The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/kern/vfs_aio.c

Version: -  FREEBSD  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-2  -  FREEBSD-11-1  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-4  -  FREEBSD-10-3  -  FREEBSD-10-2  -  FREEBSD-10-1  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-3  -  FREEBSD-9-2  -  FREEBSD-9-1  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-4  -  FREEBSD-8-3  -  FREEBSD-8-2  -  FREEBSD-8-1  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-4  -  FREEBSD-7-3  -  FREEBSD-7-2  -  FREEBSD-7-1  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-4  -  FREEBSD-6-3  -  FREEBSD-6-2  -  FREEBSD-6-1  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-5  -  FREEBSD-5-4  -  FREEBSD-5-3  -  FREEBSD-5-2  -  FREEBSD-5-1  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  linux-2.6  -  linux-2.4.22  -  MK83  -  MK84  -  PLAN9  -  DFBSD  -  NETBSD  -  NETBSD5  -  NETBSD4  -  NETBSD3  -  NETBSD20  -  OPENBSD  -  xnu-517  -  xnu-792  -  xnu-792.6.70  -  xnu-1228  -  xnu-1456.1.26  -  xnu-1699.24.8  -  xnu-2050.18.24  -  OPENSOLARIS  -  minix-3-1-1 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 1997 John S. Dyson.  All rights reserved.
    3  *
    4  * Redistribution and use in source and binary forms, with or without
    5  * modification, are permitted provided that the following conditions
    6  * are met:
    7  * 1. Redistributions of source code must retain the above copyright
    8  *    notice, this list of conditions and the following disclaimer.
    9  * 2. John S. Dyson's name may not be used to endorse or promote products
   10  *    derived from this software without specific prior written permission.
   11  *
   12  * DISCLAIMER:  This code isn't warranted to do anything useful.  Anything
   13  * bad that happens because of using this software isn't the responsibility
   14  * of the author.  This software is distributed AS-IS.
   15  */
   16 
   17 /*
   18  * This file contains support for the POSIX 1003.1B AIO/LIO facility.
   19  */
   20 
   21 #include <sys/cdefs.h>
   22 __FBSDID("$FreeBSD$");
   23 
   24 #include <sys/param.h>
   25 #include <sys/systm.h>
   26 #include <sys/malloc.h>
   27 #include <sys/bio.h>
   28 #include <sys/buf.h>
   29 #include <sys/eventhandler.h>
   30 #include <sys/sysproto.h>
   31 #include <sys/filedesc.h>
   32 #include <sys/kernel.h>
   33 #include <sys/module.h>
   34 #include <sys/kthread.h>
   35 #include <sys/fcntl.h>
   36 #include <sys/file.h>
   37 #include <sys/limits.h>
   38 #include <sys/lock.h>
   39 #include <sys/mutex.h>
   40 #include <sys/unistd.h>
   41 #include <sys/proc.h>
   42 #include <sys/resourcevar.h>
   43 #include <sys/signalvar.h>
   44 #include <sys/protosw.h>
   45 #include <sys/socketvar.h>
   46 #include <sys/syscall.h>
   47 #include <sys/sysent.h>
   48 #include <sys/sysctl.h>
   49 #include <sys/sx.h>
   50 #include <sys/vnode.h>
   51 #include <sys/conf.h>
   52 #include <sys/event.h>
   53 
   54 #include <posix4/posix4.h>
   55 #include <vm/vm.h>
   56 #include <vm/vm_extern.h>
   57 #include <vm/pmap.h>
   58 #include <vm/vm_map.h>
   59 #include <vm/uma.h>
   60 #include <sys/aio.h>
   61 
   62 #include "opt_vfs_aio.h"
   63 
   64 
   65 /*
   66  * Counter for allocating reference ids to new jobs.  Wrapped to 1 on
   67  * overflow.
   68  */
   69 static  long jobrefid;
   70 
   71 #define JOBST_NULL              0x0
   72 #define JOBST_JOBQGLOBAL        0x2
   73 #define JOBST_JOBRUNNING        0x3
   74 #define JOBST_JOBFINISHED       0x4
   75 #define JOBST_JOBQBUF           0x5
   76 #define JOBST_JOBBFINISHED      0x6
   77 
   78 #ifndef MAX_AIO_PER_PROC
   79 #define MAX_AIO_PER_PROC        32
   80 #endif
   81 
   82 #ifndef MAX_AIO_QUEUE_PER_PROC
   83 #define MAX_AIO_QUEUE_PER_PROC  256 /* Bigger than AIO_LISTIO_MAX */
   84 #endif
   85 
   86 #ifndef MAX_AIO_PROCS
   87 #define MAX_AIO_PROCS           32
   88 #endif
   89 
   90 #ifndef MAX_AIO_QUEUE
   91 #define MAX_AIO_QUEUE           1024 /* Bigger than AIO_LISTIO_MAX */
   92 #endif
   93 
   94 #ifndef TARGET_AIO_PROCS
   95 #define TARGET_AIO_PROCS        4
   96 #endif
   97 
   98 #ifndef MAX_BUF_AIO
   99 #define MAX_BUF_AIO             16
  100 #endif
  101 
  102 #ifndef AIOD_TIMEOUT_DEFAULT
  103 #define AIOD_TIMEOUT_DEFAULT    (10 * hz)
  104 #endif
  105 
  106 #ifndef AIOD_LIFETIME_DEFAULT
  107 #define AIOD_LIFETIME_DEFAULT   (30 * hz)
  108 #endif
  109 
  110 static SYSCTL_NODE(_vfs, OID_AUTO, aio, CTLFLAG_RW, 0, "Async IO management");
  111 
  112 static int max_aio_procs = MAX_AIO_PROCS;
  113 SYSCTL_INT(_vfs_aio, OID_AUTO, max_aio_procs,
  114         CTLFLAG_RW, &max_aio_procs, 0,
  115         "Maximum number of kernel threads to use for handling async IO ");
  116 
  117 static int num_aio_procs = 0;
  118 SYSCTL_INT(_vfs_aio, OID_AUTO, num_aio_procs,
  119         CTLFLAG_RD, &num_aio_procs, 0,
  120         "Number of presently active kernel threads for async IO");
  121 
  122 /*
  123  * The code will adjust the actual number of AIO processes towards this
  124  * number when it gets a chance.
  125  */
  126 static int target_aio_procs = TARGET_AIO_PROCS;
  127 SYSCTL_INT(_vfs_aio, OID_AUTO, target_aio_procs, CTLFLAG_RW, &target_aio_procs,
  128         0, "Preferred number of ready kernel threads for async IO");
  129 
  130 static int max_queue_count = MAX_AIO_QUEUE;
  131 SYSCTL_INT(_vfs_aio, OID_AUTO, max_aio_queue, CTLFLAG_RW, &max_queue_count, 0,
  132     "Maximum number of aio requests to queue, globally");
  133 
  134 static int num_queue_count = 0;
  135 SYSCTL_INT(_vfs_aio, OID_AUTO, num_queue_count, CTLFLAG_RD, &num_queue_count, 0,
  136     "Number of queued aio requests");
  137 
  138 static int num_buf_aio = 0;
  139 SYSCTL_INT(_vfs_aio, OID_AUTO, num_buf_aio, CTLFLAG_RD, &num_buf_aio, 0,
  140     "Number of aio requests presently handled by the buf subsystem");
  141 
  142 /* Number of async I/O thread in the process of being started */
  143 /* XXX This should be local to _aio_aqueue() */
  144 static int num_aio_resv_start = 0;
  145 
  146 static int aiod_timeout;
  147 SYSCTL_INT(_vfs_aio, OID_AUTO, aiod_timeout, CTLFLAG_RW, &aiod_timeout, 0,
  148     "Timeout value for synchronous aio operations");
  149 
  150 static int aiod_lifetime;
  151 SYSCTL_INT(_vfs_aio, OID_AUTO, aiod_lifetime, CTLFLAG_RW, &aiod_lifetime, 0,
  152     "Maximum lifetime for idle aiod");
  153 
  154 static int unloadable = 0;
  155 SYSCTL_INT(_vfs_aio, OID_AUTO, unloadable, CTLFLAG_RW, &unloadable, 0,
  156     "Allow unload of aio (not recommended)");
  157 
  158 
  159 static int max_aio_per_proc = MAX_AIO_PER_PROC;
  160 SYSCTL_INT(_vfs_aio, OID_AUTO, max_aio_per_proc, CTLFLAG_RW, &max_aio_per_proc,
  161     0, "Maximum active aio requests per process (stored in the process)");
  162 
  163 static int max_aio_queue_per_proc = MAX_AIO_QUEUE_PER_PROC;
  164 SYSCTL_INT(_vfs_aio, OID_AUTO, max_aio_queue_per_proc, CTLFLAG_RW,
  165     &max_aio_queue_per_proc, 0,
  166     "Maximum queued aio requests per process (stored in the process)");
  167 
  168 static int max_buf_aio = MAX_BUF_AIO;
  169 SYSCTL_INT(_vfs_aio, OID_AUTO, max_buf_aio, CTLFLAG_RW, &max_buf_aio, 0,
  170     "Maximum buf aio requests per process (stored in the process)");
  171 
  172 struct aiocblist {
  173         TAILQ_ENTRY(aiocblist) list;    /* List of jobs */
  174         TAILQ_ENTRY(aiocblist) plist;   /* List of jobs for proc */
  175         int     jobflags;
  176         int     jobstate;
  177         int     inputcharge;
  178         int     outputcharge;
  179         struct  buf *bp;                /* Buffer pointer */
  180         struct  proc *userproc;         /* User process */ /* Not td! */
  181         struct  ucred *cred;            /* Active credential when created */
  182         struct  file *fd_file;          /* Pointer to file structure */
  183         struct  aio_liojob *lio;        /* Optional lio job */
  184         struct  aiocb *uuaiocb;         /* Pointer in userspace of aiocb */
  185         struct  knlist klist;           /* list of knotes */
  186         struct  aiocb uaiocb;           /* Kernel I/O control block */
  187 };
  188 
  189 /* jobflags */
  190 #define AIOCBLIST_RUNDOWN       0x4
  191 #define AIOCBLIST_DONE          0x10
  192 
  193 /*
  194  * AIO process info
  195  */
  196 #define AIOP_FREE       0x1                     /* proc on free queue */
  197 
  198 struct aiothreadlist {
  199         int aiothreadflags;                     /* AIO proc flags */
  200         TAILQ_ENTRY(aiothreadlist) list;        /* List of processes */
  201         struct thread *aiothread;               /* The AIO thread */
  202 };
  203 
  204 /*
  205  * data-structure for lio signal management
  206  */
  207 struct aio_liojob {
  208         int     lioj_flags;
  209         int     lioj_buffer_count;
  210         int     lioj_buffer_finished_count;
  211         int     lioj_queue_count;
  212         int     lioj_queue_finished_count;
  213         struct  sigevent lioj_signal;   /* signal on all I/O done */
  214         TAILQ_ENTRY(aio_liojob) lioj_list;
  215 };
  216 #define LIOJ_SIGNAL             0x1     /* signal on all done (lio) */
  217 #define LIOJ_SIGNAL_POSTED      0x2     /* signal has been posted */
  218 
  219 /*
  220  * per process aio data structure
  221  */
  222 struct kaioinfo {
  223         int     kaio_flags;             /* per process kaio flags */
  224         int     kaio_maxactive_count;   /* maximum number of AIOs */
  225         int     kaio_active_count;      /* number of currently used AIOs */
  226         int     kaio_qallowed_count;    /* maxiumu size of AIO queue */
  227         int     kaio_queue_count;       /* size of AIO queue */
  228         int     kaio_ballowed_count;    /* maximum number of buffers */
  229         int     kaio_queue_finished_count; /* number of daemon jobs finished */
  230         int     kaio_buffer_count;      /* number of physio buffers */
  231         int     kaio_buffer_finished_count; /* count of I/O done */
  232         TAILQ_HEAD(,aio_liojob) kaio_liojoblist; /* list of lio jobs */
  233         TAILQ_HEAD(,aiocblist) kaio_jobqueue;   /* job queue for process */
  234         TAILQ_HEAD(,aiocblist) kaio_jobdone;    /* done queue for process */
  235         TAILQ_HEAD(,aiocblist) kaio_bufqueue;   /* buffer job queue for process */
  236         TAILQ_HEAD(,aiocblist) kaio_bufdone;    /* buffer done queue for process */
  237         TAILQ_HEAD(,aiocblist) kaio_sockqueue;  /* queue for aios waiting on sockets */
  238 };
  239 
  240 #define KAIO_RUNDOWN    0x1     /* process is being run down */
  241 #define KAIO_WAKEUP     0x2     /* wakeup process when there is a significant event */
  242 
  243 static TAILQ_HEAD(,aiothreadlist) aio_freeproc;         /* Idle daemons */
  244 static struct mtx aio_freeproc_mtx;
  245 
  246 static TAILQ_HEAD(,aiocblist) aio_jobs;                 /* Async job list */
  247 
  248 static void     aio_init_aioinfo(struct proc *p);
  249 static void     aio_onceonly(void);
  250 static int      aio_free_entry(struct aiocblist *aiocbe);
  251 static void     aio_process(struct aiocblist *aiocbe);
  252 static int      aio_newproc(void);
  253 static int      aio_aqueue(struct thread *td, struct aiocb *job, int type);
  254 static void     aio_physwakeup(struct buf *bp);
  255 static void     aio_proc_rundown(void *arg, struct proc *p);
  256 static int      aio_fphysio(struct aiocblist *aiocbe);
  257 static int      aio_qphysio(struct proc *p, struct aiocblist *iocb);
  258 static void     aio_daemon(void *uproc);
  259 static void     aio_swake_cb(struct socket *, struct sockbuf *);
  260 static int      aio_unload(void);
  261 static int      filt_aioattach(struct knote *kn);
  262 static void     filt_aiodetach(struct knote *kn);
  263 static int      filt_aio(struct knote *kn, long hint);
  264 
  265 /*
  266  * Zones for:
  267  *      kaio    Per process async io info
  268  *      aiop    async io thread data
  269  *      aiocb   async io jobs
  270  *      aiol    list io job pointer - internal to aio_suspend XXX
  271  *      aiolio  list io jobs
  272  */
  273 static uma_zone_t kaio_zone, aiop_zone, aiocb_zone, aiol_zone, aiolio_zone;
  274 
  275 /* kqueue filters for aio */
  276 static struct filterops aio_filtops =
  277         { 0, filt_aioattach, filt_aiodetach, filt_aio };
  278 
  279 static eventhandler_tag exit_tag, exec_tag;
  280 
  281 /*
  282  * Main operations function for use as a kernel module.
  283  */
  284 static int
  285 aio_modload(struct module *module, int cmd, void *arg)
  286 {
  287         int error = 0;
  288 
  289         switch (cmd) {
  290         case MOD_LOAD:
  291                 aio_onceonly();
  292                 break;
  293         case MOD_UNLOAD:
  294                 error = aio_unload();
  295                 break;
  296         case MOD_SHUTDOWN:
  297                 break;
  298         default:
  299                 error = EINVAL;
  300                 break;
  301         }
  302         return (error);
  303 }
  304 
  305 static moduledata_t aio_mod = {
  306         "aio",
  307         &aio_modload,
  308         NULL
  309 };
  310 
  311 SYSCALL_MODULE_HELPER(aio_return);
  312 SYSCALL_MODULE_HELPER(aio_suspend);
  313 SYSCALL_MODULE_HELPER(aio_cancel);
  314 SYSCALL_MODULE_HELPER(aio_error);
  315 SYSCALL_MODULE_HELPER(aio_read);
  316 SYSCALL_MODULE_HELPER(aio_write);
  317 SYSCALL_MODULE_HELPER(aio_waitcomplete);
  318 SYSCALL_MODULE_HELPER(lio_listio);
  319 
  320 DECLARE_MODULE(aio, aio_mod,
  321         SI_SUB_VFS, SI_ORDER_ANY);
  322 MODULE_VERSION(aio, 1);
  323 
  324 /*
  325  * Startup initialization
  326  */
  327 static void
  328 aio_onceonly(void)
  329 {
  330 
  331         /* XXX: should probably just use so->callback */
  332         aio_swake = &aio_swake_cb;
  333         exit_tag = EVENTHANDLER_REGISTER(process_exit, aio_proc_rundown, NULL,
  334             EVENTHANDLER_PRI_ANY);
  335         exec_tag = EVENTHANDLER_REGISTER(process_exec, aio_proc_rundown, NULL,
  336             EVENTHANDLER_PRI_ANY);
  337         kqueue_add_filteropts(EVFILT_AIO, &aio_filtops);
  338         TAILQ_INIT(&aio_freeproc);
  339         mtx_init(&aio_freeproc_mtx, "aio_freeproc", NULL, MTX_DEF);
  340         TAILQ_INIT(&aio_jobs);
  341         kaio_zone = uma_zcreate("AIO", sizeof(struct kaioinfo), NULL, NULL,
  342             NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
  343         aiop_zone = uma_zcreate("AIOP", sizeof(struct aiothreadlist), NULL,
  344             NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
  345         aiocb_zone = uma_zcreate("AIOCB", sizeof(struct aiocblist), NULL, NULL,
  346             NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
  347         aiol_zone = uma_zcreate("AIOL", AIO_LISTIO_MAX*sizeof(intptr_t) , NULL,
  348             NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
  349         aiolio_zone = uma_zcreate("AIOLIO", sizeof(struct aio_liojob), NULL,
  350             NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
  351         aiod_timeout = AIOD_TIMEOUT_DEFAULT;
  352         aiod_lifetime = AIOD_LIFETIME_DEFAULT;
  353         jobrefid = 1;
  354         async_io_version = _POSIX_VERSION;
  355         p31b_setcfg(CTL_P1003_1B_AIO_LISTIO_MAX, AIO_LISTIO_MAX);
  356         p31b_setcfg(CTL_P1003_1B_AIO_MAX, MAX_AIO_QUEUE);
  357         p31b_setcfg(CTL_P1003_1B_AIO_PRIO_DELTA_MAX, 0);
  358 }
  359 
  360 /*
  361  * Callback for unload of AIO when used as a module.
  362  */
  363 static int
  364 aio_unload(void)
  365 {
  366         int error;
  367 
  368         /*
  369          * XXX: no unloads by default, it's too dangerous.
  370          * perhaps we could do it if locked out callers and then
  371          * did an aio_proc_rundown() on each process.
  372          */
  373         if (!unloadable)
  374                 return (EOPNOTSUPP);
  375 
  376         error = kqueue_del_filteropts(EVFILT_AIO);
  377         if (error)
  378                 return error;
  379 
  380         async_io_version = 0;
  381         aio_swake = NULL;
  382         EVENTHANDLER_DEREGISTER(process_exit, exit_tag);
  383         EVENTHANDLER_DEREGISTER(process_exec, exec_tag);
  384         p31b_setcfg(CTL_P1003_1B_AIO_LISTIO_MAX, -1);
  385         p31b_setcfg(CTL_P1003_1B_AIO_MAX, -1);
  386         p31b_setcfg(CTL_P1003_1B_AIO_PRIO_DELTA_MAX, -1);
  387         return (0);
  388 }
  389 
  390 /*
  391  * Init the per-process aioinfo structure.  The aioinfo limits are set
  392  * per-process for user limit (resource) management.
  393  */
  394 static void
  395 aio_init_aioinfo(struct proc *p)
  396 {
  397         struct kaioinfo *ki;
  398 
  399         ki = uma_zalloc(kaio_zone, M_WAITOK);
  400         ki->kaio_flags = 0;
  401         ki->kaio_maxactive_count = max_aio_per_proc;
  402         ki->kaio_active_count = 0;
  403         ki->kaio_qallowed_count = max_aio_queue_per_proc;
  404         ki->kaio_queue_count = 0;
  405         ki->kaio_ballowed_count = max_buf_aio;
  406         ki->kaio_buffer_count = 0;
  407         ki->kaio_buffer_finished_count = 0;
  408         TAILQ_INIT(&ki->kaio_jobdone);
  409         TAILQ_INIT(&ki->kaio_jobqueue);
  410         TAILQ_INIT(&ki->kaio_bufdone);
  411         TAILQ_INIT(&ki->kaio_bufqueue);
  412         TAILQ_INIT(&ki->kaio_liojoblist);
  413         TAILQ_INIT(&ki->kaio_sockqueue);
  414         PROC_LOCK(p);
  415         if (p->p_aioinfo == NULL) {
  416                 p->p_aioinfo = ki;
  417                 PROC_UNLOCK(p);
  418         } else {
  419                 PROC_UNLOCK(p);
  420                 uma_zfree(kaio_zone, ki);
  421         }
  422 
  423         while (num_aio_procs < target_aio_procs)
  424                 aio_newproc();
  425 }
  426 
  427 /*
  428  * Free a job entry.  Wait for completion if it is currently active, but don't
  429  * delay forever.  If we delay, we return a flag that says that we have to
  430  * restart the queue scan.
  431  */
  432 static int
  433 aio_free_entry(struct aiocblist *aiocbe)
  434 {
  435         struct kaioinfo *ki;
  436         struct aio_liojob *lj;
  437         struct proc *p;
  438         int error;
  439         int s;
  440 
  441         if (aiocbe->jobstate == JOBST_NULL)
  442                 panic("aio_free_entry: freeing already free job");
  443 
  444         p = aiocbe->userproc;
  445         ki = p->p_aioinfo;
  446         lj = aiocbe->lio;
  447         if (ki == NULL)
  448                 panic("aio_free_entry: missing p->p_aioinfo");
  449 
  450         while (aiocbe->jobstate == JOBST_JOBRUNNING) {
  451                 aiocbe->jobflags |= AIOCBLIST_RUNDOWN;
  452                 tsleep(aiocbe, PRIBIO, "jobwai", 0);
  453         }
  454         if (aiocbe->bp == NULL) {
  455                 if (ki->kaio_queue_count <= 0)
  456                         panic("aio_free_entry: process queue size <= 0");
  457                 if (num_queue_count <= 0)
  458                         panic("aio_free_entry: system wide queue size <= 0");
  459 
  460                 if (lj) {
  461                         lj->lioj_queue_count--;
  462                         if (aiocbe->jobflags & AIOCBLIST_DONE)
  463                                 lj->lioj_queue_finished_count--;
  464                 }
  465                 ki->kaio_queue_count--;
  466                 if (aiocbe->jobflags & AIOCBLIST_DONE)
  467                         ki->kaio_queue_finished_count--;
  468                 num_queue_count--;
  469         } else {
  470                 if (lj) {
  471                         lj->lioj_buffer_count--;
  472                         if (aiocbe->jobflags & AIOCBLIST_DONE)
  473                                 lj->lioj_buffer_finished_count--;
  474                 }
  475                 if (aiocbe->jobflags & AIOCBLIST_DONE)
  476                         ki->kaio_buffer_finished_count--;
  477                 ki->kaio_buffer_count--;
  478                 num_buf_aio--;
  479         }
  480 
  481         /* aiocbe is going away, we need to destroy any knotes */
  482         /* XXXKSE Note the thread here is used to eventually find the
  483          * owning process again, but it is also used to do a fo_close
  484          * and that requires the thread. (but does it require the
  485          * OWNING thread? (or maybe the running thread?)
  486          * There is a semantic problem here...
  487          */
  488         knlist_delete(&aiocbe->klist, FIRST_THREAD_IN_PROC(p), 0); /* XXXKSE */
  489 
  490         if ((ki->kaio_flags & KAIO_WAKEUP) || ((ki->kaio_flags & KAIO_RUNDOWN)
  491             && ((ki->kaio_buffer_count == 0) && (ki->kaio_queue_count == 0)))) {
  492                 ki->kaio_flags &= ~KAIO_WAKEUP;
  493                 wakeup(p);
  494         }
  495 
  496         if (aiocbe->jobstate == JOBST_JOBQBUF) {
  497                 if ((error = aio_fphysio(aiocbe)) != 0)
  498                         return (error);
  499                 if (aiocbe->jobstate != JOBST_JOBBFINISHED)
  500                         panic("aio_free_entry: invalid physio finish-up state");
  501                 s = splbio();
  502                 TAILQ_REMOVE(&ki->kaio_bufdone, aiocbe, plist);
  503                 splx(s);
  504         } else if (aiocbe->jobstate == JOBST_JOBQGLOBAL) {
  505                 s = splnet();
  506                 mtx_lock(&aio_freeproc_mtx);
  507                 TAILQ_REMOVE(&aio_jobs, aiocbe, list);
  508                 TAILQ_REMOVE(&ki->kaio_jobqueue, aiocbe, plist);
  509                 mtx_unlock(&aio_freeproc_mtx);
  510                 splx(s);
  511         } else if (aiocbe->jobstate == JOBST_JOBFINISHED)
  512                 TAILQ_REMOVE(&ki->kaio_jobdone, aiocbe, plist);
  513         else if (aiocbe->jobstate == JOBST_JOBBFINISHED) {
  514                 s = splbio();
  515                 TAILQ_REMOVE(&ki->kaio_bufdone, aiocbe, plist);
  516                 splx(s);
  517                 if (aiocbe->bp) {
  518                         vunmapbuf(aiocbe->bp);
  519                         relpbuf(aiocbe->bp, NULL);
  520                         aiocbe->bp = NULL;
  521                 }
  522         }
  523         if (lj && (lj->lioj_buffer_count == 0) && (lj->lioj_queue_count == 0)) {
  524                 TAILQ_REMOVE(&ki->kaio_liojoblist, lj, lioj_list);
  525                 uma_zfree(aiolio_zone, lj);
  526         }
  527         aiocbe->jobstate = JOBST_NULL;
  528         fdrop(aiocbe->fd_file, curthread);
  529         crfree(aiocbe->cred);
  530         uma_zfree(aiocb_zone, aiocbe);
  531         return (0);
  532 }
  533 
  534 /*
  535  * Rundown the jobs for a given process.
  536  */
  537 static void
  538 aio_proc_rundown(void *arg, struct proc *p)
  539 {
  540         int s;
  541         struct kaioinfo *ki;
  542         struct aio_liojob *lj, *ljn;
  543         struct aiocblist *aiocbe, *aiocbn;
  544         struct file *fp;
  545         struct socket *so;
  546 
  547         ki = p->p_aioinfo;
  548         if (ki == NULL)
  549                 return;
  550 
  551         mtx_lock(&Giant);
  552         ki->kaio_flags |= LIOJ_SIGNAL_POSTED;
  553         while ((ki->kaio_active_count > 0) || (ki->kaio_buffer_count >
  554             ki->kaio_buffer_finished_count)) {
  555                 ki->kaio_flags |= KAIO_RUNDOWN;
  556                 if (tsleep(p, PRIBIO, "kaiowt", aiod_timeout))
  557                         break;
  558         }
  559 
  560         /*
  561          * Move any aio ops that are waiting on socket I/O to the normal job
  562          * queues so they are cleaned up with any others.
  563          */
  564         s = splnet();
  565         mtx_lock(&aio_freeproc_mtx);
  566         for (aiocbe = TAILQ_FIRST(&ki->kaio_sockqueue); aiocbe; aiocbe =
  567             aiocbn) {
  568                 aiocbn = TAILQ_NEXT(aiocbe, plist);
  569                 fp = aiocbe->fd_file;
  570                 if (fp != NULL) {
  571                         so = fp->f_data;
  572                         TAILQ_REMOVE(&so->so_aiojobq, aiocbe, list);
  573                         if (TAILQ_EMPTY(&so->so_aiojobq)) {
  574                                 SOCKBUF_LOCK(&so->so_snd);
  575                                 so->so_snd.sb_flags &= ~SB_AIO;
  576                                 SOCKBUF_UNLOCK(&so->so_snd);
  577                                 SOCKBUF_LOCK(&so->so_rcv);
  578                                 so->so_rcv.sb_flags &= ~SB_AIO;
  579                                 SOCKBUF_UNLOCK(&so->so_rcv);
  580                         }
  581                 }
  582                 TAILQ_REMOVE(&ki->kaio_sockqueue, aiocbe, plist);
  583                 TAILQ_INSERT_HEAD(&aio_jobs, aiocbe, list);
  584                 TAILQ_INSERT_HEAD(&ki->kaio_jobqueue, aiocbe, plist);
  585         }
  586         mtx_unlock(&aio_freeproc_mtx);
  587         splx(s);
  588 
  589 restart1:
  590         for (aiocbe = TAILQ_FIRST(&ki->kaio_jobdone); aiocbe; aiocbe = aiocbn) {
  591                 aiocbn = TAILQ_NEXT(aiocbe, plist);
  592                 if (aio_free_entry(aiocbe))
  593                         goto restart1;
  594         }
  595 
  596 restart2:
  597         mtx_lock(&aio_freeproc_mtx);
  598         while ((aiocbe = TAILQ_FIRST(&ki->kaio_jobqueue)) != NULL) {
  599                 mtx_unlock(&aio_freeproc_mtx);
  600                 if (aio_free_entry(aiocbe))
  601                         goto restart2;
  602                 mtx_lock(&aio_freeproc_mtx);
  603         }
  604         mtx_unlock(&aio_freeproc_mtx);
  605 
  606 /*
  607  * Note the use of lots of splbio here, trying to avoid splbio for long chains
  608  * of I/O.  Probably unnecessary.
  609  */
  610 restart3:
  611         s = splbio();
  612         while (TAILQ_FIRST(&ki->kaio_bufqueue)) {
  613                 ki->kaio_flags |= KAIO_WAKEUP;
  614                 tsleep(p, PRIBIO, "aioprn", 0);
  615                 splx(s);
  616                 goto restart3;
  617         }
  618         splx(s);
  619 
  620 restart4:
  621         s = splbio();
  622         for (aiocbe = TAILQ_FIRST(&ki->kaio_bufdone); aiocbe; aiocbe = aiocbn) {
  623                 aiocbn = TAILQ_NEXT(aiocbe, plist);
  624                 if (aio_free_entry(aiocbe)) {
  625                         splx(s);
  626                         goto restart4;
  627                 }
  628         }
  629         splx(s);
  630 
  631         /*
  632          * If we've slept, jobs might have moved from one queue to another.
  633          * Retry rundown if we didn't manage to empty the queues.
  634          */
  635         mtx_lock(&aio_freeproc_mtx);
  636         if (TAILQ_FIRST(&ki->kaio_jobdone) != NULL ||
  637             TAILQ_FIRST(&ki->kaio_jobqueue) != NULL ||
  638             TAILQ_FIRST(&ki->kaio_bufqueue) != NULL ||
  639             TAILQ_FIRST(&ki->kaio_bufdone) != NULL) {
  640                 mtx_unlock(&aio_freeproc_mtx);
  641                 goto restart1;
  642         }
  643         mtx_unlock(&aio_freeproc_mtx);
  644 
  645         for (lj = TAILQ_FIRST(&ki->kaio_liojoblist); lj; lj = ljn) {
  646                 ljn = TAILQ_NEXT(lj, lioj_list);
  647                 if ((lj->lioj_buffer_count == 0) && (lj->lioj_queue_count ==
  648                     0)) {
  649                         TAILQ_REMOVE(&ki->kaio_liojoblist, lj, lioj_list);
  650                         uma_zfree(aiolio_zone, lj);
  651                 } else {
  652 #ifdef DIAGNOSTIC
  653                         printf("LIO job not cleaned up: B:%d, BF:%d, Q:%d, "
  654                             "QF:%d\n", lj->lioj_buffer_count,
  655                             lj->lioj_buffer_finished_count,
  656                             lj->lioj_queue_count,
  657                             lj->lioj_queue_finished_count);
  658 #endif
  659                 }
  660         }
  661 
  662         uma_zfree(kaio_zone, ki);
  663         p->p_aioinfo = NULL;
  664         mtx_unlock(&Giant);
  665 }
  666 
  667 /*
  668  * Select a job to run (called by an AIO daemon).
  669  */
  670 static struct aiocblist *
  671 aio_selectjob(struct aiothreadlist *aiop)
  672 {
  673         int s;
  674         struct aiocblist *aiocbe;
  675         struct kaioinfo *ki;
  676         struct proc *userp;
  677 
  678         s = splnet();
  679         mtx_lock(&aio_freeproc_mtx);
  680         for (aiocbe = TAILQ_FIRST(&aio_jobs); aiocbe; aiocbe =
  681             TAILQ_NEXT(aiocbe, list)) {
  682                 userp = aiocbe->userproc;
  683                 ki = userp->p_aioinfo;
  684 
  685                 if (ki->kaio_active_count < ki->kaio_maxactive_count) {
  686                         TAILQ_REMOVE(&aio_jobs, aiocbe, list);
  687                         mtx_unlock(&aio_freeproc_mtx);
  688                         splx(s);
  689                         return (aiocbe);
  690                 }
  691         }
  692         mtx_unlock(&aio_freeproc_mtx);
  693         splx(s);
  694 
  695         return (NULL);
  696 }
  697 
  698 /*
  699  * The AIO processing activity.  This is the code that does the I/O request for
  700  * the non-physio version of the operations.  The normal vn operations are used,
  701  * and this code should work in all instances for every type of file, including
  702  * pipes, sockets, fifos, and regular files.
  703  */
  704 static void
  705 aio_process(struct aiocblist *aiocbe)
  706 {
  707         struct ucred *td_savedcred;
  708         struct thread *td;
  709         struct proc *mycp;
  710         struct aiocb *cb;
  711         struct file *fp;
  712         struct uio auio;
  713         struct iovec aiov;
  714         int cnt;
  715         int error;
  716         int oublock_st, oublock_end;
  717         int inblock_st, inblock_end;
  718 
  719         td = curthread;
  720         td_savedcred = td->td_ucred;
  721         td->td_ucred = aiocbe->cred;
  722         mycp = td->td_proc;
  723         cb = &aiocbe->uaiocb;
  724         fp = aiocbe->fd_file;
  725 
  726         aiov.iov_base = (void *)(uintptr_t)cb->aio_buf;
  727         aiov.iov_len = cb->aio_nbytes;
  728 
  729         auio.uio_iov = &aiov;
  730         auio.uio_iovcnt = 1;
  731         auio.uio_offset = cb->aio_offset;
  732         auio.uio_resid = cb->aio_nbytes;
  733         cnt = cb->aio_nbytes;
  734         auio.uio_segflg = UIO_USERSPACE;
  735         auio.uio_td = td;
  736 
  737         inblock_st = mycp->p_stats->p_ru.ru_inblock;
  738         oublock_st = mycp->p_stats->p_ru.ru_oublock;
  739         /*
  740          * _aio_aqueue() acquires a reference to the file that is
  741          * released in aio_free_entry().
  742          */
  743         if (cb->aio_lio_opcode == LIO_READ) {
  744                 auio.uio_rw = UIO_READ;
  745                 error = fo_read(fp, &auio, fp->f_cred, FOF_OFFSET, td);
  746         } else {
  747                 auio.uio_rw = UIO_WRITE;
  748                 error = fo_write(fp, &auio, fp->f_cred, FOF_OFFSET, td);
  749         }
  750         inblock_end = mycp->p_stats->p_ru.ru_inblock;
  751         oublock_end = mycp->p_stats->p_ru.ru_oublock;
  752 
  753         aiocbe->inputcharge = inblock_end - inblock_st;
  754         aiocbe->outputcharge = oublock_end - oublock_st;
  755 
  756         if ((error) && (auio.uio_resid != cnt)) {
  757                 if (error == ERESTART || error == EINTR || error == EWOULDBLOCK)
  758                         error = 0;
  759                 if ((error == EPIPE) && (cb->aio_lio_opcode == LIO_WRITE)) {
  760                         PROC_LOCK(aiocbe->userproc);
  761                         psignal(aiocbe->userproc, SIGPIPE);
  762                         PROC_UNLOCK(aiocbe->userproc);
  763                 }
  764         }
  765 
  766         cnt -= auio.uio_resid;
  767         cb->_aiocb_private.error = error;
  768         cb->_aiocb_private.status = cnt;
  769         td->td_ucred = td_savedcred;
  770 }
  771 
  772 /*
  773  * The AIO daemon, most of the actual work is done in aio_process,
  774  * but the setup (and address space mgmt) is done in this routine.
  775  */
  776 static void
  777 aio_daemon(void *uproc)
  778 {
  779         int s;
  780         struct aio_liojob *lj;
  781         struct aiocb *cb;
  782         struct aiocblist *aiocbe;
  783         struct aiothreadlist *aiop;
  784         struct kaioinfo *ki;
  785         struct proc *curcp, *mycp, *userp;
  786         struct vmspace *myvm, *tmpvm;
  787         struct thread *td = curthread;
  788         struct pgrp *newpgrp;
  789         struct session *newsess;
  790 
  791         /*
  792          * Local copies of curproc (cp) and vmspace (myvm)
  793          */
  794         mycp = td->td_proc;
  795         myvm = mycp->p_vmspace;
  796 
  797         KASSERT(mycp->p_textvp == NULL, ("kthread has a textvp"));
  798 
  799         /*
  800          * Allocate and ready the aio control info.  There is one aiop structure
  801          * per daemon.
  802          */
  803         aiop = uma_zalloc(aiop_zone, M_WAITOK);
  804         aiop->aiothread = td;
  805         aiop->aiothreadflags |= AIOP_FREE;
  806 
  807         /*
  808          * Place thread (lightweight process) onto the AIO free thread list.
  809          */
  810         mtx_lock(&aio_freeproc_mtx);
  811         TAILQ_INSERT_HEAD(&aio_freeproc, aiop, list);
  812         mtx_unlock(&aio_freeproc_mtx);
  813 
  814         /* The daemon resides in its own pgrp. */
  815         MALLOC(newpgrp, struct pgrp *, sizeof(struct pgrp), M_PGRP,
  816                 M_WAITOK | M_ZERO);
  817         MALLOC(newsess, struct session *, sizeof(struct session), M_SESSION,
  818                 M_WAITOK | M_ZERO);
  819 
  820         sx_xlock(&proctree_lock);
  821         enterpgrp(mycp, mycp->p_pid, newpgrp, newsess);
  822         sx_xunlock(&proctree_lock);
  823         mtx_lock(&Giant);
  824 
  825         /*
  826          * Wakeup parent process.  (Parent sleeps to keep from blasting away
  827          * and creating too many daemons.)
  828          */
  829         wakeup(mycp);
  830 
  831         mtx_lock(&aio_freeproc_mtx);
  832         for (;;) {
  833                 /*
  834                  * curcp is the current daemon process context.
  835                  * userp is the current user process context.
  836                  */
  837                 curcp = mycp;
  838 
  839                 /*
  840                  * Take daemon off of free queue
  841                  */
  842                 if (aiop->aiothreadflags & AIOP_FREE) {
  843                         TAILQ_REMOVE(&aio_freeproc, aiop, list);
  844                         aiop->aiothreadflags &= ~AIOP_FREE;
  845                 }
  846                 mtx_unlock(&aio_freeproc_mtx);
  847 
  848                 /*
  849                  * Check for jobs.
  850                  */
  851                 while ((aiocbe = aio_selectjob(aiop)) != NULL) {
  852                         cb = &aiocbe->uaiocb;
  853                         userp = aiocbe->userproc;
  854 
  855                         aiocbe->jobstate = JOBST_JOBRUNNING;
  856 
  857                         /*
  858                          * Connect to process address space for user program.
  859                          */
  860                         if (userp != curcp) {
  861                                 /*
  862                                  * Save the current address space that we are
  863                                  * connected to.
  864                                  */
  865                                 tmpvm = mycp->p_vmspace;
  866 
  867                                 /*
  868                                  * Point to the new user address space, and
  869                                  * refer to it.
  870                                  */
  871                                 mycp->p_vmspace = userp->p_vmspace;
  872                                 atomic_add_int(&mycp->p_vmspace->vm_refcnt, 1);
  873 
  874                                 /* Activate the new mapping. */
  875                                 pmap_activate(FIRST_THREAD_IN_PROC(mycp));
  876 
  877                                 /*
  878                                  * If the old address space wasn't the daemons
  879                                  * own address space, then we need to remove the
  880                                  * daemon's reference from the other process
  881                                  * that it was acting on behalf of.
  882                                  */
  883                                 if (tmpvm != myvm) {
  884                                         vmspace_free(tmpvm);
  885                                 }
  886                                 curcp = userp;
  887                         }
  888 
  889                         ki = userp->p_aioinfo;
  890                         lj = aiocbe->lio;
  891 
  892                         /* Account for currently active jobs. */
  893                         ki->kaio_active_count++;
  894 
  895                         /* Do the I/O function. */
  896                         aio_process(aiocbe);
  897 
  898                         /* Decrement the active job count. */
  899                         ki->kaio_active_count--;
  900 
  901                         /*
  902                          * Increment the completion count for wakeup/signal
  903                          * comparisons.
  904                          */
  905                         aiocbe->jobflags |= AIOCBLIST_DONE;
  906                         ki->kaio_queue_finished_count++;
  907                         if (lj)
  908                                 lj->lioj_queue_finished_count++;
  909                         if ((ki->kaio_flags & KAIO_WAKEUP) || ((ki->kaio_flags
  910                             & KAIO_RUNDOWN) && (ki->kaio_active_count == 0))) {
  911                                 ki->kaio_flags &= ~KAIO_WAKEUP;
  912                                 wakeup(userp);
  913                         }
  914 
  915                         s = splbio();
  916                         if (lj && (lj->lioj_flags &
  917                             (LIOJ_SIGNAL|LIOJ_SIGNAL_POSTED)) == LIOJ_SIGNAL) {
  918                                 if ((lj->lioj_queue_finished_count ==
  919                                     lj->lioj_queue_count) &&
  920                                     (lj->lioj_buffer_finished_count ==
  921                                     lj->lioj_buffer_count)) {
  922                                         PROC_LOCK(userp);
  923                                         psignal(userp,
  924                                             lj->lioj_signal.sigev_signo);
  925                                         PROC_UNLOCK(userp);
  926                                         lj->lioj_flags |= LIOJ_SIGNAL_POSTED;
  927                                 }
  928                         }
  929                         splx(s);
  930 
  931                         aiocbe->jobstate = JOBST_JOBFINISHED;
  932 
  933                         s = splnet();
  934                         mtx_lock(&aio_freeproc_mtx);
  935                         TAILQ_REMOVE(&ki->kaio_jobqueue, aiocbe, plist);
  936                         TAILQ_INSERT_TAIL(&ki->kaio_jobdone, aiocbe, plist);
  937                         mtx_unlock(&aio_freeproc_mtx);
  938                         splx(s);
  939                         KNOTE_UNLOCKED(&aiocbe->klist, 0);
  940 
  941                         if (aiocbe->jobflags & AIOCBLIST_RUNDOWN) {
  942                                 wakeup(aiocbe);
  943                                 aiocbe->jobflags &= ~AIOCBLIST_RUNDOWN;
  944                         }
  945 
  946                         if (cb->aio_sigevent.sigev_notify == SIGEV_SIGNAL) {
  947                                 PROC_LOCK(userp);
  948                                 psignal(userp, cb->aio_sigevent.sigev_signo);
  949                                 PROC_UNLOCK(userp);
  950                         }
  951                 }
  952 
  953                 /*
  954                  * Disconnect from user address space.
  955                  */
  956                 if (curcp != mycp) {
  957                         /* Get the user address space to disconnect from. */
  958                         tmpvm = mycp->p_vmspace;
  959 
  960                         /* Get original address space for daemon. */
  961                         mycp->p_vmspace = myvm;
  962 
  963                         /* Activate the daemon's address space. */
  964                         pmap_activate(FIRST_THREAD_IN_PROC(mycp));
  965 #ifdef DIAGNOSTIC
  966                         if (tmpvm == myvm) {
  967                                 printf("AIOD: vmspace problem -- %d\n",
  968                                     mycp->p_pid);
  969                         }
  970 #endif
  971                         /* Remove our vmspace reference. */
  972                         vmspace_free(tmpvm);
  973 
  974                         curcp = mycp;
  975                 }
  976 
  977                 mtx_lock(&aio_freeproc_mtx);
  978                 TAILQ_INSERT_HEAD(&aio_freeproc, aiop, list);
  979                 aiop->aiothreadflags |= AIOP_FREE;
  980 
  981                 /*
  982                  * If daemon is inactive for a long time, allow it to exit,
  983                  * thereby freeing resources.
  984                  */
  985                 if (msleep(aiop->aiothread, &aio_freeproc_mtx, PRIBIO,
  986                     "aiordy", aiod_lifetime)) {
  987                         s = splnet();
  988                         if (TAILQ_EMPTY(&aio_jobs)) {
  989                                 if ((aiop->aiothreadflags & AIOP_FREE) &&
  990                                     (num_aio_procs > target_aio_procs)) {
  991                                         TAILQ_REMOVE(&aio_freeproc, aiop, list);
  992                                         mtx_unlock(&aio_freeproc_mtx);
  993                                         splx(s);
  994                                         uma_zfree(aiop_zone, aiop);
  995                                         num_aio_procs--;
  996 #ifdef DIAGNOSTIC
  997                                         if (mycp->p_vmspace->vm_refcnt <= 1) {
  998                                                 printf("AIOD: bad vm refcnt for"
  999                                                     " exiting daemon: %d\n",
 1000                                                     mycp->p_vmspace->vm_refcnt);
 1001                                         }
 1002 #endif
 1003                                         kthread_exit(0);
 1004                                 }
 1005                         }
 1006                         splx(s);
 1007                 }
 1008         }
 1009 }
 1010 
 1011 /*
 1012  * Create a new AIO daemon.  This is mostly a kernel-thread fork routine.  The
 1013  * AIO daemon modifies its environment itself.
 1014  */
 1015 static int
 1016 aio_newproc(void)
 1017 {
 1018         int error;
 1019         struct proc *p;
 1020 
 1021         error = kthread_create(aio_daemon, curproc, &p, RFNOWAIT, 0, "aiod%d",
 1022             num_aio_procs);
 1023         if (error)
 1024                 return (error);
 1025 
 1026         /*
 1027          * Wait until daemon is started, but continue on just in case to
 1028          * handle error conditions.
 1029          */
 1030         error = tsleep(p, PZERO, "aiosta", aiod_timeout);
 1031 
 1032         num_aio_procs++;
 1033 
 1034         return (error);
 1035 }
 1036 
 1037 /*
 1038  * Try the high-performance, low-overhead physio method for eligible
 1039  * VCHR devices.  This method doesn't use an aio helper thread, and
 1040  * thus has very low overhead.
 1041  *
 1042  * Assumes that the caller, _aio_aqueue(), has incremented the file
 1043  * structure's reference count, preventing its deallocation for the
 1044  * duration of this call.
 1045  */
 1046 static int
 1047 aio_qphysio(struct proc *p, struct aiocblist *aiocbe)
 1048 {
 1049         int error;
 1050         struct aiocb *cb;
 1051         struct file *fp;
 1052         struct buf *bp;
 1053         struct vnode *vp;
 1054         struct kaioinfo *ki;
 1055         struct aio_liojob *lj;
 1056         int s;
 1057         int notify;
 1058 
 1059         cb = &aiocbe->uaiocb;
 1060         fp = aiocbe->fd_file;
 1061 
 1062         if (fp->f_type != DTYPE_VNODE)
 1063                 return (-1);
 1064 
 1065         vp = fp->f_vnode;
 1066 
 1067         /*
 1068          * If its not a disk, we don't want to return a positive error.
 1069          * It causes the aio code to not fall through to try the thread
 1070          * way when you're talking to a regular file.
 1071          */
 1072         if (!vn_isdisk(vp, &error)) {
 1073                 if (error == ENOTBLK)
 1074                         return (-1);
 1075                 else
 1076                         return (error);
 1077         }
 1078 
 1079         if (vp->v_bufobj.bo_bsize == 0)
 1080                 return (-1);
 1081 
 1082         if (cb->aio_nbytes % vp->v_bufobj.bo_bsize)
 1083                 return (-1);
 1084 
 1085         if (cb->aio_nbytes >
 1086             MAXPHYS - (((vm_offset_t) cb->aio_buf) & PAGE_MASK))
 1087                 return (-1);
 1088 
 1089         ki = p->p_aioinfo;
 1090         if (ki->kaio_buffer_count >= ki->kaio_ballowed_count)
 1091                 return (-1);
 1092 
 1093         ki->kaio_buffer_count++;
 1094 
 1095         lj = aiocbe->lio;
 1096         if (lj)
 1097                 lj->lioj_buffer_count++;
 1098 
 1099         /* Create and build a buffer header for a transfer. */
 1100         bp = (struct buf *)getpbuf(NULL);
 1101         BUF_KERNPROC(bp);
 1102 
 1103         /*
 1104          * Get a copy of the kva from the physical buffer.
 1105          */
 1106         error = 0;
 1107 
 1108         bp->b_bcount = cb->aio_nbytes;
 1109         bp->b_bufsize = cb->aio_nbytes;
 1110         bp->b_iodone = aio_physwakeup;
 1111         bp->b_saveaddr = bp->b_data;
 1112         bp->b_data = (void *)(uintptr_t)cb->aio_buf;
 1113         bp->b_offset = cb->aio_offset;
 1114         bp->b_iooffset = cb->aio_offset;
 1115         bp->b_blkno = btodb(cb->aio_offset);
 1116         bp->b_iocmd = cb->aio_lio_opcode == LIO_WRITE ? BIO_WRITE : BIO_READ;
 1117 
 1118         /*
 1119          * Bring buffer into kernel space.
 1120          */
 1121         if (vmapbuf(bp) < 0) {
 1122                 error = EFAULT;
 1123                 goto doerror;
 1124         }
 1125 
 1126         s = splbio();
 1127         aiocbe->bp = bp;
 1128         bp->b_caller1 = (void *)aiocbe;
 1129         TAILQ_INSERT_TAIL(&ki->kaio_bufqueue, aiocbe, plist);
 1130         aiocbe->jobstate = JOBST_JOBQBUF;
 1131         cb->_aiocb_private.status = cb->aio_nbytes;
 1132         num_buf_aio++;
 1133         bp->b_error = 0;
 1134 
 1135         splx(s);
 1136 
 1137         /* Perform transfer. */
 1138         dev_strategy(vp->v_rdev, bp);
 1139 
 1140         notify = 0;
 1141         s = splbio();
 1142 
 1143         /*
 1144          * If we had an error invoking the request, or an error in processing
 1145          * the request before we have returned, we process it as an error in
 1146          * transfer.  Note that such an I/O error is not indicated immediately,
 1147          * but is returned using the aio_error mechanism.  In this case,
 1148          * aio_suspend will return immediately.
 1149          */
 1150         if (bp->b_error || (bp->b_ioflags & BIO_ERROR)) {
 1151                 struct aiocb *job = aiocbe->uuaiocb;
 1152 
 1153                 aiocbe->uaiocb._aiocb_private.status = 0;
 1154                 suword(&job->_aiocb_private.status, 0);
 1155                 aiocbe->uaiocb._aiocb_private.error = bp->b_error;
 1156                 suword(&job->_aiocb_private.error, bp->b_error);
 1157 
 1158                 ki->kaio_buffer_finished_count++;
 1159 
 1160                 if (aiocbe->jobstate != JOBST_JOBBFINISHED) {
 1161                         aiocbe->jobstate = JOBST_JOBBFINISHED;
 1162                         aiocbe->jobflags |= AIOCBLIST_DONE;
 1163                         TAILQ_REMOVE(&ki->kaio_bufqueue, aiocbe, plist);
 1164                         TAILQ_INSERT_TAIL(&ki->kaio_bufdone, aiocbe, plist);
 1165                         notify = 1;
 1166                 }
 1167         }
 1168         splx(s);
 1169         if (notify)
 1170                 KNOTE_UNLOCKED(&aiocbe->klist, 0);
 1171         return (0);
 1172 
 1173 doerror:
 1174         ki->kaio_buffer_count--;
 1175         if (lj)
 1176                 lj->lioj_buffer_count--;
 1177         aiocbe->bp = NULL;
 1178         relpbuf(bp, NULL);
 1179         return (error);
 1180 }
 1181 
 1182 /*
 1183  * This waits/tests physio completion.
 1184  */
 1185 static int
 1186 aio_fphysio(struct aiocblist *iocb)
 1187 {
 1188         int s;
 1189         struct buf *bp;
 1190         int error;
 1191 
 1192         bp = iocb->bp;
 1193 
 1194         s = splbio();
 1195         while ((bp->b_flags & B_DONE) == 0) {
 1196                 if (tsleep(bp, PRIBIO, "physstr", aiod_timeout)) {
 1197                         if ((bp->b_flags & B_DONE) == 0) {
 1198                                 splx(s);
 1199                                 return (EINPROGRESS);
 1200                         } else
 1201                                 break;
 1202                 }
 1203         }
 1204         splx(s);
 1205 
 1206         /* Release mapping into kernel space. */
 1207         vunmapbuf(bp);
 1208         iocb->bp = 0;
 1209 
 1210         error = 0;
 1211 
 1212         /* Check for an error. */
 1213         if (bp->b_ioflags & BIO_ERROR)
 1214                 error = bp->b_error;
 1215 
 1216         relpbuf(bp, NULL);
 1217         return (error);
 1218 }
 1219 
 1220 /*
 1221  * Wake up aio requests that may be serviceable now.
 1222  */
 1223 static void
 1224 aio_swake_cb(struct socket *so, struct sockbuf *sb)
 1225 {
 1226         struct aiocblist *cb,*cbn;
 1227         struct proc *p;
 1228         struct kaioinfo *ki = NULL;
 1229         int opcode, wakecount = 0;
 1230         struct aiothreadlist *aiop;
 1231 
 1232         if (sb == &so->so_snd) {
 1233                 opcode = LIO_WRITE;
 1234                 SOCKBUF_LOCK(&so->so_snd);
 1235                 so->so_snd.sb_flags &= ~SB_AIO;
 1236                 SOCKBUF_UNLOCK(&so->so_snd);
 1237         } else {
 1238                 opcode = LIO_READ;
 1239                 SOCKBUF_LOCK(&so->so_rcv);
 1240                 so->so_rcv.sb_flags &= ~SB_AIO;
 1241                 SOCKBUF_UNLOCK(&so->so_rcv);
 1242         }
 1243 
 1244         mtx_lock(&aio_freeproc_mtx);
 1245         for (cb = TAILQ_FIRST(&so->so_aiojobq); cb; cb = cbn) {
 1246                 cbn = TAILQ_NEXT(cb, list);
 1247                 if (opcode == cb->uaiocb.aio_lio_opcode) {
 1248                         p = cb->userproc;
 1249                         ki = p->p_aioinfo;
 1250                         TAILQ_REMOVE(&so->so_aiojobq, cb, list);
 1251                         TAILQ_REMOVE(&ki->kaio_sockqueue, cb, plist);
 1252                         TAILQ_INSERT_TAIL(&aio_jobs, cb, list);
 1253                         TAILQ_INSERT_TAIL(&ki->kaio_jobqueue, cb, plist);
 1254                         wakecount++;
 1255                         if (cb->jobstate != JOBST_JOBQGLOBAL)
 1256                                 panic("invalid queue value");
 1257                 }
 1258         }
 1259 
 1260         while (wakecount--) {
 1261                 if ((aiop = TAILQ_FIRST(&aio_freeproc)) != 0) {
 1262                         TAILQ_REMOVE(&aio_freeproc, aiop, list);
 1263                         aiop->aiothreadflags &= ~AIOP_FREE;
 1264                         wakeup(aiop->aiothread);
 1265                 }
 1266         }
 1267         mtx_unlock(&aio_freeproc_mtx);
 1268 }
 1269 
 1270 /*
 1271  * Queue a new AIO request.  Choosing either the threaded or direct physio VCHR
 1272  * technique is done in this code.
 1273  */
 1274 static int
 1275 _aio_aqueue(struct thread *td, struct aiocb *job, struct aio_liojob *lj, int type)
 1276 {
 1277         struct proc *p = td->td_proc;
 1278         struct filedesc *fdp;
 1279         struct file *fp;
 1280         unsigned int fd;
 1281         struct socket *so;
 1282         int s;
 1283         int error;
 1284         int opcode;
 1285         struct aiocblist *aiocbe;
 1286         struct aiothreadlist *aiop;
 1287         struct kaioinfo *ki;
 1288         struct kevent kev;
 1289         struct kqueue *kq;
 1290         struct file *kq_fp;
 1291         struct sockbuf *sb;
 1292 
 1293         aiocbe = uma_zalloc(aiocb_zone, M_WAITOK);
 1294         aiocbe->inputcharge = 0;
 1295         aiocbe->outputcharge = 0;
 1296         /* XXX - need a lock */
 1297         knlist_init(&aiocbe->klist, NULL, NULL, NULL, NULL);
 1298 
 1299         suword(&job->_aiocb_private.status, -1);
 1300         suword(&job->_aiocb_private.error, 0);
 1301         suword(&job->_aiocb_private.kernelinfo, -1);
 1302 
 1303         error = copyin(job, &aiocbe->uaiocb, sizeof(aiocbe->uaiocb));
 1304         if (error) {
 1305                 suword(&job->_aiocb_private.error, error);
 1306                 uma_zfree(aiocb_zone, aiocbe);
 1307                 return (error);
 1308         }
 1309         if (aiocbe->uaiocb.aio_sigevent.sigev_notify == SIGEV_SIGNAL &&
 1310                 !_SIG_VALID(aiocbe->uaiocb.aio_sigevent.sigev_signo)) {
 1311                 uma_zfree(aiocb_zone, aiocbe);
 1312                 return (EINVAL);
 1313         }
 1314 
 1315         /* Save userspace address of the job info. */
 1316         aiocbe->uuaiocb = job;
 1317 
 1318         /* Get the opcode. */
 1319         if (type != LIO_NOP)
 1320                 aiocbe->uaiocb.aio_lio_opcode = type;
 1321         opcode = aiocbe->uaiocb.aio_lio_opcode;
 1322 
 1323         /* Get the fd info for process. */
 1324         fdp = p->p_fd;
 1325 
 1326         /*
 1327          * Range check file descriptor.
 1328          */
 1329         FILEDESC_LOCK(fdp);
 1330         fd = aiocbe->uaiocb.aio_fildes;
 1331         if (fd >= fdp->fd_nfiles) {
 1332                 FILEDESC_UNLOCK(fdp);
 1333                 uma_zfree(aiocb_zone, aiocbe);
 1334                 if (type == 0)
 1335                         suword(&job->_aiocb_private.error, EBADF);
 1336                 return (EBADF);
 1337         }
 1338 
 1339         fp = aiocbe->fd_file = fdp->fd_ofiles[fd];
 1340         if ((fp == NULL) ||
 1341             ((opcode == LIO_WRITE) && ((fp->f_flag & FWRITE) == 0)) ||
 1342             ((opcode == LIO_READ) && ((fp->f_flag & FREAD) == 0))) {
 1343                 FILEDESC_UNLOCK(fdp);
 1344                 uma_zfree(aiocb_zone, aiocbe);
 1345                 if (type == 0)
 1346                         suword(&job->_aiocb_private.error, EBADF);
 1347                 return (EBADF);
 1348         }
 1349         fhold(fp);
 1350         FILEDESC_UNLOCK(fdp);
 1351 
 1352         if (aiocbe->uaiocb.aio_offset == -1LL) {
 1353                 error = EINVAL;
 1354                 goto aqueue_fail;
 1355         }
 1356         error = suword(&job->_aiocb_private.kernelinfo, jobrefid);
 1357         if (error) {
 1358                 error = EINVAL;
 1359                 goto aqueue_fail;
 1360         }
 1361         aiocbe->uaiocb._aiocb_private.kernelinfo = (void *)(intptr_t)jobrefid;
 1362         if (jobrefid == LONG_MAX)
 1363                 jobrefid = 1;
 1364         else
 1365                 jobrefid++;
 1366 
 1367         if (opcode == LIO_NOP) {
 1368                 fdrop(fp, td);
 1369                 uma_zfree(aiocb_zone, aiocbe);
 1370                 if (type == 0) {
 1371                         suword(&job->_aiocb_private.error, 0);
 1372                         suword(&job->_aiocb_private.status, 0);
 1373                         suword(&job->_aiocb_private.kernelinfo, 0);
 1374                 }
 1375                 return (0);
 1376         }
 1377         if ((opcode != LIO_READ) && (opcode != LIO_WRITE)) {
 1378                 if (type == 0)
 1379                         suword(&job->_aiocb_private.status, 0);
 1380                 error = EINVAL;
 1381                 goto aqueue_fail;
 1382         }
 1383 
 1384         if (aiocbe->uaiocb.aio_sigevent.sigev_notify == SIGEV_KEVENT) {
 1385                 kev.ident = aiocbe->uaiocb.aio_sigevent.sigev_notify_kqueue;
 1386                 kev.udata = aiocbe->uaiocb.aio_sigevent.sigev_value.sigval_ptr;
 1387         } else
 1388                 goto no_kqueue;
 1389         if ((u_int)kev.ident >= fdp->fd_nfiles ||
 1390             (kq_fp = fdp->fd_ofiles[kev.ident]) == NULL ||
 1391             (kq_fp->f_type != DTYPE_KQUEUE)) {
 1392                 error = EBADF;
 1393                 goto aqueue_fail;
 1394         }
 1395         kq = kq_fp->f_data;
 1396         kev.ident = (uintptr_t)aiocbe->uuaiocb;
 1397         kev.filter = EVFILT_AIO;
 1398         kev.flags = EV_ADD | EV_ENABLE | EV_FLAG1;
 1399         kev.data = (intptr_t)aiocbe;
 1400         error = kqueue_register(kq, &kev, td, 1);
 1401 aqueue_fail:
 1402         if (error) {
 1403                 fdrop(fp, td);
 1404                 uma_zfree(aiocb_zone, aiocbe);
 1405                 if (type == 0)
 1406                         suword(&job->_aiocb_private.error, error);
 1407                 goto done;
 1408         }
 1409 no_kqueue:
 1410 
 1411         suword(&job->_aiocb_private.error, EINPROGRESS);
 1412         aiocbe->uaiocb._aiocb_private.error = EINPROGRESS;
 1413         aiocbe->userproc = p;
 1414         aiocbe->cred = crhold(td->td_ucred);
 1415         aiocbe->jobflags = 0;
 1416         aiocbe->lio = lj;
 1417         ki = p->p_aioinfo;
 1418 
 1419         if (fp->f_type == DTYPE_SOCKET) {
 1420                 /*
 1421                  * Alternate queueing for socket ops: Reach down into the
 1422                  * descriptor to get the socket data.  Then check to see if the
 1423                  * socket is ready to be read or written (based on the requested
 1424                  * operation).
 1425                  *
 1426                  * If it is not ready for io, then queue the aiocbe on the
 1427                  * socket, and set the flags so we get a call when sbnotify()
 1428                  * happens.
 1429                  *
 1430                  * Note if opcode is neither LIO_WRITE nor LIO_READ we lock
 1431                  * and unlock the snd sockbuf for no reason.
 1432                  */
 1433                 so = fp->f_data;
 1434                 sb = (opcode == LIO_READ) ? &so->so_rcv : &so->so_snd;
 1435                 mtx_lock(&aio_freeproc_mtx);
 1436                 SOCKBUF_LOCK(sb);
 1437                 s = splnet();
 1438                 if (((opcode == LIO_READ) && (!soreadable(so))) || ((opcode ==
 1439                     LIO_WRITE) && (!sowriteable(so)))) {
 1440                         TAILQ_INSERT_TAIL(&so->so_aiojobq, aiocbe, list);
 1441                         TAILQ_INSERT_TAIL(&ki->kaio_sockqueue, aiocbe, plist);
 1442                         sb->sb_flags |= SB_AIO;
 1443                         aiocbe->jobstate = JOBST_JOBQGLOBAL; /* XXX */
 1444                         ki->kaio_queue_count++;
 1445                         num_queue_count++;
 1446                         SOCKBUF_UNLOCK(sb);
 1447                         mtx_unlock(&aio_freeproc_mtx);
 1448                         splx(s);
 1449                         error = 0;
 1450                         goto done;
 1451                 }
 1452                 SOCKBUF_UNLOCK(sb);
 1453                 mtx_unlock(&aio_freeproc_mtx);
 1454                 splx(s);
 1455         }
 1456 
 1457         if ((error = aio_qphysio(p, aiocbe)) == 0)
 1458                 goto done;
 1459         if (error > 0) {
 1460                 suword(&job->_aiocb_private.status, 0);
 1461                 aiocbe->uaiocb._aiocb_private.error = error;
 1462                 suword(&job->_aiocb_private.error, error);
 1463                 goto done;
 1464         }
 1465 
 1466         /* No buffer for daemon I/O. */
 1467         aiocbe->bp = NULL;
 1468 
 1469         ki->kaio_queue_count++;
 1470         if (lj)
 1471                 lj->lioj_queue_count++;
 1472         s = splnet();
 1473         mtx_lock(&aio_freeproc_mtx);
 1474         TAILQ_INSERT_TAIL(&ki->kaio_jobqueue, aiocbe, plist);
 1475         TAILQ_INSERT_TAIL(&aio_jobs, aiocbe, list);
 1476         splx(s);
 1477         aiocbe->jobstate = JOBST_JOBQGLOBAL;
 1478 
 1479         num_queue_count++;
 1480         error = 0;
 1481 
 1482         /*
 1483          * If we don't have a free AIO process, and we are below our quota, then
 1484          * start one.  Otherwise, depend on the subsequent I/O completions to
 1485          * pick-up this job.  If we don't sucessfully create the new process
 1486          * (thread) due to resource issues, we return an error for now (EAGAIN),
 1487          * which is likely not the correct thing to do.
 1488          */
 1489 retryproc:
 1490         if ((aiop = TAILQ_FIRST(&aio_freeproc)) != NULL) {
 1491                 TAILQ_REMOVE(&aio_freeproc, aiop, list);
 1492                 aiop->aiothreadflags &= ~AIOP_FREE;
 1493                 wakeup(aiop->aiothread);
 1494         } else if (((num_aio_resv_start + num_aio_procs) < max_aio_procs) &&
 1495             ((ki->kaio_active_count + num_aio_resv_start) <
 1496             ki->kaio_maxactive_count)) {
 1497                 num_aio_resv_start++;
 1498                 mtx_unlock(&aio_freeproc_mtx);
 1499                 if ((error = aio_newproc()) == 0) {
 1500                         mtx_lock(&aio_freeproc_mtx);
 1501                         num_aio_resv_start--;
 1502                         goto retryproc;
 1503                 }
 1504                 mtx_lock(&aio_freeproc_mtx);
 1505                 num_aio_resv_start--;
 1506         }
 1507         mtx_unlock(&aio_freeproc_mtx);
 1508 done:
 1509         return (error);
 1510 }
 1511 
 1512 /*
 1513  * This routine queues an AIO request, checking for quotas.
 1514  */
 1515 static int
 1516 aio_aqueue(struct thread *td, struct aiocb *job, int type)
 1517 {
 1518         struct proc *p = td->td_proc;
 1519         struct kaioinfo *ki;
 1520 
 1521         if (p->p_aioinfo == NULL)
 1522                 aio_init_aioinfo(p);
 1523 
 1524         if (num_queue_count >= max_queue_count)
 1525                 return (EAGAIN);
 1526 
 1527         ki = p->p_aioinfo;
 1528         if (ki->kaio_queue_count >= ki->kaio_qallowed_count)
 1529                 return (EAGAIN);
 1530 
 1531         return _aio_aqueue(td, job, NULL, type);
 1532 }
 1533 
 1534 /*
 1535  * Support the aio_return system call, as a side-effect, kernel resources are
 1536  * released.
 1537  */
 1538 int
 1539 aio_return(struct thread *td, struct aio_return_args *uap)
 1540 {
 1541         struct proc *p = td->td_proc;
 1542         int s;
 1543         long jobref;
 1544         struct aiocblist *cb, *ncb;
 1545         struct aiocb *ujob;
 1546         struct kaioinfo *ki;
 1547 
 1548         ujob = uap->aiocbp;
 1549         jobref = fuword(&ujob->_aiocb_private.kernelinfo);
 1550         if (jobref == -1 || jobref == 0)
 1551                 return (EINVAL);
 1552 
 1553         ki = p->p_aioinfo;
 1554         if (ki == NULL)
 1555                 return (EINVAL);
 1556         PROC_LOCK(p);
 1557         TAILQ_FOREACH(cb, &ki->kaio_jobdone, plist) {
 1558                 if (((intptr_t) cb->uaiocb._aiocb_private.kernelinfo) ==
 1559                     jobref) {
 1560                         if (cb->uaiocb.aio_lio_opcode == LIO_WRITE) {
 1561                                 p->p_stats->p_ru.ru_oublock +=
 1562                                     cb->outputcharge;
 1563                                 cb->outputcharge = 0;
 1564                         } else if (cb->uaiocb.aio_lio_opcode == LIO_READ) {
 1565                                 p->p_stats->p_ru.ru_inblock += cb->inputcharge;
 1566                                 cb->inputcharge = 0;
 1567                         }
 1568                         goto done;
 1569                 }
 1570         }
 1571         s = splbio();
 1572         for (cb = TAILQ_FIRST(&ki->kaio_bufdone); cb; cb = ncb) {
 1573                 ncb = TAILQ_NEXT(cb, plist);
 1574                 if (((intptr_t) cb->uaiocb._aiocb_private.kernelinfo)
 1575                     == jobref) {
 1576                         break;
 1577                 }
 1578         }
 1579         splx(s);
 1580  done:
 1581         PROC_UNLOCK(p);
 1582         if (cb != NULL) {
 1583                 if (ujob == cb->uuaiocb) {
 1584                         td->td_retval[0] =
 1585                             cb->uaiocb._aiocb_private.status;
 1586                 } else
 1587                         td->td_retval[0] = EFAULT;
 1588                 aio_free_entry(cb);
 1589                 return (0);
 1590         }
 1591         return (EINVAL);
 1592 }
 1593 
 1594 /*
 1595  * Allow a process to wakeup when any of the I/O requests are completed.
 1596  */
 1597 int
 1598 aio_suspend(struct thread *td, struct aio_suspend_args *uap)
 1599 {
 1600         struct proc *p = td->td_proc;
 1601         struct timeval atv;
 1602         struct timespec ts;
 1603         struct aiocb *const *cbptr, *cbp;
 1604         struct kaioinfo *ki;
 1605         struct aiocblist *cb;
 1606         int i;
 1607         int njoblist;
 1608         int error, s, timo;
 1609         long *ijoblist;
 1610         struct aiocb **ujoblist;
 1611 
 1612         if (uap->nent < 0 || uap->nent > AIO_LISTIO_MAX)
 1613                 return (EINVAL);
 1614 
 1615         timo = 0;
 1616         if (uap->timeout) {
 1617                 /* Get timespec struct. */
 1618                 if ((error = copyin(uap->timeout, &ts, sizeof(ts))) != 0)
 1619                         return (error);
 1620 
 1621                 if (ts.tv_nsec < 0 || ts.tv_nsec >= 1000000000)
 1622                         return (EINVAL);
 1623 
 1624                 TIMESPEC_TO_TIMEVAL(&atv, &ts);
 1625                 if (itimerfix(&atv))
 1626                         return (EINVAL);
 1627                 timo = tvtohz(&atv);
 1628         }
 1629 
 1630         ki = p->p_aioinfo;
 1631         if (ki == NULL)
 1632                 return (EAGAIN);
 1633 
 1634         njoblist = 0;
 1635         ijoblist = uma_zalloc(aiol_zone, M_WAITOK);
 1636         ujoblist = uma_zalloc(aiol_zone, M_WAITOK);
 1637         cbptr = uap->aiocbp;
 1638 
 1639         for (i = 0; i < uap->nent; i++) {
 1640                 cbp = (struct aiocb *)(intptr_t)fuword(&cbptr[i]);
 1641                 if (cbp == 0)
 1642                         continue;
 1643                 ujoblist[njoblist] = cbp;
 1644                 ijoblist[njoblist] = fuword(&cbp->_aiocb_private.kernelinfo);
 1645                 njoblist++;
 1646         }
 1647 
 1648         if (njoblist == 0) {
 1649                 uma_zfree(aiol_zone, ijoblist);
 1650                 uma_zfree(aiol_zone, ujoblist);
 1651                 return (0);
 1652         }
 1653 
 1654         error = 0;
 1655         for (;;) {
 1656                 PROC_LOCK(p);
 1657                 TAILQ_FOREACH(cb, &ki->kaio_jobdone, plist) {
 1658                         for (i = 0; i < njoblist; i++) {
 1659                                 if (((intptr_t)
 1660                                     cb->uaiocb._aiocb_private.kernelinfo) ==
 1661                                     ijoblist[i]) {
 1662                                         PROC_UNLOCK(p);
 1663                                         if (ujoblist[i] != cb->uuaiocb)
 1664                                                 error = EINVAL;
 1665                                         uma_zfree(aiol_zone, ijoblist);
 1666                                         uma_zfree(aiol_zone, ujoblist);
 1667                                         return (error);
 1668                                 }
 1669                         }
 1670                 }
 1671 
 1672                 s = splbio();
 1673                 for (cb = TAILQ_FIRST(&ki->kaio_bufdone); cb; cb =
 1674                     TAILQ_NEXT(cb, plist)) {
 1675                         for (i = 0; i < njoblist; i++) {
 1676                                 if (((intptr_t)
 1677                                     cb->uaiocb._aiocb_private.kernelinfo) ==
 1678                                     ijoblist[i]) {
 1679                                         PROC_UNLOCK(p);
 1680                                         splx(s);
 1681                                         if (ujoblist[i] != cb->uuaiocb)
 1682                                                 error = EINVAL;
 1683                                         uma_zfree(aiol_zone, ijoblist);
 1684                                         uma_zfree(aiol_zone, ujoblist);
 1685                                         return (error);
 1686                                 }
 1687                         }
 1688                 }
 1689 
 1690                 ki->kaio_flags |= KAIO_WAKEUP;
 1691                 error = msleep(p, &p->p_mtx, PDROP | PRIBIO | PCATCH, "aiospn",
 1692                     timo);
 1693                 splx(s);
 1694 
 1695                 if (error == ERESTART || error == EINTR) {
 1696                         uma_zfree(aiol_zone, ijoblist);
 1697                         uma_zfree(aiol_zone, ujoblist);
 1698                         return (EINTR);
 1699                 } else if (error == EWOULDBLOCK) {
 1700                         uma_zfree(aiol_zone, ijoblist);
 1701                         uma_zfree(aiol_zone, ujoblist);
 1702                         return (EAGAIN);
 1703                 }
 1704         }
 1705 
 1706 /* NOTREACHED */
 1707         return (EINVAL);
 1708 }
 1709 
 1710 /*
 1711  * aio_cancel cancels any non-physio aio operations not currently in
 1712  * progress.
 1713  */
 1714 int
 1715 aio_cancel(struct thread *td, struct aio_cancel_args *uap)
 1716 {
 1717         struct proc *p = td->td_proc;
 1718         struct kaioinfo *ki;
 1719         struct aiocblist *cbe, *cbn;
 1720         struct file *fp;
 1721         struct filedesc *fdp;
 1722         struct socket *so;
 1723         struct proc *po;
 1724         int s,error;
 1725         int cancelled=0;
 1726         int notcancelled=0;
 1727         struct vnode *vp;
 1728 
 1729         fdp = p->p_fd;
 1730         if ((u_int)uap->fd >= fdp->fd_nfiles ||
 1731             (fp = fdp->fd_ofiles[uap->fd]) == NULL)
 1732                 return (EBADF);
 1733 
 1734         if (fp->f_type == DTYPE_VNODE) {
 1735                 vp = fp->f_vnode;
 1736 
 1737                 if (vn_isdisk(vp,&error)) {
 1738                         td->td_retval[0] = AIO_NOTCANCELED;
 1739                         return (0);
 1740                 }
 1741         } else if (fp->f_type == DTYPE_SOCKET) {
 1742                 so = fp->f_data;
 1743 
 1744                 s = splnet();
 1745 
 1746                 mtx_lock(&aio_freeproc_mtx);
 1747                 for (cbe = TAILQ_FIRST(&so->so_aiojobq); cbe; cbe = cbn) {
 1748                         cbn = TAILQ_NEXT(cbe, list);
 1749                         if ((uap->aiocbp == NULL) ||
 1750                                 (uap->aiocbp == cbe->uuaiocb) ) {
 1751                                 po = cbe->userproc;
 1752                                 ki = po->p_aioinfo;
 1753                                 TAILQ_REMOVE(&so->so_aiojobq, cbe, list);
 1754                                 TAILQ_REMOVE(&ki->kaio_sockqueue, cbe, plist);
 1755                                 TAILQ_INSERT_TAIL(&ki->kaio_jobdone, cbe, plist);
 1756                                 if (ki->kaio_flags & KAIO_WAKEUP) {
 1757                                         wakeup(po);
 1758                                 }
 1759                                 cbe->jobstate = JOBST_JOBFINISHED;
 1760                                 cbe->uaiocb._aiocb_private.status=-1;
 1761                                 cbe->uaiocb._aiocb_private.error=ECANCELED;
 1762                                 cancelled++;
 1763 /* XXX cancelled, knote? */
 1764                                 if (cbe->uaiocb.aio_sigevent.sigev_notify ==
 1765                                     SIGEV_SIGNAL) {
 1766                                         PROC_LOCK(cbe->userproc);
 1767                                         psignal(cbe->userproc, cbe->uaiocb.aio_sigevent.sigev_signo);
 1768                                         PROC_UNLOCK(cbe->userproc);
 1769                                 }
 1770                                 if (uap->aiocbp)
 1771                                         break;
 1772                         }
 1773                 }
 1774                 mtx_unlock(&aio_freeproc_mtx);
 1775                 splx(s);
 1776 
 1777                 if ((cancelled) && (uap->aiocbp)) {
 1778                         td->td_retval[0] = AIO_CANCELED;
 1779                         return (0);
 1780                 }
 1781         }
 1782         ki=p->p_aioinfo;
 1783         if (ki == NULL)
 1784                 goto done;
 1785         s = splnet();
 1786 
 1787         mtx_lock(&aio_freeproc_mtx);
 1788         for (cbe = TAILQ_FIRST(&ki->kaio_jobqueue); cbe; cbe = cbn) {
 1789                 cbn = TAILQ_NEXT(cbe, plist);
 1790 
 1791                 if ((uap->fd == cbe->uaiocb.aio_fildes) &&
 1792                     ((uap->aiocbp == NULL ) ||
 1793                      (uap->aiocbp == cbe->uuaiocb))) {
 1794 
 1795                         if (cbe->jobstate == JOBST_JOBQGLOBAL) {
 1796                                 TAILQ_REMOVE(&aio_jobs, cbe, list);
 1797                                 TAILQ_REMOVE(&ki->kaio_jobqueue, cbe, plist);
 1798                                 TAILQ_INSERT_TAIL(&ki->kaio_jobdone, cbe,
 1799                                     plist);
 1800                                 cancelled++;
 1801                                 ki->kaio_queue_finished_count++;
 1802                                 cbe->jobstate = JOBST_JOBFINISHED;
 1803                                 cbe->uaiocb._aiocb_private.status = -1;
 1804                                 cbe->uaiocb._aiocb_private.error = ECANCELED;
 1805 /* XXX cancelled, knote? */
 1806                                 if (cbe->uaiocb.aio_sigevent.sigev_notify ==
 1807                                     SIGEV_SIGNAL) {
 1808                                         PROC_LOCK(cbe->userproc);
 1809                                         psignal(cbe->userproc, cbe->uaiocb.aio_sigevent.sigev_signo);
 1810                                         PROC_UNLOCK(cbe->userproc);
 1811                                 }
 1812                         } else {
 1813                                 notcancelled++;
 1814                         }
 1815                 }
 1816         }
 1817         mtx_unlock(&aio_freeproc_mtx);
 1818         splx(s);
 1819 done:
 1820         if (notcancelled) {
 1821                 td->td_retval[0] = AIO_NOTCANCELED;
 1822                 return (0);
 1823         }
 1824         if (cancelled) {
 1825                 td->td_retval[0] = AIO_CANCELED;
 1826                 return (0);
 1827         }
 1828         td->td_retval[0] = AIO_ALLDONE;
 1829 
 1830         return (0);
 1831 }
 1832 
 1833 /*
 1834  * aio_error is implemented in the kernel level for compatibility purposes only.
 1835  * For a user mode async implementation, it would be best to do it in a userland
 1836  * subroutine.
 1837  */
 1838 int
 1839 aio_error(struct thread *td, struct aio_error_args *uap)
 1840 {
 1841         struct proc *p = td->td_proc;
 1842         int s;
 1843         struct aiocblist *cb;
 1844         struct kaioinfo *ki;
 1845         long jobref;
 1846 
 1847         ki = p->p_aioinfo;
 1848         if (ki == NULL)
 1849                 return (EINVAL);
 1850 
 1851         jobref = fuword(&uap->aiocbp->_aiocb_private.kernelinfo);
 1852         if ((jobref == -1) || (jobref == 0))
 1853                 return (EINVAL);
 1854 
 1855         mtx_lock(&aio_freeproc_mtx);
 1856         PROC_LOCK(p);
 1857         TAILQ_FOREACH(cb, &ki->kaio_jobdone, plist) {
 1858                 if (((intptr_t)cb->uaiocb._aiocb_private.kernelinfo) ==
 1859                     jobref) {
 1860                         PROC_UNLOCK(p);
 1861                         mtx_unlock(&aio_freeproc_mtx);
 1862                         td->td_retval[0] = cb->uaiocb._aiocb_private.error;
 1863                         return (0);
 1864                 }
 1865         }
 1866 
 1867         s = splnet();
 1868 
 1869         for (cb = TAILQ_FIRST(&ki->kaio_jobqueue); cb; cb = TAILQ_NEXT(cb,
 1870             plist)) {
 1871                 if (((intptr_t)cb->uaiocb._aiocb_private.kernelinfo) ==
 1872                     jobref) {
 1873                         PROC_UNLOCK(p);
 1874                         mtx_unlock(&aio_freeproc_mtx);
 1875                         td->td_retval[0] = EINPROGRESS;
 1876                         splx(s);
 1877                         return (0);
 1878                 }
 1879         }
 1880 
 1881         for (cb = TAILQ_FIRST(&ki->kaio_sockqueue); cb; cb = TAILQ_NEXT(cb,
 1882             plist)) {
 1883                 if (((intptr_t)cb->uaiocb._aiocb_private.kernelinfo) ==
 1884                     jobref) {
 1885                         PROC_UNLOCK(p);
 1886                         mtx_unlock(&aio_freeproc_mtx);
 1887                         td->td_retval[0] = EINPROGRESS;
 1888                         splx(s);
 1889                         return (0);
 1890                 }
 1891         }
 1892         splx(s);
 1893 
 1894         s = splbio();
 1895         for (cb = TAILQ_FIRST(&ki->kaio_bufdone); cb; cb = TAILQ_NEXT(cb,
 1896             plist)) {
 1897                 if (((intptr_t)cb->uaiocb._aiocb_private.kernelinfo) ==
 1898                     jobref) {
 1899                         PROC_UNLOCK(p);
 1900                         mtx_unlock(&aio_freeproc_mtx);
 1901                         td->td_retval[0] = cb->uaiocb._aiocb_private.error;
 1902                         splx(s);
 1903                         return (0);
 1904                 }
 1905         }
 1906 
 1907         for (cb = TAILQ_FIRST(&ki->kaio_bufqueue); cb; cb = TAILQ_NEXT(cb,
 1908             plist)) {
 1909                 if (((intptr_t)cb->uaiocb._aiocb_private.kernelinfo) ==
 1910                     jobref) {
 1911                         PROC_UNLOCK(p);
 1912                         mtx_unlock(&aio_freeproc_mtx);
 1913                         td->td_retval[0] = EINPROGRESS;
 1914                         splx(s);
 1915                         return (0);
 1916                 }
 1917         }
 1918         splx(s);
 1919         PROC_UNLOCK(p);
 1920         mtx_unlock(&aio_freeproc_mtx);
 1921 
 1922 #if (0)
 1923         /*
 1924          * Hack for lio.
 1925          */
 1926         status = fuword(&uap->aiocbp->_aiocb_private.status);
 1927         if (status == -1)
 1928                 return fuword(&uap->aiocbp->_aiocb_private.error);
 1929 #endif
 1930         return (EINVAL);
 1931 }
 1932 
 1933 /* syscall - asynchronous read from a file (REALTIME) */
 1934 int
 1935 aio_read(struct thread *td, struct aio_read_args *uap)
 1936 {
 1937 
 1938         return aio_aqueue(td, uap->aiocbp, LIO_READ);
 1939 }
 1940 
 1941 /* syscall - asynchronous write to a file (REALTIME) */
 1942 int
 1943 aio_write(struct thread *td, struct aio_write_args *uap)
 1944 {
 1945 
 1946         return aio_aqueue(td, uap->aiocbp, LIO_WRITE);
 1947 }
 1948 
 1949 /* syscall - list directed I/O (REALTIME) */
 1950 int
 1951 lio_listio(struct thread *td, struct lio_listio_args *uap)
 1952 {
 1953         struct proc *p = td->td_proc;
 1954         int nent, nentqueued;
 1955         struct aiocb *iocb, * const *cbptr;
 1956         struct aiocblist *cb;
 1957         struct kaioinfo *ki;
 1958         struct aio_liojob *lj;
 1959         int error, runningcode;
 1960         int nerror;
 1961         int i;
 1962         int s;
 1963 
 1964         if ((uap->mode != LIO_NOWAIT) && (uap->mode != LIO_WAIT))
 1965                 return (EINVAL);
 1966 
 1967         nent = uap->nent;
 1968         if (nent < 0 || nent > AIO_LISTIO_MAX)
 1969                 return (EINVAL);
 1970 
 1971         if (p->p_aioinfo == NULL)
 1972                 aio_init_aioinfo(p);
 1973 
 1974         if ((nent + num_queue_count) > max_queue_count)
 1975                 return (EAGAIN);
 1976 
 1977         ki = p->p_aioinfo;
 1978         if ((nent + ki->kaio_queue_count) > ki->kaio_qallowed_count)
 1979                 return (EAGAIN);
 1980 
 1981         lj = uma_zalloc(aiolio_zone, M_WAITOK);
 1982         if (!lj)
 1983                 return (EAGAIN);
 1984 
 1985         lj->lioj_flags = 0;
 1986         lj->lioj_buffer_count = 0;
 1987         lj->lioj_buffer_finished_count = 0;
 1988         lj->lioj_queue_count = 0;
 1989         lj->lioj_queue_finished_count = 0;
 1990 
 1991         /*
 1992          * Setup signal.
 1993          */
 1994         if (uap->sig && (uap->mode == LIO_NOWAIT)) {
 1995                 error = copyin(uap->sig, &lj->lioj_signal,
 1996                     sizeof(lj->lioj_signal));
 1997                 if (error) {
 1998                         uma_zfree(aiolio_zone, lj);
 1999                         return (error);
 2000                 }
 2001                 if (!_SIG_VALID(lj->lioj_signal.sigev_signo)) {
 2002                         uma_zfree(aiolio_zone, lj);
 2003                         return (EINVAL);
 2004                 }
 2005                 lj->lioj_flags |= LIOJ_SIGNAL;
 2006         }
 2007         TAILQ_INSERT_TAIL(&ki->kaio_liojoblist, lj, lioj_list);
 2008         /*
 2009          * Get pointers to the list of I/O requests.
 2010          */
 2011         nerror = 0;
 2012         nentqueued = 0;
 2013         cbptr = uap->acb_list;
 2014         for (i = 0; i < uap->nent; i++) {
 2015                 iocb = (struct aiocb *)(intptr_t)fuword(&cbptr[i]);
 2016                 if (((intptr_t)iocb != -1) && ((intptr_t)iocb != 0)) {
 2017                         error = _aio_aqueue(td, iocb, lj, 0);
 2018                         if (error == 0)
 2019                                 nentqueued++;
 2020                         else
 2021                                 nerror++;
 2022                 }
 2023         }
 2024 
 2025         /*
 2026          * If we haven't queued any, then just return error.
 2027          */
 2028         if (nentqueued == 0)
 2029                 return (0);
 2030 
 2031         /*
 2032          * Calculate the appropriate error return.
 2033          */
 2034         runningcode = 0;
 2035         if (nerror)
 2036                 runningcode = EIO;
 2037 
 2038         if (uap->mode == LIO_WAIT) {
 2039                 int command, found;
 2040                 long jobref;
 2041 
 2042                 for (;;) {
 2043                         found = 0;
 2044                         for (i = 0; i < uap->nent; i++) {
 2045                                 /*
 2046                                  * Fetch address of the control buf pointer in
 2047                                  * user space.
 2048                                  */
 2049                                 iocb = (struct aiocb *)
 2050                                     (intptr_t)fuword(&cbptr[i]);
 2051                                 if (((intptr_t)iocb == -1) || ((intptr_t)iocb
 2052                                     == 0))
 2053                                         continue;
 2054 
 2055                                 /*
 2056                                  * Fetch the associated command from user space.
 2057                                  */
 2058                                 command = fuword(&iocb->aio_lio_opcode);
 2059                                 if (command == LIO_NOP) {
 2060                                         found++;
 2061                                         continue;
 2062                                 }
 2063 
 2064                                 jobref =
 2065                                     fuword(&iocb->_aiocb_private.kernelinfo);
 2066 
 2067                                 TAILQ_FOREACH(cb, &ki->kaio_jobdone, plist) {
 2068                                         if (((intptr_t)cb->uaiocb._aiocb_private.kernelinfo)
 2069                                             == jobref) {
 2070                                                 if (cb->uaiocb.aio_lio_opcode
 2071                                                     == LIO_WRITE) {
 2072                                                         p->p_stats->p_ru.ru_oublock
 2073                                                             +=
 2074                                                             cb->outputcharge;
 2075                                                         cb->outputcharge = 0;
 2076                                                 } else if (cb->uaiocb.aio_lio_opcode
 2077                                                     == LIO_READ) {
 2078                                                         p->p_stats->p_ru.ru_inblock
 2079                                                             += cb->inputcharge;
 2080                                                         cb->inputcharge = 0;
 2081                                                 }
 2082                                                 found++;
 2083                                                 break;
 2084                                         }
 2085                                 }
 2086 
 2087                                 s = splbio();
 2088                                 TAILQ_FOREACH(cb, &ki->kaio_bufdone, plist) {
 2089                                         if (((intptr_t)cb->uaiocb._aiocb_private.kernelinfo)
 2090                                             == jobref) {
 2091                                                 found++;
 2092                                                 break;
 2093                                         }
 2094                                 }
 2095                                 splx(s);
 2096                         }
 2097 
 2098                         /*
 2099                          * If all I/Os have been disposed of, then we can
 2100                          * return.
 2101                          */
 2102                         if (found == nentqueued)
 2103                                 return (runningcode);
 2104 
 2105                         ki->kaio_flags |= KAIO_WAKEUP;
 2106                         error = tsleep(p, PRIBIO | PCATCH, "aiospn", 0);
 2107 
 2108                         if (error == EINTR)
 2109                                 return (EINTR);
 2110                         else if (error == EWOULDBLOCK)
 2111                                 return (EAGAIN);
 2112                 }
 2113         }
 2114 
 2115         return (runningcode);
 2116 }
 2117 
 2118 /*
 2119  * Interrupt handler for physio, performs the necessary process wakeups, and
 2120  * signals.
 2121  */
 2122 static void
 2123 aio_physwakeup(struct buf *bp)
 2124 {
 2125         struct aiocblist *aiocbe;
 2126         struct proc *p;
 2127         struct kaioinfo *ki;
 2128         struct aio_liojob *lj;
 2129 
 2130         mtx_lock(&Giant);
 2131         bp->b_flags |= B_DONE;
 2132         wakeup(bp);
 2133 
 2134         aiocbe = (struct aiocblist *)bp->b_caller1;
 2135         if (aiocbe) {
 2136                 p = aiocbe->userproc;
 2137 
 2138                 aiocbe->jobstate = JOBST_JOBBFINISHED;
 2139                 aiocbe->uaiocb._aiocb_private.status -= bp->b_resid;
 2140                 aiocbe->uaiocb._aiocb_private.error = 0;
 2141                 aiocbe->jobflags |= AIOCBLIST_DONE;
 2142 
 2143                 if (bp->b_ioflags & BIO_ERROR)
 2144                         aiocbe->uaiocb._aiocb_private.error = bp->b_error;
 2145 
 2146                 lj = aiocbe->lio;
 2147                 if (lj) {
 2148                         lj->lioj_buffer_finished_count++;
 2149 
 2150                         /*
 2151                          * wakeup/signal if all of the interrupt jobs are done.
 2152                          */
 2153                         if (lj->lioj_buffer_finished_count ==
 2154                             lj->lioj_buffer_count &&
 2155                             lj->lioj_queue_finished_count ==
 2156                             lj->lioj_queue_count) {
 2157                                 /*
 2158                                  * Post a signal if it is called for.
 2159                                  */
 2160                                 if ((lj->lioj_flags &
 2161                                     (LIOJ_SIGNAL|LIOJ_SIGNAL_POSTED)) ==
 2162                                     LIOJ_SIGNAL) {
 2163                                         PROC_LOCK(p);
 2164                                         psignal(p, lj->lioj_signal.sigev_signo);
 2165                                         PROC_UNLOCK(p);
 2166                                         lj->lioj_flags |= LIOJ_SIGNAL_POSTED;
 2167                                 }
 2168                         }
 2169                 }
 2170 
 2171                 ki = p->p_aioinfo;
 2172                 if (ki) {
 2173                         ki->kaio_buffer_finished_count++;
 2174                         TAILQ_REMOVE(&ki->kaio_bufqueue, aiocbe, plist);
 2175                         TAILQ_INSERT_TAIL(&ki->kaio_bufdone, aiocbe, plist);
 2176 
 2177                         KNOTE_UNLOCKED(&aiocbe->klist, 0);
 2178                         /* Do the wakeup. */
 2179                         if (ki->kaio_flags & (KAIO_RUNDOWN|KAIO_WAKEUP)) {
 2180                                 ki->kaio_flags &= ~KAIO_WAKEUP;
 2181                                 wakeup(p);
 2182                         }
 2183                 }
 2184 
 2185                 if (aiocbe->uaiocb.aio_sigevent.sigev_notify == SIGEV_SIGNAL) {
 2186                         PROC_LOCK(p);
 2187                         psignal(p, aiocbe->uaiocb.aio_sigevent.sigev_signo);
 2188                         PROC_UNLOCK(p);
 2189                 }
 2190         }
 2191         mtx_unlock(&Giant);
 2192 }
 2193 
 2194 /* syscall - wait for the next completion of an aio request */
 2195 int
 2196 aio_waitcomplete(struct thread *td, struct aio_waitcomplete_args *uap)
 2197 {
 2198         struct proc *p = td->td_proc;
 2199         struct timeval atv;
 2200         struct timespec ts;
 2201         struct kaioinfo *ki;
 2202         struct aiocblist *cb = NULL;
 2203         int error, s, timo;
 2204 
 2205         suword(uap->aiocbp, (int)NULL);
 2206 
 2207         timo = 0;
 2208         if (uap->timeout) {
 2209                 /* Get timespec struct. */
 2210                 error = copyin(uap->timeout, &ts, sizeof(ts));
 2211                 if (error)
 2212                         return (error);
 2213 
 2214                 if ((ts.tv_nsec < 0) || (ts.tv_nsec >= 1000000000))
 2215                         return (EINVAL);
 2216 
 2217                 TIMESPEC_TO_TIMEVAL(&atv, &ts);
 2218                 if (itimerfix(&atv))
 2219                         return (EINVAL);
 2220                 timo = tvtohz(&atv);
 2221         }
 2222 
 2223         ki = p->p_aioinfo;
 2224         if (ki == NULL)
 2225                 return (EAGAIN);
 2226 
 2227         for (;;) {
 2228                 PROC_LOCK(p);
 2229                 if ((cb = TAILQ_FIRST(&ki->kaio_jobdone)) != 0) {
 2230                         PROC_UNLOCK(p);
 2231                         suword(uap->aiocbp, (uintptr_t)cb->uuaiocb);
 2232                         td->td_retval[0] = cb->uaiocb._aiocb_private.status;
 2233                         if (cb->uaiocb.aio_lio_opcode == LIO_WRITE) {
 2234                                 p->p_stats->p_ru.ru_oublock +=
 2235                                     cb->outputcharge;
 2236                                 cb->outputcharge = 0;
 2237                         } else if (cb->uaiocb.aio_lio_opcode == LIO_READ) {
 2238                                 p->p_stats->p_ru.ru_inblock += cb->inputcharge;
 2239                                 cb->inputcharge = 0;
 2240                         }
 2241                         error = cb->uaiocb._aiocb_private.error;
 2242                         aio_free_entry(cb);
 2243                         return (error);
 2244                 }
 2245 
 2246                 s = splbio();
 2247                 if ((cb = TAILQ_FIRST(&ki->kaio_bufdone)) != 0 ) {
 2248                         PROC_UNLOCK(p);
 2249                         splx(s);
 2250                         suword(uap->aiocbp, (uintptr_t)cb->uuaiocb);
 2251                         error = cb->uaiocb._aiocb_private.error;
 2252                         td->td_retval[0] = cb->uaiocb._aiocb_private.status;
 2253                         aio_free_entry(cb);
 2254                         return (error);
 2255                 }
 2256 
 2257                 ki->kaio_flags |= KAIO_WAKEUP;
 2258                 error = msleep(p, &p->p_mtx, PDROP | PRIBIO | PCATCH, "aiowc",
 2259                     timo);
 2260                 splx(s);
 2261 
 2262                 if (error == ERESTART)
 2263                         return (EINTR);
 2264                 else if (error < 0)
 2265                         return (error);
 2266                 else if (error == EINTR)
 2267                         return (EINTR);
 2268                 else if (error == EWOULDBLOCK)
 2269                         return (EAGAIN);
 2270         }
 2271 }
 2272 
 2273 /* kqueue attach function */
 2274 static int
 2275 filt_aioattach(struct knote *kn)
 2276 {
 2277         struct aiocblist *aiocbe = (struct aiocblist *)kn->kn_sdata;
 2278 
 2279         /*
 2280          * The aiocbe pointer must be validated before using it, so
 2281          * registration is restricted to the kernel; the user cannot
 2282          * set EV_FLAG1.
 2283          */
 2284         if ((kn->kn_flags & EV_FLAG1) == 0)
 2285                 return (EPERM);
 2286         kn->kn_flags &= ~EV_FLAG1;
 2287 
 2288         knlist_add(&aiocbe->klist, kn, 0);
 2289 
 2290         return (0);
 2291 }
 2292 
 2293 /* kqueue detach function */
 2294 static void
 2295 filt_aiodetach(struct knote *kn)
 2296 {
 2297         struct aiocblist *aiocbe = (struct aiocblist *)kn->kn_sdata;
 2298 
 2299         knlist_remove(&aiocbe->klist, kn, 0);
 2300 }
 2301 
 2302 /* kqueue filter function */
 2303 /*ARGSUSED*/
 2304 static int
 2305 filt_aio(struct knote *kn, long hint)
 2306 {
 2307         struct aiocblist *aiocbe = (struct aiocblist *)kn->kn_sdata;
 2308 
 2309         kn->kn_data = aiocbe->uaiocb._aiocb_private.error;
 2310         if (aiocbe->jobstate != JOBST_JOBFINISHED &&
 2311             aiocbe->jobstate != JOBST_JOBBFINISHED)
 2312                 return (0);
 2313         kn->kn_flags |= EV_EOF;
 2314         return (1);
 2315 }

Cache object: 32651ba7a1e336579d353c63b2582706


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.