From owner-svn-src-all@freebsd.org Wed Sep 25 17:59:17 2019 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C428512E89F; Wed, 25 Sep 2019 17:59:17 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46dm5x4sJtz4FqM; Wed, 25 Sep 2019 17:59:17 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 869541B656; Wed, 25 Sep 2019 17:59:17 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x8PHxH5p076998; Wed, 25 Sep 2019 17:59:17 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x8PHxGCW076991; Wed, 25 Sep 2019 17:59:16 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <201909251759.x8PHxGCW076991@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Wed, 25 Sep 2019 17:59:16 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r352700 - in head/sys: compat/freebsd32 kern sys X-SVN-Group: head X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in head/sys: compat/freebsd32 kern sys X-SVN-Commit-Revision: 352700 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Sep 2019 17:59:17 -0000 Author: kevans Date: Wed Sep 25 17:59:15 2019 New Revision: 352700 URL: https://svnweb.freebsd.org/changeset/base/352700 Log: Add a shm_open2 syscall to support upcoming memfd_create shm_open2 allows a little more flexibility than the original shm_open. shm_open2 doesn't enforce CLOEXEC on its callers, and it has a separate shmflag argument that can be expanded later. Currently the only shmflag is to allow file sealing on the returned fd. shm_open and memfd_create will both be implemented in libc to use this new syscall. __FreeBSD_version is bumped to indicate the presence. Reviewed by: kib, markj Differential Revision: https://reviews.freebsd.org/D21393 Modified: head/sys/compat/freebsd32/syscalls.master head/sys/kern/capabilities.conf head/sys/kern/syscalls.master head/sys/kern/uipc_shm.c head/sys/sys/mman.h head/sys/sys/param.h head/sys/sys/syscallsubr.h Modified: head/sys/compat/freebsd32/syscalls.master ============================================================================== --- head/sys/compat/freebsd32/syscalls.master Wed Sep 25 17:52:59 2019 (r352699) +++ head/sys/compat/freebsd32/syscalls.master Wed Sep 25 17:59:15 2019 (r352700) @@ -1154,5 +1154,8 @@ 570 AUE_SYSCTL STD { int freebsd32___sysctlbyname(const char *name, \ size_t namelen, void *old, uint32_t *oldlenp, \ void *new, size_t newlen); } +571 AUE_SHMOPEN NOPROTO { int shm_open2( \ + const char *path, int flags, mode_t mode, \ + int shmflags, const char *name); } ; vim: syntax=off Modified: head/sys/kern/capabilities.conf ============================================================================== --- head/sys/kern/capabilities.conf Wed Sep 25 17:52:59 2019 (r352699) +++ head/sys/kern/capabilities.conf Wed Sep 25 17:59:15 2019 (r352700) @@ -655,6 +655,7 @@ setuid ## shm_open(2) is scoped so as to allow only access to new anonymous objects. ## shm_open +shm_open2 ## ## Allow I/O-related file descriptors, subject to capability rights. Modified: head/sys/kern/syscalls.master ============================================================================== --- head/sys/kern/syscalls.master Wed Sep 25 17:52:59 2019 (r352699) +++ head/sys/kern/syscalls.master Wed Sep 25 17:59:15 2019 (r352700) @@ -3195,6 +3195,15 @@ _In_reads_bytes_opt_(newlen) void *new, size_t newlen); } +571 AUE_SHMOPEN STD { + int shm_open2( + _In_z_ const char *path, + int flags, + mode_t mode, + int shmflags, + _In_z_ const char *name + ); + } ; Please copy any additions and changes to the following compatability tables: ; sys/compat/freebsd32/syscalls.master Modified: head/sys/kern/uipc_shm.c ============================================================================== --- head/sys/kern/uipc_shm.c Wed Sep 25 17:52:59 2019 (r352699) +++ head/sys/kern/uipc_shm.c Wed Sep 25 17:59:15 2019 (r352700) @@ -1316,3 +1316,36 @@ SYSCTL_PROC(_kern_ipc, OID_AUTO, posix_shm_list, CTLFLAG_RD | CTLFLAG_MPSAFE | CTLTYPE_OPAQUE, NULL, 0, sysctl_posix_shm_list, "", "POSIX SHM list"); + +int +kern_shm_open2(struct thread *td, const char *path, int flags, mode_t mode, + int shmflags, const char *name __unused) +{ + int initial_seals; + + if ((shmflags & ~SHM_ALLOW_SEALING) != 0) + return (EINVAL); + + initial_seals = F_SEAL_SEAL; + if ((shmflags & SHM_ALLOW_SEALING) != 0) + initial_seals &= ~F_SEAL_SEAL; + return (kern_shm_open(td, path, flags, 0, NULL, initial_seals)); +} + +/* + * This version of the shm_open() interface leaves CLOEXEC behavior up to the + * caller, and libc will enforce it for the traditional shm_open() call. This + * allows other consumers, like memfd_create(), to opt-in for CLOEXEC. This + * interface also includes a 'name' argument that is currently unused, but could + * potentially be exported later via some interface for debugging purposes. + * From the kernel's perspective, it is optional. Individual consumers like + * memfd_create() may require it in order to be compatible with other systems + * implementing the same function. + */ +int +sys_shm_open2(struct thread *td, struct shm_open2_args *uap) +{ + + return (kern_shm_open2(td, uap->path, uap->flags, uap->mode, + uap->shmflags, uap->name)); +} Modified: head/sys/sys/mman.h ============================================================================== --- head/sys/sys/mman.h Wed Sep 25 17:52:59 2019 (r352699) +++ head/sys/sys/mman.h Wed Sep 25 17:59:15 2019 (r352700) @@ -176,6 +176,12 @@ * Anonymous object constant for shm_open(). */ #define SHM_ANON ((char *)1) + +/* + * shmflags for shm_open2() + */ +#define SHM_ALLOW_SEALING 0x00000001 + #endif /* __BSD_VISIBLE */ /* Modified: head/sys/sys/param.h ============================================================================== --- head/sys/sys/param.h Wed Sep 25 17:52:59 2019 (r352699) +++ head/sys/sys/param.h Wed Sep 25 17:59:15 2019 (r352700) @@ -60,7 +60,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 1300047 /* Master, propagated to newvers */ +#define __FreeBSD_version 1300048 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD, Modified: head/sys/sys/syscallsubr.h ============================================================================== --- head/sys/sys/syscallsubr.h Wed Sep 25 17:52:59 2019 (r352699) +++ head/sys/sys/syscallsubr.h Wed Sep 25 17:59:15 2019 (r352700) @@ -251,6 +251,8 @@ int kern_settimeofday(struct thread *td, struct timeva struct timezone *tzp); int kern_shm_open(struct thread *td, const char *userpath, int flags, mode_t mode, struct filecaps *fcaps, int initial_seals); +int kern_shm_open2(struct thread *td, const char *path, int flags, + mode_t mode, int shmflags, const char *name); int kern_shmat(struct thread *td, int shmid, const void *shmaddr, int shmflg); int kern_shmctl(struct thread *td, int shmid, int cmd, void *buf,