1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)ufs_lookup.c 8.15 (Berkeley) 6/16/95 39 * $FreeBSD: src/sys/ufs/ufs/ufs_lookup.c,v 1.33.2.7 2001/09/22 19:22:13 iedowse Exp $ 40 * $DragonFly: src/sys/vfs/ufs/ufs_lookup.c,v 1.4 2003/07/06 21:23:55 dillon Exp $ 41 */ 42 43 #include "opt_ufs.h" 44 45 #include <sys/param.h> 46 #include <sys/systm.h> 47 #include <sys/kernel.h> 48 #include <sys/buf.h> 49 #include <sys/proc.h> 50 #include <sys/namei.h> 51 #include <sys/stat.h> 52 #include <sys/mount.h> 53 #include <sys/vnode.h> 54 #include <sys/sysctl.h> 55 56 #include <vm/vm.h> 57 #include <vm/vm_extern.h> 58 59 #include <ufs/ufs/quota.h> 60 #include <ufs/ufs/inode.h> 61 #include <ufs/ufs/dir.h> 62 #ifdef UFS_DIRHASH 63 #include <ufs/ufs/dirhash.h> 64 #endif 65 #include <ufs/ufs/ufsmount.h> 66 #include <ufs/ufs/ufs_extern.h> 67 68 #ifdef DIAGNOSTIC 69 int dirchk = 1; 70 #else 71 int dirchk = 0; 72 #endif 73 74 SYSCTL_INT(_debug, OID_AUTO, dircheck, CTLFLAG_RW, &dirchk, 0, ""); 75 76 /* true if old FS format...*/ 77 #define OFSFMT(vp) ((vp)->v_mount->mnt_maxsymlinklen <= 0) 78 79 /* 80 * Convert a component of a pathname into a pointer to a locked inode. 81 * This is a very central and rather complicated routine. 82 * If the file system is not maintained in a strict tree hierarchy, 83 * this can result in a deadlock situation (see comments in code below). 84 * 85 * The cnp->cn_nameiop argument is LOOKUP, CREATE, RENAME, or DELETE depending 86 * on whether the name is to be looked up, created, renamed, or deleted. 87 * When CREATE, RENAME, or DELETE is specified, information usable in 88 * creating, renaming, or deleting a directory entry may be calculated. 89 * If flag has LOCKPARENT or'ed into it and the target of the pathname 90 * exists, lookup returns both the target and its parent directory locked. 91 * When creating or renaming and LOCKPARENT is specified, the target may 92 * not be ".". When deleting and LOCKPARENT is specified, the target may 93 * be "."., but the caller must check to ensure it does an vrele and vput 94 * instead of two vputs. 95 * 96 * This routine is actually used as VOP_CACHEDLOOKUP method, and the 97 * filesystem employs the generic vfs_cache_lookup() as VOP_LOOKUP 98 * method. 99 * 100 * vfs_cache_lookup() performs the following for us: 101 * check that it is a directory 102 * check accessibility of directory 103 * check for modification attempts on read-only mounts 104 * if name found in cache 105 * if at end of path and deleting or creating 106 * drop it 107 * else 108 * return name. 109 * return VOP_CACHEDLOOKUP() 110 * 111 * Overall outline of ufs_lookup: 112 * 113 * search for name in directory, to found or notfound 114 * notfound: 115 * if creating, return locked directory, leaving info on available slots 116 * else return error 117 * found: 118 * if at end of path and deleting, return information to allow delete 119 * if at end of path and rewriting (RENAME and LOCKPARENT), lock target 120 * inode and return info to allow rewrite 121 * if not at end, add name to cache; if at end and neither creating 122 * nor deleting, add name to cache 123 */ 124 int 125 ufs_lookup(ap) 126 struct vop_cachedlookup_args /* { 127 struct vnode *a_dvp; 128 struct vnode **a_vpp; 129 struct componentname *a_cnp; 130 } */ *ap; 131 { 132 register struct vnode *vdp; /* vnode for directory being searched */ 133 register struct inode *dp; /* inode for directory being searched */ 134 struct buf *bp; /* a buffer of directory entries */ 135 struct direct *ep; /* the current directory entry */ 136 int entryoffsetinblock; /* offset of ep in bp's buffer */ 137 enum {NONE, COMPACT, FOUND} slotstatus; 138 doff_t slotoffset; /* offset of area with free space */ 139 int slotsize; /* size of area at slotoffset */ 140 int slotfreespace; /* amount of space free in slot */ 141 int slotneeded; /* size of the entry we're seeking */ 142 int numdirpasses; /* strategy for directory search */ 143 doff_t endsearch; /* offset to end directory search */ 144 doff_t prevoff; /* prev entry dp->i_offset */ 145 struct vnode *pdp; /* saved dp during symlink work */ 146 struct vnode *tdp; /* returned by VFS_VGET */ 147 doff_t enduseful; /* pointer past last used dir slot */ 148 u_long bmask; /* block offset mask */ 149 int lockparent; /* 1 => lockparent flag is set */ 150 int wantparent; /* 1 => wantparent or lockparent flag */ 151 int namlen, error; 152 struct vnode **vpp = ap->a_vpp; 153 struct componentname *cnp = ap->a_cnp; 154 struct ucred *cred = cnp->cn_cred; 155 int flags = cnp->cn_flags; 156 int nameiop = cnp->cn_nameiop; 157 struct thread *td = cnp->cn_td; 158 159 bp = NULL; 160 slotoffset = -1; 161 cnp->cn_flags &= ~PDIRUNLOCK; 162 /* 163 * XXX there was a soft-update diff about this I couldn't merge. 164 * I think this was the equiv. 165 */ 166 *vpp = NULL; 167 168 vdp = ap->a_dvp; 169 dp = VTOI(vdp); 170 lockparent = flags & LOCKPARENT; 171 wantparent = flags & (LOCKPARENT|WANTPARENT); 172 173 /* 174 * We now have a segment name to search for, and a directory to search. 175 * 176 * Suppress search for slots unless creating 177 * file and at end of pathname, in which case 178 * we watch for a place to put the new file in 179 * case it doesn't already exist. 180 */ 181 slotstatus = FOUND; 182 slotfreespace = slotsize = slotneeded = 0; 183 if ((nameiop == CREATE || nameiop == RENAME) && 184 (flags & ISLASTCN)) { 185 slotstatus = NONE; 186 slotneeded = DIRECTSIZ(cnp->cn_namelen); 187 } 188 bmask = VFSTOUFS(vdp->v_mount)->um_mountp->mnt_stat.f_iosize - 1; 189 190 #ifdef UFS_DIRHASH 191 /* 192 * Use dirhash for fast operations on large directories. The logic 193 * to determine whether to hash the directory is contained within 194 * ufsdirhash_build(); a zero return means that it decided to hash 195 * this directory and it successfully built up the hash table. 196 */ 197 if (ufsdirhash_build(dp) == 0) { 198 /* Look for a free slot if needed. */ 199 enduseful = dp->i_size; 200 if (slotstatus != FOUND) { 201 slotoffset = ufsdirhash_findfree(dp, slotneeded, 202 &slotsize); 203 if (slotoffset >= 0) { 204 slotstatus = COMPACT; 205 enduseful = ufsdirhash_enduseful(dp); 206 if (enduseful < 0) 207 enduseful = dp->i_size; 208 } 209 } 210 /* Look up the component. */ 211 numdirpasses = 1; 212 entryoffsetinblock = 0; /* silence compiler warning */ 213 switch (ufsdirhash_lookup(dp, cnp->cn_nameptr, cnp->cn_namelen, 214 &dp->i_offset, &bp, nameiop == DELETE ? &prevoff : NULL)) { 215 case 0: 216 ep = (struct direct *)((char *)bp->b_data + 217 (dp->i_offset & bmask)); 218 goto foundentry; 219 case ENOENT: 220 dp->i_offset = roundup2(dp->i_size, DIRBLKSIZ); 221 goto notfound; 222 default: 223 /* Something failed; just do a linear search. */ 224 break; 225 } 226 } 227 #endif /* UFS_DIRHASH */ 228 /* 229 * If there is cached information on a previous search of 230 * this directory, pick up where we last left off. 231 * We cache only lookups as these are the most common 232 * and have the greatest payoff. Caching CREATE has little 233 * benefit as it usually must search the entire directory 234 * to determine that the entry does not exist. Caching the 235 * location of the last DELETE or RENAME has not reduced 236 * profiling time and hence has been removed in the interest 237 * of simplicity. 238 */ 239 if (nameiop != LOOKUP || dp->i_diroff == 0 || 240 dp->i_diroff >= dp->i_size) { 241 entryoffsetinblock = 0; 242 dp->i_offset = 0; 243 numdirpasses = 1; 244 } else { 245 dp->i_offset = dp->i_diroff; 246 if ((entryoffsetinblock = dp->i_offset & bmask) && 247 (error = UFS_BLKATOFF(vdp, (off_t)dp->i_offset, NULL, &bp))) 248 return (error); 249 numdirpasses = 2; 250 nchstats.ncs_2passes++; 251 } 252 prevoff = dp->i_offset; 253 endsearch = roundup2(dp->i_size, DIRBLKSIZ); 254 enduseful = 0; 255 256 searchloop: 257 while (dp->i_offset < endsearch) { 258 /* 259 * If necessary, get the next directory block. 260 */ 261 if ((dp->i_offset & bmask) == 0) { 262 if (bp != NULL) 263 brelse(bp); 264 error = 265 UFS_BLKATOFF(vdp, (off_t)dp->i_offset, NULL, &bp); 266 if (error) 267 return (error); 268 entryoffsetinblock = 0; 269 } 270 /* 271 * If still looking for a slot, and at a DIRBLKSIZE 272 * boundary, have to start looking for free space again. 273 */ 274 if (slotstatus == NONE && 275 (entryoffsetinblock & (DIRBLKSIZ - 1)) == 0) { 276 slotoffset = -1; 277 slotfreespace = 0; 278 } 279 /* 280 * Get pointer to next entry. 281 * Full validation checks are slow, so we only check 282 * enough to insure forward progress through the 283 * directory. Complete checks can be run by patching 284 * "dirchk" to be true. 285 */ 286 ep = (struct direct *)((char *)bp->b_data + entryoffsetinblock); 287 if (ep->d_reclen == 0 || ep->d_reclen > 288 DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1)) || 289 (dirchk && ufs_dirbadentry(vdp, ep, entryoffsetinblock))) { 290 int i; 291 292 ufs_dirbad(dp, dp->i_offset, "mangled entry"); 293 i = DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1)); 294 dp->i_offset += i; 295 entryoffsetinblock += i; 296 continue; 297 } 298 299 /* 300 * If an appropriate sized slot has not yet been found, 301 * check to see if one is available. Also accumulate space 302 * in the current block so that we can determine if 303 * compaction is viable. 304 */ 305 if (slotstatus != FOUND) { 306 int size = ep->d_reclen; 307 308 if (ep->d_ino != 0) 309 size -= DIRSIZ(OFSFMT(vdp), ep); 310 if (size > 0) { 311 if (size >= slotneeded) { 312 slotstatus = FOUND; 313 slotoffset = dp->i_offset; 314 slotsize = ep->d_reclen; 315 } else if (slotstatus == NONE) { 316 slotfreespace += size; 317 if (slotoffset == -1) 318 slotoffset = dp->i_offset; 319 if (slotfreespace >= slotneeded) { 320 slotstatus = COMPACT; 321 slotsize = dp->i_offset + 322 ep->d_reclen - slotoffset; 323 } 324 } 325 } 326 } 327 328 /* 329 * Check for a name match. 330 */ 331 if (ep->d_ino) { 332 # if (BYTE_ORDER == LITTLE_ENDIAN) 333 if (OFSFMT(vdp)) 334 namlen = ep->d_type; 335 else 336 namlen = ep->d_namlen; 337 # else 338 namlen = ep->d_namlen; 339 # endif 340 if (namlen == cnp->cn_namelen && 341 (cnp->cn_nameptr[0] == ep->d_name[0]) && 342 !bcmp(cnp->cn_nameptr, ep->d_name, 343 (unsigned)namlen)) { 344 #ifdef UFS_DIRHASH 345 foundentry: 346 #endif 347 /* 348 * Save directory entry's inode number and 349 * reclen in ndp->ni_ufs area, and release 350 * directory buffer. 351 */ 352 if (vdp->v_mount->mnt_maxsymlinklen > 0 && 353 ep->d_type == DT_WHT) { 354 slotstatus = FOUND; 355 slotoffset = dp->i_offset; 356 slotsize = ep->d_reclen; 357 dp->i_reclen = slotsize; 358 enduseful = dp->i_size; 359 ap->a_cnp->cn_flags |= ISWHITEOUT; 360 numdirpasses--; 361 goto notfound; 362 } 363 dp->i_ino = ep->d_ino; 364 dp->i_reclen = ep->d_reclen; 365 goto found; 366 } 367 } 368 prevoff = dp->i_offset; 369 dp->i_offset += ep->d_reclen; 370 entryoffsetinblock += ep->d_reclen; 371 if (ep->d_ino) 372 enduseful = dp->i_offset; 373 } 374 notfound: 375 /* 376 * If we started in the middle of the directory and failed 377 * to find our target, we must check the beginning as well. 378 */ 379 if (numdirpasses == 2) { 380 numdirpasses--; 381 dp->i_offset = 0; 382 endsearch = dp->i_diroff; 383 goto searchloop; 384 } 385 if (bp != NULL) 386 brelse(bp); 387 /* 388 * If creating, and at end of pathname and current 389 * directory has not been removed, then can consider 390 * allowing file to be created. 391 */ 392 if ((nameiop == CREATE || nameiop == RENAME || 393 (nameiop == DELETE && 394 (ap->a_cnp->cn_flags & DOWHITEOUT) && 395 (ap->a_cnp->cn_flags & ISWHITEOUT))) && 396 (flags & ISLASTCN) && dp->i_effnlink != 0) { 397 /* 398 * Access for write is interpreted as allowing 399 * creation of files in the directory. 400 */ 401 error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_td); 402 if (error) 403 return (error); 404 /* 405 * Return an indication of where the new directory 406 * entry should be put. If we didn't find a slot, 407 * then set dp->i_count to 0 indicating 408 * that the new slot belongs at the end of the 409 * directory. If we found a slot, then the new entry 410 * can be put in the range from dp->i_offset to 411 * dp->i_offset + dp->i_count. 412 */ 413 if (slotstatus == NONE) { 414 dp->i_offset = roundup2(dp->i_size, DIRBLKSIZ); 415 dp->i_count = 0; 416 enduseful = dp->i_offset; 417 } else if (nameiop == DELETE) { 418 dp->i_offset = slotoffset; 419 if ((dp->i_offset & (DIRBLKSIZ - 1)) == 0) 420 dp->i_count = 0; 421 else 422 dp->i_count = dp->i_offset - prevoff; 423 } else { 424 dp->i_offset = slotoffset; 425 dp->i_count = slotsize; 426 if (enduseful < slotoffset + slotsize) 427 enduseful = slotoffset + slotsize; 428 } 429 dp->i_endoff = roundup2(enduseful, DIRBLKSIZ); 430 dp->i_flag |= IN_CHANGE | IN_UPDATE; 431 /* 432 * We return with the directory locked, so that 433 * the parameters we set up above will still be 434 * valid if we actually decide to do a direnter(). 435 * We return ni_vp == NULL to indicate that the entry 436 * does not currently exist; we leave a pointer to 437 * the (locked) directory inode in ndp->ni_dvp. 438 * The pathname buffer is saved so that the name 439 * can be obtained later. 440 * 441 * NB - if the directory is unlocked, then this 442 * information cannot be used. 443 */ 444 cnp->cn_flags |= SAVENAME; 445 if (!lockparent) { 446 VOP_UNLOCK(vdp, 0, td); 447 cnp->cn_flags |= PDIRUNLOCK; 448 } 449 return (EJUSTRETURN); 450 } 451 /* 452 * Insert name into cache (as non-existent) if appropriate. 453 */ 454 if ((cnp->cn_flags & MAKEENTRY) && nameiop != CREATE) 455 cache_enter(vdp, *vpp, cnp); 456 return (ENOENT); 457 458 found: 459 if (numdirpasses == 2) 460 nchstats.ncs_pass2++; 461 /* 462 * Check that directory length properly reflects presence 463 * of this entry. 464 */ 465 if (dp->i_offset + DIRSIZ(OFSFMT(vdp), ep) > dp->i_size) { 466 ufs_dirbad(dp, dp->i_offset, "i_size too small"); 467 dp->i_size = dp->i_offset + DIRSIZ(OFSFMT(vdp), ep); 468 dp->i_flag |= IN_CHANGE | IN_UPDATE; 469 } 470 brelse(bp); 471 472 /* 473 * Found component in pathname. 474 * If the final component of path name, save information 475 * in the cache as to where the entry was found. 476 */ 477 if ((flags & ISLASTCN) && nameiop == LOOKUP) 478 dp->i_diroff = dp->i_offset &~ (DIRBLKSIZ - 1); 479 480 /* 481 * If deleting, and at end of pathname, return 482 * parameters which can be used to remove file. 483 * If the wantparent flag isn't set, we return only 484 * the directory (in ndp->ni_dvp), otherwise we go 485 * on and lock the inode, being careful with ".". 486 */ 487 if (nameiop == DELETE && (flags & ISLASTCN)) { 488 /* 489 * Write access to directory required to delete files. 490 */ 491 error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_td); 492 if (error) 493 return (error); 494 /* 495 * Return pointer to current entry in dp->i_offset, 496 * and distance past previous entry (if there 497 * is a previous entry in this block) in dp->i_count. 498 * Save directory inode pointer in ndp->ni_dvp for dirremove(). 499 */ 500 if ((dp->i_offset & (DIRBLKSIZ - 1)) == 0) 501 dp->i_count = 0; 502 else 503 dp->i_count = dp->i_offset - prevoff; 504 if (dp->i_number == dp->i_ino) { 505 VREF(vdp); 506 *vpp = vdp; 507 return (0); 508 } 509 if (flags & ISDOTDOT) 510 VOP_UNLOCK(vdp, 0, td); /* race to get the inode */ 511 error = VFS_VGET(vdp->v_mount, dp->i_ino, &tdp); 512 if (flags & ISDOTDOT) { 513 if (vn_lock(vdp, LK_EXCLUSIVE | LK_RETRY, td) != 0) 514 cnp->cn_flags |= PDIRUNLOCK; 515 } 516 if (error) 517 return (error); 518 /* 519 * If directory is "sticky", then user must own 520 * the directory, or the file in it, else she 521 * may not delete it (unless she's root). This 522 * implements append-only directories. 523 */ 524 if ((dp->i_mode & ISVTX) && 525 cred->cr_uid != 0 && 526 cred->cr_uid != dp->i_uid && 527 VTOI(tdp)->i_uid != cred->cr_uid) { 528 vput(tdp); 529 return (EPERM); 530 } 531 *vpp = tdp; 532 if (!lockparent) { 533 VOP_UNLOCK(vdp, 0, td); 534 cnp->cn_flags |= PDIRUNLOCK; 535 } 536 return (0); 537 } 538 539 /* 540 * If rewriting (RENAME), return the inode and the 541 * information required to rewrite the present directory 542 * Must get inode of directory entry to verify it's a 543 * regular file, or empty directory. 544 */ 545 if (nameiop == RENAME && wantparent && (flags & ISLASTCN)) { 546 if ((error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_td)) != 0) 547 return (error); 548 /* 549 * Careful about locking second inode. 550 * This can only occur if the target is ".". 551 */ 552 if (dp->i_number == dp->i_ino) 553 return (EISDIR); 554 if (flags & ISDOTDOT) 555 VOP_UNLOCK(vdp, 0, td); /* race to get the inode */ 556 error = VFS_VGET(vdp->v_mount, dp->i_ino, &tdp); 557 if (flags & ISDOTDOT) { 558 if (vn_lock(vdp, LK_EXCLUSIVE | LK_RETRY, td) != 0) 559 cnp->cn_flags |= PDIRUNLOCK; 560 } 561 if (error) 562 return (error); 563 *vpp = tdp; 564 cnp->cn_flags |= SAVENAME; 565 if (!lockparent) { 566 VOP_UNLOCK(vdp, 0, td); 567 cnp->cn_flags |= PDIRUNLOCK; 568 } 569 return (0); 570 } 571 572 /* 573 * Step through the translation in the name. We do not `vput' the 574 * directory because we may need it again if a symbolic link 575 * is relative to the current directory. Instead we save it 576 * unlocked as "pdp". We must get the target inode before unlocking 577 * the directory to insure that the inode will not be removed 578 * before we get it. We prevent deadlock by always fetching 579 * inodes from the root, moving down the directory tree. Thus 580 * when following backward pointers ".." we must unlock the 581 * parent directory before getting the requested directory. 582 * There is a potential race condition here if both the current 583 * and parent directories are removed before the VFS_VGET for the 584 * inode associated with ".." returns. We hope that this occurs 585 * infrequently since we cannot avoid this race condition without 586 * implementing a sophisticated deadlock detection algorithm. 587 * Note also that this simple deadlock detection scheme will not 588 * work if the file system has any hard links other than ".." 589 * that point backwards in the directory structure. 590 */ 591 pdp = vdp; 592 if (flags & ISDOTDOT) { 593 VOP_UNLOCK(pdp, 0, td); /* race to get the inode */ 594 cnp->cn_flags |= PDIRUNLOCK; 595 if ((error = VFS_VGET(vdp->v_mount, dp->i_ino, &tdp)) != 0) { 596 if (vn_lock(pdp, LK_EXCLUSIVE | LK_RETRY, td) == 0) 597 cnp->cn_flags &= ~PDIRUNLOCK; 598 return (error); 599 } 600 if (lockparent && (flags & ISLASTCN)) { 601 if ((error = vn_lock(pdp, LK_EXCLUSIVE, td)) != 0) { 602 vput(tdp); 603 return (error); 604 } 605 cnp->cn_flags &= ~PDIRUNLOCK; 606 } 607 *vpp = tdp; 608 } else if (dp->i_number == dp->i_ino) { 609 VREF(vdp); /* we want ourself, ie "." */ 610 *vpp = vdp; 611 } else { 612 error = VFS_VGET(vdp->v_mount, dp->i_ino, &tdp); 613 if (error) 614 return (error); 615 if (!lockparent || !(flags & ISLASTCN)) { 616 VOP_UNLOCK(pdp, 0, td); 617 cnp->cn_flags |= PDIRUNLOCK; 618 } 619 *vpp = tdp; 620 } 621 622 /* 623 * Insert name into cache if appropriate. 624 */ 625 if (cnp->cn_flags & MAKEENTRY) 626 cache_enter(vdp, *vpp, cnp); 627 return (0); 628 } 629 630 void 631 ufs_dirbad(ip, offset, how) 632 struct inode *ip; 633 doff_t offset; 634 char *how; 635 { 636 struct mount *mp; 637 638 mp = ITOV(ip)->v_mount; 639 (void)printf("%s: bad dir ino %lu at offset %ld: %s\n", 640 mp->mnt_stat.f_mntonname, (u_long)ip->i_number, (long)offset, how); 641 if ((mp->mnt_flag & MNT_RDONLY) == 0) 642 panic("ufs_dirbad: bad dir"); 643 } 644 645 /* 646 * Do consistency checking on a directory entry: 647 * record length must be multiple of 4 648 * entry must fit in rest of its DIRBLKSIZ block 649 * record must be large enough to contain entry 650 * name is not longer than MAXNAMLEN 651 * name must be as long as advertised, and null terminated 652 */ 653 int 654 ufs_dirbadentry(dp, ep, entryoffsetinblock) 655 struct vnode *dp; 656 register struct direct *ep; 657 int entryoffsetinblock; 658 { 659 register int i; 660 int namlen; 661 662 # if (BYTE_ORDER == LITTLE_ENDIAN) 663 if (OFSFMT(dp)) 664 namlen = ep->d_type; 665 else 666 namlen = ep->d_namlen; 667 # else 668 namlen = ep->d_namlen; 669 # endif 670 if ((ep->d_reclen & 0x3) != 0 || 671 ep->d_reclen > DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1)) || 672 ep->d_reclen < DIRSIZ(OFSFMT(dp), ep) || namlen > MAXNAMLEN) { 673 /*return (1); */ 674 printf("First bad\n"); 675 goto bad; 676 } 677 if (ep->d_ino == 0) 678 return (0); 679 for (i = 0; i < namlen; i++) 680 if (ep->d_name[i] == '\0') { 681 /*return (1); */ 682 printf("Second bad\n"); 683 goto bad; 684 } 685 if (ep->d_name[i]) 686 goto bad; 687 return (0); 688 bad: 689 return (1); 690 } 691 692 /* 693 * Construct a new directory entry after a call to namei, using the 694 * parameters that it left in the componentname argument cnp. The 695 * argument ip is the inode to which the new directory entry will refer. 696 */ 697 void 698 ufs_makedirentry(ip, cnp, newdirp) 699 struct inode *ip; 700 struct componentname *cnp; 701 struct direct *newdirp; 702 { 703 704 #ifdef DIAGNOSTIC 705 if ((cnp->cn_flags & SAVENAME) == 0) 706 panic("ufs_makedirentry: missing name"); 707 #endif 708 newdirp->d_ino = ip->i_number; 709 newdirp->d_namlen = cnp->cn_namelen; 710 bcopy(cnp->cn_nameptr, newdirp->d_name, (unsigned)cnp->cn_namelen + 1); 711 if (ITOV(ip)->v_mount->mnt_maxsymlinklen > 0) 712 newdirp->d_type = IFTODT(ip->i_mode); 713 else { 714 newdirp->d_type = 0; 715 # if (BYTE_ORDER == LITTLE_ENDIAN) 716 { u_char tmp = newdirp->d_namlen; 717 newdirp->d_namlen = newdirp->d_type; 718 newdirp->d_type = tmp; } 719 # endif 720 } 721 } 722 723 /* 724 * Write a directory entry after a call to namei, using the parameters 725 * that it left in nameidata. The argument dirp is the new directory 726 * entry contents. Dvp is a pointer to the directory to be written, 727 * which was left locked by namei. Remaining parameters (dp->i_offset, 728 * dp->i_count) indicate how the space for the new entry is to be obtained. 729 * Non-null bp indicates that a directory is being created (for the 730 * soft dependency code). 731 */ 732 int 733 ufs_direnter(dvp, tvp, dirp, cnp, newdirbp) 734 struct vnode *dvp; 735 struct vnode *tvp; 736 struct direct *dirp; 737 struct componentname *cnp; 738 struct buf *newdirbp; 739 { 740 struct ucred *cred; 741 struct thread *td = curthread; /* XXX */ 742 int newentrysize; 743 struct inode *dp; 744 struct buf *bp; 745 u_int dsize; 746 struct direct *ep, *nep; 747 int error, ret, blkoff, loc, spacefree, flags; 748 char *dirbuf; 749 750 KKASSERT(td->td_proc); /* YYY use/require cred passed in cnp? */ 751 cred = td->td_proc->p_ucred; 752 753 dp = VTOI(dvp); 754 newentrysize = DIRSIZ(OFSFMT(dvp), dirp); 755 756 if (dp->i_count == 0) { 757 /* 758 * If dp->i_count is 0, then namei could find no 759 * space in the directory. Here, dp->i_offset will 760 * be on a directory block boundary and we will write the 761 * new entry into a fresh block. 762 */ 763 if (dp->i_offset & (DIRBLKSIZ - 1)) 764 panic("ufs_direnter: newblk"); 765 flags = B_CLRBUF; 766 if (!DOINGSOFTDEP(dvp) && !DOINGASYNC(dvp)) 767 flags |= B_SYNC; 768 if ((error = VOP_BALLOC(dvp, (off_t)dp->i_offset, DIRBLKSIZ, 769 cred, flags, &bp)) != 0) { 770 if (DOINGSOFTDEP(dvp) && newdirbp != NULL) 771 bdwrite(newdirbp); 772 return (error); 773 } 774 dp->i_size = dp->i_offset + DIRBLKSIZ; 775 dp->i_flag |= IN_CHANGE | IN_UPDATE; 776 vnode_pager_setsize(dvp, (u_long)dp->i_size); 777 dirp->d_reclen = DIRBLKSIZ; 778 blkoff = dp->i_offset & 779 (VFSTOUFS(dvp->v_mount)->um_mountp->mnt_stat.f_iosize - 1); 780 bcopy((caddr_t)dirp, (caddr_t)bp->b_data + blkoff,newentrysize); 781 #ifdef UFS_DIRHASH 782 if (dp->i_dirhash != NULL) { 783 ufsdirhash_newblk(dp, dp->i_offset); 784 ufsdirhash_add(dp, dirp, dp->i_offset); 785 ufsdirhash_checkblock(dp, (char *)bp->b_data + blkoff, 786 dp->i_offset); 787 } 788 #endif 789 if (DOINGSOFTDEP(dvp)) { 790 /* 791 * Ensure that the entire newly allocated block is a 792 * valid directory so that future growth within the 793 * block does not have to ensure that the block is 794 * written before the inode. 795 */ 796 blkoff += DIRBLKSIZ; 797 while (blkoff < bp->b_bcount) { 798 ((struct direct *) 799 (bp->b_data + blkoff))->d_reclen = DIRBLKSIZ; 800 blkoff += DIRBLKSIZ; 801 } 802 softdep_setup_directory_add(bp, dp, dp->i_offset, 803 dirp->d_ino, newdirbp); 804 bdwrite(bp); 805 return (UFS_UPDATE(dvp, 0)); 806 } 807 if (DOINGASYNC(dvp)) { 808 bdwrite(bp); 809 return (UFS_UPDATE(dvp, 0)); 810 } 811 error = VOP_BWRITE(bp->b_vp, bp); 812 ret = UFS_UPDATE(dvp, 1); 813 if (error == 0) 814 return (ret); 815 return (error); 816 } 817 818 /* 819 * If dp->i_count is non-zero, then namei found space for the new 820 * entry in the range dp->i_offset to dp->i_offset + dp->i_count 821 * in the directory. To use this space, we may have to compact 822 * the entries located there, by copying them together towards the 823 * beginning of the block, leaving the free space in one usable 824 * chunk at the end. 825 */ 826 827 /* 828 * Increase size of directory if entry eats into new space. 829 * This should never push the size past a new multiple of 830 * DIRBLKSIZE. 831 * 832 * N.B. - THIS IS AN ARTIFACT OF 4.2 AND SHOULD NEVER HAPPEN. 833 */ 834 if (dp->i_offset + dp->i_count > dp->i_size) 835 dp->i_size = dp->i_offset + dp->i_count; 836 /* 837 * Get the block containing the space for the new directory entry. 838 */ 839 error = UFS_BLKATOFF(dvp, (off_t)dp->i_offset, &dirbuf, &bp); 840 if (error) { 841 if (DOINGSOFTDEP(dvp) && newdirbp != NULL) 842 bdwrite(newdirbp); 843 return (error); 844 } 845 /* 846 * Find space for the new entry. In the simple case, the entry at 847 * offset base will have the space. If it does not, then namei 848 * arranged that compacting the region dp->i_offset to 849 * dp->i_offset + dp->i_count would yield the space. 850 */ 851 ep = (struct direct *)dirbuf; 852 dsize = ep->d_ino ? DIRSIZ(OFSFMT(dvp), ep) : 0; 853 spacefree = ep->d_reclen - dsize; 854 for (loc = ep->d_reclen; loc < dp->i_count; ) { 855 nep = (struct direct *)(dirbuf + loc); 856 857 /* Trim the existing slot (NB: dsize may be zero). */ 858 ep->d_reclen = dsize; 859 ep = (struct direct *)((char *)ep + dsize); 860 861 /* Read nep->d_reclen now as the bcopy() may clobber it. */ 862 loc += nep->d_reclen; 863 if (nep->d_ino == 0) { 864 /* 865 * A mid-block unused entry. Such entries are 866 * never created by the kernel, but fsck_ffs 867 * can create them (and it doesn't fix them). 868 * 869 * Add up the free space, and initialise the 870 * relocated entry since we don't bcopy it. 871 */ 872 spacefree += nep->d_reclen; 873 ep->d_ino = 0; 874 dsize = 0; 875 continue; 876 } 877 dsize = DIRSIZ(OFSFMT(dvp), nep); 878 spacefree += nep->d_reclen - dsize; 879 #ifdef UFS_DIRHASH 880 if (dp->i_dirhash != NULL) 881 ufsdirhash_move(dp, nep, 882 dp->i_offset + ((char *)nep - dirbuf), 883 dp->i_offset + ((char *)ep - dirbuf)); 884 #endif 885 if (DOINGSOFTDEP(dvp)) 886 softdep_change_directoryentry_offset(dp, dirbuf, 887 (caddr_t)nep, (caddr_t)ep, dsize); 888 else 889 bcopy((caddr_t)nep, (caddr_t)ep, dsize); 890 } 891 /* 892 * Here, `ep' points to a directory entry containing `dsize' in-use 893 * bytes followed by `spacefree' unused bytes. If ep->d_ino == 0, 894 * then the entry is completely unused (dsize == 0). The value 895 * of ep->d_reclen is always indeterminate. 896 * 897 * Update the pointer fields in the previous entry (if any), 898 * copy in the new entry, and write out the block. 899 */ 900 if (ep->d_ino == 0 || 901 (ep->d_ino == WINO && 902 bcmp(ep->d_name, dirp->d_name, dirp->d_namlen) == 0)) { 903 if (spacefree + dsize < newentrysize) 904 panic("ufs_direnter: compact1"); 905 dirp->d_reclen = spacefree + dsize; 906 } else { 907 if (spacefree < newentrysize) 908 panic("ufs_direnter: compact2"); 909 dirp->d_reclen = spacefree; 910 ep->d_reclen = dsize; 911 ep = (struct direct *)((char *)ep + dsize); 912 } 913 #ifdef UFS_DIRHASH 914 if (dp->i_dirhash != NULL && (ep->d_ino == 0 || 915 dirp->d_reclen == spacefree)) 916 ufsdirhash_add(dp, dirp, dp->i_offset + ((char *)ep - dirbuf)); 917 #endif 918 bcopy((caddr_t)dirp, (caddr_t)ep, (u_int)newentrysize); 919 #ifdef UFS_DIRHASH 920 if (dp->i_dirhash != NULL) 921 ufsdirhash_checkblock(dp, dirbuf - 922 (dp->i_offset & (DIRBLKSIZ - 1)), 923 dp->i_offset & ~(DIRBLKSIZ - 1)); 924 #endif 925 926 if (DOINGSOFTDEP(dvp)) { 927 softdep_setup_directory_add(bp, dp, 928 dp->i_offset + (caddr_t)ep - dirbuf, dirp->d_ino, newdirbp); 929 bdwrite(bp); 930 } else { 931 if (DOINGASYNC(dvp)) { 932 bdwrite(bp); 933 error = 0; 934 } else { 935 error = bowrite(bp); 936 } 937 } 938 dp->i_flag |= IN_CHANGE | IN_UPDATE; 939 /* 940 * If all went well, and the directory can be shortened, proceed 941 * with the truncation. Note that we have to unlock the inode for 942 * the entry that we just entered, as the truncation may need to 943 * lock other inodes which can lead to deadlock if we also hold a 944 * lock on the newly entered node. 945 */ 946 if (error == 0 && dp->i_endoff && dp->i_endoff < dp->i_size) { 947 if (tvp != NULL) 948 VOP_UNLOCK(tvp, 0, td); 949 #ifdef UFS_DIRHASH 950 if (dp->i_dirhash != NULL) 951 ufsdirhash_dirtrunc(dp, dp->i_endoff); 952 #endif 953 (void) UFS_TRUNCATE(dvp, (off_t)dp->i_endoff, IO_SYNC, cred, td); 954 if (tvp != NULL) 955 vn_lock(tvp, LK_EXCLUSIVE | LK_RETRY, td); 956 } 957 return (error); 958 } 959 960 /* 961 * Remove a directory entry after a call to namei, using 962 * the parameters which it left in nameidata. The entry 963 * dp->i_offset contains the offset into the directory of the 964 * entry to be eliminated. The dp->i_count field contains the 965 * size of the previous record in the directory. If this 966 * is 0, the first entry is being deleted, so we need only 967 * zero the inode number to mark the entry as free. If the 968 * entry is not the first in the directory, we must reclaim 969 * the space of the now empty record by adding the record size 970 * to the size of the previous entry. 971 */ 972 int 973 ufs_dirremove(dvp, ip, flags, isrmdir) 974 struct vnode *dvp; 975 struct inode *ip; 976 int flags; 977 int isrmdir; 978 { 979 struct inode *dp; 980 struct direct *ep; 981 struct buf *bp; 982 int error; 983 984 dp = VTOI(dvp); 985 986 if (flags & DOWHITEOUT) { 987 /* 988 * Whiteout entry: set d_ino to WINO. 989 */ 990 if ((error = 991 UFS_BLKATOFF(dvp, (off_t)dp->i_offset, (char **)&ep, &bp)) != 0) 992 return (error); 993 ep->d_ino = WINO; 994 ep->d_type = DT_WHT; 995 goto out; 996 } 997 998 if ((error = UFS_BLKATOFF(dvp, 999 (off_t)(dp->i_offset - dp->i_count), (char **)&ep, &bp)) != 0) 1000 return (error); 1001 #ifdef UFS_DIRHASH 1002 /* 1003 * Remove the dirhash entry. This is complicated by the fact 1004 * that `ep' is the previous entry when dp->i_count != 0. 1005 */ 1006 if (dp->i_dirhash != NULL) 1007 ufsdirhash_remove(dp, (dp->i_count == 0) ? ep : 1008 (struct direct *)((char *)ep + ep->d_reclen), dp->i_offset); 1009 #endif 1010 if (dp->i_count == 0) { 1011 /* 1012 * First entry in block: set d_ino to zero. 1013 */ 1014 ep->d_ino = 0; 1015 } else { 1016 /* 1017 * Collapse new free space into previous entry. 1018 */ 1019 ep->d_reclen += dp->i_reclen; 1020 } 1021 #ifdef UFS_DIRHASH 1022 if (dp->i_dirhash != NULL) 1023 ufsdirhash_checkblock(dp, (char *)ep - 1024 ((dp->i_offset - dp->i_count) & (DIRBLKSIZ - 1)), 1025 dp->i_offset & ~(DIRBLKSIZ - 1)); 1026 #endif 1027 out: 1028 if (DOINGSOFTDEP(dvp)) { 1029 if (ip) { 1030 ip->i_effnlink--; 1031 softdep_change_linkcnt(ip); 1032 softdep_setup_remove(bp, dp, ip, isrmdir); 1033 } 1034 if (softdep_slowdown(dvp)) { 1035 error = VOP_BWRITE(bp->b_vp, bp); 1036 } else { 1037 bdwrite(bp); 1038 error = 0; 1039 } 1040 } else { 1041 if (ip) { 1042 ip->i_effnlink--; 1043 ip->i_nlink--; 1044 ip->i_flag |= IN_CHANGE; 1045 } 1046 if (flags & DOWHITEOUT) 1047 error = VOP_BWRITE(bp->b_vp, bp); 1048 else if (DOINGASYNC(dvp) && dp->i_count != 0) { 1049 bdwrite(bp); 1050 error = 0; 1051 } else 1052 error = bowrite(bp); 1053 } 1054 dp->i_flag |= IN_CHANGE | IN_UPDATE; 1055 return (error); 1056 } 1057 1058 /* 1059 * Rewrite an existing directory entry to point at the inode 1060 * supplied. The parameters describing the directory entry are 1061 * set up by a call to namei. 1062 */ 1063 int 1064 ufs_dirrewrite(dp, oip, newinum, newtype, isrmdir) 1065 struct inode *dp, *oip; 1066 ino_t newinum; 1067 int newtype; 1068 int isrmdir; 1069 { 1070 struct buf *bp; 1071 struct direct *ep; 1072 struct vnode *vdp = ITOV(dp); 1073 int error; 1074 1075 error = UFS_BLKATOFF(vdp, (off_t)dp->i_offset, (char **)&ep, &bp); 1076 if (error) 1077 return (error); 1078 ep->d_ino = newinum; 1079 if (!OFSFMT(vdp)) 1080 ep->d_type = newtype; 1081 oip->i_effnlink--; 1082 if (DOINGSOFTDEP(vdp)) { 1083 softdep_change_linkcnt(oip); 1084 softdep_setup_directory_change(bp, dp, oip, newinum, isrmdir); 1085 bdwrite(bp); 1086 } else { 1087 oip->i_nlink--; 1088 oip->i_flag |= IN_CHANGE; 1089 if (DOINGASYNC(vdp)) { 1090 bdwrite(bp); 1091 error = 0; 1092 } else { 1093 error = bowrite(bp); 1094 } 1095 } 1096 dp->i_flag |= IN_CHANGE | IN_UPDATE; 1097 return (error); 1098 } 1099 1100 /* 1101 * Check if a directory is empty or not. 1102 * Inode supplied must be locked. 1103 * 1104 * Using a struct dirtemplate here is not precisely 1105 * what we want, but better than using a struct direct. 1106 * 1107 * NB: does not handle corrupted directories. 1108 */ 1109 int 1110 ufs_dirempty(ip, parentino, cred) 1111 register struct inode *ip; 1112 ino_t parentino; 1113 struct ucred *cred; 1114 { 1115 register off_t off; 1116 struct dirtemplate dbuf; 1117 register struct direct *dp = (struct direct *)&dbuf; 1118 int error, count, namlen; 1119 #define MINDIRSIZ (sizeof (struct dirtemplate) / 2) 1120 1121 for (off = 0; off < ip->i_size; off += dp->d_reclen) { 1122 error = vn_rdwr(UIO_READ, ITOV(ip), (caddr_t)dp, MINDIRSIZ, off, 1123 UIO_SYSSPACE, IO_NODELOCKED, cred, &count, NULL); 1124 /* 1125 * Since we read MINDIRSIZ, residual must 1126 * be 0 unless we're at end of file. 1127 */ 1128 if (error || count != 0) 1129 return (0); 1130 /* avoid infinite loops */ 1131 if (dp->d_reclen == 0) 1132 return (0); 1133 /* skip empty entries */ 1134 if (dp->d_ino == 0 || dp->d_ino == WINO) 1135 continue; 1136 /* accept only "." and ".." */ 1137 # if (BYTE_ORDER == LITTLE_ENDIAN) 1138 if (OFSFMT(ITOV(ip))) 1139 namlen = dp->d_type; 1140 else 1141 namlen = dp->d_namlen; 1142 # else 1143 namlen = dp->d_namlen; 1144 # endif 1145 if (namlen > 2) 1146 return (0); 1147 if (dp->d_name[0] != '.') 1148 return (0); 1149 /* 1150 * At this point namlen must be 1 or 2. 1151 * 1 implies ".", 2 implies ".." if second 1152 * char is also "." 1153 */ 1154 if (namlen == 1 && dp->d_ino == ip->i_number) 1155 continue; 1156 if (dp->d_name[1] == '.' && dp->d_ino == parentino) 1157 continue; 1158 return (0); 1159 } 1160 return (1); 1161 } 1162 1163 /* 1164 * Check if source directory is in the path of the target directory. 1165 * Target is supplied locked, source is unlocked. 1166 * The target is always vput before returning. 1167 */ 1168 int 1169 ufs_checkpath(source, target, cred) 1170 struct inode *source, *target; 1171 struct ucred *cred; 1172 { 1173 struct vnode *vp; 1174 int error, rootino, namlen; 1175 struct dirtemplate dirbuf; 1176 1177 vp = ITOV(target); 1178 if (target->i_number == source->i_number) { 1179 error = EEXIST; 1180 goto out; 1181 } 1182 rootino = ROOTINO; 1183 error = 0; 1184 if (target->i_number == rootino) 1185 goto out; 1186 1187 for (;;) { 1188 if (vp->v_type != VDIR) { 1189 error = ENOTDIR; 1190 break; 1191 } 1192 error = vn_rdwr(UIO_READ, vp, (caddr_t)&dirbuf, 1193 sizeof (struct dirtemplate), (off_t)0, UIO_SYSSPACE, 1194 IO_NODELOCKED, cred, (int *)0, NULL); 1195 if (error != 0) 1196 break; 1197 # if (BYTE_ORDER == LITTLE_ENDIAN) 1198 if (OFSFMT(vp)) 1199 namlen = dirbuf.dotdot_type; 1200 else 1201 namlen = dirbuf.dotdot_namlen; 1202 # else 1203 namlen = dirbuf.dotdot_namlen; 1204 # endif 1205 if (namlen != 2 || 1206 dirbuf.dotdot_name[0] != '.' || 1207 dirbuf.dotdot_name[1] != '.') { 1208 error = ENOTDIR; 1209 break; 1210 } 1211 if (dirbuf.dotdot_ino == source->i_number) { 1212 error = EINVAL; 1213 break; 1214 } 1215 if (dirbuf.dotdot_ino == rootino) 1216 break; 1217 vput(vp); 1218 error = VFS_VGET(vp->v_mount, dirbuf.dotdot_ino, &vp); 1219 if (error) { 1220 vp = NULL; 1221 break; 1222 } 1223 } 1224 1225 out: 1226 if (error == ENOTDIR) 1227 printf("checkpath: .. not a directory\n"); 1228 if (vp != NULL) 1229 vput(vp); 1230 return (error); 1231 } 1232