search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Ignore machine-check MSRs
[freebsd-src/fkvm-freebsd.git] / sys / kern / uipc_shm.c
blob577a8fec8afdb5d8c448d5eb2617204509843236
1 /*-
2 * Copyright (c) 2006 Robert N. M. Watson
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 */
26
27 /*
28 * Support for shared swap-backed anonymous memory objects via
29 * shm_open(2) and shm_unlink(2). While most of the implementation is
30 * here, vm_mmap.c contains mapping logic changes.
31 *
32 * TODO:
33 *
34 * (2) Need to export data to a userland tool via a sysctl. Should ipcs(1)
35 * and ipcrm(1) be expanded or should new tools to manage both POSIX
36 * kernel semaphores and POSIX shared memory be written?
37 *
38 * (3) Add support for this file type to fstat(1).
39 *
40 * (4) Resource limits? Does this need its own resource limits or are the
41 * existing limits in mmap(2) sufficient?
42 *
43 * (5) Partial page truncation. vnode_pager_setsize() will zero any parts
44 * of a partially mapped page as a result of ftruncate(2)/truncate(2).
45 * We can do the same (with the same pmap evil), but do we need to
46 * worry about the bits on disk if the page is swapped out or will the
47 * swapper zero the parts of a page that are invalid if the page is
48 * swapped back in for us?
49 *
50 * (6) Add MAC support in mac_biba(4) and mac_mls(4).
51 *
52 * (7) Add a MAC check_create() hook for creating new named objects.
53 */
54
55 #include <sys/cdefs.h>
56 __FBSDID("$FreeBSD$");
57
58 #include "opt_mac.h"
59
60 #include <sys/param.h>
61 #include <sys/fcntl.h>
62 #include <sys/file.h>
63 #include <sys/filedesc.h>
64 #include <sys/fnv_hash.h>
65 #include <sys/kernel.h>
66 #include <sys/lock.h>
67 #include <sys/malloc.h>
68 #include <sys/mman.h>
69 #include <sys/mutex.h>
70 #include <sys/proc.h>
71 #include <sys/refcount.h>
72 #include <sys/resourcevar.h>
73 #include <sys/stat.h>
74 #include <sys/sysctl.h>
75 #include <sys/sysproto.h>
76 #include <sys/systm.h>
77 #include <sys/sx.h>
78 #include <sys/time.h>
79 #include <sys/vnode.h>
80
81 #include <security/mac/mac_framework.h>
82
83 #include <vm/vm.h>
84 #include <vm/vm_param.h>
85 #include <vm/pmap.h>
86 #include <vm/vm_map.h>
87 #include <vm/vm_object.h>
88 #include <vm/vm_page.h>
89 #include <vm/vm_pager.h>
90 #include <vm/swap_pager.h>
91
92 struct shm_mapping {
93 char *sm_path;
94 Fnv32_t sm_fnv;
95 struct shmfd *sm_shmfd;
96 LIST_ENTRY(shm_mapping) sm_link;
97 };
98
99 static MALLOC_DEFINE(M_SHMFD, "shmfd", "shared memory file descriptor");
100 static LIST_HEAD(, shm_mapping) *shm_dictionary;
101 static struct sx shm_dict_lock;
102 static struct mtx shm_timestamp_lock;
103 static u_long shm_hash;
104
105 #define SHM_HASH(fnv) (&shm_dictionary[(fnv) & shm_hash])
106
107 static int shm_access(struct shmfd *shmfd, struct ucred *ucred, int flags);
108 static struct shmfd *shm_alloc(struct ucred *ucred, mode_t mode);
109 static void shm_dict_init(void *arg);
110 static void shm_drop(struct shmfd *shmfd);
111 static struct shmfd *shm_hold(struct shmfd *shmfd);
112 static void shm_insert(char *path, Fnv32_t fnv, struct shmfd *shmfd);
113 static struct shmfd *shm_lookup(char *path, Fnv32_t fnv);
114 static int shm_remove(char *path, Fnv32_t fnv, struct ucred *ucred);
115 static void shm_dotruncate(struct shmfd *shmfd, off_t length);
116
117 static fo_rdwr_t shm_read;
118 static fo_rdwr_t shm_write;
119 static fo_truncate_t shm_truncate;
120 static fo_ioctl_t shm_ioctl;
121 static fo_poll_t shm_poll;
122 static fo_kqfilter_t shm_kqfilter;
123 static fo_stat_t shm_stat;
124 static fo_close_t shm_close;
125
126 /* File descriptor operations. */
127 static struct fileops shm_ops = {
128 .fo_read = shm_read,
129 .fo_write = shm_write,
130 .fo_truncate = shm_truncate,
131 .fo_ioctl = shm_ioctl,
132 .fo_poll = shm_poll,
133 .fo_kqfilter = shm_kqfilter,
134 .fo_stat = shm_stat,
135 .fo_close = shm_close,
136 .fo_flags = DFLAG_PASSABLE
137 };
138
139 FEATURE(posix_shm, "POSIX shared memory");
140
141 static int
142 shm_read(struct file *fp, struct uio *uio, struct ucred *active_cred,
143 int flags, struct thread *td)
144 {
145
146 return (EOPNOTSUPP);
147 }
148
149 static int
150 shm_write(struct file *fp, struct uio *uio, struct ucred *active_cred,
151 int flags, struct thread *td)
152 {
153
154 return (EOPNOTSUPP);
155 }
156
157 static int
158 shm_truncate(struct file *fp, off_t length, struct ucred *active_cred,
159 struct thread *td)
160 {
161 struct shmfd *shmfd;
162 #ifdef MAC
163 int error;
164 #endif
165
166 shmfd = fp->f_data;
167 #ifdef MAC
168 error = mac_posixshm_check_truncate(active_cred, fp->f_cred, shmfd);
169 if (error)
170 return (error);
171 #endif
172 shm_dotruncate(shmfd, length);
173 return (0);
174 }
175
176 static int
177 shm_ioctl(struct file *fp, u_long com, void *data,
178 struct ucred *active_cred, struct thread *td)
179 {
180
181 return (EOPNOTSUPP);
182 }
183
184 static int
185 shm_poll(struct file *fp, int events, struct ucred *active_cred,
186 struct thread *td)
187 {
188
189 return (EOPNOTSUPP);
190 }
191
192 static int
193 shm_kqfilter(struct file *fp, struct knote *kn)
194 {
195
196 return (EOPNOTSUPP);
197 }
198
199 static int
200 shm_stat(struct file *fp, struct stat *sb, struct ucred *active_cred,
201 struct thread *td)
202 {
203 struct shmfd *shmfd;
204 #ifdef MAC
205 int error;
206 #endif
207
208 shmfd = fp->f_data;
209
210 #ifdef MAC
211 error = mac_posixshm_check_stat(active_cred, fp->f_cred, shmfd);
212 if (error)
213 return (error);
214 #endif
215
216 /*
217 * Attempt to return sanish values for fstat() on a memory file
218 * descriptor.
219 */
220 bzero(sb, sizeof(*sb));
221 sb->st_mode = S_IFREG | shmfd->shm_mode; /* XXX */
222 sb->st_blksize = PAGE_SIZE;
223 sb->st_size = shmfd->shm_size;
224 sb->st_blocks = (sb->st_size + sb->st_blksize - 1) / sb->st_blksize;
225 sb->st_atimespec = shmfd->shm_atime;
226 sb->st_ctimespec = shmfd->shm_ctime;
227 sb->st_mtimespec = shmfd->shm_mtime;
228 sb->st_birthtimespec = shmfd->shm_birthtime;
229 sb->st_uid = shmfd->shm_uid;
230 sb->st_gid = shmfd->shm_gid;
231
232 return (0);
233 }
234
235 static int
236 shm_close(struct file *fp, struct thread *td)
237 {
238 struct shmfd *shmfd;
239
240 shmfd = fp->f_data;
241 fp->f_data = NULL;
242 shm_drop(shmfd);
243
244 return (0);
245 }
246
247 static void
248 shm_dotruncate(struct shmfd *shmfd, off_t length)
249 {
250 vm_object_t object;
251 vm_page_t m;
252 vm_pindex_t nobjsize;
253
254 object = shmfd->shm_object;
255 VM_OBJECT_LOCK(object);
256 if (length == shmfd->shm_size) {
257 VM_OBJECT_UNLOCK(object);
258 return;
259 }
260 nobjsize = OFF_TO_IDX(length + PAGE_MASK);
261
262 /* Are we shrinking? If so, trim the end. */
263 if (length < shmfd->shm_size) {
264 /* Toss in memory pages. */
265 if (nobjsize < object->size)
266 vm_object_page_remove(object, nobjsize, object->size,
267 FALSE);
268
269 /* Toss pages from swap. */
270 if (object->type == OBJT_SWAP)
271 swap_pager_freespace(object, nobjsize,
272 object->size - nobjsize);
273
274 /*
275 * If the last page is partially mapped, then zero out
276 * the garbage at the end of the page. See comments
277 * in vnode_page_setsize() for more details.
278 *
279 * XXXJHB: This handles in memory pages, but what about
280 * a page swapped out to disk?
281 */
282 if ((length & PAGE_MASK) &&
283 (m = vm_page_lookup(object, OFF_TO_IDX(length))) != NULL &&
284 m->valid != 0) {
285 int base = (int)length & PAGE_MASK;
286 int size = PAGE_SIZE - base;
287
288 pmap_zero_page_area(m, base, size);
289 vm_page_lock_queues();
290 vm_page_set_validclean(m, base, size);
291 if (m->dirty != 0)
292 m->dirty = VM_PAGE_BITS_ALL;
293 vm_page_unlock_queues();
294 } else if ((length & PAGE_MASK) &&
295 __predict_false(object->cache != NULL)) {
296 vm_page_cache_free(object, OFF_TO_IDX(length),
297 nobjsize);
298 }
299 }
300 shmfd->shm_size = length;
301 mtx_lock(&shm_timestamp_lock);
302 vfs_timestamp(&shmfd->shm_ctime);
303 shmfd->shm_mtime = shmfd->shm_ctime;
304 mtx_unlock(&shm_timestamp_lock);
305 object->size = nobjsize;
306 VM_OBJECT_UNLOCK(object);
307 }
308
309 /*
310 * shmfd object management including creation and reference counting
311 * routines.
312 */
313 static struct shmfd *
314 shm_alloc(struct ucred *ucred, mode_t mode)
315 {
316 struct shmfd *shmfd;
317
318 shmfd = malloc(sizeof(*shmfd), M_SHMFD, M_WAITOK | M_ZERO);
319 shmfd->shm_size = 0;
320 shmfd->shm_uid = ucred->cr_uid;
321 shmfd->shm_gid = ucred->cr_gid;
322 shmfd->shm_mode = mode;
323 shmfd->shm_object = vm_pager_allocate(OBJT_DEFAULT, NULL,
324 shmfd->shm_size, VM_PROT_DEFAULT, 0);
325 KASSERT(shmfd->shm_object != NULL, ("shm_create: vm_pager_allocate"));
326 VM_OBJECT_LOCK(shmfd->shm_object);
327 vm_object_clear_flag(shmfd->shm_object, OBJ_ONEMAPPING);
328 vm_object_set_flag(shmfd->shm_object, OBJ_NOSPLIT);
329 VM_OBJECT_UNLOCK(shmfd->shm_object);
330 vfs_timestamp(&shmfd->shm_birthtime);
331 shmfd->shm_atime = shmfd->shm_mtime = shmfd->shm_ctime =
332 shmfd->shm_birthtime;
333 refcount_init(&shmfd->shm_refs, 1);
334 #ifdef MAC
335 mac_posixshm_init(shmfd);
336 mac_posixshm_create(ucred, shmfd);
337 #endif
338
339 return (shmfd);
340 }
341
342 static struct shmfd *
343 shm_hold(struct shmfd *shmfd)
344 {
345
346 refcount_acquire(&shmfd->shm_refs);
347 return (shmfd);
348 }
349
350 static void
351 shm_drop(struct shmfd *shmfd)
352 {
353
354 if (refcount_release(&shmfd->shm_refs)) {
355 #ifdef MAC
356 mac_posixshm_destroy(shmfd);
357 #endif
358 vm_object_deallocate(shmfd->shm_object);
359 free(shmfd, M_SHMFD);
360 }
361 }
362
363 /*
364 * Determine if the credentials have sufficient permissions for a
365 * specified combination of FREAD and FWRITE.
366 */
367 static int
368 shm_access(struct shmfd *shmfd, struct ucred *ucred, int flags)
369 {
370 int acc_mode;
371
372 acc_mode = 0;
373 if (flags & FREAD)
374 acc_mode |= VREAD;
375 if (flags & FWRITE)
376 acc_mode |= VWRITE;
377 return (vaccess(VREG, shmfd->shm_mode, shmfd->shm_uid, shmfd->shm_gid,
378 acc_mode, ucred, NULL));
379 }
380
381 /*
382 * Dictionary management. We maintain an in-kernel dictionary to map
383 * paths to shmfd objects. We use the FNV hash on the path to store
384 * the mappings in a hash table.
385 */
386 static void
387 shm_dict_init(void *arg)
388 {
389
390 mtx_init(&shm_timestamp_lock, "shm timestamps", NULL, MTX_DEF);
391 sx_init(&shm_dict_lock, "shm dictionary");
392 shm_dictionary = hashinit(1024, M_SHMFD, &shm_hash);
393 }
394 SYSINIT(shm_dict_init, SI_SUB_SYSV_SHM, SI_ORDER_ANY, shm_dict_init, NULL);
395
396 static struct shmfd *
397 shm_lookup(char *path, Fnv32_t fnv)
398 {
399 struct shm_mapping *map;
400
401 LIST_FOREACH(map, SHM_HASH(fnv), sm_link) {
402 if (map->sm_fnv != fnv)
403 continue;
404 if (strcmp(map->sm_path, path) == 0)
405 return (map->sm_shmfd);
406 }
407
408 return (NULL);
409 }
410
411 static void
412 shm_insert(char *path, Fnv32_t fnv, struct shmfd *shmfd)
413 {
414 struct shm_mapping *map;
415
416 map = malloc(sizeof(struct shm_mapping), M_SHMFD, M_WAITOK);
417 map->sm_path = path;
418 map->sm_fnv = fnv;
419 map->sm_shmfd = shm_hold(shmfd);
420 LIST_INSERT_HEAD(SHM_HASH(fnv), map, sm_link);
421 }
422
423 static int
424 shm_remove(char *path, Fnv32_t fnv, struct ucred *ucred)
425 {
426 struct shm_mapping *map;
427 int error;
428
429 LIST_FOREACH(map, SHM_HASH(fnv), sm_link) {
430 if (map->sm_fnv != fnv)
431 continue;
432 if (strcmp(map->sm_path, path) == 0) {
433 #ifdef MAC
434 error = mac_posixshm_check_unlink(ucred, map->sm_shmfd);
435 if (error)
436 return (error);
437 #endif
438 error = shm_access(map->sm_shmfd, ucred,
439 FREAD | FWRITE);
440 if (error)
441 return (error);
442 LIST_REMOVE(map, sm_link);
443 shm_drop(map->sm_shmfd);
444 free(map->sm_path, M_SHMFD);
445 free(map, M_SHMFD);
446 return (0);
447 }
448 }
449
450 return (ENOENT);
451 }
452
453 /* System calls. */
454 int
455 shm_open(struct thread *td, struct shm_open_args *uap)
456 {
457 struct filedesc *fdp;
458 struct shmfd *shmfd;
459 struct file *fp;
460 char *path;
461 Fnv32_t fnv;
462 mode_t cmode;
463 int fd, error;
464
465 if ((uap->flags & O_ACCMODE) != O_RDONLY &&
466 (uap->flags & O_ACCMODE) != O_RDWR)
467 return (EINVAL);
468
469 if ((uap->flags & ~(O_ACCMODE | O_CREAT | O_EXCL | O_TRUNC)) != 0)
470 return (EINVAL);
471
472 fdp = td->td_proc->p_fd;
473 cmode = (uap->mode & ~fdp->fd_cmask) & ACCESSPERMS;
474
475 error = falloc(td, &fp, &fd);
476 if (error)
477 return (error);
478
479 /* A SHM_ANON path pointer creates an anonymous object. */
480 if (uap->path == SHM_ANON) {
481 /* A read-only anonymous object is pointless. */
482 if ((uap->flags & O_ACCMODE) == O_RDONLY) {
483 fdclose(fdp, fp, fd, td);
484 fdrop(fp, td);
485 return (EINVAL);
486 }
487 shmfd = shm_alloc(td->td_ucred, cmode);
488 } else {
489 path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK);
490 error = copyinstr(uap->path, path, MAXPATHLEN, NULL);
491
492 /* Require paths to start with a '/' character. */
493 if (error == 0 && path[0] != '/')
494 error = EINVAL;
495 if (error) {
496 fdclose(fdp, fp, fd, td);
497 fdrop(fp, td);
498 free(path, M_SHMFD);
499 return (error);
500 }
501
502 fnv = fnv_32_str(path, FNV1_32_INIT);
503 sx_xlock(&shm_dict_lock);
504 shmfd = shm_lookup(path, fnv);
505 if (shmfd == NULL) {
506 /* Object does not yet exist, create it if requested. */
507 if (uap->flags & O_CREAT) {
508 shmfd = shm_alloc(td->td_ucred, cmode);
509 shm_insert(path, fnv, shmfd);
510 } else {
511 free(path, M_SHMFD);
512 error = ENOENT;
513 }
514 } else {
515 /*
516 * Object already exists, obtain a new
517 * reference if requested and permitted.
518 */
519 free(path, M_SHMFD);
520 if ((uap->flags & (O_CREAT | O_EXCL)) ==
521 (O_CREAT | O_EXCL))
522 error = EEXIST;
523 else {
524 #ifdef MAC
525 error = mac_posixshm_check_open(td->td_ucred,
526 shmfd);
527 if (error == 0)
528 #endif
529 error = shm_access(shmfd, td->td_ucred,
530 FFLAGS(uap->flags & O_ACCMODE));
531 }
532
533 /*
534 * Truncate the file back to zero length if
535 * O_TRUNC was specified and the object was
536 * opened with read/write.
537 */
538 if (error == 0 &&
539 (uap->flags & (O_ACCMODE | O_TRUNC)) ==
540 (O_RDWR | O_TRUNC)) {
541 #ifdef MAC
542 error = mac_posixshm_check_truncate(
543 td->td_ucred, fp->f_cred, shmfd);
544 if (error == 0)
545 #endif
546 shm_dotruncate(shmfd, 0);
547 }
548 if (error == 0)
549 shm_hold(shmfd);
550 }
551 sx_xunlock(&shm_dict_lock);
552
553 if (error) {
554 fdclose(fdp, fp, fd, td);
555 fdrop(fp, td);
556 return (error);
557 }
558 }
559
560 finit(fp, FFLAGS(uap->flags & O_ACCMODE), DTYPE_SHM, shmfd, &shm_ops);
561
562 FILEDESC_XLOCK(fdp);
563 if (fdp->fd_ofiles[fd] == fp)
564 fdp->fd_ofileflags[fd] |= UF_EXCLOSE;
565 FILEDESC_XUNLOCK(fdp);
566 td->td_retval[0] = fd;
567 fdrop(fp, td);
568
569 return (0);
570 }
571
572 int
573 shm_unlink(struct thread *td, struct shm_unlink_args *uap)
574 {
575 char *path;
576 Fnv32_t fnv;
577 int error;
578
579 path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
580 error = copyinstr(uap->path, path, MAXPATHLEN, NULL);
581 if (error) {
582 free(path, M_TEMP);
583 return (error);
584 }
585
586 fnv = fnv_32_str(path, FNV1_32_INIT);
587 sx_xlock(&shm_dict_lock);
588 error = shm_remove(path, fnv, td->td_ucred);
589 sx_xunlock(&shm_dict_lock);
590 free(path, M_TEMP);
591
592 return (error);
593 }
594
595 /*
596 * mmap() helper to validate mmap() requests against shm object state
597 * and give mmap() the vm_object to use for the mapping.
598 */
599 int
600 shm_mmap(struct shmfd *shmfd, vm_size_t objsize, vm_ooffset_t foff,
601 vm_object_t *obj)
602 {
603
604 /*
605 * XXXRW: This validation is probably insufficient, and subject to
606 * sign errors. It should be fixed.
607 */
608 if (foff >= shmfd->shm_size || foff + objsize > shmfd->shm_size)
609 return (EINVAL);
610
611 mtx_lock(&shm_timestamp_lock);
612 vfs_timestamp(&shmfd->shm_atime);
613 mtx_unlock(&shm_timestamp_lock);
614 vm_object_reference(shmfd->shm_object);
615 *obj = shmfd->shm_object;
616 return (0);
617 }
FreeBSD kvm: FreeBSD sources