kern_descrip.c source code [src/src/sys/kern/kern_descrip.c]

1	/ $NetBSD: kern_descrip.c,v 1.229 2015/08/03 04:55:15 christos Exp $ /
2
3	/-*
4	* Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
5	* All rights reserved.
6	*
7	* This code is derived from software contributed to The NetBSD Foundation
8	* by Andrew Doran.
9	*
10	* Redistribution and use in source and binary forms, with or without
11	* modification, are permitted provided that the following conditions
12	* are met:
13	* 1. Redistributions of source code must retain the above copyright
14	* notice, this list of conditions and the following disclaimer.
15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in the
17	* documentation and/or other materials provided with the distribution.
18	*
19	* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20	* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21	* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23	* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24	* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25	* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26	* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27	* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29	* POSSIBILITY OF SUCH DAMAGE.
30	*/
31
32	/*
33	* Copyright (c) 1982, 1986, 1989, 1991, 1993
34	* The Regents of the University of California. All rights reserved.
35	* (c) UNIX System Laboratories, Inc.
36	* All or some portions of this file are derived from material licensed
37	* to the University of California by American Telephone and Telegraph
38	* Co. or Unix System Laboratories, Inc. and are reproduced herein with
39	* the permission of UNIX System Laboratories, Inc.
40	*
41	* Redistribution and use in source and binary forms, with or without
42	* modification, are permitted provided that the following conditions
43	* are met:
44	* 1. Redistributions of source code must retain the above copyright
45	* notice, this list of conditions and the following disclaimer.
46	* 2. Redistributions in binary form must reproduce the above copyright
47	* notice, this list of conditions and the following disclaimer in the
48	* documentation and/or other materials provided with the distribution.
49	* 3. Neither the name of the University nor the names of its contributors
50	* may be used to endorse or promote products derived from this software
51	* without specific prior written permission.
52	*
53	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
54	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
55	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
56	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
57	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
58	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
59	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
61	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
62	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
63	* SUCH DAMAGE.
64	*
65	* @(#)kern_descrip.c 8.8 (Berkeley) 2/14/95
66	*/
67
68	/*
69	* File descriptor management.
70	*/
71
72	#include <sys/cdefs.h>
73	__KERNEL_RCSID(`0`, "$NetBSD: kern_descrip.c,v 1.229 2015/08/03 04:55:15 christos Exp $");
74
75	#include <sys/param.h>
76	#include <sys/systm.h>
77	#include <sys/filedesc.h>
78	#include <sys/kernel.h>
79	#include <sys/proc.h>
80	#include <sys/file.h>
81	#include <sys/socket.h>
82	#include <sys/socketvar.h>
83	#include <sys/stat.h>
84	#include <sys/ioctl.h>
85	#include <sys/fcntl.h>
86	#include <sys/pool.h>
87	#include <sys/unistd.h>
88	#include <sys/resourcevar.h>
89	#include <sys/conf.h>
90	#include <sys/event.h>
91	#include <sys/kauth.h>
92	#include <sys/atomic.h>
93	#include <sys/syscallargs.h>
94	#include <sys/cpu.h>
95	#include <sys/kmem.h>
96	#include <sys/vnode.h>
97	#include <sys/sysctl.h>
98	#include <sys/ktrace.h>
99
100	/*
101	* A list (head) of open files, counter, and lock protecting them.
102	*/
103	struct filelist filehead __cacheline_aligned;
104	static u_int nfiles __cacheline_aligned;
105	kmutex_t filelist_lock __cacheline_aligned;
106
107	static pool_cache_t filedesc_cache __read_mostly;
108	static pool_cache_t file_cache __read_mostly;
109	static pool_cache_t fdfile_cache __read_mostly;
110
111	static int file_ctor(void , void* , int*);
112	static void file_dtor(void , void* *);
113	static int fdfile_ctor(void , void* , int*);
114	static void fdfile_dtor(void , void* *);
115	static int filedesc_ctor(void , void* , int*);
116	static void filedesc_dtor(void , void* *);
117	static int filedescopen(dev_t, int, int, lwp_t *);
118
119	static int sysctl_kern_file(SYSCTLFN_PROTO);
120	static int sysctl_kern_file2(SYSCTLFN_PROTO);
121	static void fill_file(struct kinfo_file , const* file_t , const* fdfile_t *,
122	int, pid_t);
123
124	const struct cdevsw filedesc_cdevsw = {
125	.d_open = filedescopen,
126	.d_close = noclose,
127	.d_read = noread,
128	.d_write = nowrite,
129	.d_ioctl = noioctl,
130	.d_stop = nostop,
131	.d_tty = notty,
132	.d_poll = nopoll,
133	.d_mmap = nommap,
134	.d_kqfilter = nokqfilter,
135	.d_discard = nodiscard,
136	.d_flag = D_OTHER \| D_MPSAFE
137	};
138
139	/ For ease of reading. /
140	__strong_alias(fd_putvnode,fd_putfile)
141	__strong_alias(fd_putsock,fd_putfile)
142
143	/*
144	* Initialize the descriptor system.
145	*/
146	void
147	fd_sys_init(void)
148	{
149	static struct sysctllog *clog;
150
151	mutex_init(&filelist_lock, MUTEX_DEFAULT, IPL_NONE);
152
153	file_cache = pool_cache_init(sizeof(file_t), coherency_unit, `0`,
154	`0`, "file", NULL, IPL_NONE, file_ctor, file_dtor, NULL);
155	KASSERT(file_cache != NULL);
156
157	fdfile_cache = pool_cache_init(sizeof(fdfile_t), coherency_unit, `0`,
158	PR_LARGECACHE, "fdfile", NULL, IPL_NONE, fdfile_ctor, fdfile_dtor,
159	NULL);
160	KASSERT(fdfile_cache != NULL);
161
162	filedesc_cache = pool_cache_init(sizeof(filedesc_t), coherency_unit,
163	`0`, `0`, "filedesc", NULL, IPL_NONE, filedesc_ctor, filedesc_dtor,
164	NULL);
165	KASSERT(filedesc_cache != NULL);
166
167	sysctl_createv(&clog, `0`, NULL, NULL,
168	CTLFLAG_PERMANENT,
169	CTLTYPE_STRUCT, "file",
170	SYSCTL_DESCR("System open file table"),
171	sysctl_kern_file, `0`, NULL, `0`,
172	CTL_KERN, KERN_FILE, CTL_EOL);
173	sysctl_createv(&clog, `0`, NULL, NULL,
174	CTLFLAG_PERMANENT,
175	CTLTYPE_STRUCT, "file2",
176	SYSCTL_DESCR("System open file table"),
177	sysctl_kern_file2, `0`, NULL, `0`,
178	CTL_KERN, KERN_FILE2, CTL_EOL);
179	}
180
181	static bool
182	fd_isused(filedesc_t fdp, unsigned* fd)
183	{
184	u_int off = fd >> NDENTRYSHIFT;
185
186	KASSERT(fd < fdp->fd_dt->dt_nfiles);
187
188	return (fdp->fd_lomap[off] & (`1` << (fd & NDENTRYMASK))) != `0`;
189	}
190
191	/*
192	* Verify that the bitmaps match the descriptor table.
193	*/
194	static inline void
195	fd_checkmaps(filedesc_t *fdp)
196	{
197	#ifdef DEBUG
198	fdtab_t *dt;
199	u_int fd;
200
201	dt = fdp->fd_dt;
202	if (fdp->fd_refcnt == -`1`) {
203	/*
204	* fd_free tears down the table without maintaining its bitmap.
205	*/
206	return;
207	}
208	for (fd = `0`; fd < dt->dt_nfiles; fd++) {
209	if (fd < NDFDFILE) {
210	KASSERT(dt->dt_ff[fd] ==
211	(fdfile_t *)fdp->fd_dfdfile[fd]);
212	}
213	if (dt->dt_ff[fd] == NULL) {
214	KASSERT(!fd_isused(fdp, fd));
215	} else if (dt->dt_ff[fd]->ff_file != NULL) {
216	KASSERT(fd_isused(fdp, fd));
217	}
218	}
219	#endif
220	}
221
222	static int
223	fd_next_zero(filedesc_t fdp, uint32_t bitmap, int want, u_int bits)
224	{
225	int i, off, maxoff;
226	uint32_t sub;
227
228	KASSERT(mutex_owned(&fdp->fd_lock));
229
230	fd_checkmaps(fdp);
231
232	if (want > bits)
233	return -`1`;
234
235	off = want >> NDENTRYSHIFT;
236	i = want & NDENTRYMASK;
237	if (i) {
238	sub = bitmap[off] \| ((u_int)~`0` >> (NDENTRIES - i));
239	if (sub != ~`0`)
240	goto found;
241	off++;
242	}
243
244	maxoff = NDLOSLOTS(bits);
245	while (off < maxoff) {
246	if ((sub = bitmap[off]) != ~`0`)
247	goto found;
248	off++;
249	}
250
251	return -`1`;
252
253	found:
254	return (off << NDENTRYSHIFT) + ffs(~sub) - `1`;
255	}
256
257	static int
258	fd_last_set(filedesc_t fd, int* last)
259	{
260	int off, i;
261	fdfile_t **ff = fd->fd_dt->dt_ff;
262	uint32_t *bitmap = fd->fd_lomap;
263
264	KASSERT(mutex_owned(&fd->fd_lock));
265
266	fd_checkmaps(fd);
267
268	off = (last - `1`) >> NDENTRYSHIFT;
269
270	while (off >= `0` && !bitmap[off])
271	off--;
272
273	if (off < `0`)
274	return -`1`;
275
276	i = ((off + `1`) << NDENTRYSHIFT) - `1`;
277	if (i >= last)
278	i = last - `1`;
279
280	/ XXX should use bitmap /
281	while (i > `0` && (ff[i] == NULL \|\| !ff[i]->ff_allocated))
282	i--;
283
284	return i;
285	}
286
287	static inline void
288	fd_used(filedesc_t fdp, unsigned* fd)
289	{
290	u_int off = fd >> NDENTRYSHIFT;
291	fdfile_t *ff;
292
293	ff = fdp->fd_dt->dt_ff[fd];
294
295	KASSERT(mutex_owned(&fdp->fd_lock));
296	KASSERT((fdp->fd_lomap[off] & (`1` << (fd & NDENTRYMASK))) == `0`);
297	KASSERT(ff != NULL);
298	KASSERT(ff->ff_file == NULL);
299	KASSERT(!ff->ff_allocated);
300
301	ff->ff_allocated = true;
302	fdp->fd_lomap[off] \|= `1` << (fd & NDENTRYMASK);
303	if (__predict_false(fdp->fd_lomap[off] == ~`0`)) {
304	KASSERT((fdp->fd_himap[off >> NDENTRYSHIFT] &
305	(`1` << (off & NDENTRYMASK))) == `0`);
306	fdp->fd_himap[off >> NDENTRYSHIFT] \|= `1` << (off & NDENTRYMASK);
307	}
308
309	if ((int)fd > fdp->fd_lastfile) {
310	fdp->fd_lastfile = fd;
311	}
312
313	fd_checkmaps(fdp);
314	}
315
316	static inline void
317	fd_unused(filedesc_t fdp, unsigned* fd)
318	{
319	u_int off = fd >> NDENTRYSHIFT;
320	fdfile_t *ff;
321
322	ff = fdp->fd_dt->dt_ff[fd];
323
324	/*
325	* Don't assert the lock is held here, as we may be copying
326	* the table during exec() and it is not needed there.
327	* procfs and sysctl are locked out by proc::p_reflock.
328	*
329	* KASSERT(mutex_owned(&fdp->fd_lock));
330	*/
331	KASSERT(ff != NULL);
332	KASSERT(ff->ff_file == NULL);
333	KASSERT(ff->ff_allocated);
334
335	if (fd < fdp->fd_freefile) {
336	fdp->fd_freefile = fd;
337	}
338
339	if (fdp->fd_lomap[off] == ~`0`) {
340	KASSERT((fdp->fd_himap[off >> NDENTRYSHIFT] &
341	(`1` << (off & NDENTRYMASK))) != `0`);
342	fdp->fd_himap[off >> NDENTRYSHIFT] &=
343	~(`1` << (off & NDENTRYMASK));
344	}
345	KASSERT((fdp->fd_lomap[off] & (`1` << (fd & NDENTRYMASK))) != `0`);
346	fdp->fd_lomap[off] &= ~(`1` << (fd & NDENTRYMASK));
347	ff->ff_allocated = false;
348
349	KASSERT(fd <= fdp->fd_lastfile);
350	if (fd == fdp->fd_lastfile) {
351	fdp->fd_lastfile = fd_last_set(fdp, fd);
352	}
353	fd_checkmaps(fdp);
354	}
355
356	/*
357	* Look up the file structure corresponding to a file descriptor
358	* and return the file, holding a reference on the descriptor.
359	*/
360	file_t *
361	fd_getfile(unsigned fd)
362	{
363	filedesc_t *fdp;
364	fdfile_t *ff;
365	file_t *fp;
366	fdtab_t *dt;
367
368	/*
369	* Look up the fdfile structure representing this descriptor.
370	* We are doing this unlocked. See fd_tryexpand().
371	*/
372	fdp = curlwp->l_fd;
373	dt = fdp->fd_dt;
374	if (__predict_false(fd >= dt->dt_nfiles)) {
375	return NULL;
376	}
377	ff = dt->dt_ff[fd];
378	KASSERT(fd >= NDFDFILE \|\| ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
379	if (__predict_false(ff == NULL)) {
380	return NULL;
381	}
382
383	/ Now get a reference to the descriptor. /
384	if (fdp->fd_refcnt == `1`) {
385	/*
386	* Single threaded: don't need to worry about concurrent
387	* access (other than earlier calls to kqueue, which may
388	* hold a reference to the descriptor).
389	*/
390	ff->ff_refcnt++;
391	} else {
392	/*
393	* Multi threaded: issue a memory barrier to ensure that we
394	* acquire the file pointer _after_ adding a reference. If
395	* no memory barrier, we could fetch a stale pointer.
396	*/
397	atomic_inc_uint(&ff->ff_refcnt);
398	#ifndef __HAVE_ATOMIC_AS_MEMBAR
399	membar_enter();
400	#endif
401	}
402
403	/*
404	* If the file is not open or is being closed then put the
405	* reference back.
406	*/
407	fp = ff->ff_file;
408	if (__predict_true(fp != NULL)) {
409	return fp;
410	}
411	fd_putfile(fd);
412	return NULL;
413	}
414
415	/*
416	* Release a reference to a file descriptor acquired with fd_getfile().
417	*/
418	void
419	fd_putfile(unsigned fd)
420	{
421	filedesc_t *fdp;
422	fdfile_t *ff;
423	u_int u, v;
424
425	fdp = curlwp->l_fd;
426	ff = fdp->fd_dt->dt_ff[fd];
427
428	KASSERT(fd < fdp->fd_dt->dt_nfiles);
429	KASSERT(ff != NULL);
430	KASSERT((ff->ff_refcnt & FR_MASK) > `0`);
431	KASSERT(fd >= NDFDFILE \|\| ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
432
433	if (fdp->fd_refcnt == `1`) {
434	/*
435	* Single threaded: don't need to worry about concurrent
436	* access (other than earlier calls to kqueue, which may
437	* hold a reference to the descriptor).
438	*/
439	if (__predict_false((ff->ff_refcnt & FR_CLOSING) != `0`)) {
440	fd_close(fd);
441	return;
442	}
443	ff->ff_refcnt--;
444	return;
445	}
446
447	/*
448	* Ensure that any use of the file is complete and globally
449	* visible before dropping the final reference. If no membar,
450	* the current CPU could still access memory associated with
451	* the file after it has been freed or recycled by another
452	* CPU.
453	*/
454	#ifndef __HAVE_ATOMIC_AS_MEMBAR
455	membar_exit();
456	#endif
457
458	/*
459	* Be optimistic and start out with the assumption that no other
460	* threads are trying to close the descriptor. If the CAS fails,
461	* we lost a race and/or it's being closed.
462	*/
463	for (u = ff->ff_refcnt & FR_MASK;; u = v) {
464	v = atomic_cas_uint(&ff->ff_refcnt, u, u - `1`);
465	if (__predict_true(u == v)) {
466	return;
467	}
468	if (__predict_false((v & FR_CLOSING) != `0`)) {
469	break;
470	}
471	}
472
473	/ Another thread is waiting to close the file: join it. /
474	(void)fd_close(fd);
475	}
476
477	/*
478	* Convenience wrapper around fd_getfile() that returns reference
479	* to a vnode.
480	*/
481	int
482	fd_getvnode(unsigned fd, file_t **fpp)
483	{
484	vnode_t *vp;
485	file_t *fp;
486
487	fp = fd_getfile(fd);
488	if (__predict_false(fp == NULL)) {
489	return EBADF;
490	}
491	if (__predict_false(fp->f_type != DTYPE_VNODE)) {
492	fd_putfile(fd);
493	return EINVAL;
494	}
495	vp = fp->f_vnode;
496	if (__predict_false(vp->v_type == VBAD)) {
497	/ XXX Is this case really necessary? /
498	fd_putfile(fd);
499	return EBADF;
500	}
501	*fpp = fp;
502	return `0`;
503	}
504
505	/*
506	* Convenience wrapper around fd_getfile() that returns reference
507	* to a socket.
508	*/
509	int
510	fd_getsock1(unsigned fd, struct socket sop, file_t fp)
511	{
512	*fp = fd_getfile(fd);
513	if (__predict_false(*fp == NULL)) {
514	return EBADF;
515	}
516	if (__predict_false((*fp)->f_type != DTYPE_SOCKET)) {
517	fd_putfile(fd);
518	return ENOTSOCK;
519	}
520	sop = (fp)->f_socket;
521	return `0`;
522	}
523
524	int
525	fd_getsock(unsigned fd, struct socket **sop)
526	{
527	file_t *fp;
528	return fd_getsock1(fd, sop, &fp);
529	}
530
531	/*
532	* Look up the file structure corresponding to a file descriptor
533	* and return it with a reference held on the file, not the
534	* descriptor.
535	*
536	* This is heavyweight and only used when accessing descriptors
537	* from a foreign process. The caller must ensure that `p' does
538	* not exit or fork across this call.
539	*
540	* To release the file (not descriptor) reference, use closef().
541	*/
542	file_t *
543	fd_getfile2(proc_t p, unsigned* fd)
544	{
545	filedesc_t *fdp;
546	fdfile_t *ff;
547	file_t *fp;
548	fdtab_t *dt;
549
550	fdp = p->p_fd;
551	mutex_enter(&fdp->fd_lock);
552	dt = fdp->fd_dt;
553	if (fd >= dt->dt_nfiles) {
554	mutex_exit(&fdp->fd_lock);
555	return NULL;
556	}
557	if ((ff = dt->dt_ff[fd]) == NULL) {
558	mutex_exit(&fdp->fd_lock);
559	return NULL;
560	}
561	if ((fp = ff->ff_file) == NULL) {
562	mutex_exit(&fdp->fd_lock);
563	return NULL;
564	}
565	mutex_enter(&fp->f_lock);
566	fp->f_count++;
567	mutex_exit(&fp->f_lock);
568	mutex_exit(&fdp->fd_lock);
569
570	return fp;
571	}
572
573	/*
574	* Internal form of close. Must be called with a reference to the
575	* descriptor, and will drop the reference. When all descriptor
576	* references are dropped, releases the descriptor slot and a single
577	* reference to the file structure.
578	*/
579	int
580	fd_close(unsigned fd)
581	{
582	struct flock lf;
583	filedesc_t *fdp;
584	fdfile_t *ff;
585	file_t *fp;
586	proc_t *p;
587	lwp_t *l;
588	u_int refcnt;
589
590	l = curlwp;
591	p = l->l_proc;
592	fdp = l->l_fd;
593	ff = fdp->fd_dt->dt_ff[fd];
594
595	KASSERT(fd >= NDFDFILE \|\| ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
596
597	mutex_enter(&fdp->fd_lock);
598	KASSERT((ff->ff_refcnt & FR_MASK) > `0`);
599	if (__predict_false(ff->ff_file == NULL)) {
600	/*
601	* Another user of the file is already closing, and is
602	* waiting for other users of the file to drain. Release
603	* our reference, and wake up the closer.
604	*/
605	atomic_dec_uint(&ff->ff_refcnt);
606	cv_broadcast(&ff->ff_closing);
607	mutex_exit(&fdp->fd_lock);
608
609	/*
610	* An application error, so pretend that the descriptor
611	* was already closed. We can't safely wait for it to
612	* be closed without potentially deadlocking.
613	*/
614	return (EBADF);
615	}
616	KASSERT((ff->ff_refcnt & FR_CLOSING) == `0`);
617
618	/*
619	* There may be multiple users of this file within the process.
620	* Notify existing and new users that the file is closing. This
621	* will prevent them from adding additional uses to this file
622	* while we are closing it.
623	*/
624	fp = ff->ff_file;
625	ff->ff_file = NULL;
626	ff->ff_exclose = false;
627
628	/*
629	* We expect the caller to hold a descriptor reference - drop it.
630	* The reference count may increase beyond zero at this point due
631	* to an erroneous descriptor reference by an application, but
632	* fd_getfile() will notice that the file is being closed and drop
633	* the reference again.
634	*/
635	if (fdp->fd_refcnt == `1`) {
636	/ Single threaded. /
637	refcnt = --(ff->ff_refcnt);
638	} else {
639	/ Multi threaded. /
640	#ifndef __HAVE_ATOMIC_AS_MEMBAR
641	membar_producer();
642	#endif
643	refcnt = atomic_dec_uint_nv(&ff->ff_refcnt);
644	}
645	if (__predict_false(refcnt != `0`)) {
646	/*
647	* Wait for other references to drain. This is typically
648	* an application error - the descriptor is being closed
649	* while still in use.
650	* (Or just a threaded application trying to unblock its
651	* thread that sleeps in (say) accept()).
652	*/
653	atomic_or_uint(&ff->ff_refcnt, FR_CLOSING);
654
655	/*
656	* Remove any knotes attached to the file. A knote
657	* attached to the descriptor can hold references on it.
658	*/
659	mutex_exit(&fdp->fd_lock);
660	if (!SLIST_EMPTY(&ff->ff_knlist)) {
661	knote_fdclose(fd);
662	}
663
664	/*
665	* Since the file system code doesn't know which fd
666	* each request came from (think dup()), we have to
667	* ask it to return ERESTART for any long-term blocks.
668	* The re-entry through read/write/etc will detect the
669	* closed fd and return EBAFD.
670	* Blocked partial writes may return a short length.
671	*/
672	(*fp->f_ops->fo_restart)(fp);
673	mutex_enter(&fdp->fd_lock);
674
675	/*
676	* We need to see the count drop to zero at least once,
677	* in order to ensure that all pre-existing references
678	* have been drained. New references past this point are
679	* of no interest.
680	* XXX (dsl) this may need to call fo_restart() after a
681	* timeout to guarantee that all the system calls exit.
682	*/
683	while ((ff->ff_refcnt & FR_MASK) != `0`) {
684	cv_wait(&ff->ff_closing, &fdp->fd_lock);
685	}
686	atomic_and_uint(&ff->ff_refcnt, ~FR_CLOSING);
687	} else {
688	/ If no references, there must be no knotes. /
689	KASSERT(SLIST_EMPTY(&ff->ff_knlist));
690	}
691
692	/*
693	* POSIX record locking dictates that any close releases ALL
694	* locks owned by this process. This is handled by setting
695	* a flag in the unlock to free ONLY locks obeying POSIX
696	* semantics, and not to free BSD-style file locks.
697	* If the descriptor was in a message, POSIX-style locks
698	* aren't passed with the descriptor.
699	*/
700	if (__predict_false((p->p_flag & PK_ADVLOCK) != `0` &&
701	fp->f_type == DTYPE_VNODE)) {
702	lf.l_whence = SEEK_SET;
703	lf.l_start = `0`;
704	lf.l_len = `0`;
705	lf.l_type = F_UNLCK;
706	mutex_exit(&fdp->fd_lock);
707	(void)VOP_ADVLOCK(fp->f_vnode, p, F_UNLCK, &lf, F_POSIX);
708	mutex_enter(&fdp->fd_lock);
709	}
710
711	/ Free descriptor slot. /
712	fd_unused(fdp, fd);
713	mutex_exit(&fdp->fd_lock);
714
715	/ Now drop reference to the file itself. /
716	return closef(fp);
717	}
718
719	/*
720	* Duplicate a file descriptor.
721	*/
722	int
723	fd_dup(file_t fp, int* minfd, int *newp, bool exclose)
724	{
725	proc_t *p = curproc;
726	int error;
727
728	while ((error = fd_alloc(p, minfd, newp)) != `0`) {
729	if (error != ENOSPC) {
730	return error;
731	}
732	fd_tryexpand(p);
733	}
734
735	curlwp->l_fd->fd_dt->dt_ff[*newp]->ff_exclose = exclose;
736	fd_affix(p, fp, *newp);
737	return `0`;
738	}
739
740	/*
741	* dup2 operation.
742	*/
743	int
744	fd_dup2(file_t fp, unsigned* newfd, int flags)
745	{
746	filedesc_t *fdp = curlwp->l_fd;
747	fdfile_t *ff;
748	fdtab_t *dt;
749
750	if (flags & ~(O_CLOEXEC\|O_NONBLOCK))
751	return EINVAL;
752	/*
753	* Ensure there are enough slots in the descriptor table,
754	* and allocate an fdfile_t up front in case we need it.
755	*/
756	while (newfd >= fdp->fd_dt->dt_nfiles) {
757	fd_tryexpand(curproc);
758	}
759	ff = pool_cache_get(fdfile_cache, PR_WAITOK);
760
761	/*
762	* If there is already a file open, close it. If the file is
763	* half open, wait for it to be constructed before closing it.
764	* XXX Potential for deadlock here?
765	*/
766	mutex_enter(&fdp->fd_lock);
767	while (fd_isused(fdp, newfd)) {
768	mutex_exit(&fdp->fd_lock);
769	if (fd_getfile(newfd) != NULL) {
770	(void)fd_close(newfd);
771	} else {
772	/*
773	* Crummy, but unlikely to happen.
774	* Can occur if we interrupt another
775	* thread while it is opening a file.
776	*/
777	kpause("dup2", false, `1`, NULL);
778	}
779	mutex_enter(&fdp->fd_lock);
780	}
781	dt = fdp->fd_dt;
782	if (dt->dt_ff[newfd] == NULL) {
783	KASSERT(newfd >= NDFDFILE);
784	dt->dt_ff[newfd] = ff;
785	ff = NULL;
786	}
787	fd_used(fdp, newfd);
788	mutex_exit(&fdp->fd_lock);
789
790	dt->dt_ff[newfd]->ff_exclose = (flags & O_CLOEXEC) != `0`;
791	fp->f_flag \|= flags & FNONBLOCK;
792	/ Slot is now allocated. Insert copy of the file. /
793	fd_affix(curproc, fp, newfd);
794	if (ff != NULL) {
795	pool_cache_put(fdfile_cache, ff);
796	}
797	return `0`;
798	}
799
800	/*
801	* Drop reference to a file structure.
802	*/
803	int
804	closef(file_t *fp)
805	{
806	struct flock lf;
807	int error;
808
809	/*
810	* Drop reference. If referenced elsewhere it's still open
811	* and we have nothing more to do.
812	*/
813	mutex_enter(&fp->f_lock);
814	KASSERT(fp->f_count > `0`);
815	if (--fp->f_count > `0`) {
816	mutex_exit(&fp->f_lock);
817	return `0`;
818	}
819	KASSERT(fp->f_count == `0`);
820	mutex_exit(&fp->f_lock);
821
822	/ We held the last reference - release locks, close and free. /
823	if ((fp->f_flag & FHASLOCK) && fp->f_type == DTYPE_VNODE) {
824	lf.l_whence = SEEK_SET;
825	lf.l_start = `0`;
826	lf.l_len = `0`;
827	lf.l_type = F_UNLCK;
828	(void)VOP_ADVLOCK(fp->f_vnode, fp, F_UNLCK, &lf, F_FLOCK);
829	}
830	if (fp->f_ops != NULL) {
831	error = (*fp->f_ops->fo_close)(fp);
832	} else {
833	error = `0`;
834	}
835	KASSERT(fp->f_count == `0`);
836	KASSERT(fp->f_cred != NULL);
837	pool_cache_put(file_cache, fp);
838
839	return error;
840	}
841
842	/*
843	* Allocate a file descriptor for the process.
844	*/
845	int
846	fd_alloc(proc_t p, int* want, int *result)
847	{
848	filedesc_t *fdp = p->p_fd;
849	int i, lim, last, error, hi;
850	u_int off;
851	fdtab_t *dt;
852
853	KASSERT(p == curproc \|\| p == &proc0);
854
855	/*
856	* Search for a free descriptor starting at the higher
857	* of want or fd_freefile.
858	*/
859	mutex_enter(&fdp->fd_lock);
860	fd_checkmaps(fdp);
861	dt = fdp->fd_dt;
862	KASSERT(dt->dt_ff[`0`] == (fdfile_t *)fdp->fd_dfdfile[`0`]);
863	lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfiles);
864	last = min(dt->dt_nfiles, lim);
865	for (;;) {
866	if ((i = want) < fdp->fd_freefile)
867	i = fdp->fd_freefile;
868	off = i >> NDENTRYSHIFT;
869	hi = fd_next_zero(fdp, fdp->fd_himap, off,
870	(last + NDENTRIES - `1`) >> NDENTRYSHIFT);
871	if (hi == -`1`)
872	break;
873	i = fd_next_zero(fdp, &fdp->fd_lomap[hi],
874	hi > off ? `0` : i & NDENTRYMASK, NDENTRIES);
875	if (i == -`1`) {
876	/*
877	* Free file descriptor in this block was
878	* below want, try again with higher want.
879	*/
880	want = (hi + `1`) << NDENTRYSHIFT;
881	continue;
882	}
883	i += (hi << NDENTRYSHIFT);
884	if (i >= last) {
885	break;
886	}
887	if (dt->dt_ff[i] == NULL) {
888	KASSERT(i >= NDFDFILE);
889	dt->dt_ff[i] = pool_cache_get(fdfile_cache, PR_WAITOK);
890	}
891	KASSERT(dt->dt_ff[i]->ff_file == NULL);
892	fd_used(fdp, i);
893	if (want <= fdp->fd_freefile) {
894	fdp->fd_freefile = i;
895	}
896	*result = i;
897	KASSERT(i >= NDFDFILE \|\|
898	dt->dt_ff[i] == (fdfile_t *)fdp->fd_dfdfile[i]);
899	fd_checkmaps(fdp);
900	mutex_exit(&fdp->fd_lock);
901	return `0`;
902	}
903
904	/ No space in current array. Let the caller expand and retry. /
905	error = (dt->dt_nfiles >= lim) ? EMFILE : ENOSPC;
906	mutex_exit(&fdp->fd_lock);
907	return error;
908	}
909
910	/*
911	* Allocate memory for a descriptor table.
912	*/
913	static fdtab_t *
914	fd_dtab_alloc(int n)
915	{
916	fdtab_t *dt;
917	size_t sz;
918
919	KASSERT(n > NDFILE);
920
921	sz = sizeof(dt) + (n - NDFILE) sizeof(dt->dt_ff[`0`]);
922	dt = kmem_alloc(sz, KM_SLEEP);
923	#ifdef DIAGNOSTIC
924	memset(dt, `0xff`, sz);
925	#endif
926	dt->dt_nfiles = n;
927	dt->dt_link = NULL;
928	return dt;
929	}
930
931	/*
932	* Free a descriptor table, and all tables linked for deferred free.
933	*/
934	static void
935	fd_dtab_free(fdtab_t *dt)
936	{
937	fdtab_t *next;
938	size_t sz;
939
940	do {
941	next = dt->dt_link;
942	KASSERT(dt->dt_nfiles > NDFILE);
943	sz = sizeof(*dt) +
944	(dt->dt_nfiles - NDFILE) * sizeof(dt->dt_ff[`0`]);
945	#ifdef DIAGNOSTIC
946	memset(dt, `0xff`, sz);
947	#endif
948	kmem_free(dt, sz);
949	dt = next;
950	} while (dt != NULL);
951	}
952
953	/*
954	* Allocate descriptor bitmap.
955	*/
956	static void
957	fd_map_alloc(int n, uint32_t lo, uint32_t hi)
958	{
959	uint8_t *ptr;
960	size_t szlo, szhi;
961
962	KASSERT(n > NDENTRIES);
963
964	szlo = NDLOSLOTS(n) * sizeof(uint32_t);
965	szhi = NDHISLOTS(n) * sizeof(uint32_t);
966	ptr = kmem_alloc(szlo + szhi, KM_SLEEP);
967	lo = (uint32_t )ptr;
968	hi = (uint32_t )(ptr + szlo);
969	}
970
971	/*
972	* Free descriptor bitmap.
973	*/
974	static void
975	fd_map_free(int n, uint32_t lo, uint32_t hi)
976	{
977	size_t szlo, szhi;
978
979	KASSERT(n > NDENTRIES);
980
981	szlo = NDLOSLOTS(n) * sizeof(uint32_t);
982	szhi = NDHISLOTS(n) * sizeof(uint32_t);
983	KASSERT(hi == (uint32_t )((uint8_t )lo + szlo));
984	kmem_free(lo, szlo + szhi);
985	}
986
987	/*
988	* Expand a process' descriptor table.
989	*/
990	void
991	fd_tryexpand(proc_t *p)
992	{
993	filedesc_t *fdp;
994	int i, numfiles, oldnfiles;
995	fdtab_t newdt, dt;
996	uint32_t newhimap, newlomap;
997
998	KASSERT(p == curproc \|\| p == &proc0);
999
1000	fdp = p->p_fd;
1001	newhimap = NULL;
1002	newlomap = NULL;
1003	oldnfiles = fdp->fd_dt->dt_nfiles;
1004
1005	if (oldnfiles < NDEXTENT)
1006	numfiles = NDEXTENT;
1007	else
1008	numfiles = `2` * oldnfiles;
1009
1010	newdt = fd_dtab_alloc(numfiles);
1011	if (NDHISLOTS(numfiles) > NDHISLOTS(oldnfiles)) {
1012	fd_map_alloc(numfiles, &newlomap, &newhimap);
1013	}
1014
1015	mutex_enter(&fdp->fd_lock);
1016	dt = fdp->fd_dt;
1017	KASSERT(dt->dt_ff[`0`] == (fdfile_t *)fdp->fd_dfdfile[`0`]);
1018	if (dt->dt_nfiles != oldnfiles) {
1019	/ fdp changed; caller must retry /
1020	mutex_exit(&fdp->fd_lock);
1021	fd_dtab_free(newdt);
1022	if (NDHISLOTS(numfiles) > NDHISLOTS(oldnfiles)) {
1023	fd_map_free(numfiles, newlomap, newhimap);
1024	}
1025	return;
1026	}
1027
1028	/ Copy the existing descriptor table and zero the new portion. /
1029	i = sizeof(fdfile_t ) oldnfiles;
1030	memcpy(newdt->dt_ff, dt->dt_ff, i);
1031	memset((uint8_t *)newdt->dt_ff + i, `0`,
1032	numfiles * sizeof(fdfile_t *) - i);
1033
1034	/*
1035	* Link old descriptor array into list to be discarded. We defer
1036	* freeing until the last reference to the descriptor table goes
1037	* away (usually process exit). This allows us to do lockless
1038	* lookups in fd_getfile().
1039	*/
1040	if (oldnfiles > NDFILE) {
1041	if (fdp->fd_refcnt > `1`) {
1042	newdt->dt_link = dt;
1043	} else {
1044	fd_dtab_free(dt);
1045	}
1046	}
1047
1048	if (NDHISLOTS(numfiles) > NDHISLOTS(oldnfiles)) {
1049	i = NDHISLOTS(oldnfiles) * sizeof(uint32_t);
1050	memcpy(newhimap, fdp->fd_himap, i);
1051	memset((uint8_t *)newhimap + i, `0`,
1052	NDHISLOTS(numfiles) * sizeof(uint32_t) - i);
1053
1054	i = NDLOSLOTS(oldnfiles) * sizeof(uint32_t);
1055	memcpy(newlomap, fdp->fd_lomap, i);
1056	memset((uint8_t *)newlomap + i, `0`,
1057	NDLOSLOTS(numfiles) * sizeof(uint32_t) - i);
1058
1059	if (NDHISLOTS(oldnfiles) > NDHISLOTS(NDFILE)) {
1060	fd_map_free(oldnfiles, fdp->fd_lomap, fdp->fd_himap);
1061	}
1062	fdp->fd_himap = newhimap;
1063	fdp->fd_lomap = newlomap;
1064	}
1065
1066	/*
1067	* All other modifications must become globally visible before
1068	* the change to fd_dt. See fd_getfile().
1069	*/
1070	membar_producer();
1071	fdp->fd_dt = newdt;
1072	KASSERT(newdt->dt_ff[`0`] == (fdfile_t *)fdp->fd_dfdfile[`0`]);
1073	fd_checkmaps(fdp);
1074	mutex_exit(&fdp->fd_lock);
1075	}
1076
1077	/*
1078	* Create a new open file structure and allocate a file descriptor
1079	* for the current process.
1080	*/
1081	int
1082	fd_allocfile(file_t *resultfp, int* *resultfd)
1083	{
1084	proc_t *p = curproc;
1085	kauth_cred_t cred;
1086	file_t *fp;
1087	int error;
1088
1089	while ((error = fd_alloc(p, `0`, resultfd)) != `0`) {
1090	if (error != ENOSPC) {
1091	return error;
1092	}
1093	fd_tryexpand(p);
1094	}
1095
1096	fp = pool_cache_get(file_cache, PR_WAITOK);
1097	if (fp == NULL) {
1098	fd_abort(p, NULL, *resultfd);
1099	return ENFILE;
1100	}
1101	KASSERT(fp->f_count == `0`);
1102	KASSERT(fp->f_msgcount == `0`);
1103	KASSERT(fp->f_unpcount == `0`);
1104
1105	/ Replace cached credentials if not what we need. /
1106	cred = curlwp->l_cred;
1107	if (__predict_false(cred != fp->f_cred)) {
1108	kauth_cred_free(fp->f_cred);
1109	kauth_cred_hold(cred);
1110	fp->f_cred = cred;
1111	}
1112
1113	/*
1114	* Don't allow recycled files to be scanned.
1115	* See uipc_usrreq.c.
1116	*/
1117	if (__predict_false((fp->f_flag & FSCAN) != `0`)) {
1118	mutex_enter(&fp->f_lock);
1119	atomic_and_uint(&fp->f_flag, ~FSCAN);
1120	mutex_exit(&fp->f_lock);
1121	}
1122
1123	fp->f_advice = `0`;
1124	fp->f_offset = `0`;
1125	*resultfp = fp;
1126
1127	return `0`;
1128	}
1129
1130	/*
1131	* Successful creation of a new descriptor: make visible to the process.
1132	*/
1133	void
1134	fd_affix(proc_t p, file_t fp, unsigned fd)
1135	{
1136	fdfile_t *ff;
1137	filedesc_t *fdp;
1138
1139	KASSERT(p == curproc \|\| p == &proc0);
1140
1141	/ Add a reference to the file structure. /
1142	mutex_enter(&fp->f_lock);
1143	fp->f_count++;
1144	mutex_exit(&fp->f_lock);
1145
1146	/*
1147	* Insert the new file into the descriptor slot.
1148	*
1149	* The memory barriers provided by lock activity in this routine
1150	* ensure that any updates to the file structure become globally
1151	* visible before the file becomes visible to other LWPs in the
1152	* current process.
1153	*/
1154	fdp = p->p_fd;
1155	ff = fdp->fd_dt->dt_ff[fd];
1156
1157	KASSERT(ff != NULL);
1158	KASSERT(ff->ff_file == NULL);
1159	KASSERT(ff->ff_allocated);
1160	KASSERT(fd_isused(fdp, fd));
1161	KASSERT(fd >= NDFDFILE \|\| ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
1162
1163	/ No need to lock in order to make file initially visible. /
1164	ff->ff_file = fp;
1165	}
1166
1167	/*
1168	* Abort creation of a new descriptor: free descriptor slot and file.
1169	*/
1170	void
1171	fd_abort(proc_t p, file_t fp, unsigned fd)
1172	{
1173	filedesc_t *fdp;
1174	fdfile_t *ff;
1175
1176	KASSERT(p == curproc \|\| p == &proc0);
1177
1178	fdp = p->p_fd;
1179	ff = fdp->fd_dt->dt_ff[fd];
1180	ff->ff_exclose = false;
1181
1182	KASSERT(fd >= NDFDFILE \|\| ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
1183
1184	mutex_enter(&fdp->fd_lock);
1185	KASSERT(fd_isused(fdp, fd));
1186	fd_unused(fdp, fd);
1187	mutex_exit(&fdp->fd_lock);
1188
1189	if (fp != NULL) {
1190	KASSERT(fp->f_count == `0`);
1191	KASSERT(fp->f_cred != NULL);
1192	pool_cache_put(file_cache, fp);
1193	}
1194	}
1195
1196	static int
1197	file_ctor(void arg, void* obj, int* flags)
1198	{
1199	file_t *fp = obj;
1200
1201	memset(fp, `0`, sizeof(*fp));
1202
1203	mutex_enter(&filelist_lock);
1204	if (__predict_false(nfiles >= maxfiles)) {
1205	mutex_exit(&filelist_lock);
1206	tablefull("file", "increase kern.maxfiles or MAXFILES");
1207	return ENFILE;
1208	}
1209	nfiles++;
1210	LIST_INSERT_HEAD(&filehead, fp, f_list);
1211	mutex_init(&fp->f_lock, MUTEX_DEFAULT, IPL_NONE);
1212	fp->f_cred = curlwp->l_cred;
1213	kauth_cred_hold(fp->f_cred);
1214	mutex_exit(&filelist_lock);
1215
1216	return `0`;
1217	}
1218
1219	static void
1220	file_dtor(void arg, void* *obj)
1221	{
1222	file_t *fp = obj;
1223
1224	mutex_enter(&filelist_lock);
1225	nfiles--;
1226	LIST_REMOVE(fp, f_list);
1227	mutex_exit(&filelist_lock);
1228
1229	kauth_cred_free(fp->f_cred);
1230	mutex_destroy(&fp->f_lock);
1231	}
1232
1233	static int
1234	fdfile_ctor(void arg, void* obj, int* flags)
1235	{
1236	fdfile_t *ff = obj;
1237
1238	memset(ff, `0`, sizeof(*ff));
1239	cv_init(&ff->ff_closing, "fdclose");
1240
1241	return `0`;
1242	}
1243
1244	static void
1245	fdfile_dtor(void arg, void* *obj)
1246	{
1247	fdfile_t *ff = obj;
1248
1249	cv_destroy(&ff->ff_closing);
1250	}
1251
1252	file_t *
1253	fgetdummy(void)
1254	{
1255	file_t *fp;
1256
1257	fp = kmem_zalloc(sizeof(*fp), KM_SLEEP);
1258	if (fp != NULL) {
1259	mutex_init(&fp->f_lock, MUTEX_DEFAULT, IPL_NONE);
1260	}
1261	return fp;
1262	}
1263
1264	void
1265	fputdummy(file_t *fp)
1266	{
1267
1268	mutex_destroy(&fp->f_lock);
1269	kmem_free(fp, sizeof(*fp));
1270	}
1271
1272	/*
1273	* Create an initial filedesc structure.
1274	*/
1275	filedesc_t *
1276	fd_init(filedesc_t *fdp)
1277	{
1278	#ifdef DIAGNOSTIC
1279	unsigned fd;
1280	#endif
1281
1282	if (__predict_true(fdp == NULL)) {
1283	fdp = pool_cache_get(filedesc_cache, PR_WAITOK);
1284	} else {
1285	KASSERT(fdp == &filedesc0);
1286	filedesc_ctor(NULL, fdp, PR_WAITOK);
1287	}
1288
1289	#ifdef DIAGNOSTIC
1290	KASSERT(fdp->fd_lastfile == -`1`);
1291	KASSERT(fdp->fd_lastkqfile == -`1`);
1292	KASSERT(fdp->fd_knhash == NULL);
1293	KASSERT(fdp->fd_freefile == `0`);
1294	KASSERT(fdp->fd_exclose == false);
1295	KASSERT(fdp->fd_dt == &fdp->fd_dtbuiltin);
1296	KASSERT(fdp->fd_dtbuiltin.dt_nfiles == NDFILE);
1297	for (fd = `0`; fd < NDFDFILE; fd++) {
1298	KASSERT(fdp->fd_dtbuiltin.dt_ff[fd] ==
1299	(fdfile_t *)fdp->fd_dfdfile[fd]);
1300	}
1301	for (fd = NDFDFILE; fd < NDFILE; fd++) {
1302	KASSERT(fdp->fd_dtbuiltin.dt_ff[fd] == NULL);
1303	}
1304	KASSERT(fdp->fd_himap == fdp->fd_dhimap);
1305	KASSERT(fdp->fd_lomap == fdp->fd_dlomap);
1306	#endif /* DIAGNOSTIC */
1307
1308	fdp->fd_refcnt = `1`;
1309	fd_checkmaps(fdp);
1310
1311	return fdp;
1312	}
1313
1314	/*
1315	* Initialize a file descriptor table.
1316	*/
1317	static int
1318	filedesc_ctor(void arg, void* obj, int* flag)
1319	{
1320	filedesc_t *fdp = obj;
1321	fdfile_t **ffp;
1322	int i;
1323
1324	memset(fdp, `0`, sizeof(*fdp));
1325	mutex_init(&fdp->fd_lock, MUTEX_DEFAULT, IPL_NONE);
1326	fdp->fd_lastfile = -`1`;
1327	fdp->fd_lastkqfile = -`1`;
1328	fdp->fd_dt = &fdp->fd_dtbuiltin;
1329	fdp->fd_dtbuiltin.dt_nfiles = NDFILE;
1330	fdp->fd_himap = fdp->fd_dhimap;
1331	fdp->fd_lomap = fdp->fd_dlomap;
1332
1333	CTASSERT(sizeof(fdp->fd_dfdfile[`0`]) >= sizeof(fdfile_t));
1334	for (i = `0`, ffp = fdp->fd_dt->dt_ff; i < NDFDFILE; i++, ffp++) {
1335	ffp = (fdfile_t )fdp->fd_dfdfile[i];
1336	(void)fdfile_ctor(NULL, fdp->fd_dfdfile[i], PR_WAITOK);
1337	}
1338
1339	return `0`;
1340	}
1341
1342	static void
1343	filedesc_dtor(void arg, void* *obj)
1344	{
1345	filedesc_t *fdp = obj;
1346	int i;
1347
1348	for (i = `0`; i < NDFDFILE; i++) {
1349	fdfile_dtor(NULL, fdp->fd_dfdfile[i]);
1350	}
1351
1352	mutex_destroy(&fdp->fd_lock);
1353	}
1354
1355	/*
1356	* Make p share curproc's filedesc structure.
1357	*/
1358	void
1359	fd_share(struct proc *p)
1360	{
1361	filedesc_t *fdp;
1362
1363	fdp = curlwp->l_fd;
1364	p->p_fd = fdp;
1365	atomic_inc_uint(&fdp->fd_refcnt);
1366	}
1367
1368	/*
1369	* Acquire a hold on a filedesc structure.
1370	*/
1371	void
1372	fd_hold(lwp_t *l)
1373	{
1374	filedesc_t *fdp = l->l_fd;
1375
1376	atomic_inc_uint(&fdp->fd_refcnt);
1377	}
1378
1379	/*
1380	* Copy a filedesc structure.
1381	*/
1382	filedesc_t *
1383	fd_copy(void)
1384	{
1385	filedesc_t newfdp, fdp;
1386	fdfile_t ff, ffp, nffp, ff2;
1387	int i, j, numfiles, lastfile, newlast;
1388	file_t *fp;
1389	fdtab_t *newdt;
1390
1391	fdp = curproc->p_fd;
1392	newfdp = pool_cache_get(filedesc_cache, PR_WAITOK);
1393	newfdp->fd_refcnt = `1`;
1394
1395	#ifdef DIAGNOSTIC
1396	KASSERT(newfdp->fd_lastfile == -`1`);
1397	KASSERT(newfdp->fd_lastkqfile == -`1`);
1398	KASSERT(newfdp->fd_knhash == NULL);
1399	KASSERT(newfdp->fd_freefile == `0`);
1400	KASSERT(newfdp->fd_exclose == false);
1401	KASSERT(newfdp->fd_dt == &newfdp->fd_dtbuiltin);
1402	KASSERT(newfdp->fd_dtbuiltin.dt_nfiles == NDFILE);
1403	for (i = `0`; i < NDFDFILE; i++) {
1404	KASSERT(newfdp->fd_dtbuiltin.dt_ff[i] ==
1405	(fdfile_t *)&newfdp->fd_dfdfile[i]);
1406	}
1407	for (i = NDFDFILE; i < NDFILE; i++) {
1408	KASSERT(newfdp->fd_dtbuiltin.dt_ff[i] == NULL);
1409	}
1410	#endif /* DIAGNOSTIC */
1411
1412	mutex_enter(&fdp->fd_lock);
1413	fd_checkmaps(fdp);
1414	numfiles = fdp->fd_dt->dt_nfiles;
1415	lastfile = fdp->fd_lastfile;
1416
1417	/*
1418	* If the number of open files fits in the internal arrays
1419	* of the open file structure, use them, otherwise allocate
1420	* additional memory for the number of descriptors currently
1421	* in use.
1422	*/
1423	if (lastfile < NDFILE) {
1424	i = NDFILE;
1425	newdt = newfdp->fd_dt;
1426	KASSERT(newfdp->fd_dt == &newfdp->fd_dtbuiltin);
1427	} else {
1428	/*
1429	* Compute the smallest multiple of NDEXTENT needed
1430	* for the file descriptors currently in use,
1431	* allowing the table to shrink.
1432	*/
1433	i = numfiles;
1434	while (i >= `2` * NDEXTENT && i > lastfile * `2`) {
1435	i /= `2`;
1436	}
1437	KASSERT(i > NDFILE);
1438	newdt = fd_dtab_alloc(i);
1439	newfdp->fd_dt = newdt;
1440	memcpy(newdt->dt_ff, newfdp->fd_dtbuiltin.dt_ff,
1441	NDFDFILE * sizeof(fdfile_t **));
1442	memset(newdt->dt_ff + NDFDFILE, `0`,
1443	(i - NDFDFILE) * sizeof(fdfile_t **));
1444	}
1445	if (NDHISLOTS(i) <= NDHISLOTS(NDFILE)) {
1446	newfdp->fd_himap = newfdp->fd_dhimap;
1447	newfdp->fd_lomap = newfdp->fd_dlomap;
1448	} else {
1449	fd_map_alloc(i, &newfdp->fd_lomap, &newfdp->fd_himap);
1450	KASSERT(i >= NDENTRIES * NDENTRIES);
1451	memset(newfdp->fd_himap, `0`, NDHISLOTS(i)*sizeof(uint32_t));
1452	memset(newfdp->fd_lomap, `0`, NDLOSLOTS(i)*sizeof(uint32_t));
1453	}
1454	newfdp->fd_freefile = fdp->fd_freefile;
1455	newfdp->fd_exclose = fdp->fd_exclose;
1456
1457	ffp = fdp->fd_dt->dt_ff;
1458	nffp = newdt->dt_ff;
1459	newlast = -`1`;
1460	for (i = `0`; i <= lastfile; i++, ffp++, nffp++) {
1461	KASSERT(i >= NDFDFILE \|\|
1462	nffp == (fdfile_t )newfdp->fd_dfdfile[i]);
1463	ff = *ffp;
1464	if (ff == NULL \|\| (fp = ff->ff_file) == NULL) {
1465	/ Descriptor unused, or descriptor half open. /
1466	KASSERT(!fd_isused(newfdp, i));
1467	continue;
1468	}
1469	if (__predict_false(fp->f_type == DTYPE_KQUEUE)) {
1470	/ kqueue descriptors cannot be copied. /
1471	if (i < newfdp->fd_freefile) {
1472	newfdp->fd_freefile = i;
1473	}
1474	continue;
1475	}
1476	/ It's active: add a reference to the file. /
1477	mutex_enter(&fp->f_lock);
1478	fp->f_count++;
1479	mutex_exit(&fp->f_lock);
1480
1481	/ Allocate an fdfile_t to represent it. /
1482	if (i >= NDFDFILE) {
1483	ff2 = pool_cache_get(fdfile_cache, PR_WAITOK);
1484	*nffp = ff2;
1485	} else {
1486	ff2 = newdt->dt_ff[i];
1487	}
1488	ff2->ff_file = fp;
1489	ff2->ff_exclose = ff->ff_exclose;
1490	ff2->ff_allocated = true;
1491
1492	/ Fix up bitmaps. /
1493	j = i >> NDENTRYSHIFT;
1494	KASSERT((newfdp->fd_lomap[j] & (`1` << (i & NDENTRYMASK))) == `0`);
1495	newfdp->fd_lomap[j] \|= `1` << (i & NDENTRYMASK);
1496	if (__predict_false(newfdp->fd_lomap[j] == ~`0`)) {
1497	KASSERT((newfdp->fd_himap[j >> NDENTRYSHIFT] &
1498	(`1` << (j & NDENTRYMASK))) == `0`);
1499	newfdp->fd_himap[j >> NDENTRYSHIFT] \|=
1500	`1` << (j & NDENTRYMASK);
1501	}
1502	newlast = i;
1503	}
1504	KASSERT(newdt->dt_ff[`0`] == (fdfile_t *)newfdp->fd_dfdfile[`0`]);
1505	newfdp->fd_lastfile = newlast;
1506	fd_checkmaps(newfdp);
1507	mutex_exit(&fdp->fd_lock);
1508
1509	return newfdp;
1510	}
1511
1512	/*
1513	* Release a filedesc structure.
1514	*/
1515	void
1516	fd_free(void)
1517	{
1518	fdfile_t *ff;
1519	file_t *fp;
1520	int fd, nf;
1521	fdtab_t *dt;
1522	lwp_t * const l = curlwp;
1523	filedesc_t * const fdp = l->l_fd;
1524	const bool noadvlock = (l->l_proc->p_flag & PK_ADVLOCK) == `0`;
1525
1526	KASSERT(fdp->fd_dt->dt_ff[`0`] == (fdfile_t *)fdp->fd_dfdfile[`0`]);
1527	KASSERT(fdp->fd_dtbuiltin.dt_nfiles == NDFILE);
1528	KASSERT(fdp->fd_dtbuiltin.dt_link == NULL);
1529
1530	#ifndef __HAVE_ATOMIC_AS_MEMBAR
1531	membar_exit();
1532	#endif
1533	if (atomic_dec_uint_nv(&fdp->fd_refcnt) > `0`)
1534	return;
1535
1536	/*
1537	* Close any files that the process holds open.
1538	*/
1539	dt = fdp->fd_dt;
1540	fd_checkmaps(fdp);
1541	#ifdef DEBUG
1542	fdp->fd_refcnt = -`1`; / see fd_checkmaps /
1543	#endif
1544	for (fd = `0`, nf = dt->dt_nfiles; fd < nf; fd++) {
1545	ff = dt->dt_ff[fd];
1546	KASSERT(fd >= NDFDFILE \|\|
1547	ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
1548	if (ff == NULL)
1549	continue;
1550	if ((fp = ff->ff_file) != NULL) {
1551	/*
1552	* Must use fd_close() here if there is
1553	* a reference from kqueue or we might have posix
1554	* advisory locks.
1555	*/
1556	if (__predict_true(ff->ff_refcnt == `0`) &&
1557	(noadvlock \|\| fp->f_type != DTYPE_VNODE)) {
1558	ff->ff_file = NULL;
1559	ff->ff_exclose = false;
1560	ff->ff_allocated = false;
1561	closef(fp);
1562	} else {
1563	ff->ff_refcnt++;
1564	fd_close(fd);
1565	}
1566	}
1567	KASSERT(ff->ff_refcnt == `0`);
1568	KASSERT(ff->ff_file == NULL);
1569	KASSERT(!ff->ff_exclose);
1570	KASSERT(!ff->ff_allocated);
1571	if (fd >= NDFDFILE) {
1572	pool_cache_put(fdfile_cache, ff);
1573	dt->dt_ff[fd] = NULL;
1574	}
1575	}
1576
1577	/*
1578	* Clean out the descriptor table for the next user and return
1579	* to the cache.
1580	*/
1581	if (__predict_false(dt != &fdp->fd_dtbuiltin)) {
1582	fd_dtab_free(fdp->fd_dt);
1583	/ Otherwise, done above. /
1584	memset(&fdp->fd_dtbuiltin.dt_ff[NDFDFILE], `0`,
1585	(NDFILE - NDFDFILE) * sizeof(fdp->fd_dtbuiltin.dt_ff[`0`]));
1586	fdp->fd_dt = &fdp->fd_dtbuiltin;
1587	}
1588	if (__predict_false(NDHISLOTS(nf) > NDHISLOTS(NDFILE))) {
1589	KASSERT(fdp->fd_himap != fdp->fd_dhimap);
1590	KASSERT(fdp->fd_lomap != fdp->fd_dlomap);
1591	fd_map_free(nf, fdp->fd_lomap, fdp->fd_himap);
1592	}
1593	if (__predict_false(fdp->fd_knhash != NULL)) {
1594	hashdone(fdp->fd_knhash, HASH_LIST, fdp->fd_knhashmask);
1595	fdp->fd_knhash = NULL;
1596	fdp->fd_knhashmask = `0`;
1597	} else {
1598	KASSERT(fdp->fd_knhashmask == `0`);
1599	}
1600	fdp->fd_dt = &fdp->fd_dtbuiltin;
1601	fdp->fd_lastkqfile = -`1`;
1602	fdp->fd_lastfile = -`1`;
1603	fdp->fd_freefile = `0`;
1604	fdp->fd_exclose = false;
1605	memset(&fdp->fd_startzero, `0`, sizeof(*fdp) -
1606	offsetof(filedesc_t, fd_startzero));
1607	fdp->fd_himap = fdp->fd_dhimap;
1608	fdp->fd_lomap = fdp->fd_dlomap;
1609	KASSERT(fdp->fd_dtbuiltin.dt_nfiles == NDFILE);
1610	KASSERT(fdp->fd_dtbuiltin.dt_link == NULL);
1611	KASSERT(fdp->fd_dt == &fdp->fd_dtbuiltin);
1612	#ifdef DEBUG
1613	fdp->fd_refcnt = `0`; / see fd_checkmaps /
1614	#endif
1615	fd_checkmaps(fdp);
1616	pool_cache_put(filedesc_cache, fdp);
1617	}
1618
1619	/*
1620	* File Descriptor pseudo-device driver (/dev/fd/).
1621	*
1622	* Opening minor device N dup()s the file (if any) connected to file
1623	* descriptor N belonging to the calling process. Note that this driver
1624	* consists of only the ``open()'' routine, because all subsequent
1625	* references to this file will be direct to the other driver.
1626	*/
1627	static int
1628	filedescopen(dev_t dev, int mode, int type, lwp_t *l)
1629	{
1630
1631	/*
1632	* XXX Kludge: set dupfd to contain the value of the
1633	* the file descriptor being sought for duplication. The error
1634	* return ensures that the vnode for this device will be released
1635	* by vn_open. Open will detect this special error and take the
1636	* actions in fd_dupopen below. Other callers of vn_open or VOP_OPEN
1637	* will simply report the error.
1638	*/
1639	l->l_dupfd = minor(dev); / XXX /
1640	return EDUPFD;
1641	}
1642
1643	/*
1644	* Duplicate the specified descriptor to a free descriptor.
1645	*/
1646	int
1647	fd_dupopen(int old, int newp, int* mode, int error)
1648	{
1649	filedesc_t *fdp;
1650	fdfile_t *ff;
1651	file_t *fp;
1652	fdtab_t *dt;
1653
1654	if ((fp = fd_getfile(old)) == NULL) {
1655	return EBADF;
1656	}
1657	fdp = curlwp->l_fd;
1658	dt = fdp->fd_dt;
1659	ff = dt->dt_ff[old];
1660
1661	/*
1662	* There are two cases of interest here.
1663	*
1664	* For EDUPFD simply dup (old) to file descriptor
1665	* (new) and return.
1666	*
1667	* For EMOVEFD steal away the file structure from (old) and
1668	* store it in (new). (old) is effectively closed by
1669	* this operation.
1670	*
1671	* Any other error code is just returned.
1672	*/
1673	switch (error) {
1674	case EDUPFD:
1675	/*
1676	* Check that the mode the file is being opened for is a
1677	* subset of the mode of the existing descriptor.
1678	*/
1679	if (((mode & (FREAD\|FWRITE)) \| fp->f_flag) != fp->f_flag) {
1680	error = EACCES;
1681	break;
1682	}
1683
1684	/ Copy it. /
1685	error = fd_dup(fp, `0`, newp, ff->ff_exclose);
1686	break;
1687
1688	case EMOVEFD:
1689	/ Copy it. /
1690	error = fd_dup(fp, `0`, newp, ff->ff_exclose);
1691	if (error != `0`) {
1692	break;
1693	}
1694
1695	/ Steal away the file pointer from 'old'. /
1696	(void)fd_close(old);
1697	return `0`;
1698	}
1699
1700	fd_putfile(old);
1701	return error;
1702	}
1703
1704	/*
1705	* Close open files on exec.
1706	*/
1707	void
1708	fd_closeexec(void)
1709	{
1710	proc_t *p;
1711	filedesc_t *fdp;
1712	fdfile_t *ff;
1713	lwp_t *l;
1714	fdtab_t *dt;
1715	int fd;
1716
1717	l = curlwp;
1718	p = l->l_proc;
1719	fdp = p->p_fd;
1720
1721	if (fdp->fd_refcnt > `1`) {
1722	fdp = fd_copy();
1723	fd_free();
1724	p->p_fd = fdp;
1725	l->l_fd = fdp;
1726	}
1727	if (!fdp->fd_exclose) {
1728	return;
1729	}
1730	fdp->fd_exclose = false;
1731	dt = fdp->fd_dt;
1732
1733	for (fd = `0`; fd <= fdp->fd_lastfile; fd++) {
1734	if ((ff = dt->dt_ff[fd]) == NULL) {
1735	KASSERT(fd >= NDFDFILE);
1736	continue;
1737	}
1738	KASSERT(fd >= NDFDFILE \|\|
1739	ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
1740	if (ff->ff_file == NULL)
1741	continue;
1742	if (ff->ff_exclose) {
1743	/*
1744	* We need a reference to close the file.
1745	* No other threads can see the fdfile_t at
1746	* this point, so don't bother locking.
1747	*/
1748	KASSERT((ff->ff_refcnt & FR_CLOSING) == `0`);
1749	ff->ff_refcnt++;
1750	fd_close(fd);
1751	}
1752	}
1753	}
1754
1755	/*
1756	* Sets descriptor owner. If the owner is a process, 'pgid'
1757	* is set to positive value, process ID. If the owner is process group,
1758	* 'pgid' is set to -pg_id.
1759	*/
1760	int
1761	fsetown(pid_t pgid, u_long cmd, const* void *data)
1762	{
1763	pid_t id = (const* pid_t *)data;
1764	int error;
1765
1766	switch (cmd) {
1767	case TIOCSPGRP:
1768	if (id < `0`)
1769	return EINVAL;
1770	id = -id;
1771	break;
1772	default:
1773	break;
1774	}
1775	if (id > `0`) {
1776	mutex_enter(proc_lock);
1777	error = proc_find(id) ? `0` : ESRCH;
1778	mutex_exit(proc_lock);
1779	} else if (id < `0`) {
1780	error = pgid_in_session(curproc, -id);
1781	} else {
1782	error = `0`;
1783	}
1784	if (!error) {
1785	*pgid = id;
1786	}
1787	return error;
1788	}
1789
1790	void
1791	fd_set_exclose(struct lwp l, int* fd, bool exclose)
1792	{
1793	filedesc_t *fdp = l->l_fd;
1794	fdfile_t *ff = fdp->fd_dt->dt_ff[fd];
1795
1796	ff->ff_exclose = exclose;
1797	if (exclose)
1798	fdp->fd_exclose = true;
1799	}
1800
1801	/*
1802	* Return descriptor owner information. If the value is positive,
1803	* it's process ID. If it's negative, it's process group ID and
1804	* needs the sign removed before use.
1805	*/
1806	int
1807	fgetown(pid_t pgid, u_long cmd, void *data)
1808	{
1809
1810	switch (cmd) {
1811	case TIOCGPGRP:
1812	(int* *)data = -pgid;
1813	break;
1814	default:
1815	(int* *)data = pgid;
1816	break;
1817	}
1818	return `0`;
1819	}
1820
1821	/*
1822	* Send signal to descriptor owner, either process or process group.
1823	*/
1824	void
1825	fownsignal(pid_t pgid, int signo, int code, int band, void *fdescdata)
1826	{
1827	ksiginfo_t ksi;
1828
1829	KASSERT(!cpu_intr_p());
1830
1831	if (pgid == `0`) {
1832	return;
1833	}
1834
1835	KSI_INIT(&ksi);
1836	ksi.ksi_signo = signo;
1837	ksi.ksi_code = code;
1838	ksi.ksi_band = band;
1839
1840	mutex_enter(proc_lock);
1841	if (pgid > `0`) {
1842	struct proc *p1;
1843
1844	p1 = proc_find(pgid);
1845	if (p1 != NULL) {
1846	kpsignal(p1, &ksi, fdescdata);
1847	}
1848	} else {
1849	struct pgrp *pgrp;
1850
1851	KASSERT(pgid < `0`);
1852	pgrp = pgrp_find(-pgid);
1853	if (pgrp != NULL) {
1854	kpgsignal(pgrp, &ksi, fdescdata, `0`);
1855	}
1856	}
1857	mutex_exit(proc_lock);
1858	}
1859
1860	int
1861	fd_clone(file_t fp, unsigned* fd, int flag, const struct fileops *fops,
1862	void *data)
1863	{
1864	fdfile_t *ff;
1865	filedesc_t *fdp;
1866
1867	fp->f_flag \|= flag & FMASK;
1868	fdp = curproc->p_fd;
1869	ff = fdp->fd_dt->dt_ff[fd];
1870	KASSERT(ff != NULL);
1871	ff->ff_exclose = (flag & O_CLOEXEC) != `0`;
1872	fp->f_type = DTYPE_MISC;
1873	fp->f_ops = fops;
1874	fp->f_data = data;
1875	curlwp->l_dupfd = fd;
1876	fd_affix(curproc, fp, fd);
1877
1878	return EMOVEFD;
1879	}
1880
1881	int
1882	fnullop_fcntl(file_t fp, u_int cmd, void* *data)
1883	{
1884
1885	if (cmd == F_SETFL)
1886	return `0`;
1887
1888	return EOPNOTSUPP;
1889	}
1890
1891	int
1892	fnullop_poll(file_t fp, int* which)
1893	{
1894
1895	return `0`;
1896	}
1897
1898	int
1899	fnullop_kqfilter(file_t fp, struct* knote *kn)
1900	{
1901
1902	return EOPNOTSUPP;
1903	}
1904
1905	void
1906	fnullop_restart(file_t *fp)
1907	{
1908
1909	}
1910
1911	int
1912	fbadop_read(file_t fp, off_t offset, struct uio *uio,
1913	kauth_cred_t cred, int flags)
1914	{
1915
1916	return EOPNOTSUPP;
1917	}
1918
1919	int
1920	fbadop_write(file_t fp, off_t offset, struct uio *uio,
1921	kauth_cred_t cred, int flags)
1922	{
1923
1924	return EOPNOTSUPP;
1925	}
1926
1927	int
1928	fbadop_ioctl(file_t fp, u_long com, void* *data)
1929	{
1930
1931	return EOPNOTSUPP;
1932	}
1933
1934	int
1935	fbadop_stat(file_t fp, struct* stat *sb)
1936	{
1937
1938	return EOPNOTSUPP;
1939	}
1940
1941	int
1942	fbadop_close(file_t *fp)
1943	{
1944
1945	return EOPNOTSUPP;
1946	}
1947
1948	/*
1949	* sysctl routines pertaining to file descriptors
1950	*/
1951
1952	/ Initialized in sysctl_init() for now... /
1953	extern kmutex_t sysctl_file_marker_lock;
1954	static u_int sysctl_file_marker = `1`;
1955
1956	/*
1957	* Expects to be called with proc_lock and sysctl_file_marker_lock locked.
1958	*/
1959	static void
1960	sysctl_file_marker_reset(void)
1961	{
1962	struct proc *p;
1963
1964	PROCLIST_FOREACH(p, &allproc) {
1965	struct filedesc *fd = p->p_fd;
1966	fdtab_t *dt;
1967	u_int i;
1968
1969	mutex_enter(&fd->fd_lock);
1970	dt = fd->fd_dt;
1971	for (i = `0`; i < dt->dt_nfiles; i++) {
1972	struct file *fp;
1973	fdfile_t *ff;
1974
1975	if ((ff = dt->dt_ff[i]) == NULL) {
1976	continue;
1977	}
1978	if ((fp = ff->ff_file) == NULL) {
1979	continue;
1980	}
1981	fp->f_marker = `0`;
1982	}
1983	mutex_exit(&fd->fd_lock);
1984	}
1985	}
1986
1987	/*
1988	* sysctl helper routine for kern.file pseudo-subtree.
1989	*/
1990	static int
1991	sysctl_kern_file(SYSCTLFN_ARGS)
1992	{
1993	int error;
1994	size_t buflen;
1995	struct file *fp, fbuf;
1996	char start, where;
1997	struct proc *p;
1998
1999	start = where = oldp;
2000	buflen = *oldlenp;
2001
2002	if (where == NULL) {
2003	/*
2004	* overestimate by 10 files
2005	*/
2006	oldlenp = sizeof(filehead) + (nfiles + `10`)
2007	sizeof(struct file);
2008	return `0`;
2009	}
2010
2011	/*
2012	* first sysctl_copyout filehead
2013	*/
2014	if (buflen < sizeof(filehead)) {
2015	*oldlenp = `0`;
2016	return `0`;
2017	}
2018	sysctl_unlock();
2019	error = sysctl_copyout(l, &filehead, where, sizeof(filehead));
2020	if (error) {
2021	sysctl_relock();
2022	return error;
2023	}
2024	buflen -= sizeof(filehead);
2025	where += sizeof(filehead);
2026
2027	/*
2028	* followed by an array of file structures
2029	*/
2030	mutex_enter(&sysctl_file_marker_lock);
2031	mutex_enter(proc_lock);
2032	PROCLIST_FOREACH(p, &allproc) {
2033	struct filedesc *fd;
2034	fdtab_t *dt;
2035	u_int i;
2036
2037	if (p->p_stat == SIDL) {
2038	/ skip embryonic processes /
2039	continue;
2040	}
2041	mutex_enter(p->p_lock);
2042	error = kauth_authorize_process(l->l_cred,
2043	KAUTH_PROCESS_CANSEE, p,
2044	KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_OPENFILES),
2045	NULL, NULL);
2046	mutex_exit(p->p_lock);
2047	if (error != `0`) {
2048	/*
2049	* Don't leak kauth retval if we're silently
2050	* skipping this entry.
2051	*/
2052	error = `0`;
2053	continue;
2054	}
2055
2056	/*
2057	* Grab a hold on the process.
2058	*/
2059	if (!rw_tryenter(&p->p_reflock, RW_READER)) {
2060	continue;
2061	}
2062	mutex_exit(proc_lock);
2063
2064	fd = p->p_fd;
2065	mutex_enter(&fd->fd_lock);
2066	dt = fd->fd_dt;
2067	for (i = `0`; i < dt->dt_nfiles; i++) {
2068	fdfile_t *ff;
2069
2070	if ((ff = dt->dt_ff[i]) == NULL) {
2071	continue;
2072	}
2073	if ((fp = ff->ff_file) == NULL) {
2074	continue;
2075	}
2076
2077	mutex_enter(&fp->f_lock);
2078
2079	if ((fp->f_count == `0`) \|\|
2080	(fp->f_marker == sysctl_file_marker)) {
2081	mutex_exit(&fp->f_lock);
2082	continue;
2083	}
2084
2085	/ Check that we have enough space. /
2086	if (buflen < sizeof(struct file)) {
2087	*oldlenp = where - start;
2088	mutex_exit(&fp->f_lock);
2089	error = ENOMEM;
2090	break;
2091	}
2092
2093	memcpy(&fbuf, fp, sizeof(fbuf));
2094	mutex_exit(&fp->f_lock);
2095	error = sysctl_copyout(l, &fbuf, where, sizeof(fbuf));
2096	if (error) {
2097	break;
2098	}
2099	buflen -= sizeof(struct file);
2100	where += sizeof(struct file);
2101
2102	fp->f_marker = sysctl_file_marker;
2103	}
2104	mutex_exit(&fd->fd_lock);
2105
2106	/*
2107	* Release reference to process.
2108	*/
2109	mutex_enter(proc_lock);
2110	rw_exit(&p->p_reflock);
2111
2112	if (error)
2113	break;
2114	}
2115
2116	sysctl_file_marker++;
2117	/ Reset all markers if wrapped. /
2118	if (sysctl_file_marker == `0`) {
2119	sysctl_file_marker_reset();
2120	sysctl_file_marker++;
2121	}
2122
2123	mutex_exit(proc_lock);
2124	mutex_exit(&sysctl_file_marker_lock);
2125
2126	*oldlenp = where - start;
2127	sysctl_relock();
2128	return error;
2129	}
2130
2131	/*
2132	* sysctl helper function for kern.file2
2133	*/
2134	static int
2135	sysctl_kern_file2(SYSCTLFN_ARGS)
2136	{
2137	struct proc *p;
2138	struct file *fp;
2139	struct filedesc *fd;
2140	struct kinfo_file kf;
2141	char *dp;
2142	u_int i, op;
2143	size_t len, needed, elem_size, out_size;
2144	int error, arg, elem_count;
2145	fdfile_t *ff;
2146	fdtab_t *dt;
2147
2148	if (namelen == `1` && name[`0`] == CTL_QUERY)
2149	return sysctl_query(SYSCTLFN_CALL(rnode));
2150
2151	if (namelen != `4`)
2152	return EINVAL;
2153
2154	error = `0`;
2155	dp = oldp;
2156	len = (oldp != NULL) ? *oldlenp : `0`;
2157	op = name[`0`];
2158	arg = name[`1`];
2159	elem_size = name[`2`];
2160	elem_count = name[`3`];
2161	out_size = MIN(sizeof(kf), elem_size);
2162	needed = `0`;
2163
2164	if (elem_size < `1` \|\| elem_count < `0`)
2165	return EINVAL;
2166
2167	switch (op) {
2168	case KERN_FILE_BYFILE:
2169	case KERN_FILE_BYPID:
2170	/*
2171	* We're traversing the process list in both cases; the BYFILE
2172	* case does additional work of keeping track of files already
2173	* looked at.
2174	*/
2175
2176	/ doesn't use arg so it must be zero /
2177	if ((op == KERN_FILE_BYFILE) && (arg != `0`))
2178	return EINVAL;
2179
2180	if ((op == KERN_FILE_BYPID) && (arg < -`1`))
2181	/ -1 means all processes /
2182	return EINVAL;
2183
2184	sysctl_unlock();
2185	if (op == KERN_FILE_BYFILE)
2186	mutex_enter(&sysctl_file_marker_lock);
2187	mutex_enter(proc_lock);
2188	PROCLIST_FOREACH(p, &allproc) {
2189	if (p->p_stat == SIDL) {
2190	/ skip embryonic processes /
2191	continue;
2192	}
2193	if (arg > `0` && p->p_pid != arg) {
2194	/ pick only the one we want /
2195	/ XXX want 0 to mean "kernel files" /
2196	continue;
2197	}
2198	mutex_enter(p->p_lock);
2199	error = kauth_authorize_process(l->l_cred,
2200	KAUTH_PROCESS_CANSEE, p,
2201	KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_OPENFILES),
2202	NULL, NULL);
2203	mutex_exit(p->p_lock);
2204	if (error != `0`) {
2205	/*
2206	* Don't leak kauth retval if we're silently
2207	* skipping this entry.
2208	*/
2209	error = `0`;
2210	continue;
2211	}
2212
2213	/*
2214	* Grab a hold on the process.
2215	*/
2216	if (!rw_tryenter(&p->p_reflock, RW_READER)) {
2217	continue;
2218	}
2219	mutex_exit(proc_lock);
2220
2221	fd = p->p_fd;
2222	mutex_enter(&fd->fd_lock);
2223	dt = fd->fd_dt;
2224	for (i = `0`; i < dt->dt_nfiles; i++) {
2225	if ((ff = dt->dt_ff[i]) == NULL) {
2226	continue;
2227	}
2228	if ((fp = ff->ff_file) == NULL) {
2229	continue;
2230	}
2231
2232	if ((op == KERN_FILE_BYFILE) &&
2233	(fp->f_marker == sysctl_file_marker)) {
2234	continue;
2235	}
2236	if (len >= elem_size && elem_count > `0`) {
2237	mutex_enter(&fp->f_lock);
2238	fill_file(&kf, fp, ff, i, p->p_pid);
2239	mutex_exit(&fp->f_lock);
2240	mutex_exit(&fd->fd_lock);
2241	error = sysctl_copyout(l,
2242	&kf, dp, out_size);
2243	mutex_enter(&fd->fd_lock);
2244	if (error)
2245	break;
2246	dp += elem_size;
2247	len -= elem_size;
2248	}
2249	if (op == KERN_FILE_BYFILE)
2250	fp->f_marker = sysctl_file_marker;
2251	needed += elem_size;
2252	if (elem_count > `0` && elem_count != INT_MAX)
2253	elem_count--;
2254	}
2255	mutex_exit(&fd->fd_lock);
2256
2257	/*
2258	* Release reference to process.
2259	*/
2260	mutex_enter(proc_lock);
2261	rw_exit(&p->p_reflock);
2262	}
2263	if (op == KERN_FILE_BYFILE) {
2264	sysctl_file_marker++;
2265
2266	/ Reset all markers if wrapped. /
2267	if (sysctl_file_marker == `0`) {
2268	sysctl_file_marker_reset();
2269	sysctl_file_marker++;
2270	}
2271	}
2272	mutex_exit(proc_lock);
2273	if (op == KERN_FILE_BYFILE)
2274	mutex_exit(&sysctl_file_marker_lock);
2275	sysctl_relock();
2276	break;
2277	default:
2278	return EINVAL;
2279	}
2280
2281	if (oldp == NULL)
2282	needed += KERN_FILESLOP * elem_size;
2283	*oldlenp = needed;
2284
2285	return error;
2286	}
2287
2288	static void
2289	fill_file(struct kinfo_file kp, const* file_t fp, const* fdfile_t *ff,
2290	int i, pid_t pid)
2291	{
2292
2293	memset(kp, `0`, sizeof(*kp));
2294
2295	kp->ki_fileaddr = PTRTOUINT64(fp);
2296	kp->ki_flag = fp->f_flag;
2297	kp->ki_iflags = `0`;
2298	kp->ki_ftype = fp->f_type;
2299	kp->ki_count = fp->f_count;
2300	kp->ki_msgcount = fp->f_msgcount;
2301	kp->ki_fucred = PTRTOUINT64(fp->f_cred);
2302	kp->ki_fuid = kauth_cred_geteuid(fp->f_cred);
2303	kp->ki_fgid = kauth_cred_getegid(fp->f_cred);
2304	kp->ki_fops = PTRTOUINT64(fp->f_ops);
2305	kp->ki_foffset = fp->f_offset;
2306	kp->ki_fdata = PTRTOUINT64(fp->f_data);
2307
2308	/ vnode information to glue this file to something /
2309	if (fp->f_type == DTYPE_VNODE) {
2310	struct vnode *vp = fp->f_vnode;
2311
2312	kp->ki_vun = PTRTOUINT64(vp->v_un.vu_socket);
2313	kp->ki_vsize = vp->v_size;
2314	kp->ki_vtype = vp->v_type;
2315	kp->ki_vtag = vp->v_tag;
2316	kp->ki_vdata = PTRTOUINT64(vp->v_data);
2317	}
2318
2319	/ process information when retrieved via KERN_FILE_BYPID /
2320	if (ff != NULL) {
2321	kp->ki_pid = pid;
2322	kp->ki_fd = i;
2323	kp->ki_ofileflags = ff->ff_exclose;
2324	kp->ki_usecount = ff->ff_refcnt;
2325	}
2326	}
2327

Browse the source code of src/src/sys/kern/kern_descrip.c