diff options
| author | rwatson <rwatson@FreeBSD.org> | 2011-09-02 17:40:39 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2011-09-02 17:40:39 +0000 |
| commit | 3c6157dcec8563160d0e3361149672558f3eee89 (patch) | |
| tree | 90d6a1e521654063f793d1133a459149761f42da /sys/kern/uipc_shm.c | |
| parent | 3eec7d02646590de620f301b9374dde0852a3348 (diff) | |
| download | FreeBSD-src-3c6157dcec8563160d0e3361149672558f3eee89.zip FreeBSD-src-3c6157dcec8563160d0e3361149672558f3eee89.tar.gz | |
Correct several issues in the integration of POSIX shared memory objects
and the new setmode and setowner fileops in FreeBSD 9.0:
- Add new MAC Framework entry point mac_posixshm_check_create() to allow
MAC policies to authorise shared memory use. Provide a stub policy and
test policy templates.
- Add missing Biba and MLS implementations of mac_posixshm_check_setmode()
and mac_posixshm_check_setowner().
- Add 'accmode' argument to mac_posixshm_check_open() -- unlike the
mac_posixsem_check_open() entry point it was modeled on, the access mode
is required as shared memory access can be read-only as well as writable;
this isn't true of POSIX semaphores.
- Implement full range of POSIX shared memory entry points for Biba and MLS.
Sponsored by: Google Inc.
Obtained from: TrustedBSD Project
Approved by: re (kib)
Diffstat (limited to 'sys/kern/uipc_shm.c')
| -rw-r--r-- | sys/kern/uipc_shm.c | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/sys/kern/uipc_shm.c b/sys/kern/uipc_shm.c index 57fd5eb..f9fc3ca 100644 --- a/sys/kern/uipc_shm.c +++ b/sys/kern/uipc_shm.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2006 Robert N. M. Watson + * Copyright (c) 2006, 2011 Robert N. M. Watson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -31,25 +31,21 @@ * * TODO: * - * (2) Need to export data to a userland tool via a sysctl. Should ipcs(1) + * (1) Need to export data to a userland tool via a sysctl. Should ipcs(1) * and ipcrm(1) be expanded or should new tools to manage both POSIX * kernel semaphores and POSIX shared memory be written? * - * (3) Add support for this file type to fstat(1). + * (2) Add support for this file type to fstat(1). * - * (4) Resource limits? Does this need its own resource limits or are the + * (3) Resource limits? Does this need its own resource limits or are the * existing limits in mmap(2) sufficient? * - * (5) Partial page truncation. vnode_pager_setsize() will zero any parts + * (4) Partial page truncation. vnode_pager_setsize() will zero any parts * of a partially mapped page as a result of ftruncate(2)/truncate(2). * We can do the same (with the same pmap evil), but do we need to * worry about the bits on disk if the page is swapped out or will the * swapper zero the parts of a page that are invalid if the page is * swapped back in for us? - * - * (6) Add MAC support in mac_biba(4) and mac_mls(4). - * - * (7) Add a MAC check_create() hook for creating new named objects. */ #include <sys/cdefs.h> @@ -551,8 +547,16 @@ shm_open(struct thread *td, struct shm_open_args *uap) if (shmfd == NULL) { /* Object does not yet exist, create it if requested. */ if (uap->flags & O_CREAT) { - shmfd = shm_alloc(td->td_ucred, cmode); - shm_insert(path, fnv, shmfd); +#ifdef MAC + error = mac_posixshm_check_create(td->td_ucred, + path); + if (error == 0) { +#endif + shmfd = shm_alloc(td->td_ucred, cmode); + shm_insert(path, fnv, shmfd); +#ifdef MAC + } +#endif } else { free(path, M_SHMFD); error = ENOENT; @@ -569,7 +573,7 @@ shm_open(struct thread *td, struct shm_open_args *uap) else { #ifdef MAC error = mac_posixshm_check_open(td->td_ucred, - shmfd); + shmfd, FFLAGS(uap->flags & O_ACCMODE)); if (error == 0) #endif error = shm_access(shmfd, td->td_ucred, |
