int
osi_UFSTruncate(struct osi_file *afile, afs_int32 asize)
{
afs_ucred_t *oldCred;
struct vattr tvattr;
afs_int32 code;
struct osi_stat tstat;
AFS_STATCNT(osi_Truncate);
/* This routine only shrinks files, and most systems
* have very slow truncates, even when the file is already
* small enough. Check now and save some time.
*/
code = afs_osi_Stat(afile, &tstat);
if (code || tstat.size <= asize)
return code;
ObtainWriteLock(&afs_xosi, 321);
AFS_GUNLOCK();
#ifdef AFS_DARWIN80_ENV
VATTR_INIT(&tvattr);
VATTR_SET(&tvattr, va_size, asize);
code = vnode_setattr(afile->vnode, &tvattr, afs_osi_ctxtp);
#else
VATTR_NULL(&tvattr);
tvattr.va_size = asize;
code = VOP_SETATTR(afile->vnode, &tvattr, &afs_osi_cred, current_proc());
#endif
AFS_GLOCK();
ReleaseWriteLock(&afs_xosi);
return code;
}
osi_DisableAtimes(struct vnode *avp)
#endif
{
#ifdef AFS_DARWIN80_ENV
struct vnode_attr vap;
VATTR_INIT(&vap);
VATTR_CLEAR_SUPPORTED(&vap, va_access_time);
vnode_setattr(avp, &vap, afs_osi_ctxtp);
#else
if (afs_CacheFSType == AFS_APPL_UFS_CACHE) {
struct inode *ip = VTOI(avp);
ip->i_flag &= ~IN_ACCESS;
}
#ifdef VTOH /* can't do this without internals */
else if (afs_CacheFSType == AFS_APPL_HFS_CACHE) {
struct hfsnode *hp = VTOH(avp);
hp->h_nodeflags &= ~IN_ACCESS;
}
#endif
#endif
}
off_t DldIOShadowFile::expandFile( __in off_t lowTargetSize )
{
assert( preemption_enabled() );
off_t target;
off_t currentLastExpansion;
#if defined( DBG )
currentLastExpansion = DLD_IGNR_FSIZE;
#endif//DBG
//
// Make sure that we are root. Growing a file
// without zero filling the data is a security hole
// root would have access anyway so we'll allow it
//
//
// TO DO - is_suser is not supported for 64 bit kext
//
/*
#if defined(__i386__)
assert( is_suser() );
if( !is_suser() )
return this->lastExpansion;// an unsafe unprotected access to 64b value
#elif defined(__x86_64__)
#endif//defined(__x86_64__)
*/
//
// check that the limit has not been reached
//
if( DLD_IGNR_FSIZE != this->maxSize && this->lastExpansion == this->maxSize )
return this->maxSize;// a safe access to 64b value as the value can't change
this->LockExclusive();
{// start of the lock
off_t valueToAdd;
currentLastExpansion = this->lastExpansion;
//
// try to extend the file on 128 MB
// ( the same value is used as a maximum value for a mapping
// range in DldIOShadow::processFileWriteWQ )
//
valueToAdd = 0x8*0x1000*0x1000;
if( this->offset > this->lastExpansion )
target = this->offset + valueToAdd;
else
target = this->lastExpansion + valueToAdd;
if( target < lowTargetSize )
target = lowTargetSize;
if( DLD_IGNR_FSIZE != this->maxSize && target > this->maxSize )
target = this->maxSize;
}// end of the lock
this->UnLockExclusive();
if( target < lowTargetSize ){
//
// there is no point for extension as the goal won't be reached, fail the request
//
return currentLastExpansion;
}
assert( DLD_IGNR_FSIZE != currentLastExpansion && currentLastExpansion <= target );
//
// extend the file
//
vfs_context_t vfs_context;
int error;
error = vnode_getwithref( this->vnode );
assert( !error );
if( !error ){
struct vnode_attr va;
VATTR_INIT(&va);
VATTR_SET(&va, va_data_size, target);
va.va_vaflags =(IO_NOZEROFILL) & 0xffff;
vfs_context = vfs_context_create( NULL );
assert( vfs_context );
if( vfs_context ){
this->LockExclusive();
{// start of the lock
assert( currentLastExpansion <= this->lastExpansion );
//
// do not truncate the file incidentally!
//
if( target > this->offset ){
error = vnode_setattr( this->vnode, &va, vfs_context );
if( !error ){
this->lastExpansion = target;
currentLastExpansion = target;
}
} else {
//
// the file has been extended by the write operation
//
this->lastExpansion = this->offset;
currentLastExpansion = this->offset;
}// end if( target < this->offset )
}// end of the lock
this->UnLockExclusive();
vfs_context_rele( vfs_context );
DLD_DBG_MAKE_POINTER_INVALID( vfs_context );
}// end if( vfs_context )
vnode_put( this->vnode );
}// end if( !error )
assert( DLD_IGNR_FSIZE != currentLastExpansion );
return currentLastExpansion;
}
/*
* XXX Internally, we use VM_PROT_* somewhat interchangeably, but the correct
* XXX usage is PROT_* from an interface perspective. Thus the values of
* XXX VM_PROT_* and PROT_* need to correspond.
*/
int
mmap(proc_t p, struct mmap_args *uap, user_addr_t *retval)
{
/*
* Map in special device (must be SHARED) or file
*/
struct fileproc *fp;
register struct vnode *vp;
int flags;
int prot, file_prot;
int err=0;
vm_map_t user_map;
kern_return_t result;
mach_vm_offset_t user_addr;
mach_vm_size_t user_size;
vm_object_offset_t pageoff;
vm_object_offset_t file_pos;
int alloc_flags=0;
boolean_t docow;
vm_prot_t maxprot;
void *handle;
vm_pager_t pager;
int mapanon=0;
int fpref=0;
int error =0;
int fd = uap->fd;
user_addr = (mach_vm_offset_t)uap->addr;
user_size = (mach_vm_size_t) uap->len;
AUDIT_ARG(addr, user_addr);
AUDIT_ARG(len, user_size);
AUDIT_ARG(fd, uap->fd);
prot = (uap->prot & VM_PROT_ALL);
#if 3777787
/*
* Since the hardware currently does not support writing without
* read-before-write, or execution-without-read, if the request is
* for write or execute access, we must imply read access as well;
* otherwise programs expecting this to work will fail to operate.
*/
if (prot & (VM_PROT_EXECUTE | VM_PROT_WRITE))
prot |= VM_PROT_READ;
#endif /* radar 3777787 */
flags = uap->flags;
vp = NULLVP;
/*
* The vm code does not have prototypes & compiler doesn't do the'
* the right thing when you cast 64bit value and pass it in function
* call. So here it is.
*/
file_pos = (vm_object_offset_t)uap->pos;
/* make sure mapping fits into numeric range etc */
if (file_pos + user_size > (vm_object_offset_t)-PAGE_SIZE_64)
return (EINVAL);
/*
* Align the file position to a page boundary,
* and save its page offset component.
*/
pageoff = (file_pos & PAGE_MASK);
file_pos -= (vm_object_offset_t)pageoff;
/* Adjust size for rounding (on both ends). */
user_size += pageoff; /* low end... */
user_size = mach_vm_round_page(user_size); /* hi end */
/*
* Check for illegal addresses. Watch out for address wrap... Note
* that VM_*_ADDRESS are not constants due to casts (argh).
*/
if (flags & MAP_FIXED) {
/*
* The specified address must have the same remainder
* as the file offset taken modulo PAGE_SIZE, so it
* should be aligned after adjustment by pageoff.
*/
user_addr -= pageoff;
if (user_addr & PAGE_MASK)
return (EINVAL);
}
#ifdef notyet
/* DO not have apis to get this info, need to wait till then*/
/*
* XXX for non-fixed mappings where no hint is provided or
* the hint would fall in the potential heap space,
* place it after the end of the largest possible heap.
*
* There should really be a pmap call to determine a reasonable
* location.
*/
else if (addr < mach_vm_round_page(p->p_vmspace->vm_daddr + MAXDSIZ))
addr = mach_vm_round_page(p->p_vmspace->vm_daddr + MAXDSIZ);
#endif
alloc_flags = 0;
if (flags & MAP_ANON) {
/*
* Mapping blank space is trivial. Use positive fds as the alias
* value for memory tracking.
*/
if (fd != -1) {
/*
* Use "fd" to pass (some) Mach VM allocation flags,
* (see the VM_FLAGS_* definitions).
*/
alloc_flags = fd & (VM_FLAGS_ALIAS_MASK |
VM_FLAGS_PURGABLE);
if (alloc_flags != fd) {
/* reject if there are any extra flags */
return EINVAL;
}
}
handle = NULL;
maxprot = VM_PROT_ALL;
file_pos = 0;
mapanon = 1;
} else {
struct vnode_attr va;
vfs_context_t ctx = vfs_context_current();
/*
* Mapping file, get fp for validation. Obtain vnode and make
* sure it is of appropriate type.
*/
err = fp_lookup(p, fd, &fp, 0);
if (err)
return(err);
fpref = 1;
if(fp->f_fglob->fg_type == DTYPE_PSXSHM) {
uap->addr = (user_addr_t)user_addr;
uap->len = (user_size_t)user_size;
uap->prot = prot;
uap->flags = flags;
uap->pos = file_pos;
error = pshm_mmap(p, uap, retval, fp, (off_t)pageoff);
goto bad;
}
if (fp->f_fglob->fg_type != DTYPE_VNODE) {
error = EINVAL;
goto bad;
}
vp = (struct vnode *)fp->f_fglob->fg_data;
error = vnode_getwithref(vp);
if(error != 0)
goto bad;
if (vp->v_type != VREG && vp->v_type != VCHR) {
(void)vnode_put(vp);
error = EINVAL;
goto bad;
}
AUDIT_ARG(vnpath, vp, ARG_VNODE1);
/*
* POSIX: mmap needs to update access time for mapped files
*/
if ((vnode_vfsvisflags(vp) & MNT_NOATIME) == 0) {
VATTR_INIT(&va);
nanotime(&va.va_access_time);
VATTR_SET_ACTIVE(&va, va_access_time);
vnode_setattr(vp, &va, ctx);
}
/*
* XXX hack to handle use of /dev/zero to map anon memory (ala
* SunOS).
*/
if (vp->v_type == VCHR || vp->v_type == VSTR) {
(void)vnode_put(vp);
error = ENODEV;
goto bad;
} else {
/*
* Ensure that file and memory protections are
* compatible. Note that we only worry about
* writability if mapping is shared; in this case,
* current and max prot are dictated by the open file.
* XXX use the vnode instead? Problem is: what
* credentials do we use for determination? What if
* proc does a setuid?
*/
maxprot = VM_PROT_EXECUTE; /* ??? */
if (fp->f_fglob->fg_flag & FREAD)
maxprot |= VM_PROT_READ;
else if (prot & PROT_READ) {
(void)vnode_put(vp);
error = EACCES;
goto bad;
}
/*
* If we are sharing potential changes (either via
* MAP_SHARED or via the implicit sharing of character
* device mappings), and we are trying to get write
* permission although we opened it without asking
* for it, bail out.
*/
if ((flags & MAP_SHARED) != 0) {
if ((fp->f_fglob->fg_flag & FWRITE) != 0) {
/*
* check for write access
*
* Note that we already made this check when granting FWRITE
* against the file, so it seems redundant here.
*/
error = vnode_authorize(vp, NULL, KAUTH_VNODE_CHECKIMMUTABLE, ctx);
/* if not granted for any reason, but we wanted it, bad */
if ((prot & PROT_WRITE) && (error != 0)) {
vnode_put(vp);
goto bad;
}
/* if writable, remember */
if (error == 0)
maxprot |= VM_PROT_WRITE;
} else if ((prot & PROT_WRITE) != 0) {
(void)vnode_put(vp);
error = EACCES;
goto bad;
}
} else
maxprot |= VM_PROT_WRITE;
handle = (void *)vp;
#if CONFIG_MACF
error = mac_file_check_mmap(vfs_context_ucred(ctx),
fp->f_fglob, prot, flags, &maxprot);
if (error) {
(void)vnode_put(vp);
goto bad;
}
#endif /* MAC */
}
}
if (user_size == 0) {
if (!mapanon)
(void)vnode_put(vp);
error = 0;
goto bad;
}
/*
* We bend a little - round the start and end addresses
* to the nearest page boundary.
*/
user_size = mach_vm_round_page(user_size);
if (file_pos & PAGE_MASK_64) {
if (!mapanon)
(void)vnode_put(vp);
error = EINVAL;
goto bad;
}
user_map = current_map();
if ((flags & MAP_FIXED) == 0) {
alloc_flags |= VM_FLAGS_ANYWHERE;
user_addr = mach_vm_round_page(user_addr);
} else {
if (user_addr != mach_vm_trunc_page(user_addr)) {
if (!mapanon)
(void)vnode_put(vp);
error = EINVAL;
goto bad;
}
/*
* mmap(MAP_FIXED) will replace any existing mappings in the
* specified range, if the new mapping is successful.
* If we just deallocate the specified address range here,
* another thread might jump in and allocate memory in that
* range before we get a chance to establish the new mapping,
* and we won't have a chance to restore the old mappings.
* So we use VM_FLAGS_OVERWRITE to let Mach VM know that it
* has to deallocate the existing mappings and establish the
* new ones atomically.
*/
alloc_flags |= VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE;
}
if (flags & MAP_NOCACHE)
alloc_flags |= VM_FLAGS_NO_CACHE;
/*
* Lookup/allocate object.
*/
if (handle == NULL) {
pager = NULL;
#ifdef notyet
/* Hmm .. */
#if defined(VM_PROT_READ_IS_EXEC)
if (prot & VM_PROT_READ)
prot |= VM_PROT_EXECUTE;
if (maxprot & VM_PROT_READ)
maxprot |= VM_PROT_EXECUTE;
#endif
#endif
#if 3777787
if (prot & (VM_PROT_EXECUTE | VM_PROT_WRITE))
prot |= VM_PROT_READ;
if (maxprot & (VM_PROT_EXECUTE | VM_PROT_WRITE))
maxprot |= VM_PROT_READ;
#endif /* radar 3777787 */
result = vm_map_enter_mem_object(user_map,
&user_addr, user_size,
0, alloc_flags,
IPC_PORT_NULL, 0, FALSE,
prot, maxprot,
(flags & MAP_SHARED) ?
VM_INHERIT_SHARE :
VM_INHERIT_DEFAULT);
if (result != KERN_SUCCESS)
goto out;
} else {
pager = (vm_pager_t)ubc_getpager(vp);
if (pager == NULL) {
(void)vnode_put(vp);
error = ENOMEM;
goto bad;
}
/*
* Set credentials:
* FIXME: if we're writing the file we need a way to
* ensure that someone doesn't replace our R/W creds
* with ones that only work for read.
*/
ubc_setthreadcred(vp, p, current_thread());
docow = FALSE;
if ((flags & (MAP_ANON|MAP_SHARED)) == 0) {
docow = TRUE;
}
#ifdef notyet
/* Hmm .. */
#if defined(VM_PROT_READ_IS_EXEC)
if (prot & VM_PROT_READ)
prot |= VM_PROT_EXECUTE;
if (maxprot & VM_PROT_READ)
maxprot |= VM_PROT_EXECUTE;
#endif
#endif /* notyet */
#if 3777787
if (prot & (VM_PROT_EXECUTE | VM_PROT_WRITE))
prot |= VM_PROT_READ;
if (maxprot & (VM_PROT_EXECUTE | VM_PROT_WRITE))
maxprot |= VM_PROT_READ;
#endif /* radar 3777787 */
result = vm_map_enter_mem_object(user_map,
&user_addr, user_size,
0, alloc_flags,
(ipc_port_t)pager, file_pos,
docow, prot, maxprot,
(flags & MAP_SHARED) ?
VM_INHERIT_SHARE :
VM_INHERIT_DEFAULT);
if (result != KERN_SUCCESS) {
(void)vnode_put(vp);
goto out;
}
file_prot = prot & (PROT_READ | PROT_WRITE | PROT_EXEC);
if (docow) {
/* private mapping: won't write to the file */
file_prot &= ~PROT_WRITE;
}
(void) ubc_map(vp, file_prot);
}
if (!mapanon)
(void)vnode_put(vp);
out:
switch (result) {
case KERN_SUCCESS:
*retval = user_addr + pageoff;
error = 0;
break;
case KERN_INVALID_ADDRESS:
case KERN_NO_SPACE:
error = ENOMEM;
break;
case KERN_PROTECTION_FAILURE:
error = EACCES;
break;
default:
error = EINVAL;
break;
}
bad:
if (fpref)
fp_drop(p, fd, fp, 0);
KERNEL_DEBUG_CONSTANT((BSDDBG_CODE(DBG_BSD_SC_EXTENDED_INFO, SYS_mmap) | DBG_FUNC_NONE), fd, (uint32_t)(*retval), (uint32_t)user_size, error, 0);
KERNEL_DEBUG_CONSTANT((BSDDBG_CODE(DBG_BSD_SC_EXTENDED_INFO2, SYS_mmap) | DBG_FUNC_NONE), (uint32_t)(*retval >> 32), (uint32_t)(user_size >> 32),
(uint32_t)(file_pos >> 32), (uint32_t)file_pos, 0);
return(error);
}
kern_return_t
map_fd_funneled(
int fd,
vm_object_offset_t offset,
vm_offset_t *va,
boolean_t findspace,
vm_size_t size)
{
kern_return_t result;
struct fileproc *fp;
struct vnode *vp;
void * pager;
vm_offset_t map_addr=0;
vm_size_t map_size;
int err=0;
vm_map_t my_map;
proc_t p = current_proc();
struct vnode_attr vattr;
/*
* Find the inode; verify that it's a regular file.
*/
err = fp_lookup(p, fd, &fp, 0);
if (err)
return(err);
if (fp->f_fglob->fg_type != DTYPE_VNODE){
err = KERN_INVALID_ARGUMENT;
goto bad;
}
if (!(fp->f_fglob->fg_flag & FREAD)) {
err = KERN_PROTECTION_FAILURE;
goto bad;
}
vp = (struct vnode *)fp->f_fglob->fg_data;
err = vnode_getwithref(vp);
if(err != 0)
goto bad;
if (vp->v_type != VREG) {
(void)vnode_put(vp);
err = KERN_INVALID_ARGUMENT;
goto bad;
}
AUDIT_ARG(vnpath, vp, ARG_VNODE1);
/*
* POSIX: mmap needs to update access time for mapped files
*/
if ((vnode_vfsvisflags(vp) & MNT_NOATIME) == 0) {
VATTR_INIT(&vattr);
nanotime(&vattr.va_access_time);
VATTR_SET_ACTIVE(&vattr, va_access_time);
vnode_setattr(vp, &vattr, vfs_context_current());
}
if (offset & PAGE_MASK_64) {
printf("map_fd: file offset not page aligned(%d : %s)\n",p->p_pid, p->p_comm);
(void)vnode_put(vp);
err = KERN_INVALID_ARGUMENT;
goto bad;
}
map_size = round_page(size);
/*
* Allow user to map in a zero length file.
*/
if (size == 0) {
(void)vnode_put(vp);
err = KERN_SUCCESS;
goto bad;
}
/*
* Map in the file.
*/
pager = (void *)ubc_getpager(vp);
if (pager == NULL) {
(void)vnode_put(vp);
err = KERN_FAILURE;
goto bad;
}
my_map = current_map();
result = vm_map_64(
my_map,
&map_addr, map_size, (vm_offset_t)0,
VM_FLAGS_ANYWHERE, pager, offset, TRUE,
VM_PROT_DEFAULT, VM_PROT_ALL,
VM_INHERIT_DEFAULT);
if (result != KERN_SUCCESS) {
(void)vnode_put(vp);
err = result;
goto bad;
}
if (!findspace) {
vm_offset_t dst_addr;
vm_map_copy_t tmp;
if (copyin(CAST_USER_ADDR_T(va), &dst_addr, sizeof (dst_addr)) ||
trunc_page_32(dst_addr) != dst_addr) {
(void) vm_map_remove(
my_map,
map_addr, map_addr + map_size,
VM_MAP_NO_FLAGS);
(void)vnode_put(vp);
err = KERN_INVALID_ADDRESS;
goto bad;
}
result = vm_map_copyin(my_map, (vm_map_address_t)map_addr,
(vm_map_size_t)map_size, TRUE, &tmp);
if (result != KERN_SUCCESS) {
(void) vm_map_remove(my_map, vm_map_trunc_page(map_addr),
vm_map_round_page(map_addr + map_size),
VM_MAP_NO_FLAGS);
(void)vnode_put(vp);
err = result;
goto bad;
}
result = vm_map_copy_overwrite(my_map,
(vm_map_address_t)dst_addr, tmp, FALSE);
if (result != KERN_SUCCESS) {
vm_map_copy_discard(tmp);
(void)vnode_put(vp);
err = result;
goto bad;
}
} else {
if (copyout(&map_addr, CAST_USER_ADDR_T(va), sizeof (map_addr))) {
(void) vm_map_remove(my_map, vm_map_trunc_page(map_addr),
vm_map_round_page(map_addr + map_size),
VM_MAP_NO_FLAGS);
(void)vnode_put(vp);
err = KERN_INVALID_ADDRESS;
goto bad;
}
}
ubc_setthreadcred(vp, current_proc(), current_thread());
(void)ubc_map(vp, (PROT_READ | PROT_EXEC));
(void)vnode_put(vp);
err = 0;
bad:
fp_drop(p, fd, fp, 0);
return (err);
}
/*
* shared_region_map_np()
*
* This system call is intended for dyld.
*
* dyld uses this to map a shared cache file into a shared region.
* This is usually done only the first time a shared cache is needed.
* Subsequent processes will just use the populated shared region without
* requiring any further setup.
*/
int
shared_region_map_np(
struct proc *p,
struct shared_region_map_np_args *uap,
__unused int *retvalp)
{
int error;
kern_return_t kr;
int fd;
struct fileproc *fp;
struct vnode *vp, *root_vp;
struct vnode_attr va;
off_t fs;
memory_object_size_t file_size;
user_addr_t user_mappings;
struct shared_file_mapping_np *mappings;
#define SFM_MAX_STACK 8
struct shared_file_mapping_np stack_mappings[SFM_MAX_STACK];
unsigned int mappings_count;
vm_size_t mappings_size;
memory_object_control_t file_control;
struct vm_shared_region *shared_region;
SHARED_REGION_TRACE_DEBUG(
("shared_region: %p [%d(%s)] -> map\n",
current_thread(), p->p_pid, p->p_comm));
shared_region = NULL;
mappings_count = 0;
mappings_size = 0;
mappings = NULL;
fp = NULL;
vp = NULL;
/* get file descriptor for shared region cache file */
fd = uap->fd;
/* get file structure from file descriptor */
error = fp_lookup(p, fd, &fp, 0);
if (error) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map: "
"fd=%d lookup failed (error=%d)\n",
current_thread(), p->p_pid, p->p_comm, fd, error));
goto done;
}
/* make sure we're attempting to map a vnode */
if (fp->f_fglob->fg_type != DTYPE_VNODE) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map: "
"fd=%d not a vnode (type=%d)\n",
current_thread(), p->p_pid, p->p_comm,
fd, fp->f_fglob->fg_type));
error = EINVAL;
goto done;
}
/* we need at least read permission on the file */
if (! (fp->f_fglob->fg_flag & FREAD)) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map: "
"fd=%d not readable\n",
current_thread(), p->p_pid, p->p_comm, fd));
error = EPERM;
goto done;
}
/* get vnode from file structure */
error = vnode_getwithref((vnode_t) fp->f_fglob->fg_data);
if (error) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map: "
"fd=%d getwithref failed (error=%d)\n",
current_thread(), p->p_pid, p->p_comm, fd, error));
goto done;
}
vp = (struct vnode *) fp->f_fglob->fg_data;
/* make sure the vnode is a regular file */
if (vp->v_type != VREG) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"not a file (type=%d)\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name, vp->v_type));
error = EINVAL;
goto done;
}
/* make sure vnode is on the process's root volume */
root_vp = p->p_fd->fd_rdir;
if (root_vp == NULL) {
root_vp = rootvnode;
}
if (vp->v_mount != root_vp->v_mount) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"not on process's root volume\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name));
error = EPERM;
goto done;
}
/* make sure vnode is owned by "root" */
VATTR_INIT(&va);
VATTR_WANTED(&va, va_uid);
error = vnode_getattr(vp, &va, vfs_context_current());
if (error) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"vnode_getattr(%p) failed (error=%d)\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name, vp, error));
goto done;
}
if (va.va_uid != 0) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"owned by uid=%d instead of 0\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name, va.va_uid));
error = EPERM;
goto done;
}
/* get vnode size */
error = vnode_size(vp, &fs, vfs_context_current());
if (error) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"vnode_size(%p) failed (error=%d)\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name, vp, error));
goto done;
}
file_size = fs;
/* get the file's memory object handle */
file_control = ubc_getobject(vp, UBC_HOLDOBJECT);
if (file_control == MEMORY_OBJECT_CONTROL_NULL) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"no memory object\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name));
error = EINVAL;
goto done;
}
/* get the list of mappings the caller wants us to establish */
mappings_count = uap->count; /* number of mappings */
mappings_size = (vm_size_t) (mappings_count * sizeof (mappings[0]));
if (mappings_count == 0) {
SHARED_REGION_TRACE_INFO(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"no mappings\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name));
error = 0; /* no mappings: we're done ! */
goto done;
} else if (mappings_count <= SFM_MAX_STACK) {
mappings = &stack_mappings[0];
} else {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"too many mappings (%d)\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name, mappings_count));
error = EINVAL;
goto done;
}
user_mappings = uap->mappings; /* the mappings, in user space */
error = copyin(user_mappings,
mappings,
mappings_size);
if (error) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"copyin(0x%llx, %d) failed (error=%d)\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name, (uint64_t)user_mappings, mappings_count, error));
goto done;
}
/* get the process's shared region (setup in vm_map_exec()) */
shared_region = vm_shared_region_get(current_task());
if (shared_region == NULL) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"no shared region\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name));
goto done;
}
/* map the file into that shared region's submap */
kr = vm_shared_region_map_file(shared_region,
mappings_count,
mappings,
file_control,
file_size,
(void *) p->p_fd->fd_rdir);
if (kr != KERN_SUCCESS) {
SHARED_REGION_TRACE_ERROR(
("shared_region: %p [%d(%s)] map(%p:'%s'): "
"vm_shared_region_map_file() failed kr=0x%x\n",
current_thread(), p->p_pid, p->p_comm,
vp, vp->v_name, kr));
switch (kr) {
case KERN_INVALID_ADDRESS:
error = EFAULT;
break;
case KERN_PROTECTION_FAILURE:
error = EPERM;
break;
case KERN_NO_SPACE:
error = ENOMEM;
break;
case KERN_FAILURE:
case KERN_INVALID_ARGUMENT:
default:
error = EINVAL;
break;
}
goto done;
}
/*
* The mapping was successful. Let the buffer cache know
* that we've mapped that file with these protections. This
* prevents the vnode from getting recycled while it's mapped.
*/
(void) ubc_map(vp, VM_PROT_READ);
error = 0;
/* update the vnode's access time */
if (! (vnode_vfsvisflags(vp) & MNT_NOATIME)) {
VATTR_INIT(&va);
nanotime(&va.va_access_time);
VATTR_SET_ACTIVE(&va, va_access_time);
vnode_setattr(vp, &va, vfs_context_current());
}
if (p->p_flag & P_NOSHLIB) {
/* signal that this process is now using split libraries */
OSBitAndAtomic(~((uint32_t)P_NOSHLIB), (UInt32 *)&p->p_flag);
}
done:
if (vp != NULL) {
/*
* release the vnode...
* ubc_map() still holds it for us in the non-error case
*/
(void) vnode_put(vp);
vp = NULL;
}
if (fp != NULL) {
/* release the file descriptor */
fp_drop(p, fd, fp, 0);
fp = NULL;
}
if (shared_region != NULL) {
vm_shared_region_deallocate(shared_region);
}
SHARED_REGION_TRACE_DEBUG(
("shared_region: %p [%d(%s)] <- map\n",
current_thread(), p->p_pid, p->p_comm));
return error;
}
/* works like PFlushVolumeData */
void
darwin_notify_perms(struct unixuser *auser, int event)
{
int i;
struct afs_q *tq, *uq = NULL;
struct vcache *tvc, *hnext;
int isglock = ISAFS_GLOCK();
struct vnode *vp;
struct vnode_attr va;
int isctxtowner = 0;
if (!afs_darwin_fsevents)
return;
VATTR_INIT(&va);
VATTR_SET(&va, va_mode, 0777);
if (event & UTokensObtained)
VATTR_SET(&va, va_uid, auser->uid);
else
VATTR_SET(&va, va_uid, -2); /* nobody */
if (!isglock)
AFS_GLOCK();
if (!(vfs_context_owner == current_thread())) {
get_vfs_context();
isctxtowner = 1;
}
loop:
ObtainReadLock(&afs_xvcache);
for (i = 0; i < VCSIZE; i++) {
for (tq = afs_vhashTV[i].prev; tq != &afs_vhashTV[i]; tq = uq) {
uq = QPrev(tq);
tvc = QTOVH(tq);
if (tvc->f.states & CDeadVnode) {
/* we can afford to be best-effort */
continue;
}
/* no per-file acls, so only notify on directories */
if (!(vp = AFSTOV(tvc)) || !vnode_isdir(AFSTOV(tvc)))
continue;
/* dynroot object. no callbacks. anonymous ACL. just no. */
if (afs_IsDynrootFid(&tvc->f.fid))
continue;
/* no fake fsevents on mount point sources. leaks refs */
if (tvc->mvstat == 1)
continue;
/* if it's being reclaimed, just pass */
if (vnode_get(vp))
continue;
if (vnode_ref(vp)) {
AFS_GUNLOCK();
vnode_put(vp);
AFS_GLOCK();
continue;
}
ReleaseReadLock(&afs_xvcache);
/* Avoid potentially re-entering on this lock */
if (0 == NBObtainWriteLock(&tvc->lock, 234)) {
tvc->f.states |= CEvent;
AFS_GUNLOCK();
vnode_setattr(vp, &va, afs_osi_ctxtp);
tvc->f.states &= ~CEvent;
vnode_put(vp);
AFS_GLOCK();
ReleaseWriteLock(&tvc->lock);
}
ObtainReadLock(&afs_xvcache);
uq = QPrev(tq);
/* our tvc ptr is still good until now */
AFS_FAST_RELE(tvc);
}
}
ReleaseReadLock(&afs_xvcache);
if (isctxtowner)
put_vfs_context();
if (!isglock)
AFS_GUNLOCK();
}