1 /* $NetBSD: vfs_init.c,v 1.61 2023/04/29 10:07:22 riastradh Exp $ */
2
3 /*-
4 * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Jason R. Thorpe of the Numerical Aerospace Simulation Facility,
9 * NASA Ames Research Center.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 * POSSIBILITY OF SUCH DAMAGE.
31 */
32
33 /*
34 * Copyright (c) 1989, 1993
35 * The Regents of the University of California. All rights reserved.
36 *
37 * This code is derived from software contributed
38 * to Berkeley by John Heidemann of the UCLA Ficus project.
39 *
40 * Source: * @(#)i405_init.c 2.10 92/04/27 UCLA Ficus project
41 *
42 * Redistribution and use in source and binary forms, with or without
43 * modification, are permitted provided that the following conditions
44 * are met:
45 * 1. Redistributions of source code must retain the above copyright
46 * notice, this list of conditions and the following disclaimer.
47 * 2. Redistributions in binary form must reproduce the above copyright
48 * notice, this list of conditions and the following disclaimer in the
49 * documentation and/or other materials provided with the distribution.
50 * 3. Neither the name of the University nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * SUCH DAMAGE.
65 *
66 * @(#)vfs_init.c 8.5 (Berkeley) 5/11/95
67 */
68
69 #include <sys/cdefs.h>
70 __KERNEL_RCSID(0, "$NetBSD: vfs_init.c,v 1.61 2023/04/29 10:07:22 riastradh Exp $");
71
72 #include <sys/param.h>
73 #include <sys/types.h>
74
75 #include <sys/buf.h>
76 #include <sys/dirhash.h>
77 #include <sys/errno.h>
78 #include <sys/kauth.h>
79 #include <sys/kmem.h>
80 #include <sys/module.h>
81 #include <sys/mount.h>
82 #include <sys/namei.h>
83 #include <sys/sdt.h>
84 #include <sys/stat.h>
85 #include <sys/sysctl.h>
86 #include <sys/systm.h>
87 #include <sys/time.h>
88 #include <sys/ucred.h>
89 #include <sys/vnode.h>
90 #include <sys/vnode_impl.h>
91
92 #include <miscfs/deadfs/deadfs.h>
93 #include <miscfs/fifofs/fifo.h>
94 #include <miscfs/specfs/specdev.h>
95
96 /*
97 * Sigh, such primitive tools are these...
98 */
99 #if 0
100 #define DODEBUG(A) A
101 #else
102 #define DODEBUG(A)
103 #endif
104
105 SDT_PROVIDER_DEFINE(vfs);
106
107 pool_cache_t pnbuf_cache;
108
109 /*
110 * These vnodeopv_descs are listed here because they are not
111 * associated with any particular file system, and thus cannot
112 * be initialized by vfs_attach().
113 */
114 const struct vnodeopv_desc * const vfs_special_vnodeopv_descs[] = {
115 &dead_vnodeop_opv_desc,
116 &fifo_vnodeop_opv_desc,
117 &spec_vnodeop_opv_desc,
118 NULL,
119 };
120
121 struct vfs_list_head vfs_list = /* vfs list */
122 LIST_HEAD_INITIALIZER(vfs_list);
123
124 static kauth_listener_t mount_listener;
125
126 /*
127 * This code doesn't work if the defn is **vnodop_defns with cc.
128 * The problem is because of the compiler sometimes putting in an
129 * extra level of indirection for arrays. It's an interesting
130 * "feature" of C.
131 */
132 typedef int (*PFI)(void *);
133
134 /*
135 * A miscellaneous routine.
136 * A generic "default" routine that just returns an error.
137 */
138 /*ARGSUSED*/
139 int
vn_default_error(void * v)140 vn_default_error(void *v)
141 {
142
143 return (EOPNOTSUPP);
144 }
145
146 static struct sysctllog *vfs_sysctllog;
147
148 /*
149 * Top level filesystem related information gathering.
150 */
151 static void
sysctl_vfs_setup(void)152 sysctl_vfs_setup(void)
153 {
154
155 sysctl_createv(&vfs_sysctllog, 0, NULL, NULL,
156 CTLFLAG_PERMANENT,
157 CTLTYPE_NODE, "generic",
158 SYSCTL_DESCR("Non-specific vfs related information"),
159 NULL, 0, NULL, 0,
160 CTL_VFS, VFS_GENERIC, CTL_EOL);
161 sysctl_createv(&vfs_sysctllog, 0, NULL, NULL,
162 CTLFLAG_PERMANENT,
163 CTLTYPE_STRING, "fstypes",
164 SYSCTL_DESCR("List of file systems present"),
165 sysctl_vfs_generic_fstypes, 0, NULL, 0,
166 CTL_VFS, VFS_GENERIC, CTL_CREATE, CTL_EOL);
167 sysctl_createv(&vfs_sysctllog, 0, NULL, NULL,
168 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
169 CTLTYPE_INT, "magiclinks",
170 SYSCTL_DESCR("Whether \"magic\" symlinks are expanded"),
171 NULL, 0, &vfs_magiclinks, 0,
172 CTL_VFS, VFS_GENERIC, VFS_MAGICLINKS, CTL_EOL);
173 sysctl_createv(&vfs_sysctllog, 0, NULL, NULL,
174 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
175 CTLTYPE_INT, "timestamp_precision",
176 SYSCTL_DESCR("File timestamp precision"),
177 NULL, 0, &vfs_timestamp_precision, 0,
178 CTL_VFS, VFS_GENERIC, VFS_TIMESTAMP_PRECISION,
179 CTL_EOL);
180 }
181
182
183 /*
184 * vfs_init.c
185 *
186 * Allocate and fill in operations vectors.
187 *
188 * An undocumented feature of this approach to defining operations is that
189 * there can be multiple entries in vfs_opv_descs for the same operations
190 * vector. This allows third parties to extend the set of operations
191 * supported by another layer in a binary compatibile way. For example,
192 * assume that NFS needed to be modified to support Ficus. NFS has an entry
193 * (probably nfs_vnopdeop_decls) declaring all the operations NFS supports by
194 * default. Ficus could add another entry (ficus_nfs_vnodeop_decl_entensions)
195 * listing those new operations Ficus adds to NFS, all without modifying the
196 * NFS code. (Of couse, the OTW NFS protocol still needs to be munged, but
197 * that is a(whole)nother story.) This is a feature.
198 */
199
200 /*
201 * Init the vector, if it needs it.
202 * Also handle backwards compatibility.
203 */
204 static void
vfs_opv_init_explicit(const struct vnodeopv_desc * vfs_opv_desc)205 vfs_opv_init_explicit(const struct vnodeopv_desc *vfs_opv_desc)
206 {
207 int (**opv_desc_vector)(void *);
208 const struct vnodeopv_entry_desc *opve_descp;
209
210 opv_desc_vector = *(vfs_opv_desc->opv_desc_vector_p);
211
212 for (opve_descp = vfs_opv_desc->opv_desc_ops;
213 opve_descp->opve_op;
214 opve_descp++) {
215 /*
216 * Sanity check: is this operation listed
217 * in the list of operations? We check this
218 * by seeing if its offset is zero. Since
219 * the default routine should always be listed
220 * first, it should be the only one with a zero
221 * offset. Any other operation with a zero
222 * offset is probably not listed in
223 * vfs_op_descs, and so is probably an error.
224 *
225 * A panic here means the layer programmer
226 * has committed the all-too common bug
227 * of adding a new operation to the layer's
228 * list of vnode operations but
229 * not adding the operation to the system-wide
230 * list of supported operations.
231 */
232 if (opve_descp->opve_op->vdesc_offset == 0 &&
233 opve_descp->opve_op->vdesc_offset != VOFFSET(vop_default)) {
234 printf("operation %s not listed in %s.\n",
235 opve_descp->opve_op->vdesc_name, "vfs_op_descs");
236 panic ("vfs_opv_init: bad operation");
237 }
238
239 /*
240 * Fill in this entry.
241 */
242 opv_desc_vector[opve_descp->opve_op->vdesc_offset] =
243 opve_descp->opve_impl;
244 }
245 }
246
247 static void
vfs_opv_init_default(const struct vnodeopv_desc * vfs_opv_desc)248 vfs_opv_init_default(const struct vnodeopv_desc *vfs_opv_desc)
249 {
250 int j;
251 int (**opv_desc_vector)(void *);
252
253 opv_desc_vector = *(vfs_opv_desc->opv_desc_vector_p);
254
255 /*
256 * Force every operations vector to have a default routine.
257 */
258 if (opv_desc_vector[VOFFSET(vop_default)] == NULL)
259 panic("vfs_opv_init: operation vector without default routine.");
260
261 for (j = 0; j < VNODE_OPS_COUNT; j++)
262 if (opv_desc_vector[j] == NULL)
263 opv_desc_vector[j] =
264 opv_desc_vector[VOFFSET(vop_default)];
265 }
266
267 void
vfs_opv_init(const struct vnodeopv_desc * const * vopvdpp)268 vfs_opv_init(const struct vnodeopv_desc * const *vopvdpp)
269 {
270 int (**opv_desc_vector)(void *);
271 int i;
272
273 /*
274 * Allocate the vectors.
275 */
276 for (i = 0; vopvdpp[i] != NULL; i++) {
277 opv_desc_vector =
278 kmem_alloc(VNODE_OPS_COUNT * sizeof(PFI), KM_SLEEP);
279 memset(opv_desc_vector, 0, VNODE_OPS_COUNT * sizeof(PFI));
280 *(vopvdpp[i]->opv_desc_vector_p) = opv_desc_vector;
281 DODEBUG(printf("vector at %p allocated\n",
282 opv_desc_vector_p));
283 }
284
285 /*
286 * ...and fill them in.
287 */
288 for (i = 0; vopvdpp[i] != NULL; i++)
289 vfs_opv_init_explicit(vopvdpp[i]);
290
291 /*
292 * Finally, go back and replace unfilled routines
293 * with their default.
294 */
295 for (i = 0; vopvdpp[i] != NULL; i++)
296 vfs_opv_init_default(vopvdpp[i]);
297 }
298
299 void
vfs_opv_free(const struct vnodeopv_desc * const * vopvdpp)300 vfs_opv_free(const struct vnodeopv_desc * const *vopvdpp)
301 {
302 int i;
303
304 /*
305 * Free the vectors allocated in vfs_opv_init().
306 */
307 for (i = 0; vopvdpp[i] != NULL; i++) {
308 kmem_free(*(vopvdpp[i]->opv_desc_vector_p),
309 VNODE_OPS_COUNT * sizeof(PFI));
310 *(vopvdpp[i]->opv_desc_vector_p) = NULL;
311 }
312 }
313
314 #ifdef DEBUG
315 static void
vfs_op_check(void)316 vfs_op_check(void)
317 {
318 int i;
319
320 DODEBUG(printf("Vnode_interface_init.\n"));
321
322 /*
323 * Check offset of each op.
324 */
325 for (i = 0; vfs_op_descs[i]; i++) {
326 if (vfs_op_descs[i]->vdesc_offset != i)
327 panic("vfs_op_check: vfs_op_desc[] offset mismatch");
328 }
329
330 if (i != VNODE_OPS_COUNT) {
331 panic("vfs_op_check: vnode ops count mismatch (%d != %d)",
332 i, VNODE_OPS_COUNT);
333 }
334
335 DODEBUG(printf ("vfs_opv_numops=%d\n", VNODE_OPS_COUNT));
336 }
337 #endif /* DEBUG */
338
339 /*
340 * Common routine to check if an unprivileged mount is allowed.
341 *
342 * We export just this part (i.e., without the access control) so that if a
343 * secmodel wants to implement finer grained user mounts it can do so without
344 * copying too much code. More elaborate policies (i.e., specific users allowed
345 * to also create devices and/or introduce set-id binaries, or export
346 * file-systems) will require a different implementation.
347 *
348 * This routine is intended to be called from listener context, and as such
349 * does not take credentials as an argument.
350 */
351 int
usermount_common_policy(struct mount * mp,u_long flags)352 usermount_common_policy(struct mount *mp, u_long flags)
353 {
354
355 /* No exporting if unprivileged. */
356 if (flags & MNT_EXPORTED)
357 return EPERM;
358
359 /* Must have 'nosuid' and 'nodev'. */
360 if ((flags & MNT_NODEV) == 0 || (flags & MNT_NOSUID) == 0)
361 return EPERM;
362
363 /* Retain 'noexec'. */
364 if ((mp->mnt_flag & MNT_NOEXEC) && (flags & MNT_NOEXEC) == 0)
365 return EPERM;
366
367 return 0;
368 }
369
370 static int
mount_listener_cb(kauth_cred_t cred,kauth_action_t action,void * cookie,void * arg0,void * arg1,void * arg2,void * arg3)371 mount_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie,
372 void *arg0, void *arg1, void *arg2, void *arg3)
373 {
374 int result;
375 enum kauth_system_req req;
376
377 result = KAUTH_RESULT_DEFER;
378 req = (enum kauth_system_req)(uintptr_t)(uintptr_t)arg0;
379
380 if (action != KAUTH_SYSTEM_MOUNT)
381 return result;
382
383 if (req == KAUTH_REQ_SYSTEM_MOUNT_GET)
384 result = KAUTH_RESULT_ALLOW;
385 else if (req == KAUTH_REQ_SYSTEM_MOUNT_DEVICE) {
386 vnode_t *devvp = arg2;
387 accmode_t accmode = (accmode_t)(unsigned long)arg3;
388 int error;
389
390 error = VOP_ACCESS(devvp, accmode, cred);
391 if (!error)
392 result = KAUTH_RESULT_ALLOW;
393 }
394
395 return result;
396 }
397
398 /*
399 * Initialize the vnode structures and initialize each file system type.
400 */
401 void
vfsinit(void)402 vfsinit(void)
403 {
404
405 /*
406 * Attach sysctl nodes
407 */
408 sysctl_vfs_setup();
409
410 /*
411 * Initialize the namei pathname buffer pool and cache.
412 */
413 pnbuf_cache = pool_cache_init(MAXPATHLEN, 0, 0, 0, "pnbufpl",
414 NULL, IPL_NONE, NULL, NULL, NULL);
415 KASSERT(pnbuf_cache != NULL);
416
417 /*
418 * Initialize the vnode table
419 */
420 vntblinit();
421
422 /*
423 * Initialize the vnode name cache
424 */
425 nchinit();
426
427 #ifdef DEBUG
428 /*
429 * Check the list of vnode operations.
430 */
431 vfs_op_check();
432 #endif
433
434 /*
435 * Initialize the special vnode operations.
436 */
437 vfs_opv_init(vfs_special_vnodeopv_descs);
438
439 /*
440 * Initialise generic dirhash.
441 */
442 dirhash_init();
443
444 /*
445 * Initialise VFS hooks.
446 */
447 vfs_hooks_init();
448
449 mount_listener = kauth_listen_scope(KAUTH_SCOPE_SYSTEM,
450 mount_listener_cb, NULL);
451
452 /*
453 * Establish each file system which was statically
454 * included in the kernel.
455 */
456 module_init_class(MODULE_CLASS_VFS);
457
458 /*
459 * Initialize EVFILT_FS for kqueue.
460 */
461 vfs_evfilt_fs_init();
462 }
463
464 /*
465 * Drop a reference to a file system type.
466 */
467 void
vfs_delref(struct vfsops * vfs)468 vfs_delref(struct vfsops *vfs)
469 {
470
471 mutex_enter(&vfs_list_lock);
472 vfs->vfs_refcount--;
473 mutex_exit(&vfs_list_lock);
474 }
475
476 /*
477 * Establish a file system and initialize it.
478 */
479 int
vfs_attach(struct vfsops * vfs)480 vfs_attach(struct vfsops *vfs)
481 {
482 struct vfsops *v;
483 int error = 0;
484
485 mutex_enter(&vfs_list_lock);
486
487 /*
488 * Make sure this file system doesn't already exist.
489 */
490 LIST_FOREACH(v, &vfs_list, vfs_list) {
491 if (strcmp(vfs->vfs_name, v->vfs_name) == 0) {
492 error = EEXIST;
493 goto out;
494 }
495 }
496
497 /*
498 * Initialize the vnode operations for this file system.
499 */
500 vfs_opv_init(vfs->vfs_opv_descs);
501
502 /*
503 * Now initialize the file system itself.
504 */
505 (*vfs->vfs_init)();
506
507 /*
508 * ...and link it into the kernel's list.
509 */
510 LIST_INSERT_HEAD(&vfs_list, vfs, vfs_list);
511
512 /*
513 * Sanity: make sure the reference count is 0.
514 */
515 vfs->vfs_refcount = 0;
516 out:
517 mutex_exit(&vfs_list_lock);
518 return (error);
519 }
520
521 /*
522 * Remove a file system from the kernel.
523 */
524 int
vfs_detach(struct vfsops * vfs)525 vfs_detach(struct vfsops *vfs)
526 {
527 struct vfsops *v;
528 int error = 0;
529
530 mutex_enter(&vfs_list_lock);
531
532 /*
533 * Make sure no one is using the filesystem.
534 */
535 if (vfs->vfs_refcount != 0) {
536 error = EBUSY;
537 goto out;
538 }
539
540 /*
541 * ...and remove it from the kernel's list.
542 */
543 LIST_FOREACH(v, &vfs_list, vfs_list) {
544 if (v == vfs) {
545 LIST_REMOVE(v, vfs_list);
546 break;
547 }
548 }
549
550 if (v == NULL) {
551 error = ESRCH;
552 goto out;
553 }
554
555 /*
556 * Now run the file system-specific cleanups.
557 */
558 (*vfs->vfs_done)();
559
560 /*
561 * Free the vnode operations vector.
562 */
563 vfs_opv_free(vfs->vfs_opv_descs);
564 out:
565 mutex_exit(&vfs_list_lock);
566 return (error);
567 }
568
569 void
vfs_reinit(void)570 vfs_reinit(void)
571 {
572 struct vfsops *vfs;
573
574 mutex_enter(&vfs_list_lock);
575 LIST_FOREACH(vfs, &vfs_list, vfs_list) {
576 if (vfs->vfs_reinit) {
577 vfs->vfs_refcount++;
578 mutex_exit(&vfs_list_lock);
579 (*vfs->vfs_reinit)();
580 mutex_enter(&vfs_list_lock);
581 vfs->vfs_refcount--;
582 }
583 }
584 mutex_exit(&vfs_list_lock);
585 }
586