2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1990, 1993
5 * The Regents of the University of California. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * @(#)filedesc.h 8.1 (Berkeley) 6/2/93
35 #ifndef _SYS_FILEDESC_H_
36 #define _SYS_FILEDESC_H_
38 #include <sys/types.h>
39 #include <sys/caprights.h>
40 #include <sys/queue.h>
41 #include <sys/event.h>
43 #include <sys/mutex.h>
44 #include <sys/priority.h>
48 #include <sys/smr_types.h>
50 #include <machine/_limits.h>
53 cap_rights_t fc_rights; /* per-descriptor capability rights */
54 u_long *fc_ioctls; /* per-descriptor allowed ioctls */
55 int16_t fc_nioctls; /* fc_ioctls array size */
56 uint32_t fc_fcntls; /* per-descriptor allowed fcntls */
60 struct file *fde_file; /* file structure for open file */
61 struct filecaps fde_caps; /* per-descriptor rights */
62 uint8_t fde_flags; /* per-process open file flags */
63 seqc_t fde_seqc; /* keep file and caps in sync */
65 #define fde_rights fde_caps.fc_rights
66 #define fde_fcntls fde_caps.fc_fcntls
67 #define fde_ioctls fde_caps.fc_ioctls
68 #define fde_nioctls fde_caps.fc_nioctls
69 #define fde_change_size (offsetof(struct filedescent, fde_seqc))
72 int fdt_nfiles; /* number of open files allocated */
73 struct filedescent fdt_ofiles[0]; /* open files */
75 #define fd_seqc(fdt, fd) (&(fdt)->fdt_ofiles[(fd)].fde_seqc)
78 * This structure is used for the management of descriptors. It may be
79 * shared by multiple processes.
81 #define NDSLOTTYPE u_long
84 * This struct is copy-on-write and allocated from an SMR zone.
85 * All fields are constant after initialization apart from the reference count.
87 * Check pwd_* routines for usage.
90 volatile u_int pwd_refcount;
91 struct vnode *pwd_cdir; /* current directory */
92 struct vnode *pwd_rdir; /* root directory */
93 struct vnode *pwd_jdir; /* jail root directory */
95 typedef SMR_POINTER(struct pwd *) smrpwd_t;
98 struct mtx pd_lock; /* protects members of this struct */
99 smrpwd_t pd_pwd; /* directories */
100 volatile u_int pd_refcount;
101 u_short pd_cmask; /* mask for file creation */
105 struct fdescenttbl *fd_files; /* open files table */
106 NDSLOTTYPE *fd_map; /* bitmap of free fds */
107 int fd_freefile; /* approx. next free file */
108 int fd_refcnt; /* thread reference count */
109 int fd_holdcnt; /* hold count on structure + mutex */
110 struct sx fd_sx; /* protects members of this struct */
111 struct kqlist fd_kqlist; /* list of kqueues on this filedesc */
112 int fd_holdleaderscount; /* block fdfree() for shared close() */
113 int fd_holdleaderswakeup; /* fdfree() needs wakeup */
117 * Structure to keep track of (process leader, struct fildedesc) tuples.
118 * Each process has a pointer to such a structure when detailed tracking
119 * is needed, e.g., when rfork(RFPROC | RFMEM) causes a file descriptor
120 * table to be shared by processes having different "p_leader" pointers
121 * and thus distinct POSIX style locks.
123 * fdl_refcount and fdl_holdcount are protected by struct filedesc mtx.
125 struct filedesc_to_leader {
126 int fdl_refcount; /* references from struct proc */
127 int fdl_holdcount; /* temporary hold during closef */
128 int fdl_wakeup; /* fdfree() waits on closef() */
129 struct proc *fdl_leader; /* owner of POSIX locks */
131 struct filedesc_to_leader *fdl_prev;
132 struct filedesc_to_leader *fdl_next;
134 #define fd_nfiles fd_files->fdt_nfiles
135 #define fd_ofiles fd_files->fdt_ofiles
138 * Per-process open flags.
140 #define UF_EXCLOSE 0x01 /* auto-close on exec */
144 /* Lock a paths descriptor table. */
145 #define PWDDESC_LOCK(pdp) (&(pdp)->pd_lock)
146 #define PWDDESC_LOCK_INIT(pdp) \
147 mtx_init(PWDDESC_LOCK(pdp), "pwddesc", NULL, MTX_DEF)
148 #define PWDDESC_LOCK_DESTROY(pdp) mtx_destroy(PWDDESC_LOCK(pdp))
149 #define PWDDESC_XLOCK(pdp) mtx_lock(PWDDESC_LOCK(pdp))
150 #define PWDDESC_XUNLOCK(pdp) mtx_unlock(PWDDESC_LOCK(pdp))
151 #define PWDDESC_LOCK_ASSERT(pdp, what) \
152 mtx_assert(PWDDESC_LOCK(pdp), (what))
153 #define PWDDESC_ASSERT_XLOCKED(pdp) \
154 PWDDESC_LOCK_ASSERT((pdp), MA_OWNED)
155 #define PWDDESC_ASSERT_UNLOCKED(pdp) \
156 PWDDESC_LOCK_ASSERT((pdp), MA_NOTOWNED)
158 #define PWDDESC_XLOCKED_LOAD_PWD(pdp) ({ \
159 struct pwddesc *_pdp = (pdp); \
161 _pwd = smr_serialized_load(&(_pdp)->pd_pwd, \
162 (PWDDESC_ASSERT_XLOCKED(_pdp), true)); \
166 /* Lock a file descriptor table. */
167 #define FILEDESC_LOCK_INIT(fdp) sx_init(&(fdp)->fd_sx, "filedesc structure")
168 #define FILEDESC_LOCK_DESTROY(fdp) sx_destroy(&(fdp)->fd_sx)
169 #define FILEDESC_LOCK(fdp) (&(fdp)->fd_sx)
170 #define FILEDESC_XLOCK(fdp) sx_xlock(&(fdp)->fd_sx)
171 #define FILEDESC_XUNLOCK(fdp) sx_xunlock(&(fdp)->fd_sx)
172 #define FILEDESC_SLOCK(fdp) sx_slock(&(fdp)->fd_sx)
173 #define FILEDESC_SUNLOCK(fdp) sx_sunlock(&(fdp)->fd_sx)
175 #define FILEDESC_LOCK_ASSERT(fdp) sx_assert(&(fdp)->fd_sx, SX_LOCKED | \
177 #define FILEDESC_XLOCK_ASSERT(fdp) sx_assert(&(fdp)->fd_sx, SX_XLOCKED | \
179 #define FILEDESC_UNLOCK_ASSERT(fdp) sx_assert(&(fdp)->fd_sx, SX_UNLOCKED)
181 #define FILEDESC_IS_ONLY_USER(fdp) ({ \
182 struct filedesc *_fdp = (fdp); \
183 MPASS(curproc->p_fd == _fdp); \
184 (curproc->p_numthreads == 1 && refcount_load(&_fdp->fd_refcnt) == 1); \
189 * Accessor for libkvm et al.
191 #define PWDDESC_KVM_LOAD_PWD(pdp) ({ \
192 struct pwddesc *_pdp = (pdp); \
194 _pwd = smr_kvm_load(&(_pdp)->pd_pwd); \
202 /* Operation types for kern_dup(). */
204 FDDUP_NORMAL, /* dup() behavior. */
205 FDDUP_FCNTL, /* fcntl()-style errors. */
206 FDDUP_FIXED, /* Force fixed allocation. */
210 /* Flags for kern_dup(). */
211 #define FDDUP_FLAG_CLOEXEC 0x1 /* Atomically set UF_EXCLOSE. */
213 /* For backward compatibility. */
214 #define falloc(td, resultfp, resultfd, flags) \
215 falloc_caps(td, resultfp, resultfd, flags, NULL)
220 filecaps_init(struct filecaps *fcaps)
223 bzero(fcaps, sizeof(*fcaps));
224 fcaps->fc_nioctls = -1;
226 bool filecaps_copy(const struct filecaps *src, struct filecaps *dst,
228 void filecaps_move(struct filecaps *src, struct filecaps *dst);
229 void filecaps_free(struct filecaps *fcaps);
231 int closef(struct file *fp, struct thread *td);
232 void closef_nothread(struct file *fp);
233 int dupfdopen(struct thread *td, struct filedesc *fdp, int dfd, int mode,
234 int openerror, int *indxp);
235 int falloc_caps(struct thread *td, struct file **resultfp, int *resultfd,
236 int flags, struct filecaps *fcaps);
237 void falloc_abort(struct thread *td, struct file *fp);
238 int _falloc_noinstall(struct thread *td, struct file **resultfp, u_int n);
239 #define falloc_noinstall(td, resultfp) _falloc_noinstall(td, resultfp, 1)
240 void _finstall(struct filedesc *fdp, struct file *fp, int fd, int flags,
241 struct filecaps *fcaps);
242 int finstall(struct thread *td, struct file *fp, int *resultfd, int flags,
243 struct filecaps *fcaps);
244 int finstall_refed(struct thread *td, struct file *fp, int *resultfd, int flags,
245 struct filecaps *fcaps);
246 int fdalloc(struct thread *td, int minfd, int *result);
247 int fdallocn(struct thread *td, int minfd, int *fds, int n);
248 int fdcheckstd(struct thread *td);
249 void fdclose(struct thread *td, struct file *fp, int idx);
250 void fdcloseexec(struct thread *td);
251 void fdsetugidsafety(struct thread *td);
252 struct filedesc *fdcopy(struct filedesc *fdp);
253 void fdunshare(struct thread *td);
254 void fdescfree(struct thread *td);
255 int fdlastfile(struct filedesc *fdp);
256 int fdlastfile_single(struct filedesc *fdp);
257 struct filedesc *fdinit(struct filedesc *fdp, bool prepfiles, int *lastfile);
258 struct filedesc *fdshare(struct filedesc *fdp);
259 struct filedesc_to_leader *
260 filedesc_to_leader_alloc(struct filedesc_to_leader *old,
261 struct filedesc *fdp, struct proc *leader);
262 int getvnode(struct thread *td, int fd, cap_rights_t *rightsp,
264 int getvnode_path(struct thread *td, int fd, cap_rights_t *rightsp,
266 void mountcheckdirs(struct vnode *olddp, struct vnode *newdp);
268 int fget_cap_locked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
269 struct file **fpp, struct filecaps *havecapsp);
270 int fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp,
271 struct file **fpp, struct filecaps *havecapsp);
273 /* Return a referenced file from an unlocked descriptor. */
274 int fget_unlocked_seq(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
275 struct file **fpp, seqc_t *seqp);
276 int fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
278 /* Return a file pointer without a ref. FILEDESC_IS_ONLY_USER must be true. */
279 int fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
281 #define fput_only_user(fdp, fp) ({ \
282 MPASS(FILEDESC_IS_ONLY_USER(fdp)); \
283 MPASS(refcount_load(&fp->f_count) > 0); \
286 /* Requires a FILEDESC_{S,X}LOCK held and returns without a ref. */
287 static __inline struct file *
288 fget_locked(struct filedesc *fdp, int fd)
291 FILEDESC_LOCK_ASSERT(fdp);
293 if (__predict_false((u_int)fd >= fdp->fd_nfiles))
296 return (fdp->fd_ofiles[fd].fde_file);
299 static __inline struct filedescent *
300 fdeget_locked(struct filedesc *fdp, int fd)
302 struct filedescent *fde;
304 FILEDESC_LOCK_ASSERT(fdp);
306 if (__predict_false((u_int)fd >= fdp->fd_nfiles))
309 fde = &fdp->fd_ofiles[fd];
310 if (__predict_false(fde->fde_file == NULL))
318 fd_modified(struct filedesc *fdp, int fd, seqc_t seqc)
321 return (!seqc_consistent(fd_seqc(fdp->fd_files, fd), seqc));
325 /* cdir/rdir/jdir manipulation functions. */
326 struct pwddesc *pdcopy(struct pwddesc *pdp);
327 void pdescfree(struct thread *td);
328 struct pwddesc *pdinit(struct pwddesc *pdp, bool keeplock);
329 struct pwddesc *pdshare(struct pwddesc *pdp);
330 void pdunshare(struct thread *td);
332 void pwd_chdir(struct thread *td, struct vnode *vp);
333 int pwd_chroot(struct thread *td, struct vnode *vp);
334 int pwd_chroot_chdir(struct thread *td, struct vnode *vp);
335 void pwd_ensure_dirs(void);
336 void pwd_set_rootvnode(void);
338 struct pwd *pwd_hold_pwddesc(struct pwddesc *pdp);
339 bool pwd_hold_smr(struct pwd *pwd);
340 struct pwd *pwd_hold_proc(struct proc *p);
341 struct pwd *pwd_hold(struct thread *td);
342 void pwd_drop(struct pwd *pwd);
344 pwd_set(struct pwddesc *pdp, struct pwd *newpwd)
346 smr_serialized_store(&pdp->pd_pwd, newpwd,
347 (PWDDESC_ASSERT_XLOCKED(pdp), true));
349 #define pwd_get_smr() vfs_smr_entered_load(&curproc->p_pd->pd_pwd)
353 #endif /* !_SYS_FILEDESC_H_ */