3 * Copyright (C) 1992 Krishna Balasubramanian
5 * Sep 1997 - Call suser() last after "normal" permission checks so we
6 * get BSD style process accounting right.
7 * Occurs in several places in the IPC code.
8 * Chris Evans, <chris@ferret.lmh.ox.ac.uk>
9 * Nov 1999 - ipc helper functions, unified SMP locking
10 * Manfred Spraul <manfreds@colorfullife.com>
11 * Oct 2002 - One lock per IPC id. RCU ipc_free for lock-free grow_ary().
12 * Mingming Cao <cmm@us.ibm.com>
15 #include <linux/config.h>
17 #include <linux/shm.h>
18 #include <linux/init.h>
19 #include <linux/msg.h>
20 #include <linux/smp_lock.h>
21 #include <linux/vmalloc.h>
22 #include <linux/slab.h>
23 #include <linux/highuid.h>
24 #include <linux/security.h>
25 #include <linux/rcupdate.h>
26 #include <linux/workqueue.h>
27 #include <linux/vs_base.h>
29 #include <asm/unistd.h>
31 #include <asm/unistd.h>
36 * ipc_init - initialise IPC subsystem
38 * The various system5 IPC resources (semaphores, messages and shared
39 * memory are initialised
42 static int __init ipc_init(void)
52 * ipc_init_ids - initialise IPC identifiers
53 * @ids: Identifier set
54 * @size: Number of identifiers
56 * Given a size for the ipc identifier range (limited below IPCMNI)
57 * set up the sequence range to use then allocate and initialise the
61 void __init ipc_init_ids(struct ipc_ids* ids, int size)
64 sema_init(&ids->sem,1);
72 int seq_limit = INT_MAX/SEQ_MULTIPLIER;
73 if(seq_limit > USHRT_MAX)
74 ids->seq_max = USHRT_MAX;
76 ids->seq_max = seq_limit;
79 ids->entries = ipc_rcu_alloc(sizeof(struct kern_ipc_perm *)*size +
80 sizeof(struct ipc_id_ary));
82 if(ids->entries == NULL) {
83 printk(KERN_ERR "ipc_init_ids() failed, ipc service disabled.\n");
85 ids->entries = &ids->nullentry;
87 ids->entries->size = size;
89 ids->entries->p[i] = NULL;
93 * ipc_findkey - find a key in an ipc identifier set
94 * @ids: Identifier set
95 * @key: The key to find
97 * Requires ipc_ids.sem locked.
98 * Returns the identifier if found or -1 if not.
101 int ipc_findkey(struct ipc_ids* ids, key_t key)
104 struct kern_ipc_perm* p;
105 int max_id = ids->max_id;
108 * rcu_dereference() is not needed here
109 * since ipc_ids.sem is held
111 for (id = 0; id <= max_id; id++) {
112 p = ids->entries->p[id];
115 if (!vx_check(p->xid, VX_IDENT))
124 * Requires ipc_ids.sem locked
126 static int grow_ary(struct ipc_ids* ids, int newsize)
128 struct ipc_id_ary* new;
129 struct ipc_id_ary* old;
131 int size = ids->entries->size;
138 new = ipc_rcu_alloc(sizeof(struct kern_ipc_perm *)*newsize +
139 sizeof(struct ipc_id_ary));
143 memcpy(new->p, ids->entries->p, sizeof(struct kern_ipc_perm *)*size +
144 sizeof(struct ipc_id_ary));
145 for(i=size;i<newsize;i++) {
151 * Use rcu_assign_pointer() to make sure the memcpyed contents
152 * of the new array are visible before the new array becomes visible.
154 rcu_assign_pointer(ids->entries, new);
161 * ipc_addid - add an IPC identifier
162 * @ids: IPC identifier set
163 * @new: new IPC permission set
164 * @size: new size limit for the id array
166 * Add an entry 'new' to the IPC arrays. The permissions object is
167 * initialised and the first free entry is set up and the id assigned
168 * is returned. The list is returned in a locked state on success.
169 * On failure the list is not locked and -1 is returned.
171 * Called with ipc_ids.sem held.
174 int ipc_addid(struct ipc_ids* ids, struct kern_ipc_perm* new, int size)
178 size = grow_ary(ids,size);
181 * rcu_dereference()() is not needed here since
182 * ipc_ids.sem is held
184 for (id = 0; id < size; id++) {
185 if(ids->entries->p[id] == NULL)
191 if (id > ids->max_id)
194 new->cuid = new->uid = current->euid;
195 new->gid = new->cgid = current->egid;
197 new->seq = ids->seq++;
198 if(ids->seq > ids->seq_max)
201 spin_lock_init(&new->lock);
204 spin_lock(&new->lock);
205 ids->entries->p[id] = new;
210 * ipc_rmid - remove an IPC identifier
211 * @ids: identifier set
212 * @id: Identifier to remove
214 * The identifier must be valid, and in use. The kernel will panic if
215 * fed an invalid identifier. The entry is removed and internal
216 * variables recomputed. The object associated with the identifier
218 * ipc_ids.sem and the spinlock for this ID is hold before this function
219 * is called, and remain locked on the exit.
222 struct kern_ipc_perm* ipc_rmid(struct ipc_ids* ids, int id)
224 struct kern_ipc_perm* p;
225 int lid = id % SEQ_MULTIPLIER;
226 if(lid >= ids->entries->size)
230 * do not need a rcu_dereference()() here to force ordering
231 * on Alpha, since the ipc_ids.sem is held.
233 p = ids->entries->p[lid];
234 ids->entries->p[lid] = NULL;
239 if (lid == ids->max_id) {
244 } while (ids->entries->p[lid] == NULL);
252 * ipc_alloc - allocate ipc space
253 * @size: size desired
255 * Allocate memory from the appropriate pools and return a pointer to it.
256 * NULL is returned if the allocation fails
259 void* ipc_alloc(int size)
265 out = kmalloc(size, GFP_KERNEL);
270 * ipc_free - free ipc space
271 * @ptr: pointer returned by ipc_alloc
272 * @size: size of block
274 * Free a block created with ipc_alloc. The caller must know the size
275 * used in the allocation call.
278 void ipc_free(void* ptr, int size)
288 * There are three headers that are prepended to the actual allocation:
289 * - during use: ipc_rcu_hdr.
290 * - during the rcu grace period: ipc_rcu_grace.
291 * - [only if vmalloc]: ipc_rcu_sched.
292 * Their lifetime doesn't overlap, thus the headers share the same memory.
293 * Unlike a normal union, they are right-aligned, thus some container_of
294 * forward/backward casting is necessary:
307 /* "void *" makes sure alignment of following data is sane. */
313 struct work_struct work;
314 /* "void *" makes sure alignment of following data is sane. */
318 #define HDRLEN_KMALLOC (sizeof(struct ipc_rcu_grace) > sizeof(struct ipc_rcu_hdr) ? \
319 sizeof(struct ipc_rcu_grace) : sizeof(struct ipc_rcu_hdr))
320 #define HDRLEN_VMALLOC (sizeof(struct ipc_rcu_sched) > HDRLEN_KMALLOC ? \
321 sizeof(struct ipc_rcu_sched) : HDRLEN_KMALLOC)
323 static inline int rcu_use_vmalloc(int size)
325 /* Too big for a single page? */
326 if (HDRLEN_KMALLOC + size > PAGE_SIZE)
332 * ipc_rcu_alloc - allocate ipc and rcu space
333 * @size: size desired
335 * Allocate memory for the rcu header structure + the object.
336 * Returns the pointer to the object.
337 * NULL is returned if the allocation fails.
340 void* ipc_rcu_alloc(int size)
344 * We prepend the allocation with the rcu struct, and
345 * workqueue if necessary (for vmalloc).
347 if (rcu_use_vmalloc(size)) {
348 out = vmalloc(HDRLEN_VMALLOC + size);
350 out += HDRLEN_VMALLOC;
351 container_of(out, struct ipc_rcu_hdr, data)->is_vmalloc = 1;
352 container_of(out, struct ipc_rcu_hdr, data)->refcount = 1;
355 out = kmalloc(HDRLEN_KMALLOC + size, GFP_KERNEL);
357 out += HDRLEN_KMALLOC;
358 container_of(out, struct ipc_rcu_hdr, data)->is_vmalloc = 0;
359 container_of(out, struct ipc_rcu_hdr, data)->refcount = 1;
366 void ipc_rcu_getref(void *ptr)
368 container_of(ptr, struct ipc_rcu_hdr, data)->refcount++;
372 * ipc_schedule_free - free ipc + rcu space
374 * Since RCU callback function is called in bh,
375 * we need to defer the vfree to schedule_work
377 static void ipc_schedule_free(struct rcu_head *head)
379 struct ipc_rcu_grace *grace =
380 container_of(head, struct ipc_rcu_grace, rcu);
381 struct ipc_rcu_sched *sched =
382 container_of(&(grace->data[0]), struct ipc_rcu_sched, data[0]);
384 INIT_WORK(&sched->work, vfree, sched);
385 schedule_work(&sched->work);
389 * ipc_immediate_free - free ipc + rcu space
391 * Free from the RCU callback context
394 static void ipc_immediate_free(struct rcu_head *head)
396 struct ipc_rcu_grace *free =
397 container_of(head, struct ipc_rcu_grace, rcu);
401 void ipc_rcu_putref(void *ptr)
403 if (--container_of(ptr, struct ipc_rcu_hdr, data)->refcount > 0)
406 if (container_of(ptr, struct ipc_rcu_hdr, data)->is_vmalloc) {
407 call_rcu(&container_of(ptr, struct ipc_rcu_grace, data)->rcu,
410 call_rcu(&container_of(ptr, struct ipc_rcu_grace, data)->rcu,
416 * ipcperms - check IPC permissions
417 * @ipcp: IPC permission set
418 * @flag: desired permission set.
420 * Check user, group, other permissions for access
421 * to ipc resources. return 0 if allowed
424 int ipcperms (struct kern_ipc_perm *ipcp, short flag)
425 { /* flag will most probably be 0 or S_...UGO from <linux/stat.h> */
426 int requested_mode, granted_mode;
428 if (!vx_check(ipcp->xid, VX_ADMIN|VX_IDENT)) /* maybe just VX_IDENT? */
430 requested_mode = (flag >> 6) | (flag >> 3) | flag;
431 granted_mode = ipcp->mode;
432 if (current->euid == ipcp->cuid || current->euid == ipcp->uid)
434 else if (in_group_p(ipcp->cgid) || in_group_p(ipcp->gid))
436 /* is there some bit set in requested_mode but not in granted_mode? */
437 if ((requested_mode & ~granted_mode & 0007) &&
438 !capable(CAP_IPC_OWNER))
441 return security_ipc_permission(ipcp, flag);
445 * Functions to convert between the kern_ipc_perm structure and the
446 * old/new ipc_perm structures
450 * kernel_to_ipc64_perm - convert kernel ipc permissions to user
451 * @in: kernel permissions
452 * @out: new style IPC permissions
454 * Turn the kernel object 'in' into a set of permissions descriptions
455 * for returning to userspace (out).
459 void kernel_to_ipc64_perm (struct kern_ipc_perm *in, struct ipc64_perm *out)
464 out->cuid = in->cuid;
465 out->cgid = in->cgid;
466 out->mode = in->mode;
471 * ipc64_perm_to_ipc_perm - convert old ipc permissions to new
472 * @in: new style IPC permissions
473 * @out: old style IPC permissions
475 * Turn the new style permissions object in into a compatibility
476 * object and store it into the 'out' pointer.
479 void ipc64_perm_to_ipc_perm (struct ipc64_perm *in, struct ipc_perm *out)
482 SET_UID(out->uid, in->uid);
483 SET_GID(out->gid, in->gid);
484 SET_UID(out->cuid, in->cuid);
485 SET_GID(out->cgid, in->cgid);
486 out->mode = in->mode;
491 * So far only shm_get_stat() calls ipc_get() via shm_get(), so ipc_get()
492 * is called with shm_ids.sem locked. Since grow_ary() is also called with
493 * shm_ids.sem down(for Shared Memory), there is no need to add read
494 * barriers here to gurantee the writes in grow_ary() are seen in order
497 * However ipc_get() itself does not necessary require ipc_ids.sem down. So
498 * if in the future ipc_get() is used by other places without ipc_ids.sem
499 * down, then ipc_get() needs read memery barriers as ipc_lock() does.
501 struct kern_ipc_perm* ipc_get(struct ipc_ids* ids, int id)
503 struct kern_ipc_perm* out;
504 int lid = id % SEQ_MULTIPLIER;
505 if(lid >= ids->entries->size)
507 out = ids->entries->p[lid];
511 struct kern_ipc_perm* ipc_lock(struct ipc_ids* ids, int id)
513 struct kern_ipc_perm* out;
514 int lid = id % SEQ_MULTIPLIER;
515 struct ipc_id_ary* entries;
518 entries = rcu_dereference(ids->entries);
519 if(lid >= entries->size) {
523 out = entries->p[lid];
528 spin_lock(&out->lock);
530 /* ipc_rmid() may have already freed the ID while ipc_lock
531 * was spinning: here verify that the structure is still valid
534 spin_unlock(&out->lock);
541 void ipc_lock_by_ptr(struct kern_ipc_perm *perm)
544 spin_lock(&perm->lock);
547 void ipc_unlock(struct kern_ipc_perm* perm)
549 spin_unlock(&perm->lock);
553 int ipc_buildid(struct ipc_ids* ids, int id, int seq)
555 return SEQ_MULTIPLIER*seq + id;
558 int ipc_checkid(struct ipc_ids* ids, struct kern_ipc_perm* ipcp, int uid)
560 if(uid/SEQ_MULTIPLIER != ipcp->seq)
565 #ifdef __ARCH_WANT_IPC_PARSE_VERSION
569 * ipc_parse_version - IPC call version
570 * @cmd: pointer to command
572 * Return IPC_64 for new style IPC and IPC_OLD for old style IPC.
573 * The cmd value is turned from an encoding command and version into
574 * just the command code.
577 int ipc_parse_version (int *cmd)
587 #endif /* __ARCH_WANT_IPC_PARSE_VERSION */