From 535b1df9936568f6b5bbfa4a9ef409bdafde57c2 Mon Sep 17 00:00:00 2001 From: Kyle Evans Date: Sun, 5 Jan 2020 04:06:40 +0000 Subject: [PATCH] shm: correct KPI mistake introduced around memfd_create When file sealing and shm_open2 were introduced, we should have grown a new kern_shm_open2 helper that did the brunt of the work with the new interface while kern_shm_open remains the same. Instead, more complexity was introduced to kern_shm_open to handle the additional features and consumers had to keep changing in somewhat awkward ways, and a kern_shm_open2 was added to wrap kern_shm_open. Backpedal on this and correct the situation- kern_shm_open returns to the interface it had prior to file sealing being introduced, and neither function needs an initial_seals argument anymore as it's handled in kern_shm_open2 based on the shmflags. --- sys/compat/cloudabi/cloudabi_fd.c | 2 +- sys/kern/uipc_shm.c | 32 +++++++++++++++---------------- sys/sys/syscallsubr.h | 5 +++-- 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/sys/compat/cloudabi/cloudabi_fd.c b/sys/compat/cloudabi/cloudabi_fd.c index 02dd357effd..ba93db3c0bf 100644 --- a/sys/compat/cloudabi/cloudabi_fd.c +++ b/sys/compat/cloudabi/cloudabi_fd.c @@ -96,7 +96,7 @@ cloudabi_sys_fd_create1(struct thread *td, cap_rights_init(&fcaps.fc_rights, CAP_FSTAT, CAP_FTRUNCATE, CAP_MMAP_RWX); return (kern_shm_open(td, SHM_ANON, O_RDWR | O_CLOEXEC, 0, - &fcaps, F_SEAL_SEAL)); + &fcaps)); default: return (EINVAL); } diff --git a/sys/kern/uipc_shm.c b/sys/kern/uipc_shm.c index 493f21405fd..435da35a5b2 100644 --- a/sys/kern/uipc_shm.c +++ b/sys/kern/uipc_shm.c @@ -731,8 +731,8 @@ shm_remove(char *path, Fnv32_t fnv, struct ucred *ucred) } int -kern_shm_open(struct thread *td, const char *userpath, int flags, mode_t mode, - struct filecaps *fcaps, int initial_seals) +kern_shm_open2(struct thread *td, const char *userpath, int flags, mode_t mode, + int shmflags, struct filecaps *fcaps, const char *name __unused) { struct filedesc *fdp; struct shmfd *shmfd; @@ -741,7 +741,14 @@ kern_shm_open(struct thread *td, const char *userpath, int flags, mode_t mode, void *rl_cookie; Fnv32_t fnv; mode_t cmode; - int fd, error; + int error, fd, initial_seals; + + if ((shmflags & ~SHM_ALLOW_SEALING) != 0) + return (EINVAL); + + initial_seals = F_SEAL_SEAL; + if ((shmflags & SHM_ALLOW_SEALING) != 0) + initial_seals &= ~F_SEAL_SEAL; #ifdef CAPABILITY_MODE /* @@ -923,8 +930,8 @@ int freebsd12_shm_open(struct thread *td, struct freebsd12_shm_open_args *uap) { - return (kern_shm_open(td, uap->path, uap->flags | O_CLOEXEC, uap->mode, - NULL, F_SEAL_SEAL)); + return (kern_shm_open(td, uap->path, uap->flags | O_CLOEXEC, + uap->mode, NULL)); } #endif @@ -1476,18 +1483,11 @@ SYSCTL_PROC(_kern_ipc, OID_AUTO, posix_shm_list, "POSIX SHM list"); int -kern_shm_open2(struct thread *td, const char *path, int flags, mode_t mode, - int shmflags, const char *name __unused) +kern_shm_open(struct thread *td, const char *path, int flags, mode_t mode, + struct filecaps *caps) { - int initial_seals; - if ((shmflags & ~SHM_ALLOW_SEALING) != 0) - return (EINVAL); - - initial_seals = F_SEAL_SEAL; - if ((shmflags & SHM_ALLOW_SEALING) != 0) - initial_seals &= ~F_SEAL_SEAL; - return (kern_shm_open(td, path, flags, mode, NULL, initial_seals)); + return (kern_shm_open2(td, path, flags, mode, 0, caps, NULL)); } /* @@ -1505,5 +1505,5 @@ sys_shm_open2(struct thread *td, struct shm_open2_args *uap) { return (kern_shm_open2(td, uap->path, uap->flags, uap->mode, - uap->shmflags, uap->name)); + uap->shmflags, NULL, uap->name)); } diff --git a/sys/sys/syscallsubr.h b/sys/sys/syscallsubr.h index b743e524aa7..6c7bfd9c1b9 100644 --- a/sys/sys/syscallsubr.h +++ b/sys/sys/syscallsubr.h @@ -257,9 +257,10 @@ int kern_setsockopt(struct thread *td, int s, int level, int name, int kern_settimeofday(struct thread *td, struct timeval *tv, struct timezone *tzp); int kern_shm_open(struct thread *td, const char *userpath, int flags, - mode_t mode, struct filecaps *fcaps, int initial_seals); + mode_t mode, struct filecaps *fcaps); int kern_shm_open2(struct thread *td, const char *path, int flags, - mode_t mode, int shmflags, const char *name); + mode_t mode, int shmflags, struct filecaps *fcaps, + const char *name); int kern_shmat(struct thread *td, int shmid, const void *shmaddr, int shmflg); int kern_shmctl(struct thread *td, int shmid, int cmd, void *buf,