1
2
3
4
5
6
7
8#include <linux/syscalls.h>
9#include <linux/init.h>
10#include <linux/mm.h>
11#include <linux/sched/task.h>
12#include <linux/fs.h>
13#include <linux/file.h>
14#include <linux/fdtable.h>
15#include <linux/capability.h>
16#include <linux/dnotify.h>
17#include <linux/slab.h>
18#include <linux/module.h>
19#include <linux/pipe_fs_i.h>
20#include <linux/security.h>
21#include <linux/ptrace.h>
22#include <linux/signal.h>
23#include <linux/rcupdate.h>
24#include <linux/pid_namespace.h>
25#include <linux/user_namespace.h>
26#include <linux/memfd.h>
27#include <linux/compat.h>
28#include <linux/mount.h>
29
30#include <linux/poll.h>
31#include <asm/siginfo.h>
32#include <linux/uaccess.h>
33
34#define SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT | O_NOATIME)
35
36static int setfl(int fd, struct file * filp, unsigned long arg)
37{
38 struct inode * inode = file_inode(filp);
39 int error = 0;
40
41
42
43
44
45 if (((arg ^ filp->f_flags) & O_APPEND) && IS_APPEND(inode))
46 return -EPERM;
47
48
49 if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
50 if (!inode_owner_or_capable(file_mnt_user_ns(filp), inode))
51 return -EPERM;
52
53
54 if (O_NONBLOCK != O_NDELAY)
55 if (arg & O_NDELAY)
56 arg |= O_NONBLOCK;
57
58
59 if (!S_ISFIFO(inode->i_mode) && (arg & O_DIRECT)) {
60 if (!filp->f_mapping || !filp->f_mapping->a_ops ||
61 !filp->f_mapping->a_ops->direct_IO)
62 return -EINVAL;
63 }
64
65 if (filp->f_op->check_flags)
66 error = filp->f_op->check_flags(arg);
67 if (error)
68 return error;
69
70
71
72
73 if (((arg ^ filp->f_flags) & FASYNC) && filp->f_op->fasync) {
74 error = filp->f_op->fasync(fd, filp, (arg & FASYNC) != 0);
75 if (error < 0)
76 goto out;
77 if (error > 0)
78 error = 0;
79 }
80 spin_lock(&filp->f_lock);
81 filp->f_flags = (arg & SETFL_MASK) | (filp->f_flags & ~SETFL_MASK);
82 spin_unlock(&filp->f_lock);
83
84 out:
85 return error;
86}
87
88static void f_modown(struct file *filp, struct pid *pid, enum pid_type type,
89 int force)
90{
91 write_lock_irq(&filp->f_owner.lock);
92 if (force || !filp->f_owner.pid) {
93 put_pid(filp->f_owner.pid);
94 filp->f_owner.pid = get_pid(pid);
95 filp->f_owner.pid_type = type;
96
97 if (pid) {
98 const struct cred *cred = current_cred();
99 filp->f_owner.uid = cred->uid;
100 filp->f_owner.euid = cred->euid;
101 }
102 }
103 write_unlock_irq(&filp->f_owner.lock);
104}
105
106void __f_setown(struct file *filp, struct pid *pid, enum pid_type type,
107 int force)
108{
109 security_file_set_fowner(filp);
110 f_modown(filp, pid, type, force);
111}
112EXPORT_SYMBOL(__f_setown);
113
114int f_setown(struct file *filp, unsigned long arg, int force)
115{
116 enum pid_type type;
117 struct pid *pid = NULL;
118 int who = arg, ret = 0;
119
120 type = PIDTYPE_TGID;
121 if (who < 0) {
122
123 if (who == INT_MIN)
124 return -EINVAL;
125
126 type = PIDTYPE_PGID;
127 who = -who;
128 }
129
130 rcu_read_lock();
131 if (who) {
132 pid = find_vpid(who);
133 if (!pid)
134 ret = -ESRCH;
135 }
136
137 if (!ret)
138 __f_setown(filp, pid, type, force);
139 rcu_read_unlock();
140
141 return ret;
142}
143EXPORT_SYMBOL(f_setown);
144
145void f_delown(struct file *filp)
146{
147 f_modown(filp, NULL, PIDTYPE_TGID, 1);
148}
149
150pid_t f_getown(struct file *filp)
151{
152 pid_t pid = 0;
153 read_lock(&filp->f_owner.lock);
154 rcu_read_lock();
155 if (pid_task(filp->f_owner.pid, filp->f_owner.pid_type)) {
156 pid = pid_vnr(filp->f_owner.pid);
157 if (filp->f_owner.pid_type == PIDTYPE_PGID)
158 pid = -pid;
159 }
160 rcu_read_unlock();
161 read_unlock(&filp->f_owner.lock);
162 return pid;
163}
164
165static int f_setown_ex(struct file *filp, unsigned long arg)
166{
167 struct f_owner_ex __user *owner_p = (void __user *)arg;
168 struct f_owner_ex owner;
169 struct pid *pid;
170 int type;
171 int ret;
172
173 ret = copy_from_user(&owner, owner_p, sizeof(owner));
174 if (ret)
175 return -EFAULT;
176
177 switch (owner.type) {
178 case F_OWNER_TID:
179 type = PIDTYPE_PID;
180 break;
181
182 case F_OWNER_PID:
183 type = PIDTYPE_TGID;
184 break;
185
186 case F_OWNER_PGRP:
187 type = PIDTYPE_PGID;
188 break;
189
190 default:
191 return -EINVAL;
192 }
193
194 rcu_read_lock();
195 pid = find_vpid(owner.pid);
196 if (owner.pid && !pid)
197 ret = -ESRCH;
198 else
199 __f_setown(filp, pid, type, 1);
200 rcu_read_unlock();
201
202 return ret;
203}
204
205static int f_getown_ex(struct file *filp, unsigned long arg)
206{
207 struct f_owner_ex __user *owner_p = (void __user *)arg;
208 struct f_owner_ex owner = {};
209 int ret = 0;
210
211 read_lock(&filp->f_owner.lock);
212 rcu_read_lock();
213 if (pid_task(filp->f_owner.pid, filp->f_owner.pid_type))
214 owner.pid = pid_vnr(filp->f_owner.pid);
215 rcu_read_unlock();
216 switch (filp->f_owner.pid_type) {
217 case PIDTYPE_PID:
218 owner.type = F_OWNER_TID;
219 break;
220
221 case PIDTYPE_TGID:
222 owner.type = F_OWNER_PID;
223 break;
224
225 case PIDTYPE_PGID:
226 owner.type = F_OWNER_PGRP;
227 break;
228
229 default:
230 WARN_ON(1);
231 ret = -EINVAL;
232 break;
233 }
234 read_unlock(&filp->f_owner.lock);
235
236 if (!ret) {
237 ret = copy_to_user(owner_p, &owner, sizeof(owner));
238 if (ret)
239 ret = -EFAULT;
240 }
241 return ret;
242}
243
244#ifdef CONFIG_CHECKPOINT_RESTORE
245static int f_getowner_uids(struct file *filp, unsigned long arg)
246{
247 struct user_namespace *user_ns = current_user_ns();
248 uid_t __user *dst = (void __user *)arg;
249 uid_t src[2];
250 int err;
251
252 read_lock(&filp->f_owner.lock);
253 src[0] = from_kuid(user_ns, filp->f_owner.uid);
254 src[1] = from_kuid(user_ns, filp->f_owner.euid);
255 read_unlock(&filp->f_owner.lock);
256
257 err = put_user(src[0], &dst[0]);
258 err |= put_user(src[1], &dst[1]);
259
260 return err;
261}
262#else
263static int f_getowner_uids(struct file *filp, unsigned long arg)
264{
265 return -EINVAL;
266}
267#endif
268
269static bool rw_hint_valid(enum rw_hint hint)
270{
271 switch (hint) {
272 case RWH_WRITE_LIFE_NOT_SET:
273 case RWH_WRITE_LIFE_NONE:
274 case RWH_WRITE_LIFE_SHORT:
275 case RWH_WRITE_LIFE_MEDIUM:
276 case RWH_WRITE_LIFE_LONG:
277 case RWH_WRITE_LIFE_EXTREME:
278 return true;
279 default:
280 return false;
281 }
282}
283
284static long fcntl_rw_hint(struct file *file, unsigned int cmd,
285 unsigned long arg)
286{
287 struct inode *inode = file_inode(file);
288 u64 __user *argp = (u64 __user *)arg;
289 enum rw_hint hint;
290 u64 h;
291
292 switch (cmd) {
293 case F_GET_FILE_RW_HINT:
294 h = file_write_hint(file);
295 if (copy_to_user(argp, &h, sizeof(*argp)))
296 return -EFAULT;
297 return 0;
298 case F_SET_FILE_RW_HINT:
299 if (copy_from_user(&h, argp, sizeof(h)))
300 return -EFAULT;
301 hint = (enum rw_hint) h;
302 if (!rw_hint_valid(hint))
303 return -EINVAL;
304
305 spin_lock(&file->f_lock);
306 file->f_write_hint = hint;
307 spin_unlock(&file->f_lock);
308 return 0;
309 case F_GET_RW_HINT:
310 h = inode->i_write_hint;
311 if (copy_to_user(argp, &h, sizeof(*argp)))
312 return -EFAULT;
313 return 0;
314 case F_SET_RW_HINT:
315 if (copy_from_user(&h, argp, sizeof(h)))
316 return -EFAULT;
317 hint = (enum rw_hint) h;
318 if (!rw_hint_valid(hint))
319 return -EINVAL;
320
321 inode_lock(inode);
322 inode->i_write_hint = hint;
323 inode_unlock(inode);
324 return 0;
325 default:
326 return -EINVAL;
327 }
328}
329
330static long do_fcntl(int fd, unsigned int cmd, unsigned long arg,
331 struct file *filp)
332{
333 void __user *argp = (void __user *)arg;
334 struct flock flock;
335 long err = -EINVAL;
336
337 switch (cmd) {
338 case F_DUPFD:
339 err = f_dupfd(arg, filp, 0);
340 break;
341 case F_DUPFD_CLOEXEC:
342 err = f_dupfd(arg, filp, O_CLOEXEC);
343 break;
344 case F_GETFD:
345 err = get_close_on_exec(fd) ? FD_CLOEXEC : 0;
346 break;
347 case F_SETFD:
348 err = 0;
349 set_close_on_exec(fd, arg & FD_CLOEXEC);
350 break;
351 case F_GETFL:
352 err = filp->f_flags;
353 break;
354 case F_SETFL:
355 err = setfl(fd, filp, arg);
356 break;
357#if BITS_PER_LONG != 32
358
359 case F_OFD_GETLK:
360#endif
361 case F_GETLK:
362 if (copy_from_user(&flock, argp, sizeof(flock)))
363 return -EFAULT;
364 err = fcntl_getlk(filp, cmd, &flock);
365 if (!err && copy_to_user(argp, &flock, sizeof(flock)))
366 return -EFAULT;
367 break;
368#if BITS_PER_LONG != 32
369
370 case F_OFD_SETLK:
371 case F_OFD_SETLKW:
372 fallthrough;
373#endif
374 case F_SETLK:
375 case F_SETLKW:
376 if (copy_from_user(&flock, argp, sizeof(flock)))
377 return -EFAULT;
378 err = fcntl_setlk(fd, filp, cmd, &flock);
379 break;
380 case F_GETOWN:
381
382
383
384
385
386
387
388 err = f_getown(filp);
389 force_successful_syscall_return();
390 break;
391 case F_SETOWN:
392 err = f_setown(filp, arg, 1);
393 break;
394 case F_GETOWN_EX:
395 err = f_getown_ex(filp, arg);
396 break;
397 case F_SETOWN_EX:
398 err = f_setown_ex(filp, arg);
399 break;
400 case F_GETOWNER_UIDS:
401 err = f_getowner_uids(filp, arg);
402 break;
403 case F_GETSIG:
404 err = filp->f_owner.signum;
405 break;
406 case F_SETSIG:
407
408 if (!valid_signal(arg)) {
409 break;
410 }
411 err = 0;
412 filp->f_owner.signum = arg;
413 break;
414 case F_GETLEASE:
415 err = fcntl_getlease(filp);
416 break;
417 case F_SETLEASE:
418 err = fcntl_setlease(fd, filp, arg);
419 break;
420 case F_NOTIFY:
421 err = fcntl_dirnotify(fd, filp, arg);
422 break;
423 case F_SETPIPE_SZ:
424 case F_GETPIPE_SZ:
425 err = pipe_fcntl(filp, cmd, arg);
426 break;
427 case F_ADD_SEALS:
428 case F_GET_SEALS:
429 err = memfd_fcntl(filp, cmd, arg);
430 break;
431 case F_GET_RW_HINT:
432 case F_SET_RW_HINT:
433 case F_GET_FILE_RW_HINT:
434 case F_SET_FILE_RW_HINT:
435 err = fcntl_rw_hint(filp, cmd, arg);
436 break;
437 default:
438 break;
439 }
440 return err;
441}
442
443static int check_fcntl_cmd(unsigned cmd)
444{
445 switch (cmd) {
446 case F_DUPFD:
447 case F_DUPFD_CLOEXEC:
448 case F_GETFD:
449 case F_SETFD:
450 case F_GETFL:
451 return 1;
452 }
453 return 0;
454}
455
456SYSCALL_DEFINE3(fcntl, unsigned int, fd, unsigned int, cmd, unsigned long, arg)
457{
458 struct fd f = fdget_raw(fd);
459 long err = -EBADF;
460
461 if (!f.file)
462 goto out;
463
464 if (unlikely(f.file->f_mode & FMODE_PATH)) {
465 if (!check_fcntl_cmd(cmd))
466 goto out1;
467 }
468
469 err = security_file_fcntl(f.file, cmd, arg);
470 if (!err)
471 err = do_fcntl(fd, cmd, arg, f.file);
472
473out1:
474 fdput(f);
475out:
476 return err;
477}
478
479#if BITS_PER_LONG == 32
480SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
481 unsigned long, arg)
482{
483 void __user *argp = (void __user *)arg;
484 struct fd f = fdget_raw(fd);
485 struct flock64 flock;
486 long err = -EBADF;
487
488 if (!f.file)
489 goto out;
490
491 if (unlikely(f.file->f_mode & FMODE_PATH)) {
492 if (!check_fcntl_cmd(cmd))
493 goto out1;
494 }
495
496 err = security_file_fcntl(f.file, cmd, arg);
497 if (err)
498 goto out1;
499
500 switch (cmd) {
501 case F_GETLK64:
502 case F_OFD_GETLK:
503 err = -EFAULT;
504 if (copy_from_user(&flock, argp, sizeof(flock)))
505 break;
506 err = fcntl_getlk64(f.file, cmd, &flock);
507 if (!err && copy_to_user(argp, &flock, sizeof(flock)))
508 err = -EFAULT;
509 break;
510 case F_SETLK64:
511 case F_SETLKW64:
512 case F_OFD_SETLK:
513 case F_OFD_SETLKW:
514 err = -EFAULT;
515 if (copy_from_user(&flock, argp, sizeof(flock)))
516 break;
517 err = fcntl_setlk64(fd, f.file, cmd, &flock);
518 break;
519 default:
520 err = do_fcntl(fd, cmd, arg, f.file);
521 break;
522 }
523out1:
524 fdput(f);
525out:
526 return err;
527}
528#endif
529
530#ifdef CONFIG_COMPAT
531
532#define copy_flock_fields(dst, src) \
533 (dst)->l_type = (src)->l_type; \
534 (dst)->l_whence = (src)->l_whence; \
535 (dst)->l_start = (src)->l_start; \
536 (dst)->l_len = (src)->l_len; \
537 (dst)->l_pid = (src)->l_pid;
538
539static int get_compat_flock(struct flock *kfl, const struct compat_flock __user *ufl)
540{
541 struct compat_flock fl;
542
543 if (copy_from_user(&fl, ufl, sizeof(struct compat_flock)))
544 return -EFAULT;
545 copy_flock_fields(kfl, &fl);
546 return 0;
547}
548
549static int get_compat_flock64(struct flock *kfl, const struct compat_flock64 __user *ufl)
550{
551 struct compat_flock64 fl;
552
553 if (copy_from_user(&fl, ufl, sizeof(struct compat_flock64)))
554 return -EFAULT;
555 copy_flock_fields(kfl, &fl);
556 return 0;
557}
558
559static int put_compat_flock(const struct flock *kfl, struct compat_flock __user *ufl)
560{
561 struct compat_flock fl;
562
563 memset(&fl, 0, sizeof(struct compat_flock));
564 copy_flock_fields(&fl, kfl);
565 if (copy_to_user(ufl, &fl, sizeof(struct compat_flock)))
566 return -EFAULT;
567 return 0;
568}
569
570static int put_compat_flock64(const struct flock *kfl, struct compat_flock64 __user *ufl)
571{
572 struct compat_flock64 fl;
573
574 BUILD_BUG_ON(sizeof(kfl->l_start) > sizeof(ufl->l_start));
575 BUILD_BUG_ON(sizeof(kfl->l_len) > sizeof(ufl->l_len));
576
577 memset(&fl, 0, sizeof(struct compat_flock64));
578 copy_flock_fields(&fl, kfl);
579 if (copy_to_user(ufl, &fl, sizeof(struct compat_flock64)))
580 return -EFAULT;
581 return 0;
582}
583#undef copy_flock_fields
584
585static unsigned int
586convert_fcntl_cmd(unsigned int cmd)
587{
588 switch (cmd) {
589 case F_GETLK64:
590 return F_GETLK;
591 case F_SETLK64:
592 return F_SETLK;
593 case F_SETLKW64:
594 return F_SETLKW;
595 }
596
597 return cmd;
598}
599
600
601
602
603
604
605
606
607
608
609static int fixup_compat_flock(struct flock *flock)
610{
611 if (flock->l_start > COMPAT_OFF_T_MAX)
612 return -EOVERFLOW;
613 if (flock->l_len > COMPAT_OFF_T_MAX)
614 flock->l_len = COMPAT_OFF_T_MAX;
615 return 0;
616}
617
618static long do_compat_fcntl64(unsigned int fd, unsigned int cmd,
619 compat_ulong_t arg)
620{
621 struct fd f = fdget_raw(fd);
622 struct flock flock;
623 long err = -EBADF;
624
625 if (!f.file)
626 return err;
627
628 if (unlikely(f.file->f_mode & FMODE_PATH)) {
629 if (!check_fcntl_cmd(cmd))
630 goto out_put;
631 }
632
633 err = security_file_fcntl(f.file, cmd, arg);
634 if (err)
635 goto out_put;
636
637 switch (cmd) {
638 case F_GETLK:
639 err = get_compat_flock(&flock, compat_ptr(arg));
640 if (err)
641 break;
642 err = fcntl_getlk(f.file, convert_fcntl_cmd(cmd), &flock);
643 if (err)
644 break;
645 err = fixup_compat_flock(&flock);
646 if (!err)
647 err = put_compat_flock(&flock, compat_ptr(arg));
648 break;
649 case F_GETLK64:
650 case F_OFD_GETLK:
651 err = get_compat_flock64(&flock, compat_ptr(arg));
652 if (err)
653 break;
654 err = fcntl_getlk(f.file, convert_fcntl_cmd(cmd), &flock);
655 if (!err)
656 err = put_compat_flock64(&flock, compat_ptr(arg));
657 break;
658 case F_SETLK:
659 case F_SETLKW:
660 err = get_compat_flock(&flock, compat_ptr(arg));
661 if (err)
662 break;
663 err = fcntl_setlk(fd, f.file, convert_fcntl_cmd(cmd), &flock);
664 break;
665 case F_SETLK64:
666 case F_SETLKW64:
667 case F_OFD_SETLK:
668 case F_OFD_SETLKW:
669 err = get_compat_flock64(&flock, compat_ptr(arg));
670 if (err)
671 break;
672 err = fcntl_setlk(fd, f.file, convert_fcntl_cmd(cmd), &flock);
673 break;
674 default:
675 err = do_fcntl(fd, cmd, arg, f.file);
676 break;
677 }
678out_put:
679 fdput(f);
680 return err;
681}
682
683COMPAT_SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
684 compat_ulong_t, arg)
685{
686 return do_compat_fcntl64(fd, cmd, arg);
687}
688
689COMPAT_SYSCALL_DEFINE3(fcntl, unsigned int, fd, unsigned int, cmd,
690 compat_ulong_t, arg)
691{
692 switch (cmd) {
693 case F_GETLK64:
694 case F_SETLK64:
695 case F_SETLKW64:
696 case F_OFD_GETLK:
697 case F_OFD_SETLK:
698 case F_OFD_SETLKW:
699 return -EINVAL;
700 }
701 return do_compat_fcntl64(fd, cmd, arg);
702}
703#endif
704
705
706
707static const __poll_t band_table[NSIGPOLL] = {
708 EPOLLIN | EPOLLRDNORM,
709 EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND,
710 EPOLLIN | EPOLLRDNORM | EPOLLMSG,
711 EPOLLERR,
712 EPOLLPRI | EPOLLRDBAND,
713 EPOLLHUP | EPOLLERR
714};
715
716static inline int sigio_perm(struct task_struct *p,
717 struct fown_struct *fown, int sig)
718{
719 const struct cred *cred;
720 int ret;
721
722 rcu_read_lock();
723 cred = __task_cred(p);
724 ret = ((uid_eq(fown->euid, GLOBAL_ROOT_UID) ||
725 uid_eq(fown->euid, cred->suid) || uid_eq(fown->euid, cred->uid) ||
726 uid_eq(fown->uid, cred->suid) || uid_eq(fown->uid, cred->uid)) &&
727 !security_file_send_sigiotask(p, fown, sig));
728 rcu_read_unlock();
729 return ret;
730}
731
732static void send_sigio_to_task(struct task_struct *p,
733 struct fown_struct *fown,
734 int fd, int reason, enum pid_type type)
735{
736
737
738
739
740 int signum = READ_ONCE(fown->signum);
741
742 if (!sigio_perm(p, fown, signum))
743 return;
744
745 switch (signum) {
746 default: {
747 kernel_siginfo_t si;
748
749
750
751
752
753
754
755 clear_siginfo(&si);
756 si.si_signo = signum;
757 si.si_errno = 0;
758 si.si_code = reason;
759
760
761
762
763
764
765
766
767 if ((signum != SIGPOLL) && sig_specific_sicodes(signum))
768 si.si_code = SI_SIGIO;
769
770
771
772
773 BUG_ON((reason < POLL_IN) || ((reason - POLL_IN) >= NSIGPOLL));
774 if (reason - POLL_IN >= NSIGPOLL)
775 si.si_band = ~0L;
776 else
777 si.si_band = mangle_poll(band_table[reason - POLL_IN]);
778 si.si_fd = fd;
779 if (!do_send_sig_info(signum, &si, p, type))
780 break;
781 }
782 fallthrough;
783 case 0:
784 do_send_sig_info(SIGIO, SEND_SIG_PRIV, p, type);
785 }
786}
787
788void send_sigio(struct fown_struct *fown, int fd, int band)
789{
790 struct task_struct *p;
791 enum pid_type type;
792 unsigned long flags;
793 struct pid *pid;
794
795 read_lock_irqsave(&fown->lock, flags);
796
797 type = fown->pid_type;
798 pid = fown->pid;
799 if (!pid)
800 goto out_unlock_fown;
801
802 if (type <= PIDTYPE_TGID) {
803 rcu_read_lock();
804 p = pid_task(pid, PIDTYPE_PID);
805 if (p)
806 send_sigio_to_task(p, fown, fd, band, type);
807 rcu_read_unlock();
808 } else {
809 read_lock(&tasklist_lock);
810 do_each_pid_task(pid, type, p) {
811 send_sigio_to_task(p, fown, fd, band, type);
812 } while_each_pid_task(pid, type, p);
813 read_unlock(&tasklist_lock);
814 }
815 out_unlock_fown:
816 read_unlock_irqrestore(&fown->lock, flags);
817}
818
819static void send_sigurg_to_task(struct task_struct *p,
820 struct fown_struct *fown, enum pid_type type)
821{
822 if (sigio_perm(p, fown, SIGURG))
823 do_send_sig_info(SIGURG, SEND_SIG_PRIV, p, type);
824}
825
826int send_sigurg(struct fown_struct *fown)
827{
828 struct task_struct *p;
829 enum pid_type type;
830 struct pid *pid;
831 unsigned long flags;
832 int ret = 0;
833
834 read_lock_irqsave(&fown->lock, flags);
835
836 type = fown->pid_type;
837 pid = fown->pid;
838 if (!pid)
839 goto out_unlock_fown;
840
841 ret = 1;
842
843 if (type <= PIDTYPE_TGID) {
844 rcu_read_lock();
845 p = pid_task(pid, PIDTYPE_PID);
846 if (p)
847 send_sigurg_to_task(p, fown, type);
848 rcu_read_unlock();
849 } else {
850 read_lock(&tasklist_lock);
851 do_each_pid_task(pid, type, p) {
852 send_sigurg_to_task(p, fown, type);
853 } while_each_pid_task(pid, type, p);
854 read_unlock(&tasklist_lock);
855 }
856 out_unlock_fown:
857 read_unlock_irqrestore(&fown->lock, flags);
858 return ret;
859}
860
861static DEFINE_SPINLOCK(fasync_lock);
862static struct kmem_cache *fasync_cache __read_mostly;
863
864static void fasync_free_rcu(struct rcu_head *head)
865{
866 kmem_cache_free(fasync_cache,
867 container_of(head, struct fasync_struct, fa_rcu));
868}
869
870
871
872
873
874
875
876
877
878
879int fasync_remove_entry(struct file *filp, struct fasync_struct **fapp)
880{
881 struct fasync_struct *fa, **fp;
882 int result = 0;
883
884 spin_lock(&filp->f_lock);
885 spin_lock(&fasync_lock);
886 for (fp = fapp; (fa = *fp) != NULL; fp = &fa->fa_next) {
887 if (fa->fa_file != filp)
888 continue;
889
890 write_lock_irq(&fa->fa_lock);
891 fa->fa_file = NULL;
892 write_unlock_irq(&fa->fa_lock);
893
894 *fp = fa->fa_next;
895 call_rcu(&fa->fa_rcu, fasync_free_rcu);
896 filp->f_flags &= ~FASYNC;
897 result = 1;
898 break;
899 }
900 spin_unlock(&fasync_lock);
901 spin_unlock(&filp->f_lock);
902 return result;
903}
904
905struct fasync_struct *fasync_alloc(void)
906{
907 return kmem_cache_alloc(fasync_cache, GFP_KERNEL);
908}
909
910
911
912
913
914
915void fasync_free(struct fasync_struct *new)
916{
917 kmem_cache_free(fasync_cache, new);
918}
919
920
921
922
923
924
925
926
927struct fasync_struct *fasync_insert_entry(int fd, struct file *filp, struct fasync_struct **fapp, struct fasync_struct *new)
928{
929 struct fasync_struct *fa, **fp;
930
931 spin_lock(&filp->f_lock);
932 spin_lock(&fasync_lock);
933 for (fp = fapp; (fa = *fp) != NULL; fp = &fa->fa_next) {
934 if (fa->fa_file != filp)
935 continue;
936
937 write_lock_irq(&fa->fa_lock);
938 fa->fa_fd = fd;
939 write_unlock_irq(&fa->fa_lock);
940 goto out;
941 }
942
943 rwlock_init(&new->fa_lock);
944 new->magic = FASYNC_MAGIC;
945 new->fa_file = filp;
946 new->fa_fd = fd;
947 new->fa_next = *fapp;
948 rcu_assign_pointer(*fapp, new);
949 filp->f_flags |= FASYNC;
950
951out:
952 spin_unlock(&fasync_lock);
953 spin_unlock(&filp->f_lock);
954 return fa;
955}
956
957
958
959
960
961static int fasync_add_entry(int fd, struct file *filp, struct fasync_struct **fapp)
962{
963 struct fasync_struct *new;
964
965 new = fasync_alloc();
966 if (!new)
967 return -ENOMEM;
968
969
970
971
972
973
974
975
976 if (fasync_insert_entry(fd, filp, fapp, new)) {
977 fasync_free(new);
978 return 0;
979 }
980
981 return 1;
982}
983
984
985
986
987
988
989
990int fasync_helper(int fd, struct file * filp, int on, struct fasync_struct **fapp)
991{
992 if (!on)
993 return fasync_remove_entry(filp, fapp);
994 return fasync_add_entry(fd, filp, fapp);
995}
996
997EXPORT_SYMBOL(fasync_helper);
998
999
1000
1001
1002static void kill_fasync_rcu(struct fasync_struct *fa, int sig, int band)
1003{
1004 while (fa) {
1005 struct fown_struct *fown;
1006
1007 if (fa->magic != FASYNC_MAGIC) {
1008 printk(KERN_ERR "kill_fasync: bad magic number in "
1009 "fasync_struct!\n");
1010 return;
1011 }
1012 read_lock(&fa->fa_lock);
1013 if (fa->fa_file) {
1014 fown = &fa->fa_file->f_owner;
1015
1016
1017
1018 if (!(sig == SIGURG && fown->signum == 0))
1019 send_sigio(fown, fa->fa_fd, band);
1020 }
1021 read_unlock(&fa->fa_lock);
1022 fa = rcu_dereference(fa->fa_next);
1023 }
1024}
1025
1026void kill_fasync(struct fasync_struct **fp, int sig, int band)
1027{
1028
1029
1030
1031 if (*fp) {
1032 rcu_read_lock();
1033 kill_fasync_rcu(rcu_dereference(*fp), sig, band);
1034 rcu_read_unlock();
1035 }
1036}
1037EXPORT_SYMBOL(kill_fasync);
1038
1039static int __init fcntl_init(void)
1040{
1041
1042
1043
1044
1045
1046 BUILD_BUG_ON(21 - 1 !=
1047 HWEIGHT32(
1048 (VALID_OPEN_FLAGS & ~(O_NONBLOCK | O_NDELAY)) |
1049 __FMODE_EXEC | __FMODE_NONOTIFY));
1050
1051 fasync_cache = kmem_cache_create("fasync_cache",
1052 sizeof(struct fasync_struct), 0, SLAB_PANIC, NULL);
1053 return 0;
1054}
1055
1056module_init(fcntl_init)
1057
