The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/kern/kern_descrip.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*
    2  * Copyright (c) 1982, 1986, 1989, 1991, 1993
    3  *      The Regents of the University of California.  All rights reserved.
    4  * (c) UNIX System Laboratories, Inc.
    5  * All or some portions of this file are derived from material licensed
    6  * to the University of California by American Telephone and Telegraph
    7  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
    8  * the permission of UNIX System Laboratories, Inc.
    9  *
   10  * Redistribution and use in source and binary forms, with or without
   11  * modification, are permitted provided that the following conditions
   12  * are met:
   13  * 1. Redistributions of source code must retain the above copyright
   14  *    notice, this list of conditions and the following disclaimer.
   15  * 2. Redistributions in binary form must reproduce the above copyright
   16  *    notice, this list of conditions and the following disclaimer in the
   17  *    documentation and/or other materials provided with the distribution.
   18  * 3. All advertising materials mentioning features or use of this software
   19  *    must display the following acknowledgement:
   20  *      This product includes software developed by the University of
   21  *      California, Berkeley and its contributors.
   22  * 4. Neither the name of the University nor the names of its contributors
   23  *    may be used to endorse or promote products derived from this software
   24  *    without specific prior written permission.
   25  *
   26  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
   27  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   28  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   29  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
   30  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   31  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   32  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   33  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   34  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   35  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   36  * SUCH DAMAGE.
   37  *
   38  *      @(#)kern_descrip.c      8.6 (Berkeley) 4/19/94
   39  * $FreeBSD: releng/5.1/sys/kern/kern_descrip.c 115042 2003-05-15 21:13:08Z rwatson $
   40  */
   41 
   42 #include "opt_compat.h"
   43 
   44 #include <sys/param.h>
   45 #include <sys/systm.h>
   46 #include <sys/syscallsubr.h>
   47 #include <sys/sysproto.h>
   48 #include <sys/conf.h>
   49 #include <sys/filedesc.h>
   50 #include <sys/lock.h>
   51 #include <sys/kernel.h>
   52 #include <sys/limits.h>
   53 #include <sys/malloc.h>
   54 #include <sys/mutex.h>
   55 #include <sys/sysctl.h>
   56 #include <sys/vnode.h>
   57 #include <sys/mount.h>
   58 #include <sys/proc.h>
   59 #include <sys/namei.h>
   60 #include <sys/file.h>
   61 #include <sys/stat.h>
   62 #include <sys/filio.h>
   63 #include <sys/fcntl.h>
   64 #include <sys/unistd.h>
   65 #include <sys/resourcevar.h>
   66 #include <sys/event.h>
   67 #include <sys/sx.h>
   68 #include <sys/socketvar.h>
   69 #include <sys/signalvar.h>
   70 
   71 #include <vm/vm.h>
   72 #include <vm/vm_extern.h>
   73 #include <vm/uma.h>
   74 
   75 static MALLOC_DEFINE(M_FILEDESC, "file desc", "Open file descriptor table");
   76 static MALLOC_DEFINE(M_SIGIO, "sigio", "sigio structures");
   77 
   78 static uma_zone_t file_zone;
   79 
   80 static   d_open_t  fdopen;
   81 #define NUMFDESC 64
   82 
   83 #define CDEV_MAJOR 22
   84 static struct cdevsw fildesc_cdevsw = {
   85         .d_open =       fdopen,
   86         .d_name =       "FD",
   87         .d_maj =        CDEV_MAJOR,
   88 };
   89 
   90 /* How to treat 'new' parameter when allocating a fd for do_dup(). */
   91 enum dup_type { DUP_VARIABLE, DUP_FIXED };
   92 
   93 static int do_dup(struct thread *td, enum dup_type type, int old, int new,
   94     register_t *retval);
   95 
   96 /*
   97  * Descriptor management.
   98  */
   99 struct filelist filehead;       /* head of list of open files */
  100 int nfiles;                     /* actual number of open files */
  101 extern int cmask;       
  102 struct sx filelist_lock;        /* sx to protect filelist */
  103 struct mtx sigio_lock;          /* mtx to protect pointers to sigio */
  104 
  105 /*
  106  * System calls on descriptors.
  107  */
  108 #ifndef _SYS_SYSPROTO_H_
  109 struct getdtablesize_args {
  110         int     dummy;
  111 };
  112 #endif
  113 /*
  114  * MPSAFE
  115  */
  116 /* ARGSUSED */
  117 int
  118 getdtablesize(td, uap)
  119         struct thread *td;
  120         struct getdtablesize_args *uap;
  121 {
  122         struct proc *p = td->td_proc;
  123 
  124         mtx_lock(&Giant);
  125         td->td_retval[0] = 
  126             min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc);
  127         mtx_unlock(&Giant);
  128         return (0);
  129 }
  130 
  131 /*
  132  * Duplicate a file descriptor to a particular value.
  133  *
  134  * note: keep in mind that a potential race condition exists when closing
  135  * descriptors from a shared descriptor table (via rfork).
  136  */
  137 #ifndef _SYS_SYSPROTO_H_
  138 struct dup2_args {
  139         u_int   from;
  140         u_int   to;
  141 };
  142 #endif
  143 /*
  144  * MPSAFE
  145  */
  146 /* ARGSUSED */
  147 int
  148 dup2(td, uap)
  149         struct thread *td;
  150         struct dup2_args *uap;
  151 {
  152 
  153         return (do_dup(td, DUP_FIXED, (int)uap->from, (int)uap->to,
  154                     td->td_retval));
  155 }
  156 
  157 /*
  158  * Duplicate a file descriptor.
  159  */
  160 #ifndef _SYS_SYSPROTO_H_
  161 struct dup_args {
  162         u_int   fd;
  163 };
  164 #endif
  165 /*
  166  * MPSAFE
  167  */
  168 /* ARGSUSED */
  169 int
  170 dup(td, uap)
  171         struct thread *td;
  172         struct dup_args *uap;
  173 {
  174 
  175         return (do_dup(td, DUP_VARIABLE, (int)uap->fd, 0, td->td_retval));
  176 }
  177 
  178 /*
  179  * The file control system call.
  180  */
  181 #ifndef _SYS_SYSPROTO_H_
  182 struct fcntl_args {
  183         int     fd;
  184         int     cmd;
  185         long    arg;
  186 };
  187 #endif
  188 /*
  189  * MPSAFE
  190  */
  191 /* ARGSUSED */
  192 int
  193 fcntl(td, uap)
  194         struct thread *td;
  195         struct fcntl_args *uap;
  196 {
  197         struct flock fl;
  198         intptr_t arg;
  199         int error;
  200 
  201         error = 0;
  202         switch (uap->cmd) {
  203         case F_GETLK:
  204         case F_SETLK:
  205         case F_SETLKW:
  206                 error = copyin((void *)(intptr_t)uap->arg, &fl, sizeof(fl));
  207                 arg = (intptr_t)&fl;
  208                 break;
  209         default:
  210                 arg = uap->arg;
  211                 break;
  212         }
  213         if (error)
  214                 return (error);
  215         error = kern_fcntl(td, uap->fd, uap->cmd, arg);
  216         if (error)
  217                 return (error);
  218         if (uap->cmd == F_GETLK)
  219                 error = copyout(&fl, (void *)(intptr_t)uap->arg, sizeof(fl));
  220         return (error);
  221 }
  222 
  223 int
  224 kern_fcntl(struct thread *td, int fd, int cmd, intptr_t arg)
  225 {
  226         struct filedesc *fdp;
  227         struct flock *flp;
  228         struct file *fp;
  229         struct proc *p;
  230         char *pop;
  231         struct vnode *vp;
  232         u_int newmin;
  233         int error, flg, tmp;
  234 
  235         error = 0;
  236         flg = F_POSIX;
  237         p = td->td_proc;
  238         fdp = p->p_fd;
  239         mtx_lock(&Giant);
  240         FILEDESC_LOCK(fdp);
  241         if ((unsigned)fd >= fdp->fd_nfiles ||
  242             (fp = fdp->fd_ofiles[fd]) == NULL) {
  243                 FILEDESC_UNLOCK(fdp);
  244                 error = EBADF;
  245                 goto done2;
  246         }
  247         pop = &fdp->fd_ofileflags[fd];
  248 
  249         switch (cmd) {
  250         case F_DUPFD:
  251                 FILEDESC_UNLOCK(fdp);
  252                 newmin = arg;
  253                 if (newmin >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur ||
  254                     newmin >= maxfilesperproc) {
  255                         error = EINVAL;
  256                         break;
  257                 }
  258                 error = do_dup(td, DUP_VARIABLE, fd, newmin, td->td_retval);
  259                 break;
  260 
  261         case F_GETFD:
  262                 td->td_retval[0] = (*pop & UF_EXCLOSE) ? FD_CLOEXEC : 0;
  263                 FILEDESC_UNLOCK(fdp);
  264                 break;
  265 
  266         case F_SETFD:
  267                 *pop = (*pop &~ UF_EXCLOSE) |
  268                     (arg & FD_CLOEXEC ? UF_EXCLOSE : 0);
  269                 FILEDESC_UNLOCK(fdp);
  270                 break;
  271 
  272         case F_GETFL:
  273                 FILE_LOCK(fp);
  274                 FILEDESC_UNLOCK(fdp);
  275                 td->td_retval[0] = OFLAGS(fp->f_flag);
  276                 FILE_UNLOCK(fp);
  277                 break;
  278 
  279         case F_SETFL:
  280                 FILE_LOCK(fp);
  281                 FILEDESC_UNLOCK(fdp);
  282                 fhold_locked(fp);
  283                 fp->f_flag &= ~FCNTLFLAGS;
  284                 fp->f_flag |= FFLAGS(arg & ~O_ACCMODE) & FCNTLFLAGS;
  285                 FILE_UNLOCK(fp);
  286                 tmp = fp->f_flag & FNONBLOCK;
  287                 error = fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td);
  288                 if (error) {
  289                         fdrop(fp, td);
  290                         break;
  291                 }
  292                 tmp = fp->f_flag & FASYNC;
  293                 error = fo_ioctl(fp, FIOASYNC, &tmp, td->td_ucred, td);
  294                 if (error == 0) {
  295                         fdrop(fp, td);
  296                         break;
  297                 }
  298                 FILE_LOCK(fp);
  299                 fp->f_flag &= ~FNONBLOCK;
  300                 FILE_UNLOCK(fp);
  301                 tmp = 0;
  302                 (void)fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td);
  303                 fdrop(fp, td);
  304                 break;
  305 
  306         case F_GETOWN:
  307                 fhold(fp);
  308                 FILEDESC_UNLOCK(fdp);
  309                 error = fo_ioctl(fp, FIOGETOWN, &tmp, td->td_ucred, td);
  310                 if (error == 0)
  311                         td->td_retval[0] = tmp;
  312                 fdrop(fp, td);
  313                 break;
  314 
  315         case F_SETOWN:
  316                 fhold(fp);
  317                 FILEDESC_UNLOCK(fdp);
  318                 tmp = arg;
  319                 error = fo_ioctl(fp, FIOSETOWN, &tmp, td->td_ucred, td);
  320                 fdrop(fp, td);
  321                 break;
  322 
  323         case F_SETLKW:
  324                 flg |= F_WAIT;
  325                 /* FALLTHROUGH F_SETLK */
  326 
  327         case F_SETLK:
  328                 if (fp->f_type != DTYPE_VNODE) {
  329                         FILEDESC_UNLOCK(fdp);
  330                         error = EBADF;
  331                         break;
  332                 }
  333 
  334                 flp = (struct flock *)arg;
  335                 if (flp->l_whence == SEEK_CUR) {
  336                         if (fp->f_offset < 0 ||
  337                             (flp->l_start > 0 &&
  338                              fp->f_offset > OFF_MAX - flp->l_start)) {
  339                                 FILEDESC_UNLOCK(fdp);
  340                                 error = EOVERFLOW;
  341                                 break;
  342                         }
  343                         flp->l_start += fp->f_offset;
  344                 }
  345 
  346                 /*
  347                  * VOP_ADVLOCK() may block.
  348                  */
  349                 fhold(fp);
  350                 FILEDESC_UNLOCK(fdp);
  351                 vp = fp->f_data;
  352 
  353                 switch (flp->l_type) {
  354                 case F_RDLCK:
  355                         if ((fp->f_flag & FREAD) == 0) {
  356                                 error = EBADF;
  357                                 break;
  358                         }
  359                         PROC_LOCK(p->p_leader);
  360                         p->p_leader->p_flag |= P_ADVLOCK;
  361                         PROC_UNLOCK(p->p_leader);
  362                         error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK,
  363                             flp, flg);
  364                         break;
  365                 case F_WRLCK:
  366                         if ((fp->f_flag & FWRITE) == 0) {
  367                                 error = EBADF;
  368                                 break;
  369                         }
  370                         PROC_LOCK(p->p_leader);
  371                         p->p_leader->p_flag |= P_ADVLOCK;
  372                         PROC_UNLOCK(p->p_leader);
  373                         error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK,
  374                             flp, flg);
  375                         break;
  376                 case F_UNLCK:
  377                         error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_UNLCK,
  378                             flp, F_POSIX);
  379                         break;
  380                 default:
  381                         error = EINVAL;
  382                         break;
  383                 }
  384                 /* Check for race with close */
  385                 FILEDESC_LOCK(fdp);
  386                 if ((unsigned) fd >= fdp->fd_nfiles ||
  387                     fp != fdp->fd_ofiles[fd]) {
  388                         FILEDESC_UNLOCK(fdp);
  389                         flp->l_whence = SEEK_SET;
  390                         flp->l_start = 0;
  391                         flp->l_len = 0;
  392                         flp->l_type = F_UNLCK;
  393                         (void) VOP_ADVLOCK(vp, (caddr_t)p->p_leader,
  394                                            F_UNLCK, flp, F_POSIX);
  395                 } else
  396                         FILEDESC_UNLOCK(fdp);
  397                 fdrop(fp, td);
  398                 break;
  399 
  400         case F_GETLK:
  401                 if (fp->f_type != DTYPE_VNODE) {
  402                         FILEDESC_UNLOCK(fdp);
  403                         error = EBADF;
  404                         break;
  405                 }
  406                 flp = (struct flock *)arg;
  407                 if (flp->l_type != F_RDLCK && flp->l_type != F_WRLCK &&
  408                     flp->l_type != F_UNLCK) {
  409                         FILEDESC_UNLOCK(fdp);
  410                         error = EINVAL;
  411                         break;
  412                 }
  413                 if (flp->l_whence == SEEK_CUR) {
  414                         if ((flp->l_start > 0 &&
  415                             fp->f_offset > OFF_MAX - flp->l_start) ||
  416                             (flp->l_start < 0 &&
  417                              fp->f_offset < OFF_MIN - flp->l_start)) {
  418                                 FILEDESC_UNLOCK(fdp);
  419                                 error = EOVERFLOW;
  420                                 break;
  421                         }
  422                         flp->l_start += fp->f_offset;
  423                 }
  424                 /*
  425                  * VOP_ADVLOCK() may block.
  426                  */
  427                 fhold(fp);
  428                 FILEDESC_UNLOCK(fdp);
  429                 vp = fp->f_data;
  430                 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_GETLK, flp,
  431                     F_POSIX);
  432                 fdrop(fp, td);
  433                 break;
  434         default:
  435                 FILEDESC_UNLOCK(fdp);
  436                 error = EINVAL;
  437                 break;
  438         }
  439 done2:
  440         mtx_unlock(&Giant);
  441         return (error);
  442 }
  443 
  444 /*
  445  * Common code for dup, dup2, and fcntl(F_DUPFD).
  446  */
  447 static int
  448 do_dup(td, type, old, new, retval)
  449         enum dup_type type;
  450         int old, new;
  451         register_t *retval;
  452         struct thread *td;
  453 {
  454         struct filedesc *fdp;
  455         struct proc *p;
  456         struct file *fp;
  457         struct file *delfp;
  458         int error, newfd;
  459 
  460         p = td->td_proc;
  461         fdp = p->p_fd;
  462 
  463         /*
  464          * Verify we have a valid descriptor to dup from and possibly to
  465          * dup to.
  466          */
  467         if (old < 0 || new < 0 || new >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur ||
  468             new >= maxfilesperproc)
  469                 return (EBADF);
  470         FILEDESC_LOCK(fdp);
  471         if (old >= fdp->fd_nfiles || fdp->fd_ofiles[old] == NULL) {
  472                 FILEDESC_UNLOCK(fdp);
  473                 return (EBADF);
  474         }
  475         if (type == DUP_FIXED && old == new) {
  476                 *retval = new;
  477                 FILEDESC_UNLOCK(fdp);
  478                 return (0);
  479         }
  480         fp = fdp->fd_ofiles[old];
  481         fhold(fp);
  482 
  483         /*
  484          * Expand the table for the new descriptor if needed.  This may
  485          * block and drop and reacquire the filedesc lock.
  486          */
  487         if (type == DUP_VARIABLE || new >= fdp->fd_nfiles) {
  488                 error = fdalloc(td, new, &newfd);
  489                 if (error) {
  490                         FILEDESC_UNLOCK(fdp);
  491                         fdrop(fp, td);
  492                         return (error);
  493                 }
  494         }
  495         if (type == DUP_VARIABLE)
  496                 new = newfd;
  497 
  498         /*
  499          * If the old file changed out from under us then treat it as a
  500          * bad file descriptor.  Userland should do its own locking to
  501          * avoid this case.
  502          */
  503         if (fdp->fd_ofiles[old] != fp) {
  504                 if (fdp->fd_ofiles[new] == NULL) {
  505                         if (new < fdp->fd_freefile)
  506                                 fdp->fd_freefile = new;
  507                         while (fdp->fd_lastfile > 0 &&
  508                             fdp->fd_ofiles[fdp->fd_lastfile] == NULL)
  509                                 fdp->fd_lastfile--;
  510                 }
  511                 FILEDESC_UNLOCK(fdp);
  512                 fdrop(fp, td);
  513                 return (EBADF);
  514         }
  515         KASSERT(old != new, ("new fd is same as old"));
  516 
  517         /*
  518          * Save info on the descriptor being overwritten.  We have
  519          * to do the unmap now, but we cannot close it without
  520          * introducing an ownership race for the slot.
  521          */
  522         delfp = fdp->fd_ofiles[new];
  523         KASSERT(delfp == NULL || type == DUP_FIXED,
  524             ("dup() picked an open file"));
  525 #if 0
  526         if (delfp && (fdp->fd_ofileflags[new] & UF_MAPPED))
  527                 (void) munmapfd(td, new);
  528 #endif
  529 
  530         /*
  531          * Duplicate the source descriptor, update lastfile
  532          */
  533         fdp->fd_ofiles[new] = fp;
  534         fdp->fd_ofileflags[new] = fdp->fd_ofileflags[old] &~ UF_EXCLOSE;
  535         if (new > fdp->fd_lastfile)
  536                 fdp->fd_lastfile = new;
  537         FILEDESC_UNLOCK(fdp);
  538         *retval = new;
  539 
  540         /*
  541          * If we dup'd over a valid file, we now own the reference to it
  542          * and must dispose of it using closef() semantics (as if a
  543          * close() were performed on it).
  544          */
  545         if (delfp) {
  546                 mtx_lock(&Giant);
  547                 (void) closef(delfp, td);
  548                 mtx_unlock(&Giant);
  549         }
  550         return (0);
  551 }
  552 
  553 /*
  554  * If sigio is on the list associated with a process or process group,
  555  * disable signalling from the device, remove sigio from the list and
  556  * free sigio.
  557  */
  558 void
  559 funsetown(sigiop)
  560         struct sigio **sigiop;
  561 {
  562         struct sigio *sigio;
  563 
  564         SIGIO_LOCK();
  565         sigio = *sigiop;
  566         if (sigio == NULL) {
  567                 SIGIO_UNLOCK();
  568                 return;
  569         }
  570         *(sigio->sio_myref) = NULL;
  571         if ((sigio)->sio_pgid < 0) {
  572                 struct pgrp *pg = (sigio)->sio_pgrp;
  573                 PGRP_LOCK(pg);
  574                 SLIST_REMOVE(&sigio->sio_pgrp->pg_sigiolst, sigio,
  575                              sigio, sio_pgsigio);
  576                 PGRP_UNLOCK(pg);
  577         } else {
  578                 struct proc *p = (sigio)->sio_proc;
  579                 PROC_LOCK(p);
  580                 SLIST_REMOVE(&sigio->sio_proc->p_sigiolst, sigio,
  581                              sigio, sio_pgsigio);
  582                 PROC_UNLOCK(p);
  583         }
  584         SIGIO_UNLOCK();
  585         crfree(sigio->sio_ucred);
  586         FREE(sigio, M_SIGIO);
  587 }
  588 
  589 /*
  590  * Free a list of sigio structures.
  591  * We only need to lock the SIGIO_LOCK because we have made ourselves
  592  * inaccessable to callers of fsetown and therefore do not need to lock
  593  * the proc or pgrp struct for the list manipulation.
  594  */
  595 void
  596 funsetownlst(sigiolst)
  597         struct sigiolst *sigiolst;
  598 {
  599         struct proc *p;
  600         struct pgrp *pg;
  601         struct sigio *sigio;
  602 
  603         sigio = SLIST_FIRST(sigiolst);
  604         if (sigio == NULL)
  605                 return;
  606         p = NULL;
  607         pg = NULL;
  608 
  609         /*
  610          * Every entry of the list should belong
  611          * to a single proc or pgrp.
  612          */
  613         if (sigio->sio_pgid < 0) {
  614                 pg = sigio->sio_pgrp;
  615                 PGRP_LOCK_ASSERT(pg, MA_NOTOWNED);
  616         } else /* if (sigio->sio_pgid > 0) */ {
  617                 p = sigio->sio_proc;
  618                 PROC_LOCK_ASSERT(p, MA_NOTOWNED);
  619         }
  620 
  621         SIGIO_LOCK();
  622         while ((sigio = SLIST_FIRST(sigiolst)) != NULL) {
  623                 *(sigio->sio_myref) = NULL;
  624                 if (pg != NULL) {
  625                         KASSERT(sigio->sio_pgid < 0,
  626                             ("Proc sigio in pgrp sigio list"));
  627                         KASSERT(sigio->sio_pgrp == pg,
  628                             ("Bogus pgrp in sigio list"));
  629                         PGRP_LOCK(pg);
  630                         SLIST_REMOVE(&pg->pg_sigiolst, sigio, sigio,
  631                             sio_pgsigio);
  632                         PGRP_UNLOCK(pg);
  633                 } else /* if (p != NULL) */ {
  634                         KASSERT(sigio->sio_pgid > 0,
  635                             ("Pgrp sigio in proc sigio list"));
  636                         KASSERT(sigio->sio_proc == p,
  637                             ("Bogus proc in sigio list"));
  638                         PROC_LOCK(p);
  639                         SLIST_REMOVE(&p->p_sigiolst, sigio, sigio,
  640                             sio_pgsigio);
  641                         PROC_UNLOCK(p);
  642                 }
  643                 SIGIO_UNLOCK();
  644                 crfree(sigio->sio_ucred);
  645                 FREE(sigio, M_SIGIO);
  646                 SIGIO_LOCK();
  647         }
  648         SIGIO_UNLOCK();
  649 }
  650 
  651 /*
  652  * This is common code for FIOSETOWN ioctl called by fcntl(fd, F_SETOWN, arg).
  653  *
  654  * After permission checking, add a sigio structure to the sigio list for
  655  * the process or process group.
  656  */
  657 int
  658 fsetown(pgid, sigiop)
  659         pid_t pgid;
  660         struct sigio **sigiop;
  661 {
  662         struct proc *proc;
  663         struct pgrp *pgrp;
  664         struct sigio *sigio;
  665         int ret;
  666 
  667         if (pgid == 0) {
  668                 funsetown(sigiop);
  669                 return (0);
  670         }
  671 
  672         ret = 0;
  673 
  674         /* Allocate and fill in the new sigio out of locks. */
  675         MALLOC(sigio, struct sigio *, sizeof(struct sigio), M_SIGIO, M_WAITOK);
  676         sigio->sio_pgid = pgid;
  677         sigio->sio_ucred = crhold(curthread->td_ucred);
  678         sigio->sio_myref = sigiop;
  679 
  680         sx_slock(&proctree_lock);
  681         if (pgid > 0) {
  682                 proc = pfind(pgid);
  683                 if (proc == NULL) {
  684                         ret = ESRCH;
  685                         goto fail;
  686                 }
  687 
  688                 /*
  689                  * Policy - Don't allow a process to FSETOWN a process
  690                  * in another session.
  691                  *
  692                  * Remove this test to allow maximum flexibility or
  693                  * restrict FSETOWN to the current process or process
  694                  * group for maximum safety.
  695                  */
  696                 PROC_UNLOCK(proc);
  697                 if (proc->p_session != curthread->td_proc->p_session) {
  698                         ret = EPERM;
  699                         goto fail;
  700                 }
  701 
  702                 pgrp = NULL;
  703         } else /* if (pgid < 0) */ {
  704                 pgrp = pgfind(-pgid);
  705                 if (pgrp == NULL) {
  706                         ret = ESRCH;
  707                         goto fail;
  708                 }
  709                 PGRP_UNLOCK(pgrp);
  710 
  711                 /*
  712                  * Policy - Don't allow a process to FSETOWN a process
  713                  * in another session.
  714                  *
  715                  * Remove this test to allow maximum flexibility or
  716                  * restrict FSETOWN to the current process or process
  717                  * group for maximum safety.
  718                  */
  719                 if (pgrp->pg_session != curthread->td_proc->p_session) {
  720                         ret = EPERM;
  721                         goto fail;
  722                 }
  723 
  724                 proc = NULL;
  725         }
  726         funsetown(sigiop);
  727         if (pgid > 0) {
  728                 PROC_LOCK(proc);
  729                 /* 
  730                  * Since funsetownlst() is called without the proctree
  731                  * locked, we need to check for P_WEXIT.
  732                  * XXX: is ESRCH correct?
  733                  */
  734                 if ((proc->p_flag & P_WEXIT) != 0) {
  735                         PROC_UNLOCK(proc);
  736                         ret = ESRCH;
  737                         goto fail;
  738                 }
  739                 SLIST_INSERT_HEAD(&proc->p_sigiolst, sigio, sio_pgsigio);
  740                 sigio->sio_proc = proc;
  741                 PROC_UNLOCK(proc);
  742         } else {
  743                 PGRP_LOCK(pgrp);
  744                 SLIST_INSERT_HEAD(&pgrp->pg_sigiolst, sigio, sio_pgsigio);
  745                 sigio->sio_pgrp = pgrp;
  746                 PGRP_UNLOCK(pgrp);
  747         }
  748         sx_sunlock(&proctree_lock);
  749         SIGIO_LOCK();
  750         *sigiop = sigio;
  751         SIGIO_UNLOCK();
  752         return (0);
  753 
  754 fail:
  755         sx_sunlock(&proctree_lock);
  756         crfree(sigio->sio_ucred);
  757         FREE(sigio, M_SIGIO);
  758         return (ret);
  759 }
  760 
  761 /*
  762  * This is common code for FIOGETOWN ioctl called by fcntl(fd, F_GETOWN, arg).
  763  */
  764 pid_t
  765 fgetown(sigiop)
  766         struct sigio **sigiop;
  767 {
  768         pid_t pgid;
  769 
  770         SIGIO_LOCK();
  771         pgid = (*sigiop != NULL) ? (*sigiop)->sio_pgid : 0;
  772         SIGIO_UNLOCK();
  773         return (pgid);
  774 }
  775 
  776 /*
  777  * Close a file descriptor.
  778  */
  779 #ifndef _SYS_SYSPROTO_H_
  780 struct close_args {
  781         int     fd;
  782 };
  783 #endif
  784 /*
  785  * MPSAFE
  786  */
  787 /* ARGSUSED */
  788 int
  789 close(td, uap)
  790         struct thread *td;
  791         struct close_args *uap;
  792 {
  793         struct filedesc *fdp;
  794         struct file *fp;
  795         int fd, error;
  796 
  797         fd = uap->fd;
  798         error = 0;
  799         fdp = td->td_proc->p_fd;
  800         mtx_lock(&Giant);
  801         FILEDESC_LOCK(fdp);
  802         if ((unsigned)fd >= fdp->fd_nfiles ||
  803             (fp = fdp->fd_ofiles[fd]) == NULL) {
  804                 FILEDESC_UNLOCK(fdp);
  805                 error = EBADF;
  806                 goto done2;
  807         }
  808 #if 0
  809         if (fdp->fd_ofileflags[fd] & UF_MAPPED)
  810                 (void) munmapfd(td, fd);
  811 #endif
  812         fdp->fd_ofiles[fd] = NULL;
  813         fdp->fd_ofileflags[fd] = 0;
  814 
  815         /*
  816          * we now hold the fp reference that used to be owned by the descriptor
  817          * array.
  818          */
  819         while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL)
  820                 fdp->fd_lastfile--;
  821         if (fd < fdp->fd_freefile)
  822                 fdp->fd_freefile = fd;
  823         if (fd < fdp->fd_knlistsize) {
  824                 FILEDESC_UNLOCK(fdp);
  825                 knote_fdclose(td, fd);
  826         } else
  827                 FILEDESC_UNLOCK(fdp);
  828 
  829         error = closef(fp, td);
  830 done2:
  831         mtx_unlock(&Giant);
  832         return (error);
  833 }
  834 
  835 #if defined(COMPAT_43) || defined(COMPAT_SUNOS)
  836 /*
  837  * Return status information about a file descriptor.
  838  */
  839 #ifndef _SYS_SYSPROTO_H_
  840 struct ofstat_args {
  841         int     fd;
  842         struct  ostat *sb;
  843 };
  844 #endif
  845 /*
  846  * MPSAFE
  847  */
  848 /* ARGSUSED */
  849 int
  850 ofstat(td, uap)
  851         struct thread *td;
  852         struct ofstat_args *uap;
  853 {
  854         struct file *fp;
  855         struct stat ub;
  856         struct ostat oub;
  857         int error;
  858 
  859         mtx_lock(&Giant);
  860         if ((error = fget(td, uap->fd, &fp)) != 0)
  861                 goto done2;
  862         error = fo_stat(fp, &ub, td->td_ucred, td);
  863         if (error == 0) {
  864                 cvtstat(&ub, &oub);
  865                 error = copyout(&oub, uap->sb, sizeof(oub));
  866         }
  867         fdrop(fp, td);
  868 done2:
  869         mtx_unlock(&Giant);
  870         return (error);
  871 }
  872 #endif /* COMPAT_43 || COMPAT_SUNOS */
  873 
  874 /*
  875  * Return status information about a file descriptor.
  876  */
  877 #ifndef _SYS_SYSPROTO_H_
  878 struct fstat_args {
  879         int     fd;
  880         struct  stat *sb;
  881 };
  882 #endif
  883 /*
  884  * MPSAFE
  885  */
  886 /* ARGSUSED */
  887 int
  888 fstat(td, uap)
  889         struct thread *td;
  890         struct fstat_args *uap;
  891 {
  892         struct file *fp;
  893         struct stat ub;
  894         int error;
  895 
  896         mtx_lock(&Giant);
  897         if ((error = fget(td, uap->fd, &fp)) != 0)
  898                 goto done2;
  899         error = fo_stat(fp, &ub, td->td_ucred, td);
  900         if (error == 0)
  901                 error = copyout(&ub, uap->sb, sizeof(ub));
  902         fdrop(fp, td);
  903 done2:
  904         mtx_unlock(&Giant);
  905         return (error);
  906 }
  907 
  908 /*
  909  * Return status information about a file descriptor.
  910  */
  911 #ifndef _SYS_SYSPROTO_H_
  912 struct nfstat_args {
  913         int     fd;
  914         struct  nstat *sb;
  915 };
  916 #endif
  917 /*
  918  * MPSAFE
  919  */
  920 /* ARGSUSED */
  921 int
  922 nfstat(td, uap)
  923         struct thread *td;
  924         struct nfstat_args *uap;
  925 {
  926         struct file *fp;
  927         struct stat ub;
  928         struct nstat nub;
  929         int error;
  930 
  931         mtx_lock(&Giant);
  932         if ((error = fget(td, uap->fd, &fp)) != 0)
  933                 goto done2;
  934         error = fo_stat(fp, &ub, td->td_ucred, td);
  935         if (error == 0) {
  936                 cvtnstat(&ub, &nub);
  937                 error = copyout(&nub, uap->sb, sizeof(nub));
  938         }
  939         fdrop(fp, td);
  940 done2:
  941         mtx_unlock(&Giant);
  942         return (error);
  943 }
  944 
  945 /*
  946  * Return pathconf information about a file descriptor.
  947  */
  948 #ifndef _SYS_SYSPROTO_H_
  949 struct fpathconf_args {
  950         int     fd;
  951         int     name;
  952 };
  953 #endif
  954 /*
  955  * MPSAFE
  956  */
  957 /* ARGSUSED */
  958 int
  959 fpathconf(td, uap)
  960         struct thread *td;
  961         struct fpathconf_args *uap;
  962 {
  963         struct file *fp;
  964         struct vnode *vp;
  965         int error;
  966 
  967         if ((error = fget(td, uap->fd, &fp)) != 0)
  968                 return (error);
  969 
  970         /* If asynchronous I/O is available, it works for all descriptors. */
  971         if (uap->name == _PC_ASYNC_IO) {
  972                 td->td_retval[0] = async_io_version;
  973                 goto out;
  974         }
  975         switch (fp->f_type) {
  976         case DTYPE_PIPE:
  977         case DTYPE_SOCKET:
  978                 if (uap->name != _PC_PIPE_BUF) {
  979                         error = EINVAL;
  980                 } else {
  981                         td->td_retval[0] = PIPE_BUF;
  982                         error = 0;
  983                 }
  984                 break;
  985         case DTYPE_FIFO:
  986         case DTYPE_VNODE:
  987                 vp = fp->f_data;
  988                 mtx_lock(&Giant);
  989                 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
  990                 error = VOP_PATHCONF(vp, uap->name, td->td_retval);
  991                 VOP_UNLOCK(vp, 0, td);
  992                 mtx_unlock(&Giant);
  993                 break;
  994         default:
  995                 error = EOPNOTSUPP;
  996                 break;
  997         }
  998 out:
  999         fdrop(fp, td);
 1000         return (error);
 1001 }
 1002 
 1003 /*
 1004  * Allocate a file descriptor for the process.
 1005  */
 1006 static int fdexpand;
 1007 SYSCTL_INT(_debug, OID_AUTO, fdexpand, CTLFLAG_RD, &fdexpand, 0, "");
 1008 
 1009 int
 1010 fdalloc(td, want, result)
 1011         struct thread *td;
 1012         int want;
 1013         int *result;
 1014 {
 1015         struct proc *p = td->td_proc;
 1016         struct filedesc *fdp = td->td_proc->p_fd;
 1017         int i;
 1018         int lim, last, nfiles;
 1019         struct file **newofile, **oldofile;
 1020         char *newofileflags;
 1021 
 1022         FILEDESC_LOCK_ASSERT(fdp, MA_OWNED);
 1023 
 1024         /*
 1025          * Search for a free descriptor starting at the higher
 1026          * of want or fd_freefile.  If that fails, consider
 1027          * expanding the ofile array.
 1028          */
 1029         lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc);
 1030         for (;;) {
 1031                 last = min(fdp->fd_nfiles, lim);
 1032                 i = max(want, fdp->fd_freefile);
 1033                 for (; i < last; i++) {
 1034                         if (fdp->fd_ofiles[i] == NULL) {
 1035                                 fdp->fd_ofileflags[i] = 0;
 1036                                 if (i > fdp->fd_lastfile)
 1037                                         fdp->fd_lastfile = i;
 1038                                 if (want <= fdp->fd_freefile)
 1039                                         fdp->fd_freefile = i;
 1040                                 *result = i;
 1041                                 return (0);
 1042                         }
 1043                 }
 1044 
 1045                 /*
 1046                  * No space in current array.  Expand?
 1047                  */
 1048                 if (i >= lim)
 1049                         return (EMFILE);
 1050                 if (fdp->fd_nfiles < NDEXTENT)
 1051                         nfiles = NDEXTENT;
 1052                 else
 1053                         nfiles = 2 * fdp->fd_nfiles;
 1054                 while (nfiles < want)
 1055                         nfiles <<= 1;
 1056                 FILEDESC_UNLOCK(fdp);
 1057                 /*
 1058                  * XXX malloc() calls uma_large_malloc() for sizes larger
 1059                  * than KMEM_ZMAX bytes. uma_large_malloc() requires Giant.
 1060                  */
 1061                 mtx_lock(&Giant);
 1062                 newofile = malloc(nfiles * OFILESIZE, M_FILEDESC, M_WAITOK);
 1063                 mtx_unlock(&Giant);
 1064 
 1065                 /*
 1066                  * Deal with file-table extend race that might have
 1067                  * occurred while filedesc was unlocked.
 1068                  */
 1069                 FILEDESC_LOCK(fdp);
 1070                 if (fdp->fd_nfiles >= nfiles) {
 1071                         /* XXX uma_large_free() needs Giant. */
 1072                         FILEDESC_UNLOCK(fdp);
 1073                         mtx_lock(&Giant);
 1074                         free(newofile, M_FILEDESC);
 1075                         mtx_unlock(&Giant);
 1076                         FILEDESC_LOCK(fdp);
 1077                         continue;
 1078                 }
 1079                 newofileflags = (char *) &newofile[nfiles];
 1080                 /*
 1081                  * Copy the existing ofile and ofileflags arrays
 1082                  * and zero the new portion of each array.
 1083                  */
 1084                 i = fdp->fd_nfiles * sizeof(struct file *);
 1085                 bcopy(fdp->fd_ofiles, newofile, i);
 1086                 bzero((char *)newofile + i,
 1087                     nfiles * sizeof(struct file *) - i);
 1088                 i = fdp->fd_nfiles * sizeof(char);
 1089                 bcopy(fdp->fd_ofileflags, newofileflags, i);
 1090                 bzero(newofileflags + i, nfiles * sizeof(char) - i);
 1091                 if (fdp->fd_nfiles > NDFILE)
 1092                         oldofile = fdp->fd_ofiles;
 1093                 else
 1094                         oldofile = NULL;
 1095                 fdp->fd_ofiles = newofile;
 1096                 fdp->fd_ofileflags = newofileflags;
 1097                 fdp->fd_nfiles = nfiles;
 1098                 fdexpand++;
 1099                 if (oldofile != NULL) {
 1100                         /* XXX uma_large_free() needs Giant. */
 1101                         FILEDESC_UNLOCK(fdp);
 1102                         mtx_lock(&Giant);
 1103                         free(oldofile, M_FILEDESC);
 1104                         mtx_unlock(&Giant);
 1105                         FILEDESC_LOCK(fdp);
 1106                 }
 1107         }
 1108         return (0);
 1109 }
 1110 
 1111 /*
 1112  * Check to see whether n user file descriptors
 1113  * are available to the process p.
 1114  */
 1115 int
 1116 fdavail(td, n)
 1117         struct thread *td;
 1118         int n;
 1119 {
 1120         struct proc *p = td->td_proc;
 1121         struct filedesc *fdp = td->td_proc->p_fd;
 1122         struct file **fpp;
 1123         int i, lim, last;
 1124 
 1125         FILEDESC_LOCK_ASSERT(fdp, MA_OWNED);
 1126 
 1127         lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc);
 1128         if ((i = lim - fdp->fd_nfiles) > 0 && (n -= i) <= 0)
 1129                 return (1);
 1130         last = min(fdp->fd_nfiles, lim);
 1131         fpp = &fdp->fd_ofiles[fdp->fd_freefile];
 1132         for (i = last - fdp->fd_freefile; --i >= 0; fpp++) {
 1133                 if (*fpp == NULL && --n <= 0)
 1134                         return (1);
 1135         }
 1136         return (0);
 1137 }
 1138 
 1139 /*
 1140  * Create a new open file structure and allocate
 1141  * a file decriptor for the process that refers to it.
 1142  */
 1143 int
 1144 falloc(td, resultfp, resultfd)
 1145         struct thread *td;
 1146         struct file **resultfp;
 1147         int *resultfd;
 1148 {
 1149         struct proc *p = td->td_proc;
 1150         struct file *fp, *fq;
 1151         int error, i;
 1152 
 1153         fp = uma_zalloc(file_zone, M_WAITOK | M_ZERO);
 1154         sx_xlock(&filelist_lock);
 1155         if (nfiles >= maxfiles) {
 1156                 sx_xunlock(&filelist_lock);
 1157                 uma_zfree(file_zone, fp);
 1158                 tablefull("file");
 1159                 return (ENFILE);
 1160         }
 1161         nfiles++;
 1162 
 1163         /*
 1164          * If the process has file descriptor zero open, add the new file
 1165          * descriptor to the list of open files at that point, otherwise
 1166          * put it at the front of the list of open files.
 1167          */
 1168         fp->f_mtxp = mtx_pool_alloc();
 1169         fp->f_gcflag = 0;
 1170         fp->f_count = 1;
 1171         fp->f_cred = crhold(td->td_ucred);
 1172         fp->f_ops = &badfileops;
 1173         fp->f_seqcount = 1;
 1174         FILEDESC_LOCK(p->p_fd);
 1175         if ((fq = p->p_fd->fd_ofiles[0])) {
 1176                 LIST_INSERT_AFTER(fq, fp, f_list);
 1177         } else {
 1178                 LIST_INSERT_HEAD(&filehead, fp, f_list);
 1179         }
 1180         sx_xunlock(&filelist_lock);
 1181         if ((error = fdalloc(td, 0, &i))) {
 1182                 FILEDESC_UNLOCK(p->p_fd);
 1183                 fdrop(fp, td);
 1184                 return (error);
 1185         }
 1186         p->p_fd->fd_ofiles[i] = fp;
 1187         FILEDESC_UNLOCK(p->p_fd);
 1188         if (resultfp)
 1189                 *resultfp = fp;
 1190         if (resultfd)
 1191                 *resultfd = i;
 1192         return (0);
 1193 }
 1194 
 1195 /*
 1196  * Free a file descriptor.
 1197  */
 1198 void
 1199 ffree(fp)
 1200         struct file *fp;
 1201 {
 1202 
 1203         KASSERT(fp->f_count == 0, ("ffree: fp_fcount not 0!"));
 1204         sx_xlock(&filelist_lock);
 1205         LIST_REMOVE(fp, f_list);
 1206         nfiles--;
 1207         sx_xunlock(&filelist_lock);
 1208         crfree(fp->f_cred);
 1209         uma_zfree(file_zone, fp);
 1210 }
 1211 
 1212 /*
 1213  * Build a new filedesc structure from another.
 1214  * Copy the current, root, and jail root vnode references.
 1215  */
 1216 struct filedesc *
 1217 fdinit(fdp)
 1218         struct filedesc *fdp;
 1219 {
 1220         struct filedesc0 *newfdp;
 1221 
 1222         MALLOC(newfdp, struct filedesc0 *, sizeof(struct filedesc0),
 1223             M_FILEDESC, M_WAITOK | M_ZERO);
 1224         mtx_init(&newfdp->fd_fd.fd_mtx, FILEDESC_LOCK_DESC, NULL, MTX_DEF);
 1225         newfdp->fd_fd.fd_cdir = fdp->fd_cdir;
 1226         if (newfdp->fd_fd.fd_cdir)
 1227                 VREF(newfdp->fd_fd.fd_cdir);
 1228         newfdp->fd_fd.fd_rdir = fdp->fd_rdir;
 1229         if (newfdp->fd_fd.fd_rdir)
 1230                 VREF(newfdp->fd_fd.fd_rdir);
 1231         newfdp->fd_fd.fd_jdir = fdp->fd_jdir;
 1232         if (newfdp->fd_fd.fd_jdir)
 1233                 VREF(newfdp->fd_fd.fd_jdir);
 1234 
 1235         /* Create the file descriptor table. */
 1236         newfdp->fd_fd.fd_refcnt = 1;
 1237         newfdp->fd_fd.fd_cmask = cmask;
 1238         newfdp->fd_fd.fd_ofiles = newfdp->fd_dfiles;
 1239         newfdp->fd_fd.fd_ofileflags = newfdp->fd_dfileflags;
 1240         newfdp->fd_fd.fd_nfiles = NDFILE;
 1241         newfdp->fd_fd.fd_knlistsize = -1;
 1242         return (&newfdp->fd_fd);
 1243 }
 1244 
 1245 /*
 1246  * Share a filedesc structure.
 1247  */
 1248 struct filedesc *
 1249 fdshare(fdp)
 1250         struct filedesc *fdp;
 1251 {
 1252         FILEDESC_LOCK(fdp);
 1253         fdp->fd_refcnt++;
 1254         FILEDESC_UNLOCK(fdp);
 1255         return (fdp);
 1256 }
 1257 
 1258 /*
 1259  * Copy a filedesc structure.
 1260  * A NULL pointer in returns a NULL reference, this is to ease callers,
 1261  * not catch errors.
 1262  */
 1263 struct filedesc *
 1264 fdcopy(fdp)
 1265         struct filedesc *fdp;
 1266 {
 1267         struct filedesc *newfdp;
 1268         struct file **fpp;
 1269         int i, j;
 1270 
 1271         /* Certain daemons might not have file descriptors. */
 1272         if (fdp == NULL)
 1273                 return (NULL);
 1274 
 1275         FILEDESC_LOCK_ASSERT(fdp, MA_OWNED);
 1276 
 1277         FILEDESC_UNLOCK(fdp);
 1278         MALLOC(newfdp, struct filedesc *, sizeof(struct filedesc0),
 1279             M_FILEDESC, M_WAITOK);
 1280         FILEDESC_LOCK(fdp);
 1281         bcopy(fdp, newfdp, sizeof(struct filedesc));
 1282         FILEDESC_UNLOCK(fdp);
 1283         bzero(&newfdp->fd_mtx, sizeof(newfdp->fd_mtx));
 1284         mtx_init(&newfdp->fd_mtx, FILEDESC_LOCK_DESC, NULL, MTX_DEF);
 1285         if (newfdp->fd_cdir)
 1286                 VREF(newfdp->fd_cdir);
 1287         if (newfdp->fd_rdir)
 1288                 VREF(newfdp->fd_rdir);
 1289         if (newfdp->fd_jdir)
 1290                 VREF(newfdp->fd_jdir);
 1291         newfdp->fd_refcnt = 1;
 1292 
 1293         /*
 1294          * If the number of open files fits in the internal arrays
 1295          * of the open file structure, use them, otherwise allocate
 1296          * additional memory for the number of descriptors currently
 1297          * in use.
 1298          */
 1299         FILEDESC_LOCK(fdp);
 1300         newfdp->fd_lastfile = fdp->fd_lastfile;
 1301         newfdp->fd_nfiles = fdp->fd_nfiles;
 1302         if (newfdp->fd_lastfile < NDFILE) {
 1303                 newfdp->fd_ofiles = ((struct filedesc0 *) newfdp)->fd_dfiles;
 1304                 newfdp->fd_ofileflags =
 1305                     ((struct filedesc0 *) newfdp)->fd_dfileflags;
 1306                 i = NDFILE;
 1307         } else {
 1308                 /*
 1309                  * Compute the smallest multiple of NDEXTENT needed
 1310                  * for the file descriptors currently in use,
 1311                  * allowing the table to shrink.
 1312                  */
 1313 retry:
 1314                 i = newfdp->fd_nfiles;
 1315                 while (i > 2 * NDEXTENT && i > newfdp->fd_lastfile * 2)
 1316                         i /= 2;
 1317                 FILEDESC_UNLOCK(fdp);
 1318                 MALLOC(newfdp->fd_ofiles, struct file **, i * OFILESIZE,
 1319                     M_FILEDESC, M_WAITOK);
 1320                 FILEDESC_LOCK(fdp);
 1321                 newfdp->fd_lastfile = fdp->fd_lastfile;
 1322                 newfdp->fd_nfiles = fdp->fd_nfiles;
 1323                 j = newfdp->fd_nfiles;
 1324                 while (j > 2 * NDEXTENT && j > newfdp->fd_lastfile * 2)
 1325                         j /= 2;
 1326                 if (i != j) {
 1327                         /*
 1328                          * The size of the original table has changed.
 1329                          * Go over once again.
 1330                          */
 1331                         FILEDESC_UNLOCK(fdp);
 1332                         FREE(newfdp->fd_ofiles, M_FILEDESC);
 1333                         FILEDESC_LOCK(fdp);
 1334                         newfdp->fd_lastfile = fdp->fd_lastfile;
 1335                         newfdp->fd_nfiles = fdp->fd_nfiles;
 1336                         goto retry;
 1337                 }
 1338                 newfdp->fd_ofileflags = (char *) &newfdp->fd_ofiles[i];
 1339         }
 1340         newfdp->fd_nfiles = i;
 1341         bcopy(fdp->fd_ofiles, newfdp->fd_ofiles, i * sizeof(struct file **));
 1342         bcopy(fdp->fd_ofileflags, newfdp->fd_ofileflags, i * sizeof(char));
 1343 
 1344         /*
 1345          * kq descriptors cannot be copied.
 1346          */
 1347         if (newfdp->fd_knlistsize != -1) {
 1348                 fpp = &newfdp->fd_ofiles[newfdp->fd_lastfile];
 1349                 for (i = newfdp->fd_lastfile; i >= 0; i--, fpp--) {
 1350                         if (*fpp != NULL && (*fpp)->f_type == DTYPE_KQUEUE) {
 1351                                 *fpp = NULL;
 1352                                 if (i < newfdp->fd_freefile)
 1353                                         newfdp->fd_freefile = i;
 1354                         }
 1355                         if (*fpp == NULL && i == newfdp->fd_lastfile && i > 0)
 1356                                 newfdp->fd_lastfile--;
 1357                 }
 1358                 newfdp->fd_knlist = NULL;
 1359                 newfdp->fd_knlistsize = -1;
 1360                 newfdp->fd_knhash = NULL;
 1361                 newfdp->fd_knhashmask = 0;
 1362         }
 1363 
 1364         fpp = newfdp->fd_ofiles;
 1365         for (i = newfdp->fd_lastfile; i-- >= 0; fpp++) {
 1366                 if (*fpp != NULL)
 1367                         fhold(*fpp);
 1368         }
 1369         return (newfdp);
 1370 }
 1371 
 1372 /* A mutex to protect the association between a proc and filedesc. */
 1373 struct mtx      fdesc_mtx;
 1374 MTX_SYSINIT(fdesc, &fdesc_mtx, "fdesc", MTX_DEF);
 1375 
 1376 /*
 1377  * Release a filedesc structure.
 1378  */
 1379 void
 1380 fdfree(td)
 1381         struct thread *td;
 1382 {
 1383         struct filedesc *fdp;
 1384         struct file **fpp;
 1385         int i;
 1386 
 1387         /* Certain daemons might not have file descriptors. */
 1388         fdp = td->td_proc->p_fd;
 1389         if (fdp == NULL)
 1390                 return;
 1391 
 1392         FILEDESC_LOCK(fdp);
 1393         if (--fdp->fd_refcnt > 0) {
 1394                 FILEDESC_UNLOCK(fdp);
 1395                 return;
 1396         }
 1397 
 1398         /*
 1399          * We are the last reference to the structure, so we can
 1400          * safely assume it will not change out from under us.
 1401          */
 1402         FILEDESC_UNLOCK(fdp);
 1403         fpp = fdp->fd_ofiles;
 1404         for (i = fdp->fd_lastfile; i-- >= 0; fpp++) {
 1405                 if (*fpp)
 1406                         (void) closef(*fpp, td);
 1407         }
 1408 
 1409         /* XXX This should happen earlier. */
 1410         mtx_lock(&fdesc_mtx);
 1411         td->td_proc->p_fd = NULL;
 1412         mtx_unlock(&fdesc_mtx);
 1413 
 1414         if (fdp->fd_nfiles > NDFILE)
 1415                 FREE(fdp->fd_ofiles, M_FILEDESC);
 1416         if (fdp->fd_cdir)
 1417                 vrele(fdp->fd_cdir);
 1418         if (fdp->fd_rdir)
 1419                 vrele(fdp->fd_rdir);
 1420         if (fdp->fd_jdir)
 1421                 vrele(fdp->fd_jdir);
 1422         if (fdp->fd_knlist)
 1423                 FREE(fdp->fd_knlist, M_KQUEUE);
 1424         if (fdp->fd_knhash)
 1425                 FREE(fdp->fd_knhash, M_KQUEUE);
 1426         mtx_destroy(&fdp->fd_mtx);
 1427         FREE(fdp, M_FILEDESC);
 1428 }
 1429 
 1430 /*
 1431  * For setugid programs, we don't want to people to use that setugidness
 1432  * to generate error messages which write to a file which otherwise would
 1433  * otherwise be off-limits to the process.  We check for filesystems where
 1434  * the vnode can change out from under us after execve (like [lin]procfs).
 1435  *
 1436  * Since setugidsafety calls this only for fd 0, 1 and 2, this check is
 1437  * sufficient.  We also don't for check setugidness since we know we are.
 1438  */
 1439 static int
 1440 is_unsafe(struct file *fp)
 1441 {
 1442         if (fp->f_type == DTYPE_VNODE) {
 1443                 struct vnode *vp = fp->f_data;
 1444 
 1445                 if ((vp->v_vflag & VV_PROCDEP) != 0)
 1446                         return (1);
 1447         }
 1448         return (0);
 1449 }
 1450 
 1451 /*
 1452  * Make this setguid thing safe, if at all possible.
 1453  */
 1454 void
 1455 setugidsafety(td)
 1456         struct thread *td;
 1457 {
 1458         struct filedesc *fdp;
 1459         int i;
 1460 
 1461         /* Certain daemons might not have file descriptors. */
 1462         fdp = td->td_proc->p_fd;
 1463         if (fdp == NULL)
 1464                 return;
 1465 
 1466         /*
 1467          * Note: fdp->fd_ofiles may be reallocated out from under us while
 1468          * we are blocked in a close.  Be careful!
 1469          */
 1470         FILEDESC_LOCK(fdp);
 1471         for (i = 0; i <= fdp->fd_lastfile; i++) {
 1472                 if (i > 2)
 1473                         break;
 1474                 if (fdp->fd_ofiles[i] && is_unsafe(fdp->fd_ofiles[i])) {
 1475                         struct file *fp;
 1476 
 1477 #if 0
 1478                         if ((fdp->fd_ofileflags[i] & UF_MAPPED) != 0)
 1479                                 (void) munmapfd(td, i);
 1480 #endif
 1481                         if (i < fdp->fd_knlistsize) {
 1482                                 FILEDESC_UNLOCK(fdp);
 1483                                 knote_fdclose(td, i);
 1484                                 FILEDESC_LOCK(fdp);
 1485                         }
 1486                         /*
 1487                          * NULL-out descriptor prior to close to avoid
 1488                          * a race while close blocks.
 1489                          */
 1490                         fp = fdp->fd_ofiles[i];
 1491                         fdp->fd_ofiles[i] = NULL;
 1492                         fdp->fd_ofileflags[i] = 0;
 1493                         if (i < fdp->fd_freefile)
 1494                                 fdp->fd_freefile = i;
 1495                         FILEDESC_UNLOCK(fdp);
 1496                         (void) closef(fp, td);
 1497                         FILEDESC_LOCK(fdp);
 1498                 }
 1499         }
 1500         while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL)
 1501                 fdp->fd_lastfile--;
 1502         FILEDESC_UNLOCK(fdp);
 1503 }
 1504 
 1505 /*
 1506  * Close any files on exec?
 1507  */
 1508 void
 1509 fdcloseexec(td)
 1510         struct thread *td;
 1511 {
 1512         struct filedesc *fdp;
 1513         int i;
 1514 
 1515         /* Certain daemons might not have file descriptors. */
 1516         fdp = td->td_proc->p_fd;
 1517         if (fdp == NULL)
 1518                 return;
 1519 
 1520         FILEDESC_LOCK(fdp);
 1521 
 1522         /*
 1523          * We cannot cache fd_ofiles or fd_ofileflags since operations
 1524          * may block and rip them out from under us.
 1525          */
 1526         for (i = 0; i <= fdp->fd_lastfile; i++) {
 1527                 if (fdp->fd_ofiles[i] != NULL &&
 1528                     (fdp->fd_ofileflags[i] & UF_EXCLOSE)) {
 1529                         struct file *fp;
 1530 
 1531 #if 0
 1532                         if (fdp->fd_ofileflags[i] & UF_MAPPED)
 1533                                 (void) munmapfd(td, i);
 1534 #endif
 1535                         if (i < fdp->fd_knlistsize) {
 1536                                 FILEDESC_UNLOCK(fdp);
 1537                                 knote_fdclose(td, i);
 1538                                 FILEDESC_LOCK(fdp);
 1539                         }
 1540                         /*
 1541                          * NULL-out descriptor prior to close to avoid
 1542                          * a race while close blocks.
 1543                          */
 1544                         fp = fdp->fd_ofiles[i];
 1545                         fdp->fd_ofiles[i] = NULL;
 1546                         fdp->fd_ofileflags[i] = 0;
 1547                         if (i < fdp->fd_freefile)
 1548                                 fdp->fd_freefile = i;
 1549                         FILEDESC_UNLOCK(fdp);
 1550                         (void) closef(fp, td);
 1551                         FILEDESC_LOCK(fdp);
 1552                 }
 1553         }
 1554         while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL)
 1555                 fdp->fd_lastfile--;
 1556         FILEDESC_UNLOCK(fdp);
 1557 }
 1558 
 1559 /*
 1560  * It is unsafe for set[ug]id processes to be started with file
 1561  * descriptors 0..2 closed, as these descriptors are given implicit
 1562  * significance in the Standard C library.  fdcheckstd() will create a
 1563  * descriptor referencing /dev/null for each of stdin, stdout, and
 1564  * stderr that is not already open.
 1565  */
 1566 int
 1567 fdcheckstd(td)
 1568         struct thread *td;
 1569 {
 1570         struct nameidata nd;
 1571         struct filedesc *fdp;
 1572         struct file *fp;
 1573         register_t retval;
 1574         int fd, i, error, flags, devnull;
 1575 
 1576         fdp = td->td_proc->p_fd;
 1577         if (fdp == NULL)
 1578                 return (0);
 1579         devnull = -1;
 1580         error = 0;
 1581         for (i = 0; i < 3; i++) {
 1582                 if (fdp->fd_ofiles[i] != NULL)
 1583                         continue;
 1584                 if (devnull < 0) {
 1585                         error = falloc(td, &fp, &fd);
 1586                         if (error != 0)
 1587                                 break;
 1588                         KASSERT(fd == i, ("oof, we didn't get our fd"));
 1589                         NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, "/dev/null",
 1590                             td);
 1591                         flags = FREAD | FWRITE;
 1592                         error = vn_open(&nd, &flags, 0);
 1593                         if (error != 0) {
 1594                                 FILEDESC_LOCK(fdp);
 1595                                 fdp->fd_ofiles[fd] = NULL;
 1596                                 FILEDESC_UNLOCK(fdp);
 1597                                 fdrop(fp, td);
 1598                                 break;
 1599                         }
 1600                         NDFREE(&nd, NDF_ONLY_PNBUF);
 1601                         fp->f_data = nd.ni_vp;
 1602                         fp->f_flag = flags;
 1603                         fp->f_ops = &vnops;
 1604                         fp->f_type = DTYPE_VNODE;
 1605                         VOP_UNLOCK(nd.ni_vp, 0, td);
 1606                         devnull = fd;
 1607                 } else {
 1608                         error = do_dup(td, DUP_FIXED, devnull, i, &retval);
 1609                         if (error != 0)
 1610                                 break;
 1611                 }
 1612         }
 1613         return (error);
 1614 }
 1615 
 1616 /*
 1617  * Internal form of close.
 1618  * Decrement reference count on file structure.
 1619  * Note: td may be NULL when closing a file
 1620  * that was being passed in a message.
 1621  */
 1622 int
 1623 closef(fp, td)
 1624         struct file *fp;
 1625         struct thread *td;
 1626 {
 1627         struct vnode *vp;
 1628         struct flock lf;
 1629 
 1630         if (fp == NULL)
 1631                 return (0);
 1632         /*
 1633          * POSIX record locking dictates that any close releases ALL
 1634          * locks owned by this process.  This is handled by setting
 1635          * a flag in the unlock to free ONLY locks obeying POSIX
 1636          * semantics, and not to free BSD-style file locks.
 1637          * If the descriptor was in a message, POSIX-style locks
 1638          * aren't passed with the descriptor.
 1639          */
 1640         if (td != NULL && (td->td_proc->p_leader->p_flag & P_ADVLOCK) != 0 &&
 1641             fp->f_type == DTYPE_VNODE) {
 1642                 lf.l_whence = SEEK_SET;
 1643                 lf.l_start = 0;
 1644                 lf.l_len = 0;
 1645                 lf.l_type = F_UNLCK;
 1646                 vp = fp->f_data;
 1647                 (void) VOP_ADVLOCK(vp, (caddr_t)td->td_proc->p_leader,
 1648                                    F_UNLCK, &lf, F_POSIX);
 1649         }
 1650         return (fdrop(fp, td));
 1651 }
 1652 
 1653 /*
 1654  * Drop reference on struct file passed in, may call closef if the
 1655  * reference hits zero.
 1656  */
 1657 int
 1658 fdrop(fp, td)
 1659         struct file *fp;
 1660         struct thread *td;
 1661 {
 1662 
 1663         FILE_LOCK(fp);
 1664         return (fdrop_locked(fp, td));
 1665 }
 1666 
 1667 /*
 1668  * Extract the file pointer associated with the specified descriptor for
 1669  * the current user process.
 1670  *
 1671  * If the descriptor doesn't exist, EBADF is returned.
 1672  *
 1673  * If the descriptor exists but doesn't match 'flags' then
 1674  * return EBADF for read attempts and EINVAL for write attempts.
 1675  *
 1676  * If 'hold' is set (non-zero) the file's refcount will be bumped on return.
 1677  * It should be droped with fdrop().
 1678  * If it is not set, then the refcount will not be bumped however the
 1679  * thread's filedesc struct will be returned locked (for fgetsock).
 1680  *
 1681  * If an error occured the non-zero error is returned and *fpp is set to NULL.
 1682  * Otherwise *fpp is set and zero is returned.
 1683  */
 1684 static __inline int
 1685 _fget(struct thread *td, int fd, struct file **fpp, int flags, int hold)
 1686 {
 1687         struct filedesc *fdp;
 1688         struct file *fp;
 1689 
 1690         *fpp = NULL;
 1691         if (td == NULL || (fdp = td->td_proc->p_fd) == NULL)
 1692                 return (EBADF);
 1693         FILEDESC_LOCK(fdp);
 1694         if ((fp = fget_locked(fdp, fd)) == NULL || fp->f_ops == &badfileops) {
 1695                 FILEDESC_UNLOCK(fdp);
 1696                 return (EBADF);
 1697         }
 1698 
 1699         /*
 1700          * Note: FREAD failures returns EBADF to maintain backwards
 1701          * compatibility with what routines returned before.
 1702          *
 1703          * Only one flag, or 0, may be specified.
 1704          */
 1705         if (flags == FREAD && (fp->f_flag & FREAD) == 0) {
 1706                 FILEDESC_UNLOCK(fdp);
 1707                 return (EBADF);
 1708         }
 1709         if (flags == FWRITE && (fp->f_flag & FWRITE) == 0) {
 1710                 FILEDESC_UNLOCK(fdp);
 1711                 return (EINVAL);
 1712         }
 1713         if (hold) {
 1714                 fhold(fp);
 1715                 FILEDESC_UNLOCK(fdp);
 1716         }
 1717         *fpp = fp;
 1718         return (0);
 1719 }
 1720 
 1721 int
 1722 fget(struct thread *td, int fd, struct file **fpp)
 1723 {
 1724 
 1725         return(_fget(td, fd, fpp, 0, 1));
 1726 }
 1727 
 1728 int
 1729 fget_read(struct thread *td, int fd, struct file **fpp)
 1730 {
 1731 
 1732         return(_fget(td, fd, fpp, FREAD, 1));
 1733 }
 1734 
 1735 int
 1736 fget_write(struct thread *td, int fd, struct file **fpp)
 1737 {
 1738 
 1739         return(_fget(td, fd, fpp, FWRITE, 1));
 1740 }
 1741 
 1742 /*
 1743  * Like fget() but loads the underlying vnode, or returns an error if
 1744  * the descriptor does not represent a vnode.  Note that pipes use vnodes
 1745  * but never have VM objects (so VOP_GETVOBJECT() calls will return an
 1746  * error).  The returned vnode will be vref()d.
 1747  */
 1748 static __inline int
 1749 _fgetvp(struct thread *td, int fd, struct vnode **vpp, int flags)
 1750 {
 1751         struct file *fp;
 1752         int error;
 1753 
 1754         *vpp = NULL;
 1755         if ((error = _fget(td, fd, &fp, 0, 0)) != 0)
 1756                 return (error);
 1757         if (fp->f_type != DTYPE_VNODE && fp->f_type != DTYPE_FIFO) {
 1758                 error = EINVAL;
 1759         } else {
 1760                 *vpp = fp->f_data;
 1761                 vref(*vpp);
 1762         }
 1763         FILEDESC_UNLOCK(td->td_proc->p_fd);
 1764         return (error);
 1765 }
 1766 
 1767 int
 1768 fgetvp(struct thread *td, int fd, struct vnode **vpp)
 1769 {
 1770 
 1771         return (_fgetvp(td, fd, vpp, 0));
 1772 }
 1773 
 1774 int
 1775 fgetvp_read(struct thread *td, int fd, struct vnode **vpp)
 1776 {
 1777 
 1778         return (_fgetvp(td, fd, vpp, FREAD));
 1779 }
 1780 
 1781 int
 1782 fgetvp_write(struct thread *td, int fd, struct vnode **vpp)
 1783 {
 1784 
 1785         return (_fgetvp(td, fd, vpp, FWRITE));
 1786 }
 1787 
 1788 /*
 1789  * Like fget() but loads the underlying socket, or returns an error if
 1790  * the descriptor does not represent a socket.
 1791  *
 1792  * We bump the ref count on the returned socket.  XXX Also obtain the SX
 1793  * lock in the future.
 1794  */
 1795 int
 1796 fgetsock(struct thread *td, int fd, struct socket **spp, u_int *fflagp)
 1797 {
 1798         struct file *fp;
 1799         int error;
 1800 
 1801         *spp = NULL;
 1802         if (fflagp != NULL)
 1803                 *fflagp = 0;
 1804         if ((error = _fget(td, fd, &fp, 0, 0)) != 0)
 1805                 return (error);
 1806         if (fp->f_type != DTYPE_SOCKET) {
 1807                 error = ENOTSOCK;
 1808         } else {
 1809                 *spp = fp->f_data;
 1810                 if (fflagp)
 1811                         *fflagp = fp->f_flag;
 1812                 soref(*spp);
 1813         }
 1814         FILEDESC_UNLOCK(td->td_proc->p_fd);
 1815         return (error);
 1816 }
 1817 
 1818 /*
 1819  * Drop the reference count on the the socket and XXX release the SX lock in
 1820  * the future.  The last reference closes the socket.
 1821  */
 1822 void
 1823 fputsock(struct socket *so)
 1824 {
 1825 
 1826         sorele(so);
 1827 }
 1828 
 1829 /*
 1830  * Drop reference on struct file passed in, may call closef if the
 1831  * reference hits zero.
 1832  * Expects struct file locked, and will unlock it.
 1833  */
 1834 int
 1835 fdrop_locked(fp, td)
 1836         struct file *fp;
 1837         struct thread *td;
 1838 {
 1839         struct flock lf;
 1840         struct vnode *vp;
 1841         int error;
 1842 
 1843         FILE_LOCK_ASSERT(fp, MA_OWNED);
 1844 
 1845         if (--fp->f_count > 0) {
 1846                 FILE_UNLOCK(fp);
 1847                 return (0);
 1848         }
 1849         mtx_lock(&Giant);
 1850         if (fp->f_count < 0)
 1851                 panic("fdrop: count < 0");
 1852         if ((fp->f_flag & FHASLOCK) && fp->f_type == DTYPE_VNODE) {
 1853                 lf.l_whence = SEEK_SET;
 1854                 lf.l_start = 0;
 1855                 lf.l_len = 0;
 1856                 lf.l_type = F_UNLCK;
 1857                 vp = fp->f_data;
 1858                 FILE_UNLOCK(fp);
 1859                 (void) VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK);
 1860         } else
 1861                 FILE_UNLOCK(fp);
 1862         if (fp->f_ops != &badfileops)
 1863                 error = fo_close(fp, td);
 1864         else
 1865                 error = 0;
 1866         ffree(fp);
 1867         mtx_unlock(&Giant);
 1868         return (error);
 1869 }
 1870 
 1871 /*
 1872  * Apply an advisory lock on a file descriptor.
 1873  *
 1874  * Just attempt to get a record lock of the requested type on
 1875  * the entire file (l_whence = SEEK_SET, l_start = 0, l_len = 0).
 1876  */
 1877 #ifndef _SYS_SYSPROTO_H_
 1878 struct flock_args {
 1879         int     fd;
 1880         int     how;
 1881 };
 1882 #endif
 1883 /*
 1884  * MPSAFE
 1885  */
 1886 /* ARGSUSED */
 1887 int
 1888 flock(td, uap)
 1889         struct thread *td;
 1890         struct flock_args *uap;
 1891 {
 1892         struct file *fp;
 1893         struct vnode *vp;
 1894         struct flock lf;
 1895         int error;
 1896 
 1897         if ((error = fget(td, uap->fd, &fp)) != 0)
 1898                 return (error);
 1899         if (fp->f_type != DTYPE_VNODE) {
 1900                 fdrop(fp, td);
 1901                 return (EOPNOTSUPP);
 1902         }
 1903 
 1904         mtx_lock(&Giant);
 1905         vp = fp->f_data;
 1906         lf.l_whence = SEEK_SET;
 1907         lf.l_start = 0;
 1908         lf.l_len = 0;
 1909         if (uap->how & LOCK_UN) {
 1910                 lf.l_type = F_UNLCK;
 1911                 FILE_LOCK(fp);
 1912                 fp->f_flag &= ~FHASLOCK;
 1913                 FILE_UNLOCK(fp);
 1914                 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK);
 1915                 goto done2;
 1916         }
 1917         if (uap->how & LOCK_EX)
 1918                 lf.l_type = F_WRLCK;
 1919         else if (uap->how & LOCK_SH)
 1920                 lf.l_type = F_RDLCK;
 1921         else {
 1922                 error = EBADF;
 1923                 goto done2;
 1924         }
 1925         FILE_LOCK(fp);
 1926         fp->f_flag |= FHASLOCK;
 1927         FILE_UNLOCK(fp);
 1928         error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf,
 1929             (uap->how & LOCK_NB) ? F_FLOCK : F_FLOCK | F_WAIT);
 1930 done2:
 1931         fdrop(fp, td);
 1932         mtx_unlock(&Giant);
 1933         return (error);
 1934 }
 1935 
 1936 /*
 1937  * File Descriptor pseudo-device driver (/dev/fd/).
 1938  *
 1939  * Opening minor device N dup()s the file (if any) connected to file
 1940  * descriptor N belonging to the calling process.  Note that this driver
 1941  * consists of only the ``open()'' routine, because all subsequent
 1942  * references to this file will be direct to the other driver.
 1943  */
 1944 /* ARGSUSED */
 1945 static int
 1946 fdopen(dev, mode, type, td)
 1947         dev_t dev;
 1948         int mode, type;
 1949         struct thread *td;
 1950 {
 1951 
 1952         /*
 1953          * XXX Kludge: set curthread->td_dupfd to contain the value of the
 1954          * the file descriptor being sought for duplication. The error
 1955          * return ensures that the vnode for this device will be released
 1956          * by vn_open. Open will detect this special error and take the
 1957          * actions in dupfdopen below. Other callers of vn_open or VOP_OPEN
 1958          * will simply report the error.
 1959          */
 1960         td->td_dupfd = dev2unit(dev);
 1961         return (ENODEV);
 1962 }
 1963 
 1964 /*
 1965  * Duplicate the specified descriptor to a free descriptor.
 1966  */
 1967 int
 1968 dupfdopen(td, fdp, indx, dfd, mode, error)
 1969         struct thread *td;
 1970         struct filedesc *fdp;
 1971         int indx, dfd;
 1972         int mode;
 1973         int error;
 1974 {
 1975         struct file *wfp;
 1976         struct file *fp;
 1977 
 1978         /*
 1979          * If the to-be-dup'd fd number is greater than the allowed number
 1980          * of file descriptors, or the fd to be dup'd has already been
 1981          * closed, then reject.
 1982          */
 1983         FILEDESC_LOCK(fdp);
 1984         if (dfd < 0 || dfd >= fdp->fd_nfiles ||
 1985             (wfp = fdp->fd_ofiles[dfd]) == NULL) {
 1986                 FILEDESC_UNLOCK(fdp);
 1987                 return (EBADF);
 1988         }
 1989 
 1990         /*
 1991          * There are two cases of interest here.
 1992          *
 1993          * For ENODEV simply dup (dfd) to file descriptor
 1994          * (indx) and return.
 1995          *
 1996          * For ENXIO steal away the file structure from (dfd) and
 1997          * store it in (indx).  (dfd) is effectively closed by
 1998          * this operation.
 1999          *
 2000          * Any other error code is just returned.
 2001          */
 2002         switch (error) {
 2003         case ENODEV:
 2004                 /*
 2005                  * Check that the mode the file is being opened for is a
 2006                  * subset of the mode of the existing descriptor.
 2007                  */
 2008                 FILE_LOCK(wfp);
 2009                 if (((mode & (FREAD|FWRITE)) | wfp->f_flag) != wfp->f_flag) {
 2010                         FILE_UNLOCK(wfp);
 2011                         FILEDESC_UNLOCK(fdp);
 2012                         return (EACCES);
 2013                 }
 2014                 fp = fdp->fd_ofiles[indx];
 2015 #if 0
 2016                 if (fp && fdp->fd_ofileflags[indx] & UF_MAPPED)
 2017                         (void) munmapfd(td, indx);
 2018 #endif
 2019                 fdp->fd_ofiles[indx] = wfp;
 2020                 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd];
 2021                 fhold_locked(wfp);
 2022                 FILE_UNLOCK(wfp);
 2023                 if (indx > fdp->fd_lastfile)
 2024                         fdp->fd_lastfile = indx;
 2025                 if (fp != NULL)
 2026                         FILE_LOCK(fp);
 2027                 FILEDESC_UNLOCK(fdp);
 2028                 /*
 2029                  * We now own the reference to fp that the ofiles[] array
 2030                  * used to own.  Release it.
 2031                  */
 2032                 if (fp != NULL)
 2033                         fdrop_locked(fp, td);
 2034                 return (0);
 2035 
 2036         case ENXIO:
 2037                 /*
 2038                  * Steal away the file pointer from dfd and stuff it into indx.
 2039                  */
 2040                 fp = fdp->fd_ofiles[indx];
 2041 #if 0
 2042                 if (fp && fdp->fd_ofileflags[indx] & UF_MAPPED)
 2043                         (void) munmapfd(td, indx);
 2044 #endif
 2045                 fdp->fd_ofiles[indx] = fdp->fd_ofiles[dfd];
 2046                 fdp->fd_ofiles[dfd] = NULL;
 2047                 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd];
 2048                 fdp->fd_ofileflags[dfd] = 0;
 2049 
 2050                 /*
 2051                  * Complete the clean up of the filedesc structure by
 2052                  * recomputing the various hints.
 2053                  */
 2054                 if (indx > fdp->fd_lastfile) {
 2055                         fdp->fd_lastfile = indx;
 2056                 } else {
 2057                         while (fdp->fd_lastfile > 0 &&
 2058                            fdp->fd_ofiles[fdp->fd_lastfile] == NULL) {
 2059                                 fdp->fd_lastfile--;
 2060                         }
 2061                         if (dfd < fdp->fd_freefile)
 2062                                 fdp->fd_freefile = dfd;
 2063                 }
 2064                 if (fp != NULL)
 2065                         FILE_LOCK(fp);
 2066                 FILEDESC_UNLOCK(fdp);
 2067 
 2068                 /*
 2069                  * we now own the reference to fp that the ofiles[] array
 2070                  * used to own.  Release it.
 2071                  */
 2072                 if (fp != NULL)
 2073                         fdrop_locked(fp, td);
 2074                 return (0);
 2075 
 2076         default:
 2077                 FILEDESC_UNLOCK(fdp);
 2078                 return (error);
 2079         }
 2080         /* NOTREACHED */
 2081 }
 2082 
 2083 /*
 2084  * Get file structures.
 2085  */
 2086 static int
 2087 sysctl_kern_file(SYSCTL_HANDLER_ARGS)
 2088 {
 2089         struct xfile xf;
 2090         struct filedesc *fdp;
 2091         struct file *fp;
 2092         struct proc *p;
 2093         int error, n;
 2094 
 2095         sysctl_wire_old_buffer(req, 0);
 2096         if (req->oldptr == NULL) {
 2097                 n = 16;         /* A slight overestimate. */
 2098                 sx_slock(&filelist_lock);
 2099                 LIST_FOREACH(fp, &filehead, f_list) {
 2100                         /*
 2101                          * We should grab the lock, but this is an
 2102                          * estimate, so does it really matter?
 2103                          */
 2104                         /* mtx_lock(fp->f_mtxp); */
 2105                         n += fp->f_count;
 2106                         /* mtx_unlock(f->f_mtxp); */
 2107                 }
 2108                 sx_sunlock(&filelist_lock);
 2109                 return (SYSCTL_OUT(req, 0, n * sizeof(xf)));
 2110         }
 2111         error = 0;
 2112         bzero(&xf, sizeof(xf));
 2113         xf.xf_size = sizeof(xf);
 2114         sx_slock(&allproc_lock);
 2115         LIST_FOREACH(p, &allproc, p_list) {
 2116                 PROC_LOCK(p);
 2117                 xf.xf_pid = p->p_pid;
 2118                 xf.xf_uid = p->p_ucred->cr_uid;
 2119                 PROC_UNLOCK(p);
 2120                 mtx_lock(&fdesc_mtx);
 2121                 if ((fdp = p->p_fd) == NULL) {
 2122                         mtx_unlock(&fdesc_mtx);
 2123                         continue;
 2124                 }
 2125                 FILEDESC_LOCK(fdp);
 2126                 for (n = 0; n < fdp->fd_nfiles; ++n) {
 2127                         if ((fp = fdp->fd_ofiles[n]) == NULL)
 2128                                 continue;
 2129                         xf.xf_fd = n;
 2130                         xf.xf_file = fp;
 2131                         xf.xf_data = fp->f_data;
 2132                         xf.xf_type = fp->f_type;
 2133                         xf.xf_count = fp->f_count;
 2134                         xf.xf_msgcount = fp->f_msgcount;
 2135                         xf.xf_offset = fp->f_offset;
 2136                         xf.xf_flag = fp->f_flag;
 2137                         error = SYSCTL_OUT(req, &xf, sizeof(xf));
 2138                         if (error)
 2139                                 break;
 2140                 }
 2141                 FILEDESC_UNLOCK(fdp);
 2142                 mtx_unlock(&fdesc_mtx);
 2143                 if (error)
 2144                         break;
 2145         }
 2146         sx_sunlock(&allproc_lock);
 2147         return (error);
 2148 }
 2149 
 2150 SYSCTL_PROC(_kern, KERN_FILE, file, CTLTYPE_OPAQUE|CTLFLAG_RD,
 2151     0, 0, sysctl_kern_file, "S,xfile", "Entire file table");
 2152 
 2153 SYSCTL_INT(_kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW, 
 2154     &maxfilesperproc, 0, "Maximum files allowed open per process");
 2155 
 2156 SYSCTL_INT(_kern, KERN_MAXFILES, maxfiles, CTLFLAG_RW, 
 2157     &maxfiles, 0, "Maximum number of files");
 2158 
 2159 SYSCTL_INT(_kern, OID_AUTO, openfiles, CTLFLAG_RD, 
 2160     &nfiles, 0, "System-wide number of open files");
 2161 
 2162 static void
 2163 fildesc_drvinit(void *unused)
 2164 {
 2165         dev_t dev;
 2166 
 2167         dev = make_dev(&fildesc_cdevsw, 0, UID_ROOT, GID_WHEEL, 0666, "fd/0");
 2168         make_dev_alias(dev, "stdin");
 2169         dev = make_dev(&fildesc_cdevsw, 1, UID_ROOT, GID_WHEEL, 0666, "fd/1");
 2170         make_dev_alias(dev, "stdout");
 2171         dev = make_dev(&fildesc_cdevsw, 2, UID_ROOT, GID_WHEEL, 0666, "fd/2");
 2172         make_dev_alias(dev, "stderr");
 2173 }
 2174 
 2175 static fo_rdwr_t        badfo_readwrite;
 2176 static fo_ioctl_t       badfo_ioctl;
 2177 static fo_poll_t        badfo_poll;
 2178 static fo_kqfilter_t    badfo_kqfilter;
 2179 static fo_stat_t        badfo_stat;
 2180 static fo_close_t       badfo_close;
 2181 
 2182 struct fileops badfileops = {
 2183         badfo_readwrite,
 2184         badfo_readwrite,
 2185         badfo_ioctl,
 2186         badfo_poll,
 2187         badfo_kqfilter,
 2188         badfo_stat,
 2189         badfo_close,
 2190         0
 2191 };
 2192 
 2193 static int
 2194 badfo_readwrite(fp, uio, active_cred, flags, td)
 2195         struct file *fp;
 2196         struct uio *uio;
 2197         struct ucred *active_cred;
 2198         struct thread *td;
 2199         int flags;
 2200 {
 2201 
 2202         return (EBADF);
 2203 }
 2204 
 2205 static int
 2206 badfo_ioctl(fp, com, data, active_cred, td)
 2207         struct file *fp;
 2208         u_long com;
 2209         void *data;
 2210         struct ucred *active_cred;
 2211         struct thread *td;
 2212 {
 2213 
 2214         return (EBADF);
 2215 }
 2216 
 2217 static int
 2218 badfo_poll(fp, events, active_cred, td)
 2219         struct file *fp;
 2220         int events;
 2221         struct ucred *active_cred;
 2222         struct thread *td;
 2223 {
 2224 
 2225         return (0);
 2226 }
 2227 
 2228 static int
 2229 badfo_kqfilter(fp, kn)
 2230         struct file *fp;
 2231         struct knote *kn;
 2232 {
 2233 
 2234         return (0);
 2235 }
 2236 
 2237 static int
 2238 badfo_stat(fp, sb, active_cred, td)
 2239         struct file *fp;
 2240         struct stat *sb;
 2241         struct ucred *active_cred;
 2242         struct thread *td;
 2243 {
 2244 
 2245         return (EBADF);
 2246 }
 2247 
 2248 static int
 2249 badfo_close(fp, td)
 2250         struct file *fp;
 2251         struct thread *td;
 2252 {
 2253 
 2254         return (EBADF);
 2255 }
 2256 
 2257 SYSINIT(fildescdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,
 2258                                         fildesc_drvinit,NULL)
 2259 
 2260 static void filelistinit(void *);
 2261 SYSINIT(select, SI_SUB_LOCK, SI_ORDER_FIRST, filelistinit, NULL)
 2262 
 2263 /* ARGSUSED*/
 2264 static void
 2265 filelistinit(dummy)
 2266         void *dummy;
 2267 {
 2268 
 2269         file_zone = uma_zcreate("Files", sizeof(struct file), NULL, NULL,
 2270             NULL, NULL, UMA_ALIGN_PTR, 0);
 2271         sx_init(&filelist_lock, "filelist lock");
 2272         mtx_init(&sigio_lock, "sigio lock", NULL, MTX_DEF);
 2273 }

Cache object: da79ea540b26eafdb362d24d383125cd


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.