path: root/src/ipc
AgeCommit message (Collapse)AuthorLines
2020-03-14fix corrupt sysvipc timestamps on 32-bit archs with old kernelsRich Felker-0/+30
kernel commit 4693916846269d633a3664586650dbfac2c5562f (first included in release v4.14) silently fixed a bug whereby the reserved space (which was later used for high bits of time) in IPC_STAT structures was left untouched rather than zeroed. this means that a caller that wants to read the high bits needs to pre-zero the memory. since it's not clear that these operations are permitted to modify the destination buffer on failure, use a temp buffer and copy back to the caller's buffer on success.
2019-07-31sysvipc: overhaul {sem,shm,msg}ctl for time64Rich Felker-12/+41
being "ctl" functions that take command numbers, these will be handled like ioctl/sockopt/etc., using new command numbers for the time64 variants with an "IPC_TIME64" bit added to their values. to obtain such a reserved bit, we reuse the IPC_64 bit, 0x100, which served only as part of the libc-to-kernel interface, not as a public interface of the libc functions. using new command numbers avoids the need for compat shims (in ABIs doing time64 through symbol redirection and compat shims) and, by virtue of having a fixed time64 bit for all commands, we can ensure that libc can perform the appropriate translations, even if the application is using new commands from a newer version of the libc headers than the libc available at runtime. for the vast majority of 32-bit archs, the kernel {sem,shm,msq}id64_ds definitions left padding space intended for expanding their time_t fields to 64 bits in-place, and it would have been really nice to be able to do time64 support that way. however the padding was almost always in little-endian order (except on powerpc, and for msqid_ds only on mips, where it matched the arch's byte order), and more importantly, the alignment was overlooked. in semid_ds and msqid_ds, the time_t members were not suitably aligned to be expanded to 64-bit, due to the ipc_perm header consisting of 9 32-bit words -- except on powerpc where ipc_perm contains an extra padding word. in shmid_ds, the time_t members were suitably aligned, except that mips (accidentally?) omitted the padding for them alltogether. as a result, we're stuck with adding new time_t fields on the end of the structures, and assembling the 32-bit lo/hi parts (or 16-bit hi parts, for mips shmid_ds, which lacked sufficient reserved space for full 32-bit hi parts) to fill them in. all of the functional changes here are conditional on the IPC_TIME64 macro having a nonzero definition, which will only happen when IPC_STAT is redefined for 32-bit archs, and on time_t being larger than long, so for now the new code is all dead code.
2019-07-31fix semctl with SEM_STAT_ANYRich Felker-1/+1
due to the variadic signature, semctl needs to be made aware of any new commands that take arguments. this was overlooked when commit af55070eae5438476f921d827b7ae49e8141c3fe added SEM_STAT_ANY.
2019-07-30move IPC_64 from public bits/ipc.h to syscall_arch.hRich Felker-0/+6
the definition of the IPC_64 macro controls the interface between libc and the kernel through syscalls; it's not a public API. the meaning is rather obscure. long ago, Linux's sysvipc *id_ds structures used 16-bit uids/gids and wrong types for a few other fields. this was in the libc5 era, before glibc. the IPC_64 flag (64 is a misnomer; it's more like 32) tells the kernel to use the modern[-ish] versions of the structures. the definition of IPC_64 has nothing to do with whether the arch is 32- or 64-bit. rather, due to either historical accident or intentional obnoxiousness, the kernel only accepts and masks off the 0x100 IPC_64 flag conditional on CONFIG_ARCH_WANT_IPC_PARSE_VERSION, i.e. for archs that want to provide, or that accidentally provided, both. for archs which don't define this option, no masking is performed and commands with the 0x100 bit set will fail as invalid. so ultimately, the definition is just a matter of matching an arbitrary switch defined per-arch in the kernel.
2019-07-28semtimedop: add time64 syscall support, decouple 32-bit time_tRich Felker-2/+24
time64 syscall is used only if it's the only one defined for the arch, or if the requested timeout does not fit in 32 bits. on current 32-bit archs where time_t is a 32-bit type, this makes it statically unreachable. on 64-bit archs, there is no change to the code after preprocessing. on current 32-bit archs, the time is passed via an intermediate copy to remove the assumption that time_t is a 32-bit type. to avoid duplicating SYS_ipc/SYS_semtimedop choice logic, the code for 32-bit archs "falls through" after updating the timeout argument ts to point to a [compound literal] array of longs. in preparation for "time64-only" 32-bit archs, an extra case is added for neither SYS_ipc nor the non-time64 SYS_semtimedop existing; the ENOSYS failure path here should never be reachable, and is added just in case a compiler can't see that it's not reachable, to avoid spurious static analysis complaints.
2019-07-01ipc: prefer SYS_ipc when it is definedSzabolcs Nagy-12/+12
Linux v5.1 introduced ipc syscalls on targets where previously only SYS_ipc was available, change the logic such that the ipc code keeps using SYS_ipc which works backward compatibly on older kernels. This changes behaviour on microblaze which had both mechanisms, now SYS_ipc will be used instead of separate syscalls.
2018-09-12reduce spurious inclusion of libc.hRich Felker-2/+0
libc.h was intended to be a header for access to global libc state and related interfaces, but ended up included all over the place because it was the way to get the weak_alias macro. most of the inclusions removed here are places where weak_alias was needed. a few were recently introduced for hidden. some go all the way back to when libc.h defined CANCELPT_BEGIN and _END, and all (wrongly implemented) cancellation points had to include it. remaining spurious users are mostly callers of the LOCK/UNLOCK macros and files that use the LFS64 macro to define the awful *64 aliases. in a few places, new inclusion of libc.h is added because several internal headers no longer implicitly include libc.h. declarations for __lockfile and __unlockfile are moved from libc.h to stdio_impl.h so that the latter does not need libc.h. putting them in libc.h made no sense at all, since the macros in stdio_impl.h are needed to use them correctly anyway.
2018-06-20work around broken kernel struct ipc_perm on some big endian archsRich Felker-6/+72
the mode member of struct ipc_perm is specified by POSIX to have type mode_t, which is uniformly defined as unsigned int. however, Linux defines it with type __kernel_mode_t, and defines __kernel_mode_t as unsigned short on some archs. since there is a subsequent padding field, treating it as a 32-bit unsigned int works on little endian archs, but the order is backwards on big endian archs with the erroneous definition. since multiple archs are affected, remedy the situation with fixup code in the affected functions (shmctl, semctl, and msgctl) rather than repeating the same shims in syscall_arch.h for every affected arch.
2017-08-12fix signed overflow in ftokDaniel Sabogal-1/+1
2014-03-13semctl: fix UB causing crashes on powerpcrofl0r-4/+8
it's UB to fetch variadic args when none are passed, and this caused real crashes on ppc due to its calling convention, which defines that for variadic functions aggregate types be passed as pointers. the assignment caused that pointer to get dereferenced, resulting in a crash.
2014-01-08fix inadvertent use of struct in place of union for semunRich Felker-3/+3
2014-01-08fix type of semctl variadic argumentRich Felker-4/+10
per POSIX, the variadic argument has type union semun, which may contain a pointer or int; the type read depends on the command being issued. this allows the userspace part of the implementation to be type-correct without requiring special-casing for different commands. the kernel always expects to receive the argument interpreted as unsigned long (or equivalently, a pointer), and does its own handling of extracting the int portion from the representation, as needed. this change fixes two possible issues: most immediately, reading the argument as a (signed) long and passing it to the syscall would perform incorrect sign-extension of pointers on the upcoming x32 target. the other possible issue is that some archs may use different (user-space) argument-passing convention for unions, preventing va_arg from correctly obtaining the argument when the type long (or even unsigned long or void *) is passed to it.
2013-11-09fix harmless inconsistency in semtimedopRich Felker-1/+1
this should not matter since the reality is that either all the sysv sem syscalls are individual syscalls, or all of them are multiplexed on the SYS_ipc syscall (depending on arch). but best to be consistent anyway.
2013-11-09implement semtimedopRich Felker-0/+14
this is a Linux-specific extension to the sysv semaphore api.
2013-06-29prevent shmget from allocating objects that overflow ptrdiff_tRich Felker-0/+2
rather than returning an error, we have to increase the size argument so high that the kernel will have no choice but to fail. this is because POSIX only permits the EINVAL error for size errors when a new shared memory segment would be created; if it already exists, the size argument must be ignored. unfortunately Linux is non-conforming in this regard, but I want to keep the code correct in userspace anyway so that if/when Linux is fixed, the behavior applications see will be conforming.
2013-06-28work around wrong kernel type for sem_nsems member of struct semid_dsRich Felker-0/+7
rejecting invalid values for n is fine even in the case where a new sem will not be created, since the kernel does its range checks on n even in this case as well. by default, the kernel will bound the limit well below USHRT_MAX anyway, but it's presumably possible that an administrator could override this limit and break things.
2012-10-28fix shmdt syscall calling convention on old archsRich Felker-1/+1
2012-09-22fix remaining IPC_64 issue (shmctl)Rich Felker-4/+2
also cleanup cruft related to the issue
2012-09-22fix IPC_64 in msgctl tooRich Felker-6/+2
2012-09-22fix broken semctl on systems that don't use IPC_64 flagRich Felker-2/+6
not tested on mips and arm; they may still be broken. x86_64 should be ok now.
2011-04-17overhaul pthread cancellationRich Felker-12/+4
this patch improves the correctness, simplicity, and size of cancellation-related code. modulo any small errors, it should now be completely conformant, safe, and resource-leak free. the notion of entering and exiting cancellation-point context has been completely eliminated and replaced with alternative syscall assembly code for cancellable syscalls. the assembly is responsible for setting up execution context information (stack pointer and address of the syscall instruction) which the cancellation signal handler can use to determine whether the interrupted code was in a cancellable state. these changes eliminate race conditions in the previous generation of cancellation handling code (whereby a cancellation request received just prior to the syscall would not be processed, leaving the syscall to block, potentially indefinitely), and remedy an issue where non-cancellable syscalls made from signal handlers became cancellable if the signal handler interrupted a cancellation point. x86_64 asm is untested and may need a second try to get it right.
2011-04-13numerous fixes to sysv ipcRich Felker-5/+5
some of these definitions were just plain wrong, others based on outdated ancient "non-64" versions of the kernel interface. as much as possible has now been moved out of bits/* these changes break abi (the old abi for these functions was wrong), but since they were not working anyway it can hardly matter.
2011-04-06consistency: change all remaining syscalls to use SYS_ rather than __NR_ prefixRich Felker-11/+11
2011-04-06fix incorrect (and conflicting on LP64 archs) types for sysv ipc msgq functionsRich Felker-1/+1
2011-04-05add sysv ipc message queues (completely untested)Rich Felker-0/+58
2011-03-20global cleanup to use the new syscall interfaceRich Felker-14/+14
2011-02-13fixed missing cast in the non-i386 version of shmat (preparation for ports)Rich Felker-1/+1
2011-02-12initial check-in, version 0.5.0v0.5.0Rich Felker-0/+118