aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaul Mundt <lethal@linux-sh.org>2007-11-21 04:06:34 -0500
committerPaul Mundt <lethal@linux-sh.org>2008-01-27 23:18:53 -0500
commit0f2c15cecee0ff00e4bfa91dd20b33ccd9285360 (patch)
treed7f14804ae86dcc59f70e4fa5fba2d14cd2216ee
parent1e1ed39faec635b109ff8c516377310600623674 (diff)
sh: Add onchip remap prototypes, kill old sh64 io.h.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Diffstat
-rw-r--r--include/asm-sh/io.h17
-rw-r--r--include/asm-sh64/io.h196
2 files changed, 16 insertions, 197 deletions
diff --git a/include/asm-sh/io.h b/include/asm-sh/io.h
index 74305edceeeb..a4e5f5573eee 100644
--- a/include/asm-sh/io.h
+++ b/include/asm-sh/io.h
@@ -191,6 +191,8 @@ __BUILD_MEMORY_STRING(w, u16)
191 191
192#define mmiowb() wmb() /* synco on SH-4A, otherwise a nop */ 192#define mmiowb() wmb() /* synco on SH-4A, otherwise a nop */
193 193
194#define IO_SPACE_LIMIT 0xffffffff
195
194/* 196/*
195 * This function provides a method for the generic case where a board-specific 197 * This function provides a method for the generic case where a board-specific
196 * ioport_map simply needs to return the port + some arbitrary port base. 198 * ioport_map simply needs to return the port + some arbitrary port base.
@@ -226,6 +228,11 @@ static inline unsigned int ctrl_inl(unsigned long addr)
226 return *(volatile unsigned long*)addr; 228 return *(volatile unsigned long*)addr;
227} 229}
228 230
231static inline unsigned long long ctrl_inq(unsigned long addr)
232{
233 return *(volatile unsigned long long*)addr;
234}
235
229static inline void ctrl_outb(unsigned char b, unsigned long addr) 236static inline void ctrl_outb(unsigned char b, unsigned long addr)
230{ 237{
231 *(volatile unsigned char*)addr = b; 238 *(volatile unsigned char*)addr = b;
@@ -241,6 +248,11 @@ static inline void ctrl_outl(unsigned int b, unsigned long addr)
241 *(volatile unsigned long*)addr = b; 248 *(volatile unsigned long*)addr = b;
242} 249}
243 250
251static inline void ctrl_outq(unsigned long long b, unsigned long addr)
252{
253 *(volatile unsigned long long*)addr = b;
254}
255
244static inline void ctrl_delay(void) 256static inline void ctrl_delay(void)
245{ 257{
246#ifdef P2SEG 258#ifdef P2SEG
@@ -253,7 +265,10 @@ unsigned long long peek_real_address_q(unsigned long long addr);
253unsigned long long poke_real_address_q(unsigned long long addr, 265unsigned long long poke_real_address_q(unsigned long long addr,
254 unsigned long long val); 266 unsigned long long val);
255 267
256#define IO_SPACE_LIMIT 0xffffffff 268/* arch/sh/mm/ioremap_64.c */
269unsigned long onchip_remap(unsigned long addr, unsigned long size,
270 const char *name);
271extern void onchip_unmap(unsigned long vaddr);
257 272
258#if !defined(CONFIG_MMU) 273#if !defined(CONFIG_MMU)
259#define virt_to_phys(address) ((unsigned long)(address)) 274#define virt_to_phys(address) ((unsigned long)(address))
diff --git a/include/asm-sh64/io.h b/include/asm-sh64/io.h
deleted file mode 100644
index 7bd7314d38c2..000000000000
--- a/include/asm-sh64/io.h
+++ /dev/null
@@ -1,196 +0,0 @@
1#ifndef __ASM_SH64_IO_H
2#define __ASM_SH64_IO_H
3
4/*
5 * This file is subject to the terms and conditions of the GNU General Public
6 * License. See the file "COPYING" in the main directory of this archive
7 * for more details.
8 *
9 * include/asm-sh64/io.h
10 *
11 * Copyright (C) 2000, 2001 Paolo Alberelli
12 * Copyright (C) 2003 Paul Mundt
13 *
14 */
15
16/*
17 * Convention:
18 * read{b,w,l}/write{b,w,l} are for PCI,
19 * while in{b,w,l}/out{b,w,l} are for ISA
20 * These may (will) be platform specific function.
21 *
22 * In addition, we have
23 * ctrl_in{b,w,l}/ctrl_out{b,w,l} for SuperH specific I/O.
24 * which are processor specific. Address should be the result of
25 * onchip_remap();
26 */
27
28#include <linux/compiler.h>
29#include <asm/cache.h>
30#include <asm/system.h>
31#include <asm/page.h>
32#include <asm-generic/iomap.h>
33
34/*
35 * Nothing overly special here.. instead of doing the same thing
36 * over and over again, we just define a set of sh64_in/out functions
37 * with an implicit size. The traditional read{b,w,l}/write{b,w,l}
38 * mess is wrapped to this, as are the SH-specific ctrl_in/out routines.
39 */
40static inline unsigned char sh64_in8(const volatile void __iomem *addr)
41{
42 return *(volatile unsigned char __force *)addr;
43}
44
45static inline unsigned short sh64_in16(const volatile void __iomem *addr)
46{
47 return *(volatile unsigned short __force *)addr;
48}
49
50static inline unsigned int sh64_in32(const volatile void __iomem *addr)
51{
52 return *(volatile unsigned int __force *)addr;
53}
54
55static inline unsigned long long sh64_in64(const volatile void __iomem *addr)
56{
57 return *(volatile unsigned long long __force *)addr;
58}
59
60static inline void sh64_out8(unsigned char b, volatile void __iomem *addr)
61{
62 *(volatile unsigned char __force *)addr = b;
63 wmb();
64}
65
66static inline void sh64_out16(unsigned short b, volatile void __iomem *addr)
67{
68 *(volatile unsigned short __force *)addr = b;
69 wmb();
70}
71
72static inline void sh64_out32(unsigned int b, volatile void __iomem *addr)
73{
74 *(volatile unsigned int __force *)addr = b;
75 wmb();
76}
77
78static inline void sh64_out64(unsigned long long b, volatile void __iomem *addr)
79{
80 *(volatile unsigned long long __force *)addr = b;
81 wmb();
82}
83
84#define readb(addr) sh64_in8(addr)
85#define readw(addr) sh64_in16(addr)
86#define readl(addr) sh64_in32(addr)
87#define readb_relaxed(addr) sh64_in8(addr)
88#define readw_relaxed(addr) sh64_in16(addr)
89#define readl_relaxed(addr) sh64_in32(addr)
90
91#define writeb(b, addr) sh64_out8(b, addr)
92#define writew(b, addr) sh64_out16(b, addr)
93#define writel(b, addr) sh64_out32(b, addr)
94
95#define ctrl_inb(addr) sh64_in8(ioport_map(addr, 1))
96#define ctrl_inw(addr) sh64_in16(ioport_map(addr, 2))
97#define ctrl_inl(addr) sh64_in32(ioport_map(addr, 4))
98
99#define ctrl_outb(b, addr) sh64_out8(b, ioport_map(addr, 1))
100#define ctrl_outw(b, addr) sh64_out16(b, ioport_map(addr, 2))
101#define ctrl_outl(b, addr) sh64_out32(b, ioport_map(addr, 4))
102
103#define ioread8(addr) sh64_in8(addr)
104#define ioread16(addr) sh64_in16(addr)
105#define ioread32(addr) sh64_in32(addr)
106#define iowrite8(b, addr) sh64_out8(b, addr)
107#define iowrite16(b, addr) sh64_out16(b, addr)
108#define iowrite32(b, addr) sh64_out32(b, addr)
109
110#define inb(addr) ctrl_inb(addr)
111#define inw(addr) ctrl_inw(addr)
112#define inl(addr) ctrl_inl(addr)
113#define outb(b, addr) ctrl_outb(b, addr)
114#define outw(b, addr) ctrl_outw(b, addr)
115#define outl(b, addr) ctrl_outl(b, addr)
116
117void outsw(unsigned long port, const void *addr, unsigned long count);
118void insw(unsigned long port, void *addr, unsigned long count);
119void outsl(unsigned long port, const void *addr, unsigned long count);
120void insl(unsigned long port, void *addr, unsigned long count);
121
122#define inb_p(addr) inb(addr)
123#define inw_p(addr) inw(addr)
124#define inl_p(addr) inl(addr)
125#define outb_p(x,addr) outb(x,addr)
126#define outw_p(x,addr) outw(x,addr)
127#define outl_p(x,addr) outl(x,addr)
128
129#define __raw_readb readb
130#define __raw_readw readw
131#define __raw_readl readl
132#define __raw_writeb writeb
133#define __raw_writew writew
134#define __raw_writel writel
135
136void memcpy_toio(void __iomem *to, const void *from, long count);
137void memcpy_fromio(void *to, void __iomem *from, long count);
138
139#define mmiowb()
140
141#ifdef __KERNEL__
142
143#ifdef CONFIG_SH_CAYMAN
144extern unsigned long smsc_superio_virt;
145#endif
146#ifdef CONFIG_PCI
147extern unsigned long pciio_virt;
148#endif
149
150#define IO_SPACE_LIMIT 0xffffffff
151
152/*
153 * Change virtual addresses to physical addresses and vv.
154 * These are trivial on the 1:1 Linux/SuperH mapping
155 */
156static inline unsigned long virt_to_phys(volatile void * address)
157{
158 return __pa(address);
159}
160
161static inline void * phys_to_virt(unsigned long address)
162{
163 return __va(address);
164}
165
166extern void * __ioremap(unsigned long phys_addr, unsigned long size,
167 unsigned long flags);
168
169static inline void * ioremap(unsigned long phys_addr, unsigned long size)
170{
171 return __ioremap(phys_addr, size, 1);
172}
173
174static inline void * ioremap_nocache (unsigned long phys_addr, unsigned long size)
175{
176 return __ioremap(phys_addr, size, 0);
177}
178
179extern void iounmap(void *addr);
180
181unsigned long onchip_remap(unsigned long addr, unsigned long size, const char* name);
182extern void onchip_unmap(unsigned long vaddr);
183
184/*
185 * Convert a physical pointer to a virtual kernel pointer for /dev/mem
186 * access
187 */
188#define xlate_dev_mem_ptr(p) __va(p)
189
190/*
191 * Convert a virtual cached pointer to an uncached pointer
192 */
193#define xlate_dev_kmem_ptr(p) p
194
195#endif /* __KERNEL__ */
196#endif /* __ASM_SH64_IO_H */
generated by cgit v1.2.2 (git 2.25.0) at 2025-04-11 00:20:27 -0400
kwa">if (ret != 0) return ret; sfd->vm_ops = vma->vm_ops; #ifdef CONFIG_MMU BUG_ON(!sfd->vm_ops->fault); #endif vma->vm_ops = &shm_vm_ops; shm_open(vma); return ret; } static int shm_release(struct inode *ino, struct file *file) { struct shm_file_data *sfd = shm_file_data(file); put_ipc_ns(sfd->ns); shm_file_data(file) = NULL; kfree(sfd); return 0; } static int shm_fsync(struct file *file, struct dentry *dentry, int datasync) { int (*fsync) (struct file *, struct dentry *, int datasync); struct shm_file_data *sfd = shm_file_data(file); int ret = -EINVAL; fsync = sfd->file->f_op->fsync; if (fsync) ret = fsync(sfd->file, sfd->file->f_path.dentry, datasync); return ret; } static unsigned long shm_get_unmapped_area(struct file *file, unsigned long addr, unsigned long len, unsigned long pgoff, unsigned long flags) { struct shm_file_data *sfd = shm_file_data(file); return get_unmapped_area(sfd->file, addr, len, pgoff, flags); } int is_file_shm_hugepages(struct file *file) { int ret = 0; if (file->f_op == &shm_file_operations) { struct shm_file_data *sfd; sfd = shm_file_data(file); ret = is_file_hugepages(sfd->file); } return ret; } static const struct file_operations shm_file_operations = { .mmap = shm_mmap, .fsync = shm_fsync, .release = shm_release, .get_unmapped_area = shm_get_unmapped_area, }; static struct vm_operations_struct shm_vm_ops = { .open = shm_open, /* callback for a new vm-area open */ .close = shm_close, /* callback for when the vm-area is released */ .fault = shm_fault, #if defined(CONFIG_NUMA) .set_policy = shm_set_policy, .get_policy = shm_get_policy, #endif }; /** * newseg - Create a new shared memory segment * @ns: namespace * @params: ptr to the structure that contains key, size and shmflg * * Called with shm_ids.rw_mutex held as a writer. */ static int newseg(struct ipc_namespace *ns, struct ipc_params *params) { key_t key = params->key; int shmflg = params->flg; size_t size = params->u.size; int error; struct shmid_kernel *shp; int numpages = (size + PAGE_SIZE -1) >> PAGE_SHIFT; struct file * file; char name[13]; int id; if (size < SHMMIN || size > ns->shm_ctlmax) return -EINVAL; if (ns->shm_tot + numpages > ns->shm_ctlall) return -ENOSPC; shp = ipc_rcu_alloc(sizeof(*shp)); if (!shp) return -ENOMEM; shp->shm_perm.key = key; shp->shm_perm.mode = (shmflg & S_IRWXUGO); shp->mlock_user = NULL; shp->shm_perm.security = NULL; error = security_shm_alloc(shp); if (error) { ipc_rcu_putref(shp); return error; } sprintf (name, "SYSV%08x", key); if (shmflg & SHM_HUGETLB) { /* hugetlb_file_setup takes care of mlock user accounting */ file = hugetlb_file_setup(name, size); shp->mlock_user = current->user; } else { int acctflag = VM_ACCOUNT; /* * Do not allow no accounting for OVERCOMMIT_NEVER, even * if it's asked for. */ if ((shmflg & SHM_NORESERVE) && sysctl_overcommit_memory != OVERCOMMIT_NEVER) acctflag = 0; file = shmem_file_setup(name, size, acctflag); } error = PTR_ERR(file); if (IS_ERR(file)) goto no_file; id = shm_addid(ns, shp); if (id < 0) { error = id; goto no_id; } shp->shm_cprid = task_tgid_vnr(current); shp->shm_lprid = 0; shp->shm_atim = shp->shm_dtim = 0; shp->shm_ctim = get_seconds(); shp->shm_segsz = size; shp->shm_nattch = 0; shp->shm_perm.id = shm_buildid(id, shp->shm_perm.seq); shp->shm_file = file; /* * shmid gets reported as "inode#" in /proc/pid/maps. * proc-ps tools use this. Changing this will break them. */ file->f_dentry->d_inode->i_ino = shp->shm_perm.id; ns->shm_tot += numpages; error = shp->shm_perm.id; shm_unlock(shp); return error; no_id: fput(file); no_file: security_shm_free(shp); ipc_rcu_putref(shp); return error; } /* * Called with shm_ids.rw_mutex and ipcp locked. */ static inline int shm_security(struct kern_ipc_perm *ipcp, int shmflg) { struct shmid_kernel *shp; shp = container_of(ipcp, struct shmid_kernel, shm_perm); return security_shm_associate(shp, shmflg); } /* * Called with shm_ids.rw_mutex and ipcp locked. */ static inline int shm_more_checks(struct kern_ipc_perm *ipcp, struct ipc_params *params) { struct shmid_kernel *shp; shp = container_of(ipcp, struct shmid_kernel, shm_perm); if (shp->shm_segsz < params->u.size) return -EINVAL; return 0; } asmlinkage long sys_shmget (key_t key, size_t size, int shmflg) { struct ipc_namespace *ns; struct ipc_ops shm_ops; struct ipc_params shm_params; ns = current->nsproxy->ipc_ns; shm_ops.getnew = newseg; shm_ops.associate = shm_security; shm_ops.more_checks = shm_more_checks; shm_params.key = key; shm_params.flg = shmflg; shm_params.u.size = size; return ipcget(ns, &shm_ids(ns), &shm_ops, &shm_params); } static inline unsigned long copy_shmid_to_user(void __user *buf, struct shmid64_ds *in, int version) { switch(version) { case IPC_64: return copy_to_user(buf, in, sizeof(*in)); case IPC_OLD: { struct shmid_ds out; ipc64_perm_to_ipc_perm(&in->shm_perm, &out.shm_perm); out.shm_segsz = in->shm_segsz; out.shm_atime = in->shm_atime; out.shm_dtime = in->shm_dtime; out.shm_ctime = in->shm_ctime; out.shm_cpid = in->shm_cpid; out.shm_lpid = in->shm_lpid; out.shm_nattch = in->shm_nattch; return copy_to_user(buf, &out, sizeof(out)); } default: return -EINVAL; } } struct shm_setbuf { uid_t uid; gid_t gid; mode_t mode; }; static inline unsigned long copy_shmid_from_user(struct shm_setbuf *out, void __user *buf, int version) { switch(version) { case IPC_64: { struct shmid64_ds tbuf; if (copy_from_user(&tbuf, buf, sizeof(tbuf))) return -EFAULT; out->uid = tbuf.shm_perm.uid; out->gid = tbuf.shm_perm.gid; out->mode = tbuf.shm_perm.mode; return 0; } case IPC_OLD: { struct shmid_ds tbuf_old; if (copy_from_user(&tbuf_old, buf, sizeof(tbuf_old))) return -EFAULT; out->uid = tbuf_old.shm_perm.uid; out->gid = tbuf_old.shm_perm.gid; out->mode = tbuf_old.shm_perm.mode; return 0; } default: return -EINVAL; } } static inline unsigned long copy_shminfo_to_user(void __user *buf, struct shminfo64 *in, int version) { switch(version) { case IPC_64: return copy_to_user(buf, in, sizeof(*in)); case IPC_OLD: { struct shminfo out; if(in->shmmax > INT_MAX) out.shmmax = INT_MAX; else out.shmmax = (int)in->shmmax; out.shmmin = in->shmmin; out.shmmni = in->shmmni; out.shmseg = in->shmseg; out.shmall = in->shmall; return copy_to_user(buf, &out, sizeof(out)); } default: return -EINVAL; } } /* * Called with shm_ids.rw_mutex held as a reader */ static void shm_get_stat(struct ipc_namespace *ns, unsigned long *rss, unsigned long *swp) { int next_id; int total, in_use; *rss = 0; *swp = 0; in_use = shm_ids(ns).in_use; for (total = 0, next_id = 0; total < in_use; next_id++) { struct shmid_kernel *shp; struct inode *inode; shp = idr_find(&shm_ids(ns).ipcs_idr, next_id); if (shp == NULL) continue; inode = shp->shm_file->f_path.dentry->d_inode; if (is_file_hugepages(shp->shm_file)) { struct address_space *mapping = inode->i_mapping; *rss += (HPAGE_SIZE/PAGE_SIZE)*mapping->nrpages; } else { struct shmem_inode_info *info = SHMEM_I(inode); spin_lock(&info->lock); *rss += inode->i_mapping->nrpages; *swp += info->swapped; spin_unlock(&info->lock); } total++; } } asmlinkage long sys_shmctl (int shmid, int cmd, struct shmid_ds __user *buf) { struct shm_setbuf setbuf; struct shmid_kernel *shp; int err, version; struct ipc_namespace *ns; if (cmd < 0 || shmid < 0) { err = -EINVAL; goto out; } version = ipc_parse_version(&cmd); ns = current->nsproxy->ipc_ns; switch (cmd) { /* replace with proc interface ? */ case IPC_INFO: { struct shminfo64 shminfo; err = security_shm_shmctl(NULL, cmd); if (err) return err; memset(&shminfo,0,sizeof(shminfo)); shminfo.shmmni = shminfo.shmseg = ns->shm_ctlmni; shminfo.shmmax = ns->shm_ctlmax; shminfo.shmall = ns->shm_ctlall; shminfo.shmmin = SHMMIN; if(copy_shminfo_to_user (buf, &shminfo, version)) return -EFAULT; down_read(&shm_ids(ns).rw_mutex); err = ipc_get_maxid(&shm_ids(ns)); up_read(&shm_ids(ns).rw_mutex); if(err<0) err = 0; goto out; } case SHM_INFO: { struct shm_info shm_info; err = security_shm_shmctl(NULL, cmd); if (err) return err; memset(&shm_info,0,sizeof(shm_info)); down_read(&shm_ids(ns).rw_mutex); shm_info.used_ids = shm_ids(ns).in_use; shm_get_stat (ns, &shm_info.shm_rss, &shm_info.shm_swp); shm_info.shm_tot = ns->shm_tot; shm_info.swap_attempts = 0; shm_info.swap_successes = 0; err = ipc_get_maxid(&shm_ids(ns)); up_read(&shm_ids(ns).rw_mutex); if(copy_to_user (buf, &shm_info, sizeof(shm_info))) { err = -EFAULT; goto out; } err = err < 0 ? 0 : err; goto out; } case SHM_STAT: case IPC_STAT: { struct shmid64_ds tbuf; int result; if (!buf) { err = -EFAULT; goto out; } if (cmd == SHM_STAT) { shp = shm_lock(ns, shmid); if (IS_ERR(shp)) { err = PTR_ERR(shp); goto out; } result = shp->shm_perm.id; } else { shp = shm_lock_check(ns, shmid); if (IS_ERR(shp)) { err = PTR_ERR(shp); goto out; } result = 0; } err=-EACCES; if (ipcperms (&shp->shm_perm, S_IRUGO)) goto out_unlock; err = security_shm_shmctl(shp, cmd); if (err) goto out_unlock; memset(&tbuf, 0, sizeof(tbuf)); kernel_to_ipc64_perm(&shp->shm_perm, &tbuf.shm_perm); tbuf.shm_segsz = shp->shm_segsz; tbuf.shm_atime = shp->shm_atim; tbuf.shm_dtime = shp->shm_dtim; tbuf.shm_ctime = shp->shm_ctim; tbuf.shm_cpid = shp->shm_cprid; tbuf.shm_lpid = shp->shm_lprid; tbuf.shm_nattch = shp->shm_nattch; shm_unlock(shp); if(copy_shmid_to_user (buf, &tbuf, version)) err = -EFAULT; else err = result; goto out; } case SHM_LOCK: case SHM_UNLOCK: { shp = shm_lock_check(ns, shmid); if (IS_ERR(shp)) { err = PTR_ERR(shp); goto out; } err = audit_ipc_obj(&(shp->shm_perm)); if (err) goto out_unlock; if (!capable(CAP_IPC_LOCK)) { err = -EPERM; if (current->euid != shp->shm_perm.uid && current->euid != shp->shm_perm.cuid) goto out_unlock; if (cmd == SHM_LOCK && !current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur) goto out_unlock; } err = security_shm_shmctl(shp, cmd); if (err) goto out_unlock; if(cmd==SHM_LOCK) { struct user_struct * user = current->user; if (!is_file_hugepages(shp->shm_file)) { err = shmem_lock(shp->shm_file, 1, user); if (!err && !(shp->shm_perm.mode & SHM_LOCKED)){ shp->shm_perm.mode |= SHM_LOCKED; shp->mlock_user = user; } } } else if (!is_file_hugepages(shp->shm_file)) { shmem_lock(shp->shm_file, 0, shp->mlock_user); shp->shm_perm.mode &= ~SHM_LOCKED; shp->mlock_user = NULL; } shm_unlock(shp); goto out; } case IPC_RMID: { /* * We cannot simply remove the file. The SVID states * that the block remains until the last person * detaches from it, then is deleted. A shmat() on * an RMID segment is legal in older Linux and if * we change it apps break... * * Instead we set a destroyed flag, and then blow * the name away when the usage hits zero. */ down_write(&shm_ids(ns).rw_mutex); shp = shm_lock_check_down(ns, shmid); if (IS_ERR(shp)) { err = PTR_ERR(shp); goto out_up; } err = audit_ipc_obj(&(shp->shm_perm)); if (err) goto out_unlock_up; if (current->euid != shp->shm_perm.uid && current->euid != shp->shm_perm.cuid && !capable(CAP_SYS_ADMIN)) { err=-EPERM; goto out_unlock_up; } err = security_shm_shmctl(shp, cmd); if (err) goto out_unlock_up; do_shm_rmid(ns, &shp->shm_perm); up_write(&shm_ids(ns).rw_mutex); goto out; } case IPC_SET: { if (!buf) { err = -EFAULT; goto out; } if (copy_shmid_from_user (&setbuf, buf, version)) { err = -EFAULT; goto out; } down_write(&shm_ids(ns).rw_mutex); shp = shm_lock_check_down(ns, shmid); if (IS_ERR(shp)) { err = PTR_ERR(shp); goto out_up; } err = audit_ipc_obj(&(shp->shm_perm)); if (err) goto out_unlock_up; err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode); if (err) goto out_unlock_up; err=-EPERM; if (current->euid != shp->shm_perm.uid && current->euid != shp->shm_perm.cuid && !capable(CAP_SYS_ADMIN)) { goto out_unlock_up; } err = security_shm_shmctl(shp, cmd); if (err) goto out_unlock_up; shp->shm_perm.uid = setbuf.uid; shp->shm_perm.gid = setbuf.gid; shp->shm_perm.mode = (shp->shm_perm.mode & ~S_IRWXUGO) | (setbuf.mode & S_IRWXUGO); shp->shm_ctim = get_seconds(); break; } default: err = -EINVAL; goto out; } err = 0; out_unlock_up: shm_unlock(shp); out_up: up_write(&shm_ids(ns).rw_mutex); goto out; out_unlock: shm_unlock(shp); out: return err; } /* * Fix shmaddr, allocate descriptor, map shm, add attach descriptor to lists. * * NOTE! Despite the name, this is NOT a direct system call entrypoint. The * "raddr" thing points to kernel space, and there has to be a wrapper around * this. */ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr) { struct shmid_kernel *shp; unsigned long addr; unsigned long size; struct file * file; int err; unsigned long flags; unsigned long prot; int acc_mode; unsigned long user_addr; struct ipc_namespace *ns; struct shm_file_data *sfd; struct path path; mode_t f_mode; err = -EINVAL; if (shmid < 0) goto out; else if ((addr = (ulong)shmaddr)) { if (addr & (SHMLBA-1)) { if (shmflg & SHM_RND) addr &= ~(SHMLBA-1); /* round down */ else #ifndef __ARCH_FORCE_SHMLBA if (addr & ~PAGE_MASK) #endif goto out; } flags = MAP_SHARED | MAP_FIXED; } else { if ((shmflg & SHM_REMAP)) goto out; flags = MAP_SHARED; } if (shmflg & SHM_RDONLY) { prot = PROT_READ; acc_mode = S_IRUGO; f_mode = FMODE_READ; } else { prot = PROT_READ | PROT_WRITE; acc_mode = S_IRUGO | S_IWUGO; f_mode = FMODE_READ | FMODE_WRITE; } if (shmflg & SHM_EXEC) { prot |= PROT_EXEC; acc_mode |= S_IXUGO; } /* * We cannot rely on the fs check since SYSV IPC does have an * additional creator id... */ ns = current->nsproxy->ipc_ns; shp = shm_lock_check(ns, shmid); if (IS_ERR(shp)) { err = PTR_ERR(shp); goto out; } err = -EACCES; if (ipcperms(&shp->shm_perm, acc_mode)) goto out_unlock; err = security_shm_shmat(shp, shmaddr, shmflg); if (err) goto out_unlock; path.dentry = dget(shp->shm_file->f_path.dentry); path.mnt = shp->shm_file->f_path.mnt; shp->shm_nattch++; size = i_size_read(path.dentry->d_inode); shm_unlock(shp); err = -ENOMEM; sfd = kzalloc(sizeof(*sfd), GFP_KERNEL); if (!sfd) goto out_put_dentry; err = -ENOMEM; file = alloc_file(path.mnt, path.dentry, f_mode, &shm_file_operations); if (!file) goto out_free; file->private_data = sfd; file->f_mapping = shp->shm_file->f_mapping; sfd->id = shp->shm_perm.id; sfd->ns = get_ipc_ns(ns); sfd->file = shp->shm_file; sfd->vm_ops = NULL; down_write(&current->mm->mmap_sem); if (addr && !(shmflg & SHM_REMAP)) { err = -EINVAL; if (find_vma_intersection(current->mm, addr, addr + size)) goto invalid; /* * If shm segment goes below stack, make sure there is some * space left for the stack to grow (at least 4 pages). */ if (addr < current->mm->start_stack && addr > current->mm->start_stack - size - PAGE_SIZE * 5) goto invalid; }