2 * Copyright (c) 1982, 1986, 1989, 1991, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * @(#)kern_descrip.c 8.6 (Berkeley) 4/19/94
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include "opt_capsicum.h"
41 #include "opt_compat.h"
43 #include "opt_ktrace.h"
44 #include "opt_procdesc.h"
46 #include <sys/param.h>
47 #include <sys/systm.h>
49 #include <sys/capability.h>
51 #include <sys/domain.h>
52 #include <sys/fcntl.h>
54 #include <sys/filedesc.h>
55 #include <sys/filio.h>
57 #include <sys/kernel.h>
59 #include <sys/limits.h>
61 #include <sys/malloc.h>
63 #include <sys/mount.h>
64 #include <sys/mqueue.h>
65 #include <sys/mutex.h>
66 #include <sys/namei.h>
67 #include <sys/selinfo.h>
71 #include <sys/procdesc.h>
72 #include <sys/protosw.h>
73 #include <sys/racct.h>
74 #include <sys/resourcevar.h>
76 #include <sys/signalvar.h>
77 #include <sys/socketvar.h>
80 #include <sys/syscallsubr.h>
81 #include <sys/sysctl.h>
82 #include <sys/sysproto.h>
84 #include <sys/unistd.h>
86 #include <sys/unpcb.h>
88 #include <sys/vnode.h>
90 #include <sys/ktrace.h>
95 #include <netinet/in.h>
96 #include <netinet/in_pcb.h>
98 #include <security/audit/audit.h>
105 static MALLOC_DEFINE(M_FILEDESC, "filedesc", "Open file descriptor table");
106 static MALLOC_DEFINE(M_FILEDESC_TO_LEADER, "filedesc_to_leader",
107 "file desc to leader structures");
108 static MALLOC_DEFINE(M_SIGIO, "sigio", "sigio structures");
109 MALLOC_DEFINE(M_FILECAPS, "filecaps", "descriptor capabilities");
111 MALLOC_DECLARE(M_FADVISE);
113 static uma_zone_t file_zone;
115 void (*ksem_info)(struct ksem *ks, char *path, size_t size, uint32_t *value);
117 static int closefp(struct filedesc *fdp, int fd, struct file *fp,
118 struct thread *td, int holdleaders);
119 static int fd_first_free(struct filedesc *fdp, int low, int size);
120 static int fd_last_used(struct filedesc *fdp, int size);
121 static void fdgrowtable(struct filedesc *fdp, int nfd);
122 static void fdgrowtable_exp(struct filedesc *fdp, int nfd);
123 static void fdunused(struct filedesc *fdp, int fd);
124 static void fdused(struct filedesc *fdp, int fd);
125 static int fill_pipe_info(struct pipe *pi, struct kinfo_file *kif);
126 static int fill_procdesc_info(struct procdesc *pdp,
127 struct kinfo_file *kif);
128 static int fill_pts_info(struct tty *tp, struct kinfo_file *kif);
129 static int fill_sem_info(struct file *fp, struct kinfo_file *kif);
130 static int fill_shm_info(struct file *fp, struct kinfo_file *kif);
131 static int fill_socket_info(struct socket *so, struct kinfo_file *kif);
132 static int fill_vnode_info(struct vnode *vp, struct kinfo_file *kif);
133 static int getmaxfd(struct proc *p);
138 * - An array of open file descriptors (fd_ofiles)
139 * - An array of file flags (fd_ofileflags)
140 * - A bitmap recording which descriptors are in use (fd_map)
142 * A process starts out with NDFILE descriptors. The value of NDFILE has
143 * been selected based the historical limit of 20 open files, and an
144 * assumption that the majority of processes, especially short-lived
145 * processes like shells, will never need more.
147 * If this initial allocation is exhausted, a larger descriptor table and
148 * map are allocated dynamically, and the pointers in the process's struct
149 * filedesc are updated to point to those. This is repeated every time
150 * the process runs out of file descriptors (provided it hasn't hit its
153 * Since threads may hold references to individual descriptor table
154 * entries, the tables are never freed. Instead, they are placed on a
155 * linked list and freed only when the struct filedesc is released.
158 #define NDSLOTSIZE sizeof(NDSLOTTYPE)
159 #define NDENTRIES (NDSLOTSIZE * __CHAR_BIT)
160 #define NDSLOT(x) ((x) / NDENTRIES)
161 #define NDBIT(x) ((NDSLOTTYPE)1 << ((x) % NDENTRIES))
162 #define NDSLOTS(x) (((x) + NDENTRIES - 1) / NDENTRIES)
165 * SLIST entry used to keep track of ofiles which must be reclaimed when
169 struct filedescent *ft_table;
170 SLIST_ENTRY(freetable) ft_next;
174 * Initial allocation: a filedesc structure + the head of SLIST used to
175 * keep track of old ofiles + enough space for NDFILE descriptors.
178 struct filedesc fd_fd;
179 SLIST_HEAD(, freetable) fd_free;
180 struct filedescent fd_dfiles[NDFILE];
181 NDSLOTTYPE fd_dmap[NDSLOTS(NDFILE)];
185 * Descriptor management.
187 volatile int openfiles; /* actual number of open files */
188 struct mtx sigio_lock; /* mtx to protect pointers to sigio */
189 void (*mq_fdclose)(struct thread *td, int fd, struct file *fp);
191 /* A mutex to protect the association between a proc and filedesc. */
192 static struct mtx fdesc_mtx;
195 * If low >= size, just return low. Otherwise find the first zero bit in the
196 * given bitmap, starting at low and not exceeding size - 1. Return size if
200 fd_first_free(struct filedesc *fdp, int low, int size)
202 NDSLOTTYPE *map = fdp->fd_map;
210 if (low % NDENTRIES) {
211 mask = ~(~(NDSLOTTYPE)0 >> (NDENTRIES - (low % NDENTRIES)));
212 if ((mask &= ~map[off]) != 0UL)
213 return (off * NDENTRIES + ffsl(mask) - 1);
216 for (maxoff = NDSLOTS(size); off < maxoff; ++off)
217 if (map[off] != ~0UL)
218 return (off * NDENTRIES + ffsl(~map[off]) - 1);
223 * Find the highest non-zero bit in the given bitmap, starting at 0 and
224 * not exceeding size - 1. Return -1 if not found.
227 fd_last_used(struct filedesc *fdp, int size)
229 NDSLOTTYPE *map = fdp->fd_map;
234 if (size % NDENTRIES) {
235 mask = ~(~(NDSLOTTYPE)0 << (size % NDENTRIES));
236 if ((mask &= map[off]) != 0)
237 return (off * NDENTRIES + flsl(mask) - 1);
240 for (minoff = NDSLOT(0); off >= minoff; --off)
242 return (off * NDENTRIES + flsl(map[off]) - 1);
247 fdisused(struct filedesc *fdp, int fd)
250 FILEDESC_LOCK_ASSERT(fdp);
252 KASSERT(fd >= 0 && fd < fdp->fd_nfiles,
253 ("file descriptor %d out of range (0, %d)", fd, fdp->fd_nfiles));
255 return ((fdp->fd_map[NDSLOT(fd)] & NDBIT(fd)) != 0);
259 * Mark a file descriptor as used.
262 fdused(struct filedesc *fdp, int fd)
265 FILEDESC_XLOCK_ASSERT(fdp);
267 KASSERT(!fdisused(fdp, fd), ("fd=%d is already used", fd));
269 fdp->fd_map[NDSLOT(fd)] |= NDBIT(fd);
270 if (fd > fdp->fd_lastfile)
271 fdp->fd_lastfile = fd;
272 if (fd == fdp->fd_freefile)
273 fdp->fd_freefile = fd_first_free(fdp, fd, fdp->fd_nfiles);
277 * Mark a file descriptor as unused.
280 fdunused(struct filedesc *fdp, int fd)
283 FILEDESC_XLOCK_ASSERT(fdp);
285 KASSERT(fdisused(fdp, fd), ("fd=%d is already unused", fd));
286 KASSERT(fdp->fd_ofiles[fd].fde_file == NULL,
287 ("fd=%d is still in use", fd));
289 fdp->fd_map[NDSLOT(fd)] &= ~NDBIT(fd);
290 if (fd < fdp->fd_freefile)
291 fdp->fd_freefile = fd;
292 if (fd == fdp->fd_lastfile)
293 fdp->fd_lastfile = fd_last_used(fdp, fd);
297 * Free a file descriptor.
300 fdfree(struct filedesc *fdp, int fd)
302 struct filedescent *fde;
304 fde = &fdp->fd_ofiles[fd];
305 filecaps_free(&fde->fde_caps);
306 bzero(fde, sizeof(*fde));
311 * System calls on descriptors.
313 #ifndef _SYS_SYSPROTO_H_
314 struct getdtablesize_args {
320 sys_getdtablesize(struct thread *td, struct getdtablesize_args *uap)
322 struct proc *p = td->td_proc;
327 min((int)lim_cur(p, RLIMIT_NOFILE), maxfilesperproc);
328 lim = racct_get_limit(td->td_proc, RACCT_NOFILE);
330 if (lim < td->td_retval[0])
331 td->td_retval[0] = lim;
336 * Duplicate a file descriptor to a particular value.
338 * Note: keep in mind that a potential race condition exists when closing
339 * descriptors from a shared descriptor table (via rfork).
341 #ifndef _SYS_SYSPROTO_H_
349 sys_dup2(struct thread *td, struct dup2_args *uap)
352 return (do_dup(td, DUP_FIXED, (int)uap->from, (int)uap->to,
357 * Duplicate a file descriptor.
359 #ifndef _SYS_SYSPROTO_H_
366 sys_dup(struct thread *td, struct dup_args *uap)
369 return (do_dup(td, 0, (int)uap->fd, 0, td->td_retval));
373 * The file control system call.
375 #ifndef _SYS_SYSPROTO_H_
384 sys_fcntl(struct thread *td, struct fcntl_args *uap)
399 * Convert old flock structure to new.
401 error = copyin((void *)(intptr_t)uap->arg, &ofl, sizeof(ofl));
402 fl.l_start = ofl.l_start;
403 fl.l_len = ofl.l_len;
404 fl.l_pid = ofl.l_pid;
405 fl.l_type = ofl.l_type;
406 fl.l_whence = ofl.l_whence;
426 error = copyin((void *)(intptr_t)uap->arg, &fl, sizeof(fl));
435 error = kern_fcntl(td, uap->fd, cmd, arg);
438 if (uap->cmd == F_OGETLK) {
439 ofl.l_start = fl.l_start;
440 ofl.l_len = fl.l_len;
441 ofl.l_pid = fl.l_pid;
442 ofl.l_type = fl.l_type;
443 ofl.l_whence = fl.l_whence;
444 error = copyout(&ofl, (void *)(intptr_t)uap->arg, sizeof(ofl));
445 } else if (uap->cmd == F_GETLK) {
446 error = copyout(&fl, (void *)(intptr_t)uap->arg, sizeof(fl));
452 kern_fcntl(struct thread *td, int fd, int cmd, intptr_t arg)
454 struct filedesc *fdp;
456 struct file *fp, *fp2;
457 struct filedescent *fde;
474 error = do_dup(td, DUP_FCNTL, fd, tmp, td->td_retval);
477 case F_DUPFD_CLOEXEC:
479 error = do_dup(td, DUP_FCNTL | DUP_CLOEXEC, fd, tmp,
485 error = do_dup(td, DUP_FIXED, fd, tmp, td->td_retval);
488 case F_DUP2FD_CLOEXEC:
490 error = do_dup(td, DUP_FIXED | DUP_CLOEXEC, fd, tmp,
496 if ((fp = fget_locked(fdp, fd)) == NULL) {
497 FILEDESC_SUNLOCK(fdp);
501 fde = &fdp->fd_ofiles[fd];
503 (fde->fde_flags & UF_EXCLOSE) ? FD_CLOEXEC : 0;
504 FILEDESC_SUNLOCK(fdp);
509 if ((fp = fget_locked(fdp, fd)) == NULL) {
510 FILEDESC_XUNLOCK(fdp);
514 fde = &fdp->fd_ofiles[fd];
515 fde->fde_flags = (fde->fde_flags & ~UF_EXCLOSE) |
516 (arg & FD_CLOEXEC ? UF_EXCLOSE : 0);
517 FILEDESC_XUNLOCK(fdp);
521 error = fget_unlocked(fdp, fd,
522 cap_rights_init(&rights, CAP_FCNTL), F_GETFL, &fp, NULL);
525 td->td_retval[0] = OFLAGS(fp->f_flag);
530 error = fget_unlocked(fdp, fd,
531 cap_rights_init(&rights, CAP_FCNTL), F_SETFL, &fp, NULL);
535 tmp = flg = fp->f_flag;
537 tmp |= FFLAGS(arg & ~O_ACCMODE) & FCNTLFLAGS;
538 } while(atomic_cmpset_int(&fp->f_flag, flg, tmp) == 0);
539 tmp = fp->f_flag & FNONBLOCK;
540 error = fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td);
545 tmp = fp->f_flag & FASYNC;
546 error = fo_ioctl(fp, FIOASYNC, &tmp, td->td_ucred, td);
551 atomic_clear_int(&fp->f_flag, FNONBLOCK);
553 (void)fo_ioctl(fp, FIONBIO, &tmp, td->td_ucred, td);
558 error = fget_unlocked(fdp, fd,
559 cap_rights_init(&rights, CAP_FCNTL), F_GETOWN, &fp, NULL);
562 error = fo_ioctl(fp, FIOGETOWN, &tmp, td->td_ucred, td);
564 td->td_retval[0] = tmp;
569 error = fget_unlocked(fdp, fd,
570 cap_rights_init(&rights, CAP_FCNTL), F_SETOWN, &fp, NULL);
574 error = fo_ioctl(fp, FIOSETOWN, &tmp, td->td_ucred, td);
579 error = priv_check(td, PRIV_NFS_LOCKD);
587 /* FALLTHROUGH F_SETLK */
591 cap_rights_init(&rights, CAP_FLOCK);
592 error = fget_unlocked(fdp, fd, &rights, 0, &fp, NULL);
595 if (fp->f_type != DTYPE_VNODE) {
601 flp = (struct flock *)arg;
602 if (flp->l_whence == SEEK_CUR) {
603 foffset = foffset_get(fp);
606 foffset > OFF_MAX - flp->l_start)) {
607 FILEDESC_SUNLOCK(fdp);
612 flp->l_start += foffset;
616 switch (flp->l_type) {
618 if ((fp->f_flag & FREAD) == 0) {
622 PROC_LOCK(p->p_leader);
623 p->p_leader->p_flag |= P_ADVLOCK;
624 PROC_UNLOCK(p->p_leader);
625 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK,
629 if ((fp->f_flag & FWRITE) == 0) {
633 PROC_LOCK(p->p_leader);
634 p->p_leader->p_flag |= P_ADVLOCK;
635 PROC_UNLOCK(p->p_leader);
636 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_SETLK,
640 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_UNLCK,
645 * Temporary api for testing remote lock
648 if (flg != F_REMOTE) {
652 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader,
653 F_UNLCKSYS, flp, flg);
659 if (error != 0 || flp->l_type == F_UNLCK ||
660 flp->l_type == F_UNLCKSYS) {
666 * Check for a race with close.
668 * The vnode is now advisory locked (or unlocked, but this case
669 * is not really important) as the caller requested.
670 * We had to drop the filedesc lock, so we need to recheck if
671 * the descriptor is still valid, because if it was closed
672 * in the meantime we need to remove advisory lock from the
673 * vnode - close on any descriptor leading to an advisory
674 * locked vnode, removes that lock.
675 * We will return 0 on purpose in that case, as the result of
676 * successful advisory lock might have been externally visible
677 * already. This is fine - effectively we pretend to the caller
678 * that the closing thread was a bit slower and that the
679 * advisory lock succeeded before the close.
681 error = fget_unlocked(fdp, fd, &rights, 0, &fp2, NULL);
687 flp->l_whence = SEEK_SET;
690 flp->l_type = F_UNLCK;
691 (void) VOP_ADVLOCK(vp, (caddr_t)p->p_leader,
692 F_UNLCK, flp, F_POSIX);
699 error = fget_unlocked(fdp, fd,
700 cap_rights_init(&rights, CAP_FLOCK), 0, &fp, NULL);
703 if (fp->f_type != DTYPE_VNODE) {
708 flp = (struct flock *)arg;
709 if (flp->l_type != F_RDLCK && flp->l_type != F_WRLCK &&
710 flp->l_type != F_UNLCK) {
715 if (flp->l_whence == SEEK_CUR) {
716 foffset = foffset_get(fp);
717 if ((flp->l_start > 0 &&
718 foffset > OFF_MAX - flp->l_start) ||
720 foffset < OFF_MIN - flp->l_start)) {
721 FILEDESC_SUNLOCK(fdp);
726 flp->l_start += foffset;
729 error = VOP_ADVLOCK(vp, (caddr_t)p->p_leader, F_GETLK, flp,
735 arg = arg ? 128 * 1024: 0;
738 error = fget_unlocked(fdp, fd, NULL, 0, &fp, NULL);
741 if (fp->f_type != DTYPE_VNODE) {
748 error = vn_lock(vp, LK_SHARED);
753 bsize = fp->f_vnode->v_mount->mnt_stat.f_iosize;
755 fp->f_seqcount = (arg + bsize - 1) / bsize;
757 new = old = fp->f_flag;
759 } while (!atomic_cmpset_rel_int(&fp->f_flag, old, new));
762 new = old = fp->f_flag;
764 } while (!atomic_cmpset_rel_int(&fp->f_flag, old, new));
777 getmaxfd(struct proc *p)
782 maxfd = min((int)lim_cur(p, RLIMIT_NOFILE), maxfilesperproc);
789 * Common code for dup, dup2, fcntl(F_DUPFD) and fcntl(F_DUP2FD).
792 do_dup(struct thread *td, int flags, int old, int new,
795 struct filedesc *fdp;
796 struct filedescent *oldfde, *newfde;
806 * Verify we have a valid descriptor to dup from and possibly to
807 * dup to. Unlike dup() and dup2(), fcntl()'s F_DUPFD should
808 * return EINVAL when the new descriptor is out of bounds.
813 return (flags & DUP_FCNTL ? EINVAL : EBADF);
816 return (flags & DUP_FCNTL ? EINVAL : EBADF);
819 if (fget_locked(fdp, old) == NULL) {
820 FILEDESC_XUNLOCK(fdp);
823 oldfde = &fdp->fd_ofiles[old];
824 if (flags & DUP_FIXED && old == new) {
826 if (flags & DUP_CLOEXEC)
827 fdp->fd_ofiles[new].fde_flags |= UF_EXCLOSE;
828 FILEDESC_XUNLOCK(fdp);
831 fp = oldfde->fde_file;
835 * If the caller specified a file descriptor, make sure the file
836 * table is large enough to hold it, and grab it. Otherwise, just
837 * allocate a new descriptor the usual way.
839 if (flags & DUP_FIXED) {
840 if (new >= fdp->fd_nfiles) {
842 * The resource limits are here instead of e.g.
843 * fdalloc(), because the file descriptor table may be
844 * shared between processes, so we can't really use
845 * racct_add()/racct_sub(). Instead of counting the
846 * number of actually allocated descriptors, just put
847 * the limit on the size of the file descriptor table.
851 error = racct_set(p, RACCT_NOFILE, new + 1);
854 FILEDESC_XUNLOCK(fdp);
859 fdgrowtable_exp(fdp, new + 1);
860 oldfde = &fdp->fd_ofiles[old];
862 newfde = &fdp->fd_ofiles[new];
863 if (newfde->fde_file == NULL)
866 if ((error = fdalloc(td, new, &new)) != 0) {
867 FILEDESC_XUNLOCK(fdp);
871 newfde = &fdp->fd_ofiles[new];
874 KASSERT(fp == oldfde->fde_file, ("old fd has been modified"));
875 KASSERT(old != new, ("new fd is same as old"));
877 delfp = newfde->fde_file;
880 * Duplicate the source descriptor.
882 filecaps_free(&newfde->fde_caps);
884 filecaps_copy(&oldfde->fde_caps, &newfde->fde_caps);
885 if ((flags & DUP_CLOEXEC) != 0)
886 newfde->fde_flags = oldfde->fde_flags | UF_EXCLOSE;
888 newfde->fde_flags = oldfde->fde_flags & ~UF_EXCLOSE;
889 if (new > fdp->fd_lastfile)
890 fdp->fd_lastfile = new;
894 (void) closefp(fdp, new, delfp, td, 1);
895 /* closefp() drops the FILEDESC lock for us. */
897 FILEDESC_XUNLOCK(fdp);
904 * If sigio is on the list associated with a process or process group,
905 * disable signalling from the device, remove sigio from the list and
909 funsetown(struct sigio **sigiop)
919 *(sigio->sio_myref) = NULL;
920 if ((sigio)->sio_pgid < 0) {
921 struct pgrp *pg = (sigio)->sio_pgrp;
923 SLIST_REMOVE(&sigio->sio_pgrp->pg_sigiolst, sigio,
927 struct proc *p = (sigio)->sio_proc;
929 SLIST_REMOVE(&sigio->sio_proc->p_sigiolst, sigio,
934 crfree(sigio->sio_ucred);
935 free(sigio, M_SIGIO);
939 * Free a list of sigio structures.
940 * We only need to lock the SIGIO_LOCK because we have made ourselves
941 * inaccessible to callers of fsetown and therefore do not need to lock
942 * the proc or pgrp struct for the list manipulation.
945 funsetownlst(struct sigiolst *sigiolst)
951 sigio = SLIST_FIRST(sigiolst);
958 * Every entry of the list should belong
959 * to a single proc or pgrp.
961 if (sigio->sio_pgid < 0) {
962 pg = sigio->sio_pgrp;
963 PGRP_LOCK_ASSERT(pg, MA_NOTOWNED);
964 } else /* if (sigio->sio_pgid > 0) */ {
966 PROC_LOCK_ASSERT(p, MA_NOTOWNED);
970 while ((sigio = SLIST_FIRST(sigiolst)) != NULL) {
971 *(sigio->sio_myref) = NULL;
973 KASSERT(sigio->sio_pgid < 0,
974 ("Proc sigio in pgrp sigio list"));
975 KASSERT(sigio->sio_pgrp == pg,
976 ("Bogus pgrp in sigio list"));
978 SLIST_REMOVE(&pg->pg_sigiolst, sigio, sigio,
981 } else /* if (p != NULL) */ {
982 KASSERT(sigio->sio_pgid > 0,
983 ("Pgrp sigio in proc sigio list"));
984 KASSERT(sigio->sio_proc == p,
985 ("Bogus proc in sigio list"));
987 SLIST_REMOVE(&p->p_sigiolst, sigio, sigio,
992 crfree(sigio->sio_ucred);
993 free(sigio, M_SIGIO);
1000 * This is common code for FIOSETOWN ioctl called by fcntl(fd, F_SETOWN, arg).
1002 * After permission checking, add a sigio structure to the sigio list for
1003 * the process or process group.
1006 fsetown(pid_t pgid, struct sigio **sigiop)
1010 struct sigio *sigio;
1020 /* Allocate and fill in the new sigio out of locks. */
1021 sigio = malloc(sizeof(struct sigio), M_SIGIO, M_WAITOK);
1022 sigio->sio_pgid = pgid;
1023 sigio->sio_ucred = crhold(curthread->td_ucred);
1024 sigio->sio_myref = sigiop;
1026 sx_slock(&proctree_lock);
1035 * Policy - Don't allow a process to FSETOWN a process
1036 * in another session.
1038 * Remove this test to allow maximum flexibility or
1039 * restrict FSETOWN to the current process or process
1040 * group for maximum safety.
1043 if (proc->p_session != curthread->td_proc->p_session) {
1049 } else /* if (pgid < 0) */ {
1050 pgrp = pgfind(-pgid);
1058 * Policy - Don't allow a process to FSETOWN a process
1059 * in another session.
1061 * Remove this test to allow maximum flexibility or
1062 * restrict FSETOWN to the current process or process
1063 * group for maximum safety.
1065 if (pgrp->pg_session != curthread->td_proc->p_session) {
1076 * Since funsetownlst() is called without the proctree
1077 * locked, we need to check for P_WEXIT.
1078 * XXX: is ESRCH correct?
1080 if ((proc->p_flag & P_WEXIT) != 0) {
1085 SLIST_INSERT_HEAD(&proc->p_sigiolst, sigio, sio_pgsigio);
1086 sigio->sio_proc = proc;
1090 SLIST_INSERT_HEAD(&pgrp->pg_sigiolst, sigio, sio_pgsigio);
1091 sigio->sio_pgrp = pgrp;
1094 sx_sunlock(&proctree_lock);
1101 sx_sunlock(&proctree_lock);
1102 crfree(sigio->sio_ucred);
1103 free(sigio, M_SIGIO);
1108 * This is common code for FIOGETOWN ioctl called by fcntl(fd, F_GETOWN, arg).
1112 struct sigio **sigiop;
1117 pgid = (*sigiop != NULL) ? (*sigiop)->sio_pgid : 0;
1123 * Function drops the filedesc lock on return.
1126 closefp(struct filedesc *fdp, int fd, struct file *fp, struct thread *td,
1131 FILEDESC_XLOCK_ASSERT(fdp);
1134 if (td->td_proc->p_fdtol != NULL) {
1136 * Ask fdfree() to sleep to ensure that all relevant
1137 * process leaders can be traversed in closef().
1139 fdp->fd_holdleaderscount++;
1146 * We now hold the fp reference that used to be owned by the
1147 * descriptor array. We have to unlock the FILEDESC *AFTER*
1148 * knote_fdclose to prevent a race of the fd getting opened, a knote
1149 * added, and deleteing a knote for the new fd.
1151 knote_fdclose(td, fd);
1154 * We need to notify mqueue if the object is of type mqueue.
1156 if (fp->f_type == DTYPE_MQUEUE)
1157 mq_fdclose(td, fd, fp);
1158 FILEDESC_XUNLOCK(fdp);
1160 error = closef(fp, td);
1162 FILEDESC_XLOCK(fdp);
1163 fdp->fd_holdleaderscount--;
1164 if (fdp->fd_holdleaderscount == 0 &&
1165 fdp->fd_holdleaderswakeup != 0) {
1166 fdp->fd_holdleaderswakeup = 0;
1167 wakeup(&fdp->fd_holdleaderscount);
1169 FILEDESC_XUNLOCK(fdp);
1175 * Close a file descriptor.
1177 #ifndef _SYS_SYSPROTO_H_
1186 struct close_args *uap;
1189 return (kern_close(td, uap->fd));
1197 struct filedesc *fdp;
1200 fdp = td->td_proc->p_fd;
1202 AUDIT_SYSCLOSE(td, fd);
1204 FILEDESC_XLOCK(fdp);
1205 if ((fp = fget_locked(fdp, fd)) == NULL) {
1206 FILEDESC_XUNLOCK(fdp);
1211 /* closefp() drops the FILEDESC lock for us. */
1212 return (closefp(fdp, fd, fp, td, 1));
1216 * Close open file descriptors.
1218 #ifndef _SYS_SYSPROTO_H_
1219 struct closefrom_args {
1225 sys_closefrom(struct thread *td, struct closefrom_args *uap)
1227 struct filedesc *fdp;
1230 fdp = td->td_proc->p_fd;
1231 AUDIT_ARG_FD(uap->lowfd);
1234 * Treat negative starting file descriptor values identical to
1235 * closefrom(0) which closes all files.
1239 FILEDESC_SLOCK(fdp);
1240 for (fd = uap->lowfd; fd < fdp->fd_nfiles; fd++) {
1241 if (fdp->fd_ofiles[fd].fde_file != NULL) {
1242 FILEDESC_SUNLOCK(fdp);
1243 (void)kern_close(td, fd);
1244 FILEDESC_SLOCK(fdp);
1247 FILEDESC_SUNLOCK(fdp);
1251 #if defined(COMPAT_43)
1253 * Return status information about a file descriptor.
1255 #ifndef _SYS_SYSPROTO_H_
1256 struct ofstat_args {
1263 ofstat(struct thread *td, struct ofstat_args *uap)
1269 error = kern_fstat(td, uap->fd, &ub);
1272 error = copyout(&oub, uap->sb, sizeof(oub));
1276 #endif /* COMPAT_43 */
1279 * Return status information about a file descriptor.
1281 #ifndef _SYS_SYSPROTO_H_
1289 sys_fstat(struct thread *td, struct fstat_args *uap)
1294 error = kern_fstat(td, uap->fd, &ub);
1296 error = copyout(&ub, uap->sb, sizeof(ub));
1301 kern_fstat(struct thread *td, int fd, struct stat *sbp)
1304 cap_rights_t rights;
1309 error = fget(td, fd, cap_rights_init(&rights, CAP_FSTAT), &fp);
1313 AUDIT_ARG_FILE(td->td_proc, fp);
1315 error = fo_stat(fp, sbp, td->td_ucred, td);
1318 if (error == 0 && KTRPOINT(td, KTR_STRUCT))
1325 * Return status information about a file descriptor.
1327 #ifndef _SYS_SYSPROTO_H_
1328 struct nfstat_args {
1335 sys_nfstat(struct thread *td, struct nfstat_args *uap)
1341 error = kern_fstat(td, uap->fd, &ub);
1343 cvtnstat(&ub, &nub);
1344 error = copyout(&nub, uap->sb, sizeof(nub));
1350 * Return pathconf information about a file descriptor.
1352 #ifndef _SYS_SYSPROTO_H_
1353 struct fpathconf_args {
1360 sys_fpathconf(struct thread *td, struct fpathconf_args *uap)
1364 cap_rights_t rights;
1367 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_FPATHCONF), &fp);
1371 /* If asynchronous I/O is available, it works for all descriptors. */
1372 if (uap->name == _PC_ASYNC_IO) {
1373 td->td_retval[0] = async_io_version;
1378 vn_lock(vp, LK_SHARED | LK_RETRY);
1379 error = VOP_PATHCONF(vp, uap->name, td->td_retval);
1381 } else if (fp->f_type == DTYPE_PIPE || fp->f_type == DTYPE_SOCKET) {
1382 if (uap->name != _PC_PIPE_BUF) {
1385 td->td_retval[0] = PIPE_BUF;
1397 * Initialize filecaps structure.
1400 filecaps_init(struct filecaps *fcaps)
1403 bzero(fcaps, sizeof(*fcaps));
1404 fcaps->fc_nioctls = -1;
1408 * Copy filecaps structure allocating memory for ioctls array if needed.
1411 filecaps_copy(const struct filecaps *src, struct filecaps *dst)
1416 if (src->fc_ioctls != NULL) {
1417 KASSERT(src->fc_nioctls > 0,
1418 ("fc_ioctls != NULL, but fc_nioctls=%hd", src->fc_nioctls));
1420 size = sizeof(src->fc_ioctls[0]) * src->fc_nioctls;
1421 dst->fc_ioctls = malloc(size, M_FILECAPS, M_WAITOK);
1422 bcopy(src->fc_ioctls, dst->fc_ioctls, size);
1427 * Move filecaps structure to the new place and clear the old place.
1430 filecaps_move(struct filecaps *src, struct filecaps *dst)
1434 bzero(src, sizeof(*src));
1438 * Fill the given filecaps structure with full rights.
1441 filecaps_fill(struct filecaps *fcaps)
1444 CAP_ALL(&fcaps->fc_rights);
1445 fcaps->fc_ioctls = NULL;
1446 fcaps->fc_nioctls = -1;
1447 fcaps->fc_fcntls = CAP_FCNTL_ALL;
1451 * Free memory allocated within filecaps structure.
1454 filecaps_free(struct filecaps *fcaps)
1457 free(fcaps->fc_ioctls, M_FILECAPS);
1458 bzero(fcaps, sizeof(*fcaps));
1462 * Validate the given filecaps structure.
1465 filecaps_validate(const struct filecaps *fcaps, const char *func)
1468 KASSERT(cap_rights_is_valid(&fcaps->fc_rights),
1469 ("%s: invalid rights", func));
1470 KASSERT((fcaps->fc_fcntls & ~CAP_FCNTL_ALL) == 0,
1471 ("%s: invalid fcntls", func));
1472 KASSERT(fcaps->fc_fcntls == 0 ||
1473 cap_rights_is_set(&fcaps->fc_rights, CAP_FCNTL),
1474 ("%s: fcntls without CAP_FCNTL", func));
1475 KASSERT(fcaps->fc_ioctls != NULL ? fcaps->fc_nioctls > 0 :
1476 (fcaps->fc_nioctls == -1 || fcaps->fc_nioctls == 0),
1477 ("%s: invalid ioctls", func));
1478 KASSERT(fcaps->fc_nioctls == 0 ||
1479 cap_rights_is_set(&fcaps->fc_rights, CAP_IOCTL),
1480 ("%s: ioctls without CAP_IOCTL", func));
1484 fdgrowtable_exp(struct filedesc *fdp, int nfd)
1488 FILEDESC_XLOCK_ASSERT(fdp);
1490 nfd1 = fdp->fd_nfiles * 2;
1493 fdgrowtable(fdp, nfd1);
1497 * Grow the file table to accomodate (at least) nfd descriptors.
1500 fdgrowtable(struct filedesc *fdp, int nfd)
1502 struct filedesc0 *fdp0;
1503 struct freetable *ft;
1504 struct filedescent *ntable;
1505 struct filedescent *otable;
1506 int nnfiles, onfiles;
1507 NDSLOTTYPE *nmap, *omap;
1509 FILEDESC_XLOCK_ASSERT(fdp);
1511 KASSERT(fdp->fd_nfiles > 0, ("zero-length file table"));
1513 /* save old values */
1514 onfiles = fdp->fd_nfiles;
1515 otable = fdp->fd_ofiles;
1518 /* compute the size of the new table */
1519 nnfiles = NDSLOTS(nfd) * NDENTRIES; /* round up */
1520 if (nnfiles <= onfiles)
1521 /* the table is already large enough */
1525 * Allocate a new table. We need enough space for the
1526 * file entries themselves and the struct freetable we will use
1527 * when we decommission the table and place it on the freelist.
1528 * We place the struct freetable in the middle so we don't have
1529 * to worry about padding.
1531 ntable = malloc(nnfiles * sizeof(ntable[0]) + sizeof(struct freetable),
1532 M_FILEDESC, M_ZERO | M_WAITOK);
1533 /* copy the old data over and point at the new tables */
1534 memcpy(ntable, otable, onfiles * sizeof(*otable));
1535 fdp->fd_ofiles = ntable;
1538 * Allocate a new map only if the old is not large enough. It will
1539 * grow at a slower rate than the table as it can map more
1540 * entries than the table can hold.
1542 if (NDSLOTS(nnfiles) > NDSLOTS(onfiles)) {
1543 nmap = malloc(NDSLOTS(nnfiles) * NDSLOTSIZE, M_FILEDESC,
1545 /* copy over the old data and update the pointer */
1546 memcpy(nmap, omap, NDSLOTS(onfiles) * sizeof(*omap));
1551 * In order to have a valid pattern for fget_unlocked()
1552 * fdp->fd_nfiles must be the last member to be updated, otherwise
1553 * fget_unlocked() consumers may reference a new, higher value for
1554 * fdp->fd_nfiles before to access the fdp->fd_ofiles array,
1555 * resulting in OOB accesses.
1557 atomic_store_rel_int(&fdp->fd_nfiles, nnfiles);
1560 * Do not free the old file table, as some threads may still
1561 * reference entries within it. Instead, place it on a freelist
1562 * which will be processed when the struct filedesc is released.
1564 * Note that if onfiles == NDFILE, we're dealing with the original
1565 * static allocation contained within (struct filedesc0 *)fdp,
1566 * which must not be freed.
1568 if (onfiles > NDFILE) {
1569 ft = (struct freetable *)&otable[onfiles];
1570 fdp0 = (struct filedesc0 *)fdp;
1571 ft->ft_table = otable;
1572 SLIST_INSERT_HEAD(&fdp0->fd_free, ft, ft_next);
1575 * The map does not have the same possibility of threads still
1576 * holding references to it. So always free it as long as it
1577 * does not reference the original static allocation.
1579 if (NDSLOTS(onfiles) > NDSLOTS(NDFILE))
1580 free(omap, M_FILEDESC);
1584 * Allocate a file descriptor for the process.
1587 fdalloc(struct thread *td, int minfd, int *result)
1589 struct proc *p = td->td_proc;
1590 struct filedesc *fdp = p->p_fd;
1591 int fd = -1, maxfd, allocfd;
1596 FILEDESC_XLOCK_ASSERT(fdp);
1598 if (fdp->fd_freefile > minfd)
1599 minfd = fdp->fd_freefile;
1601 maxfd = getmaxfd(p);
1604 * Search the bitmap for a free descriptor starting at minfd.
1605 * If none is found, grow the file table.
1607 fd = fd_first_free(fdp, minfd, fdp->fd_nfiles);
1610 if (fd >= fdp->fd_nfiles) {
1611 allocfd = min(fd * 2, maxfd);
1614 error = racct_set(p, RACCT_NOFILE, allocfd);
1620 * fd is already equal to first free descriptor >= minfd, so
1621 * we only need to grow the table and we are done.
1623 fdgrowtable_exp(fdp, allocfd);
1627 * Perform some sanity checks, then mark the file descriptor as
1628 * used and return it to the caller.
1630 KASSERT(fd >= 0 && fd < min(maxfd, fdp->fd_nfiles),
1631 ("invalid descriptor %d", fd));
1632 KASSERT(!fdisused(fdp, fd),
1633 ("fd_first_free() returned non-free descriptor"));
1634 KASSERT(fdp->fd_ofiles[fd].fde_file == NULL,
1635 ("file descriptor isn't free"));
1636 KASSERT(fdp->fd_ofiles[fd].fde_flags == 0, ("file flags are set"));
1643 * Allocate n file descriptors for the process.
1646 fdallocn(struct thread *td, int minfd, int *fds, int n)
1648 struct proc *p = td->td_proc;
1649 struct filedesc *fdp = p->p_fd;
1652 FILEDESC_XLOCK_ASSERT(fdp);
1654 if (!fdavail(td, n))
1657 for (i = 0; i < n; i++)
1658 if (fdalloc(td, 0, &fds[i]) != 0)
1662 for (i--; i >= 0; i--)
1663 fdunused(fdp, fds[i]);
1671 * Check to see whether n user file descriptors are available to the process
1675 fdavail(struct thread *td, int n)
1677 struct proc *p = td->td_proc;
1678 struct filedesc *fdp = td->td_proc->p_fd;
1681 FILEDESC_LOCK_ASSERT(fdp);
1684 * XXX: This is only called from uipc_usrreq.c:unp_externalize();
1685 * call racct_add() from there instead of dealing with containers
1689 if ((i = lim - fdp->fd_nfiles) > 0 && (n -= i) <= 0)
1691 last = min(fdp->fd_nfiles, lim);
1692 for (i = fdp->fd_freefile; i < last; i++) {
1693 if (fdp->fd_ofiles[i].fde_file == NULL && --n <= 0)
1700 * Create a new open file structure and allocate a file decriptor for the
1701 * process that refers to it. We add one reference to the file for the
1702 * descriptor table and one reference for resultfp. This is to prevent us
1703 * being preempted and the entry in the descriptor table closed after we
1704 * release the FILEDESC lock.
1707 falloc(struct thread *td, struct file **resultfp, int *resultfd, int flags)
1712 error = falloc_noinstall(td, &fp);
1714 return (error); /* no reference held on error */
1716 error = finstall(td, fp, &fd, flags, NULL);
1718 fdrop(fp, td); /* one reference (fp only) */
1722 if (resultfp != NULL)
1723 *resultfp = fp; /* copy out result */
1725 fdrop(fp, td); /* release local reference */
1727 if (resultfd != NULL)
1734 * Create a new open file structure without allocating a file descriptor.
1737 falloc_noinstall(struct thread *td, struct file **resultfp)
1740 int maxuserfiles = maxfiles - (maxfiles / 20);
1741 static struct timeval lastfail;
1744 KASSERT(resultfp != NULL, ("%s: resultfp == NULL", __func__));
1746 if ((openfiles >= maxuserfiles &&
1747 priv_check(td, PRIV_MAXFILES) != 0) ||
1748 openfiles >= maxfiles) {
1749 if (ppsratecheck(&lastfail, &curfail, 1)) {
1750 printf("kern.maxfiles limit exceeded by uid %i, "
1751 "please see tuning(7).\n", td->td_ucred->cr_ruid);
1755 atomic_add_int(&openfiles, 1);
1756 fp = uma_zalloc(file_zone, M_WAITOK | M_ZERO);
1757 refcount_init(&fp->f_count, 1);
1758 fp->f_cred = crhold(td->td_ucred);
1759 fp->f_ops = &badfileops;
1767 * Install a file in a file descriptor table.
1770 finstall(struct thread *td, struct file *fp, int *fd, int flags,
1771 struct filecaps *fcaps)
1773 struct filedesc *fdp = td->td_proc->p_fd;
1774 struct filedescent *fde;
1777 KASSERT(fd != NULL, ("%s: fd == NULL", __func__));
1778 KASSERT(fp != NULL, ("%s: fp == NULL", __func__));
1780 filecaps_validate(fcaps, __func__);
1782 FILEDESC_XLOCK(fdp);
1783 if ((error = fdalloc(td, 0, fd))) {
1784 FILEDESC_XUNLOCK(fdp);
1788 fde = &fdp->fd_ofiles[*fd];
1790 if ((flags & O_CLOEXEC) != 0)
1791 fde->fde_flags |= UF_EXCLOSE;
1793 filecaps_move(fcaps, &fde->fde_caps);
1795 filecaps_fill(&fde->fde_caps);
1796 FILEDESC_XUNLOCK(fdp);
1801 * Build a new filedesc structure from another.
1802 * Copy the current, root, and jail root vnode references.
1805 fdinit(struct filedesc *fdp)
1807 struct filedesc0 *newfdp;
1809 newfdp = malloc(sizeof *newfdp, M_FILEDESC, M_WAITOK | M_ZERO);
1810 FILEDESC_LOCK_INIT(&newfdp->fd_fd);
1812 FILEDESC_SLOCK(fdp);
1813 newfdp->fd_fd.fd_cdir = fdp->fd_cdir;
1814 if (newfdp->fd_fd.fd_cdir)
1815 VREF(newfdp->fd_fd.fd_cdir);
1816 newfdp->fd_fd.fd_rdir = fdp->fd_rdir;
1817 if (newfdp->fd_fd.fd_rdir)
1818 VREF(newfdp->fd_fd.fd_rdir);
1819 newfdp->fd_fd.fd_jdir = fdp->fd_jdir;
1820 if (newfdp->fd_fd.fd_jdir)
1821 VREF(newfdp->fd_fd.fd_jdir);
1822 FILEDESC_SUNLOCK(fdp);
1825 /* Create the file descriptor table. */
1826 newfdp->fd_fd.fd_refcnt = 1;
1827 newfdp->fd_fd.fd_holdcnt = 1;
1828 newfdp->fd_fd.fd_cmask = CMASK;
1829 newfdp->fd_fd.fd_ofiles = newfdp->fd_dfiles;
1830 newfdp->fd_fd.fd_nfiles = NDFILE;
1831 newfdp->fd_fd.fd_map = newfdp->fd_dmap;
1832 newfdp->fd_fd.fd_lastfile = -1;
1833 return (&newfdp->fd_fd);
1836 static struct filedesc *
1837 fdhold(struct proc *p)
1839 struct filedesc *fdp;
1841 mtx_lock(&fdesc_mtx);
1845 mtx_unlock(&fdesc_mtx);
1850 fddrop(struct filedesc *fdp)
1852 struct filedesc0 *fdp0;
1853 struct freetable *ft;
1856 mtx_lock(&fdesc_mtx);
1857 i = --fdp->fd_holdcnt;
1858 mtx_unlock(&fdesc_mtx);
1862 FILEDESC_LOCK_DESTROY(fdp);
1863 fdp0 = (struct filedesc0 *)fdp;
1864 while ((ft = SLIST_FIRST(&fdp0->fd_free)) != NULL) {
1865 SLIST_REMOVE_HEAD(&fdp0->fd_free, ft_next);
1866 free(ft->ft_table, M_FILEDESC);
1868 free(fdp, M_FILEDESC);
1872 * Share a filedesc structure.
1875 fdshare(struct filedesc *fdp)
1878 FILEDESC_XLOCK(fdp);
1880 FILEDESC_XUNLOCK(fdp);
1885 * Unshare a filedesc structure, if necessary by making a copy
1888 fdunshare(struct proc *p, struct thread *td)
1891 FILEDESC_XLOCK(p->p_fd);
1892 if (p->p_fd->fd_refcnt > 1) {
1893 struct filedesc *tmp;
1895 FILEDESC_XUNLOCK(p->p_fd);
1896 tmp = fdcopy(p->p_fd);
1900 FILEDESC_XUNLOCK(p->p_fd);
1904 * Copy a filedesc structure. A NULL pointer in returns a NULL reference,
1905 * this is to ease callers, not catch errors.
1908 fdcopy(struct filedesc *fdp)
1910 struct filedesc *newfdp;
1911 struct filedescent *nfde, *ofde;
1914 /* Certain daemons might not have file descriptors. */
1918 newfdp = fdinit(fdp);
1919 FILEDESC_SLOCK(fdp);
1920 while (fdp->fd_lastfile >= newfdp->fd_nfiles) {
1921 FILEDESC_SUNLOCK(fdp);
1922 FILEDESC_XLOCK(newfdp);
1923 fdgrowtable(newfdp, fdp->fd_lastfile + 1);
1924 FILEDESC_XUNLOCK(newfdp);
1925 FILEDESC_SLOCK(fdp);
1927 /* copy all passable descriptors (i.e. not kqueue) */
1928 newfdp->fd_freefile = -1;
1929 for (i = 0; i <= fdp->fd_lastfile; ++i) {
1930 ofde = &fdp->fd_ofiles[i];
1931 if (fdisused(fdp, i) &&
1932 (ofde->fde_file->f_ops->fo_flags & DFLAG_PASSABLE) &&
1933 ofde->fde_file->f_ops != &badfileops) {
1934 nfde = &newfdp->fd_ofiles[i];
1936 filecaps_copy(&ofde->fde_caps, &nfde->fde_caps);
1937 fhold(nfde->fde_file);
1938 newfdp->fd_lastfile = i;
1940 if (newfdp->fd_freefile == -1)
1941 newfdp->fd_freefile = i;
1944 newfdp->fd_cmask = fdp->fd_cmask;
1945 FILEDESC_SUNLOCK(fdp);
1946 FILEDESC_XLOCK(newfdp);
1947 for (i = 0; i <= newfdp->fd_lastfile; ++i) {
1948 if (newfdp->fd_ofiles[i].fde_file != NULL)
1951 if (newfdp->fd_freefile == -1)
1952 newfdp->fd_freefile = i;
1953 FILEDESC_XUNLOCK(newfdp);
1958 * Release a filedesc structure.
1961 fdescfree(struct thread *td)
1963 struct filedesc *fdp;
1965 struct filedesc_to_leader *fdtol;
1967 struct vnode *cdir, *jdir, *rdir, *vp;
1970 /* Certain daemons might not have file descriptors. */
1971 fdp = td->td_proc->p_fd;
1976 PROC_LOCK(td->td_proc);
1977 racct_set(td->td_proc, RACCT_NOFILE, 0);
1978 PROC_UNLOCK(td->td_proc);
1981 /* Check for special need to clear POSIX style locks */
1982 fdtol = td->td_proc->p_fdtol;
1983 if (fdtol != NULL) {
1984 FILEDESC_XLOCK(fdp);
1985 KASSERT(fdtol->fdl_refcount > 0,
1986 ("filedesc_to_refcount botch: fdl_refcount=%d",
1987 fdtol->fdl_refcount));
1988 if (fdtol->fdl_refcount == 1 &&
1989 (td->td_proc->p_leader->p_flag & P_ADVLOCK) != 0) {
1990 for (i = 0; i <= fdp->fd_lastfile; i++) {
1991 fp = fdp->fd_ofiles[i].fde_file;
1992 if (fp == NULL || fp->f_type != DTYPE_VNODE)
1995 FILEDESC_XUNLOCK(fdp);
1996 lf.l_whence = SEEK_SET;
1999 lf.l_type = F_UNLCK;
2001 (void) VOP_ADVLOCK(vp,
2002 (caddr_t)td->td_proc->p_leader, F_UNLCK,
2004 FILEDESC_XLOCK(fdp);
2009 if (fdtol->fdl_refcount == 1) {
2010 if (fdp->fd_holdleaderscount > 0 &&
2011 (td->td_proc->p_leader->p_flag & P_ADVLOCK) != 0) {
2013 * close() or do_dup() has cleared a reference
2014 * in a shared file descriptor table.
2016 fdp->fd_holdleaderswakeup = 1;
2017 sx_sleep(&fdp->fd_holdleaderscount,
2018 FILEDESC_LOCK(fdp), PLOCK, "fdlhold", 0);
2021 if (fdtol->fdl_holdcount > 0) {
2023 * Ensure that fdtol->fdl_leader remains
2024 * valid in closef().
2026 fdtol->fdl_wakeup = 1;
2027 sx_sleep(fdtol, FILEDESC_LOCK(fdp), PLOCK,
2032 fdtol->fdl_refcount--;
2033 if (fdtol->fdl_refcount == 0 &&
2034 fdtol->fdl_holdcount == 0) {
2035 fdtol->fdl_next->fdl_prev = fdtol->fdl_prev;
2036 fdtol->fdl_prev->fdl_next = fdtol->fdl_next;
2039 td->td_proc->p_fdtol = NULL;
2040 FILEDESC_XUNLOCK(fdp);
2042 free(fdtol, M_FILEDESC_TO_LEADER);
2044 FILEDESC_XLOCK(fdp);
2045 i = --fdp->fd_refcnt;
2046 FILEDESC_XUNLOCK(fdp);
2050 for (i = 0; i <= fdp->fd_lastfile; i++) {
2051 fp = fdp->fd_ofiles[i].fde_file;
2053 FILEDESC_XLOCK(fdp);
2055 FILEDESC_XUNLOCK(fdp);
2056 (void) closef(fp, td);
2059 FILEDESC_XLOCK(fdp);
2061 /* XXX This should happen earlier. */
2062 mtx_lock(&fdesc_mtx);
2063 td->td_proc->p_fd = NULL;
2064 mtx_unlock(&fdesc_mtx);
2066 if (fdp->fd_nfiles > NDFILE)
2067 free(fdp->fd_ofiles, M_FILEDESC);
2068 if (NDSLOTS(fdp->fd_nfiles) > NDSLOTS(NDFILE))
2069 free(fdp->fd_map, M_FILEDESC);
2073 cdir = fdp->fd_cdir;
2074 fdp->fd_cdir = NULL;
2075 rdir = fdp->fd_rdir;
2076 fdp->fd_rdir = NULL;
2077 jdir = fdp->fd_jdir;
2078 fdp->fd_jdir = NULL;
2079 FILEDESC_XUNLOCK(fdp);
2092 * For setugid programs, we don't want to people to use that setugidness
2093 * to generate error messages which write to a file which otherwise would
2094 * otherwise be off-limits to the process. We check for filesystems where
2095 * the vnode can change out from under us after execve (like [lin]procfs).
2097 * Since setugidsafety calls this only for fd 0, 1 and 2, this check is
2098 * sufficient. We also don't check for setugidness since we know we are.
2101 is_unsafe(struct file *fp)
2103 if (fp->f_type == DTYPE_VNODE) {
2104 struct vnode *vp = fp->f_vnode;
2106 if ((vp->v_vflag & VV_PROCDEP) != 0)
2113 * Make this setguid thing safe, if at all possible.
2116 setugidsafety(struct thread *td)
2118 struct filedesc *fdp;
2122 /* Certain daemons might not have file descriptors. */
2123 fdp = td->td_proc->p_fd;
2128 * Note: fdp->fd_ofiles may be reallocated out from under us while
2129 * we are blocked in a close. Be careful!
2131 FILEDESC_XLOCK(fdp);
2132 for (i = 0; i <= fdp->fd_lastfile; i++) {
2135 fp = fdp->fd_ofiles[i].fde_file;
2136 if (fp != NULL && is_unsafe(fp)) {
2137 knote_fdclose(td, i);
2139 * NULL-out descriptor prior to close to avoid
2140 * a race while close blocks.
2143 FILEDESC_XUNLOCK(fdp);
2144 (void) closef(fp, td);
2145 FILEDESC_XLOCK(fdp);
2148 FILEDESC_XUNLOCK(fdp);
2152 * If a specific file object occupies a specific file descriptor, close the
2153 * file descriptor entry and drop a reference on the file object. This is a
2154 * convenience function to handle a subsequent error in a function that calls
2155 * falloc() that handles the race that another thread might have closed the
2156 * file descriptor out from under the thread creating the file object.
2159 fdclose(struct filedesc *fdp, struct file *fp, int idx, struct thread *td)
2162 FILEDESC_XLOCK(fdp);
2163 if (fdp->fd_ofiles[idx].fde_file == fp) {
2165 FILEDESC_XUNLOCK(fdp);
2168 FILEDESC_XUNLOCK(fdp);
2172 * Close any files on exec?
2175 fdcloseexec(struct thread *td)
2177 struct filedesc *fdp;
2178 struct filedescent *fde;
2182 /* Certain daemons might not have file descriptors. */
2183 fdp = td->td_proc->p_fd;
2188 * We cannot cache fd_ofiles since operations
2189 * may block and rip them out from under us.
2191 FILEDESC_XLOCK(fdp);
2192 for (i = 0; i <= fdp->fd_lastfile; i++) {
2193 fde = &fdp->fd_ofiles[i];
2195 if (fp != NULL && (fp->f_type == DTYPE_MQUEUE ||
2196 (fde->fde_flags & UF_EXCLOSE))) {
2198 (void) closefp(fdp, i, fp, td, 0);
2199 /* closefp() drops the FILEDESC lock. */
2200 FILEDESC_XLOCK(fdp);
2203 FILEDESC_XUNLOCK(fdp);
2207 * It is unsafe for set[ug]id processes to be started with file
2208 * descriptors 0..2 closed, as these descriptors are given implicit
2209 * significance in the Standard C library. fdcheckstd() will create a
2210 * descriptor referencing /dev/null for each of stdin, stdout, and
2211 * stderr that is not already open.
2214 fdcheckstd(struct thread *td)
2216 struct filedesc *fdp;
2217 register_t retval, save;
2218 int i, error, devnull;
2220 fdp = td->td_proc->p_fd;
2223 KASSERT(fdp->fd_refcnt == 1, ("the fdtable should not be shared"));
2226 for (i = 0; i < 3; i++) {
2227 if (fdp->fd_ofiles[i].fde_file != NULL)
2230 save = td->td_retval[0];
2231 error = kern_open(td, "/dev/null", UIO_SYSSPACE,
2233 devnull = td->td_retval[0];
2234 td->td_retval[0] = save;
2237 KASSERT(devnull == i, ("oof, we didn't get our fd"));
2239 error = do_dup(td, DUP_FIXED, devnull, i, &retval);
2248 * Internal form of close. Decrement reference count on file structure.
2249 * Note: td may be NULL when closing a file that was being passed in a
2252 * XXXRW: Giant is not required for the caller, but often will be held; this
2253 * makes it moderately likely the Giant will be recursed in the VFS case.
2256 closef(struct file *fp, struct thread *td)
2260 struct filedesc_to_leader *fdtol;
2261 struct filedesc *fdp;
2264 * POSIX record locking dictates that any close releases ALL
2265 * locks owned by this process. This is handled by setting
2266 * a flag in the unlock to free ONLY locks obeying POSIX
2267 * semantics, and not to free BSD-style file locks.
2268 * If the descriptor was in a message, POSIX-style locks
2269 * aren't passed with the descriptor, and the thread pointer
2270 * will be NULL. Callers should be careful only to pass a
2271 * NULL thread pointer when there really is no owning
2272 * context that might have locks, or the locks will be
2275 if (fp->f_type == DTYPE_VNODE && td != NULL) {
2277 if ((td->td_proc->p_leader->p_flag & P_ADVLOCK) != 0) {
2278 lf.l_whence = SEEK_SET;
2281 lf.l_type = F_UNLCK;
2282 (void) VOP_ADVLOCK(vp, (caddr_t)td->td_proc->p_leader,
2283 F_UNLCK, &lf, F_POSIX);
2285 fdtol = td->td_proc->p_fdtol;
2286 if (fdtol != NULL) {
2288 * Handle special case where file descriptor table is
2289 * shared between multiple process leaders.
2291 fdp = td->td_proc->p_fd;
2292 FILEDESC_XLOCK(fdp);
2293 for (fdtol = fdtol->fdl_next;
2294 fdtol != td->td_proc->p_fdtol;
2295 fdtol = fdtol->fdl_next) {
2296 if ((fdtol->fdl_leader->p_flag &
2299 fdtol->fdl_holdcount++;
2300 FILEDESC_XUNLOCK(fdp);
2301 lf.l_whence = SEEK_SET;
2304 lf.l_type = F_UNLCK;
2306 (void) VOP_ADVLOCK(vp,
2307 (caddr_t)fdtol->fdl_leader, F_UNLCK, &lf,
2309 FILEDESC_XLOCK(fdp);
2310 fdtol->fdl_holdcount--;
2311 if (fdtol->fdl_holdcount == 0 &&
2312 fdtol->fdl_wakeup != 0) {
2313 fdtol->fdl_wakeup = 0;
2317 FILEDESC_XUNLOCK(fdp);
2320 return (fdrop(fp, td));
2324 * Initialize the file pointer with the specified properties.
2326 * The ops are set with release semantics to be certain that the flags, type,
2327 * and data are visible when ops is. This is to prevent ops methods from being
2328 * called with bad data.
2331 finit(struct file *fp, u_int flag, short type, void *data, struct fileops *ops)
2336 atomic_store_rel_ptr((volatile uintptr_t *)&fp->f_ops, (uintptr_t)ops);
2340 fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
2341 int needfcntl, struct file **fpp, cap_rights_t *haverightsp)
2346 cap_rights_t haverights;
2351 * Avoid reads reordering and then a first access to the
2352 * fdp->fd_ofiles table which could result in OOB operation.
2354 if (fd < 0 || fd >= atomic_load_acq_int(&fdp->fd_nfiles))
2357 * Fetch the descriptor locklessly. We avoid fdrop() races by
2358 * never raising a refcount above 0. To accomplish this we have
2359 * to use a cmpset loop rather than an atomic_add. The descriptor
2360 * must be re-verified once we acquire a reference to be certain
2361 * that the identity is still correct and we did not lose a race
2362 * due to preemption.
2365 fp = fdp->fd_ofiles[fd].fde_file;
2369 haverights = *cap_rights(fdp, fd);
2370 if (needrightsp != NULL) {
2371 error = cap_check(&haverights, needrightsp);
2374 if (cap_rights_is_set(needrightsp, CAP_FCNTL)) {
2375 error = cap_fcntl_check(fdp, fd, needfcntl);
2381 count = fp->f_count;
2385 * Use an acquire barrier to prevent caching of fd_ofiles
2386 * so it is refreshed for verification.
2388 if (atomic_cmpset_acq_int(&fp->f_count, count, count + 1) != 1)
2390 if (fp == fdp->fd_ofiles[fd].fde_file)
2392 fdrop(fp, curthread);
2395 if (haverightsp != NULL) {
2397 *haverightsp = haverights;
2399 CAP_ALL(haverightsp);
2406 * Extract the file pointer associated with the specified descriptor for the
2407 * current user process.
2409 * If the descriptor doesn't exist or doesn't match 'flags', EBADF is
2412 * File's rights will be checked against the capability rights mask.
2414 * If an error occured the non-zero error is returned and *fpp is set to
2415 * NULL. Otherwise *fpp is held and set and zero is returned. Caller is
2416 * responsible for fdrop().
2419 _fget(struct thread *td, int fd, struct file **fpp, int flags,
2420 cap_rights_t *needrightsp, u_char *maxprotp)
2422 struct filedesc *fdp;
2424 cap_rights_t haverights, needrights;
2428 if (td == NULL || (fdp = td->td_proc->p_fd) == NULL)
2430 if (needrightsp != NULL)
2431 needrights = *needrightsp;
2433 cap_rights_init(&needrights);
2434 if (maxprotp != NULL)
2435 cap_rights_set(&needrights, CAP_MMAP);
2436 error = fget_unlocked(fdp, fd, &needrights, 0, &fp, &haverights);
2439 if (fp->f_ops == &badfileops) {
2446 * If requested, convert capability rights to access flags.
2448 if (maxprotp != NULL)
2449 *maxprotp = cap_rights_to_vmprot(&haverights);
2450 #else /* !CAPABILITIES */
2451 if (maxprotp != NULL)
2452 *maxprotp = VM_PROT_ALL;
2453 #endif /* CAPABILITIES */
2456 * FREAD and FWRITE failure return EBADF as per POSIX.
2462 if ((fp->f_flag & flags) == 0)
2466 if ((fp->f_flag & (FREAD | FEXEC)) == 0 ||
2467 ((fp->f_flag & FWRITE) != 0))
2473 KASSERT(0, ("wrong flags"));
2486 fget(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp)
2489 return(_fget(td, fd, fpp, 0, rightsp, NULL));
2493 fget_mmap(struct thread *td, int fd, cap_rights_t *rightsp, u_char *maxprotp,
2497 return (_fget(td, fd, fpp, 0, rightsp, maxprotp));
2501 fget_read(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp)
2504 return(_fget(td, fd, fpp, FREAD, rightsp, NULL));
2508 fget_write(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp)
2511 return (_fget(td, fd, fpp, FWRITE, rightsp, NULL));
2515 * Like fget() but loads the underlying vnode, or returns an error if the
2516 * descriptor does not represent a vnode. Note that pipes use vnodes but
2517 * never have VM objects. The returned vnode will be vref()'d.
2519 * XXX: what about the unused flags ?
2522 _fgetvp(struct thread *td, int fd, int flags, cap_rights_t *needrightsp,
2529 error = _fget(td, fd, &fp, flags, needrightsp, NULL);
2532 if (fp->f_vnode == NULL) {
2544 fgetvp(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp)
2547 return (_fgetvp(td, fd, 0, rightsp, vpp));
2551 fgetvp_rights(struct thread *td, int fd, cap_rights_t *needrightsp,
2552 struct filecaps *havecaps, struct vnode **vpp)
2554 struct filedesc *fdp;
2560 if (td == NULL || (fdp = td->td_proc->p_fd) == NULL)
2563 fp = fget_locked(fdp, fd);
2564 if (fp == NULL || fp->f_ops == &badfileops)
2568 if (needrightsp != NULL) {
2569 error = cap_check(cap_rights(fdp, fd), needrightsp);
2575 if (fp->f_vnode == NULL)
2580 filecaps_copy(&fdp->fd_ofiles[fd].fde_caps, havecaps);
2586 fgetvp_read(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp)
2589 return (_fgetvp(td, fd, FREAD, rightsp, vpp));
2593 fgetvp_exec(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp)
2596 return (_fgetvp(td, fd, FEXEC, rightsp, vpp));
2601 fgetvp_write(struct thread *td, int fd, cap_rights_t *rightsp,
2605 return (_fgetvp(td, fd, FWRITE, rightsp, vpp));
2610 * Like fget() but loads the underlying socket, or returns an error if the
2611 * descriptor does not represent a socket.
2613 * We bump the ref count on the returned socket. XXX Also obtain the SX lock
2616 * Note: fgetsock() and fputsock() are deprecated, as consumers should rely
2617 * on their file descriptor reference to prevent the socket from being free'd
2621 fgetsock(struct thread *td, int fd, cap_rights_t *rightsp, struct socket **spp,
2630 if ((error = _fget(td, fd, &fp, 0, rightsp, NULL)) != 0)
2632 if (fp->f_type != DTYPE_SOCKET) {
2637 *fflagp = fp->f_flag;
2648 * Drop the reference count on the socket and XXX release the SX lock in the
2649 * future. The last reference closes the socket.
2651 * Note: fputsock() is deprecated, see comment for fgetsock().
2654 fputsock(struct socket *so)
2659 CURVNET_SET(so->so_vnet);
2665 * Handle the last reference to a file being closed.
2668 _fdrop(struct file *fp, struct thread *td)
2673 if (fp->f_count != 0)
2674 panic("fdrop: count %d", fp->f_count);
2675 if (fp->f_ops != &badfileops)
2676 error = fo_close(fp, td);
2677 atomic_subtract_int(&openfiles, 1);
2679 free(fp->f_advice, M_FADVISE);
2680 uma_zfree(file_zone, fp);
2686 * Apply an advisory lock on a file descriptor.
2688 * Just attempt to get a record lock of the requested type on the entire file
2689 * (l_whence = SEEK_SET, l_start = 0, l_len = 0).
2691 #ifndef _SYS_SYSPROTO_H_
2699 sys_flock(struct thread *td, struct flock_args *uap)
2704 cap_rights_t rights;
2707 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_FLOCK), &fp);
2710 if (fp->f_type != DTYPE_VNODE) {
2712 return (EOPNOTSUPP);
2716 lf.l_whence = SEEK_SET;
2719 if (uap->how & LOCK_UN) {
2720 lf.l_type = F_UNLCK;
2721 atomic_clear_int(&fp->f_flag, FHASLOCK);
2722 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_UNLCK, &lf, F_FLOCK);
2725 if (uap->how & LOCK_EX)
2726 lf.l_type = F_WRLCK;
2727 else if (uap->how & LOCK_SH)
2728 lf.l_type = F_RDLCK;
2733 atomic_set_int(&fp->f_flag, FHASLOCK);
2734 error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf,
2735 (uap->how & LOCK_NB) ? F_FLOCK : F_FLOCK | F_WAIT);
2741 * Duplicate the specified descriptor to a free descriptor.
2744 dupfdopen(struct thread *td, struct filedesc *fdp, int dfd, int mode,
2745 int openerror, int *indxp)
2750 KASSERT(openerror == ENODEV || openerror == ENXIO,
2751 ("unexpected error %d in %s", openerror, __func__));
2754 * If the to-be-dup'd fd number is greater than the allowed number
2755 * of file descriptors, or the fd to be dup'd has already been
2756 * closed, then reject.
2758 FILEDESC_XLOCK(fdp);
2759 if ((fp = fget_locked(fdp, dfd)) == NULL) {
2760 FILEDESC_XUNLOCK(fdp);
2764 error = fdalloc(td, 0, &indx);
2766 FILEDESC_XUNLOCK(fdp);
2771 * There are two cases of interest here.
2773 * For ENODEV simply dup (dfd) to file descriptor (indx) and return.
2775 * For ENXIO steal away the file structure from (dfd) and store it in
2776 * (indx). (dfd) is effectively closed by this operation.
2778 switch (openerror) {
2781 * Check that the mode the file is being opened for is a
2782 * subset of the mode of the existing descriptor.
2784 if (((mode & (FREAD|FWRITE)) | fp->f_flag) != fp->f_flag) {
2785 fdunused(fdp, indx);
2786 FILEDESC_XUNLOCK(fdp);
2790 fdp->fd_ofiles[indx] = fdp->fd_ofiles[dfd];
2791 filecaps_copy(&fdp->fd_ofiles[dfd].fde_caps,
2792 &fdp->fd_ofiles[indx].fde_caps);
2796 * Steal away the file pointer from dfd and stuff it into indx.
2798 fdp->fd_ofiles[indx] = fdp->fd_ofiles[dfd];
2799 bzero(&fdp->fd_ofiles[dfd], sizeof(fdp->fd_ofiles[dfd]));
2803 FILEDESC_XUNLOCK(fdp);
2809 * Scan all active processes and prisons to see if any of them have a current
2810 * or root directory of `olddp'. If so, replace them with the new mount point.
2813 mountcheckdirs(struct vnode *olddp, struct vnode *newdp)
2815 struct filedesc *fdp;
2820 if (vrefcnt(olddp) == 1)
2823 sx_slock(&allproc_lock);
2824 FOREACH_PROC_IN_SYSTEM(p) {
2828 FILEDESC_XLOCK(fdp);
2829 if (fdp->fd_cdir == olddp) {
2831 fdp->fd_cdir = newdp;
2834 if (fdp->fd_rdir == olddp) {
2836 fdp->fd_rdir = newdp;
2839 if (fdp->fd_jdir == olddp) {
2841 fdp->fd_jdir = newdp;
2844 FILEDESC_XUNLOCK(fdp);
2847 sx_sunlock(&allproc_lock);
2848 if (rootvnode == olddp) {
2853 mtx_lock(&prison0.pr_mtx);
2854 if (prison0.pr_root == olddp) {
2856 prison0.pr_root = newdp;
2859 mtx_unlock(&prison0.pr_mtx);
2860 sx_slock(&allprison_lock);
2861 TAILQ_FOREACH(pr, &allprison, pr_list) {
2862 mtx_lock(&pr->pr_mtx);
2863 if (pr->pr_root == olddp) {
2865 pr->pr_root = newdp;
2868 mtx_unlock(&pr->pr_mtx);
2870 sx_sunlock(&allprison_lock);
2875 struct filedesc_to_leader *
2876 filedesc_to_leader_alloc(struct filedesc_to_leader *old, struct filedesc *fdp, struct proc *leader)
2878 struct filedesc_to_leader *fdtol;
2880 fdtol = malloc(sizeof(struct filedesc_to_leader),
2881 M_FILEDESC_TO_LEADER,
2883 fdtol->fdl_refcount = 1;
2884 fdtol->fdl_holdcount = 0;
2885 fdtol->fdl_wakeup = 0;
2886 fdtol->fdl_leader = leader;
2888 FILEDESC_XLOCK(fdp);
2889 fdtol->fdl_next = old->fdl_next;
2890 fdtol->fdl_prev = old;
2891 old->fdl_next = fdtol;
2892 fdtol->fdl_next->fdl_prev = fdtol;
2893 FILEDESC_XUNLOCK(fdp);
2895 fdtol->fdl_next = fdtol;
2896 fdtol->fdl_prev = fdtol;
2902 * Get file structures globally.
2905 sysctl_kern_file(SYSCTL_HANDLER_ARGS)
2908 struct filedesc *fdp;
2913 error = sysctl_wire_old_buffer(req, 0);
2916 if (req->oldptr == NULL) {
2918 sx_slock(&allproc_lock);
2919 FOREACH_PROC_IN_SYSTEM(p) {
2920 if (p->p_state == PRS_NEW)
2925 /* overestimates sparse tables. */
2926 if (fdp->fd_lastfile > 0)
2927 n += fdp->fd_lastfile;
2930 sx_sunlock(&allproc_lock);
2931 return (SYSCTL_OUT(req, 0, n * sizeof(xf)));
2934 bzero(&xf, sizeof(xf));
2935 xf.xf_size = sizeof(xf);
2936 sx_slock(&allproc_lock);
2937 FOREACH_PROC_IN_SYSTEM(p) {
2939 if (p->p_state == PRS_NEW) {
2943 if (p_cansee(req->td, p) != 0) {
2947 xf.xf_pid = p->p_pid;
2948 xf.xf_uid = p->p_ucred->cr_uid;
2953 FILEDESC_SLOCK(fdp);
2954 for (n = 0; fdp->fd_refcnt > 0 && n < fdp->fd_nfiles; ++n) {
2955 if ((fp = fdp->fd_ofiles[n].fde_file) == NULL)
2959 xf.xf_data = fp->f_data;
2960 xf.xf_vnode = fp->f_vnode;
2961 xf.xf_type = fp->f_type;
2962 xf.xf_count = fp->f_count;
2964 xf.xf_offset = foffset_get(fp);
2965 xf.xf_flag = fp->f_flag;
2966 error = SYSCTL_OUT(req, &xf, sizeof(xf));
2970 FILEDESC_SUNLOCK(fdp);
2975 sx_sunlock(&allproc_lock);
2979 SYSCTL_PROC(_kern, KERN_FILE, file, CTLTYPE_OPAQUE|CTLFLAG_RD|CTLFLAG_MPSAFE,
2980 0, 0, sysctl_kern_file, "S,xfile", "Entire file table");
2982 #ifdef KINFO_OFILE_SIZE
2983 CTASSERT(sizeof(struct kinfo_ofile) == KINFO_OFILE_SIZE);
2986 #ifdef COMPAT_FREEBSD7
2988 export_vnode_for_osysctl(struct vnode *vp, int type,
2989 struct kinfo_ofile *kif, struct filedesc *fdp, struct sysctl_req *req)
2992 char *fullpath, *freepath;
2994 bzero(kif, sizeof(*kif));
2995 kif->kf_structsize = sizeof(*kif);
2999 kif->kf_type = KF_TYPE_VNODE;
3000 /* This function only handles directories. */
3001 if (vp->v_type != VDIR) {
3005 kif->kf_vnode_type = KF_VTYPE_VDIR;
3008 * This is not a true file descriptor, so we set a bogus refcount
3009 * and offset to indicate these fields should be ignored.
3011 kif->kf_ref_count = -1;
3012 kif->kf_offset = -1;
3016 FILEDESC_SUNLOCK(fdp);
3017 vn_fullpath(curthread, vp, &fullpath, &freepath);
3019 strlcpy(kif->kf_path, fullpath, sizeof(kif->kf_path));
3020 if (freepath != NULL)
3021 free(freepath, M_TEMP);
3022 error = SYSCTL_OUT(req, kif, sizeof(*kif));
3023 FILEDESC_SLOCK(fdp);
3028 * Get per-process file descriptors for use by procstat(1), et al.
3031 sysctl_kern_proc_ofiledesc(SYSCTL_HANDLER_ARGS)
3033 char *fullpath, *freepath;
3034 struct kinfo_ofile *kif;
3035 struct filedesc *fdp;
3036 int error, i, *name;
3037 struct shmfd *shmfd;
3046 error = pget((pid_t)name[0], PGET_CANDEBUG, &p);
3053 kif = malloc(sizeof(*kif), M_TEMP, M_WAITOK);
3054 FILEDESC_SLOCK(fdp);
3055 if (fdp->fd_cdir != NULL)
3056 export_vnode_for_osysctl(fdp->fd_cdir, KF_FD_TYPE_CWD, kif,
3058 if (fdp->fd_rdir != NULL)
3059 export_vnode_for_osysctl(fdp->fd_rdir, KF_FD_TYPE_ROOT, kif,
3061 if (fdp->fd_jdir != NULL)
3062 export_vnode_for_osysctl(fdp->fd_jdir, KF_FD_TYPE_JAIL, kif,
3064 for (i = 0; fdp->fd_refcnt > 0 && i < fdp->fd_nfiles; i++) {
3065 if ((fp = fdp->fd_ofiles[i].fde_file) == NULL)
3067 bzero(kif, sizeof(*kif));
3068 kif->kf_structsize = sizeof(*kif);
3076 switch (fp->f_type) {
3078 kif->kf_type = KF_TYPE_VNODE;
3083 kif->kf_type = KF_TYPE_SOCKET;
3088 kif->kf_type = KF_TYPE_PIPE;
3092 kif->kf_type = KF_TYPE_FIFO;
3097 kif->kf_type = KF_TYPE_KQUEUE;
3101 kif->kf_type = KF_TYPE_CRYPTO;
3105 kif->kf_type = KF_TYPE_MQUEUE;
3109 kif->kf_type = KF_TYPE_SHM;
3114 kif->kf_type = KF_TYPE_SEM;
3119 kif->kf_type = KF_TYPE_PTS;
3124 case DTYPE_PROCDESC:
3125 kif->kf_type = KF_TYPE_PROCDESC;
3130 kif->kf_type = KF_TYPE_UNKNOWN;
3133 kif->kf_ref_count = fp->f_count;
3134 if (fp->f_flag & FREAD)
3135 kif->kf_flags |= KF_FLAG_READ;
3136 if (fp->f_flag & FWRITE)
3137 kif->kf_flags |= KF_FLAG_WRITE;
3138 if (fp->f_flag & FAPPEND)
3139 kif->kf_flags |= KF_FLAG_APPEND;
3140 if (fp->f_flag & FASYNC)
3141 kif->kf_flags |= KF_FLAG_ASYNC;
3142 if (fp->f_flag & FFSYNC)
3143 kif->kf_flags |= KF_FLAG_FSYNC;
3144 if (fp->f_flag & FNONBLOCK)
3145 kif->kf_flags |= KF_FLAG_NONBLOCK;
3146 if (fp->f_flag & O_DIRECT)
3147 kif->kf_flags |= KF_FLAG_DIRECT;
3148 if (fp->f_flag & FHASLOCK)
3149 kif->kf_flags |= KF_FLAG_HASLOCK;
3150 kif->kf_offset = foffset_get(fp);
3153 switch (vp->v_type) {
3155 kif->kf_vnode_type = KF_VTYPE_VNON;
3158 kif->kf_vnode_type = KF_VTYPE_VREG;
3161 kif->kf_vnode_type = KF_VTYPE_VDIR;
3164 kif->kf_vnode_type = KF_VTYPE_VBLK;
3167 kif->kf_vnode_type = KF_VTYPE_VCHR;
3170 kif->kf_vnode_type = KF_VTYPE_VLNK;
3173 kif->kf_vnode_type = KF_VTYPE_VSOCK;
3176 kif->kf_vnode_type = KF_VTYPE_VFIFO;
3179 kif->kf_vnode_type = KF_VTYPE_VBAD;
3182 kif->kf_vnode_type = KF_VTYPE_UNKNOWN;
3186 * It is OK to drop the filedesc lock here as we will
3187 * re-validate and re-evaluate its properties when
3188 * the loop continues.
3192 FILEDESC_SUNLOCK(fdp);
3193 vn_fullpath(curthread, vp, &fullpath, &freepath);
3195 strlcpy(kif->kf_path, fullpath,
3196 sizeof(kif->kf_path));
3197 if (freepath != NULL)
3198 free(freepath, M_TEMP);
3199 FILEDESC_SLOCK(fdp);
3202 struct sockaddr *sa;
3204 if (so->so_proto->pr_usrreqs->pru_sockaddr(so, &sa)
3205 == 0 && sa->sa_len <= sizeof(kif->kf_sa_local)) {
3206 bcopy(sa, &kif->kf_sa_local, sa->sa_len);
3209 if (so->so_proto->pr_usrreqs->pru_peeraddr(so, &sa)
3210 == 0 && sa->sa_len <= sizeof(kif->kf_sa_peer)) {
3211 bcopy(sa, &kif->kf_sa_peer, sa->sa_len);
3214 kif->kf_sock_domain =
3215 so->so_proto->pr_domain->dom_family;
3216 kif->kf_sock_type = so->so_type;
3217 kif->kf_sock_protocol = so->so_proto->pr_protocol;
3220 strlcpy(kif->kf_path, tty_devname(tp),
3221 sizeof(kif->kf_path));
3224 shm_path(shmfd, kif->kf_path, sizeof(kif->kf_path));
3225 if (ks != NULL && ksem_info != NULL)
3226 ksem_info(ks, kif->kf_path, sizeof(kif->kf_path), NULL);
3227 error = SYSCTL_OUT(req, kif, sizeof(*kif));
3231 FILEDESC_SUNLOCK(fdp);
3237 static SYSCTL_NODE(_kern_proc, KERN_PROC_OFILEDESC, ofiledesc,
3238 CTLFLAG_RD||CTLFLAG_MPSAFE, sysctl_kern_proc_ofiledesc,
3239 "Process ofiledesc entries");
3240 #endif /* COMPAT_FREEBSD7 */
3242 #ifdef KINFO_FILE_SIZE
3243 CTASSERT(sizeof(struct kinfo_file) == KINFO_FILE_SIZE);
3246 struct export_fd_buf {
3247 struct filedesc *fdp;
3250 struct kinfo_file kif;
3254 export_fd_to_sb(void *data, int type, int fd, int fflags, int refcnt,
3255 int64_t offset, cap_rights_t *rightsp, struct export_fd_buf *efbuf)
3260 } fflags_table[] = {
3261 { FAPPEND, KF_FLAG_APPEND },
3262 { FASYNC, KF_FLAG_ASYNC },
3263 { FFSYNC, KF_FLAG_FSYNC },
3264 { FHASLOCK, KF_FLAG_HASLOCK },
3265 { FNONBLOCK, KF_FLAG_NONBLOCK },
3266 { FREAD, KF_FLAG_READ },
3267 { FWRITE, KF_FLAG_WRITE },
3268 { O_CREAT, KF_FLAG_CREAT },
3269 { O_DIRECT, KF_FLAG_DIRECT },
3270 { O_EXCL, KF_FLAG_EXCL },
3271 { O_EXEC, KF_FLAG_EXEC },
3272 { O_EXLOCK, KF_FLAG_EXLOCK },
3273 { O_NOFOLLOW, KF_FLAG_NOFOLLOW },
3274 { O_SHLOCK, KF_FLAG_SHLOCK },
3275 { O_TRUNC, KF_FLAG_TRUNC }
3277 #define NFFLAGS (sizeof(fflags_table) / sizeof(*fflags_table))
3278 struct kinfo_file *kif;
3283 if (efbuf->remainder == 0)
3286 bzero(kif, sizeof(*kif));
3287 locked = efbuf->fdp != NULL;
3292 FILEDESC_SUNLOCK(efbuf->fdp);
3295 vp = (struct vnode *)data;
3296 error = fill_vnode_info(vp, kif);
3299 case KF_TYPE_SOCKET:
3300 error = fill_socket_info((struct socket *)data, kif);
3303 error = fill_pipe_info((struct pipe *)data, kif);
3306 error = fill_pts_info((struct tty *)data, kif);
3308 case KF_TYPE_PROCDESC:
3309 error = fill_procdesc_info((struct procdesc *)data, kif);
3312 error = fill_sem_info((struct file *)data, kif);
3315 error = fill_shm_info((struct file *)data, kif);
3321 kif->kf_status |= KF_ATTR_VALID;
3324 * Translate file access flags.
3326 for (i = 0; i < NFFLAGS; i++)
3327 if (fflags & fflags_table[i].fflag)
3328 kif->kf_flags |= fflags_table[i].kf_fflag;
3329 if (rightsp != NULL)
3330 kif->kf_cap_rights = *rightsp;
3332 cap_rights_init(&kif->kf_cap_rights);
3334 kif->kf_type = type;
3335 kif->kf_ref_count = refcnt;
3336 kif->kf_offset = offset;
3337 /* Pack record size down */
3338 kif->kf_structsize = offsetof(struct kinfo_file, kf_path) +
3339 strlen(kif->kf_path) + 1;
3340 kif->kf_structsize = roundup(kif->kf_structsize, sizeof(uint64_t));
3341 if (efbuf->remainder != -1) {
3342 if (efbuf->remainder < kif->kf_structsize) {
3343 /* Terminate export. */
3344 efbuf->remainder = 0;
3345 if (efbuf->fdp != NULL && !locked)
3346 FILEDESC_SLOCK(efbuf->fdp);
3349 efbuf->remainder -= kif->kf_structsize;
3352 FILEDESC_SUNLOCK(efbuf->fdp);
3353 error = sbuf_bcat(efbuf->sb, kif, kif->kf_structsize);
3354 if (efbuf->fdp != NULL)
3355 FILEDESC_SLOCK(efbuf->fdp);
3360 * Store a process file descriptor information to sbuf.
3362 * Takes a locked proc as argument, and returns with the proc unlocked.
3365 kern_proc_filedesc_out(struct proc *p, struct sbuf *sb, ssize_t maxlen)
3368 struct filedesc *fdp;
3369 struct export_fd_buf *efbuf;
3370 struct vnode *cttyvp, *textvp, *tracevp;
3374 int type, refcnt, fflags;
3375 cap_rights_t rights;
3377 PROC_LOCK_ASSERT(p, MA_OWNED);
3380 tracevp = p->p_tracevp;
3381 if (tracevp != NULL)
3384 textvp = p->p_textvp;
3387 /* Controlling tty. */
3389 if (p->p_pgrp != NULL && p->p_pgrp->pg_session != NULL) {
3390 cttyvp = p->p_pgrp->pg_session->s_ttyvp;
3396 efbuf = malloc(sizeof(*efbuf), M_TEMP, M_WAITOK);
3399 efbuf->remainder = maxlen;
3400 if (tracevp != NULL)
3401 export_fd_to_sb(tracevp, KF_TYPE_VNODE, KF_FD_TYPE_TRACE,
3402 FREAD | FWRITE, -1, -1, NULL, efbuf);
3404 export_fd_to_sb(textvp, KF_TYPE_VNODE, KF_FD_TYPE_TEXT,
3405 FREAD, -1, -1, NULL, efbuf);
3407 export_fd_to_sb(cttyvp, KF_TYPE_VNODE, KF_FD_TYPE_CTTY,
3408 FREAD | FWRITE, -1, -1, NULL, efbuf);
3413 FILEDESC_SLOCK(fdp);
3414 /* working directory */
3415 if (fdp->fd_cdir != NULL) {
3417 data = fdp->fd_cdir;
3418 export_fd_to_sb(data, KF_TYPE_VNODE, KF_FD_TYPE_CWD,
3419 FREAD, -1, -1, NULL, efbuf);
3421 /* root directory */
3422 if (fdp->fd_rdir != NULL) {
3424 data = fdp->fd_rdir;
3425 export_fd_to_sb(data, KF_TYPE_VNODE, KF_FD_TYPE_ROOT,
3426 FREAD, -1, -1, NULL, efbuf);
3428 /* jail directory */
3429 if (fdp->fd_jdir != NULL) {
3431 data = fdp->fd_jdir;
3432 export_fd_to_sb(data, KF_TYPE_VNODE, KF_FD_TYPE_JAIL,
3433 FREAD, -1, -1, NULL, efbuf);
3435 for (i = 0; fdp->fd_refcnt > 0 && i < fdp->fd_nfiles; i++) {
3436 if ((fp = fdp->fd_ofiles[i].fde_file) == NULL)
3440 rights = *cap_rights(fdp, i);
3441 #else /* !CAPABILITIES */
3442 cap_rights_init(&rights);
3444 switch (fp->f_type) {
3446 type = KF_TYPE_VNODE;
3452 type = KF_TYPE_SOCKET;
3457 type = KF_TYPE_PIPE;
3462 type = KF_TYPE_FIFO;
3468 type = KF_TYPE_KQUEUE;
3472 type = KF_TYPE_CRYPTO;
3476 type = KF_TYPE_MQUEUE;
3495 case DTYPE_PROCDESC:
3496 type = KF_TYPE_PROCDESC;
3502 type = KF_TYPE_UNKNOWN;
3505 refcnt = fp->f_count;
3506 fflags = fp->f_flag;
3507 offset = foffset_get(fp);
3510 * Create sysctl entry.
3511 * It is OK to drop the filedesc lock here as we will
3512 * re-validate and re-evaluate its properties when
3513 * the loop continues.
3515 error = export_fd_to_sb(data, type, i, fflags, refcnt,
3516 offset, &rights, efbuf);
3520 FILEDESC_SUNLOCK(fdp);
3523 free(efbuf, M_TEMP);
3527 #define FILEDESC_SBUF_SIZE (sizeof(struct kinfo_file) * 5)
3530 * Get per-process file descriptors for use by procstat(1), et al.
3533 sysctl_kern_proc_filedesc(SYSCTL_HANDLER_ARGS)
3538 int error, error2, *name;
3542 sbuf_new_for_sysctl(&sb, NULL, FILEDESC_SBUF_SIZE, req);
3543 error = pget((pid_t)name[0], PGET_CANDEBUG, &p);
3548 maxlen = req->oldptr != NULL ? req->oldlen : -1;
3549 error = kern_proc_filedesc_out(p, &sb, maxlen);
3550 error2 = sbuf_finish(&sb);
3552 return (error != 0 ? error : error2);
3556 vntype_to_kinfo(int vtype)
3561 } vtypes_table[] = {
3562 { VBAD, KF_VTYPE_VBAD },
3563 { VBLK, KF_VTYPE_VBLK },
3564 { VCHR, KF_VTYPE_VCHR },
3565 { VDIR, KF_VTYPE_VDIR },
3566 { VFIFO, KF_VTYPE_VFIFO },
3567 { VLNK, KF_VTYPE_VLNK },
3568 { VNON, KF_VTYPE_VNON },
3569 { VREG, KF_VTYPE_VREG },
3570 { VSOCK, KF_VTYPE_VSOCK }
3572 #define NVTYPES (sizeof(vtypes_table) / sizeof(*vtypes_table))
3576 * Perform vtype translation.
3578 for (i = 0; i < NVTYPES; i++)
3579 if (vtypes_table[i].vtype == vtype)
3582 return (vtypes_table[i].kf_vtype);
3584 return (KF_VTYPE_UNKNOWN);
3588 fill_vnode_info(struct vnode *vp, struct kinfo_file *kif)
3591 char *fullpath, *freepath;
3596 kif->kf_vnode_type = vntype_to_kinfo(vp->v_type);
3599 error = vn_fullpath(curthread, vp, &fullpath, &freepath);
3601 strlcpy(kif->kf_path, fullpath, sizeof(kif->kf_path));
3603 if (freepath != NULL)
3604 free(freepath, M_TEMP);
3607 * Retrieve vnode attributes.
3609 va.va_fsid = VNOVAL;
3611 vn_lock(vp, LK_SHARED | LK_RETRY);
3612 error = VOP_GETATTR(vp, &va, curthread->td_ucred);
3616 if (va.va_fsid != VNOVAL)
3617 kif->kf_un.kf_file.kf_file_fsid = va.va_fsid;
3619 kif->kf_un.kf_file.kf_file_fsid =
3620 vp->v_mount->mnt_stat.f_fsid.val[0];
3621 kif->kf_un.kf_file.kf_file_fileid = va.va_fileid;
3622 kif->kf_un.kf_file.kf_file_mode = MAKEIMODE(va.va_type, va.va_mode);
3623 kif->kf_un.kf_file.kf_file_size = va.va_size;
3624 kif->kf_un.kf_file.kf_file_rdev = va.va_rdev;
3629 fill_socket_info(struct socket *so, struct kinfo_file *kif)
3631 struct sockaddr *sa;
3632 struct inpcb *inpcb;
3633 struct unpcb *unpcb;
3638 kif->kf_sock_domain = so->so_proto->pr_domain->dom_family;
3639 kif->kf_sock_type = so->so_type;
3640 kif->kf_sock_protocol = so->so_proto->pr_protocol;
3641 kif->kf_un.kf_sock.kf_sock_pcb = (uintptr_t)so->so_pcb;
3642 switch(kif->kf_sock_domain) {
3645 if (kif->kf_sock_protocol == IPPROTO_TCP) {
3646 if (so->so_pcb != NULL) {
3647 inpcb = (struct inpcb *)(so->so_pcb);
3648 kif->kf_un.kf_sock.kf_sock_inpcb =
3649 (uintptr_t)inpcb->inp_ppcb;
3654 if (so->so_pcb != NULL) {
3655 unpcb = (struct unpcb *)(so->so_pcb);
3656 if (unpcb->unp_conn) {
3657 kif->kf_un.kf_sock.kf_sock_unpconn =
3658 (uintptr_t)unpcb->unp_conn;
3659 kif->kf_un.kf_sock.kf_sock_rcv_sb_state =
3660 so->so_rcv.sb_state;
3661 kif->kf_un.kf_sock.kf_sock_snd_sb_state =
3662 so->so_snd.sb_state;
3667 error = so->so_proto->pr_usrreqs->pru_sockaddr(so, &sa);
3668 if (error == 0 && sa->sa_len <= sizeof(kif->kf_sa_local)) {
3669 bcopy(sa, &kif->kf_sa_local, sa->sa_len);
3672 error = so->so_proto->pr_usrreqs->pru_peeraddr(so, &sa);
3673 if (error == 0 && sa->sa_len <= sizeof(kif->kf_sa_peer)) {
3674 bcopy(sa, &kif->kf_sa_peer, sa->sa_len);
3677 strncpy(kif->kf_path, so->so_proto->pr_domain->dom_name,
3678 sizeof(kif->kf_path));
3683 fill_pts_info(struct tty *tp, struct kinfo_file *kif)
3688 kif->kf_un.kf_pts.kf_pts_dev = tty_udev(tp);
3689 strlcpy(kif->kf_path, tty_devname(tp), sizeof(kif->kf_path));
3694 fill_pipe_info(struct pipe *pi, struct kinfo_file *kif)
3699 kif->kf_un.kf_pipe.kf_pipe_addr = (uintptr_t)pi;
3700 kif->kf_un.kf_pipe.kf_pipe_peer = (uintptr_t)pi->pipe_peer;
3701 kif->kf_un.kf_pipe.kf_pipe_buffer_cnt = pi->pipe_buffer.cnt;
3706 fill_procdesc_info(struct procdesc *pdp, struct kinfo_file *kif)
3711 kif->kf_un.kf_proc.kf_pid = pdp->pd_pid;
3716 fill_sem_info(struct file *fp, struct kinfo_file *kif)
3722 if (fp->f_data == NULL)
3724 if (fo_stat(fp, &sb, td->td_ucred, td) != 0)
3726 if (ksem_info == NULL)
3728 ksem_info(fp->f_data, kif->kf_path, sizeof(kif->kf_path),
3729 &kif->kf_un.kf_sem.kf_sem_value);
3730 kif->kf_un.kf_sem.kf_sem_mode = sb.st_mode;
3735 fill_shm_info(struct file *fp, struct kinfo_file *kif)
3741 if (fp->f_data == NULL)
3743 if (fo_stat(fp, &sb, td->td_ucred, td) != 0)
3745 shm_path(fp->f_data, kif->kf_path, sizeof(kif->kf_path));
3746 kif->kf_un.kf_file.kf_file_mode = sb.st_mode;
3747 kif->kf_un.kf_file.kf_file_size = sb.st_size;
3751 static SYSCTL_NODE(_kern_proc, KERN_PROC_FILEDESC, filedesc,
3752 CTLFLAG_RD|CTLFLAG_MPSAFE, sysctl_kern_proc_filedesc,
3753 "Process filedesc entries");
3757 * For the purposes of debugging, generate a human-readable string for the
3761 file_type_to_name(short type)
3791 * For the purposes of debugging, identify a process (if any, perhaps one of
3792 * many) that references the passed file in its file descriptor array. Return
3795 static struct proc *
3796 file_to_first_proc(struct file *fp)
3798 struct filedesc *fdp;
3802 FOREACH_PROC_IN_SYSTEM(p) {
3803 if (p->p_state == PRS_NEW)
3808 for (n = 0; n < fdp->fd_nfiles; n++) {
3809 if (fp == fdp->fd_ofiles[n].fde_file)
3817 db_print_file(struct file *fp, int header)
3822 db_printf("%8s %4s %8s %8s %4s %5s %6s %8s %5s %12s\n",
3823 "File", "Type", "Data", "Flag", "GCFl", "Count",
3824 "MCount", "Vnode", "FPID", "FCmd");
3825 p = file_to_first_proc(fp);
3826 db_printf("%8p %4s %8p %08x %04x %5d %6d %8p %5d %12s\n", fp,
3827 file_type_to_name(fp->f_type), fp->f_data, fp->f_flag,
3828 0, fp->f_count, 0, fp->f_vnode,
3829 p != NULL ? p->p_pid : -1, p != NULL ? p->p_comm : "-");
3832 DB_SHOW_COMMAND(file, db_show_file)
3837 db_printf("usage: show file <addr>\n");
3840 fp = (struct file *)addr;
3841 db_print_file(fp, 1);
3844 DB_SHOW_COMMAND(files, db_show_files)
3846 struct filedesc *fdp;
3853 FOREACH_PROC_IN_SYSTEM(p) {
3854 if (p->p_state == PRS_NEW)
3856 if ((fdp = p->p_fd) == NULL)
3858 for (n = 0; n < fdp->fd_nfiles; ++n) {
3859 if ((fp = fdp->fd_ofiles[n].fde_file) == NULL)
3861 db_print_file(fp, header);
3868 SYSCTL_INT(_kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW,
3869 &maxfilesperproc, 0, "Maximum files allowed open per process");
3871 SYSCTL_INT(_kern, KERN_MAXFILES, maxfiles, CTLFLAG_RW,
3872 &maxfiles, 0, "Maximum number of files");
3874 SYSCTL_INT(_kern, OID_AUTO, openfiles, CTLFLAG_RD,
3875 __DEVOLATILE(int *, &openfiles), 0, "System-wide number of open files");
3879 filelistinit(void *dummy)
3882 file_zone = uma_zcreate("Files", sizeof(struct file), NULL, NULL,
3883 NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
3884 mtx_init(&sigio_lock, "sigio lock", NULL, MTX_DEF);
3885 mtx_init(&fdesc_mtx, "fdesc", NULL, MTX_DEF);
3887 SYSINIT(select, SI_SUB_LOCK, SI_ORDER_FIRST, filelistinit, NULL);
3889 /*-------------------------------------------------------------------*/
3892 badfo_readwrite(struct file *fp, struct uio *uio, struct ucred *active_cred,
3893 int flags, struct thread *td)
3900 badfo_truncate(struct file *fp, off_t length, struct ucred *active_cred,
3908 badfo_ioctl(struct file *fp, u_long com, void *data, struct ucred *active_cred,
3916 badfo_poll(struct file *fp, int events, struct ucred *active_cred,
3924 badfo_kqfilter(struct file *fp, struct knote *kn)
3931 badfo_stat(struct file *fp, struct stat *sb, struct ucred *active_cred,
3939 badfo_close(struct file *fp, struct thread *td)
3946 badfo_chmod(struct file *fp, mode_t mode, struct ucred *active_cred,
3954 badfo_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred,
3962 badfo_sendfile(struct file *fp, int sockfd, struct uio *hdr_uio,
3963 struct uio *trl_uio, off_t offset, size_t nbytes, off_t *sent, int flags,
3964 int kflags, struct thread *td)
3970 struct fileops badfileops = {
3971 .fo_read = badfo_readwrite,
3972 .fo_write = badfo_readwrite,
3973 .fo_truncate = badfo_truncate,
3974 .fo_ioctl = badfo_ioctl,
3975 .fo_poll = badfo_poll,
3976 .fo_kqfilter = badfo_kqfilter,
3977 .fo_stat = badfo_stat,
3978 .fo_close = badfo_close,
3979 .fo_chmod = badfo_chmod,
3980 .fo_chown = badfo_chown,
3981 .fo_sendfile = badfo_sendfile,
3985 invfo_chmod(struct file *fp, mode_t mode, struct ucred *active_cred,
3993 invfo_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred,
4001 invfo_sendfile(struct file *fp, int sockfd, struct uio *hdr_uio,
4002 struct uio *trl_uio, off_t offset, size_t nbytes, off_t *sent, int flags,
4003 int kflags, struct thread *td)
4009 /*-------------------------------------------------------------------*/
4012 * File Descriptor pseudo-device driver (/dev/fd/).
4014 * Opening minor device N dup()s the file (if any) connected to file
4015 * descriptor N belonging to the calling process. Note that this driver
4016 * consists of only the ``open()'' routine, because all subsequent
4017 * references to this file will be direct to the other driver.
4019 * XXX: we could give this one a cloning event handler if necessary.
4024 fdopen(struct cdev *dev, int mode, int type, struct thread *td)
4028 * XXX Kludge: set curthread->td_dupfd to contain the value of the
4029 * the file descriptor being sought for duplication. The error
4030 * return ensures that the vnode for this device will be released
4031 * by vn_open. Open will detect this special error and take the
4032 * actions in dupfdopen below. Other callers of vn_open or VOP_OPEN
4033 * will simply report the error.
4035 td->td_dupfd = dev2unit(dev);
4039 static struct cdevsw fildesc_cdevsw = {
4040 .d_version = D_VERSION,
4046 fildesc_drvinit(void *unused)
4050 dev = make_dev_credf(MAKEDEV_ETERNAL, &fildesc_cdevsw, 0, NULL,
4051 UID_ROOT, GID_WHEEL, 0666, "fd/0");
4052 make_dev_alias(dev, "stdin");
4053 dev = make_dev_credf(MAKEDEV_ETERNAL, &fildesc_cdevsw, 1, NULL,
4054 UID_ROOT, GID_WHEEL, 0666, "fd/1");
4055 make_dev_alias(dev, "stdout");
4056 dev = make_dev_credf(MAKEDEV_ETERNAL, &fildesc_cdevsw, 2, NULL,
4057 UID_ROOT, GID_WHEEL, 0666, "fd/2");
4058 make_dev_alias(dev, "stderr");
4061 SYSINIT(fildescdev, SI_SUB_DRIVERS, SI_ORDER_MIDDLE, fildesc_drvinit, NULL);