cregit-Linux how code gets into the kernel

Release 4.17 ipc/util.c

Directory: ipc
// SPDX-License-Identifier: GPL-2.0
/*
 * linux/ipc/util.c
 * Copyright (C) 1992 Krishna Balasubramanian
 *
 * Sep 1997 - Call suser() last after "normal" permission checks so we
 *            get BSD style process accounting right.
 *            Occurs in several places in the IPC code.
 *            Chris Evans, <chris@ferret.lmh.ox.ac.uk>
 * Nov 1999 - ipc helper functions, unified SMP locking
 *            Manfred Spraul <manfred@colorfullife.com>
 * Oct 2002 - One lock per IPC id. RCU ipc_free for lock-free grow_ary().
 *            Mingming Cao <cmm@us.ibm.com>
 * Mar 2006 - support for audit of ipc object properties
 *            Dustin Kirkland <dustin.kirkland@us.ibm.com>
 * Jun 2006 - namespaces ssupport
 *            OpenVZ, SWsoft Inc.
 *            Pavel Emelianov <xemul@openvz.org>
 *
 * General sysv ipc locking scheme:
 *      rcu_read_lock()
 *          obtain the ipc object (kern_ipc_perm) by looking up the id in an idr
 *          tree.
 *          - perform initial checks (capabilities, auditing and permission,
 *            etc).
 *          - perform read-only operations, such as INFO command, that
 *            do not demand atomicity
 *            acquire the ipc lock (kern_ipc_perm.lock) through
 *            ipc_lock_object()
 *              - perform read-only operations that demand atomicity,
 *                such as STAT command.
 *              - perform data updates, such as SET, RMID commands and
 *                mechanism-specific operations (semop/semtimedop,
 *                msgsnd/msgrcv, shmat/shmdt).
 *          drop the ipc lock, through ipc_unlock_object().
 *      rcu_read_unlock()
 *
 *  The ids->rwsem must be taken when:
 *      - creating, removing and iterating the existing entries in ipc
 *        identifier sets.
 *      - iterating through files under /proc/sysvipc/
 *
 *  Note that sems have a special fast path that avoids kern_ipc_perm.lock -
 *  see sem_lock().
 */

#include <linux/mm.h>
#include <linux/shm.h>
#include <linux/init.h>
#include <linux/msg.h>
#include <linux/vmalloc.h>
#include <linux/slab.h>
#include <linux/notifier.h>
#include <linux/capability.h>
#include <linux/highuid.h>
#include <linux/security.h>
#include <linux/rcupdate.h>
#include <linux/workqueue.h>
#include <linux/seq_file.h>
#include <linux/proc_fs.h>
#include <linux/audit.h>
#include <linux/nsproxy.h>
#include <linux/rwsem.h>
#include <linux/memory.h>
#include <linux/ipc_namespace.h>

#include <asm/unistd.h>

#include "util.h"


struct ipc_proc_iface {
	
const char *path;
	
const char *header;
	
int ids;
	
int (*show)(struct seq_file *, void *);
};

/**
 * ipc_init - initialise ipc subsystem
 *
 * The various sysv ipc resources (semaphores, messages and shared
 * memory) are initialised.
 *
 * A callback routine is registered into the memory hotplug notifier
 * chain: since msgmni scales to lowmem this callback routine will be
 * called upon successful memory add / remove to recompute msmgni.
 */

static int __init ipc_init(void) { int err_sem, err_msg; proc_mkdir("sysvipc", NULL); err_sem = sem_init(); WARN(err_sem, "ipc: sysv sem_init failed: %d\n", err_sem); err_msg = msg_init(); WARN(err_msg, "ipc: sysv msg_init failed: %d\n", err_msg); shm_init(); return err_msg ? err_msg : err_sem; }

Contributors

PersonTokensPropCommitsCommitProp
Guillaume Knispel3254.24%120.00%
Linus Torvalds (pre-git)1627.12%240.00%
Alexey Dobriyan711.86%120.00%
Andrew Morton46.78%120.00%
Total59100.00%5100.00%

device_initcall(ipc_init); static const struct rhashtable_params ipc_kht_params = { .head_offset = offsetof(struct kern_ipc_perm, khtnode), .key_offset = offsetof(struct kern_ipc_perm, key), .key_len = FIELD_SIZEOF(struct kern_ipc_perm, key), .locks_mul = 1, .automatic_shrinking = true, }; /** * ipc_init_ids - initialise ipc identifiers * @ids: ipc identifier set * * Set up the sequence range to use for the ipc identifier range (limited * below IPCMNI) then initialise the keys hashtable and ids idr. */
int ipc_init_ids(struct ipc_ids *ids) { int err; ids->in_use = 0; ids->seq = 0; init_rwsem(&ids->rwsem); err = rhashtable_init(&ids->key_ht, &ipc_kht_params); if (err) return err; idr_init(&ids->ipcs_idr); ids->tables_initialized = true; ids->max_id = -1; #ifdef CONFIG_CHECKPOINT_RESTORE ids->next_id = -1; #endif return 0; }

Contributors

PersonTokensPropCommitsCommitProp
Guillaume Knispel3337.08%114.29%
Linus Torvalds (pre-git)2629.21%114.29%
Davidlohr Bueso A2426.97%342.86%
Nadia Derbey33.37%114.29%
Paul E. McKenney33.37%114.29%
Total89100.00%7100.00%

#ifdef CONFIG_PROC_FS static const struct file_operations sysvipc_proc_fops; /** * ipc_init_proc_interface - create a proc interface for sysipc types using a seq_file interface. * @path: Path in procfs * @header: Banner to be printed at the beginning of the file. * @ids: ipc id table to iterate. * @show: show routine. */
void __init ipc_init_proc_interface(const char *path, const char *header, int ids, int (*show)(struct seq_file *, void *)) { struct proc_dir_entry *pde; struct ipc_proc_iface *iface; iface = kmalloc(sizeof(*iface), GFP_KERNEL); if (!iface) return; iface->path = path; iface->header = header; iface->ids = ids; iface->show = show; pde = proc_create_data(path, S_IRUGO, /* world readable */ NULL, /* parent dir */ &sysvipc_proc_fops, iface); if (!pde) kfree(iface); }

Contributors

PersonTokensPropCommitsCommitProp
Mike Waychison10692.98%133.33%
Denis V. Lunev76.14%133.33%
Kirill Korotaev10.88%133.33%
Total114100.00%3100.00%

#endif /** * ipc_findkey - find a key in an ipc identifier set * @ids: ipc identifier set * @key: key to find * * Returns the locked pointer to the ipc structure if found or NULL * otherwise. If key is found ipc points to the owning ipc structure * * Called with writer ipc_ids.rwsem held. */
static struct kern_ipc_perm *ipc_findkey(struct ipc_ids *ids, key_t key) { struct kern_ipc_perm *ipcp = NULL; if (likely(ids->tables_initialized)) ipcp = rhashtable_lookup_fast(&ids->key_ht, &key, ipc_kht_params); if (ipcp) { rcu_read_lock(); ipc_lock_object(ipcp); return ipcp; } return NULL; }

Contributors

PersonTokensPropCommitsCommitProp
Linus Torvalds (pre-git)2740.30%228.57%
Guillaume Knispel2029.85%114.29%
Nadia Derbey1522.39%228.57%
Davidlohr Bueso A45.97%114.29%
Andrew Morton11.49%114.29%
Total67100.00%7100.00%

#ifdef CONFIG_CHECKPOINT_RESTORE /* * Specify desired id for next allocated IPC object. */ #define ipc_idr_alloc(ids, new) \ idr_alloc(&(ids)->ipcs_idr, (new), \ (ids)->next_id < 0 ? 0 : ipcid_to_idx((ids)->next_id),\ 0, GFP_NOWAIT)
static inline int ipc_buildid(int id, struct ipc_ids *ids, struct kern_ipc_perm *new) { if (ids->next_id < 0) { /* default, behave as !CHECKPOINT_RESTORE */ new->seq = ids->seq++; if (ids->seq > IPCID_SEQ_MAX) ids->seq = 0; } else { new->seq = ipcid_to_seqx(ids->next_id); ids->next_id = -1; } return SEQ_MULTIPLIER * new->seq + id; }

Contributors

PersonTokensPropCommitsCommitProp
Davidlohr Bueso A84100.00%1100.00%
Total84100.00%1100.00%

#else #define ipc_idr_alloc(ids, new) \ idr_alloc(&(ids)->ipcs_idr, (new), 0, 0, GFP_NOWAIT)
static inline int ipc_buildid(int id, struct ipc_ids *ids, struct kern_ipc_perm *new) { new->seq = ids->seq++; if (ids->seq > IPCID_SEQ_MAX) ids->seq = 0; return SEQ_MULTIPLIER * new->seq + id; }

Contributors

PersonTokensPropCommitsCommitProp
Davidlohr Bueso A52100.00%1100.00%
Total52100.00%1100.00%

#endif /* CONFIG_CHECKPOINT_RESTORE */ /** * ipc_addid - add an ipc identifier * @ids: ipc identifier set * @new: new ipc permission set * @limit: limit for the number of used ids * * Add an entry 'new' to the ipc ids idr. The permissions object is * initialised and the first free entry is set up and the id assigned * is returned. The 'new' entry is returned in a locked state on success. * On failure the entry is not locked and a negative err-code is returned. * * Called with writer ipc_ids.rwsem held. */
int ipc_addid(struct ipc_ids *ids, struct kern_ipc_perm *new, int limit) { kuid_t euid; kgid_t egid; int id, err; if (limit > IPCMNI) limit = IPCMNI; if (!ids->tables_initialized || ids->in_use >= limit) return -ENOSPC; idr_preload(GFP_KERNEL); refcount_set(&new->refcount, 1); spin_lock_init(&new->lock); new->deleted = false; rcu_read_lock(); spin_lock(&new->lock); current_euid_egid(&euid, &egid); new->cuid = new->uid = euid; new->gid = new->cgid = egid; id = ipc_idr_alloc(ids, new); idr_preload_end(); if (id >= 0 && new->key != IPC_PRIVATE) { err = rhashtable_insert_fast(&ids->key_ht, &new->khtnode, ipc_kht_params); if (err < 0) { idr_remove(&ids->ipcs_idr, id); id = err; } } if (id < 0) { spin_unlock(&new->lock); rcu_read_unlock(); return id; } ids->in_use++; if (id > ids->max_id) ids->max_id = id; new->id = ipc_buildid(id, ids, new); return id; }

Contributors

PersonTokensPropCommitsCommitProp
Guillaume Knispel6024.29%15.88%
Nadia Derbey5522.27%211.76%
Linus Torvalds (pre-git)4016.19%211.76%
Linus Torvalds2911.74%15.88%
Davidlohr Bueso A218.50%317.65%
Tejun Heo135.26%15.88%
Pierre Peiffer124.86%211.76%
Kees Cook93.64%15.88%
David Howells41.62%15.88%
Eric W. Biedermann20.81%15.88%
Elena Reshetova10.40%15.88%
Rafael Aquini10.40%15.88%
Total247100.00%17100.00%

/** * ipcget_new - create a new ipc object * @ns: ipc namespace * @ids: ipc identifier set * @ops: the actual creation routine to call * @params: its parameters * * This routine is called by sys_msgget, sys_semget() and sys_shmget() * when the key is IPC_PRIVATE. */
static int ipcget_new(struct ipc_namespace *ns, struct ipc_ids *ids, const struct ipc_ops *ops, struct ipc_params *params) { int err; down_write(&ids->rwsem); err = ops->getnew(ns, params); up_write(&ids->rwsem); return err; }

Contributors

PersonTokensPropCommitsCommitProp
Nadia Derbey5693.33%240.00%
Davidlohr Bueso A23.33%120.00%
Mathias Krause11.67%120.00%
Pavel Emelyanov11.67%120.00%
Total60100.00%5100.00%

/** * ipc_check_perms - check security and permissions for an ipc object * @ns: ipc namespace * @ipcp: ipc permission set * @ops: the actual security routine to call * @params: its parameters * * This routine is called by sys_msgget(), sys_semget() and sys_shmget() * when the key is not IPC_PRIVATE and that key already exists in the * ds IDR. * * On success, the ipc id is returned. * * It is called with ipc_ids.rwsem and ipcp->lock held. */
static int ipc_check_perms(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp, const struct ipc_ops *ops, struct ipc_params *params) { int err; if (ipcperms(ns, ipcp, params->flg)) err = -EACCES; else { err = ops->associate(ipcp, params->flg); if (!err) err = ipcp->id; } return err; }

Contributors

PersonTokensPropCommitsCommitProp
Nadia Derbey7089.74%133.33%
Serge E. Hallyn78.97%133.33%
Mathias Krause11.28%133.33%
Total78100.00%3100.00%

/** * ipcget_public - get an ipc object or create a new one * @ns: ipc namespace * @ids: ipc identifier set * @ops: the actual creation routine to call * @params: its parameters * * This routine is called by sys_msgget, sys_semget() and sys_shmget() * when the key is not IPC_PRIVATE. * It adds a new entry if the key is not found and does some permission * / security checkings if the key is found. * * On success, the ipc id is returned. */
static int ipcget_public(struct ipc_namespace *ns, struct ipc_ids *ids, const struct ipc_ops *ops, struct ipc_params *params) { struct kern_ipc_perm *ipcp; int flg = params->flg; int err; /* * Take the lock as a writer since we are potentially going to add * a new entry + read locks are not "upgradable" */ down_write(&ids->rwsem); ipcp = ipc_findkey(ids, params->key); if (ipcp == NULL) { /* key not used */ if (!(flg & IPC_CREAT)) err = -ENOENT; else err = ops->getnew(ns, params); } else { /* ipc object has been locked by ipc_findkey() */ if (flg & IPC_CREAT && flg & IPC_EXCL) err = -EEXIST; else { err = 0; if (ops->more_checks) err = ops->more_checks(ipcp, params); if (!err) /* * ipc_check_perms returns the IPC id on * success */ err = ipc_check_perms(ns, ipcp, ops, params); } ipc_unlock(ipcp); } up_write(&ids->rwsem); return err; }

Contributors

PersonTokensPropCommitsCommitProp
Nadia Derbey16996.57%342.86%
Serge E. Hallyn21.14%114.29%
Davidlohr Bueso A21.14%114.29%
Mathias Krause10.57%114.29%
Pavel Emelyanov10.57%114.29%
Total175100.00%7100.00%

/** * ipc_kht_remove - remove an ipc from the key hashtable * @ids: ipc identifier set * @ipcp: ipc perm structure containing the key to remove * * ipc_ids.rwsem (as a writer) and the spinlock for this ID are held * before this function is called, and remain locked on the exit. */
static void ipc_kht_remove(struct ipc_ids *ids, struct kern_ipc_perm *ipcp) { if (ipcp->key != IPC_PRIVATE) rhashtable_remove_fast(&ids->key_ht, &ipcp->khtnode, ipc_kht_params); }

Contributors

PersonTokensPropCommitsCommitProp
Guillaume Knispel39100.00%1100.00%
Total39100.00%1100.00%

/** * ipc_rmid - remove an ipc identifier * @ids: ipc identifier set * @ipcp: ipc perm structure containing the identifier to remove * * ipc_ids.rwsem (as a writer) and the spinlock for this ID are held * before this function is called, and remain locked on the exit. */
void ipc_rmid(struct ipc_ids *ids, struct kern_ipc_perm *ipcp) { int lid = ipcid_to_idx(ipcp->id); idr_remove(&ids->ipcs_idr, lid); ipc_kht_remove(ids, ipcp); ids->in_use--; ipcp->deleted = true; if (unlikely(lid == ids->max_id)) { do { lid--; if (lid == -1) break; } while (!idr_find(&ids->ipcs_idr, lid)); ids->max_id = lid; } }

Contributors

PersonTokensPropCommitsCommitProp
Davidlohr Bueso A4747.00%111.11%
Linus Torvalds (pre-git)2525.00%222.22%
Nadia Derbey1414.00%222.22%
Guillaume Knispel77.00%111.11%
Andrew Morton44.00%111.11%
Eric Sesterhenn / Snakebyte22.00%111.11%
Rafael Aquini11.00%111.11%
Total100100.00%9100.00%

/** * ipc_set_key_private - switch the key of an existing ipc to IPC_PRIVATE * @ids: ipc identifier set * @ipcp: ipc perm structure containing the key to modify * * ipc_ids.rwsem (as a writer) and the spinlock for this ID are held * before this function is called, and remain locked on the exit. */
void ipc_set_key_private(struct ipc_ids *ids, struct kern_ipc_perm *ipcp) { ipc_kht_remove(ids, ipcp); ipcp->key = IPC_PRIVATE; }

Contributors

PersonTokensPropCommitsCommitProp
Guillaume Knispel28100.00%1100.00%
Total28100.00%1100.00%


int ipc_rcu_getref(struct kern_ipc_perm *ptr) { return refcount_inc_not_zero(&ptr->refcount); }

Contributors

PersonTokensPropCommitsCommitProp
Manfred Spraul1263.16%250.00%
Rik Van Riel631.58%125.00%
Elena Reshetova15.26%125.00%
Total19100.00%4100.00%


void ipc_rcu_putref(struct kern_ipc_perm *ptr, void (*func)(struct rcu_head *head)) { if (!refcount_dec_and_test(&ptr->refcount)) return; call_rcu(&ptr->rcu, func); }

Contributors

PersonTokensPropCommitsCommitProp
Andrew Morton1943.18%225.00%
Davidlohr Bueso A1125.00%112.50%
Manfred Spraul715.91%225.00%
Al Viro511.36%112.50%
Rik Van Riel12.27%112.50%
Elena Reshetova12.27%112.50%
Total44100.00%8100.00%

/** * ipcperms - check ipc permissions * @ns: ipc namespace * @ipcp: ipc permission set * @flag: desired permission set * * Check user, group, other permissions for access * to ipc resources. return 0 if allowed * * @flag will most probably be 0 or ``S_...UGO`` from <linux/stat.h> */
int ipcperms(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp, short flag) { kuid_t euid = current_euid(); int requested_mode, granted_mode; audit_ipc_obj(ipcp); requested_mode = (flag >> 6) | (flag >> 3) | flag; granted_mode = ipcp->mode; if (uid_eq(euid, ipcp->cuid) || uid_eq(euid, ipcp->uid)) granted_mode >>= 6; else if (in_group_p(ipcp->cgid) || in_group_p(ipcp->gid)) granted_mode >>= 3; /* is there some bit set in requested_mode but not in granted_mode? */ if ((requested_mode & ~granted_mode & 0007) && !ns_capable(ns->user_ns, CAP_IPC_OWNER)) return -1; return security_ipc_permission(ipcp, flag); }

Contributors

PersonTokensPropCommitsCommitProp
Linus Torvalds (pre-git)10074.07%646.15%
Serge E. Hallyn107.41%17.69%
Eric W. Biedermann96.67%17.69%
David Howells53.70%17.69%
Stephen D. Smalley53.70%17.69%
Steve Grubb42.96%17.69%
Al Viro10.74%17.69%
Greg Kroah-Hartman10.74%17.69%
Total135100.00%13100.00%

/* * Functions to convert between the kern_ipc_perm structure and the * old/new ipc_perm structures */ /** * kernel_to_ipc64_perm - convert kernel ipc permissions to user * @in: kernel permissions * @out: new style ipc permissions * * Turn the kernel object @in into a set of permissions descriptions * for returning to userspace (@out). */
void kernel_to_ipc64_perm(struct kern_ipc_perm *in, struct ipc64_perm *out) { out->key = in->key; out->uid = from_kuid_munged(current_user_ns(), in->uid); out->gid = from_kgid_munged(current_user_ns(), in->gid); out->cuid = from_kuid_munged(current_user_ns(), in->cuid); out->cgid = from_kgid_munged(current_user_ns(), in->cgid); out->mode = in->mode; out->seq = in->seq; }

Contributors

PersonTokensPropCommitsCommitProp
Linus Torvalds (pre-git)7174.74%150.00%
Eric W. Biedermann2425.26%150.00%
Total95100.00%2100.00%

/** * ipc64_perm_to_ipc_perm - convert new ipc permissions to old * @in: new style ipc permissions * @out: old style ipc permissions * * Turn the new style permissions object @in into a compatibility * object and store it into the @out pointer. */
void ipc64_perm_to_ipc_perm(struct ipc64_perm *in, struct ipc_perm *out) { out->key = in->key; SET_UID(out->uid, in->uid); SET_GID(out->gid, in->gid); SET_UID(out->cuid, in->cuid); SET_GID(out->cgid, in->cgid); out->mode = in->mode; out->seq = in->seq; }

Contributors

PersonTokensPropCommitsCommitProp
Linus Torvalds (pre-git)7185.54%150.00%
Andi Kleen1214.46%150.00%
Total83100.00%2100.00%

/** * ipc_obtain_object_idr * @ids: ipc identifier set * @id: ipc id to look for * * Look for an id in the ipc ids idr and return associated ipc object. * * Call inside the RCU critical section. * The ipc object is *not* locked on exit. */
struct kern_ipc_perm *ipc_obtain_object_idr(struct ipc_ids *ids, int id) { struct kern_ipc_perm *out; int lid = ipcid_to_idx(id); if (unlikely(!ids->tables_initialized)) return ERR_PTR(-EINVAL); out = idr_find(&ids->ipcs_idr, lid); if (!out) return ERR_PTR(-EINVAL); return out; }

Contributors

PersonTokensPropCommitsCommitProp
Andrew Morton3447.22%222.22%
Guillaume Knispel1723.61%111.11%
Nadia Derbey1520.83%333.33%
Davidlohr Bueso A56.94%222.22%
Paul E. McKenney11.39%111.11%
Total72100.00%9100.00%

/** * ipc_lock - lock an ipc structure without rwsem held * @ids: ipc identifier set * @id: ipc id to look for * * Look for an id in the ipc ids idr and lock the associated ipc object. * * The ipc object is locked on successful exit. */
struct kern_ipc_perm *ipc_lock(struct ipc_ids *ids, int id) { struct kern_ipc_perm *out; rcu_read_lock(); out = ipc_obtain_object_idr(ids, id); if (IS_ERR(out)) goto err; spin_lock(&out->lock); /* * ipc_rmid() may have already freed the ID while ipc_lock() * was spinning: here verify that the structure is still valid. * Upon races with RMID, return -EIDRM, thus indicating that * the ID points to a removed identifier. */ if (ipc_valid_object(out)) return out; spin_unlock(&out->lock); out = ERR_PTR(-EIDRM); err: rcu_read_unlock(); return out; }

Contributors

PersonTokensPropCommitsCommitProp
Davidlohr Bueso A5868.24%360.00%
Andrew Morton2428.24%120.00%
Rafael Aquini33.53%120.00%
Total85100.00%5100.00%

/** * ipc_obtain_object_check * @ids: ipc identifier set * @id: ipc id to look for * * Similar to ipc_obtain_object_idr() but also checks * the ipc object reference counter. * * Call inside the RCU critical section. * The ipc object is *not* locked on exit. */
struct kern_ipc_perm *ipc_obtain_object_check(struct ipc_ids *ids, int id) { struct kern_ipc_perm *out = ipc_obtain_object_idr(ids, id); if (IS_ERR(out)) goto out; if (ipc_checkid(out, id)) return ERR_PTR(-EINVAL); out: return out; }

Contributors

PersonTokensPropCommitsCommitProp
Davidlohr Bueso A4984.48%360.00%
Andrew Morton58.62%120.00%
Nadia Derbey46.90%120.00%
Total58100.00%5100.00%

/** * ipcget - Common sys_*get() code * @ns: namespace * @ids: ipc identifier set * @ops: operations to be called on ipc object creation, permission checks * and further checks * @params: the parameters needed by the previous operations. * * Common routine called by sys_msgget(), sys_semget() and sys_shmget(). */
int ipcget(struct ipc_namespace *ns, struct ipc_ids *ids, const struct ipc_ops *ops, struct ipc_params *params) { if (params->key == IPC_PRIVATE) return ipcget_new(ns, ids, ops, params); else return ipcget_public(ns, ids, ops, params); }

Contributors

PersonTokensPropCommitsCommitProp
Pavel Emelyanov5898.31%150.00%
Mathias Krause11.69%150.00%
Total59100.00%2100.00%

/** * ipc_update_perm - update the permissions of an ipc object * @in: the permission given as input. * @out: the permission of the ipc to set. */
int ipc_update_perm(struct ipc64_perm *in, struct kern_ipc_perm *out) { kuid_t uid = make_kuid(current_user_ns(), in->uid); kgid_t gid = make_kgid(current_user_ns(), in->gid); if (!uid_valid(uid) || !gid_valid(gid)) return -EINVAL; out->uid = uid; out->gid = gid; out->mode = (out->mode & ~S_IRWXUGO) | (in->mode & S_IRWXUGO); return 0; }

Contributors

PersonTokensPropCommitsCommitProp
Eric W. Biedermann4850.53%150.00%
Pierre Peiffer4749.47%150.00%
Total95100.00%2100.00%

/** * ipcctl_pre_down_nolock - retrieve an ipc and check permissions for some IPC_XXX cmd * @ns: ipc namespace * @ids: the table of ids where to look for the ipc * @id: the id of the ipc to retrieve * @cmd: the cmd to check * @perm: the permission to set * @extra_perm: one extra permission parameter used by msq * * This function does some common audit and permissions check for some IPC_XXX * cmd and is called from semctl_down, shmctl_down and msgctl_down. * It must be called without any lock held and: * * - retrieves the ipc with the given id in the given table. * - performs some audit and permission check, depending on the given cmd * - returns a pointer to the ipc object or otherwise, the corresponding * error. * * Call holding the both the rwsem and the rcu read lock. */
struct kern_ipc_perm *ipcctl_pre_down_nolock(struct ipc_namespace *ns, struct ipc_ids *ids, int id, int cmd, struct ipc64_perm *perm, int extra_perm) { kuid_t euid; int err = -EPERM; struct kern_ipc_perm *ipcp; ipcp = ipc_obtain_object_check(ids, id); if (IS_ERR(ipcp)) { err = PTR_ERR(ipcp); goto err; } audit_ipc_obj(ipcp); if (cmd == IPC_SET) audit_ipc_set_perm(extra_perm, perm->uid, perm->gid, perm->mode); euid = current_euid(); if (uid_eq(euid, ipcp->cuid) || uid_eq(euid, ipcp->uid) || ns_capable(ns->user_ns, CAP_SYS_ADMIN)) return ipcp; /* successful lookup */ err: return ERR_PTR(err); }

Contributors

PersonTokensPropCommitsCommitProp
Pierre Peiffer8457.14%116.67%
Davidlohr Bueso A4228.57%233.33%
Eric W. Biedermann96.12%116.67%
David Howells74.76%116.67%
Serge E. Hallyn53.40%116.67%
Total147100.00%6100.00%

#ifdef CONFIG_ARCH_WANT_IPC_PARSE_VERSION /** * ipc_parse_version - ipc call version * @cmd: pointer to command * * Return IPC_64 for new style IPC and IPC_OLD for old style IPC. * The @cmd value is turned from an encoding command and version into * just the command code. */
int ipc_parse_version(int *cmd) { if (*cmd & IPC_64) { *cmd ^= IPC_64; return IPC_64; } else { return IPC_OLD; } }

Contributors

PersonTokensPropCommitsCommitProp
Linus Torvalds (pre-git)32100.00%1100.00%
Total32100.00%1100.00%

#endif /* CONFIG_ARCH_WANT_IPC_PARSE_VERSION */ #ifdef CONFIG_PROC_FS struct ipc_proc_iter { struct ipc_namespace *ns; struct pid_namespace *pid_ns; struct ipc_proc_iface *iface; };
struct pid_namespace *ipc_seq_pid_ns(struct seq_file *s) { struct ipc_proc_iter *iter = s->private; return iter->pid_ns; }

Contributors

PersonTokensPropCommitsCommitProp
Eric W. Biedermann26100.00%1100.00%
Total26100.00%1100.00%

/* * This routine locks the ipc structure found at least at position pos. */
static struct kern_ipc_perm *sysvipc_find_ipc(struct ipc_ids *ids, loff_t pos, loff_t *new_pos) { struct kern_ipc_perm *ipc; int total, id; total = 0; for (id = 0; id < pos && total < ids->in_use; id++) { ipc = idr_find(&ids->ipcs_idr, id); if (ipc != NULL) total++; } if (total >= ids->in_use) return NULL; for (; pos < IPCMNI; pos++) { ipc = idr_find(&ids->ipcs_idr, pos); if (ipc != NULL) { *new_pos = pos + 1; rcu_read_lock(); ipc_lock_object(ipc); return ipc; } } /* Out of range - return NULL to terminate iteration */ return NULL; }

Contributors

PersonTokensPropCommitsCommitProp
Nadia Derbey13696.45%133.33%
Davidlohr Bueso A42.84%133.33%
Adrian Bunk10.71%133.33%
Total141100.00%3100.00%


static void *sysvipc_proc_next(struct seq_file *s, void *it, loff_t *pos) { struct ipc_proc_iter *iter = s->private; struct ipc_proc_iface *iface = iter->iface; struct kern_ipc_perm *ipc = it; /* If we had an ipc id locked before, unlock it */ if (ipc && ipc != SEQ_START_TOKEN) ipc_unlock(ipc); return sysvipc_find_ipc(&iter->ns->ids[iface->ids], *pos, pos); }

Contributors

PersonTokensPropCommitsCommitProp
Mike Waychison5568.75%125.00%
Nadia Derbey1316.25%125.00%
Eric W. Biedermann1113.75%125.00%
Pierre Peiffer11.25%125.00%
Total80100.00%4100.00%

/* * File positions: pos 0 -> header, pos n -> ipc id = n - 1. * SeqFile iterator: iterator value locked ipc pointer or SEQ_TOKEN_START. */
static void *sysvipc_proc_start(struct seq_file *s, loff_t *pos) { struct ipc_proc_iter *iter = s->private; struct ipc_proc_iface *iface = iter->iface; struct ipc_ids *ids; ids = &iter->ns->ids[iface->ids]; /* * Take the lock - this will be released by the corresponding * call to stop(). */ down_read(&ids->rwsem); /* pos < 0 is invalid */ if (*pos < 0) return NULL; /* pos == 0 means header */ if (*pos == 0) return SEQ_START_TOKEN; /* Find the (pos-1)th ipc */ return sysvipc_find_ipc(ids, *pos - 1, pos); }

Contributors

PersonTokensPropCommitsCommitProp
Mike Waychison6162.24%114.29%
Kirill Korotaev1515.31%114.29%
Eric W. Biedermann1313.27%114.29%
Nadia Derbey77.14%228.57%
Pierre Peiffer11.02%114.29%
Davidlohr Bueso A11.02%114.29%
Total98100.00%7100.00%


static void sysvipc_proc_stop(struct seq_file *s, void *it) { struct kern_ipc_perm *ipc = it; struct ipc_proc_iter *iter = s->private; struct ipc_proc_iface *iface = iter->iface; struct ipc_ids *ids; /* If we had a locked structure, release it */