Lines Matching defs:shp
67 * task_lock(shp->shm_creator)
97 #define shm_unlock(shp) \
98 ipc_unlock(&(shp)->shm_perm)
103 static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp);
119 * Called with shm_ids.rwsem (writer) and the shp structure locked.
124 struct shmid_kernel *shp;
126 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
127 WARN_ON(ns != shp->ns);
129 if (shp->shm_nattch) {
130 shp->shm_perm.mode |= SHM_DEST;
132 ipc_set_key_private(&shm_ids(ns), &shp->shm_perm);
133 shm_unlock(shp);
135 shm_destroy(ns, shp);
232 struct shmid_kernel *shp = container_of(ptr, struct shmid_kernel,
234 security_shm_free(&shp->shm_perm);
235 kfree(shp);
239 * It has to be called with shp locked.
242 static inline void shm_clist_rm(struct shmid_kernel *shp)
253 if (!list_empty(&shp->shm_clist)) {
255 * shp->shm_creator is guaranteed to be valid *only*
256 * if shp->shm_clist is not empty.
258 creator = shp->shm_creator;
265 list_del_init(&shp->shm_clist);
280 struct shmid_kernel *shp;
282 shp = shm_lock(sfd->ns, sfd->id);
284 if (IS_ERR(shp))
285 return PTR_ERR(shp);
287 if (shp->shm_file != sfd->file) {
289 shm_unlock(shp);
293 shp->shm_atim = ktime_get_real_seconds();
294 ipc_update_pid(&shp->shm_lprid, task_tgid(current));
295 shp->shm_nattch++;
296 shm_unlock(shp);
323 * @shp: struct to free
325 * It has to be called with shp and shm_ids.rwsem (writer) locked,
326 * but returns with shp unlocked and freed.
328 static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp)
332 shm_file = shp->shm_file;
333 shp->shm_file = NULL;
334 ns->shm_tot -= (shp->shm_segsz + PAGE_SIZE - 1) >> PAGE_SHIFT;
335 shm_rmid(shp);
336 shm_unlock(shp);
338 shmem_lock(shm_file, 0, shp->mlock_ucounts);
340 ipc_update_pid(&shp->shm_cprid, NULL);
341 ipc_update_pid(&shp->shm_lprid, NULL);
342 ipc_rcu_putref(&shp->shm_perm, shm_rcu_free);
351 * 1) shmctl(id, IPC_RMID, NULL) was called for this shp
355 static bool shm_may_destroy(struct shmid_kernel *shp)
357 return (shp->shm_nattch == 0) &&
358 (shp->ns->shm_rmid_forced ||
359 (shp->shm_perm.mode & SHM_DEST));
370 struct shmid_kernel *shp;
375 shp = shm_lock(ns, sfd->id);
381 if (WARN_ON_ONCE(IS_ERR(shp)))
384 ipc_update_pid(&shp->shm_lprid, task_tgid(current));
385 shp->shm_dtim = ktime_get_real_seconds();
386 shp->shm_nattch--;
387 if (shm_may_destroy(shp))
388 shm_destroy(ns, shp);
390 shm_unlock(shp);
412 struct shmid_kernel *shp = container_of(ipcp, struct shmid_kernel, shm_perm);
418 * As shp->* are changed under rwsem, it's safe to skip shp locking.
420 if (!list_empty(&shp->shm_clist))
423 if (shm_may_destroy(shp)) {
424 shm_lock_by_ptr(shp);
425 shm_destroy(ns, shp);
442 struct shmid_kernel *shp;
452 shp = list_first_entry(&task->sysvshm.shm_clist, struct shmid_kernel,
458 * shp lifetime is always shorter than namespace lifetime
459 * in which shp lives.
460 * We taken task_lock it means that shp won't be freed.
462 ns = shp->ns;
480 list_del_init(&shp->shm_clist);
486 * 4) get a reference to shp.
490 WARN_ON(!ipc_rcu_getref(&shp->shm_perm));
499 list_del_init(&shp->shm_clist);
505 * Thus lock & if needed destroy shp.
508 shm_lock_by_ptr(shp);
513 ipc_rcu_putref(&shp->shm_perm, shm_rcu_free);
515 if (ipc_valid_object(&shp->shm_perm)) {
516 if (shm_may_destroy(shp))
517 shm_destroy(ns, shp);
519 shm_unlock(shp);
522 * Someone else deleted the shp from namespace
526 shm_unlock(shp);
711 struct shmid_kernel *shp;
727 shp = kmalloc(sizeof(*shp), GFP_KERNEL_ACCOUNT);
728 if (unlikely(!shp))
731 shp->shm_perm.key = key;
732 shp->shm_perm.mode = (shmflg & S_IRWXUGO);
733 shp->mlock_ucounts = NULL;
735 shp->shm_perm.security = NULL;
736 error = security_shm_alloc(&shp->shm_perm);
738 kfree(shp);
773 shp->shm_cprid = get_pid(task_tgid(current));
774 shp->shm_lprid = NULL;
775 shp->shm_atim = shp->shm_dtim = 0;
776 shp->shm_ctim = ktime_get_real_seconds();
777 shp->shm_segsz = size;
778 shp->shm_nattch = 0;
779 shp->shm_file = file;
780 shp->shm_creator = current;
782 /* ipc_addid() locks shp upon success. */
783 error = ipc_addid(&shm_ids(ns), &shp->shm_perm, ns->shm_ctlmni);
787 shp->ns = ns;
790 list_add(&shp->shm_clist, ¤t->sysvshm.shm_clist);
797 file_inode(file)->i_ino = shp->shm_perm.id;
800 error = shp->shm_perm.id;
802 ipc_unlock_object(&shp->shm_perm);
807 ipc_update_pid(&shp->shm_cprid, NULL);
808 ipc_update_pid(&shp->shm_lprid, NULL);
810 ipc_rcu_putref(&shp->shm_perm, shm_rcu_free);
813 call_rcu(&shp->shm_perm.rcu, shm_rcu_free);
822 struct shmid_kernel *shp;
824 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
825 if (shp->shm_segsz < params->u.size)
937 static void shm_add_rss_swap(struct shmid_kernel *shp,
942 inode = file_inode(shp->shm_file);
944 if (is_file_hugepages(shp->shm_file)) {
946 struct hstate *h = hstate_file(shp->shm_file);
978 struct shmid_kernel *shp;
983 shp = container_of(ipc, struct shmid_kernel, shm_perm);
985 shm_add_rss_swap(shp, rss, swp);
1000 struct shmid_kernel *shp;
1013 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
1015 err = security_shm_shmctl(&shp->shm_perm, cmd);
1021 ipc_lock_object(&shp->shm_perm);
1026 ipc_lock_object(&shp->shm_perm);
1030 shp->shm_ctim = ktime_get_real_seconds();
1038 ipc_unlock_object(&shp->shm_perm);
1088 struct shmid_kernel *shp;
1095 shp = shm_obtain_object(ns, shmid);
1096 if (IS_ERR(shp)) {
1097 err = PTR_ERR(shp);
1101 shp = shm_obtain_object_check(ns, shmid);
1102 if (IS_ERR(shp)) {
1103 err = PTR_ERR(shp);
1116 audit_ipc_obj(&shp->shm_perm);
1119 if (ipcperms(ns, &shp->shm_perm, S_IRUGO))
1123 err = security_shm_shmctl(&shp->shm_perm, cmd);
1127 ipc_lock_object(&shp->shm_perm);
1129 if (!ipc_valid_object(&shp->shm_perm)) {
1130 ipc_unlock_object(&shp->shm_perm);
1135 kernel_to_ipc64_perm(&shp->shm_perm, &tbuf->shm_perm);
1136 tbuf->shm_segsz = shp->shm_segsz;
1137 tbuf->shm_atime = shp->shm_atim;
1138 tbuf->shm_dtime = shp->shm_dtim;
1139 tbuf->shm_ctime = shp->shm_ctim;
1141 tbuf->shm_atime_high = shp->shm_atim >> 32;
1142 tbuf->shm_dtime_high = shp->shm_dtim >> 32;
1143 tbuf->shm_ctime_high = shp->shm_ctim >> 32;
1145 tbuf->shm_cpid = pid_vnr(shp->shm_cprid);
1146 tbuf->shm_lpid = pid_vnr(shp->shm_lprid);
1147 tbuf->shm_nattch = shp->shm_nattch;
1160 err = shp->shm_perm.id;
1163 ipc_unlock_object(&shp->shm_perm);
1171 struct shmid_kernel *shp;
1176 shp = shm_obtain_object_check(ns, shmid);
1177 if (IS_ERR(shp)) {
1178 err = PTR_ERR(shp);
1182 audit_ipc_obj(&(shp->shm_perm));
1183 err = security_shm_shmctl(&shp->shm_perm, cmd);
1187 ipc_lock_object(&shp->shm_perm);
1189 /* check if shm_destroy() is tearing down shp */
1190 if (!ipc_valid_object(&shp->shm_perm)) {
1198 if (!uid_eq(euid, shp->shm_perm.uid) &&
1199 !uid_eq(euid, shp->shm_perm.cuid)) {
1209 shm_file = shp->shm_file;
1217 if (!err && !(shp->shm_perm.mode & SHM_LOCKED)) {
1218 shp->shm_perm.mode |= SHM_LOCKED;
1219 shp->mlock_ucounts = ucounts;
1225 if (!(shp->shm_perm.mode & SHM_LOCKED))
1227 shmem_lock(shm_file, 0, shp->mlock_ucounts);
1228 shp->shm_perm.mode &= ~SHM_LOCKED;
1229 shp->mlock_ucounts = NULL;
1231 ipc_unlock_object(&shp->shm_perm);
1239 ipc_unlock_object(&shp->shm_perm);
1525 struct shmid_kernel *shp;
1585 shp = shm_obtain_object_check(ns, shmid);
1586 if (IS_ERR(shp)) {
1587 err = PTR_ERR(shp);
1592 if (ipcperms(ns, &shp->shm_perm, acc_mode))
1595 err = security_shm_shmat(&shp->shm_perm, shmaddr, shmflg);
1599 ipc_lock_object(&shp->shm_perm);
1601 /* check if shm_destroy() is tearing down shp */
1602 if (!ipc_valid_object(&shp->shm_perm)) {
1603 ipc_unlock_object(&shp->shm_perm);
1617 base = get_file(shp->shm_file);
1618 shp->shm_nattch++;
1620 ipc_unlock_object(&shp->shm_perm);
1641 sfd->id = shp->shm_perm.id;
1680 shp = shm_lock(ns, shmid);
1681 shp->shm_nattch--;
1683 if (shm_may_destroy(shp))
1684 shm_destroy(ns, shp);
1686 shm_unlock(shp);
1848 struct shmid_kernel *shp;
1851 shp = container_of(ipcp, struct shmid_kernel, shm_perm);
1852 shm_add_rss_swap(shp, &rss, &swp);
1864 shp->shm_perm.key,
1865 shp->shm_perm.id,
1866 shp->shm_perm.mode,
1867 shp->shm_segsz,
1868 pid_nr_ns(shp->shm_cprid, pid_ns),
1869 pid_nr_ns(shp->shm_lprid, pid_ns),
1870 shp->shm_nattch,
1871 from_kuid_munged(user_ns, shp->shm_perm.uid),
1872 from_kgid_munged(user_ns, shp->shm_perm.gid),
1873 from_kuid_munged(user_ns, shp->shm_perm.cuid),
1874 from_kgid_munged(user_ns, shp->shm_perm.cgid),
1875 shp->shm_atim,
1876 shp->shm_dtim,
1877 shp->shm_ctim,