[apple/xnu.git] / bsd / kern / kern_fork.c

/*
 * Copyright (c) 2000-2003 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * Copyright (c) 1999-2003 Apple Computer, Inc.  All Rights Reserved.
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
/* Copyright (c) 1995, 1997 Apple Computer, Inc. All Rights Reserved */
/*
 * Copyright (c) 1982, 1986, 1989, 1991, 1993
 *	The Regents of the University of California.  All rights reserved.
 * (c) UNIX System Laboratories, Inc.
 * All or some portions of this file are derived from material licensed
 * to the University of California by American Telephone and Telegraph
 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
 * the permission of UNIX System Laboratories, Inc.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *	This product includes software developed by the University of
 *	California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 *	@(#)kern_fork.c	8.8 (Berkeley) 2/14/95
 */

#include <kern/assert.h>
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/filedesc.h>
#include <sys/kernel.h>
#include <sys/malloc.h>
#include <sys/proc.h>
#include <sys/user.h>
#include <sys/resourcevar.h>
#include <sys/vnode.h>
#include <sys/file.h>
#include <sys/acct.h>
#include <sys/kern_audit.h>
#if KTRACE
#include <sys/ktrace.h>
#endif

#include <mach/mach_types.h>
#include <kern/mach_param.h>

#include <machine/spl.h>

thread_act_t cloneproc(struct proc *, int); 
struct proc * forkproc(struct proc *, int);
thread_act_t procdup();

#define	DOFORK	0x1	/* fork() system call */
#define	DOVFORK	0x2	/* vfork() system call */
static int fork1(struct proc *, long, register_t *);

/*
 * fork system call.
 */
int
fork(p, uap, retval)
	struct proc *p;
	void *uap;
	register_t *retval;
{
	return (fork1(p, (long)DOFORK, retval));
}

/*
 * vfork system call
 */
int
vfork(p, uap, retval)
	struct proc *p;
	void *uap;
	register_t *retval;
{
	register struct proc * newproc;
	register uid_t uid;
	thread_act_t cur_act = (thread_act_t)current_act();
	int count;
	task_t t;
	uthread_t ut;
	
	/*
	 * Although process entries are dynamically created, we still keep
	 * a global limit on the maximum number we will create.  Don't allow
	 * a nonprivileged user to use the last process; don't let root
	 * exceed the limit. The variable nprocs is the current number of
	 * processes, maxproc is the limit.
	 */
	uid = p->p_cred->p_ruid;
	if ((nprocs >= maxproc - 1 && uid != 0) || nprocs >= maxproc) {
		tablefull("proc");
		retval[1] = 0;
		return (EAGAIN);
	}

	/*
	 * Increment the count of procs running with this uid. Don't allow
	 * a nonprivileged user to exceed their current limit.
	 */
	count = chgproccnt(uid, 1);
	if (uid != 0 && count > p->p_rlimit[RLIMIT_NPROC].rlim_cur) {
		(void)chgproccnt(uid, -1);
		return (EAGAIN);
	}

	ut = (struct uthread *)get_bsdthread_info(cur_act);
	if (ut->uu_flag & P_VFORK) {
		printf("vfork called recursively by %s\n", p->p_comm);
		(void)chgproccnt(uid, -1);
		return (EINVAL);
	}
	p->p_flag  |= P_VFORK;
	p->p_vforkcnt++;

	/* The newly created process comes with signal lock held */
	newproc = (struct proc *)forkproc(p,1);

	LIST_INSERT_AFTER(p, newproc, p_pglist);
	newproc->p_pptr = p;
	newproc->task = p->task;
	LIST_INSERT_HEAD(&p->p_children, newproc, p_sibling);
	LIST_INIT(&newproc->p_children);
	LIST_INSERT_HEAD(&allproc, newproc, p_list);
	LIST_INSERT_HEAD(PIDHASH(newproc->p_pid), newproc, p_hash);
	TAILQ_INIT(& newproc->p_evlist);
	newproc->p_stat = SRUN;
	newproc->p_flag  |= P_INVFORK;
	newproc->p_vforkact = cur_act;

	ut->uu_flag |= P_VFORK;
	ut->uu_proc = newproc;
	ut->uu_userstate = (void *)act_thread_csave();
	ut->uu_vforkmask = ut->uu_sigmask;

	thread_set_child(cur_act, newproc->p_pid);

	newproc->p_stats->p_start = time;
	newproc->p_acflag = AFORK;

	/*
	 * Preserve synchronization semantics of vfork.  If waiting for
	 * child to exec or exit, set P_PPWAIT on child, and sleep on our
	 * proc (in case of exit).
	 */
	newproc->p_flag |= P_PPWAIT;

	/* drop the signal lock on the child */
	signal_unlock(newproc);

	retval[0] = newproc->p_pid;
	retval[1] = 1;			/* mark child */

	return (0);
}

/*
 * Return to parent vfork ehread()
 */
void
vfork_return(th_act, p, p2, retval)
	thread_act_t th_act;
	struct proc * p;
	struct proc *p2;
	register_t *retval;
{
	long flags;
	register uid_t uid;
	thread_act_t cur_act = (thread_act_t)current_act();
	int s, count;
	task_t t;
	uthread_t ut;
	
	ut = (struct uthread *)get_bsdthread_info(cur_act);

	act_thread_catt(ut->uu_userstate);

	/* Make sure only one at this time */
	p->p_vforkcnt--;
	if (p->p_vforkcnt <0)
		panic("vfork cnt is -ve");
	if (p->p_vforkcnt <=0)
		p->p_flag  &= ~P_VFORK;
	ut->uu_userstate = 0;
	ut->uu_flag &= ~P_VFORK;
	ut->uu_proc = 0;
	ut->uu_sigmask = ut->uu_vforkmask;
	p2->p_flag  &= ~P_INVFORK;
	p2->p_vforkact = (void *)0;

	thread_set_parent(cur_act, p2->p_pid);

	if (retval) {
		retval[0] = p2->p_pid;
		retval[1] = 0;			/* mark parent */
	}

	return;
}

thread_act_t
procdup(
	struct proc		*child,
	struct proc		*parent)
{
	thread_act_t		thread;
	task_t			task;
 	kern_return_t	result;
 	pmap_t			pmap;
	extern task_t kernel_task;

	if (parent->task == kernel_task)
		result = task_create_internal(TASK_NULL, FALSE, &task);
	else
		result = task_create_internal(parent->task, TRUE, &task);
	if (result != KERN_SUCCESS)
	    printf("fork/procdup: task_create failed. Code: 0x%x\n", result);
	child->task = task;
	/* task->proc = child; */
	set_bsdtask_info(task, child);
	if (child->p_nice != 0)
		resetpriority(child);
		
	result = thread_create(task, &thread);
	if (result != KERN_SUCCESS)
	    printf("fork/procdup: thread_create failed. Code: 0x%x\n", result);

	return(thread);
}


static int
fork1(p1, flags, retval)
	struct proc *p1;
	long flags;
	register_t *retval;
{
	register struct proc *p2;
	register uid_t uid;
	thread_act_t newth;
	int s, count;
        task_t t;

	/*
	 * Although process entries are dynamically created, we still keep
	 * a global limit on the maximum number we will create.  Don't allow
	 * a nonprivileged user to use the last process; don't let root
	 * exceed the limit. The variable nprocs is the current number of
	 * processes, maxproc is the limit.
	 */
	uid = p1->p_cred->p_ruid;
	if ((nprocs >= maxproc - 1 && uid != 0) || nprocs >= maxproc) {
		tablefull("proc");
		retval[1] = 0;
		return (EAGAIN);
	}

	/*
	 * Increment the count of procs running with this uid. Don't allow
	 * a nonprivileged user to exceed their current limit.
	 */
	count = chgproccnt(uid, 1);
	if (uid != 0 && count > p1->p_rlimit[RLIMIT_NPROC].rlim_cur) {
		(void)chgproccnt(uid, -1);
		return (EAGAIN);
	}

	/* The newly created process comes with signal lock held */
	newth = cloneproc(p1, 1);
	thread_dup(newth);
	/* p2 = newth->task->proc; */
	p2 = (struct proc *)(get_bsdtask_info(get_threadtask(newth)));

	thread_set_child(newth, p2->p_pid);

	s = splhigh();
	p2->p_stats->p_start = time;
	splx(s);
	p2->p_acflag = AFORK;

	/*
	 * Preserve synchronization semantics of vfork.  If waiting for
	 * child to exec or exit, set P_PPWAIT on child, and sleep on our
	 * proc (in case of exit).
	 */
	if (flags == DOVFORK)
		p2->p_flag |= P_PPWAIT;
	/* drop the signal lock on the child */
	signal_unlock(p2);

	(void) thread_resume(newth);

        /* drop the extra references we got during the creation */
        if (t = (task_t)get_threadtask(newth)) {
                task_deallocate(t);
        }
        act_deallocate(newth);

	KNOTE(&p1->p_klist, NOTE_FORK | p2->p_pid);

	while (p2->p_flag & P_PPWAIT)
		tsleep(p1, PWAIT, "ppwait", 0);

	retval[0] = p2->p_pid;
	retval[1] = 0;			/* mark parent */

	return (0);
}

/*
 * cloneproc()
 *
 * Create a new process from a specified process.
 * On return newly created child process has signal
 * lock held to block delivery of signal to it if called with
 * lock set. fork() code needs to explicity remove this lock 
 * before signals can be delivered
 */
thread_act_t
cloneproc(p1, lock)
	register struct proc *p1;
	register int lock;
{
	register struct proc *p2;
	thread_act_t th;

	p2 = (struct proc *)forkproc(p1,lock);


	th = procdup(p2, p1);	/* child, parent */

	LIST_INSERT_AFTER(p1, p2, p_pglist);
	p2->p_pptr = p1;
	LIST_INSERT_HEAD(&p1->p_children, p2, p_sibling);
	LIST_INIT(&p2->p_children);
	LIST_INSERT_HEAD(&allproc, p2, p_list);
	LIST_INSERT_HEAD(PIDHASH(p2->p_pid), p2, p_hash);
	TAILQ_INIT(&p2->p_evlist);
	/*
	 * Make child runnable, set start time.
	 */
	p2->p_stat = SRUN;

	return(th);
}

struct proc *
forkproc(p1, lock)
	register struct proc *p1;
	register int lock;
{
	register struct proc *p2, *newproc;
	static int nextpid = 0, pidchecked = 0;
	thread_t th;

	/* Allocate new proc. */
	MALLOC_ZONE(newproc, struct proc *,
			sizeof *newproc, M_PROC, M_WAITOK);
	MALLOC_ZONE(newproc->p_cred, struct pcred *,
			sizeof *newproc->p_cred, M_SUBPROC, M_WAITOK);
	MALLOC_ZONE(newproc->p_stats, struct pstats *,
			sizeof *newproc->p_stats, M_SUBPROC, M_WAITOK);
	MALLOC_ZONE(newproc->p_sigacts, struct sigacts *,
			sizeof *newproc->p_sigacts, M_SUBPROC, M_WAITOK);

	/*
	 * Find an unused process ID.  We remember a range of unused IDs
	 * ready to use (from nextpid+1 through pidchecked-1).
	 */
	nextpid++;
retry:
	/*
	 * If the process ID prototype has wrapped around,
	 * restart somewhat above 0, as the low-numbered procs
	 * tend to include daemons that don't exit.
	 */
	if (nextpid >= PID_MAX) {
		nextpid = 100;
		pidchecked = 0;
	}
	if (nextpid >= pidchecked) {
		int doingzomb = 0;

		pidchecked = PID_MAX;
		/*
		 * Scan the active and zombie procs to check whether this pid
		 * is in use.  Remember the lowest pid that's greater
		 * than nextpid, so we can avoid checking for a while.
		 */
		p2 = allproc.lh_first;
again:
		for (; p2 != 0; p2 = p2->p_list.le_next) {
			while (p2->p_pid == nextpid ||
			    p2->p_pgrp->pg_id == nextpid ||
				p2->p_session->s_sid == nextpid) {
				nextpid++;
				if (nextpid >= pidchecked)
					goto retry;
			}
			if (p2->p_pid > nextpid && pidchecked > p2->p_pid)
				pidchecked = p2->p_pid;
			if (p2->p_pgrp && p2->p_pgrp->pg_id > nextpid && 
			    pidchecked > p2->p_pgrp->pg_id)
				pidchecked = p2->p_pgrp->pg_id;
			if (p2->p_session->s_sid > nextpid &&
				pidchecked > p2->p_session->s_sid)
				pidchecked = p2->p_session->s_sid;
		}
		if (!doingzomb) {
			doingzomb = 1;
			p2 = zombproc.lh_first;
			goto again;
		}
	}

	nprocs++;
	p2 = newproc;
	p2->p_stat = SIDL;
	p2->p_pid = nextpid;

	/*
	 * Make a proc table entry for the new process.
	 * Start by zeroing the section of proc that is zero-initialized,
	 * then copy the section that is copied directly from the parent.
	 */
	bzero(&p2->p_startzero,
	    (unsigned) ((caddr_t)&p2->p_endzero - (caddr_t)&p2->p_startzero));
	bcopy(&p1->p_startcopy, &p2->p_startcopy,
	    (unsigned) ((caddr_t)&p2->p_endcopy - (caddr_t)&p2->p_startcopy));
	p2->vm_shm = (void *)NULL; /* Make sure it is zero */

	/*
	 * Copy the audit info.
	 */
	audit_proc_fork(p1, p2);

	/*
	 * Duplicate sub-structures as needed.
	 * Increase reference counts on shared objects.
	 * The p_stats and p_sigacts substructs are set in vm_fork.
	 */
	p2->p_flag = P_INMEM;
	p2->p_flag |= (p1->p_flag & P_CLASSIC); // copy from parent
	p2->p_flag |= (p1->p_flag & P_AFFINITY); // copy from parent
	if (p1->p_flag & P_PROFIL)
		startprofclock(p2);
	bcopy(p1->p_cred, p2->p_cred, sizeof(*p2->p_cred));
	p2->p_cred->p_refcnt = 1;
	crhold(p1->p_ucred);
	lockinit(&p2->p_cred->pc_lock, PLOCK, "proc cred", 0, 0);
	klist_init(&p2->p_klist);

	/* bump references to the text vnode */
	p2->p_textvp = p1->p_textvp;
	if (p2->p_textvp)
		VREF(p2->p_textvp);

	p2->p_fd = fdcopy(p1);
	if (p1->vm_shm) {
		shmfork(p1,p2);
	}
	/*
	 * If p_limit is still copy-on-write, bump refcnt,
	 * otherwise get a copy that won't be modified.
	 * (If PL_SHAREMOD is clear, the structure is shared
	 * copy-on-write.)
	 */
	if (p1->p_limit->p_lflags & PL_SHAREMOD)
		p2->p_limit = limcopy(p1->p_limit);
	else {
		p2->p_limit = p1->p_limit;
		p2->p_limit->p_refcnt++;
	}

	bzero(&p2->p_stats->pstat_startzero,
	    (unsigned) ((caddr_t)&p2->p_stats->pstat_endzero -
	    (caddr_t)&p2->p_stats->pstat_startzero));
	bcopy(&p1->p_stats->pstat_startcopy, &p2->p_stats->pstat_startcopy,
	    ((caddr_t)&p2->p_stats->pstat_endcopy -
	     (caddr_t)&p2->p_stats->pstat_startcopy));

	if (p1->p_sigacts != NULL)
		(void)memcpy(p2->p_sigacts,
				p1->p_sigacts, sizeof *p2->p_sigacts);
	else
		(void)memset(p2->p_sigacts, 0, sizeof *p2->p_sigacts);

	if (p1->p_session->s_ttyvp != NULL && p1->p_flag & P_CONTROLT)
		p2->p_flag |= P_CONTROLT;

	p2->p_argslen = p1->p_argslen;
	p2->p_argc = p1->p_argc;
	p2->p_xstat = 0;
	p2->p_ru = NULL;

	p2->p_debugger = 0;	/* don't inherit */
	lockinit(&p2->signal_lock, PVM, "signal", 0, 0);
	/* block all signals to reach the process */
	if (lock)
		signal_lock(p2);
	p2->sigwait = FALSE;
	p2->sigwait_thread = NULL;
	p2->exit_thread = NULL;
	p2->user_stack = p1->user_stack;
	p2->p_vforkcnt = 0;
	p2->p_vforkact = 0;
	TAILQ_INIT(&p2->p_uthlist);
	TAILQ_INIT(&p2->aio_activeq);
	TAILQ_INIT(&p2->aio_doneq);
	p2->aio_active_count = 0;
	p2->aio_done_count = 0;

#if KTRACE
	/*
	 * Copy traceflag and tracefile if enabled.
	 * If not inherited, these were zeroed above.
	 */
	if (p1->p_traceflag&KTRFAC_INHERIT) {
		p2->p_traceflag = p1->p_traceflag;
		if ((p2->p_tracep = p1->p_tracep) != NULL)
			VREF(p2->p_tracep);
	}
#endif
	return(p2);

}

#include <kern/zalloc.h>

struct zone	*uthread_zone;
int uthread_zone_inited = 0;

void
uthread_zone_init()
{
	if (!uthread_zone_inited) {
		uthread_zone = zinit(sizeof(struct uthread),
							THREAD_MAX * sizeof(struct uthread),
							THREAD_CHUNK * sizeof(struct uthread),
							"uthreads");
		uthread_zone_inited = 1;
	}
}

void *
uthread_alloc(task_t task, thread_act_t thr_act )
{
	struct proc *p;
	struct uthread *uth, *uth_parent;
	void *ut;
	extern task_t kernel_task;
	boolean_t funnel_state;

	if (!uthread_zone_inited)
		uthread_zone_init();

	ut = (void *)zalloc(uthread_zone);
	bzero(ut, sizeof(struct uthread));

	if (task != kernel_task) {
		uth = (struct uthread *)ut;
		p = (struct proc *) get_bsdtask_info(task);

		funnel_state = thread_funnel_set(kernel_flock, TRUE);
		uth_parent = (struct uthread *)get_bsdthread_info(current_act());
		if (uth_parent) {
			if (uth_parent->uu_flag & USAS_OLDMASK)
				uth->uu_sigmask = uth_parent->uu_oldmask;
			else
				uth->uu_sigmask = uth_parent->uu_sigmask;
		}
		uth->uu_act = thr_act;
		//signal_lock(p);
		if (p)
			TAILQ_INSERT_TAIL(&p->p_uthlist, uth, uu_list);
		//signal_unlock(p);
		(void)thread_funnel_set(kernel_flock, funnel_state);
	}

	return (ut);
}


void
uthread_free(task_t task, void *uthread, void * bsd_info)
{
	struct _select *sel;
	struct uthread *uth = (struct uthread *)uthread;
	struct proc * p = (struct proc *)bsd_info;
	extern task_t kernel_task;
	int size;
	boolean_t funnel_state;
	struct nlminfo *nlmp;

	/*
	 * Per-thread audit state should never last beyond system
	 * call return.  Since we don't audit the thread creation/
	 * removal, the thread state pointer should never be
	 * non-NULL when we get here.
	 */
	assert(uth->uu_ar == NULL);

	sel = &uth->uu_state.ss_select;
	/* cleanup the select bit space */
	if (sel->nbytes) {
		FREE(sel->ibits, M_TEMP);
		FREE(sel->obits, M_TEMP);
	}

	if (sel->allocsize && uth->uu_wqsub){
		kfree(uth->uu_wqsub, sel->allocsize);
		sel->count = sel->nfcount = 0;
		sel->allocsize = 0;
		uth->uu_wqsub = 0;
		sel->wql = 0;
	}

	if ((nlmp = uth->uu_nlminfo)) {
		uth->uu_nlminfo = 0;
		FREE(nlmp, M_LOCKF);
	}

	if ((task != kernel_task) && p) {
		funnel_state = thread_funnel_set(kernel_flock, TRUE);
		//signal_lock(p);
		TAILQ_REMOVE(&p->p_uthlist, uth, uu_list);
		//signal_unlock(p);
		(void)thread_funnel_set(kernel_flock, funnel_state);
	}
	/* and free the uthread itself */
	zfree(uthread_zone, (vm_offset_t)uthread);
}
Commit	Line	Data
1c79356b	1	/*
55e303ae	2	* Copyright (c) 2000-2003 Apple Computer, Inc. All rights reserved.
1c79356b A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
43866e37	6	* Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved.
1c79356b	7	*
43866e37 A	8	* This file contains Original Code and/or Modifications of Original Code
	9	* as defined in and that are subject to the Apple Public Source License
	10	* Version 2.0 (the 'License'). You may not use this file except in
	11	* compliance with the License. Please obtain a copy of the License at
	12	* http://www.opensource.apple.com/apsl/ and read it before using this
	13	* file.
	14	*
	15	* The Original Code and all software distributed under the License are
	16	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
1c79356b A	17	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
1c79356b A	18	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
43866e37 A	19	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	20	* Please see the License for the specific language governing rights and
	21	* limitations under the License.
1c79356b A	22	*
	23	* @APPLE_LICENSE_HEADER_END@
	24	*/
	25	/* Copyright (c) 1995, 1997 Apple Computer, Inc. All Rights Reserved */
	26	/*
	27	* Copyright (c) 1982, 1986, 1989, 1991, 1993
	28	* The Regents of the University of California. All rights reserved.
	29	* (c) UNIX System Laboratories, Inc.
	30	* All or some portions of this file are derived from material licensed
	31	* to the University of California by American Telephone and Telegraph
	32	* Co. or Unix System Laboratories, Inc. and are reproduced herein with
	33	* the permission of UNIX System Laboratories, Inc.
	34	*
	35	* Redistribution and use in source and binary forms, with or without
	36	* modification, are permitted provided that the following conditions
	37	* are met:
	38	* 1. Redistributions of source code must retain the above copyright
	39	* notice, this list of conditions and the following disclaimer.
	40	* 2. Redistributions in binary form must reproduce the above copyright
	41	* notice, this list of conditions and the following disclaimer in the
	42	* documentation and/or other materials provided with the distribution.
	43	* 3. All advertising materials mentioning features or use of this software
	44	* must display the following acknowledgement:
	45	* This product includes software developed by the University of
	46	* California, Berkeley and its contributors.
	47	* 4. Neither the name of the University nor the names of its contributors
	48	* may be used to endorse or promote products derived from this software
	49	* without specific prior written permission.
	50	*
	51	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	52	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	53	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	54	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	55	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	56	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	57	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	58	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	59	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	60	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	61	* SUCH DAMAGE.
	62	*
	63	* @(#)kern_fork.c 8.8 (Berkeley) 2/14/95
	64	*/
	65
55e303ae	66	#include <kern/assert.h>
1c79356b A	67	#include <sys/param.h>
	68	#include <sys/systm.h>
	69	#include <sys/filedesc.h>
	70	#include <sys/kernel.h>
	71	#include <sys/malloc.h>
	72	#include <sys/proc.h>
	73	#include <sys/user.h>
	74	#include <sys/resourcevar.h>
	75	#include <sys/vnode.h>
	76	#include <sys/file.h>
	77	#include <sys/acct.h>
55e303ae	78	#include <sys/kern_audit.h>
9bccf70c	79	#if KTRACE
1c79356b	80	#include <sys/ktrace.h>
9bccf70c	81	#endif
1c79356b A	82
	83	#include <mach/mach_types.h>
	84	#include <kern/mach_param.h>
	85
	86	#include <machine/spl.h>
	87
9bccf70c	88	thread_act_t cloneproc(struct proc *, int);
0b4e3aa0	89	struct proc * forkproc(struct proc *, int);
9bccf70c	90	thread_act_t procdup();
1c79356b A	91
	92	#define DOFORK 0x1 /* fork() system call */
	93	#define DOVFORK 0x2 /* vfork() system call */
	94	static int fork1(struct proc , long, register_t );
	95
	96	/*
	97	* fork system call.
	98	*/
	99	int
	100	fork(p, uap, retval)
	101	struct proc *p;
	102	void *uap;
	103	register_t *retval;
	104	{
	105	return (fork1(p, (long)DOFORK, retval));
	106	}
	107
	108	/*
	109	* vfork system call
	110	*/
	111	int
	112	vfork(p, uap, retval)
	113	struct proc *p;
	114	void *uap;
	115	register_t *retval;
	116	{
0b4e3aa0 A	117	register struct proc * newproc;
	118	register uid_t uid;
	119	thread_act_t cur_act = (thread_act_t)current_act();
	120	int count;
	121	task_t t;
	122	uthread_t ut;
	123
	124	/*
	125	* Although process entries are dynamically created, we still keep
	126	* a global limit on the maximum number we will create. Don't allow
	127	* a nonprivileged user to use the last process; don't let root
	128	* exceed the limit. The variable nprocs is the current number of
	129	* processes, maxproc is the limit.
	130	*/
	131	uid = p->p_cred->p_ruid;
	132	if ((nprocs >= maxproc - 1 && uid != 0) \|\| nprocs >= maxproc) {
	133	tablefull("proc");
	134	retval[1] = 0;
	135	return (EAGAIN);
	136	}
	137
	138	/*
	139	* Increment the count of procs running with this uid. Don't allow
	140	* a nonprivileged user to exceed their current limit.
	141	*/
	142	count = chgproccnt(uid, 1);
	143	if (uid != 0 && count > p->p_rlimit[RLIMIT_NPROC].rlim_cur) {
	144	(void)chgproccnt(uid, -1);
	145	return (EAGAIN);
	146	}
	147
	148	ut = (struct uthread *)get_bsdthread_info(cur_act);
	149	if (ut->uu_flag & P_VFORK) {
	150	printf("vfork called recursively by %s\n", p->p_comm);
55e303ae	151	(void)chgproccnt(uid, -1);
0b4e3aa0 A	152	return (EINVAL);
	153	}
	154	p->p_flag \|= P_VFORK;
	155	p->p_vforkcnt++;
	156
	157	/* The newly created process comes with signal lock held */
	158	newproc = (struct proc *)forkproc(p,1);
	159
	160	LIST_INSERT_AFTER(p, newproc, p_pglist);
	161	newproc->p_pptr = p;
	162	newproc->task = p->task;
	163	LIST_INSERT_HEAD(&p->p_children, newproc, p_sibling);
	164	LIST_INIT(&newproc->p_children);
	165	LIST_INSERT_HEAD(&allproc, newproc, p_list);
	166	LIST_INSERT_HEAD(PIDHASH(newproc->p_pid), newproc, p_hash);
	167	TAILQ_INIT(& newproc->p_evlist);
	168	newproc->p_stat = SRUN;
	169	newproc->p_flag \|= P_INVFORK;
	170	newproc->p_vforkact = cur_act;
	171
	172	ut->uu_flag \|= P_VFORK;
	173	ut->uu_proc = newproc;
	174	ut->uu_userstate = (void *)act_thread_csave();
9bccf70c	175	ut->uu_vforkmask = ut->uu_sigmask;
0b4e3aa0 A	176
	177	thread_set_child(cur_act, newproc->p_pid);
	178
	179	newproc->p_stats->p_start = time;
	180	newproc->p_acflag = AFORK;
	181
	182	/*
	183	* Preserve synchronization semantics of vfork. If waiting for
	184	* child to exec or exit, set P_PPWAIT on child, and sleep on our
	185	* proc (in case of exit).
	186	*/
	187	newproc->p_flag \|= P_PPWAIT;
	188
	189	/* drop the signal lock on the child */
	190	signal_unlock(newproc);
	191
	192	retval[0] = newproc->p_pid;
	193	retval[1] = 1; /* mark child */
	194
	195	return (0);
1c79356b A	196	}
1c79356b A	197
0b4e3aa0 A	198	/*
	199	* Return to parent vfork ehread()
	200	*/
	201	void
	202	vfork_return(th_act, p, p2, retval)
	203	thread_act_t th_act;
	204	struct proc * p;
	205	struct proc *p2;
	206	register_t *retval;
	207	{
	208	long flags;
	209	register uid_t uid;
0b4e3aa0 A	210	thread_act_t cur_act = (thread_act_t)current_act();
	211	int s, count;
	212	task_t t;
	213	uthread_t ut;
	214
	215	ut = (struct uthread *)get_bsdthread_info(cur_act);
	216
	217	act_thread_catt(ut->uu_userstate);
	218
	219	/* Make sure only one at this time */
	220	p->p_vforkcnt--;
	221	if (p->p_vforkcnt <0)
	222	panic("vfork cnt is -ve");
	223	if (p->p_vforkcnt <=0)
	224	p->p_flag &= ~P_VFORK;
	225	ut->uu_userstate = 0;
	226	ut->uu_flag &= ~P_VFORK;
	227	ut->uu_proc = 0;
9bccf70c	228	ut->uu_sigmask = ut->uu_vforkmask;
0b4e3aa0 A	229	p2->p_flag &= ~P_INVFORK;
	230	p2->p_vforkact = (void *)0;
	231
	232	thread_set_parent(cur_act, p2->p_pid);
	233
	234	if (retval) {
	235	retval[0] = p2->p_pid;
	236	retval[1] = 0; /* mark parent */
	237	}
	238
	239	return;
	240	}
	241
9bccf70c	242	thread_act_t
0b4e3aa0 A	243	procdup(
	244	struct proc *child,
	245	struct proc *parent)
	246	{
9bccf70c	247	thread_act_t thread;
0b4e3aa0 A	248	task_t task;
0b4e3aa0 A	249	kern_return_t result;
55e303ae	250	pmap_t pmap;
0b4e3aa0 A	251	extern task_t kernel_task;
	252
	253	if (parent->task == kernel_task)
55e303ae	254	result = task_create_internal(TASK_NULL, FALSE, &task);
0b4e3aa0	255	else
55e303ae	256	result = task_create_internal(parent->task, TRUE, &task);
0b4e3aa0 A	257	if (result != KERN_SUCCESS)
	258	printf("fork/procdup: task_create failed. Code: 0x%x\n", result);
	259	child->task = task;
	260	/* task->proc = child; */
	261	set_bsdtask_info(task, child);
	262	if (child->p_nice != 0)
	263	resetpriority(child);
55e303ae	264
0b4e3aa0 A	265	result = thread_create(task, &thread);
	266	if (result != KERN_SUCCESS)
	267	printf("fork/procdup: thread_create failed. Code: 0x%x\n", result);
	268
	269	return(thread);
	270	}
	271
	272
1c79356b A	273	static int
	274	fork1(p1, flags, retval)
	275	struct proc *p1;
	276	long flags;
	277	register_t *retval;
	278	{
	279	register struct proc *p2;
	280	register uid_t uid;
9bccf70c	281	thread_act_t newth;
1c79356b A	282	int s, count;
	283	task_t t;
	284
	285	/*
	286	* Although process entries are dynamically created, we still keep
	287	* a global limit on the maximum number we will create. Don't allow
	288	* a nonprivileged user to use the last process; don't let root
	289	* exceed the limit. The variable nprocs is the current number of
	290	* processes, maxproc is the limit.
	291	*/
	292	uid = p1->p_cred->p_ruid;
	293	if ((nprocs >= maxproc - 1 && uid != 0) \|\| nprocs >= maxproc) {
	294	tablefull("proc");
	295	retval[1] = 0;
	296	return (EAGAIN);
	297	}
	298
	299	/*
	300	* Increment the count of procs running with this uid. Don't allow
	301	* a nonprivileged user to exceed their current limit.
	302	*/
	303	count = chgproccnt(uid, 1);
	304	if (uid != 0 && count > p1->p_rlimit[RLIMIT_NPROC].rlim_cur) {
	305	(void)chgproccnt(uid, -1);
	306	return (EAGAIN);
	307	}
	308
	309	/* The newly created process comes with signal lock held */
	310	newth = cloneproc(p1, 1);
9bccf70c	311	thread_dup(newth);
1c79356b A	312	/* p2 = newth->task->proc; */
	313	p2 = (struct proc *)(get_bsdtask_info(get_threadtask(newth)));
	314
	315	thread_set_child(newth, p2->p_pid);
	316
	317	s = splhigh();
	318	p2->p_stats->p_start = time;
	319	splx(s);
	320	p2->p_acflag = AFORK;
	321
	322	/*
	323	* Preserve synchronization semantics of vfork. If waiting for
	324	* child to exec or exit, set P_PPWAIT on child, and sleep on our
	325	* proc (in case of exit).
	326	*/
	327	if (flags == DOVFORK)
	328	p2->p_flag \|= P_PPWAIT;
	329	/* drop the signal lock on the child */
	330	signal_unlock(p2);
	331
	332	(void) thread_resume(newth);
	333
	334	/* drop the extra references we got during the creation */
0b4e3aa0	335	if (t = (task_t)get_threadtask(newth)) {
1c79356b A	336	task_deallocate(t);
	337	}
	338	act_deallocate(newth);
	339
55e303ae A	340	KNOTE(&p1->p_klist, NOTE_FORK \| p2->p_pid);
55e303ae A	341
1c79356b A	342	while (p2->p_flag & P_PPWAIT)
	343	tsleep(p1, PWAIT, "ppwait", 0);
	344
	345	retval[0] = p2->p_pid;
	346	retval[1] = 0; /* mark parent */
	347
	348	return (0);
	349	}
	350
	351	/*
	352	* cloneproc()
	353	*
	354	* Create a new process from a specified process.
	355	* On return newly created child process has signal
	356	* lock held to block delivery of signal to it if called with
	357	* lock set. fork() code needs to explicity remove this lock
	358	* before signals can be delivered
	359	*/
9bccf70c	360	thread_act_t
1c79356b A	361	cloneproc(p1, lock)
	362	register struct proc *p1;
	363	register int lock;
0b4e3aa0 A	364	{
0b4e3aa0 A	365	register struct proc *p2;
9bccf70c	366	thread_act_t th;
0b4e3aa0 A	367
0b4e3aa0 A	368	p2 = (struct proc *)forkproc(p1,lock);
9bccf70c A	369
9bccf70c A	370
0b4e3aa0 A	371	th = procdup(p2, p1); /* child, parent */
	372
	373	LIST_INSERT_AFTER(p1, p2, p_pglist);
	374	p2->p_pptr = p1;
	375	LIST_INSERT_HEAD(&p1->p_children, p2, p_sibling);
	376	LIST_INIT(&p2->p_children);
	377	LIST_INSERT_HEAD(&allproc, p2, p_list);
	378	LIST_INSERT_HEAD(PIDHASH(p2->p_pid), p2, p_hash);
	379	TAILQ_INIT(&p2->p_evlist);
	380	/*
	381	* Make child runnable, set start time.
	382	*/
	383	p2->p_stat = SRUN;
	384
	385	return(th);
	386	}
	387
	388	struct proc *
	389	forkproc(p1, lock)
	390	register struct proc *p1;
	391	register int lock;
1c79356b A	392	{
	393	register struct proc p2, newproc;
	394	static int nextpid = 0, pidchecked = 0;
	395	thread_t th;
	396
	397	/* Allocate new proc. */
	398	MALLOC_ZONE(newproc, struct proc *,
	399	sizeof *newproc, M_PROC, M_WAITOK);
	400	MALLOC_ZONE(newproc->p_cred, struct pcred *,
	401	sizeof *newproc->p_cred, M_SUBPROC, M_WAITOK);
	402	MALLOC_ZONE(newproc->p_stats, struct pstats *,
	403	sizeof *newproc->p_stats, M_SUBPROC, M_WAITOK);
	404	MALLOC_ZONE(newproc->p_sigacts, struct sigacts *,
	405	sizeof *newproc->p_sigacts, M_SUBPROC, M_WAITOK);
	406
	407	/*
	408	* Find an unused process ID. We remember a range of unused IDs
	409	* ready to use (from nextpid+1 through pidchecked-1).
	410	*/
	411	nextpid++;
	412	retry:
	413	/*
	414	* If the process ID prototype has wrapped around,
	415	* restart somewhat above 0, as the low-numbered procs
	416	* tend to include daemons that don't exit.
	417	*/
	418	if (nextpid >= PID_MAX) {
	419	nextpid = 100;
	420	pidchecked = 0;
	421	}
	422	if (nextpid >= pidchecked) {
	423	int doingzomb = 0;
	424
	425	pidchecked = PID_MAX;
	426	/*
	427	* Scan the active and zombie procs to check whether this pid
	428	* is in use. Remember the lowest pid that's greater
	429	* than nextpid, so we can avoid checking for a while.
	430	*/
	431	p2 = allproc.lh_first;
	432	again:
	433	for (; p2 != 0; p2 = p2->p_list.le_next) {
	434	while (p2->p_pid == nextpid \|\|
9bccf70c A	435	p2->p_pgrp->pg_id == nextpid \|\|
9bccf70c A	436	p2->p_session->s_sid == nextpid) {
1c79356b A	437	nextpid++;
	438	if (nextpid >= pidchecked)
	439	goto retry;
	440	}
	441	if (p2->p_pid > nextpid && pidchecked > p2->p_pid)
	442	pidchecked = p2->p_pid;
	443	if (p2->p_pgrp && p2->p_pgrp->pg_id > nextpid &&
	444	pidchecked > p2->p_pgrp->pg_id)
	445	pidchecked = p2->p_pgrp->pg_id;
9bccf70c A	446	if (p2->p_session->s_sid > nextpid &&
	447	pidchecked > p2->p_session->s_sid)
	448	pidchecked = p2->p_session->s_sid;
1c79356b A	449	}
	450	if (!doingzomb) {
	451	doingzomb = 1;
	452	p2 = zombproc.lh_first;
	453	goto again;
	454	}
	455	}
	456
	457	nprocs++;
	458	p2 = newproc;
	459	p2->p_stat = SIDL;
	460	p2->p_pid = nextpid;
	461
	462	/*
	463	* Make a proc table entry for the new process.
	464	* Start by zeroing the section of proc that is zero-initialized,
	465	* then copy the section that is copied directly from the parent.
	466	*/
	467	bzero(&p2->p_startzero,
	468	(unsigned) ((caddr_t)&p2->p_endzero - (caddr_t)&p2->p_startzero));
	469	bcopy(&p1->p_startcopy, &p2->p_startcopy,
	470	(unsigned) ((caddr_t)&p2->p_endcopy - (caddr_t)&p2->p_startcopy));
	471	p2->vm_shm = (void )NULL; / Make sure it is zero */
	472
55e303ae A	473	/*
	474	* Copy the audit info.
	475	*/
	476	audit_proc_fork(p1, p2);
	477
1c79356b A	478	/*
	479	* Duplicate sub-structures as needed.
	480	* Increase reference counts on shared objects.
	481	* The p_stats and p_sigacts substructs are set in vm_fork.
	482	*/
	483	p2->p_flag = P_INMEM;
55e303ae A	484	p2->p_flag \|= (p1->p_flag & P_CLASSIC); // copy from parent
55e303ae A	485	p2->p_flag \|= (p1->p_flag & P_AFFINITY); // copy from parent
1c79356b A	486	if (p1->p_flag & P_PROFIL)
	487	startprofclock(p2);
	488	bcopy(p1->p_cred, p2->p_cred, sizeof(*p2->p_cred));
	489	p2->p_cred->p_refcnt = 1;
	490	crhold(p1->p_ucred);
	491	lockinit(&p2->p_cred->pc_lock, PLOCK, "proc cred", 0, 0);
55e303ae	492	klist_init(&p2->p_klist);
1c79356b	493
9bccf70c	494	/* bump references to the text vnode */
1c79356b A	495	p2->p_textvp = p1->p_textvp;
	496	if (p2->p_textvp)
	497	VREF(p2->p_textvp);
	498
	499	p2->p_fd = fdcopy(p1);
	500	if (p1->vm_shm) {
	501	shmfork(p1,p2);
	502	}
	503	/*
	504	* If p_limit is still copy-on-write, bump refcnt,
	505	* otherwise get a copy that won't be modified.
	506	* (If PL_SHAREMOD is clear, the structure is shared
	507	* copy-on-write.)
	508	*/
	509	if (p1->p_limit->p_lflags & PL_SHAREMOD)
	510	p2->p_limit = limcopy(p1->p_limit);
	511	else {
	512	p2->p_limit = p1->p_limit;
	513	p2->p_limit->p_refcnt++;
	514	}
	515
	516	bzero(&p2->p_stats->pstat_startzero,
	517	(unsigned) ((caddr_t)&p2->p_stats->pstat_endzero -
	518	(caddr_t)&p2->p_stats->pstat_startzero));
	519	bcopy(&p1->p_stats->pstat_startcopy, &p2->p_stats->pstat_startcopy,
	520	((caddr_t)&p2->p_stats->pstat_endcopy -
	521	(caddr_t)&p2->p_stats->pstat_startcopy));
	522
	523	if (p1->p_sigacts != NULL)
	524	(void)memcpy(p2->p_sigacts,
	525	p1->p_sigacts, sizeof *p2->p_sigacts);
	526	else
	527	(void)memset(p2->p_sigacts, 0, sizeof *p2->p_sigacts);
	528
	529	if (p1->p_session->s_ttyvp != NULL && p1->p_flag & P_CONTROLT)
	530	p2->p_flag \|= P_CONTROLT;
	531
55e303ae A	532	p2->p_argslen = p1->p_argslen;
55e303ae A	533	p2->p_argc = p1->p_argc;
1c79356b A	534	p2->p_xstat = 0;
	535	p2->p_ru = NULL;
	536
	537	p2->p_debugger = 0; /* don't inherit */
	538	lockinit(&p2->signal_lock, PVM, "signal", 0, 0);
	539	/* block all signals to reach the process */
	540	if (lock)
	541	signal_lock(p2);
	542	p2->sigwait = FALSE;
	543	p2->sigwait_thread = NULL;
	544	p2->exit_thread = NULL;
	545	p2->user_stack = p1->user_stack;
0b4e3aa0 A	546	p2->p_vforkcnt = 0;
0b4e3aa0 A	547	p2->p_vforkact = 0;
9bccf70c	548	TAILQ_INIT(&p2->p_uthlist);
55e303ae A	549	TAILQ_INIT(&p2->aio_activeq);
	550	TAILQ_INIT(&p2->aio_doneq);
	551	p2->aio_active_count = 0;
	552	p2->aio_done_count = 0;
1c79356b A	553
	554	#if KTRACE
	555	/*
	556	* Copy traceflag and tracefile if enabled.
	557	* If not inherited, these were zeroed above.
	558	*/
	559	if (p1->p_traceflag&KTRFAC_INHERIT) {
	560	p2->p_traceflag = p1->p_traceflag;
	561	if ((p2->p_tracep = p1->p_tracep) != NULL)
	562	VREF(p2->p_tracep);
	563	}
	564	#endif
0b4e3aa0	565	return(p2);
1c79356b	566
1c79356b A	567	}
	568
	569	#include <kern/zalloc.h>
	570
	571	struct zone *uthread_zone;
	572	int uthread_zone_inited = 0;
	573
	574	void
	575	uthread_zone_init()
	576	{
	577	if (!uthread_zone_inited) {
	578	uthread_zone = zinit(sizeof(struct uthread),
	579	THREAD_MAX * sizeof(struct uthread),
	580	THREAD_CHUNK * sizeof(struct uthread),
	581	"uthreads");
	582	uthread_zone_inited = 1;
	583	}
	584	}
	585
	586	void *
9bccf70c	587	uthread_alloc(task_t task, thread_act_t thr_act )
1c79356b	588	{
9bccf70c A	589	struct proc *p;
9bccf70c A	590	struct uthread uth, uth_parent;
1c79356b	591	void *ut;
9bccf70c A	592	extern task_t kernel_task;
9bccf70c A	593	boolean_t funnel_state;
1c79356b A	594
	595	if (!uthread_zone_inited)
	596	uthread_zone_init();
	597
	598	ut = (void *)zalloc(uthread_zone);
	599	bzero(ut, sizeof(struct uthread));
9bccf70c A	600
	601	if (task != kernel_task) {
	602	uth = (struct uthread *)ut;
55e303ae	603	p = (struct proc *) get_bsdtask_info(task);
9bccf70c A	604
	605	funnel_state = thread_funnel_set(kernel_flock, TRUE);
	606	uth_parent = (struct uthread *)get_bsdthread_info(current_act());
	607	if (uth_parent) {
	608	if (uth_parent->uu_flag & USAS_OLDMASK)
	609	uth->uu_sigmask = uth_parent->uu_oldmask;
	610	else
	611	uth->uu_sigmask = uth_parent->uu_sigmask;
	612	}
	613	uth->uu_act = thr_act;
	614	//signal_lock(p);
	615	if (p)
	616	TAILQ_INSERT_TAIL(&p->p_uthlist, uth, uu_list);
	617	//signal_unlock(p);
	618	(void)thread_funnel_set(kernel_flock, funnel_state);
	619	}
	620
1c79356b A	621	return (ut);
	622	}
	623
0b4e3aa0	624
1c79356b	625	void
9bccf70c	626	uthread_free(task_t task, void uthread, void bsd_info)
1c79356b A	627	{
	628	struct _select *sel;
	629	struct uthread uth = (struct uthread )uthread;
9bccf70c A	630	struct proc * p = (struct proc *)bsd_info;
9bccf70c A	631	extern task_t kernel_task;
0b4e3aa0	632	int size;
9bccf70c	633	boolean_t funnel_state;
55e303ae A	634	struct nlminfo *nlmp;
	635
	636	/*
	637	* Per-thread audit state should never last beyond system
	638	* call return. Since we don't audit the thread creation/
	639	* removal, the thread state pointer should never be
	640	* non-NULL when we get here.
	641	*/
	642	assert(uth->uu_ar == NULL);
1c79356b A	643
	644	sel = &uth->uu_state.ss_select;
	645	/* cleanup the select bit space */
	646	if (sel->nbytes) {
	647	FREE(sel->ibits, M_TEMP);
	648	FREE(sel->obits, M_TEMP);
	649	}
	650
0b4e3aa0 A	651	if (sel->allocsize && uth->uu_wqsub){
	652	kfree(uth->uu_wqsub, sel->allocsize);
	653	sel->count = sel->nfcount = 0;
	654	sel->allocsize = 0;
	655	uth->uu_wqsub = 0;
	656	sel->wql = 0;
	657	}
	658
55e303ae A	659	if ((nlmp = uth->uu_nlminfo)) {
	660	uth->uu_nlminfo = 0;
	661	FREE(nlmp, M_LOCKF);
	662	}
	663
9bccf70c A	664	if ((task != kernel_task) && p) {
	665	funnel_state = thread_funnel_set(kernel_flock, TRUE);
	666	//signal_lock(p);
	667	TAILQ_REMOVE(&p->p_uthlist, uth, uu_list);
	668	//signal_unlock(p);
	669	(void)thread_funnel_set(kernel_flock, funnel_state);
	670	}
1c79356b A	671	/* and free the uthread itself */
	672	zfree(uthread_zone, (vm_offset_t)uthread);
	673	}