Go to main content

man pages section 2: System Calls

Exit Print View

Updated: Thursday, June 13, 2019
 
 

shmsetlabel (2)

Name

shmgetlabel, shmsetlabel - labeling interfaces for IPC shared memory

Synopsis

#include <sys/shm.h>

int shmgetlabel(int shmid, m_label_t *label);
int shmsetlabel(int shmid, m_label_t *label);

Description

The shmgetlabel() and shmsetlabel() functions get and set the labels of shared memory. Labels provide another access control mechanism in addition to the permission bits that are managed via shmctl(2). In order to access a shared memory segment the current process clearance must dominate the label associated with shmid.

The default label for all shared memory segments is ADMIN_LOW, which is dominated by every process clearance. The access policy only becomes effective when a new label is assigned using the shmsetlabel(2).

Labels cannot be changed while any process is attached to shmid. To set a label the current process clearance must dominate both the new label and the current label of shmid. In addition, the effective user ID must be equal to the value of shm_perm.cuid or shm_perm.uid in the data structure associated with shmid.

The shmgetlabel() and shmsetlabel() functions are not supported when Trusted Extensions is enabled.

Return Values

Upon successful completion, 0 is returned. Otherwise, -1 is returned and errno is set to indicate the error.

Errors

The shmgetlabel() and shmsetlabel() functions will fail if:

EACCES

The existing shmid label is not dominated by the process clearance.

EBUSY

A process is currently attached to the shmid.

EFAULT

The label argument points to an illegal address.

EINVAL

The shmid argument is not a valid shared memory identifier or the specified label is not dominated by the process clearance.

ENOTSUP

These functions cannot be used when Trusted Extensions is enabled.

EPERM

The function is shmsetlabel() and the effective user ID of the calling process is not equal to the value ofshm_perm.cuid or shm_perm.uid in the data structure associated with shmid, and {PRIV_IPC_OWNER} is not asserted in the effective set of the calling process.

Attributes

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Interface Stability
Committed
MT-Level
MT-Safe

See Also

ipcs(1), shmctl(2), shmget(2), shmop(2), attributes(7), clearance(7). labels(7), privileges(7)