1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * linux/ipc/util.c
4 * Copyright (C) 1992 Krishna Balasubramanian
5 *
6 * Sep 1997 - Call suser() last after "normal" permission checks so we
7 * get BSD style process accounting right.
8 * Occurs in several places in the IPC code.
9 * Chris Evans, <chris@ferret.lmh.ox.ac.uk>
10 * Nov 1999 - ipc helper functions, unified SMP locking
11 * Manfred Spraul <manfred@colorfullife.com>
12 * Oct 2002 - One lock per IPC id. RCU ipc_free for lock-free grow_ary().
13 * Mingming Cao <cmm@us.ibm.com>
14 * Mar 2006 - support for audit of ipc object properties
15 * Dustin Kirkland <dustin.kirkland@us.ibm.com>
16 * Jun 2006 - namespaces ssupport
17 * OpenVZ, SWsoft Inc.
18 * Pavel Emelianov <xemul@openvz.org>
19 *
20 * General sysv ipc locking scheme:
21 * rcu_read_lock()
22 * obtain the ipc object (kern_ipc_perm) by looking up the id in an idr
23 * tree.
24 * - perform initial checks (capabilities, auditing and permission,
25 * etc).
26 * - perform read-only operations, such as INFO command, that
27 * do not demand atomicity
28 * acquire the ipc lock (kern_ipc_perm.lock) through
29 * ipc_lock_object()
30 * - perform read-only operations that demand atomicity,
31 * such as STAT command.
32 * - perform data updates, such as SET, RMID commands and
33 * mechanism-specific operations (semop/semtimedop,
34 * msgsnd/msgrcv, shmat/shmdt).
35 * drop the ipc lock, through ipc_unlock_object().
36 * rcu_read_unlock()
37 *
38 * The ids->rwsem must be taken when:
39 * - creating, removing and iterating the existing entries in ipc
40 * identifier sets.
41 * - iterating through files under /proc/sysvipc/
42 *
43 * Note that sems have a special fast path that avoids kern_ipc_perm.lock -
44 * see sem_lock().
45 */
46
47 #include <linux/mm.h>
48 #include <linux/shm.h>
49 #include <linux/init.h>
50 #include <linux/msg.h>
51 #include <linux/vmalloc.h>
52 #include <linux/slab.h>
53 #include <linux/notifier.h>
54 #include <linux/capability.h>
55 #include <linux/highuid.h>
56 #include <linux/security.h>
57 #include <linux/rcupdate.h>
58 #include <linux/workqueue.h>
59 #include <linux/seq_file.h>
60 #include <linux/proc_fs.h>
61 #include <linux/audit.h>
62 #include <linux/nsproxy.h>
63 #include <linux/rwsem.h>
64 #include <linux/memory.h>
65 #include <linux/ipc_namespace.h>
66 #include <linux/rhashtable.h>
67
68 #include <asm/unistd.h>
69
70 #include "util.h"
71
72 struct ipc_proc_iface {
73 const char *path;
74 const char *header;
75 int ids;
76 int (*show)(struct seq_file *, void *);
77 };
78
79 /**
80 * ipc_init - initialise ipc subsystem
81 *
82 * The various sysv ipc resources (semaphores, messages and shared
83 * memory) are initialised.
84 *
85 * A callback routine is registered into the memory hotplug notifier
86 * chain: since msgmni scales to lowmem this callback routine will be
87 * called upon successful memory add / remove to recompute msmgni.
88 */
89 static int __init ipc_init(void)
90 {
91 proc_mkdir("sysvipc", NULL);
92 sem_init();
93 msg_init();
94 shm_init();
95
96 return 0;
97 }
98 device_initcall(ipc_init);
99
100 static const struct rhashtable_params ipc_kht_params = {
101 .head_offset = offsetof(struct kern_ipc_perm, khtnode),
102 .key_offset = offsetof(struct kern_ipc_perm, key),
103 .key_len = FIELD_SIZEOF(struct kern_ipc_perm, key),
104 .automatic_shrinking = true,
105 };
106
107 /**
108 * ipc_init_ids - initialise ipc identifiers
109 * @ids: ipc identifier set
110 *
111 * Set up the sequence range to use for the ipc identifier range (limited
112 * below ipc_mni) then initialise the keys hashtable and ids idr.
113 */
114 void ipc_init_ids(struct ipc_ids *ids)
115 {
116 ids->in_use = 0;
117 ids->seq = 0;
118 init_rwsem(&ids->rwsem);
119 rhashtable_init(&ids->key_ht, &ipc_kht_params);
120 idr_init(&ids->ipcs_idr);
121 ids->max_idx = -1;
122 ids->last_idx = -1;
123 #ifdef CONFIG_CHECKPOINT_RESTORE
124 ids->next_id = -1;
125 #endif
126 }
127
128 #ifdef CONFIG_PROC_FS
129 static const struct file_operations sysvipc_proc_fops;
130 /**
131 * ipc_init_proc_interface - create a proc interface for sysipc types using a seq_file interface.
132 * @path: Path in procfs
133 * @header: Banner to be printed at the beginning of the file.
134 * @ids: ipc id table to iterate.
135 * @show: show routine.
136 */
137 void __init ipc_init_proc_interface(const char *path, const char *header,
138 int ids, int (*show)(struct seq_file *, void *))
139 {
140 struct proc_dir_entry *pde;
141 struct ipc_proc_iface *iface;
142
143 iface = kmalloc(sizeof(*iface), GFP_KERNEL);
144 if (!iface)
145 return;
146 iface->path = path;
147 iface->header = header;
148 iface->ids = ids;
149 iface->show = show;
150
151 pde = proc_create_data(path,
152 S_IRUGO, /* world readable */
153 NULL, /* parent dir */
154 &sysvipc_proc_fops,
155 iface);
156 if (!pde)
157 kfree(iface);
158 }
159 #endif
160
161 /**
162 * ipc_findkey - find a key in an ipc identifier set
163 * @ids: ipc identifier set
164 * @key: key to find
165 *
166 * Returns the locked pointer to the ipc structure if found or NULL
167 * otherwise. If key is found ipc points to the owning ipc structure
168 *
169 * Called with writer ipc_ids.rwsem held.
170 */
171 static struct kern_ipc_perm *ipc_findkey(struct ipc_ids *ids, key_t key)
172 {
173 struct kern_ipc_perm *ipcp;
174
175 ipcp = rhashtable_lookup_fast(&ids->key_ht, &key,
176 ipc_kht_params);
177 if (!ipcp)
178 return NULL;
179
180 rcu_read_lock();
181 ipc_lock_object(ipcp);
182 return ipcp;
183 }
184
185 /*
186 * Insert new IPC object into idr tree, and set sequence number and id
187 * in the correct order.
188 * Especially:
189 * - the sequence number must be set before inserting the object into the idr,
190 * because the sequence number is accessed without a lock.
191 * - the id can/must be set after inserting the object into the idr.
192 * All accesses must be done after getting kern_ipc_perm.lock.
193 *
194 * The caller must own kern_ipc_perm.lock.of the new object.
195 * On error, the function returns a (negative) error code.
196 *
197 * To conserve sequence number space, especially with extended ipc_mni,
198 * the sequence number is incremented only when the returned ID is less than
199 * the last one.
200 */
201 static inline int ipc_idr_alloc(struct ipc_ids *ids, struct kern_ipc_perm *new)
202 {
203 int idx, next_id = -1;
204
205 #ifdef CONFIG_CHECKPOINT_RESTORE
206 next_id = ids->next_id;
207 ids->next_id = -1;
208 #endif
209
210 /*
211 * As soon as a new object is inserted into the idr,
212 * ipc_obtain_object_idr() or ipc_obtain_object_check() can find it,
213 * and the lockless preparations for ipc operations can start.
214 * This means especially: permission checks, audit calls, allocation
215 * of undo structures, ...
216 *
217 * Thus the object must be fully initialized, and if something fails,
218 * then the full tear-down sequence must be followed.
219 * (i.e.: set new->deleted, reduce refcount, call_rcu())
220 */
221
222 if (next_id < 0) { /* !CHECKPOINT_RESTORE or next_id is unset */
223 int max_idx;
224
225 max_idx = max(ids->in_use*3/2, ipc_min_cycle);
226 max_idx = min(max_idx, ipc_mni);
227
228 /* allocate the idx, with a NULL struct kern_ipc_perm */
229 idx = idr_alloc_cyclic(&ids->ipcs_idr, NULL, 0, max_idx,
230 GFP_NOWAIT);
231
232 if (idx >= 0) {
233 /*
234 * idx got allocated successfully.
235 * Now calculate the sequence number and set the
236 * pointer for real.
237 */
238 if (idx <= ids->last_idx) {
239 ids->seq++;
240 if (ids->seq >= ipcid_seq_max())
241 ids->seq = 0;
242 }
243 ids->last_idx = idx;
244
245 new->seq = ids->seq;
246 /* no need for smp_wmb(), this is done
247 * inside idr_replace, as part of
248 * rcu_assign_pointer
249 */
250 idr_replace(&ids->ipcs_idr, new, idx);
251 }
252 } else {
253 new->seq = ipcid_to_seqx(next_id);
254 idx = idr_alloc(&ids->ipcs_idr, new, ipcid_to_idx(next_id),
255 0, GFP_NOWAIT);
256 }
257 if (idx >= 0)
258 new->id = (new->seq << ipcmni_seq_shift()) + idx;
259 return idx;
260 }
261
262 /**
263 * ipc_addid - add an ipc identifier
264 * @ids: ipc identifier set
265 * @new: new ipc permission set
266 * @limit: limit for the number of used ids
267 *
268 * Add an entry 'new' to the ipc ids idr. The permissions object is
269 * initialised and the first free entry is set up and the index assigned
270 * is returned. The 'new' entry is returned in a locked state on success.
271 *
272 * On failure the entry is not locked and a negative err-code is returned.
273 * The caller must use ipc_rcu_putref() to free the identifier.
274 *
275 * Called with writer ipc_ids.rwsem held.
276 */
277 int ipc_addid(struct ipc_ids *ids, struct kern_ipc_perm *new, int limit)
278 {
279 kuid_t euid;
280 kgid_t egid;
281 int idx, err;
282
283 /* 1) Initialize the refcount so that ipc_rcu_putref works */
284 refcount_set(&new->refcount, 1);
285
286 if (limit > ipc_mni)
287 limit = ipc_mni;
288
289 if (ids->in_use >= limit)
290 return -ENOSPC;
291
292 idr_preload(GFP_KERNEL);
293
294 spin_lock_init(&new->lock);
295 rcu_read_lock();
296 spin_lock(&new->lock);
297
298 current_euid_egid(&euid, &egid);
299 new->cuid = new->uid = euid;
300 new->gid = new->cgid = egid;
301
302 new->deleted = false;
303
304 idx = ipc_idr_alloc(ids, new);
305 idr_preload_end();
306
307 if (idx >= 0 && new->key != IPC_PRIVATE) {
308 err = rhashtable_insert_fast(&ids->key_ht, &new->khtnode,
309 ipc_kht_params);
310 if (err < 0) {
311 idr_remove(&ids->ipcs_idr, idx);
312 idx = err;
313 }
314 }
315 if (idx < 0) {
316 new->deleted = true;
317 spin_unlock(&new->lock);
318 rcu_read_unlock();
319 return idx;
320 }
321
322 ids->in_use++;
323 if (idx > ids->max_idx)
324 ids->max_idx = idx;
325 return idx;
326 }
327
328 /**
329 * ipcget_new - create a new ipc object
330 * @ns: ipc namespace
331 * @ids: ipc identifier set
332 * @ops: the actual creation routine to call
333 * @params: its parameters
334 *
335 * This routine is called by sys_msgget, sys_semget() and sys_shmget()
336 * when the key is IPC_PRIVATE.
337 */
338 static int ipcget_new(struct ipc_namespace *ns, struct ipc_ids *ids,
339 const struct ipc_ops *ops, struct ipc_params *params)
340 {
341 int err;
342
343 down_write(&ids->rwsem);
344 err = ops->getnew(ns, params);
345 up_write(&ids->rwsem);
346 return err;
347 }
348
349 /**
350 * ipc_check_perms - check security and permissions for an ipc object
351 * @ns: ipc namespace
352 * @ipcp: ipc permission set
353 * @ops: the actual security routine to call
354 * @params: its parameters
355 *
356 * This routine is called by sys_msgget(), sys_semget() and sys_shmget()
357 * when the key is not IPC_PRIVATE and that key already exists in the
358 * ds IDR.
359 *
360 * On success, the ipc id is returned.
361 *
362 * It is called with ipc_ids.rwsem and ipcp->lock held.
363 */
364 static int ipc_check_perms(struct ipc_namespace *ns,
365 struct kern_ipc_perm *ipcp,
366 const struct ipc_ops *ops,
367 struct ipc_params *params)
368 {
369 int err;
370
371 if (ipcperms(ns, ipcp, params->flg))
372 err = -EACCES;
373 else {
374 err = ops->associate(ipcp, params->flg);
375 if (!err)
376 err = ipcp->id;
377 }
378
379 return err;
380 }
381
382 /**
383 * ipcget_public - get an ipc object or create a new one
384 * @ns: ipc namespace
385 * @ids: ipc identifier set
386 * @ops: the actual creation routine to call
387 * @params: its parameters
388 *
389 * This routine is called by sys_msgget, sys_semget() and sys_shmget()
390 * when the key is not IPC_PRIVATE.
391 * It adds a new entry if the key is not found and does some permission
392 * / security checkings if the key is found.
393 *
394 * On success, the ipc id is returned.
395 */
396 static int ipcget_public(struct ipc_namespace *ns, struct ipc_ids *ids,
397 const struct ipc_ops *ops, struct ipc_params *params)
398 {
399 struct kern_ipc_perm *ipcp;
400 int flg = params->flg;
401 int err;
402
403 /*
404 * Take the lock as a writer since we are potentially going to add
405 * a new entry + read locks are not "upgradable"
406 */
407 down_write(&ids->rwsem);
408 ipcp = ipc_findkey(ids, params->key);
409 if (ipcp == NULL) {
410 /* key not used */
411 if (!(flg & IPC_CREAT))
412 err = -ENOENT;
413 else
414 err = ops->getnew(ns, params);
415 } else {
416 /* ipc object has been locked by ipc_findkey() */
417
418 if (flg & IPC_CREAT && flg & IPC_EXCL)
419 err = -EEXIST;
420 else {
421 err = 0;
422 if (ops->more_checks)
423 err = ops->more_checks(ipcp, params);
424 if (!err)
425 /*
426 * ipc_check_perms returns the IPC id on
427 * success
428 */
429 err = ipc_check_perms(ns, ipcp, ops, params);
430 }
431 ipc_unlock(ipcp);
432 }
433 up_write(&ids->rwsem);
434
435 return err;
436 }
437
438 /**
439 * ipc_kht_remove - remove an ipc from the key hashtable
440 * @ids: ipc identifier set
441 * @ipcp: ipc perm structure containing the key to remove
442 *
443 * ipc_ids.rwsem (as a writer) and the spinlock for this ID are held
444 * before this function is called, and remain locked on the exit.
445 */
446 static void ipc_kht_remove(struct ipc_ids *ids, struct kern_ipc_perm *ipcp)
447 {
448 if (ipcp->key != IPC_PRIVATE)
449 rhashtable_remove_fast(&ids->key_ht, &ipcp->khtnode,
450 ipc_kht_params);
451 }
452
453 /**
454 * ipc_rmid - remove an ipc identifier
455 * @ids: ipc identifier set
456 * @ipcp: ipc perm structure containing the identifier to remove
457 *
458 * ipc_ids.rwsem (as a writer) and the spinlock for this ID are held
459 * before this function is called, and remain locked on the exit.
460 */
461 void ipc_rmid(struct ipc_ids *ids, struct kern_ipc_perm *ipcp)
462 {
463 int idx = ipcid_to_idx(ipcp->id);
464
465 idr_remove(&ids->ipcs_idr, idx);
466 ipc_kht_remove(ids, ipcp);
467 ids->in_use--;
468 ipcp->deleted = true;
469
470 if (unlikely(idx == ids->max_idx)) {
471 do {
472 idx--;
473 if (idx == -1)
474 break;
475 } while (!idr_find(&ids->ipcs_idr, idx));
476 ids->max_idx = idx;
477 }
478 }
479
480 /**
481 * ipc_set_key_private - switch the key of an existing ipc to IPC_PRIVATE
482 * @ids: ipc identifier set
483 * @ipcp: ipc perm structure containing the key to modify
484 *
485 * ipc_ids.rwsem (as a writer) and the spinlock for this ID are held
486 * before this function is called, and remain locked on the exit.
487 */
488 void ipc_set_key_private(struct ipc_ids *ids, struct kern_ipc_perm *ipcp)
489 {
490 ipc_kht_remove(ids, ipcp);
491 ipcp->key = IPC_PRIVATE;
492 }
493
494 bool ipc_rcu_getref(struct kern_ipc_perm *ptr)
495 {
496 return refcount_inc_not_zero(&ptr->refcount);
497 }
498
499 void ipc_rcu_putref(struct kern_ipc_perm *ptr,
500 void (*func)(struct rcu_head *head))
501 {
502 if (!refcount_dec_and_test(&ptr->refcount))
503 return;
504
505 call_rcu(&ptr->rcu, func);
506 }
507
508 /**
509 * ipcperms - check ipc permissions
510 * @ns: ipc namespace
511 * @ipcp: ipc permission set
512 * @flag: desired permission set
513 *
514 * Check user, group, other permissions for access
515 * to ipc resources. return 0 if allowed
516 *
517 * @flag will most probably be 0 or ``S_...UGO`` from <linux/stat.h>
518 */
519 int ipcperms(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp, short flag)
520 {
521 kuid_t euid = current_euid();
522 int requested_mode, granted_mode;
523
524 audit_ipc_obj(ipcp);
525 requested_mode = (flag >> 6) | (flag >> 3) | flag;
526 granted_mode = ipcp->mode;
527 if (uid_eq(euid, ipcp->cuid) ||
528 uid_eq(euid, ipcp->uid))
529 granted_mode >>= 6;
530 else if (in_group_p(ipcp->cgid) || in_group_p(ipcp->gid))
531 granted_mode >>= 3;
532 /* is there some bit set in requested_mode but not in granted_mode? */
533 if ((requested_mode & ~granted_mode & 0007) &&
534 !ns_capable(ns->user_ns, CAP_IPC_OWNER))
535 return -1;
536
537 return security_ipc_permission(ipcp, flag);
538 }
539
540 /*
541 * Functions to convert between the kern_ipc_perm structure and the
542 * old/new ipc_perm structures
543 */
544
545 /**
546 * kernel_to_ipc64_perm - convert kernel ipc permissions to user
547 * @in: kernel permissions
548 * @out: new style ipc permissions
549 *
550 * Turn the kernel object @in into a set of permissions descriptions
551 * for returning to userspace (@out).
552 */
553 void kernel_to_ipc64_perm(struct kern_ipc_perm *in, struct ipc64_perm *out)
554 {
555 out->key = in->key;
556 out->uid = from_kuid_munged(current_user_ns(), in->uid);
557 out->gid = from_kgid_munged(current_user_ns(), in->gid);
558 out->cuid = from_kuid_munged(current_user_ns(), in->cuid);
559 out->cgid = from_kgid_munged(current_user_ns(), in->cgid);
560 out->mode = in->mode;
561 out->seq = in->seq;
562 }
563
564 /**
565 * ipc64_perm_to_ipc_perm - convert new ipc permissions to old
566 * @in: new style ipc permissions
567 * @out: old style ipc permissions
568 *
569 * Turn the new style permissions object @in into a compatibility
570 * object and store it into the @out pointer.
571 */
572 void ipc64_perm_to_ipc_perm(struct ipc64_perm *in, struct ipc_perm *out)
573 {
574 out->key = in->key;
575 SET_UID(out->uid, in->uid);
576 SET_GID(out->gid, in->gid);
577 SET_UID(out->cuid, in->cuid);
578 SET_GID(out->cgid, in->cgid);
579 out->mode = in->mode;
580 out->seq = in->seq;
581 }
582
583 /**
584 * ipc_obtain_object_idr
585 * @ids: ipc identifier set
586 * @id: ipc id to look for
587 *
588 * Look for an id in the ipc ids idr and return associated ipc object.
589 *
590 * Call inside the RCU critical section.
591 * The ipc object is *not* locked on exit.
592 */
593 struct kern_ipc_perm *ipc_obtain_object_idr(struct ipc_ids *ids, int id)
594 {
595 struct kern_ipc_perm *out;
596 int idx = ipcid_to_idx(id);
597
598 out = idr_find(&ids->ipcs_idr, idx);
599 if (!out)
600 return ERR_PTR(-EINVAL);
601
602 return out;
603 }
604
605 /**
606 * ipc_obtain_object_check
607 * @ids: ipc identifier set
608 * @id: ipc id to look for
609 *
610 * Similar to ipc_obtain_object_idr() but also checks the ipc object
611 * sequence number.
612 *
613 * Call inside the RCU critical section.
614 * The ipc object is *not* locked on exit.
615 */
616 struct kern_ipc_perm *ipc_obtain_object_check(struct ipc_ids *ids, int id)
617 {
618 struct kern_ipc_perm *out = ipc_obtain_object_idr(ids, id);
619
620 if (IS_ERR(out))
621 goto out;
622
623 if (ipc_checkid(out, id))
624 return ERR_PTR(-EINVAL);
625 out:
626 return out;
627 }
628
629 /**
630 * ipcget - Common sys_*get() code
631 * @ns: namespace
632 * @ids: ipc identifier set
633 * @ops: operations to be called on ipc object creation, permission checks
634 * and further checks
635 * @params: the parameters needed by the previous operations.
636 *
637 * Common routine called by sys_msgget(), sys_semget() and sys_shmget().
638 */
639 int ipcget(struct ipc_namespace *ns, struct ipc_ids *ids,
640 const struct ipc_ops *ops, struct ipc_params *params)
641 {
642 if (params->key == IPC_PRIVATE)
643 return ipcget_new(ns, ids, ops, params);
644 else
645 return ipcget_public(ns, ids, ops, params);
646 }
647
648 /**
649 * ipc_update_perm - update the permissions of an ipc object
650 * @in: the permission given as input.
651 * @out: the permission of the ipc to set.
652 */
653 int ipc_update_perm(struct ipc64_perm *in, struct kern_ipc_perm *out)
654 {
655 kuid_t uid = make_kuid(current_user_ns(), in->uid);
656 kgid_t gid = make_kgid(current_user_ns(), in->gid);
657 if (!uid_valid(uid) || !gid_valid(gid))
658 return -EINVAL;
659
660 out->uid = uid;
661 out->gid = gid;
662 out->mode = (out->mode & ~S_IRWXUGO)
663 | (in->mode & S_IRWXUGO);
664
665 return 0;
666 }
667
668 /**
669 * ipcctl_obtain_check - retrieve an ipc object and check permissions
670 * @ns: ipc namespace
671 * @ids: the table of ids where to look for the ipc
672 * @id: the id of the ipc to retrieve
673 * @cmd: the cmd to check
674 * @perm: the permission to set
675 * @extra_perm: one extra permission parameter used by msq
676 *
677 * This function does some common audit and permissions check for some IPC_XXX
678 * cmd and is called from semctl_down, shmctl_down and msgctl_down.
679 *
680 * It:
681 * - retrieves the ipc object with the given id in the given table.
682 * - performs some audit and permission check, depending on the given cmd
683 * - returns a pointer to the ipc object or otherwise, the corresponding
684 * error.
685 *
686 * Call holding the both the rwsem and the rcu read lock.
687 */
688 struct kern_ipc_perm *ipcctl_obtain_check(struct ipc_namespace *ns,
689 struct ipc_ids *ids, int id, int cmd,
690 struct ipc64_perm *perm, int extra_perm)
691 {
692 kuid_t euid;
693 int err = -EPERM;
694 struct kern_ipc_perm *ipcp;
695
696 ipcp = ipc_obtain_object_check(ids, id);
697 if (IS_ERR(ipcp)) {
698 err = PTR_ERR(ipcp);
699 goto err;
700 }
701
702 audit_ipc_obj(ipcp);
703 if (cmd == IPC_SET)
704 audit_ipc_set_perm(extra_perm, perm->uid,
705 perm->gid, perm->mode);
706
707 euid = current_euid();
708 if (uid_eq(euid, ipcp->cuid) || uid_eq(euid, ipcp->uid) ||
709 ns_capable(ns->user_ns, CAP_SYS_ADMIN))
710 return ipcp; /* successful lookup */
711 err:
712 return ERR_PTR(err);
713 }
714
715 #ifdef CONFIG_ARCH_WANT_IPC_PARSE_VERSION
716
717
718 /**
719 * ipc_parse_version - ipc call version
720 * @cmd: pointer to command
721 *
722 * Return IPC_64 for new style IPC and IPC_OLD for old style IPC.
723 * The @cmd value is turned from an encoding command and version into
724 * just the command code.
725 */
726 int ipc_parse_version(int *cmd)
727 {
728 if (*cmd & IPC_64) {
729 *cmd ^= IPC_64;
730 return IPC_64;
731 } else {
732 return IPC_OLD;
733 }
734 }
735
736 #endif /* CONFIG_ARCH_WANT_IPC_PARSE_VERSION */
737
738 #ifdef CONFIG_PROC_FS
739 struct ipc_proc_iter {
740 struct ipc_namespace *ns;
741 struct pid_namespace *pid_ns;
742 struct ipc_proc_iface *iface;
743 };
744
745 struct pid_namespace *ipc_seq_pid_ns(struct seq_file *s)
746 {
747 struct ipc_proc_iter *iter = s->private;
748 return iter->pid_ns;
749 }
750
751 /*
752 * This routine locks the ipc structure found at least at position pos.
753 */
754 static struct kern_ipc_perm *sysvipc_find_ipc(struct ipc_ids *ids, loff_t pos,
755 loff_t *new_pos)
756 {
757 struct kern_ipc_perm *ipc;
758 int total, id;
759
760 total = 0;
761 for (id = 0; id < pos && total < ids->in_use; id++) {
762 ipc = idr_find(&ids->ipcs_idr, id);
763 if (ipc != NULL)
764 total++;
765 }
766
767 ipc = NULL;
768 if (total >= ids->in_use)
769 goto out;
770
771 for (; pos < ipc_mni; pos++) {
772 ipc = idr_find(&ids->ipcs_idr, pos);
773 if (ipc != NULL) {
774 rcu_read_lock();
775 ipc_lock_object(ipc);
776 break;
777 }
778 }
779 out:
780 *new_pos = pos + 1;
781 return ipc;
782 }
783
784 static void *sysvipc_proc_next(struct seq_file *s, void *it, loff_t *pos)
785 {
786 struct ipc_proc_iter *iter = s->private;
787 struct ipc_proc_iface *iface = iter->iface;
788 struct kern_ipc_perm *ipc = it;
789
790 /* If we had an ipc id locked before, unlock it */
791 if (ipc && ipc != SEQ_START_TOKEN)
792 ipc_unlock(ipc);
793
794 return sysvipc_find_ipc(&iter->ns->ids[iface->ids], *pos, pos);
795 }
796
797 /*
798 * File positions: pos 0 -> header, pos n -> ipc id = n - 1.
799 * SeqFile iterator: iterator value locked ipc pointer or SEQ_TOKEN_START.
800 */
801 static void *sysvipc_proc_start(struct seq_file *s, loff_t *pos)
802 {
803 struct ipc_proc_iter *iter = s->private;
804 struct ipc_proc_iface *iface = iter->iface;
805 struct ipc_ids *ids;
806
807 ids = &iter->ns->ids[iface->ids];
808
809 /*
810 * Take the lock - this will be released by the corresponding
811 * call to stop().
812 */
813 down_read(&ids->rwsem);
814
815 /* pos < 0 is invalid */
816 if (*pos < 0)
817 return NULL;
818
819 /* pos == 0 means header */
820 if (*pos == 0)
821 return SEQ_START_TOKEN;
822
823 /* Find the (pos-1)th ipc */
824 return sysvipc_find_ipc(ids, *pos - 1, pos);
825 }
826
827 static void sysvipc_proc_stop(struct seq_file *s, void *it)
828 {
829 struct kern_ipc_perm *ipc = it;
830 struct ipc_proc_iter *iter = s->private;
831 struct ipc_proc_iface *iface = iter->iface;
832 struct ipc_ids *ids;
833
834 /* If we had a locked structure, release it */
835 if (ipc && ipc != SEQ_START_TOKEN)
836 ipc_unlock(ipc);
837
838 ids = &iter->ns->ids[iface->ids];
839 /* Release the lock we took in start() */
840 up_read(&ids->rwsem);
841 }
842
843 static int sysvipc_proc_show(struct seq_file *s, void *it)
844 {
845 struct ipc_proc_iter *iter = s->private;
846 struct ipc_proc_iface *iface = iter->iface;
847
848 if (it == SEQ_START_TOKEN) {
849 seq_puts(s, iface->header);
850 return 0;
851 }
852
853 return iface->show(s, it);
854 }
855
856 static const struct seq_operations sysvipc_proc_seqops = {
857 .start = sysvipc_proc_start,
858 .stop = sysvipc_proc_stop,
859 .next = sysvipc_proc_next,
860 .show = sysvipc_proc_show,
861 };
862
863 static int sysvipc_proc_open(struct inode *inode, struct file *file)
864 {
865 struct ipc_proc_iter *iter;
866
867 iter = __seq_open_private(file, &sysvipc_proc_seqops, sizeof(*iter));
868 if (!iter)
869 return -ENOMEM;
870
871 iter->iface = PDE_DATA(inode);
872 iter->ns = get_ipc_ns(current->nsproxy->ipc_ns);
873 iter->pid_ns = get_pid_ns(task_active_pid_ns(current));
874
875 return 0;
876 }
877
878 static int sysvipc_proc_release(struct inode *inode, struct file *file)
879 {
880 struct seq_file *seq = file->private_data;
881 struct ipc_proc_iter *iter = seq->private;
882 put_ipc_ns(iter->ns);
883 put_pid_ns(iter->pid_ns);
884 return seq_release_private(inode, file);
885 }
886
887 static const struct file_operations sysvipc_proc_fops = {
888 .open = sysvipc_proc_open,
889 .read = seq_read,
890 .llseek = seq_lseek,
891 .release = sysvipc_proc_release,
892 };
893 #endif /* CONFIG_PROC_FS */