/*-
* Copyright (c) 1999, 2007 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Jason R. Thorpe of the Numerical Aerospace Simulation Facility,
* NASA Ames Research Center, and by Mindaugas Rasiukevicius.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* Copyright (c) 1994 Adam Glass and Charles M. Hannum. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Adam Glass and Charles M.
* Hannum.
* 4. The names of the authors may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
struct shmmap_state {
unsigned int nitems;
unsigned int nrefs;
SLIST_HEAD(, shmmap_entry) entries;
};
extern int kern_has_sysvshm;
SYSCTL_SETUP_PROTO(sysctl_ipc_shm_setup);
#ifdef SHMDEBUG
#define SHMPRINTF(a) printf a
#else
#define SHMPRINTF(a)
#endif
static int shmrealloc(int);
/*
* Find the shared memory segment permission by the index. Only used by
* compat_linux to implement SHM_STAT.
*/
int
shm_find_segment_perm_by_index(int index, struct ipc_perm *perm)
{
struct shmid_ds *shmseg;
/*
* Find the shared memory segment by the identifier.
* => must be called with shm_lock held;
*/
static struct shmid_ds *
shm_find_segment_by_shmid(int shmid)
{
int segnum;
struct shmid_ds *shmseg;
KASSERT(mutex_owned(&shm_lock));
segnum = IPCID_TO_IX(shmid);
if (segnum < 0 || segnum >= shminfo.shmmni)
return NULL;
shmseg = &shmsegs[segnum];
if ((shmseg->shm_perm.mode & SHMSEG_ALLOCATED) == 0)
return NULL;
if ((shmseg->shm_perm.mode &
(SHMSEG_REMOVED|SHMSEG_RMLINGER)) == SHMSEG_REMOVED)
return NULL;
if (shmseg->shm_perm._seq != IPCID_TO_SEQ(shmid))
return NULL;
return shmseg;
}
/*
* Free memory segment.
* => must be called with shm_lock held;
*/
static void
shm_free_segment(int segnum)
{
struct shmid_ds *shmseg;
size_t size;
bool wanted;
/*
* Get a non-shared shm map for that vmspace. Note, that memory
* allocation might be performed with lock held.
*/
static struct shmmap_state *
shmmap_getprivate(struct proc *p)
{
struct shmmap_state *oshmmap_s, *shmmap_s;
struct shmmap_entry *oshmmap_se, *shmmap_se;
KASSERT(mutex_owned(&shm_lock));
/* 1. A shm map with refcnt = 1, used by ourselves, thus return */
oshmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm;
if (oshmmap_s && oshmmap_s->nrefs == 1)
return oshmmap_s;
/* 2. No shm map preset - create a fresh one */
shmmap_s = kmem_zalloc(sizeof(struct shmmap_state), KM_SLEEP);
shmmap_s->nrefs = 1;
SLIST_INIT(&shmmap_s->entries);
p->p_vmspace->vm_shm = (void *)shmmap_s;
if (oshmmap_s == NULL)
return shmmap_s;
SHMPRINTF(("shmmap_getprivate: vm %p split (%d entries), was used by %d\n",
p->p_vmspace, oshmmap_s->nitems, oshmmap_s->nrefs));
/* 3. A shared shm map, copy to a fresh one and adjust refcounts */
SLIST_FOREACH(oshmmap_se, &oshmmap_s->entries, next) {
shmmap_se = kmem_alloc(sizeof(struct shmmap_entry), KM_SLEEP);
shmmap_se->va = oshmmap_se->va;
shmmap_se->shmid = oshmmap_se->shmid;
SLIST_INSERT_HEAD(&shmmap_s->entries, shmmap_se, next);
}
shmmap_s->nitems = oshmmap_s->nitems;
oshmmap_s->nrefs--;
return shmmap_s;
}
/*
* Lock/unlock the memory.
* => must be called with shm_lock held;
*/
static int
shm_memlock(struct shmid_ds *shmseg, int shmid, int cmd)
{
size_t size;
int error;
KASSERT(mutex_owned(&shm_lock));
size = round_page(shmseg->shm_segsz);
if (cmd == SHM_LOCK && (shmseg->shm_perm.mode & SHMSEG_WIRED) == 0) {
/* Wire the object and map, then tag it */
error = uvm_obj_wirepages(shmseg->_shm_internal,
0, size, NULL);
if (error)
return EIO;
shmseg->shm_perm.mode |= SHMSEG_WIRED;
} else if (cmd == SHM_UNLOCK &&
(shmseg->shm_perm.mode & SHMSEG_WIRED) != 0) {
/* Unwire the object, then untag it */
uvm_obj_unwirepages(shmseg->_shm_internal, 0, size);
shmseg->shm_perm.mode &= ~SHMSEG_WIRED;
}
mutex_enter(&shm_lock);
/* In case of reallocation, we will wait for completion */
while (__predict_false(shm_realloc_state))
cv_wait(&shm_realloc_cv, &shm_lock);
/* Allocate a new map entry and set it */
shmmap_se = kmem_alloc(sizeof(struct shmmap_entry), KM_SLEEP);
shmmap_se->shmid = SCARG(uap, shmid);
mutex_enter(&shm_lock);
/* In case of reallocation, we will wait for completion */
while (__predict_false(shm_realloc_state))
cv_wait(&shm_realloc_cv, &shm_lock);
size = (shmseg->shm_segsz + PGOFSET) & ~PGOFSET;
prot = VM_PROT_READ;
if ((SCARG(uap, shmflg) & SHM_RDONLY) == 0)
prot |= VM_PROT_WRITE;
if (SCARG(uap, shmaddr)) {
flags |= UVM_FLAG_FIXED;
if (SCARG(uap, shmflg) & SHM_RND)
attach_va =
(vaddr_t)SCARG(uap, shmaddr) & ~(SHMLBA-1);
else if (((vaddr_t)SCARG(uap, shmaddr) & (SHMLBA-1)) == 0)
attach_va = (vaddr_t)SCARG(uap, shmaddr);
else {
error = EINVAL;
goto err;
}
} else {
/* This is just a hint to uvm_map() about where to put it. */
attach_va = p->p_emul->e_vm_default_addr(p,
(vaddr_t)vm->vm_daddr, size,
p->p_vmspace->vm_map.flags & VM_MAP_TOPDOWN);
}
/*
* Create a map entry, add it to the list and increase the counters.
*/
shmmap_s = shmmap_getprivate(p);
SLIST_INSERT_HEAD(&shmmap_s->entries, shmmap_se, next);
shmmap_s->nitems++;
shmseg->shm_lpid = p->p_pid;
shmseg->shm_nattch++;
/*
* Map the segment into the address space.
*/
uobj = shmseg->_shm_internal;
uao_reference(uobj);
error = uvm_map(&vm->vm_map, &attach_va, size, uobj, 0, 0,
UVM_MAPFLAG(prot, prot, UVM_INH_SHARE, UVM_ADV_RANDOM, flags));
if (error)
goto err_detach;
/* Set the new address, and update the time */
shmmap_se->va = attach_va;
shmseg->shm_atime = time_second;
retval[0] = attach_va;
SHMPRINTF(("shmat: vm %p: add %d @%lx\n",
p->p_vmspace, shmmap_se->shmid, attach_va));
err:
mutex_exit(&shm_lock);
if (error && shmmap_se) {
kmem_free(shmmap_se, sizeof(struct shmmap_entry));
}
return error;
int
shmctl1(struct lwp *l, int shmid, int cmd, struct shmid_ds *shmbuf)
{
struct uvm_object *uobj = NULL;
kauth_cred_t cred = l->l_cred;
struct shmid_ds *shmseg;
int error = 0;
mutex_enter(&shm_lock);
/* In case of reallocation, we will wait for completion */
while (__predict_false(shm_realloc_state))
cv_wait(&shm_realloc_cv, &shm_lock);
mutex_exit(&shm_lock);
if (uobj != NULL)
uao_detach(uobj);
return error;
}
/*
* Try to take an already existing segment.
* => must be called with shm_lock held;
* => called from one place, thus, inline;
*/
static inline int
shmget_existing(struct lwp *l, const struct sys_shmget_args *uap, int mode,
register_t *retval)
{
struct shmid_ds *shmseg;
kauth_cred_t cred = l->l_cred;
int segnum, error;
again:
KASSERT(mutex_owned(&shm_lock));
/* Find segment by key */
for (segnum = 0; segnum < shminfo.shmmni; segnum++)
if ((shmsegs[segnum].shm_perm.mode & SHMSEG_ALLOCATED) &&
shmsegs[segnum].shm_perm._key == SCARG(uap, key))
break;
if (segnum == shminfo.shmmni) {
/* Not found */
return -1;
}
shmseg = &shmsegs[segnum];
if (shmseg->shm_perm.mode & SHMSEG_REMOVED) {
/*
* This segment is in the process of being allocated. Wait
* until it's done, and look the key up again (in case the
* allocation failed or it was freed).
*/
shmseg->shm_perm.mode |= SHMSEG_WANTED;
error = cv_wait_sig(&shm_cv[segnum], &shm_lock);
if (error)
return error;
goto again;
}
/*
* First check the flags, to generate a useful error when a
* segment already exists.
*/
if ((SCARG(uap, shmflg) & (IPC_CREAT | IPC_EXCL)) ==
(IPC_CREAT | IPC_EXCL))
return EEXIST;
/* Check the permission and segment size. */
error = ipcperm(cred, &shmseg->shm_perm, mode);
if (error)
return error;
if (SCARG(uap, size) && SCARG(uap, size) > shmseg->shm_segsz)
return EINVAL;
mutex_enter(&shm_lock);
/* In case of reallocation, we will wait for completion */
while (__predict_false(shm_realloc_state))
cv_wait(&shm_realloc_cv, &shm_lock);
/*
* Check the for the limits.
*/
size = SCARG(uap, size);
if (size < shminfo.shmmin || size > shminfo.shmmax) {
mutex_exit(&shm_lock);
return EINVAL;
}
if (shm_nused >= shminfo.shmmni) {
mutex_exit(&shm_lock);
return ENOSPC;
}
size = round_page(size);
if (shm_committed + btoc(size) > shminfo.shmall) {
mutex_exit(&shm_lock);
return ENOMEM;
}
/* Find the first available segment */
if (shm_last_free < 0) {
for (segnum = 0; segnum < shminfo.shmmni; segnum++)
if (shmsegs[segnum].shm_perm.mode & SHMSEG_FREE)
break;
KASSERT(segnum < shminfo.shmmni);
} else {
segnum = shm_last_free;
shm_last_free = -1;
}
/*
* Initialize the segment.
* We will drop the lock while allocating the memory, thus mark the
* segment present, but removed, that no other thread could take it.
* Also, disable reallocation, while lock is dropped.
*/
shmseg = &shmsegs[segnum];
shmseg->shm_perm.mode = SHMSEG_ALLOCATED | SHMSEG_REMOVED;
shm_committed += btoc(size);
shm_nused++;
lockmem = shm_use_phys;
shm_realloc_disable++;
mutex_exit(&shm_lock);
/* Allocate the memory object and lock it if needed */
shmseg->_shm_internal = uao_create(size, 0);
if (lockmem) {
/* Wire the pages and tag it */
error = uvm_obj_wirepages(shmseg->_shm_internal, 0, size, NULL);
if (error) {
uao_detach(shmseg->_shm_internal);
mutex_enter(&shm_lock);
shm_free_segment(segnum);
shm_realloc_disable--;
mutex_exit(&shm_lock);
return error;
}
}
/*
* Please note, while segment is marked, there are no need to hold the
* lock, while setting it (except shm_perm.mode).
*/
shmseg->shm_perm._key = SCARG(uap, key);
shmseg->shm_perm._seq = (shmseg->shm_perm._seq + 1) & 0x7fff;
*retval = IXSEQ_TO_IPCID(segnum, shmseg->shm_perm);
static int
shmrealloc(int newshmni)
{
vaddr_t v;
struct shmid_ds *oldshmsegs, *newshmsegs;
kcondvar_t *newshm_cv, *oldshm_cv;
size_t sz;
int i, lsegid, oldshmni;
if (newshmni < 1)
return EINVAL;
/* Allocate new memory area */
sz = ALIGN(newshmni * sizeof(struct shmid_ds)) +
ALIGN(newshmni * sizeof(kcondvar_t));
sz = round_page(sz);
v = uvm_km_alloc(kernel_map, sz, 0, UVM_KMF_WIRED|UVM_KMF_ZERO);
if (v == 0)
return ENOMEM;
mutex_enter(&shm_lock);
while (shm_realloc_state || shm_realloc_disable)
cv_wait(&shm_realloc_cv, &shm_lock);
/*
* Get the number of last segment. Fail we are trying to
* reallocate less memory than we use.
*/
lsegid = 0;
for (i = 0; i < shminfo.shmmni; i++)
if ((shmsegs[i].shm_perm.mode & SHMSEG_FREE) == 0)
lsegid = i;
if (lsegid >= newshmni) {
mutex_exit(&shm_lock);
uvm_km_free(kernel_map, v, sz, UVM_KMF_WIRED);
return EBUSY;
}
shm_realloc_state = true;
/* Copy all memory to the new area */
for (i = 0; i < shm_nused; i++) {
cv_init(&newshm_cv[i], "shmwait");
(void)memcpy(&newshmsegs[i], &shmsegs[i],
sizeof(newshmsegs[0]));
}
/* Mark as free all new segments, if there is any */
for (; i < newshmni; i++) {
cv_init(&newshm_cv[i], "shmwait");
newshmsegs[i].shm_perm.mode = SHMSEG_FREE;
newshmsegs[i].shm_perm._seq = 0;
}
