1 /*- 2 * Copyright (c) 2002 Alfred Perlstein <alfred@FreeBSD.org> 3 * Copyright (c) 2003-2005 SPARTA, Inc. 4 * Copyright (c) 2005, 2016-2017 Robert N. M. Watson 5 * All rights reserved. 6 * 7 * This software was developed for the FreeBSD Project in part by Network 8 * Associates Laboratories, the Security Research Division of Network 9 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 10 * as part of the DARPA CHATS research program. 11 * 12 * Portions of this software were developed by BAE Systems, the University of 13 * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL 14 * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent 15 * Computing (TC) research program. 16 * 17 * Redistribution and use in source and binary forms, with or without 18 * modification, are permitted provided that the following conditions 19 * are met: 20 * 1. Redistributions of source code must retain the above copyright 21 * notice, this list of conditions and the following disclaimer. 22 * 2. Redistributions in binary form must reproduce the above copyright 23 * notice, this list of conditions and the following disclaimer in the 24 * documentation and/or other materials provided with the distribution. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 */ 38 39 #include <sys/cdefs.h> 40 __FBSDID("$FreeBSD$"); 41 42 #include "opt_compat.h" 43 #include "opt_posix.h" 44 45 #include <sys/param.h> 46 #include <sys/capsicum.h> 47 #include <sys/condvar.h> 48 #include <sys/fcntl.h> 49 #include <sys/file.h> 50 #include <sys/filedesc.h> 51 #include <sys/fnv_hash.h> 52 #include <sys/jail.h> 53 #include <sys/kernel.h> 54 #include <sys/ksem.h> 55 #include <sys/lock.h> 56 #include <sys/malloc.h> 57 #include <sys/module.h> 58 #include <sys/mutex.h> 59 #include <sys/priv.h> 60 #include <sys/proc.h> 61 #include <sys/posix4.h> 62 #include <sys/_semaphore.h> 63 #include <sys/stat.h> 64 #include <sys/syscall.h> 65 #include <sys/syscallsubr.h> 66 #include <sys/sysctl.h> 67 #include <sys/sysent.h> 68 #include <sys/sysproto.h> 69 #include <sys/systm.h> 70 #include <sys/sx.h> 71 #include <sys/user.h> 72 #include <sys/vnode.h> 73 74 #include <security/audit/audit.h> 75 #include <security/mac/mac_framework.h> 76 77 FEATURE(p1003_1b_semaphores, "POSIX P1003.1B semaphores support"); 78 /* 79 * TODO 80 * 81 * - Resource limits? 82 * - Replace global sem_lock with mtx_pool locks? 83 * - Add a MAC check_create() hook for creating new named semaphores. 84 */ 85 86 #ifndef SEM_MAX 87 #define SEM_MAX 30 88 #endif 89 90 #ifdef SEM_DEBUG 91 #define DP(x) printf x 92 #else 93 #define DP(x) 94 #endif 95 96 struct ksem_mapping { 97 char *km_path; 98 Fnv32_t km_fnv; 99 struct ksem *km_ksem; 100 LIST_ENTRY(ksem_mapping) km_link; 101 }; 102 103 static MALLOC_DEFINE(M_KSEM, "ksem", "semaphore file descriptor"); 104 static LIST_HEAD(, ksem_mapping) *ksem_dictionary; 105 static struct sx ksem_dict_lock; 106 static struct mtx ksem_count_lock; 107 static struct mtx sem_lock; 108 static u_long ksem_hash; 109 static int ksem_dead; 110 111 #define KSEM_HASH(fnv) (&ksem_dictionary[(fnv) & ksem_hash]) 112 113 static int nsems = 0; 114 SYSCTL_DECL(_p1003_1b); 115 SYSCTL_INT(_p1003_1b, OID_AUTO, nsems, CTLFLAG_RD, &nsems, 0, 116 "Number of active kernel POSIX semaphores"); 117 118 static int kern_sem_wait(struct thread *td, semid_t id, int tryflag, 119 struct timespec *abstime); 120 static int ksem_access(struct ksem *ks, struct ucred *ucred); 121 static struct ksem *ksem_alloc(struct ucred *ucred, mode_t mode, 122 unsigned int value); 123 static int ksem_create(struct thread *td, const char *path, 124 semid_t *semidp, mode_t mode, unsigned int value, 125 int flags, int compat32); 126 static void ksem_drop(struct ksem *ks); 127 static int ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, 128 struct file **fpp); 129 static struct ksem *ksem_hold(struct ksem *ks); 130 static void ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks); 131 static struct ksem *ksem_lookup(char *path, Fnv32_t fnv); 132 static void ksem_module_destroy(void); 133 static int ksem_module_init(void); 134 static int ksem_remove(char *path, Fnv32_t fnv, struct ucred *ucred); 135 static int sem_modload(struct module *module, int cmd, void *arg); 136 137 static fo_stat_t ksem_stat; 138 static fo_close_t ksem_closef; 139 static fo_chmod_t ksem_chmod; 140 static fo_chown_t ksem_chown; 141 static fo_fill_kinfo_t ksem_fill_kinfo; 142 143 /* File descriptor operations. */ 144 static struct fileops ksem_ops = { 145 .fo_read = invfo_rdwr, 146 .fo_write = invfo_rdwr, 147 .fo_truncate = invfo_truncate, 148 .fo_ioctl = invfo_ioctl, 149 .fo_poll = invfo_poll, 150 .fo_kqfilter = invfo_kqfilter, 151 .fo_stat = ksem_stat, 152 .fo_close = ksem_closef, 153 .fo_chmod = ksem_chmod, 154 .fo_chown = ksem_chown, 155 .fo_sendfile = invfo_sendfile, 156 .fo_fill_kinfo = ksem_fill_kinfo, 157 .fo_flags = DFLAG_PASSABLE 158 }; 159 160 FEATURE(posix_sem, "POSIX semaphores"); 161 162 static int 163 ksem_stat(struct file *fp, struct stat *sb, struct ucred *active_cred, 164 struct thread *td) 165 { 166 struct ksem *ks; 167 #ifdef MAC 168 int error; 169 #endif 170 171 ks = fp->f_data; 172 173 #ifdef MAC 174 error = mac_posixsem_check_stat(active_cred, fp->f_cred, ks); 175 if (error) 176 return (error); 177 #endif 178 179 /* 180 * Attempt to return sanish values for fstat() on a semaphore 181 * file descriptor. 182 */ 183 bzero(sb, sizeof(*sb)); 184 185 mtx_lock(&sem_lock); 186 sb->st_atim = ks->ks_atime; 187 sb->st_ctim = ks->ks_ctime; 188 sb->st_mtim = ks->ks_mtime; 189 sb->st_birthtim = ks->ks_birthtime; 190 sb->st_uid = ks->ks_uid; 191 sb->st_gid = ks->ks_gid; 192 sb->st_mode = S_IFREG | ks->ks_mode; /* XXX */ 193 mtx_unlock(&sem_lock); 194 195 return (0); 196 } 197 198 static int 199 ksem_chmod(struct file *fp, mode_t mode, struct ucred *active_cred, 200 struct thread *td) 201 { 202 struct ksem *ks; 203 int error; 204 205 error = 0; 206 ks = fp->f_data; 207 mtx_lock(&sem_lock); 208 #ifdef MAC 209 error = mac_posixsem_check_setmode(active_cred, ks, mode); 210 if (error != 0) 211 goto out; 212 #endif 213 error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid, VADMIN, 214 active_cred, NULL); 215 if (error != 0) 216 goto out; 217 ks->ks_mode = mode & ACCESSPERMS; 218 out: 219 mtx_unlock(&sem_lock); 220 return (error); 221 } 222 223 static int 224 ksem_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred, 225 struct thread *td) 226 { 227 struct ksem *ks; 228 int error; 229 230 error = 0; 231 ks = fp->f_data; 232 mtx_lock(&sem_lock); 233 #ifdef MAC 234 error = mac_posixsem_check_setowner(active_cred, ks, uid, gid); 235 if (error != 0) 236 goto out; 237 #endif 238 if (uid == (uid_t)-1) 239 uid = ks->ks_uid; 240 if (gid == (gid_t)-1) 241 gid = ks->ks_gid; 242 if (((uid != ks->ks_uid && uid != active_cred->cr_uid) || 243 (gid != ks->ks_gid && !groupmember(gid, active_cred))) && 244 (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0))) 245 goto out; 246 ks->ks_uid = uid; 247 ks->ks_gid = gid; 248 out: 249 mtx_unlock(&sem_lock); 250 return (error); 251 } 252 253 static int 254 ksem_closef(struct file *fp, struct thread *td) 255 { 256 struct ksem *ks; 257 258 ks = fp->f_data; 259 fp->f_data = NULL; 260 ksem_drop(ks); 261 262 return (0); 263 } 264 265 static int 266 ksem_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp) 267 { 268 const char *path, *pr_path; 269 struct ksem *ks; 270 size_t pr_pathlen; 271 272 kif->kf_type = KF_TYPE_SEM; 273 ks = fp->f_data; 274 mtx_lock(&sem_lock); 275 kif->kf_un.kf_sem.kf_sem_value = ks->ks_value; 276 kif->kf_un.kf_sem.kf_sem_mode = S_IFREG | ks->ks_mode; /* XXX */ 277 mtx_unlock(&sem_lock); 278 if (ks->ks_path != NULL) { 279 sx_slock(&ksem_dict_lock); 280 if (ks->ks_path != NULL) { 281 path = ks->ks_path; 282 pr_path = curthread->td_ucred->cr_prison->pr_path; 283 if (strcmp(pr_path, "/") != 0) { 284 /* Return the jail-rooted pathname. */ 285 pr_pathlen = strlen(pr_path); 286 if (strncmp(path, pr_path, pr_pathlen) == 0 && 287 path[pr_pathlen] == '/') 288 path += pr_pathlen; 289 } 290 strlcpy(kif->kf_path, path, sizeof(kif->kf_path)); 291 } 292 sx_sunlock(&ksem_dict_lock); 293 } 294 return (0); 295 } 296 297 /* 298 * ksem object management including creation and reference counting 299 * routines. 300 */ 301 static struct ksem * 302 ksem_alloc(struct ucred *ucred, mode_t mode, unsigned int value) 303 { 304 struct ksem *ks; 305 306 mtx_lock(&ksem_count_lock); 307 if (nsems == p31b_getcfg(CTL_P1003_1B_SEM_NSEMS_MAX) || ksem_dead) { 308 mtx_unlock(&ksem_count_lock); 309 return (NULL); 310 } 311 nsems++; 312 mtx_unlock(&ksem_count_lock); 313 ks = malloc(sizeof(*ks), M_KSEM, M_WAITOK | M_ZERO); 314 ks->ks_uid = ucred->cr_uid; 315 ks->ks_gid = ucred->cr_gid; 316 ks->ks_mode = mode; 317 ks->ks_value = value; 318 cv_init(&ks->ks_cv, "ksem"); 319 vfs_timestamp(&ks->ks_birthtime); 320 ks->ks_atime = ks->ks_mtime = ks->ks_ctime = ks->ks_birthtime; 321 refcount_init(&ks->ks_ref, 1); 322 #ifdef MAC 323 mac_posixsem_init(ks); 324 mac_posixsem_create(ucred, ks); 325 #endif 326 327 return (ks); 328 } 329 330 static struct ksem * 331 ksem_hold(struct ksem *ks) 332 { 333 334 refcount_acquire(&ks->ks_ref); 335 return (ks); 336 } 337 338 static void 339 ksem_drop(struct ksem *ks) 340 { 341 342 if (refcount_release(&ks->ks_ref)) { 343 #ifdef MAC 344 mac_posixsem_destroy(ks); 345 #endif 346 cv_destroy(&ks->ks_cv); 347 free(ks, M_KSEM); 348 mtx_lock(&ksem_count_lock); 349 nsems--; 350 mtx_unlock(&ksem_count_lock); 351 } 352 } 353 354 /* 355 * Determine if the credentials have sufficient permissions for read 356 * and write access. 357 */ 358 static int 359 ksem_access(struct ksem *ks, struct ucred *ucred) 360 { 361 int error; 362 363 error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid, 364 VREAD | VWRITE, ucred, NULL); 365 if (error) 366 error = priv_check_cred(ucred, PRIV_SEM_WRITE, 0); 367 return (error); 368 } 369 370 /* 371 * Dictionary management. We maintain an in-kernel dictionary to map 372 * paths to semaphore objects. We use the FNV hash on the path to 373 * store the mappings in a hash table. 374 */ 375 static struct ksem * 376 ksem_lookup(char *path, Fnv32_t fnv) 377 { 378 struct ksem_mapping *map; 379 380 LIST_FOREACH(map, KSEM_HASH(fnv), km_link) { 381 if (map->km_fnv != fnv) 382 continue; 383 if (strcmp(map->km_path, path) == 0) 384 return (map->km_ksem); 385 } 386 387 return (NULL); 388 } 389 390 static void 391 ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks) 392 { 393 struct ksem_mapping *map; 394 395 map = malloc(sizeof(struct ksem_mapping), M_KSEM, M_WAITOK); 396 map->km_path = path; 397 map->km_fnv = fnv; 398 map->km_ksem = ksem_hold(ks); 399 ks->ks_path = path; 400 LIST_INSERT_HEAD(KSEM_HASH(fnv), map, km_link); 401 } 402 403 static int 404 ksem_remove(char *path, Fnv32_t fnv, struct ucred *ucred) 405 { 406 struct ksem_mapping *map; 407 int error; 408 409 LIST_FOREACH(map, KSEM_HASH(fnv), km_link) { 410 if (map->km_fnv != fnv) 411 continue; 412 if (strcmp(map->km_path, path) == 0) { 413 #ifdef MAC 414 error = mac_posixsem_check_unlink(ucred, map->km_ksem); 415 if (error) 416 return (error); 417 #endif 418 error = ksem_access(map->km_ksem, ucred); 419 if (error) 420 return (error); 421 map->km_ksem->ks_path = NULL; 422 LIST_REMOVE(map, km_link); 423 ksem_drop(map->km_ksem); 424 free(map->km_path, M_KSEM); 425 free(map, M_KSEM); 426 return (0); 427 } 428 } 429 430 return (ENOENT); 431 } 432 433 static int 434 ksem_create_copyout_semid(struct thread *td, semid_t *semidp, int fd, 435 int compat32) 436 { 437 semid_t semid; 438 #ifdef COMPAT_FREEBSD32 439 int32_t semid32; 440 #endif 441 void *ptr; 442 size_t ptrs; 443 444 #ifdef COMPAT_FREEBSD32 445 if (compat32) { 446 semid32 = fd; 447 ptr = &semid32; 448 ptrs = sizeof(semid32); 449 } else { 450 #endif 451 semid = fd; 452 ptr = &semid; 453 ptrs = sizeof(semid); 454 compat32 = 0; /* silence gcc */ 455 #ifdef COMPAT_FREEBSD32 456 } 457 #endif 458 459 return (copyout(ptr, semidp, ptrs)); 460 } 461 462 /* Other helper routines. */ 463 static int 464 ksem_create(struct thread *td, const char *name, semid_t *semidp, mode_t mode, 465 unsigned int value, int flags, int compat32) 466 { 467 struct filedesc *fdp; 468 struct ksem *ks; 469 struct file *fp; 470 char *path; 471 const char *pr_path; 472 size_t pr_pathlen; 473 Fnv32_t fnv; 474 int error, fd; 475 476 AUDIT_ARG_FFLAGS(flags); 477 AUDIT_ARG_MODE(mode); 478 AUDIT_ARG_VALUE(value); 479 480 if (value > SEM_VALUE_MAX) 481 return (EINVAL); 482 483 fdp = td->td_proc->p_fd; 484 mode = (mode & ~fdp->fd_cmask) & ACCESSPERMS; 485 error = falloc(td, &fp, &fd, O_CLOEXEC); 486 if (error) { 487 if (name == NULL) 488 error = ENOSPC; 489 return (error); 490 } 491 492 /* 493 * Go ahead and copyout the file descriptor now. This is a bit 494 * premature, but it is a lot easier to handle errors as opposed 495 * to later when we've possibly created a new semaphore, etc. 496 */ 497 error = ksem_create_copyout_semid(td, semidp, fd, compat32); 498 if (error) { 499 fdclose(td, fp, fd); 500 fdrop(fp, td); 501 return (error); 502 } 503 504 if (name == NULL) { 505 /* Create an anonymous semaphore. */ 506 ks = ksem_alloc(td->td_ucred, mode, value); 507 if (ks == NULL) 508 error = ENOSPC; 509 else 510 ks->ks_flags |= KS_ANONYMOUS; 511 } else { 512 path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK); 513 pr_path = td->td_ucred->cr_prison->pr_path; 514 515 /* Construct a full pathname for jailed callers. */ 516 pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 517 : strlcpy(path, pr_path, MAXPATHLEN); 518 error = copyinstr(name, path + pr_pathlen, 519 MAXPATHLEN - pr_pathlen, NULL); 520 521 /* Require paths to start with a '/' character. */ 522 if (error == 0 && path[pr_pathlen] != '/') 523 error = EINVAL; 524 if (error) { 525 fdclose(td, fp, fd); 526 fdrop(fp, td); 527 free(path, M_KSEM); 528 return (error); 529 } 530 531 AUDIT_ARG_UPATH1_CANON(path); 532 fnv = fnv_32_str(path, FNV1_32_INIT); 533 sx_xlock(&ksem_dict_lock); 534 ks = ksem_lookup(path, fnv); 535 if (ks == NULL) { 536 /* Object does not exist, create it if requested. */ 537 if (flags & O_CREAT) { 538 ks = ksem_alloc(td->td_ucred, mode, value); 539 if (ks == NULL) 540 error = ENFILE; 541 else { 542 ksem_insert(path, fnv, ks); 543 path = NULL; 544 } 545 } else 546 error = ENOENT; 547 } else { 548 /* 549 * Object already exists, obtain a new 550 * reference if requested and permitted. 551 */ 552 if ((flags & (O_CREAT | O_EXCL)) == 553 (O_CREAT | O_EXCL)) 554 error = EEXIST; 555 else { 556 #ifdef MAC 557 error = mac_posixsem_check_open(td->td_ucred, 558 ks); 559 if (error == 0) 560 #endif 561 error = ksem_access(ks, td->td_ucred); 562 } 563 if (error == 0) 564 ksem_hold(ks); 565 #ifdef INVARIANTS 566 else 567 ks = NULL; 568 #endif 569 } 570 sx_xunlock(&ksem_dict_lock); 571 if (path) 572 free(path, M_KSEM); 573 } 574 575 if (error) { 576 KASSERT(ks == NULL, ("ksem_create error with a ksem")); 577 fdclose(td, fp, fd); 578 fdrop(fp, td); 579 return (error); 580 } 581 KASSERT(ks != NULL, ("ksem_create w/o a ksem")); 582 583 finit(fp, FREAD | FWRITE, DTYPE_SEM, ks, &ksem_ops); 584 585 fdrop(fp, td); 586 587 return (0); 588 } 589 590 static int 591 ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, 592 struct file **fpp) 593 { 594 struct ksem *ks; 595 struct file *fp; 596 int error; 597 598 error = fget(td, id, rightsp, &fp); 599 if (error) 600 return (EINVAL); 601 if (fp->f_type != DTYPE_SEM) { 602 fdrop(fp, td); 603 return (EINVAL); 604 } 605 ks = fp->f_data; 606 if (ks->ks_flags & KS_DEAD) { 607 fdrop(fp, td); 608 return (EINVAL); 609 } 610 *fpp = fp; 611 return (0); 612 } 613 614 /* System calls. */ 615 #ifndef _SYS_SYSPROTO_H_ 616 struct ksem_init_args { 617 unsigned int value; 618 semid_t *idp; 619 }; 620 #endif 621 int 622 sys_ksem_init(struct thread *td, struct ksem_init_args *uap) 623 { 624 625 return (ksem_create(td, NULL, uap->idp, S_IRWXU | S_IRWXG, uap->value, 626 0, 0)); 627 } 628 629 #ifndef _SYS_SYSPROTO_H_ 630 struct ksem_open_args { 631 char *name; 632 int oflag; 633 mode_t mode; 634 unsigned int value; 635 semid_t *idp; 636 }; 637 #endif 638 int 639 sys_ksem_open(struct thread *td, struct ksem_open_args *uap) 640 { 641 642 DP((">>> ksem_open start, pid=%d\n", (int)td->td_proc->p_pid)); 643 644 if ((uap->oflag & ~(O_CREAT | O_EXCL)) != 0) 645 return (EINVAL); 646 return (ksem_create(td, uap->name, uap->idp, uap->mode, uap->value, 647 uap->oflag, 0)); 648 } 649 650 #ifndef _SYS_SYSPROTO_H_ 651 struct ksem_unlink_args { 652 char *name; 653 }; 654 #endif 655 int 656 sys_ksem_unlink(struct thread *td, struct ksem_unlink_args *uap) 657 { 658 char *path; 659 const char *pr_path; 660 size_t pr_pathlen; 661 Fnv32_t fnv; 662 int error; 663 664 path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); 665 pr_path = td->td_ucred->cr_prison->pr_path; 666 pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 667 : strlcpy(path, pr_path, MAXPATHLEN); 668 error = copyinstr(uap->name, path + pr_pathlen, MAXPATHLEN - pr_pathlen, 669 NULL); 670 if (error) { 671 free(path, M_TEMP); 672 return (error); 673 } 674 675 AUDIT_ARG_UPATH1_CANON(path); 676 fnv = fnv_32_str(path, FNV1_32_INIT); 677 sx_xlock(&ksem_dict_lock); 678 error = ksem_remove(path, fnv, td->td_ucred); 679 sx_xunlock(&ksem_dict_lock); 680 free(path, M_TEMP); 681 682 return (error); 683 } 684 685 #ifndef _SYS_SYSPROTO_H_ 686 struct ksem_close_args { 687 semid_t id; 688 }; 689 #endif 690 int 691 sys_ksem_close(struct thread *td, struct ksem_close_args *uap) 692 { 693 cap_rights_t rights; 694 struct ksem *ks; 695 struct file *fp; 696 int error; 697 698 /* No capability rights required to close a semaphore. */ 699 AUDIT_ARG_FD(uap->id); 700 error = ksem_get(td, uap->id, cap_rights_init(&rights), &fp); 701 if (error) 702 return (error); 703 ks = fp->f_data; 704 if (ks->ks_flags & KS_ANONYMOUS) { 705 fdrop(fp, td); 706 return (EINVAL); 707 } 708 error = kern_close(td, uap->id); 709 fdrop(fp, td); 710 return (error); 711 } 712 713 #ifndef _SYS_SYSPROTO_H_ 714 struct ksem_post_args { 715 semid_t id; 716 }; 717 #endif 718 int 719 sys_ksem_post(struct thread *td, struct ksem_post_args *uap) 720 { 721 cap_rights_t rights; 722 struct file *fp; 723 struct ksem *ks; 724 int error; 725 726 AUDIT_ARG_FD(uap->id); 727 error = ksem_get(td, uap->id, 728 cap_rights_init(&rights, CAP_SEM_POST), &fp); 729 if (error) 730 return (error); 731 ks = fp->f_data; 732 733 mtx_lock(&sem_lock); 734 #ifdef MAC 735 error = mac_posixsem_check_post(td->td_ucred, fp->f_cred, ks); 736 if (error) 737 goto err; 738 #endif 739 if (ks->ks_value == SEM_VALUE_MAX) { 740 error = EOVERFLOW; 741 goto err; 742 } 743 ++ks->ks_value; 744 if (ks->ks_waiters > 0) 745 cv_signal(&ks->ks_cv); 746 error = 0; 747 vfs_timestamp(&ks->ks_ctime); 748 err: 749 mtx_unlock(&sem_lock); 750 fdrop(fp, td); 751 return (error); 752 } 753 754 #ifndef _SYS_SYSPROTO_H_ 755 struct ksem_wait_args { 756 semid_t id; 757 }; 758 #endif 759 int 760 sys_ksem_wait(struct thread *td, struct ksem_wait_args *uap) 761 { 762 763 return (kern_sem_wait(td, uap->id, 0, NULL)); 764 } 765 766 #ifndef _SYS_SYSPROTO_H_ 767 struct ksem_timedwait_args { 768 semid_t id; 769 const struct timespec *abstime; 770 }; 771 #endif 772 int 773 sys_ksem_timedwait(struct thread *td, struct ksem_timedwait_args *uap) 774 { 775 struct timespec abstime; 776 struct timespec *ts; 777 int error; 778 779 /* 780 * We allow a null timespec (wait forever). 781 */ 782 if (uap->abstime == NULL) 783 ts = NULL; 784 else { 785 error = copyin(uap->abstime, &abstime, sizeof(abstime)); 786 if (error != 0) 787 return (error); 788 if (abstime.tv_nsec >= 1000000000 || abstime.tv_nsec < 0) 789 return (EINVAL); 790 ts = &abstime; 791 } 792 return (kern_sem_wait(td, uap->id, 0, ts)); 793 } 794 795 #ifndef _SYS_SYSPROTO_H_ 796 struct ksem_trywait_args { 797 semid_t id; 798 }; 799 #endif 800 int 801 sys_ksem_trywait(struct thread *td, struct ksem_trywait_args *uap) 802 { 803 804 return (kern_sem_wait(td, uap->id, 1, NULL)); 805 } 806 807 static int 808 kern_sem_wait(struct thread *td, semid_t id, int tryflag, 809 struct timespec *abstime) 810 { 811 struct timespec ts1, ts2; 812 struct timeval tv; 813 cap_rights_t rights; 814 struct file *fp; 815 struct ksem *ks; 816 int error; 817 818 DP((">>> kern_sem_wait entered! pid=%d\n", (int)td->td_proc->p_pid)); 819 AUDIT_ARG_FD(id); 820 error = ksem_get(td, id, cap_rights_init(&rights, CAP_SEM_WAIT), &fp); 821 if (error) 822 return (error); 823 ks = fp->f_data; 824 mtx_lock(&sem_lock); 825 DP((">>> kern_sem_wait critical section entered! pid=%d\n", 826 (int)td->td_proc->p_pid)); 827 #ifdef MAC 828 error = mac_posixsem_check_wait(td->td_ucred, fp->f_cred, ks); 829 if (error) { 830 DP(("kern_sem_wait mac failed\n")); 831 goto err; 832 } 833 #endif 834 DP(("kern_sem_wait value = %d, tryflag %d\n", ks->ks_value, tryflag)); 835 vfs_timestamp(&ks->ks_atime); 836 while (ks->ks_value == 0) { 837 ks->ks_waiters++; 838 if (tryflag != 0) 839 error = EAGAIN; 840 else if (abstime == NULL) 841 error = cv_wait_sig(&ks->ks_cv, &sem_lock); 842 else { 843 for (;;) { 844 ts1 = *abstime; 845 getnanotime(&ts2); 846 timespecsub(&ts1, &ts2); 847 TIMESPEC_TO_TIMEVAL(&tv, &ts1); 848 if (tv.tv_sec < 0) { 849 error = ETIMEDOUT; 850 break; 851 } 852 error = cv_timedwait_sig(&ks->ks_cv, 853 &sem_lock, tvtohz(&tv)); 854 if (error != EWOULDBLOCK) 855 break; 856 } 857 } 858 ks->ks_waiters--; 859 if (error) 860 goto err; 861 } 862 ks->ks_value--; 863 DP(("kern_sem_wait value post-decrement = %d\n", ks->ks_value)); 864 error = 0; 865 err: 866 mtx_unlock(&sem_lock); 867 fdrop(fp, td); 868 DP(("<<< kern_sem_wait leaving, pid=%d, error = %d\n", 869 (int)td->td_proc->p_pid, error)); 870 return (error); 871 } 872 873 #ifndef _SYS_SYSPROTO_H_ 874 struct ksem_getvalue_args { 875 semid_t id; 876 int *val; 877 }; 878 #endif 879 int 880 sys_ksem_getvalue(struct thread *td, struct ksem_getvalue_args *uap) 881 { 882 cap_rights_t rights; 883 struct file *fp; 884 struct ksem *ks; 885 int error, val; 886 887 AUDIT_ARG_FD(uap->id); 888 error = ksem_get(td, uap->id, 889 cap_rights_init(&rights, CAP_SEM_GETVALUE), &fp); 890 if (error) 891 return (error); 892 ks = fp->f_data; 893 894 mtx_lock(&sem_lock); 895 #ifdef MAC 896 error = mac_posixsem_check_getvalue(td->td_ucred, fp->f_cred, ks); 897 if (error) { 898 mtx_unlock(&sem_lock); 899 fdrop(fp, td); 900 return (error); 901 } 902 #endif 903 val = ks->ks_value; 904 vfs_timestamp(&ks->ks_atime); 905 mtx_unlock(&sem_lock); 906 fdrop(fp, td); 907 error = copyout(&val, uap->val, sizeof(val)); 908 return (error); 909 } 910 911 #ifndef _SYS_SYSPROTO_H_ 912 struct ksem_destroy_args { 913 semid_t id; 914 }; 915 #endif 916 int 917 sys_ksem_destroy(struct thread *td, struct ksem_destroy_args *uap) 918 { 919 cap_rights_t rights; 920 struct file *fp; 921 struct ksem *ks; 922 int error; 923 924 /* No capability rights required to close a semaphore. */ 925 AUDIT_ARG_FD(uap->id); 926 error = ksem_get(td, uap->id, cap_rights_init(&rights), &fp); 927 if (error) 928 return (error); 929 ks = fp->f_data; 930 if (!(ks->ks_flags & KS_ANONYMOUS)) { 931 fdrop(fp, td); 932 return (EINVAL); 933 } 934 mtx_lock(&sem_lock); 935 if (ks->ks_waiters != 0) { 936 mtx_unlock(&sem_lock); 937 error = EBUSY; 938 goto err; 939 } 940 ks->ks_flags |= KS_DEAD; 941 mtx_unlock(&sem_lock); 942 943 error = kern_close(td, uap->id); 944 err: 945 fdrop(fp, td); 946 return (error); 947 } 948 949 static struct syscall_helper_data ksem_syscalls[] = { 950 SYSCALL_INIT_HELPER(ksem_init), 951 SYSCALL_INIT_HELPER(ksem_open), 952 SYSCALL_INIT_HELPER(ksem_unlink), 953 SYSCALL_INIT_HELPER(ksem_close), 954 SYSCALL_INIT_HELPER(ksem_post), 955 SYSCALL_INIT_HELPER(ksem_wait), 956 SYSCALL_INIT_HELPER(ksem_timedwait), 957 SYSCALL_INIT_HELPER(ksem_trywait), 958 SYSCALL_INIT_HELPER(ksem_getvalue), 959 SYSCALL_INIT_HELPER(ksem_destroy), 960 SYSCALL_INIT_LAST 961 }; 962 963 #ifdef COMPAT_FREEBSD32 964 #include <compat/freebsd32/freebsd32.h> 965 #include <compat/freebsd32/freebsd32_proto.h> 966 #include <compat/freebsd32/freebsd32_signal.h> 967 #include <compat/freebsd32/freebsd32_syscall.h> 968 #include <compat/freebsd32/freebsd32_util.h> 969 970 int 971 freebsd32_ksem_init(struct thread *td, struct freebsd32_ksem_init_args *uap) 972 { 973 974 return (ksem_create(td, NULL, uap->idp, S_IRWXU | S_IRWXG, uap->value, 975 0, 1)); 976 } 977 978 int 979 freebsd32_ksem_open(struct thread *td, struct freebsd32_ksem_open_args *uap) 980 { 981 982 if ((uap->oflag & ~(O_CREAT | O_EXCL)) != 0) 983 return (EINVAL); 984 return (ksem_create(td, uap->name, uap->idp, uap->mode, uap->value, 985 uap->oflag, 1)); 986 } 987 988 int 989 freebsd32_ksem_timedwait(struct thread *td, 990 struct freebsd32_ksem_timedwait_args *uap) 991 { 992 struct timespec32 abstime32; 993 struct timespec *ts, abstime; 994 int error; 995 996 /* 997 * We allow a null timespec (wait forever). 998 */ 999 if (uap->abstime == NULL) 1000 ts = NULL; 1001 else { 1002 error = copyin(uap->abstime, &abstime32, sizeof(abstime32)); 1003 if (error != 0) 1004 return (error); 1005 CP(abstime32, abstime, tv_sec); 1006 CP(abstime32, abstime, tv_nsec); 1007 if (abstime.tv_nsec >= 1000000000 || abstime.tv_nsec < 0) 1008 return (EINVAL); 1009 ts = &abstime; 1010 } 1011 return (kern_sem_wait(td, uap->id, 0, ts)); 1012 } 1013 1014 static struct syscall_helper_data ksem32_syscalls[] = { 1015 SYSCALL32_INIT_HELPER(freebsd32_ksem_init), 1016 SYSCALL32_INIT_HELPER(freebsd32_ksem_open), 1017 SYSCALL32_INIT_HELPER_COMPAT(ksem_unlink), 1018 SYSCALL32_INIT_HELPER_COMPAT(ksem_close), 1019 SYSCALL32_INIT_HELPER_COMPAT(ksem_post), 1020 SYSCALL32_INIT_HELPER_COMPAT(ksem_wait), 1021 SYSCALL32_INIT_HELPER(freebsd32_ksem_timedwait), 1022 SYSCALL32_INIT_HELPER_COMPAT(ksem_trywait), 1023 SYSCALL32_INIT_HELPER_COMPAT(ksem_getvalue), 1024 SYSCALL32_INIT_HELPER_COMPAT(ksem_destroy), 1025 SYSCALL_INIT_LAST 1026 }; 1027 #endif 1028 1029 static int 1030 ksem_module_init(void) 1031 { 1032 int error; 1033 1034 mtx_init(&sem_lock, "sem", NULL, MTX_DEF); 1035 mtx_init(&ksem_count_lock, "ksem count", NULL, MTX_DEF); 1036 sx_init(&ksem_dict_lock, "ksem dictionary"); 1037 ksem_dictionary = hashinit(1024, M_KSEM, &ksem_hash); 1038 p31b_setcfg(CTL_P1003_1B_SEMAPHORES, 200112L); 1039 p31b_setcfg(CTL_P1003_1B_SEM_NSEMS_MAX, SEM_MAX); 1040 p31b_setcfg(CTL_P1003_1B_SEM_VALUE_MAX, SEM_VALUE_MAX); 1041 1042 error = syscall_helper_register(ksem_syscalls, SY_THR_STATIC_KLD); 1043 if (error) 1044 return (error); 1045 #ifdef COMPAT_FREEBSD32 1046 error = syscall32_helper_register(ksem32_syscalls, SY_THR_STATIC_KLD); 1047 if (error) 1048 return (error); 1049 #endif 1050 return (0); 1051 } 1052 1053 static void 1054 ksem_module_destroy(void) 1055 { 1056 1057 #ifdef COMPAT_FREEBSD32 1058 syscall32_helper_unregister(ksem32_syscalls); 1059 #endif 1060 syscall_helper_unregister(ksem_syscalls); 1061 1062 p31b_setcfg(CTL_P1003_1B_SEMAPHORES, 0); 1063 hashdestroy(ksem_dictionary, M_KSEM, ksem_hash); 1064 sx_destroy(&ksem_dict_lock); 1065 mtx_destroy(&ksem_count_lock); 1066 mtx_destroy(&sem_lock); 1067 p31b_unsetcfg(CTL_P1003_1B_SEM_VALUE_MAX); 1068 p31b_unsetcfg(CTL_P1003_1B_SEM_NSEMS_MAX); 1069 } 1070 1071 static int 1072 sem_modload(struct module *module, int cmd, void *arg) 1073 { 1074 int error = 0; 1075 1076 switch (cmd) { 1077 case MOD_LOAD: 1078 error = ksem_module_init(); 1079 if (error) 1080 ksem_module_destroy(); 1081 break; 1082 1083 case MOD_UNLOAD: 1084 mtx_lock(&ksem_count_lock); 1085 if (nsems != 0) { 1086 error = EOPNOTSUPP; 1087 mtx_unlock(&ksem_count_lock); 1088 break; 1089 } 1090 ksem_dead = 1; 1091 mtx_unlock(&ksem_count_lock); 1092 ksem_module_destroy(); 1093 break; 1094 1095 case MOD_SHUTDOWN: 1096 break; 1097 default: 1098 error = EINVAL; 1099 break; 1100 } 1101 return (error); 1102 } 1103 1104 static moduledata_t sem_mod = { 1105 "sem", 1106 &sem_modload, 1107 NULL 1108 }; 1109 1110 DECLARE_MODULE(sem, sem_mod, SI_SUB_SYSV_SEM, SI_ORDER_FIRST); 1111 MODULE_VERSION(sem, 1); 1112