Kernel+Userland: Remove shared buffers (shbufs)

All users of this mechanism have been switched to anonymous files and passing file descriptors with sendfd()/recvfd(). Shbufs got us where we are today, but it's time we say good-bye to them and welcome a much more idiomatic replacement. :^)
2025-07-27 15:47:45 +00:00 · 2021-01-17 08:51:41 +01:00 · 2021-01-17 08:51:41 +01:00 · bf0719092f
commit bf0719092f
parent 2cd16778b5
28 changed files with 2 additions and 1022 deletions
--- a/Kernel/API/Syscall.h
+++ b/Kernel/API/Syscall.h
@ -121,10 +121,6 @@ namespace Kernel {
    S(accept)                 \
    S(listen)                 \
    S(connect)                \
-    S(shbuf_create)           \
-    S(shbuf_allow_pid)        \
-    S(shbuf_get)              \
-    S(shbuf_release)          \
    S(link)                   \
    S(chown)                  \
    S(fchmod)                 \
--- a/Kernel/CMakeLists.txt
+++ b/Kernel/CMakeLists.txt
@ -101,7 +101,6 @@ set(KERNEL_SOURCES
    RTC.cpp
    Random.cpp
    Scheduler.cpp
-    SharedBuffer.cpp
    StdLib.cpp
    Syscall.cpp
    Syscalls/anon_create.cpp
@ -157,7 +156,6 @@ set(KERNEL_SOURCES
    Syscalls/setkeymap.cpp
    Syscalls/setpgid.cpp
    Syscalls/setuid.cpp
-    Syscalls/shbuf.cpp
    Syscalls/shutdown.cpp
    Syscalls/sigaction.cpp
    Syscalls/socket.cpp
--- a/Kernel/Forward.h
+++ b/Kernel/Forward.h
@ -60,7 +60,6 @@ class RangeAllocator;
 class Region;
 class Scheduler;
 class SchedulerPerProcessorData;
-class SharedBuffer;
 class Socket;
 template<typename BaseType>
 class SpinLock;
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@ -45,10 +45,10 @@
 #include <Kernel/PerformanceEventBuffer.h>
 #include <Kernel/Process.h>
 #include <Kernel/RTC.h>
-#include <Kernel/SharedBuffer.h>
 #include <Kernel/StdLib.h>
 #include <Kernel/TTY/TTY.h>
 #include <Kernel/Thread.h>
+#include <Kernel/VM/AnonymousVMObject.h>
 #include <Kernel/VM/PageDirectory.h>
 #include <Kernel/VM/PrivateInodeVMObject.h>
 #include <Kernel/VM/ProcessPagingScope.h>
@ -644,7 +644,6 @@ void Process::finalize()

    m_dead = true;

-    disown_all_shared_buffers();
    {
        // FIXME: PID/TID BUG
        if (auto parent_thread = Thread::from_tid(m_ppid.value())) {
--- a/Kernel/Process.h
+++ b/Kernel/Process.h
@ -80,8 +80,7 @@ extern VirtualAddress g_return_to_ring3_from_signal_trampoline;
    __ENUMERATE_PLEDGE_PROMISE(accept)    \
    __ENUMERATE_PLEDGE_PROMISE(settime)   \
    __ENUMERATE_PLEDGE_PROMISE(sigaction) \
-    __ENUMERATE_PLEDGE_PROMISE(setkeymap) \
-    __ENUMERATE_PLEDGE_PROMISE(shared_buffer)
+    __ENUMERATE_PLEDGE_PROMISE(setkeymap)

 enum class Pledge : u32 {
 #define __ENUMERATE_PLEDGE_PROMISE(x) x,
@ -334,10 +333,6 @@ public:
    int sys$get_thread_name(pid_t tid, Userspace<char*> buffer, size_t buffer_size);
    int sys$rename(Userspace<const Syscall::SC_rename_params*>);
    int sys$mknod(Userspace<const Syscall::SC_mknod_params*>);
-    int sys$shbuf_create(int, void** buffer);
-    int sys$shbuf_allow_pid(int, pid_t peer_pid);
-    void* sys$shbuf_get(int shbuf_id, Userspace<size_t*> size);
-    int sys$shbuf_release(int shbuf_id);
    int sys$halt();
    int sys$reboot();
    int sys$realpath(Userspace<const Syscall::SC_realpath_params*>);
@ -530,7 +525,6 @@ private:
    KResultOr<RefPtr<FileDescription>> find_elf_interpreter_for_executable(const String& path, const Elf32_Ehdr& elf_header, int nread, size_t file_size);

    int alloc_fd(int first_candidate_fd = 0);
-    void disown_all_shared_buffers();

    KResult do_kill(Process&, int signal);
    KResult do_killpg(ProcessGroupID pgrp, int signal);
--- a/Kernel/SharedBuffer.cpp
+++ b/Kernel/SharedBuffer.cpp
@ -1,188 +0,0 @@
-/*
- * Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice, this
- *    list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright notice,
- *    this list of conditions and the following disclaimer in the documentation
- *    and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <AK/Debug.h>
-#include <AK/Singleton.h>
-#include <Kernel/Process.h>
-#include <Kernel/SharedBuffer.h>
-
-//#define SHARED_BUFFER_DEBUG
-
-namespace Kernel {
-
-static AK::Singleton<Lockable<HashMap<int, NonnullOwnPtr<SharedBuffer>>>> s_map;
-
-Lockable<HashMap<int, NonnullOwnPtr<SharedBuffer>>>& shared_buffers()
-{
-    return *s_map;
-}
-
-void SharedBuffer::sanity_check(const char* what)
-{
-    LOCKER(shared_buffers().lock(), Lock::Mode::Shared);
-
-    unsigned found_refs = 0;
-    for (const auto& ref : m_refs)
-        found_refs += ref.count;
-
-    if (found_refs != m_total_refs) {
-        dbgln("{} sanity -- SharedBuffer({}) id: {} has total refs {} but we found {}",
-            what,
-            this,
-            m_shbuf_id,
-            m_total_refs,
-            found_refs);
-
-        for (const auto& ref : m_refs)
-            dbgln("    ref from pid {}: reference count {}", ref.pid.value(), ref.count);
-        ASSERT_NOT_REACHED();
-    }
-}
-
-bool SharedBuffer::is_shared_with(ProcessID peer_pid) const
-{
-    LOCKER(shared_buffers().lock(), Lock::Mode::Shared);
-    for (auto& ref : m_refs) {
-        if (ref.pid == peer_pid) {
-            return true;
-        }
-    }
-
-    return false;
-}
-
-void* SharedBuffer::ref_for_process_and_get_address(Process& process)
-{
-    LOCKER(shared_buffers().lock());
-    ASSERT(is_shared_with(process.pid()));
-    for (auto& ref : m_refs) {
-        if (ref.pid == process.pid()) {
-            if (!ref.region) {
-                auto region_or_error = process.allocate_region_with_vmobject(VirtualAddress(), size(), m_vmobject, 0, "SharedBuffer", PROT_READ | (m_writable ? PROT_WRITE : 0), true);
-                if (region_or_error.is_error())
-                    return (void*)region_or_error.error().error();
-                ref.region = region_or_error.value();
-            }
-            ref.count++;
-            m_total_refs++;
-            sanity_check("ref_for_process_and_get_address");
-            return ref.region.unsafe_ptr()->vaddr().as_ptr(); // TODO: Region needs to be RefCounted!
-        }
-    }
-    ASSERT_NOT_REACHED();
-}
-
-void SharedBuffer::share_with(ProcessID peer_pid)
-{
-    LOCKER(shared_buffers().lock());
-    for (auto& ref : m_refs) {
-        if (ref.pid == peer_pid) {
-            // don't increment the reference count yet; let them shbuf_get it first.
-            sanity_check("share_with (old ref)");
-            return;
-        }
-    }
-
-    m_refs.append(Reference(peer_pid));
-    sanity_check("share_with (new ref)");
-}
-
-void SharedBuffer::share_all_shared_buffers(Process& from_process, Process& with_process)
-{
-    LOCKER(shared_buffers().lock());
-    for (auto& shbuf : shared_buffers().resource()) {
-        auto& shared_buffer = *shbuf.value;
-        // We need to clone all references (including for global shared buffers),
-        // and the reference counts as well.
-        for (auto& ref : shared_buffer.m_refs) {
-            if (ref.pid == from_process.pid()) {
-                auto ref_count = ref.count;
-                shared_buffer.m_refs.append(Reference(with_process.pid(), ref_count));
-                // NOTE: ref may become invalid after we appended!
-                shared_buffer.m_total_refs += ref_count;
-                break;
-            }
-        }
-    }
-}
-
-void SharedBuffer::deref_for_process(Process& process)
-{
-    LOCKER(shared_buffers().lock());
-    for (size_t i = 0; i < m_refs.size(); ++i) {
-        auto& ref = m_refs[i];
-        if (ref.pid == process.pid()) {
-            ASSERT(ref.count > 0);
-            ref.count--;
-            ASSERT(m_total_refs > 0);
-            m_total_refs--;
-            if (ref.count == 0) {
-                dbgln<debug_shared_buffer>("Releasing shared buffer reference on {} of size {} by PID {}", m_shbuf_id, size(), process.pid().value());
-                process.deallocate_region(*ref.region.unsafe_ptr()); // TODO: Region needs to be RefCounted!
-                dbgln<debug_shared_buffer>("Released shared buffer reference on {} of size {} by PID {}", m_shbuf_id, size(), process.pid().value());
-                sanity_check("deref_for_process");
-                destroy_if_unused();
-                return;
-            }
-            return;
-        }
-    }
-
-    ASSERT_NOT_REACHED();
-}
-
-bool SharedBuffer::disown(ProcessID pid)
-{
-    LOCKER(shared_buffers().lock());
-    for (size_t i = 0; i < m_refs.size(); ++i) {
-        auto& ref = m_refs[i];
-        if (ref.pid == pid) {
-            dbgln<debug_shared_buffer>("Disowning shared buffer {} of size {} by PID {}", m_shbuf_id, size(), pid.value());
-            ASSERT(m_total_refs >= ref.count);
-            m_total_refs -= ref.count;
-            m_refs.unstable_take(i);
-            dbgln<debug_shared_buffer>("Disowned shared buffer {} of size {} by PID {}", m_shbuf_id, size(), pid.value());
-            destroy_if_unused();
-            break;
-        }
-    }
-
-    return m_total_refs == 0;
-}
-
-void SharedBuffer::destroy_if_unused()
-{
-    LOCKER(shared_buffers().lock());
-    sanity_check("destroy_if_unused");
-    if (m_total_refs == 0) {
-        dbgln<debug_shared_buffer>("Destroying unused SharedBuffer({}) id={}", this, m_shbuf_id);
-        auto count_before = shared_buffers().resource().size();
-        shared_buffers().resource().remove(m_shbuf_id);
-        ASSERT(count_before != shared_buffers().resource().size());
-    }
-}
-
-}
--- a/Kernel/SharedBuffer.h
+++ b/Kernel/SharedBuffer.h
@ -1,87 +0,0 @@
-/*
- * Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice, this
- *    list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright notice,
- *    this list of conditions and the following disclaimer in the documentation
- *    and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#pragma once
-
-#include <AK/Debug.h>
-#include <AK/OwnPtr.h>
-#include <AK/WeakPtr.h>
-#include <Kernel/VM/AnonymousVMObject.h>
-#include <Kernel/VM/MemoryManager.h>
-
-namespace Kernel {
-
-class SharedBuffer {
-private:
-    struct Reference {
-        Reference(ProcessID pid, unsigned count = 0)
-            : pid(pid)
-            , count(count)
-        {
-        }
-
-        ProcessID pid;
-        unsigned count { 0 };
-        WeakPtr<Region> region;
-    };
-
-public:
-    SharedBuffer(int id, NonnullRefPtr<AnonymousVMObject>&& vmobject)
-        : m_shbuf_id(id)
-        , m_vmobject(move(vmobject))
-    {
-        dbgln<debug_shared_buffer>("Created shared buffer {} of size {}", m_shbuf_id, size());
-    }
-
-    ~SharedBuffer()
-    {
-        dbgln<debug_shared_buffer>("Destroyed shared buffer {} of size {}", m_shbuf_id, size());
-    }
-
-    void sanity_check(const char* what);
-    bool is_shared_with(ProcessID peer_pid) const;
-    void* ref_for_process_and_get_address(Process& process);
-    void share_with(ProcessID peer_pid);
-    void deref_for_process(Process& process);
-    bool disown(ProcessID pid);
-    static void share_all_shared_buffers(Process& from_process, Process& with_process);
-    size_t size() const { return m_vmobject->size(); }
-    void destroy_if_unused();
-    AnonymousVMObject& vmobject() { return m_vmobject; }
-    const AnonymousVMObject& vmobject() const { return m_vmobject; }
-    int id() const { return m_shbuf_id; }
-
-private:
-    int m_shbuf_id { -1 };
-    bool m_writable { true };
-    NonnullRefPtr<AnonymousVMObject> m_vmobject;
-    Vector<Reference, 2> m_refs;
-    unsigned m_total_refs { 0 };
-};
-
-Lockable<HashMap<int, NonnullOwnPtr<SharedBuffer>>>& shared_buffers();
-
-}
--- a/Kernel/Syscalls/execve.cpp
+++ b/Kernel/Syscalls/execve.cpp
@ -522,8 +522,6 @@ int Process::do_exec(NonnullRefPtr<FileDescription> main_program_description, Ve

    m_region_lookup_cache = {};

-    disown_all_shared_buffers();
-
    set_dumpable(!executable_is_setid);

    for (size_t i = 0; i < m_fds.size(); ++i) {
--- a/Kernel/Syscalls/fork.cpp
+++ b/Kernel/Syscalls/fork.cpp
@ -27,7 +27,6 @@
 #include <Kernel/FileSystem/Custody.h>
 #include <Kernel/FileSystem/FileDescription.h>
 #include <Kernel/Process.h>
-#include <Kernel/SharedBuffer.h>
 #include <Kernel/VM/Region.h>

 //#define FORK_DEBUG
@ -80,8 +79,6 @@ pid_t Process::sys$fork(RegisterState& regs)
    dbgln("fork: child will begin executing at {:04x}:{:08x} with stack {:04x}:{:08x}, kstack {:04x}:{:08x}", child_tss.cs, child_tss.eip, child_tss.ss, child_tss.esp, child_tss.ss0, child_tss.esp0);
 #endif

-    SharedBuffer::share_all_shared_buffers(*this, *child);
-
    {
        ScopedSpinLock lock(m_lock);
        for (auto& region : m_regions) {
--- a/Kernel/Syscalls/process.cpp
+++ b/Kernel/Syscalls/process.cpp
@ -26,7 +26,6 @@

 #include <AK/Types.h>
 #include <Kernel/Process.h>
-#include <Kernel/SharedBuffer.h>

 namespace Kernel {

--- a/Kernel/Syscalls/shbuf.cpp
+++ b/Kernel/Syscalls/shbuf.cpp
@ -1,137 +0,0 @@
-/*
- * Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice, this
- *    list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright notice,
- *    this list of conditions and the following disclaimer in the documentation
- *    and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <Kernel/Process.h>
-#include <Kernel/SharedBuffer.h>
-
-//#define SHARED_BUFFER_DEBUG
-
-namespace Kernel {
-
-void Process::disown_all_shared_buffers()
-{
-    LOCKER(shared_buffers().lock());
-    Vector<SharedBuffer*, 32> buffers_to_disown;
-    for (auto& it : shared_buffers().resource())
-        buffers_to_disown.append(it.value.ptr());
-    for (auto* shared_buffer : buffers_to_disown) {
-        if (shared_buffer->disown(m_pid)) {
-            shared_buffers().resource().remove(shared_buffer->id());
-            delete shared_buffer;
-        }
-    }
-}
-
-int Process::sys$shbuf_create(int size, void** buffer)
-{
-    REQUIRE_PROMISE(shared_buffer);
-    if (!size || size < 0)
-        return -EINVAL;
-    size = PAGE_ROUND_UP(size);
-
-    auto vmobject = AnonymousVMObject::create_with_size(size, AllocationStrategy::Reserve);
-    if (!vmobject)
-        return -ENOMEM;
-
-    LOCKER(shared_buffers().lock());
-    static int s_next_shbuf_id;
-    int shbuf_id = ++s_next_shbuf_id;
-    auto shared_buffer = make<SharedBuffer>(shbuf_id, vmobject.release_nonnull());
-    shared_buffer->share_with(m_pid);
-
-    void* address = shared_buffer->ref_for_process_and_get_address(*this);
-    if (!copy_to_user(buffer, &address))
-        return -EFAULT;
-    ASSERT((int)shared_buffer->size() >= size);
-#ifdef SHARED_BUFFER_DEBUG
-    klog() << "Created shared buffer " << shbuf_id << " @ " << buffer << " (" << size << " bytes, vmobject is " << shared_buffer->size() << ")";
-#endif
-    shared_buffers().resource().set(shbuf_id, move(shared_buffer));
-
-    return shbuf_id;
-}
-
-int Process::sys$shbuf_allow_pid(int shbuf_id, pid_t peer_pid)
-{
-    REQUIRE_PROMISE(shared_buffer);
-    if (!peer_pid || peer_pid < 0 || ProcessID(peer_pid) == m_pid)
-        return -EINVAL;
-    LOCKER(shared_buffers().lock());
-    auto it = shared_buffers().resource().find(shbuf_id);
-    if (it == shared_buffers().resource().end())
-        return -EINVAL;
-    auto& shared_buffer = *(*it).value;
-    if (!shared_buffer.is_shared_with(m_pid))
-        return -EPERM;
-    {
-        ScopedSpinLock lock(g_processes_lock);
-        auto peer = Process::from_pid(peer_pid);
-        if (!peer)
-            return -ESRCH;
-    }
-    shared_buffer.share_with(peer_pid);
-    return 0;
-}
-
-int Process::sys$shbuf_release(int shbuf_id)
-{
-    REQUIRE_PROMISE(shared_buffer);
-    LOCKER(shared_buffers().lock());
-    auto it = shared_buffers().resource().find(shbuf_id);
-    if (it == shared_buffers().resource().end())
-        return -EINVAL;
-    auto& shared_buffer = *(*it).value;
-    if (!shared_buffer.is_shared_with(m_pid))
-        return -EPERM;
-#ifdef SHARED_BUFFER_DEBUG
-    klog() << "Releasing shared buffer " << shbuf_id << ", buffer count: " << shared_buffers().resource().size();
-#endif
-    shared_buffer.deref_for_process(*this);
-    return 0;
-}
-
-void* Process::sys$shbuf_get(int shbuf_id, Userspace<size_t*> user_size)
-{
-    REQUIRE_PROMISE(shared_buffer);
-    LOCKER(shared_buffers().lock());
-    auto it = shared_buffers().resource().find(shbuf_id);
-    if (it == shared_buffers().resource().end())
-        return (void*)-EINVAL;
-    auto& shared_buffer = *(*it).value;
-    if (!shared_buffer.is_shared_with(m_pid))
-        return (void*)-EPERM;
-#ifdef SHARED_BUFFER_DEBUG
-    klog() << "Retaining shared buffer " << shbuf_id << ", buffer count: " << shared_buffers().resource().size();
-#endif
-    if (user_size) {
-        size_t size = shared_buffer.size();
-        if (!copy_to_user(user_size, &size))
-            return (void*)-EFAULT;
-    }
-    return shared_buffer.ref_for_process_and_get_address(*this);
-}
-
-}