1 | /* $NetBSD: kern_descrip.c,v 1.229 2015/08/03 04:55:15 christos Exp $ */ |
2 | |
3 | /*- |
4 | * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. |
5 | * All rights reserved. |
6 | * |
7 | * This code is derived from software contributed to The NetBSD Foundation |
8 | * by Andrew Doran. |
9 | * |
10 | * Redistribution and use in source and binary forms, with or without |
11 | * modification, are permitted provided that the following conditions |
12 | * are met: |
13 | * 1. Redistributions of source code must retain the above copyright |
14 | * notice, this list of conditions and the following disclaimer. |
15 | * 2. Redistributions in binary form must reproduce the above copyright |
16 | * notice, this list of conditions and the following disclaimer in the |
17 | * documentation and/or other materials provided with the distribution. |
18 | * |
19 | * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS |
20 | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED |
21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS |
23 | * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
24 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
25 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
26 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
27 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
28 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
29 | * POSSIBILITY OF SUCH DAMAGE. |
30 | */ |
31 | |
32 | /* |
33 | * Copyright (c) 1982, 1986, 1989, 1991, 1993 |
34 | * The Regents of the University of California. All rights reserved. |
35 | * (c) UNIX System Laboratories, Inc. |
36 | * All or some portions of this file are derived from material licensed |
37 | * to the University of California by American Telephone and Telegraph |
38 | * Co. or Unix System Laboratories, Inc. and are reproduced herein with |
39 | * the permission of UNIX System Laboratories, Inc. |
40 | * |
41 | * Redistribution and use in source and binary forms, with or without |
42 | * modification, are permitted provided that the following conditions |
43 | * are met: |
44 | * 1. Redistributions of source code must retain the above copyright |
45 | * notice, this list of conditions and the following disclaimer. |
46 | * 2. Redistributions in binary form must reproduce the above copyright |
47 | * notice, this list of conditions and the following disclaimer in the |
48 | * documentation and/or other materials provided with the distribution. |
49 | * 3. Neither the name of the University nor the names of its contributors |
50 | * may be used to endorse or promote products derived from this software |
51 | * without specific prior written permission. |
52 | * |
53 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
54 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
55 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
56 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
57 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
58 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
59 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
60 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
61 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
62 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
63 | * SUCH DAMAGE. |
64 | * |
65 | * @(#)kern_descrip.c 8.8 (Berkeley) 2/14/95 |
66 | */ |
67 | |
68 | /* |
69 | * File descriptor management. |
70 | */ |
71 | |
72 | #include <sys/cdefs.h> |
73 | __KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.229 2015/08/03 04:55:15 christos Exp $" ); |
74 | |
75 | #include <sys/param.h> |
76 | #include <sys/systm.h> |
77 | #include <sys/filedesc.h> |
78 | #include <sys/kernel.h> |
79 | #include <sys/proc.h> |
80 | #include <sys/file.h> |
81 | #include <sys/socket.h> |
82 | #include <sys/socketvar.h> |
83 | #include <sys/stat.h> |
84 | #include <sys/ioctl.h> |
85 | #include <sys/fcntl.h> |
86 | #include <sys/pool.h> |
87 | #include <sys/unistd.h> |
88 | #include <sys/resourcevar.h> |
89 | #include <sys/conf.h> |
90 | #include <sys/event.h> |
91 | #include <sys/kauth.h> |
92 | #include <sys/atomic.h> |
93 | #include <sys/syscallargs.h> |
94 | #include <sys/cpu.h> |
95 | #include <sys/kmem.h> |
96 | #include <sys/vnode.h> |
97 | #include <sys/sysctl.h> |
98 | #include <sys/ktrace.h> |
99 | |
100 | /* |
101 | * A list (head) of open files, counter, and lock protecting them. |
102 | */ |
103 | struct filelist filehead __cacheline_aligned; |
104 | static u_int nfiles __cacheline_aligned; |
105 | kmutex_t filelist_lock __cacheline_aligned; |
106 | |
107 | static pool_cache_t filedesc_cache __read_mostly; |
108 | static pool_cache_t file_cache __read_mostly; |
109 | static pool_cache_t fdfile_cache __read_mostly; |
110 | |
111 | static int file_ctor(void *, void *, int); |
112 | static void file_dtor(void *, void *); |
113 | static int fdfile_ctor(void *, void *, int); |
114 | static void fdfile_dtor(void *, void *); |
115 | static int filedesc_ctor(void *, void *, int); |
116 | static void filedesc_dtor(void *, void *); |
117 | static int filedescopen(dev_t, int, int, lwp_t *); |
118 | |
119 | static int sysctl_kern_file(SYSCTLFN_PROTO); |
120 | static int sysctl_kern_file2(SYSCTLFN_PROTO); |
121 | static void fill_file(struct kinfo_file *, const file_t *, const fdfile_t *, |
122 | int, pid_t); |
123 | |
124 | const struct cdevsw filedesc_cdevsw = { |
125 | .d_open = filedescopen, |
126 | .d_close = noclose, |
127 | .d_read = noread, |
128 | .d_write = nowrite, |
129 | .d_ioctl = noioctl, |
130 | .d_stop = nostop, |
131 | .d_tty = notty, |
132 | .d_poll = nopoll, |
133 | .d_mmap = nommap, |
134 | .d_kqfilter = nokqfilter, |
135 | .d_discard = nodiscard, |
136 | .d_flag = D_OTHER | D_MPSAFE |
137 | }; |
138 | |
139 | /* For ease of reading. */ |
140 | __strong_alias(fd_putvnode,fd_putfile) |
141 | __strong_alias(fd_putsock,fd_putfile) |
142 | |
143 | /* |
144 | * Initialize the descriptor system. |
145 | */ |
146 | void |
147 | fd_sys_init(void) |
148 | { |
149 | static struct sysctllog *clog; |
150 | |
151 | mutex_init(&filelist_lock, MUTEX_DEFAULT, IPL_NONE); |
152 | |
153 | file_cache = pool_cache_init(sizeof(file_t), coherency_unit, 0, |
154 | 0, "file" , NULL, IPL_NONE, file_ctor, file_dtor, NULL); |
155 | KASSERT(file_cache != NULL); |
156 | |
157 | fdfile_cache = pool_cache_init(sizeof(fdfile_t), coherency_unit, 0, |
158 | PR_LARGECACHE, "fdfile" , NULL, IPL_NONE, fdfile_ctor, fdfile_dtor, |
159 | NULL); |
160 | KASSERT(fdfile_cache != NULL); |
161 | |
162 | filedesc_cache = pool_cache_init(sizeof(filedesc_t), coherency_unit, |
163 | 0, 0, "filedesc" , NULL, IPL_NONE, filedesc_ctor, filedesc_dtor, |
164 | NULL); |
165 | KASSERT(filedesc_cache != NULL); |
166 | |
167 | sysctl_createv(&clog, 0, NULL, NULL, |
168 | CTLFLAG_PERMANENT, |
169 | CTLTYPE_STRUCT, "file" , |
170 | SYSCTL_DESCR("System open file table" ), |
171 | sysctl_kern_file, 0, NULL, 0, |
172 | CTL_KERN, KERN_FILE, CTL_EOL); |
173 | sysctl_createv(&clog, 0, NULL, NULL, |
174 | CTLFLAG_PERMANENT, |
175 | CTLTYPE_STRUCT, "file2" , |
176 | SYSCTL_DESCR("System open file table" ), |
177 | sysctl_kern_file2, 0, NULL, 0, |
178 | CTL_KERN, KERN_FILE2, CTL_EOL); |
179 | } |
180 | |
181 | static bool |
182 | fd_isused(filedesc_t *fdp, unsigned fd) |
183 | { |
184 | u_int off = fd >> NDENTRYSHIFT; |
185 | |
186 | KASSERT(fd < fdp->fd_dt->dt_nfiles); |
187 | |
188 | return (fdp->fd_lomap[off] & (1 << (fd & NDENTRYMASK))) != 0; |
189 | } |
190 | |
191 | /* |
192 | * Verify that the bitmaps match the descriptor table. |
193 | */ |
194 | static inline void |
195 | fd_checkmaps(filedesc_t *fdp) |
196 | { |
197 | #ifdef DEBUG |
198 | fdtab_t *dt; |
199 | u_int fd; |
200 | |
201 | dt = fdp->fd_dt; |
202 | if (fdp->fd_refcnt == -1) { |
203 | /* |
204 | * fd_free tears down the table without maintaining its bitmap. |
205 | */ |
206 | return; |
207 | } |
208 | for (fd = 0; fd < dt->dt_nfiles; fd++) { |
209 | if (fd < NDFDFILE) { |
210 | KASSERT(dt->dt_ff[fd] == |
211 | (fdfile_t *)fdp->fd_dfdfile[fd]); |
212 | } |
213 | if (dt->dt_ff[fd] == NULL) { |
214 | KASSERT(!fd_isused(fdp, fd)); |
215 | } else if (dt->dt_ff[fd]->ff_file != NULL) { |
216 | KASSERT(fd_isused(fdp, fd)); |
217 | } |
218 | } |
219 | #endif |
220 | } |
221 | |
222 | static int |
223 | fd_next_zero(filedesc_t *fdp, uint32_t *bitmap, int want, u_int bits) |
224 | { |
225 | int i, off, maxoff; |
226 | uint32_t sub; |
227 | |
228 | KASSERT(mutex_owned(&fdp->fd_lock)); |
229 | |
230 | fd_checkmaps(fdp); |
231 | |
232 | if (want > bits) |
233 | return -1; |
234 | |
235 | off = want >> NDENTRYSHIFT; |
236 | i = want & NDENTRYMASK; |
237 | if (i) { |
238 | sub = bitmap[off] | ((u_int)~0 >> (NDENTRIES - i)); |
239 | if (sub != ~0) |
240 | goto found; |
241 | off++; |
242 | } |
243 | |
244 | maxoff = NDLOSLOTS(bits); |
245 | while (off < maxoff) { |
246 | if ((sub = bitmap[off]) != ~0) |
247 | goto found; |
248 | off++; |
249 | } |
250 | |
251 | return -1; |
252 | |
253 | found: |
254 | return (off << NDENTRYSHIFT) + ffs(~sub) - 1; |
255 | } |
256 | |
257 | static int |
258 | fd_last_set(filedesc_t *fd, int last) |
259 | { |
260 | int off, i; |
261 | fdfile_t **ff = fd->fd_dt->dt_ff; |
262 | uint32_t *bitmap = fd->fd_lomap; |
263 | |
264 | KASSERT(mutex_owned(&fd->fd_lock)); |
265 | |
266 | fd_checkmaps(fd); |
267 | |
268 | off = (last - 1) >> NDENTRYSHIFT; |
269 | |
270 | while (off >= 0 && !bitmap[off]) |
271 | off--; |
272 | |
273 | if (off < 0) |
274 | return -1; |
275 | |
276 | i = ((off + 1) << NDENTRYSHIFT) - 1; |
277 | if (i >= last) |
278 | i = last - 1; |
279 | |
280 | /* XXX should use bitmap */ |
281 | while (i > 0 && (ff[i] == NULL || !ff[i]->ff_allocated)) |
282 | i--; |
283 | |
284 | return i; |
285 | } |
286 | |
287 | static inline void |
288 | fd_used(filedesc_t *fdp, unsigned fd) |
289 | { |
290 | u_int off = fd >> NDENTRYSHIFT; |
291 | fdfile_t *ff; |
292 | |
293 | ff = fdp->fd_dt->dt_ff[fd]; |
294 | |
295 | KASSERT(mutex_owned(&fdp->fd_lock)); |
296 | KASSERT((fdp->fd_lomap[off] & (1 << (fd & NDENTRYMASK))) == 0); |
297 | KASSERT(ff != NULL); |
298 | KASSERT(ff->ff_file == NULL); |
299 | KASSERT(!ff->ff_allocated); |
300 | |
301 | ff->ff_allocated = true; |
302 | fdp->fd_lomap[off] |= 1 << (fd & NDENTRYMASK); |
303 | if (__predict_false(fdp->fd_lomap[off] == ~0)) { |
304 | KASSERT((fdp->fd_himap[off >> NDENTRYSHIFT] & |
305 | (1 << (off & NDENTRYMASK))) == 0); |
306 | fdp->fd_himap[off >> NDENTRYSHIFT] |= 1 << (off & NDENTRYMASK); |
307 | } |
308 | |
309 | if ((int)fd > fdp->fd_lastfile) { |
310 | fdp->fd_lastfile = fd; |
311 | } |
312 | |
313 | fd_checkmaps(fdp); |
314 | } |
315 | |
316 | static inline void |
317 | fd_unused(filedesc_t *fdp, unsigned fd) |
318 | { |
319 | u_int off = fd >> NDENTRYSHIFT; |
320 | fdfile_t *ff; |
321 | |
322 | ff = fdp->fd_dt->dt_ff[fd]; |
323 | |
324 | /* |
325 | * Don't assert the lock is held here, as we may be copying |
326 | * the table during exec() and it is not needed there. |
327 | * procfs and sysctl are locked out by proc::p_reflock. |
328 | * |
329 | * KASSERT(mutex_owned(&fdp->fd_lock)); |
330 | */ |
331 | KASSERT(ff != NULL); |
332 | KASSERT(ff->ff_file == NULL); |
333 | KASSERT(ff->ff_allocated); |
334 | |
335 | if (fd < fdp->fd_freefile) { |
336 | fdp->fd_freefile = fd; |
337 | } |
338 | |
339 | if (fdp->fd_lomap[off] == ~0) { |
340 | KASSERT((fdp->fd_himap[off >> NDENTRYSHIFT] & |
341 | (1 << (off & NDENTRYMASK))) != 0); |
342 | fdp->fd_himap[off >> NDENTRYSHIFT] &= |
343 | ~(1 << (off & NDENTRYMASK)); |
344 | } |
345 | KASSERT((fdp->fd_lomap[off] & (1 << (fd & NDENTRYMASK))) != 0); |
346 | fdp->fd_lomap[off] &= ~(1 << (fd & NDENTRYMASK)); |
347 | ff->ff_allocated = false; |
348 | |
349 | KASSERT(fd <= fdp->fd_lastfile); |
350 | if (fd == fdp->fd_lastfile) { |
351 | fdp->fd_lastfile = fd_last_set(fdp, fd); |
352 | } |
353 | fd_checkmaps(fdp); |
354 | } |
355 | |
356 | /* |
357 | * Look up the file structure corresponding to a file descriptor |
358 | * and return the file, holding a reference on the descriptor. |
359 | */ |
360 | file_t * |
361 | fd_getfile(unsigned fd) |
362 | { |
363 | filedesc_t *fdp; |
364 | fdfile_t *ff; |
365 | file_t *fp; |
366 | fdtab_t *dt; |
367 | |
368 | /* |
369 | * Look up the fdfile structure representing this descriptor. |
370 | * We are doing this unlocked. See fd_tryexpand(). |
371 | */ |
372 | fdp = curlwp->l_fd; |
373 | dt = fdp->fd_dt; |
374 | if (__predict_false(fd >= dt->dt_nfiles)) { |
375 | return NULL; |
376 | } |
377 | ff = dt->dt_ff[fd]; |
378 | KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]); |
379 | if (__predict_false(ff == NULL)) { |
380 | return NULL; |
381 | } |
382 | |
383 | /* Now get a reference to the descriptor. */ |
384 | if (fdp->fd_refcnt == 1) { |
385 | /* |
386 | * Single threaded: don't need to worry about concurrent |
387 | * access (other than earlier calls to kqueue, which may |
388 | * hold a reference to the descriptor). |
389 | */ |
390 | ff->ff_refcnt++; |
391 | } else { |
392 | /* |
393 | * Multi threaded: issue a memory barrier to ensure that we |
394 | * acquire the file pointer _after_ adding a reference. If |
395 | * no memory barrier, we could fetch a stale pointer. |
396 | */ |
397 | atomic_inc_uint(&ff->ff_refcnt); |
398 | #ifndef __HAVE_ATOMIC_AS_MEMBAR |
399 | membar_enter(); |
400 | #endif |
401 | } |
402 | |
403 | /* |
404 | * If the file is not open or is being closed then put the |
405 | * reference back. |
406 | */ |
407 | fp = ff->ff_file; |
408 | if (__predict_true(fp != NULL)) { |
409 | return fp; |
410 | } |
411 | fd_putfile(fd); |
412 | return NULL; |
413 | } |
414 | |
415 | /* |
416 | * Release a reference to a file descriptor acquired with fd_getfile(). |
417 | */ |
418 | void |
419 | fd_putfile(unsigned fd) |
420 | { |
421 | filedesc_t *fdp; |
422 | fdfile_t *ff; |
423 | u_int u, v; |
424 | |
425 | fdp = curlwp->l_fd; |
426 | ff = fdp->fd_dt->dt_ff[fd]; |
427 | |
428 | KASSERT(fd < fdp->fd_dt->dt_nfiles); |
429 | KASSERT(ff != NULL); |
430 | KASSERT((ff->ff_refcnt & FR_MASK) > 0); |
431 | KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]); |
432 | |
433 | if (fdp->fd_refcnt == 1) { |
434 | /* |
435 | * Single threaded: don't need to worry about concurrent |
436 | * access (other than earlier calls to kqueue, which may |
437 | * hold a reference to the descriptor). |
438 | */ |
439 | if (__predict_false((ff->ff_refcnt & FR_CLOSING) != 0)) { |
440 | fd_close(fd); |
441 | return; |
442 | } |
443 | ff->ff_refcnt--; |
444 | return; |
445 | } |
446 | |
447 | /* |
448 | * Ensure that any use of the file is complete and globally |
449 | * visible before dropping the final reference. If no membar, |
450 | * the current CPU could still access memory associated with |
451 | * the file after it has been freed or recycled by another |
452 | * CPU. |
453 | */ |
454 | #ifndef __HAVE_ATOMIC_AS_MEMBAR |
455 | membar_exit(); |
456 | #endif |
457 | |
458 | /* |
459 | * Be optimistic and start out with the assumption that no other |
460 | * threads are trying to close the descriptor. If the CAS fails, |
461 | * we lost a race and/or it's being closed. |
462 | */ |
463 | for (u = ff->ff_refcnt & FR_MASK;; u = v) { |
464 | v = atomic_cas_uint(&ff->ff_refcnt, u, u - 1); |
465 | if (__predict_true(u == v)) { |
466 | return; |
467 | } |
468 | if (__predict_false((v & FR_CLOSING) != 0)) { |
469 | break; |
470 | } |
471 | } |
472 | |
473 | /* Another thread is waiting to close the file: join it. */ |
474 | (void)fd_close(fd); |
475 | } |
476 | |
477 | /* |
478 | * Convenience wrapper around fd_getfile() that returns reference |
479 | * to a vnode. |
480 | */ |
481 | int |
482 | fd_getvnode(unsigned fd, file_t **fpp) |
483 | { |
484 | vnode_t *vp; |
485 | file_t *fp; |
486 | |
487 | fp = fd_getfile(fd); |
488 | if (__predict_false(fp == NULL)) { |
489 | return EBADF; |
490 | } |
491 | if (__predict_false(fp->f_type != DTYPE_VNODE)) { |
492 | fd_putfile(fd); |
493 | return EINVAL; |
494 | } |
495 | vp = fp->f_vnode; |
496 | if (__predict_false(vp->v_type == VBAD)) { |
497 | /* XXX Is this case really necessary? */ |
498 | fd_putfile(fd); |
499 | return EBADF; |
500 | } |
501 | *fpp = fp; |
502 | return 0; |
503 | } |
504 | |
505 | /* |
506 | * Convenience wrapper around fd_getfile() that returns reference |
507 | * to a socket. |
508 | */ |
509 | int |
510 | fd_getsock1(unsigned fd, struct socket **sop, file_t **fp) |
511 | { |
512 | *fp = fd_getfile(fd); |
513 | if (__predict_false(*fp == NULL)) { |
514 | return EBADF; |
515 | } |
516 | if (__predict_false((*fp)->f_type != DTYPE_SOCKET)) { |
517 | fd_putfile(fd); |
518 | return ENOTSOCK; |
519 | } |
520 | *sop = (*fp)->f_socket; |
521 | return 0; |
522 | } |
523 | |
524 | int |
525 | fd_getsock(unsigned fd, struct socket **sop) |
526 | { |
527 | file_t *fp; |
528 | return fd_getsock1(fd, sop, &fp); |
529 | } |
530 | |
531 | /* |
532 | * Look up the file structure corresponding to a file descriptor |
533 | * and return it with a reference held on the file, not the |
534 | * descriptor. |
535 | * |
536 | * This is heavyweight and only used when accessing descriptors |
537 | * from a foreign process. The caller must ensure that `p' does |
538 | * not exit or fork across this call. |
539 | * |
540 | * To release the file (not descriptor) reference, use closef(). |
541 | */ |
542 | file_t * |
543 | fd_getfile2(proc_t *p, unsigned fd) |
544 | { |
545 | filedesc_t *fdp; |
546 | fdfile_t *ff; |
547 | file_t *fp; |
548 | fdtab_t *dt; |
549 | |
550 | fdp = p->p_fd; |
551 | mutex_enter(&fdp->fd_lock); |
552 | dt = fdp->fd_dt; |
553 | if (fd >= dt->dt_nfiles) { |
554 | mutex_exit(&fdp->fd_lock); |
555 | return NULL; |
556 | } |
557 | if ((ff = dt->dt_ff[fd]) == NULL) { |
558 | mutex_exit(&fdp->fd_lock); |
559 | return NULL; |
560 | } |
561 | if ((fp = ff->ff_file) == NULL) { |
562 | mutex_exit(&fdp->fd_lock); |
563 | return NULL; |
564 | } |
565 | mutex_enter(&fp->f_lock); |
566 | fp->f_count++; |
567 | mutex_exit(&fp->f_lock); |
568 | mutex_exit(&fdp->fd_lock); |
569 | |
570 | return fp; |
571 | } |
572 | |
573 | /* |
574 | * Internal form of close. Must be called with a reference to the |
575 | * descriptor, and will drop the reference. When all descriptor |
576 | * references are dropped, releases the descriptor slot and a single |
577 | * reference to the file structure. |
578 | */ |
579 | int |
580 | fd_close(unsigned fd) |
581 | { |
582 | struct flock lf; |
583 | filedesc_t *fdp; |
584 | fdfile_t *ff; |
585 | file_t *fp; |
586 | proc_t *p; |
587 | lwp_t *l; |
588 | u_int refcnt; |
589 | |
590 | l = curlwp; |
591 | p = l->l_proc; |
592 | fdp = l->l_fd; |
593 | ff = fdp->fd_dt->dt_ff[fd]; |
594 | |
595 | KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]); |
596 | |
597 | mutex_enter(&fdp->fd_lock); |
598 | KASSERT((ff->ff_refcnt & FR_MASK) > 0); |
599 | if (__predict_false(ff->ff_file == NULL)) { |
600 | /* |
601 | * Another user of the file is already closing, and is |
602 | * waiting for other users of the file to drain. Release |
603 | * our reference, and wake up the closer. |
604 | */ |
605 | atomic_dec_uint(&ff->ff_refcnt); |
606 | cv_broadcast(&ff->ff_closing); |
607 | mutex_exit(&fdp->fd_lock); |
608 | |
609 | /* |
610 | * An application error, so pretend that the descriptor |
611 | * was already closed. We can't safely wait for it to |
612 | * be closed without potentially deadlocking. |
613 | */ |
614 | return (EBADF); |
615 | } |
616 | KASSERT((ff->ff_refcnt & FR_CLOSING) == 0); |
617 | |
618 | /* |
619 | * There may be multiple users of this file within the process. |
620 | * Notify existing and new users that the file is closing. This |
621 | * will prevent them from adding additional uses to this file |
622 | * while we are closing it. |
623 | */ |
624 | fp = ff->ff_file; |
625 | ff->ff_file = NULL; |
626 | ff->ff_exclose = false; |
627 | |
628 | /* |
629 | * We expect the caller to hold a descriptor reference - drop it. |
630 | * The reference count may increase beyond zero at this point due |
631 | * to an erroneous descriptor reference by an application, but |
632 | * fd_getfile() will notice that the file is being closed and drop |
633 | * the reference again. |
634 | */ |
635 | if (fdp->fd_refcnt == 1) { |
636 | /* Single threaded. */ |
637 | refcnt = --(ff->ff_refcnt); |
638 | } else { |
639 | /* Multi threaded. */ |
640 | #ifndef __HAVE_ATOMIC_AS_MEMBAR |
641 | membar_producer(); |
642 | #endif |
643 | refcnt = atomic_dec_uint_nv(&ff->ff_refcnt); |
644 | } |
645 | if (__predict_false(refcnt != 0)) { |
646 | /* |
647 | * Wait for other references to drain. This is typically |
648 | * an application error - the descriptor is being closed |
649 | * while still in use. |
650 | * (Or just a threaded application trying to unblock its |
651 | * thread that sleeps in (say) accept()). |
652 | */ |
653 | atomic_or_uint(&ff->ff_refcnt, FR_CLOSING); |
654 | |
655 | /* |
656 | * Remove any knotes attached to the file. A knote |
657 | * attached to the descriptor can hold references on it. |
658 | */ |
659 | mutex_exit(&fdp->fd_lock); |
660 | if (!SLIST_EMPTY(&ff->ff_knlist)) { |
661 | knote_fdclose(fd); |
662 | } |
663 | |
664 | /* |
665 | * Since the file system code doesn't know which fd |
666 | * each request came from (think dup()), we have to |
667 | * ask it to return ERESTART for any long-term blocks. |
668 | * The re-entry through read/write/etc will detect the |
669 | * closed fd and return EBAFD. |
670 | * Blocked partial writes may return a short length. |
671 | */ |
672 | (*fp->f_ops->fo_restart)(fp); |
673 | mutex_enter(&fdp->fd_lock); |
674 | |
675 | /* |
676 | * We need to see the count drop to zero at least once, |
677 | * in order to ensure that all pre-existing references |
678 | * have been drained. New references past this point are |
679 | * of no interest. |
680 | * XXX (dsl) this may need to call fo_restart() after a |
681 | * timeout to guarantee that all the system calls exit. |
682 | */ |
683 | while ((ff->ff_refcnt & FR_MASK) != 0) { |
684 | cv_wait(&ff->ff_closing, &fdp->fd_lock); |
685 | } |
686 | atomic_and_uint(&ff->ff_refcnt, ~FR_CLOSING); |
687 | } else { |
688 | /* If no references, there must be no knotes. */ |
689 | KASSERT(SLIST_EMPTY(&ff->ff_knlist)); |
690 | } |
691 | |
692 | /* |
693 | * POSIX record locking dictates that any close releases ALL |
694 | * locks owned by this process. This is handled by setting |
695 | * a flag in the unlock to free ONLY locks obeying POSIX |
696 | * semantics, and not to free BSD-style file locks. |
697 | * If the descriptor was in a message, POSIX-style locks |
698 | * aren't passed with the descriptor. |
699 | */ |
700 | if (__predict_false((p->p_flag & PK_ADVLOCK) != 0 && |
701 | fp->f_type == DTYPE_VNODE)) { |
702 | lf.l_whence = SEEK_SET; |
703 | lf.l_start = 0; |
704 | lf.l_len = 0; |
705 | lf.l_type = F_UNLCK; |
706 | mutex_exit(&fdp->fd_lock); |
707 | (void)VOP_ADVLOCK(fp->f_vnode, p, F_UNLCK, &lf, F_POSIX); |
708 | mutex_enter(&fdp->fd_lock); |
709 | } |
710 | |
711 | /* Free descriptor slot. */ |
712 | fd_unused(fdp, fd); |
713 | mutex_exit(&fdp->fd_lock); |
714 | |
715 | /* Now drop reference to the file itself. */ |
716 | return closef(fp); |
717 | } |
718 | |
719 | /* |
720 | * Duplicate a file descriptor. |
721 | */ |
722 | int |
723 | fd_dup(file_t *fp, int minfd, int *newp, bool exclose) |
724 | { |
725 | proc_t *p = curproc; |
726 | int error; |
727 | |
728 | while ((error = fd_alloc(p, minfd, newp)) != 0) { |
729 | if (error != ENOSPC) { |
730 | return error; |
731 | } |
732 | fd_tryexpand(p); |
733 | } |
734 | |
735 | curlwp->l_fd->fd_dt->dt_ff[*newp]->ff_exclose = exclose; |
736 | fd_affix(p, fp, *newp); |
737 | return 0; |
738 | } |
739 | |
740 | /* |
741 | * dup2 operation. |
742 | */ |
743 | int |
744 | fd_dup2(file_t *fp, unsigned newfd, int flags) |
745 | { |
746 | filedesc_t *fdp = curlwp->l_fd; |
747 | fdfile_t *ff; |
748 | fdtab_t *dt; |
749 | |
750 | if (flags & ~(O_CLOEXEC|O_NONBLOCK)) |
751 | return EINVAL; |
752 | /* |
753 | * Ensure there are enough slots in the descriptor table, |
754 | * and allocate an fdfile_t up front in case we need it. |
755 | */ |
756 | while (newfd >= fdp->fd_dt->dt_nfiles) { |
757 | fd_tryexpand(curproc); |
758 | } |
759 | ff = pool_cache_get(fdfile_cache, PR_WAITOK); |
760 | |
761 | /* |
762 | * If there is already a file open, close it. If the file is |
763 | * half open, wait for it to be constructed before closing it. |
764 | * XXX Potential for deadlock here? |
765 | */ |
766 | mutex_enter(&fdp->fd_lock); |
767 | while (fd_isused(fdp, newfd)) { |
768 | mutex_exit(&fdp->fd_lock); |
769 | if (fd_getfile(newfd) != NULL) { |
770 | (void)fd_close(newfd); |
771 | } else { |
772 | /* |
773 | * Crummy, but unlikely to happen. |
774 | * Can occur if we interrupt another |
775 | * thread while it is opening a file. |
776 | */ |
777 | kpause("dup2" , false, 1, NULL); |
778 | } |
779 | mutex_enter(&fdp->fd_lock); |
780 | } |
781 | dt = fdp->fd_dt; |
782 | if (dt->dt_ff[newfd] == NULL) { |
783 | KASSERT(newfd >= NDFDFILE); |
784 | dt->dt_ff[newfd] = ff; |
785 | ff = NULL; |
786 | } |
787 | fd_used(fdp, newfd); |
788 | mutex_exit(&fdp->fd_lock); |
789 | |
790 | dt->dt_ff[newfd]->ff_exclose = (flags & O_CLOEXEC) != 0; |
791 | fp->f_flag |= flags & FNONBLOCK; |
792 | /* Slot is now allocated. Insert copy of the file. */ |
793 | fd_affix(curproc, fp, newfd); |
794 | if (ff != NULL) { |
795 | pool_cache_put(fdfile_cache, ff); |
796 | } |
797 | return 0; |
798 | } |
799 | |
800 | /* |
801 | * Drop reference to a file structure. |
802 | */ |
803 | int |
804 | closef(file_t *fp) |
805 | { |
806 | struct flock lf; |
807 | int error; |
808 | |
809 | /* |
810 | * Drop reference. If referenced elsewhere it's still open |
811 | * and we have nothing more to do. |
812 | */ |
813 | mutex_enter(&fp->f_lock); |
814 | KASSERT(fp->f_count > 0); |
815 | if (--fp->f_count > 0) { |
816 | mutex_exit(&fp->f_lock); |
817 | return 0; |
818 | } |
819 | KASSERT(fp->f_count == 0); |
820 | mutex_exit(&fp->f_lock); |
821 | |
822 | /* We held the last reference - release locks, close and free. */ |
823 | if ((fp->f_flag & FHASLOCK) && fp->f_type == DTYPE_VNODE) { |
824 | lf.l_whence = SEEK_SET; |
825 | lf.l_start = 0; |
826 | lf.l_len = 0; |
827 | lf.l_type = F_UNLCK; |
828 | (void)VOP_ADVLOCK(fp->f_vnode, fp, F_UNLCK, &lf, F_FLOCK); |
829 | } |
830 | if (fp->f_ops != NULL) { |
831 | error = (*fp->f_ops->fo_close)(fp); |
832 | } else { |
833 | error = 0; |
834 | } |
835 | KASSERT(fp->f_count == 0); |
836 | KASSERT(fp->f_cred != NULL); |
837 | pool_cache_put(file_cache, fp); |
838 | |
839 | return error; |
840 | } |
841 | |
842 | /* |
843 | * Allocate a file descriptor for the process. |
844 | */ |
845 | int |
846 | fd_alloc(proc_t *p, int want, int *result) |
847 | { |
848 | filedesc_t *fdp = p->p_fd; |
849 | int i, lim, last, error, hi; |
850 | u_int off; |
851 | fdtab_t *dt; |
852 | |
853 | KASSERT(p == curproc || p == &proc0); |
854 | |
855 | /* |
856 | * Search for a free descriptor starting at the higher |
857 | * of want or fd_freefile. |
858 | */ |
859 | mutex_enter(&fdp->fd_lock); |
860 | fd_checkmaps(fdp); |
861 | dt = fdp->fd_dt; |
862 | KASSERT(dt->dt_ff[0] == (fdfile_t *)fdp->fd_dfdfile[0]); |
863 | lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfiles); |
864 | last = min(dt->dt_nfiles, lim); |
865 | for (;;) { |
866 | if ((i = want) < fdp->fd_freefile) |
867 | i = fdp->fd_freefile; |
868 | off = i >> NDENTRYSHIFT; |
869 | hi = fd_next_zero(fdp, fdp->fd_himap, off, |
870 | (last + NDENTRIES - 1) >> NDENTRYSHIFT); |
871 | if (hi == -1) |
872 | break; |
873 | i = fd_next_zero(fdp, &fdp->fd_lomap[hi], |
874 | hi > off ? 0 : i & NDENTRYMASK, NDENTRIES); |
875 | if (i == -1) { |
876 | /* |
877 | * Free file descriptor in this block was |
878 | * below want, try again with higher want. |
879 | */ |
880 | want = (hi + 1) << NDENTRYSHIFT; |
881 | continue; |
882 | } |
883 | i += (hi << NDENTRYSHIFT); |
884 | if (i >= last) { |
885 | break; |
886 | } |
887 | if (dt->dt_ff[i] == NULL) { |
888 | KASSERT(i >= NDFDFILE); |
889 | dt->dt_ff[i] = pool_cache_get(fdfile_cache, PR_WAITOK); |
890 | } |
891 | KASSERT(dt->dt_ff[i]->ff_file == NULL); |
892 | fd_used(fdp, i); |
893 | if (want <= fdp->fd_freefile) { |
894 | fdp->fd_freefile = i; |
895 | } |
896 | *result = i; |
897 | KASSERT(i >= NDFDFILE || |
898 | dt->dt_ff[i] == (fdfile_t *)fdp->fd_dfdfile[i]); |
899 | fd_checkmaps(fdp); |
900 | mutex_exit(&fdp->fd_lock); |
901 | return 0; |
902 | } |
903 | |
904 | /* No space in current array. Let the caller expand and retry. */ |
905 | error = (dt->dt_nfiles >= lim) ? EMFILE : ENOSPC; |
906 | mutex_exit(&fdp->fd_lock); |
907 | return error; |
908 | } |
909 | |
910 | /* |
911 | * Allocate memory for a descriptor table. |
912 | */ |
913 | static fdtab_t * |
914 | fd_dtab_alloc(int n) |
915 | { |
916 | fdtab_t *dt; |
917 | size_t sz; |
918 | |
919 | KASSERT(n > NDFILE); |
920 | |
921 | sz = sizeof(*dt) + (n - NDFILE) * sizeof(dt->dt_ff[0]); |
922 | dt = kmem_alloc(sz, KM_SLEEP); |
923 | #ifdef DIAGNOSTIC |
924 | memset(dt, 0xff, sz); |
925 | #endif |
926 | dt->dt_nfiles = n; |
927 | dt->dt_link = NULL; |
928 | return dt; |
929 | } |
930 | |
931 | /* |
932 | * Free a descriptor table, and all tables linked for deferred free. |
933 | */ |
934 | static void |
935 | fd_dtab_free(fdtab_t *dt) |
936 | { |
937 | fdtab_t *next; |
938 | size_t sz; |
939 | |
940 | do { |
941 | next = dt->dt_link; |
942 | KASSERT(dt->dt_nfiles > NDFILE); |
943 | sz = sizeof(*dt) + |
944 | (dt->dt_nfiles - NDFILE) * sizeof(dt->dt_ff[0]); |
945 | #ifdef DIAGNOSTIC |
946 | memset(dt, 0xff, sz); |
947 | #endif |
948 | kmem_free(dt, sz); |
949 | dt = next; |
950 | } while (dt != NULL); |
951 | } |
952 | |
953 | /* |
954 | * Allocate descriptor bitmap. |
955 | */ |
956 | static void |
957 | fd_map_alloc(int n, uint32_t **lo, uint32_t **hi) |
958 | { |
959 | uint8_t *ptr; |
960 | size_t szlo, szhi; |
961 | |
962 | KASSERT(n > NDENTRIES); |
963 | |
964 | szlo = NDLOSLOTS(n) * sizeof(uint32_t); |
965 | szhi = NDHISLOTS(n) * sizeof(uint32_t); |
966 | ptr = kmem_alloc(szlo + szhi, KM_SLEEP); |
967 | *lo = (uint32_t *)ptr; |
968 | *hi = (uint32_t *)(ptr + szlo); |
969 | } |
970 | |
971 | /* |
972 | * Free descriptor bitmap. |
973 | */ |
974 | static void |
975 | fd_map_free(int n, uint32_t *lo, uint32_t *hi) |
976 | { |
977 | size_t szlo, szhi; |
978 | |
979 | KASSERT(n > NDENTRIES); |
980 | |
981 | szlo = NDLOSLOTS(n) * sizeof(uint32_t); |
982 | szhi = NDHISLOTS(n) * sizeof(uint32_t); |
983 | KASSERT(hi == (uint32_t *)((uint8_t *)lo + szlo)); |
984 | kmem_free(lo, szlo + szhi); |
985 | } |
986 | |
987 | /* |
988 | * Expand a process' descriptor table. |
989 | */ |
990 | void |
991 | fd_tryexpand(proc_t *p) |
992 | { |
993 | filedesc_t *fdp; |
994 | int i, numfiles, oldnfiles; |
995 | fdtab_t *newdt, *dt; |
996 | uint32_t *newhimap, *newlomap; |
997 | |
998 | KASSERT(p == curproc || p == &proc0); |
999 | |
1000 | fdp = p->p_fd; |
1001 | newhimap = NULL; |
1002 | newlomap = NULL; |
1003 | oldnfiles = fdp->fd_dt->dt_nfiles; |
1004 | |
1005 | if (oldnfiles < NDEXTENT) |
1006 | numfiles = NDEXTENT; |
1007 | else |
1008 | numfiles = 2 * oldnfiles; |
1009 | |
1010 | newdt = fd_dtab_alloc(numfiles); |
1011 | if (NDHISLOTS(numfiles) > NDHISLOTS(oldnfiles)) { |
1012 | fd_map_alloc(numfiles, &newlomap, &newhimap); |
1013 | } |
1014 | |
1015 | mutex_enter(&fdp->fd_lock); |
1016 | dt = fdp->fd_dt; |
1017 | KASSERT(dt->dt_ff[0] == (fdfile_t *)fdp->fd_dfdfile[0]); |
1018 | if (dt->dt_nfiles != oldnfiles) { |
1019 | /* fdp changed; caller must retry */ |
1020 | mutex_exit(&fdp->fd_lock); |
1021 | fd_dtab_free(newdt); |
1022 | if (NDHISLOTS(numfiles) > NDHISLOTS(oldnfiles)) { |
1023 | fd_map_free(numfiles, newlomap, newhimap); |
1024 | } |
1025 | return; |
1026 | } |
1027 | |
1028 | /* Copy the existing descriptor table and zero the new portion. */ |
1029 | i = sizeof(fdfile_t *) * oldnfiles; |
1030 | memcpy(newdt->dt_ff, dt->dt_ff, i); |
1031 | memset((uint8_t *)newdt->dt_ff + i, 0, |
1032 | numfiles * sizeof(fdfile_t *) - i); |
1033 | |
1034 | /* |
1035 | * Link old descriptor array into list to be discarded. We defer |
1036 | * freeing until the last reference to the descriptor table goes |
1037 | * away (usually process exit). This allows us to do lockless |
1038 | * lookups in fd_getfile(). |
1039 | */ |
1040 | if (oldnfiles > NDFILE) { |
1041 | if (fdp->fd_refcnt > 1) { |
1042 | newdt->dt_link = dt; |
1043 | } else { |
1044 | fd_dtab_free(dt); |
1045 | } |
1046 | } |
1047 | |
1048 | if (NDHISLOTS(numfiles) > NDHISLOTS(oldnfiles)) { |
1049 | i = NDHISLOTS(oldnfiles) * sizeof(uint32_t); |
1050 | memcpy(newhimap, fdp->fd_himap, i); |
1051 | memset((uint8_t *)newhimap + i, 0, |
1052 | NDHISLOTS(numfiles) * sizeof(uint32_t) - i); |
1053 | |
1054 | i = NDLOSLOTS(oldnfiles) * sizeof(uint32_t); |
1055 | memcpy(newlomap, fdp->fd_lomap, i); |
1056 | memset((uint8_t *)newlomap + i, 0, |
1057 | NDLOSLOTS(numfiles) * sizeof(uint32_t) - i); |
1058 | |
1059 | if (NDHISLOTS(oldnfiles) > NDHISLOTS(NDFILE)) { |
1060 | fd_map_free(oldnfiles, fdp->fd_lomap, fdp->fd_himap); |
1061 | } |
1062 | fdp->fd_himap = newhimap; |
1063 | fdp->fd_lomap = newlomap; |
1064 | } |
1065 | |
1066 | /* |
1067 | * All other modifications must become globally visible before |
1068 | * the change to fd_dt. See fd_getfile(). |
1069 | */ |
1070 | membar_producer(); |
1071 | fdp->fd_dt = newdt; |
1072 | KASSERT(newdt->dt_ff[0] == (fdfile_t *)fdp->fd_dfdfile[0]); |
1073 | fd_checkmaps(fdp); |
1074 | mutex_exit(&fdp->fd_lock); |
1075 | } |
1076 | |
1077 | /* |
1078 | * Create a new open file structure and allocate a file descriptor |
1079 | * for the current process. |
1080 | */ |
1081 | int |
1082 | fd_allocfile(file_t **resultfp, int *resultfd) |
1083 | { |
1084 | proc_t *p = curproc; |
1085 | kauth_cred_t cred; |
1086 | file_t *fp; |
1087 | int error; |
1088 | |
1089 | while ((error = fd_alloc(p, 0, resultfd)) != 0) { |
1090 | if (error != ENOSPC) { |
1091 | return error; |
1092 | } |
1093 | fd_tryexpand(p); |
1094 | } |
1095 | |
1096 | fp = pool_cache_get(file_cache, PR_WAITOK); |
1097 | if (fp == NULL) { |
1098 | fd_abort(p, NULL, *resultfd); |
1099 | return ENFILE; |
1100 | } |
1101 | KASSERT(fp->f_count == 0); |
1102 | KASSERT(fp->f_msgcount == 0); |
1103 | KASSERT(fp->f_unpcount == 0); |
1104 | |
1105 | /* Replace cached credentials if not what we need. */ |
1106 | cred = curlwp->l_cred; |
1107 | if (__predict_false(cred != fp->f_cred)) { |
1108 | kauth_cred_free(fp->f_cred); |
1109 | kauth_cred_hold(cred); |
1110 | fp->f_cred = cred; |
1111 | } |
1112 | |
1113 | /* |
1114 | * Don't allow recycled files to be scanned. |
1115 | * See uipc_usrreq.c. |
1116 | */ |
1117 | if (__predict_false((fp->f_flag & FSCAN) != 0)) { |
1118 | mutex_enter(&fp->f_lock); |
1119 | atomic_and_uint(&fp->f_flag, ~FSCAN); |
1120 | mutex_exit(&fp->f_lock); |
1121 | } |
1122 | |
1123 | fp->f_advice = 0; |
1124 | fp->f_offset = 0; |
1125 | *resultfp = fp; |
1126 | |
1127 | return 0; |
1128 | } |
1129 | |
1130 | /* |
1131 | * Successful creation of a new descriptor: make visible to the process. |
1132 | */ |
1133 | void |
1134 | fd_affix(proc_t *p, file_t *fp, unsigned fd) |
1135 | { |
1136 | fdfile_t *ff; |
1137 | filedesc_t *fdp; |
1138 | |
1139 | KASSERT(p == curproc || p == &proc0); |
1140 | |
1141 | /* Add a reference to the file structure. */ |
1142 | mutex_enter(&fp->f_lock); |
1143 | fp->f_count++; |
1144 | mutex_exit(&fp->f_lock); |
1145 | |
1146 | /* |
1147 | * Insert the new file into the descriptor slot. |
1148 | * |
1149 | * The memory barriers provided by lock activity in this routine |
1150 | * ensure that any updates to the file structure become globally |
1151 | * visible before the file becomes visible to other LWPs in the |
1152 | * current process. |
1153 | */ |
1154 | fdp = p->p_fd; |
1155 | ff = fdp->fd_dt->dt_ff[fd]; |
1156 | |
1157 | KASSERT(ff != NULL); |
1158 | KASSERT(ff->ff_file == NULL); |
1159 | KASSERT(ff->ff_allocated); |
1160 | KASSERT(fd_isused(fdp, fd)); |
1161 | KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]); |
1162 | |
1163 | /* No need to lock in order to make file initially visible. */ |
1164 | ff->ff_file = fp; |
1165 | } |
1166 | |
1167 | /* |
1168 | * Abort creation of a new descriptor: free descriptor slot and file. |
1169 | */ |
1170 | void |
1171 | fd_abort(proc_t *p, file_t *fp, unsigned fd) |
1172 | { |
1173 | filedesc_t *fdp; |
1174 | fdfile_t *ff; |
1175 | |
1176 | KASSERT(p == curproc || p == &proc0); |
1177 | |
1178 | fdp = p->p_fd; |
1179 | ff = fdp->fd_dt->dt_ff[fd]; |
1180 | ff->ff_exclose = false; |
1181 | |
1182 | KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]); |
1183 | |
1184 | mutex_enter(&fdp->fd_lock); |
1185 | KASSERT(fd_isused(fdp, fd)); |
1186 | fd_unused(fdp, fd); |
1187 | mutex_exit(&fdp->fd_lock); |
1188 | |
1189 | if (fp != NULL) { |
1190 | KASSERT(fp->f_count == 0); |
1191 | KASSERT(fp->f_cred != NULL); |
1192 | pool_cache_put(file_cache, fp); |
1193 | } |
1194 | } |
1195 | |
1196 | static int |
1197 | file_ctor(void *arg, void *obj, int flags) |
1198 | { |
1199 | file_t *fp = obj; |
1200 | |
1201 | memset(fp, 0, sizeof(*fp)); |
1202 | |
1203 | mutex_enter(&filelist_lock); |
1204 | if (__predict_false(nfiles >= maxfiles)) { |
1205 | mutex_exit(&filelist_lock); |
1206 | tablefull("file" , "increase kern.maxfiles or MAXFILES" ); |
1207 | return ENFILE; |
1208 | } |
1209 | nfiles++; |
1210 | LIST_INSERT_HEAD(&filehead, fp, f_list); |
1211 | mutex_init(&fp->f_lock, MUTEX_DEFAULT, IPL_NONE); |
1212 | fp->f_cred = curlwp->l_cred; |
1213 | kauth_cred_hold(fp->f_cred); |
1214 | mutex_exit(&filelist_lock); |
1215 | |
1216 | return 0; |
1217 | } |
1218 | |
1219 | static void |
1220 | file_dtor(void *arg, void *obj) |
1221 | { |
1222 | file_t *fp = obj; |
1223 | |
1224 | mutex_enter(&filelist_lock); |
1225 | nfiles--; |
1226 | LIST_REMOVE(fp, f_list); |
1227 | mutex_exit(&filelist_lock); |
1228 | |
1229 | kauth_cred_free(fp->f_cred); |
1230 | mutex_destroy(&fp->f_lock); |
1231 | } |
1232 | |
1233 | static int |
1234 | fdfile_ctor(void *arg, void *obj, int flags) |
1235 | { |
1236 | fdfile_t *ff = obj; |
1237 | |
1238 | memset(ff, 0, sizeof(*ff)); |
1239 | cv_init(&ff->ff_closing, "fdclose" ); |
1240 | |
1241 | return 0; |
1242 | } |
1243 | |
1244 | static void |
1245 | fdfile_dtor(void *arg, void *obj) |
1246 | { |
1247 | fdfile_t *ff = obj; |
1248 | |
1249 | cv_destroy(&ff->ff_closing); |
1250 | } |
1251 | |
1252 | file_t * |
1253 | fgetdummy(void) |
1254 | { |
1255 | file_t *fp; |
1256 | |
1257 | fp = kmem_zalloc(sizeof(*fp), KM_SLEEP); |
1258 | if (fp != NULL) { |
1259 | mutex_init(&fp->f_lock, MUTEX_DEFAULT, IPL_NONE); |
1260 | } |
1261 | return fp; |
1262 | } |
1263 | |
1264 | void |
1265 | fputdummy(file_t *fp) |
1266 | { |
1267 | |
1268 | mutex_destroy(&fp->f_lock); |
1269 | kmem_free(fp, sizeof(*fp)); |
1270 | } |
1271 | |
1272 | /* |
1273 | * Create an initial filedesc structure. |
1274 | */ |
1275 | filedesc_t * |
1276 | fd_init(filedesc_t *fdp) |
1277 | { |
1278 | #ifdef DIAGNOSTIC |
1279 | unsigned fd; |
1280 | #endif |
1281 | |
1282 | if (__predict_true(fdp == NULL)) { |
1283 | fdp = pool_cache_get(filedesc_cache, PR_WAITOK); |
1284 | } else { |
1285 | KASSERT(fdp == &filedesc0); |
1286 | filedesc_ctor(NULL, fdp, PR_WAITOK); |
1287 | } |
1288 | |
1289 | #ifdef DIAGNOSTIC |
1290 | KASSERT(fdp->fd_lastfile == -1); |
1291 | KASSERT(fdp->fd_lastkqfile == -1); |
1292 | KASSERT(fdp->fd_knhash == NULL); |
1293 | KASSERT(fdp->fd_freefile == 0); |
1294 | KASSERT(fdp->fd_exclose == false); |
1295 | KASSERT(fdp->fd_dt == &fdp->fd_dtbuiltin); |
1296 | KASSERT(fdp->fd_dtbuiltin.dt_nfiles == NDFILE); |
1297 | for (fd = 0; fd < NDFDFILE; fd++) { |
1298 | KASSERT(fdp->fd_dtbuiltin.dt_ff[fd] == |
1299 | (fdfile_t *)fdp->fd_dfdfile[fd]); |
1300 | } |
1301 | for (fd = NDFDFILE; fd < NDFILE; fd++) { |
1302 | KASSERT(fdp->fd_dtbuiltin.dt_ff[fd] == NULL); |
1303 | } |
1304 | KASSERT(fdp->fd_himap == fdp->fd_dhimap); |
1305 | KASSERT(fdp->fd_lomap == fdp->fd_dlomap); |
1306 | #endif /* DIAGNOSTIC */ |
1307 | |
1308 | fdp->fd_refcnt = 1; |
1309 | fd_checkmaps(fdp); |
1310 | |
1311 | return fdp; |
1312 | } |
1313 | |
1314 | /* |
1315 | * Initialize a file descriptor table. |
1316 | */ |
1317 | static int |
1318 | filedesc_ctor(void *arg, void *obj, int flag) |
1319 | { |
1320 | filedesc_t *fdp = obj; |
1321 | fdfile_t **ffp; |
1322 | int i; |
1323 | |
1324 | memset(fdp, 0, sizeof(*fdp)); |
1325 | mutex_init(&fdp->fd_lock, MUTEX_DEFAULT, IPL_NONE); |
1326 | fdp->fd_lastfile = -1; |
1327 | fdp->fd_lastkqfile = -1; |
1328 | fdp->fd_dt = &fdp->fd_dtbuiltin; |
1329 | fdp->fd_dtbuiltin.dt_nfiles = NDFILE; |
1330 | fdp->fd_himap = fdp->fd_dhimap; |
1331 | fdp->fd_lomap = fdp->fd_dlomap; |
1332 | |
1333 | CTASSERT(sizeof(fdp->fd_dfdfile[0]) >= sizeof(fdfile_t)); |
1334 | for (i = 0, ffp = fdp->fd_dt->dt_ff; i < NDFDFILE; i++, ffp++) { |
1335 | *ffp = (fdfile_t *)fdp->fd_dfdfile[i]; |
1336 | (void)fdfile_ctor(NULL, fdp->fd_dfdfile[i], PR_WAITOK); |
1337 | } |
1338 | |
1339 | return 0; |
1340 | } |
1341 | |
1342 | static void |
1343 | filedesc_dtor(void *arg, void *obj) |
1344 | { |
1345 | filedesc_t *fdp = obj; |
1346 | int i; |
1347 | |
1348 | for (i = 0; i < NDFDFILE; i++) { |
1349 | fdfile_dtor(NULL, fdp->fd_dfdfile[i]); |
1350 | } |
1351 | |
1352 | mutex_destroy(&fdp->fd_lock); |
1353 | } |
1354 | |
1355 | /* |
1356 | * Make p share curproc's filedesc structure. |
1357 | */ |
1358 | void |
1359 | fd_share(struct proc *p) |
1360 | { |
1361 | filedesc_t *fdp; |
1362 | |
1363 | fdp = curlwp->l_fd; |
1364 | p->p_fd = fdp; |
1365 | atomic_inc_uint(&fdp->fd_refcnt); |
1366 | } |
1367 | |
1368 | /* |
1369 | * Acquire a hold on a filedesc structure. |
1370 | */ |
1371 | void |
1372 | fd_hold(lwp_t *l) |
1373 | { |
1374 | filedesc_t *fdp = l->l_fd; |
1375 | |
1376 | atomic_inc_uint(&fdp->fd_refcnt); |
1377 | } |
1378 | |
1379 | /* |
1380 | * Copy a filedesc structure. |
1381 | */ |
1382 | filedesc_t * |
1383 | fd_copy(void) |
1384 | { |
1385 | filedesc_t *newfdp, *fdp; |
1386 | fdfile_t *ff, **ffp, **nffp, *ff2; |
1387 | int i, j, numfiles, lastfile, newlast; |
1388 | file_t *fp; |
1389 | fdtab_t *newdt; |
1390 | |
1391 | fdp = curproc->p_fd; |
1392 | newfdp = pool_cache_get(filedesc_cache, PR_WAITOK); |
1393 | newfdp->fd_refcnt = 1; |
1394 | |
1395 | #ifdef DIAGNOSTIC |
1396 | KASSERT(newfdp->fd_lastfile == -1); |
1397 | KASSERT(newfdp->fd_lastkqfile == -1); |
1398 | KASSERT(newfdp->fd_knhash == NULL); |
1399 | KASSERT(newfdp->fd_freefile == 0); |
1400 | KASSERT(newfdp->fd_exclose == false); |
1401 | KASSERT(newfdp->fd_dt == &newfdp->fd_dtbuiltin); |
1402 | KASSERT(newfdp->fd_dtbuiltin.dt_nfiles == NDFILE); |
1403 | for (i = 0; i < NDFDFILE; i++) { |
1404 | KASSERT(newfdp->fd_dtbuiltin.dt_ff[i] == |
1405 | (fdfile_t *)&newfdp->fd_dfdfile[i]); |
1406 | } |
1407 | for (i = NDFDFILE; i < NDFILE; i++) { |
1408 | KASSERT(newfdp->fd_dtbuiltin.dt_ff[i] == NULL); |
1409 | } |
1410 | #endif /* DIAGNOSTIC */ |
1411 | |
1412 | mutex_enter(&fdp->fd_lock); |
1413 | fd_checkmaps(fdp); |
1414 | numfiles = fdp->fd_dt->dt_nfiles; |
1415 | lastfile = fdp->fd_lastfile; |
1416 | |
1417 | /* |
1418 | * If the number of open files fits in the internal arrays |
1419 | * of the open file structure, use them, otherwise allocate |
1420 | * additional memory for the number of descriptors currently |
1421 | * in use. |
1422 | */ |
1423 | if (lastfile < NDFILE) { |
1424 | i = NDFILE; |
1425 | newdt = newfdp->fd_dt; |
1426 | KASSERT(newfdp->fd_dt == &newfdp->fd_dtbuiltin); |
1427 | } else { |
1428 | /* |
1429 | * Compute the smallest multiple of NDEXTENT needed |
1430 | * for the file descriptors currently in use, |
1431 | * allowing the table to shrink. |
1432 | */ |
1433 | i = numfiles; |
1434 | while (i >= 2 * NDEXTENT && i > lastfile * 2) { |
1435 | i /= 2; |
1436 | } |
1437 | KASSERT(i > NDFILE); |
1438 | newdt = fd_dtab_alloc(i); |
1439 | newfdp->fd_dt = newdt; |
1440 | memcpy(newdt->dt_ff, newfdp->fd_dtbuiltin.dt_ff, |
1441 | NDFDFILE * sizeof(fdfile_t **)); |
1442 | memset(newdt->dt_ff + NDFDFILE, 0, |
1443 | (i - NDFDFILE) * sizeof(fdfile_t **)); |
1444 | } |
1445 | if (NDHISLOTS(i) <= NDHISLOTS(NDFILE)) { |
1446 | newfdp->fd_himap = newfdp->fd_dhimap; |
1447 | newfdp->fd_lomap = newfdp->fd_dlomap; |
1448 | } else { |
1449 | fd_map_alloc(i, &newfdp->fd_lomap, &newfdp->fd_himap); |
1450 | KASSERT(i >= NDENTRIES * NDENTRIES); |
1451 | memset(newfdp->fd_himap, 0, NDHISLOTS(i)*sizeof(uint32_t)); |
1452 | memset(newfdp->fd_lomap, 0, NDLOSLOTS(i)*sizeof(uint32_t)); |
1453 | } |
1454 | newfdp->fd_freefile = fdp->fd_freefile; |
1455 | newfdp->fd_exclose = fdp->fd_exclose; |
1456 | |
1457 | ffp = fdp->fd_dt->dt_ff; |
1458 | nffp = newdt->dt_ff; |
1459 | newlast = -1; |
1460 | for (i = 0; i <= lastfile; i++, ffp++, nffp++) { |
1461 | KASSERT(i >= NDFDFILE || |
1462 | *nffp == (fdfile_t *)newfdp->fd_dfdfile[i]); |
1463 | ff = *ffp; |
1464 | if (ff == NULL || (fp = ff->ff_file) == NULL) { |
1465 | /* Descriptor unused, or descriptor half open. */ |
1466 | KASSERT(!fd_isused(newfdp, i)); |
1467 | continue; |
1468 | } |
1469 | if (__predict_false(fp->f_type == DTYPE_KQUEUE)) { |
1470 | /* kqueue descriptors cannot be copied. */ |
1471 | if (i < newfdp->fd_freefile) { |
1472 | newfdp->fd_freefile = i; |
1473 | } |
1474 | continue; |
1475 | } |
1476 | /* It's active: add a reference to the file. */ |
1477 | mutex_enter(&fp->f_lock); |
1478 | fp->f_count++; |
1479 | mutex_exit(&fp->f_lock); |
1480 | |
1481 | /* Allocate an fdfile_t to represent it. */ |
1482 | if (i >= NDFDFILE) { |
1483 | ff2 = pool_cache_get(fdfile_cache, PR_WAITOK); |
1484 | *nffp = ff2; |
1485 | } else { |
1486 | ff2 = newdt->dt_ff[i]; |
1487 | } |
1488 | ff2->ff_file = fp; |
1489 | ff2->ff_exclose = ff->ff_exclose; |
1490 | ff2->ff_allocated = true; |
1491 | |
1492 | /* Fix up bitmaps. */ |
1493 | j = i >> NDENTRYSHIFT; |
1494 | KASSERT((newfdp->fd_lomap[j] & (1 << (i & NDENTRYMASK))) == 0); |
1495 | newfdp->fd_lomap[j] |= 1 << (i & NDENTRYMASK); |
1496 | if (__predict_false(newfdp->fd_lomap[j] == ~0)) { |
1497 | KASSERT((newfdp->fd_himap[j >> NDENTRYSHIFT] & |
1498 | (1 << (j & NDENTRYMASK))) == 0); |
1499 | newfdp->fd_himap[j >> NDENTRYSHIFT] |= |
1500 | 1 << (j & NDENTRYMASK); |
1501 | } |
1502 | newlast = i; |
1503 | } |
1504 | KASSERT(newdt->dt_ff[0] == (fdfile_t *)newfdp->fd_dfdfile[0]); |
1505 | newfdp->fd_lastfile = newlast; |
1506 | fd_checkmaps(newfdp); |
1507 | mutex_exit(&fdp->fd_lock); |
1508 | |
1509 | return newfdp; |
1510 | } |
1511 | |
1512 | /* |
1513 | * Release a filedesc structure. |
1514 | */ |
1515 | void |
1516 | fd_free(void) |
1517 | { |
1518 | fdfile_t *ff; |
1519 | file_t *fp; |
1520 | int fd, nf; |
1521 | fdtab_t *dt; |
1522 | lwp_t * const l = curlwp; |
1523 | filedesc_t * const fdp = l->l_fd; |
1524 | const bool noadvlock = (l->l_proc->p_flag & PK_ADVLOCK) == 0; |
1525 | |
1526 | KASSERT(fdp->fd_dt->dt_ff[0] == (fdfile_t *)fdp->fd_dfdfile[0]); |
1527 | KASSERT(fdp->fd_dtbuiltin.dt_nfiles == NDFILE); |
1528 | KASSERT(fdp->fd_dtbuiltin.dt_link == NULL); |
1529 | |
1530 | #ifndef __HAVE_ATOMIC_AS_MEMBAR |
1531 | membar_exit(); |
1532 | #endif |
1533 | if (atomic_dec_uint_nv(&fdp->fd_refcnt) > 0) |
1534 | return; |
1535 | |
1536 | /* |
1537 | * Close any files that the process holds open. |
1538 | */ |
1539 | dt = fdp->fd_dt; |
1540 | fd_checkmaps(fdp); |
1541 | #ifdef DEBUG |
1542 | fdp->fd_refcnt = -1; /* see fd_checkmaps */ |
1543 | #endif |
1544 | for (fd = 0, nf = dt->dt_nfiles; fd < nf; fd++) { |
1545 | ff = dt->dt_ff[fd]; |
1546 | KASSERT(fd >= NDFDFILE || |
1547 | ff == (fdfile_t *)fdp->fd_dfdfile[fd]); |
1548 | if (ff == NULL) |
1549 | continue; |
1550 | if ((fp = ff->ff_file) != NULL) { |
1551 | /* |
1552 | * Must use fd_close() here if there is |
1553 | * a reference from kqueue or we might have posix |
1554 | * advisory locks. |
1555 | */ |
1556 | if (__predict_true(ff->ff_refcnt == 0) && |
1557 | (noadvlock || fp->f_type != DTYPE_VNODE)) { |
1558 | ff->ff_file = NULL; |
1559 | ff->ff_exclose = false; |
1560 | ff->ff_allocated = false; |
1561 | closef(fp); |
1562 | } else { |
1563 | ff->ff_refcnt++; |
1564 | fd_close(fd); |
1565 | } |
1566 | } |
1567 | KASSERT(ff->ff_refcnt == 0); |
1568 | KASSERT(ff->ff_file == NULL); |
1569 | KASSERT(!ff->ff_exclose); |
1570 | KASSERT(!ff->ff_allocated); |
1571 | if (fd >= NDFDFILE) { |
1572 | pool_cache_put(fdfile_cache, ff); |
1573 | dt->dt_ff[fd] = NULL; |
1574 | } |
1575 | } |
1576 | |
1577 | /* |
1578 | * Clean out the descriptor table for the next user and return |
1579 | * to the cache. |
1580 | */ |
1581 | if (__predict_false(dt != &fdp->fd_dtbuiltin)) { |
1582 | fd_dtab_free(fdp->fd_dt); |
1583 | /* Otherwise, done above. */ |
1584 | memset(&fdp->fd_dtbuiltin.dt_ff[NDFDFILE], 0, |
1585 | (NDFILE - NDFDFILE) * sizeof(fdp->fd_dtbuiltin.dt_ff[0])); |
1586 | fdp->fd_dt = &fdp->fd_dtbuiltin; |
1587 | } |
1588 | if (__predict_false(NDHISLOTS(nf) > NDHISLOTS(NDFILE))) { |
1589 | KASSERT(fdp->fd_himap != fdp->fd_dhimap); |
1590 | KASSERT(fdp->fd_lomap != fdp->fd_dlomap); |
1591 | fd_map_free(nf, fdp->fd_lomap, fdp->fd_himap); |
1592 | } |
1593 | if (__predict_false(fdp->fd_knhash != NULL)) { |
1594 | hashdone(fdp->fd_knhash, HASH_LIST, fdp->fd_knhashmask); |
1595 | fdp->fd_knhash = NULL; |
1596 | fdp->fd_knhashmask = 0; |
1597 | } else { |
1598 | KASSERT(fdp->fd_knhashmask == 0); |
1599 | } |
1600 | fdp->fd_dt = &fdp->fd_dtbuiltin; |
1601 | fdp->fd_lastkqfile = -1; |
1602 | fdp->fd_lastfile = -1; |
1603 | fdp->fd_freefile = 0; |
1604 | fdp->fd_exclose = false; |
1605 | memset(&fdp->fd_startzero, 0, sizeof(*fdp) - |
1606 | offsetof(filedesc_t, fd_startzero)); |
1607 | fdp->fd_himap = fdp->fd_dhimap; |
1608 | fdp->fd_lomap = fdp->fd_dlomap; |
1609 | KASSERT(fdp->fd_dtbuiltin.dt_nfiles == NDFILE); |
1610 | KASSERT(fdp->fd_dtbuiltin.dt_link == NULL); |
1611 | KASSERT(fdp->fd_dt == &fdp->fd_dtbuiltin); |
1612 | #ifdef DEBUG |
1613 | fdp->fd_refcnt = 0; /* see fd_checkmaps */ |
1614 | #endif |
1615 | fd_checkmaps(fdp); |
1616 | pool_cache_put(filedesc_cache, fdp); |
1617 | } |
1618 | |
1619 | /* |
1620 | * File Descriptor pseudo-device driver (/dev/fd/). |
1621 | * |
1622 | * Opening minor device N dup()s the file (if any) connected to file |
1623 | * descriptor N belonging to the calling process. Note that this driver |
1624 | * consists of only the ``open()'' routine, because all subsequent |
1625 | * references to this file will be direct to the other driver. |
1626 | */ |
1627 | static int |
1628 | filedescopen(dev_t dev, int mode, int type, lwp_t *l) |
1629 | { |
1630 | |
1631 | /* |
1632 | * XXX Kludge: set dupfd to contain the value of the |
1633 | * the file descriptor being sought for duplication. The error |
1634 | * return ensures that the vnode for this device will be released |
1635 | * by vn_open. Open will detect this special error and take the |
1636 | * actions in fd_dupopen below. Other callers of vn_open or VOP_OPEN |
1637 | * will simply report the error. |
1638 | */ |
1639 | l->l_dupfd = minor(dev); /* XXX */ |
1640 | return EDUPFD; |
1641 | } |
1642 | |
1643 | /* |
1644 | * Duplicate the specified descriptor to a free descriptor. |
1645 | */ |
1646 | int |
1647 | fd_dupopen(int old, int *newp, int mode, int error) |
1648 | { |
1649 | filedesc_t *fdp; |
1650 | fdfile_t *ff; |
1651 | file_t *fp; |
1652 | fdtab_t *dt; |
1653 | |
1654 | if ((fp = fd_getfile(old)) == NULL) { |
1655 | return EBADF; |
1656 | } |
1657 | fdp = curlwp->l_fd; |
1658 | dt = fdp->fd_dt; |
1659 | ff = dt->dt_ff[old]; |
1660 | |
1661 | /* |
1662 | * There are two cases of interest here. |
1663 | * |
1664 | * For EDUPFD simply dup (old) to file descriptor |
1665 | * (new) and return. |
1666 | * |
1667 | * For EMOVEFD steal away the file structure from (old) and |
1668 | * store it in (new). (old) is effectively closed by |
1669 | * this operation. |
1670 | * |
1671 | * Any other error code is just returned. |
1672 | */ |
1673 | switch (error) { |
1674 | case EDUPFD: |
1675 | /* |
1676 | * Check that the mode the file is being opened for is a |
1677 | * subset of the mode of the existing descriptor. |
1678 | */ |
1679 | if (((mode & (FREAD|FWRITE)) | fp->f_flag) != fp->f_flag) { |
1680 | error = EACCES; |
1681 | break; |
1682 | } |
1683 | |
1684 | /* Copy it. */ |
1685 | error = fd_dup(fp, 0, newp, ff->ff_exclose); |
1686 | break; |
1687 | |
1688 | case EMOVEFD: |
1689 | /* Copy it. */ |
1690 | error = fd_dup(fp, 0, newp, ff->ff_exclose); |
1691 | if (error != 0) { |
1692 | break; |
1693 | } |
1694 | |
1695 | /* Steal away the file pointer from 'old'. */ |
1696 | (void)fd_close(old); |
1697 | return 0; |
1698 | } |
1699 | |
1700 | fd_putfile(old); |
1701 | return error; |
1702 | } |
1703 | |
1704 | /* |
1705 | * Close open files on exec. |
1706 | */ |
1707 | void |
1708 | fd_closeexec(void) |
1709 | { |
1710 | proc_t *p; |
1711 | filedesc_t *fdp; |
1712 | fdfile_t *ff; |
1713 | lwp_t *l; |
1714 | fdtab_t *dt; |
1715 | int fd; |
1716 | |
1717 | l = curlwp; |
1718 | p = l->l_proc; |
1719 | fdp = p->p_fd; |
1720 | |
1721 | if (fdp->fd_refcnt > 1) { |
1722 | fdp = fd_copy(); |
1723 | fd_free(); |
1724 | p->p_fd = fdp; |
1725 | l->l_fd = fdp; |
1726 | } |
1727 | if (!fdp->fd_exclose) { |
1728 | return; |
1729 | } |
1730 | fdp->fd_exclose = false; |
1731 | dt = fdp->fd_dt; |
1732 | |
1733 | for (fd = 0; fd <= fdp->fd_lastfile; fd++) { |
1734 | if ((ff = dt->dt_ff[fd]) == NULL) { |
1735 | KASSERT(fd >= NDFDFILE); |
1736 | continue; |
1737 | } |
1738 | KASSERT(fd >= NDFDFILE || |
1739 | ff == (fdfile_t *)fdp->fd_dfdfile[fd]); |
1740 | if (ff->ff_file == NULL) |
1741 | continue; |
1742 | if (ff->ff_exclose) { |
1743 | /* |
1744 | * We need a reference to close the file. |
1745 | * No other threads can see the fdfile_t at |
1746 | * this point, so don't bother locking. |
1747 | */ |
1748 | KASSERT((ff->ff_refcnt & FR_CLOSING) == 0); |
1749 | ff->ff_refcnt++; |
1750 | fd_close(fd); |
1751 | } |
1752 | } |
1753 | } |
1754 | |
1755 | /* |
1756 | * Sets descriptor owner. If the owner is a process, 'pgid' |
1757 | * is set to positive value, process ID. If the owner is process group, |
1758 | * 'pgid' is set to -pg_id. |
1759 | */ |
1760 | int |
1761 | fsetown(pid_t *pgid, u_long cmd, const void *data) |
1762 | { |
1763 | pid_t id = *(const pid_t *)data; |
1764 | int error; |
1765 | |
1766 | switch (cmd) { |
1767 | case TIOCSPGRP: |
1768 | if (id < 0) |
1769 | return EINVAL; |
1770 | id = -id; |
1771 | break; |
1772 | default: |
1773 | break; |
1774 | } |
1775 | if (id > 0) { |
1776 | mutex_enter(proc_lock); |
1777 | error = proc_find(id) ? 0 : ESRCH; |
1778 | mutex_exit(proc_lock); |
1779 | } else if (id < 0) { |
1780 | error = pgid_in_session(curproc, -id); |
1781 | } else { |
1782 | error = 0; |
1783 | } |
1784 | if (!error) { |
1785 | *pgid = id; |
1786 | } |
1787 | return error; |
1788 | } |
1789 | |
1790 | void |
1791 | fd_set_exclose(struct lwp *l, int fd, bool exclose) |
1792 | { |
1793 | filedesc_t *fdp = l->l_fd; |
1794 | fdfile_t *ff = fdp->fd_dt->dt_ff[fd]; |
1795 | |
1796 | ff->ff_exclose = exclose; |
1797 | if (exclose) |
1798 | fdp->fd_exclose = true; |
1799 | } |
1800 | |
1801 | /* |
1802 | * Return descriptor owner information. If the value is positive, |
1803 | * it's process ID. If it's negative, it's process group ID and |
1804 | * needs the sign removed before use. |
1805 | */ |
1806 | int |
1807 | fgetown(pid_t pgid, u_long cmd, void *data) |
1808 | { |
1809 | |
1810 | switch (cmd) { |
1811 | case TIOCGPGRP: |
1812 | *(int *)data = -pgid; |
1813 | break; |
1814 | default: |
1815 | *(int *)data = pgid; |
1816 | break; |
1817 | } |
1818 | return 0; |
1819 | } |
1820 | |
1821 | /* |
1822 | * Send signal to descriptor owner, either process or process group. |
1823 | */ |
1824 | void |
1825 | fownsignal(pid_t pgid, int signo, int code, int band, void *fdescdata) |
1826 | { |
1827 | ksiginfo_t ksi; |
1828 | |
1829 | KASSERT(!cpu_intr_p()); |
1830 | |
1831 | if (pgid == 0) { |
1832 | return; |
1833 | } |
1834 | |
1835 | KSI_INIT(&ksi); |
1836 | ksi.ksi_signo = signo; |
1837 | ksi.ksi_code = code; |
1838 | ksi.ksi_band = band; |
1839 | |
1840 | mutex_enter(proc_lock); |
1841 | if (pgid > 0) { |
1842 | struct proc *p1; |
1843 | |
1844 | p1 = proc_find(pgid); |
1845 | if (p1 != NULL) { |
1846 | kpsignal(p1, &ksi, fdescdata); |
1847 | } |
1848 | } else { |
1849 | struct pgrp *pgrp; |
1850 | |
1851 | KASSERT(pgid < 0); |
1852 | pgrp = pgrp_find(-pgid); |
1853 | if (pgrp != NULL) { |
1854 | kpgsignal(pgrp, &ksi, fdescdata, 0); |
1855 | } |
1856 | } |
1857 | mutex_exit(proc_lock); |
1858 | } |
1859 | |
1860 | int |
1861 | fd_clone(file_t *fp, unsigned fd, int flag, const struct fileops *fops, |
1862 | void *data) |
1863 | { |
1864 | fdfile_t *ff; |
1865 | filedesc_t *fdp; |
1866 | |
1867 | fp->f_flag |= flag & FMASK; |
1868 | fdp = curproc->p_fd; |
1869 | ff = fdp->fd_dt->dt_ff[fd]; |
1870 | KASSERT(ff != NULL); |
1871 | ff->ff_exclose = (flag & O_CLOEXEC) != 0; |
1872 | fp->f_type = DTYPE_MISC; |
1873 | fp->f_ops = fops; |
1874 | fp->f_data = data; |
1875 | curlwp->l_dupfd = fd; |
1876 | fd_affix(curproc, fp, fd); |
1877 | |
1878 | return EMOVEFD; |
1879 | } |
1880 | |
1881 | int |
1882 | fnullop_fcntl(file_t *fp, u_int cmd, void *data) |
1883 | { |
1884 | |
1885 | if (cmd == F_SETFL) |
1886 | return 0; |
1887 | |
1888 | return EOPNOTSUPP; |
1889 | } |
1890 | |
1891 | int |
1892 | fnullop_poll(file_t *fp, int which) |
1893 | { |
1894 | |
1895 | return 0; |
1896 | } |
1897 | |
1898 | int |
1899 | fnullop_kqfilter(file_t *fp, struct knote *kn) |
1900 | { |
1901 | |
1902 | return EOPNOTSUPP; |
1903 | } |
1904 | |
1905 | void |
1906 | fnullop_restart(file_t *fp) |
1907 | { |
1908 | |
1909 | } |
1910 | |
1911 | int |
1912 | fbadop_read(file_t *fp, off_t *offset, struct uio *uio, |
1913 | kauth_cred_t cred, int flags) |
1914 | { |
1915 | |
1916 | return EOPNOTSUPP; |
1917 | } |
1918 | |
1919 | int |
1920 | fbadop_write(file_t *fp, off_t *offset, struct uio *uio, |
1921 | kauth_cred_t cred, int flags) |
1922 | { |
1923 | |
1924 | return EOPNOTSUPP; |
1925 | } |
1926 | |
1927 | int |
1928 | fbadop_ioctl(file_t *fp, u_long com, void *data) |
1929 | { |
1930 | |
1931 | return EOPNOTSUPP; |
1932 | } |
1933 | |
1934 | int |
1935 | fbadop_stat(file_t *fp, struct stat *sb) |
1936 | { |
1937 | |
1938 | return EOPNOTSUPP; |
1939 | } |
1940 | |
1941 | int |
1942 | fbadop_close(file_t *fp) |
1943 | { |
1944 | |
1945 | return EOPNOTSUPP; |
1946 | } |
1947 | |
1948 | /* |
1949 | * sysctl routines pertaining to file descriptors |
1950 | */ |
1951 | |
1952 | /* Initialized in sysctl_init() for now... */ |
1953 | extern kmutex_t sysctl_file_marker_lock; |
1954 | static u_int sysctl_file_marker = 1; |
1955 | |
1956 | /* |
1957 | * Expects to be called with proc_lock and sysctl_file_marker_lock locked. |
1958 | */ |
1959 | static void |
1960 | sysctl_file_marker_reset(void) |
1961 | { |
1962 | struct proc *p; |
1963 | |
1964 | PROCLIST_FOREACH(p, &allproc) { |
1965 | struct filedesc *fd = p->p_fd; |
1966 | fdtab_t *dt; |
1967 | u_int i; |
1968 | |
1969 | mutex_enter(&fd->fd_lock); |
1970 | dt = fd->fd_dt; |
1971 | for (i = 0; i < dt->dt_nfiles; i++) { |
1972 | struct file *fp; |
1973 | fdfile_t *ff; |
1974 | |
1975 | if ((ff = dt->dt_ff[i]) == NULL) { |
1976 | continue; |
1977 | } |
1978 | if ((fp = ff->ff_file) == NULL) { |
1979 | continue; |
1980 | } |
1981 | fp->f_marker = 0; |
1982 | } |
1983 | mutex_exit(&fd->fd_lock); |
1984 | } |
1985 | } |
1986 | |
1987 | /* |
1988 | * sysctl helper routine for kern.file pseudo-subtree. |
1989 | */ |
1990 | static int |
1991 | sysctl_kern_file(SYSCTLFN_ARGS) |
1992 | { |
1993 | int error; |
1994 | size_t buflen; |
1995 | struct file *fp, fbuf; |
1996 | char *start, *where; |
1997 | struct proc *p; |
1998 | |
1999 | start = where = oldp; |
2000 | buflen = *oldlenp; |
2001 | |
2002 | if (where == NULL) { |
2003 | /* |
2004 | * overestimate by 10 files |
2005 | */ |
2006 | *oldlenp = sizeof(filehead) + (nfiles + 10) * |
2007 | sizeof(struct file); |
2008 | return 0; |
2009 | } |
2010 | |
2011 | /* |
2012 | * first sysctl_copyout filehead |
2013 | */ |
2014 | if (buflen < sizeof(filehead)) { |
2015 | *oldlenp = 0; |
2016 | return 0; |
2017 | } |
2018 | sysctl_unlock(); |
2019 | error = sysctl_copyout(l, &filehead, where, sizeof(filehead)); |
2020 | if (error) { |
2021 | sysctl_relock(); |
2022 | return error; |
2023 | } |
2024 | buflen -= sizeof(filehead); |
2025 | where += sizeof(filehead); |
2026 | |
2027 | /* |
2028 | * followed by an array of file structures |
2029 | */ |
2030 | mutex_enter(&sysctl_file_marker_lock); |
2031 | mutex_enter(proc_lock); |
2032 | PROCLIST_FOREACH(p, &allproc) { |
2033 | struct filedesc *fd; |
2034 | fdtab_t *dt; |
2035 | u_int i; |
2036 | |
2037 | if (p->p_stat == SIDL) { |
2038 | /* skip embryonic processes */ |
2039 | continue; |
2040 | } |
2041 | mutex_enter(p->p_lock); |
2042 | error = kauth_authorize_process(l->l_cred, |
2043 | KAUTH_PROCESS_CANSEE, p, |
2044 | KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_OPENFILES), |
2045 | NULL, NULL); |
2046 | mutex_exit(p->p_lock); |
2047 | if (error != 0) { |
2048 | /* |
2049 | * Don't leak kauth retval if we're silently |
2050 | * skipping this entry. |
2051 | */ |
2052 | error = 0; |
2053 | continue; |
2054 | } |
2055 | |
2056 | /* |
2057 | * Grab a hold on the process. |
2058 | */ |
2059 | if (!rw_tryenter(&p->p_reflock, RW_READER)) { |
2060 | continue; |
2061 | } |
2062 | mutex_exit(proc_lock); |
2063 | |
2064 | fd = p->p_fd; |
2065 | mutex_enter(&fd->fd_lock); |
2066 | dt = fd->fd_dt; |
2067 | for (i = 0; i < dt->dt_nfiles; i++) { |
2068 | fdfile_t *ff; |
2069 | |
2070 | if ((ff = dt->dt_ff[i]) == NULL) { |
2071 | continue; |
2072 | } |
2073 | if ((fp = ff->ff_file) == NULL) { |
2074 | continue; |
2075 | } |
2076 | |
2077 | mutex_enter(&fp->f_lock); |
2078 | |
2079 | if ((fp->f_count == 0) || |
2080 | (fp->f_marker == sysctl_file_marker)) { |
2081 | mutex_exit(&fp->f_lock); |
2082 | continue; |
2083 | } |
2084 | |
2085 | /* Check that we have enough space. */ |
2086 | if (buflen < sizeof(struct file)) { |
2087 | *oldlenp = where - start; |
2088 | mutex_exit(&fp->f_lock); |
2089 | error = ENOMEM; |
2090 | break; |
2091 | } |
2092 | |
2093 | memcpy(&fbuf, fp, sizeof(fbuf)); |
2094 | mutex_exit(&fp->f_lock); |
2095 | error = sysctl_copyout(l, &fbuf, where, sizeof(fbuf)); |
2096 | if (error) { |
2097 | break; |
2098 | } |
2099 | buflen -= sizeof(struct file); |
2100 | where += sizeof(struct file); |
2101 | |
2102 | fp->f_marker = sysctl_file_marker; |
2103 | } |
2104 | mutex_exit(&fd->fd_lock); |
2105 | |
2106 | /* |
2107 | * Release reference to process. |
2108 | */ |
2109 | mutex_enter(proc_lock); |
2110 | rw_exit(&p->p_reflock); |
2111 | |
2112 | if (error) |
2113 | break; |
2114 | } |
2115 | |
2116 | sysctl_file_marker++; |
2117 | /* Reset all markers if wrapped. */ |
2118 | if (sysctl_file_marker == 0) { |
2119 | sysctl_file_marker_reset(); |
2120 | sysctl_file_marker++; |
2121 | } |
2122 | |
2123 | mutex_exit(proc_lock); |
2124 | mutex_exit(&sysctl_file_marker_lock); |
2125 | |
2126 | *oldlenp = where - start; |
2127 | sysctl_relock(); |
2128 | return error; |
2129 | } |
2130 | |
2131 | /* |
2132 | * sysctl helper function for kern.file2 |
2133 | */ |
2134 | static int |
2135 | sysctl_kern_file2(SYSCTLFN_ARGS) |
2136 | { |
2137 | struct proc *p; |
2138 | struct file *fp; |
2139 | struct filedesc *fd; |
2140 | struct kinfo_file kf; |
2141 | char *dp; |
2142 | u_int i, op; |
2143 | size_t len, needed, elem_size, out_size; |
2144 | int error, arg, elem_count; |
2145 | fdfile_t *ff; |
2146 | fdtab_t *dt; |
2147 | |
2148 | if (namelen == 1 && name[0] == CTL_QUERY) |
2149 | return sysctl_query(SYSCTLFN_CALL(rnode)); |
2150 | |
2151 | if (namelen != 4) |
2152 | return EINVAL; |
2153 | |
2154 | error = 0; |
2155 | dp = oldp; |
2156 | len = (oldp != NULL) ? *oldlenp : 0; |
2157 | op = name[0]; |
2158 | arg = name[1]; |
2159 | elem_size = name[2]; |
2160 | elem_count = name[3]; |
2161 | out_size = MIN(sizeof(kf), elem_size); |
2162 | needed = 0; |
2163 | |
2164 | if (elem_size < 1 || elem_count < 0) |
2165 | return EINVAL; |
2166 | |
2167 | switch (op) { |
2168 | case KERN_FILE_BYFILE: |
2169 | case KERN_FILE_BYPID: |
2170 | /* |
2171 | * We're traversing the process list in both cases; the BYFILE |
2172 | * case does additional work of keeping track of files already |
2173 | * looked at. |
2174 | */ |
2175 | |
2176 | /* doesn't use arg so it must be zero */ |
2177 | if ((op == KERN_FILE_BYFILE) && (arg != 0)) |
2178 | return EINVAL; |
2179 | |
2180 | if ((op == KERN_FILE_BYPID) && (arg < -1)) |
2181 | /* -1 means all processes */ |
2182 | return EINVAL; |
2183 | |
2184 | sysctl_unlock(); |
2185 | if (op == KERN_FILE_BYFILE) |
2186 | mutex_enter(&sysctl_file_marker_lock); |
2187 | mutex_enter(proc_lock); |
2188 | PROCLIST_FOREACH(p, &allproc) { |
2189 | if (p->p_stat == SIDL) { |
2190 | /* skip embryonic processes */ |
2191 | continue; |
2192 | } |
2193 | if (arg > 0 && p->p_pid != arg) { |
2194 | /* pick only the one we want */ |
2195 | /* XXX want 0 to mean "kernel files" */ |
2196 | continue; |
2197 | } |
2198 | mutex_enter(p->p_lock); |
2199 | error = kauth_authorize_process(l->l_cred, |
2200 | KAUTH_PROCESS_CANSEE, p, |
2201 | KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_OPENFILES), |
2202 | NULL, NULL); |
2203 | mutex_exit(p->p_lock); |
2204 | if (error != 0) { |
2205 | /* |
2206 | * Don't leak kauth retval if we're silently |
2207 | * skipping this entry. |
2208 | */ |
2209 | error = 0; |
2210 | continue; |
2211 | } |
2212 | |
2213 | /* |
2214 | * Grab a hold on the process. |
2215 | */ |
2216 | if (!rw_tryenter(&p->p_reflock, RW_READER)) { |
2217 | continue; |
2218 | } |
2219 | mutex_exit(proc_lock); |
2220 | |
2221 | fd = p->p_fd; |
2222 | mutex_enter(&fd->fd_lock); |
2223 | dt = fd->fd_dt; |
2224 | for (i = 0; i < dt->dt_nfiles; i++) { |
2225 | if ((ff = dt->dt_ff[i]) == NULL) { |
2226 | continue; |
2227 | } |
2228 | if ((fp = ff->ff_file) == NULL) { |
2229 | continue; |
2230 | } |
2231 | |
2232 | if ((op == KERN_FILE_BYFILE) && |
2233 | (fp->f_marker == sysctl_file_marker)) { |
2234 | continue; |
2235 | } |
2236 | if (len >= elem_size && elem_count > 0) { |
2237 | mutex_enter(&fp->f_lock); |
2238 | fill_file(&kf, fp, ff, i, p->p_pid); |
2239 | mutex_exit(&fp->f_lock); |
2240 | mutex_exit(&fd->fd_lock); |
2241 | error = sysctl_copyout(l, |
2242 | &kf, dp, out_size); |
2243 | mutex_enter(&fd->fd_lock); |
2244 | if (error) |
2245 | break; |
2246 | dp += elem_size; |
2247 | len -= elem_size; |
2248 | } |
2249 | if (op == KERN_FILE_BYFILE) |
2250 | fp->f_marker = sysctl_file_marker; |
2251 | needed += elem_size; |
2252 | if (elem_count > 0 && elem_count != INT_MAX) |
2253 | elem_count--; |
2254 | } |
2255 | mutex_exit(&fd->fd_lock); |
2256 | |
2257 | /* |
2258 | * Release reference to process. |
2259 | */ |
2260 | mutex_enter(proc_lock); |
2261 | rw_exit(&p->p_reflock); |
2262 | } |
2263 | if (op == KERN_FILE_BYFILE) { |
2264 | sysctl_file_marker++; |
2265 | |
2266 | /* Reset all markers if wrapped. */ |
2267 | if (sysctl_file_marker == 0) { |
2268 | sysctl_file_marker_reset(); |
2269 | sysctl_file_marker++; |
2270 | } |
2271 | } |
2272 | mutex_exit(proc_lock); |
2273 | if (op == KERN_FILE_BYFILE) |
2274 | mutex_exit(&sysctl_file_marker_lock); |
2275 | sysctl_relock(); |
2276 | break; |
2277 | default: |
2278 | return EINVAL; |
2279 | } |
2280 | |
2281 | if (oldp == NULL) |
2282 | needed += KERN_FILESLOP * elem_size; |
2283 | *oldlenp = needed; |
2284 | |
2285 | return error; |
2286 | } |
2287 | |
2288 | static void |
2289 | fill_file(struct kinfo_file *kp, const file_t *fp, const fdfile_t *ff, |
2290 | int i, pid_t pid) |
2291 | { |
2292 | |
2293 | memset(kp, 0, sizeof(*kp)); |
2294 | |
2295 | kp->ki_fileaddr = PTRTOUINT64(fp); |
2296 | kp->ki_flag = fp->f_flag; |
2297 | kp->ki_iflags = 0; |
2298 | kp->ki_ftype = fp->f_type; |
2299 | kp->ki_count = fp->f_count; |
2300 | kp->ki_msgcount = fp->f_msgcount; |
2301 | kp->ki_fucred = PTRTOUINT64(fp->f_cred); |
2302 | kp->ki_fuid = kauth_cred_geteuid(fp->f_cred); |
2303 | kp->ki_fgid = kauth_cred_getegid(fp->f_cred); |
2304 | kp->ki_fops = PTRTOUINT64(fp->f_ops); |
2305 | kp->ki_foffset = fp->f_offset; |
2306 | kp->ki_fdata = PTRTOUINT64(fp->f_data); |
2307 | |
2308 | /* vnode information to glue this file to something */ |
2309 | if (fp->f_type == DTYPE_VNODE) { |
2310 | struct vnode *vp = fp->f_vnode; |
2311 | |
2312 | kp->ki_vun = PTRTOUINT64(vp->v_un.vu_socket); |
2313 | kp->ki_vsize = vp->v_size; |
2314 | kp->ki_vtype = vp->v_type; |
2315 | kp->ki_vtag = vp->v_tag; |
2316 | kp->ki_vdata = PTRTOUINT64(vp->v_data); |
2317 | } |
2318 | |
2319 | /* process information when retrieved via KERN_FILE_BYPID */ |
2320 | if (ff != NULL) { |
2321 | kp->ki_pid = pid; |
2322 | kp->ki_fd = i; |
2323 | kp->ki_ofileflags = ff->ff_exclose; |
2324 | kp->ki_usecount = ff->ff_refcnt; |
2325 | } |
2326 | } |
2327 | |