| msg.c (712cba5d87a6c0e980ee5fad45734e189c4d7151) | msg.c (194a6b5b9cb6b91a5f7d86984165a3bc55188599) |
|---|---|
| 1/* 2 * linux/ipc/msg.c 3 * Copyright (C) 1992 Krishna Balasubramanian 4 * 5 * Removed all the remaining kerneld mess 6 * Catch the -EFAULT stuff properly 7 * Use GFP_KERNEL for messages as in 1.2 8 * Fixed up the unchecked user space derefs --- 221 unchanged lines hidden (view full) --- 230 * 231 * msg_ids.rwsem (writer) and the spinlock for this message queue are held 232 * before freeque() is called. msg_ids.rwsem remains locked on exit. 233 */ 234static void freeque(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp) 235{ 236 struct msg_msg *msg, *t; 237 struct msg_queue *msq = container_of(ipcp, struct msg_queue, q_perm); | 1/* 2 * linux/ipc/msg.c 3 * Copyright (C) 1992 Krishna Balasubramanian 4 * 5 * Removed all the remaining kerneld mess 6 * Catch the -EFAULT stuff properly 7 * Use GFP_KERNEL for messages as in 1.2 8 * Fixed up the unchecked user space derefs --- 221 unchanged lines hidden (view full) --- 230 * 231 * msg_ids.rwsem (writer) and the spinlock for this message queue are held 232 * before freeque() is called. msg_ids.rwsem remains locked on exit. 233 */ 234static void freeque(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp) 235{ 236 struct msg_msg *msg, *t; 237 struct msg_queue *msq = container_of(ipcp, struct msg_queue, q_perm); |
| 238 WAKE_Q(wake_q); | 238 DEFINE_WAKE_Q(wake_q); |
| 239 240 expunge_all(msq, -EIDRM, &wake_q); 241 ss_wakeup(msq, &wake_q, true); 242 msg_rmid(ns, msq); 243 ipc_unlock_object(&msq->q_perm); 244 wake_up_q(&wake_q); 245 rcu_read_unlock(); 246 --- 145 unchanged lines hidden (view full) --- 392 switch (cmd) { 393 case IPC_RMID: 394 ipc_lock_object(&msq->q_perm); 395 /* freeque unlocks the ipc object and rcu */ 396 freeque(ns, ipcp); 397 goto out_up; 398 case IPC_SET: 399 { | 239 240 expunge_all(msq, -EIDRM, &wake_q); 241 ss_wakeup(msq, &wake_q, true); 242 msg_rmid(ns, msq); 243 ipc_unlock_object(&msq->q_perm); 244 wake_up_q(&wake_q); 245 rcu_read_unlock(); 246 --- 145 unchanged lines hidden (view full) --- 392 switch (cmd) { 393 case IPC_RMID: 394 ipc_lock_object(&msq->q_perm); 395 /* freeque unlocks the ipc object and rcu */ 396 freeque(ns, ipcp); 397 goto out_up; 398 case IPC_SET: 399 { |
| 400 WAKE_Q(wake_q); | 400 DEFINE_WAKE_Q(wake_q); |
| 401 402 if (msqid64.msg_qbytes > ns->msg_ctlmnb && 403 !capable(CAP_SYS_RESOURCE)) { 404 err = -EPERM; 405 goto out_unlock1; 406 } 407 408 ipc_lock_object(&msq->q_perm); --- 220 unchanged lines hidden (view full) --- 629 630long do_msgsnd(int msqid, long mtype, void __user *mtext, 631 size_t msgsz, int msgflg) 632{ 633 struct msg_queue *msq; 634 struct msg_msg *msg; 635 int err; 636 struct ipc_namespace *ns; | 401 402 if (msqid64.msg_qbytes > ns->msg_ctlmnb && 403 !capable(CAP_SYS_RESOURCE)) { 404 err = -EPERM; 405 goto out_unlock1; 406 } 407 408 ipc_lock_object(&msq->q_perm); --- 220 unchanged lines hidden (view full) --- 629 630long do_msgsnd(int msqid, long mtype, void __user *mtext, 631 size_t msgsz, int msgflg) 632{ 633 struct msg_queue *msq; 634 struct msg_msg *msg; 635 int err; 636 struct ipc_namespace *ns; |
| 637 WAKE_Q(wake_q); | 637 DEFINE_WAKE_Q(wake_q); |
| 638 639 ns = current->nsproxy->ipc_ns; 640 641 if (msgsz > ns->msg_ctlmax || (long) msgsz < 0 || msqid < 0) 642 return -EINVAL; 643 if (mtype < 1) 644 return -EINVAL; 645 --- 199 unchanged lines hidden (view full) --- 845 846long do_msgrcv(int msqid, void __user *buf, size_t bufsz, long msgtyp, int msgflg, 847 long (*msg_handler)(void __user *, struct msg_msg *, size_t)) 848{ 849 int mode; 850 struct msg_queue *msq; 851 struct ipc_namespace *ns; 852 struct msg_msg *msg, *copy = NULL; | 638 639 ns = current->nsproxy->ipc_ns; 640 641 if (msgsz > ns->msg_ctlmax || (long) msgsz < 0 || msqid < 0) 642 return -EINVAL; 643 if (mtype < 1) 644 return -EINVAL; 645 --- 199 unchanged lines hidden (view full) --- 845 846long do_msgrcv(int msqid, void __user *buf, size_t bufsz, long msgtyp, int msgflg, 847 long (*msg_handler)(void __user *, struct msg_msg *, size_t)) 848{ 849 int mode; 850 struct msg_queue *msq; 851 struct ipc_namespace *ns; 852 struct msg_msg *msg, *copy = NULL; |
| 853 WAKE_Q(wake_q); | 853 DEFINE_WAKE_Q(wake_q); |
| 854 855 ns = current->nsproxy->ipc_ns; 856 857 if (msqid < 0 || (long) bufsz < 0) 858 return -EINVAL; 859 860 if (msgflg & MSG_COPY) { 861 if ((msgflg & MSG_EXCEPT) || !(msgflg & IPC_NOWAIT)) --- 203 unchanged lines hidden --- | 854 855 ns = current->nsproxy->ipc_ns; 856 857 if (msqid < 0 || (long) bufsz < 0) 858 return -EINVAL; 859 860 if (msgflg & MSG_COPY) { 861 if ((msgflg & MSG_EXCEPT) || !(msgflg & IPC_NOWAIT)) --- 203 unchanged lines hidden --- |