X-Git-Url: http://git.lttng.org/?a=blobdiff_plain;f=libringbuffer%2Fshm.h;h=e8fc8d70384910139306e0d2d0fbcfc41cbcb615;hb=4318ae1be57eb7983ab4857a7a8eeb4a030a8216;hp=390a5b26bc2890f996577ebbda3d0dc0303cb726;hpb=a6352fd40a2090fd883a6c369144bf405c9e9ec4;p=lttng-ust.git diff --git a/libringbuffer/shm.h b/libringbuffer/shm.h index 390a5b26..e8fc8d70 100644 --- a/libringbuffer/shm.h +++ b/libringbuffer/shm.h @@ -10,62 +10,117 @@ */ #include -#include "ust/core.h" - -#define SHM_MAGIC 0x54335433 -#define SHM_MAJOR 0 -#define SHM_MINOR 1 +#include +#include "lttng/core.h" +#include "shm_types.h" /* - * Defining a max shm offset, for debugging purposes. + * Pointer dereferencing. We don't trust the shm_ref, so we validate + * both the index and offset with known boundaries. + * + * "shmp" and "shmp_index" guarantee that it's safe to use the pointer + * target type, even in the occurrence of shm_ref modification by an + * untrusted process having write access to the shm_ref. We return a + * NULL pointer if the ranges are invalid. */ -#if (CAA_BITS_PER_LONG == 32) -/* Define the maximum shared memory size to 128MB on 32-bit machines */ -#define MAX_SHM_SIZE 134217728 -#else -/* Define the maximum shared memory size to 8GB on 64-bit machines */ -#define MAX_SHM_SIZE 8589934592 -#endif +static inline +char *_shmp_offset(struct shm_object_table *table, struct shm_ref *ref, + size_t idx, size_t elem_size) +{ + struct shm_object *obj; + size_t objindex, ref_offset; -#define DECLARE_SHMP(type, name) type *****name + objindex = (size_t) ref->index; + if (caa_unlikely(objindex >= table->allocated_len)) + return NULL; + obj = &table->objects[objindex]; + ref_offset = (size_t) ref->offset; + ref_offset += idx * elem_size; + /* Check if part of the element returned would exceed the limits. */ + if (caa_unlikely(ref_offset + elem_size > obj->memory_map_size)) + return NULL; + return &obj->memory_map[ref_offset]; +} + +#define shmp_index(handle, ref, index) \ + ({ \ + __typeof__((ref)._type) ____ptr_ret; \ + ____ptr_ret = (__typeof__(____ptr_ret)) _shmp_offset((handle)->table, &(ref)._ref, index, sizeof(*____ptr_ret)); \ + ____ptr_ret; \ + }) + +#define shmp(handle, ref) shmp_index(handle, ref, 0) -struct shm_header { - uint32_t magic; - uint8_t major; - uint8_t minor; - uint8_t bits_per_long; - size_t shm_size, shm_allocated; +static inline +void _set_shmp(struct shm_ref *ref, struct shm_ref src) +{ + *ref = src; +} - DECLARE_SHMP(struct channel, chan); -}; +#define set_shmp(ref, src) _set_shmp(&(ref)._ref, src) -#define shmp(shm_offset) \ - ((__typeof__(****(shm_offset))) (((char *) &(shm_offset)) + (ptrdiff_t) (shm_offset))) +struct shm_object_table *shm_object_table_create(size_t max_nb_obj); +struct shm_object *shm_object_table_append_shadow(struct shm_object_table *table, + int shm_fd, int wait_fd, size_t memory_map_size); +void shm_object_table_destroy(struct shm_object_table *table); +struct shm_object *shm_object_table_append(struct shm_object_table *table, + size_t memory_map_size); -#define _shmp_abs(a) ((a < 0) ? -(a) : (a)) +/* + * zalloc_shm - allocate memory within a shm object. + * + * Shared memory is already zeroed by shmget. + * *NOT* multithread-safe (should be protected by mutex). + * Returns a -1, -1 tuple on error. + */ +struct shm_ref zalloc_shm(struct shm_object *obj, size_t len); +void align_shm(struct shm_object *obj, size_t align); static inline -void _set_shmp(ptrdiff_t *shm_offset, void *ptr) +int shm_get_wakeup_fd(struct lttng_ust_shm_handle *handle, struct shm_ref *ref) { - *shm_offset = (((char *) ptr) - ((char *) shm_offset)); - assert(_shmp_abs(*shm_offset) < MAX_SHM_SIZE); + struct shm_object_table *table = handle->table; + struct shm_object *obj; + size_t index; + + index = (size_t) ref->index; + if (caa_unlikely(index >= table->allocated_len)) + return -EPERM; + obj = &table->objects[index]; + return obj->wait_fd[1]; + } -#define set_shmp(shm_offset, ptr) \ - _set_shmp((ptrdiff_t *) ****(shm_offset), ptr) +static inline +int shm_get_wait_fd(struct lttng_ust_shm_handle *handle, struct shm_ref *ref) +{ + struct shm_object_table *table = handle->table; + struct shm_object *obj; + size_t index; + + index = (size_t) ref->index; + if (caa_unlikely(index >= table->allocated_len)) + return -EPERM; + obj = &table->objects[index]; + return obj->wait_fd[0]; +} -/* Shared memory is already zeroed by shmget */ -/* *NOT* multithread-safe (should be protected by mutex) */ static inline -void *zalloc_shm(struct shm_header *shm_header, size_t len) +int shm_get_object_data(struct lttng_ust_shm_handle *handle, struct shm_ref *ref, + int *shm_fd, int *wait_fd, uint64_t *memory_map_size) { - void *ret; + struct shm_object_table *table = handle->table; + struct shm_object *obj; + size_t index; - if (shm_header->shm_size - shm_header->shm_allocated < len) - return NULL; - ret = (char *) shm_header + shm_header->shm_allocated; - shm_header->shm_allocated += len; - return ret; + index = (size_t) ref->index; + if (caa_unlikely(index >= table->allocated_len)) + return -EPERM; + obj = &table->objects[index]; + *shm_fd = obj->shm_fd; + *wait_fd = obj->wait_fd[0]; + *memory_map_size = obj->allocated_len; + return 0; } #endif /* _LIBRINGBUFFER_SHM_H */