2 * Copyright (c) 1982, 1986, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * @(#)sys_generic.c 8.5 (Berkeley) 1/21/94
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include "opt_capsicum.h"
41 #include "opt_compat.h"
42 #include "opt_ktrace.h"
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/sysproto.h>
47 #include <sys/capsicum.h>
48 #include <sys/filedesc.h>
49 #include <sys/filio.h>
50 #include <sys/fcntl.h>
54 #include <sys/signalvar.h>
55 #include <sys/socketvar.h>
57 #include <sys/kernel.h>
59 #include <sys/limits.h>
60 #include <sys/malloc.h>
62 #include <sys/resourcevar.h>
63 #include <sys/selinfo.h>
64 #include <sys/sleepqueue.h>
65 #include <sys/syscallsubr.h>
66 #include <sys/sysctl.h>
67 #include <sys/sysent.h>
68 #include <sys/vnode.h>
71 #include <sys/condvar.h>
73 #include <sys/ktrace.h>
76 #include <security/audit/audit.h>
79 * The following macro defines how many bytes will be allocated from
80 * the stack instead of memory allocated when passing the IOCTL data
81 * structures from userspace and to the kernel. Some IOCTLs having
82 * small data structures are used very frequently and this small
83 * buffer on the stack gives a significant speedup improvement for
84 * those requests. The value of this define should be greater or equal
85 * to 64 bytes and should also be power of two. The data structure is
86 * currently hard-aligned to a 8-byte boundary on the stack. This
87 * should currently be sufficient for all supported platforms.
89 #define SYS_IOCTL_SMALL_SIZE 128 /* bytes */
90 #define SYS_IOCTL_SMALL_ALIGN 8 /* bytes */
92 int iosize_max_clamp = 0;
93 SYSCTL_INT(_debug, OID_AUTO, iosize_max_clamp, CTLFLAG_RW,
94 &iosize_max_clamp, 0, "Clamp max i/o size to INT_MAX");
95 int devfs_iosize_max_clamp = 1;
96 SYSCTL_INT(_debug, OID_AUTO, devfs_iosize_max_clamp, CTLFLAG_RW,
97 &devfs_iosize_max_clamp, 0, "Clamp max i/o size to INT_MAX for devices");
100 * Assert that the return value of read(2) and write(2) syscalls fits
101 * into a register. If not, an architecture will need to provide the
102 * usermode wrappers to reconstruct the result.
104 CTASSERT(sizeof(register_t) >= sizeof(size_t));
106 static MALLOC_DEFINE(M_IOCTLOPS, "ioctlops", "ioctl data buffer");
107 static MALLOC_DEFINE(M_SELECT, "select", "select() buffer");
108 MALLOC_DEFINE(M_IOV, "iov", "large iov's");
110 static int pollout(struct thread *, struct pollfd *, struct pollfd *,
112 static int pollscan(struct thread *, struct pollfd *, u_int);
113 static int pollrescan(struct thread *);
114 static int selscan(struct thread *, fd_mask **, fd_mask **, int);
115 static int selrescan(struct thread *, fd_mask **, fd_mask **);
116 static void selfdalloc(struct thread *, void *);
117 static void selfdfree(struct seltd *, struct selfd *);
118 static int dofileread(struct thread *, int, struct file *, struct uio *,
120 static int dofilewrite(struct thread *, int, struct file *, struct uio *,
122 static void doselwakeup(struct selinfo *, int);
123 static void seltdinit(struct thread *);
124 static int seltdwait(struct thread *, sbintime_t, sbintime_t);
125 static void seltdclear(struct thread *);
128 * One seltd per-thread allocated on demand as needed.
130 * t - protected by st_mtx
131 * k - Only accessed by curthread or read-only
134 STAILQ_HEAD(, selfd) st_selq; /* (k) List of selfds. */
135 struct selfd *st_free1; /* (k) free fd for read set. */
136 struct selfd *st_free2; /* (k) free fd for write set. */
137 struct mtx st_mtx; /* Protects struct seltd */
138 struct cv st_wait; /* (t) Wait channel. */
139 int st_flags; /* (t) SELTD_ flags. */
142 #define SELTD_PENDING 0x0001 /* We have pending events. */
143 #define SELTD_RESCAN 0x0002 /* Doing a rescan. */
146 * One selfd allocated per-thread per-file-descriptor.
147 * f - protected by sf_mtx
150 STAILQ_ENTRY(selfd) sf_link; /* (k) fds owned by this td. */
151 TAILQ_ENTRY(selfd) sf_threads; /* (f) fds on this selinfo. */
152 struct selinfo *sf_si; /* (f) selinfo when linked. */
153 struct mtx *sf_mtx; /* Pointer to selinfo mtx. */
154 struct seltd *sf_td; /* (k) owning seltd. */
155 void *sf_cookie; /* (k) fd or pollfd. */
158 static uma_zone_t selfd_zone;
159 static struct mtx_pool *mtxpool_select;
161 #ifndef _SYS_SYSPROTO_H_
171 struct read_args *uap;
177 if (uap->nbyte > IOSIZE_MAX)
179 aiov.iov_base = uap->buf;
180 aiov.iov_len = uap->nbyte;
181 auio.uio_iov = &aiov;
183 auio.uio_resid = uap->nbyte;
184 auio.uio_segflg = UIO_USERSPACE;
185 error = kern_readv(td, uap->fd, &auio);
190 * Positioned read system call
192 #ifndef _SYS_SYSPROTO_H_
204 struct pread_args *uap;
210 if (uap->nbyte > IOSIZE_MAX)
212 aiov.iov_base = uap->buf;
213 aiov.iov_len = uap->nbyte;
214 auio.uio_iov = &aiov;
216 auio.uio_resid = uap->nbyte;
217 auio.uio_segflg = UIO_USERSPACE;
218 error = kern_preadv(td, uap->fd, &auio, uap->offset);
222 #if defined(COMPAT_FREEBSD6)
224 freebsd6_pread(td, uap)
226 struct freebsd6_pread_args *uap;
228 struct pread_args oargs;
231 oargs.buf = uap->buf;
232 oargs.nbyte = uap->nbyte;
233 oargs.offset = uap->offset;
234 return (sys_pread(td, &oargs));
239 * Scatter read system call.
241 #ifndef _SYS_SYSPROTO_H_
249 sys_readv(struct thread *td, struct readv_args *uap)
254 error = copyinuio(uap->iovp, uap->iovcnt, &auio);
257 error = kern_readv(td, uap->fd, auio);
263 kern_readv(struct thread *td, int fd, struct uio *auio)
269 error = fget_read(td, fd, cap_rights_init(&rights, CAP_READ), &fp);
272 error = dofileread(td, fd, fp, auio, (off_t)-1, 0);
278 * Scatter positioned read system call.
280 #ifndef _SYS_SYSPROTO_H_
289 sys_preadv(struct thread *td, struct preadv_args *uap)
294 error = copyinuio(uap->iovp, uap->iovcnt, &auio);
297 error = kern_preadv(td, uap->fd, auio, uap->offset);
303 kern_preadv(td, fd, auio, offset)
313 error = fget_read(td, fd, cap_rights_init(&rights, CAP_PREAD), &fp);
316 if (!(fp->f_ops->fo_flags & DFLAG_SEEKABLE))
318 else if (offset < 0 && fp->f_vnode->v_type != VCHR)
321 error = dofileread(td, fd, fp, auio, offset, FOF_OFFSET);
327 * Common code for readv and preadv that reads data in
328 * from a file using the passed in uio, offset, and flags.
331 dofileread(td, fd, fp, auio, offset, flags)
342 struct uio *ktruio = NULL;
345 /* Finish zero length reads right here */
346 if (auio->uio_resid == 0) {
347 td->td_retval[0] = 0;
350 auio->uio_rw = UIO_READ;
351 auio->uio_offset = offset;
354 if (KTRPOINT(td, KTR_GENIO))
355 ktruio = cloneuio(auio);
357 cnt = auio->uio_resid;
358 if ((error = fo_read(fp, auio, td->td_ucred, flags, td))) {
359 if (auio->uio_resid != cnt && (error == ERESTART ||
360 error == EINTR || error == EWOULDBLOCK))
363 cnt -= auio->uio_resid;
365 if (ktruio != NULL) {
366 ktruio->uio_resid = cnt;
367 ktrgenio(fd, UIO_READ, ktruio, error);
370 td->td_retval[0] = cnt;
374 #ifndef _SYS_SYSPROTO_H_
384 struct write_args *uap;
390 if (uap->nbyte > IOSIZE_MAX)
392 aiov.iov_base = (void *)(uintptr_t)uap->buf;
393 aiov.iov_len = uap->nbyte;
394 auio.uio_iov = &aiov;
396 auio.uio_resid = uap->nbyte;
397 auio.uio_segflg = UIO_USERSPACE;
398 error = kern_writev(td, uap->fd, &auio);
403 * Positioned write system call.
405 #ifndef _SYS_SYSPROTO_H_
417 struct pwrite_args *uap;
423 if (uap->nbyte > IOSIZE_MAX)
425 aiov.iov_base = (void *)(uintptr_t)uap->buf;
426 aiov.iov_len = uap->nbyte;
427 auio.uio_iov = &aiov;
429 auio.uio_resid = uap->nbyte;
430 auio.uio_segflg = UIO_USERSPACE;
431 error = kern_pwritev(td, uap->fd, &auio, uap->offset);
435 #if defined(COMPAT_FREEBSD6)
437 freebsd6_pwrite(td, uap)
439 struct freebsd6_pwrite_args *uap;
441 struct pwrite_args oargs;
444 oargs.buf = uap->buf;
445 oargs.nbyte = uap->nbyte;
446 oargs.offset = uap->offset;
447 return (sys_pwrite(td, &oargs));
452 * Gather write system call.
454 #ifndef _SYS_SYSPROTO_H_
462 sys_writev(struct thread *td, struct writev_args *uap)
467 error = copyinuio(uap->iovp, uap->iovcnt, &auio);
470 error = kern_writev(td, uap->fd, auio);
476 kern_writev(struct thread *td, int fd, struct uio *auio)
482 error = fget_write(td, fd, cap_rights_init(&rights, CAP_WRITE), &fp);
485 error = dofilewrite(td, fd, fp, auio, (off_t)-1, 0);
491 * Gather positioned write system call.
493 #ifndef _SYS_SYSPROTO_H_
494 struct pwritev_args {
502 sys_pwritev(struct thread *td, struct pwritev_args *uap)
507 error = copyinuio(uap->iovp, uap->iovcnt, &auio);
510 error = kern_pwritev(td, uap->fd, auio, uap->offset);
516 kern_pwritev(td, fd, auio, offset)
526 error = fget_write(td, fd, cap_rights_init(&rights, CAP_PWRITE), &fp);
529 if (!(fp->f_ops->fo_flags & DFLAG_SEEKABLE))
531 else if (offset < 0 && fp->f_vnode->v_type != VCHR)
534 error = dofilewrite(td, fd, fp, auio, offset, FOF_OFFSET);
540 * Common code for writev and pwritev that writes data to
541 * a file using the passed in uio, offset, and flags.
544 dofilewrite(td, fd, fp, auio, offset, flags)
555 struct uio *ktruio = NULL;
558 auio->uio_rw = UIO_WRITE;
560 auio->uio_offset = offset;
562 if (KTRPOINT(td, KTR_GENIO))
563 ktruio = cloneuio(auio);
565 cnt = auio->uio_resid;
566 if (fp->f_type == DTYPE_VNODE &&
567 (fp->f_vnread_flags & FDEVFS_VNODE) == 0)
569 if ((error = fo_write(fp, auio, td->td_ucred, flags, td))) {
570 if (auio->uio_resid != cnt && (error == ERESTART ||
571 error == EINTR || error == EWOULDBLOCK))
573 /* Socket layer is responsible for issuing SIGPIPE. */
574 if (fp->f_type != DTYPE_SOCKET && error == EPIPE) {
575 PROC_LOCK(td->td_proc);
576 tdsignal(td, SIGPIPE);
577 PROC_UNLOCK(td->td_proc);
580 cnt -= auio->uio_resid;
582 if (ktruio != NULL) {
583 ktruio->uio_resid = cnt;
584 ktrgenio(fd, UIO_WRITE, ktruio, error);
587 td->td_retval[0] = cnt;
592 * Truncate a file given a file descriptor.
594 * Can't use fget_write() here, since must return EINVAL and not EBADF if the
595 * descriptor isn't writable.
598 kern_ftruncate(td, fd, length)
610 error = fget(td, fd, cap_rights_init(&rights, CAP_FTRUNCATE), &fp);
613 AUDIT_ARG_FILE(td->td_proc, fp);
614 if (!(fp->f_flag & FWRITE)) {
618 error = fo_truncate(fp, length, td->td_ucred, td);
623 #ifndef _SYS_SYSPROTO_H_
624 struct ftruncate_args {
631 sys_ftruncate(td, uap)
633 struct ftruncate_args *uap;
636 return (kern_ftruncate(td, uap->fd, uap->length));
639 #if defined(COMPAT_43)
640 #ifndef _SYS_SYSPROTO_H_
641 struct oftruncate_args {
649 struct oftruncate_args *uap;
652 return (kern_ftruncate(td, uap->fd, uap->length));
654 #endif /* COMPAT_43 */
656 #ifndef _SYS_SYSPROTO_H_
665 sys_ioctl(struct thread *td, struct ioctl_args *uap)
667 u_char smalldata[SYS_IOCTL_SMALL_SIZE] __aligned(SYS_IOCTL_SMALL_ALIGN);
673 if (uap->com > 0xffffffff) {
675 "WARNING pid %d (%s): ioctl sign-extension ioctl %lx\n",
676 td->td_proc->p_pid, td->td_name, uap->com);
677 uap->com &= 0xffffffff;
682 * Interpret high order word to find amount of data to be
683 * copied to/from the user's address space.
685 size = IOCPARM_LEN(com);
686 if ((size > IOCPARM_MAX) ||
687 ((com & (IOC_VOID | IOC_IN | IOC_OUT)) == 0) ||
688 #if defined(COMPAT_FREEBSD5) || defined(COMPAT_FREEBSD4) || defined(COMPAT_43)
689 ((com & IOC_OUT) && size == 0) ||
691 ((com & (IOC_IN | IOC_OUT)) && size == 0) ||
693 ((com & IOC_VOID) && size > 0 && size != sizeof(int)))
697 if (com & IOC_VOID) {
698 /* Integer argument. */
699 arg = (intptr_t)uap->data;
703 if (size > SYS_IOCTL_SMALL_SIZE)
704 data = malloc((u_long)size, M_IOCTLOPS, M_WAITOK);
709 data = (void *)&uap->data;
711 error = copyin(uap->data, data, (u_int)size);
714 } else if (com & IOC_OUT) {
716 * Zero the buffer so the user always
717 * gets back something deterministic.
722 error = kern_ioctl(td, uap->fd, com, data);
724 if (error == 0 && (com & IOC_OUT))
725 error = copyout(data, uap->data, (u_int)size);
728 if (size > SYS_IOCTL_SMALL_SIZE)
729 free(data, M_IOCTLOPS);
734 kern_ioctl(struct thread *td, int fd, u_long com, caddr_t data)
737 struct filedesc *fdp;
741 int error, tmp, locked;
746 fdp = td->td_proc->p_fd;
759 locked = LA_UNLOCKED;
765 if ((fp = fget_locked(fdp, fd)) == NULL) {
769 if ((error = cap_ioctl_check(fdp, fd, com)) != 0) {
770 fp = NULL; /* fhold() was not called yet */
774 if (locked == LA_SLOCKED) {
775 FILEDESC_SUNLOCK(fdp);
776 locked = LA_UNLOCKED;
779 error = fget(td, fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
785 if ((fp->f_flag & (FREAD | FWRITE)) == 0) {
792 fdp->fd_ofiles[fd].fde_flags &= ~UF_EXCLOSE;
795 fdp->fd_ofiles[fd].fde_flags |= UF_EXCLOSE;
798 if ((tmp = *(int *)data))
799 atomic_set_int(&fp->f_flag, FNONBLOCK);
801 atomic_clear_int(&fp->f_flag, FNONBLOCK);
805 if ((tmp = *(int *)data))
806 atomic_set_int(&fp->f_flag, FASYNC);
808 atomic_clear_int(&fp->f_flag, FASYNC);
813 error = fo_ioctl(fp, com, data, td->td_ucred, td);
817 FILEDESC_XUNLOCK(fdp);
821 FILEDESC_SUNLOCK(fdp);
825 FILEDESC_UNLOCK_ASSERT(fdp);
834 poll_no_poll(int events)
837 * Return true for read/write. If the user asked for something
838 * special, return POLLNVAL, so that clients have a way of
839 * determining reliably whether or not the extended
840 * functionality is present without hard-coding knowledge
841 * of specific filesystem implementations.
843 if (events & ~POLLSTANDARD)
846 return (events & (POLLIN | POLLOUT | POLLRDNORM | POLLWRNORM));
850 sys_pselect(struct thread *td, struct pselect_args *uap)
853 struct timeval tv, *tvp;
857 if (uap->ts != NULL) {
858 error = copyin(uap->ts, &ts, sizeof(ts));
861 TIMESPEC_TO_TIMEVAL(&tv, &ts);
865 if (uap->sm != NULL) {
866 error = copyin(uap->sm, &set, sizeof(set));
872 return (kern_pselect(td, uap->nd, uap->in, uap->ou, uap->ex, tvp,
877 kern_pselect(struct thread *td, int nd, fd_set *in, fd_set *ou, fd_set *ex,
878 struct timeval *tvp, sigset_t *uset, int abi_nfdbits)
883 error = kern_sigprocmask(td, SIG_SETMASK, uset,
884 &td->td_oldsigmask, 0);
887 td->td_pflags |= TDP_OLDMASK;
889 * Make sure that ast() is called on return to
890 * usermode and TDP_OLDMASK is cleared, restoring old
894 td->td_flags |= TDF_ASTPENDING;
897 error = kern_select(td, nd, in, ou, ex, tvp, abi_nfdbits);
901 #ifndef _SYS_SYSPROTO_H_
904 fd_set *in, *ou, *ex;
909 sys_select(struct thread *td, struct select_args *uap)
911 struct timeval tv, *tvp;
914 if (uap->tv != NULL) {
915 error = copyin(uap->tv, &tv, sizeof(tv));
922 return (kern_select(td, uap->nd, uap->in, uap->ou, uap->ex, tvp,
927 * In the unlikely case when user specified n greater then the last
928 * open file descriptor, check that no bits are set after the last
929 * valid fd. We must return EBADF if any is set.
931 * There are applications that rely on the behaviour.
933 * nd is fd_lastfile + 1.
936 select_check_badfd(fd_set *fd_in, int nd, int ndu, int abi_nfdbits)
942 if (nd >= ndu || fd_in == NULL)
946 bits = 0; /* silence gcc */
947 for (i = nd; i < ndu; i++) {
949 #if BYTE_ORDER == LITTLE_ENDIAN
950 addr = (char *)fd_in + b;
952 addr = (char *)fd_in;
953 if (abi_nfdbits == NFDBITS) {
954 addr += rounddown(b, sizeof(fd_mask)) +
955 sizeof(fd_mask) - 1 - b % sizeof(fd_mask);
957 addr += rounddown(b, sizeof(uint32_t)) +
958 sizeof(uint32_t) - 1 - b % sizeof(uint32_t);
968 if ((bits & (1 << (i % NBBY))) != 0)
975 kern_select(struct thread *td, int nd, fd_set *fd_in, fd_set *fd_ou,
976 fd_set *fd_ex, struct timeval *tvp, int abi_nfdbits)
978 struct filedesc *fdp;
980 * The magic 2048 here is chosen to be just enough for FD_SETSIZE
981 * infds with the new FD_SETSIZE of 1024, and more than enough for
982 * FD_SETSIZE infds, outfds and exceptfds with the old FD_SETSIZE
985 fd_mask s_selbits[howmany(2048, NFDBITS)];
986 fd_mask *ibits[3], *obits[3], *selbits, *sbp;
988 sbintime_t asbt, precision, rsbt;
989 u_int nbufbytes, ncpbytes, ncpubytes, nfdbits;
994 fdp = td->td_proc->p_fd;
996 lf = fdp->fd_lastfile;
1000 error = select_check_badfd(fd_in, nd, ndu, abi_nfdbits);
1003 error = select_check_badfd(fd_ou, nd, ndu, abi_nfdbits);
1006 error = select_check_badfd(fd_ex, nd, ndu, abi_nfdbits);
1011 * Allocate just enough bits for the non-null fd_sets. Use the
1012 * preallocated auto buffer if possible.
1014 nfdbits = roundup(nd, NFDBITS);
1015 ncpbytes = nfdbits / NBBY;
1016 ncpubytes = roundup(nd, abi_nfdbits) / NBBY;
1019 nbufbytes += 2 * ncpbytes;
1021 nbufbytes += 2 * ncpbytes;
1023 nbufbytes += 2 * ncpbytes;
1024 if (nbufbytes <= sizeof s_selbits)
1025 selbits = &s_selbits[0];
1027 selbits = malloc(nbufbytes, M_SELECT, M_WAITOK);
1030 * Assign pointers into the bit buffers and fetch the input bits.
1031 * Put the output buffers together so that they can be bzeroed
1035 #define getbits(name, x) \
1037 if (name == NULL) { \
1041 ibits[x] = sbp + nbufbytes / 2 / sizeof *sbp; \
1043 sbp += ncpbytes / sizeof *sbp; \
1044 error = copyin(name, ibits[x], ncpubytes); \
1047 bzero((char *)ibits[x] + ncpubytes, \
1048 ncpbytes - ncpubytes); \
1056 #if BYTE_ORDER == BIG_ENDIAN && defined(__LP64__)
1058 * XXX: swizzle_fdset assumes that if abi_nfdbits != NFDBITS,
1059 * we are running under 32-bit emulation. This should be more
1062 #define swizzle_fdset(bits) \
1063 if (abi_nfdbits != NFDBITS && bits != NULL) { \
1065 for (i = 0; i < ncpbytes / sizeof *sbp; i++) \
1066 bits[i] = (bits[i] >> 32) | (bits[i] << 32); \
1069 #define swizzle_fdset(bits)
1072 /* Make sure the bit order makes it through an ABI transition */
1073 swizzle_fdset(ibits[0]);
1074 swizzle_fdset(ibits[1]);
1075 swizzle_fdset(ibits[2]);
1078 bzero(selbits, nbufbytes / 2);
1083 if (rtv.tv_sec < 0 || rtv.tv_usec < 0 ||
1084 rtv.tv_usec >= 1000000) {
1088 if (!timevalisset(&rtv))
1090 else if (rtv.tv_sec <= INT32_MAX) {
1091 rsbt = tvtosbt(rtv);
1093 precision >>= tc_precexp;
1094 if (TIMESEL(&asbt, rsbt))
1095 asbt += tc_tick_sbt;
1096 if (asbt <= SBT_MAX - rsbt)
1105 /* Iterate until the timeout expires or descriptors become ready. */
1107 error = selscan(td, ibits, obits, nd);
1108 if (error || td->td_retval[0] != 0)
1110 error = seltdwait(td, asbt, precision);
1113 error = selrescan(td, ibits, obits);
1114 if (error || td->td_retval[0] != 0)
1120 /* select is not restarted after signals... */
1121 if (error == ERESTART)
1123 if (error == EWOULDBLOCK)
1126 /* swizzle bit order back, if necessary */
1127 swizzle_fdset(obits[0]);
1128 swizzle_fdset(obits[1]);
1129 swizzle_fdset(obits[2]);
1130 #undef swizzle_fdset
1132 #define putbits(name, x) \
1133 if (name && (error2 = copyout(obits[x], name, ncpubytes))) \
1143 if (selbits != &s_selbits[0])
1144 free(selbits, M_SELECT);
1149 * Convert a select bit set to poll flags.
1151 * The backend always returns POLLHUP/POLLERR if appropriate and we
1152 * return this as a set bit in any set.
1154 static int select_flags[3] = {
1155 POLLRDNORM | POLLHUP | POLLERR,
1156 POLLWRNORM | POLLHUP | POLLERR,
1157 POLLRDBAND | POLLERR
1161 * Compute the fo_poll flags required for a fd given by the index and
1162 * bit position in the fd_mask array.
1165 selflags(fd_mask **ibits, int idx, fd_mask bit)
1171 for (msk = 0; msk < 3; msk++) {
1172 if (ibits[msk] == NULL)
1174 if ((ibits[msk][idx] & bit) == 0)
1176 flags |= select_flags[msk];
1182 * Set the appropriate output bits given a mask of fired events and the
1183 * input bits originally requested.
1186 selsetbits(fd_mask **ibits, fd_mask **obits, int idx, fd_mask bit, int events)
1192 for (msk = 0; msk < 3; msk++) {
1193 if ((events & select_flags[msk]) == 0)
1195 if (ibits[msk] == NULL)
1197 if ((ibits[msk][idx] & bit) == 0)
1200 * XXX Check for a duplicate set. This can occur because a
1201 * socket calls selrecord() twice for each poll() call
1202 * resulting in two selfds per real fd. selrescan() will
1203 * call selsetbits twice as a result.
1205 if ((obits[msk][idx] & bit) != 0)
1207 obits[msk][idx] |= bit;
1215 getselfd_cap(struct filedesc *fdp, int fd, struct file **fpp)
1217 cap_rights_t rights;
1219 cap_rights_init(&rights, CAP_EVENT);
1221 return (fget_unlocked(fdp, fd, &rights, fpp, NULL));
1225 * Traverse the list of fds attached to this thread's seltd and check for
1229 selrescan(struct thread *td, fd_mask **ibits, fd_mask **obits)
1231 struct filedesc *fdp;
1241 fdp = td->td_proc->p_fd;
1244 STAILQ_FOREACH_SAFE(sfp, &stp->st_selq, sf_link, sfn) {
1245 fd = (int)(uintptr_t)sfp->sf_cookie;
1247 selfdfree(stp, sfp);
1248 /* If the selinfo wasn't cleared the event didn't fire. */
1251 error = getselfd_cap(fdp, fd, &fp);
1255 bit = (fd_mask)1 << (fd % NFDBITS);
1256 ev = fo_poll(fp, selflags(ibits, idx, bit), td->td_ucred, td);
1259 n += selsetbits(ibits, obits, idx, bit, ev);
1262 td->td_retval[0] = n;
1267 * Perform the initial filedescriptor scan and register ourselves with
1271 selscan(td, ibits, obits, nfd)
1273 fd_mask **ibits, **obits;
1276 struct filedesc *fdp;
1279 int ev, flags, end, fd;
1283 fdp = td->td_proc->p_fd;
1285 for (idx = 0, fd = 0; fd < nfd; idx++) {
1286 end = imin(fd + NFDBITS, nfd);
1287 for (bit = 1; fd < end; bit <<= 1, fd++) {
1288 /* Compute the list of events we're interested in. */
1289 flags = selflags(ibits, idx, bit);
1292 error = getselfd_cap(fdp, fd, &fp);
1295 selfdalloc(td, (void *)(uintptr_t)fd);
1296 ev = fo_poll(fp, flags, td->td_ucred, td);
1299 n += selsetbits(ibits, obits, idx, bit, ev);
1303 td->td_retval[0] = n;
1308 sys_poll(struct thread *td, struct poll_args *uap)
1310 struct timespec ts, *tsp;
1312 if (uap->timeout != INFTIM) {
1313 if (uap->timeout < 0)
1315 ts.tv_sec = uap->timeout / 1000;
1316 ts.tv_nsec = (uap->timeout % 1000) * 1000000;
1321 return (kern_poll(td, uap->fds, uap->nfds, tsp, NULL));
1325 kern_poll(struct thread *td, struct pollfd *fds, u_int nfds,
1326 struct timespec *tsp, sigset_t *uset)
1328 struct pollfd *bits;
1329 struct pollfd smallbits[32];
1330 sbintime_t sbt, precision, tmp;
1338 if (tsp->tv_sec < 0)
1340 if (tsp->tv_nsec < 0 || tsp->tv_nsec >= 1000000000)
1342 if (tsp->tv_sec == 0 && tsp->tv_nsec == 0)
1346 if (ts.tv_sec > INT32_MAX / 2) {
1347 over = ts.tv_sec - INT32_MAX / 2;
1353 precision >>= tc_precexp;
1354 if (TIMESEL(&sbt, tmp))
1361 if (nfds > maxfilesperproc && nfds > FD_SETSIZE)
1363 ni = nfds * sizeof(struct pollfd);
1364 if (ni > sizeof(smallbits))
1365 bits = malloc(ni, M_TEMP, M_WAITOK);
1368 error = copyin(fds, bits, ni);
1373 error = kern_sigprocmask(td, SIG_SETMASK, uset,
1374 &td->td_oldsigmask, 0);
1377 td->td_pflags |= TDP_OLDMASK;
1379 * Make sure that ast() is called on return to
1380 * usermode and TDP_OLDMASK is cleared, restoring old
1384 td->td_flags |= TDF_ASTPENDING;
1389 /* Iterate until the timeout expires or descriptors become ready. */
1391 error = pollscan(td, bits, nfds);
1392 if (error || td->td_retval[0] != 0)
1394 error = seltdwait(td, sbt, precision);
1397 error = pollrescan(td);
1398 if (error || td->td_retval[0] != 0)
1404 /* poll is not restarted after signals... */
1405 if (error == ERESTART)
1407 if (error == EWOULDBLOCK)
1410 error = pollout(td, bits, fds, nfds);
1415 if (ni > sizeof(smallbits))
1421 sys_ppoll(struct thread *td, struct ppoll_args *uap)
1423 struct timespec ts, *tsp;
1427 if (uap->ts != NULL) {
1428 error = copyin(uap->ts, &ts, sizeof(ts));
1434 if (uap->set != NULL) {
1435 error = copyin(uap->set, &set, sizeof(set));
1442 * fds is still a pointer to user space. kern_poll() will
1443 * take care of copyin that array to the kernel space.
1446 return (kern_poll(td, uap->fds, uap->nfds, tsp, ssp));
1450 pollrescan(struct thread *td)
1456 struct filedesc *fdp;
1460 cap_rights_t rights;
1465 fdp = td->td_proc->p_fd;
1467 FILEDESC_SLOCK(fdp);
1468 STAILQ_FOREACH_SAFE(sfp, &stp->st_selq, sf_link, sfn) {
1469 fd = (struct pollfd *)sfp->sf_cookie;
1471 selfdfree(stp, sfp);
1472 /* If the selinfo wasn't cleared the event didn't fire. */
1475 fp = fdp->fd_ofiles[fd->fd].fde_file;
1478 cap_check(cap_rights(fdp, fd->fd),
1479 cap_rights_init(&rights, CAP_EVENT)) != 0)
1484 fd->revents = POLLNVAL;
1490 * Note: backend also returns POLLHUP and
1491 * POLLERR if appropriate.
1493 fd->revents = fo_poll(fp, fd->events, td->td_ucred, td);
1494 if (fd->revents != 0)
1497 FILEDESC_SUNLOCK(fdp);
1499 td->td_retval[0] = n;
1505 pollout(td, fds, ufds, nfd)
1508 struct pollfd *ufds;
1515 for (i = 0; i < nfd; i++) {
1516 error = copyout(&fds->revents, &ufds->revents,
1517 sizeof(ufds->revents));
1520 if (fds->revents != 0)
1525 td->td_retval[0] = n;
1530 pollscan(td, fds, nfd)
1535 struct filedesc *fdp = td->td_proc->p_fd;
1538 cap_rights_t rights;
1542 FILEDESC_SLOCK(fdp);
1543 for (i = 0; i < nfd; i++, fds++) {
1544 if (fds->fd > fdp->fd_lastfile) {
1545 fds->revents = POLLNVAL;
1547 } else if (fds->fd < 0) {
1550 fp = fdp->fd_ofiles[fds->fd].fde_file;
1553 cap_check(cap_rights(fdp, fds->fd),
1554 cap_rights_init(&rights, CAP_EVENT)) != 0)
1559 fds->revents = POLLNVAL;
1563 * Note: backend also returns POLLHUP and
1564 * POLLERR if appropriate.
1566 selfdalloc(td, fds);
1567 fds->revents = fo_poll(fp, fds->events,
1570 * POSIX requires POLLOUT to be never
1571 * set simultaneously with POLLHUP.
1573 if ((fds->revents & POLLHUP) != 0)
1574 fds->revents &= ~POLLOUT;
1576 if (fds->revents != 0)
1581 FILEDESC_SUNLOCK(fdp);
1582 td->td_retval[0] = n;
1587 * OpenBSD poll system call.
1589 * XXX this isn't quite a true representation.. OpenBSD uses select ops.
1591 #ifndef _SYS_SYSPROTO_H_
1592 struct openbsd_poll_args {
1599 sys_openbsd_poll(td, uap)
1600 register struct thread *td;
1601 register struct openbsd_poll_args *uap;
1603 return (sys_poll(td, (struct poll_args *)uap));
1607 * XXX This was created specifically to support netncp and netsmb. This
1608 * allows the caller to specify a socket to wait for events on. It returns
1609 * 0 if any events matched and an error otherwise. There is no way to
1610 * determine which events fired.
1613 selsocket(struct socket *so, int events, struct timeval *tvp, struct thread *td)
1616 sbintime_t asbt, precision, rsbt;
1619 precision = 0; /* stupid gcc! */
1622 if (rtv.tv_sec < 0 || rtv.tv_usec < 0 ||
1623 rtv.tv_usec >= 1000000)
1625 if (!timevalisset(&rtv))
1627 else if (rtv.tv_sec <= INT32_MAX) {
1628 rsbt = tvtosbt(rtv);
1630 precision >>= tc_precexp;
1631 if (TIMESEL(&asbt, rsbt))
1632 asbt += tc_tick_sbt;
1633 if (asbt <= SBT_MAX - rsbt)
1643 * Iterate until the timeout expires or the socket becomes ready.
1646 selfdalloc(td, NULL);
1647 error = sopoll(so, events, NULL, td);
1648 /* error here is actually the ready events. */
1651 error = seltdwait(td, asbt, precision);
1656 /* XXX Duplicates ncp/smb behavior. */
1657 if (error == ERESTART)
1663 * Preallocate two selfds associated with 'cookie'. Some fo_poll routines
1664 * have two select sets, one for read and another for write.
1667 selfdalloc(struct thread *td, void *cookie)
1672 if (stp->st_free1 == NULL)
1673 stp->st_free1 = uma_zalloc(selfd_zone, M_WAITOK|M_ZERO);
1674 stp->st_free1->sf_td = stp;
1675 stp->st_free1->sf_cookie = cookie;
1676 if (stp->st_free2 == NULL)
1677 stp->st_free2 = uma_zalloc(selfd_zone, M_WAITOK|M_ZERO);
1678 stp->st_free2->sf_td = stp;
1679 stp->st_free2->sf_cookie = cookie;
1683 selfdfree(struct seltd *stp, struct selfd *sfp)
1685 STAILQ_REMOVE(&stp->st_selq, sfp, selfd, sf_link);
1686 if (sfp->sf_si != NULL) {
1687 mtx_lock(sfp->sf_mtx);
1688 if (sfp->sf_si != NULL)
1689 TAILQ_REMOVE(&sfp->sf_si->si_tdlist, sfp, sf_threads);
1690 mtx_unlock(sfp->sf_mtx);
1692 uma_zfree(selfd_zone, sfp);
1695 /* Drain the waiters tied to all the selfd belonging the specified selinfo. */
1698 struct selinfo *sip;
1702 * This feature is already provided by doselwakeup(), thus it is
1703 * enough to go for it.
1704 * Eventually, the context, should take care to avoid races
1705 * between thread calling select()/poll() and file descriptor
1706 * detaching, but, again, the races are just the same as
1709 doselwakeup(sip, -1);
1713 * Record a select request.
1716 selrecord(selector, sip)
1717 struct thread *selector;
1718 struct selinfo *sip;
1724 stp = selector->td_sel;
1726 * Don't record when doing a rescan.
1728 if (stp->st_flags & SELTD_RESCAN)
1731 * Grab one of the preallocated descriptors.
1734 if ((sfp = stp->st_free1) != NULL)
1735 stp->st_free1 = NULL;
1736 else if ((sfp = stp->st_free2) != NULL)
1737 stp->st_free2 = NULL;
1739 panic("selrecord: No free selfd on selq");
1742 mtxp = mtx_pool_find(mtxpool_select, sip);
1744 * Initialize the sfp and queue it in the thread.
1748 STAILQ_INSERT_TAIL(&stp->st_selq, sfp, sf_link);
1750 * Now that we've locked the sip, check for initialization.
1753 if (sip->si_mtx == NULL) {
1755 TAILQ_INIT(&sip->si_tdlist);
1758 * Add this thread to the list of selfds listening on this selinfo.
1760 TAILQ_INSERT_TAIL(&sip->si_tdlist, sfp, sf_threads);
1761 mtx_unlock(sip->si_mtx);
1764 /* Wake up a selecting thread. */
1767 struct selinfo *sip;
1769 doselwakeup(sip, -1);
1772 /* Wake up a selecting thread, and set its priority. */
1774 selwakeuppri(sip, pri)
1775 struct selinfo *sip;
1778 doselwakeup(sip, pri);
1782 * Do a wakeup when a selectable event occurs.
1785 doselwakeup(sip, pri)
1786 struct selinfo *sip;
1793 /* If it's not initialized there can't be any waiters. */
1794 if (sip->si_mtx == NULL)
1797 * Locking the selinfo locks all selfds associated with it.
1799 mtx_lock(sip->si_mtx);
1800 TAILQ_FOREACH_SAFE(sfp, &sip->si_tdlist, sf_threads, sfn) {
1802 * Once we remove this sfp from the list and clear the
1803 * sf_si seltdclear will know to ignore this si.
1805 TAILQ_REMOVE(&sip->si_tdlist, sfp, sf_threads);
1808 mtx_lock(&stp->st_mtx);
1809 stp->st_flags |= SELTD_PENDING;
1810 cv_broadcastpri(&stp->st_wait, pri);
1811 mtx_unlock(&stp->st_mtx);
1813 mtx_unlock(sip->si_mtx);
1817 seltdinit(struct thread *td)
1821 if ((stp = td->td_sel) != NULL)
1823 td->td_sel = stp = malloc(sizeof(*stp), M_SELECT, M_WAITOK|M_ZERO);
1824 mtx_init(&stp->st_mtx, "sellck", NULL, MTX_DEF);
1825 cv_init(&stp->st_wait, "select");
1828 STAILQ_INIT(&stp->st_selq);
1832 seltdwait(struct thread *td, sbintime_t sbt, sbintime_t precision)
1839 * An event of interest may occur while we do not hold the seltd
1840 * locked so check the pending flag before we sleep.
1842 mtx_lock(&stp->st_mtx);
1844 * Any further calls to selrecord will be a rescan.
1846 stp->st_flags |= SELTD_RESCAN;
1847 if (stp->st_flags & SELTD_PENDING) {
1848 mtx_unlock(&stp->st_mtx);
1852 error = EWOULDBLOCK;
1854 error = cv_timedwait_sig_sbt(&stp->st_wait, &stp->st_mtx,
1855 sbt, precision, C_ABSOLUTE);
1857 error = cv_wait_sig(&stp->st_wait, &stp->st_mtx);
1858 mtx_unlock(&stp->st_mtx);
1864 seltdfini(struct thread *td)
1872 uma_zfree(selfd_zone, stp->st_free1);
1874 uma_zfree(selfd_zone, stp->st_free2);
1876 free(stp, M_SELECT);
1880 * Remove the references to the thread from all of the objects we were
1884 seltdclear(struct thread *td)
1891 STAILQ_FOREACH_SAFE(sfp, &stp->st_selq, sf_link, sfn)
1892 selfdfree(stp, sfp);
1896 static void selectinit(void *);
1897 SYSINIT(select, SI_SUB_SYSCALLS, SI_ORDER_ANY, selectinit, NULL);
1899 selectinit(void *dummy __unused)
1902 selfd_zone = uma_zcreate("selfd", sizeof(struct selfd), NULL, NULL,
1903 NULL, NULL, UMA_ALIGN_PTR, 0);
1904 mtxpool_select = mtx_pool_create("select mtxpool", 128, MTX_DEF);