1 /* 2 * Copyright (c) 1982, 1986, 1989, 1993, 1995 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)ufs_vnops.c 8.27 (Berkeley) 5/27/95 39 * $FreeBSD: src/sys/ufs/ufs/ufs_vnops.c,v 1.131.2.8 2003/01/02 17:26:19 bde Exp $ 40 * $DragonFly: src/sys/vfs/ufs/ufs_vnops.c,v 1.67 2008/09/28 05:04:22 dillon Exp $ 41 */ 42 43 #include "opt_quota.h" 44 #include "opt_suiddir.h" 45 #include "opt_ufs.h" 46 47 #include <sys/param.h> 48 #include <sys/systm.h> 49 #include <sys/kernel.h> 50 #include <sys/fcntl.h> 51 #include <sys/stat.h> 52 #include <sys/buf.h> 53 #include <sys/proc.h> 54 #include <sys/priv.h> 55 #include <sys/namei.h> 56 #include <sys/mount.h> 57 #include <sys/unistd.h> 58 #include <sys/vnode.h> 59 #include <sys/malloc.h> 60 #include <sys/dirent.h> 61 #include <sys/lockf.h> 62 #include <sys/event.h> 63 #include <sys/conf.h> 64 65 #include <sys/file.h> /* XXX */ 66 #include <sys/jail.h> 67 68 #include <vm/vm.h> 69 #include <vm/vm_extern.h> 70 71 #include <vfs/fifofs/fifo.h> 72 73 #include "quota.h" 74 #include "inode.h" 75 #include "dir.h" 76 #include "ufsmount.h" 77 #include "ufs_extern.h" 78 #include "ffs_extern.h" 79 #ifdef UFS_DIRHASH 80 #include "dirhash.h" 81 #endif 82 83 static int ufs_access (struct vop_access_args *); 84 static int ufs_advlock (struct vop_advlock_args *); 85 static int ufs_chmod (struct vnode *, int, struct ucred *); 86 static int ufs_chown (struct vnode *, uid_t, gid_t, struct ucred *); 87 static int ufs_close (struct vop_close_args *); 88 static int ufs_create (struct vop_old_create_args *); 89 static int ufs_getattr (struct vop_getattr_args *); 90 static int ufs_link (struct vop_old_link_args *); 91 static int ufs_makeinode (int mode, struct vnode *, struct vnode **, struct componentname *); 92 static int ufs_markatime (struct vop_markatime_args *); 93 static int ufs_missingop (struct vop_generic_args *ap); 94 static int ufs_mkdir (struct vop_old_mkdir_args *); 95 static int ufs_mknod (struct vop_old_mknod_args *); 96 static int ufs_mmap (struct vop_mmap_args *); 97 static int ufs_open (struct vop_open_args *); 98 static int ufs_print (struct vop_print_args *); 99 static int ufs_readdir (struct vop_readdir_args *); 100 static int ufs_readlink (struct vop_readlink_args *); 101 static int ufs_remove (struct vop_old_remove_args *); 102 static int ufs_rename (struct vop_old_rename_args *); 103 static int ufs_rmdir (struct vop_old_rmdir_args *); 104 static int ufs_setattr (struct vop_setattr_args *); 105 static int ufs_strategy (struct vop_strategy_args *); 106 static int ufs_symlink (struct vop_old_symlink_args *); 107 static int ufs_whiteout (struct vop_old_whiteout_args *); 108 static int ufsfifo_close (struct vop_close_args *); 109 static int ufsfifo_kqfilter (struct vop_kqfilter_args *); 110 static int ufsfifo_read (struct vop_read_args *); 111 static int ufsfifo_write (struct vop_write_args *); 112 static int ufsspec_close (struct vop_close_args *); 113 static int ufsspec_read (struct vop_read_args *); 114 static int ufsspec_write (struct vop_write_args *); 115 static int filt_ufsread (struct knote *kn, long hint); 116 static int filt_ufswrite (struct knote *kn, long hint); 117 static int filt_ufsvnode (struct knote *kn, long hint); 118 static void filt_ufsdetach (struct knote *kn); 119 static int ufs_kqfilter (struct vop_kqfilter_args *ap); 120 121 union _qcvt { 122 int64_t qcvt; 123 int32_t val[2]; 124 }; 125 #define SETHIGH(q, h) { \ 126 union _qcvt tmp; \ 127 tmp.qcvt = (q); \ 128 tmp.val[_QUAD_HIGHWORD] = (h); \ 129 (q) = tmp.qcvt; \ 130 } 131 #define SETLOW(q, l) { \ 132 union _qcvt tmp; \ 133 tmp.qcvt = (q); \ 134 tmp.val[_QUAD_LOWWORD] = (l); \ 135 (q) = tmp.qcvt; \ 136 } 137 #define VN_KNOTE(vp, b) \ 138 KNOTE(&vp->v_pollinfo.vpi_selinfo.si_note, (b)) 139 140 #define OFSFMT(vp) ((vp)->v_mount->mnt_maxsymlinklen <= 0) 141 142 /* 143 * A virgin directory (no blushing please). 144 */ 145 static struct dirtemplate mastertemplate = { 146 0, 12, DT_DIR, 1, ".", 147 0, DIRBLKSIZ - 12, DT_DIR, 2, ".." 148 }; 149 static struct odirtemplate omastertemplate = { 150 0, 12, 1, ".", 151 0, DIRBLKSIZ - 12, 2, ".." 152 }; 153 154 void 155 ufs_itimes(struct vnode *vp) 156 { 157 struct inode *ip; 158 struct timespec ts; 159 160 ip = VTOI(vp); 161 if ((ip->i_flag & (IN_ACCESS | IN_CHANGE | IN_UPDATE)) == 0) 162 return; 163 if ((vp->v_type == VBLK || vp->v_type == VCHR) && !DOINGSOFTDEP(vp)) 164 ip->i_flag |= IN_LAZYMOD; 165 else 166 ip->i_flag |= IN_MODIFIED; 167 if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) { 168 vfs_timestamp(&ts); 169 if (ip->i_flag & IN_ACCESS) { 170 ip->i_atime = ts.tv_sec; 171 ip->i_atimensec = ts.tv_nsec; 172 } 173 if (ip->i_flag & IN_UPDATE) { 174 ip->i_mtime = ts.tv_sec; 175 ip->i_mtimensec = ts.tv_nsec; 176 ip->i_modrev++; 177 } 178 if (ip->i_flag & IN_CHANGE) { 179 ip->i_ctime = ts.tv_sec; 180 ip->i_ctimensec = ts.tv_nsec; 181 } 182 } 183 ip->i_flag &= ~(IN_ACCESS | IN_CHANGE | IN_UPDATE); 184 } 185 186 /* 187 * Create a regular file 188 * 189 * ufs_create(struct vnode *a_dvp, struct vnode **a_vpp, 190 * struct componentname *a_cnp, struct vattr *a_vap) 191 */ 192 static 193 int 194 ufs_create(struct vop_old_create_args *ap) 195 { 196 int error; 197 198 error = 199 ufs_makeinode(MAKEIMODE(ap->a_vap->va_type, ap->a_vap->va_mode), 200 ap->a_dvp, ap->a_vpp, ap->a_cnp); 201 if (error) 202 return (error); 203 VN_KNOTE(ap->a_dvp, NOTE_WRITE); 204 return (0); 205 } 206 207 /* 208 * Mknod vnode call 209 * 210 * ufs_mknod(struct vnode *a_dvp, struct vnode **a_vpp, 211 * struct componentname *a_cnp, struct vattr *a_vap) 212 */ 213 /* ARGSUSED */ 214 static 215 int 216 ufs_mknod(struct vop_old_mknod_args *ap) 217 { 218 struct vattr *vap = ap->a_vap; 219 struct vnode **vpp = ap->a_vpp; 220 struct inode *ip; 221 ino_t ino; 222 int error; 223 224 /* 225 * UFS cannot represent the entire major/minor range supported by 226 * the kernel. 227 */ 228 if (vap->va_rmajor != VNOVAL && 229 makeudev(vap->va_rmajor, vap->va_rminor) == NOUDEV) { 230 return(EINVAL); 231 } 232 233 /* no special directory support */ 234 if (vap->va_type == VDIR) 235 return(EINVAL); 236 237 error = ufs_makeinode(MAKEIMODE(vap->va_type, vap->va_mode), 238 ap->a_dvp, vpp, ap->a_cnp); 239 if (error) 240 return (error); 241 VN_KNOTE(ap->a_dvp, NOTE_WRITE); 242 ip = VTOI(*vpp); 243 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 244 if (vap->va_rmajor != VNOVAL) { 245 /* 246 * Want to be able to use this to make badblock 247 * inodes, so don't truncate the dev number. 248 */ 249 ip->i_rdev = makeudev(vap->va_rmajor, vap->va_rminor); 250 } 251 /* 252 * Remove inode, then reload it through VFS_VGET so it is 253 * checked to see if it is an alias of an existing entry in 254 * the inode cache. 255 */ 256 (*vpp)->v_type = VNON; 257 ino = ip->i_number; /* Save this before vgone() invalidates ip. */ 258 vgone_vxlocked(*vpp); 259 vput(*vpp); 260 error = VFS_VGET(ap->a_dvp->v_mount, ino, vpp); 261 if (error) { 262 *vpp = NULL; 263 return (error); 264 } 265 return (0); 266 } 267 268 /* 269 * Open called. 270 * 271 * Nothing to do. 272 * 273 * ufs_open(struct vnode *a_vp, int a_mode, struct ucred *a_cred, 274 * struct file *a_fp) 275 */ 276 /* ARGSUSED */ 277 static 278 int 279 ufs_open(struct vop_open_args *ap) 280 { 281 struct vnode *vp = ap->a_vp; 282 283 /* 284 * Files marked append-only must be opened for appending. 285 */ 286 if ((VTOI(vp)->i_flags & APPEND) && 287 (ap->a_mode & (FWRITE | O_APPEND)) == FWRITE) { 288 return (EPERM); 289 } 290 291 return (vop_stdopen(ap)); 292 } 293 294 /* 295 * Close called. 296 * 297 * Update the times on the inode. 298 * 299 * ufs_close(struct vnode *a_vp, int a_fflag) 300 */ 301 /* ARGSUSED */ 302 static 303 int 304 ufs_close(struct vop_close_args *ap) 305 { 306 struct vnode *vp = ap->a_vp; 307 308 if (vp->v_sysref.refcnt > 1) 309 ufs_itimes(vp); 310 return (vop_stdclose(ap)); 311 } 312 313 /* 314 * ufs_access(struct vnode *a_vp, int a_mode, struct ucred *a_cred) 315 */ 316 static 317 int 318 ufs_access(struct vop_access_args *ap) 319 { 320 struct vnode *vp = ap->a_vp; 321 struct inode *ip = VTOI(vp); 322 struct ucred *cred = ap->a_cred; 323 mode_t mask, mode = ap->a_mode; 324 gid_t *gp; 325 int i; 326 #ifdef QUOTA 327 int error; 328 #endif 329 330 /* 331 * Disallow write attempts on read-only filesystems; 332 * unless the file is a socket, fifo, or a block or 333 * character device resident on the filesystem. 334 */ 335 if (mode & VWRITE) { 336 switch (vp->v_type) { 337 case VDIR: 338 case VLNK: 339 case VREG: 340 if (vp->v_mount->mnt_flag & MNT_RDONLY) 341 return (EROFS); 342 #ifdef QUOTA 343 if ((error = ufs_getinoquota(ip)) != 0) 344 return (error); 345 #endif 346 break; 347 default: 348 break; 349 } 350 } 351 352 /* If immutable bit set, nobody gets to write it. */ 353 if ((mode & VWRITE) && (ip->i_flags & IMMUTABLE)) 354 return (EPERM); 355 356 /* Otherwise, user id 0 always gets access. */ 357 if (cred->cr_uid == 0) 358 return (0); 359 360 mask = 0; 361 362 /* Otherwise, check the owner. */ 363 if (cred->cr_uid == ip->i_uid) { 364 if (mode & VEXEC) 365 mask |= S_IXUSR; 366 if (mode & VREAD) 367 mask |= S_IRUSR; 368 if (mode & VWRITE) 369 mask |= S_IWUSR; 370 return ((ip->i_mode & mask) == mask ? 0 : EACCES); 371 } 372 373 /* Otherwise, check the groups. */ 374 for (i = 0, gp = cred->cr_groups; i < cred->cr_ngroups; i++, gp++) 375 if (ip->i_gid == *gp) { 376 if (mode & VEXEC) 377 mask |= S_IXGRP; 378 if (mode & VREAD) 379 mask |= S_IRGRP; 380 if (mode & VWRITE) 381 mask |= S_IWGRP; 382 return ((ip->i_mode & mask) == mask ? 0 : EACCES); 383 } 384 385 /* Otherwise, check everyone else. */ 386 if (mode & VEXEC) 387 mask |= S_IXOTH; 388 if (mode & VREAD) 389 mask |= S_IROTH; 390 if (mode & VWRITE) 391 mask |= S_IWOTH; 392 return ((ip->i_mode & mask) == mask ? 0 : EACCES); 393 } 394 395 /* 396 * ufs_getattr(struct vnode *a_vp, struct vattr *a_vap) 397 */ 398 /* ARGSUSED */ 399 static 400 int 401 ufs_getattr(struct vop_getattr_args *ap) 402 { 403 struct vnode *vp = ap->a_vp; 404 struct inode *ip = VTOI(vp); 405 struct vattr *vap = ap->a_vap; 406 407 /* 408 * This may cause i_fsmid to be updated even if no change (0) 409 * is returned, but we should only write out the inode if non-zero 410 * is returned and if the mount is read-write. 411 */ 412 if (cache_check_fsmid_vp(vp, &ip->i_fsmid) && 413 (vp->v_mount->mnt_flag & MNT_RDONLY) == 0 414 ) { 415 ip->i_flag |= IN_LAZYMOD; 416 } 417 418 ufs_itimes(vp); 419 /* 420 * Copy from inode table 421 */ 422 vap->va_fsid = dev2udev(ip->i_dev); 423 vap->va_fileid = ip->i_number; 424 vap->va_mode = ip->i_mode & ~IFMT; 425 vap->va_nlink = VFSTOUFS(vp->v_mount)->um_i_effnlink_valid ? 426 ip->i_effnlink : ip->i_nlink; 427 vap->va_uid = ip->i_uid; 428 vap->va_gid = ip->i_gid; 429 vap->va_rmajor = umajor(ip->i_rdev); 430 vap->va_rminor = uminor(ip->i_rdev); 431 vap->va_size = ip->i_din.di_size; 432 vap->va_atime.tv_sec = ip->i_atime; 433 vap->va_atime.tv_nsec = ip->i_atimensec; 434 vap->va_mtime.tv_sec = ip->i_mtime; 435 vap->va_mtime.tv_nsec = ip->i_mtimensec; 436 vap->va_ctime.tv_sec = ip->i_ctime; 437 vap->va_ctime.tv_nsec = ip->i_ctimensec; 438 vap->va_flags = ip->i_flags; 439 vap->va_gen = ip->i_gen; 440 vap->va_blocksize = vp->v_mount->mnt_stat.f_iosize; 441 vap->va_bytes = dbtob((u_quad_t)ip->i_blocks); 442 vap->va_type = IFTOVT(ip->i_mode); 443 vap->va_filerev = ip->i_modrev; 444 vap->va_fsmid = ip->i_fsmid; 445 return (0); 446 } 447 448 static 449 int 450 ufs_markatime(struct vop_markatime_args *ap) 451 { 452 struct vnode *vp = ap->a_vp; 453 struct inode *ip = VTOI(vp); 454 455 if (vp->v_mount->mnt_flag & MNT_RDONLY) 456 return (EROFS); 457 if (vp->v_mount->mnt_flag & MNT_NOATIME) 458 return (0); 459 ip->i_flag |= IN_ACCESS; 460 VN_KNOTE(vp, NOTE_ATTRIB); 461 return (0); 462 } 463 464 /* 465 * Set attribute vnode op. called from several syscalls 466 * 467 * ufs_setattr(struct vnode *a_vp, struct vattr *a_vap, 468 * struct ucred *a_cred) 469 */ 470 static 471 int 472 ufs_setattr(struct vop_setattr_args *ap) 473 { 474 struct vattr *vap = ap->a_vap; 475 struct vnode *vp = ap->a_vp; 476 struct inode *ip = VTOI(vp); 477 struct ucred *cred = ap->a_cred; 478 int error; 479 480 /* 481 * Check for unsettable attributes. 482 */ 483 if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) || 484 (vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) || 485 (vap->va_blocksize != VNOVAL) || (vap->va_rmajor != VNOVAL) || 486 ((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) { 487 return (EINVAL); 488 } 489 if (vap->va_flags != VNOVAL) { 490 if (vp->v_mount->mnt_flag & MNT_RDONLY) 491 return (EROFS); 492 if (cred->cr_uid != ip->i_uid && 493 (error = priv_check_cred(cred, PRIV_ROOT, PRISON_ROOT))) 494 return (error); 495 /* 496 * Note that a root chflags becomes a user chflags when 497 * we are jailed, unless the jail.chflags_allowed sysctl 498 * is set. 499 */ 500 if (cred->cr_uid == 0 && 501 (!jailed(cred) || jail_chflags_allowed)) { 502 if ((ip->i_flags 503 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) && 504 securelevel > 0) 505 return (EPERM); 506 ip->i_flags = vap->va_flags; 507 } else { 508 if (ip->i_flags 509 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) || 510 (vap->va_flags & UF_SETTABLE) != vap->va_flags) 511 return (EPERM); 512 ip->i_flags &= SF_SETTABLE; 513 ip->i_flags |= (vap->va_flags & UF_SETTABLE); 514 } 515 ip->i_flag |= IN_CHANGE; 516 if (vap->va_flags & (IMMUTABLE | APPEND)) 517 return (0); 518 } 519 if (ip->i_flags & (IMMUTABLE | APPEND)) 520 return (EPERM); 521 /* 522 * Go through the fields and update iff not VNOVAL. 523 */ 524 if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) { 525 if (vp->v_mount->mnt_flag & MNT_RDONLY) 526 return (EROFS); 527 if ((error = ufs_chown(vp, vap->va_uid, vap->va_gid, cred)) != 0) 528 return (error); 529 } 530 if (vap->va_size != VNOVAL) { 531 /* 532 * Disallow write attempts on read-only filesystems; 533 * unless the file is a socket, fifo, or a block or 534 * character device resident on the filesystem. 535 */ 536 switch (vp->v_type) { 537 case VDIR: 538 return (EISDIR); 539 case VLNK: 540 case VREG: 541 if (vp->v_mount->mnt_flag & MNT_RDONLY) 542 return (EROFS); 543 break; 544 default: 545 break; 546 } 547 if ((error = ffs_truncate(vp, vap->va_size, 0, cred)) != 0) 548 return (error); 549 } 550 ip = VTOI(vp); 551 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 552 if (vp->v_mount->mnt_flag & MNT_RDONLY) 553 return (EROFS); 554 if (cred->cr_uid != ip->i_uid && 555 (error = priv_check_cred(cred, PRIV_ROOT, PRISON_ROOT)) && 556 ((vap->va_vaflags & VA_UTIMES_NULL) == 0 || 557 (error = VOP_ACCESS(vp, VWRITE, cred)))) 558 return (error); 559 if (vap->va_atime.tv_sec != VNOVAL) 560 ip->i_flag |= IN_ACCESS; 561 if (vap->va_mtime.tv_sec != VNOVAL) 562 ip->i_flag |= IN_CHANGE | IN_UPDATE; 563 ufs_itimes(vp); 564 if (vap->va_atime.tv_sec != VNOVAL) { 565 ip->i_atime = vap->va_atime.tv_sec; 566 ip->i_atimensec = vap->va_atime.tv_nsec; 567 } 568 if (vap->va_mtime.tv_sec != VNOVAL) { 569 ip->i_mtime = vap->va_mtime.tv_sec; 570 ip->i_mtimensec = vap->va_mtime.tv_nsec; 571 } 572 error = ffs_update(vp, 0); 573 if (error) 574 return (error); 575 } 576 error = 0; 577 if (vap->va_mode != (mode_t)VNOVAL) { 578 if (vp->v_mount->mnt_flag & MNT_RDONLY) 579 return (EROFS); 580 error = ufs_chmod(vp, (int)vap->va_mode, cred); 581 } 582 VN_KNOTE(vp, NOTE_ATTRIB); 583 return (error); 584 } 585 586 /* 587 * Change the mode on a file. 588 * Inode must be locked before calling. 589 */ 590 static int 591 ufs_chmod(struct vnode *vp, int mode, struct ucred *cred) 592 { 593 struct inode *ip = VTOI(vp); 594 int error; 595 596 if (cred->cr_uid != ip->i_uid) { 597 error = priv_check_cred(cred, PRIV_ROOT, PRISON_ROOT); 598 if (error) 599 return (error); 600 } 601 if (cred->cr_uid) { 602 if (vp->v_type != VDIR && (mode & S_ISTXT)) 603 return (EFTYPE); 604 if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) 605 return (EPERM); 606 } 607 ip->i_mode &= ~ALLPERMS; 608 ip->i_mode |= (mode & ALLPERMS); 609 ip->i_flag |= IN_CHANGE; 610 return (0); 611 } 612 613 /* 614 * Perform chown operation on inode ip; 615 * inode must be locked prior to call. 616 */ 617 static int 618 ufs_chown(struct vnode *vp, uid_t uid, gid_t gid, struct ucred *cred) 619 { 620 struct inode *ip = VTOI(vp); 621 uid_t ouid; 622 gid_t ogid; 623 int error = 0; 624 #ifdef QUOTA 625 int i; 626 long change; 627 #endif 628 629 if (uid == (uid_t)VNOVAL) 630 uid = ip->i_uid; 631 if (gid == (gid_t)VNOVAL) 632 gid = ip->i_gid; 633 /* 634 * If we don't own the file, are trying to change the owner 635 * of the file, or are not a member of the target group, 636 * the caller must be superuser or the call fails. 637 */ 638 if ((cred->cr_uid != ip->i_uid || uid != ip->i_uid || 639 (gid != ip->i_gid && !(cred->cr_gid == gid || 640 groupmember((gid_t)gid, cred)))) && 641 (error = priv_check_cred(cred, PRIV_ROOT, PRISON_ROOT))) 642 return (error); 643 ogid = ip->i_gid; 644 ouid = ip->i_uid; 645 #ifdef QUOTA 646 if ((error = ufs_getinoquota(ip)) != 0) 647 return (error); 648 if (ouid == uid) { 649 ufs_dqrele(vp, ip->i_dquot[USRQUOTA]); 650 ip->i_dquot[USRQUOTA] = NODQUOT; 651 } 652 if (ogid == gid) { 653 ufs_dqrele(vp, ip->i_dquot[GRPQUOTA]); 654 ip->i_dquot[GRPQUOTA] = NODQUOT; 655 } 656 change = ip->i_blocks; 657 (void) ufs_chkdq(ip, -change, cred, CHOWN); 658 (void) ufs_chkiq(ip, -1, cred, CHOWN); 659 for (i = 0; i < MAXQUOTAS; i++) { 660 ufs_dqrele(vp, ip->i_dquot[i]); 661 ip->i_dquot[i] = NODQUOT; 662 } 663 #endif 664 ip->i_gid = gid; 665 ip->i_uid = uid; 666 #ifdef QUOTA 667 if ((error = ufs_getinoquota(ip)) == 0) { 668 if (ouid == uid) { 669 ufs_dqrele(vp, ip->i_dquot[USRQUOTA]); 670 ip->i_dquot[USRQUOTA] = NODQUOT; 671 } 672 if (ogid == gid) { 673 ufs_dqrele(vp, ip->i_dquot[GRPQUOTA]); 674 ip->i_dquot[GRPQUOTA] = NODQUOT; 675 } 676 if ((error = ufs_chkdq(ip, change, cred, CHOWN)) == 0) { 677 if ((error = ufs_chkiq(ip, 1, cred, CHOWN)) == 0) 678 goto good; 679 else 680 (void)ufs_chkdq(ip, -change, cred, CHOWN|FORCE); 681 } 682 for (i = 0; i < MAXQUOTAS; i++) { 683 ufs_dqrele(vp, ip->i_dquot[i]); 684 ip->i_dquot[i] = NODQUOT; 685 } 686 } 687 ip->i_gid = ogid; 688 ip->i_uid = ouid; 689 if (ufs_getinoquota(ip) == 0) { 690 if (ouid == uid) { 691 ufs_dqrele(vp, ip->i_dquot[USRQUOTA]); 692 ip->i_dquot[USRQUOTA] = NODQUOT; 693 } 694 if (ogid == gid) { 695 ufs_dqrele(vp, ip->i_dquot[GRPQUOTA]); 696 ip->i_dquot[GRPQUOTA] = NODQUOT; 697 } 698 (void) ufs_chkdq(ip, change, cred, FORCE|CHOWN); 699 (void) ufs_chkiq(ip, 1, cred, FORCE|CHOWN); 700 (void) ufs_getinoquota(ip); 701 } 702 return (error); 703 good: 704 if (ufs_getinoquota(ip)) 705 panic("ufs_chown: lost quota"); 706 #endif /* QUOTA */ 707 ip->i_flag |= IN_CHANGE; 708 if (cred->cr_uid != 0 && (ouid != uid || ogid != gid)) 709 ip->i_mode &= ~(ISUID | ISGID); 710 return (0); 711 } 712 713 /* 714 * Mmap a file 715 * 716 * NB Currently unsupported. 717 * 718 * ufs_mmap(struct vnode *a_vp, int a_fflags, struct ucred *a_cred) 719 */ 720 /* ARGSUSED */ 721 static 722 int 723 ufs_mmap(struct vop_mmap_args *ap) 724 { 725 return (EINVAL); 726 } 727 728 /* 729 * ufs_remove(struct vnode *a_dvp, struct vnode *a_vp, 730 * struct componentname *a_cnp) 731 */ 732 static 733 int 734 ufs_remove(struct vop_old_remove_args *ap) 735 { 736 struct inode *ip; 737 struct vnode *vp = ap->a_vp; 738 struct vnode *dvp = ap->a_dvp; 739 int error; 740 741 ip = VTOI(vp); 742 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 743 (VTOI(dvp)->i_flags & APPEND)) { 744 error = EPERM; 745 goto out; 746 } 747 error = ufs_dirremove(dvp, ip, ap->a_cnp->cn_flags, 0); 748 VN_KNOTE(vp, NOTE_DELETE); 749 VN_KNOTE(dvp, NOTE_WRITE); 750 out: 751 return (error); 752 } 753 754 /* 755 * link vnode call 756 * 757 * ufs_link(struct vnode *a_tdvp, struct vnode *a_vp, 758 * struct componentname *a_cnp) 759 */ 760 static 761 int 762 ufs_link(struct vop_old_link_args *ap) 763 { 764 struct vnode *vp = ap->a_vp; 765 struct vnode *tdvp = ap->a_tdvp; 766 struct componentname *cnp = ap->a_cnp; 767 struct inode *ip; 768 struct direct newdir; 769 int error; 770 771 if (tdvp->v_mount != vp->v_mount) { 772 error = EXDEV; 773 goto out2; 774 } 775 if (tdvp != vp && (error = vn_lock(vp, LK_EXCLUSIVE))) { 776 goto out2; 777 } 778 ip = VTOI(vp); 779 if ((nlink_t)ip->i_nlink >= LINK_MAX) { 780 error = EMLINK; 781 goto out1; 782 } 783 if (ip->i_flags & (IMMUTABLE | APPEND)) { 784 error = EPERM; 785 goto out1; 786 } 787 ip->i_effnlink++; 788 ip->i_nlink++; 789 ip->i_flag |= IN_CHANGE; 790 if (DOINGSOFTDEP(vp)) 791 softdep_change_linkcnt(ip); 792 error = ffs_update(vp, !(DOINGSOFTDEP(vp) | DOINGASYNC(vp))); 793 if (!error) { 794 ufs_makedirentry(ip, cnp, &newdir); 795 error = ufs_direnter(tdvp, vp, &newdir, cnp, NULL); 796 } 797 798 if (error) { 799 ip->i_effnlink--; 800 ip->i_nlink--; 801 ip->i_flag |= IN_CHANGE; 802 if (DOINGSOFTDEP(vp)) 803 softdep_change_linkcnt(ip); 804 } 805 out1: 806 if (tdvp != vp) 807 vn_unlock(vp); 808 out2: 809 VN_KNOTE(vp, NOTE_LINK); 810 VN_KNOTE(tdvp, NOTE_WRITE); 811 return (error); 812 } 813 814 /* 815 * whiteout vnode call 816 * 817 * ufs_whiteout(struct vnode *a_dvp, struct componentname *a_cnp, int a_flags) 818 */ 819 static 820 int 821 ufs_whiteout(struct vop_old_whiteout_args *ap) 822 { 823 struct vnode *dvp = ap->a_dvp; 824 struct componentname *cnp = ap->a_cnp; 825 struct direct newdir; 826 int error = 0; 827 828 switch (ap->a_flags) { 829 case NAMEI_LOOKUP: 830 /* 4.4 format directories support whiteout operations */ 831 if (dvp->v_mount->mnt_maxsymlinklen > 0) 832 return (0); 833 return (EOPNOTSUPP); 834 835 case NAMEI_CREATE: 836 /* create a new directory whiteout */ 837 #ifdef DIAGNOSTIC 838 if (dvp->v_mount->mnt_maxsymlinklen <= 0) 839 panic("ufs_whiteout: old format filesystem"); 840 #endif 841 842 newdir.d_ino = WINO; 843 newdir.d_namlen = cnp->cn_namelen; 844 bcopy(cnp->cn_nameptr, newdir.d_name, (unsigned)cnp->cn_namelen + 1); 845 newdir.d_type = DT_WHT; 846 error = ufs_direnter(dvp, NULL, &newdir, cnp, NULL); 847 break; 848 849 case NAMEI_DELETE: 850 /* remove an existing directory whiteout */ 851 #ifdef DIAGNOSTIC 852 if (dvp->v_mount->mnt_maxsymlinklen <= 0) 853 panic("ufs_whiteout: old format filesystem"); 854 #endif 855 856 cnp->cn_flags &= ~CNP_DOWHITEOUT; 857 error = ufs_dirremove(dvp, NULL, cnp->cn_flags, 0); 858 break; 859 default: 860 panic("ufs_whiteout: unknown op"); 861 } 862 return (error); 863 } 864 865 /* 866 * Rename system call. 867 * rename("foo", "bar"); 868 * is essentially 869 * unlink("bar"); 870 * link("foo", "bar"); 871 * unlink("foo"); 872 * but ``atomically''. Can't do full commit without saving state in the 873 * inode on disk which isn't feasible at this time. Best we can do is 874 * always guarantee the target exists. 875 * 876 * Basic algorithm is: 877 * 878 * 1) Bump link count on source while we're linking it to the 879 * target. This also ensure the inode won't be deleted out 880 * from underneath us while we work (it may be truncated by 881 * a concurrent `trunc' or `open' for creation). 882 * 2) Link source to destination. If destination already exists, 883 * delete it first. 884 * 3) Unlink source reference to inode if still around. If a 885 * directory was moved and the parent of the destination 886 * is different from the source, patch the ".." entry in the 887 * directory. 888 * 889 * ufs_rename(struct vnode *a_fdvp, struct vnode *a_fvp, 890 * struct componentname *a_fcnp, struct vnode *a_tdvp, 891 * struct vnode *a_tvp, struct componentname *a_tcnp) 892 */ 893 static 894 int 895 ufs_rename(struct vop_old_rename_args *ap) 896 { 897 struct vnode *tvp = ap->a_tvp; 898 struct vnode *tdvp = ap->a_tdvp; 899 struct vnode *fvp = ap->a_fvp; 900 struct vnode *fdvp = ap->a_fdvp; 901 struct componentname *tcnp = ap->a_tcnp; 902 struct componentname *fcnp = ap->a_fcnp; 903 struct inode *ip, *xp, *dp; 904 struct direct newdir; 905 ino_t oldparent = 0, newparent = 0; 906 int doingdirectory = 0; 907 int error = 0, ioflag; 908 909 /* 910 * Check for cross-device rename. 911 */ 912 if ((fvp->v_mount != tdvp->v_mount) || 913 (tvp && (fvp->v_mount != tvp->v_mount))) { 914 error = EXDEV; 915 abortit: 916 if (tdvp == tvp) 917 vrele(tdvp); 918 else 919 vput(tdvp); 920 if (tvp) 921 vput(tvp); 922 vrele(fdvp); 923 vrele(fvp); 924 return (error); 925 } 926 927 if (tvp && ((VTOI(tvp)->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 928 (VTOI(tdvp)->i_flags & APPEND))) { 929 error = EPERM; 930 goto abortit; 931 } 932 933 /* 934 * Renaming a file to itself has no effect. The upper layers should 935 * not call us in that case. Temporarily just warn if they do. 936 */ 937 if (fvp == tvp) { 938 kprintf("ufs_rename: fvp == tvp (can't happen)\n"); 939 error = 0; 940 goto abortit; 941 } 942 943 if ((error = vn_lock(fvp, LK_EXCLUSIVE)) != 0) 944 goto abortit; 945 946 /* 947 * Note: now that fvp is locked we have to be sure to unlock it before 948 * using the 'abortit' target. 949 */ 950 dp = VTOI(fdvp); 951 ip = VTOI(fvp); 952 if (ip->i_nlink >= LINK_MAX) { 953 vn_unlock(fvp); 954 error = EMLINK; 955 goto abortit; 956 } 957 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) 958 || (dp->i_flags & APPEND)) { 959 vn_unlock(fvp); 960 error = EPERM; 961 goto abortit; 962 } 963 if ((ip->i_mode & IFMT) == IFDIR) { 964 /* 965 * Avoid ".", "..", and aliases of "." for obvious reasons. 966 */ 967 if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') || 968 dp == ip || (fcnp->cn_flags | tcnp->cn_flags) & CNP_ISDOTDOT || 969 (ip->i_flag & IN_RENAME)) { 970 vn_unlock(fvp); 971 error = EINVAL; 972 goto abortit; 973 } 974 ip->i_flag |= IN_RENAME; 975 oldparent = dp->i_number; 976 doingdirectory = 1; 977 } 978 VN_KNOTE(fdvp, NOTE_WRITE); /* XXX right place? */ 979 980 /* 981 * fvp still locked. ip->i_flag has IN_RENAME set if doingdirectory. 982 * Cleanup fvp requirements so we can unlock it. 983 * 984 * tvp and tdvp are locked. tvp may be NULL. Now that dp and xp 985 * is setup we can use the 'bad' target if we unlock fvp. We cannot 986 * use the abortit target anymore because of IN_RENAME. 987 */ 988 dp = VTOI(tdvp); 989 if (tvp) 990 xp = VTOI(tvp); 991 else 992 xp = NULL; 993 994 /* 995 * 1) Bump link count while we're moving stuff 996 * around. If we crash somewhere before 997 * completing our work, the link count 998 * may be wrong, but correctable. 999 */ 1000 ip->i_effnlink++; 1001 ip->i_nlink++; 1002 ip->i_flag |= IN_CHANGE; 1003 if (DOINGSOFTDEP(fvp)) 1004 softdep_change_linkcnt(ip); 1005 if ((error = ffs_update(fvp, !(DOINGSOFTDEP(fvp) | 1006 DOINGASYNC(fvp)))) != 0) { 1007 vn_unlock(fvp); 1008 goto bad; 1009 } 1010 1011 /* 1012 * If ".." must be changed (ie the directory gets a new 1013 * parent) then the source directory must not be in the 1014 * directory heirarchy above the target, as this would 1015 * orphan everything below the source directory. Also 1016 * the user must have write permission in the source so 1017 * as to be able to change "..". We must repeat the call 1018 * to namei, as the parent directory is unlocked by the 1019 * call to checkpath(). 1020 */ 1021 error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred); 1022 vn_unlock(fvp); 1023 1024 /* 1025 * We are now back to where we were in that fvp, fdvp are unlocked 1026 * and tvp, tdvp are locked. tvp may be NULL. IN_RENAME may be 1027 * set. Only the bad target or, if we clean up tvp and tdvp, the 1028 * out target, may be used. 1029 */ 1030 if (oldparent != dp->i_number) 1031 newparent = dp->i_number; 1032 if (doingdirectory && newparent) { 1033 if (error) /* write access check above */ 1034 goto bad; 1035 1036 /* 1037 * Once we start messing with tvp and tdvp we cannot use the 1038 * 'bad' target, only finish cleaning tdvp and tvp up and 1039 * use the 'out' target. 1040 * 1041 * This cleans up tvp. 1042 */ 1043 if (xp != NULL) { 1044 vput(tvp); 1045 xp = NULL; 1046 } 1047 1048 /* 1049 * This is a real mess. ufs_checkpath vput's the target 1050 * directory so retain an extra ref and note that tdvp will 1051 * lose its lock on return. This leaves us with one good 1052 * ref after ufs_checkpath returns. 1053 */ 1054 vref(tdvp); 1055 error = ufs_checkpath(ip, dp, tcnp->cn_cred); 1056 tcnp->cn_flags |= CNP_PDIRUNLOCK; 1057 if (error) { 1058 vrele(tdvp); 1059 goto out; 1060 } 1061 1062 /* 1063 * relookup no longer messes with tdvp's refs. tdvp must be 1064 * unlocked on entry and will be locked on a successful 1065 * return. 1066 */ 1067 error = relookup(tdvp, &tvp, tcnp); 1068 if (error) { 1069 if (tcnp->cn_flags & CNP_PDIRUNLOCK) 1070 vrele(tdvp); 1071 else 1072 vput(tdvp); 1073 goto out; 1074 } 1075 KKASSERT((tcnp->cn_flags & CNP_PDIRUNLOCK) == 0); 1076 dp = VTOI(tdvp); 1077 if (tvp) 1078 xp = VTOI(tvp); 1079 } 1080 1081 /* 1082 * We are back to fvp, fdvp unlocked, tvp, tdvp locked. tvp may 1083 * be NULL (xp will also be NULL in that case), and IN_RENAME will 1084 * be set if doingdirectory. This means we can use the 'bad' target 1085 * again. 1086 */ 1087 1088 /* 1089 * 2) If target doesn't exist, link the target 1090 * to the source and unlink the source. 1091 * Otherwise, rewrite the target directory 1092 * entry to reference the source inode and 1093 * expunge the original entry's existence. 1094 */ 1095 if (xp == NULL) { 1096 if (dp->i_dev != ip->i_dev) 1097 panic("ufs_rename: EXDEV"); 1098 /* 1099 * Account for ".." in new directory. 1100 * When source and destination have the same 1101 * parent we don't fool with the link count. 1102 */ 1103 if (doingdirectory && newparent) { 1104 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1105 error = EMLINK; 1106 goto bad; 1107 } 1108 dp->i_effnlink++; 1109 dp->i_nlink++; 1110 dp->i_flag |= IN_CHANGE; 1111 if (DOINGSOFTDEP(tdvp)) 1112 softdep_change_linkcnt(dp); 1113 error = ffs_update(tdvp, !(DOINGSOFTDEP(tdvp) | 1114 DOINGASYNC(tdvp))); 1115 if (error) 1116 goto bad; 1117 } 1118 ufs_makedirentry(ip, tcnp, &newdir); 1119 error = ufs_direnter(tdvp, NULL, &newdir, tcnp, NULL); 1120 if (error) { 1121 if (doingdirectory && newparent) { 1122 dp->i_effnlink--; 1123 dp->i_nlink--; 1124 dp->i_flag |= IN_CHANGE; 1125 if (DOINGSOFTDEP(tdvp)) 1126 softdep_change_linkcnt(dp); 1127 (void)ffs_update(tdvp, 1); 1128 } 1129 goto bad; 1130 } 1131 VN_KNOTE(tdvp, NOTE_WRITE); 1132 vput(tdvp); 1133 } else { 1134 if (xp->i_dev != dp->i_dev || xp->i_dev != ip->i_dev) 1135 panic("ufs_rename: EXDEV"); 1136 /* 1137 * Short circuit rename(foo, foo). 1138 */ 1139 if (xp->i_number == ip->i_number) 1140 panic("ufs_rename: same file"); 1141 /* 1142 * If the parent directory is "sticky", then the user must 1143 * own the parent directory, or the destination of the rename, 1144 * otherwise the destination may not be changed (except by 1145 * root). This implements append-only directories. 1146 */ 1147 if ((dp->i_mode & S_ISTXT) && tcnp->cn_cred->cr_uid != 0 && 1148 tcnp->cn_cred->cr_uid != dp->i_uid && 1149 xp->i_uid != tcnp->cn_cred->cr_uid) { 1150 error = EPERM; 1151 goto bad; 1152 } 1153 /* 1154 * Target must be empty if a directory and have no links 1155 * to it. Also, ensure source and target are compatible 1156 * (both directories, or both not directories). 1157 * 1158 * Purge the file or directory being replaced from the 1159 * nameccache. 1160 */ 1161 if ((xp->i_mode&IFMT) == IFDIR) { 1162 if ((xp->i_effnlink > 2) || 1163 !ufs_dirempty(xp, dp->i_number, tcnp->cn_cred)) { 1164 error = ENOTEMPTY; 1165 goto bad; 1166 } 1167 if (!doingdirectory) { 1168 error = ENOTDIR; 1169 goto bad; 1170 } 1171 /* cache_purge removed - handled by VFS compat layer */ 1172 } else if (doingdirectory == 0) { 1173 /* cache_purge removed - handled by VFS compat layer */ 1174 } else { 1175 error = EISDIR; 1176 goto bad; 1177 } 1178 /* 1179 * note: inode passed to ufs_dirrewrite() is 0 for a 1180 * non-directory file rename, 1 for a directory rename 1181 * in the same directory, and > 1 for an inode representing 1182 * the new directory. 1183 */ 1184 error = ufs_dirrewrite(dp, xp, ip->i_number, 1185 IFTODT(ip->i_mode), 1186 (doingdirectory && newparent) ? 1187 newparent : (ino_t)doingdirectory); 1188 if (error) 1189 goto bad; 1190 if (doingdirectory) { 1191 if (!newparent) { 1192 dp->i_effnlink--; 1193 if (DOINGSOFTDEP(tdvp)) 1194 softdep_change_linkcnt(dp); 1195 } 1196 xp->i_effnlink--; 1197 if (DOINGSOFTDEP(tvp)) 1198 softdep_change_linkcnt(xp); 1199 } 1200 if (doingdirectory && !DOINGSOFTDEP(tvp)) { 1201 /* 1202 * Truncate inode. The only stuff left in the directory 1203 * is "." and "..". The "." reference is inconsequential 1204 * since we are quashing it. We have removed the "." 1205 * reference and the reference in the parent directory, 1206 * but there may be other hard links. The soft 1207 * dependency code will arrange to do these operations 1208 * after the parent directory entry has been deleted on 1209 * disk, so when running with that code we avoid doing 1210 * them now. 1211 */ 1212 if (!newparent) { 1213 dp->i_nlink--; 1214 dp->i_flag |= IN_CHANGE; 1215 } 1216 xp->i_nlink--; 1217 xp->i_flag |= IN_CHANGE; 1218 ioflag = DOINGASYNC(tvp) ? 0 : IO_SYNC; 1219 error = ffs_truncate(tvp, (off_t)0, ioflag, 1220 tcnp->cn_cred); 1221 if (error) 1222 goto bad; 1223 } 1224 VN_KNOTE(tdvp, NOTE_WRITE); 1225 vput(tdvp); 1226 VN_KNOTE(tvp, NOTE_DELETE); 1227 vput(tvp); 1228 xp = NULL; 1229 } 1230 1231 /* 1232 * tvp and tdvp have been cleaned up. only fvp and fdvp (both 1233 * unlocked) remain. We are about to overwrite fvp but we have to 1234 * keep 'ip' intact so we cannot release the old fvp, which is still 1235 * refd and accessible via ap->a_fvp. 1236 * 1237 * This means we cannot use either 'bad' or 'out' to cleanup any 1238 * more. 1239 */ 1240 1241 /* 1242 * 3) Unlink the source. 1243 */ 1244 fcnp->cn_flags &= ~CNP_MODMASK; 1245 fcnp->cn_flags |= CNP_LOCKPARENT; 1246 error = relookup(fdvp, &fvp, fcnp); 1247 if (error || fvp == NULL) { 1248 /* 1249 * From name has disappeared. IN_RENAME will not be set if 1250 * we get past the panic so we don't have to clean it up. 1251 */ 1252 if (doingdirectory) 1253 panic("ufs_rename: lost dir entry"); 1254 vrele(ap->a_fvp); 1255 if (fcnp->cn_flags & CNP_PDIRUNLOCK) 1256 vrele(fdvp); 1257 else 1258 vput(fdvp); 1259 return(0); 1260 } 1261 KKASSERT((fcnp->cn_flags & CNP_PDIRUNLOCK) == 0); 1262 1263 /* 1264 * fdvp and fvp are locked. 1265 */ 1266 xp = VTOI(fvp); 1267 dp = VTOI(fdvp); 1268 1269 /* 1270 * Ensure that the directory entry still exists and has not 1271 * changed while the new name has been entered. If the source is 1272 * a file then the entry may have been unlinked or renamed. In 1273 * either case there is no further work to be done. If the source 1274 * is a directory then it cannot have been rmdir'ed; the IN_RENAME 1275 * flag ensures that it cannot be moved by another rename or removed 1276 * by a rmdir. Cleanup IN_RENAME. 1277 */ 1278 if (xp != ip) { 1279 if (doingdirectory) 1280 panic("ufs_rename: lost dir entry"); 1281 } else { 1282 /* 1283 * If the source is a directory with a 1284 * new parent, the link count of the old 1285 * parent directory must be decremented 1286 * and ".." set to point to the new parent. 1287 */ 1288 if (doingdirectory && newparent) { 1289 xp->i_offset = mastertemplate.dot_reclen; 1290 ufs_dirrewrite(xp, dp, newparent, DT_DIR, 0); 1291 /* cache_purge removed - handled by VFS compat layer */ 1292 } 1293 error = ufs_dirremove(fdvp, xp, fcnp->cn_flags, 0); 1294 xp->i_flag &= ~IN_RENAME; 1295 } 1296 1297 VN_KNOTE(fvp, NOTE_RENAME); 1298 vput(fdvp); 1299 vput(fvp); 1300 vrele(ap->a_fvp); 1301 return (error); 1302 1303 bad: 1304 if (xp) 1305 vput(ITOV(xp)); 1306 vput(ITOV(dp)); 1307 out: 1308 if (doingdirectory) 1309 ip->i_flag &= ~IN_RENAME; 1310 if (vn_lock(fvp, LK_EXCLUSIVE) == 0) { 1311 ip->i_effnlink--; 1312 ip->i_nlink--; 1313 ip->i_flag |= IN_CHANGE; 1314 ip->i_flag &= ~IN_RENAME; 1315 if (DOINGSOFTDEP(fvp)) 1316 softdep_change_linkcnt(ip); 1317 vput(fvp); 1318 } else { 1319 vrele(fvp); 1320 } 1321 return (error); 1322 } 1323 1324 /* 1325 * Mkdir system call 1326 * 1327 * ufs_mkdir(struct vnode *a_dvp, struct vnode **a_vpp, 1328 * struct componentname *a_cnp, struct vattr *a_vap) 1329 */ 1330 static 1331 int 1332 ufs_mkdir(struct vop_old_mkdir_args *ap) 1333 { 1334 struct vnode *dvp = ap->a_dvp; 1335 struct vattr *vap = ap->a_vap; 1336 struct componentname *cnp = ap->a_cnp; 1337 struct inode *ip, *dp; 1338 struct vnode *tvp; 1339 struct buf *bp; 1340 struct dirtemplate dirtemplate, *dtp; 1341 struct direct newdir; 1342 int error, dmode; 1343 long blkoff; 1344 1345 dp = VTOI(dvp); 1346 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1347 error = EMLINK; 1348 goto out; 1349 } 1350 dmode = vap->va_mode & 0777; 1351 dmode |= IFDIR; 1352 /* 1353 * Must simulate part of ufs_makeinode here to acquire the inode, 1354 * but not have it entered in the parent directory. The entry is 1355 * made later after writing "." and ".." entries. 1356 */ 1357 error = ffs_valloc(dvp, dmode, cnp->cn_cred, &tvp); 1358 if (error) 1359 goto out; 1360 ip = VTOI(tvp); 1361 ip->i_gid = dp->i_gid; 1362 #ifdef SUIDDIR 1363 { 1364 #ifdef QUOTA 1365 struct ucred ucred, *ucp; 1366 ucp = cnp->cn_cred; 1367 #endif 1368 /* 1369 * If we are hacking owners here, (only do this where told to) 1370 * and we are not giving it TO root, (would subvert quotas) 1371 * then go ahead and give it to the other user. 1372 * The new directory also inherits the SUID bit. 1373 * If user's UID and dir UID are the same, 1374 * 'give it away' so that the SUID is still forced on. 1375 */ 1376 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 1377 (dp->i_mode & ISUID) && dp->i_uid) { 1378 dmode |= ISUID; 1379 ip->i_uid = dp->i_uid; 1380 #ifdef QUOTA 1381 if (dp->i_uid != cnp->cn_cred->cr_uid) { 1382 /* 1383 * Make sure the correct user gets charged 1384 * for the space. 1385 * Make a dummy credential for the victim. 1386 * XXX This seems to never be accessed out of 1387 * our context so a stack variable is ok. 1388 */ 1389 ucred.cr_ref = 1; 1390 ucred.cr_uid = ip->i_uid; 1391 ucred.cr_ngroups = 1; 1392 ucred.cr_groups[0] = dp->i_gid; 1393 ucp = &ucred; 1394 } 1395 #endif 1396 } else 1397 ip->i_uid = cnp->cn_cred->cr_uid; 1398 #ifdef QUOTA 1399 if ((error = ufs_getinoquota(ip)) || 1400 (error = ufs_chkiq(ip, 1, ucp, 0))) { 1401 ffs_vfree(tvp, ip->i_number, dmode); 1402 vput(tvp); 1403 return (error); 1404 } 1405 #endif 1406 } 1407 #else /* !SUIDDIR */ 1408 ip->i_uid = cnp->cn_cred->cr_uid; 1409 #ifdef QUOTA 1410 if ((error = ufs_getinoquota(ip)) || 1411 (error = ufs_chkiq(ip, 1, cnp->cn_cred, 0))) { 1412 ffs_vfree(tvp, ip->i_number, dmode); 1413 vput(tvp); 1414 return (error); 1415 } 1416 #endif 1417 #endif /* !SUIDDIR */ 1418 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 1419 ip->i_mode = dmode; 1420 tvp->v_type = VDIR; /* Rest init'd in getnewvnode(). */ 1421 ip->i_effnlink = 2; 1422 ip->i_nlink = 2; 1423 if (DOINGSOFTDEP(tvp)) 1424 softdep_change_linkcnt(ip); 1425 if (cnp->cn_flags & CNP_ISWHITEOUT) 1426 ip->i_flags |= UF_OPAQUE; 1427 1428 /* 1429 * Bump link count in parent directory to reflect work done below. 1430 * Should be done before reference is created so cleanup is 1431 * possible if we crash. 1432 */ 1433 dp->i_effnlink++; 1434 dp->i_nlink++; 1435 dp->i_flag |= IN_CHANGE; 1436 if (DOINGSOFTDEP(dvp)) 1437 softdep_change_linkcnt(dp); 1438 error = ffs_update(tvp, !(DOINGSOFTDEP(dvp) | DOINGASYNC(dvp))); 1439 if (error) 1440 goto bad; 1441 1442 /* 1443 * The vnode must have a VM object in order to issue buffer cache 1444 * ops on it. 1445 */ 1446 vinitvmio(tvp, DIRBLKSIZ); 1447 1448 /* 1449 * Initialize directory with "." and ".." from static template. 1450 */ 1451 if (dvp->v_mount->mnt_maxsymlinklen > 0) 1452 dtp = &mastertemplate; 1453 else 1454 dtp = (struct dirtemplate *)&omastertemplate; 1455 dirtemplate = *dtp; 1456 dirtemplate.dot_ino = ip->i_number; 1457 dirtemplate.dotdot_ino = dp->i_number; 1458 vnode_pager_setsize(tvp, DIRBLKSIZ); 1459 error = VOP_BALLOC(tvp, 0LL, DIRBLKSIZ, cnp->cn_cred, B_CLRBUF, &bp); 1460 if (error) 1461 goto bad; 1462 ip->i_size = DIRBLKSIZ; 1463 ip->i_flag |= IN_CHANGE | IN_UPDATE; 1464 bcopy((caddr_t)&dirtemplate, (caddr_t)bp->b_data, sizeof dirtemplate); 1465 if (DOINGSOFTDEP(tvp)) { 1466 /* 1467 * Ensure that the entire newly allocated block is a 1468 * valid directory so that future growth within the 1469 * block does not have to ensure that the block is 1470 * written before the inode. 1471 */ 1472 blkoff = DIRBLKSIZ; 1473 while (blkoff < bp->b_bcount) { 1474 ((struct direct *) 1475 (bp->b_data + blkoff))->d_reclen = DIRBLKSIZ; 1476 blkoff += DIRBLKSIZ; 1477 } 1478 } 1479 if ((error = ffs_update(tvp, !(DOINGSOFTDEP(tvp) | 1480 DOINGASYNC(tvp)))) != 0) { 1481 bwrite(bp); 1482 goto bad; 1483 } 1484 /* 1485 * Directory set up, now install its entry in the parent directory. 1486 * 1487 * If we are not doing soft dependencies, then we must write out the 1488 * buffer containing the new directory body before entering the new 1489 * name in the parent. If we are doing soft dependencies, then the 1490 * buffer containing the new directory body will be passed to and 1491 * released in the soft dependency code after the code has attached 1492 * an appropriate ordering dependency to the buffer which ensures that 1493 * the buffer is written before the new name is written in the parent. 1494 */ 1495 if (DOINGASYNC(dvp)) 1496 bdwrite(bp); 1497 else if (!DOINGSOFTDEP(dvp) && (error = bwrite(bp)) != 0) 1498 goto bad; 1499 ufs_makedirentry(ip, cnp, &newdir); 1500 error = ufs_direnter(dvp, tvp, &newdir, cnp, bp); 1501 1502 bad: 1503 if (error == 0) { 1504 VN_KNOTE(dvp, NOTE_WRITE | NOTE_LINK); 1505 *ap->a_vpp = tvp; 1506 } else { 1507 dp->i_effnlink--; 1508 dp->i_nlink--; 1509 dp->i_flag |= IN_CHANGE; 1510 if (DOINGSOFTDEP(dvp)) 1511 softdep_change_linkcnt(dp); 1512 /* 1513 * No need to do an explicit VOP_TRUNCATE here, vrele will 1514 * do this for us because we set the link count to 0. 1515 */ 1516 ip->i_effnlink = 0; 1517 ip->i_nlink = 0; 1518 ip->i_flag |= IN_CHANGE; 1519 if (DOINGSOFTDEP(tvp)) 1520 softdep_change_linkcnt(ip); 1521 vput(tvp); 1522 } 1523 out: 1524 return (error); 1525 } 1526 1527 /* 1528 * Rmdir system call. 1529 * 1530 * ufs_rmdir(struct vnode *a_dvp, struct vnode *a_vp, 1531 * struct componentname *a_cnp) 1532 */ 1533 static 1534 int 1535 ufs_rmdir(struct vop_old_rmdir_args *ap) 1536 { 1537 struct vnode *vp = ap->a_vp; 1538 struct vnode *dvp = ap->a_dvp; 1539 struct componentname *cnp = ap->a_cnp; 1540 struct inode *ip, *dp; 1541 int error, ioflag; 1542 1543 ip = VTOI(vp); 1544 dp = VTOI(dvp); 1545 1546 /* 1547 * Do not remove a directory that is in the process of being renamed. 1548 * Verify the directory is empty (and valid). Rmdir ".." will not be 1549 * valid since ".." will contain a reference to the current directory 1550 * and thus be non-empty. Do not allow the removal of mounted on 1551 * directories (this can happen when an NFS exported filesystem 1552 * tries to remove a locally mounted on directory). 1553 */ 1554 error = 0; 1555 if (ip->i_flag & IN_RENAME) { 1556 error = EINVAL; 1557 goto out; 1558 } 1559 if (ip->i_effnlink != 2 || 1560 !ufs_dirempty(ip, dp->i_number, cnp->cn_cred)) { 1561 error = ENOTEMPTY; 1562 goto out; 1563 } 1564 if ((dp->i_flags & APPEND) 1565 || (ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))) { 1566 error = EPERM; 1567 goto out; 1568 } 1569 /* 1570 * Delete reference to directory before purging 1571 * inode. If we crash in between, the directory 1572 * will be reattached to lost+found, 1573 */ 1574 dp->i_effnlink--; 1575 ip->i_effnlink--; 1576 if (DOINGSOFTDEP(vp)) { 1577 softdep_change_linkcnt(dp); 1578 softdep_change_linkcnt(ip); 1579 } 1580 error = ufs_dirremove(dvp, ip, cnp->cn_flags, 1); 1581 if (error) { 1582 dp->i_effnlink++; 1583 ip->i_effnlink++; 1584 if (DOINGSOFTDEP(vp)) { 1585 softdep_change_linkcnt(dp); 1586 softdep_change_linkcnt(ip); 1587 } 1588 goto out; 1589 } 1590 VN_KNOTE(dvp, NOTE_WRITE | NOTE_LINK); 1591 /* 1592 * Truncate inode. The only stuff left in the directory is "." and 1593 * "..". The "." reference is inconsequential since we are quashing 1594 * it. The soft dependency code will arrange to do these operations 1595 * after the parent directory entry has been deleted on disk, so 1596 * when running with that code we avoid doing them now. 1597 */ 1598 if (!DOINGSOFTDEP(vp)) { 1599 dp->i_nlink--; 1600 dp->i_flag |= IN_CHANGE; 1601 ip->i_nlink--; 1602 ip->i_flag |= IN_CHANGE; 1603 ioflag = DOINGASYNC(vp) ? 0 : IO_SYNC; 1604 error = ffs_truncate(vp, (off_t)0, ioflag, cnp->cn_cred); 1605 } 1606 /* cache_purge removed - handled by VFS compat layer */ 1607 #ifdef UFS_DIRHASH 1608 /* Kill any active hash; i_effnlink == 0, so it will not come back. */ 1609 if (ip->i_dirhash != NULL) 1610 ufsdirhash_free(ip); 1611 #endif 1612 out: 1613 VN_KNOTE(vp, NOTE_DELETE); 1614 return (error); 1615 } 1616 1617 /* 1618 * symlink -- make a symbolic link 1619 * 1620 * ufs_symlink(struct vnode *a_dvp, struct vnode **a_vpp, 1621 * struct componentname *a_cnp, struct vattr *a_vap, 1622 * char *a_target) 1623 */ 1624 static 1625 int 1626 ufs_symlink(struct vop_old_symlink_args *ap) 1627 { 1628 struct vnode *vp, **vpp = ap->a_vpp; 1629 struct inode *ip; 1630 int len, error; 1631 1632 error = ufs_makeinode(IFLNK | ap->a_vap->va_mode, ap->a_dvp, 1633 vpp, ap->a_cnp); 1634 if (error) 1635 return (error); 1636 VN_KNOTE(ap->a_dvp, NOTE_WRITE); 1637 vp = *vpp; 1638 len = strlen(ap->a_target); 1639 if (len < vp->v_mount->mnt_maxsymlinklen) { 1640 ip = VTOI(vp); 1641 bcopy(ap->a_target, (char *)ip->i_shortlink, len); 1642 ip->i_size = len; 1643 ip->i_flag |= IN_CHANGE | IN_UPDATE; 1644 } else { 1645 /* 1646 * Make sure we have a VM object in order to use 1647 * the buffer cache. 1648 */ 1649 if (vp->v_object == NULL) 1650 vinitvmio(vp, 0); 1651 error = vn_rdwr(UIO_WRITE, vp, ap->a_target, len, (off_t)0, 1652 UIO_SYSSPACE, IO_NODELOCKED, 1653 ap->a_cnp->cn_cred, NULL); 1654 } 1655 if (error) 1656 vput(vp); 1657 return (error); 1658 } 1659 1660 /* 1661 * Vnode op for reading directories. 1662 * 1663 * ufs_readdir(struct vnode *a_vp, struct uio *a_uio, struct ucred *a_cred, 1664 * int *a_eofflag, int *ncookies, off_t **a_cookies) 1665 */ 1666 static 1667 int 1668 ufs_readdir(struct vop_readdir_args *ap) 1669 { 1670 struct uio *uio = ap->a_uio; 1671 struct vnode *vp = ap->a_vp; 1672 struct direct *dp; 1673 struct buf *bp; 1674 int retval; 1675 int error; 1676 int offset; /* offset into buffer cache buffer */ 1677 int eoffset; /* end of buffer clipped to file EOF */ 1678 int pickup; /* pickup point */ 1679 int ncookies; 1680 int cookie_index; 1681 off_t *cookies; 1682 1683 if (uio->uio_offset < 0) 1684 return (EINVAL); 1685 /* 1686 * Guess the number of cookies needed. Make sure we compute at 1687 * least 1, and no more then a reasonable limit. 1688 */ 1689 if (ap->a_ncookies) { 1690 ncookies = uio->uio_resid / 16 + 1; 1691 if (ncookies > 1024) 1692 ncookies = 1024; 1693 cookies = kmalloc(ncookies * sizeof(off_t), M_TEMP, M_WAITOK); 1694 } else { 1695 ncookies = -1; /* force conditionals below */ 1696 cookies = NULL; 1697 } 1698 cookie_index = 0; 1699 1700 if ((error = vn_lock(vp, LK_EXCLUSIVE | LK_RETRY)) != 0) 1701 return (error); 1702 1703 /* 1704 * Past or at EOF 1705 */ 1706 if (uio->uio_offset >= VTOI(vp)->i_size) { 1707 if (ap->a_eofflag) 1708 *ap->a_eofflag = 1; 1709 if (ap->a_ncookies) { 1710 *ap->a_ncookies = cookie_index; 1711 *ap->a_cookies = cookies; 1712 } 1713 goto done; 1714 } 1715 1716 /* 1717 * Loop until we run out of cookies, we run out of user buffer, 1718 * or we hit the directory EOF. 1719 * 1720 * Always start scans at the beginning of the buffer, don't trust 1721 * the offset supplied by userland. 1722 */ 1723 while ((error = ffs_blkatoff_ra(vp, uio->uio_offset, NULL, &bp, 2)) == 0) { 1724 pickup = (int)(uio->uio_offset - bp->b_loffset); 1725 offset = 0; 1726 retval = 0; 1727 if (bp->b_loffset + bp->b_bcount > VTOI(vp)->i_size) 1728 eoffset = (int)(VTOI(vp)->i_size - bp->b_loffset); 1729 else 1730 eoffset = bp->b_bcount; 1731 1732 while (offset < eoffset) { 1733 dp = (struct direct *)(bp->b_data + offset); 1734 if (dp->d_reclen <= 0 || (dp->d_reclen & 3) || 1735 offset + dp->d_reclen > bp->b_bcount) { 1736 error = EIO; 1737 break; 1738 } 1739 if (offsetof(struct direct, d_name[dp->d_namlen]) > dp->d_reclen) { 1740 error = EIO; 1741 break; 1742 } 1743 if (offset < pickup) { 1744 offset += dp->d_reclen; 1745 continue; 1746 } 1747 #if BYTE_ORDER == LITTLE_ENDIAN 1748 if (OFSFMT(vp)) { 1749 retval = vop_write_dirent(&error, uio, 1750 dp->d_ino, dp->d_namlen, dp->d_type, 1751 dp->d_name); 1752 } else 1753 #endif 1754 { 1755 retval = vop_write_dirent(&error, uio, 1756 dp->d_ino, dp->d_type, dp->d_namlen, 1757 dp->d_name); 1758 } 1759 if (retval) 1760 break; 1761 if (cookies) 1762 cookies[cookie_index] = bp->b_loffset + offset; 1763 ++cookie_index; 1764 offset += dp->d_reclen; 1765 if (cookie_index == ncookies) 1766 break; 1767 } 1768 1769 /* 1770 * This will align the next loop to the beginning of the 1771 * next block, and pickup will calculate to 0. 1772 */ 1773 uio->uio_offset = bp->b_loffset + offset; 1774 brelse(bp); 1775 1776 if (retval || error || cookie_index == ncookies || 1777 uio->uio_offset >= VTOI(vp)->i_size) { 1778 break; 1779 } 1780 } 1781 if (ap->a_eofflag) 1782 *ap->a_eofflag = VTOI(vp)->i_size <= uio->uio_offset; 1783 1784 /* 1785 * Report errors only if we didn't manage to read anything 1786 */ 1787 if (error && cookie_index == 0) { 1788 if (cookies) { 1789 kfree(cookies, M_TEMP); 1790 *ap->a_ncookies = 0; 1791 *ap->a_cookies = NULL; 1792 } 1793 } else { 1794 error = 0; 1795 if (cookies) { 1796 *ap->a_ncookies = cookie_index; 1797 *ap->a_cookies = cookies; 1798 } 1799 } 1800 done: 1801 vn_unlock(vp); 1802 return (error); 1803 } 1804 1805 /* 1806 * Return target name of a symbolic link 1807 * 1808 * ufs_readlink(struct vnode *a_vp, struct uio *a_uio, struct ucred *a_cred) 1809 */ 1810 static 1811 int 1812 ufs_readlink(struct vop_readlink_args *ap) 1813 { 1814 struct vnode *vp = ap->a_vp; 1815 struct inode *ip = VTOI(vp); 1816 int isize; 1817 1818 isize = ip->i_size; 1819 if ((isize < vp->v_mount->mnt_maxsymlinklen) || 1820 (ip->i_din.di_blocks == 0)) { /* XXX - for old fastlink support */ 1821 uiomove((char *)ip->i_shortlink, isize, ap->a_uio); 1822 return (0); 1823 } 1824 1825 /* 1826 * Perform the equivalent of an OPEN on vp so we can issue a 1827 * VOP_READ. 1828 */ 1829 return (VOP_READ(vp, ap->a_uio, 0, ap->a_cred)); 1830 } 1831 1832 /* 1833 * Calculate the logical to physical mapping if not done already, 1834 * then call the device strategy routine. 1835 * 1836 * In order to be able to swap to a file, the VOP_BMAP operation may not 1837 * deadlock on memory. See ufs_bmap() for details. 1838 * 1839 * ufs_strategy(struct vnode *a_vp, struct bio *a_bio) 1840 */ 1841 static 1842 int 1843 ufs_strategy(struct vop_strategy_args *ap) 1844 { 1845 struct bio *bio = ap->a_bio; 1846 struct bio *nbio; 1847 struct buf *bp = bio->bio_buf; 1848 struct vnode *vp = ap->a_vp; 1849 struct inode *ip; 1850 int error; 1851 1852 ip = VTOI(vp); 1853 if (vp->v_type == VBLK || vp->v_type == VCHR) 1854 panic("ufs_strategy: spec"); 1855 nbio = push_bio(bio); 1856 if (nbio->bio_offset == NOOFFSET) { 1857 error = VOP_BMAP(vp, bio->bio_offset, &nbio->bio_offset, 1858 NULL, NULL, bp->b_cmd); 1859 if (error) { 1860 bp->b_error = error; 1861 bp->b_flags |= B_ERROR; 1862 /* I/O was never started on nbio, must biodone(bio) */ 1863 biodone(bio); 1864 return (error); 1865 } 1866 if (nbio->bio_offset == NOOFFSET) 1867 vfs_bio_clrbuf(bp); 1868 } 1869 if (nbio->bio_offset == NOOFFSET) { 1870 /* 1871 * We hit a hole in the file. The buffer has been zero-filled 1872 * so just biodone() it. 1873 */ 1874 biodone(bio); 1875 } else { 1876 vn_strategy(ip->i_devvp, nbio); 1877 } 1878 return (0); 1879 } 1880 1881 /* 1882 * Print out the contents of an inode. 1883 * 1884 * ufs_print(struct vnode *a_vp) 1885 */ 1886 static 1887 int 1888 ufs_print(struct vop_print_args *ap) 1889 { 1890 struct vnode *vp = ap->a_vp; 1891 struct inode *ip = VTOI(vp); 1892 1893 kprintf("tag VT_UFS, ino %lu, on dev %s (%d, %d)", 1894 (u_long)ip->i_number, devtoname(ip->i_dev), major(ip->i_dev), 1895 minor(ip->i_dev)); 1896 if (vp->v_type == VFIFO) 1897 fifo_printinfo(vp); 1898 lockmgr_printinfo(&vp->v_lock); 1899 kprintf("\n"); 1900 return (0); 1901 } 1902 1903 /* 1904 * Read wrapper for special devices. 1905 * 1906 * ufsspec_read(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1907 * struct ucred *a_cred) 1908 */ 1909 static 1910 int 1911 ufsspec_read(struct vop_read_args *ap) 1912 { 1913 int error, resid; 1914 struct inode *ip; 1915 struct uio *uio; 1916 1917 uio = ap->a_uio; 1918 resid = uio->uio_resid; 1919 error = VOCALL(&spec_vnode_vops, &ap->a_head); 1920 /* 1921 * The inode may have been revoked during the call, so it must not 1922 * be accessed blindly here or in the other wrapper functions. 1923 */ 1924 ip = VTOI(ap->a_vp); 1925 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 1926 ip->i_flag |= IN_ACCESS; 1927 return (error); 1928 } 1929 1930 /* 1931 * Write wrapper for special devices. 1932 * 1933 * ufsspec_write(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1934 * struct ucred *a_cred) 1935 */ 1936 static 1937 int 1938 ufsspec_write(struct vop_write_args *ap) 1939 { 1940 int error, resid; 1941 struct inode *ip; 1942 struct uio *uio; 1943 1944 uio = ap->a_uio; 1945 resid = uio->uio_resid; 1946 error = VOCALL(&spec_vnode_vops, &ap->a_head); 1947 ip = VTOI(ap->a_vp); 1948 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 1949 VTOI(ap->a_vp)->i_flag |= IN_CHANGE | IN_UPDATE; 1950 return (error); 1951 } 1952 1953 /* 1954 * Close wrapper for special devices. 1955 * 1956 * Update the times on the inode then do device close. 1957 * 1958 * ufsspec_close(struct vnode *a_vp, int a_fflag) 1959 */ 1960 static 1961 int 1962 ufsspec_close(struct vop_close_args *ap) 1963 { 1964 struct vnode *vp = ap->a_vp; 1965 1966 if (vp->v_sysref.refcnt > 1) 1967 ufs_itimes(vp); 1968 return (VOCALL(&spec_vnode_vops, &ap->a_head)); 1969 } 1970 1971 /* 1972 * Read wrapper for fifos. 1973 * 1974 * ufsfifo_read(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1975 * struct ucred *a_cred) 1976 */ 1977 static 1978 int 1979 ufsfifo_read(struct vop_read_args *ap) 1980 { 1981 int error, resid; 1982 struct inode *ip; 1983 struct uio *uio; 1984 1985 uio = ap->a_uio; 1986 resid = uio->uio_resid; 1987 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 1988 ip = VTOI(ap->a_vp); 1989 if ((ap->a_vp->v_mount->mnt_flag & MNT_NOATIME) == 0 && ip != NULL && 1990 (uio->uio_resid != resid || (error == 0 && resid != 0))) 1991 VTOI(ap->a_vp)->i_flag |= IN_ACCESS; 1992 return (error); 1993 } 1994 1995 /* 1996 * Write wrapper for fifos. 1997 * 1998 * ufsfifo_write(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1999 * struct ucred *a_cred) 2000 */ 2001 static 2002 int 2003 ufsfifo_write(struct vop_write_args *ap) 2004 { 2005 int error, resid; 2006 struct inode *ip; 2007 struct uio *uio; 2008 2009 uio = ap->a_uio; 2010 resid = uio->uio_resid; 2011 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 2012 ip = VTOI(ap->a_vp); 2013 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 2014 VTOI(ap->a_vp)->i_flag |= IN_CHANGE | IN_UPDATE; 2015 return (error); 2016 } 2017 2018 /* 2019 * Close wrapper for fifos. 2020 * 2021 * Update the times on the inode then do device close. 2022 * 2023 * ufsfifo_close(struct vnode *a_vp, int a_fflag) 2024 */ 2025 static 2026 int 2027 ufsfifo_close(struct vop_close_args *ap) 2028 { 2029 struct vnode *vp = ap->a_vp; 2030 2031 if (vp->v_sysref.refcnt > 1) 2032 ufs_itimes(vp); 2033 return (VOCALL(&fifo_vnode_vops, &ap->a_head)); 2034 } 2035 2036 /* 2037 * Kqfilter wrapper for fifos. 2038 * 2039 * Fall through to ufs kqfilter routines if needed 2040 */ 2041 static 2042 int 2043 ufsfifo_kqfilter(struct vop_kqfilter_args *ap) 2044 { 2045 int error; 2046 2047 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 2048 if (error) 2049 error = ufs_kqfilter(ap); 2050 return (error); 2051 } 2052 2053 /* 2054 * Advisory record locking support 2055 * 2056 * ufs_advlock(struct vnode *a_vp, caddr_t a_id, int a_op, struct flock *a_fl, 2057 * int a_flags) 2058 */ 2059 static 2060 int 2061 ufs_advlock(struct vop_advlock_args *ap) 2062 { 2063 struct inode *ip = VTOI(ap->a_vp); 2064 2065 return (lf_advlock(ap, &(ip->i_lockf), ip->i_size)); 2066 } 2067 2068 /* 2069 * Initialize the vnode associated with a new inode, handle aliased 2070 * vnodes. 2071 * 2072 * Make sure directories have their VM object now rather then later, 2073 * saving us from having to check on all the myrid directory VOPs 2074 * that might be executed without a VOP_OPEN being performed. 2075 */ 2076 int 2077 ufs_vinit(struct mount *mntp, struct vnode **vpp) 2078 { 2079 struct inode *ip; 2080 struct vnode *vp; 2081 struct timeval tv; 2082 2083 vp = *vpp; 2084 ip = VTOI(vp); 2085 2086 vp->v_type = IFTOVT(ip->i_mode); 2087 2088 switch(vp->v_type) { 2089 case VCHR: 2090 case VBLK: 2091 vp->v_ops = &mntp->mnt_vn_spec_ops; 2092 addaliasu(vp, umajor(ip->i_rdev), uminor(ip->i_rdev)); 2093 break; 2094 case VFIFO: 2095 vp->v_ops = &mntp->mnt_vn_fifo_ops; 2096 break; 2097 case VDIR: 2098 case VREG: 2099 vinitvmio(vp, ip->i_size); 2100 break; 2101 case VLNK: 2102 if (ip->i_size >= vp->v_mount->mnt_maxsymlinklen) 2103 vinitvmio(vp, ip->i_size); 2104 break; 2105 default: 2106 break; 2107 2108 } 2109 2110 if (ip->i_number == ROOTINO) 2111 vp->v_flag |= VROOT; 2112 /* 2113 * Initialize modrev times 2114 */ 2115 getmicrouptime(&tv); 2116 SETHIGH(ip->i_modrev, tv.tv_sec); 2117 SETLOW(ip->i_modrev, tv.tv_usec * 4294); 2118 *vpp = vp; 2119 return (0); 2120 } 2121 2122 /* 2123 * Allocate a new inode. 2124 */ 2125 static 2126 int 2127 ufs_makeinode(int mode, struct vnode *dvp, struct vnode **vpp, 2128 struct componentname *cnp) 2129 { 2130 struct inode *ip, *pdir; 2131 struct direct newdir; 2132 struct vnode *tvp; 2133 int error; 2134 2135 pdir = VTOI(dvp); 2136 *vpp = NULL; 2137 if ((mode & IFMT) == 0) 2138 mode |= IFREG; 2139 2140 error = ffs_valloc(dvp, mode, cnp->cn_cred, &tvp); 2141 if (error) 2142 return (error); 2143 ip = VTOI(tvp); 2144 ip->i_flags = pdir->i_flags & (SF_NOHISTORY|UF_NOHISTORY|UF_NODUMP); 2145 ip->i_gid = pdir->i_gid; 2146 #ifdef SUIDDIR 2147 { 2148 #ifdef QUOTA 2149 struct ucred ucred, *ucp; 2150 ucp = cnp->cn_cred; 2151 #endif 2152 /* 2153 * If we are not the owner of the directory, 2154 * and we are hacking owners here, (only do this where told to) 2155 * and we are not giving it TO root, (would subvert quotas) 2156 * then go ahead and give it to the other user. 2157 * Note that this drops off the execute bits for security. 2158 */ 2159 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 2160 (pdir->i_mode & ISUID) && 2161 (pdir->i_uid != cnp->cn_cred->cr_uid) && pdir->i_uid) { 2162 ip->i_uid = pdir->i_uid; 2163 mode &= ~07111; 2164 #ifdef QUOTA 2165 /* 2166 * Make sure the correct user gets charged 2167 * for the space. 2168 * Quickly knock up a dummy credential for the victim. 2169 * XXX This seems to never be accessed out of our 2170 * context so a stack variable is ok. 2171 */ 2172 ucred.cr_ref = 1; 2173 ucred.cr_uid = ip->i_uid; 2174 ucred.cr_ngroups = 1; 2175 ucred.cr_groups[0] = pdir->i_gid; 2176 ucp = &ucred; 2177 #endif 2178 } else 2179 ip->i_uid = cnp->cn_cred->cr_uid; 2180 2181 #ifdef QUOTA 2182 if ((error = ufs_getinoquota(ip)) || 2183 (error = ufs_chkiq(ip, 1, ucp, 0))) { 2184 ffs_vfree(tvp, ip->i_number, mode); 2185 vput(tvp); 2186 return (error); 2187 } 2188 #endif 2189 } 2190 #else /* !SUIDDIR */ 2191 ip->i_uid = cnp->cn_cred->cr_uid; 2192 #ifdef QUOTA 2193 if ((error = ufs_getinoquota(ip)) || 2194 (error = ufs_chkiq(ip, 1, cnp->cn_cred, 0))) { 2195 ffs_vfree(tvp, ip->i_number, mode); 2196 vput(tvp); 2197 return (error); 2198 } 2199 #endif 2200 #endif /* !SUIDDIR */ 2201 ip->i_fsmid = cache_getnewfsmid(); 2202 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 2203 ip->i_mode = mode; 2204 tvp->v_type = IFTOVT(mode); /* Rest init'd in getnewvnode(). */ 2205 ip->i_effnlink = 1; 2206 ip->i_nlink = 1; 2207 if (DOINGSOFTDEP(tvp)) 2208 softdep_change_linkcnt(ip); 2209 if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) && 2210 priv_check_cred(cnp->cn_cred, PRIV_ROOT, 0)) { 2211 ip->i_mode &= ~ISGID; 2212 } 2213 2214 if (cnp->cn_flags & CNP_ISWHITEOUT) 2215 ip->i_flags |= UF_OPAQUE; 2216 2217 /* 2218 * Regular files and directories need VM objects. Softlinks do 2219 * not (not immediately anyway). 2220 */ 2221 if (tvp->v_type == VREG || tvp->v_type == VDIR) 2222 vinitvmio(tvp, 0); 2223 2224 /* 2225 * Make sure inode goes to disk before directory entry. 2226 */ 2227 error = ffs_update(tvp, !(DOINGSOFTDEP(tvp) | DOINGASYNC(tvp))); 2228 if (error) 2229 goto bad; 2230 ufs_makedirentry(ip, cnp, &newdir); 2231 error = ufs_direnter(dvp, tvp, &newdir, cnp, NULL); 2232 if (error) 2233 goto bad; 2234 *vpp = tvp; 2235 return (0); 2236 2237 bad: 2238 /* 2239 * Write error occurred trying to update the inode 2240 * or the directory so must deallocate the inode. 2241 */ 2242 ip->i_effnlink = 0; 2243 ip->i_nlink = 0; 2244 ip->i_flag |= IN_CHANGE; 2245 if (DOINGSOFTDEP(tvp)) 2246 softdep_change_linkcnt(ip); 2247 vput(tvp); 2248 return (error); 2249 } 2250 2251 static int 2252 ufs_missingop(struct vop_generic_args *ap) 2253 { 2254 panic("no vop function for %s in ufs child", ap->a_desc->sd_name); 2255 return (EOPNOTSUPP); 2256 } 2257 2258 static struct filterops ufsread_filtops = 2259 { 1, NULL, filt_ufsdetach, filt_ufsread }; 2260 static struct filterops ufswrite_filtops = 2261 { 1, NULL, filt_ufsdetach, filt_ufswrite }; 2262 static struct filterops ufsvnode_filtops = 2263 { 1, NULL, filt_ufsdetach, filt_ufsvnode }; 2264 2265 /* 2266 * ufs_kqfilter(struct vnode *a_vp, struct knote *a_kn) 2267 */ 2268 static int 2269 ufs_kqfilter(struct vop_kqfilter_args *ap) 2270 { 2271 struct vnode *vp = ap->a_vp; 2272 struct knote *kn = ap->a_kn; 2273 lwkt_tokref ilock; 2274 2275 switch (kn->kn_filter) { 2276 case EVFILT_READ: 2277 kn->kn_fop = &ufsread_filtops; 2278 break; 2279 case EVFILT_WRITE: 2280 kn->kn_fop = &ufswrite_filtops; 2281 break; 2282 case EVFILT_VNODE: 2283 kn->kn_fop = &ufsvnode_filtops; 2284 break; 2285 default: 2286 return (1); 2287 } 2288 2289 kn->kn_hook = (caddr_t)vp; 2290 2291 lwkt_gettoken(&ilock, &vp->v_pollinfo.vpi_token); 2292 SLIST_INSERT_HEAD(&vp->v_pollinfo.vpi_selinfo.si_note, kn, kn_selnext); 2293 lwkt_reltoken(&ilock); 2294 2295 return (0); 2296 } 2297 2298 static void 2299 filt_ufsdetach(struct knote *kn) 2300 { 2301 struct vnode *vp = (struct vnode *)kn->kn_hook; 2302 lwkt_tokref ilock; 2303 2304 lwkt_gettoken(&ilock, &vp->v_pollinfo.vpi_token); 2305 SLIST_REMOVE(&vp->v_pollinfo.vpi_selinfo.si_note, 2306 kn, knote, kn_selnext); 2307 lwkt_reltoken(&ilock); 2308 } 2309 2310 /*ARGSUSED*/ 2311 static int 2312 filt_ufsread(struct knote *kn, long hint) 2313 { 2314 struct vnode *vp = (struct vnode *)kn->kn_hook; 2315 struct inode *ip = VTOI(vp); 2316 2317 /* 2318 * filesystem is gone, so set the EOF flag and schedule 2319 * the knote for deletion. 2320 */ 2321 if (hint == NOTE_REVOKE) { 2322 kn->kn_flags |= (EV_EOF | EV_ONESHOT); 2323 return (1); 2324 } 2325 2326 kn->kn_data = ip->i_size - kn->kn_fp->f_offset; 2327 return (kn->kn_data != 0); 2328 } 2329 2330 /*ARGSUSED*/ 2331 static int 2332 filt_ufswrite(struct knote *kn, long hint) 2333 { 2334 /* 2335 * filesystem is gone, so set the EOF flag and schedule 2336 * the knote for deletion. 2337 */ 2338 if (hint == NOTE_REVOKE) 2339 kn->kn_flags |= (EV_EOF | EV_ONESHOT); 2340 2341 kn->kn_data = 0; 2342 return (1); 2343 } 2344 2345 static int 2346 filt_ufsvnode(struct knote *kn, long hint) 2347 { 2348 if (kn->kn_sfflags & hint) 2349 kn->kn_fflags |= hint; 2350 if (hint == NOTE_REVOKE) { 2351 kn->kn_flags |= EV_EOF; 2352 return (1); 2353 } 2354 return (kn->kn_fflags != 0); 2355 } 2356 2357 /* Global vfs data structures for ufs. */ 2358 static struct vop_ops ufs_vnode_vops = { 2359 .vop_default = vop_defaultop, 2360 .vop_fsync = (void *)ufs_missingop, 2361 .vop_read = (void *)ufs_missingop, 2362 .vop_reallocblks = (void *)ufs_missingop, 2363 .vop_write = (void *)ufs_missingop, 2364 .vop_access = ufs_access, 2365 .vop_advlock = ufs_advlock, 2366 .vop_bmap = ufs_bmap, 2367 .vop_old_lookup = ufs_lookup, 2368 .vop_close = ufs_close, 2369 .vop_old_create = ufs_create, 2370 .vop_getattr = ufs_getattr, 2371 .vop_inactive = ufs_inactive, 2372 .vop_old_link = ufs_link, 2373 .vop_old_mkdir = ufs_mkdir, 2374 .vop_old_mknod = ufs_mknod, 2375 .vop_mmap = ufs_mmap, 2376 .vop_open = ufs_open, 2377 .vop_pathconf = vop_stdpathconf, 2378 .vop_poll = vop_stdpoll, 2379 .vop_kqfilter = ufs_kqfilter, 2380 .vop_print = ufs_print, 2381 .vop_readdir = ufs_readdir, 2382 .vop_readlink = ufs_readlink, 2383 .vop_reclaim = ufs_reclaim, 2384 .vop_old_remove = ufs_remove, 2385 .vop_old_rename = ufs_rename, 2386 .vop_old_rmdir = ufs_rmdir, 2387 .vop_setattr = ufs_setattr, 2388 .vop_markatime = ufs_markatime, 2389 .vop_strategy = ufs_strategy, 2390 .vop_old_symlink = ufs_symlink, 2391 .vop_old_whiteout = ufs_whiteout 2392 }; 2393 2394 static struct vop_ops ufs_spec_vops = { 2395 .vop_default = spec_vnoperate, 2396 .vop_fsync = (void *)ufs_missingop, 2397 .vop_access = ufs_access, 2398 .vop_close = ufsspec_close, 2399 .vop_getattr = ufs_getattr, 2400 .vop_inactive = ufs_inactive, 2401 .vop_print = ufs_print, 2402 .vop_read = ufsspec_read, 2403 .vop_reclaim = ufs_reclaim, 2404 .vop_setattr = ufs_setattr, 2405 .vop_markatime = ufs_markatime, 2406 .vop_write = ufsspec_write 2407 }; 2408 2409 static struct vop_ops ufs_fifo_vops = { 2410 .vop_default = fifo_vnoperate, 2411 .vop_fsync = (void *)ufs_missingop, 2412 .vop_access = ufs_access, 2413 .vop_close = ufsfifo_close, 2414 .vop_getattr = ufs_getattr, 2415 .vop_inactive = ufs_inactive, 2416 .vop_kqfilter = ufsfifo_kqfilter, 2417 .vop_print = ufs_print, 2418 .vop_read = ufsfifo_read, 2419 .vop_reclaim = ufs_reclaim, 2420 .vop_setattr = ufs_setattr, 2421 .vop_markatime = ufs_markatime, 2422 .vop_write = ufsfifo_write 2423 }; 2424 2425 VNODEOP_SET(ufs_vnode_vops); 2426 VNODEOP_SET(ufs_spec_vops); 2427 VNODEOP_SET(ufs_fifo_vops); 2428 2429 /* 2430 * ufs_vnoperate() 2431 */ 2432 int 2433 ufs_vnoperate(struct vop_generic_args *ap) 2434 { 2435 return (VOCALL(&ufs_vnode_vops, ap)); 2436 } 2437 2438 /* 2439 * ufs_vnoperatefifo() 2440 */ 2441 int 2442 ufs_vnoperatefifo(struct vop_generic_args *ap) 2443 { 2444 return (VOCALL(&ufs_fifo_vops, ap)); 2445 } 2446 2447 /* 2448 * ufs_vnoperatespec() 2449 */ 2450 int 2451 ufs_vnoperatespec(struct vop_generic_args *ap) 2452 { 2453 return (VOCALL(&ufs_spec_vops, ap)); 2454 } 2455