1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2002 Alfred Perlstein <alfred@FreeBSD.org> 5 * Copyright (c) 2003-2005 SPARTA, Inc. 6 * Copyright (c) 2005, 2016-2017 Robert N. M. Watson 7 * All rights reserved. 8 * 9 * This software was developed for the FreeBSD Project in part by Network 10 * Associates Laboratories, the Security Research Division of Network 11 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 12 * as part of the DARPA CHATS research program. 13 * 14 * Portions of this software were developed by BAE Systems, the University of 15 * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL 16 * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent 17 * Computing (TC) research program. 18 * 19 * Redistribution and use in source and binary forms, with or without 20 * modification, are permitted provided that the following conditions 21 * are met: 22 * 1. Redistributions of source code must retain the above copyright 23 * notice, this list of conditions and the following disclaimer. 24 * 2. Redistributions in binary form must reproduce the above copyright 25 * notice, this list of conditions and the following disclaimer in the 26 * documentation and/or other materials provided with the distribution. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 */ 40 41 #include <sys/cdefs.h> 42 #include "opt_posix.h" 43 44 #include <sys/param.h> 45 #include <sys/capsicum.h> 46 #include <sys/condvar.h> 47 #include <sys/fcntl.h> 48 #include <sys/file.h> 49 #include <sys/filedesc.h> 50 #include <sys/fnv_hash.h> 51 #include <sys/jail.h> 52 #include <sys/kernel.h> 53 #include <sys/ksem.h> 54 #include <sys/lock.h> 55 #include <sys/malloc.h> 56 #include <sys/module.h> 57 #include <sys/mutex.h> 58 #include <sys/priv.h> 59 #include <sys/proc.h> 60 #include <sys/posix4.h> 61 #include <sys/_semaphore.h> 62 #include <sys/stat.h> 63 #include <sys/syscall.h> 64 #include <sys/syscallsubr.h> 65 #include <sys/sysctl.h> 66 #include <sys/sysent.h> 67 #include <sys/sysproto.h> 68 #include <sys/systm.h> 69 #include <sys/sx.h> 70 #include <sys/user.h> 71 #include <sys/vnode.h> 72 73 #include <security/audit/audit.h> 74 #include <security/mac/mac_framework.h> 75 76 FEATURE(p1003_1b_semaphores, "POSIX P1003.1B semaphores support"); 77 /* 78 * TODO 79 * 80 * - Resource limits? 81 * - Replace global sem_lock with mtx_pool locks? 82 * - Add a MAC check_create() hook for creating new named semaphores. 83 */ 84 85 #ifndef SEM_MAX 86 #define SEM_MAX 30 87 #endif 88 89 #ifdef SEM_DEBUG 90 #define DP(x) printf x 91 #else 92 #define DP(x) 93 #endif 94 95 struct ksem_mapping { 96 char *km_path; 97 Fnv32_t km_fnv; 98 struct ksem *km_ksem; 99 LIST_ENTRY(ksem_mapping) km_link; 100 }; 101 102 static MALLOC_DEFINE(M_KSEM, "ksem", "semaphore file descriptor"); 103 static LIST_HEAD(, ksem_mapping) *ksem_dictionary; 104 static struct sx ksem_dict_lock; 105 static struct mtx ksem_count_lock; 106 static struct mtx sem_lock; 107 static u_long ksem_hash; 108 static int ksem_dead; 109 110 #define KSEM_HASH(fnv) (&ksem_dictionary[(fnv) & ksem_hash]) 111 112 static int nsems = 0; 113 SYSCTL_DECL(_p1003_1b); 114 SYSCTL_INT(_p1003_1b, OID_AUTO, nsems, CTLFLAG_RD, &nsems, 0, 115 "Number of active kernel POSIX semaphores"); 116 117 static int kern_sem_wait(struct thread *td, semid_t id, int tryflag, 118 struct timespec *abstime); 119 static int ksem_access(struct ksem *ks, struct ucred *ucred); 120 static struct ksem *ksem_alloc(struct ucred *ucred, mode_t mode, 121 unsigned int value); 122 static int ksem_create(struct thread *td, const char *path, 123 semid_t *semidp, mode_t mode, unsigned int value, 124 int flags, int compat32); 125 static void ksem_drop(struct ksem *ks); 126 static int ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, 127 struct file **fpp); 128 static struct ksem *ksem_hold(struct ksem *ks); 129 static void ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks); 130 static struct ksem *ksem_lookup(char *path, Fnv32_t fnv); 131 static void ksem_module_destroy(void); 132 static int ksem_module_init(void); 133 static int ksem_remove(char *path, Fnv32_t fnv, struct ucred *ucred); 134 static int sem_modload(struct module *module, int cmd, void *arg); 135 136 static fo_stat_t ksem_stat; 137 static fo_close_t ksem_closef; 138 static fo_chmod_t ksem_chmod; 139 static fo_chown_t ksem_chown; 140 static fo_fill_kinfo_t ksem_fill_kinfo; 141 142 /* File descriptor operations. */ 143 static struct fileops ksem_ops = { 144 .fo_read = invfo_rdwr, 145 .fo_write = invfo_rdwr, 146 .fo_truncate = invfo_truncate, 147 .fo_ioctl = invfo_ioctl, 148 .fo_poll = invfo_poll, 149 .fo_kqfilter = invfo_kqfilter, 150 .fo_stat = ksem_stat, 151 .fo_close = ksem_closef, 152 .fo_chmod = ksem_chmod, 153 .fo_chown = ksem_chown, 154 .fo_sendfile = invfo_sendfile, 155 .fo_fill_kinfo = ksem_fill_kinfo, 156 .fo_flags = DFLAG_PASSABLE 157 }; 158 159 FEATURE(posix_sem, "POSIX semaphores"); 160 161 static int 162 ksem_stat(struct file *fp, struct stat *sb, struct ucred *active_cred) 163 { 164 struct ksem *ks; 165 #ifdef MAC 166 int error; 167 #endif 168 169 ks = fp->f_data; 170 171 #ifdef MAC 172 error = mac_posixsem_check_stat(active_cred, fp->f_cred, ks); 173 if (error) 174 return (error); 175 #endif 176 177 /* 178 * Attempt to return sanish values for fstat() on a semaphore 179 * file descriptor. 180 */ 181 bzero(sb, sizeof(*sb)); 182 183 mtx_lock(&sem_lock); 184 sb->st_atim = ks->ks_atime; 185 sb->st_ctim = ks->ks_ctime; 186 sb->st_mtim = ks->ks_mtime; 187 sb->st_birthtim = ks->ks_birthtime; 188 sb->st_uid = ks->ks_uid; 189 sb->st_gid = ks->ks_gid; 190 sb->st_mode = S_IFREG | ks->ks_mode; /* XXX */ 191 mtx_unlock(&sem_lock); 192 193 return (0); 194 } 195 196 static int 197 ksem_chmod(struct file *fp, mode_t mode, struct ucred *active_cred, 198 struct thread *td) 199 { 200 struct ksem *ks; 201 int error; 202 203 error = 0; 204 ks = fp->f_data; 205 mtx_lock(&sem_lock); 206 #ifdef MAC 207 error = mac_posixsem_check_setmode(active_cred, ks, mode); 208 if (error != 0) 209 goto out; 210 #endif 211 error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid, VADMIN, 212 active_cred); 213 if (error != 0) 214 goto out; 215 ks->ks_mode = mode & ACCESSPERMS; 216 out: 217 mtx_unlock(&sem_lock); 218 return (error); 219 } 220 221 static int 222 ksem_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred, 223 struct thread *td) 224 { 225 struct ksem *ks; 226 int error; 227 228 error = 0; 229 ks = fp->f_data; 230 mtx_lock(&sem_lock); 231 #ifdef MAC 232 error = mac_posixsem_check_setowner(active_cred, ks, uid, gid); 233 if (error != 0) 234 goto out; 235 #endif 236 if (uid == (uid_t)-1) 237 uid = ks->ks_uid; 238 if (gid == (gid_t)-1) 239 gid = ks->ks_gid; 240 if (((uid != ks->ks_uid && uid != active_cred->cr_uid) || 241 (gid != ks->ks_gid && !groupmember(gid, active_cred))) && 242 (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN))) 243 goto out; 244 ks->ks_uid = uid; 245 ks->ks_gid = gid; 246 out: 247 mtx_unlock(&sem_lock); 248 return (error); 249 } 250 251 static int 252 ksem_closef(struct file *fp, struct thread *td) 253 { 254 struct ksem *ks; 255 256 ks = fp->f_data; 257 fp->f_data = NULL; 258 ksem_drop(ks); 259 260 return (0); 261 } 262 263 static int 264 ksem_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp) 265 { 266 const char *path, *pr_path; 267 struct ksem *ks; 268 size_t pr_pathlen; 269 270 kif->kf_type = KF_TYPE_SEM; 271 ks = fp->f_data; 272 mtx_lock(&sem_lock); 273 kif->kf_un.kf_sem.kf_sem_value = ks->ks_value; 274 kif->kf_un.kf_sem.kf_sem_mode = S_IFREG | ks->ks_mode; /* XXX */ 275 mtx_unlock(&sem_lock); 276 if (ks->ks_path != NULL) { 277 sx_slock(&ksem_dict_lock); 278 if (ks->ks_path != NULL) { 279 path = ks->ks_path; 280 pr_path = curthread->td_ucred->cr_prison->pr_path; 281 if (strcmp(pr_path, "/") != 0) { 282 /* Return the jail-rooted pathname. */ 283 pr_pathlen = strlen(pr_path); 284 if (strncmp(path, pr_path, pr_pathlen) == 0 && 285 path[pr_pathlen] == '/') 286 path += pr_pathlen; 287 } 288 strlcpy(kif->kf_path, path, sizeof(kif->kf_path)); 289 } 290 sx_sunlock(&ksem_dict_lock); 291 } 292 return (0); 293 } 294 295 /* 296 * ksem object management including creation and reference counting 297 * routines. 298 */ 299 static struct ksem * 300 ksem_alloc(struct ucred *ucred, mode_t mode, unsigned int value) 301 { 302 struct ksem *ks; 303 304 mtx_lock(&ksem_count_lock); 305 if (nsems == p31b_getcfg(CTL_P1003_1B_SEM_NSEMS_MAX) || ksem_dead) { 306 mtx_unlock(&ksem_count_lock); 307 return (NULL); 308 } 309 nsems++; 310 mtx_unlock(&ksem_count_lock); 311 ks = malloc(sizeof(*ks), M_KSEM, M_WAITOK | M_ZERO); 312 ks->ks_uid = ucred->cr_uid; 313 ks->ks_gid = ucred->cr_gid; 314 ks->ks_mode = mode; 315 ks->ks_value = value; 316 cv_init(&ks->ks_cv, "ksem"); 317 vfs_timestamp(&ks->ks_birthtime); 318 ks->ks_atime = ks->ks_mtime = ks->ks_ctime = ks->ks_birthtime; 319 refcount_init(&ks->ks_ref, 1); 320 #ifdef MAC 321 mac_posixsem_init(ks); 322 mac_posixsem_create(ucred, ks); 323 #endif 324 325 return (ks); 326 } 327 328 static struct ksem * 329 ksem_hold(struct ksem *ks) 330 { 331 332 refcount_acquire(&ks->ks_ref); 333 return (ks); 334 } 335 336 static void 337 ksem_drop(struct ksem *ks) 338 { 339 340 if (refcount_release(&ks->ks_ref)) { 341 #ifdef MAC 342 mac_posixsem_destroy(ks); 343 #endif 344 cv_destroy(&ks->ks_cv); 345 free(ks, M_KSEM); 346 mtx_lock(&ksem_count_lock); 347 nsems--; 348 mtx_unlock(&ksem_count_lock); 349 } 350 } 351 352 /* 353 * Determine if the credentials have sufficient permissions for read 354 * and write access. 355 */ 356 static int 357 ksem_access(struct ksem *ks, struct ucred *ucred) 358 { 359 int error; 360 361 error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid, 362 VREAD | VWRITE, ucred); 363 if (error) 364 error = priv_check_cred(ucred, PRIV_SEM_WRITE); 365 return (error); 366 } 367 368 /* 369 * Dictionary management. We maintain an in-kernel dictionary to map 370 * paths to semaphore objects. We use the FNV hash on the path to 371 * store the mappings in a hash table. 372 */ 373 static struct ksem * 374 ksem_lookup(char *path, Fnv32_t fnv) 375 { 376 struct ksem_mapping *map; 377 378 LIST_FOREACH(map, KSEM_HASH(fnv), km_link) { 379 if (map->km_fnv != fnv) 380 continue; 381 if (strcmp(map->km_path, path) == 0) 382 return (map->km_ksem); 383 } 384 385 return (NULL); 386 } 387 388 static void 389 ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks) 390 { 391 struct ksem_mapping *map; 392 393 map = malloc(sizeof(struct ksem_mapping), M_KSEM, M_WAITOK); 394 map->km_path = path; 395 map->km_fnv = fnv; 396 map->km_ksem = ksem_hold(ks); 397 ks->ks_path = path; 398 LIST_INSERT_HEAD(KSEM_HASH(fnv), map, km_link); 399 } 400 401 static int 402 ksem_remove(char *path, Fnv32_t fnv, struct ucred *ucred) 403 { 404 struct ksem_mapping *map; 405 int error; 406 407 LIST_FOREACH(map, KSEM_HASH(fnv), km_link) { 408 if (map->km_fnv != fnv) 409 continue; 410 if (strcmp(map->km_path, path) == 0) { 411 #ifdef MAC 412 error = mac_posixsem_check_unlink(ucred, map->km_ksem); 413 if (error) 414 return (error); 415 #endif 416 error = ksem_access(map->km_ksem, ucred); 417 if (error) 418 return (error); 419 map->km_ksem->ks_path = NULL; 420 LIST_REMOVE(map, km_link); 421 ksem_drop(map->km_ksem); 422 free(map->km_path, M_KSEM); 423 free(map, M_KSEM); 424 return (0); 425 } 426 } 427 428 return (ENOENT); 429 } 430 431 static int 432 ksem_create_copyout_semid(struct thread *td, semid_t *semidp, int fd, 433 int compat32) 434 { 435 semid_t semid; 436 #ifdef COMPAT_FREEBSD32 437 int32_t semid32; 438 #endif 439 void *ptr; 440 size_t ptrs; 441 442 #ifdef COMPAT_FREEBSD32 443 if (compat32) { 444 semid32 = fd; 445 ptr = &semid32; 446 ptrs = sizeof(semid32); 447 } else { 448 #endif 449 semid = fd; 450 ptr = &semid; 451 ptrs = sizeof(semid); 452 compat32 = 0; /* silence gcc */ 453 #ifdef COMPAT_FREEBSD32 454 } 455 #endif 456 457 return (copyout(ptr, semidp, ptrs)); 458 } 459 460 /* Other helper routines. */ 461 static int 462 ksem_create(struct thread *td, const char *name, semid_t *semidp, mode_t mode, 463 unsigned int value, int flags, int compat32) 464 { 465 struct pwddesc *pdp; 466 struct ksem *ks; 467 struct file *fp; 468 char *path; 469 const char *pr_path; 470 size_t pr_pathlen; 471 Fnv32_t fnv; 472 int error, fd; 473 474 AUDIT_ARG_FFLAGS(flags); 475 AUDIT_ARG_MODE(mode); 476 AUDIT_ARG_VALUE(value); 477 478 if (value > SEM_VALUE_MAX) 479 return (EINVAL); 480 481 pdp = td->td_proc->p_pd; 482 mode = (mode & ~pdp->pd_cmask) & ACCESSPERMS; 483 error = falloc(td, &fp, &fd, O_CLOEXEC); 484 if (error) { 485 if (name == NULL) 486 error = ENOSPC; 487 return (error); 488 } 489 490 /* 491 * Go ahead and copyout the file descriptor now. This is a bit 492 * premature, but it is a lot easier to handle errors as opposed 493 * to later when we've possibly created a new semaphore, etc. 494 */ 495 error = ksem_create_copyout_semid(td, semidp, fd, compat32); 496 if (error) { 497 fdclose(td, fp, fd); 498 fdrop(fp, td); 499 return (error); 500 } 501 502 if (name == NULL) { 503 /* Create an anonymous semaphore. */ 504 ks = ksem_alloc(td->td_ucred, mode, value); 505 if (ks == NULL) 506 error = ENOSPC; 507 else 508 ks->ks_flags |= KS_ANONYMOUS; 509 } else { 510 path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK); 511 pr_path = td->td_ucred->cr_prison->pr_path; 512 513 /* Construct a full pathname for jailed callers. */ 514 pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 515 : strlcpy(path, pr_path, MAXPATHLEN); 516 error = copyinstr(name, path + pr_pathlen, 517 MAXPATHLEN - pr_pathlen, NULL); 518 519 /* Require paths to start with a '/' character. */ 520 if (error == 0 && path[pr_pathlen] != '/') 521 error = EINVAL; 522 if (error) { 523 fdclose(td, fp, fd); 524 fdrop(fp, td); 525 free(path, M_KSEM); 526 return (error); 527 } 528 529 AUDIT_ARG_UPATH1_CANON(path); 530 fnv = fnv_32_str(path, FNV1_32_INIT); 531 sx_xlock(&ksem_dict_lock); 532 ks = ksem_lookup(path, fnv); 533 if (ks == NULL) { 534 /* Object does not exist, create it if requested. */ 535 if (flags & O_CREAT) { 536 ks = ksem_alloc(td->td_ucred, mode, value); 537 if (ks == NULL) 538 error = ENFILE; 539 else { 540 ksem_insert(path, fnv, ks); 541 path = NULL; 542 } 543 } else 544 error = ENOENT; 545 } else { 546 /* 547 * Object already exists, obtain a new 548 * reference if requested and permitted. 549 */ 550 if ((flags & (O_CREAT | O_EXCL)) == 551 (O_CREAT | O_EXCL)) 552 error = EEXIST; 553 else { 554 #ifdef MAC 555 error = mac_posixsem_check_open(td->td_ucred, 556 ks); 557 if (error == 0) 558 #endif 559 error = ksem_access(ks, td->td_ucred); 560 } 561 if (error == 0) 562 ksem_hold(ks); 563 #ifdef INVARIANTS 564 else 565 ks = NULL; 566 #endif 567 } 568 sx_xunlock(&ksem_dict_lock); 569 if (path) 570 free(path, M_KSEM); 571 } 572 573 if (error) { 574 KASSERT(ks == NULL, ("ksem_create error with a ksem")); 575 fdclose(td, fp, fd); 576 fdrop(fp, td); 577 return (error); 578 } 579 KASSERT(ks != NULL, ("ksem_create w/o a ksem")); 580 581 finit(fp, FREAD | FWRITE, DTYPE_SEM, ks, &ksem_ops); 582 583 fdrop(fp, td); 584 585 return (0); 586 } 587 588 static int 589 ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, 590 struct file **fpp) 591 { 592 struct ksem *ks; 593 struct file *fp; 594 int error; 595 596 error = fget(td, id, rightsp, &fp); 597 if (error) 598 return (EINVAL); 599 if (fp->f_type != DTYPE_SEM) { 600 fdrop(fp, td); 601 return (EINVAL); 602 } 603 ks = fp->f_data; 604 if (ks->ks_flags & KS_DEAD) { 605 fdrop(fp, td); 606 return (EINVAL); 607 } 608 *fpp = fp; 609 return (0); 610 } 611 612 /* System calls. */ 613 #ifndef _SYS_SYSPROTO_H_ 614 struct ksem_init_args { 615 unsigned int value; 616 semid_t *idp; 617 }; 618 #endif 619 int 620 sys_ksem_init(struct thread *td, struct ksem_init_args *uap) 621 { 622 623 return (ksem_create(td, NULL, uap->idp, S_IRWXU | S_IRWXG, uap->value, 624 0, 0)); 625 } 626 627 #ifndef _SYS_SYSPROTO_H_ 628 struct ksem_open_args { 629 char *name; 630 int oflag; 631 mode_t mode; 632 unsigned int value; 633 semid_t *idp; 634 }; 635 #endif 636 int 637 sys_ksem_open(struct thread *td, struct ksem_open_args *uap) 638 { 639 640 DP((">>> ksem_open start, pid=%d\n", (int)td->td_proc->p_pid)); 641 642 if ((uap->oflag & ~(O_CREAT | O_EXCL)) != 0) 643 return (EINVAL); 644 return (ksem_create(td, uap->name, uap->idp, uap->mode, uap->value, 645 uap->oflag, 0)); 646 } 647 648 #ifndef _SYS_SYSPROTO_H_ 649 struct ksem_unlink_args { 650 char *name; 651 }; 652 #endif 653 int 654 sys_ksem_unlink(struct thread *td, struct ksem_unlink_args *uap) 655 { 656 char *path; 657 const char *pr_path; 658 size_t pr_pathlen; 659 Fnv32_t fnv; 660 int error; 661 662 path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); 663 pr_path = td->td_ucred->cr_prison->pr_path; 664 pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 665 : strlcpy(path, pr_path, MAXPATHLEN); 666 error = copyinstr(uap->name, path + pr_pathlen, MAXPATHLEN - pr_pathlen, 667 NULL); 668 if (error) { 669 free(path, M_TEMP); 670 return (error); 671 } 672 673 AUDIT_ARG_UPATH1_CANON(path); 674 fnv = fnv_32_str(path, FNV1_32_INIT); 675 sx_xlock(&ksem_dict_lock); 676 error = ksem_remove(path, fnv, td->td_ucred); 677 sx_xunlock(&ksem_dict_lock); 678 free(path, M_TEMP); 679 680 return (error); 681 } 682 683 #ifndef _SYS_SYSPROTO_H_ 684 struct ksem_close_args { 685 semid_t id; 686 }; 687 #endif 688 int 689 sys_ksem_close(struct thread *td, struct ksem_close_args *uap) 690 { 691 struct ksem *ks; 692 struct file *fp; 693 int error; 694 695 /* No capability rights required to close a semaphore. */ 696 AUDIT_ARG_FD(uap->id); 697 error = ksem_get(td, uap->id, &cap_no_rights, &fp); 698 if (error) 699 return (error); 700 ks = fp->f_data; 701 if (ks->ks_flags & KS_ANONYMOUS) { 702 fdrop(fp, td); 703 return (EINVAL); 704 } 705 error = kern_close(td, uap->id); 706 fdrop(fp, td); 707 return (error); 708 } 709 710 #ifndef _SYS_SYSPROTO_H_ 711 struct ksem_post_args { 712 semid_t id; 713 }; 714 #endif 715 int 716 sys_ksem_post(struct thread *td, struct ksem_post_args *uap) 717 { 718 cap_rights_t rights; 719 struct file *fp; 720 struct ksem *ks; 721 int error; 722 723 AUDIT_ARG_FD(uap->id); 724 error = ksem_get(td, uap->id, 725 cap_rights_init_one(&rights, CAP_SEM_POST), &fp); 726 if (error) 727 return (error); 728 ks = fp->f_data; 729 730 mtx_lock(&sem_lock); 731 #ifdef MAC 732 error = mac_posixsem_check_post(td->td_ucred, fp->f_cred, ks); 733 if (error) 734 goto err; 735 #endif 736 if (ks->ks_value == SEM_VALUE_MAX) { 737 error = EOVERFLOW; 738 goto err; 739 } 740 ++ks->ks_value; 741 if (ks->ks_waiters > 0) 742 cv_signal(&ks->ks_cv); 743 error = 0; 744 vfs_timestamp(&ks->ks_ctime); 745 err: 746 mtx_unlock(&sem_lock); 747 fdrop(fp, td); 748 return (error); 749 } 750 751 #ifndef _SYS_SYSPROTO_H_ 752 struct ksem_wait_args { 753 semid_t id; 754 }; 755 #endif 756 int 757 sys_ksem_wait(struct thread *td, struct ksem_wait_args *uap) 758 { 759 760 return (kern_sem_wait(td, uap->id, 0, NULL)); 761 } 762 763 #ifndef _SYS_SYSPROTO_H_ 764 struct ksem_timedwait_args { 765 semid_t id; 766 const struct timespec *abstime; 767 }; 768 #endif 769 int 770 sys_ksem_timedwait(struct thread *td, struct ksem_timedwait_args *uap) 771 { 772 struct timespec abstime; 773 struct timespec *ts; 774 int error; 775 776 /* 777 * We allow a null timespec (wait forever). 778 */ 779 if (uap->abstime == NULL) 780 ts = NULL; 781 else { 782 error = copyin(uap->abstime, &abstime, sizeof(abstime)); 783 if (error != 0) 784 return (error); 785 if (abstime.tv_nsec >= 1000000000 || abstime.tv_nsec < 0) 786 return (EINVAL); 787 ts = &abstime; 788 } 789 return (kern_sem_wait(td, uap->id, 0, ts)); 790 } 791 792 #ifndef _SYS_SYSPROTO_H_ 793 struct ksem_trywait_args { 794 semid_t id; 795 }; 796 #endif 797 int 798 sys_ksem_trywait(struct thread *td, struct ksem_trywait_args *uap) 799 { 800 801 return (kern_sem_wait(td, uap->id, 1, NULL)); 802 } 803 804 static int 805 kern_sem_wait(struct thread *td, semid_t id, int tryflag, 806 struct timespec *abstime) 807 { 808 struct timespec ts1, ts2; 809 struct timeval tv; 810 cap_rights_t rights; 811 struct file *fp; 812 struct ksem *ks; 813 int error; 814 815 DP((">>> kern_sem_wait entered! pid=%d\n", (int)td->td_proc->p_pid)); 816 AUDIT_ARG_FD(id); 817 error = ksem_get(td, id, cap_rights_init_one(&rights, CAP_SEM_WAIT), 818 &fp); 819 if (error) 820 return (error); 821 ks = fp->f_data; 822 mtx_lock(&sem_lock); 823 DP((">>> kern_sem_wait critical section entered! pid=%d\n", 824 (int)td->td_proc->p_pid)); 825 #ifdef MAC 826 error = mac_posixsem_check_wait(td->td_ucred, fp->f_cred, ks); 827 if (error) { 828 DP(("kern_sem_wait mac failed\n")); 829 goto err; 830 } 831 #endif 832 DP(("kern_sem_wait value = %d, tryflag %d\n", ks->ks_value, tryflag)); 833 vfs_timestamp(&ks->ks_atime); 834 while (ks->ks_value == 0) { 835 ks->ks_waiters++; 836 if (tryflag != 0) 837 error = EAGAIN; 838 else if (abstime == NULL) 839 error = cv_wait_sig(&ks->ks_cv, &sem_lock); 840 else { 841 for (;;) { 842 ts1 = *abstime; 843 getnanotime(&ts2); 844 timespecsub(&ts1, &ts2, &ts1); 845 TIMESPEC_TO_TIMEVAL(&tv, &ts1); 846 if (tv.tv_sec < 0) { 847 error = ETIMEDOUT; 848 break; 849 } 850 error = cv_timedwait_sig(&ks->ks_cv, 851 &sem_lock, tvtohz(&tv)); 852 if (error != EWOULDBLOCK) 853 break; 854 } 855 } 856 ks->ks_waiters--; 857 if (error) 858 goto err; 859 } 860 ks->ks_value--; 861 DP(("kern_sem_wait value post-decrement = %d\n", ks->ks_value)); 862 error = 0; 863 err: 864 mtx_unlock(&sem_lock); 865 fdrop(fp, td); 866 DP(("<<< kern_sem_wait leaving, pid=%d, error = %d\n", 867 (int)td->td_proc->p_pid, error)); 868 return (error); 869 } 870 871 #ifndef _SYS_SYSPROTO_H_ 872 struct ksem_getvalue_args { 873 semid_t id; 874 int *val; 875 }; 876 #endif 877 int 878 sys_ksem_getvalue(struct thread *td, struct ksem_getvalue_args *uap) 879 { 880 cap_rights_t rights; 881 struct file *fp; 882 struct ksem *ks; 883 int error, val; 884 885 AUDIT_ARG_FD(uap->id); 886 error = ksem_get(td, uap->id, 887 cap_rights_init_one(&rights, CAP_SEM_GETVALUE), &fp); 888 if (error) 889 return (error); 890 ks = fp->f_data; 891 892 mtx_lock(&sem_lock); 893 #ifdef MAC 894 error = mac_posixsem_check_getvalue(td->td_ucred, fp->f_cred, ks); 895 if (error) { 896 mtx_unlock(&sem_lock); 897 fdrop(fp, td); 898 return (error); 899 } 900 #endif 901 val = ks->ks_value; 902 vfs_timestamp(&ks->ks_atime); 903 mtx_unlock(&sem_lock); 904 fdrop(fp, td); 905 error = copyout(&val, uap->val, sizeof(val)); 906 return (error); 907 } 908 909 #ifndef _SYS_SYSPROTO_H_ 910 struct ksem_destroy_args { 911 semid_t id; 912 }; 913 #endif 914 int 915 sys_ksem_destroy(struct thread *td, struct ksem_destroy_args *uap) 916 { 917 struct file *fp; 918 struct ksem *ks; 919 int error; 920 921 /* No capability rights required to close a semaphore. */ 922 AUDIT_ARG_FD(uap->id); 923 error = ksem_get(td, uap->id, &cap_no_rights, &fp); 924 if (error) 925 return (error); 926 ks = fp->f_data; 927 if (!(ks->ks_flags & KS_ANONYMOUS)) { 928 fdrop(fp, td); 929 return (EINVAL); 930 } 931 mtx_lock(&sem_lock); 932 if (ks->ks_waiters != 0) { 933 mtx_unlock(&sem_lock); 934 error = EBUSY; 935 goto err; 936 } 937 ks->ks_flags |= KS_DEAD; 938 mtx_unlock(&sem_lock); 939 940 error = kern_close(td, uap->id); 941 err: 942 fdrop(fp, td); 943 return (error); 944 } 945 946 static struct syscall_helper_data ksem_syscalls[] = { 947 SYSCALL_INIT_HELPER(ksem_init), 948 SYSCALL_INIT_HELPER(ksem_open), 949 SYSCALL_INIT_HELPER(ksem_unlink), 950 SYSCALL_INIT_HELPER(ksem_close), 951 SYSCALL_INIT_HELPER(ksem_post), 952 SYSCALL_INIT_HELPER(ksem_wait), 953 SYSCALL_INIT_HELPER(ksem_timedwait), 954 SYSCALL_INIT_HELPER(ksem_trywait), 955 SYSCALL_INIT_HELPER(ksem_getvalue), 956 SYSCALL_INIT_HELPER(ksem_destroy), 957 SYSCALL_INIT_LAST 958 }; 959 960 #ifdef COMPAT_FREEBSD32 961 #include <compat/freebsd32/freebsd32.h> 962 #include <compat/freebsd32/freebsd32_proto.h> 963 #include <compat/freebsd32/freebsd32_signal.h> 964 #include <compat/freebsd32/freebsd32_syscall.h> 965 #include <compat/freebsd32/freebsd32_util.h> 966 967 int 968 freebsd32_ksem_init(struct thread *td, struct freebsd32_ksem_init_args *uap) 969 { 970 971 return (ksem_create(td, NULL, (semid_t *)uap->idp, S_IRWXU | S_IRWXG, uap->value, 972 0, 1)); 973 } 974 975 int 976 freebsd32_ksem_open(struct thread *td, struct freebsd32_ksem_open_args *uap) 977 { 978 979 if ((uap->oflag & ~(O_CREAT | O_EXCL)) != 0) 980 return (EINVAL); 981 return (ksem_create(td, uap->name, (semid_t *)uap->idp, uap->mode, uap->value, 982 uap->oflag, 1)); 983 } 984 985 int 986 freebsd32_ksem_timedwait(struct thread *td, 987 struct freebsd32_ksem_timedwait_args *uap) 988 { 989 struct timespec32 abstime32; 990 struct timespec *ts, abstime; 991 int error; 992 993 /* 994 * We allow a null timespec (wait forever). 995 */ 996 if (uap->abstime == NULL) 997 ts = NULL; 998 else { 999 error = copyin(uap->abstime, &abstime32, sizeof(abstime32)); 1000 if (error != 0) 1001 return (error); 1002 CP(abstime32, abstime, tv_sec); 1003 CP(abstime32, abstime, tv_nsec); 1004 if (abstime.tv_nsec >= 1000000000 || abstime.tv_nsec < 0) 1005 return (EINVAL); 1006 ts = &abstime; 1007 } 1008 return (kern_sem_wait(td, uap->id, 0, ts)); 1009 } 1010 1011 static struct syscall_helper_data ksem32_syscalls[] = { 1012 SYSCALL32_INIT_HELPER(freebsd32_ksem_init), 1013 SYSCALL32_INIT_HELPER(freebsd32_ksem_open), 1014 SYSCALL32_INIT_HELPER_COMPAT(ksem_unlink), 1015 SYSCALL32_INIT_HELPER_COMPAT(ksem_close), 1016 SYSCALL32_INIT_HELPER_COMPAT(ksem_post), 1017 SYSCALL32_INIT_HELPER_COMPAT(ksem_wait), 1018 SYSCALL32_INIT_HELPER(freebsd32_ksem_timedwait), 1019 SYSCALL32_INIT_HELPER_COMPAT(ksem_trywait), 1020 SYSCALL32_INIT_HELPER_COMPAT(ksem_getvalue), 1021 SYSCALL32_INIT_HELPER_COMPAT(ksem_destroy), 1022 SYSCALL_INIT_LAST 1023 }; 1024 #endif 1025 1026 static int 1027 ksem_module_init(void) 1028 { 1029 int error; 1030 1031 mtx_init(&sem_lock, "sem", NULL, MTX_DEF); 1032 mtx_init(&ksem_count_lock, "ksem count", NULL, MTX_DEF); 1033 sx_init(&ksem_dict_lock, "ksem dictionary"); 1034 ksem_dictionary = hashinit(1024, M_KSEM, &ksem_hash); 1035 p31b_setcfg(CTL_P1003_1B_SEMAPHORES, 200112L); 1036 p31b_setcfg(CTL_P1003_1B_SEM_NSEMS_MAX, SEM_MAX); 1037 p31b_setcfg(CTL_P1003_1B_SEM_VALUE_MAX, SEM_VALUE_MAX); 1038 1039 error = syscall_helper_register(ksem_syscalls, SY_THR_STATIC_KLD); 1040 if (error) 1041 return (error); 1042 #ifdef COMPAT_FREEBSD32 1043 error = syscall32_helper_register(ksem32_syscalls, SY_THR_STATIC_KLD); 1044 if (error) 1045 return (error); 1046 #endif 1047 return (0); 1048 } 1049 1050 static void 1051 ksem_module_destroy(void) 1052 { 1053 1054 #ifdef COMPAT_FREEBSD32 1055 syscall32_helper_unregister(ksem32_syscalls); 1056 #endif 1057 syscall_helper_unregister(ksem_syscalls); 1058 1059 p31b_setcfg(CTL_P1003_1B_SEMAPHORES, 0); 1060 hashdestroy(ksem_dictionary, M_KSEM, ksem_hash); 1061 sx_destroy(&ksem_dict_lock); 1062 mtx_destroy(&ksem_count_lock); 1063 mtx_destroy(&sem_lock); 1064 p31b_unsetcfg(CTL_P1003_1B_SEM_VALUE_MAX); 1065 p31b_unsetcfg(CTL_P1003_1B_SEM_NSEMS_MAX); 1066 } 1067 1068 static int 1069 sem_modload(struct module *module, int cmd, void *arg) 1070 { 1071 int error = 0; 1072 1073 switch (cmd) { 1074 case MOD_LOAD: 1075 error = ksem_module_init(); 1076 if (error) 1077 ksem_module_destroy(); 1078 break; 1079 1080 case MOD_UNLOAD: 1081 mtx_lock(&ksem_count_lock); 1082 if (nsems != 0) { 1083 error = EOPNOTSUPP; 1084 mtx_unlock(&ksem_count_lock); 1085 break; 1086 } 1087 ksem_dead = 1; 1088 mtx_unlock(&ksem_count_lock); 1089 ksem_module_destroy(); 1090 break; 1091 1092 case MOD_SHUTDOWN: 1093 break; 1094 default: 1095 error = EINVAL; 1096 break; 1097 } 1098 return (error); 1099 } 1100 1101 static moduledata_t sem_mod = { 1102 "sem", 1103 &sem_modload, 1104 NULL 1105 }; 1106 1107 DECLARE_MODULE(sem, sem_mod, SI_SUB_SYSV_SEM, SI_ORDER_FIRST); 1108 MODULE_VERSION(sem, 1); 1109