1 /* 2 * linux/ipc/msgutil.c 3 * Copyright (C) 1999, 2004 Manfred Spraul 4 * 5 * This file is released under GNU General Public Licence version 2 or 6 * (at your option) any later version. 7 * 8 * See the file COPYING for more details. 9 */ 10 11 #include <linux/spinlock.h> 12 #include <linux/init.h> 13 #include <linux/security.h> 14 #include <linux/slab.h> 15 #include <linux/ipc.h> 16 #include <linux/msg.h> 17 #include <linux/ipc_namespace.h> 18 #include <linux/utsname.h> 19 #include <linux/proc_fs.h> 20 #include <asm/uaccess.h> 21 22 #include "util.h" 23 24 DEFINE_SPINLOCK(mq_lock); 25 26 /* 27 * The next 2 defines are here bc this is the only file 28 * compiled when either CONFIG_SYSVIPC and CONFIG_POSIX_MQUEUE 29 * and not CONFIG_IPC_NS. 30 */ 31 struct ipc_namespace init_ipc_ns = { 32 .count = ATOMIC_INIT(1), 33 .user_ns = &init_user_ns, 34 .proc_inum = PROC_IPC_INIT_INO, 35 }; 36 37 atomic_t nr_ipc_ns = ATOMIC_INIT(1); 38 39 struct msg_msgseg { 40 struct msg_msgseg* next; 41 /* the next part of the message follows immediately */ 42 }; 43 44 #define DATALEN_MSG (PAGE_SIZE-sizeof(struct msg_msg)) 45 #define DATALEN_SEG (PAGE_SIZE-sizeof(struct msg_msgseg)) 46 47 struct msg_msg *load_msg(const void __user *src, int len) 48 { 49 struct msg_msg *msg; 50 struct msg_msgseg **pseg; 51 int err; 52 int alen; 53 54 alen = len; 55 if (alen > DATALEN_MSG) 56 alen = DATALEN_MSG; 57 58 msg = kmalloc(sizeof(*msg) + alen, GFP_KERNEL); 59 if (msg == NULL) 60 return ERR_PTR(-ENOMEM); 61 62 msg->next = NULL; 63 msg->security = NULL; 64 65 if (copy_from_user(msg + 1, src, alen)) { 66 err = -EFAULT; 67 goto out_err; 68 } 69 70 len -= alen; 71 src = ((char __user *)src) + alen; 72 pseg = &msg->next; 73 while (len > 0) { 74 struct msg_msgseg *seg; 75 alen = len; 76 if (alen > DATALEN_SEG) 77 alen = DATALEN_SEG; 78 seg = kmalloc(sizeof(*seg) + alen, 79 GFP_KERNEL); 80 if (seg == NULL) { 81 err = -ENOMEM; 82 goto out_err; 83 } 84 *pseg = seg; 85 seg->next = NULL; 86 if (copy_from_user(seg + 1, src, alen)) { 87 err = -EFAULT; 88 goto out_err; 89 } 90 pseg = &seg->next; 91 len -= alen; 92 src = ((char __user *)src) + alen; 93 } 94 95 err = security_msg_msg_alloc(msg); 96 if (err) 97 goto out_err; 98 99 return msg; 100 101 out_err: 102 free_msg(msg); 103 return ERR_PTR(err); 104 } 105 106 int store_msg(void __user *dest, struct msg_msg *msg, int len) 107 { 108 int alen; 109 struct msg_msgseg *seg; 110 111 alen = len; 112 if (alen > DATALEN_MSG) 113 alen = DATALEN_MSG; 114 if (copy_to_user(dest, msg + 1, alen)) 115 return -1; 116 117 len -= alen; 118 dest = ((char __user *)dest) + alen; 119 seg = msg->next; 120 while (len > 0) { 121 alen = len; 122 if (alen > DATALEN_SEG) 123 alen = DATALEN_SEG; 124 if (copy_to_user(dest, seg + 1, alen)) 125 return -1; 126 len -= alen; 127 dest = ((char __user *)dest) + alen; 128 seg = seg->next; 129 } 130 return 0; 131 } 132 133 void free_msg(struct msg_msg *msg) 134 { 135 struct msg_msgseg *seg; 136 137 security_msg_msg_free(msg); 138 139 seg = msg->next; 140 kfree(msg); 141 while (seg != NULL) { 142 struct msg_msgseg *tmp = seg->next; 143 kfree(seg); 144 seg = tmp; 145 } 146 } 147