Line data Source code
1 : // SPDX-License-Identifier: GPL-2.0
2 : /*
3 : * linux/fs/read_write.c
4 : *
5 : * Copyright (C) 1991, 1992 Linus Torvalds
6 : */
7 :
8 : #include <linux/slab.h>
9 : #include <linux/stat.h>
10 : #include <linux/sched/xacct.h>
11 : #include <linux/fcntl.h>
12 : #include <linux/file.h>
13 : #include <linux/uio.h>
14 : #include <linux/fsnotify.h>
15 : #include <linux/security.h>
16 : #include <linux/export.h>
17 : #include <linux/syscalls.h>
18 : #include <linux/pagemap.h>
19 : #include <linux/splice.h>
20 : #include <linux/compat.h>
21 : #include <linux/mount.h>
22 : #include <linux/fs.h>
23 : #include "internal.h"
24 :
25 : #include <linux/uaccess.h>
26 : #include <asm/unistd.h>
27 :
28 : const struct file_operations generic_ro_fops = {
29 : .llseek = generic_file_llseek,
30 : .read_iter = generic_file_read_iter,
31 : .mmap = generic_file_readonly_mmap,
32 : .splice_read = generic_file_splice_read,
33 : };
34 :
35 : EXPORT_SYMBOL(generic_ro_fops);
36 :
37 : static inline bool unsigned_offsets(struct file *file)
38 : {
39 0 : return file->f_mode & FMODE_UNSIGNED_OFFSET;
40 : }
41 :
42 : /**
43 : * vfs_setpos - update the file offset for lseek
44 : * @file: file structure in question
45 : * @offset: file offset to seek to
46 : * @maxsize: maximum file size
47 : *
48 : * This is a low-level filesystem helper for updating the file offset to
49 : * the value specified by @offset if the given offset is valid and it is
50 : * not equal to the current file offset.
51 : *
52 : * Return the specified offset on success and -EINVAL on invalid offset.
53 : */
54 0 : loff_t vfs_setpos(struct file *file, loff_t offset, loff_t maxsize)
55 : {
56 0 : if (offset < 0 && !unsigned_offsets(file))
57 : return -EINVAL;
58 0 : if (offset > maxsize)
59 : return -EINVAL;
60 :
61 0 : if (offset != file->f_pos) {
62 0 : file->f_pos = offset;
63 0 : file->f_version = 0;
64 : }
65 : return offset;
66 : }
67 : EXPORT_SYMBOL(vfs_setpos);
68 :
69 : /**
70 : * generic_file_llseek_size - generic llseek implementation for regular files
71 : * @file: file structure to seek on
72 : * @offset: file offset to seek to
73 : * @whence: type of seek
74 : * @size: max size of this file in file system
75 : * @eof: offset used for SEEK_END position
76 : *
77 : * This is a variant of generic_file_llseek that allows passing in a custom
78 : * maximum file size and a custom EOF position, for e.g. hashed directories
79 : *
80 : * Synchronization:
81 : * SEEK_SET and SEEK_END are unsynchronized (but atomic on 64bit platforms)
82 : * SEEK_CUR is synchronized against other SEEK_CURs, but not read/writes.
83 : * read/writes behave like SEEK_SET against seeks.
84 : */
85 : loff_t
86 0 : generic_file_llseek_size(struct file *file, loff_t offset, int whence,
87 : loff_t maxsize, loff_t eof)
88 : {
89 0 : switch (whence) {
90 : case SEEK_END:
91 0 : offset += eof;
92 0 : break;
93 : case SEEK_CUR:
94 : /*
95 : * Here we special-case the lseek(fd, 0, SEEK_CUR)
96 : * position-querying operation. Avoid rewriting the "same"
97 : * f_pos value back to the file because a concurrent read(),
98 : * write() or lseek() might have altered it
99 : */
100 0 : if (offset == 0)
101 0 : return file->f_pos;
102 : /*
103 : * f_lock protects against read/modify/write race with other
104 : * SEEK_CURs. Note that parallel writes and reads behave
105 : * like SEEK_SET.
106 : */
107 0 : spin_lock(&file->f_lock);
108 0 : offset = vfs_setpos(file, file->f_pos + offset, maxsize);
109 0 : spin_unlock(&file->f_lock);
110 0 : return offset;
111 : case SEEK_DATA:
112 : /*
113 : * In the generic case the entire file is data, so as long as
114 : * offset isn't at the end of the file then the offset is data.
115 : */
116 0 : if ((unsigned long long)offset >= eof)
117 : return -ENXIO;
118 : break;
119 : case SEEK_HOLE:
120 : /*
121 : * There is a virtual hole at the end of the file, so as long as
122 : * offset isn't i_size or larger, return i_size.
123 : */
124 0 : if ((unsigned long long)offset >= eof)
125 : return -ENXIO;
126 : offset = eof;
127 : break;
128 : }
129 :
130 : return vfs_setpos(file, offset, maxsize);
131 : }
132 : EXPORT_SYMBOL(generic_file_llseek_size);
133 :
134 : /**
135 : * generic_file_llseek - generic llseek implementation for regular files
136 : * @file: file structure to seek on
137 : * @offset: file offset to seek to
138 : * @whence: type of seek
139 : *
140 : * This is a generic implemenation of ->llseek useable for all normal local
141 : * filesystems. It just updates the file offset to the value specified by
142 : * @offset and @whence.
143 : */
144 0 : loff_t generic_file_llseek(struct file *file, loff_t offset, int whence)
145 : {
146 0 : struct inode *inode = file->f_mapping->host;
147 :
148 0 : return generic_file_llseek_size(file, offset, whence,
149 0 : inode->i_sb->s_maxbytes,
150 : i_size_read(inode));
151 : }
152 : EXPORT_SYMBOL(generic_file_llseek);
153 :
154 : /**
155 : * fixed_size_llseek - llseek implementation for fixed-sized devices
156 : * @file: file structure to seek on
157 : * @offset: file offset to seek to
158 : * @whence: type of seek
159 : * @size: size of the file
160 : *
161 : */
162 0 : loff_t fixed_size_llseek(struct file *file, loff_t offset, int whence, loff_t size)
163 : {
164 0 : switch (whence) {
165 : case SEEK_SET: case SEEK_CUR: case SEEK_END:
166 0 : return generic_file_llseek_size(file, offset, whence,
167 : size, size);
168 : default:
169 : return -EINVAL;
170 : }
171 : }
172 : EXPORT_SYMBOL(fixed_size_llseek);
173 :
174 : /**
175 : * no_seek_end_llseek - llseek implementation for fixed-sized devices
176 : * @file: file structure to seek on
177 : * @offset: file offset to seek to
178 : * @whence: type of seek
179 : *
180 : */
181 0 : loff_t no_seek_end_llseek(struct file *file, loff_t offset, int whence)
182 : {
183 0 : switch (whence) {
184 : case SEEK_SET: case SEEK_CUR:
185 0 : return generic_file_llseek_size(file, offset, whence,
186 : OFFSET_MAX, 0);
187 : default:
188 : return -EINVAL;
189 : }
190 : }
191 : EXPORT_SYMBOL(no_seek_end_llseek);
192 :
193 : /**
194 : * no_seek_end_llseek_size - llseek implementation for fixed-sized devices
195 : * @file: file structure to seek on
196 : * @offset: file offset to seek to
197 : * @whence: type of seek
198 : * @size: maximal offset allowed
199 : *
200 : */
201 0 : loff_t no_seek_end_llseek_size(struct file *file, loff_t offset, int whence, loff_t size)
202 : {
203 0 : switch (whence) {
204 : case SEEK_SET: case SEEK_CUR:
205 0 : return generic_file_llseek_size(file, offset, whence,
206 : size, 0);
207 : default:
208 : return -EINVAL;
209 : }
210 : }
211 : EXPORT_SYMBOL(no_seek_end_llseek_size);
212 :
213 : /**
214 : * noop_llseek - No Operation Performed llseek implementation
215 : * @file: file structure to seek on
216 : * @offset: file offset to seek to
217 : * @whence: type of seek
218 : *
219 : * This is an implementation of ->llseek useable for the rare special case when
220 : * userspace expects the seek to succeed but the (device) file is actually not
221 : * able to perform the seek. In this case you use noop_llseek() instead of
222 : * falling back to the default implementation of ->llseek.
223 : */
224 0 : loff_t noop_llseek(struct file *file, loff_t offset, int whence)
225 : {
226 0 : return file->f_pos;
227 : }
228 : EXPORT_SYMBOL(noop_llseek);
229 :
230 0 : loff_t no_llseek(struct file *file, loff_t offset, int whence)
231 : {
232 0 : return -ESPIPE;
233 : }
234 : EXPORT_SYMBOL(no_llseek);
235 :
236 0 : loff_t default_llseek(struct file *file, loff_t offset, int whence)
237 : {
238 0 : struct inode *inode = file_inode(file);
239 : loff_t retval;
240 :
241 0 : inode_lock(inode);
242 0 : switch (whence) {
243 : case SEEK_END:
244 0 : offset += i_size_read(inode);
245 0 : break;
246 : case SEEK_CUR:
247 0 : if (offset == 0) {
248 0 : retval = file->f_pos;
249 0 : goto out;
250 : }
251 0 : offset += file->f_pos;
252 0 : break;
253 : case SEEK_DATA:
254 : /*
255 : * In the generic case the entire file is data, so as
256 : * long as offset isn't at the end of the file then the
257 : * offset is data.
258 : */
259 0 : if (offset >= inode->i_size) {
260 : retval = -ENXIO;
261 : goto out;
262 : }
263 : break;
264 : case SEEK_HOLE:
265 : /*
266 : * There is a virtual hole at the end of the file, so
267 : * as long as offset isn't i_size or larger, return
268 : * i_size.
269 : */
270 0 : if (offset >= inode->i_size) {
271 : retval = -ENXIO;
272 : goto out;
273 : }
274 : offset = inode->i_size;
275 : break;
276 : }
277 0 : retval = -EINVAL;
278 0 : if (offset >= 0 || unsigned_offsets(file)) {
279 0 : if (offset != file->f_pos) {
280 0 : file->f_pos = offset;
281 0 : file->f_version = 0;
282 : }
283 : retval = offset;
284 : }
285 : out:
286 0 : inode_unlock(inode);
287 0 : return retval;
288 : }
289 : EXPORT_SYMBOL(default_llseek);
290 :
291 0 : loff_t vfs_llseek(struct file *file, loff_t offset, int whence)
292 : {
293 : loff_t (*fn)(struct file *, loff_t, int);
294 :
295 0 : fn = no_llseek;
296 0 : if (file->f_mode & FMODE_LSEEK) {
297 0 : if (file->f_op->llseek)
298 0 : fn = file->f_op->llseek;
299 : }
300 0 : return fn(file, offset, whence);
301 : }
302 : EXPORT_SYMBOL(vfs_llseek);
303 :
304 0 : static off_t ksys_lseek(unsigned int fd, off_t offset, unsigned int whence)
305 : {
306 : off_t retval;
307 0 : struct fd f = fdget_pos(fd);
308 0 : if (!f.file)
309 : return -EBADF;
310 :
311 0 : retval = -EINVAL;
312 0 : if (whence <= SEEK_MAX) {
313 0 : loff_t res = vfs_llseek(f.file, offset, whence);
314 0 : retval = res;
315 : if (res != (loff_t)retval)
316 : retval = -EOVERFLOW; /* LFS: should only happen on 32 bit platforms */
317 : }
318 0 : fdput_pos(f);
319 0 : return retval;
320 : }
321 :
322 0 : SYSCALL_DEFINE3(lseek, unsigned int, fd, off_t, offset, unsigned int, whence)
323 : {
324 0 : return ksys_lseek(fd, offset, whence);
325 : }
326 :
327 : #ifdef CONFIG_COMPAT
328 : COMPAT_SYSCALL_DEFINE3(lseek, unsigned int, fd, compat_off_t, offset, unsigned int, whence)
329 : {
330 : return ksys_lseek(fd, offset, whence);
331 : }
332 : #endif
333 :
334 : #if !defined(CONFIG_64BIT) || defined(CONFIG_COMPAT) || \
335 : defined(__ARCH_WANT_SYS_LLSEEK)
336 : SYSCALL_DEFINE5(llseek, unsigned int, fd, unsigned long, offset_high,
337 : unsigned long, offset_low, loff_t __user *, result,
338 : unsigned int, whence)
339 : {
340 : int retval;
341 : struct fd f = fdget_pos(fd);
342 : loff_t offset;
343 :
344 : if (!f.file)
345 : return -EBADF;
346 :
347 : retval = -EINVAL;
348 : if (whence > SEEK_MAX)
349 : goto out_putf;
350 :
351 : offset = vfs_llseek(f.file, ((loff_t) offset_high << 32) | offset_low,
352 : whence);
353 :
354 : retval = (int)offset;
355 : if (offset >= 0) {
356 : retval = -EFAULT;
357 : if (!copy_to_user(result, &offset, sizeof(offset)))
358 : retval = 0;
359 : }
360 : out_putf:
361 : fdput_pos(f);
362 : return retval;
363 : }
364 : #endif
365 :
366 0 : int rw_verify_area(int read_write, struct file *file, const loff_t *ppos, size_t count)
367 : {
368 0 : if (unlikely((ssize_t) count < 0))
369 : return -EINVAL;
370 :
371 0 : if (ppos) {
372 0 : loff_t pos = *ppos;
373 :
374 0 : if (unlikely(pos < 0)) {
375 0 : if (!unsigned_offsets(file))
376 : return -EINVAL;
377 0 : if (count >= -pos) /* both values are in 0..LLONG_MAX */
378 : return -EOVERFLOW;
379 0 : } else if (unlikely((loff_t) (pos + count) < 0)) {
380 0 : if (!unsigned_offsets(file))
381 : return -EINVAL;
382 : }
383 : }
384 :
385 : return security_file_permission(file,
386 : read_write == READ ? MAY_READ : MAY_WRITE);
387 : }
388 : EXPORT_SYMBOL(rw_verify_area);
389 :
390 0 : static ssize_t new_sync_read(struct file *filp, char __user *buf, size_t len, loff_t *ppos)
391 : {
392 0 : struct iovec iov = { .iov_base = buf, .iov_len = len };
393 : struct kiocb kiocb;
394 : struct iov_iter iter;
395 : ssize_t ret;
396 :
397 0 : init_sync_kiocb(&kiocb, filp);
398 0 : kiocb.ki_pos = (ppos ? *ppos : 0);
399 0 : iov_iter_init(&iter, READ, &iov, 1, len);
400 :
401 0 : ret = call_read_iter(filp, &kiocb, &iter);
402 0 : BUG_ON(ret == -EIOCBQUEUED);
403 0 : if (ppos)
404 0 : *ppos = kiocb.ki_pos;
405 0 : return ret;
406 : }
407 :
408 0 : static int warn_unsupported(struct file *file, const char *op)
409 : {
410 0 : pr_warn_ratelimited(
411 : "kernel %s not supported for file %pD4 (pid: %d comm: %.20s)\n",
412 : op, file, current->pid, current->comm);
413 0 : return -EINVAL;
414 : }
415 :
416 0 : ssize_t __kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
417 : {
418 0 : struct kvec iov = {
419 : .iov_base = buf,
420 0 : .iov_len = min_t(size_t, count, MAX_RW_COUNT),
421 : };
422 : struct kiocb kiocb;
423 : struct iov_iter iter;
424 : ssize_t ret;
425 :
426 0 : if (WARN_ON_ONCE(!(file->f_mode & FMODE_READ)))
427 : return -EINVAL;
428 0 : if (!(file->f_mode & FMODE_CAN_READ))
429 : return -EINVAL;
430 : /*
431 : * Also fail if ->read_iter and ->read are both wired up as that
432 : * implies very convoluted semantics.
433 : */
434 0 : if (unlikely(!file->f_op->read_iter || file->f_op->read))
435 0 : return warn_unsupported(file, "read");
436 :
437 0 : init_sync_kiocb(&kiocb, file);
438 0 : kiocb.ki_pos = pos ? *pos : 0;
439 0 : iov_iter_kvec(&iter, READ, &iov, 1, iov.iov_len);
440 0 : ret = file->f_op->read_iter(&kiocb, &iter);
441 0 : if (ret > 0) {
442 0 : if (pos)
443 0 : *pos = kiocb.ki_pos;
444 0 : fsnotify_access(file);
445 0 : add_rchar(current, ret);
446 : }
447 0 : inc_syscr(current);
448 0 : return ret;
449 : }
450 :
451 0 : ssize_t kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
452 : {
453 : ssize_t ret;
454 :
455 0 : ret = rw_verify_area(READ, file, pos, count);
456 0 : if (ret)
457 : return ret;
458 0 : return __kernel_read(file, buf, count, pos);
459 : }
460 : EXPORT_SYMBOL(kernel_read);
461 :
462 0 : ssize_t vfs_read(struct file *file, char __user *buf, size_t count, loff_t *pos)
463 : {
464 : ssize_t ret;
465 :
466 0 : if (!(file->f_mode & FMODE_READ))
467 : return -EBADF;
468 0 : if (!(file->f_mode & FMODE_CAN_READ))
469 : return -EINVAL;
470 0 : if (unlikely(!access_ok(buf, count)))
471 : return -EFAULT;
472 :
473 0 : ret = rw_verify_area(READ, file, pos, count);
474 0 : if (ret)
475 : return ret;
476 0 : if (count > MAX_RW_COUNT)
477 0 : count = MAX_RW_COUNT;
478 :
479 0 : if (file->f_op->read)
480 0 : ret = file->f_op->read(file, buf, count, pos);
481 0 : else if (file->f_op->read_iter)
482 0 : ret = new_sync_read(file, buf, count, pos);
483 : else
484 : ret = -EINVAL;
485 0 : if (ret > 0) {
486 0 : fsnotify_access(file);
487 0 : add_rchar(current, ret);
488 : }
489 0 : inc_syscr(current);
490 0 : return ret;
491 : }
492 :
493 0 : static ssize_t new_sync_write(struct file *filp, const char __user *buf, size_t len, loff_t *ppos)
494 : {
495 0 : struct iovec iov = { .iov_base = (void __user *)buf, .iov_len = len };
496 : struct kiocb kiocb;
497 : struct iov_iter iter;
498 : ssize_t ret;
499 :
500 0 : init_sync_kiocb(&kiocb, filp);
501 0 : kiocb.ki_pos = (ppos ? *ppos : 0);
502 0 : iov_iter_init(&iter, WRITE, &iov, 1, len);
503 :
504 0 : ret = call_write_iter(filp, &kiocb, &iter);
505 0 : BUG_ON(ret == -EIOCBQUEUED);
506 0 : if (ret > 0 && ppos)
507 0 : *ppos = kiocb.ki_pos;
508 0 : return ret;
509 : }
510 :
511 : /* caller is responsible for file_start_write/file_end_write */
512 0 : ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t *pos)
513 : {
514 0 : struct kvec iov = {
515 : .iov_base = (void *)buf,
516 0 : .iov_len = min_t(size_t, count, MAX_RW_COUNT),
517 : };
518 : struct kiocb kiocb;
519 : struct iov_iter iter;
520 : ssize_t ret;
521 :
522 0 : if (WARN_ON_ONCE(!(file->f_mode & FMODE_WRITE)))
523 : return -EBADF;
524 0 : if (!(file->f_mode & FMODE_CAN_WRITE))
525 : return -EINVAL;
526 : /*
527 : * Also fail if ->write_iter and ->write are both wired up as that
528 : * implies very convoluted semantics.
529 : */
530 0 : if (unlikely(!file->f_op->write_iter || file->f_op->write))
531 0 : return warn_unsupported(file, "write");
532 :
533 0 : init_sync_kiocb(&kiocb, file);
534 0 : kiocb.ki_pos = pos ? *pos : 0;
535 0 : iov_iter_kvec(&iter, WRITE, &iov, 1, iov.iov_len);
536 0 : ret = file->f_op->write_iter(&kiocb, &iter);
537 0 : if (ret > 0) {
538 0 : if (pos)
539 0 : *pos = kiocb.ki_pos;
540 0 : fsnotify_modify(file);
541 0 : add_wchar(current, ret);
542 : }
543 0 : inc_syscw(current);
544 0 : return ret;
545 : }
546 : /*
547 : * This "EXPORT_SYMBOL_GPL()" is more of a "EXPORT_SYMBOL_DONTUSE()",
548 : * but autofs is one of the few internal kernel users that actually
549 : * wants this _and_ can be built as a module. So we need to export
550 : * this symbol for autofs, even though it really isn't appropriate
551 : * for any other kernel modules.
552 : */
553 : EXPORT_SYMBOL_GPL(__kernel_write);
554 :
555 0 : ssize_t kernel_write(struct file *file, const void *buf, size_t count,
556 : loff_t *pos)
557 : {
558 : ssize_t ret;
559 :
560 0 : ret = rw_verify_area(WRITE, file, pos, count);
561 0 : if (ret)
562 : return ret;
563 :
564 0 : file_start_write(file);
565 0 : ret = __kernel_write(file, buf, count, pos);
566 : file_end_write(file);
567 : return ret;
568 : }
569 : EXPORT_SYMBOL(kernel_write);
570 :
571 0 : ssize_t vfs_write(struct file *file, const char __user *buf, size_t count, loff_t *pos)
572 : {
573 : ssize_t ret;
574 :
575 0 : if (!(file->f_mode & FMODE_WRITE))
576 : return -EBADF;
577 0 : if (!(file->f_mode & FMODE_CAN_WRITE))
578 : return -EINVAL;
579 0 : if (unlikely(!access_ok(buf, count)))
580 : return -EFAULT;
581 :
582 0 : ret = rw_verify_area(WRITE, file, pos, count);
583 0 : if (ret)
584 : return ret;
585 0 : if (count > MAX_RW_COUNT)
586 0 : count = MAX_RW_COUNT;
587 0 : file_start_write(file);
588 0 : if (file->f_op->write)
589 0 : ret = file->f_op->write(file, buf, count, pos);
590 0 : else if (file->f_op->write_iter)
591 0 : ret = new_sync_write(file, buf, count, pos);
592 : else
593 : ret = -EINVAL;
594 0 : if (ret > 0) {
595 0 : fsnotify_modify(file);
596 0 : add_wchar(current, ret);
597 : }
598 0 : inc_syscw(current);
599 : file_end_write(file);
600 : return ret;
601 : }
602 :
603 : /* file_ppos returns &file->f_pos or NULL if file is stream */
604 : static inline loff_t *file_ppos(struct file *file)
605 : {
606 0 : return file->f_mode & FMODE_STREAM ? NULL : &file->f_pos;
607 : }
608 :
609 0 : ssize_t ksys_read(unsigned int fd, char __user *buf, size_t count)
610 : {
611 0 : struct fd f = fdget_pos(fd);
612 0 : ssize_t ret = -EBADF;
613 :
614 0 : if (f.file) {
615 0 : loff_t pos, *ppos = file_ppos(f.file);
616 0 : if (ppos) {
617 0 : pos = *ppos;
618 0 : ppos = &pos;
619 : }
620 0 : ret = vfs_read(f.file, buf, count, ppos);
621 0 : if (ret >= 0 && ppos)
622 0 : f.file->f_pos = pos;
623 0 : fdput_pos(f);
624 : }
625 0 : return ret;
626 : }
627 :
628 0 : SYSCALL_DEFINE3(read, unsigned int, fd, char __user *, buf, size_t, count)
629 : {
630 0 : return ksys_read(fd, buf, count);
631 : }
632 :
633 0 : ssize_t ksys_write(unsigned int fd, const char __user *buf, size_t count)
634 : {
635 0 : struct fd f = fdget_pos(fd);
636 0 : ssize_t ret = -EBADF;
637 :
638 0 : if (f.file) {
639 0 : loff_t pos, *ppos = file_ppos(f.file);
640 0 : if (ppos) {
641 0 : pos = *ppos;
642 0 : ppos = &pos;
643 : }
644 0 : ret = vfs_write(f.file, buf, count, ppos);
645 0 : if (ret >= 0 && ppos)
646 0 : f.file->f_pos = pos;
647 0 : fdput_pos(f);
648 : }
649 :
650 0 : return ret;
651 : }
652 :
653 0 : SYSCALL_DEFINE3(write, unsigned int, fd, const char __user *, buf,
654 : size_t, count)
655 : {
656 0 : return ksys_write(fd, buf, count);
657 : }
658 :
659 0 : ssize_t ksys_pread64(unsigned int fd, char __user *buf, size_t count,
660 : loff_t pos)
661 : {
662 : struct fd f;
663 0 : ssize_t ret = -EBADF;
664 :
665 0 : if (pos < 0)
666 : return -EINVAL;
667 :
668 0 : f = fdget(fd);
669 0 : if (f.file) {
670 0 : ret = -ESPIPE;
671 0 : if (f.file->f_mode & FMODE_PREAD)
672 0 : ret = vfs_read(f.file, buf, count, &pos);
673 0 : fdput(f);
674 : }
675 :
676 : return ret;
677 : }
678 :
679 0 : SYSCALL_DEFINE4(pread64, unsigned int, fd, char __user *, buf,
680 : size_t, count, loff_t, pos)
681 : {
682 0 : return ksys_pread64(fd, buf, count, pos);
683 : }
684 :
685 0 : ssize_t ksys_pwrite64(unsigned int fd, const char __user *buf,
686 : size_t count, loff_t pos)
687 : {
688 : struct fd f;
689 0 : ssize_t ret = -EBADF;
690 :
691 0 : if (pos < 0)
692 : return -EINVAL;
693 :
694 0 : f = fdget(fd);
695 0 : if (f.file) {
696 0 : ret = -ESPIPE;
697 0 : if (f.file->f_mode & FMODE_PWRITE)
698 0 : ret = vfs_write(f.file, buf, count, &pos);
699 0 : fdput(f);
700 : }
701 :
702 : return ret;
703 : }
704 :
705 0 : SYSCALL_DEFINE4(pwrite64, unsigned int, fd, const char __user *, buf,
706 : size_t, count, loff_t, pos)
707 : {
708 0 : return ksys_pwrite64(fd, buf, count, pos);
709 : }
710 :
711 0 : static ssize_t do_iter_readv_writev(struct file *filp, struct iov_iter *iter,
712 : loff_t *ppos, int type, rwf_t flags)
713 : {
714 : struct kiocb kiocb;
715 : ssize_t ret;
716 :
717 0 : init_sync_kiocb(&kiocb, filp);
718 0 : ret = kiocb_set_rw_flags(&kiocb, flags);
719 0 : if (ret)
720 : return ret;
721 0 : kiocb.ki_pos = (ppos ? *ppos : 0);
722 :
723 0 : if (type == READ)
724 0 : ret = call_read_iter(filp, &kiocb, iter);
725 : else
726 0 : ret = call_write_iter(filp, &kiocb, iter);
727 0 : BUG_ON(ret == -EIOCBQUEUED);
728 0 : if (ppos)
729 0 : *ppos = kiocb.ki_pos;
730 : return ret;
731 : }
732 :
733 : /* Do it by hand, with file-ops */
734 0 : static ssize_t do_loop_readv_writev(struct file *filp, struct iov_iter *iter,
735 : loff_t *ppos, int type, rwf_t flags)
736 : {
737 0 : ssize_t ret = 0;
738 :
739 0 : if (flags & ~RWF_HIPRI)
740 : return -EOPNOTSUPP;
741 :
742 0 : while (iov_iter_count(iter)) {
743 0 : struct iovec iovec = iov_iter_iovec(iter);
744 : ssize_t nr;
745 :
746 0 : if (type == READ) {
747 0 : nr = filp->f_op->read(filp, iovec.iov_base,
748 : iovec.iov_len, ppos);
749 : } else {
750 0 : nr = filp->f_op->write(filp, iovec.iov_base,
751 : iovec.iov_len, ppos);
752 : }
753 :
754 0 : if (nr < 0) {
755 0 : if (!ret)
756 0 : ret = nr;
757 : break;
758 : }
759 0 : ret += nr;
760 0 : if (nr != iovec.iov_len)
761 : break;
762 0 : iov_iter_advance(iter, nr);
763 : }
764 :
765 : return ret;
766 : }
767 :
768 0 : static ssize_t do_iter_read(struct file *file, struct iov_iter *iter,
769 : loff_t *pos, rwf_t flags)
770 : {
771 : size_t tot_len;
772 0 : ssize_t ret = 0;
773 :
774 0 : if (!(file->f_mode & FMODE_READ))
775 : return -EBADF;
776 0 : if (!(file->f_mode & FMODE_CAN_READ))
777 : return -EINVAL;
778 :
779 0 : tot_len = iov_iter_count(iter);
780 0 : if (!tot_len)
781 : goto out;
782 0 : ret = rw_verify_area(READ, file, pos, tot_len);
783 0 : if (ret < 0)
784 : return ret;
785 :
786 0 : if (file->f_op->read_iter)
787 0 : ret = do_iter_readv_writev(file, iter, pos, READ, flags);
788 : else
789 0 : ret = do_loop_readv_writev(file, iter, pos, READ, flags);
790 : out:
791 0 : if (ret >= 0)
792 : fsnotify_access(file);
793 : return ret;
794 : }
795 :
796 0 : ssize_t vfs_iocb_iter_read(struct file *file, struct kiocb *iocb,
797 : struct iov_iter *iter)
798 : {
799 : size_t tot_len;
800 0 : ssize_t ret = 0;
801 :
802 0 : if (!file->f_op->read_iter)
803 : return -EINVAL;
804 0 : if (!(file->f_mode & FMODE_READ))
805 : return -EBADF;
806 0 : if (!(file->f_mode & FMODE_CAN_READ))
807 : return -EINVAL;
808 :
809 0 : tot_len = iov_iter_count(iter);
810 0 : if (!tot_len)
811 : goto out;
812 0 : ret = rw_verify_area(READ, file, &iocb->ki_pos, tot_len);
813 0 : if (ret < 0)
814 : return ret;
815 :
816 0 : ret = call_read_iter(file, iocb, iter);
817 : out:
818 0 : if (ret >= 0)
819 : fsnotify_access(file);
820 : return ret;
821 : }
822 : EXPORT_SYMBOL(vfs_iocb_iter_read);
823 :
824 0 : ssize_t vfs_iter_read(struct file *file, struct iov_iter *iter, loff_t *ppos,
825 : rwf_t flags)
826 : {
827 0 : if (!file->f_op->read_iter)
828 : return -EINVAL;
829 0 : return do_iter_read(file, iter, ppos, flags);
830 : }
831 : EXPORT_SYMBOL(vfs_iter_read);
832 :
833 0 : static ssize_t do_iter_write(struct file *file, struct iov_iter *iter,
834 : loff_t *pos, rwf_t flags)
835 : {
836 : size_t tot_len;
837 0 : ssize_t ret = 0;
838 :
839 0 : if (!(file->f_mode & FMODE_WRITE))
840 : return -EBADF;
841 0 : if (!(file->f_mode & FMODE_CAN_WRITE))
842 : return -EINVAL;
843 :
844 0 : tot_len = iov_iter_count(iter);
845 0 : if (!tot_len)
846 : return 0;
847 0 : ret = rw_verify_area(WRITE, file, pos, tot_len);
848 0 : if (ret < 0)
849 : return ret;
850 :
851 0 : if (file->f_op->write_iter)
852 0 : ret = do_iter_readv_writev(file, iter, pos, WRITE, flags);
853 : else
854 0 : ret = do_loop_readv_writev(file, iter, pos, WRITE, flags);
855 0 : if (ret > 0)
856 : fsnotify_modify(file);
857 : return ret;
858 : }
859 :
860 0 : ssize_t vfs_iocb_iter_write(struct file *file, struct kiocb *iocb,
861 : struct iov_iter *iter)
862 : {
863 : size_t tot_len;
864 0 : ssize_t ret = 0;
865 :
866 0 : if (!file->f_op->write_iter)
867 : return -EINVAL;
868 0 : if (!(file->f_mode & FMODE_WRITE))
869 : return -EBADF;
870 0 : if (!(file->f_mode & FMODE_CAN_WRITE))
871 : return -EINVAL;
872 :
873 0 : tot_len = iov_iter_count(iter);
874 0 : if (!tot_len)
875 : return 0;
876 0 : ret = rw_verify_area(WRITE, file, &iocb->ki_pos, tot_len);
877 0 : if (ret < 0)
878 : return ret;
879 :
880 0 : ret = call_write_iter(file, iocb, iter);
881 0 : if (ret > 0)
882 : fsnotify_modify(file);
883 :
884 : return ret;
885 : }
886 : EXPORT_SYMBOL(vfs_iocb_iter_write);
887 :
888 0 : ssize_t vfs_iter_write(struct file *file, struct iov_iter *iter, loff_t *ppos,
889 : rwf_t flags)
890 : {
891 0 : if (!file->f_op->write_iter)
892 : return -EINVAL;
893 0 : return do_iter_write(file, iter, ppos, flags);
894 : }
895 : EXPORT_SYMBOL(vfs_iter_write);
896 :
897 0 : static ssize_t vfs_readv(struct file *file, const struct iovec __user *vec,
898 : unsigned long vlen, loff_t *pos, rwf_t flags)
899 : {
900 : struct iovec iovstack[UIO_FASTIOV];
901 0 : struct iovec *iov = iovstack;
902 : struct iov_iter iter;
903 : ssize_t ret;
904 :
905 0 : ret = import_iovec(READ, vec, vlen, ARRAY_SIZE(iovstack), &iov, &iter);
906 0 : if (ret >= 0) {
907 0 : ret = do_iter_read(file, &iter, pos, flags);
908 0 : kfree(iov);
909 : }
910 :
911 0 : return ret;
912 : }
913 :
914 0 : static ssize_t vfs_writev(struct file *file, const struct iovec __user *vec,
915 : unsigned long vlen, loff_t *pos, rwf_t flags)
916 : {
917 : struct iovec iovstack[UIO_FASTIOV];
918 0 : struct iovec *iov = iovstack;
919 : struct iov_iter iter;
920 : ssize_t ret;
921 :
922 0 : ret = import_iovec(WRITE, vec, vlen, ARRAY_SIZE(iovstack), &iov, &iter);
923 0 : if (ret >= 0) {
924 0 : file_start_write(file);
925 0 : ret = do_iter_write(file, &iter, pos, flags);
926 0 : file_end_write(file);
927 0 : kfree(iov);
928 : }
929 0 : return ret;
930 : }
931 :
932 0 : static ssize_t do_readv(unsigned long fd, const struct iovec __user *vec,
933 : unsigned long vlen, rwf_t flags)
934 : {
935 0 : struct fd f = fdget_pos(fd);
936 0 : ssize_t ret = -EBADF;
937 :
938 0 : if (f.file) {
939 0 : loff_t pos, *ppos = file_ppos(f.file);
940 0 : if (ppos) {
941 0 : pos = *ppos;
942 0 : ppos = &pos;
943 : }
944 0 : ret = vfs_readv(f.file, vec, vlen, ppos, flags);
945 0 : if (ret >= 0 && ppos)
946 0 : f.file->f_pos = pos;
947 0 : fdput_pos(f);
948 : }
949 :
950 0 : if (ret > 0)
951 0 : add_rchar(current, ret);
952 0 : inc_syscr(current);
953 0 : return ret;
954 : }
955 :
956 0 : static ssize_t do_writev(unsigned long fd, const struct iovec __user *vec,
957 : unsigned long vlen, rwf_t flags)
958 : {
959 0 : struct fd f = fdget_pos(fd);
960 0 : ssize_t ret = -EBADF;
961 :
962 0 : if (f.file) {
963 0 : loff_t pos, *ppos = file_ppos(f.file);
964 0 : if (ppos) {
965 0 : pos = *ppos;
966 0 : ppos = &pos;
967 : }
968 0 : ret = vfs_writev(f.file, vec, vlen, ppos, flags);
969 0 : if (ret >= 0 && ppos)
970 0 : f.file->f_pos = pos;
971 0 : fdput_pos(f);
972 : }
973 :
974 0 : if (ret > 0)
975 0 : add_wchar(current, ret);
976 0 : inc_syscw(current);
977 0 : return ret;
978 : }
979 :
980 : static inline loff_t pos_from_hilo(unsigned long high, unsigned long low)
981 : {
982 : #define HALF_LONG_BITS (BITS_PER_LONG / 2)
983 0 : return (((loff_t)high << HALF_LONG_BITS) << HALF_LONG_BITS) | low;
984 : }
985 :
986 0 : static ssize_t do_preadv(unsigned long fd, const struct iovec __user *vec,
987 : unsigned long vlen, loff_t pos, rwf_t flags)
988 : {
989 : struct fd f;
990 0 : ssize_t ret = -EBADF;
991 :
992 0 : if (pos < 0)
993 : return -EINVAL;
994 :
995 0 : f = fdget(fd);
996 0 : if (f.file) {
997 0 : ret = -ESPIPE;
998 0 : if (f.file->f_mode & FMODE_PREAD)
999 0 : ret = vfs_readv(f.file, vec, vlen, &pos, flags);
1000 0 : fdput(f);
1001 : }
1002 :
1003 0 : if (ret > 0)
1004 0 : add_rchar(current, ret);
1005 0 : inc_syscr(current);
1006 0 : return ret;
1007 : }
1008 :
1009 0 : static ssize_t do_pwritev(unsigned long fd, const struct iovec __user *vec,
1010 : unsigned long vlen, loff_t pos, rwf_t flags)
1011 : {
1012 : struct fd f;
1013 0 : ssize_t ret = -EBADF;
1014 :
1015 0 : if (pos < 0)
1016 : return -EINVAL;
1017 :
1018 0 : f = fdget(fd);
1019 0 : if (f.file) {
1020 0 : ret = -ESPIPE;
1021 0 : if (f.file->f_mode & FMODE_PWRITE)
1022 0 : ret = vfs_writev(f.file, vec, vlen, &pos, flags);
1023 0 : fdput(f);
1024 : }
1025 :
1026 0 : if (ret > 0)
1027 0 : add_wchar(current, ret);
1028 0 : inc_syscw(current);
1029 0 : return ret;
1030 : }
1031 :
1032 0 : SYSCALL_DEFINE3(readv, unsigned long, fd, const struct iovec __user *, vec,
1033 : unsigned long, vlen)
1034 : {
1035 0 : return do_readv(fd, vec, vlen, 0);
1036 : }
1037 :
1038 0 : SYSCALL_DEFINE3(writev, unsigned long, fd, const struct iovec __user *, vec,
1039 : unsigned long, vlen)
1040 : {
1041 0 : return do_writev(fd, vec, vlen, 0);
1042 : }
1043 :
1044 0 : SYSCALL_DEFINE5(preadv, unsigned long, fd, const struct iovec __user *, vec,
1045 : unsigned long, vlen, unsigned long, pos_l, unsigned long, pos_h)
1046 : {
1047 0 : loff_t pos = pos_from_hilo(pos_h, pos_l);
1048 :
1049 0 : return do_preadv(fd, vec, vlen, pos, 0);
1050 : }
1051 :
1052 0 : SYSCALL_DEFINE6(preadv2, unsigned long, fd, const struct iovec __user *, vec,
1053 : unsigned long, vlen, unsigned long, pos_l, unsigned long, pos_h,
1054 : rwf_t, flags)
1055 : {
1056 0 : loff_t pos = pos_from_hilo(pos_h, pos_l);
1057 :
1058 0 : if (pos == -1)
1059 0 : return do_readv(fd, vec, vlen, flags);
1060 :
1061 0 : return do_preadv(fd, vec, vlen, pos, flags);
1062 : }
1063 :
1064 0 : SYSCALL_DEFINE5(pwritev, unsigned long, fd, const struct iovec __user *, vec,
1065 : unsigned long, vlen, unsigned long, pos_l, unsigned long, pos_h)
1066 : {
1067 0 : loff_t pos = pos_from_hilo(pos_h, pos_l);
1068 :
1069 0 : return do_pwritev(fd, vec, vlen, pos, 0);
1070 : }
1071 :
1072 0 : SYSCALL_DEFINE6(pwritev2, unsigned long, fd, const struct iovec __user *, vec,
1073 : unsigned long, vlen, unsigned long, pos_l, unsigned long, pos_h,
1074 : rwf_t, flags)
1075 : {
1076 0 : loff_t pos = pos_from_hilo(pos_h, pos_l);
1077 :
1078 0 : if (pos == -1)
1079 0 : return do_writev(fd, vec, vlen, flags);
1080 :
1081 0 : return do_pwritev(fd, vec, vlen, pos, flags);
1082 : }
1083 :
1084 : /*
1085 : * Various compat syscalls. Note that they all pretend to take a native
1086 : * iovec - import_iovec will properly treat those as compat_iovecs based on
1087 : * in_compat_syscall().
1088 : */
1089 : #ifdef CONFIG_COMPAT
1090 : #ifdef __ARCH_WANT_COMPAT_SYS_PREADV64
1091 : COMPAT_SYSCALL_DEFINE4(preadv64, unsigned long, fd,
1092 : const struct iovec __user *, vec,
1093 : unsigned long, vlen, loff_t, pos)
1094 : {
1095 : return do_preadv(fd, vec, vlen, pos, 0);
1096 : }
1097 : #endif
1098 :
1099 : COMPAT_SYSCALL_DEFINE5(preadv, compat_ulong_t, fd,
1100 : const struct iovec __user *, vec,
1101 : compat_ulong_t, vlen, u32, pos_low, u32, pos_high)
1102 : {
1103 : loff_t pos = ((loff_t)pos_high << 32) | pos_low;
1104 :
1105 : return do_preadv(fd, vec, vlen, pos, 0);
1106 : }
1107 :
1108 : #ifdef __ARCH_WANT_COMPAT_SYS_PREADV64V2
1109 : COMPAT_SYSCALL_DEFINE5(preadv64v2, unsigned long, fd,
1110 : const struct iovec __user *, vec,
1111 : unsigned long, vlen, loff_t, pos, rwf_t, flags)
1112 : {
1113 : if (pos == -1)
1114 : return do_readv(fd, vec, vlen, flags);
1115 : return do_preadv(fd, vec, vlen, pos, flags);
1116 : }
1117 : #endif
1118 :
1119 : COMPAT_SYSCALL_DEFINE6(preadv2, compat_ulong_t, fd,
1120 : const struct iovec __user *, vec,
1121 : compat_ulong_t, vlen, u32, pos_low, u32, pos_high,
1122 : rwf_t, flags)
1123 : {
1124 : loff_t pos = ((loff_t)pos_high << 32) | pos_low;
1125 :
1126 : if (pos == -1)
1127 : return do_readv(fd, vec, vlen, flags);
1128 : return do_preadv(fd, vec, vlen, pos, flags);
1129 : }
1130 :
1131 : #ifdef __ARCH_WANT_COMPAT_SYS_PWRITEV64
1132 : COMPAT_SYSCALL_DEFINE4(pwritev64, unsigned long, fd,
1133 : const struct iovec __user *, vec,
1134 : unsigned long, vlen, loff_t, pos)
1135 : {
1136 : return do_pwritev(fd, vec, vlen, pos, 0);
1137 : }
1138 : #endif
1139 :
1140 : COMPAT_SYSCALL_DEFINE5(pwritev, compat_ulong_t, fd,
1141 : const struct iovec __user *,vec,
1142 : compat_ulong_t, vlen, u32, pos_low, u32, pos_high)
1143 : {
1144 : loff_t pos = ((loff_t)pos_high << 32) | pos_low;
1145 :
1146 : return do_pwritev(fd, vec, vlen, pos, 0);
1147 : }
1148 :
1149 : #ifdef __ARCH_WANT_COMPAT_SYS_PWRITEV64V2
1150 : COMPAT_SYSCALL_DEFINE5(pwritev64v2, unsigned long, fd,
1151 : const struct iovec __user *, vec,
1152 : unsigned long, vlen, loff_t, pos, rwf_t, flags)
1153 : {
1154 : if (pos == -1)
1155 : return do_writev(fd, vec, vlen, flags);
1156 : return do_pwritev(fd, vec, vlen, pos, flags);
1157 : }
1158 : #endif
1159 :
1160 : COMPAT_SYSCALL_DEFINE6(pwritev2, compat_ulong_t, fd,
1161 : const struct iovec __user *,vec,
1162 : compat_ulong_t, vlen, u32, pos_low, u32, pos_high, rwf_t, flags)
1163 : {
1164 : loff_t pos = ((loff_t)pos_high << 32) | pos_low;
1165 :
1166 : if (pos == -1)
1167 : return do_writev(fd, vec, vlen, flags);
1168 : return do_pwritev(fd, vec, vlen, pos, flags);
1169 : }
1170 : #endif /* CONFIG_COMPAT */
1171 :
1172 0 : static ssize_t do_sendfile(int out_fd, int in_fd, loff_t *ppos,
1173 : size_t count, loff_t max)
1174 : {
1175 : struct fd in, out;
1176 : struct inode *in_inode, *out_inode;
1177 : struct pipe_inode_info *opipe;
1178 : loff_t pos;
1179 : loff_t out_pos;
1180 : ssize_t retval;
1181 : int fl;
1182 :
1183 : /*
1184 : * Get input file, and verify that it is ok..
1185 : */
1186 0 : retval = -EBADF;
1187 0 : in = fdget(in_fd);
1188 0 : if (!in.file)
1189 : goto out;
1190 0 : if (!(in.file->f_mode & FMODE_READ))
1191 : goto fput_in;
1192 0 : retval = -ESPIPE;
1193 0 : if (!ppos) {
1194 0 : pos = in.file->f_pos;
1195 : } else {
1196 0 : pos = *ppos;
1197 0 : if (!(in.file->f_mode & FMODE_PREAD))
1198 : goto fput_in;
1199 : }
1200 0 : retval = rw_verify_area(READ, in.file, &pos, count);
1201 0 : if (retval < 0)
1202 : goto fput_in;
1203 0 : if (count > MAX_RW_COUNT)
1204 0 : count = MAX_RW_COUNT;
1205 :
1206 : /*
1207 : * Get output file, and verify that it is ok..
1208 : */
1209 0 : retval = -EBADF;
1210 0 : out = fdget(out_fd);
1211 0 : if (!out.file)
1212 : goto fput_in;
1213 0 : if (!(out.file->f_mode & FMODE_WRITE))
1214 : goto fput_out;
1215 0 : in_inode = file_inode(in.file);
1216 0 : out_inode = file_inode(out.file);
1217 0 : out_pos = out.file->f_pos;
1218 :
1219 0 : if (!max)
1220 0 : max = min(in_inode->i_sb->s_maxbytes, out_inode->i_sb->s_maxbytes);
1221 :
1222 0 : if (unlikely(pos + count > max)) {
1223 0 : retval = -EOVERFLOW;
1224 0 : if (pos >= max)
1225 : goto fput_out;
1226 0 : count = max - pos;
1227 : }
1228 :
1229 0 : fl = 0;
1230 : #if 0
1231 : /*
1232 : * We need to debate whether we can enable this or not. The
1233 : * man page documents EAGAIN return for the output at least,
1234 : * and the application is arguably buggy if it doesn't expect
1235 : * EAGAIN on a non-blocking file descriptor.
1236 : */
1237 : if (in.file->f_flags & O_NONBLOCK)
1238 : fl = SPLICE_F_NONBLOCK;
1239 : #endif
1240 0 : opipe = get_pipe_info(out.file, true);
1241 0 : if (!opipe) {
1242 0 : retval = rw_verify_area(WRITE, out.file, &out_pos, count);
1243 0 : if (retval < 0)
1244 : goto fput_out;
1245 0 : file_start_write(out.file);
1246 0 : retval = do_splice_direct(in.file, &pos, out.file, &out_pos,
1247 : count, fl);
1248 0 : file_end_write(out.file);
1249 : } else {
1250 0 : retval = splice_file_to_pipe(in.file, opipe, &pos, count, fl);
1251 : }
1252 :
1253 0 : if (retval > 0) {
1254 0 : add_rchar(current, retval);
1255 0 : add_wchar(current, retval);
1256 0 : fsnotify_access(in.file);
1257 0 : fsnotify_modify(out.file);
1258 0 : out.file->f_pos = out_pos;
1259 0 : if (ppos)
1260 0 : *ppos = pos;
1261 : else
1262 0 : in.file->f_pos = pos;
1263 : }
1264 :
1265 0 : inc_syscr(current);
1266 0 : inc_syscw(current);
1267 0 : if (pos > max)
1268 0 : retval = -EOVERFLOW;
1269 :
1270 : fput_out:
1271 0 : fdput(out);
1272 : fput_in:
1273 0 : fdput(in);
1274 : out:
1275 0 : return retval;
1276 : }
1277 :
1278 0 : SYSCALL_DEFINE4(sendfile, int, out_fd, int, in_fd, off_t __user *, offset, size_t, count)
1279 : {
1280 : loff_t pos;
1281 : off_t off;
1282 : ssize_t ret;
1283 :
1284 0 : if (offset) {
1285 0 : if (unlikely(get_user(off, offset)))
1286 : return -EFAULT;
1287 0 : pos = off;
1288 0 : ret = do_sendfile(out_fd, in_fd, &pos, count, MAX_NON_LFS);
1289 0 : if (unlikely(put_user(pos, offset)))
1290 : return -EFAULT;
1291 0 : return ret;
1292 : }
1293 :
1294 0 : return do_sendfile(out_fd, in_fd, NULL, count, 0);
1295 : }
1296 :
1297 0 : SYSCALL_DEFINE4(sendfile64, int, out_fd, int, in_fd, loff_t __user *, offset, size_t, count)
1298 : {
1299 : loff_t pos;
1300 : ssize_t ret;
1301 :
1302 0 : if (offset) {
1303 0 : if (unlikely(copy_from_user(&pos, offset, sizeof(loff_t))))
1304 : return -EFAULT;
1305 0 : ret = do_sendfile(out_fd, in_fd, &pos, count, 0);
1306 0 : if (unlikely(put_user(pos, offset)))
1307 : return -EFAULT;
1308 0 : return ret;
1309 : }
1310 :
1311 0 : return do_sendfile(out_fd, in_fd, NULL, count, 0);
1312 : }
1313 :
1314 : #ifdef CONFIG_COMPAT
1315 : COMPAT_SYSCALL_DEFINE4(sendfile, int, out_fd, int, in_fd,
1316 : compat_off_t __user *, offset, compat_size_t, count)
1317 : {
1318 : loff_t pos;
1319 : off_t off;
1320 : ssize_t ret;
1321 :
1322 : if (offset) {
1323 : if (unlikely(get_user(off, offset)))
1324 : return -EFAULT;
1325 : pos = off;
1326 : ret = do_sendfile(out_fd, in_fd, &pos, count, MAX_NON_LFS);
1327 : if (unlikely(put_user(pos, offset)))
1328 : return -EFAULT;
1329 : return ret;
1330 : }
1331 :
1332 : return do_sendfile(out_fd, in_fd, NULL, count, 0);
1333 : }
1334 :
1335 : COMPAT_SYSCALL_DEFINE4(sendfile64, int, out_fd, int, in_fd,
1336 : compat_loff_t __user *, offset, compat_size_t, count)
1337 : {
1338 : loff_t pos;
1339 : ssize_t ret;
1340 :
1341 : if (offset) {
1342 : if (unlikely(copy_from_user(&pos, offset, sizeof(loff_t))))
1343 : return -EFAULT;
1344 : ret = do_sendfile(out_fd, in_fd, &pos, count, 0);
1345 : if (unlikely(put_user(pos, offset)))
1346 : return -EFAULT;
1347 : return ret;
1348 : }
1349 :
1350 : return do_sendfile(out_fd, in_fd, NULL, count, 0);
1351 : }
1352 : #endif
1353 :
1354 : /**
1355 : * generic_copy_file_range - copy data between two files
1356 : * @file_in: file structure to read from
1357 : * @pos_in: file offset to read from
1358 : * @file_out: file structure to write data to
1359 : * @pos_out: file offset to write data to
1360 : * @len: amount of data to copy
1361 : * @flags: copy flags
1362 : *
1363 : * This is a generic filesystem helper to copy data from one file to another.
1364 : * It has no constraints on the source or destination file owners - the files
1365 : * can belong to different superblocks and different filesystem types. Short
1366 : * copies are allowed.
1367 : *
1368 : * This should be called from the @file_out filesystem, as per the
1369 : * ->copy_file_range() method.
1370 : *
1371 : * Returns the number of bytes copied or a negative error indicating the
1372 : * failure.
1373 : */
1374 :
1375 0 : ssize_t generic_copy_file_range(struct file *file_in, loff_t pos_in,
1376 : struct file *file_out, loff_t pos_out,
1377 : size_t len, unsigned int flags)
1378 : {
1379 0 : return do_splice_direct(file_in, &pos_in, file_out, &pos_out,
1380 : len > MAX_RW_COUNT ? MAX_RW_COUNT : len, 0);
1381 : }
1382 : EXPORT_SYMBOL(generic_copy_file_range);
1383 :
1384 0 : static ssize_t do_copy_file_range(struct file *file_in, loff_t pos_in,
1385 : struct file *file_out, loff_t pos_out,
1386 : size_t len, unsigned int flags)
1387 : {
1388 : /*
1389 : * Although we now allow filesystems to handle cross sb copy, passing
1390 : * a file of the wrong filesystem type to filesystem driver can result
1391 : * in an attempt to dereference the wrong type of ->private_data, so
1392 : * avoid doing that until we really have a good reason. NFS defines
1393 : * several different file_system_type structures, but they all end up
1394 : * using the same ->copy_file_range() function pointer.
1395 : */
1396 0 : if (file_out->f_op->copy_file_range &&
1397 0 : file_out->f_op->copy_file_range == file_in->f_op->copy_file_range)
1398 0 : return file_out->f_op->copy_file_range(file_in, pos_in,
1399 : file_out, pos_out,
1400 : len, flags);
1401 :
1402 0 : return generic_copy_file_range(file_in, pos_in, file_out, pos_out, len,
1403 : flags);
1404 : }
1405 :
1406 : /*
1407 : * Performs necessary checks before doing a file copy
1408 : *
1409 : * Can adjust amount of bytes to copy via @req_count argument.
1410 : * Returns appropriate error code that caller should return or
1411 : * zero in case the copy should be allowed.
1412 : */
1413 0 : static int generic_copy_file_checks(struct file *file_in, loff_t pos_in,
1414 : struct file *file_out, loff_t pos_out,
1415 : size_t *req_count, unsigned int flags)
1416 : {
1417 0 : struct inode *inode_in = file_inode(file_in);
1418 0 : struct inode *inode_out = file_inode(file_out);
1419 0 : uint64_t count = *req_count;
1420 : loff_t size_in;
1421 : int ret;
1422 :
1423 0 : ret = generic_file_rw_checks(file_in, file_out);
1424 0 : if (ret)
1425 : return ret;
1426 :
1427 : /* Don't touch certain kinds of inodes */
1428 0 : if (IS_IMMUTABLE(inode_out))
1429 : return -EPERM;
1430 :
1431 0 : if (IS_SWAPFILE(inode_in) || IS_SWAPFILE(inode_out))
1432 : return -ETXTBSY;
1433 :
1434 : /* Ensure offsets don't wrap. */
1435 0 : if (pos_in + count < pos_in || pos_out + count < pos_out)
1436 : return -EOVERFLOW;
1437 :
1438 : /* Shorten the copy to EOF */
1439 0 : size_in = i_size_read(inode_in);
1440 0 : if (pos_in >= size_in)
1441 0 : count = 0;
1442 : else
1443 0 : count = min(count, size_in - (uint64_t)pos_in);
1444 :
1445 0 : ret = generic_write_check_limits(file_out, pos_out, &count);
1446 0 : if (ret)
1447 : return ret;
1448 :
1449 : /* Don't allow overlapped copying within the same file. */
1450 0 : if (inode_in == inode_out &&
1451 0 : pos_out + count > pos_in &&
1452 0 : pos_out < pos_in + count)
1453 : return -EINVAL;
1454 :
1455 0 : *req_count = count;
1456 : return 0;
1457 : }
1458 :
1459 : /*
1460 : * copy_file_range() differs from regular file read and write in that it
1461 : * specifically allows return partial success. When it does so is up to
1462 : * the copy_file_range method.
1463 : */
1464 0 : ssize_t vfs_copy_file_range(struct file *file_in, loff_t pos_in,
1465 : struct file *file_out, loff_t pos_out,
1466 : size_t len, unsigned int flags)
1467 : {
1468 : ssize_t ret;
1469 :
1470 0 : if (flags != 0)
1471 : return -EINVAL;
1472 :
1473 0 : ret = generic_copy_file_checks(file_in, pos_in, file_out, pos_out, &len,
1474 : flags);
1475 0 : if (unlikely(ret))
1476 : return ret;
1477 :
1478 0 : ret = rw_verify_area(READ, file_in, &pos_in, len);
1479 0 : if (unlikely(ret))
1480 : return ret;
1481 :
1482 0 : ret = rw_verify_area(WRITE, file_out, &pos_out, len);
1483 0 : if (unlikely(ret))
1484 : return ret;
1485 :
1486 0 : if (len == 0)
1487 : return 0;
1488 :
1489 0 : file_start_write(file_out);
1490 :
1491 : /*
1492 : * Try cloning first, this is supported by more file systems, and
1493 : * more efficient if both clone and copy are supported (e.g. NFS).
1494 : */
1495 0 : if (file_in->f_op->remap_file_range &&
1496 0 : file_inode(file_in)->i_sb == file_inode(file_out)->i_sb) {
1497 : loff_t cloned;
1498 :
1499 0 : cloned = file_in->f_op->remap_file_range(file_in, pos_in,
1500 : file_out, pos_out,
1501 0 : min_t(loff_t, MAX_RW_COUNT, len),
1502 : REMAP_FILE_CAN_SHORTEN);
1503 0 : if (cloned > 0) {
1504 : ret = cloned;
1505 : goto done;
1506 : }
1507 : }
1508 :
1509 0 : ret = do_copy_file_range(file_in, pos_in, file_out, pos_out, len,
1510 : flags);
1511 0 : WARN_ON_ONCE(ret == -EOPNOTSUPP);
1512 : done:
1513 0 : if (ret > 0) {
1514 0 : fsnotify_access(file_in);
1515 0 : add_rchar(current, ret);
1516 0 : fsnotify_modify(file_out);
1517 0 : add_wchar(current, ret);
1518 : }
1519 :
1520 0 : inc_syscr(current);
1521 0 : inc_syscw(current);
1522 :
1523 : file_end_write(file_out);
1524 :
1525 : return ret;
1526 : }
1527 : EXPORT_SYMBOL(vfs_copy_file_range);
1528 :
1529 0 : SYSCALL_DEFINE6(copy_file_range, int, fd_in, loff_t __user *, off_in,
1530 : int, fd_out, loff_t __user *, off_out,
1531 : size_t, len, unsigned int, flags)
1532 : {
1533 : loff_t pos_in;
1534 : loff_t pos_out;
1535 : struct fd f_in;
1536 : struct fd f_out;
1537 0 : ssize_t ret = -EBADF;
1538 :
1539 0 : f_in = fdget(fd_in);
1540 0 : if (!f_in.file)
1541 : goto out2;
1542 :
1543 0 : f_out = fdget(fd_out);
1544 0 : if (!f_out.file)
1545 : goto out1;
1546 :
1547 0 : ret = -EFAULT;
1548 0 : if (off_in) {
1549 0 : if (copy_from_user(&pos_in, off_in, sizeof(loff_t)))
1550 : goto out;
1551 : } else {
1552 0 : pos_in = f_in.file->f_pos;
1553 : }
1554 :
1555 0 : if (off_out) {
1556 0 : if (copy_from_user(&pos_out, off_out, sizeof(loff_t)))
1557 : goto out;
1558 : } else {
1559 0 : pos_out = f_out.file->f_pos;
1560 : }
1561 :
1562 0 : ret = vfs_copy_file_range(f_in.file, pos_in, f_out.file, pos_out, len,
1563 : flags);
1564 0 : if (ret > 0) {
1565 0 : pos_in += ret;
1566 0 : pos_out += ret;
1567 :
1568 0 : if (off_in) {
1569 0 : if (copy_to_user(off_in, &pos_in, sizeof(loff_t)))
1570 0 : ret = -EFAULT;
1571 : } else {
1572 0 : f_in.file->f_pos = pos_in;
1573 : }
1574 :
1575 0 : if (off_out) {
1576 0 : if (copy_to_user(off_out, &pos_out, sizeof(loff_t)))
1577 0 : ret = -EFAULT;
1578 : } else {
1579 0 : f_out.file->f_pos = pos_out;
1580 : }
1581 : }
1582 :
1583 : out:
1584 0 : fdput(f_out);
1585 : out1:
1586 0 : fdput(f_in);
1587 : out2:
1588 0 : return ret;
1589 : }
1590 :
1591 : /*
1592 : * Don't operate on ranges the page cache doesn't support, and don't exceed the
1593 : * LFS limits. If pos is under the limit it becomes a short access. If it
1594 : * exceeds the limit we return -EFBIG.
1595 : */
1596 0 : int generic_write_check_limits(struct file *file, loff_t pos, loff_t *count)
1597 : {
1598 0 : struct inode *inode = file->f_mapping->host;
1599 0 : loff_t max_size = inode->i_sb->s_maxbytes;
1600 0 : loff_t limit = rlimit(RLIMIT_FSIZE);
1601 :
1602 0 : if (limit != RLIM_INFINITY) {
1603 0 : if (pos >= limit) {
1604 0 : send_sig(SIGXFSZ, current, 0);
1605 0 : return -EFBIG;
1606 : }
1607 0 : *count = min(*count, limit - pos);
1608 : }
1609 :
1610 0 : if (!(file->f_flags & O_LARGEFILE))
1611 0 : max_size = MAX_NON_LFS;
1612 :
1613 0 : if (unlikely(pos >= max_size))
1614 : return -EFBIG;
1615 :
1616 0 : *count = min(*count, max_size - pos);
1617 :
1618 0 : return 0;
1619 : }
1620 :
1621 : /* Like generic_write_checks(), but takes size of write instead of iter. */
1622 0 : int generic_write_checks_count(struct kiocb *iocb, loff_t *count)
1623 : {
1624 0 : struct file *file = iocb->ki_filp;
1625 0 : struct inode *inode = file->f_mapping->host;
1626 :
1627 0 : if (IS_SWAPFILE(inode))
1628 : return -ETXTBSY;
1629 :
1630 0 : if (!*count)
1631 : return 0;
1632 :
1633 0 : if (iocb->ki_flags & IOCB_APPEND)
1634 0 : iocb->ki_pos = i_size_read(inode);
1635 :
1636 0 : if ((iocb->ki_flags & IOCB_NOWAIT) && !(iocb->ki_flags & IOCB_DIRECT))
1637 : return -EINVAL;
1638 :
1639 0 : return generic_write_check_limits(iocb->ki_filp, iocb->ki_pos, count);
1640 : }
1641 : EXPORT_SYMBOL(generic_write_checks_count);
1642 :
1643 : /*
1644 : * Performs necessary checks before doing a write
1645 : *
1646 : * Can adjust writing position or amount of bytes to write.
1647 : * Returns appropriate error code that caller should return or
1648 : * zero in case that write should be allowed.
1649 : */
1650 0 : ssize_t generic_write_checks(struct kiocb *iocb, struct iov_iter *from)
1651 : {
1652 0 : loff_t count = iov_iter_count(from);
1653 : int ret;
1654 :
1655 0 : ret = generic_write_checks_count(iocb, &count);
1656 0 : if (ret)
1657 0 : return ret;
1658 :
1659 0 : iov_iter_truncate(from, count);
1660 0 : return iov_iter_count(from);
1661 : }
1662 : EXPORT_SYMBOL(generic_write_checks);
1663 :
1664 : /*
1665 : * Performs common checks before doing a file copy/clone
1666 : * from @file_in to @file_out.
1667 : */
1668 0 : int generic_file_rw_checks(struct file *file_in, struct file *file_out)
1669 : {
1670 0 : struct inode *inode_in = file_inode(file_in);
1671 0 : struct inode *inode_out = file_inode(file_out);
1672 :
1673 : /* Don't copy dirs, pipes, sockets... */
1674 0 : if (S_ISDIR(inode_in->i_mode) || S_ISDIR(inode_out->i_mode))
1675 : return -EISDIR;
1676 0 : if (!S_ISREG(inode_in->i_mode) || !S_ISREG(inode_out->i_mode))
1677 : return -EINVAL;
1678 :
1679 0 : if (!(file_in->f_mode & FMODE_READ) ||
1680 0 : !(file_out->f_mode & FMODE_WRITE) ||
1681 : (file_out->f_flags & O_APPEND))
1682 : return -EBADF;
1683 :
1684 0 : return 0;
1685 : }
|
