AMD64 - Refactor uio_resid and size_t assumptions.
[dragonfly.git] / sys / kern / kern_fp.c
CommitLineData
39f91578 1/*
8c10bfcf
MD
2 * Copyright (c) 2003,2004 The DragonFly Project. All rights reserved.
3 *
4 * This code is derived from software contributed to The DragonFly Project
5 * by Matthew Dillon <dillon@backplane.com>
6 *
39f91578
MD
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
8c10bfcf 10 *
39f91578
MD
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
8c10bfcf
MD
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39f91578 32 * SUCH DAMAGE.
8c10bfcf 33 *
e7440b28 34 * $DragonFly: src/sys/kern/kern_fp.c,v 1.20 2007/01/12 06:06:57 dillon Exp $
39f91578
MD
35 */
36
37/*
38 * Direct file pointer API functions for in-kernel operations on files. These
39 * functions provide a open/read/write/close like interface within the kernel
40 * for operating on files that are not necessarily associated with processes
41 * and which do not (typically) have descriptors.
42 *
43 * FUTURE: file handle conversion routines to support checkpointing,
44 * and additional file operations (ioctl, fcntl).
45 */
46
47#include <sys/param.h>
48#include <sys/kernel.h>
49#include <sys/systm.h>
50#include <sys/malloc.h>
51#include <sys/sysproto.h>
52#include <sys/conf.h>
53#include <sys/filedesc.h>
54#include <sys/sysctl.h>
55#include <sys/vnode.h>
56#include <sys/proc.h>
895c1f85 57#include <sys/priv.h>
fad57d0e 58#include <sys/nlookup.h>
39f91578
MD
59#include <sys/file.h>
60#include <sys/stat.h>
61#include <sys/filio.h>
62#include <sys/fcntl.h>
63#include <sys/unistd.h>
64#include <sys/resourcevar.h>
65#include <sys/event.h>
66#include <sys/mman.h>
67
68#include <vm/vm.h>
69#include <vm/vm_param.h>
70#include <sys/lock.h>
71#include <vm/pmap.h>
72#include <vm/vm_map.h>
73#include <vm/vm_object.h>
74#include <vm/vm_page.h>
75#include <vm/vm_pager.h>
76#include <vm/vm_pageout.h>
77#include <vm/vm_extern.h>
78#include <vm/vm_page.h>
79#include <vm/vm_kern.h>
80
81#include <sys/file2.h>
82#include <machine/limits.h>
83
84typedef struct file *file_t;
85
86/*
87 * fp_open:
88 *
89 * Open a file as specified. Use O_* flags for flags.
90 *
a235f7bb 91 * NOTE! O_ROOTCRED not quite working yet, vn_open() asserts that the
4a8a7971
MD
92 * cred must match the process's cred. XXX
93 *
94 * NOTE! when fp_open() is called from a pure thread, root creds are
95 * used.
39f91578
MD
96 */
97int
98fp_open(const char *path, int flags, int mode, file_t *fpp)
99{
fad57d0e 100 struct nlookupdata nd;
39f91578
MD
101 struct thread *td;
102 struct file *fp;
103 int error;
104
105 if ((error = falloc(NULL, fpp, NULL)) != 0)
106 return (error);
107 fp = *fpp;
108 td = curthread;
4a8a7971 109 if (td->td_proc) {
fad57d0e 110 if ((flags & O_ROOTCRED) == 0)
4a8a7971 111 fsetcred(fp, td->td_proc->p_ucred);
4a8a7971 112 }
fad57d0e 113 error = nlookup_init(&nd, path, UIO_SYSSPACE, NLC_LOCKVP);
39f91578 114 flags = FFLAGS(flags);
fad57d0e
MD
115 if (error == 0)
116 error = vn_open(&nd, fp, flags, mode);
117 nlookup_done(&nd);
118 if (error) {
9f87144f 119 fdrop(fp);
a235f7bb 120 *fpp = NULL;
39f91578
MD
121 }
122 return(error);
123}
124
351b7b6d
MD
125
126/*
fad57d0e
MD
127 * fp_vpopen(): convert a vnode to a file pointer, call VOP_OPEN() on the
128 * the vnode. The vnode must be refd and locked.
129 *
130 * On success the vnode's ref is inherited by the file pointer and the caller
131 * should not vrele() it, and the vnode is unlocked.
132 *
133 * On failure the vnode remains locked and refd and the caller is responsible
134 * for vput()ing it.
351b7b6d
MD
135 */
136int
137fp_vpopen(struct vnode *vp, int flags, file_t *fpp)
138{
139 struct thread *td;
140 struct file *fp;
141 int vmode;
142 int error;
143
351b7b6d
MD
144 td = curthread;
145
146 /*
147 * Vnode checks (from vn_open())
148 */
149 if (vp->v_type == VLNK) {
150 error = EMLINK;
fad57d0e 151 goto bad2;
351b7b6d
MD
152 }
153 if (vp->v_type == VSOCK) {
154 error = EOPNOTSUPP;
fad57d0e 155 goto bad2;
351b7b6d
MD
156 }
157 flags = FFLAGS(flags);
158 vmode = 0;
159 if (flags & (FWRITE | O_TRUNC)) {
160 if (vp->v_type == VDIR) {
161 error = EISDIR;
fad57d0e 162 goto bad2;
351b7b6d 163 }
468bb1f9 164 error = vn_writechk(vp, NULL);
351b7b6d 165 if (error)
fad57d0e 166 goto bad2;
351b7b6d
MD
167 vmode |= VWRITE;
168 }
169 if (flags & FREAD)
170 vmode |= VREAD;
171 if (vmode) {
87de5057 172 error = VOP_ACCESS(vp, vmode, td->td_proc->p_ucred);
351b7b6d 173 if (error)
fad57d0e 174 goto bad2;
351b7b6d
MD
175 }
176
177 /*
178 * File pointer setup
179 */
180 if ((error = falloc(NULL, fpp, NULL)) != 0)
fad57d0e 181 goto bad2;
351b7b6d
MD
182 fp = *fpp;
183 if ((flags & O_ROOTCRED) == 0 && td->td_proc)
184 fsetcred(fp, td->td_proc->p_ucred);
351b7b6d 185
87de5057 186 error = VOP_OPEN(vp, flags, td->td_proc->p_ucred, fp);
fad57d0e
MD
187 if (error)
188 goto bad1;
189
8ddc6004 190 vput(vp);
fad57d0e
MD
191 return (0);
192bad1:
193 fp->f_ops = &badfileops; /* open failed, don't close */
194 fp->f_data = NULL;
9f87144f 195 fdrop(fp);
fad57d0e
MD
196 /* leave the vnode intact, but fall through and unlock it anyway */
197bad2:
198 *fpp = NULL;
351b7b6d
MD
199 return (error);
200}
201
731100e5
MD
202/*
203 * fp_*read() is meant to operate like the normal descriptor based syscalls
204 * would. Note that if 'buf' points to user memory a UIO_USERSPACE
205 * transfer will be used.
206 */
39f91578 207int
e7440b28
MD
208fp_pread(file_t fp, void *buf, size_t nbytes, off_t offset, ssize_t *res,
209 enum uio_seg seg)
39f91578
MD
210{
211 struct uio auio;
212 struct iovec aiov;
213 size_t count;
214 int error;
215
216 if (res)
217 *res = 0;
e54488bb 218 if (nbytes > LONG_MAX)
39f91578
MD
219 return (EINVAL);
220 bzero(&auio, sizeof(auio));
221 aiov.iov_base = (caddr_t)buf;
222 aiov.iov_len = nbytes;
223 auio.uio_iov = &aiov;
224 auio.uio_iovcnt = 1;
225 auio.uio_offset = offset;
226 auio.uio_resid = nbytes;
227 auio.uio_rw = UIO_READ;
e7440b28 228 auio.uio_segflg = seg;
39f91578
MD
229 auio.uio_td = curthread;
230
231 count = nbytes;
9ba76b73 232 error = fo_read(fp, &auio, fp->f_cred, O_FOFFSET);
39f91578
MD
233 if (error) {
234 if (auio.uio_resid != nbytes && (error == ERESTART || error == EINTR ||
235 error == EWOULDBLOCK)
236 ) {
237 error = 0;
238 }
239 }
240 count -= auio.uio_resid;
241 if (res)
242 *res = count;
243 return(error);
244}
245
246int
e7440b28
MD
247fp_read(file_t fp, void *buf, size_t nbytes, ssize_t *res, int all,
248 enum uio_seg seg)
731100e5
MD
249{
250 struct uio auio;
251 struct iovec aiov;
731100e5 252 int error;
ba9c8ec1 253 int lastresid;
731100e5
MD
254
255 if (res)
256 *res = 0;
e54488bb 257 if (nbytes > LONG_MAX)
731100e5
MD
258 return (EINVAL);
259 bzero(&auio, sizeof(auio));
260 aiov.iov_base = (caddr_t)buf;
261 aiov.iov_len = nbytes;
262 auio.uio_iov = &aiov;
263 auio.uio_iovcnt = 1;
264 auio.uio_offset = 0;
265 auio.uio_resid = nbytes;
266 auio.uio_rw = UIO_READ;
e7440b28 267 auio.uio_segflg = seg;
731100e5
MD
268 auio.uio_td = curthread;
269
ba9c8ec1
MD
270 /*
271 * If all is false call fo_read() once.
272 * If all is true we attempt to read the entire request. We have to
273 * break out of the loop if an unrecoverable error or EOF occurs.
274 */
275 do {
276 lastresid = auio.uio_resid;
87de5057 277 error = fo_read(fp, &auio, fp->f_cred, 0);
ba9c8ec1
MD
278 } while (all && auio.uio_resid &&
279 ((error == 0 && auio.uio_resid != lastresid) ||
280 error == ERESTART || error == EINTR));
281 if (all && error == 0 && auio.uio_resid)
282 error = ESPIPE;
283
284 /*
285 * If an error occured but some data was read, silently forget the
286 * error. However, if this is a non-blocking descriptor and 'all'
287 * was specified, return an error even if some data was read (this
288 * is considered a bug in the caller for using an illegal combination
289 * of 'all' and a non-blocking descriptor).
290 */
731100e5 291 if (error) {
ba9c8ec1
MD
292 if (auio.uio_resid != nbytes) {
293 if (error == ERESTART || error == EINTR)
294 error = 0;
295 if (error == EWOULDBLOCK && all == 0)
296 error = 0;
731100e5
MD
297 }
298 }
731100e5 299 if (res)
ba9c8ec1 300 *res = nbytes - auio.uio_resid;
731100e5
MD
301 return(error);
302}
303
304int
e7440b28
MD
305fp_pwrite(file_t fp, void *buf, size_t nbytes, off_t offset, ssize_t *res,
306 enum uio_seg seg)
39f91578
MD
307{
308 struct uio auio;
309 struct iovec aiov;
310 size_t count;
311 int error;
312
313 if (res)
314 *res = 0;
e54488bb 315 if (nbytes > LONG_MAX)
39f91578
MD
316 return (EINVAL);
317 bzero(&auio, sizeof(auio));
318 aiov.iov_base = (caddr_t)buf;
319 aiov.iov_len = nbytes;
320 auio.uio_iov = &aiov;
321 auio.uio_iovcnt = 1;
322 auio.uio_offset = offset;
323 auio.uio_resid = nbytes;
324 auio.uio_rw = UIO_WRITE;
e7440b28 325 auio.uio_segflg = seg;
39f91578
MD
326 auio.uio_td = curthread;
327
328 count = nbytes;
9ba76b73 329 error = fo_write(fp, &auio, fp->f_cred, O_FOFFSET);
39f91578
MD
330 if (error) {
331 if (auio.uio_resid != nbytes && (error == ERESTART || error == EINTR ||
332 error == EWOULDBLOCK)
333 ) {
334 error = 0;
335 }
336 }
337 count -= auio.uio_resid;
338 if (res)
339 *res = count;
340 return(error);
341}
342
731100e5
MD
343
344int
e7440b28 345fp_write(file_t fp, void *buf, size_t nbytes, ssize_t *res, enum uio_seg seg)
731100e5
MD
346{
347 struct uio auio;
348 struct iovec aiov;
349 size_t count;
350 int error;
351
352 if (res)
353 *res = 0;
e54488bb 354 if (nbytes > LONG_MAX)
731100e5
MD
355 return (EINVAL);
356 bzero(&auio, sizeof(auio));
357 aiov.iov_base = (caddr_t)buf;
358 aiov.iov_len = nbytes;
359 auio.uio_iov = &aiov;
360 auio.uio_iovcnt = 1;
361 auio.uio_offset = 0;
362 auio.uio_resid = nbytes;
363 auio.uio_rw = UIO_WRITE;
e7440b28 364 auio.uio_segflg = seg;
731100e5
MD
365 auio.uio_td = curthread;
366
367 count = nbytes;
87de5057 368 error = fo_write(fp, &auio, fp->f_cred, 0);
731100e5
MD
369 if (error) {
370 if (auio.uio_resid != nbytes && (error == ERESTART || error == EINTR ||
371 error == EWOULDBLOCK)
372 ) {
373 error = 0;
374 }
375 }
376 count -= auio.uio_resid;
377 if (res)
378 *res = count;
379 return(error);
380}
381
39f91578
MD
382int
383fp_stat(file_t fp, struct stat *ub)
384{
385 int error;
386
87de5057 387 error = fo_stat(fp, ub, fp->f_cred);
39f91578
MD
388 return(error);
389}
390
391/*
392 * non-anonymous, non-stack descriptor mappings only!
393 *
394 * This routine mostly snarfed from vm/vm_mmap.c
395 */
396int
397fp_mmap(void *addr_arg, size_t size, int prot, int flags, struct file *fp,
398 off_t pos, void **resp)
399{
400 struct thread *td = curthread;
401 struct proc *p = td->td_proc;
402 vm_size_t pageoff;
403 vm_prot_t maxprot;
404 vm_offset_t addr;
405 void *handle;
406 int error;
407 vm_object_t obj;
408 struct vmspace *vms = p->p_vmspace;
409 struct vnode *vp;
410 int disablexworkaround;
411
412 prot &= VM_PROT_ALL;
413
414 if ((ssize_t)size < 0 || (flags & MAP_ANON))
415 return(EINVAL);
416
417 pageoff = (pos & PAGE_MASK);
418 pos -= pageoff;
419
420 /* Adjust size for rounding (on both ends). */
421 size += pageoff; /* low end... */
422 size = (vm_size_t)round_page(size); /* hi end */
423 addr = (vm_offset_t)addr_arg;
424
425 /*
426 * Check for illegal addresses. Watch out for address wrap... Note
427 * that VM_*_ADDRESS are not constants due to casts (argh).
428 */
429 if (flags & MAP_FIXED) {
430 /*
431 * The specified address must have the same remainder
432 * as the file offset taken modulo PAGE_SIZE, so it
433 * should be aligned after adjustment by pageoff.
434 */
435 addr -= pageoff;
436 if (addr & PAGE_MASK)
437 return (EINVAL);
438 /* Address range must be all in user VM space. */
88181b08 439 if (VM_MAX_USER_ADDRESS > 0 && addr + size > VM_MAX_USER_ADDRESS)
39f91578 440 return (EINVAL);
88181b08 441 if (VM_MIN_USER_ADDRESS > 0 && addr < VM_MIN_USER_ADDRESS)
39f91578 442 return (EINVAL);
39f91578
MD
443 if (addr + size < addr)
444 return (EINVAL);
445 } else if (addr == 0 ||
446 (addr >= round_page((vm_offset_t)vms->vm_taddr) &&
447 addr < round_page((vm_offset_t)vms->vm_daddr + maxdsiz))
448 ) {
449 /*
450 * XXX for non-fixed mappings where no hint is provided or
451 * the hint would fall in the potential heap space,
452 * place it after the end of the largest possible heap.
453 *
454 * There should really be a pmap call to determine a reasonable
455 * location.
456 */
457 addr = round_page((vm_offset_t)vms->vm_daddr + maxdsiz);
458 }
459
460 /*
461 * Mapping file, get fp for validation. Obtain vnode and make
462 * sure it is of appropriate type.
463 */
464 if (fp->f_type != DTYPE_VNODE)
465 return (EINVAL);
466
467 /*
468 * POSIX shared-memory objects are defined to have
469 * kernel persistence, and are not defined to support
470 * read(2)/write(2) -- or even open(2). Thus, we can
471 * use MAP_ASYNC to trade on-disk coherence for speed.
472 * The shm_open(3) library routine turns on the FPOSIXSHM
473 * flag to request this behavior.
474 */
475 if (fp->f_flag & FPOSIXSHM)
476 flags |= MAP_NOSYNC;
477 vp = (struct vnode *) fp->f_data;
478 if (vp->v_type != VREG && vp->v_type != VCHR)
479 return (EINVAL);
480
481 /*
482 * Get the proper underlying object
483 */
484 if (vp->v_type == VREG) {
7540ab49 485 if ((obj = vp->v_object) == NULL)
39f91578 486 return (EINVAL);
7540ab49 487 KKASSERT(vp == (struct vnode *)obj->handle);
39f91578
MD
488 }
489
490 /*
491 * XXX hack to handle use of /dev/zero to map anon memory (ala
492 * SunOS).
493 */
494 if (vp->v_type == VCHR && iszerodev(vp->v_rdev)) {
495 handle = NULL;
496 maxprot = VM_PROT_ALL;
497 flags |= MAP_ANON;
498 pos = 0;
499 } else {
500 /*
501 * cdevs does not provide private mappings of any kind.
502 */
503 /*
504 * However, for XIG X server to continue to work,
505 * we should allow the superuser to do it anyway.
506 * We only allow it at securelevel < 1.
507 * (Because the XIG X server writes directly to video
508 * memory via /dev/mem, it should never work at any
509 * other securelevel.
510 * XXX this will have to go
511 */
512 if (securelevel >= 1)
513 disablexworkaround = 1;
514 else
895c1f85 515 disablexworkaround = priv_check(td, PRIV_ROOT);
39f91578
MD
516 if (vp->v_type == VCHR && disablexworkaround &&
517 (flags & (MAP_PRIVATE|MAP_COPY))) {
518 error = EINVAL;
519 goto done;
520 }
521 /*
522 * Ensure that file and memory protections are
523 * compatible. Note that we only worry about
524 * writability if mapping is shared; in this case,
525 * current and max prot are dictated by the open file.
526 * XXX use the vnode instead? Problem is: what
527 * credentials do we use for determination? What if
528 * proc does a setuid?
529 */
530 maxprot = VM_PROT_EXECUTE; /* ??? */
531 if (fp->f_flag & FREAD) {
532 maxprot |= VM_PROT_READ;
533 } else if (prot & PROT_READ) {
534 error = EACCES;
535 goto done;
536 }
537 /*
538 * If we are sharing potential changes (either via
539 * MAP_SHARED or via the implicit sharing of character
540 * device mappings), and we are trying to get write
541 * permission although we opened it without asking
542 * for it, bail out. Check for superuser, only if
543 * we're at securelevel < 1, to allow the XIG X server
544 * to continue to work.
545 */
546
547 if ((flags & MAP_SHARED) != 0 ||
548 (vp->v_type == VCHR && disablexworkaround)
549 ) {
550 if ((fp->f_flag & FWRITE) != 0) {
551 struct vattr va;
87de5057 552 if ((error = VOP_GETATTR(vp, &va))) {
39f91578
MD
553 goto done;
554 }
555 if ((va.va_flags & (IMMUTABLE|APPEND)) == 0) {
556 maxprot |= VM_PROT_WRITE;
557 } else if (prot & PROT_WRITE) {
558 error = EPERM;
559 goto done;
560 }
561 } else if ((prot & PROT_WRITE) != 0) {
562 error = EACCES;
563 goto done;
564 }
565 } else {
566 maxprot |= VM_PROT_WRITE;
567 }
568 handle = (void *)vp;
569 }
570 error = vm_mmap(&vms->vm_map, &addr, size, prot,
571 maxprot, flags, handle, pos);
572 if (error == 0 && addr_arg)
573 *resp = (void *)addr;
574done:
575 return (error);
576}
577
578int
579fp_close(file_t fp)
580{
9f87144f 581 return(fdrop(fp));
39f91578
MD
582}
583
004d2de5
MD
584int
585fp_shutdown(file_t fp, int how)
586{
87de5057 587 return(fo_shutdown(fp, how));
004d2de5
MD
588}
589