]>
Commit | Line | Data |
---|---|---|
b2441318 | 1 | // SPDX-License-Identifier: GPL-2.0 |
1da177e4 LT |
2 | /* |
3 | * linux/fs/pipe.c | |
4 | * | |
5 | * Copyright (C) 1991, 1992, 1999 Linus Torvalds | |
6 | */ | |
7 | ||
8 | #include <linux/mm.h> | |
9 | #include <linux/file.h> | |
10 | #include <linux/poll.h> | |
11 | #include <linux/slab.h> | |
12 | #include <linux/module.h> | |
13 | #include <linux/init.h> | |
14 | #include <linux/fs.h> | |
35f3d14d | 15 | #include <linux/log2.h> |
1da177e4 | 16 | #include <linux/mount.h> |
4fa7ec5d | 17 | #include <linux/pseudo_fs.h> |
b502bd11 | 18 | #include <linux/magic.h> |
1da177e4 LT |
19 | #include <linux/pipe_fs_i.h> |
20 | #include <linux/uio.h> | |
21 | #include <linux/highmem.h> | |
5274f052 | 22 | #include <linux/pagemap.h> |
db349509 | 23 | #include <linux/audit.h> |
ba719bae | 24 | #include <linux/syscalls.h> |
b492e95b | 25 | #include <linux/fcntl.h> |
d86133bd | 26 | #include <linux/memcontrol.h> |
1da177e4 | 27 | |
7c0f6ba6 | 28 | #include <linux/uaccess.h> |
1da177e4 LT |
29 | #include <asm/ioctls.h> |
30 | ||
599a0ac1 AV |
31 | #include "internal.h" |
32 | ||
b492e95b JA |
33 | /* |
34 | * The max size that a non-root user is allowed to grow the pipe. Can | |
ff9da691 | 35 | * be set by root in /proc/sys/fs/pipe-max-size |
b492e95b | 36 | */ |
ff9da691 JA |
37 | unsigned int pipe_max_size = 1048576; |
38 | ||
759c0114 WT |
39 | /* Maximum allocatable pages per user. Hard limit is unset by default, soft |
40 | * matches default values. | |
41 | */ | |
42 | unsigned long pipe_user_pages_hard; | |
43 | unsigned long pipe_user_pages_soft = PIPE_DEF_BUFFERS * INR_OPEN_CUR; | |
44 | ||
1da177e4 | 45 | /* |
8cefc107 DH |
46 | * We use head and tail indices that aren't masked off, except at the point of |
47 | * dereference, but rather they're allowed to wrap naturally. This means there | |
48 | * isn't a dead spot in the buffer, but the ring has to be a power of two and | |
49 | * <= 2^31. | |
50 | * -- David Howells 2019-09-23. | |
51 | * | |
1da177e4 LT |
52 | * Reads with count = 0 should always return 0. |
53 | * -- Julian Bradfield 1999-06-07. | |
54 | * | |
55 | * FIFOs and Pipes now generate SIGIO for both readers and writers. | |
56 | * -- Jeremy Elson <jelson@circlemud.org> 2001-08-16 | |
57 | * | |
58 | * pipe_read & write cleanup | |
59 | * -- Manfred Spraul <manfred@colorfullife.com> 2002-05-09 | |
60 | */ | |
61 | ||
61e0d47c MS |
62 | static void pipe_lock_nested(struct pipe_inode_info *pipe, int subclass) |
63 | { | |
6447a3cf | 64 | if (pipe->files) |
72b0d9aa | 65 | mutex_lock_nested(&pipe->mutex, subclass); |
61e0d47c MS |
66 | } |
67 | ||
68 | void pipe_lock(struct pipe_inode_info *pipe) | |
69 | { | |
70 | /* | |
71 | * pipe_lock() nests non-pipe inode locks (for writing to a file) | |
72 | */ | |
73 | pipe_lock_nested(pipe, I_MUTEX_PARENT); | |
74 | } | |
75 | EXPORT_SYMBOL(pipe_lock); | |
76 | ||
77 | void pipe_unlock(struct pipe_inode_info *pipe) | |
78 | { | |
6447a3cf | 79 | if (pipe->files) |
72b0d9aa | 80 | mutex_unlock(&pipe->mutex); |
61e0d47c MS |
81 | } |
82 | EXPORT_SYMBOL(pipe_unlock); | |
83 | ||
ebec73f4 AV |
84 | static inline void __pipe_lock(struct pipe_inode_info *pipe) |
85 | { | |
86 | mutex_lock_nested(&pipe->mutex, I_MUTEX_PARENT); | |
87 | } | |
88 | ||
89 | static inline void __pipe_unlock(struct pipe_inode_info *pipe) | |
90 | { | |
91 | mutex_unlock(&pipe->mutex); | |
92 | } | |
93 | ||
61e0d47c MS |
94 | void pipe_double_lock(struct pipe_inode_info *pipe1, |
95 | struct pipe_inode_info *pipe2) | |
96 | { | |
97 | BUG_ON(pipe1 == pipe2); | |
98 | ||
99 | if (pipe1 < pipe2) { | |
100 | pipe_lock_nested(pipe1, I_MUTEX_PARENT); | |
101 | pipe_lock_nested(pipe2, I_MUTEX_CHILD); | |
102 | } else { | |
023d43c7 PZ |
103 | pipe_lock_nested(pipe2, I_MUTEX_PARENT); |
104 | pipe_lock_nested(pipe1, I_MUTEX_CHILD); | |
61e0d47c MS |
105 | } |
106 | } | |
107 | ||
1da177e4 | 108 | /* Drop the inode semaphore and wait for a pipe event, atomically */ |
3a326a2c | 109 | void pipe_wait(struct pipe_inode_info *pipe) |
1da177e4 LT |
110 | { |
111 | DEFINE_WAIT(wait); | |
112 | ||
d79fc0fc IM |
113 | /* |
114 | * Pipes are system-local resources, so sleeping on them | |
115 | * is considered a noninteractive wait: | |
116 | */ | |
af927232 | 117 | prepare_to_wait(&pipe->wait, &wait, TASK_INTERRUPTIBLE); |
61e0d47c | 118 | pipe_unlock(pipe); |
1da177e4 | 119 | schedule(); |
3a326a2c | 120 | finish_wait(&pipe->wait, &wait); |
61e0d47c | 121 | pipe_lock(pipe); |
1da177e4 LT |
122 | } |
123 | ||
341b446b IM |
124 | static void anon_pipe_buf_release(struct pipe_inode_info *pipe, |
125 | struct pipe_buffer *buf) | |
1da177e4 LT |
126 | { |
127 | struct page *page = buf->page; | |
128 | ||
5274f052 JA |
129 | /* |
130 | * If nobody else uses this page, and we don't already have a | |
131 | * temporary page, let's keep track of it as a one-deep | |
341b446b | 132 | * allocation cache. (Otherwise just release our reference to it) |
5274f052 | 133 | */ |
341b446b | 134 | if (page_count(page) == 1 && !pipe->tmp_page) |
923f4f23 | 135 | pipe->tmp_page = page; |
341b446b | 136 | else |
09cbfeaf | 137 | put_page(page); |
1da177e4 LT |
138 | } |
139 | ||
d86133bd VD |
140 | static int anon_pipe_buf_steal(struct pipe_inode_info *pipe, |
141 | struct pipe_buffer *buf) | |
142 | { | |
143 | struct page *page = buf->page; | |
144 | ||
145 | if (page_count(page) == 1) { | |
60cd4bcd | 146 | memcg_kmem_uncharge(page, 0); |
d86133bd VD |
147 | __SetPageLocked(page); |
148 | return 0; | |
149 | } | |
150 | return 1; | |
151 | } | |
152 | ||
0845718d | 153 | /** |
b51d63c6 | 154 | * generic_pipe_buf_steal - attempt to take ownership of a &pipe_buffer |
0845718d JA |
155 | * @pipe: the pipe that the buffer belongs to |
156 | * @buf: the buffer to attempt to steal | |
157 | * | |
158 | * Description: | |
b51d63c6 | 159 | * This function attempts to steal the &struct page attached to |
0845718d JA |
160 | * @buf. If successful, this function returns 0 and returns with |
161 | * the page locked. The caller may then reuse the page for whatever | |
b51d63c6 | 162 | * he wishes; the typical use is insertion into a different file |
0845718d JA |
163 | * page cache. |
164 | */ | |
330ab716 JA |
165 | int generic_pipe_buf_steal(struct pipe_inode_info *pipe, |
166 | struct pipe_buffer *buf) | |
5abc97aa | 167 | { |
46e678c9 JA |
168 | struct page *page = buf->page; |
169 | ||
0845718d JA |
170 | /* |
171 | * A reference of one is golden, that means that the owner of this | |
172 | * page is the only one holding a reference to it. lock the page | |
173 | * and return OK. | |
174 | */ | |
46e678c9 | 175 | if (page_count(page) == 1) { |
46e678c9 JA |
176 | lock_page(page); |
177 | return 0; | |
178 | } | |
179 | ||
180 | return 1; | |
5abc97aa | 181 | } |
51921cb7 | 182 | EXPORT_SYMBOL(generic_pipe_buf_steal); |
5abc97aa | 183 | |
0845718d | 184 | /** |
b51d63c6 | 185 | * generic_pipe_buf_get - get a reference to a &struct pipe_buffer |
0845718d JA |
186 | * @pipe: the pipe that the buffer belongs to |
187 | * @buf: the buffer to get a reference to | |
188 | * | |
189 | * Description: | |
190 | * This function grabs an extra reference to @buf. It's used in | |
191 | * in the tee() system call, when we duplicate the buffers in one | |
192 | * pipe into another. | |
193 | */ | |
15fab63e | 194 | bool generic_pipe_buf_get(struct pipe_inode_info *pipe, struct pipe_buffer *buf) |
70524490 | 195 | { |
15fab63e | 196 | return try_get_page(buf->page); |
70524490 | 197 | } |
51921cb7 | 198 | EXPORT_SYMBOL(generic_pipe_buf_get); |
70524490 | 199 | |
0845718d JA |
200 | /** |
201 | * generic_pipe_buf_confirm - verify contents of the pipe buffer | |
79685b8d | 202 | * @info: the pipe that the buffer belongs to |
0845718d JA |
203 | * @buf: the buffer to confirm |
204 | * | |
205 | * Description: | |
206 | * This function does nothing, because the generic pipe code uses | |
207 | * pages that are always good when inserted into the pipe. | |
208 | */ | |
cac36bb0 JA |
209 | int generic_pipe_buf_confirm(struct pipe_inode_info *info, |
210 | struct pipe_buffer *buf) | |
f84d7519 JA |
211 | { |
212 | return 0; | |
213 | } | |
51921cb7 | 214 | EXPORT_SYMBOL(generic_pipe_buf_confirm); |
f84d7519 | 215 | |
6818173b MS |
216 | /** |
217 | * generic_pipe_buf_release - put a reference to a &struct pipe_buffer | |
218 | * @pipe: the pipe that the buffer belongs to | |
219 | * @buf: the buffer to put a reference to | |
220 | * | |
221 | * Description: | |
222 | * This function releases a reference to @buf. | |
223 | */ | |
224 | void generic_pipe_buf_release(struct pipe_inode_info *pipe, | |
225 | struct pipe_buffer *buf) | |
226 | { | |
09cbfeaf | 227 | put_page(buf->page); |
6818173b | 228 | } |
51921cb7 | 229 | EXPORT_SYMBOL(generic_pipe_buf_release); |
6818173b | 230 | |
01e7187b | 231 | /* New data written to a pipe may be appended to a buffer with this type. */ |
d4c3cca9 | 232 | static const struct pipe_buf_operations anon_pipe_buf_ops = { |
cac36bb0 | 233 | .confirm = generic_pipe_buf_confirm, |
1da177e4 | 234 | .release = anon_pipe_buf_release, |
d86133bd | 235 | .steal = anon_pipe_buf_steal, |
f84d7519 | 236 | .get = generic_pipe_buf_get, |
1da177e4 LT |
237 | }; |
238 | ||
a0ce2f0a | 239 | static const struct pipe_buf_operations anon_pipe_buf_nomerge_ops = { |
cac36bb0 | 240 | .confirm = generic_pipe_buf_confirm, |
1da177e4 | 241 | .release = anon_pipe_buf_release, |
d86133bd | 242 | .steal = anon_pipe_buf_steal, |
f84d7519 | 243 | .get = generic_pipe_buf_get, |
1da177e4 LT |
244 | }; |
245 | ||
9883035a | 246 | static const struct pipe_buf_operations packet_pipe_buf_ops = { |
9883035a LT |
247 | .confirm = generic_pipe_buf_confirm, |
248 | .release = anon_pipe_buf_release, | |
d86133bd | 249 | .steal = anon_pipe_buf_steal, |
9883035a LT |
250 | .get = generic_pipe_buf_get, |
251 | }; | |
252 | ||
01e7187b JH |
253 | /** |
254 | * pipe_buf_mark_unmergeable - mark a &struct pipe_buffer as unmergeable | |
255 | * @buf: the buffer to mark | |
256 | * | |
257 | * Description: | |
258 | * This function ensures that no future writes will be merged into the | |
259 | * given &struct pipe_buffer. This is necessary when multiple pipe buffers | |
260 | * share the same backing page. | |
261 | */ | |
a0ce2f0a JH |
262 | void pipe_buf_mark_unmergeable(struct pipe_buffer *buf) |
263 | { | |
264 | if (buf->ops == &anon_pipe_buf_ops) | |
265 | buf->ops = &anon_pipe_buf_nomerge_ops; | |
266 | } | |
267 | ||
01e7187b JH |
268 | static bool pipe_buf_can_merge(struct pipe_buffer *buf) |
269 | { | |
270 | return buf->ops == &anon_pipe_buf_ops; | |
271 | } | |
272 | ||
1da177e4 | 273 | static ssize_t |
fb9096a3 | 274 | pipe_read(struct kiocb *iocb, struct iov_iter *to) |
1da177e4 | 275 | { |
fb9096a3 | 276 | size_t total_len = iov_iter_count(to); |
ee0b3e67 | 277 | struct file *filp = iocb->ki_filp; |
de32ec4c | 278 | struct pipe_inode_info *pipe = filp->private_data; |
f467a6a6 | 279 | bool was_full; |
1da177e4 | 280 | ssize_t ret; |
1da177e4 | 281 | |
1da177e4 LT |
282 | /* Null read succeeds. */ |
283 | if (unlikely(total_len == 0)) | |
284 | return 0; | |
285 | ||
1da177e4 | 286 | ret = 0; |
ebec73f4 | 287 | __pipe_lock(pipe); |
f467a6a6 LT |
288 | |
289 | /* | |
290 | * We only wake up writers if the pipe was full when we started | |
291 | * reading in order to avoid unnecessary wakeups. | |
292 | * | |
293 | * But when we do wake up writers, we do so using a sync wakeup | |
294 | * (WF_SYNC), because we want them to get going and generate more | |
295 | * data for us. | |
296 | */ | |
297 | was_full = pipe_full(pipe->head, pipe->tail, pipe->max_usage); | |
1da177e4 | 298 | for (;;) { |
8cefc107 DH |
299 | unsigned int head = pipe->head; |
300 | unsigned int tail = pipe->tail; | |
301 | unsigned int mask = pipe->ring_size - 1; | |
302 | ||
303 | if (!pipe_empty(head, tail)) { | |
304 | struct pipe_buffer *buf = &pipe->bufs[tail & mask]; | |
1da177e4 | 305 | size_t chars = buf->len; |
637b58c2 AV |
306 | size_t written; |
307 | int error; | |
1da177e4 LT |
308 | |
309 | if (chars > total_len) | |
310 | chars = total_len; | |
311 | ||
fba597db | 312 | error = pipe_buf_confirm(pipe, buf); |
f84d7519 | 313 | if (error) { |
5274f052 | 314 | if (!ret) |
e5953cbd | 315 | ret = error; |
5274f052 JA |
316 | break; |
317 | } | |
f84d7519 | 318 | |
fb9096a3 | 319 | written = copy_page_to_iter(buf->page, buf->offset, chars, to); |
637b58c2 | 320 | if (unlikely(written < chars)) { |
341b446b | 321 | if (!ret) |
637b58c2 | 322 | ret = -EFAULT; |
1da177e4 LT |
323 | break; |
324 | } | |
325 | ret += chars; | |
326 | buf->offset += chars; | |
327 | buf->len -= chars; | |
9883035a LT |
328 | |
329 | /* Was it a packet buffer? Clean up and exit */ | |
330 | if (buf->flags & PIPE_BUF_FLAG_PACKET) { | |
331 | total_len = chars; | |
332 | buf->len = 0; | |
333 | } | |
334 | ||
1da177e4 | 335 | if (!buf->len) { |
a779638c | 336 | pipe_buf_release(pipe, buf); |
b667b867 | 337 | spin_lock_irq(&pipe->wait.lock); |
8cefc107 DH |
338 | tail++; |
339 | pipe->tail = tail; | |
b667b867 | 340 | spin_unlock_irq(&pipe->wait.lock); |
1da177e4 LT |
341 | } |
342 | total_len -= chars; | |
343 | if (!total_len) | |
344 | break; /* common path: read succeeded */ | |
8cefc107 DH |
345 | if (!pipe_empty(head, tail)) /* More to do? */ |
346 | continue; | |
1da177e4 | 347 | } |
8cefc107 | 348 | |
923f4f23 | 349 | if (!pipe->writers) |
1da177e4 | 350 | break; |
a28c8b9d LT |
351 | if (ret) |
352 | break; | |
353 | if (filp->f_flags & O_NONBLOCK) { | |
354 | ret = -EAGAIN; | |
355 | break; | |
1da177e4 LT |
356 | } |
357 | if (signal_pending(current)) { | |
341b446b IM |
358 | if (!ret) |
359 | ret = -ERESTARTSYS; | |
1da177e4 LT |
360 | break; |
361 | } | |
f467a6a6 LT |
362 | if (was_full) { |
363 | wake_up_interruptible_sync_poll(&pipe->wait, EPOLLOUT | EPOLLWRNORM); | |
364 | kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT); | |
365 | } | |
923f4f23 | 366 | pipe_wait(pipe); |
f467a6a6 | 367 | was_full = pipe_full(pipe->head, pipe->tail, pipe->max_usage); |
1da177e4 | 368 | } |
ebec73f4 | 369 | __pipe_unlock(pipe); |
341b446b | 370 | |
f467a6a6 LT |
371 | if (was_full) { |
372 | wake_up_interruptible_sync_poll(&pipe->wait, EPOLLOUT | EPOLLWRNORM); | |
923f4f23 | 373 | kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT); |
1da177e4 LT |
374 | } |
375 | if (ret > 0) | |
376 | file_accessed(filp); | |
377 | return ret; | |
378 | } | |
379 | ||
9883035a LT |
380 | static inline int is_packetized(struct file *file) |
381 | { | |
382 | return (file->f_flags & O_DIRECT) != 0; | |
383 | } | |
384 | ||
1da177e4 | 385 | static ssize_t |
f0d1bec9 | 386 | pipe_write(struct kiocb *iocb, struct iov_iter *from) |
1da177e4 | 387 | { |
ee0b3e67 | 388 | struct file *filp = iocb->ki_filp; |
de32ec4c | 389 | struct pipe_inode_info *pipe = filp->private_data; |
8f868d68 | 390 | unsigned int head; |
f0d1bec9 | 391 | ssize_t ret = 0; |
f0d1bec9 | 392 | size_t total_len = iov_iter_count(from); |
1da177e4 | 393 | ssize_t chars; |
1b6b26ae | 394 | bool was_empty = false; |
1da177e4 | 395 | |
1da177e4 LT |
396 | /* Null write succeeds. */ |
397 | if (unlikely(total_len == 0)) | |
398 | return 0; | |
399 | ||
ebec73f4 | 400 | __pipe_lock(pipe); |
1da177e4 | 401 | |
923f4f23 | 402 | if (!pipe->readers) { |
1da177e4 LT |
403 | send_sig(SIGPIPE, current, 0); |
404 | ret = -EPIPE; | |
405 | goto out; | |
406 | } | |
407 | ||
1b6b26ae LT |
408 | /* |
409 | * Only wake up if the pipe started out empty, since | |
410 | * otherwise there should be no readers waiting. | |
411 | * | |
412 | * If it wasn't empty we try to merge new data into | |
413 | * the last buffer. | |
414 | * | |
415 | * That naturally merges small writes, but it also | |
416 | * page-aligs the rest of the writes for large writes | |
417 | * spanning multiple pages. | |
418 | */ | |
8cefc107 | 419 | head = pipe->head; |
1b6b26ae LT |
420 | was_empty = pipe_empty(head, pipe->tail); |
421 | chars = total_len & (PAGE_SIZE-1); | |
422 | if (chars && !was_empty) { | |
8f868d68 | 423 | unsigned int mask = pipe->ring_size - 1; |
8cefc107 | 424 | struct pipe_buffer *buf = &pipe->bufs[(head - 1) & mask]; |
1da177e4 | 425 | int offset = buf->offset + buf->len; |
341b446b | 426 | |
01e7187b | 427 | if (pipe_buf_can_merge(buf) && offset + chars <= PAGE_SIZE) { |
fba597db | 428 | ret = pipe_buf_confirm(pipe, buf); |
6ae08069 | 429 | if (ret) |
5274f052 | 430 | goto out; |
f84d7519 | 431 | |
f0d1bec9 AV |
432 | ret = copy_page_from_iter(buf->page, offset, chars, from); |
433 | if (unlikely(ret < chars)) { | |
6ae08069 | 434 | ret = -EFAULT; |
1da177e4 | 435 | goto out; |
f6762b7a | 436 | } |
1b6b26ae | 437 | |
6ae08069 | 438 | buf->len += ret; |
f0d1bec9 | 439 | if (!iov_iter_count(from)) |
1da177e4 LT |
440 | goto out; |
441 | } | |
442 | } | |
443 | ||
444 | for (;;) { | |
923f4f23 | 445 | if (!pipe->readers) { |
1da177e4 | 446 | send_sig(SIGPIPE, current, 0); |
341b446b IM |
447 | if (!ret) |
448 | ret = -EPIPE; | |
1da177e4 LT |
449 | break; |
450 | } | |
8cefc107 | 451 | |
a194dfe6 | 452 | head = pipe->head; |
8f868d68 DH |
453 | if (!pipe_full(head, pipe->tail, pipe->max_usage)) { |
454 | unsigned int mask = pipe->ring_size - 1; | |
8cefc107 | 455 | struct pipe_buffer *buf = &pipe->bufs[head & mask]; |
923f4f23 | 456 | struct page *page = pipe->tmp_page; |
f0d1bec9 | 457 | int copied; |
1da177e4 LT |
458 | |
459 | if (!page) { | |
d86133bd | 460 | page = alloc_page(GFP_HIGHUSER | __GFP_ACCOUNT); |
1da177e4 LT |
461 | if (unlikely(!page)) { |
462 | ret = ret ? : -ENOMEM; | |
463 | break; | |
464 | } | |
923f4f23 | 465 | pipe->tmp_page = page; |
1da177e4 | 466 | } |
a194dfe6 DH |
467 | |
468 | /* Allocate a slot in the ring in advance and attach an | |
469 | * empty buffer. If we fault or otherwise fail to use | |
470 | * it, either the reader will consume it or it'll still | |
471 | * be there for the next write. | |
472 | */ | |
473 | spin_lock_irq(&pipe->wait.lock); | |
474 | ||
475 | head = pipe->head; | |
8f868d68 | 476 | if (pipe_full(head, pipe->tail, pipe->max_usage)) { |
8df44129 DH |
477 | spin_unlock_irq(&pipe->wait.lock); |
478 | continue; | |
479 | } | |
480 | ||
a194dfe6 | 481 | pipe->head = head + 1; |
a194dfe6 | 482 | spin_unlock_irq(&pipe->wait.lock); |
1da177e4 LT |
483 | |
484 | /* Insert it into the buffer array */ | |
a194dfe6 | 485 | buf = &pipe->bufs[head & mask]; |
1da177e4 LT |
486 | buf->page = page; |
487 | buf->ops = &anon_pipe_buf_ops; | |
488 | buf->offset = 0; | |
a194dfe6 | 489 | buf->len = 0; |
9883035a LT |
490 | buf->flags = 0; |
491 | if (is_packetized(filp)) { | |
492 | buf->ops = &packet_pipe_buf_ops; | |
493 | buf->flags = PIPE_BUF_FLAG_PACKET; | |
494 | } | |
923f4f23 | 495 | pipe->tmp_page = NULL; |
1da177e4 | 496 | |
a194dfe6 DH |
497 | copied = copy_page_from_iter(page, 0, PAGE_SIZE, from); |
498 | if (unlikely(copied < PAGE_SIZE && iov_iter_count(from))) { | |
499 | if (!ret) | |
500 | ret = -EFAULT; | |
501 | break; | |
502 | } | |
503 | ret += copied; | |
504 | buf->offset = 0; | |
505 | buf->len = copied; | |
506 | ||
f0d1bec9 | 507 | if (!iov_iter_count(from)) |
1da177e4 LT |
508 | break; |
509 | } | |
8cefc107 | 510 | |
8f868d68 | 511 | if (!pipe_full(head, pipe->tail, pipe->max_usage)) |
1da177e4 | 512 | continue; |
8cefc107 DH |
513 | |
514 | /* Wait for buffer space to become available. */ | |
1da177e4 | 515 | if (filp->f_flags & O_NONBLOCK) { |
341b446b IM |
516 | if (!ret) |
517 | ret = -EAGAIN; | |
1da177e4 LT |
518 | break; |
519 | } | |
520 | if (signal_pending(current)) { | |
341b446b IM |
521 | if (!ret) |
522 | ret = -ERESTARTSYS; | |
1da177e4 LT |
523 | break; |
524 | } | |
1b6b26ae LT |
525 | |
526 | /* | |
527 | * We're going to release the pipe lock and wait for more | |
528 | * space. We wake up any readers if necessary, and then | |
529 | * after waiting we need to re-check whether the pipe | |
530 | * become empty while we dropped the lock. | |
531 | */ | |
532 | if (was_empty) { | |
533 | wake_up_interruptible_sync_poll(&pipe->wait, EPOLLIN | EPOLLRDNORM); | |
534 | kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); | |
535 | } | |
923f4f23 | 536 | pipe_wait(pipe); |
1b6b26ae LT |
537 | |
538 | was_empty = pipe_empty(head, pipe->tail); | |
1da177e4 LT |
539 | } |
540 | out: | |
ebec73f4 | 541 | __pipe_unlock(pipe); |
1b6b26ae LT |
542 | |
543 | /* | |
544 | * If we do do a wakeup event, we do a 'sync' wakeup, because we | |
545 | * want the reader to start processing things asap, rather than | |
546 | * leave the data pending. | |
547 | * | |
548 | * This is particularly important for small writes, because of | |
549 | * how (for example) the GNU make jobserver uses small writes to | |
550 | * wake up pending jobs | |
551 | */ | |
552 | if (was_empty) { | |
553 | wake_up_interruptible_sync_poll(&pipe->wait, EPOLLIN | EPOLLRDNORM); | |
923f4f23 | 554 | kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); |
1da177e4 | 555 | } |
7e775f46 | 556 | if (ret > 0 && sb_start_write_trylock(file_inode(filp)->i_sb)) { |
c3b2da31 JB |
557 | int err = file_update_time(filp); |
558 | if (err) | |
559 | ret = err; | |
7e775f46 | 560 | sb_end_write(file_inode(filp)->i_sb); |
c3b2da31 | 561 | } |
1da177e4 LT |
562 | return ret; |
563 | } | |
564 | ||
d59d0b1b | 565 | static long pipe_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) |
1da177e4 | 566 | { |
de32ec4c | 567 | struct pipe_inode_info *pipe = filp->private_data; |
8cefc107 | 568 | int count, head, tail, mask; |
1da177e4 LT |
569 | |
570 | switch (cmd) { | |
571 | case FIONREAD: | |
ebec73f4 | 572 | __pipe_lock(pipe); |
1da177e4 | 573 | count = 0; |
8cefc107 DH |
574 | head = pipe->head; |
575 | tail = pipe->tail; | |
576 | mask = pipe->ring_size - 1; | |
577 | ||
578 | while (tail != head) { | |
579 | count += pipe->bufs[tail & mask].len; | |
580 | tail++; | |
1da177e4 | 581 | } |
ebec73f4 | 582 | __pipe_unlock(pipe); |
923f4f23 | 583 | |
1da177e4 LT |
584 | return put_user(count, (int __user *)arg); |
585 | default: | |
46ce341b | 586 | return -ENOIOCTLCMD; |
1da177e4 LT |
587 | } |
588 | } | |
589 | ||
dd67081b | 590 | /* No kernel lock held - fine */ |
a11e1d43 LT |
591 | static __poll_t |
592 | pipe_poll(struct file *filp, poll_table *wait) | |
dd67081b | 593 | { |
a11e1d43 | 594 | __poll_t mask; |
dd67081b | 595 | struct pipe_inode_info *pipe = filp->private_data; |
ad910e36 | 596 | unsigned int head, tail; |
a11e1d43 | 597 | |
ad910e36 LT |
598 | /* |
599 | * Reading only -- no need for acquiring the semaphore. | |
600 | * | |
601 | * But because this is racy, the code has to add the | |
602 | * entry to the poll table _first_ .. | |
603 | */ | |
a11e1d43 | 604 | poll_wait(filp, &pipe->wait, wait); |
1da177e4 | 605 | |
ad910e36 LT |
606 | /* |
607 | * .. and only then can you do the racy tests. That way, | |
608 | * if something changes and you got it wrong, the poll | |
609 | * table entry will wake you up and fix it. | |
610 | */ | |
611 | head = READ_ONCE(pipe->head); | |
612 | tail = READ_ONCE(pipe->tail); | |
613 | ||
a11e1d43 | 614 | mask = 0; |
1da177e4 | 615 | if (filp->f_mode & FMODE_READ) { |
8cefc107 DH |
616 | if (!pipe_empty(head, tail)) |
617 | mask |= EPOLLIN | EPOLLRDNORM; | |
923f4f23 | 618 | if (!pipe->writers && filp->f_version != pipe->w_counter) |
a9a08845 | 619 | mask |= EPOLLHUP; |
1da177e4 LT |
620 | } |
621 | ||
622 | if (filp->f_mode & FMODE_WRITE) { | |
6718b6f8 | 623 | if (!pipe_full(head, tail, pipe->max_usage)) |
8cefc107 | 624 | mask |= EPOLLOUT | EPOLLWRNORM; |
5e5d7a22 | 625 | /* |
a9a08845 | 626 | * Most Unices do not set EPOLLERR for FIFOs but on Linux they |
5e5d7a22 PE |
627 | * behave exactly like pipes for poll(). |
628 | */ | |
923f4f23 | 629 | if (!pipe->readers) |
a9a08845 | 630 | mask |= EPOLLERR; |
1da177e4 LT |
631 | } |
632 | ||
633 | return mask; | |
634 | } | |
635 | ||
b0d8d229 LT |
636 | static void put_pipe_info(struct inode *inode, struct pipe_inode_info *pipe) |
637 | { | |
638 | int kill = 0; | |
639 | ||
640 | spin_lock(&inode->i_lock); | |
641 | if (!--pipe->files) { | |
642 | inode->i_pipe = NULL; | |
643 | kill = 1; | |
644 | } | |
645 | spin_unlock(&inode->i_lock); | |
646 | ||
647 | if (kill) | |
648 | free_pipe_info(pipe); | |
649 | } | |
650 | ||
1da177e4 | 651 | static int |
599a0ac1 | 652 | pipe_release(struct inode *inode, struct file *file) |
1da177e4 | 653 | { |
b0d8d229 | 654 | struct pipe_inode_info *pipe = file->private_data; |
923f4f23 | 655 | |
ebec73f4 | 656 | __pipe_lock(pipe); |
599a0ac1 AV |
657 | if (file->f_mode & FMODE_READ) |
658 | pipe->readers--; | |
659 | if (file->f_mode & FMODE_WRITE) | |
660 | pipe->writers--; | |
341b446b | 661 | |
ba5bb147 | 662 | if (pipe->readers || pipe->writers) { |
a9a08845 | 663 | wake_up_interruptible_sync_poll(&pipe->wait, EPOLLIN | EPOLLOUT | EPOLLRDNORM | EPOLLWRNORM | EPOLLERR | EPOLLHUP); |
923f4f23 IM |
664 | kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); |
665 | kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT); | |
1da177e4 | 666 | } |
ebec73f4 | 667 | __pipe_unlock(pipe); |
ba5bb147 | 668 | |
b0d8d229 | 669 | put_pipe_info(inode, pipe); |
1da177e4 LT |
670 | return 0; |
671 | } | |
672 | ||
673 | static int | |
599a0ac1 | 674 | pipe_fasync(int fd, struct file *filp, int on) |
1da177e4 | 675 | { |
de32ec4c | 676 | struct pipe_inode_info *pipe = filp->private_data; |
599a0ac1 | 677 | int retval = 0; |
1da177e4 | 678 | |
ebec73f4 | 679 | __pipe_lock(pipe); |
599a0ac1 AV |
680 | if (filp->f_mode & FMODE_READ) |
681 | retval = fasync_helper(fd, filp, on, &pipe->fasync_readers); | |
682 | if ((filp->f_mode & FMODE_WRITE) && retval >= 0) { | |
341b446b | 683 | retval = fasync_helper(fd, filp, on, &pipe->fasync_writers); |
599a0ac1 AV |
684 | if (retval < 0 && (filp->f_mode & FMODE_READ)) |
685 | /* this can happen only if on == T */ | |
e5bc49ba ON |
686 | fasync_helper(-1, filp, 0, &pipe->fasync_readers); |
687 | } | |
ebec73f4 | 688 | __pipe_unlock(pipe); |
60aa4924 | 689 | return retval; |
1da177e4 LT |
690 | } |
691 | ||
9c87bcf0 | 692 | static unsigned long account_pipe_buffers(struct user_struct *user, |
759c0114 WT |
693 | unsigned long old, unsigned long new) |
694 | { | |
9c87bcf0 | 695 | return atomic_long_add_return(new - old, &user->pipe_bufs); |
759c0114 WT |
696 | } |
697 | ||
9c87bcf0 | 698 | static bool too_many_pipe_buffers_soft(unsigned long user_bufs) |
759c0114 | 699 | { |
f7340761 EB |
700 | unsigned long soft_limit = READ_ONCE(pipe_user_pages_soft); |
701 | ||
702 | return soft_limit && user_bufs > soft_limit; | |
759c0114 WT |
703 | } |
704 | ||
9c87bcf0 | 705 | static bool too_many_pipe_buffers_hard(unsigned long user_bufs) |
759c0114 | 706 | { |
f7340761 EB |
707 | unsigned long hard_limit = READ_ONCE(pipe_user_pages_hard); |
708 | ||
709 | return hard_limit && user_bufs > hard_limit; | |
759c0114 WT |
710 | } |
711 | ||
85c2dd54 EB |
712 | static bool is_unprivileged_user(void) |
713 | { | |
714 | return !capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN); | |
715 | } | |
716 | ||
7bee130e | 717 | struct pipe_inode_info *alloc_pipe_info(void) |
3a326a2c | 718 | { |
923f4f23 | 719 | struct pipe_inode_info *pipe; |
09b4d199 MK |
720 | unsigned long pipe_bufs = PIPE_DEF_BUFFERS; |
721 | struct user_struct *user = get_current_user(); | |
9c87bcf0 | 722 | unsigned long user_bufs; |
f7340761 | 723 | unsigned int max_size = READ_ONCE(pipe_max_size); |
3a326a2c | 724 | |
d86133bd | 725 | pipe = kzalloc(sizeof(struct pipe_inode_info), GFP_KERNEL_ACCOUNT); |
09b4d199 MK |
726 | if (pipe == NULL) |
727 | goto out_free_uid; | |
728 | ||
f7340761 EB |
729 | if (pipe_bufs * PAGE_SIZE > max_size && !capable(CAP_SYS_RESOURCE)) |
730 | pipe_bufs = max_size >> PAGE_SHIFT; | |
086e774a | 731 | |
9c87bcf0 | 732 | user_bufs = account_pipe_buffers(user, 0, pipe_bufs); |
a005ca0e | 733 | |
85c2dd54 | 734 | if (too_many_pipe_buffers_soft(user_bufs) && is_unprivileged_user()) { |
9c87bcf0 | 735 | user_bufs = account_pipe_buffers(user, pipe_bufs, 1); |
a005ca0e | 736 | pipe_bufs = 1; |
09b4d199 | 737 | } |
759c0114 | 738 | |
85c2dd54 | 739 | if (too_many_pipe_buffers_hard(user_bufs) && is_unprivileged_user()) |
a005ca0e MK |
740 | goto out_revert_acct; |
741 | ||
742 | pipe->bufs = kcalloc(pipe_bufs, sizeof(struct pipe_buffer), | |
743 | GFP_KERNEL_ACCOUNT); | |
744 | ||
09b4d199 MK |
745 | if (pipe->bufs) { |
746 | init_waitqueue_head(&pipe->wait); | |
747 | pipe->r_counter = pipe->w_counter = 1; | |
6718b6f8 | 748 | pipe->max_usage = pipe_bufs; |
8cefc107 | 749 | pipe->ring_size = pipe_bufs; |
09b4d199 | 750 | pipe->user = user; |
09b4d199 MK |
751 | mutex_init(&pipe->mutex); |
752 | return pipe; | |
3a326a2c IM |
753 | } |
754 | ||
a005ca0e | 755 | out_revert_acct: |
9c87bcf0 | 756 | (void) account_pipe_buffers(user, pipe_bufs, 0); |
09b4d199 MK |
757 | kfree(pipe); |
758 | out_free_uid: | |
759 | free_uid(user); | |
35f3d14d | 760 | return NULL; |
3a326a2c IM |
761 | } |
762 | ||
4b8a8f1e | 763 | void free_pipe_info(struct pipe_inode_info *pipe) |
1da177e4 LT |
764 | { |
765 | int i; | |
1da177e4 | 766 | |
8cefc107 | 767 | (void) account_pipe_buffers(pipe->user, pipe->ring_size, 0); |
759c0114 | 768 | free_uid(pipe->user); |
8cefc107 | 769 | for (i = 0; i < pipe->ring_size; i++) { |
923f4f23 | 770 | struct pipe_buffer *buf = pipe->bufs + i; |
1da177e4 | 771 | if (buf->ops) |
a779638c | 772 | pipe_buf_release(pipe, buf); |
1da177e4 | 773 | } |
923f4f23 IM |
774 | if (pipe->tmp_page) |
775 | __free_page(pipe->tmp_page); | |
35f3d14d | 776 | kfree(pipe->bufs); |
923f4f23 | 777 | kfree(pipe); |
1da177e4 LT |
778 | } |
779 | ||
fa3536cc | 780 | static struct vfsmount *pipe_mnt __read_mostly; |
341b446b | 781 | |
c23fbb6b ED |
782 | /* |
783 | * pipefs_dname() is called from d_path(). | |
784 | */ | |
785 | static char *pipefs_dname(struct dentry *dentry, char *buffer, int buflen) | |
786 | { | |
787 | return dynamic_dname(dentry, buffer, buflen, "pipe:[%lu]", | |
75c3cfa8 | 788 | d_inode(dentry)->i_ino); |
c23fbb6b ED |
789 | } |
790 | ||
3ba13d17 | 791 | static const struct dentry_operations pipefs_dentry_operations = { |
c23fbb6b | 792 | .d_dname = pipefs_dname, |
1da177e4 LT |
793 | }; |
794 | ||
795 | static struct inode * get_pipe_inode(void) | |
796 | { | |
a209dfc7 | 797 | struct inode *inode = new_inode_pseudo(pipe_mnt->mnt_sb); |
923f4f23 | 798 | struct pipe_inode_info *pipe; |
1da177e4 LT |
799 | |
800 | if (!inode) | |
801 | goto fail_inode; | |
802 | ||
85fe4025 CH |
803 | inode->i_ino = get_next_ino(); |
804 | ||
7bee130e | 805 | pipe = alloc_pipe_info(); |
923f4f23 | 806 | if (!pipe) |
1da177e4 | 807 | goto fail_iput; |
3a326a2c | 808 | |
ba5bb147 AV |
809 | inode->i_pipe = pipe; |
810 | pipe->files = 2; | |
923f4f23 | 811 | pipe->readers = pipe->writers = 1; |
599a0ac1 | 812 | inode->i_fop = &pipefifo_fops; |
1da177e4 LT |
813 | |
814 | /* | |
815 | * Mark the inode dirty from the very beginning, | |
816 | * that way it will never be moved to the dirty | |
817 | * list because "mark_inode_dirty()" will think | |
818 | * that it already _is_ on the dirty list. | |
819 | */ | |
820 | inode->i_state = I_DIRTY; | |
821 | inode->i_mode = S_IFIFO | S_IRUSR | S_IWUSR; | |
da9592ed DH |
822 | inode->i_uid = current_fsuid(); |
823 | inode->i_gid = current_fsgid(); | |
078cd827 | 824 | inode->i_atime = inode->i_mtime = inode->i_ctime = current_time(inode); |
923f4f23 | 825 | |
1da177e4 LT |
826 | return inode; |
827 | ||
828 | fail_iput: | |
829 | iput(inode); | |
341b446b | 830 | |
1da177e4 LT |
831 | fail_inode: |
832 | return NULL; | |
833 | } | |
834 | ||
e4fad8e5 | 835 | int create_pipe_files(struct file **res, int flags) |
1da177e4 | 836 | { |
e4fad8e5 | 837 | struct inode *inode = get_pipe_inode(); |
d6cbd281 | 838 | struct file *f; |
1da177e4 | 839 | |
1da177e4 | 840 | if (!inode) |
e4fad8e5 | 841 | return -ENFILE; |
1da177e4 | 842 | |
152b6372 AV |
843 | f = alloc_file_pseudo(inode, pipe_mnt, "", |
844 | O_WRONLY | (flags & (O_NONBLOCK | O_DIRECT)), | |
845 | &pipefifo_fops); | |
e9bb1f9b | 846 | if (IS_ERR(f)) { |
152b6372 AV |
847 | free_pipe_info(inode->i_pipe); |
848 | iput(inode); | |
849 | return PTR_ERR(f); | |
e9bb1f9b | 850 | } |
341b446b | 851 | |
de32ec4c | 852 | f->private_data = inode->i_pipe; |
d6cbd281 | 853 | |
183266f2 AV |
854 | res[0] = alloc_file_clone(f, O_RDONLY | (flags & O_NONBLOCK), |
855 | &pipefifo_fops); | |
e9bb1f9b | 856 | if (IS_ERR(res[0])) { |
b10a4a9f AV |
857 | put_pipe_info(inode, inode->i_pipe); |
858 | fput(f); | |
859 | return PTR_ERR(res[0]); | |
e9bb1f9b | 860 | } |
de32ec4c | 861 | res[0]->private_data = inode->i_pipe; |
e4fad8e5 | 862 | res[1] = f; |
d8e464ec LT |
863 | stream_open(inode, res[0]); |
864 | stream_open(inode, res[1]); | |
e4fad8e5 | 865 | return 0; |
d6cbd281 AK |
866 | } |
867 | ||
5b249b1b | 868 | static int __do_pipe_flags(int *fd, struct file **files, int flags) |
d6cbd281 | 869 | { |
d6cbd281 AK |
870 | int error; |
871 | int fdw, fdr; | |
872 | ||
9883035a | 873 | if (flags & ~(O_CLOEXEC | O_NONBLOCK | O_DIRECT)) |
ed8cae8b UD |
874 | return -EINVAL; |
875 | ||
e4fad8e5 AV |
876 | error = create_pipe_files(files, flags); |
877 | if (error) | |
878 | return error; | |
d6cbd281 | 879 | |
ed8cae8b | 880 | error = get_unused_fd_flags(flags); |
d6cbd281 AK |
881 | if (error < 0) |
882 | goto err_read_pipe; | |
883 | fdr = error; | |
884 | ||
ed8cae8b | 885 | error = get_unused_fd_flags(flags); |
d6cbd281 AK |
886 | if (error < 0) |
887 | goto err_fdr; | |
888 | fdw = error; | |
889 | ||
157cf649 | 890 | audit_fd_pair(fdr, fdw); |
d6cbd281 AK |
891 | fd[0] = fdr; |
892 | fd[1] = fdw; | |
d6cbd281 AK |
893 | return 0; |
894 | ||
895 | err_fdr: | |
896 | put_unused_fd(fdr); | |
897 | err_read_pipe: | |
e4fad8e5 AV |
898 | fput(files[0]); |
899 | fput(files[1]); | |
d6cbd281 | 900 | return error; |
1da177e4 LT |
901 | } |
902 | ||
5b249b1b AV |
903 | int do_pipe_flags(int *fd, int flags) |
904 | { | |
905 | struct file *files[2]; | |
906 | int error = __do_pipe_flags(fd, files, flags); | |
907 | if (!error) { | |
908 | fd_install(fd[0], files[0]); | |
909 | fd_install(fd[1], files[1]); | |
910 | } | |
911 | return error; | |
912 | } | |
913 | ||
d35c7b0e UD |
914 | /* |
915 | * sys_pipe() is the normal C calling standard for creating | |
916 | * a pipe. It's not the way Unix traditionally does this, though. | |
917 | */ | |
0a216dd1 | 918 | static int do_pipe2(int __user *fildes, int flags) |
d35c7b0e | 919 | { |
5b249b1b | 920 | struct file *files[2]; |
d35c7b0e UD |
921 | int fd[2]; |
922 | int error; | |
923 | ||
5b249b1b | 924 | error = __do_pipe_flags(fd, files, flags); |
d35c7b0e | 925 | if (!error) { |
5b249b1b AV |
926 | if (unlikely(copy_to_user(fildes, fd, sizeof(fd)))) { |
927 | fput(files[0]); | |
928 | fput(files[1]); | |
929 | put_unused_fd(fd[0]); | |
930 | put_unused_fd(fd[1]); | |
d35c7b0e | 931 | error = -EFAULT; |
5b249b1b AV |
932 | } else { |
933 | fd_install(fd[0], files[0]); | |
934 | fd_install(fd[1], files[1]); | |
ba719bae | 935 | } |
d35c7b0e UD |
936 | } |
937 | return error; | |
938 | } | |
939 | ||
0a216dd1 DB |
940 | SYSCALL_DEFINE2(pipe2, int __user *, fildes, int, flags) |
941 | { | |
942 | return do_pipe2(fildes, flags); | |
943 | } | |
944 | ||
2b664219 | 945 | SYSCALL_DEFINE1(pipe, int __user *, fildes) |
ed8cae8b | 946 | { |
0a216dd1 | 947 | return do_pipe2(fildes, 0); |
ed8cae8b UD |
948 | } |
949 | ||
fc7478a2 | 950 | static int wait_for_partner(struct pipe_inode_info *pipe, unsigned int *cnt) |
f776c738 | 951 | { |
8cefc107 | 952 | int cur = *cnt; |
f776c738 AV |
953 | |
954 | while (cur == *cnt) { | |
fc7478a2 | 955 | pipe_wait(pipe); |
f776c738 AV |
956 | if (signal_pending(current)) |
957 | break; | |
958 | } | |
959 | return cur == *cnt ? -ERESTARTSYS : 0; | |
960 | } | |
961 | ||
fc7478a2 | 962 | static void wake_up_partner(struct pipe_inode_info *pipe) |
f776c738 | 963 | { |
fc7478a2 | 964 | wake_up_interruptible(&pipe->wait); |
f776c738 AV |
965 | } |
966 | ||
967 | static int fifo_open(struct inode *inode, struct file *filp) | |
968 | { | |
969 | struct pipe_inode_info *pipe; | |
599a0ac1 | 970 | bool is_pipe = inode->i_sb->s_magic == PIPEFS_MAGIC; |
f776c738 AV |
971 | int ret; |
972 | ||
ba5bb147 AV |
973 | filp->f_version = 0; |
974 | ||
975 | spin_lock(&inode->i_lock); | |
976 | if (inode->i_pipe) { | |
977 | pipe = inode->i_pipe; | |
978 | pipe->files++; | |
979 | spin_unlock(&inode->i_lock); | |
980 | } else { | |
981 | spin_unlock(&inode->i_lock); | |
7bee130e | 982 | pipe = alloc_pipe_info(); |
f776c738 | 983 | if (!pipe) |
ba5bb147 AV |
984 | return -ENOMEM; |
985 | pipe->files = 1; | |
986 | spin_lock(&inode->i_lock); | |
987 | if (unlikely(inode->i_pipe)) { | |
988 | inode->i_pipe->files++; | |
989 | spin_unlock(&inode->i_lock); | |
4b8a8f1e | 990 | free_pipe_info(pipe); |
ba5bb147 AV |
991 | pipe = inode->i_pipe; |
992 | } else { | |
993 | inode->i_pipe = pipe; | |
994 | spin_unlock(&inode->i_lock); | |
995 | } | |
f776c738 | 996 | } |
de32ec4c | 997 | filp->private_data = pipe; |
ba5bb147 AV |
998 | /* OK, we have a pipe and it's pinned down */ |
999 | ||
ebec73f4 | 1000 | __pipe_lock(pipe); |
f776c738 AV |
1001 | |
1002 | /* We can only do regular read/write on fifos */ | |
d8e464ec | 1003 | stream_open(inode, filp); |
f776c738 | 1004 | |
d8e464ec | 1005 | switch (filp->f_mode & (FMODE_READ | FMODE_WRITE)) { |
f776c738 AV |
1006 | case FMODE_READ: |
1007 | /* | |
1008 | * O_RDONLY | |
1009 | * POSIX.1 says that O_NONBLOCK means return with the FIFO | |
1010 | * opened, even when there is no process writing the FIFO. | |
1011 | */ | |
f776c738 AV |
1012 | pipe->r_counter++; |
1013 | if (pipe->readers++ == 0) | |
fc7478a2 | 1014 | wake_up_partner(pipe); |
f776c738 | 1015 | |
599a0ac1 | 1016 | if (!is_pipe && !pipe->writers) { |
f776c738 | 1017 | if ((filp->f_flags & O_NONBLOCK)) { |
a9a08845 | 1018 | /* suppress EPOLLHUP until we have |
f776c738 AV |
1019 | * seen a writer */ |
1020 | filp->f_version = pipe->w_counter; | |
1021 | } else { | |
fc7478a2 | 1022 | if (wait_for_partner(pipe, &pipe->w_counter)) |
f776c738 AV |
1023 | goto err_rd; |
1024 | } | |
1025 | } | |
1026 | break; | |
8cefc107 | 1027 | |
f776c738 AV |
1028 | case FMODE_WRITE: |
1029 | /* | |
1030 | * O_WRONLY | |
1031 | * POSIX.1 says that O_NONBLOCK means return -1 with | |
1032 | * errno=ENXIO when there is no process reading the FIFO. | |
1033 | */ | |
1034 | ret = -ENXIO; | |
599a0ac1 | 1035 | if (!is_pipe && (filp->f_flags & O_NONBLOCK) && !pipe->readers) |
f776c738 AV |
1036 | goto err; |
1037 | ||
f776c738 AV |
1038 | pipe->w_counter++; |
1039 | if (!pipe->writers++) | |
fc7478a2 | 1040 | wake_up_partner(pipe); |
f776c738 | 1041 | |
599a0ac1 | 1042 | if (!is_pipe && !pipe->readers) { |
fc7478a2 | 1043 | if (wait_for_partner(pipe, &pipe->r_counter)) |
f776c738 AV |
1044 | goto err_wr; |
1045 | } | |
1046 | break; | |
8cefc107 | 1047 | |
f776c738 AV |
1048 | case FMODE_READ | FMODE_WRITE: |
1049 | /* | |
1050 | * O_RDWR | |
1051 | * POSIX.1 leaves this case "undefined" when O_NONBLOCK is set. | |
1052 | * This implementation will NEVER block on a O_RDWR open, since | |
1053 | * the process can at least talk to itself. | |
1054 | */ | |
f776c738 AV |
1055 | |
1056 | pipe->readers++; | |
1057 | pipe->writers++; | |
1058 | pipe->r_counter++; | |
1059 | pipe->w_counter++; | |
1060 | if (pipe->readers == 1 || pipe->writers == 1) | |
fc7478a2 | 1061 | wake_up_partner(pipe); |
f776c738 AV |
1062 | break; |
1063 | ||
1064 | default: | |
1065 | ret = -EINVAL; | |
1066 | goto err; | |
1067 | } | |
1068 | ||
1069 | /* Ok! */ | |
ebec73f4 | 1070 | __pipe_unlock(pipe); |
f776c738 AV |
1071 | return 0; |
1072 | ||
1073 | err_rd: | |
1074 | if (!--pipe->readers) | |
1075 | wake_up_interruptible(&pipe->wait); | |
1076 | ret = -ERESTARTSYS; | |
1077 | goto err; | |
1078 | ||
1079 | err_wr: | |
1080 | if (!--pipe->writers) | |
1081 | wake_up_interruptible(&pipe->wait); | |
1082 | ret = -ERESTARTSYS; | |
1083 | goto err; | |
1084 | ||
1085 | err: | |
ebec73f4 | 1086 | __pipe_unlock(pipe); |
b0d8d229 LT |
1087 | |
1088 | put_pipe_info(inode, pipe); | |
f776c738 AV |
1089 | return ret; |
1090 | } | |
1091 | ||
599a0ac1 AV |
1092 | const struct file_operations pipefifo_fops = { |
1093 | .open = fifo_open, | |
1094 | .llseek = no_llseek, | |
fb9096a3 | 1095 | .read_iter = pipe_read, |
f0d1bec9 | 1096 | .write_iter = pipe_write, |
a11e1d43 | 1097 | .poll = pipe_poll, |
599a0ac1 AV |
1098 | .unlocked_ioctl = pipe_ioctl, |
1099 | .release = pipe_release, | |
1100 | .fasync = pipe_fasync, | |
f776c738 AV |
1101 | }; |
1102 | ||
f491bd71 MK |
1103 | /* |
1104 | * Currently we rely on the pipe array holding a power-of-2 number | |
d3f14c48 | 1105 | * of pages. Returns 0 on error. |
f491bd71 | 1106 | */ |
96e99be4 | 1107 | unsigned int round_pipe_size(unsigned long size) |
f491bd71 | 1108 | { |
c4fed5a9 | 1109 | if (size > (1U << 31)) |
96e99be4 EB |
1110 | return 0; |
1111 | ||
4c2e4bef EB |
1112 | /* Minimum pipe size, as required by POSIX */ |
1113 | if (size < PAGE_SIZE) | |
c4fed5a9 | 1114 | return PAGE_SIZE; |
d3f14c48 | 1115 | |
c4fed5a9 | 1116 | return roundup_pow_of_two(size); |
f491bd71 MK |
1117 | } |
1118 | ||
35f3d14d JA |
1119 | /* |
1120 | * Allocate a new array of pipe buffers and copy the info over. Returns the | |
1121 | * pipe size if successful, or return -ERROR on error. | |
1122 | */ | |
d37d4166 | 1123 | static long pipe_set_size(struct pipe_inode_info *pipe, unsigned long arg) |
35f3d14d JA |
1124 | { |
1125 | struct pipe_buffer *bufs; | |
8cefc107 | 1126 | unsigned int size, nr_slots, head, tail, mask, n; |
9c87bcf0 | 1127 | unsigned long user_bufs; |
b0b91d18 | 1128 | long ret = 0; |
d37d4166 MK |
1129 | |
1130 | size = round_pipe_size(arg); | |
8cefc107 | 1131 | nr_slots = size >> PAGE_SHIFT; |
d37d4166 | 1132 | |
8cefc107 | 1133 | if (!nr_slots) |
d37d4166 MK |
1134 | return -EINVAL; |
1135 | ||
b0b91d18 MK |
1136 | /* |
1137 | * If trying to increase the pipe capacity, check that an | |
1138 | * unprivileged user is not trying to exceed various limits | |
1139 | * (soft limit check here, hard limit check just below). | |
1140 | * Decreasing the pipe capacity is always permitted, even | |
1141 | * if the user is currently over a limit. | |
1142 | */ | |
8cefc107 | 1143 | if (nr_slots > pipe->ring_size && |
b0b91d18 | 1144 | size > pipe_max_size && !capable(CAP_SYS_RESOURCE)) |
d37d4166 MK |
1145 | return -EPERM; |
1146 | ||
8cefc107 | 1147 | user_bufs = account_pipe_buffers(pipe->user, pipe->ring_size, nr_slots); |
b0b91d18 | 1148 | |
8cefc107 | 1149 | if (nr_slots > pipe->ring_size && |
9c87bcf0 MK |
1150 | (too_many_pipe_buffers_hard(user_bufs) || |
1151 | too_many_pipe_buffers_soft(user_bufs)) && | |
85c2dd54 | 1152 | is_unprivileged_user()) { |
b0b91d18 MK |
1153 | ret = -EPERM; |
1154 | goto out_revert_acct; | |
1155 | } | |
35f3d14d | 1156 | |
35f3d14d | 1157 | /* |
8cefc107 DH |
1158 | * We can shrink the pipe, if arg is greater than the ring occupancy. |
1159 | * Since we don't expect a lot of shrink+grow operations, just free and | |
1160 | * allocate again like we would do for growing. If the pipe currently | |
35f3d14d JA |
1161 | * contains more buffers than arg, then return busy. |
1162 | */ | |
8cefc107 DH |
1163 | mask = pipe->ring_size - 1; |
1164 | head = pipe->head; | |
1165 | tail = pipe->tail; | |
1166 | n = pipe_occupancy(pipe->head, pipe->tail); | |
1167 | if (nr_slots < n) { | |
b0b91d18 MK |
1168 | ret = -EBUSY; |
1169 | goto out_revert_acct; | |
1170 | } | |
35f3d14d | 1171 | |
8cefc107 | 1172 | bufs = kcalloc(nr_slots, sizeof(*bufs), |
d86133bd | 1173 | GFP_KERNEL_ACCOUNT | __GFP_NOWARN); |
b0b91d18 MK |
1174 | if (unlikely(!bufs)) { |
1175 | ret = -ENOMEM; | |
1176 | goto out_revert_acct; | |
1177 | } | |
35f3d14d JA |
1178 | |
1179 | /* | |
1180 | * The pipe array wraps around, so just start the new one at zero | |
8cefc107 | 1181 | * and adjust the indices. |
35f3d14d | 1182 | */ |
8cefc107 DH |
1183 | if (n > 0) { |
1184 | unsigned int h = head & mask; | |
1185 | unsigned int t = tail & mask; | |
1186 | if (h > t) { | |
1187 | memcpy(bufs, pipe->bufs + t, | |
1188 | n * sizeof(struct pipe_buffer)); | |
1189 | } else { | |
1190 | unsigned int tsize = pipe->ring_size - t; | |
1191 | if (h > 0) | |
1192 | memcpy(bufs + tsize, pipe->bufs, | |
1193 | h * sizeof(struct pipe_buffer)); | |
1194 | memcpy(bufs, pipe->bufs + t, | |
1195 | tsize * sizeof(struct pipe_buffer)); | |
1196 | } | |
35f3d14d JA |
1197 | } |
1198 | ||
8cefc107 DH |
1199 | head = n; |
1200 | tail = 0; | |
1201 | ||
35f3d14d JA |
1202 | kfree(pipe->bufs); |
1203 | pipe->bufs = bufs; | |
8cefc107 | 1204 | pipe->ring_size = nr_slots; |
6718b6f8 | 1205 | pipe->max_usage = nr_slots; |
8cefc107 DH |
1206 | pipe->tail = tail; |
1207 | pipe->head = head; | |
8c7b8c34 | 1208 | wake_up_interruptible_all(&pipe->wait); |
6718b6f8 | 1209 | return pipe->max_usage * PAGE_SIZE; |
b0b91d18 MK |
1210 | |
1211 | out_revert_acct: | |
8cefc107 | 1212 | (void) account_pipe_buffers(pipe->user, nr_slots, pipe->ring_size); |
b0b91d18 | 1213 | return ret; |
35f3d14d JA |
1214 | } |
1215 | ||
72083646 LT |
1216 | /* |
1217 | * After the inode slimming patch, i_pipe/i_bdev/i_cdev share the same | |
1218 | * location, so checking ->i_pipe is not enough to verify that this is a | |
1219 | * pipe. | |
1220 | */ | |
1221 | struct pipe_inode_info *get_pipe_info(struct file *file) | |
1222 | { | |
de32ec4c | 1223 | return file->f_op == &pipefifo_fops ? file->private_data : NULL; |
72083646 LT |
1224 | } |
1225 | ||
35f3d14d JA |
1226 | long pipe_fcntl(struct file *file, unsigned int cmd, unsigned long arg) |
1227 | { | |
1228 | struct pipe_inode_info *pipe; | |
1229 | long ret; | |
1230 | ||
c66fb347 | 1231 | pipe = get_pipe_info(file); |
35f3d14d JA |
1232 | if (!pipe) |
1233 | return -EBADF; | |
1234 | ||
ebec73f4 | 1235 | __pipe_lock(pipe); |
35f3d14d JA |
1236 | |
1237 | switch (cmd) { | |
d37d4166 MK |
1238 | case F_SETPIPE_SZ: |
1239 | ret = pipe_set_size(pipe, arg); | |
35f3d14d JA |
1240 | break; |
1241 | case F_GETPIPE_SZ: | |
6718b6f8 | 1242 | ret = pipe->max_usage * PAGE_SIZE; |
35f3d14d JA |
1243 | break; |
1244 | default: | |
1245 | ret = -EINVAL; | |
1246 | break; | |
1247 | } | |
1248 | ||
ebec73f4 | 1249 | __pipe_unlock(pipe); |
35f3d14d JA |
1250 | return ret; |
1251 | } | |
1252 | ||
ff0c7d15 NP |
1253 | static const struct super_operations pipefs_ops = { |
1254 | .destroy_inode = free_inode_nonrcu, | |
d70ef97b | 1255 | .statfs = simple_statfs, |
ff0c7d15 NP |
1256 | }; |
1257 | ||
1da177e4 LT |
1258 | /* |
1259 | * pipefs should _never_ be mounted by userland - too much of security hassle, | |
1260 | * no real gain from having the whole whorehouse mounted. So we don't need | |
1261 | * any operations on the root directory. However, we need a non-trivial | |
1262 | * d_name - pipe: will go nicely and kill the special-casing in procfs. | |
1263 | */ | |
4fa7ec5d DH |
1264 | |
1265 | static int pipefs_init_fs_context(struct fs_context *fc) | |
1da177e4 | 1266 | { |
4fa7ec5d DH |
1267 | struct pseudo_fs_context *ctx = init_pseudo(fc, PIPEFS_MAGIC); |
1268 | if (!ctx) | |
1269 | return -ENOMEM; | |
1270 | ctx->ops = &pipefs_ops; | |
1271 | ctx->dops = &pipefs_dentry_operations; | |
1272 | return 0; | |
1da177e4 LT |
1273 | } |
1274 | ||
1275 | static struct file_system_type pipe_fs_type = { | |
1276 | .name = "pipefs", | |
4fa7ec5d | 1277 | .init_fs_context = pipefs_init_fs_context, |
1da177e4 LT |
1278 | .kill_sb = kill_anon_super, |
1279 | }; | |
1280 | ||
1281 | static int __init init_pipe_fs(void) | |
1282 | { | |
1283 | int err = register_filesystem(&pipe_fs_type); | |
341b446b | 1284 | |
1da177e4 LT |
1285 | if (!err) { |
1286 | pipe_mnt = kern_mount(&pipe_fs_type); | |
1287 | if (IS_ERR(pipe_mnt)) { | |
1288 | err = PTR_ERR(pipe_mnt); | |
1289 | unregister_filesystem(&pipe_fs_type); | |
1290 | } | |
1291 | } | |
1292 | return err; | |
1293 | } | |
1294 | ||
1da177e4 | 1295 | fs_initcall(init_pipe_fs); |