projects / lttng-ust.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
libust ABI: export streams
[lttng-ust.git] / libringbuffer / shm.h
diff --git a/libringbuffer/shm.h b/libringbuffer/shm.h
index f5cc8e69a2b7a62faf9f614dec2489f99ccee96d..5785b71d8483d26c3684bdd8875c70aa13f00ca2 100644 (file)
--- a/libringbuffer/shm.h
+++ b/libringbuffer/shm.h
@@ -17,29 +17,35 @@
 /*
  * Pointer dereferencing. We don't trust the shm_ref, so we validate
  * both the index and offset with known boundaries.
+ *
+ * "shmp" and "shmp_index" guarantee that it's safe to use the pointer
+ * target type, even in the occurrence of shm_ref modification by an
+ * untrusted process having write access to the shm_ref. We return a
+ * NULL pointer if the ranges are invalid.
  */
 static inline
 char *_shmp_offset(struct shm_object_table *table, struct shm_ref *ref,
-                  size_t offset)
+                  size_t idx, size_t elem_size)
 {
        struct shm_object *obj;
-       size_t index, ref_offset;
+       size_t objindex, ref_offset;
 
-       index = (size_t) ref->index;
-       if (unlikely(index >= table->allocated_len))
+       objindex = (size_t) ref->index;
+       if (unlikely(objindex >= table->allocated_len))
                return NULL;
-       obj = &table->objects[index];
+       obj = &table->objects[objindex];
        ref_offset = (size_t) ref->offset;
-       ref_offset += offset;
-       if (unlikely(ref_offset >= obj->memory_map_size))
+       ref_offset += idx * elem_size;
+       /* Check if part of the element returned would exceed the limits. */
+       if (unlikely(ref_offset + elem_size > obj->memory_map_size))
                return NULL;
        return &obj->memory_map[ref_offset];
 }
 
-#define shmp_index(handle, ref, offset)                                        \
+#define shmp_index(handle, ref, index)                                 \
        ({                                                              \
                __typeof__((ref)._type) ____ptr_ret;                    \
-               ____ptr_ret = (__typeof__(____ptr_ret)) _shmp_offset((handle)->table, &(ref)._ref, ((offset) * sizeof(*____ptr_ret)));  \
+               ____ptr_ret = (__typeof__(____ptr_ret)) _shmp_offset((handle)->table, &(ref)._ref, index, sizeof(*____ptr_ret));        \
                ____ptr_ret;                                            \
        })
 
@@ -97,4 +103,22 @@ int shm_get_wait_fd(struct shm_handle *handle, struct shm_ref *ref)
        return obj->wait_fd[0];
 }
 
+static inline
+int shm_get_object_data(struct shm_handle *handle, struct shm_ref *ref,
+               int *shm_fd, int *wait_fd, uint64_t *memory_map_size)
+{
+       struct shm_object_table *table = handle->table;
+       struct shm_object *obj;
+       size_t index;
+
+       index = (size_t) ref->index;
+       if (unlikely(index >= table->allocated_len))
+               return -EPERM;
+       obj = &table->objects[index];
+       *shm_fd = obj->shm_fd;
+       *wait_fd = obj->wait_fd[0];
+       *memory_map_size = obj->memory_map_size;
+       return 0;
+}
+
 #endif /* _LIBRINGBUFFER_SHM_H */
LTTng 2.0 Userspace Tracer
This page took 0.025017 seconds and 4 git commands to generate.