2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1990, 1993
5 * The Regents of the University of California. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * @(#)filedesc.h 8.1 (Berkeley) 6/2/93
35 #ifndef _SYS_FILEDESC_H_
36 #define _SYS_FILEDESC_H_
38 #include <sys/caprights.h>
39 #include <sys/queue.h>
40 #include <sys/event.h>
42 #include <sys/priority.h>
46 #include <sys/smr_types.h>
48 #include <machine/_limits.h>
51 cap_rights_t fc_rights; /* per-descriptor capability rights */
52 u_long *fc_ioctls; /* per-descriptor allowed ioctls */
53 int16_t fc_nioctls; /* fc_ioctls array size */
54 uint32_t fc_fcntls; /* per-descriptor allowed fcntls */
58 struct file *fde_file; /* file structure for open file */
59 struct filecaps fde_caps; /* per-descriptor rights */
60 uint8_t fde_flags; /* per-process open file flags */
61 seqc_t fde_seqc; /* keep file and caps in sync */
63 #define fde_rights fde_caps.fc_rights
64 #define fde_fcntls fde_caps.fc_fcntls
65 #define fde_ioctls fde_caps.fc_ioctls
66 #define fde_nioctls fde_caps.fc_nioctls
67 #define fde_change_size (offsetof(struct filedescent, fde_seqc))
70 int fdt_nfiles; /* number of open files allocated */
71 struct filedescent fdt_ofiles[0]; /* open files */
73 #define fd_seqc(fdt, fd) (&(fdt)->fdt_ofiles[(fd)].fde_seqc)
76 * This structure is used for the management of descriptors. It may be
77 * shared by multiple processes.
79 #define NDSLOTTYPE u_long
82 * This struct is copy-on-write and allocated from an SMR zone.
83 * All fields are constant after initialization apart from the reference count.
85 * Check pwd_* routines for usage.
88 volatile u_int pwd_refcount;
89 struct vnode *pwd_cdir; /* current directory */
90 struct vnode *pwd_rdir; /* root directory */
91 struct vnode *pwd_jdir; /* jail root directory */
93 typedef SMR_POINTER(struct pwd *) smrpwd_t;
96 struct fdescenttbl *fd_files; /* open files table */
97 smrpwd_t fd_pwd; /* directories */
98 NDSLOTTYPE *fd_map; /* bitmap of free fds */
99 int fd_lastfile; /* high-water mark of fd_ofiles */
100 int fd_freefile; /* approx. next free file */
101 u_short fd_cmask; /* mask for file creation */
102 int fd_refcnt; /* thread reference count */
103 int fd_holdcnt; /* hold count on structure + mutex */
104 struct sx fd_sx; /* protects members of this struct */
105 struct kqlist fd_kqlist; /* list of kqueues on this filedesc */
106 int fd_holdleaderscount; /* block fdfree() for shared close() */
107 int fd_holdleaderswakeup; /* fdfree() needs wakeup */
111 * Structure to keep track of (process leader, struct fildedesc) tuples.
112 * Each process has a pointer to such a structure when detailed tracking
113 * is needed, e.g., when rfork(RFPROC | RFMEM) causes a file descriptor
114 * table to be shared by processes having different "p_leader" pointers
115 * and thus distinct POSIX style locks.
117 * fdl_refcount and fdl_holdcount are protected by struct filedesc mtx.
119 struct filedesc_to_leader {
120 int fdl_refcount; /* references from struct proc */
121 int fdl_holdcount; /* temporary hold during closef */
122 int fdl_wakeup; /* fdfree() waits on closef() */
123 struct proc *fdl_leader; /* owner of POSIX locks */
125 struct filedesc_to_leader *fdl_prev;
126 struct filedesc_to_leader *fdl_next;
128 #define fd_nfiles fd_files->fdt_nfiles
129 #define fd_ofiles fd_files->fdt_ofiles
132 * Per-process open flags.
134 #define UF_EXCLOSE 0x01 /* auto-close on exec */
138 /* Lock a file descriptor table. */
139 #define FILEDESC_LOCK_INIT(fdp) sx_init(&(fdp)->fd_sx, "filedesc structure")
140 #define FILEDESC_LOCK_DESTROY(fdp) sx_destroy(&(fdp)->fd_sx)
141 #define FILEDESC_LOCK(fdp) (&(fdp)->fd_sx)
142 #define FILEDESC_XLOCK(fdp) sx_xlock(&(fdp)->fd_sx)
143 #define FILEDESC_XUNLOCK(fdp) sx_xunlock(&(fdp)->fd_sx)
144 #define FILEDESC_SLOCK(fdp) sx_slock(&(fdp)->fd_sx)
145 #define FILEDESC_SUNLOCK(fdp) sx_sunlock(&(fdp)->fd_sx)
147 #define FILEDESC_LOCK_ASSERT(fdp) sx_assert(&(fdp)->fd_sx, SX_LOCKED | \
149 #define FILEDESC_XLOCK_ASSERT(fdp) sx_assert(&(fdp)->fd_sx, SX_XLOCKED | \
151 #define FILEDESC_UNLOCK_ASSERT(fdp) sx_assert(&(fdp)->fd_sx, SX_UNLOCKED)
153 #define FILEDESC_LOCKED_LOAD_PWD(fdp) ({ \
154 struct filedesc *_fdp = (fdp); \
156 _pwd = smr_serialized_load(&(_fdp)->fd_pwd, \
157 (FILEDESC_LOCK_ASSERT(_fdp), true)); \
161 #define FILEDESC_XLOCKED_LOAD_PWD(fdp) ({ \
162 struct filedesc *_fdp = (fdp); \
164 _pwd = smr_serialized_load(&(_fdp)->fd_pwd, \
165 (FILEDESC_XLOCK_ASSERT(_fdp), true)); \
172 * Accessor for libkvm et al.
174 #define FILEDESC_KVM_LOAD_PWD(fdp) ({ \
175 struct filedesc *_fdp = (fdp); \
177 _pwd = smr_kvm_load(&(_fdp)->fd_pwd); \
185 /* Operation types for kern_dup(). */
187 FDDUP_NORMAL, /* dup() behavior. */
188 FDDUP_FCNTL, /* fcntl()-style errors. */
189 FDDUP_FIXED, /* Force fixed allocation. */
190 FDDUP_MUSTREPLACE, /* Target must exist. */
194 /* Flags for kern_dup(). */
195 #define FDDUP_FLAG_CLOEXEC 0x1 /* Atomically set UF_EXCLOSE. */
197 /* For backward compatibility. */
198 #define falloc(td, resultfp, resultfd, flags) \
199 falloc_caps(td, resultfp, resultfd, flags, NULL)
204 filecaps_init(struct filecaps *fcaps)
207 bzero(fcaps, sizeof(*fcaps));
208 fcaps->fc_nioctls = -1;
210 bool filecaps_copy(const struct filecaps *src, struct filecaps *dst,
212 void filecaps_move(struct filecaps *src, struct filecaps *dst);
213 void filecaps_free(struct filecaps *fcaps);
215 int closef(struct file *fp, struct thread *td);
216 int dupfdopen(struct thread *td, struct filedesc *fdp, int dfd, int mode,
217 int openerror, int *indxp);
218 int falloc_caps(struct thread *td, struct file **resultfp, int *resultfd,
219 int flags, struct filecaps *fcaps);
220 int falloc_noinstall(struct thread *td, struct file **resultfp);
221 void _finstall(struct filedesc *fdp, struct file *fp, int fd, int flags,
222 struct filecaps *fcaps);
223 int finstall(struct thread *td, struct file *fp, int *resultfd, int flags,
224 struct filecaps *fcaps);
225 int fdalloc(struct thread *td, int minfd, int *result);
226 int fdallocn(struct thread *td, int minfd, int *fds, int n);
227 int fdcheckstd(struct thread *td);
228 void fdclose(struct thread *td, struct file *fp, int idx);
229 void fdcloseexec(struct thread *td);
230 void fdsetugidsafety(struct thread *td);
231 struct filedesc *fdcopy(struct filedesc *fdp);
232 int fdcopy_remapped(struct filedesc *fdp, const int *fds, size_t nfds,
233 struct filedesc **newfdp);
234 void fdinstall_remapped(struct thread *td, struct filedesc *fdp);
235 void fdunshare(struct thread *td);
236 void fdescfree(struct thread *td);
237 void fdescfree_remapped(struct filedesc *fdp);
238 struct filedesc *fdinit(struct filedesc *fdp, bool prepfiles);
239 struct filedesc *fdshare(struct filedesc *fdp);
240 struct filedesc_to_leader *
241 filedesc_to_leader_alloc(struct filedesc_to_leader *old,
242 struct filedesc *fdp, struct proc *leader);
243 int getvnode(struct thread *td, int fd, cap_rights_t *rightsp,
245 void mountcheckdirs(struct vnode *olddp, struct vnode *newdp);
247 int fget_cap_locked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
248 struct file **fpp, struct filecaps *havecapsp);
249 int fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp,
250 struct file **fpp, struct filecaps *havecapsp);
252 /* Return a referenced file from an unlocked descriptor. */
253 int fget_unlocked_seq(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
254 struct file **fpp, seqc_t *seqp);
255 int fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
258 /* Requires a FILEDESC_{S,X}LOCK held and returns without a ref. */
259 static __inline struct file *
260 fget_locked(struct filedesc *fdp, int fd)
263 FILEDESC_LOCK_ASSERT(fdp);
265 if (__predict_false((u_int)fd >= fdp->fd_nfiles))
268 return (fdp->fd_ofiles[fd].fde_file);
271 static __inline struct filedescent *
272 fdeget_locked(struct filedesc *fdp, int fd)
274 struct filedescent *fde;
276 FILEDESC_LOCK_ASSERT(fdp);
278 if (__predict_false((u_int)fd >= fdp->fd_nfiles))
281 fde = &fdp->fd_ofiles[fd];
282 if (__predict_false(fde->fde_file == NULL))
290 fd_modified(struct filedesc *fdp, int fd, seqc_t seqc)
293 return (!seqc_consistent(fd_seqc(fdp->fd_files, fd), seqc));
297 /* cdir/rdir/jdir manipulation functions. */
298 void pwd_chdir(struct thread *td, struct vnode *vp);
299 int pwd_chroot(struct thread *td, struct vnode *vp);
300 void pwd_ensure_dirs(void);
302 struct pwd *pwd_hold_filedesc(struct filedesc *fdp);
303 struct pwd *pwd_hold(struct thread *td);
304 void pwd_drop(struct pwd *pwd);
306 pwd_set(struct filedesc *fdp, struct pwd *newpwd)
309 smr_serialized_store(&fdp->fd_pwd, newpwd,
310 (FILEDESC_XLOCK_ASSERT(fdp), true));
315 #endif /* !_SYS_FILEDESC_H_ */