From ed67173357031d9a501e41b6be05cfc438f44adc Mon Sep 17 00:00:00 2001 From: Manfred Spraul Date: Sat, 30 Oct 2021 14:27:25 +0200 Subject: [PATCH 3/3] [DEBUG CODE] instrummented ipc/shm.c Target: show that namespaces cannot outlive a shm segment. Signed-off-by: Manfred Spraul --- ipc/shm.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/ipc/shm.c b/ipc/shm.c index ebb25a8ecc58..6222d5b8acf6 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -126,6 +126,7 @@ static void do_shm_rmid(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp) shp = container_of(ipcp, struct shmid_kernel, shm_perm); WARN_ON(ns != shp->ns); +pr_info("do_shm_rmid(): shp %px: shp->shm_nattch %ld.\n", shp, shp->shm_nattch); if (shp->shm_nattch) { shp->shm_perm.mode |= SHM_DEST; /* Do not find it any more */ @@ -138,9 +139,11 @@ static void do_shm_rmid(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp) #ifdef CONFIG_IPC_NS void shm_exit_ns(struct ipc_namespace *ns) { +pr_info("namespace %px: in exit_ns.\n", ns); free_ipcs(ns, &shm_ids(ns), do_shm_rmid); idr_destroy(&ns->ids[IPC_SHM_IDS].ipcs_idr); rhashtable_destroy(&ns->ids[IPC_SHM_IDS].key_ht); +pr_info("namespace %px: end of exit_ns.\n", ns); } #endif @@ -287,6 +290,7 @@ static int __shm_open(struct vm_area_struct *vma) shp->shm_atim = ktime_get_real_seconds(); ipc_update_pid(&shp->shm_lprid, task_tgid(current)); +pr_info("__shm_open(): before ++: shp %px, sfd->file %px: shp->shm_nattch %ld.\n", shp, sfd->file, shp->shm_nattch); shp->shm_nattch++; shm_unlock(shp); return 0; @@ -344,6 +348,7 @@ static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp) */ static bool shm_may_destroy(struct shmid_kernel *shp) { +pr_info("shm_may_destroy(): shp %px: shp->shm_nattch %ld.\n", shp, shp->shm_nattch); return (shp->shm_nattch == 0) && (shp->ns->shm_rmid_forced || (shp->shm_perm.mode & SHM_DEST)); @@ -375,6 +380,7 @@ static void shm_close(struct vm_area_struct *vma) ipc_update_pid(&shp->shm_lprid, task_tgid(current)); shp->shm_dtim = ktime_get_real_seconds(); +pr_info("shm_close(): before --: shp %px: shp->shm_nattch %ld.\n", shp, shp->shm_nattch); shp->shm_nattch--; if (shm_may_destroy(shp)) shm_destroy(ns, shp); @@ -590,6 +596,7 @@ static int shm_release(struct inode *ino, struct file *file) { struct shm_file_data *sfd = shm_file_data(file); +pr_info("shm_release: file %px, put_ipc_ns().\n", sfd->file); put_ipc_ns(sfd->ns); fput(sfd->file); shm_file_data(file) = NULL; @@ -748,6 +755,7 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params) shp->shm_segsz = size; shp->shm_nattch = 0; shp->shm_file = file; +pr_info("newseg(): shp %px: shp->shm_nattch %ld ->shmfile %px.\n", shp, shp->shm_nattch, shp->shm_file); shp->shm_creator = current; /* ipc_addid() locks shp upon success. */ @@ -1588,6 +1596,7 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, * detect shm ID reuse we need to compare the file pointers. */ base = get_file(shp->shm_file); +pr_info("do_shmat(): shp %px: shp->shm_nattch %ld.\n", shp, shp->shm_nattch); shp->shm_nattch++; size = i_size_read(file_inode(base)); ipc_unlock_object(&shp->shm_perm); @@ -1612,6 +1621,7 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, } sfd->id = shp->shm_perm.id; +pr_info("do_shmat(): shp %px: get_ipc_ns().\n", shp); sfd->ns = get_ipc_ns(ns); sfd->file = base; sfd->vm_ops = NULL; @@ -1651,6 +1661,7 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, out_nattch: down_write(&shm_ids(ns).rwsem); shp = shm_lock(ns, shmid); +pr_info("do_shmat() before --: shp %px: shp->shm_nattch %ld.\n", shp, shp->shm_nattch); shp->shm_nattch--; if (shm_may_destroy(shp)) -- 2.31.1