1 /*- 2 * modified for EXT2FS support in Lites 1.1 3 * 4 * Aug 1995, Godmar Back (gback@cs.utah.edu) 5 * University of Utah, Department of Computer Science 6 */ 7 /*- 8 * SPDX-License-Identifier: BSD-3-Clause 9 * 10 * Copyright (c) 1982, 1986, 1989, 1993 11 * The Regents of the University of California. All rights reserved. 12 * (c) UNIX System Laboratories, Inc. 13 * All or some portions of this file are derived from material licensed 14 * to the University of California by American Telephone and Telegraph 15 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 16 * the permission of UNIX System Laboratories, Inc. 17 * 18 * Redistribution and use in source and binary forms, with or without 19 * modification, are permitted provided that the following conditions 20 * are met: 21 * 1. Redistributions of source code must retain the above copyright 22 * notice, this list of conditions and the following disclaimer. 23 * 2. Redistributions in binary form must reproduce the above copyright 24 * notice, this list of conditions and the following disclaimer in the 25 * documentation and/or other materials provided with the distribution. 26 * 3. Neither the name of the University nor the names of its contributors 27 * may be used to endorse or promote products derived from this software 28 * without specific prior written permission. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 31 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 32 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 33 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 34 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 35 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 36 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 37 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 38 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 39 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 40 * SUCH DAMAGE. 41 * 42 * @(#)ufs_vnops.c 8.7 (Berkeley) 2/3/94 43 * @(#)ufs_vnops.c 8.27 (Berkeley) 5/27/95 44 * $FreeBSD$ 45 */ 46 47 #include "opt_suiddir.h" 48 49 #include <sys/param.h> 50 #include <sys/systm.h> 51 #include <sys/kernel.h> 52 #include <sys/fcntl.h> 53 #include <sys/filio.h> 54 #include <sys/limits.h> 55 #include <sys/stat.h> 56 #include <sys/bio.h> 57 #include <sys/buf2.h> 58 #include <sys/endian.h> 59 #include <sys/priv.h> 60 #include <sys/mount.h> 61 #include <sys/unistd.h> 62 #include <sys/time.h> 63 #include <sys/vnode.h> 64 #include <sys/namei.h> 65 #include <sys/lockf.h> 66 #include <sys/event.h> 67 #include <sys/conf.h> 68 #include <sys/file.h> 69 #include <sys/vmmeter.h> 70 #include <sys/vfsops.h> 71 #include <sys/malloc.h> 72 #include <sys/uio.h> 73 #include <sys/jail.h> 74 75 #include <vm/vm.h> 76 #include <vm/vm_param.h> 77 #include <vm/vm_extern.h> 78 #include <vm/vm_object.h> 79 #include <vm/vm_page2.h> 80 #include <vm/vm_pager.h> 81 #include <vm/vnode_pager.h> 82 83 #include <vfs/ufs/dir.h> 84 #include <vfs/fifofs/fifo.h> 85 86 #include <vfs/ext2fs/fs.h> 87 #include <vfs/ext2fs/inode.h> 88 #include <vfs/ext2fs/ext2fs.h> 89 #include <vfs/ext2fs/ext2_extern.h> 90 #include <vfs/ext2fs/ext2_dinode.h> 91 #include <vfs/ext2fs/ext2_dir.h> 92 #include <vfs/ext2fs/ext2_mount.h> 93 #include <vfs/ext2fs/ext2_extents.h> 94 95 SDT_PROVIDER_DECLARE(ext2fs); 96 /* 97 * ext2fs trace probe: 98 * arg0: verbosity. Higher numbers give more verbose messages 99 * arg1: Textual message 100 */ 101 SDT_PROBE_DEFINE2(ext2fs, , vnops, trace, "int", "char*"); 102 103 static int ext2_makeinode(int mode, struct vnode *, struct vnode **, struct componentname *); 104 105 static int ext2_chmod(struct vnode *, int, struct ucred *, struct thread *); 106 static int ext2_chown(struct vnode *, uid_t, gid_t, struct ucred *, 107 struct thread *); 108 109 /* 110 * A virgin directory (no blushing please). 111 * Note that the type and namlen fields are reversed relative to ext2. 112 * Also, we don't use `struct odirtemplate', since it would just cause 113 * endianness problems. 114 */ 115 static struct dirtemplate mastertemplate = { 116 0, htole16(12), 1, EXT2_FT_DIR, ".", 117 0, htole16(DIRBLKSIZ - 12), 2, EXT2_FT_DIR, ".." 118 }; 119 static struct dirtemplate omastertemplate = { 120 0, htole16(12), 1, EXT2_FT_UNKNOWN, ".", 121 0, htole16(DIRBLKSIZ - 12), 2, EXT2_FT_UNKNOWN, ".." 122 }; 123 124 void 125 ext2_itimes(struct vnode *vp) 126 { 127 struct inode *ip; 128 struct timespec ts; 129 130 ip = VTOI(vp); 131 if ((ip->i_flag & (IN_ACCESS | IN_CHANGE | IN_UPDATE)) == 0) 132 return; 133 if ((vp->v_type == VBLK || vp->v_type == VCHR)) 134 ip->i_flag |= IN_LAZYMOD; 135 else 136 ip->i_flag |= IN_MODIFIED; 137 if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) { 138 vfs_timestamp(&ts); 139 if (ip->i_flag & IN_ACCESS) { 140 ip->i_atime = ts.tv_sec; 141 ip->i_atimensec = ts.tv_nsec; 142 } 143 if (ip->i_flag & IN_UPDATE) { 144 ip->i_mtime = ts.tv_sec; 145 ip->i_mtimensec = ts.tv_nsec; 146 ip->i_modrev++; 147 } 148 if (ip->i_flag & IN_CHANGE) { 149 ip->i_ctime = ts.tv_sec; 150 ip->i_ctimensec = ts.tv_nsec; 151 } 152 } 153 ip->i_flag &= ~(IN_ACCESS | IN_CHANGE | IN_UPDATE); 154 } 155 156 /* 157 * Create a regular file 158 */ 159 static int 160 ext2_create(struct vop_old_create_args *ap) 161 { 162 int error; 163 164 error = 165 ext2_makeinode(MAKEIMODE(ap->a_vap->va_type, ap->a_vap->va_mode), 166 ap->a_dvp, ap->a_vpp, ap->a_cnp); 167 if (error != 0) 168 return (error); 169 return (0); 170 } 171 172 static int 173 ext2_open(struct vop_open_args *ap) 174 { 175 176 if (ap->a_vp->v_type == VBLK || ap->a_vp->v_type == VCHR) 177 return (EOPNOTSUPP); 178 179 /* 180 * Files marked append-only must be opened for appending. 181 */ 182 if ((VTOI(ap->a_vp)->i_flags & APPEND) && 183 (ap->a_mode & (FWRITE | O_APPEND)) == FWRITE) 184 return (EPERM); 185 186 return (vop_stdopen(ap)); 187 } 188 189 /* 190 * Close called. 191 * 192 * Update the times on the inode. 193 */ 194 static int 195 ext2_close(struct vop_close_args *ap) 196 { 197 struct vnode *vp = ap->a_vp; 198 199 if (VREFCNT(vp) > 1) 200 ext2_itimes(vp); 201 return (vop_stdclose(ap)); 202 } 203 204 static int 205 ext2_access(struct vop_access_args *ap) 206 { 207 struct vnode *vp = ap->a_vp; 208 struct inode *ip = VTOI(vp); 209 int error; 210 211 if (vp->v_type == VBLK || vp->v_type == VCHR) 212 return (EOPNOTSUPP); 213 214 error = vop_helper_access(ap, ip->i_uid, ip->i_gid, ip->i_mode, 215 ip->i_flags); 216 return (error); 217 } 218 219 static int 220 ext2_getattr(struct vop_getattr_args *ap) 221 { 222 struct vnode *vp = ap->a_vp; 223 struct inode *ip = VTOI(vp); 224 struct vattr *vap = ap->a_vap; 225 226 ext2_itimes(vp); 227 /* 228 * Copy from inode table 229 */ 230 vap->va_fsid = devid_from_dev(ip->i_dev); 231 vap->va_fileid = ip->i_number; 232 vap->va_mode = ip->i_mode & ~IFMT; 233 vap->va_nlink = ip->i_nlink; 234 vap->va_uid = ip->i_uid; 235 vap->va_gid = ip->i_gid; 236 vap->va_size = ip->i_size; 237 vap->va_atime.tv_sec = ip->i_atime; 238 vap->va_atime.tv_nsec = E2DI_HAS_XTIME(ip) ? ip->i_atimensec : 0; 239 vap->va_mtime.tv_sec = ip->i_mtime; 240 vap->va_mtime.tv_nsec = E2DI_HAS_XTIME(ip) ? ip->i_mtimensec : 0; 241 vap->va_ctime.tv_sec = ip->i_ctime; 242 vap->va_ctime.tv_nsec = E2DI_HAS_XTIME(ip) ? ip->i_ctimensec : 0; 243 vap->va_flags = ip->i_flags; 244 vap->va_gen = ip->i_gen; 245 vap->va_blocksize = vp->v_mount->mnt_stat.f_iosize; 246 vap->va_bytes = dbtob((u_quad_t)ip->i_blocks); 247 vap->va_type = IFTOVT(ip->i_mode); 248 vap->va_filerev = ip->i_modrev; 249 return (0); 250 } 251 252 /* 253 * Set attribute vnode op. called from several syscalls 254 */ 255 static int 256 ext2_setattr(struct vop_setattr_args *ap) 257 { 258 struct vattr *vap = ap->a_vap; 259 struct vnode *vp = ap->a_vp; 260 struct inode *ip = VTOI(vp); 261 struct ucred *cred = ap->a_cred; 262 struct thread *td = curthread; 263 int error; 264 265 /* 266 * Check for unsettable attributes. 267 */ 268 if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) || 269 (vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) || 270 (vap->va_blocksize != VNOVAL) || (vap->va_rmajor != VNOVAL) || 271 ((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) { 272 return (EINVAL); 273 } 274 if (vap->va_flags != VNOVAL) { 275 /* Disallow flags not supported by ext2fs. */ 276 if (vap->va_flags & ~(SF_APPEND | SF_IMMUTABLE | UF_NODUMP)) 277 return (EOPNOTSUPP); 278 279 if (vp->v_mount->mnt_flag & MNT_RDONLY) 280 return (EROFS); 281 if (cred->cr_uid != ip->i_uid && 282 (error = priv_check_cred(cred, PRIV_VFS_SETATTR, 0))) 283 return (error); 284 /* 285 * Note that a root chflags becomes a user chflags when 286 * we are jailed, unless the jail vfs_chflags sysctl 287 * is set. 288 */ 289 if (cred->cr_uid == 0 && 290 (!jailed(cred) || PRISON_CAP_ISSET(cred->cr_prison->pr_caps, 291 PRISON_CAP_VFS_CHFLAGS))) { 292 if ((ip->i_flags 293 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) && 294 securelevel > 0) 295 return (EPERM); 296 ip->i_flags = vap->va_flags; 297 } else { 298 if (ip->i_flags 299 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) || 300 (vap->va_flags & UF_SETTABLE) != vap->va_flags) 301 return (EPERM); 302 ip->i_flags &= SF_SETTABLE; 303 ip->i_flags |= (vap->va_flags & UF_SETTABLE); 304 } 305 ip->i_flag |= IN_CHANGE; 306 if (vap->va_flags & (IMMUTABLE | APPEND)) 307 return (0); 308 } 309 if (ip->i_flags & (IMMUTABLE | APPEND)) 310 return (EPERM); 311 /* 312 * Go through the fields and update iff not VNOVAL. 313 */ 314 if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) { 315 if (vp->v_mount->mnt_flag & MNT_RDONLY) 316 return (EROFS); 317 if ((error = ext2_chown(vp, vap->va_uid, vap->va_gid, cred, 318 td)) != 0) 319 return (error); 320 } 321 if (vap->va_size != VNOVAL) { 322 /* 323 * Disallow write attempts on read-only file systems; 324 * unless the file is a socket, fifo, or a block or 325 * character device resident on the file system. 326 */ 327 switch (vp->v_type) { 328 case VDIR: 329 return (EISDIR); 330 case VLNK: 331 case VREG: 332 if (vp->v_mount->mnt_flag & MNT_RDONLY) 333 return (EROFS); 334 break; 335 default: 336 break; 337 } 338 if ((error = ext2_truncate(vp, vap->va_size, 0, cred)) != 0) 339 return (error); 340 } 341 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 342 if (vp->v_mount->mnt_flag & MNT_RDONLY) 343 return (EROFS); 344 if (cred->cr_uid != ip->i_uid && 345 (error = priv_check_cred(cred, PRIV_VFS_SETATTR, 0)) && 346 ((vap->va_vaflags & VA_UTIMES_NULL) == 0 || 347 (error = VOP_EACCESS(vp, VWRITE, cred)))) 348 return (error); 349 ip->i_flag |= IN_CHANGE | IN_MODIFIED; 350 if (vap->va_atime.tv_sec != VNOVAL) { 351 ip->i_flag &= ~IN_ACCESS; 352 ip->i_atime = vap->va_atime.tv_sec; 353 ip->i_atimensec = vap->va_atime.tv_nsec; 354 } 355 if (vap->va_mtime.tv_sec != VNOVAL) { 356 ip->i_flag &= ~IN_UPDATE; 357 ip->i_mtime = vap->va_mtime.tv_sec; 358 ip->i_mtimensec = vap->va_mtime.tv_nsec; 359 } 360 error = ext2_update(vp, 0); 361 if (error) 362 return (error); 363 } 364 error = 0; 365 if (vap->va_mode != (mode_t)VNOVAL) { 366 if (vp->v_mount->mnt_flag & MNT_RDONLY) 367 return (EROFS); 368 error = ext2_chmod(vp, (int)vap->va_mode, cred, td); 369 } 370 return (error); 371 } 372 373 /* 374 * Change the mode on a file. 375 * Inode must be locked before calling. 376 */ 377 static int 378 ext2_chmod(struct vnode *vp, int mode, struct ucred *cred, struct thread *td) 379 { 380 struct inode *ip = VTOI(vp); 381 int error; 382 383 if (cred->cr_uid != ip->i_uid) { 384 error = priv_check_cred(cred, PRIV_VFS_CHMOD, 0); 385 if (error) 386 return (error); 387 } 388 if (cred->cr_uid) { 389 if (vp->v_type != VDIR && (mode & S_ISTXT)) 390 return (EFTYPE); 391 if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) 392 return (EPERM); 393 } 394 ip->i_mode &= ~ALLPERMS; 395 ip->i_mode |= (mode & ALLPERMS); 396 ip->i_flag |= IN_CHANGE; 397 return (0); 398 } 399 400 /* 401 * Perform chown operation on inode ip; 402 * inode must be locked prior to call. 403 */ 404 static int 405 ext2_chown(struct vnode *vp, uid_t uid, gid_t gid, struct ucred *cred, 406 struct thread *td) 407 { 408 struct inode *ip = VTOI(vp); 409 uid_t ouid; 410 gid_t ogid; 411 int error = 0; 412 413 if (uid == (uid_t)VNOVAL) 414 uid = ip->i_uid; 415 if (gid == (gid_t)VNOVAL) 416 gid = ip->i_gid; 417 /* 418 * If we don't own the file, are trying to change the owner 419 * of the file, or are not a member of the target group, 420 * the caller must be superuser or the call fails. 421 */ 422 if ((cred->cr_uid != ip->i_uid || uid != ip->i_uid || 423 (gid != ip->i_gid && !(cred->cr_gid == gid || 424 groupmember(gid, cred)))) && 425 (error = priv_check_cred(cred, PRIV_VFS_CHOWN, 0))) 426 return (error); 427 ogid = ip->i_gid; 428 ouid = ip->i_uid; 429 ip->i_gid = gid; 430 ip->i_uid = uid; 431 ip->i_flag |= IN_CHANGE; 432 if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) { 433 if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID, 0) != 0) 434 ip->i_mode &= ~(ISUID | ISGID); 435 } 436 return (0); 437 } 438 439 struct ext2_fsync_bp_info { 440 struct vnode *vp; 441 int waitfor; 442 }; 443 444 static int 445 ext2_fsync_bp(struct buf *bp, void *data) 446 { 447 struct ext2_fsync_bp_info *info = data; 448 449 if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_NOWAIT)) 450 return (0); 451 if ((bp->b_flags & B_DELWRI) == 0) 452 panic("ext2_fsync: not dirty"); 453 bremfree(bp); 454 455 /* 456 * Wait for I/O associated with indirect blocks to complete, 457 * since there is no way to quickly wait for them below. 458 */ 459 if (bp->b_vp == info->vp || (info->waitfor & MNT_NOWAIT)) 460 bawrite(bp); 461 else 462 bwrite(bp); 463 return (1); 464 } 465 466 /* 467 * Synch an open file. 468 */ 469 /* ARGSUSED */ 470 static int 471 ext2_fsync(struct vop_fsync_args *ap) 472 { 473 struct ext2_fsync_bp_info info; 474 struct vnode *vp = ap->a_vp; 475 int count; 476 477 /* 478 * XXX why is all this fs specific? 479 */ 480 481 /* 482 * Flush all dirty buffers associated with a vnode. 483 */ 484 lwkt_gettoken(&vp->v_token); 485 info.vp = vp; 486 loop: 487 info.waitfor = ap->a_waitfor; 488 count = RB_SCAN(buf_rb_tree, &vp->v_rbdirty_tree, NULL, ext2_fsync_bp, 489 &info); 490 if (count) 491 goto loop; 492 493 if (ap->a_waitfor == MNT_WAIT) { 494 bio_track_wait(&vp->v_track_write, 0, 0); 495 #ifdef DIAGNOSTIC 496 if (!RB_EMPTY(&vp->v_rbdirty_tree)) { 497 vprint("ext2_fsync: dirty", vp); 498 goto loop; 499 } 500 #endif 501 } 502 lwkt_reltoken(&vp->v_token); 503 504 return (ext2_update(ap->a_vp, ap->a_waitfor == MNT_WAIT)); 505 } 506 507 /* 508 * Mknod vnode call 509 */ 510 /* ARGSUSED */ 511 static int 512 ext2_mknod(struct vop_old_mknod_args *ap) 513 { 514 struct vattr *vap = ap->a_vap; 515 struct vnode **vpp = ap->a_vpp; 516 struct inode *ip; 517 ino_t ino; 518 int error; 519 520 if (vap->va_rmajor != VNOVAL && 521 makeudev(vap->va_rmajor, vap->va_rminor) == NOUDEV) { 522 return (EINVAL); 523 } 524 525 error = ext2_makeinode(MAKEIMODE(vap->va_type, vap->va_mode), 526 ap->a_dvp, vpp, ap->a_cnp); 527 if (error) 528 return (error); 529 ip = VTOI(*vpp); 530 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 531 if (vap->va_rmajor != VNOVAL) { 532 /* 533 * Want to be able to use this to make badblock 534 * inodes, so don't truncate the dev number. 535 */ 536 ip->i_rdev = makeudev(vap->va_rmajor, vap->va_rminor); 537 } 538 /* 539 * Remove inode, then reload it through VFS_VGET so it is 540 * checked to see if it is an alias of an existing entry in 541 * the inode cache. XXX I don't believe this is necessary now. 542 */ 543 (*vpp)->v_type = VNON; 544 ino = ip->i_number; /* Save this before vgone() invalidates ip. */ 545 vgone_vxlocked(*vpp); 546 vput(*vpp); 547 error = VFS_VGET(ap->a_dvp->v_mount, NULL, ino, vpp); 548 if (error) { 549 *vpp = NULL; 550 return (error); 551 } 552 return (0); 553 } 554 555 static int 556 ext2_remove(struct vop_old_remove_args *ap) 557 { 558 struct inode *ip; 559 struct vnode *vp = ap->a_vp; 560 struct vnode *dvp = ap->a_dvp; 561 int error; 562 563 ip = VTOI(vp); 564 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 565 (VTOI(dvp)->i_flags & APPEND)) { 566 error = EPERM; 567 goto out; 568 } 569 error = ext2_dirremove(dvp, ap->a_cnp); 570 if (error == 0) { 571 ip->i_nlink--; 572 ip->i_flag |= IN_CHANGE; 573 } 574 out: 575 return (error); 576 } 577 578 /* 579 * link vnode call 580 */ 581 static int 582 ext2_link(struct vop_old_link_args *ap) 583 { 584 struct vnode *vp = ap->a_vp; 585 struct vnode *tdvp = ap->a_tdvp; 586 struct componentname *cnp = ap->a_cnp; 587 struct inode *ip; 588 int error; 589 590 if (tdvp->v_mount != vp->v_mount) { 591 error = EXDEV; 592 goto out2; 593 } 594 if (tdvp != vp) { 595 error = vn_lock(vp, LK_EXCLUSIVE | LK_FAILRECLAIM); 596 if (error) 597 goto out2; 598 } 599 ip = VTOI(vp); 600 if ((nlink_t)ip->i_nlink >= EXT4_LINK_MAX) { 601 error = EMLINK; 602 goto out; 603 } 604 if (ip->i_flags & (IMMUTABLE | APPEND)) { 605 error = EPERM; 606 goto out; 607 } 608 ip->i_nlink++; 609 ip->i_flag |= IN_CHANGE; 610 error = ext2_update(vp, !DOINGASYNC(vp)); 611 if (!error) 612 error = ext2_direnter(ip, tdvp, cnp); 613 if (error) { 614 ip->i_nlink--; 615 ip->i_flag |= IN_CHANGE; 616 } 617 out: 618 if (tdvp != vp) 619 vn_unlock(vp); 620 out2: 621 return (error); 622 } 623 624 static int 625 ext2_inc_nlink(struct inode *ip) 626 { 627 628 ip->i_nlink++; 629 630 if (S_ISDIR(ip->i_mode) && 631 EXT2_HAS_RO_COMPAT_FEATURE(ip->i_e2fs, EXT2F_ROCOMPAT_DIR_NLINK) && 632 ip->i_nlink > 1) { 633 if (ip->i_nlink >= EXT4_LINK_MAX || ip->i_nlink == 2) 634 ip->i_nlink = 1; 635 } else if (ip->i_nlink > EXT4_LINK_MAX) { 636 ip->i_nlink--; 637 return (EMLINK); 638 } 639 640 return (0); 641 } 642 643 static void 644 ext2_dec_nlink(struct inode *ip) 645 { 646 647 if (!S_ISDIR(ip->i_mode) || ip->i_nlink > 2) 648 ip->i_nlink--; 649 } 650 651 /* 652 * Rename system call. 653 * rename("foo", "bar"); 654 * is essentially 655 * unlink("bar"); 656 * link("foo", "bar"); 657 * unlink("foo"); 658 * but ``atomically''. Can't do full commit without saving state in the 659 * inode on disk which isn't feasible at this time. Best we can do is 660 * always guarantee the target exists. 661 * 662 * Basic algorithm is: 663 * 664 * 1) Bump link count on source while we're linking it to the 665 * target. This also ensure the inode won't be deleted out 666 * from underneath us while we work (it may be truncated by 667 * a concurrent `trunc' or `open' for creation). 668 * 2) Link source to destination. If destination already exists, 669 * delete it first. 670 * 3) Unlink source reference to inode if still around. If a 671 * directory was moved and the parent of the destination 672 * is different from the source, patch the ".." entry in the 673 * directory. 674 */ 675 static int 676 ext2_rename(struct vop_old_rename_args *ap) 677 { 678 struct vnode *tvp = ap->a_tvp; 679 struct vnode *tdvp = ap->a_tdvp; 680 struct vnode *fvp = ap->a_fvp; 681 struct vnode *fdvp = ap->a_fdvp; 682 struct componentname *tcnp = ap->a_tcnp; 683 struct componentname *fcnp = ap->a_fcnp; 684 struct inode *ip, *xp, *dp; 685 struct dirtemplate *dirbuf; 686 int doingdirectory = 0, oldparent = 0, newparent = 0; 687 int error = 0; 688 u_char namlen; 689 690 /* 691 * Check for cross-device rename. 692 */ 693 if ((fvp->v_mount != tdvp->v_mount) || 694 (tvp && (fvp->v_mount != tvp->v_mount))) { 695 error = EXDEV; 696 abortit: 697 if (tdvp == tvp) 698 vrele(tdvp); 699 else 700 vput(tdvp); 701 if (tvp) 702 vput(tvp); 703 vrele(fdvp); 704 vrele(fvp); 705 return (error); 706 } 707 708 if (tvp && ((VTOI(tvp)->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 709 (VTOI(tdvp)->i_flags & APPEND))) { 710 error = EPERM; 711 goto abortit; 712 } 713 714 /* 715 * Renaming a file to itself has no effect. The upper layers should 716 * not call us in that case. Temporarily just warn if they do. 717 */ 718 if (fvp == tvp) { 719 SDT_PROBE2(ext2fs, , vnops, trace, 1, 720 "rename: fvp == tvp (can't happen)"); 721 error = 0; 722 goto abortit; 723 } 724 725 if ((error = vn_lock(fvp, LK_EXCLUSIVE | LK_FAILRECLAIM)) != 0) 726 goto abortit; 727 dp = VTOI(fdvp); 728 ip = VTOI(fvp); 729 if (ip->i_nlink >= EXT4_LINK_MAX && 730 !EXT2_HAS_RO_COMPAT_FEATURE(ip->i_e2fs, EXT2F_ROCOMPAT_DIR_NLINK)) { 731 vn_unlock(fvp); 732 error = EMLINK; 733 goto abortit; 734 } 735 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) 736 || (dp->i_flags & APPEND)) { 737 vn_unlock(fvp); 738 error = EPERM; 739 goto abortit; 740 } 741 if ((ip->i_mode & IFMT) == IFDIR) { 742 /* 743 * Avoid ".", "..", and aliases of "." for obvious reasons. 744 */ 745 if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') || 746 dp == ip || (fcnp->cn_flags | tcnp->cn_flags) & CNP_ISDOTDOT || 747 (ip->i_flag & IN_RENAME)) { 748 vn_unlock(fvp); 749 error = EINVAL; 750 goto abortit; 751 } 752 ip->i_flag |= IN_RENAME; 753 oldparent = dp->i_number; 754 doingdirectory++; 755 } 756 //vrele(fdvp); XXX 757 758 /* 759 * When the target exists, both the directory 760 * and target vnodes are returned locked. 761 */ 762 dp = VTOI(tdvp); 763 xp = NULL; 764 if (tvp) 765 xp = VTOI(tvp); 766 767 /* 768 * 1) Bump link count while we're moving stuff 769 * around. If we crash somewhere before 770 * completing our work, the link count 771 * may be wrong, but correctable. 772 */ 773 ext2_inc_nlink(ip); 774 ip->i_flag |= IN_CHANGE; 775 if ((error = ext2_update(fvp, !DOINGASYNC(fvp))) != 0) { 776 vn_unlock(fvp); 777 goto bad; 778 } 779 780 /* 781 * If ".." must be changed (ie the directory gets a new 782 * parent) then the source directory must not be in the 783 * directory hierarchy above the target, as this would 784 * orphan everything below the source directory. Also 785 * the user must have write permission in the source so 786 * as to be able to change "..". We must repeat the call 787 * to namei, as the parent directory is unlocked by the 788 * call to checkpath(). 789 */ 790 error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred); 791 vn_unlock(fvp); 792 793 /* 794 * tvp (if not NULL) and tdvp are locked. fvp and fdvp are not. 795 * dp and xp are set according to tdvp and tvp. 796 */ 797 if (oldparent != dp->i_number) 798 newparent = dp->i_number; 799 if (doingdirectory && newparent) { 800 if (error) /* write access check above */ 801 goto bad; 802 803 /* 804 * Prepare for relookup, get rid of xp 805 */ 806 if (xp != NULL) { 807 vput(tvp); 808 xp = NULL; 809 } 810 811 /* 812 * checkpath vput()'s tdvp (VTOI(dp)) on return no matter what, 813 * get an extra ref so we wind up with just an unlocked, ref'd 814 * tdvp. The 'out' target skips xp and tdvp cleanups. Our 815 * tdvp is now unlocked so we have to clean it up ourselves. 816 */ 817 vref(tdvp); 818 error = ext2_checkpath(ip, dp, tcnp->cn_cred); 819 tcnp->cn_flags |= CNP_PDIRUNLOCK; 820 if (error) { 821 vrele(tdvp); 822 goto out; 823 } 824 /* 825 * relookup no longer messes with the ref count. An unlocked 826 * tdvp must be passed and if no error occurs a locked tdvp 827 * will be returned. We have to use the out target again. 828 */ 829 error = relookup(tdvp, &tvp, tcnp); 830 if (error) { 831 if (tcnp->cn_flags & CNP_PDIRUNLOCK) 832 vrele(tdvp); 833 else 834 vput(tdvp); 835 goto out; 836 } 837 838 /* 839 * tdvp is locked at this point. in the RENAME case tvp may 840 * be NULL without an error, assign xp accordingly. The 841 * 'bad' target can be used again after this. 842 */ 843 dp = VTOI(tdvp); 844 if (tvp) 845 xp = VTOI(tvp); 846 } 847 848 /* 849 * 2) If target doesn't exist, link the target 850 * to the source and unlink the source. 851 * Otherwise, rewrite the target directory 852 * entry to reference the source inode and 853 * expunge the original entry's existence. 854 */ 855 if (xp == NULL) { 856 if (dp->i_devvp != ip->i_devvp) 857 panic("ext2_rename: EXDEV"); 858 /* 859 * Account for ".." in new directory. 860 * When source and destination have the same 861 * parent we don't fool with the link count. 862 */ 863 if (doingdirectory && newparent) { 864 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 865 error = EMLINK; 866 goto bad; 867 } 868 error = ext2_inc_nlink(dp); 869 if (error) 870 goto bad; 871 872 dp->i_flag |= IN_CHANGE; 873 error = ext2_update(tdvp, !DOINGASYNC(tdvp)); 874 if (error) 875 goto bad; 876 } 877 error = ext2_direnter(ip, tdvp, tcnp); 878 if (error) { 879 if (doingdirectory && newparent) { 880 ext2_dec_nlink(dp); 881 dp->i_flag |= IN_CHANGE; 882 (void)ext2_update(tdvp, 1); 883 } 884 goto bad; 885 } 886 vput(tdvp); 887 } else { 888 if (xp->i_devvp != dp->i_devvp || xp->i_devvp != ip->i_devvp) 889 panic("ext2_rename: EXDEV"); 890 /* 891 * Short circuit rename(foo, foo). 892 */ 893 if (xp->i_number == ip->i_number) 894 panic("ext2_rename: same file"); 895 /* 896 * If the parent directory is "sticky", then the user must 897 * own the parent directory, or the destination of the rename, 898 * otherwise the destination may not be changed (except by 899 * root). This implements append-only directories. 900 */ 901 if ((dp->i_mode & S_ISTXT) && tcnp->cn_cred->cr_uid != 0 && 902 tcnp->cn_cred->cr_uid != dp->i_uid && 903 xp->i_uid != tcnp->cn_cred->cr_uid) { 904 error = EPERM; 905 goto bad; 906 } 907 /* 908 * Target must be empty if a directory and have no links 909 * to it. Also, ensure source and target are compatible 910 * (both directories, or both not directories). 911 */ 912 if ((xp->i_mode & IFMT) == IFDIR) { 913 if (!ext2_dirempty(xp, dp->i_number, tcnp->cn_cred)) { 914 error = ENOTEMPTY; 915 goto bad; 916 } 917 if (!doingdirectory) { 918 error = ENOTDIR; 919 goto bad; 920 } 921 } else if (doingdirectory) { 922 error = EISDIR; 923 goto bad; 924 } 925 error = ext2_dirrewrite(dp, ip, tcnp); 926 if (error) 927 goto bad; 928 /* 929 * If the target directory is in the same 930 * directory as the source directory, 931 * decrement the link count on the parent 932 * of the target directory. 933 */ 934 if (doingdirectory && !newparent) { 935 ext2_dec_nlink(dp); 936 dp->i_flag |= IN_CHANGE; 937 } 938 vput(tdvp); 939 /* 940 * Adjust the link count of the target to 941 * reflect the dirrewrite above. If this is 942 * a directory it is empty and there are 943 * no links to it, so we can squash the inode and 944 * any space associated with it. We disallowed 945 * renaming over top of a directory with links to 946 * it above, as the remaining link would point to 947 * a directory without "." or ".." entries. 948 */ 949 ext2_dec_nlink(xp); 950 if (doingdirectory) { 951 if (xp->i_nlink > 2) 952 panic("ext2_rename: linked directory"); 953 error = ext2_truncate(tvp, (off_t)0, IO_SYNC, 954 tcnp->cn_cred); 955 xp->i_nlink = 0; 956 } 957 xp->i_flag |= IN_CHANGE; 958 vput(tvp); 959 xp = NULL; 960 } 961 962 /* 963 * 3) Unlink the source. 964 */ 965 fcnp->cn_flags &= ~CNP_MODMASK; 966 fcnp->cn_flags |= CNP_LOCKPARENT; 967 //vref(fdvp); XXX 968 error = relookup(fdvp, &fvp, fcnp); 969 if (error) { 970 /* 971 * From name has disappeared. 972 */ 973 if (doingdirectory) 974 panic("ext2_rename: lost dir entry"); 975 /* ip->i_flag only sets IN_RENAME if doingdirectory */ 976 vrele(ap->a_fvp); 977 if (fcnp->cn_flags & CNP_PDIRUNLOCK) 978 vrele(fdvp); 979 else 980 vput(fdvp); 981 return (0); 982 } 983 KKASSERT((fcnp->cn_flags & CNP_PDIRUNLOCK) == 0); 984 985 /* 986 * This case shouldn't occur 987 */ 988 if (fvp == NULL) { 989 /* 990 * From name has disappeared. 991 */ 992 if (doingdirectory) 993 panic("ext2_rename: lost dir entry"); 994 /* ip->i_flag only sets IN_RENAME if doingdirectory */ 995 vrele(ap->a_fvp); 996 vput(fvp); 997 vput(fdvp); 998 return (0); 999 } 1000 1001 /* 1002 * fvp and fdvp are both ref'd and locked. 1003 */ 1004 xp = VTOI(fvp); 1005 dp = VTOI(fdvp); 1006 1007 /* 1008 * Ensure that the directory entry still exists and has not 1009 * changed while the new name has been entered. If the source is 1010 * a file then the entry may have been unlinked or renamed. In 1011 * either case there is no further work to be done. If the source 1012 * is a directory then it cannot have been rmdir'ed; its link 1013 * count of three would cause a rmdir to fail with ENOTEMPTY. 1014 * The IN_RENAME flag ensures that it cannot be moved by another 1015 * rename. 1016 */ 1017 if (xp != ip) { 1018 /* 1019 * From name resolves to a different inode. IN_RENAME is 1020 * not sufficient protection against timing window races 1021 * so we can't panic here. 1022 */ 1023 } else { 1024 /* 1025 * If the source is a directory with a 1026 * new parent, the link count of the old 1027 * parent directory must be decremented 1028 * and ".." set to point to the new parent. 1029 */ 1030 if (doingdirectory && newparent) { 1031 ext2_dec_nlink(dp); 1032 dp->i_flag |= IN_CHANGE; 1033 dirbuf = malloc(dp->i_e2fs->e2fs_bsize, M_TEMP, M_WAITOK | M_ZERO); 1034 error = vn_rdwr(UIO_READ, fvp, (caddr_t)&dirbuf, 1035 sizeof (struct dirtemplate), (off_t)0, 1036 UIO_SYSSPACE, IO_NODELOCKED, 1037 tcnp->cn_cred, NULL); 1038 if (error == 0) { 1039 /* Like ufs little-endian: */ 1040 namlen = dirbuf->dotdot_type; 1041 if (namlen != 2 || 1042 dirbuf->dotdot_name[0] != '.' || 1043 dirbuf->dotdot_name[1] != '.') { 1044 ext2_dirbad(xp, (doff_t)12, 1045 "rename: mangled dir"); 1046 } else { 1047 dirbuf->dotdot_ino = htole32(newparent); 1048 /* 1049 * dirblock 0 could be htree root, 1050 * try both csum update functions. 1051 */ 1052 ext2_dirent_csum_set(ip, 1053 (struct ext2fs_direct_2 *)dirbuf); 1054 ext2_dx_csum_set(ip, 1055 (struct ext2fs_direct_2 *)dirbuf); 1056 vn_rdwr(UIO_WRITE, fvp, 1057 (caddr_t)&dirbuf, 1058 sizeof (struct dirtemplate), 1059 (off_t)0, UIO_SYSSPACE, 1060 IO_NODELOCKED | IO_SYNC, 1061 tcnp->cn_cred, NULL); 1062 } 1063 } 1064 free(dirbuf, M_TEMP); 1065 } 1066 error = ext2_dirremove(fdvp, fcnp); 1067 if (!error) { 1068 ext2_dec_nlink(xp); 1069 xp->i_flag |= IN_CHANGE; 1070 } 1071 xp->i_flag &= ~IN_RENAME; 1072 } 1073 if (dp) 1074 vput(fdvp); 1075 if (xp) 1076 vput(fvp); 1077 vrele(ap->a_fvp); 1078 return (error); 1079 1080 bad: 1081 if (xp) 1082 vput(ITOV(xp)); 1083 vput(ITOV(dp)); 1084 out: 1085 if (doingdirectory) 1086 ip->i_flag &= ~IN_RENAME; 1087 if (vn_lock(fvp, LK_EXCLUSIVE) == 0) { 1088 ext2_dec_nlink(ip); 1089 ip->i_flag |= IN_CHANGE; 1090 ip->i_flag &= ~IN_RENAME; 1091 vput(fvp); 1092 } else 1093 vrele(fvp); 1094 return (error); 1095 } 1096 1097 /* 1098 * Mkdir system call 1099 */ 1100 static int 1101 ext2_mkdir(struct vop_old_mkdir_args *ap) 1102 { 1103 struct m_ext2fs *fs; 1104 struct vnode *dvp = ap->a_dvp; 1105 struct vattr *vap = ap->a_vap; 1106 struct componentname *cnp = ap->a_cnp; 1107 struct inode *ip, *dp; 1108 struct vnode *tvp; 1109 struct dirtemplate dirtemplate, *dtp; 1110 char *buf = NULL; 1111 int error, dmode; 1112 1113 dp = VTOI(dvp); 1114 if ((nlink_t)dp->i_nlink >= EXT4_LINK_MAX && 1115 !EXT2_HAS_RO_COMPAT_FEATURE(dp->i_e2fs, EXT2F_ROCOMPAT_DIR_NLINK)) { 1116 error = EMLINK; 1117 goto out; 1118 } 1119 dmode = vap->va_mode & 0777; 1120 dmode |= IFDIR; 1121 /* 1122 * Must simulate part of ext2_makeinode here to acquire the inode, 1123 * but not have it entered in the parent directory. The entry is 1124 * made later after writing "." and ".." entries. 1125 */ 1126 error = ext2_valloc(dvp, dmode, cnp->cn_cred, &tvp); 1127 if (error) 1128 goto out; 1129 ip = VTOI(tvp); 1130 fs = ip->i_e2fs; 1131 ip->i_gid = dp->i_gid; 1132 #ifdef SUIDDIR 1133 { 1134 /* 1135 * if we are hacking owners here, (only do this where told to) 1136 * and we are not giving it TOO root, (would subvert quotas) 1137 * then go ahead and give it to the other user. 1138 * The new directory also inherits the SUID bit. 1139 * If user's UID and dir UID are the same, 1140 * 'give it away' so that the SUID is still forced on. 1141 */ 1142 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 1143 (dp->i_mode & ISUID) && dp->i_uid) { 1144 dmode |= ISUID; 1145 ip->i_uid = dp->i_uid; 1146 } else { 1147 ip->i_uid = cnp->cn_cred->cr_uid; 1148 } 1149 } 1150 #else 1151 ip->i_uid = cnp->cn_cred->cr_uid; 1152 #endif 1153 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 1154 ip->i_mode = dmode; 1155 tvp->v_type = VDIR; /* Rest init'd in getnewvnode(). */ 1156 ip->i_nlink = 2; 1157 if (cnp->cn_flags & CNP_ISWHITEOUT) 1158 ip->i_flags |= UF_OPAQUE; 1159 error = ext2_update(tvp, 1); 1160 1161 /* 1162 * The vnode must have a VM object in order to issue buffer cache 1163 * ops on it. 1164 */ 1165 vinitvmio(tvp, 0, PAGE_SIZE, -1); 1166 1167 /* 1168 * Bump link count in parent directory 1169 * to reflect work done below. Should 1170 * be done before reference is created 1171 * so reparation is possible if we crash. 1172 */ 1173 ext2_inc_nlink(dp); 1174 dp->i_flag |= IN_CHANGE; 1175 error = ext2_update(dvp, !DOINGASYNC(dvp)); 1176 if (error) 1177 goto bad; 1178 1179 /* Initialize directory with "." and ".." from static template. */ 1180 if (EXT2_HAS_INCOMPAT_FEATURE(ip->i_e2fs, 1181 EXT2F_INCOMPAT_FTYPE)) 1182 dtp = &mastertemplate; 1183 else 1184 dtp = &omastertemplate; 1185 dirtemplate = *dtp; 1186 dirtemplate.dot_ino = htole32(ip->i_number); 1187 dirtemplate.dotdot_ino = htole32(dp->i_number); 1188 /* 1189 * note that in ext2 DIRBLKSIZ == blocksize, not DEV_BSIZE so let's 1190 * just redefine it - for this function only 1191 */ 1192 #undef DIRBLKSIZ 1193 #define DIRBLKSIZ VTOI(dvp)->i_e2fs->e2fs_bsize 1194 dirtemplate.dotdot_reclen = htole16(DIRBLKSIZ - 12); 1195 buf = malloc(DIRBLKSIZ, M_TEMP, M_WAITOK | M_ZERO); 1196 if (EXT2_HAS_RO_COMPAT_FEATURE(fs, EXT2F_ROCOMPAT_METADATA_CKSUM)) { 1197 dirtemplate.dotdot_reclen = 1198 htole16(le16toh(dirtemplate.dotdot_reclen) - 1199 sizeof(struct ext2fs_direct_tail)); 1200 ext2_init_dirent_tail(EXT2_DIRENT_TAIL(buf, DIRBLKSIZ)); 1201 } 1202 memcpy(buf, &dirtemplate, sizeof(dirtemplate)); 1203 ext2_dirent_csum_set(ip, (struct ext2fs_direct_2 *)buf); 1204 error = vn_rdwr(UIO_WRITE, tvp, (caddr_t)buf, 1205 DIRBLKSIZ, (off_t)0, UIO_SYSSPACE, 1206 IO_NODELOCKED | IO_SYNC, cnp->cn_cred, NULL); 1207 if (error) { 1208 ext2_dec_nlink(dp); 1209 dp->i_flag |= IN_CHANGE; 1210 goto bad; 1211 } 1212 if (DIRBLKSIZ > VFSTOEXT2(dvp->v_mount)->um_mountp->mnt_stat.f_bsize) 1213 /* XXX should grow with balloc() */ 1214 panic("ext2_mkdir: blksize"); 1215 else { 1216 ip->i_size = DIRBLKSIZ; 1217 ip->i_flag |= IN_CHANGE; 1218 } 1219 1220 /* Directory set up, now install its entry in the parent directory. */ 1221 error = ext2_direnter(ip, dvp, cnp); 1222 if (error) { 1223 ext2_dec_nlink(dp); 1224 dp->i_flag |= IN_CHANGE; 1225 } 1226 bad: 1227 /* 1228 * No need to do an explicit VOP_TRUNCATE here, vrele will do this 1229 * for us because we set the link count to 0. 1230 */ 1231 if (error) { 1232 ip->i_nlink = 0; 1233 ip->i_flag |= IN_CHANGE; 1234 vput(tvp); 1235 } else 1236 *ap->a_vpp = tvp; 1237 out: 1238 free(buf, M_TEMP); 1239 return (error); 1240 #undef DIRBLKSIZ 1241 #define DIRBLKSIZ DEV_BSIZE 1242 } 1243 1244 /* 1245 * Rmdir system call. 1246 */ 1247 static int 1248 ext2_rmdir(struct vop_old_rmdir_args *ap) 1249 { 1250 struct vnode *vp = ap->a_vp; 1251 struct vnode *dvp = ap->a_dvp; 1252 struct componentname *cnp = ap->a_cnp; 1253 struct inode *ip, *dp; 1254 int error; 1255 1256 ip = VTOI(vp); 1257 dp = VTOI(dvp); 1258 1259 /* 1260 * Verify the directory is empty (and valid). 1261 * (Rmdir ".." won't be valid since 1262 * ".." will contain a reference to 1263 * the current directory and thus be 1264 * non-empty.) 1265 */ 1266 if (!ext2_dirempty(ip, dp->i_number, cnp->cn_cred)) { 1267 error = ENOTEMPTY; 1268 goto out; 1269 } 1270 if ((dp->i_flags & APPEND) 1271 || (ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))) { 1272 error = EPERM; 1273 goto out; 1274 } 1275 /* 1276 * Delete reference to directory before purging 1277 * inode. If we crash in between, the directory 1278 * will be reattached to lost+found, 1279 */ 1280 error = ext2_dirremove(dvp, cnp); 1281 if (error) 1282 goto out; 1283 ext2_dec_nlink(dp); 1284 dp->i_flag |= IN_CHANGE; 1285 vn_unlock(dvp); 1286 /* 1287 * Truncate inode. The only stuff left 1288 * in the directory is "." and "..". 1289 */ 1290 ip->i_nlink = 0; 1291 error = ext2_truncate(vp, (off_t)0, IO_SYNC, cnp->cn_cred); 1292 vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY); 1293 out: 1294 return (error); 1295 } 1296 1297 /* 1298 * symlink -- make a symbolic link 1299 */ 1300 static int 1301 ext2_symlink(struct vop_old_symlink_args *ap) 1302 { 1303 struct vnode *vp, **vpp = ap->a_vpp; 1304 struct inode *ip; 1305 int len, error; 1306 1307 error = ext2_makeinode(IFLNK | ap->a_vap->va_mode, ap->a_dvp, 1308 vpp, ap->a_cnp); 1309 if (error) 1310 return (error); 1311 vp = *vpp; 1312 len = strlen(ap->a_target); 1313 if (len < vp->v_mount->mnt_maxsymlinklen) { 1314 ip = VTOI(vp); 1315 bcopy(ap->a_target, (char *)ip->i_shortlink, len); 1316 ip->i_size = len; 1317 ip->i_flag |= IN_CHANGE | IN_UPDATE; 1318 } else { 1319 /* 1320 * Make sure we have a VM object in order to use 1321 * the buffer cache. 1322 */ 1323 if (vp->v_object == NULL) 1324 vinitvmio(vp, 0, PAGE_SIZE, -1); 1325 1326 error = vn_rdwr(UIO_WRITE, vp, ap->a_target, len, (off_t)0, 1327 UIO_SYSSPACE, IO_NODELOCKED, ap->a_cnp->cn_cred, NULL); 1328 } 1329 if (error) 1330 vput(vp); 1331 return (error); 1332 } 1333 1334 /* 1335 * Return target name of a symbolic link 1336 */ 1337 static int 1338 ext2_readlink(struct vop_readlink_args *ap) 1339 { 1340 struct vnode *vp = ap->a_vp; 1341 struct inode *ip = VTOI(vp); 1342 int isize; 1343 1344 isize = ip->i_size; 1345 if (isize < vp->v_mount->mnt_maxsymlinklen) { 1346 uiomove((char *)ip->i_shortlink, isize, ap->a_uio); 1347 return (0); 1348 } 1349 return (VOP_READ(vp, ap->a_uio, 0, ap->a_cred)); 1350 } 1351 1352 /* 1353 * Calculate the logical to physical mapping if not done already, 1354 * then call the device strategy routine. 1355 * 1356 * In order to be able to swap to a file, the ext2_bmaparray() operation may not 1357 * deadlock on memory. See ext2_bmap() for details. 1358 */ 1359 static int 1360 ext2_strategy(struct vop_strategy_args *ap) 1361 { 1362 struct bio *bio = ap->a_bio; 1363 struct bio *nbio; 1364 struct buf *bp = bio->bio_buf; 1365 struct vnode *vp = ap->a_vp; 1366 struct inode *ip; 1367 int error; 1368 1369 ip = VTOI(vp); 1370 if (vp->v_type == VBLK || vp->v_type == VCHR) 1371 panic("ext2_strategy: spec"); 1372 nbio = push_bio(bio); 1373 if (nbio->bio_offset == NOOFFSET) { 1374 error = VOP_BMAP(vp, bio->bio_offset, &nbio->bio_offset, NULL, 1375 NULL, bp->b_cmd); 1376 if (error) { 1377 bp->b_error = error; 1378 bp->b_flags |= B_ERROR; 1379 /* I/O was never started on nbio, must biodone(bio) */ 1380 biodone(bio); 1381 return (error); 1382 } 1383 if (nbio->bio_offset == NOOFFSET) 1384 vfs_bio_clrbuf(bp); 1385 } 1386 if (nbio->bio_offset == NOOFFSET) { 1387 /* I/O was never started on nbio, must biodone(bio) */ 1388 biodone(bio); 1389 return (0); 1390 } 1391 vn_strategy(ip->i_devvp, nbio); 1392 return (0); 1393 } 1394 1395 /* 1396 * Print out the contents of an inode. 1397 */ 1398 static int 1399 ext2_print(struct vop_print_args *ap) 1400 { 1401 struct vnode *vp = ap->a_vp; 1402 struct inode *ip = VTOI(vp); 1403 1404 printf("tag VT_EXT2FS, ino %lu, on dev %s (%d, %d)", 1405 (u_long)ip->i_number, devtoname(ip->i_dev), major(ip->i_dev), 1406 minor(ip->i_dev)); 1407 if (vp->v_type == VFIFO) 1408 fifo_printinfo(vp); 1409 lockmgr_printinfo(&vp->v_lock); 1410 printf("\n"); 1411 return (0); 1412 } 1413 1414 /* 1415 * Read wrapper for fifos. 1416 */ 1417 static 1418 int 1419 ext2fifo_read(struct vop_read_args *ap) 1420 { 1421 int error, resid; 1422 struct inode *ip; 1423 struct uio *uio; 1424 1425 uio = ap->a_uio; 1426 resid = uio->uio_resid; 1427 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 1428 ip = VTOI(ap->a_vp); 1429 if ((ap->a_vp->v_mount->mnt_flag & MNT_NOATIME) == 0 && ip != NULL && 1430 (uio->uio_resid != resid || (error == 0 && resid != 0))) 1431 VTOI(ap->a_vp)->i_flag |= IN_ACCESS; 1432 return (error); 1433 } 1434 1435 /* 1436 * Write wrapper for fifos. 1437 */ 1438 static 1439 int 1440 ext2fifo_write(struct vop_write_args *ap) 1441 { 1442 int error, resid; 1443 struct inode *ip; 1444 struct uio *uio; 1445 1446 uio = ap->a_uio; 1447 resid = uio->uio_resid; 1448 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 1449 ip = VTOI(ap->a_vp); 1450 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 1451 VTOI(ap->a_vp)->i_flag |= IN_CHANGE | IN_UPDATE; 1452 return (error); 1453 } 1454 1455 /* 1456 * Close wrapper for fifos. 1457 * 1458 * Update the times on the inode then do device close. 1459 */ 1460 static int 1461 ext2fifo_close(struct vop_close_args *ap) 1462 { 1463 struct vnode *vp = ap->a_vp; 1464 1465 if (VREFCNT(vp) > 1) 1466 ext2_itimes(vp); 1467 return (VOCALL(&fifo_vnode_vops, &ap->a_head)); 1468 } 1469 1470 static void 1471 filt_ext2detach(struct knote *kn) 1472 { 1473 struct vnode *vp = (struct vnode *)kn->kn_hook; 1474 1475 lwkt_gettoken(&vp->v_token); 1476 knote_remove(&vp->v_pollinfo.vpi_kqinfo.ki_note, kn); 1477 lwkt_reltoken(&vp->v_token); 1478 } 1479 1480 /*ARGSUSED*/ 1481 static int 1482 filt_ext2read(struct knote *kn, long hint) 1483 { 1484 struct vnode *vp = (struct vnode *)kn->kn_hook; 1485 struct inode *ip = VTOI(vp); 1486 off_t off; 1487 1488 /* 1489 * filesystem is gone, so set the EOF flag and schedule 1490 * the knote for deletion. 1491 */ 1492 if (hint == NOTE_REVOKE) { 1493 kn->kn_flags |= (EV_EOF | EV_NODATA | EV_ONESHOT); 1494 return (1); 1495 } 1496 off = ip->i_size - kn->kn_fp->f_offset; 1497 kn->kn_data = (off < INTPTR_MAX) ? off : INTPTR_MAX; 1498 if (kn->kn_sfflags & NOTE_OLDAPI) 1499 return (1); 1500 return (kn->kn_data != 0); 1501 } 1502 1503 /*ARGSUSED*/ 1504 static int 1505 filt_ext2write(struct knote *kn, long hint) 1506 { 1507 /* 1508 * filesystem is gone, so set the EOF flag and schedule 1509 * the knote for deletion. 1510 */ 1511 if (hint == NOTE_REVOKE) 1512 kn->kn_flags |= (EV_EOF | EV_NODATA | EV_ONESHOT); 1513 1514 kn->kn_data = 0; 1515 return (1); 1516 } 1517 1518 static int 1519 filt_ext2vnode(struct knote *kn, long hint) 1520 { 1521 if (kn->kn_sfflags & hint) 1522 kn->kn_fflags |= hint; 1523 if (hint == NOTE_REVOKE) { 1524 kn->kn_flags |= (EV_EOF | EV_NODATA); 1525 return (1); 1526 } 1527 return (kn->kn_fflags != 0); 1528 } 1529 1530 static struct filterops ext2read_filtops = 1531 { FILTEROP_ISFD | FILTEROP_MPSAFE, NULL, filt_ext2detach, filt_ext2read }; 1532 static struct filterops ext2write_filtops = 1533 { FILTEROP_ISFD | FILTEROP_MPSAFE, NULL, filt_ext2detach, filt_ext2write }; 1534 static struct filterops ext2vnode_filtops = 1535 { FILTEROP_ISFD | FILTEROP_MPSAFE, NULL, filt_ext2detach, filt_ext2vnode }; 1536 1537 static int 1538 ext2_kqfilter(struct vop_kqfilter_args *ap) 1539 { 1540 struct vnode *vp = ap->a_vp; 1541 struct knote *kn = ap->a_kn; 1542 1543 switch (kn->kn_filter) { 1544 case EVFILT_READ: 1545 kn->kn_fop = &ext2read_filtops; 1546 break; 1547 case EVFILT_WRITE: 1548 kn->kn_fop = &ext2write_filtops; 1549 break; 1550 case EVFILT_VNODE: 1551 kn->kn_fop = &ext2vnode_filtops; 1552 break; 1553 default: 1554 return (EOPNOTSUPP); 1555 } 1556 1557 kn->kn_hook = (caddr_t)vp; 1558 1559 /* XXX: kq token actually protects the list */ 1560 lwkt_gettoken(&vp->v_token); 1561 knote_insert(&vp->v_pollinfo.vpi_kqinfo.ki_note, kn); 1562 lwkt_reltoken(&vp->v_token); 1563 1564 return (0); 1565 } 1566 1567 /* 1568 * Kqfilter wrapper for fifos. 1569 * 1570 * Fall through to ext2 kqfilter routines if needed 1571 */ 1572 static int 1573 ext2fifo_kqfilter(struct vop_kqfilter_args *ap) 1574 { 1575 int error; 1576 1577 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 1578 if (error) 1579 error = ext2_kqfilter(ap); 1580 return (error); 1581 } 1582 1583 /* 1584 * Return POSIX pathconf information applicable to ext2 filesystems. 1585 */ 1586 static int 1587 ext2_pathconf(struct vop_pathconf_args *ap) 1588 { 1589 int error = 0; 1590 1591 switch (ap->a_name) { 1592 case _PC_LINK_MAX: 1593 if (EXT2_HAS_RO_COMPAT_FEATURE(VTOI(ap->a_vp)->i_e2fs, 1594 EXT2F_ROCOMPAT_DIR_NLINK)) 1595 *ap->a_retval = INT_MAX; 1596 else 1597 *ap->a_retval = EXT4_LINK_MAX; 1598 break; 1599 case _PC_NAME_MAX: 1600 *ap->a_retval = NAME_MAX; 1601 break; 1602 case _PC_PATH_MAX: 1603 *ap->a_retval = PATH_MAX; 1604 break; 1605 case _PC_PIPE_BUF: 1606 if (ap->a_vp->v_type == VDIR || ap->a_vp->v_type == VFIFO) 1607 *ap->a_retval = PIPE_BUF; 1608 else 1609 error = EINVAL; 1610 break; 1611 case _PC_CHOWN_RESTRICTED: 1612 *ap->a_retval = 1; 1613 break; 1614 case _PC_NO_TRUNC: 1615 *ap->a_retval = 1; 1616 break; 1617 case _PC_MIN_HOLE_SIZE: 1618 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize; 1619 break; 1620 case _PC_PRIO_IO: 1621 *ap->a_retval = 0; 1622 break; 1623 case _PC_SYNC_IO: 1624 *ap->a_retval = 0; 1625 break; 1626 case _PC_ALLOC_SIZE_MIN: 1627 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_bsize; 1628 break; 1629 case _PC_FILESIZEBITS: 1630 *ap->a_retval = 64; 1631 break; 1632 case _PC_REC_INCR_XFER_SIZE: 1633 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize; 1634 break; 1635 case _PC_REC_MAX_XFER_SIZE: 1636 *ap->a_retval = -1; /* means ``unlimited'' */ 1637 break; 1638 case _PC_REC_MIN_XFER_SIZE: 1639 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize; 1640 break; 1641 case _PC_REC_XFER_ALIGN: 1642 *ap->a_retval = PAGE_SIZE; 1643 break; 1644 case _PC_SYMLINK_MAX: 1645 *ap->a_retval = MAXPATHLEN; 1646 break; 1647 1648 default: 1649 error = vop_stdpathconf(ap); 1650 break; 1651 } 1652 return (error); 1653 } 1654 1655 /* 1656 * Initialize the vnode associated with a new inode, handle aliased vnodes. 1657 */ 1658 int 1659 ext2_vinit(struct mount *mntp, struct vnode **vpp) 1660 { 1661 struct inode *ip; 1662 struct vnode *vp; 1663 1664 vp = *vpp; 1665 ip = VTOI(vp); 1666 1667 switch (vp->v_type = IFTOVT(ip->i_mode)) { 1668 case VCHR: 1669 case VBLK: 1670 vp->v_ops = &mntp->mnt_vn_spec_ops; 1671 addaliasu(vp, umajor(ip->i_rdev), uminor(ip->i_rdev)); 1672 break; 1673 case VFIFO: 1674 vp->v_ops = &mntp->mnt_vn_fifo_ops; 1675 break; 1676 case VDIR: 1677 case VREG: 1678 vinitvmio(vp, ip->i_size, PAGE_SIZE, -1); /* XXX */ 1679 break; 1680 case VLNK: 1681 if ((ip->i_size >= vp->v_mount->mnt_maxsymlinklen) && 1682 ip->i_blocks != 0) { 1683 vinitvmio(vp, ip->i_size, PAGE_SIZE, -1); 1684 } 1685 break; 1686 default: 1687 break; 1688 } 1689 1690 /* 1691 * Only unallocated inodes should be of type VNON. 1692 */ 1693 if (ip->i_mode != 0 && vp->v_type == VNON) 1694 return (EINVAL); 1695 1696 if (ip->i_number == EXT2_ROOTINO) 1697 vp->v_flag |= VROOT; 1698 /* 1699 * Initialize modrev times. 1700 */ 1701 ip->i_modrev = init_va_filerev(); 1702 *vpp = vp; 1703 return (0); 1704 } 1705 1706 /* 1707 * Allocate a new inode. 1708 */ 1709 static int 1710 ext2_makeinode(int mode, struct vnode *dvp, struct vnode **vpp, 1711 struct componentname *cnp) 1712 { 1713 struct inode *ip, *pdir; 1714 struct vnode *tvp; 1715 int error; 1716 1717 pdir = VTOI(dvp); 1718 *vpp = NULL; 1719 if ((mode & IFMT) == 0) 1720 mode |= IFREG; 1721 1722 error = ext2_valloc(dvp, mode, cnp->cn_cred, &tvp); 1723 if (error) { 1724 return (error); 1725 } 1726 ip = VTOI(tvp); 1727 ip->i_gid = pdir->i_gid; 1728 #ifdef SUIDDIR 1729 { 1730 /* 1731 * if we are 1732 * not the owner of the directory, 1733 * and we are hacking owners here, (only do this where told to) 1734 * and we are not giving it TOO root, (would subvert quotas) 1735 * then go ahead and give it to the other user. 1736 * Note that this drops off the execute bits for security. 1737 */ 1738 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 1739 (pdir->i_mode & ISUID) && 1740 (pdir->i_uid != cnp->cn_cred->cr_uid) && pdir->i_uid) { 1741 ip->i_uid = pdir->i_uid; 1742 mode &= ~07111; 1743 } else { 1744 ip->i_uid = cnp->cn_cred->cr_uid; 1745 } 1746 } 1747 #else 1748 ip->i_uid = cnp->cn_cred->cr_uid; 1749 #endif 1750 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 1751 ip->i_mode = mode; 1752 tvp->v_type = IFTOVT(mode); /* Rest init'd in getnewvnode(). */ 1753 ip->i_nlink = 1; 1754 if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred)) { 1755 if (priv_check_cred(cnp->cn_cred, PRIV_VFS_RETAINSUGID, 0)) 1756 ip->i_mode &= ~ISGID; 1757 } 1758 1759 if (cnp->cn_flags & CNP_ISWHITEOUT) 1760 ip->i_flags |= UF_OPAQUE; 1761 1762 /* 1763 * Regular files and directories need VM objects. Softlinks do 1764 * not (not immediately anyway). 1765 */ 1766 if (tvp->v_type == VREG || tvp->v_type == VDIR) 1767 vinitvmio(tvp, 0, PAGE_SIZE, -1); 1768 1769 /* 1770 * Make sure inode goes to disk before directory entry. 1771 */ 1772 error = ext2_update(tvp, !DOINGASYNC(tvp)); 1773 if (error) 1774 goto bad; 1775 1776 error = ext2_direnter(ip, dvp, cnp); 1777 if (error) 1778 goto bad; 1779 1780 *vpp = tvp; 1781 return (0); 1782 1783 bad: 1784 /* 1785 * Write error occurred trying to update the inode 1786 * or the directory so must deallocate the inode. 1787 */ 1788 ip->i_nlink = 0; 1789 ip->i_flag |= IN_CHANGE; 1790 vput(tvp); 1791 return (error); 1792 } 1793 1794 /* 1795 * Vnode op for reading. 1796 */ 1797 static int 1798 ext2_read(struct vop_read_args *ap) 1799 { 1800 struct vnode *vp; 1801 struct inode *ip; 1802 struct uio *uio; 1803 struct m_ext2fs *fs; 1804 struct buf *bp; 1805 daddr_t lbn; 1806 off_t nextlbn; 1807 off_t nextloffset; 1808 off_t bytesinfile; 1809 long size, xfersize, blkoffset; 1810 int error, orig_resid, seqcount; 1811 int ioflag; 1812 1813 vp = ap->a_vp; 1814 uio = ap->a_uio; 1815 ioflag = ap->a_ioflag; 1816 1817 seqcount = ap->a_ioflag >> IO_SEQSHIFT; 1818 ip = VTOI(vp); 1819 1820 #ifdef INVARIANTS 1821 if (uio->uio_rw != UIO_READ) 1822 panic("%s: mode", "ext2_read"); 1823 1824 if (vp->v_type == VLNK) { 1825 if ((int)ip->i_size < vp->v_mount->mnt_maxsymlinklen) 1826 panic("%s: short symlink", "ext2_read"); 1827 } else if (vp->v_type != VREG && vp->v_type != VDIR) 1828 panic("%s: type %d", "ext2_read", vp->v_type); 1829 #endif 1830 orig_resid = uio->uio_resid; 1831 KASSERT(orig_resid >= 0, ("ext2_read: uio->uio_resid < 0")); 1832 if (orig_resid == 0) 1833 return (0); 1834 KASSERT(uio->uio_offset >= 0, ("ext2_read: uio->uio_offset < 0")); 1835 fs = ip->i_e2fs; 1836 if (uio->uio_offset < ip->i_size && 1837 uio->uio_offset >= fs->e2fs_maxfilesize) 1838 return (EOVERFLOW); 1839 1840 for (error = 0, bp = NULL; uio->uio_resid > 0; bp = NULL) { 1841 if ((bytesinfile = ip->i_size - uio->uio_offset) <= 0) 1842 break; 1843 lbn = lblkno(fs, uio->uio_offset); 1844 nextlbn = lbn + 1; 1845 nextloffset = lblktodoff(fs, nextlbn); 1846 size = blksize(fs, ip, lbn); 1847 blkoffset = blkoff(fs, uio->uio_offset); 1848 1849 xfersize = fs->e2fs_fsize - blkoffset; 1850 if (uio->uio_resid < xfersize) 1851 xfersize = uio->uio_resid; 1852 if (bytesinfile < xfersize) 1853 xfersize = bytesinfile; 1854 1855 if (nextloffset >= ip->i_size) 1856 error = bread(vp, lblktodoff(fs, lbn), size, &bp); 1857 else if ((vp->v_mount->mnt_flag & MNT_NOCLUSTERR) == 0) { 1858 error = cluster_read(vp, (off_t)ip->i_size, 1859 lblktodoff(fs, lbn), size, uio->uio_resid, 1860 (ap->a_ioflag >> IO_SEQSHIFT) * MAXBSIZE, &bp); 1861 } else if (seqcount > 1) { 1862 u_int nextsize = blksize(fs, ip, nextlbn); 1863 1864 error = breadn(vp, lblktodoff(fs, lbn), size, 1865 &nextloffset, &nextsize, 1, &bp); 1866 } else 1867 error = bread(vp, lblktodoff(fs, lbn), size, &bp); 1868 if (error) { 1869 brelse(bp); 1870 bp = NULL; 1871 break; 1872 } 1873 1874 /* 1875 * We should only get non-zero b_resid when an I/O error 1876 * has occurred, which should cause us to break above. 1877 * However, if the short read did not cause an error, 1878 * then we want to ensure that we do not uiomove bad 1879 * or uninitialized data. 1880 */ 1881 size -= bp->b_resid; 1882 if (size < xfersize) { 1883 if (size == 0) 1884 break; 1885 xfersize = size; 1886 } 1887 error = uiomove((char *)bp->b_data + blkoffset, 1888 (int)xfersize, uio); 1889 if (error) 1890 break; 1891 bqrelse(bp); 1892 } 1893 1894 /* 1895 * This can only happen in the case of an error because the loop 1896 * above resets bp to NULL on each iteration and on normal 1897 * completion has not set a new value into it. so it must have come 1898 * from a 'break' statement 1899 */ 1900 if (bp != NULL) 1901 bqrelse(bp); 1902 1903 if ((error == 0 || uio->uio_resid != orig_resid) && 1904 (vp->v_mount->mnt_flag & (MNT_NOATIME | MNT_RDONLY)) == 0) 1905 ip->i_flag |= IN_ACCESS; 1906 return (error); 1907 } 1908 1909 /* 1910 * Vnode op for writing. 1911 */ 1912 static int 1913 ext2_write(struct vop_write_args *ap) 1914 { 1915 struct vnode *vp; 1916 struct uio *uio; 1917 struct inode *ip; 1918 struct m_ext2fs *fs; 1919 struct buf *bp; 1920 struct thread *td; 1921 daddr_t lbn; 1922 off_t osize; 1923 int blkoffset, error, flags, ioflag, resid, size, seqcount, xfersize; 1924 1925 ioflag = ap->a_ioflag; 1926 uio = ap->a_uio; 1927 vp = ap->a_vp; 1928 1929 seqcount = ioflag >> IO_SEQSHIFT; 1930 ip = VTOI(vp); 1931 1932 #ifdef INVARIANTS 1933 if (uio->uio_rw != UIO_WRITE) 1934 panic("%s: mode", "ext2_write"); 1935 #endif 1936 1937 switch (vp->v_type) { 1938 case VREG: 1939 if (ioflag & IO_APPEND) 1940 uio->uio_offset = ip->i_size; 1941 if ((ip->i_flags & APPEND) && uio->uio_offset != ip->i_size) 1942 return (EPERM); 1943 /* FALLTHROUGH */ 1944 case VLNK: 1945 break; 1946 case VDIR: 1947 /* XXX differs from ffs -- this is called from ext2_mkdir(). */ 1948 if ((ioflag & IO_SYNC) == 0) 1949 panic("ext2_write: nonsync dir write"); 1950 break; 1951 default: 1952 panic("ext2_write: type %p %d (%jd,%jd)", (void *)vp, 1953 vp->v_type, (intmax_t)uio->uio_offset, 1954 (intmax_t)uio->uio_resid); 1955 } 1956 1957 KASSERT(uio->uio_resid >= 0, ("ext2_write: uio->uio_resid < 0")); 1958 KASSERT(uio->uio_offset >= 0, ("ext2_write: uio->uio_offset < 0")); 1959 fs = ip->i_e2fs; 1960 if ((uoff_t)uio->uio_offset + uio->uio_resid > fs->e2fs_maxfilesize) 1961 return (EFBIG); 1962 /* 1963 * Maybe this should be above the vnode op call, but so long as 1964 * file servers have no limits, I don't think it matters. 1965 */ 1966 td = uio->uio_td; 1967 if (vp->v_type == VREG && td && td->td_proc && 1968 uio->uio_offset + uio->uio_resid > 1969 td->td_proc->p_rlimit[RLIMIT_FSIZE].rlim_cur) { 1970 lwpsignal(td->td_proc, td->td_lwp, SIGXFSZ); 1971 return (EFBIG); 1972 } 1973 1974 resid = uio->uio_resid; 1975 osize = ip->i_size; 1976 if (seqcount > BA_SEQMAX) 1977 flags = BA_SEQMAX << BA_SEQSHIFT; 1978 else 1979 flags = seqcount << BA_SEQSHIFT; 1980 if ((ioflag & IO_SYNC) && !DOINGASYNC(vp)) 1981 flags |= IO_SYNC; 1982 1983 for (error = 0; uio->uio_resid > 0;) { 1984 lbn = lblkno(fs, uio->uio_offset); 1985 blkoffset = blkoff(fs, uio->uio_offset); 1986 xfersize = fs->e2fs_fsize - blkoffset; 1987 if (uio->uio_resid < xfersize) 1988 xfersize = uio->uio_resid; 1989 if (uio->uio_offset + xfersize > ip->i_size) 1990 vnode_pager_setsize(vp, uio->uio_offset + xfersize); 1991 1992 /* 1993 * We must perform a read-before-write if the transfer size 1994 * does not cover the entire buffer. 1995 */ 1996 if (fs->e2fs_bsize > xfersize) 1997 flags |= BA_CLRBUF; 1998 else 1999 flags &= ~BA_CLRBUF; 2000 error = ext2_balloc(ip, lbn, blkoffset + xfersize, 2001 ap->a_cred, &bp, flags); 2002 if (error != 0) 2003 break; 2004 2005 if ((ioflag & (IO_SYNC | IO_INVAL)) == (IO_SYNC | IO_INVAL)) 2006 bp->b_flags |= B_NOCACHE; 2007 if (uio->uio_offset + xfersize > ip->i_size) 2008 ip->i_size = uio->uio_offset + xfersize; 2009 size = blksize(fs, ip, lbn) - bp->b_resid; 2010 if (size < xfersize) 2011 xfersize = size; 2012 2013 error = 2014 uiomove((char *)bp->b_data + blkoffset, (int)xfersize, uio); 2015 if ((ioflag & IO_VMIO) && 2016 LIST_FIRST(&bp->b_dep) == NULL) /* in ext2fs? */ 2017 bp->b_flags |= B_RELBUF; 2018 /* 2019 * If the buffer is not already filled and we encounter an 2020 * error while trying to fill it, we have to clear out any 2021 * garbage data from the pages instantiated for the buffer. 2022 * If we do not, a failed uiomove() during a write can leave 2023 * the prior contents of the pages exposed to a userland mmap. 2024 * 2025 * Note that we need only clear buffers with a transfer size 2026 * equal to the block size because buffers with a shorter 2027 * transfer size were cleared above by the call to ext2_balloc() 2028 * with the BA_CLRBUF flag set. 2029 * 2030 * If the source region for uiomove identically mmaps the 2031 * buffer, uiomove() performed the NOP copy, and the buffer 2032 * content remains valid because the page fault handler 2033 * validated the pages. 2034 */ 2035 if (error != 0 && (bp->b_flags & B_CACHE) == 0 && 2036 fs->e2fs_bsize == xfersize) 2037 vfs_bio_clrbuf(bp); 2038 2039 /* 2040 * If IO_SYNC each buffer is written synchronously. Otherwise 2041 * if we have a severe page deficiency write the buffer 2042 * asynchronously. Otherwise try to cluster, and if that 2043 * doesn't do it then either do an async write (if O_DIRECT), 2044 * or a delayed write (if not). 2045 */ 2046 if (ioflag & IO_SYNC) { 2047 (void)bwrite(bp); 2048 } else if (vm_paging_severe() || 2049 buf_dirty_count_severe() || 2050 (ioflag & IO_ASYNC)) 2051 { 2052 bp->b_flags |= B_CLUSTEROK; 2053 bawrite(bp); 2054 } else if (xfersize + blkoffset == fs->e2fs_fsize) { 2055 if ((vp->v_mount->mnt_flag & MNT_NOCLUSTERW) == 0) { 2056 bp->b_flags |= B_CLUSTEROK; 2057 cluster_write(bp, (off_t)ip->i_size, 2058 vp->v_mount->mnt_stat.f_iosize, seqcount); 2059 } else { 2060 bawrite(bp); 2061 } 2062 } else if (ioflag & IO_DIRECT) { 2063 bp->b_flags |= B_CLUSTEROK; 2064 bawrite(bp); 2065 } else { 2066 bp->b_flags |= B_CLUSTEROK; 2067 bdwrite(bp); 2068 } 2069 if (error || xfersize == 0) 2070 break; 2071 } 2072 /* 2073 * If we successfully wrote any data, and we are not the superuser 2074 * we clear the setuid and setgid bits as a precaution against 2075 * tampering. 2076 */ 2077 if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid && 2078 ap->a_cred) { 2079 if (priv_check_cred(ap->a_cred, PRIV_VFS_RETAINSUGID, 0)) 2080 ip->i_mode &= ~(ISUID | ISGID); 2081 } 2082 if (error) { 2083 if (ioflag & IO_UNIT) { 2084 (void)ext2_truncate(vp, osize, ioflag & IO_SYNC, 2085 ap->a_cred); 2086 uio->uio_offset -= resid - uio->uio_resid; 2087 uio->uio_resid = resid; 2088 } 2089 } 2090 if (uio->uio_resid != resid) { 2091 ip->i_flag |= IN_CHANGE | IN_UPDATE; 2092 if (ioflag & IO_SYNC) 2093 error = ext2_update(vp, 1); 2094 } 2095 return (error); 2096 } 2097 2098 /* Global vfs data structures for ext2. */ 2099 struct vop_ops ext2_vnodeops = { 2100 .vop_default = vop_defaultop, 2101 .vop_access = ext2_access, 2102 .vop_bmap = ext2_bmap, 2103 .vop_old_lookup = ext2_lookup, 2104 .vop_close = ext2_close, 2105 .vop_old_create = ext2_create, 2106 .vop_fsync = ext2_fsync, 2107 .vop_getpages = vop_stdgetpages, 2108 .vop_putpages = vop_stdputpages, 2109 .vop_getattr = ext2_getattr, 2110 .vop_inactive = ext2_inactive, 2111 .vop_old_link = ext2_link, 2112 .vop_old_lookup = ext2_lookup, 2113 .vop_old_mkdir = ext2_mkdir, 2114 .vop_old_mknod = ext2_mknod, 2115 .vop_open = ext2_open, 2116 .vop_pathconf = ext2_pathconf, 2117 .vop_print = ext2_print, 2118 .vop_read = ext2_read, 2119 .vop_readdir = ext2_readdir, 2120 .vop_readlink = ext2_readlink, 2121 .vop_reallocblks = ext2_reallocblks, 2122 .vop_reclaim = ext2_reclaim, 2123 .vop_old_remove = ext2_remove, 2124 .vop_old_rename = ext2_rename, 2125 .vop_old_rmdir = ext2_rmdir, 2126 .vop_setattr = ext2_setattr, 2127 .vop_strategy = ext2_strategy, 2128 .vop_old_symlink = ext2_symlink, 2129 .vop_write = ext2_write, 2130 }; 2131 2132 struct vop_ops ext2_specops = { 2133 .vop_default = vop_defaultop, 2134 .vop_access = ext2_access, 2135 .vop_close = ext2_close, 2136 .vop_fsync = ext2_fsync, 2137 .vop_getattr = ext2_getattr, 2138 .vop_inactive = ext2_inactive, 2139 .vop_pathconf = ext2_pathconf, 2140 .vop_print = ext2_print, 2141 .vop_read = vop_stdnoread, 2142 .vop_reclaim = ext2_reclaim, 2143 .vop_setattr = ext2_setattr, 2144 .vop_write = vop_stdnowrite 2145 }; 2146 2147 struct vop_ops ext2_fifoops = { 2148 .vop_default = fifo_vnoperate, 2149 .vop_access = ext2_access, 2150 .vop_close = ext2fifo_close, 2151 .vop_fsync = ext2_fsync, 2152 .vop_getattr = ext2_getattr, 2153 .vop_inactive = ext2_inactive, 2154 .vop_kqfilter = ext2fifo_kqfilter, 2155 .vop_pathconf = ext2_pathconf, 2156 .vop_print = ext2_print, 2157 .vop_read = ext2fifo_read, 2158 .vop_reclaim = ext2_reclaim, 2159 .vop_setattr = ext2_setattr, 2160 .vop_write = ext2fifo_write 2161 }; 2162 2163 VNODEOP_SET(ext2_vnodeops); 2164 VNODEOP_SET(ext2_specops); 2165 VNODEOP_SET(ext2_fifoops); 2166