The inode allocation routine of the
5.3.2.2FIFO open
A call to the open() VFS system call performs the same operation as it does for device special files. Regular DACs when the FIFO inode is read are identical to access checks performed for other file system objects, such as files and directories. If the process is allowed to access the FIFO inode, the kernel proceeds by invoking init_special_inode(), because a FIFO on disk appears as a special file. The init_special_inode() system call sets the file operation vector i_fop of the inode to def_fifo_fops. The only valid function in def_fifo_fops is the fifo_open() function. fifo_open() appropriately calls the pipe_read() or pipe_write() functions, depending on the access type. Access control is performed by the
5.3.3System V IPC
The System V IPC consists of message queues, semaphores, and shared memory regions. Message queues allow formatted data streams that are sent between processes. Semaphores allow processes to synchronize execution. Shared memory segments allow multiple processes to share a portion of their virtual address space.
This section describes data structures and algorithms used by the SLES kernel to implement the System V IPC. This section also focuses on the implementation of the enforcement of DAC and the handling of object reuse by the allocation algorithms.
•The IPC mechanisms share the following common properties:
•Each mechanism is represented by a table in kernel memory whose entries define an instance of the mechanism.
•Each table entry contains a numeric key, which is used to reference a specific instance of the mechanism.
•Each table entry has an ownership designation and access permissions structure associated with it. The creator of an IPC object becomes its owner. This ownership can be transferred by the control system call of the IPC mechanism. The owner and root user are allowed to define and modify access permissions to the IPC object. Credentials of the process attempting access, ownership designation, and access permissions are used for enforcing DAC. The root user is allowed to override DAC setup through access permissions.
•Each table entry has a pointer to an ipc_security_struct type, which is not used by the SLES kernel.
•Each table entry includes status information such as time of last access or update.
•Each mechanism has a control system call to query and set status information, and to remove an instance of a mechanism.
5.3.3.1Common data structures
The following list describes
•ipc_ids: The ipc_ids data structure fields, such as size, which indicates the maximum number of allocatable IPC resources; in_use, which holds the number of allocated IPC resources; and, entries, which points to the array of IPC resource descriptors.
64