1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2002 Alfred Perlstein <alfred@FreeBSD.org> 5 * Copyright (c) 2003-2005 SPARTA, Inc. 6 * Copyright (c) 2005, 2016-2017 Robert N. M. Watson 7 * All rights reserved. 8 * 9 * This software was developed for the FreeBSD Project in part by Network 10 * Associates Laboratories, the Security Research Division of Network 11 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 12 * as part of the DARPA CHATS research program. 13 * 14 * Portions of this software were developed by BAE Systems, the University of 15 * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL 16 * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent 17 * Computing (TC) research program. 18 * 19 * Redistribution and use in source and binary forms, with or without 20 * modification, are permitted provided that the following conditions 21 * are met: 22 * 1. Redistributions of source code must retain the above copyright 23 * notice, this list of conditions and the following disclaimer. 24 * 2. Redistributions in binary form must reproduce the above copyright 25 * notice, this list of conditions and the following disclaimer in the 26 * documentation and/or other materials provided with the distribution. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 */ 40 41 #include <sys/cdefs.h> 42 __FBSDID("$FreeBSD$"); 43 44 #include "opt_posix.h" 45 46 #include <sys/param.h> 47 #include <sys/capsicum.h> 48 #include <sys/condvar.h> 49 #include <sys/fcntl.h> 50 #include <sys/file.h> 51 #include <sys/filedesc.h> 52 #include <sys/fnv_hash.h> 53 #include <sys/jail.h> 54 #include <sys/kernel.h> 55 #include <sys/ksem.h> 56 #include <sys/lock.h> 57 #include <sys/malloc.h> 58 #include <sys/module.h> 59 #include <sys/mutex.h> 60 #include <sys/priv.h> 61 #include <sys/proc.h> 62 #include <sys/posix4.h> 63 #include <sys/_semaphore.h> 64 #include <sys/stat.h> 65 #include <sys/syscall.h> 66 #include <sys/syscallsubr.h> 67 #include <sys/sysctl.h> 68 #include <sys/sysent.h> 69 #include <sys/sysproto.h> 70 #include <sys/systm.h> 71 #include <sys/sx.h> 72 #include <sys/user.h> 73 #include <sys/vnode.h> 74 75 #include <security/audit/audit.h> 76 #include <security/mac/mac_framework.h> 77 78 FEATURE(p1003_1b_semaphores, "POSIX P1003.1B semaphores support"); 79 /* 80 * TODO 81 * 82 * - Resource limits? 83 * - Replace global sem_lock with mtx_pool locks? 84 * - Add a MAC check_create() hook for creating new named semaphores. 85 */ 86 87 #ifndef SEM_MAX 88 #define SEM_MAX 30 89 #endif 90 91 #ifdef SEM_DEBUG 92 #define DP(x) printf x 93 #else 94 #define DP(x) 95 #endif 96 97 struct ksem_mapping { 98 char *km_path; 99 Fnv32_t km_fnv; 100 struct ksem *km_ksem; 101 LIST_ENTRY(ksem_mapping) km_link; 102 }; 103 104 static MALLOC_DEFINE(M_KSEM, "ksem", "semaphore file descriptor"); 105 static LIST_HEAD(, ksem_mapping) *ksem_dictionary; 106 static struct sx ksem_dict_lock; 107 static struct mtx ksem_count_lock; 108 static struct mtx sem_lock; 109 static u_long ksem_hash; 110 static int ksem_dead; 111 112 #define KSEM_HASH(fnv) (&ksem_dictionary[(fnv) & ksem_hash]) 113 114 static int nsems = 0; 115 SYSCTL_DECL(_p1003_1b); 116 SYSCTL_INT(_p1003_1b, OID_AUTO, nsems, CTLFLAG_RD, &nsems, 0, 117 "Number of active kernel POSIX semaphores"); 118 119 static int kern_sem_wait(struct thread *td, semid_t id, int tryflag, 120 struct timespec *abstime); 121 static int ksem_access(struct ksem *ks, struct ucred *ucred); 122 static struct ksem *ksem_alloc(struct ucred *ucred, mode_t mode, 123 unsigned int value); 124 static int ksem_create(struct thread *td, const char *path, 125 semid_t *semidp, mode_t mode, unsigned int value, 126 int flags, int compat32); 127 static void ksem_drop(struct ksem *ks); 128 static int ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, 129 struct file **fpp); 130 static struct ksem *ksem_hold(struct ksem *ks); 131 static void ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks); 132 static struct ksem *ksem_lookup(char *path, Fnv32_t fnv); 133 static void ksem_module_destroy(void); 134 static int ksem_module_init(void); 135 static int ksem_remove(char *path, Fnv32_t fnv, struct ucred *ucred); 136 static int sem_modload(struct module *module, int cmd, void *arg); 137 138 static fo_stat_t ksem_stat; 139 static fo_close_t ksem_closef; 140 static fo_chmod_t ksem_chmod; 141 static fo_chown_t ksem_chown; 142 static fo_fill_kinfo_t ksem_fill_kinfo; 143 144 /* File descriptor operations. */ 145 static struct fileops ksem_ops = { 146 .fo_read = invfo_rdwr, 147 .fo_write = invfo_rdwr, 148 .fo_truncate = invfo_truncate, 149 .fo_ioctl = invfo_ioctl, 150 .fo_poll = invfo_poll, 151 .fo_kqfilter = invfo_kqfilter, 152 .fo_stat = ksem_stat, 153 .fo_close = ksem_closef, 154 .fo_chmod = ksem_chmod, 155 .fo_chown = ksem_chown, 156 .fo_sendfile = invfo_sendfile, 157 .fo_fill_kinfo = ksem_fill_kinfo, 158 .fo_flags = DFLAG_PASSABLE 159 }; 160 161 FEATURE(posix_sem, "POSIX semaphores"); 162 163 static int 164 ksem_stat(struct file *fp, struct stat *sb, struct ucred *active_cred, 165 struct thread *td) 166 { 167 struct ksem *ks; 168 #ifdef MAC 169 int error; 170 #endif 171 172 ks = fp->f_data; 173 174 #ifdef MAC 175 error = mac_posixsem_check_stat(active_cred, fp->f_cred, ks); 176 if (error) 177 return (error); 178 #endif 179 180 /* 181 * Attempt to return sanish values for fstat() on a semaphore 182 * file descriptor. 183 */ 184 bzero(sb, sizeof(*sb)); 185 186 mtx_lock(&sem_lock); 187 sb->st_atim = ks->ks_atime; 188 sb->st_ctim = ks->ks_ctime; 189 sb->st_mtim = ks->ks_mtime; 190 sb->st_birthtim = ks->ks_birthtime; 191 sb->st_uid = ks->ks_uid; 192 sb->st_gid = ks->ks_gid; 193 sb->st_mode = S_IFREG | ks->ks_mode; /* XXX */ 194 mtx_unlock(&sem_lock); 195 196 return (0); 197 } 198 199 static int 200 ksem_chmod(struct file *fp, mode_t mode, struct ucred *active_cred, 201 struct thread *td) 202 { 203 struct ksem *ks; 204 int error; 205 206 error = 0; 207 ks = fp->f_data; 208 mtx_lock(&sem_lock); 209 #ifdef MAC 210 error = mac_posixsem_check_setmode(active_cred, ks, mode); 211 if (error != 0) 212 goto out; 213 #endif 214 error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid, VADMIN, 215 active_cred, NULL); 216 if (error != 0) 217 goto out; 218 ks->ks_mode = mode & ACCESSPERMS; 219 out: 220 mtx_unlock(&sem_lock); 221 return (error); 222 } 223 224 static int 225 ksem_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred, 226 struct thread *td) 227 { 228 struct ksem *ks; 229 int error; 230 231 error = 0; 232 ks = fp->f_data; 233 mtx_lock(&sem_lock); 234 #ifdef MAC 235 error = mac_posixsem_check_setowner(active_cred, ks, uid, gid); 236 if (error != 0) 237 goto out; 238 #endif 239 if (uid == (uid_t)-1) 240 uid = ks->ks_uid; 241 if (gid == (gid_t)-1) 242 gid = ks->ks_gid; 243 if (((uid != ks->ks_uid && uid != active_cred->cr_uid) || 244 (gid != ks->ks_gid && !groupmember(gid, active_cred))) && 245 (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0))) 246 goto out; 247 ks->ks_uid = uid; 248 ks->ks_gid = gid; 249 out: 250 mtx_unlock(&sem_lock); 251 return (error); 252 } 253 254 static int 255 ksem_closef(struct file *fp, struct thread *td) 256 { 257 struct ksem *ks; 258 259 ks = fp->f_data; 260 fp->f_data = NULL; 261 ksem_drop(ks); 262 263 return (0); 264 } 265 266 static int 267 ksem_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp) 268 { 269 const char *path, *pr_path; 270 struct ksem *ks; 271 size_t pr_pathlen; 272 273 kif->kf_type = KF_TYPE_SEM; 274 ks = fp->f_data; 275 mtx_lock(&sem_lock); 276 kif->kf_un.kf_sem.kf_sem_value = ks->ks_value; 277 kif->kf_un.kf_sem.kf_sem_mode = S_IFREG | ks->ks_mode; /* XXX */ 278 mtx_unlock(&sem_lock); 279 if (ks->ks_path != NULL) { 280 sx_slock(&ksem_dict_lock); 281 if (ks->ks_path != NULL) { 282 path = ks->ks_path; 283 pr_path = curthread->td_ucred->cr_prison->pr_path; 284 if (strcmp(pr_path, "/") != 0) { 285 /* Return the jail-rooted pathname. */ 286 pr_pathlen = strlen(pr_path); 287 if (strncmp(path, pr_path, pr_pathlen) == 0 && 288 path[pr_pathlen] == '/') 289 path += pr_pathlen; 290 } 291 strlcpy(kif->kf_path, path, sizeof(kif->kf_path)); 292 } 293 sx_sunlock(&ksem_dict_lock); 294 } 295 return (0); 296 } 297 298 /* 299 * ksem object management including creation and reference counting 300 * routines. 301 */ 302 static struct ksem * 303 ksem_alloc(struct ucred *ucred, mode_t mode, unsigned int value) 304 { 305 struct ksem *ks; 306 307 mtx_lock(&ksem_count_lock); 308 if (nsems == p31b_getcfg(CTL_P1003_1B_SEM_NSEMS_MAX) || ksem_dead) { 309 mtx_unlock(&ksem_count_lock); 310 return (NULL); 311 } 312 nsems++; 313 mtx_unlock(&ksem_count_lock); 314 ks = malloc(sizeof(*ks), M_KSEM, M_WAITOK | M_ZERO); 315 ks->ks_uid = ucred->cr_uid; 316 ks->ks_gid = ucred->cr_gid; 317 ks->ks_mode = mode; 318 ks->ks_value = value; 319 cv_init(&ks->ks_cv, "ksem"); 320 vfs_timestamp(&ks->ks_birthtime); 321 ks->ks_atime = ks->ks_mtime = ks->ks_ctime = ks->ks_birthtime; 322 refcount_init(&ks->ks_ref, 1); 323 #ifdef MAC 324 mac_posixsem_init(ks); 325 mac_posixsem_create(ucred, ks); 326 #endif 327 328 return (ks); 329 } 330 331 static struct ksem * 332 ksem_hold(struct ksem *ks) 333 { 334 335 refcount_acquire(&ks->ks_ref); 336 return (ks); 337 } 338 339 static void 340 ksem_drop(struct ksem *ks) 341 { 342 343 if (refcount_release(&ks->ks_ref)) { 344 #ifdef MAC 345 mac_posixsem_destroy(ks); 346 #endif 347 cv_destroy(&ks->ks_cv); 348 free(ks, M_KSEM); 349 mtx_lock(&ksem_count_lock); 350 nsems--; 351 mtx_unlock(&ksem_count_lock); 352 } 353 } 354 355 /* 356 * Determine if the credentials have sufficient permissions for read 357 * and write access. 358 */ 359 static int 360 ksem_access(struct ksem *ks, struct ucred *ucred) 361 { 362 int error; 363 364 error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid, 365 VREAD | VWRITE, ucred, NULL); 366 if (error) 367 error = priv_check_cred(ucred, PRIV_SEM_WRITE, 0); 368 return (error); 369 } 370 371 /* 372 * Dictionary management. We maintain an in-kernel dictionary to map 373 * paths to semaphore objects. We use the FNV hash on the path to 374 * store the mappings in a hash table. 375 */ 376 static struct ksem * 377 ksem_lookup(char *path, Fnv32_t fnv) 378 { 379 struct ksem_mapping *map; 380 381 LIST_FOREACH(map, KSEM_HASH(fnv), km_link) { 382 if (map->km_fnv != fnv) 383 continue; 384 if (strcmp(map->km_path, path) == 0) 385 return (map->km_ksem); 386 } 387 388 return (NULL); 389 } 390 391 static void 392 ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks) 393 { 394 struct ksem_mapping *map; 395 396 map = malloc(sizeof(struct ksem_mapping), M_KSEM, M_WAITOK); 397 map->km_path = path; 398 map->km_fnv = fnv; 399 map->km_ksem = ksem_hold(ks); 400 ks->ks_path = path; 401 LIST_INSERT_HEAD(KSEM_HASH(fnv), map, km_link); 402 } 403 404 static int 405 ksem_remove(char *path, Fnv32_t fnv, struct ucred *ucred) 406 { 407 struct ksem_mapping *map; 408 int error; 409 410 LIST_FOREACH(map, KSEM_HASH(fnv), km_link) { 411 if (map->km_fnv != fnv) 412 continue; 413 if (strcmp(map->km_path, path) == 0) { 414 #ifdef MAC 415 error = mac_posixsem_check_unlink(ucred, map->km_ksem); 416 if (error) 417 return (error); 418 #endif 419 error = ksem_access(map->km_ksem, ucred); 420 if (error) 421 return (error); 422 map->km_ksem->ks_path = NULL; 423 LIST_REMOVE(map, km_link); 424 ksem_drop(map->km_ksem); 425 free(map->km_path, M_KSEM); 426 free(map, M_KSEM); 427 return (0); 428 } 429 } 430 431 return (ENOENT); 432 } 433 434 static int 435 ksem_create_copyout_semid(struct thread *td, semid_t *semidp, int fd, 436 int compat32) 437 { 438 semid_t semid; 439 #ifdef COMPAT_FREEBSD32 440 int32_t semid32; 441 #endif 442 void *ptr; 443 size_t ptrs; 444 445 #ifdef COMPAT_FREEBSD32 446 if (compat32) { 447 semid32 = fd; 448 ptr = &semid32; 449 ptrs = sizeof(semid32); 450 } else { 451 #endif 452 semid = fd; 453 ptr = &semid; 454 ptrs = sizeof(semid); 455 compat32 = 0; /* silence gcc */ 456 #ifdef COMPAT_FREEBSD32 457 } 458 #endif 459 460 return (copyout(ptr, semidp, ptrs)); 461 } 462 463 /* Other helper routines. */ 464 static int 465 ksem_create(struct thread *td, const char *name, semid_t *semidp, mode_t mode, 466 unsigned int value, int flags, int compat32) 467 { 468 struct filedesc *fdp; 469 struct ksem *ks; 470 struct file *fp; 471 char *path; 472 const char *pr_path; 473 size_t pr_pathlen; 474 Fnv32_t fnv; 475 int error, fd; 476 477 AUDIT_ARG_FFLAGS(flags); 478 AUDIT_ARG_MODE(mode); 479 AUDIT_ARG_VALUE(value); 480 481 if (value > SEM_VALUE_MAX) 482 return (EINVAL); 483 484 fdp = td->td_proc->p_fd; 485 mode = (mode & ~fdp->fd_cmask) & ACCESSPERMS; 486 error = falloc(td, &fp, &fd, O_CLOEXEC); 487 if (error) { 488 if (name == NULL) 489 error = ENOSPC; 490 return (error); 491 } 492 493 /* 494 * Go ahead and copyout the file descriptor now. This is a bit 495 * premature, but it is a lot easier to handle errors as opposed 496 * to later when we've possibly created a new semaphore, etc. 497 */ 498 error = ksem_create_copyout_semid(td, semidp, fd, compat32); 499 if (error) { 500 fdclose(td, fp, fd); 501 fdrop(fp, td); 502 return (error); 503 } 504 505 if (name == NULL) { 506 /* Create an anonymous semaphore. */ 507 ks = ksem_alloc(td->td_ucred, mode, value); 508 if (ks == NULL) 509 error = ENOSPC; 510 else 511 ks->ks_flags |= KS_ANONYMOUS; 512 } else { 513 path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK); 514 pr_path = td->td_ucred->cr_prison->pr_path; 515 516 /* Construct a full pathname for jailed callers. */ 517 pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 518 : strlcpy(path, pr_path, MAXPATHLEN); 519 error = copyinstr(name, path + pr_pathlen, 520 MAXPATHLEN - pr_pathlen, NULL); 521 522 /* Require paths to start with a '/' character. */ 523 if (error == 0 && path[pr_pathlen] != '/') 524 error = EINVAL; 525 if (error) { 526 fdclose(td, fp, fd); 527 fdrop(fp, td); 528 free(path, M_KSEM); 529 return (error); 530 } 531 532 AUDIT_ARG_UPATH1_CANON(path); 533 fnv = fnv_32_str(path, FNV1_32_INIT); 534 sx_xlock(&ksem_dict_lock); 535 ks = ksem_lookup(path, fnv); 536 if (ks == NULL) { 537 /* Object does not exist, create it if requested. */ 538 if (flags & O_CREAT) { 539 ks = ksem_alloc(td->td_ucred, mode, value); 540 if (ks == NULL) 541 error = ENFILE; 542 else { 543 ksem_insert(path, fnv, ks); 544 path = NULL; 545 } 546 } else 547 error = ENOENT; 548 } else { 549 /* 550 * Object already exists, obtain a new 551 * reference if requested and permitted. 552 */ 553 if ((flags & (O_CREAT | O_EXCL)) == 554 (O_CREAT | O_EXCL)) 555 error = EEXIST; 556 else { 557 #ifdef MAC 558 error = mac_posixsem_check_open(td->td_ucred, 559 ks); 560 if (error == 0) 561 #endif 562 error = ksem_access(ks, td->td_ucred); 563 } 564 if (error == 0) 565 ksem_hold(ks); 566 #ifdef INVARIANTS 567 else 568 ks = NULL; 569 #endif 570 } 571 sx_xunlock(&ksem_dict_lock); 572 if (path) 573 free(path, M_KSEM); 574 } 575 576 if (error) { 577 KASSERT(ks == NULL, ("ksem_create error with a ksem")); 578 fdclose(td, fp, fd); 579 fdrop(fp, td); 580 return (error); 581 } 582 KASSERT(ks != NULL, ("ksem_create w/o a ksem")); 583 584 finit(fp, FREAD | FWRITE, DTYPE_SEM, ks, &ksem_ops); 585 586 fdrop(fp, td); 587 588 return (0); 589 } 590 591 static int 592 ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, 593 struct file **fpp) 594 { 595 struct ksem *ks; 596 struct file *fp; 597 int error; 598 599 error = fget(td, id, rightsp, &fp); 600 if (error) 601 return (EINVAL); 602 if (fp->f_type != DTYPE_SEM) { 603 fdrop(fp, td); 604 return (EINVAL); 605 } 606 ks = fp->f_data; 607 if (ks->ks_flags & KS_DEAD) { 608 fdrop(fp, td); 609 return (EINVAL); 610 } 611 *fpp = fp; 612 return (0); 613 } 614 615 /* System calls. */ 616 #ifndef _SYS_SYSPROTO_H_ 617 struct ksem_init_args { 618 unsigned int value; 619 semid_t *idp; 620 }; 621 #endif 622 int 623 sys_ksem_init(struct thread *td, struct ksem_init_args *uap) 624 { 625 626 return (ksem_create(td, NULL, uap->idp, S_IRWXU | S_IRWXG, uap->value, 627 0, 0)); 628 } 629 630 #ifndef _SYS_SYSPROTO_H_ 631 struct ksem_open_args { 632 char *name; 633 int oflag; 634 mode_t mode; 635 unsigned int value; 636 semid_t *idp; 637 }; 638 #endif 639 int 640 sys_ksem_open(struct thread *td, struct ksem_open_args *uap) 641 { 642 643 DP((">>> ksem_open start, pid=%d\n", (int)td->td_proc->p_pid)); 644 645 if ((uap->oflag & ~(O_CREAT | O_EXCL)) != 0) 646 return (EINVAL); 647 return (ksem_create(td, uap->name, uap->idp, uap->mode, uap->value, 648 uap->oflag, 0)); 649 } 650 651 #ifndef _SYS_SYSPROTO_H_ 652 struct ksem_unlink_args { 653 char *name; 654 }; 655 #endif 656 int 657 sys_ksem_unlink(struct thread *td, struct ksem_unlink_args *uap) 658 { 659 char *path; 660 const char *pr_path; 661 size_t pr_pathlen; 662 Fnv32_t fnv; 663 int error; 664 665 path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); 666 pr_path = td->td_ucred->cr_prison->pr_path; 667 pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 668 : strlcpy(path, pr_path, MAXPATHLEN); 669 error = copyinstr(uap->name, path + pr_pathlen, MAXPATHLEN - pr_pathlen, 670 NULL); 671 if (error) { 672 free(path, M_TEMP); 673 return (error); 674 } 675 676 AUDIT_ARG_UPATH1_CANON(path); 677 fnv = fnv_32_str(path, FNV1_32_INIT); 678 sx_xlock(&ksem_dict_lock); 679 error = ksem_remove(path, fnv, td->td_ucred); 680 sx_xunlock(&ksem_dict_lock); 681 free(path, M_TEMP); 682 683 return (error); 684 } 685 686 #ifndef _SYS_SYSPROTO_H_ 687 struct ksem_close_args { 688 semid_t id; 689 }; 690 #endif 691 int 692 sys_ksem_close(struct thread *td, struct ksem_close_args *uap) 693 { 694 cap_rights_t rights; 695 struct ksem *ks; 696 struct file *fp; 697 int error; 698 699 /* No capability rights required to close a semaphore. */ 700 AUDIT_ARG_FD(uap->id); 701 error = ksem_get(td, uap->id, cap_rights_init(&rights), &fp); 702 if (error) 703 return (error); 704 ks = fp->f_data; 705 if (ks->ks_flags & KS_ANONYMOUS) { 706 fdrop(fp, td); 707 return (EINVAL); 708 } 709 error = kern_close(td, uap->id); 710 fdrop(fp, td); 711 return (error); 712 } 713 714 #ifndef _SYS_SYSPROTO_H_ 715 struct ksem_post_args { 716 semid_t id; 717 }; 718 #endif 719 int 720 sys_ksem_post(struct thread *td, struct ksem_post_args *uap) 721 { 722 cap_rights_t rights; 723 struct file *fp; 724 struct ksem *ks; 725 int error; 726 727 AUDIT_ARG_FD(uap->id); 728 error = ksem_get(td, uap->id, 729 cap_rights_init(&rights, CAP_SEM_POST), &fp); 730 if (error) 731 return (error); 732 ks = fp->f_data; 733 734 mtx_lock(&sem_lock); 735 #ifdef MAC 736 error = mac_posixsem_check_post(td->td_ucred, fp->f_cred, ks); 737 if (error) 738 goto err; 739 #endif 740 if (ks->ks_value == SEM_VALUE_MAX) { 741 error = EOVERFLOW; 742 goto err; 743 } 744 ++ks->ks_value; 745 if (ks->ks_waiters > 0) 746 cv_signal(&ks->ks_cv); 747 error = 0; 748 vfs_timestamp(&ks->ks_ctime); 749 err: 750 mtx_unlock(&sem_lock); 751 fdrop(fp, td); 752 return (error); 753 } 754 755 #ifndef _SYS_SYSPROTO_H_ 756 struct ksem_wait_args { 757 semid_t id; 758 }; 759 #endif 760 int 761 sys_ksem_wait(struct thread *td, struct ksem_wait_args *uap) 762 { 763 764 return (kern_sem_wait(td, uap->id, 0, NULL)); 765 } 766 767 #ifndef _SYS_SYSPROTO_H_ 768 struct ksem_timedwait_args { 769 semid_t id; 770 const struct timespec *abstime; 771 }; 772 #endif 773 int 774 sys_ksem_timedwait(struct thread *td, struct ksem_timedwait_args *uap) 775 { 776 struct timespec abstime; 777 struct timespec *ts; 778 int error; 779 780 /* 781 * We allow a null timespec (wait forever). 782 */ 783 if (uap->abstime == NULL) 784 ts = NULL; 785 else { 786 error = copyin(uap->abstime, &abstime, sizeof(abstime)); 787 if (error != 0) 788 return (error); 789 if (abstime.tv_nsec >= 1000000000 || abstime.tv_nsec < 0) 790 return (EINVAL); 791 ts = &abstime; 792 } 793 return (kern_sem_wait(td, uap->id, 0, ts)); 794 } 795 796 #ifndef _SYS_SYSPROTO_H_ 797 struct ksem_trywait_args { 798 semid_t id; 799 }; 800 #endif 801 int 802 sys_ksem_trywait(struct thread *td, struct ksem_trywait_args *uap) 803 { 804 805 return (kern_sem_wait(td, uap->id, 1, NULL)); 806 } 807 808 static int 809 kern_sem_wait(struct thread *td, semid_t id, int tryflag, 810 struct timespec *abstime) 811 { 812 struct timespec ts1, ts2; 813 struct timeval tv; 814 cap_rights_t rights; 815 struct file *fp; 816 struct ksem *ks; 817 int error; 818 819 DP((">>> kern_sem_wait entered! pid=%d\n", (int)td->td_proc->p_pid)); 820 AUDIT_ARG_FD(id); 821 error = ksem_get(td, id, cap_rights_init(&rights, CAP_SEM_WAIT), &fp); 822 if (error) 823 return (error); 824 ks = fp->f_data; 825 mtx_lock(&sem_lock); 826 DP((">>> kern_sem_wait critical section entered! pid=%d\n", 827 (int)td->td_proc->p_pid)); 828 #ifdef MAC 829 error = mac_posixsem_check_wait(td->td_ucred, fp->f_cred, ks); 830 if (error) { 831 DP(("kern_sem_wait mac failed\n")); 832 goto err; 833 } 834 #endif 835 DP(("kern_sem_wait value = %d, tryflag %d\n", ks->ks_value, tryflag)); 836 vfs_timestamp(&ks->ks_atime); 837 while (ks->ks_value == 0) { 838 ks->ks_waiters++; 839 if (tryflag != 0) 840 error = EAGAIN; 841 else if (abstime == NULL) 842 error = cv_wait_sig(&ks->ks_cv, &sem_lock); 843 else { 844 for (;;) { 845 ts1 = *abstime; 846 getnanotime(&ts2); 847 timespecsub(&ts1, &ts2); 848 TIMESPEC_TO_TIMEVAL(&tv, &ts1); 849 if (tv.tv_sec < 0) { 850 error = ETIMEDOUT; 851 break; 852 } 853 error = cv_timedwait_sig(&ks->ks_cv, 854 &sem_lock, tvtohz(&tv)); 855 if (error != EWOULDBLOCK) 856 break; 857 } 858 } 859 ks->ks_waiters--; 860 if (error) 861 goto err; 862 } 863 ks->ks_value--; 864 DP(("kern_sem_wait value post-decrement = %d\n", ks->ks_value)); 865 error = 0; 866 err: 867 mtx_unlock(&sem_lock); 868 fdrop(fp, td); 869 DP(("<<< kern_sem_wait leaving, pid=%d, error = %d\n", 870 (int)td->td_proc->p_pid, error)); 871 return (error); 872 } 873 874 #ifndef _SYS_SYSPROTO_H_ 875 struct ksem_getvalue_args { 876 semid_t id; 877 int *val; 878 }; 879 #endif 880 int 881 sys_ksem_getvalue(struct thread *td, struct ksem_getvalue_args *uap) 882 { 883 cap_rights_t rights; 884 struct file *fp; 885 struct ksem *ks; 886 int error, val; 887 888 AUDIT_ARG_FD(uap->id); 889 error = ksem_get(td, uap->id, 890 cap_rights_init(&rights, CAP_SEM_GETVALUE), &fp); 891 if (error) 892 return (error); 893 ks = fp->f_data; 894 895 mtx_lock(&sem_lock); 896 #ifdef MAC 897 error = mac_posixsem_check_getvalue(td->td_ucred, fp->f_cred, ks); 898 if (error) { 899 mtx_unlock(&sem_lock); 900 fdrop(fp, td); 901 return (error); 902 } 903 #endif 904 val = ks->ks_value; 905 vfs_timestamp(&ks->ks_atime); 906 mtx_unlock(&sem_lock); 907 fdrop(fp, td); 908 error = copyout(&val, uap->val, sizeof(val)); 909 return (error); 910 } 911 912 #ifndef _SYS_SYSPROTO_H_ 913 struct ksem_destroy_args { 914 semid_t id; 915 }; 916 #endif 917 int 918 sys_ksem_destroy(struct thread *td, struct ksem_destroy_args *uap) 919 { 920 cap_rights_t rights; 921 struct file *fp; 922 struct ksem *ks; 923 int error; 924 925 /* No capability rights required to close a semaphore. */ 926 AUDIT_ARG_FD(uap->id); 927 error = ksem_get(td, uap->id, cap_rights_init(&rights), &fp); 928 if (error) 929 return (error); 930 ks = fp->f_data; 931 if (!(ks->ks_flags & KS_ANONYMOUS)) { 932 fdrop(fp, td); 933 return (EINVAL); 934 } 935 mtx_lock(&sem_lock); 936 if (ks->ks_waiters != 0) { 937 mtx_unlock(&sem_lock); 938 error = EBUSY; 939 goto err; 940 } 941 ks->ks_flags |= KS_DEAD; 942 mtx_unlock(&sem_lock); 943 944 error = kern_close(td, uap->id); 945 err: 946 fdrop(fp, td); 947 return (error); 948 } 949 950 static struct syscall_helper_data ksem_syscalls[] = { 951 SYSCALL_INIT_HELPER(ksem_init), 952 SYSCALL_INIT_HELPER(ksem_open), 953 SYSCALL_INIT_HELPER(ksem_unlink), 954 SYSCALL_INIT_HELPER(ksem_close), 955 SYSCALL_INIT_HELPER(ksem_post), 956 SYSCALL_INIT_HELPER(ksem_wait), 957 SYSCALL_INIT_HELPER(ksem_timedwait), 958 SYSCALL_INIT_HELPER(ksem_trywait), 959 SYSCALL_INIT_HELPER(ksem_getvalue), 960 SYSCALL_INIT_HELPER(ksem_destroy), 961 SYSCALL_INIT_LAST 962 }; 963 964 #ifdef COMPAT_FREEBSD32 965 #include <compat/freebsd32/freebsd32.h> 966 #include <compat/freebsd32/freebsd32_proto.h> 967 #include <compat/freebsd32/freebsd32_signal.h> 968 #include <compat/freebsd32/freebsd32_syscall.h> 969 #include <compat/freebsd32/freebsd32_util.h> 970 971 int 972 freebsd32_ksem_init(struct thread *td, struct freebsd32_ksem_init_args *uap) 973 { 974 975 return (ksem_create(td, NULL, uap->idp, S_IRWXU | S_IRWXG, uap->value, 976 0, 1)); 977 } 978 979 int 980 freebsd32_ksem_open(struct thread *td, struct freebsd32_ksem_open_args *uap) 981 { 982 983 if ((uap->oflag & ~(O_CREAT | O_EXCL)) != 0) 984 return (EINVAL); 985 return (ksem_create(td, uap->name, uap->idp, uap->mode, uap->value, 986 uap->oflag, 1)); 987 } 988 989 int 990 freebsd32_ksem_timedwait(struct thread *td, 991 struct freebsd32_ksem_timedwait_args *uap) 992 { 993 struct timespec32 abstime32; 994 struct timespec *ts, abstime; 995 int error; 996 997 /* 998 * We allow a null timespec (wait forever). 999 */ 1000 if (uap->abstime == NULL) 1001 ts = NULL; 1002 else { 1003 error = copyin(uap->abstime, &abstime32, sizeof(abstime32)); 1004 if (error != 0) 1005 return (error); 1006 CP(abstime32, abstime, tv_sec); 1007 CP(abstime32, abstime, tv_nsec); 1008 if (abstime.tv_nsec >= 1000000000 || abstime.tv_nsec < 0) 1009 return (EINVAL); 1010 ts = &abstime; 1011 } 1012 return (kern_sem_wait(td, uap->id, 0, ts)); 1013 } 1014 1015 static struct syscall_helper_data ksem32_syscalls[] = { 1016 SYSCALL32_INIT_HELPER(freebsd32_ksem_init), 1017 SYSCALL32_INIT_HELPER(freebsd32_ksem_open), 1018 SYSCALL32_INIT_HELPER_COMPAT(ksem_unlink), 1019 SYSCALL32_INIT_HELPER_COMPAT(ksem_close), 1020 SYSCALL32_INIT_HELPER_COMPAT(ksem_post), 1021 SYSCALL32_INIT_HELPER_COMPAT(ksem_wait), 1022 SYSCALL32_INIT_HELPER(freebsd32_ksem_timedwait), 1023 SYSCALL32_INIT_HELPER_COMPAT(ksem_trywait), 1024 SYSCALL32_INIT_HELPER_COMPAT(ksem_getvalue), 1025 SYSCALL32_INIT_HELPER_COMPAT(ksem_destroy), 1026 SYSCALL_INIT_LAST 1027 }; 1028 #endif 1029 1030 static int 1031 ksem_module_init(void) 1032 { 1033 int error; 1034 1035 mtx_init(&sem_lock, "sem", NULL, MTX_DEF); 1036 mtx_init(&ksem_count_lock, "ksem count", NULL, MTX_DEF); 1037 sx_init(&ksem_dict_lock, "ksem dictionary"); 1038 ksem_dictionary = hashinit(1024, M_KSEM, &ksem_hash); 1039 p31b_setcfg(CTL_P1003_1B_SEMAPHORES, 200112L); 1040 p31b_setcfg(CTL_P1003_1B_SEM_NSEMS_MAX, SEM_MAX); 1041 p31b_setcfg(CTL_P1003_1B_SEM_VALUE_MAX, SEM_VALUE_MAX); 1042 1043 error = syscall_helper_register(ksem_syscalls, SY_THR_STATIC_KLD); 1044 if (error) 1045 return (error); 1046 #ifdef COMPAT_FREEBSD32 1047 error = syscall32_helper_register(ksem32_syscalls, SY_THR_STATIC_KLD); 1048 if (error) 1049 return (error); 1050 #endif 1051 return (0); 1052 } 1053 1054 static void 1055 ksem_module_destroy(void) 1056 { 1057 1058 #ifdef COMPAT_FREEBSD32 1059 syscall32_helper_unregister(ksem32_syscalls); 1060 #endif 1061 syscall_helper_unregister(ksem_syscalls); 1062 1063 p31b_setcfg(CTL_P1003_1B_SEMAPHORES, 0); 1064 hashdestroy(ksem_dictionary, M_KSEM, ksem_hash); 1065 sx_destroy(&ksem_dict_lock); 1066 mtx_destroy(&ksem_count_lock); 1067 mtx_destroy(&sem_lock); 1068 p31b_unsetcfg(CTL_P1003_1B_SEM_VALUE_MAX); 1069 p31b_unsetcfg(CTL_P1003_1B_SEM_NSEMS_MAX); 1070 } 1071 1072 static int 1073 sem_modload(struct module *module, int cmd, void *arg) 1074 { 1075 int error = 0; 1076 1077 switch (cmd) { 1078 case MOD_LOAD: 1079 error = ksem_module_init(); 1080 if (error) 1081 ksem_module_destroy(); 1082 break; 1083 1084 case MOD_UNLOAD: 1085 mtx_lock(&ksem_count_lock); 1086 if (nsems != 0) { 1087 error = EOPNOTSUPP; 1088 mtx_unlock(&ksem_count_lock); 1089 break; 1090 } 1091 ksem_dead = 1; 1092 mtx_unlock(&ksem_count_lock); 1093 ksem_module_destroy(); 1094 break; 1095 1096 case MOD_SHUTDOWN: 1097 break; 1098 default: 1099 error = EINVAL; 1100 break; 1101 } 1102 return (error); 1103 } 1104 1105 static moduledata_t sem_mod = { 1106 "sem", 1107 &sem_modload, 1108 NULL 1109 }; 1110 1111 DECLARE_MODULE(sem, sem_mod, SI_SUB_SYSV_SEM, SI_ORDER_FIRST); 1112 MODULE_VERSION(sem, 1); 1113