From owner-svn-src-stable-11@freebsd.org Wed Nov 11 22:00:31 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 810BA4674B2; Wed, 11 Nov 2020 22:00:31 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CWdvg3J2lz3rZw; Wed, 11 Nov 2020 22:00:31 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 641551B7F4; Wed, 11 Nov 2020 22:00:31 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 0ABM0VEs043793; Wed, 11 Nov 2020 22:00:31 GMT (envelope-from brooks@FreeBSD.org) Received: (from brooks@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 0ABM0Vx4043792; Wed, 11 Nov 2020 22:00:31 GMT (envelope-from brooks@FreeBSD.org) Message-Id: <202011112200.0ABM0Vx4043792@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brooks set sender to brooks@FreeBSD.org using -f From: Brooks Davis Date: Wed, 11 Nov 2020 22:00:31 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r367601 - stable/11/sys/kern X-SVN-Group: stable-11 X-SVN-Commit-Author: brooks X-SVN-Commit-Paths: stable/11/sys/kern X-SVN-Commit-Revision: 367601 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Nov 2020 22:00:31 -0000 Author: brooks Date: Wed Nov 11 22:00:30 2020 New Revision: 367601 URL: https://svnweb.freebsd.org/changeset/base/367601 Log: MFC r367302: sysvshm: pass relevant uap members as arguments Alter shmget_allocate_segment and shmget_existing to take the values they want from struct shmget_args rather than passing the struct around. In general, uap structures should only be the interface to sys_ functions. This makes one small functional change and records the allocated space rather than the requested space. If this turns out to be a problem (e.g. if software tries to find undersized segments by exact size rather than using keys), we can correct that easily. Reviewed by: kib Obtained from: CheriBSD Sponsored by: DARPA Differential Revision: https://reviews.freebsd.org/D27077 Modified: stable/11/sys/kern/sysv_shm.c Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/kern/sysv_shm.c ============================================================================== --- stable/11/sys/kern/sysv_shm.c Wed Nov 11 21:59:39 2020 (r367600) +++ stable/11/sys/kern/sysv_shm.c Wed Nov 11 22:00:30 2020 (r367601) @@ -102,11 +102,6 @@ FEATURE(sysv_shm, "System V shared memory segments sup static MALLOC_DEFINE(M_SHM, "shm", "SVID compatible shared memory segments"); -static int shmget_allocate_segment(struct thread *td, - struct shmget_args *uap, int mode); -static int shmget_existing(struct thread *td, struct shmget_args *uap, - int mode, int segnum); - #define SHMSEG_FREE 0x0200 #define SHMSEG_REMOVED 0x0400 #define SHMSEG_ALLOCATED 0x0800 @@ -125,6 +120,10 @@ static void shm_deallocate_segment(struct shmid_kernel static int shm_find_segment_by_key(struct prison *, key_t); static struct shmid_kernel *shm_find_segment(struct prison *, int, bool); static int shm_delete_mapping(struct vmspace *vm, struct shmmap_state *); +static int shmget_allocate_segment(struct thread *td, key_t key, size_t size, + int mode); +static int shmget_existing(struct thread *td, size_t size, int shmflg, + int mode, int segnum); static void shmrealloc(void); static int shminit(void); static int sysvshm_modload(struct module *, int, void *); @@ -643,7 +642,7 @@ done: static int -shmget_existing(struct thread *td, struct shmget_args *uap, int mode, +shmget_existing(struct thread *td, size_t size, int shmflg, int mode, int segnum) { struct shmid_kernel *shmseg; @@ -655,35 +654,34 @@ shmget_existing(struct thread *td, struct shmget_args KASSERT(segnum >= 0 && segnum < shmalloced, ("segnum %d shmalloced %d", segnum, shmalloced)); shmseg = &shmsegs[segnum]; - if ((uap->shmflg & (IPC_CREAT | IPC_EXCL)) == (IPC_CREAT | IPC_EXCL)) + if ((shmflg & (IPC_CREAT | IPC_EXCL)) == (IPC_CREAT | IPC_EXCL)) return (EEXIST); #ifdef MAC - error = mac_sysvshm_check_shmget(td->td_ucred, shmseg, uap->shmflg); + error = mac_sysvshm_check_shmget(td->td_ucred, shmseg, shmflg); if (error != 0) return (error); #endif - if (uap->size != 0 && uap->size > shmseg->u.shm_segsz) + if (size != 0 && size > shmseg->u.shm_segsz) return (EINVAL); td->td_retval[0] = IXSEQ_TO_IPCID(segnum, shmseg->u.shm_perm); return (0); } static int -shmget_allocate_segment(struct thread *td, struct shmget_args *uap, int mode) +shmget_allocate_segment(struct thread *td, key_t key, size_t size, int mode) { struct ucred *cred = td->td_ucred; struct shmid_kernel *shmseg; vm_object_t shm_object; int i, segnum; - size_t size; SYSVSHM_ASSERT_LOCKED(); - if (uap->size < shminfo.shmmin || uap->size > shminfo.shmmax) + if (size < shminfo.shmmin || size > shminfo.shmmax) return (EINVAL); if (shm_nused >= shminfo.shmmni) /* Any shmids left? */ return (ENOSPC); - size = round_page(uap->size); + size = round_page(size); if (shm_committed + btoc(size) > shminfo.shmall) return (ENOMEM); if (shm_last_free < 0) { @@ -744,10 +742,10 @@ shmget_allocate_segment(struct thread *td, struct shmg shmseg->u.shm_perm.cuid = shmseg->u.shm_perm.uid = cred->cr_uid; shmseg->u.shm_perm.cgid = shmseg->u.shm_perm.gid = cred->cr_gid; shmseg->u.shm_perm.mode = (mode & ACCESSPERMS) | SHMSEG_ALLOCATED; - shmseg->u.shm_perm.key = uap->key; + shmseg->u.shm_perm.key = key; shmseg->u.shm_perm.seq = (shmseg->u.shm_perm.seq + 1) & 0x7fff; shmseg->cred = crhold(cred); - shmseg->u.shm_segsz = uap->size; + shmseg->u.shm_segsz = size; shmseg->u.shm_cpid = td->td_proc->p_pid; shmseg->u.shm_lpid = shmseg->u.shm_nattch = 0; shmseg->u.shm_atime = shmseg->u.shm_dtime = 0; @@ -780,16 +778,18 @@ sys_shmget(struct thread *td, struct shmget_args *uap) mode = uap->shmflg & ACCESSPERMS; SYSVSHM_LOCK(); if (uap->key == IPC_PRIVATE) { - error = shmget_allocate_segment(td, uap, mode); + error = shmget_allocate_segment(td, uap->key, uap->size, mode); } else { segnum = shm_find_segment_by_key(td->td_ucred->cr_prison, uap->key); if (segnum >= 0) - error = shmget_existing(td, uap, mode, segnum); + error = shmget_existing(td, uap->size, uap->shmflg, + mode, segnum); else if ((uap->shmflg & IPC_CREAT) == 0) error = ENOENT; else - error = shmget_allocate_segment(td, uap, mode); + error = shmget_allocate_segment(td, uap->key, + uap->size, mode); } SYSVSHM_UNLOCK(); return (error);