]> git.saurik.com Git - apple/xnu.git/blame_incremental - bsd/vfs/vfs_vnops.c
projects / apple / xnu.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
xnu-1504.9.26.tar.gz
[apple/xnu.git] / bsd / vfs / vfs_vnops.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 2000-2008 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
29/*
30 * Copyright (c) 1982, 1986, 1989, 1993
31 * The Regents of the University of California. All rights reserved.
32 * (c) UNIX System Laboratories, Inc.
33 * All or some portions of this file are derived from material licensed
34 * to the University of California by American Telephone and Telegraph
35 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
36 * the permission of UNIX System Laboratories, Inc.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. All advertising materials mentioning features or use of this software
47 * must display the following acknowledgement:
48 * This product includes software developed by the University of
49 * California, Berkeley and its contributors.
50 * 4. Neither the name of the University nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * SUCH DAMAGE.
65 *
66 * @(#)vfs_vnops.c 8.14 (Berkeley) 6/15/95
67 *
68 */
69/*
70 * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
71 * support for mandatory and extensible security protections. This notice
72 * is included in support of clause 2.2 (b) of the Apple Public License,
73 * Version 2.0.
74 */
75
76#include <sys/param.h>
77#include <sys/types.h>
78#include <sys/systm.h>
79#include <sys/kernel.h>
80#include <sys/file_internal.h>
81#include <sys/stat.h>
82#include <sys/proc_internal.h>
83#include <sys/kauth.h>
84#include <sys/mount_internal.h>
85#include <sys/namei.h>
86#include <sys/vnode_internal.h>
87#include <sys/ioctl.h>
88#include <sys/tty.h>
89/* Temporary workaround for ubc.h until <rdar://4714366 is resolved */
90#define ubc_setcred ubc_setcred_deprecated
91#include <sys/ubc.h>
92#undef ubc_setcred
93int ubc_setcred(struct vnode *, struct proc *);
94#include <sys/conf.h>
95#include <sys/disk.h>
96#include <sys/fsevents.h>
97#include <sys/kdebug.h>
98#include <sys/xattr.h>
99#include <sys/ubc_internal.h>
100#include <sys/uio_internal.h>
101#include <sys/resourcevar.h>
102#include <sys/signalvar.h>
103
104#include <vm/vm_kern.h>
105#include <vm/vm_map.h>
106
107#include <miscfs/specfs/specdev.h>
108#include <miscfs/fifofs/fifo.h>
109
110#if CONFIG_MACF
111#include <security/mac_framework.h>
112#endif
113
114
115static int vn_closefile(struct fileglob *fp, vfs_context_t ctx);
116static int vn_ioctl(struct fileproc *fp, u_long com, caddr_t data,
117 vfs_context_t ctx);
118static int vn_read(struct fileproc *fp, struct uio *uio, int flags,
119 vfs_context_t ctx);
120static int vn_write(struct fileproc *fp, struct uio *uio, int flags,
121 vfs_context_t ctx);
122static int vn_select( struct fileproc *fp, int which, void * wql,
123 vfs_context_t ctx);
124static int vn_kqfilt_add(struct fileproc *fp, struct knote *kn,
125 vfs_context_t ctx);
126static void filt_vndetach(struct knote *kn);
127static int filt_vnode(struct knote *kn, long hint);
128#if 0
129static int vn_kqfilt_remove(struct vnode *vp, uintptr_t ident,
130 vfs_context_t ctx);
131#endif
132
133struct fileops vnops =
134 { vn_read, vn_write, vn_ioctl, vn_select, vn_closefile, vn_kqfilt_add, NULL };
135
136struct filterops vnode_filtops = {
137 .f_isfd = 1,
138 .f_attach = NULL,
139 .f_detach = filt_vndetach,
140 .f_event = filt_vnode
141};
142
143/*
144 * Common code for vnode open operations.
145 * Check permissions, and call the VNOP_OPEN or VNOP_CREATE routine.
146 *
147 * XXX the profusion of interfaces here is probably a bad thing.
148 */
149int
150vn_open(struct nameidata *ndp, int fmode, int cmode)
151{
152 return(vn_open_modflags(ndp, &fmode, cmode));
153}
154
155int
156vn_open_modflags(struct nameidata *ndp, int *fmodep, int cmode)
157{
158 struct vnode_attr va;
159
160 VATTR_INIT(&va);
161 VATTR_SET(&va, va_mode, cmode);
162
163 return(vn_open_auth(ndp, fmodep, &va));
164}
165
166/*
167 * Open a file with authorization, updating the contents of the structures
168 * pointed to by ndp, fmodep, and vap as necessary to perform the requested
169 * operation. This function is used for both opens of existing files, and
170 * creation of new files.
171 *
172 * Parameters: ndp The nami data pointer describing the
173 * file
174 * fmodep A pointer to an int containg the mode
175 * information to be used for the open
176 * vap A pointer to the vnode attribute
177 * descriptor to be used for the open
178 *
179 * Indirect: * Contents of the data structures pointed
180 * to by the parameters are modified as
181 * necessary to the requested operation.
182 *
183 * Returns: 0 Success
184 * !0 errno value
185 *
186 * Notes: The kauth_filesec_t in 'vap', if any, is in host byte order.
187 *
188 * The contents of '*ndp' will be modified, based on the other
189 * arguments to this function, and to return file and directory
190 * data necessary to satisfy the requested operation.
191 *
192 * If the file does not exist and we are creating it, then the
193 * O_TRUNC flag will be cleared in '*fmodep' to indicate to the
194 * caller that the file was not truncated.
195 *
196 * If the file exists and the O_EXCL flag was not specified, then
197 * the O_CREAT flag will be cleared in '*fmodep' to indicate to
198 * the caller that the existing file was merely opened rather
199 * than created.
200 *
201 * The contents of '*vap' will be modified as necessary to
202 * complete the operation, including setting of supported
203 * attribute, clearing of fields containing unsupported attributes
204 * in the request, if the request proceeds without them, etc..
205 *
206 * XXX: This function is too complicated in actings on its arguments
207 *
208 * XXX: We should enummerate the possible errno values here, and where
209 * in the code they originated.
210 */
211int
212vn_open_auth(struct nameidata *ndp, int *fmodep, struct vnode_attr *vap)
213{
214 struct vnode *vp;
215 struct vnode *dvp;
216 vfs_context_t ctx = ndp->ni_cnd.cn_context;
217 int error;
218 int fmode;
219 uint32_t origcnflags;
220 kauth_action_t action;
221
222again:
223 vp = NULL;
224 dvp = NULL;
225 fmode = *fmodep;
226 origcnflags = ndp->ni_cnd.cn_flags;
227 if (fmode & O_CREAT) {
228 if ( (fmode & O_DIRECTORY) ) {
229 error = EINVAL;
230 goto out;
231 }
232 ndp->ni_cnd.cn_nameiop = CREATE;
233 /* Inherit USEDVP, vnode_open() supported flags only */
234 ndp->ni_cnd.cn_flags &= (USEDVP | NOCROSSMOUNT | DOWHITEOUT);
235 ndp->ni_cnd.cn_flags |= LOCKPARENT | LOCKLEAF | AUDITVNPATH1;
236#if NAMEDRSRCFORK
237 /* open calls are allowed for resource forks. */
238 ndp->ni_cnd.cn_flags |= CN_ALLOWRSRCFORK;
239#endif
240 if ((fmode & O_EXCL) == 0 && (fmode & O_NOFOLLOW) == 0 && (origcnflags & FOLLOW) != 0)
241 ndp->ni_cnd.cn_flags |= FOLLOW;
242 if ( (error = namei(ndp)) )
243 goto out;
244 dvp = ndp->ni_dvp;
245 vp = ndp->ni_vp;
246
247 /* not found, create */
248 if (vp == NULL) {
249 /* must have attributes for a new file */
250 if (vap == NULL) {
251 error = EINVAL;
252 goto badcreate;
253 }
254
255 VATTR_SET(vap, va_type, VREG);
256#if CONFIG_MACF
257 error = mac_vnode_check_create(ctx,
258 dvp, &ndp->ni_cnd, vap);
259 if (error)
260 goto badcreate;
261#endif /* MAC */
262
263 /* authorize before creating */
264 if ((error = vnode_authorize(dvp, NULL, KAUTH_VNODE_ADD_FILE, ctx)) != 0)
265 goto badcreate;
266
267 if (fmode & O_EXCL)
268 vap->va_vaflags |= VA_EXCLUSIVE;
269#if NAMEDRSRCFORK
270 if (ndp->ni_cnd.cn_flags & CN_WANTSRSRCFORK) {
271 if ((error = vnode_makenamedstream(dvp, &ndp->ni_vp, XATTR_RESOURCEFORK_NAME, 0, ctx)) != 0)
272 goto badcreate;
273 } else
274#endif
275 if ((error = vn_create(dvp, &ndp->ni_vp, &ndp->ni_cnd, vap, 0, ctx)) != 0)
276 goto badcreate;
277
278 vp = ndp->ni_vp;
279
280 if (vp) {
281 int update_flags = 0;
282
283 // Make sure the name & parent pointers are hooked up
284 if (vp->v_name == NULL)
285 update_flags |= VNODE_UPDATE_NAME;
286 if (vp->v_parent == NULLVP)
287 update_flags |= VNODE_UPDATE_PARENT;
288
289 if (update_flags)
290 vnode_update_identity(vp, dvp, ndp->ni_cnd.cn_nameptr, ndp->ni_cnd.cn_namelen, ndp->ni_cnd.cn_hash, update_flags);
291
292#if CONFIG_FSE
293 if (need_fsevent(FSE_CREATE_FILE, vp)) {
294 vnode_put(dvp);
295 dvp = NULL;
296 add_fsevent(FSE_CREATE_FILE, ctx,
297 FSE_ARG_VNODE, vp,
298 FSE_ARG_DONE);
299 }
300#endif
301
302 }
303 /*
304 * nameidone has to happen before we vnode_put(dvp)
305 * and clear the ni_dvp field, since it may need
306 * to release the fs_nodelock on the dvp
307 */
308badcreate:
309 nameidone(ndp);
310 ndp->ni_dvp = NULL;
311
312 if (dvp) {
313 vnode_put(dvp);
314 }
315
316 if (error) {
317 /*
318 * Check for a creation or unlink race.
319 */
320 if (((error == EEXIST) && !(fmode & O_EXCL)) ||
321 ((error == ENOENT) && (fmode & O_CREAT))){
322 goto again;
323 }
324 goto bad;
325 }
326 fmode &= ~O_TRUNC;
327 } else {
328 nameidone(ndp);
329 ndp->ni_dvp = NULL;
330 vnode_put(dvp);
331
332 if (fmode & O_EXCL) {
333 error = EEXIST;
334 goto bad;
335 }
336 fmode &= ~O_CREAT;
337 }
338 } else {
339 ndp->ni_cnd.cn_nameiop = LOOKUP;
340 /* Inherit USEDVP, vnode_open() supported flags only */
341 ndp->ni_cnd.cn_flags &= (USEDVP | NOCROSSMOUNT | DOWHITEOUT);
342 ndp->ni_cnd.cn_flags |= FOLLOW | LOCKLEAF | AUDITVNPATH1;
343#if NAMEDRSRCFORK
344 /* open calls are allowed for resource forks. */
345 ndp->ni_cnd.cn_flags |= CN_ALLOWRSRCFORK;
346#endif
347 /* preserve NOFOLLOW from vnode_open() */
348 if (fmode & O_NOFOLLOW || fmode & O_SYMLINK || (origcnflags & FOLLOW) == 0) {
349 ndp->ni_cnd.cn_flags &= ~FOLLOW;
350 }
351
352 if ( (error = namei(ndp)) )
353 goto out;
354 vp = ndp->ni_vp;
355 nameidone(ndp);
356 ndp->ni_dvp = NULL;
357
358 if ( (fmode & O_DIRECTORY) && vp->v_type != VDIR ) {
359 error = ENOTDIR;
360 goto bad;
361 }
362 }
363
364 if (vp->v_type == VSOCK && vp->v_tag != VT_FDESC) {
365 error = EOPNOTSUPP; /* Operation not supported on socket */
366 goto bad;
367 }
368
369 if (vp->v_type == VLNK && (fmode & O_NOFOLLOW) != 0) {
370 error = ELOOP; /* O_NOFOLLOW was specified and the target is a symbolic link */
371 goto bad;
372 }
373
374 /* authorize open of an existing file */
375 if ((fmode & O_CREAT) == 0) {
376
377 /* disallow write operations on directories */
378 if (vnode_isdir(vp) && (fmode & (FWRITE | O_TRUNC))) {
379 error = EISDIR;
380 goto bad;
381 }
382
383#if CONFIG_MACF
384 error = mac_vnode_check_open(ctx, vp, fmode);
385 if (error)
386 goto bad;
387#endif
388
389 /* compute action to be authorized */
390 action = 0;
391 if (fmode & FREAD) {
392 action |= KAUTH_VNODE_READ_DATA;
393 }
394 if (fmode & (FWRITE | O_TRUNC)) {
395 /*
396 * If we are writing, appending, and not truncating,
397 * indicate that we are appending so that if the
398 * UF_APPEND or SF_APPEND bits are set, we do not deny
399 * the open.
400 */
401 if ((fmode & O_APPEND) && !(fmode & O_TRUNC)) {
402 action |= KAUTH_VNODE_APPEND_DATA;
403 } else {
404 action |= KAUTH_VNODE_WRITE_DATA;
405 }
406 }
407 if ((error = vnode_authorize(vp, NULL, action, ctx)) != 0)
408 goto bad;
409
410
411 //
412 // if the vnode is tagged VOPENEVT and the current process
413 // has the P_CHECKOPENEVT flag set, then we or in the O_EVTONLY
414 // flag to the open mode so that this open won't count against
415 // the vnode when carbon delete() does a vnode_isinuse() to see
416 // if a file is currently in use. this allows spotlight
417 // importers to not interfere with carbon apps that depend on
418 // the no-delete-if-busy semantics of carbon delete().
419 //
420 if ((vp->v_flag & VOPENEVT) && (current_proc()->p_flag & P_CHECKOPENEVT)) {
421 fmode |= O_EVTONLY;
422 }
423
424 }
425
426 if ( (error = VNOP_OPEN(vp, fmode, ctx)) ) {
427 goto bad;
428 }
429 if ( (error = vnode_ref_ext(vp, fmode)) ) {
430 goto bad2;
431 }
432
433 /* call out to allow 3rd party notification of open.
434 * Ignore result of kauth_authorize_fileop call.
435 */
436 kauth_authorize_fileop(vfs_context_ucred(ctx), KAUTH_FILEOP_OPEN,
437 (uintptr_t)vp, 0);
438
439 *fmodep = fmode;
440 return (0);
441bad2:
442 VNOP_CLOSE(vp, fmode, ctx);
443bad:
444 ndp->ni_vp = NULL;
445 if (vp) {
446#if NAMEDRSRCFORK
447 /* Aggressively recycle shadow files if we error'd out during open() */
448 if ((vnode_isnamedstream(vp)) &&
449 (vp->v_parent != NULLVP) &&
450 (vnode_isshadow(vp))) {
451 vnode_recycle(vp);
452 }
453#endif
454 vnode_put(vp);
455 /*
456 * Check for a race against unlink. We had a vnode
457 * but according to vnode_authorize or VNOP_OPEN it
458 * no longer exists.
459 *
460 * EREDRIVEOPEN: means that we were hit by the tty allocation race.
461 */
462 if (((error == ENOENT) && (*fmodep & O_CREAT)) || (error == EREDRIVEOPEN)) {
463 goto again;
464 }
465 }
466out:
467 return (error);
468}
469
470#if vn_access_DEPRECATED
471/*
472 * Authorize an action against a vnode. This has been the canonical way to
473 * ensure that the credential/process/etc. referenced by a vfs_context
474 * is granted the rights called out in 'mode' against the vnode 'vp'.
475 *
476 * Unfortunately, the use of VREAD/VWRITE/VEXEC makes it very difficult
477 * to add support for more rights. As such, this interface will be deprecated
478 * and callers will use vnode_authorize instead.
479 */
480int
481vn_access(vnode_t vp, int mode, vfs_context_t context)
482{
483 kauth_action_t action;
484
485 action = 0;
486 if (mode & VREAD)
487 action |= KAUTH_VNODE_READ_DATA;
488 if (mode & VWRITE)
489 action |= KAUTH_VNODE_WRITE_DATA;
490 if (mode & VEXEC)
491 action |= KAUTH_VNODE_EXECUTE;
492
493 return(vnode_authorize(vp, NULL, action, context));
494}
495#endif /* vn_access_DEPRECATED */
496
497/*
498 * Vnode close call
499 */
500int
501vn_close(struct vnode *vp, int flags, vfs_context_t ctx)
502{
503 int error;
504
505#if CONFIG_FSE
506 if (flags & FWASWRITTEN) {
507 if (need_fsevent(FSE_CONTENT_MODIFIED, vp)) {
508 add_fsevent(FSE_CONTENT_MODIFIED, ctx,
509 FSE_ARG_VNODE, vp,
510 FSE_ARG_DONE);
511 }
512 }
513#endif
514
515#if NAMEDRSRCFORK
516 /* Sync data from resource fork shadow file if needed. */
517 if ((vp->v_flag & VISNAMEDSTREAM) &&
518 (vp->v_parent != NULLVP) &&
519 vnode_isshadow(vp)) {
520 if (flags & FWASWRITTEN) {
521 (void) vnode_flushnamedstream(vp->v_parent, vp, ctx);
522 }
523 }
524#endif
525
526 /* work around for foxhound */
527 if (vnode_isspec(vp))
528 (void)vnode_rele_ext(vp, flags, 0);
529
530 error = VNOP_CLOSE(vp, flags, ctx);
531
532 if (!vnode_isspec(vp))
533 (void)vnode_rele_ext(vp, flags, 0);
534
535 return (error);
536}
537
538static int
539vn_read_swapfile(
540 struct vnode *vp,
541 uio_t uio)
542{
543 int error;
544 off_t swap_count, this_count;
545 off_t file_end, read_end;
546 off_t prev_resid;
547 char *my_swap_page;
548
549 /*
550 * Reading from a swap file will get you zeroes.
551 */
552
553 my_swap_page = NULL;
554 error = 0;
555 swap_count = uio_resid(uio);
556
557 file_end = ubc_getsize(vp);
558 read_end = uio->uio_offset + uio_resid(uio);
559 if (uio->uio_offset >= file_end) {
560 /* uio starts after end of file: nothing to read */
561 swap_count = 0;
562 } else if (read_end > file_end) {
563 /* uio extends beyond end of file: stop before that */
564 swap_count -= (read_end - file_end);
565 }
566
567 while (swap_count > 0) {
568 if (my_swap_page == NULL) {
569 MALLOC(my_swap_page, char *, PAGE_SIZE,
570 M_TEMP, M_WAITOK);
571 memset(my_swap_page, '\0', PAGE_SIZE);
572 /* add an end-of-line to keep line counters happy */
573 my_swap_page[PAGE_SIZE-1] = '\n';
574 }
575 this_count = swap_count;
576 if (this_count > PAGE_SIZE) {
577 this_count = PAGE_SIZE;
578 }
579
580 prev_resid = uio_resid(uio);
581 error = uiomove((caddr_t) my_swap_page,
582 this_count,
583 uio);
584 if (error) {
585 break;
586 }
587 swap_count -= (prev_resid - uio_resid(uio));
588 }
589 if (my_swap_page != NULL) {
590 FREE(my_swap_page, M_TEMP);
591 my_swap_page = NULL;
592 }
593
594 return error;
595}
596/*
597 * Package up an I/O request on a vnode into a uio and do it.
598 */
599int
600vn_rdwr(
601 enum uio_rw rw,
602 struct vnode *vp,
603 caddr_t base,
604 int len,
605 off_t offset,
606 enum uio_seg segflg,
607 int ioflg,
608 kauth_cred_t cred,
609 int *aresid,
610 proc_t p)
611{
612 int64_t resid;
613 int result;
614
615 result = vn_rdwr_64(rw,
616 vp,
617 (uint64_t)(uintptr_t)base,
618 (int64_t)len,
619 offset,
620 segflg,
621 ioflg,
622 cred,
623 &resid,
624 p);
625
626 /* "resid" should be bounded above by "len," which is an int */
627 if (aresid != NULL) {
628 *aresid = resid;
629 }
630
631 return result;
632}
633
634
635int
636vn_rdwr_64(
637 enum uio_rw rw,
638 struct vnode *vp,
639 uint64_t base,
640 int64_t len,
641 off_t offset,
642 enum uio_seg segflg,
643 int ioflg,
644 kauth_cred_t cred,
645 int64_t *aresid,
646 proc_t p)
647{
648 uio_t auio;
649 int spacetype;
650 struct vfs_context context;
651 int error=0;
652 char uio_buf[ UIO_SIZEOF(1) ];
653
654 context.vc_thread = current_thread();
655 context.vc_ucred = cred;
656
657 if (UIO_SEG_IS_USER_SPACE(segflg)) {
658 spacetype = proc_is64bit(p) ? UIO_USERSPACE64 : UIO_USERSPACE32;
659 }
660 else {
661 spacetype = UIO_SYSSPACE;
662 }
663 auio = uio_createwithbuffer(1, offset, spacetype, rw,
664 &uio_buf[0], sizeof(uio_buf));
665 uio_addiov(auio, base, len);
666
667#if CONFIG_MACF
668 /* XXXMAC
669 * IO_NOAUTH should be re-examined.
670 * Likely that mediation should be performed in caller.
671 */
672 if ((ioflg & IO_NOAUTH) == 0) {
673 /* passed cred is fp->f_cred */
674 if (rw == UIO_READ)
675 error = mac_vnode_check_read(&context, cred, vp);
676 else
677 error = mac_vnode_check_write(&context, cred, vp);
678 }
679#endif
680
681 if (error == 0) {
682 if (rw == UIO_READ) {
683 if (vnode_isswap(vp)) {
684 error = vn_read_swapfile(vp, auio);
685 } else {
686 error = VNOP_READ(vp, auio, ioflg, &context);
687 }
688 } else {
689 error = VNOP_WRITE(vp, auio, ioflg, &context);
690 }
691 }
692
693 if (aresid)
694 *aresid = uio_resid(auio);
695 else
696 if (uio_resid(auio) && error == 0)
697 error = EIO;
698 return (error);
699}
700
701/*
702 * File table vnode read routine.
703 */
704static int
705vn_read(struct fileproc *fp, struct uio *uio, int flags, vfs_context_t ctx)
706{
707 struct vnode *vp;
708 int error, ioflag;
709 off_t count;
710
711 vp = (struct vnode *)fp->f_fglob->fg_data;
712 if ( (error = vnode_getwithref(vp)) ) {
713 return(error);
714 }
715
716#if CONFIG_MACF
717 error = mac_vnode_check_read(ctx, vfs_context_ucred(ctx), vp);
718 if (error) {
719 (void)vnode_put(vp);
720 return (error);
721 }
722#endif
723
724 ioflag = 0;
725 if (fp->f_fglob->fg_flag & FNONBLOCK)
726 ioflag |= IO_NDELAY;
727 if ((fp->f_fglob->fg_flag & FNOCACHE) || vnode_isnocache(vp))
728 ioflag |= IO_NOCACHE;
729 if (fp->f_fglob->fg_flag & FNORDAHEAD)
730 ioflag |= IO_RAOFF;
731
732 if ((flags & FOF_OFFSET) == 0)
733 uio->uio_offset = fp->f_fglob->fg_offset;
734 count = uio_resid(uio);
735
736 if (vnode_isswap(vp)) {
737 /* special case for swap files */
738 error = vn_read_swapfile(vp, uio);
739 } else {
740 error = VNOP_READ(vp, uio, ioflag, ctx);
741 }
742 if ((flags & FOF_OFFSET) == 0)
743 fp->f_fglob->fg_offset += count - uio_resid(uio);
744
745 (void)vnode_put(vp);
746 return (error);
747}
748
749
750/*
751 * File table vnode write routine.
752 */
753static int
754vn_write(struct fileproc *fp, struct uio *uio, int flags, vfs_context_t ctx)
755{
756 struct vnode *vp;
757 int error, ioflag;
758 off_t count;
759 int clippedsize = 0;
760 int partialwrite=0;
761 int residcount, oldcount;
762 proc_t p = vfs_context_proc(ctx);
763
764 count = 0;
765 vp = (struct vnode *)fp->f_fglob->fg_data;
766 if ( (error = vnode_getwithref(vp)) ) {
767 return(error);
768 }
769
770#if CONFIG_MACF
771 error = mac_vnode_check_write(ctx, vfs_context_ucred(ctx), vp);
772 if (error) {
773 (void)vnode_put(vp);
774 return (error);
775 }
776#endif
777
778 ioflag = IO_UNIT;
779 if (vp->v_type == VREG && (fp->f_fglob->fg_flag & O_APPEND))
780 ioflag |= IO_APPEND;
781 if (fp->f_fglob->fg_flag & FNONBLOCK)
782 ioflag |= IO_NDELAY;
783 if ((fp->f_fglob->fg_flag & FNOCACHE) || vnode_isnocache(vp))
784 ioflag |= IO_NOCACHE;
785 /*
786 * Treat synchronous mounts and O_FSYNC on the fd as equivalent.
787 *
788 * XXX We treat O_DSYNC as O_FSYNC for now, since we can not delay
789 * XXX the non-essential metadata without some additional VFS work;
790 * XXX the intent at this point is to plumb the interface for it.
791 */
792 if ((fp->f_fglob->fg_flag & (O_FSYNC|O_DSYNC)) ||
793 (vp->v_mount && (vp->v_mount->mnt_flag & MNT_SYNCHRONOUS))) {
794 ioflag |= IO_SYNC;
795 }
796
797 if ((flags & FOF_OFFSET) == 0) {
798 uio->uio_offset = fp->f_fglob->fg_offset;
799 count = uio_resid(uio);
800 }
801 if (((flags & FOF_OFFSET) == 0) &&
802 vfs_context_proc(ctx) && (vp->v_type == VREG) &&
803 (((rlim_t)(uio->uio_offset + uio_resid(uio)) > p->p_rlimit[RLIMIT_FSIZE].rlim_cur) ||
804 ((rlim_t)uio_resid(uio) > (p->p_rlimit[RLIMIT_FSIZE].rlim_cur - uio->uio_offset)))) {
805 /*
806 * If the requested residual would cause us to go past the
807 * administrative limit, then we need to adjust the residual
808 * down to cause fewer bytes than requested to be written. If
809 * we can't do that (e.g. the residual is already 1 byte),
810 * then we fail the write with EFBIG.
811 */
812 residcount = uio_resid(uio);
813 if ((rlim_t)(uio->uio_offset + uio_resid(uio)) > p->p_rlimit[RLIMIT_FSIZE].rlim_cur) {
814 clippedsize = (uio->uio_offset + uio_resid(uio)) - p->p_rlimit[RLIMIT_FSIZE].rlim_cur;
815 } else if ((rlim_t)uio_resid(uio) > (p->p_rlimit[RLIMIT_FSIZE].rlim_cur - uio->uio_offset)) {
816 clippedsize = (p->p_rlimit[RLIMIT_FSIZE].rlim_cur - uio->uio_offset);
817 }
818 if (clippedsize >= residcount) {
819 psignal(p, SIGXFSZ);
820 vnode_put(vp);
821 return (EFBIG);
822 }
823 partialwrite = 1;
824 uio_setresid(uio, residcount-clippedsize);
825 }
826 if ((flags & FOF_OFFSET) != 0) {
827 /* for pwrite, append should be ignored */
828 ioflag &= ~IO_APPEND;
829 if (p && (vp->v_type == VREG) &&
830 ((rlim_t)uio->uio_offset >= p->p_rlimit[RLIMIT_FSIZE].rlim_cur)) {
831 psignal(p, SIGXFSZ);
832 vnode_put(vp);
833 return (EFBIG);
834 }
835 if (p && (vp->v_type == VREG) &&
836 ((rlim_t)(uio->uio_offset + uio_resid(uio)) > p->p_rlimit[RLIMIT_FSIZE].rlim_cur)) {
837 //Debugger("vn_bwrite:overstepping the bounds");
838 residcount = uio_resid(uio);
839 clippedsize = (uio->uio_offset + uio_resid(uio)) - p->p_rlimit[RLIMIT_FSIZE].rlim_cur;
840 partialwrite = 1;
841 uio_setresid(uio, residcount-clippedsize);
842 }
843 }
844
845 error = VNOP_WRITE(vp, uio, ioflag, ctx);
846
847 if (partialwrite) {
848 oldcount = uio_resid(uio);
849 uio_setresid(uio, oldcount + clippedsize);
850 }
851
852 if ((flags & FOF_OFFSET) == 0) {
853 if (ioflag & IO_APPEND)
854 fp->f_fglob->fg_offset = uio->uio_offset;
855 else
856 fp->f_fglob->fg_offset += count - uio_resid(uio);
857 }
858
859 /*
860 * Set the credentials on successful writes
861 */
862 if ((error == 0) && (vp->v_tag == VT_NFS) && (UBCINFOEXISTS(vp))) {
863 /*
864 * When called from aio subsystem, we only have the proc from
865 * which to get the credential, at this point, so use that
866 * instead. This means aio functions are incompatible with
867 * per-thread credentials (aio operations are proxied). We
868 * can't easily correct the aio vs. settid race in this case
869 * anyway, so we disallow it.
870 */
871 if ((flags & FOF_PCRED) == 0) {
872 ubc_setthreadcred(vp, p, current_thread());
873 } else {
874 ubc_setcred(vp, p);
875 }
876 }
877 (void)vnode_put(vp);
878 return (error);
879}
880
881/*
882 * File table vnode stat routine.
883 *
884 * Returns: 0 Success
885 * EBADF
886 * ENOMEM
887 * vnode_getattr:???
888 */
889int
890vn_stat_noauth(struct vnode *vp, void *sbptr, kauth_filesec_t *xsec, int isstat64, vfs_context_t ctx)
891{
892 struct vnode_attr va;
893 int error;
894 u_short mode;
895 kauth_filesec_t fsec;
896 struct stat *sb = (struct stat *)0; /* warning avoidance ; protected by isstat64 */
897 struct stat64 * sb64 = (struct stat64 *)0; /* warning avoidance ; protected by isstat64 */
898
899 if (isstat64 != 0)
900 sb64 = (struct stat64 *)sbptr;
901 else
902 sb = (struct stat *)sbptr;
903 memset(&va, 0, sizeof(va));
904 VATTR_INIT(&va);
905 VATTR_WANTED(&va, va_fsid);
906 VATTR_WANTED(&va, va_fileid);
907 VATTR_WANTED(&va, va_mode);
908 VATTR_WANTED(&va, va_type);
909 VATTR_WANTED(&va, va_nlink);
910 VATTR_WANTED(&va, va_uid);
911 VATTR_WANTED(&va, va_gid);
912 VATTR_WANTED(&va, va_rdev);
913 VATTR_WANTED(&va, va_data_size);
914 VATTR_WANTED(&va, va_access_time);
915 VATTR_WANTED(&va, va_modify_time);
916 VATTR_WANTED(&va, va_change_time);
917 VATTR_WANTED(&va, va_create_time);
918 VATTR_WANTED(&va, va_flags);
919 VATTR_WANTED(&va, va_gen);
920 VATTR_WANTED(&va, va_iosize);
921 /* lower layers will synthesise va_total_alloc from va_data_size if required */
922 VATTR_WANTED(&va, va_total_alloc);
923 if (xsec != NULL) {
924 VATTR_WANTED(&va, va_uuuid);
925 VATTR_WANTED(&va, va_guuid);
926 VATTR_WANTED(&va, va_acl);
927 }
928 error = vnode_getattr(vp, &va, ctx);
929 if (error)
930 goto out;
931 /*
932 * Copy from vattr table
933 */
934 if (isstat64 != 0) {
935 sb64->st_dev = va.va_fsid;
936 sb64->st_ino = (ino64_t)va.va_fileid;
937
938 } else {
939 sb->st_dev = va.va_fsid;
940 sb->st_ino = (ino_t)va.va_fileid;
941 }
942 mode = va.va_mode;
943 switch (vp->v_type) {
944 case VREG:
945 mode |= S_IFREG;
946 break;
947 case VDIR:
948 mode |= S_IFDIR;
949 break;
950 case VBLK:
951 mode |= S_IFBLK;
952 break;
953 case VCHR:
954 mode |= S_IFCHR;
955 break;
956 case VLNK:
957 mode |= S_IFLNK;
958 break;
959 case VSOCK:
960 mode |= S_IFSOCK;
961 break;
962 case VFIFO:
963 mode |= S_IFIFO;
964 break;
965 default:
966 error = EBADF;
967 goto out;
968 };
969 if (isstat64 != 0) {
970 sb64->st_mode = mode;
971 sb64->st_nlink = VATTR_IS_SUPPORTED(&va, va_nlink) ? (u_int16_t)va.va_nlink : 1;
972 sb64->st_uid = va.va_uid;
973 sb64->st_gid = va.va_gid;
974 sb64->st_rdev = va.va_rdev;
975 sb64->st_size = va.va_data_size;
976 sb64->st_atimespec = va.va_access_time;
977 sb64->st_mtimespec = va.va_modify_time;
978 sb64->st_ctimespec = va.va_change_time;
979 sb64->st_birthtimespec =
980 VATTR_IS_SUPPORTED(&va, va_create_time) ? va.va_create_time : va.va_change_time;
981 sb64->st_blksize = va.va_iosize;
982 sb64->st_flags = va.va_flags;
983 sb64->st_blocks = roundup(va.va_total_alloc, 512) / 512;
984 } else {
985 sb->st_mode = mode;
986 sb->st_nlink = VATTR_IS_SUPPORTED(&va, va_nlink) ? (u_int16_t)va.va_nlink : 1;
987 sb->st_uid = va.va_uid;
988 sb->st_gid = va.va_gid;
989 sb->st_rdev = va.va_rdev;
990 sb->st_size = va.va_data_size;
991 sb->st_atimespec = va.va_access_time;
992 sb->st_mtimespec = va.va_modify_time;
993 sb->st_ctimespec = va.va_change_time;
994 sb->st_blksize = va.va_iosize;
995 sb->st_flags = va.va_flags;
996 sb->st_blocks = roundup(va.va_total_alloc, 512) / 512;
997 }
998
999 /* if we're interested in exended security data and we got an ACL */
1000 if (xsec != NULL) {
1001 if (!VATTR_IS_SUPPORTED(&va, va_acl) &&
1002 !VATTR_IS_SUPPORTED(&va, va_uuuid) &&
1003 !VATTR_IS_SUPPORTED(&va, va_guuid)) {
1004 *xsec = KAUTH_FILESEC_NONE;
1005 } else {
1006
1007 if (VATTR_IS_SUPPORTED(&va, va_acl) && (va.va_acl != NULL)) {
1008 fsec = kauth_filesec_alloc(va.va_acl->acl_entrycount);
1009 } else {
1010 fsec = kauth_filesec_alloc(0);
1011 }
1012 if (fsec == NULL) {
1013 error = ENOMEM;
1014 goto out;
1015 }
1016 fsec->fsec_magic = KAUTH_FILESEC_MAGIC;
1017 if (VATTR_IS_SUPPORTED(&va, va_uuuid)) {
1018 fsec->fsec_owner = va.va_uuuid;
1019 } else {
1020 fsec->fsec_owner = kauth_null_guid;
1021 }
1022 if (VATTR_IS_SUPPORTED(&va, va_guuid)) {
1023 fsec->fsec_group = va.va_guuid;
1024 } else {
1025 fsec->fsec_group = kauth_null_guid;
1026 }
1027 if (VATTR_IS_SUPPORTED(&va, va_acl) && (va.va_acl != NULL)) {
1028 bcopy(va.va_acl, &(fsec->fsec_acl), KAUTH_ACL_COPYSIZE(va.va_acl));
1029 } else {
1030 fsec->fsec_acl.acl_entrycount = KAUTH_FILESEC_NOACL;
1031 }
1032 *xsec = fsec;
1033 }
1034 }
1035
1036 /* Do not give the generation number out to unpriviledged users */
1037 if (va.va_gen && !vfs_context_issuser(ctx)) {
1038 if (isstat64 != 0)
1039 sb64->st_gen = 0;
1040 else
1041 sb->st_gen = 0;
1042 } else {
1043 if (isstat64 != 0)
1044 sb64->st_gen = va.va_gen;
1045 else
1046 sb->st_gen = va.va_gen;
1047 }
1048
1049 error = 0;
1050out:
1051 if (VATTR_IS_SUPPORTED(&va, va_acl) && va.va_acl != NULL)
1052 kauth_acl_free(va.va_acl);
1053 return (error);
1054}
1055
1056int
1057vn_stat(struct vnode *vp, void *sb, kauth_filesec_t *xsec, int isstat64, vfs_context_t ctx)
1058{
1059 int error;
1060
1061#if CONFIG_MACF
1062 error = mac_vnode_check_stat(ctx, NOCRED, vp);
1063 if (error)
1064 return (error);
1065#endif
1066
1067 /* authorize */
1068 if ((error = vnode_authorize(vp, NULL, KAUTH_VNODE_READ_ATTRIBUTES | KAUTH_VNODE_READ_SECURITY, ctx)) != 0)
1069 return(error);
1070
1071 /* actual stat */
1072 return(vn_stat_noauth(vp, sb, xsec, isstat64, ctx));
1073}
1074
1075
1076/*
1077 * File table vnode ioctl routine.
1078 */
1079static int
1080vn_ioctl(struct fileproc *fp, u_long com, caddr_t data, vfs_context_t ctx)
1081{
1082 struct vnode *vp = ((struct vnode *)fp->f_fglob->fg_data);
1083 off_t file_size;
1084 int error;
1085 struct vnode *ttyvp;
1086 int funnel_state;
1087 struct session * sessp;
1088
1089 if ( (error = vnode_getwithref(vp)) ) {
1090 return(error);
1091 }
1092
1093#if CONFIG_MACF
1094 error = mac_vnode_check_ioctl(ctx, vp, com);
1095 if (error)
1096 goto out;
1097#endif
1098
1099 switch (vp->v_type) {
1100 case VREG:
1101 case VDIR:
1102 if (com == FIONREAD) {
1103 if ((error = vnode_size(vp, &file_size, ctx)) != 0)
1104 goto out;
1105 *(int *)data = file_size - fp->f_fglob->fg_offset;
1106 goto out;
1107 }
1108 if (com == FIONBIO || com == FIOASYNC) { /* XXX */
1109 goto out;
1110 }
1111 /* fall into ... */
1112
1113 default:
1114 error = ENOTTY;
1115 goto out;
1116
1117 case VFIFO:
1118 case VCHR:
1119 case VBLK:
1120
1121 /* Should not be able to set block size from user space */
1122 if (com == DKIOCSETBLOCKSIZE) {
1123 error = EPERM;
1124 goto out;
1125 }
1126
1127 if (com == FIODTYPE) {
1128 if (vp->v_type == VBLK) {
1129 if (major(vp->v_rdev) >= nblkdev) {
1130 error = ENXIO;
1131 goto out;
1132 }
1133 *(int *)data = bdevsw[major(vp->v_rdev)].d_type;
1134
1135 } else if (vp->v_type == VCHR) {
1136 if (major(vp->v_rdev) >= nchrdev) {
1137 error = ENXIO;
1138 goto out;
1139 }
1140 *(int *)data = cdevsw[major(vp->v_rdev)].d_type;
1141 } else {
1142 error = ENOTTY;
1143 goto out;
1144 }
1145 goto out;
1146 }
1147 error = VNOP_IOCTL(vp, com, data, fp->f_fglob->fg_flag, ctx);
1148
1149 if (error == 0 && com == TIOCSCTTY) {
1150 vnode_ref(vp);
1151
1152 funnel_state = thread_funnel_set(kernel_flock, TRUE);
1153 sessp = proc_session(vfs_context_proc(ctx));
1154
1155 session_lock(sessp);
1156 ttyvp = sessp->s_ttyvp;
1157 sessp->s_ttyvp = vp;
1158 sessp->s_ttyvid = vnode_vid(vp);
1159 session_unlock(sessp);
1160 session_rele(sessp);
1161 thread_funnel_set(kernel_flock, funnel_state);
1162
1163 if (ttyvp)
1164 vnode_rele(ttyvp);
1165 }
1166 }
1167out:
1168 (void)vnode_put(vp);
1169 return(error);
1170}
1171
1172/*
1173 * File table vnode select routine.
1174 */
1175static int
1176vn_select(struct fileproc *fp, int which, void *wql, __unused vfs_context_t ctx)
1177{
1178 int error;
1179 struct vnode * vp = (struct vnode *)fp->f_fglob->fg_data;
1180 struct vfs_context context;
1181
1182 if ( (error = vnode_getwithref(vp)) == 0 ) {
1183 context.vc_thread = current_thread();
1184 context.vc_ucred = fp->f_fglob->fg_cred;
1185
1186#if CONFIG_MACF
1187 /*
1188 * XXX We should use a per thread credential here; minimally,
1189 * XXX the process credential should have a persistent
1190 * XXX reference on it before being passed in here.
1191 */
1192 error = mac_vnode_check_select(ctx, vp, which);
1193 if (error == 0)
1194#endif
1195 error = VNOP_SELECT(vp, which, fp->f_fglob->fg_flag, wql, ctx);
1196
1197 (void)vnode_put(vp);
1198 }
1199 return(error);
1200
1201}
1202
1203/*
1204 * File table vnode close routine.
1205 */
1206static int
1207vn_closefile(struct fileglob *fg, vfs_context_t ctx)
1208{
1209 struct vnode *vp = (struct vnode *)fg->fg_data;
1210 int error;
1211 struct flock lf;
1212
1213 if ( (error = vnode_getwithref(vp)) == 0 ) {
1214
1215 if ((fg->fg_flag & FHASLOCK) && fg->fg_type == DTYPE_VNODE) {
1216 lf.l_whence = SEEK_SET;
1217 lf.l_start = 0;
1218 lf.l_len = 0;
1219 lf.l_type = F_UNLCK;
1220
1221 (void)VNOP_ADVLOCK(vp, (caddr_t)fg, F_UNLCK, &lf, F_FLOCK, ctx);
1222 }
1223 error = vn_close(vp, fg->fg_flag, ctx);
1224
1225 (void)vnode_put(vp);
1226 }
1227 return(error);
1228}
1229
1230/*
1231 * Returns: 0 Success
1232 * VNOP_PATHCONF:???
1233 */
1234int
1235vn_pathconf(vnode_t vp, int name, int32_t *retval, vfs_context_t ctx)
1236{
1237 int error = 0;
1238
1239 switch(name) {
1240 case _PC_EXTENDED_SECURITY_NP:
1241 *retval = vfs_extendedsecurity(vnode_mount(vp)) ? 1 : 0;
1242 break;
1243 case _PC_AUTH_OPAQUE_NP:
1244 *retval = vfs_authopaque(vnode_mount(vp));
1245 break;
1246 case _PC_2_SYMLINKS:
1247 *retval = 1; /* XXX NOTSUP on MSDOS, etc. */
1248 break;
1249 case _PC_ALLOC_SIZE_MIN:
1250 *retval = 1; /* XXX lie: 1 byte */
1251 break;
1252 case _PC_ASYNC_IO: /* unistd.h: _POSIX_ASYNCHRONUS_IO */
1253 *retval = 1; /* [AIO] option is supported */
1254 break;
1255 case _PC_PRIO_IO: /* unistd.h: _POSIX_PRIORITIZED_IO */
1256 *retval = 0; /* [PIO] option is not supported */
1257 break;
1258 case _PC_REC_INCR_XFER_SIZE:
1259 *retval = 4096; /* XXX go from MIN to MAX 4K at a time */
1260 break;
1261 case _PC_REC_MIN_XFER_SIZE:
1262 *retval = 4096; /* XXX recommend 4K minimum reads/writes */
1263 break;
1264 case _PC_REC_MAX_XFER_SIZE:
1265 *retval = 65536; /* XXX recommend 64K maximum reads/writes */
1266 break;
1267 case _PC_REC_XFER_ALIGN:
1268 *retval = 4096; /* XXX recommend page aligned buffers */
1269 break;
1270 case _PC_SYMLINK_MAX:
1271 *retval = 255; /* Minimum acceptable POSIX value */
1272 break;
1273 case _PC_SYNC_IO: /* unistd.h: _POSIX_SYNCHRONIZED_IO */
1274 *retval = 0; /* [SIO] option is not supported */
1275 break;
1276 default:
1277 error = VNOP_PATHCONF(vp, name, retval, ctx);
1278 break;
1279 }
1280
1281 return (error);
1282}
1283
1284static int
1285vn_kqfilt_add(struct fileproc *fp, struct knote *kn, vfs_context_t ctx)
1286{
1287 int error;
1288 struct vnode *vp;
1289
1290 vp = (struct vnode *)fp->f_fglob->fg_data;
1291
1292 /*
1293 * Don't attach a knote to a dead vnode.
1294 */
1295 if ((error = vget_internal(vp, 0, VNODE_NODEAD)) == 0) {
1296 switch (kn->kn_filter) {
1297 case EVFILT_READ:
1298 case EVFILT_WRITE:
1299 if (vnode_isfifo(vp)) {
1300 /* We'll only watch FIFOs that use our fifofs */
1301 if (!(vp->v_fifoinfo && vp->v_fifoinfo->fi_readsock)) {
1302 error = ENOTSUP;
1303 }
1304
1305 } else if (!vnode_isreg(vp)) {
1306 if (vnode_isspec(vp) &&
1307 (error = spec_kqfilter(vp, kn)) == 0) {
1308 /* claimed by a special device */
1309 vnode_put(vp);
1310 return 0;
1311 }
1312
1313 error = EINVAL;
1314 }
1315 break;
1316 case EVFILT_VNODE:
1317 break;
1318 default:
1319 error = EINVAL;
1320 }
1321
1322 if (error) {
1323 vnode_put(vp);
1324 return error;
1325 }
1326
1327#if CONFIG_MACF
1328 error = mac_vnode_check_kqfilter(ctx, fp->f_fglob->fg_cred, kn, vp);
1329 if (error) {
1330 vnode_put(vp);
1331 return error;
1332 }
1333#endif
1334
1335 kn->kn_hook = (void*)vp;
1336 kn->kn_hookid = vnode_vid(vp);
1337 kn->kn_fop = &vnode_filtops;
1338
1339 vnode_lock(vp);
1340 KNOTE_ATTACH(&vp->v_knotes, kn);
1341 vnode_unlock(vp);
1342
1343 /* Ask the filesystem to provide remove notifications, but ignore failure */
1344 VNOP_MONITOR(vp, 0, VNODE_MONITOR_BEGIN, (void*) kn, ctx);
1345
1346 vnode_put(vp);
1347 }
1348
1349 return (error);
1350}
1351
1352static void
1353filt_vndetach(struct knote *kn)
1354{
1355 vfs_context_t ctx = vfs_context_current();
1356 struct vnode *vp;
1357 vp = (struct vnode *)kn->kn_hook;
1358 if (vnode_getwithvid(vp, kn->kn_hookid))
1359 return;
1360
1361 vnode_lock(vp);
1362 KNOTE_DETACH(&vp->v_knotes, kn);
1363 vnode_unlock(vp);
1364
1365 /*
1366 * Tell a (generally networked) filesystem that we're no longer watching
1367 * If the FS wants to track contexts, it should still be using the one from
1368 * the VNODE_MONITOR_BEGIN.
1369 */
1370 VNOP_MONITOR(vp, 0, VNODE_MONITOR_END, (void*)kn, ctx);
1371 vnode_put(vp);
1372}
1373
1374
1375/*
1376 * Used for EVFILT_READ
1377 *
1378 * Takes only VFIFO or VREG. vnode is locked. We handle the "poll" case
1379 * differently than the regular case for VREG files. If not in poll(),
1380 * then we need to know current fileproc offset for VREG.
1381 */
1382static intptr_t
1383vnode_readable_data_count(vnode_t vp, off_t current_offset, int ispoll)
1384{
1385 if (vnode_isfifo(vp)) {
1386 int cnt;
1387 int err = fifo_charcount(vp, &cnt);
1388 if (err == 0) {
1389 return (intptr_t)cnt;
1390 } else {
1391 return (intptr_t)0;
1392 }
1393 } else if (vnode_isreg(vp)) {
1394 if (ispoll) {
1395 return (intptr_t)1;
1396 }
1397
1398 off_t amount;
1399 amount = vp->v_un.vu_ubcinfo->ui_size - current_offset;
1400 if (amount > (off_t)INTPTR_MAX) {
1401 return INTPTR_MAX;
1402 } else if (amount < (off_t)INTPTR_MIN) {
1403 return INTPTR_MIN;
1404 } else {
1405 return (intptr_t)amount;
1406 }
1407 } else {
1408 panic("Should never have an EVFILT_READ except for reg or fifo.");
1409 return 0;
1410 }
1411}
1412
1413/*
1414 * Used for EVFILT_WRITE.
1415 *
1416 * For regular vnodes, we can always write (1). For named pipes,
1417 * see how much space there is in the buffer. Nothing else is covered.
1418 */
1419static intptr_t
1420vnode_writable_space_count(vnode_t vp)
1421{
1422 if (vnode_isfifo(vp)) {
1423 long spc;
1424 int err = fifo_freespace(vp, &spc);
1425 if (err == 0) {
1426 return (intptr_t)spc;
1427 } else {
1428 return (intptr_t)0;
1429 }
1430 } else if (vnode_isreg(vp)) {
1431 return (intptr_t)1;
1432 } else {
1433 panic("Should never have an EVFILT_READ except for reg or fifo.");
1434 return 0;
1435 }
1436}
1437
1438/*
1439 * Determine whether this knote should be active
1440 *
1441 * This is kind of subtle.
1442 * --First, notice if the vnode has been revoked: in so, override hint
1443 * --EVFILT_READ knotes are checked no matter what the hint is
1444 * --Other knotes activate based on hint.
1445 * --If hint is revoke, set special flags and activate
1446 */
1447static int
1448filt_vnode(struct knote *kn, long hint)
1449{
1450 struct vnode *vp = (struct vnode *)kn->kn_hook;
1451 int activate = 0;
1452
1453 if (0 == hint) {
1454 if ((vnode_getwithvid(vp, kn->kn_hookid) != 0)) {
1455 hint = NOTE_REVOKE;
1456 } else {
1457 vnode_put(vp);
1458 }
1459 }
1460
1461 /* NOTE_REVOKE is special, as it is only sent during vnode reclaim */
1462 if (NOTE_REVOKE == hint) {
1463 kn->kn_flags |= (EV_EOF | EV_ONESHOT);
1464 activate = 1;
1465
1466 if ((kn->kn_filter == EVFILT_VNODE) && (kn->kn_sfflags & NOTE_REVOKE)) {
1467 kn->kn_fflags |= NOTE_REVOKE;
1468 }
1469 } else {
1470 switch(kn->kn_filter) {
1471 case EVFILT_READ:
1472 kn->kn_data = vnode_readable_data_count(vp, kn->kn_fp->f_fglob->fg_offset, (kn->kn_flags & EV_POLL));
1473
1474 if (kn->kn_data != 0) {
1475 activate = 1;
1476 }
1477 break;
1478 case EVFILT_WRITE:
1479 kn->kn_data = vnode_writable_space_count(vp);
1480
1481 if (kn->kn_data != 0) {
1482 activate = 1;
1483 }
1484 break;
1485 case EVFILT_VNODE:
1486 /* Check events this note matches against the hint */
1487 if (kn->kn_sfflags & hint) {
1488 kn->kn_fflags |= hint; /* Set which event occurred */
1489 }
1490 if (kn->kn_fflags != 0) {
1491 activate = 1;
1492 }
1493 break;
1494 default:
1495 panic("Invalid knote filter on a vnode!\n");
1496 }
1497 }
1498
1499 return (activate);
1500}
mirror of XNU