-
Notifications
You must be signed in to change notification settings - Fork 591
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Do not merge]fs/mqueue/mq_check.c: group level error check for mq operations #6570
base: master
Are you sure you want to change the base?
Conversation
@@ -150,6 +150,11 @@ ssize_t mq_receive(mqd_t mqdes, FAR char *msg, size_t msglen, FAR int *prio) | |||
return ERROR; | |||
} | |||
|
|||
if (mq_check(mqdes) != OK) { | |||
leave_cancellation_point(); | |||
return ERROR; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Before ERROR return, we should set proper errno.
* Return Value:
* One success, the length of the selected message in bytes is returned.
* On failure, -1 (ERROR) is returned and the errno is set appropriately:
*
* EAGAIN The queue was empty, and the O_NONBLOCK flag was set
* for the message queue description referred to by 'mqdes'.
* EPERM Message queue opened not opened for reading.
* EMSGSIZE 'msglen' was less than the maxmsgsize attribute of the
* message queue.
* EINTR The call was interrupted by a signal handler.
* EINVAL Invalid 'msg' or 'mqdes'
@@ -154,6 +154,11 @@ int mq_send(mqd_t mqdes, FAR const char *msg, size_t msglen, int prio) | |||
return ERROR; | |||
} | |||
|
|||
if (mq_check(mqdes) != OK) { | |||
leave_cancellation_point(); | |||
return ERROR; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as previous
@ritesh55555 @kishore-sn I thought when we close or unlink a mq, if we get wrong or invalid mqdes or mqname, it could corrupt mq inode. If we use invalid mqdes for mq send and receive, is it possible to be corrupted? |
@ritesh55555 @kishore-sn I want to check whether this improves stability even it causes performance degradation by checking single queue every send and receive or not. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please check the github checks which are failing
Hi @sunghan-chang, |
ae6edb3
to
3c40f54
Compare
@@ -105,6 +105,10 @@ int mq_getattr(mqd_t mqdes, struct mq_attr *mq_stat) | |||
{ | |||
int ret = ERROR; | |||
|
|||
if (mq_check(mqdes) != OK) { | |||
return ERROR; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to set the errno before we return.
os/fs/mqueue/mq_check.c
Outdated
* | ||
************************************************************************/ | ||
|
||
int mq_check(mqd_t mqdes) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's rename the function to show "check what".
os/fs/mqueue/mq_check.c
Outdated
* | ||
* Return Value: | ||
* OK - if mqdes is present in the calling task group list of mqdes | ||
* ERROR - if mqdes is not present in the calling task group of mqdes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It does not return ERROR, it does EBADF.
os/include/mqueue.h
Outdated
/** | ||
* @brief get message queue attributes | ||
* @details @b #include <mqueue.h> \n | ||
* POSIX API (refer to : http://pubs.opengroup.org/onlinepubs/9699919799/) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this the POSIX API?
os/include/mqueue.h
Outdated
@@ -188,6 +188,13 @@ int mq_setattr(mqd_t mqdes, FAR const struct mq_attr *mq_stat, FAR struct mq_att | |||
* @since TizenRT v1.0 | |||
*/ | |||
int mq_getattr(mqd_t mqdes, FAR struct mq_attr *mq_stat); | |||
/** | |||
* @brief get message queue attributes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
description looks wrong.
@@ -161,6 +161,11 @@ int mq_notify(mqd_t mqdes, const struct sigevent *notification) | |||
return ERROR; | |||
} | |||
|
|||
if (mq_check(mqdes) != OK) { | |||
set_errno(EBADF); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you should use the return value instead of hard coding here.
os/kernel/mqueue/mq_receive.c
Outdated
@@ -145,6 +145,12 @@ ssize_t mq_receive(mqd_t mqdes, FAR char *msg, size_t msglen, FAR int *prio) | |||
/* mq_receive() is a cancellation point */ | |||
(void)enter_cancellation_point(); | |||
|
|||
if (mq_check(mqdes) != OK) { | |||
leave_cancellation_point(); | |||
set_errno(EINVAL); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When it has EINVAL, when it has EBADF?
i dont think the inode will get corrupted if we use invalid mqdes for mq send and receive . But will lead to unintended behavior |
os/fs/mqueue/mq_check.c
Outdated
int ret = -EBADF; | ||
mqd_t mqdes_ptr; | ||
|
||
FAR struct task_group_s *group = sched_self()->group; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to check mqdes and group because most of mq functions except mq_close don't check it.
DEBUGASSERT(mqdes != NULL && group != NULL);
@@ -114,6 +114,10 @@ int mq_setattr(mqd_t mqdes, const struct mq_attr *mq_stat, struct mq_attr *oldst | |||
{ | |||
int ret = ERROR; | |||
|
|||
if (mq_check(mqdes) != OK) { | |||
return ERROR; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Set errno is missnig
os/include/mqueue.h
Outdated
* POSIX API (refer to : http://pubs.opengroup.org/onlinepubs/9699919799/) | ||
* @since TizenRT v1.0 | ||
*/ | ||
int mq_check(mqd_t mqdes); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks like an internal api for mqueue, we need not expose it to outsize. Please check if we can we move this to some internal header file.
os/kernel/mqueue/mq_send.c
Outdated
@@ -123,7 +123,8 @@ | |||
* | |||
* EAGAIN The queue was empty, and the O_NONBLOCK flag was set for the | |||
* message queue description referred to by mqdes. | |||
* EINVAL Either msg or mqdes is NULL or the value of prio is invalid. | |||
* EINVAL Either msg or mqdes is NULL or the value of prio is invalid, | |||
* or mqdes is present in task group's mq list. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this should be,
* or mqdes is present in task group's mq list. | |
* or mqdes is not present in task group's mq list. |
But here too, I think EBADF is better instead of EINVAL.
os/fs/mqueue/mq_check.c
Outdated
{ | ||
int ret = -EBADF; | ||
mqd_t mqdes_ptr; | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to take care of interrupt handler case here. Mq can be used to send msg from irq handler to any task. In that case, mq may be opened by any task which calls the device driver. But when irq is being handled, sched_self() will return the task running at the time of irq. This task might be different than the task which opened the device driver and the mq. So, if we are in irq hanlder, then we must NOT perform this check.
set_errno(EINVAL); | ||
return ERROR; | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This check needs to be done in all mq apis. Please check timedsend and timed receive.
9382099
to
aaf51eb
Compare
- This commit creates an api mq_check() for mqueue module. This api will check the mq descriptor value in the mq des list of the calling task's group. This will help to remove unwanted error in mq_send and mq_receive apis.
This commit creates an api mq_check() for mqueue module. This api will check the mq descriptor value in the mq des list of the calling task's group. This will help to remove unwanted error in mq_send and mq_receive apis.