1 /* 2 * Copyright (c) 1982, 1986, 1989, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)kern_descrip.c 8.6 (Berkeley) 4/19/94 39 * $FreeBSD$ 40 */ 41 42 #include "opt_compat.h" 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/sysproto.h> 46 #include <sys/conf.h> 47 #include <sys/filedesc.h> 48 #include <sys/kernel.h> 49 #include <sys/sysctl.h> 50 #include <sys/vnode.h> 51 #include <sys/proc.h> 52 #include <sys/file.h> 53 #include <sys/stat.h> 54 #include <sys/filio.h> 55 #include <sys/fcntl.h> 56 #include <sys/malloc.h> 57 #include <sys/unistd.h> 58 #include <sys/resourcevar.h> 59 60 #include <vm/vm.h> 61 #include <vm/vm_extern.h> 62 63 static MALLOC_DEFINE(M_FILEDESC, "file desc", "Open file descriptor table"); 64 MALLOC_DEFINE(M_FILE, "file", "Open file structure"); 65 static MALLOC_DEFINE(M_SIGIO, "sigio", "sigio structures"); 66 67 static d_open_t fdopen; 68 #define NUMFDESC 64 69 70 #define CDEV_MAJOR 22 71 static struct cdevsw fildesc_cdevsw = { 72 /* open */ fdopen, 73 /* close */ noclose, 74 /* read */ noread, 75 /* write */ nowrite, 76 /* ioctl */ noioctl, 77 /* poll */ nopoll, 78 /* mmap */ nommap, 79 /* strategy */ nostrategy, 80 /* name */ "FD", 81 /* maj */ CDEV_MAJOR, 82 /* dump */ nodump, 83 /* psize */ nopsize, 84 /* flags */ 0, 85 /* bmaj */ -1 86 }; 87 88 static int finishdup __P((struct filedesc *fdp, int old, int new, register_t *retval)); 89 static int badfo_readwrite __P((struct file *fp, struct uio *uio, 90 struct ucred *cred, int flags, struct proc *p)); 91 static int badfo_ioctl __P((struct file *fp, u_long com, caddr_t data, 92 struct proc *p)); 93 static int badfo_poll __P((struct file *fp, int events, 94 struct ucred *cred, struct proc *p)); 95 static int badfo_stat __P((struct file *fp, struct stat *sb, struct proc *p)); 96 static int badfo_close __P((struct file *fp, struct proc *p)); 97 98 /* 99 * Descriptor management. 100 */ 101 struct filelist filehead; /* head of list of open files */ 102 int nfiles; /* actual number of open files */ 103 extern int cmask; 104 105 /* 106 * System calls on descriptors. 107 */ 108 #ifndef _SYS_SYSPROTO_H_ 109 struct getdtablesize_args { 110 int dummy; 111 }; 112 #endif 113 /* ARGSUSED */ 114 int 115 getdtablesize(p, uap) 116 struct proc *p; 117 struct getdtablesize_args *uap; 118 { 119 120 p->p_retval[0] = 121 min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 122 return (0); 123 } 124 125 /* 126 * Duplicate a file descriptor to a particular value. 127 */ 128 #ifndef _SYS_SYSPROTO_H_ 129 struct dup2_args { 130 u_int from; 131 u_int to; 132 }; 133 #endif 134 /* ARGSUSED */ 135 int 136 dup2(p, uap) 137 struct proc *p; 138 struct dup2_args *uap; 139 { 140 register struct filedesc *fdp = p->p_fd; 141 register u_int old = uap->from, new = uap->to; 142 int i, error; 143 144 if (old >= fdp->fd_nfiles || 145 fdp->fd_ofiles[old] == NULL || 146 new >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur || 147 new >= maxfilesperproc) 148 return (EBADF); 149 if (old == new) { 150 p->p_retval[0] = new; 151 return (0); 152 } 153 if (new >= fdp->fd_nfiles) { 154 if ((error = fdalloc(p, new, &i))) 155 return (error); 156 if (new != i) 157 panic("dup2: fdalloc"); 158 } else if (fdp->fd_ofiles[new]) { 159 if (fdp->fd_ofileflags[new] & UF_MAPPED) 160 (void) munmapfd(p, new); 161 /* 162 * dup2() must succeed even if the close has an error. 163 */ 164 (void) closef(fdp->fd_ofiles[new], p); 165 } 166 return (finishdup(fdp, (int)old, (int)new, p->p_retval)); 167 } 168 169 /* 170 * Duplicate a file descriptor. 171 */ 172 #ifndef _SYS_SYSPROTO_H_ 173 struct dup_args { 174 u_int fd; 175 }; 176 #endif 177 /* ARGSUSED */ 178 int 179 dup(p, uap) 180 struct proc *p; 181 struct dup_args *uap; 182 { 183 register struct filedesc *fdp; 184 u_int old; 185 int new, error; 186 187 old = uap->fd; 188 fdp = p->p_fd; 189 if (old >= fdp->fd_nfiles || fdp->fd_ofiles[old] == NULL) 190 return (EBADF); 191 if ((error = fdalloc(p, 0, &new))) 192 return (error); 193 return (finishdup(fdp, (int)old, new, p->p_retval)); 194 } 195 196 /* 197 * The file control system call. 198 */ 199 #ifndef _SYS_SYSPROTO_H_ 200 struct fcntl_args { 201 int fd; 202 int cmd; 203 long arg; 204 }; 205 #endif 206 /* ARGSUSED */ 207 int 208 fcntl(p, uap) 209 struct proc *p; 210 register struct fcntl_args *uap; 211 { 212 register struct filedesc *fdp = p->p_fd; 213 register struct file *fp; 214 register char *pop; 215 struct vnode *vp; 216 int i, tmp, error, flg = F_POSIX; 217 struct flock fl; 218 u_int newmin; 219 220 if ((unsigned)uap->fd >= fdp->fd_nfiles || 221 (fp = fdp->fd_ofiles[uap->fd]) == NULL) 222 return (EBADF); 223 pop = &fdp->fd_ofileflags[uap->fd]; 224 switch (uap->cmd) { 225 226 case F_DUPFD: 227 newmin = uap->arg; 228 if (newmin >= p->p_rlimit[RLIMIT_NOFILE].rlim_cur || 229 newmin >= maxfilesperproc) 230 return (EINVAL); 231 if ((error = fdalloc(p, newmin, &i))) 232 return (error); 233 return (finishdup(fdp, uap->fd, i, p->p_retval)); 234 235 case F_GETFD: 236 p->p_retval[0] = *pop & 1; 237 return (0); 238 239 case F_SETFD: 240 *pop = (*pop &~ 1) | (uap->arg & 1); 241 return (0); 242 243 case F_GETFL: 244 p->p_retval[0] = OFLAGS(fp->f_flag); 245 return (0); 246 247 case F_SETFL: 248 fp->f_flag &= ~FCNTLFLAGS; 249 fp->f_flag |= FFLAGS(uap->arg & ~O_ACCMODE) & FCNTLFLAGS; 250 tmp = fp->f_flag & FNONBLOCK; 251 error = fo_ioctl(fp, FIONBIO, (caddr_t)&tmp, p); 252 if (error) 253 return (error); 254 tmp = fp->f_flag & FASYNC; 255 error = fo_ioctl(fp, FIOASYNC, (caddr_t)&tmp, p); 256 if (!error) 257 return (0); 258 fp->f_flag &= ~FNONBLOCK; 259 tmp = 0; 260 (void)fo_ioctl(fp, FIONBIO, (caddr_t)&tmp, p); 261 return (error); 262 263 case F_GETOWN: 264 return (fo_ioctl(fp, FIOGETOWN, (caddr_t)p->p_retval, p)); 265 266 case F_SETOWN: 267 return (fo_ioctl(fp, FIOSETOWN, (caddr_t)&uap->arg, p)); 268 269 case F_SETLKW: 270 flg |= F_WAIT; 271 /* Fall into F_SETLK */ 272 273 case F_SETLK: 274 if (fp->f_type != DTYPE_VNODE) 275 return (EBADF); 276 vp = (struct vnode *)fp->f_data; 277 /* Copy in the lock structure */ 278 error = copyin((caddr_t)(intptr_t)uap->arg, (caddr_t)&fl, 279 sizeof(fl)); 280 if (error) 281 return (error); 282 if (fl.l_whence == SEEK_CUR) 283 fl.l_start += fp->f_offset; 284 switch (fl.l_type) { 285 286 case F_RDLCK: 287 if ((fp->f_flag & FREAD) == 0) 288 return (EBADF); 289 p->p_flag |= P_ADVLOCK; 290 return (VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK, &fl, flg)); 291 292 case F_WRLCK: 293 if ((fp->f_flag & FWRITE) == 0) 294 return (EBADF); 295 p->p_flag |= P_ADVLOCK; 296 return (VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK, &fl, flg)); 297 298 case F_UNLCK: 299 return (VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_UNLCK, &fl, 300 F_POSIX)); 301 302 default: 303 return (EINVAL); 304 } 305 306 case F_GETLK: 307 if (fp->f_type != DTYPE_VNODE) 308 return (EBADF); 309 vp = (struct vnode *)fp->f_data; 310 /* Copy in the lock structure */ 311 error = copyin((caddr_t)(intptr_t)uap->arg, (caddr_t)&fl, 312 sizeof(fl)); 313 if (error) 314 return (error); 315 if (fl.l_type != F_RDLCK && fl.l_type != F_WRLCK && 316 fl.l_type != F_UNLCK) 317 return (EINVAL); 318 if (fl.l_whence == SEEK_CUR) 319 fl.l_start += fp->f_offset; 320 if ((error = VOP_ADVLOCK(vp,(caddr_t)p->p_leader,F_GETLK,&fl,F_POSIX))) 321 return (error); 322 return (copyout((caddr_t)&fl, (caddr_t)(intptr_t)uap->arg, 323 sizeof(fl))); 324 325 default: 326 return (EINVAL); 327 } 328 /* NOTREACHED */ 329 } 330 331 /* 332 * Common code for dup, dup2, and fcntl(F_DUPFD). 333 */ 334 static int 335 finishdup(fdp, old, new, retval) 336 register struct filedesc *fdp; 337 register int old, new; 338 register_t *retval; 339 { 340 register struct file *fp; 341 342 fp = fdp->fd_ofiles[old]; 343 fdp->fd_ofiles[new] = fp; 344 fdp->fd_ofileflags[new] = fdp->fd_ofileflags[old] &~ UF_EXCLOSE; 345 fhold(fp); 346 if (new > fdp->fd_lastfile) 347 fdp->fd_lastfile = new; 348 *retval = new; 349 return (0); 350 } 351 352 /* 353 * If sigio is on the list associated with a process or process group, 354 * disable signalling from the device, remove sigio from the list and 355 * free sigio. 356 */ 357 void 358 funsetown(sigio) 359 struct sigio *sigio; 360 { 361 int s; 362 363 if (sigio == NULL) 364 return; 365 s = splhigh(); 366 *(sigio->sio_myref) = NULL; 367 splx(s); 368 if (sigio->sio_pgid < 0) { 369 SLIST_REMOVE(&sigio->sio_pgrp->pg_sigiolst, sigio, 370 sigio, sio_pgsigio); 371 } else /* if ((*sigiop)->sio_pgid > 0) */ { 372 SLIST_REMOVE(&sigio->sio_proc->p_sigiolst, sigio, 373 sigio, sio_pgsigio); 374 } 375 crfree(sigio->sio_ucred); 376 FREE(sigio, M_SIGIO); 377 } 378 379 /* Free a list of sigio structures. */ 380 void 381 funsetownlst(sigiolst) 382 struct sigiolst *sigiolst; 383 { 384 struct sigio *sigio; 385 386 while ((sigio = SLIST_FIRST(sigiolst)) != NULL) 387 funsetown(sigio); 388 } 389 390 /* 391 * This is common code for FIOSETOWN ioctl called by fcntl(fd, F_SETOWN, arg). 392 * 393 * After permission checking, add a sigio structure to the sigio list for 394 * the process or process group. 395 */ 396 int 397 fsetown(pgid, sigiop) 398 pid_t pgid; 399 struct sigio **sigiop; 400 { 401 struct proc *proc; 402 struct pgrp *pgrp; 403 struct sigio *sigio; 404 int s; 405 406 if (pgid == 0) { 407 funsetown(*sigiop); 408 return (0); 409 } 410 if (pgid > 0) { 411 proc = pfind(pgid); 412 if (proc == NULL) 413 return (ESRCH); 414 415 /* 416 * Policy - Don't allow a process to FSETOWN a process 417 * in another session. 418 * 419 * Remove this test to allow maximum flexibility or 420 * restrict FSETOWN to the current process or process 421 * group for maximum safety. 422 */ 423 if (proc->p_session != curproc->p_session) 424 return (EPERM); 425 426 pgrp = NULL; 427 } else /* if (pgid < 0) */ { 428 pgrp = pgfind(-pgid); 429 if (pgrp == NULL) 430 return (ESRCH); 431 432 /* 433 * Policy - Don't allow a process to FSETOWN a process 434 * in another session. 435 * 436 * Remove this test to allow maximum flexibility or 437 * restrict FSETOWN to the current process or process 438 * group for maximum safety. 439 */ 440 if (pgrp->pg_session != curproc->p_session) 441 return (EPERM); 442 443 proc = NULL; 444 } 445 funsetown(*sigiop); 446 MALLOC(sigio, struct sigio *, sizeof(struct sigio), M_SIGIO, M_WAITOK); 447 if (pgid > 0) { 448 SLIST_INSERT_HEAD(&proc->p_sigiolst, sigio, sio_pgsigio); 449 sigio->sio_proc = proc; 450 } else { 451 SLIST_INSERT_HEAD(&pgrp->pg_sigiolst, sigio, sio_pgsigio); 452 sigio->sio_pgrp = pgrp; 453 } 454 sigio->sio_pgid = pgid; 455 crhold(curproc->p_ucred); 456 sigio->sio_ucred = curproc->p_ucred; 457 /* It would be convenient if p_ruid was in ucred. */ 458 sigio->sio_ruid = curproc->p_cred->p_ruid; 459 sigio->sio_myref = sigiop; 460 s = splhigh(); 461 *sigiop = sigio; 462 splx(s); 463 return (0); 464 } 465 466 /* 467 * This is common code for FIOGETOWN ioctl called by fcntl(fd, F_GETOWN, arg). 468 */ 469 pid_t 470 fgetown(sigio) 471 struct sigio *sigio; 472 { 473 return (sigio != NULL ? sigio->sio_pgid : 0); 474 } 475 476 /* 477 * Close a file descriptor. 478 */ 479 #ifndef _SYS_SYSPROTO_H_ 480 struct close_args { 481 int fd; 482 }; 483 #endif 484 /* ARGSUSED */ 485 int 486 close(p, uap) 487 struct proc *p; 488 struct close_args *uap; 489 { 490 register struct filedesc *fdp = p->p_fd; 491 register struct file *fp; 492 register int fd = uap->fd; 493 register u_char *pf; 494 495 if ((unsigned)fd >= fdp->fd_nfiles || 496 (fp = fdp->fd_ofiles[fd]) == NULL) 497 return (EBADF); 498 pf = (u_char *)&fdp->fd_ofileflags[fd]; 499 if (*pf & UF_MAPPED) 500 (void) munmapfd(p, fd); 501 fdp->fd_ofiles[fd] = NULL; 502 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 503 fdp->fd_lastfile--; 504 if (fd < fdp->fd_freefile) 505 fdp->fd_freefile = fd; 506 *pf = 0; 507 return (closef(fp, p)); 508 } 509 510 #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 511 /* 512 * Return status information about a file descriptor. 513 */ 514 #ifndef _SYS_SYSPROTO_H_ 515 struct ofstat_args { 516 int fd; 517 struct ostat *sb; 518 }; 519 #endif 520 /* ARGSUSED */ 521 int 522 ofstat(p, uap) 523 struct proc *p; 524 register struct ofstat_args *uap; 525 { 526 register struct filedesc *fdp = p->p_fd; 527 register struct file *fp; 528 struct stat ub; 529 struct ostat oub; 530 int error; 531 532 if ((unsigned)uap->fd >= fdp->fd_nfiles || 533 (fp = fdp->fd_ofiles[uap->fd]) == NULL) 534 return (EBADF); 535 error = fo_stat(fp, &ub, p); 536 if (error == 0) { 537 cvtstat(&ub, &oub); 538 error = copyout((caddr_t)&oub, (caddr_t)uap->sb, sizeof (oub)); 539 } 540 return (error); 541 } 542 #endif /* COMPAT_43 || COMPAT_SUNOS */ 543 544 /* 545 * Return status information about a file descriptor. 546 */ 547 #ifndef _SYS_SYSPROTO_H_ 548 struct fstat_args { 549 int fd; 550 struct stat *sb; 551 }; 552 #endif 553 /* ARGSUSED */ 554 int 555 fstat(p, uap) 556 struct proc *p; 557 register struct fstat_args *uap; 558 { 559 register struct filedesc *fdp = p->p_fd; 560 register struct file *fp; 561 struct stat ub; 562 int error; 563 564 if ((unsigned)uap->fd >= fdp->fd_nfiles || 565 (fp = fdp->fd_ofiles[uap->fd]) == NULL) 566 return (EBADF); 567 error = fo_stat(fp, &ub, p); 568 if (error == 0) 569 error = copyout((caddr_t)&ub, (caddr_t)uap->sb, sizeof (ub)); 570 return (error); 571 } 572 573 /* 574 * Return status information about a file descriptor. 575 */ 576 #ifndef _SYS_SYSPROTO_H_ 577 struct nfstat_args { 578 int fd; 579 struct nstat *sb; 580 }; 581 #endif 582 /* ARGSUSED */ 583 int 584 nfstat(p, uap) 585 struct proc *p; 586 register struct nfstat_args *uap; 587 { 588 register struct filedesc *fdp = p->p_fd; 589 register struct file *fp; 590 struct stat ub; 591 struct nstat nub; 592 int error; 593 594 if ((unsigned)uap->fd >= fdp->fd_nfiles || 595 (fp = fdp->fd_ofiles[uap->fd]) == NULL) 596 return (EBADF); 597 error = fo_stat(fp, &ub, p); 598 if (error == 0) { 599 cvtnstat(&ub, &nub); 600 error = copyout((caddr_t)&nub, (caddr_t)uap->sb, sizeof (nub)); 601 } 602 return (error); 603 } 604 605 /* 606 * Return pathconf information about a file descriptor. 607 */ 608 #ifndef _SYS_SYSPROTO_H_ 609 struct fpathconf_args { 610 int fd; 611 int name; 612 }; 613 #endif 614 /* ARGSUSED */ 615 int 616 fpathconf(p, uap) 617 struct proc *p; 618 register struct fpathconf_args *uap; 619 { 620 struct filedesc *fdp = p->p_fd; 621 struct file *fp; 622 struct vnode *vp; 623 624 if ((unsigned)uap->fd >= fdp->fd_nfiles || 625 (fp = fdp->fd_ofiles[uap->fd]) == NULL) 626 return (EBADF); 627 switch (fp->f_type) { 628 629 case DTYPE_PIPE: 630 case DTYPE_SOCKET: 631 if (uap->name != _PC_PIPE_BUF) 632 return (EINVAL); 633 p->p_retval[0] = PIPE_BUF; 634 return (0); 635 636 case DTYPE_FIFO: 637 case DTYPE_VNODE: 638 vp = (struct vnode *)fp->f_data; 639 return (VOP_PATHCONF(vp, uap->name, p->p_retval)); 640 641 default: 642 panic("fpathconf"); 643 } 644 /*NOTREACHED*/ 645 } 646 647 /* 648 * Allocate a file descriptor for the process. 649 */ 650 static int fdexpand; 651 SYSCTL_INT(_debug, OID_AUTO, fdexpand, CTLFLAG_RD, &fdexpand, 0, ""); 652 653 int 654 fdalloc(p, want, result) 655 struct proc *p; 656 int want; 657 int *result; 658 { 659 register struct filedesc *fdp = p->p_fd; 660 register int i; 661 int lim, last, nfiles; 662 struct file **newofile; 663 char *newofileflags; 664 665 /* 666 * Search for a free descriptor starting at the higher 667 * of want or fd_freefile. If that fails, consider 668 * expanding the ofile array. 669 */ 670 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 671 for (;;) { 672 last = min(fdp->fd_nfiles, lim); 673 if ((i = want) < fdp->fd_freefile) 674 i = fdp->fd_freefile; 675 for (; i < last; i++) { 676 if (fdp->fd_ofiles[i] == NULL) { 677 fdp->fd_ofileflags[i] = 0; 678 if (i > fdp->fd_lastfile) 679 fdp->fd_lastfile = i; 680 if (want <= fdp->fd_freefile) 681 fdp->fd_freefile = i; 682 *result = i; 683 return (0); 684 } 685 } 686 687 /* 688 * No space in current array. Expand? 689 */ 690 if (fdp->fd_nfiles >= lim) 691 return (EMFILE); 692 if (fdp->fd_nfiles < NDEXTENT) 693 nfiles = NDEXTENT; 694 else 695 nfiles = 2 * fdp->fd_nfiles; 696 MALLOC(newofile, struct file **, nfiles * OFILESIZE, 697 M_FILEDESC, M_WAITOK); 698 newofileflags = (char *) &newofile[nfiles]; 699 /* 700 * Copy the existing ofile and ofileflags arrays 701 * and zero the new portion of each array. 702 */ 703 bcopy(fdp->fd_ofiles, newofile, 704 (i = sizeof(struct file *) * fdp->fd_nfiles)); 705 bzero((char *)newofile + i, nfiles * sizeof(struct file *) - i); 706 bcopy(fdp->fd_ofileflags, newofileflags, 707 (i = sizeof(char) * fdp->fd_nfiles)); 708 bzero(newofileflags + i, nfiles * sizeof(char) - i); 709 if (fdp->fd_nfiles > NDFILE) 710 FREE(fdp->fd_ofiles, M_FILEDESC); 711 fdp->fd_ofiles = newofile; 712 fdp->fd_ofileflags = newofileflags; 713 fdp->fd_nfiles = nfiles; 714 fdexpand++; 715 } 716 return (0); 717 } 718 719 /* 720 * Check to see whether n user file descriptors 721 * are available to the process p. 722 */ 723 int 724 fdavail(p, n) 725 struct proc *p; 726 register int n; 727 { 728 register struct filedesc *fdp = p->p_fd; 729 register struct file **fpp; 730 register int i, lim, last; 731 732 lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 733 if ((i = lim - fdp->fd_nfiles) > 0 && (n -= i) <= 0) 734 return (1); 735 736 last = min(fdp->fd_nfiles, lim); 737 fpp = &fdp->fd_ofiles[fdp->fd_freefile]; 738 for (i = last - fdp->fd_freefile; --i >= 0; fpp++) 739 if (*fpp == NULL && --n <= 0) 740 return (1); 741 return (0); 742 } 743 744 /* 745 * Create a new open file structure and allocate 746 * a file decriptor for the process that refers to it. 747 */ 748 int 749 falloc(p, resultfp, resultfd) 750 register struct proc *p; 751 struct file **resultfp; 752 int *resultfd; 753 { 754 register struct file *fp, *fq; 755 int error, i; 756 757 if ((error = fdalloc(p, 0, &i))) 758 return (error); 759 if (nfiles >= maxfiles) { 760 tablefull("file"); 761 return (ENFILE); 762 } 763 /* 764 * Allocate a new file descriptor. 765 * If the process has file descriptor zero open, add to the list 766 * of open files at that point, otherwise put it at the front of 767 * the list of open files. 768 */ 769 nfiles++; 770 MALLOC(fp, struct file *, sizeof(struct file), M_FILE, M_WAITOK); 771 bzero(fp, sizeof(struct file)); 772 fp->f_count = 1; 773 fp->f_cred = p->p_ucred; 774 fp->f_ops = &badfileops; 775 fp->f_seqcount = 1; 776 crhold(fp->f_cred); 777 if ((fq = p->p_fd->fd_ofiles[0])) { 778 LIST_INSERT_AFTER(fq, fp, f_list); 779 } else { 780 LIST_INSERT_HEAD(&filehead, fp, f_list); 781 } 782 p->p_fd->fd_ofiles[i] = fp; 783 if (resultfp) 784 *resultfp = fp; 785 if (resultfd) 786 *resultfd = i; 787 return (0); 788 } 789 790 /* 791 * Free a file descriptor. 792 */ 793 void 794 ffree(fp) 795 register struct file *fp; 796 { 797 LIST_REMOVE(fp, f_list); 798 crfree(fp->f_cred); 799 #if defined(DIAGNOSTIC) || defined(INVARIANTS) 800 fp->f_count = 0; 801 #endif 802 nfiles--; 803 FREE(fp, M_FILE); 804 } 805 806 /* 807 * Build a new filedesc structure. 808 */ 809 struct filedesc * 810 fdinit(p) 811 struct proc *p; 812 { 813 register struct filedesc0 *newfdp; 814 register struct filedesc *fdp = p->p_fd; 815 816 MALLOC(newfdp, struct filedesc0 *, sizeof(struct filedesc0), 817 M_FILEDESC, M_WAITOK); 818 bzero(newfdp, sizeof(struct filedesc0)); 819 newfdp->fd_fd.fd_cdir = fdp->fd_cdir; 820 VREF(newfdp->fd_fd.fd_cdir); 821 newfdp->fd_fd.fd_rdir = fdp->fd_rdir; 822 VREF(newfdp->fd_fd.fd_rdir); 823 newfdp->fd_fd.fd_jdir = fdp->fd_jdir; 824 if (newfdp->fd_fd.fd_jdir) 825 VREF(newfdp->fd_fd.fd_jdir); 826 827 /* Create the file descriptor table. */ 828 newfdp->fd_fd.fd_refcnt = 1; 829 newfdp->fd_fd.fd_cmask = cmask; 830 newfdp->fd_fd.fd_ofiles = newfdp->fd_dfiles; 831 newfdp->fd_fd.fd_ofileflags = newfdp->fd_dfileflags; 832 newfdp->fd_fd.fd_nfiles = NDFILE; 833 834 newfdp->fd_fd.fd_freefile = 0; 835 newfdp->fd_fd.fd_lastfile = 0; 836 837 return (&newfdp->fd_fd); 838 } 839 840 /* 841 * Share a filedesc structure. 842 */ 843 struct filedesc * 844 fdshare(p) 845 struct proc *p; 846 { 847 p->p_fd->fd_refcnt++; 848 return (p->p_fd); 849 } 850 851 /* 852 * Copy a filedesc structure. 853 */ 854 struct filedesc * 855 fdcopy(p) 856 struct proc *p; 857 { 858 register struct filedesc *newfdp, *fdp = p->p_fd; 859 register struct file **fpp; 860 register int i; 861 862 /* Certain daemons might not have file descriptors. */ 863 if (fdp == NULL) 864 return (NULL); 865 866 MALLOC(newfdp, struct filedesc *, sizeof(struct filedesc0), 867 M_FILEDESC, M_WAITOK); 868 bcopy(fdp, newfdp, sizeof(struct filedesc)); 869 VREF(newfdp->fd_cdir); 870 VREF(newfdp->fd_rdir); 871 if (newfdp->fd_jdir) 872 VREF(newfdp->fd_jdir); 873 newfdp->fd_refcnt = 1; 874 875 /* 876 * If the number of open files fits in the internal arrays 877 * of the open file structure, use them, otherwise allocate 878 * additional memory for the number of descriptors currently 879 * in use. 880 */ 881 if (newfdp->fd_lastfile < NDFILE) { 882 newfdp->fd_ofiles = ((struct filedesc0 *) newfdp)->fd_dfiles; 883 newfdp->fd_ofileflags = 884 ((struct filedesc0 *) newfdp)->fd_dfileflags; 885 i = NDFILE; 886 } else { 887 /* 888 * Compute the smallest multiple of NDEXTENT needed 889 * for the file descriptors currently in use, 890 * allowing the table to shrink. 891 */ 892 i = newfdp->fd_nfiles; 893 while (i > 2 * NDEXTENT && i > newfdp->fd_lastfile * 2) 894 i /= 2; 895 MALLOC(newfdp->fd_ofiles, struct file **, i * OFILESIZE, 896 M_FILEDESC, M_WAITOK); 897 newfdp->fd_ofileflags = (char *) &newfdp->fd_ofiles[i]; 898 } 899 newfdp->fd_nfiles = i; 900 bcopy(fdp->fd_ofiles, newfdp->fd_ofiles, i * sizeof(struct file **)); 901 bcopy(fdp->fd_ofileflags, newfdp->fd_ofileflags, i * sizeof(char)); 902 fpp = newfdp->fd_ofiles; 903 for (i = newfdp->fd_lastfile; i-- >= 0; fpp++) 904 if (*fpp != NULL) 905 fhold(*fpp); 906 return (newfdp); 907 } 908 909 /* 910 * Release a filedesc structure. 911 */ 912 void 913 fdfree(p) 914 struct proc *p; 915 { 916 register struct filedesc *fdp = p->p_fd; 917 struct file **fpp; 918 register int i; 919 920 /* Certain daemons might not have file descriptors. */ 921 if (fdp == NULL) 922 return; 923 924 if (--fdp->fd_refcnt > 0) 925 return; 926 fpp = fdp->fd_ofiles; 927 for (i = fdp->fd_lastfile; i-- >= 0; fpp++) 928 if (*fpp) 929 (void) closef(*fpp, p); 930 if (fdp->fd_nfiles > NDFILE) 931 FREE(fdp->fd_ofiles, M_FILEDESC); 932 vrele(fdp->fd_cdir); 933 vrele(fdp->fd_rdir); 934 if (fdp->fd_jdir) 935 vrele(fdp->fd_jdir); 936 FREE(fdp, M_FILEDESC); 937 } 938 939 /* 940 * For setugid programs, we don't want to people to use that setugidness 941 * to generate error messages which write to a file which otherwise would 942 * otherwise be off-limits to the process. 943 * 944 * This is a gross hack to plug the hole. A better solution would involve 945 * a special vop or other form of generalized access control mechanism. We 946 * go ahead and just reject all procfs file systems accesses as dangerous. 947 * 948 * Since setugidsafety calls this only for fd 0, 1 and 2, this check is 949 * sufficient. We also don't for check setugidness since we know we are. 950 */ 951 static int 952 is_unsafe(struct file *fp) 953 { 954 if (fp->f_type == DTYPE_VNODE && 955 ((struct vnode *)(fp->f_data))->v_tag == VT_PROCFS) 956 return (1); 957 return (0); 958 } 959 960 /* 961 * Make this setguid thing safe, if at all possible. 962 */ 963 void 964 setugidsafety(p) 965 struct proc *p; 966 { 967 struct filedesc *fdp = p->p_fd; 968 struct file **fpp; 969 char *fdfp; 970 register int i; 971 972 /* Certain daemons might not have file descriptors. */ 973 if (fdp == NULL) 974 return; 975 976 fpp = fdp->fd_ofiles; 977 fdfp = fdp->fd_ofileflags; 978 for (i = 0; i <= fdp->fd_lastfile; i++, fpp++, fdfp++) { 979 if (i > 2) 980 break; 981 if (*fpp != NULL && is_unsafe(*fpp)) { 982 if ((*fdfp & UF_MAPPED) != 0) 983 (void) munmapfd(p, i); 984 (void) closef(*fpp, p); 985 *fpp = NULL; 986 *fdfp = 0; 987 if (i < fdp->fd_freefile) 988 fdp->fd_freefile = i; 989 } 990 } 991 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 992 fdp->fd_lastfile--; 993 } 994 995 /* 996 * Close any files on exec? 997 */ 998 void 999 fdcloseexec(p) 1000 struct proc *p; 1001 { 1002 struct filedesc *fdp = p->p_fd; 1003 struct file **fpp; 1004 char *fdfp; 1005 register int i; 1006 1007 /* Certain daemons might not have file descriptors. */ 1008 if (fdp == NULL) 1009 return; 1010 1011 fpp = fdp->fd_ofiles; 1012 fdfp = fdp->fd_ofileflags; 1013 for (i = 0; i <= fdp->fd_lastfile; i++, fpp++, fdfp++) 1014 if (*fpp != NULL && (*fdfp & UF_EXCLOSE)) { 1015 if (*fdfp & UF_MAPPED) 1016 (void) munmapfd(p, i); 1017 (void) closef(*fpp, p); 1018 *fpp = NULL; 1019 *fdfp = 0; 1020 if (i < fdp->fd_freefile) 1021 fdp->fd_freefile = i; 1022 } 1023 while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 1024 fdp->fd_lastfile--; 1025 } 1026 1027 /* 1028 * Internal form of close. 1029 * Decrement reference count on file structure. 1030 * Note: p may be NULL when closing a file 1031 * that was being passed in a message. 1032 */ 1033 int 1034 closef(fp, p) 1035 register struct file *fp; 1036 register struct proc *p; 1037 { 1038 struct vnode *vp; 1039 struct flock lf; 1040 1041 if (fp == NULL) 1042 return (0); 1043 /* 1044 * POSIX record locking dictates that any close releases ALL 1045 * locks owned by this process. This is handled by setting 1046 * a flag in the unlock to free ONLY locks obeying POSIX 1047 * semantics, and not to free BSD-style file locks. 1048 * If the descriptor was in a message, POSIX-style locks 1049 * aren't passed with the descriptor. 1050 */ 1051 if (p && (p->p_flag & P_ADVLOCK) && fp->f_type == DTYPE_VNODE) { 1052 lf.l_whence = SEEK_SET; 1053 lf.l_start = 0; 1054 lf.l_len = 0; 1055 lf.l_type = F_UNLCK; 1056 vp = (struct vnode *)fp->f_data; 1057 (void) VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_UNLCK, &lf, F_POSIX); 1058 } 1059 return (fdrop(fp, p)); 1060 } 1061 1062 int 1063 fdrop(fp, p) 1064 struct file *fp; 1065 struct proc *p; 1066 { 1067 struct flock lf; 1068 struct vnode *vp; 1069 int error; 1070 1071 if (--fp->f_count > 0) 1072 return (0); 1073 if (fp->f_count < 0) 1074 panic("fdrop: count < 0"); 1075 if ((fp->f_flag & FHASLOCK) && fp->f_type == DTYPE_VNODE) { 1076 lf.l_whence = SEEK_SET; 1077 lf.l_start = 0; 1078 lf.l_len = 0; 1079 lf.l_type = F_UNLCK; 1080 vp = (struct vnode *)fp->f_data; 1081 (void) VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK); 1082 } 1083 if (fp->f_ops != &badfileops) 1084 error = fo_close(fp, p); 1085 else 1086 error = 0; 1087 ffree(fp); 1088 return (error); 1089 } 1090 1091 /* 1092 * Apply an advisory lock on a file descriptor. 1093 * 1094 * Just attempt to get a record lock of the requested type on 1095 * the entire file (l_whence = SEEK_SET, l_start = 0, l_len = 0). 1096 */ 1097 #ifndef _SYS_SYSPROTO_H_ 1098 struct flock_args { 1099 int fd; 1100 int how; 1101 }; 1102 #endif 1103 /* ARGSUSED */ 1104 int 1105 flock(p, uap) 1106 struct proc *p; 1107 register struct flock_args *uap; 1108 { 1109 register struct filedesc *fdp = p->p_fd; 1110 register struct file *fp; 1111 struct vnode *vp; 1112 struct flock lf; 1113 1114 if ((unsigned)uap->fd >= fdp->fd_nfiles || 1115 (fp = fdp->fd_ofiles[uap->fd]) == NULL) 1116 return (EBADF); 1117 if (fp->f_type != DTYPE_VNODE) 1118 return (EOPNOTSUPP); 1119 vp = (struct vnode *)fp->f_data; 1120 lf.l_whence = SEEK_SET; 1121 lf.l_start = 0; 1122 lf.l_len = 0; 1123 if (uap->how & LOCK_UN) { 1124 lf.l_type = F_UNLCK; 1125 fp->f_flag &= ~FHASLOCK; 1126 return (VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK)); 1127 } 1128 if (uap->how & LOCK_EX) 1129 lf.l_type = F_WRLCK; 1130 else if (uap->how & LOCK_SH) 1131 lf.l_type = F_RDLCK; 1132 else 1133 return (EBADF); 1134 fp->f_flag |= FHASLOCK; 1135 if (uap->how & LOCK_NB) 1136 return (VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf, F_FLOCK)); 1137 return (VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf, F_FLOCK|F_WAIT)); 1138 } 1139 1140 /* 1141 * File Descriptor pseudo-device driver (/dev/fd/). 1142 * 1143 * Opening minor device N dup()s the file (if any) connected to file 1144 * descriptor N belonging to the calling process. Note that this driver 1145 * consists of only the ``open()'' routine, because all subsequent 1146 * references to this file will be direct to the other driver. 1147 */ 1148 /* ARGSUSED */ 1149 static int 1150 fdopen(dev, mode, type, p) 1151 dev_t dev; 1152 int mode, type; 1153 struct proc *p; 1154 { 1155 1156 /* 1157 * XXX Kludge: set curproc->p_dupfd to contain the value of the 1158 * the file descriptor being sought for duplication. The error 1159 * return ensures that the vnode for this device will be released 1160 * by vn_open. Open will detect this special error and take the 1161 * actions in dupfdopen below. Other callers of vn_open or VOP_OPEN 1162 * will simply report the error. 1163 */ 1164 p->p_dupfd = minor(dev); 1165 return (ENODEV); 1166 } 1167 1168 /* 1169 * Duplicate the specified descriptor to a free descriptor. 1170 */ 1171 int 1172 dupfdopen(fdp, indx, dfd, mode, error) 1173 register struct filedesc *fdp; 1174 register int indx, dfd; 1175 int mode; 1176 int error; 1177 { 1178 register struct file *wfp; 1179 struct file *fp; 1180 1181 /* 1182 * If the to-be-dup'd fd number is greater than the allowed number 1183 * of file descriptors, or the fd to be dup'd has already been 1184 * closed, reject. Note, check for new == old is necessary as 1185 * falloc could allocate an already closed to-be-dup'd descriptor 1186 * as the new descriptor. 1187 */ 1188 fp = fdp->fd_ofiles[indx]; 1189 if ((u_int)dfd >= fdp->fd_nfiles || 1190 (wfp = fdp->fd_ofiles[dfd]) == NULL || fp == wfp) 1191 return (EBADF); 1192 1193 /* 1194 * There are two cases of interest here. 1195 * 1196 * For ENODEV simply dup (dfd) to file descriptor 1197 * (indx) and return. 1198 * 1199 * For ENXIO steal away the file structure from (dfd) and 1200 * store it in (indx). (dfd) is effectively closed by 1201 * this operation. 1202 * 1203 * Any other error code is just returned. 1204 */ 1205 switch (error) { 1206 case ENODEV: 1207 /* 1208 * Check that the mode the file is being opened for is a 1209 * subset of the mode of the existing descriptor. 1210 */ 1211 if (((mode & (FREAD|FWRITE)) | wfp->f_flag) != wfp->f_flag) 1212 return (EACCES); 1213 fdp->fd_ofiles[indx] = wfp; 1214 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd]; 1215 fhold(wfp); 1216 if (indx > fdp->fd_lastfile) 1217 fdp->fd_lastfile = indx; 1218 return (0); 1219 1220 case ENXIO: 1221 /* 1222 * Steal away the file pointer from dfd, and stuff it into indx. 1223 */ 1224 fdp->fd_ofiles[indx] = fdp->fd_ofiles[dfd]; 1225 fdp->fd_ofiles[dfd] = NULL; 1226 fdp->fd_ofileflags[indx] = fdp->fd_ofileflags[dfd]; 1227 fdp->fd_ofileflags[dfd] = 0; 1228 /* 1229 * Complete the clean up of the filedesc structure by 1230 * recomputing the various hints. 1231 */ 1232 if (indx > fdp->fd_lastfile) 1233 fdp->fd_lastfile = indx; 1234 else 1235 while (fdp->fd_lastfile > 0 && 1236 fdp->fd_ofiles[fdp->fd_lastfile] == NULL) 1237 fdp->fd_lastfile--; 1238 if (dfd < fdp->fd_freefile) 1239 fdp->fd_freefile = dfd; 1240 return (0); 1241 1242 default: 1243 return (error); 1244 } 1245 /* NOTREACHED */ 1246 } 1247 1248 /* 1249 * Get file structures. 1250 */ 1251 static int 1252 sysctl_kern_file SYSCTL_HANDLER_ARGS 1253 { 1254 int error; 1255 struct file *fp; 1256 1257 if (!req->oldptr) { 1258 /* 1259 * overestimate by 10 files 1260 */ 1261 return (SYSCTL_OUT(req, 0, sizeof(filehead) + 1262 (nfiles + 10) * sizeof(struct file))); 1263 } 1264 1265 error = SYSCTL_OUT(req, (caddr_t)&filehead, sizeof(filehead)); 1266 if (error) 1267 return (error); 1268 1269 /* 1270 * followed by an array of file structures 1271 */ 1272 LIST_FOREACH(fp, &filehead, f_list) { 1273 error = SYSCTL_OUT(req, (caddr_t)fp, sizeof (struct file)); 1274 if (error) 1275 return (error); 1276 } 1277 return (0); 1278 } 1279 1280 SYSCTL_PROC(_kern, KERN_FILE, file, CTLTYPE_OPAQUE|CTLFLAG_RD, 1281 0, 0, sysctl_kern_file, "S,file", "Entire file table"); 1282 1283 SYSCTL_INT(_kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW, 1284 &maxfilesperproc, 0, "Maximum files allowed open per process"); 1285 1286 SYSCTL_INT(_kern, KERN_MAXFILES, maxfiles, CTLFLAG_RW, 1287 &maxfiles, 0, "Maximum number of files"); 1288 1289 static void 1290 fildesc_drvinit(void *unused) 1291 { 1292 int fd; 1293 1294 for (fd = 0; fd < NUMFDESC; fd++) 1295 make_dev(&fildesc_cdevsw, fd, 1296 UID_BIN, GID_BIN, 0666, "fd/%d", fd); 1297 make_dev(&fildesc_cdevsw, 0, UID_ROOT, GID_WHEEL, 0666, "stdin"); 1298 make_dev(&fildesc_cdevsw, 1, UID_ROOT, GID_WHEEL, 0666, "stdout"); 1299 make_dev(&fildesc_cdevsw, 2, UID_ROOT, GID_WHEEL, 0666, "stderr"); 1300 } 1301 1302 struct fileops badfileops = { 1303 badfo_readwrite, 1304 badfo_readwrite, 1305 badfo_ioctl, 1306 badfo_poll, 1307 badfo_stat, 1308 badfo_close 1309 }; 1310 1311 static int 1312 badfo_readwrite(fp, uio, cred, flags, p) 1313 struct file *fp; 1314 struct uio *uio; 1315 struct ucred *cred; 1316 struct proc *p; 1317 int flags; 1318 { 1319 1320 return (EBADF); 1321 } 1322 1323 static int 1324 badfo_ioctl(fp, com, data, p) 1325 struct file *fp; 1326 u_long com; 1327 caddr_t data; 1328 struct proc *p; 1329 { 1330 1331 return (EBADF); 1332 } 1333 1334 static int 1335 badfo_poll(fp, events, cred, p) 1336 struct file *fp; 1337 int events; 1338 struct ucred *cred; 1339 struct proc *p; 1340 { 1341 1342 return (0); 1343 } 1344 1345 static int 1346 badfo_stat(fp, sb, p) 1347 struct file *fp; 1348 struct stat *sb; 1349 struct proc *p; 1350 { 1351 1352 return (EBADF); 1353 } 1354 1355 static int 1356 badfo_close(fp, p) 1357 struct file *fp; 1358 struct proc *p; 1359 { 1360 1361 return (EBADF); 1362 } 1363 1364 SYSINIT(fildescdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR, 1365 fildesc_drvinit,NULL) 1366