1 /* 2 * linux/fs/read_write.c 3 * 4 * Copyright (C) 1991, 1992 Linus Torvalds 5 */ 6 7 #include <linux/slab.h> 8 #include <linux/stat.h> 9 #include <linux/fcntl.h> 10 #include <linux/file.h> 11 #include <linux/uio.h> 12 #include <linux/fsnotify.h> 13 #include <linux/security.h> 14 #include <linux/export.h> 15 #include <linux/syscalls.h> 16 #include <linux/pagemap.h> 17 #include <linux/splice.h> 18 #include <linux/compat.h> 19 #include "read_write.h" 20 #include "internal.h" 21 22 #include <asm/uaccess.h> 23 #include <asm/unistd.h> 24 25 const struct file_operations generic_ro_fops = { 26 .llseek = generic_file_llseek, 27 .read = do_sync_read, 28 .aio_read = generic_file_aio_read, 29 .mmap = generic_file_readonly_mmap, 30 .splice_read = generic_file_splice_read, 31 }; 32 33 EXPORT_SYMBOL(generic_ro_fops); 34 35 static inline int unsigned_offsets(struct file *file) 36 { 37 return file->f_mode & FMODE_UNSIGNED_OFFSET; 38 } 39 40 static loff_t lseek_execute(struct file *file, struct inode *inode, 41 loff_t offset, loff_t maxsize) 42 { 43 if (offset < 0 && !unsigned_offsets(file)) 44 return -EINVAL; 45 if (offset > maxsize) 46 return -EINVAL; 47 48 if (offset != file->f_pos) { 49 file->f_pos = offset; 50 file->f_version = 0; 51 } 52 return offset; 53 } 54 55 /** 56 * generic_file_llseek_size - generic llseek implementation for regular files 57 * @file: file structure to seek on 58 * @offset: file offset to seek to 59 * @whence: type of seek 60 * @size: max size of this file in file system 61 * @eof: offset used for SEEK_END position 62 * 63 * This is a variant of generic_file_llseek that allows passing in a custom 64 * maximum file size and a custom EOF position, for e.g. hashed directories 65 * 66 * Synchronization: 67 * SEEK_SET and SEEK_END are unsynchronized (but atomic on 64bit platforms) 68 * SEEK_CUR is synchronized against other SEEK_CURs, but not read/writes. 69 * read/writes behave like SEEK_SET against seeks. 70 */ 71 loff_t 72 generic_file_llseek_size(struct file *file, loff_t offset, int whence, 73 loff_t maxsize, loff_t eof) 74 { 75 struct inode *inode = file->f_mapping->host; 76 77 switch (whence) { 78 case SEEK_END: 79 offset += eof; 80 break; 81 case SEEK_CUR: 82 /* 83 * Here we special-case the lseek(fd, 0, SEEK_CUR) 84 * position-querying operation. Avoid rewriting the "same" 85 * f_pos value back to the file because a concurrent read(), 86 * write() or lseek() might have altered it 87 */ 88 if (offset == 0) 89 return file->f_pos; 90 /* 91 * f_lock protects against read/modify/write race with other 92 * SEEK_CURs. Note that parallel writes and reads behave 93 * like SEEK_SET. 94 */ 95 spin_lock(&file->f_lock); 96 offset = lseek_execute(file, inode, file->f_pos + offset, 97 maxsize); 98 spin_unlock(&file->f_lock); 99 return offset; 100 case SEEK_DATA: 101 /* 102 * In the generic case the entire file is data, so as long as 103 * offset isn't at the end of the file then the offset is data. 104 */ 105 if (offset >= eof) 106 return -ENXIO; 107 break; 108 case SEEK_HOLE: 109 /* 110 * There is a virtual hole at the end of the file, so as long as 111 * offset isn't i_size or larger, return i_size. 112 */ 113 if (offset >= eof) 114 return -ENXIO; 115 offset = eof; 116 break; 117 } 118 119 return lseek_execute(file, inode, offset, maxsize); 120 } 121 EXPORT_SYMBOL(generic_file_llseek_size); 122 123 /** 124 * generic_file_llseek - generic llseek implementation for regular files 125 * @file: file structure to seek on 126 * @offset: file offset to seek to 127 * @whence: type of seek 128 * 129 * This is a generic implemenation of ->llseek useable for all normal local 130 * filesystems. It just updates the file offset to the value specified by 131 * @offset and @whence under i_mutex. 132 */ 133 loff_t generic_file_llseek(struct file *file, loff_t offset, int whence) 134 { 135 struct inode *inode = file->f_mapping->host; 136 137 return generic_file_llseek_size(file, offset, whence, 138 inode->i_sb->s_maxbytes, 139 i_size_read(inode)); 140 } 141 EXPORT_SYMBOL(generic_file_llseek); 142 143 /** 144 * noop_llseek - No Operation Performed llseek implementation 145 * @file: file structure to seek on 146 * @offset: file offset to seek to 147 * @whence: type of seek 148 * 149 * This is an implementation of ->llseek useable for the rare special case when 150 * userspace expects the seek to succeed but the (device) file is actually not 151 * able to perform the seek. In this case you use noop_llseek() instead of 152 * falling back to the default implementation of ->llseek. 153 */ 154 loff_t noop_llseek(struct file *file, loff_t offset, int whence) 155 { 156 return file->f_pos; 157 } 158 EXPORT_SYMBOL(noop_llseek); 159 160 loff_t no_llseek(struct file *file, loff_t offset, int whence) 161 { 162 return -ESPIPE; 163 } 164 EXPORT_SYMBOL(no_llseek); 165 166 loff_t default_llseek(struct file *file, loff_t offset, int whence) 167 { 168 struct inode *inode = file_inode(file); 169 loff_t retval; 170 171 mutex_lock(&inode->i_mutex); 172 switch (whence) { 173 case SEEK_END: 174 offset += i_size_read(inode); 175 break; 176 case SEEK_CUR: 177 if (offset == 0) { 178 retval = file->f_pos; 179 goto out; 180 } 181 offset += file->f_pos; 182 break; 183 case SEEK_DATA: 184 /* 185 * In the generic case the entire file is data, so as 186 * long as offset isn't at the end of the file then the 187 * offset is data. 188 */ 189 if (offset >= inode->i_size) { 190 retval = -ENXIO; 191 goto out; 192 } 193 break; 194 case SEEK_HOLE: 195 /* 196 * There is a virtual hole at the end of the file, so 197 * as long as offset isn't i_size or larger, return 198 * i_size. 199 */ 200 if (offset >= inode->i_size) { 201 retval = -ENXIO; 202 goto out; 203 } 204 offset = inode->i_size; 205 break; 206 } 207 retval = -EINVAL; 208 if (offset >= 0 || unsigned_offsets(file)) { 209 if (offset != file->f_pos) { 210 file->f_pos = offset; 211 file->f_version = 0; 212 } 213 retval = offset; 214 } 215 out: 216 mutex_unlock(&inode->i_mutex); 217 return retval; 218 } 219 EXPORT_SYMBOL(default_llseek); 220 221 loff_t vfs_llseek(struct file *file, loff_t offset, int whence) 222 { 223 loff_t (*fn)(struct file *, loff_t, int); 224 225 fn = no_llseek; 226 if (file->f_mode & FMODE_LSEEK) { 227 if (file->f_op && file->f_op->llseek) 228 fn = file->f_op->llseek; 229 } 230 return fn(file, offset, whence); 231 } 232 EXPORT_SYMBOL(vfs_llseek); 233 234 SYSCALL_DEFINE3(lseek, unsigned int, fd, off_t, offset, unsigned int, whence) 235 { 236 off_t retval; 237 struct fd f = fdget(fd); 238 if (!f.file) 239 return -EBADF; 240 241 retval = -EINVAL; 242 if (whence <= SEEK_MAX) { 243 loff_t res = vfs_llseek(f.file, offset, whence); 244 retval = res; 245 if (res != (loff_t)retval) 246 retval = -EOVERFLOW; /* LFS: should only happen on 32 bit platforms */ 247 } 248 fdput(f); 249 return retval; 250 } 251 252 #ifdef CONFIG_COMPAT 253 COMPAT_SYSCALL_DEFINE3(lseek, unsigned int, fd, compat_off_t, offset, unsigned int, whence) 254 { 255 return sys_lseek(fd, offset, whence); 256 } 257 #endif 258 259 #ifdef __ARCH_WANT_SYS_LLSEEK 260 SYSCALL_DEFINE5(llseek, unsigned int, fd, unsigned long, offset_high, 261 unsigned long, offset_low, loff_t __user *, result, 262 unsigned int, whence) 263 { 264 int retval; 265 struct fd f = fdget(fd); 266 loff_t offset; 267 268 if (!f.file) 269 return -EBADF; 270 271 retval = -EINVAL; 272 if (whence > SEEK_MAX) 273 goto out_putf; 274 275 offset = vfs_llseek(f.file, ((loff_t) offset_high << 32) | offset_low, 276 whence); 277 278 retval = (int)offset; 279 if (offset >= 0) { 280 retval = -EFAULT; 281 if (!copy_to_user(result, &offset, sizeof(offset))) 282 retval = 0; 283 } 284 out_putf: 285 fdput(f); 286 return retval; 287 } 288 #endif 289 290 /* 291 * rw_verify_area doesn't like huge counts. We limit 292 * them to something that fits in "int" so that others 293 * won't have to do range checks all the time. 294 */ 295 int rw_verify_area(int read_write, struct file *file, loff_t *ppos, size_t count) 296 { 297 struct inode *inode; 298 loff_t pos; 299 int retval = -EINVAL; 300 301 inode = file_inode(file); 302 if (unlikely((ssize_t) count < 0)) 303 return retval; 304 pos = *ppos; 305 if (unlikely(pos < 0)) { 306 if (!unsigned_offsets(file)) 307 return retval; 308 if (count >= -pos) /* both values are in 0..LLONG_MAX */ 309 return -EOVERFLOW; 310 } else if (unlikely((loff_t) (pos + count) < 0)) { 311 if (!unsigned_offsets(file)) 312 return retval; 313 } 314 315 if (unlikely(inode->i_flock && mandatory_lock(inode))) { 316 retval = locks_mandatory_area( 317 read_write == READ ? FLOCK_VERIFY_READ : FLOCK_VERIFY_WRITE, 318 inode, file, pos, count); 319 if (retval < 0) 320 return retval; 321 } 322 retval = security_file_permission(file, 323 read_write == READ ? MAY_READ : MAY_WRITE); 324 if (retval) 325 return retval; 326 return count > MAX_RW_COUNT ? MAX_RW_COUNT : count; 327 } 328 329 static void wait_on_retry_sync_kiocb(struct kiocb *iocb) 330 { 331 set_current_state(TASK_UNINTERRUPTIBLE); 332 if (!kiocbIsKicked(iocb)) 333 schedule(); 334 else 335 kiocbClearKicked(iocb); 336 __set_current_state(TASK_RUNNING); 337 } 338 339 ssize_t do_sync_read(struct file *filp, char __user *buf, size_t len, loff_t *ppos) 340 { 341 struct iovec iov = { .iov_base = buf, .iov_len = len }; 342 struct kiocb kiocb; 343 ssize_t ret; 344 345 init_sync_kiocb(&kiocb, filp); 346 kiocb.ki_pos = *ppos; 347 kiocb.ki_left = len; 348 kiocb.ki_nbytes = len; 349 350 for (;;) { 351 ret = filp->f_op->aio_read(&kiocb, &iov, 1, kiocb.ki_pos); 352 if (ret != -EIOCBRETRY) 353 break; 354 wait_on_retry_sync_kiocb(&kiocb); 355 } 356 357 if (-EIOCBQUEUED == ret) 358 ret = wait_on_sync_kiocb(&kiocb); 359 *ppos = kiocb.ki_pos; 360 return ret; 361 } 362 363 EXPORT_SYMBOL(do_sync_read); 364 365 ssize_t vfs_read(struct file *file, char __user *buf, size_t count, loff_t *pos) 366 { 367 ssize_t ret; 368 369 if (!(file->f_mode & FMODE_READ)) 370 return -EBADF; 371 if (!file->f_op || (!file->f_op->read && !file->f_op->aio_read)) 372 return -EINVAL; 373 if (unlikely(!access_ok(VERIFY_WRITE, buf, count))) 374 return -EFAULT; 375 376 ret = rw_verify_area(READ, file, pos, count); 377 if (ret >= 0) { 378 count = ret; 379 if (file->f_op->read) 380 ret = file->f_op->read(file, buf, count, pos); 381 else 382 ret = do_sync_read(file, buf, count, pos); 383 if (ret > 0) { 384 fsnotify_access(file); 385 add_rchar(current, ret); 386 } 387 inc_syscr(current); 388 } 389 390 return ret; 391 } 392 393 EXPORT_SYMBOL(vfs_read); 394 395 ssize_t do_sync_write(struct file *filp, const char __user *buf, size_t len, loff_t *ppos) 396 { 397 struct iovec iov = { .iov_base = (void __user *)buf, .iov_len = len }; 398 struct kiocb kiocb; 399 ssize_t ret; 400 401 init_sync_kiocb(&kiocb, filp); 402 kiocb.ki_pos = *ppos; 403 kiocb.ki_left = len; 404 kiocb.ki_nbytes = len; 405 406 for (;;) { 407 ret = filp->f_op->aio_write(&kiocb, &iov, 1, kiocb.ki_pos); 408 if (ret != -EIOCBRETRY) 409 break; 410 wait_on_retry_sync_kiocb(&kiocb); 411 } 412 413 if (-EIOCBQUEUED == ret) 414 ret = wait_on_sync_kiocb(&kiocb); 415 *ppos = kiocb.ki_pos; 416 return ret; 417 } 418 419 EXPORT_SYMBOL(do_sync_write); 420 421 ssize_t __kernel_write(struct file *file, const char *buf, size_t count, loff_t *pos) 422 { 423 mm_segment_t old_fs; 424 const char __user *p; 425 ssize_t ret; 426 427 old_fs = get_fs(); 428 set_fs(get_ds()); 429 p = (__force const char __user *)buf; 430 if (count > MAX_RW_COUNT) 431 count = MAX_RW_COUNT; 432 if (file->f_op->write) 433 ret = file->f_op->write(file, p, count, pos); 434 else 435 ret = do_sync_write(file, p, count, pos); 436 set_fs(old_fs); 437 if (ret > 0) { 438 fsnotify_modify(file); 439 add_wchar(current, ret); 440 } 441 inc_syscw(current); 442 return ret; 443 } 444 445 ssize_t vfs_write(struct file *file, const char __user *buf, size_t count, loff_t *pos) 446 { 447 ssize_t ret; 448 449 if (!(file->f_mode & FMODE_WRITE)) 450 return -EBADF; 451 if (!file->f_op || (!file->f_op->write && !file->f_op->aio_write)) 452 return -EINVAL; 453 if (unlikely(!access_ok(VERIFY_READ, buf, count))) 454 return -EFAULT; 455 456 ret = rw_verify_area(WRITE, file, pos, count); 457 if (ret >= 0) { 458 count = ret; 459 file_start_write(file); 460 if (file->f_op->write) 461 ret = file->f_op->write(file, buf, count, pos); 462 else 463 ret = do_sync_write(file, buf, count, pos); 464 if (ret > 0) { 465 fsnotify_modify(file); 466 add_wchar(current, ret); 467 } 468 inc_syscw(current); 469 file_end_write(file); 470 } 471 472 return ret; 473 } 474 475 EXPORT_SYMBOL(vfs_write); 476 477 static inline loff_t file_pos_read(struct file *file) 478 { 479 return file->f_pos; 480 } 481 482 static inline void file_pos_write(struct file *file, loff_t pos) 483 { 484 file->f_pos = pos; 485 } 486 487 SYSCALL_DEFINE3(read, unsigned int, fd, char __user *, buf, size_t, count) 488 { 489 struct fd f = fdget(fd); 490 ssize_t ret = -EBADF; 491 492 if (f.file) { 493 loff_t pos = file_pos_read(f.file); 494 ret = vfs_read(f.file, buf, count, &pos); 495 file_pos_write(f.file, pos); 496 fdput(f); 497 } 498 return ret; 499 } 500 501 SYSCALL_DEFINE3(write, unsigned int, fd, const char __user *, buf, 502 size_t, count) 503 { 504 struct fd f = fdget(fd); 505 ssize_t ret = -EBADF; 506 507 if (f.file) { 508 loff_t pos = file_pos_read(f.file); 509 ret = vfs_write(f.file, buf, count, &pos); 510 file_pos_write(f.file, pos); 511 fdput(f); 512 } 513 514 return ret; 515 } 516 517 SYSCALL_DEFINE(pread64)(unsigned int fd, char __user *buf, 518 size_t count, loff_t pos) 519 { 520 struct fd f; 521 ssize_t ret = -EBADF; 522 523 if (pos < 0) 524 return -EINVAL; 525 526 f = fdget(fd); 527 if (f.file) { 528 ret = -ESPIPE; 529 if (f.file->f_mode & FMODE_PREAD) 530 ret = vfs_read(f.file, buf, count, &pos); 531 fdput(f); 532 } 533 534 return ret; 535 } 536 #ifdef CONFIG_HAVE_SYSCALL_WRAPPERS 537 asmlinkage long SyS_pread64(long fd, long buf, long count, loff_t pos) 538 { 539 return SYSC_pread64((unsigned int) fd, (char __user *) buf, 540 (size_t) count, pos); 541 } 542 SYSCALL_ALIAS(sys_pread64, SyS_pread64); 543 #endif 544 545 SYSCALL_DEFINE(pwrite64)(unsigned int fd, const char __user *buf, 546 size_t count, loff_t pos) 547 { 548 struct fd f; 549 ssize_t ret = -EBADF; 550 551 if (pos < 0) 552 return -EINVAL; 553 554 f = fdget(fd); 555 if (f.file) { 556 ret = -ESPIPE; 557 if (f.file->f_mode & FMODE_PWRITE) 558 ret = vfs_write(f.file, buf, count, &pos); 559 fdput(f); 560 } 561 562 return ret; 563 } 564 #ifdef CONFIG_HAVE_SYSCALL_WRAPPERS 565 asmlinkage long SyS_pwrite64(long fd, long buf, long count, loff_t pos) 566 { 567 return SYSC_pwrite64((unsigned int) fd, (const char __user *) buf, 568 (size_t) count, pos); 569 } 570 SYSCALL_ALIAS(sys_pwrite64, SyS_pwrite64); 571 #endif 572 573 /* 574 * Reduce an iovec's length in-place. Return the resulting number of segments 575 */ 576 unsigned long iov_shorten(struct iovec *iov, unsigned long nr_segs, size_t to) 577 { 578 unsigned long seg = 0; 579 size_t len = 0; 580 581 while (seg < nr_segs) { 582 seg++; 583 if (len + iov->iov_len >= to) { 584 iov->iov_len = to - len; 585 break; 586 } 587 len += iov->iov_len; 588 iov++; 589 } 590 return seg; 591 } 592 EXPORT_SYMBOL(iov_shorten); 593 594 static ssize_t do_sync_readv_writev(struct file *filp, const struct iovec *iov, 595 unsigned long nr_segs, size_t len, loff_t *ppos, iov_fn_t fn) 596 { 597 struct kiocb kiocb; 598 ssize_t ret; 599 600 init_sync_kiocb(&kiocb, filp); 601 kiocb.ki_pos = *ppos; 602 kiocb.ki_left = len; 603 kiocb.ki_nbytes = len; 604 605 for (;;) { 606 ret = fn(&kiocb, iov, nr_segs, kiocb.ki_pos); 607 if (ret != -EIOCBRETRY) 608 break; 609 wait_on_retry_sync_kiocb(&kiocb); 610 } 611 612 if (ret == -EIOCBQUEUED) 613 ret = wait_on_sync_kiocb(&kiocb); 614 *ppos = kiocb.ki_pos; 615 return ret; 616 } 617 618 /* Do it by hand, with file-ops */ 619 static ssize_t do_loop_readv_writev(struct file *filp, struct iovec *iov, 620 unsigned long nr_segs, loff_t *ppos, io_fn_t fn) 621 { 622 struct iovec *vector = iov; 623 ssize_t ret = 0; 624 625 while (nr_segs > 0) { 626 void __user *base; 627 size_t len; 628 ssize_t nr; 629 630 base = vector->iov_base; 631 len = vector->iov_len; 632 vector++; 633 nr_segs--; 634 635 nr = fn(filp, base, len, ppos); 636 637 if (nr < 0) { 638 if (!ret) 639 ret = nr; 640 break; 641 } 642 ret += nr; 643 if (nr != len) 644 break; 645 } 646 647 return ret; 648 } 649 650 /* A write operation does a read from user space and vice versa */ 651 #define vrfy_dir(type) ((type) == READ ? VERIFY_WRITE : VERIFY_READ) 652 653 ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector, 654 unsigned long nr_segs, unsigned long fast_segs, 655 struct iovec *fast_pointer, 656 struct iovec **ret_pointer) 657 { 658 unsigned long seg; 659 ssize_t ret; 660 struct iovec *iov = fast_pointer; 661 662 /* 663 * SuS says "The readv() function *may* fail if the iovcnt argument 664 * was less than or equal to 0, or greater than {IOV_MAX}. Linux has 665 * traditionally returned zero for zero segments, so... 666 */ 667 if (nr_segs == 0) { 668 ret = 0; 669 goto out; 670 } 671 672 /* 673 * First get the "struct iovec" from user memory and 674 * verify all the pointers 675 */ 676 if (nr_segs > UIO_MAXIOV) { 677 ret = -EINVAL; 678 goto out; 679 } 680 if (nr_segs > fast_segs) { 681 iov = kmalloc(nr_segs*sizeof(struct iovec), GFP_KERNEL); 682 if (iov == NULL) { 683 ret = -ENOMEM; 684 goto out; 685 } 686 } 687 if (copy_from_user(iov, uvector, nr_segs*sizeof(*uvector))) { 688 ret = -EFAULT; 689 goto out; 690 } 691 692 /* 693 * According to the Single Unix Specification we should return EINVAL 694 * if an element length is < 0 when cast to ssize_t or if the 695 * total length would overflow the ssize_t return value of the 696 * system call. 697 * 698 * Linux caps all read/write calls to MAX_RW_COUNT, and avoids the 699 * overflow case. 700 */ 701 ret = 0; 702 for (seg = 0; seg < nr_segs; seg++) { 703 void __user *buf = iov[seg].iov_base; 704 ssize_t len = (ssize_t)iov[seg].iov_len; 705 706 /* see if we we're about to use an invalid len or if 707 * it's about to overflow ssize_t */ 708 if (len < 0) { 709 ret = -EINVAL; 710 goto out; 711 } 712 if (type >= 0 713 && unlikely(!access_ok(vrfy_dir(type), buf, len))) { 714 ret = -EFAULT; 715 goto out; 716 } 717 if (len > MAX_RW_COUNT - ret) { 718 len = MAX_RW_COUNT - ret; 719 iov[seg].iov_len = len; 720 } 721 ret += len; 722 } 723 out: 724 *ret_pointer = iov; 725 return ret; 726 } 727 728 static ssize_t do_readv_writev(int type, struct file *file, 729 const struct iovec __user * uvector, 730 unsigned long nr_segs, loff_t *pos) 731 { 732 size_t tot_len; 733 struct iovec iovstack[UIO_FASTIOV]; 734 struct iovec *iov = iovstack; 735 ssize_t ret; 736 io_fn_t fn; 737 iov_fn_t fnv; 738 739 if (!file->f_op) { 740 ret = -EINVAL; 741 goto out; 742 } 743 744 ret = rw_copy_check_uvector(type, uvector, nr_segs, 745 ARRAY_SIZE(iovstack), iovstack, &iov); 746 if (ret <= 0) 747 goto out; 748 749 tot_len = ret; 750 ret = rw_verify_area(type, file, pos, tot_len); 751 if (ret < 0) 752 goto out; 753 754 fnv = NULL; 755 if (type == READ) { 756 fn = file->f_op->read; 757 fnv = file->f_op->aio_read; 758 } else { 759 fn = (io_fn_t)file->f_op->write; 760 fnv = file->f_op->aio_write; 761 file_start_write(file); 762 } 763 764 if (fnv) 765 ret = do_sync_readv_writev(file, iov, nr_segs, tot_len, 766 pos, fnv); 767 else 768 ret = do_loop_readv_writev(file, iov, nr_segs, pos, fn); 769 770 if (type != READ) 771 file_end_write(file); 772 773 out: 774 if (iov != iovstack) 775 kfree(iov); 776 if ((ret + (type == READ)) > 0) { 777 if (type == READ) 778 fsnotify_access(file); 779 else 780 fsnotify_modify(file); 781 } 782 return ret; 783 } 784 785 ssize_t vfs_readv(struct file *file, const struct iovec __user *vec, 786 unsigned long vlen, loff_t *pos) 787 { 788 if (!(file->f_mode & FMODE_READ)) 789 return -EBADF; 790 if (!file->f_op || (!file->f_op->aio_read && !file->f_op->read)) 791 return -EINVAL; 792 793 return do_readv_writev(READ, file, vec, vlen, pos); 794 } 795 796 EXPORT_SYMBOL(vfs_readv); 797 798 ssize_t vfs_writev(struct file *file, const struct iovec __user *vec, 799 unsigned long vlen, loff_t *pos) 800 { 801 if (!(file->f_mode & FMODE_WRITE)) 802 return -EBADF; 803 if (!file->f_op || (!file->f_op->aio_write && !file->f_op->write)) 804 return -EINVAL; 805 806 return do_readv_writev(WRITE, file, vec, vlen, pos); 807 } 808 809 EXPORT_SYMBOL(vfs_writev); 810 811 SYSCALL_DEFINE3(readv, unsigned long, fd, const struct iovec __user *, vec, 812 unsigned long, vlen) 813 { 814 struct fd f = fdget(fd); 815 ssize_t ret = -EBADF; 816 817 if (f.file) { 818 loff_t pos = file_pos_read(f.file); 819 ret = vfs_readv(f.file, vec, vlen, &pos); 820 file_pos_write(f.file, pos); 821 fdput(f); 822 } 823 824 if (ret > 0) 825 add_rchar(current, ret); 826 inc_syscr(current); 827 return ret; 828 } 829 830 SYSCALL_DEFINE3(writev, unsigned long, fd, const struct iovec __user *, vec, 831 unsigned long, vlen) 832 { 833 struct fd f = fdget(fd); 834 ssize_t ret = -EBADF; 835 836 if (f.file) { 837 loff_t pos = file_pos_read(f.file); 838 ret = vfs_writev(f.file, vec, vlen, &pos); 839 file_pos_write(f.file, pos); 840 fdput(f); 841 } 842 843 if (ret > 0) 844 add_wchar(current, ret); 845 inc_syscw(current); 846 return ret; 847 } 848 849 static inline loff_t pos_from_hilo(unsigned long high, unsigned long low) 850 { 851 #define HALF_LONG_BITS (BITS_PER_LONG / 2) 852 return (((loff_t)high << HALF_LONG_BITS) << HALF_LONG_BITS) | low; 853 } 854 855 SYSCALL_DEFINE5(preadv, unsigned long, fd, const struct iovec __user *, vec, 856 unsigned long, vlen, unsigned long, pos_l, unsigned long, pos_h) 857 { 858 loff_t pos = pos_from_hilo(pos_h, pos_l); 859 struct fd f; 860 ssize_t ret = -EBADF; 861 862 if (pos < 0) 863 return -EINVAL; 864 865 f = fdget(fd); 866 if (f.file) { 867 ret = -ESPIPE; 868 if (f.file->f_mode & FMODE_PREAD) 869 ret = vfs_readv(f.file, vec, vlen, &pos); 870 fdput(f); 871 } 872 873 if (ret > 0) 874 add_rchar(current, ret); 875 inc_syscr(current); 876 return ret; 877 } 878 879 SYSCALL_DEFINE5(pwritev, unsigned long, fd, const struct iovec __user *, vec, 880 unsigned long, vlen, unsigned long, pos_l, unsigned long, pos_h) 881 { 882 loff_t pos = pos_from_hilo(pos_h, pos_l); 883 struct fd f; 884 ssize_t ret = -EBADF; 885 886 if (pos < 0) 887 return -EINVAL; 888 889 f = fdget(fd); 890 if (f.file) { 891 ret = -ESPIPE; 892 if (f.file->f_mode & FMODE_PWRITE) 893 ret = vfs_writev(f.file, vec, vlen, &pos); 894 fdput(f); 895 } 896 897 if (ret > 0) 898 add_wchar(current, ret); 899 inc_syscw(current); 900 return ret; 901 } 902 903 #ifdef CONFIG_COMPAT 904 905 static ssize_t compat_do_readv_writev(int type, struct file *file, 906 const struct compat_iovec __user *uvector, 907 unsigned long nr_segs, loff_t *pos) 908 { 909 compat_ssize_t tot_len; 910 struct iovec iovstack[UIO_FASTIOV]; 911 struct iovec *iov = iovstack; 912 ssize_t ret; 913 io_fn_t fn; 914 iov_fn_t fnv; 915 916 ret = -EINVAL; 917 if (!file->f_op) 918 goto out; 919 920 ret = -EFAULT; 921 if (!access_ok(VERIFY_READ, uvector, nr_segs*sizeof(*uvector))) 922 goto out; 923 924 ret = compat_rw_copy_check_uvector(type, uvector, nr_segs, 925 UIO_FASTIOV, iovstack, &iov); 926 if (ret <= 0) 927 goto out; 928 929 tot_len = ret; 930 ret = rw_verify_area(type, file, pos, tot_len); 931 if (ret < 0) 932 goto out; 933 934 fnv = NULL; 935 if (type == READ) { 936 fn = file->f_op->read; 937 fnv = file->f_op->aio_read; 938 } else { 939 fn = (io_fn_t)file->f_op->write; 940 fnv = file->f_op->aio_write; 941 file_start_write(file); 942 } 943 944 if (fnv) 945 ret = do_sync_readv_writev(file, iov, nr_segs, tot_len, 946 pos, fnv); 947 else 948 ret = do_loop_readv_writev(file, iov, nr_segs, pos, fn); 949 950 if (type != READ) 951 file_end_write(file); 952 953 out: 954 if (iov != iovstack) 955 kfree(iov); 956 if ((ret + (type == READ)) > 0) { 957 if (type == READ) 958 fsnotify_access(file); 959 else 960 fsnotify_modify(file); 961 } 962 return ret; 963 } 964 965 static size_t compat_readv(struct file *file, 966 const struct compat_iovec __user *vec, 967 unsigned long vlen, loff_t *pos) 968 { 969 ssize_t ret = -EBADF; 970 971 if (!(file->f_mode & FMODE_READ)) 972 goto out; 973 974 ret = -EINVAL; 975 if (!file->f_op || (!file->f_op->aio_read && !file->f_op->read)) 976 goto out; 977 978 ret = compat_do_readv_writev(READ, file, vec, vlen, pos); 979 980 out: 981 if (ret > 0) 982 add_rchar(current, ret); 983 inc_syscr(current); 984 return ret; 985 } 986 987 COMPAT_SYSCALL_DEFINE3(readv, unsigned long, fd, 988 const struct compat_iovec __user *,vec, 989 unsigned long, vlen) 990 { 991 struct fd f = fdget(fd); 992 ssize_t ret; 993 loff_t pos; 994 995 if (!f.file) 996 return -EBADF; 997 pos = f.file->f_pos; 998 ret = compat_readv(f.file, vec, vlen, &pos); 999 f.file->f_pos = pos; 1000 fdput(f); 1001 return ret; 1002 } 1003 1004 COMPAT_SYSCALL_DEFINE4(preadv64, unsigned long, fd, 1005 const struct compat_iovec __user *,vec, 1006 unsigned long, vlen, loff_t, pos) 1007 { 1008 struct fd f; 1009 ssize_t ret; 1010 1011 if (pos < 0) 1012 return -EINVAL; 1013 f = fdget(fd); 1014 if (!f.file) 1015 return -EBADF; 1016 ret = -ESPIPE; 1017 if (f.file->f_mode & FMODE_PREAD) 1018 ret = compat_readv(f.file, vec, vlen, &pos); 1019 fdput(f); 1020 return ret; 1021 } 1022 1023 COMPAT_SYSCALL_DEFINE5(preadv, unsigned long, fd, 1024 const struct compat_iovec __user *,vec, 1025 unsigned long, vlen, u32, pos_low, u32, pos_high) 1026 { 1027 loff_t pos = ((loff_t)pos_high << 32) | pos_low; 1028 return compat_sys_preadv64(fd, vec, vlen, pos); 1029 } 1030 1031 static size_t compat_writev(struct file *file, 1032 const struct compat_iovec __user *vec, 1033 unsigned long vlen, loff_t *pos) 1034 { 1035 ssize_t ret = -EBADF; 1036 1037 if (!(file->f_mode & FMODE_WRITE)) 1038 goto out; 1039 1040 ret = -EINVAL; 1041 if (!file->f_op || (!file->f_op->aio_write && !file->f_op->write)) 1042 goto out; 1043 1044 ret = compat_do_readv_writev(WRITE, file, vec, vlen, pos); 1045 1046 out: 1047 if (ret > 0) 1048 add_wchar(current, ret); 1049 inc_syscw(current); 1050 return ret; 1051 } 1052 1053 COMPAT_SYSCALL_DEFINE3(writev, unsigned long, fd, 1054 const struct compat_iovec __user *, vec, 1055 unsigned long, vlen) 1056 { 1057 struct fd f = fdget(fd); 1058 ssize_t ret; 1059 loff_t pos; 1060 1061 if (!f.file) 1062 return -EBADF; 1063 pos = f.file->f_pos; 1064 ret = compat_writev(f.file, vec, vlen, &pos); 1065 f.file->f_pos = pos; 1066 fdput(f); 1067 return ret; 1068 } 1069 1070 COMPAT_SYSCALL_DEFINE4(pwritev64, unsigned long, fd, 1071 const struct compat_iovec __user *,vec, 1072 unsigned long, vlen, loff_t, pos) 1073 { 1074 struct fd f; 1075 ssize_t ret; 1076 1077 if (pos < 0) 1078 return -EINVAL; 1079 f = fdget(fd); 1080 if (!f.file) 1081 return -EBADF; 1082 ret = -ESPIPE; 1083 if (f.file->f_mode & FMODE_PWRITE) 1084 ret = compat_writev(f.file, vec, vlen, &pos); 1085 fdput(f); 1086 return ret; 1087 } 1088 1089 COMPAT_SYSCALL_DEFINE5(pwritev, unsigned long, fd, 1090 const struct compat_iovec __user *,vec, 1091 unsigned long, vlen, u32, pos_low, u32, pos_high) 1092 { 1093 loff_t pos = ((loff_t)pos_high << 32) | pos_low; 1094 return compat_sys_pwritev64(fd, vec, vlen, pos); 1095 } 1096 #endif 1097 1098 ssize_t do_sendfile(int out_fd, int in_fd, loff_t *ppos, size_t count, 1099 loff_t max) 1100 { 1101 struct fd in, out; 1102 struct inode *in_inode, *out_inode; 1103 loff_t pos; 1104 ssize_t retval; 1105 int fl; 1106 1107 /* 1108 * Get input file, and verify that it is ok.. 1109 */ 1110 retval = -EBADF; 1111 in = fdget(in_fd); 1112 if (!in.file) 1113 goto out; 1114 if (!(in.file->f_mode & FMODE_READ)) 1115 goto fput_in; 1116 retval = -ESPIPE; 1117 if (!ppos) 1118 ppos = &in.file->f_pos; 1119 else 1120 if (!(in.file->f_mode & FMODE_PREAD)) 1121 goto fput_in; 1122 retval = rw_verify_area(READ, in.file, ppos, count); 1123 if (retval < 0) 1124 goto fput_in; 1125 count = retval; 1126 1127 /* 1128 * Get output file, and verify that it is ok.. 1129 */ 1130 retval = -EBADF; 1131 out = fdget(out_fd); 1132 if (!out.file) 1133 goto fput_in; 1134 if (!(out.file->f_mode & FMODE_WRITE)) 1135 goto fput_out; 1136 retval = -EINVAL; 1137 in_inode = file_inode(in.file); 1138 out_inode = file_inode(out.file); 1139 retval = rw_verify_area(WRITE, out.file, &out.file->f_pos, count); 1140 if (retval < 0) 1141 goto fput_out; 1142 count = retval; 1143 1144 if (!max) 1145 max = min(in_inode->i_sb->s_maxbytes, out_inode->i_sb->s_maxbytes); 1146 1147 pos = *ppos; 1148 if (unlikely(pos + count > max)) { 1149 retval = -EOVERFLOW; 1150 if (pos >= max) 1151 goto fput_out; 1152 count = max - pos; 1153 } 1154 1155 fl = 0; 1156 #if 0 1157 /* 1158 * We need to debate whether we can enable this or not. The 1159 * man page documents EAGAIN return for the output at least, 1160 * and the application is arguably buggy if it doesn't expect 1161 * EAGAIN on a non-blocking file descriptor. 1162 */ 1163 if (in.file->f_flags & O_NONBLOCK) 1164 fl = SPLICE_F_NONBLOCK; 1165 #endif 1166 retval = do_splice_direct(in.file, ppos, out.file, count, fl); 1167 1168 if (retval > 0) { 1169 add_rchar(current, retval); 1170 add_wchar(current, retval); 1171 fsnotify_access(in.file); 1172 fsnotify_modify(out.file); 1173 } 1174 1175 inc_syscr(current); 1176 inc_syscw(current); 1177 if (*ppos > max) 1178 retval = -EOVERFLOW; 1179 1180 fput_out: 1181 fdput(out); 1182 fput_in: 1183 fdput(in); 1184 out: 1185 return retval; 1186 } 1187 1188 SYSCALL_DEFINE4(sendfile, int, out_fd, int, in_fd, off_t __user *, offset, size_t, count) 1189 { 1190 loff_t pos; 1191 off_t off; 1192 ssize_t ret; 1193 1194 if (offset) { 1195 if (unlikely(get_user(off, offset))) 1196 return -EFAULT; 1197 pos = off; 1198 ret = do_sendfile(out_fd, in_fd, &pos, count, MAX_NON_LFS); 1199 if (unlikely(put_user(pos, offset))) 1200 return -EFAULT; 1201 return ret; 1202 } 1203 1204 return do_sendfile(out_fd, in_fd, NULL, count, 0); 1205 } 1206 1207 SYSCALL_DEFINE4(sendfile64, int, out_fd, int, in_fd, loff_t __user *, offset, size_t, count) 1208 { 1209 loff_t pos; 1210 ssize_t ret; 1211 1212 if (offset) { 1213 if (unlikely(copy_from_user(&pos, offset, sizeof(loff_t)))) 1214 return -EFAULT; 1215 ret = do_sendfile(out_fd, in_fd, &pos, count, 0); 1216 if (unlikely(put_user(pos, offset))) 1217 return -EFAULT; 1218 return ret; 1219 } 1220 1221 return do_sendfile(out_fd, in_fd, NULL, count, 0); 1222 } 1223