Home | History | Annotate | Download | only in kern
History log of /src/sys/kern/sysv_ipc.c
RevisionDateAuthorComments
 1.43  09-Oct-2024  christos Make semtimedop modular.
 1.42  27-Mar-2022  christos Expose groupmember as kauth_cred_groupmember and use it.
 1.41  21-Feb-2020  joerg Explicitly cast pointers to uintptr_t before casting to enums. They are
not necessarily the same size. Don't cast pointers to bool, check for
NULL instead.
 1.40  07-Aug-2019  pgoyette branches: 1.40.2;
Many years ago someone created a new __link_set_sysctl_funcs to hold
the list of routines that need to be called for setting up sysctl
variables. This worked great for all code included in the kernel
itself, but didn't deal with modules that want to create their own
sysctl data. So, we ended up with a lot of #ifdef _MODULE blocks
so modules could explicitly call their setup functions when loaded
as non-built-in modules.

So today, we complete the task that was started so many years ago.

When modules are loaded, after we've called xxx_modcmd(INIT...) we
check if the module contains its own __link_set_sysctl_funcs, and
if so we call the functions listed. We add a struct sysctllog member
to the struct module so we can call sysctl_teardown() when the module
gets unloaded. (The sequence of events ensures that the sysctl stuff
doesn't get created until the rest of the module's init code does any
required memory allocation.)

So, no more need to explicitly call the sysctl setup routines when
built as a loadable module.
 1.39  10-Apr-2019  pgoyette Replace some "panic()" calls with simple "printf() ; return error"

There's no good reason for these build-time parameters to be allowed to
panic the kernel when it is easy to simply disable the module code and
fail gracefully.

While we're at it, similarly replace panic() when malloc fails to also
fail gracefully.
 1.38  09-Apr-2019  pgoyette defparam all of the config variables associated with SYSV IPC stuff.
The variables were removed from sys/conf/param.c and moved into the
SYSV IPC code, but config options were never propagated via any opt_*
file.

This should fix an issue reported on netbsd-users list from Dima Veselov.

Note that this does not address other parameters included in that report,
including CHILD_MAX and NOFILE; this commit only affects items related to
the SYSV IPC code. Also note that this does not affect non-built-in
sysv_ipc modules, for which you need to update the Makefile to use any
non-standard config values - just like any other non-built-in modules
which have config params.

XXX Pull-up to -8 and -8-0

XXX Note that there are a couple of panic() calls in msginit() which
XXX really should be changed to simple printf() and then result in
XXX msginit failure. Unfortunately msginit() currently doesn't return
XXX a value so we cannot indicate failure to the caller. I will fix
XXX this is a future commit.
 1.37  01-Mar-2019  pgoyette Rename the MODULE_*_HOOK() macros to MODULE_HOOK_*() as briefly
discussed on irc.

NFCI intended.

Ride the earlier kernel bump - it;s getting crowded.
 1.36  29-Jan-2019  pgoyette Normalize all the compat hooks' names to the form

<subsystem>_<function>_<version>_hook

NFCI

XXX Note that although this introduces a change in the kernel-to-
XXX module interface, we are NOT bumping the kernel version number.
XXX We will bump the version number once the interface stabilizes.
 1.35  27-Jan-2019  pgoyette Merge the [pgoyette-compat] branch
 1.34  10-Jan-2019  christos handle errors from loading the syscalls and bail early. establish sysctl
later.
 1.33  03-Sep-2018  riastradh Rename min/max -> uimin/uimax for better honesty.

These functions are defined on unsigned int. The generic name
min/max should not silently truncate to 32 bits on 64-bit systems.
This is purely a name change -- no functional change intended.

HOWEVER! Some subsystems have

#define min(a, b) ((a) < (b) ? (a) : (b))
#define max(a, b) ((a) > (b) ? (a) : (b))

even though our standard name for that is MIN/MAX. Although these
may invite multiple evaluation bugs, these do _not_ cause integer
truncation.

To avoid `fixing' these cases, I first changed the name in libkern,
and then compile-tested every file where min/max occurred in order to
confirm that it failed -- and thus confirm that nothing shadowed
min/max -- before changing it.

I have left a handful of bootloaders that are too annoying to
compile-test, and some dead code:

cobalt ews4800mips hp300 hppa ia64 luna68k vax
acorn32/if_ie.c (not included in any kernels)
macppc/if_gm.c (superseded by gem(4))

It should be easy to fix the fallout once identified -- this way of
doing things fails safe, and the goal here, after all, is to _avoid_
silent integer truncations, not introduce them.

Maybe one day we can reintroduce min/max as type-generic things that
never silently truncate. But we should avoid doing that for a while,
so that existing code has a chance to be detected by the compiler for
conversion to uimin/uimax without changing the semantics until we can
properly audit it all. (Who knows, maybe in some cases integer
truncation is actually intended!)
 1.32  05-Dec-2015  pgoyette branches: 1.32.10; 1.32.16; 1.32.18;
When unloading the module, clear the address of the kauth_listener
after removing the listener. This enables the module to (attempt to)
initialize again without hitting the KASSERT() is sysvipc_init().

XXX This will allow standard kernels to boot successfully. However,
XXX module initializtion is still broken.
 1.31  03-Dec-2015  pgoyette Merge the compat_sysv module into the sysv_ipc module - it should
never have been a separate module in the first place (my bad).

Adjust dependencies as appropriate.
 1.30  06-Nov-2015  pgoyette In sysv_sem.c, defer establishment of exithook so we can initialize the
module code from module_init() rather than waiting until after calling
exec_init(). Use a RUN_ONCE routine at entry to each sys_sem* syscall
to establish the exithook, and no longer KASSERT that the hook has
been set before removing it. (A manually loaded module can be unloaded
before any syscalls have been invoked.)

Remove the conditional calls to the various xxx_init() routines from
init_main.c - we now rely on module_init() to handle initialization.

Let each sub-component's xxx_init() routine handle its own sysctl
sub-tree initialization; this removes another set of #ifdef ugliness.

Tested both built-in and loadable versions and verified that atf
test kernel/t_sysv passes.
 1.29  06-Nov-2015  pgoyette As long as we still claim to build each subcomponent separately, make
sure we properly define the (sub)set of syscalls we're building.
 1.28  13-May-2015  pgoyette Create a new sysv_ipc module to contain the SYSVSHM, SYSVSEM, and
SYSVMSG options. Move associated variables out of param.c and into
the module's source file.
 1.27  13-May-2015  pgoyette Another xxxfini() routine.
 1.26  10-May-2015  pgoyette Split the SYSV* compat code out into a separate compat_sysv module.

For monolithic kernels, both modules will be compiled as "built-ins",
while modular environments will be able to load the SYSVSEM, SYSVSHM,
and SYSVMSG code independant from the rest of compat.

This is a necessary precursor step to making the "STD" SYSV* code
into a separate module.

Tested in both monolithic and modular environments with no errors
seen.
 1.25  25-Feb-2014  pooka branches: 1.25.6;
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before
the sysctl link sets are processed, and remove redundancy.

Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate
lines of code.
 1.24  13-Mar-2012  elad branches: 1.24.2; 1.24.4;
Replace the remaining KAUTH_GENERIC_ISSUSER authorization calls with
something meaningful. All relevant documentation has been updated or
written.

Most of these changes were brought up in the following messages:

http://mail-index.netbsd.org/tech-kern/2012/01/18/msg012490.html
http://mail-index.netbsd.org/tech-kern/2012/01/19/msg012502.html
http://mail-index.netbsd.org/tech-kern/2012/02/17/msg012728.html

Thanks to christos, manu, njoly, and jmmv for input.

Huge thanks to pgoyette for spinning these changes through some build
cycles and ATF.
 1.23  16-Apr-2009  rmind branches: 1.23.12; 1.23.16;
Replace malloc with kmem(9).
 1.22  19-Jan-2009  christos branches: 1.22.2;
Provide compatibility for pre-christos-time_t sysv sysctls.
 1.21  28-Apr-2008  martin branches: 1.21.8;
Remove clause 3 and 4 from TNF licenses
 1.20  09-Feb-2007  ad branches: 1.20.40; 1.20.42; 1.20.44;
Merge newlock2 to head.
 1.19  04-Jan-2007  elad Consistent usage of KAUTH_GENERIC_ISSUSER.
 1.18  25-Nov-2006  christos PR/34837: Mindaguas: Add SysV SHM dynamic reallocation and locking to the
physical memory
 1.17  14-May-2006  elad branches: 1.17.8; 1.17.10;
integrate kauth.
 1.16  07-Dec-2005  thorpej branches: 1.16.4; 1.16.6; 1.16.8; 1.16.10; 1.16.12;
Use ANSI function delcs.
 1.15  12-Nov-2001  lukem branches: 1.15.16; 1.15.32;
add RCSIDs
 1.14  12-Sep-1998  christos branches: 1.14.24; 1.14.26; 1.14.30;
Make copyrights consistent; fix weird/trailing spaces add missing (c) etc.
 1.13  15-Aug-1998  mycroft Assign my copyrights to TNF.
 1.12  08-May-1997  mycroft Don't use vaccess() here.
 1.11  08-May-1997  mycroft Update for vaccess() change.
 1.10  03-Jun-1995  mycroft #include <sys/vnode.h>, for prototypes.
 1.9  02-Jun-1995  mycroft Use vaccess().
 1.8  01-Jun-1995  jtc Moved egid credential from cr_groups[0] to new field cr_gid. POSIX.1
requires that sgid executables and the setuid() syscall *not* change
the supplemental group list.
 1.7  29-Jun-1994  cgd New RCS ID's, take two. they're more aesthecially pleasant, and use 'NetBSD'
 1.6  27-May-1994  hpeyerl Copyright foo
 1.5  25-May-1994  mycroft Generalize ipcperm() a little.
 1.4  25-May-1994  hpeyerl sysv_shm.c from Adam.
sysv_ipc.c from me.
and various sundry changes to make sysv_ipc.c fit in.
(somewhat untested and not very pleasant reading material)
 1.3  12-May-1994  cgd doesn't need to include shm.h
 1.2  18-Dec-1993  mycroft Canonicalize all #includes.
 1.1  14-Nov-1993  cgd branches: 1.1.2;
Add the System V message queue and semaphore facilities. Implemented
by Daniel Boulet <danny@BouletFermat.ab.ca>
 1.1.2.2  14-Nov-1993  cgd Update from trunk:
Add the System V message queue and semaphore facilities. Implemented
by Daniel Boulet <danny@BouletFermat.ab.ca>
 1.1.2.1  14-Nov-1993  cgd file sysv_ipc.c was added on branch magnum on 1993-11-14 14:47:13 +0000
 1.14.30.1  12-Nov-2001  thorpej Sync the thorpej-mips-cache branch with -current.
 1.14.26.1  10-Jan-2002  thorpej Sync kqueue branch with -current.
 1.14.24.1  14-Nov-2001  nathanw Catch up to -current.
 1.15.32.3  26-Feb-2007  yamt sync with head.
 1.15.32.2  30-Dec-2006  yamt sync with head.
 1.15.32.1  21-Jun-2006  yamt sync with head.
 1.15.16.1  11-Dec-2005  christos Sync with head.
 1.16.12.1  24-May-2006  tron Merge 2006-05-24 NetBSD-current into the "peter-altq" branch.
 1.16.10.4  06-May-2006  christos - Move kauth_cred_t declaration to <sys/types.h>
- Cleanup struct ucred; forward declarations that are unused.
- Don't include <sys/kauth.h> in any header, but include it in the c files
that need it.

Approved by core.
 1.16.10.3  11-Mar-2006  elad When calling kauth_cred_ismember_gid(), don't return the error code if
there is one, just treat it as if the check failed.

Pointed out by thorpej@.
 1.16.10.2  11-Mar-2006  elad kauth_cred_groupmember() -> kauth_cred_ismember_gid(), as requested by
thorpej@ to conform to the Darwin KPI.
 1.16.10.1  08-Mar-2006  elad Adapt to kernel authorization KPI.
 1.16.8.1  24-May-2006  yamt sync with head.
 1.16.6.1  01-Jun-2006  kardel Sync with head.
 1.16.4.1  09-Sep-2006  rpaulo sync with head
 1.17.10.1  10-Dec-2006  yamt sync with head.
 1.17.8.2  28-Jan-2007  ad - Remove the last use of mtsleep()
- sched_pause() -> kpause()
 1.17.8.1  12-Jan-2007  ad Sync with head.
 1.20.44.2  04-May-2009  yamt sync with head.
 1.20.44.1  16-May-2008  yamt sync with head.
 1.20.42.1  18-May-2008  yamt sync with head.
 1.20.40.1  02-Jun-2008  mjf Sync with HEAD.
 1.21.8.2  28-Apr-2009  skrll Sync with HEAD.
 1.21.8.1  03-Mar-2009  skrll Sync with HEAD.
 1.22.2.1  13-May-2009  jym Sync with HEAD.

Commit is split, to avoid a "too many arguments" protocol error.
 1.23.16.1  05-Apr-2012  mrg sync to latest -current.
 1.23.12.2  22-May-2014  yamt sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
 1.23.12.1  17-Apr-2012  yamt sync with head
 1.24.4.1  18-May-2014  rmind sync with head
 1.24.2.2  03-Dec-2017  jdolecek update from HEAD
 1.24.2.1  20-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.25.6.2  27-Dec-2015  skrll Sync with HEAD (as of 26th Dec)
 1.25.6.1  06-Jun-2015  skrll Sync with HEAD
 1.32.18.3  13-Apr-2020  martin Mostly merge changes from HEAD upto 20200411
 1.32.18.2  08-Apr-2020  martin Merge changes from current as of 20200406
 1.32.18.1  10-Jun-2019  christos Sync with HEAD
 1.32.16.11  22-Jan-2019  pgoyette Convert the MODULE_{,VOID_}HOOK_CALL macros to do everything in-line
rather than defining an intermediate hook##call function. Almost
all of the hooks are called only once, and although we lose the
ability of doing things like

if (MODULE_HOOK_CALL(...) == 0) ...

we simplify things quite a bit. With this change, we no longer need
to have both declaration and definition macros, and the definition
no longer needs to have both prototype argument list and a "real"
argument list.

FWIW, the above if now needs to written as

int ret;

MODULE_HOOK_CALL(..., ret);
if (ret == 0) ...

with appropriate use of braces {}.
 1.32.16.10  18-Jan-2019  pgoyette Synch with HEAD
 1.32.16.9  18-Jan-2019  pgoyette Don't restrict hooks to having only int or void types. Pass the hook's
type to the various macros, as needed.

Allows us to reduce diffs to original in at least one or two places (we
no longer have to provide an additional parameter to the hook routine
for returning a non-int return value).
 1.32.16.8  14-Jan-2019  pgoyette Create a variant of the HOOK macros that handles hook routines of
type void, and use them where appropriate.
 1.32.16.7  13-Jan-2019  pgoyette Remove the HOOK2 versions of the MODULE_HOOK macros. There were
only a few uses, and using them led to some lack of clarity in the
code. Instead, we now use two separate hooks, with names that
make it clear(er) what we're doing.

This also positions us to start unraveling some of the rtsock_50
mess, which will need (at least) five hooks.
 1.32.16.6  15-Oct-2018  pgoyette Convert the final non-MP-safe "vectored" compat routine to use the
MP-safe mechanism.
 1.32.16.5  06-Sep-2018  pgoyette Sync with HEAD

Resolve a couple of conflicts (result of the uimin/uimax changes)
 1.32.16.4  17-Apr-2018  pgoyette Rename sysv_mod.[ch] to compat_sysv_mod.[ch] for consistency with other
files that provide module(7) interfaces.
 1.32.16.3  09-Mar-2018  pgoyette Allocate the function vector only once.
 1.32.16.2  09-Mar-2018  pgoyette Finish renaming the new module.
 1.32.16.1  09-Mar-2018  pgoyette Split the sysv_ipc module into two pieces: one for contemporary
SYSV* functionality, and one for compatability with previous NetBSD
versions. No need to pull in all of compat just to have a sysv_ipc
module.
 1.32.10.1  10-Apr-2019  martin Pull up following revision(s) (requested by pgoyette in ticket #1229):

sys/kern/sysv_ipc.c: revision 1.38
sys/conf/files: revision 1.1233
sys/conf/param.c: revision 1.68

defparam all of the config variables associated with SYSV IPC stuff.

The variables were removed from sys/conf/param.c and moved into the
SYSV IPC code, but config options were never propagated via any opt_*
file.

This should fix an issue reported on netbsd-users list from Dima Veselov.
Note that this does not address other parameters included in that report,
including CHILD_MAX and NOFILE; this commit only affects items related to
the SYSV IPC code. Also note that this does not affect non-built-in
sysv_ipc modules, for which you need to update the Makefile to use any
non-standard config values - just like any other non-built-in modules
which have config params.

XXX Pull-up to -8 and -8-0
XXX Note that there are a couple of panic() calls in msginit() which
XXX really should be changed to simple printf() and then result in
XXX msginit failure. Unfortunately msginit() currently doesn't return
XXX a value so we cannot indicate failure to the caller. I will fix
XXX this is a future commit.
 1.40.2.1  29-Feb-2020  ad Sync with head.

RSS XML Feed