1 // SPDX-License-Identifier: GPL-2.0-only
3 * "splice": joining two ropes together by interweaving their strands.
5 * This is the "extended pipe" functionality, where a pipe is used as
6 * an arbitrary in-memory buffer. Think of a pipe as a small kernel
7 * buffer that you can use to transfer data from one end to the other.
9 * The traditional unix read/write is extended with a "splice()" operation
10 * that transfers data buffers to or from a pipe buffer.
12 * Named by Larry McVoy, original implementation from Linus, extended by
13 * Jens to support splicing to files, network, direct splicing, etc and
14 * fixing lots of bugs.
16 * Copyright (C) 2005-2006 Jens Axboe <axboe@kernel.dk>
17 * Copyright (C) 2005-2006 Linus Torvalds <torvalds@osdl.org>
18 * Copyright (C) 2006 Ingo Molnar <mingo@elte.hu>
21 #include <linux/bvec.h>
23 #include <linux/file.h>
24 #include <linux/pagemap.h>
25 #include <linux/splice.h>
26 #include <linux/memcontrol.h>
27 #include <linux/mm_inline.h>
28 #include <linux/swap.h>
29 #include <linux/writeback.h>
30 #include <linux/export.h>
31 #include <linux/syscalls.h>
32 #include <linux/uio.h>
33 #include <linux/fsnotify.h>
34 #include <linux/security.h>
35 #include <linux/gfp.h>
36 #include <linux/net.h>
37 #include <linux/socket.h>
38 #include <linux/sched/signal.h>
43 * Splice doesn't support FMODE_NOWAIT. Since pipes may set this flag to
44 * indicate they support non-blocking reads or writes, we must clear it
45 * here if set to avoid blocking other users of this pipe if splice is
48 static noinline
void noinline
pipe_clear_nowait(struct file
*file
)
50 fmode_t fmode
= READ_ONCE(file
->f_mode
);
53 if (!(fmode
& FMODE_NOWAIT
))
55 } while (!try_cmpxchg(&file
->f_mode
, &fmode
, fmode
& ~FMODE_NOWAIT
));
59 * Attempt to steal a page from a pipe buffer. This should perhaps go into
60 * a vm helper function, it's already simplified quite a bit by the
61 * addition of remove_mapping(). If success is returned, the caller may
62 * attempt to reuse this page for another destination.
64 static bool page_cache_pipe_buf_try_steal(struct pipe_inode_info
*pipe
,
65 struct pipe_buffer
*buf
)
67 struct folio
*folio
= page_folio(buf
->page
);
68 struct address_space
*mapping
;
72 mapping
= folio_mapping(folio
);
74 WARN_ON(!folio_test_uptodate(folio
));
77 * At least for ext2 with nobh option, we need to wait on
78 * writeback completing on this folio, since we'll remove it
79 * from the pagecache. Otherwise truncate wont wait on the
80 * folio, allowing the disk blocks to be reused by someone else
81 * before we actually wrote our data to them. fs corruption
84 folio_wait_writeback(folio
);
86 if (!filemap_release_folio(folio
, GFP_KERNEL
))
90 * If we succeeded in removing the mapping, set LRU flag
93 if (remove_mapping(mapping
, folio
)) {
94 buf
->flags
|= PIPE_BUF_FLAG_LRU
;
100 * Raced with truncate or failed to remove folio from current
101 * address space, unlock and return failure.
108 static void page_cache_pipe_buf_release(struct pipe_inode_info
*pipe
,
109 struct pipe_buffer
*buf
)
112 buf
->flags
&= ~PIPE_BUF_FLAG_LRU
;
116 * Check whether the contents of buf is OK to access. Since the content
117 * is a page cache page, IO may be in flight.
119 static int page_cache_pipe_buf_confirm(struct pipe_inode_info
*pipe
,
120 struct pipe_buffer
*buf
)
122 struct folio
*folio
= page_folio(buf
->page
);
125 if (!folio_test_uptodate(folio
)) {
129 * Folio got truncated/unhashed. This will cause a 0-byte
130 * splice, if this is the first page.
132 if (!folio
->mapping
) {
138 * Uh oh, read-error from disk.
140 if (!folio_test_uptodate(folio
)) {
145 /* Folio is ok after all, we are done */
155 const struct pipe_buf_operations page_cache_pipe_buf_ops
= {
156 .confirm
= page_cache_pipe_buf_confirm
,
157 .release
= page_cache_pipe_buf_release
,
158 .try_steal
= page_cache_pipe_buf_try_steal
,
159 .get
= generic_pipe_buf_get
,
162 static bool user_page_pipe_buf_try_steal(struct pipe_inode_info
*pipe
,
163 struct pipe_buffer
*buf
)
165 if (!(buf
->flags
& PIPE_BUF_FLAG_GIFT
))
168 buf
->flags
|= PIPE_BUF_FLAG_LRU
;
169 return generic_pipe_buf_try_steal(pipe
, buf
);
172 static const struct pipe_buf_operations user_page_pipe_buf_ops
= {
173 .release
= page_cache_pipe_buf_release
,
174 .try_steal
= user_page_pipe_buf_try_steal
,
175 .get
= generic_pipe_buf_get
,
178 static void wakeup_pipe_readers(struct pipe_inode_info
*pipe
)
181 if (waitqueue_active(&pipe
->rd_wait
))
182 wake_up_interruptible(&pipe
->rd_wait
);
183 kill_fasync(&pipe
->fasync_readers
, SIGIO
, POLL_IN
);
187 * splice_to_pipe - fill passed data into a pipe
188 * @pipe: pipe to fill
192 * @spd contains a map of pages and len/offset tuples, along with
193 * the struct pipe_buf_operations associated with these pages. This
194 * function will link that data to the pipe.
197 ssize_t
splice_to_pipe(struct pipe_inode_info
*pipe
,
198 struct splice_pipe_desc
*spd
)
200 unsigned int spd_pages
= spd
->nr_pages
;
201 unsigned int tail
= pipe
->tail
;
202 unsigned int head
= pipe
->head
;
203 unsigned int mask
= pipe
->ring_size
- 1;
204 int ret
= 0, page_nr
= 0;
209 if (unlikely(!pipe
->readers
)) {
210 send_sig(SIGPIPE
, current
, 0);
215 while (!pipe_full(head
, tail
, pipe
->max_usage
)) {
216 struct pipe_buffer
*buf
= &pipe
->bufs
[head
& mask
];
218 buf
->page
= spd
->pages
[page_nr
];
219 buf
->offset
= spd
->partial
[page_nr
].offset
;
220 buf
->len
= spd
->partial
[page_nr
].len
;
221 buf
->private = spd
->partial
[page_nr
].private;
230 if (!--spd
->nr_pages
)
238 while (page_nr
< spd_pages
)
239 spd
->spd_release(spd
, page_nr
++);
243 EXPORT_SYMBOL_GPL(splice_to_pipe
);
245 ssize_t
add_to_pipe(struct pipe_inode_info
*pipe
, struct pipe_buffer
*buf
)
247 unsigned int head
= pipe
->head
;
248 unsigned int tail
= pipe
->tail
;
249 unsigned int mask
= pipe
->ring_size
- 1;
252 if (unlikely(!pipe
->readers
)) {
253 send_sig(SIGPIPE
, current
, 0);
255 } else if (pipe_full(head
, tail
, pipe
->max_usage
)) {
258 pipe
->bufs
[head
& mask
] = *buf
;
259 pipe
->head
= head
+ 1;
262 pipe_buf_release(pipe
, buf
);
265 EXPORT_SYMBOL(add_to_pipe
);
268 * Check if we need to grow the arrays holding pages and partial page
271 int splice_grow_spd(const struct pipe_inode_info
*pipe
, struct splice_pipe_desc
*spd
)
273 unsigned int max_usage
= READ_ONCE(pipe
->max_usage
);
275 spd
->nr_pages_max
= max_usage
;
276 if (max_usage
<= PIPE_DEF_BUFFERS
)
279 spd
->pages
= kmalloc_array(max_usage
, sizeof(struct page
*), GFP_KERNEL
);
280 spd
->partial
= kmalloc_array(max_usage
, sizeof(struct partial_page
),
283 if (spd
->pages
&& spd
->partial
)
291 void splice_shrink_spd(struct splice_pipe_desc
*spd
)
293 if (spd
->nr_pages_max
<= PIPE_DEF_BUFFERS
)
301 * copy_splice_read - Copy data from a file and splice the copy into a pipe
302 * @in: The file to read from
303 * @ppos: Pointer to the file position to read from
304 * @pipe: The pipe to splice into
305 * @len: The amount to splice
306 * @flags: The SPLICE_F_* flags
308 * This function allocates a bunch of pages sufficient to hold the requested
309 * amount of data (but limited by the remaining pipe capacity), passes it to
310 * the file's ->read_iter() to read into and then splices the used pages into
313 * Return: On success, the number of bytes read will be returned and *@ppos
314 * will be updated if appropriate; 0 will be returned if there is no more data
315 * to be read; -EAGAIN will be returned if the pipe had no space, and some
316 * other negative error code will be returned on error. A short read may occur
317 * if the pipe has insufficient space, we reach the end of the data or we hit a
320 ssize_t
copy_splice_read(struct file
*in
, loff_t
*ppos
,
321 struct pipe_inode_info
*pipe
,
322 size_t len
, unsigned int flags
)
329 size_t used
, npages
, chunk
, remain
, keep
= 0;
332 /* Work out how much data we can actually add into the pipe */
333 used
= pipe_occupancy(pipe
->head
, pipe
->tail
);
334 npages
= max_t(ssize_t
, pipe
->max_usage
- used
, 0);
335 len
= min_t(size_t, len
, npages
* PAGE_SIZE
);
336 npages
= DIV_ROUND_UP(len
, PAGE_SIZE
);
338 bv
= kzalloc(array_size(npages
, sizeof(bv
[0])) +
339 array_size(npages
, sizeof(struct page
*)), GFP_KERNEL
);
343 pages
= (struct page
**)(bv
+ npages
);
344 npages
= alloc_pages_bulk_array(GFP_USER
, npages
, pages
);
350 remain
= len
= min_t(size_t, len
, npages
* PAGE_SIZE
);
352 for (i
= 0; i
< npages
; i
++) {
353 chunk
= min_t(size_t, PAGE_SIZE
, remain
);
354 bv
[i
].bv_page
= pages
[i
];
356 bv
[i
].bv_len
= chunk
;
361 iov_iter_bvec(&to
, ITER_DEST
, bv
, npages
, len
);
362 init_sync_kiocb(&kiocb
, in
);
363 kiocb
.ki_pos
= *ppos
;
364 ret
= call_read_iter(in
, &kiocb
, &to
);
367 keep
= DIV_ROUND_UP(ret
, PAGE_SIZE
);
368 *ppos
= kiocb
.ki_pos
;
372 * Callers of ->splice_read() expect -EAGAIN on "can't put anything in
373 * there", rather than -EFAULT.
378 /* Free any pages that didn't get touched at all. */
380 release_pages(pages
+ keep
, npages
- keep
);
382 /* Push the remaining pages into the pipe. */
384 for (i
= 0; i
< keep
; i
++) {
385 struct pipe_buffer
*buf
= pipe_head_buf(pipe
);
387 chunk
= min_t(size_t, remain
, PAGE_SIZE
);
388 *buf
= (struct pipe_buffer
) {
389 .ops
= &default_pipe_buf_ops
,
390 .page
= bv
[i
].bv_page
,
401 EXPORT_SYMBOL(copy_splice_read
);
403 const struct pipe_buf_operations default_pipe_buf_ops
= {
404 .release
= generic_pipe_buf_release
,
405 .try_steal
= generic_pipe_buf_try_steal
,
406 .get
= generic_pipe_buf_get
,
409 /* Pipe buffer operations for a socket and similar. */
410 const struct pipe_buf_operations nosteal_pipe_buf_ops
= {
411 .release
= generic_pipe_buf_release
,
412 .get
= generic_pipe_buf_get
,
414 EXPORT_SYMBOL(nosteal_pipe_buf_ops
);
416 static void wakeup_pipe_writers(struct pipe_inode_info
*pipe
)
419 if (waitqueue_active(&pipe
->wr_wait
))
420 wake_up_interruptible(&pipe
->wr_wait
);
421 kill_fasync(&pipe
->fasync_writers
, SIGIO
, POLL_OUT
);
425 * splice_from_pipe_feed - feed available data from a pipe to a file
426 * @pipe: pipe to splice from
427 * @sd: information to @actor
428 * @actor: handler that splices the data
431 * This function loops over the pipe and calls @actor to do the
432 * actual moving of a single struct pipe_buffer to the desired
433 * destination. It returns when there's no more buffers left in
434 * the pipe or if the requested number of bytes (@sd->total_len)
435 * have been copied. It returns a positive number (one) if the
436 * pipe needs to be filled with more data, zero if the required
437 * number of bytes have been copied and -errno on error.
439 * This, together with splice_from_pipe_{begin,end,next}, may be
440 * used to implement the functionality of __splice_from_pipe() when
441 * locking is required around copying the pipe buffers to the
444 static int splice_from_pipe_feed(struct pipe_inode_info
*pipe
, struct splice_desc
*sd
,
447 unsigned int head
= pipe
->head
;
448 unsigned int tail
= pipe
->tail
;
449 unsigned int mask
= pipe
->ring_size
- 1;
452 while (!pipe_empty(head
, tail
)) {
453 struct pipe_buffer
*buf
= &pipe
->bufs
[tail
& mask
];
456 if (sd
->len
> sd
->total_len
)
457 sd
->len
= sd
->total_len
;
459 ret
= pipe_buf_confirm(pipe
, buf
);
466 ret
= actor(pipe
, buf
, sd
);
473 sd
->num_spliced
+= ret
;
476 sd
->total_len
-= ret
;
479 pipe_buf_release(pipe
, buf
);
483 sd
->need_wakeup
= true;
493 /* We know we have a pipe buffer, but maybe it's empty? */
494 static inline bool eat_empty_buffer(struct pipe_inode_info
*pipe
)
496 unsigned int tail
= pipe
->tail
;
497 unsigned int mask
= pipe
->ring_size
- 1;
498 struct pipe_buffer
*buf
= &pipe
->bufs
[tail
& mask
];
500 if (unlikely(!buf
->len
)) {
501 pipe_buf_release(pipe
, buf
);
510 * splice_from_pipe_next - wait for some data to splice from
511 * @pipe: pipe to splice from
512 * @sd: information about the splice operation
515 * This function will wait for some data and return a positive
516 * value (one) if pipe buffers are available. It will return zero
517 * or -errno if no more data needs to be spliced.
519 static int splice_from_pipe_next(struct pipe_inode_info
*pipe
, struct splice_desc
*sd
)
522 * Check for signal early to make process killable when there are
523 * always buffers available
525 if (signal_pending(current
))
529 while (pipe_empty(pipe
->head
, pipe
->tail
)) {
536 if (sd
->flags
& SPLICE_F_NONBLOCK
)
539 if (signal_pending(current
))
542 if (sd
->need_wakeup
) {
543 wakeup_pipe_writers(pipe
);
544 sd
->need_wakeup
= false;
547 pipe_wait_readable(pipe
);
550 if (eat_empty_buffer(pipe
))
557 * splice_from_pipe_begin - start splicing from pipe
558 * @sd: information about the splice operation
561 * This function should be called before a loop containing
562 * splice_from_pipe_next() and splice_from_pipe_feed() to
563 * initialize the necessary fields of @sd.
565 static void splice_from_pipe_begin(struct splice_desc
*sd
)
568 sd
->need_wakeup
= false;
572 * splice_from_pipe_end - finish splicing from pipe
573 * @pipe: pipe to splice from
574 * @sd: information about the splice operation
577 * This function will wake up pipe writers if necessary. It should
578 * be called after a loop containing splice_from_pipe_next() and
579 * splice_from_pipe_feed().
581 static void splice_from_pipe_end(struct pipe_inode_info
*pipe
, struct splice_desc
*sd
)
584 wakeup_pipe_writers(pipe
);
588 * __splice_from_pipe - splice data from a pipe to given actor
589 * @pipe: pipe to splice from
590 * @sd: information to @actor
591 * @actor: handler that splices the data
594 * This function does little more than loop over the pipe and call
595 * @actor to do the actual moving of a single struct pipe_buffer to
596 * the desired destination. See pipe_to_file, pipe_to_sendmsg, or
600 ssize_t
__splice_from_pipe(struct pipe_inode_info
*pipe
, struct splice_desc
*sd
,
605 splice_from_pipe_begin(sd
);
608 ret
= splice_from_pipe_next(pipe
, sd
);
610 ret
= splice_from_pipe_feed(pipe
, sd
, actor
);
612 splice_from_pipe_end(pipe
, sd
);
614 return sd
->num_spliced
? sd
->num_spliced
: ret
;
616 EXPORT_SYMBOL(__splice_from_pipe
);
619 * splice_from_pipe - splice data from a pipe to a file
620 * @pipe: pipe to splice from
621 * @out: file to splice to
622 * @ppos: position in @out
623 * @len: how many bytes to splice
624 * @flags: splice modifier flags
625 * @actor: handler that splices the data
628 * See __splice_from_pipe. This function locks the pipe inode,
629 * otherwise it's identical to __splice_from_pipe().
632 ssize_t
splice_from_pipe(struct pipe_inode_info
*pipe
, struct file
*out
,
633 loff_t
*ppos
, size_t len
, unsigned int flags
,
637 struct splice_desc sd
= {
645 ret
= __splice_from_pipe(pipe
, &sd
, actor
);
652 * iter_file_splice_write - splice data from a pipe to a file
654 * @out: file to write to
655 * @ppos: position in @out
656 * @len: number of bytes to splice
657 * @flags: splice modifier flags
660 * Will either move or copy pages (determined by @flags options) from
661 * the given pipe inode to the given file.
662 * This one is ->write_iter-based.
666 iter_file_splice_write(struct pipe_inode_info
*pipe
, struct file
*out
,
667 loff_t
*ppos
, size_t len
, unsigned int flags
)
669 struct splice_desc sd
= {
675 int nbufs
= pipe
->max_usage
;
676 struct bio_vec
*array
;
679 if (!out
->f_op
->write_iter
)
682 array
= kcalloc(nbufs
, sizeof(struct bio_vec
), GFP_KERNEL
);
683 if (unlikely(!array
))
688 splice_from_pipe_begin(&sd
);
689 while (sd
.total_len
) {
691 struct iov_iter from
;
692 unsigned int head
, tail
, mask
;
696 ret
= splice_from_pipe_next(pipe
, &sd
);
700 if (unlikely(nbufs
< pipe
->max_usage
)) {
702 nbufs
= pipe
->max_usage
;
703 array
= kcalloc(nbufs
, sizeof(struct bio_vec
),
713 mask
= pipe
->ring_size
- 1;
715 /* build the vector */
717 for (n
= 0; !pipe_empty(head
, tail
) && left
&& n
< nbufs
; tail
++) {
718 struct pipe_buffer
*buf
= &pipe
->bufs
[tail
& mask
];
719 size_t this_len
= buf
->len
;
721 /* zero-length bvecs are not supported, skip them */
724 this_len
= min(this_len
, left
);
726 ret
= pipe_buf_confirm(pipe
, buf
);
733 bvec_set_page(&array
[n
], buf
->page
, this_len
,
739 iov_iter_bvec(&from
, ITER_SOURCE
, array
, n
, sd
.total_len
- left
);
740 init_sync_kiocb(&kiocb
, out
);
741 kiocb
.ki_pos
= sd
.pos
;
742 ret
= call_write_iter(out
, &kiocb
, &from
);
743 sd
.pos
= kiocb
.ki_pos
;
747 sd
.num_spliced
+= ret
;
751 /* dismiss the fully eaten buffers, adjust the partial one */
754 struct pipe_buffer
*buf
= &pipe
->bufs
[tail
& mask
];
755 if (ret
>= buf
->len
) {
758 pipe_buf_release(pipe
, buf
);
762 sd
.need_wakeup
= true;
772 splice_from_pipe_end(pipe
, &sd
);
777 ret
= sd
.num_spliced
;
782 EXPORT_SYMBOL(iter_file_splice_write
);
786 * splice_to_socket - splice data from a pipe to a socket
787 * @pipe: pipe to splice from
788 * @out: socket to write to
789 * @ppos: position in @out
790 * @len: number of bytes to splice
791 * @flags: splice modifier flags
794 * Will send @len bytes from the pipe to a network socket. No data copying
798 ssize_t
splice_to_socket(struct pipe_inode_info
*pipe
, struct file
*out
,
799 loff_t
*ppos
, size_t len
, unsigned int flags
)
801 struct socket
*sock
= sock_from_file(out
);
802 struct bio_vec bvec
[16];
803 struct msghdr msg
= {};
806 bool need_wakeup
= false;
811 unsigned int head
, tail
, mask
, bc
= 0;
815 * Check for signal early to make process killable when there
816 * are always buffers available
819 if (signal_pending(current
))
822 while (pipe_empty(pipe
->head
, pipe
->tail
)) {
831 if (flags
& SPLICE_F_NONBLOCK
)
835 if (signal_pending(current
))
839 wakeup_pipe_writers(pipe
);
843 pipe_wait_readable(pipe
);
848 mask
= pipe
->ring_size
- 1;
850 while (!pipe_empty(head
, tail
)) {
851 struct pipe_buffer
*buf
= &pipe
->bufs
[tail
& mask
];
859 seg
= min_t(size_t, remain
, buf
->len
);
861 ret
= pipe_buf_confirm(pipe
, buf
);
868 bvec_set_page(&bvec
[bc
++], buf
->page
, seg
, buf
->offset
);
870 if (remain
== 0 || bc
>= ARRAY_SIZE(bvec
))
878 msg
.msg_flags
= MSG_SPLICE_PAGES
;
879 if (flags
& SPLICE_F_MORE
)
880 msg
.msg_flags
|= MSG_MORE
;
881 if (remain
&& pipe_occupancy(pipe
->head
, tail
) > 0)
882 msg
.msg_flags
|= MSG_MORE
;
883 if (out
->f_flags
& O_NONBLOCK
)
884 msg
.msg_flags
|= MSG_DONTWAIT
;
886 iov_iter_bvec(&msg
.msg_iter
, ITER_SOURCE
, bvec
, bc
,
888 ret
= sock_sendmsg(sock
, &msg
);
896 struct pipe_buffer
*buf
= &pipe
->bufs
[tail
& mask
];
897 size_t seg
= min_t(size_t, ret
, buf
->len
);
904 pipe_buf_release(pipe
, buf
);
909 if (tail
!= pipe
->tail
) {
919 wakeup_pipe_writers(pipe
);
920 return spliced
?: ret
;
924 static int warn_unsupported(struct file
*file
, const char *op
)
926 pr_debug_ratelimited(
927 "splice %s not supported for file %pD4 (pid: %d comm: %.20s)\n",
928 op
, file
, current
->pid
, current
->comm
);
933 * Attempt to initiate a splice from pipe to file.
935 static long do_splice_from(struct pipe_inode_info
*pipe
, struct file
*out
,
936 loff_t
*ppos
, size_t len
, unsigned int flags
)
938 if (unlikely(!out
->f_op
->splice_write
))
939 return warn_unsupported(out
, "write");
940 return out
->f_op
->splice_write(pipe
, out
, ppos
, len
, flags
);
944 * Indicate to the caller that there was a premature EOF when reading from the
945 * source and the caller didn't indicate they would be sending more data after
948 static void do_splice_eof(struct splice_desc
*sd
)
955 * Callers already called rw_verify_area() on the entire range.
956 * No need to call it for sub ranges.
958 static long do_splice_read(struct file
*in
, loff_t
*ppos
,
959 struct pipe_inode_info
*pipe
, size_t len
,
962 unsigned int p_space
;
964 if (unlikely(!(in
->f_mode
& FMODE_READ
)))
969 /* Don't try to read more the pipe has space for. */
970 p_space
= pipe
->max_usage
- pipe_occupancy(pipe
->head
, pipe
->tail
);
971 len
= min_t(size_t, len
, p_space
<< PAGE_SHIFT
);
973 if (unlikely(len
> MAX_RW_COUNT
))
976 if (unlikely(!in
->f_op
->splice_read
))
977 return warn_unsupported(in
, "read");
979 * O_DIRECT and DAX don't deal with the pagecache, so we allocate a
980 * buffer, copy into it and splice that into the pipe.
982 if ((in
->f_flags
& O_DIRECT
) || IS_DAX(in
->f_mapping
->host
))
983 return copy_splice_read(in
, ppos
, pipe
, len
, flags
);
984 return in
->f_op
->splice_read(in
, ppos
, pipe
, len
, flags
);
988 * vfs_splice_read - Read data from a file and splice it into a pipe
989 * @in: File to splice from
990 * @ppos: Input file offset
991 * @pipe: Pipe to splice to
992 * @len: Number of bytes to splice
993 * @flags: Splice modifier flags (SPLICE_F_*)
995 * Splice the requested amount of data from the input file to the pipe. This
996 * is synchronous as the caller must hold the pipe lock across the entire
999 * If successful, it returns the amount of data spliced, 0 if it hit the EOF or
1000 * a hole and a negative error code otherwise.
1002 long vfs_splice_read(struct file
*in
, loff_t
*ppos
,
1003 struct pipe_inode_info
*pipe
, size_t len
,
1008 ret
= rw_verify_area(READ
, in
, ppos
, len
);
1009 if (unlikely(ret
< 0))
1012 return do_splice_read(in
, ppos
, pipe
, len
, flags
);
1014 EXPORT_SYMBOL_GPL(vfs_splice_read
);
1017 * splice_direct_to_actor - splices data directly between two non-pipes
1018 * @in: file to splice from
1019 * @sd: actor information on where to splice to
1020 * @actor: handles the data splicing
1023 * This is a special case helper to splice directly between two
1024 * points, without requiring an explicit pipe. Internally an allocated
1025 * pipe is cached in the process, and reused during the lifetime of
1029 ssize_t
splice_direct_to_actor(struct file
*in
, struct splice_desc
*sd
,
1030 splice_direct_actor
*actor
)
1032 struct pipe_inode_info
*pipe
;
1038 * We require the input to be seekable, as we don't want to randomly
1039 * drop data for eg socket -> socket splicing. Use the piped splicing
1042 if (unlikely(!(in
->f_mode
& FMODE_LSEEK
)))
1046 * neither in nor out is a pipe, setup an internal pipe attached to
1047 * 'out' and transfer the wanted data from 'in' to 'out' through that
1049 pipe
= current
->splice_pipe
;
1050 if (unlikely(!pipe
)) {
1051 pipe
= alloc_pipe_info();
1056 * We don't have an immediate reader, but we'll read the stuff
1057 * out of the pipe right after the splice_to_pipe(). So set
1058 * PIPE_READERS appropriately.
1062 current
->splice_pipe
= pipe
;
1069 len
= sd
->total_len
;
1071 /* Don't block on output, we have to drain the direct pipe. */
1073 sd
->flags
&= ~SPLICE_F_NONBLOCK
;
1076 * We signal MORE until we've read sufficient data to fulfill the
1077 * request and we keep signalling it if the caller set it.
1079 more
= sd
->flags
& SPLICE_F_MORE
;
1080 sd
->flags
|= SPLICE_F_MORE
;
1082 WARN_ON_ONCE(!pipe_empty(pipe
->head
, pipe
->tail
));
1086 loff_t pos
= sd
->pos
, prev_pos
= pos
;
1088 ret
= do_splice_read(in
, &pos
, pipe
, len
, flags
);
1089 if (unlikely(ret
<= 0))
1093 sd
->total_len
= read_len
;
1096 * If we now have sufficient data to fulfill the request then
1097 * we clear SPLICE_F_MORE if it was not set initially.
1099 if (read_len
>= len
&& !more
)
1100 sd
->flags
&= ~SPLICE_F_MORE
;
1103 * NOTE: nonblocking mode only applies to the input. We
1104 * must not do the output in nonblocking mode as then we
1105 * could get stuck data in the internal pipe:
1107 ret
= actor(pipe
, sd
);
1108 if (unlikely(ret
<= 0)) {
1117 if (ret
< read_len
) {
1118 sd
->pos
= prev_pos
+ ret
;
1124 pipe
->tail
= pipe
->head
= 0;
1130 * If the user did *not* set SPLICE_F_MORE *and* we didn't hit that
1131 * "use all of len" case that cleared SPLICE_F_MORE, *and* we did a
1132 * "->splice_in()" that returned EOF (ie zero) *and* we have sent at
1133 * least 1 byte *then* we will also do the ->splice_eof() call.
1135 if (ret
== 0 && !more
&& len
> 0 && bytes
)
1139 * If we did an incomplete transfer we must release
1140 * the pipe buffers in question:
1142 for (i
= 0; i
< pipe
->ring_size
; i
++) {
1143 struct pipe_buffer
*buf
= &pipe
->bufs
[i
];
1146 pipe_buf_release(pipe
, buf
);
1154 EXPORT_SYMBOL(splice_direct_to_actor
);
1156 static int direct_splice_actor(struct pipe_inode_info
*pipe
,
1157 struct splice_desc
*sd
)
1159 struct file
*file
= sd
->u
.file
;
1162 file_start_write(file
);
1163 ret
= do_splice_from(pipe
, file
, sd
->opos
, sd
->total_len
, sd
->flags
);
1164 file_end_write(file
);
1168 static int splice_file_range_actor(struct pipe_inode_info
*pipe
,
1169 struct splice_desc
*sd
)
1171 struct file
*file
= sd
->u
.file
;
1173 return do_splice_from(pipe
, file
, sd
->opos
, sd
->total_len
, sd
->flags
);
1176 static void direct_file_splice_eof(struct splice_desc
*sd
)
1178 struct file
*file
= sd
->u
.file
;
1180 if (file
->f_op
->splice_eof
)
1181 file
->f_op
->splice_eof(file
);
1184 static long do_splice_direct_actor(struct file
*in
, loff_t
*ppos
,
1185 struct file
*out
, loff_t
*opos
,
1186 size_t len
, unsigned int flags
,
1187 splice_direct_actor
*actor
)
1189 struct splice_desc sd
= {
1195 .splice_eof
= direct_file_splice_eof
,
1200 if (unlikely(!(out
->f_mode
& FMODE_WRITE
)))
1203 if (unlikely(out
->f_flags
& O_APPEND
))
1206 ret
= splice_direct_to_actor(in
, &sd
, actor
);
1213 * do_splice_direct - splices data directly between two files
1214 * @in: file to splice from
1215 * @ppos: input file offset
1216 * @out: file to splice to
1217 * @opos: output file offset
1218 * @len: number of bytes to splice
1219 * @flags: splice modifier flags
1222 * For use by do_sendfile(). splice can easily emulate sendfile, but
1223 * doing it in the application would incur an extra system call
1224 * (splice in + splice out, as compared to just sendfile()). So this helper
1225 * can splice directly through a process-private pipe.
1227 * Callers already called rw_verify_area() on the entire range.
1229 long do_splice_direct(struct file
*in
, loff_t
*ppos
, struct file
*out
,
1230 loff_t
*opos
, size_t len
, unsigned int flags
)
1232 return do_splice_direct_actor(in
, ppos
, out
, opos
, len
, flags
,
1233 direct_splice_actor
);
1235 EXPORT_SYMBOL(do_splice_direct
);
1238 * splice_file_range - splices data between two files for copy_file_range()
1239 * @in: file to splice from
1240 * @ppos: input file offset
1241 * @out: file to splice to
1242 * @opos: output file offset
1243 * @len: number of bytes to splice
1246 * For use by generic_copy_file_range() and ->copy_file_range() methods.
1247 * Like do_splice_direct(), but vfs_copy_file_range() already holds
1248 * start_file_write() on @out file.
1250 * Callers already called rw_verify_area() on the entire range.
1252 long splice_file_range(struct file
*in
, loff_t
*ppos
, struct file
*out
,
1253 loff_t
*opos
, size_t len
)
1255 lockdep_assert(file_write_started(out
));
1257 return do_splice_direct_actor(in
, ppos
, out
, opos
, len
, 0,
1258 splice_file_range_actor
);
1260 EXPORT_SYMBOL(splice_file_range
);
1262 static int wait_for_space(struct pipe_inode_info
*pipe
, unsigned flags
)
1265 if (unlikely(!pipe
->readers
)) {
1266 send_sig(SIGPIPE
, current
, 0);
1269 if (!pipe_full(pipe
->head
, pipe
->tail
, pipe
->max_usage
))
1271 if (flags
& SPLICE_F_NONBLOCK
)
1273 if (signal_pending(current
))
1274 return -ERESTARTSYS
;
1275 pipe_wait_writable(pipe
);
1279 static int splice_pipe_to_pipe(struct pipe_inode_info
*ipipe
,
1280 struct pipe_inode_info
*opipe
,
1281 size_t len
, unsigned int flags
);
1283 long splice_file_to_pipe(struct file
*in
,
1284 struct pipe_inode_info
*opipe
,
1286 size_t len
, unsigned int flags
)
1291 ret
= wait_for_space(opipe
, flags
);
1293 ret
= do_splice_read(in
, offset
, opipe
, len
, flags
);
1296 wakeup_pipe_readers(opipe
);
1301 * Determine where to splice to/from.
1303 long do_splice(struct file
*in
, loff_t
*off_in
, struct file
*out
,
1304 loff_t
*off_out
, size_t len
, unsigned int flags
)
1306 struct pipe_inode_info
*ipipe
;
1307 struct pipe_inode_info
*opipe
;
1311 if (unlikely(!(in
->f_mode
& FMODE_READ
) ||
1312 !(out
->f_mode
& FMODE_WRITE
)))
1315 ipipe
= get_pipe_info(in
, true);
1316 opipe
= get_pipe_info(out
, true);
1318 if (ipipe
&& opipe
) {
1319 if (off_in
|| off_out
)
1322 /* Splicing to self would be fun, but... */
1326 if ((in
->f_flags
| out
->f_flags
) & O_NONBLOCK
)
1327 flags
|= SPLICE_F_NONBLOCK
;
1329 ret
= splice_pipe_to_pipe(ipipe
, opipe
, len
, flags
);
1334 if (!(out
->f_mode
& FMODE_PWRITE
))
1338 offset
= out
->f_pos
;
1341 if (unlikely(out
->f_flags
& O_APPEND
))
1344 ret
= rw_verify_area(WRITE
, out
, &offset
, len
);
1345 if (unlikely(ret
< 0))
1348 if (in
->f_flags
& O_NONBLOCK
)
1349 flags
|= SPLICE_F_NONBLOCK
;
1351 file_start_write(out
);
1352 ret
= do_splice_from(ipipe
, out
, &offset
, len
, flags
);
1353 file_end_write(out
);
1356 out
->f_pos
= offset
;
1363 if (!(in
->f_mode
& FMODE_PREAD
))
1370 ret
= rw_verify_area(READ
, in
, &offset
, len
);
1371 if (unlikely(ret
< 0))
1374 if (out
->f_flags
& O_NONBLOCK
)
1375 flags
|= SPLICE_F_NONBLOCK
;
1377 ret
= splice_file_to_pipe(in
, opipe
, &offset
, len
, flags
);
1389 * Generate modify out before access in:
1390 * do_splice_from() may've already sent modify out,
1391 * and this ensures the events get merged.
1393 fsnotify_modify(out
);
1394 fsnotify_access(in
);
1400 static long __do_splice(struct file
*in
, loff_t __user
*off_in
,
1401 struct file
*out
, loff_t __user
*off_out
,
1402 size_t len
, unsigned int flags
)
1404 struct pipe_inode_info
*ipipe
;
1405 struct pipe_inode_info
*opipe
;
1406 loff_t offset
, *__off_in
= NULL
, *__off_out
= NULL
;
1409 ipipe
= get_pipe_info(in
, true);
1410 opipe
= get_pipe_info(out
, true);
1415 pipe_clear_nowait(in
);
1420 pipe_clear_nowait(out
);
1424 if (copy_from_user(&offset
, off_out
, sizeof(loff_t
)))
1426 __off_out
= &offset
;
1429 if (copy_from_user(&offset
, off_in
, sizeof(loff_t
)))
1434 ret
= do_splice(in
, __off_in
, out
, __off_out
, len
, flags
);
1438 if (__off_out
&& copy_to_user(off_out
, __off_out
, sizeof(loff_t
)))
1440 if (__off_in
&& copy_to_user(off_in
, __off_in
, sizeof(loff_t
)))
1446 static int iter_to_pipe(struct iov_iter
*from
,
1447 struct pipe_inode_info
*pipe
,
1450 struct pipe_buffer buf
= {
1451 .ops
= &user_page_pipe_buf_ops
,
1457 while (iov_iter_count(from
)) {
1458 struct page
*pages
[16];
1463 left
= iov_iter_get_pages2(from
, pages
, ~0UL, 16, &start
);
1469 n
= DIV_ROUND_UP(left
+ start
, PAGE_SIZE
);
1470 for (i
= 0; i
< n
; i
++) {
1471 int size
= min_t(int, left
, PAGE_SIZE
- start
);
1473 buf
.page
= pages
[i
];
1476 ret
= add_to_pipe(pipe
, &buf
);
1477 if (unlikely(ret
< 0)) {
1478 iov_iter_revert(from
, left
);
1479 // this one got dropped by add_to_pipe()
1490 return total
? total
: ret
;
1493 static int pipe_to_user(struct pipe_inode_info
*pipe
, struct pipe_buffer
*buf
,
1494 struct splice_desc
*sd
)
1496 int n
= copy_page_to_iter(buf
->page
, buf
->offset
, sd
->len
, sd
->u
.data
);
1497 return n
== sd
->len
? n
: -EFAULT
;
1501 * For lack of a better implementation, implement vmsplice() to userspace
1502 * as a simple copy of the pipes pages to the user iov.
1504 static long vmsplice_to_user(struct file
*file
, struct iov_iter
*iter
,
1507 struct pipe_inode_info
*pipe
= get_pipe_info(file
, true);
1508 struct splice_desc sd
= {
1509 .total_len
= iov_iter_count(iter
),
1518 pipe_clear_nowait(file
);
1522 ret
= __splice_from_pipe(pipe
, &sd
, pipe_to_user
);
1527 fsnotify_access(file
);
1533 * vmsplice splices a user address range into a pipe. It can be thought of
1534 * as splice-from-memory, where the regular splice is splice-from-file (or
1535 * to file). In both cases the output is a pipe, naturally.
1537 static long vmsplice_to_pipe(struct file
*file
, struct iov_iter
*iter
,
1540 struct pipe_inode_info
*pipe
;
1542 unsigned buf_flag
= 0;
1544 if (flags
& SPLICE_F_GIFT
)
1545 buf_flag
= PIPE_BUF_FLAG_GIFT
;
1547 pipe
= get_pipe_info(file
, true);
1551 pipe_clear_nowait(file
);
1554 ret
= wait_for_space(pipe
, flags
);
1556 ret
= iter_to_pipe(iter
, pipe
, buf_flag
);
1559 wakeup_pipe_readers(pipe
);
1560 fsnotify_modify(file
);
1565 static int vmsplice_type(struct fd f
, int *type
)
1569 if (f
.file
->f_mode
& FMODE_WRITE
) {
1570 *type
= ITER_SOURCE
;
1571 } else if (f
.file
->f_mode
& FMODE_READ
) {
1581 * Note that vmsplice only really supports true splicing _from_ user memory
1582 * to a pipe, not the other way around. Splicing from user memory is a simple
1583 * operation that can be supported without any funky alignment restrictions
1584 * or nasty vm tricks. We simply map in the user memory and fill them into
1585 * a pipe. The reverse isn't quite as easy, though. There are two possible
1586 * solutions for that:
1588 * - memcpy() the data internally, at which point we might as well just
1589 * do a regular read() on the buffer anyway.
1590 * - Lots of nasty vm tricks, that are neither fast nor flexible (it
1591 * has restriction limitations on both ends of the pipe).
1593 * Currently we punt and implement it as a normal copy, see pipe_to_user().
1596 SYSCALL_DEFINE4(vmsplice
, int, fd
, const struct iovec __user
*, uiov
,
1597 unsigned long, nr_segs
, unsigned int, flags
)
1599 struct iovec iovstack
[UIO_FASTIOV
];
1600 struct iovec
*iov
= iovstack
;
1601 struct iov_iter iter
;
1606 if (unlikely(flags
& ~SPLICE_F_ALL
))
1610 error
= vmsplice_type(f
, &type
);
1614 error
= import_iovec(type
, uiov
, nr_segs
,
1615 ARRAY_SIZE(iovstack
), &iov
, &iter
);
1619 if (!iov_iter_count(&iter
))
1621 else if (type
== ITER_SOURCE
)
1622 error
= vmsplice_to_pipe(f
.file
, &iter
, flags
);
1624 error
= vmsplice_to_user(f
.file
, &iter
, flags
);
1632 SYSCALL_DEFINE6(splice
, int, fd_in
, loff_t __user
*, off_in
,
1633 int, fd_out
, loff_t __user
*, off_out
,
1634 size_t, len
, unsigned int, flags
)
1642 if (unlikely(flags
& ~SPLICE_F_ALL
))
1648 out
= fdget(fd_out
);
1650 error
= __do_splice(in
.file
, off_in
, out
.file
, off_out
,
1660 * Make sure there's data to read. Wait for input if we can, otherwise
1661 * return an appropriate error.
1663 static int ipipe_prep(struct pipe_inode_info
*pipe
, unsigned int flags
)
1668 * Check the pipe occupancy without the inode lock first. This function
1669 * is speculative anyways, so missing one is ok.
1671 if (!pipe_empty(pipe
->head
, pipe
->tail
))
1677 while (pipe_empty(pipe
->head
, pipe
->tail
)) {
1678 if (signal_pending(current
)) {
1684 if (flags
& SPLICE_F_NONBLOCK
) {
1688 pipe_wait_readable(pipe
);
1696 * Make sure there's writeable room. Wait for room if we can, otherwise
1697 * return an appropriate error.
1699 static int opipe_prep(struct pipe_inode_info
*pipe
, unsigned int flags
)
1704 * Check pipe occupancy without the inode lock first. This function
1705 * is speculative anyways, so missing one is ok.
1707 if (!pipe_full(pipe
->head
, pipe
->tail
, pipe
->max_usage
))
1713 while (pipe_full(pipe
->head
, pipe
->tail
, pipe
->max_usage
)) {
1714 if (!pipe
->readers
) {
1715 send_sig(SIGPIPE
, current
, 0);
1719 if (flags
& SPLICE_F_NONBLOCK
) {
1723 if (signal_pending(current
)) {
1727 pipe_wait_writable(pipe
);
1735 * Splice contents of ipipe to opipe.
1737 static int splice_pipe_to_pipe(struct pipe_inode_info
*ipipe
,
1738 struct pipe_inode_info
*opipe
,
1739 size_t len
, unsigned int flags
)
1741 struct pipe_buffer
*ibuf
, *obuf
;
1742 unsigned int i_head
, o_head
;
1743 unsigned int i_tail
, o_tail
;
1744 unsigned int i_mask
, o_mask
;
1746 bool input_wakeup
= false;
1750 ret
= ipipe_prep(ipipe
, flags
);
1754 ret
= opipe_prep(opipe
, flags
);
1759 * Potential ABBA deadlock, work around it by ordering lock
1760 * grabbing by pipe info address. Otherwise two different processes
1761 * could deadlock (one doing tee from A -> B, the other from B -> A).
1763 pipe_double_lock(ipipe
, opipe
);
1765 i_tail
= ipipe
->tail
;
1766 i_mask
= ipipe
->ring_size
- 1;
1767 o_head
= opipe
->head
;
1768 o_mask
= opipe
->ring_size
- 1;
1773 if (!opipe
->readers
) {
1774 send_sig(SIGPIPE
, current
, 0);
1780 i_head
= ipipe
->head
;
1781 o_tail
= opipe
->tail
;
1783 if (pipe_empty(i_head
, i_tail
) && !ipipe
->writers
)
1787 * Cannot make any progress, because either the input
1788 * pipe is empty or the output pipe is full.
1790 if (pipe_empty(i_head
, i_tail
) ||
1791 pipe_full(o_head
, o_tail
, opipe
->max_usage
)) {
1792 /* Already processed some buffers, break */
1796 if (flags
& SPLICE_F_NONBLOCK
) {
1802 * We raced with another reader/writer and haven't
1803 * managed to process any buffers. A zero return
1804 * value means EOF, so retry instead.
1811 ibuf
= &ipipe
->bufs
[i_tail
& i_mask
];
1812 obuf
= &opipe
->bufs
[o_head
& o_mask
];
1814 if (len
>= ibuf
->len
) {
1816 * Simply move the whole buffer from ipipe to opipe
1821 ipipe
->tail
= i_tail
;
1822 input_wakeup
= true;
1825 opipe
->head
= o_head
;
1828 * Get a reference to this pipe buffer,
1829 * so we can copy the contents over.
1831 if (!pipe_buf_get(ipipe
, ibuf
)) {
1839 * Don't inherit the gift and merge flags, we need to
1840 * prevent multiple steals of this page.
1842 obuf
->flags
&= ~PIPE_BUF_FLAG_GIFT
;
1843 obuf
->flags
&= ~PIPE_BUF_FLAG_CAN_MERGE
;
1846 ibuf
->offset
+= len
;
1850 opipe
->head
= o_head
;
1860 * If we put data in the output pipe, wakeup any potential readers.
1863 wakeup_pipe_readers(opipe
);
1866 wakeup_pipe_writers(ipipe
);
1872 * Link contents of ipipe to opipe.
1874 static int link_pipe(struct pipe_inode_info
*ipipe
,
1875 struct pipe_inode_info
*opipe
,
1876 size_t len
, unsigned int flags
)
1878 struct pipe_buffer
*ibuf
, *obuf
;
1879 unsigned int i_head
, o_head
;
1880 unsigned int i_tail
, o_tail
;
1881 unsigned int i_mask
, o_mask
;
1885 * Potential ABBA deadlock, work around it by ordering lock
1886 * grabbing by pipe info address. Otherwise two different processes
1887 * could deadlock (one doing tee from A -> B, the other from B -> A).
1889 pipe_double_lock(ipipe
, opipe
);
1891 i_tail
= ipipe
->tail
;
1892 i_mask
= ipipe
->ring_size
- 1;
1893 o_head
= opipe
->head
;
1894 o_mask
= opipe
->ring_size
- 1;
1897 if (!opipe
->readers
) {
1898 send_sig(SIGPIPE
, current
, 0);
1904 i_head
= ipipe
->head
;
1905 o_tail
= opipe
->tail
;
1908 * If we have iterated all input buffers or run out of
1909 * output room, break.
1911 if (pipe_empty(i_head
, i_tail
) ||
1912 pipe_full(o_head
, o_tail
, opipe
->max_usage
))
1915 ibuf
= &ipipe
->bufs
[i_tail
& i_mask
];
1916 obuf
= &opipe
->bufs
[o_head
& o_mask
];
1919 * Get a reference to this pipe buffer,
1920 * so we can copy the contents over.
1922 if (!pipe_buf_get(ipipe
, ibuf
)) {
1931 * Don't inherit the gift and merge flag, we need to prevent
1932 * multiple steals of this page.
1934 obuf
->flags
&= ~PIPE_BUF_FLAG_GIFT
;
1935 obuf
->flags
&= ~PIPE_BUF_FLAG_CAN_MERGE
;
1937 if (obuf
->len
> len
)
1943 opipe
->head
= o_head
;
1951 * If we put data in the output pipe, wakeup any potential readers.
1954 wakeup_pipe_readers(opipe
);
1960 * This is a tee(1) implementation that works on pipes. It doesn't copy
1961 * any data, it simply references the 'in' pages on the 'out' pipe.
1962 * The 'flags' used are the SPLICE_F_* variants, currently the only
1963 * applicable one is SPLICE_F_NONBLOCK.
1965 long do_tee(struct file
*in
, struct file
*out
, size_t len
, unsigned int flags
)
1967 struct pipe_inode_info
*ipipe
= get_pipe_info(in
, true);
1968 struct pipe_inode_info
*opipe
= get_pipe_info(out
, true);
1971 if (unlikely(!(in
->f_mode
& FMODE_READ
) ||
1972 !(out
->f_mode
& FMODE_WRITE
)))
1976 * Duplicate the contents of ipipe to opipe without actually
1979 if (ipipe
&& opipe
&& ipipe
!= opipe
) {
1980 if ((in
->f_flags
| out
->f_flags
) & O_NONBLOCK
)
1981 flags
|= SPLICE_F_NONBLOCK
;
1984 * Keep going, unless we encounter an error. The ipipe/opipe
1985 * ordering doesn't really matter.
1987 ret
= ipipe_prep(ipipe
, flags
);
1989 ret
= opipe_prep(opipe
, flags
);
1991 ret
= link_pipe(ipipe
, opipe
, len
, flags
);
1996 fsnotify_access(in
);
1997 fsnotify_modify(out
);
2003 SYSCALL_DEFINE4(tee
, int, fdin
, int, fdout
, size_t, len
, unsigned int, flags
)
2008 if (unlikely(flags
& ~SPLICE_F_ALL
))
2019 error
= do_tee(in
.file
, out
.file
, len
, flags
);