Eric Lee / smarc-fsl-linux-kernel

Blame view

ipc/sem.c 62 KB

b24413180 Greg Kroah-Hartman License cleanup: ...	1	// SPDX-License-Identifier: GPL-2.0
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2 3 4 5 6	/* * linux/ipc/sem.c * Copyright (C) 1992 Krishna Balasubramanian * Copyright (C) 1995 Eric Schenk, Bruno Haible *
1da177e4c Linus Torvalds Linux-2.6.12-rc2	7 8 9	* /proc/sysvipc/sem support (c) 1999 Dragos Acostachioaie <dragos@iname.com> * * SMP-threaded, sysctl's added
624dffcbc Christian Kujau correct email add...	10	* (c) 1999 Manfred Spraul <manfred@colorfullife.com>
1da177e4c Linus Torvalds Linux-2.6.12-rc2	11	* Enforced range limit on SEM_UNDO
046c68842 Alan Cox mm: update my add...	12	* (c) 2001 Red Hat Inc
1da177e4c Linus Torvalds Linux-2.6.12-rc2	13 14	* Lockless wakeup * (c) 2003 Manfred Spraul <manfred@colorfullife.com>
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	15	* (c) 2016 Davidlohr Bueso <dave@stgolabs.net>
c5cf6359a Manfred Spraul ipc/sem.c: update...	16 17	* Further wakeup optimizations, documentation * (c) 2010 Manfred Spraul <manfred@colorfullife.com>
073115d6b Steve Grubb [PATCH] Rework of...	18 19 20	* * support for audit of ipc object properties and permission changes * Dustin Kirkland <dustin.kirkland@us.ibm.com>
e38935341 Kirill Korotaev [PATCH] IPC names...	21 22 23 24	* * namespaces support * OpenVZ, SWsoft Inc. * Pavel Emelianov <xemul@openvz.org>
c5cf6359a Manfred Spraul ipc/sem.c: update...	25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51	* * Implementation notes: (May 2010) * This file implements System V semaphores. * * User space visible behavior: * - FIFO ordering for semop() operations (just FIFO, not starvation * protection) * - multiple semaphore operations that alter the same semaphore in * one semop() are handled. * - sem_ctime (time of last semctl()) is updated in the IPC_SET, SETVAL and * SETALL calls. * - two Linux specific semctl() commands: SEM_STAT, SEM_INFO. * - undo adjustments at process exit are limited to 0..SEMVMX. * - namespace are supported. * - SEMMSL, SEMMNS, SEMOPM and SEMMNI can be configured at runtine by writing * to /proc/sys/kernel/sem. * - statistics about the usage are reported in /proc/sysvipc/sem. * * Internals: * - scalability: * - all global variables are read-mostly. * - semop() calls and semctl(RMID) are synchronized by RCU. * - most operations do write operations (actually: spin_lock calls) to * the per-semaphore array structure. * Thus: Perfect SMP scaling between independent semaphore arrays. * If multiple semaphores in one array are used, then cache line * trashing on the semaphore array spinlock will limit the scaling.
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	52	* - semncnt and semzcnt are calculated on demand in count_semcnt()
c5cf6359a Manfred Spraul ipc/sem.c: update...	53 54 55 56 57	* - the task that performs a successful semop() scans the list of all * sleeping tasks and completes any pending operations that can be fulfilled. * Semaphores are actively given to waiting tasks (necessary for FIFO). * (see update_queue()) * - To improve the scalability, the actual wake-up calls are performed after
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	58	* dropping all locks. (see wake_up_sem_queue_prepare())
c5cf6359a Manfred Spraul ipc/sem.c: update...	59 60 61 62	* - All work is done by the waker, the woken up task does not have to do * anything - not even acquiring a lock or dropping a refcount. * - A woken up task may not even touch the semaphore array anymore, it may * have been destroyed already by a semctl(RMID).
c5cf6359a Manfred Spraul ipc/sem.c: update...	63 64 65 66 67 68 69 70	* - UNDO values are stored in an array (one per process and per * semaphore array, lazily allocated). For backwards compatibility, multiple * modes for the UNDO variables are supported (per process, per thread) * (see copy_semundo, CLONE_SYSVSEM) * - There are two lists of the pending operations: a per-array list * and per-semaphore list (stored in the array). This allows to achieve FIFO * ordering without always scanning all pending operations. * The worst-case behavior is nevertheless O(N^2) for N wakeups.
1da177e4c Linus Torvalds Linux-2.6.12-rc2	71	*/
b0d175781 Arnd Bergmann y2038: ipc: Enabl...	72	#include <linux/compat.h>
1da177e4c Linus Torvalds Linux-2.6.12-rc2	73 74 75 76 77	#include <linux/slab.h> #include <linux/spinlock.h> #include <linux/init.h> #include <linux/proc_fs.h> #include <linux/time.h>
1da177e4c Linus Torvalds Linux-2.6.12-rc2	78 79 80	#include <linux/security.h> #include <linux/syscalls.h> #include <linux/audit.h>
c59ede7b7 Randy.Dunlap [PATCH] move capa...	81	#include <linux/capability.h>
19b4946ca Mike Waychison [PATCH] ipc: conv...	82	#include <linux/seq_file.h>
3e148c799 Nadia Derbey fix idr_find() lo...	83	#include <linux/rwsem.h>
e38935341 Kirill Korotaev [PATCH] IPC names...	84	#include <linux/nsproxy.h>
ae5e1b22f Pavel Emelyanov namespaces: move ...	85	#include <linux/ipc_namespace.h>
84f001e15 Ingo Molnar sched/headers: Pr...	86	#include <linux/sched/wake_q.h>
ec67aaa46 Davidlohr Bueso sysvipc/sem: miti...	87	#include <linux/nospec.h>
0eb71a9da NeilBrown rhashtable: split...	88	#include <linux/rhashtable.h>
5f921ae96 Ingo Molnar [PATCH] sem2mutex...	89
7153e4027 Paul McQuade ipc, kernel: use ...	90	#include <linux/uaccess.h>
1da177e4c Linus Torvalds Linux-2.6.12-rc2	91	#include "util.h"
1a5c1349d Eric W. Biederman sem: Move struct ...	92 93 94 95 96 97 98 99 100 101	/* One semaphore structure for each semaphore in the system. / struct sem { int semval; / current value / / * PID of the process that last modified the semaphore. For * Linux, specifically these are: * - semop * - semctl, via SETVAL and SETALL. * - at task exit when performing undo adjustments (see exit_sem). */
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	102	struct pid *sempid;
1a5c1349d Eric W. Biederman sem: Move struct ...	103 104 105 106 107	spinlock_t lock; /* spinlock for fine-grained semtimedop / struct list_head pending_alter; / pending single-sop operations / / that alter the semaphore / struct list_head pending_const; / pending single-sop operations / / that do not alter the semaphore*/
2a70b7879 Arnd Bergmann y2038: ipc: Use k...	108	time64_t sem_otime; /* candidate for sem_otime */
1a5c1349d Eric W. Biederman sem: Move struct ...	109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125	} ____cacheline_aligned_in_smp; /* One sem_array data structure for each set of semaphores in the system. / struct sem_array { struct kern_ipc_perm sem_perm; / permissions .. see ipc.h / time64_t sem_ctime; / create/last semctl() time / struct list_head pending_alter; / pending operations / / that alter the array / struct list_head pending_const; / pending complex operations / / that do not alter semvals / struct list_head list_id; / undo requests on this array / int sem_nsems; / no. of semaphores in array / int complex_count; / pending complex operations / unsigned int use_global_lock;/ >0: global lock required */ struct sem sems[]; } __randomize_layout;
e57940d71 Manfred Spraul ipc/sem.c: remove...	126 127 128	/* One queue for each sleeping process in the system. */ struct sem_queue {
e57940d71 Manfred Spraul ipc/sem.c: remove...	129 130 131	struct list_head list; /* queue of pending operations / struct task_struct sleeper; /* this process / struct sem_undo undo; /* undo structure */
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	132	struct pid pid; / process id of requesting process */
e57940d71 Manfred Spraul ipc/sem.c: remove...	133 134	int status; /* completion status of operation / struct sembuf sops; /* array of pending operations */
ed247b7ca Manfred Spraul ipc/sem.c: store ...	135	struct sembuf blocking; / the operation that blocked */
e57940d71 Manfred Spraul ipc/sem.c: remove...	136	int nsops; /* number of operations */
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	137 138	bool alter; /* does sops alter the array? / bool dupsop; /* sops on more than one sem_num */
e57940d71 Manfred Spraul ipc/sem.c: remove...	139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160	}; /* Each task has a list of undo requests. They are executed automatically * when the process exits. / struct sem_undo { struct list_head list_proc; / per-process list: * * all undos from one process * rcu protected / struct rcu_head rcu; / rcu struct for sem_undo / struct sem_undo_list ulp; /* back ptr to sem_undo_list / struct list_head list_id; / per semaphore array list: * all undos for one array / int semid; / semaphore set identifier / short semadj; /* array of adjustments / / one per semaphore / }; / sem_undo_list controls shared access to the list of sem_undo structures * that may be shared among all a CLONE_SYSVSEM task group. */ struct sem_undo_list {
f74370b86 Elena Reshetova ipc: convert sem_...	161	refcount_t refcnt;
e57940d71 Manfred Spraul ipc/sem.c: remove...	162 163 164	spinlock_t lock; struct list_head list_proc; };
ed2ddbf88 Pierre Peiffer IPC: make struct ...	165	#define sem_ids(ns) ((ns)->ids[IPC_SEM_IDS])
e38935341 Kirill Korotaev [PATCH] IPC names...	166
7748dbfaa Nadia Derbey ipc: unify the sy...	167	static int newary(struct ipc_namespace , struct ipc_params );
01b8b07a5 Pierre Peiffer IPC: consolidate ...	168	static void freeary(struct ipc_namespace , struct kern_ipc_perm );
1da177e4c Linus Torvalds Linux-2.6.12-rc2	169	#ifdef CONFIG_PROC_FS
19b4946ca Mike Waychison [PATCH] ipc: conv...	170	static int sysvipc_sem_proc_show(struct seq_file s, void it);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	171 172 173 174 175 176	#endif #define SEMMSL_FAST 256 /* 512 bytes on stack / #define SEMOPM_FAST 64 / ~ 372 bytes on stack / /
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	177 178 179 180 181 182 183	* Switching from the mode suitable for simple ops * to the mode for complex ops is costly. Therefore: * use some hysteresis / #define USE_GLOBAL_LOCK_HYSTERESIS 10 /
758a6ba39 Manfred Spraul ipc/sem.c: rename...	184	* Locking:
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	185	* a) global sem_lock() for read/write
1da177e4c Linus Torvalds Linux-2.6.12-rc2	186	* sem_undo.id_next,
758a6ba39 Manfred Spraul ipc/sem.c: rename...	187	* sem_array.complex_count,
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	188 189	* sem_array.pending{_alter,_const}, * sem_array.sem_undo
46c0a8ca3 Paul McQuade ipc, kernel: clea...	190	*
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	191	* b) global or semaphore sem_lock() for read/write:
1a2339567 Manfred Spraul ipc/sem.c: remove...	192	* sem_array.sems[i].pending_{const,alter}:
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	193 194 195 196 197	* * c) special: * sem_undo_list.list_proc: * * undo_list->lock for write * * rcu for read
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	198 199 200 201 202 203 204 205 206 207 208 209 210 211 212	* use_global_lock: * * global sem_lock() for write * * either local or global sem_lock() for read. * * Memory ordering: * Most ordering is enforced by using spin_lock() and spin_unlock(). * The special case is use_global_lock: * Setting it from non-zero to 0 is a RELEASE, this is ensured by * using smp_store_release(). * Testing if it is non-zero is an ACQUIRE, this is ensured by using * smp_load_acquire(). * Setting it from 0 to non-zero must be ordered with regards to * this smp_load_acquire(), this is guaranteed because the smp_load_acquire() * is inside a spin_lock() and after a write from 0 to non-zero a * spin_lock()+spin_unlock() is done.
1da177e4c Linus Torvalds Linux-2.6.12-rc2	213	*/
e38935341 Kirill Korotaev [PATCH] IPC names...	214 215 216 217	#define sc_semmsl sem_ctls[0] #define sc_semmns sem_ctls[1] #define sc_semopm sem_ctls[2] #define sc_semmni sem_ctls[3]
eae04d25a Davidlohr Bueso ipc: simplify ipc...	218	void sem_init_ns(struct ipc_namespace *ns)
e38935341 Kirill Korotaev [PATCH] IPC names...	219	{
e38935341 Kirill Korotaev [PATCH] IPC names...	220 221 222 223 224	ns->sc_semmsl = SEMMSL; ns->sc_semmns = SEMMNS; ns->sc_semopm = SEMOPM; ns->sc_semmni = SEMMNI; ns->used_sems = 0;
eae04d25a Davidlohr Bueso ipc: simplify ipc...	225	ipc_init_ids(&ns->ids[IPC_SEM_IDS]);
e38935341 Kirill Korotaev [PATCH] IPC names...	226	}
ae5e1b22f Pavel Emelyanov namespaces: move ...	227	#ifdef CONFIG_IPC_NS
e38935341 Kirill Korotaev [PATCH] IPC names...	228 229	void sem_exit_ns(struct ipc_namespace *ns) {
01b8b07a5 Pierre Peiffer IPC: consolidate ...	230	free_ipcs(ns, &sem_ids(ns), freeary);
7d6feeb28 Serge E. Hallyn ipc ns: fix memor...	231	idr_destroy(&ns->ids[IPC_SEM_IDS].ipcs_idr);
0cfb6aee7 Guillaume Knispel ipc: optimize sem...	232	rhashtable_destroy(&ns->ids[IPC_SEM_IDS].key_ht);
e38935341 Kirill Korotaev [PATCH] IPC names...	233	}
ae5e1b22f Pavel Emelyanov namespaces: move ...	234	#endif
1da177e4c Linus Torvalds Linux-2.6.12-rc2	235
eae04d25a Davidlohr Bueso ipc: simplify ipc...	236	void __init sem_init(void)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	237	{
eae04d25a Davidlohr Bueso ipc: simplify ipc...	238	sem_init_ns(&init_ipc_ns);
19b4946ca Mike Waychison [PATCH] ipc: conv...	239 240 241	ipc_init_proc_interface("sysvipc/sem", " key semid perms nsems uid gid cuid cgid otime ctime ",
e38935341 Kirill Korotaev [PATCH] IPC names...	242	IPC_SEM_IDS, sysvipc_sem_proc_show);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	243	}
f269f40ad Manfred Spraul ipc/sem.c: always...	244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264	/** * unmerge_queues - unmerge queues, if possible. * @sma: semaphore array * * The function unmerges the wait queues if complex_count is 0. * It must be called prior to dropping the global semaphore array lock. / static void unmerge_queues(struct sem_array sma) { struct sem_queue q, tq; /* complex operations still around? / if (sma->complex_count) return; / * We will switch back to simple mode. * Move all pending operation back into the per-semaphore * queues. / list_for_each_entry_safe(q, tq, &sma->pending_alter, list) { struct sem curr;
1a2339567 Manfred Spraul ipc/sem.c: remove...	265	curr = &sma->sems[q->sops[0].sem_num];
f269f40ad Manfred Spraul ipc/sem.c: always...	266 267 268 269 270 271 272	list_add_tail(&q->list, &curr->pending_alter); } INIT_LIST_HEAD(&sma->pending_alter); } /**
8001c8581 Davidlohr Bueso ipc: standardize ...	273	* merge_queues - merge single semop queues into global queue
f269f40ad Manfred Spraul ipc/sem.c: always...	274 275 276 277 278 279 280 281 282 283 284	* @sma: semaphore array * * This function merges all per-semaphore queues into the global queue. * It is necessary to achieve FIFO ordering for the pending single-sop * operations when a multi-semop operation must sleep. * Only the alter operations must be moved, the const operations can stay. / static void merge_queues(struct sem_array sma) { int i; for (i = 0; i < sma->sem_nsems; i++) {
1a2339567 Manfred Spraul ipc/sem.c: remove...	285	struct sem *sem = &sma->sems[i];
f269f40ad Manfred Spraul ipc/sem.c: always...	286 287 288 289	list_splice_init(&sem->pending_alter, &sma->pending_alter); } }
53dad6d3a Davidlohr Bueso ipc: fix race wit...	290 291	static void sem_rcu_free(struct rcu_head *head) {
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	292 293	struct kern_ipc_perm p = container_of(head, struct kern_ipc_perm, rcu); struct sem_array sma = container_of(p, struct sem_array, sem_perm);
53dad6d3a Davidlohr Bueso ipc: fix race wit...	294
aefad9593 Eric W. Biederman sem/security: Pas...	295	security_sem_free(&sma->sem_perm);
e2029dfee Kees Cook ipc/sem: drop __s...	296	kvfree(sma);
53dad6d3a Davidlohr Bueso ipc: fix race wit...	297	}
3e148c799 Nadia Derbey fix idr_find() lo...	298	/*
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	299	* Enter the mode suitable for non-simple operations:
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	300	* Caller must own sem_perm.lock.
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	301	*/
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	302	static void complexmode_enter(struct sem_array *sma)
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	303 304 305	{ int i; struct sem *sem;
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	306 307 308 309 310 311 312	if (sma->use_global_lock > 0) { /* * We are already in global lock mode. * Nothing to do, just reset the * counter until we return to simple mode. */ sma->use_global_lock = USE_GLOBAL_LOCK_HYSTERESIS;
6d07b68ce Manfred Spraul ipc/sem.c: optimi...	313 314	return; }
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	315	sma->use_global_lock = USE_GLOBAL_LOCK_HYSTERESIS;
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	316
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	317	for (i = 0; i < sma->sem_nsems; i++) {
1a2339567 Manfred Spraul ipc/sem.c: remove...	318	sem = &sma->sems[i];
27d7be180 Manfred Spraul ipc/sem.c: avoid ...	319 320	spin_lock(&sem->lock); spin_unlock(&sem->lock);
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	321	}
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	322 323 324 325 326 327 328 329 330 331 332 333 334 335	} /* * Try to leave the mode that disallows simple operations: * Caller must own sem_perm.lock. / static void complexmode_tryleave(struct sem_array sma) { if (sma->complex_count) { /* Complex ops are sleeping. * We must stay in complex mode */ return; }
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	336 337 338 339 340 341 342 343 344 345 346	if (sma->use_global_lock == 1) { /* * Immediately after setting use_global_lock to 0, * a simple op can start. Thus: all memory writes * performed by the current operation must be visible * before we set use_global_lock to 0. */ smp_store_release(&sma->use_global_lock, 0); } else { sma->use_global_lock--; }
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	347	}
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	348	#define SEM_GLOBAL_LOCK (-1)
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	349	/*
6062a8dc0 Rik van Riel ipc,sem: fine gra...	350 351 352 353 354	* If the request contains only one semaphore operation, and there are * no complex transactions pending, lock only the semaphore involved. * Otherwise, lock the entire semaphore array, since we either have * multiple semaphores in our own semops, or we need to look at * semaphores from other pending complex operations.
6062a8dc0 Rik van Riel ipc,sem: fine gra...	355 356 357 358	/ static inline int sem_lock(struct sem_array sma, struct sembuf *sops, int nsops) {
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	359	struct sem *sem;
ec67aaa46 Davidlohr Bueso sysvipc/sem: miti...	360	int idx;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	361
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	362 363 364	if (nsops != 1) { /* Complex operation - acquire a full lock */ ipc_lock_object(&sma->sem_perm);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	365
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	366 367 368	/* Prevent parallel simple ops */ complexmode_enter(sma); return SEM_GLOBAL_LOCK;
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	369 370 371 372	} /* * Only one semaphore affected - try to optimize locking.
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	373 374 375	* Optimized locking is possible if no complex operation * is either enqueued or processed right now. *
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	376	* Both facts are tracked by use_global_mode.
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	377	*/
ec67aaa46 Davidlohr Bueso sysvipc/sem: miti...	378 379	idx = array_index_nospec(sops->sem_num, sma->sem_nsems); sem = &sma->sems[idx];
6062a8dc0 Rik van Riel ipc,sem: fine gra...	380
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	381	/*
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	382	* Initial check for use_global_lock. Just an optimization,
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	383 384	* no locking, no memory barrier. */
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	385	if (!sma->use_global_lock) {
6062a8dc0 Rik van Riel ipc,sem: fine gra...	386	/*
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	387 388	* It appears that no complex operation is around. * Acquire the per-semaphore lock.
6062a8dc0 Rik van Riel ipc,sem: fine gra...	389	*/
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	390	spin_lock(&sem->lock);
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	391 392	/* pairs with smp_store_release() */ if (!smp_load_acquire(&sma->use_global_lock)) {
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	393 394	/* fast path successful! */ return sops->sem_num;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	395	}
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	396 397 398 399 400	spin_unlock(&sem->lock); } /* slow path: acquire the full lock */ ipc_lock_object(&sma->sem_perm);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	401
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	402 403 404 405 406 407 408 409 410	if (sma->use_global_lock == 0) { /* * The use_global_lock mode ended while we waited for * sma->sem_perm.lock. Thus we must switch to locking * with sem->lock. * Unlike in the fast path, there is no need to recheck * sma->use_global_lock after we have acquired sem->lock: * We own sma->sem_perm.lock, thus use_global_lock cannot * change.
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	411 412	*/ spin_lock(&sem->lock);
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	413
5e9d52759 Manfred Spraul ipc/sem.c: fix ra...	414 415	ipc_unlock_object(&sma->sem_perm); return sops->sem_num;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	416	} else {
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	417 418 419 420	/* * Not a false alarm, thus continue to use the global lock * mode. No need for complexmode_enter(), this was done by * the caller that has set use_global_mode to non-zero.
6062a8dc0 Rik van Riel ipc,sem: fine gra...	421	*/
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	422	return SEM_GLOBAL_LOCK;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	423	}
6062a8dc0 Rik van Riel ipc,sem: fine gra...	424 425 426 427	} static inline void sem_unlock(struct sem_array *sma, int locknum) {
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	428	if (locknum == SEM_GLOBAL_LOCK) {
f269f40ad Manfred Spraul ipc/sem.c: always...	429	unmerge_queues(sma);
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	430	complexmode_tryleave(sma);
cf9d5d78d Davidlohr Bueso ipc: close open c...	431	ipc_unlock_object(&sma->sem_perm);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	432	} else {
1a2339567 Manfred Spraul ipc/sem.c: remove...	433	struct sem *sem = &sma->sems[locknum];
6062a8dc0 Rik van Riel ipc,sem: fine gra...	434 435	spin_unlock(&sem->lock); }
6062a8dc0 Rik van Riel ipc,sem: fine gra...	436 437 438	} /*
d9a605e40 Davidlohr Bueso ipc: rename ids->...	439	* sem_lock_(check_) routines are called in the paths where the rwsem
3e148c799 Nadia Derbey fix idr_find() lo...	440	* is not held.
321310ced Linus Torvalds ipc: move sem_obt...	441 442	* * The caller holds the RCU read lock.
3e148c799 Nadia Derbey fix idr_find() lo...	443	*/
16df3674e Davidlohr Bueso ipc,sem: do not h...	444 445	static inline struct sem_array sem_obtain_object(struct ipc_namespace ns, int id) {
55b7ae501 Davidlohr Bueso ipc: rename ipc_o...	446	struct kern_ipc_perm *ipcp = ipc_obtain_object_idr(&sem_ids(ns), id);
16df3674e Davidlohr Bueso ipc,sem: do not h...	447 448 449 450 451 452	if (IS_ERR(ipcp)) return ERR_CAST(ipcp); return container_of(ipcp, struct sem_array, sem_perm); }
16df3674e Davidlohr Bueso ipc,sem: do not h...	453 454 455 456 457 458 459	static inline struct sem_array sem_obtain_object_check(struct ipc_namespace ns, int id) { struct kern_ipc_perm *ipcp = ipc_obtain_object_check(&sem_ids(ns), id); if (IS_ERR(ipcp)) return ERR_CAST(ipcp);
b1ed88b47 Pierre Peiffer IPC: fix error ch...	460
03f02c765 Nadia Derbey Storing ipcs into...	461	return container_of(ipcp, struct sem_array, sem_perm);
023a53557 Nadia Derbey ipc: integrate ip...	462	}
6ff379721 Pierre Peiffer IPC/semaphores: c...	463 464	static inline void sem_lock_and_putref(struct sem_array *sma) {
6062a8dc0 Rik van Riel ipc,sem: fine gra...	465	sem_lock(sma, NULL, -1);
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	466	ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
6ff379721 Pierre Peiffer IPC/semaphores: c...	467	}
7ca7e564e Nadia Derbey ipc: store ipcs i...	468 469 470 471	static inline void sem_rmid(struct ipc_namespace ns, struct sem_array s) { ipc_rmid(&sem_ids(ns), &s->sem_perm); }
101ede01d Kees Cook ipc/sem: avoid ip...	472 473 474	static struct sem_array sem_alloc(size_t nsems) { struct sem_array sma;
101ede01d Kees Cook ipc/sem: avoid ip...	475 476 477	if (nsems > (INT_MAX - sizeof(*sma)) / sizeof(sma->sems[0])) return NULL;
4a2ae9299 Gustavo A. R. Silva ipc/sem.c: replac...	478	sma = kvzalloc(struct_size(sma, sems, nsems), GFP_KERNEL);
101ede01d Kees Cook ipc/sem: avoid ip...	479 480	if (unlikely(!sma)) return NULL;
101ede01d Kees Cook ipc/sem: avoid ip...	481 482	return sma; }
f4566f048 Nadia Derbey ipc: fix wrong co...	483 484 485 486 487	/** * newary - Create a new semaphore set * @ns: namespace * @params: ptr to the structure that contains key, semflg and nsems *
d9a605e40 Davidlohr Bueso ipc: rename ids->...	488	* Called with sem_ids.rwsem held (as a writer)
f4566f048 Nadia Derbey ipc: fix wrong co...	489	*/
7748dbfaa Nadia Derbey ipc: unify the sy...	490	static int newary(struct ipc_namespace ns, struct ipc_params params)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	491	{
1da177e4c Linus Torvalds Linux-2.6.12-rc2	492 493	int retval; struct sem_array *sma;
7748dbfaa Nadia Derbey ipc: unify the sy...	494 495 496	key_t key = params->key; int nsems = params->u.nsems; int semflg = params->flg;
b97e820ff Manfred Spraul ipc/sem.c: add a ...	497	int i;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	498 499 500	if (!nsems) return -EINVAL;
e38935341 Kirill Korotaev [PATCH] IPC names...	501	if (ns->used_sems + nsems > ns->sc_semmns)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	502	return -ENOSPC;
101ede01d Kees Cook ipc/sem: avoid ip...	503	sma = sem_alloc(nsems);
3ab08fe20 Davidlohr Bueso ipc: remove brace...	504	if (!sma)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	505	return -ENOMEM;
3ab08fe20 Davidlohr Bueso ipc: remove brace...	506
1da177e4c Linus Torvalds Linux-2.6.12-rc2	507 508 509 510	sma->sem_perm.mode = (semflg & S_IRWXUGO); sma->sem_perm.key = key; sma->sem_perm.security = NULL;
aefad9593 Eric W. Biederman sem/security: Pas...	511	retval = security_sem_alloc(&sma->sem_perm);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	512	if (retval) {
e2029dfee Kees Cook ipc/sem: drop __s...	513	kvfree(sma);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	514 515	return retval; }
6062a8dc0 Rik van Riel ipc,sem: fine gra...	516	for (i = 0; i < nsems; i++) {
1a2339567 Manfred Spraul ipc/sem.c: remove...	517 518 519	INIT_LIST_HEAD(&sma->sems[i].pending_alter); INIT_LIST_HEAD(&sma->sems[i].pending_const); spin_lock_init(&sma->sems[i].lock);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	520	}
b97e820ff Manfred Spraul ipc/sem.c: add a ...	521 522	sma->complex_count = 0;
9de5ab8a2 Manfred Spraul ipc/sem: add hyst...	523	sma->use_global_lock = USE_GLOBAL_LOCK_HYSTERESIS;
1a82e9e1d Manfred Spraul ipc/sem: separate...	524 525	INIT_LIST_HEAD(&sma->pending_alter); INIT_LIST_HEAD(&sma->pending_const);
4daa28f6d Manfred Spraul ipc/sem.c: conver...	526	INIT_LIST_HEAD(&sma->list_id);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	527	sma->sem_nsems = nsems;
e54d02b23 Deepa Dinamani ipc: sem: Make se...	528	sma->sem_ctime = ktime_get_real_seconds();
e8577d1f0 Manfred Spraul ipc/sem.c: fully ...	529
39c96a1b9 Davidlohr Bueso sysvipc: duplicat...	530	/* ipc_addid() locks sma upon success. */
2ec55f802 Manfred Spraul ipc/sem.c: avoid ...	531 532	retval = ipc_addid(&sem_ids(ns), &sma->sem_perm, ns->sc_semmni); if (retval < 0) {
39cfffd77 Manfred Spraul ipc/util.c: use i...	533	ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
2ec55f802 Manfred Spraul ipc/sem.c: avoid ...	534	return retval;
e8577d1f0 Manfred Spraul ipc/sem.c: fully ...	535 536	} ns->used_sems += nsems;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	537	sem_unlock(sma, -1);
6d49dab8a Linus Torvalds ipc: move rcu_rea...	538	rcu_read_unlock();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	539
7ca7e564e Nadia Derbey ipc: store ipcs i...	540	return sma->sem_perm.id;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	541	}
7748dbfaa Nadia Derbey ipc: unify the sy...	542
f4566f048 Nadia Derbey ipc: fix wrong co...	543	/*
d9a605e40 Davidlohr Bueso ipc: rename ids->...	544	* Called with sem_ids.rwsem and ipcp locked.
f4566f048 Nadia Derbey ipc: fix wrong co...	545	*/
03f02c765 Nadia Derbey Storing ipcs into...	546 547	static inline int sem_more_checks(struct kern_ipc_perm ipcp, struct ipc_params params)
7748dbfaa Nadia Derbey ipc: unify the sy...	548	{
03f02c765 Nadia Derbey Storing ipcs into...	549 550 551 552	struct sem_array *sma; sma = container_of(ipcp, struct sem_array, sem_perm); if (params->u.nsems > sma->sem_nsems)
7748dbfaa Nadia Derbey ipc: unify the sy...	553 554 555 556	return -EINVAL; return 0; }
69894718a Dominik Brodowski ipc: add semget s...	557	long ksys_semget(key_t key, int nsems, int semflg)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	558	{
e38935341 Kirill Korotaev [PATCH] IPC names...	559	struct ipc_namespace *ns;
eb66ec44f Mathias Krause ipc: constify ipc...	560 561	static const struct ipc_ops sem_ops = { .getnew = newary,
50ab44b1c Eric W. Biederman ipc: Directly cal...	562	.associate = security_sem_associate,
eb66ec44f Mathias Krause ipc: constify ipc...	563 564	.more_checks = sem_more_checks, };
7748dbfaa Nadia Derbey ipc: unify the sy...	565	struct ipc_params sem_params;
e38935341 Kirill Korotaev [PATCH] IPC names...	566 567	ns = current->nsproxy->ipc_ns;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	568
e38935341 Kirill Korotaev [PATCH] IPC names...	569	if (nsems < 0 \|\| nsems > ns->sc_semmsl)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	570	return -EINVAL;
7ca7e564e Nadia Derbey ipc: store ipcs i...	571
7748dbfaa Nadia Derbey ipc: unify the sy...	572 573 574	sem_params.key = key; sem_params.flg = semflg; sem_params.u.nsems = nsems;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	575
7748dbfaa Nadia Derbey ipc: unify the sy...	576	return ipcget(ns, &sem_ids(ns), &sem_ops, &sem_params);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	577	}
69894718a Dominik Brodowski ipc: add semget s...	578 579 580 581	SYSCALL_DEFINE3(semget, key_t, key, int, nsems, int, semflg) { return ksys_semget(key, nsems, semflg); }
78f5009cc Petr Mladek ipc/sem.c: avoid ...	582	/**
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	583 584	* perform_atomic_semop[_slow] - Attempt to perform semaphore * operations on a given array.
758a6ba39 Manfred Spraul ipc/sem.c: rename...	585	* @sma: semaphore array
d198cd6d6 Manfred Spraul ipc/sem.c: change...	586	* @q: struct sem_queue that describes the operation
758a6ba39 Manfred Spraul ipc/sem.c: rename...	587	*
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	588 589 590 591 592 593 594	* Caller blocking are as follows, based the value * indicated by the semaphore operation (sem_op): * * (1) >0 never blocks. * (2) 0 (wait-for-zero operation): semval is non-zero. * (3) <0 attempting to decrement semval to a value smaller than zero. *
758a6ba39 Manfred Spraul ipc/sem.c: rename...	595 596	* Returns 0 if the operation was possible. * Returns 1 if the operation is impossible, the caller must sleep.
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	597	* Returns <0 for error codes.
1da177e4c Linus Torvalds Linux-2.6.12-rc2	598	*/
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	599	static int perform_atomic_semop_slow(struct sem_array sma, struct sem_queue q)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	600	{
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	601 602	int result, sem_op, nsops; struct pid *pid;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	603	struct sembuf *sop;
239521f31 Manfred Spraul ipc: whitespace c...	604	struct sem *curr;
d198cd6d6 Manfred Spraul ipc/sem.c: change...	605 606 607 608 609 610	struct sembuf sops; struct sem_undo un; sops = q->sops; nsops = q->nsops; un = q->undo;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	611 612	for (sop = sops; sop < sops + nsops; sop++) {
ec67aaa46 Davidlohr Bueso sysvipc/sem: miti...	613 614	int idx = array_index_nospec(sop->sem_num, sma->sem_nsems); curr = &sma->sems[idx];
1da177e4c Linus Torvalds Linux-2.6.12-rc2	615 616	sem_op = sop->sem_op; result = curr->semval;
78f5009cc Petr Mladek ipc/sem.c: avoid ...	617
1da177e4c Linus Torvalds Linux-2.6.12-rc2	618 619 620 621 622 623 624 625	if (!sem_op && result) goto would_block; result += sem_op; if (result < 0) goto would_block; if (result > SEMVMX) goto out_of_range;
78f5009cc Petr Mladek ipc/sem.c: avoid ...	626
1da177e4c Linus Torvalds Linux-2.6.12-rc2	627 628	if (sop->sem_flg & SEM_UNDO) { int undo = un->semadj[sop->sem_num] - sem_op;
78f5009cc Petr Mladek ipc/sem.c: avoid ...	629	/* Exceeding the undo range is an error. */
1da177e4c Linus Torvalds Linux-2.6.12-rc2	630 631	if (undo < (-SEMAEM - 1) \|\| undo > SEMAEM) goto out_of_range;
78f5009cc Petr Mladek ipc/sem.c: avoid ...	632	un->semadj[sop->sem_num] = undo;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	633	}
78f5009cc Petr Mladek ipc/sem.c: avoid ...	634
1da177e4c Linus Torvalds Linux-2.6.12-rc2	635 636 637 638	curr->semval = result; } sop--;
d198cd6d6 Manfred Spraul ipc/sem.c: change...	639	pid = q->pid;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	640	while (sop >= sops) {
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	641	ipc_update_pid(&sma->sems[sop->sem_num].sempid, pid);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	642 643	sop--; }
78f5009cc Petr Mladek ipc/sem.c: avoid ...	644
1da177e4c Linus Torvalds Linux-2.6.12-rc2	645 646 647 648 649 650 651	return 0; out_of_range: result = -ERANGE; goto undo; would_block:
ed247b7ca Manfred Spraul ipc/sem.c: store ...	652	q->blocking = sop;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	653 654 655 656 657 658 659 660	if (sop->sem_flg & IPC_NOWAIT) result = -EAGAIN; else result = 1; undo: sop--; while (sop >= sops) {
78f5009cc Petr Mladek ipc/sem.c: avoid ...	661	sem_op = sop->sem_op;
1a2339567 Manfred Spraul ipc/sem.c: remove...	662	sma->sems[sop->sem_num].semval -= sem_op;
78f5009cc Petr Mladek ipc/sem.c: avoid ...	663 664	if (sop->sem_flg & SEM_UNDO) un->semadj[sop->sem_num] += sem_op;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	665 666 667 668 669	sop--; } return result; }
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691	static int perform_atomic_semop(struct sem_array sma, struct sem_queue q) { int result, sem_op, nsops; struct sembuf sop; struct sem curr; struct sembuf sops; struct sem_undo un; sops = q->sops; nsops = q->nsops; un = q->undo; if (unlikely(q->dupsop)) return perform_atomic_semop_slow(sma, q); /* * We scan the semaphore set twice, first to ensure that the entire * operation can succeed, therefore avoiding any pointless writes * to shared memory and having to undo such changes in order to block * until the operations can go through. */ for (sop = sops; sop < sops + nsops; sop++) {
ec67aaa46 Davidlohr Bueso sysvipc/sem: miti...	692 693 694	int idx = array_index_nospec(sop->sem_num, sma->sem_nsems); curr = &sma->sems[idx];
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717	sem_op = sop->sem_op; result = curr->semval; if (!sem_op && result) goto would_block; /* wait-for-zero / result += sem_op; if (result < 0) goto would_block; if (result > SEMVMX) return -ERANGE; if (sop->sem_flg & SEM_UNDO) { int undo = un->semadj[sop->sem_num] - sem_op; / Exceeding the undo range is an error. */ if (undo < (-SEMAEM - 1) \|\| undo > SEMAEM) return -ERANGE; } } for (sop = sops; sop < sops + nsops; sop++) {
1a2339567 Manfred Spraul ipc/sem.c: remove...	718	curr = &sma->sems[sop->sem_num];
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	719 720 721 722 723 724 725 726 727	sem_op = sop->sem_op; result = curr->semval; if (sop->sem_flg & SEM_UNDO) { int undo = un->semadj[sop->sem_num] - sem_op; un->semadj[sop->sem_num] = undo; } curr->semval += sem_op;
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	728	ipc_update_pid(&curr->sempid, q->pid);
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	729 730 731 732 733 734 735 736	} return 0; would_block: q->blocking = sop; return sop->sem_flg & IPC_NOWAIT ? -EAGAIN : 1; }
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	737 738	static inline void wake_up_sem_queue_prepare(struct sem_queue q, int error, struct wake_q_head wake_q)
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	739	{
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	740 741 742 743 744 745 746 747 748	wake_q_add(wake_q, q->sleeper); /* * Rely on the above implicit barrier, such that we can * ensure that we hold reference to the task before setting * q->status. Otherwise we could race with do_exit if the * task is awoken by an external event before calling * wake_up_process(). */ WRITE_ONCE(q->status, error);
d4212093d Nick Piggin ipc/sem.c: sem pr...	749	}
b97e820ff Manfred Spraul ipc/sem.c: add a ...	750 751 752	static void unlink_queue(struct sem_array sma, struct sem_queue q) { list_del(&q->list);
9f1bc2c90 Rik van Riel ipc,sem: have onl...	753	if (q->nsops > 1)
b97e820ff Manfred Spraul ipc/sem.c: add a ...	754 755	sma->complex_count--; }
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	756 757 758 759 760 761 762	/** check_restart(sma, q) * @sma: semaphore array * @q: the operation that just completed * * update_queue is O(N^2) when it restarts scanning the whole queue of * waiting operations. Therefore this function checks if the restart is * really necessary. It is called after a previously waiting operation
1a82e9e1d Manfred Spraul ipc/sem: separate...	763 764	* modified the array. * Note that wait-for-zero operations are handled without restart.
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	765	*/
4663d3e8f Davidlohr Bueso ipc/sem: explicit...	766	static inline int check_restart(struct sem_array sma, struct sem_queue q)
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	767	{
1a82e9e1d Manfred Spraul ipc/sem: separate...	768 769	/* pending complex alter operations are too difficult to analyse */ if (!list_empty(&sma->pending_alter))
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	770 771 772 773 774	return 1; /* we were a sleeping complex operation. Too difficult */ if (q->nsops > 1) return 1;
1a82e9e1d Manfred Spraul ipc/sem: separate...	775 776 777 778 779 780 781 782 783 784 785 786 787	/* It is impossible that someone waits for the new value: * - complex operations always restart. * - wait-for-zero are handled seperately. * - q is a previously sleeping simple operation that * altered the array. It must be a decrement, because * simple increments never sleep. * - If there are older (higher priority) decrements * in the queue, then they have observed the original * semval value and couldn't proceed. The operation * decremented to value - thus they won't proceed either. */ return 0; }
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	788
1a82e9e1d Manfred Spraul ipc/sem: separate...	789	/**
8001c8581 Davidlohr Bueso ipc: standardize ...	790	* wake_const_ops - wake up non-alter tasks
1a82e9e1d Manfred Spraul ipc/sem: separate...	791 792	* @sma: semaphore array. * @semnum: semaphore that was modified.
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	793	* @wake_q: lockless wake-queue head.
1a82e9e1d Manfred Spraul ipc/sem: separate...	794 795 796 797 798	* * wake_const_ops must be called after a semaphore in a semaphore array * was set to 0. If complex const operations are pending, wake_const_ops must * be called with semnum = -1, as well as with the number of each modified * semaphore.
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	799	* The tasks that must be woken up are added to @wake_q. The return code
1a82e9e1d Manfred Spraul ipc/sem: separate...	800 801 802 803	* is stored in q->pid. * The function returns 1 if at least one operation was completed successfully. / static int wake_const_ops(struct sem_array sma, int semnum,
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	804	struct wake_q_head *wake_q)
1a82e9e1d Manfred Spraul ipc/sem: separate...	805	{
f150f02cf Davidlohr Bueso ipc/sem: use prop...	806	struct sem_queue q, tmp;
1a82e9e1d Manfred Spraul ipc/sem: separate...	807 808 809 810 811 812	struct list_head *pending_list; int semop_completed = 0; if (semnum == -1) pending_list = &sma->pending_const; else
1a2339567 Manfred Spraul ipc/sem.c: remove...	813	pending_list = &sma->sems[semnum].pending_const;
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	814
f150f02cf Davidlohr Bueso ipc/sem: use prop...	815 816	list_for_each_entry_safe(q, tmp, pending_list, list) { int error = perform_atomic_semop(sma, q);
1a82e9e1d Manfred Spraul ipc/sem: separate...	817
f150f02cf Davidlohr Bueso ipc/sem: use prop...	818 819 820 821	if (error > 0) continue; /* operation completed, remove from queue & wakeup */ unlink_queue(sma, q);
1a82e9e1d Manfred Spraul ipc/sem: separate...	822
f150f02cf Davidlohr Bueso ipc/sem: use prop...	823 824 825	wake_up_sem_queue_prepare(q, error, wake_q); if (error == 0) semop_completed = 1;
1a82e9e1d Manfred Spraul ipc/sem: separate...	826	}
f150f02cf Davidlohr Bueso ipc/sem: use prop...	827
1a82e9e1d Manfred Spraul ipc/sem: separate...	828 829 830 831	return semop_completed; } /**
8001c8581 Davidlohr Bueso ipc: standardize ...	832	* do_smart_wakeup_zero - wakeup all wait for zero tasks
1a82e9e1d Manfred Spraul ipc/sem: separate...	833 834 835	* @sma: semaphore array * @sops: operations that were performed * @nsops: number of operations
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	836	* @wake_q: lockless wake-queue head
1a82e9e1d Manfred Spraul ipc/sem: separate...	837	*
8001c8581 Davidlohr Bueso ipc: standardize ...	838 839	* Checks all required queue for wait-for-zero operations, based * on the actual changes that were performed on the semaphore array.
1a82e9e1d Manfred Spraul ipc/sem: separate...	840 841 842	* The function returns 1 if at least one operation was completed successfully. / static int do_smart_wakeup_zero(struct sem_array sma, struct sembuf *sops,
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	843	int nsops, struct wake_q_head *wake_q)
1a82e9e1d Manfred Spraul ipc/sem: separate...	844 845 846 847 848 849 850 851 852	{ int i; int semop_completed = 0; int got_zero = 0; /* first: the per-semaphore queues, if known */ if (sops) { for (i = 0; i < nsops; i++) { int num = sops[i].sem_num;
1a2339567 Manfred Spraul ipc/sem.c: remove...	853	if (sma->sems[num].semval == 0) {
1a82e9e1d Manfred Spraul ipc/sem: separate...	854	got_zero = 1;
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	855	semop_completed \|= wake_const_ops(sma, num, wake_q);
1a82e9e1d Manfred Spraul ipc/sem: separate...	856 857 858 859 860 861	} } } else { /* * No sops means modified semaphores not known. * Assume all were changed.
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	862	*/
1a82e9e1d Manfred Spraul ipc/sem: separate...	863	for (i = 0; i < sma->sem_nsems; i++) {
1a2339567 Manfred Spraul ipc/sem.c: remove...	864	if (sma->sems[i].semval == 0) {
1a82e9e1d Manfred Spraul ipc/sem: separate...	865	got_zero = 1;
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	866	semop_completed \|= wake_const_ops(sma, i, wake_q);
1a82e9e1d Manfred Spraul ipc/sem: separate...	867 868	} }
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	869 870	} /*
1a82e9e1d Manfred Spraul ipc/sem: separate...	871 872	* If one of the modified semaphores got 0, * then check the global queue, too.
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	873	*/
1a82e9e1d Manfred Spraul ipc/sem: separate...	874	if (got_zero)
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	875	semop_completed \|= wake_const_ops(sma, -1, wake_q);
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	876
1a82e9e1d Manfred Spraul ipc/sem: separate...	877	return semop_completed;
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	878	}
636c6be82 Manfred Spraul ipc/sem.c: optimi...	879 880	/**
8001c8581 Davidlohr Bueso ipc: standardize ...	881	* update_queue - look for tasks that can be completed.
636c6be82 Manfred Spraul ipc/sem.c: optimi...	882 883	* @sma: semaphore array. * @semnum: semaphore that was modified.
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	884	* @wake_q: lockless wake-queue head.
636c6be82 Manfred Spraul ipc/sem.c: optimi...	885 886	* * update_queue must be called after a semaphore in a semaphore array
9f1bc2c90 Rik van Riel ipc,sem: have onl...	887 888 889	* was modified. If multiple semaphores were modified, update_queue must * be called with semnum = -1, as well as with the number of each modified * semaphore.
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	890	* The tasks that must be woken up are added to @wake_q. The return code
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	891	* is stored in q->pid.
1a82e9e1d Manfred Spraul ipc/sem: separate...	892 893	* The function internally checks if const operations can now succeed. *
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	894	* The function return 1 if at least one semop was completed successfully.
1da177e4c Linus Torvalds Linux-2.6.12-rc2	895	*/
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	896	static int update_queue(struct sem_array sma, int semnum, struct wake_q_head wake_q)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	897	{
f150f02cf Davidlohr Bueso ipc/sem: use prop...	898	struct sem_queue q, tmp;
636c6be82 Manfred Spraul ipc/sem.c: optimi...	899	struct list_head *pending_list;
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	900	int semop_completed = 0;
636c6be82 Manfred Spraul ipc/sem.c: optimi...	901
9f1bc2c90 Rik van Riel ipc,sem: have onl...	902	if (semnum == -1)
1a82e9e1d Manfred Spraul ipc/sem: separate...	903	pending_list = &sma->pending_alter;
9f1bc2c90 Rik van Riel ipc,sem: have onl...	904	else
1a2339567 Manfred Spraul ipc/sem.c: remove...	905	pending_list = &sma->sems[semnum].pending_alter;
9cad200c7 Nick Piggin ipc/sem.c: sem us...	906 907	again:
f150f02cf Davidlohr Bueso ipc/sem: use prop...	908	list_for_each_entry_safe(q, tmp, pending_list, list) {
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	909	int error, restart;
636c6be82 Manfred Spraul ipc/sem.c: optimi...	910
d987f8b21 Manfred Spraul ipc/sem.c: optimi...	911 912	/* If we are scanning the single sop, per-semaphore list of * one semaphore and that semaphore is 0, then it is not
1a82e9e1d Manfred Spraul ipc/sem: separate...	913	* necessary to scan further: simple increments
d987f8b21 Manfred Spraul ipc/sem.c: optimi...	914 915 916 917	* that affect only one entry succeed immediately and cannot * be in the per semaphore pending queue, and decrements * cannot be successful if the value is already 0. */
1a2339567 Manfred Spraul ipc/sem.c: remove...	918	if (semnum != -1 && sma->sems[semnum].semval == 0)
d987f8b21 Manfred Spraul ipc/sem.c: optimi...	919	break;
d198cd6d6 Manfred Spraul ipc/sem.c: change...	920	error = perform_atomic_semop(sma, q);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	921 922	/* Does q->sleeper still need to sleep? */
9cad200c7 Nick Piggin ipc/sem.c: sem us...	923 924	if (error > 0) continue;
b97e820ff Manfred Spraul ipc/sem.c: add a ...	925	unlink_queue(sma, q);
9cad200c7 Nick Piggin ipc/sem.c: sem us...	926
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	927	if (error) {
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	928	restart = 0;
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	929 930	} else { semop_completed = 1;
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	931	do_smart_wakeup_zero(sma, q->sops, q->nsops, wake_q);
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	932	restart = check_restart(sma, q);
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	933	}
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	934
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	935	wake_up_sem_queue_prepare(q, error, wake_q);
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	936	if (restart)
9cad200c7 Nick Piggin ipc/sem.c: sem us...	937	goto again;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	938	}
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	939	return semop_completed;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	940	}
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	941	/**
8001c8581 Davidlohr Bueso ipc: standardize ...	942	* set_semotime - set sem_otime
0e8c66569 Manfred Spraul ipc/sem.c: update...	943 944 945 946 947 948 949 950 951	* @sma: semaphore array * @sops: operations that modified the array, may be NULL * * sem_otime is replicated to avoid cache line trashing. * This function sets one instance to the current time. / static void set_semotime(struct sem_array sma, struct sembuf *sops) { if (sops == NULL) {
2a70b7879 Arnd Bergmann y2038: ipc: Use k...	952	sma->sems[0].sem_otime = ktime_get_real_seconds();
0e8c66569 Manfred Spraul ipc/sem.c: update...	953	} else {
1a2339567 Manfred Spraul ipc/sem.c: remove...	954	sma->sems[sops[0].sem_num].sem_otime =
2a70b7879 Arnd Bergmann y2038: ipc: Use k...	955	ktime_get_real_seconds();
0e8c66569 Manfred Spraul ipc/sem.c: update...	956 957 958 959	} } /**
8001c8581 Davidlohr Bueso ipc: standardize ...	960	* do_smart_update - optimized update_queue
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	961 962 963	* @sma: semaphore array * @sops: operations that were performed * @nsops: number of operations
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	964	* @otime: force setting otime
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	965	* @wake_q: lockless wake-queue head
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	966	*
1a82e9e1d Manfred Spraul ipc/sem: separate...	967 968	* do_smart_update() does the required calls to update_queue and wakeup_zero, * based on the actual changes that were performed on the semaphore array.
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	969	* Note that the function does not do the actual wake-up: the caller is
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	970	* responsible for calling wake_up_q().
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	971	* It is safe to perform this call after dropping all locks.
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	972	*/
0a2b9d4c7 Manfred Spraul ipc/sem.c: move w...	973	static void do_smart_update(struct sem_array sma, struct sembuf sops, int nsops,
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	974	int otime, struct wake_q_head *wake_q)
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	975 976	{ int i;
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	977	otime \|= do_smart_wakeup_zero(sma, sops, nsops, wake_q);
1a82e9e1d Manfred Spraul ipc/sem: separate...	978
f269f40ad Manfred Spraul ipc/sem.c: always...	979 980	if (!list_empty(&sma->pending_alter)) { /* semaphore array uses the global queue - just process it. */
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	981	otime \|= update_queue(sma, -1, wake_q);
f269f40ad Manfred Spraul ipc/sem.c: always...	982 983 984 985 986 987 988	} else { if (!sops) { /* * No sops, thus the modified semaphores are not * known. Check all. */ for (i = 0; i < sma->sem_nsems; i++)
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	989	otime \|= update_queue(sma, i, wake_q);
f269f40ad Manfred Spraul ipc/sem.c: always...	990 991 992 993 994 995 996 997 998 999 1000 1001 1002	} else { /* * Check the semaphores that were increased: * - No complex ops, thus all sleeping ops are * decrease. * - if we decreased the value, then any sleeping * semaphore ops wont be able to run: If the * previous value was too small, then the new * value will be too small, too. */ for (i = 0; i < nsops; i++) { if (sops[i].sem_op > 0) { otime \|= update_queue(sma,
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1003	sops[i].sem_num, wake_q);
f269f40ad Manfred Spraul ipc/sem.c: always...	1004	}
ab465df9d Manfred Spraul ipc/sem.c: Fix mi...	1005	}
9f1bc2c90 Rik van Riel ipc,sem: have onl...	1006	}
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	1007	}
0e8c66569 Manfred Spraul ipc/sem.c: update...	1008 1009	if (otime) set_semotime(sma, sops);
fd5db4225 Manfred Spraul ipc/sem.c: optimi...	1010	}
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1011	/*
b220c57ae Manfred Spraul ipc/sem.c: make s...	1012	* check_qop: Test if a queued operation sleeps on the semaphore semnum
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1013 1014 1015 1016	/ static int check_qop(struct sem_array sma, int semnum, struct sem_queue *q, bool count_zero) {
b220c57ae Manfred Spraul ipc/sem.c: make s...	1017	struct sembuf *sop = q->blocking;
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1018
9b44ee2ee Manfred Spraul ipc/sem.c: add a ...	1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030	/* * Linux always (since 0.99.10) reported a task as sleeping on all * semaphores. This violates SUS, therefore it was changed to the * standard compliant behavior. * Give the administrators a chance to notice that an application * might misbehave because it relies on the Linux behavior. */ pr_info_once("semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. " "The task %s (%d) triggered the difference, watch for misbehavior. ", current->comm, task_pid_nr(current));
b220c57ae Manfred Spraul ipc/sem.c: make s...	1031 1032	if (sop->sem_num != semnum) return 0;
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1033
b220c57ae Manfred Spraul ipc/sem.c: make s...	1034 1035 1036 1037 1038 1039	if (count_zero && sop->sem_op == 0) return 1; if (!count_zero && sop->sem_op < 0) return 1; return 0;
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1040	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1041 1042 1043	/* The following counts are associated to each semaphore: * semncnt number of tasks waiting on semval being nonzero * semzcnt number of tasks waiting on semval being zero
b220c57ae Manfred Spraul ipc/sem.c: make s...	1044 1045 1046	* * Per definition, a task waits only on the semaphore of the first semop * that cannot proceed, even if additional operation would block, too.
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1047	*/
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1048 1049	static int count_semcnt(struct sem_array *sma, ushort semnum, bool count_zero)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1050	{
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1051	struct list_head *l;
239521f31 Manfred Spraul ipc: whitespace c...	1052	struct sem_queue *q;
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1053	int semcnt;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1054
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1055 1056 1057	semcnt = 0; /* First: check the simple operations. They are easy to evaluate */ if (count_zero)
1a2339567 Manfred Spraul ipc/sem.c: remove...	1058	l = &sma->sems[semnum].pending_const;
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1059	else
1a2339567 Manfred Spraul ipc/sem.c: remove...	1060	l = &sma->sems[semnum].pending_alter;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1061
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1062 1063 1064 1065 1066	list_for_each_entry(q, l, list) { /* all task on a per-semaphore list sleep on exactly * that semaphore */ semcnt++;
ebc2e5e6a Rik van Riel ipc,sem: fix semc...	1067	}
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1068	/* Then: check the complex operations. */
1994862dc Manfred Spraul ipc/sem.c: bugfix...	1069	list_for_each_entry(q, &sma->pending_alter, list) {
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1070 1071 1072 1073 1074 1075	semcnt += check_qop(sma, semnum, q, count_zero); } if (count_zero) { list_for_each_entry(q, &sma->pending_const, list) { semcnt += check_qop(sma, semnum, q, count_zero); }
1994862dc Manfred Spraul ipc/sem.c: bugfix...	1076	}
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1077	return semcnt;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1078	}
d9a605e40 Davidlohr Bueso ipc: rename ids->...	1079 1080	/* Free a semaphore set. freeary() is called with sem_ids.rwsem locked * as a writer and the spinlock for this semaphore set hold. sem_ids.rwsem
3e148c799 Nadia Derbey fix idr_find() lo...	1081	* remains locked on exit.
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1082	*/
01b8b07a5 Pierre Peiffer IPC: consolidate ...	1083	static void freeary(struct ipc_namespace ns, struct kern_ipc_perm ipcp)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1084	{
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1085 1086	struct sem_undo un, tu; struct sem_queue q, tq;
01b8b07a5 Pierre Peiffer IPC: consolidate ...	1087	struct sem_array *sma = container_of(ipcp, struct sem_array, sem_perm);
9f1bc2c90 Rik van Riel ipc,sem: have onl...	1088	int i;
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1089	DEFINE_WAKE_Q(wake_q);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1090
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1091	/* Free the existing undo structures for this semaphore set. */
cf9d5d78d Davidlohr Bueso ipc: close open c...	1092	ipc_assert_locked_object(&sma->sem_perm);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1093 1094 1095	list_for_each_entry_safe(un, tu, &sma->list_id, list_id) { list_del(&un->list_id); spin_lock(&un->ulp->lock);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1096	un->semid = -1;
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1097 1098	list_del_rcu(&un->list_proc); spin_unlock(&un->ulp->lock);
693a8b6ee Lai Jiangshan ipc,rcu: Convert ...	1099	kfree_rcu(un, rcu);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1100	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1101 1102	/* Wake up all pending processes and let them fail with EIDRM. */
1a82e9e1d Manfred Spraul ipc/sem: separate...	1103 1104	list_for_each_entry_safe(q, tq, &sma->pending_const, list) { unlink_queue(sma, q);
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1105	wake_up_sem_queue_prepare(q, -EIDRM, &wake_q);
1a82e9e1d Manfred Spraul ipc/sem: separate...	1106 1107 1108	} list_for_each_entry_safe(q, tq, &sma->pending_alter, list) {
b97e820ff Manfred Spraul ipc/sem.c: add a ...	1109	unlink_queue(sma, q);
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1110	wake_up_sem_queue_prepare(q, -EIDRM, &wake_q);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1111	}
9f1bc2c90 Rik van Riel ipc,sem: have onl...	1112	for (i = 0; i < sma->sem_nsems; i++) {
1a2339567 Manfred Spraul ipc/sem.c: remove...	1113	struct sem *sem = &sma->sems[i];
1a82e9e1d Manfred Spraul ipc/sem: separate...	1114 1115	list_for_each_entry_safe(q, tq, &sem->pending_const, list) { unlink_queue(sma, q);
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1116	wake_up_sem_queue_prepare(q, -EIDRM, &wake_q);
1a82e9e1d Manfred Spraul ipc/sem: separate...	1117 1118	} list_for_each_entry_safe(q, tq, &sem->pending_alter, list) {
9f1bc2c90 Rik van Riel ipc,sem: have onl...	1119	unlink_queue(sma, q);
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1120	wake_up_sem_queue_prepare(q, -EIDRM, &wake_q);
9f1bc2c90 Rik van Riel ipc,sem: have onl...	1121	}
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	1122	ipc_update_pid(&sem->sempid, NULL);
9f1bc2c90 Rik van Riel ipc,sem: have onl...	1123	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1124
7ca7e564e Nadia Derbey ipc: store ipcs i...	1125 1126	/* Remove the semaphore set from the IDR */ sem_rmid(ns, sma);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1127	sem_unlock(sma, -1);
6d49dab8a Linus Torvalds ipc: move rcu_rea...	1128	rcu_read_unlock();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1129
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1130	wake_up_q(&wake_q);
e38935341 Kirill Korotaev [PATCH] IPC names...	1131	ns->used_sems -= sma->sem_nsems;
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	1132	ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1133 1134 1135 1136	} static unsigned long copy_semid_to_user(void __user buf, struct semid64_ds in, int version) {
239521f31 Manfred Spraul ipc: whitespace c...	1137	switch (version) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1138 1139 1140 1141 1142	case IPC_64: return copy_to_user(buf, in, sizeof(*in)); case IPC_OLD: { struct semid_ds out;
982f7c2b2 Dan Rosenberg sys_semctl: fix k...	1143	memset(&out, 0, sizeof(out));
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155	ipc64_perm_to_ipc_perm(&in->sem_perm, &out.sem_perm); out.sem_otime = in->sem_otime; out.sem_ctime = in->sem_ctime; out.sem_nsems = in->sem_nsems; return copy_to_user(buf, &out, sizeof(out)); } default: return -EINVAL; } }
e54d02b23 Deepa Dinamani ipc: sem: Make se...	1156	static time64_t get_semotime(struct sem_array *sma)
d12e1e50e Manfred Spraul ipc/sem.c: replac...	1157 1158	{ int i;
e54d02b23 Deepa Dinamani ipc: sem: Make se...	1159	time64_t res;
d12e1e50e Manfred Spraul ipc/sem.c: replac...	1160
1a2339567 Manfred Spraul ipc/sem.c: remove...	1161	res = sma->sems[0].sem_otime;
d12e1e50e Manfred Spraul ipc/sem.c: replac...	1162	for (i = 1; i < sma->sem_nsems; i++) {
e54d02b23 Deepa Dinamani ipc: sem: Make se...	1163	time64_t to = sma->sems[i].sem_otime;
d12e1e50e Manfred Spraul ipc/sem.c: replac...	1164 1165 1166 1167 1168 1169	if (to > res) res = to; } return res; }
45a4a64ab Al Viro semctl(): separat...	1170 1171	static int semctl_stat(struct ipc_namespace ns, int semid, int cmd, struct semid64_ds semid64)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1172	{
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1173	struct sem_array *sma;
c2ab975c3 Arnd Bergmann y2038: ipc: Repor...	1174	time64_t semotime;
45a4a64ab Al Viro semctl(): separat...	1175	int err;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1176
45a4a64ab Al Viro semctl(): separat...	1177	memset(semid64, 0, sizeof(*semid64));
46c0a8ca3 Paul McQuade ipc, kernel: clea...	1178
45a4a64ab Al Viro semctl(): separat...	1179	rcu_read_lock();
a280d6dc7 Davidlohr Bueso ipc/sem: introduc...	1180	if (cmd == SEM_STAT \|\| cmd == SEM_STAT_ANY) {
45a4a64ab Al Viro semctl(): separat...	1181 1182 1183 1184 1185	sma = sem_obtain_object(ns, semid); if (IS_ERR(sma)) { err = PTR_ERR(sma); goto out_unlock; }
a280d6dc7 Davidlohr Bueso ipc/sem: introduc...	1186	} else { /* IPC_STAT */
45a4a64ab Al Viro semctl(): separat...	1187 1188 1189 1190	sma = sem_obtain_object_check(ns, semid); if (IS_ERR(sma)) { err = PTR_ERR(sma); goto out_unlock;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1191	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1192	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1193
a280d6dc7 Davidlohr Bueso ipc/sem: introduc...	1194 1195 1196 1197 1198 1199 1200 1201	/* see comment for SHM_STAT_ANY */ if (cmd == SEM_STAT_ANY) audit_ipc_obj(&sma->sem_perm); else { err = -EACCES; if (ipcperms(ns, &sma->sem_perm, S_IRUGO)) goto out_unlock; }
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1202
aefad9593 Eric W. Biederman sem/security: Pas...	1203	err = security_sem_semctl(&sma->sem_perm, cmd);
45a4a64ab Al Viro semctl(): separat...	1204 1205	if (err) goto out_unlock;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1206
87ad4b0d8 Philippe Mikoyan ipc: fix ipc data...	1207 1208 1209 1210 1211 1212 1213	ipc_lock_object(&sma->sem_perm); if (!ipc_valid_object(&sma->sem_perm)) { ipc_unlock_object(&sma->sem_perm); err = -EIDRM; goto out_unlock; }
45a4a64ab Al Viro semctl(): separat...	1214	kernel_to_ipc64_perm(&sma->sem_perm, &semid64->sem_perm);
c2ab975c3 Arnd Bergmann y2038: ipc: Repor...	1215 1216	semotime = get_semotime(sma); semid64->sem_otime = semotime;
45a4a64ab Al Viro semctl(): separat...	1217	semid64->sem_ctime = sma->sem_ctime;
c2ab975c3 Arnd Bergmann y2038: ipc: Repor...	1218 1219 1220 1221	#ifndef CONFIG_64BIT semid64->sem_otime_high = semotime >> 32; semid64->sem_ctime_high = sma->sem_ctime >> 32; #endif
45a4a64ab Al Viro semctl(): separat...	1222	semid64->sem_nsems = sma->sem_nsems;
87ad4b0d8 Philippe Mikoyan ipc: fix ipc data...	1223
615c999cd Manfred Spraul ipc: compute kern...	1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236	if (cmd == IPC_STAT) { /* * As defined in SUS: * Return 0 on success / err = 0; } else { / * SEM_STAT and SEM_STAT_ANY (both Linux specific) * Return the full id, including the sequence number */ err = sma->sem_perm.id; }
87ad4b0d8 Philippe Mikoyan ipc: fix ipc data...	1237	ipc_unlock_object(&sma->sem_perm);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1238	out_unlock:
16df3674e Davidlohr Bueso ipc,sem: do not h...	1239	rcu_read_unlock();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1240 1241	return err; }
45a4a64ab Al Viro semctl(): separat...	1242 1243 1244 1245	static int semctl_info(struct ipc_namespace ns, int semid, int cmd, void __user p) { struct seminfo seminfo;
27c331a17 Manfred Spraul ipc/util.c: furth...	1246	int max_idx;
45a4a64ab Al Viro semctl(): separat...	1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269	int err; err = security_sem_semctl(NULL, cmd); if (err) return err; memset(&seminfo, 0, sizeof(seminfo)); seminfo.semmni = ns->sc_semmni; seminfo.semmns = ns->sc_semmns; seminfo.semmsl = ns->sc_semmsl; seminfo.semopm = ns->sc_semopm; seminfo.semvmx = SEMVMX; seminfo.semmnu = SEMMNU; seminfo.semmap = SEMMAP; seminfo.semume = SEMUME; down_read(&sem_ids(ns).rwsem); if (cmd == SEM_INFO) { seminfo.semusz = sem_ids(ns).in_use; seminfo.semaem = ns->used_sems; } else { seminfo.semusz = SEMUSZ; seminfo.semaem = SEMAEM; }
27c331a17 Manfred Spraul ipc/util.c: furth...	1270	max_idx = ipc_get_maxidx(&sem_ids(ns));
45a4a64ab Al Viro semctl(): separat...	1271 1272 1273	up_read(&sem_ids(ns).rwsem); if (copy_to_user(p, &seminfo, sizeof(struct seminfo))) return -EFAULT;
27c331a17 Manfred Spraul ipc/util.c: furth...	1274	return (max_idx < 0) ? 0 : max_idx;
45a4a64ab Al Viro semctl(): separat...	1275	}
e1fd1f490 Al Viro get rid of union ...	1276	static int semctl_setval(struct ipc_namespace *ns, int semid, int semnum,
45a4a64ab Al Viro semctl(): separat...	1277	int val)
e1fd1f490 Al Viro get rid of union ...	1278 1279 1280	{ struct sem_undo un; struct sem_array sma;
239521f31 Manfred Spraul ipc: whitespace c...	1281	struct sem *curr;
45a4a64ab Al Viro semctl(): separat...	1282	int err;
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1283	DEFINE_WAKE_Q(wake_q);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1284 1285	if (val > SEMVMX \|\| val < 0) return -ERANGE;
e1fd1f490 Al Viro get rid of union ...	1286
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303	rcu_read_lock(); sma = sem_obtain_object_check(ns, semid); if (IS_ERR(sma)) { rcu_read_unlock(); return PTR_ERR(sma); } if (semnum < 0 \|\| semnum >= sma->sem_nsems) { rcu_read_unlock(); return -EINVAL; } if (ipcperms(ns, &sma->sem_perm, S_IWUGO)) { rcu_read_unlock(); return -EACCES; }
e1fd1f490 Al Viro get rid of union ...	1304
aefad9593 Eric W. Biederman sem/security: Pas...	1305	err = security_sem_semctl(&sma->sem_perm, SETVAL);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1306 1307 1308 1309	if (err) { rcu_read_unlock(); return -EACCES; }
e1fd1f490 Al Viro get rid of union ...	1310
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1311	sem_lock(sma, NULL, -1);
e1fd1f490 Al Viro get rid of union ...	1312
0f3d2b013 Rafael Aquini ipc: introduce ip...	1313	if (!ipc_valid_object(&sma->sem_perm)) {
6e224f945 Manfred Spraul ipc/sem.c: synchr...	1314 1315 1316 1317	sem_unlock(sma, -1); rcu_read_unlock(); return -EIDRM; }
ec67aaa46 Davidlohr Bueso sysvipc/sem: miti...	1318	semnum = array_index_nospec(semnum, sma->sem_nsems);
1a2339567 Manfred Spraul ipc/sem.c: remove...	1319	curr = &sma->sems[semnum];
e1fd1f490 Al Viro get rid of union ...	1320
cf9d5d78d Davidlohr Bueso ipc: close open c...	1321	ipc_assert_locked_object(&sma->sem_perm);
e1fd1f490 Al Viro get rid of union ...	1322 1323 1324 1325	list_for_each_entry(un, &sma->list_id, list_id) un->semadj[semnum] = 0; curr->semval = val;
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	1326	ipc_update_pid(&curr->sempid, task_tgid(current));
e54d02b23 Deepa Dinamani ipc: sem: Make se...	1327	sma->sem_ctime = ktime_get_real_seconds();
e1fd1f490 Al Viro get rid of union ...	1328	/* maybe some queued-up processes were waiting for this */
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1329	do_smart_update(sma, NULL, 0, 0, &wake_q);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1330	sem_unlock(sma, -1);
6d49dab8a Linus Torvalds ipc: move rcu_rea...	1331	rcu_read_unlock();
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1332	wake_up_q(&wake_q);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1333	return 0;
e1fd1f490 Al Viro get rid of union ...	1334	}
e38935341 Kirill Korotaev [PATCH] IPC names...	1335	static int semctl_main(struct ipc_namespace *ns, int semid, int semnum,
e1fd1f490 Al Viro get rid of union ...	1336	int cmd, void __user *p)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1337 1338	{ struct sem_array *sma;
239521f31 Manfred Spraul ipc: whitespace c...	1339	struct sem *curr;
16df3674e Davidlohr Bueso ipc,sem: do not h...	1340	int err, nsems;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1341	ushort fast_sem_io[SEMMSL_FAST];
239521f31 Manfred Spraul ipc: whitespace c...	1342	ushort *sem_io = fast_sem_io;
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1343	DEFINE_WAKE_Q(wake_q);
16df3674e Davidlohr Bueso ipc,sem: do not h...	1344 1345 1346 1347 1348	rcu_read_lock(); sma = sem_obtain_object_check(ns, semid); if (IS_ERR(sma)) { rcu_read_unlock();
023a53557 Nadia Derbey ipc: integrate ip...	1349	return PTR_ERR(sma);
16df3674e Davidlohr Bueso ipc,sem: do not h...	1350	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1351 1352	nsems = sma->sem_nsems;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1353	err = -EACCES;
c728b9c87 Linus Torvalds ipc: simplify sem...	1354 1355	if (ipcperms(ns, &sma->sem_perm, cmd == SETALL ? S_IWUGO : S_IRUGO)) goto out_rcu_wakeup;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1356
aefad9593 Eric W. Biederman sem/security: Pas...	1357	err = security_sem_semctl(&sma->sem_perm, cmd);
c728b9c87 Linus Torvalds ipc: simplify sem...	1358 1359	if (err) goto out_rcu_wakeup;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1360 1361 1362 1363 1364	err = -EACCES; switch (cmd) { case GETALL: {
e1fd1f490 Al Viro get rid of union ...	1365	ushort __user *array = p;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1366	int i;
ce857229e Al Viro ipc: fix GETALL/I...	1367	sem_lock(sma, NULL, -1);
0f3d2b013 Rafael Aquini ipc: introduce ip...	1368	if (!ipc_valid_object(&sma->sem_perm)) {
6e224f945 Manfred Spraul ipc/sem.c: synchr...	1369 1370 1371	err = -EIDRM; goto out_unlock; }
239521f31 Manfred Spraul ipc: whitespace c...	1372	if (nsems > SEMMSL_FAST) {
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	1373	if (!ipc_rcu_getref(&sma->sem_perm)) {
ce857229e Al Viro ipc: fix GETALL/I...	1374	err = -EIDRM;
6e224f945 Manfred Spraul ipc/sem.c: synchr...	1375	goto out_unlock;
ce857229e Al Viro ipc: fix GETALL/I...	1376 1377	} sem_unlock(sma, -1);
6d49dab8a Linus Torvalds ipc: move rcu_rea...	1378	rcu_read_unlock();
f8dbe8d29 Kees Cook ipc: drop non-RCU...	1379 1380	sem_io = kvmalloc_array(nsems, sizeof(ushort), GFP_KERNEL);
239521f31 Manfred Spraul ipc: whitespace c...	1381	if (sem_io == NULL) {
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	1382	ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1383 1384	return -ENOMEM; }
4091fd942 Linus Torvalds ipc: move the rcu...	1385	rcu_read_lock();
6ff379721 Pierre Peiffer IPC/semaphores: c...	1386	sem_lock_and_putref(sma);
0f3d2b013 Rafael Aquini ipc: introduce ip...	1387	if (!ipc_valid_object(&sma->sem_perm)) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1388	err = -EIDRM;
6e224f945 Manfred Spraul ipc/sem.c: synchr...	1389	goto out_unlock;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1390	}
ce857229e Al Viro ipc: fix GETALL/I...	1391	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1392	for (i = 0; i < sma->sem_nsems; i++)
1a2339567 Manfred Spraul ipc/sem.c: remove...	1393	sem_io[i] = sma->sems[i].semval;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1394	sem_unlock(sma, -1);
6d49dab8a Linus Torvalds ipc: move rcu_rea...	1395	rcu_read_unlock();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1396	err = 0;
239521f31 Manfred Spraul ipc: whitespace c...	1397	if (copy_to_user(array, sem_io, nsems*sizeof(ushort)))
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1398 1399 1400 1401 1402 1403 1404	err = -EFAULT; goto out_free; } case SETALL: { int i; struct sem_undo *un;
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	1405	if (!ipc_rcu_getref(&sma->sem_perm)) {
6e224f945 Manfred Spraul ipc/sem.c: synchr...	1406 1407	err = -EIDRM; goto out_rcu_wakeup;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1408	}
16df3674e Davidlohr Bueso ipc,sem: do not h...	1409	rcu_read_unlock();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1410
239521f31 Manfred Spraul ipc: whitespace c...	1411	if (nsems > SEMMSL_FAST) {
f8dbe8d29 Kees Cook ipc: drop non-RCU...	1412 1413	sem_io = kvmalloc_array(nsems, sizeof(ushort), GFP_KERNEL);
239521f31 Manfred Spraul ipc: whitespace c...	1414	if (sem_io == NULL) {
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	1415	ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1416 1417 1418	return -ENOMEM; } }
239521f31 Manfred Spraul ipc: whitespace c...	1419	if (copy_from_user(sem_io, p, nsems*sizeof(ushort))) {
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	1420	ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1421 1422 1423 1424 1425 1426	err = -EFAULT; goto out_free; } for (i = 0; i < nsems; i++) { if (sem_io[i] > SEMVMX) {
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	1427	ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1428 1429 1430 1431	err = -ERANGE; goto out_free; } }
4091fd942 Linus Torvalds ipc: move the rcu...	1432	rcu_read_lock();
6ff379721 Pierre Peiffer IPC/semaphores: c...	1433	sem_lock_and_putref(sma);
0f3d2b013 Rafael Aquini ipc: introduce ip...	1434	if (!ipc_valid_object(&sma->sem_perm)) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1435	err = -EIDRM;
6e224f945 Manfred Spraul ipc/sem.c: synchr...	1436	goto out_unlock;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1437	}
a5f4db877 Davidlohr Bueso ipc/sem: make sem...	1438	for (i = 0; i < nsems; i++) {
1a2339567 Manfred Spraul ipc/sem.c: remove...	1439	sma->sems[i].semval = sem_io[i];
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	1440	ipc_update_pid(&sma->sems[i].sempid, task_tgid(current));
a5f4db877 Davidlohr Bueso ipc/sem: make sem...	1441	}
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1442
cf9d5d78d Davidlohr Bueso ipc: close open c...	1443	ipc_assert_locked_object(&sma->sem_perm);
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1444	list_for_each_entry(un, &sma->list_id, list_id) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1445 1446	for (i = 0; i < nsems; i++) un->semadj[i] = 0;
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1447	}
e54d02b23 Deepa Dinamani ipc: sem: Make se...	1448	sma->sem_ctime = ktime_get_real_seconds();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1449	/* maybe some queued-up processes were waiting for this */
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1450	do_smart_update(sma, NULL, 0, 0, &wake_q);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1451 1452 1453	err = 0; goto out_unlock; }
e1fd1f490 Al Viro get rid of union ...	1454	/* GETVAL, GETPID, GETNCTN, GETZCNT: fall-through */
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1455 1456	} err = -EINVAL;
c728b9c87 Linus Torvalds ipc: simplify sem...	1457 1458	if (semnum < 0 \|\| semnum >= nsems) goto out_rcu_wakeup;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1459
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1460	sem_lock(sma, NULL, -1);
0f3d2b013 Rafael Aquini ipc: introduce ip...	1461	if (!ipc_valid_object(&sma->sem_perm)) {
6e224f945 Manfred Spraul ipc/sem.c: synchr...	1462 1463 1464	err = -EIDRM; goto out_unlock; }
ec67aaa46 Davidlohr Bueso sysvipc/sem: miti...	1465 1466	semnum = array_index_nospec(semnum, nsems);
1a2339567 Manfred Spraul ipc/sem.c: remove...	1467	curr = &sma->sems[semnum];
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1468 1469 1470 1471 1472 1473	switch (cmd) { case GETVAL: err = curr->semval; goto out_unlock; case GETPID:
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	1474	err = pid_vnr(curr->sempid);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1475 1476	goto out_unlock; case GETNCNT:
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1477	err = count_semcnt(sma, semnum, 0);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1478 1479	goto out_unlock; case GETZCNT:
2f2ed41dc Manfred Spraul ipc/sem.c: remove...	1480	err = count_semcnt(sma, semnum, 1);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1481	goto out_unlock;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1482	}
16df3674e Davidlohr Bueso ipc,sem: do not h...	1483
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1484	out_unlock:
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1485	sem_unlock(sma, -1);
c728b9c87 Linus Torvalds ipc: simplify sem...	1486	out_rcu_wakeup:
6d49dab8a Linus Torvalds ipc: move rcu_rea...	1487	rcu_read_unlock();
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	1488	wake_up_q(&wake_q);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1489	out_free:
239521f31 Manfred Spraul ipc: whitespace c...	1490	if (sem_io != fast_sem_io)
f8dbe8d29 Kees Cook ipc: drop non-RCU...	1491	kvfree(sem_io);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1492 1493	return err; }
016d7132f Pierre Peiffer IPC: get rid of t...	1494 1495	static inline unsigned long copy_semid_from_user(struct semid64_ds out, void __user buf, int version)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1496	{
239521f31 Manfred Spraul ipc: whitespace c...	1497	switch (version) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1498	case IPC_64:
016d7132f Pierre Peiffer IPC: get rid of t...	1499	if (copy_from_user(out, buf, sizeof(*out)))
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1500	return -EFAULT;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1501	return 0;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1502 1503 1504	case IPC_OLD: { struct semid_ds tbuf_old;
239521f31 Manfred Spraul ipc: whitespace c...	1505	if (copy_from_user(&tbuf_old, buf, sizeof(tbuf_old)))
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1506	return -EFAULT;
016d7132f Pierre Peiffer IPC: get rid of t...	1507 1508 1509	out->sem_perm.uid = tbuf_old.sem_perm.uid; out->sem_perm.gid = tbuf_old.sem_perm.gid; out->sem_perm.mode = tbuf_old.sem_perm.mode;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1510 1511 1512 1513 1514 1515 1516	return 0; } default: return -EINVAL; } }
522bb2a2b Pierre Peiffer IPC/semaphores: m...	1517	/*
d9a605e40 Davidlohr Bueso ipc: rename ids->...	1518	* This function handles some semctl commands which require the rwsem
522bb2a2b Pierre Peiffer IPC/semaphores: m...	1519	* to be held in write mode.
d9a605e40 Davidlohr Bueso ipc: rename ids->...	1520	* NOTE: no locks must be held, the rwsem is taken inside this function.
522bb2a2b Pierre Peiffer IPC/semaphores: m...	1521	*/
21a4826a7 Pierre Peiffer IPC/semaphores: r...	1522	static int semctl_down(struct ipc_namespace *ns, int semid,
45a4a64ab Al Viro semctl(): separat...	1523	int cmd, struct semid64_ds *semid64)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1524 1525 1526	{ struct sem_array *sma; int err;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1527	struct kern_ipc_perm *ipcp;
d9a605e40 Davidlohr Bueso ipc: rename ids->...	1528	down_write(&sem_ids(ns).rwsem);
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1529	rcu_read_lock();
4241c1a30 Manfred Spraul ipc: rename ipcct...	1530	ipcp = ipcctl_obtain_check(ns, &sem_ids(ns), semid, cmd,
45a4a64ab Al Viro semctl(): separat...	1531	&semid64->sem_perm, 0);
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1532 1533	if (IS_ERR(ipcp)) { err = PTR_ERR(ipcp);
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1534 1535	goto out_unlock1; }
073115d6b Steve Grubb [PATCH] Rework of...	1536
a5f75e7f2 Pierre Peiffer IPC: consolidate ...	1537	sma = container_of(ipcp, struct sem_array, sem_perm);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1538
aefad9593 Eric W. Biederman sem/security: Pas...	1539	err = security_sem_semctl(&sma->sem_perm, cmd);
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1540 1541	if (err) goto out_unlock1;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1542
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1543	switch (cmd) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1544	case IPC_RMID:
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1545	sem_lock(sma, NULL, -1);
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1546	/* freeary unlocks the ipc object and rcu */
01b8b07a5 Pierre Peiffer IPC: consolidate ...	1547	freeary(ns, ipcp);
522bb2a2b Pierre Peiffer IPC/semaphores: m...	1548	goto out_up;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1549	case IPC_SET:
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1550	sem_lock(sma, NULL, -1);
45a4a64ab Al Viro semctl(): separat...	1551	err = ipc_update_perm(&semid64->sem_perm, ipcp);
1efdb69b0 Eric W. Biederman userns: Convert i...	1552	if (err)
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1553	goto out_unlock0;
e54d02b23 Deepa Dinamani ipc: sem: Make se...	1554	sma->sem_ctime = ktime_get_real_seconds();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1555 1556	break; default:
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1557	err = -EINVAL;
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1558	goto out_unlock1;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1559	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1560
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1561	out_unlock0:
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1562	sem_unlock(sma, -1);
7b4cc5d84 Davidlohr Bueso ipc: move locking...	1563	out_unlock1:
6d49dab8a Linus Torvalds ipc: move rcu_rea...	1564	rcu_read_unlock();
522bb2a2b Pierre Peiffer IPC/semaphores: m...	1565	out_up:
d9a605e40 Davidlohr Bueso ipc: rename ids->...	1566	up_write(&sem_ids(ns).rwsem);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1567 1568	return err; }
275f22148 Arnd Bergmann ipc: rename old-s...	1569	static long ksys_semctl(int semid, int semnum, int cmd, unsigned long arg, int version)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1570	{
e38935341 Kirill Korotaev [PATCH] IPC names...	1571	struct ipc_namespace *ns;
e1fd1f490 Al Viro get rid of union ...	1572	void __user p = (void __user )arg;
45a4a64ab Al Viro semctl(): separat...	1573 1574	struct semid64_ds semid64; int err;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1575 1576 1577	if (semid < 0) return -EINVAL;
e38935341 Kirill Korotaev [PATCH] IPC names...	1578	ns = current->nsproxy->ipc_ns;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1579
239521f31 Manfred Spraul ipc: whitespace c...	1580	switch (cmd) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1581 1582	case IPC_INFO: case SEM_INFO:
45a4a64ab Al Viro semctl(): separat...	1583	return semctl_info(ns, semid, cmd, p);
4b9fcb0ec Pierre Peiffer IPC/semaphores: c...	1584	case IPC_STAT:
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1585	case SEM_STAT:
a280d6dc7 Davidlohr Bueso ipc/sem: introduc...	1586	case SEM_STAT_ANY:
45a4a64ab Al Viro semctl(): separat...	1587 1588 1589 1590 1591 1592	err = semctl_stat(ns, semid, cmd, &semid64); if (err < 0) return err; if (copy_semid_to_user(p, &semid64, version)) err = -EFAULT; return err;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1593 1594 1595 1596 1597	case GETALL: case GETVAL: case GETPID: case GETNCNT: case GETZCNT:
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1598	case SETALL:
e1fd1f490 Al Viro get rid of union ...	1599	return semctl_main(ns, semid, semnum, cmd, p);
45a4a64ab Al Viro semctl(): separat...	1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610	case SETVAL: { int val; #if defined(CONFIG_64BIT) && defined(__BIG_ENDIAN) /* big-endian 64bit / val = arg >> 32; #else / 32bit or little-endian 64bit */ val = arg; #endif return semctl_setval(ns, semid, semnum, val); }
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1611	case IPC_SET:
45a4a64ab Al Viro semctl(): separat...	1612 1613	if (copy_semid_from_user(&semid64, p, version)) return -EFAULT;
667da6a26 Mathieu Malaterre ipc: annotate imp...	1614	/* fall through */
45a4a64ab Al Viro semctl(): separat...	1615 1616	case IPC_RMID: return semctl_down(ns, semid, cmd, &semid64);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1617 1618 1619 1620	default: return -EINVAL; } }
d969c6fa7 Dominik Brodowski ipc: add semctl s...	1621 1622	SYSCALL_DEFINE4(semctl, int, semid, int, semnum, int, cmd, unsigned long, arg) {
275f22148 Arnd Bergmann ipc: rename old-s...	1623	return ksys_semctl(semid, semnum, cmd, arg, IPC_64);
d969c6fa7 Dominik Brodowski ipc: add semctl s...	1624	}
275f22148 Arnd Bergmann ipc: rename old-s...	1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637	#ifdef CONFIG_ARCH_WANT_IPC_PARSE_VERSION long ksys_old_semctl(int semid, int semnum, int cmd, unsigned long arg) { int version = ipc_parse_version(&cmd); return ksys_semctl(semid, semnum, cmd, arg, version); } SYSCALL_DEFINE4(old_semctl, int, semid, int, semnum, int, cmd, unsigned long, arg) { return ksys_old_semctl(semid, semnum, cmd, arg); } #endif
c0ebccb6f Al Viro semctl(): move co...	1638 1639 1640 1641	#ifdef CONFIG_COMPAT struct compat_semid_ds { struct compat_ipc_perm sem_perm;
9afc5eee6 Arnd Bergmann y2038: globally r...	1642 1643	old_time32_t sem_otime; old_time32_t sem_ctime;
c0ebccb6f Al Viro semctl(): move co...	1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655	compat_uptr_t sem_base; compat_uptr_t sem_pending; compat_uptr_t sem_pending_last; compat_uptr_t undo; unsigned short sem_nsems; }; static int copy_compat_semid_from_user(struct semid64_ds out, void __user buf, int version) { memset(out, 0, sizeof(*out)); if (version == IPC_64) {
6aa211e8c Linus Torvalds fix address space...	1656	struct compat_semid64_ds __user *p = buf;
c0ebccb6f Al Viro semctl(): move co...	1657 1658	return get_compat_ipc64_perm(&out->sem_perm, &p->sem_perm); } else {
6aa211e8c Linus Torvalds fix address space...	1659	struct compat_semid_ds __user *p = buf;
c0ebccb6f Al Viro semctl(): move co...	1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670	return get_compat_ipc_perm(&out->sem_perm, &p->sem_perm); } } static int copy_compat_semid_to_user(void __user buf, struct semid64_ds in, int version) { if (version == IPC_64) { struct compat_semid64_ds v; memset(&v, 0, sizeof(v)); to_compat_ipc64_perm(&v.sem_perm, &in->sem_perm);
c2ab975c3 Arnd Bergmann y2038: ipc: Repor...	1671 1672 1673 1674	v.sem_otime = lower_32_bits(in->sem_otime); v.sem_otime_high = upper_32_bits(in->sem_otime); v.sem_ctime = lower_32_bits(in->sem_ctime); v.sem_ctime_high = upper_32_bits(in->sem_ctime);
c0ebccb6f Al Viro semctl(): move co...	1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 1686	v.sem_nsems = in->sem_nsems; return copy_to_user(buf, &v, sizeof(v)); } else { struct compat_semid_ds v; memset(&v, 0, sizeof(v)); to_compat_ipc_perm(&v.sem_perm, &in->sem_perm); v.sem_otime = in->sem_otime; v.sem_ctime = in->sem_ctime; v.sem_nsems = in->sem_nsems; return copy_to_user(buf, &v, sizeof(v)); } }
275f22148 Arnd Bergmann ipc: rename old-s...	1687	static long compat_ksys_semctl(int semid, int semnum, int cmd, int arg, int version)
c0ebccb6f Al Viro semctl(): move co...	1688 1689 1690 1691	{ void __user p = compat_ptr(arg); struct ipc_namespace ns; struct semid64_ds semid64;
c0ebccb6f Al Viro semctl(): move co...	1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704	int err; ns = current->nsproxy->ipc_ns; if (semid < 0) return -EINVAL; switch (cmd & (~IPC_64)) { case IPC_INFO: case SEM_INFO: return semctl_info(ns, semid, cmd, p); case IPC_STAT: case SEM_STAT:
a280d6dc7 Davidlohr Bueso ipc/sem: introduc...	1705	case SEM_STAT_ANY:
c0ebccb6f Al Viro semctl(): move co...	1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718	err = semctl_stat(ns, semid, cmd, &semid64); if (err < 0) return err; if (copy_compat_semid_to_user(p, &semid64, version)) err = -EFAULT; return err; case GETVAL: case GETPID: case GETNCNT: case GETZCNT: case GETALL: case SETALL: return semctl_main(ns, semid, semnum, cmd, p);
e1fd1f490 Al Viro get rid of union ...	1719 1720	case SETVAL: return semctl_setval(ns, semid, semnum, arg);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1721	case IPC_SET:
c0ebccb6f Al Viro semctl(): move co...	1722 1723 1724 1725 1726	if (copy_compat_semid_from_user(&semid64, p, version)) return -EFAULT; /* fallthru */ case IPC_RMID: return semctl_down(ns, semid, cmd, &semid64);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1727 1728 1729 1730	default: return -EINVAL; } }
d969c6fa7 Dominik Brodowski ipc: add semctl s...	1731 1732 1733	COMPAT_SYSCALL_DEFINE4(semctl, int, semid, int, semnum, int, cmd, int, arg) {
275f22148 Arnd Bergmann ipc: rename old-s...	1734	return compat_ksys_semctl(semid, semnum, cmd, arg, IPC_64);
d969c6fa7 Dominik Brodowski ipc: add semctl s...	1735	}
275f22148 Arnd Bergmann ipc: rename old-s...	1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749	#ifdef CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION long compat_ksys_old_semctl(int semid, int semnum, int cmd, int arg) { int version = compat_ipc_parse_version(&cmd); return compat_ksys_semctl(semid, semnum, cmd, arg, version); } COMPAT_SYSCALL_DEFINE4(old_semctl, int, semid, int, semnum, int, cmd, int, arg) { return compat_ksys_old_semctl(semid, semnum, cmd, arg); } #endif
c0ebccb6f Al Viro semctl(): move co...	1750	#endif
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1751
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765	/* If the task doesn't already have a undo_list, then allocate one * here. We guarantee there is only one thread using this undo list, * and current is THE ONE * * If this allocation and assignment succeeds, but later * portions of this code fail, there is no need to free the sem_undo_list. * Just let it stay associated with the task, and it'll be freed later * at exit time. * * This can block, so callers must hold no locks. / static inline int get_undo_list(struct sem_undo_list undo_listp) { struct sem_undo_list undo_list;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1766 1767 1768	undo_list = current->sysvsem.undo_list; if (!undo_list) {
2453a3062 Matt Helsley [PATCH] ipc: repl...	1769	undo_list = kzalloc(sizeof(*undo_list), GFP_KERNEL);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1770 1771	if (undo_list == NULL) return -ENOMEM;
00a5dfdb9 Ingo Molnar [PATCH] Fix semun...	1772	spin_lock_init(&undo_list->lock);
f74370b86 Elena Reshetova ipc: convert sem_...	1773	refcount_set(&undo_list->refcnt, 1);
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1774	INIT_LIST_HEAD(&undo_list->list_proc);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1775 1776 1777 1778 1779	current->sysvsem.undo_list = undo_list; } *undo_listp = undo_list; return 0; }
bf17bb717 Nick Piggin ipc/sem.c: sem op...	1780	static struct sem_undo __lookup_undo(struct sem_undo_list ulp, int semid)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1781	{
bf17bb717 Nick Piggin ipc/sem.c: sem op...	1782	struct sem_undo *un;
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1783
984035ad7 Joel Fernandes (Google) ipc/sem.c: conver...	1784 1785	list_for_each_entry_rcu(un, &ulp->list_proc, list_proc, spin_is_locked(&ulp->lock)) {
bf17bb717 Nick Piggin ipc/sem.c: sem op...	1786 1787	if (un->semid == semid) return un;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1788	}
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1789	return NULL;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1790	}
bf17bb717 Nick Piggin ipc/sem.c: sem op...	1791 1792 1793	static struct sem_undo lookup_undo(struct sem_undo_list ulp, int semid) { struct sem_undo *un;
239521f31 Manfred Spraul ipc: whitespace c...	1794	assert_spin_locked(&ulp->lock);
bf17bb717 Nick Piggin ipc/sem.c: sem op...	1795 1796 1797 1798 1799 1800 1801 1802	un = __lookup_undo(ulp, semid); if (un) { list_del_rcu(&un->list_proc); list_add_rcu(&un->list_proc, &ulp->list_proc); } return un; }
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1803	/**
8001c8581 Davidlohr Bueso ipc: standardize ...	1804	* find_alloc_undo - lookup (and if not present create) undo array
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1805 1806 1807 1808 1809 1810	* @ns: namespace * @semid: semaphore array id * * The function looks up (and if not present creates) the undo structure. * The size of the undo structure depends on the size of the semaphore * array, thus the alloc path is not that straightforward.
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1811 1812	* Lifetime-rules: sem_undo is rcu-protected, on success, the function * performs a rcu_read_lock().
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1813 1814	/ static struct sem_undo find_alloc_undo(struct ipc_namespace *ns, int semid)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1815 1816 1817 1818	{ struct sem_array sma; struct sem_undo_list ulp; struct sem_undo un, new;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1819	int nsems, error;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1820 1821 1822 1823	error = get_undo_list(&ulp); if (error) return ERR_PTR(error);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1824	rcu_read_lock();
c530c6ac7 Pierre Peiffer IPC: cleanup some...	1825	spin_lock(&ulp->lock);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1826	un = lookup_undo(ulp, semid);
c530c6ac7 Pierre Peiffer IPC: cleanup some...	1827	spin_unlock(&ulp->lock);
239521f31 Manfred Spraul ipc: whitespace c...	1828	if (likely(un != NULL))
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1829 1830 1831	goto out; /* no undo structure around - allocate one. */
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1832	/* step 1: figure out the size of the semaphore array */
16df3674e Davidlohr Bueso ipc,sem: do not h...	1833 1834 1835	sma = sem_obtain_object_check(ns, semid); if (IS_ERR(sma)) { rcu_read_unlock();
4de85cd6d Julia Lawall ipc/sem.c: use ER...	1836	return ERR_CAST(sma);
16df3674e Davidlohr Bueso ipc,sem: do not h...	1837	}
023a53557 Nadia Derbey ipc: integrate ip...	1838
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1839	nsems = sma->sem_nsems;
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	1840	if (!ipc_rcu_getref(&sma->sem_perm)) {
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1841 1842 1843 1844	rcu_read_unlock(); un = ERR_PTR(-EIDRM); goto out; }
16df3674e Davidlohr Bueso ipc,sem: do not h...	1845	rcu_read_unlock();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1846
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1847	/* step 2: allocate new undo structure */
4668edc33 Burman Yan [PATCH] kernel co...	1848	new = kzalloc(sizeof(struct sem_undo) + sizeof(short)*nsems, GFP_KERNEL);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1849	if (!new) {
dba4cdd39 Manfred Spraul ipc: merge ipc_rc...	1850	ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1851 1852	return ERR_PTR(-ENOMEM); }
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1853
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1854	/* step 3: Acquire the lock on semaphore array */
4091fd942 Linus Torvalds ipc: move the rcu...	1855	rcu_read_lock();
6ff379721 Pierre Peiffer IPC/semaphores: c...	1856	sem_lock_and_putref(sma);
0f3d2b013 Rafael Aquini ipc: introduce ip...	1857	if (!ipc_valid_object(&sma->sem_perm)) {
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1858	sem_unlock(sma, -1);
6d49dab8a Linus Torvalds ipc: move rcu_rea...	1859	rcu_read_unlock();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1860 1861 1862 1863	kfree(new); un = ERR_PTR(-EIDRM); goto out; }
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1864 1865 1866 1867 1868 1869 1870 1871 1872 1873	spin_lock(&ulp->lock); /* * step 4: check for races: did someone else allocate the undo struct? */ un = lookup_undo(ulp, semid); if (un) { kfree(new); goto success; }
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1874 1875	/* step 5: initialize & link new undo structure / new->semadj = (short ) &new[1];
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1876	new->ulp = ulp;
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1877 1878	new->semid = semid; assert_spin_locked(&ulp->lock);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1879	list_add_rcu(&new->list_proc, &ulp->list_proc);
cf9d5d78d Davidlohr Bueso ipc: close open c...	1880	ipc_assert_locked_object(&sma->sem_perm);
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1881	list_add(&new->list_id, &sma->list_id);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1882	un = new;
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1883
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	1884	success:
c530c6ac7 Pierre Peiffer IPC: cleanup some...	1885	spin_unlock(&ulp->lock);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1886	sem_unlock(sma, -1);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1887 1888 1889	out: return un; }
44ee45467 Al Viro semtimedop(): mov...	1890	static long do_semtimedop(int semid, struct sembuf __user *tsops,
3ef56dc26 Deepa Dinamani ipc: Make sys_sem...	1891	unsigned nsops, const struct timespec64 *timeout)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1892 1893 1894 1895	{ int error = -EINVAL; struct sem_array *sma; struct sembuf fast_sops[SEMOPM_FAST];
239521f31 Manfred Spraul ipc: whitespace c...	1896	struct sembuf sops = fast_sops, sop;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1897	struct sem_undo *un;
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	1898 1899	int max, locknum; bool undos = false, alter = false, dupsop = false;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1900	struct sem_queue queue;
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	1901	unsigned long dup = 0, jiffies_left = 0;
e38935341 Kirill Korotaev [PATCH] IPC names...	1902 1903 1904	struct ipc_namespace *ns; ns = current->nsproxy->ipc_ns;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1905 1906 1907	if (nsops < 1 \|\| semid < 0) return -EINVAL;
e38935341 Kirill Korotaev [PATCH] IPC names...	1908	if (nsops > ns->sc_semopm)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1909	return -E2BIG;
239521f31 Manfred Spraul ipc: whitespace c...	1910	if (nsops > SEMOPM_FAST) {
344476e16 Kees Cook treewide: kvmallo...	1911	sops = kvmalloc_array(nsops, sizeof(*sops), GFP_KERNEL);
239521f31 Manfred Spraul ipc: whitespace c...	1912	if (sops == NULL)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1913 1914	return -ENOMEM; }
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	1915
239521f31 Manfred Spraul ipc: whitespace c...	1916 1917	if (copy_from_user(sops, tsops, nsops * sizeof(*tsops))) { error = -EFAULT;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1918 1919	goto out_free; }
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	1920
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1921	if (timeout) {
44ee45467 Al Viro semtimedop(): mov...	1922 1923	if (timeout->tv_sec < 0 \|\| timeout->tv_nsec < 0 \|\| timeout->tv_nsec >= 1000000000L) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1924 1925 1926	error = -EINVAL; goto out_free; }
3ef56dc26 Deepa Dinamani ipc: Make sys_sem...	1927	jiffies_left = timespec64_to_jiffies(timeout);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1928	}
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	1929
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1930 1931	max = 0; for (sop = sops; sop < sops + nsops; sop++) {
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	1932	unsigned long mask = 1ULL << ((sop->sem_num) % BITS_PER_LONG);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1933 1934 1935	if (sop->sem_num >= max) max = sop->sem_num; if (sop->sem_flg & SEM_UNDO)
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949	undos = true; if (dup & mask) { /* * There was a previous alter access that appears * to have accessed the same semaphore, thus use * the dupsop logic. "appears", because the detection * can only check % BITS_PER_LONG. */ dupsop = true; } if (sop->sem_op != 0) { alter = true; dup \|= mask; }
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1950	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1951
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1952	if (undos) {
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1953	/* On success, find_alloc_undo takes the rcu_read_lock */
4daa28f6d Manfred Spraul ipc/sem.c: conver...	1954	un = find_alloc_undo(ns, semid);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1955 1956 1957 1958	if (IS_ERR(un)) { error = PTR_ERR(un); goto out_free; }
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1959	} else {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1960	un = NULL;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1961 1962	rcu_read_lock(); }
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1963
16df3674e Davidlohr Bueso ipc,sem: do not h...	1964	sma = sem_obtain_object_check(ns, semid);
023a53557 Nadia Derbey ipc: integrate ip...	1965	if (IS_ERR(sma)) {
6062a8dc0 Rik van Riel ipc,sem: fine gra...	1966	rcu_read_unlock();
023a53557 Nadia Derbey ipc: integrate ip...	1967	error = PTR_ERR(sma);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	1968	goto out_free;
023a53557 Nadia Derbey ipc: integrate ip...	1969	}
16df3674e Davidlohr Bueso ipc,sem: do not h...	1970	error = -EFBIG;
248e7357c Davidlohr Bueso ipc/sem: do not c...	1971 1972 1973 1974	if (max >= sma->sem_nsems) { rcu_read_unlock(); goto out_free; }
16df3674e Davidlohr Bueso ipc,sem: do not h...	1975 1976	error = -EACCES;
248e7357c Davidlohr Bueso ipc/sem: do not c...	1977 1978 1979 1980	if (ipcperms(ns, &sma->sem_perm, alter ? S_IWUGO : S_IRUGO)) { rcu_read_unlock(); goto out_free; }
16df3674e Davidlohr Bueso ipc,sem: do not h...	1981
aefad9593 Eric W. Biederman sem/security: Pas...	1982	error = security_sem_semop(&sma->sem_perm, sops, nsops, alter);
248e7357c Davidlohr Bueso ipc/sem: do not c...	1983 1984 1985 1986	if (error) { rcu_read_unlock(); goto out_free; }
16df3674e Davidlohr Bueso ipc,sem: do not h...	1987
6e224f945 Manfred Spraul ipc/sem.c: synchr...	1988 1989	error = -EIDRM; locknum = sem_lock(sma, sops, nsops);
0f3d2b013 Rafael Aquini ipc: introduce ip...	1990 1991 1992 1993 1994 1995 1996 1997 1998	/* * We eventually might perform the following check in a lockless * fashion, considering ipc_valid_object() locking constraints. * If nsops == 1 and there is no contention for sem_perm.lock, then * only a per-semaphore lock is held and it's OK to proceed with the * check below. More details on the fine grained locking scheme * entangled here and why it's RMID race safe on comments at sem_lock() */ if (!ipc_valid_object(&sma->sem_perm))
6e224f945 Manfred Spraul ipc/sem.c: synchr...	1999	goto out_unlock_free;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2000	/*
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2001	* semid identifiers are not unique - find_alloc_undo may have
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2002	* allocated an undo structure, it was invalidated by an RMID
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2003	* and now a new array with received the same id. Check and fail.
25985edce Lucas De Marchi Fix common misspe...	2004	* This case can be detected checking un->semid. The existence of
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2005	* "un" itself is guaranteed by rcu.
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2006	*/
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2007 2008	if (un && un->semid == -1) goto out_unlock_free;
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2009
d198cd6d6 Manfred Spraul ipc/sem.c: change...	2010 2011 2012	queue.sops = sops; queue.nsops = nsops; queue.undo = un;
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	2013	queue.pid = task_tgid(current);
d198cd6d6 Manfred Spraul ipc/sem.c: change...	2014	queue.alter = alter;
4ce33ec2e Davidlohr Bueso ipc/sem: optimize...	2015	queue.dupsop = dupsop;
d198cd6d6 Manfred Spraul ipc/sem.c: change...	2016 2017	error = perform_atomic_semop(sma, &queue);
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	2018 2019 2020 2021 2022	if (error == 0) { /* non-blocking succesfull path / DEFINE_WAKE_Q(wake_q); / * If the operation was successful, then do
0e8c66569 Manfred Spraul ipc/sem.c: update...	2023 2024 2025	* the required updates. */ if (alter)
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	2026	do_smart_update(sma, sops, nsops, 1, &wake_q);
0e8c66569 Manfred Spraul ipc/sem.c: update...	2027 2028	else set_semotime(sma, sops);
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	2029 2030 2031 2032 2033 2034	sem_unlock(sma, locknum); rcu_read_unlock(); wake_up_q(&wake_q); goto out_free;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2035	}
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	2036	if (error < 0) /* non-blocking error path */
0e8c66569 Manfred Spraul ipc/sem.c: update...	2037	goto out_unlock_free;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2038
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	2039 2040	/* * We need to sleep on this operation, so we put the current
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2041 2042	* task into the pending queue and go to sleep. */
b97e820ff Manfred Spraul ipc/sem.c: add a ...	2043 2044	if (nsops == 1) { struct sem *curr;
ec67aaa46 Davidlohr Bueso sysvipc/sem: miti...	2045 2046	int idx = array_index_nospec(sops->sem_num, sma->sem_nsems); curr = &sma->sems[idx];
b97e820ff Manfred Spraul ipc/sem.c: add a ...	2047
f269f40ad Manfred Spraul ipc/sem.c: always...	2048 2049 2050 2051 2052 2053 2054 2055 2056 2057	if (alter) { if (sma->complex_count) { list_add_tail(&queue.list, &sma->pending_alter); } else { list_add_tail(&queue.list, &curr->pending_alter); } } else {
1a82e9e1d Manfred Spraul ipc/sem: separate...	2058	list_add_tail(&queue.list, &curr->pending_const);
f269f40ad Manfred Spraul ipc/sem.c: always...	2059	}
b97e820ff Manfred Spraul ipc/sem.c: add a ...	2060	} else {
f269f40ad Manfred Spraul ipc/sem.c: always...	2061 2062	if (!sma->complex_count) merge_queues(sma);
9f1bc2c90 Rik van Riel ipc,sem: have onl...	2063	if (alter)
1a82e9e1d Manfred Spraul ipc/sem: separate...	2064	list_add_tail(&queue.list, &sma->pending_alter);
9f1bc2c90 Rik van Riel ipc,sem: have onl...	2065	else
1a82e9e1d Manfred Spraul ipc/sem: separate...	2066	list_add_tail(&queue.list, &sma->pending_const);
b97e820ff Manfred Spraul ipc/sem.c: add a ...	2067 2068	sma->complex_count++; }
b5fa01a22 Davidlohr Bueso ipc/sem: simplify...	2069	do {
f075faa30 Davidlohr Bueso ipc/sem.c: preven...	2070	WRITE_ONCE(queue.status, -EINTR);
b5fa01a22 Davidlohr Bueso ipc/sem: simplify...	2071	queue.sleeper = current;
0b0577f60 Manfred Spraul ipc/sem.c: handle...	2072
b5fa01a22 Davidlohr Bueso ipc/sem: simplify...	2073 2074 2075	__set_current_state(TASK_INTERRUPTIBLE); sem_unlock(sma, locknum); rcu_read_unlock();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2076
b5fa01a22 Davidlohr Bueso ipc/sem: simplify...	2077 2078 2079 2080	if (timeout) jiffies_left = schedule_timeout(jiffies_left); else schedule();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2081
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	2082	/*
b5fa01a22 Davidlohr Bueso ipc/sem: simplify...	2083 2084 2085 2086 2087 2088 2089 2090 2091	* fastpath: the semop has completed, either successfully or * not, from the syscall pov, is quite irrelevant to us at this * point; we're done. * * We _do_ care, nonetheless, about being awoken by a signal or * spuriously. The queue.status is checked again in the * slowpath (aka after taking sem_lock), such that we can detect * scenarios where we were awakened externally, during the * window between wake_q_add() and wake_up_q().
c61284e99 Manfred Spraul ipc/sem.c: bugfix...	2092	*/
b5fa01a22 Davidlohr Bueso ipc/sem: simplify...	2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103	error = READ_ONCE(queue.status); if (error != -EINTR) { /* * User space could assume that semop() is a memory * barrier: Without the mb(), the cpu could * speculatively read in userspace stale data that was * overwritten by the previous owner of the semaphore. */ smp_mb(); goto out_free; }
d694ad62b Manfred Spraul ipc/sem.c: fix ra...	2104
b5fa01a22 Davidlohr Bueso ipc/sem: simplify...	2105	rcu_read_lock();
c626bc46e Manfred Spraul ipc/sem.c: fix in...	2106	locknum = sem_lock(sma, sops, nsops);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2107
370b262c8 Davidlohr Bueso ipc/sem: avoid id...	2108 2109 2110 2111	if (!ipc_valid_object(&sma->sem_perm)) goto out_unlock_free; error = READ_ONCE(queue.status);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2112
b5fa01a22 Davidlohr Bueso ipc/sem: simplify...	2113 2114 2115 2116 2117 2118	/* * If queue.status != -EINTR we are woken up by another process. * Leave without unlink_queue(), but with sem_unlock(). */ if (error != -EINTR) goto out_unlock_free;
0b0577f60 Manfred Spraul ipc/sem.c: handle...	2119
b5fa01a22 Davidlohr Bueso ipc/sem: simplify...	2120 2121 2122 2123 2124 2125	/* * If an interrupt occurred we have to clean up the queue. / if (timeout && jiffies_left == 0) error = -EAGAIN; } while (error == -EINTR && !signal_pending(current)); / spurious */
0b0577f60 Manfred Spraul ipc/sem.c: handle...	2126
b97e820ff Manfred Spraul ipc/sem.c: add a ...	2127	unlink_queue(sma, &queue);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2128 2129	out_unlock_free:
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2130	sem_unlock(sma, locknum);
6d49dab8a Linus Torvalds ipc: move rcu_rea...	2131	rcu_read_unlock();
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2132	out_free:
239521f31 Manfred Spraul ipc: whitespace c...	2133	if (sops != fast_sops)
e4243b806 Davidlohr Bueso ipc/sem: play nic...	2134	kvfree(sops);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2135 2136	return error; }
41f4f0e2f Dominik Brodowski ipc: add semtimed...	2137	long ksys_semtimedop(int semid, struct sembuf __user *tsops,
21fc538d8 Arnd Bergmann y2038: ipc: Use _...	2138	unsigned int nsops, const struct __kernel_timespec __user *timeout)
44ee45467 Al Viro semtimedop(): mov...	2139 2140	{ if (timeout) {
3ef56dc26 Deepa Dinamani ipc: Make sys_sem...	2141 2142	struct timespec64 ts; if (get_timespec64(&ts, timeout))
44ee45467 Al Viro semtimedop(): mov...	2143 2144 2145 2146 2147	return -EFAULT; return do_semtimedop(semid, tsops, nsops, &ts); } return do_semtimedop(semid, tsops, nsops, NULL); }
41f4f0e2f Dominik Brodowski ipc: add semtimed...	2148	SYSCALL_DEFINE4(semtimedop, int, semid, struct sembuf __user *, tsops,
21fc538d8 Arnd Bergmann y2038: ipc: Use _...	2149	unsigned int, nsops, const struct __kernel_timespec __user *, timeout)
41f4f0e2f Dominik Brodowski ipc: add semtimed...	2150 2151 2152	{ return ksys_semtimedop(semid, tsops, nsops, timeout); }
b0d175781 Arnd Bergmann y2038: ipc: Enabl...	2153	#ifdef CONFIG_COMPAT_32BIT_TIME
41f4f0e2f Dominik Brodowski ipc: add semtimed...	2154 2155	long compat_ksys_semtimedop(int semid, struct sembuf __user *tsems, unsigned int nsops,
9afc5eee6 Arnd Bergmann y2038: globally r...	2156	const struct old_timespec32 __user *timeout)
44ee45467 Al Viro semtimedop(): mov...	2157 2158	{ if (timeout) {
3ef56dc26 Deepa Dinamani ipc: Make sys_sem...	2159	struct timespec64 ts;
9afc5eee6 Arnd Bergmann y2038: globally r...	2160	if (get_old_timespec32(&ts, timeout))
44ee45467 Al Viro semtimedop(): mov...	2161 2162 2163 2164 2165	return -EFAULT; return do_semtimedop(semid, tsems, nsops, &ts); } return do_semtimedop(semid, tsems, nsops, NULL); }
41f4f0e2f Dominik Brodowski ipc: add semtimed...	2166
8dabe7245 Arnd Bergmann y2038: syscalls: ...	2167	SYSCALL_DEFINE4(semtimedop_time32, int, semid, struct sembuf __user *, tsems,
41f4f0e2f Dominik Brodowski ipc: add semtimed...	2168	unsigned int, nsops,
9afc5eee6 Arnd Bergmann y2038: globally r...	2169	const struct old_timespec32 __user *, timeout)
41f4f0e2f Dominik Brodowski ipc: add semtimed...	2170 2171 2172	{ return compat_ksys_semtimedop(semid, tsems, nsops, timeout); }
44ee45467 Al Viro semtimedop(): mov...	2173	#endif
d5460c997 Heiko Carstens [CVE-2009-0029] S...	2174 2175	SYSCALL_DEFINE3(semop, int, semid, struct sembuf __user *, tsops, unsigned, nsops)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2176	{
44ee45467 Al Viro semtimedop(): mov...	2177	return do_semtimedop(semid, tsops, nsops, NULL);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2178 2179 2180 2181	} /* If CLONE_SYSVSEM is set, establish sharing of SEM_UNDO state between * parent and child tasks.
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2182 2183 2184 2185 2186 2187 2188 2189 2190 2191 2192	/ int copy_semundo(unsigned long clone_flags, struct task_struct tsk) { struct sem_undo_list *undo_list; int error; if (clone_flags & CLONE_SYSVSEM) { error = get_undo_list(&undo_list); if (error) return error;
f74370b86 Elena Reshetova ipc: convert sem_...	2193	refcount_inc(&undo_list->refcnt);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2194	tsk->sysvsem.undo_list = undo_list;
46c0a8ca3 Paul McQuade ipc, kernel: clea...	2195	} else
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2196 2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207 2208 2209 2210 2211 2212 2213 2214	tsk->sysvsem.undo_list = NULL; return 0; } /* * add semadj values to semaphores, free undo structures. * undo structures are not freed when semaphore arrays are destroyed * so some of them may be out of date. * IMPLEMENTATION NOTE: There is some confusion over whether the * set of adjustments that needs to be done should be done in an atomic * manner or not. That is, if we are attempting to decrement the semval * should we queue up and wait until we can do so legally? * The original implementation attempted to do this (queue and wait). * The current implementation does not do so. The POSIX standard * and SVID should be consulted to determine what behavior is mandated. / void exit_sem(struct task_struct tsk) {
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2215	struct sem_undo_list *ulp;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2216
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2217 2218	ulp = tsk->sysvsem.undo_list; if (!ulp)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2219	return;
9edff4ab1 Manfred Spraul ipc: sysvsem: imp...	2220	tsk->sysvsem.undo_list = NULL;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2221
f74370b86 Elena Reshetova ipc: convert sem_...	2222	if (!refcount_dec_and_test(&ulp->refcnt))
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2223	return;
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2224	for (;;) {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2225	struct sem_array *sma;
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2226	struct sem_undo *un;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2227	int semid, i;
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	2228	DEFINE_WAKE_Q(wake_q);
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2229
2a1613a58 Nikolay Borisov ipc/sem.c: add co...	2230	cond_resched();
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2231	rcu_read_lock();
05725f7eb Jiri Pirko rculist: use list...	2232 2233	un = list_entry_rcu(ulp->list_proc.next, struct sem_undo, list_proc);
602b8593d Herton R. Krzesinski ipc,sem: fix use ...	2234 2235 2236 2237 2238 2239 2240	if (&un->list_proc == &ulp->list_proc) { /* * We must wait for freeary() before freeing this ulp, * in case we raced with last sem_undo. There is a small * possibility where we exit while freeary() didn't * finish unlocking sem_undo_list. */
e0892e086 Paul E. McKenney ipc: Replace spin...	2241 2242	spin_lock(&ulp->lock); spin_unlock(&ulp->lock);
602b8593d Herton R. Krzesinski ipc,sem: fix use ...	2243 2244 2245 2246 2247 2248	rcu_read_unlock(); break; } spin_lock(&ulp->lock); semid = un->semid; spin_unlock(&ulp->lock);
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2249
602b8593d Herton R. Krzesinski ipc,sem: fix use ...	2250	/* exit_sem raced with IPC_RMID, nothing to do */
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2251 2252	if (semid == -1) { rcu_read_unlock();
602b8593d Herton R. Krzesinski ipc,sem: fix use ...	2253	continue;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2254	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2255
602b8593d Herton R. Krzesinski ipc,sem: fix use ...	2256	sma = sem_obtain_object_check(tsk->nsproxy->ipc_ns, semid);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2257	/* exit_sem raced with IPC_RMID, nothing to do */
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2258 2259	if (IS_ERR(sma)) { rcu_read_unlock();
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2260	continue;
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2261	}
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2262
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2263	sem_lock(sma, NULL, -1);
6e224f945 Manfred Spraul ipc/sem.c: synchr...	2264	/* exit_sem raced with IPC_RMID, nothing to do */
0f3d2b013 Rafael Aquini ipc: introduce ip...	2265	if (!ipc_valid_object(&sma->sem_perm)) {
6e224f945 Manfred Spraul ipc/sem.c: synchr...	2266 2267 2268 2269	sem_unlock(sma, -1); rcu_read_unlock(); continue; }
bf17bb717 Nick Piggin ipc/sem.c: sem op...	2270	un = __lookup_undo(ulp, semid);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2271 2272 2273 2274	if (un == NULL) { /* exit_sem raced with IPC_RMID+semget() that created * exactly the same semid. Nothing to do. */
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2275	sem_unlock(sma, -1);
6d49dab8a Linus Torvalds ipc: move rcu_rea...	2276	rcu_read_unlock();
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2277 2278 2279 2280	continue; } /* remove un from the linked lists */
cf9d5d78d Davidlohr Bueso ipc: close open c...	2281	ipc_assert_locked_object(&sma->sem_perm);
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2282	list_del(&un->list_id);
aa4f749f8 Ioanna Alifieraki Revert "ipc,sem: ...	2283	spin_lock(&ulp->lock);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2284	list_del_rcu(&un->list_proc);
aa4f749f8 Ioanna Alifieraki Revert "ipc,sem: ...	2285	spin_unlock(&ulp->lock);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2286
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2287 2288	/* perform adjustments registered in un */ for (i = 0; i < sma->sem_nsems; i++) {
1a2339567 Manfred Spraul ipc/sem.c: remove...	2289	struct sem *semaphore = &sma->sems[i];
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2290 2291	if (un->semadj[i]) { semaphore->semval += un->semadj[i];
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2292 2293 2294 2295 2296 2297 2298 2299 2300 2301 2302	/* * Range checks of the new semaphore value, * not defined by sus: * - Some unices ignore the undo entirely * (e.g. HP UX 11i 11.22, Tru64 V5.1) * - some cap the value (e.g. FreeBSD caps * at 0, but doesn't enforce SEMVMX) * * Linux caps the semaphore value, both at 0 * and at SEMVMX. *
239521f31 Manfred Spraul ipc: whitespace c...	2303	* Manfred <manfred@colorfullife.com>
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2304	*/
5f921ae96 Ingo Molnar [PATCH] sem2mutex...	2305 2306 2307 2308	if (semaphore->semval < 0) semaphore->semval = 0; if (semaphore->semval > SEMVMX) semaphore->semval = SEMVMX;
51d6f2635 Eric W. Biederman ipc/sem: Fix semc...	2309	ipc_update_pid(&semaphore->sempid, task_tgid(current));
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2310 2311	} }
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2312	/* maybe some queued-up processes were waiting for this */
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	2313	do_smart_update(sma, NULL, 0, 1, &wake_q);
6062a8dc0 Rik van Riel ipc,sem: fine gra...	2314	sem_unlock(sma, -1);
6d49dab8a Linus Torvalds ipc: move rcu_rea...	2315	rcu_read_unlock();
9ae949fa3 Davidlohr Bueso ipc/sem: rework t...	2316	wake_up_q(&wake_q);
380af1b33 Manfred Spraul ipc/sem.c: rewrit...	2317
693a8b6ee Lai Jiangshan ipc,rcu: Convert ...	2318	kfree_rcu(un, rcu);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2319	}
4daa28f6d Manfred Spraul ipc/sem.c: conver...	2320	kfree(ulp);
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2321 2322 2323	} #ifdef CONFIG_PROC_FS
19b4946ca Mike Waychison [PATCH] ipc: conv...	2324	static int sysvipc_sem_proc_show(struct seq_file s, void it)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2325	{
1efdb69b0 Eric W. Biederman userns: Convert i...	2326	struct user_namespace *user_ns = seq_user_ns(s);
ade9f91b3 Kees Cook ipc: add missing ...	2327 2328	struct kern_ipc_perm ipcp = it; struct sem_array sma = container_of(ipcp, struct sem_array, sem_perm);
e54d02b23 Deepa Dinamani ipc: sem: Make se...	2329	time64_t sem_otime;
d12e1e50e Manfred Spraul ipc/sem.c: replac...	2330
d8c633766 Manfred Spraul ipc/sem.c: synchr...	2331 2332 2333	/* * The proc interface isn't aware of sem_lock(), it calls * ipc_lock_object() directly (in sysvipc_find_ipc).
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	2334 2335	* In order to stay compatible with sem_lock(), we must * enter / leave complex_mode.
d8c633766 Manfred Spraul ipc/sem.c: synchr...	2336	*/
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	2337	complexmode_enter(sma);
d8c633766 Manfred Spraul ipc/sem.c: synchr...	2338
d12e1e50e Manfred Spraul ipc/sem.c: replac...	2339	sem_otime = get_semotime(sma);
19b4946ca Mike Waychison [PATCH] ipc: conv...	2340
7f032d6ef Joe Perches ipc: remove use o...	2341	seq_printf(s,
e54d02b23 Deepa Dinamani ipc: sem: Make se...	2342 2343	"%10d %10d %4o %10u %5u %5u %5u %5u %10llu %10llu ",
7f032d6ef Joe Perches ipc: remove use o...	2344 2345 2346 2347 2348 2349 2350 2351 2352 2353	sma->sem_perm.key, sma->sem_perm.id, sma->sem_perm.mode, sma->sem_nsems, from_kuid_munged(user_ns, sma->sem_perm.uid), from_kgid_munged(user_ns, sma->sem_perm.gid), from_kuid_munged(user_ns, sma->sem_perm.cuid), from_kgid_munged(user_ns, sma->sem_perm.cgid), sem_otime, sma->sem_ctime);
5864a2fd3 Manfred Spraul ipc/sem.c: fix co...	2354	complexmode_tryleave(sma);
7f032d6ef Joe Perches ipc: remove use o...	2355	return 0;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	2356 2357	} #endif