1 /* $OpenBSD: sysv_shm.c,v 1.20 2001/08/12 22:50:12 millert Exp $ */ 2 /* $NetBSD: sysv_shm.c,v 1.50 1998/10/21 22:24:29 tron Exp $ */ 3 4 /* 5 * Copyright (c) 1994 Adam Glass and Charles M. Hannum. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by Adam Glass and Charles M. 18 * Hannum. 19 * 4. The names of the authors may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 #include <sys/types.h> 35 #include <sys/param.h> 36 #include <sys/kernel.h> 37 #include <sys/shm.h> 38 #include <sys/proc.h> 39 #include <sys/uio.h> 40 #include <sys/time.h> 41 #include <sys/malloc.h> 42 #include <sys/mman.h> 43 #include <sys/systm.h> 44 #include <sys/stat.h> 45 46 #include <sys/mount.h> 47 #include <sys/syscallargs.h> 48 49 #include <vm/vm.h> 50 #include <uvm/uvm_extern.h> 51 52 struct shminfo shminfo; 53 struct shmid_ds *shmsegs; 54 55 struct shmid_ds *shm_find_segment_by_shmid __P((int)); 56 57 /* 58 * Provides the following externally accessible functions: 59 * 60 * shminit(void); initialization 61 * shmexit(struct vmspace *) cleanup 62 * shmfork(struct vmspace *, struct vmspace *) fork handling 63 * shmsys(arg1, arg2, arg3, arg4); shm{at,ctl,dt,get}(arg2, arg3, arg4) 64 * 65 * Structures: 66 * shmsegs (an array of 'struct shmid_ds') 67 * per proc array of 'struct shmmap_state' 68 */ 69 70 #define SHMSEG_FREE 0x0200 71 #define SHMSEG_REMOVED 0x0400 72 #define SHMSEG_ALLOCATED 0x0800 73 #define SHMSEG_WANTED 0x1000 74 75 int shm_last_free, shm_nused, shm_committed; 76 77 struct shm_handle { 78 struct uvm_object *shm_object; 79 }; 80 81 struct shmmap_state { 82 vaddr_t va; 83 int shmid; 84 }; 85 86 int shm_find_segment_by_key __P((key_t)); 87 void shm_deallocate_segment __P((struct shmid_ds *)); 88 int shm_delete_mapping __P((struct vmspace *, struct shmmap_state *)); 89 int shmget_existing __P((struct proc *, struct sys_shmget_args *, 90 int, int, register_t *)); 91 int shmget_allocate_segment __P((struct proc *, struct sys_shmget_args *, 92 int, register_t *)); 93 94 int 95 shm_find_segment_by_key(key) 96 key_t key; 97 { 98 int i; 99 100 for (i = 0; i < shminfo.shmmni; i++) 101 if ((shmsegs[i].shm_perm.mode & SHMSEG_ALLOCATED) && 102 shmsegs[i].shm_perm.key == key) 103 return i; 104 return -1; 105 } 106 107 struct shmid_ds * 108 shm_find_segment_by_shmid(shmid) 109 int shmid; 110 { 111 int segnum; 112 struct shmid_ds *shmseg; 113 114 segnum = IPCID_TO_IX(shmid); 115 if (segnum < 0 || segnum >= shminfo.shmmni) 116 return NULL; 117 shmseg = &shmsegs[segnum]; 118 if ((shmseg->shm_perm.mode & (SHMSEG_ALLOCATED | SHMSEG_REMOVED)) 119 != SHMSEG_ALLOCATED || 120 shmseg->shm_perm.seq != IPCID_TO_SEQ(shmid)) 121 return NULL; 122 return shmseg; 123 } 124 125 void 126 shm_deallocate_segment(shmseg) 127 struct shmid_ds *shmseg; 128 { 129 struct shm_handle *shm_handle; 130 size_t size; 131 132 shm_handle = shmseg->shm_internal; 133 size = round_page(shmseg->shm_segsz); 134 uao_detach(shm_handle->shm_object); 135 free((caddr_t)shm_handle, M_SHM); 136 shmseg->shm_internal = NULL; 137 shm_committed -= btoc(size); 138 shmseg->shm_perm.mode = SHMSEG_FREE; 139 shm_nused--; 140 } 141 142 int 143 shm_delete_mapping(vm, shmmap_s) 144 struct vmspace *vm; 145 struct shmmap_state *shmmap_s; 146 { 147 struct shmid_ds *shmseg; 148 int segnum, result; 149 size_t size; 150 151 segnum = IPCID_TO_IX(shmmap_s->shmid); 152 shmseg = &shmsegs[segnum]; 153 size = round_page(shmseg->shm_segsz); 154 result = uvm_deallocate(&vm->vm_map, shmmap_s->va, size); 155 if (result != KERN_SUCCESS) 156 return EINVAL; 157 shmmap_s->shmid = -1; 158 shmseg->shm_dtime = time.tv_sec; 159 if ((--shmseg->shm_nattch <= 0) && 160 (shmseg->shm_perm.mode & SHMSEG_REMOVED)) { 161 shm_deallocate_segment(shmseg); 162 shm_last_free = segnum; 163 } 164 return 0; 165 } 166 167 int 168 sys_shmdt(p, v, retval) 169 struct proc *p; 170 void *v; 171 register_t *retval; 172 { 173 struct sys_shmdt_args /* { 174 syscallarg(const void *) shmaddr; 175 } */ *uap = v; 176 struct shmmap_state *shmmap_s; 177 int i; 178 179 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 180 if (shmmap_s == NULL) 181 return EINVAL; 182 183 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 184 if (shmmap_s->shmid != -1 && 185 shmmap_s->va == (vaddr_t)SCARG(uap, shmaddr)) 186 break; 187 if (i == shminfo.shmseg) 188 return EINVAL; 189 return shm_delete_mapping(p->p_vmspace, shmmap_s); 190 } 191 192 int 193 sys_shmat(p, v, retval) 194 struct proc *p; 195 void *v; 196 register_t *retval; 197 { 198 struct sys_shmat_args /* { 199 syscallarg(int) shmid; 200 syscallarg(const void *) shmaddr; 201 syscallarg(int) shmflg; 202 } */ *uap = v; 203 int error, i, flags; 204 struct ucred *cred = p->p_ucred; 205 struct shmid_ds *shmseg; 206 struct shmmap_state *shmmap_s = NULL; 207 struct shm_handle *shm_handle; 208 vaddr_t attach_va; 209 vm_prot_t prot; 210 vsize_t size; 211 int rv; 212 213 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 214 if (shmmap_s == NULL) { 215 size = shminfo.shmseg * sizeof(struct shmmap_state); 216 shmmap_s = malloc(size, M_SHM, M_WAITOK); 217 for (i = 0; i < shminfo.shmseg; i++) 218 shmmap_s[i].shmid = -1; 219 p->p_vmspace->vm_shm = (caddr_t)shmmap_s; 220 } 221 shmseg = shm_find_segment_by_shmid(SCARG(uap, shmid)); 222 if (shmseg == NULL) 223 return EINVAL; 224 error = ipcperm(cred, &shmseg->shm_perm, 225 (SCARG(uap, shmflg) & SHM_RDONLY) ? IPC_R : IPC_R|IPC_W); 226 if (error) 227 return error; 228 for (i = 0; i < shminfo.shmseg; i++) { 229 if (shmmap_s->shmid == -1) 230 break; 231 shmmap_s++; 232 } 233 if (i >= shminfo.shmseg) 234 return EMFILE; 235 size = round_page(shmseg->shm_segsz); 236 prot = VM_PROT_READ; 237 if ((SCARG(uap, shmflg) & SHM_RDONLY) == 0) 238 prot |= VM_PROT_WRITE; 239 flags = MAP_ANON | MAP_SHARED; 240 if (SCARG(uap, shmaddr)) { 241 flags |= MAP_FIXED; 242 if (SCARG(uap, shmflg) & SHM_RND) 243 attach_va = 244 (vaddr_t)SCARG(uap, shmaddr) & ~(SHMLBA-1); 245 else if (((vaddr_t)SCARG(uap, shmaddr) & (SHMLBA-1)) == 0) 246 attach_va = (vaddr_t)SCARG(uap, shmaddr); 247 else 248 return EINVAL; 249 } else { 250 /* This is just a hint to vm_mmap() about where to put it. */ 251 attach_va = round_page((vaddr_t)p->p_vmspace->vm_taddr + 252 MAXTSIZ + MAXDSIZ); 253 } 254 shm_handle = shmseg->shm_internal; 255 uao_reference(shm_handle->shm_object); 256 rv = uvm_map(&p->p_vmspace->vm_map, &attach_va, size, 257 shm_handle->shm_object, 0, UVM_MAPFLAG(prot, prot, 258 UVM_INH_SHARE, UVM_ADV_RANDOM, 0)); 259 if (rv != KERN_SUCCESS) { 260 return ENOMEM; 261 } 262 263 shmmap_s->va = attach_va; 264 shmmap_s->shmid = SCARG(uap, shmid); 265 shmseg->shm_lpid = p->p_pid; 266 shmseg->shm_atime = time.tv_sec; 267 shmseg->shm_nattch++; 268 *retval = attach_va; 269 return 0; 270 } 271 272 int 273 sys_shmctl(p, v, retval) 274 struct proc *p; 275 void *v; 276 register_t *retval; 277 { 278 struct sys_shmctl_args /* { 279 syscallarg(int) shmid; 280 syscallarg(int) cmd; 281 syscallarg(struct shmid_ds *) buf; 282 } */ *uap = v; 283 int error; 284 struct ucred *cred = p->p_ucred; 285 struct shmid_ds inbuf; 286 struct shmid_ds *shmseg; 287 288 shmseg = shm_find_segment_by_shmid(SCARG(uap, shmid)); 289 if (shmseg == NULL) 290 return EINVAL; 291 switch (SCARG(uap, cmd)) { 292 case IPC_STAT: 293 if ((error = ipcperm(cred, &shmseg->shm_perm, IPC_R)) != 0) 294 return error; 295 error = copyout((caddr_t)shmseg, SCARG(uap, buf), 296 sizeof(inbuf)); 297 if (error) 298 return error; 299 break; 300 case IPC_SET: 301 if ((error = ipcperm(cred, &shmseg->shm_perm, IPC_M)) != 0) 302 return error; 303 error = copyin(SCARG(uap, buf), (caddr_t)&inbuf, 304 sizeof(inbuf)); 305 if (error) 306 return error; 307 shmseg->shm_perm.uid = inbuf.shm_perm.uid; 308 shmseg->shm_perm.gid = inbuf.shm_perm.gid; 309 shmseg->shm_perm.mode = 310 (shmseg->shm_perm.mode & ~ACCESSPERMS) | 311 (inbuf.shm_perm.mode & ACCESSPERMS); 312 shmseg->shm_ctime = time.tv_sec; 313 break; 314 case IPC_RMID: 315 if ((error = ipcperm(cred, &shmseg->shm_perm, IPC_M)) != 0) 316 return error; 317 shmseg->shm_perm.key = IPC_PRIVATE; 318 shmseg->shm_perm.mode |= SHMSEG_REMOVED; 319 if (shmseg->shm_nattch <= 0) { 320 shm_deallocate_segment(shmseg); 321 shm_last_free = IPCID_TO_IX(SCARG(uap, shmid)); 322 } 323 break; 324 case SHM_LOCK: 325 case SHM_UNLOCK: 326 default: 327 return EINVAL; 328 } 329 return 0; 330 } 331 332 int 333 shmget_existing(p, uap, mode, segnum, retval) 334 struct proc *p; 335 struct sys_shmget_args /* { 336 syscallarg(key_t) key; 337 syscallarg(size_t) size; 338 syscallarg(int) shmflg; 339 } */ *uap; 340 int mode; 341 int segnum; 342 register_t *retval; 343 { 344 struct shmid_ds *shmseg; 345 struct ucred *cred = p->p_ucred; 346 int error; 347 348 shmseg = &shmsegs[segnum]; 349 if (shmseg->shm_perm.mode & SHMSEG_REMOVED) { 350 /* 351 * This segment is in the process of being allocated. Wait 352 * until it's done, and look the key up again (in case the 353 * allocation failed or it was freed). 354 */ 355 shmseg->shm_perm.mode |= SHMSEG_WANTED; 356 error = tsleep((caddr_t)shmseg, PLOCK | PCATCH, "shmget", 0); 357 if (error) 358 return error; 359 return EAGAIN; 360 } 361 if ((error = ipcperm(cred, &shmseg->shm_perm, mode)) != 0) 362 return error; 363 if (SCARG(uap, size) && SCARG(uap, size) > shmseg->shm_segsz) 364 return EINVAL; 365 if ((SCARG(uap, shmflg) & (IPC_CREAT | IPC_EXCL)) == 366 (IPC_CREAT | IPC_EXCL)) 367 return EEXIST; 368 *retval = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 369 return 0; 370 } 371 372 int 373 shmget_allocate_segment(p, uap, mode, retval) 374 struct proc *p; 375 struct sys_shmget_args /* { 376 syscallarg(key_t) key; 377 syscallarg(size_t) size; 378 syscallarg(int) shmflg; 379 } */ *uap; 380 int mode; 381 register_t *retval; 382 { 383 int i, segnum, shmid, size; 384 struct ucred *cred = p->p_ucred; 385 struct shmid_ds *shmseg; 386 struct shm_handle *shm_handle; 387 int error = 0; 388 389 if (SCARG(uap, size) < shminfo.shmmin || 390 SCARG(uap, size) > shminfo.shmmax) 391 return EINVAL; 392 if (shm_nused >= shminfo.shmmni) /* any shmids left? */ 393 return ENOSPC; 394 size = round_page(SCARG(uap, size)); 395 if (shm_committed + btoc(size) > shminfo.shmall) 396 return ENOMEM; 397 if (shm_last_free < 0) { 398 for (i = 0; i < shminfo.shmmni; i++) 399 if (shmsegs[i].shm_perm.mode & SHMSEG_FREE) 400 break; 401 if (i == shminfo.shmmni) 402 panic("shmseg free count inconsistent"); 403 segnum = i; 404 } else { 405 segnum = shm_last_free; 406 shm_last_free = -1; 407 } 408 shmseg = &shmsegs[segnum]; 409 /* 410 * In case we sleep in malloc(), mark the segment present but deleted 411 * so that noone else tries to create the same key. 412 */ 413 shmseg->shm_perm.mode = SHMSEG_ALLOCATED | SHMSEG_REMOVED; 414 shmseg->shm_perm.key = SCARG(uap, key); 415 shmseg->shm_perm.seq = (shmseg->shm_perm.seq + 1) & 0x7fff; 416 shm_handle = (struct shm_handle *) 417 malloc(sizeof(struct shm_handle), M_SHM, M_WAITOK); 418 shmid = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 419 420 421 shm_handle->shm_object = uao_create(size, 0); 422 423 shmseg->shm_internal = shm_handle; 424 shmseg->shm_perm.cuid = shmseg->shm_perm.uid = cred->cr_uid; 425 shmseg->shm_perm.cgid = shmseg->shm_perm.gid = cred->cr_gid; 426 shmseg->shm_perm.mode = (shmseg->shm_perm.mode & SHMSEG_WANTED) | 427 (mode & ACCESSPERMS) | SHMSEG_ALLOCATED; 428 shmseg->shm_segsz = SCARG(uap, size); 429 shmseg->shm_cpid = p->p_pid; 430 shmseg->shm_lpid = shmseg->shm_nattch = 0; 431 shmseg->shm_atime = shmseg->shm_dtime = 0; 432 shmseg->shm_ctime = time.tv_sec; 433 shm_committed += btoc(size); 434 shm_nused++; 435 436 *retval = shmid; 437 if (shmseg->shm_perm.mode & SHMSEG_WANTED) { 438 /* 439 * Somebody else wanted this key while we were asleep. Wake 440 * them up now. 441 */ 442 shmseg->shm_perm.mode &= ~SHMSEG_WANTED; 443 wakeup((caddr_t)shmseg); 444 } 445 return error; 446 } 447 448 int 449 sys_shmget(p, v, retval) 450 struct proc *p; 451 void *v; 452 register_t *retval; 453 { 454 struct sys_shmget_args /* { 455 syscallarg(key_t) key; 456 syscallarg(int) size; 457 syscallarg(int) shmflg; 458 } */ *uap = v; 459 int segnum, mode, error; 460 461 mode = SCARG(uap, shmflg) & ACCESSPERMS; 462 if (SCARG(uap, key) != IPC_PRIVATE) { 463 again: 464 segnum = shm_find_segment_by_key(SCARG(uap, key)); 465 if (segnum >= 0) { 466 error = shmget_existing(p, uap, mode, segnum, retval); 467 if (error == EAGAIN) 468 goto again; 469 return error; 470 } 471 if ((SCARG(uap, shmflg) & IPC_CREAT) == 0) 472 return ENOENT; 473 } 474 return shmget_allocate_segment(p, uap, mode, retval); 475 } 476 477 void 478 shmfork(vm1, vm2) 479 struct vmspace *vm1, *vm2; 480 { 481 struct shmmap_state *shmmap_s; 482 size_t size; 483 int i; 484 485 if (vm1->vm_shm == NULL) { 486 vm2->vm_shm = NULL; 487 return; 488 } 489 490 size = shminfo.shmseg * sizeof(struct shmmap_state); 491 shmmap_s = malloc(size, M_SHM, M_WAITOK); 492 bcopy(vm1->vm_shm, shmmap_s, size); 493 vm2->vm_shm = (caddr_t)shmmap_s; 494 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 495 if (shmmap_s->shmid != -1) 496 shmsegs[IPCID_TO_IX(shmmap_s->shmid)].shm_nattch++; 497 } 498 499 void 500 shmexit(vm) 501 struct vmspace *vm; 502 { 503 struct shmmap_state *shmmap_s; 504 int i; 505 506 shmmap_s = (struct shmmap_state *)vm->vm_shm; 507 if (shmmap_s == NULL) 508 return; 509 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 510 if (shmmap_s->shmid != -1) 511 shm_delete_mapping(vm, shmmap_s); 512 free(vm->vm_shm, M_SHM); 513 vm->vm_shm = NULL; 514 } 515 516 void 517 shminit() 518 { 519 int i; 520 521 shminfo.shmmax *= PAGE_SIZE; 522 523 for (i = 0; i < shminfo.shmmni; i++) { 524 shmsegs[i].shm_perm.mode = SHMSEG_FREE; 525 shmsegs[i].shm_perm.seq = 0; 526 } 527 shm_last_free = 0; 528 shm_nused = 0; 529 shm_committed = 0; 530 } 531 532 void 533 shmid_n2o(n, o) 534 struct shmid_ds *n; 535 struct oshmid_ds *o; 536 { 537 o->shm_segsz = n->shm_segsz; 538 o->shm_lpid = n->shm_lpid; 539 o->shm_cpid = n->shm_cpid; 540 o->shm_nattch = n->shm_nattch; 541 o->shm_atime = n->shm_atime; 542 o->shm_dtime = n->shm_dtime; 543 o->shm_ctime = n->shm_ctime; 544 o->shm_internal = n->shm_internal; 545 ipc_n2o(&n->shm_perm, &o->shm_perm); 546 } 547