Lines Matching defs:shp
67 * task_lock(shp->shm_creator)
97 #define shm_unlock(shp) \
98 ipc_unlock(&(shp)->shm_perm)
103 static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp);
119 * Called with shm_ids.rwsem (writer) and the shp structure locked.
124 struct shmid_kernel *shp;
126 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
127 WARN_ON(ns != shp->ns);
129 if (shp->shm_nattch) {
130 shp->shm_perm.mode |= SHM_DEST;
132 ipc_set_key_private(&shm_ids(ns), &shp->shm_perm);
133 shm_unlock(shp);
135 shm_destroy(ns, shp);
232 struct shmid_kernel *shp = container_of(ptr, struct shmid_kernel,
234 security_shm_free(&shp->shm_perm);
235 kvfree(shp);
239 * It has to be called with shp locked.
242 static inline void shm_clist_rm(struct shmid_kernel *shp)
253 if (!list_empty(&shp->shm_clist)) {
255 * shp->shm_creator is guaranteed to be valid *only*
256 * if shp->shm_clist is not empty.
258 creator = shp->shm_creator;
265 list_del_init(&shp->shm_clist);
282 struct shmid_kernel *shp;
284 shp = shm_lock(sfd->ns, sfd->id);
286 if (IS_ERR(shp))
287 return PTR_ERR(shp);
289 if (shp->shm_file != sfd->file) {
291 shm_unlock(shp);
295 shp->shm_atim = ktime_get_real_seconds();
296 ipc_update_pid(&shp->shm_lprid, task_tgid(current));
297 shp->shm_nattch++;
298 shm_unlock(shp);
317 * @shp: struct to free
319 * It has to be called with shp and shm_ids.rwsem (writer) locked,
320 * but returns with shp unlocked and freed.
322 static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp)
326 shm_file = shp->shm_file;
327 shp->shm_file = NULL;
328 ns->shm_tot -= (shp->shm_segsz + PAGE_SIZE - 1) >> PAGE_SHIFT;
329 shm_rmid(shp);
330 shm_unlock(shp);
332 shmem_lock(shm_file, 0, shp->mlock_user);
333 else if (shp->mlock_user)
335 shp->mlock_user);
337 ipc_update_pid(&shp->shm_cprid, NULL);
338 ipc_update_pid(&shp->shm_lprid, NULL);
339 ipc_rcu_putref(&shp->shm_perm, shm_rcu_free);
348 * 1) shmctl(id, IPC_RMID, NULL) was called for this shp
352 static bool shm_may_destroy(struct shmid_kernel *shp)
354 return (shp->shm_nattch == 0) &&
355 (shp->ns->shm_rmid_forced ||
356 (shp->shm_perm.mode & SHM_DEST));
369 struct shmid_kernel *shp;
374 shp = shm_lock(ns, sfd->id);
380 if (WARN_ON_ONCE(IS_ERR(shp)))
383 ipc_update_pid(&shp->shm_lprid, task_tgid(current));
384 shp->shm_dtim = ktime_get_real_seconds();
385 shp->shm_nattch--;
386 if (shm_may_destroy(shp))
387 shm_destroy(ns, shp);
389 shm_unlock(shp);
399 struct shmid_kernel *shp = container_of(ipcp, struct shmid_kernel, shm_perm);
405 * As shp->* are changed under rwsem, it's safe to skip shp locking.
407 if (!list_empty(&shp->shm_clist))
410 if (shm_may_destroy(shp)) {
411 shm_lock_by_ptr(shp);
412 shm_destroy(ns, shp);
429 struct shmid_kernel *shp;
439 shp = list_first_entry(&task->sysvshm.shm_clist, struct shmid_kernel,
445 * shp lifetime is always shorter than namespace lifetime
446 * in which shp lives.
447 * We taken task_lock it means that shp won't be freed.
449 ns = shp->ns;
467 list_del_init(&shp->shm_clist);
473 * 4) get a reference to shp.
477 WARN_ON(!ipc_rcu_getref(&shp->shm_perm));
486 list_del_init(&shp->shm_clist);
492 * Thus lock & if needed destroy shp.
495 shm_lock_by_ptr(shp);
500 ipc_rcu_putref(&shp->shm_perm, shm_rcu_free);
502 if (ipc_valid_object(&shp->shm_perm)) {
503 if (shm_may_destroy(shp))
504 shm_destroy(ns, shp);
506 shm_unlock(shp);
509 * Someone else deleted the shp from namespace
513 shm_unlock(shp);
698 struct shmid_kernel *shp;
714 shp = kvmalloc(sizeof(*shp), GFP_KERNEL_ACCOUNT);
715 if (unlikely(!shp))
718 shp->shm_perm.key = key;
719 shp->shm_perm.mode = (shmflg & S_IRWXUGO);
720 shp->mlock_user = NULL;
722 shp->shm_perm.security = NULL;
723 error = security_shm_alloc(&shp->shm_perm);
725 kvfree(shp);
745 &shp->mlock_user, HUGETLB_SHMFS_INODE,
761 shp->shm_cprid = get_pid(task_tgid(current));
762 shp->shm_lprid = NULL;
763 shp->shm_atim = shp->shm_dtim = 0;
764 shp->shm_ctim = ktime_get_real_seconds();
765 shp->shm_segsz = size;
766 shp->shm_nattch = 0;
767 shp->shm_file = file;
768 shp->shm_creator = current;
770 /* ipc_addid() locks shp upon success. */
771 error = ipc_addid(&shm_ids(ns), &shp->shm_perm, ns->shm_ctlmni);
775 shp->ns = ns;
778 list_add(&shp->shm_clist, ¤t->sysvshm.shm_clist);
785 file_inode(file)->i_ino = shp->shm_perm.id;
788 error = shp->shm_perm.id;
790 ipc_unlock_object(&shp->shm_perm);
795 ipc_update_pid(&shp->shm_cprid, NULL);
796 ipc_update_pid(&shp->shm_lprid, NULL);
797 if (is_file_hugepages(file) && shp->mlock_user)
798 user_shm_unlock(size, shp->mlock_user);
800 ipc_rcu_putref(&shp->shm_perm, shm_rcu_free);
803 call_rcu(&shp->shm_perm.rcu, shm_rcu_free);
812 struct shmid_kernel *shp;
814 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
815 if (shp->shm_segsz < params->u.size)
927 static void shm_add_rss_swap(struct shmid_kernel *shp,
932 inode = file_inode(shp->shm_file);
934 if (is_file_hugepages(shp->shm_file)) {
936 struct hstate *h = hstate_file(shp->shm_file);
968 struct shmid_kernel *shp;
973 shp = container_of(ipc, struct shmid_kernel, shm_perm);
975 shm_add_rss_swap(shp, rss, swp);
990 struct shmid_kernel *shp;
1003 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
1005 err = security_shm_shmctl(&shp->shm_perm, cmd);
1011 ipc_lock_object(&shp->shm_perm);
1016 ipc_lock_object(&shp->shm_perm);
1020 shp->shm_ctim = ktime_get_real_seconds();
1028 ipc_unlock_object(&shp->shm_perm);
1078 struct shmid_kernel *shp;
1085 shp = shm_obtain_object(ns, shmid);
1086 if (IS_ERR(shp)) {
1087 err = PTR_ERR(shp);
1091 shp = shm_obtain_object_check(ns, shmid);
1092 if (IS_ERR(shp)) {
1093 err = PTR_ERR(shp);
1106 audit_ipc_obj(&shp->shm_perm);
1109 if (ipcperms(ns, &shp->shm_perm, S_IRUGO))
1113 err = security_shm_shmctl(&shp->shm_perm, cmd);
1117 ipc_lock_object(&shp->shm_perm);
1119 if (!ipc_valid_object(&shp->shm_perm)) {
1120 ipc_unlock_object(&shp->shm_perm);
1125 kernel_to_ipc64_perm(&shp->shm_perm, &tbuf->shm_perm);
1126 tbuf->shm_segsz = shp->shm_segsz;
1127 tbuf->shm_atime = shp->shm_atim;
1128 tbuf->shm_dtime = shp->shm_dtim;
1129 tbuf->shm_ctime = shp->shm_ctim;
1131 tbuf->shm_atime_high = shp->shm_atim >> 32;
1132 tbuf->shm_dtime_high = shp->shm_dtim >> 32;
1133 tbuf->shm_ctime_high = shp->shm_ctim >> 32;
1135 tbuf->shm_cpid = pid_vnr(shp->shm_cprid);
1136 tbuf->shm_lpid = pid_vnr(shp->shm_lprid);
1137 tbuf->shm_nattch = shp->shm_nattch;
1150 err = shp->shm_perm.id;
1153 ipc_unlock_object(&shp->shm_perm);
1161 struct shmid_kernel *shp;
1166 shp = shm_obtain_object_check(ns, shmid);
1167 if (IS_ERR(shp)) {
1168 err = PTR_ERR(shp);
1172 audit_ipc_obj(&(shp->shm_perm));
1173 err = security_shm_shmctl(&shp->shm_perm, cmd);
1177 ipc_lock_object(&shp->shm_perm);
1179 /* check if shm_destroy() is tearing down shp */
1180 if (!ipc_valid_object(&shp->shm_perm)) {
1188 if (!uid_eq(euid, shp->shm_perm.uid) &&
1189 !uid_eq(euid, shp->shm_perm.cuid)) {
1199 shm_file = shp->shm_file;
1207 if (!err && !(shp->shm_perm.mode & SHM_LOCKED)) {
1208 shp->shm_perm.mode |= SHM_LOCKED;
1209 shp->mlock_user = user;
1215 if (!(shp->shm_perm.mode & SHM_LOCKED))
1217 shmem_lock(shm_file, 0, shp->mlock_user);
1218 shp->shm_perm.mode &= ~SHM_LOCKED;
1219 shp->mlock_user = NULL;
1221 ipc_unlock_object(&shp->shm_perm);
1229 ipc_unlock_object(&shp->shm_perm);
1515 struct shmid_kernel *shp;
1575 shp = shm_obtain_object_check(ns, shmid);
1576 if (IS_ERR(shp)) {
1577 err = PTR_ERR(shp);
1582 if (ipcperms(ns, &shp->shm_perm, acc_mode))
1585 err = security_shm_shmat(&shp->shm_perm, shmaddr, shmflg);
1589 ipc_lock_object(&shp->shm_perm);
1591 /* check if shm_destroy() is tearing down shp */
1592 if (!ipc_valid_object(&shp->shm_perm)) {
1593 ipc_unlock_object(&shp->shm_perm);
1607 base = get_file(shp->shm_file);
1608 shp->shm_nattch++;
1610 ipc_unlock_object(&shp->shm_perm);
1631 sfd->id = shp->shm_perm.id;
1670 shp = shm_lock(ns, shmid);
1671 shp->shm_nattch--;
1673 if (shm_may_destroy(shp))
1674 shm_destroy(ns, shp);
1676 shm_unlock(shp);
1839 struct shmid_kernel *shp;
1842 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
1843 shm_add_rss_swap(shp, &rss, &swp);
1855 shp->shm_perm.key,
1856 shp->shm_perm.id,
1857 shp->shm_perm.mode,
1858 shp->shm_segsz,
1859 pid_nr_ns(shp->shm_cprid, pid_ns),
1860 pid_nr_ns(shp->shm_lprid, pid_ns),
1861 shp->shm_nattch,
1862 from_kuid_munged(user_ns, shp->shm_perm.uid),
1863 from_kgid_munged(user_ns, shp->shm_perm.gid),
1864 from_kuid_munged(user_ns, shp->shm_perm.cuid),
1865 from_kgid_munged(user_ns, shp->shm_perm.cgid),
1866 shp->shm_atim,
1867 shp->shm_dtim,
1868 shp->shm_ctim,