm.key == key) 101 return i; 102 return -1; 103 } 104 105 struct shmid_ds * 106 shm_find_segment_by_shmid(shmid) 107 int shmid; 108 { 109 int segnum; 110 struct shmid_ds *shmseg; 111 112 segnum = IPCID_TO_IX(shmid); 113 if (segnum < 0 || segnum >= shminfo.shmmni) 114 return NULL; 115 shmseg = &shmsegs[segnum]; 116 if ((shmseg->shm_perm.mode & (SHMSEG_ALLOCATED | SHMSEG_REMOVED)) 117 != SHMSEG_ALLOCATED || 118 shmseg->shm_perm.seq != IPCID_TO_SEQ(shmid)) 119 return NULL; 120 return shmseg; 121 } 122 123 static void 124 shm_deallocate_segment(shmseg) 125 struct shmid_ds *shmseg; 126 { 127 struct shm_handle *shm_handle; 128 size_t size; 129 130 shm_handle = shmseg->shm_internal; 131 size = (shmseg->shm_segsz + CLOFSET) & ~CLOFSET; 132 vm_object_deallocate(shm_handle->shm_object); 133 free((caddr_t)shm_handle, M_SHM); 134 shmseg->shm_internal = NULL; 135 shm_committed -= btoc(size); 136 shmseg->shm_perm.mode = SHMSEG_FREE; 137 shm_nused--; 138 } 139 140 static int 141 shm_delete_mapping(vm, shmmap_s) 142 struct vmspace *vm; 143 struct shmmap_state *shmmap_s; 144 { 145 struct shmid_ds *shmseg; 146 int segnum, result; 147 size_t size; 148 149 segnum = IPCID_TO_IX(shmmap_s->shmid); 150 shmseg = &shmsegs[segnum]; 151 size = (shmseg->shm_segsz + CLOFSET) & ~CLOFSET; 152 result = vm_map_remove(&vm->vm_map, 153 shmmap_s->va, shmmap_s->va + size); 154 if (result != KERN_SUCCESS) 155 return EINVAL; 156 shmmap_s->shmid = -1; 157 shmseg->shm_dtime = time.tv_sec; 158 if ((--shmseg->shm_nattch <= 0) && 159 (shmseg->shm_perm.mode & SHMSEG_REMOVED)) { 160 shm_deallocate_segment(shmseg); 161 shm_last_free = segnum; 162 } 163 return 0; 164 } 165 166 int 167 sys_shmdt(p, v, retval) 168 struct proc *p; 169 void *v; 170 register_t *retval; 171 { 172 struct sys_shmdt_args /* { 173 syscallarg(void *) shmaddr; 174 } */ *uap = v; 175 struct shmmap_state *shmmap_s; 176 int i; 177 178 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 179 if (shmmap_s == NULL) 180 return EINVAL; 181 182 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 183 if (shmmap_s->shmid != -1 && 184 shmmap_s->va == (vm_offset_t)SCARG(uap, shmaddr)) 185 break; 186 if (i == shminfo.shmseg) 187 return EINVAL; 188 return shm_delete_mapping(p->p_vmspace, shmmap_s); 189 } 190 191 int 192 sys_shmat(p, v, retval) 193 struct proc *p; 194 void *v; 195 register_t *retval; 196 { 197 struct sys_shmat_args /* { 198 syscallarg(int) shmid; 199 syscallarg(void *) shmaddr; 200 syscallarg(int) shmflg; 201 } */ *uap = v; 202 int error, i, flags; 203 struct ucred *cred = p->p_ucred; 204 struct shmid_ds *shmseg; 205 struct shmmap_state *shmmap_s = NULL; 206 struct shm_handle *shm_handle; 207 vm_offset_t attach_va; 208 vm_prot_t prot; 209 vm_size_t size; 210 int rv; 211 212 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 213 if (shmmap_s == NULL) { 214 size = shminfo.shmseg * sizeof(struct shmmap_state); 215 shmmap_s = malloc(size, M_SHM, M_WAITOK); 216 for (i = 0; i < shminfo.shmseg; i++) 217 shmmap_s[i].shmid = -1; 218 p->p_vmspace->vm_shm = (caddr_t)shmmap_s; 219 } 220 shmseg = shm_find_segment_by_shmid(SCARG(uap, shmid)); 221 if (shmseg == NULL) 222 return EINVAL; 223 error = ipcperm(cred, &shmseg->shm_perm, 224 (SCARG(uap, shmflg) & SHM_RDONLY) ? IPC_R : IPC_R|IPC_W); 225 if (error) 226 return error; 227 for (i = 0; i < shminfo.shmseg; i++) { 228 if (shmmap_s->shmid == -1) 229 break; 230 shmmap_s++; 231 } 232 if (i >= shminfo.shmseg) 233 return EMFILE; 234 size = (shmseg->shm_segsz + CLOFSET) & ~CLOFSET; 235 prot = VM_PROT_READ; 236 if ((SCARG(uap, shmflg) & SHM_RDONLY) == 0) 237 prot |= VM_PROT_WRITE; 238 flags = MAP_ANON | MAP_SHARED; 239 if (SCARG(uap, shmaddr)) { 240 flags |= MAP_FIXED; 241 if (SCARG(uap, shmflg) & SHM_RND) 242 attach_va = 243 (vm_offset_t)SCARG(uap, shmaddr) & ~(SHMLBA-1); 244 else if (((vm_offset_t)SCARG(uap, shmaddr) & (SHMLBA-1)) == 0) 245 attach_va = (vm_offset_t)SCARG(uap, shmaddr); 246 else 247 return EINVAL; 248 } else { 249 /* This is just a hint to vm_mmap() about where to put it. */ 250 attach_va = 251 round_page(p->p_vmspace->vm_taddr + MAXTSIZ + MAXDSIZ); 252 } 253 shm_handle = shmseg->shm_internal; 254 vm_object_reference(shm_handle->shm_object); 255 rv = vm_map_find(&p->p_vmspace->vm_map, shm_handle->shm_object, 256 0, &attach_va, size, (flags & MAP_FIXED)?0:1); 257 if (rv != KERN_SUCCESS) { 258 return ENOMEM; 259 } 260 vm_map_protect(&p->p_vmspace->vm_map, attach_va, attach_va + size, 261 prot, 0); 262 vm_map_inherit(&p->p_vmspace->vm_map, 263 attach_va, attach_va + size, VM_INHERIT_SHARE); 264 265 shmmap_s->va = attach_va; 266 shmmap_s->shmid = SCARG(uap, shmid); 267 shmseg->shm_lpid = p->p_pid; 268 shmseg->shm_atime = time.tv_sec; 269 shmseg->shm_nattch++; 270 *retval = attach_va; 271 return 0; 272 } 273 274 int 275 sys_shmctl(p, v, retval) 276 struct proc *p; 277 void *v; 278 register_t *retval; 279 { 280 struct sys_shmctl_args /* { 281 syscallarg(int) shmid; 282 syscallarg(int) cmd; 283 syscallarg(struct shmid_ds *) buf; 284 } */ *uap = v; 285 int error; 286 struct ucred *cred = p->p_ucred; 287 struct shmid_ds inbuf; 288 struct shmid_ds *shmseg; 289 290 shmseg = shm_find_segment_by_shmid(SCARG(uap, shmid)); 291 if (shmseg == NULL) 292 return EINVAL; 293 switch (SCARG(uap, cmd)) { 294 case IPC_STAT: 295 if ((error = ipcperm(cred, &shmseg->shm_perm, IPC_R)) != 0) 296 return error; 297 error = copyout((caddr_t)shmseg, SCARG(uap, buf), 298 sizeof(inbuf)); 299 if (error) 300 return error; 301 break; 302 case IPC_SET: 303 if ((error = ipcperm(cred, &shmseg->shm_perm, IPC_M)) != 0) 304 return error; 305 error = copyin(SCARG(uap, buf), (caddr_t)&inbuf, 306 sizeof(inbuf)); 307 if (error) 308 return error; 309 shmseg->shm_perm.uid = inbuf.shm_perm.uid; 310 shmseg->shm_perm.gid = inbuf.shm_perm.gid; 311 shmseg->shm_perm.mode = 312 (shmseg->shm_perm.mode & ~ACCESSPERMS) | 313 (inbuf.shm_perm.mode & ACCESSPERMS); 314 shmseg->shm_ctime = time.tv_sec; 315 break; 316 case IPC_RMID: 317 if ((error = ipcperm(cred, &shmseg->shm_perm, IPC_M)) != 0) 318 return error; 319 shmseg->shm_perm.key = IPC_PRIVATE; 320 shmseg->shm_perm.mode |= SHMSEG_REMOVED; 321 if (shmseg->shm_nattch <= 0) { 322 shm_deallocate_segment(shmseg); 323 shm_last_free = IPCID_TO_IX(SCARG(uap, shmid)); 324 } 325 break; 326 case SHM_LOCK: 327 case SHM_UNLOCK: 328 default: 329 return EINVAL; 330 } 331 return 0; 332 } 333 334 static int 335 shmget_existing(p, uap, mode, segnum, retval) 336 struct proc *p; 337 struct sys_shmget_args /* { 338 syscallarg(key_t) key; 339 syscallarg(int) size; 340 syscallarg(int) shmflg; 341 } */ *uap; 342 int mode; 343 int segnum; 344 register_t *retval; 345 { 346 struct shmid_ds *shmseg; 347 struct ucred *cred = p->p_ucred; 348 int error; 349 350 shmseg = &shmsegs[segnum]; 351 if (shmseg->shm_perm.mode & SHMSEG_REMOVED) { 352 /* 353 * This segment is in the process of being allocated. Wait 354 * until it's done, and look the key up again (in case the 355 * allocation failed or it was freed). 356 */ 357 shmseg->shm_perm.mode |= SHMSEG_WANTED; 358 error = tsleep((caddr_t)shmseg, PLOCK | PCATCH, "shmget", 0); 359 if (error) 360 return error; 361 return EAGAIN; 362 } 363 if ((error = ipcperm(cred, &shmseg->shm_perm, mode)) != 0) 364 return error; 365 if (SCARG(uap, size) && SCARG(uap, size) > shmseg->shm_segsz) 366 return EINVAL; 367 if ((SCARG(uap, shmflg) & (IPC_CREAT | IPC_EXCL)) == 368 (IPC_CREAT | IPC_EXCL)) 369 return EEXIST; 370 *retval = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 371 return 0; 372 } 373 374 static int 375 shmget_allocate_segment(p, uap, mode, retval) 376 struct proc *p; 377 struct sys_shmget_args /* { 378 syscallarg(key_t) key; 379 syscallarg(int) size; 380 syscallarg(int) shmflg; 381 } */ *uap; 382 int mode; 383 register_t *retval; 384 { 385 int i, segnum, shmid, size; 386 struct ucred *cred = p->p_ucred; 387 struct shmid_ds *shmseg; 388 struct shm_handle *shm_handle; 389 vm_pager_t pager; 390 int error = 0; 391 392 if (SCARG(uap, size) < shminfo.shmmin || 393 SCARG(uap, size) > shminfo.shmmax) 394 return EINVAL; 395 if (shm_nused >= shminfo.shmmni) /* any shmids left? */ 396 return ENOSPC; 397 size = (SCARG(uap, size) + CLOFSET) & ~CLOFSET; 398 if (shm_committed + btoc(size) > shminfo.shmall) 399 return ENOMEM; 400 if (shm_last_free < 0) { 401 for (i = 0; i < shminfo.shmmni; i++) 402 if (shmsegs[i].shm_perm.mode & SHMSEG_FREE) 403 break; 404 if (i == shminfo.shmmni) 405 panic("shmseg free count inconsistent"); 406 segnum = i; 407 } else { 408 segnum = shm_last_free; 409 shm_last_free = -1; 410 } 411 shmseg = &shmsegs[segnum]; 412 /* 413 * In case we sleep in malloc(), mark the segment present but deleted 414 * so that noone else tries to create the same key. 415 */ 416 shmseg->shm_perm.mode = SHMSEG_ALLOCATED | SHMSEG_REMOVED; 417 shmseg->shm_perm.key = SCARG(uap, key); 418 shmseg->shm_perm.seq = (shmseg->shm_perm.seq + 1) & 0x7fff; 419 shm_handle = (struct shm_handle *) 420 malloc(sizeof(struct shm_handle), M_SHM, M_WAITOK); 421 shmid = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 422 423 shm_handle->shm_object = vm_object_allocate(size); 424 if (shm_handle->shm_object == NULL) { 425 /* XXX cannot happen */ 426 error = ENOMEM; 427 goto out; 428 } 429 /* 430 * We make sure that we have allocated a pager before we need 431 * to. 432 */ 433 pager = vm_pager_allocate(PG_DFLT, 0, size, VM_PROT_DEFAULT, 0); 434 if (pager == NULL) { 435 error = ENOMEM; 436 goto out; 437 } 438 vm_object_setpager(shm_handle->shm_object, pager, 0, 0); 439 shmseg->shm_internal = shm_handle; 440 shmseg->shm_perm.cuid = shmseg->shm_perm.uid = cred->cr_uid; 441 shmseg->shm_perm.cgid = shmseg->shm_perm.gid = cred->cr_gid; 442 shmseg->shm_perm.mode = (shmseg->shm_perm.mode & SHMSEG_WANTED) | 443 (mode & ACCESSPERMS) | SHMSEG_ALLOCATED; 444 shmseg->shm_segsz = SCARG(uap, size); 445 shmseg->shm_cpid = p->p_pid; 446 shmseg->shm_lpid = shmseg->shm_nattch = 0; 447 shmseg->shm_atime = shmseg->shm_dtime = 0; 448 shmseg->shm_ctime = time.tv_sec; 449 shm_committed += btoc(size); 450 shm_nused++; 451 452 out: 453 if (error) { 454 if (shm_handle->shm_object != NULL) 455 vm_object_deallocate(shm_handle->shm_object); 456 free(shm_handle, M_SHM); 457 shmseg->shm_perm.mode = (shmseg->shm_perm.mode & SHMSEG_WANTED) 458 | SHMSEG_FREE; 459 } else 460 *retval = shmid; 461 if (shmseg->shm_perm.mode & SHMSEG_WANTED) { 462 /* 463 * Somebody else wanted this key while we were asleep. Wake 464 * them up now. 465 */ 466 shmseg->shm_perm.mode &= ~SHMSEG_WANTED; 467 wakeup((caddr_t)shmseg); 468 } 469 return error; 470 } 471 472 int 473 sys_shmget(p, v, retval) 474 struct proc *p; 475 void *v; 476 register_t *retval; 477 { 478 struct sys_shmget_args /* { 479 syscallarg(key_t) key; 480 syscallarg(int) size; 481 syscallarg(int) shmflg; 482 } */ *uap = v; 483 int segnum, mode, error; 484 485 mode = SCARG(uap, shmflg) & ACCESSPERMS; 486 if (SCARG(uap, key) != IPC_PRIVATE) { 487 again: 488 segnum = shm_find_segment_by_key(SCARG(uap, key)); 489 if (segnum >= 0) { 490 error = shmget_existing(p, uap, mode, segnum, retval); 491 if (error == EAGAIN) 492 goto again; 493 return error; 494 } 495 if ((SCARG(uap, shmflg) & IPC_CREAT) == 0) 496 return ENOENT; 497 } 498 return shmget_allocate_segment(p, uap, mode, retval); 499 } 500 501 void 502 shmfork(vm1, vm2) 503 struct vmspace *vm1, *vm2; 504 { 505 struct shmmap_state *shmmap_s; 506 size_t size; 507 int i; 508 509 if (vm1->vm_shm == NULL) { 510 vm2->vm_shm = NULL; 511 return; 512 } 513 514 size = shminfo.shmseg * sizeof(struct shmmap_state); 515 shmmap_s = malloc(size, M_SHM, M_WAITOK); 516 bcopy(vm1->vm_shm, shmmap_s, size); 517 vm2->vm_shm = (caddr_t)shmmap_s; 518 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 519 if (shmmap_s->shmid != -1) 520 shmsegs[IPCID_TO_IX(shmmap_s->shmid)].shm_nattch++; 521 } 522 523 void 524 shmexit(vm) 525 struct vmspace *vm; 526 { 527 struct shmmap_state *shmmap_s; 528 int i; 529 530 shmmap_s = (struct shmmap_state *)vm->vm_shm; 531 if (shmmap_s == NULL) 532 return; 533 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 534 if (shmmap_s->shmid != -1) 535 shm_delete_mapping(vm, shmmap_s); 536 free(vm->vm_shm, M_SHM); 537 vm->vm_shm = NULL; 538 } 539 540 void 541 shminit() 542 { 543 int i; 544 545 shminfo.shmmax *= NBPG; 546 547 for (i = 0; i < shminfo.shmmni; i++) { 548 shmsegs[i].shm_perm.mode = SHMSEG_FREE; 549 shmsegs[i].shm_perm.seq = 0; 550 } 551 shm_last_free = 0; 552 shm_nused = 0; 553 shm_committed = 0; 554 } 555