2 * Copyright (c) 2005 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * Copyright (c) 1982, 1986, 1989, 1991, 1993
36 * The Regents of the University of California. All rights reserved.
37 * (c) UNIX System Laboratories, Inc.
38 * All or some portions of this file are derived from material licensed
39 * to the University of California by American Telephone and Telegraph
40 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
41 * the permission of UNIX System Laboratories, Inc.
43 * Redistribution and use in source and binary forms, with or without
44 * modification, are permitted provided that the following conditions
46 * 1. Redistributions of source code must retain the above copyright
47 * notice, this list of conditions and the following disclaimer.
48 * 2. Redistributions in binary form must reproduce the above copyright
49 * notice, this list of conditions and the following disclaimer in the
50 * documentation and/or other materials provided with the distribution.
51 * 3. Neither the name of the University nor the names of its contributors
52 * may be used to endorse or promote products derived from this software
53 * without specific prior written permission.
55 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
56 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
57 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
58 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
59 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
60 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
61 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
62 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
63 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
64 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
67 * @(#)kern_descrip.c 8.6 (Berkeley) 4/19/94
68 * $FreeBSD: src/sys/kern/kern_descrip.c,v 1.81.2.19 2004/02/28 00:43:31 tegge Exp $
71 #include "opt_compat.h"
72 #include <sys/param.h>
73 #include <sys/systm.h>
74 #include <sys/malloc.h>
75 #include <sys/sysproto.h>
77 #include <sys/device.h>
79 #include <sys/filedesc.h>
80 #include <sys/kernel.h>
81 #include <sys/sysctl.h>
82 #include <sys/vnode.h>
84 #include <sys/nlookup.h>
86 #include <sys/filio.h>
87 #include <sys/fcntl.h>
88 #include <sys/unistd.h>
89 #include <sys/resourcevar.h>
90 #include <sys/event.h>
91 #include <sys/kern_syscall.h>
92 #include <sys/kcore.h>
93 #include <sys/kinfo.h>
97 #include <vm/vm_extern.h>
99 #include <sys/thread2.h>
100 #include <sys/file2.h>
101 #include <sys/spinlock2.h>
103 static void fsetfd_locked(struct filedesc *fdp, struct file *fp, int fd);
104 static void fdreserve_locked (struct filedesc *fdp, int fd0, int incr);
105 static struct file *funsetfd_locked (struct filedesc *fdp, int fd);
106 static void ffree(struct file *fp);
108 static MALLOC_DEFINE(M_FILEDESC, "file desc", "Open file descriptor table");
109 static MALLOC_DEFINE(M_FILEDESC_TO_LEADER, "file desc to leader",
110 "file desc to leader structures");
111 MALLOC_DEFINE(M_FILE, "file", "Open file structure");
112 static MALLOC_DEFINE(M_SIGIO, "sigio", "sigio structures");
114 static struct krate krate_uidinfo = { .freq = 1 };
116 static d_open_t fdopen;
119 #define CDEV_MAJOR 22
120 static struct dev_ops fildesc_ops = {
126 * Descriptor management.
128 static struct filelist filehead = LIST_HEAD_INITIALIZER(&filehead);
129 static struct spinlock filehead_spin = SPINLOCK_INITIALIZER(&filehead_spin);
130 static int nfiles; /* actual number of open files */
134 * Fixup fd_freefile and fd_lastfile after a descriptor has been cleared.
136 * MPSAFE - must be called with fdp->fd_spin exclusively held
140 fdfixup_locked(struct filedesc *fdp, int fd)
142 if (fd < fdp->fd_freefile) {
143 fdp->fd_freefile = fd;
145 while (fdp->fd_lastfile >= 0 &&
146 fdp->fd_files[fdp->fd_lastfile].fp == NULL &&
147 fdp->fd_files[fdp->fd_lastfile].reserved == 0
154 * System calls on descriptors.
159 sys_getdtablesize(struct getdtablesize_args *uap)
161 struct proc *p = curproc;
162 struct plimit *limit = p->p_limit;
165 spin_lock(&limit->p_spin);
166 if (limit->pl_rlimit[RLIMIT_NOFILE].rlim_cur > INT_MAX)
169 dtsize = (int)limit->pl_rlimit[RLIMIT_NOFILE].rlim_cur;
170 spin_unlock(&limit->p_spin);
172 if (dtsize > maxfilesperproc)
173 dtsize = maxfilesperproc;
174 if (dtsize < minfilesperproc)
175 dtsize = minfilesperproc;
176 if (p->p_ucred->cr_uid && dtsize > maxfilesperuser)
177 dtsize = maxfilesperuser;
178 uap->sysmsg_result = dtsize;
183 * Duplicate a file descriptor to a particular value.
185 * note: keep in mind that a potential race condition exists when closing
186 * descriptors from a shared descriptor table (via rfork).
191 sys_dup2(struct dup2_args *uap)
196 error = kern_dup(DUP_FIXED, uap->from, uap->to, &fd);
197 uap->sysmsg_fds[0] = fd;
203 * Duplicate a file descriptor.
208 sys_dup(struct dup_args *uap)
213 error = kern_dup(DUP_VARIABLE, uap->fd, 0, &fd);
214 uap->sysmsg_fds[0] = fd;
220 * MPALMOSTSAFE - acquires mplock for fp operations
223 kern_fcntl(int fd, int cmd, union fcntl_dat *dat, struct ucred *cred)
225 struct thread *td = curthread;
226 struct proc *p = td->td_proc;
232 int tmp, error, flg = F_POSIX;
237 * Operations on file descriptors that do not require a file pointer.
241 error = fgetfdflags(p->p_fd, fd, &tmp);
243 dat->fc_cloexec = (tmp & UF_EXCLOSE) ? FD_CLOEXEC : 0;
247 if (dat->fc_cloexec & FD_CLOEXEC)
248 error = fsetfdflags(p->p_fd, fd, UF_EXCLOSE);
250 error = fclrfdflags(p->p_fd, fd, UF_EXCLOSE);
254 error = kern_dup(DUP_VARIABLE | DUP_FCNTL, fd, newmin,
257 case F_DUPFD_CLOEXEC:
259 error = kern_dup(DUP_VARIABLE | DUP_CLOEXEC | DUP_FCNTL,
260 fd, newmin, &dat->fc_fd);
264 error = kern_dup(DUP_FIXED, fd, newmin, &dat->fc_fd);
266 case F_DUP2FD_CLOEXEC:
268 error = kern_dup(DUP_FIXED | DUP_CLOEXEC, fd, newmin,
276 * Operations on file pointers
278 if ((fp = holdfp(p->p_fd, fd, -1)) == NULL)
283 dat->fc_flags = OFLAGS(fp->f_flag);
289 nflags = FFLAGS(dat->fc_flags & ~O_ACCMODE) & FCNTLFLAGS;
290 nflags |= oflags & ~FCNTLFLAGS;
293 if (((nflags ^ oflags) & O_APPEND) && (oflags & FAPPENDONLY))
295 if (error == 0 && ((nflags ^ oflags) & FASYNC)) {
296 tmp = nflags & FASYNC;
297 error = fo_ioctl(fp, FIOASYNC, (caddr_t)&tmp,
305 error = fo_ioctl(fp, FIOGETOWN, (caddr_t)&dat->fc_owner,
310 error = fo_ioctl(fp, FIOSETOWN, (caddr_t)&dat->fc_owner,
316 /* Fall into F_SETLK */
319 if (fp->f_type != DTYPE_VNODE) {
323 vp = (struct vnode *)fp->f_data;
326 * copyin/lockop may block
328 if (dat->fc_flock.l_whence == SEEK_CUR)
329 dat->fc_flock.l_start += fp->f_offset;
331 switch (dat->fc_flock.l_type) {
333 if ((fp->f_flag & FREAD) == 0) {
337 if ((p->p_leader->p_flags & P_ADVLOCK) == 0) {
338 lwkt_gettoken(&p->p_leader->p_token);
339 p->p_leader->p_flags |= P_ADVLOCK;
340 lwkt_reltoken(&p->p_leader->p_token);
342 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK,
343 &dat->fc_flock, flg);
346 if ((fp->f_flag & FWRITE) == 0) {
350 if ((p->p_leader->p_flags & P_ADVLOCK) == 0) {
351 lwkt_gettoken(&p->p_leader->p_token);
352 p->p_leader->p_flags |= P_ADVLOCK;
353 lwkt_reltoken(&p->p_leader->p_token);
355 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK,
356 &dat->fc_flock, flg);
359 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_UNLCK,
360 &dat->fc_flock, F_POSIX);
368 * It is possible to race a close() on the descriptor while
369 * we were blocked getting the lock. If this occurs the
370 * close might not have caught the lock.
372 if (checkfdclosed(p->p_fd, fd, fp)) {
373 dat->fc_flock.l_whence = SEEK_SET;
374 dat->fc_flock.l_start = 0;
375 dat->fc_flock.l_len = 0;
376 dat->fc_flock.l_type = F_UNLCK;
377 (void) VOP_ADVLOCK(vp, (caddr_t)p->p_leader,
378 F_UNLCK, &dat->fc_flock, F_POSIX);
383 if (fp->f_type != DTYPE_VNODE) {
387 vp = (struct vnode *)fp->f_data;
389 * copyin/lockop may block
391 if (dat->fc_flock.l_type != F_RDLCK &&
392 dat->fc_flock.l_type != F_WRLCK &&
393 dat->fc_flock.l_type != F_UNLCK) {
397 if (dat->fc_flock.l_whence == SEEK_CUR)
398 dat->fc_flock.l_start += fp->f_offset;
399 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_GETLK,
400 &dat->fc_flock, F_POSIX);
412 * The file control system call.
417 sys_fcntl(struct fcntl_args *uap)
425 case F_DUPFD_CLOEXEC:
426 case F_DUP2FD_CLOEXEC:
427 dat.fc_fd = uap->arg;
430 dat.fc_cloexec = uap->arg;
433 dat.fc_flags = uap->arg;
436 dat.fc_owner = uap->arg;
441 error = copyin((caddr_t)uap->arg, &dat.fc_flock,
442 sizeof(struct flock));
448 error = kern_fcntl(uap->fd, uap->cmd, &dat, curthread->td_ucred);
454 case F_DUPFD_CLOEXEC:
455 case F_DUP2FD_CLOEXEC:
456 uap->sysmsg_result = dat.fc_fd;
459 uap->sysmsg_result = dat.fc_cloexec;
462 uap->sysmsg_result = dat.fc_flags;
465 uap->sysmsg_result = dat.fc_owner;
468 error = copyout(&dat.fc_flock, (caddr_t)uap->arg,
469 sizeof(struct flock));
478 * Common code for dup, dup2, and fcntl(F_DUPFD).
480 * There are four type flags: DUP_FCNTL, DUP_FIXED, DUP_VARIABLE, and
483 * DUP_FCNTL is for handling EINVAL vs. EBADF differences between
484 * fcntl()'s F_DUPFD and F_DUPFD_CLOEXEC and dup2() (per POSIX).
485 * The next two flags are mutually exclusive, and the fourth is optional.
486 * DUP_FIXED tells kern_dup() to destructively dup over an existing file
487 * descriptor if "new" is already open. DUP_VARIABLE tells kern_dup()
488 * to find the lowest unused file descriptor that is greater than or
489 * equal to "new". DUP_CLOEXEC, which works with either of the first
490 * two flags, sets the close-on-exec flag on the "new" file descriptor.
495 kern_dup(int flags, int old, int new, int *res)
497 struct thread *td = curthread;
498 struct proc *p = td->td_proc;
499 struct filedesc *fdp = p->p_fd;
508 * Verify that we have a valid descriptor to dup from and
509 * possibly to dup to. When the new descriptor is out of
510 * bounds, fcntl()'s F_DUPFD and F_DUPFD_CLOEXEC must
511 * return EINVAL, while dup2() returns EBADF in
514 * NOTE: maxfilesperuser is not applicable to dup()
517 if (p->p_rlimit[RLIMIT_NOFILE].rlim_cur > INT_MAX)
520 dtsize = (int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur;
521 if (dtsize > maxfilesperproc)
522 dtsize = maxfilesperproc;
523 if (dtsize < minfilesperproc)
524 dtsize = minfilesperproc;
526 if (new < 0 || new > dtsize)
527 return (flags & DUP_FCNTL ? EINVAL : EBADF);
529 spin_lock(&fdp->fd_spin);
530 if ((unsigned)old >= fdp->fd_nfiles || fdp->fd_files[old].fp == NULL) {
531 spin_unlock(&fdp->fd_spin);
534 if ((flags & DUP_FIXED) && old == new) {
536 if (flags & DUP_CLOEXEC)
537 fdp->fd_files[new].fileflags |= UF_EXCLOSE;
538 spin_unlock(&fdp->fd_spin);
541 fp = fdp->fd_files[old].fp;
542 oldflags = fdp->fd_files[old].fileflags;
543 fhold(fp); /* MPSAFE - can be called with a spinlock held */
546 * Allocate a new descriptor if DUP_VARIABLE, or expand the table
547 * if the requested descriptor is beyond the current table size.
549 * This can block. Retry if the source descriptor no longer matches
550 * or if our expectation in the expansion case races.
552 * If we are not expanding or allocating a new decriptor, then reset
553 * the target descriptor to a reserved state so we have a uniform
554 * setup for the next code block.
556 if ((flags & DUP_VARIABLE) || new >= fdp->fd_nfiles) {
557 spin_unlock(&fdp->fd_spin);
558 error = fdalloc(p, new, &newfd);
559 spin_lock(&fdp->fd_spin);
561 spin_unlock(&fdp->fd_spin);
568 if (old >= fdp->fd_nfiles || fdp->fd_files[old].fp != fp) {
569 fsetfd_locked(fdp, NULL, newfd);
570 spin_unlock(&fdp->fd_spin);
575 * Check for expansion race
577 if ((flags & DUP_VARIABLE) == 0 && new != newfd) {
578 fsetfd_locked(fdp, NULL, newfd);
579 spin_unlock(&fdp->fd_spin);
584 * Check for ripout, newfd reused old (this case probably
588 fsetfd_locked(fdp, NULL, newfd);
589 spin_unlock(&fdp->fd_spin);
596 if (fdp->fd_files[new].reserved) {
597 spin_unlock(&fdp->fd_spin);
599 kprintf("Warning: dup(): target descriptor %d is reserved, waiting for it to be resolved\n", new);
600 tsleep(fdp, 0, "fdres", hz);
605 * If the target descriptor was never allocated we have
606 * to allocate it. If it was we have to clean out the
607 * old descriptor. delfp inherits the ref from the
610 delfp = fdp->fd_files[new].fp;
611 fdp->fd_files[new].fp = NULL;
612 fdp->fd_files[new].reserved = 1;
614 fdreserve_locked(fdp, new, 1);
615 if (new > fdp->fd_lastfile)
616 fdp->fd_lastfile = new;
622 * NOTE: still holding an exclusive spinlock
626 * If a descriptor is being overwritten we may hve to tell
627 * fdfree() to sleep to ensure that all relevant process
628 * leaders can be traversed in closef().
630 if (delfp != NULL && p->p_fdtol != NULL) {
631 fdp->fd_holdleaderscount++;
636 KASSERT(delfp == NULL || (flags & DUP_FIXED),
637 ("dup() picked an open file"));
640 * Duplicate the source descriptor, update lastfile. If the new
641 * descriptor was not allocated and we aren't replacing an existing
642 * descriptor we have to mark the descriptor as being in use.
644 * The fd_files[] array inherits fp's hold reference.
646 fsetfd_locked(fdp, fp, new);
647 if ((flags & DUP_CLOEXEC) != 0)
648 fdp->fd_files[new].fileflags = oldflags | UF_EXCLOSE;
650 fdp->fd_files[new].fileflags = oldflags & ~UF_EXCLOSE;
651 spin_unlock(&fdp->fd_spin);
656 * If we dup'd over a valid file, we now own the reference to it
657 * and must dispose of it using closef() semantics (as if a
658 * close() were performed on it).
661 if (SLIST_FIRST(&delfp->f_klist))
662 knote_fdclose(delfp, fdp, new);
665 spin_lock(&fdp->fd_spin);
666 fdp->fd_holdleaderscount--;
667 if (fdp->fd_holdleaderscount == 0 &&
668 fdp->fd_holdleaderswakeup != 0) {
669 fdp->fd_holdleaderswakeup = 0;
670 spin_unlock(&fdp->fd_spin);
671 wakeup(&fdp->fd_holdleaderscount);
673 spin_unlock(&fdp->fd_spin);
681 * If sigio is on the list associated with a process or process group,
682 * disable signalling from the device, remove sigio from the list and
688 funsetown(struct sigio **sigiop)
694 if ((sigio = *sigiop) != NULL) {
695 lwkt_gettoken(&sigio_token); /* protect sigio */
696 KKASSERT(sigiop == sigio->sio_myref);
699 lwkt_reltoken(&sigio_token);
704 if (sigio->sio_pgid < 0) {
705 pgrp = sigio->sio_pgrp;
706 sigio->sio_pgrp = NULL;
707 lwkt_gettoken(&pgrp->pg_token);
708 SLIST_REMOVE(&pgrp->pg_sigiolst, sigio, sigio, sio_pgsigio);
709 lwkt_reltoken(&pgrp->pg_token);
711 } else /* if ((*sigiop)->sio_pgid > 0) */ {
713 sigio->sio_proc = NULL;
715 lwkt_gettoken(&p->p_token);
716 SLIST_REMOVE(&p->p_sigiolst, sigio, sigio, sio_pgsigio);
717 lwkt_reltoken(&p->p_token);
720 crfree(sigio->sio_ucred);
721 sigio->sio_ucred = NULL;
722 kfree(sigio, M_SIGIO);
726 * Free a list of sigio structures. Caller is responsible for ensuring
727 * that the list is MPSAFE.
732 funsetownlst(struct sigiolst *sigiolst)
736 while ((sigio = SLIST_FIRST(sigiolst)) != NULL)
737 funsetown(sigio->sio_myref);
741 * This is common code for FIOSETOWN ioctl called by fcntl(fd, F_SETOWN, arg).
743 * After permission checking, add a sigio structure to the sigio list for
744 * the process or process group.
749 fsetown(pid_t pgid, struct sigio **sigiop)
751 struct proc *proc = NULL;
752 struct pgrp *pgrp = NULL;
769 * Policy - Don't allow a process to FSETOWN a process
770 * in another session.
772 * Remove this test to allow maximum flexibility or
773 * restrict FSETOWN to the current process or process
774 * group for maximum safety.
776 if (proc->p_session != curproc->p_session) {
780 } else /* if (pgid < 0) */ {
781 pgrp = pgfind(-pgid);
788 * Policy - Don't allow a process to FSETOWN a process
789 * in another session.
791 * Remove this test to allow maximum flexibility or
792 * restrict FSETOWN to the current process or process
793 * group for maximum safety.
795 if (pgrp->pg_session != curproc->p_session) {
800 sigio = kmalloc(sizeof(struct sigio), M_SIGIO, M_WAITOK | M_ZERO);
802 KKASSERT(pgrp == NULL);
803 lwkt_gettoken(&proc->p_token);
804 SLIST_INSERT_HEAD(&proc->p_sigiolst, sigio, sio_pgsigio);
805 sigio->sio_proc = proc;
806 lwkt_reltoken(&proc->p_token);
808 KKASSERT(proc == NULL);
809 lwkt_gettoken(&pgrp->pg_token);
810 SLIST_INSERT_HEAD(&pgrp->pg_sigiolst, sigio, sio_pgsigio);
811 sigio->sio_pgrp = pgrp;
812 lwkt_reltoken(&pgrp->pg_token);
815 sigio->sio_pgid = pgid;
816 sigio->sio_ucred = crhold(curthread->td_ucred);
817 /* It would be convenient if p_ruid was in ucred. */
818 sigio->sio_ruid = sigio->sio_ucred->cr_ruid;
819 sigio->sio_myref = sigiop;
821 lwkt_gettoken(&sigio_token);
825 lwkt_reltoken(&sigio_token);
836 * This is common code for FIOGETOWN ioctl called by fcntl(fd, F_GETOWN, arg).
841 fgetown(struct sigio **sigiop)
846 lwkt_gettoken_shared(&sigio_token);
848 own = (sigio != NULL ? sigio->sio_pgid : 0);
849 lwkt_reltoken(&sigio_token);
855 * Close many file descriptors.
860 sys_closefrom(struct closefrom_args *uap)
862 return(kern_closefrom(uap->fd));
866 * Close all file descriptors greater then or equal to fd
871 kern_closefrom(int fd)
873 struct thread *td = curthread;
874 struct proc *p = td->td_proc;
875 struct filedesc *fdp;
884 * NOTE: This function will skip unassociated descriptors and
885 * reserved descriptors that have not yet been assigned.
886 * fd_lastfile can change as a side effect of kern_close().
888 spin_lock(&fdp->fd_spin);
889 while (fd <= fdp->fd_lastfile) {
890 if (fdp->fd_files[fd].fp != NULL) {
891 spin_unlock(&fdp->fd_spin);
892 /* ok if this races another close */
893 if (kern_close(fd) == EINTR)
895 spin_lock(&fdp->fd_spin);
899 spin_unlock(&fdp->fd_spin);
904 * Close a file descriptor.
909 sys_close(struct close_args *uap)
911 return(kern_close(uap->fd));
920 struct thread *td = curthread;
921 struct proc *p = td->td_proc;
922 struct filedesc *fdp;
930 spin_lock(&fdp->fd_spin);
931 if ((fp = funsetfd_locked(fdp, fd)) == NULL) {
932 spin_unlock(&fdp->fd_spin);
936 if (p->p_fdtol != NULL) {
938 * Ask fdfree() to sleep to ensure that all relevant
939 * process leaders can be traversed in closef().
941 fdp->fd_holdleaderscount++;
946 * we now hold the fp reference that used to be owned by the descriptor
949 spin_unlock(&fdp->fd_spin);
950 if (SLIST_FIRST(&fp->f_klist))
951 knote_fdclose(fp, fdp, fd);
952 error = closef(fp, p);
954 spin_lock(&fdp->fd_spin);
955 fdp->fd_holdleaderscount--;
956 if (fdp->fd_holdleaderscount == 0 &&
957 fdp->fd_holdleaderswakeup != 0) {
958 fdp->fd_holdleaderswakeup = 0;
959 spin_unlock(&fdp->fd_spin);
960 wakeup(&fdp->fd_holdleaderscount);
962 spin_unlock(&fdp->fd_spin);
969 * shutdown_args(int fd, int how)
972 kern_shutdown(int fd, int how)
974 struct thread *td = curthread;
975 struct proc *p = td->td_proc;
981 if ((fp = holdfp(p->p_fd, fd, -1)) == NULL)
983 error = fo_shutdown(fp, how);
993 sys_shutdown(struct shutdown_args *uap)
997 error = kern_shutdown(uap->s, uap->how);
1006 kern_fstat(int fd, struct stat *ub)
1008 struct thread *td = curthread;
1009 struct proc *p = td->td_proc;
1015 if ((fp = holdfp(p->p_fd, fd, -1)) == NULL)
1017 error = fo_stat(fp, ub, td->td_ucred);
1024 * Return status information about a file descriptor.
1029 sys_fstat(struct fstat_args *uap)
1034 error = kern_fstat(uap->fd, &st);
1037 error = copyout(&st, uap->sb, sizeof(st));
1042 * Return pathconf information about a file descriptor.
1047 sys_fpathconf(struct fpathconf_args *uap)
1049 struct thread *td = curthread;
1050 struct proc *p = td->td_proc;
1055 if ((fp = holdfp(p->p_fd, uap->fd, -1)) == NULL)
1058 switch (fp->f_type) {
1061 if (uap->name != _PC_PIPE_BUF) {
1064 uap->sysmsg_result = PIPE_BUF;
1070 vp = (struct vnode *)fp->f_data;
1071 error = VOP_PATHCONF(vp, uap->name, &uap->sysmsg_reg);
1081 static int fdexpand;
1082 SYSCTL_INT(_debug, OID_AUTO, fdexpand, CTLFLAG_RD, &fdexpand, 0,
1083 "Number of times a file table has been expanded");
1086 * Grow the file table so it can hold through descriptor (want).
1088 * The fdp's spinlock must be held exclusively on entry and may be held
1089 * exclusively on return. The spinlock may be cycled by the routine.
1094 fdgrow_locked(struct filedesc *fdp, int want)
1096 struct fdnode *newfiles;
1097 struct fdnode *oldfiles;
1100 nf = fdp->fd_nfiles;
1102 /* nf has to be of the form 2^n - 1 */
1104 } while (nf <= want);
1106 spin_unlock(&fdp->fd_spin);
1107 newfiles = kmalloc(nf * sizeof(struct fdnode), M_FILEDESC, M_WAITOK);
1108 spin_lock(&fdp->fd_spin);
1111 * We could have raced another extend while we were not holding
1114 if (fdp->fd_nfiles >= nf) {
1115 spin_unlock(&fdp->fd_spin);
1116 kfree(newfiles, M_FILEDESC);
1117 spin_lock(&fdp->fd_spin);
1121 * Copy the existing ofile and ofileflags arrays
1122 * and zero the new portion of each array.
1124 extra = nf - fdp->fd_nfiles;
1125 bcopy(fdp->fd_files, newfiles, fdp->fd_nfiles * sizeof(struct fdnode));
1126 bzero(&newfiles[fdp->fd_nfiles], extra * sizeof(struct fdnode));
1128 oldfiles = fdp->fd_files;
1129 fdp->fd_files = newfiles;
1130 fdp->fd_nfiles = nf;
1132 if (oldfiles != fdp->fd_builtin_files) {
1133 spin_unlock(&fdp->fd_spin);
1134 kfree(oldfiles, M_FILEDESC);
1135 spin_lock(&fdp->fd_spin);
1141 * Number of nodes in right subtree, including the root.
1144 right_subtree_size(int n)
1146 return (n ^ (n | (n + 1)));
1153 right_ancestor(int n)
1155 return (n | (n + 1));
1162 left_ancestor(int n)
1164 return ((n & (n + 1)) - 1);
1168 * Traverse the in-place binary tree buttom-up adjusting the allocation
1169 * count so scans can determine where free descriptors are located.
1171 * MPSAFE - caller must be holding an exclusive spinlock on fdp
1175 fdreserve_locked(struct filedesc *fdp, int fd, int incr)
1178 fdp->fd_files[fd].allocated += incr;
1179 KKASSERT(fdp->fd_files[fd].allocated >= 0);
1180 fd = left_ancestor(fd);
1185 * Reserve a file descriptor for the process. If no error occurs, the
1186 * caller MUST at some point call fsetfd() or assign a file pointer
1187 * or dispose of the reservation.
1192 fdalloc(struct proc *p, int want, int *result)
1194 struct filedesc *fdp = p->p_fd;
1195 struct uidinfo *uip;
1196 int fd, rsize, rsum, node, lim;
1199 * Check dtable size limit
1201 spin_lock(&p->p_limit->p_spin);
1202 if (p->p_rlimit[RLIMIT_NOFILE].rlim_cur > INT_MAX)
1205 lim = (int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur;
1206 spin_unlock(&p->p_limit->p_spin);
1208 if (lim > maxfilesperproc)
1209 lim = maxfilesperproc;
1210 if (lim < minfilesperproc)
1211 lim = minfilesperproc;
1216 * Check that the user has not run out of descriptors (non-root only).
1217 * As a safety measure the dtable is allowed to have at least
1218 * minfilesperproc open fds regardless of the maxfilesperuser limit.
1220 if (p->p_ucred->cr_uid && fdp->fd_nfiles >= minfilesperproc) {
1221 uip = p->p_ucred->cr_uidinfo;
1222 if (uip->ui_openfiles > maxfilesperuser) {
1223 krateprintf(&krate_uidinfo,
1224 "Warning: user %d pid %d (%s) ran out of "
1225 "file descriptors (%d/%d)\n",
1226 p->p_ucred->cr_uid, (int)p->p_pid,
1228 uip->ui_openfiles, maxfilesperuser);
1234 * Grow the dtable if necessary
1236 spin_lock(&fdp->fd_spin);
1237 if (want >= fdp->fd_nfiles)
1238 fdgrow_locked(fdp, want);
1241 * Search for a free descriptor starting at the higher
1242 * of want or fd_freefile. If that fails, consider
1243 * expanding the ofile array.
1245 * NOTE! the 'allocated' field is a cumulative recursive allocation
1246 * count. If we happen to see a value of 0 then we can shortcut
1247 * our search. Otherwise we run through through the tree going
1248 * down branches we know have free descriptor(s) until we hit a
1249 * leaf node. The leaf node will be free but will not necessarily
1250 * have an allocated field of 0.
1253 /* move up the tree looking for a subtree with a free node */
1254 for (fd = max(want, fdp->fd_freefile); fd < min(fdp->fd_nfiles, lim);
1255 fd = right_ancestor(fd)) {
1256 if (fdp->fd_files[fd].allocated == 0)
1259 rsize = right_subtree_size(fd);
1260 if (fdp->fd_files[fd].allocated == rsize)
1261 continue; /* right subtree full */
1264 * Free fd is in the right subtree of the tree rooted at fd.
1265 * Call that subtree R. Look for the smallest (leftmost)
1266 * subtree of R with an unallocated fd: continue moving
1267 * down the left branch until encountering a full left
1268 * subtree, then move to the right.
1270 for (rsum = 0, rsize /= 2; rsize > 0; rsize /= 2) {
1272 rsum += fdp->fd_files[node].allocated;
1273 if (fdp->fd_files[fd].allocated == rsum + rsize) {
1274 fd = node; /* move to the right */
1275 if (fdp->fd_files[node].allocated == 0)
1284 * No space in current array. Expand?
1286 if (fdp->fd_nfiles >= lim) {
1287 spin_unlock(&fdp->fd_spin);
1290 fdgrow_locked(fdp, want);
1294 KKASSERT(fd < fdp->fd_nfiles);
1295 if (fd > fdp->fd_lastfile)
1296 fdp->fd_lastfile = fd;
1297 if (want <= fdp->fd_freefile)
1298 fdp->fd_freefile = fd;
1300 KKASSERT(fdp->fd_files[fd].fp == NULL);
1301 KKASSERT(fdp->fd_files[fd].reserved == 0);
1302 fdp->fd_files[fd].fileflags = 0;
1303 fdp->fd_files[fd].reserved = 1;
1304 fdreserve_locked(fdp, fd, 1);
1305 spin_unlock(&fdp->fd_spin);
1310 * Check to see whether n user file descriptors
1311 * are available to the process p.
1316 fdavail(struct proc *p, int n)
1318 struct filedesc *fdp = p->p_fd;
1319 struct fdnode *fdnode;
1322 spin_lock(&p->p_limit->p_spin);
1323 if (p->p_rlimit[RLIMIT_NOFILE].rlim_cur > INT_MAX)
1326 lim = (int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur;
1327 spin_unlock(&p->p_limit->p_spin);
1329 if (lim > maxfilesperproc)
1330 lim = maxfilesperproc;
1331 if (lim < minfilesperproc)
1332 lim = minfilesperproc;
1334 spin_lock(&fdp->fd_spin);
1335 if ((i = lim - fdp->fd_nfiles) > 0 && (n -= i) <= 0) {
1336 spin_unlock(&fdp->fd_spin);
1339 last = min(fdp->fd_nfiles, lim);
1340 fdnode = &fdp->fd_files[fdp->fd_freefile];
1341 for (i = last - fdp->fd_freefile; --i >= 0; ++fdnode) {
1342 if (fdnode->fp == NULL && --n <= 0) {
1343 spin_unlock(&fdp->fd_spin);
1347 spin_unlock(&fdp->fd_spin);
1352 * Revoke open descriptors referencing (f_data, f_type)
1354 * Any revoke executed within a prison is only able to
1355 * revoke descriptors for processes within that prison.
1357 * Returns 0 on success or an error code.
1359 struct fdrevoke_info {
1369 static int fdrevoke_check_callback(struct file *fp, void *vinfo);
1370 static int fdrevoke_proc_callback(struct proc *p, void *vinfo);
1373 fdrevoke(void *f_data, short f_type, struct ucred *cred)
1375 struct fdrevoke_info info;
1378 bzero(&info, sizeof(info));
1382 error = falloc(NULL, &info.nfp, NULL);
1387 * Scan the file pointer table once. dups do not dup file pointers,
1388 * only descriptors, so there is no leak. Set FREVOKED on the fps
1391 allfiles_scan_exclusive(fdrevoke_check_callback, &info);
1394 * If any fps were marked track down the related descriptors
1395 * and close them. Any dup()s at this point will notice
1396 * the FREVOKED already set in the fp and do the right thing.
1398 * Any fps with non-zero msgcounts (aka sent over a unix-domain
1399 * socket) bumped the intransit counter and will require a
1400 * scan. Races against fps leaving the socket are closed by
1401 * the socket code checking for FREVOKED.
1404 allproc_scan(fdrevoke_proc_callback, &info);
1406 unp_revoke_gc(info.nfp);
1412 * Locate matching file pointers directly.
1414 * WARNING: allfiles_scan_exclusive() holds a spinlock through these calls!
1417 fdrevoke_check_callback(struct file *fp, void *vinfo)
1419 struct fdrevoke_info *info = vinfo;
1422 * File pointers already flagged for revokation are skipped.
1424 if (fp->f_flag & FREVOKED)
1428 * If revoking from a prison file pointers created outside of
1429 * that prison, or file pointers without creds, cannot be revoked.
1431 if (info->cred->cr_prison &&
1432 (fp->f_cred == NULL ||
1433 info->cred->cr_prison != fp->f_cred->cr_prison)) {
1438 * If the file pointer matches then mark it for revocation. The
1439 * flag is currently only used by unp_revoke_gc().
1441 * info->count is a heuristic and can race in a SMP environment.
1443 if (info->data == fp->f_data && info->type == fp->f_type) {
1444 atomic_set_int(&fp->f_flag, FREVOKED);
1445 info->count += fp->f_count;
1453 * Locate matching file pointers via process descriptor tables.
1456 fdrevoke_proc_callback(struct proc *p, void *vinfo)
1458 struct fdrevoke_info *info = vinfo;
1459 struct filedesc *fdp;
1463 if (p->p_stat == SIDL || p->p_stat == SZOMB)
1465 if (info->cred->cr_prison &&
1466 info->cred->cr_prison != p->p_ucred->cr_prison) {
1471 * If the controlling terminal of the process matches the
1472 * vnode being revoked we clear the controlling terminal.
1474 * The normal spec_close() may not catch this because it
1475 * uses curproc instead of p.
1477 if (p->p_session && info->type == DTYPE_VNODE &&
1478 info->data == p->p_session->s_ttyvp) {
1479 p->p_session->s_ttyvp = NULL;
1484 * Softref the fdp to prevent it from being destroyed
1486 spin_lock(&p->p_spin);
1487 if ((fdp = p->p_fd) == NULL) {
1488 spin_unlock(&p->p_spin);
1491 atomic_add_int(&fdp->fd_softrefs, 1);
1492 spin_unlock(&p->p_spin);
1495 * Locate and close any matching file descriptors.
1497 spin_lock(&fdp->fd_spin);
1498 for (n = 0; n < fdp->fd_nfiles; ++n) {
1499 if ((fp = fdp->fd_files[n].fp) == NULL)
1501 if (fp->f_flag & FREVOKED) {
1503 fdp->fd_files[n].fp = info->nfp;
1504 spin_unlock(&fdp->fd_spin);
1505 knote_fdclose(fp, fdp, n); /* XXX */
1507 spin_lock(&fdp->fd_spin);
1511 spin_unlock(&fdp->fd_spin);
1512 atomic_subtract_int(&fdp->fd_softrefs, 1);
1518 * Create a new open file structure and reserve a file decriptor
1519 * for the process that refers to it.
1521 * Root creds are checked using lp, or assumed if lp is NULL. If
1522 * resultfd is non-NULL then lp must also be non-NULL. No file
1523 * descriptor is reserved (and no process context is needed) if
1526 * A file pointer with a refcount of 1 is returned. Note that the
1527 * file pointer is NOT associated with the descriptor. If falloc
1528 * returns success, fsetfd() MUST be called to either associate the
1529 * file pointer or clear the reservation.
1534 falloc(struct lwp *lp, struct file **resultfp, int *resultfd)
1536 static struct timeval lastfail;
1539 struct ucred *cred = lp ? lp->lwp_thread->td_ucred : proc0.p_ucred;
1545 * Handle filetable full issues and root overfill.
1547 if (nfiles >= maxfiles - maxfilesrootres &&
1548 (cred->cr_ruid != 0 || nfiles >= maxfiles)) {
1549 if (ppsratecheck(&lastfail, &curfail, 1)) {
1550 kprintf("kern.maxfiles limit exceeded by uid %d, "
1551 "please see tuning(7).\n",
1559 * Allocate a new file descriptor.
1561 fp = kmalloc(sizeof(struct file), M_FILE, M_WAITOK | M_ZERO);
1562 spin_init(&fp->f_spin);
1563 SLIST_INIT(&fp->f_klist);
1565 fp->f_ops = &badfileops;
1568 spin_lock(&filehead_spin);
1570 LIST_INSERT_HEAD(&filehead, fp, f_list);
1571 spin_unlock(&filehead_spin);
1573 if ((error = fdalloc(lp->lwp_proc, 0, resultfd)) != 0) {
1586 * Check for races against a file descriptor by determining that the
1587 * file pointer is still associated with the specified file descriptor,
1588 * and a close is not currently in progress.
1593 checkfdclosed(struct filedesc *fdp, int fd, struct file *fp)
1597 spin_lock_shared(&fdp->fd_spin);
1598 if ((unsigned)fd >= fdp->fd_nfiles || fp != fdp->fd_files[fd].fp)
1602 spin_unlock_shared(&fdp->fd_spin);
1607 * Associate a file pointer with a previously reserved file descriptor.
1608 * This function always succeeds.
1610 * If fp is NULL, the file descriptor is returned to the pool.
1614 * MPSAFE (exclusive spinlock must be held on call)
1617 fsetfd_locked(struct filedesc *fdp, struct file *fp, int fd)
1619 KKASSERT((unsigned)fd < fdp->fd_nfiles);
1620 KKASSERT(fdp->fd_files[fd].reserved != 0);
1623 fdp->fd_files[fd].fp = fp;
1624 fdp->fd_files[fd].reserved = 0;
1626 fdp->fd_files[fd].reserved = 0;
1627 fdreserve_locked(fdp, fd, -1);
1628 fdfixup_locked(fdp, fd);
1636 fsetfd(struct filedesc *fdp, struct file *fp, int fd)
1638 spin_lock(&fdp->fd_spin);
1639 fsetfd_locked(fdp, fp, fd);
1640 spin_unlock(&fdp->fd_spin);
1644 * MPSAFE (exclusive spinlock must be held on call)
1648 funsetfd_locked(struct filedesc *fdp, int fd)
1652 if ((unsigned)fd >= fdp->fd_nfiles)
1654 if ((fp = fdp->fd_files[fd].fp) == NULL)
1656 fdp->fd_files[fd].fp = NULL;
1657 fdp->fd_files[fd].fileflags = 0;
1659 fdreserve_locked(fdp, fd, -1);
1660 fdfixup_locked(fdp, fd);
1668 fgetfdflags(struct filedesc *fdp, int fd, int *flagsp)
1672 spin_lock(&fdp->fd_spin);
1673 if (((u_int)fd) >= fdp->fd_nfiles) {
1675 } else if (fdp->fd_files[fd].fp == NULL) {
1678 *flagsp = fdp->fd_files[fd].fileflags;
1681 spin_unlock(&fdp->fd_spin);
1689 fsetfdflags(struct filedesc *fdp, int fd, int add_flags)
1693 spin_lock(&fdp->fd_spin);
1694 if (((u_int)fd) >= fdp->fd_nfiles) {
1696 } else if (fdp->fd_files[fd].fp == NULL) {
1699 fdp->fd_files[fd].fileflags |= add_flags;
1702 spin_unlock(&fdp->fd_spin);
1710 fclrfdflags(struct filedesc *fdp, int fd, int rem_flags)
1714 spin_lock(&fdp->fd_spin);
1715 if (((u_int)fd) >= fdp->fd_nfiles) {
1717 } else if (fdp->fd_files[fd].fp == NULL) {
1720 fdp->fd_files[fd].fileflags &= ~rem_flags;
1723 spin_unlock(&fdp->fd_spin);
1728 * Set/Change/Clear the creds for a fp and synchronize the uidinfo.
1731 fsetcred(struct file *fp, struct ucred *ncr)
1734 struct uidinfo *uip;
1737 if (ocr == NULL || ncr == NULL || ocr->cr_uidinfo != ncr->cr_uidinfo) {
1739 uip = ocr->cr_uidinfo;
1740 atomic_add_int(&uip->ui_openfiles, -1);
1743 uip = ncr->cr_uidinfo;
1744 atomic_add_int(&uip->ui_openfiles, 1);
1755 * Free a file descriptor.
1759 ffree(struct file *fp)
1761 KASSERT((fp->f_count == 0), ("ffree: fp_fcount not 0!"));
1762 spin_lock(&filehead_spin);
1763 LIST_REMOVE(fp, f_list);
1765 spin_unlock(&filehead_spin);
1767 if (fp->f_nchandle.ncp)
1768 cache_drop(&fp->f_nchandle);
1773 * called from init_main, initialize filedesc0 for proc0.
1776 fdinit_bootstrap(struct proc *p0, struct filedesc *fdp0, int cmask)
1780 fdp0->fd_refcnt = 1;
1781 fdp0->fd_cmask = cmask;
1782 fdp0->fd_files = fdp0->fd_builtin_files;
1783 fdp0->fd_nfiles = NDFILE;
1784 fdp0->fd_lastfile = -1;
1785 spin_init(&fdp0->fd_spin);
1789 * Build a new filedesc structure.
1794 fdinit(struct proc *p)
1796 struct filedesc *newfdp;
1797 struct filedesc *fdp = p->p_fd;
1799 newfdp = kmalloc(sizeof(struct filedesc), M_FILEDESC, M_WAITOK|M_ZERO);
1800 spin_lock(&fdp->fd_spin);
1802 newfdp->fd_cdir = fdp->fd_cdir;
1803 vref(newfdp->fd_cdir);
1804 cache_copy(&fdp->fd_ncdir, &newfdp->fd_ncdir);
1808 * rdir may not be set in e.g. proc0 or anything vm_fork'd off of
1809 * proc0, but should unconditionally exist in other processes.
1812 newfdp->fd_rdir = fdp->fd_rdir;
1813 vref(newfdp->fd_rdir);
1814 cache_copy(&fdp->fd_nrdir, &newfdp->fd_nrdir);
1817 newfdp->fd_jdir = fdp->fd_jdir;
1818 vref(newfdp->fd_jdir);
1819 cache_copy(&fdp->fd_njdir, &newfdp->fd_njdir);
1821 spin_unlock(&fdp->fd_spin);
1823 /* Create the file descriptor table. */
1824 newfdp->fd_refcnt = 1;
1825 newfdp->fd_cmask = cmask;
1826 newfdp->fd_files = newfdp->fd_builtin_files;
1827 newfdp->fd_nfiles = NDFILE;
1828 newfdp->fd_lastfile = -1;
1829 spin_init(&newfdp->fd_spin);
1835 * Share a filedesc structure.
1840 fdshare(struct proc *p)
1842 struct filedesc *fdp;
1845 spin_lock(&fdp->fd_spin);
1847 spin_unlock(&fdp->fd_spin);
1852 * Copy a filedesc structure.
1857 fdcopy(struct proc *p, struct filedesc **fpp)
1859 struct filedesc *fdp = p->p_fd;
1860 struct filedesc *newfdp;
1861 struct fdnode *fdnode;
1866 * Certain daemons might not have file descriptors.
1872 * Allocate the new filedesc and fd_files[] array. This can race
1873 * with operations by other threads on the fdp so we have to be
1876 newfdp = kmalloc(sizeof(struct filedesc),
1877 M_FILEDESC, M_WAITOK | M_ZERO | M_NULLOK);
1878 if (newfdp == NULL) {
1883 spin_lock(&fdp->fd_spin);
1884 if (fdp->fd_lastfile < NDFILE) {
1885 newfdp->fd_files = newfdp->fd_builtin_files;
1889 * We have to allocate (N^2-1) entries for our in-place
1890 * binary tree. Allow the table to shrink.
1894 while (ni > fdp->fd_lastfile && ni > NDFILE) {
1898 spin_unlock(&fdp->fd_spin);
1899 newfdp->fd_files = kmalloc(i * sizeof(struct fdnode),
1900 M_FILEDESC, M_WAITOK | M_ZERO);
1903 * Check for race, retry
1905 spin_lock(&fdp->fd_spin);
1906 if (i <= fdp->fd_lastfile) {
1907 spin_unlock(&fdp->fd_spin);
1908 kfree(newfdp->fd_files, M_FILEDESC);
1914 * Dup the remaining fields. vref() and cache_hold() can be
1915 * safely called while holding the read spinlock on fdp.
1917 * The read spinlock on fdp is still being held.
1919 * NOTE: vref and cache_hold calls for the case where the vnode
1920 * or cache entry already has at least one ref may be called
1921 * while holding spin locks.
1923 if ((newfdp->fd_cdir = fdp->fd_cdir) != NULL) {
1924 vref(newfdp->fd_cdir);
1925 cache_copy(&fdp->fd_ncdir, &newfdp->fd_ncdir);
1928 * We must check for fd_rdir here, at least for now because
1929 * the init process is created before we have access to the
1930 * rootvode to take a reference to it.
1932 if ((newfdp->fd_rdir = fdp->fd_rdir) != NULL) {
1933 vref(newfdp->fd_rdir);
1934 cache_copy(&fdp->fd_nrdir, &newfdp->fd_nrdir);
1936 if ((newfdp->fd_jdir = fdp->fd_jdir) != NULL) {
1937 vref(newfdp->fd_jdir);
1938 cache_copy(&fdp->fd_njdir, &newfdp->fd_njdir);
1940 newfdp->fd_refcnt = 1;
1941 newfdp->fd_nfiles = i;
1942 newfdp->fd_lastfile = fdp->fd_lastfile;
1943 newfdp->fd_freefile = fdp->fd_freefile;
1944 newfdp->fd_cmask = fdp->fd_cmask;
1945 spin_init(&newfdp->fd_spin);
1948 * Copy the descriptor table through (i). This also copies the
1949 * allocation state. Then go through and ref the file pointers
1950 * and clean up any KQ descriptors.
1952 * kq descriptors cannot be copied. Since we haven't ref'd the
1953 * copied files yet we can ignore the return value from funsetfd().
1955 * The read spinlock on fdp is still being held.
1957 bcopy(fdp->fd_files, newfdp->fd_files, i * sizeof(struct fdnode));
1958 for (i = 0 ; i < newfdp->fd_nfiles; ++i) {
1959 fdnode = &newfdp->fd_files[i];
1960 if (fdnode->reserved) {
1961 fdreserve_locked(newfdp, i, -1);
1962 fdnode->reserved = 0;
1963 fdfixup_locked(newfdp, i);
1964 } else if (fdnode->fp) {
1965 if (fdnode->fp->f_type == DTYPE_KQUEUE) {
1966 (void)funsetfd_locked(newfdp, i);
1972 spin_unlock(&fdp->fd_spin);
1978 * Release a filedesc structure.
1980 * NOT MPSAFE (MPSAFE for refs > 1, but the final cleanup code is not MPSAFE)
1983 fdfree(struct proc *p, struct filedesc *repl)
1985 struct filedesc *fdp;
1986 struct fdnode *fdnode;
1988 struct filedesc_to_leader *fdtol;
1994 * Certain daemons might not have file descriptors.
2003 * Severe messing around to follow.
2005 spin_lock(&fdp->fd_spin);
2007 /* Check for special need to clear POSIX style locks */
2009 if (fdtol != NULL) {
2010 KASSERT(fdtol->fdl_refcount > 0,
2011 ("filedesc_to_refcount botch: fdl_refcount=%d",
2012 fdtol->fdl_refcount));
2013 if (fdtol->fdl_refcount == 1 &&
2014 (p->p_leader->p_flags & P_ADVLOCK) != 0) {
2015 for (i = 0; i <= fdp->fd_lastfile; ++i) {
2016 fdnode = &fdp->fd_files[i];
2017 if (fdnode->fp == NULL ||
2018 fdnode->fp->f_type != DTYPE_VNODE) {
2023 spin_unlock(&fdp->fd_spin);
2025 lf.l_whence = SEEK_SET;
2028 lf.l_type = F_UNLCK;
2029 vp = (struct vnode *)fp->f_data;
2030 (void) VOP_ADVLOCK(vp,
2031 (caddr_t)p->p_leader,
2036 spin_lock(&fdp->fd_spin);
2040 if (fdtol->fdl_refcount == 1) {
2041 if (fdp->fd_holdleaderscount > 0 &&
2042 (p->p_leader->p_flags & P_ADVLOCK) != 0) {
2044 * close() or do_dup() has cleared a reference
2045 * in a shared file descriptor table.
2047 fdp->fd_holdleaderswakeup = 1;
2048 ssleep(&fdp->fd_holdleaderscount,
2049 &fdp->fd_spin, 0, "fdlhold", 0);
2052 if (fdtol->fdl_holdcount > 0) {
2054 * Ensure that fdtol->fdl_leader
2055 * remains valid in closef().
2057 fdtol->fdl_wakeup = 1;
2058 ssleep(fdtol, &fdp->fd_spin, 0, "fdlhold", 0);
2062 fdtol->fdl_refcount--;
2063 if (fdtol->fdl_refcount == 0 &&
2064 fdtol->fdl_holdcount == 0) {
2065 fdtol->fdl_next->fdl_prev = fdtol->fdl_prev;
2066 fdtol->fdl_prev->fdl_next = fdtol->fdl_next;
2071 if (fdtol != NULL) {
2072 spin_unlock(&fdp->fd_spin);
2073 kfree(fdtol, M_FILEDESC_TO_LEADER);
2074 spin_lock(&fdp->fd_spin);
2077 if (--fdp->fd_refcnt > 0) {
2078 spin_unlock(&fdp->fd_spin);
2079 spin_lock(&p->p_spin);
2081 spin_unlock(&p->p_spin);
2086 * Even though we are the last reference to the structure allproc
2087 * scans may still reference the structure. Maintain proper
2088 * locks until we can replace p->p_fd.
2090 * Also note that kqueue's closef still needs to reference the
2091 * fdp via p->p_fd, so we have to close the descriptors before
2092 * we replace p->p_fd.
2094 for (i = 0; i <= fdp->fd_lastfile; ++i) {
2095 if (fdp->fd_files[i].fp) {
2096 fp = funsetfd_locked(fdp, i);
2098 spin_unlock(&fdp->fd_spin);
2099 if (SLIST_FIRST(&fp->f_klist))
2100 knote_fdclose(fp, fdp, i);
2102 spin_lock(&fdp->fd_spin);
2106 spin_unlock(&fdp->fd_spin);
2109 * Interlock against an allproc scan operations (typically frevoke).
2111 spin_lock(&p->p_spin);
2113 spin_unlock(&p->p_spin);
2116 * Wait for any softrefs to go away. This race rarely occurs so
2117 * we can use a non-critical-path style poll/sleep loop. The
2118 * race only occurs against allproc scans.
2120 * No new softrefs can occur with the fdp disconnected from the
2123 if (fdp->fd_softrefs) {
2124 kprintf("pid %d: Warning, fdp race avoided\n", p->p_pid);
2125 while (fdp->fd_softrefs)
2126 tsleep(&fdp->fd_softrefs, 0, "fdsoft", 1);
2129 if (fdp->fd_files != fdp->fd_builtin_files)
2130 kfree(fdp->fd_files, M_FILEDESC);
2132 cache_drop(&fdp->fd_ncdir);
2133 vrele(fdp->fd_cdir);
2136 cache_drop(&fdp->fd_nrdir);
2137 vrele(fdp->fd_rdir);
2140 cache_drop(&fdp->fd_njdir);
2141 vrele(fdp->fd_jdir);
2143 kfree(fdp, M_FILEDESC);
2147 * Retrieve and reference the file pointer associated with a descriptor.
2152 holdfp(struct filedesc *fdp, int fd, int flag)
2156 spin_lock_shared(&fdp->fd_spin);
2157 if (((u_int)fd) >= fdp->fd_nfiles) {
2161 if ((fp = fdp->fd_files[fd].fp) == NULL)
2163 if ((fp->f_flag & flag) == 0 && flag != -1) {
2169 spin_unlock_shared(&fdp->fd_spin);
2174 * holdsock() - load the struct file pointer associated
2175 * with a socket into *fpp. If an error occurs, non-zero
2176 * will be returned and *fpp will be set to NULL.
2181 holdsock(struct filedesc *fdp, int fd, struct file **fpp)
2186 spin_lock_shared(&fdp->fd_spin);
2187 if ((unsigned)fd >= fdp->fd_nfiles) {
2192 if ((fp = fdp->fd_files[fd].fp) == NULL) {
2196 if (fp->f_type != DTYPE_SOCKET) {
2203 spin_unlock_shared(&fdp->fd_spin);
2209 * Convert a user file descriptor to a held file pointer.
2214 holdvnode(struct filedesc *fdp, int fd, struct file **fpp)
2219 spin_lock_shared(&fdp->fd_spin);
2220 if ((unsigned)fd >= fdp->fd_nfiles) {
2225 if ((fp = fdp->fd_files[fd].fp) == NULL) {
2229 if (fp->f_type != DTYPE_VNODE && fp->f_type != DTYPE_FIFO) {
2237 spin_unlock_shared(&fdp->fd_spin);
2243 * For setugid programs, we don't want to people to use that setugidness
2244 * to generate error messages which write to a file which otherwise would
2245 * otherwise be off-limits to the process.
2247 * This is a gross hack to plug the hole. A better solution would involve
2248 * a special vop or other form of generalized access control mechanism. We
2249 * go ahead and just reject all procfs file systems accesses as dangerous.
2251 * Since setugidsafety calls this only for fd 0, 1 and 2, this check is
2252 * sufficient. We also don't for check setugidness since we know we are.
2255 is_unsafe(struct file *fp)
2257 if (fp->f_type == DTYPE_VNODE &&
2258 ((struct vnode *)(fp->f_data))->v_tag == VT_PROCFS)
2264 * Make this setguid thing safe, if at all possible.
2266 * NOT MPSAFE - scans fdp without spinlocks, calls knote_fdclose()
2269 setugidsafety(struct proc *p)
2271 struct filedesc *fdp = p->p_fd;
2274 /* Certain daemons might not have file descriptors. */
2279 * note: fdp->fd_files may be reallocated out from under us while
2280 * we are blocked in a close. Be careful!
2282 for (i = 0; i <= fdp->fd_lastfile; i++) {
2285 if (fdp->fd_files[i].fp && is_unsafe(fdp->fd_files[i].fp)) {
2289 * NULL-out descriptor prior to close to avoid
2290 * a race while close blocks.
2292 if ((fp = funsetfd_locked(fdp, i)) != NULL) {
2293 knote_fdclose(fp, fdp, i);
2301 * Close any files on exec?
2303 * NOT MPSAFE - scans fdp without spinlocks, calls knote_fdclose()
2306 fdcloseexec(struct proc *p)
2308 struct filedesc *fdp = p->p_fd;
2311 /* Certain daemons might not have file descriptors. */
2316 * We cannot cache fd_files since operations may block and rip
2317 * them out from under us.
2319 for (i = 0; i <= fdp->fd_lastfile; i++) {
2320 if (fdp->fd_files[i].fp != NULL &&
2321 (fdp->fd_files[i].fileflags & UF_EXCLOSE)) {
2325 * NULL-out descriptor prior to close to avoid
2326 * a race while close blocks.
2328 if ((fp = funsetfd_locked(fdp, i)) != NULL) {
2329 knote_fdclose(fp, fdp, i);
2337 * It is unsafe for set[ug]id processes to be started with file
2338 * descriptors 0..2 closed, as these descriptors are given implicit
2339 * significance in the Standard C library. fdcheckstd() will create a
2340 * descriptor referencing /dev/null for each of stdin, stdout, and
2341 * stderr that is not already open.
2343 * NOT MPSAFE - calls falloc, vn_open, etc
2346 fdcheckstd(struct lwp *lp)
2348 struct nlookupdata nd;
2349 struct filedesc *fdp;
2352 int i, error, flags, devnull;
2354 fdp = lp->lwp_proc->p_fd;
2359 for (i = 0; i < 3; i++) {
2360 if (fdp->fd_files[i].fp != NULL)
2363 if ((error = falloc(lp, &fp, &devnull)) != 0)
2366 error = nlookup_init(&nd, "/dev/null", UIO_SYSSPACE,
2367 NLC_FOLLOW|NLC_LOCKVP);
2368 flags = FREAD | FWRITE;
2370 error = vn_open(&nd, fp, flags, 0);
2372 fsetfd(fdp, fp, devnull);
2374 fsetfd(fdp, NULL, devnull);
2379 KKASSERT(i == devnull);
2381 error = kern_dup(DUP_FIXED, devnull, i, &retval);
2390 * Internal form of close.
2391 * Decrement reference count on file structure.
2392 * Note: td and/or p may be NULL when closing a file
2393 * that was being passed in a message.
2395 * MPALMOSTSAFE - acquires mplock for VOP operations
2398 closef(struct file *fp, struct proc *p)
2402 struct filedesc_to_leader *fdtol;
2408 * POSIX record locking dictates that any close releases ALL
2409 * locks owned by this process. This is handled by setting
2410 * a flag in the unlock to free ONLY locks obeying POSIX
2411 * semantics, and not to free BSD-style file locks.
2412 * If the descriptor was in a message, POSIX-style locks
2413 * aren't passed with the descriptor.
2415 if (p != NULL && fp->f_type == DTYPE_VNODE &&
2416 (((struct vnode *)fp->f_data)->v_flag & VMAYHAVELOCKS)
2418 if ((p->p_leader->p_flags & P_ADVLOCK) != 0) {
2419 lf.l_whence = SEEK_SET;
2422 lf.l_type = F_UNLCK;
2423 vp = (struct vnode *)fp->f_data;
2424 (void) VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_UNLCK,
2428 if (fdtol != NULL) {
2429 lwkt_gettoken(&p->p_token);
2431 * Handle special case where file descriptor table
2432 * is shared between multiple process leaders.
2434 for (fdtol = fdtol->fdl_next;
2435 fdtol != p->p_fdtol;
2436 fdtol = fdtol->fdl_next) {
2437 if ((fdtol->fdl_leader->p_flags &
2440 fdtol->fdl_holdcount++;
2441 lf.l_whence = SEEK_SET;
2444 lf.l_type = F_UNLCK;
2445 vp = (struct vnode *)fp->f_data;
2446 (void) VOP_ADVLOCK(vp,
2447 (caddr_t)fdtol->fdl_leader,
2448 F_UNLCK, &lf, F_POSIX);
2449 fdtol->fdl_holdcount--;
2450 if (fdtol->fdl_holdcount == 0 &&
2451 fdtol->fdl_wakeup != 0) {
2452 fdtol->fdl_wakeup = 0;
2456 lwkt_reltoken(&p->p_token);
2465 * fhold() can only be called if f_count is already at least 1 (i.e. the
2466 * caller of fhold() already has a reference to the file pointer in some
2469 * f_count is not spin-locked. Instead, atomic ops are used for
2470 * incrementing, decrementing, and handling the 1->0 transition.
2473 fhold(struct file *fp)
2475 atomic_add_int(&fp->f_count, 1);
2479 * fdrop() - drop a reference to a descriptor
2481 * MPALMOSTSAFE - acquires mplock for final close sequence
2484 fdrop(struct file *fp)
2491 * A combined fetch and subtract is needed to properly detect
2492 * 1->0 transitions, otherwise two cpus dropping from a ref
2493 * count of 2 might both try to run the 1->0 code.
2495 if (atomic_fetchadd_int(&fp->f_count, -1) > 1)
2498 KKASSERT(SLIST_FIRST(&fp->f_klist) == NULL);
2501 * The last reference has gone away, we own the fp structure free
2504 if (fp->f_count < 0)
2505 panic("fdrop: count < 0");
2506 if ((fp->f_flag & FHASLOCK) && fp->f_type == DTYPE_VNODE &&
2507 (((struct vnode *)fp->f_data)->v_flag & VMAYHAVELOCKS)
2509 lf.l_whence = SEEK_SET;
2512 lf.l_type = F_UNLCK;
2513 vp = (struct vnode *)fp->f_data;
2514 (void) VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, 0);
2516 if (fp->f_ops != &badfileops)
2517 error = fo_close(fp);
2525 * Apply an advisory lock on a file descriptor.
2527 * Just attempt to get a record lock of the requested type on
2528 * the entire file (l_whence = SEEK_SET, l_start = 0, l_len = 0).
2533 sys_flock(struct flock_args *uap)
2535 struct proc *p = curproc;
2541 if ((fp = holdfp(p->p_fd, uap->fd, -1)) == NULL)
2543 if (fp->f_type != DTYPE_VNODE) {
2547 vp = (struct vnode *)fp->f_data;
2548 lf.l_whence = SEEK_SET;
2551 if (uap->how & LOCK_UN) {
2552 lf.l_type = F_UNLCK;
2553 fp->f_flag &= ~FHASLOCK;
2554 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, 0);
2557 if (uap->how & LOCK_EX)
2558 lf.l_type = F_WRLCK;
2559 else if (uap->how & LOCK_SH)
2560 lf.l_type = F_RDLCK;
2565 fp->f_flag |= FHASLOCK;
2566 if (uap->how & LOCK_NB)
2567 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf, 0);
2569 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf, F_WAIT);
2576 * File Descriptor pseudo-device driver (/dev/fd/).
2578 * Opening minor device N dup()s the file (if any) connected to file
2579 * descriptor N belonging to the calling process. Note that this driver
2580 * consists of only the ``open()'' routine, because all subsequent
2581 * references to this file will be direct to the other driver.
2584 fdopen(struct dev_open_args *ap)
2586 thread_t td = curthread;
2588 KKASSERT(td->td_lwp != NULL);
2591 * XXX Kludge: set curlwp->lwp_dupfd to contain the value of the
2592 * the file descriptor being sought for duplication. The error
2593 * return ensures that the vnode for this device will be released
2594 * by vn_open. Open will detect this special error and take the
2595 * actions in dupfdopen below. Other callers of vn_open or VOP_OPEN
2596 * will simply report the error.
2598 td->td_lwp->lwp_dupfd = minor(ap->a_head.a_dev);
2603 * The caller has reserved the file descriptor dfd for us. On success we
2604 * must fsetfd() it. On failure the caller will clean it up.
2609 dupfdopen(struct filedesc *fdp, int dfd, int sfd, int mode, int error)
2615 if ((wfp = holdfp(fdp, sfd, -1)) == NULL)
2619 * Close a revoke/dup race. Duping a descriptor marked as revoked
2620 * will dup a dummy descriptor instead of the real one.
2622 if (wfp->f_flag & FREVOKED) {
2623 kprintf("Warning: attempt to dup() a revoked descriptor\n");
2626 werror = falloc(NULL, &wfp, NULL);
2632 * There are two cases of interest here.
2634 * For ENODEV simply dup sfd to file descriptor dfd and return.
2636 * For ENXIO steal away the file structure from sfd and store it
2637 * dfd. sfd is effectively closed by this operation.
2639 * Any other error code is just returned.
2644 * Check that the mode the file is being opened for is a
2645 * subset of the mode of the existing descriptor.
2647 if (((mode & (FREAD|FWRITE)) | wfp->f_flag) != wfp->f_flag) {
2651 spin_lock(&fdp->fd_spin);
2652 fdp->fd_files[dfd].fileflags = fdp->fd_files[sfd].fileflags;
2653 fsetfd_locked(fdp, wfp, dfd);
2654 spin_unlock(&fdp->fd_spin);
2659 * Steal away the file pointer from dfd, and stuff it into indx.
2661 spin_lock(&fdp->fd_spin);
2662 fdp->fd_files[dfd].fileflags = fdp->fd_files[sfd].fileflags;
2663 fsetfd(fdp, wfp, dfd);
2664 if ((xfp = funsetfd_locked(fdp, sfd)) != NULL) {
2665 spin_unlock(&fdp->fd_spin);
2668 spin_unlock(&fdp->fd_spin);
2680 * NOT MPSAFE - I think these refer to a common file descriptor table
2681 * and we need to spinlock that to link fdtol in.
2683 struct filedesc_to_leader *
2684 filedesc_to_leader_alloc(struct filedesc_to_leader *old,
2685 struct proc *leader)
2687 struct filedesc_to_leader *fdtol;
2689 fdtol = kmalloc(sizeof(struct filedesc_to_leader),
2690 M_FILEDESC_TO_LEADER, M_WAITOK | M_ZERO);
2691 fdtol->fdl_refcount = 1;
2692 fdtol->fdl_holdcount = 0;
2693 fdtol->fdl_wakeup = 0;
2694 fdtol->fdl_leader = leader;
2696 fdtol->fdl_next = old->fdl_next;
2697 fdtol->fdl_prev = old;
2698 old->fdl_next = fdtol;
2699 fdtol->fdl_next->fdl_prev = fdtol;
2701 fdtol->fdl_next = fdtol;
2702 fdtol->fdl_prev = fdtol;
2708 * Scan all file pointers in the system. The callback is made with
2709 * the master list spinlock held exclusively.
2714 allfiles_scan_exclusive(int (*callback)(struct file *, void *), void *data)
2719 spin_lock(&filehead_spin);
2720 LIST_FOREACH(fp, &filehead, f_list) {
2721 res = callback(fp, data);
2725 spin_unlock(&filehead_spin);
2729 * Get file structures.
2731 * NOT MPSAFE - process list scan, SYSCTL_OUT (probably not mpsafe)
2734 struct sysctl_kern_file_info {
2737 struct sysctl_req *req;
2740 static int sysctl_kern_file_callback(struct proc *p, void *data);
2743 sysctl_kern_file(SYSCTL_HANDLER_ARGS)
2745 struct sysctl_kern_file_info info;
2748 * Note: because the number of file descriptors is calculated
2749 * in different ways for sizing vs returning the data,
2750 * there is information leakage from the first loop. However,
2751 * it is of a similar order of magnitude to the leakage from
2752 * global system statistics such as kern.openfiles.
2754 * When just doing a count, note that we cannot just count
2755 * the elements and add f_count via the filehead list because
2756 * threaded processes share their descriptor table and f_count might
2757 * still be '1' in that case.
2759 * Since the SYSCTL op can block, we must hold the process to
2760 * prevent it being ripped out from under us either in the
2761 * file descriptor loop or in the greater LIST_FOREACH. The
2762 * process may be in varying states of disrepair. If the process
2763 * is in SZOMB we may have caught it just as it is being removed
2764 * from the allproc list, we must skip it in that case to maintain
2765 * an unbroken chain through the allproc list.
2770 allproc_scan(sysctl_kern_file_callback, &info);
2773 * When just calculating the size, overestimate a bit to try to
2774 * prevent system activity from causing the buffer-fill call
2777 if (req->oldptr == NULL) {
2778 info.count = (info.count + 16) + (info.count / 10);
2779 info.error = SYSCTL_OUT(req, NULL,
2780 info.count * sizeof(struct kinfo_file));
2782 return (info.error);
2786 sysctl_kern_file_callback(struct proc *p, void *data)
2788 struct sysctl_kern_file_info *info = data;
2789 struct kinfo_file kf;
2790 struct filedesc *fdp;
2795 if (p->p_stat == SIDL || p->p_stat == SZOMB)
2797 if (!PRISON_CHECK(info->req->td->td_ucred, p->p_ucred) != 0)
2801 * Softref the fdp to prevent it from being destroyed
2803 spin_lock(&p->p_spin);
2804 if ((fdp = p->p_fd) == NULL) {
2805 spin_unlock(&p->p_spin);
2808 atomic_add_int(&fdp->fd_softrefs, 1);
2809 spin_unlock(&p->p_spin);
2812 * The fdp's own spinlock prevents the contents from being
2815 spin_lock_shared(&fdp->fd_spin);
2816 for (n = 0; n < fdp->fd_nfiles; ++n) {
2817 if ((fp = fdp->fd_files[n].fp) == NULL)
2819 if (info->req->oldptr == NULL) {
2822 uid = p->p_ucred ? p->p_ucred->cr_uid : -1;
2823 kcore_make_file(&kf, fp, p->p_pid, uid, n);
2824 spin_unlock_shared(&fdp->fd_spin);
2825 info->error = SYSCTL_OUT(info->req, &kf, sizeof(kf));
2826 spin_lock_shared(&fdp->fd_spin);
2831 spin_unlock_shared(&fdp->fd_spin);
2832 atomic_subtract_int(&fdp->fd_softrefs, 1);
2838 SYSCTL_PROC(_kern, KERN_FILE, file, CTLTYPE_OPAQUE|CTLFLAG_RD,
2839 0, 0, sysctl_kern_file, "S,file", "Entire file table");
2841 SYSCTL_INT(_kern, OID_AUTO, minfilesperproc, CTLFLAG_RW,
2842 &minfilesperproc, 0, "Minimum files allowed open per process");
2843 SYSCTL_INT(_kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW,
2844 &maxfilesperproc, 0, "Maximum files allowed open per process");
2845 SYSCTL_INT(_kern, OID_AUTO, maxfilesperuser, CTLFLAG_RW,
2846 &maxfilesperuser, 0, "Maximum files allowed open per user");
2848 SYSCTL_INT(_kern, KERN_MAXFILES, maxfiles, CTLFLAG_RW,
2849 &maxfiles, 0, "Maximum number of files");
2851 SYSCTL_INT(_kern, OID_AUTO, maxfilesrootres, CTLFLAG_RW,
2852 &maxfilesrootres, 0, "Descriptors reserved for root use");
2854 SYSCTL_INT(_kern, OID_AUTO, openfiles, CTLFLAG_RD,
2855 &nfiles, 0, "System-wide number of open files");
2858 fildesc_drvinit(void *unused)
2862 for (fd = 0; fd < NUMFDESC; fd++) {
2863 make_dev(&fildesc_ops, fd,
2864 UID_BIN, GID_BIN, 0666, "fd/%d", fd);
2867 make_dev(&fildesc_ops, 0, UID_ROOT, GID_WHEEL, 0666, "stdin");
2868 make_dev(&fildesc_ops, 1, UID_ROOT, GID_WHEEL, 0666, "stdout");
2869 make_dev(&fildesc_ops, 2, UID_ROOT, GID_WHEEL, 0666, "stderr");
2875 struct fileops badfileops = {
2876 .fo_read = badfo_readwrite,
2877 .fo_write = badfo_readwrite,
2878 .fo_ioctl = badfo_ioctl,
2879 .fo_kqfilter = badfo_kqfilter,
2880 .fo_stat = badfo_stat,
2881 .fo_close = badfo_close,
2882 .fo_shutdown = badfo_shutdown
2896 badfo_ioctl(struct file *fp, u_long com, caddr_t data,
2897 struct ucred *cred, struct sysmsg *msgv)
2903 * Must return an error to prevent registration, typically
2904 * due to a revoked descriptor (file_filtops assigned).
2907 badfo_kqfilter(struct file *fp, struct knote *kn)
2909 return (EOPNOTSUPP);
2916 badfo_stat(struct file *fp, struct stat *sb, struct ucred *cred)
2925 badfo_close(struct file *fp)
2934 badfo_shutdown(struct file *fp, int how)
2943 nofo_shutdown(struct file *fp, int how)
2945 return (EOPNOTSUPP);
2948 SYSINIT(fildescdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,
2949 fildesc_drvinit,NULL)
projects / dragonfly.git / blob