This source file includes following definitions.
- shm_init
- findkey
- newseg
- sys_shmget
- killseg
- sys_shmctl
- insert_attach
- remove_attach
- shm_map
- sys_shmat
- shm_open
- shm_close
- sys_shmdt
- shm_swap_in
- shm_swap
1
2
3
4
5
6
7
8 #include <linux/errno.h>
9 #include <linux/sched.h>
10 #include <linux/mm.h>
11 #include <linux/ipc.h>
12 #include <linux/shm.h>
13 #include <linux/stat.h>
14 #include <linux/malloc.h>
15
16 #include <asm/segment.h>
17 #include <asm/pgtable.h>
18
19 extern int ipcperms (struct ipc_perm *ipcp, short shmflg);
20 extern unsigned int get_swap_page (void);
21 static int findkey (key_t key);
22 static int newseg (key_t key, int shmflg, int size);
23 static int shm_map (struct vm_area_struct *shmd, int remap);
24 static void killseg (int id);
25 static void shm_open (struct vm_area_struct *shmd);
26 static void shm_close (struct vm_area_struct *shmd);
27 static pte_t shm_swap_in(struct vm_area_struct *, unsigned long, unsigned long);
28
29 static int shm_tot = 0;
30 static int shm_rss = 0;
31 static int shm_swp = 0;
32 static int max_shmid = 0;
33 static struct wait_queue *shm_lock = NULL;
34 static struct shmid_ds *shm_segs[SHMMNI];
35
36 static unsigned short shm_seq = 0;
37
38
39 static ulong swap_attempts = 0;
40 static ulong swap_successes = 0;
41 static ulong used_segs = 0;
42
43 void shm_init (void)
44 {
45 int id;
46
47 for (id = 0; id < SHMMNI; id++)
48 shm_segs[id] = (struct shmid_ds *) IPC_UNUSED;
49 shm_tot = shm_rss = shm_seq = max_shmid = used_segs = 0;
50 shm_lock = NULL;
51 return;
52 }
53
54 static int findkey (key_t key)
55 {
56 int id;
57 struct shmid_ds *shp;
58
59 for (id = 0; id <= max_shmid; id++) {
60 while ((shp = shm_segs[id]) == IPC_NOID)
61 sleep_on (&shm_lock);
62 if (shp == IPC_UNUSED)
63 continue;
64 if (key == shp->shm_perm.key)
65 return id;
66 }
67 return -1;
68 }
69
70
71
72
73 static int newseg (key_t key, int shmflg, int size)
74 {
75 struct shmid_ds *shp;
76 int numpages = (size + PAGE_SIZE -1) >> PAGE_SHIFT;
77 int id, i;
78
79 if (size < SHMMIN)
80 return -EINVAL;
81 if (shm_tot + numpages >= SHMALL)
82 return -ENOSPC;
83 for (id = 0; id < SHMMNI; id++)
84 if (shm_segs[id] == IPC_UNUSED) {
85 shm_segs[id] = (struct shmid_ds *) IPC_NOID;
86 goto found;
87 }
88 return -ENOSPC;
89
90 found:
91 shp = (struct shmid_ds *) kmalloc (sizeof (*shp), GFP_KERNEL);
92 if (!shp) {
93 shm_segs[id] = (struct shmid_ds *) IPC_UNUSED;
94 if (shm_lock)
95 wake_up (&shm_lock);
96 return -ENOMEM;
97 }
98
99 shp->shm_pages = (ulong *) kmalloc (numpages*sizeof(ulong),GFP_KERNEL);
100 if (!shp->shm_pages) {
101 shm_segs[id] = (struct shmid_ds *) IPC_UNUSED;
102 if (shm_lock)
103 wake_up (&shm_lock);
104 kfree(shp);
105 return -ENOMEM;
106 }
107
108 for (i = 0; i < numpages; shp->shm_pages[i++] = 0);
109 shm_tot += numpages;
110 shp->shm_perm.key = key;
111 shp->shm_perm.mode = (shmflg & S_IRWXUGO);
112 shp->shm_perm.cuid = shp->shm_perm.uid = current->euid;
113 shp->shm_perm.cgid = shp->shm_perm.gid = current->egid;
114 shp->shm_perm.seq = shm_seq;
115 shp->shm_segsz = size;
116 shp->shm_cpid = current->pid;
117 shp->attaches = NULL;
118 shp->shm_lpid = shp->shm_nattch = 0;
119 shp->shm_atime = shp->shm_dtime = 0;
120 shp->shm_ctime = CURRENT_TIME;
121 shp->shm_npages = numpages;
122
123 if (id > max_shmid)
124 max_shmid = id;
125 shm_segs[id] = shp;
126 used_segs++;
127 if (shm_lock)
128 wake_up (&shm_lock);
129 return (unsigned int) shp->shm_perm.seq * SHMMNI + id;
130 }
131
132 int sys_shmget (key_t key, int size, int shmflg)
133 {
134 struct shmid_ds *shp;
135 int id = 0;
136
137 if (size < 0 || size > SHMMAX)
138 return -EINVAL;
139 if (key == IPC_PRIVATE)
140 return newseg(key, shmflg, size);
141 if ((id = findkey (key)) == -1) {
142 if (!(shmflg & IPC_CREAT))
143 return -ENOENT;
144 return newseg(key, shmflg, size);
145 }
146 if ((shmflg & IPC_CREAT) && (shmflg & IPC_EXCL))
147 return -EEXIST;
148 shp = shm_segs[id];
149 if (shp->shm_perm.mode & SHM_DEST)
150 return -EIDRM;
151 if (size > shp->shm_segsz)
152 return -EINVAL;
153 if (ipcperms (&shp->shm_perm, shmflg))
154 return -EACCES;
155 return (unsigned int) shp->shm_perm.seq * SHMMNI + id;
156 }
157
158
159
160
161
162 static void killseg (int id)
163 {
164 struct shmid_ds *shp;
165 int i, numpages;
166
167 shp = shm_segs[id];
168 if (shp == IPC_NOID || shp == IPC_UNUSED) {
169 printk ("shm nono: killseg called on unused seg id=%d\n", id);
170 return;
171 }
172 shp->shm_perm.seq++;
173 shm_seq = (shm_seq+1) % ((unsigned)(1<<31)/SHMMNI);
174 shm_segs[id] = (struct shmid_ds *) IPC_UNUSED;
175 used_segs--;
176 if (id == max_shmid)
177 while (max_shmid && (shm_segs[--max_shmid] == IPC_UNUSED));
178 if (!shp->shm_pages) {
179 printk ("shm nono: killseg shp->pages=NULL. id=%d\n", id);
180 return;
181 }
182 numpages = shp->shm_npages;
183 for (i = 0; i < numpages ; i++) {
184 pte_t pte;
185 pte_val(pte) = shp->shm_pages[i];
186 if (pte_none(pte))
187 continue;
188 if (pte_present(pte)) {
189 free_page (pte_page(pte));
190 shm_rss--;
191 } else {
192 swap_free(pte_val(pte));
193 shm_swp--;
194 }
195 }
196 kfree(shp->shm_pages);
197 shm_tot -= numpages;
198 kfree(shp);
199 return;
200 }
201
202 int sys_shmctl (int shmid, int cmd, struct shmid_ds *buf)
203 {
204 struct shmid_ds tbuf;
205 struct shmid_ds *shp;
206 struct ipc_perm *ipcp;
207 int id, err;
208
209 if (cmd < 0 || shmid < 0)
210 return -EINVAL;
211 if (cmd == IPC_SET) {
212 if (!buf)
213 return -EFAULT;
214 err = verify_area (VERIFY_READ, buf, sizeof (*buf));
215 if (err)
216 return err;
217 memcpy_fromfs (&tbuf, buf, sizeof (*buf));
218 }
219
220 switch (cmd) {
221 case IPC_INFO:
222 {
223 struct shminfo shminfo;
224 if (!buf)
225 return -EFAULT;
226 shminfo.shmmni = SHMMNI;
227 shminfo.shmmax = SHMMAX;
228 shminfo.shmmin = SHMMIN;
229 shminfo.shmall = SHMALL;
230 shminfo.shmseg = SHMSEG;
231 err = verify_area (VERIFY_WRITE, buf, sizeof (struct shminfo));
232 if (err)
233 return err;
234 memcpy_tofs (buf, &shminfo, sizeof(struct shminfo));
235 return max_shmid;
236 }
237 case SHM_INFO:
238 {
239 struct shm_info shm_info;
240 if (!buf)
241 return -EFAULT;
242 err = verify_area (VERIFY_WRITE, buf, sizeof (shm_info));
243 if (err)
244 return err;
245 shm_info.used_ids = used_segs;
246 shm_info.shm_rss = shm_rss;
247 shm_info.shm_tot = shm_tot;
248 shm_info.shm_swp = shm_swp;
249 shm_info.swap_attempts = swap_attempts;
250 shm_info.swap_successes = swap_successes;
251 memcpy_tofs (buf, &shm_info, sizeof(shm_info));
252 return max_shmid;
253 }
254 case SHM_STAT:
255 if (!buf)
256 return -EFAULT;
257 err = verify_area (VERIFY_WRITE, buf, sizeof (*buf));
258 if (err)
259 return err;
260 if (shmid > max_shmid)
261 return -EINVAL;
262 shp = shm_segs[shmid];
263 if (shp == IPC_UNUSED || shp == IPC_NOID)
264 return -EINVAL;
265 if (ipcperms (&shp->shm_perm, S_IRUGO))
266 return -EACCES;
267 id = (unsigned int) shp->shm_perm.seq * SHMMNI + shmid;
268 tbuf.shm_perm = shp->shm_perm;
269 tbuf.shm_segsz = shp->shm_segsz;
270 tbuf.shm_atime = shp->shm_atime;
271 tbuf.shm_dtime = shp->shm_dtime;
272 tbuf.shm_ctime = shp->shm_ctime;
273 tbuf.shm_cpid = shp->shm_cpid;
274 tbuf.shm_lpid = shp->shm_lpid;
275 tbuf.shm_nattch = shp->shm_nattch;
276 memcpy_tofs (buf, &tbuf, sizeof(*buf));
277 return id;
278 }
279
280 shp = shm_segs[id = (unsigned int) shmid % SHMMNI];
281 if (shp == IPC_UNUSED || shp == IPC_NOID)
282 return -EINVAL;
283 if (shp->shm_perm.seq != (unsigned int) shmid / SHMMNI)
284 return -EIDRM;
285 ipcp = &shp->shm_perm;
286
287 switch (cmd) {
288 case SHM_UNLOCK:
289 if (!suser())
290 return -EPERM;
291 if (!(ipcp->mode & SHM_LOCKED))
292 return -EINVAL;
293 ipcp->mode &= ~SHM_LOCKED;
294 break;
295 case SHM_LOCK:
296
297
298
299 if (!suser())
300 return -EPERM;
301 if (ipcp->mode & SHM_LOCKED)
302 return -EINVAL;
303 ipcp->mode |= SHM_LOCKED;
304 break;
305 case IPC_STAT:
306 if (ipcperms (ipcp, S_IRUGO))
307 return -EACCES;
308 if (!buf)
309 return -EFAULT;
310 err = verify_area (VERIFY_WRITE, buf, sizeof (*buf));
311 if (err)
312 return err;
313 tbuf.shm_perm = shp->shm_perm;
314 tbuf.shm_segsz = shp->shm_segsz;
315 tbuf.shm_atime = shp->shm_atime;
316 tbuf.shm_dtime = shp->shm_dtime;
317 tbuf.shm_ctime = shp->shm_ctime;
318 tbuf.shm_cpid = shp->shm_cpid;
319 tbuf.shm_lpid = shp->shm_lpid;
320 tbuf.shm_nattch = shp->shm_nattch;
321 memcpy_tofs (buf, &tbuf, sizeof(*buf));
322 break;
323 case IPC_SET:
324 if (suser() || current->euid == shp->shm_perm.uid ||
325 current->euid == shp->shm_perm.cuid) {
326 ipcp->uid = tbuf.shm_perm.uid;
327 ipcp->gid = tbuf.shm_perm.gid;
328 ipcp->mode = (ipcp->mode & ~S_IRWXUGO)
329 | (tbuf.shm_perm.mode & S_IRWXUGO);
330 shp->shm_ctime = CURRENT_TIME;
331 break;
332 }
333 return -EPERM;
334 case IPC_RMID:
335 if (suser() || current->euid == shp->shm_perm.uid ||
336 current->euid == shp->shm_perm.cuid) {
337 shp->shm_perm.mode |= SHM_DEST;
338 if (shp->shm_nattch <= 0)
339 killseg (id);
340 break;
341 }
342 return -EPERM;
343 default:
344 return -EINVAL;
345 }
346 return 0;
347 }
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362 static struct vm_operations_struct shm_vm_ops = {
363 shm_open,
364 shm_close,
365 NULL,
366 NULL,
367 NULL,
368 NULL,
369 NULL,
370 NULL,
371 NULL,
372 shm_swap_in
373 };
374
375
376 static inline void insert_attach (struct shmid_ds * shp, struct vm_area_struct * shmd)
377 {
378 struct vm_area_struct * attaches;
379
380 if ((attaches = shp->attaches)) {
381 shmd->vm_next_share = attaches;
382 shmd->vm_prev_share = attaches->vm_prev_share;
383 shmd->vm_prev_share->vm_next_share = shmd;
384 attaches->vm_prev_share = shmd;
385 } else
386 shp->attaches = shmd->vm_next_share = shmd->vm_prev_share = shmd;
387 }
388
389
390 static inline void remove_attach (struct shmid_ds * shp, struct vm_area_struct * shmd)
391 {
392 if (shmd->vm_next_share == shmd) {
393 if (shp->attaches != shmd) {
394 printk("shm_close: shm segment (id=%ld) attach list inconsistent\n",
395 (shmd->vm_pte >> SHM_ID_SHIFT) & SHM_ID_MASK);
396 printk("shm_close: %d %08lx-%08lx %c%c%c%c %08lx %08lx\n",
397 shmd->vm_task->pid, shmd->vm_start, shmd->vm_end,
398 shmd->vm_flags & VM_READ ? 'r' : '-',
399 shmd->vm_flags & VM_WRITE ? 'w' : '-',
400 shmd->vm_flags & VM_EXEC ? 'x' : '-',
401 shmd->vm_flags & VM_MAYSHARE ? 's' : 'p',
402 shmd->vm_offset, shmd->vm_pte);
403 }
404 shp->attaches = NULL;
405 } else {
406 if (shp->attaches == shmd)
407 shp->attaches = shmd->vm_next_share;
408 shmd->vm_prev_share->vm_next_share = shmd->vm_next_share;
409 shmd->vm_next_share->vm_prev_share = shmd->vm_prev_share;
410 }
411 }
412
413
414
415
416
417
418 static int shm_map (struct vm_area_struct *shmd, int remap)
419 {
420 pgd_t *page_dir;
421 pte_t *page_table;
422 unsigned long tmp, shm_sgn;
423
424
425 if (!remap)
426 for (tmp = shmd->vm_start; tmp < shmd->vm_end; tmp += PAGE_SIZE) {
427 page_dir = PAGE_DIR_OFFSET(shmd->vm_task,tmp);
428 if (pgd_none(*page_dir))
429 continue;
430 if (pgd_bad(*page_dir)) {
431 printk("bad ipc page directory entry %08lx\n", pgd_val(*page_dir));
432 pgd_clear(page_dir);
433 continue;
434 }
435 page_table = (pte_t *) pgd_page(*page_dir);
436 page_table += ((tmp >> PAGE_SHIFT) & (PTRS_PER_PAGE-1));
437 if (!pte_none(*page_table)) {
438
439 return -EINVAL;
440 }
441 }
442
443
444 do_munmap(shmd->vm_start, shmd->vm_end - shmd->vm_start);
445
446
447 insert_vm_struct(current, shmd);
448 merge_segments(current, shmd->vm_start, shmd->vm_end);
449
450
451 for (tmp = shmd->vm_start; tmp < shmd->vm_end; tmp += PAGE_SIZE) {
452 page_dir = PAGE_DIR_OFFSET(shmd->vm_task,tmp);
453 if (!pgd_none(*page_dir)) {
454 page_table = (pte_t *) pgd_page(*page_dir);
455 page_table += ((tmp >> PAGE_SHIFT) & (PTRS_PER_PAGE-1));
456 if (!pte_none(*page_table)) {
457 if (pte_present(*page_table)) {
458 --current->mm->rss;
459 free_page (pte_page(*page_table));
460 } else
461 swap_free(pte_val(*page_table));
462 pte_clear(page_table);
463 }
464 } else {
465 if (!(page_table = (pte_t *) get_free_page(GFP_KERNEL)))
466 return -ENOMEM;
467 pgd_set(page_dir, page_table);
468 tmp |= (PGDIR_SIZE - PAGE_SIZE);
469 }
470 }
471
472
473 shm_sgn = shmd->vm_pte + ((shmd->vm_offset >> PAGE_SHIFT) << SHM_IDX_SHIFT);
474 for (tmp = shmd->vm_start; tmp < shmd->vm_end; tmp += PAGE_SIZE,
475 shm_sgn += (1 << SHM_IDX_SHIFT)) {
476 page_dir = PAGE_DIR_OFFSET(shmd->vm_task,tmp);
477 page_table = (pte_t *) pgd_page(*page_dir);
478 page_table += (tmp >> PAGE_SHIFT) & (PTRS_PER_PAGE-1);
479 pte_val(*page_table) = shm_sgn;
480 }
481 invalidate();
482 return 0;
483 }
484
485
486
487
488 int sys_shmat (int shmid, char *shmaddr, int shmflg, ulong *raddr)
489 {
490 struct shmid_ds *shp;
491 struct vm_area_struct *shmd;
492 int err;
493 unsigned int id;
494 unsigned long addr;
495
496 if (shmid < 0) {
497
498 return -EINVAL;
499 }
500
501 shp = shm_segs[id = (unsigned int) shmid % SHMMNI];
502 if (shp == IPC_UNUSED || shp == IPC_NOID) {
503
504 return -EINVAL;
505 }
506
507 if (!(addr = (ulong) shmaddr)) {
508 if (shmflg & SHM_REMAP)
509 return -EINVAL;
510 if (!(addr = get_unmapped_area(shp->shm_segsz)))
511 return -ENOMEM;
512 } else if (addr & (SHMLBA-1)) {
513 if (shmflg & SHM_RND)
514 addr &= ~(SHMLBA-1);
515 else
516 return -EINVAL;
517 }
518 if ((addr > current->mm->start_stack - 16384 - PAGE_SIZE*shp->shm_npages)) {
519
520 return -EINVAL;
521 }
522 if (!(shmflg & SHM_REMAP))
523 if ((shmd = find_vma_intersection(current, addr, addr + shp->shm_segsz))) {
524
525
526 return -EINVAL;
527 }
528
529 if (ipcperms(&shp->shm_perm, shmflg & SHM_RDONLY ? S_IRUGO : S_IRUGO|S_IWUGO))
530 return -EACCES;
531 if (shp->shm_perm.seq != (unsigned int) shmid / SHMMNI)
532 return -EIDRM;
533
534 shmd = (struct vm_area_struct *) kmalloc (sizeof(*shmd), GFP_KERNEL);
535 if (!shmd)
536 return -ENOMEM;
537 if ((shp != shm_segs[id]) || (shp->shm_perm.seq != (unsigned int) shmid / SHMMNI)) {
538 kfree(shmd);
539 return -EIDRM;
540 }
541
542 shmd->vm_pte = (SHM_SWP_TYPE << 1) | (id << SHM_ID_SHIFT);
543 shmd->vm_start = addr;
544 shmd->vm_end = addr + shp->shm_npages * PAGE_SIZE;
545 shmd->vm_task = current;
546 shmd->vm_page_prot = (shmflg & SHM_RDONLY) ? PAGE_READONLY : PAGE_SHARED;
547 shmd->vm_flags = VM_SHM | VM_MAYSHARE | VM_SHARED
548 | VM_MAYREAD | VM_MAYEXEC | VM_READ | VM_EXEC
549 | ((shmflg & SHM_RDONLY) ? 0 : VM_MAYWRITE | VM_WRITE);
550 shmd->vm_next_share = shmd->vm_prev_share = NULL;
551 shmd->vm_inode = NULL;
552 shmd->vm_offset = 0;
553 shmd->vm_ops = &shm_vm_ops;
554
555 shp->shm_nattch++;
556 if ((err = shm_map (shmd, shmflg & SHM_REMAP))) {
557 if (--shp->shm_nattch <= 0 && shp->shm_perm.mode & SHM_DEST)
558 killseg(id);
559 kfree(shmd);
560 return err;
561 }
562
563 insert_attach(shp,shmd);
564
565 shp->shm_lpid = current->pid;
566 shp->shm_atime = CURRENT_TIME;
567
568 *raddr = addr;
569 return 0;
570 }
571
572
573 static void shm_open (struct vm_area_struct *shmd)
574 {
575 unsigned int id;
576 struct shmid_ds *shp;
577
578 id = (shmd->vm_pte >> SHM_ID_SHIFT) & SHM_ID_MASK;
579 shp = shm_segs[id];
580 if (shp == IPC_UNUSED) {
581 printk("shm_open: unused id=%d PANIC\n", id);
582 return;
583 }
584 insert_attach(shp,shmd);
585 shp->shm_nattch++;
586 shp->shm_atime = CURRENT_TIME;
587 shp->shm_lpid = current->pid;
588 }
589
590
591
592
593
594
595
596 static void shm_close (struct vm_area_struct *shmd)
597 {
598 struct shmid_ds *shp;
599 int id;
600
601 unmap_page_range (shmd->vm_start, shmd->vm_end - shmd->vm_start);
602
603
604 id = (shmd->vm_pte >> SHM_ID_SHIFT) & SHM_ID_MASK;
605 shp = shm_segs[id];
606 remove_attach(shp,shmd);
607 shp->shm_lpid = current->pid;
608 shp->shm_dtime = CURRENT_TIME;
609 if (--shp->shm_nattch <= 0 && shp->shm_perm.mode & SHM_DEST)
610 killseg (id);
611 }
612
613
614
615
616
617 int sys_shmdt (char *shmaddr)
618 {
619 struct vm_area_struct *shmd, *shmdnext;
620
621 for (shmd = current->mm->mmap; shmd; shmd = shmdnext) {
622 shmdnext = shmd->vm_next;
623 if (shmd->vm_ops == &shm_vm_ops
624 && shmd->vm_start - shmd->vm_offset == (ulong) shmaddr)
625 do_munmap(shmd->vm_start, shmd->vm_end - shmd->vm_start);
626 }
627 return 0;
628 }
629
630
631
632
633 static pte_t shm_swap_in(struct vm_area_struct * shmd, unsigned long offset, unsigned long code)
634 {
635 pte_t pte;
636 struct shmid_ds *shp;
637 unsigned int id, idx;
638
639 id = (code >> SHM_ID_SHIFT) & SHM_ID_MASK;
640 if (id != ((shmd->vm_pte >> SHM_ID_SHIFT) & SHM_ID_MASK)) {
641 printk ("shm_swap_in: code id = %d and shmd id = %ld differ\n",
642 id, (shmd->vm_pte >> SHM_ID_SHIFT) & SHM_ID_MASK);
643 return BAD_PAGE;
644 }
645 if (id > max_shmid) {
646 printk ("shm_swap_in: id=%d too big. proc mem corrupted\n", id);
647 return BAD_PAGE;
648 }
649 shp = shm_segs[id];
650 if (shp == IPC_UNUSED || shp == IPC_NOID) {
651 printk ("shm_swap_in: id=%d invalid. Race.\n", id);
652 return BAD_PAGE;
653 }
654 idx = (code >> SHM_IDX_SHIFT) & SHM_IDX_MASK;
655 if (idx != (offset >> PAGE_SHIFT)) {
656 printk ("shm_swap_in: code idx = %u and shmd idx = %lu differ\n",
657 idx, offset >> PAGE_SHIFT);
658 return BAD_PAGE;
659 }
660 if (idx >= shp->shm_npages) {
661 printk ("shm_swap_in : too large page index. id=%d\n", id);
662 return BAD_PAGE;
663 }
664
665 pte_val(pte) = shp->shm_pages[idx];
666 if (!pte_present(pte)) {
667 unsigned long page = get_free_page(GFP_KERNEL);
668 if (!page) {
669 oom(current);
670 return BAD_PAGE;
671 }
672 pte_val(pte) = shp->shm_pages[idx];
673 if (pte_present(pte)) {
674 free_page (page);
675 goto done;
676 }
677 if (!pte_none(pte)) {
678 read_swap_page(pte_val(pte), (char *) page);
679 pte_val(pte) = shp->shm_pages[idx];
680 if (pte_present(pte)) {
681 free_page (page);
682 goto done;
683 }
684 swap_free(pte_val(pte));
685 shm_swp--;
686 }
687 shm_rss++;
688 pte = pte_mkdirty(mk_pte(page, PAGE_SHARED));
689 shp->shm_pages[idx] = pte_val(pte);
690 } else
691 --current->mm->maj_flt;
692
693 done:
694 current->mm->min_flt++;
695 mem_map[MAP_NR(pte_page(pte))]++;
696 return pte_modify(pte, shmd->vm_page_prot);
697 }
698
699
700
701
702 static unsigned long swap_id = 0;
703 static unsigned long swap_idx = 0;
704
705 int shm_swap (int prio)
706 {
707 pte_t page;
708 struct shmid_ds *shp;
709 struct vm_area_struct *shmd;
710 unsigned int swap_nr;
711 unsigned long id, idx, invalid = 0;
712 int counter;
713
714 counter = shm_rss >> prio;
715 if (!counter || !(swap_nr = get_swap_page()))
716 return 0;
717
718 check_id:
719 shp = shm_segs[swap_id];
720 if (shp == IPC_UNUSED || shp == IPC_NOID || shp->shm_perm.mode & SHM_LOCKED ) {
721 swap_idx = 0;
722 if (++swap_id > max_shmid)
723 swap_id = 0;
724 goto check_id;
725 }
726 id = swap_id;
727
728 check_table:
729 idx = swap_idx++;
730 if (idx >= shp->shm_npages) {
731 swap_idx = 0;
732 if (++swap_id > max_shmid)
733 swap_id = 0;
734 goto check_id;
735 }
736
737 pte_val(page) = shp->shm_pages[idx];
738 if (!pte_present(page))
739 goto check_table;
740 swap_attempts++;
741
742 if (--counter < 0) {
743 if (invalid)
744 invalidate();
745 swap_free (swap_nr);
746 return 0;
747 }
748 if (shp->attaches)
749 for (shmd = shp->attaches; ; ) {
750 do {
751 pgd_t *page_dir;
752 pte_t *page_table, pte;
753 unsigned long tmp;
754
755 if ((shmd->vm_pte >> SHM_ID_SHIFT & SHM_ID_MASK) != id) {
756 printk ("shm_swap: id=%ld does not match shmd->vm_pte.id=%ld\n", id, shmd->vm_pte >> SHM_ID_SHIFT & SHM_ID_MASK);
757 continue;
758 }
759 tmp = shmd->vm_start + (idx << PAGE_SHIFT) - shmd->vm_offset;
760 if (!(tmp >= shmd->vm_start && tmp < shmd->vm_end))
761 continue;
762 page_dir = PAGE_DIR_OFFSET(shmd->vm_task,tmp);
763 if (pgd_none(*page_dir) || pgd_bad(*page_dir)) {
764 printk("shm_swap: bad pgtbl! id=%ld start=%lx idx=%ld\n",
765 id, shmd->vm_start, idx);
766 pgd_clear(page_dir);
767 continue;
768 }
769 page_table = (pte_t *) pgd_page(*page_dir);
770 page_table += ((tmp >> PAGE_SHIFT) & (PTRS_PER_PAGE-1));
771 pte = *page_table;
772 if (!pte_present(pte))
773 continue;
774 if (pte_young(pte)) {
775 *page_table = pte_mkold(pte);
776 continue;
777 }
778 if (pte_page(pte) != pte_page(page))
779 printk("shm_swap_out: page and pte mismatch\n");
780 pte_val(*page_table) = shmd->vm_pte | idx << SHM_IDX_SHIFT;
781 mem_map[MAP_NR(pte_page(pte))]--;
782 shmd->vm_task->mm->rss--;
783 invalid++;
784
785 } while (0);
786 if ((shmd = shmd->vm_next_share) == shp->attaches)
787 break;
788 }
789
790 if (mem_map[MAP_NR(pte_page(page))] != 1)
791 goto check_table;
792 shp->shm_pages[idx] = swap_nr;
793 if (invalid)
794 invalidate();
795 write_swap_page (swap_nr, (char *) pte_page(page));
796 free_page(pte_page(page));
797 swap_successes++;
798 shm_swp++;
799 shm_rss--;
800 return 1;
801 }