]> git.saurik.com Git - apple/xnu.git/blame - bsd/kern/sys_pipe.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-1699.24.8.tar.gz
[apple/xnu.git] / bsd / kern / sys_pipe.c
CommitLineData
91447636
A		 1/*
2 * Copyright (c) 1996 John S. Dyson
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice immediately at the beginning of the file, without modification,
10 * this list of conditions, and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. Absolutely no warranty of function or purpose is made by the author
15 * John S. Dyson.
16 * 4. Modifications may be freely made to this file if the above conditions
17 * are met.
18 */
19/*
2d21ac55 20 * Copyright (c) 2003-2007 Apple Inc. All rights reserved.
91447636 21 *
2d21ac55 22 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
91447636 23 *
2d21ac55
A		 24 * This file contains Original Code and/or Modifications of Original Code
25 * as defined in and that are subject to the Apple Public Source License
26 * Version 2.0 (the 'License'). You may not use this file except in
27 * compliance with the License. The rights granted to you under the License
28 * may not be used to create, or enable the creation or redistribution of,
29 * unlawful or unlicensed copies of an Apple operating system, or to
30 * circumvent, violate, or enable the circumvention or violation of, any
31 * terms of an Apple operating system software license agreement.
8f6c56a5 32 *
2d21ac55
A		 33 * Please obtain a copy of the License at
34 * http://www.opensource.apple.com/apsl/ and read it before using this file.
35 *
36 * The Original Code and all software distributed under the License are
37 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5
A		 38 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
39 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55
A		 40 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
41 * Please see the License for the specific language governing rights and
42 * limitations under the License.
8f6c56a5 43 *
2d21ac55
A		 44 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
45 */
46/*
47 * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
48 * support for mandatory and extensible security protections. This notice
49 * is included in support of clause 2.2 (b) of the Apple Public License,
50 * Version 2.0.
91447636
A		 51 */
52
53/*
54 * This file contains a high-performance replacement for the socket-based
55 * pipes scheme originally used in FreeBSD/4.4Lite. It does not support
56 * all features of sockets, but does do everything that pipes normally
57 * do.
58 */
59
60/*
61 * This code has two modes of operation, a small write mode and a large
62 * write mode. The small write mode acts like conventional pipes with
63 * a kernel buffer. If the buffer is less than PIPE_MINDIRECT, then the
64 * "normal" pipe buffering is done. If the buffer is between PIPE_MINDIRECT
65 * and PIPE_SIZE in size, it is fully mapped and wired into the kernel, and
66 * the receiving process can copy it directly from the pages in the sending
67 * process.
68 *
69 * If the sending process receives a signal, it is possible that it will
70 * go away, and certainly its address space can change, because control
71 * is returned back to the user-mode side. In that case, the pipe code
72 * arranges to copy the buffer supplied by the user process, to a pageable
73 * kernel buffer, and the receiving process will grab the data from the
74 * pageable kernel buffer. Since signals don't happen all that often,
75 * the copy operation is normally eliminated.
76 *
77 * The constant PIPE_MINDIRECT is chosen to make sure that buffering will
78 * happen for small transfers so that the system will not spend all of
79 * its time context switching.
80 *
81 * In order to limit the resource use of pipes, two sysctls exist:
82 *
83 * kern.ipc.maxpipekva - This is a hard limit on the amount of pageable
84 * address space available to us in pipe_map. Whenever the amount in use
85 * exceeds half of this value, all new pipes will be created with size
86 * SMALL_PIPE_SIZE, rather than PIPE_SIZE. Big pipe creation will be limited
87 * as well. This value is loader tunable only.
88 *
89 * kern.ipc.maxpipekvawired - This value limits the amount of memory that may
90 * be wired in order to facilitate direct copies using page flipping.
91 * Whenever this value is exceeded, pipes will fall back to using regular
92 * copies. This value is sysctl controllable at all times.
93 *
94 * These values are autotuned in subr_param.c.
95 *
96 * Memory usage may be monitored through the sysctls
97 * kern.ipc.pipes, kern.ipc.pipekva and kern.ipc.pipekvawired.
98 *
99 */
100
101#include <sys/param.h>
102#include <sys/systm.h>
103#include <sys/filedesc.h>
104#include <sys/kernel.h>
105#include <sys/vnode.h>
106#include <sys/proc_internal.h>
107#include <sys/kauth.h>
108#include <sys/file_internal.h>
109#include <sys/stat.h>
110#include <sys/ioctl.h>
111#include <sys/fcntl.h>
112#include <sys/malloc.h>
113#include <sys/syslog.h>
114#include <sys/unistd.h>
115#include <sys/resourcevar.h>
116#include <sys/aio_kern.h>
117#include <sys/signalvar.h>
118#include <sys/pipe.h>
119#include <sys/sysproto.h>
0c530ab8 120#include <sys/proc_info.h>
91447636 121
b0d623f7 122#include <security/audit/audit.h>
91447636
A		 123
124#include <sys/kdebug.h>
125
126#include <kern/zalloc.h>
127#include <vm/vm_kern.h>
128#include <libkern/OSAtomic.h>
129
130#define f_flag f_fglob->fg_flag
131#define f_type f_fglob->fg_type
132#define f_msgcount f_fglob->fg_msgcount
133#define f_cred f_fglob->fg_cred
134#define f_ops f_fglob->fg_ops
135#define f_offset f_fglob->fg_offset
136#define f_data f_fglob->fg_data
137/*
138 * Use this define if you want to disable *fancy* VM things. Expect an
139 * approx 30% decrease in transfer rate. This could be useful for
140 * NetBSD or OpenBSD.
141 *
142 * this needs to be ported to X and the performance measured
143 * before committing to supporting it
144 */
145#define PIPE_NODIRECT 1
146
147#ifndef PIPE_NODIRECT
148
149#include <vm/vm.h>
150#include <vm/vm_param.h>
151#include <vm/vm_object.h>
152#include <vm/vm_kern.h>
153#include <vm/vm_extern.h>
154#include <vm/pmap.h>
155#include <vm/vm_map.h>
156#include <vm/vm_page.h>
157#include <vm/uma.h>
158
159#endif
160
91447636
A		 161/*
162 * interfaces to the outside world
163 */
164static int pipe_read(struct fileproc *fp, struct uio *uio,
2d21ac55 165 int flags, vfs_context_t ctx);
91447636
A		 166
167static int pipe_write(struct fileproc *fp, struct uio *uio,
2d21ac55 168 int flags, vfs_context_t ctx);
91447636 169
2d21ac55 170static int pipe_close(struct fileglob *fg, vfs_context_t ctx);
91447636 171
2d21ac55
A		 172static int pipe_select(struct fileproc *fp, int which, void * wql,
173 vfs_context_t ctx);
91447636 174
2d21ac55
A		 175static int pipe_kqfilter(struct fileproc *fp, struct knote *kn,
176 vfs_context_t ctx);
91447636 177
2d21ac55
A		 178static int pipe_ioctl(struct fileproc *fp, u_long cmd, caddr_t data,
179 vfs_context_t ctx);
91447636 180
b0d623f7
A		 181static int pipe_drain(struct fileproc *fp,vfs_context_t ctx);
182
91447636
A		 183
184struct fileops pipeops =
185 { pipe_read,
186 pipe_write,
187 pipe_ioctl,
188 pipe_select,
189 pipe_close,
190 pipe_kqfilter,
b0d623f7 191 pipe_drain };
91447636
A		 192
193
194static void filt_pipedetach(struct knote *kn);
195static int filt_piperead(struct knote *kn, long hint);
196static int filt_pipewrite(struct knote *kn, long hint);
197
b0d623f7
A		 198static struct filterops pipe_rfiltops = {
199 .f_isfd = 1,
200 .f_detach = filt_pipedetach,
201 .f_event = filt_piperead,
202};
203static struct filterops pipe_wfiltops = {
204 .f_isfd = 1,
205 .f_detach = filt_pipedetach,
206 .f_event = filt_pipewrite,
207};
91447636
A		 208
209/*
210 * Default pipe buffer size(s), this can be kind-of large now because pipe
211 * space is pageable. The pipe code will try to maintain locality of
212 * reference for performance reasons, so small amounts of outstanding I/O
213 * will not wipe the cache.
214 */
215#define MINPIPESIZE (PIPE_SIZE/3)
216
217/*
218 * Limit the number of "big" pipes
219 */
220#define LIMITBIGPIPES 32
221static int nbigpipe;
222
223static int amountpipes;
224static int amountpipekva;
225
226#ifndef PIPE_NODIRECT
227static int amountpipekvawired;
228#endif
229int maxpipekva = 1024 * 1024 * 16;
230
231#if PIPE_SYSCTLS
232SYSCTL_DECL(_kern_ipc);
233
6d2010ae 234SYSCTL_INT(_kern_ipc, OID_AUTO, maxpipekva, CTLFLAG_RD|CTLFLAG_LOCKED,
91447636 235 &maxpipekva, 0, "Pipe KVA limit");
6d2010ae 236SYSCTL_INT(_kern_ipc, OID_AUTO, maxpipekvawired, CTLFLAG_RW|CTLFLAG_LOCKED,
91447636 237 &maxpipekvawired, 0, "Pipe KVA wired limit");
6d2010ae 238SYSCTL_INT(_kern_ipc, OID_AUTO, pipes, CTLFLAG_RD|CTLFLAG_LOCKED,
91447636 239 &amountpipes, 0, "Current # of pipes");
6d2010ae 240SYSCTL_INT(_kern_ipc, OID_AUTO, bigpipes, CTLFLAG_RD|CTLFLAG_LOCKED,
91447636 241 &nbigpipe, 0, "Current # of big pipes");
6d2010ae 242SYSCTL_INT(_kern_ipc, OID_AUTO, pipekva, CTLFLAG_RD|CTLFLAG_LOCKED,
91447636 243 &amountpipekva, 0, "Pipe KVA usage");
6d2010ae 244SYSCTL_INT(_kern_ipc, OID_AUTO, pipekvawired, CTLFLAG_RD|CTLFLAG_LOCKED,
91447636
A		 245 &amountpipekvawired, 0, "Pipe wired KVA usage");
246#endif
247
91447636
A		 248static void pipeclose(struct pipe *cpipe);
249static void pipe_free_kmem(struct pipe *cpipe);
250static int pipe_create(struct pipe **cpipep);
251static void pipeselwakeup(struct pipe *cpipe, struct pipe *spipe);
252static __inline int pipelock(struct pipe *cpipe, int catch);
253static __inline void pipeunlock(struct pipe *cpipe);
254
255#ifndef PIPE_NODIRECT
256static int pipe_build_write_buffer(struct pipe *wpipe, struct uio *uio);
257static void pipe_destroy_write_buffer(struct pipe *wpipe);
258static int pipe_direct_write(struct pipe *wpipe, struct uio *uio);
259static void pipe_clone_write_buffer(struct pipe *wpipe);
260#endif
261
262extern int postpipeevent(struct pipe *, int);
263extern void evpipefree(struct pipe *cpipe);
264
265
266static int pipespace(struct pipe *cpipe, int size);
267
268static lck_grp_t *pipe_mtx_grp;
269static lck_attr_t *pipe_mtx_attr;
270static lck_grp_attr_t *pipe_mtx_grp_attr;
271
272static zone_t pipe_zone;
273
ebb1b9f4
A		 274#define PIPE_GARBAGE_AGE_LIMIT 5000 /* In milliseconds */
275#define PIPE_GARBAGE_QUEUE_LIMIT 32000
276
277struct pipe_garbage {
278 struct pipe *pg_pipe;
279 struct pipe_garbage *pg_next;
280 uint64_t pg_timestamp;
281};
282
283static zone_t pipe_garbage_zone;
284static struct pipe_garbage *pipe_garbage_head = NULL;
285static struct pipe_garbage *pipe_garbage_tail = NULL;
286static uint64_t pipe_garbage_age_limit = PIPE_GARBAGE_AGE_LIMIT;
287static int pipe_garbage_count = 0;
288static lck_mtx_t *pipe_garbage_lock;
289
91447636
A		 290SYSINIT(vfs, SI_SUB_VFS, SI_ORDER_ANY, pipeinit, NULL);
291
292void
2d21ac55 293pipeinit(void)
91447636 294{
ebb1b9f4
A		 295 vm_size_t zone_size;
296
297 zone_size = 8192 * sizeof(struct pipe);
298 pipe_zone = zinit(sizeof(struct pipe), zone_size, 4096, "pipe zone");
91447636
A		 299
300 /*
301 * allocate lock group attribute and group for pipe mutexes
302 */
303 pipe_mtx_grp_attr = lck_grp_attr_alloc_init();
91447636
A		 304 pipe_mtx_grp = lck_grp_alloc_init("pipe", pipe_mtx_grp_attr);
305
306 /*
307 * allocate the lock attribute for pipe mutexes
308 */
309 pipe_mtx_attr = lck_attr_alloc_init();
ebb1b9f4
A		 310
311 /*
312 * Set up garbage collection for dead pipes
313 */
314 zone_size = (PIPE_GARBAGE_QUEUE_LIMIT + 20) *
315 sizeof(struct pipe_garbage);
316 pipe_garbage_zone = (zone_t)zinit(sizeof(struct pipe_garbage),
317 zone_size, 4096, "pipe garbage zone");
318 pipe_garbage_lock = lck_mtx_alloc_init(pipe_mtx_grp, pipe_mtx_attr);
91447636
A		 319}
320
2d21ac55
A		 321/* Bitmap for things to touch in pipe_touch() */
322#define PIPE_ATIME 0x00000001 /* time of last access */
323#define PIPE_MTIME 0x00000002 /* time of last modification */
324#define PIPE_CTIME 0x00000004 /* time of last status change */
325
326static void
327pipe_touch(struct pipe *tpipe, int touch)
328{
329 struct timeval now;
330
331 microtime(&now);
332
333 if (touch & PIPE_ATIME) {
334 tpipe->st_atimespec.tv_sec = now.tv_sec;
335 tpipe->st_atimespec.tv_nsec = now.tv_usec * 1000;
336 }
337
338 if (touch & PIPE_MTIME) {
339 tpipe->st_mtimespec.tv_sec = now.tv_sec;
340 tpipe->st_mtimespec.tv_nsec = now.tv_usec * 1000;
341 }
342
343 if (touch & PIPE_CTIME) {
344 tpipe->st_ctimespec.tv_sec = now.tv_sec;
345 tpipe->st_ctimespec.tv_nsec = now.tv_usec * 1000;
346 }
347}
348
91447636
A		 349
350
351/*
352 * The pipe system call for the DTYPE_PIPE type of pipes
353 */
354
355/* ARGSUSED */
356int
b0d623f7 357pipe(proc_t p, __unused struct pipe_args *uap, int32_t *retval)
91447636
A		 358{
359 struct fileproc *rf, *wf;
360 struct pipe *rpipe, *wpipe;
361 lck_mtx_t *pmtx;
362 int fd, error;
363
364 if ((pmtx = lck_mtx_alloc_init(pipe_mtx_grp, pipe_mtx_attr)) == NULL)
365 return (ENOMEM);
366
367 rpipe = wpipe = NULL;
368 if (pipe_create(&rpipe) || pipe_create(&wpipe)) {
369 error = ENFILE;
370 goto freepipes;
371 }
372 /*
373 * allocate the space for the normal I/O direction up
374 * front... we'll delay the allocation for the other
375 * direction until a write actually occurs (most
376 * likely it won't)...
377 *
378 * Reduce to 1/4th pipe size if we're over our global max.
379 */
380 if (amountpipekva > maxpipekva / 2)
381 error = pipespace(rpipe, SMALL_PIPE_SIZE);
382 else
383 error = pipespace(rpipe, PIPE_SIZE);
384 if (error)
385 goto freepipes;
386
387#ifndef PIPE_NODIRECT
388 rpipe->pipe_state |= PIPE_DIRECTOK;
389 wpipe->pipe_state |= PIPE_DIRECTOK;
390#endif
391 TAILQ_INIT(&rpipe->pipe_evlist);
392 TAILQ_INIT(&wpipe->pipe_evlist);
393
2d21ac55 394 error = falloc(p, &rf, &fd, vfs_context_current());
91447636
A		 395 if (error) {
396 goto freepipes;
397 }
398 retval[0] = fd;
399
400 /*
401 * for now we'll create half-duplex
402 * pipes... this is what we've always
403 * supported..
404 */
405 rf->f_flag = FREAD;
406 rf->f_type = DTYPE_PIPE;
407 rf->f_data = (caddr_t)rpipe;
408 rf->f_ops = &pipeops;
409
2d21ac55 410 error = falloc(p, &wf, &fd, vfs_context_current());
91447636
A		 411 if (error) {
412 fp_free(p, retval[0], rf);
413 goto freepipes;
414 }
415 wf->f_flag = FWRITE;
416 wf->f_type = DTYPE_PIPE;
417 wf->f_data = (caddr_t)wpipe;
418 wf->f_ops = &pipeops;
419
6601e61a
A		 420 rpipe->pipe_peer = wpipe;
421 wpipe->pipe_peer = rpipe;
6601e61a 422 rpipe->pipe_mtxp = wpipe->pipe_mtxp = pmtx;
2d21ac55 423
91447636 424 retval[1] = fd;
2d21ac55 425#if CONFIG_MACF
91447636
A		 426 /*
427 * XXXXXXXX SHOULD NOT HOLD FILE_LOCK() XXXXXXXXXXXX
428 *
429 * struct pipe represents a pipe endpoint. The MAC label is shared
2d21ac55
A		 430 * between the connected endpoints. As a result mac_pipe_label_init() and
431 * mac_pipe_label_associate() should only be called on one of the endpoints
91447636
A		 432 * after they have been connected.
433 */
2d21ac55
A		 434 mac_pipe_label_init(rpipe);
435 mac_pipe_label_associate(kauth_cred_get(), rpipe);
436 wpipe->pipe_label = rpipe->pipe_label;
91447636 437#endif
2d21ac55 438 proc_fdlock_spin(p);
6601e61a
A		 439 procfdtbl_releasefd(p, retval[0], NULL);
440 procfdtbl_releasefd(p, retval[1], NULL);
91447636
A		 441 fp_drop(p, retval[0], rf, 1);
442 fp_drop(p, retval[1], wf, 1);
443 proc_fdunlock(p);
444
91447636
A		 445
446 return (0);
447
448freepipes:
449 pipeclose(rpipe);
450 pipeclose(wpipe);
451 lck_mtx_free(pmtx, pipe_mtx_grp);
452
453 return (error);
454}
455
91447636 456int
2d21ac55 457pipe_stat(struct pipe *cpipe, void *ub, int isstat64)
91447636 458{
2d21ac55 459#if CONFIG_MACF
91447636
A		 460 int error;
461#endif
2d21ac55
A		 462 int pipe_size = 0;
463 int pipe_count;
464 struct stat *sb = (struct stat *)0; /* warning avoidance ; protected by isstat64 */
465 struct stat64 * sb64 = (struct stat64 *)0; /* warning avoidance ; protected by isstat64 */
91447636
A		 466
467 if (cpipe == NULL)
468 return (EBADF);
91447636 469 PIPE_LOCK(cpipe);
2d21ac55
A		 470
471#if CONFIG_MACF
472 error = mac_pipe_check_stat(kauth_cred_get(), cpipe);
473 if (error) {
474 PIPE_UNLOCK(cpipe);
91447636 475 return (error);
2d21ac55 476 }
91447636
A		 477#endif
478 if (cpipe->pipe_buffer.buffer == 0) {
479 /*
480 * must be stat'ing the write fd
481 */
2d21ac55
A		 482 if (cpipe->pipe_peer) {
483 /*
484 * the peer still exists, use it's info
485 */
486 pipe_size = cpipe->pipe_peer->pipe_buffer.size;
487 pipe_count = cpipe->pipe_peer->pipe_buffer.cnt;
488 } else {
489 pipe_count = 0;
490 }
491 } else {
492 pipe_size = cpipe->pipe_buffer.size;
493 pipe_count = cpipe->pipe_buffer.cnt;
91447636 494 }
2d21ac55
A		 495 /*
496 * since peer's buffer is setup ouside of lock
497 * we might catch it in transient state
498 */
499 if (pipe_size == 0)
500 pipe_size = PIPE_SIZE;
91447636 501
2d21ac55
A		 502 if (isstat64 != 0) {
503 sb64 = (struct stat64 *)ub;
91447636 504
2d21ac55
A		 505 bzero(sb64, sizeof(*sb64));
506 sb64->st_mode = S_IFIFO | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP;
507 sb64->st_blksize = pipe_size;
508 sb64->st_size = pipe_count;
509 sb64->st_blocks = (sb64->st_size + sb64->st_blksize - 1) / sb64->st_blksize;
510
511 sb64->st_uid = kauth_getuid();
512 sb64->st_gid = kauth_getgid();
513
514 sb64->st_atimespec.tv_sec = cpipe->st_atimespec.tv_sec;
515 sb64->st_atimespec.tv_nsec = cpipe->st_atimespec.tv_nsec;
516
517 sb64->st_mtimespec.tv_sec = cpipe->st_mtimespec.tv_sec;
518 sb64->st_mtimespec.tv_nsec = cpipe->st_mtimespec.tv_nsec;
91447636 519
2d21ac55
A		 520 sb64->st_ctimespec.tv_sec = cpipe->st_ctimespec.tv_sec;
521 sb64->st_ctimespec.tv_nsec = cpipe->st_ctimespec.tv_nsec;
91447636 522
2d21ac55
A		 523 /*
524 * Return a relatively unique inode number based on the current
525 * address of this pipe's struct pipe. This number may be recycled
526 * relatively quickly.
527 */
b0d623f7 528 sb64->st_ino = (ino64_t)((uintptr_t)cpipe);
2d21ac55
A		 529 } else {
530 sb = (struct stat *)ub;
531
532 bzero(sb, sizeof(*sb));
533 sb->st_mode = S_IFIFO | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP;
534 sb->st_blksize = pipe_size;
535 sb->st_size = pipe_count;
536 sb->st_blocks = (sb->st_size + sb->st_blksize - 1) / sb->st_blksize;
537
538 sb->st_uid = kauth_getuid();
539 sb->st_gid = kauth_getgid();
540
541 sb->st_atimespec.tv_sec = cpipe->st_atimespec.tv_sec;
542 sb->st_atimespec.tv_nsec = cpipe->st_atimespec.tv_nsec;
543
544 sb->st_mtimespec.tv_sec = cpipe->st_mtimespec.tv_sec;
545 sb->st_mtimespec.tv_nsec = cpipe->st_mtimespec.tv_nsec;
546
547 sb->st_ctimespec.tv_sec = cpipe->st_ctimespec.tv_sec;
548 sb->st_ctimespec.tv_nsec = cpipe->st_ctimespec.tv_nsec;
549
550 /*
551 * Return a relatively unique inode number based on the current
552 * address of this pipe's struct pipe. This number may be recycled
553 * relatively quickly.
554 */
b0d623f7 555 sb->st_ino = (ino_t)(uintptr_t)cpipe;
2d21ac55
A		 556 }
557 PIPE_UNLOCK(cpipe);
91447636
A		 558
559 /*
2d21ac55
A		 560 * POSIX: Left as 0: st_dev, st_nlink, st_rdev, st_flags, st_gen,
561 * st_uid, st_gid.
562 *
563 * XXX (st_dev) should be unique, but there is no device driver that
564 * XXX is associated with pipes, since they are implemented via a
565 * XXX struct fileops indirection rather than as FS objects.
91447636
A		 566 */
567 return (0);
568}
569
570
571/*
572 * Allocate kva for pipe circular buffer, the space is pageable
573 * This routine will 'realloc' the size of a pipe safely, if it fails
574 * it will retain the old buffer.
575 * If it fails it will return ENOMEM.
576 */
577static int
578pipespace(struct pipe *cpipe, int size)
579{
580 vm_offset_t buffer;
581
582 size = round_page(size);
583
584 if (kmem_alloc(kernel_map, &buffer, size) != KERN_SUCCESS)
585 return(ENOMEM);
586
587 /* free old resources if we're resizing */
588 pipe_free_kmem(cpipe);
589 cpipe->pipe_buffer.buffer = (caddr_t)buffer;
590 cpipe->pipe_buffer.size = size;
591 cpipe->pipe_buffer.in = 0;
592 cpipe->pipe_buffer.out = 0;
593 cpipe->pipe_buffer.cnt = 0;
594
b0d623f7
A		 595 OSAddAtomic(1, &amountpipes);
596 OSAddAtomic(cpipe->pipe_buffer.size, &amountpipekva);
91447636
A		 597
598 return (0);
599}
600
601/*
602 * initialize and allocate VM and memory for pipe
603 */
604static int
605pipe_create(struct pipe **cpipep)
606{
607 struct pipe *cpipe;
608
609 cpipe = (struct pipe *)zalloc(pipe_zone);
610
611 if ((*cpipep = cpipe) == NULL)
612 return (ENOMEM);
613
614 /*
615 * protect so pipespace or pipeclose don't follow a junk pointer
616 * if pipespace() fails.
617 */
618 bzero(cpipe, sizeof *cpipe);
619
2d21ac55
A		 620 /* Initial times are all the time of creation of the pipe */
621 pipe_touch(cpipe, PIPE_ATIME | PIPE_MTIME | PIPE_CTIME);
622
91447636
A		 623 return (0);
624}
625
626
627/*
628 * lock a pipe for I/O, blocking other access
629 */
2d21ac55
A		 630static inline int
631pipelock(struct pipe *cpipe, int catch)
91447636
A		 632{
633 int error;
634
635 while (cpipe->pipe_state & PIPE_LOCKFL) {
636 cpipe->pipe_state |= PIPE_LWANT;
637
638 error = msleep(cpipe, PIPE_MTX(cpipe), catch ? (PRIBIO | PCATCH) : PRIBIO,
639 "pipelk", 0);
640 if (error != 0)
641 return (error);
642 }
643 cpipe->pipe_state |= PIPE_LOCKFL;
644
645 return (0);
646}
647
648/*
649 * unlock a pipe I/O lock
650 */
2d21ac55
A		 651static inline void
652pipeunlock(struct pipe *cpipe)
91447636 653{
91447636
A		 654 cpipe->pipe_state &= ~PIPE_LOCKFL;
655
656 if (cpipe->pipe_state & PIPE_LWANT) {
657 cpipe->pipe_state &= ~PIPE_LWANT;
658 wakeup(cpipe);
659 }
660}
661
662static void
2d21ac55 663pipeselwakeup(struct pipe *cpipe, struct pipe *spipe)
91447636 664{
91447636
A		 665 if (cpipe->pipe_state & PIPE_SEL) {
666 cpipe->pipe_state &= ~PIPE_SEL;
667 selwakeup(&cpipe->pipe_sel);
668 }
669 if (cpipe->pipe_state & PIPE_KNOTE)
670 KNOTE(&cpipe->pipe_sel.si_note, 1);
671
672 postpipeevent(cpipe, EV_RWBYTES);
673
674 if (spipe && (spipe->pipe_state & PIPE_ASYNC) && spipe->pipe_pgid) {
91447636
A		 675 if (spipe->pipe_pgid < 0)
676 gsignal(-spipe->pipe_pgid, SIGIO);
2d21ac55
A		 677 else
678 proc_signal(spipe->pipe_pgid, SIGIO);
91447636
A		 679 }
680}
681
682/* ARGSUSED */
683static int
2d21ac55
A		 684pipe_read(struct fileproc *fp, struct uio *uio, __unused int flags,
685 __unused vfs_context_t ctx)
91447636
A		 686{
687 struct pipe *rpipe = (struct pipe *)fp->f_data;
688 int error;
689 int nread = 0;
690 u_int size;
691
692 PIPE_LOCK(rpipe);
693 ++rpipe->pipe_busy;
694
695 error = pipelock(rpipe, 1);
696 if (error)
697 goto unlocked_error;
698
2d21ac55
A		 699#if CONFIG_MACF
700 error = mac_pipe_check_read(kauth_cred_get(), rpipe);
91447636
A		 701 if (error)
702 goto locked_error;
703#endif
704
705 while (uio_resid(uio)) {
706 /*
707 * normal pipe buffer receive
708 */
709 if (rpipe->pipe_buffer.cnt > 0) {
710 size = rpipe->pipe_buffer.size - rpipe->pipe_buffer.out;
711 if (size > rpipe->pipe_buffer.cnt)
712 size = rpipe->pipe_buffer.cnt;
713 // LP64todo - fix this!
714 if (size > (u_int) uio_resid(uio))
715 size = (u_int) uio_resid(uio);
716
717 PIPE_UNLOCK(rpipe);
718 error = uiomove(
719 &rpipe->pipe_buffer.buffer[rpipe->pipe_buffer.out],
720 size, uio);
721 PIPE_LOCK(rpipe);
722 if (error)
723 break;
724
725 rpipe->pipe_buffer.out += size;
726 if (rpipe->pipe_buffer.out >= rpipe->pipe_buffer.size)
727 rpipe->pipe_buffer.out = 0;
728
729 rpipe->pipe_buffer.cnt -= size;
730
731 /*
732 * If there is no more to read in the pipe, reset
733 * its pointers to the beginning. This improves
734 * cache hit stats.
735 */
736 if (rpipe->pipe_buffer.cnt == 0) {
737 rpipe->pipe_buffer.in = 0;
738 rpipe->pipe_buffer.out = 0;
739 }
740 nread += size;
741#ifndef PIPE_NODIRECT
742 /*
743 * Direct copy, bypassing a kernel buffer.
744 */
745 } else if ((size = rpipe->pipe_map.cnt) &&
746 (rpipe->pipe_state & PIPE_DIRECTW)) {
747 caddr_t va;
748 // LP64todo - fix this!
749 if (size > (u_int) uio_resid(uio))
750 size = (u_int) uio_resid(uio);
751
752 va = (caddr_t) rpipe->pipe_map.kva +
753 rpipe->pipe_map.pos;
754 PIPE_UNLOCK(rpipe);
755 error = uiomove(va, size, uio);
756 PIPE_LOCK(rpipe);
757 if (error)
758 break;
759 nread += size;
760 rpipe->pipe_map.pos += size;
761 rpipe->pipe_map.cnt -= size;
762 if (rpipe->pipe_map.cnt == 0) {
763 rpipe->pipe_state &= ~PIPE_DIRECTW;
764 wakeup(rpipe);
765 }
766#endif
767 } else {
768 /*
769 * detect EOF condition
770 * read returns 0 on EOF, no need to set error
771 */
b0d623f7 772 if (rpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF)) {
91447636 773 break;
b0d623f7 774 }
91447636
A		 775
776 /*
777 * If the "write-side" has been blocked, wake it up now.
778 */
779 if (rpipe->pipe_state & PIPE_WANTW) {
780 rpipe->pipe_state &= ~PIPE_WANTW;
781 wakeup(rpipe);
782 }
783
784 /*
785 * Break if some data was read.
786 */
787 if (nread > 0)
788 break;
789
790 /*
791 * Unlock the pipe buffer for our remaining processing.
792 * We will either break out with an error or we will
793 * sleep and relock to loop.
794 */
795 pipeunlock(rpipe);
796
797 /*
798 * Handle non-blocking mode operation or
799 * wait for more data.
800 */
801 if (fp->f_flag & FNONBLOCK) {
802 error = EAGAIN;
803 } else {
804 rpipe->pipe_state |= PIPE_WANTR;
805
806 error = msleep(rpipe, PIPE_MTX(rpipe), PRIBIO | PCATCH, "piperd", 0);
807
808 if (error == 0)
809 error = pipelock(rpipe, 1);
810 }
811 if (error)
812 goto unlocked_error;
813 }
814 }
2d21ac55 815#if CONFIG_MACF
91447636
A		 816locked_error:
817#endif
818 pipeunlock(rpipe);
819
820unlocked_error:
821 --rpipe->pipe_busy;
822
823 /*
824 * PIPE_WANT processing only makes sense if pipe_busy is 0.
825 */
826 if ((rpipe->pipe_busy == 0) && (rpipe->pipe_state & PIPE_WANT)) {
827 rpipe->pipe_state &= ~(PIPE_WANT|PIPE_WANTW);
828 wakeup(rpipe);
829 } else if (rpipe->pipe_buffer.cnt < MINPIPESIZE) {
830 /*
831 * Handle write blocking hysteresis.
832 */
833 if (rpipe->pipe_state & PIPE_WANTW) {
834 rpipe->pipe_state &= ~PIPE_WANTW;
835 wakeup(rpipe);
836 }
837 }
838
839 if ((rpipe->pipe_buffer.size - rpipe->pipe_buffer.cnt) >= PIPE_BUF)
840 pipeselwakeup(rpipe, rpipe->pipe_peer);
841
2d21ac55
A		 842 /* update last read time */
843 pipe_touch(rpipe, PIPE_ATIME);
844
91447636
A		 845 PIPE_UNLOCK(rpipe);
846
847 return (error);
848}
849
850
851
852#ifndef PIPE_NODIRECT
853/*
854 * Map the sending processes' buffer into kernel space and wire it.
855 * This is similar to a physical write operation.
856 */
857static int
858pipe_build_write_buffer(wpipe, uio)
859 struct pipe *wpipe;
860 struct uio *uio;
861{
862 pmap_t pmap;
863 u_int size;
864 int i, j;
865 vm_offset_t addr, endaddr;
866
867
868 size = (u_int) uio->uio_iov->iov_len;
869 if (size > wpipe->pipe_buffer.size)
870 size = wpipe->pipe_buffer.size;
871
872 pmap = vmspace_pmap(curproc->p_vmspace);
873 endaddr = round_page((vm_offset_t)uio->uio_iov->iov_base + size);
874 addr = trunc_page((vm_offset_t)uio->uio_iov->iov_base);
875 for (i = 0; addr < endaddr; addr += PAGE_SIZE, i++) {
876 /*
877 * vm_fault_quick() can sleep. Consequently,
878 * vm_page_lock_queue() and vm_page_unlock_queue()
879 * should not be performed outside of this loop.
880 */
881 race:
882 if (vm_fault_quick((caddr_t)addr, VM_PROT_READ) < 0) {
883 vm_page_lock_queues();
884 for (j = 0; j < i; j++)
885 vm_page_unhold(wpipe->pipe_map.ms[j]);
886 vm_page_unlock_queues();
887 return (EFAULT);
888 }
889 wpipe->pipe_map.ms[i] = pmap_extract_and_hold(pmap, addr,
890 VM_PROT_READ);
891 if (wpipe->pipe_map.ms[i] == NULL)
892 goto race;
893 }
894
895/*
896 * set up the control block
897 */
898 wpipe->pipe_map.npages = i;
899 wpipe->pipe_map.pos =
900 ((vm_offset_t) uio->uio_iov->iov_base) & PAGE_MASK;
901 wpipe->pipe_map.cnt = size;
902
903/*
904 * and map the buffer
905 */
906 if (wpipe->pipe_map.kva == 0) {
907 /*
908 * We need to allocate space for an extra page because the
909 * address range might (will) span pages at times.
910 */
911 wpipe->pipe_map.kva = kmem_alloc_nofault(kernel_map,
912 wpipe->pipe_buffer.size + PAGE_SIZE);
913 atomic_add_int(&amountpipekvawired,
914 wpipe->pipe_buffer.size + PAGE_SIZE);
915 }
916 pmap_qenter(wpipe->pipe_map.kva, wpipe->pipe_map.ms,
917 wpipe->pipe_map.npages);
918
919/*
920 * and update the uio data
921 */
922
923 uio->uio_iov->iov_len -= size;
924 uio->uio_iov->iov_base = (char *)uio->uio_iov->iov_base + size;
925 if (uio->uio_iov->iov_len == 0)
926 uio->uio_iov++;
927 uio_setresid(uio, (uio_resid(uio) - size));
928 uio->uio_offset += size;
929 return (0);
930}
931
932/*
933 * unmap and unwire the process buffer
934 */
935static void
936pipe_destroy_write_buffer(wpipe)
937 struct pipe *wpipe;
938{
939 int i;
940
941 if (wpipe->pipe_map.kva) {
942 pmap_qremove(wpipe->pipe_map.kva, wpipe->pipe_map.npages);
943
944 if (amountpipekvawired > maxpipekvawired / 2) {
945 /* Conserve address space */
946 vm_offset_t kva = wpipe->pipe_map.kva;
947 wpipe->pipe_map.kva = 0;
948 kmem_free(kernel_map, kva,
949 wpipe->pipe_buffer.size + PAGE_SIZE);
950 atomic_subtract_int(&amountpipekvawired,
951 wpipe->pipe_buffer.size + PAGE_SIZE);
952 }
953 }
954 vm_page_lock_queues();
955 for (i = 0; i < wpipe->pipe_map.npages; i++) {
956 vm_page_unhold(wpipe->pipe_map.ms[i]);
957 }
958 vm_page_unlock_queues();
959 wpipe->pipe_map.npages = 0;
960}
961
962/*
963 * In the case of a signal, the writing process might go away. This
964 * code copies the data into the circular buffer so that the source
965 * pages can be freed without loss of data.
966 */
967static void
968pipe_clone_write_buffer(wpipe)
969 struct pipe *wpipe;
970{
971 int size;
972 int pos;
973
974 size = wpipe->pipe_map.cnt;
975 pos = wpipe->pipe_map.pos;
976
977 wpipe->pipe_buffer.in = size;
978 wpipe->pipe_buffer.out = 0;
979 wpipe->pipe_buffer.cnt = size;
980 wpipe->pipe_state &= ~PIPE_DIRECTW;
981
982 PIPE_UNLOCK(wpipe);
983 bcopy((caddr_t) wpipe->pipe_map.kva + pos,
984 wpipe->pipe_buffer.buffer, size);
985 pipe_destroy_write_buffer(wpipe);
986 PIPE_LOCK(wpipe);
987}
988
989/*
990 * This implements the pipe buffer write mechanism. Note that only
991 * a direct write OR a normal pipe write can be pending at any given time.
992 * If there are any characters in the pipe buffer, the direct write will
993 * be deferred until the receiving process grabs all of the bytes from
994 * the pipe buffer. Then the direct mapping write is set-up.
995 */
996static int
997pipe_direct_write(wpipe, uio)
998 struct pipe *wpipe;
999 struct uio *uio;
1000{
1001 int error;
1002
1003retry:
1004 while (wpipe->pipe_state & PIPE_DIRECTW) {
1005 if (wpipe->pipe_state & PIPE_WANTR) {
1006 wpipe->pipe_state &= ~PIPE_WANTR;
1007 wakeup(wpipe);
1008 }
1009 wpipe->pipe_state |= PIPE_WANTW;
1010 error = msleep(wpipe, PIPE_MTX(wpipe),
1011 PRIBIO | PCATCH, "pipdww", 0);
1012 if (error)
1013 goto error1;
b0d623f7 1014 if (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF)) {
91447636
A		 1015 error = EPIPE;
1016 goto error1;
1017 }
1018 }
1019 wpipe->pipe_map.cnt = 0; /* transfer not ready yet */
1020 if (wpipe->pipe_buffer.cnt > 0) {
1021 if (wpipe->pipe_state & PIPE_WANTR) {
1022 wpipe->pipe_state &= ~PIPE_WANTR;
1023 wakeup(wpipe);
1024 }
1025
1026 wpipe->pipe_state |= PIPE_WANTW;
1027 error = msleep(wpipe, PIPE_MTX(wpipe),
1028 PRIBIO | PCATCH, "pipdwc", 0);
1029 if (error)
1030 goto error1;
b0d623f7 1031 if (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF)) {
91447636
A		 1032 error = EPIPE;
1033 goto error1;
1034 }
1035 goto retry;
1036 }
1037
1038 wpipe->pipe_state |= PIPE_DIRECTW;
1039
1040 pipelock(wpipe, 0);
1041 PIPE_UNLOCK(wpipe);
1042 error = pipe_build_write_buffer(wpipe, uio);
1043 PIPE_LOCK(wpipe);
1044 pipeunlock(wpipe);
1045 if (error) {
1046 wpipe->pipe_state &= ~PIPE_DIRECTW;
1047 goto error1;
1048 }
1049
1050 error = 0;
1051 while (!error && (wpipe->pipe_state & PIPE_DIRECTW)) {
b0d623f7 1052 if (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF)) {
91447636
A		 1053 pipelock(wpipe, 0);
1054 PIPE_UNLOCK(wpipe);
1055 pipe_destroy_write_buffer(wpipe);
1056 PIPE_LOCK(wpipe);
1057 pipeselwakeup(wpipe, wpipe);
1058 pipeunlock(wpipe);
1059 error = EPIPE;
1060 goto error1;
1061 }
1062 if (wpipe->pipe_state & PIPE_WANTR) {
1063 wpipe->pipe_state &= ~PIPE_WANTR;
1064 wakeup(wpipe);
1065 }
1066 pipeselwakeup(wpipe, wpipe);
1067 error = msleep(wpipe, PIPE_MTX(wpipe), PRIBIO | PCATCH,
1068 "pipdwt", 0);
1069 }
1070
1071 pipelock(wpipe,0);
1072 if (wpipe->pipe_state & PIPE_DIRECTW) {
1073 /*
1074 * this bit of trickery substitutes a kernel buffer for
1075 * the process that might be going away.
1076 */
1077 pipe_clone_write_buffer(wpipe);
1078 } else {
1079 PIPE_UNLOCK(wpipe);
1080 pipe_destroy_write_buffer(wpipe);
1081 PIPE_LOCK(wpipe);
1082 }
1083 pipeunlock(wpipe);
1084 return (error);
1085
1086error1:
1087 wakeup(wpipe);
1088 return (error);
1089}
1090#endif
1091
1092
1093
1094static int
2d21ac55
A		 1095pipe_write(struct fileproc *fp, struct uio *uio, __unused int flags,
1096 __unused vfs_context_t ctx)
91447636
A		 1097{
1098 int error = 0;
1099 int orig_resid;
1100 int pipe_size;
1101 struct pipe *wpipe, *rpipe;
1102
1103 rpipe = (struct pipe *)fp->f_data;
1104
1105 PIPE_LOCK(rpipe);
1106 wpipe = rpipe->pipe_peer;
1107
1108 /*
1109 * detect loss of pipe read side, issue SIGPIPE if lost.
1110 */
b0d623f7 1111 if (wpipe == NULL || (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF))) {
91447636
A		 1112 PIPE_UNLOCK(rpipe);
1113 return (EPIPE);
1114 }
2d21ac55
A		 1115#if CONFIG_MACF
1116 error = mac_pipe_check_write(kauth_cred_get(), wpipe);
91447636
A		 1117 if (error) {
1118 PIPE_UNLOCK(rpipe);
1119 return (error);
1120 }
1121#endif
1122 ++wpipe->pipe_busy;
1123
1124 pipe_size = 0;
1125
1126 if (wpipe->pipe_buffer.buffer == 0) {
1127 /*
1128 * need to allocate some storage... we delay the allocation
1129 * until the first write on fd[0] to avoid allocating storage for both
1130 * 'pipe ends'... most pipes are half-duplex with the writes targeting
1131 * fd[1], so allocating space for both ends is a waste...
1132 *
1133 * Reduce to 1/4th pipe size if we're over our global max.
1134 */
1135 if (amountpipekva > maxpipekva / 2)
1136 pipe_size = SMALL_PIPE_SIZE;
1137 else
1138 pipe_size = PIPE_SIZE;
1139 }
1140
1141 /*
1142 * If it is advantageous to resize the pipe buffer, do
1143 * so.
1144 */
1145 if ((uio_resid(uio) > PIPE_SIZE) &&
1146 (wpipe->pipe_buffer.size <= PIPE_SIZE) &&
1147 (amountpipekva < maxpipekva / 2) &&
1148 (nbigpipe < LIMITBIGPIPES) &&
1149#ifndef PIPE_NODIRECT
1150 (wpipe->pipe_state & PIPE_DIRECTW) == 0 &&
1151#endif
1152 (wpipe->pipe_buffer.cnt == 0)) {
1153
1154 pipe_size = BIG_PIPE_SIZE;
1155
1156 }
1157 if (pipe_size) {
1158 /*
1159 * need to do initial allocation or resizing of pipe
1160 */
1161 if ((error = pipelock(wpipe, 1)) == 0) {
1162 PIPE_UNLOCK(wpipe);
1163 if (pipespace(wpipe, pipe_size) == 0)
b0d623f7 1164 OSAddAtomic(1, &nbigpipe);
91447636
A		 1165 PIPE_LOCK(wpipe);
1166 pipeunlock(wpipe);
1167
1168 if (wpipe->pipe_buffer.buffer == 0) {
1169 /*
1170 * initial allocation failed
1171 */
1172 error = ENOMEM;
1173 }
1174 }
1175 if (error) {
1176 /*
1177 * If an error occurred unbusy and return, waking up any pending
1178 * readers.
1179 */
1180 --wpipe->pipe_busy;
1181 if ((wpipe->pipe_busy == 0) &&
1182 (wpipe->pipe_state & PIPE_WANT)) {
1183 wpipe->pipe_state &= ~(PIPE_WANT | PIPE_WANTR);
1184 wakeup(wpipe);
1185 }
1186 PIPE_UNLOCK(rpipe);
1187 return(error);
1188 }
1189 }
1190 // LP64todo - fix this!
1191 orig_resid = uio_resid(uio);
1192
1193 while (uio_resid(uio)) {
1194 int space;
1195
1196#ifndef PIPE_NODIRECT
1197 /*
1198 * If the transfer is large, we can gain performance if
1199 * we do process-to-process copies directly.
1200 * If the write is non-blocking, we don't use the
1201 * direct write mechanism.
1202 *
1203 * The direct write mechanism will detect the reader going
1204 * away on us.
1205 */
1206 if ((uio->uio_iov->iov_len >= PIPE_MINDIRECT) &&
1207 (fp->f_flag & FNONBLOCK) == 0 &&
b0d623f7 1208 amountpipekvawired + uio_resid(uio) < maxpipekvawired) {
91447636
A		 1209 error = pipe_direct_write(wpipe, uio);
1210 if (error)
1211 break;
1212 continue;
1213 }
1214
1215 /*
1216 * Pipe buffered writes cannot be coincidental with
1217 * direct writes. We wait until the currently executing
1218 * direct write is completed before we start filling the
1219 * pipe buffer. We break out if a signal occurs or the
1220 * reader goes away.
1221 */
1222 retrywrite:
1223 while (wpipe->pipe_state & PIPE_DIRECTW) {
1224 if (wpipe->pipe_state & PIPE_WANTR) {
1225 wpipe->pipe_state &= ~PIPE_WANTR;
1226 wakeup(wpipe);
1227 }
1228 error = msleep(wpipe, PIPE_MTX(wpipe), PRIBIO | PCATCH, "pipbww", 0);
1229
b0d623f7 1230 if (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF))
91447636
A		 1231 break;
1232 if (error)
1233 break;
1234 }
1235#else
1236 retrywrite:
1237#endif
1238 space = wpipe->pipe_buffer.size - wpipe->pipe_buffer.cnt;
1239
1240 /*
1241 * Writes of size <= PIPE_BUF must be atomic.
1242 */
1243 if ((space < uio_resid(uio)) && (orig_resid <= PIPE_BUF))
1244 space = 0;
1245
1246 if (space > 0) {
1247
1248 if ((error = pipelock(wpipe,1)) == 0) {
1249 int size; /* Transfer size */
1250 int segsize; /* first segment to transfer */
1251
b0d623f7 1252 if (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF)) {
91447636
A		 1253 pipeunlock(wpipe);
1254 error = EPIPE;
1255 break;
1256 }
1257#ifndef PIPE_NODIRECT
1258 /*
1259 * It is possible for a direct write to
1260 * slip in on us... handle it here...
1261 */
1262 if (wpipe->pipe_state & PIPE_DIRECTW) {
1263 pipeunlock(wpipe);
1264 goto retrywrite;
1265 }
1266#endif
1267 /*
1268 * If a process blocked in pipelock, our
1269 * value for space might be bad... the mutex
1270 * is dropped while we're blocked
1271 */
1272 if (space > (int)(wpipe->pipe_buffer.size -
1273 wpipe->pipe_buffer.cnt)) {
1274 pipeunlock(wpipe);
1275 goto retrywrite;
1276 }
1277
1278 /*
1279 * Transfer size is minimum of uio transfer
1280 * and free space in pipe buffer.
1281 */
1282 // LP64todo - fix this!
1283 if (space > uio_resid(uio))
1284 size = uio_resid(uio);
1285 else
1286 size = space;
1287 /*
1288 * First segment to transfer is minimum of
1289 * transfer size and contiguous space in
1290 * pipe buffer. If first segment to transfer
1291 * is less than the transfer size, we've got
1292 * a wraparound in the buffer.
1293 */
1294 segsize = wpipe->pipe_buffer.size -
1295 wpipe->pipe_buffer.in;
1296 if (segsize > size)
1297 segsize = size;
1298
1299 /* Transfer first segment */
1300
1301 PIPE_UNLOCK(rpipe);
1302 error = uiomove(&wpipe->pipe_buffer.buffer[wpipe->pipe_buffer.in],
1303 segsize, uio);
1304 PIPE_LOCK(rpipe);
1305
1306 if (error == 0 && segsize < size) {
1307 /*
1308 * Transfer remaining part now, to
1309 * support atomic writes. Wraparound
1310 * happened.
1311 */
1312 if (wpipe->pipe_buffer.in + segsize !=
1313 wpipe->pipe_buffer.size)
1314 panic("Expected pipe buffer "
1315 "wraparound disappeared");
1316
1317 PIPE_UNLOCK(rpipe);
1318 error = uiomove(
1319 &wpipe->pipe_buffer.buffer[0],
1320 size - segsize, uio);
1321 PIPE_LOCK(rpipe);
1322 }
1323 if (error == 0) {
1324 wpipe->pipe_buffer.in += size;
1325 if (wpipe->pipe_buffer.in >=
1326 wpipe->pipe_buffer.size) {
1327 if (wpipe->pipe_buffer.in !=
1328 size - segsize +
1329 wpipe->pipe_buffer.size)
1330 panic("Expected "
1331 "wraparound bad");
1332 wpipe->pipe_buffer.in = size -
1333 segsize;
1334 }
1335
1336 wpipe->pipe_buffer.cnt += size;
1337 if (wpipe->pipe_buffer.cnt >
1338 wpipe->pipe_buffer.size)
1339 panic("Pipe buffer overflow");
1340
1341 }
1342 pipeunlock(wpipe);
1343 }
1344 if (error)
1345 break;
1346
1347 } else {
1348 /*
1349 * If the "read-side" has been blocked, wake it up now.
1350 */
1351 if (wpipe->pipe_state & PIPE_WANTR) {
1352 wpipe->pipe_state &= ~PIPE_WANTR;
1353 wakeup(wpipe);
1354 }
1355 /*
1356 * don't block on non-blocking I/O
1357 * we'll do the pipeselwakeup on the way out
1358 */
1359 if (fp->f_flag & FNONBLOCK) {
1360 error = EAGAIN;
1361 break;
1362 }
6d2010ae
A		 1363
1364 /*
1365 * If read side wants to go away, we just issue a signal
1366 * to ourselves.
1367 */
1368 if (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF)) {
1369 error = EPIPE;
1370 break;
1371 }
1372
91447636
A		 1373 /*
1374 * We have no more space and have something to offer,
1375 * wake up select/poll.
1376 */
1377 pipeselwakeup(wpipe, wpipe);
1378
1379 wpipe->pipe_state |= PIPE_WANTW;
1380
1381 error = msleep(wpipe, PIPE_MTX(wpipe), PRIBIO | PCATCH, "pipewr", 0);
1382
1383 if (error != 0)
1384 break;
91447636
A		 1385 }
1386 }
1387 --wpipe->pipe_busy;
1388
1389 if ((wpipe->pipe_busy == 0) && (wpipe->pipe_state & PIPE_WANT)) {
1390 wpipe->pipe_state &= ~(PIPE_WANT | PIPE_WANTR);
1391 wakeup(wpipe);
1392 }
1393 if (wpipe->pipe_buffer.cnt > 0) {
1394 /*
1395 * If there are any characters in the buffer, we wake up
1396 * the reader if it was blocked waiting for data.
1397 */
1398 if (wpipe->pipe_state & PIPE_WANTR) {
1399 wpipe->pipe_state &= ~PIPE_WANTR;
1400 wakeup(wpipe);
1401 }
1402 /*
1403 * wake up thread blocked in select/poll or post the notification
1404 */
1405 pipeselwakeup(wpipe, wpipe);
1406 }
2d21ac55
A		 1407
1408 /* Update modification, status change (# of bytes in pipe) times */
1409 pipe_touch(rpipe, PIPE_MTIME | PIPE_CTIME);
1410 pipe_touch(wpipe, PIPE_MTIME | PIPE_CTIME);
91447636
A		 1411 PIPE_UNLOCK(rpipe);
1412
1413 return (error);
1414}
1415
1416/*
1417 * we implement a very minimal set of ioctls for compatibility with sockets.
1418 */
1419/* ARGSUSED 3 */
1420static int
2d21ac55
A		 1421pipe_ioctl(struct fileproc *fp, u_long cmd, caddr_t data,
1422 __unused vfs_context_t ctx)
91447636
A		 1423{
1424 struct pipe *mpipe = (struct pipe *)fp->f_data;
2d21ac55 1425#if CONFIG_MACF
91447636
A		 1426 int error;
1427#endif
1428
1429 PIPE_LOCK(mpipe);
1430
2d21ac55
A		 1431#if CONFIG_MACF
1432 error = mac_pipe_check_ioctl(kauth_cred_get(), mpipe, cmd);
91447636
A		 1433 if (error) {
1434 PIPE_UNLOCK(mpipe);
1435
1436 return (error);
1437 }
1438#endif
1439
1440 switch (cmd) {
1441
1442 case FIONBIO:
1443 PIPE_UNLOCK(mpipe);
1444 return (0);
1445
1446 case FIOASYNC:
1447 if (*(int *)data) {
1448 mpipe->pipe_state |= PIPE_ASYNC;
1449 } else {
1450 mpipe->pipe_state &= ~PIPE_ASYNC;
1451 }
1452 PIPE_UNLOCK(mpipe);
1453 return (0);
1454
1455 case FIONREAD:
1456#ifndef PIPE_NODIRECT
1457 if (mpipe->pipe_state & PIPE_DIRECTW)
1458 *(int *)data = mpipe->pipe_map.cnt;
1459 else
1460#endif
1461 *(int *)data = mpipe->pipe_buffer.cnt;
1462 PIPE_UNLOCK(mpipe);
1463 return (0);
1464
1465 case TIOCSPGRP:
1466 mpipe->pipe_pgid = *(int *)data;
1467
1468 PIPE_UNLOCK(mpipe);
1469 return (0);
1470
1471 case TIOCGPGRP:
1472 *(int *)data = mpipe->pipe_pgid;
1473
1474 PIPE_UNLOCK(mpipe);
1475 return (0);
1476
1477 }
1478 PIPE_UNLOCK(mpipe);
1479 return (ENOTTY);
1480}
1481
1482
1483static int
2d21ac55 1484pipe_select(struct fileproc *fp, int which, void *wql, vfs_context_t ctx)
91447636
A		 1485{
1486 struct pipe *rpipe = (struct pipe *)fp->f_data;
1487 struct pipe *wpipe;
1488 int retnum = 0;
1489
1490 if (rpipe == NULL || rpipe == (struct pipe *)-1)
1491 return (retnum);
1492
1493 PIPE_LOCK(rpipe);
1494
1495 wpipe = rpipe->pipe_peer;
1496
2d21ac55
A		 1497#if CONFIG_MACF
1498 /*
1499 * XXX We should use a per thread credential here; minimally, the
1500 * XXX process credential should have a persistent reference on it
1501 * XXX before being passed in here.
1502 */
1503 if (mac_pipe_check_select(vfs_context_ucred(ctx), rpipe, which)) {
1504 PIPE_UNLOCK(rpipe);
1505 return (0);
1506 }
1507#endif
91447636
A		 1508 switch (which) {
1509
1510 case FREAD:
1511 if ((rpipe->pipe_state & PIPE_DIRECTW) ||
1512 (rpipe->pipe_buffer.cnt > 0) ||
b0d623f7 1513 (rpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF))) {
91447636
A		 1514
1515 retnum = 1;
1516 } else {
1517 rpipe->pipe_state |= PIPE_SEL;
2d21ac55 1518 selrecord(vfs_context_proc(ctx), &rpipe->pipe_sel, wql);
91447636
A		 1519 }
1520 break;
1521
1522 case FWRITE:
ebb1b9f4
A		 1523 if (wpipe)
1524 wpipe->pipe_state |= PIPE_WSELECT;
b0d623f7 1525 if (wpipe == NULL || (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF)) ||
91447636
A		 1526 (((wpipe->pipe_state & PIPE_DIRECTW) == 0) &&
1527 (wpipe->pipe_buffer.size - wpipe->pipe_buffer.cnt) >= PIPE_BUF)) {
1528
1529 retnum = 1;
1530 } else {
1531 wpipe->pipe_state |= PIPE_SEL;
2d21ac55 1532 selrecord(vfs_context_proc(ctx), &wpipe->pipe_sel, wql);
91447636
A		 1533 }
1534 break;
1535 case 0:
1536 rpipe->pipe_state |= PIPE_SEL;
2d21ac55 1537 selrecord(vfs_context_proc(ctx), &rpipe->pipe_sel, wql);
91447636
A		 1538 break;
1539 }
1540 PIPE_UNLOCK(rpipe);
1541
1542 return (retnum);
1543}
1544
1545
1546/* ARGSUSED 1 */
1547static int
2d21ac55 1548pipe_close(struct fileglob *fg, __unused vfs_context_t ctx)
91447636
A		 1549{
1550 struct pipe *cpipe;
1551
2d21ac55 1552 proc_fdlock_spin(vfs_context_proc(ctx));
91447636
A		 1553 cpipe = (struct pipe *)fg->fg_data;
1554 fg->fg_data = NULL;
2d21ac55 1555 proc_fdunlock(vfs_context_proc(ctx));
91447636
A		 1556
1557 if (cpipe)
1558 pipeclose(cpipe);
1559
1560 return (0);
1561}
1562
1563static void
1564pipe_free_kmem(struct pipe *cpipe)
1565{
1566
1567 if (cpipe->pipe_buffer.buffer != NULL) {
1568 if (cpipe->pipe_buffer.size > PIPE_SIZE)
b0d623f7
A		 1569 OSAddAtomic(-1, &nbigpipe);
1570 OSAddAtomic(-(cpipe->pipe_buffer.size), &amountpipekva);
1571 OSAddAtomic(-1, &amountpipes);
91447636
A		 1572
1573 kmem_free(kernel_map, (vm_offset_t)cpipe->pipe_buffer.buffer,
1574 cpipe->pipe_buffer.size);
1575 cpipe->pipe_buffer.buffer = NULL;
1576 }
1577#ifndef PIPE_NODIRECT
1578 if (cpipe->pipe_map.kva != 0) {
1579 atomic_subtract_int(&amountpipekvawired,
1580 cpipe->pipe_buffer.size + PAGE_SIZE);
1581 kmem_free(kernel_map,
1582 cpipe->pipe_map.kva,
1583 cpipe->pipe_buffer.size + PAGE_SIZE);
1584 cpipe->pipe_map.cnt = 0;
1585 cpipe->pipe_map.kva = 0;
1586 cpipe->pipe_map.pos = 0;
1587 cpipe->pipe_map.npages = 0;
1588 }
1589#endif
1590}
1591
ebb1b9f4
A		 1592/*
1593 * When a thread sets a write-select on a pipe, it creates an implicit,
1594 * untracked dependency between that thread and the peer of the pipe
1595 * on which the select is set. If the peer pipe is closed and freed
1596 * before the select()ing thread wakes up, the system will panic as
1597 * it attempts to unwind the dangling select(). To avoid that panic,
1598 * we notice whenever a dangerous select() is set on a pipe, and
1599 * defer the final deletion of the pipe until that select()s are all
1600 * resolved. Since we can't currently detect exactly when that
1601 * resolution happens, we use a simple garbage collection queue to
1602 * reap the at-risk pipes 'later'.
1603 */
1604static void
1605pipe_garbage_collect(struct pipe *cpipe)
1606{
1607 uint64_t old, now;
1608 struct pipe_garbage *pgp;
1609
1610 /* Convert msecs to nsecs and then to abstime */
1611 old = pipe_garbage_age_limit * 1000000;
1612 nanoseconds_to_absolutetime(old, &old);
1613
1614 lck_mtx_lock(pipe_garbage_lock);
1615
1616 /* Free anything that's been on the queue for <mumble> seconds */
1617 now = mach_absolute_time();
1618 old = now - old;
1619 while ((pgp = pipe_garbage_head) && pgp->pg_timestamp < old) {
1620 pipe_garbage_head = pgp->pg_next;
1621 if (pipe_garbage_head == NULL)
1622 pipe_garbage_tail = NULL;
1623 pipe_garbage_count--;
1624 zfree(pipe_zone, pgp->pg_pipe);
1625 zfree(pipe_garbage_zone, pgp);
1626 }
1627
1628 /* Add the new pipe (if any) to the tail of the garbage queue */
1629 if (cpipe) {
1630 cpipe->pipe_state = PIPE_DEAD;
1631 pgp = (struct pipe_garbage *)zalloc(pipe_garbage_zone);
1632 if (pgp == NULL) {
1633 /*
1634 * We're too low on memory to garbage collect the
1635 * pipe. Freeing it runs the risk of panicing the
1636 * system. All we can do is leak it and leave
1637 * a breadcrumb behind. The good news, such as it
1638 * is, is that this will probably never happen.
1639 * We will probably hit the panic below first.
1640 */
1641 printf("Leaking pipe %p - no room left in the queue",
1642 cpipe);
1643 lck_mtx_unlock(pipe_garbage_lock);
1644 return;
1645 }
1646
1647 pgp->pg_pipe = cpipe;
1648 pgp->pg_timestamp = now;
1649 pgp->pg_next = NULL;
1650
1651 if (pipe_garbage_tail)
1652 pipe_garbage_tail->pg_next = pgp;
1653 pipe_garbage_tail = pgp;
1654 if (pipe_garbage_head == NULL)
1655 pipe_garbage_head = pipe_garbage_tail;
1656
1657 if (pipe_garbage_count++ >= PIPE_GARBAGE_QUEUE_LIMIT)
1658 panic("Length of pipe garbage queue exceeded %d",
1659 PIPE_GARBAGE_QUEUE_LIMIT);
1660 }
1661 lck_mtx_unlock(pipe_garbage_lock);
1662}
1663
91447636
A		 1664/*
1665 * shutdown the pipe
1666 */
1667static void
1668pipeclose(struct pipe *cpipe)
1669{
1670 struct pipe *ppipe;
1671
1672 if (cpipe == NULL)
1673 return;
1674
1675 /* partially created pipes won't have a valid mutex. */
1676 if (PIPE_MTX(cpipe) != NULL)
1677 PIPE_LOCK(cpipe);
1678
91447636
A		 1679
1680 /*
1681 * If the other side is blocked, wake it up saying that
1682 * we want to close it down.
1683 */
b0d623f7 1684 cpipe->pipe_state &= ~PIPE_DRAIN;
2d21ac55
A		 1685 cpipe->pipe_state |= PIPE_EOF;
1686 pipeselwakeup(cpipe, cpipe);
1687
91447636 1688 while (cpipe->pipe_busy) {
2d21ac55 1689 cpipe->pipe_state |= PIPE_WANT;
91447636
A		 1690
1691 wakeup(cpipe);
91447636
A		 1692 msleep(cpipe, PIPE_MTX(cpipe), PRIBIO, "pipecl", 0);
1693 }
1694
2d21ac55
A		 1695#if CONFIG_MACF
1696 /*
1697 * Free the shared pipe label only after the two ends are disconnected.
1698 */
91447636 1699 if (cpipe->pipe_label != NULL && cpipe->pipe_peer == NULL)
2d21ac55 1700 mac_pipe_label_destroy(cpipe);
91447636
A		 1701#endif
1702
1703 /*
1704 * Disconnect from peer
1705 */
1706 if ((ppipe = cpipe->pipe_peer) != NULL) {
1707
b0d623f7 1708 ppipe->pipe_state &= ~(PIPE_DRAIN);
91447636
A		 1709 ppipe->pipe_state |= PIPE_EOF;
1710
1711 pipeselwakeup(ppipe, ppipe);
1712 wakeup(ppipe);
1713
1714 if (cpipe->pipe_state & PIPE_KNOTE)
1715 KNOTE(&ppipe->pipe_sel.si_note, 1);
1716
1717 postpipeevent(ppipe, EV_RCLOSED);
1718
1719 ppipe->pipe_peer = NULL;
1720 }
1721 evpipefree(cpipe);
1722
1723 /*
1724 * free resources
1725 */
1726 if (PIPE_MTX(cpipe) != NULL) {
1727 if (ppipe != NULL) {
1728 /*
1729 * since the mutex is shared and the peer is still
1730 * alive, we need to release the mutex, not free it
1731 */
1732 PIPE_UNLOCK(cpipe);
1733 } else {
1734 /*
1735 * peer is gone, so we're the sole party left with
1736 * interest in this mutex... we can just free it
1737 */
1738 lck_mtx_free(PIPE_MTX(cpipe), pipe_mtx_grp);
1739 }
1740 }
1741 pipe_free_kmem(cpipe);
ebb1b9f4
A		 1742 if (cpipe->pipe_state & PIPE_WSELECT) {
1743 pipe_garbage_collect(cpipe);
1744 } else {
1745 zfree(pipe_zone, cpipe);
1746 pipe_garbage_collect(NULL);
1747 }
91447636
A		 1748}
1749
91447636
A		 1750/*ARGSUSED*/
1751static int
2d21ac55 1752pipe_kqfilter(__unused struct fileproc *fp, struct knote *kn, __unused vfs_context_t ctx)
91447636
A		 1753{
1754 struct pipe *cpipe;
1755
1756 cpipe = (struct pipe *)kn->kn_fp->f_data;
1757
1758 PIPE_LOCK(cpipe);
2d21ac55
A		 1759#if CONFIG_MACF
1760 /*
1761 * XXX We should use a per thread credential here; minimally, the
1762 * XXX process credential should have a persistent reference on it
1763 * XXX before being passed in here.
1764 */
1765 if (mac_pipe_check_kqfilter(vfs_context_ucred(ctx), kn, cpipe) != 0) {
1766 PIPE_UNLOCK(cpipe);
1767 return (1);
1768 }
1769#endif
91447636
A		 1770
1771 switch (kn->kn_filter) {
1772 case EVFILT_READ:
1773 kn->kn_fop = &pipe_rfiltops;
2d21ac55 1774
91447636
A		 1775 break;
1776 case EVFILT_WRITE:
1777 kn->kn_fop = &pipe_wfiltops;
1778
1779 if (cpipe->pipe_peer == NULL) {
1780 /*
1781 * other end of pipe has been closed
1782 */
1783 PIPE_UNLOCK(cpipe);
1784 return (EPIPE);
1785 }
2d21ac55 1786 if (cpipe->pipe_peer)
91447636
A		 1787 cpipe = cpipe->pipe_peer;
1788 break;
1789 default:
1790 PIPE_UNLOCK(cpipe);
1791 return (1);
1792 }
1793
1794 if (KNOTE_ATTACH(&cpipe->pipe_sel.si_note, kn))
1795 cpipe->pipe_state |= PIPE_KNOTE;
1796
1797 PIPE_UNLOCK(cpipe);
1798 return (0);
1799}
1800
1801static void
1802filt_pipedetach(struct knote *kn)
1803{
1804 struct pipe *cpipe = (struct pipe *)kn->kn_fp->f_data;
1805
1806 PIPE_LOCK(cpipe);
1807
1808 if (kn->kn_filter == EVFILT_WRITE) {
1809 if (cpipe->pipe_peer == NULL) {
1810 PIPE_UNLOCK(cpipe);
1811 return;
1812 }
1813 cpipe = cpipe->pipe_peer;
1814 }
1815 if (cpipe->pipe_state & PIPE_KNOTE) {
1816 if (KNOTE_DETACH(&cpipe->pipe_sel.si_note, kn))
1817 cpipe->pipe_state &= ~PIPE_KNOTE;
1818 }
1819 PIPE_UNLOCK(cpipe);
1820}
1821
1822/*ARGSUSED*/
1823static int
1824filt_piperead(struct knote *kn, long hint)
1825{
1826 struct pipe *rpipe = (struct pipe *)kn->kn_fp->f_data;
1827 struct pipe *wpipe;
1828 int retval;
1829
1830 /*
1831 * if hint == 0, then we've been called from the kevent
1832 * world directly and do not currently hold the pipe mutex...
1833 * if hint == 1, we're being called back via the KNOTE post
1834 * we made in pipeselwakeup, and we already hold the mutex...
1835 */
1836 if (hint == 0)
1837 PIPE_LOCK(rpipe);
1838
1839 wpipe = rpipe->pipe_peer;
1840 kn->kn_data = rpipe->pipe_buffer.cnt;
1841
1842#ifndef PIPE_NODIRECT
1843 if ((kn->kn_data == 0) && (rpipe->pipe_state & PIPE_DIRECTW))
1844 kn->kn_data = rpipe->pipe_map.cnt;
1845#endif
b0d623f7
A		 1846 if ((rpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF)) ||
1847 (wpipe == NULL) || (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF))) {
91447636
A		 1848 kn->kn_flags |= EV_EOF;
1849 retval = 1;
2d21ac55 1850 } else {
6d2010ae
A		 1851 int64_t lowwat = 1;
1852 if (kn->kn_sfflags & NOTE_LOWAT) {
1853 if (rpipe->pipe_buffer.size && kn->kn_sdata > rpipe->pipe_buffer.size)
1854 lowwat = rpipe->pipe_buffer.size;
1855 else if (kn->kn_sdata > lowwat)
1856 lowwat = kn->kn_sdata;
1857 }
1858 retval = kn->kn_data >= lowwat;
2d21ac55 1859 }
91447636
A		 1860
1861 if (hint == 0)
1862 PIPE_UNLOCK(rpipe);
1863
1864 return (retval);
1865}
1866
1867/*ARGSUSED*/
1868static int
1869filt_pipewrite(struct knote *kn, long hint)
1870{
1871 struct pipe *rpipe = (struct pipe *)kn->kn_fp->f_data;
1872 struct pipe *wpipe;
1873
1874 /*
1875 * if hint == 0, then we've been called from the kevent
1876 * world directly and do not currently hold the pipe mutex...
1877 * if hint == 1, we're being called back via the KNOTE post
1878 * we made in pipeselwakeup, and we already hold the mutex...
1879 */
1880 if (hint == 0)
1881 PIPE_LOCK(rpipe);
1882
1883 wpipe = rpipe->pipe_peer;
1884
b0d623f7 1885 if ((wpipe == NULL) || (wpipe->pipe_state & (PIPE_DRAIN | PIPE_EOF))) {
91447636
A		 1886 kn->kn_data = 0;
1887 kn->kn_flags |= EV_EOF;
1888
1889 if (hint == 0)
1890 PIPE_UNLOCK(rpipe);
1891 return (1);
1892 }
1893 kn->kn_data = wpipe->pipe_buffer.size - wpipe->pipe_buffer.cnt;
2d21ac55 1894 if (!kn->kn_data && wpipe->pipe_buffer.size == 0)
6d2010ae 1895 kn->kn_data = PIPE_BUF; /* unwritten pipe is ready for write */
91447636
A		 1896
1897#ifndef PIPE_NODIRECT
1898 if (wpipe->pipe_state & PIPE_DIRECTW)
1899 kn->kn_data = 0;
1900#endif
6d2010ae
A		 1901 int64_t lowwat = PIPE_BUF;
1902 if (kn->kn_sfflags & NOTE_LOWAT) {
1903 if (wpipe->pipe_buffer.size && kn->kn_sdata > wpipe->pipe_buffer.size)
1904 lowwat = wpipe->pipe_buffer.size;
1905 else if (kn->kn_sdata > lowwat)
1906 lowwat = kn->kn_sdata;
1907 }
1908
91447636
A		 1909 if (hint == 0)
1910 PIPE_UNLOCK(rpipe);
1911
6d2010ae 1912 return (kn->kn_data >= lowwat);
91447636 1913}
0c530ab8
A		 1914
1915int
1916fill_pipeinfo(struct pipe * cpipe, struct pipe_info * pinfo)
1917{
2d21ac55 1918#if CONFIG_MACF
0c530ab8
A		 1919 int error;
1920#endif
1921 struct timeval now;
2d21ac55
A		 1922 struct vinfo_stat * ub;
1923 int pipe_size = 0;
1924 int pipe_count;
0c530ab8
A		 1925
1926 if (cpipe == NULL)
1927 return (EBADF);
0c530ab8 1928 PIPE_LOCK(cpipe);
2d21ac55
A		 1929
1930#if CONFIG_MACF
1931 error = mac_pipe_check_stat(kauth_cred_get(), cpipe);
1932 if (error) {
1933 PIPE_UNLOCK(cpipe);
0c530ab8 1934 return (error);
2d21ac55 1935 }
0c530ab8
A		 1936#endif
1937 if (cpipe->pipe_buffer.buffer == 0) {
1938 /*
1939 * must be stat'ing the write fd
1940 */
2d21ac55
A		 1941 if (cpipe->pipe_peer) {
1942 /*
1943 * the peer still exists, use it's info
1944 */
1945 pipe_size = cpipe->pipe_peer->pipe_buffer.size;
1946 pipe_count = cpipe->pipe_peer->pipe_buffer.cnt;
1947 } else {
1948 pipe_count = 0;
1949 }
1950 } else {
1951 pipe_size = cpipe->pipe_buffer.size;
1952 pipe_count = cpipe->pipe_buffer.cnt;
0c530ab8 1953 }
2d21ac55
A		 1954 /*
1955 * since peer's buffer is setup ouside of lock
1956 * we might catch it in transient state
1957 */
1958 if (pipe_size == 0)
1959 pipe_size = PIPE_SIZE;
0c530ab8
A		 1960
1961 ub = &pinfo->pipe_stat;
1962
1963 bzero(ub, sizeof(*ub));
2d21ac55
A		 1964 ub->vst_mode = S_IFIFO | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP;
1965 ub->vst_blksize = pipe_size;
1966 ub->vst_size = pipe_count;
1967 if (ub->vst_blksize != 0)
1968 ub->vst_blocks = (ub->vst_size + ub->vst_blksize - 1) / ub->vst_blksize;
1969 ub->vst_nlink = 1;
0c530ab8 1970
2d21ac55
A		 1971 ub->vst_uid = kauth_getuid();
1972 ub->vst_gid = kauth_getgid();
0c530ab8
A		 1973
1974 microtime(&now);
2d21ac55
A		 1975 ub->vst_atime = now.tv_sec;
1976 ub->vst_atimensec = now.tv_usec * 1000;
0c530ab8 1977
2d21ac55
A		 1978 ub->vst_mtime = now.tv_sec;
1979 ub->vst_mtimensec = now.tv_usec * 1000;
0c530ab8 1980
2d21ac55
A		 1981 ub->vst_ctime = now.tv_sec;
1982 ub->vst_ctimensec = now.tv_usec * 1000;
0c530ab8
A		 1983
1984 /*
1985 * Left as 0: st_dev, st_ino, st_nlink, st_rdev, st_flags, st_gen, st_uid, st_gid.
1986 * XXX (st_dev, st_ino) should be unique.
1987 */
1988
1989 pinfo->pipe_handle = (uint64_t)((uintptr_t)cpipe);
1990 pinfo->pipe_peerhandle = (uint64_t)((uintptr_t)(cpipe->pipe_peer));
1991 pinfo->pipe_status = cpipe->pipe_state;
2d21ac55
A		 1992
1993 PIPE_UNLOCK(cpipe);
1994
0c530ab8
A		 1995 return (0);
1996}
b0d623f7
A		 1997
1998
1999static int
2000pipe_drain(struct fileproc *fp, __unused vfs_context_t ctx)
2001{
2002
2003 /* Note: fdlock already held */
2004 struct pipe *ppipe, *cpipe = (struct pipe *)(fp->f_fglob->fg_data);
2005
2006 if (cpipe) {
2007 PIPE_LOCK(cpipe);
2008 cpipe->pipe_state |= PIPE_DRAIN;
2009 cpipe->pipe_state &= ~(PIPE_WANTR | PIPE_WANTW);
2010 wakeup(cpipe);
2011
2012 /* Must wake up peer: a writer sleeps on the read side */
2013 if ((ppipe = cpipe->pipe_peer)) {
2014 ppipe->pipe_state |= PIPE_DRAIN;
2015 ppipe->pipe_state &= ~(PIPE_WANTR | PIPE_WANTW);
2016 wakeup(ppipe);
2017 }
2018
2019 PIPE_UNLOCK(cpipe);
2020 return 0;
2021 }
2022
2023 return 1;
2024}
2025
2026
2027
2028
2029
mirror of XNU