Skip to content

shmget

Intro

shmget - used to get a shared memory segment

Description

shmget is a SystemV IPC system call that is used to get a shared memory segment. It requires the caller to provide a key, size and flag argument. If the key identified by the key argument exists, the call returns the identifier of the shared memory region associated with it. If the key does not exist, a new region is created and its identifier is returned, or the call fails according to the argument flags. Some of the possible flags include: IPC_CREAT, IPC_EXCL and SHM_HUGETLB.

Caution should be used when using IPC_EXCL and IPC_CREAT flags together, as it is vulnerable to time of check/time of use (TOCTOU) race condition.

Arguments

  • key:key_t[U] - key for the shared memory segment. This should be generated using ftok and must be unique;
  • size:size_t[U] - size of the shared memory segment in bytes;
  • shmflg:int[U] - this argument's value mitght consists of various flags, like IPC_CREAT, IPC_EXCL, etc.

Available Tags

  • K - Originated from kernel-space.
  • U - Originated from user space (for example, pointer to user space memory used to get it)
  • TOCTOU - Vulnerable to TOCTOU (time of check, time of use)
  • OPT - Optional argument - might not always be available (passed with null value)

Hooks

sys_ipc

Type

bpf kprobe

Purpose

This function is hooked to trace when the shmget syscall is called.

Example Use Case

shmget can be used to create a shared memory segment, for example, between two applications that need to communicate.

Issues

Due to the TOCTOU sensitivity of using IPC_EXCL and IPC_CREAT flags together, caution is recommended when using those flags.

shmat - used to attach the shared memory segment to the process address space shmdt - used to detach the shared memory segment from the process address space

This document was automatically generated by OpenAI and needs review. It might not be accurate and might contain errors. The authors of Tracee recommend that the user reads the "events.go" source file to understand the events and their arguments better.