svn commit: r352700 - in head/sys: compat/freebsd32 kern sys

Wed Sep 25 17:59:17 UTC 2019

Author: kevans
Date: Wed Sep 25 17:59:15 2019
New Revision: 352700
URL: https://svnweb.freebsd.org/changeset/base/352700

Log:
  Add a shm_open2 syscall to support upcoming memfd_create
  
  shm_open2 allows a little more flexibility than the original shm_open.
  shm_open2 doesn't enforce CLOEXEC on its callers, and it has a separate
  shmflag argument that can be expanded later. Currently the only shmflag is
  to allow file sealing on the returned fd.
  
  shm_open and memfd_create will both be implemented in libc to use this new
  syscall.
  
  __FreeBSD_version is bumped to indicate the presence.
  
  Reviewed by:	kib, markj
  Differential Revision:	https://reviews.freebsd.org/D21393

Modified:
  head/sys/compat/freebsd32/syscalls.master
  head/sys/kern/capabilities.conf
  head/sys/kern/syscalls.master
  head/sys/kern/uipc_shm.c
  head/sys/sys/mman.h
  head/sys/sys/param.h
  head/sys/sys/syscallsubr.h

Modified: head/sys/compat/freebsd32/syscalls.master
==============================================================================

--- head/sys/compat/freebsd32/syscalls.master	Wed Sep 25 17:52:59 2019	(r352699)
+++ head/sys/compat/freebsd32/syscalls.master	Wed Sep 25 17:59:15 2019	(r352700)
@@ -1154,5 +1154,8 @@
 570	AUE_SYSCTL	STD	{ int freebsd32___sysctlbyname(const char *name, \
 				    size_t namelen, void *old, uint32_t *oldlenp, \
 				    void *new, size_t newlen); }
+571	AUE_SHMOPEN	NOPROTO	{ int shm_open2( \
+				    const char *path, int flags, mode_t mode, \
+				    int shmflags, const char *name); }
 
 ; vim: syntax=off

Modified: head/sys/kern/capabilities.conf
==============================================================================
--- head/sys/kern/capabilities.conf	Wed Sep 25 17:52:59 2019	(r352699)
+++ head/sys/kern/capabilities.conf	Wed Sep 25 17:59:15 2019	(r352700)
@@ -655,6 +655,7 @@ setuid
 ## shm_open(2) is scoped so as to allow only access to new anonymous objects.
 ##
 shm_open
+shm_open2
 
 ##
 ## Allow I/O-related file descriptors, subject to capability rights.

Modified: head/sys/kern/syscalls.master
==============================================================================
--- head/sys/kern/syscalls.master	Wed Sep 25 17:52:59 2019	(r352699)
+++ head/sys/kern/syscalls.master	Wed Sep 25 17:59:15 2019	(r352700)
@@ -3195,6 +3195,15 @@
 		    _In_reads_bytes_opt_(newlen) void *new,
 		    size_t newlen);
 	}
+571	AUE_SHMOPEN	STD {
+		int shm_open2(
+		    _In_z_ const char *path,
+		    int flags,
+		    mode_t mode,
+		    int shmflags,
+		    _In_z_ const char *name
+		);
+	}
 
 ; Please copy any additions and changes to the following compatability tables:
 ; sys/compat/freebsd32/syscalls.master

Modified: head/sys/kern/uipc_shm.c
==============================================================================
--- head/sys/kern/uipc_shm.c	Wed Sep 25 17:52:59 2019	(r352699)
+++ head/sys/kern/uipc_shm.c	Wed Sep 25 17:59:15 2019	(r352700)
@@ -1316,3 +1316,36 @@ SYSCTL_PROC(_kern_ipc, OID_AUTO, posix_shm_list,
     CTLFLAG_RD | CTLFLAG_MPSAFE | CTLTYPE_OPAQUE,
     NULL, 0, sysctl_posix_shm_list, "",
     "POSIX SHM list");
+
+int
+kern_shm_open2(struct thread *td, const char *path, int flags, mode_t mode,
+    int shmflags, const char *name __unused)
+{
+	int initial_seals;
+
+	if ((shmflags & ~SHM_ALLOW_SEALING) != 0)
+		return (EINVAL);
+
+	initial_seals = F_SEAL_SEAL;
+	if ((shmflags & SHM_ALLOW_SEALING) != 0)
+		initial_seals &= ~F_SEAL_SEAL;
+	return (kern_shm_open(td, path, flags, 0, NULL, initial_seals));
+}
+
+/*
+ * This version of the shm_open() interface leaves CLOEXEC behavior up to the
+ * caller, and libc will enforce it for the traditional shm_open() call.  This
+ * allows other consumers, like memfd_create(), to opt-in for CLOEXEC.  This
+ * interface also includes a 'name' argument that is currently unused, but could
+ * potentially be exported later via some interface for debugging purposes.
+ * From the kernel's perspective, it is optional.  Individual consumers like
+ * memfd_create() may require it in order to be compatible with other systems
+ * implementing the same function.
+ */
+int
+sys_shm_open2(struct thread *td, struct shm_open2_args *uap)
+{
+
+	return (kern_shm_open2(td, uap->path, uap->flags, uap->mode,
+	    uap->shmflags, uap->name));
+}

Modified: head/sys/sys/mman.h
==============================================================================
--- head/sys/sys/mman.h	Wed Sep 25 17:52:59 2019	(r352699)
+++ head/sys/sys/mman.h	Wed Sep 25 17:59:15 2019	(r352700)
@@ -176,6 +176,12 @@
  * Anonymous object constant for shm_open().
  */
 #define	SHM_ANON		((char *)1)
+
+/*
+ * shmflags for shm_open2()
+ */
+#define	SHM_ALLOW_SEALING		0x00000001
+
 #endif /* __BSD_VISIBLE */
 
 /*

Modified: head/sys/sys/param.h
==============================================================================
--- head/sys/sys/param.h	Wed Sep 25 17:52:59 2019	(r352699)
+++ head/sys/sys/param.h	Wed Sep 25 17:59:15 2019	(r352700)
@@ -60,7 +60,7 @@
  *		in the range 5 to 9.
  */
 #undef __FreeBSD_version
-#define __FreeBSD_version 1300047	/* Master, propagated to newvers */
+#define __FreeBSD_version 1300048	/* Master, propagated to newvers */
 
 /*
  * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,

Modified: head/sys/sys/syscallsubr.h
==============================================================================
--- head/sys/sys/syscallsubr.h	Wed Sep 25 17:52:59 2019	(r352699)
+++ head/sys/sys/syscallsubr.h	Wed Sep 25 17:59:15 2019	(r352700)
@@ -251,6 +251,8 @@ int	kern_settimeofday(struct thread *td, struct timeva
 	    struct timezone *tzp);
 int	kern_shm_open(struct thread *td, const char *userpath, int flags,
 	    mode_t mode, struct filecaps *fcaps, int initial_seals);
+int	kern_shm_open2(struct thread *td, const char *path, int flags,
+	    mode_t mode, int shmflags, const char *name);
 int	kern_shmat(struct thread *td, int shmid, const void *shmaddr,
 	    int shmflg);
 int	kern_shmctl(struct thread *td, int shmid, int cmd, void *buf,
