kernel/fs: Refactor file_descriptor seek-disabled behavior.

* Default "pos" to "-1" instead of 0 and check for this value
instead of ops->fd_seek directly in IO operations.

* Set "pos" to "0" only for seekable vnodes.

* Return ESPIPE in read() and write() if the specified pos is not
-1, but the descriptor->pos is.

Fixes the VFS part of #18836.

Change-Id: Ib4da1652b06798588abedc98963aeb63511d3e41
Reviewed-on: https://review.haiku-os.org/c/haiku/+/7544
Reviewed-by: waddlesplash <waddlesplash@gmail.com>

kernel/fs: More usage of FileDescriptorDeleter.

Remaining non-uses are mostly in specialized functions that e.g. operate
on many file descriptors at once (like vfs_exec_io_context.)

Reduces "goto"s. Should not have any functional change.

kernel/fs: Standardize AutoDeleters for file_descriptor on FileDescriptorPutter.

No functional change intended.

kernel: Rename DescriptorPutter to FileDescriptorPutter.

For consistency. No functional change.

kernel: Store "next" pointer before notifying B_EVENT_INVALID.

Once B_EVENT_INVALID has been set, the select routine is free to
delete the select_info at any time. We therefore cannot access
the "next" pointer after notify_select_events returns.

May fix a KDL seen by trungnt2910.

kernel/fd: deselect_select_infos must be called with io_mutex held.

When the select/deselect API consumers invoke deselect(), they
expect that when this function returns, no further references to
the select_infos will remain and they can be safely deleted.

In order for that to be true, we cannot remove the select_infos from
the list in one step and deselect them in another; we must do both
without releasing the lock in the middle.

Should hopefully fix a rare KDL seen while testing .NET and
the new event_queue.

kernel: Add event queue implementation to wait for objects efficiently.

Based on hamishm's original patch from 2015, but heavily modified,
refactored, and reworked.

From the original commit message:

> When an object is deleted, a B_EVENT_INVALID event is delivered,
> and the object is unregistered from the queue.
>
> The special event flag B_EVENT_ONE_SHOT can be passed in when adding
> an object so that the object is automatically unregistered when an
> event is delivered.

Modifications to the original change include:

* Removed the public interface (syscalls remain private for the moment)

* Event list queueing/dequeueing almost entirely rewritten, including:
- Clear events field when dequeueing.

- Have B_EVENT_QUEUED actually indicate whether the event has been
appended to the linked list (or not), based around lock state.
The previous logic was prone to races and double-insertions.

- "Modify" is now just "Deselect + Select" performed at once;
previously it could cause use-after-frees.

- Unlock for deselect only once at the end of dequeue.

- Handle INVALID events still in the queue upon destruction,
fixing memory leaks.

* Deduplified code with wait_for_objects.

* Use of C++ virtual dispatch instead of C-style enum + function calls,
and BReferenceable plus destructors for teardown.

* Removed select/modify/delete flags. Select/Modify are now the same
operation on the syscall interface, and "Delete" is done when 0
is passed for "events". Additionally, the events selected can be fetched
by passing -1 for "events".

* Implemented level-triggered mode.

* Use of BStackOrHeapArray and other convenience routines in syscalls.

Change-Id: I1d2f094fd981c95215a59adbc087523c7bbbe40b
Reviewed-on: https://review.haiku-os.org/c/haiku/+/6745
Tested-by: Commit checker robot <no-reply+buildbot@haiku-os.org>
Reviewed-by: Jérôme Duval <jerome.duval@gmail.com>

kernel/fd: Add missing NULL checks in user_io routines.

I am not sure how this path could be hit besides having
O_APPEND set on a socket, which appears to be possible,
though I don't know what purpose that would serve.

Tested by adding these two lines between the sleep() and close()
in the in-tree tcp_connection_test:

fcntl(fd, F_SETFL, O_APPEND);
write(fd, "Hello", 5);

Before this commit, the above lines cause a KDL.

May fix #18133, but I don't presently have access to the
reproduction setup described in that ticket.

kernel/fd: use loop variable type size_t

when count type is size_t.

Change-Id: Id68582fbd2243d65394e0c2c4d43272823bf778e
Reviewed-on: https://review.haiku-os.org/c/haiku/+/5543
Reviewed-by: waddlesplash <waddlesplash@gmail.com>

kernel: fix trace build for fd.cpp and fifo.cpp

Change-Id: I12b2e85926ae63eaba5c077343cdaa2362cf8af1
Reviewed-on: https://review.haiku-os.org/c/haiku/+/5391
Reviewed-by: waddlesplash <waddlesplash@gmail.com>

kernel: Rework iovec copying from userland.

Create a utility function which performs all necessary checks,
allocates memory, and copies the structures, and then make use of it
in the three places in the kernel which did all this manually.

None of them were previously complete: the fd and socket code only
checked iov_base and not iov_len, while the port code did not check
anything at all.

Part of #14961.

kernel/fs: Invoke the new is_user_address_range on more I/O buffers.

We do not access these buffers directly here but pass them deeper
into the kernel, where they may be used in IO operations that do
not invoke user_* functions at all, so we have to validate them fully here.

Part of #14961.

use common AutoDeleter types

Change-Id: I115e14b76f3ff049c5f7d9471efd3619a0038fcf
Reviewed-on: https://review.haiku-os.org/c/haiku/+/3483
Reviewed-by: Adrien Destugues <pulkomandy@gmail.com>
Reviewed-by: Axel Dörfler <axeld@pinc-software.de>

fix build after CObjectDeleter interface change

Change-Id: I76e217abcd13c22c4d68170e07333cdde4d7a891
Reviewed-on: https://review.haiku-os.org/c/haiku/+/3461
Reviewed-by: Adrien Destugues <pulkomandy@gmail.com>

kernel/fs: On write, relax address check on 0 length and NULL ptr

* IEEE Std 1003.1-2017, read, write
* golang performs a write of 0 length with a NULL buffer to
"create" an empty file. We return BAD_ADDRESS for this.
* If condition above occurs, continue as a length of 0 means
we won't read the passed buffer.

Change-Id: I8718abb92f5865a7b6f4fb7f2b74f803497ebef0
Reviewed-on: https://review.haiku-os.org/c/haiku/+/3285
Reviewed-by: Alex von Gluck IV <kallisti5@unixzen.com>
Reviewed-by: Adrien Destugues <pulkomandy@gmail.com>

kernel/fs: fix previous commit logic

fix #16598

Change-Id: Ie34c1563bd34dbe9c6cda92e41a2d5a96d20c3b1
Reviewed-on: https://review.haiku-os.org/c/haiku/+/3383
Reviewed-by: Jacob Secunda <secundaja@gmail.com>
Reviewed-by: Jérôme Duval <jerome.duval@gmail.com>

kernel/fs: update position when user writing with O_APPEND

when appending, pos is passed unchanged to the write hook.
fix #16506

Change-Id: I102e8e00e635d7a32cf50f09d8bd3d28dc235f9b
Reviewed-on: https://review.haiku-os.org/c/haiku/+/3373
Reviewed-by: Jérôme Duval <jerome.duval@gmail.com>

kernel: add assert in _user_read_dir

* This will help catch bugs such as in #15607.

Change-Id: I25b28932f9db4e2abe8499dd829c910bb565086b
Reviewed-on: https://review.haiku-os.org/c/haiku/+/2082
Reviewed-by: waddlesplash <waddlesplash@gmail.com>

kernel/fs: Add missing IS_USER_ADDRESS check in user_vector_io.

This reinstates commit 2b5ebfcfd578f177968c5b923e5ccd6eb0195674.

According to the POSIX specification, a NULL iov_base means
"do nothing." So we should treat that as such properly,
and not consider it an invalid address.

Fixes #15356.

Revert "kernel/fs: Add missing IS_USER_ADDRESS check in user_vector_io."

This reverts commit 2b5ebfcfd578f177968c5b923e5ccd6eb0195674.

Breaks cmake.

kernel/fs: Add missing IS_USER_ADDRESS check in user_vector_io.

The iovecs themselves were checked before they were copied,
but the iov_base inside each was not, making it possible
for evil (or just broken) user applications to put kernel
addresses in here.

Part of #14961.

kernel: Reinstate the USER_ADDRESS check in ioctl (sort of).

Thinking over this carefully, I realized that adding checks to
every ioctl implementation in every driver would be very prohibitive,
because there, one has to check is_called_via_syscall() in addition
to IS_USER_ADDRESS(), and this would have to be done in every case.
So that would take a massive amount of work, and it would be
very easy to miss a case.

Instead, we can take advantage of the fact that all we really care
about is the buffer not existing within the kernel address space.
This should allow using constants in the umappable range between
0x0 and the beginning of the user address space, too.

Change-Id: I2eeb46e806a5aac32e152c72076a042aa847be0d

kernel/fs: Use an object_cache for the file_descriptor structs.

file_descriptor structs were (following the original packagefs changes)
the 4th most allocated item during the boot, with 11903 instances.
These are of course all rather ephemeral, as after the boot finished
there were only 70-some-odd remaining (which is surprisingly low,
I though.)

During heavy system use, this will of course get hit much more often.
So making them object_cached for both performance and memory reasons
makes a lot of sense.

vfs: _user_ioctl: any buffer value is allowed for some ops.

some ops want an integer value instead of a pointer as arg parameter ( #15058 ).

http://pubs.opengroup.org/onlinepubs/9699919799/functions/ioctl.html clearly specifies that:
"The type of arg depends upon the particular control request, but it shall be either an
integer or a pointer to a device-specific data structure."

add a test for functions which should return ENOTTY as errno.

Change-Id: I4a98af73b17c79c3460123d3794ee866f8719898
Reviewed-on: https://review.haiku-os.org/c/1447
Reviewed-by: waddlesplash <waddlesplash@gmail.com>

kernel/fs/fd: fcntl(F_DUPFD) should return EINVAL for invalid fds.

fix a failure for test-fcntl.c of gltests.

Change-Id: Ied8effdee2ddd9868bf039dbf74a3057a2541cac
Reviewed-on: https://review.haiku-os.org/c/1331
Reviewed-by: Adrien Destugues <pulkomandy@gmail.com>

kernel/fs/fd: use BytePointer

Change-Id: I0fcb549d313fe7193d8e1c2b6b0a44ae4b2fcb95
Reviewed-on: https://review.haiku-os.org/c/1090
Reviewed-by: waddlesplash <waddlesplash@gmail.com>

kernel/fs: NULL is a valid buffer to pass to ioctl().

Another bug exposed by hrev52905. Discovered because Expander was
not displaying archive contents anymore.

kernel/fs: Consumers of context->fds[] must check O_DISCONNECTED.

Since these do not go through get_fd, which would check for them,
we need to do these checks manually in the relevant locations.

Some of these changes were broken out from axeld's original commit,
and some were found by my own auditing.

kernel: Rework the FD disconnect feature (again).

axeld's solution from 2015 worked in that it solved the panics and
problems with leaking FDs ... but only if nobody actually tried to
use the FDs again. As you can see in the diff of the previous commit,
in allowing closed FDs (which have NULL "ops") to be returned by get_fd,
all consumers of the get_fd API (so, pretty much most functions in
vfs.cpp and fd.cpp) have to check *both* that (1) the fd is not NULL,
and (2) the fd does not have O_DISCONNECT set.

Besides missing a large majority of consumers of get_fd (which caused
ticket #14532 and also the first half of ticket #14756, probably among
others, as I haven't reviewed all NULL-dereference-in-VFS tickets yet)
this solution missed the fact that calling get_fd increments the reference
count, but then exiting the exact same way as if the FD was NULL
(without putting it) when it is disconnected *also* leaks the FD.

As it turns out, a not insignificant number of applications try
to do this, which (depending on whether you went through one of the
'lucky' functions axeld's commit touched) either (1) leaked the FD,
or (2) caused a kernel panic.

Now, we could go through and add O_DISCONNECT checks to every single
consumer of get_fd followed by put_fd to get the proper behavior ...
but that would be the same thing as just returning NULL here and not
incrementing the reference count.

So it seems the first part of axeld's solution (don't set open_count
or ref_count to -1 but leave them as-is) is the only change necessary.

A few places where there were legitimately missing O_DISCONNECT checks
(some originally added by axeld) are (re-)added in the next commit.
Otherwise this seems to be the more robust solution. (But I wonder why
nobody caught this in the code review axeld asked for in the commit
and the ticket back in 2015? Did nobody notice the unbalanced get/put?)

Fixes #14532, part of #14756, and probably any other NULL dereferences
in VFS I/O functions (XHCI is especially good at exposing these)
that are lingering around on the bugtracker.

Revert "VFS: Slight rework of the FD disconnect feature."

This reverts commit eb62d3337b82f4dce6b1a0b3f116e38491c66f14.

vfs: Bind flock locks to file descriptors

* File locks created by flock should only apply for the file descriptor
that was used to lock the file. Another fd on the same file should then
be denied access (calling flock should fail).
* fcntl based locks, however, are in a separate namespace and are global
to a team.
* This issue was found when running webkitpy test suite, and should close
ticket #13795.
* Don't use session or team as comparison in release_advisory_lock(), as
that information might not be available anymore (e.g. when called from
Team::~Team()). This fixes #14121.

Change-Id: I9efb96cfcefe7e72b0060220c635a665e7e643cc
Co-authored-by: Axel Dörfler <axeld@pinc-software.de>

kernel: fd: don't notify output-only select events by default

Output-only events (B_EVENT_ERROR, B_EVENT_DISCONNECTED and
B_EVENT_INVALID, with B_EVENT_INVALID masked out before passing down
events) are used to indicate error, so they should not be notified if
the filesystem does not explicitly provide an fd_select() override.

Bug: 13965

VFS: Slight rework of the FD disconnect feature.

* This should fix ticket #4157, although I probably have missed
something.
* In any case, it no longer messes with the ref counts of the
file descriptor, and the race condition in put_fd() should be
gone.
* It's still rather messy all in all.

kernel: Fix unbalanced release of sync object in FD select race.

When a file descriptor is closed between being selected and adding the
select info to its IO context, the select info needs to be cleaned up.
This is done by deselect_select_infos() which unconditionally also put
the select_sync associated with the infos. In this special case we do
not yet hold a reference to the select_sync however, so avoid putting
the corresponding sync object.

Fixes #11098, #10763 and #10230.

Lots of B_PRI... insertions to fix errors with DEBUG=1.

Align all filesystem relevant places to use B_UNSUPPORTED for unsupported
instead of a mix of B_NOT_SUPPORTED and B_UNSUPPORTED. This allows checking for
a specific error code. Probably one of those should be phased out...


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@43025 a95241bf-73f2-0310-859d-f6bbb57e9c96

Merged signals-merge branch into trunk with the following changes:
* Reorganized the kernel locking related to threads and teams.
* We now discriminate correctly between process and thread signals. Signal
handlers have been moved to teams. Fixes #5679.
* Implemented real-time signal support, including signal queuing, SA_SIGINFO
support, sigqueue(), sigwaitinfo(), sigtimedwait(), waitid(), and the addition
of the real-time signal range. Closes #1935 and #2695.
* Gave SIGBUS a separate signal number. Fixes #6704.
* Implemented <time.h> clock and timer support, and fixed/completed alarm() and
[set]itimer(). Closes #5682.
* Implemented support for thread cancellation. Closes #5686.
* Moved send_signal() from <signal.h> to <OS.h>. Fixes #7554.
* Lots over smaller more or less related changes.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@42116 a95241bf-73f2-0310-859d-f6bbb57e9c96

* if ioctl hook wasn't found, now returns B_DEV_INVALID_IOCTL
* in case fd_ioctl() was about to return B_DEV_INVALID_IOCTL, translate to ENOTTY to satisfy #7279.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@40787 a95241bf-73f2-0310-859d-f6bbb57e9c96

reverted r40686


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@40699 a95241bf-73f2-0310-859d-f6bbb57e9c96

FIONBIO and FIONREAD don't apply to directories, files, attributes: returns ENOTTY in these cases. This fixes #7279.
ENOTTY could also be replaced with a B_ error code.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@40686 a95241bf-73f2-0310-859d-f6bbb57e9c96

Merged the signals branch into trunk, with these changes:
* The team and thread kernel structures have been renamed to Team and Thread
respectively and moved into the new BKernel namespace.
* Several (kernel add-on) sources have been converted from C to C++ since
private kernel headers are included that are no longer C compatible.

Changes after merging:
* Fixed gcc 2 build (warnings mainly in the scary firewire bus manager).


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@40196 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Changed some POSIX error codes to native ones.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@37842 a95241bf-73f2-0310-859d-f6bbb57e9c96

Changed the type of the "op" parameter of the fs_vnode_ops::ioctl() hook and
the _kern_ioctl() syscall from ulong to uint32.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@36927 a95241bf-73f2-0310-859d-f6bbb57e9c96

bonefish+mmlr:
* Add file descriptor and IO context tracing.
* Some minor cleanup.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@36272 a95241bf-73f2-0310-859d-f6bbb57e9c96

Changed the FD selection/deselection handling a bit:
* B_EVENT_INVALID is no longer passed to the FD's select()/deselect() hooks.
* Now we always attach the select info to the I/O context, even if no event has
been selected. The reasoning is that B_EVENT_INVALID is always automatically
selected and handled by the VFS, so we need the handle to notify on close().


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@32417 a95241bf-73f2-0310-859d-f6bbb57e9c96

* _user_read_dir(): Allocate a temporary heap buffer passed into the kernel
instead of using the user buffer. This frees the VFS and FS implementations
from handling user buffers.
* Adjusted fix_dirent() accordingly.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@32384 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Replaced all "status < B_OK" with != B_OK - this should make the VFS layer
more robust against broken (userland) file systems.
* 80 character column cleanup.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@32184 a95241bf-73f2-0310-859d-f6bbb57e9c96

Added dup_foreign_fd() to duplicate a FD from another team.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@29468 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Fixed wrong use of MutexLocker as pointed out by Korli - nice catch! This
could have caused a number of problems.
* Fixed coding style violation Ingo introduced.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@29378 a95241bf-73f2-0310-859d-f6bbb57e9c96

Fixed build with tracing enabled.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@26772 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Removed -Wno-unused from all KernelMergeObjects in kernel Jamfiles.
* Fixed most of the warnings resulting from that by removing actually not used
variables or moving declaration into the #IF. Left unused functions there
though, as I wouldn't know if they are supposed to be used again.
* Fixed two statements with no effect (clamping to MAX_ANCILLARY_DATA_LEN in
socket.cpp and unsetting fCounterSem in MessagingService.cpp).
* Some style cleanups.

git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@26253 a95241bf-73f2-0310-859d-f6bbb57e9c96

Added get_open_fd() function which gets the descriptor and also
increments its open count.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@25317 a95241bf-73f2-0310-859d-f6bbb57e9c96

Fixed a race condition between select_fd() and close(). Since
select_fd() first added the select info to the IO context and then
called select() on the descriptor, a close() called at the same time
could already deselect the events and close the descriptor before
select_fd() was done with select(). select_fd() does now keep an own
open reference while selecting the events and add the select info
afterwards to the IO context (if the FD is still current).


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@25266 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Removed SyscallRestartWrapper comparison operators. They are not
needed, since we've got a cast operator.
* Reverted r24927-r24929. There's no potential ambiguity anymore.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24949 a95241bf-73f2-0310-859d-f6bbb57e9c96

Added close_fd_index() which is pretty much like close(), but gets the
IO context in which to close the FD.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24937 a95241bf-73f2-0310-859d-f6bbb57e9c96

better cast to the good type to avoid confusing gcc


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24929 a95241bf-73f2-0310-859d-f6bbb57e9c96

hmm I managed to break the comparaison order...


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24928 a95241bf-73f2-0310-859d-f6bbb57e9c96

gcc4 build fix. Here is one of the two errors:
src/system/kernel/fs/fd.cpp: In function 'ssize_t common_user_vector_io(int, off_t, const iovec*, size_t, bool)':
src/system/kernel/fs/fd.cpp:727: error: ISO C++ says that these are ambiguous, even though the worst conversion for the first is better than the worst conversion for the
second:
headers/private/kernel/syscall_restart.h:151: note: candidate 1: bool SyscallRestartWrapper<Type>::operator<(const Type&) const [with Type = long int]
src/system/kernel/fs/fd.cpp:727: note: candidate 2: operator<(long int, int) <built-in>


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24927 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Renamed THREAD_FLAGS_IOCTL_SYSCALL to THREAD_FLAGS_SYSCALL,
syscall_restart_ioctl_is_restarted() to syscall_restart_is_restarted,
IoctlSyscallFlagUnsetter to SyscallFlagUnsetter, and
IoctlSyscallRestartWrapper to SyscallRestartWrapper, as they are no
longer only used for ioctl().
* Removed unused syscall_restart_ioctl_handle_post().
* Made SyscallRestartWrapper a lot fancier. Instead of storing a
reference to the result value, it stores the value itself, and it
features all the interesting operators that make it appear like that
value. This simplifies the use of the class quite a bit.
* THREAD_FLAGS_SYSCALL is now set for all socket function and the
read[v](), write[v]() syscalls.
* Added is_syscall() function and net_stack hook to the net stack.
* Removed "kernel" parameter from all net_stack_interface and net_socket
module hooks. They aren't need any longer, since is_syscall() can be
used instead.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24914 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Fixed some checks for user addresses. IS_KERNEL_ADDRESS is not the
same as !IS_USER_ADDRESS.
* Use the new IoctlSyscallFlagUnsetter helper class in _kern_ioctl().
The former implementation wasn't checking correctly for a previous
syscall flag.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24904 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Implemented support for chroot:
- Added a "root" vnode to the io_context. It is used for resolving
paths and converting nodes to paths instead of sRoot. Some more
passing around of io_context structures was necessary.
- Introduced a new lock sIOContextRootLock to protect
io_context::root. The current uses of io_context::io_mutex
(put_vnode(), remove_vnode() while holding it) looked too suspicious
to use that mutex in vnode_path_to_vnode().
- Added _kern_change_root() syscall and chroot() libroot function.
- Added chroot coreutils program to the image. Funnily it seems to be
much easier to set up a little jail than under Linux (just copy
bash and libroot.so into respective subdirs; mount another pipefs
if you want pipe support).
With Haiku allowing direct access to directories via inode IDs
jailing is obviously not very secure at the moment.
- Added /var/empty to the image. It will be the chroot target for ssh.
* Changed vfs.cpp:get_cwd() so that the io_context::io_mutex is no
longer held when calling dir_vnode_to_path().


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24673 a95241bf-73f2-0310-859d-f6bbb57e9c96

axeld + bonefish:
* Implemented automatic syscall restarts:
- A syscall can indicate that it has been interrupted and can be
restarted by setting a respective bit in thread::flags. It can
store parameters it wants to be preserved for the restart in
thread::syscall_restart::parameters. Another thread::flags bit
indicates whether it has been restarted.
- handle_signals() clears the restart flag, if the handled signal
has a handler function installed and SA_RESTART is not set. Another
thread flag (THREAD_FLAGS_DONT_RESTART_SYSCALL) can prevent syscalls
from being restarted, even if they could be (not used yet, but we
might want to use it in resume_thread(), so that we stay
behaviorally compatible with BeOS).
- The architecture specific syscall handler restarts the syscall, if
the restart flag is set. Implemented for x86 only.
- Added some support functions in the private <syscall_restart.h> to
simplify the syscall restart code in the syscalls.
- Adjusted all syscalls that can potentially be restarted accordingly.
- _user_ioctl() sets new thread flag THREAD_FLAGS_IOCTL_SYSCALL while
calling the underlying FS's/driver's hook, so that syscall restarts
can also be supported there.
* thread_at_kernel_exit() invokes handle_signals() in a loop now, as
long as the latter indicates that the thread shall be suspended, so
that after waking up signals received in the meantime will be handled
before the thread returns to userland. Adjusted handle_signals()
accordingly -- when encountering a suspending signal we don't check
for further signals.
* Fixed sigsuspend(): Suspending the thread and rescheduling doesn't
result in the correct behavior. Instead we employ a temporary
condition variable and interruptably wait on it. The POSIX test
suite test passes, now.
* Made the switch_sem[_etc]() behavior on interruption consistent.
Depending on when the signal arrived (before the call or when already
waiting) the first semaphore would or wouldn't be released. Now we
consistently release it.
* Refactored _user_{read,write}[v]() syscalls. Use a common function for
either pair. The iovec version doesn't fail anymore, if anything could
be read/written at all. It also checks whether a complete vector
could be read/written, so that we won't skip data, if the underlying
FS/driver couldn't read/write more ATM.
* Some refactoring in the x86 syscall handler: The int 99 and sysenter
handlers use a common subroutine to avoid code duplication.



git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@23983 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Fixed _{kern|user}_{read|write}[v]() functions to not move the descriptor's
file position in case an offset was specified.
* Reverted r23828-r23830 in File.cpp: don't fix the symptoms but the cause
of the problem (hey, that has to be in the kernel, right? :))
* Cleanup of File.cpp, removed OpenBeOS namespace.
* Moved user_fd_kernel_ioctl() to the section where it belongs to (that
function should be renamed, though).


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@23832 a95241bf-73f2-0310-859d-f6bbb57e9c96

Merged branch haiku/branches/developer/bonefish/optimization revision
23139 into trunk, with roughly the following changes (for details svn
log the branch):
* The int 99 syscall handler is now fully in assembly.
* Added a sysenter/sysexit handler and use it on Pentiums that support
it (via commpage).
* Got rid of i386_handle_trap(). A bit of functionality was moved into
the assembly handler which now uses a jump table to call C functions
handling the respective interrupt.
* Some optimizations to get user debugger support code out of the
interrupt handling path.
* Introduced a thread::flags fields which allows to skip handling of
rare events (signals, user debug enabling/disabling) on the
common interrupt handling path.
* Got rid of the explicit iframe stack. The iframes can still be
retrieved by iterating through the stack frames.
* Made the commpage an architecture independent feature. It's used for
the real time data stuff (instead of creating a separate area).
* The x86 CPU modules can now provide processor optimized versions for
common functions (currently memcpy() only). They are used in the
kernel and are provided to the userland via commpage entries.
* Introduced build system feature allowing easy use of C structure
member offsets in assembly code.

Changes after merging:
* Fixed merge conflict in src/system/kernel/arch/x86/arch_debug.cpp
(caused by refactoring and introduction of "call" debugger command).



git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@23370 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Renamed fs/vfs_select.cpp to wait_for_objects.cpp and got rid of
vfs_select.h, respectively moved most of it into the new kernel
private header wait_for_objects.h.
* Added new experimental API functions wait_for_objects[_etc](). They
work pretty much like poll(), but also for semaphores, ports, and
threads.
* Removed the "ref" parameter from notify_select_events() and the
select_sync_pool functions as well as from fd_ops::fd_[de]select(). It
is no longer needed. The FS interface select() hook still has it,
though -- the VFS will always pass 0.
* de]select_fd() take a select_info* instead of a select_sync* + ref
pair, now. Added respective functions for semaphores, ports, and
threads.



git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@22416 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Added a handy FDGetter AutoLocker-style class.
* In select_fd(): First get the file descriptor, then check whether any
events have to be selected at all. This has the advantage that the
caller can interpret an error return code as invalid FD. Consequently
common_poll() no longer checks FD validity separately -- this was a
race condition.
* common_poll() always selects POLLERR and POLLHUP now, which it has to
do according to the specs.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@22400 a95241bf-73f2-0310-859d-f6bbb57e9c96

* fd.c -> fd.cpp
* Reworked the select support:
- The io_context additionally stores a table of lists of select_infos,
which enables it to deselect events of a pending select() when
closing a FD. This prevents a race condition potentially causing a
write to stale memory.
- The opaque selectsync* passed to FSs is now actually a select_info*.
This was necessary, since the FDs deselect() hook (unlike the
select() hook) doesn't take a "ref" argument and deselecting a
single info (e.g. caused by a premature close()) was not possible.
The select() hook's "ref" argument has become superfluous.
- It should now be relatively easy to implement a poll_on_steroids()
that can also wait for objects other than FDs (e.g. semaphores,
ports, threads etc.).
* Set/reset the signal mask in common_select(). This makes pselect()
work as required.
* Reorganized vfs_resize_fd_table().



git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@22391 a95241bf-73f2-0310-859d-f6bbb57e9c96

VFS: Slight rework of the FD disconnect feature.

* This should fix ticket #4157, although I probably have missed
something.
* In any case, it no longer messes with the ref counts of the
file descriptor, and the race condition in put_fd() should be
gone.
* It's still rather messy all in all.

kernel: Fix unbalanced release of sync object in FD select race.

When a file descriptor is closed between being selected and adding the
select info to its IO context, the select info needs to be cleaned up.
This is done by deselect_select_infos() which unconditionally also put
the select_sync associated with the infos. In this special case we do
not yet hold a reference to the select_sync however, so avoid putting
the corresponding sync object.

Fixes #11098, #10763 and #10230.

Lots of B_PRI... insertions to fix errors with DEBUG=1.

Align all filesystem relevant places to use B_UNSUPPORTED for unsupported
instead of a mix of B_NOT_SUPPORTED and B_UNSUPPORTED. This allows checking for
a specific error code. Probably one of those should be phased out...


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@43025 a95241bf-73f2-0310-859d-f6bbb57e9c96

Merged signals-merge branch into trunk with the following changes:
* Reorganized the kernel locking related to threads and teams.
* We now discriminate correctly between process and thread signals. Signal
handlers have been moved to teams. Fixes #5679.
* Implemented real-time signal support, including signal queuing, SA_SIGINFO
support, sigqueue(), sigwaitinfo(), sigtimedwait(), waitid(), and the addition
of the real-time signal range. Closes #1935 and #2695.
* Gave SIGBUS a separate signal number. Fixes #6704.
* Implemented <time.h> clock and timer support, and fixed/completed alarm() and
[set]itimer(). Closes #5682.
* Implemented support for thread cancellation. Closes #5686.
* Moved send_signal() from <signal.h> to <OS.h>. Fixes #7554.
* Lots over smaller more or less related changes.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@42116 a95241bf-73f2-0310-859d-f6bbb57e9c96

* if ioctl hook wasn't found, now returns B_DEV_INVALID_IOCTL
* in case fd_ioctl() was about to return B_DEV_INVALID_IOCTL, translate to ENOTTY to satisfy #7279.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@40787 a95241bf-73f2-0310-859d-f6bbb57e9c96

reverted r40686


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@40699 a95241bf-73f2-0310-859d-f6bbb57e9c96

FIONBIO and FIONREAD don't apply to directories, files, attributes: returns ENOTTY in these cases. This fixes #7279.
ENOTTY could also be replaced with a B_ error code.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@40686 a95241bf-73f2-0310-859d-f6bbb57e9c96

Merged the signals branch into trunk, with these changes:
* The team and thread kernel structures have been renamed to Team and Thread
respectively and moved into the new BKernel namespace.
* Several (kernel add-on) sources have been converted from C to C++ since
private kernel headers are included that are no longer C compatible.

Changes after merging:
* Fixed gcc 2 build (warnings mainly in the scary firewire bus manager).


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@40196 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Changed some POSIX error codes to native ones.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@37842 a95241bf-73f2-0310-859d-f6bbb57e9c96

Changed the type of the "op" parameter of the fs_vnode_ops::ioctl() hook and
the _kern_ioctl() syscall from ulong to uint32.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@36927 a95241bf-73f2-0310-859d-f6bbb57e9c96

bonefish+mmlr:
* Add file descriptor and IO context tracing.
* Some minor cleanup.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@36272 a95241bf-73f2-0310-859d-f6bbb57e9c96

Changed the FD selection/deselection handling a bit:
* B_EVENT_INVALID is no longer passed to the FD's select()/deselect() hooks.
* Now we always attach the select info to the I/O context, even if no event has
been selected. The reasoning is that B_EVENT_INVALID is always automatically
selected and handled by the VFS, so we need the handle to notify on close().


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@32417 a95241bf-73f2-0310-859d-f6bbb57e9c96

* _user_read_dir(): Allocate a temporary heap buffer passed into the kernel
instead of using the user buffer. This frees the VFS and FS implementations
from handling user buffers.
* Adjusted fix_dirent() accordingly.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@32384 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Replaced all "status < B_OK" with != B_OK - this should make the VFS layer
more robust against broken (userland) file systems.
* 80 character column cleanup.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@32184 a95241bf-73f2-0310-859d-f6bbb57e9c96

Added dup_foreign_fd() to duplicate a FD from another team.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@29468 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Fixed wrong use of MutexLocker as pointed out by Korli - nice catch! This
could have caused a number of problems.
* Fixed coding style violation Ingo introduced.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@29378 a95241bf-73f2-0310-859d-f6bbb57e9c96

Fixed build with tracing enabled.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@26772 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Removed -Wno-unused from all KernelMergeObjects in kernel Jamfiles.
* Fixed most of the warnings resulting from that by removing actually not used
variables or moving declaration into the #IF. Left unused functions there
though, as I wouldn't know if they are supposed to be used again.
* Fixed two statements with no effect (clamping to MAX_ANCILLARY_DATA_LEN in
socket.cpp and unsetting fCounterSem in MessagingService.cpp).
* Some style cleanups.

git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@26253 a95241bf-73f2-0310-859d-f6bbb57e9c96

Added get_open_fd() function which gets the descriptor and also
increments its open count.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@25317 a95241bf-73f2-0310-859d-f6bbb57e9c96

Fixed a race condition between select_fd() and close(). Since
select_fd() first added the select info to the IO context and then
called select() on the descriptor, a close() called at the same time
could already deselect the events and close the descriptor before
select_fd() was done with select(). select_fd() does now keep an own
open reference while selecting the events and add the select info
afterwards to the IO context (if the FD is still current).


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@25266 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Removed SyscallRestartWrapper comparison operators. They are not
needed, since we've got a cast operator.
* Reverted r24927-r24929. There's no potential ambiguity anymore.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24949 a95241bf-73f2-0310-859d-f6bbb57e9c96

Added close_fd_index() which is pretty much like close(), but gets the
IO context in which to close the FD.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24937 a95241bf-73f2-0310-859d-f6bbb57e9c96

better cast to the good type to avoid confusing gcc


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24929 a95241bf-73f2-0310-859d-f6bbb57e9c96

hmm I managed to break the comparaison order...


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24928 a95241bf-73f2-0310-859d-f6bbb57e9c96

gcc4 build fix. Here is one of the two errors:
src/system/kernel/fs/fd.cpp: In function 'ssize_t common_user_vector_io(int, off_t, const iovec*, size_t, bool)':
src/system/kernel/fs/fd.cpp:727: error: ISO C++ says that these are ambiguous, even though the worst conversion for the first is better than the worst conversion for the
second:
headers/private/kernel/syscall_restart.h:151: note: candidate 1: bool SyscallRestartWrapper<Type>::operator<(const Type&) const [with Type = long int]
src/system/kernel/fs/fd.cpp:727: note: candidate 2: operator<(long int, int) <built-in>


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24927 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Renamed THREAD_FLAGS_IOCTL_SYSCALL to THREAD_FLAGS_SYSCALL,
syscall_restart_ioctl_is_restarted() to syscall_restart_is_restarted,
IoctlSyscallFlagUnsetter to SyscallFlagUnsetter, and
IoctlSyscallRestartWrapper to SyscallRestartWrapper, as they are no
longer only used for ioctl().
* Removed unused syscall_restart_ioctl_handle_post().
* Made SyscallRestartWrapper a lot fancier. Instead of storing a
reference to the result value, it stores the value itself, and it
features all the interesting operators that make it appear like that
value. This simplifies the use of the class quite a bit.
* THREAD_FLAGS_SYSCALL is now set for all socket function and the
read[v](), write[v]() syscalls.
* Added is_syscall() function and net_stack hook to the net stack.
* Removed "kernel" parameter from all net_stack_interface and net_socket
module hooks. They aren't need any longer, since is_syscall() can be
used instead.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24914 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Fixed some checks for user addresses. IS_KERNEL_ADDRESS is not the
same as !IS_USER_ADDRESS.
* Use the new IoctlSyscallFlagUnsetter helper class in _kern_ioctl().
The former implementation wasn't checking correctly for a previous
syscall flag.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24904 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Implemented support for chroot:
- Added a "root" vnode to the io_context. It is used for resolving
paths and converting nodes to paths instead of sRoot. Some more
passing around of io_context structures was necessary.
- Introduced a new lock sIOContextRootLock to protect
io_context::root. The current uses of io_context::io_mutex
(put_vnode(), remove_vnode() while holding it) looked too suspicious
to use that mutex in vnode_path_to_vnode().
- Added _kern_change_root() syscall and chroot() libroot function.
- Added chroot coreutils program to the image. Funnily it seems to be
much easier to set up a little jail than under Linux (just copy
bash and libroot.so into respective subdirs; mount another pipefs
if you want pipe support).
With Haiku allowing direct access to directories via inode IDs
jailing is obviously not very secure at the moment.
- Added /var/empty to the image. It will be the chroot target for ssh.
* Changed vfs.cpp:get_cwd() so that the io_context::io_mutex is no
longer held when calling dir_vnode_to_path().


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@24673 a95241bf-73f2-0310-859d-f6bbb57e9c96

axeld + bonefish:
* Implemented automatic syscall restarts:
- A syscall can indicate that it has been interrupted and can be
restarted by setting a respective bit in thread::flags. It can
store parameters it wants to be preserved for the restart in
thread::syscall_restart::parameters. Another thread::flags bit
indicates whether it has been restarted.
- handle_signals() clears the restart flag, if the handled signal
has a handler function installed and SA_RESTART is not set. Another
thread flag (THREAD_FLAGS_DONT_RESTART_SYSCALL) can prevent syscalls
from being restarted, even if they could be (not used yet, but we
might want to use it in resume_thread(), so that we stay
behaviorally compatible with BeOS).
- The architecture specific syscall handler restarts the syscall, if
the restart flag is set. Implemented for x86 only.
- Added some support functions in the private <syscall_restart.h> to
simplify the syscall restart code in the syscalls.
- Adjusted all syscalls that can potentially be restarted accordingly.
- _user_ioctl() sets new thread flag THREAD_FLAGS_IOCTL_SYSCALL while
calling the underlying FS's/driver's hook, so that syscall restarts
can also be supported there.
* thread_at_kernel_exit() invokes handle_signals() in a loop now, as
long as the latter indicates that the thread shall be suspended, so
that after waking up signals received in the meantime will be handled
before the thread returns to userland. Adjusted handle_signals()
accordingly -- when encountering a suspending signal we don't check
for further signals.
* Fixed sigsuspend(): Suspending the thread and rescheduling doesn't
result in the correct behavior. Instead we employ a temporary
condition variable and interruptably wait on it. The POSIX test
suite test passes, now.
* Made the switch_sem[_etc]() behavior on interruption consistent.
Depending on when the signal arrived (before the call or when already
waiting) the first semaphore would or wouldn't be released. Now we
consistently release it.
* Refactored _user_{read,write}[v]() syscalls. Use a common function for
either pair. The iovec version doesn't fail anymore, if anything could
be read/written at all. It also checks whether a complete vector
could be read/written, so that we won't skip data, if the underlying
FS/driver couldn't read/write more ATM.
* Some refactoring in the x86 syscall handler: The int 99 and sysenter
handlers use a common subroutine to avoid code duplication.



git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@23983 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Fixed _{kern|user}_{read|write}[v]() functions to not move the descriptor's
file position in case an offset was specified.
* Reverted r23828-r23830 in File.cpp: don't fix the symptoms but the cause
of the problem (hey, that has to be in the kernel, right? :))
* Cleanup of File.cpp, removed OpenBeOS namespace.
* Moved user_fd_kernel_ioctl() to the section where it belongs to (that
function should be renamed, though).


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@23832 a95241bf-73f2-0310-859d-f6bbb57e9c96

Merged branch haiku/branches/developer/bonefish/optimization revision
23139 into trunk, with roughly the following changes (for details svn
log the branch):
* The int 99 syscall handler is now fully in assembly.
* Added a sysenter/sysexit handler and use it on Pentiums that support
it (via commpage).
* Got rid of i386_handle_trap(). A bit of functionality was moved into
the assembly handler which now uses a jump table to call C functions
handling the respective interrupt.
* Some optimizations to get user debugger support code out of the
interrupt handling path.
* Introduced a thread::flags fields which allows to skip handling of
rare events (signals, user debug enabling/disabling) on the
common interrupt handling path.
* Got rid of the explicit iframe stack. The iframes can still be
retrieved by iterating through the stack frames.
* Made the commpage an architecture independent feature. It's used for
the real time data stuff (instead of creating a separate area).
* The x86 CPU modules can now provide processor optimized versions for
common functions (currently memcpy() only). They are used in the
kernel and are provided to the userland via commpage entries.
* Introduced build system feature allowing easy use of C structure
member offsets in assembly code.

Changes after merging:
* Fixed merge conflict in src/system/kernel/arch/x86/arch_debug.cpp
(caused by refactoring and introduction of "call" debugger command).



git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@23370 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Renamed fs/vfs_select.cpp to wait_for_objects.cpp and got rid of
vfs_select.h, respectively moved most of it into the new kernel
private header wait_for_objects.h.
* Added new experimental API functions wait_for_objects[_etc](). They
work pretty much like poll(), but also for semaphores, ports, and
threads.
* Removed the "ref" parameter from notify_select_events() and the
select_sync_pool functions as well as from fd_ops::fd_[de]select(). It
is no longer needed. The FS interface select() hook still has it,
though -- the VFS will always pass 0.
* de]select_fd() take a select_info* instead of a select_sync* + ref
pair, now. Added respective functions for semaphores, ports, and
threads.



git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@22416 a95241bf-73f2-0310-859d-f6bbb57e9c96

* Added a handy FDGetter AutoLocker-style class.
* In select_fd(): First get the file descriptor, then check whether any
events have to be selected at all. This has the advantage that the
caller can interpret an error return code as invalid FD. Consequently
common_poll() no longer checks FD validity separately -- this was a
race condition.
* common_poll() always selects POLLERR and POLLHUP now, which it has to
do according to the specs.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@22400 a95241bf-73f2-0310-859d-f6bbb57e9c96

* fd.c -> fd.cpp
* Reworked the select support:
- The io_context additionally stores a table of lists of select_infos,
which enables it to deselect events of a pending select() when
closing a FD. This prevents a race condition potentially causing a
write to stale memory.
- The opaque selectsync* passed to FSs is now actually a select_info*.
This was necessary, since the FDs deselect() hook (unlike the
select() hook) doesn't take a "ref" argument and deselecting a
single info (e.g. caused by a premature close()) was not possible.
The select() hook's "ref" argument has become superfluous.
- It should now be relatively easy to implement a poll_on_steroids()
that can also wait for objects other than FDs (e.g. semaphores,
ports, threads etc.).
* Set/reset the signal mask in common_select(). This makes pselect()
work as required.
* Reorganized vfs_resize_fd_table().



git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@22391 a95241bf-73f2-0310-859d-f6bbb57e9c96