Date: Wed, 11 Nov 2020 22:00:31 +0000 (UTC) From: Brooks Davis <brooks@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r367601 - stable/11/sys/kern Message-ID: <202011112200.0ABM0Vx4043792@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brooks Date: Wed Nov 11 22:00:30 2020 New Revision: 367601 URL: https://svnweb.freebsd.org/changeset/base/367601 Log: MFC r367302: sysvshm: pass relevant uap members as arguments Alter shmget_allocate_segment and shmget_existing to take the values they want from struct shmget_args rather than passing the struct around. In general, uap structures should only be the interface to sys_<foo> functions. This makes one small functional change and records the allocated space rather than the requested space. If this turns out to be a problem (e.g. if software tries to find undersized segments by exact size rather than using keys), we can correct that easily. Reviewed by: kib Obtained from: CheriBSD Sponsored by: DARPA Differential Revision: https://reviews.freebsd.org/D27077 Modified: stable/11/sys/kern/sysv_shm.c Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/kern/sysv_shm.c ============================================================================== --- stable/11/sys/kern/sysv_shm.c Wed Nov 11 21:59:39 2020 (r367600) +++ stable/11/sys/kern/sysv_shm.c Wed Nov 11 22:00:30 2020 (r367601) @@ -102,11 +102,6 @@ FEATURE(sysv_shm, "System V shared memory segments sup static MALLOC_DEFINE(M_SHM, "shm", "SVID compatible shared memory segments"); -static int shmget_allocate_segment(struct thread *td, - struct shmget_args *uap, int mode); -static int shmget_existing(struct thread *td, struct shmget_args *uap, - int mode, int segnum); - #define SHMSEG_FREE 0x0200 #define SHMSEG_REMOVED 0x0400 #define SHMSEG_ALLOCATED 0x0800 @@ -125,6 +120,10 @@ static void shm_deallocate_segment(struct shmid_kernel static int shm_find_segment_by_key(struct prison *, key_t); static struct shmid_kernel *shm_find_segment(struct prison *, int, bool); static int shm_delete_mapping(struct vmspace *vm, struct shmmap_state *); +static int shmget_allocate_segment(struct thread *td, key_t key, size_t size, + int mode); +static int shmget_existing(struct thread *td, size_t size, int shmflg, + int mode, int segnum); static void shmrealloc(void); static int shminit(void); static int sysvshm_modload(struct module *, int, void *); @@ -643,7 +642,7 @@ done: static int -shmget_existing(struct thread *td, struct shmget_args *uap, int mode, +shmget_existing(struct thread *td, size_t size, int shmflg, int mode, int segnum) { struct shmid_kernel *shmseg; @@ -655,35 +654,34 @@ shmget_existing(struct thread *td, struct shmget_args KASSERT(segnum >= 0 && segnum < shmalloced, ("segnum %d shmalloced %d", segnum, shmalloced)); shmseg = &shmsegs[segnum]; - if ((uap->shmflg & (IPC_CREAT | IPC_EXCL)) == (IPC_CREAT | IPC_EXCL)) + if ((shmflg & (IPC_CREAT | IPC_EXCL)) == (IPC_CREAT | IPC_EXCL)) return (EEXIST); #ifdef MAC - error = mac_sysvshm_check_shmget(td->td_ucred, shmseg, uap->shmflg); + error = mac_sysvshm_check_shmget(td->td_ucred, shmseg, shmflg); if (error != 0) return (error); #endif - if (uap->size != 0 && uap->size > shmseg->u.shm_segsz) + if (size != 0 && size > shmseg->u.shm_segsz) return (EINVAL); td->td_retval[0] = IXSEQ_TO_IPCID(segnum, shmseg->u.shm_perm); return (0); } static int -shmget_allocate_segment(struct thread *td, struct shmget_args *uap, int mode) +shmget_allocate_segment(struct thread *td, key_t key, size_t size, int mode) { struct ucred *cred = td->td_ucred; struct shmid_kernel *shmseg; vm_object_t shm_object; int i, segnum; - size_t size; SYSVSHM_ASSERT_LOCKED(); - if (uap->size < shminfo.shmmin || uap->size > shminfo.shmmax) + if (size < shminfo.shmmin || size > shminfo.shmmax) return (EINVAL); if (shm_nused >= shminfo.shmmni) /* Any shmids left? */ return (ENOSPC); - size = round_page(uap->size); + size = round_page(size); if (shm_committed + btoc(size) > shminfo.shmall) return (ENOMEM); if (shm_last_free < 0) { @@ -744,10 +742,10 @@ shmget_allocate_segment(struct thread *td, struct shmg shmseg->u.shm_perm.cuid = shmseg->u.shm_perm.uid = cred->cr_uid; shmseg->u.shm_perm.cgid = shmseg->u.shm_perm.gid = cred->cr_gid; shmseg->u.shm_perm.mode = (mode & ACCESSPERMS) | SHMSEG_ALLOCATED; - shmseg->u.shm_perm.key = uap->key; + shmseg->u.shm_perm.key = key; shmseg->u.shm_perm.seq = (shmseg->u.shm_perm.seq + 1) & 0x7fff; shmseg->cred = crhold(cred); - shmseg->u.shm_segsz = uap->size; + shmseg->u.shm_segsz = size; shmseg->u.shm_cpid = td->td_proc->p_pid; shmseg->u.shm_lpid = shmseg->u.shm_nattch = 0; shmseg->u.shm_atime = shmseg->u.shm_dtime = 0; @@ -780,16 +778,18 @@ sys_shmget(struct thread *td, struct shmget_args *uap) mode = uap->shmflg & ACCESSPERMS; SYSVSHM_LOCK(); if (uap->key == IPC_PRIVATE) { - error = shmget_allocate_segment(td, uap, mode); + error = shmget_allocate_segment(td, uap->key, uap->size, mode); } else { segnum = shm_find_segment_by_key(td->td_ucred->cr_prison, uap->key); if (segnum >= 0) - error = shmget_existing(td, uap, mode, segnum); + error = shmget_existing(td, uap->size, uap->shmflg, + mode, segnum); else if ((uap->shmflg & IPC_CREAT) == 0) error = ENOENT; else - error = shmget_allocate_segment(td, uap, mode); + error = shmget_allocate_segment(td, uap->key, + uap->size, mode); } SYSVSHM_UNLOCK(); return (error);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202011112200.0ABM0Vx4043792>