| blob | 980b6e9cc38f87008b9ea0114726b49a02085ad2 |
1 /*
2 * Copyright (c) 2003,2004 The DragonFly Project. All rights reserved.
3 *
4 * This code is derived from software contributed to The DragonFly Project
5 * by Matthew Dillon <dillon@backplane.com>
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * $DragonFly: src/sys/kern/kern_fp.c,v 1.20 2007/01/12 06:06:57 dillon Exp $
35 */
37 /*
38 * Direct file pointer API functions for in-kernel operations on files. These
39 * functions provide a open/read/write/close like interface within the kernel
40 * for operating on files that are not necessarily associated with processes
41 * and which do not (typically) have descriptors.
42 *
43 * FUTURE: file handle conversion routines to support checkpointing,
44 * and additional file operations (ioctl, fcntl).
45 */
47 #include <sys/param.h>
48 #include <sys/kernel.h>
49 #include <sys/systm.h>
50 #include <sys/malloc.h>
51 #include <sys/sysproto.h>
52 #include <sys/conf.h>
53 #include <sys/filedesc.h>
54 #include <sys/sysctl.h>
55 #include <sys/vnode.h>
56 #include <sys/proc.h>
57 #include <sys/nlookup.h>
58 #include <sys/file.h>
59 #include <sys/stat.h>
60 #include <sys/filio.h>
61 #include <sys/fcntl.h>
62 #include <sys/unistd.h>
63 #include <sys/resourcevar.h>
64 #include <sys/event.h>
65 #include <sys/mman.h>
67 #include <vm/vm.h>
68 #include <vm/vm_param.h>
69 #include <sys/lock.h>
70 #include <vm/pmap.h>
71 #include <vm/vm_map.h>
72 #include <vm/vm_object.h>
73 #include <vm/vm_page.h>
74 #include <vm/vm_pager.h>
75 #include <vm/vm_pageout.h>
76 #include <vm/vm_extern.h>
77 #include <vm/vm_page.h>
78 #include <vm/vm_kern.h>
80 #include <sys/file2.h>
81 #include <machine/limits.h>
85 /*
86 * fp_open:
87 *
88 * Open a file as specified. Use O_* flags for flags.
89 *
90 * NOTE! O_ROOTCRED not quite working yet, vn_open() asserts that the
91 * cred must match the process's cred. XXX
92 *
93 * NOTE! when fp_open() is called from a pure thread, root creds are
94 * used.
95 */
96 int
98 {
111 }
120 }
122 }
125 /*
126 * fp_vpopen(): convert a vnode to a file pointer, call VOP_OPEN() on the
127 * the vnode. The vnode must be refd and locked.
128 *
129 * On success the vnode's ref is inherited by the file pointer and the caller
130 * should not vrele() it, and the vnode is unlocked.
131 *
132 * On failure the vnode remains locked and refd and the caller is responsible
133 * for vput()ing it.
134 */
135 int
137 {
145 /*
146 * Vnode checks (from vn_open())
147 */
151 }
155 }
162 }
167 }
174 }
176 /*
177 * File pointer setup
178 */
191 bad1:
195 /* leave the vnode intact, but fall through and unlock it anyway */
196 bad2:
199 }
201 /*
202 * fp_*read() is meant to operate like the normal descriptor based syscalls
203 * would. Note that if 'buf' points to user memory a UIO_USERSPACE
204 * transfer will be used.
205 */
206 int
209 {
235 ) {
237 }
238 }
243 }
245 int
248 {
269 /*
270 * If all is false call fo_read() once.
271 * If all is true we attempt to read the entire request. We have to
272 * break out of the loop if an unrecoverable error or EOF occurs.
273 */
283 /*
284 * If an error occured but some data was read, silently forget the
285 * error. However, if this is a non-blocking descriptor and 'all'
286 * was specified, return an error even if some data was read (this
287 * is considered a bug in the caller for using an illegal combination
288 * of 'all' and a non-blocking descriptor).
289 */
296 }
297 }
301 }
303 int
306 {
332 ) {
334 }
335 }
340 }
343 int
345 {
371 ) {
373 }
374 }
379 }
381 int
383 {
388 }
390 /*
391 * non-anonymous, non-stack descriptor mappings only!
392 *
393 * This routine mostly snarfed from vm/vm_mmap.c
394 */
395 int
398 {
401 vm_size_t pageoff;
402 vm_prot_t maxprot;
403 vm_offset_t addr;
406 vm_object_t obj;
419 /* Adjust size for rounding (on both ends). */
424 /*
425 * Check for illegal addresses. Watch out for address wrap... Note
426 * that VM_*_ADDRESS are not constants due to casts (argh).
427 */
429 /*
430 * The specified address must have the same remainder
431 * as the file offset taken modulo PAGE_SIZE, so it
432 * should be aligned after adjustment by pageoff.
433 */
437 /* Address range must be all in user VM space. */
447 ) {
448 /*
449 * XXX for non-fixed mappings where no hint is provided or
450 * the hint would fall in the potential heap space,
451 * place it after the end of the largest possible heap.
452 *
453 * There should really be a pmap call to determine a reasonable
454 * location.
455 */
457 }
459 /*
460 * Mapping file, get fp for validation. Obtain vnode and make
461 * sure it is of appropriate type.
462 */
466 /*
467 * POSIX shared-memory objects are defined to have
468 * kernel persistence, and are not defined to support
469 * read(2)/write(2) -- or even open(2). Thus, we can
470 * use MAP_ASYNC to trade on-disk coherence for speed.
471 * The shm_open(3) library routine turns on the FPOSIXSHM
472 * flag to request this behavior.
473 */
480 /*
481 * Get the proper underlying object
482 */
487 }
489 /*
490 * XXX hack to handle use of /dev/zero to map anon memory (ala
491 * SunOS).
492 */
499 /*
500 * cdevs does not provide private mappings of any kind.
501 */
502 /*
503 * However, for XIG X server to continue to work,
504 * we should allow the superuser to do it anyway.
505 * We only allow it at securelevel < 1.
506 * (Because the XIG X server writes directly to video
507 * memory via /dev/mem, it should never work at any
508 * other securelevel.
509 * XXX this will have to go
510 */
513 else
519 }
520 /*
521 * Ensure that file and memory protections are
522 * compatible. Note that we only worry about
523 * writability if mapping is shared; in this case,
524 * current and max prot are dictated by the open file.
525 * XXX use the vnode instead? Problem is: what
526 * credentials do we use for determination? What if
527 * proc does a setuid?
528 */
535 }
536 /*
537 * If we are sharing potential changes (either via
538 * MAP_SHARED or via the implicit sharing of character
539 * device mappings), and we are trying to get write
540 * permission although we opened it without asking
541 * for it, bail out. Check for superuser, only if
542 * we're at securelevel < 1, to allow the XIG X server
543 * to continue to work.
544 */
548 ) {
553 }
559 }
563 }
566 }
568 }
573 done:
575 }
577 int
579 {
581 }
583 int
585 {
587 }