Index: head/lib/libcuse/cuse.3 =================================================================== --- head/lib/libcuse/cuse.3 (revision 346355) +++ head/lib/libcuse/cuse.3 (revision 346356) @@ -1,389 +1,390 @@ .\" $FreeBSD$ .\" .\" Copyright (c) 2010-2013 Hans Petter Selasky .\" .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd October 5, 2017 +.Dd April 17, 2019 .Dt CUSE 3 .Os .Sh NAME .Nm libcuse .Nd "Userland character device library" .Sh LIBRARY .Lb libcuse .Sh SYNOPSIS To load the required kernel module at boot time, place the following line in .Xr loader.conf 5 : .Bd -literal -offset indent cuse_load="YES" .Ed .Pp .In cuse.h .Sh DESCRIPTION The .Nm library contains functions to create a character device in userspace. The .Nm library is thread safe. .Sh LIBRARY INITIALISATION / DEINITIALISATION .Ft "int" .Fn "cuse_init" "void" This function initialises .Nm . Must be called at the beginning of the program. This function returns 0 on success or a negative value on failure. See .Dv CUSE_ERR_XXX for known error codes. If the cuse kernel module is not loaded, .Dv CUSE_ERR_NOT_LOADED is returned. .Pp .Ft "int" .Fn "cuse_uninit" "void" Deinitialise .Nm . Can be called at the end of the application. This function returns 0 on success or a negative value on failure. See .Dv CUSE_ERR_XXX for known error codes. .Sh UNIT MANAGEMENT .Ft "int" .Fn "cuse_alloc_unit_number" "int *" This function stores a uniq system unit number at the pointed integer loation. This function returns 0 on success or a negative value on failure. See .Dv CUSE_ERR_XXX for known error codes. .Pp .Ft "int" .Fn "cuse_alloc_unit_number_by_id" "int *" "int id" This function stores a unique system unit number at the pointed integer loation. The returned unit number is uniq within the given ID. Valid ID values are defined by the cuse include file. See the .Fn CUSE_ID_XXX macros for more information. This function returns 0 on success or a negative value on failure. See .Dv CUSE_ERR_XXX for known error codes. .Pp .Ft "int" .Fn "cuse_free_unit_number" "int" This function frees the given allocated system unit number. This function returns 0 on success or a negative value on failure. See .Dv CUSE_ERR_XXX for known error codes. .Pp .Ft "int" .Fn "cuse_free_unit_number_by_id" "int unit" "int id" This function frees the given allocated system unit number belonging to the given ID. If both the unit and id argument is -1, all allocated units will be freed. This function returns 0 on success or a negative value on failure. See .Dv CUSE_ERR_XXX for known error codes. .Sh LIBRARY USAGE .Ft "void *" .Fn "cuse_vmalloc" "int size" This function allocates .Ar size bytes of memory. Only memory allocated by this function can be memory mapped by .Xr mmap 2 . This function returns a valid data pointer on success or .Dv NULL on failure. .Pp .Ft "int" .Fn "cuse_is_vmalloc_addr" "void *" This function returns non-zero if the passed pointer points to a valid and non-freed allocation, as returned by .Fn cuse_vmalloc . Else this function returns zero. .Pp .Ft "void" .Fn "cuse_vmfree" "void *" This function frees memory allocated by .Fn cuse_vmalloc . Note that the cuse library will internally not free the memory until the .Fn cuse_uninit function is called and that the number of unique allocations is limited. .Pp .Ft "unsigned long" .Fn "cuse_vmoffset" "void *" This function returns the mmap offset that the client must use to access the allocated memory. .Pp .Ft "struct cuse_dev *" .Fn "cuse_dev_create" "const struct cuse_methods *mtod" "void *priv0" "void *priv1" "uid_t" "gid_t" "int permission" "const char *fmt" "..." This function creates a new character device according to the given parameters. This function returns a valid cuse_dev structure pointer on success or .Dv NULL on failure. The device name can only contain a-z, A-Z, 0-9, dot, / and underscore characters. .Pp .Ft "void" .Fn "cuse_dev_destroy" "struct cuse_dev *" This functions destroys a previously created character device. .Pp .Ft "void *" .Fn "cuse_dev_get_priv0" "struct cuse_dev *" , .Ft "void *" .Fn "cuse_dev_get_priv1" "struct cuse_dev *" , .Ft "void" .Fn "cuse_dev_set_priv0" "struct cuse_dev *" "void *" , .Ft "void" .Fn "cuse_dev_set_priv1" "struct cuse_dev *" "void *" These functions are used to set and get the private data of the given cuse device. .Pp .Ft "int" .Fn "cuse_wait_and_process" "void" This function will block and do event processing. If parallel I/O is required multiple threads must be created looping on this function. This function returns 0 on success or a negative value on failure. See .Dv CUSE_ERR_XXX for known error codes. .Pp .Ft "void *" .Fn "cuse_dev_get_per_file_handle" "struct cuse_dev *" , .Ft "void" .Fn "cuse_dev_set_per_file_handle" "struct cuse_dev *" "void *" These functions are used to set and get the per-file-open specific handle and should only be used inside the cuse file operation callbacks. .Pp .Ft "void" .Fn "cuse_set_local" "int" This function instructs .Fn cuse_copy_out and .Fn cuse_copy_in that the user pointer is local, if the argument passed to it is non-zero. Else the user pointer is assumed to be at the peer application. This function should only be used inside the cuse file operation callbacks. The value is reset to zero when the given file operation returns, and does not affect any other file operation callbacks. .Pp .Ft "int" .Fn "cuse_get_local" "void" Returns the current local state. See .Fn cuse_set_local . .Pp .Ft "int" .Fn "cuse_copy_out" "const void *src" "void *peer_dst" "int len" , .Ft "int" .Fn "cuse_copy_in" "const void *peer_src" "void *dst" "int len" These functions are used to transfer data between the local application and the peer application. These functions must be used when operating on the data pointers passed to the .Fn cm_read , .Fn cm_write , and .Fn cm_ioctl callback functions. These functions return 0 on success or a negative value on failure. See .Dv CUSE_ERR_XXX for known error codes. .Pp .Ft "int" .Fn "cuse_got_peer_signal" "void" This function is used to check if a signal has been delivered to the peer application and should only be used inside the cuse file operation callbacks. This function returns 0 if a signal has been delivered to the caller. Else it returns a negative value. See .Dv CUSE_ERR_XXX for known error codes. .Pp .Ft "struct cuse_dev *" .Fn "cuse_dev_get_current" "int *pcmd" This function is used to get the current cuse device pointer and the currently executing command, by .Dv CUSE_CMD_XXX value. The .Ar pcmd argument is allowed to be .Dv NULL . This function should only be used inside the cuse file operation callbacks. On success a valid cuse device pointer is returned. On failure .Dv NULL is returned. .Pp .Ft "void" .Fn "cuse_poll_wakeup" "void" This function will wake up any file pollers. .Sh LIBRARY LIMITATIONS Transfer lengths for .Fn read , .Fn write , .Fn cuse_copy_in , and .Fn cuse_copy_out should not exceed what can fit into a 32-bit signed integer and is defined by the .Fn CUSE_LENGTH_MAX macro. Transfer lengths for ioctls should not exceed what is defined by the .Fn CUSE_BUFFER_MAX macro. .Sh LIBRARY CALLBACK METHODS In general fflags are defined by .Dv CUSE_FFLAG_XXX and errors are defined by .Dv CUSE_ERR_XXX . .Bd -literal -offset indent enum { CUSE_ERR_NONE CUSE_ERR_BUSY CUSE_ERR_WOULDBLOCK CUSE_ERR_INVALID CUSE_ERR_NO_MEMORY CUSE_ERR_FAULT CUSE_ERR_SIGNAL CUSE_ERR_OTHER CUSE_ERR_NOT_LOADED CUSE_ERR_NO_DEVICE CUSE_POLL_NONE CUSE_POLL_READ CUSE_POLL_WRITE CUSE_POLL_ERROR CUSE_FFLAG_NONE CUSE_FFLAG_READ CUSE_FFLAG_WRITE CUSE_FFLAG_NONBLOCK + CUSE_FFLAG_COMPAT32 CUSE_CMD_NONE CUSE_CMD_OPEN CUSE_CMD_CLOSE CUSE_CMD_READ CUSE_CMD_WRITE CUSE_CMD_IOCTL CUSE_CMD_POLL CUSE_CMD_SIGNAL CUSE_CMD_SYNC CUSE_CMD_MAX }; .Ed .Pp .Ft "int" .Fn "cuse_open_t" "struct cuse_dev *" "int fflags" This function returns a .Dv CUSE_ERR_XXX value. .Pp .Ft "int" .Fn "cuse_close_t" "struct cuse_dev *" "int fflags" This function returns a .Dv CUSE_ERR_XXX value. .Pp .Ft "int" .Fn "cuse_read_t" "struct cuse_dev *" "int fflags" "void *peer_ptr" "int len" This function returns a .Dv CUSE_ERR_XXX value in case of failure or the actually transferred length in case of success. .Fn cuse_copy_in and .Fn cuse_copy_out must be used to transfer data to and from the .Ar peer_ptr . .Pp .Ft "int" .Fn "cuse_write_t" "struct cuse_dev *" "int fflags" "const void *peer_ptr" "int len" This function returns a .Dv CUSE_ERR_XXX value in case of failure or the actually transferred length in case of success. .Fn cuse_copy_in and .Fn cuse_copy_out must be used to transfer data to and from the .Ar peer_ptr . .Pp .Ft "int" .Fn "cuse_ioctl_t" "struct cuse_dev *" "int fflags" "unsigned long cmd" "void *peer_data" This function returns a .Dv CUSE_ERR_XXX value in case of failure or zero in case of success. .Fn cuse_copy_in and .Fn cuse_copy_out must be used to transfer data to and from the .Ar peer_data . .Pp .Ft "int" .Fn "cuse_poll_t" "struct cuse_dev *" "int fflags" "int events" This function returns a mask of .Dv CUSE_POLL_XXX values in case of failure and success. The events argument is also a mask of .Dv CUSE_POLL_XXX values. .Bd -literal -offset indent struct cuse_methods { cuse_open_t *cm_open; cuse_close_t *cm_close; cuse_read_t *cm_read; cuse_write_t *cm_write; cuse_ioctl_t *cm_ioctl; cuse_poll_t *cm_poll; }; .Ed .Sh HISTORY .Nm was written by Hans Petter Selasky. Index: head/sys/fs/cuse/cuse.c =================================================================== --- head/sys/fs/cuse/cuse.c (revision 346355) +++ head/sys/fs/cuse/cuse.c (revision 346356) @@ -1,1895 +1,1899 @@ /* $FreeBSD$ */ /*- * Copyright (c) 2010-2017 Hans Petter Selasky. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include +#include #include #include #include #include #include #include #include #include MODULE_VERSION(cuse, 1); /* * Prevent cuse4bsd.ko and cuse.ko from loading at the same time by * declaring support for the cuse4bsd interface in cuse.ko: */ MODULE_VERSION(cuse4bsd, 1); #ifdef FEATURE FEATURE(cuse, "Userspace character devices"); #endif struct cuse_command; struct cuse_server; struct cuse_client; struct cuse_client_command { TAILQ_ENTRY(cuse_client_command) entry; struct cuse_command sub; struct sx sx; struct cv cv; struct thread *entered; struct cuse_client *client; struct proc *proc_curr; int proc_refs; int got_signal; int error; int command; }; struct cuse_memory { TAILQ_ENTRY(cuse_memory) entry; vm_object_t object; uint32_t page_count; uint32_t alloc_nr; }; struct cuse_server_dev { TAILQ_ENTRY(cuse_server_dev) entry; struct cuse_server *server; struct cdev *kern_dev; struct cuse_dev *user_dev; }; struct cuse_server { TAILQ_ENTRY(cuse_server) entry; TAILQ_HEAD(, cuse_client_command) head; TAILQ_HEAD(, cuse_server_dev) hdev; TAILQ_HEAD(, cuse_client) hcli; TAILQ_HEAD(, cuse_memory) hmem; struct cv cv; struct selinfo selinfo; pid_t pid; int is_closing; int refs; }; struct cuse_client { TAILQ_ENTRY(cuse_client) entry; TAILQ_ENTRY(cuse_client) entry_ref; struct cuse_client_command cmds[CUSE_CMD_MAX]; struct cuse_server *server; struct cuse_server_dev *server_dev; uint8_t ioctl_buffer[CUSE_BUFFER_MAX] __aligned(4); int fflags; /* file flags */ int cflags; /* client flags */ #define CUSE_CLI_IS_CLOSING 0x01 #define CUSE_CLI_KNOTE_NEED_READ 0x02 #define CUSE_CLI_KNOTE_NEED_WRITE 0x04 #define CUSE_CLI_KNOTE_HAS_READ 0x08 #define CUSE_CLI_KNOTE_HAS_WRITE 0x10 }; #define CUSE_CLIENT_CLOSING(pcc) \ ((pcc)->cflags & CUSE_CLI_IS_CLOSING) static MALLOC_DEFINE(M_CUSE, "cuse", "CUSE memory"); static TAILQ_HEAD(, cuse_server) cuse_server_head; static struct mtx cuse_mtx; static struct cdev *cuse_dev; static struct cuse_server *cuse_alloc_unit[CUSE_DEVICES_MAX]; static int cuse_alloc_unit_id[CUSE_DEVICES_MAX]; static void cuse_server_wakeup_all_client_locked(struct cuse_server *pcs); static void cuse_client_kqfilter_read_detach(struct knote *kn); static void cuse_client_kqfilter_write_detach(struct knote *kn); static int cuse_client_kqfilter_read_event(struct knote *kn, long hint); static int cuse_client_kqfilter_write_event(struct knote *kn, long hint); static struct filterops cuse_client_kqfilter_read_ops = { .f_isfd = 1, .f_detach = cuse_client_kqfilter_read_detach, .f_event = cuse_client_kqfilter_read_event, }; static struct filterops cuse_client_kqfilter_write_ops = { .f_isfd = 1, .f_detach = cuse_client_kqfilter_write_detach, .f_event = cuse_client_kqfilter_write_event, }; static d_open_t cuse_client_open; static d_close_t cuse_client_close; static d_ioctl_t cuse_client_ioctl; static d_read_t cuse_client_read; static d_write_t cuse_client_write; static d_poll_t cuse_client_poll; static d_mmap_single_t cuse_client_mmap_single; static d_kqfilter_t cuse_client_kqfilter; static struct cdevsw cuse_client_devsw = { .d_version = D_VERSION, .d_open = cuse_client_open, .d_close = cuse_client_close, .d_ioctl = cuse_client_ioctl, .d_name = "cuse_client", .d_flags = D_TRACKCLOSE, .d_read = cuse_client_read, .d_write = cuse_client_write, .d_poll = cuse_client_poll, .d_mmap_single = cuse_client_mmap_single, .d_kqfilter = cuse_client_kqfilter, }; static d_open_t cuse_server_open; static d_close_t cuse_server_close; static d_ioctl_t cuse_server_ioctl; static d_read_t cuse_server_read; static d_write_t cuse_server_write; static d_poll_t cuse_server_poll; static d_mmap_single_t cuse_server_mmap_single; static struct cdevsw cuse_server_devsw = { .d_version = D_VERSION, .d_open = cuse_server_open, .d_close = cuse_server_close, .d_ioctl = cuse_server_ioctl, .d_name = "cuse_server", .d_flags = D_TRACKCLOSE, .d_read = cuse_server_read, .d_write = cuse_server_write, .d_poll = cuse_server_poll, .d_mmap_single = cuse_server_mmap_single, }; static void cuse_client_is_closing(struct cuse_client *); static int cuse_free_unit_by_id_locked(struct cuse_server *, int); static void cuse_lock(void) { mtx_lock(&cuse_mtx); } static void cuse_unlock(void) { mtx_unlock(&cuse_mtx); } static void cuse_cmd_lock(struct cuse_client_command *pccmd) { sx_xlock(&pccmd->sx); } static void cuse_cmd_unlock(struct cuse_client_command *pccmd) { sx_xunlock(&pccmd->sx); } static void cuse_kern_init(void *arg) { TAILQ_INIT(&cuse_server_head); mtx_init(&cuse_mtx, "cuse-mtx", NULL, MTX_DEF); cuse_dev = make_dev(&cuse_server_devsw, 0, UID_ROOT, GID_OPERATOR, 0600, "cuse"); printf("Cuse v%d.%d.%d @ /dev/cuse\n", (CUSE_VERSION >> 16) & 0xFF, (CUSE_VERSION >> 8) & 0xFF, (CUSE_VERSION >> 0) & 0xFF); } SYSINIT(cuse_kern_init, SI_SUB_DEVFS, SI_ORDER_ANY, cuse_kern_init, NULL); static void cuse_kern_uninit(void *arg) { void *ptr; while (1) { printf("Cuse: Please exit all /dev/cuse instances " "and processes which have used this device.\n"); pause("DRAIN", 2 * hz); cuse_lock(); ptr = TAILQ_FIRST(&cuse_server_head); cuse_unlock(); if (ptr == NULL) break; } if (cuse_dev != NULL) destroy_dev(cuse_dev); mtx_destroy(&cuse_mtx); } SYSUNINIT(cuse_kern_uninit, SI_SUB_DEVFS, SI_ORDER_ANY, cuse_kern_uninit, 0); static int cuse_server_get(struct cuse_server **ppcs) { struct cuse_server *pcs; int error; error = devfs_get_cdevpriv((void **)&pcs); if (error != 0) { *ppcs = NULL; return (error); } /* check if closing */ cuse_lock(); if (pcs->is_closing) { cuse_unlock(); *ppcs = NULL; return (EINVAL); } cuse_unlock(); *ppcs = pcs; return (0); } static void cuse_server_is_closing(struct cuse_server *pcs) { struct cuse_client *pcc; if (pcs->is_closing) return; pcs->is_closing = 1; TAILQ_FOREACH(pcc, &pcs->hcli, entry) { cuse_client_is_closing(pcc); } } static struct cuse_client_command * cuse_server_find_command(struct cuse_server *pcs, struct thread *td) { struct cuse_client *pcc; int n; if (pcs->is_closing) goto done; TAILQ_FOREACH(pcc, &pcs->hcli, entry) { if (CUSE_CLIENT_CLOSING(pcc)) continue; for (n = 0; n != CUSE_CMD_MAX; n++) { if (pcc->cmds[n].entered == td) return (&pcc->cmds[n]); } } done: return (NULL); } static void cuse_str_filter(char *ptr) { int c; while (((c = *ptr) != 0)) { if ((c >= 'a') && (c <= 'z')) { ptr++; continue; } if ((c >= 'A') && (c <= 'Z')) { ptr++; continue; } if ((c >= '0') && (c <= '9')) { ptr++; continue; } if ((c == '.') || (c == '_') || (c == '/')) { ptr++; continue; } *ptr = '_'; ptr++; } } static int cuse_convert_error(int error) { ; /* indent fix */ switch (error) { case CUSE_ERR_NONE: return (0); case CUSE_ERR_BUSY: return (EBUSY); case CUSE_ERR_WOULDBLOCK: return (EWOULDBLOCK); case CUSE_ERR_INVALID: return (EINVAL); case CUSE_ERR_NO_MEMORY: return (ENOMEM); case CUSE_ERR_FAULT: return (EFAULT); case CUSE_ERR_SIGNAL: return (EINTR); case CUSE_ERR_NO_DEVICE: return (ENODEV); default: return (ENXIO); } } static void cuse_vm_memory_free(struct cuse_memory *mem) { /* last user is gone - free */ vm_object_deallocate(mem->object); /* free CUSE memory */ free(mem, M_CUSE); } static int cuse_server_alloc_memory(struct cuse_server *pcs, uint32_t alloc_nr, uint32_t page_count) { struct cuse_memory *temp; struct cuse_memory *mem; vm_object_t object; int error; mem = malloc(sizeof(*mem), M_CUSE, M_WAITOK | M_ZERO); if (mem == NULL) return (ENOMEM); object = vm_pager_allocate(OBJT_SWAP, NULL, PAGE_SIZE * page_count, VM_PROT_DEFAULT, 0, curthread->td_ucred); if (object == NULL) { error = ENOMEM; goto error_0; } cuse_lock(); /* check if allocation number already exists */ TAILQ_FOREACH(temp, &pcs->hmem, entry) { if (temp->alloc_nr == alloc_nr) break; } if (temp != NULL) { cuse_unlock(); error = EBUSY; goto error_1; } mem->object = object; mem->page_count = page_count; mem->alloc_nr = alloc_nr; TAILQ_INSERT_TAIL(&pcs->hmem, mem, entry); cuse_unlock(); return (0); error_1: vm_object_deallocate(object); error_0: free(mem, M_CUSE); return (error); } static int cuse_server_free_memory(struct cuse_server *pcs, uint32_t alloc_nr) { struct cuse_memory *mem; cuse_lock(); TAILQ_FOREACH(mem, &pcs->hmem, entry) { if (mem->alloc_nr == alloc_nr) break; } if (mem == NULL) { cuse_unlock(); return (EINVAL); } TAILQ_REMOVE(&pcs->hmem, mem, entry); cuse_unlock(); cuse_vm_memory_free(mem); return (0); } static int cuse_client_get(struct cuse_client **ppcc) { struct cuse_client *pcc; int error; /* try to get private data */ error = devfs_get_cdevpriv((void **)&pcc); if (error != 0) { *ppcc = NULL; return (error); } /* check if closing */ cuse_lock(); if (CUSE_CLIENT_CLOSING(pcc) || pcc->server->is_closing) { cuse_unlock(); *ppcc = NULL; return (EINVAL); } cuse_unlock(); *ppcc = pcc; return (0); } static void cuse_client_is_closing(struct cuse_client *pcc) { struct cuse_client_command *pccmd; uint32_t n; if (CUSE_CLIENT_CLOSING(pcc)) return; pcc->cflags |= CUSE_CLI_IS_CLOSING; pcc->server_dev = NULL; for (n = 0; n != CUSE_CMD_MAX; n++) { pccmd = &pcc->cmds[n]; if (pccmd->entry.tqe_prev != NULL) { TAILQ_REMOVE(&pcc->server->head, pccmd, entry); pccmd->entry.tqe_prev = NULL; } cv_broadcast(&pccmd->cv); } } static void cuse_client_send_command_locked(struct cuse_client_command *pccmd, uintptr_t data_ptr, unsigned long arg, int fflags, int ioflag) { unsigned long cuse_fflags = 0; struct cuse_server *pcs; if (fflags & FREAD) cuse_fflags |= CUSE_FFLAG_READ; if (fflags & FWRITE) cuse_fflags |= CUSE_FFLAG_WRITE; if (ioflag & IO_NDELAY) cuse_fflags |= CUSE_FFLAG_NONBLOCK; - +#if defined(__LP64__) + if (SV_CURPROC_FLAG(SV_ILP32)) + cuse_fflags |= CUSE_FFLAG_COMPAT32; +#endif pccmd->sub.fflags = cuse_fflags; pccmd->sub.data_pointer = data_ptr; pccmd->sub.argument = arg; pcs = pccmd->client->server; if ((pccmd->entry.tqe_prev == NULL) && (CUSE_CLIENT_CLOSING(pccmd->client) == 0) && (pcs->is_closing == 0)) { TAILQ_INSERT_TAIL(&pcs->head, pccmd, entry); cv_signal(&pcs->cv); } } static void cuse_client_got_signal(struct cuse_client_command *pccmd) { struct cuse_server *pcs; pccmd->got_signal = 1; pccmd = &pccmd->client->cmds[CUSE_CMD_SIGNAL]; pcs = pccmd->client->server; if ((pccmd->entry.tqe_prev == NULL) && (CUSE_CLIENT_CLOSING(pccmd->client) == 0) && (pcs->is_closing == 0)) { TAILQ_INSERT_TAIL(&pcs->head, pccmd, entry); cv_signal(&pcs->cv); } } static int cuse_client_receive_command_locked(struct cuse_client_command *pccmd, uint8_t *arg_ptr, uint32_t arg_len) { int error; error = 0; pccmd->proc_curr = curthread->td_proc; if (CUSE_CLIENT_CLOSING(pccmd->client) || pccmd->client->server->is_closing) { error = CUSE_ERR_OTHER; goto done; } while (pccmd->command == CUSE_CMD_NONE) { if (error != 0) { cv_wait(&pccmd->cv, &cuse_mtx); } else { error = cv_wait_sig(&pccmd->cv, &cuse_mtx); if (error != 0) cuse_client_got_signal(pccmd); } if (CUSE_CLIENT_CLOSING(pccmd->client) || pccmd->client->server->is_closing) { error = CUSE_ERR_OTHER; goto done; } } error = pccmd->error; pccmd->command = CUSE_CMD_NONE; cv_signal(&pccmd->cv); done: /* wait until all process references are gone */ pccmd->proc_curr = NULL; while (pccmd->proc_refs != 0) cv_wait(&pccmd->cv, &cuse_mtx); return (error); } /*------------------------------------------------------------------------* * CUSE SERVER PART *------------------------------------------------------------------------*/ static void cuse_server_free_dev(struct cuse_server_dev *pcsd) { struct cuse_server *pcs; struct cuse_client *pcc; /* get server pointer */ pcs = pcsd->server; /* prevent creation of more devices */ cuse_lock(); if (pcsd->kern_dev != NULL) pcsd->kern_dev->si_drv1 = NULL; TAILQ_FOREACH(pcc, &pcs->hcli, entry) { if (pcc->server_dev == pcsd) cuse_client_is_closing(pcc); } cuse_unlock(); /* destroy device, if any */ if (pcsd->kern_dev != NULL) { /* destroy device synchronously */ destroy_dev(pcsd->kern_dev); } free(pcsd, M_CUSE); } static void cuse_server_unref(struct cuse_server *pcs) { struct cuse_server_dev *pcsd; struct cuse_memory *mem; cuse_lock(); pcs->refs--; if (pcs->refs != 0) { cuse_unlock(); return; } cuse_server_is_closing(pcs); /* final client wakeup, if any */ cuse_server_wakeup_all_client_locked(pcs); TAILQ_REMOVE(&cuse_server_head, pcs, entry); cuse_free_unit_by_id_locked(pcs, -1); while ((pcsd = TAILQ_FIRST(&pcs->hdev)) != NULL) { TAILQ_REMOVE(&pcs->hdev, pcsd, entry); cuse_unlock(); cuse_server_free_dev(pcsd); cuse_lock(); } while ((mem = TAILQ_FIRST(&pcs->hmem)) != NULL) { TAILQ_REMOVE(&pcs->hmem, mem, entry); cuse_unlock(); cuse_vm_memory_free(mem); cuse_lock(); } knlist_clear(&pcs->selinfo.si_note, 1); knlist_destroy(&pcs->selinfo.si_note); cuse_unlock(); seldrain(&pcs->selinfo); cv_destroy(&pcs->cv); free(pcs, M_CUSE); } static void cuse_server_free(void *arg) { struct cuse_server *pcs = arg; /* drop refcount */ cuse_server_unref(pcs); } static int cuse_server_open(struct cdev *dev, int fflags, int devtype, struct thread *td) { struct cuse_server *pcs; pcs = malloc(sizeof(*pcs), M_CUSE, M_WAITOK | M_ZERO); if (pcs == NULL) return (ENOMEM); if (devfs_set_cdevpriv(pcs, &cuse_server_free)) { printf("Cuse: Cannot set cdevpriv.\n"); free(pcs, M_CUSE); return (ENOMEM); } /* store current process ID */ pcs->pid = curproc->p_pid; TAILQ_INIT(&pcs->head); TAILQ_INIT(&pcs->hdev); TAILQ_INIT(&pcs->hcli); TAILQ_INIT(&pcs->hmem); cv_init(&pcs->cv, "cuse-server-cv"); knlist_init_mtx(&pcs->selinfo.si_note, &cuse_mtx); cuse_lock(); pcs->refs++; TAILQ_INSERT_TAIL(&cuse_server_head, pcs, entry); cuse_unlock(); return (0); } static int cuse_server_close(struct cdev *dev, int fflag, int devtype, struct thread *td) { struct cuse_server *pcs; int error; error = cuse_server_get(&pcs); if (error != 0) goto done; cuse_lock(); cuse_server_is_closing(pcs); /* final client wakeup, if any */ cuse_server_wakeup_all_client_locked(pcs); knlist_clear(&pcs->selinfo.si_note, 1); cuse_unlock(); done: return (0); } static int cuse_server_read(struct cdev *dev, struct uio *uio, int ioflag) { return (ENXIO); } static int cuse_server_write(struct cdev *dev, struct uio *uio, int ioflag) { return (ENXIO); } static int cuse_server_ioctl_copy_locked(struct cuse_client_command *pccmd, struct cuse_data_chunk *pchk, int isread) { struct proc *p_proc; uint32_t offset; int error; offset = pchk->peer_ptr - CUSE_BUF_MIN_PTR; if (pchk->length > CUSE_BUFFER_MAX) return (EFAULT); if (offset >= CUSE_BUFFER_MAX) return (EFAULT); if ((offset + pchk->length) > CUSE_BUFFER_MAX) return (EFAULT); p_proc = pccmd->proc_curr; if (p_proc == NULL) return (ENXIO); if (pccmd->proc_refs < 0) return (ENOMEM); pccmd->proc_refs++; cuse_unlock(); if (isread == 0) { error = copyin( (void *)pchk->local_ptr, pccmd->client->ioctl_buffer + offset, pchk->length); } else { error = copyout( pccmd->client->ioctl_buffer + offset, (void *)pchk->local_ptr, pchk->length); } cuse_lock(); pccmd->proc_refs--; if (pccmd->proc_curr == NULL) cv_signal(&pccmd->cv); return (error); } static int cuse_proc2proc_copy(struct proc *proc_s, vm_offset_t data_s, struct proc *proc_d, vm_offset_t data_d, size_t len) { struct thread *td; struct proc *proc_cur; int error; td = curthread; proc_cur = td->td_proc; if (proc_cur == proc_d) { struct iovec iov = { .iov_base = (caddr_t)data_d, .iov_len = len, }; struct uio uio = { .uio_iov = &iov, .uio_iovcnt = 1, .uio_offset = (off_t)data_s, .uio_resid = len, .uio_segflg = UIO_USERSPACE, .uio_rw = UIO_READ, .uio_td = td, }; PHOLD(proc_s); error = proc_rwmem(proc_s, &uio); PRELE(proc_s); } else if (proc_cur == proc_s) { struct iovec iov = { .iov_base = (caddr_t)data_s, .iov_len = len, }; struct uio uio = { .uio_iov = &iov, .uio_iovcnt = 1, .uio_offset = (off_t)data_d, .uio_resid = len, .uio_segflg = UIO_USERSPACE, .uio_rw = UIO_WRITE, .uio_td = td, }; PHOLD(proc_d); error = proc_rwmem(proc_d, &uio); PRELE(proc_d); } else { error = EINVAL; } return (error); } static int cuse_server_data_copy_locked(struct cuse_client_command *pccmd, struct cuse_data_chunk *pchk, int isread) { struct proc *p_proc; int error; p_proc = pccmd->proc_curr; if (p_proc == NULL) return (ENXIO); if (pccmd->proc_refs < 0) return (ENOMEM); pccmd->proc_refs++; cuse_unlock(); if (isread == 0) { error = cuse_proc2proc_copy( curthread->td_proc, pchk->local_ptr, p_proc, pchk->peer_ptr, pchk->length); } else { error = cuse_proc2proc_copy( p_proc, pchk->peer_ptr, curthread->td_proc, pchk->local_ptr, pchk->length); } cuse_lock(); pccmd->proc_refs--; if (pccmd->proc_curr == NULL) cv_signal(&pccmd->cv); return (error); } static int cuse_alloc_unit_by_id_locked(struct cuse_server *pcs, int id) { int n; int x = 0; int match; do { for (match = n = 0; n != CUSE_DEVICES_MAX; n++) { if (cuse_alloc_unit[n] != NULL) { if ((cuse_alloc_unit_id[n] ^ id) & CUSE_ID_MASK) continue; if ((cuse_alloc_unit_id[n] & ~CUSE_ID_MASK) == x) { x++; match = 1; } } } } while (match); if (x < 256) { for (n = 0; n != CUSE_DEVICES_MAX; n++) { if (cuse_alloc_unit[n] == NULL) { cuse_alloc_unit[n] = pcs; cuse_alloc_unit_id[n] = id | x; return (x); } } } return (-1); } static void cuse_server_wakeup_locked(struct cuse_server *pcs) { selwakeup(&pcs->selinfo); KNOTE_LOCKED(&pcs->selinfo.si_note, 0); } static void cuse_server_wakeup_all_client_locked(struct cuse_server *pcs) { struct cuse_client *pcc; TAILQ_FOREACH(pcc, &pcs->hcli, entry) { pcc->cflags |= (CUSE_CLI_KNOTE_NEED_READ | CUSE_CLI_KNOTE_NEED_WRITE); } cuse_server_wakeup_locked(pcs); } static int cuse_free_unit_by_id_locked(struct cuse_server *pcs, int id) { int n; int found = 0; for (n = 0; n != CUSE_DEVICES_MAX; n++) { if (cuse_alloc_unit[n] == pcs) { if (cuse_alloc_unit_id[n] == id || id == -1) { cuse_alloc_unit[n] = NULL; cuse_alloc_unit_id[n] = 0; found = 1; } } } return (found ? 0 : EINVAL); } static int cuse_server_ioctl(struct cdev *dev, unsigned long cmd, caddr_t data, int fflag, struct thread *td) { struct cuse_server *pcs; int error; error = cuse_server_get(&pcs); if (error != 0) return (error); switch (cmd) { struct cuse_client_command *pccmd; struct cuse_client *pcc; struct cuse_command *pcmd; struct cuse_alloc_info *pai; struct cuse_create_dev *pcd; struct cuse_server_dev *pcsd; struct cuse_data_chunk *pchk; int n; case CUSE_IOCTL_GET_COMMAND: pcmd = (void *)data; cuse_lock(); while ((pccmd = TAILQ_FIRST(&pcs->head)) == NULL) { error = cv_wait_sig(&pcs->cv, &cuse_mtx); if (pcs->is_closing) error = ENXIO; if (error) { cuse_unlock(); return (error); } } TAILQ_REMOVE(&pcs->head, pccmd, entry); pccmd->entry.tqe_prev = NULL; pccmd->entered = curthread; *pcmd = pccmd->sub; cuse_unlock(); break; case CUSE_IOCTL_SYNC_COMMAND: cuse_lock(); while ((pccmd = cuse_server_find_command(pcs, curthread)) != NULL) { /* send sync command */ pccmd->entered = NULL; pccmd->error = *(int *)data; pccmd->command = CUSE_CMD_SYNC; /* signal peer, if any */ cv_signal(&pccmd->cv); } cuse_unlock(); break; case CUSE_IOCTL_ALLOC_UNIT: cuse_lock(); n = cuse_alloc_unit_by_id_locked(pcs, CUSE_ID_DEFAULT(0)); cuse_unlock(); if (n < 0) error = ENOMEM; else *(int *)data = n; break; case CUSE_IOCTL_ALLOC_UNIT_BY_ID: n = *(int *)data; n = (n & CUSE_ID_MASK); cuse_lock(); n = cuse_alloc_unit_by_id_locked(pcs, n); cuse_unlock(); if (n < 0) error = ENOMEM; else *(int *)data = n; break; case CUSE_IOCTL_FREE_UNIT: n = *(int *)data; n = CUSE_ID_DEFAULT(n); cuse_lock(); error = cuse_free_unit_by_id_locked(pcs, n); cuse_unlock(); break; case CUSE_IOCTL_FREE_UNIT_BY_ID: n = *(int *)data; cuse_lock(); error = cuse_free_unit_by_id_locked(pcs, n); cuse_unlock(); break; case CUSE_IOCTL_ALLOC_MEMORY: pai = (void *)data; if (pai->alloc_nr >= CUSE_ALLOC_UNIT_MAX) { error = ENOMEM; break; } if (pai->page_count >= CUSE_ALLOC_PAGES_MAX) { error = ENOMEM; break; } error = cuse_server_alloc_memory(pcs, pai->alloc_nr, pai->page_count); break; case CUSE_IOCTL_FREE_MEMORY: pai = (void *)data; if (pai->alloc_nr >= CUSE_ALLOC_UNIT_MAX) { error = ENOMEM; break; } error = cuse_server_free_memory(pcs, pai->alloc_nr); break; case CUSE_IOCTL_GET_SIG: cuse_lock(); pccmd = cuse_server_find_command(pcs, curthread); if (pccmd != NULL) { n = pccmd->got_signal; pccmd->got_signal = 0; } else { n = 0; } cuse_unlock(); *(int *)data = n; break; case CUSE_IOCTL_SET_PFH: cuse_lock(); pccmd = cuse_server_find_command(pcs, curthread); if (pccmd != NULL) { pcc = pccmd->client; for (n = 0; n != CUSE_CMD_MAX; n++) { pcc->cmds[n].sub.per_file_handle = *(uintptr_t *)data; } } else { error = ENXIO; } cuse_unlock(); break; case CUSE_IOCTL_CREATE_DEV: error = priv_check(curthread, PRIV_DRIVER); if (error) break; pcd = (void *)data; /* filter input */ pcd->devname[sizeof(pcd->devname) - 1] = 0; if (pcd->devname[0] == 0) { error = EINVAL; break; } cuse_str_filter(pcd->devname); pcd->permissions &= 0777; /* try to allocate a character device */ pcsd = malloc(sizeof(*pcsd), M_CUSE, M_WAITOK | M_ZERO); if (pcsd == NULL) { error = ENOMEM; break; } pcsd->server = pcs; pcsd->user_dev = pcd->dev; pcsd->kern_dev = make_dev_credf(MAKEDEV_CHECKNAME, &cuse_client_devsw, 0, NULL, pcd->user_id, pcd->group_id, pcd->permissions, "%s", pcd->devname); if (pcsd->kern_dev == NULL) { free(pcsd, M_CUSE); error = ENOMEM; break; } pcsd->kern_dev->si_drv1 = pcsd; cuse_lock(); TAILQ_INSERT_TAIL(&pcs->hdev, pcsd, entry); cuse_unlock(); break; case CUSE_IOCTL_DESTROY_DEV: error = priv_check(curthread, PRIV_DRIVER); if (error) break; cuse_lock(); error = EINVAL; pcsd = TAILQ_FIRST(&pcs->hdev); while (pcsd != NULL) { if (pcsd->user_dev == *(struct cuse_dev **)data) { TAILQ_REMOVE(&pcs->hdev, pcsd, entry); cuse_unlock(); cuse_server_free_dev(pcsd); cuse_lock(); error = 0; pcsd = TAILQ_FIRST(&pcs->hdev); } else { pcsd = TAILQ_NEXT(pcsd, entry); } } cuse_unlock(); break; case CUSE_IOCTL_WRITE_DATA: case CUSE_IOCTL_READ_DATA: cuse_lock(); pchk = (struct cuse_data_chunk *)data; pccmd = cuse_server_find_command(pcs, curthread); if (pccmd == NULL) { error = ENXIO; /* invalid request */ } else if (pchk->peer_ptr < CUSE_BUF_MIN_PTR) { error = EFAULT; /* NULL pointer */ } else if (pchk->peer_ptr < CUSE_BUF_MAX_PTR) { error = cuse_server_ioctl_copy_locked(pccmd, pchk, cmd == CUSE_IOCTL_READ_DATA); } else { error = cuse_server_data_copy_locked(pccmd, pchk, cmd == CUSE_IOCTL_READ_DATA); } cuse_unlock(); break; case CUSE_IOCTL_SELWAKEUP: cuse_lock(); /* * We don't know which direction caused the event. * Wakeup both! */ cuse_server_wakeup_all_client_locked(pcs); cuse_unlock(); break; default: error = ENXIO; break; } return (error); } static int cuse_server_poll(struct cdev *dev, int events, struct thread *td) { return (events & (POLLHUP | POLLPRI | POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM)); } static int cuse_server_mmap_single(struct cdev *dev, vm_ooffset_t *offset, vm_size_t size, struct vm_object **object, int nprot) { uint32_t page_nr = *offset / PAGE_SIZE; uint32_t alloc_nr = page_nr / CUSE_ALLOC_PAGES_MAX; struct cuse_memory *mem; struct cuse_server *pcs; int error; error = cuse_server_get(&pcs); if (error != 0) return (error); cuse_lock(); /* lookup memory structure */ TAILQ_FOREACH(mem, &pcs->hmem, entry) { if (mem->alloc_nr == alloc_nr) break; } if (mem == NULL) { cuse_unlock(); return (ENOMEM); } /* verify page offset */ page_nr %= CUSE_ALLOC_PAGES_MAX; if (page_nr >= mem->page_count) { cuse_unlock(); return (ENXIO); } /* verify mmap size */ if ((size % PAGE_SIZE) != 0 || (size < PAGE_SIZE) || (size > ((mem->page_count - page_nr) * PAGE_SIZE))) { cuse_unlock(); return (EINVAL); } vm_object_reference(mem->object); *object = mem->object; cuse_unlock(); /* set new VM object offset to use */ *offset = page_nr * PAGE_SIZE; /* success */ return (0); } /*------------------------------------------------------------------------* * CUSE CLIENT PART *------------------------------------------------------------------------*/ static void cuse_client_free(void *arg) { struct cuse_client *pcc = arg; struct cuse_client_command *pccmd; struct cuse_server *pcs; int n; cuse_lock(); cuse_client_is_closing(pcc); TAILQ_REMOVE(&pcc->server->hcli, pcc, entry); cuse_unlock(); for (n = 0; n != CUSE_CMD_MAX; n++) { pccmd = &pcc->cmds[n]; sx_destroy(&pccmd->sx); cv_destroy(&pccmd->cv); } pcs = pcc->server; free(pcc, M_CUSE); /* drop reference on server */ cuse_server_unref(pcs); } static int cuse_client_open(struct cdev *dev, int fflags, int devtype, struct thread *td) { struct cuse_client_command *pccmd; struct cuse_server_dev *pcsd; struct cuse_client *pcc; struct cuse_server *pcs; struct cuse_dev *pcd; int error; int n; cuse_lock(); pcsd = dev->si_drv1; if (pcsd != NULL) { pcs = pcsd->server; pcd = pcsd->user_dev; /* * Check that the refcount didn't wrap and that the * same process is not both client and server. This * can easily lead to deadlocks when destroying the * CUSE character device nodes: */ pcs->refs++; if (pcs->refs < 0 || pcs->pid == curproc->p_pid) { /* overflow or wrong PID */ pcs->refs--; pcsd = NULL; } } else { pcs = NULL; pcd = NULL; } cuse_unlock(); if (pcsd == NULL) return (EINVAL); pcc = malloc(sizeof(*pcc), M_CUSE, M_WAITOK | M_ZERO); if (pcc == NULL) { /* drop reference on server */ cuse_server_unref(pcs); return (ENOMEM); } if (devfs_set_cdevpriv(pcc, &cuse_client_free)) { printf("Cuse: Cannot set cdevpriv.\n"); /* drop reference on server */ cuse_server_unref(pcs); free(pcc, M_CUSE); return (ENOMEM); } pcc->fflags = fflags; pcc->server_dev = pcsd; pcc->server = pcs; for (n = 0; n != CUSE_CMD_MAX; n++) { pccmd = &pcc->cmds[n]; pccmd->sub.dev = pcd; pccmd->sub.command = n; pccmd->client = pcc; sx_init(&pccmd->sx, "cuse-client-sx"); cv_init(&pccmd->cv, "cuse-client-cv"); } cuse_lock(); /* cuse_client_free() assumes that the client is listed somewhere! */ /* always enqueue */ TAILQ_INSERT_TAIL(&pcs->hcli, pcc, entry); /* check if server is closing */ if ((pcs->is_closing != 0) || (dev->si_drv1 == NULL)) { error = EINVAL; } else { error = 0; } cuse_unlock(); if (error) { devfs_clear_cdevpriv(); /* XXX bugfix */ return (error); } pccmd = &pcc->cmds[CUSE_CMD_OPEN]; cuse_cmd_lock(pccmd); cuse_lock(); cuse_client_send_command_locked(pccmd, 0, 0, pcc->fflags, 0); error = cuse_client_receive_command_locked(pccmd, 0, 0); cuse_unlock(); if (error < 0) { error = cuse_convert_error(error); } else { error = 0; } cuse_cmd_unlock(pccmd); if (error) devfs_clear_cdevpriv(); /* XXX bugfix */ return (error); } static int cuse_client_close(struct cdev *dev, int fflag, int devtype, struct thread *td) { struct cuse_client_command *pccmd; struct cuse_client *pcc; int error; error = cuse_client_get(&pcc); if (error != 0) return (0); pccmd = &pcc->cmds[CUSE_CMD_CLOSE]; cuse_cmd_lock(pccmd); cuse_lock(); cuse_client_send_command_locked(pccmd, 0, 0, pcc->fflags, 0); error = cuse_client_receive_command_locked(pccmd, 0, 0); cuse_unlock(); cuse_cmd_unlock(pccmd); cuse_lock(); cuse_client_is_closing(pcc); cuse_unlock(); return (0); } static void cuse_client_kqfilter_poll(struct cdev *dev, struct cuse_client *pcc) { int temp; cuse_lock(); temp = (pcc->cflags & (CUSE_CLI_KNOTE_HAS_READ | CUSE_CLI_KNOTE_HAS_WRITE)); pcc->cflags &= ~(CUSE_CLI_KNOTE_NEED_READ | CUSE_CLI_KNOTE_NEED_WRITE); cuse_unlock(); if (temp != 0) { /* get the latest polling state from the server */ temp = cuse_client_poll(dev, POLLIN | POLLOUT, NULL); if (temp & (POLLIN | POLLOUT)) { cuse_lock(); if (temp & POLLIN) pcc->cflags |= CUSE_CLI_KNOTE_NEED_READ; if (temp & POLLOUT) pcc->cflags |= CUSE_CLI_KNOTE_NEED_WRITE; /* make sure the "knote" gets woken up */ cuse_server_wakeup_locked(pcc->server); cuse_unlock(); } } } static int cuse_client_read(struct cdev *dev, struct uio *uio, int ioflag) { struct cuse_client_command *pccmd; struct cuse_client *pcc; int error; int len; error = cuse_client_get(&pcc); if (error != 0) return (error); pccmd = &pcc->cmds[CUSE_CMD_READ]; if (uio->uio_segflg != UIO_USERSPACE) { return (EINVAL); } uio->uio_segflg = UIO_NOCOPY; cuse_cmd_lock(pccmd); while (uio->uio_resid != 0) { if (uio->uio_iov->iov_len > CUSE_LENGTH_MAX) { error = ENOMEM; break; } len = uio->uio_iov->iov_len; cuse_lock(); cuse_client_send_command_locked(pccmd, (uintptr_t)uio->uio_iov->iov_base, (unsigned long)(unsigned int)len, pcc->fflags, ioflag); error = cuse_client_receive_command_locked(pccmd, 0, 0); cuse_unlock(); if (error < 0) { error = cuse_convert_error(error); break; } else if (error == len) { error = uiomove(NULL, error, uio); if (error) break; } else { error = uiomove(NULL, error, uio); break; } } cuse_cmd_unlock(pccmd); uio->uio_segflg = UIO_USERSPACE;/* restore segment flag */ if (error == EWOULDBLOCK) cuse_client_kqfilter_poll(dev, pcc); return (error); } static int cuse_client_write(struct cdev *dev, struct uio *uio, int ioflag) { struct cuse_client_command *pccmd; struct cuse_client *pcc; int error; int len; error = cuse_client_get(&pcc); if (error != 0) return (error); pccmd = &pcc->cmds[CUSE_CMD_WRITE]; if (uio->uio_segflg != UIO_USERSPACE) { return (EINVAL); } uio->uio_segflg = UIO_NOCOPY; cuse_cmd_lock(pccmd); while (uio->uio_resid != 0) { if (uio->uio_iov->iov_len > CUSE_LENGTH_MAX) { error = ENOMEM; break; } len = uio->uio_iov->iov_len; cuse_lock(); cuse_client_send_command_locked(pccmd, (uintptr_t)uio->uio_iov->iov_base, (unsigned long)(unsigned int)len, pcc->fflags, ioflag); error = cuse_client_receive_command_locked(pccmd, 0, 0); cuse_unlock(); if (error < 0) { error = cuse_convert_error(error); break; } else if (error == len) { error = uiomove(NULL, error, uio); if (error) break; } else { error = uiomove(NULL, error, uio); break; } } cuse_cmd_unlock(pccmd); uio->uio_segflg = UIO_USERSPACE;/* restore segment flag */ if (error == EWOULDBLOCK) cuse_client_kqfilter_poll(dev, pcc); return (error); } int cuse_client_ioctl(struct cdev *dev, unsigned long cmd, caddr_t data, int fflag, struct thread *td) { struct cuse_client_command *pccmd; struct cuse_client *pcc; int error; int len; error = cuse_client_get(&pcc); if (error != 0) return (error); len = IOCPARM_LEN(cmd); if (len > CUSE_BUFFER_MAX) return (ENOMEM); pccmd = &pcc->cmds[CUSE_CMD_IOCTL]; cuse_cmd_lock(pccmd); if (cmd & (IOC_IN | IOC_VOID)) memcpy(pcc->ioctl_buffer, data, len); /* * When the ioctl-length is zero drivers can pass information * through the data pointer of the ioctl. Make sure this information * is forwarded to the driver. */ cuse_lock(); cuse_client_send_command_locked(pccmd, (len == 0) ? *(long *)data : CUSE_BUF_MIN_PTR, (unsigned long)cmd, pcc->fflags, (fflag & O_NONBLOCK) ? IO_NDELAY : 0); error = cuse_client_receive_command_locked(pccmd, data, len); cuse_unlock(); if (error < 0) { error = cuse_convert_error(error); } else { error = 0; } if (cmd & IOC_OUT) memcpy(data, pcc->ioctl_buffer, len); cuse_cmd_unlock(pccmd); if (error == EWOULDBLOCK) cuse_client_kqfilter_poll(dev, pcc); return (error); } static int cuse_client_poll(struct cdev *dev, int events, struct thread *td) { struct cuse_client_command *pccmd; struct cuse_client *pcc; unsigned long temp; int error; int revents; error = cuse_client_get(&pcc); if (error != 0) goto pollnval; temp = 0; if (events & (POLLPRI | POLLIN | POLLRDNORM)) temp |= CUSE_POLL_READ; if (events & (POLLOUT | POLLWRNORM)) temp |= CUSE_POLL_WRITE; if (events & POLLHUP) temp |= CUSE_POLL_ERROR; pccmd = &pcc->cmds[CUSE_CMD_POLL]; cuse_cmd_lock(pccmd); /* Need to selrecord() first to not loose any events. */ if (temp != 0 && td != NULL) selrecord(td, &pcc->server->selinfo); cuse_lock(); cuse_client_send_command_locked(pccmd, 0, temp, pcc->fflags, IO_NDELAY); error = cuse_client_receive_command_locked(pccmd, 0, 0); cuse_unlock(); cuse_cmd_unlock(pccmd); if (error < 0) { goto pollnval; } else { revents = 0; if (error & CUSE_POLL_READ) revents |= (events & (POLLPRI | POLLIN | POLLRDNORM)); if (error & CUSE_POLL_WRITE) revents |= (events & (POLLOUT | POLLWRNORM)); if (error & CUSE_POLL_ERROR) revents |= (events & POLLHUP); } return (revents); pollnval: /* XXX many clients don't understand POLLNVAL */ return (events & (POLLHUP | POLLPRI | POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM)); } static int cuse_client_mmap_single(struct cdev *dev, vm_ooffset_t *offset, vm_size_t size, struct vm_object **object, int nprot) { uint32_t page_nr = *offset / PAGE_SIZE; uint32_t alloc_nr = page_nr / CUSE_ALLOC_PAGES_MAX; struct cuse_memory *mem; struct cuse_client *pcc; int error; error = cuse_client_get(&pcc); if (error != 0) return (error); cuse_lock(); /* lookup memory structure */ TAILQ_FOREACH(mem, &pcc->server->hmem, entry) { if (mem->alloc_nr == alloc_nr) break; } if (mem == NULL) { cuse_unlock(); return (ENOMEM); } /* verify page offset */ page_nr %= CUSE_ALLOC_PAGES_MAX; if (page_nr >= mem->page_count) { cuse_unlock(); return (ENXIO); } /* verify mmap size */ if ((size % PAGE_SIZE) != 0 || (size < PAGE_SIZE) || (size > ((mem->page_count - page_nr) * PAGE_SIZE))) { cuse_unlock(); return (EINVAL); } vm_object_reference(mem->object); *object = mem->object; cuse_unlock(); /* set new VM object offset to use */ *offset = page_nr * PAGE_SIZE; /* success */ return (0); } static void cuse_client_kqfilter_read_detach(struct knote *kn) { struct cuse_client *pcc; cuse_lock(); pcc = kn->kn_hook; knlist_remove(&pcc->server->selinfo.si_note, kn, 1); cuse_unlock(); } static void cuse_client_kqfilter_write_detach(struct knote *kn) { struct cuse_client *pcc; cuse_lock(); pcc = kn->kn_hook; knlist_remove(&pcc->server->selinfo.si_note, kn, 1); cuse_unlock(); } static int cuse_client_kqfilter_read_event(struct knote *kn, long hint) { struct cuse_client *pcc; mtx_assert(&cuse_mtx, MA_OWNED); pcc = kn->kn_hook; return ((pcc->cflags & CUSE_CLI_KNOTE_NEED_READ) ? 1 : 0); } static int cuse_client_kqfilter_write_event(struct knote *kn, long hint) { struct cuse_client *pcc; mtx_assert(&cuse_mtx, MA_OWNED); pcc = kn->kn_hook; return ((pcc->cflags & CUSE_CLI_KNOTE_NEED_WRITE) ? 1 : 0); } static int cuse_client_kqfilter(struct cdev *dev, struct knote *kn) { struct cuse_client *pcc; struct cuse_server *pcs; int error; error = cuse_client_get(&pcc); if (error != 0) return (error); cuse_lock(); pcs = pcc->server; switch (kn->kn_filter) { case EVFILT_READ: pcc->cflags |= CUSE_CLI_KNOTE_HAS_READ; kn->kn_hook = pcc; kn->kn_fop = &cuse_client_kqfilter_read_ops; knlist_add(&pcs->selinfo.si_note, kn, 1); break; case EVFILT_WRITE: pcc->cflags |= CUSE_CLI_KNOTE_HAS_WRITE; kn->kn_hook = pcc; kn->kn_fop = &cuse_client_kqfilter_write_ops; knlist_add(&pcs->selinfo.si_note, kn, 1); break; default: error = EINVAL; break; } cuse_unlock(); if (error == 0) cuse_client_kqfilter_poll(dev, pcc); return (error); } Index: head/sys/fs/cuse/cuse_defs.h =================================================================== --- head/sys/fs/cuse/cuse_defs.h (revision 346355) +++ head/sys/fs/cuse/cuse_defs.h (revision 346356) @@ -1,87 +1,88 @@ /* $FreeBSD$ */ /*- * Copyright (c) 2010-2012 Hans Petter Selasky. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef _CUSE_DEFS_H_ #define _CUSE_DEFS_H_ -#define CUSE_VERSION 0x000123 +#define CUSE_VERSION 0x000124 #define CUSE_ERR_NONE 0 #define CUSE_ERR_BUSY -1 #define CUSE_ERR_WOULDBLOCK -2 #define CUSE_ERR_INVALID -3 #define CUSE_ERR_NO_MEMORY -4 #define CUSE_ERR_FAULT -5 #define CUSE_ERR_SIGNAL -6 #define CUSE_ERR_OTHER -7 #define CUSE_ERR_NOT_LOADED -8 #define CUSE_ERR_NO_DEVICE -9 #define CUSE_POLL_NONE 0 #define CUSE_POLL_READ 1 #define CUSE_POLL_WRITE 2 #define CUSE_POLL_ERROR 4 #define CUSE_FFLAG_NONE 0 #define CUSE_FFLAG_READ 1 #define CUSE_FFLAG_WRITE 2 #define CUSE_FFLAG_NONBLOCK 4 +#define CUSE_FFLAG_COMPAT32 8 /* peer is running in 32-bit compat mode */ #define CUSE_DBG_NONE 0 #define CUSE_DBG_FULL 1 /* maximum data transfer length */ #define CUSE_LENGTH_MAX 0x7FFFFFFFU enum { CUSE_CMD_NONE, CUSE_CMD_OPEN, CUSE_CMD_CLOSE, CUSE_CMD_READ, CUSE_CMD_WRITE, CUSE_CMD_IOCTL, CUSE_CMD_POLL, CUSE_CMD_SIGNAL, CUSE_CMD_SYNC, CUSE_CMD_MAX, }; #define CUSE_MAKE_ID(a,b,c,u) ((((a) & 0x7F) << 24)| \ (((b) & 0xFF) << 16)|(((c) & 0xFF) << 8)|((u) & 0xFF)) #define CUSE_ID_MASK 0x7FFFFF00U /* * The following ID's are defined: * =============================== */ #define CUSE_ID_DEFAULT(what) CUSE_MAKE_ID(0,0,what,0) #define CUSE_ID_WEBCAMD(what) CUSE_MAKE_ID('W','C',what,0) /* Used by Webcamd. */ #define CUSE_ID_SUNDTEK(what) CUSE_MAKE_ID('S','K',what,0) /* Used by Sundtek. */ #define CUSE_ID_CX88(what) CUSE_MAKE_ID('C','X',what,0) /* Used by cx88 driver. */ #define CUSE_ID_UHIDD(what) CUSE_MAKE_ID('U','D',what,0) /* Used by uhidd. */ #endif /* _CUSE_DEFS_H_ */