1 /*
2 * Copyright (c) 1982, 1986, 1989, 1991, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the University of
21 * California, Berkeley and its contributors.
22 * 4. Neither the name of the University nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
38 * @(#)kern_descrip.c 8.6 (Berkeley) 4/19/94
39 * $FreeBSD: releng/5.1/sys/kern/kern_descrip.c 115042 2003-05-15 21:13:08Z rwatson $
40 */
41
42 #include "opt_compat.h"
43
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/syscallsubr.h>
47 #include <sys/sysproto.h>
48 #include <sys/conf.h>
49 #include <sys/filedesc.h>
50 #include <sys/lock.h>
51 #include <sys/kernel.h>
52 #include <sys/limits.h>
53 #include <sys/malloc.h>
54 #include <sys/mutex.h>
55 #include <sys/sysctl.h>
56 #include <sys/vnode.h>
57 #include <sys/mount.h>
58 #include <sys/proc.h>
59 #include <sys/namei.h>
60 #include <sys/file.h>
61 #include <sys/stat.h>
62 #include <sys/filio.h>
63 #include <sys/fcntl.h>
64 #include <sys/unistd.h>
65 #include <sys/resourcevar.h>
66 #include <sys/event.h>
67 #include <sys/sx.h>
68 #include <sys/socketvar.h>
69 #include <sys/signalvar.h>
70
71 #include <vm/vm.h>
72 #include <vm/vm_extern.h>
73 #include <vm/uma.h>
74
75 static MALLOC_DEFINE(M_FILEDESC, "file desc", "Open file descriptor table");
76 static MALLOC_DEFINE(M_SIGIO, "sigio", "sigio structures");
77
78 static uma_zone_t file_zone;
79
80 static d_open_t fdopen;
81 #define NUMFDESC 64
82
83 #define CDEV_MAJOR 22
84 static struct cdevsw fildesc_cdevsw = {
85 .d_open = fdopen,
86 .d_name = "FD",
87 .d_maj = CDEV_MAJOR,
88 };
89
90 /* How to treat 'new' parameter when allocating a fd for do_dup(). */
91 enum dup_type { DUP_VARIABLE, DUP_FIXED };
92
93 static int do_dup(struct thread *td, enum dup_type type, int old, int new,
94 register_t *retval);
95
96 /*
97 * Descriptor management.
98 */
99 struct filelist filehead; /* head of list of open files */
100 int nfiles; /* actual number of open files */
101 extern int cmask;
102 struct sx filelist_lock; /* sx to protect filelist */
103 struct mtx sigio_lock; /* mtx to protect pointers to sigio */
104
105 /*
106 * System calls on descriptors.
107 */
108 #ifndef _SYS_SYSPROTO_H_
109 struct getdtablesize_args {
110 int dummy;
111 };
112 #endif
113 /*
114 * MPSAFE
115 */
116 /* ARGSUSED */
117 int
118 getdtablesize(td, uap)
119 struct thread *td;
120 struct getdtablesize_args *uap;
121 {
122 struct proc *p = td->td_proc;
123
124 mtx_lock(&Giant);
125 td->td_retval[0] =
126 min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc);
127 mtx_unlock(&Giant);
128 return (0);
129 }
130
131 /*
132 * Duplicate a file descriptor to a particular value.
133 *
134 * note: keep in mind that a potential race condition exists when closing
135 * descriptors from a shared descriptor table (via rfork).
136 */
137 #ifndef _SYS_SYSPROTO_H_
138 struct dup2_args {
139 u_int from;
140 u_int to;
141 };
142 #endif
143 /*
144 * MPSAFE
145 */
146 /* ARGSUSED */
147 int
148 dup2(td, uap)
149 struct thread *td;
150 struct dup2_args *uap;
151 {
152
153 return (do_dup(td, DUP_FIXED, (int)uap->from, (int)uap->to,
154 td->td_retval));
155 }
156
157 /*
158 * Duplicate a file descriptor.
159 */
160 #ifndef _SYS_SYSPROTO_H_
161 struct dup_args {
162 u_int fd;
163 };
164 #endif
165 /*
166 * MPSAFE
167 */
168 /* ARGSUSED */
169 int
170 dup(td, uap)
171 struct thread *td;
172 struct dup_args *uap;
173 {
174
175 return (do_dup(td, DUP_VARIABLE, (int)uap->fd, 0, td->td_retval));
176 }
177
178 /*
179 * The file control system call.
180 */
181 #ifndef _SYS_SYSPROTO_H_
182 struct fcntl_args {
183 int fd;
184 int cmd;
185 long arg;
186 };
187 #endif
188 /*
189 * MPSAFE
190 */
191 /* ARGSUSED */
192 int
193 fcntl(td, uap)
194 struct thread *td;
195 struct fcntl_args *uap;
196 {
197 struct flock fl;
198 intptr_t arg;
199 int error;
200
201 error = 0;
202 switch (uap->cmd) {
203 case F_GETLK:
204 case F_SETLK:
205 case F_SETLKW:
206 error = copyin((void *)(intptr_t)uap->arg, &fl, sizeof(fl));
207 arg = (intptr_t)&fl;
208 break;
209 default:
210 arg = uap->arg;
211 break;
212 }
213 if (error)
214 return (error);
215 error = kern_fcntl(td, uap->fd, uap->cmd, arg);
216 if (error)
217 return (error);
218 if (uap->cmd == F_GETLK)
219 error = copyout(&fl, (void *)(intptr_t)uap->arg, sizeof(fl));
220 return (error);
221 }
222
223 int
224 kern_fcntl(struct thread *td, int fd, int cmd, intptr_t arg)
225 {
226 struct filedesc *fdp;
227 struct flock *flp;
228 struct file *fp;
229 struct proc *p;
230 char *pop;
231 struct vnode *vp;
232 u_int newmin;
233 int error, flg, tmp;
234
235 error = 0;
236 flg = F_POSIX;
237 p = td->td_proc;
238 fdp = p->p_fd;
239 mtx_lock(&Giant);
240 FILEDESC_LOCK(fdp);
241 if ((unsigned)fd >= fdp->fd_nfiles ||
242 (fp = fdp->fd_ofiles[fd]) == NULL) {
243 FILEDESC_UNLOCK(fdp);
244 error = EBADF;
245 goto done2;
246 }
247 pop = &fdp->fd_ofileflags[fd];
248
249 switch (cmd) {
250 case F_DUPFD:
251 FILEDESC_UNLOCK(fdp);
252 newmin = arg;
253 if (newmin >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur ||
254 newmin >= maxfilesperproc) {
255 error = EINVAL;
256 break;
257 }
258 error = do_dup(td, DUP_VARIABLE, fd, newmin, td->td_retval);
259 break;
260
261 case F_GETFD:
262 td->td_retval[0] = (*pop & UF_EXCLOSE) ? FD_CLOEXEC : 0;
263 FILEDESC_UNLOCK(fdp);
264 break;
265
266 case F_SETFD:
267 *pop = (*pop &~ UF_EXCLOSE) |
268 (arg & FD_CLOEXEC ? UF_EXCLOSE : 0);
269 FILEDESC_UNLOCK(fdp);
270 break;
271
272 case F_GETFL:
273 FILE_LOCK(fp);
274 FILEDESC_UNLOCK(fdp);
275 td->td_retval[0] = OFLAGS(fp->f_flag);
276 FILE_UNLOCK(fp);
277 break;
278
279 case F_SETFL:
280 FILE_LOCK(fp);
281 FILEDESC_UNLOCK(fdp);
282 fhold_locked(fp);
283 fp->f_flag &= ~FCNTLFLAGS;
284 fp->f_flag |= FFLAGS(arg & ~O_ACCMODE) & FCNTLFLAGS;
285 FILE_UNLOCK(fp);
286 tmp = fp->f_flag & FNONBLOCK;
287 error = fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td);
288 if (error) {
289 fdrop(fp, td);
290 break;
291 }
292 tmp = fp->f_flag & FASYNC;
293 error = fo_ioctl(fp, FIOASYNC, &tmp, td->td_ucred, td);
294 if (error == 0) {
295 fdrop(fp, td);
296 break;
297 }
298 FILE_LOCK(fp);
299 fp->f_flag &= ~FNONBLOCK;
300 FILE_UNLOCK(fp);
301 tmp = 0;
302 (void)fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td);
303 fdrop(fp, td);
304 break;
305
306 case F_GETOWN:
307 fhold(fp);
308 FILEDESC_UNLOCK(fdp);
309 error = fo_ioctl(fp, FIOGETOWN, &tmp, td->td_ucred, td);
310 if (error == 0)
311 td->td_retval[0] = tmp;
312 fdrop(fp, td);
313 break;
314
315 case F_SETOWN:
316 fhold(fp);
317 FILEDESC_UNLOCK(fdp);
318 tmp = arg;
319 error = fo_ioctl(fp, FIOSETOWN, &tmp, td->td_ucred, td);
320 fdrop(fp, td);
321 break;
322
323 case F_SETLKW:
324 flg |= F_WAIT;
325 /* FALLTHROUGH F_SETLK */
326
327 case F_SETLK:
328 if (fp->f_type != DTYPE_VNODE) {
329 FILEDESC_UNLOCK(fdp);
330 error = EBADF;
331 break;
332 }
333
334 flp = (struct flock *)arg;
335 if (flp->l_whence == SEEK_CUR) {
336 if (fp->f_offset < 0 ||
337 (flp->l_start > 0 &&
338 fp->f_offset > OFF_MAX - flp->l_start)) {
339 FILEDESC_UNLOCK(fdp);
340 error = EOVERFLOW;
341 break;
342 }
343 flp->l_start += fp->f_offset;
344 }
345
346 /*
347 * VOP_ADVLOCK() may block.
348 */
349 fhold(fp);
350 FILEDESC_UNLOCK(fdp);
351 vp = fp->f_data;
352
353 switch (flp->l_type) {
354 case F_RDLCK:
355 if ((fp->f_flag & FREAD) == 0) {
356 error = EBADF;
357 break;
358 }
359 PROC_LOCK(p->p_leader);
360 p->p_leader->p_flag |= P_ADVLOCK;
361 PROC_UNLOCK(p->p_leader);
362 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK,
363 flp, flg);
364 break;
365 case F_WRLCK:
366 if ((fp->f_flag & FWRITE) == 0) {
367 error = EBADF;
368 break;
369 }
370 PROC_LOCK(p->p_leader);
371 p->p_leader->p_flag |= P_ADVLOCK;
372 PROC_UNLOCK(p->p_leader);
373 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK,
374 flp, flg);
375 break;
376 case F_UNLCK:
377 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_UNLCK,
378 flp, F_POSIX);
379 break;
380 default:
381 error = EINVAL;
382 break;
383 }
384 /* Check for race with close */
385 FILEDESC_LOCK(fdp);
386 if ((unsigned) fd >= fdp->fd_nfiles ||
387 fp != fdp->fd_ofiles[fd]) {
388 FILEDESC_UNLOCK(fdp);
389 flp->l_whence = SEEK_SET;
390 flp->l_start = 0;
391 flp->l_len = 0;
392 flp->l_type = F_UNLCK;
393 (void) VOP_ADVLOCK(vp, (caddr_t)p->p_leader,
394 F_UNLCK, flp, F_POSIX);
395 } else
396 FILEDESC_UNLOCK(fdp);
397 fdrop(fp, td);
398 break;
399
400 case F_GETLK:
401 if (fp->f_type != DTYPE_VNODE) {
402 FILEDESC_UNLOCK(fdp);
403 error = EBADF;
404 break;
405 }
406 flp = (struct flock *)arg;
407 if (flp->l_type != F_RDLCK && flp->l_type != F_WRLCK &&
408 flp->l_type != F_UNLCK) {
409 FILEDESC_UNLOCK(fdp);
410 error = EINVAL;
411 break;
412 }
413 if (flp->l_whence == SEEK_CUR) {
414 if ((flp->l_start > 0 &&
415 fp->f_offset > OFF_MAX - flp->l_start) ||
416 (flp->l_start < 0 &&
417 fp->f_offset < OFF_MIN - flp->l_start)) {
418 FILEDESC_UNLOCK(fdp);
419 error = EOVERFLOW;
420 break;
421 }
422 flp->l_start += fp->f_offset;
423 }
424 /*
425 * VOP_ADVLOCK() may block.
426 */
427 fhold(fp);
428 FILEDESC_UNLOCK(fdp);
429 vp = fp->f_data;
430 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_GETLK, flp,
431 F_POSIX);
432 fdrop(fp, td);
433 break;
434 default:
435 FILEDESC_UNLOCK(fdp);
436 error = EINVAL;
437 break;
438 }
439 done2:
440 mtx_unlock(&Giant);
441 return (error);
442 }
443
444 /*
445 * Common code for dup, dup2, and fcntl(F_DUPFD).
446 */
447 static int
448 do_dup(td, type, old, new, retval)
449 enum dup_type type;
450 int old, new;
451 register_t *retval;
452 struct thread *td;
453 {
454 struct filedesc *fdp;
455 struct proc *p;
456 struct file *fp;
457 struct file *delfp;
458 int error, newfd;
459
460 p = td->td_proc;
461 fdp = p->p_fd;
462
463 /*
464 * Verify we have a valid descriptor to dup from and possibly to
465 * dup to.
466 */
467 if (old < 0 || new < 0 || new >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur ||
468 new >= maxfilesperproc)
469 return (EBADF);
470 FILEDESC_LOCK(fdp);
471 if (old >= fdp->fd_nfiles || fdp->fd_ofiles[old] == NULL) {
472 FILEDESC_UNLOCK(fdp);
473 return (EBADF);
474 }
475 if (type == DUP_FIXED && old == new) {
476 *retval = new;
477 FILEDESC_UNLOCK(fdp);
478 return (0);
479 }
480 fp = fdp->fd_ofiles[old];
481 fhold(fp);
482
483 /*
484 * Expand the table for the new descriptor if needed. This may
485 * block and drop and reacquire the filedesc lock.
486 */
487 if (type == DUP_VARIABLE || new >= fdp->fd_nfiles) {
488 error = fdalloc(td, new, &newfd);
489 if (error) {
490 FILEDESC_UNLOCK(fdp);
491 fdrop(fp, td);
492 return (error);
493 }
494 }
495 if (type == DUP_VARIABLE)
496 new = newfd;
497
498 /*
499 * If the old file changed out from under us then treat it as a
500 * bad file descriptor. Userland should do its own locking to
501 * avoid this case.
502 */
503 if (fdp->fd_ofiles[old] != fp) {
504 if (fdp->fd_ofiles[new] == NULL) {
505 if (new < fdp->fd_freefile)
506 fdp->fd_freefile = new;
507 while (fdp->fd_lastfile > 0 &&
508 fdp->fd_ofiles[fdp->fd_lastfile] == NULL)
509 fdp->fd_lastfile--;
510 }
511 FILEDESC_UNLOCK(fdp);
512 fdrop(fp, td);
513 return (EBADF);
514 }
515 KASSERT(old != new, ("new fd is same as old"));
516
517 /*
518 * Save info on the descriptor being overwritten. We have
519 * to do the unmap now, but we cannot close it without
520 * introducing an ownership race for the slot.
521 */
522 delfp = fdp->fd_ofiles[new];
523 KASSERT(delfp == NULL || type == DUP_FIXED,
524 ("dup() picked an open file"));
525 #if 0
526 if (delfp && (fdp->fd_ofileflags[new] & UF_MAPPED))
527 (void) munmapfd(td, new);
528 #endif
529
530 /*
531 * Duplicate the source descriptor, update lastfile
532 */
533 fdp->fd_ofiles[new] = fp;
534 fdp->fd_ofileflags[new] = fdp->fd_ofileflags[old] &~ UF_EXCLOSE;
535 if (new > fdp->fd_lastfile)
536 fdp->fd_lastfile = new;
537 FILEDESC_UNLOCK(fdp);
538 *retval = new;
539
540 /*
541 * If we dup'd over a valid file, we now own the reference to it
542 * and must dispose of it using closef() semantics (as if a
543 * close() were performed on it).
544 */
545 if (delfp) {
546 mtx_lock(&Giant);
547 (void) closef(delfp, td);
548 mtx_unlock(&Giant);
549 }
550 return (0);
551 }
552
553 /*
554 * If sigio is on the list associated with a process or process group,
555 * disable signalling from the device, remove sigio from the list and
556 * free sigio.
557 */
558 void
559 funsetown(sigiop)
560 struct sigio **sigiop;
561 {
562 struct sigio *sigio;
563
564 SIGIO_LOCK();
565 sigio = *sigiop;
566 if (sigio == NULL) {
567 SIGIO_UNLOCK();
568 return;
569 }
570 *(sigio->sio_myref) = NULL;
571 if ((sigio)->sio_pgid < 0) {
572 struct pgrp *pg = (sigio)->sio_pgrp;
573 PGRP_LOCK(pg);
574 SLIST_REMOVE(&sigio->sio_pgrp->pg_sigiolst, sigio,
575 sigio, sio_pgsigio);
576 PGRP_UNLOCK(pg);
577 } else {
578 struct proc *p = (sigio)->sio_proc;
579 PROC_LOCK(p);
580 SLIST_REMOVE(&sigio->sio_proc->p_sigiolst, sigio,
581 sigio, sio_pgsigio);
582 PROC_UNLOCK(p);
583 }
584 SIGIO_UNLOCK();
585 crfree(sigio->sio_ucred);
586 FREE(sigio, M_SIGIO);
587 }
588
589 /*
590 * Free a list of sigio structures.
591 * We only need to lock the SIGIO_LOCK because we have made ourselves
592 * inaccessable to callers of fsetown and therefore do not need to lock
593 * the proc or pgrp struct for the list manipulation.
594 */
595 void
596 funsetownlst(sigiolst)
597 struct sigiolst *sigiolst;
598 {
599 struct proc *p;
600 struct pgrp *pg;
601 struct sigio *sigio;
602
603 sigio = SLIST_FIRST(sigiolst);
604 if (sigio == NULL)
605 return;
606 p = NULL;
607 pg = NULL;
608
609 /*
610 * Every entry of the list should belong
611 * to a single proc or pgrp.
612 */
613 if (sigio->sio_pgid < 0) {
614 pg = sigio->sio_pgrp;
615 PGRP_LOCK_ASSERT(pg, MA_NOTOWNED);
616 } else /* if (sigio->sio_pgid > 0) */ {
617 p = sigio->sio_proc;
618 PROC_LOCK_ASSERT(p, MA_NOTOWNED);
619 }
620
621 SIGIO_LOCK();
622 while ((sigio = SLIST_FIRST(sigiolst)) != NULL) {
623 *(sigio->sio_myref) = NULL;
624 if (pg != NULL) {
625 KASSERT(sigio->sio_pgid < 0,
626 ("Proc sigio in pgrp sigio list"));
627 KASSERT(sigio->sio_pgrp == pg,
628 ("Bogus pgrp in sigio list"));
629 PGRP_LOCK(pg);
630 SLIST_REMOVE(&pg->pg_sigiolst, sigio, sigio,
631 sio_pgsigio);
632 PGRP_UNLOCK(pg);
633 } else /* if (p != NULL) */ {
634 KASSERT(sigio->sio_pgid > 0,
635 ("Pgrp sigio in proc sigio list"));
636 KASSERT(sigio->sio_proc == p,
637 ("Bogus proc in sigio list"));
638 PROC_LOCK(p);
639 SLIST_REMOVE(&p->p_sigiolst, sigio, sigio,
640 sio_pgsigio);
641 PROC_UNLOCK(p);
642 }
643 SIGIO_UNLOCK();
644 crfree(sigio->sio_ucred);
645 FREE(sigio, M_SIGIO);
646 SIGIO_LOCK();
647 }
648 SIGIO_UNLOCK();
649 }
650
651 /*
652 * This is common code for FIOSETOWN ioctl called by fcntl(fd, F_SETOWN, arg).
653 *
654 * After permission checking, add a sigio structure to the sigio list for
655 * the process or process group.
656 */
657 int
658 fsetown(pgid, sigiop)
659 pid_t pgid;
660 struct sigio **sigiop;
661 {
662 struct proc *proc;
663 struct pgrp *pgrp;
664 struct sigio *sigio;
665 int ret;
666
667 if (pgid == 0) {
668 funsetown(sigiop);
669 return (0);
670 }
671
672 ret = 0;
673
674 /* Allocate and fill in the new sigio out of locks. */
675 MALLOC(sigio, struct sigio *, sizeof(struct sigio), M_SIGIO, M_WAITOK);
676 sigio->sio_pgid = pgid;
677 sigio->sio_ucred = crhold(curthread->td_ucred);
678 sigio->sio_myref = sigiop;
679
680 sx_slock(&proctree_lock);
681 if (pgid > 0) {
682 proc = pfind(pgid);
683 if (proc == NULL) {
684 ret = ESRCH;
685 goto fail;
686 }
687
688 /*
689 * Policy - Don't allow a process to FSETOWN a process
690 * in another session.
691 *
692 * Remove this test to allow maximum flexibility or
693 * restrict FSETOWN to the current process or process
694 * group for maximum safety.
695 */
696 PROC_UNLOCK(proc);
697 if (proc->p_session != curthread->td_proc->p_session) {
698 ret = EPERM;
699 goto fail;
700 }
701
702 pgrp = NULL;
703 } else /* if (pgid < 0) */ {
704 pgrp = pgfind(-pgid);
705 if (pgrp == NULL) {
706 ret = ESRCH;
707 goto fail;
708 }
709 PGRP_UNLOCK(pgrp);
710
711 /*
712 * Policy - Don't allow a process to FSETOWN a process
713 * in another session.
714 *
715 * Remove this test to allow maximum flexibility or
716 * restrict FSETOWN to the current process or process
717 * group for maximum safety.
718 */
719 if (pgrp->pg_session != curthread->td_proc->p_session) {
720 ret = EPERM;
721 goto fail;
722 }
723
724 proc = NULL;
725 }
726 funsetown(sigiop);
727 if (pgid > 0) {
728 PROC_LOCK(proc);
729 /*
730 * Since funsetownlst() is called without the proctree
731 * locked, we need to check for P_WEXIT.
732 * XXX: is ESRCH correct?
733 */
734 if ((proc->p_flag & P_WEXIT) != 0) {
735 PROC_UNLOCK(proc);
736 ret = ESRCH;
737 goto fail;
738 }
739 SLIST_INSERT_HEAD(&proc->p_sigiolst, sigio, sio_pgsigio);
740 sigio->sio_proc = proc;
741 PROC_UNLOCK(proc);
742 } else {
743 PGRP_LOCK(pgrp);
744 SLIST_INSERT_HEAD(&pgrp->pg_sigiolst, sigio, sio_pgsigio);
745 sigio->sio_pgrp = pgrp;
746 PGRP_UNLOCK(pgrp);
747 }
748 sx_sunlock(&proctree_lock);
749 SIGIO_LOCK();
750 *sigiop = sigio;
751 SIGIO_UNLOCK();
752 return (0);
753
754 fail:
755 sx_sunlock(&proctree_lock);
756 crfree(sigio->sio_ucred);
757 FREE(sigio, M_SIGIO);
758 return (ret);
759 }
760
761 /*
762 * This is common code for FIOGETOWN ioctl called by fcntl(fd, F_GETOWN, arg).
763 */
764 pid_t
765 fgetown(sigiop)
766 struct sigio **sigiop;
767 {
768 pid_t pgid;
769
770 SIGIO_LOCK();
771 pgid = (*sigiop != NULL) ? (*sigiop)->sio_pgid : 0;
772 SIGIO_UNLOCK();
773 return (pgid);
774 }
775
776 /*
777 * Close a file descriptor.
778 */
779 #ifndef _SYS_SYSPROTO_H_
780 struct close_args {
781 int fd;
782 };
783 #endif
784 /*
785 * MPSAFE
786 */
787 /* ARGSUSED */
788 int
789 close(td, uap)
790 struct thread *td;
791 struct close_args *uap;
792 {
793 struct filedesc *fdp;
794 struct file *fp;
795 int fd, error;
796
797 fd = uap->fd;
798 error = 0;
799 fdp = td->td_proc->p_fd;
800 mtx_lock(&Giant);
801 FILEDESC_LOCK(fdp);
802 if ((unsigned)fd >= fdp->fd_nfiles ||
803 (fp = fdp->fd_ofiles[fd]) == NULL) {
804 FILEDESC_UNLOCK(fdp);
805 error = EBADF;
806 goto done2;
807 }
808 #if 0
809 if (fdp->fd_ofileflags[fd] & UF_MAPPED)
810 (void) munmapfd(td, fd);
811 #endif
812 fdp->fd_ofiles[fd] = NULL;
813 fdp->fd_ofileflags[fd] = 0;
814
815 /*
816 * we now hold the fp reference that used to be owned by the descriptor
817 * array.
818 */
819 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL)
820 fdp->fd_lastfile--;
821 if (fd < fdp->fd_freefile)
822 fdp->fd_freefile = fd;
823 if (fd < fdp->fd_knlistsize) {
824 FILEDESC_UNLOCK(fdp);
825 knote_fdclose(td, fd);
826 } else
827 FILEDESC_UNLOCK(fdp);
828
829 error = closef(fp, td);
830 done2:
831 mtx_unlock(&Giant);
832 return (error);
833 }
834
835 #if defined(COMPAT_43) || defined(COMPAT_SUNOS)
836 /*
837 * Return status information about a file descriptor.
838 */
839 #ifndef _SYS_SYSPROTO_H_
840 struct ofstat_args {
841 int fd;
842 struct ostat *sb;
843 };
844 #endif
845 /*
846 * MPSAFE
847 */
848 /* ARGSUSED */
849 int
850 ofstat(td, uap)
851 struct thread *td;
852 struct ofstat_args *uap;
853 {
854 struct file *fp;
855 struct stat ub;
856 struct ostat oub;
857 int error;
858
859 mtx_lock(&Giant);
860 if ((error = fget(td, uap->fd, &fp)) != 0)
861 goto done2;
862 error = fo_stat(fp, &ub, td->td_ucred, td);
863 if (error == 0) {
864 cvtstat(&ub, &oub);
865 error = copyout(&oub, uap->sb, sizeof(oub));
866 }
867 fdrop(fp, td);
868 done2:
869 mtx_unlock(&Giant);
870 return (error);
871 }
872 #endif /* COMPAT_43 || COMPAT_SUNOS */
873
874 /*
875 * Return status information about a file descriptor.
876 */
877 #ifndef _SYS_SYSPROTO_H_
878 struct fstat_args {
879 int fd;
880 struct stat *sb;
881 };
882 #endif
883 /*
884 * MPSAFE
885 */
886 /* ARGSUSED */
887 int
888 fstat(td, uap)
889 struct thread *td;
890 struct fstat_args *uap;
891 {
892 struct file *fp;
893 struct stat ub;
894 int error;
895
896 mtx_lock(&Giant);
897 if ((error = fget(td, uap->fd, &fp)) != 0)
898 goto done2;
899 error = fo_stat(fp, &ub, td->td_ucred, td);
900 if (error == 0)
901 error = copyout(&ub, uap->sb, sizeof(ub));
902 fdrop(fp, td);
903 done2:
904 mtx_unlock(&Giant);
905 return (error);
906 }
907
908 /*
909 * Return status information about a file descriptor.
910 */
911 #ifndef _SYS_SYSPROTO_H_
912 struct nfstat_args {
913 int fd;
914 struct nstat *sb;
915 };
916 #endif
917 /*
918 * MPSAFE
919 */
920 /* ARGSUSED */
921 int
922 nfstat(td, uap)
923 struct thread *td;
924 struct nfstat_args *uap;
925 {
926 struct file *fp;
927 struct stat ub;
928 struct nstat nub;
929 int error;
930
931 mtx_lock(&Giant);
932 if ((error = fget(td, uap->fd, &fp)) != 0)
933 goto done2;
934 error = fo_stat(fp, &ub, td->td_ucred, td);
935 if (error == 0) {
936 cvtnstat(&ub, &nub);
937 error = copyout(&nub, uap->sb, sizeof(nub));
938 }
939 fdrop(fp, td);
940 done2:
941 mtx_unlock(&Giant);
942 return (error);
943 }
944
945 /*
946 * Return pathconf information about a file descriptor.
947 */
948 #ifndef _SYS_SYSPROTO_H_
949 struct fpathconf_args {
950 int fd;
951 int name;
952 };
953 #endif
954 /*
955 * MPSAFE
956 */
957 /* ARGSUSED */
958 int
959 fpathconf(td, uap)
960 struct thread *td;
961 struct fpathconf_args *uap;
962 {
963 struct file *fp;
964 struct vnode *vp;
965 int error;
966
967 if ((error = fget(td, uap->fd, &fp)) != 0)
968 return (error);
969
970 /* If asynchronous I/O is available, it works for all descriptors. */
971 if (uap->name == _PC_ASYNC_IO) {
972 td->td_retval[0] = async_io_version;
973 goto out;
974 }
975 switch (fp->f_type) {
976 case DTYPE_PIPE:
977 case DTYPE_SOCKET:
978 if (uap->name != _PC_PIPE_BUF) {
979 error = EINVAL;
980 } else {
981 td->td_retval[0] = PIPE_BUF;
982 error = 0;
983 }
984 break;
985 case DTYPE_FIFO:
986 case DTYPE_VNODE:
987 vp = fp->f_data;
988 mtx_lock(&Giant);
989 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
990 error = VOP_PATHCONF(vp, uap->name, td->td_retval);
991 VOP_UNLOCK(vp, 0, td);
992 mtx_unlock(&Giant);
993 break;
994 default:
995 error = EOPNOTSUPP;
996 break;
997 }
998 out:
999 fdrop(fp, td);
1000 return (error);
1001 }
1002
1003 /*
1004 * Allocate a file descriptor for the process.
1005 */
1006 static int fdexpand;
1007 SYSCTL_INT(_debug, OID_AUTO, fdexpand, CTLFLAG_RD, &fdexpand, 0, "");
1008
1009 int
1010 fdalloc(td, want, result)
1011 struct thread *td;
1012 int want;
1013 int *result;
1014 {
1015 struct proc *p = td->td_proc;
1016 struct filedesc *fdp = td->td_proc->p_fd;
1017 int i;
1018 int lim, last, nfiles;
1019 struct file **newofile, **oldofile;
1020 char *newofileflags;
1021
1022 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED);
1023
1024 /*
1025 * Search for a free descriptor starting at the higher
1026 * of want or fd_freefile. If that fails, consider
1027 * expanding the ofile array.
1028 */
1029 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc);
1030 for (;;) {
1031 last = min(fdp->fd_nfiles, lim);
1032 i = max(want, fdp->fd_freefile);
1033 for (; i < last; i++) {
1034 if (fdp->fd_ofiles[i] == NULL) {
1035 fdp->fd_ofileflags[i] = 0;
1036 if (i > fdp->fd_lastfile)
1037 fdp->fd_lastfile = i;
1038 if (want <= fdp->fd_freefile)
1039 fdp->fd_freefile = i;
1040 *result = i;
1041 return (0);
1042 }
1043 }
1044
1045 /*
1046 * No space in current array. Expand?
1047 */
1048 if (i >= lim)
1049 return (EMFILE);
1050 if (fdp->fd_nfiles < NDEXTENT)
1051 nfiles = NDEXTENT;
1052 else
1053 nfiles = 2 * fdp->fd_nfiles;
1054 while (nfiles < want)
1055 nfiles <<= 1;
1056 FILEDESC_UNLOCK(fdp);
1057 /*
1058 * XXX malloc() calls uma_large_malloc() for sizes larger
1059 * than KMEM_ZMAX bytes. uma_large_malloc() requires Giant.
1060 */
1061 mtx_lock(&Giant);
1062 newofile = malloc(nfiles * OFILESIZE, M_FILEDESC, M_WAITOK);
1063 mtx_unlock(&Giant);
1064
1065 /*
1066 * Deal with file-table extend race that might have
1067 * occurred while filedesc was unlocked.
1068 */
1069 FILEDESC_LOCK(fdp);
1070 if (fdp->fd_nfiles >= nfiles) {
1071 /* XXX uma_large_free() needs Giant. */
1072 FILEDESC_UNLOCK(fdp);
1073 mtx_lock(&Giant);
1074 free(newofile, M_FILEDESC);
1075 mtx_unlock(&Giant);
1076 FILEDESC_LOCK(fdp);
1077 continue;
1078 }
1079 newofileflags = (char *) &newofile[nfiles];
1080 /*
1081 * Copy the existing ofile and ofileflags arrays
1082 * and zero the new portion of each array.
1083 */
1084 i = fdp->fd_nfiles * sizeof(struct file *);
1085 bcopy(fdp->fd_ofiles, newofile, i);
1086 bzero((char *)newofile + i,
1087 nfiles * sizeof(struct file *) - i);
1088 i = fdp->fd_nfiles * sizeof(char);
1089 bcopy(fdp->fd_ofileflags, newofileflags, i);
1090 bzero(newofileflags + i, nfiles * sizeof(char) - i);
1091 if (fdp->fd_nfiles > NDFILE)
1092 oldofile = fdp->fd_ofiles;
1093 else
1094 oldofile = NULL;
1095 fdp->fd_ofiles = newofile;
1096 fdp->fd_ofileflags = newofileflags;
1097 fdp->fd_nfiles = nfiles;
1098 fdexpand++;
1099 if (oldofile != NULL) {
1100 /* XXX uma_large_free() needs Giant. */
1101 FILEDESC_UNLOCK(fdp);
1102 mtx_lock(&Giant);
1103 free(oldofile, M_FILEDESC);
1104 mtx_unlock(&Giant);
1105 FILEDESC_LOCK(fdp);
1106 }
1107 }
1108 return (0);
1109 }
1110
1111 /*
1112 * Check to see whether n user file descriptors
1113 * are available to the process p.
1114 */
1115 int
1116 fdavail(td, n)
1117 struct thread *td;
1118 int n;
1119 {
1120 struct proc *p = td->td_proc;
1121 struct filedesc *fdp = td->td_proc->p_fd;
1122 struct file **fpp;
1123 int i, lim, last;
1124
1125 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED);
1126
1127 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc);
1128 if ((i = lim - fdp->fd_nfiles) > 0 && (n -= i) <= 0)
1129 return (1);
1130 last = min(fdp->fd_nfiles, lim);
1131 fpp = &fdp->fd_ofiles[fdp->fd_freefile];
1132 for (i = last - fdp->fd_freefile; --i >= 0; fpp++) {
1133 if (*fpp == NULL && --n <= 0)
1134 return (1);
1135 }
1136 return (0);
1137 }
1138
1139 /*
1140 * Create a new open file structure and allocate
1141 * a file decriptor for the process that refers to it.
1142 */
1143 int
1144 falloc(td, resultfp, resultfd)
1145 struct thread *td;
1146 struct file **resultfp;
1147 int *resultfd;
1148 {
1149 struct proc *p = td->td_proc;
1150 struct file *fp, *fq;
1151 int error, i;
1152
1153 fp = uma_zalloc(file_zone, M_WAITOK | M_ZERO);
1154 sx_xlock(&filelist_lock);
1155 if (nfiles >= maxfiles) {
1156 sx_xunlock(&filelist_lock);
1157 uma_zfree(file_zone, fp);
1158 tablefull("file");
1159 return (ENFILE);
1160 }
1161 nfiles++;
1162
1163 /*
1164 * If the process has file descriptor zero open, add the new file
1165 * descriptor to the list of open files at that point, otherwise
1166 * put it at the front of the list of open files.
1167 */
1168 fp->f_mtxp = mtx_pool_alloc();
1169 fp->f_gcflag = 0;
1170 fp->f_count = 1;
1171 fp->f_cred = crhold(td->td_ucred);
1172 fp->f_ops = &badfileops;
1173 fp->f_seqcount = 1;
1174 FILEDESC_LOCK(p->p_fd);
1175 if ((fq = p->p_fd->fd_ofiles[0])) {
1176 LIST_INSERT_AFTER(fq, fp, f_list);
1177 } else {
1178 LIST_INSERT_HEAD(&filehead, fp, f_list);
1179 }
1180 sx_xunlock(&filelist_lock);
1181 if ((error = fdalloc(td, 0, &i))) {
1182 FILEDESC_UNLOCK(p->p_fd);
1183 fdrop(fp, td);
1184 return (error);
1185 }
1186 p->p_fd->fd_ofiles[i] = fp;
1187 FILEDESC_UNLOCK(p->p_fd);
1188 if (resultfp)
1189 *resultfp = fp;
1190 if (resultfd)
1191 *resultfd = i;
1192 return (0);
1193 }
1194
1195 /*
1196 * Free a file descriptor.
1197 */
1198 void
1199 ffree(fp)
1200 struct file *fp;
1201 {
1202
1203 KASSERT(fp->f_count == 0, ("ffree: fp_fcount not 0!"));
1204 sx_xlock(&filelist_lock);
1205 LIST_REMOVE(fp, f_list);
1206 nfiles--;
1207 sx_xunlock(&filelist_lock);
1208 crfree(fp->f_cred);
1209 uma_zfree(file_zone, fp);
1210 }
1211
1212 /*
1213 * Build a new filedesc structure from another.
1214 * Copy the current, root, and jail root vnode references.
1215 */
1216 struct filedesc *
1217 fdinit(fdp)
1218 struct filedesc *fdp;
1219 {
1220 struct filedesc0 *newfdp;
1221
1222 MALLOC(newfdp, struct filedesc0 *, sizeof(struct filedesc0),
1223 M_FILEDESC, M_WAITOK | M_ZERO);
1224 mtx_init(&newfdp->fd_fd.fd_mtx, FILEDESC_LOCK_DESC, NULL, MTX_DEF);
1225 newfdp->fd_fd.fd_cdir = fdp->fd_cdir;
1226 if (newfdp->fd_fd.fd_cdir)
1227 VREF(newfdp->fd_fd.fd_cdir);
1228 newfdp->fd_fd.fd_rdir = fdp->fd_rdir;
1229 if (newfdp->fd_fd.fd_rdir)
1230 VREF(newfdp->fd_fd.fd_rdir);
1231 newfdp->fd_fd.fd_jdir = fdp->fd_jdir;
1232 if (newfdp->fd_fd.fd_jdir)
1233 VREF(newfdp->fd_fd.fd_jdir);
1234
1235 /* Create the file descriptor table. */
1236 newfdp->fd_fd.fd_refcnt = 1;
1237 newfdp->fd_fd.fd_cmask = cmask;
1238 newfdp->fd_fd.fd_ofiles = newfdp->fd_dfiles;
1239 newfdp->fd_fd.fd_ofileflags = newfdp->fd_dfileflags;
1240 newfdp->fd_fd.fd_nfiles = NDFILE;
1241 newfdp->fd_fd.fd_knlistsize = -1;
1242 return (&newfdp->fd_fd);
1243 }
1244
1245 /*
1246 * Share a filedesc structure.
1247 */
1248 struct filedesc *
1249 fdshare(fdp)
1250 struct filedesc *fdp;
1251 {
1252 FILEDESC_LOCK(fdp);
1253 fdp->fd_refcnt++;
1254 FILEDESC_UNLOCK(fdp);
1255 return (fdp);
1256 }
1257
1258 /*
1259 * Copy a filedesc structure.
1260 * A NULL pointer in returns a NULL reference, this is to ease callers,
1261 * not catch errors.
1262 */
1263 struct filedesc *
1264 fdcopy(fdp)
1265 struct filedesc *fdp;
1266 {
1267 struct filedesc *newfdp;
1268 struct file **fpp;
1269 int i, j;
1270
1271 /* Certain daemons might not have file descriptors. */
1272 if (fdp == NULL)
1273 return (NULL);
1274
1275 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED);
1276
1277 FILEDESC_UNLOCK(fdp);
1278 MALLOC(newfdp, struct filedesc *, sizeof(struct filedesc0),
1279 M_FILEDESC, M_WAITOK);
1280 FILEDESC_LOCK(fdp);
1281 bcopy(fdp, newfdp, sizeof(struct filedesc));
1282 FILEDESC_UNLOCK(fdp);
1283 bzero(&newfdp->fd_mtx, sizeof(newfdp->fd_mtx));
1284 mtx_init(&newfdp->fd_mtx, FILEDESC_LOCK_DESC, NULL, MTX_DEF);
1285 if (newfdp->fd_cdir)
1286 VREF(newfdp->fd_cdir);
1287 if (newfdp->fd_rdir)
1288 VREF(newfdp->fd_rdir);
1289 if (newfdp->fd_jdir)
1290 VREF(newfdp->fd_jdir);
1291 newfdp->fd_refcnt = 1;
1292
1293 /*
1294 * If the number of open files fits in the internal arrays
1295 * of the open file structure, use them, otherwise allocate
1296 * additional memory for the number of descriptors currently
1297 * in use.
1298 */
1299 FILEDESC_LOCK(fdp);
1300 newfdp->fd_lastfile = fdp->fd_lastfile;
1301 newfdp->fd_nfiles = fdp->fd_nfiles;
1302 if (newfdp->fd_lastfile < NDFILE) {
1303 newfdp->fd_ofiles = ((struct filedesc0 *) newfdp)->fd_dfiles;
1304 newfdp->fd_ofileflags =
1305 ((struct filedesc0 *) newfdp)->fd_dfileflags;
1306 i = NDFILE;
1307 } else {
1308 /*
1309 * Compute the smallest multiple of NDEXTENT needed
1310 * for the file descriptors currently in use,
1311 * allowing the table to shrink.
1312 */
1313 retry:
1314 i = newfdp->fd_nfiles;
1315 while (i > 2 * NDEXTENT && i > newfdp->fd_lastfile * 2)
1316 i /= 2;
1317 FILEDESC_UNLOCK(fdp);
1318 MALLOC(newfdp->fd_ofiles, struct file **, i * OFILESIZE,
1319 M_FILEDESC, M_WAITOK);
1320 FILEDESC_LOCK(fdp);
1321 newfdp->fd_lastfile = fdp->fd_lastfile;
1322 newfdp->fd_nfiles = fdp->fd_nfiles;
1323 j = newfdp->fd_nfiles;
1324 while (j > 2 * NDEXTENT && j > newfdp->fd_lastfile * 2)
1325 j /= 2;
1326 if (i != j) {
1327 /*
1328 * The size of the original table has changed.
1329 * Go over once again.
1330 */
1331 FILEDESC_UNLOCK(fdp);
1332 FREE(newfdp->fd_ofiles, M_FILEDESC);
1333 FILEDESC_LOCK(fdp);
1334 newfdp->fd_lastfile = fdp->fd_lastfile;
1335 newfdp->fd_nfiles = fdp->fd_nfiles;
1336 goto retry;
1337 }
1338 newfdp->fd_ofileflags = (char *) &newfdp->fd_ofiles[i];
1339 }
1340 newfdp->fd_nfiles = i;
1341 bcopy(fdp->fd_ofiles, newfdp->fd_ofiles, i * sizeof(struct file **));
1342 bcopy(fdp->fd_ofileflags, newfdp->fd_ofileflags, i * sizeof(char));
1343
1344 /*
1345 * kq descriptors cannot be copied.
1346 */
1347 if (newfdp->fd_knlistsize != -1) {
1348 fpp = &newfdp->fd_ofiles[newfdp->fd_lastfile];
1349 for (i = newfdp->fd_lastfile; i >= 0; i--, fpp--) {
1350 if (*fpp != NULL && (*fpp)->f_type == DTYPE_KQUEUE) {
1351 *fpp = NULL;
1352 if (i < newfdp->fd_freefile)
1353 newfdp->fd_freefile = i;
1354 }
1355 if (*fpp == NULL && i == newfdp->fd_lastfile && i > 0)
1356 newfdp->fd_lastfile--;
1357 }
1358 newfdp->fd_knlist = NULL;
1359 newfdp->fd_knlistsize = -1;
1360 newfdp->fd_knhash = NULL;
1361 newfdp->fd_knhashmask = 0;
1362 }
1363
1364 fpp = newfdp->fd_ofiles;
1365 for (i = newfdp->fd_lastfile; i-- >= 0; fpp++) {
1366 if (*fpp != NULL)
1367 fhold(*fpp);
1368 }
1369 return (newfdp);
1370 }
1371
1372 /* A mutex to protect the association between a proc and filedesc. */
1373 struct mtx fdesc_mtx;
1374 MTX_SYSINIT(fdesc, &fdesc_mtx, "fdesc", MTX_DEF);
1375
1376 /*
1377 * Release a filedesc structure.
1378 */
1379 void
1380 fdfree(td)
1381 struct thread *td;
1382 {
1383 struct filedesc *fdp;
1384 struct file **fpp;
1385 int i;
1386
1387 /* Certain daemons might not have file descriptors. */
1388 fdp = td->td_proc->p_fd;
1389 if (fdp == NULL)
1390 return;
1391
1392 FILEDESC_LOCK(fdp);
1393 if (--fdp->fd_refcnt > 0) {
1394 FILEDESC_UNLOCK(fdp);
1395 return;
1396 }
1397
1398 /*
1399 * We are the last reference to the structure, so we can
1400 * safely assume it will not change out from under us.
1401 */
1402 FILEDESC_UNLOCK(fdp);
1403 fpp = fdp->fd_ofiles;
1404 for (i = fdp->fd_lastfile; i-- >= 0; fpp++) {
1405 if (*fpp)
1406 (void) closef(*fpp, td);
1407 }
1408
1409 /* XXX This should happen earlier. */
1410 mtx_lock(&fdesc_mtx);
1411 td->td_proc->p_fd = NULL;
1412 mtx_unlock(&fdesc_mtx);
1413
1414 if (fdp->fd_nfiles > NDFILE)
1415 FREE(fdp->fd_ofiles, M_FILEDESC);
1416 if (fdp->fd_cdir)
1417 vrele(fdp->fd_cdir);
1418 if (fdp->fd_rdir)
1419 vrele(fdp->fd_rdir);
1420 if (fdp->fd_jdir)
1421 vrele(fdp->fd_jdir);
1422 if (fdp->fd_knlist)
1423 FREE(fdp->fd_knlist, M_KQUEUE);
1424 if (fdp->fd_knhash)
1425 FREE(fdp->fd_knhash, M_KQUEUE);
1426 mtx_destroy(&fdp->fd_mtx);
1427 FREE(fdp, M_FILEDESC);
1428 }
1429
1430 /*
1431 * For setugid programs, we don't want to people to use that setugidness
1432 * to generate error messages which write to a file which otherwise would
1433 * otherwise be off-limits to the process. We check for filesystems where
1434 * the vnode can change out from under us after execve (like [lin]procfs).
1435 *
1436 * Since setugidsafety calls this only for fd 0, 1 and 2, this check is
1437 * sufficient. We also don't for check setugidness since we know we are.
1438 */
1439 static int
1440 is_unsafe(struct file *fp)
1441 {
1442 if (fp->f_type == DTYPE_VNODE) {
1443 struct vnode *vp = fp->f_data;
1444
1445 if ((vp->v_vflag & VV_PROCDEP) != 0)
1446 return (1);
1447 }
1448 return (0);
1449 }
1450
1451 /*
1452 * Make this setguid thing safe, if at all possible.
1453 */
1454 void
1455 setugidsafety(td)
1456 struct thread *td;
1457 {
1458 struct filedesc *fdp;
1459 int i;
1460
1461 /* Certain daemons might not have file descriptors. */
1462 fdp = td->td_proc->p_fd;
1463 if (fdp == NULL)
1464 return;
1465
1466 /*
1467 * Note: fdp->fd_ofiles may be reallocated out from under us while
1468 * we are blocked in a close. Be careful!
1469 */
1470 FILEDESC_LOCK(fdp);
1471 for (i = 0; i <= fdp->fd_lastfile; i++) {
1472 if (i > 2)
1473 break;
1474 if (fdp->fd_ofiles[i] && is_unsafe(fdp->fd_ofiles[i])) {
1475 struct file *fp;
1476
1477 #if 0
1478 if ((fdp->fd_ofileflags[i] & UF_MAPPED) != 0)
1479 (void) munmapfd(td, i);
1480 #endif
1481 if (i < fdp->fd_knlistsize) {
1482 FILEDESC_UNLOCK(fdp);
1483 knote_fdclose(td, i);
1484 FILEDESC_LOCK(fdp);
1485 }
1486 /*
1487 * NULL-out descriptor prior to close to avoid
1488 * a race while close blocks.
1489 */
1490 fp = fdp->fd_ofiles[i];
1491 fdp->fd_ofiles[i] = NULL;
1492 fdp->fd_ofileflags[i] = 0;
1493 if (i < fdp->fd_freefile)
1494 fdp->fd_freefile = i;
1495 FILEDESC_UNLOCK(fdp);
1496 (void) closef(fp, td);
1497 FILEDESC_LOCK(fdp);
1498 }
1499 }
1500 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL)
1501 fdp->fd_lastfile--;
1502 FILEDESC_UNLOCK(fdp);
1503 }
1504
1505 /*
1506 * Close any files on exec?
1507 */
1508 void
1509 fdcloseexec(td)
1510 struct thread *td;
1511 {
1512 struct filedesc *fdp;
1513 int i;
1514
1515 /* Certain daemons might not have file descriptors. */
1516 fdp = td->td_proc->p_fd;
1517 if (fdp == NULL)
1518 return;
1519
1520 FILEDESC_LOCK(fdp);
1521
1522 /*
1523 * We cannot cache fd_ofiles or fd_ofileflags since operations
1524 * may block and rip them out from under us.
1525 */
1526 for (i = 0; i <= fdp->fd_lastfile; i++) {
1527 if (fdp->fd_ofiles[i] != NULL &&
1528 (fdp->fd_ofileflags[i] & UF_EXCLOSE)) {
1529 struct file *fp;
1530
1531 #if 0
1532 if (fdp->fd_ofileflags[i] & UF_MAPPED)
1533 (void) munmapfd(td, i);
1534 #endif
1535 if (i < fdp->fd_knlistsize) {
1536 FILEDESC_UNLOCK(fdp);
1537 knote_fdclose(td, i);
1538 FILEDESC_LOCK(fdp);
1539 }
1540 /*
1541 * NULL-out descriptor prior to close to avoid
1542 * a race while close blocks.
1543 */
1544 fp = fdp->fd_ofiles[i];
1545 fdp->fd_ofiles[i] = NULL;
1546 fdp->fd_ofileflags[i] = 0;
1547 if (i < fdp->fd_freefile)
1548 fdp->fd_freefile = i;
1549 FILEDESC_UNLOCK(fdp);
1550 (void) closef(fp, td);
1551 FILEDESC_LOCK(fdp);
1552 }
1553 }
1554 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL)
1555 fdp->fd_lastfile--;
1556 FILEDESC_UNLOCK(fdp);
1557 }
1558
1559 /*
1560 * It is unsafe for set[ug]id processes to be started with file
1561 * descriptors 0..2 closed, as these descriptors are given implicit
1562 * significance in the Standard C library. fdcheckstd() will create a
1563 * descriptor referencing /dev/null for each of stdin, stdout, and
1564 * stderr that is not already open.
1565 */
1566 int
1567 fdcheckstd(td)
1568 struct thread *td;
1569 {
1570 struct nameidata nd;
1571 struct filedesc *fdp;
1572 struct file *fp;
1573 register_t retval;
1574 int fd, i, error, flags, devnull;
1575
1576 fdp = td->td_proc->p_fd;
1577 if (fdp == NULL)
1578 return (0);
1579 devnull = -1;
1580 error = 0;
1581 for (i = 0; i < 3; i++) {
1582 if (fdp->fd_ofiles[i] != NULL)
1583 continue;
1584 if (devnull < 0) {
1585 error = falloc(td, &fp, &fd);
1586 if (error != 0)
1587 break;
1588 KASSERT(fd == i, ("oof, we didn't get our fd"));
1589 NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, "/dev/null",
1590 td);
1591 flags = FREAD | FWRITE;
1592 error = vn_open(&nd, &flags, 0);
1593 if (error != 0) {
1594 FILEDESC_LOCK(fdp);
1595 fdp->fd_ofiles[fd] = NULL;
1596 FILEDESC_UNLOCK(fdp);
1597 fdrop(fp, td);
1598 break;
1599 }
1600 NDFREE(&nd, NDF_ONLY_PNBUF);
1601 fp->f_data = nd.ni_vp;
1602 fp->f_flag = flags;
1603 fp->f_ops = &vnops;
1604 fp->f_type = DTYPE_VNODE;
1605 VOP_UNLOCK(nd.ni_vp, 0, td);
1606 devnull = fd;
1607 } else {
1608 error = do_dup(td, DUP_FIXED, devnull, i, &retval);
1609 if (error != 0)
1610 break;
1611 }
1612 }
1613 return (error);
1614 }
1615
1616 /*
1617 * Internal form of close.
1618 * Decrement reference count on file structure.
1619 * Note: td may be NULL when closing a file
1620 * that was being passed in a message.
1621 */
1622 int
1623 closef(fp, td)
1624 struct file *fp;
1625 struct thread *td;
1626 {
1627 struct vnode *vp;
1628 struct flock lf;
1629
1630 if (fp == NULL)
1631 return (0);
1632 /*
1633 * POSIX record locking dictates that any close releases ALL
1634 * locks owned by this process. This is handled by setting
1635 * a flag in the unlock to free ONLY locks obeying POSIX
1636 * semantics, and not to free BSD-style file locks.
1637 * If the descriptor was in a message, POSIX-style locks
1638 * aren't passed with the descriptor.
1639 */
1640 if (td != NULL && (td->td_proc->p_leader->p_flag & P_ADVLOCK) != 0 &&
1641 fp->f_type == DTYPE_VNODE) {
1642 lf.l_whence = SEEK_SET;
1643 lf.l_start = 0;
1644 lf.l_len = 0;
1645 lf.l_type = F_UNLCK;
1646 vp = fp->f_data;
1647 (void) VOP_ADVLOCK(vp, (caddr_t)td->td_proc->p_leader,
1648 F_UNLCK, &lf, F_POSIX);
1649 }
1650 return (fdrop(fp, td));
1651 }
1652
1653 /*
1654 * Drop reference on struct file passed in, may call closef if the
1655 * reference hits zero.
1656 */
1657 int
1658 fdrop(fp, td)
1659 struct file *fp;
1660 struct thread *td;
1661 {
1662
1663 FILE_LOCK(fp);
1664 return (fdrop_locked(fp, td));
1665 }
1666
1667 /*
1668 * Extract the file pointer associated with the specified descriptor for
1669 * the current user process.
1670 *
1671 * If the descriptor doesn't exist, EBADF is returned.
1672 *
1673 * If the descriptor exists but doesn't match 'flags' then
1674 * return EBADF for read attempts and EINVAL for write attempts.
1675 *
1676 * If 'hold' is set (non-zero) the file's refcount will be bumped on return.
1677 * It should be droped with fdrop().
1678 * If it is not set, then the refcount will not be bumped however the
1679 * thread's filedesc struct will be returned locked (for fgetsock).
1680 *
1681 * If an error occured the non-zero error is returned and *fpp is set to NULL.
1682 * Otherwise *fpp is set and zero is returned.
1683 */
1684 static __inline int
1685 _fget(struct thread *td, int fd, struct file **fpp, int flags, int hold)
1686 {
1687 struct filedesc *fdp;
1688 struct file *fp;
1689
1690 *fpp = NULL;
1691 if (td == NULL || (fdp = td->td_proc->p_fd) == NULL)
1692 return (EBADF);
1693 FILEDESC_LOCK(fdp);
1694 if ((fp = fget_locked(fdp, fd)) == NULL || fp->f_ops == &badfileops) {
1695 FILEDESC_UNLOCK(fdp);
1696 return (EBADF);
1697 }
1698
1699 /*
1700 * Note: FREAD failures returns EBADF to maintain backwards
1701 * compatibility with what routines returned before.
1702 *
1703 * Only one flag, or 0, may be specified.
1704 */
1705 if (flags == FREAD && (fp->f_flag & FREAD) == 0) {
1706 FILEDESC_UNLOCK(fdp);
1707 return (EBADF);
1708 }
1709 if (flags == FWRITE && (fp->f_flag & FWRITE) == 0) {
1710 FILEDESC_UNLOCK(fdp);
1711 return (EINVAL);
1712 }
1713 if (hold) {
1714 fhold(fp);
1715 FILEDESC_UNLOCK(fdp);
1716 }
1717 *fpp = fp;
1718 return (0);
1719 }
1720
1721 int
1722 fget(struct thread *td, int fd, struct file **fpp)
1723 {
1724
1725 return(_fget(td, fd, fpp, 0, 1));
1726 }
1727
1728 int
1729 fget_read(struct thread *td, int fd, struct file **fpp)
1730 {
1731
1732 return(_fget(td, fd, fpp, FREAD, 1));
1733 }
1734
1735 int
1736 fget_write(struct thread *td, int fd, struct file **fpp)
1737 {
1738
1739 return(_fget(td, fd, fpp, FWRITE, 1));
1740 }
1741
1742 /*
1743 * Like fget() but loads the underlying vnode, or returns an error if
1744 * the descriptor does not represent a vnode. Note that pipes use vnodes
1745 * but never have VM objects (so VOP_GETVOBJECT() calls will return an
1746 * error). The returned vnode will be vref()d.
1747 */
1748 static __inline int
1749 _fgetvp(struct thread *td, int fd, struct vnode **vpp, int flags)
1750 {
1751 struct file *fp;
1752 int error;
1753
1754 *vpp = NULL;
1755 if ((error = _fget(td, fd, &fp, 0, 0)) != 0)
1756 return (error);
1757 if (fp->f_type != DTYPE_VNODE && fp->f_type != DTYPE_FIFO) {
1758 error = EINVAL;
1759 } else {
1760 *vpp = fp->f_data;
1761 vref(*vpp);
1762 }
1763 FILEDESC_UNLOCK(td->td_proc->p_fd);
1764 return (error);
1765 }
1766
1767 int
1768 fgetvp(struct thread *td, int fd, struct vnode **vpp)
1769 {
1770
1771 return (_fgetvp(td, fd, vpp, 0));
1772 }
1773
1774 int
1775 fgetvp_read(struct thread *td, int fd, struct vnode **vpp)
1776 {
1777
1778 return (_fgetvp(td, fd, vpp, FREAD));
1779 }
1780
1781 int
1782 fgetvp_write(struct thread *td, int fd, struct vnode **vpp)
1783 {
1784
1785 return (_fgetvp(td, fd, vpp, FWRITE));
1786 }
1787
1788 /*
1789 * Like fget() but loads the underlying socket, or returns an error if
1790 * the descriptor does not represent a socket.
1791 *
1792 * We bump the ref count on the returned socket. XXX Also obtain the SX
1793 * lock in the future.
1794 */
1795 int
1796 fgetsock(struct thread *td, int fd, struct socket **spp, u_int *fflagp)
1797 {
1798 struct file *fp;
1799 int error;
1800
1801 *spp = NULL;
1802 if (fflagp != NULL)
1803 *fflagp = 0;
1804 if ((error = _fget(td, fd, &fp, 0, 0)) != 0)
1805 return (error);
1806 if (fp->f_type != DTYPE_SOCKET) {
1807 error = ENOTSOCK;
1808 } else {
1809 *spp = fp->f_data;
1810 if (fflagp)
1811 *fflagp = fp->f_flag;
1812 soref(*spp);
1813 }
1814 FILEDESC_UNLOCK(td->td_proc->p_fd);
1815 return (error);
1816 }
1817
1818 /*
1819 * Drop the reference count on the the socket and XXX release the SX lock in
1820 * the future. The last reference closes the socket.
1821 */
1822 void
1823 fputsock(struct socket *so)
1824 {
1825
1826 sorele(so);
1827 }
1828
1829 /*
1830 * Drop reference on struct file passed in, may call closef if the
1831 * reference hits zero.
1832 * Expects struct file locked, and will unlock it.
1833 */
1834 int
1835 fdrop_locked(fp, td)
1836 struct file *fp;
1837 struct thread *td;
1838 {
1839 struct flock lf;
1840 struct vnode *vp;
1841 int error;
1842
1843 FILE_LOCK_ASSERT(fp, MA_OWNED);
1844
1845 if (--fp->f_count > 0) {
1846 FILE_UNLOCK(fp);
1847 return (0);
1848 }
1849 mtx_lock(&Giant);
1850 if (fp->f_count < 0)
1851 panic("fdrop: count < 0");
1852 if ((fp->f_flag & FHASLOCK) && fp->f_type == DTYPE_VNODE) {
1853 lf.l_whence = SEEK_SET;
1854 lf.l_start = 0;
1855 lf.l_len = 0;
1856 lf.l_type = F_UNLCK;
1857 vp = fp->f_data;
1858 FILE_UNLOCK(fp);
1859 (void) VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK);
1860 } else
1861 FILE_UNLOCK(fp);
1862 if (fp->f_ops != &badfileops)
1863 error = fo_close(fp, td);
1864 else
1865 error = 0;
1866 ffree(fp);
1867 mtx_unlock(&Giant);
1868 return (error);
1869 }
1870
1871 /*
1872 * Apply an advisory lock on a file descriptor.
1873 *
1874 * Just attempt to get a record lock of the requested type on
1875 * the entire file (l_whence = SEEK_SET, l_start = 0, l_len = 0).
1876 */
1877 #ifndef _SYS_SYSPROTO_H_
1878 struct flock_args {
1879 int fd;
1880 int how;
1881 };
1882 #endif
1883 /*
1884 * MPSAFE
1885 */
1886 /* ARGSUSED */
1887 int
1888 flock(td, uap)
1889 struct thread *td;
1890 struct flock_args *uap;
1891 {
1892 struct file *fp;
1893 struct vnode *vp;
1894 struct flock lf;
1895 int error;
1896
1897 if ((error = fget(td, uap->fd, &fp)) != 0)
1898 return (error);
1899 if (fp->f_type != DTYPE_VNODE) {
1900 fdrop(fp, td);
1901 return (EOPNOTSUPP);
1902 }
1903
1904 mtx_lock(&Giant);
1905 vp = fp->f_data;
1906 lf.l_whence = SEEK_SET;
1907 lf.l_start = 0;
1908 lf.l_len = 0;
1909 if (uap->how & LOCK_UN) {
1910 lf.l_type = F_UNLCK;
1911 FILE_LOCK(fp);
1912 fp->f_flag &= ~FHASLOCK;
1913 FILE_UNLOCK(fp);
1914 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK);
1915 goto done2;
1916 }
1917 if (uap->how & LOCK_EX)
1918 lf.l_type = F_WRLCK;
1919 else if (uap->how & LOCK_SH)
1920 lf.l_type = F_RDLCK;
1921 else {
1922 error = EBADF;
1923 goto done2;
1924 }
1925 FILE_LOCK(fp);
1926 fp->f_flag |= FHASLOCK;
1927 FILE_UNLOCK(fp);
1928 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf,
1929 (uap->how & LOCK_NB) ? F_FLOCK : F_FLOCK | F_WAIT);
1930 done2:
1931 fdrop(fp, td);
1932 mtx_unlock(&Giant);
1933 return (error);
1934 }
1935
1936 /*
1937 * File Descriptor pseudo-device driver (/dev/fd/).
1938 *
1939 * Opening minor device N dup()s the file (if any) connected to file
1940 * descriptor N belonging to the calling process. Note that this driver
1941 * consists of only the ``open()'' routine, because all subsequent
1942 * references to this file will be direct to the other driver.
1943 */
1944 /* ARGSUSED */
1945 static int
1946 fdopen(dev, mode, type, td)
1947 dev_t dev;
1948 int mode, type;
1949 struct thread *td;
1950 {
1951
1952 /*
1953 * XXX Kludge: set curthread->td_dupfd to contain the value of the
1954 * the file descriptor being sought for duplication. The error
1955 * return ensures that the vnode for this device will be released
1956 * by vn_open. Open will detect this special error and take the
1957 * actions in dupfdopen below. Other callers of vn_open or VOP_OPEN
1958 * will simply report the error.
1959 */
1960 td->td_dupfd = dev2unit(dev);
1961 return (ENODEV);
1962 }
1963
1964 /*
1965 * Duplicate the specified descriptor to a free descriptor.
1966 */
1967 int
1968 dupfdopen(td, fdp, indx, dfd, mode, error)
1969 struct thread *td;
1970 struct filedesc *fdp;
1971 int indx, dfd;
1972 int mode;
1973 int error;
1974 {
1975 struct file *wfp;
1976 struct file *fp;
1977
1978 /*
1979 * If the to-be-dup'd fd number is greater than the allowed number
1980 * of file descriptors, or the fd to be dup'd has already been
1981 * closed, then reject.
1982 */
1983 FILEDESC_LOCK(fdp);
1984 if (dfd < 0 || dfd >= fdp->fd_nfiles ||
1985 (wfp = fdp->fd_ofiles[dfd]) == NULL) {
1986 FILEDESC_UNLOCK(fdp);
1987 return (EBADF);
1988 }
1989
1990 /*
1991 * There are two cases of interest here.
1992 *
1993 * For ENODEV simply dup (dfd) to file descriptor
1994 * (indx) and return.
1995 *
1996 * For ENXIO steal away the file structure from (dfd) and
1997 * store it in (indx). (dfd) is effectively closed by
1998 * this operation.
1999 *
2000 * Any other error code is just returned.
2001 */
2002 switch (error) {
2003 case ENODEV:
2004 /*
2005 * Check that the mode the file is being opened for is a
2006 * subset of the mode of the existing descriptor.
2007 */
2008 FILE_LOCK(wfp);
2009 if (((mode & (FREAD|FWRITE)) | wfp->f_flag) != wfp->f_flag) {
2010 FILE_UNLOCK(wfp);
2011 FILEDESC_UNLOCK(fdp);
2012 return (EACCES);
2013 }
2014 fp = fdp->fd_ofiles[indx];
2015 #if 0
2016 if (fp && fdp->fd_ofileflags[indx] & UF_MAPPED)
2017 (void) munmapfd(td, indx);
2018 #endif
2019 fdp->fd_ofiles[indx] = wfp;
2020 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd];
2021 fhold_locked(wfp);
2022 FILE_UNLOCK(wfp);
2023 if (indx > fdp->fd_lastfile)
2024 fdp->fd_lastfile = indx;
2025 if (fp != NULL)
2026 FILE_LOCK(fp);
2027 FILEDESC_UNLOCK(fdp);
2028 /*
2029 * We now own the reference to fp that the ofiles[] array
2030 * used to own. Release it.
2031 */
2032 if (fp != NULL)
2033 fdrop_locked(fp, td);
2034 return (0);
2035
2036 case ENXIO:
2037 /*
2038 * Steal away the file pointer from dfd and stuff it into indx.
2039 */
2040 fp = fdp->fd_ofiles[indx];
2041 #if 0
2042 if (fp && fdp->fd_ofileflags[indx] & UF_MAPPED)
2043 (void) munmapfd(td, indx);
2044 #endif
2045 fdp->fd_ofiles[indx] = fdp->fd_ofiles[dfd];
2046 fdp->fd_ofiles[dfd] = NULL;
2047 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd];
2048 fdp->fd_ofileflags[dfd] = 0;
2049
2050 /*
2051 * Complete the clean up of the filedesc structure by
2052 * recomputing the various hints.
2053 */
2054 if (indx > fdp->fd_lastfile) {
2055 fdp->fd_lastfile = indx;
2056 } else {
2057 while (fdp->fd_lastfile > 0 &&
2058 fdp->fd_ofiles[fdp->fd_lastfile] == NULL) {
2059 fdp->fd_lastfile--;
2060 }
2061 if (dfd < fdp->fd_freefile)
2062 fdp->fd_freefile = dfd;
2063 }
2064 if (fp != NULL)
2065 FILE_LOCK(fp);
2066 FILEDESC_UNLOCK(fdp);
2067
2068 /*
2069 * we now own the reference to fp that the ofiles[] array
2070 * used to own. Release it.
2071 */
2072 if (fp != NULL)
2073 fdrop_locked(fp, td);
2074 return (0);
2075
2076 default:
2077 FILEDESC_UNLOCK(fdp);
2078 return (error);
2079 }
2080 /* NOTREACHED */
2081 }
2082
2083 /*
2084 * Get file structures.
2085 */
2086 static int
2087 sysctl_kern_file(SYSCTL_HANDLER_ARGS)
2088 {
2089 struct xfile xf;
2090 struct filedesc *fdp;
2091 struct file *fp;
2092 struct proc *p;
2093 int error, n;
2094
2095 sysctl_wire_old_buffer(req, 0);
2096 if (req->oldptr == NULL) {
2097 n = 16; /* A slight overestimate. */
2098 sx_slock(&filelist_lock);
2099 LIST_FOREACH(fp, &filehead, f_list) {
2100 /*
2101 * We should grab the lock, but this is an
2102 * estimate, so does it really matter?
2103 */
2104 /* mtx_lock(fp->f_mtxp); */
2105 n += fp->f_count;
2106 /* mtx_unlock(f->f_mtxp); */
2107 }
2108 sx_sunlock(&filelist_lock);
2109 return (SYSCTL_OUT(req, 0, n * sizeof(xf)));
2110 }
2111 error = 0;
2112 bzero(&xf, sizeof(xf));
2113 xf.xf_size = sizeof(xf);
2114 sx_slock(&allproc_lock);
2115 LIST_FOREACH(p, &allproc, p_list) {
2116 PROC_LOCK(p);
2117 xf.xf_pid = p->p_pid;
2118 xf.xf_uid = p->p_ucred->cr_uid;
2119 PROC_UNLOCK(p);
2120 mtx_lock(&fdesc_mtx);
2121 if ((fdp = p->p_fd) == NULL) {
2122 mtx_unlock(&fdesc_mtx);
2123 continue;
2124 }
2125 FILEDESC_LOCK(fdp);
2126 for (n = 0; n < fdp->fd_nfiles; ++n) {
2127 if ((fp = fdp->fd_ofiles[n]) == NULL)
2128 continue;
2129 xf.xf_fd = n;
2130 xf.xf_file = fp;
2131 xf.xf_data = fp->f_data;
2132 xf.xf_type = fp->f_type;
2133 xf.xf_count = fp->f_count;
2134 xf.xf_msgcount = fp->f_msgcount;
2135 xf.xf_offset = fp->f_offset;
2136 xf.xf_flag = fp->f_flag;
2137 error = SYSCTL_OUT(req, &xf, sizeof(xf));
2138 if (error)
2139 break;
2140 }
2141 FILEDESC_UNLOCK(fdp);
2142 mtx_unlock(&fdesc_mtx);
2143 if (error)
2144 break;
2145 }
2146 sx_sunlock(&allproc_lock);
2147 return (error);
2148 }
2149
2150 SYSCTL_PROC(_kern, KERN_FILE, file, CTLTYPE_OPAQUE|CTLFLAG_RD,
2151 0, 0, sysctl_kern_file, "S,xfile", "Entire file table");
2152
2153 SYSCTL_INT(_kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW,
2154 &maxfilesperproc, 0, "Maximum files allowed open per process");
2155
2156 SYSCTL_INT(_kern, KERN_MAXFILES, maxfiles, CTLFLAG_RW,
2157 &maxfiles, 0, "Maximum number of files");
2158
2159 SYSCTL_INT(_kern, OID_AUTO, openfiles, CTLFLAG_RD,
2160 &nfiles, 0, "System-wide number of open files");
2161
2162 static void
2163 fildesc_drvinit(void *unused)
2164 {
2165 dev_t dev;
2166
2167 dev = make_dev(&fildesc_cdevsw, 0, UID_ROOT, GID_WHEEL, 0666, "fd/0");
2168 make_dev_alias(dev, "stdin");
2169 dev = make_dev(&fildesc_cdevsw, 1, UID_ROOT, GID_WHEEL, 0666, "fd/1");
2170 make_dev_alias(dev, "stdout");
2171 dev = make_dev(&fildesc_cdevsw, 2, UID_ROOT, GID_WHEEL, 0666, "fd/2");
2172 make_dev_alias(dev, "stderr");
2173 }
2174
2175 static fo_rdwr_t badfo_readwrite;
2176 static fo_ioctl_t badfo_ioctl;
2177 static fo_poll_t badfo_poll;
2178 static fo_kqfilter_t badfo_kqfilter;
2179 static fo_stat_t badfo_stat;
2180 static fo_close_t badfo_close;
2181
2182 struct fileops badfileops = {
2183 badfo_readwrite,
2184 badfo_readwrite,
2185 badfo_ioctl,
2186 badfo_poll,
2187 badfo_kqfilter,
2188 badfo_stat,
2189 badfo_close,
2190 0
2191 };
2192
2193 static int
2194 badfo_readwrite(fp, uio, active_cred, flags, td)
2195 struct file *fp;
2196 struct uio *uio;
2197 struct ucred *active_cred;
2198 struct thread *td;
2199 int flags;
2200 {
2201
2202 return (EBADF);
2203 }
2204
2205 static int
2206 badfo_ioctl(fp, com, data, active_cred, td)
2207 struct file *fp;
2208 u_long com;
2209 void *data;
2210 struct ucred *active_cred;
2211 struct thread *td;
2212 {
2213
2214 return (EBADF);
2215 }
2216
2217 static int
2218 badfo_poll(fp, events, active_cred, td)
2219 struct file *fp;
2220 int events;
2221 struct ucred *active_cred;
2222 struct thread *td;
2223 {
2224
2225 return (0);
2226 }
2227
2228 static int
2229 badfo_kqfilter(fp, kn)
2230 struct file *fp;
2231 struct knote *kn;
2232 {
2233
2234 return (0);
2235 }
2236
2237 static int
2238 badfo_stat(fp, sb, active_cred, td)
2239 struct file *fp;
2240 struct stat *sb;
2241 struct ucred *active_cred;
2242 struct thread *td;
2243 {
2244
2245 return (EBADF);
2246 }
2247
2248 static int
2249 badfo_close(fp, td)
2250 struct file *fp;
2251 struct thread *td;
2252 {
2253
2254 return (EBADF);
2255 }
2256
2257 SYSINIT(fildescdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,
2258 fildesc_drvinit,NULL)
2259
2260 static void filelistinit(void *);
2261 SYSINIT(select, SI_SUB_LOCK, SI_ORDER_FIRST, filelistinit, NULL)
2262
2263 /* ARGSUSED*/
2264 static void
2265 filelistinit(dummy)
2266 void *dummy;
2267 {
2268
2269 file_zone = uma_zcreate("Files", sizeof(struct file), NULL, NULL,
2270 NULL, NULL, UMA_ALIGN_PTR, 0);
2271 sx_init(&filelist_lock, "filelist lock");
2272 mtx_init(&sigio_lock, "sigio lock", NULL, MTX_DEF);
2273 }
Cache object: da79ea540b26eafdb362d24d383125cd
|