diff options
author | jhb <jhb@FreeBSD.org> | 2002-03-05 18:57:36 +0000 |
---|---|---|
committer | jhb <jhb@FreeBSD.org> | 2002-03-05 18:57:36 +0000 |
commit | 3a1d17e45b65f471a48cabb1b46335480f777c36 (patch) | |
tree | 7e1937b212c5be424e36cf0162f689d568fe1325 /sys/kern/sysv_shm.c | |
parent | 679afc69e30f49b444a094dee93fd3d00543507a (diff) | |
download | FreeBSD-src-3a1d17e45b65f471a48cabb1b46335480f777c36.zip FreeBSD-src-3a1d17e45b65f471a48cabb1b46335480f777c36.tar.gz |
- Use td_ucred for jail checks.
- Move jail checks and some other checks involving constants and stack
variables out from under Giant. This isn't perfectly safe atm because
jail_sysvipc_allowed is read w/o a lock meaning that its value could be
stale. This global variable will soon become a per-jail flag, however,
at which time it will either not need a lock or will use the prison lock.
Diffstat (limited to 'sys/kern/sysv_shm.c')
-rw-r--r-- | sys/kern/sysv_shm.c | 43 |
1 files changed, 14 insertions, 29 deletions
diff --git a/sys/kern/sysv_shm.c b/sys/kern/sysv_shm.c index fbcca94..1220aec 100644 --- a/sys/kern/sysv_shm.c +++ b/sys/kern/sysv_shm.c @@ -260,11 +260,9 @@ shmdt(td, uap) int i; int error = 0; + if (!jail_sysvipc_allowed && jailed(td->td_ucred)) + return (ENOSYS); mtx_lock(&Giant); - if (!jail_sysvipc_allowed && jailed(p->p_ucred)) { - error = ENOSYS; - goto done2; - } shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; if (shmmap_s == NULL) { error = EINVAL; @@ -313,11 +311,9 @@ shmat(td, uap) int rv; int error = 0; + if (!jail_sysvipc_allowed && jailed(td->td_ucred)) + return (ENOSYS); mtx_lock(&Giant); - if (!jail_sysvipc_allowed && jailed(p->p_ucred)) { - error = ENOSYS; - goto done2; - } shmmap_s = (struct shmmap_state *)p->p_vmspace->vm_shm; if (shmmap_s == NULL) { size = shminfo.shmseg * sizeof(struct shmmap_state); @@ -425,11 +421,9 @@ oshmctl(td, uap) struct shmid_ds *shmseg; struct oshmid_ds outbuf; + if (!jail_sysvipc_allowed && jailed(td->td_ucred)) + return (ENOSYS); mtx_lock(&Giant); - if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) { - error = ENOSYS; - goto done2; - } shmseg = shm_find_segment_by_shmid(uap->shmid); if (shmseg == NULL) { error = EINVAL; @@ -486,11 +480,9 @@ shmctl(td, uap) struct shmid_ds inbuf; struct shmid_ds *shmseg; + if (!jail_sysvipc_allowed && jailed(td->td_ucred)) + return (ENOSYS); mtx_lock(&Giant); - if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) { - error = ENOSYS; - goto done2; - } switch (uap->cmd) { case IPC_INFO: error = copyout( (caddr_t)&shminfo, uap->buf, sizeof( shminfo ) ); @@ -706,11 +698,9 @@ shmget(td, uap) int segnum, mode; int error; + if (!jail_sysvipc_allowed && jailed(td->td_ucred)) + return (ENOSYS); mtx_lock(&Giant); - if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) { - error = ENOSYS; - goto done2; - } mode = uap->shmflg & ACCESSPERMS; if (uap->key != IPC_PRIVATE) { again: @@ -748,17 +738,12 @@ shmsys(td, uap) { int error; + if (!jail_sysvipc_allowed && jailed(td->td_ucred)) + return (ENOSYS); + if (uap->which >= sizeof(shmcalls)/sizeof(shmcalls[0])) + return (EINVAL); mtx_lock(&Giant); - if (!jail_sysvipc_allowed && jailed(td->td_proc->p_ucred)) { - error = ENOSYS; - goto done2; - } - if (uap->which >= sizeof(shmcalls)/sizeof(shmcalls[0])) { - error = EINVAL; - goto done2; - } error = (*shmcalls[uap->which])(td, &uap->a2); -done2: mtx_unlock(&Giant); return (error); } |