| blob | 470eed1bb58e5624bbb1c474b55be0a5979bb4ec |
1 /*
2 * Copyright (c) 2003,2004 The DragonFly Project. All rights reserved.
3 *
4 * This code is derived from software contributed to The DragonFly Project
5 * by Matthew Dillon <dillon@backplane.com>
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * $DragonFly: src/sys/kern/kern_fp.c,v 1.20 2007/01/12 06:06:57 dillon Exp $
35 */
37 /*
38 * Direct file pointer API functions for in-kernel operations on files. These
39 * functions provide a open/read/write/close like interface within the kernel
40 * for operating on files that are not necessarily associated with processes
41 * and which do not (typically) have descriptors.
42 *
43 * FUTURE: file handle conversion routines to support checkpointing,
44 * and additional file operations (ioctl, fcntl).
45 */
47 #include <sys/param.h>
48 #include <sys/kernel.h>
49 #include <sys/systm.h>
50 #include <sys/malloc.h>
51 #include <sys/sysproto.h>
52 #include <sys/conf.h>
53 #include <sys/filedesc.h>
54 #include <sys/sysctl.h>
55 #include <sys/vnode.h>
56 #include <sys/proc.h>
57 #include <sys/priv.h>
58 #include <sys/nlookup.h>
59 #include <sys/file.h>
60 #include <sys/stat.h>
61 #include <sys/filio.h>
62 #include <sys/fcntl.h>
63 #include <sys/unistd.h>
64 #include <sys/resourcevar.h>
65 #include <sys/event.h>
66 #include <sys/mman.h>
68 #include <vm/vm.h>
69 #include <vm/vm_param.h>
70 #include <sys/lock.h>
71 #include <vm/pmap.h>
72 #include <vm/vm_map.h>
73 #include <vm/vm_object.h>
74 #include <vm/vm_page.h>
75 #include <vm/vm_pager.h>
76 #include <vm/vm_pageout.h>
77 #include <vm/vm_extern.h>
78 #include <vm/vm_page.h>
79 #include <vm/vm_kern.h>
81 #include <sys/file2.h>
82 #include <machine/limits.h>
86 /*
87 * fp_open:
88 *
89 * Open a file as specified. Use O_* flags for flags.
90 *
91 * NOTE! O_ROOTCRED not quite working yet, vn_open() asserts that the
92 * cred must match the process's cred. XXX
93 *
94 * NOTE! when fp_open() is called from a pure thread, root creds are
95 * used.
96 */
97 int
99 {
112 }
121 }
123 }
126 /*
127 * fp_vpopen(): convert a vnode to a file pointer, call VOP_OPEN() on the
128 * the vnode. The vnode must be refd and locked.
129 *
130 * On success the vnode's ref is inherited by the file pointer and the caller
131 * should not vrele() it, and the vnode is unlocked.
132 *
133 * On failure the vnode remains locked and refd and the caller is responsible
134 * for vput()ing it.
135 */
136 int
138 {
146 /*
147 * Vnode checks (from vn_open())
148 */
152 }
156 }
163 }
168 }
175 }
177 /*
178 * File pointer setup
179 */
192 bad1:
196 /* leave the vnode intact, but fall through and unlock it anyway */
197 bad2:
200 }
202 /*
203 * fp_*read() is meant to operate like the normal descriptor based syscalls
204 * would. Note that if 'buf' points to user memory a UIO_USERSPACE
205 * transfer will be used.
206 */
207 int
210 {
236 ) {
238 }
239 }
244 }
246 int
249 {
270 /*
271 * If all is false call fo_read() once.
272 * If all is true we attempt to read the entire request. We have to
273 * break out of the loop if an unrecoverable error or EOF occurs.
274 */
284 /*
285 * If an error occured but some data was read, silently forget the
286 * error. However, if this is a non-blocking descriptor and 'all'
287 * was specified, return an error even if some data was read (this
288 * is considered a bug in the caller for using an illegal combination
289 * of 'all' and a non-blocking descriptor).
290 */
297 }
298 }
302 }
304 int
307 {
333 ) {
335 }
336 }
341 }
344 int
346 {
372 ) {
374 }
375 }
380 }
382 int
384 {
389 }
391 /*
392 * non-anonymous, non-stack descriptor mappings only!
393 *
394 * This routine mostly snarfed from vm/vm_mmap.c
395 */
396 int
399 {
402 vm_size_t pageoff;
403 vm_prot_t maxprot;
404 vm_offset_t addr;
407 vm_object_t obj;
420 /* Adjust size for rounding (on both ends). */
425 /*
426 * Check for illegal addresses. Watch out for address wrap... Note
427 * that VM_*_ADDRESS are not constants due to casts (argh).
428 */
430 /*
431 * The specified address must have the same remainder
432 * as the file offset taken modulo PAGE_SIZE, so it
433 * should be aligned after adjustment by pageoff.
434 */
438 /* Address range must be all in user VM space. */
448 ) {
449 /*
450 * XXX for non-fixed mappings where no hint is provided or
451 * the hint would fall in the potential heap space,
452 * place it after the end of the largest possible heap.
453 *
454 * There should really be a pmap call to determine a reasonable
455 * location.
456 */
458 }
460 /*
461 * Mapping file, get fp for validation. Obtain vnode and make
462 * sure it is of appropriate type.
463 */
467 /*
468 * POSIX shared-memory objects are defined to have
469 * kernel persistence, and are not defined to support
470 * read(2)/write(2) -- or even open(2). Thus, we can
471 * use MAP_ASYNC to trade on-disk coherence for speed.
472 * The shm_open(3) library routine turns on the FPOSIXSHM
473 * flag to request this behavior.
474 */
481 /*
482 * Get the proper underlying object
483 */
488 }
490 /*
491 * XXX hack to handle use of /dev/zero to map anon memory (ala
492 * SunOS).
493 */
500 /*
501 * cdevs does not provide private mappings of any kind.
502 */
503 /*
504 * However, for XIG X server to continue to work,
505 * we should allow the superuser to do it anyway.
506 * We only allow it at securelevel < 1.
507 * (Because the XIG X server writes directly to video
508 * memory via /dev/mem, it should never work at any
509 * other securelevel.
510 * XXX this will have to go
511 */
514 else
520 }
521 /*
522 * Ensure that file and memory protections are
523 * compatible. Note that we only worry about
524 * writability if mapping is shared; in this case,
525 * current and max prot are dictated by the open file.
526 * XXX use the vnode instead? Problem is: what
527 * credentials do we use for determination? What if
528 * proc does a setuid?
529 */
536 }
537 /*
538 * If we are sharing potential changes (either via
539 * MAP_SHARED or via the implicit sharing of character
540 * device mappings), and we are trying to get write
541 * permission although we opened it without asking
542 * for it, bail out. Check for superuser, only if
543 * we're at securelevel < 1, to allow the XIG X server
544 * to continue to work.
545 */
549 ) {
554 }
560 }
564 }
567 }
569 }
574 done:
576 }
578 int
580 {
582 }
584 int
586 {
588 }