18e38aeffSJohn Baldwin /*- 29b6dd12eSRobert Watson * Copyright (c) 2006, 2011 Robert N. M. Watson 38e38aeffSJohn Baldwin * All rights reserved. 48e38aeffSJohn Baldwin * 58e38aeffSJohn Baldwin * Redistribution and use in source and binary forms, with or without 68e38aeffSJohn Baldwin * modification, are permitted provided that the following conditions 78e38aeffSJohn Baldwin * are met: 88e38aeffSJohn Baldwin * 1. Redistributions of source code must retain the above copyright 98e38aeffSJohn Baldwin * notice, this list of conditions and the following disclaimer. 108e38aeffSJohn Baldwin * 2. Redistributions in binary form must reproduce the above copyright 118e38aeffSJohn Baldwin * notice, this list of conditions and the following disclaimer in the 128e38aeffSJohn Baldwin * documentation and/or other materials provided with the distribution. 138e38aeffSJohn Baldwin * 148e38aeffSJohn Baldwin * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 158e38aeffSJohn Baldwin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 168e38aeffSJohn Baldwin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 178e38aeffSJohn Baldwin * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 188e38aeffSJohn Baldwin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 198e38aeffSJohn Baldwin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 208e38aeffSJohn Baldwin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 218e38aeffSJohn Baldwin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 228e38aeffSJohn Baldwin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 238e38aeffSJohn Baldwin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 248e38aeffSJohn Baldwin * SUCH DAMAGE. 258e38aeffSJohn Baldwin */ 268e38aeffSJohn Baldwin 278e38aeffSJohn Baldwin /* 288e38aeffSJohn Baldwin * Support for shared swap-backed anonymous memory objects via 298e38aeffSJohn Baldwin * shm_open(2) and shm_unlink(2). While most of the implementation is 308e38aeffSJohn Baldwin * here, vm_mmap.c contains mapping logic changes. 318e38aeffSJohn Baldwin * 328e38aeffSJohn Baldwin * TODO: 338e38aeffSJohn Baldwin * 349b6dd12eSRobert Watson * (1) Need to export data to a userland tool via a sysctl. Should ipcs(1) 358e38aeffSJohn Baldwin * and ipcrm(1) be expanded or should new tools to manage both POSIX 368e38aeffSJohn Baldwin * kernel semaphores and POSIX shared memory be written? 378e38aeffSJohn Baldwin * 389b6dd12eSRobert Watson * (2) Add support for this file type to fstat(1). 398e38aeffSJohn Baldwin * 409b6dd12eSRobert Watson * (3) Resource limits? Does this need its own resource limits or are the 418e38aeffSJohn Baldwin * existing limits in mmap(2) sufficient? 428e38aeffSJohn Baldwin */ 438e38aeffSJohn Baldwin 448e38aeffSJohn Baldwin #include <sys/cdefs.h> 458e38aeffSJohn Baldwin __FBSDID("$FreeBSD$"); 468e38aeffSJohn Baldwin 4712bc222eSJonathan Anderson #include "opt_capsicum.h" 48551a7895SRui Paulo #include "opt_ktrace.h" 4912bc222eSJonathan Anderson 508e38aeffSJohn Baldwin #include <sys/param.h> 514a144410SRobert Watson #include <sys/capsicum.h> 52*610a2b3cSJohn Baldwin #include <sys/conf.h> 538e38aeffSJohn Baldwin #include <sys/fcntl.h> 548e38aeffSJohn Baldwin #include <sys/file.h> 558e38aeffSJohn Baldwin #include <sys/filedesc.h> 568e38aeffSJohn Baldwin #include <sys/fnv_hash.h> 578e38aeffSJohn Baldwin #include <sys/kernel.h> 58551a7895SRui Paulo #include <sys/uio.h> 59551a7895SRui Paulo #include <sys/signal.h> 60551a7895SRui Paulo #include <sys/ktrace.h> 618e38aeffSJohn Baldwin #include <sys/lock.h> 628e38aeffSJohn Baldwin #include <sys/malloc.h> 638e38aeffSJohn Baldwin #include <sys/mman.h> 648e38aeffSJohn Baldwin #include <sys/mutex.h> 659c00bb91SKonstantin Belousov #include <sys/priv.h> 668e38aeffSJohn Baldwin #include <sys/proc.h> 678e38aeffSJohn Baldwin #include <sys/refcount.h> 688e38aeffSJohn Baldwin #include <sys/resourcevar.h> 6989f6b863SAttilio Rao #include <sys/rwlock.h> 708e38aeffSJohn Baldwin #include <sys/stat.h> 718e38aeffSJohn Baldwin #include <sys/sysctl.h> 728e38aeffSJohn Baldwin #include <sys/sysproto.h> 738e38aeffSJohn Baldwin #include <sys/systm.h> 748e38aeffSJohn Baldwin #include <sys/sx.h> 758e38aeffSJohn Baldwin #include <sys/time.h> 768e38aeffSJohn Baldwin #include <sys/vnode.h> 77940cb0e2SKonstantin Belousov #include <sys/unistd.h> 788e38aeffSJohn Baldwin 798e38aeffSJohn Baldwin #include <security/mac/mac_framework.h> 808e38aeffSJohn Baldwin 818e38aeffSJohn Baldwin #include <vm/vm.h> 828e38aeffSJohn Baldwin #include <vm/vm_param.h> 838e38aeffSJohn Baldwin #include <vm/pmap.h> 84338e7cf2SJohn Baldwin #include <vm/vm_extern.h> 858e38aeffSJohn Baldwin #include <vm/vm_map.h> 86fb680e16SJohn Baldwin #include <vm/vm_kern.h> 878e38aeffSJohn Baldwin #include <vm/vm_object.h> 888e38aeffSJohn Baldwin #include <vm/vm_page.h> 892971897dSAlan Cox #include <vm/vm_pageout.h> 908e38aeffSJohn Baldwin #include <vm/vm_pager.h> 918e38aeffSJohn Baldwin #include <vm/swap_pager.h> 928e38aeffSJohn Baldwin 938e38aeffSJohn Baldwin struct shm_mapping { 948e38aeffSJohn Baldwin char *sm_path; 958e38aeffSJohn Baldwin Fnv32_t sm_fnv; 968e38aeffSJohn Baldwin struct shmfd *sm_shmfd; 978e38aeffSJohn Baldwin LIST_ENTRY(shm_mapping) sm_link; 988e38aeffSJohn Baldwin }; 998e38aeffSJohn Baldwin 1008e38aeffSJohn Baldwin static MALLOC_DEFINE(M_SHMFD, "shmfd", "shared memory file descriptor"); 1018e38aeffSJohn Baldwin static LIST_HEAD(, shm_mapping) *shm_dictionary; 1028e38aeffSJohn Baldwin static struct sx shm_dict_lock; 1038e38aeffSJohn Baldwin static struct mtx shm_timestamp_lock; 1048e38aeffSJohn Baldwin static u_long shm_hash; 105*610a2b3cSJohn Baldwin static struct unrhdr *shm_ino_unr; 106*610a2b3cSJohn Baldwin static dev_t shm_dev_ino; 1078e38aeffSJohn Baldwin 1088e38aeffSJohn Baldwin #define SHM_HASH(fnv) (&shm_dictionary[(fnv) & shm_hash]) 1098e38aeffSJohn Baldwin 1108e38aeffSJohn Baldwin static int shm_access(struct shmfd *shmfd, struct ucred *ucred, int flags); 1118e38aeffSJohn Baldwin static struct shmfd *shm_alloc(struct ucred *ucred, mode_t mode); 1128e38aeffSJohn Baldwin static void shm_dict_init(void *arg); 1138e38aeffSJohn Baldwin static void shm_drop(struct shmfd *shmfd); 1148e38aeffSJohn Baldwin static struct shmfd *shm_hold(struct shmfd *shmfd); 1158e38aeffSJohn Baldwin static void shm_insert(char *path, Fnv32_t fnv, struct shmfd *shmfd); 1168e38aeffSJohn Baldwin static struct shmfd *shm_lookup(char *path, Fnv32_t fnv); 1178e38aeffSJohn Baldwin static int shm_remove(char *path, Fnv32_t fnv, struct ucred *ucred); 1183364c323SKonstantin Belousov static int shm_dotruncate(struct shmfd *shmfd, off_t length); 1198e38aeffSJohn Baldwin 1208e38aeffSJohn Baldwin static fo_rdwr_t shm_read; 1218e38aeffSJohn Baldwin static fo_rdwr_t shm_write; 1228e38aeffSJohn Baldwin static fo_truncate_t shm_truncate; 1238e38aeffSJohn Baldwin static fo_ioctl_t shm_ioctl; 1248e38aeffSJohn Baldwin static fo_poll_t shm_poll; 1258e38aeffSJohn Baldwin static fo_kqfilter_t shm_kqfilter; 1268e38aeffSJohn Baldwin static fo_stat_t shm_stat; 1278e38aeffSJohn Baldwin static fo_close_t shm_close; 1289c00bb91SKonstantin Belousov static fo_chmod_t shm_chmod; 1299c00bb91SKonstantin Belousov static fo_chown_t shm_chown; 130940cb0e2SKonstantin Belousov static fo_seek_t shm_seek; 1318e38aeffSJohn Baldwin 1328e38aeffSJohn Baldwin /* File descriptor operations. */ 1338e38aeffSJohn Baldwin static struct fileops shm_ops = { 1348e38aeffSJohn Baldwin .fo_read = shm_read, 1358e38aeffSJohn Baldwin .fo_write = shm_write, 1368e38aeffSJohn Baldwin .fo_truncate = shm_truncate, 1378e38aeffSJohn Baldwin .fo_ioctl = shm_ioctl, 1388e38aeffSJohn Baldwin .fo_poll = shm_poll, 1398e38aeffSJohn Baldwin .fo_kqfilter = shm_kqfilter, 1408e38aeffSJohn Baldwin .fo_stat = shm_stat, 1418e38aeffSJohn Baldwin .fo_close = shm_close, 1429c00bb91SKonstantin Belousov .fo_chmod = shm_chmod, 1439c00bb91SKonstantin Belousov .fo_chown = shm_chown, 144227aaa86SKonstantin Belousov .fo_sendfile = vn_sendfile, 145940cb0e2SKonstantin Belousov .fo_seek = shm_seek, 146940cb0e2SKonstantin Belousov .fo_flags = DFLAG_PASSABLE | DFLAG_SEEKABLE 1478e38aeffSJohn Baldwin }; 1488e38aeffSJohn Baldwin 1498e38aeffSJohn Baldwin FEATURE(posix_shm, "POSIX shared memory"); 1508e38aeffSJohn Baldwin 1518e38aeffSJohn Baldwin static int 15241cf41fdSKonstantin Belousov uiomove_object_page(vm_object_t obj, size_t len, struct uio *uio) 15341cf41fdSKonstantin Belousov { 15441cf41fdSKonstantin Belousov vm_page_t m; 15541cf41fdSKonstantin Belousov vm_pindex_t idx; 15641cf41fdSKonstantin Belousov size_t tlen; 15741cf41fdSKonstantin Belousov int error, offset, rv; 15841cf41fdSKonstantin Belousov 15941cf41fdSKonstantin Belousov idx = OFF_TO_IDX(uio->uio_offset); 16041cf41fdSKonstantin Belousov offset = uio->uio_offset & PAGE_MASK; 16141cf41fdSKonstantin Belousov tlen = MIN(PAGE_SIZE - offset, len); 16241cf41fdSKonstantin Belousov 16341cf41fdSKonstantin Belousov VM_OBJECT_WLOCK(obj); 16441cf41fdSKonstantin Belousov 16541cf41fdSKonstantin Belousov /* 16641cf41fdSKonstantin Belousov * Parallel reads of the page content from disk are prevented 16741cf41fdSKonstantin Belousov * by exclusive busy. 16841cf41fdSKonstantin Belousov * 16941cf41fdSKonstantin Belousov * Although the tmpfs vnode lock is held here, it is 17041cf41fdSKonstantin Belousov * nonetheless safe to sleep waiting for a free page. The 17141cf41fdSKonstantin Belousov * pageout daemon does not need to acquire the tmpfs vnode 17241cf41fdSKonstantin Belousov * lock to page out tobj's pages because tobj is a OBJT_SWAP 17341cf41fdSKonstantin Belousov * type object. 17441cf41fdSKonstantin Belousov */ 1755944de8eSKonstantin Belousov m = vm_page_grab(obj, idx, VM_ALLOC_NORMAL); 17641cf41fdSKonstantin Belousov if (m->valid != VM_PAGE_BITS_ALL) { 17741cf41fdSKonstantin Belousov if (vm_pager_has_page(obj, idx, NULL, NULL)) { 17841cf41fdSKonstantin Belousov rv = vm_pager_get_pages(obj, &m, 1, 0); 17941cf41fdSKonstantin Belousov m = vm_page_lookup(obj, idx); 18041cf41fdSKonstantin Belousov if (m == NULL) { 18141cf41fdSKonstantin Belousov printf( 18241cf41fdSKonstantin Belousov "uiomove_object: vm_obj %p idx %jd null lookup rv %d\n", 18341cf41fdSKonstantin Belousov obj, idx, rv); 18441cf41fdSKonstantin Belousov VM_OBJECT_WUNLOCK(obj); 18541cf41fdSKonstantin Belousov return (EIO); 18641cf41fdSKonstantin Belousov } 18741cf41fdSKonstantin Belousov if (rv != VM_PAGER_OK) { 18841cf41fdSKonstantin Belousov printf( 18941cf41fdSKonstantin Belousov "uiomove_object: vm_obj %p idx %jd valid %x pager error %d\n", 19041cf41fdSKonstantin Belousov obj, idx, m->valid, rv); 19141cf41fdSKonstantin Belousov vm_page_lock(m); 19241cf41fdSKonstantin Belousov vm_page_free(m); 19341cf41fdSKonstantin Belousov vm_page_unlock(m); 19441cf41fdSKonstantin Belousov VM_OBJECT_WUNLOCK(obj); 19541cf41fdSKonstantin Belousov return (EIO); 19641cf41fdSKonstantin Belousov } 19741cf41fdSKonstantin Belousov } else 19841cf41fdSKonstantin Belousov vm_page_zero_invalid(m, TRUE); 19941cf41fdSKonstantin Belousov } 20041cf41fdSKonstantin Belousov vm_page_xunbusy(m); 20141cf41fdSKonstantin Belousov vm_page_lock(m); 20241cf41fdSKonstantin Belousov vm_page_hold(m); 20370978c93SKonstantin Belousov if (m->queue == PQ_NONE) { 20470978c93SKonstantin Belousov vm_page_deactivate(m); 20570978c93SKonstantin Belousov } else { 20670978c93SKonstantin Belousov /* Requeue to maintain LRU ordering. */ 20770978c93SKonstantin Belousov vm_page_requeue(m); 20870978c93SKonstantin Belousov } 20941cf41fdSKonstantin Belousov vm_page_unlock(m); 21041cf41fdSKonstantin Belousov VM_OBJECT_WUNLOCK(obj); 21141cf41fdSKonstantin Belousov error = uiomove_fromphys(&m, offset, tlen, uio); 21241cf41fdSKonstantin Belousov if (uio->uio_rw == UIO_WRITE && error == 0) { 21341cf41fdSKonstantin Belousov VM_OBJECT_WLOCK(obj); 21441cf41fdSKonstantin Belousov vm_page_dirty(m); 2155d9b4508SKonstantin Belousov vm_pager_page_unswapped(m); 21641cf41fdSKonstantin Belousov VM_OBJECT_WUNLOCK(obj); 21741cf41fdSKonstantin Belousov } 21841cf41fdSKonstantin Belousov vm_page_lock(m); 21941cf41fdSKonstantin Belousov vm_page_unhold(m); 22041cf41fdSKonstantin Belousov vm_page_unlock(m); 22141cf41fdSKonstantin Belousov 22241cf41fdSKonstantin Belousov return (error); 22341cf41fdSKonstantin Belousov } 22441cf41fdSKonstantin Belousov 22541cf41fdSKonstantin Belousov int 22641cf41fdSKonstantin Belousov uiomove_object(vm_object_t obj, off_t obj_size, struct uio *uio) 22741cf41fdSKonstantin Belousov { 22841cf41fdSKonstantin Belousov ssize_t resid; 22941cf41fdSKonstantin Belousov size_t len; 23041cf41fdSKonstantin Belousov int error; 23141cf41fdSKonstantin Belousov 23241cf41fdSKonstantin Belousov error = 0; 23341cf41fdSKonstantin Belousov while ((resid = uio->uio_resid) > 0) { 23441cf41fdSKonstantin Belousov if (obj_size <= uio->uio_offset) 23541cf41fdSKonstantin Belousov break; 23641cf41fdSKonstantin Belousov len = MIN(obj_size - uio->uio_offset, resid); 23741cf41fdSKonstantin Belousov if (len == 0) 23841cf41fdSKonstantin Belousov break; 23941cf41fdSKonstantin Belousov error = uiomove_object_page(obj, len, uio); 24041cf41fdSKonstantin Belousov if (error != 0 || resid == uio->uio_resid) 24141cf41fdSKonstantin Belousov break; 24241cf41fdSKonstantin Belousov } 24341cf41fdSKonstantin Belousov return (error); 24441cf41fdSKonstantin Belousov } 24541cf41fdSKonstantin Belousov 24641cf41fdSKonstantin Belousov static int 247940cb0e2SKonstantin Belousov shm_seek(struct file *fp, off_t offset, int whence, struct thread *td) 248940cb0e2SKonstantin Belousov { 249940cb0e2SKonstantin Belousov struct shmfd *shmfd; 250940cb0e2SKonstantin Belousov off_t foffset; 251940cb0e2SKonstantin Belousov int error; 252940cb0e2SKonstantin Belousov 253940cb0e2SKonstantin Belousov shmfd = fp->f_data; 254940cb0e2SKonstantin Belousov foffset = foffset_lock(fp, 0); 255940cb0e2SKonstantin Belousov error = 0; 256940cb0e2SKonstantin Belousov switch (whence) { 257940cb0e2SKonstantin Belousov case L_INCR: 258940cb0e2SKonstantin Belousov if (foffset < 0 || 259940cb0e2SKonstantin Belousov (offset > 0 && foffset > OFF_MAX - offset)) { 260940cb0e2SKonstantin Belousov error = EOVERFLOW; 261940cb0e2SKonstantin Belousov break; 262940cb0e2SKonstantin Belousov } 263940cb0e2SKonstantin Belousov offset += foffset; 264940cb0e2SKonstantin Belousov break; 265940cb0e2SKonstantin Belousov case L_XTND: 266940cb0e2SKonstantin Belousov if (offset > 0 && shmfd->shm_size > OFF_MAX - offset) { 267940cb0e2SKonstantin Belousov error = EOVERFLOW; 268940cb0e2SKonstantin Belousov break; 269940cb0e2SKonstantin Belousov } 270940cb0e2SKonstantin Belousov offset += shmfd->shm_size; 271940cb0e2SKonstantin Belousov break; 272940cb0e2SKonstantin Belousov case L_SET: 273940cb0e2SKonstantin Belousov break; 274940cb0e2SKonstantin Belousov default: 275940cb0e2SKonstantin Belousov error = EINVAL; 276940cb0e2SKonstantin Belousov } 277940cb0e2SKonstantin Belousov if (error == 0) { 278940cb0e2SKonstantin Belousov if (offset < 0 || offset > shmfd->shm_size) 279940cb0e2SKonstantin Belousov error = EINVAL; 280940cb0e2SKonstantin Belousov else 2816f2b769cSJohn-Mark Gurney td->td_uretoff.tdu_off = offset; 282940cb0e2SKonstantin Belousov } 283940cb0e2SKonstantin Belousov foffset_unlock(fp, offset, error != 0 ? FOF_NOUPDATE : 0); 284940cb0e2SKonstantin Belousov return (error); 285940cb0e2SKonstantin Belousov } 286940cb0e2SKonstantin Belousov 287940cb0e2SKonstantin Belousov static int 2888e38aeffSJohn Baldwin shm_read(struct file *fp, struct uio *uio, struct ucred *active_cred, 2898e38aeffSJohn Baldwin int flags, struct thread *td) 2908e38aeffSJohn Baldwin { 291940cb0e2SKonstantin Belousov struct shmfd *shmfd; 292940cb0e2SKonstantin Belousov void *rl_cookie; 293940cb0e2SKonstantin Belousov int error; 2948e38aeffSJohn Baldwin 295940cb0e2SKonstantin Belousov shmfd = fp->f_data; 296940cb0e2SKonstantin Belousov foffset_lock_uio(fp, uio, flags); 297940cb0e2SKonstantin Belousov rl_cookie = rangelock_rlock(&shmfd->shm_rl, uio->uio_offset, 298940cb0e2SKonstantin Belousov uio->uio_offset + uio->uio_resid, &shmfd->shm_mtx); 299940cb0e2SKonstantin Belousov #ifdef MAC 300940cb0e2SKonstantin Belousov error = mac_posixshm_check_read(active_cred, fp->f_cred, shmfd); 301940cb0e2SKonstantin Belousov if (error) 302940cb0e2SKonstantin Belousov return (error); 303940cb0e2SKonstantin Belousov #endif 304940cb0e2SKonstantin Belousov error = uiomove_object(shmfd->shm_object, shmfd->shm_size, uio); 305940cb0e2SKonstantin Belousov rangelock_unlock(&shmfd->shm_rl, rl_cookie, &shmfd->shm_mtx); 306940cb0e2SKonstantin Belousov foffset_unlock_uio(fp, uio, flags); 307940cb0e2SKonstantin Belousov return (error); 3088e38aeffSJohn Baldwin } 3098e38aeffSJohn Baldwin 3108e38aeffSJohn Baldwin static int 3118e38aeffSJohn Baldwin shm_write(struct file *fp, struct uio *uio, struct ucred *active_cred, 3128e38aeffSJohn Baldwin int flags, struct thread *td) 3138e38aeffSJohn Baldwin { 314940cb0e2SKonstantin Belousov struct shmfd *shmfd; 315940cb0e2SKonstantin Belousov void *rl_cookie; 316940cb0e2SKonstantin Belousov int error; 3178e38aeffSJohn Baldwin 318940cb0e2SKonstantin Belousov shmfd = fp->f_data; 319940cb0e2SKonstantin Belousov #ifdef MAC 320940cb0e2SKonstantin Belousov error = mac_posixshm_check_write(active_cred, fp->f_cred, shmfd); 321940cb0e2SKonstantin Belousov if (error) 322940cb0e2SKonstantin Belousov return (error); 323940cb0e2SKonstantin Belousov #endif 324940cb0e2SKonstantin Belousov foffset_lock_uio(fp, uio, flags); 325940cb0e2SKonstantin Belousov if ((flags & FOF_OFFSET) == 0) { 326940cb0e2SKonstantin Belousov rl_cookie = rangelock_wlock(&shmfd->shm_rl, 0, OFF_MAX, 327940cb0e2SKonstantin Belousov &shmfd->shm_mtx); 328940cb0e2SKonstantin Belousov } else { 329940cb0e2SKonstantin Belousov rl_cookie = rangelock_wlock(&shmfd->shm_rl, uio->uio_offset, 330940cb0e2SKonstantin Belousov uio->uio_offset + uio->uio_resid, &shmfd->shm_mtx); 331940cb0e2SKonstantin Belousov } 332940cb0e2SKonstantin Belousov 333940cb0e2SKonstantin Belousov error = uiomove_object(shmfd->shm_object, shmfd->shm_size, uio); 334940cb0e2SKonstantin Belousov rangelock_unlock(&shmfd->shm_rl, rl_cookie, &shmfd->shm_mtx); 335940cb0e2SKonstantin Belousov foffset_unlock_uio(fp, uio, flags); 336940cb0e2SKonstantin Belousov return (error); 3378e38aeffSJohn Baldwin } 3388e38aeffSJohn Baldwin 3398e38aeffSJohn Baldwin static int 3408e38aeffSJohn Baldwin shm_truncate(struct file *fp, off_t length, struct ucred *active_cred, 3418e38aeffSJohn Baldwin struct thread *td) 3428e38aeffSJohn Baldwin { 3438e38aeffSJohn Baldwin struct shmfd *shmfd; 3448e38aeffSJohn Baldwin #ifdef MAC 3458e38aeffSJohn Baldwin int error; 3468e38aeffSJohn Baldwin #endif 3478e38aeffSJohn Baldwin 3488e38aeffSJohn Baldwin shmfd = fp->f_data; 3498e38aeffSJohn Baldwin #ifdef MAC 3508e38aeffSJohn Baldwin error = mac_posixshm_check_truncate(active_cred, fp->f_cred, shmfd); 3518e38aeffSJohn Baldwin if (error) 3528e38aeffSJohn Baldwin return (error); 3538e38aeffSJohn Baldwin #endif 3543364c323SKonstantin Belousov return (shm_dotruncate(shmfd, length)); 3558e38aeffSJohn Baldwin } 3568e38aeffSJohn Baldwin 3578e38aeffSJohn Baldwin static int 3588e38aeffSJohn Baldwin shm_ioctl(struct file *fp, u_long com, void *data, 3598e38aeffSJohn Baldwin struct ucred *active_cred, struct thread *td) 3608e38aeffSJohn Baldwin { 3618e38aeffSJohn Baldwin 3628e38aeffSJohn Baldwin return (EOPNOTSUPP); 3638e38aeffSJohn Baldwin } 3648e38aeffSJohn Baldwin 3658e38aeffSJohn Baldwin static int 3668e38aeffSJohn Baldwin shm_poll(struct file *fp, int events, struct ucred *active_cred, 3678e38aeffSJohn Baldwin struct thread *td) 3688e38aeffSJohn Baldwin { 3698e38aeffSJohn Baldwin 3708e38aeffSJohn Baldwin return (EOPNOTSUPP); 3718e38aeffSJohn Baldwin } 3728e38aeffSJohn Baldwin 3738e38aeffSJohn Baldwin static int 3748e38aeffSJohn Baldwin shm_kqfilter(struct file *fp, struct knote *kn) 3758e38aeffSJohn Baldwin { 3768e38aeffSJohn Baldwin 3778e38aeffSJohn Baldwin return (EOPNOTSUPP); 3788e38aeffSJohn Baldwin } 3798e38aeffSJohn Baldwin 3808e38aeffSJohn Baldwin static int 3818e38aeffSJohn Baldwin shm_stat(struct file *fp, struct stat *sb, struct ucred *active_cred, 3828e38aeffSJohn Baldwin struct thread *td) 3838e38aeffSJohn Baldwin { 3848e38aeffSJohn Baldwin struct shmfd *shmfd; 3858e38aeffSJohn Baldwin #ifdef MAC 3868e38aeffSJohn Baldwin int error; 3878e38aeffSJohn Baldwin #endif 3888e38aeffSJohn Baldwin 3898e38aeffSJohn Baldwin shmfd = fp->f_data; 3908e38aeffSJohn Baldwin 3918e38aeffSJohn Baldwin #ifdef MAC 3928e38aeffSJohn Baldwin error = mac_posixshm_check_stat(active_cred, fp->f_cred, shmfd); 3938e38aeffSJohn Baldwin if (error) 3948e38aeffSJohn Baldwin return (error); 3958e38aeffSJohn Baldwin #endif 3968e38aeffSJohn Baldwin 3978e38aeffSJohn Baldwin /* 3988e38aeffSJohn Baldwin * Attempt to return sanish values for fstat() on a memory file 3998e38aeffSJohn Baldwin * descriptor. 4008e38aeffSJohn Baldwin */ 4018e38aeffSJohn Baldwin bzero(sb, sizeof(*sb)); 4028e38aeffSJohn Baldwin sb->st_blksize = PAGE_SIZE; 4038e38aeffSJohn Baldwin sb->st_size = shmfd->shm_size; 4048e38aeffSJohn Baldwin sb->st_blocks = (sb->st_size + sb->st_blksize - 1) / sb->st_blksize; 4059c00bb91SKonstantin Belousov mtx_lock(&shm_timestamp_lock); 406510ea843SEd Schouten sb->st_atim = shmfd->shm_atime; 407510ea843SEd Schouten sb->st_ctim = shmfd->shm_ctime; 408510ea843SEd Schouten sb->st_mtim = shmfd->shm_mtime; 409510ea843SEd Schouten sb->st_birthtim = shmfd->shm_birthtime; 4109c00bb91SKonstantin Belousov sb->st_mode = S_IFREG | shmfd->shm_mode; /* XXX */ 4118e38aeffSJohn Baldwin sb->st_uid = shmfd->shm_uid; 4128e38aeffSJohn Baldwin sb->st_gid = shmfd->shm_gid; 4139c00bb91SKonstantin Belousov mtx_unlock(&shm_timestamp_lock); 414*610a2b3cSJohn Baldwin sb->st_dev = shm_dev_ino; 415*610a2b3cSJohn Baldwin sb->st_ino = shmfd->shm_ino; 4168e38aeffSJohn Baldwin 4178e38aeffSJohn Baldwin return (0); 4188e38aeffSJohn Baldwin } 4198e38aeffSJohn Baldwin 4208e38aeffSJohn Baldwin static int 4218e38aeffSJohn Baldwin shm_close(struct file *fp, struct thread *td) 4228e38aeffSJohn Baldwin { 4238e38aeffSJohn Baldwin struct shmfd *shmfd; 4248e38aeffSJohn Baldwin 4258e38aeffSJohn Baldwin shmfd = fp->f_data; 4268e38aeffSJohn Baldwin fp->f_data = NULL; 4278e38aeffSJohn Baldwin shm_drop(shmfd); 4288e38aeffSJohn Baldwin 4298e38aeffSJohn Baldwin return (0); 4308e38aeffSJohn Baldwin } 4318e38aeffSJohn Baldwin 4323364c323SKonstantin Belousov static int 4338e38aeffSJohn Baldwin shm_dotruncate(struct shmfd *shmfd, off_t length) 4348e38aeffSJohn Baldwin { 4358e38aeffSJohn Baldwin vm_object_t object; 4362971897dSAlan Cox vm_page_t m, ma[1]; 4372971897dSAlan Cox vm_pindex_t idx, nobjsize; 4383364c323SKonstantin Belousov vm_ooffset_t delta; 4392971897dSAlan Cox int base, rv; 4408e38aeffSJohn Baldwin 4418e38aeffSJohn Baldwin object = shmfd->shm_object; 44289f6b863SAttilio Rao VM_OBJECT_WLOCK(object); 4438e38aeffSJohn Baldwin if (length == shmfd->shm_size) { 44489f6b863SAttilio Rao VM_OBJECT_WUNLOCK(object); 4453364c323SKonstantin Belousov return (0); 4468e38aeffSJohn Baldwin } 4478e38aeffSJohn Baldwin nobjsize = OFF_TO_IDX(length + PAGE_MASK); 4488e38aeffSJohn Baldwin 4498e38aeffSJohn Baldwin /* Are we shrinking? If so, trim the end. */ 4508e38aeffSJohn Baldwin if (length < shmfd->shm_size) { 451fb680e16SJohn Baldwin /* 452fb680e16SJohn Baldwin * Disallow any requests to shrink the size if this 453fb680e16SJohn Baldwin * object is mapped into the kernel. 454fb680e16SJohn Baldwin */ 455fb680e16SJohn Baldwin if (shmfd->shm_kmappings > 0) { 45689f6b863SAttilio Rao VM_OBJECT_WUNLOCK(object); 457fb680e16SJohn Baldwin return (EBUSY); 458fb680e16SJohn Baldwin } 4592971897dSAlan Cox 4602971897dSAlan Cox /* 4612971897dSAlan Cox * Zero the truncated part of the last page. 4622971897dSAlan Cox */ 4632971897dSAlan Cox base = length & PAGE_MASK; 4642971897dSAlan Cox if (base != 0) { 4652971897dSAlan Cox idx = OFF_TO_IDX(length); 4662971897dSAlan Cox retry: 4672971897dSAlan Cox m = vm_page_lookup(object, idx); 4682971897dSAlan Cox if (m != NULL) { 469c7aebda8SAttilio Rao if (vm_page_sleep_if_busy(m, "shmtrc")) 4702971897dSAlan Cox goto retry; 4712971897dSAlan Cox } else if (vm_pager_has_page(object, idx, NULL, NULL)) { 4722971897dSAlan Cox m = vm_page_alloc(object, idx, VM_ALLOC_NORMAL); 4732971897dSAlan Cox if (m == NULL) { 47489f6b863SAttilio Rao VM_OBJECT_WUNLOCK(object); 4752971897dSAlan Cox VM_WAIT; 47689f6b863SAttilio Rao VM_OBJECT_WLOCK(object); 4772971897dSAlan Cox goto retry; 4782971897dSAlan Cox } else if (m->valid != VM_PAGE_BITS_ALL) { 4792971897dSAlan Cox ma[0] = m; 4802971897dSAlan Cox rv = vm_pager_get_pages(object, ma, 1, 4812971897dSAlan Cox 0); 4822971897dSAlan Cox m = vm_page_lookup(object, idx); 4832971897dSAlan Cox } else 4842971897dSAlan Cox /* A cached page was reactivated. */ 4852971897dSAlan Cox rv = VM_PAGER_OK; 4862971897dSAlan Cox vm_page_lock(m); 4872971897dSAlan Cox if (rv == VM_PAGER_OK) { 4882971897dSAlan Cox vm_page_deactivate(m); 4892971897dSAlan Cox vm_page_unlock(m); 490c7aebda8SAttilio Rao vm_page_xunbusy(m); 4912971897dSAlan Cox } else { 4922971897dSAlan Cox vm_page_free(m); 4932971897dSAlan Cox vm_page_unlock(m); 49489f6b863SAttilio Rao VM_OBJECT_WUNLOCK(object); 4952971897dSAlan Cox return (EIO); 4962971897dSAlan Cox } 4972971897dSAlan Cox } 4982971897dSAlan Cox if (m != NULL) { 4992971897dSAlan Cox pmap_zero_page_area(m, base, PAGE_SIZE - base); 5002971897dSAlan Cox KASSERT(m->valid == VM_PAGE_BITS_ALL, 5012971897dSAlan Cox ("shm_dotruncate: page %p is invalid", m)); 5022971897dSAlan Cox vm_page_dirty(m); 5032971897dSAlan Cox vm_pager_page_unswapped(m); 5042971897dSAlan Cox } 5052971897dSAlan Cox } 5063364c323SKonstantin Belousov delta = ptoa(object->size - nobjsize); 5073364c323SKonstantin Belousov 5088e38aeffSJohn Baldwin /* Toss in memory pages. */ 5098e38aeffSJohn Baldwin if (nobjsize < object->size) 5108e38aeffSJohn Baldwin vm_object_page_remove(object, nobjsize, object->size, 5116bbee8e2SAlan Cox 0); 5128e38aeffSJohn Baldwin 5138e38aeffSJohn Baldwin /* Toss pages from swap. */ 5148e38aeffSJohn Baldwin if (object->type == OBJT_SWAP) 5153364c323SKonstantin Belousov swap_pager_freespace(object, nobjsize, delta); 5163364c323SKonstantin Belousov 5173364c323SKonstantin Belousov /* Free the swap accounted for shm */ 518ef694c1aSEdward Tomasz Napierala swap_release_by_cred(delta, object->cred); 5193364c323SKonstantin Belousov object->charge -= delta; 5203364c323SKonstantin Belousov } else { 5213364c323SKonstantin Belousov /* Attempt to reserve the swap */ 5223364c323SKonstantin Belousov delta = ptoa(nobjsize - object->size); 523ef694c1aSEdward Tomasz Napierala if (!swap_reserve_by_cred(delta, object->cred)) { 52489f6b863SAttilio Rao VM_OBJECT_WUNLOCK(object); 5253364c323SKonstantin Belousov return (ENOMEM); 5263364c323SKonstantin Belousov } 5273364c323SKonstantin Belousov object->charge += delta; 5288e38aeffSJohn Baldwin } 5298e38aeffSJohn Baldwin shmfd->shm_size = length; 5308e38aeffSJohn Baldwin mtx_lock(&shm_timestamp_lock); 5318e38aeffSJohn Baldwin vfs_timestamp(&shmfd->shm_ctime); 5328e38aeffSJohn Baldwin shmfd->shm_mtime = shmfd->shm_ctime; 5338e38aeffSJohn Baldwin mtx_unlock(&shm_timestamp_lock); 5348e38aeffSJohn Baldwin object->size = nobjsize; 53589f6b863SAttilio Rao VM_OBJECT_WUNLOCK(object); 5363364c323SKonstantin Belousov return (0); 5378e38aeffSJohn Baldwin } 5388e38aeffSJohn Baldwin 5398e38aeffSJohn Baldwin /* 5408e38aeffSJohn Baldwin * shmfd object management including creation and reference counting 5418e38aeffSJohn Baldwin * routines. 5428e38aeffSJohn Baldwin */ 5438e38aeffSJohn Baldwin static struct shmfd * 5448e38aeffSJohn Baldwin shm_alloc(struct ucred *ucred, mode_t mode) 5458e38aeffSJohn Baldwin { 5468e38aeffSJohn Baldwin struct shmfd *shmfd; 547*610a2b3cSJohn Baldwin int ino; 5488e38aeffSJohn Baldwin 5498e38aeffSJohn Baldwin shmfd = malloc(sizeof(*shmfd), M_SHMFD, M_WAITOK | M_ZERO); 5508e38aeffSJohn Baldwin shmfd->shm_size = 0; 5518e38aeffSJohn Baldwin shmfd->shm_uid = ucred->cr_uid; 5528e38aeffSJohn Baldwin shmfd->shm_gid = ucred->cr_gid; 5538e38aeffSJohn Baldwin shmfd->shm_mode = mode; 5548e38aeffSJohn Baldwin shmfd->shm_object = vm_pager_allocate(OBJT_DEFAULT, NULL, 5553364c323SKonstantin Belousov shmfd->shm_size, VM_PROT_DEFAULT, 0, ucred); 5568e38aeffSJohn Baldwin KASSERT(shmfd->shm_object != NULL, ("shm_create: vm_pager_allocate")); 55789f6b863SAttilio Rao VM_OBJECT_WLOCK(shmfd->shm_object); 558e384d8a8SAlan Cox vm_object_clear_flag(shmfd->shm_object, OBJ_ONEMAPPING); 559e384d8a8SAlan Cox vm_object_set_flag(shmfd->shm_object, OBJ_NOSPLIT); 56089f6b863SAttilio Rao VM_OBJECT_WUNLOCK(shmfd->shm_object); 5618e38aeffSJohn Baldwin vfs_timestamp(&shmfd->shm_birthtime); 5628e38aeffSJohn Baldwin shmfd->shm_atime = shmfd->shm_mtime = shmfd->shm_ctime = 5638e38aeffSJohn Baldwin shmfd->shm_birthtime; 564*610a2b3cSJohn Baldwin ino = alloc_unr(shm_ino_unr); 565*610a2b3cSJohn Baldwin if (ino == -1) 566*610a2b3cSJohn Baldwin shmfd->shm_ino = 0; 567*610a2b3cSJohn Baldwin else 568*610a2b3cSJohn Baldwin shmfd->shm_ino = ino; 5698e38aeffSJohn Baldwin refcount_init(&shmfd->shm_refs, 1); 570940cb0e2SKonstantin Belousov mtx_init(&shmfd->shm_mtx, "shmrl", NULL, MTX_DEF); 571940cb0e2SKonstantin Belousov rangelock_init(&shmfd->shm_rl); 5728e38aeffSJohn Baldwin #ifdef MAC 5738e38aeffSJohn Baldwin mac_posixshm_init(shmfd); 5748e38aeffSJohn Baldwin mac_posixshm_create(ucred, shmfd); 5758e38aeffSJohn Baldwin #endif 5768e38aeffSJohn Baldwin 5778e38aeffSJohn Baldwin return (shmfd); 5788e38aeffSJohn Baldwin } 5798e38aeffSJohn Baldwin 5808e38aeffSJohn Baldwin static struct shmfd * 5818e38aeffSJohn Baldwin shm_hold(struct shmfd *shmfd) 5828e38aeffSJohn Baldwin { 5838e38aeffSJohn Baldwin 5848e38aeffSJohn Baldwin refcount_acquire(&shmfd->shm_refs); 5858e38aeffSJohn Baldwin return (shmfd); 5868e38aeffSJohn Baldwin } 5878e38aeffSJohn Baldwin 5888e38aeffSJohn Baldwin static void 5898e38aeffSJohn Baldwin shm_drop(struct shmfd *shmfd) 5908e38aeffSJohn Baldwin { 5918e38aeffSJohn Baldwin 5928e38aeffSJohn Baldwin if (refcount_release(&shmfd->shm_refs)) { 5938e38aeffSJohn Baldwin #ifdef MAC 5948e38aeffSJohn Baldwin mac_posixshm_destroy(shmfd); 5958e38aeffSJohn Baldwin #endif 596940cb0e2SKonstantin Belousov rangelock_destroy(&shmfd->shm_rl); 597940cb0e2SKonstantin Belousov mtx_destroy(&shmfd->shm_mtx); 5988e38aeffSJohn Baldwin vm_object_deallocate(shmfd->shm_object); 599*610a2b3cSJohn Baldwin if (shmfd->shm_ino != 0) 600*610a2b3cSJohn Baldwin free_unr(shm_ino_unr, shmfd->shm_ino); 6018e38aeffSJohn Baldwin free(shmfd, M_SHMFD); 6028e38aeffSJohn Baldwin } 6038e38aeffSJohn Baldwin } 6048e38aeffSJohn Baldwin 6058e38aeffSJohn Baldwin /* 6068e38aeffSJohn Baldwin * Determine if the credentials have sufficient permissions for a 6078e38aeffSJohn Baldwin * specified combination of FREAD and FWRITE. 6088e38aeffSJohn Baldwin */ 6098e38aeffSJohn Baldwin static int 6108e38aeffSJohn Baldwin shm_access(struct shmfd *shmfd, struct ucred *ucred, int flags) 6118e38aeffSJohn Baldwin { 61215bc6b2bSEdward Tomasz Napierala accmode_t accmode; 6139c00bb91SKonstantin Belousov int error; 6148e38aeffSJohn Baldwin 61515bc6b2bSEdward Tomasz Napierala accmode = 0; 6168e38aeffSJohn Baldwin if (flags & FREAD) 61715bc6b2bSEdward Tomasz Napierala accmode |= VREAD; 6188e38aeffSJohn Baldwin if (flags & FWRITE) 61915bc6b2bSEdward Tomasz Napierala accmode |= VWRITE; 6209c00bb91SKonstantin Belousov mtx_lock(&shm_timestamp_lock); 6219c00bb91SKonstantin Belousov error = vaccess(VREG, shmfd->shm_mode, shmfd->shm_uid, shmfd->shm_gid, 6229c00bb91SKonstantin Belousov accmode, ucred, NULL); 6239c00bb91SKonstantin Belousov mtx_unlock(&shm_timestamp_lock); 6249c00bb91SKonstantin Belousov return (error); 6258e38aeffSJohn Baldwin } 6268e38aeffSJohn Baldwin 6278e38aeffSJohn Baldwin /* 6288e38aeffSJohn Baldwin * Dictionary management. We maintain an in-kernel dictionary to map 6298e38aeffSJohn Baldwin * paths to shmfd objects. We use the FNV hash on the path to store 6308e38aeffSJohn Baldwin * the mappings in a hash table. 6318e38aeffSJohn Baldwin */ 6328e38aeffSJohn Baldwin static void 633*610a2b3cSJohn Baldwin shm_init(void *arg) 6348e38aeffSJohn Baldwin { 6358e38aeffSJohn Baldwin 6368e38aeffSJohn Baldwin mtx_init(&shm_timestamp_lock, "shm timestamps", NULL, MTX_DEF); 6378e38aeffSJohn Baldwin sx_init(&shm_dict_lock, "shm dictionary"); 6388e38aeffSJohn Baldwin shm_dictionary = hashinit(1024, M_SHMFD, &shm_hash); 639*610a2b3cSJohn Baldwin shm_ino_unr = new_unrhdr(1, INT32_MAX, NULL); 640*610a2b3cSJohn Baldwin KASSERT(shm_ino_unr != NULL, ("shm fake inodes not initialized")); 641*610a2b3cSJohn Baldwin shm_dev_ino = devfs_alloc_cdp_inode(); 642*610a2b3cSJohn Baldwin KASSERT(shm_dev_ino > 0, ("shm dev inode not initialized")); 6438e38aeffSJohn Baldwin } 644*610a2b3cSJohn Baldwin SYSINIT(shm_init, SI_SUB_SYSV_SHM, SI_ORDER_ANY, shm_init, NULL); 6458e38aeffSJohn Baldwin 6468e38aeffSJohn Baldwin static struct shmfd * 6478e38aeffSJohn Baldwin shm_lookup(char *path, Fnv32_t fnv) 6488e38aeffSJohn Baldwin { 6498e38aeffSJohn Baldwin struct shm_mapping *map; 6508e38aeffSJohn Baldwin 6518e38aeffSJohn Baldwin LIST_FOREACH(map, SHM_HASH(fnv), sm_link) { 6528e38aeffSJohn Baldwin if (map->sm_fnv != fnv) 6538e38aeffSJohn Baldwin continue; 6548e38aeffSJohn Baldwin if (strcmp(map->sm_path, path) == 0) 6558e38aeffSJohn Baldwin return (map->sm_shmfd); 6568e38aeffSJohn Baldwin } 6578e38aeffSJohn Baldwin 6588e38aeffSJohn Baldwin return (NULL); 6598e38aeffSJohn Baldwin } 6608e38aeffSJohn Baldwin 6618e38aeffSJohn Baldwin static void 6628e38aeffSJohn Baldwin shm_insert(char *path, Fnv32_t fnv, struct shmfd *shmfd) 6638e38aeffSJohn Baldwin { 6648e38aeffSJohn Baldwin struct shm_mapping *map; 6658e38aeffSJohn Baldwin 6668e38aeffSJohn Baldwin map = malloc(sizeof(struct shm_mapping), M_SHMFD, M_WAITOK); 6678e38aeffSJohn Baldwin map->sm_path = path; 6688e38aeffSJohn Baldwin map->sm_fnv = fnv; 6698e38aeffSJohn Baldwin map->sm_shmfd = shm_hold(shmfd); 670e506e182SJohn Baldwin shmfd->shm_path = path; 6718e38aeffSJohn Baldwin LIST_INSERT_HEAD(SHM_HASH(fnv), map, sm_link); 6728e38aeffSJohn Baldwin } 6738e38aeffSJohn Baldwin 6748e38aeffSJohn Baldwin static int 6758e38aeffSJohn Baldwin shm_remove(char *path, Fnv32_t fnv, struct ucred *ucred) 6768e38aeffSJohn Baldwin { 6778e38aeffSJohn Baldwin struct shm_mapping *map; 6788e38aeffSJohn Baldwin int error; 6798e38aeffSJohn Baldwin 6808e38aeffSJohn Baldwin LIST_FOREACH(map, SHM_HASH(fnv), sm_link) { 6818e38aeffSJohn Baldwin if (map->sm_fnv != fnv) 6828e38aeffSJohn Baldwin continue; 6838e38aeffSJohn Baldwin if (strcmp(map->sm_path, path) == 0) { 6848e38aeffSJohn Baldwin #ifdef MAC 6858e38aeffSJohn Baldwin error = mac_posixshm_check_unlink(ucred, map->sm_shmfd); 6868e38aeffSJohn Baldwin if (error) 6878e38aeffSJohn Baldwin return (error); 6888e38aeffSJohn Baldwin #endif 6898e38aeffSJohn Baldwin error = shm_access(map->sm_shmfd, ucred, 6908e38aeffSJohn Baldwin FREAD | FWRITE); 6918e38aeffSJohn Baldwin if (error) 6928e38aeffSJohn Baldwin return (error); 693e506e182SJohn Baldwin map->sm_shmfd->shm_path = NULL; 6948e38aeffSJohn Baldwin LIST_REMOVE(map, sm_link); 6958e38aeffSJohn Baldwin shm_drop(map->sm_shmfd); 6968e38aeffSJohn Baldwin free(map->sm_path, M_SHMFD); 6978e38aeffSJohn Baldwin free(map, M_SHMFD); 6988e38aeffSJohn Baldwin return (0); 6998e38aeffSJohn Baldwin } 7008e38aeffSJohn Baldwin } 7018e38aeffSJohn Baldwin 7028e38aeffSJohn Baldwin return (ENOENT); 7038e38aeffSJohn Baldwin } 7048e38aeffSJohn Baldwin 7058e38aeffSJohn Baldwin /* System calls. */ 7068e38aeffSJohn Baldwin int 7078451d0ddSKip Macy sys_shm_open(struct thread *td, struct shm_open_args *uap) 7088e38aeffSJohn Baldwin { 7098e38aeffSJohn Baldwin struct filedesc *fdp; 7108e38aeffSJohn Baldwin struct shmfd *shmfd; 7118e38aeffSJohn Baldwin struct file *fp; 7128e38aeffSJohn Baldwin char *path; 7138e38aeffSJohn Baldwin Fnv32_t fnv; 7148e38aeffSJohn Baldwin mode_t cmode; 7158e38aeffSJohn Baldwin int fd, error; 7168e38aeffSJohn Baldwin 71712bc222eSJonathan Anderson #ifdef CAPABILITY_MODE 71812bc222eSJonathan Anderson /* 71912bc222eSJonathan Anderson * shm_open(2) is only allowed for anonymous objects. 72012bc222eSJonathan Anderson */ 72112bc222eSJonathan Anderson if (IN_CAPABILITY_MODE(td) && (uap->path != SHM_ANON)) 72212bc222eSJonathan Anderson return (ECAPMODE); 72312bc222eSJonathan Anderson #endif 72412bc222eSJonathan Anderson 7258e38aeffSJohn Baldwin if ((uap->flags & O_ACCMODE) != O_RDONLY && 7268e38aeffSJohn Baldwin (uap->flags & O_ACCMODE) != O_RDWR) 7278e38aeffSJohn Baldwin return (EINVAL); 7288e38aeffSJohn Baldwin 729f55a7d30SRobert Millan if ((uap->flags & ~(O_ACCMODE | O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC)) != 0) 7308e38aeffSJohn Baldwin return (EINVAL); 7318e38aeffSJohn Baldwin 7328e38aeffSJohn Baldwin fdp = td->td_proc->p_fd; 7338e38aeffSJohn Baldwin cmode = (uap->mode & ~fdp->fd_cmask) & ACCESSPERMS; 7348e38aeffSJohn Baldwin 735b68cf25fSJilles Tjoelker error = falloc(td, &fp, &fd, O_CLOEXEC); 7368e38aeffSJohn Baldwin if (error) 7378e38aeffSJohn Baldwin return (error); 7388e38aeffSJohn Baldwin 7398e38aeffSJohn Baldwin /* A SHM_ANON path pointer creates an anonymous object. */ 7408e38aeffSJohn Baldwin if (uap->path == SHM_ANON) { 7418e38aeffSJohn Baldwin /* A read-only anonymous object is pointless. */ 7428e38aeffSJohn Baldwin if ((uap->flags & O_ACCMODE) == O_RDONLY) { 7438e38aeffSJohn Baldwin fdclose(fdp, fp, fd, td); 7448e38aeffSJohn Baldwin fdrop(fp, td); 7458e38aeffSJohn Baldwin return (EINVAL); 7468e38aeffSJohn Baldwin } 7478e38aeffSJohn Baldwin shmfd = shm_alloc(td->td_ucred, cmode); 7488e38aeffSJohn Baldwin } else { 7498e38aeffSJohn Baldwin path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK); 7508e38aeffSJohn Baldwin error = copyinstr(uap->path, path, MAXPATHLEN, NULL); 751551a7895SRui Paulo #ifdef KTRACE 752551a7895SRui Paulo if (error == 0 && KTRPOINT(curthread, KTR_NAMEI)) 753551a7895SRui Paulo ktrnamei(path); 754551a7895SRui Paulo #endif 7558e38aeffSJohn Baldwin /* Require paths to start with a '/' character. */ 7568e38aeffSJohn Baldwin if (error == 0 && path[0] != '/') 7578e38aeffSJohn Baldwin error = EINVAL; 7588e38aeffSJohn Baldwin if (error) { 7598e38aeffSJohn Baldwin fdclose(fdp, fp, fd, td); 7608e38aeffSJohn Baldwin fdrop(fp, td); 7618e38aeffSJohn Baldwin free(path, M_SHMFD); 7628e38aeffSJohn Baldwin return (error); 7638e38aeffSJohn Baldwin } 7648e38aeffSJohn Baldwin 7658e38aeffSJohn Baldwin fnv = fnv_32_str(path, FNV1_32_INIT); 7668e38aeffSJohn Baldwin sx_xlock(&shm_dict_lock); 7678e38aeffSJohn Baldwin shmfd = shm_lookup(path, fnv); 7688e38aeffSJohn Baldwin if (shmfd == NULL) { 7698e38aeffSJohn Baldwin /* Object does not yet exist, create it if requested. */ 7708e38aeffSJohn Baldwin if (uap->flags & O_CREAT) { 7719b6dd12eSRobert Watson #ifdef MAC 7729b6dd12eSRobert Watson error = mac_posixshm_check_create(td->td_ucred, 7739b6dd12eSRobert Watson path); 7749b6dd12eSRobert Watson if (error == 0) { 7759b6dd12eSRobert Watson #endif 7768e38aeffSJohn Baldwin shmfd = shm_alloc(td->td_ucred, cmode); 7778e38aeffSJohn Baldwin shm_insert(path, fnv, shmfd); 7789b6dd12eSRobert Watson #ifdef MAC 7799b6dd12eSRobert Watson } 7809b6dd12eSRobert Watson #endif 7818e38aeffSJohn Baldwin } else { 7828e38aeffSJohn Baldwin free(path, M_SHMFD); 7838e38aeffSJohn Baldwin error = ENOENT; 7848e38aeffSJohn Baldwin } 7858e38aeffSJohn Baldwin } else { 7868e38aeffSJohn Baldwin /* 7878e38aeffSJohn Baldwin * Object already exists, obtain a new 7888e38aeffSJohn Baldwin * reference if requested and permitted. 7898e38aeffSJohn Baldwin */ 7908e38aeffSJohn Baldwin free(path, M_SHMFD); 7918e38aeffSJohn Baldwin if ((uap->flags & (O_CREAT | O_EXCL)) == 7928e38aeffSJohn Baldwin (O_CREAT | O_EXCL)) 7938e38aeffSJohn Baldwin error = EEXIST; 7948e38aeffSJohn Baldwin else { 7958e38aeffSJohn Baldwin #ifdef MAC 7968e38aeffSJohn Baldwin error = mac_posixshm_check_open(td->td_ucred, 7979b6dd12eSRobert Watson shmfd, FFLAGS(uap->flags & O_ACCMODE)); 7988e38aeffSJohn Baldwin if (error == 0) 7998e38aeffSJohn Baldwin #endif 8008e38aeffSJohn Baldwin error = shm_access(shmfd, td->td_ucred, 8018e38aeffSJohn Baldwin FFLAGS(uap->flags & O_ACCMODE)); 8028e38aeffSJohn Baldwin } 8038e38aeffSJohn Baldwin 8048e38aeffSJohn Baldwin /* 8058e38aeffSJohn Baldwin * Truncate the file back to zero length if 8068e38aeffSJohn Baldwin * O_TRUNC was specified and the object was 8078e38aeffSJohn Baldwin * opened with read/write. 8088e38aeffSJohn Baldwin */ 8098e38aeffSJohn Baldwin if (error == 0 && 8108e38aeffSJohn Baldwin (uap->flags & (O_ACCMODE | O_TRUNC)) == 8118e38aeffSJohn Baldwin (O_RDWR | O_TRUNC)) { 8128e38aeffSJohn Baldwin #ifdef MAC 8138e38aeffSJohn Baldwin error = mac_posixshm_check_truncate( 8148e38aeffSJohn Baldwin td->td_ucred, fp->f_cred, shmfd); 8158e38aeffSJohn Baldwin if (error == 0) 8168e38aeffSJohn Baldwin #endif 8178e38aeffSJohn Baldwin shm_dotruncate(shmfd, 0); 8188e38aeffSJohn Baldwin } 8198e38aeffSJohn Baldwin if (error == 0) 8208e38aeffSJohn Baldwin shm_hold(shmfd); 8218e38aeffSJohn Baldwin } 8228e38aeffSJohn Baldwin sx_xunlock(&shm_dict_lock); 8238e38aeffSJohn Baldwin 8248e38aeffSJohn Baldwin if (error) { 8258e38aeffSJohn Baldwin fdclose(fdp, fp, fd, td); 8268e38aeffSJohn Baldwin fdrop(fp, td); 8278e38aeffSJohn Baldwin return (error); 8288e38aeffSJohn Baldwin } 8298e38aeffSJohn Baldwin } 8308e38aeffSJohn Baldwin 8318e38aeffSJohn Baldwin finit(fp, FFLAGS(uap->flags & O_ACCMODE), DTYPE_SHM, shmfd, &shm_ops); 8328e38aeffSJohn Baldwin 8338e38aeffSJohn Baldwin td->td_retval[0] = fd; 8348e38aeffSJohn Baldwin fdrop(fp, td); 8358e38aeffSJohn Baldwin 8368e38aeffSJohn Baldwin return (0); 8378e38aeffSJohn Baldwin } 8388e38aeffSJohn Baldwin 8398e38aeffSJohn Baldwin int 8408451d0ddSKip Macy sys_shm_unlink(struct thread *td, struct shm_unlink_args *uap) 8418e38aeffSJohn Baldwin { 8428e38aeffSJohn Baldwin char *path; 8438e38aeffSJohn Baldwin Fnv32_t fnv; 8448e38aeffSJohn Baldwin int error; 8458e38aeffSJohn Baldwin 8468e38aeffSJohn Baldwin path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); 8478e38aeffSJohn Baldwin error = copyinstr(uap->path, path, MAXPATHLEN, NULL); 8488e38aeffSJohn Baldwin if (error) { 8498e38aeffSJohn Baldwin free(path, M_TEMP); 8508e38aeffSJohn Baldwin return (error); 8518e38aeffSJohn Baldwin } 852551a7895SRui Paulo #ifdef KTRACE 853551a7895SRui Paulo if (KTRPOINT(curthread, KTR_NAMEI)) 854551a7895SRui Paulo ktrnamei(path); 855551a7895SRui Paulo #endif 8568e38aeffSJohn Baldwin fnv = fnv_32_str(path, FNV1_32_INIT); 8578e38aeffSJohn Baldwin sx_xlock(&shm_dict_lock); 8588e38aeffSJohn Baldwin error = shm_remove(path, fnv, td->td_ucred); 8598e38aeffSJohn Baldwin sx_xunlock(&shm_dict_lock); 8608e38aeffSJohn Baldwin free(path, M_TEMP); 8618e38aeffSJohn Baldwin 8628e38aeffSJohn Baldwin return (error); 8638e38aeffSJohn Baldwin } 8648e38aeffSJohn Baldwin 8658e38aeffSJohn Baldwin /* 8668e38aeffSJohn Baldwin * mmap() helper to validate mmap() requests against shm object state 8678e38aeffSJohn Baldwin * and give mmap() the vm_object to use for the mapping. 8688e38aeffSJohn Baldwin */ 8698e38aeffSJohn Baldwin int 8708e38aeffSJohn Baldwin shm_mmap(struct shmfd *shmfd, vm_size_t objsize, vm_ooffset_t foff, 8718e38aeffSJohn Baldwin vm_object_t *obj) 8728e38aeffSJohn Baldwin { 8738e38aeffSJohn Baldwin 8748e38aeffSJohn Baldwin /* 8758e38aeffSJohn Baldwin * XXXRW: This validation is probably insufficient, and subject to 8768e38aeffSJohn Baldwin * sign errors. It should be fixed. 8778e38aeffSJohn Baldwin */ 8786ee7dd87SAlexander Kabaev if (foff >= shmfd->shm_size || 8796ee7dd87SAlexander Kabaev foff + objsize > round_page(shmfd->shm_size)) 8808e38aeffSJohn Baldwin return (EINVAL); 8818e38aeffSJohn Baldwin 8828e38aeffSJohn Baldwin mtx_lock(&shm_timestamp_lock); 8838e38aeffSJohn Baldwin vfs_timestamp(&shmfd->shm_atime); 8848e38aeffSJohn Baldwin mtx_unlock(&shm_timestamp_lock); 8858e38aeffSJohn Baldwin vm_object_reference(shmfd->shm_object); 8868e38aeffSJohn Baldwin *obj = shmfd->shm_object; 8878e38aeffSJohn Baldwin return (0); 8888e38aeffSJohn Baldwin } 8899c00bb91SKonstantin Belousov 8909c00bb91SKonstantin Belousov static int 8919c00bb91SKonstantin Belousov shm_chmod(struct file *fp, mode_t mode, struct ucred *active_cred, 8929c00bb91SKonstantin Belousov struct thread *td) 8939c00bb91SKonstantin Belousov { 8949c00bb91SKonstantin Belousov struct shmfd *shmfd; 8959c00bb91SKonstantin Belousov int error; 8969c00bb91SKonstantin Belousov 8979c00bb91SKonstantin Belousov error = 0; 8989c00bb91SKonstantin Belousov shmfd = fp->f_data; 8999c00bb91SKonstantin Belousov mtx_lock(&shm_timestamp_lock); 9009c00bb91SKonstantin Belousov /* 9019c00bb91SKonstantin Belousov * SUSv4 says that x bits of permission need not be affected. 9029c00bb91SKonstantin Belousov * Be consistent with our shm_open there. 9039c00bb91SKonstantin Belousov */ 9049c00bb91SKonstantin Belousov #ifdef MAC 9059c00bb91SKonstantin Belousov error = mac_posixshm_check_setmode(active_cred, shmfd, mode); 9069c00bb91SKonstantin Belousov if (error != 0) 9079c00bb91SKonstantin Belousov goto out; 9089c00bb91SKonstantin Belousov #endif 9099c00bb91SKonstantin Belousov error = vaccess(VREG, shmfd->shm_mode, shmfd->shm_uid, 9109c00bb91SKonstantin Belousov shmfd->shm_gid, VADMIN, active_cred, NULL); 9119c00bb91SKonstantin Belousov if (error != 0) 9129c00bb91SKonstantin Belousov goto out; 9139c00bb91SKonstantin Belousov shmfd->shm_mode = mode & ACCESSPERMS; 9149c00bb91SKonstantin Belousov out: 9159c00bb91SKonstantin Belousov mtx_unlock(&shm_timestamp_lock); 9169c00bb91SKonstantin Belousov return (error); 9179c00bb91SKonstantin Belousov } 9189c00bb91SKonstantin Belousov 9199c00bb91SKonstantin Belousov static int 9209c00bb91SKonstantin Belousov shm_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred, 9219c00bb91SKonstantin Belousov struct thread *td) 9229c00bb91SKonstantin Belousov { 9239c00bb91SKonstantin Belousov struct shmfd *shmfd; 9249c00bb91SKonstantin Belousov int error; 9259c00bb91SKonstantin Belousov 92668889ed6SKonstantin Belousov error = 0; 9279c00bb91SKonstantin Belousov shmfd = fp->f_data; 9289c00bb91SKonstantin Belousov mtx_lock(&shm_timestamp_lock); 9299c00bb91SKonstantin Belousov #ifdef MAC 9309c00bb91SKonstantin Belousov error = mac_posixshm_check_setowner(active_cred, shmfd, uid, gid); 9319c00bb91SKonstantin Belousov if (error != 0) 9329c00bb91SKonstantin Belousov goto out; 9339c00bb91SKonstantin Belousov #endif 9349c00bb91SKonstantin Belousov if (uid == (uid_t)-1) 9359c00bb91SKonstantin Belousov uid = shmfd->shm_uid; 9369c00bb91SKonstantin Belousov if (gid == (gid_t)-1) 9379c00bb91SKonstantin Belousov gid = shmfd->shm_gid; 9389c00bb91SKonstantin Belousov if (((uid != shmfd->shm_uid && uid != active_cred->cr_uid) || 9399c00bb91SKonstantin Belousov (gid != shmfd->shm_gid && !groupmember(gid, active_cred))) && 9409c00bb91SKonstantin Belousov (error = priv_check_cred(active_cred, PRIV_VFS_CHOWN, 0))) 9419c00bb91SKonstantin Belousov goto out; 9429c00bb91SKonstantin Belousov shmfd->shm_uid = uid; 9439c00bb91SKonstantin Belousov shmfd->shm_gid = gid; 9449c00bb91SKonstantin Belousov out: 9459c00bb91SKonstantin Belousov mtx_unlock(&shm_timestamp_lock); 9469c00bb91SKonstantin Belousov return (error); 9479c00bb91SKonstantin Belousov } 948fb680e16SJohn Baldwin 949fb680e16SJohn Baldwin /* 950fb680e16SJohn Baldwin * Helper routines to allow the backing object of a shared memory file 951fb680e16SJohn Baldwin * descriptor to be mapped in the kernel. 952fb680e16SJohn Baldwin */ 953fb680e16SJohn Baldwin int 954fb680e16SJohn Baldwin shm_map(struct file *fp, size_t size, off_t offset, void **memp) 955fb680e16SJohn Baldwin { 956fb680e16SJohn Baldwin struct shmfd *shmfd; 957fb680e16SJohn Baldwin vm_offset_t kva, ofs; 958fb680e16SJohn Baldwin vm_object_t obj; 959fb680e16SJohn Baldwin int rv; 960fb680e16SJohn Baldwin 961fb680e16SJohn Baldwin if (fp->f_type != DTYPE_SHM) 962fb680e16SJohn Baldwin return (EINVAL); 963fb680e16SJohn Baldwin shmfd = fp->f_data; 964fb680e16SJohn Baldwin obj = shmfd->shm_object; 96589f6b863SAttilio Rao VM_OBJECT_WLOCK(obj); 966fb680e16SJohn Baldwin /* 967fb680e16SJohn Baldwin * XXXRW: This validation is probably insufficient, and subject to 968fb680e16SJohn Baldwin * sign errors. It should be fixed. 969fb680e16SJohn Baldwin */ 970fb680e16SJohn Baldwin if (offset >= shmfd->shm_size || 971fb680e16SJohn Baldwin offset + size > round_page(shmfd->shm_size)) { 97289f6b863SAttilio Rao VM_OBJECT_WUNLOCK(obj); 973fb680e16SJohn Baldwin return (EINVAL); 974fb680e16SJohn Baldwin } 975fb680e16SJohn Baldwin 976fb680e16SJohn Baldwin shmfd->shm_kmappings++; 977fb680e16SJohn Baldwin vm_object_reference_locked(obj); 97889f6b863SAttilio Rao VM_OBJECT_WUNLOCK(obj); 979fb680e16SJohn Baldwin 980fb680e16SJohn Baldwin /* Map the object into the kernel_map and wire it. */ 981fb680e16SJohn Baldwin kva = vm_map_min(kernel_map); 982fb680e16SJohn Baldwin ofs = offset & PAGE_MASK; 983fb680e16SJohn Baldwin offset = trunc_page(offset); 984fb680e16SJohn Baldwin size = round_page(size + ofs); 985edb572a3SJohn Baldwin rv = vm_map_find(kernel_map, obj, offset, &kva, size, 0, 9865e3a17c0SJohn Baldwin VMFS_OPTIMAL_SPACE, VM_PROT_READ | VM_PROT_WRITE, 987fb680e16SJohn Baldwin VM_PROT_READ | VM_PROT_WRITE, 0); 988fb680e16SJohn Baldwin if (rv == KERN_SUCCESS) { 989fb680e16SJohn Baldwin rv = vm_map_wire(kernel_map, kva, kva + size, 990fb680e16SJohn Baldwin VM_MAP_WIRE_SYSTEM | VM_MAP_WIRE_NOHOLES); 991fb680e16SJohn Baldwin if (rv == KERN_SUCCESS) { 992fb680e16SJohn Baldwin *memp = (void *)(kva + ofs); 993fb680e16SJohn Baldwin return (0); 994fb680e16SJohn Baldwin } 995fb680e16SJohn Baldwin vm_map_remove(kernel_map, kva, kva + size); 996fb680e16SJohn Baldwin } else 997fb680e16SJohn Baldwin vm_object_deallocate(obj); 998fb680e16SJohn Baldwin 999fb680e16SJohn Baldwin /* On failure, drop our mapping reference. */ 100089f6b863SAttilio Rao VM_OBJECT_WLOCK(obj); 1001fb680e16SJohn Baldwin shmfd->shm_kmappings--; 100289f6b863SAttilio Rao VM_OBJECT_WUNLOCK(obj); 1003fb680e16SJohn Baldwin 1004338e7cf2SJohn Baldwin return (vm_mmap_to_errno(rv)); 1005fb680e16SJohn Baldwin } 1006fb680e16SJohn Baldwin 1007fb680e16SJohn Baldwin /* 1008fb680e16SJohn Baldwin * We require the caller to unmap the entire entry. This allows us to 1009fb680e16SJohn Baldwin * safely decrement shm_kmappings when a mapping is removed. 1010fb680e16SJohn Baldwin */ 1011fb680e16SJohn Baldwin int 1012fb680e16SJohn Baldwin shm_unmap(struct file *fp, void *mem, size_t size) 1013fb680e16SJohn Baldwin { 1014fb680e16SJohn Baldwin struct shmfd *shmfd; 1015fb680e16SJohn Baldwin vm_map_entry_t entry; 1016fb680e16SJohn Baldwin vm_offset_t kva, ofs; 1017fb680e16SJohn Baldwin vm_object_t obj; 1018fb680e16SJohn Baldwin vm_pindex_t pindex; 1019fb680e16SJohn Baldwin vm_prot_t prot; 1020fb680e16SJohn Baldwin boolean_t wired; 1021fb680e16SJohn Baldwin vm_map_t map; 1022fb680e16SJohn Baldwin int rv; 1023fb680e16SJohn Baldwin 1024fb680e16SJohn Baldwin if (fp->f_type != DTYPE_SHM) 1025fb680e16SJohn Baldwin return (EINVAL); 1026fb680e16SJohn Baldwin shmfd = fp->f_data; 1027fb680e16SJohn Baldwin kva = (vm_offset_t)mem; 1028fb680e16SJohn Baldwin ofs = kva & PAGE_MASK; 1029fb680e16SJohn Baldwin kva = trunc_page(kva); 1030fb680e16SJohn Baldwin size = round_page(size + ofs); 1031fb680e16SJohn Baldwin map = kernel_map; 1032fb680e16SJohn Baldwin rv = vm_map_lookup(&map, kva, VM_PROT_READ | VM_PROT_WRITE, &entry, 1033fb680e16SJohn Baldwin &obj, &pindex, &prot, &wired); 1034fb680e16SJohn Baldwin if (rv != KERN_SUCCESS) 1035fb680e16SJohn Baldwin return (EINVAL); 1036fb680e16SJohn Baldwin if (entry->start != kva || entry->end != kva + size) { 1037fb680e16SJohn Baldwin vm_map_lookup_done(map, entry); 1038fb680e16SJohn Baldwin return (EINVAL); 1039fb680e16SJohn Baldwin } 1040fb680e16SJohn Baldwin vm_map_lookup_done(map, entry); 1041fb680e16SJohn Baldwin if (obj != shmfd->shm_object) 1042fb680e16SJohn Baldwin return (EINVAL); 1043fb680e16SJohn Baldwin vm_map_remove(map, kva, kva + size); 104489f6b863SAttilio Rao VM_OBJECT_WLOCK(obj); 1045fb680e16SJohn Baldwin KASSERT(shmfd->shm_kmappings > 0, ("shm_unmap: object not mapped")); 1046fb680e16SJohn Baldwin shmfd->shm_kmappings--; 104789f6b863SAttilio Rao VM_OBJECT_WUNLOCK(obj); 1048fb680e16SJohn Baldwin return (0); 1049fb680e16SJohn Baldwin } 1050e506e182SJohn Baldwin 1051e506e182SJohn Baldwin void 1052e506e182SJohn Baldwin shm_path(struct shmfd *shmfd, char *path, size_t size) 1053e506e182SJohn Baldwin { 1054e506e182SJohn Baldwin 1055e506e182SJohn Baldwin if (shmfd->shm_path == NULL) 1056e506e182SJohn Baldwin return; 1057e506e182SJohn Baldwin sx_slock(&shm_dict_lock); 1058e506e182SJohn Baldwin if (shmfd->shm_path != NULL) 1059e506e182SJohn Baldwin strlcpy(path, shmfd->shm_path, size); 1060e506e182SJohn Baldwin sx_sunlock(&shm_dict_lock); 1061e506e182SJohn Baldwin } 1062