]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/sys_generic.c
projects / apple / xnu.git / blob
? search:


c839e868f364ddcf822a0d86e00c403650e62bc9
[apple/xnu.git] / bsd / kern / sys_generic.c
1 /*
2 * Copyright (c) 2000-2014 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
29 /*
30 * Copyright (c) 1982, 1986, 1989, 1993
31 * The Regents of the University of California. All rights reserved.
32 * (c) UNIX System Laboratories, Inc.
33 * All or some portions of this file are derived from material licensed
34 * to the University of California by American Telephone and Telegraph
35 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
36 * the permission of UNIX System Laboratories, Inc.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. All advertising materials mentioning features or use of this software
47 * must display the following acknowledgement:
48 * This product includes software developed by the University of
49 * California, Berkeley and its contributors.
50 * 4. Neither the name of the University nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * SUCH DAMAGE.
65 *
66 * @(#)sys_generic.c 8.9 (Berkeley) 2/14/95
67 */
68 /*
69 * NOTICE: This file was modified by SPARTA, Inc. in 2006 to introduce
70 * support for mandatory and extensible security protections. This notice
71 * is included in support of clause 2.2 (b) of the Apple Public License,
72 * Version 2.0.
73 */
74
75 #include <sys/param.h>
76 #include <sys/systm.h>
77 #include <sys/filedesc.h>
78 #include <sys/ioctl.h>
79 #include <sys/file_internal.h>
80 #include <sys/proc_internal.h>
81 #include <sys/socketvar.h>
82 #include <sys/uio_internal.h>
83 #include <sys/kernel.h>
84 #include <sys/guarded.h>
85 #include <sys/stat.h>
86 #include <sys/malloc.h>
87 #include <sys/sysproto.h>
88
89 #include <sys/mount_internal.h>
90 #include <sys/protosw.h>
91 #include <sys/ev.h>
92 #include <sys/user.h>
93 #include <sys/kdebug.h>
94 #include <sys/poll.h>
95 #include <sys/event.h>
96 #include <sys/eventvar.h>
97 #include <sys/proc.h>
98 #include <sys/kauth.h>
99
100 #include <mach/mach_types.h>
101 #include <kern/kern_types.h>
102 #include <kern/assert.h>
103 #include <kern/kalloc.h>
104 #include <kern/thread.h>
105 #include <kern/clock.h>
106 #include <kern/ledger.h>
107 #include <kern/task.h>
108 #include <kern/telemetry.h>
109
110 #include <sys/mbuf.h>
111 #include <sys/domain.h>
112 #include <sys/socket.h>
113 #include <sys/socketvar.h>
114 #include <sys/errno.h>
115 #include <sys/syscall.h>
116 #include <sys/pipe.h>
117
118 #include <security/audit/audit.h>
119
120 #include <net/if.h>
121 #include <net/route.h>
122
123 #include <netinet/in.h>
124 #include <netinet/in_systm.h>
125 #include <netinet/ip.h>
126 #include <netinet/in_pcb.h>
127 #include <netinet/ip_var.h>
128 #include <netinet/ip6.h>
129 #include <netinet/tcp.h>
130 #include <netinet/tcp_fsm.h>
131 #include <netinet/tcp_seq.h>
132 #include <netinet/tcp_timer.h>
133 #include <netinet/tcp_var.h>
134 #include <netinet/tcpip.h>
135 #include <netinet/tcp_debug.h>
136 /* for wait queue based select */
137 #include <kern/wait_queue.h>
138 #include <kern/kalloc.h>
139 #include <sys/vnode_internal.h>
140
141 /* XXX should be in a header file somewhere */
142 void evsofree(struct socket *);
143 void evpipefree(struct pipe *);
144 void postpipeevent(struct pipe *, int);
145 void postevent(struct socket *, struct sockbuf *, int);
146 extern kern_return_t IOBSDGetPlatformUUID(__darwin_uuid_t uuid, mach_timespec_t timeoutp);
147
148 int rd_uio(struct proc *p, int fdes, uio_t uio, user_ssize_t *retval);
149 int wr_uio(struct proc *p, struct fileproc *fp, uio_t uio, user_ssize_t *retval);
150
151 __private_extern__ int dofileread(vfs_context_t ctx, struct fileproc *fp,
152 user_addr_t bufp, user_size_t nbyte,
153 off_t offset, int flags, user_ssize_t *retval);
154 __private_extern__ int dofilewrite(vfs_context_t ctx, struct fileproc *fp,
155 user_addr_t bufp, user_size_t nbyte,
156 off_t offset, int flags, user_ssize_t *retval);
157 __private_extern__ int preparefileread(struct proc *p, struct fileproc **fp_ret, int fd, int check_for_vnode);
158 __private_extern__ void donefileread(struct proc *p, struct fileproc *fp_ret, int fd);
159
160
161 /* Conflict wait queue for when selects collide (opaque type) */
162 struct wait_queue select_conflict_queue;
163
164 /*
165 * Init routine called from bsd_init.c
166 */
167 void select_wait_queue_init(void);
168 void
169 select_wait_queue_init(void)
170 {
171 wait_queue_init(&select_conflict_queue, SYNC_POLICY_FIFO);
172 }
173
174 #define f_flag f_fglob->fg_flag
175 #define f_type f_fglob->fg_ops->fo_type
176 #define f_msgcount f_fglob->fg_msgcount
177 #define f_cred f_fglob->fg_cred
178 #define f_ops f_fglob->fg_ops
179 #define f_offset f_fglob->fg_offset
180 #define f_data f_fglob->fg_data
181
182 /*
183 * Read system call.
184 *
185 * Returns: 0 Success
186 * preparefileread:EBADF
187 * preparefileread:ESPIPE
188 * preparefileread:ENXIO
189 * preparefileread:EBADF
190 * dofileread:???
191 */
192 int
193 read(struct proc *p, struct read_args *uap, user_ssize_t *retval)
194 {
195 __pthread_testcancel(1);
196 return(read_nocancel(p, (struct read_nocancel_args *)uap, retval));
197 }
198
199 int
200 read_nocancel(struct proc *p, struct read_nocancel_args *uap, user_ssize_t *retval)
201 {
202 struct fileproc *fp;
203 int error;
204 int fd = uap->fd;
205 struct vfs_context context;
206
207 if ( (error = preparefileread(p, &fp, fd, 0)) )
208 return (error);
209
210 context = *(vfs_context_current());
211 context.vc_ucred = fp->f_fglob->fg_cred;
212
213 error = dofileread(&context, fp, uap->cbuf, uap->nbyte,
214 (off_t)-1, 0, retval);
215
216 donefileread(p, fp, fd);
217
218 return (error);
219 }
220
221 /*
222 * Pread system call
223 *
224 * Returns: 0 Success
225 * preparefileread:EBADF
226 * preparefileread:ESPIPE
227 * preparefileread:ENXIO
228 * preparefileread:EBADF
229 * dofileread:???
230 */
231 int
232 pread(struct proc *p, struct pread_args *uap, user_ssize_t *retval)
233 {
234 __pthread_testcancel(1);
235 return(pread_nocancel(p, (struct pread_nocancel_args *)uap, retval));
236 }
237
238 int
239 pread_nocancel(struct proc *p, struct pread_nocancel_args *uap, user_ssize_t *retval)
240 {
241 struct fileproc *fp = NULL; /* fp set by preparefileread() */
242 int fd = uap->fd;
243 int error;
244 struct vfs_context context;
245
246 if ( (error = preparefileread(p, &fp, fd, 1)) )
247 goto out;
248
249 context = *(vfs_context_current());
250 context.vc_ucred = fp->f_fglob->fg_cred;
251
252 error = dofileread(&context, fp, uap->buf, uap->nbyte,
253 uap->offset, FOF_OFFSET, retval);
254
255 donefileread(p, fp, fd);
256
257 KERNEL_DEBUG_CONSTANT((BSDDBG_CODE(DBG_BSD_SC_EXTENDED_INFO, SYS_pread) | DBG_FUNC_NONE),
258 uap->fd, uap->nbyte, (unsigned int)((uap->offset >> 32)), (unsigned int)(uap->offset), 0);
259
260 out:
261 return (error);
262 }
263
264 /*
265 * Code common for read and pread
266 */
267
268 void
269 donefileread(struct proc *p, struct fileproc *fp, int fd)
270 {
271 proc_fdlock_spin(p);
272 fp_drop(p, fd, fp, 1);
273 proc_fdunlock(p);
274 }
275
276 /*
277 * Returns: 0 Success
278 * EBADF
279 * ESPIPE
280 * ENXIO
281 * fp_lookup:EBADF
282 * fo_read:???
283 */
284 int
285 preparefileread(struct proc *p, struct fileproc **fp_ret, int fd, int check_for_pread)
286 {
287 vnode_t vp;
288 int error;
289 struct fileproc *fp;
290
291 AUDIT_ARG(fd, fd);
292
293 proc_fdlock_spin(p);
294
295 error = fp_lookup(p, fd, &fp, 1);
296
297 if (error) {
298 proc_fdunlock(p);
299 return (error);
300 }
301 if ((fp->f_flag & FREAD) == 0) {
302 error = EBADF;
303 goto out;
304 }
305 if (check_for_pread && (fp->f_type != DTYPE_VNODE)) {
306 error = ESPIPE;
307 goto out;
308 }
309 if (fp->f_type == DTYPE_VNODE) {
310 vp = (struct vnode *)fp->f_fglob->fg_data;
311
312 if (check_for_pread && (vnode_isfifo(vp))) {
313 error = ESPIPE;
314 goto out;
315 }
316 if (check_for_pread && (vp->v_flag & VISTTY)) {
317 error = ENXIO;
318 goto out;
319 }
320 }
321
322 *fp_ret = fp;
323
324 proc_fdunlock(p);
325 return (0);
326
327 out:
328 fp_drop(p, fd, fp, 1);
329 proc_fdunlock(p);
330 return (error);
331 }
332
333
334 /*
335 * Returns: 0 Success
336 * EINVAL
337 * fo_read:???
338 */
339 __private_extern__ int
340 dofileread(vfs_context_t ctx, struct fileproc *fp,
341 user_addr_t bufp, user_size_t nbyte, off_t offset, int flags,
342 user_ssize_t *retval)
343 {
344 uio_t auio;
345 user_ssize_t bytecnt;
346 long error = 0;
347 char uio_buf[ UIO_SIZEOF(1) ];
348
349 if (nbyte > INT_MAX)
350 return (EINVAL);
351
352 if (IS_64BIT_PROCESS(vfs_context_proc(ctx))) {
353 auio = uio_createwithbuffer(1, offset, UIO_USERSPACE64, UIO_READ,
354 &uio_buf[0], sizeof(uio_buf));
355 } else {
356 auio = uio_createwithbuffer(1, offset, UIO_USERSPACE32, UIO_READ,
357 &uio_buf[0], sizeof(uio_buf));
358 }
359 uio_addiov(auio, bufp, nbyte);
360
361 bytecnt = nbyte;
362
363 if ((error = fo_read(fp, auio, flags, ctx))) {
364 if (uio_resid(auio) != bytecnt && (error == ERESTART ||
365 error == EINTR || error == EWOULDBLOCK))
366 error = 0;
367 }
368 bytecnt -= uio_resid(auio);
369
370 *retval = bytecnt;
371
372 return (error);
373 }
374
375 /*
376 * Scatter read system call.
377 *
378 * Returns: 0 Success
379 * EINVAL
380 * ENOMEM
381 * copyin:EFAULT
382 * rd_uio:???
383 */
384 int
385 readv(struct proc *p, struct readv_args *uap, user_ssize_t *retval)
386 {
387 __pthread_testcancel(1);
388 return(readv_nocancel(p, (struct readv_nocancel_args *)uap, retval));
389 }
390
391 int
392 readv_nocancel(struct proc *p, struct readv_nocancel_args *uap, user_ssize_t *retval)
393 {
394 uio_t auio = NULL;
395 int error;
396 struct user_iovec *iovp;
397
398 /* Verify range bedfore calling uio_create() */
399 if (uap->iovcnt <= 0 || uap->iovcnt > UIO_MAXIOV)
400 return (EINVAL);
401
402 /* allocate a uio large enough to hold the number of iovecs passed */
403 auio = uio_create(uap->iovcnt, 0,
404 (IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32),
405 UIO_READ);
406
407 /* get location of iovecs within the uio. then copyin the iovecs from
408 * user space.
409 */
410 iovp = uio_iovsaddr(auio);
411 if (iovp == NULL) {
412 error = ENOMEM;
413 goto ExitThisRoutine;
414 }
415 error = copyin_user_iovec_array(uap->iovp,
416 IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32,
417 uap->iovcnt, iovp);
418 if (error) {
419 goto ExitThisRoutine;
420 }
421
422 /* finalize uio_t for use and do the IO
423 */
424 error = uio_calculateresid(auio);
425 if (error) {
426 goto ExitThisRoutine;
427 }
428 error = rd_uio(p, uap->fd, auio, retval);
429
430 ExitThisRoutine:
431 if (auio != NULL) {
432 uio_free(auio);
433 }
434 return (error);
435 }
436
437 /*
438 * Write system call
439 *
440 * Returns: 0 Success
441 * EBADF
442 * fp_lookup:EBADF
443 * dofilewrite:???
444 */
445 int
446 write(struct proc *p, struct write_args *uap, user_ssize_t *retval)
447 {
448 __pthread_testcancel(1);
449 return(write_nocancel(p, (struct write_nocancel_args *)uap, retval));
450
451 }
452
453 int
454 write_nocancel(struct proc *p, struct write_nocancel_args *uap, user_ssize_t *retval)
455 {
456 struct fileproc *fp;
457 int error;
458 int fd = uap->fd;
459 bool wrote_some = false;
460
461 AUDIT_ARG(fd, fd);
462
463 error = fp_lookup(p,fd,&fp,0);
464 if (error)
465 return(error);
466 if ((fp->f_flag & FWRITE) == 0) {
467 error = EBADF;
468 } else if (FP_ISGUARDED(fp, GUARD_WRITE)) {
469 proc_fdlock(p);
470 error = fp_guard_exception(p, fd, fp, kGUARD_EXC_WRITE);
471 proc_fdunlock(p);
472 } else {
473 struct vfs_context context = *(vfs_context_current());
474 context.vc_ucred = fp->f_fglob->fg_cred;
475
476 error = dofilewrite(&context, fp, uap->cbuf, uap->nbyte,
477 (off_t)-1, 0, retval);
478
479 wrote_some = *retval > 0;
480 }
481 if (wrote_some)
482 fp_drop_written(p, fd, fp);
483 else
484 fp_drop(p, fd, fp, 0);
485 return(error);
486 }
487
488 /*
489 * pwrite system call
490 *
491 * Returns: 0 Success
492 * EBADF
493 * ESPIPE
494 * ENXIO
495 * EINVAL
496 * fp_lookup:EBADF
497 * dofilewrite:???
498 */
499 int
500 pwrite(struct proc *p, struct pwrite_args *uap, user_ssize_t *retval)
501 {
502 __pthread_testcancel(1);
503 return(pwrite_nocancel(p, (struct pwrite_nocancel_args *)uap, retval));
504 }
505
506 int
507 pwrite_nocancel(struct proc *p, struct pwrite_nocancel_args *uap, user_ssize_t *retval)
508 {
509 struct fileproc *fp;
510 int error;
511 int fd = uap->fd;
512 vnode_t vp = (vnode_t)0;
513 bool wrote_some = false;
514
515 AUDIT_ARG(fd, fd);
516
517 error = fp_lookup(p,fd,&fp,0);
518 if (error)
519 return(error);
520
521 if ((fp->f_flag & FWRITE) == 0) {
522 error = EBADF;
523 } else if (FP_ISGUARDED(fp, GUARD_WRITE)) {
524 proc_fdlock(p);
525 error = fp_guard_exception(p, fd, fp, kGUARD_EXC_WRITE);
526 proc_fdunlock(p);
527 } else {
528 struct vfs_context context = *vfs_context_current();
529 context.vc_ucred = fp->f_fglob->fg_cred;
530
531 if (fp->f_type != DTYPE_VNODE) {
532 error = ESPIPE;
533 goto errout;
534 }
535 vp = (vnode_t)fp->f_fglob->fg_data;
536 if (vnode_isfifo(vp)) {
537 error = ESPIPE;
538 goto errout;
539 }
540 if ((vp->v_flag & VISTTY)) {
541 error = ENXIO;
542 goto errout;
543 }
544 if (uap->offset == (off_t)-1) {
545 error = EINVAL;
546 goto errout;
547 }
548
549 error = dofilewrite(&context, fp, uap->buf, uap->nbyte,
550 uap->offset, FOF_OFFSET, retval);
551 wrote_some = *retval > 0;
552 }
553 errout:
554 if (wrote_some)
555 fp_drop_written(p, fd, fp);
556 else
557 fp_drop(p, fd, fp, 0);
558
559 KERNEL_DEBUG_CONSTANT((BSDDBG_CODE(DBG_BSD_SC_EXTENDED_INFO, SYS_pwrite) | DBG_FUNC_NONE),
560 uap->fd, uap->nbyte, (unsigned int)((uap->offset >> 32)), (unsigned int)(uap->offset), 0);
561
562 return(error);
563 }
564
565 /*
566 * Returns: 0 Success
567 * EINVAL
568 * <fo_write>:EPIPE
569 * <fo_write>:??? [indirect through struct fileops]
570 */
571 __private_extern__ int
572 dofilewrite(vfs_context_t ctx, struct fileproc *fp,
573 user_addr_t bufp, user_size_t nbyte, off_t offset, int flags,
574 user_ssize_t *retval)
575 {
576 uio_t auio;
577 long error = 0;
578 user_ssize_t bytecnt;
579 char uio_buf[ UIO_SIZEOF(1) ];
580
581 if (nbyte > INT_MAX) {
582 *retval = 0;
583 return (EINVAL);
584 }
585
586 if (IS_64BIT_PROCESS(vfs_context_proc(ctx))) {
587 auio = uio_createwithbuffer(1, offset, UIO_USERSPACE64, UIO_WRITE,
588 &uio_buf[0], sizeof(uio_buf));
589 } else {
590 auio = uio_createwithbuffer(1, offset, UIO_USERSPACE32, UIO_WRITE,
591 &uio_buf[0], sizeof(uio_buf));
592 }
593 uio_addiov(auio, bufp, nbyte);
594
595 bytecnt = nbyte;
596 if ((error = fo_write(fp, auio, flags, ctx))) {
597 if (uio_resid(auio) != bytecnt && (error == ERESTART ||
598 error == EINTR || error == EWOULDBLOCK))
599 error = 0;
600 /* The socket layer handles SIGPIPE */
601 if (error == EPIPE && fp->f_type != DTYPE_SOCKET &&
602 (fp->f_fglob->fg_lflags & FG_NOSIGPIPE) == 0) {
603 /* XXX Raise the signal on the thread? */
604 psignal(vfs_context_proc(ctx), SIGPIPE);
605 }
606 }
607 bytecnt -= uio_resid(auio);
608 *retval = bytecnt;
609
610 return (error);
611 }
612
613 /*
614 * Gather write system call
615 */
616 int
617 writev(struct proc *p, struct writev_args *uap, user_ssize_t *retval)
618 {
619 __pthread_testcancel(1);
620 return(writev_nocancel(p, (struct writev_nocancel_args *)uap, retval));
621 }
622
623 int
624 writev_nocancel(struct proc *p, struct writev_nocancel_args *uap, user_ssize_t *retval)
625 {
626 uio_t auio = NULL;
627 int error;
628 struct fileproc *fp;
629 struct user_iovec *iovp;
630 bool wrote_some = false;
631
632 AUDIT_ARG(fd, uap->fd);
633
634 /* Verify range bedfore calling uio_create() */
635 if (uap->iovcnt <= 0 || uap->iovcnt > UIO_MAXIOV)
636 return (EINVAL);
637
638 /* allocate a uio large enough to hold the number of iovecs passed */
639 auio = uio_create(uap->iovcnt, 0,
640 (IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32),
641 UIO_WRITE);
642
643 /* get location of iovecs within the uio. then copyin the iovecs from
644 * user space.
645 */
646 iovp = uio_iovsaddr(auio);
647 if (iovp == NULL) {
648 error = ENOMEM;
649 goto ExitThisRoutine;
650 }
651 error = copyin_user_iovec_array(uap->iovp,
652 IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32,
653 uap->iovcnt, iovp);
654 if (error) {
655 goto ExitThisRoutine;
656 }
657
658 /* finalize uio_t for use and do the IO
659 */
660 error = uio_calculateresid(auio);
661 if (error) {
662 goto ExitThisRoutine;
663 }
664
665 error = fp_lookup(p, uap->fd, &fp, 0);
666 if (error)
667 goto ExitThisRoutine;
668
669 if ((fp->f_flag & FWRITE) == 0) {
670 error = EBADF;
671 } else if (FP_ISGUARDED(fp, GUARD_WRITE)) {
672 proc_fdlock(p);
673 error = fp_guard_exception(p, uap->fd, fp, kGUARD_EXC_WRITE);
674 proc_fdunlock(p);
675 } else {
676 error = wr_uio(p, fp, auio, retval);
677 wrote_some = *retval > 0;
678 }
679
680 if (wrote_some)
681 fp_drop_written(p, uap->fd, fp);
682 else
683 fp_drop(p, uap->fd, fp, 0);
684
685 ExitThisRoutine:
686 if (auio != NULL) {
687 uio_free(auio);
688 }
689 return (error);
690 }
691
692
693 int
694 wr_uio(struct proc *p, struct fileproc *fp, uio_t uio, user_ssize_t *retval)
695 {
696 int error;
697 user_ssize_t count;
698 struct vfs_context context = *vfs_context_current();
699
700 count = uio_resid(uio);
701
702 context.vc_ucred = fp->f_cred;
703 error = fo_write(fp, uio, 0, &context);
704 if (error) {
705 if (uio_resid(uio) != count && (error == ERESTART ||
706 error == EINTR || error == EWOULDBLOCK))
707 error = 0;
708 /* The socket layer handles SIGPIPE */
709 if (error == EPIPE && fp->f_type != DTYPE_SOCKET &&
710 (fp->f_fglob->fg_lflags & FG_NOSIGPIPE) == 0)
711 psignal(p, SIGPIPE);
712 }
713 *retval = count - uio_resid(uio);
714
715 return(error);
716 }
717
718
719 int
720 rd_uio(struct proc *p, int fdes, uio_t uio, user_ssize_t *retval)
721 {
722 struct fileproc *fp;
723 int error;
724 user_ssize_t count;
725 struct vfs_context context = *vfs_context_current();
726
727 if ( (error = preparefileread(p, &fp, fdes, 0)) )
728 return (error);
729
730 count = uio_resid(uio);
731
732 context.vc_ucred = fp->f_cred;
733
734 error = fo_read(fp, uio, 0, &context);
735
736 if (error) {
737 if (uio_resid(uio) != count && (error == ERESTART ||
738 error == EINTR || error == EWOULDBLOCK))
739 error = 0;
740 }
741 *retval = count - uio_resid(uio);
742
743 donefileread(p, fp, fdes);
744
745 return (error);
746 }
747
748 /*
749 * Ioctl system call
750 *
751 * Returns: 0 Success
752 * EBADF
753 * ENOTTY
754 * ENOMEM
755 * ESRCH
756 * copyin:EFAULT
757 * copyoutEFAULT
758 * fp_lookup:EBADF Bad file descriptor
759 * fo_ioctl:???
760 */
761 int
762 ioctl(struct proc *p, struct ioctl_args *uap, __unused int32_t *retval)
763 {
764 struct fileproc *fp = NULL;
765 int error = 0;
766 u_int size = 0;
767 caddr_t datap = NULL, memp = NULL;
768 boolean_t is64bit = FALSE;
769 int tmp = 0;
770 #define STK_PARAMS 128
771 char stkbuf[STK_PARAMS];
772 int fd = uap->fd;
773 u_long com = uap->com;
774 struct vfs_context context = *vfs_context_current();
775
776 AUDIT_ARG(fd, uap->fd);
777 AUDIT_ARG(addr, uap->data);
778
779 is64bit = proc_is64bit(p);
780 #if CONFIG_AUDIT
781 if (is64bit)
782 AUDIT_ARG(value64, com);
783 else
784 AUDIT_ARG(cmd, CAST_DOWN_EXPLICIT(int, com));
785 #endif /* CONFIG_AUDIT */
786
787 /*
788 * Interpret high order word to find amount of data to be
789 * copied to/from the user's address space.
790 */
791 size = IOCPARM_LEN(com);
792 if (size > IOCPARM_MAX)
793 return ENOTTY;
794 if (size > sizeof (stkbuf)) {
795 if ((memp = (caddr_t)kalloc(size)) == 0)
796 return ENOMEM;
797 datap = memp;
798 } else
799 datap = &stkbuf[0];
800 if (com & IOC_IN) {
801 if (size) {
802 error = copyin(uap->data, datap, size);
803 if (error)
804 goto out_nofp;
805 } else {
806 /* XXX - IOC_IN and no size? we should proably return an error here!! */
807 if (is64bit) {
808 *(user_addr_t *)datap = uap->data;
809 }
810 else {
811 *(uint32_t *)datap = (uint32_t)uap->data;
812 }
813 }
814 } else if ((com & IOC_OUT) && size)
815 /*
816 * Zero the buffer so the user always
817 * gets back something deterministic.
818 */
819 bzero(datap, size);
820 else if (com & IOC_VOID) {
821 /* XXX - this is odd since IOC_VOID means no parameters */
822 if (is64bit) {
823 *(user_addr_t *)datap = uap->data;
824 }
825 else {
826 *(uint32_t *)datap = (uint32_t)uap->data;
827 }
828 }
829
830 proc_fdlock(p);
831 error = fp_lookup(p,fd,&fp,1);
832 if (error) {
833 proc_fdunlock(p);
834 goto out_nofp;
835 }
836
837 AUDIT_ARG(file, p, fp);
838
839 if ((fp->f_flag & (FREAD | FWRITE)) == 0) {
840 error = EBADF;
841 goto out;
842 }
843
844 context.vc_ucred = fp->f_fglob->fg_cred;
845
846 #if CONFIG_MACF
847 error = mac_file_check_ioctl(context.vc_ucred, fp->f_fglob, com);
848 if (error)
849 goto out;
850 #endif
851
852 switch (com) {
853 case FIONCLEX:
854 *fdflags(p, fd) &= ~UF_EXCLOSE;
855 break;
856
857 case FIOCLEX:
858 *fdflags(p, fd) |= UF_EXCLOSE;
859 break;
860
861 case FIONBIO:
862 if ( (tmp = *(int *)datap) )
863 fp->f_flag |= FNONBLOCK;
864 else
865 fp->f_flag &= ~FNONBLOCK;
866 error = fo_ioctl(fp, FIONBIO, (caddr_t)&tmp, &context);
867 break;
868
869 case FIOASYNC:
870 if ( (tmp = *(int *)datap) )
871 fp->f_flag |= FASYNC;
872 else
873 fp->f_flag &= ~FASYNC;
874 error = fo_ioctl(fp, FIOASYNC, (caddr_t)&tmp, &context);
875 break;
876
877 case FIOSETOWN:
878 tmp = *(int *)datap;
879 if (fp->f_type == DTYPE_SOCKET) {
880 ((struct socket *)fp->f_data)->so_pgid = tmp;
881 break;
882 }
883 if (fp->f_type == DTYPE_PIPE) {
884 error = fo_ioctl(fp, (int)TIOCSPGRP, (caddr_t)&tmp, &context);
885 break;
886 }
887 if (tmp <= 0) {
888 tmp = -tmp;
889 } else {
890 struct proc *p1 = proc_find(tmp);
891 if (p1 == 0) {
892 error = ESRCH;
893 break;
894 }
895 tmp = p1->p_pgrpid;
896 proc_rele(p1);
897 }
898 error = fo_ioctl(fp, (int)TIOCSPGRP, (caddr_t)&tmp, &context);
899 break;
900
901 case FIOGETOWN:
902 if (fp->f_type == DTYPE_SOCKET) {
903 *(int *)datap = ((struct socket *)fp->f_data)->so_pgid;
904 break;
905 }
906 error = fo_ioctl(fp, TIOCGPGRP, datap, &context);
907 *(int *)datap = -*(int *)datap;
908 break;
909
910 default:
911 error = fo_ioctl(fp, com, datap, &context);
912 /*
913 * Copy any data to user, size was
914 * already set and checked above.
915 */
916 if (error == 0 && (com & IOC_OUT) && size)
917 error = copyout(datap, uap->data, (u_int)size);
918 break;
919 }
920 out:
921 fp_drop(p, fd, fp, 1);
922 proc_fdunlock(p);
923
924 out_nofp:
925 if (memp)
926 kfree(memp, size);
927 return(error);
928 }
929
930 int selwait, nselcoll;
931 #define SEL_FIRSTPASS 1
932 #define SEL_SECONDPASS 2
933 extern int selcontinue(int error);
934 extern int selprocess(int error, int sel_pass);
935 static int selscan(struct proc *p, struct _select * sel, struct _select_data * seldata,
936 int nfd, int32_t *retval, int sel_pass, wait_queue_sub_t wqsub);
937 static int selcount(struct proc *p, u_int32_t *ibits, int nfd, int *count);
938 static int seldrop_locked(struct proc *p, u_int32_t *ibits, int nfd, int lim, int *need_wakeup, int fromselcount);
939 static int seldrop(struct proc *p, u_int32_t *ibits, int nfd);
940
941 /*
942 * Select system call.
943 *
944 * Returns: 0 Success
945 * EINVAL Invalid argument
946 * EAGAIN Nonconformant error if allocation fails
947 * selprocess:???
948 */
949 int
950 select(struct proc *p, struct select_args *uap, int32_t *retval)
951 {
952 __pthread_testcancel(1);
953 return(select_nocancel(p, (struct select_nocancel_args *)uap, retval));
954 }
955
956 int
957 select_nocancel(struct proc *p, struct select_nocancel_args *uap, int32_t *retval)
958 {
959 int error = 0;
960 u_int ni, nw, size;
961 thread_t th_act;
962 struct uthread *uth;
963 struct _select *sel;
964 struct _select_data *seldata;
965 int needzerofill = 1;
966 int count = 0;
967
968 th_act = current_thread();
969 uth = get_bsdthread_info(th_act);
970 sel = &uth->uu_select;
971 seldata = &uth->uu_kevent.ss_select_data;
972 *retval = 0;
973
974 seldata->args = uap;
975 seldata->retval = retval;
976
977 if (uap->nd < 0) {
978 return (EINVAL);
979 }
980
981 /* select on thread of process that already called proc_exit() */
982 if (p->p_fd == NULL) {
983 return (EBADF);
984 }
985
986 if (uap->nd > p->p_fd->fd_nfiles)
987 uap->nd = p->p_fd->fd_nfiles; /* forgiving; slightly wrong */
988
989 nw = howmany(uap->nd, NFDBITS);
990 ni = nw * sizeof(fd_mask);
991
992 /*
993 * if the previously allocated space for the bits is smaller than
994 * what is requested or no space has yet been allocated for this
995 * thread, allocate enough space now.
996 *
997 * Note: If this process fails, select() will return EAGAIN; this
998 * is the same thing pool() returns in a no-memory situation, but
999 * it is not a POSIX compliant error code for select().
1000 */
1001 if (sel->nbytes < (3 * ni)) {
1002 int nbytes = 3 * ni;
1003
1004 /* Free previous allocation, if any */
1005 if (sel->ibits != NULL)
1006 FREE(sel->ibits, M_TEMP);
1007 if (sel->obits != NULL) {
1008 FREE(sel->obits, M_TEMP);
1009 /* NULL out; subsequent ibits allocation may fail */
1010 sel->obits = NULL;
1011 }
1012
1013 MALLOC(sel->ibits, u_int32_t *, nbytes, M_TEMP, M_WAITOK | M_ZERO);
1014 if (sel->ibits == NULL)
1015 return (EAGAIN);
1016 MALLOC(sel->obits, u_int32_t *, nbytes, M_TEMP, M_WAITOK | M_ZERO);
1017 if (sel->obits == NULL) {
1018 FREE(sel->ibits, M_TEMP);
1019 sel->ibits = NULL;
1020 return (EAGAIN);
1021 }
1022 sel->nbytes = nbytes;
1023 needzerofill = 0;
1024 }
1025
1026 if (needzerofill) {
1027 bzero((caddr_t)sel->ibits, sel->nbytes);
1028 bzero((caddr_t)sel->obits, sel->nbytes);
1029 }
1030
1031 /*
1032 * get the bits from the user address space
1033 */
1034 #define getbits(name, x) \
1035 do { \
1036 if (uap->name && (error = copyin(uap->name, \
1037 (caddr_t)&sel->ibits[(x) * nw], ni))) \
1038 goto continuation; \
1039 } while (0)
1040
1041 getbits(in, 0);
1042 getbits(ou, 1);
1043 getbits(ex, 2);
1044 #undef getbits
1045
1046 if (uap->tv) {
1047 struct timeval atv;
1048 if (IS_64BIT_PROCESS(p)) {
1049 struct user64_timeval atv64;
1050 error = copyin(uap->tv, (caddr_t)&atv64, sizeof(atv64));
1051 /* Loses resolution - assume timeout < 68 years */
1052 atv.tv_sec = atv64.tv_sec;
1053 atv.tv_usec = atv64.tv_usec;
1054 } else {
1055 struct user32_timeval atv32;
1056 error = copyin(uap->tv, (caddr_t)&atv32, sizeof(atv32));
1057 atv.tv_sec = atv32.tv_sec;
1058 atv.tv_usec = atv32.tv_usec;
1059 }
1060 if (error)
1061 goto continuation;
1062 if (itimerfix(&atv)) {
1063 error = EINVAL;
1064 goto continuation;
1065 }
1066
1067 clock_absolutetime_interval_to_deadline(
1068 tvtoabstime(&atv), &seldata->abstime);
1069 }
1070 else
1071 seldata->abstime = 0;
1072
1073 if ( (error = selcount(p, sel->ibits, uap->nd, &count)) ) {
1074 goto continuation;
1075 }
1076
1077 seldata->count = count;
1078 size = SIZEOF_WAITQUEUE_SET + (count * SIZEOF_WAITQUEUE_LINK);
1079 if (uth->uu_allocsize) {
1080 if (uth->uu_wqset == 0)
1081 panic("select: wql memory smashed");
1082 /* needed for the select now */
1083 if (size > uth->uu_allocsize) {
1084 kfree(uth->uu_wqset, uth->uu_allocsize);
1085 uth->uu_allocsize = size;
1086 uth->uu_wqset = (wait_queue_set_t)kalloc(size);
1087 if (uth->uu_wqset == (wait_queue_set_t)NULL)
1088 panic("failed to allocate memory for waitqueue\n");
1089 }
1090 } else {
1091 uth->uu_allocsize = size;
1092 uth->uu_wqset = (wait_queue_set_t)kalloc(uth->uu_allocsize);
1093 if (uth->uu_wqset == (wait_queue_set_t)NULL)
1094 panic("failed to allocate memory for waitqueue\n");
1095 }
1096 bzero(uth->uu_wqset, size);
1097 seldata->wql = (char *)uth->uu_wqset + SIZEOF_WAITQUEUE_SET;
1098 wait_queue_set_init(uth->uu_wqset, (SYNC_POLICY_FIFO | SYNC_POLICY_PREPOST));
1099
1100 continuation:
1101
1102 if (error) {
1103 /*
1104 * We have already cleaned up any state we established,
1105 * either locally or as a result of selcount(). We don't
1106 * need to wait_subqueue_unlink_all(), since we haven't set
1107 * anything at this point.
1108 */
1109 return (error);
1110 }
1111
1112 return selprocess(0, SEL_FIRSTPASS);
1113 }
1114
1115 int
1116 selcontinue(int error)
1117 {
1118 return selprocess(error, SEL_SECONDPASS);
1119 }
1120
1121
1122 /*
1123 * selprocess
1124 *
1125 * Parameters: error The error code from our caller
1126 * sel_pass The pass we are on
1127 */
1128 int
1129 selprocess(int error, int sel_pass)
1130 {
1131 int ncoll;
1132 u_int ni, nw;
1133 thread_t th_act;
1134 struct uthread *uth;
1135 struct proc *p;
1136 struct select_nocancel_args *uap;
1137 int *retval;
1138 struct _select *sel;
1139 struct _select_data *seldata;
1140 int unwind = 1;
1141 int prepost = 0;
1142 int somewakeup = 0;
1143 int doretry = 0;
1144 wait_result_t wait_result;
1145
1146 p = current_proc();
1147 th_act = current_thread();
1148 uth = get_bsdthread_info(th_act);
1149 sel = &uth->uu_select;
1150 seldata = &uth->uu_kevent.ss_select_data;
1151 uap = seldata->args;
1152 retval = seldata->retval;
1153
1154 if ((error != 0) && (sel_pass == SEL_FIRSTPASS))
1155 unwind = 0;
1156 if (seldata->count == 0)
1157 unwind = 0;
1158 retry:
1159 if (error != 0) {
1160 sel_pass = SEL_FIRSTPASS; /* Reset for seldrop */
1161 goto done;
1162 }
1163
1164 ncoll = nselcoll;
1165 OSBitOrAtomic(P_SELECT, &p->p_flag);
1166 /* skip scans if the select is just for timeouts */
1167 if (seldata->count) {
1168 /*
1169 * Clear out any dangling refs from prior calls; technically
1170 * there should not be any.
1171 */
1172 if (sel_pass == SEL_FIRSTPASS)
1173 wait_queue_sub_clearrefs(uth->uu_wqset);
1174
1175 error = selscan(p, sel, seldata, uap->nd, retval, sel_pass, (wait_queue_sub_t)uth->uu_wqset);
1176 if (error || *retval) {
1177 goto done;
1178 }
1179 if (prepost) {
1180 /* if the select of log, then we canwakeup and discover some one
1181 * else already read the data; go toselct again if time permits
1182 */
1183 prepost = 0;
1184 doretry = 1;
1185 }
1186 if (somewakeup) {
1187 somewakeup = 0;
1188 doretry = 1;
1189 }
1190 }
1191
1192 if (uap->tv) {
1193 uint64_t now;
1194
1195 clock_get_uptime(&now);
1196 if (now >= seldata->abstime)
1197 goto done;
1198 }
1199
1200 if (doretry) {
1201 /* cleanup obits and try again */
1202 doretry = 0;
1203 sel_pass = SEL_FIRSTPASS;
1204 goto retry;
1205 }
1206
1207 /*
1208 * To effect a poll, the timeout argument should be
1209 * non-nil, pointing to a zero-valued timeval structure.
1210 */
1211 if (uap->tv && seldata->abstime == 0) {
1212 goto done;
1213 }
1214
1215 /* No spurious wakeups due to colls,no need to check for them */
1216 if ((sel_pass == SEL_SECONDPASS) || ((p->p_flag & P_SELECT) == 0)) {
1217 sel_pass = SEL_FIRSTPASS;
1218 goto retry;
1219 }
1220
1221 OSBitAndAtomic(~((uint32_t)P_SELECT), &p->p_flag);
1222
1223 /* if the select is just for timeout skip check */
1224 if (seldata->count &&(sel_pass == SEL_SECONDPASS))
1225 panic("selprocess: 2nd pass assertwaiting");
1226
1227 /* Wait Queue Subordinate has waitqueue as first element */
1228 wait_result = wait_queue_assert_wait_with_leeway((wait_queue_t)uth->uu_wqset,
1229 NULL, THREAD_ABORTSAFE,
1230 TIMEOUT_URGENCY_USER_NORMAL, seldata->abstime, 0);
1231 if (wait_result != THREAD_AWAKENED) {
1232 /* there are no preposted events */
1233 error = tsleep1(NULL, PSOCK | PCATCH,
1234 "select", 0, selcontinue);
1235 } else {
1236 prepost = 1;
1237 error = 0;
1238 }
1239
1240 if (error == 0) {
1241 sel_pass = SEL_SECONDPASS;
1242 if (!prepost)
1243 somewakeup = 1;
1244 goto retry;
1245 }
1246 done:
1247 if (unwind) {
1248 wait_subqueue_unlink_all(uth->uu_wqset);
1249 seldrop(p, sel->ibits, uap->nd);
1250 }
1251 OSBitAndAtomic(~((uint32_t)P_SELECT), &p->p_flag);
1252 /* select is not restarted after signals... */
1253 if (error == ERESTART)
1254 error = EINTR;
1255 if (error == EWOULDBLOCK)
1256 error = 0;
1257 nw = howmany(uap->nd, NFDBITS);
1258 ni = nw * sizeof(fd_mask);
1259
1260 #define putbits(name, x) \
1261 do { \
1262 if (uap->name && (error2 = \
1263 copyout((caddr_t)&sel->obits[(x) * nw], uap->name, ni))) \
1264 error = error2; \
1265 } while (0)
1266
1267 if (error == 0) {
1268 int error2;
1269
1270 putbits(in, 0);
1271 putbits(ou, 1);
1272 putbits(ex, 2);
1273 #undef putbits
1274 }
1275 return(error);
1276 }
1277
1278
1279 /*
1280 * selscan
1281 *
1282 * Parameters: p Process performing the select
1283 * sel The per-thread select context structure
1284 * nfd The number of file descriptors to scan
1285 * retval The per thread system call return area
1286 * sel_pass Which pass this is; allowed values are
1287 * SEL_FIRSTPASS and SEL_SECONDPASS
1288 * wqsub The per thread wait queue set
1289 *
1290 * Returns: 0 Success
1291 * EIO Invalid p->p_fd field XXX Obsolete?
1292 * EBADF One of the files in the bit vector is
1293 * invalid.
1294 */
1295 static int
1296 selscan(struct proc *p, struct _select *sel, struct _select_data * seldata, int nfd, int32_t *retval,
1297 int sel_pass, wait_queue_sub_t wqsub)
1298 {
1299 struct filedesc *fdp = p->p_fd;
1300 int msk, i, j, fd;
1301 u_int32_t bits;
1302 struct fileproc *fp;
1303 int n = 0; /* count of bits */
1304 int nc = 0; /* bit vector offset (nc'th bit) */
1305 static int flag[3] = { FREAD, FWRITE, 0 };
1306 u_int32_t *iptr, *optr;
1307 u_int nw;
1308 u_int32_t *ibits, *obits;
1309 char * wql;
1310 char * wql_ptr;
1311 int count;
1312 struct vfs_context context = *vfs_context_current();
1313
1314 /*
1315 * Problems when reboot; due to MacOSX signal probs
1316 * in Beaker1C ; verify that the p->p_fd is valid
1317 */
1318 if (fdp == NULL) {
1319 *retval=0;
1320 return(EIO);
1321 }
1322 ibits = sel->ibits;
1323 obits = sel->obits;
1324 wql = seldata->wql;
1325
1326 nw = howmany(nfd, NFDBITS);
1327
1328 count = seldata->count;
1329
1330 nc = 0;
1331 if (count) {
1332 proc_fdlock(p);
1333 for (msk = 0; msk < 3; msk++) {
1334 iptr = (u_int32_t *)&ibits[msk * nw];
1335 optr = (u_int32_t *)&obits[msk * nw];
1336
1337 for (i = 0; i < nfd; i += NFDBITS) {
1338 bits = iptr[i/NFDBITS];
1339
1340 while ((j = ffs(bits)) && (fd = i + --j) < nfd) {
1341 bits &= ~(1 << j);
1342
1343 if (fd < fdp->fd_nfiles)
1344 fp = fdp->fd_ofiles[fd];
1345 else
1346 fp = NULL;
1347
1348 if (fp == NULL || (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
1349 /*
1350 * If we abort because of a bad
1351 * fd, let the caller unwind...
1352 */
1353 proc_fdunlock(p);
1354 return(EBADF);
1355 }
1356 if (sel_pass == SEL_SECONDPASS) {
1357 wql_ptr = (char *)0;
1358 if ((fp->f_flags & FP_INSELECT) && (fp->f_waddr == (void *)wqsub)) {
1359 fp->f_flags &= ~FP_INSELECT;
1360 fp->f_waddr = (void *)0;
1361 }
1362 } else {
1363 wql_ptr = (wql + nc * SIZEOF_WAITQUEUE_LINK);
1364 if (fp->f_flags & FP_INSELECT) {
1365 /* someone is already in select on this fp */
1366 fp->f_flags |= FP_SELCONFLICT;
1367 wait_queue_link(&select_conflict_queue, (wait_queue_set_t)wqsub);
1368 } else {
1369 fp->f_flags |= FP_INSELECT;
1370 fp->f_waddr = (void *)wqsub;
1371 }
1372 }
1373
1374 context.vc_ucred = fp->f_cred;
1375
1376 /* The select; set the bit, if true */
1377 if (fp->f_ops && fp->f_type
1378 && fo_select(fp, flag[msk], wql_ptr, &context)) {
1379 optr[fd/NFDBITS] |= (1 << (fd % NFDBITS));
1380 n++;
1381 }
1382 nc++;
1383 }
1384 }
1385 }
1386 proc_fdunlock(p);
1387 }
1388 *retval = n;
1389 return (0);
1390 }
1391
1392 int poll_callback(struct kqueue *, struct kevent64_s *, void *);
1393
1394 struct poll_continue_args {
1395 user_addr_t pca_fds;
1396 u_int pca_nfds;
1397 u_int pca_rfds;
1398 };
1399
1400 int
1401 poll(struct proc *p, struct poll_args *uap, int32_t *retval)
1402 {
1403 __pthread_testcancel(1);
1404 return(poll_nocancel(p, (struct poll_nocancel_args *)uap, retval));
1405 }
1406
1407
1408 int
1409 poll_nocancel(struct proc *p, struct poll_nocancel_args *uap, int32_t *retval)
1410 {
1411 struct poll_continue_args *cont;
1412 struct pollfd *fds;
1413 struct kqueue *kq;
1414 struct timeval atv;
1415 int ncoll, error = 0;
1416 u_int nfds = uap->nfds;
1417 u_int rfds = 0;
1418 u_int i;
1419 size_t ni;
1420
1421 /*
1422 * This is kinda bogus. We have fd limits, but that is not
1423 * really related to the size of the pollfd array. Make sure
1424 * we let the process use at least FD_SETSIZE entries and at
1425 * least enough for the current limits. We want to be reasonably
1426 * safe, but not overly restrictive.
1427 */
1428 if (nfds > OPEN_MAX ||
1429 (nfds > p->p_rlimit[RLIMIT_NOFILE].rlim_cur && (proc_suser(p) || nfds > FD_SETSIZE)))
1430 return (EINVAL);
1431
1432 kq = kqueue_alloc(p);
1433 if (kq == NULL)
1434 return (EAGAIN);
1435
1436 ni = nfds * sizeof(struct pollfd) + sizeof(struct poll_continue_args);
1437 MALLOC(cont, struct poll_continue_args *, ni, M_TEMP, M_WAITOK);
1438 if (NULL == cont) {
1439 error = EAGAIN;
1440 goto out;
1441 }
1442
1443 fds = (struct pollfd *)&cont[1];
1444 error = copyin(uap->fds, fds, nfds * sizeof(struct pollfd));
1445 if (error)
1446 goto out;
1447
1448 if (uap->timeout != -1) {
1449 struct timeval rtv;
1450
1451 atv.tv_sec = uap->timeout / 1000;
1452 atv.tv_usec = (uap->timeout % 1000) * 1000;
1453 if (itimerfix(&atv)) {
1454 error = EINVAL;
1455 goto out;
1456 }
1457 getmicrouptime(&rtv);
1458 timevaladd(&atv, &rtv);
1459 } else {
1460 atv.tv_sec = 0;
1461 atv.tv_usec = 0;
1462 }
1463
1464 /* JMM - all this P_SELECT stuff is bogus */
1465 ncoll = nselcoll;
1466 OSBitOrAtomic(P_SELECT, &p->p_flag);
1467 for (i = 0; i < nfds; i++) {
1468 short events = fds[i].events;
1469 struct kevent64_s kev;
1470 int kerror = 0;
1471
1472 /* per spec, ignore fd values below zero */
1473 if (fds[i].fd < 0) {
1474 fds[i].revents = 0;
1475 continue;
1476 }
1477
1478 /* convert the poll event into a kqueue kevent */
1479 kev.ident = fds[i].fd;
1480 kev.flags = EV_ADD | EV_ONESHOT | EV_POLL;
1481 kev.udata = CAST_USER_ADDR_T(&fds[i]);
1482 kev.fflags = 0;
1483 kev.data = 0;
1484 kev.ext[0] = 0;
1485 kev.ext[1] = 0;
1486
1487 /* Handle input events */
1488 if (events & ( POLLIN | POLLRDNORM | POLLPRI | POLLRDBAND | POLLHUP )) {
1489 kev.filter = EVFILT_READ;
1490 if (!(events & ( POLLIN | POLLRDNORM )))
1491 kev.flags |= EV_OOBAND;
1492 kerror = kevent_register(kq, &kev, p);
1493 }
1494
1495 /* Handle output events */
1496 if (kerror == 0 &&
1497 events & ( POLLOUT | POLLWRNORM | POLLWRBAND )) {
1498 kev.filter = EVFILT_WRITE;
1499 kerror = kevent_register(kq, &kev, p);
1500 }
1501
1502 /* Handle BSD extension vnode events */
1503 if (kerror == 0 &&
1504 events & ( POLLEXTEND | POLLATTRIB | POLLNLINK | POLLWRITE )) {
1505 kev.filter = EVFILT_VNODE;
1506 kev.fflags = 0;
1507 if (events & POLLEXTEND)
1508 kev.fflags |= NOTE_EXTEND;
1509 if (events & POLLATTRIB)
1510 kev.fflags |= NOTE_ATTRIB;
1511 if (events & POLLNLINK)
1512 kev.fflags |= NOTE_LINK;
1513 if (events & POLLWRITE)
1514 kev.fflags |= NOTE_WRITE;
1515 kerror = kevent_register(kq, &kev, p);
1516 }
1517
1518 if (kerror != 0) {
1519 fds[i].revents = POLLNVAL;
1520 rfds++;
1521 } else
1522 fds[i].revents = 0;
1523 }
1524
1525 /* Did we have any trouble registering? */
1526 if (rfds > 0)
1527 goto done;
1528
1529 /* scan for, and possibly wait for, the kevents to trigger */
1530 cont->pca_fds = uap->fds;
1531 cont->pca_nfds = nfds;
1532 cont->pca_rfds = rfds;
1533 error = kqueue_scan(kq, poll_callback, NULL, cont, &atv, p);
1534 rfds = cont->pca_rfds;
1535
1536 done:
1537 OSBitAndAtomic(~((uint32_t)P_SELECT), &p->p_flag);
1538 /* poll is not restarted after signals... */
1539 if (error == ERESTART)
1540 error = EINTR;
1541 if (error == EWOULDBLOCK)
1542 error = 0;
1543 if (error == 0) {
1544 error = copyout(fds, uap->fds, nfds * sizeof(struct pollfd));
1545 *retval = rfds;
1546 }
1547
1548 out:
1549 if (NULL != cont)
1550 FREE(cont, M_TEMP);
1551
1552 kqueue_dealloc(kq);
1553 return (error);
1554 }
1555
1556 int
1557 poll_callback(__unused struct kqueue *kq, struct kevent64_s *kevp, void *data)
1558 {
1559 struct poll_continue_args *cont = (struct poll_continue_args *)data;
1560 struct pollfd *fds = CAST_DOWN(struct pollfd *, kevp->udata);
1561 short prev_revents = fds->revents;
1562 short mask;
1563
1564 /* convert the results back into revents */
1565 if (kevp->flags & EV_EOF)
1566 fds->revents |= POLLHUP;
1567 if (kevp->flags & EV_ERROR)
1568 fds->revents |= POLLERR;
1569
1570 switch (kevp->filter) {
1571 case EVFILT_READ:
1572 if (fds->revents & POLLHUP)
1573 mask = (POLLIN | POLLRDNORM | POLLPRI | POLLRDBAND );
1574 else {
1575 mask = (POLLIN | POLLRDNORM );
1576 if (kevp->flags & EV_OOBAND)
1577 mask |= ( POLLPRI | POLLRDBAND );
1578 }
1579 fds->revents |= (fds->events & mask);
1580 break;
1581
1582 case EVFILT_WRITE:
1583 if (!(fds->revents & POLLHUP))
1584 fds->revents |= (fds->events & ( POLLOUT | POLLWRNORM | POLLWRBAND ));
1585 break;
1586
1587 case EVFILT_VNODE:
1588 if (kevp->fflags & NOTE_EXTEND)
1589 fds->revents |= (fds->events & POLLEXTEND);
1590 if (kevp->fflags & NOTE_ATTRIB)
1591 fds->revents |= (fds->events & POLLATTRIB);
1592 if (kevp->fflags & NOTE_LINK)
1593 fds->revents |= (fds->events & POLLNLINK);
1594 if (kevp->fflags & NOTE_WRITE)
1595 fds->revents |= (fds->events & POLLWRITE);
1596 break;
1597 }
1598
1599 if (fds->revents != 0 && prev_revents == 0)
1600 cont->pca_rfds++;
1601
1602 return 0;
1603 }
1604
1605 int
1606 seltrue(__unused dev_t dev, __unused int flag, __unused struct proc *p)
1607 {
1608
1609 return (1);
1610 }
1611
1612 /*
1613 * selcount
1614 *
1615 * Count the number of bits set in the input bit vector, and establish an
1616 * outstanding fp->f_iocount for each of the descriptors which will be in
1617 * use in the select operation.
1618 *
1619 * Parameters: p The process doing the select
1620 * ibits The input bit vector
1621 * nfd The number of fd's in the vector
1622 * countp Pointer to where to store the bit count
1623 *
1624 * Returns: 0 Success
1625 * EIO Bad per process open file table
1626 * EBADF One of the bits in the input bit vector
1627 * references an invalid fd
1628 *
1629 * Implicit: *countp (modified) Count of fd's
1630 *
1631 * Notes: This function is the first pass under the proc_fdlock() that
1632 * permits us to recognize invalid descriptors in the bit vector;
1633 * the may, however, not remain valid through the drop and
1634 * later reacquisition of the proc_fdlock().
1635 */
1636 static int
1637 selcount(struct proc *p, u_int32_t *ibits, int nfd, int *countp)
1638 {
1639 struct filedesc *fdp = p->p_fd;
1640 int msk, i, j, fd;
1641 u_int32_t bits;
1642 struct fileproc *fp;
1643 int n = 0;
1644 u_int32_t *iptr;
1645 u_int nw;
1646 int error=0;
1647 int dropcount;
1648 int need_wakeup = 0;
1649
1650 /*
1651 * Problems when reboot; due to MacOSX signal probs
1652 * in Beaker1C ; verify that the p->p_fd is valid
1653 */
1654 if (fdp == NULL) {
1655 *countp = 0;
1656 return(EIO);
1657 }
1658 nw = howmany(nfd, NFDBITS);
1659
1660 proc_fdlock(p);
1661 for (msk = 0; msk < 3; msk++) {
1662 iptr = (u_int32_t *)&ibits[msk * nw];
1663 for (i = 0; i < nfd; i += NFDBITS) {
1664 bits = iptr[i/NFDBITS];
1665 while ((j = ffs(bits)) && (fd = i + --j) < nfd) {
1666 bits &= ~(1 << j);
1667
1668 if (fd < fdp->fd_nfiles)
1669 fp = fdp->fd_ofiles[fd];
1670 else
1671 fp = NULL;
1672
1673 if (fp == NULL ||
1674 (fdp->fd_ofileflags[fd] & UF_RESERVED)) {
1675 *countp = 0;
1676 error = EBADF;
1677 goto bad;
1678 }
1679 fp->f_iocount++;
1680 n++;
1681 }
1682 }
1683 }
1684 proc_fdunlock(p);
1685
1686 *countp = n;
1687 return (0);
1688
1689 bad:
1690 dropcount = 0;
1691
1692 if (n== 0)
1693 goto out;
1694 /* Ignore error return; it's already EBADF */
1695 (void)seldrop_locked(p, ibits, nfd, n, &need_wakeup, 1);
1696
1697 out:
1698 proc_fdunlock(p);
1699 if (need_wakeup) {
1700 wakeup(&p->p_fpdrainwait);
1701 }
1702 return(error);
1703 }
1704
1705
1706 /*
1707 * seldrop_locked
1708 *
1709 * Drop outstanding wait queue references set up during selscan(); drop the
1710 * outstanding per fileproc f_iocount() picked up during the selcount().
1711 *
1712 * Parameters: p Process performing the select
1713 * ibits Input pit bector of fd's
1714 * nfd Number of fd's
1715 * lim Limit to number of vector entries to
1716 * consider, or -1 for "all"
1717 * inselect True if
1718 * need_wakeup Pointer to flag to set to do a wakeup
1719 * if f_iocont on any descriptor goes to 0
1720 *
1721 * Returns: 0 Success
1722 * EBADF One or more fds in the bit vector
1723 * were invalid, but the rest
1724 * were successfully dropped
1725 *
1726 * Notes: An fd make become bad while the proc_fdlock() is not held,
1727 * if a multithreaded application closes the fd out from under
1728 * the in progress select. In this case, we still have to
1729 * clean up after the set up on the remaining fds.
1730 */
1731 static int
1732 seldrop_locked(struct proc *p, u_int32_t *ibits, int nfd, int lim, int *need_wakeup, int fromselcount)
1733 {
1734 struct filedesc *fdp = p->p_fd;
1735 int msk, i, j, fd;
1736 u_int32_t bits;
1737 struct fileproc *fp;
1738 u_int32_t *iptr;
1739 u_int nw;
1740 int error = 0;
1741 int dropcount = 0;
1742 uthread_t uth = get_bsdthread_info(current_thread());
1743
1744 *need_wakeup = 0;
1745
1746 /*
1747 * Problems when reboot; due to MacOSX signal probs
1748 * in Beaker1C ; verify that the p->p_fd is valid
1749 */
1750 if (fdp == NULL) {
1751 return(EIO);
1752 }
1753
1754 nw = howmany(nfd, NFDBITS);
1755
1756 for (msk = 0; msk < 3; msk++) {
1757 iptr = (u_int32_t *)&ibits[msk * nw];
1758 for (i = 0; i < nfd; i += NFDBITS) {
1759 bits = iptr[i/NFDBITS];
1760 while ((j = ffs(bits)) && (fd = i + --j) < nfd) {
1761 bits &= ~(1 << j);
1762 fp = fdp->fd_ofiles[fd];
1763 /*
1764 * If we've already dropped as many as were
1765 * counted/scanned, then we are done.
1766 */
1767 if ((fromselcount != 0) && (++dropcount > lim))
1768 goto done;
1769
1770 if (fp == NULL) {
1771 /* skip (now) bad fds */
1772 error = EBADF;
1773 continue;
1774 }
1775 /*
1776 * Only clear the flag if we set it. We'll
1777 * only find that we set it if we had made
1778 * at least one [partial] pass through selscan().
1779 */
1780 if ((fp->f_flags & FP_INSELECT) && (fp->f_waddr == (void *)uth->uu_wqset)) {
1781 fp->f_flags &= ~FP_INSELECT;
1782 fp->f_waddr = (void *)0;
1783 }
1784
1785 fp->f_iocount--;
1786 if (fp->f_iocount < 0)
1787 panic("f_iocount overdecrement!");
1788
1789 if (fp->f_iocount == 0) {
1790 /*
1791 * The last iocount is responsible for clearing
1792 * selconfict flag - even if we didn't set it -
1793 * and is also responsible for waking up anyone
1794 * waiting on iocounts to drain.
1795 */
1796 if (fp->f_flags & FP_SELCONFLICT)
1797 fp->f_flags &= ~FP_SELCONFLICT;
1798 if (p->p_fpdrainwait) {
1799 p->p_fpdrainwait = 0;
1800 *need_wakeup = 1;
1801 }
1802 }
1803 }
1804 }
1805 }
1806 done:
1807 return (error);
1808 }
1809
1810
1811 static int
1812 seldrop(struct proc *p, u_int32_t *ibits, int nfd)
1813 {
1814 int error;
1815 int need_wakeup = 0;
1816
1817 proc_fdlock(p);
1818 error = seldrop_locked(p, ibits, nfd, nfd, &need_wakeup, 0);
1819 proc_fdunlock(p);
1820 if (need_wakeup) {
1821 wakeup(&p->p_fpdrainwait);
1822 }
1823 return (error);
1824 }
1825
1826 /*
1827 * Record a select request.
1828 */
1829 void
1830 selrecord(__unused struct proc *selector, struct selinfo *sip, void * p_wql)
1831 {
1832 thread_t cur_act = current_thread();
1833 struct uthread * ut = get_bsdthread_info(cur_act);
1834
1835 /* need to look at collisions */
1836
1837 /*do not record if this is second pass of select */
1838 if(p_wql == (void *)0) {
1839 return;
1840 }
1841
1842 if ((sip->si_flags & SI_INITED) == 0) {
1843 wait_queue_init(&sip->si_wait_queue, SYNC_POLICY_FIFO);
1844 sip->si_flags |= SI_INITED;
1845 sip->si_flags &= ~SI_CLEAR;
1846 }
1847
1848 if (sip->si_flags & SI_RECORDED) {
1849 sip->si_flags |= SI_COLL;
1850 } else
1851 sip->si_flags &= ~SI_COLL;
1852
1853 sip->si_flags |= SI_RECORDED;
1854 if (!wait_queue_member(&sip->si_wait_queue, ut->uu_wqset))
1855 wait_queue_link_noalloc(&sip->si_wait_queue, ut->uu_wqset,
1856 (wait_queue_link_t)p_wql);
1857
1858 return;
1859 }
1860
1861 void
1862 selwakeup(struct selinfo *sip)
1863 {
1864
1865 if ((sip->si_flags & SI_INITED) == 0) {
1866 return;
1867 }
1868
1869 if (sip->si_flags & SI_COLL) {
1870 nselcoll++;
1871 sip->si_flags &= ~SI_COLL;
1872 #if 0
1873 /* will not support */
1874 //wakeup((caddr_t)&selwait);
1875 #endif
1876 }
1877
1878 if (sip->si_flags & SI_RECORDED) {
1879 wait_queue_wakeup_all(&sip->si_wait_queue, NULL, THREAD_AWAKENED);
1880 sip->si_flags &= ~SI_RECORDED;
1881 }
1882
1883 }
1884
1885 void
1886 selthreadclear(struct selinfo *sip)
1887 {
1888
1889 if ((sip->si_flags & SI_INITED) == 0) {
1890 return;
1891 }
1892 if (sip->si_flags & SI_RECORDED) {
1893 selwakeup(sip);
1894 sip->si_flags &= ~(SI_RECORDED | SI_COLL);
1895 }
1896 sip->si_flags |= SI_CLEAR;
1897 wait_queue_unlink_all(&sip->si_wait_queue);
1898 }
1899
1900
1901
1902
1903 #define DBG_POST 0x10
1904 #define DBG_WATCH 0x11
1905 #define DBG_WAIT 0x12
1906 #define DBG_MOD 0x13
1907 #define DBG_EWAKEUP 0x14
1908 #define DBG_ENQUEUE 0x15
1909 #define DBG_DEQUEUE 0x16
1910
1911 #define DBG_MISC_POST MISCDBG_CODE(DBG_EVENT,DBG_POST)
1912 #define DBG_MISC_WATCH MISCDBG_CODE(DBG_EVENT,DBG_WATCH)
1913 #define DBG_MISC_WAIT MISCDBG_CODE(DBG_EVENT,DBG_WAIT)
1914 #define DBG_MISC_MOD MISCDBG_CODE(DBG_EVENT,DBG_MOD)
1915 #define DBG_MISC_EWAKEUP MISCDBG_CODE(DBG_EVENT,DBG_EWAKEUP)
1916 #define DBG_MISC_ENQUEUE MISCDBG_CODE(DBG_EVENT,DBG_ENQUEUE)
1917 #define DBG_MISC_DEQUEUE MISCDBG_CODE(DBG_EVENT,DBG_DEQUEUE)
1918
1919
1920 #define EVPROCDEQUE(p, evq) do { \
1921 proc_lock(p); \
1922 if (evq->ee_flags & EV_QUEUED) { \
1923 TAILQ_REMOVE(&p->p_evlist, evq, ee_plist); \
1924 evq->ee_flags &= ~EV_QUEUED; \
1925 } \
1926 proc_unlock(p); \
1927 } while (0);
1928
1929
1930 /*
1931 * called upon socket close. deque and free all events for
1932 * the socket... socket must be locked by caller.
1933 */
1934 void
1935 evsofree(struct socket *sp)
1936 {
1937 struct eventqelt *evq, *next;
1938 proc_t p;
1939
1940 if (sp == NULL)
1941 return;
1942
1943 for (evq = sp->so_evlist.tqh_first; evq != NULL; evq = next) {
1944 next = evq->ee_slist.tqe_next;
1945 p = evq->ee_proc;
1946
1947 if (evq->ee_flags & EV_QUEUED) {
1948 EVPROCDEQUE(p, evq);
1949 }
1950 TAILQ_REMOVE(&sp->so_evlist, evq, ee_slist); // remove from socket q
1951 FREE(evq, M_TEMP);
1952 }
1953 }
1954
1955
1956 /*
1957 * called upon pipe close. deque and free all events for
1958 * the pipe... pipe must be locked by caller
1959 */
1960 void
1961 evpipefree(struct pipe *cpipe)
1962 {
1963 struct eventqelt *evq, *next;
1964 proc_t p;
1965
1966 for (evq = cpipe->pipe_evlist.tqh_first; evq != NULL; evq = next) {
1967 next = evq->ee_slist.tqe_next;
1968 p = evq->ee_proc;
1969
1970 EVPROCDEQUE(p, evq);
1971
1972 TAILQ_REMOVE(&cpipe->pipe_evlist, evq, ee_slist); // remove from pipe q
1973 FREE(evq, M_TEMP);
1974 }
1975 }
1976
1977
1978 /*
1979 * enqueue this event if it's not already queued. wakeup
1980 * the proc if we do queue this event to it...
1981 * entered with proc lock held... we drop it before
1982 * doing the wakeup and return in that state
1983 */
1984 static void
1985 evprocenque(struct eventqelt *evq)
1986 {
1987 proc_t p;
1988
1989 assert(evq);
1990 p = evq->ee_proc;
1991
1992 KERNEL_DEBUG(DBG_MISC_ENQUEUE|DBG_FUNC_START, (uint32_t)evq, evq->ee_flags, evq->ee_eventmask,0,0);
1993
1994 proc_lock(p);
1995
1996 if (evq->ee_flags & EV_QUEUED) {
1997 proc_unlock(p);
1998
1999 KERNEL_DEBUG(DBG_MISC_ENQUEUE|DBG_FUNC_END, 0,0,0,0,0);
2000 return;
2001 }
2002 evq->ee_flags |= EV_QUEUED;
2003
2004 TAILQ_INSERT_TAIL(&p->p_evlist, evq, ee_plist);
2005
2006 proc_unlock(p);
2007
2008 wakeup(&p->p_evlist);
2009
2010 KERNEL_DEBUG(DBG_MISC_ENQUEUE|DBG_FUNC_END, 0,0,0,0,0);
2011 }
2012
2013
2014 /*
2015 * pipe lock must be taken by the caller
2016 */
2017 void
2018 postpipeevent(struct pipe *pipep, int event)
2019 {
2020 int mask;
2021 struct eventqelt *evq;
2022
2023 if (pipep == NULL)
2024 return;
2025 KERNEL_DEBUG(DBG_MISC_POST|DBG_FUNC_START, event,0,0,1,0);
2026
2027 for (evq = pipep->pipe_evlist.tqh_first;
2028 evq != NULL; evq = evq->ee_slist.tqe_next) {
2029
2030 if (evq->ee_eventmask == 0)
2031 continue;
2032 mask = 0;
2033
2034 switch (event & (EV_RWBYTES | EV_RCLOSED | EV_WCLOSED)) {
2035
2036 case EV_RWBYTES:
2037 if ((evq->ee_eventmask & EV_RE) && pipep->pipe_buffer.cnt) {
2038 mask |= EV_RE;
2039 evq->ee_req.er_rcnt = pipep->pipe_buffer.cnt;
2040 }
2041 if ((evq->ee_eventmask & EV_WR) &&
2042 (MAX(pipep->pipe_buffer.size,PIPE_SIZE) - pipep->pipe_buffer.cnt) >= PIPE_BUF) {
2043
2044 if (pipep->pipe_state & PIPE_EOF) {
2045 mask |= EV_WR|EV_RESET;
2046 break;
2047 }
2048 mask |= EV_WR;
2049 evq->ee_req.er_wcnt = MAX(pipep->pipe_buffer.size, PIPE_SIZE) - pipep->pipe_buffer.cnt;
2050 }
2051 break;
2052
2053 case EV_WCLOSED:
2054 case EV_RCLOSED:
2055 if ((evq->ee_eventmask & EV_RE)) {
2056 mask |= EV_RE|EV_RCLOSED;
2057 }
2058 if ((evq->ee_eventmask & EV_WR)) {
2059 mask |= EV_WR|EV_WCLOSED;
2060 }
2061 break;
2062
2063 default:
2064 return;
2065 }
2066 if (mask) {
2067 /*
2068 * disarm... postevents are nops until this event is 'read' via
2069 * waitevent and then re-armed via modwatch
2070 */
2071 evq->ee_eventmask = 0;
2072
2073 /*
2074 * since events are disarmed until after the waitevent
2075 * the ee_req.er_xxxx fields can't change once we've
2076 * inserted this event into the proc queue...
2077 * therefore, the waitevent will see a 'consistent'
2078 * snapshot of the event, even though it won't hold
2079 * the pipe lock, and we're updating the event outside
2080 * of the proc lock, which it will hold
2081 */
2082 evq->ee_req.er_eventbits |= mask;
2083
2084 KERNEL_DEBUG(DBG_MISC_POST, (uint32_t)evq, evq->ee_req.er_eventbits, mask, 1,0);
2085
2086 evprocenque(evq);
2087 }
2088 }
2089 KERNEL_DEBUG(DBG_MISC_POST|DBG_FUNC_END, 0,0,0,1,0);
2090 }
2091
2092 #if SOCKETS
2093 /*
2094 * given either a sockbuf or a socket run down the
2095 * event list and queue ready events found...
2096 * the socket must be locked by the caller
2097 */
2098 void
2099 postevent(struct socket *sp, struct sockbuf *sb, int event)
2100 {
2101 int mask;
2102 struct eventqelt *evq;
2103 struct tcpcb *tp;
2104
2105 if (sb)
2106 sp = sb->sb_so;
2107 if (sp == NULL)
2108 return;
2109
2110 KERNEL_DEBUG(DBG_MISC_POST|DBG_FUNC_START, (int)sp, event, 0, 0, 0);
2111
2112 for (evq = sp->so_evlist.tqh_first;
2113 evq != NULL; evq = evq->ee_slist.tqe_next) {
2114
2115 if (evq->ee_eventmask == 0)
2116 continue;
2117 mask = 0;
2118
2119 /* ready for reading:
2120 - byte cnt >= receive low water mark
2121 - read-half of conn closed
2122 - conn pending for listening sock
2123 - socket error pending
2124
2125 ready for writing
2126 - byte cnt avail >= send low water mark
2127 - write half of conn closed
2128 - socket error pending
2129 - non-blocking conn completed successfully
2130
2131 exception pending
2132 - out of band data
2133 - sock at out of band mark
2134 */
2135
2136 switch (event & EV_DMASK) {
2137
2138 case EV_OOB:
2139 if ((evq->ee_eventmask & EV_EX)) {
2140 if (sp->so_oobmark || ((sp->so_state & SS_RCVATMARK)))
2141 mask |= EV_EX|EV_OOB;
2142 }
2143 break;
2144
2145 case EV_RWBYTES|EV_OOB:
2146 if ((evq->ee_eventmask & EV_EX)) {
2147 if (sp->so_oobmark || ((sp->so_state & SS_RCVATMARK)))
2148 mask |= EV_EX|EV_OOB;
2149 }
2150 /*
2151 * fall into the next case
2152 */
2153 case EV_RWBYTES:
2154 if ((evq->ee_eventmask & EV_RE) && soreadable(sp)) {
2155 /* for AFP/OT purposes; may go away in future */
2156 if ((SOCK_DOM(sp) == PF_INET ||
2157 SOCK_DOM(sp) == PF_INET6) &&
2158 SOCK_PROTO(sp) == IPPROTO_TCP &&
2159 (sp->so_error == ECONNREFUSED ||
2160 sp->so_error == ECONNRESET)) {
2161 if (sp->so_pcb == NULL ||
2162 sotoinpcb(sp)->inp_state ==
2163 INPCB_STATE_DEAD ||
2164 (tp = sototcpcb(sp)) == NULL ||
2165 tp->t_state == TCPS_CLOSED) {
2166 mask |= EV_RE|EV_RESET;
2167 break;
2168 }
2169 }
2170 mask |= EV_RE;
2171 evq->ee_req.er_rcnt = sp->so_rcv.sb_cc;
2172
2173 if (sp->so_state & SS_CANTRCVMORE) {
2174 mask |= EV_FIN;
2175 break;
2176 }
2177 }
2178 if ((evq->ee_eventmask & EV_WR) && sowriteable(sp)) {
2179 /* for AFP/OT purposes; may go away in future */
2180 if ((SOCK_DOM(sp) == PF_INET ||
2181 SOCK_DOM(sp) == PF_INET6) &&
2182 SOCK_PROTO(sp) == IPPROTO_TCP &&
2183 (sp->so_error == ECONNREFUSED ||
2184 sp->so_error == ECONNRESET)) {
2185 if (sp->so_pcb == NULL ||
2186 sotoinpcb(sp)->inp_state ==
2187 INPCB_STATE_DEAD ||
2188 (tp = sototcpcb(sp)) == NULL ||
2189 tp->t_state == TCPS_CLOSED) {
2190 mask |= EV_WR|EV_RESET;
2191 break;
2192 }
2193 }
2194 mask |= EV_WR;
2195 evq->ee_req.er_wcnt = sbspace(&sp->so_snd);
2196 }
2197 break;
2198
2199 case EV_RCONN:
2200 if ((evq->ee_eventmask & EV_RE)) {
2201 mask |= EV_RE|EV_RCONN;
2202 evq->ee_req.er_rcnt = sp->so_qlen + 1; // incl this one
2203 }
2204 break;
2205
2206 case EV_WCONN:
2207 if ((evq->ee_eventmask & EV_WR)) {
2208 mask |= EV_WR|EV_WCONN;
2209 }
2210 break;
2211
2212 case EV_RCLOSED:
2213 if ((evq->ee_eventmask & EV_RE)) {
2214 mask |= EV_RE|EV_RCLOSED;
2215 }
2216 break;
2217
2218 case EV_WCLOSED:
2219 if ((evq->ee_eventmask & EV_WR)) {
2220 mask |= EV_WR|EV_WCLOSED;
2221 }
2222 break;
2223
2224 case EV_FIN:
2225 if (evq->ee_eventmask & EV_RE) {
2226 mask |= EV_RE|EV_FIN;
2227 }
2228 break;
2229
2230 case EV_RESET:
2231 case EV_TIMEOUT:
2232 if (evq->ee_eventmask & EV_RE) {
2233 mask |= EV_RE | event;
2234 }
2235 if (evq->ee_eventmask & EV_WR) {
2236 mask |= EV_WR | event;
2237 }
2238 break;
2239
2240 default:
2241 KERNEL_DEBUG(DBG_MISC_POST|DBG_FUNC_END, (int)sp, -1, 0, 0, 0);
2242 return;
2243 } /* switch */
2244
2245 KERNEL_DEBUG(DBG_MISC_POST, (int)evq, evq->ee_eventmask, evq->ee_req.er_eventbits, mask, 0);
2246
2247 if (mask) {
2248 /*
2249 * disarm... postevents are nops until this event is 'read' via
2250 * waitevent and then re-armed via modwatch
2251 */
2252 evq->ee_eventmask = 0;
2253
2254 /*
2255 * since events are disarmed until after the waitevent
2256 * the ee_req.er_xxxx fields can't change once we've
2257 * inserted this event into the proc queue...
2258 * since waitevent can't see this event until we
2259 * enqueue it, waitevent will see a 'consistent'
2260 * snapshot of the event, even though it won't hold
2261 * the socket lock, and we're updating the event outside
2262 * of the proc lock, which it will hold
2263 */
2264 evq->ee_req.er_eventbits |= mask;
2265
2266 evprocenque(evq);
2267 }
2268 }
2269 KERNEL_DEBUG(DBG_MISC_POST|DBG_FUNC_END, (int)sp, 0, 0, 0, 0);
2270 }
2271 #endif /* SOCKETS */
2272
2273
2274 /*
2275 * watchevent system call. user passes us an event to watch
2276 * for. we malloc an event object, initialize it, and queue
2277 * it to the open socket. when the event occurs, postevent()
2278 * will enque it back to our proc where we can retrieve it
2279 * via waitevent().
2280 *
2281 * should this prevent duplicate events on same socket?
2282 *
2283 * Returns:
2284 * ENOMEM No memory for operation
2285 * copyin:EFAULT
2286 */
2287 int
2288 watchevent(proc_t p, struct watchevent_args *uap, __unused int *retval)
2289 {
2290 struct eventqelt *evq = (struct eventqelt *)0;
2291 struct eventqelt *np = NULL;
2292 struct eventreq64 *erp;
2293 struct fileproc *fp = NULL;
2294 int error;
2295
2296 KERNEL_DEBUG(DBG_MISC_WATCH|DBG_FUNC_START, 0,0,0,0,0);
2297
2298 // get a qelt and fill with users req
2299 MALLOC(evq, struct eventqelt *, sizeof(struct eventqelt), M_TEMP, M_WAITOK);
2300
2301 if (evq == NULL)
2302 return (ENOMEM);
2303 erp = &evq->ee_req;
2304
2305 // get users request pkt
2306
2307 if (IS_64BIT_PROCESS(p)) {
2308 error = copyin(uap->u_req, (caddr_t)erp, sizeof(struct eventreq64));
2309 } else {
2310 struct eventreq32 er32;
2311
2312 error = copyin(uap->u_req, (caddr_t)&er32, sizeof(struct eventreq32));
2313 if (error == 0) {
2314 /*
2315 * the user only passes in the
2316 * er_type, er_handle and er_data...
2317 * the other fields are initialized
2318 * below, so don't bother to copy
2319 */
2320 erp->er_type = er32.er_type;
2321 erp->er_handle = er32.er_handle;
2322 erp->er_data = (user_addr_t)er32.er_data;
2323 }
2324 }
2325 if (error) {
2326 FREE(evq, M_TEMP);
2327 KERNEL_DEBUG(DBG_MISC_WATCH|DBG_FUNC_END, error,0,0,0,0);
2328
2329 return(error);
2330 }
2331 KERNEL_DEBUG(DBG_MISC_WATCH, erp->er_handle,uap->u_eventmask,(uint32_t)evq,0,0);
2332
2333 // validate, freeing qelt if errors
2334 error = 0;
2335 proc_fdlock(p);
2336
2337 if (erp->er_type != EV_FD) {
2338 error = EINVAL;
2339 } else if ((error = fp_lookup(p, erp->er_handle, &fp, 1)) != 0) {
2340 error = EBADF;
2341 #if SOCKETS
2342 } else if (fp->f_type == DTYPE_SOCKET) {
2343 socket_lock((struct socket *)fp->f_data, 1);
2344 np = ((struct socket *)fp->f_data)->so_evlist.tqh_first;
2345 #endif /* SOCKETS */
2346 } else if (fp->f_type == DTYPE_PIPE) {
2347 PIPE_LOCK((struct pipe *)fp->f_data);
2348 np = ((struct pipe *)fp->f_data)->pipe_evlist.tqh_first;
2349 } else {
2350 fp_drop(p, erp->er_handle, fp, 1);
2351 error = EINVAL;
2352 }
2353 proc_fdunlock(p);
2354
2355 if (error) {
2356 FREE(evq, M_TEMP);
2357
2358 KERNEL_DEBUG(DBG_MISC_WATCH|DBG_FUNC_END, error,0,0,0,0);
2359 return(error);
2360 }
2361
2362 /*
2363 * only allow one watch per file per proc
2364 */
2365 for ( ; np != NULL; np = np->ee_slist.tqe_next) {
2366 if (np->ee_proc == p) {
2367 #if SOCKETS
2368 if (fp->f_type == DTYPE_SOCKET)
2369 socket_unlock((struct socket *)fp->f_data, 1);
2370 else
2371 #endif /* SOCKETS */
2372 PIPE_UNLOCK((struct pipe *)fp->f_data);
2373 fp_drop(p, erp->er_handle, fp, 0);
2374 FREE(evq, M_TEMP);
2375
2376 KERNEL_DEBUG(DBG_MISC_WATCH|DBG_FUNC_END, EINVAL,0,0,0,0);
2377 return(EINVAL);
2378 }
2379 }
2380 erp->er_ecnt = erp->er_rcnt = erp->er_wcnt = erp->er_eventbits = 0;
2381 evq->ee_proc = p;
2382 evq->ee_eventmask = uap->u_eventmask & EV_MASK;
2383 evq->ee_flags = 0;
2384
2385 #if SOCKETS
2386 if (fp->f_type == DTYPE_SOCKET) {
2387 TAILQ_INSERT_TAIL(&((struct socket *)fp->f_data)->so_evlist, evq, ee_slist);
2388 postevent((struct socket *)fp->f_data, 0, EV_RWBYTES); // catch existing events
2389
2390 socket_unlock((struct socket *)fp->f_data, 1);
2391 } else
2392 #endif /* SOCKETS */
2393 {
2394 TAILQ_INSERT_TAIL(&((struct pipe *)fp->f_data)->pipe_evlist, evq, ee_slist);
2395 postpipeevent((struct pipe *)fp->f_data, EV_RWBYTES);
2396
2397 PIPE_UNLOCK((struct pipe *)fp->f_data);
2398 }
2399 fp_drop_event(p, erp->er_handle, fp);
2400
2401 KERNEL_DEBUG(DBG_MISC_WATCH|DBG_FUNC_END, 0,0,0,0,0);
2402 return(0);
2403 }
2404
2405
2406
2407 /*
2408 * waitevent system call.
2409 * grabs the next waiting event for this proc and returns
2410 * it. if no events, user can request to sleep with timeout
2411 * or without or poll mode
2412 * ((tv != NULL && interval == 0) || tv == -1)
2413 */
2414 int
2415 waitevent(proc_t p, struct waitevent_args *uap, int *retval)
2416 {
2417 int error = 0;
2418 struct eventqelt *evq;
2419 struct eventreq64 *erp;
2420 uint64_t abstime, interval;
2421 boolean_t fast_poll = FALSE;
2422 union {
2423 struct eventreq64 er64;
2424 struct eventreq32 er32;
2425 } uer;
2426
2427 interval = 0;
2428
2429 if (uap->tv) {
2430 struct timeval atv;
2431 /*
2432 * check for fast poll method
2433 */
2434 if (IS_64BIT_PROCESS(p)) {
2435 if (uap->tv == (user_addr_t)-1)
2436 fast_poll = TRUE;
2437 } else if (uap->tv == (user_addr_t)((uint32_t)-1))
2438 fast_poll = TRUE;
2439
2440 if (fast_poll == TRUE) {
2441 if (p->p_evlist.tqh_first == NULL) {
2442 KERNEL_DEBUG(DBG_MISC_WAIT|DBG_FUNC_NONE, -1,0,0,0,0);
2443 /*
2444 * poll failed
2445 */
2446 *retval = 1;
2447 return (0);
2448 }
2449 proc_lock(p);
2450 goto retry;
2451 }
2452 if (IS_64BIT_PROCESS(p)) {
2453 struct user64_timeval atv64;
2454 error = copyin(uap->tv, (caddr_t)&atv64, sizeof(atv64));
2455 /* Loses resolution - assume timeout < 68 years */
2456 atv.tv_sec = atv64.tv_sec;
2457 atv.tv_usec = atv64.tv_usec;
2458 } else {
2459 struct user32_timeval atv32;
2460 error = copyin(uap->tv, (caddr_t)&atv32, sizeof(atv32));
2461 atv.tv_sec = atv32.tv_sec;
2462 atv.tv_usec = atv32.tv_usec;
2463 }
2464
2465 if (error)
2466 return(error);
2467 if (itimerfix(&atv)) {
2468 error = EINVAL;
2469 return(error);
2470 }
2471 interval = tvtoabstime(&atv);
2472 }
2473 KERNEL_DEBUG(DBG_MISC_WAIT|DBG_FUNC_START, 0,0,0,0,0);
2474
2475 proc_lock(p);
2476 retry:
2477 if ((evq = p->p_evlist.tqh_first) != NULL) {
2478 /*
2479 * found one... make a local copy while it's still on the queue
2480 * to prevent it from changing while in the midst of copying
2481 * don't want to hold the proc lock across a copyout because
2482 * it might block on a page fault at the target in user space
2483 */
2484 erp = &evq->ee_req;
2485
2486 if (IS_64BIT_PROCESS(p))
2487 bcopy((caddr_t)erp, (caddr_t)&uer.er64, sizeof (struct eventreq64));
2488 else {
2489 uer.er32.er_type = erp->er_type;
2490 uer.er32.er_handle = erp->er_handle;
2491 uer.er32.er_data = (uint32_t)erp->er_data;
2492 uer.er32.er_ecnt = erp->er_ecnt;
2493 uer.er32.er_rcnt = erp->er_rcnt;
2494 uer.er32.er_wcnt = erp->er_wcnt;
2495 uer.er32.er_eventbits = erp->er_eventbits;
2496 }
2497 TAILQ_REMOVE(&p->p_evlist, evq, ee_plist);
2498
2499 evq->ee_flags &= ~EV_QUEUED;
2500
2501 proc_unlock(p);
2502
2503 if (IS_64BIT_PROCESS(p))
2504 error = copyout((caddr_t)&uer.er64, uap->u_req, sizeof(struct eventreq64));
2505 else
2506 error = copyout((caddr_t)&uer.er32, uap->u_req, sizeof(struct eventreq32));
2507
2508 KERNEL_DEBUG(DBG_MISC_WAIT|DBG_FUNC_END, error,
2509 evq->ee_req.er_handle,evq->ee_req.er_eventbits,(uint32_t)evq,0);
2510 return (error);
2511 }
2512 else {
2513 if (uap->tv && interval == 0) {
2514 proc_unlock(p);
2515 *retval = 1; // poll failed
2516
2517 KERNEL_DEBUG(DBG_MISC_WAIT|DBG_FUNC_END, error,0,0,0,0);
2518 return (error);
2519 }
2520 if (interval != 0)
2521 clock_absolutetime_interval_to_deadline(interval, &abstime);
2522 else
2523 abstime = 0;
2524
2525 KERNEL_DEBUG(DBG_MISC_WAIT, 1,(uint32_t)&p->p_evlist,0,0,0);
2526
2527 error = msleep1(&p->p_evlist, &p->p_mlock, (PSOCK | PCATCH), "waitevent", abstime);
2528
2529 KERNEL_DEBUG(DBG_MISC_WAIT, 2,(uint32_t)&p->p_evlist,0,0,0);
2530
2531 if (error == 0)
2532 goto retry;
2533 if (error == ERESTART)
2534 error = EINTR;
2535 if (error == EWOULDBLOCK) {
2536 *retval = 1;
2537 error = 0;
2538 }
2539 }
2540 proc_unlock(p);
2541
2542 KERNEL_DEBUG(DBG_MISC_WAIT|DBG_FUNC_END, 0,0,0,0,0);
2543 return (error);
2544 }
2545
2546
2547 /*
2548 * modwatch system call. user passes in event to modify.
2549 * if we find it we reset the event bits and que/deque event
2550 * it needed.
2551 */
2552 int
2553 modwatch(proc_t p, struct modwatch_args *uap, __unused int *retval)
2554 {
2555 struct eventreq64 er;
2556 struct eventreq64 *erp = &er;
2557 struct eventqelt *evq = NULL; /* protected by error return */
2558 int error;
2559 struct fileproc *fp;
2560 int flag;
2561
2562 KERNEL_DEBUG(DBG_MISC_MOD|DBG_FUNC_START, 0,0,0,0,0);
2563
2564 /*
2565 * get user's request pkt
2566 * just need the er_type and er_handle which sit above the
2567 * problematic er_data (32/64 issue)... so only copy in
2568 * those 2 fields
2569 */
2570 if ((error = copyin(uap->u_req, (caddr_t)erp, sizeof(er.er_type) + sizeof(er.er_handle)))) {
2571 KERNEL_DEBUG(DBG_MISC_MOD|DBG_FUNC_END, error,0,0,0,0);
2572 return(error);
2573 }
2574 proc_fdlock(p);
2575
2576 if (erp->er_type != EV_FD) {
2577 error = EINVAL;
2578 } else if ((error = fp_lookup(p, erp->er_handle, &fp, 1)) != 0) {
2579 error = EBADF;
2580 #if SOCKETS
2581 } else if (fp->f_type == DTYPE_SOCKET) {
2582 socket_lock((struct socket *)fp->f_data, 1);
2583 evq = ((struct socket *)fp->f_data)->so_evlist.tqh_first;
2584 #endif /* SOCKETS */
2585 } else if (fp->f_type == DTYPE_PIPE) {
2586 PIPE_LOCK((struct pipe *)fp->f_data);
2587 evq = ((struct pipe *)fp->f_data)->pipe_evlist.tqh_first;
2588 } else {
2589 fp_drop(p, erp->er_handle, fp, 1);
2590 error = EINVAL;
2591 }
2592
2593 if (error) {
2594 proc_fdunlock(p);
2595 KERNEL_DEBUG(DBG_MISC_MOD|DBG_FUNC_END, error,0,0,0,0);
2596 return(error);
2597 }
2598
2599 if ((uap->u_eventmask == EV_RM) && (fp->f_flags & FP_WAITEVENT)) {
2600 fp->f_flags &= ~FP_WAITEVENT;
2601 }
2602 proc_fdunlock(p);
2603
2604 // locate event if possible
2605 for ( ; evq != NULL; evq = evq->ee_slist.tqe_next) {
2606 if (evq->ee_proc == p)
2607 break;
2608 }
2609 if (evq == NULL) {
2610 #if SOCKETS
2611 if (fp->f_type == DTYPE_SOCKET)
2612 socket_unlock((struct socket *)fp->f_data, 1);
2613 else
2614 #endif /* SOCKETS */
2615 PIPE_UNLOCK((struct pipe *)fp->f_data);
2616 fp_drop(p, erp->er_handle, fp, 0);
2617 KERNEL_DEBUG(DBG_MISC_MOD|DBG_FUNC_END, EINVAL,0,0,0,0);
2618 return(EINVAL);
2619 }
2620 KERNEL_DEBUG(DBG_MISC_MOD, erp->er_handle,uap->u_eventmask,(uint32_t)evq,0,0);
2621
2622 if (uap->u_eventmask == EV_RM) {
2623 EVPROCDEQUE(p, evq);
2624
2625 #if SOCKETS
2626 if (fp->f_type == DTYPE_SOCKET) {
2627 TAILQ_REMOVE(&((struct socket *)fp->f_data)->so_evlist, evq, ee_slist);
2628 socket_unlock((struct socket *)fp->f_data, 1);
2629 } else
2630 #endif /* SOCKETS */
2631 {
2632 TAILQ_REMOVE(&((struct pipe *)fp->f_data)->pipe_evlist, evq, ee_slist);
2633 PIPE_UNLOCK((struct pipe *)fp->f_data);
2634 }
2635 fp_drop(p, erp->er_handle, fp, 0);
2636 FREE(evq, M_TEMP);
2637 KERNEL_DEBUG(DBG_MISC_MOD|DBG_FUNC_END, 0,0,0,0,0);
2638 return(0);
2639 }
2640 switch (uap->u_eventmask & EV_MASK) {
2641
2642 case 0:
2643 flag = 0;
2644 break;
2645
2646 case EV_RE:
2647 case EV_WR:
2648 case EV_RE|EV_WR:
2649 flag = EV_RWBYTES;
2650 break;
2651
2652 case EV_EX:
2653 flag = EV_OOB;
2654 break;
2655
2656 case EV_EX|EV_RE:
2657 case EV_EX|EV_WR:
2658 case EV_EX|EV_RE|EV_WR:
2659 flag = EV_OOB|EV_RWBYTES;
2660 break;
2661
2662 default:
2663 #if SOCKETS
2664 if (fp->f_type == DTYPE_SOCKET)
2665 socket_unlock((struct socket *)fp->f_data, 1);
2666 else
2667 #endif /* SOCKETS */
2668 PIPE_UNLOCK((struct pipe *)fp->f_data);
2669 fp_drop(p, erp->er_handle, fp, 0);
2670 KERNEL_DEBUG(DBG_MISC_WATCH|DBG_FUNC_END, EINVAL,0,0,0,0);
2671 return(EINVAL);
2672 }
2673 /*
2674 * since we're holding the socket/pipe lock, the event
2675 * cannot go from the unqueued state to the queued state
2676 * however, it can go from the queued state to the unqueued state
2677 * since that direction is protected by the proc_lock...
2678 * so do a quick check for EV_QUEUED w/o holding the proc lock
2679 * since by far the common case will be NOT EV_QUEUED, this saves
2680 * us taking the proc_lock the majority of the time
2681 */
2682 if (evq->ee_flags & EV_QUEUED) {
2683 /*
2684 * EVPROCDEQUE will recheck the state after it grabs the proc_lock
2685 */
2686 EVPROCDEQUE(p, evq);
2687 }
2688 /*
2689 * while the event is off the proc queue and
2690 * we're holding the socket/pipe lock
2691 * it's safe to update these fields...
2692 */
2693 evq->ee_req.er_eventbits = 0;
2694 evq->ee_eventmask = uap->u_eventmask & EV_MASK;
2695
2696 #if SOCKETS
2697 if (fp->f_type == DTYPE_SOCKET) {
2698 postevent((struct socket *)fp->f_data, 0, flag);
2699 socket_unlock((struct socket *)fp->f_data, 1);
2700 } else
2701 #endif /* SOCKETS */
2702 {
2703 postpipeevent((struct pipe *)fp->f_data, flag);
2704 PIPE_UNLOCK((struct pipe *)fp->f_data);
2705 }
2706 fp_drop(p, erp->er_handle, fp, 0);
2707 KERNEL_DEBUG(DBG_MISC_MOD|DBG_FUNC_END, evq->ee_req.er_handle,evq->ee_eventmask,(uint32_t)fp->f_data,flag,0);
2708 return(0);
2709 }
2710
2711 /* this routine is called from the close of fd with proc_fdlock held */
2712 int
2713 waitevent_close(struct proc *p, struct fileproc *fp)
2714 {
2715 struct eventqelt *evq;
2716
2717
2718 fp->f_flags &= ~FP_WAITEVENT;
2719
2720 #if SOCKETS
2721 if (fp->f_type == DTYPE_SOCKET) {
2722 socket_lock((struct socket *)fp->f_data, 1);
2723 evq = ((struct socket *)fp->f_data)->so_evlist.tqh_first;
2724 } else
2725 #endif /* SOCKETS */
2726 if (fp->f_type == DTYPE_PIPE) {
2727 PIPE_LOCK((struct pipe *)fp->f_data);
2728 evq = ((struct pipe *)fp->f_data)->pipe_evlist.tqh_first;
2729 }
2730 else {
2731 return(EINVAL);
2732 }
2733 proc_fdunlock(p);
2734
2735
2736 // locate event if possible
2737 for ( ; evq != NULL; evq = evq->ee_slist.tqe_next) {
2738 if (evq->ee_proc == p)
2739 break;
2740 }
2741 if (evq == NULL) {
2742 #if SOCKETS
2743 if (fp->f_type == DTYPE_SOCKET)
2744 socket_unlock((struct socket *)fp->f_data, 1);
2745 else
2746 #endif /* SOCKETS */
2747 PIPE_UNLOCK((struct pipe *)fp->f_data);
2748
2749 proc_fdlock(p);
2750
2751 return(EINVAL);
2752 }
2753 EVPROCDEQUE(p, evq);
2754
2755 #if SOCKETS
2756 if (fp->f_type == DTYPE_SOCKET) {
2757 TAILQ_REMOVE(&((struct socket *)fp->f_data)->so_evlist, evq, ee_slist);
2758 socket_unlock((struct socket *)fp->f_data, 1);
2759 } else
2760 #endif /* SOCKETS */
2761 {
2762 TAILQ_REMOVE(&((struct pipe *)fp->f_data)->pipe_evlist, evq, ee_slist);
2763 PIPE_UNLOCK((struct pipe *)fp->f_data);
2764 }
2765 FREE(evq, M_TEMP);
2766
2767 proc_fdlock(p);
2768
2769 return(0);
2770 }
2771
2772
2773 /*
2774 * gethostuuid
2775 *
2776 * Description: Get the host UUID from IOKit and return it to user space.
2777 *
2778 * Parameters: uuid_buf Pointer to buffer to receive UUID
2779 * timeout Timespec for timout
2780 * spi SPI, skip sandbox check (temporary)
2781 *
2782 * Returns: 0 Success
2783 * EWOULDBLOCK Timeout is too short
2784 * copyout:EFAULT Bad user buffer
2785 * mac_system_check_info:EPERM Client not allowed to perform this operation
2786 *
2787 * Notes: A timeout seems redundant, since if it's tolerable to not
2788 * have a system UUID in hand, then why ask for one?
2789 */
2790 int
2791 gethostuuid(struct proc *p, struct gethostuuid_args *uap, __unused int32_t *retval)
2792 {
2793 kern_return_t kret;
2794 int error;
2795 mach_timespec_t mach_ts; /* for IOKit call */
2796 __darwin_uuid_t uuid_kern; /* for IOKit call */
2797
2798 if (!uap->spi) {
2799 }
2800
2801 /* Convert the 32/64 bit timespec into a mach_timespec_t */
2802 if ( proc_is64bit(p) ) {
2803 struct user64_timespec ts;
2804 error = copyin(uap->timeoutp, &ts, sizeof(ts));
2805 if (error)
2806 return (error);
2807 mach_ts.tv_sec = ts.tv_sec;
2808 mach_ts.tv_nsec = ts.tv_nsec;
2809 } else {
2810 struct user32_timespec ts;
2811 error = copyin(uap->timeoutp, &ts, sizeof(ts) );
2812 if (error)
2813 return (error);
2814 mach_ts.tv_sec = ts.tv_sec;
2815 mach_ts.tv_nsec = ts.tv_nsec;
2816 }
2817
2818 /* Call IOKit with the stack buffer to get the UUID */
2819 kret = IOBSDGetPlatformUUID(uuid_kern, mach_ts);
2820
2821 /*
2822 * If we get it, copy out the data to the user buffer; note that a
2823 * uuid_t is an array of characters, so this is size invariant for
2824 * 32 vs. 64 bit.
2825 */
2826 if (kret == KERN_SUCCESS) {
2827 error = copyout(uuid_kern, uap->uuid_buf, sizeof(uuid_kern));
2828 } else {
2829 error = EWOULDBLOCK;
2830 }
2831
2832 return (error);
2833 }
2834
2835 /*
2836 * ledger
2837 *
2838 * Description: Omnibus system call for ledger operations
2839 */
2840 int
2841 ledger(struct proc *p, struct ledger_args *args, __unused int32_t *retval)
2842 {
2843 #if !CONFIG_MACF
2844 #pragma unused(p)
2845 #endif
2846 int rval, pid, len, error;
2847 #ifdef LEDGER_DEBUG
2848 struct ledger_limit_args lla;
2849 #endif
2850 task_t task;
2851 proc_t proc;
2852
2853 /* Finish copying in the necessary args before taking the proc lock */
2854 error = 0;
2855 len = 0;
2856 if (args->cmd == LEDGER_ENTRY_INFO)
2857 error = copyin(args->arg3, (char *)&len, sizeof (len));
2858 else if (args->cmd == LEDGER_TEMPLATE_INFO)
2859 error = copyin(args->arg2, (char *)&len, sizeof (len));
2860 #ifdef LEDGER_DEBUG
2861 else if (args->cmd == LEDGER_LIMIT)
2862 error = copyin(args->arg2, (char *)&lla, sizeof (lla));
2863 #endif
2864 if (error)
2865 return (error);
2866 if (len < 0)
2867 return (EINVAL);
2868
2869 rval = 0;
2870 if (args->cmd != LEDGER_TEMPLATE_INFO) {
2871 pid = args->arg1;
2872 proc = proc_find(pid);
2873 if (proc == NULL)
2874 return (ESRCH);
2875
2876 #if CONFIG_MACF
2877 error = mac_proc_check_ledger(p, proc, args->cmd);
2878 if (error) {
2879 proc_rele(proc);
2880 return (error);
2881 }
2882 #endif
2883
2884 task = proc->task;
2885 }
2886
2887 switch (args->cmd) {
2888 #ifdef LEDGER_DEBUG
2889 case LEDGER_LIMIT: {
2890 if (!kauth_cred_issuser(kauth_cred_get()))
2891 rval = EPERM;
2892 rval = ledger_limit(task, &lla);
2893 proc_rele(proc);
2894 break;
2895 }
2896 #endif
2897 case LEDGER_INFO: {
2898 struct ledger_info info;
2899
2900 rval = ledger_info(task, &info);
2901 proc_rele(proc);
2902 if (rval == 0)
2903 rval = copyout(&info, args->arg2,
2904 sizeof (info));
2905 break;
2906 }
2907
2908 case LEDGER_ENTRY_INFO: {
2909 void *buf;
2910 int sz;
2911
2912 rval = ledger_get_task_entry_info_multiple(task, &buf, &len);
2913 proc_rele(proc);
2914 if ((rval == 0) && (len > 0)) {
2915 sz = len * sizeof (struct ledger_entry_info);
2916 rval = copyout(buf, args->arg2, sz);
2917 kfree(buf, sz);
2918 }
2919 if (rval == 0)
2920 rval = copyout(&len, args->arg3, sizeof (len));
2921 break;
2922 }
2923
2924 case LEDGER_TEMPLATE_INFO: {
2925 void *buf;
2926 int sz;
2927
2928 rval = ledger_template_info(&buf, &len);
2929 if ((rval == 0) && (len > 0)) {
2930 sz = len * sizeof (struct ledger_template_info);
2931 rval = copyout(buf, args->arg1, sz);
2932 kfree(buf, sz);
2933 }
2934 if (rval == 0)
2935 rval = copyout(&len, args->arg2, sizeof (len));
2936 break;
2937 }
2938
2939 default:
2940 rval = EINVAL;
2941 }
2942
2943 return (rval);
2944 }
2945
2946 int
2947 telemetry(__unused struct proc *p, struct telemetry_args *args, __unused int32_t *retval)
2948 {
2949 int error = 0;
2950
2951 switch (args->cmd) {
2952 #if CONFIG_TELEMETRY
2953 case TELEMETRY_CMD_TIMER_EVENT:
2954 error = telemetry_timer_event(args->deadline, args->interval, args->leeway);
2955 break;
2956 #endif /* CONFIG_TELEMETRY */
2957 case TELEMETRY_CMD_VOUCHER_NAME:
2958 if (thread_set_voucher_name((mach_port_name_t)args->deadline))
2959 error = EINVAL;
2960 break;
2961
2962 default:
2963 error = EINVAL;
2964 break;
2965 }
2966
2967 return (error);
2968 }
mirror of XNU