]> git.saurik.com Git - apple/xnu.git/blame - bsd/kern/kern_descrip.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-2050.18.24.tar.gz
[apple/xnu.git] / bsd / kern / kern_descrip.c
CommitLineData
1c79356b 1/*
6d2010ae 2 * Copyright (c) 2000-2010 Apple Inc. All rights reserved.
5d5c5d0d 3 *
2d21ac55 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b 5 *
2d21ac55
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
8f6c56a5 14 *
2d21ac55
A		 15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5
A		 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55
A		 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
8f6c56a5 25 *
2d21ac55 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b
A		 27 */
28/* Copyright (c) 1995, 1997 Apple Computer, Inc. All Rights Reserved */
29/*
30 * Copyright (c) 1982, 1986, 1989, 1991, 1993
31 * The Regents of the University of California. All rights reserved.
32 * (c) UNIX System Laboratories, Inc.
33 * All or some portions of this file are derived from material licensed
34 * to the University of California by American Telephone and Telegraph
35 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
36 * the permission of UNIX System Laboratories, Inc.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. All advertising materials mentioning features or use of this software
47 * must display the following acknowledgement:
48 * This product includes software developed by the University of
49 * California, Berkeley and its contributors.
50 * 4. Neither the name of the University nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * SUCH DAMAGE.
65 *
66 * @(#)kern_descrip.c 8.8 (Berkeley) 2/14/95
1c79356b 67 */
2d21ac55
A		 68/*
69 * NOTICE: This file was modified by SPARTA, Inc. in 2006 to introduce
70 * support for mandatory and extensible security protections. This notice
71 * is included in support of clause 2.2 (b) of the Apple Public License,
72 * Version 2.0.
73 */
1c79356b
A		 74
75#include <sys/param.h>
76#include <sys/systm.h>
77#include <sys/filedesc.h>
78#include <sys/kernel.h>
91447636
A		 79#include <sys/vnode_internal.h>
80#include <sys/proc_internal.h>
81#include <sys/kauth.h>
82#include <sys/file_internal.h>
1c79356b
A		 83#include <sys/socket.h>
84#include <sys/socketvar.h>
85#include <sys/stat.h>
86#include <sys/ioctl.h>
87#include <sys/fcntl.h>
88#include <sys/malloc.h>
91447636 89#include <sys/mman.h>
1c79356b
A		 90#include <sys/syslog.h>
91#include <sys/unistd.h>
92#include <sys/resourcevar.h>
55e303ae 93#include <sys/aio_kern.h>
91447636
A		 94#include <sys/ev.h>
95#include <kern/lock.h>
b0d623f7 96#include <sys/uio_internal.h>
e5568f75 97
b0d623f7 98#include <security/audit/audit.h>
1c79356b 99
91447636
A		 100#include <sys/mount_internal.h>
101#include <sys/kdebug.h>
102#include <sys/sysproto.h>
103#include <sys/pipe.h>
6d2010ae 104#include <sys/spawn.h>
91447636
A		 105#include <kern/kern_types.h>
106#include <kern/kalloc.h>
b36670ce 107#include <libkern/OSAtomic.h>
91447636 108
593a1d5f 109#include <sys/ubc_internal.h>
2d21ac55 110
d1ecb069
A		 111#include <kern/ipc_misc.h>
112#include <vm/vm_protos.h>
113
114#include <mach/mach_port.h>
115
6d2010ae
A		 116#if CONFIG_PROTECT
117#include <sys/cprotect.h>
118#endif
119#include <hfs/hfs.h>
120
d1ecb069
A		 121kern_return_t ipc_object_copyin(ipc_space_t, mach_port_name_t,
122 mach_msg_type_name_t, ipc_port_t *);
123void ipc_port_release_send(ipc_port_t);
124
91447636
A		 125struct psemnode;
126struct pshmnode;
127
6d2010ae
A		 128static int finishdup(proc_t p,
129 struct filedesc *fdp, int old, int new, int flags, int32_t *retval);
91447636 130
2d21ac55 131int falloc_locked(proc_t p, struct fileproc **resultfp, int *resultfd, vfs_context_t ctx, int locked);
91447636
A		 132void fg_drop(struct fileproc * fp);
133void fg_free(struct fileglob *fg);
134void fg_ref(struct fileproc * fp);
d1ecb069 135void fileport_releasefg(struct fileglob *fg);
91447636 136
2d21ac55
A		 137/* flags for close_internal_locked */
138#define FD_DUP2RESV 1
139static int close_internal_locked(struct proc *p, int fd, struct fileproc *fp, int flags);
140
141static int closef_finish(struct fileproc *fp, struct fileglob *fg, proc_t p, vfs_context_t ctx);
142
143/* We don't want these exported */
144__private_extern__
b0d623f7 145int open1(vfs_context_t, struct nameidata *, int, struct vnode_attr *, int32_t *);
2d21ac55
A		 146
147__private_extern__
148int unlink1(vfs_context_t, struct nameidata *, int);
149
150static void _fdrelse(struct proc * p, int fd);
91447636 151
2d21ac55
A		 152
153extern void file_lock_init(void) __attribute__((section("__TEXT, initcode")));
154extern int kqueue_stat(struct fileproc *fp, void *ub, int isstat4, proc_t p);
155#if SOCKETS
156extern int soo_stat(struct socket *so, void *ub, int isstat64);
157#endif /* SOCKETS */
91447636
A		 158
159extern kauth_scope_t kauth_scope_fileop;
160
593a1d5f
A		 161extern int cs_debug;
162
6d2010ae
A		 163/* Conflict wait queue for when selects collide (opaque type) */
164extern struct wait_queue select_conflict_queue;
165
91447636
A		 166#define f_flag f_fglob->fg_flag
167#define f_type f_fglob->fg_type
168#define f_msgcount f_fglob->fg_msgcount
169#define f_cred f_fglob->fg_cred
170#define f_ops f_fglob->fg_ops
171#define f_offset f_fglob->fg_offset
172#define f_data f_fglob->fg_data
1c79356b
A		 173/*
174 * Descriptor management.
175 */
91447636
A		 176struct fmsglist fmsghead; /* head of list of open files */
177struct fmsglist fmsg_ithead; /* head of list of open files */
1c79356b
A		 178int nfiles; /* actual number of open files */
179
91447636
A		 180
181lck_grp_attr_t * file_lck_grp_attr;
182lck_grp_t * file_lck_grp;
183lck_attr_t * file_lck_attr;
184
185lck_mtx_t * uipc_lock;
91447636
A		 186
187
2d21ac55
A		 188/*
189 * file_lock_init
190 *
191 * Description: Initialize the file lock group and the uipc and flist locks
192 *
193 * Parameters: (void)
194 *
195 * Returns: void
196 *
197 * Notes: Called at system startup from bsd_init().
198 */
91447636
A		 199void
200file_lock_init(void)
201{
91447636
A		 202 /* allocate file lock group attribute and group */
203 file_lck_grp_attr= lck_grp_attr_alloc_init();
91447636
A		 204
205 file_lck_grp = lck_grp_alloc_init("file", file_lck_grp_attr);
206
207 /* Allocate file lock attribute */
208 file_lck_attr = lck_attr_alloc_init();
91447636
A		 209
210 uipc_lock = lck_mtx_alloc_init(file_lck_grp, file_lck_attr);
2d21ac55 211}
91447636 212
91447636 213
2d21ac55
A		 214/*
215 * proc_fdlock, proc_fdlock_spin
216 *
217 * Description: Lock to control access to the per process struct fileproc
218 * and struct filedesc
219 *
220 * Parameters: p Process to take the lock on
221 *
222 * Returns: void
223 *
224 * Notes: The lock is initialized in forkproc() and destroyed in
225 * reap_child_process().
226 */
227void
228proc_fdlock(proc_t p)
229{
230 lck_mtx_lock(&p->p_fdmlock);
91447636
A		 231}
232
2d21ac55
A		 233void
234proc_fdlock_spin(proc_t p)
235{
236 lck_mtx_lock_spin(&p->p_fdmlock);
237}
91447636
A		 238
239void
2d21ac55 240proc_fdlock_assert(proc_t p, int assertflags)
91447636 241{
2d21ac55 242 lck_mtx_assert(&p->p_fdmlock, assertflags);
91447636
A		 243}
244
2d21ac55
A		 245
246/*
247 * proc_fdunlock
248 *
249 * Description: Unlock the lock previously locked by a call to proc_fdlock()
250 *
251 * Parameters: p Process to drop the lock on
252 *
253 * Returns: void
254 */
91447636 255void
2d21ac55 256proc_fdunlock(proc_t p)
91447636
A		 257{
258 lck_mtx_unlock(&p->p_fdmlock);
259}
9bccf70c 260
2d21ac55 261
1c79356b
A		 262/*
263 * System calls on descriptors.
264 */
91447636 265
2d21ac55
A		 266
267/*
268 * getdtablesize
269 *
270 * Description: Returns the per process maximum size of the descriptor table
271 *
272 * Parameters: p Process being queried
273 * retval Pointer to the call return area
274 *
275 * Returns: 0 Success
276 *
277 * Implicit returns:
278 * *retval (modified) Size of dtable
279 */
1c79356b 280int
b0d623f7 281getdtablesize(proc_t p, __unused struct getdtablesize_args *uap, int32_t *retval)
1c79356b 282{
2d21ac55 283 proc_fdlock_spin(p);
1c79356b 284 *retval = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfiles);
91447636
A		 285 proc_fdunlock(p);
286
1c79356b
A		 287 return (0);
288}
289
1c79356b 290
6601e61a
A		 291void
292procfdtbl_reservefd(struct proc * p, int fd)
293{
294 p->p_fd->fd_ofiles[fd] = NULL;
295 p->p_fd->fd_ofileflags[fd] |= UF_RESERVED;
296}
297
298void
299procfdtbl_markclosefd(struct proc * p, int fd)
300{
301 p->p_fd->fd_ofileflags[fd] |= (UF_RESERVED | UF_CLOSING);
302}
303
304void
305procfdtbl_releasefd(struct proc * p, int fd, struct fileproc * fp)
306{
307 if (fp != NULL)
308 p->p_fd->fd_ofiles[fd] = fp;
309 p->p_fd->fd_ofileflags[fd] &= ~UF_RESERVED;
310 if ((p->p_fd->fd_ofileflags[fd] & UF_RESVWAIT) == UF_RESVWAIT) {
311 p->p_fd->fd_ofileflags[fd] &= ~UF_RESVWAIT;
312 wakeup(&p->p_fd);
313 }
314}
315
316void
317procfdtbl_waitfd(struct proc * p, int fd)
318{
319 p->p_fd->fd_ofileflags[fd] |= UF_RESVWAIT;
320 msleep(&p->p_fd, &p->p_fdmlock, PRIBIO, "ftbl_waitfd", NULL);
321}
322
323
324void
325procfdtbl_clearfd(struct proc * p, int fd)
326{
327 int waiting;
328
329 waiting = (p->p_fd->fd_ofileflags[fd] & UF_RESVWAIT);
330 p->p_fd->fd_ofiles[fd] = NULL;
331 p->p_fd->fd_ofileflags[fd] = 0;
332 if ( waiting == UF_RESVWAIT) {
333 wakeup(&p->p_fd);
334 }
335}
336
2d21ac55
A		 337/*
338 * _fdrelse
339 *
340 * Description: Inline utility function to free an fd in a filedesc
341 *
342 * Parameters: fdp Pointer to filedesc fd lies in
343 * fd fd to free
344 * reserv fd should be reserved
345 *
346 * Returns: void
347 *
348 * Locks: Assumes proc_fdlock for process pointing to fdp is held by
349 * the caller
350 */
351static void
352_fdrelse(struct proc * p, int fd)
1c79356b 353{
2d21ac55
A		 354 struct filedesc *fdp = p->p_fd;
355 int nfd = 0;
6601e61a 356
1c79356b
A		 357 if (fd < fdp->fd_freefile)
358 fdp->fd_freefile = fd;
359#if DIAGNOSTIC
360 if (fd > fdp->fd_lastfile)
2d21ac55 361 panic("fdrelse: fd_lastfile inconsistent");
1c79356b 362#endif
6601e61a 363 procfdtbl_clearfd(p, fd);
91447636 364
6601e61a
A		 365 while ((nfd = fdp->fd_lastfile) > 0 &&
366 fdp->fd_ofiles[nfd] == NULL &&
367 !(fdp->fd_ofileflags[nfd] & UF_RESERVED))
1c79356b
A		 368 fdp->fd_lastfile--;
369}
370
2d21ac55 371
b0d623f7
A		 372int
373fd_rdwr(
374 int fd,
375 enum uio_rw rw,
376 uint64_t base,
377 int64_t len,
378 enum uio_seg segflg,
379 off_t offset,
380 int io_flg,
381 int64_t *aresid)
382{
383 struct fileproc *fp;
384 proc_t p;
385 int error = 0;
386 int flags = 0;
387 int spacetype;
388 uio_t auio = NULL;
389 char uio_buf[ UIO_SIZEOF(1) ];
390 struct vfs_context context = *(vfs_context_current());
391
392 p = current_proc();
393
394 error = fp_lookup(p, fd, &fp, 0);
395 if (error)
396 return(error);
397
398 if (fp->f_type != DTYPE_VNODE && fp->f_type != DTYPE_PIPE && fp->f_type != DTYPE_SOCKET) {
399 error = EINVAL;
400 goto out;
401 }
402 if (rw == UIO_WRITE && !(fp->f_flag & FWRITE)) {
403 error = EBADF;
404 goto out;
405 }
406
407 if (rw == UIO_READ && !(fp->f_flag & FREAD)) {
408 error = EBADF;
409 goto out;
410 }
411
412 context.vc_ucred = fp->f_fglob->fg_cred;
413
414 if (UIO_SEG_IS_USER_SPACE(segflg))
415 spacetype = proc_is64bit(p) ? UIO_USERSPACE64 : UIO_USERSPACE32;
416 else
417 spacetype = UIO_SYSSPACE;
418
419 auio = uio_createwithbuffer(1, offset, spacetype, rw, &uio_buf[0], sizeof(uio_buf));
420
421 uio_addiov(auio, base, len);
422
423 if ( !(io_flg & IO_APPEND))
424 flags = FOF_OFFSET;
425
426 if (rw == UIO_WRITE)
427 error = fo_write(fp, auio, flags, &context);
428 else
429 error = fo_read(fp, auio, flags, &context);
430
431 if (aresid)
432 *aresid = uio_resid(auio);
433 else {
434 if (uio_resid(auio) && error == 0)
435 error = EIO;
436 }
437out:
438 if (rw == UIO_WRITE && error == 0)
439 fp_drop_written(p, fd, fp);
440 else
441 fp_drop(p, fd, fp, 0);
442
443 return error;
444}
445
446
447
1c79356b 448/*
2d21ac55
A		 449 * dup
450 *
451 * Description: Duplicate a file descriptor.
452 *
453 * Parameters: p Process performing the dup
454 * uap->fd The fd to dup
455 * retval Pointer to the call return area
456 *
457 * Returns: 0 Success
458 * !0 Errno
459 *
460 * Implicit returns:
461 * *retval (modified) The new descriptor
1c79356b 462 */
1c79356b 463int
b0d623f7 464dup(proc_t p, struct dup_args *uap, int32_t *retval)
1c79356b 465{
2d21ac55
A		 466 struct filedesc *fdp = p->p_fd;
467 int old = uap->fd;
1c79356b 468 int new, error;
91447636 469 struct fileproc *fp;
1c79356b 470
91447636
A		 471 proc_fdlock(p);
472 if ( (error = fp_lookup(p, old, &fp, 1)) ) {
473 proc_fdunlock(p);
474 return(error);
475 }
476 if ( (error = fdalloc(p, 0, &new)) ) {
477 fp_drop(p, old, fp, 1);
478 proc_fdunlock(p);
1c79356b 479 return (error);
91447636 480 }
6d2010ae 481 error = finishdup(p, fdp, old, new, 0, retval);
91447636
A		 482 fp_drop(p, old, fp, 1);
483 proc_fdunlock(p);
484
485 return (error);
1c79356b
A		 486}
487
488/*
2d21ac55
A		 489 * dup2
490 *
491 * Description: Duplicate a file descriptor to a particular value.
492 *
493 * Parameters: p Process performing the dup
6d2010ae 494 * uap->from The fd to dup
2d21ac55
A		 495 * uap->to The fd to dup it to
496 * retval Pointer to the call return area
497 *
498 * Returns: 0 Success
499 * !0 Errno
500 *
501 * Implicit returns:
502 * *retval (modified) The new descriptor
1c79356b 503 */
1c79356b 504int
b0d623f7 505dup2(proc_t p, struct dup2_args *uap, int32_t *retval)
1c79356b 506{
2d21ac55
A		 507 struct filedesc *fdp = p->p_fd;
508 int old = uap->from, new = uap->to;
1c79356b 509 int i, error;
6601e61a 510 struct fileproc *fp, *nfp;
1c79356b 511
91447636
A		 512 proc_fdlock(p);
513
6601e61a 514startover:
91447636
A		 515 if ( (error = fp_lookup(p, old, &fp, 1)) ) {
516 proc_fdunlock(p);
517 return(error);
518 }
519 if (new < 0 ||
2d21ac55 520 (rlim_t)new >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur ||
91447636
A		 521 new >= maxfiles) {
522 fp_drop(p, old, fp, 1);
523 proc_fdunlock(p);
1c79356b 524 return (EBADF);
91447636 525 }
1c79356b 526 if (old == new) {
91447636 527 fp_drop(p, old, fp, 1);
1c79356b 528 *retval = new;
91447636 529 proc_fdunlock(p);
1c79356b
A		 530 return (0);
531 }
91447636
A		 532 if (new < 0 || new >= fdp->fd_nfiles) {
533 if ( (error = fdalloc(p, new, &i)) ) {
534 fp_drop(p, old, fp, 1);
535 proc_fdunlock(p);
1c79356b 536 return (error);
91447636 537 }
1c79356b 538 if (new != i) {
2d21ac55 539 fdrelse(p, i);
1c79356b
A		 540 goto closeit;
541 }
fa4905b1 542 } else {
1c79356b 543closeit:
6601e61a
A		 544 while ((fdp->fd_ofileflags[new] & UF_RESERVED) == UF_RESERVED) {
545 fp_drop(p, old, fp, 1);
546 procfdtbl_waitfd(p, new);
2d21ac55
A		 547#if DIAGNOSTIC
548 proc_fdlock_assert(p, LCK_MTX_ASSERT_OWNED);
549#endif
6601e61a 550 goto startover;
91447636
A		 551 }
552
6d2010ae
A		 553 if ((fdp->fd_ofiles[new] != NULL) &&
554 ((error = fp_lookup(p, new, &nfp, 1)) == 0)) {
6601e61a 555 fp_drop(p, old, fp, 1);
2d21ac55
A		 556 (void)close_internal_locked(p, new, nfp, FD_DUP2RESV);
557#if DIAGNOSTIC
558 proc_fdlock_assert(p, LCK_MTX_ASSERT_OWNED);
559#endif
6601e61a
A		 560 procfdtbl_clearfd(p, new);
561 goto startover;
562 } else {
2d21ac55
A		 563#if DIAGNOSTIC
564 if (fdp->fd_ofiles[new] != NULL)
6d2010ae 565 panic("dup2: no ref on fileproc %d", new);
2d21ac55 566#endif
6601e61a 567 procfdtbl_reservefd(p, new);
1c79356b 568 }
2d21ac55
A		 569
570#if DIAGNOSTIC
571 proc_fdlock_assert(p, LCK_MTX_ASSERT_OWNED);
572#endif
573
1c79356b 574 }
2d21ac55
A		 575#if DIAGNOSTIC
576 if (fdp->fd_ofiles[new] != 0)
6d2010ae 577 panic("dup2: overwriting fd_ofiles with new %d", new);
2d21ac55 578 if ((fdp->fd_ofileflags[new] & UF_RESERVED) == 0)
6d2010ae 579 panic("dup2: unreserved fileflags with new %d", new);
2d21ac55 580#endif
6d2010ae 581 error = finishdup(p, fdp, old, new, 0, retval);
91447636
A		 582 fp_drop(p, old, fp, 1);
583 proc_fdunlock(p);
584
585 return(error);
1c79356b
A		 586}
587
2d21ac55
A		 588
589/*
590 * fcntl
591 *
592 * Description: The file control system call.
593 *
594 * Parameters: p Process performing the fcntl
595 * uap->fd The fd to operate against
596 * uap->cmd The command to perform
597 * uap->arg Pointer to the command argument
598 * retval Pointer to the call return area
599 *
600 * Returns: 0 Success
601 * !0 Errno (see fcntl_nocancel)
602 *
603 * Implicit returns:
604 * *retval (modified) fcntl return value (if any)
605 *
606 * Notes: This system call differs from fcntl_nocancel() in that it
607 * tests for cancellation prior to performing a potentially
608 * blocking operation.
609 */
610int
b0d623f7 611fcntl(proc_t p, struct fcntl_args *uap, int32_t *retval)
2d21ac55
A		 612{
613 __pthread_testcancel(1);
614 return(fcntl_nocancel(p, (struct fcntl_nocancel_args *)uap, retval));
615}
616
617
1c79356b 618/*
2d21ac55
A		 619 * fcntl_nocancel
620 *
621 * Description: A non-cancel-testing file control system call.
622 *
623 * Parameters: p Process performing the fcntl
624 * uap->fd The fd to operate against
625 * uap->cmd The command to perform
626 * uap->arg Pointer to the command argument
627 * retval Pointer to the call return area
628 *
629 * Returns: 0 Success
630 * EINVAL
631 * fp_lookup:EBADF Bad file descriptor
632 * [F_DUPFD]
633 * fdalloc:EMFILE
634 * fdalloc:ENOMEM
635 * finishdup:EBADF
636 * finishdup:ENOMEM
637 * [F_SETOWN]
638 * ESRCH
639 * [F_SETLK]
640 * EBADF
641 * EOVERFLOW
642 * copyin:EFAULT
643 * vnode_getwithref:???
644 * VNOP_ADVLOCK:???
645 * [F_GETLK]
646 * EBADF
647 * EOVERFLOW
648 * copyin:EFAULT
649 * copyout:EFAULT
650 * vnode_getwithref:???
651 * VNOP_ADVLOCK:???
652 * [F_PREALLOCATE]
653 * EBADF
654 * EINVAL
655 * copyin:EFAULT
656 * copyout:EFAULT
657 * vnode_getwithref:???
658 * VNOP_ALLOCATE:???
659 * [F_SETSIZE,F_RDADVISE]
660 * EBADF
661 * copyin:EFAULT
662 * vnode_getwithref:???
663 * [F_RDAHEAD,F_NOCACHE]
664 * EBADF
665 * vnode_getwithref:???
666 * [???]
667 *
668 * Implicit returns:
669 * *retval (modified) fcntl return value (if any)
1c79356b 670 */
1c79356b 671int
b0d623f7 672fcntl_nocancel(proc_t p, struct fcntl_nocancel_args *uap, int32_t *retval)
1c79356b
A		 673{
674 int fd = uap->fd;
91447636
A		 675 struct filedesc *fdp = p->p_fd;
676 struct fileproc *fp;
677 char *pop;
2d21ac55 678 struct vnode *vp = NULLVP; /* for AUDIT_ARG() at end */
1c79356b
A		 679 int i, tmp, error, error2, flg = F_POSIX;
680 struct flock fl;
91447636
A		 681 struct vfs_context context;
682 off_t offset;
1c79356b 683 int newmin;
91447636 684 daddr64_t lbn, bn;
91447636
A		 685 unsigned int fflag;
686 user_addr_t argp;
e2fac8b1 687 boolean_t is64bit;
1c79356b 688
55e303ae
A		 689 AUDIT_ARG(fd, uap->fd);
690 AUDIT_ARG(cmd, uap->cmd);
91447636
A		 691
692 proc_fdlock(p);
693 if ( (error = fp_lookup(p, fd, &fp, 1)) ) {
694 proc_fdunlock(p);
695 return(error);
696 }
2d21ac55 697 context.vc_thread = current_thread();
91447636 698 context.vc_ucred = fp->f_cred;
e2fac8b1
A		 699
700 is64bit = proc_is64bit(p);
701 if (is64bit) {
91447636
A		 702 argp = uap->arg;
703 }
704 else {
2d21ac55
A		 705 /*
706 * Since the arg parameter is defined as a long but may be
707 * either a long or a pointer we must take care to handle
708 * sign extension issues. Our sys call munger will sign
709 * extend a long when we are called from a 32-bit process.
710 * Since we can never have an address greater than 32-bits
711 * from a 32-bit process we lop off the top 32-bits to avoid
712 * getting the wrong address
91447636 713 */
b0d623f7 714 argp = CAST_USER_ADDR_T((uint32_t)uap->arg);
91447636
A		 715 }
716
1c79356b 717 pop = &fdp->fd_ofileflags[fd];
55e303ae 718
2d21ac55
A		 719#if CONFIG_MACF
720 error = mac_file_check_fcntl(proc_ucred(p), fp->f_fglob, uap->cmd,
721 uap->arg);
722 if (error)
723 goto out;
724#endif
725
1c79356b
A		 726 switch (uap->cmd) {
727
728 case F_DUPFD:
6d2010ae 729 case F_DUPFD_CLOEXEC:
b0d623f7
A		 730 newmin = CAST_DOWN_EXPLICIT(int, uap->arg); /* arg is an int, so we won't lose bits */
731 AUDIT_ARG(value32, newmin);
1c79356b 732 if ((u_int)newmin >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur ||
91447636
A		 733 newmin >= maxfiles) {
734 error = EINVAL;
735 goto out;
736 }
737 if ( (error = fdalloc(p, newmin, &i)) )
738 goto out;
6d2010ae
A		 739 error = finishdup(p, fdp, fd, i,
740 uap->cmd == F_DUPFD_CLOEXEC ? UF_EXCLOSE : 0, retval);
91447636 741 goto out;
1c79356b
A		 742
743 case F_GETFD:
744 *retval = (*pop & UF_EXCLOSE)? 1 : 0;
91447636
A		 745 error = 0;
746 goto out;
1c79356b
A		 747
748 case F_SETFD:
b0d623f7 749 AUDIT_ARG(value32, uap->arg);
1c79356b 750 *pop = (*pop &~ UF_EXCLOSE) |
91447636
A		 751 (uap->arg & 1)? UF_EXCLOSE : 0;
752 error = 0;
753 goto out;
1c79356b
A		 754
755 case F_GETFL:
756 *retval = OFLAGS(fp->f_flag);
91447636
A		 757 error = 0;
758 goto out;
1c79356b
A		 759
760 case F_SETFL:
761 fp->f_flag &= ~FCNTLFLAGS;
b0d623f7
A		 762 tmp = CAST_DOWN_EXPLICIT(int, uap->arg); /* arg is an int, so we won't lose bits */
763 AUDIT_ARG(value32, tmp);
91447636 764 fp->f_flag |= FFLAGS(tmp) & FCNTLFLAGS;
1c79356b 765 tmp = fp->f_flag & FNONBLOCK;
2d21ac55 766 error = fo_ioctl(fp, FIONBIO, (caddr_t)&tmp, &context);
1c79356b 767 if (error)
91447636 768 goto out;
1c79356b 769 tmp = fp->f_flag & FASYNC;
2d21ac55 770 error = fo_ioctl(fp, FIOASYNC, (caddr_t)&tmp, &context);
1c79356b 771 if (!error)
91447636 772 goto out;
1c79356b
A		 773 fp->f_flag &= ~FNONBLOCK;
774 tmp = 0;
2d21ac55 775 (void)fo_ioctl(fp, FIONBIO, (caddr_t)&tmp, &context);
91447636 776 goto out;
1c79356b
A		 777
778 case F_GETOWN:
779 if (fp->f_type == DTYPE_SOCKET) {
780 *retval = ((struct socket *)fp->f_data)->so_pgid;
91447636
A		 781 error = 0;
782 goto out;
1c79356b 783 }
2d21ac55 784 error = fo_ioctl(fp, (int)TIOCGPGRP, (caddr_t)retval, &context);
1c79356b 785 *retval = -*retval;
91447636 786 goto out;
1c79356b
A		 787
788 case F_SETOWN:
b0d623f7
A		 789 tmp = CAST_DOWN_EXPLICIT(pid_t, uap->arg); /* arg is an int, so we won't lose bits */
790 AUDIT_ARG(value32, tmp);
1c79356b 791 if (fp->f_type == DTYPE_SOCKET) {
91447636
A		 792 ((struct socket *)fp->f_data)->so_pgid = tmp;
793 error =0;
794 goto out;
1c79356b 795 }
91447636 796 if (fp->f_type == DTYPE_PIPE) {
0b4c1975 797 error = fo_ioctl(fp, TIOCSPGRP, (caddr_t)&tmp, &context);
91447636
A		 798 goto out;
799 }
800
801 if (tmp <= 0) {
802 tmp = -tmp;
1c79356b 803 } else {
2d21ac55 804 proc_t p1 = proc_find(tmp);
91447636
A		 805 if (p1 == 0) {
806 error = ESRCH;
807 goto out;
808 }
2d21ac55
A		 809 tmp = (int)p1->p_pgrpid;
810 proc_rele(p1);
1c79356b 811 }
2d21ac55 812 error = fo_ioctl(fp, (int)TIOCSPGRP, (caddr_t)&tmp, &context);
91447636 813 goto out;
1c79356b 814
6d2010ae
A		 815 case F_SETNOSIGPIPE:
816 tmp = CAST_DOWN_EXPLICIT(int, uap->arg);
817 if (fp->f_type == DTYPE_SOCKET) {
818 error = sock_setsockopt((struct socket *)fp->f_data,
819 SOL_SOCKET, SO_NOSIGPIPE, &tmp, sizeof (tmp));
820 } else {
821 struct fileglob *fg = fp->f_fglob;
822
823 lck_mtx_lock_spin(&fg->fg_lock);
824 if (tmp)
825 fg->fg_lflags |= FG_NOSIGPIPE;
826 else
827 fg->fg_lflags &= FG_NOSIGPIPE;
828 lck_mtx_unlock(&fg->fg_lock);
829 error = 0;
830 }
831 goto out;
832
833 case F_GETNOSIGPIPE:
834 if (fp->f_type == DTYPE_SOCKET) {
835 int retsize = sizeof (*retval);
836 error = sock_getsockopt((struct socket *)fp->f_data,
837 SOL_SOCKET, SO_NOSIGPIPE, retval, &retsize);
838 } else {
839 *retval = (fp->f_fglob->fg_lflags & FG_NOSIGPIPE) ?
840 1 : 0;
841 error = 0;
842 }
843 goto out;
844
1c79356b
A		 845 case F_SETLKW:
846 flg |= F_WAIT;
847 /* Fall into F_SETLK */
848
849 case F_SETLK:
91447636
A		 850 if (fp->f_type != DTYPE_VNODE) {
851 error = EBADF;
852 goto out;
853 }
1c79356b 854 vp = (struct vnode *)fp->f_data;
ccc36f2f 855
91447636
A		 856 fflag = fp->f_flag;
857 offset = fp->f_offset;
858 proc_fdunlock(p);
859
1c79356b 860 /* Copy in the lock structure */
2d21ac55 861 error = copyin(argp, (caddr_t)&fl, sizeof(fl));
91447636
A		 862 if (error) {
863 goto outdrop;
864 }
2d21ac55 865
316670eb
A		 866 volatile off_t affected_lock_area_set = 0;
867 affected_lock_area_set = fl.l_start + offset;
868 if ((fl.l_whence == SEEK_CUR) && (affected_lock_area_set < fl.l_start)) {
2d21ac55
A		 869 error = EOVERFLOW;
870 goto outdrop;
871 }
872
91447636
A		 873 if ( (error = vnode_getwithref(vp)) ) {
874 goto outdrop;
875 }
1c79356b 876 if (fl.l_whence == SEEK_CUR)
91447636
A		 877 fl.l_start += offset;
878
2d21ac55
A		 879#if CONFIG_MACF
880 error = mac_file_check_lock(proc_ucred(p), fp->f_fglob,
881 F_SETLK, &fl);
882 if (error) {
883 (void)vnode_put(vp);
884 goto outdrop;
885 }
886#endif
1c79356b
A		 887 switch (fl.l_type) {
888
889 case F_RDLCK:
91447636
A		 890 if ((fflag & FREAD) == 0) {
891 (void)vnode_put(vp);
ccc36f2f 892 error = EBADF;
91447636
A		 893 goto outdrop;
894 }
2d21ac55 895 // XXX UInt32 unsafe for LP64 kernel
b0d623f7 896 OSBitOrAtomic(P_LADVLOCK, &p->p_ladvflag);
91447636
A		 897 error = VNOP_ADVLOCK(vp, (caddr_t)p, F_SETLK, &fl, flg, &context);
898 (void)vnode_put(vp);
899 goto outdrop;
1c79356b
A		 900
901 case F_WRLCK:
91447636
A		 902 if ((fflag & FWRITE) == 0) {
903 (void)vnode_put(vp);
ccc36f2f 904 error = EBADF;
91447636
A		 905 goto outdrop;
906 }
2d21ac55 907 // XXX UInt32 unsafe for LP64 kernel
b0d623f7 908 OSBitOrAtomic(P_LADVLOCK, &p->p_ladvflag);
91447636
A		 909 error = VNOP_ADVLOCK(vp, (caddr_t)p, F_SETLK, &fl, flg, &context);
910 (void)vnode_put(vp);
911 goto outdrop;
1c79356b
A		 912
913 case F_UNLCK:
91447636
A		 914 error = VNOP_ADVLOCK(vp, (caddr_t)p, F_UNLCK, &fl,
915 F_POSIX, &context);
916 (void)vnode_put(vp);
917 goto outdrop;
1c79356b
A		 918
919 default:
91447636 920 (void)vnode_put(vp);
ccc36f2f 921 error = EINVAL;
91447636 922 goto outdrop;
1c79356b
A		 923 }
924
925 case F_GETLK:
6d2010ae
A		 926#if CONFIG_EMBEDDED
927 case F_GETLKPID:
928#endif
91447636
A		 929 if (fp->f_type != DTYPE_VNODE) {
930 error = EBADF;
931 goto out;
932 }
1c79356b 933 vp = (struct vnode *)fp->f_data;
ccc36f2f 934
91447636
A		 935 offset = fp->f_offset;
936 proc_fdunlock(p);
937
1c79356b 938 /* Copy in the lock structure */
2d21ac55 939 error = copyin(argp, (caddr_t)&fl, sizeof(fl));
1c79356b 940 if (error)
91447636
A		 941 goto outdrop;
942
316670eb
A		 943 volatile off_t affected_lock_area_end = 0;
944 affected_lock_area_end = fl.l_start + offset;
2d21ac55
A		 945 /* Check starting byte and ending byte for EOVERFLOW in SEEK_CUR */
946 /* and ending byte for EOVERFLOW in SEEK_SET */
947 if (((fl.l_whence == SEEK_CUR) &&
316670eb
A		 948 ((affected_lock_area_end < fl.l_start) ||
949 ((fl.l_len > 0) && (affected_lock_area_end + fl.l_len - 1 < affected_lock_area_end)))) ||
2d21ac55
A		 950 ((fl.l_whence == SEEK_SET) && (fl.l_len > 0) && (fl.l_start + fl.l_len - 1 < fl.l_start)))
951 {
952 /* lf_advlock doesn't check start/end for F_GETLK if file has no locks */
953 error = EOVERFLOW;
954 goto outdrop;
955 }
956
957 if ((fl.l_whence == SEEK_SET) && (fl.l_start < 0)) {
958 error = EINVAL;
959 goto outdrop;
960 }
961
962 switch (fl.l_type) {
963 case F_RDLCK:
964 case F_UNLCK:
965 case F_WRLCK:
966 break;
967 default:
968 error = EINVAL;
969 goto outdrop;
970 }
971
972 switch (fl.l_whence) {
973 case SEEK_CUR:
974 case SEEK_SET:
975 case SEEK_END:
976 break;
977 default:
978 error = EINVAL;
979 goto outdrop;
980 }
981
91447636
A		 982 if ( (error = vnode_getwithref(vp)) == 0 ) {
983 if (fl.l_whence == SEEK_CUR)
984 fl.l_start += offset;
985
2d21ac55
A		 986#if CONFIG_MACF
987 error = mac_file_check_lock(proc_ucred(p), fp->f_fglob,
6d2010ae 988 uap->cmd, &fl);
2d21ac55
A		 989 if (error == 0)
990#endif
6d2010ae 991 error = VNOP_ADVLOCK(vp, (caddr_t)p, uap->cmd, &fl, F_POSIX, &context);
91447636
A		 992
993 (void)vnode_put(vp);
994
995 if (error == 0)
2d21ac55 996 error = copyout((caddr_t)&fl, argp, sizeof(fl));
91447636
A		 997 }
998 goto outdrop;
999
1000 case F_PREALLOCATE: {
1001 fstore_t alloc_struct; /* structure for allocate command */
1002 u_int32_t alloc_flags = 0;
1003
1004 if (fp->f_type != DTYPE_VNODE) {
1005 error = EBADF;
1006 goto out;
1007 }
1c79356b 1008
ccc36f2f 1009 vp = (struct vnode *)fp->f_data;
91447636 1010 proc_fdunlock(p);
9bccf70c
A		 1011
1012 /* make sure that we have write permission */
ccc36f2f
A		 1013 if ((fp->f_flag & FWRITE) == 0) {
1014 error = EBADF;
91447636 1015 goto outdrop;
ccc36f2f 1016 }
1c79356b 1017
2d21ac55 1018 error = copyin(argp, (caddr_t)&alloc_struct, sizeof(alloc_struct));
1c79356b 1019 if (error)
91447636 1020 goto outdrop;
1c79356b 1021
9bccf70c 1022 /* now set the space allocated to 0 */
1c79356b
A		 1023 alloc_struct.fst_bytesalloc = 0;
1024
9bccf70c
A		 1025 /*
1026 * Do some simple parameter checking
1027 */
1c79356b
A		 1028
1029 /* set up the flags */
1030
1031 alloc_flags |= PREALLOCATE;
1032
9bccf70c 1033 if (alloc_struct.fst_flags & F_ALLOCATECONTIG)
1c79356b 1034 alloc_flags |= ALLOCATECONTIG;
1c79356b 1035
9bccf70c
A		 1036 if (alloc_struct.fst_flags & F_ALLOCATEALL)
1037 alloc_flags |= ALLOCATEALL;
1c79356b 1038
9bccf70c
A		 1039 /*
1040 * Do any position mode specific stuff. The only
1041 * position mode supported now is PEOFPOSMODE
1042 */
1c79356b
A		 1043
1044 switch (alloc_struct.fst_posmode) {
1045
1046 case F_PEOFPOSMODE:
91447636 1047 if (alloc_struct.fst_offset != 0) {
ccc36f2f 1048 error = EINVAL;
91447636
A		 1049 goto outdrop;
1050 }
1051
1052 alloc_flags |= ALLOCATEFROMPEOF;
1c79356b
A		 1053 break;
1054
0b4e3aa0 1055 case F_VOLPOSMODE:
91447636 1056 if (alloc_struct.fst_offset <= 0) {
ccc36f2f 1057 error = EINVAL;
91447636
A		 1058 goto outdrop;
1059 }
1060
1061 alloc_flags |= ALLOCATEFROMVOL;
0b4e3aa0
A		 1062 break;
1063
91447636 1064 default: {
ccc36f2f 1065 error = EINVAL;
91447636
A		 1066 goto outdrop;
1067 }
1c79356b 1068 }
91447636
A		 1069 if ( (error = vnode_getwithref(vp)) == 0 ) {
1070 /*
1071 * call allocate to get the space
1072 */
1073 error = VNOP_ALLOCATE(vp,alloc_struct.fst_length,alloc_flags,
1074 &alloc_struct.fst_bytesalloc, alloc_struct.fst_offset,
1075 &context);
1076 (void)vnode_put(vp);
1c79356b 1077
2d21ac55 1078 error2 = copyout((caddr_t)&alloc_struct, argp, sizeof(alloc_struct));
1c79356b 1079
91447636 1080 if (error == 0)
ccc36f2f 1081 error = error2;
1c79356b 1082 }
91447636 1083 goto outdrop;
1c79356b 1084
91447636 1085 }
9bccf70c 1086 case F_SETSIZE:
91447636
A		 1087 if (fp->f_type != DTYPE_VNODE) {
1088 error = EBADF;
1089 goto out;
1090 }
2d21ac55 1091 vp = (struct vnode *)fp->f_data;
91447636 1092 proc_fdunlock(p);
ccc36f2f 1093
91447636 1094 error = copyin(argp, (caddr_t)&offset, sizeof (off_t));
1c79356b 1095 if (error)
91447636 1096 goto outdrop;
b0d623f7 1097 AUDIT_ARG(value64, offset);
1c79356b 1098
2d21ac55
A		 1099 error = vnode_getwithref(vp);
1100 if (error)
1101 goto outdrop;
1102
1103#if CONFIG_MACF
1104 error = mac_vnode_check_truncate(&context,
1105 fp->f_fglob->fg_cred, vp);
1106 if (error) {
1107 (void)vnode_put(vp);
1108 goto outdrop;
1109 }
1110#endif
9bccf70c
A		 1111 /*
1112 * Make sure that we are root. Growing a file
1113 * without zero filling the data is a security hole
1114 * root would have access anyway so we'll allow it
1115 */
ccc36f2f
A		 1116 if (!is_suser()) {
1117 error = EACCES;
2d21ac55
A		 1118 } else {
1119 /*
91447636
A		 1120 * set the file size
1121 */
2d21ac55
A		 1122 error = vnode_setsize(vp, offset, IO_NOZEROFILL,
1123 &context);
91447636 1124 }
2d21ac55
A		 1125
1126 (void)vnode_put(vp);
91447636 1127 goto outdrop;
9bccf70c
A		 1128
1129 case F_RDAHEAD:
91447636
A		 1130 if (fp->f_type != DTYPE_VNODE) {
1131 error = EBADF;
1132 goto out;
1133 }
2d21ac55
A		 1134 if (uap->arg)
1135 fp->f_fglob->fg_flag &= ~FNORDAHEAD;
1136 else
1137 fp->f_fglob->fg_flag |= FNORDAHEAD;
91447636 1138
2d21ac55 1139 goto out;
1c79356b 1140
9bccf70c 1141 case F_NOCACHE:
91447636
A		 1142 if (fp->f_type != DTYPE_VNODE) {
1143 error = EBADF;
1144 goto out;
1145 }
2d21ac55
A		 1146 if (uap->arg)
1147 fp->f_fglob->fg_flag |= FNOCACHE;
1148 else
1149 fp->f_fglob->fg_flag &= ~FNOCACHE;
1150
1151 goto out;
1152
6d2010ae
A		 1153 case F_NODIRECT:
1154 if (fp->f_type != DTYPE_VNODE) {
1155 error = EBADF;
1156 goto out;
1157 }
1158 if (uap->arg)
1159 fp->f_fglob->fg_flag |= FNODIRECT;
1160 else
1161 fp->f_fglob->fg_flag &= ~FNODIRECT;
1162
1163 goto out;
1164
316670eb
A		 1165 case F_SINGLE_WRITER:
1166 if (fp->f_type != DTYPE_VNODE) {
1167 error = EBADF;
1168 goto out;
1169 }
1170 if (uap->arg)
1171 fp->f_fglob->fg_flag |= FSINGLE_WRITER;
1172 else
1173 fp->f_fglob->fg_flag &= ~FSINGLE_WRITER;
1174
1175 goto out;
1176
2d21ac55
A		 1177 case F_GLOBAL_NOCACHE:
1178 if (fp->f_type != DTYPE_VNODE) {
1179 error = EBADF;
1180 goto out;
1181 }
9bccf70c 1182 vp = (struct vnode *)fp->f_data;
91447636 1183 proc_fdunlock(p);
9bccf70c 1184
91447636 1185 if ( (error = vnode_getwithref(vp)) == 0 ) {
2d21ac55
A		 1186
1187 *retval = vnode_isnocache(vp);
1188
1189 if (uap->arg)
91447636
A		 1190 vnode_setnocache(vp);
1191 else
1192 vnode_clearnocache(vp);
1c79356b 1193
91447636
A		 1194 (void)vnode_put(vp);
1195 }
1196 goto outdrop;
1c79356b 1197
2d21ac55
A		 1198 case F_CHECK_OPENEVT:
1199 if (fp->f_type != DTYPE_VNODE) {
1200 error = EBADF;
3a60a9f5
A		 1201 goto out;
1202 }
1203 vp = (struct vnode *)fp->f_data;
1204 proc_fdunlock(p);
1205
1206 if ( (error = vnode_getwithref(vp)) == 0 ) {
1207
2d21ac55 1208 *retval = vnode_is_openevt(vp);
3a60a9f5 1209
2d21ac55
A		 1210 if (uap->arg)
1211 vnode_set_openevt(vp);
3a60a9f5 1212 else
2d21ac55 1213 vnode_clear_openevt(vp);
3a60a9f5
A		 1214
1215 (void)vnode_put(vp);
1216 }
1217 goto outdrop;
1218
91447636
A		 1219 case F_RDADVISE: {
1220 struct radvisory ra_struct;
9bccf70c 1221
91447636
A		 1222 if (fp->f_type != DTYPE_VNODE) {
1223 error = EBADF;
1224 goto out;
1225 }
55e303ae 1226 vp = (struct vnode *)fp->f_data;
91447636 1227 proc_fdunlock(p);
55e303ae 1228
2d21ac55 1229 if ( (error = copyin(argp, (caddr_t)&ra_struct, sizeof(ra_struct))) )
91447636
A		 1230 goto outdrop;
1231 if ( (error = vnode_getwithref(vp)) == 0 ) {
1232 error = VNOP_IOCTL(vp, F_RDADVISE, (caddr_t)&ra_struct, 0, &context);
1233
1234 (void)vnode_put(vp);
1235 }
1236 goto outdrop;
1237 }
55e303ae 1238
6d2010ae
A		 1239 case F_FLUSH_DATA:
1240
1241 if (fp->f_type != DTYPE_VNODE) {
1242 error = EBADF;
1243 goto out;
1244 }
1245 vp = (struct vnode *)fp->f_data;
1246 proc_fdunlock(p);
1247
1248 if ( (error = vnode_getwithref(vp)) == 0 ) {
1249 error = cluster_push(vp, 0);
1250
1251 (void)vnode_put(vp);
1252 }
1253 goto outdrop;
1254
6d2010ae
A		 1255 case F_LOG2PHYS:
1256 case F_LOG2PHYS_EXT: {
91447636 1257 struct log2phys l2p_struct; /* structure for allocate command */
6d2010ae 1258 int devBlockSize;
9bccf70c 1259
6d2010ae
A		 1260 off_t file_offset = 0;
1261 size_t a_size = 0;
1262 size_t run = 0;
1263
1264 if (uap->cmd == F_LOG2PHYS_EXT) {
1265 error = copyin(argp, (caddr_t)&l2p_struct, sizeof(l2p_struct));
1266 if (error)
1267 goto out;
1268 file_offset = l2p_struct.l2p_devoffset;
1269 } else {
1270 file_offset = fp->f_offset;
1271 }
91447636
A		 1272 if (fp->f_type != DTYPE_VNODE) {
1273 error = EBADF;
1274 goto out;
1275 }
1c79356b 1276 vp = (struct vnode *)fp->f_data;
91447636
A		 1277 proc_fdunlock(p);
1278 if ( (error = vnode_getwithref(vp)) ) {
1279 goto outdrop;
1280 }
6d2010ae 1281 error = VNOP_OFFTOBLK(vp, file_offset, &lbn);
91447636
A		 1282 if (error) {
1283 (void)vnode_put(vp);
1284 goto outdrop;
1285 }
1286 error = VNOP_BLKTOOFF(vp, lbn, &offset);
1287 if (error) {
1288 (void)vnode_put(vp);
1289 goto outdrop;
1290 }
1291 devBlockSize = vfs_devblocksize(vnode_mount(vp));
6d2010ae
A		 1292 if (uap->cmd == F_LOG2PHYS_EXT) {
1293 a_size = l2p_struct.l2p_contigbytes;
1294 } else {
1295 a_size = devBlockSize;
1296 }
1297
1298 error = VNOP_BLOCKMAP(vp, offset, a_size, &bn, &run, NULL, 0, &context);
91447636
A		 1299
1300 (void)vnode_put(vp);
ccc36f2f 1301
1c79356b
A		 1302 if (!error) {
1303 l2p_struct.l2p_flags = 0; /* for now */
6d2010ae
A		 1304 if (uap->cmd == F_LOG2PHYS_EXT) {
1305 l2p_struct.l2p_contigbytes = run - (file_offset - offset);
1306 } else {
1307 l2p_struct.l2p_contigbytes = 0; /* for now */
1308 }
1c79356b 1309 l2p_struct.l2p_devoffset = bn * devBlockSize;
6d2010ae 1310 l2p_struct.l2p_devoffset += file_offset - offset;
2d21ac55 1311 error = copyout((caddr_t)&l2p_struct, argp, sizeof(l2p_struct));
91447636
A		 1312 }
1313 goto outdrop;
1c79356b 1314 }
55e303ae 1315 case F_GETPATH: {
91447636
A		 1316 char *pathbufp;
1317 int pathlen;
55e303ae 1318
91447636
A		 1319 if (fp->f_type != DTYPE_VNODE) {
1320 error = EBADF;
1321 goto out;
1322 }
55e303ae 1323 vp = (struct vnode *)fp->f_data;
91447636 1324 proc_fdunlock(p);
55e303ae 1325
91447636
A		 1326 pathlen = MAXPATHLEN;
1327 MALLOC(pathbufp, char *, pathlen, M_TEMP, M_WAITOK);
1328 if (pathbufp == NULL) {
1329 error = ENOMEM;
1330 goto outdrop;
1331 }
1332 if ( (error = vnode_getwithref(vp)) == 0 ) {
1333 error = vn_getpath(vp, pathbufp, &pathlen);
1334 (void)vnode_put(vp);
4a249263 1335
91447636
A		 1336 if (error == 0)
1337 error = copyout((caddr_t)pathbufp, argp, pathlen);
1338 }
1339 FREE(pathbufp, M_TEMP);
1340 goto outdrop;
55e303ae
A		 1341 }
1342
91447636
A		 1343 case F_PATHPKG_CHECK: {
1344 char *pathbufp;
1345 size_t pathlen;
1346
1347 if (fp->f_type != DTYPE_VNODE) {
1348 error = EBADF;
1349 goto out;
1350 }
55e303ae 1351 vp = (struct vnode *)fp->f_data;
91447636 1352 proc_fdunlock(p);
55e303ae 1353
91447636
A		 1354 pathlen = MAXPATHLEN;
1355 pathbufp = kalloc(MAXPATHLEN);
1356
1357 if ( (error = copyinstr(argp, pathbufp, MAXPATHLEN, &pathlen)) == 0 ) {
1358 if ( (error = vnode_getwithref(vp)) == 0 ) {
b0d623f7 1359 AUDIT_ARG(text, pathbufp);
91447636
A		 1360 error = vn_path_package_check(vp, pathbufp, pathlen, retval);
1361
1362 (void)vnode_put(vp);
1363 }
1364 }
1365 kfree(pathbufp, MAXPATHLEN);
1366 goto outdrop;
1367 }
1368
1369 case F_CHKCLEAN: // used by regression tests to see if all dirty pages got cleaned by fsync()
1370 case F_FULLFSYNC: // fsync + flush the journal + DKIOCSYNCHRONIZECACHE
1371 case F_FREEZE_FS: // freeze all other fs operations for the fs of this fd
1372 case F_THAW_FS: { // thaw all frozen fs operations for the fs of this fd
1373 if (fp->f_type != DTYPE_VNODE) {
1374 error = EBADF;
1375 goto out;
1376 }
1377 vp = (struct vnode *)fp->f_data;
1378 proc_fdunlock(p);
ccc36f2f 1379
91447636
A		 1380 if ( (error = vnode_getwithref(vp)) == 0 ) {
1381 error = VNOP_IOCTL(vp, uap->cmd, (caddr_t)NULL, 0, &context);
1382
1383 (void)vnode_put(vp);
1384 }
ccc36f2f 1385 break;
55e303ae 1386 }
2d21ac55
A		 1387
1388 /*
1389 * SPI (private) for opening a file starting from a dir fd
1390 */
1391 case F_OPENFROM: {
1392 struct user_fopenfrom fopen;
1393 struct vnode_attr va;
1394 struct nameidata nd;
1395 int cmode;
1396
1397 /* Check if this isn't a valid file descriptor */
1398 if ((fp->f_type != DTYPE_VNODE) ||
1399 (fp->f_flag & FREAD) == 0) {
1400 error = EBADF;
91447636
A		 1401 goto out;
1402 }
2d21ac55
A		 1403 vp = (struct vnode *)fp->f_data;
1404 proc_fdunlock(p);
91447636 1405
2d21ac55
A		 1406 if (vnode_getwithref(vp)) {
1407 error = ENOENT;
1408 goto outdrop;
1409 }
1410
1411 /* Only valid for directories */
1412 if (vp->v_type != VDIR) {
1413 vnode_put(vp);
1414 error = ENOTDIR;
1415 goto outdrop;
1416 }
91447636 1417
2d21ac55
A		 1418 /* Get flags, mode and pathname arguments. */
1419 if (IS_64BIT_PROCESS(p)) {
1420 error = copyin(argp, &fopen, sizeof(fopen));
1421 } else {
b0d623f7 1422 struct user32_fopenfrom fopen32;
2d21ac55
A		 1423
1424 error = copyin(argp, &fopen32, sizeof(fopen32));
1425 fopen.o_flags = fopen32.o_flags;
1426 fopen.o_mode = fopen32.o_mode;
1427 fopen.o_pathname = CAST_USER_ADDR_T(fopen32.o_pathname);
1428 }
1429 if (error) {
1430 vnode_put(vp);
1431 goto outdrop;
1432 }
b0d623f7
A		 1433 AUDIT_ARG(fflags, fopen.o_flags);
1434 AUDIT_ARG(mode, fopen.o_mode);
2d21ac55
A		 1435 VATTR_INIT(&va);
1436 /* Mask off all but regular access permissions */
1437 cmode = ((fopen.o_mode &~ fdp->fd_cmask) & ALLPERMS) & ~S_ISTXT;
1438 VATTR_SET(&va, va_mode, cmode & ACCESSPERMS);
1439
1440 /* Start the lookup relative to the file descriptor's vnode. */
6d2010ae 1441 NDINIT(&nd, LOOKUP, OP_OPEN, USEDVP | FOLLOW | AUDITVNPATH1, UIO_USERSPACE,
2d21ac55
A		 1442 fopen.o_pathname, &context);
1443 nd.ni_dvp = vp;
1444
1445 error = open1(&context, &nd, fopen.o_flags, &va, retval);
1446
1447 vnode_put(vp);
1448 break;
1449 }
1450 /*
1451 * SPI (private) for unlinking a file starting from a dir fd
1452 */
1453 case F_UNLINKFROM: {
1454 struct nameidata nd;
1455 user_addr_t pathname;
1456
1457 /* Check if this isn't a valid file descriptor */
1458 if ((fp->f_type != DTYPE_VNODE) ||
1459 (fp->f_flag & FREAD) == 0) {
91447636
A		 1460 error = EBADF;
1461 goto out;
1462 }
1463 vp = (struct vnode *)fp->f_data;
1464 proc_fdunlock(p);
1465
2d21ac55
A		 1466 if (vnode_getwithref(vp)) {
1467 error = ENOENT;
1468 goto outdrop;
1469 }
1470
1471 /* Only valid for directories */
1472 if (vp->v_type != VDIR) {
1473 vnode_put(vp);
1474 error = ENOTDIR;
1475 goto outdrop;
1476 }
91447636 1477
2d21ac55
A		 1478 /* Get flags, mode and pathname arguments. */
1479 if (IS_64BIT_PROCESS(p)) {
1480 pathname = (user_addr_t)argp;
1481 } else {
1482 pathname = CAST_USER_ADDR_T(argp);
91447636 1483 }
ccc36f2f 1484
2d21ac55 1485 /* Start the lookup relative to the file descriptor's vnode. */
6d2010ae
A		 1486 NDINIT(&nd, DELETE, OP_UNLINK, USEDVP | AUDITVNPATH1, UIO_USERSPACE,
1487 pathname, &context);
2d21ac55 1488 nd.ni_dvp = vp;
1c79356b 1489
2d21ac55
A		 1490 error = unlink1(&context, &nd, 0);
1491
1492 vnode_put(vp);
1493 break;
1c79356b 1494
1c79356b 1495 }
2d21ac55 1496
b0d623f7
A		 1497 case F_ADDSIGS:
1498 case F_ADDFILESIGS:
1499 {
2d21ac55
A		 1500 struct user_fsignatures fs;
1501 kern_return_t kr;
b0d623f7 1502 vm_offset_t kernel_blob_addr;
2d21ac55
A		 1503 vm_size_t kernel_blob_size;
1504
1505 if (fp->f_type != DTYPE_VNODE) {
1506 error = EBADF;
1507 goto out;
1508 }
1509 vp = (struct vnode *)fp->f_data;
1510 proc_fdunlock(p);
1511 error = vnode_getwithref(vp);
1512 if (error)
1513 goto outdrop;
1514
1515 if (IS_64BIT_PROCESS(p)) {
1516 error = copyin(argp, &fs, sizeof (fs));
1517 } else {
b0d623f7 1518 struct user32_fsignatures fs32;
2d21ac55
A		 1519
1520 error = copyin(argp, &fs32, sizeof (fs32));
1521 fs.fs_file_start = fs32.fs_file_start;
1522 fs.fs_blob_start = CAST_USER_ADDR_T(fs32.fs_blob_start);
1523 fs.fs_blob_size = fs32.fs_blob_size;
1524 }
1525
1526 if (error) {
1527 vnode_put(vp);
1528 goto outdrop;
1529 }
1530
593a1d5f
A		 1531 if(ubc_cs_blob_get(vp, CPU_TYPE_ANY, fs.fs_file_start))
1532 {
b0d623f7 1533 /*
593a1d5f
A		 1534 if(cs_debug)
1535 printf("CODE SIGNING: resident blob offered for: %s\n", vp->v_name);
b0d623f7 1536 */
593a1d5f
A		 1537 vnode_put(vp);
1538 goto outdrop;
1539 }
1540
316670eb 1541#define CS_MAX_BLOB_SIZE (1280ULL * 1024) /* max shared cache file XXX ? */
2d21ac55
A		 1542 if (fs.fs_blob_size > CS_MAX_BLOB_SIZE) {
1543 error = E2BIG;
1544 vnode_put(vp);
1545 goto outdrop;
1546 }
1547
1548 kernel_blob_size = CAST_DOWN(vm_size_t, fs.fs_blob_size);
593a1d5f 1549 kr = ubc_cs_blob_allocate(&kernel_blob_addr, &kernel_blob_size);
2d21ac55
A		 1550 if (kr != KERN_SUCCESS) {
1551 error = ENOMEM;
1552 vnode_put(vp);
1553 goto outdrop;
1554 }
1555
b0d623f7
A		 1556 if(uap->cmd == F_ADDSIGS) {
1557 error = copyin(fs.fs_blob_start,
1558 (void *) kernel_blob_addr,
1559 kernel_blob_size);
1560 } else /* F_ADDFILESIGS */ {
1561 error = vn_rdwr(UIO_READ,
1562 vp,
1563 (caddr_t) kernel_blob_addr,
1564 kernel_blob_size,
1565 fs.fs_file_start + fs.fs_blob_start,
1566 UIO_SYSSPACE,
1567 0,
1568 kauth_cred_get(),
1569 0,
1570 p);
1571 }
1572
2d21ac55 1573 if (error) {
593a1d5f
A		 1574 ubc_cs_blob_deallocate(kernel_blob_addr,
1575 kernel_blob_size);
2d21ac55
A		 1576 vnode_put(vp);
1577 goto outdrop;
1578 }
1579
1580 error = ubc_cs_blob_add(
1581 vp,
1582 CPU_TYPE_ANY, /* not for a specific architecture */
1583 fs.fs_file_start,
1584 kernel_blob_addr,
1585 kernel_blob_size);
1586 if (error) {
593a1d5f
A		 1587 ubc_cs_blob_deallocate(kernel_blob_addr,
1588 kernel_blob_size);
2d21ac55 1589 } else {
593a1d5f 1590 /* ubc_blob_add() has consumed "kernel_blob_addr" */
6d2010ae
A		 1591#if CHECK_CS_VALIDATION_BITMAP
1592 ubc_cs_validation_bitmap_allocate( vp );
1593#endif
2d21ac55
A		 1594 }
1595
1596 (void) vnode_put(vp);
1597 break;
1598 }
1599
1600 case F_MARKDEPENDENCY: {
2d21ac55
A		 1601 struct vnode_attr va;
1602 vfs_context_t ctx = vfs_context_current();
1603 kauth_cred_t cred;
1604
1605 if ((current_proc()->p_flag & P_DEPENDENCY_CAPABLE) == 0) {
1606 error = EPERM;
1607 goto out;
1608 }
1609
1610 if (fp->f_type != DTYPE_VNODE) {
1611 error = EBADF;
1612 goto out;
1613 }
1614
1615 vp = (struct vnode *)fp->f_data;
1616 proc_fdunlock(p);
1617
1618 if (vnode_getwithref(vp)) {
1619 error = ENOENT;
1620 goto outdrop;
1621 }
1622
6d2010ae 1623 if (!vnode_isvroot(vp)) {
2d21ac55
A		 1624 error = EINVAL;
1625 vnode_put(vp);
1626 goto outdrop;
1627 }
2d21ac55
A		 1628
1629 // get the owner of the root dir
1630 VATTR_INIT(&va);
1631 VATTR_WANTED(&va, va_uid);
1632 if (vnode_getattr(vp, &va, ctx) != 0) {
1633 error = EINVAL;
1634 vnode_put(vp);
1635 goto outdrop;
1636 }
1637
1638 // and last, check that the caller is the super user or
1639 // the owner of the mount point
1640 cred = vfs_context_ucred(ctx);
1641 if (!is_suser() && va.va_uid != kauth_cred_getuid(cred)) {
1642 error = EACCES;
1643 vnode_put(vp);
1644 goto outdrop;
1645 }
1646
1647 // if all those checks pass then we can mark the dependency
1648 vfs_markdependency(vp->v_mount);
1649 error = 0;
6d2010ae
A		 1650
1651 vnode_put(vp);
1652
1653 break;
1654 }
1655
316670eb 1656#if CONFIG_PROTECT
6d2010ae
A		 1657 case F_GETPROTECTIONCLASS: {
1658 int class = 0;
1659
1660 if (fp->f_type != DTYPE_VNODE) {
1661 error = EBADF;
1662 goto out;
1663 }
1664 vp = (struct vnode *)fp->f_data;
1665
1666 proc_fdunlock(p);
1667
1668 if (vnode_getwithref(vp)) {
1669 error = ENOENT;
1670 goto outdrop;
1671 }
1672
1673 error = cp_vnode_getclass (vp, &class);
1674 if (error == 0) {
1675 *retval = class;
1676 }
2d21ac55
A		 1677
1678 vnode_put(vp);
6d2010ae
A		 1679 break;
1680 }
1681
1682 case F_SETPROTECTIONCLASS: {
1683 /* tmp must be a valid PROTECTION_CLASS_* */
1684 tmp = CAST_DOWN_EXPLICIT(uint32_t, uap->arg);
1685
1686 if (fp->f_type != DTYPE_VNODE) {
1687 error = EBADF;
1688 goto out;
1689 }
1690 vp = (struct vnode *)fp->f_data;
1691
1692 proc_fdunlock(p);
1693
1694 if (vnode_getwithref(vp)) {
1695 error = ENOENT;
1696 goto outdrop;
1697 }
2d21ac55 1698
6d2010ae
A		 1699 /* Only go forward if you have write access */
1700 vfs_context_t ctx = vfs_context_current();
1701 if(vnode_authorize(vp, NULLVP, (KAUTH_VNODE_ACCESS | KAUTH_VNODE_WRITE_DATA), ctx) != 0) {
1702 vnode_put(vp);
1703 error = EBADF;
1704 goto outdrop;
1705 }
1706 error = cp_vnode_setclass (vp, tmp);
1707 vnode_put(vp);
1708 break;
1709 }
316670eb
A		 1710
1711 case F_TRANSCODEKEY: {
1712
1713 if (fp->f_type != DTYPE_VNODE) {
1714 error = EBADF;
1715 goto out;
1716 }
1717
1718 vp = (struct vnode *)fp->f_data;
1719 proc_fdunlock(p);
1720
1721 if (vnode_getwithref(vp)) {
1722 error = ENOENT;
1723 goto outdrop;
1724 }
1725
1726 error = cp_vnode_transcode (vp);
1727 vnode_put(vp);
1728 break;
1729 }
1730
1731 case F_GETPROTECTIONLEVEL: {
1732 uint32_t cp_version = 0;
1733
1734 if (fp->f_type != DTYPE_VNODE) {
1735 error = EBADF;
1736 goto out;
1737 }
1738
1739 vp = (struct vnode*) fp->f_data;
1740 proc_fdunlock (p);
1741
1742 if (vnode_getwithref(vp)) {
1743 error = ENOENT;
1744 goto outdrop;
1745 }
1746
1747 /*
1748 * if cp_get_major_vers fails, error will be set to proper errno
1749 * and cp_version will still be 0.
1750 */
1751
1752 error = cp_get_root_major_vers (vp, &cp_version);
1753 *retval = cp_version;
1754
1755 vnode_put (vp);
1756 break;
1757 }
1758
6d2010ae 1759#endif /* CONFIG_PROTECT */
316670eb 1760
6d2010ae
A		 1761 case F_MOVEDATAEXTENTS: {
1762 struct fileproc *fp2 = NULL;
1763 struct vnode *src_vp = NULLVP;
1764 struct vnode *dst_vp = NULLVP;
1765 /* We need to grab the 2nd FD out of the argments before moving on. */
1766 int fd2 = CAST_DOWN_EXPLICIT(int32_t, uap->arg);
316670eb 1767
6d2010ae
A		 1768 if (fp->f_type != DTYPE_VNODE) {
1769 error = EBADF;
1770 goto out;
1771 }
6d2010ae
A		 1772
1773 /* For now, special case HFS+ only, since this is SPI. */
316670eb 1774 src_vp = (struct vnode *)fp->f_data;
6d2010ae
A		 1775 if (src_vp->v_tag != VT_HFS) {
1776 error = EINVAL;
1777 goto out;
1778 }
1779
316670eb
A		 1780 /*
1781 * Get the references before we start acquiring iocounts on the vnodes,
1782 * while we still hold the proc fd lock
1783 */
6d2010ae
A		 1784 if ( (error = fp_lookup(p, fd2, &fp2, 1)) ) {
1785 error = EBADF;
1786 goto out;
1787 }
1788 if (fp2->f_type != DTYPE_VNODE) {
1789 fp_drop(p, fd2, fp2, 1);
1790 error = EBADF;
1791 goto out;
1792 }
1793 dst_vp = (struct vnode *)fp2->f_data;
6d2010ae
A		 1794 if (dst_vp->v_tag != VT_HFS) {
1795 fp_drop(p, fd2, fp2, 1);
1796 error = EINVAL;
1797 goto out;
1798 }
1799
1800#if CONFIG_MACF
1801 /* Re-do MAC checks against the new FD, pass in a fake argument */
1802 error = mac_file_check_fcntl(proc_ucred(p), fp2->f_fglob, uap->cmd, 0);
1803 if (error) {
1804 fp_drop(p, fd2, fp2, 1);
1805 goto out;
1806 }
1807#endif
1808 /* Audit the 2nd FD */
1809 AUDIT_ARG(fd, fd2);
1810
1811 proc_fdunlock(p);
1812
6d2010ae
A		 1813 if (vnode_getwithref(src_vp)) {
1814 fp_drop(p, fd2, fp2, 0);
1815 error = ENOENT;
1816 goto outdrop;
1817 }
1818 if (vnode_getwithref(dst_vp)) {
1819 vnode_put (src_vp);
1820 fp_drop(p, fd2, fp2, 0);
1821 error = ENOENT;
1822 goto outdrop;
1823 }
316670eb 1824
6d2010ae
A		 1825 /*
1826 * Basic asserts; validate they are not the same and that
1827 * both live on the same filesystem.
1828 */
6d2010ae
A		 1829 if (dst_vp == src_vp) {
1830 vnode_put (src_vp);
1831 vnode_put (dst_vp);
1832 fp_drop (p, fd2, fp2, 0);
1833 error = EINVAL;
1834 goto outdrop;
1835 }
316670eb 1836
6d2010ae
A		 1837 if (dst_vp->v_mount != src_vp->v_mount) {
1838 vnode_put (src_vp);
1839 vnode_put (dst_vp);
1840 fp_drop (p, fd2, fp2, 0);
1841 error = EXDEV;
1842 goto outdrop;
1843 }
1844
316670eb
A		 1845 /* Now we have a legit pair of FDs. Go to work */
1846
6d2010ae
A		 1847 /* Now check for write access to the target files */
1848 if(vnode_authorize(src_vp, NULLVP,
316670eb 1849 (KAUTH_VNODE_ACCESS | KAUTH_VNODE_WRITE_DATA), &context) != 0) {
6d2010ae
A		 1850 vnode_put(src_vp);
1851 vnode_put(dst_vp);
1852 fp_drop(p, fd2, fp2, 0);
1853 error = EBADF;
1854 goto outdrop;
1855 }
316670eb 1856
6d2010ae 1857 if(vnode_authorize(dst_vp, NULLVP,
316670eb 1858 (KAUTH_VNODE_ACCESS | KAUTH_VNODE_WRITE_DATA), &context) != 0) {
6d2010ae
A		 1859 vnode_put(src_vp);
1860 vnode_put(dst_vp);
1861 fp_drop(p, fd2, fp2, 0);
1862 error = EBADF;
1863 goto outdrop;
1864 }
316670eb 1865
6d2010ae 1866 /* Verify that both vps point to files and not directories */
316670eb 1867 if ( !vnode_isreg(src_vp) || !vnode_isreg(dst_vp)) {
6d2010ae 1868 error = EINVAL;
316670eb
A		 1869 vnode_put (src_vp);
1870 vnode_put (dst_vp);
1871 fp_drop (p, fd2, fp2, 0);
6d2010ae
A		 1872 goto outdrop;
1873 }
1874
1875 /*
1876 * The exchangedata syscall handler passes in 0 for the flags to VNOP_EXCHANGE.
1877 * We'll pass in our special bit indicating that the new behavior is expected
1878 */
316670eb 1879
6d2010ae 1880 error = VNOP_EXCHANGE(src_vp, dst_vp, FSOPT_EXCHANGE_DATA_ONLY, &context);
316670eb 1881
6d2010ae
A		 1882 vnode_put (src_vp);
1883 vnode_put (dst_vp);
1884 fp_drop(p, fd2, fp2, 0);
2d21ac55
A		 1885 break;
1886 }
316670eb
A		 1887
1888
1889 /*
1890 * SPI (private) for indicating to a filesystem that subsequent writes to
1891 * the open FD will represent static content.
1892 */
1893 case F_SETSTATICCONTENT: {
1894 caddr_t ioctl_arg = NULL;
2d21ac55 1895
316670eb
A		 1896 if (uap->arg) {
1897 ioctl_arg = (caddr_t) 1;
1898 }
1899
1900 if (fp->f_type != DTYPE_VNODE) {
1901 error = EBADF;
1902 goto out;
1903 }
1904 vp = (struct vnode *)fp->f_data;
1905 proc_fdunlock(p);
1906
1907 error = vnode_getwithref(vp);
1908 if (error) {
1909 error = ENOENT;
1910 goto outdrop;
1911 }
1912
1913 /* Only go forward if you have write access */
1914 vfs_context_t ctx = vfs_context_current();
1915 if(vnode_authorize(vp, NULLVP, (KAUTH_VNODE_ACCESS | KAUTH_VNODE_WRITE_DATA), ctx) != 0) {
1916 vnode_put(vp);
1917 error = EBADF;
1918 goto outdrop;
1919 }
1920
1921 error = VNOP_IOCTL(vp, uap->cmd, ioctl_arg, 0, &context);
1922 (void)vnode_put(vp);
1923
1924 break;
1925 }
1926
6d2010ae
A		 1927 /*
1928 * Set the vnode pointed to by 'fd'
1929 * and tag it as the (potentially future) backing store
1930 * for another filesystem
1931 */
1932 case F_SETBACKINGSTORE: {
1933 if (fp->f_type != DTYPE_VNODE) {
1934 error = EBADF;
1935 goto out;
1936 }
6d2010ae 1937
316670eb
A		 1938 vp = (struct vnode *)fp->f_data;
1939
6d2010ae
A		 1940 if (vp->v_tag != VT_HFS) {
1941 error = EINVAL;
1942 goto out;
6d2010ae
A		 1943 }
1944 proc_fdunlock(p);
1945
1946 if (vnode_getwithref(vp)) {
1947 error = ENOENT;
1948 goto outdrop;
1949 }
1950
1951 /* only proceed if you have write access */
1952 vfs_context_t ctx = vfs_context_current();
1953 if(vnode_authorize(vp, NULLVP, (KAUTH_VNODE_ACCESS | KAUTH_VNODE_WRITE_DATA), ctx) != 0) {
1954 vnode_put(vp);
1955 error = EBADF;
1956 goto outdrop;
1957 }
1958
1959
1960 /* If arg != 0, set, otherwise unset */
1961 if (uap->arg) {
316670eb 1962 error = VNOP_IOCTL (vp, uap->cmd, (caddr_t)1, 0, &context);
6d2010ae
A		 1963 }
1964 else {
316670eb 1965 error = VNOP_IOCTL (vp, uap->cmd, (caddr_t)NULL, 0, &context);
6d2010ae 1966 }
316670eb 1967
6d2010ae
A		 1968 vnode_put(vp);
1969 break;
d1ecb069
A		 1970 }
1971
6d2010ae
A		 1972 /*
1973 * like F_GETPATH, but special semantics for
1974 * the mobile time machine handler.
1975 */
1976 case F_GETPATH_MTMINFO: {
1977 char *pathbufp;
1978 int pathlen;
1979
1980 if (fp->f_type != DTYPE_VNODE) {
1981 error = EBADF;
1982 goto out;
1983 }
1984 vp = (struct vnode *)fp->f_data;
1985 proc_fdunlock(p);
1986
1987 pathlen = MAXPATHLEN;
1988 MALLOC(pathbufp, char *, pathlen, M_TEMP, M_WAITOK);
1989 if (pathbufp == NULL) {
1990 error = ENOMEM;
1991 goto outdrop;
1992 }
1993 if ( (error = vnode_getwithref(vp)) == 0 ) {
1994 int backingstore = 0;
1995
1996 /* Check for error from vn_getpath before moving on */
1997 if ((error = vn_getpath(vp, pathbufp, &pathlen)) == 0) {
1998 if (vp->v_tag == VT_HFS) {
316670eb 1999 error = VNOP_IOCTL (vp, uap->cmd, (caddr_t) &backingstore, 0, &context);
6d2010ae
A		 2000 }
2001 (void)vnode_put(vp);
2002
2003 if (error == 0) {
2004 error = copyout((caddr_t)pathbufp, argp, pathlen);
2005 }
2006 if (error == 0) {
2007 /*
2008 * If the copyout was successful, now check to ensure
2009 * that this vnode is not a BACKINGSTORE vnode. mtmd
2010 * wants the path regardless.
2011 */
2012 if (backingstore) {
2013 error = EBUSY;
2014 }
2015 }
2016 } else
2017 (void)vnode_put(vp);
2018 }
2019 FREE(pathbufp, M_TEMP);
2020 goto outdrop;
d1ecb069
A		 2021 }
2022
2d21ac55 2023 default:
e2fac8b1
A		 2024 /*
2025 * This is an fcntl() that we d not recognize at this level;
2026 * if this is a vnode, we send it down into the VNOP_IOCTL
2027 * for this vnode; this can include special devices, and will
2028 * effectively overload fcntl() to send ioctl()'s.
2029 */
2030 if((uap->cmd & IOC_VOID) && (uap->cmd & IOC_INOUT)){
2031 error = EINVAL;
2d21ac55
A		 2032 goto out;
2033 }
e2fac8b1 2034
2d21ac55
A		 2035 if (fp->f_type != DTYPE_VNODE) {
2036 error = EBADF;
2037 goto out;
2038 }
2039 vp = (struct vnode *)fp->f_data;
2040 proc_fdunlock(p);
2041
2042 if ( (error = vnode_getwithref(vp)) == 0 ) {
e2fac8b1
A		 2043#define STK_PARAMS 128
2044 char stkbuf[STK_PARAMS];
2045 unsigned int size;
2046 caddr_t data, memp;
e2fac8b1
A		 2047 /*
2048 * For this to work properly, we have to copy in the
2049 * ioctl() cmd argument if there is one; we must also
2050 * check that a command parameter, if present, does
2051 * not exceed the maximum command length dictated by
2052 * the number of bits we have available in the command
2053 * to represent a structure length. Finally, we have
2054 * to copy the results back out, if it is that type of
2055 * ioctl().
2056 */
2057 size = IOCPARM_LEN(uap->cmd);
2058 if (size > IOCPARM_MAX) {
2059 (void)vnode_put(vp);
2060 error = EINVAL;
2061 break;
2062 }
2063
e2fac8b1
A		 2064 memp = NULL;
2065 if (size > sizeof (stkbuf)) {
2066 if ((memp = (caddr_t)kalloc(size)) == 0) {
2067 (void)vnode_put(vp);
2068 error = ENOMEM;
b0d623f7 2069 goto outdrop;
e2fac8b1
A		 2070 }
2071 data = memp;
2072 } else {
2073 data = &stkbuf[0];
2074 }
2075
b0d623f7 2076 if (uap->cmd & IOC_IN) {
e2fac8b1
A		 2077 if (size) {
2078 /* structure */
2079 error = copyin(argp, data, size);
2080 if (error) {
2081 (void)vnode_put(vp);
2082 if (memp)
2083 kfree(memp, size);
2084 goto outdrop;
2085 }
2086 } else {
2087 /* int */
2088 if (is64bit) {
2089 *(user_addr_t *)data = argp;
2090 } else {
2091 *(uint32_t *)data = (uint32_t)argp;
2092 }
2093 };
b0d623f7 2094 } else if ((uap->cmd & IOC_OUT) && size) {
e2fac8b1
A		 2095 /*
2096 * Zero the buffer so the user always
2097 * gets back something deterministic.
2098 */
2099 bzero(data, size);
b0d623f7 2100 } else if (uap->cmd & IOC_VOID) {
e2fac8b1
A		 2101 if (is64bit) {
2102 *(user_addr_t *)data = argp;
2103 } else {
2104 *(uint32_t *)data = (uint32_t)argp;
2105 }
2106 }
2107
e2fac8b1 2108 error = VNOP_IOCTL(vp, uap->cmd, CAST_DOWN(caddr_t, data), 0, &context);
2d21ac55
A		 2109
2110 (void)vnode_put(vp);
e2fac8b1
A		 2111
2112 /* Copy any output data to user */
b0d623f7 2113 if (error == 0 && (uap->cmd & IOC_OUT) && size)
e2fac8b1
A		 2114 error = copyout(data, argp, size);
2115 if (memp)
2116 kfree(memp, size);
2d21ac55
A		 2117 }
2118 break;
2d21ac55
A		 2119 }
2120
2121outdrop:
2122 AUDIT_ARG(vnpath_withref, vp, ARG_VNODE1);
2123 fp_drop(p, fd, fp, 0);
2124 return(error);
2125out:
2126 fp_drop(p, fd, fp, 1);
2127 proc_fdunlock(p);
2128 return(error);
2129}
2130
2131
2132/*
2133 * finishdup
2134 *
2135 * Description: Common code for dup, dup2, and fcntl(F_DUPFD).
2136 *
2137 * Parameters: p Process performing the dup
2138 * old The fd to dup
2139 * new The fd to dup it to
6d2010ae 2140 * fd_flags Flags to augment the new fd
2d21ac55
A		 2141 * retval Pointer to the call return area
2142 *
2143 * Returns: 0 Success
2144 * EBADF
2145 * ENOMEM
2146 *
2147 * Implicit returns:
2148 * *retval (modified) The new descriptor
2149 *
2150 * Locks: Assumes proc_fdlock for process pointing to fdp is held by
2151 * the caller
2152 *
2153 * Notes: This function may drop and reacquire this lock; it is unsafe
2154 * for a caller to assume that other state protected by the lock
6d2010ae 2155 * has not been subsequently changed out from under it.
2d21ac55
A		 2156 */
2157int
6d2010ae
A		 2158finishdup(proc_t p,
2159 struct filedesc *fdp, int old, int new, int fd_flags, int32_t *retval)
2d21ac55
A		 2160{
2161 struct fileproc *nfp;
2162 struct fileproc *ofp;
2163#if CONFIG_MACF
2164 int error;
2165#endif
2166
2167#if DIAGNOSTIC
2168 proc_fdlock_assert(p, LCK_MTX_ASSERT_OWNED);
2169#endif
2d21ac55 2170 if ((ofp = fdp->fd_ofiles[old]) == NULL ||
6d2010ae 2171 (fdp->fd_ofileflags[old] & UF_RESERVED)) {
2d21ac55
A		 2172 fdrelse(p, new);
2173 return (EBADF);
2174 }
2175 fg_ref(ofp);
2176
2177#if CONFIG_MACF
2178 error = mac_file_check_dup(proc_ucred(p), ofp->f_fglob, new);
2179 if (error) {
2180 fg_drop(ofp);
2181 fdrelse(p, new);
2182 return (error);
2183 }
2184#endif
2185
2186 proc_fdunlock(p);
91447636
A		 2187
2188 MALLOC_ZONE(nfp, struct fileproc *, sizeof(struct fileproc), M_FILEPROC, M_WAITOK);
2d21ac55 2189 /* Failure check follows proc_fdlock() due to handling requirements */
91447636
A		 2190
2191 proc_fdlock(p);
2d21ac55
A		 2192
2193 if (nfp == NULL) {
2194 fg_drop(ofp);
2195 fdrelse(p, new);
2196 return (ENOMEM);
2197 }
2198
2199 bzero(nfp, sizeof(struct fileproc));
2200
6601e61a 2201 nfp->f_flags = 0;
91447636
A		 2202 nfp->f_fglob = ofp->f_fglob;
2203 nfp->f_iocount = 0;
2204
2d21ac55
A		 2205#if DIAGNOSTIC
2206 if (fdp->fd_ofiles[new] != 0)
6d2010ae 2207 panic("finishdup: overwriting fd_ofiles with new %d", new);
2d21ac55 2208 if ((fdp->fd_ofileflags[new] & UF_RESERVED) == 0)
6d2010ae 2209 panic("finishdup: unreserved fileflags with new %d", new);
2d21ac55
A		 2210#endif
2211
1c79356b
A		 2212 if (new > fdp->fd_lastfile)
2213 fdp->fd_lastfile = new;
6d2010ae 2214 *fdflags(p, new) |= fd_flags;
6601e61a 2215 procfdtbl_releasefd(p, new, nfp);
1c79356b
A		 2216 *retval = new;
2217 return (0);
2218}
2219
91447636 2220
2d21ac55
A		 2221/*
2222 * close
2223 *
2224 * Description: The implementation of the close(2) system call
2225 *
2226 * Parameters: p Process in whose per process file table
2227 * the close is to occur
2228 * uap->fd fd to be closed
2229 * retval <unused>
2230 *
2231 * Returns: 0 Success
2232 * fp_lookup:EBADF Bad file descriptor
2233 * close_internal:EBADF
2234 * close_internal:??? Anything returnable by a per-fileops
2235 * close function
2236 */
2237int
b0d623f7 2238close(proc_t p, struct close_args *uap, int32_t *retval)
2d21ac55
A		 2239{
2240 __pthread_testcancel(1);
2241 return(close_nocancel(p, (struct close_nocancel_args *)uap, retval));
2242}
2243
2244
1c79356b 2245int
b0d623f7 2246close_nocancel(proc_t p, struct close_nocancel_args *uap, __unused int32_t *retval)
1c79356b 2247{
91447636 2248 struct fileproc *fp;
1c79356b 2249 int fd = uap->fd;
91447636 2250 int error =0;
1c79356b 2251
e5568f75 2252 AUDIT_SYSCLOSE(p, fd);
91447636
A		 2253
2254 proc_fdlock(p);
2255
2256 if ( (error = fp_lookup(p,fd,&fp, 1)) ) {
2257 proc_fdunlock(p);
2258 return(error);
2259 }
2260
2d21ac55 2261 error = close_internal_locked(p, fd, fp, 0);
91447636
A		 2262
2263 proc_fdunlock(p);
2264
2265 return(error);
2266}
2267
2268
2269/*
2d21ac55
A		 2270 * close_internal_locked
2271 *
91447636 2272 * Close a file descriptor.
2d21ac55
A		 2273 *
2274 * Parameters: p Process in whose per process file table
2275 * the close is to occur
2276 * fd fd to be closed
2277 * fp fileproc associated with the fd
2278 *
2279 * Returns: 0 Success
2280 * EBADF fd already in close wait state
2281 * closef_locked:??? Anything returnable by a per-fileops
2282 * close function
2283 *
2284 * Locks: Assumes proc_fdlock for process is held by the caller and returns
2285 * with lock held
2286 *
2287 * Notes: This function may drop and reacquire this lock; it is unsafe
2288 * for a caller to assume that other state protected by the lock
2289 * has not been subsequently changes out from under it, if the
2290 * caller made the call with the lock held.
91447636 2291 */
2d21ac55
A		 2292static int
2293close_internal_locked(proc_t p, int fd, struct fileproc *fp, int flags)
91447636
A		 2294{
2295 struct filedesc *fdp = p->p_fd;
2296 int error =0;
2d21ac55 2297 int resvfd = flags & FD_DUP2RESV;
91447636 2298
2d21ac55
A		 2299
2300#if DIAGNOSTIC
2301 proc_fdlock_assert(p, LCK_MTX_ASSERT_OWNED);
2302#endif
55e303ae
A		 2303
2304 /* Keep people from using the filedesc while we are closing it */
6601e61a 2305 procfdtbl_markclosefd(p, fd);
2d21ac55
A		 2306
2307
6601e61a 2308 if ((fp->f_flags & FP_CLOSING) == FP_CLOSING) {
6d2010ae 2309 panic("close_internal_locked: being called on already closing fd");
6601e61a 2310 }
91447636
A		 2311
2312
2d21ac55
A		 2313#if DIAGNOSTIC
2314 if ((fdp->fd_ofileflags[fd] & UF_RESERVED) == 0)
6d2010ae 2315 panic("close_internal: unreserved fileflags with fd %d", fd);
2d21ac55 2316#endif
91447636
A		 2317
2318 fp->f_flags |= FP_CLOSING;
91447636
A		 2319
2320 if ( (fp->f_flags & FP_AIOISSUED) || kauth_authorize_fileop_has_listeners() ) {
2321
2322 proc_fdunlock(p);
2323
2324 if ( (fp->f_type == DTYPE_VNODE) && kauth_authorize_fileop_has_listeners() ) {
2325 /*
2326 * call out to allow 3rd party notification of close.
2327 * Ignore result of kauth_authorize_fileop call.
2328 */
2329 if (vnode_getwithref((vnode_t)fp->f_data) == 0) {
2330 u_int fileop_flags = 0;
2331 if ((fp->f_flags & FP_WRITTEN) != 0)
2332 fileop_flags |= KAUTH_FILEOP_CLOSE_MODIFIED;
2333 kauth_authorize_fileop(fp->f_fglob->fg_cred, KAUTH_FILEOP_CLOSE,
2334 (uintptr_t)fp->f_data, (uintptr_t)fileop_flags);
2335 vnode_put((vnode_t)fp->f_data);
2336 }
2337 }
2338 if (fp->f_flags & FP_AIOISSUED)
2339 /*
2340 * cancel all async IO requests that can be cancelled.
2341 */
2342 _aio_close( p, fd );
2343
2344 proc_fdlock(p);
2345 }
2346
2347 if (fd < fdp->fd_knlistsize)
55e303ae
A		 2348 knote_fdclose(p, fd);
2349
91447636
A		 2350 if (fp->f_flags & FP_WAITEVENT)
2351 (void)waitevent_close(p, fp);
2352
2353 if ((fp->f_flags & FP_INCHRREAD) == 0)
2354 fileproc_drain(p, fp);
2d21ac55
A		 2355
2356 if (resvfd == 0)
6601e61a 2357 _fdrelse(p, fd);
2d21ac55 2358
91447636
A		 2359 error = closef_locked(fp, fp->f_fglob, p);
2360 if ((fp->f_flags & FP_WAITCLOSE) == FP_WAITCLOSE)
2361 wakeup(&fp->f_flags);
2362 fp->f_flags &= ~(FP_WAITCLOSE | FP_CLOSING);
2363
2d21ac55
A		 2364 proc_fdunlock(p);
2365
2366 FREE_ZONE(fp, sizeof(*fp), M_FILEPROC);
2367
2368 proc_fdlock(p);
2369
2370#if DIAGNOSTIC
2371 if (resvfd != 0) {
2372 if ((fdp->fd_ofileflags[fd] & UF_RESERVED) == 0)
6d2010ae 2373 panic("close with reserved fd returns with freed fd:%d: proc: %p", fd, p);
2d21ac55
A		 2374 }
2375#endif
91447636 2376
91447636 2377 return(error);
1c79356b
A		 2378}
2379
2d21ac55 2380
1c79356b 2381/*
2d21ac55
A		 2382 * fstat1
2383 *
2384 * Description: Return status information about a file descriptor.
2385 *
2386 * Parameters: p The process doing the fstat
2387 * fd The fd to stat
2388 * ub The user stat buffer
2389 * xsecurity The user extended security
2390 * buffer, or 0 if none
2391 * xsecurity_size The size of xsecurity, or 0
2392 * if no xsecurity
2393 * isstat64 Flag to indicate 64 bit version
2394 * for inode size, etc.
2395 *
2396 * Returns: 0 Success
2397 * EBADF
2398 * EFAULT
2399 * fp_lookup:EBADF Bad file descriptor
2400 * vnode_getwithref:???
2401 * copyout:EFAULT
2402 * vnode_getwithref:???
2403 * vn_stat:???
2404 * soo_stat:???
2405 * pipe_stat:???
2406 * pshm_stat:???
2407 * kqueue_stat:???
2408 *
2409 * Notes: Internal implementation for all other fstat() related
2410 * functions
91447636 2411 *
2d21ac55
A		 2412 * XXX switch on node type is bogus; need a stat in struct
2413 * XXX fileops instead.
1c79356b 2414 */
91447636 2415static int
2d21ac55 2416fstat1(proc_t p, int fd, user_addr_t ub, user_addr_t xsecurity, user_addr_t xsecurity_size, int isstat64)
1c79356b 2417{
91447636 2418 struct fileproc *fp;
b0d623f7
A		 2419 union {
2420 struct stat sb;
2421 struct stat64 sb64;
2422 } source;
2423 union {
2424 struct user64_stat user64_sb;
2425 struct user32_stat user32_sb;
2426 struct user64_stat64 user64_sb64;
2427 struct user32_stat64 user32_sb64;
2428 } dest;
91447636
A		 2429 int error, my_size;
2430 int funnel_state;
8f6c56a5 2431 file_type_t type;
91447636
A		 2432 caddr_t data;
2433 kauth_filesec_t fsec;
2d21ac55
A		 2434 user_size_t xsecurity_bufsize;
2435 vfs_context_t ctx = vfs_context_current();
2436 void * sbptr;
1c79356b 2437
91447636
A		 2438
2439 AUDIT_ARG(fd, fd);
2440
2d21ac55 2441 if ((error = fp_lookup(p, fd, &fp, 0)) != 0) {
91447636 2442 return(error);
2d21ac55 2443 }
91447636
A		 2444 type = fp->f_type;
2445 data = fp->f_data;
2446 fsec = KAUTH_FILESEC_NONE;
2447
b0d623f7 2448 sbptr = (void *)&source;
2d21ac55 2449
91447636 2450 switch (type) {
1c79356b
A		 2451
2452 case DTYPE_VNODE:
91447636
A		 2453 if ((error = vnode_getwithref((vnode_t)data)) == 0) {
2454 /*
2d21ac55
A		 2455 * If the caller has the file open, and is not
2456 * requesting extended security information, we are
2457 * going to let them get the basic stat information.
91447636
A		 2458 */
2459 if (xsecurity == USER_ADDR_NULL) {
2d21ac55 2460 error = vn_stat_noauth((vnode_t)data, sbptr, NULL, isstat64, ctx);
91447636 2461 } else {
2d21ac55 2462 error = vn_stat((vnode_t)data, sbptr, &fsec, isstat64, ctx);
91447636
A		 2463 }
2464
2465 AUDIT_ARG(vnpath, (struct vnode *)data, ARG_VNODE1);
2466 (void)vnode_put((vnode_t)data);
55e303ae 2467 }
1c79356b
A		 2468 break;
2469
2d21ac55 2470#if SOCKETS
1c79356b 2471 case DTYPE_SOCKET:
2d21ac55 2472 error = soo_stat((struct socket *)data, sbptr, isstat64);
91447636 2473 break;
2d21ac55 2474#endif /* SOCKETS */
91447636
A		 2475
2476 case DTYPE_PIPE:
2d21ac55 2477 error = pipe_stat((void *)data, sbptr, isstat64);
1c79356b
A		 2478 break;
2479
2480 case DTYPE_PSXSHM:
2d21ac55 2481 error = pshm_stat((void *)data, sbptr, isstat64);
1c79356b 2482 break;
55e303ae
A		 2483
2484 case DTYPE_KQUEUE:
91447636 2485 funnel_state = thread_funnel_set(kernel_flock, TRUE);
2d21ac55 2486 error = kqueue_stat(fp, sbptr, isstat64, p);
91447636
A		 2487 thread_funnel_set(kernel_flock, funnel_state);
2488 break;
55e303ae 2489
1c79356b 2490 default:
91447636
A		 2491 error = EBADF;
2492 goto out;
2493 }
91447636
A		 2494 if (error == 0) {
2495 caddr_t sbp;
2d21ac55
A		 2496
2497 if (isstat64 != 0) {
b0d623f7
A		 2498 source.sb64.st_lspare = 0;
2499 source.sb64.st_qspare[0] = 0LL;
2500 source.sb64.st_qspare[1] = 0LL;
2501
2d21ac55 2502 if (IS_64BIT_PROCESS(current_proc())) {
b0d623f7
A		 2503 munge_user64_stat64(&source.sb64, &dest.user64_sb64);
2504 my_size = sizeof(dest.user64_sb64);
2505 sbp = (caddr_t)&dest.user64_sb64;
2d21ac55 2506 } else {
b0d623f7
A		 2507 munge_user32_stat64(&source.sb64, &dest.user32_sb64);
2508 my_size = sizeof(dest.user32_sb64);
2509 sbp = (caddr_t)&dest.user32_sb64;
2d21ac55
A		 2510 }
2511 } else {
b0d623f7
A		 2512 source.sb.st_lspare = 0;
2513 source.sb.st_qspare[0] = 0LL;
2514 source.sb.st_qspare[1] = 0LL;
2d21ac55 2515 if (IS_64BIT_PROCESS(current_proc())) {
b0d623f7
A		 2516 munge_user64_stat(&source.sb, &dest.user64_sb);
2517 my_size = sizeof(dest.user64_sb);
2518 sbp = (caddr_t)&dest.user64_sb;
2d21ac55 2519 } else {
b0d623f7
A		 2520 munge_user32_stat(&source.sb, &dest.user32_sb);
2521 my_size = sizeof(dest.user32_sb);
2522 sbp = (caddr_t)&dest.user32_sb;
2d21ac55 2523 }
91447636 2524 }
2d21ac55 2525
91447636 2526 error = copyout(sbp, ub, my_size);
1c79356b 2527 }
1c79356b 2528
91447636
A		 2529 /* caller wants extended security information? */
2530 if (xsecurity != USER_ADDR_NULL) {
1c79356b 2531
91447636
A		 2532 /* did we get any? */
2533 if (fsec == KAUTH_FILESEC_NONE) {
2534 if (susize(xsecurity_size, 0) != 0) {
2535 error = EFAULT;
2536 goto out;
2537 }
2538 } else {
2539 /* find the user buffer size */
2540 xsecurity_bufsize = fusize(xsecurity_size);
1c79356b 2541
91447636
A		 2542 /* copy out the actual data size */
2543 if (susize(xsecurity_size, KAUTH_FILESEC_COPYSIZE(fsec)) != 0) {
2544 error = EFAULT;
2545 goto out;
2546 }
1c79356b 2547
91447636
A		 2548 /* if the caller supplied enough room, copy out to it */
2549 if (xsecurity_bufsize >= KAUTH_FILESEC_COPYSIZE(fsec))
2550 error = copyout(fsec, xsecurity, KAUTH_FILESEC_COPYSIZE(fsec));
2551 }
1c79356b 2552 }
91447636
A		 2553out:
2554 fp_drop(p, fd, fp, 0);
2555 if (fsec != NULL)
2556 kauth_filesec_free(fsec);
1c79356b
A		 2557 return (error);
2558}
91447636 2559
2d21ac55
A		 2560
2561/*
2562 * fstat_extended
2563 *
2564 * Description: Extended version of fstat supporting returning extended
2565 * security information
2566 *
2567 * Parameters: p The process doing the fstat
2568 * uap->fd The fd to stat
2569 * uap->ub The user stat buffer
2570 * uap->xsecurity The user extended security
2571 * buffer, or 0 if none
2572 * uap->xsecurity_size The size of xsecurity, or 0
2573 *
2574 * Returns: 0 Success
2575 * !0 Errno (see fstat1)
2576 */
91447636 2577int
b0d623f7 2578fstat_extended(proc_t p, struct fstat_extended_args *uap, __unused int32_t *retval)
91447636 2579{
2d21ac55 2580 return(fstat1(p, uap->fd, uap->ub, uap->xsecurity, uap->xsecurity_size, 0));
91447636
A		 2581}
2582
2d21ac55
A		 2583
2584/*
2585 * fstat
2586 *
2587 * Description: Get file status for the file associated with fd
2588 *
2589 * Parameters: p The process doing the fstat
2590 * uap->fd The fd to stat
2591 * uap->ub The user stat buffer
2592 *
2593 * Returns: 0 Success
2594 * !0 Errno (see fstat1)
2595 */
2596int
b0d623f7 2597fstat(proc_t p, register struct fstat_args *uap, __unused int32_t *retval)
2d21ac55
A		 2598{
2599 return(fstat1(p, uap->fd, uap->ub, 0, 0, 0));
2600}
2601
2602
2603/*
2604 * fstat64_extended
2605 *
2606 * Description: Extended version of fstat64 supporting returning extended
2607 * security information
2608 *
2609 * Parameters: p The process doing the fstat
2610 * uap->fd The fd to stat
2611 * uap->ub The user stat buffer
2612 * uap->xsecurity The user extended security
2613 * buffer, or 0 if none
2614 * uap->xsecurity_size The size of xsecurity, or 0
2615 *
2616 * Returns: 0 Success
2617 * !0 Errno (see fstat1)
2618 */
2619int
b0d623f7 2620fstat64_extended(proc_t p, struct fstat64_extended_args *uap, __unused int32_t *retval)
2d21ac55
A		 2621{
2622 return(fstat1(p, uap->fd, uap->ub, uap->xsecurity, uap->xsecurity_size, 1));
2623}
2624
2625
2626/*
2627 * fstat64
2628 *
2629 * Description: Get 64 bit version of the file status for the file associated
2630 * with fd
2631 *
2632 * Parameters: p The process doing the fstat
2633 * uap->fd The fd to stat
2634 * uap->ub The user stat buffer
2635 *
2636 * Returns: 0 Success
2637 * !0 Errno (see fstat1)
2638 */
91447636 2639int
b0d623f7 2640fstat64(proc_t p, register struct fstat64_args *uap, __unused int32_t *retval)
91447636 2641{
2d21ac55 2642 return(fstat1(p, uap->fd, uap->ub, 0, 0, 1));
91447636 2643}
1c79356b 2644
2d21ac55 2645
1c79356b 2646/*
2d21ac55
A		 2647 * fpathconf
2648 *
2649 * Description: Return pathconf information about a file descriptor.
2650 *
2651 * Parameters: p Process making the request
2652 * uap->fd fd to get information about
2653 * uap->name Name of information desired
2654 * retval Pointer to the call return area
2655 *
2656 * Returns: 0 Success
2657 * EINVAL
2658 * fp_lookup:EBADF Bad file descriptor
2659 * vnode_getwithref:???
2660 * vn_pathconf:???
2661 *
2662 * Implicit returns:
2663 * *retval (modified) Returned information (numeric)
1c79356b 2664 */
91447636 2665int
b0d623f7 2666fpathconf(proc_t p, struct fpathconf_args *uap, int32_t *retval)
1c79356b
A		 2667{
2668 int fd = uap->fd;
91447636 2669 struct fileproc *fp;
1c79356b 2670 struct vnode *vp;
91447636 2671 int error = 0;
8f6c56a5 2672 file_type_t type;
91447636
A		 2673 caddr_t data;
2674
1c79356b 2675
55e303ae 2676 AUDIT_ARG(fd, uap->fd);
91447636
A		 2677 if ( (error = fp_lookup(p, fd, &fp, 0)) )
2678 return(error);
2679 type = fp->f_type;
2680 data = fp->f_data;
2681
2682 switch (type) {
1c79356b
A		 2683
2684 case DTYPE_SOCKET:
b0d623f7
A		 2685 if (uap->name != _PC_PIPE_BUF) {
2686 error = EINVAL;
91447636
A		 2687 goto out;
2688 }
1c79356b 2689 *retval = PIPE_BUF;
91447636
A		 2690 error = 0;
2691 goto out;
2692
2693 case DTYPE_PIPE:
b0d623f7
A		 2694 if (uap->name != _PC_PIPE_BUF) {
2695 error = EINVAL;
2696 goto out;
2697 }
2698 *retval = PIPE_BUF;
91447636
A		 2699 error = 0;
2700 goto out;
1c79356b
A		 2701
2702 case DTYPE_VNODE:
91447636
A		 2703 vp = (struct vnode *)data;
2704
2705 if ( (error = vnode_getwithref(vp)) == 0) {
2706 AUDIT_ARG(vnpath, vp, ARG_VNODE1);
2707
2d21ac55 2708 error = vn_pathconf(vp, uap->name, retval, vfs_context_current());
91447636
A		 2709
2710 (void)vnode_put(vp);
2711 }
2712 goto out;
55e303ae 2713
91447636 2714 case DTYPE_PSXSHM:
8f6c56a5 2715 case DTYPE_PSXSEM:
91447636 2716 case DTYPE_KQUEUE:
8f6c56a5 2717 case DTYPE_FSEVENTS:
91447636
A		 2718 error = EINVAL;
2719 goto out;
1c79356b 2720
1c79356b
A		 2721 }
2722 /*NOTREACHED*/
91447636
A		 2723out:
2724 fp_drop(p, fd, fp, 0);
2725 return(error);
1c79356b
A		 2726}
2727
2728/*
2d21ac55
A		 2729 * Statistics counter for the number of times a process calling fdalloc()
2730 * has resulted in an expansion of the per process open file table.
2731 *
2732 * XXX This would likely be of more use if it were per process
1c79356b
A		 2733 */
2734int fdexpand;
2735
2d21ac55
A		 2736
2737/*
2738 * fdalloc
2739 *
2740 * Description: Allocate a file descriptor for the process.
2741 *
2742 * Parameters: p Process to allocate the fd in
2743 * want The fd we would prefer to get
2744 * result Pointer to fd we got
2745 *
2746 * Returns: 0 Success
2747 * EMFILE
2748 * ENOMEM
2749 *
2750 * Implicit returns:
2751 * *result (modified) The fd which was allocated
2752 */
1c79356b 2753int
2d21ac55 2754fdalloc(proc_t p, int want, int *result)
1c79356b 2755{
2d21ac55
A		 2756 struct filedesc *fdp = p->p_fd;
2757 int i;
91447636
A		 2758 int lim, last, numfiles, oldnfiles;
2759 struct fileproc **newofiles, **ofiles;
6601e61a 2760 char *newofileflags;
1c79356b
A		 2761
2762 /*
2763 * Search for a free descriptor starting at the higher
2764 * of want or fd_freefile. If that fails, consider
2765 * expanding the ofile array.
2766 */
2d21ac55
A		 2767#if DIAGNOSTIC
2768 proc_fdlock_assert(p, LCK_MTX_ASSERT_OWNED);
2769#endif
2770
1c79356b
A		 2771 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfiles);
2772 for (;;) {
2773 last = min(fdp->fd_nfiles, lim);
2774 if ((i = want) < fdp->fd_freefile)
2775 i = fdp->fd_freefile;
1c79356b 2776 for (; i < last; i++) {
6601e61a
A		 2777 if (fdp->fd_ofiles[i] == NULL && !(fdp->fd_ofileflags[i] & UF_RESERVED)) {
2778 procfdtbl_reservefd(p, i);
1c79356b
A		 2779 if (i > fdp->fd_lastfile)
2780 fdp->fd_lastfile = i;
2781 if (want <= fdp->fd_freefile)
2782 fdp->fd_freefile = i;
2783 *result = i;
2784 return (0);
2785 }
1c79356b
A		 2786 }
2787
2788 /*
2789 * No space in current array. Expand?
2790 */
2791 if (fdp->fd_nfiles >= lim)
2792 return (EMFILE);
2793 if (fdp->fd_nfiles < NDEXTENT)
91447636 2794 numfiles = NDEXTENT;
1c79356b 2795 else
91447636 2796 numfiles = 2 * fdp->fd_nfiles;
1c79356b 2797 /* Enforce lim */
91447636
A		 2798 if (numfiles > lim)
2799 numfiles = lim;
2800 proc_fdunlock(p);
2801 MALLOC_ZONE(newofiles, struct fileproc **,
2802 numfiles * OFILESIZE, M_OFILETABL, M_WAITOK);
2803 proc_fdlock(p);
2804 if (newofiles == NULL) {
2805 return (ENOMEM);
2806 }
2807 if (fdp->fd_nfiles >= numfiles) {
2808 FREE_ZONE(newofiles, numfiles * OFILESIZE, M_OFILETABL);
1c79356b
A		 2809 continue;
2810 }
91447636 2811 newofileflags = (char *) &newofiles[numfiles];
1c79356b
A		 2812 /*
2813 * Copy the existing ofile and ofileflags arrays
2814 * and zero the new portion of each array.
2815 */
2816 oldnfiles = fdp->fd_nfiles;
2817 (void) memcpy(newofiles, fdp->fd_ofiles,
2d21ac55 2818 oldnfiles * sizeof(*fdp->fd_ofiles));
1c79356b 2819 (void) memset(&newofiles[oldnfiles], 0,
2d21ac55 2820 (numfiles - oldnfiles) * sizeof(*fdp->fd_ofiles));
1c79356b
A		 2821
2822 (void) memcpy(newofileflags, fdp->fd_ofileflags,
2d21ac55 2823 oldnfiles * sizeof(*fdp->fd_ofileflags));
1c79356b 2824 (void) memset(&newofileflags[oldnfiles], 0,
91447636 2825 (numfiles - oldnfiles) *
2d21ac55 2826 sizeof(*fdp->fd_ofileflags));
1c79356b
A		 2827 ofiles = fdp->fd_ofiles;
2828 fdp->fd_ofiles = newofiles;
2829 fdp->fd_ofileflags = newofileflags;
91447636 2830 fdp->fd_nfiles = numfiles;
1c79356b
A		 2831 FREE_ZONE(ofiles, oldnfiles * OFILESIZE, M_OFILETABL);
2832 fdexpand++;
2833 }
2834}
2835
2d21ac55 2836
91447636 2837/*
2d21ac55
A		 2838 * fdavail
2839 *
2840 * Description: Check to see whether n user file descriptors are available
2841 * to the process p.
2842 *
2843 * Parameters: p Process to check in
2844 * n The number of fd's desired
2845 *
2846 * Returns: 0 No
2847 * 1 Yes
2848 *
2849 * Locks: Assumes proc_fdlock for process is held by the caller
2850 *
2851 * Notes: The answer only remains valid so long as the proc_fdlock is
2852 * held by the caller.
91447636
A		 2853 */
2854int
2d21ac55 2855fdavail(proc_t p, int n)
91447636
A		 2856{
2857 struct filedesc *fdp = p->p_fd;
2858 struct fileproc **fpp;
2859 char *flags;
2860 int i, lim;
2861
2862 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfiles);
2863 if ((i = lim - fdp->fd_nfiles) > 0 && (n -= i) <= 0)
2864 return (1);
2865 fpp = &fdp->fd_ofiles[fdp->fd_freefile];
2866 flags = &fdp->fd_ofileflags[fdp->fd_freefile];
2867 for (i = fdp->fd_nfiles - fdp->fd_freefile; --i >= 0; fpp++, flags++)
2868 if (*fpp == NULL && !(*flags & UF_RESERVED) && --n <= 0)
2869 return (1);
2870 return (0);
2871}
2872
91447636 2873
2d21ac55
A		 2874/*
2875 * fdrelse
2876 *
2877 * Description: Legacy KPI wrapper function for _fdrelse
2878 *
2879 * Parameters: p Process in which fd lives
2880 * fd fd to free
2881 *
2882 * Returns: void
2883 *
2884 * Locks: Assumes proc_fdlock for process is held by the caller
2885 */
91447636 2886void
2d21ac55 2887fdrelse(proc_t p, int fd)
91447636 2888{
2d21ac55 2889 _fdrelse(p, fd);
91447636
A		 2890}
2891
2892
2d21ac55
A		 2893/*
2894 * fdgetf_noref
2895 *
2896 * Description: Get the fileproc pointer for the given fd from the per process
2897 * open file table without taking an explicit reference on it.
2898 *
2899 * Parameters: p Process containing fd
2900 * fd fd to obtain fileproc for
2901 * resultfp Pointer to pointer return area
2902 *
2903 * Returns: 0 Success
2904 * EBADF
2905 *
2906 * Implicit returns:
2907 * *resultfp (modified) Pointer to fileproc pointer
2908 *
2909 * Locks: Assumes proc_fdlock for process is held by the caller
2910 *
2911 * Notes: Because there is no reference explicitly taken, the returned
2912 * fileproc pointer is only valid so long as the proc_fdlock
2913 * remains held by the caller.
2914 */
91447636 2915int
2d21ac55 2916fdgetf_noref(proc_t p, int fd, struct fileproc **resultfp)
91447636
A		 2917{
2918 struct filedesc *fdp = p->p_fd;
2919 struct fileproc *fp;
2920
2921 if (fd < 0 || fd >= fdp->fd_nfiles ||
2922 (fp = fdp->fd_ofiles[fd]) == NULL ||
2923 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
2924 return (EBADF);
2925 }
2926 if (resultfp)
2927 *resultfp = fp;
2928 return (0);
2929}
2930
2931
2d21ac55
A		 2932/*
2933 * fp_getfvp
2934 *
2935 * Description: Get fileproc and vnode pointer for a given fd from the per
2936 * process open file table of the specified process, and if
2937 * successful, increment the f_iocount
2938 *
2939 * Parameters: p Process in which fd lives
2940 * fd fd to get information for
2941 * resultfp Pointer to result fileproc
2942 * pointer area, or 0 if none
2943 * resultvp Pointer to result vnode pointer
2944 * area, or 0 if none
2945 *
2946 * Returns: 0 Success
2947 * EBADF Bad file descriptor
2948 * ENOTSUP fd does not refer to a vnode
2949 *
2950 * Implicit returns:
2951 * *resultfp (modified) Fileproc pointer
2952 * *resultvp (modified) vnode pointer
2953 *
2954 * Notes: The resultfp and resultvp fields are optional, and may be
2955 * independently specified as NULL to skip returning information
2956 *
2957 * Locks: Internally takes and releases proc_fdlock
2958 */
91447636 2959int
2d21ac55 2960fp_getfvp(proc_t p, int fd, struct fileproc **resultfp, struct vnode **resultvp)
91447636
A		 2961{
2962 struct filedesc *fdp = p->p_fd;
2963 struct fileproc *fp;
2964
2d21ac55 2965 proc_fdlock_spin(p);
91447636
A		 2966 if (fd < 0 || fd >= fdp->fd_nfiles ||
2967 (fp = fdp->fd_ofiles[fd]) == NULL ||
2968 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
2969 proc_fdunlock(p);
2970 return (EBADF);
2971 }
2972 if (fp->f_type != DTYPE_VNODE) {
2973 proc_fdunlock(p);
2974 return(ENOTSUP);
2975 }
2976 fp->f_iocount++;
2977
2978 if (resultfp)
2979 *resultfp = fp;
2980 if (resultvp)
2981 *resultvp = (struct vnode *)fp->f_data;
2982 proc_fdunlock(p);
2983
2984 return (0);
2985}
2986
2987
2d21ac55
A		 2988/*
2989 * fp_getfvpandvid
2990 *
2991 * Description: Get fileproc, vnode pointer, and vid for a given fd from the
2992 * per process open file table of the specified process, and if
2993 * successful, increment the f_iocount
2994 *
2995 * Parameters: p Process in which fd lives
2996 * fd fd to get information for
2997 * resultfp Pointer to result fileproc
2998 * pointer area, or 0 if none
2999 * resultvp Pointer to result vnode pointer
3000 * area, or 0 if none
3001 * vidp Pointer to resuld vid area
3002 *
3003 * Returns: 0 Success
3004 * EBADF Bad file descriptor
3005 * ENOTSUP fd does not refer to a vnode
3006 *
3007 * Implicit returns:
3008 * *resultfp (modified) Fileproc pointer
3009 * *resultvp (modified) vnode pointer
3010 * *vidp vid value
3011 *
3012 * Notes: The resultfp and resultvp fields are optional, and may be
3013 * independently specified as NULL to skip returning information
3014 *
3015 * Locks: Internally takes and releases proc_fdlock
3016 */
0c530ab8 3017int
2d21ac55
A		 3018fp_getfvpandvid(proc_t p, int fd, struct fileproc **resultfp,
3019 struct vnode **resultvp, uint32_t *vidp)
0c530ab8
A		 3020{
3021 struct filedesc *fdp = p->p_fd;
3022 struct fileproc *fp;
3023
2d21ac55 3024 proc_fdlock_spin(p);
0c530ab8
A		 3025 if (fd < 0 || fd >= fdp->fd_nfiles ||
3026 (fp = fdp->fd_ofiles[fd]) == NULL ||
3027 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
3028 proc_fdunlock(p);
3029 return (EBADF);
3030 }
3031 if (fp->f_type != DTYPE_VNODE) {
3032 proc_fdunlock(p);
3033 return(ENOTSUP);
3034 }
3035 fp->f_iocount++;
3036
3037 if (resultfp)
3038 *resultfp = fp;
3039 if (resultvp)
3040 *resultvp = (struct vnode *)fp->f_data;
3041 if (vidp)
3042 *vidp = (uint32_t)vnode_vid((struct vnode *)fp->f_data);
3043 proc_fdunlock(p);
3044
3045 return (0);
3046}
3047
2d21ac55 3048
91447636 3049/*
2d21ac55
A		 3050 * fp_getfsock
3051 *
3052 * Description: Get fileproc and socket pointer for a given fd from the
3053 * per process open file table of the specified process, and if
3054 * successful, increment the f_iocount
3055 *
3056 * Parameters: p Process in which fd lives
3057 * fd fd to get information for
3058 * resultfp Pointer to result fileproc
3059 * pointer area, or 0 if none
3060 * results Pointer to result socket
3061 * pointer area, or 0 if none
3062 *
91447636
A		 3063 * Returns: EBADF The file descriptor is invalid
3064 * EOPNOTSUPP The file descriptor is not a socket
3065 * 0 Success
3066 *
2d21ac55
A		 3067 * Implicit returns:
3068 * *resultfp (modified) Fileproc pointer
3069 * *results (modified) socket pointer
3070 *
91447636
A		 3071 * Notes: EOPNOTSUPP should probably be ENOTSOCK; this function is only
3072 * ever called from accept1().
3073 */
3074int
2d21ac55
A		 3075fp_getfsock(proc_t p, int fd, struct fileproc **resultfp,
3076 struct socket **results)
91447636
A		 3077{
3078 struct filedesc *fdp = p->p_fd;
3079 struct fileproc *fp;
3080
2d21ac55 3081 proc_fdlock_spin(p);
91447636
A		 3082 if (fd < 0 || fd >= fdp->fd_nfiles ||
3083 (fp = fdp->fd_ofiles[fd]) == NULL ||
3084 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
3085 proc_fdunlock(p);
3086 return (EBADF);
3087 }
3088 if (fp->f_type != DTYPE_SOCKET) {
3089 proc_fdunlock(p);
3090 return(EOPNOTSUPP);
3091 }
3092 fp->f_iocount++;
3093
3094 if (resultfp)
3095 *resultfp = fp;
3096 if (results)
3097 *results = (struct socket *)fp->f_data;
3098 proc_fdunlock(p);
3099
3100 return (0);
3101}
3102
3103
2d21ac55
A		 3104/*
3105 * fp_getfkq
3106 *
3107 * Description: Get fileproc and kqueue pointer for a given fd from the
3108 * per process open file table of the specified process, and if
3109 * successful, increment the f_iocount
3110 *
3111 * Parameters: p Process in which fd lives
3112 * fd fd to get information for
3113 * resultfp Pointer to result fileproc
3114 * pointer area, or 0 if none
3115 * resultkq Pointer to result kqueue
3116 * pointer area, or 0 if none
3117 *
3118 * Returns: EBADF The file descriptor is invalid
3119 * EBADF The file descriptor is not a socket
3120 * 0 Success
3121 *
3122 * Implicit returns:
3123 * *resultfp (modified) Fileproc pointer
3124 * *resultkq (modified) kqueue pointer
3125 *
3126 * Notes: The second EBADF should probably be something else to make
3127 * the error condition distinct.
3128 */
91447636 3129int
2d21ac55
A		 3130fp_getfkq(proc_t p, int fd, struct fileproc **resultfp,
3131 struct kqueue **resultkq)
91447636
A		 3132{
3133 struct filedesc *fdp = p->p_fd;
3134 struct fileproc *fp;
3135
2d21ac55 3136 proc_fdlock_spin(p);
91447636
A		 3137 if ( fd < 0 || fd >= fdp->fd_nfiles ||
3138 (fp = fdp->fd_ofiles[fd]) == NULL ||
3139 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
3140 proc_fdunlock(p);
3141 return (EBADF);
3142 }
3143 if (fp->f_type != DTYPE_KQUEUE) {
3144 proc_fdunlock(p);
3145 return(EBADF);
3146 }
3147 fp->f_iocount++;
3148
3149 if (resultfp)
3150 *resultfp = fp;
3151 if (resultkq)
3152 *resultkq = (struct kqueue *)fp->f_data;
3153 proc_fdunlock(p);
3154
3155 return (0);
3156}
3157
2d21ac55
A		 3158
3159/*
3160 * fp_getfpshm
3161 *
3162 * Description: Get fileproc and POSIX shared memory pointer for a given fd
3163 * from the per process open file table of the specified process
3164 * and if successful, increment the f_iocount
3165 *
3166 * Parameters: p Process in which fd lives
3167 * fd fd to get information for
3168 * resultfp Pointer to result fileproc
3169 * pointer area, or 0 if none
3170 * resultpshm Pointer to result POSIX
3171 * shared memory pointer
3172 * pointer area, or 0 if none
3173 *
3174 * Returns: EBADF The file descriptor is invalid
3175 * EBADF The file descriptor is not a POSIX
3176 * shared memory area
3177 * 0 Success
3178 *
3179 * Implicit returns:
3180 * *resultfp (modified) Fileproc pointer
3181 * *resultpshm (modified) POSIX shared memory pointer
3182 *
3183 * Notes: The second EBADF should probably be something else to make
3184 * the error condition distinct.
3185 */
91447636 3186int
2d21ac55
A		 3187fp_getfpshm(proc_t p, int fd, struct fileproc **resultfp,
3188 struct pshmnode **resultpshm)
91447636
A		 3189{
3190 struct filedesc *fdp = p->p_fd;
3191 struct fileproc *fp;
3192
2d21ac55 3193 proc_fdlock_spin(p);
91447636
A		 3194 if (fd < 0 || fd >= fdp->fd_nfiles ||
3195 (fp = fdp->fd_ofiles[fd]) == NULL ||
3196 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
3197 proc_fdunlock(p);
3198 return (EBADF);
3199 }
3200 if (fp->f_type != DTYPE_PSXSHM) {
3201
3202 proc_fdunlock(p);
3203 return(EBADF);
3204 }
3205 fp->f_iocount++;
3206
3207 if (resultfp)
3208 *resultfp = fp;
3209 if (resultpshm)
3210 *resultpshm = (struct pshmnode *)fp->f_data;
3211 proc_fdunlock(p);
3212
3213 return (0);
3214}
3215
3216
2d21ac55
A		 3217/*
3218 * fp_getfsem
3219 *
3220 * Description: Get fileproc and POSIX semaphore pointer for a given fd from
3221 * the per process open file table of the specified process
3222 * and if successful, increment the f_iocount
3223 *
3224 * Parameters: p Process in which fd lives
3225 * fd fd to get information for
3226 * resultfp Pointer to result fileproc
3227 * pointer area, or 0 if none
3228 * resultpsem Pointer to result POSIX
3229 * semaphore pointer area, or
3230 * 0 if none
3231 *
3232 * Returns: EBADF The file descriptor is invalid
3233 * EBADF The file descriptor is not a POSIX
3234 * semaphore
3235 * 0 Success
3236 *
3237 * Implicit returns:
3238 * *resultfp (modified) Fileproc pointer
3239 * *resultpsem (modified) POSIX semaphore pointer
3240 *
3241 * Notes: The second EBADF should probably be something else to make
3242 * the error condition distinct.
3243 *
3244 * In order to support unnamed POSIX semaphores, the named
3245 * POSIX semaphores will have to move out of the per-process
3246 * open filetable, and into a global table that is shared with
3247 * unnamed POSIX semaphores, since unnamed POSIX semaphores
3248 * are typically used by declaring instances in shared memory,
3249 * and there's no other way to do this without changing the
3250 * underlying type, which would introduce binary compatibility
3251 * issues.
3252 */
91447636 3253int
2d21ac55
A		 3254fp_getfpsem(proc_t p, int fd, struct fileproc **resultfp,
3255 struct psemnode **resultpsem)
91447636
A		 3256{
3257 struct filedesc *fdp = p->p_fd;
3258 struct fileproc *fp;
3259
2d21ac55 3260 proc_fdlock_spin(p);
91447636
A		 3261 if (fd < 0 || fd >= fdp->fd_nfiles ||
3262 (fp = fdp->fd_ofiles[fd]) == NULL ||
3263 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
3264 proc_fdunlock(p);
3265 return (EBADF);
3266 }
3267 if (fp->f_type != DTYPE_PSXSEM) {
3268 proc_fdunlock(p);
3269 return(EBADF);
3270 }
3271 fp->f_iocount++;
3272
3273 if (resultfp)
3274 *resultfp = fp;
3275 if (resultpsem)
3276 *resultpsem = (struct psemnode *)fp->f_data;
3277 proc_fdunlock(p);
3278
3279 return (0);
3280}
0c530ab8
A		 3281
3282
2d21ac55
A		 3283/*
3284 * fp_getfpipe
3285 *
3286 * Description: Get fileproc and pipe pointer for a given fd from the
3287 * per process open file table of the specified process
3288 * and if successful, increment the f_iocount
3289 *
3290 * Parameters: p Process in which fd lives
3291 * fd fd to get information for
3292 * resultfp Pointer to result fileproc
3293 * pointer area, or 0 if none
3294 * resultpipe Pointer to result pipe
3295 * pointer area, or 0 if none
3296 *
3297 * Returns: EBADF The file descriptor is invalid
3298 * EBADF The file descriptor is not a socket
3299 * 0 Success
3300 *
3301 * Implicit returns:
3302 * *resultfp (modified) Fileproc pointer
3303 * *resultpipe (modified) pipe pointer
3304 *
3305 * Notes: The second EBADF should probably be something else to make
3306 * the error condition distinct.
3307 */
0c530ab8 3308int
2d21ac55
A		 3309fp_getfpipe(proc_t p, int fd, struct fileproc **resultfp,
3310 struct pipe **resultpipe)
0c530ab8
A		 3311{
3312 struct filedesc *fdp = p->p_fd;
3313 struct fileproc *fp;
3314
2d21ac55 3315 proc_fdlock_spin(p);
0c530ab8
A		 3316 if (fd < 0 || fd >= fdp->fd_nfiles ||
3317 (fp = fdp->fd_ofiles[fd]) == NULL ||
3318 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
3319 proc_fdunlock(p);
3320 return (EBADF);
3321 }
3322 if (fp->f_type != DTYPE_PIPE) {
3323 proc_fdunlock(p);
3324 return(EBADF);
3325 }
3326 fp->f_iocount++;
3327
3328 if (resultfp)
3329 *resultfp = fp;
3330 if (resultpipe)
3331 *resultpipe = (struct pipe *)fp->f_data;
3332 proc_fdunlock(p);
3333
3334 return (0);
3335}
3336
b0d623f7 3337#if NETAT
2d21ac55
A		 3338#define DTYPE_ATALK -1 /* XXX This does not belong here */
3339
3340
3341/*
3342 * fp_getfatalk
3343 *
3344 * Description: Get fileproc and atalk pointer for a given fd from the
3345 * per process open file table of the specified process
3346 * and if successful, increment the f_iocount
3347 *
3348 * Parameters: p Process in which fd lives
3349 * fd fd to get information for
3350 * resultfp Pointer to result fileproc
3351 * pointer area, or 0 if none
3352 * resultatalk Pointer to result atalk
3353 * pointer area, or 0 if none
3354 * Returns: EBADF The file descriptor is invalid
3355 * EBADF The file descriptor is not a socket
3356 * 0 Success
3357 *
3358 * Implicit returns:
3359 * *resultfp (modified) Fileproc pointer
3360 * *resultatalk (modified) atalk pointer
3361 *
3362 * Notes: The second EBADF should probably be something else to make
3363 * the error condition distinct.
3364 *
3365 * XXX This code is specific to AppleTalk protocol support, and
3366 * XXX should be conditionally compiled
3367 */
0c530ab8 3368int
2d21ac55
A		 3369fp_getfatalk(proc_t p, int fd, struct fileproc **resultfp,
3370 struct atalk **resultatalk)
0c530ab8
A		 3371{
3372 struct filedesc *fdp = p->p_fd;
3373 struct fileproc *fp;
3374
2d21ac55 3375 proc_fdlock_spin(p);
0c530ab8
A		 3376 if (fd < 0 || fd >= fdp->fd_nfiles ||
3377 (fp = fdp->fd_ofiles[fd]) == NULL ||
3378 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
3379 proc_fdunlock(p);
3380 return (EBADF);
3381 }
3382 if (fp->f_type != (DTYPE_ATALK+1)) {
3383 proc_fdunlock(p);
3384 return(EBADF);
3385 }
3386 fp->f_iocount++;
3387
3388 if (resultfp)
3389 *resultfp = fp;
3390 if (resultatalk)
3391 *resultatalk = (struct atalk *)fp->f_data;
3392 proc_fdunlock(p);
3393
3394 return (0);
3395}
3396
b0d623f7 3397#endif /* NETAT */
2d21ac55
A		 3398
3399/*
3400 * fp_lookup
3401 *
3402 * Description: Get fileproc pointer for a given fd from the per process
3403 * open file table of the specified process and if successful,
3404 * increment the f_iocount
3405 *
3406 * Parameters: p Process in which fd lives
3407 * fd fd to get information for
3408 * resultfp Pointer to result fileproc
3409 * pointer area, or 0 if none
3410 * locked !0 if the caller holds the
3411 * proc_fdlock, 0 otherwise
3412 *
3413 * Returns: 0 Success
3414 * EBADF Bad file descriptor
3415 *
3416 * Implicit returns:
3417 * *resultfp (modified) Fileproc pointer
3418 *
3419 * Locks: If the argument 'locked' is non-zero, then the caller is
3420 * expected to have taken and held the proc_fdlock; if it is
3421 * zero, than this routine internally takes and drops this lock.
3422 */
91447636 3423int
2d21ac55 3424fp_lookup(proc_t p, int fd, struct fileproc **resultfp, int locked)
91447636
A		 3425{
3426 struct filedesc *fdp = p->p_fd;
3427 struct fileproc *fp;
3428
3429 if (!locked)
2d21ac55
A		 3430 proc_fdlock_spin(p);
3431 if (fd < 0 || fdp == NULL || fd >= fdp->fd_nfiles ||
91447636
A		 3432 (fp = fdp->fd_ofiles[fd]) == NULL ||
3433 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
3434 if (!locked)
3435 proc_fdunlock(p);
3436 return (EBADF);
3437 }
3438 fp->f_iocount++;
3439
3440 if (resultfp)
3441 *resultfp = fp;
3442 if (!locked)
3443 proc_fdunlock(p);
3444
3445 return (0);
3446}
3447
2d21ac55
A		 3448
3449/*
3450 * fp_drop_written
3451 *
3452 * Description: Set the FP_WRITTEN flag on the fileproc and drop the I/O
3453 * reference previously taken by calling fp_lookup et. al.
3454 *
3455 * Parameters: p Process in which the fd lives
3456 * fd fd associated with the fileproc
3457 * fp fileproc on which to set the
3458 * flag and drop the reference
3459 *
3460 * Returns: 0 Success
3461 * fp_drop:EBADF Bad file descriptor
3462 *
3463 * Locks: This function internally takes and drops the proc_fdlock for
3464 * the supplied process
3465 *
3466 * Notes: The fileproc must correspond to the fd in the supplied proc
3467 */
91447636
A		 3468int
3469fp_drop_written(proc_t p, int fd, struct fileproc *fp)
3470{
3471 int error;
3472
2d21ac55 3473 proc_fdlock_spin(p);
91447636
A		 3474
3475 fp->f_flags |= FP_WRITTEN;
3476
3477 error = fp_drop(p, fd, fp, 1);
3478
3479 proc_fdunlock(p);
3480
3481 return (error);
3482}
3483
3484
2d21ac55
A		 3485/*
3486 * fp_drop_event
3487 *
3488 * Description: Set the FP_WAITEVENT flag on the fileproc and drop the I/O
3489 * reference previously taken by calling fp_lookup et. al.
3490 *
3491 * Parameters: p Process in which the fd lives
3492 * fd fd associated with the fileproc
3493 * fp fileproc on which to set the
3494 * flag and drop the reference
3495 *
3496 * Returns: 0 Success
3497 * fp_drop:EBADF Bad file descriptor
3498 *
3499 * Locks: This function internally takes and drops the proc_fdlock for
3500 * the supplied process
3501 *
3502 * Notes: The fileproc must correspond to the fd in the supplied proc
3503 */
91447636
A		 3504int
3505fp_drop_event(proc_t p, int fd, struct fileproc *fp)
3506{
3507 int error;
3508
2d21ac55 3509 proc_fdlock_spin(p);
91447636
A		 3510
3511 fp->f_flags |= FP_WAITEVENT;
3512
3513 error = fp_drop(p, fd, fp, 1);
3514
3515 proc_fdunlock(p);
3516
3517 return (error);
3518}
3519
2d21ac55
A		 3520
3521/*
3522 * fp_drop
3523 *
3524 * Description: Drop the I/O reference previously taken by calling fp_lookup
3525 * et. al.
3526 *
3527 * Parameters: p Process in which the fd lives
3528 * fd fd associated with the fileproc
3529 * fp fileproc on which to set the
3530 * flag and drop the reference
3531 * locked flag to internally take and
3532 * drop proc_fdlock if it is not
3533 * already held by the caller
3534 *
3535 * Returns: 0 Success
3536 * EBADF Bad file descriptor
3537 *
3538 * Locks: This function internally takes and drops the proc_fdlock for
3539 * the supplied process if 'locked' is non-zero, and assumes that
3540 * the caller already holds this lock if 'locked' is non-zero.
3541 *
3542 * Notes: The fileproc must correspond to the fd in the supplied proc
3543 */
1c79356b 3544int
2d21ac55 3545fp_drop(proc_t p, int fd, struct fileproc *fp, int locked)
1c79356b 3546{
91447636 3547 struct filedesc *fdp = p->p_fd;
2d21ac55 3548 int needwakeup = 0;
1c79356b 3549
91447636 3550 if (!locked)
2d21ac55 3551 proc_fdlock_spin(p);
91447636
A		 3552 if ((fp == FILEPROC_NULL) && (fd < 0 || fd >= fdp->fd_nfiles ||
3553 (fp = fdp->fd_ofiles[fd]) == NULL ||
3554 ((fdp->fd_ofileflags[fd] & UF_RESERVED) &&
3555 !(fdp->fd_ofileflags[fd] & UF_CLOSING)))) {
3556 if (!locked)
3557 proc_fdunlock(p);
3558 return (EBADF);
3559 }
3560 fp->f_iocount--;
3561
6d2010ae
A		 3562 if (fp->f_iocount == 0) {
3563 if (fp->f_flags & FP_SELCONFLICT)
3564 fp->f_flags &= ~FP_SELCONFLICT;
3565
3566 if (p->p_fpdrainwait) {
3567 p->p_fpdrainwait = 0;
3568 needwakeup = 1;
3569 }
91447636
A		 3570 }
3571 if (!locked)
3572 proc_fdunlock(p);
2d21ac55
A		 3573 if (needwakeup)
3574 wakeup(&p->p_fpdrainwait);
91447636 3575
1c79356b
A		 3576 return (0);
3577}
3578
2d21ac55
A		 3579
3580/*
3581 * file_vnode
3582 *
3583 * Description: Given an fd, look it up in the current process's per process
3584 * open file table, and return its internal vnode pointer.
3585 *
3586 * Parameters: fd fd to obtain vnode from
3587 * vpp pointer to vnode return area
3588 *
3589 * Returns: 0 Success
3590 * EINVAL The fd does not refer to a
3591 * vnode fileproc entry
3592 * fp_lookup:EBADF Bad file descriptor
3593 *
3594 * Implicit returns:
3595 * *vpp (modified) Returned vnode pointer
3596 *
3597 * Locks: This function internally takes and drops the proc_fdlock for
3598 * the current process
3599 *
3600 * Notes: If successful, this function increments the f_iocount on the
3601 * fd's corresponding fileproc.
3602 *
3603 * The fileproc referenced is not returned; because of this, care
3604 * must be taken to not drop the last reference (e.g. by closing
6d2010ae 3605 * the file). This is inherently unsafe, since the reference may
2d21ac55
A		 3606 * not be recoverable from the vnode, if there is a subsequent
3607 * close that destroys the associate fileproc. The caller should
3608 * therefore retain their own reference on the fileproc so that
3609 * the f_iocount can be dropped subsequently. Failure to do this
3610 * can result in the returned pointer immediately becoming invalid
3611 * following the call.
3612 *
3613 * Use of this function is discouraged.
3614 */
91447636
A		 3615int
3616file_vnode(int fd, struct vnode **vpp)
1c79356b 3617{
2d21ac55 3618 proc_t p = current_proc();
91447636
A		 3619 struct fileproc *fp;
3620 int error;
3621
2d21ac55 3622 proc_fdlock_spin(p);
91447636
A		 3623 if ( (error = fp_lookup(p, fd, &fp, 1)) ) {
3624 proc_fdunlock(p);
3625 return(error);
3626 }
3627 if (fp->f_type != DTYPE_VNODE) {
3628 fp_drop(p, fd, fp,1);
3629 proc_fdunlock(p);
3630 return(EINVAL);
3631 }
b0d623f7
A		 3632 if (vpp != NULL)
3633 *vpp = (struct vnode *)fp->f_data;
3634 proc_fdunlock(p);
3635
3636 return(0);
3637}
3638
3639
3640/*
3641 * file_vnode_withvid
3642 *
3643 * Description: Given an fd, look it up in the current process's per process
3644 * open file table, and return its internal vnode pointer.
3645 *
3646 * Parameters: fd fd to obtain vnode from
3647 * vpp pointer to vnode return area
3648 * vidp pointer to vid of the returned vnode
3649 *
3650 * Returns: 0 Success
3651 * EINVAL The fd does not refer to a
3652 * vnode fileproc entry
3653 * fp_lookup:EBADF Bad file descriptor
3654 *
3655 * Implicit returns:
3656 * *vpp (modified) Returned vnode pointer
3657 *
3658 * Locks: This function internally takes and drops the proc_fdlock for
3659 * the current process
3660 *
3661 * Notes: If successful, this function increments the f_iocount on the
3662 * fd's corresponding fileproc.
3663 *
3664 * The fileproc referenced is not returned; because of this, care
3665 * must be taken to not drop the last reference (e.g. by closing
6d2010ae 3666 * the file). This is inherently unsafe, since the reference may
b0d623f7
A		 3667 * not be recoverable from the vnode, if there is a subsequent
3668 * close that destroys the associate fileproc. The caller should
3669 * therefore retain their own reference on the fileproc so that
3670 * the f_iocount can be dropped subsequently. Failure to do this
3671 * can result in the returned pointer immediately becoming invalid
3672 * following the call.
3673 *
3674 * Use of this function is discouraged.
3675 */
3676int
3677file_vnode_withvid(int fd, struct vnode **vpp, uint32_t * vidp)
3678{
3679 proc_t p = current_proc();
3680 struct fileproc *fp;
3681 vnode_t vp;
3682 int error;
3683
3684 proc_fdlock_spin(p);
3685 if ( (error = fp_lookup(p, fd, &fp, 1)) ) {
3686 proc_fdunlock(p);
3687 return(error);
3688 }
3689 if (fp->f_type != DTYPE_VNODE) {
3690 fp_drop(p, fd, fp,1);
3691 proc_fdunlock(p);
3692 return(EINVAL);
3693 }
3694 vp = (struct vnode *)fp->f_data;
3695 if (vpp != NULL)
3696 *vpp = vp;
3697
3698 if ((vidp != NULL) && (vp != NULLVP))
3699 *vidp = (uint32_t)vp->v_id;
3700
91447636
A		 3701 proc_fdunlock(p);
3702
3703 return(0);
1c79356b
A		 3704}
3705
91447636 3706
2d21ac55
A		 3707/*
3708 * file_socket
3709 *
3710 * Description: Given an fd, look it up in the current process's per process
3711 * open file table, and return its internal socket pointer.
3712 *
3713 * Parameters: fd fd to obtain vnode from
3714 * sp pointer to socket return area
3715 *
3716 * Returns: 0 Success
3717 * ENOTSOCK Not a socket
3718 * fp_lookup:EBADF Bad file descriptor
3719 *
3720 * Implicit returns:
3721 * *sp (modified) Returned socket pointer
3722 *
3723 * Locks: This function internally takes and drops the proc_fdlock for
3724 * the current process
3725 *
3726 * Notes: If successful, this function increments the f_iocount on the
3727 * fd's corresponding fileproc.
3728 *
3729 * The fileproc referenced is not returned; because of this, care
3730 * must be taken to not drop the last reference (e.g. by closing
6d2010ae 3731 * the file). This is inherently unsafe, since the reference may
2d21ac55
A		 3732 * not be recoverable from the socket, if there is a subsequent
3733 * close that destroys the associate fileproc. The caller should
3734 * therefore retain their own reference on the fileproc so that
3735 * the f_iocount can be dropped subsequently. Failure to do this
3736 * can result in the returned pointer immediately becoming invalid
3737 * following the call.
3738 *
3739 * Use of this function is discouraged.
3740 */
1c79356b 3741int
91447636 3742file_socket(int fd, struct socket **sp)
1c79356b 3743{
2d21ac55 3744 proc_t p = current_proc();
91447636
A		 3745 struct fileproc *fp;
3746 int error;
3747
2d21ac55 3748 proc_fdlock_spin(p);
91447636
A		 3749 if ( (error = fp_lookup(p, fd, &fp, 1)) ) {
3750 proc_fdunlock(p);
3751 return(error);
3752 }
3753 if (fp->f_type != DTYPE_SOCKET) {
3754 fp_drop(p, fd, fp,1);
3755 proc_fdunlock(p);
3756 return(ENOTSOCK);
3757 }
3758 *sp = (struct socket *)fp->f_data;
3759 proc_fdunlock(p);
1c79356b 3760
91447636
A		 3761 return(0);
3762}
3763
2d21ac55
A		 3764
3765/*
3766 * file_flags
3767 *
3768 * Description: Given an fd, look it up in the current process's per process
3769 * open file table, and return its fileproc's flags field.
3770 *
3771 * Parameters: fd fd whose flags are to be
3772 * retrieved
3773 * flags pointer to flags data area
3774 *
3775 * Returns: 0 Success
3776 * ENOTSOCK Not a socket
3777 * fp_lookup:EBADF Bad file descriptor
3778 *
3779 * Implicit returns:
3780 * *flags (modified) Returned flags field
3781 *
3782 * Locks: This function internally takes and drops the proc_fdlock for
3783 * the current process
3784 *
3785 * Notes: This function will internally increment and decrement the
3786 * f_iocount of the fileproc as part of its operation.
3787 */
91447636 3788int
2d21ac55 3789file_flags(int fd, int *flags)
91447636
A		 3790{
3791
2d21ac55 3792 proc_t p = current_proc();
91447636
A		 3793 struct fileproc *fp;
3794 int error;
3795
2d21ac55 3796 proc_fdlock_spin(p);
91447636
A		 3797 if ( (error = fp_lookup(p, fd, &fp, 1)) ) {
3798 proc_fdunlock(p);
3799 return(error);
3800 }
3801 *flags = (int)fp->f_flag;
3802 fp_drop(p, fd, fp,1);
3803 proc_fdunlock(p);
3804
3805 return(0);
3806}
3807
3808
2d21ac55
A		 3809/*
3810 * file_drop
3811 *
3812 * Description: Drop an iocount reference on an fd, and wake up any waiters
3813 * for draining (i.e. blocked in fileproc_drain() called during
3814 * the last attempt to close a file).
3815 *
3816 * Parameters: fd fd on which an ioreference is
3817 * to be dropped
3818 *
3819 * Returns: 0 Success
3820 * EBADF Bad file descriptor
3821 *
3822 * Description: Given an fd, look it up in the current process's per process
3823 * open file table, and drop it's fileproc's f_iocount by one
3824 *
3825 * Notes: This is intended as a corresponding operation to the functions
3826 * file_vnode() and file_socket() operations.
3827 *
3828 * Technically, the close reference is supposed to be protected
3829 * by a fileproc_drain(), however, a drain will only block if
3830 * the fd refers to a character device, and that device has had
3831 * preparefileread() called on it. If it refers to something
3832 * other than a character device, then the drain will occur and
3833 * block each close attempt, rather than merely the last close.
3834 *
3835 * Since it's possible for an fd that refers to a character
3836 * device to have an intermediate close followed by an open to
3837 * cause a different file to correspond to that descriptor,
3838 * unless there was a cautionary reference taken on the fileproc,
3839 * this is an inherently unsafe function. This happens in the
3840 * case where multiple fd's in a process refer to the same
3841 * character device (e.g. stdin/out/err pointing to a tty, etc.).
3842 *
3843 * Use of this function is discouraged.
3844 */
91447636
A		 3845int
3846file_drop(int fd)
3847{
3848 struct fileproc *fp;
2d21ac55
A		 3849 proc_t p = current_proc();
3850 int needwakeup = 0;
91447636 3851
2d21ac55 3852 proc_fdlock_spin(p);
91447636
A		 3853 if (fd < 0 || fd >= p->p_fd->fd_nfiles ||
3854 (fp = p->p_fd->fd_ofiles[fd]) == NULL ||
3855 ((p->p_fd->fd_ofileflags[fd] & UF_RESERVED) &&
3856 !(p->p_fd->fd_ofileflags[fd] & UF_CLOSING))) {
3857 proc_fdunlock(p);
1c79356b 3858 return (EBADF);
91447636
A		 3859 }
3860 fp->f_iocount --;
3861
6d2010ae
A		 3862 if (fp->f_iocount == 0) {
3863 if (fp->f_flags & FP_SELCONFLICT)
3864 fp->f_flags &= ~FP_SELCONFLICT;
3865
3866 if (p->p_fpdrainwait) {
3867 p->p_fpdrainwait = 0;
3868 needwakeup = 1;
3869 }
91447636
A		 3870 }
3871 proc_fdunlock(p);
1c79356b 3872
2d21ac55
A		 3873 if (needwakeup)
3874 wakeup(&p->p_fpdrainwait);
3875 return(0);
1c79356b
A		 3876}
3877
2d21ac55
A		 3878
3879/*
3880 * falloc
3881 *
3882 * Description: Allocate an entry in the per process open file table and
3883 * return the corresponding fileproc and fd.
3884 *
3885 * Parameters: p The process in whose open file
3886 * table the fd is to be allocated
3887 * resultfp Pointer to fileproc pointer
3888 * return area
3889 * resultfd Pointer to fd return area
3890 * ctx VFS context
3891 *
3892 * Returns: 0 Success
3893 * falloc:ENFILE Too many open files in system
3894 * falloc:EMFILE Too many open files in process
3895 * falloc:ENOMEM M_FILEPROC or M_FILEGLOB zone
3896 * exhausted
3897 *
3898 * Implicit returns:
3899 * *resultfd (modified) Returned fileproc pointer
3900 * *resultfd (modified) Returned fd
3901 *
3902 * Locks: This function takes and drops the proc_fdlock; if this lock
6d2010ae 3903 * is already held, use falloc_locked() instead.
2d21ac55
A		 3904 *
3905 * Notes: This function takes separate process and context arguments
3906 * solely to support kern_exec.c; otherwise, it would take
3907 * neither, and expect falloc_locked() to use the
3908 * vfs_context_current() routine internally.
3909 */
91447636 3910int
2d21ac55 3911falloc(proc_t p, struct fileproc **resultfp, int *resultfd, vfs_context_t ctx)
91447636
A		 3912{
3913 int error;
3914
3915 proc_fdlock(p);
2d21ac55 3916 error = falloc_locked(p, resultfp, resultfd, ctx, 1);
91447636
A		 3917 proc_fdunlock(p);
3918
3919 return(error);
3920}
2d21ac55
A		 3921
3922
1c79356b 3923/*
2d21ac55
A		 3924 * falloc_locked
3925 *
1c79356b 3926 * Create a new open file structure and allocate
6d2010ae 3927 * a file descriptor for the process that refers to it.
2d21ac55
A		 3928 *
3929 * Returns: 0 Success
3930 *
3931 * Description: Allocate an entry in the per process open file table and
3932 * return the corresponding fileproc and fd.
3933 *
3934 * Parameters: p The process in whose open file
3935 * table the fd is to be allocated
3936 * resultfp Pointer to fileproc pointer
3937 * return area
3938 * resultfd Pointer to fd return area
3939 * ctx VFS context
3940 * locked Flag to indicate whether the
3941 * caller holds proc_fdlock
3942 *
3943 * Returns: 0 Success
3944 * ENFILE Too many open files in system
3945 * fdalloc:EMFILE Too many open files in process
3946 * ENOMEM M_FILEPROC or M_FILEGLOB zone
3947 * exhausted
3948 * fdalloc:ENOMEM
3949 *
3950 * Implicit returns:
3951 * *resultfd (modified) Returned fileproc pointer
3952 * *resultfd (modified) Returned fd
3953 *
3954 * Locks: If the parameter 'locked' is zero, this function takes and
3955 * drops the proc_fdlock; if non-zero, the caller must hold the
3956 * lock.
3957 *
3958 * Notes: If you intend to use a non-zero 'locked' parameter, use the
3959 * utility function falloc() instead.
3960 *
3961 * This function takes separate process and context arguments
3962 * solely to support kern_exec.c; otherwise, it would take
3963 * neither, and use the vfs_context_current() routine internally.
1c79356b
A		 3964 */
3965int
2d21ac55
A		 3966falloc_locked(proc_t p, struct fileproc **resultfp, int *resultfd,
3967 vfs_context_t ctx, int locked)
1c79356b 3968{
316670eb 3969 struct fileproc *fp;
91447636
A		 3970 struct fileglob *fg;
3971 int error, nfd;
3972
3973 if (!locked)
3974 proc_fdlock(p);
3975 if ( (error = fdalloc(p, 0, &nfd)) ) {
3976 if (!locked)
3977 proc_fdunlock(p);
1c79356b 3978 return (error);
91447636 3979 }
1c79356b 3980 if (nfiles >= maxfiles) {
91447636
A		 3981 if (!locked)
3982 proc_fdunlock(p);
1c79356b
A		 3983 tablefull("file");
3984 return (ENFILE);
3985 }
2d21ac55
A		 3986#if CONFIG_MACF
3987 error = mac_file_check_create(proc_ucred(p));
3988 if (error) {
3989 if (!locked)
3990 proc_fdunlock(p);
3991 return (error);
3992 }
3993#endif
3994
1c79356b
A		 3995 /*
3996 * Allocate a new file descriptor.
3997 * If the process has file descriptor zero open, add to the list
3998 * of open files at that point, otherwise put it at the front of
3999 * the list of open files.
4000 */
91447636
A		 4001 proc_fdunlock(p);
4002
4003 MALLOC_ZONE(fp, struct fileproc *, sizeof(struct fileproc), M_FILEPROC, M_WAITOK);
2d21ac55
A		 4004 if (fp == NULL) {
4005 if (locked)
4006 proc_fdlock(p);
4007 return (ENOMEM);
4008 }
91447636 4009 MALLOC_ZONE(fg, struct fileglob *, sizeof(struct fileglob), M_FILEGLOB, M_WAITOK);
2d21ac55
A		 4010 if (fg == NULL) {
4011 FREE_ZONE(fp, sizeof(*fp), M_FILEPROC);
4012 if (locked)
4013 proc_fdlock(p);
4014 return (ENOMEM);
4015 }
91447636
A		 4016 bzero(fp, sizeof(struct fileproc));
4017 bzero(fg, sizeof(struct fileglob));
4018 lck_mtx_init(&fg->fg_lock, file_lck_grp, file_lck_attr);
4019
4020 fp->f_iocount = 1;
4021 fg->fg_count = 1;
4022 fp->f_fglob = fg;
2d21ac55
A		 4023#if CONFIG_MACF
4024 mac_file_label_init(fg);
4025#endif
4026
4027 kauth_cred_ref(ctx->vc_ucred);
91447636
A		 4028
4029 proc_fdlock(p);
4030
2d21ac55 4031 fp->f_cred = ctx->vc_ucred;
91447636 4032
2d21ac55
A		 4033#if CONFIG_MACF
4034 mac_file_label_associate(fp->f_cred, fg);
4035#endif
4036
316670eb 4037 OSAddAtomic(1, &nfiles);
91447636
A		 4038
4039 p->p_fd->fd_ofiles[nfd] = fp;
4040
4041 if (!locked)
4042 proc_fdunlock(p);
4043
1c79356b
A		 4044 if (resultfp)
4045 *resultfp = fp;
4046 if (resultfd)
91447636
A		 4047 *resultfd = nfd;
4048
1c79356b
A		 4049 return (0);
4050}
4051
2d21ac55 4052
1c79356b 4053/*
2d21ac55
A		 4054 * fg_free
4055 *
4056 * Description: Free a file structure; drop the global open file count, and
4057 * drop the credential reference, if the fileglob has one, and
4058 * destroy the instance mutex before freeing
4059 *
4060 * Parameters: fg Pointer to fileglob to be
4061 * freed
4062 *
4063 * Returns: void
1c79356b
A		 4064 */
4065void
2d21ac55 4066fg_free(struct fileglob *fg)
1c79356b 4067{
316670eb 4068 OSAddAtomic(-1, &nfiles);
1c79356b 4069
0c530ab8
A		 4070 if (IS_VALID_CRED(fg->fg_cred)) {
4071 kauth_cred_unref(&fg->fg_cred);
1c79356b 4072 }
91447636 4073 lck_mtx_destroy(&fg->fg_lock, file_lck_grp);
fa4905b1 4074
2d21ac55
A		 4075#if CONFIG_MACF
4076 mac_file_label_destroy(fg);
4077#endif
91447636 4078 FREE_ZONE(fg, sizeof *fg, M_FILEGLOB);
1c79356b
A		 4079}
4080
2d21ac55
A		 4081
4082/*
4083 * fdexec
4084 *
4085 * Description: Perform close-on-exec processing for all files in a process
4086 * that are either marked as close-on-exec, or which were in the
4087 * process of being opened at the time of the execve
4088 *
6d2010ae
A		 4089 * Also handles the case (via posix_spawn()) where -all-
4090 * files except those marked with "inherit" as treated as
4091 * close-on-exec.
4092 *
2d21ac55
A		 4093 * Parameters: p Pointer to process calling
4094 * execve
4095 *
4096 * Returns: void
4097 *
4098 * Locks: This function internally takes and drops proc_fdlock()
4099 *
4100 * Notes: This function drops and retakes the kernel funnel; this is
4101 * inherently unsafe, since another thread may have the
4102 * proc_fdlock.
4103 *
4104 * XXX: We should likely reverse the lock and funnel drop/acquire
4105 * order to avoid the small race window; it's also possible that
4106 * if the program doing the exec has an outstanding listen socket
6d2010ae 4107 * and a network connection is completed asynchronously that we
2d21ac55
A		 4108 * will end up with a "ghost" socket reference in the new process.
4109 *
4110 * This needs reworking to make it safe to remove the funnel from
4111 * the execve and posix_spawn system calls.
4112 */
1c79356b 4113void
6d2010ae 4114fdexec(proc_t p, short flags)
1c79356b 4115{
91447636 4116 struct filedesc *fdp = p->p_fd;
b0d623f7 4117 int i;
6d2010ae 4118 boolean_t cloexec_default = (flags & POSIX_SPAWN_CLOEXEC_DEFAULT) != 0;
91447636 4119
91447636 4120 proc_fdlock(p);
6d2010ae
A		 4121 for (i = fdp->fd_lastfile; i >= 0; i--) {
4122
4123 struct fileproc *fp = fdp->fd_ofiles[i];
4124 char *flagp = &fdp->fd_ofileflags[i];
b0d623f7 4125
316670eb 4126 if (fp && cloexec_default) {
6d2010ae
A		 4127 /*
4128 * Reverse the usual semantics of file descriptor
4129 * inheritance - all of them should be closed
4130 * except files marked explicitly as "inherit" and
4131 * not marked close-on-exec.
4132 */
4133 if ((*flagp & (UF_EXCLOSE|UF_INHERIT)) != UF_INHERIT)
4134 *flagp |= UF_EXCLOSE;
4135 *flagp &= ~UF_INHERIT;
4136 }
55e303ae 4137
2d21ac55 4138 if (
6d2010ae 4139 ((*flagp & (UF_RESERVED|UF_EXCLOSE)) == UF_EXCLOSE)
2d21ac55
A		 4140#if CONFIG_MACF
4141 || (fp && mac_file_check_inherit(proc_ucred(p), fp->f_fglob))
4142#endif
4143 ) {
4144 if (i < fdp->fd_knlistsize)
4145 knote_fdclose(p, i);
6601e61a 4146 procfdtbl_clearfd(p, i);
1c79356b
A		 4147 if (i == fdp->fd_lastfile && i > 0)
4148 fdp->fd_lastfile--;
6601e61a
A		 4149 if (i < fdp->fd_freefile)
4150 fdp->fd_freefile = i;
6d2010ae
A		 4151
4152 /*
4153 * Wait for any third party viewers (e.g., lsof)
4154 * to release their references to this fileproc.
4155 */
4156 while (fp->f_iocount > 0) {
4157 p->p_fpdrainwait = 1;
4158 msleep(&p->p_fpdrainwait, &p->p_fdmlock, PRIBIO,
4159 "fpdrain", NULL);
4160 }
4161
91447636 4162 closef_locked(fp, fp->f_fglob, p);
6d2010ae 4163
2d21ac55 4164 FREE_ZONE(fp, sizeof(*fp), M_FILEPROC);
1c79356b 4165 }
1c79356b 4166 }
91447636 4167 proc_fdunlock(p);
1c79356b
A		 4168}
4169
2d21ac55 4170
1c79356b 4171/*
2d21ac55
A		 4172 * fdcopy
4173 *
4174 * Description: Copy a filedesc structure. This is normally used as part of
4175 * forkproc() when forking a new process, to copy the per process
4176 * open file table over to the new process.
4177 *
4178 * Parameters: p Process whose open file table
4179 * is to be copied (parent)
4180 * uth_cdir Per thread current working
4181 * cirectory, or NULL
4182 *
4183 * Returns: NULL Copy failed
4184 * !NULL Pointer to new struct filedesc
4185 *
4186 * Locks: This function internally takes and drops proc_fdlock()
4187 *
4188 * Notes: Files are copied directly, ignoring the new resource limits
4189 * for the process that's being copied into. Since the descriptor
4190 * references are just additional references, this does not count
4191 * against the number of open files on the system.
4192 *
4193 * The struct filedesc includes the current working directory,
4194 * and the current root directory, if the process is chroot'ed.
4195 *
4196 * If the exec was called by a thread using a per thread current
4197 * working directory, we inherit the working directory from the
4198 * thread making the call, rather than from the process.
4199 *
4200 * In the case of a failure to obtain a reference, for most cases,
6d2010ae 4201 * the file entry will be silently dropped. There's an exception
2d21ac55
A		 4202 * for the case of a chroot dir, since a failure to to obtain a
4203 * reference there would constitute an "escape" from the chroot
4204 * environment, which must not be allowed. In that case, we will
4205 * deny the execve() operation, rather than allowing the escape.
1c79356b
A		 4206 */
4207struct filedesc *
2d21ac55 4208fdcopy(proc_t p, vnode_t uth_cdir)
1c79356b 4209{
91447636
A		 4210 struct filedesc *newfdp, *fdp = p->p_fd;
4211 int i;
4212 struct fileproc *ofp, *fp;
4213 vnode_t v_dir;
1c79356b
A		 4214
4215 MALLOC_ZONE(newfdp, struct filedesc *,
6601e61a 4216 sizeof(*newfdp), M_FILEDESC, M_WAITOK);
91447636
A		 4217 if (newfdp == NULL)
4218 return(NULL);
4219
4220 proc_fdlock(p);
4221
4222 /*
4223 * the FD_CHROOT flag will be inherited via this copy
4224 */
6601e61a 4225 (void) memcpy(newfdp, fdp, sizeof(*newfdp));
91447636
A		 4226
4227 /*
2d21ac55
A		 4228 * If we are running with per-thread current working directories,
4229 * inherit the new current working directory from the current thread
4230 * instead, before we take our references.
4231 */
4232 if (uth_cdir != NULLVP)
4233 newfdp->fd_cdir = uth_cdir;
4234
4235 /*
4236 * For both fd_cdir and fd_rdir make sure we get
91447636
A		 4237 * a valid reference... if we can't, than set
4238 * set the pointer(s) to NULL in the child... this
4239 * will keep us from using a non-referenced vp
4240 * and allows us to do the vnode_rele only on
4241 * a properly referenced vp
4242 */
4243 if ( (v_dir = newfdp->fd_cdir) ) {
4244 if (vnode_getwithref(v_dir) == 0) {
4245 if ( (vnode_ref(v_dir)) )
4246 newfdp->fd_cdir = NULL;
4247 vnode_put(v_dir);
4248 } else
4249 newfdp->fd_cdir = NULL;
4250 }
4251 if (newfdp->fd_cdir == NULL && fdp->fd_cdir) {
4252 /*
4253 * we couldn't get a new reference on
4254 * the current working directory being
4255 * inherited... we might as well drop
4256 * our reference from the parent also
4257 * since the vnode has gone DEAD making
4258 * it useless... by dropping it we'll
6d2010ae 4259 * be that much closer to recycling it
91447636
A		 4260 */
4261 vnode_rele(fdp->fd_cdir);
4262 fdp->fd_cdir = NULL;
4263 }
4264
4265 if ( (v_dir = newfdp->fd_rdir) ) {
4266 if (vnode_getwithref(v_dir) == 0) {
4267 if ( (vnode_ref(v_dir)) )
4268 newfdp->fd_rdir = NULL;
4269 vnode_put(v_dir);
2d21ac55 4270 } else {
91447636 4271 newfdp->fd_rdir = NULL;
2d21ac55 4272 }
91447636 4273 }
2d21ac55 4274 /* Coming from a chroot environment and unable to get a reference... */
91447636
A		 4275 if (newfdp->fd_rdir == NULL && fdp->fd_rdir) {
4276 /*
2d21ac55
A		 4277 * We couldn't get a new reference on
4278 * the chroot directory being
4279 * inherited... this is fatal, since
4280 * otherwise it would constitute an
4281 * escape from a chroot environment by
4282 * the new process.
91447636 4283 */
2d21ac55
A		 4284 if (newfdp->fd_cdir)
4285 vnode_rele(newfdp->fd_cdir);
4286 FREE_ZONE(newfdp, sizeof *newfdp, M_FILEDESC);
4287 return(NULL);
91447636 4288 }
1c79356b
A		 4289 newfdp->fd_refcnt = 1;
4290
4291 /*
4292 * If the number of open files fits in the internal arrays
4293 * of the open file structure, use them, otherwise allocate
4294 * additional memory for the number of descriptors currently
4295 * in use.
4296 */
4297 if (newfdp->fd_lastfile < NDFILE)
4298 i = NDFILE;
4299 else {
4300 /*
4301 * Compute the smallest multiple of NDEXTENT needed
4302 * for the file descriptors currently in use,
4303 * allowing the table to shrink.
4304 */
4305 i = newfdp->fd_nfiles;
4306 while (i > 2 * NDEXTENT && i > newfdp->fd_lastfile * 2)
4307 i /= 2;
4308 }
91447636
A		 4309 proc_fdunlock(p);
4310
4311 MALLOC_ZONE(newfdp->fd_ofiles, struct fileproc **,
1c79356b 4312 i * OFILESIZE, M_OFILETABL, M_WAITOK);
91447636
A		 4313 if (newfdp->fd_ofiles == NULL) {
4314 if (newfdp->fd_cdir)
4315 vnode_rele(newfdp->fd_cdir);
4316 if (newfdp->fd_rdir)
4317 vnode_rele(newfdp->fd_rdir);
4318
2d21ac55 4319 FREE_ZONE(newfdp, sizeof(*newfdp), M_FILEDESC);
91447636
A		 4320 return(NULL);
4321 }
6601e61a 4322 (void) memset(newfdp->fd_ofiles, 0, i * OFILESIZE);
91447636
A		 4323 proc_fdlock(p);
4324
1c79356b
A		 4325 newfdp->fd_ofileflags = (char *) &newfdp->fd_ofiles[i];
4326 newfdp->fd_nfiles = i;
91447636 4327
1c79356b 4328 if (fdp->fd_nfiles > 0) {
91447636
A		 4329 struct fileproc **fpp;
4330 char *flags;
1c79356b
A		 4331
4332 (void) memcpy(newfdp->fd_ofiles, fdp->fd_ofiles,
2d21ac55 4333 (newfdp->fd_lastfile + 1) * sizeof(*fdp->fd_ofiles));
1c79356b 4334 (void) memcpy(newfdp->fd_ofileflags, fdp->fd_ofileflags,
2d21ac55 4335 (newfdp->fd_lastfile + 1) * sizeof(*fdp->fd_ofileflags));
1c79356b 4336
55e303ae
A		 4337 /*
4338 * kq descriptors cannot be copied.
4339 */
4340 if (newfdp->fd_knlistsize != -1) {
4341 fpp = &newfdp->fd_ofiles[newfdp->fd_lastfile];
4342 for (i = newfdp->fd_lastfile; i >= 0; i--, fpp--) {
4343 if (*fpp != NULL && (*fpp)->f_type == DTYPE_KQUEUE) {
4344 *fpp = NULL;
b0d623f7 4345 newfdp->fd_ofileflags[i] = 0;
55e303ae
A		 4346 if (i < newfdp->fd_freefile)
4347 newfdp->fd_freefile = i;
4348 }
4349 if (*fpp == NULL && i == newfdp->fd_lastfile && i > 0)
4350 newfdp->fd_lastfile--;
4351 }
4352 newfdp->fd_knlist = NULL;
4353 newfdp->fd_knlistsize = -1;
4354 newfdp->fd_knhash = NULL;
4355 newfdp->fd_knhashmask = 0;
4356 }
1c79356b
A		 4357 fpp = newfdp->fd_ofiles;
4358 flags = newfdp->fd_ofileflags;
91447636 4359
6601e61a 4360 for (i = newfdp->fd_lastfile + 1; --i >= 0; fpp++, flags++)
91447636
A		 4361 if ((ofp = *fpp) != NULL && !(*flags & UF_RESERVED)) {
4362 MALLOC_ZONE(fp, struct fileproc *, sizeof(struct fileproc), M_FILEPROC, M_WAITOK);
2d21ac55
A		 4363 if (fp == NULL) {
4364 /*
4365 * XXX no room to copy, unable to
4366 * XXX safely unwind state at present
4367 */
4368 *fpp = NULL;
4369 } else {
4370 bzero(fp, sizeof(struct fileproc));
4371 fp->f_flags = ofp->f_flags;
4372 //fp->f_iocount = ofp->f_iocount;
4373 fp->f_iocount = 0;
4374 fp->f_fglob = ofp->f_fglob;
4375 (void)fg_ref(fp);
4376 *fpp = fp;
4377 }
1c79356b 4378 } else {
6601e61a
A		 4379 if (i < newfdp->fd_freefile)
4380 newfdp->fd_freefile = i;
1c79356b
A		 4381 *fpp = NULL;
4382 *flags = 0;
4383 }
6601e61a 4384 }
1c79356b 4385
91447636 4386 proc_fdunlock(p);
1c79356b
A		 4387 return (newfdp);
4388}
4389
2d21ac55 4390
1c79356b 4391/*
2d21ac55
A		 4392 * fdfree
4393 *
4394 * Description: Release a filedesc (per process open file table) structure;
4395 * this is done on process exit(), or from forkproc_free() if
4396 * the fork fails for some reason subsequent to a successful
4397 * call to fdcopy()
4398 *
4399 * Parameters: p Pointer to process going away
4400 *
4401 * Returns: void
4402 *
4403 * Locks: This function internally takes and drops proc_fdlock()
1c79356b
A		 4404 */
4405void
2d21ac55 4406fdfree(proc_t p)
1c79356b 4407{
fa4905b1 4408 struct filedesc *fdp;
91447636 4409 struct fileproc *fp;
fa4905b1 4410 int i;
91447636
A		 4411
4412 proc_fdlock(p);
1c79356b 4413
55e303ae 4414 /* Certain daemons might not have file descriptors */
91447636 4415 fdp = p->p_fd;
55e303ae 4416
91447636
A		 4417 if ((fdp == NULL) || (--fdp->fd_refcnt > 0)) {
4418 proc_fdunlock(p);
1c79356b 4419 return;
91447636
A		 4420 }
4421 if (fdp->fd_refcnt == 0xffff)
4422 panic("fdfree: bad fd_refcnt");
55e303ae
A		 4423
4424 /* Last reference: the structure can't change out from under us */
91447636
A		 4425
4426 if (fdp->fd_nfiles > 0 && fdp->fd_ofiles) {
4427 for (i = fdp->fd_lastfile; i >= 0; i--) {
55e303ae 4428 if ((fp = fdp->fd_ofiles[i]) != NULL) {
91447636
A		 4429
4430 if (fdp->fd_ofileflags[i] & UF_RESERVED)
6d2010ae 4431 panic("fdfree: found fp with UF_RESERVED");
91447636
A		 4432
4433 /* closef drops the iocount ... */
4434 if ((fp->f_flags & FP_INCHRREAD) != 0)
4435 fp->f_iocount++;
6601e61a 4436 procfdtbl_reservefd(p, i);
91447636 4437
55e303ae
A		 4438 if (i < fdp->fd_knlistsize)
4439 knote_fdclose(p, i);
91447636
A		 4440 if (fp->f_flags & FP_WAITEVENT)
4441 (void)waitevent_close(p, fp);
4442 (void) closef_locked(fp, fp->f_fglob, p);
2d21ac55 4443 FREE_ZONE(fp, sizeof(*fp), M_FILEPROC);
55e303ae 4444 }
91447636
A		 4445 }
4446 FREE_ZONE(fdp->fd_ofiles, fdp->fd_nfiles * OFILESIZE, M_OFILETABL);
4447 fdp->fd_ofiles = NULL;
4448 fdp->fd_nfiles = 0;
4449 }
55e303ae 4450
91447636
A		 4451 proc_fdunlock(p);
4452
4453 if (fdp->fd_cdir)
4454 vnode_rele(fdp->fd_cdir);
4455 if (fdp->fd_rdir)
4456 vnode_rele(fdp->fd_rdir);
55e303ae 4457
2d21ac55 4458 proc_fdlock_spin(p);
91447636
A		 4459 p->p_fd = NULL;
4460 proc_fdunlock(p);
55e303ae
A		 4461
4462 if (fdp->fd_knlist)
4463 FREE(fdp->fd_knlist, M_KQUEUE);
4464 if (fdp->fd_knhash)
4465 FREE(fdp->fd_knhash, M_KQUEUE);
4466
2d21ac55 4467 FREE_ZONE(fdp, sizeof(*fdp), M_FILEDESC);
1c79356b
A		 4468}
4469
2d21ac55
A		 4470
4471/*
4472 * closef_finish
4473 *
4474 * Description: Called on last open instance for a fileglob for a file being
4475 * closed.
4476 *
4477 * Parameters: fp Pointer to fileproc for fd
4478 * fg Pointer to fileglob for fd
4479 * p Pointer to proc structure
4480 *
4481 * Returns: 0 Success
4482 * <fo_close>:??? Anything returnable by a per-fileops
4483 * close function
4484 *
4485 * Note: fp can only be non-NULL if p is also non-NULL. If p is NULL,
4486 * then fg must eith be locked (FHASLOCK) or must not have a
4487 * type of DTYPE_VNODE.
4488 *
4489 * On return, the fg is freed.
4490 *
4491 * This function may block draining output to a character
4492 * device on last close of that device.
4493 */
9bccf70c 4494static int
2d21ac55 4495closef_finish(struct fileproc *fp, struct fileglob *fg, proc_t p, vfs_context_t ctx)
9bccf70c 4496{
9bccf70c
A		 4497 int error;
4498
91447636 4499
2d21ac55 4500 /* fg_ops completed initialization? */
91447636 4501 if (fg->fg_ops)
2d21ac55 4502 error = fo_close(fg, ctx);
9bccf70c
A		 4503 else
4504 error = 0;
91447636 4505
2d21ac55 4506 /* if fp is non-NULL, drain it out */
91447636 4507 if (((fp != (struct fileproc *)0) && ((fp->f_flags & FP_INCHRREAD) != 0))) {
2d21ac55 4508 proc_fdlock_spin(p);
91447636
A		 4509 if ( ((fp->f_flags & FP_INCHRREAD) != 0) ) {
4510 fileproc_drain(p, fp);
4511 }
4512 proc_fdunlock(p);
4513 }
4514 fg_free(fg);
4515
9bccf70c
A		 4516 return (error);
4517}
4518
1c79356b 4519/*
2d21ac55
A		 4520 * closef_locked
4521 *
4522 * Description: Internal form of closef; called with proc_fdlock held
4523 *
4524 * Parameters: fp Pointer to fileproc for fd
4525 * fg Pointer to fileglob for fd
4526 * p Pointer to proc structure
4527 *
4528 * Returns: 0 Success
4529 * closef_finish:??? Anything returnable by a per-fileops
4530 * close function
4531 *
4532 * Note: Decrements reference count on file structure; if this was the
4533 * last reference, then closef_finish() is called
4534 *
4535 * p and fp are allowed to be NULL when closing a file that was
4536 * being passed in a message (but only if we are called when this
4537 * is NOT the last reference).
1c79356b
A		 4538 */
4539int
2d21ac55 4540closef_locked(struct fileproc *fp, struct fileglob *fg, proc_t p)
1c79356b
A		 4541{
4542 struct vnode *vp;
4543 struct flock lf;
91447636 4544 struct vfs_context context;
1c79356b
A		 4545 int error;
4546
91447636 4547 if (fg == NULL) {
1c79356b 4548 return (0);
91447636 4549 }
2d21ac55
A		 4550
4551 /* Set up context with cred stashed in fg */
4552 if (p == current_proc())
4553 context.vc_thread = current_thread();
4554 else
4555 context.vc_thread = NULL;
4556 context.vc_ucred = fg->fg_cred;
4557
1c79356b
A		 4558 /*
4559 * POSIX record locking dictates that any close releases ALL
4560 * locks owned by this process. This is handled by setting
4561 * a flag in the unlock to free ONLY locks obeying POSIX
4562 * semantics, and not to free BSD-style file locks.
4563 * If the descriptor was in a message, POSIX-style locks
4564 * aren't passed with the descriptor.
4565 */
b36670ce 4566 if (p && (p->p_ladvflag & P_LADVLOCK) && fg->fg_type == DTYPE_VNODE) {
91447636
A		 4567 proc_fdunlock(p);
4568
1c79356b
A		 4569 lf.l_whence = SEEK_SET;
4570 lf.l_start = 0;
4571 lf.l_len = 0;
4572 lf.l_type = F_UNLCK;
91447636
A		 4573 vp = (struct vnode *)fg->fg_data;
4574
4575 if ( (error = vnode_getwithref(vp)) == 0 ) {
91447636 4576 (void) VNOP_ADVLOCK(vp, (caddr_t)p, F_UNLCK, &lf, F_POSIX, &context);
91447636
A		 4577 (void)vnode_put(vp);
4578 }
4579 proc_fdlock(p);
1c79356b 4580 }
2d21ac55 4581 lck_mtx_lock_spin(&fg->fg_lock);
91447636
A		 4582 fg->fg_count--;
4583
4584 if (fg->fg_count > 0) {
4585 lck_mtx_unlock(&fg->fg_lock);
1c79356b 4586 return (0);
91447636 4587 }
2d21ac55 4588#if DIAGNOSTIC
91447636 4589 if (fg->fg_count != 0)
2d21ac55
A		 4590 panic("fg %p: being freed with bad fg_count (%d)", fg, fg->fg_count);
4591#endif
91447636
A		 4592
4593 if (fp && (fp->f_flags & FP_WRITTEN))
4594 fg->fg_flag |= FWASWRITTEN;
4595
4596 fg->fg_lflags |= FG_TERM;
4597 lck_mtx_unlock(&fg->fg_lock);
4598
e2fac8b1
A		 4599 if (p)
4600 proc_fdunlock(p);
2d21ac55 4601 error = closef_finish(fp, fg, p, &context);
e2fac8b1
A		 4602 if (p)
4603 proc_fdlock(p);
91447636
A		 4604
4605 return(error);
4606}
4607
4608
2d21ac55
A		 4609/*
4610 * fileproc_drain
4611 *
4612 * Description: Drain out pending I/O operations
4613 *
4614 * Parameters: p Process closing this file
4615 * fp fileproc struct for the open
4616 * instance on the file
4617 *
4618 * Returns: void
4619 *
4620 * Locks: Assumes the caller holds the proc_fdlock
4621 *
4622 * Notes: For character devices, this occurs on the last close of the
6d2010ae 4623 * device; for all other file descriptors, this occurs on each
2d21ac55
A		 4624 * close to prevent fd's from being closed out from under
4625 * operations currently in progress and blocked
4626 *
4627 * See Also: file_vnode(), file_socket(), file_drop(), and the cautions
4628 * regarding their use and interaction with this function.
4629 */
91447636 4630void
2d21ac55 4631fileproc_drain(proc_t p, struct fileproc * fp)
91447636 4632{
2d21ac55
A		 4633 struct vfs_context context;
4634
4635 context.vc_thread = proc_thread(p); /* XXX */
4636 context.vc_ucred = fp->f_fglob->fg_cred;
4637
91447636
A		 4638 fp->f_iocount-- ; /* (the one the close holds) */
4639
4640 while (fp->f_iocount) {
2d21ac55
A		 4641
4642 lck_mtx_convert_spin(&p->p_fdmlock);
4643
cf7d32b8
A		 4644 if (fp->f_fglob->fg_ops->fo_drain) {
4645 (*fp->f_fglob->fg_ops->fo_drain)(fp, &context);
4646 }
6d2010ae
A		 4647 if ((fp->f_flags & FP_INSELECT) == FP_INSELECT) {
4648 if (wait_queue_wakeup_all((wait_queue_t)fp->f_waddr, NULL, THREAD_INTERRUPTED) == KERN_INVALID_ARGUMENT)
4649 panic("bad wait queue for wait_queue_wakeup_all %p", fp->f_waddr);
cf7d32b8 4650 }
6d2010ae
A		 4651 if ((fp->f_flags & FP_SELCONFLICT) == FP_SELCONFLICT) {
4652 if (wait_queue_wakeup_all(&select_conflict_queue, NULL, THREAD_INTERRUPTED) == KERN_INVALID_ARGUMENT)
4653 panic("bad select_conflict_queue");
4654 }
91447636
A		 4655 p->p_fpdrainwait = 1;
4656
2d21ac55 4657 msleep(&p->p_fpdrainwait, &p->p_fdmlock, PRIBIO, "fpdrain", NULL);
91447636 4658
91447636 4659 }
6d2010ae
A		 4660#if DIAGNOSTIC
4661 if ((fp->f_flags & FP_INSELECT) != 0)
4662 panic("FP_INSELECT set on drained fp");
4663#endif
4664 if ((fp->f_flags & FP_SELCONFLICT) == FP_SELCONFLICT)
4665 fp->f_flags &= ~FP_SELCONFLICT;
91447636
A		 4666}
4667
2d21ac55
A		 4668
4669/*
4670 * fp_free
4671 *
4672 * Description: Release the fd and free the fileproc associated with the fd
4673 * in the per process open file table of the specified process;
4674 * these values must correspond.
4675 *
4676 * Parameters: p Process containing fd
4677 * fd fd to be released
4678 * fp fileproc to be freed
4679 *
4680 * Returns: 0 Success
4681 *
4682 * Notes: XXX function should be void - no one interprets the returns
4683 * XXX code
4684 */
91447636 4685int
2d21ac55 4686fp_free(proc_t p, int fd, struct fileproc * fp)
91447636 4687{
2d21ac55 4688 proc_fdlock_spin(p);
91447636
A		 4689 fdrelse(p, fd);
4690 proc_fdunlock(p);
4691
4692 fg_free(fp->f_fglob);
2d21ac55
A		 4693 FREE_ZONE(fp, sizeof(*fp), M_FILEPROC);
4694 return(0);
1c79356b
A		 4695}
4696
91447636 4697
1c79356b 4698/*
2d21ac55
A		 4699 * flock
4700 *
4701 * Description: Apply an advisory lock on a file descriptor.
4702 *
4703 * Parameters: p Process making request
4704 * uap->fd fd on which the lock is to be
4705 * attempted
4706 * uap->how (Un)Lock bits, including type
4707 * retval Pointer to the call return area
4708 *
4709 * Returns: 0 Success
4710 * fp_getfvp:EBADF Bad file descriptor
4711 * fp_getfvp:ENOTSUP fd does not refer to a vnode
4712 * vnode_getwithref:???
4713 * VNOP_ADVLOCK:???
1c79356b 4714 *
2d21ac55
A		 4715 * Implicit returns:
4716 * *retval (modified) Size of dtable
4717 *
4718 * Notes: Just attempt to get a record lock of the requested type on
4719 * the entire file (l_whence = SEEK_SET, l_start = 0, l_len = 0).
1c79356b 4720 */
1c79356b 4721int
b0d623f7 4722flock(proc_t p, struct flock_args *uap, __unused int32_t *retval)
1c79356b
A		 4723{
4724 int fd = uap->fd;
4725 int how = uap->how;
91447636 4726 struct fileproc *fp;
1c79356b
A		 4727 struct vnode *vp;
4728 struct flock lf;
2d21ac55 4729 vfs_context_t ctx = vfs_context_current();
91447636 4730 int error=0;
1c79356b 4731
55e303ae 4732 AUDIT_ARG(fd, uap->fd);
91447636
A		 4733 if ( (error = fp_getfvp(p, fd, &fp, &vp)) ) {
4734 return(error);
4735 }
4736 if ( (error = vnode_getwithref(vp)) ) {
4737 goto out1;
4738 }
55e303ae 4739 AUDIT_ARG(vnpath, vp, ARG_VNODE1);
91447636 4740
1c79356b
A		 4741 lf.l_whence = SEEK_SET;
4742 lf.l_start = 0;
4743 lf.l_len = 0;
4744 if (how & LOCK_UN) {
4745 lf.l_type = F_UNLCK;
4746 fp->f_flag &= ~FHASLOCK;
2d21ac55 4747 error = VNOP_ADVLOCK(vp, (caddr_t)fp->f_fglob, F_UNLCK, &lf, F_FLOCK, ctx);
91447636 4748 goto out;
1c79356b
A		 4749 }
4750 if (how & LOCK_EX)
4751 lf.l_type = F_WRLCK;
4752 else if (how & LOCK_SH)
4753 lf.l_type = F_RDLCK;
91447636
A		 4754 else {
4755 error = EBADF;
4756 goto out;
4757 }
2d21ac55
A		 4758#if CONFIG_MACF
4759 error = mac_file_check_lock(proc_ucred(p), fp->f_fglob, F_SETLK, &lf);
4760 if (error)
4761 goto out;
4762#endif
1c79356b 4763 fp->f_flag |= FHASLOCK;
91447636 4764 if (how & LOCK_NB) {
2d21ac55 4765 error = VNOP_ADVLOCK(vp, (caddr_t)fp->f_fglob, F_SETLK, &lf, F_FLOCK, ctx);
91447636
A		 4766 goto out;
4767 }
2d21ac55 4768 error = VNOP_ADVLOCK(vp, (caddr_t)fp->f_fglob, F_SETLK, &lf, F_FLOCK|F_WAIT, ctx);
91447636
A		 4769out:
4770 (void)vnode_put(vp);
4771out1:
4772 fp_drop(p, fd, fp, 0);
4773 return(error);
4774
1c79356b
A		 4775}
4776
d1ecb069
A		 4777/*
4778 * fileport_makeport
4779 *
4780 * Description: Obtain a Mach send right for a given file descriptor.
4781 *
4782 * Parameters: p Process calling fileport
4783 * uap->fd The fd to reference
4784 * uap->portnamep User address at which to place port name.
4785 *
4786 * Returns: 0 Success.
4787 * EBADF Bad file descriptor.
4788 * EINVAL File descriptor had type that cannot be sent, misc. other errors.
4789 * EFAULT Address at which to store port name is not valid.
4790 * EAGAIN Resource shortage.
4791 *
4792 * Implicit returns:
4793 * On success, name of send right is stored at user-specified address.
4794 */
4795int
4796fileport_makeport(proc_t p, struct fileport_makeport_args *uap,
4797 __unused int *retval)
4798{
4799 int err;
4800 int fd = uap->fd;
4801 user_addr_t user_portaddr = uap->portnamep;
4802 struct fileproc *fp = FILEPROC_NULL;
4803 struct fileglob *fg = NULL;
4804 ipc_port_t fileport;
4805 mach_port_name_t name = MACH_PORT_NULL;
4806
4807 err = fp_lookup(p, fd, &fp, 0);
4808 if (err != 0) {
4809 goto out;
4810 }
4811
4812 if (!filetype_issendable(fp->f_type)) {
4813 err = EINVAL;
4814 goto out;
4815 }
4816
4817 /* Dropped when port is deallocated */
4818 fg = fp->f_fglob;
4819 fg_ref(fp);
4820
4821 /* Allocate and initialize a port */
4822 fileport = fileport_alloc(fg);
4823 if (fileport == IPC_PORT_NULL) {
4824 err = EAGAIN;
4825 fg_drop(fp);
4826 goto out;
4827 }
4828
4829 /* Add an entry. Deallocates port on failure. */
4830 name = ipc_port_copyout_send(fileport, get_task_ipcspace(p->task));
4831 if (!MACH_PORT_VALID(name)) {
4832 err = EINVAL;
4833 goto out;
4834 }
4835
4836 err = copyout(&name, user_portaddr, sizeof(mach_port_name_t));
4837 if (err != 0) {
4838 goto out;
4839 }
4840
4841 /* Tag the fileglob for debugging purposes */
4842 lck_mtx_lock_spin(&fg->fg_lock);
4843 fg->fg_lflags |= FG_PORTMADE;
4844 lck_mtx_unlock(&fg->fg_lock);
4845
4846 fp_drop(p, fd, fp, 0);
4847
4848 return 0;
4849
4850out:
4851 if (MACH_PORT_VALID(name)) {
4852 /* Don't care if another thread races us to deallocate the entry */
4853 (void) mach_port_deallocate(get_task_ipcspace(p->task), name);
4854 }
4855
4856 if (fp != FILEPROC_NULL) {
4857 fp_drop(p, fd, fp, 0);
4858 }
4859
4860 return err;
4861}
4862
4863void
4864fileport_releasefg(struct fileglob *fg)
4865{
4866 (void)closef_locked(NULL, fg, PROC_NULL);
4867
4868 return;
4869}
4870
4871
4872/*
4873 * fileport_makefd
4874 *
4875 * Description: Obtain the file descriptor for a given Mach send right.
4876 *
4877 * Parameters: p Process calling fileport
4878 * uap->port Name of send right to file port.
4879 *
4880 * Returns: 0 Success
4881 * EINVAL Invalid Mach port name, or port is not for a file.
4882 * fdalloc:EMFILE
4883 * fdalloc:ENOMEM Unable to allocate fileproc or extend file table.
4884 *
4885 * Implicit returns:
4886 * *retval (modified) The new descriptor
4887 */
4888int
4889fileport_makefd(proc_t p, struct fileport_makefd_args *uap, int32_t *retval)
4890{
4891 struct fileglob *fg;
4892 struct fileproc *fp = FILEPROC_NULL;
4893 ipc_port_t port = IPC_PORT_NULL;
4894 mach_port_name_t send = uap->port;
4895 kern_return_t res;
4896 int fd;
4897 int err;
4898
4899 res = ipc_object_copyin(get_task_ipcspace(p->task),
4900 send, MACH_MSG_TYPE_COPY_SEND, &port);
4901
4902 if (res != KERN_SUCCESS) {
4903 err = EINVAL;
4904 goto out;
4905 }
4906
4907 fg = fileport_port_to_fileglob(port);
4908 if (fg == NULL) {
4909 err = EINVAL;
4910 goto out;
4911 }
6d2010ae 4912
d1ecb069
A		 4913 MALLOC_ZONE(fp, struct fileproc *, sizeof(*fp), M_FILEPROC, M_WAITOK);
4914 if (fp == FILEPROC_NULL) {
4915 err = ENOMEM;
4916 goto out;
4917 }
4918
4919 bzero(fp, sizeof(*fp));
4920
4921 fp->f_fglob = fg;
4922 fg_ref(fp);
4923
4924 proc_fdlock(p);
4925 err = fdalloc(p, 0, &fd);
4926 if (err != 0) {
4927 proc_fdunlock(p);
4928 goto out;
4929 }
6d2010ae 4930 *fdflags(p, fd) |= UF_EXCLOSE;
d1ecb069
A		 4931
4932 procfdtbl_releasefd(p, fd, fp);
4933 proc_fdunlock(p);
4934
4935 *retval = fd;
4936 err = 0;
4937out:
4938 if ((fp != NULL) && (0 != err)) {
4939 FREE_ZONE(fp, sizeof(*fp), M_FILEPROC);
4940 }
4941
4942 if (IPC_PORT_NULL != port) {
4943 ipc_port_release_send(port);
4944 }
4945
4946 return err;
4947}
d1ecb069
A		 4948
4949
1c79356b 4950/*
2d21ac55 4951 * dupfdopen
1c79356b 4952 *
2d21ac55
A		 4953 * Description: Duplicate the specified descriptor to a free descriptor;
4954 * this is the second half of fdopen(), above.
4955 *
4956 * Parameters: fdp filedesc pointer to fill in
4957 * indx fd to dup to
4958 * dfd fd to dup from
4959 * mode mode to set on new fd
4960 * error command code
4961 *
4962 * Returns: 0 Success
4963 * EBADF Source fd is bad
4964 * EACCES Requested mode not allowed
4965 * !0 'error', if not ENODEV or
4966 * ENXIO
4967 *
4968 * Notes: XXX This is not thread safe; see fdopen() above
1c79356b
A		 4969 */
4970int
6d2010ae 4971dupfdopen(struct filedesc *fdp, int indx, int dfd, int flags, int error)
1c79356b 4972{
91447636
A		 4973 struct fileproc *wfp;
4974 struct fileproc *fp;
2d21ac55
A		 4975#if CONFIG_MACF
4976 int myerror;
4977#endif
4978 proc_t p = current_proc();
1c79356b
A		 4979
4980 /*
4981 * If the to-be-dup'd fd number is greater than the allowed number
4982 * of file descriptors, or the fd to be dup'd has already been
4983 * closed, reject. Note, check for new == old is necessary as
4984 * falloc could allocate an already closed to-be-dup'd descriptor
4985 * as the new descriptor.
4986 */
91447636
A		 4987 proc_fdlock(p);
4988
1c79356b 4989 fp = fdp->fd_ofiles[indx];
91447636 4990 if (dfd < 0 || dfd >= fdp->fd_nfiles ||
1c79356b 4991 (wfp = fdp->fd_ofiles[dfd]) == NULL || wfp == fp ||
91447636 4992 (fdp->fd_ofileflags[dfd] & UF_RESERVED)) {
1c79356b 4993
91447636
A		 4994 proc_fdunlock(p);
4995 return (EBADF);
4996 }
2d21ac55
A		 4997#if CONFIG_MACF
4998 myerror = mac_file_check_dup(proc_ucred(p), wfp->f_fglob, dfd);
4999 if (myerror) {
5000 proc_fdunlock(p);
5001 return (myerror);
5002 }
5003#endif
1c79356b
A		 5004 /*
5005 * There are two cases of interest here.
5006 *
5007 * For ENODEV simply dup (dfd) to file descriptor
5008 * (indx) and return.
5009 *
5010 * For ENXIO steal away the file structure from (dfd) and
5011 * store it in (indx). (dfd) is effectively closed by
5012 * this operation.
5013 *
5014 * Any other error code is just returned.
5015 */
5016 switch (error) {
5017 case ENODEV:
5018 /*
5019 * Check that the mode the file is being opened for is a
5020 * subset of the mode of the existing descriptor.
5021 */
6d2010ae 5022 if (((flags & (FREAD|FWRITE)) | wfp->f_flag) != wfp->f_flag) {
91447636 5023 proc_fdunlock(p);
1c79356b 5024 return (EACCES);
91447636 5025 }
1c79356b 5026 if (indx > fdp->fd_lastfile)
91447636
A		 5027 fdp->fd_lastfile = indx;
5028 (void)fg_ref(wfp);
5029
5030 if (fp->f_fglob)
5031 fg_free(fp->f_fglob);
5032 fp->f_fglob = wfp->f_fglob;
5033
6d2010ae
A		 5034 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd] |
5035 (flags & O_CLOEXEC) ? UF_EXCLOSE : 0;
91447636
A		 5036
5037 proc_fdunlock(p);
1c79356b
A		 5038 return (0);
5039
1c79356b 5040 default:
91447636 5041 proc_fdunlock(p);
1c79356b
A		 5042 return (error);
5043 }
5044 /* NOTREACHED */
5045}
5046
2d21ac55
A		 5047
5048/*
5049 * fg_ref
5050 *
5051 * Description: Add a reference to a fileglob by fileproc
5052 *
5053 * Parameters: fp fileproc containing fileglob
5054 * pointer
5055 *
5056 * Returns: void
5057 *
5058 * Notes: XXX Should use OSAddAtomic?
5059 */
91447636
A		 5060void
5061fg_ref(struct fileproc * fp)
1c79356b 5062{
91447636
A		 5063 struct fileglob *fg;
5064
5065 fg = fp->f_fglob;
5066
2d21ac55
A		 5067 lck_mtx_lock_spin(&fg->fg_lock);
5068
5069#if DIAGNOSTIC
5070 if ((fp->f_flags & ~((unsigned int)FP_VALID_FLAGS)) != 0)
6d2010ae 5071 panic("fg_ref: invalid bits on fp %p", fp);
2d21ac55
A		 5072
5073 if (fg->fg_count == 0)
6d2010ae
A		 5074 panic("fg_ref: adding fgcount to zeroed fg: fp %p fg %p",
5075 fp, fg);
2d21ac55 5076#endif
91447636
A		 5077 fg->fg_count++;
5078 lck_mtx_unlock(&fg->fg_lock);
1c79356b
A		 5079}
5080
2d21ac55
A		 5081
5082/*
5083 * fg_drop
5084 *
5085 * Description: Remove a reference to a fileglob by fileproc
5086 *
5087 * Parameters: fp fileproc containing fileglob
5088 * pointer
5089 *
5090 * Returns: void
5091 *
5092 * Notes: XXX Should use OSAddAtomic?
5093 */
91447636
A		 5094void
5095fg_drop(struct fileproc * fp)
1c79356b 5096{
91447636
A		 5097 struct fileglob *fg;
5098
5099 fg = fp->f_fglob;
2d21ac55 5100 lck_mtx_lock_spin(&fg->fg_lock);
91447636
A		 5101 fg->fg_count--;
5102 lck_mtx_unlock(&fg->fg_lock);
1c79356b
A		 5103}
5104
9bccf70c 5105
2d21ac55
A		 5106/*
5107 * fg_insertuipc
5108 *
5109 * Description: Insert fileglob onto message queue
5110 *
5111 * Parameters: fg Fileglob pointer to insert
5112 *
5113 * Returns: void
5114 *
5115 * Locks: Takes and drops fg_lock, potentially many times
5116 */
91447636
A		 5117void
5118fg_insertuipc(struct fileglob * fg)
9bccf70c 5119{
2d21ac55 5120 int insertque = 0;
9bccf70c 5121
2d21ac55 5122 lck_mtx_lock_spin(&fg->fg_lock);
91447636
A		 5123
5124 while (fg->fg_lflags & FG_RMMSGQ) {
2d21ac55
A		 5125 lck_mtx_convert_spin(&fg->fg_lock);
5126
91447636 5127 fg->fg_lflags |= FG_WRMMSGQ;
2d21ac55 5128 msleep(&fg->fg_lflags, &fg->fg_lock, 0, "fg_insertuipc", NULL);
91447636 5129 }
9bccf70c 5130
91447636
A		 5131 fg->fg_count++;
5132 fg->fg_msgcount++;
5133 if (fg->fg_msgcount == 1) {
5134 fg->fg_lflags |= FG_INSMSGQ;
5135 insertque=1;
9bccf70c 5136 }
91447636
A		 5137 lck_mtx_unlock(&fg->fg_lock);
5138
5139 if (insertque) {
2d21ac55 5140 lck_mtx_lock_spin(uipc_lock);
6601e61a 5141 unp_gc_wait();
91447636
A		 5142 LIST_INSERT_HEAD(&fmsghead, fg, f_msglist);
5143 lck_mtx_unlock(uipc_lock);
5144 lck_mtx_lock(&fg->fg_lock);
5145 fg->fg_lflags &= ~FG_INSMSGQ;
5146 if (fg->fg_lflags & FG_WINSMSGQ) {
5147 fg->fg_lflags &= ~FG_WINSMSGQ;
5148 wakeup(&fg->fg_lflags);
5149 }
5150 lck_mtx_unlock(&fg->fg_lock);
5151 }
5152
5153}
9bccf70c 5154
2d21ac55
A		 5155
5156/*
5157 * fg_removeuipc
5158 *
5159 * Description: Remove fileglob from message queue
5160 *
5161 * Parameters: fg Fileglob pointer to remove
5162 *
5163 * Returns: void
5164 *
5165 * Locks: Takes and drops fg_lock, potentially many times
5166 */
91447636
A		 5167void
5168fg_removeuipc(struct fileglob * fg)
5169{
2d21ac55 5170 int removeque = 0;
91447636 5171
2d21ac55 5172 lck_mtx_lock_spin(&fg->fg_lock);
91447636 5173 while (fg->fg_lflags & FG_INSMSGQ) {
2d21ac55
A		 5174 lck_mtx_convert_spin(&fg->fg_lock);
5175
91447636 5176 fg->fg_lflags |= FG_WINSMSGQ;
2d21ac55 5177 msleep(&fg->fg_lflags, &fg->fg_lock, 0, "fg_removeuipc", NULL);
91447636
A		 5178 }
5179 fg->fg_msgcount--;
5180 if (fg->fg_msgcount == 0) {
5181 fg->fg_lflags |= FG_RMMSGQ;
5182 removeque=1;
9bccf70c 5183 }
91447636
A		 5184 lck_mtx_unlock(&fg->fg_lock);
5185
5186 if (removeque) {
2d21ac55 5187 lck_mtx_lock_spin(uipc_lock);
6601e61a 5188 unp_gc_wait();
91447636
A		 5189 LIST_REMOVE(fg, f_msglist);
5190 lck_mtx_unlock(uipc_lock);
5191 lck_mtx_lock(&fg->fg_lock);
5192 fg->fg_lflags &= ~FG_RMMSGQ;
5193 if (fg->fg_lflags & FG_WRMMSGQ) {
5194 fg->fg_lflags &= ~FG_WRMMSGQ;
5195 wakeup(&fg->fg_lflags);
5196 }
5197 lck_mtx_unlock(&fg->fg_lock);
5198 }
5199}
5200
5201
2d21ac55
A		 5202/*
5203 * fo_read
5204 *
5205 * Description: Generic fileops read indirected through the fileops pointer
5206 * in the fileproc structure
5207 *
5208 * Parameters: fp fileproc structure pointer
5209 * uio user I/O structure pointer
5210 * flags FOF_ flags
5211 * ctx VFS context for operation
5212 *
5213 * Returns: 0 Success
5214 * !0 Errno from read
5215 */
91447636 5216int
2d21ac55 5217fo_read(struct fileproc *fp, struct uio *uio, int flags, vfs_context_t ctx)
91447636 5218{
2d21ac55 5219 return ((*fp->f_ops->fo_read)(fp, uio, flags, ctx));
91447636
A		 5220}
5221
2d21ac55
A		 5222
5223/*
5224 * fo_write
5225 *
5226 * Description: Generic fileops write indirected through the fileops pointer
5227 * in the fileproc structure
5228 *
5229 * Parameters: fp fileproc structure pointer
5230 * uio user I/O structure pointer
5231 * flags FOF_ flags
5232 * ctx VFS context for operation
5233 *
5234 * Returns: 0 Success
5235 * !0 Errno from write
5236 */
91447636 5237int
2d21ac55 5238fo_write(struct fileproc *fp, struct uio *uio, int flags, vfs_context_t ctx)
91447636 5239{
2d21ac55 5240 return((*fp->f_ops->fo_write)(fp, uio, flags, ctx));
91447636
A		 5241}
5242
2d21ac55
A		 5243
5244/*
5245 * fo_ioctl
5246 *
5247 * Description: Generic fileops ioctl indirected through the fileops pointer
5248 * in the fileproc structure
5249 *
5250 * Parameters: fp fileproc structure pointer
5251 * com ioctl command
5252 * data pointer to internalized copy
5253 * of user space ioctl command
5254 * parameter data in kernel space
5255 * ctx VFS context for operation
5256 *
5257 * Returns: 0 Success
5258 * !0 Errno from ioctl
5259 *
5260 * Locks: The caller is assumed to have held the proc_fdlock; this
5261 * function releases and reacquires this lock. If the caller
5262 * accesses data protected by this lock prior to calling this
5263 * function, it will need to revalidate/reacquire any cached
5264 * protected data obtained prior to the call.
5265 */
91447636 5266int
2d21ac55 5267fo_ioctl(struct fileproc *fp, u_long com, caddr_t data, vfs_context_t ctx)
91447636 5268{
2d21ac55 5269 int error;
91447636 5270
2d21ac55
A		 5271 proc_fdunlock(vfs_context_proc(ctx));
5272 error = (*fp->f_ops->fo_ioctl)(fp, com, data, ctx);
5273 proc_fdlock(vfs_context_proc(ctx));
91447636
A		 5274 return(error);
5275}
5276
2d21ac55
A		 5277
5278/*
5279 * fo_select
5280 *
5281 * Description: Generic fileops select indirected through the fileops pointer
5282 * in the fileproc structure
5283 *
5284 * Parameters: fp fileproc structure pointer
5285 * which select which
5286 * wql pointer to wait queue list
5287 * ctx VFS context for operation
5288 *
5289 * Returns: 0 Success
5290 * !0 Errno from select
5291 */
91447636 5292int
2d21ac55 5293fo_select(struct fileproc *fp, int which, void *wql, vfs_context_t ctx)
91447636 5294{
2d21ac55 5295 return((*fp->f_ops->fo_select)(fp, which, wql, ctx));
91447636
A		 5296}
5297
2d21ac55
A		 5298
5299/*
5300 * fo_close
5301 *
5302 * Description: Generic fileops close indirected through the fileops pointer
5303 * in the fileproc structure
5304 *
5305 * Parameters: fp fileproc structure pointer for
5306 * file to close
5307 * ctx VFS context for operation
5308 *
5309 * Returns: 0 Success
5310 * !0 Errno from close
5311 */
91447636 5312int
2d21ac55 5313fo_close(struct fileglob *fg, vfs_context_t ctx)
91447636 5314{
2d21ac55 5315 return((*fg->fg_ops->fo_close)(fg, ctx));
9bccf70c
A		 5316}
5317
2d21ac55
A		 5318
5319/*
5320 * fo_kqfilter
5321 *
5322 * Description: Generic fileops kqueue filter indirected through the fileops
5323 * pointer in the fileproc structure
5324 *
5325 * Parameters: fp fileproc structure pointer
5326 * kn pointer to knote to filter on
5327 * ctx VFS context for operation
5328 *
5329 * Returns: 0 Success
5330 * !0 Errno from kqueue filter
5331 */
1c79356b 5332int
2d21ac55 5333fo_kqfilter(struct fileproc *fp, struct knote *kn, vfs_context_t ctx)
1c79356b 5334{
2d21ac55 5335 return ((*fp->f_ops->fo_kqfilter)(fp, kn, ctx));
1c79356b 5336}
b0d623f7
A		 5337
5338/*
5339 * The ability to send a file descriptor to another
5340 * process is opt-in by file type.
5341 */
5342boolean_t
5343filetype_issendable(file_type_t fdtype)
5344{
5345 switch (fdtype) {
5346 case DTYPE_VNODE:
5347 case DTYPE_SOCKET:
5348 case DTYPE_PIPE:
7e4a7d39 5349 case DTYPE_PSXSHM:
b0d623f7
A		 5350 return TRUE;
5351 default:
7e4a7d39 5352 /* DTYPE_KQUEUE, DTYPE_FSEVENTS, DTYPE_PSXSEM */
b0d623f7
A		 5353 return FALSE;
5354 }
5355}
mirror of XNU