1/*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1990, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * @(#)filedesc.h 8.1 (Berkeley) 6/2/93 32 * $FreeBSD$ 33 */ 34 35#ifndef _SYS_FILEDESC_H_ 36#define _SYS_FILEDESC_H_ 37 38#include <sys/caprights.h> 39#include <sys/queue.h> 40#include <sys/event.h> 41#include <sys/lock.h> 42#include <sys/mutex.h> 43#include <sys/priority.h> 44#include <sys/seqc.h> 45#include <sys/sx.h> 46#include <sys/_smr.h> 47#include <sys/smr_types.h> 48 49#include <machine/_limits.h> 50 51struct filecaps { 52 cap_rights_t fc_rights; /* per-descriptor capability rights */ 53 u_long *fc_ioctls; /* per-descriptor allowed ioctls */ 54 int16_t fc_nioctls; /* fc_ioctls array size */ 55 uint32_t fc_fcntls; /* per-descriptor allowed fcntls */ 56}; 57 58struct filedescent { 59 struct file *fde_file; /* file structure for open file */ 60 struct filecaps fde_caps; /* per-descriptor rights */ 61 uint8_t fde_flags; /* per-process open file flags */ 62 seqc_t fde_seqc; /* keep file and caps in sync */ 63}; 64#define fde_rights fde_caps.fc_rights 65#define fde_fcntls fde_caps.fc_fcntls 66#define fde_ioctls fde_caps.fc_ioctls 67#define fde_nioctls fde_caps.fc_nioctls 68#define fde_change_size (offsetof(struct filedescent, fde_seqc)) 69 70struct fdescenttbl { 71 int fdt_nfiles; /* number of open files allocated */ 72 struct filedescent fdt_ofiles[0]; /* open files */ 73}; 74#define fd_seqc(fdt, fd) (&(fdt)->fdt_ofiles[(fd)].fde_seqc) 75 76/* 77 * This structure is used for the management of descriptors. It may be 78 * shared by multiple processes. 79 */ 80#define NDSLOTTYPE u_long 81 82/* 83 * This struct is copy-on-write and allocated from an SMR zone. 84 * All fields are constant after initialization apart from the reference count. 85 * 86 * Check pwd_* routines for usage. 87 */ 88struct pwd { 89 volatile u_int pwd_refcount; 90 struct vnode *pwd_cdir; /* current directory */ 91 struct vnode *pwd_rdir; /* root directory */ 92 struct vnode *pwd_jdir; /* jail root directory */ 93}; 94typedef SMR_POINTER(struct pwd *) smrpwd_t; 95 96struct pwddesc { 97 struct mtx pd_lock; /* protects members of this struct */ 98 smrpwd_t pd_pwd; /* directories */ 99 volatile u_int pd_refcount; 100 u_short pd_cmask; /* mask for file creation */ 101}; 102 103struct filedesc { 104 struct fdescenttbl *fd_files; /* open files table */ 105 NDSLOTTYPE *fd_map; /* bitmap of free fds */ 106 int fd_freefile; /* approx. next free file */ 107 int fd_refcnt; /* thread reference count */ 108 int fd_holdcnt; /* hold count on structure + mutex */ 109 struct sx fd_sx; /* protects members of this struct */ 110 struct kqlist fd_kqlist; /* list of kqueues on this filedesc */ 111 int fd_holdleaderscount; /* block fdfree() for shared close() */ 112 int fd_holdleaderswakeup; /* fdfree() needs wakeup */ 113}; 114 115/* 116 * Structure to keep track of (process leader, struct fildedesc) tuples. 117 * Each process has a pointer to such a structure when detailed tracking 118 * is needed, e.g., when rfork(RFPROC | RFMEM) causes a file descriptor 119 * table to be shared by processes having different "p_leader" pointers 120 * and thus distinct POSIX style locks. 121 * 122 * fdl_refcount and fdl_holdcount are protected by struct filedesc mtx. 123 */ 124struct filedesc_to_leader { 125 int fdl_refcount; /* references from struct proc */ 126 int fdl_holdcount; /* temporary hold during closef */ 127 int fdl_wakeup; /* fdfree() waits on closef() */ 128 struct proc *fdl_leader; /* owner of POSIX locks */ 129 /* Circular list: */ 130 struct filedesc_to_leader *fdl_prev; 131 struct filedesc_to_leader *fdl_next; 132}; 133#define fd_nfiles fd_files->fdt_nfiles 134#define fd_ofiles fd_files->fdt_ofiles 135 136/* 137 * Per-process open flags. 138 */ 139#define UF_EXCLOSE 0x01 /* auto-close on exec */ 140 141#ifdef _KERNEL 142 143/* Lock a paths descriptor table. */ 144#define PWDDESC_LOCK(pdp) (&(pdp)->pd_lock) 145#define PWDDESC_LOCK_INIT(pdp) \ 146 mtx_init(PWDDESC_LOCK(pdp), "pwddesc", NULL, MTX_DEF) 147#define PWDDESC_LOCK_DESTROY(pdp) mtx_destroy(PWDDESC_LOCK(pdp)) 148#define PWDDESC_XLOCK(pdp) mtx_lock(PWDDESC_LOCK(pdp)) 149#define PWDDESC_XUNLOCK(pdp) mtx_unlock(PWDDESC_LOCK(pdp)) 150#define PWDDESC_LOCK_ASSERT(pdp, what) \ 151 mtx_assert(PWDDESC_LOCK(pdp), (what)) 152#define PWDDESC_ASSERT_XLOCKED(pdp) \ 153 PWDDESC_LOCK_ASSERT((pdp), MA_OWNED) 154#define PWDDESC_ASSERT_UNLOCKED(pdp) \ 155 PWDDESC_LOCK_ASSERT((pdp), MA_NOTOWNED) 156 157#define PWDDESC_XLOCKED_LOAD_PWD(pdp) ({ \ 158 struct pwddesc *_pdp = (pdp); \ 159 struct pwd *_pwd; \ 160 _pwd = smr_serialized_load(&(_pdp)->pd_pwd, \ 161 (PWDDESC_ASSERT_XLOCKED(_pdp), true)); \ 162 _pwd; \ 163}) 164 165/* Lock a file descriptor table. */ 166#define FILEDESC_LOCK_INIT(fdp) sx_init(&(fdp)->fd_sx, "filedesc structure") 167#define FILEDESC_LOCK_DESTROY(fdp) sx_destroy(&(fdp)->fd_sx) 168#define FILEDESC_LOCK(fdp) (&(fdp)->fd_sx) 169#define FILEDESC_XLOCK(fdp) sx_xlock(&(fdp)->fd_sx) 170#define FILEDESC_XUNLOCK(fdp) sx_xunlock(&(fdp)->fd_sx) 171#define FILEDESC_SLOCK(fdp) sx_slock(&(fdp)->fd_sx) 172#define FILEDESC_SUNLOCK(fdp) sx_sunlock(&(fdp)->fd_sx) 173 174#define FILEDESC_LOCK_ASSERT(fdp) sx_assert(&(fdp)->fd_sx, SX_LOCKED | \ 175 SX_NOTRECURSED) 176#define FILEDESC_XLOCK_ASSERT(fdp) sx_assert(&(fdp)->fd_sx, SX_XLOCKED | \ 177 SX_NOTRECURSED) 178#define FILEDESC_UNLOCK_ASSERT(fdp) sx_assert(&(fdp)->fd_sx, SX_UNLOCKED) 179 180#define FILEDESC_IS_ONLY_USER(fdp) ({ \ 181 struct filedesc *_fdp = (fdp); \ 182 MPASS(curproc->p_fd == _fdp); \ 183 (curproc->p_numthreads == 1 && refcount_load(&_fdp->fd_refcnt) == 1); \ 184}) 185#else 186 187/* 188 * Accessor for libkvm et al. 189 */ 190#define PWDDESC_KVM_LOAD_PWD(pdp) ({ \ 191 struct pwddesc *_pdp = (pdp); \ 192 struct pwd *_pwd; \ 193 _pwd = smr_kvm_load(&(_pdp)->pd_pwd); \ 194 _pwd; \ 195}) 196 197#endif 198 199#ifdef _KERNEL 200 201/* Operation types for kern_dup(). */ 202enum { 203 FDDUP_NORMAL, /* dup() behavior. */ 204 FDDUP_FCNTL, /* fcntl()-style errors. */ 205 FDDUP_FIXED, /* Force fixed allocation. */ 206 FDDUP_MUSTREPLACE, /* Target must exist. */ 207 FDDUP_LASTMODE, 208}; 209 210/* Flags for kern_dup(). */ 211#define FDDUP_FLAG_CLOEXEC 0x1 /* Atomically set UF_EXCLOSE. */ 212 213/* For backward compatibility. */ 214#define falloc(td, resultfp, resultfd, flags) \ 215 falloc_caps(td, resultfp, resultfd, flags, NULL) 216 217struct thread; 218 219static __inline void 220filecaps_init(struct filecaps *fcaps) 221{ 222 223 bzero(fcaps, sizeof(*fcaps)); 224 fcaps->fc_nioctls = -1; 225} 226bool filecaps_copy(const struct filecaps *src, struct filecaps *dst, 227 bool locked); 228void filecaps_move(struct filecaps *src, struct filecaps *dst); 229void filecaps_free(struct filecaps *fcaps); 230 231int closef(struct file *fp, struct thread *td); 232void closef_nothread(struct file *fp); 233int dupfdopen(struct thread *td, struct filedesc *fdp, int dfd, int mode, 234 int openerror, int *indxp); 235int falloc_caps(struct thread *td, struct file **resultfp, int *resultfd, 236 int flags, struct filecaps *fcaps); 237void falloc_abort(struct thread *td, struct file *fp); 238int _falloc_noinstall(struct thread *td, struct file **resultfp, u_int n); 239#define falloc_noinstall(td, resultfp) _falloc_noinstall(td, resultfp, 1) 240void _finstall(struct filedesc *fdp, struct file *fp, int fd, int flags, 241 struct filecaps *fcaps); 242int finstall(struct thread *td, struct file *fp, int *resultfd, int flags, 243 struct filecaps *fcaps); 244int finstall_refed(struct thread *td, struct file *fp, int *resultfd, int flags, 245 struct filecaps *fcaps); 246int fdalloc(struct thread *td, int minfd, int *result); 247int fdallocn(struct thread *td, int minfd, int *fds, int n); 248int fdcheckstd(struct thread *td); 249void fdclose(struct thread *td, struct file *fp, int idx); 250void fdcloseexec(struct thread *td); 251void fdsetugidsafety(struct thread *td); 252struct filedesc *fdcopy(struct filedesc *fdp); 253int fdcopy_remapped(struct filedesc *fdp, const int *fds, size_t nfds, 254 struct filedesc **newfdp); 255void fdinstall_remapped(struct thread *td, struct filedesc *fdp); 256void fdunshare(struct thread *td); 257void fdescfree(struct thread *td); 258void fdescfree_remapped(struct filedesc *fdp); 259int fdlastfile(struct filedesc *fdp); 260int fdlastfile_single(struct filedesc *fdp); 261struct filedesc *fdinit(struct filedesc *fdp, bool prepfiles, int *lastfile); 262struct filedesc *fdshare(struct filedesc *fdp); 263struct filedesc_to_leader * 264 filedesc_to_leader_alloc(struct filedesc_to_leader *old, 265 struct filedesc *fdp, struct proc *leader); 266int getvnode(struct thread *td, int fd, cap_rights_t *rightsp, 267 struct file **fpp); 268int getvnode_path(struct thread *td, int fd, cap_rights_t *rightsp, 269 struct file **fpp); 270void mountcheckdirs(struct vnode *olddp, struct vnode *newdp); 271 272int fget_cap_locked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, 273 struct file **fpp, struct filecaps *havecapsp); 274int fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp, 275 struct file **fpp, struct filecaps *havecapsp); 276 277/* Return a referenced file from an unlocked descriptor. */ 278int fget_unlocked_seq(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, 279 struct file **fpp, seqc_t *seqp); 280int fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, 281 struct file **fpp); 282/* Return a file pointer without a ref. FILEDESC_IS_ONLY_USER must be true. */ 283int fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, 284 struct file **fpp); 285#define fput_only_user(fdp, fp) ({ \ 286 MPASS(FILEDESC_IS_ONLY_USER(fdp)); \ 287 MPASS(refcount_load(&fp->f_count) > 0); \ 288}) 289 290/* Requires a FILEDESC_{S,X}LOCK held and returns without a ref. */ 291static __inline struct file * 292fget_locked(struct filedesc *fdp, int fd) 293{ 294 295 FILEDESC_LOCK_ASSERT(fdp); 296 297 if (__predict_false((u_int)fd >= fdp->fd_nfiles)) 298 return (NULL); 299 300 return (fdp->fd_ofiles[fd].fde_file); 301} 302 303static __inline struct filedescent * 304fdeget_locked(struct filedesc *fdp, int fd) 305{ 306 struct filedescent *fde; 307 308 FILEDESC_LOCK_ASSERT(fdp); 309 310 if (__predict_false((u_int)fd >= fdp->fd_nfiles)) 311 return (NULL); 312 313 fde = &fdp->fd_ofiles[fd]; 314 if (__predict_false(fde->fde_file == NULL)) 315 return (NULL); 316 317 return (fde); 318} 319 320#ifdef CAPABILITIES 321static __inline bool 322fd_modified(struct filedesc *fdp, int fd, seqc_t seqc) 323{ 324 325 return (!seqc_consistent(fd_seqc(fdp->fd_files, fd), seqc)); 326} 327#endif 328 329/* cdir/rdir/jdir manipulation functions. */ 330struct pwddesc *pdcopy(struct pwddesc *pdp); 331void pdescfree(struct thread *td); 332struct pwddesc *pdinit(struct pwddesc *pdp, bool keeplock); 333struct pwddesc *pdshare(struct pwddesc *pdp); 334void pdunshare(struct thread *td); 335 336void pwd_chdir(struct thread *td, struct vnode *vp); 337int pwd_chroot(struct thread *td, struct vnode *vp); 338int pwd_chroot_chdir(struct thread *td, struct vnode *vp); 339void pwd_ensure_dirs(void); 340void pwd_set_rootvnode(void); 341 342struct pwd *pwd_hold_pwddesc(struct pwddesc *pdp); 343bool pwd_hold_smr(struct pwd *pwd); 344struct pwd *pwd_hold(struct thread *td); 345void pwd_drop(struct pwd *pwd); 346static inline void 347pwd_set(struct pwddesc *pdp, struct pwd *newpwd) 348{ 349 smr_serialized_store(&pdp->pd_pwd, newpwd, 350 (PWDDESC_ASSERT_XLOCKED(pdp), true)); 351} 352#define pwd_get_smr() vfs_smr_entered_load(&curproc->p_pd->pd_pwd) 353 354#endif /* _KERNEL */ 355 356#endif /* !_SYS_FILEDESC_H_ */ 357