2 * Copyright (c) 2003,2004 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Matthew Dillon <dillon@backplane.com>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * $DragonFly: src/sys/kern/kern_fp.c,v 1.7 2004/07/29 20:32:59 dillon Exp $
38 * Direct file pointer API functions for in-kernel operations on files. These
39 * functions provide a open/read/write/close like interface within the kernel
40 * for operating on files that are not necessarily associated with processes
41 * and which do not (typically) have descriptors.
43 * FUTURE: file handle conversion routines to support checkpointing,
44 * and additional file operations (ioctl, fcntl).
47 #include <sys/param.h>
48 #include <sys/kernel.h>
49 #include <sys/systm.h>
50 #include <sys/malloc.h>
51 #include <sys/sysproto.h>
53 #include <sys/filedesc.h>
54 #include <sys/sysctl.h>
55 #include <sys/vnode.h>
57 #include <sys/namei.h>
60 #include <sys/filio.h>
61 #include <sys/fcntl.h>
62 #include <sys/unistd.h>
63 #include <sys/resourcevar.h>
64 #include <sys/event.h>
68 #include <vm/vm_param.h>
71 #include <vm/vm_map.h>
72 #include <vm/vm_object.h>
73 #include <vm/vm_page.h>
74 #include <vm/vm_pager.h>
75 #include <vm/vm_pageout.h>
76 #include <vm/vm_extern.h>
77 #include <vm/vm_page.h>
78 #include <vm/vm_kern.h>
80 #include <sys/file2.h>
81 #include <machine/limits.h>
83 typedef struct file *file_t;
88 * Open a file as specified. Use O_* flags for flags.
90 * NOTE! O_ROOTCRED not quite working yet, vn_open() asserts that the
91 * cred must match the process's cred. XXX
93 * NOTE! when fp_open() is called from a pure thread, root creds are
97 fp_open(const char *path, int flags, int mode, file_t *fpp)
104 if ((error = falloc(NULL, fpp, NULL)) != 0)
109 if ((flags & O_ROOTCRED) == 0 && td->td_proc)
110 fsetcred(fp, td->td_proc->p_ucred);
111 NDINIT(&nd, NAMEI_LOOKUP, 0, UIO_SYSSPACE, path, td);
113 NDINIT2(&nd, NAMEI_LOOKUP, 0, UIO_SYSSPACE, path, td, proc0.p_ucred);
115 flags = FFLAGS(flags);
116 if ((error = vn_open(&nd, flags, mode)) == 0) {
117 NDFREE(&nd, NDF_ONLY_PNBUF);
118 fp->f_data = (caddr_t)nd.ni_vp;
121 fp->f_type = DTYPE_VNODE;
122 VOP_UNLOCK(nd.ni_vp, NULL, 0, td);
132 * fp_vpopen(): open a file pointer given a vnode. The vnode must be locked.
133 * The vnode will be returned unlocked whether an error occurs or not.
136 fp_vpopen(struct vnode *vp, int flags, file_t *fpp)
147 * Vnode checks (from vn_open())
149 if (vp->v_type == VLNK) {
153 if (vp->v_type == VSOCK) {
157 flags = FFLAGS(flags);
159 if (flags & (FWRITE | O_TRUNC)) {
160 if (vp->v_type == VDIR) {
164 error = vn_writechk(vp);
172 error = VOP_ACCESS(vp, vmode, td->td_proc->p_ucred, td);
176 error = VOP_OPEN(vp, flags, td->td_proc->p_ucred, td);
180 * Make sure that a VM object is created for VMIO support.
182 if (vn_canvmio(vp) == TRUE) {
183 if ((error = vfs_object_create(vp, td)) != 0)
190 if ((error = falloc(NULL, fpp, NULL)) != 0)
193 if ((flags & O_ROOTCRED) == 0 && td->td_proc)
194 fsetcred(fp, td->td_proc->p_ucred);
195 fp->f_data = (caddr_t)vp;
198 fp->f_type = DTYPE_VNODE;
201 * All done, set return value and update v_writecount now that no more
208 VOP_UNLOCK(vp, NULL, 0, td);
213 * fp_*read() is meant to operate like the normal descriptor based syscalls
214 * would. Note that if 'buf' points to user memory a UIO_USERSPACE
215 * transfer will be used.
218 fp_pread(file_t fp, void *buf, size_t nbytes, off_t offset, ssize_t *res)
227 if (nbytes > INT_MAX)
229 bzero(&auio, sizeof(auio));
230 aiov.iov_base = (caddr_t)buf;
231 aiov.iov_len = nbytes;
232 auio.uio_iov = &aiov;
234 auio.uio_offset = offset;
235 auio.uio_resid = nbytes;
236 auio.uio_rw = UIO_READ;
237 if ((vm_offset_t)buf < VM_MAXUSER_ADDRESS)
238 auio.uio_segflg = UIO_USERSPACE;
240 auio.uio_segflg = UIO_SYSSPACE;
241 auio.uio_td = curthread;
244 error = fo_read(fp, &auio, fp->f_cred, FOF_OFFSET, auio.uio_td);
246 if (auio.uio_resid != nbytes && (error == ERESTART || error == EINTR ||
247 error == EWOULDBLOCK)
252 count -= auio.uio_resid;
259 fp_read(file_t fp, void *buf, size_t nbytes, ssize_t *res)
268 if (nbytes > INT_MAX)
270 bzero(&auio, sizeof(auio));
271 aiov.iov_base = (caddr_t)buf;
272 aiov.iov_len = nbytes;
273 auio.uio_iov = &aiov;
276 auio.uio_resid = nbytes;
277 auio.uio_rw = UIO_READ;
278 if ((vm_offset_t)buf < VM_MAXUSER_ADDRESS)
279 auio.uio_segflg = UIO_USERSPACE;
281 auio.uio_segflg = UIO_SYSSPACE;
282 auio.uio_td = curthread;
285 error = fo_read(fp, &auio, fp->f_cred, 0, auio.uio_td);
287 if (auio.uio_resid != nbytes && (error == ERESTART || error == EINTR ||
288 error == EWOULDBLOCK)
293 count -= auio.uio_resid;
300 fp_pwrite(file_t fp, void *buf, size_t nbytes, off_t offset, ssize_t *res)
309 if (nbytes > INT_MAX)
311 bzero(&auio, sizeof(auio));
312 aiov.iov_base = (caddr_t)buf;
313 aiov.iov_len = nbytes;
314 auio.uio_iov = &aiov;
316 auio.uio_offset = offset;
317 auio.uio_resid = nbytes;
318 auio.uio_rw = UIO_WRITE;
319 if ((vm_offset_t)buf < VM_MAXUSER_ADDRESS)
320 auio.uio_segflg = UIO_USERSPACE;
322 auio.uio_segflg = UIO_SYSSPACE;
323 auio.uio_td = curthread;
326 error = fo_write(fp, &auio, fp->f_cred, FOF_OFFSET, auio.uio_td);
328 if (auio.uio_resid != nbytes && (error == ERESTART || error == EINTR ||
329 error == EWOULDBLOCK)
334 count -= auio.uio_resid;
342 fp_write(file_t fp, void *buf, size_t nbytes, ssize_t *res)
351 if (nbytes > INT_MAX)
353 bzero(&auio, sizeof(auio));
354 aiov.iov_base = (caddr_t)buf;
355 aiov.iov_len = nbytes;
356 auio.uio_iov = &aiov;
359 auio.uio_resid = nbytes;
360 auio.uio_rw = UIO_WRITE;
361 if ((vm_offset_t)buf < VM_MAXUSER_ADDRESS)
362 auio.uio_segflg = UIO_USERSPACE;
364 auio.uio_segflg = UIO_SYSSPACE;
365 auio.uio_td = curthread;
368 error = fo_write(fp, &auio, fp->f_cred, 0, auio.uio_td);
370 if (auio.uio_resid != nbytes && (error == ERESTART || error == EINTR ||
371 error == EWOULDBLOCK)
376 count -= auio.uio_resid;
383 fp_stat(file_t fp, struct stat *ub)
387 error = fo_stat(fp, ub, curthread);
392 * non-anonymous, non-stack descriptor mappings only!
394 * This routine mostly snarfed from vm/vm_mmap.c
397 fp_mmap(void *addr_arg, size_t size, int prot, int flags, struct file *fp,
398 off_t pos, void **resp)
400 struct thread *td = curthread;
401 struct proc *p = td->td_proc;
408 struct vmspace *vms = p->p_vmspace;
410 int disablexworkaround;
414 if ((ssize_t)size < 0 || (flags & MAP_ANON))
417 pageoff = (pos & PAGE_MASK);
420 /* Adjust size for rounding (on both ends). */
421 size += pageoff; /* low end... */
422 size = (vm_size_t)round_page(size); /* hi end */
423 addr = (vm_offset_t)addr_arg;
426 * Check for illegal addresses. Watch out for address wrap... Note
427 * that VM_*_ADDRESS are not constants due to casts (argh).
429 if (flags & MAP_FIXED) {
431 * The specified address must have the same remainder
432 * as the file offset taken modulo PAGE_SIZE, so it
433 * should be aligned after adjustment by pageoff.
436 if (addr & PAGE_MASK)
438 /* Address range must be all in user VM space. */
439 if (VM_MAXUSER_ADDRESS > 0 && addr + size > VM_MAXUSER_ADDRESS)
442 if (VM_MIN_ADDRESS > 0 && addr < VM_MIN_ADDRESS)
445 if (addr + size < addr)
447 } else if (addr == 0 ||
448 (addr >= round_page((vm_offset_t)vms->vm_taddr) &&
449 addr < round_page((vm_offset_t)vms->vm_daddr + maxdsiz))
452 * XXX for non-fixed mappings where no hint is provided or
453 * the hint would fall in the potential heap space,
454 * place it after the end of the largest possible heap.
456 * There should really be a pmap call to determine a reasonable
459 addr = round_page((vm_offset_t)vms->vm_daddr + maxdsiz);
463 * Mapping file, get fp for validation. Obtain vnode and make
464 * sure it is of appropriate type.
466 if (fp->f_type != DTYPE_VNODE)
470 * POSIX shared-memory objects are defined to have
471 * kernel persistence, and are not defined to support
472 * read(2)/write(2) -- or even open(2). Thus, we can
473 * use MAP_ASYNC to trade on-disk coherence for speed.
474 * The shm_open(3) library routine turns on the FPOSIXSHM
475 * flag to request this behavior.
477 if (fp->f_flag & FPOSIXSHM)
479 vp = (struct vnode *) fp->f_data;
480 if (vp->v_type != VREG && vp->v_type != VCHR)
484 * Get the proper underlying object
486 if (vp->v_type == VREG) {
487 if (VOP_GETVOBJECT(vp, &obj) != 0)
489 vp = (struct vnode*)obj->handle;
493 * XXX hack to handle use of /dev/zero to map anon memory (ala
496 if (vp->v_type == VCHR && iszerodev(vp->v_rdev)) {
498 maxprot = VM_PROT_ALL;
503 * cdevs does not provide private mappings of any kind.
506 * However, for XIG X server to continue to work,
507 * we should allow the superuser to do it anyway.
508 * We only allow it at securelevel < 1.
509 * (Because the XIG X server writes directly to video
510 * memory via /dev/mem, it should never work at any
512 * XXX this will have to go
514 if (securelevel >= 1)
515 disablexworkaround = 1;
517 disablexworkaround = suser(td);
518 if (vp->v_type == VCHR && disablexworkaround &&
519 (flags & (MAP_PRIVATE|MAP_COPY))) {
524 * Ensure that file and memory protections are
525 * compatible. Note that we only worry about
526 * writability if mapping is shared; in this case,
527 * current and max prot are dictated by the open file.
528 * XXX use the vnode instead? Problem is: what
529 * credentials do we use for determination? What if
530 * proc does a setuid?
532 maxprot = VM_PROT_EXECUTE; /* ??? */
533 if (fp->f_flag & FREAD) {
534 maxprot |= VM_PROT_READ;
535 } else if (prot & PROT_READ) {
540 * If we are sharing potential changes (either via
541 * MAP_SHARED or via the implicit sharing of character
542 * device mappings), and we are trying to get write
543 * permission although we opened it without asking
544 * for it, bail out. Check for superuser, only if
545 * we're at securelevel < 1, to allow the XIG X server
546 * to continue to work.
549 if ((flags & MAP_SHARED) != 0 ||
550 (vp->v_type == VCHR && disablexworkaround)
552 if ((fp->f_flag & FWRITE) != 0) {
554 if ((error = VOP_GETATTR(vp, &va, td))) {
557 if ((va.va_flags & (IMMUTABLE|APPEND)) == 0) {
558 maxprot |= VM_PROT_WRITE;
559 } else if (prot & PROT_WRITE) {
563 } else if ((prot & PROT_WRITE) != 0) {
568 maxprot |= VM_PROT_WRITE;
572 error = vm_mmap(&vms->vm_map, &addr, size, prot,
573 maxprot, flags, handle, pos);
574 if (error == 0 && addr_arg)
575 *resp = (void *)addr;
583 return(fdrop(fp, curthread));