namespaces: move the IPC namespace under IPC_NS option

[safe/jmp/linux-2.6] / ipc / msg.c

diff --git a/ipc/msg.c b/ipc/msg.c
index b7274db..5879bfe 100644 (file)
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -34,8 +34,9 @@
 #include <linux/syscalls.h>
 #include <linux/audit.h>
 #include <linux/seq_file.h>
-#include <linux/mutex.h>
+#include <linux/rwsem.h>
 #include <linux/nsproxy.h>
+#include <linux/ipc_namespace.h>
 
 #include <asm/current.h>
 #include <asm/uaccess.h>
@@ -66,16 +67,12 @@ struct msg_sender {
 #define SEARCH_NOTEQUAL                3
 #define SEARCH_LESSEQUAL       4
 
-static atomic_t msg_bytes =    ATOMIC_INIT(0);
-static atomic_t msg_hdrs =     ATOMIC_INIT(0);
-
 static struct ipc_ids init_msg_ids;
 
 #define msg_ids(ns)    (*((ns)->ids[IPC_MSG_IDS]))
 
 #define msg_unlock(msq)                ipc_unlock(&(msq)->q_perm)
-#define msg_buildid(ns, id, seq) \
-       ipc_buildid(&msg_ids(ns), id, seq)
+#define msg_buildid(id, seq)   ipc_buildid(id, seq)
 
 static void freeque(struct ipc_namespace *, struct msg_queue *);
 static int newque(struct ipc_namespace *, struct ipc_params *);
@@ -89,9 +86,12 @@ static void __msg_init_ns(struct ipc_namespace *ns, struct ipc_ids *ids)
        ns->msg_ctlmax = MSGMAX;
        ns->msg_ctlmnb = MSGMNB;
        ns->msg_ctlmni = MSGMNI;
+       atomic_set(&ns->msg_bytes, 0);
+       atomic_set(&ns->msg_hdrs, 0);
        ipc_init_ids(ids);
 }
 
+#ifdef CONFIG_IPC_NS
 int msg_init_ns(struct ipc_namespace *ns)
 {
        struct ipc_ids *ids;
@@ -107,26 +107,30 @@ int msg_init_ns(struct ipc_namespace *ns)
 void msg_exit_ns(struct ipc_namespace *ns)
 {
        struct msg_queue *msq;
+       struct kern_ipc_perm *perm;
        int next_id;
        int total, in_use;
 
-       mutex_lock(&msg_ids(ns).mutex);
+       down_write(&msg_ids(ns).rw_mutex);
 
        in_use = msg_ids(ns).in_use;
 
        for (total = 0, next_id = 0; total < in_use; next_id++) {
-               msq = idr_find(&msg_ids(ns).ipcs_idr, next_id);
-               if (msq == NULL)
+               perm = idr_find(&msg_ids(ns).ipcs_idr, next_id);
+               if (perm == NULL)
                        continue;
-               ipc_lock_by_ptr(&msq->q_perm);
+               ipc_lock_by_ptr(perm);
+               msq = container_of(perm, struct msg_queue, q_perm);
                freeque(ns, msq);
                total++;
        }
-       mutex_unlock(&msg_ids(ns).mutex);
+
+       up_write(&msg_ids(ns).rw_mutex);
 
        kfree(ns->ids[IPC_MSG_IDS]);
        ns->ids[IPC_MSG_IDS] = NULL;
 }
+#endif
 
 void __init msg_init(void)
 {
@@ -136,10 +140,32 @@ void __init msg_init(void)
                                IPC_MSG_IDS, sysvipc_msg_proc_show);
 }
 
+/*
+ * This routine is called in the paths where the rw_mutex is held to protect
+ * access to the idr tree.
+ */
+static inline struct msg_queue *msg_lock_check_down(struct ipc_namespace *ns,
+                                               int id)
+{
+       struct kern_ipc_perm *ipcp = ipc_lock_check_down(&msg_ids(ns), id);
+
+       if (IS_ERR(ipcp))
+               return (struct msg_queue *)ipcp;
+
+       return container_of(ipcp, struct msg_queue, q_perm);
+}
+
+/*
+ * msg_lock_(check_) routines are called in the paths where the rw_mutex
+ * is not held.
+ */
 static inline struct msg_queue *msg_lock(struct ipc_namespace *ns, int id)
 {
        struct kern_ipc_perm *ipcp = ipc_lock(&msg_ids(ns), id);
 
+       if (IS_ERR(ipcp))
+               return (struct msg_queue *)ipcp;
+
        return container_of(ipcp, struct msg_queue, q_perm);
 }
 
@@ -148,6 +174,9 @@ static inline struct msg_queue *msg_lock_check(struct ipc_namespace *ns,
 {
        struct kern_ipc_perm *ipcp = ipc_lock_check(&msg_ids(ns), id);
 
+       if (IS_ERR(ipcp))
+               return (struct msg_queue *)ipcp;
+
        return container_of(ipcp, struct msg_queue, q_perm);
 }
 
@@ -161,7 +190,7 @@ static inline void msg_rmid(struct ipc_namespace *ns, struct msg_queue *s)
  * @ns: namespace
  * @params: ptr to the structure that contains the key and msgflg
  *
- * Called with msg_ids.mutex held
+ * Called with msg_ids.rw_mutex held (writer)
  */
 static int newque(struct ipc_namespace *ns, struct ipc_params *params)
 {
@@ -188,13 +217,13 @@ static int newque(struct ipc_namespace *ns, struct ipc_params *params)
         * ipc_addid() locks msq
         */
        id = ipc_addid(&msg_ids(ns), &msq->q_perm, ns->msg_ctlmni);
-       if (id == -1) {
+       if (id < 0) {
                security_msg_queue_free(msq);
                ipc_rcu_putref(msq);
-               return -ENOSPC;
+               return id;
        }
 
-       msq->q_perm.id = msg_buildid(ns, id, msq->q_perm.seq);
+       msq->q_perm.id = msg_buildid(id, msq->q_perm.seq);
        msq->q_stime = msq->q_rtime = 0;
        msq->q_ctime = get_seconds();
        msq->q_cbytes = msq->q_qnum = 0;
@@ -260,8 +289,8 @@ static void expunge_all(struct msg_queue *msq, int res)
  * removes the message queue from message queue ID IDR, and cleans up all the
  * messages associated with this queue.
  *
- * msg_ids.mutex and the spinlock for this message queue are held
- * before freeque() is called. msg_ids.mutex remains locked on exit.
+ * msg_ids.rw_mutex (writer) and the spinlock for this message queue are held
+ * before freeque() is called. msg_ids.rw_mutex remains locked on exit.
  */
 static void freeque(struct ipc_namespace *ns, struct msg_queue *msq)
 {
@@ -277,16 +306,16 @@ static void freeque(struct ipc_namespace *ns, struct msg_queue *msq)
                struct msg_msg *msg = list_entry(tmp, struct msg_msg, m_list);
 
                tmp = tmp->next;
-               atomic_dec(&msg_hdrs);
+               atomic_dec(&ns->msg_hdrs);
                free_msg(msg);
        }
-       atomic_sub(msq->q_cbytes, &msg_bytes);
+       atomic_sub(msq->q_cbytes, &ns->msg_bytes);
        security_msg_queue_free(msq);
        ipc_rcu_putref(msq);
 }
 
 /*
- * Called with msg_ids.mutex and ipcp locked.
+ * Called with msg_ids.rw_mutex and ipcp locked.
  */
 static inline int msg_security(struct kern_ipc_perm *ipcp, int msgflg)
 {
@@ -444,18 +473,18 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf)
                msginfo.msgmnb = ns->msg_ctlmnb;
                msginfo.msgssz = MSGSSZ;
                msginfo.msgseg = MSGSEG;
-               mutex_lock(&msg_ids(ns).mutex);
+               down_read(&msg_ids(ns).rw_mutex);
                if (cmd == MSG_INFO) {
                        msginfo.msgpool = msg_ids(ns).in_use;
-                       msginfo.msgmap = atomic_read(&msg_hdrs);
-                       msginfo.msgtql = atomic_read(&msg_bytes);
+                       msginfo.msgmap = atomic_read(&ns->msg_hdrs);
+                       msginfo.msgtql = atomic_read(&ns->msg_bytes);
                } else {
                        msginfo.msgmap = MSGMAP;
                        msginfo.msgpool = MSGPOOL;
                        msginfo.msgtql = MSGTQL;
                }
                max_id = ipc_get_maxid(&msg_ids(ns));
-               mutex_unlock(&msg_ids(ns).mutex);
+               up_read(&msg_ids(ns).rw_mutex);
                if (copy_to_user(buf, &msginfo, sizeof(struct msginfo)))
                        return -EFAULT;
                return (max_id < 0) ? 0 : max_id;
@@ -516,8 +545,8 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf)
                return  -EINVAL;
        }
 
-       mutex_lock(&msg_ids(ns).mutex);
-       msq = msg_lock_check(ns, msqid);
+       down_write(&msg_ids(ns).rw_mutex);
+       msq = msg_lock_check_down(ns, msqid);
        if (IS_ERR(msq)) {
                err = PTR_ERR(msq);
                goto out_up;
@@ -576,7 +605,7 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf)
        }
        err = 0;
 out_up:
-       mutex_unlock(&msg_ids(ns).mutex);
+       up_write(&msg_ids(ns).rw_mutex);
        return err;
 out_unlock_up:
        msg_unlock(msq);
@@ -719,8 +748,8 @@ long do_msgsnd(int msqid, long mtype, void __user *mtext,
                list_add_tail(&msg->m_list, &msq->q_messages);
                msq->q_cbytes += msgsz;
                msq->q_qnum++;
-               atomic_add(msgsz, &msg_bytes);
-               atomic_inc(&msg_hdrs);
+               atomic_add(msgsz, &ns->msg_bytes);
+               atomic_inc(&ns->msg_hdrs);
        }
 
        err = 0;
@@ -824,8 +853,8 @@ long do_msgrcv(int msqid, long *pmtype, void __user *mtext,
                        msq->q_rtime = get_seconds();
                        msq->q_lrpid = task_tgid_vnr(current);
                        msq->q_cbytes -= msg->m_ts;
-                       atomic_sub(msg->m_ts, &msg_bytes);
-                       atomic_dec(&msg_hdrs);
+                       atomic_sub(msg->m_ts, &ns->msg_bytes);
+                       atomic_dec(&ns->msg_hdrs);
                        ss_wakeup(&msq->q_senders, 0);
                        msg_unlock(msq);
                        break;