1 /* $NetBSD: sysv_ipc.c,v 1.7 1994/06/29 06:33:11 cgd Exp $ */
3 * Copyright (c) 1994 Herb Peyerl <hpeyerl@novatel.ca>
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. All advertising materials mentioning features or use of this software
15 * must display the following acknowledgement:
16 * This product includes software developed by Herb Peyerl.
17 * 4. The name of Herb Peyerl may not be used to endorse or promote products
18 * derived from this software without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
21 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
22 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
23 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
24 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
25 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
29 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
35 #include "opt_sysvipc.h"
37 #include <sys/param.h>
38 #include <sys/systm.h>
43 #include <sys/ucred.h>
45 void (*shmfork_hook)(struct proc *, struct proc *) = NULL;
46 void (*shmexit_hook)(struct vmspace *) = NULL;
48 /* called from kern_fork.c */
54 if (shmfork_hook != NULL)
59 /* called from kern_exit.c */
61 shmexit(struct vmspace *vm)
64 if (shmexit_hook != NULL)
70 * Check for IPC permission.
72 * Note: The MAC Framework does not require any modifications to the
73 * ipcperm() function, as access control checks are performed throughout the
74 * implementation of each primitive. Those entry point calls complement the
75 * ipcperm() discertionary checks.
78 ipcperm(td, perm, mode)
80 struct ipc_perm *perm;
83 struct ucred *cred = td->td_ucred;
86 if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) {
88 * For a non-create/owner, we require privilege to
89 * modify the object protections. Note: some other
90 * implementations permit IPC_M to be delegated to
91 * unprivileged non-creator/owner uids/gids.
99 * Try to match against creator/owner group; if not, fall
103 if (!groupmember(perm->gid, cred) &&
104 !groupmember(perm->cgid, cred))
108 * Always permit the creator/owner to update the object
109 * protections regardless of whether the object mode
116 if ((mode & perm->mode) != mode) {