1 /* 2 * linux/fs/read_write.c 3 * 4 * Copyright (C) 1991, 1992 Linus Torvalds 5 */ 6 7 #include <linux/slab.h> 8 #include <linux/stat.h> 9 #include <linux/fcntl.h> 10 #include <linux/file.h> 11 #include <linux/uio.h> 12 #include <linux/fsnotify.h> 13 #include <linux/security.h> 14 #include <linux/export.h> 15 #include <linux/syscalls.h> 16 #include <linux/pagemap.h> 17 #include <linux/splice.h> 18 #include <linux/compat.h> 19 #include "internal.h" 20 21 #include <asm/uaccess.h> 22 #include <asm/unistd.h> 23 24 typedef ssize_t (*io_fn_t)(struct file *, char __user *, size_t, loff_t *); 25 typedef ssize_t (*iov_fn_t)(struct kiocb *, const struct iovec *, 26 unsigned long, loff_t); 27 28 const struct file_operations generic_ro_fops = { 29 .llseek = generic_file_llseek, 30 .read = do_sync_read, 31 .aio_read = generic_file_aio_read, 32 .mmap = generic_file_readonly_mmap, 33 .splice_read = generic_file_splice_read, 34 }; 35 36 EXPORT_SYMBOL(generic_ro_fops); 37 38 static inline int unsigned_offsets(struct file *file) 39 { 40 return file->f_mode & FMODE_UNSIGNED_OFFSET; 41 } 42 43 static loff_t lseek_execute(struct file *file, struct inode *inode, 44 loff_t offset, loff_t maxsize) 45 { 46 if (offset < 0 && !unsigned_offsets(file)) 47 return -EINVAL; 48 if (offset > maxsize) 49 return -EINVAL; 50 51 if (offset != file->f_pos) { 52 file->f_pos = offset; 53 file->f_version = 0; 54 } 55 return offset; 56 } 57 58 /** 59 * generic_file_llseek_size - generic llseek implementation for regular files 60 * @file: file structure to seek on 61 * @offset: file offset to seek to 62 * @whence: type of seek 63 * @size: max size of this file in file system 64 * @eof: offset used for SEEK_END position 65 * 66 * This is a variant of generic_file_llseek that allows passing in a custom 67 * maximum file size and a custom EOF position, for e.g. hashed directories 68 * 69 * Synchronization: 70 * SEEK_SET and SEEK_END are unsynchronized (but atomic on 64bit platforms) 71 * SEEK_CUR is synchronized against other SEEK_CURs, but not read/writes. 72 * read/writes behave like SEEK_SET against seeks. 73 */ 74 loff_t 75 generic_file_llseek_size(struct file *file, loff_t offset, int whence, 76 loff_t maxsize, loff_t eof) 77 { 78 struct inode *inode = file->f_mapping->host; 79 80 switch (whence) { 81 case SEEK_END: 82 offset += eof; 83 break; 84 case SEEK_CUR: 85 /* 86 * Here we special-case the lseek(fd, 0, SEEK_CUR) 87 * position-querying operation. Avoid rewriting the "same" 88 * f_pos value back to the file because a concurrent read(), 89 * write() or lseek() might have altered it 90 */ 91 if (offset == 0) 92 return file->f_pos; 93 /* 94 * f_lock protects against read/modify/write race with other 95 * SEEK_CURs. Note that parallel writes and reads behave 96 * like SEEK_SET. 97 */ 98 spin_lock(&file->f_lock); 99 offset = lseek_execute(file, inode, file->f_pos + offset, 100 maxsize); 101 spin_unlock(&file->f_lock); 102 return offset; 103 case SEEK_DATA: 104 /* 105 * In the generic case the entire file is data, so as long as 106 * offset isn't at the end of the file then the offset is data. 107 */ 108 if (offset >= eof) 109 return -ENXIO; 110 break; 111 case SEEK_HOLE: 112 /* 113 * There is a virtual hole at the end of the file, so as long as 114 * offset isn't i_size or larger, return i_size. 115 */ 116 if (offset >= eof) 117 return -ENXIO; 118 offset = eof; 119 break; 120 } 121 122 return lseek_execute(file, inode, offset, maxsize); 123 } 124 EXPORT_SYMBOL(generic_file_llseek_size); 125 126 /** 127 * generic_file_llseek - generic llseek implementation for regular files 128 * @file: file structure to seek on 129 * @offset: file offset to seek to 130 * @whence: type of seek 131 * 132 * This is a generic implemenation of ->llseek useable for all normal local 133 * filesystems. It just updates the file offset to the value specified by 134 * @offset and @whence. 135 */ 136 loff_t generic_file_llseek(struct file *file, loff_t offset, int whence) 137 { 138 struct inode *inode = file->f_mapping->host; 139 140 return generic_file_llseek_size(file, offset, whence, 141 inode->i_sb->s_maxbytes, 142 i_size_read(inode)); 143 } 144 EXPORT_SYMBOL(generic_file_llseek); 145 146 /** 147 * noop_llseek - No Operation Performed llseek implementation 148 * @file: file structure to seek on 149 * @offset: file offset to seek to 150 * @whence: type of seek 151 * 152 * This is an implementation of ->llseek useable for the rare special case when 153 * userspace expects the seek to succeed but the (device) file is actually not 154 * able to perform the seek. In this case you use noop_llseek() instead of 155 * falling back to the default implementation of ->llseek. 156 */ 157 loff_t noop_llseek(struct file *file, loff_t offset, int whence) 158 { 159 return file->f_pos; 160 } 161 EXPORT_SYMBOL(noop_llseek); 162 163 loff_t no_llseek(struct file *file, loff_t offset, int whence) 164 { 165 return -ESPIPE; 166 } 167 EXPORT_SYMBOL(no_llseek); 168 169 loff_t default_llseek(struct file *file, loff_t offset, int whence) 170 { 171 struct inode *inode = file_inode(file); 172 loff_t retval; 173 174 mutex_lock(&inode->i_mutex); 175 switch (whence) { 176 case SEEK_END: 177 offset += i_size_read(inode); 178 break; 179 case SEEK_CUR: 180 if (offset == 0) { 181 retval = file->f_pos; 182 goto out; 183 } 184 offset += file->f_pos; 185 break; 186 case SEEK_DATA: 187 /* 188 * In the generic case the entire file is data, so as 189 * long as offset isn't at the end of the file then the 190 * offset is data. 191 */ 192 if (offset >= inode->i_size) { 193 retval = -ENXIO; 194 goto out; 195 } 196 break; 197 case SEEK_HOLE: 198 /* 199 * There is a virtual hole at the end of the file, so 200 * as long as offset isn't i_size or larger, return 201 * i_size. 202 */ 203 if (offset >= inode->i_size) { 204 retval = -ENXIO; 205 goto out; 206 } 207 offset = inode->i_size; 208 break; 209 } 210 retval = -EINVAL; 211 if (offset >= 0 || unsigned_offsets(file)) { 212 if (offset != file->f_pos) { 213 file->f_pos = offset; 214 file->f_version = 0; 215 } 216 retval = offset; 217 } 218 out: 219 mutex_unlock(&inode->i_mutex); 220 return retval; 221 } 222 EXPORT_SYMBOL(default_llseek); 223 224 loff_t vfs_llseek(struct file *file, loff_t offset, int whence) 225 { 226 loff_t (*fn)(struct file *, loff_t, int); 227 228 fn = no_llseek; 229 if (file->f_mode & FMODE_LSEEK) { 230 if (file->f_op && file->f_op->llseek) 231 fn = file->f_op->llseek; 232 } 233 return fn(file, offset, whence); 234 } 235 EXPORT_SYMBOL(vfs_llseek); 236 237 SYSCALL_DEFINE3(lseek, unsigned int, fd, off_t, offset, unsigned int, whence) 238 { 239 off_t retval; 240 struct fd f = fdget(fd); 241 if (!f.file) 242 return -EBADF; 243 244 retval = -EINVAL; 245 if (whence <= SEEK_MAX) { 246 loff_t res = vfs_llseek(f.file, offset, whence); 247 retval = res; 248 if (res != (loff_t)retval) 249 retval = -EOVERFLOW; /* LFS: should only happen on 32 bit platforms */ 250 } 251 fdput(f); 252 return retval; 253 } 254 255 #ifdef CONFIG_COMPAT 256 COMPAT_SYSCALL_DEFINE3(lseek, unsigned int, fd, compat_off_t, offset, unsigned int, whence) 257 { 258 return sys_lseek(fd, offset, whence); 259 } 260 #endif 261 262 #ifdef __ARCH_WANT_SYS_LLSEEK 263 SYSCALL_DEFINE5(llseek, unsigned int, fd, unsigned long, offset_high, 264 unsigned long, offset_low, loff_t __user *, result, 265 unsigned int, whence) 266 { 267 int retval; 268 struct fd f = fdget(fd); 269 loff_t offset; 270 271 if (!f.file) 272 return -EBADF; 273 274 retval = -EINVAL; 275 if (whence > SEEK_MAX) 276 goto out_putf; 277 278 offset = vfs_llseek(f.file, ((loff_t) offset_high << 32) | offset_low, 279 whence); 280 281 retval = (int)offset; 282 if (offset >= 0) { 283 retval = -EFAULT; 284 if (!copy_to_user(result, &offset, sizeof(offset))) 285 retval = 0; 286 } 287 out_putf: 288 fdput(f); 289 return retval; 290 } 291 #endif 292 293 /* 294 * rw_verify_area doesn't like huge counts. We limit 295 * them to something that fits in "int" so that others 296 * won't have to do range checks all the time. 297 */ 298 int rw_verify_area(int read_write, struct file *file, loff_t *ppos, size_t count) 299 { 300 struct inode *inode; 301 loff_t pos; 302 int retval = -EINVAL; 303 304 inode = file_inode(file); 305 if (unlikely((ssize_t) count < 0)) 306 return retval; 307 pos = *ppos; 308 if (unlikely(pos < 0)) { 309 if (!unsigned_offsets(file)) 310 return retval; 311 if (count >= -pos) /* both values are in 0..LLONG_MAX */ 312 return -EOVERFLOW; 313 } else if (unlikely((loff_t) (pos + count) < 0)) { 314 if (!unsigned_offsets(file)) 315 return retval; 316 } 317 318 if (unlikely(inode->i_flock && mandatory_lock(inode))) { 319 retval = locks_mandatory_area( 320 read_write == READ ? FLOCK_VERIFY_READ : FLOCK_VERIFY_WRITE, 321 inode, file, pos, count); 322 if (retval < 0) 323 return retval; 324 } 325 retval = security_file_permission(file, 326 read_write == READ ? MAY_READ : MAY_WRITE); 327 if (retval) 328 return retval; 329 return count > MAX_RW_COUNT ? MAX_RW_COUNT : count; 330 } 331 332 static void wait_on_retry_sync_kiocb(struct kiocb *iocb) 333 { 334 set_current_state(TASK_UNINTERRUPTIBLE); 335 if (!kiocbIsKicked(iocb)) 336 schedule(); 337 else 338 kiocbClearKicked(iocb); 339 __set_current_state(TASK_RUNNING); 340 } 341 342 ssize_t do_sync_read(struct file *filp, char __user *buf, size_t len, loff_t *ppos) 343 { 344 struct iovec iov = { .iov_base = buf, .iov_len = len }; 345 struct kiocb kiocb; 346 ssize_t ret; 347 348 init_sync_kiocb(&kiocb, filp); 349 kiocb.ki_pos = *ppos; 350 kiocb.ki_left = len; 351 kiocb.ki_nbytes = len; 352 353 for (;;) { 354 ret = filp->f_op->aio_read(&kiocb, &iov, 1, kiocb.ki_pos); 355 if (ret != -EIOCBRETRY) 356 break; 357 wait_on_retry_sync_kiocb(&kiocb); 358 } 359 360 if (-EIOCBQUEUED == ret) 361 ret = wait_on_sync_kiocb(&kiocb); 362 *ppos = kiocb.ki_pos; 363 return ret; 364 } 365 366 EXPORT_SYMBOL(do_sync_read); 367 368 ssize_t vfs_read(struct file *file, char __user *buf, size_t count, loff_t *pos) 369 { 370 ssize_t ret; 371 372 if (!(file->f_mode & FMODE_READ)) 373 return -EBADF; 374 if (!file->f_op || (!file->f_op->read && !file->f_op->aio_read)) 375 return -EINVAL; 376 if (unlikely(!access_ok(VERIFY_WRITE, buf, count))) 377 return -EFAULT; 378 379 ret = rw_verify_area(READ, file, pos, count); 380 if (ret >= 0) { 381 count = ret; 382 if (file->f_op->read) 383 ret = file->f_op->read(file, buf, count, pos); 384 else 385 ret = do_sync_read(file, buf, count, pos); 386 if (ret > 0) { 387 fsnotify_access(file); 388 add_rchar(current, ret); 389 } 390 inc_syscr(current); 391 } 392 393 return ret; 394 } 395 396 EXPORT_SYMBOL(vfs_read); 397 398 ssize_t do_sync_write(struct file *filp, const char __user *buf, size_t len, loff_t *ppos) 399 { 400 struct iovec iov = { .iov_base = (void __user *)buf, .iov_len = len }; 401 struct kiocb kiocb; 402 ssize_t ret; 403 404 init_sync_kiocb(&kiocb, filp); 405 kiocb.ki_pos = *ppos; 406 kiocb.ki_left = len; 407 kiocb.ki_nbytes = len; 408 409 for (;;) { 410 ret = filp->f_op->aio_write(&kiocb, &iov, 1, kiocb.ki_pos); 411 if (ret != -EIOCBRETRY) 412 break; 413 wait_on_retry_sync_kiocb(&kiocb); 414 } 415 416 if (-EIOCBQUEUED == ret) 417 ret = wait_on_sync_kiocb(&kiocb); 418 *ppos = kiocb.ki_pos; 419 return ret; 420 } 421 422 EXPORT_SYMBOL(do_sync_write); 423 424 ssize_t __kernel_write(struct file *file, const char *buf, size_t count, loff_t *pos) 425 { 426 mm_segment_t old_fs; 427 const char __user *p; 428 ssize_t ret; 429 430 if (!file->f_op || (!file->f_op->write && !file->f_op->aio_write)) 431 return -EINVAL; 432 433 old_fs = get_fs(); 434 set_fs(get_ds()); 435 p = (__force const char __user *)buf; 436 if (count > MAX_RW_COUNT) 437 count = MAX_RW_COUNT; 438 if (file->f_op->write) 439 ret = file->f_op->write(file, p, count, pos); 440 else 441 ret = do_sync_write(file, p, count, pos); 442 set_fs(old_fs); 443 if (ret > 0) { 444 fsnotify_modify(file); 445 add_wchar(current, ret); 446 } 447 inc_syscw(current); 448 return ret; 449 } 450 451 ssize_t vfs_write(struct file *file, const char __user *buf, size_t count, loff_t *pos) 452 { 453 ssize_t ret; 454 455 if (!(file->f_mode & FMODE_WRITE)) 456 return -EBADF; 457 if (!file->f_op || (!file->f_op->write && !file->f_op->aio_write)) 458 return -EINVAL; 459 if (unlikely(!access_ok(VERIFY_READ, buf, count))) 460 return -EFAULT; 461 462 ret = rw_verify_area(WRITE, file, pos, count); 463 if (ret >= 0) { 464 count = ret; 465 file_start_write(file); 466 if (file->f_op->write) 467 ret = file->f_op->write(file, buf, count, pos); 468 else 469 ret = do_sync_write(file, buf, count, pos); 470 if (ret > 0) { 471 fsnotify_modify(file); 472 add_wchar(current, ret); 473 } 474 inc_syscw(current); 475 file_end_write(file); 476 } 477 478 return ret; 479 } 480 481 EXPORT_SYMBOL(vfs_write); 482 483 static inline loff_t file_pos_read(struct file *file) 484 { 485 return file->f_pos; 486 } 487 488 static inline void file_pos_write(struct file *file, loff_t pos) 489 { 490 file->f_pos = pos; 491 } 492 493 SYSCALL_DEFINE3(read, unsigned int, fd, char __user *, buf, size_t, count) 494 { 495 struct fd f = fdget(fd); 496 ssize_t ret = -EBADF; 497 498 if (f.file) { 499 loff_t pos = file_pos_read(f.file); 500 ret = vfs_read(f.file, buf, count, &pos); 501 file_pos_write(f.file, pos); 502 fdput(f); 503 } 504 return ret; 505 } 506 507 SYSCALL_DEFINE3(write, unsigned int, fd, const char __user *, buf, 508 size_t, count) 509 { 510 struct fd f = fdget(fd); 511 ssize_t ret = -EBADF; 512 513 if (f.file) { 514 loff_t pos = file_pos_read(f.file); 515 ret = vfs_write(f.file, buf, count, &pos); 516 file_pos_write(f.file, pos); 517 fdput(f); 518 } 519 520 return ret; 521 } 522 523 SYSCALL_DEFINE4(pread64, unsigned int, fd, char __user *, buf, 524 size_t, count, loff_t, pos) 525 { 526 struct fd f; 527 ssize_t ret = -EBADF; 528 529 if (pos < 0) 530 return -EINVAL; 531 532 f = fdget(fd); 533 if (f.file) { 534 ret = -ESPIPE; 535 if (f.file->f_mode & FMODE_PREAD) 536 ret = vfs_read(f.file, buf, count, &pos); 537 fdput(f); 538 } 539 540 return ret; 541 } 542 543 SYSCALL_DEFINE4(pwrite64, unsigned int, fd, const char __user *, buf, 544 size_t, count, loff_t, pos) 545 { 546 struct fd f; 547 ssize_t ret = -EBADF; 548 549 if (pos < 0) 550 return -EINVAL; 551 552 f = fdget(fd); 553 if (f.file) { 554 ret = -ESPIPE; 555 if (f.file->f_mode & FMODE_PWRITE) 556 ret = vfs_write(f.file, buf, count, &pos); 557 fdput(f); 558 } 559 560 return ret; 561 } 562 563 /* 564 * Reduce an iovec's length in-place. Return the resulting number of segments 565 */ 566 unsigned long iov_shorten(struct iovec *iov, unsigned long nr_segs, size_t to) 567 { 568 unsigned long seg = 0; 569 size_t len = 0; 570 571 while (seg < nr_segs) { 572 seg++; 573 if (len + iov->iov_len >= to) { 574 iov->iov_len = to - len; 575 break; 576 } 577 len += iov->iov_len; 578 iov++; 579 } 580 return seg; 581 } 582 EXPORT_SYMBOL(iov_shorten); 583 584 static ssize_t do_sync_readv_writev(struct file *filp, const struct iovec *iov, 585 unsigned long nr_segs, size_t len, loff_t *ppos, iov_fn_t fn) 586 { 587 struct kiocb kiocb; 588 ssize_t ret; 589 590 init_sync_kiocb(&kiocb, filp); 591 kiocb.ki_pos = *ppos; 592 kiocb.ki_left = len; 593 kiocb.ki_nbytes = len; 594 595 for (;;) { 596 ret = fn(&kiocb, iov, nr_segs, kiocb.ki_pos); 597 if (ret != -EIOCBRETRY) 598 break; 599 wait_on_retry_sync_kiocb(&kiocb); 600 } 601 602 if (ret == -EIOCBQUEUED) 603 ret = wait_on_sync_kiocb(&kiocb); 604 *ppos = kiocb.ki_pos; 605 return ret; 606 } 607 608 /* Do it by hand, with file-ops */ 609 static ssize_t do_loop_readv_writev(struct file *filp, struct iovec *iov, 610 unsigned long nr_segs, loff_t *ppos, io_fn_t fn) 611 { 612 struct iovec *vector = iov; 613 ssize_t ret = 0; 614 615 while (nr_segs > 0) { 616 void __user *base; 617 size_t len; 618 ssize_t nr; 619 620 base = vector->iov_base; 621 len = vector->iov_len; 622 vector++; 623 nr_segs--; 624 625 nr = fn(filp, base, len, ppos); 626 627 if (nr < 0) { 628 if (!ret) 629 ret = nr; 630 break; 631 } 632 ret += nr; 633 if (nr != len) 634 break; 635 } 636 637 return ret; 638 } 639 640 /* A write operation does a read from user space and vice versa */ 641 #define vrfy_dir(type) ((type) == READ ? VERIFY_WRITE : VERIFY_READ) 642 643 ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector, 644 unsigned long nr_segs, unsigned long fast_segs, 645 struct iovec *fast_pointer, 646 struct iovec **ret_pointer) 647 { 648 unsigned long seg; 649 ssize_t ret; 650 struct iovec *iov = fast_pointer; 651 652 /* 653 * SuS says "The readv() function *may* fail if the iovcnt argument 654 * was less than or equal to 0, or greater than {IOV_MAX}. Linux has 655 * traditionally returned zero for zero segments, so... 656 */ 657 if (nr_segs == 0) { 658 ret = 0; 659 goto out; 660 } 661 662 /* 663 * First get the "struct iovec" from user memory and 664 * verify all the pointers 665 */ 666 if (nr_segs > UIO_MAXIOV) { 667 ret = -EINVAL; 668 goto out; 669 } 670 if (nr_segs > fast_segs) { 671 iov = kmalloc(nr_segs*sizeof(struct iovec), GFP_KERNEL); 672 if (iov == NULL) { 673 ret = -ENOMEM; 674 goto out; 675 } 676 } 677 if (copy_from_user(iov, uvector, nr_segs*sizeof(*uvector))) { 678 ret = -EFAULT; 679 goto out; 680 } 681 682 /* 683 * According to the Single Unix Specification we should return EINVAL 684 * if an element length is < 0 when cast to ssize_t or if the 685 * total length would overflow the ssize_t return value of the 686 * system call. 687 * 688 * Linux caps all read/write calls to MAX_RW_COUNT, and avoids the 689 * overflow case. 690 */ 691 ret = 0; 692 for (seg = 0; seg < nr_segs; seg++) { 693 void __user *buf = iov[seg].iov_base; 694 ssize_t len = (ssize_t)iov[seg].iov_len; 695 696 /* see if we we're about to use an invalid len or if 697 * it's about to overflow ssize_t */ 698 if (len < 0) { 699 ret = -EINVAL; 700 goto out; 701 } 702 if (type >= 0 703 && unlikely(!access_ok(vrfy_dir(type), buf, len))) { 704 ret = -EFAULT; 705 goto out; 706 } 707 if (len > MAX_RW_COUNT - ret) { 708 len = MAX_RW_COUNT - ret; 709 iov[seg].iov_len = len; 710 } 711 ret += len; 712 } 713 out: 714 *ret_pointer = iov; 715 return ret; 716 } 717 718 static ssize_t do_readv_writev(int type, struct file *file, 719 const struct iovec __user * uvector, 720 unsigned long nr_segs, loff_t *pos) 721 { 722 size_t tot_len; 723 struct iovec iovstack[UIO_FASTIOV]; 724 struct iovec *iov = iovstack; 725 ssize_t ret; 726 io_fn_t fn; 727 iov_fn_t fnv; 728 729 if (!file->f_op) { 730 ret = -EINVAL; 731 goto out; 732 } 733 734 ret = rw_copy_check_uvector(type, uvector, nr_segs, 735 ARRAY_SIZE(iovstack), iovstack, &iov); 736 if (ret <= 0) 737 goto out; 738 739 tot_len = ret; 740 ret = rw_verify_area(type, file, pos, tot_len); 741 if (ret < 0) 742 goto out; 743 744 fnv = NULL; 745 if (type == READ) { 746 fn = file->f_op->read; 747 fnv = file->f_op->aio_read; 748 } else { 749 fn = (io_fn_t)file->f_op->write; 750 fnv = file->f_op->aio_write; 751 file_start_write(file); 752 } 753 754 if (fnv) 755 ret = do_sync_readv_writev(file, iov, nr_segs, tot_len, 756 pos, fnv); 757 else 758 ret = do_loop_readv_writev(file, iov, nr_segs, pos, fn); 759 760 if (type != READ) 761 file_end_write(file); 762 763 out: 764 if (iov != iovstack) 765 kfree(iov); 766 if ((ret + (type == READ)) > 0) { 767 if (type == READ) 768 fsnotify_access(file); 769 else 770 fsnotify_modify(file); 771 } 772 return ret; 773 } 774 775 ssize_t vfs_readv(struct file *file, const struct iovec __user *vec, 776 unsigned long vlen, loff_t *pos) 777 { 778 if (!(file->f_mode & FMODE_READ)) 779 return -EBADF; 780 if (!file->f_op || (!file->f_op->aio_read && !file->f_op->read)) 781 return -EINVAL; 782 783 return do_readv_writev(READ, file, vec, vlen, pos); 784 } 785 786 EXPORT_SYMBOL(vfs_readv); 787 788 ssize_t vfs_writev(struct file *file, const struct iovec __user *vec, 789 unsigned long vlen, loff_t *pos) 790 { 791 if (!(file->f_mode & FMODE_WRITE)) 792 return -EBADF; 793 if (!file->f_op || (!file->f_op->aio_write && !file->f_op->write)) 794 return -EINVAL; 795 796 return do_readv_writev(WRITE, file, vec, vlen, pos); 797 } 798 799 EXPORT_SYMBOL(vfs_writev); 800 801 SYSCALL_DEFINE3(readv, unsigned long, fd, const struct iovec __user *, vec, 802 unsigned long, vlen) 803 { 804 struct fd f = fdget(fd); 805 ssize_t ret = -EBADF; 806 807 if (f.file) { 808 loff_t pos = file_pos_read(f.file); 809 ret = vfs_readv(f.file, vec, vlen, &pos); 810 file_pos_write(f.file, pos); 811 fdput(f); 812 } 813 814 if (ret > 0) 815 add_rchar(current, ret); 816 inc_syscr(current); 817 return ret; 818 } 819 820 SYSCALL_DEFINE3(writev, unsigned long, fd, const struct iovec __user *, vec, 821 unsigned long, vlen) 822 { 823 struct fd f = fdget(fd); 824 ssize_t ret = -EBADF; 825 826 if (f.file) { 827 loff_t pos = file_pos_read(f.file); 828 ret = vfs_writev(f.file, vec, vlen, &pos); 829 file_pos_write(f.file, pos); 830 fdput(f); 831 } 832 833 if (ret > 0) 834 add_wchar(current, ret); 835 inc_syscw(current); 836 return ret; 837 } 838 839 static inline loff_t pos_from_hilo(unsigned long high, unsigned long low) 840 { 841 #define HALF_LONG_BITS (BITS_PER_LONG / 2) 842 return (((loff_t)high << HALF_LONG_BITS) << HALF_LONG_BITS) | low; 843 } 844 845 SYSCALL_DEFINE5(preadv, unsigned long, fd, const struct iovec __user *, vec, 846 unsigned long, vlen, unsigned long, pos_l, unsigned long, pos_h) 847 { 848 loff_t pos = pos_from_hilo(pos_h, pos_l); 849 struct fd f; 850 ssize_t ret = -EBADF; 851 852 if (pos < 0) 853 return -EINVAL; 854 855 f = fdget(fd); 856 if (f.file) { 857 ret = -ESPIPE; 858 if (f.file->f_mode & FMODE_PREAD) 859 ret = vfs_readv(f.file, vec, vlen, &pos); 860 fdput(f); 861 } 862 863 if (ret > 0) 864 add_rchar(current, ret); 865 inc_syscr(current); 866 return ret; 867 } 868 869 SYSCALL_DEFINE5(pwritev, unsigned long, fd, const struct iovec __user *, vec, 870 unsigned long, vlen, unsigned long, pos_l, unsigned long, pos_h) 871 { 872 loff_t pos = pos_from_hilo(pos_h, pos_l); 873 struct fd f; 874 ssize_t ret = -EBADF; 875 876 if (pos < 0) 877 return -EINVAL; 878 879 f = fdget(fd); 880 if (f.file) { 881 ret = -ESPIPE; 882 if (f.file->f_mode & FMODE_PWRITE) 883 ret = vfs_writev(f.file, vec, vlen, &pos); 884 fdput(f); 885 } 886 887 if (ret > 0) 888 add_wchar(current, ret); 889 inc_syscw(current); 890 return ret; 891 } 892 893 #ifdef CONFIG_COMPAT 894 895 static ssize_t compat_do_readv_writev(int type, struct file *file, 896 const struct compat_iovec __user *uvector, 897 unsigned long nr_segs, loff_t *pos) 898 { 899 compat_ssize_t tot_len; 900 struct iovec iovstack[UIO_FASTIOV]; 901 struct iovec *iov = iovstack; 902 ssize_t ret; 903 io_fn_t fn; 904 iov_fn_t fnv; 905 906 ret = -EINVAL; 907 if (!file->f_op) 908 goto out; 909 910 ret = -EFAULT; 911 if (!access_ok(VERIFY_READ, uvector, nr_segs*sizeof(*uvector))) 912 goto out; 913 914 ret = compat_rw_copy_check_uvector(type, uvector, nr_segs, 915 UIO_FASTIOV, iovstack, &iov); 916 if (ret <= 0) 917 goto out; 918 919 tot_len = ret; 920 ret = rw_verify_area(type, file, pos, tot_len); 921 if (ret < 0) 922 goto out; 923 924 fnv = NULL; 925 if (type == READ) { 926 fn = file->f_op->read; 927 fnv = file->f_op->aio_read; 928 } else { 929 fn = (io_fn_t)file->f_op->write; 930 fnv = file->f_op->aio_write; 931 file_start_write(file); 932 } 933 934 if (fnv) 935 ret = do_sync_readv_writev(file, iov, nr_segs, tot_len, 936 pos, fnv); 937 else 938 ret = do_loop_readv_writev(file, iov, nr_segs, pos, fn); 939 940 if (type != READ) 941 file_end_write(file); 942 943 out: 944 if (iov != iovstack) 945 kfree(iov); 946 if ((ret + (type == READ)) > 0) { 947 if (type == READ) 948 fsnotify_access(file); 949 else 950 fsnotify_modify(file); 951 } 952 return ret; 953 } 954 955 static size_t compat_readv(struct file *file, 956 const struct compat_iovec __user *vec, 957 unsigned long vlen, loff_t *pos) 958 { 959 ssize_t ret = -EBADF; 960 961 if (!(file->f_mode & FMODE_READ)) 962 goto out; 963 964 ret = -EINVAL; 965 if (!file->f_op || (!file->f_op->aio_read && !file->f_op->read)) 966 goto out; 967 968 ret = compat_do_readv_writev(READ, file, vec, vlen, pos); 969 970 out: 971 if (ret > 0) 972 add_rchar(current, ret); 973 inc_syscr(current); 974 return ret; 975 } 976 977 COMPAT_SYSCALL_DEFINE3(readv, unsigned long, fd, 978 const struct compat_iovec __user *,vec, 979 unsigned long, vlen) 980 { 981 struct fd f = fdget(fd); 982 ssize_t ret; 983 loff_t pos; 984 985 if (!f.file) 986 return -EBADF; 987 pos = f.file->f_pos; 988 ret = compat_readv(f.file, vec, vlen, &pos); 989 f.file->f_pos = pos; 990 fdput(f); 991 return ret; 992 } 993 994 COMPAT_SYSCALL_DEFINE4(preadv64, unsigned long, fd, 995 const struct compat_iovec __user *,vec, 996 unsigned long, vlen, loff_t, pos) 997 { 998 struct fd f; 999 ssize_t ret; 1000 1001 if (pos < 0) 1002 return -EINVAL; 1003 f = fdget(fd); 1004 if (!f.file) 1005 return -EBADF; 1006 ret = -ESPIPE; 1007 if (f.file->f_mode & FMODE_PREAD) 1008 ret = compat_readv(f.file, vec, vlen, &pos); 1009 fdput(f); 1010 return ret; 1011 } 1012 1013 COMPAT_SYSCALL_DEFINE5(preadv, unsigned long, fd, 1014 const struct compat_iovec __user *,vec, 1015 unsigned long, vlen, u32, pos_low, u32, pos_high) 1016 { 1017 loff_t pos = ((loff_t)pos_high << 32) | pos_low; 1018 return compat_sys_preadv64(fd, vec, vlen, pos); 1019 } 1020 1021 static size_t compat_writev(struct file *file, 1022 const struct compat_iovec __user *vec, 1023 unsigned long vlen, loff_t *pos) 1024 { 1025 ssize_t ret = -EBADF; 1026 1027 if (!(file->f_mode & FMODE_WRITE)) 1028 goto out; 1029 1030 ret = -EINVAL; 1031 if (!file->f_op || (!file->f_op->aio_write && !file->f_op->write)) 1032 goto out; 1033 1034 ret = compat_do_readv_writev(WRITE, file, vec, vlen, pos); 1035 1036 out: 1037 if (ret > 0) 1038 add_wchar(current, ret); 1039 inc_syscw(current); 1040 return ret; 1041 } 1042 1043 COMPAT_SYSCALL_DEFINE3(writev, unsigned long, fd, 1044 const struct compat_iovec __user *, vec, 1045 unsigned long, vlen) 1046 { 1047 struct fd f = fdget(fd); 1048 ssize_t ret; 1049 loff_t pos; 1050 1051 if (!f.file) 1052 return -EBADF; 1053 pos = f.file->f_pos; 1054 ret = compat_writev(f.file, vec, vlen, &pos); 1055 f.file->f_pos = pos; 1056 fdput(f); 1057 return ret; 1058 } 1059 1060 COMPAT_SYSCALL_DEFINE4(pwritev64, unsigned long, fd, 1061 const struct compat_iovec __user *,vec, 1062 unsigned long, vlen, loff_t, pos) 1063 { 1064 struct fd f; 1065 ssize_t ret; 1066 1067 if (pos < 0) 1068 return -EINVAL; 1069 f = fdget(fd); 1070 if (!f.file) 1071 return -EBADF; 1072 ret = -ESPIPE; 1073 if (f.file->f_mode & FMODE_PWRITE) 1074 ret = compat_writev(f.file, vec, vlen, &pos); 1075 fdput(f); 1076 return ret; 1077 } 1078 1079 COMPAT_SYSCALL_DEFINE5(pwritev, unsigned long, fd, 1080 const struct compat_iovec __user *,vec, 1081 unsigned long, vlen, u32, pos_low, u32, pos_high) 1082 { 1083 loff_t pos = ((loff_t)pos_high << 32) | pos_low; 1084 return compat_sys_pwritev64(fd, vec, vlen, pos); 1085 } 1086 #endif 1087 1088 static ssize_t do_sendfile(int out_fd, int in_fd, loff_t *ppos, 1089 size_t count, loff_t max) 1090 { 1091 struct fd in, out; 1092 struct inode *in_inode, *out_inode; 1093 loff_t pos; 1094 ssize_t retval; 1095 int fl; 1096 1097 /* 1098 * Get input file, and verify that it is ok.. 1099 */ 1100 retval = -EBADF; 1101 in = fdget(in_fd); 1102 if (!in.file) 1103 goto out; 1104 if (!(in.file->f_mode & FMODE_READ)) 1105 goto fput_in; 1106 retval = -ESPIPE; 1107 if (!ppos) 1108 ppos = &in.file->f_pos; 1109 else 1110 if (!(in.file->f_mode & FMODE_PREAD)) 1111 goto fput_in; 1112 retval = rw_verify_area(READ, in.file, ppos, count); 1113 if (retval < 0) 1114 goto fput_in; 1115 count = retval; 1116 1117 /* 1118 * Get output file, and verify that it is ok.. 1119 */ 1120 retval = -EBADF; 1121 out = fdget(out_fd); 1122 if (!out.file) 1123 goto fput_in; 1124 if (!(out.file->f_mode & FMODE_WRITE)) 1125 goto fput_out; 1126 retval = -EINVAL; 1127 in_inode = file_inode(in.file); 1128 out_inode = file_inode(out.file); 1129 retval = rw_verify_area(WRITE, out.file, &out.file->f_pos, count); 1130 if (retval < 0) 1131 goto fput_out; 1132 count = retval; 1133 1134 if (!max) 1135 max = min(in_inode->i_sb->s_maxbytes, out_inode->i_sb->s_maxbytes); 1136 1137 pos = *ppos; 1138 if (unlikely(pos + count > max)) { 1139 retval = -EOVERFLOW; 1140 if (pos >= max) 1141 goto fput_out; 1142 count = max - pos; 1143 } 1144 1145 fl = 0; 1146 #if 0 1147 /* 1148 * We need to debate whether we can enable this or not. The 1149 * man page documents EAGAIN return for the output at least, 1150 * and the application is arguably buggy if it doesn't expect 1151 * EAGAIN on a non-blocking file descriptor. 1152 */ 1153 if (in.file->f_flags & O_NONBLOCK) 1154 fl = SPLICE_F_NONBLOCK; 1155 #endif 1156 retval = do_splice_direct(in.file, ppos, out.file, count, fl); 1157 1158 if (retval > 0) { 1159 add_rchar(current, retval); 1160 add_wchar(current, retval); 1161 fsnotify_access(in.file); 1162 fsnotify_modify(out.file); 1163 } 1164 1165 inc_syscr(current); 1166 inc_syscw(current); 1167 if (*ppos > max) 1168 retval = -EOVERFLOW; 1169 1170 fput_out: 1171 fdput(out); 1172 fput_in: 1173 fdput(in); 1174 out: 1175 return retval; 1176 } 1177 1178 SYSCALL_DEFINE4(sendfile, int, out_fd, int, in_fd, off_t __user *, offset, size_t, count) 1179 { 1180 loff_t pos; 1181 off_t off; 1182 ssize_t ret; 1183 1184 if (offset) { 1185 if (unlikely(get_user(off, offset))) 1186 return -EFAULT; 1187 pos = off; 1188 ret = do_sendfile(out_fd, in_fd, &pos, count, MAX_NON_LFS); 1189 if (unlikely(put_user(pos, offset))) 1190 return -EFAULT; 1191 return ret; 1192 } 1193 1194 return do_sendfile(out_fd, in_fd, NULL, count, 0); 1195 } 1196 1197 SYSCALL_DEFINE4(sendfile64, int, out_fd, int, in_fd, loff_t __user *, offset, size_t, count) 1198 { 1199 loff_t pos; 1200 ssize_t ret; 1201 1202 if (offset) { 1203 if (unlikely(copy_from_user(&pos, offset, sizeof(loff_t)))) 1204 return -EFAULT; 1205 ret = do_sendfile(out_fd, in_fd, &pos, count, 0); 1206 if (unlikely(put_user(pos, offset))) 1207 return -EFAULT; 1208 return ret; 1209 } 1210 1211 return do_sendfile(out_fd, in_fd, NULL, count, 0); 1212 } 1213 1214 #ifdef CONFIG_COMPAT 1215 COMPAT_SYSCALL_DEFINE4(sendfile, int, out_fd, int, in_fd, 1216 compat_off_t __user *, offset, compat_size_t, count) 1217 { 1218 loff_t pos; 1219 off_t off; 1220 ssize_t ret; 1221 1222 if (offset) { 1223 if (unlikely(get_user(off, offset))) 1224 return -EFAULT; 1225 pos = off; 1226 ret = do_sendfile(out_fd, in_fd, &pos, count, MAX_NON_LFS); 1227 if (unlikely(put_user(pos, offset))) 1228 return -EFAULT; 1229 return ret; 1230 } 1231 1232 return do_sendfile(out_fd, in_fd, NULL, count, 0); 1233 } 1234 1235 COMPAT_SYSCALL_DEFINE4(sendfile64, int, out_fd, int, in_fd, 1236 compat_loff_t __user *, offset, compat_size_t, count) 1237 { 1238 loff_t pos; 1239 ssize_t ret; 1240 1241 if (offset) { 1242 if (unlikely(copy_from_user(&pos, offset, sizeof(loff_t)))) 1243 return -EFAULT; 1244 ret = do_sendfile(out_fd, in_fd, &pos, count, 0); 1245 if (unlikely(put_user(pos, offset))) 1246 return -EFAULT; 1247 return ret; 1248 } 1249 1250 return do_sendfile(out_fd, in_fd, NULL, count, 0); 1251 } 1252 #endif 1253