1/* 2 * Copyright (c) 1982, 1986, 1989, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)kern_descrip.c 8.6 (Berkeley) 4/19/94
| 1/* 2 * Copyright (c) 1982, 1986, 1989, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)kern_descrip.c 8.6 (Berkeley) 4/19/94
|
39 * $FreeBSD: head/sys/kern/kern_descrip.c 92641 2002-03-19 04:30:04Z alfred $
| 39 * $FreeBSD: head/sys/kern/kern_descrip.c 92654 2002-03-19 09:11:49Z jeff $
|
40 */ 41 42#include "opt_compat.h" 43 44#include <sys/param.h> 45#include <sys/systm.h> 46#include <sys/lock.h> 47#include <sys/malloc.h> 48#include <sys/mutex.h> 49#include <sys/sysproto.h> 50#include <sys/conf.h> 51#include <sys/filedesc.h> 52#include <sys/kernel.h> 53#include <sys/sysctl.h> 54#include <sys/vnode.h> 55#include <sys/proc.h> 56#include <sys/file.h> 57#include <sys/stat.h> 58#include <sys/filio.h> 59#include <sys/fcntl.h> 60#include <sys/unistd.h> 61#include <sys/resourcevar.h> 62#include <sys/event.h> 63#include <sys/sx.h> 64#include <sys/socketvar.h> 65 66#include <machine/limits.h> 67 68#include <vm/vm.h> 69#include <vm/vm_extern.h>
| 40 */ 41 42#include "opt_compat.h" 43 44#include <sys/param.h> 45#include <sys/systm.h> 46#include <sys/lock.h> 47#include <sys/malloc.h> 48#include <sys/mutex.h> 49#include <sys/sysproto.h> 50#include <sys/conf.h> 51#include <sys/filedesc.h> 52#include <sys/kernel.h> 53#include <sys/sysctl.h> 54#include <sys/vnode.h> 55#include <sys/proc.h> 56#include <sys/file.h> 57#include <sys/stat.h> 58#include <sys/filio.h> 59#include <sys/fcntl.h> 60#include <sys/unistd.h> 61#include <sys/resourcevar.h> 62#include <sys/event.h> 63#include <sys/sx.h> 64#include <sys/socketvar.h> 65 66#include <machine/limits.h> 67 68#include <vm/vm.h> 69#include <vm/vm_extern.h>
|
| 70#include <vm/vm_zone.h>
|
70 71static MALLOC_DEFINE(M_FILEDESC, "file desc", "Open file descriptor table");
| 71 72static MALLOC_DEFINE(M_FILEDESC, "file desc", "Open file descriptor table");
|
72MALLOC_DEFINE(M_FILE, "file", "Open file structure");
| |
73static MALLOC_DEFINE(M_SIGIO, "sigio", "sigio structures"); 74
| 73static MALLOC_DEFINE(M_SIGIO, "sigio", "sigio structures"); 74
|
| 75uma_zone_t file_zone; 76
|
75static d_open_t fdopen; 76#define NUMFDESC 64 77 78#define CDEV_MAJOR 22 79static struct cdevsw fildesc_cdevsw = { 80 /* open */ fdopen, 81 /* close */ noclose, 82 /* read */ noread, 83 /* write */ nowrite, 84 /* ioctl */ noioctl, 85 /* poll */ nopoll, 86 /* mmap */ nommap, 87 /* strategy */ nostrategy, 88 /* name */ "FD", 89 /* maj */ CDEV_MAJOR, 90 /* dump */ nodump, 91 /* psize */ nopsize, 92 /* flags */ 0, 93}; 94 95static int do_dup __P((struct filedesc *fdp, int old, int new, register_t *retval, struct thread *td)); 96static int badfo_readwrite __P((struct file *fp, struct uio *uio, 97 struct ucred *cred, int flags, struct thread *td)); 98static int badfo_ioctl __P((struct file *fp, u_long com, caddr_t data, 99 struct thread *td)); 100static int badfo_poll __P((struct file *fp, int events, 101 struct ucred *cred, struct thread *td)); 102static int badfo_kqfilter __P((struct file *fp, struct knote *kn)); 103static int badfo_stat __P((struct file *fp, struct stat *sb, struct thread *td)); 104static int badfo_close __P((struct file *fp, struct thread *td)); 105 106/* 107 * Descriptor management. 108 */ 109struct filelist filehead; /* head of list of open files */ 110int nfiles; /* actual number of open files */ 111extern int cmask; 112struct sx filelist_lock; /* sx to protect filelist */ 113 114/* 115 * System calls on descriptors. 116 */ 117#ifndef _SYS_SYSPROTO_H_ 118struct getdtablesize_args { 119 int dummy; 120}; 121#endif 122/* 123 * MPSAFE 124 */ 125/* ARGSUSED */ 126int 127getdtablesize(td, uap) 128 struct thread *td; 129 struct getdtablesize_args *uap; 130{ 131 struct proc *p = td->td_proc; 132 133 mtx_lock(&Giant); 134 td->td_retval[0] = 135 min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 136 mtx_unlock(&Giant); 137 return (0); 138} 139 140/* 141 * Duplicate a file descriptor to a particular value. 142 * 143 * note: keep in mind that a potential race condition exists when closing 144 * descriptors from a shared descriptor table (via rfork). 145 */ 146#ifndef _SYS_SYSPROTO_H_ 147struct dup2_args { 148 u_int from; 149 u_int to; 150}; 151#endif 152/* 153 * MPSAFE 154 */ 155/* ARGSUSED */ 156int 157dup2(td, uap) 158 struct thread *td; 159 struct dup2_args *uap; 160{ 161 struct proc *p = td->td_proc; 162 register struct filedesc *fdp = td->td_proc->p_fd; 163 register u_int old = uap->from, new = uap->to; 164 int i, error; 165 166 FILEDESC_LOCK(fdp); 167retry: 168 if (old >= fdp->fd_nfiles || 169 fdp->fd_ofiles[old] == NULL || 170 new >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur || 171 new >= maxfilesperproc) { 172 FILEDESC_UNLOCK(fdp); 173 return (EBADF); 174 } 175 if (old == new) { 176 td->td_retval[0] = new; 177 FILEDESC_UNLOCK(fdp); 178 return (0); 179 } 180 if (new >= fdp->fd_nfiles) { 181 if ((error = fdalloc(td, new, &i))) { 182 FILEDESC_UNLOCK(fdp); 183 return (error); 184 } 185 /* 186 * fdalloc() may block, retest everything. 187 */ 188 goto retry; 189 } 190 error = do_dup(fdp, (int)old, (int)new, td->td_retval, td); 191 return(error); 192} 193 194/* 195 * Duplicate a file descriptor. 196 */ 197#ifndef _SYS_SYSPROTO_H_ 198struct dup_args { 199 u_int fd; 200}; 201#endif 202/* 203 * MPSAFE 204 */ 205/* ARGSUSED */ 206int 207dup(td, uap) 208 struct thread *td; 209 struct dup_args *uap; 210{ 211 register struct filedesc *fdp; 212 u_int old; 213 int new, error; 214 215 old = uap->fd; 216 fdp = td->td_proc->p_fd; 217 FILEDESC_LOCK(fdp); 218 if (old >= fdp->fd_nfiles || fdp->fd_ofiles[old] == NULL) { 219 FILEDESC_UNLOCK(fdp); 220 return (EBADF); 221 } 222 if ((error = fdalloc(td, 0, &new))) { 223 FILEDESC_UNLOCK(fdp); 224 return (error); 225 } 226 error = do_dup(fdp, (int)old, new, td->td_retval, td); 227 return (error); 228} 229 230/* 231 * The file control system call. 232 */ 233#ifndef _SYS_SYSPROTO_H_ 234struct fcntl_args { 235 int fd; 236 int cmd; 237 long arg; 238}; 239#endif 240/* 241 * MPSAFE 242 */ 243/* ARGSUSED */ 244int 245fcntl(td, uap) 246 struct thread *td; 247 register struct fcntl_args *uap; 248{ 249 register struct proc *p = td->td_proc; 250 register struct filedesc *fdp; 251 register struct file *fp; 252 register char *pop; 253 struct vnode *vp; 254 int i, tmp, error = 0, flg = F_POSIX; 255 struct flock fl; 256 u_int newmin; 257 struct proc *leaderp; 258 259 mtx_lock(&Giant); 260 261 fdp = p->p_fd; 262 FILEDESC_LOCK(fdp); 263 if ((unsigned)uap->fd >= fdp->fd_nfiles || 264 (fp = fdp->fd_ofiles[uap->fd]) == NULL) { 265 FILEDESC_UNLOCK(fdp); 266 error = EBADF; 267 goto done2; 268 } 269 pop = &fdp->fd_ofileflags[uap->fd]; 270 271 switch (uap->cmd) { 272 case F_DUPFD: 273 newmin = uap->arg; 274 if (newmin >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur || 275 newmin >= maxfilesperproc) { 276 FILEDESC_UNLOCK(fdp); 277 error = EINVAL; 278 break; 279 } 280 if ((error = fdalloc(td, newmin, &i))) { 281 FILEDESC_UNLOCK(fdp); 282 break; 283 } 284 error = do_dup(fdp, uap->fd, i, td->td_retval, td); 285 break; 286 287 case F_GETFD: 288 td->td_retval[0] = *pop & 1; 289 FILEDESC_UNLOCK(fdp); 290 break; 291 292 case F_SETFD: 293 *pop = (*pop &~ 1) | (uap->arg & 1); 294 FILEDESC_UNLOCK(fdp); 295 break; 296 297 case F_GETFL: 298 FILE_LOCK(fp); 299 FILEDESC_UNLOCK(fdp); 300 td->td_retval[0] = OFLAGS(fp->f_flag); 301 FILE_UNLOCK(fp); 302 break; 303 304 case F_SETFL: 305 fhold(fp); 306 FILEDESC_UNLOCK(fdp); 307 fp->f_flag &= ~FCNTLFLAGS; 308 fp->f_flag |= FFLAGS(uap->arg & ~O_ACCMODE) & FCNTLFLAGS; 309 tmp = fp->f_flag & FNONBLOCK; 310 error = fo_ioctl(fp, FIONBIO, (caddr_t)&tmp, td); 311 if (error) { 312 fdrop(fp, td); 313 break; 314 } 315 tmp = fp->f_flag & FASYNC; 316 error = fo_ioctl(fp, FIOASYNC, (caddr_t)&tmp, td); 317 if (!error) { 318 fdrop(fp, td); 319 break; 320 } 321 fp->f_flag &= ~FNONBLOCK; 322 tmp = 0; 323 (void)fo_ioctl(fp, FIONBIO, (caddr_t)&tmp, td); 324 fdrop(fp, td); 325 break; 326 327 case F_GETOWN: 328 fhold(fp); 329 FILEDESC_UNLOCK(fdp); 330 error = fo_ioctl(fp, FIOGETOWN, (caddr_t)td->td_retval, td); 331 fdrop(fp, td); 332 break; 333 334 case F_SETOWN: 335 fhold(fp); 336 FILEDESC_UNLOCK(fdp); 337 error = fo_ioctl(fp, FIOSETOWN, (caddr_t)&uap->arg, td); 338 fdrop(fp, td); 339 break; 340 341 case F_SETLKW: 342 flg |= F_WAIT; 343 /* Fall into F_SETLK */ 344 345 case F_SETLK: 346 if (fp->f_type != DTYPE_VNODE) { 347 FILEDESC_UNLOCK(fdp); 348 error = EBADF; 349 break; 350 } 351 vp = (struct vnode *)fp->f_data; 352 /* 353 * copyin/lockop may block 354 */ 355 fhold(fp); 356 FILEDESC_UNLOCK(fdp); 357 vp = (struct vnode *)fp->f_data; 358 359 /* Copy in the lock structure */ 360 error = copyin((caddr_t)(intptr_t)uap->arg, (caddr_t)&fl, 361 sizeof(fl)); 362 if (error) { 363 fdrop(fp, td); 364 break; 365 } 366 if (fl.l_whence == SEEK_CUR) { 367 if (fp->f_offset < 0 || 368 (fl.l_start > 0 && 369 fp->f_offset > OFF_MAX - fl.l_start)) { 370 fdrop(fp, td); 371 error = EOVERFLOW; 372 break; 373 } 374 fl.l_start += fp->f_offset; 375 } 376 377 switch (fl.l_type) { 378 case F_RDLCK: 379 if ((fp->f_flag & FREAD) == 0) { 380 error = EBADF; 381 break; 382 } 383 PROC_LOCK(p); 384 p->p_flag |= P_ADVLOCK; 385 leaderp = p->p_leader; 386 PROC_UNLOCK(p); 387 error = VOP_ADVLOCK(vp, (caddr_t)leaderp, F_SETLK, 388 &fl, flg); 389 break; 390 case F_WRLCK: 391 if ((fp->f_flag & FWRITE) == 0) { 392 error = EBADF; 393 break; 394 } 395 PROC_LOCK(p); 396 p->p_flag |= P_ADVLOCK; 397 leaderp = p->p_leader; 398 PROC_UNLOCK(p); 399 error = VOP_ADVLOCK(vp, (caddr_t)leaderp, F_SETLK, 400 &fl, flg); 401 break; 402 case F_UNLCK: 403 PROC_LOCK(p); 404 leaderp = p->p_leader; 405 PROC_UNLOCK(p); 406 error = VOP_ADVLOCK(vp, (caddr_t)leaderp, F_UNLCK, 407 &fl, F_POSIX); 408 break; 409 default: 410 error = EINVAL; 411 break; 412 } 413 fdrop(fp, td); 414 break; 415 416 case F_GETLK: 417 if (fp->f_type != DTYPE_VNODE) { 418 FILEDESC_UNLOCK(fdp); 419 error = EBADF; 420 break; 421 } 422 vp = (struct vnode *)fp->f_data; 423 /* 424 * copyin/lockop may block 425 */ 426 fhold(fp); 427 FILEDESC_UNLOCK(fdp); 428 vp = (struct vnode *)fp->f_data; 429 430 /* Copy in the lock structure */ 431 error = copyin((caddr_t)(intptr_t)uap->arg, (caddr_t)&fl, 432 sizeof(fl)); 433 if (error) { 434 fdrop(fp, td); 435 break; 436 } 437 if (fl.l_type != F_RDLCK && fl.l_type != F_WRLCK && 438 fl.l_type != F_UNLCK) { 439 fdrop(fp, td); 440 error = EINVAL; 441 break; 442 } 443 if (fl.l_whence == SEEK_CUR) { 444 if ((fl.l_start > 0 && 445 fp->f_offset > OFF_MAX - fl.l_start) || 446 (fl.l_start < 0 && 447 fp->f_offset < OFF_MIN - fl.l_start)) { 448 fdrop(fp, td); 449 error = EOVERFLOW; 450 break; 451 } 452 fl.l_start += fp->f_offset; 453 } 454 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_GETLK, 455 &fl, F_POSIX); 456 fdrop(fp, td); 457 if (error == 0) { 458 error = copyout((caddr_t)&fl, 459 (caddr_t)(intptr_t)uap->arg, sizeof(fl)); 460 } 461 break; 462 default: 463 FILEDESC_UNLOCK(fdp); 464 error = EINVAL; 465 break; 466 } 467done2: 468 mtx_unlock(&Giant); 469 return (error); 470} 471 472/* 473 * Common code for dup, dup2, and fcntl(F_DUPFD). 474 * filedesc must be locked, but will be unlocked as a side effect. 475 */ 476static int 477do_dup(fdp, old, new, retval, td) 478 register struct filedesc *fdp; 479 register int old, new; 480 register_t *retval; 481 struct thread *td; 482{ 483 struct file *fp; 484 struct file *delfp; 485 486 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED); 487 488 /* 489 * Save info on the descriptor being overwritten. We have 490 * to do the unmap now, but we cannot close it without 491 * introducing an ownership race for the slot. 492 */ 493 delfp = fdp->fd_ofiles[new]; 494#if 0 495 if (delfp && (fdp->fd_ofileflags[new] & UF_MAPPED)) 496 (void) munmapfd(td, new); 497#endif 498 499 /* 500 * Duplicate the source descriptor, update lastfile 501 */ 502 fp = fdp->fd_ofiles[old]; 503 fdp->fd_ofiles[new] = fp; 504 fdp->fd_ofileflags[new] = fdp->fd_ofileflags[old] &~ UF_EXCLOSE; 505 fhold(fp); 506 if (new > fdp->fd_lastfile) 507 fdp->fd_lastfile = new; 508 *retval = new; 509 510 FILEDESC_UNLOCK(fdp); 511 512 /* 513 * If we dup'd over a valid file, we now own the reference to it 514 * and must dispose of it using closef() semantics (as if a 515 * close() were performed on it). 516 */ 517 if (delfp) { 518 mtx_lock(&Giant); 519 (void) closef(delfp, td); 520 mtx_unlock(&Giant); 521 } 522 return (0); 523} 524 525/* 526 * If sigio is on the list associated with a process or process group, 527 * disable signalling from the device, remove sigio from the list and 528 * free sigio. 529 */ 530void 531funsetown(sigio) 532 struct sigio *sigio; 533{ 534 int s; 535 536 if (sigio == NULL) 537 return; 538 539 s = splhigh(); 540 *(sigio->sio_myref) = NULL; 541 splx(s); 542 if ((sigio)->sio_pgid < 0) { 543 struct pgrp *pg = (sigio)->sio_pgrp; 544 PGRP_LOCK(pg); 545 SLIST_REMOVE(&sigio->sio_pgrp->pg_sigiolst, sigio, 546 sigio, sio_pgsigio); 547 PGRP_UNLOCK(pg); 548 } else { 549 struct proc *p = (sigio)->sio_proc; 550 PROC_LOCK(p); 551 SLIST_REMOVE(&sigio->sio_proc->p_sigiolst, sigio, 552 sigio, sio_pgsigio); 553 PROC_UNLOCK(p); 554 } 555 crfree(sigio->sio_ucred); 556 FREE(sigio, M_SIGIO); 557} 558 559/* Free a list of sigio structures. */ 560void 561funsetownlst(sigiolst) 562 struct sigiolst *sigiolst; 563{ 564 int s; 565 struct sigio *sigio; 566 struct proc *p; 567 struct pgrp *pg; 568 569 sigio = SLIST_FIRST(sigiolst); 570 if (sigio == NULL) 571 return; 572 573 p = NULL; 574 pg = NULL; 575 576 /* 577 * Every entry of the list should belong 578 * to a single proc or pgrp. 579 */ 580 if (sigio->sio_pgid < 0) { 581 pg = sigio->sio_pgrp; 582 PGRP_LOCK_ASSERT(pg, MA_OWNED); 583 } else /* if (sigio->sio_pgid > 0) */ { 584 p = sigio->sio_proc; 585 PROC_LOCK_ASSERT(p, MA_OWNED); 586 } 587 588 while ((sigio = SLIST_FIRST(sigiolst)) != NULL) { 589 s = splhigh(); 590 *(sigio->sio_myref) = NULL; 591 splx(s); 592 if (pg != NULL) { 593 KASSERT(sigio->sio_pgid < 0, ("Proc sigio in pgrp sigio list")); 594 KASSERT(sigio->sio_pgrp == pg, ("Bogus pgrp in sigio list")); 595 SLIST_REMOVE(&pg->pg_sigiolst, sigio, sigio, sio_pgsigio); 596 PGRP_UNLOCK(pg); 597 crfree(sigio->sio_ucred); 598 FREE(sigio, M_SIGIO); 599 PGRP_LOCK(pg); 600 } else /* if (p != NULL) */ { 601 KASSERT(sigio->sio_pgid > 0, ("Pgrp sigio in proc sigio list")); 602 KASSERT(sigio->sio_proc == p, ("Bogus proc in sigio list")); 603 SLIST_REMOVE(&p->p_sigiolst, sigio, sigio, sio_pgsigio); 604 PROC_UNLOCK(p); 605 crfree(sigio->sio_ucred); 606 FREE(sigio, M_SIGIO); 607 PROC_LOCK(p); 608 } 609 } 610} 611 612/* 613 * This is common code for FIOSETOWN ioctl called by fcntl(fd, F_SETOWN, arg). 614 * 615 * After permission checking, add a sigio structure to the sigio list for 616 * the process or process group. 617 */ 618int 619fsetown(pgid, sigiop) 620 pid_t pgid; 621 struct sigio **sigiop; 622{ 623 struct proc *proc; 624 struct pgrp *pgrp; 625 struct sigio *sigio; 626 int s, ret; 627 628 if (pgid == 0) { 629 funsetown(*sigiop); 630 return (0); 631 } 632 633 ret = 0; 634 635 /* Allocate and fill in the new sigio out of locks. */ 636 MALLOC(sigio, struct sigio *, sizeof(struct sigio), M_SIGIO, M_WAITOK); 637 sigio->sio_pgid = pgid; 638 sigio->sio_ucred = crhold(curthread->td_ucred); 639 sigio->sio_myref = sigiop; 640 641 PGRPSESS_SLOCK(); 642 if (pgid > 0) { 643 proc = pfind(pgid); 644 if (proc == NULL) { 645 ret = ESRCH; 646 goto fail; 647 } 648 649 /* 650 * Policy - Don't allow a process to FSETOWN a process 651 * in another session. 652 * 653 * Remove this test to allow maximum flexibility or 654 * restrict FSETOWN to the current process or process 655 * group for maximum safety. 656 */ 657 PROC_UNLOCK(proc); 658 if (proc->p_session != curthread->td_proc->p_session) { 659 ret = EPERM; 660 goto fail; 661 } 662 663 pgrp = NULL; 664 } else /* if (pgid < 0) */ { 665 pgrp = pgfind(-pgid); 666 if (pgrp == NULL) { 667 ret = ESRCH; 668 goto fail; 669 } 670 PGRP_UNLOCK(pgrp); 671 672 /* 673 * Policy - Don't allow a process to FSETOWN a process 674 * in another session. 675 * 676 * Remove this test to allow maximum flexibility or 677 * restrict FSETOWN to the current process or process 678 * group for maximum safety. 679 */ 680 if (pgrp->pg_session != curthread->td_proc->p_session) { 681 ret = EPERM; 682 goto fail; 683 } 684 685 proc = NULL; 686 } 687 funsetown(*sigiop); 688 if (pgid > 0) { 689 PROC_LOCK(proc); 690 SLIST_INSERT_HEAD(&proc->p_sigiolst, sigio, sio_pgsigio); 691 sigio->sio_proc = proc; 692 PROC_UNLOCK(proc); 693 } else { 694 PGRP_LOCK(pgrp); 695 SLIST_INSERT_HEAD(&pgrp->pg_sigiolst, sigio, sio_pgsigio); 696 sigio->sio_pgrp = pgrp; 697 PGRP_UNLOCK(pgrp); 698 } 699 PGRPSESS_SUNLOCK(); 700 s = splhigh(); 701 *sigiop = sigio; 702 splx(s); 703 return (0); 704 705fail: 706 PGRPSESS_SUNLOCK(); 707 crfree(sigio->sio_ucred); 708 FREE(sigio, M_SIGIO); 709 return (ret); 710} 711 712/* 713 * This is common code for FIOGETOWN ioctl called by fcntl(fd, F_GETOWN, arg). 714 */ 715pid_t 716fgetown(sigio) 717 struct sigio *sigio; 718{ 719 return (sigio != NULL ? sigio->sio_pgid : 0); 720} 721 722/* 723 * Close a file descriptor. 724 */ 725#ifndef _SYS_SYSPROTO_H_ 726struct close_args { 727 int fd; 728}; 729#endif 730/* 731 * MPSAFE 732 */ 733/* ARGSUSED */ 734int 735close(td, uap) 736 struct thread *td; 737 struct close_args *uap; 738{ 739 register struct filedesc *fdp; 740 register struct file *fp; 741 register int fd = uap->fd; 742 int error = 0; 743 744 mtx_lock(&Giant); 745 fdp = td->td_proc->p_fd; 746 FILEDESC_LOCK(fdp); 747 if ((unsigned)fd >= fdp->fd_nfiles || 748 (fp = fdp->fd_ofiles[fd]) == NULL) { 749 FILEDESC_UNLOCK(fdp); 750 error = EBADF; 751 goto done2; 752 } 753#if 0 754 if (fdp->fd_ofileflags[fd] & UF_MAPPED) 755 (void) munmapfd(td, fd); 756#endif 757 fdp->fd_ofiles[fd] = NULL; 758 fdp->fd_ofileflags[fd] = 0; 759 760 /* 761 * we now hold the fp reference that used to be owned by the descriptor 762 * array. 763 */ 764 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 765 fdp->fd_lastfile--; 766 if (fd < fdp->fd_freefile) 767 fdp->fd_freefile = fd; 768 if (fd < fdp->fd_knlistsize) { 769 FILEDESC_UNLOCK(fdp); 770 knote_fdclose(td, fd); 771 } else 772 FILEDESC_UNLOCK(fdp); 773 774 error = closef(fp, td); 775done2: 776 mtx_unlock(&Giant); 777 return(error); 778} 779 780#if defined(COMPAT_43) || defined(COMPAT_SUNOS) 781/* 782 * Return status information about a file descriptor. 783 */ 784#ifndef _SYS_SYSPROTO_H_ 785struct ofstat_args { 786 int fd; 787 struct ostat *sb; 788}; 789#endif 790/* 791 * MPSAFE 792 */ 793/* ARGSUSED */ 794int 795ofstat(td, uap) 796 struct thread *td; 797 register struct ofstat_args *uap; 798{ 799 struct file *fp; 800 struct stat ub; 801 struct ostat oub; 802 int error; 803 804 mtx_lock(&Giant); 805 if ((error = fget(td, uap->fd, &fp)) != 0) 806 goto done2; 807 error = fo_stat(fp, &ub, td); 808 if (error == 0) { 809 cvtstat(&ub, &oub); 810 error = copyout((caddr_t)&oub, (caddr_t)uap->sb, sizeof (oub)); 811 } 812 fdrop(fp, td); 813done2: 814 mtx_unlock(&Giant); 815 return (error); 816} 817#endif /* COMPAT_43 || COMPAT_SUNOS */ 818 819/* 820 * Return status information about a file descriptor. 821 */ 822#ifndef _SYS_SYSPROTO_H_ 823struct fstat_args { 824 int fd; 825 struct stat *sb; 826}; 827#endif 828/* 829 * MPSAFE 830 */ 831/* ARGSUSED */ 832int 833fstat(td, uap) 834 struct thread *td; 835 struct fstat_args *uap; 836{ 837 struct file *fp; 838 struct stat ub; 839 int error; 840 841 mtx_lock(&Giant); 842 if ((error = fget(td, uap->fd, &fp)) != 0) 843 goto done2; 844 error = fo_stat(fp, &ub, td); 845 if (error == 0) 846 error = copyout((caddr_t)&ub, (caddr_t)uap->sb, sizeof (ub)); 847 fdrop(fp, td); 848done2: 849 mtx_unlock(&Giant); 850 return (error); 851} 852 853/* 854 * Return status information about a file descriptor. 855 */ 856#ifndef _SYS_SYSPROTO_H_ 857struct nfstat_args { 858 int fd; 859 struct nstat *sb; 860}; 861#endif 862/* 863 * MPSAFE 864 */ 865/* ARGSUSED */ 866int 867nfstat(td, uap) 868 struct thread *td; 869 register struct nfstat_args *uap; 870{ 871 struct file *fp; 872 struct stat ub; 873 struct nstat nub; 874 int error; 875 876 mtx_lock(&Giant); 877 if ((error = fget(td, uap->fd, &fp)) != 0) 878 goto done2; 879 error = fo_stat(fp, &ub, td); 880 if (error == 0) { 881 cvtnstat(&ub, &nub); 882 error = copyout((caddr_t)&nub, (caddr_t)uap->sb, sizeof (nub)); 883 } 884 fdrop(fp, td); 885done2: 886 mtx_unlock(&Giant); 887 return (error); 888} 889 890/* 891 * Return pathconf information about a file descriptor. 892 */ 893#ifndef _SYS_SYSPROTO_H_ 894struct fpathconf_args { 895 int fd; 896 int name; 897}; 898#endif 899/* 900 * MPSAFE 901 */ 902/* ARGSUSED */ 903int 904fpathconf(td, uap) 905 struct thread *td; 906 register struct fpathconf_args *uap; 907{ 908 struct file *fp; 909 struct vnode *vp; 910 int error; 911 912 if ((error = fget(td, uap->fd, &fp)) != 0) 913 return (error); 914 915 switch (fp->f_type) { 916 case DTYPE_PIPE: 917 case DTYPE_SOCKET: 918 if (uap->name != _PC_PIPE_BUF) { 919 error = EINVAL; 920 } else { 921 td->td_retval[0] = PIPE_BUF; 922 error = 0; 923 } 924 break; 925 case DTYPE_FIFO: 926 case DTYPE_VNODE: 927 vp = (struct vnode *)fp->f_data; 928 mtx_lock(&Giant); 929 error = VOP_PATHCONF(vp, uap->name, td->td_retval); 930 mtx_unlock(&Giant); 931 break; 932 default: 933 error = EOPNOTSUPP; 934 break; 935 } 936 fdrop(fp, td); 937 return(error); 938} 939 940/* 941 * Allocate a file descriptor for the process. 942 */ 943static int fdexpand; 944SYSCTL_INT(_debug, OID_AUTO, fdexpand, CTLFLAG_RD, &fdexpand, 0, ""); 945 946int 947fdalloc(td, want, result) 948 struct thread *td; 949 int want; 950 int *result; 951{ 952 struct proc *p = td->td_proc; 953 register struct filedesc *fdp = td->td_proc->p_fd; 954 register int i; 955 int lim, last, nfiles; 956 struct file **newofile, **oldofile; 957 char *newofileflags; 958 959 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED); 960 961 /* 962 * Search for a free descriptor starting at the higher 963 * of want or fd_freefile. If that fails, consider 964 * expanding the ofile array. 965 */ 966 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 967 for (;;) { 968 last = min(fdp->fd_nfiles, lim); 969 if ((i = want) < fdp->fd_freefile) 970 i = fdp->fd_freefile; 971 for (; i < last; i++) { 972 if (fdp->fd_ofiles[i] == NULL) { 973 fdp->fd_ofileflags[i] = 0; 974 if (i > fdp->fd_lastfile) 975 fdp->fd_lastfile = i; 976 if (want <= fdp->fd_freefile) 977 fdp->fd_freefile = i; 978 *result = i; 979 return (0); 980 } 981 } 982 983 /* 984 * No space in current array. Expand? 985 */ 986 if (fdp->fd_nfiles >= lim) 987 return (EMFILE); 988 if (fdp->fd_nfiles < NDEXTENT) 989 nfiles = NDEXTENT; 990 else 991 nfiles = 2 * fdp->fd_nfiles; 992 FILEDESC_UNLOCK(fdp); 993 mtx_lock(&Giant); 994 MALLOC(newofile, struct file **, nfiles * OFILESIZE, 995 M_FILEDESC, M_WAITOK); 996 mtx_unlock(&Giant); 997 FILEDESC_LOCK(fdp); 998 999 /* 1000 * deal with file-table extend race that might have occured 1001 * when malloc was blocked. 1002 */ 1003 if (fdp->fd_nfiles >= nfiles) { 1004 FILEDESC_UNLOCK(fdp); 1005 mtx_lock(&Giant); 1006 FREE(newofile, M_FILEDESC); 1007 mtx_unlock(&Giant); 1008 FILEDESC_LOCK(fdp); 1009 continue; 1010 } 1011 newofileflags = (char *) &newofile[nfiles]; 1012 /* 1013 * Copy the existing ofile and ofileflags arrays 1014 * and zero the new portion of each array. 1015 */ 1016 bcopy(fdp->fd_ofiles, newofile, 1017 (i = sizeof(struct file *) * fdp->fd_nfiles)); 1018 bzero((char *)newofile + i, nfiles * sizeof(struct file *) - i); 1019 bcopy(fdp->fd_ofileflags, newofileflags, 1020 (i = sizeof(char) * fdp->fd_nfiles)); 1021 bzero(newofileflags + i, nfiles * sizeof(char) - i); 1022 if (fdp->fd_nfiles > NDFILE) 1023 oldofile = fdp->fd_ofiles; 1024 else 1025 oldofile = NULL; 1026 fdp->fd_ofiles = newofile; 1027 fdp->fd_ofileflags = newofileflags; 1028 fdp->fd_nfiles = nfiles; 1029 fdexpand++; 1030 if (oldofile != NULL) { 1031 FILEDESC_UNLOCK(fdp); 1032 mtx_lock(&Giant); 1033 FREE(oldofile, M_FILEDESC); 1034 mtx_unlock(&Giant); 1035 FILEDESC_LOCK(fdp); 1036 } 1037 } 1038 return (0); 1039} 1040 1041/* 1042 * Check to see whether n user file descriptors 1043 * are available to the process p. 1044 */ 1045int 1046fdavail(td, n) 1047 struct thread *td; 1048 register int n; 1049{ 1050 struct proc *p = td->td_proc; 1051 register struct filedesc *fdp = td->td_proc->p_fd; 1052 register struct file **fpp; 1053 register int i, lim, last; 1054 1055 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED); 1056 1057 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 1058 if ((i = lim - fdp->fd_nfiles) > 0 && (n -= i) <= 0) 1059 return (1); 1060 1061 last = min(fdp->fd_nfiles, lim); 1062 fpp = &fdp->fd_ofiles[fdp->fd_freefile]; 1063 for (i = last - fdp->fd_freefile; --i >= 0; fpp++) { 1064 if (*fpp == NULL && --n <= 0) 1065 return (1); 1066 } 1067 return (0); 1068} 1069 1070/* 1071 * Create a new open file structure and allocate 1072 * a file decriptor for the process that refers to it. 1073 */ 1074int 1075falloc(td, resultfp, resultfd) 1076 register struct thread *td; 1077 struct file **resultfp; 1078 int *resultfd; 1079{ 1080 struct proc *p = td->td_proc; 1081 register struct file *fp, *fq; 1082 int error, i; 1083 1084 sx_xlock(&filelist_lock); 1085 if (nfiles >= maxfiles) { 1086 sx_xunlock(&filelist_lock); 1087 tablefull("file"); 1088 return (ENFILE); 1089 } 1090 nfiles++; 1091 sx_xunlock(&filelist_lock); 1092 /* 1093 * Allocate a new file descriptor. 1094 * If the process has file descriptor zero open, add to the list 1095 * of open files at that point, otherwise put it at the front of 1096 * the list of open files. 1097 */
| 77static d_open_t fdopen; 78#define NUMFDESC 64 79 80#define CDEV_MAJOR 22 81static struct cdevsw fildesc_cdevsw = { 82 /* open */ fdopen, 83 /* close */ noclose, 84 /* read */ noread, 85 /* write */ nowrite, 86 /* ioctl */ noioctl, 87 /* poll */ nopoll, 88 /* mmap */ nommap, 89 /* strategy */ nostrategy, 90 /* name */ "FD", 91 /* maj */ CDEV_MAJOR, 92 /* dump */ nodump, 93 /* psize */ nopsize, 94 /* flags */ 0, 95}; 96 97static int do_dup __P((struct filedesc *fdp, int old, int new, register_t *retval, struct thread *td)); 98static int badfo_readwrite __P((struct file *fp, struct uio *uio, 99 struct ucred *cred, int flags, struct thread *td)); 100static int badfo_ioctl __P((struct file *fp, u_long com, caddr_t data, 101 struct thread *td)); 102static int badfo_poll __P((struct file *fp, int events, 103 struct ucred *cred, struct thread *td)); 104static int badfo_kqfilter __P((struct file *fp, struct knote *kn)); 105static int badfo_stat __P((struct file *fp, struct stat *sb, struct thread *td)); 106static int badfo_close __P((struct file *fp, struct thread *td)); 107 108/* 109 * Descriptor management. 110 */ 111struct filelist filehead; /* head of list of open files */ 112int nfiles; /* actual number of open files */ 113extern int cmask; 114struct sx filelist_lock; /* sx to protect filelist */ 115 116/* 117 * System calls on descriptors. 118 */ 119#ifndef _SYS_SYSPROTO_H_ 120struct getdtablesize_args { 121 int dummy; 122}; 123#endif 124/* 125 * MPSAFE 126 */ 127/* ARGSUSED */ 128int 129getdtablesize(td, uap) 130 struct thread *td; 131 struct getdtablesize_args *uap; 132{ 133 struct proc *p = td->td_proc; 134 135 mtx_lock(&Giant); 136 td->td_retval[0] = 137 min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 138 mtx_unlock(&Giant); 139 return (0); 140} 141 142/* 143 * Duplicate a file descriptor to a particular value. 144 * 145 * note: keep in mind that a potential race condition exists when closing 146 * descriptors from a shared descriptor table (via rfork). 147 */ 148#ifndef _SYS_SYSPROTO_H_ 149struct dup2_args { 150 u_int from; 151 u_int to; 152}; 153#endif 154/* 155 * MPSAFE 156 */ 157/* ARGSUSED */ 158int 159dup2(td, uap) 160 struct thread *td; 161 struct dup2_args *uap; 162{ 163 struct proc *p = td->td_proc; 164 register struct filedesc *fdp = td->td_proc->p_fd; 165 register u_int old = uap->from, new = uap->to; 166 int i, error; 167 168 FILEDESC_LOCK(fdp); 169retry: 170 if (old >= fdp->fd_nfiles || 171 fdp->fd_ofiles[old] == NULL || 172 new >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur || 173 new >= maxfilesperproc) { 174 FILEDESC_UNLOCK(fdp); 175 return (EBADF); 176 } 177 if (old == new) { 178 td->td_retval[0] = new; 179 FILEDESC_UNLOCK(fdp); 180 return (0); 181 } 182 if (new >= fdp->fd_nfiles) { 183 if ((error = fdalloc(td, new, &i))) { 184 FILEDESC_UNLOCK(fdp); 185 return (error); 186 } 187 /* 188 * fdalloc() may block, retest everything. 189 */ 190 goto retry; 191 } 192 error = do_dup(fdp, (int)old, (int)new, td->td_retval, td); 193 return(error); 194} 195 196/* 197 * Duplicate a file descriptor. 198 */ 199#ifndef _SYS_SYSPROTO_H_ 200struct dup_args { 201 u_int fd; 202}; 203#endif 204/* 205 * MPSAFE 206 */ 207/* ARGSUSED */ 208int 209dup(td, uap) 210 struct thread *td; 211 struct dup_args *uap; 212{ 213 register struct filedesc *fdp; 214 u_int old; 215 int new, error; 216 217 old = uap->fd; 218 fdp = td->td_proc->p_fd; 219 FILEDESC_LOCK(fdp); 220 if (old >= fdp->fd_nfiles || fdp->fd_ofiles[old] == NULL) { 221 FILEDESC_UNLOCK(fdp); 222 return (EBADF); 223 } 224 if ((error = fdalloc(td, 0, &new))) { 225 FILEDESC_UNLOCK(fdp); 226 return (error); 227 } 228 error = do_dup(fdp, (int)old, new, td->td_retval, td); 229 return (error); 230} 231 232/* 233 * The file control system call. 234 */ 235#ifndef _SYS_SYSPROTO_H_ 236struct fcntl_args { 237 int fd; 238 int cmd; 239 long arg; 240}; 241#endif 242/* 243 * MPSAFE 244 */ 245/* ARGSUSED */ 246int 247fcntl(td, uap) 248 struct thread *td; 249 register struct fcntl_args *uap; 250{ 251 register struct proc *p = td->td_proc; 252 register struct filedesc *fdp; 253 register struct file *fp; 254 register char *pop; 255 struct vnode *vp; 256 int i, tmp, error = 0, flg = F_POSIX; 257 struct flock fl; 258 u_int newmin; 259 struct proc *leaderp; 260 261 mtx_lock(&Giant); 262 263 fdp = p->p_fd; 264 FILEDESC_LOCK(fdp); 265 if ((unsigned)uap->fd >= fdp->fd_nfiles || 266 (fp = fdp->fd_ofiles[uap->fd]) == NULL) { 267 FILEDESC_UNLOCK(fdp); 268 error = EBADF; 269 goto done2; 270 } 271 pop = &fdp->fd_ofileflags[uap->fd]; 272 273 switch (uap->cmd) { 274 case F_DUPFD: 275 newmin = uap->arg; 276 if (newmin >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur || 277 newmin >= maxfilesperproc) { 278 FILEDESC_UNLOCK(fdp); 279 error = EINVAL; 280 break; 281 } 282 if ((error = fdalloc(td, newmin, &i))) { 283 FILEDESC_UNLOCK(fdp); 284 break; 285 } 286 error = do_dup(fdp, uap->fd, i, td->td_retval, td); 287 break; 288 289 case F_GETFD: 290 td->td_retval[0] = *pop & 1; 291 FILEDESC_UNLOCK(fdp); 292 break; 293 294 case F_SETFD: 295 *pop = (*pop &~ 1) | (uap->arg & 1); 296 FILEDESC_UNLOCK(fdp); 297 break; 298 299 case F_GETFL: 300 FILE_LOCK(fp); 301 FILEDESC_UNLOCK(fdp); 302 td->td_retval[0] = OFLAGS(fp->f_flag); 303 FILE_UNLOCK(fp); 304 break; 305 306 case F_SETFL: 307 fhold(fp); 308 FILEDESC_UNLOCK(fdp); 309 fp->f_flag &= ~FCNTLFLAGS; 310 fp->f_flag |= FFLAGS(uap->arg & ~O_ACCMODE) & FCNTLFLAGS; 311 tmp = fp->f_flag & FNONBLOCK; 312 error = fo_ioctl(fp, FIONBIO, (caddr_t)&tmp, td); 313 if (error) { 314 fdrop(fp, td); 315 break; 316 } 317 tmp = fp->f_flag & FASYNC; 318 error = fo_ioctl(fp, FIOASYNC, (caddr_t)&tmp, td); 319 if (!error) { 320 fdrop(fp, td); 321 break; 322 } 323 fp->f_flag &= ~FNONBLOCK; 324 tmp = 0; 325 (void)fo_ioctl(fp, FIONBIO, (caddr_t)&tmp, td); 326 fdrop(fp, td); 327 break; 328 329 case F_GETOWN: 330 fhold(fp); 331 FILEDESC_UNLOCK(fdp); 332 error = fo_ioctl(fp, FIOGETOWN, (caddr_t)td->td_retval, td); 333 fdrop(fp, td); 334 break; 335 336 case F_SETOWN: 337 fhold(fp); 338 FILEDESC_UNLOCK(fdp); 339 error = fo_ioctl(fp, FIOSETOWN, (caddr_t)&uap->arg, td); 340 fdrop(fp, td); 341 break; 342 343 case F_SETLKW: 344 flg |= F_WAIT; 345 /* Fall into F_SETLK */ 346 347 case F_SETLK: 348 if (fp->f_type != DTYPE_VNODE) { 349 FILEDESC_UNLOCK(fdp); 350 error = EBADF; 351 break; 352 } 353 vp = (struct vnode *)fp->f_data; 354 /* 355 * copyin/lockop may block 356 */ 357 fhold(fp); 358 FILEDESC_UNLOCK(fdp); 359 vp = (struct vnode *)fp->f_data; 360 361 /* Copy in the lock structure */ 362 error = copyin((caddr_t)(intptr_t)uap->arg, (caddr_t)&fl, 363 sizeof(fl)); 364 if (error) { 365 fdrop(fp, td); 366 break; 367 } 368 if (fl.l_whence == SEEK_CUR) { 369 if (fp->f_offset < 0 || 370 (fl.l_start > 0 && 371 fp->f_offset > OFF_MAX - fl.l_start)) { 372 fdrop(fp, td); 373 error = EOVERFLOW; 374 break; 375 } 376 fl.l_start += fp->f_offset; 377 } 378 379 switch (fl.l_type) { 380 case F_RDLCK: 381 if ((fp->f_flag & FREAD) == 0) { 382 error = EBADF; 383 break; 384 } 385 PROC_LOCK(p); 386 p->p_flag |= P_ADVLOCK; 387 leaderp = p->p_leader; 388 PROC_UNLOCK(p); 389 error = VOP_ADVLOCK(vp, (caddr_t)leaderp, F_SETLK, 390 &fl, flg); 391 break; 392 case F_WRLCK: 393 if ((fp->f_flag & FWRITE) == 0) { 394 error = EBADF; 395 break; 396 } 397 PROC_LOCK(p); 398 p->p_flag |= P_ADVLOCK; 399 leaderp = p->p_leader; 400 PROC_UNLOCK(p); 401 error = VOP_ADVLOCK(vp, (caddr_t)leaderp, F_SETLK, 402 &fl, flg); 403 break; 404 case F_UNLCK: 405 PROC_LOCK(p); 406 leaderp = p->p_leader; 407 PROC_UNLOCK(p); 408 error = VOP_ADVLOCK(vp, (caddr_t)leaderp, F_UNLCK, 409 &fl, F_POSIX); 410 break; 411 default: 412 error = EINVAL; 413 break; 414 } 415 fdrop(fp, td); 416 break; 417 418 case F_GETLK: 419 if (fp->f_type != DTYPE_VNODE) { 420 FILEDESC_UNLOCK(fdp); 421 error = EBADF; 422 break; 423 } 424 vp = (struct vnode *)fp->f_data; 425 /* 426 * copyin/lockop may block 427 */ 428 fhold(fp); 429 FILEDESC_UNLOCK(fdp); 430 vp = (struct vnode *)fp->f_data; 431 432 /* Copy in the lock structure */ 433 error = copyin((caddr_t)(intptr_t)uap->arg, (caddr_t)&fl, 434 sizeof(fl)); 435 if (error) { 436 fdrop(fp, td); 437 break; 438 } 439 if (fl.l_type != F_RDLCK && fl.l_type != F_WRLCK && 440 fl.l_type != F_UNLCK) { 441 fdrop(fp, td); 442 error = EINVAL; 443 break; 444 } 445 if (fl.l_whence == SEEK_CUR) { 446 if ((fl.l_start > 0 && 447 fp->f_offset > OFF_MAX - fl.l_start) || 448 (fl.l_start < 0 && 449 fp->f_offset < OFF_MIN - fl.l_start)) { 450 fdrop(fp, td); 451 error = EOVERFLOW; 452 break; 453 } 454 fl.l_start += fp->f_offset; 455 } 456 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_GETLK, 457 &fl, F_POSIX); 458 fdrop(fp, td); 459 if (error == 0) { 460 error = copyout((caddr_t)&fl, 461 (caddr_t)(intptr_t)uap->arg, sizeof(fl)); 462 } 463 break; 464 default: 465 FILEDESC_UNLOCK(fdp); 466 error = EINVAL; 467 break; 468 } 469done2: 470 mtx_unlock(&Giant); 471 return (error); 472} 473 474/* 475 * Common code for dup, dup2, and fcntl(F_DUPFD). 476 * filedesc must be locked, but will be unlocked as a side effect. 477 */ 478static int 479do_dup(fdp, old, new, retval, td) 480 register struct filedesc *fdp; 481 register int old, new; 482 register_t *retval; 483 struct thread *td; 484{ 485 struct file *fp; 486 struct file *delfp; 487 488 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED); 489 490 /* 491 * Save info on the descriptor being overwritten. We have 492 * to do the unmap now, but we cannot close it without 493 * introducing an ownership race for the slot. 494 */ 495 delfp = fdp->fd_ofiles[new]; 496#if 0 497 if (delfp && (fdp->fd_ofileflags[new] & UF_MAPPED)) 498 (void) munmapfd(td, new); 499#endif 500 501 /* 502 * Duplicate the source descriptor, update lastfile 503 */ 504 fp = fdp->fd_ofiles[old]; 505 fdp->fd_ofiles[new] = fp; 506 fdp->fd_ofileflags[new] = fdp->fd_ofileflags[old] &~ UF_EXCLOSE; 507 fhold(fp); 508 if (new > fdp->fd_lastfile) 509 fdp->fd_lastfile = new; 510 *retval = new; 511 512 FILEDESC_UNLOCK(fdp); 513 514 /* 515 * If we dup'd over a valid file, we now own the reference to it 516 * and must dispose of it using closef() semantics (as if a 517 * close() were performed on it). 518 */ 519 if (delfp) { 520 mtx_lock(&Giant); 521 (void) closef(delfp, td); 522 mtx_unlock(&Giant); 523 } 524 return (0); 525} 526 527/* 528 * If sigio is on the list associated with a process or process group, 529 * disable signalling from the device, remove sigio from the list and 530 * free sigio. 531 */ 532void 533funsetown(sigio) 534 struct sigio *sigio; 535{ 536 int s; 537 538 if (sigio == NULL) 539 return; 540 541 s = splhigh(); 542 *(sigio->sio_myref) = NULL; 543 splx(s); 544 if ((sigio)->sio_pgid < 0) { 545 struct pgrp *pg = (sigio)->sio_pgrp; 546 PGRP_LOCK(pg); 547 SLIST_REMOVE(&sigio->sio_pgrp->pg_sigiolst, sigio, 548 sigio, sio_pgsigio); 549 PGRP_UNLOCK(pg); 550 } else { 551 struct proc *p = (sigio)->sio_proc; 552 PROC_LOCK(p); 553 SLIST_REMOVE(&sigio->sio_proc->p_sigiolst, sigio, 554 sigio, sio_pgsigio); 555 PROC_UNLOCK(p); 556 } 557 crfree(sigio->sio_ucred); 558 FREE(sigio, M_SIGIO); 559} 560 561/* Free a list of sigio structures. */ 562void 563funsetownlst(sigiolst) 564 struct sigiolst *sigiolst; 565{ 566 int s; 567 struct sigio *sigio; 568 struct proc *p; 569 struct pgrp *pg; 570 571 sigio = SLIST_FIRST(sigiolst); 572 if (sigio == NULL) 573 return; 574 575 p = NULL; 576 pg = NULL; 577 578 /* 579 * Every entry of the list should belong 580 * to a single proc or pgrp. 581 */ 582 if (sigio->sio_pgid < 0) { 583 pg = sigio->sio_pgrp; 584 PGRP_LOCK_ASSERT(pg, MA_OWNED); 585 } else /* if (sigio->sio_pgid > 0) */ { 586 p = sigio->sio_proc; 587 PROC_LOCK_ASSERT(p, MA_OWNED); 588 } 589 590 while ((sigio = SLIST_FIRST(sigiolst)) != NULL) { 591 s = splhigh(); 592 *(sigio->sio_myref) = NULL; 593 splx(s); 594 if (pg != NULL) { 595 KASSERT(sigio->sio_pgid < 0, ("Proc sigio in pgrp sigio list")); 596 KASSERT(sigio->sio_pgrp == pg, ("Bogus pgrp in sigio list")); 597 SLIST_REMOVE(&pg->pg_sigiolst, sigio, sigio, sio_pgsigio); 598 PGRP_UNLOCK(pg); 599 crfree(sigio->sio_ucred); 600 FREE(sigio, M_SIGIO); 601 PGRP_LOCK(pg); 602 } else /* if (p != NULL) */ { 603 KASSERT(sigio->sio_pgid > 0, ("Pgrp sigio in proc sigio list")); 604 KASSERT(sigio->sio_proc == p, ("Bogus proc in sigio list")); 605 SLIST_REMOVE(&p->p_sigiolst, sigio, sigio, sio_pgsigio); 606 PROC_UNLOCK(p); 607 crfree(sigio->sio_ucred); 608 FREE(sigio, M_SIGIO); 609 PROC_LOCK(p); 610 } 611 } 612} 613 614/* 615 * This is common code for FIOSETOWN ioctl called by fcntl(fd, F_SETOWN, arg). 616 * 617 * After permission checking, add a sigio structure to the sigio list for 618 * the process or process group. 619 */ 620int 621fsetown(pgid, sigiop) 622 pid_t pgid; 623 struct sigio **sigiop; 624{ 625 struct proc *proc; 626 struct pgrp *pgrp; 627 struct sigio *sigio; 628 int s, ret; 629 630 if (pgid == 0) { 631 funsetown(*sigiop); 632 return (0); 633 } 634 635 ret = 0; 636 637 /* Allocate and fill in the new sigio out of locks. */ 638 MALLOC(sigio, struct sigio *, sizeof(struct sigio), M_SIGIO, M_WAITOK); 639 sigio->sio_pgid = pgid; 640 sigio->sio_ucred = crhold(curthread->td_ucred); 641 sigio->sio_myref = sigiop; 642 643 PGRPSESS_SLOCK(); 644 if (pgid > 0) { 645 proc = pfind(pgid); 646 if (proc == NULL) { 647 ret = ESRCH; 648 goto fail; 649 } 650 651 /* 652 * Policy - Don't allow a process to FSETOWN a process 653 * in another session. 654 * 655 * Remove this test to allow maximum flexibility or 656 * restrict FSETOWN to the current process or process 657 * group for maximum safety. 658 */ 659 PROC_UNLOCK(proc); 660 if (proc->p_session != curthread->td_proc->p_session) { 661 ret = EPERM; 662 goto fail; 663 } 664 665 pgrp = NULL; 666 } else /* if (pgid < 0) */ { 667 pgrp = pgfind(-pgid); 668 if (pgrp == NULL) { 669 ret = ESRCH; 670 goto fail; 671 } 672 PGRP_UNLOCK(pgrp); 673 674 /* 675 * Policy - Don't allow a process to FSETOWN a process 676 * in another session. 677 * 678 * Remove this test to allow maximum flexibility or 679 * restrict FSETOWN to the current process or process 680 * group for maximum safety. 681 */ 682 if (pgrp->pg_session != curthread->td_proc->p_session) { 683 ret = EPERM; 684 goto fail; 685 } 686 687 proc = NULL; 688 } 689 funsetown(*sigiop); 690 if (pgid > 0) { 691 PROC_LOCK(proc); 692 SLIST_INSERT_HEAD(&proc->p_sigiolst, sigio, sio_pgsigio); 693 sigio->sio_proc = proc; 694 PROC_UNLOCK(proc); 695 } else { 696 PGRP_LOCK(pgrp); 697 SLIST_INSERT_HEAD(&pgrp->pg_sigiolst, sigio, sio_pgsigio); 698 sigio->sio_pgrp = pgrp; 699 PGRP_UNLOCK(pgrp); 700 } 701 PGRPSESS_SUNLOCK(); 702 s = splhigh(); 703 *sigiop = sigio; 704 splx(s); 705 return (0); 706 707fail: 708 PGRPSESS_SUNLOCK(); 709 crfree(sigio->sio_ucred); 710 FREE(sigio, M_SIGIO); 711 return (ret); 712} 713 714/* 715 * This is common code for FIOGETOWN ioctl called by fcntl(fd, F_GETOWN, arg). 716 */ 717pid_t 718fgetown(sigio) 719 struct sigio *sigio; 720{ 721 return (sigio != NULL ? sigio->sio_pgid : 0); 722} 723 724/* 725 * Close a file descriptor. 726 */ 727#ifndef _SYS_SYSPROTO_H_ 728struct close_args { 729 int fd; 730}; 731#endif 732/* 733 * MPSAFE 734 */ 735/* ARGSUSED */ 736int 737close(td, uap) 738 struct thread *td; 739 struct close_args *uap; 740{ 741 register struct filedesc *fdp; 742 register struct file *fp; 743 register int fd = uap->fd; 744 int error = 0; 745 746 mtx_lock(&Giant); 747 fdp = td->td_proc->p_fd; 748 FILEDESC_LOCK(fdp); 749 if ((unsigned)fd >= fdp->fd_nfiles || 750 (fp = fdp->fd_ofiles[fd]) == NULL) { 751 FILEDESC_UNLOCK(fdp); 752 error = EBADF; 753 goto done2; 754 } 755#if 0 756 if (fdp->fd_ofileflags[fd] & UF_MAPPED) 757 (void) munmapfd(td, fd); 758#endif 759 fdp->fd_ofiles[fd] = NULL; 760 fdp->fd_ofileflags[fd] = 0; 761 762 /* 763 * we now hold the fp reference that used to be owned by the descriptor 764 * array. 765 */ 766 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 767 fdp->fd_lastfile--; 768 if (fd < fdp->fd_freefile) 769 fdp->fd_freefile = fd; 770 if (fd < fdp->fd_knlistsize) { 771 FILEDESC_UNLOCK(fdp); 772 knote_fdclose(td, fd); 773 } else 774 FILEDESC_UNLOCK(fdp); 775 776 error = closef(fp, td); 777done2: 778 mtx_unlock(&Giant); 779 return(error); 780} 781 782#if defined(COMPAT_43) || defined(COMPAT_SUNOS) 783/* 784 * Return status information about a file descriptor. 785 */ 786#ifndef _SYS_SYSPROTO_H_ 787struct ofstat_args { 788 int fd; 789 struct ostat *sb; 790}; 791#endif 792/* 793 * MPSAFE 794 */ 795/* ARGSUSED */ 796int 797ofstat(td, uap) 798 struct thread *td; 799 register struct ofstat_args *uap; 800{ 801 struct file *fp; 802 struct stat ub; 803 struct ostat oub; 804 int error; 805 806 mtx_lock(&Giant); 807 if ((error = fget(td, uap->fd, &fp)) != 0) 808 goto done2; 809 error = fo_stat(fp, &ub, td); 810 if (error == 0) { 811 cvtstat(&ub, &oub); 812 error = copyout((caddr_t)&oub, (caddr_t)uap->sb, sizeof (oub)); 813 } 814 fdrop(fp, td); 815done2: 816 mtx_unlock(&Giant); 817 return (error); 818} 819#endif /* COMPAT_43 || COMPAT_SUNOS */ 820 821/* 822 * Return status information about a file descriptor. 823 */ 824#ifndef _SYS_SYSPROTO_H_ 825struct fstat_args { 826 int fd; 827 struct stat *sb; 828}; 829#endif 830/* 831 * MPSAFE 832 */ 833/* ARGSUSED */ 834int 835fstat(td, uap) 836 struct thread *td; 837 struct fstat_args *uap; 838{ 839 struct file *fp; 840 struct stat ub; 841 int error; 842 843 mtx_lock(&Giant); 844 if ((error = fget(td, uap->fd, &fp)) != 0) 845 goto done2; 846 error = fo_stat(fp, &ub, td); 847 if (error == 0) 848 error = copyout((caddr_t)&ub, (caddr_t)uap->sb, sizeof (ub)); 849 fdrop(fp, td); 850done2: 851 mtx_unlock(&Giant); 852 return (error); 853} 854 855/* 856 * Return status information about a file descriptor. 857 */ 858#ifndef _SYS_SYSPROTO_H_ 859struct nfstat_args { 860 int fd; 861 struct nstat *sb; 862}; 863#endif 864/* 865 * MPSAFE 866 */ 867/* ARGSUSED */ 868int 869nfstat(td, uap) 870 struct thread *td; 871 register struct nfstat_args *uap; 872{ 873 struct file *fp; 874 struct stat ub; 875 struct nstat nub; 876 int error; 877 878 mtx_lock(&Giant); 879 if ((error = fget(td, uap->fd, &fp)) != 0) 880 goto done2; 881 error = fo_stat(fp, &ub, td); 882 if (error == 0) { 883 cvtnstat(&ub, &nub); 884 error = copyout((caddr_t)&nub, (caddr_t)uap->sb, sizeof (nub)); 885 } 886 fdrop(fp, td); 887done2: 888 mtx_unlock(&Giant); 889 return (error); 890} 891 892/* 893 * Return pathconf information about a file descriptor. 894 */ 895#ifndef _SYS_SYSPROTO_H_ 896struct fpathconf_args { 897 int fd; 898 int name; 899}; 900#endif 901/* 902 * MPSAFE 903 */ 904/* ARGSUSED */ 905int 906fpathconf(td, uap) 907 struct thread *td; 908 register struct fpathconf_args *uap; 909{ 910 struct file *fp; 911 struct vnode *vp; 912 int error; 913 914 if ((error = fget(td, uap->fd, &fp)) != 0) 915 return (error); 916 917 switch (fp->f_type) { 918 case DTYPE_PIPE: 919 case DTYPE_SOCKET: 920 if (uap->name != _PC_PIPE_BUF) { 921 error = EINVAL; 922 } else { 923 td->td_retval[0] = PIPE_BUF; 924 error = 0; 925 } 926 break; 927 case DTYPE_FIFO: 928 case DTYPE_VNODE: 929 vp = (struct vnode *)fp->f_data; 930 mtx_lock(&Giant); 931 error = VOP_PATHCONF(vp, uap->name, td->td_retval); 932 mtx_unlock(&Giant); 933 break; 934 default: 935 error = EOPNOTSUPP; 936 break; 937 } 938 fdrop(fp, td); 939 return(error); 940} 941 942/* 943 * Allocate a file descriptor for the process. 944 */ 945static int fdexpand; 946SYSCTL_INT(_debug, OID_AUTO, fdexpand, CTLFLAG_RD, &fdexpand, 0, ""); 947 948int 949fdalloc(td, want, result) 950 struct thread *td; 951 int want; 952 int *result; 953{ 954 struct proc *p = td->td_proc; 955 register struct filedesc *fdp = td->td_proc->p_fd; 956 register int i; 957 int lim, last, nfiles; 958 struct file **newofile, **oldofile; 959 char *newofileflags; 960 961 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED); 962 963 /* 964 * Search for a free descriptor starting at the higher 965 * of want or fd_freefile. If that fails, consider 966 * expanding the ofile array. 967 */ 968 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 969 for (;;) { 970 last = min(fdp->fd_nfiles, lim); 971 if ((i = want) < fdp->fd_freefile) 972 i = fdp->fd_freefile; 973 for (; i < last; i++) { 974 if (fdp->fd_ofiles[i] == NULL) { 975 fdp->fd_ofileflags[i] = 0; 976 if (i > fdp->fd_lastfile) 977 fdp->fd_lastfile = i; 978 if (want <= fdp->fd_freefile) 979 fdp->fd_freefile = i; 980 *result = i; 981 return (0); 982 } 983 } 984 985 /* 986 * No space in current array. Expand? 987 */ 988 if (fdp->fd_nfiles >= lim) 989 return (EMFILE); 990 if (fdp->fd_nfiles < NDEXTENT) 991 nfiles = NDEXTENT; 992 else 993 nfiles = 2 * fdp->fd_nfiles; 994 FILEDESC_UNLOCK(fdp); 995 mtx_lock(&Giant); 996 MALLOC(newofile, struct file **, nfiles * OFILESIZE, 997 M_FILEDESC, M_WAITOK); 998 mtx_unlock(&Giant); 999 FILEDESC_LOCK(fdp); 1000 1001 /* 1002 * deal with file-table extend race that might have occured 1003 * when malloc was blocked. 1004 */ 1005 if (fdp->fd_nfiles >= nfiles) { 1006 FILEDESC_UNLOCK(fdp); 1007 mtx_lock(&Giant); 1008 FREE(newofile, M_FILEDESC); 1009 mtx_unlock(&Giant); 1010 FILEDESC_LOCK(fdp); 1011 continue; 1012 } 1013 newofileflags = (char *) &newofile[nfiles]; 1014 /* 1015 * Copy the existing ofile and ofileflags arrays 1016 * and zero the new portion of each array. 1017 */ 1018 bcopy(fdp->fd_ofiles, newofile, 1019 (i = sizeof(struct file *) * fdp->fd_nfiles)); 1020 bzero((char *)newofile + i, nfiles * sizeof(struct file *) - i); 1021 bcopy(fdp->fd_ofileflags, newofileflags, 1022 (i = sizeof(char) * fdp->fd_nfiles)); 1023 bzero(newofileflags + i, nfiles * sizeof(char) - i); 1024 if (fdp->fd_nfiles > NDFILE) 1025 oldofile = fdp->fd_ofiles; 1026 else 1027 oldofile = NULL; 1028 fdp->fd_ofiles = newofile; 1029 fdp->fd_ofileflags = newofileflags; 1030 fdp->fd_nfiles = nfiles; 1031 fdexpand++; 1032 if (oldofile != NULL) { 1033 FILEDESC_UNLOCK(fdp); 1034 mtx_lock(&Giant); 1035 FREE(oldofile, M_FILEDESC); 1036 mtx_unlock(&Giant); 1037 FILEDESC_LOCK(fdp); 1038 } 1039 } 1040 return (0); 1041} 1042 1043/* 1044 * Check to see whether n user file descriptors 1045 * are available to the process p. 1046 */ 1047int 1048fdavail(td, n) 1049 struct thread *td; 1050 register int n; 1051{ 1052 struct proc *p = td->td_proc; 1053 register struct filedesc *fdp = td->td_proc->p_fd; 1054 register struct file **fpp; 1055 register int i, lim, last; 1056 1057 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED); 1058 1059 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 1060 if ((i = lim - fdp->fd_nfiles) > 0 && (n -= i) <= 0) 1061 return (1); 1062 1063 last = min(fdp->fd_nfiles, lim); 1064 fpp = &fdp->fd_ofiles[fdp->fd_freefile]; 1065 for (i = last - fdp->fd_freefile; --i >= 0; fpp++) { 1066 if (*fpp == NULL && --n <= 0) 1067 return (1); 1068 } 1069 return (0); 1070} 1071 1072/* 1073 * Create a new open file structure and allocate 1074 * a file decriptor for the process that refers to it. 1075 */ 1076int 1077falloc(td, resultfp, resultfd) 1078 register struct thread *td; 1079 struct file **resultfp; 1080 int *resultfd; 1081{ 1082 struct proc *p = td->td_proc; 1083 register struct file *fp, *fq; 1084 int error, i; 1085 1086 sx_xlock(&filelist_lock); 1087 if (nfiles >= maxfiles) { 1088 sx_xunlock(&filelist_lock); 1089 tablefull("file"); 1090 return (ENFILE); 1091 } 1092 nfiles++; 1093 sx_xunlock(&filelist_lock); 1094 /* 1095 * Allocate a new file descriptor. 1096 * If the process has file descriptor zero open, add to the list 1097 * of open files at that point, otherwise put it at the front of 1098 * the list of open files. 1099 */
|
1098 MALLOC(fp, struct file *, sizeof(struct file), M_FILE, M_WAITOK | M_ZERO);
| 1100 fp = uma_zalloc(file_zone, M_WAITOK); 1101 bzero(fp, sizeof(*fp));
|
1099 1100 /* 1101 * wait until after malloc (which may have blocked) returns before 1102 * allocating the slot, else a race might have shrunk it if we had 1103 * allocated it before the malloc. 1104 */ 1105 FILEDESC_LOCK(p->p_fd); 1106 if ((error = fdalloc(td, 0, &i))) { 1107 FILEDESC_UNLOCK(p->p_fd); 1108 sx_xlock(&filelist_lock); 1109 nfiles--; 1110 sx_xunlock(&filelist_lock);
| 1102 1103 /* 1104 * wait until after malloc (which may have blocked) returns before 1105 * allocating the slot, else a race might have shrunk it if we had 1106 * allocated it before the malloc. 1107 */ 1108 FILEDESC_LOCK(p->p_fd); 1109 if ((error = fdalloc(td, 0, &i))) { 1110 FILEDESC_UNLOCK(p->p_fd); 1111 sx_xlock(&filelist_lock); 1112 nfiles--; 1113 sx_xunlock(&filelist_lock);
|
1111 FREE(fp, M_FILE);
| 1114 uma_zfree(file_zone, fp);
|
1112 return (error); 1113 } 1114 fp->f_mtxp = mtx_pool_alloc(); 1115 fp->f_gcflag = 0; 1116 fp->f_count = 1; 1117 fp->f_cred = crhold(td->td_ucred); 1118 fp->f_ops = &badfileops; 1119 fp->f_seqcount = 1; 1120 FILEDESC_UNLOCK(p->p_fd); 1121 sx_xlock(&filelist_lock); 1122 FILEDESC_LOCK(p->p_fd); 1123 if ((fq = p->p_fd->fd_ofiles[0])) { 1124 LIST_INSERT_AFTER(fq, fp, f_list); 1125 } else { 1126 LIST_INSERT_HEAD(&filehead, fp, f_list); 1127 } 1128 p->p_fd->fd_ofiles[i] = fp; 1129 FILEDESC_UNLOCK(p->p_fd); 1130 sx_xunlock(&filelist_lock); 1131 if (resultfp) 1132 *resultfp = fp; 1133 if (resultfd) 1134 *resultfd = i; 1135 return (0); 1136} 1137 1138/* 1139 * Free a file descriptor. 1140 */ 1141void 1142ffree(fp) 1143 register struct file *fp; 1144{ 1145 1146 KASSERT((fp->f_count == 0), ("ffree: fp_fcount not 0!")); 1147 sx_xlock(&filelist_lock); 1148 LIST_REMOVE(fp, f_list); 1149 nfiles--; 1150 sx_xunlock(&filelist_lock); 1151 crfree(fp->f_cred);
| 1115 return (error); 1116 } 1117 fp->f_mtxp = mtx_pool_alloc(); 1118 fp->f_gcflag = 0; 1119 fp->f_count = 1; 1120 fp->f_cred = crhold(td->td_ucred); 1121 fp->f_ops = &badfileops; 1122 fp->f_seqcount = 1; 1123 FILEDESC_UNLOCK(p->p_fd); 1124 sx_xlock(&filelist_lock); 1125 FILEDESC_LOCK(p->p_fd); 1126 if ((fq = p->p_fd->fd_ofiles[0])) { 1127 LIST_INSERT_AFTER(fq, fp, f_list); 1128 } else { 1129 LIST_INSERT_HEAD(&filehead, fp, f_list); 1130 } 1131 p->p_fd->fd_ofiles[i] = fp; 1132 FILEDESC_UNLOCK(p->p_fd); 1133 sx_xunlock(&filelist_lock); 1134 if (resultfp) 1135 *resultfp = fp; 1136 if (resultfd) 1137 *resultfd = i; 1138 return (0); 1139} 1140 1141/* 1142 * Free a file descriptor. 1143 */ 1144void 1145ffree(fp) 1146 register struct file *fp; 1147{ 1148 1149 KASSERT((fp->f_count == 0), ("ffree: fp_fcount not 0!")); 1150 sx_xlock(&filelist_lock); 1151 LIST_REMOVE(fp, f_list); 1152 nfiles--; 1153 sx_xunlock(&filelist_lock); 1154 crfree(fp->f_cred);
|
1152 FREE(fp, M_FILE);
| 1155 uma_zfree(file_zone, fp);
|
1153} 1154 1155/* 1156 * Build a new filedesc structure. 1157 */ 1158struct filedesc * 1159fdinit(td) 1160 struct thread *td; 1161{ 1162 register struct filedesc0 *newfdp; 1163 register struct filedesc *fdp = td->td_proc->p_fd; 1164 1165 MALLOC(newfdp, struct filedesc0 *, sizeof(struct filedesc0), 1166 M_FILEDESC, M_WAITOK | M_ZERO); 1167 mtx_init(&newfdp->fd_fd.fd_mtx, "filedesc structure", MTX_DEF); 1168 FILEDESC_LOCK(&newfdp->fd_fd); 1169 newfdp->fd_fd.fd_cdir = fdp->fd_cdir; 1170 if (newfdp->fd_fd.fd_cdir) 1171 VREF(newfdp->fd_fd.fd_cdir); 1172 newfdp->fd_fd.fd_rdir = fdp->fd_rdir; 1173 if (newfdp->fd_fd.fd_rdir) 1174 VREF(newfdp->fd_fd.fd_rdir); 1175 newfdp->fd_fd.fd_jdir = fdp->fd_jdir; 1176 if (newfdp->fd_fd.fd_jdir) 1177 VREF(newfdp->fd_fd.fd_jdir); 1178 1179 /* Create the file descriptor table. */ 1180 newfdp->fd_fd.fd_refcnt = 1; 1181 newfdp->fd_fd.fd_cmask = cmask; 1182 newfdp->fd_fd.fd_ofiles = newfdp->fd_dfiles; 1183 newfdp->fd_fd.fd_ofileflags = newfdp->fd_dfileflags; 1184 newfdp->fd_fd.fd_nfiles = NDFILE; 1185 newfdp->fd_fd.fd_knlistsize = -1; 1186 FILEDESC_UNLOCK(&newfdp->fd_fd); 1187 1188 return (&newfdp->fd_fd); 1189} 1190 1191/* 1192 * Share a filedesc structure. 1193 */ 1194struct filedesc * 1195fdshare(p) 1196 struct proc *p; 1197{ 1198 FILEDESC_LOCK(p->p_fd); 1199 p->p_fd->fd_refcnt++; 1200 FILEDESC_UNLOCK(p->p_fd); 1201 return (p->p_fd); 1202} 1203 1204/* 1205 * Copy a filedesc structure. 1206 */ 1207struct filedesc * 1208fdcopy(td) 1209 struct thread *td; 1210{ 1211 register struct filedesc *newfdp, *fdp = td->td_proc->p_fd; 1212 register struct file **fpp; 1213 register int i, j; 1214 1215 /* Certain daemons might not have file descriptors. */ 1216 if (fdp == NULL) 1217 return (NULL); 1218 1219 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED); 1220 1221 FILEDESC_UNLOCK(fdp); 1222 MALLOC(newfdp, struct filedesc *, sizeof(struct filedesc0), 1223 M_FILEDESC, M_WAITOK); 1224 FILEDESC_LOCK(fdp); 1225 bcopy(fdp, newfdp, sizeof(struct filedesc)); 1226 FILEDESC_UNLOCK(fdp); 1227 bzero(&newfdp->fd_mtx, sizeof(newfdp->fd_mtx)); 1228 mtx_init(&newfdp->fd_mtx, "filedesc structure", MTX_DEF); 1229 if (newfdp->fd_cdir) 1230 VREF(newfdp->fd_cdir); 1231 if (newfdp->fd_rdir) 1232 VREF(newfdp->fd_rdir); 1233 if (newfdp->fd_jdir) 1234 VREF(newfdp->fd_jdir); 1235 newfdp->fd_refcnt = 1; 1236 1237 /* 1238 * If the number of open files fits in the internal arrays 1239 * of the open file structure, use them, otherwise allocate 1240 * additional memory for the number of descriptors currently 1241 * in use. 1242 */ 1243 FILEDESC_LOCK(fdp); 1244 newfdp->fd_lastfile = fdp->fd_lastfile; 1245 newfdp->fd_nfiles = fdp->fd_nfiles; 1246 if (newfdp->fd_lastfile < NDFILE) { 1247 newfdp->fd_ofiles = ((struct filedesc0 *) newfdp)->fd_dfiles; 1248 newfdp->fd_ofileflags = 1249 ((struct filedesc0 *) newfdp)->fd_dfileflags; 1250 i = NDFILE; 1251 } else { 1252 /* 1253 * Compute the smallest multiple of NDEXTENT needed 1254 * for the file descriptors currently in use, 1255 * allowing the table to shrink. 1256 */ 1257retry: 1258 i = newfdp->fd_nfiles; 1259 while (i > 2 * NDEXTENT && i > newfdp->fd_lastfile * 2) 1260 i /= 2; 1261 FILEDESC_UNLOCK(fdp); 1262 MALLOC(newfdp->fd_ofiles, struct file **, i * OFILESIZE, 1263 M_FILEDESC, M_WAITOK); 1264 FILEDESC_LOCK(fdp); 1265 newfdp->fd_lastfile = fdp->fd_lastfile; 1266 newfdp->fd_nfiles = fdp->fd_nfiles; 1267 j = newfdp->fd_nfiles; 1268 while (j > 2 * NDEXTENT && j > newfdp->fd_lastfile * 2) 1269 j /= 2; 1270 if (i != j) { 1271 /* 1272 * The size of the original table has changed. 1273 * Go over once again. 1274 */ 1275 FILEDESC_UNLOCK(fdp); 1276 FREE(newfdp->fd_ofiles, M_FILEDESC); 1277 FILEDESC_LOCK(fdp); 1278 newfdp->fd_lastfile = fdp->fd_lastfile; 1279 newfdp->fd_nfiles = fdp->fd_nfiles; 1280 goto retry; 1281 } 1282 newfdp->fd_ofileflags = (char *) &newfdp->fd_ofiles[i]; 1283 } 1284 newfdp->fd_nfiles = i; 1285 bcopy(fdp->fd_ofiles, newfdp->fd_ofiles, i * sizeof(struct file **)); 1286 bcopy(fdp->fd_ofileflags, newfdp->fd_ofileflags, i * sizeof(char)); 1287 1288 /* 1289 * kq descriptors cannot be copied. 1290 */ 1291 if (newfdp->fd_knlistsize != -1) { 1292 fpp = &newfdp->fd_ofiles[newfdp->fd_lastfile]; 1293 for (i = newfdp->fd_lastfile; i >= 0; i--, fpp--) { 1294 if (*fpp != NULL && (*fpp)->f_type == DTYPE_KQUEUE) { 1295 *fpp = NULL; 1296 if (i < newfdp->fd_freefile) 1297 newfdp->fd_freefile = i; 1298 } 1299 if (*fpp == NULL && i == newfdp->fd_lastfile && i > 0) 1300 newfdp->fd_lastfile--; 1301 } 1302 newfdp->fd_knlist = NULL; 1303 newfdp->fd_knlistsize = -1; 1304 newfdp->fd_knhash = NULL; 1305 newfdp->fd_knhashmask = 0; 1306 } 1307 1308 fpp = newfdp->fd_ofiles; 1309 for (i = newfdp->fd_lastfile; i-- >= 0; fpp++) { 1310 if (*fpp != NULL) { 1311 fhold(*fpp); 1312 } 1313 } 1314 return (newfdp); 1315} 1316 1317/* 1318 * Release a filedesc structure. 1319 */ 1320void 1321fdfree(td) 1322 struct thread *td; 1323{ 1324 register struct filedesc *fdp; 1325 struct file **fpp; 1326 register int i; 1327 1328 fdp = td->td_proc->p_fd; 1329 /* Certain daemons might not have file descriptors. */ 1330 if (fdp == NULL) 1331 return; 1332 1333 FILEDESC_LOCK(fdp); 1334 if (--fdp->fd_refcnt > 0) { 1335 FILEDESC_UNLOCK(fdp); 1336 return; 1337 } 1338 /* 1339 * we are the last reference to the structure, we can 1340 * safely assume it will not change out from under us. 1341 */ 1342 FILEDESC_UNLOCK(fdp); 1343 fpp = fdp->fd_ofiles; 1344 for (i = fdp->fd_lastfile; i-- >= 0; fpp++) { 1345 if (*fpp) 1346 (void) closef(*fpp, td); 1347 } 1348 1349 PROC_LOCK(td->td_proc); 1350 td->td_proc->p_fd = NULL; 1351 PROC_UNLOCK(td->td_proc); 1352 1353 if (fdp->fd_nfiles > NDFILE) 1354 FREE(fdp->fd_ofiles, M_FILEDESC); 1355 if (fdp->fd_cdir) 1356 vrele(fdp->fd_cdir); 1357 if (fdp->fd_rdir) 1358 vrele(fdp->fd_rdir); 1359 if (fdp->fd_jdir) 1360 vrele(fdp->fd_jdir); 1361 if (fdp->fd_knlist) 1362 FREE(fdp->fd_knlist, M_KQUEUE); 1363 if (fdp->fd_knhash) 1364 FREE(fdp->fd_knhash, M_KQUEUE); 1365 mtx_destroy(&fdp->fd_mtx); 1366 FREE(fdp, M_FILEDESC); 1367} 1368 1369/* 1370 * For setugid programs, we don't want to people to use that setugidness 1371 * to generate error messages which write to a file which otherwise would 1372 * otherwise be off-limits to the process. 1373 * 1374 * This is a gross hack to plug the hole. A better solution would involve 1375 * a special vop or other form of generalized access control mechanism. We 1376 * go ahead and just reject all procfs file systems accesses as dangerous. 1377 * 1378 * Since setugidsafety calls this only for fd 0, 1 and 2, this check is 1379 * sufficient. We also don't for check setugidness since we know we are. 1380 */ 1381static int 1382is_unsafe(struct file *fp) 1383{ 1384 if (fp->f_type == DTYPE_VNODE && 1385 ((struct vnode *)(fp->f_data))->v_tag == VT_PROCFS) 1386 return (1); 1387 return (0); 1388} 1389 1390/* 1391 * Make this setguid thing safe, if at all possible. 1392 */ 1393void 1394setugidsafety(td) 1395 struct thread *td; 1396{ 1397 struct filedesc *fdp = td->td_proc->p_fd; 1398 register int i; 1399 1400 /* Certain daemons might not have file descriptors. */ 1401 if (fdp == NULL) 1402 return; 1403 1404 /* 1405 * note: fdp->fd_ofiles may be reallocated out from under us while 1406 * we are blocked in a close. Be careful! 1407 */ 1408 FILEDESC_LOCK(fdp); 1409 for (i = 0; i <= fdp->fd_lastfile; i++) { 1410 if (i > 2) 1411 break; 1412 if (fdp->fd_ofiles[i] && is_unsafe(fdp->fd_ofiles[i])) { 1413 struct file *fp; 1414 1415#if 0 1416 if ((fdp->fd_ofileflags[i] & UF_MAPPED) != 0) 1417 (void) munmapfd(td, i); 1418#endif 1419 if (i < fdp->fd_knlistsize) { 1420 FILEDESC_UNLOCK(fdp); 1421 knote_fdclose(td, i); 1422 FILEDESC_LOCK(fdp); 1423 } 1424 /* 1425 * NULL-out descriptor prior to close to avoid 1426 * a race while close blocks. 1427 */ 1428 fp = fdp->fd_ofiles[i]; 1429 fdp->fd_ofiles[i] = NULL; 1430 fdp->fd_ofileflags[i] = 0; 1431 if (i < fdp->fd_freefile) 1432 fdp->fd_freefile = i; 1433 FILEDESC_UNLOCK(fdp); 1434 (void) closef(fp, td); 1435 FILEDESC_LOCK(fdp); 1436 } 1437 } 1438 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 1439 fdp->fd_lastfile--; 1440 FILEDESC_UNLOCK(fdp); 1441} 1442 1443/* 1444 * Close any files on exec? 1445 */ 1446void 1447fdcloseexec(td) 1448 struct thread *td; 1449{ 1450 struct filedesc *fdp = td->td_proc->p_fd; 1451 register int i; 1452 1453 /* Certain daemons might not have file descriptors. */ 1454 if (fdp == NULL) 1455 return; 1456 1457 FILEDESC_LOCK(fdp); 1458 1459 /* 1460 * We cannot cache fd_ofiles or fd_ofileflags since operations 1461 * may block and rip them out from under us. 1462 */ 1463 for (i = 0; i <= fdp->fd_lastfile; i++) { 1464 if (fdp->fd_ofiles[i] != NULL && 1465 (fdp->fd_ofileflags[i] & UF_EXCLOSE)) { 1466 struct file *fp; 1467 1468#if 0 1469 if (fdp->fd_ofileflags[i] & UF_MAPPED) 1470 (void) munmapfd(td, i); 1471#endif 1472 if (i < fdp->fd_knlistsize) { 1473 FILEDESC_UNLOCK(fdp); 1474 knote_fdclose(td, i); 1475 FILEDESC_LOCK(fdp); 1476 } 1477 /* 1478 * NULL-out descriptor prior to close to avoid 1479 * a race while close blocks. 1480 */ 1481 fp = fdp->fd_ofiles[i]; 1482 fdp->fd_ofiles[i] = NULL; 1483 fdp->fd_ofileflags[i] = 0; 1484 if (i < fdp->fd_freefile) 1485 fdp->fd_freefile = i; 1486 FILEDESC_UNLOCK(fdp); 1487 (void) closef(fp, td); 1488 FILEDESC_LOCK(fdp); 1489 } 1490 } 1491 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 1492 fdp->fd_lastfile--; 1493 FILEDESC_UNLOCK(fdp); 1494} 1495 1496/* 1497 * Internal form of close. 1498 * Decrement reference count on file structure. 1499 * Note: td may be NULL when closing a file 1500 * that was being passed in a message. 1501 */ 1502int 1503closef(fp, td) 1504 register struct file *fp; 1505 register struct thread *td; 1506{ 1507 struct vnode *vp; 1508 struct flock lf; 1509 1510 if (fp == NULL) 1511 return (0); 1512 /* 1513 * POSIX record locking dictates that any close releases ALL 1514 * locks owned by this process. This is handled by setting 1515 * a flag in the unlock to free ONLY locks obeying POSIX 1516 * semantics, and not to free BSD-style file locks. 1517 * If the descriptor was in a message, POSIX-style locks 1518 * aren't passed with the descriptor. 1519 */ 1520 if (td && (td->td_proc->p_flag & P_ADVLOCK) && 1521 fp->f_type == DTYPE_VNODE) { 1522 lf.l_whence = SEEK_SET; 1523 lf.l_start = 0; 1524 lf.l_len = 0; 1525 lf.l_type = F_UNLCK; 1526 vp = (struct vnode *)fp->f_data; 1527 (void) VOP_ADVLOCK(vp, (caddr_t)td->td_proc->p_leader, 1528 F_UNLCK, &lf, F_POSIX); 1529 } 1530 return (fdrop(fp, td)); 1531} 1532 1533/* 1534 * Drop reference on struct file passed in, may call closef if the 1535 * reference hits zero. 1536 */ 1537int 1538fdrop(fp, td) 1539 struct file *fp; 1540 struct thread *td; 1541{ 1542 1543 FILE_LOCK(fp); 1544 return (fdrop_locked(fp, td)); 1545} 1546 1547/* 1548 * Extract the file pointer associated with the specified descriptor for 1549 * the current user process. 1550 * 1551 * If the descriptor doesn't exist, EBADF is returned. 1552 * 1553 * If the descriptor exists but doesn't match 'flags' then 1554 * return EBADF for read attempts and EINVAL for write attempts. 1555 * 1556 * If 'hold' is set (non-zero) the file's refcount will be bumped on return. 1557 * It should be droped with fdrop(). 1558 * If it is not set, then the refcount will not be bumped however the 1559 * thread's filedesc struct will be returned locked (for fgetsock). 1560 * 1561 * If an error occured the non-zero error is returned and *fpp is set to NULL. 1562 * Otherwise *fpp is set and zero is returned. 1563 */ 1564static __inline 1565int 1566_fget(struct thread *td, int fd, struct file **fpp, int flags, int hold) 1567{ 1568 struct filedesc *fdp; 1569 struct file *fp; 1570 1571 *fpp = NULL; 1572 if (td == NULL || (fdp = td->td_proc->p_fd) == NULL) 1573 return(EBADF); 1574 FILEDESC_LOCK(fdp); 1575 if ((fp = fget_locked(fdp, fd)) == NULL || fp->f_ops == &badfileops) { 1576 FILEDESC_UNLOCK(fdp); 1577 return(EBADF); 1578 } 1579 1580 /* 1581 * Note: FREAD failures returns EBADF to maintain backwards 1582 * compatibility with what routines returned before. 1583 * 1584 * Only one flag, or 0, may be specified. 1585 */ 1586 if (flags == FREAD && (fp->f_flag & FREAD) == 0) { 1587 FILEDESC_UNLOCK(fdp); 1588 return(EBADF); 1589 } 1590 if (flags == FWRITE && (fp->f_flag & FWRITE) == 0) { 1591 FILEDESC_UNLOCK(fdp); 1592 return(EINVAL); 1593 } 1594 if (hold) { 1595 fhold(fp); 1596 FILEDESC_UNLOCK(fdp); 1597 } 1598 *fpp = fp; 1599 return(0); 1600} 1601 1602int 1603fget(struct thread *td, int fd, struct file **fpp) 1604{ 1605 return(_fget(td, fd, fpp, 0, 1)); 1606} 1607 1608int 1609fget_read(struct thread *td, int fd, struct file **fpp) 1610{ 1611 return(_fget(td, fd, fpp, FREAD, 1)); 1612} 1613 1614int 1615fget_write(struct thread *td, int fd, struct file **fpp) 1616{ 1617 return(_fget(td, fd, fpp, FWRITE, 1)); 1618} 1619 1620/* 1621 * Like fget() but loads the underlying vnode, or returns an error if 1622 * the descriptor does not represent a vnode. Note that pipes use vnodes 1623 * but never have VM objects (so VOP_GETVOBJECT() calls will return an 1624 * error). The returned vnode will be vref()d. 1625 */ 1626 1627static __inline 1628int 1629_fgetvp(struct thread *td, int fd, struct vnode **vpp, int flags) 1630{ 1631 struct file *fp; 1632 int error; 1633 1634 *vpp = NULL; 1635 if ((error = _fget(td, fd, &fp, 0, 0)) != 0) 1636 return (error); 1637 if (fp->f_type != DTYPE_VNODE && fp->f_type != DTYPE_FIFO) { 1638 error = EINVAL; 1639 } else { 1640 *vpp = (struct vnode *)fp->f_data; 1641 vref(*vpp); 1642 } 1643 FILEDESC_UNLOCK(td->td_proc->p_fd); 1644 return (error); 1645} 1646 1647int 1648fgetvp(struct thread *td, int fd, struct vnode **vpp) 1649{ 1650 return(_fgetvp(td, fd, vpp, 0)); 1651} 1652 1653int 1654fgetvp_read(struct thread *td, int fd, struct vnode **vpp) 1655{ 1656 return(_fgetvp(td, fd, vpp, FREAD)); 1657} 1658 1659int 1660fgetvp_write(struct thread *td, int fd, struct vnode **vpp) 1661{ 1662 return(_fgetvp(td, fd, vpp, FWRITE)); 1663} 1664 1665/* 1666 * Like fget() but loads the underlying socket, or returns an error if 1667 * the descriptor does not represent a socket. 1668 * 1669 * We bump the ref count on the returned socket. XXX Also obtain the SX lock in 1670 * the future. 1671 */ 1672int 1673fgetsock(struct thread *td, int fd, struct socket **spp, u_int *fflagp) 1674{ 1675 struct file *fp; 1676 int error; 1677 1678 *spp = NULL; 1679 if (fflagp) 1680 *fflagp = 0; 1681 if ((error = _fget(td, fd, &fp, 0, 0)) != 0) 1682 return (error); 1683 if (fp->f_type != DTYPE_SOCKET) { 1684 error = ENOTSOCK; 1685 } else { 1686 *spp = (struct socket *)fp->f_data; 1687 if (fflagp) 1688 *fflagp = fp->f_flag; 1689 soref(*spp); 1690 } 1691 FILEDESC_UNLOCK(td->td_proc->p_fd); 1692 return(error); 1693} 1694 1695/* 1696 * Drop the reference count on the the socket and XXX release the SX lock in 1697 * the future. The last reference closes the socket. 1698 */ 1699void 1700fputsock(struct socket *so) 1701{ 1702 sorele(so); 1703} 1704 1705/* 1706 * Drop reference on struct file passed in, may call closef if the 1707 * reference hits zero. 1708 * Expects struct file locked, and will unlock it. 1709 */ 1710int 1711fdrop_locked(fp, td) 1712 struct file *fp; 1713 struct thread *td; 1714{ 1715 struct flock lf; 1716 struct vnode *vp; 1717 int error; 1718 1719 FILE_LOCK_ASSERT(fp, MA_OWNED); 1720 1721 if (--fp->f_count > 0) { 1722 FILE_UNLOCK(fp); 1723 return (0); 1724 } 1725 mtx_lock(&Giant); 1726 if (fp->f_count < 0) 1727 panic("fdrop: count < 0"); 1728 if ((fp->f_flag & FHASLOCK) && fp->f_type == DTYPE_VNODE) { 1729 lf.l_whence = SEEK_SET; 1730 lf.l_start = 0; 1731 lf.l_len = 0; 1732 lf.l_type = F_UNLCK; 1733 vp = (struct vnode *)fp->f_data; 1734 FILE_UNLOCK(fp); 1735 (void) VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK); 1736 } else 1737 FILE_UNLOCK(fp); 1738 if (fp->f_ops != &badfileops) 1739 error = fo_close(fp, td); 1740 else 1741 error = 0; 1742 ffree(fp); 1743 mtx_unlock(&Giant); 1744 return (error); 1745} 1746 1747/* 1748 * Apply an advisory lock on a file descriptor. 1749 * 1750 * Just attempt to get a record lock of the requested type on 1751 * the entire file (l_whence = SEEK_SET, l_start = 0, l_len = 0). 1752 */ 1753#ifndef _SYS_SYSPROTO_H_ 1754struct flock_args { 1755 int fd; 1756 int how; 1757}; 1758#endif 1759/* 1760 * MPSAFE 1761 */ 1762/* ARGSUSED */ 1763int 1764flock(td, uap) 1765 struct thread *td; 1766 register struct flock_args *uap; 1767{ 1768 struct file *fp; 1769 struct vnode *vp; 1770 struct flock lf; 1771 int error; 1772 1773 if ((error = fget(td, uap->fd, &fp)) != 0) 1774 return (error); 1775 if (fp->f_type != DTYPE_VNODE) { 1776 fdrop(fp, td); 1777 return (EOPNOTSUPP); 1778 } 1779 1780 mtx_lock(&Giant); 1781 vp = (struct vnode *)fp->f_data; 1782 lf.l_whence = SEEK_SET; 1783 lf.l_start = 0; 1784 lf.l_len = 0; 1785 if (uap->how & LOCK_UN) { 1786 lf.l_type = F_UNLCK; 1787 FILE_LOCK(fp); 1788 fp->f_flag &= ~FHASLOCK; 1789 FILE_UNLOCK(fp); 1790 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK); 1791 goto done2; 1792 } 1793 if (uap->how & LOCK_EX) 1794 lf.l_type = F_WRLCK; 1795 else if (uap->how & LOCK_SH) 1796 lf.l_type = F_RDLCK; 1797 else { 1798 error = EBADF; 1799 goto done2; 1800 } 1801 FILE_LOCK(fp); 1802 fp->f_flag |= FHASLOCK; 1803 FILE_UNLOCK(fp); 1804 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf, 1805 (uap->how & LOCK_NB) ? F_FLOCK : F_FLOCK | F_WAIT); 1806done2: 1807 fdrop(fp, td); 1808 mtx_unlock(&Giant); 1809 return (error); 1810} 1811 1812/* 1813 * File Descriptor pseudo-device driver (/dev/fd/). 1814 * 1815 * Opening minor device N dup()s the file (if any) connected to file 1816 * descriptor N belonging to the calling process. Note that this driver 1817 * consists of only the ``open()'' routine, because all subsequent 1818 * references to this file will be direct to the other driver. 1819 */ 1820/* ARGSUSED */ 1821static int 1822fdopen(dev, mode, type, td) 1823 dev_t dev; 1824 int mode, type; 1825 struct thread *td; 1826{ 1827 1828 /* 1829 * XXX Kludge: set curthread->td_dupfd to contain the value of the 1830 * the file descriptor being sought for duplication. The error 1831 * return ensures that the vnode for this device will be released 1832 * by vn_open. Open will detect this special error and take the 1833 * actions in dupfdopen below. Other callers of vn_open or VOP_OPEN 1834 * will simply report the error. 1835 */ 1836 td->td_dupfd = dev2unit(dev); 1837 return (ENODEV); 1838} 1839 1840/* 1841 * Duplicate the specified descriptor to a free descriptor. 1842 */ 1843int 1844dupfdopen(td, fdp, indx, dfd, mode, error) 1845 struct thread *td; 1846 struct filedesc *fdp; 1847 int indx, dfd; 1848 int mode; 1849 int error; 1850{ 1851 register struct file *wfp; 1852 struct file *fp; 1853 1854 /* 1855 * If the to-be-dup'd fd number is greater than the allowed number 1856 * of file descriptors, or the fd to be dup'd has already been 1857 * closed, then reject. 1858 */ 1859 FILEDESC_LOCK(fdp); 1860 if ((u_int)dfd >= fdp->fd_nfiles || 1861 (wfp = fdp->fd_ofiles[dfd]) == NULL) { 1862 FILEDESC_UNLOCK(fdp); 1863 return (EBADF); 1864 } 1865 1866 /* 1867 * There are two cases of interest here. 1868 * 1869 * For ENODEV simply dup (dfd) to file descriptor 1870 * (indx) and return. 1871 * 1872 * For ENXIO steal away the file structure from (dfd) and 1873 * store it in (indx). (dfd) is effectively closed by 1874 * this operation. 1875 * 1876 * Any other error code is just returned. 1877 */ 1878 switch (error) { 1879 case ENODEV: 1880 /* 1881 * Check that the mode the file is being opened for is a 1882 * subset of the mode of the existing descriptor. 1883 */ 1884 FILE_LOCK(wfp); 1885 if (((mode & (FREAD|FWRITE)) | wfp->f_flag) != wfp->f_flag) { 1886 FILE_UNLOCK(wfp); 1887 FILEDESC_UNLOCK(fdp); 1888 return (EACCES); 1889 } 1890 fp = fdp->fd_ofiles[indx]; 1891#if 0 1892 if (fp && fdp->fd_ofileflags[indx] & UF_MAPPED) 1893 (void) munmapfd(td, indx); 1894#endif 1895 fdp->fd_ofiles[indx] = wfp; 1896 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd]; 1897 fhold_locked(wfp); 1898 FILE_UNLOCK(wfp); 1899 if (indx > fdp->fd_lastfile) 1900 fdp->fd_lastfile = indx; 1901 if (fp != NULL) 1902 FILE_LOCK(fp); 1903 FILEDESC_UNLOCK(fdp); 1904 /* 1905 * we now own the reference to fp that the ofiles[] array 1906 * used to own. Release it. 1907 */ 1908 if (fp != NULL) 1909 fdrop_locked(fp, td); 1910 return (0); 1911 1912 case ENXIO: 1913 /* 1914 * Steal away the file pointer from dfd, and stuff it into indx. 1915 */ 1916 fp = fdp->fd_ofiles[indx]; 1917#if 0 1918 if (fp && fdp->fd_ofileflags[indx] & UF_MAPPED) 1919 (void) munmapfd(td, indx); 1920#endif 1921 fdp->fd_ofiles[indx] = fdp->fd_ofiles[dfd]; 1922 fdp->fd_ofiles[dfd] = NULL; 1923 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd]; 1924 fdp->fd_ofileflags[dfd] = 0; 1925 1926 /* 1927 * Complete the clean up of the filedesc structure by 1928 * recomputing the various hints. 1929 */ 1930 if (indx > fdp->fd_lastfile) { 1931 fdp->fd_lastfile = indx; 1932 } else { 1933 while (fdp->fd_lastfile > 0 && 1934 fdp->fd_ofiles[fdp->fd_lastfile] == NULL) { 1935 fdp->fd_lastfile--; 1936 } 1937 if (dfd < fdp->fd_freefile) 1938 fdp->fd_freefile = dfd; 1939 } 1940 if (fp != NULL) 1941 FILE_LOCK(fp); 1942 FILEDESC_UNLOCK(fdp); 1943 1944 /* 1945 * we now own the reference to fp that the ofiles[] array 1946 * used to own. Release it. 1947 */ 1948 if (fp != NULL) 1949 fdrop_locked(fp, td); 1950 return (0); 1951 1952 default: 1953 FILEDESC_UNLOCK(fdp); 1954 return (error); 1955 } 1956 /* NOTREACHED */ 1957} 1958 1959/* 1960 * Get file structures. 1961 */ 1962static int 1963sysctl_kern_file(SYSCTL_HANDLER_ARGS) 1964{ 1965 int error; 1966 struct file *fp; 1967 1968 sx_slock(&filelist_lock); 1969 if (!req->oldptr) { 1970 /* 1971 * overestimate by 10 files 1972 */ 1973 error = SYSCTL_OUT(req, 0, sizeof(filehead) + 1974 (nfiles + 10) * sizeof(struct file)); 1975 sx_sunlock(&filelist_lock); 1976 return (error); 1977 } 1978 1979 error = SYSCTL_OUT(req, (caddr_t)&filehead, sizeof(filehead)); 1980 if (error) { 1981 sx_sunlock(&filelist_lock); 1982 return (error); 1983 } 1984 1985 /* 1986 * followed by an array of file structures 1987 */ 1988 LIST_FOREACH(fp, &filehead, f_list) { 1989 error = SYSCTL_OUT(req, (caddr_t)fp, sizeof (struct file)); 1990 if (error) { 1991 sx_sunlock(&filelist_lock); 1992 return (error); 1993 } 1994 } 1995 sx_sunlock(&filelist_lock); 1996 return (0); 1997} 1998 1999SYSCTL_PROC(_kern, KERN_FILE, file, CTLTYPE_OPAQUE|CTLFLAG_RD, 2000 0, 0, sysctl_kern_file, "S,file", "Entire file table"); 2001 2002SYSCTL_INT(_kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW, 2003 &maxfilesperproc, 0, "Maximum files allowed open per process"); 2004 2005SYSCTL_INT(_kern, KERN_MAXFILES, maxfiles, CTLFLAG_RW, 2006 &maxfiles, 0, "Maximum number of files"); 2007 2008SYSCTL_INT(_kern, OID_AUTO, openfiles, CTLFLAG_RD, 2009 &nfiles, 0, "System-wide number of open files"); 2010 2011static void 2012fildesc_drvinit(void *unused) 2013{ 2014 dev_t dev; 2015 2016 dev = make_dev(&fildesc_cdevsw, 0, UID_BIN, GID_BIN, 0666, "fd/0"); 2017 make_dev_alias(dev, "stdin"); 2018 dev = make_dev(&fildesc_cdevsw, 1, UID_BIN, GID_BIN, 0666, "fd/1"); 2019 make_dev_alias(dev, "stdout"); 2020 dev = make_dev(&fildesc_cdevsw, 2, UID_BIN, GID_BIN, 0666, "fd/2"); 2021 make_dev_alias(dev, "stderr"); 2022 if (!devfs_present) { 2023 int fd; 2024 2025 for (fd = 3; fd < NUMFDESC; fd++) 2026 make_dev(&fildesc_cdevsw, fd, UID_BIN, GID_BIN, 0666, 2027 "fd/%d", fd); 2028 } 2029} 2030 2031struct fileops badfileops = { 2032 badfo_readwrite, 2033 badfo_readwrite, 2034 badfo_ioctl, 2035 badfo_poll, 2036 badfo_kqfilter, 2037 badfo_stat, 2038 badfo_close 2039}; 2040 2041static int 2042badfo_readwrite(fp, uio, cred, flags, td) 2043 struct file *fp; 2044 struct uio *uio; 2045 struct ucred *cred; 2046 struct thread *td; 2047 int flags; 2048{ 2049 2050 return (EBADF); 2051} 2052 2053static int 2054badfo_ioctl(fp, com, data, td) 2055 struct file *fp; 2056 u_long com; 2057 caddr_t data; 2058 struct thread *td; 2059{ 2060 2061 return (EBADF); 2062} 2063 2064static int 2065badfo_poll(fp, events, cred, td) 2066 struct file *fp; 2067 int events; 2068 struct ucred *cred; 2069 struct thread *td; 2070{ 2071 2072 return (0); 2073} 2074 2075static int 2076badfo_kqfilter(fp, kn) 2077 struct file *fp; 2078 struct knote *kn; 2079{ 2080 2081 return (0); 2082} 2083 2084static int 2085badfo_stat(fp, sb, td) 2086 struct file *fp; 2087 struct stat *sb; 2088 struct thread *td; 2089{ 2090 2091 return (EBADF); 2092} 2093 2094static int 2095badfo_close(fp, td) 2096 struct file *fp; 2097 struct thread *td; 2098{ 2099 2100 return (EBADF); 2101} 2102 2103SYSINIT(fildescdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR, 2104 fildesc_drvinit,NULL) 2105 2106static void filelistinit __P((void *)); 2107SYSINIT(select, SI_SUB_LOCK, SI_ORDER_FIRST, filelistinit, NULL) 2108 2109/* ARGSUSED*/ 2110static void 2111filelistinit(dummy) 2112 void *dummy; 2113{
| 1156} 1157 1158/* 1159 * Build a new filedesc structure. 1160 */ 1161struct filedesc * 1162fdinit(td) 1163 struct thread *td; 1164{ 1165 register struct filedesc0 *newfdp; 1166 register struct filedesc *fdp = td->td_proc->p_fd; 1167 1168 MALLOC(newfdp, struct filedesc0 *, sizeof(struct filedesc0), 1169 M_FILEDESC, M_WAITOK | M_ZERO); 1170 mtx_init(&newfdp->fd_fd.fd_mtx, "filedesc structure", MTX_DEF); 1171 FILEDESC_LOCK(&newfdp->fd_fd); 1172 newfdp->fd_fd.fd_cdir = fdp->fd_cdir; 1173 if (newfdp->fd_fd.fd_cdir) 1174 VREF(newfdp->fd_fd.fd_cdir); 1175 newfdp->fd_fd.fd_rdir = fdp->fd_rdir; 1176 if (newfdp->fd_fd.fd_rdir) 1177 VREF(newfdp->fd_fd.fd_rdir); 1178 newfdp->fd_fd.fd_jdir = fdp->fd_jdir; 1179 if (newfdp->fd_fd.fd_jdir) 1180 VREF(newfdp->fd_fd.fd_jdir); 1181 1182 /* Create the file descriptor table. */ 1183 newfdp->fd_fd.fd_refcnt = 1; 1184 newfdp->fd_fd.fd_cmask = cmask; 1185 newfdp->fd_fd.fd_ofiles = newfdp->fd_dfiles; 1186 newfdp->fd_fd.fd_ofileflags = newfdp->fd_dfileflags; 1187 newfdp->fd_fd.fd_nfiles = NDFILE; 1188 newfdp->fd_fd.fd_knlistsize = -1; 1189 FILEDESC_UNLOCK(&newfdp->fd_fd); 1190 1191 return (&newfdp->fd_fd); 1192} 1193 1194/* 1195 * Share a filedesc structure. 1196 */ 1197struct filedesc * 1198fdshare(p) 1199 struct proc *p; 1200{ 1201 FILEDESC_LOCK(p->p_fd); 1202 p->p_fd->fd_refcnt++; 1203 FILEDESC_UNLOCK(p->p_fd); 1204 return (p->p_fd); 1205} 1206 1207/* 1208 * Copy a filedesc structure. 1209 */ 1210struct filedesc * 1211fdcopy(td) 1212 struct thread *td; 1213{ 1214 register struct filedesc *newfdp, *fdp = td->td_proc->p_fd; 1215 register struct file **fpp; 1216 register int i, j; 1217 1218 /* Certain daemons might not have file descriptors. */ 1219 if (fdp == NULL) 1220 return (NULL); 1221 1222 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED); 1223 1224 FILEDESC_UNLOCK(fdp); 1225 MALLOC(newfdp, struct filedesc *, sizeof(struct filedesc0), 1226 M_FILEDESC, M_WAITOK); 1227 FILEDESC_LOCK(fdp); 1228 bcopy(fdp, newfdp, sizeof(struct filedesc)); 1229 FILEDESC_UNLOCK(fdp); 1230 bzero(&newfdp->fd_mtx, sizeof(newfdp->fd_mtx)); 1231 mtx_init(&newfdp->fd_mtx, "filedesc structure", MTX_DEF); 1232 if (newfdp->fd_cdir) 1233 VREF(newfdp->fd_cdir); 1234 if (newfdp->fd_rdir) 1235 VREF(newfdp->fd_rdir); 1236 if (newfdp->fd_jdir) 1237 VREF(newfdp->fd_jdir); 1238 newfdp->fd_refcnt = 1; 1239 1240 /* 1241 * If the number of open files fits in the internal arrays 1242 * of the open file structure, use them, otherwise allocate 1243 * additional memory for the number of descriptors currently 1244 * in use. 1245 */ 1246 FILEDESC_LOCK(fdp); 1247 newfdp->fd_lastfile = fdp->fd_lastfile; 1248 newfdp->fd_nfiles = fdp->fd_nfiles; 1249 if (newfdp->fd_lastfile < NDFILE) { 1250 newfdp->fd_ofiles = ((struct filedesc0 *) newfdp)->fd_dfiles; 1251 newfdp->fd_ofileflags = 1252 ((struct filedesc0 *) newfdp)->fd_dfileflags; 1253 i = NDFILE; 1254 } else { 1255 /* 1256 * Compute the smallest multiple of NDEXTENT needed 1257 * for the file descriptors currently in use, 1258 * allowing the table to shrink. 1259 */ 1260retry: 1261 i = newfdp->fd_nfiles; 1262 while (i > 2 * NDEXTENT && i > newfdp->fd_lastfile * 2) 1263 i /= 2; 1264 FILEDESC_UNLOCK(fdp); 1265 MALLOC(newfdp->fd_ofiles, struct file **, i * OFILESIZE, 1266 M_FILEDESC, M_WAITOK); 1267 FILEDESC_LOCK(fdp); 1268 newfdp->fd_lastfile = fdp->fd_lastfile; 1269 newfdp->fd_nfiles = fdp->fd_nfiles; 1270 j = newfdp->fd_nfiles; 1271 while (j > 2 * NDEXTENT && j > newfdp->fd_lastfile * 2) 1272 j /= 2; 1273 if (i != j) { 1274 /* 1275 * The size of the original table has changed. 1276 * Go over once again. 1277 */ 1278 FILEDESC_UNLOCK(fdp); 1279 FREE(newfdp->fd_ofiles, M_FILEDESC); 1280 FILEDESC_LOCK(fdp); 1281 newfdp->fd_lastfile = fdp->fd_lastfile; 1282 newfdp->fd_nfiles = fdp->fd_nfiles; 1283 goto retry; 1284 } 1285 newfdp->fd_ofileflags = (char *) &newfdp->fd_ofiles[i]; 1286 } 1287 newfdp->fd_nfiles = i; 1288 bcopy(fdp->fd_ofiles, newfdp->fd_ofiles, i * sizeof(struct file **)); 1289 bcopy(fdp->fd_ofileflags, newfdp->fd_ofileflags, i * sizeof(char)); 1290 1291 /* 1292 * kq descriptors cannot be copied. 1293 */ 1294 if (newfdp->fd_knlistsize != -1) { 1295 fpp = &newfdp->fd_ofiles[newfdp->fd_lastfile]; 1296 for (i = newfdp->fd_lastfile; i >= 0; i--, fpp--) { 1297 if (*fpp != NULL && (*fpp)->f_type == DTYPE_KQUEUE) { 1298 *fpp = NULL; 1299 if (i < newfdp->fd_freefile) 1300 newfdp->fd_freefile = i; 1301 } 1302 if (*fpp == NULL && i == newfdp->fd_lastfile && i > 0) 1303 newfdp->fd_lastfile--; 1304 } 1305 newfdp->fd_knlist = NULL; 1306 newfdp->fd_knlistsize = -1; 1307 newfdp->fd_knhash = NULL; 1308 newfdp->fd_knhashmask = 0; 1309 } 1310 1311 fpp = newfdp->fd_ofiles; 1312 for (i = newfdp->fd_lastfile; i-- >= 0; fpp++) { 1313 if (*fpp != NULL) { 1314 fhold(*fpp); 1315 } 1316 } 1317 return (newfdp); 1318} 1319 1320/* 1321 * Release a filedesc structure. 1322 */ 1323void 1324fdfree(td) 1325 struct thread *td; 1326{ 1327 register struct filedesc *fdp; 1328 struct file **fpp; 1329 register int i; 1330 1331 fdp = td->td_proc->p_fd; 1332 /* Certain daemons might not have file descriptors. */ 1333 if (fdp == NULL) 1334 return; 1335 1336 FILEDESC_LOCK(fdp); 1337 if (--fdp->fd_refcnt > 0) { 1338 FILEDESC_UNLOCK(fdp); 1339 return; 1340 } 1341 /* 1342 * we are the last reference to the structure, we can 1343 * safely assume it will not change out from under us. 1344 */ 1345 FILEDESC_UNLOCK(fdp); 1346 fpp = fdp->fd_ofiles; 1347 for (i = fdp->fd_lastfile; i-- >= 0; fpp++) { 1348 if (*fpp) 1349 (void) closef(*fpp, td); 1350 } 1351 1352 PROC_LOCK(td->td_proc); 1353 td->td_proc->p_fd = NULL; 1354 PROC_UNLOCK(td->td_proc); 1355 1356 if (fdp->fd_nfiles > NDFILE) 1357 FREE(fdp->fd_ofiles, M_FILEDESC); 1358 if (fdp->fd_cdir) 1359 vrele(fdp->fd_cdir); 1360 if (fdp->fd_rdir) 1361 vrele(fdp->fd_rdir); 1362 if (fdp->fd_jdir) 1363 vrele(fdp->fd_jdir); 1364 if (fdp->fd_knlist) 1365 FREE(fdp->fd_knlist, M_KQUEUE); 1366 if (fdp->fd_knhash) 1367 FREE(fdp->fd_knhash, M_KQUEUE); 1368 mtx_destroy(&fdp->fd_mtx); 1369 FREE(fdp, M_FILEDESC); 1370} 1371 1372/* 1373 * For setugid programs, we don't want to people to use that setugidness 1374 * to generate error messages which write to a file which otherwise would 1375 * otherwise be off-limits to the process. 1376 * 1377 * This is a gross hack to plug the hole. A better solution would involve 1378 * a special vop or other form of generalized access control mechanism. We 1379 * go ahead and just reject all procfs file systems accesses as dangerous. 1380 * 1381 * Since setugidsafety calls this only for fd 0, 1 and 2, this check is 1382 * sufficient. We also don't for check setugidness since we know we are. 1383 */ 1384static int 1385is_unsafe(struct file *fp) 1386{ 1387 if (fp->f_type == DTYPE_VNODE && 1388 ((struct vnode *)(fp->f_data))->v_tag == VT_PROCFS) 1389 return (1); 1390 return (0); 1391} 1392 1393/* 1394 * Make this setguid thing safe, if at all possible. 1395 */ 1396void 1397setugidsafety(td) 1398 struct thread *td; 1399{ 1400 struct filedesc *fdp = td->td_proc->p_fd; 1401 register int i; 1402 1403 /* Certain daemons might not have file descriptors. */ 1404 if (fdp == NULL) 1405 return; 1406 1407 /* 1408 * note: fdp->fd_ofiles may be reallocated out from under us while 1409 * we are blocked in a close. Be careful! 1410 */ 1411 FILEDESC_LOCK(fdp); 1412 for (i = 0; i <= fdp->fd_lastfile; i++) { 1413 if (i > 2) 1414 break; 1415 if (fdp->fd_ofiles[i] && is_unsafe(fdp->fd_ofiles[i])) { 1416 struct file *fp; 1417 1418#if 0 1419 if ((fdp->fd_ofileflags[i] & UF_MAPPED) != 0) 1420 (void) munmapfd(td, i); 1421#endif 1422 if (i < fdp->fd_knlistsize) { 1423 FILEDESC_UNLOCK(fdp); 1424 knote_fdclose(td, i); 1425 FILEDESC_LOCK(fdp); 1426 } 1427 /* 1428 * NULL-out descriptor prior to close to avoid 1429 * a race while close blocks. 1430 */ 1431 fp = fdp->fd_ofiles[i]; 1432 fdp->fd_ofiles[i] = NULL; 1433 fdp->fd_ofileflags[i] = 0; 1434 if (i < fdp->fd_freefile) 1435 fdp->fd_freefile = i; 1436 FILEDESC_UNLOCK(fdp); 1437 (void) closef(fp, td); 1438 FILEDESC_LOCK(fdp); 1439 } 1440 } 1441 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 1442 fdp->fd_lastfile--; 1443 FILEDESC_UNLOCK(fdp); 1444} 1445 1446/* 1447 * Close any files on exec? 1448 */ 1449void 1450fdcloseexec(td) 1451 struct thread *td; 1452{ 1453 struct filedesc *fdp = td->td_proc->p_fd; 1454 register int i; 1455 1456 /* Certain daemons might not have file descriptors. */ 1457 if (fdp == NULL) 1458 return; 1459 1460 FILEDESC_LOCK(fdp); 1461 1462 /* 1463 * We cannot cache fd_ofiles or fd_ofileflags since operations 1464 * may block and rip them out from under us. 1465 */ 1466 for (i = 0; i <= fdp->fd_lastfile; i++) { 1467 if (fdp->fd_ofiles[i] != NULL && 1468 (fdp->fd_ofileflags[i] & UF_EXCLOSE)) { 1469 struct file *fp; 1470 1471#if 0 1472 if (fdp->fd_ofileflags[i] & UF_MAPPED) 1473 (void) munmapfd(td, i); 1474#endif 1475 if (i < fdp->fd_knlistsize) { 1476 FILEDESC_UNLOCK(fdp); 1477 knote_fdclose(td, i); 1478 FILEDESC_LOCK(fdp); 1479 } 1480 /* 1481 * NULL-out descriptor prior to close to avoid 1482 * a race while close blocks. 1483 */ 1484 fp = fdp->fd_ofiles[i]; 1485 fdp->fd_ofiles[i] = NULL; 1486 fdp->fd_ofileflags[i] = 0; 1487 if (i < fdp->fd_freefile) 1488 fdp->fd_freefile = i; 1489 FILEDESC_UNLOCK(fdp); 1490 (void) closef(fp, td); 1491 FILEDESC_LOCK(fdp); 1492 } 1493 } 1494 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 1495 fdp->fd_lastfile--; 1496 FILEDESC_UNLOCK(fdp); 1497} 1498 1499/* 1500 * Internal form of close. 1501 * Decrement reference count on file structure. 1502 * Note: td may be NULL when closing a file 1503 * that was being passed in a message. 1504 */ 1505int 1506closef(fp, td) 1507 register struct file *fp; 1508 register struct thread *td; 1509{ 1510 struct vnode *vp; 1511 struct flock lf; 1512 1513 if (fp == NULL) 1514 return (0); 1515 /* 1516 * POSIX record locking dictates that any close releases ALL 1517 * locks owned by this process. This is handled by setting 1518 * a flag in the unlock to free ONLY locks obeying POSIX 1519 * semantics, and not to free BSD-style file locks. 1520 * If the descriptor was in a message, POSIX-style locks 1521 * aren't passed with the descriptor. 1522 */ 1523 if (td && (td->td_proc->p_flag & P_ADVLOCK) && 1524 fp->f_type == DTYPE_VNODE) { 1525 lf.l_whence = SEEK_SET; 1526 lf.l_start = 0; 1527 lf.l_len = 0; 1528 lf.l_type = F_UNLCK; 1529 vp = (struct vnode *)fp->f_data; 1530 (void) VOP_ADVLOCK(vp, (caddr_t)td->td_proc->p_leader, 1531 F_UNLCK, &lf, F_POSIX); 1532 } 1533 return (fdrop(fp, td)); 1534} 1535 1536/* 1537 * Drop reference on struct file passed in, may call closef if the 1538 * reference hits zero. 1539 */ 1540int 1541fdrop(fp, td) 1542 struct file *fp; 1543 struct thread *td; 1544{ 1545 1546 FILE_LOCK(fp); 1547 return (fdrop_locked(fp, td)); 1548} 1549 1550/* 1551 * Extract the file pointer associated with the specified descriptor for 1552 * the current user process. 1553 * 1554 * If the descriptor doesn't exist, EBADF is returned. 1555 * 1556 * If the descriptor exists but doesn't match 'flags' then 1557 * return EBADF for read attempts and EINVAL for write attempts. 1558 * 1559 * If 'hold' is set (non-zero) the file's refcount will be bumped on return. 1560 * It should be droped with fdrop(). 1561 * If it is not set, then the refcount will not be bumped however the 1562 * thread's filedesc struct will be returned locked (for fgetsock). 1563 * 1564 * If an error occured the non-zero error is returned and *fpp is set to NULL. 1565 * Otherwise *fpp is set and zero is returned. 1566 */ 1567static __inline 1568int 1569_fget(struct thread *td, int fd, struct file **fpp, int flags, int hold) 1570{ 1571 struct filedesc *fdp; 1572 struct file *fp; 1573 1574 *fpp = NULL; 1575 if (td == NULL || (fdp = td->td_proc->p_fd) == NULL) 1576 return(EBADF); 1577 FILEDESC_LOCK(fdp); 1578 if ((fp = fget_locked(fdp, fd)) == NULL || fp->f_ops == &badfileops) { 1579 FILEDESC_UNLOCK(fdp); 1580 return(EBADF); 1581 } 1582 1583 /* 1584 * Note: FREAD failures returns EBADF to maintain backwards 1585 * compatibility with what routines returned before. 1586 * 1587 * Only one flag, or 0, may be specified. 1588 */ 1589 if (flags == FREAD && (fp->f_flag & FREAD) == 0) { 1590 FILEDESC_UNLOCK(fdp); 1591 return(EBADF); 1592 } 1593 if (flags == FWRITE && (fp->f_flag & FWRITE) == 0) { 1594 FILEDESC_UNLOCK(fdp); 1595 return(EINVAL); 1596 } 1597 if (hold) { 1598 fhold(fp); 1599 FILEDESC_UNLOCK(fdp); 1600 } 1601 *fpp = fp; 1602 return(0); 1603} 1604 1605int 1606fget(struct thread *td, int fd, struct file **fpp) 1607{ 1608 return(_fget(td, fd, fpp, 0, 1)); 1609} 1610 1611int 1612fget_read(struct thread *td, int fd, struct file **fpp) 1613{ 1614 return(_fget(td, fd, fpp, FREAD, 1)); 1615} 1616 1617int 1618fget_write(struct thread *td, int fd, struct file **fpp) 1619{ 1620 return(_fget(td, fd, fpp, FWRITE, 1)); 1621} 1622 1623/* 1624 * Like fget() but loads the underlying vnode, or returns an error if 1625 * the descriptor does not represent a vnode. Note that pipes use vnodes 1626 * but never have VM objects (so VOP_GETVOBJECT() calls will return an 1627 * error). The returned vnode will be vref()d. 1628 */ 1629 1630static __inline 1631int 1632_fgetvp(struct thread *td, int fd, struct vnode **vpp, int flags) 1633{ 1634 struct file *fp; 1635 int error; 1636 1637 *vpp = NULL; 1638 if ((error = _fget(td, fd, &fp, 0, 0)) != 0) 1639 return (error); 1640 if (fp->f_type != DTYPE_VNODE && fp->f_type != DTYPE_FIFO) { 1641 error = EINVAL; 1642 } else { 1643 *vpp = (struct vnode *)fp->f_data; 1644 vref(*vpp); 1645 } 1646 FILEDESC_UNLOCK(td->td_proc->p_fd); 1647 return (error); 1648} 1649 1650int 1651fgetvp(struct thread *td, int fd, struct vnode **vpp) 1652{ 1653 return(_fgetvp(td, fd, vpp, 0)); 1654} 1655 1656int 1657fgetvp_read(struct thread *td, int fd, struct vnode **vpp) 1658{ 1659 return(_fgetvp(td, fd, vpp, FREAD)); 1660} 1661 1662int 1663fgetvp_write(struct thread *td, int fd, struct vnode **vpp) 1664{ 1665 return(_fgetvp(td, fd, vpp, FWRITE)); 1666} 1667 1668/* 1669 * Like fget() but loads the underlying socket, or returns an error if 1670 * the descriptor does not represent a socket. 1671 * 1672 * We bump the ref count on the returned socket. XXX Also obtain the SX lock in 1673 * the future. 1674 */ 1675int 1676fgetsock(struct thread *td, int fd, struct socket **spp, u_int *fflagp) 1677{ 1678 struct file *fp; 1679 int error; 1680 1681 *spp = NULL; 1682 if (fflagp) 1683 *fflagp = 0; 1684 if ((error = _fget(td, fd, &fp, 0, 0)) != 0) 1685 return (error); 1686 if (fp->f_type != DTYPE_SOCKET) { 1687 error = ENOTSOCK; 1688 } else { 1689 *spp = (struct socket *)fp->f_data; 1690 if (fflagp) 1691 *fflagp = fp->f_flag; 1692 soref(*spp); 1693 } 1694 FILEDESC_UNLOCK(td->td_proc->p_fd); 1695 return(error); 1696} 1697 1698/* 1699 * Drop the reference count on the the socket and XXX release the SX lock in 1700 * the future. The last reference closes the socket. 1701 */ 1702void 1703fputsock(struct socket *so) 1704{ 1705 sorele(so); 1706} 1707 1708/* 1709 * Drop reference on struct file passed in, may call closef if the 1710 * reference hits zero. 1711 * Expects struct file locked, and will unlock it. 1712 */ 1713int 1714fdrop_locked(fp, td) 1715 struct file *fp; 1716 struct thread *td; 1717{ 1718 struct flock lf; 1719 struct vnode *vp; 1720 int error; 1721 1722 FILE_LOCK_ASSERT(fp, MA_OWNED); 1723 1724 if (--fp->f_count > 0) { 1725 FILE_UNLOCK(fp); 1726 return (0); 1727 } 1728 mtx_lock(&Giant); 1729 if (fp->f_count < 0) 1730 panic("fdrop: count < 0"); 1731 if ((fp->f_flag & FHASLOCK) && fp->f_type == DTYPE_VNODE) { 1732 lf.l_whence = SEEK_SET; 1733 lf.l_start = 0; 1734 lf.l_len = 0; 1735 lf.l_type = F_UNLCK; 1736 vp = (struct vnode *)fp->f_data; 1737 FILE_UNLOCK(fp); 1738 (void) VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK); 1739 } else 1740 FILE_UNLOCK(fp); 1741 if (fp->f_ops != &badfileops) 1742 error = fo_close(fp, td); 1743 else 1744 error = 0; 1745 ffree(fp); 1746 mtx_unlock(&Giant); 1747 return (error); 1748} 1749 1750/* 1751 * Apply an advisory lock on a file descriptor. 1752 * 1753 * Just attempt to get a record lock of the requested type on 1754 * the entire file (l_whence = SEEK_SET, l_start = 0, l_len = 0). 1755 */ 1756#ifndef _SYS_SYSPROTO_H_ 1757struct flock_args { 1758 int fd; 1759 int how; 1760}; 1761#endif 1762/* 1763 * MPSAFE 1764 */ 1765/* ARGSUSED */ 1766int 1767flock(td, uap) 1768 struct thread *td; 1769 register struct flock_args *uap; 1770{ 1771 struct file *fp; 1772 struct vnode *vp; 1773 struct flock lf; 1774 int error; 1775 1776 if ((error = fget(td, uap->fd, &fp)) != 0) 1777 return (error); 1778 if (fp->f_type != DTYPE_VNODE) { 1779 fdrop(fp, td); 1780 return (EOPNOTSUPP); 1781 } 1782 1783 mtx_lock(&Giant); 1784 vp = (struct vnode *)fp->f_data; 1785 lf.l_whence = SEEK_SET; 1786 lf.l_start = 0; 1787 lf.l_len = 0; 1788 if (uap->how & LOCK_UN) { 1789 lf.l_type = F_UNLCK; 1790 FILE_LOCK(fp); 1791 fp->f_flag &= ~FHASLOCK; 1792 FILE_UNLOCK(fp); 1793 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK); 1794 goto done2; 1795 } 1796 if (uap->how & LOCK_EX) 1797 lf.l_type = F_WRLCK; 1798 else if (uap->how & LOCK_SH) 1799 lf.l_type = F_RDLCK; 1800 else { 1801 error = EBADF; 1802 goto done2; 1803 } 1804 FILE_LOCK(fp); 1805 fp->f_flag |= FHASLOCK; 1806 FILE_UNLOCK(fp); 1807 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf, 1808 (uap->how & LOCK_NB) ? F_FLOCK : F_FLOCK | F_WAIT); 1809done2: 1810 fdrop(fp, td); 1811 mtx_unlock(&Giant); 1812 return (error); 1813} 1814 1815/* 1816 * File Descriptor pseudo-device driver (/dev/fd/). 1817 * 1818 * Opening minor device N dup()s the file (if any) connected to file 1819 * descriptor N belonging to the calling process. Note that this driver 1820 * consists of only the ``open()'' routine, because all subsequent 1821 * references to this file will be direct to the other driver. 1822 */ 1823/* ARGSUSED */ 1824static int 1825fdopen(dev, mode, type, td) 1826 dev_t dev; 1827 int mode, type; 1828 struct thread *td; 1829{ 1830 1831 /* 1832 * XXX Kludge: set curthread->td_dupfd to contain the value of the 1833 * the file descriptor being sought for duplication. The error 1834 * return ensures that the vnode for this device will be released 1835 * by vn_open. Open will detect this special error and take the 1836 * actions in dupfdopen below. Other callers of vn_open or VOP_OPEN 1837 * will simply report the error. 1838 */ 1839 td->td_dupfd = dev2unit(dev); 1840 return (ENODEV); 1841} 1842 1843/* 1844 * Duplicate the specified descriptor to a free descriptor. 1845 */ 1846int 1847dupfdopen(td, fdp, indx, dfd, mode, error) 1848 struct thread *td; 1849 struct filedesc *fdp; 1850 int indx, dfd; 1851 int mode; 1852 int error; 1853{ 1854 register struct file *wfp; 1855 struct file *fp; 1856 1857 /* 1858 * If the to-be-dup'd fd number is greater than the allowed number 1859 * of file descriptors, or the fd to be dup'd has already been 1860 * closed, then reject. 1861 */ 1862 FILEDESC_LOCK(fdp); 1863 if ((u_int)dfd >= fdp->fd_nfiles || 1864 (wfp = fdp->fd_ofiles[dfd]) == NULL) { 1865 FILEDESC_UNLOCK(fdp); 1866 return (EBADF); 1867 } 1868 1869 /* 1870 * There are two cases of interest here. 1871 * 1872 * For ENODEV simply dup (dfd) to file descriptor 1873 * (indx) and return. 1874 * 1875 * For ENXIO steal away the file structure from (dfd) and 1876 * store it in (indx). (dfd) is effectively closed by 1877 * this operation. 1878 * 1879 * Any other error code is just returned. 1880 */ 1881 switch (error) { 1882 case ENODEV: 1883 /* 1884 * Check that the mode the file is being opened for is a 1885 * subset of the mode of the existing descriptor. 1886 */ 1887 FILE_LOCK(wfp); 1888 if (((mode & (FREAD|FWRITE)) | wfp->f_flag) != wfp->f_flag) { 1889 FILE_UNLOCK(wfp); 1890 FILEDESC_UNLOCK(fdp); 1891 return (EACCES); 1892 } 1893 fp = fdp->fd_ofiles[indx]; 1894#if 0 1895 if (fp && fdp->fd_ofileflags[indx] & UF_MAPPED) 1896 (void) munmapfd(td, indx); 1897#endif 1898 fdp->fd_ofiles[indx] = wfp; 1899 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd]; 1900 fhold_locked(wfp); 1901 FILE_UNLOCK(wfp); 1902 if (indx > fdp->fd_lastfile) 1903 fdp->fd_lastfile = indx; 1904 if (fp != NULL) 1905 FILE_LOCK(fp); 1906 FILEDESC_UNLOCK(fdp); 1907 /* 1908 * we now own the reference to fp that the ofiles[] array 1909 * used to own. Release it. 1910 */ 1911 if (fp != NULL) 1912 fdrop_locked(fp, td); 1913 return (0); 1914 1915 case ENXIO: 1916 /* 1917 * Steal away the file pointer from dfd, and stuff it into indx. 1918 */ 1919 fp = fdp->fd_ofiles[indx]; 1920#if 0 1921 if (fp && fdp->fd_ofileflags[indx] & UF_MAPPED) 1922 (void) munmapfd(td, indx); 1923#endif 1924 fdp->fd_ofiles[indx] = fdp->fd_ofiles[dfd]; 1925 fdp->fd_ofiles[dfd] = NULL; 1926 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd]; 1927 fdp->fd_ofileflags[dfd] = 0; 1928 1929 /* 1930 * Complete the clean up of the filedesc structure by 1931 * recomputing the various hints. 1932 */ 1933 if (indx > fdp->fd_lastfile) { 1934 fdp->fd_lastfile = indx; 1935 } else { 1936 while (fdp->fd_lastfile > 0 && 1937 fdp->fd_ofiles[fdp->fd_lastfile] == NULL) { 1938 fdp->fd_lastfile--; 1939 } 1940 if (dfd < fdp->fd_freefile) 1941 fdp->fd_freefile = dfd; 1942 } 1943 if (fp != NULL) 1944 FILE_LOCK(fp); 1945 FILEDESC_UNLOCK(fdp); 1946 1947 /* 1948 * we now own the reference to fp that the ofiles[] array 1949 * used to own. Release it. 1950 */ 1951 if (fp != NULL) 1952 fdrop_locked(fp, td); 1953 return (0); 1954 1955 default: 1956 FILEDESC_UNLOCK(fdp); 1957 return (error); 1958 } 1959 /* NOTREACHED */ 1960} 1961 1962/* 1963 * Get file structures. 1964 */ 1965static int 1966sysctl_kern_file(SYSCTL_HANDLER_ARGS) 1967{ 1968 int error; 1969 struct file *fp; 1970 1971 sx_slock(&filelist_lock); 1972 if (!req->oldptr) { 1973 /* 1974 * overestimate by 10 files 1975 */ 1976 error = SYSCTL_OUT(req, 0, sizeof(filehead) + 1977 (nfiles + 10) * sizeof(struct file)); 1978 sx_sunlock(&filelist_lock); 1979 return (error); 1980 } 1981 1982 error = SYSCTL_OUT(req, (caddr_t)&filehead, sizeof(filehead)); 1983 if (error) { 1984 sx_sunlock(&filelist_lock); 1985 return (error); 1986 } 1987 1988 /* 1989 * followed by an array of file structures 1990 */ 1991 LIST_FOREACH(fp, &filehead, f_list) { 1992 error = SYSCTL_OUT(req, (caddr_t)fp, sizeof (struct file)); 1993 if (error) { 1994 sx_sunlock(&filelist_lock); 1995 return (error); 1996 } 1997 } 1998 sx_sunlock(&filelist_lock); 1999 return (0); 2000} 2001 2002SYSCTL_PROC(_kern, KERN_FILE, file, CTLTYPE_OPAQUE|CTLFLAG_RD, 2003 0, 0, sysctl_kern_file, "S,file", "Entire file table"); 2004 2005SYSCTL_INT(_kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW, 2006 &maxfilesperproc, 0, "Maximum files allowed open per process"); 2007 2008SYSCTL_INT(_kern, KERN_MAXFILES, maxfiles, CTLFLAG_RW, 2009 &maxfiles, 0, "Maximum number of files"); 2010 2011SYSCTL_INT(_kern, OID_AUTO, openfiles, CTLFLAG_RD, 2012 &nfiles, 0, "System-wide number of open files"); 2013 2014static void 2015fildesc_drvinit(void *unused) 2016{ 2017 dev_t dev; 2018 2019 dev = make_dev(&fildesc_cdevsw, 0, UID_BIN, GID_BIN, 0666, "fd/0"); 2020 make_dev_alias(dev, "stdin"); 2021 dev = make_dev(&fildesc_cdevsw, 1, UID_BIN, GID_BIN, 0666, "fd/1"); 2022 make_dev_alias(dev, "stdout"); 2023 dev = make_dev(&fildesc_cdevsw, 2, UID_BIN, GID_BIN, 0666, "fd/2"); 2024 make_dev_alias(dev, "stderr"); 2025 if (!devfs_present) { 2026 int fd; 2027 2028 for (fd = 3; fd < NUMFDESC; fd++) 2029 make_dev(&fildesc_cdevsw, fd, UID_BIN, GID_BIN, 0666, 2030 "fd/%d", fd); 2031 } 2032} 2033 2034struct fileops badfileops = { 2035 badfo_readwrite, 2036 badfo_readwrite, 2037 badfo_ioctl, 2038 badfo_poll, 2039 badfo_kqfilter, 2040 badfo_stat, 2041 badfo_close 2042}; 2043 2044static int 2045badfo_readwrite(fp, uio, cred, flags, td) 2046 struct file *fp; 2047 struct uio *uio; 2048 struct ucred *cred; 2049 struct thread *td; 2050 int flags; 2051{ 2052 2053 return (EBADF); 2054} 2055 2056static int 2057badfo_ioctl(fp, com, data, td) 2058 struct file *fp; 2059 u_long com; 2060 caddr_t data; 2061 struct thread *td; 2062{ 2063 2064 return (EBADF); 2065} 2066 2067static int 2068badfo_poll(fp, events, cred, td) 2069 struct file *fp; 2070 int events; 2071 struct ucred *cred; 2072 struct thread *td; 2073{ 2074 2075 return (0); 2076} 2077 2078static int 2079badfo_kqfilter(fp, kn) 2080 struct file *fp; 2081 struct knote *kn; 2082{ 2083 2084 return (0); 2085} 2086 2087static int 2088badfo_stat(fp, sb, td) 2089 struct file *fp; 2090 struct stat *sb; 2091 struct thread *td; 2092{ 2093 2094 return (EBADF); 2095} 2096 2097static int 2098badfo_close(fp, td) 2099 struct file *fp; 2100 struct thread *td; 2101{ 2102 2103 return (EBADF); 2104} 2105 2106SYSINIT(fildescdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR, 2107 fildesc_drvinit,NULL) 2108 2109static void filelistinit __P((void *)); 2110SYSINIT(select, SI_SUB_LOCK, SI_ORDER_FIRST, filelistinit, NULL) 2111 2112/* ARGSUSED*/ 2113static void 2114filelistinit(dummy) 2115 void *dummy; 2116{
|
| 2117 file_zone = uma_zcreate("Files", sizeof(struct file), NULL, NULL, 2118 NULL, NULL, UMA_ALIGN_PTR, 0); 2119
|
2114 sx_init(&filelist_lock, "filelist lock"); 2115}
| 2120 sx_init(&filelist_lock, "filelist lock"); 2121}
|