aboutsummaryrefslogtreecommitdiffstats
path: root/ipc/shm.c
diff options
context:
space:
mode:
Diffstat (limited to 'ipc/shm.c')
-rw-r--r--ipc/shm.c39
1 files changed, 26 insertions, 13 deletions
diff --git a/ipc/shm.c b/ipc/shm.c
index e2de16efe10d..f28f2a3163e1 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -82,6 +82,10 @@ static void __shm_init_ns(struct ipc_namespace *ns, struct ipc_ids *ids)
82 ipc_init_ids(ids); 82 ipc_init_ids(ids);
83} 83}
84 84
85/*
86 * Called with shm_ids.mutex and the shp structure locked.
87 * Only shm_ids.mutex remains locked on exit.
88 */
85static void do_shm_rmid(struct ipc_namespace *ns, struct shmid_kernel *shp) 89static void do_shm_rmid(struct ipc_namespace *ns, struct shmid_kernel *shp)
86{ 90{
87 if (shp->shm_nattch){ 91 if (shp->shm_nattch){
@@ -182,6 +186,7 @@ static void shm_open(struct vm_area_struct *vma)
182/* 186/*
183 * shm_destroy - free the struct shmid_kernel 187 * shm_destroy - free the struct shmid_kernel
184 * 188 *
189 * @ns: namespace
185 * @shp: struct to free 190 * @shp: struct to free
186 * 191 *
187 * It has to be called with shp and shm_ids.mutex locked, 192 * It has to be called with shp and shm_ids.mutex locked,
@@ -343,6 +348,14 @@ static struct vm_operations_struct shm_vm_ops = {
343#endif 348#endif
344}; 349};
345 350
351/**
352 * newseg - Create a new shared memory segment
353 * @ns: namespace
354 * @params: ptr to the structure that contains key, size and shmflg
355 *
356 * Called with shm_ids.mutex held
357 */
358
346static int newseg(struct ipc_namespace *ns, struct ipc_params *params) 359static int newseg(struct ipc_namespace *ns, struct ipc_params *params)
347{ 360{
348 key_t key = params->key; 361 key_t key = params->key;
@@ -428,6 +441,9 @@ no_file:
428 return error; 441 return error;
429} 442}
430 443
444/*
445 * Called with shm_ids.mutex and ipcp locked.
446 */
431static inline int shm_security(struct kern_ipc_perm *ipcp, int shmflg) 447static inline int shm_security(struct kern_ipc_perm *ipcp, int shmflg)
432{ 448{
433 struct shmid_kernel *shp; 449 struct shmid_kernel *shp;
@@ -436,6 +452,9 @@ static inline int shm_security(struct kern_ipc_perm *ipcp, int shmflg)
436 return security_shm_associate(shp, shmflg); 452 return security_shm_associate(shp, shmflg);
437} 453}
438 454
455/*
456 * Called with shm_ids.mutex and ipcp locked.
457 */
439static inline int shm_more_checks(struct kern_ipc_perm *ipcp, 458static inline int shm_more_checks(struct kern_ipc_perm *ipcp,
440 struct ipc_params *params) 459 struct ipc_params *params)
441{ 460{
@@ -558,6 +577,9 @@ static inline unsigned long copy_shminfo_to_user(void __user *buf, struct shminf
558 } 577 }
559} 578}
560 579
580/*
581 * Called with shm_ids.mutex held
582 */
561static void shm_get_stat(struct ipc_namespace *ns, unsigned long *rss, 583static void shm_get_stat(struct ipc_namespace *ns, unsigned long *rss,
562 unsigned long *swp) 584 unsigned long *swp)
563{ 585{
@@ -573,18 +595,6 @@ static void shm_get_stat(struct ipc_namespace *ns, unsigned long *rss,
573 struct shmid_kernel *shp; 595 struct shmid_kernel *shp;
574 struct inode *inode; 596 struct inode *inode;
575 597
576 /*
577 * idr_find() is called via shm_get(), so with shm_ids.mutex
578 * locked. Since ipc_addid() is also called with
579 * shm_ids.mutex down, there is no need to add read barriers
580 * here to gurantee the writes in ipc_addid() are seen in
581 * order here (for Alpha).
582 * However idr_find() itself does not necessary require
583 * ipc_ids.mutex down. So if idr_find() is used by other
584 * places without ipc_ids.mutex down, then it needs read
585 * read memory barriers as ipc_lock() does.
586 */
587
588 shp = idr_find(&shm_ids(ns).ipcs_idr, next_id); 598 shp = idr_find(&shm_ids(ns).ipcs_idr, next_id);
589 if (shp == NULL) 599 if (shp == NULL)
590 continue; 600 continue;
@@ -638,8 +648,11 @@ asmlinkage long sys_shmctl (int shmid, int cmd, struct shmid_ds __user *buf)
638 shminfo.shmmin = SHMMIN; 648 shminfo.shmmin = SHMMIN;
639 if(copy_shminfo_to_user (buf, &shminfo, version)) 649 if(copy_shminfo_to_user (buf, &shminfo, version))
640 return -EFAULT; 650 return -EFAULT;
641 /* reading a integer is always atomic */ 651
652 mutex_lock(&shm_ids(ns).mutex);
642 err = ipc_get_maxid(&shm_ids(ns)); 653 err = ipc_get_maxid(&shm_ids(ns));
654 mutex_unlock(&shm_ids(ns).mutex);
655
643 if(err<0) 656 if(err<0)
644 err = 0; 657 err = 0;
645 goto out; 658 goto out;