1 /* $OpenBSD: sysv_shm.c,v 1.22 2001/11/07 01:18:01 art Exp $ */ 2 /* $NetBSD: sysv_shm.c,v 1.50 1998/10/21 22:24:29 tron Exp $ */ 3 4 /* 5 * Copyright (c) 1994 Adam Glass and Charles M. Hannum. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by Adam Glass and Charles M. 18 * Hannum. 19 * 4. The names of the authors may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 #include <sys/types.h> 35 #include <sys/param.h> 36 #include <sys/kernel.h> 37 #include <sys/shm.h> 38 #include <sys/proc.h> 39 #include <sys/uio.h> 40 #include <sys/time.h> 41 #include <sys/malloc.h> 42 #include <sys/mman.h> 43 #include <sys/systm.h> 44 #include <sys/stat.h> 45 46 #include <sys/mount.h> 47 #include <sys/syscallargs.h> 48 49 #include <uvm/uvm_extern.h> 50 51 struct shminfo shminfo; 52 struct shmid_ds *shmsegs; 53 54 struct shmid_ds *shm_find_segment_by_shmid __P((int)); 55 56 /* 57 * Provides the following externally accessible functions: 58 * 59 * shminit(void); initialization 60 * shmexit(struct vmspace *) cleanup 61 * shmfork(struct vmspace *, struct vmspace *) fork handling 62 * shmsys(arg1, arg2, arg3, arg4); shm{at,ctl,dt,get}(arg2, arg3, arg4) 63 * 64 * Structures: 65 * shmsegs (an array of 'struct shmid_ds') 66 * per proc array of 'struct shmmap_state' 67 */ 68 69 #define SHMSEG_FREE 0x0200 70 #define SHMSEG_REMOVED 0x0400 71 #define SHMSEG_ALLOCATED 0x0800 72 #define SHMSEG_WANTED 0x1000 73 74 int shm_last_free, shm_nused, shm_committed; 75 76 struct shm_handle { 77 struct uvm_object *shm_object; 78 }; 79 80 struct shmmap_state { 81 vaddr_t va; 82 int shmid; 83 }; 84 85 int shm_find_segment_by_key __P((key_t)); 86 void shm_deallocate_segment __P((struct shmid_ds *)); 87 int shm_delete_mapping __P((struct vmspace *, struct shmmap_state *)); 88 int shmget_existing __P((struct proc *, struct sys_shmget_args *, 89 int, int, register_t *)); 90 int shmget_allocate_segment __P((struct proc *, struct sys_shmget_args *, 91 int, register_t *)); 92 93 int 94 shm_find_segment_by_key(key) 95 key_t key; 96 { 97 int i; 98 99 for (i = 0; i < shminfo.shmmni; i++) 100 if ((shmsegs[i].shm_perm.mode & SHMSEG_ALLOCATED) && 101 shmsegs[i].shm_perm.key == key) 102 return i; 103 return -1; 104 } 105 106 struct shmid_ds * 107 shm_find_segment_by_shmid(shmid) 108 int shmid; 109 { 110 int segnum; 111 struct shmid_ds *shmseg; 112 113 segnum = IPCID_TO_IX(shmid); 114 if (segnum < 0 || segnum >= shminfo.shmmni) 115 return NULL; 116 shmseg = &shmsegs[segnum]; 117 if ((shmseg->shm_perm.mode & (SHMSEG_ALLOCATED | SHMSEG_REMOVED)) 118 != SHMSEG_ALLOCATED || 119 shmseg->shm_perm.seq != IPCID_TO_SEQ(shmid)) 120 return NULL; 121 return shmseg; 122 } 123 124 void 125 shm_deallocate_segment(shmseg) 126 struct shmid_ds *shmseg; 127 { 128 struct shm_handle *shm_handle; 129 size_t size; 130 131 shm_handle = shmseg->shm_internal; 132 size = round_page(shmseg->shm_segsz); 133 uao_detach(shm_handle->shm_object); 134 free((caddr_t)shm_handle, M_SHM); 135 shmseg->shm_internal = NULL; 136 shm_committed -= btoc(size); 137 shmseg->shm_perm.mode = SHMSEG_FREE; 138 shm_nused--; 139 } 140 141 int 142 shm_delete_mapping(vm, shmmap_s) 143 struct vmspace *vm; 144 struct shmmap_state *shmmap_s; 145 { 146 struct shmid_ds *shmseg; 147 int segnum, result; 148 size_t size; 149 150 segnum = IPCID_TO_IX(shmmap_s->shmid); 151 shmseg = &shmsegs[segnum]; 152 size = round_page(shmseg->shm_segsz); 153 result = uvm_deallocate(&vm->vm_map, shmmap_s->va, size); 154 if (result != KERN_SUCCESS) 155 return EINVAL; 156 shmmap_s->shmid = -1; 157 shmseg->shm_dtime = time.tv_sec; 158 if ((--shmseg->shm_nattch <= 0) && 159 (shmseg->shm_perm.mode & SHMSEG_REMOVED)) { 160 shm_deallocate_segment(shmseg); 161 shm_last_free = segnum; 162 } 163 return 0; 164 } 165 166 int 167 sys_shmdt(p, v, retval) 168 struct proc *p; 169 void *v; 170 register_t *retval; 171 { 172 struct sys_shmdt_args /* { 173 syscallarg(const void *) shmaddr; 174 } */ *uap = v; 175 struct shmmap_state *shmmap_s; 176 int i; 177 178 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 179 if (shmmap_s == NULL) 180 return EINVAL; 181 182 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 183 if (shmmap_s->shmid != -1 && 184 shmmap_s->va == (vaddr_t)SCARG(uap, shmaddr)) 185 break; 186 if (i == shminfo.shmseg) 187 return EINVAL; 188 return shm_delete_mapping(p->p_vmspace, shmmap_s); 189 } 190 191 int 192 sys_shmat(p, v, retval) 193 struct proc *p; 194 void *v; 195 register_t *retval; 196 { 197 struct sys_shmat_args /* { 198 syscallarg(int) shmid; 199 syscallarg(const void *) shmaddr; 200 syscallarg(int) shmflg; 201 } */ *uap = v; 202 int error, i, flags; 203 struct ucred *cred = p->p_ucred; 204 struct shmid_ds *shmseg; 205 struct shmmap_state *shmmap_s = NULL; 206 struct shm_handle *shm_handle; 207 vaddr_t attach_va; 208 vm_prot_t prot; 209 vsize_t size; 210 int rv; 211 212 shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; 213 if (shmmap_s == NULL) { 214 size = shminfo.shmseg * sizeof(struct shmmap_state); 215 shmmap_s = malloc(size, M_SHM, M_WAITOK); 216 for (i = 0; i < shminfo.shmseg; i++) 217 shmmap_s[i].shmid = -1; 218 p->p_vmspace->vm_shm = (caddr_t)shmmap_s; 219 } 220 shmseg = shm_find_segment_by_shmid(SCARG(uap, shmid)); 221 if (shmseg == NULL) 222 return EINVAL; 223 error = ipcperm(cred, &shmseg->shm_perm, 224 (SCARG(uap, shmflg) & SHM_RDONLY) ? IPC_R : IPC_R|IPC_W); 225 if (error) 226 return error; 227 for (i = 0; i < shminfo.shmseg; i++) { 228 if (shmmap_s->shmid == -1) 229 break; 230 shmmap_s++; 231 } 232 if (i >= shminfo.shmseg) 233 return EMFILE; 234 size = round_page(shmseg->shm_segsz); 235 prot = VM_PROT_READ; 236 if ((SCARG(uap, shmflg) & SHM_RDONLY) == 0) 237 prot |= VM_PROT_WRITE; 238 flags = MAP_ANON | MAP_SHARED; 239 if (SCARG(uap, shmaddr)) { 240 flags |= MAP_FIXED; 241 if (SCARG(uap, shmflg) & SHM_RND) 242 attach_va = 243 (vaddr_t)SCARG(uap, shmaddr) & ~(SHMLBA-1); 244 else if (((vaddr_t)SCARG(uap, shmaddr) & (SHMLBA-1)) == 0) 245 attach_va = (vaddr_t)SCARG(uap, shmaddr); 246 else 247 return EINVAL; 248 } else { 249 /* This is just a hint to vm_mmap() about where to put it. */ 250 attach_va = round_page((vaddr_t)p->p_vmspace->vm_taddr + 251 MAXTSIZ + MAXDSIZ); 252 } 253 shm_handle = shmseg->shm_internal; 254 uao_reference(shm_handle->shm_object); 255 rv = uvm_map(&p->p_vmspace->vm_map, &attach_va, size, 256 shm_handle->shm_object, 0, 0, UVM_MAPFLAG(prot, prot, 257 UVM_INH_SHARE, UVM_ADV_RANDOM, 0)); 258 if (rv != KERN_SUCCESS) { 259 return ENOMEM; 260 } 261 262 shmmap_s->va = attach_va; 263 shmmap_s->shmid = SCARG(uap, shmid); 264 shmseg->shm_lpid = p->p_pid; 265 shmseg->shm_atime = time.tv_sec; 266 shmseg->shm_nattch++; 267 *retval = attach_va; 268 return 0; 269 } 270 271 int 272 sys_shmctl(p, v, retval) 273 struct proc *p; 274 void *v; 275 register_t *retval; 276 { 277 struct sys_shmctl_args /* { 278 syscallarg(int) shmid; 279 syscallarg(int) cmd; 280 syscallarg(struct shmid_ds *) buf; 281 } */ *uap = v; 282 int error; 283 struct ucred *cred = p->p_ucred; 284 struct shmid_ds inbuf; 285 struct shmid_ds *shmseg; 286 287 shmseg = shm_find_segment_by_shmid(SCARG(uap, shmid)); 288 if (shmseg == NULL) 289 return EINVAL; 290 switch (SCARG(uap, cmd)) { 291 case IPC_STAT: 292 if ((error = ipcperm(cred, &shmseg->shm_perm, IPC_R)) != 0) 293 return error; 294 error = copyout((caddr_t)shmseg, SCARG(uap, buf), 295 sizeof(inbuf)); 296 if (error) 297 return error; 298 break; 299 case IPC_SET: 300 if ((error = ipcperm(cred, &shmseg->shm_perm, IPC_M)) != 0) 301 return error; 302 error = copyin(SCARG(uap, buf), (caddr_t)&inbuf, 303 sizeof(inbuf)); 304 if (error) 305 return error; 306 shmseg->shm_perm.uid = inbuf.shm_perm.uid; 307 shmseg->shm_perm.gid = inbuf.shm_perm.gid; 308 shmseg->shm_perm.mode = 309 (shmseg->shm_perm.mode & ~ACCESSPERMS) | 310 (inbuf.shm_perm.mode & ACCESSPERMS); 311 shmseg->shm_ctime = time.tv_sec; 312 break; 313 case IPC_RMID: 314 if ((error = ipcperm(cred, &shmseg->shm_perm, IPC_M)) != 0) 315 return error; 316 shmseg->shm_perm.key = IPC_PRIVATE; 317 shmseg->shm_perm.mode |= SHMSEG_REMOVED; 318 if (shmseg->shm_nattch <= 0) { 319 shm_deallocate_segment(shmseg); 320 shm_last_free = IPCID_TO_IX(SCARG(uap, shmid)); 321 } 322 break; 323 case SHM_LOCK: 324 case SHM_UNLOCK: 325 default: 326 return EINVAL; 327 } 328 return 0; 329 } 330 331 int 332 shmget_existing(p, uap, mode, segnum, retval) 333 struct proc *p; 334 struct sys_shmget_args /* { 335 syscallarg(key_t) key; 336 syscallarg(size_t) size; 337 syscallarg(int) shmflg; 338 } */ *uap; 339 int mode; 340 int segnum; 341 register_t *retval; 342 { 343 struct shmid_ds *shmseg; 344 struct ucred *cred = p->p_ucred; 345 int error; 346 347 shmseg = &shmsegs[segnum]; 348 if (shmseg->shm_perm.mode & SHMSEG_REMOVED) { 349 /* 350 * This segment is in the process of being allocated. Wait 351 * until it's done, and look the key up again (in case the 352 * allocation failed or it was freed). 353 */ 354 shmseg->shm_perm.mode |= SHMSEG_WANTED; 355 error = tsleep((caddr_t)shmseg, PLOCK | PCATCH, "shmget", 0); 356 if (error) 357 return error; 358 return EAGAIN; 359 } 360 if ((error = ipcperm(cred, &shmseg->shm_perm, mode)) != 0) 361 return error; 362 if (SCARG(uap, size) && SCARG(uap, size) > shmseg->shm_segsz) 363 return EINVAL; 364 if ((SCARG(uap, shmflg) & (IPC_CREAT | IPC_EXCL)) == 365 (IPC_CREAT | IPC_EXCL)) 366 return EEXIST; 367 *retval = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 368 return 0; 369 } 370 371 int 372 shmget_allocate_segment(p, uap, mode, retval) 373 struct proc *p; 374 struct sys_shmget_args /* { 375 syscallarg(key_t) key; 376 syscallarg(size_t) size; 377 syscallarg(int) shmflg; 378 } */ *uap; 379 int mode; 380 register_t *retval; 381 { 382 int i, segnum, shmid, size; 383 struct ucred *cred = p->p_ucred; 384 struct shmid_ds *shmseg; 385 struct shm_handle *shm_handle; 386 int error = 0; 387 388 if (SCARG(uap, size) < shminfo.shmmin || 389 SCARG(uap, size) > shminfo.shmmax) 390 return EINVAL; 391 if (shm_nused >= shminfo.shmmni) /* any shmids left? */ 392 return ENOSPC; 393 size = round_page(SCARG(uap, size)); 394 if (shm_committed + btoc(size) > shminfo.shmall) 395 return ENOMEM; 396 if (shm_last_free < 0) { 397 for (i = 0; i < shminfo.shmmni; i++) 398 if (shmsegs[i].shm_perm.mode & SHMSEG_FREE) 399 break; 400 if (i == shminfo.shmmni) 401 panic("shmseg free count inconsistent"); 402 segnum = i; 403 } else { 404 segnum = shm_last_free; 405 shm_last_free = -1; 406 } 407 shmseg = &shmsegs[segnum]; 408 /* 409 * In case we sleep in malloc(), mark the segment present but deleted 410 * so that noone else tries to create the same key. 411 */ 412 shmseg->shm_perm.mode = SHMSEG_ALLOCATED | SHMSEG_REMOVED; 413 shmseg->shm_perm.key = SCARG(uap, key); 414 shmseg->shm_perm.seq = (shmseg->shm_perm.seq + 1) & 0x7fff; 415 shm_handle = (struct shm_handle *) 416 malloc(sizeof(struct shm_handle), M_SHM, M_WAITOK); 417 shmid = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm); 418 419 420 shm_handle->shm_object = uao_create(size, 0); 421 422 shmseg->shm_internal = shm_handle; 423 shmseg->shm_perm.cuid = shmseg->shm_perm.uid = cred->cr_uid; 424 shmseg->shm_perm.cgid = shmseg->shm_perm.gid = cred->cr_gid; 425 shmseg->shm_perm.mode = (shmseg->shm_perm.mode & SHMSEG_WANTED) | 426 (mode & ACCESSPERMS) | SHMSEG_ALLOCATED; 427 shmseg->shm_segsz = SCARG(uap, size); 428 shmseg->shm_cpid = p->p_pid; 429 shmseg->shm_lpid = shmseg->shm_nattch = 0; 430 shmseg->shm_atime = shmseg->shm_dtime = 0; 431 shmseg->shm_ctime = time.tv_sec; 432 shm_committed += btoc(size); 433 shm_nused++; 434 435 *retval = shmid; 436 if (shmseg->shm_perm.mode & SHMSEG_WANTED) { 437 /* 438 * Somebody else wanted this key while we were asleep. Wake 439 * them up now. 440 */ 441 shmseg->shm_perm.mode &= ~SHMSEG_WANTED; 442 wakeup((caddr_t)shmseg); 443 } 444 return error; 445 } 446 447 int 448 sys_shmget(p, v, retval) 449 struct proc *p; 450 void *v; 451 register_t *retval; 452 { 453 struct sys_shmget_args /* { 454 syscallarg(key_t) key; 455 syscallarg(int) size; 456 syscallarg(int) shmflg; 457 } */ *uap = v; 458 int segnum, mode, error; 459 460 mode = SCARG(uap, shmflg) & ACCESSPERMS; 461 if (SCARG(uap, key) != IPC_PRIVATE) { 462 again: 463 segnum = shm_find_segment_by_key(SCARG(uap, key)); 464 if (segnum >= 0) { 465 error = shmget_existing(p, uap, mode, segnum, retval); 466 if (error == EAGAIN) 467 goto again; 468 return error; 469 } 470 if ((SCARG(uap, shmflg) & IPC_CREAT) == 0) 471 return ENOENT; 472 } 473 return shmget_allocate_segment(p, uap, mode, retval); 474 } 475 476 void 477 shmfork(vm1, vm2) 478 struct vmspace *vm1, *vm2; 479 { 480 struct shmmap_state *shmmap_s; 481 size_t size; 482 int i; 483 484 if (vm1->vm_shm == NULL) { 485 vm2->vm_shm = NULL; 486 return; 487 } 488 489 size = shminfo.shmseg * sizeof(struct shmmap_state); 490 shmmap_s = malloc(size, M_SHM, M_WAITOK); 491 bcopy(vm1->vm_shm, shmmap_s, size); 492 vm2->vm_shm = (caddr_t)shmmap_s; 493 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 494 if (shmmap_s->shmid != -1) 495 shmsegs[IPCID_TO_IX(shmmap_s->shmid)].shm_nattch++; 496 } 497 498 void 499 shmexit(vm) 500 struct vmspace *vm; 501 { 502 struct shmmap_state *shmmap_s; 503 int i; 504 505 shmmap_s = (struct shmmap_state *)vm->vm_shm; 506 if (shmmap_s == NULL) 507 return; 508 for (i = 0; i < shminfo.shmseg; i++, shmmap_s++) 509 if (shmmap_s->shmid != -1) 510 shm_delete_mapping(vm, shmmap_s); 511 free(vm->vm_shm, M_SHM); 512 vm->vm_shm = NULL; 513 } 514 515 void 516 shminit() 517 { 518 int i; 519 520 shminfo.shmmax *= PAGE_SIZE; 521 522 for (i = 0; i < shminfo.shmmni; i++) { 523 shmsegs[i].shm_perm.mode = SHMSEG_FREE; 524 shmsegs[i].shm_perm.seq = 0; 525 } 526 shm_last_free = 0; 527 shm_nused = 0; 528 shm_committed = 0; 529 } 530 531 void 532 shmid_n2o(n, o) 533 struct shmid_ds *n; 534 struct oshmid_ds *o; 535 { 536 o->shm_segsz = n->shm_segsz; 537 o->shm_lpid = n->shm_lpid; 538 o->shm_cpid = n->shm_cpid; 539 o->shm_nattch = n->shm_nattch; 540 o->shm_atime = n->shm_atime; 541 o->shm_dtime = n->shm_dtime; 542 o->shm_ctime = n->shm_ctime; 543 o->shm_internal = n->shm_internal; 544 ipc_n2o(&n->shm_perm, &o->shm_perm); 545 } 546