4 * Copyright (C) 1991, 1992 Linus Torvalds
7 #include <linux/syscalls.h>
8 #include <linux/init.h>
10 #include <linux/sched/task.h>
12 #include <linux/file.h>
13 #include <linux/fdtable.h>
14 #include <linux/capability.h>
15 #include <linux/dnotify.h>
16 #include <linux/slab.h>
17 #include <linux/module.h>
18 #include <linux/pipe_fs_i.h>
19 #include <linux/security.h>
20 #include <linux/ptrace.h>
21 #include <linux/signal.h>
22 #include <linux/rcupdate.h>
23 #include <linux/pid_namespace.h>
24 #include <linux/user_namespace.h>
25 #include <linux/shmem_fs.h>
26 #include <linux/compat.h>
29 #include <asm/siginfo.h>
30 #include <linux/uaccess.h>
32 #define SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT | O_NOATIME)
34 static int setfl(int fd, struct file * filp, unsigned long arg)
36 struct inode * inode = file_inode(filp);
40 * O_APPEND cannot be cleared if the file is marked as append-only
41 * and the file is open for write.
43 if (((arg ^ filp->f_flags) & O_APPEND) && IS_APPEND(inode))
46 /* O_NOATIME can only be set by the owner or superuser */
47 if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
48 if (!inode_owner_or_capable(inode))
51 /* required for strict SunOS emulation */
52 if (O_NONBLOCK != O_NDELAY)
56 /* Pipe packetized mode is controlled by O_DIRECT flag */
57 if (!S_ISFIFO(inode->i_mode) && (arg & O_DIRECT)) {
58 if (!filp->f_mapping || !filp->f_mapping->a_ops ||
59 !filp->f_mapping->a_ops->direct_IO)
63 if (filp->f_op->check_flags)
64 error = filp->f_op->check_flags(arg);
69 * ->fasync() is responsible for setting the FASYNC bit.
71 if (((arg ^ filp->f_flags) & FASYNC) && filp->f_op->fasync) {
72 error = filp->f_op->fasync(fd, filp, (arg & FASYNC) != 0);
78 spin_lock(&filp->f_lock);
79 filp->f_flags = (arg & SETFL_MASK) | (filp->f_flags & ~SETFL_MASK);
80 spin_unlock(&filp->f_lock);
86 static void f_modown(struct file *filp, struct pid *pid, enum pid_type type,
89 write_lock_irq(&filp->f_owner.lock);
90 if (force || !filp->f_owner.pid) {
91 put_pid(filp->f_owner.pid);
92 filp->f_owner.pid = get_pid(pid);
93 filp->f_owner.pid_type = type;
96 const struct cred *cred = current_cred();
97 filp->f_owner.uid = cred->uid;
98 filp->f_owner.euid = cred->euid;
101 write_unlock_irq(&filp->f_owner.lock);
104 void __f_setown(struct file *filp, struct pid *pid, enum pid_type type,
107 security_file_set_fowner(filp);
108 f_modown(filp, pid, type, force);
110 EXPORT_SYMBOL(__f_setown);
112 void f_setown(struct file *filp, unsigned long arg, int force)
123 pid = find_vpid(who);
124 __f_setown(filp, pid, type, force);
127 EXPORT_SYMBOL(f_setown);
129 void f_delown(struct file *filp)
131 f_modown(filp, NULL, PIDTYPE_PID, 1);
134 pid_t f_getown(struct file *filp)
137 read_lock(&filp->f_owner.lock);
138 pid = pid_vnr(filp->f_owner.pid);
139 if (filp->f_owner.pid_type == PIDTYPE_PGID)
141 read_unlock(&filp->f_owner.lock);
145 static int f_setown_ex(struct file *filp, unsigned long arg)
147 struct f_owner_ex __user *owner_p = (void __user *)arg;
148 struct f_owner_ex owner;
153 ret = copy_from_user(&owner, owner_p, sizeof(owner));
157 switch (owner.type) {
175 pid = find_vpid(owner.pid);
176 if (owner.pid && !pid)
179 __f_setown(filp, pid, type, 1);
185 static int f_getown_ex(struct file *filp, unsigned long arg)
187 struct f_owner_ex __user *owner_p = (void __user *)arg;
188 struct f_owner_ex owner;
191 read_lock(&filp->f_owner.lock);
192 owner.pid = pid_vnr(filp->f_owner.pid);
193 switch (filp->f_owner.pid_type) {
195 owner.type = F_OWNER_TID;
199 owner.type = F_OWNER_PID;
203 owner.type = F_OWNER_PGRP;
211 read_unlock(&filp->f_owner.lock);
214 ret = copy_to_user(owner_p, &owner, sizeof(owner));
221 #ifdef CONFIG_CHECKPOINT_RESTORE
222 static int f_getowner_uids(struct file *filp, unsigned long arg)
224 struct user_namespace *user_ns = current_user_ns();
225 uid_t __user *dst = (void __user *)arg;
229 read_lock(&filp->f_owner.lock);
230 src[0] = from_kuid(user_ns, filp->f_owner.uid);
231 src[1] = from_kuid(user_ns, filp->f_owner.euid);
232 read_unlock(&filp->f_owner.lock);
234 err = put_user(src[0], &dst[0]);
235 err |= put_user(src[1], &dst[1]);
240 static int f_getowner_uids(struct file *filp, unsigned long arg)
246 static long do_fcntl(int fd, unsigned int cmd, unsigned long arg,
253 err = f_dupfd(arg, filp, 0);
255 case F_DUPFD_CLOEXEC:
256 err = f_dupfd(arg, filp, O_CLOEXEC);
259 err = get_close_on_exec(fd) ? FD_CLOEXEC : 0;
263 set_close_on_exec(fd, arg & FD_CLOEXEC);
269 err = setfl(fd, filp, arg);
271 #if BITS_PER_LONG != 32
272 /* 32-bit arches must use fcntl64() */
276 err = fcntl_getlk(filp, cmd, (struct flock __user *) arg);
278 #if BITS_PER_LONG != 32
279 /* 32-bit arches must use fcntl64() */
286 err = fcntl_setlk(fd, filp, cmd, (struct flock __user *) arg);
290 * XXX If f_owner is a process group, the
291 * negative return value will get converted
292 * into an error. Oops. If we keep the
293 * current syscall conventions, the only way
294 * to fix this will be in libc.
296 err = f_getown(filp);
297 force_successful_syscall_return();
300 f_setown(filp, arg, 1);
304 err = f_getown_ex(filp, arg);
307 err = f_setown_ex(filp, arg);
309 case F_GETOWNER_UIDS:
310 err = f_getowner_uids(filp, arg);
313 err = filp->f_owner.signum;
316 /* arg == 0 restores default behaviour. */
317 if (!valid_signal(arg)) {
321 filp->f_owner.signum = arg;
324 err = fcntl_getlease(filp);
327 err = fcntl_setlease(fd, filp, arg);
330 err = fcntl_dirnotify(fd, filp, arg);
334 err = pipe_fcntl(filp, cmd, arg);
338 err = shmem_fcntl(filp, cmd, arg);
346 static int check_fcntl_cmd(unsigned cmd)
350 case F_DUPFD_CLOEXEC:
359 SYSCALL_DEFINE3(fcntl, unsigned int, fd, unsigned int, cmd, unsigned long, arg)
361 struct fd f = fdget_raw(fd);
367 if (unlikely(f.file->f_mode & FMODE_PATH)) {
368 if (!check_fcntl_cmd(cmd))
372 err = security_file_fcntl(f.file, cmd, arg);
374 err = do_fcntl(fd, cmd, arg, f.file);
382 #if BITS_PER_LONG == 32
383 SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
386 struct fd f = fdget_raw(fd);
392 if (unlikely(f.file->f_mode & FMODE_PATH)) {
393 if (!check_fcntl_cmd(cmd))
397 err = security_file_fcntl(f.file, cmd, arg);
404 err = fcntl_getlk64(f.file, cmd, (struct flock64 __user *) arg);
410 err = fcntl_setlk64(fd, f.file, cmd,
411 (struct flock64 __user *) arg);
414 err = do_fcntl(fd, cmd, arg, f.file);
425 static int get_compat_flock(struct flock *kfl, struct compat_flock __user *ufl)
427 if (!access_ok(VERIFY_READ, ufl, sizeof(*ufl)) ||
428 __get_user(kfl->l_type, &ufl->l_type) ||
429 __get_user(kfl->l_whence, &ufl->l_whence) ||
430 __get_user(kfl->l_start, &ufl->l_start) ||
431 __get_user(kfl->l_len, &ufl->l_len) ||
432 __get_user(kfl->l_pid, &ufl->l_pid))
437 static int put_compat_flock(struct flock *kfl, struct compat_flock __user *ufl)
439 if (!access_ok(VERIFY_WRITE, ufl, sizeof(*ufl)) ||
440 __put_user(kfl->l_type, &ufl->l_type) ||
441 __put_user(kfl->l_whence, &ufl->l_whence) ||
442 __put_user(kfl->l_start, &ufl->l_start) ||
443 __put_user(kfl->l_len, &ufl->l_len) ||
444 __put_user(kfl->l_pid, &ufl->l_pid))
449 #ifndef HAVE_ARCH_GET_COMPAT_FLOCK64
450 static int get_compat_flock64(struct flock *kfl, struct compat_flock64 __user *ufl)
452 if (!access_ok(VERIFY_READ, ufl, sizeof(*ufl)) ||
453 __get_user(kfl->l_type, &ufl->l_type) ||
454 __get_user(kfl->l_whence, &ufl->l_whence) ||
455 __get_user(kfl->l_start, &ufl->l_start) ||
456 __get_user(kfl->l_len, &ufl->l_len) ||
457 __get_user(kfl->l_pid, &ufl->l_pid))
463 #ifndef HAVE_ARCH_PUT_COMPAT_FLOCK64
464 static int put_compat_flock64(struct flock *kfl, struct compat_flock64 __user *ufl)
466 if (!access_ok(VERIFY_WRITE, ufl, sizeof(*ufl)) ||
467 __put_user(kfl->l_type, &ufl->l_type) ||
468 __put_user(kfl->l_whence, &ufl->l_whence) ||
469 __put_user(kfl->l_start, &ufl->l_start) ||
470 __put_user(kfl->l_len, &ufl->l_len) ||
471 __put_user(kfl->l_pid, &ufl->l_pid))
478 convert_fcntl_cmd(unsigned int cmd)
492 COMPAT_SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
498 unsigned int conv_cmd;
504 ret = get_compat_flock(&f, compat_ptr(arg));
509 ret = sys_fcntl(fd, cmd, (unsigned long)&f);
511 if (cmd == F_GETLK && ret == 0) {
512 /* GETLK was successful and we need to return the data...
513 * but it needs to fit in the compat structure.
514 * l_start shouldn't be too big, unless the original
515 * start + end is greater than COMPAT_OFF_T_MAX, in which
516 * case the app was asking for trouble, so we return
517 * -EOVERFLOW in that case.
518 * l_len could be too big, in which case we just truncate it,
519 * and only allow the app to see that part of the conflicting
520 * lock that might make sense to it anyway
523 if (f.l_start > COMPAT_OFF_T_MAX)
525 if (f.l_len > COMPAT_OFF_T_MAX)
526 f.l_len = COMPAT_OFF_T_MAX;
528 ret = put_compat_flock(&f, compat_ptr(arg));
538 ret = get_compat_flock64(&f, compat_ptr(arg));
543 conv_cmd = convert_fcntl_cmd(cmd);
544 ret = sys_fcntl(fd, conv_cmd, (unsigned long)&f);
546 if ((conv_cmd == F_GETLK || conv_cmd == F_OFD_GETLK) && ret == 0) {
547 /* need to return lock information - see above for commentary */
548 if (f.l_start > COMPAT_LOFF_T_MAX)
550 if (f.l_len > COMPAT_LOFF_T_MAX)
551 f.l_len = COMPAT_LOFF_T_MAX;
553 ret = put_compat_flock64(&f, compat_ptr(arg));
558 ret = sys_fcntl(fd, cmd, arg);
564 COMPAT_SYSCALL_DEFINE3(fcntl, unsigned int, fd, unsigned int, cmd,
576 return compat_sys_fcntl64(fd, cmd, arg);
580 /* Table to convert sigio signal codes into poll band bitmaps */
582 static const long band_table[NSIGPOLL] = {
583 POLLIN | POLLRDNORM, /* POLL_IN */
584 POLLOUT | POLLWRNORM | POLLWRBAND, /* POLL_OUT */
585 POLLIN | POLLRDNORM | POLLMSG, /* POLL_MSG */
586 POLLERR, /* POLL_ERR */
587 POLLPRI | POLLRDBAND, /* POLL_PRI */
588 POLLHUP | POLLERR /* POLL_HUP */
591 static inline int sigio_perm(struct task_struct *p,
592 struct fown_struct *fown, int sig)
594 const struct cred *cred;
598 cred = __task_cred(p);
599 ret = ((uid_eq(fown->euid, GLOBAL_ROOT_UID) ||
600 uid_eq(fown->euid, cred->suid) || uid_eq(fown->euid, cred->uid) ||
601 uid_eq(fown->uid, cred->suid) || uid_eq(fown->uid, cred->uid)) &&
602 !security_file_send_sigiotask(p, fown, sig));
607 static void send_sigio_to_task(struct task_struct *p,
608 struct fown_struct *fown,
609 int fd, int reason, int group)
612 * F_SETSIG can change ->signum lockless in parallel, make
613 * sure we read it once and use the same value throughout.
615 int signum = ACCESS_ONCE(fown->signum);
617 if (!sigio_perm(p, fown, signum))
623 /* Queue a rt signal with the appropriate fd as its
624 value. We use SI_SIGIO as the source, not
625 SI_KERNEL, since kernel signals always get
626 delivered even if we can't queue. Failure to
627 queue in this case _should_ be reported; we fall
628 back to SIGIO in that case. --sct */
629 si.si_signo = signum;
632 /* Make sure we are called with one of the POLL_*
633 reasons, otherwise we could leak kernel stack into
635 BUG_ON((reason & __SI_MASK) != __SI_POLL);
636 if (reason - POLL_IN >= NSIGPOLL)
639 si.si_band = band_table[reason - POLL_IN];
641 if (!do_send_sig_info(signum, &si, p, group))
643 /* fall-through: fall back on the old plain SIGIO signal */
645 do_send_sig_info(SIGIO, SEND_SIG_PRIV, p, group);
649 void send_sigio(struct fown_struct *fown, int fd, int band)
651 struct task_struct *p;
656 read_lock(&fown->lock);
658 type = fown->pid_type;
659 if (type == PIDTYPE_MAX) {
666 goto out_unlock_fown;
668 read_lock(&tasklist_lock);
669 do_each_pid_task(pid, type, p) {
670 send_sigio_to_task(p, fown, fd, band, group);
671 } while_each_pid_task(pid, type, p);
672 read_unlock(&tasklist_lock);
674 read_unlock(&fown->lock);
677 static void send_sigurg_to_task(struct task_struct *p,
678 struct fown_struct *fown, int group)
680 if (sigio_perm(p, fown, SIGURG))
681 do_send_sig_info(SIGURG, SEND_SIG_PRIV, p, group);
684 int send_sigurg(struct fown_struct *fown)
686 struct task_struct *p;
692 read_lock(&fown->lock);
694 type = fown->pid_type;
695 if (type == PIDTYPE_MAX) {
702 goto out_unlock_fown;
706 read_lock(&tasklist_lock);
707 do_each_pid_task(pid, type, p) {
708 send_sigurg_to_task(p, fown, group);
709 } while_each_pid_task(pid, type, p);
710 read_unlock(&tasklist_lock);
712 read_unlock(&fown->lock);
716 static DEFINE_SPINLOCK(fasync_lock);
717 static struct kmem_cache *fasync_cache __read_mostly;
719 static void fasync_free_rcu(struct rcu_head *head)
721 kmem_cache_free(fasync_cache,
722 container_of(head, struct fasync_struct, fa_rcu));
726 * Remove a fasync entry. If successfully removed, return
727 * positive and clear the FASYNC flag. If no entry exists,
728 * do nothing and return 0.
730 * NOTE! It is very important that the FASYNC flag always
731 * match the state "is the filp on a fasync list".
734 int fasync_remove_entry(struct file *filp, struct fasync_struct **fapp)
736 struct fasync_struct *fa, **fp;
739 spin_lock(&filp->f_lock);
740 spin_lock(&fasync_lock);
741 for (fp = fapp; (fa = *fp) != NULL; fp = &fa->fa_next) {
742 if (fa->fa_file != filp)
745 spin_lock_irq(&fa->fa_lock);
747 spin_unlock_irq(&fa->fa_lock);
750 call_rcu(&fa->fa_rcu, fasync_free_rcu);
751 filp->f_flags &= ~FASYNC;
755 spin_unlock(&fasync_lock);
756 spin_unlock(&filp->f_lock);
760 struct fasync_struct *fasync_alloc(void)
762 return kmem_cache_alloc(fasync_cache, GFP_KERNEL);
766 * NOTE! This can be used only for unused fasync entries:
767 * entries that actually got inserted on the fasync list
768 * need to be released by rcu - see fasync_remove_entry.
770 void fasync_free(struct fasync_struct *new)
772 kmem_cache_free(fasync_cache, new);
776 * Insert a new entry into the fasync list. Return the pointer to the
777 * old one if we didn't use the new one.
779 * NOTE! It is very important that the FASYNC flag always
780 * match the state "is the filp on a fasync list".
782 struct fasync_struct *fasync_insert_entry(int fd, struct file *filp, struct fasync_struct **fapp, struct fasync_struct *new)
784 struct fasync_struct *fa, **fp;
786 spin_lock(&filp->f_lock);
787 spin_lock(&fasync_lock);
788 for (fp = fapp; (fa = *fp) != NULL; fp = &fa->fa_next) {
789 if (fa->fa_file != filp)
792 spin_lock_irq(&fa->fa_lock);
794 spin_unlock_irq(&fa->fa_lock);
798 spin_lock_init(&new->fa_lock);
799 new->magic = FASYNC_MAGIC;
802 new->fa_next = *fapp;
803 rcu_assign_pointer(*fapp, new);
804 filp->f_flags |= FASYNC;
807 spin_unlock(&fasync_lock);
808 spin_unlock(&filp->f_lock);
813 * Add a fasync entry. Return negative on error, positive if
814 * added, and zero if did nothing but change an existing one.
816 static int fasync_add_entry(int fd, struct file *filp, struct fasync_struct **fapp)
818 struct fasync_struct *new;
820 new = fasync_alloc();
825 * fasync_insert_entry() returns the old (update) entry if
828 * So free the (unused) new entry and return 0 to let the
829 * caller know that we didn't add any new fasync entries.
831 if (fasync_insert_entry(fd, filp, fapp, new)) {
840 * fasync_helper() is used by almost all character device drivers
841 * to set up the fasync queue, and for regular files by the file
842 * lease code. It returns negative on error, 0 if it did no changes
843 * and positive if it added/deleted the entry.
845 int fasync_helper(int fd, struct file * filp, int on, struct fasync_struct **fapp)
848 return fasync_remove_entry(filp, fapp);
849 return fasync_add_entry(fd, filp, fapp);
852 EXPORT_SYMBOL(fasync_helper);
855 * rcu_read_lock() is held
857 static void kill_fasync_rcu(struct fasync_struct *fa, int sig, int band)
860 struct fown_struct *fown;
863 if (fa->magic != FASYNC_MAGIC) {
864 printk(KERN_ERR "kill_fasync: bad magic number in "
868 spin_lock_irqsave(&fa->fa_lock, flags);
870 fown = &fa->fa_file->f_owner;
871 /* Don't send SIGURG to processes which have not set a
872 queued signum: SIGURG has its own default signalling
874 if (!(sig == SIGURG && fown->signum == 0))
875 send_sigio(fown, fa->fa_fd, band);
877 spin_unlock_irqrestore(&fa->fa_lock, flags);
878 fa = rcu_dereference(fa->fa_next);
882 void kill_fasync(struct fasync_struct **fp, int sig, int band)
884 /* First a quick test without locking: usually
889 kill_fasync_rcu(rcu_dereference(*fp), sig, band);
893 EXPORT_SYMBOL(kill_fasync);
895 static int __init fcntl_init(void)
898 * Please add new bits here to ensure allocation uniqueness.
899 * Exceptions: O_NONBLOCK is a two bit define on parisc; O_NDELAY
900 * is defined as O_NONBLOCK on some platforms and not on others.
902 BUILD_BUG_ON(21 - 1 /* for O_RDONLY being 0 */ !=
904 (VALID_OPEN_FLAGS & ~(O_NONBLOCK | O_NDELAY)) |
905 __FMODE_EXEC | __FMODE_NONOTIFY));
907 fasync_cache = kmem_cache_create("fasync_cache",
908 sizeof(struct fasync_struct), 0, SLAB_PANIC, NULL);
912 module_init(fcntl_init)
projects / karo-tx-linux.git / blob