1 /* 2 * Copyright (c) 1982, 1986, 1989, 1993, 1995 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)ufs_vnops.c 8.27 (Berkeley) 5/27/95 39 * $FreeBSD: src/sys/ufs/ufs/ufs_vnops.c,v 1.131.2.8 2003/01/02 17:26:19 bde Exp $ 40 * $DragonFly: src/sys/vfs/ufs/ufs_vnops.c,v 1.67 2008/09/28 05:04:22 dillon Exp $ 41 */ 42 43 #include "opt_quota.h" 44 #include "opt_suiddir.h" 45 #include "opt_ufs.h" 46 47 #include <sys/param.h> 48 #include <sys/systm.h> 49 #include <sys/kernel.h> 50 #include <sys/fcntl.h> 51 #include <sys/stat.h> 52 #include <sys/buf.h> 53 #include <sys/proc.h> 54 #include <sys/priv.h> 55 #include <sys/namei.h> 56 #include <sys/mount.h> 57 #include <sys/unistd.h> 58 #include <sys/vnode.h> 59 #include <sys/malloc.h> 60 #include <sys/dirent.h> 61 #include <sys/lockf.h> 62 #include <sys/event.h> 63 #include <sys/conf.h> 64 65 #include <sys/file.h> /* XXX */ 66 #include <sys/jail.h> 67 68 #include <vm/vm.h> 69 #include <vm/vm_extern.h> 70 71 #include <vfs/fifofs/fifo.h> 72 73 #include "quota.h" 74 #include "inode.h" 75 #include "dir.h" 76 #include "ufsmount.h" 77 #include "ufs_extern.h" 78 #include "ffs_extern.h" 79 #ifdef UFS_DIRHASH 80 #include "dirhash.h" 81 #endif 82 83 static int ufs_access (struct vop_access_args *); 84 static int ufs_advlock (struct vop_advlock_args *); 85 static int ufs_chmod (struct vnode *, int, struct ucred *); 86 static int ufs_chown (struct vnode *, uid_t, gid_t, struct ucred *); 87 static int ufs_close (struct vop_close_args *); 88 static int ufs_create (struct vop_old_create_args *); 89 static int ufs_getattr (struct vop_getattr_args *); 90 static int ufs_link (struct vop_old_link_args *); 91 static int ufs_makeinode (int mode, struct vnode *, struct vnode **, struct componentname *); 92 static int ufs_markatime (struct vop_markatime_args *); 93 static int ufs_missingop (struct vop_generic_args *ap); 94 static int ufs_mkdir (struct vop_old_mkdir_args *); 95 static int ufs_mknod (struct vop_old_mknod_args *); 96 static int ufs_mmap (struct vop_mmap_args *); 97 static int ufs_open (struct vop_open_args *); 98 static int ufs_print (struct vop_print_args *); 99 static int ufs_readdir (struct vop_readdir_args *); 100 static int ufs_readlink (struct vop_readlink_args *); 101 static int ufs_remove (struct vop_old_remove_args *); 102 static int ufs_rename (struct vop_old_rename_args *); 103 static int ufs_rmdir (struct vop_old_rmdir_args *); 104 static int ufs_setattr (struct vop_setattr_args *); 105 static int ufs_strategy (struct vop_strategy_args *); 106 static int ufs_symlink (struct vop_old_symlink_args *); 107 static int ufs_whiteout (struct vop_old_whiteout_args *); 108 static int ufsfifo_close (struct vop_close_args *); 109 static int ufsfifo_kqfilter (struct vop_kqfilter_args *); 110 static int ufsfifo_read (struct vop_read_args *); 111 static int ufsfifo_write (struct vop_write_args *); 112 static int ufsspec_close (struct vop_close_args *); 113 static int ufsspec_read (struct vop_read_args *); 114 static int ufsspec_write (struct vop_write_args *); 115 static int filt_ufsread (struct knote *kn, long hint); 116 static int filt_ufswrite (struct knote *kn, long hint); 117 static int filt_ufsvnode (struct knote *kn, long hint); 118 static void filt_ufsdetach (struct knote *kn); 119 static int ufs_kqfilter (struct vop_kqfilter_args *ap); 120 121 union _qcvt { 122 int64_t qcvt; 123 int32_t val[2]; 124 }; 125 #define SETHIGH(q, h) { \ 126 union _qcvt tmp; \ 127 tmp.qcvt = (q); \ 128 tmp.val[_QUAD_HIGHWORD] = (h); \ 129 (q) = tmp.qcvt; \ 130 } 131 #define SETLOW(q, l) { \ 132 union _qcvt tmp; \ 133 tmp.qcvt = (q); \ 134 tmp.val[_QUAD_LOWWORD] = (l); \ 135 (q) = tmp.qcvt; \ 136 } 137 #define VN_KNOTE(vp, b) \ 138 KNOTE(&vp->v_pollinfo.vpi_selinfo.si_note, (b)) 139 140 #define OFSFMT(vp) ((vp)->v_mount->mnt_maxsymlinklen <= 0) 141 142 /* 143 * A virgin directory (no blushing please). 144 */ 145 static struct dirtemplate mastertemplate = { 146 0, 12, DT_DIR, 1, ".", 147 0, DIRBLKSIZ - 12, DT_DIR, 2, ".." 148 }; 149 static struct odirtemplate omastertemplate = { 150 0, 12, 1, ".", 151 0, DIRBLKSIZ - 12, 2, ".." 152 }; 153 154 void 155 ufs_itimes(struct vnode *vp) 156 { 157 struct inode *ip; 158 struct timespec ts; 159 160 ip = VTOI(vp); 161 if ((ip->i_flag & (IN_ACCESS | IN_CHANGE | IN_UPDATE)) == 0) 162 return; 163 if ((vp->v_type == VBLK || vp->v_type == VCHR) && !DOINGSOFTDEP(vp)) 164 ip->i_flag |= IN_LAZYMOD; 165 else 166 ip->i_flag |= IN_MODIFIED; 167 if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) { 168 vfs_timestamp(&ts); 169 if (ip->i_flag & IN_ACCESS) { 170 ip->i_atime = ts.tv_sec; 171 ip->i_atimensec = ts.tv_nsec; 172 } 173 if (ip->i_flag & IN_UPDATE) { 174 ip->i_mtime = ts.tv_sec; 175 ip->i_mtimensec = ts.tv_nsec; 176 ip->i_modrev++; 177 } 178 if (ip->i_flag & IN_CHANGE) { 179 ip->i_ctime = ts.tv_sec; 180 ip->i_ctimensec = ts.tv_nsec; 181 } 182 } 183 ip->i_flag &= ~(IN_ACCESS | IN_CHANGE | IN_UPDATE); 184 } 185 186 /* 187 * Create a regular file 188 * 189 * ufs_create(struct vnode *a_dvp, struct vnode **a_vpp, 190 * struct componentname *a_cnp, struct vattr *a_vap) 191 */ 192 static 193 int 194 ufs_create(struct vop_old_create_args *ap) 195 { 196 int error; 197 198 error = 199 ufs_makeinode(MAKEIMODE(ap->a_vap->va_type, ap->a_vap->va_mode), 200 ap->a_dvp, ap->a_vpp, ap->a_cnp); 201 if (error) 202 return (error); 203 VN_KNOTE(ap->a_dvp, NOTE_WRITE); 204 return (0); 205 } 206 207 /* 208 * Mknod vnode call 209 * 210 * ufs_mknod(struct vnode *a_dvp, struct vnode **a_vpp, 211 * struct componentname *a_cnp, struct vattr *a_vap) 212 */ 213 /* ARGSUSED */ 214 static 215 int 216 ufs_mknod(struct vop_old_mknod_args *ap) 217 { 218 struct vattr *vap = ap->a_vap; 219 struct vnode **vpp = ap->a_vpp; 220 struct inode *ip; 221 ino_t ino; 222 int error; 223 224 /* 225 * UFS cannot represent the entire major/minor range supported by 226 * the kernel. 227 */ 228 if (vap->va_rmajor != VNOVAL && 229 makeudev(vap->va_rmajor, vap->va_rminor) == NOUDEV) { 230 return(EINVAL); 231 } 232 233 /* no special directory support */ 234 if (vap->va_type == VDIR) 235 return(EINVAL); 236 237 error = ufs_makeinode(MAKEIMODE(vap->va_type, vap->va_mode), 238 ap->a_dvp, vpp, ap->a_cnp); 239 if (error) 240 return (error); 241 VN_KNOTE(ap->a_dvp, NOTE_WRITE); 242 ip = VTOI(*vpp); 243 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 244 if (vap->va_rmajor != VNOVAL) { 245 /* 246 * Want to be able to use this to make badblock 247 * inodes, so don't truncate the dev number. 248 */ 249 ip->i_rdev = makeudev(vap->va_rmajor, vap->va_rminor); 250 } 251 /* 252 * Remove inode, then reload it through VFS_VGET so it is 253 * checked to see if it is an alias of an existing entry in 254 * the inode cache. 255 */ 256 (*vpp)->v_type = VNON; 257 ino = ip->i_number; /* Save this before vgone() invalidates ip. */ 258 vgone_vxlocked(*vpp); 259 vput(*vpp); 260 error = VFS_VGET(ap->a_dvp->v_mount, ino, vpp); 261 if (error) { 262 *vpp = NULL; 263 return (error); 264 } 265 return (0); 266 } 267 268 /* 269 * Open called. 270 * 271 * Nothing to do. 272 * 273 * ufs_open(struct vnode *a_vp, int a_mode, struct ucred *a_cred, 274 * struct file *a_fp) 275 */ 276 /* ARGSUSED */ 277 static 278 int 279 ufs_open(struct vop_open_args *ap) 280 { 281 struct vnode *vp = ap->a_vp; 282 283 /* 284 * Files marked append-only must be opened for appending. 285 */ 286 if ((VTOI(vp)->i_flags & APPEND) && 287 (ap->a_mode & (FWRITE | O_APPEND)) == FWRITE) { 288 return (EPERM); 289 } 290 291 return (vop_stdopen(ap)); 292 } 293 294 /* 295 * Close called. 296 * 297 * Update the times on the inode. 298 * 299 * ufs_close(struct vnode *a_vp, int a_fflag) 300 */ 301 /* ARGSUSED */ 302 static 303 int 304 ufs_close(struct vop_close_args *ap) 305 { 306 struct vnode *vp = ap->a_vp; 307 308 if (vp->v_sysref.refcnt > 1) 309 ufs_itimes(vp); 310 return (vop_stdclose(ap)); 311 } 312 313 /* 314 * ufs_access(struct vnode *a_vp, int a_mode, struct ucred *a_cred) 315 */ 316 static 317 int 318 ufs_access(struct vop_access_args *ap) 319 { 320 struct vnode *vp = ap->a_vp; 321 struct inode *ip = VTOI(vp); 322 struct ucred *cred = ap->a_cred; 323 mode_t mask, mode = ap->a_mode; 324 gid_t *gp; 325 int i; 326 #ifdef QUOTA 327 int error; 328 #endif 329 330 /* 331 * Disallow write attempts on read-only filesystems; 332 * unless the file is a socket, fifo, or a block or 333 * character device resident on the filesystem. 334 */ 335 if (mode & VWRITE) { 336 switch (vp->v_type) { 337 case VDIR: 338 case VLNK: 339 case VREG: 340 if (vp->v_mount->mnt_flag & MNT_RDONLY) 341 return (EROFS); 342 #ifdef QUOTA 343 if ((error = ufs_getinoquota(ip)) != 0) 344 return (error); 345 #endif 346 break; 347 default: 348 break; 349 } 350 } 351 352 /* If immutable bit set, nobody gets to write it. */ 353 if ((mode & VWRITE) && (ip->i_flags & IMMUTABLE)) 354 return (EPERM); 355 356 /* Otherwise, user id 0 always gets access. */ 357 if (cred->cr_uid == 0) 358 return (0); 359 360 mask = 0; 361 362 /* Otherwise, check the owner. */ 363 if (cred->cr_uid == ip->i_uid) { 364 if (mode & VOWN) 365 return (0); 366 if (mode & VEXEC) 367 mask |= S_IXUSR; 368 if (mode & VREAD) 369 mask |= S_IRUSR; 370 if (mode & VWRITE) 371 mask |= S_IWUSR; 372 return ((ip->i_mode & mask) == mask ? 0 : EACCES); 373 } 374 375 /* Otherwise, check the groups. */ 376 for (i = 0, gp = cred->cr_groups; i < cred->cr_ngroups; i++, gp++) 377 if (ip->i_gid == *gp) { 378 if (mode & VEXEC) 379 mask |= S_IXGRP; 380 if (mode & VREAD) 381 mask |= S_IRGRP; 382 if (mode & VWRITE) 383 mask |= S_IWGRP; 384 return ((ip->i_mode & mask) == mask ? 0 : EACCES); 385 } 386 387 /* Otherwise, check everyone else. */ 388 if (mode & VEXEC) 389 mask |= S_IXOTH; 390 if (mode & VREAD) 391 mask |= S_IROTH; 392 if (mode & VWRITE) 393 mask |= S_IWOTH; 394 return ((ip->i_mode & mask) == mask ? 0 : EACCES); 395 } 396 397 /* 398 * ufs_getattr(struct vnode *a_vp, struct vattr *a_vap) 399 */ 400 /* ARGSUSED */ 401 static 402 int 403 ufs_getattr(struct vop_getattr_args *ap) 404 { 405 struct vnode *vp = ap->a_vp; 406 struct inode *ip = VTOI(vp); 407 struct vattr *vap = ap->a_vap; 408 409 /* 410 * This may cause i_fsmid to be updated even if no change (0) 411 * is returned, but we should only write out the inode if non-zero 412 * is returned and if the mount is read-write. 413 */ 414 if (cache_check_fsmid_vp(vp, &ip->i_fsmid) && 415 (vp->v_mount->mnt_flag & MNT_RDONLY) == 0 416 ) { 417 ip->i_flag |= IN_LAZYMOD; 418 } 419 420 ufs_itimes(vp); 421 /* 422 * Copy from inode table 423 */ 424 vap->va_fsid = dev2udev(ip->i_dev); 425 vap->va_fileid = ip->i_number; 426 vap->va_mode = ip->i_mode & ~IFMT; 427 vap->va_nlink = VFSTOUFS(vp->v_mount)->um_i_effnlink_valid ? 428 ip->i_effnlink : ip->i_nlink; 429 vap->va_uid = ip->i_uid; 430 vap->va_gid = ip->i_gid; 431 vap->va_rmajor = umajor(ip->i_rdev); 432 vap->va_rminor = uminor(ip->i_rdev); 433 vap->va_size = ip->i_din.di_size; 434 vap->va_atime.tv_sec = ip->i_atime; 435 vap->va_atime.tv_nsec = ip->i_atimensec; 436 vap->va_mtime.tv_sec = ip->i_mtime; 437 vap->va_mtime.tv_nsec = ip->i_mtimensec; 438 vap->va_ctime.tv_sec = ip->i_ctime; 439 vap->va_ctime.tv_nsec = ip->i_ctimensec; 440 vap->va_flags = ip->i_flags; 441 vap->va_gen = ip->i_gen; 442 vap->va_blocksize = vp->v_mount->mnt_stat.f_iosize; 443 vap->va_bytes = dbtob((u_quad_t)ip->i_blocks); 444 vap->va_type = IFTOVT(ip->i_mode); 445 vap->va_filerev = ip->i_modrev; 446 vap->va_fsmid = ip->i_fsmid; 447 return (0); 448 } 449 450 static 451 int 452 ufs_markatime(struct vop_markatime_args *ap) 453 { 454 struct vnode *vp = ap->a_vp; 455 struct inode *ip = VTOI(vp); 456 457 if (vp->v_mount->mnt_flag & MNT_RDONLY) 458 return (EROFS); 459 if (vp->v_mount->mnt_flag & MNT_NOATIME) 460 return (0); 461 ip->i_flag |= IN_ACCESS; 462 VN_KNOTE(vp, NOTE_ATTRIB); 463 return (0); 464 } 465 466 /* 467 * Set attribute vnode op. called from several syscalls 468 * 469 * ufs_setattr(struct vnode *a_vp, struct vattr *a_vap, 470 * struct ucred *a_cred) 471 */ 472 static 473 int 474 ufs_setattr(struct vop_setattr_args *ap) 475 { 476 struct vattr *vap = ap->a_vap; 477 struct vnode *vp = ap->a_vp; 478 struct inode *ip = VTOI(vp); 479 struct ucred *cred = ap->a_cred; 480 int error; 481 482 /* 483 * Check for unsettable attributes. 484 */ 485 if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) || 486 (vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) || 487 (vap->va_blocksize != VNOVAL) || (vap->va_rmajor != VNOVAL) || 488 ((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) { 489 return (EINVAL); 490 } 491 if (vap->va_flags != VNOVAL) { 492 if (vp->v_mount->mnt_flag & MNT_RDONLY) 493 return (EROFS); 494 if (cred->cr_uid != ip->i_uid && 495 (error = priv_check_cred(cred, PRIV_ROOT, PRISON_ROOT))) 496 return (error); 497 /* 498 * Note that a root chflags becomes a user chflags when 499 * we are jailed, unless the jail.chflags_allowed sysctl 500 * is set. 501 */ 502 if (cred->cr_uid == 0 && 503 (!jailed(cred) || jail_chflags_allowed)) { 504 if ((ip->i_flags 505 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) && 506 securelevel > 0) 507 return (EPERM); 508 ip->i_flags = vap->va_flags; 509 } else { 510 if (ip->i_flags 511 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) || 512 (vap->va_flags & UF_SETTABLE) != vap->va_flags) 513 return (EPERM); 514 ip->i_flags &= SF_SETTABLE; 515 ip->i_flags |= (vap->va_flags & UF_SETTABLE); 516 } 517 ip->i_flag |= IN_CHANGE; 518 if (vap->va_flags & (IMMUTABLE | APPEND)) 519 return (0); 520 } 521 if (ip->i_flags & (IMMUTABLE | APPEND)) 522 return (EPERM); 523 /* 524 * Go through the fields and update iff not VNOVAL. 525 */ 526 if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) { 527 if (vp->v_mount->mnt_flag & MNT_RDONLY) 528 return (EROFS); 529 if ((error = ufs_chown(vp, vap->va_uid, vap->va_gid, cred)) != 0) 530 return (error); 531 } 532 if (vap->va_size != VNOVAL) { 533 /* 534 * Disallow write attempts on read-only filesystems; 535 * unless the file is a socket, fifo, or a block or 536 * character device resident on the filesystem. 537 */ 538 switch (vp->v_type) { 539 case VDIR: 540 return (EISDIR); 541 case VLNK: 542 case VREG: 543 if (vp->v_mount->mnt_flag & MNT_RDONLY) 544 return (EROFS); 545 break; 546 default: 547 break; 548 } 549 if ((error = ffs_truncate(vp, vap->va_size, 0, cred)) != 0) 550 return (error); 551 } 552 ip = VTOI(vp); 553 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 554 if (vp->v_mount->mnt_flag & MNT_RDONLY) 555 return (EROFS); 556 if (cred->cr_uid != ip->i_uid && 557 (error = priv_check_cred(cred, PRIV_ROOT, PRISON_ROOT)) && 558 ((vap->va_vaflags & VA_UTIMES_NULL) == 0 || 559 (error = VOP_ACCESS(vp, VWRITE, cred)))) 560 return (error); 561 if (vap->va_atime.tv_sec != VNOVAL) 562 ip->i_flag |= IN_ACCESS; 563 if (vap->va_mtime.tv_sec != VNOVAL) 564 ip->i_flag |= IN_CHANGE | IN_UPDATE; 565 ufs_itimes(vp); 566 if (vap->va_atime.tv_sec != VNOVAL) { 567 ip->i_atime = vap->va_atime.tv_sec; 568 ip->i_atimensec = vap->va_atime.tv_nsec; 569 } 570 if (vap->va_mtime.tv_sec != VNOVAL) { 571 ip->i_mtime = vap->va_mtime.tv_sec; 572 ip->i_mtimensec = vap->va_mtime.tv_nsec; 573 } 574 error = ffs_update(vp, 0); 575 if (error) 576 return (error); 577 } 578 error = 0; 579 if (vap->va_mode != (mode_t)VNOVAL) { 580 if (vp->v_mount->mnt_flag & MNT_RDONLY) 581 return (EROFS); 582 error = ufs_chmod(vp, (int)vap->va_mode, cred); 583 } 584 VN_KNOTE(vp, NOTE_ATTRIB); 585 return (error); 586 } 587 588 /* 589 * Change the mode on a file. 590 * Inode must be locked before calling. 591 */ 592 static int 593 ufs_chmod(struct vnode *vp, int mode, struct ucred *cred) 594 { 595 struct inode *ip = VTOI(vp); 596 int error; 597 598 if (cred->cr_uid != ip->i_uid) { 599 error = priv_check_cred(cred, PRIV_ROOT, PRISON_ROOT); 600 if (error) 601 return (error); 602 } 603 if (cred->cr_uid) { 604 if (vp->v_type != VDIR && (mode & S_ISTXT)) 605 return (EFTYPE); 606 if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) 607 return (EPERM); 608 } 609 ip->i_mode &= ~ALLPERMS; 610 ip->i_mode |= (mode & ALLPERMS); 611 ip->i_flag |= IN_CHANGE; 612 return (0); 613 } 614 615 /* 616 * Perform chown operation on inode ip; 617 * inode must be locked prior to call. 618 */ 619 static int 620 ufs_chown(struct vnode *vp, uid_t uid, gid_t gid, struct ucred *cred) 621 { 622 struct inode *ip = VTOI(vp); 623 uid_t ouid; 624 gid_t ogid; 625 int error = 0; 626 #ifdef QUOTA 627 int i; 628 long change; 629 #endif 630 631 if (uid == (uid_t)VNOVAL) 632 uid = ip->i_uid; 633 if (gid == (gid_t)VNOVAL) 634 gid = ip->i_gid; 635 /* 636 * If we don't own the file, are trying to change the owner 637 * of the file, or are not a member of the target group, 638 * the caller must be superuser or the call fails. 639 */ 640 if ((cred->cr_uid != ip->i_uid || uid != ip->i_uid || 641 (gid != ip->i_gid && !(cred->cr_gid == gid || 642 groupmember((gid_t)gid, cred)))) && 643 (error = priv_check_cred(cred, PRIV_ROOT, PRISON_ROOT))) 644 return (error); 645 ogid = ip->i_gid; 646 ouid = ip->i_uid; 647 #ifdef QUOTA 648 if ((error = ufs_getinoquota(ip)) != 0) 649 return (error); 650 if (ouid == uid) { 651 ufs_dqrele(vp, ip->i_dquot[USRQUOTA]); 652 ip->i_dquot[USRQUOTA] = NODQUOT; 653 } 654 if (ogid == gid) { 655 ufs_dqrele(vp, ip->i_dquot[GRPQUOTA]); 656 ip->i_dquot[GRPQUOTA] = NODQUOT; 657 } 658 change = ip->i_blocks; 659 (void) ufs_chkdq(ip, -change, cred, CHOWN); 660 (void) ufs_chkiq(ip, -1, cred, CHOWN); 661 for (i = 0; i < MAXQUOTAS; i++) { 662 ufs_dqrele(vp, ip->i_dquot[i]); 663 ip->i_dquot[i] = NODQUOT; 664 } 665 #endif 666 ip->i_gid = gid; 667 ip->i_uid = uid; 668 #ifdef QUOTA 669 if ((error = ufs_getinoquota(ip)) == 0) { 670 if (ouid == uid) { 671 ufs_dqrele(vp, ip->i_dquot[USRQUOTA]); 672 ip->i_dquot[USRQUOTA] = NODQUOT; 673 } 674 if (ogid == gid) { 675 ufs_dqrele(vp, ip->i_dquot[GRPQUOTA]); 676 ip->i_dquot[GRPQUOTA] = NODQUOT; 677 } 678 if ((error = ufs_chkdq(ip, change, cred, CHOWN)) == 0) { 679 if ((error = ufs_chkiq(ip, 1, cred, CHOWN)) == 0) 680 goto good; 681 else 682 (void)ufs_chkdq(ip, -change, cred, CHOWN|FORCE); 683 } 684 for (i = 0; i < MAXQUOTAS; i++) { 685 ufs_dqrele(vp, ip->i_dquot[i]); 686 ip->i_dquot[i] = NODQUOT; 687 } 688 } 689 ip->i_gid = ogid; 690 ip->i_uid = ouid; 691 if (ufs_getinoquota(ip) == 0) { 692 if (ouid == uid) { 693 ufs_dqrele(vp, ip->i_dquot[USRQUOTA]); 694 ip->i_dquot[USRQUOTA] = NODQUOT; 695 } 696 if (ogid == gid) { 697 ufs_dqrele(vp, ip->i_dquot[GRPQUOTA]); 698 ip->i_dquot[GRPQUOTA] = NODQUOT; 699 } 700 (void) ufs_chkdq(ip, change, cred, FORCE|CHOWN); 701 (void) ufs_chkiq(ip, 1, cred, FORCE|CHOWN); 702 (void) ufs_getinoquota(ip); 703 } 704 return (error); 705 good: 706 if (ufs_getinoquota(ip)) 707 panic("ufs_chown: lost quota"); 708 #endif /* QUOTA */ 709 ip->i_flag |= IN_CHANGE; 710 if (cred->cr_uid != 0 && (ouid != uid || ogid != gid)) 711 ip->i_mode &= ~(ISUID | ISGID); 712 return (0); 713 } 714 715 /* 716 * Mmap a file 717 * 718 * NB Currently unsupported. 719 * 720 * ufs_mmap(struct vnode *a_vp, int a_fflags, struct ucred *a_cred) 721 */ 722 /* ARGSUSED */ 723 static 724 int 725 ufs_mmap(struct vop_mmap_args *ap) 726 { 727 return (EINVAL); 728 } 729 730 /* 731 * ufs_remove(struct vnode *a_dvp, struct vnode *a_vp, 732 * struct componentname *a_cnp) 733 */ 734 static 735 int 736 ufs_remove(struct vop_old_remove_args *ap) 737 { 738 struct inode *ip; 739 struct vnode *vp = ap->a_vp; 740 struct vnode *dvp = ap->a_dvp; 741 int error; 742 743 ip = VTOI(vp); 744 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 745 (VTOI(dvp)->i_flags & APPEND)) { 746 error = EPERM; 747 goto out; 748 } 749 error = ufs_dirremove(dvp, ip, ap->a_cnp->cn_flags, 0); 750 VN_KNOTE(vp, NOTE_DELETE); 751 VN_KNOTE(dvp, NOTE_WRITE); 752 out: 753 return (error); 754 } 755 756 /* 757 * link vnode call 758 * 759 * ufs_link(struct vnode *a_tdvp, struct vnode *a_vp, 760 * struct componentname *a_cnp) 761 */ 762 static 763 int 764 ufs_link(struct vop_old_link_args *ap) 765 { 766 struct vnode *vp = ap->a_vp; 767 struct vnode *tdvp = ap->a_tdvp; 768 struct componentname *cnp = ap->a_cnp; 769 struct inode *ip; 770 struct direct newdir; 771 int error; 772 773 if (tdvp->v_mount != vp->v_mount) { 774 error = EXDEV; 775 goto out2; 776 } 777 if (tdvp != vp && (error = vn_lock(vp, LK_EXCLUSIVE))) { 778 goto out2; 779 } 780 ip = VTOI(vp); 781 if ((nlink_t)ip->i_nlink >= LINK_MAX) { 782 error = EMLINK; 783 goto out1; 784 } 785 if (ip->i_flags & (IMMUTABLE | APPEND)) { 786 error = EPERM; 787 goto out1; 788 } 789 ip->i_effnlink++; 790 ip->i_nlink++; 791 ip->i_flag |= IN_CHANGE; 792 if (DOINGSOFTDEP(vp)) 793 softdep_change_linkcnt(ip); 794 error = ffs_update(vp, !(DOINGSOFTDEP(vp) | DOINGASYNC(vp))); 795 if (!error) { 796 ufs_makedirentry(ip, cnp, &newdir); 797 error = ufs_direnter(tdvp, vp, &newdir, cnp, NULL); 798 } 799 800 if (error) { 801 ip->i_effnlink--; 802 ip->i_nlink--; 803 ip->i_flag |= IN_CHANGE; 804 if (DOINGSOFTDEP(vp)) 805 softdep_change_linkcnt(ip); 806 } 807 out1: 808 if (tdvp != vp) 809 vn_unlock(vp); 810 out2: 811 VN_KNOTE(vp, NOTE_LINK); 812 VN_KNOTE(tdvp, NOTE_WRITE); 813 return (error); 814 } 815 816 /* 817 * whiteout vnode call 818 * 819 * ufs_whiteout(struct vnode *a_dvp, struct componentname *a_cnp, int a_flags) 820 */ 821 static 822 int 823 ufs_whiteout(struct vop_old_whiteout_args *ap) 824 { 825 struct vnode *dvp = ap->a_dvp; 826 struct componentname *cnp = ap->a_cnp; 827 struct direct newdir; 828 int error = 0; 829 830 switch (ap->a_flags) { 831 case NAMEI_LOOKUP: 832 /* 4.4 format directories support whiteout operations */ 833 if (dvp->v_mount->mnt_maxsymlinklen > 0) 834 return (0); 835 return (EOPNOTSUPP); 836 837 case NAMEI_CREATE: 838 /* create a new directory whiteout */ 839 #ifdef DIAGNOSTIC 840 if (dvp->v_mount->mnt_maxsymlinklen <= 0) 841 panic("ufs_whiteout: old format filesystem"); 842 #endif 843 844 newdir.d_ino = WINO; 845 newdir.d_namlen = cnp->cn_namelen; 846 bcopy(cnp->cn_nameptr, newdir.d_name, (unsigned)cnp->cn_namelen + 1); 847 newdir.d_type = DT_WHT; 848 error = ufs_direnter(dvp, NULL, &newdir, cnp, NULL); 849 break; 850 851 case NAMEI_DELETE: 852 /* remove an existing directory whiteout */ 853 #ifdef DIAGNOSTIC 854 if (dvp->v_mount->mnt_maxsymlinklen <= 0) 855 panic("ufs_whiteout: old format filesystem"); 856 #endif 857 858 cnp->cn_flags &= ~CNP_DOWHITEOUT; 859 error = ufs_dirremove(dvp, NULL, cnp->cn_flags, 0); 860 break; 861 default: 862 panic("ufs_whiteout: unknown op"); 863 } 864 return (error); 865 } 866 867 /* 868 * Rename system call. 869 * rename("foo", "bar"); 870 * is essentially 871 * unlink("bar"); 872 * link("foo", "bar"); 873 * unlink("foo"); 874 * but ``atomically''. Can't do full commit without saving state in the 875 * inode on disk which isn't feasible at this time. Best we can do is 876 * always guarantee the target exists. 877 * 878 * Basic algorithm is: 879 * 880 * 1) Bump link count on source while we're linking it to the 881 * target. This also ensure the inode won't be deleted out 882 * from underneath us while we work (it may be truncated by 883 * a concurrent `trunc' or `open' for creation). 884 * 2) Link source to destination. If destination already exists, 885 * delete it first. 886 * 3) Unlink source reference to inode if still around. If a 887 * directory was moved and the parent of the destination 888 * is different from the source, patch the ".." entry in the 889 * directory. 890 * 891 * ufs_rename(struct vnode *a_fdvp, struct vnode *a_fvp, 892 * struct componentname *a_fcnp, struct vnode *a_tdvp, 893 * struct vnode *a_tvp, struct componentname *a_tcnp) 894 */ 895 static 896 int 897 ufs_rename(struct vop_old_rename_args *ap) 898 { 899 struct vnode *tvp = ap->a_tvp; 900 struct vnode *tdvp = ap->a_tdvp; 901 struct vnode *fvp = ap->a_fvp; 902 struct vnode *fdvp = ap->a_fdvp; 903 struct componentname *tcnp = ap->a_tcnp; 904 struct componentname *fcnp = ap->a_fcnp; 905 struct inode *ip, *xp, *dp; 906 struct direct newdir; 907 ino_t oldparent = 0, newparent = 0; 908 int doingdirectory = 0; 909 int error = 0, ioflag; 910 911 /* 912 * Check for cross-device rename. 913 */ 914 if ((fvp->v_mount != tdvp->v_mount) || 915 (tvp && (fvp->v_mount != tvp->v_mount))) { 916 error = EXDEV; 917 abortit: 918 if (tdvp == tvp) 919 vrele(tdvp); 920 else 921 vput(tdvp); 922 if (tvp) 923 vput(tvp); 924 vrele(fdvp); 925 vrele(fvp); 926 return (error); 927 } 928 929 if (tvp && ((VTOI(tvp)->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 930 (VTOI(tdvp)->i_flags & APPEND))) { 931 error = EPERM; 932 goto abortit; 933 } 934 935 /* 936 * Renaming a file to itself has no effect. The upper layers should 937 * not call us in that case. Temporarily just warn if they do. 938 */ 939 if (fvp == tvp) { 940 kprintf("ufs_rename: fvp == tvp (can't happen)\n"); 941 error = 0; 942 goto abortit; 943 } 944 945 if ((error = vn_lock(fvp, LK_EXCLUSIVE)) != 0) 946 goto abortit; 947 948 /* 949 * Note: now that fvp is locked we have to be sure to unlock it before 950 * using the 'abortit' target. 951 */ 952 dp = VTOI(fdvp); 953 ip = VTOI(fvp); 954 if (ip->i_nlink >= LINK_MAX) { 955 vn_unlock(fvp); 956 error = EMLINK; 957 goto abortit; 958 } 959 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) 960 || (dp->i_flags & APPEND)) { 961 vn_unlock(fvp); 962 error = EPERM; 963 goto abortit; 964 } 965 if ((ip->i_mode & IFMT) == IFDIR) { 966 /* 967 * Avoid ".", "..", and aliases of "." for obvious reasons. 968 */ 969 if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') || 970 dp == ip || (fcnp->cn_flags | tcnp->cn_flags) & CNP_ISDOTDOT || 971 (ip->i_flag & IN_RENAME)) { 972 vn_unlock(fvp); 973 error = EINVAL; 974 goto abortit; 975 } 976 ip->i_flag |= IN_RENAME; 977 oldparent = dp->i_number; 978 doingdirectory = 1; 979 } 980 VN_KNOTE(fdvp, NOTE_WRITE); /* XXX right place? */ 981 982 /* 983 * fvp still locked. ip->i_flag has IN_RENAME set if doingdirectory. 984 * Cleanup fvp requirements so we can unlock it. 985 * 986 * tvp and tdvp are locked. tvp may be NULL. Now that dp and xp 987 * is setup we can use the 'bad' target if we unlock fvp. We cannot 988 * use the abortit target anymore because of IN_RENAME. 989 */ 990 dp = VTOI(tdvp); 991 if (tvp) 992 xp = VTOI(tvp); 993 else 994 xp = NULL; 995 996 /* 997 * 1) Bump link count while we're moving stuff 998 * around. If we crash somewhere before 999 * completing our work, the link count 1000 * may be wrong, but correctable. 1001 */ 1002 ip->i_effnlink++; 1003 ip->i_nlink++; 1004 ip->i_flag |= IN_CHANGE; 1005 if (DOINGSOFTDEP(fvp)) 1006 softdep_change_linkcnt(ip); 1007 if ((error = ffs_update(fvp, !(DOINGSOFTDEP(fvp) | 1008 DOINGASYNC(fvp)))) != 0) { 1009 vn_unlock(fvp); 1010 goto bad; 1011 } 1012 1013 /* 1014 * If ".." must be changed (ie the directory gets a new 1015 * parent) then the source directory must not be in the 1016 * directory heirarchy above the target, as this would 1017 * orphan everything below the source directory. Also 1018 * the user must have write permission in the source so 1019 * as to be able to change "..". We must repeat the call 1020 * to namei, as the parent directory is unlocked by the 1021 * call to checkpath(). 1022 */ 1023 error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred); 1024 vn_unlock(fvp); 1025 1026 /* 1027 * We are now back to where we were in that fvp, fdvp are unlocked 1028 * and tvp, tdvp are locked. tvp may be NULL. IN_RENAME may be 1029 * set. Only the bad target or, if we clean up tvp and tdvp, the 1030 * out target, may be used. 1031 */ 1032 if (oldparent != dp->i_number) 1033 newparent = dp->i_number; 1034 if (doingdirectory && newparent) { 1035 if (error) /* write access check above */ 1036 goto bad; 1037 1038 /* 1039 * Once we start messing with tvp and tdvp we cannot use the 1040 * 'bad' target, only finish cleaning tdvp and tvp up and 1041 * use the 'out' target. 1042 * 1043 * This cleans up tvp. 1044 */ 1045 if (xp != NULL) { 1046 vput(tvp); 1047 xp = NULL; 1048 } 1049 1050 /* 1051 * This is a real mess. ufs_checkpath vput's the target 1052 * directory so retain an extra ref and note that tdvp will 1053 * lose its lock on return. This leaves us with one good 1054 * ref after ufs_checkpath returns. 1055 */ 1056 vref(tdvp); 1057 error = ufs_checkpath(ip, dp, tcnp->cn_cred); 1058 tcnp->cn_flags |= CNP_PDIRUNLOCK; 1059 if (error) { 1060 vrele(tdvp); 1061 goto out; 1062 } 1063 1064 /* 1065 * relookup no longer messes with tdvp's refs. tdvp must be 1066 * unlocked on entry and will be locked on a successful 1067 * return. 1068 */ 1069 error = relookup(tdvp, &tvp, tcnp); 1070 if (error) { 1071 if (tcnp->cn_flags & CNP_PDIRUNLOCK) 1072 vrele(tdvp); 1073 else 1074 vput(tdvp); 1075 goto out; 1076 } 1077 KKASSERT((tcnp->cn_flags & CNP_PDIRUNLOCK) == 0); 1078 dp = VTOI(tdvp); 1079 if (tvp) 1080 xp = VTOI(tvp); 1081 } 1082 1083 /* 1084 * We are back to fvp, fdvp unlocked, tvp, tdvp locked. tvp may 1085 * be NULL (xp will also be NULL in that case), and IN_RENAME will 1086 * be set if doingdirectory. This means we can use the 'bad' target 1087 * again. 1088 */ 1089 1090 /* 1091 * 2) If target doesn't exist, link the target 1092 * to the source and unlink the source. 1093 * Otherwise, rewrite the target directory 1094 * entry to reference the source inode and 1095 * expunge the original entry's existence. 1096 */ 1097 if (xp == NULL) { 1098 if (dp->i_dev != ip->i_dev) 1099 panic("ufs_rename: EXDEV"); 1100 /* 1101 * Account for ".." in new directory. 1102 * When source and destination have the same 1103 * parent we don't fool with the link count. 1104 */ 1105 if (doingdirectory && newparent) { 1106 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1107 error = EMLINK; 1108 goto bad; 1109 } 1110 dp->i_effnlink++; 1111 dp->i_nlink++; 1112 dp->i_flag |= IN_CHANGE; 1113 if (DOINGSOFTDEP(tdvp)) 1114 softdep_change_linkcnt(dp); 1115 error = ffs_update(tdvp, !(DOINGSOFTDEP(tdvp) | 1116 DOINGASYNC(tdvp))); 1117 if (error) 1118 goto bad; 1119 } 1120 ufs_makedirentry(ip, tcnp, &newdir); 1121 error = ufs_direnter(tdvp, NULL, &newdir, tcnp, NULL); 1122 if (error) { 1123 if (doingdirectory && newparent) { 1124 dp->i_effnlink--; 1125 dp->i_nlink--; 1126 dp->i_flag |= IN_CHANGE; 1127 if (DOINGSOFTDEP(tdvp)) 1128 softdep_change_linkcnt(dp); 1129 (void)ffs_update(tdvp, 1); 1130 } 1131 goto bad; 1132 } 1133 VN_KNOTE(tdvp, NOTE_WRITE); 1134 vput(tdvp); 1135 } else { 1136 if (xp->i_dev != dp->i_dev || xp->i_dev != ip->i_dev) 1137 panic("ufs_rename: EXDEV"); 1138 /* 1139 * Short circuit rename(foo, foo). 1140 */ 1141 if (xp->i_number == ip->i_number) 1142 panic("ufs_rename: same file"); 1143 /* 1144 * If the parent directory is "sticky", then the user must 1145 * own the parent directory, or the destination of the rename, 1146 * otherwise the destination may not be changed (except by 1147 * root). This implements append-only directories. 1148 */ 1149 if ((dp->i_mode & S_ISTXT) && tcnp->cn_cred->cr_uid != 0 && 1150 tcnp->cn_cred->cr_uid != dp->i_uid && 1151 xp->i_uid != tcnp->cn_cred->cr_uid) { 1152 error = EPERM; 1153 goto bad; 1154 } 1155 /* 1156 * Target must be empty if a directory and have no links 1157 * to it. Also, ensure source and target are compatible 1158 * (both directories, or both not directories). 1159 * 1160 * Purge the file or directory being replaced from the 1161 * nameccache. 1162 */ 1163 if ((xp->i_mode&IFMT) == IFDIR) { 1164 if ((xp->i_effnlink > 2) || 1165 !ufs_dirempty(xp, dp->i_number, tcnp->cn_cred)) { 1166 error = ENOTEMPTY; 1167 goto bad; 1168 } 1169 if (!doingdirectory) { 1170 error = ENOTDIR; 1171 goto bad; 1172 } 1173 /* cache_purge removed - handled by VFS compat layer */ 1174 } else if (doingdirectory == 0) { 1175 /* cache_purge removed - handled by VFS compat layer */ 1176 } else { 1177 error = EISDIR; 1178 goto bad; 1179 } 1180 /* 1181 * note: inode passed to ufs_dirrewrite() is 0 for a 1182 * non-directory file rename, 1 for a directory rename 1183 * in the same directory, and > 1 for an inode representing 1184 * the new directory. 1185 */ 1186 error = ufs_dirrewrite(dp, xp, ip->i_number, 1187 IFTODT(ip->i_mode), 1188 (doingdirectory && newparent) ? 1189 newparent : (ino_t)doingdirectory); 1190 if (error) 1191 goto bad; 1192 if (doingdirectory) { 1193 if (!newparent) { 1194 dp->i_effnlink--; 1195 if (DOINGSOFTDEP(tdvp)) 1196 softdep_change_linkcnt(dp); 1197 } 1198 xp->i_effnlink--; 1199 if (DOINGSOFTDEP(tvp)) 1200 softdep_change_linkcnt(xp); 1201 } 1202 if (doingdirectory && !DOINGSOFTDEP(tvp)) { 1203 /* 1204 * Truncate inode. The only stuff left in the directory 1205 * is "." and "..". The "." reference is inconsequential 1206 * since we are quashing it. We have removed the "." 1207 * reference and the reference in the parent directory, 1208 * but there may be other hard links. The soft 1209 * dependency code will arrange to do these operations 1210 * after the parent directory entry has been deleted on 1211 * disk, so when running with that code we avoid doing 1212 * them now. 1213 */ 1214 if (!newparent) { 1215 dp->i_nlink--; 1216 dp->i_flag |= IN_CHANGE; 1217 } 1218 xp->i_nlink--; 1219 xp->i_flag |= IN_CHANGE; 1220 ioflag = DOINGASYNC(tvp) ? 0 : IO_SYNC; 1221 error = ffs_truncate(tvp, (off_t)0, ioflag, 1222 tcnp->cn_cred); 1223 if (error) 1224 goto bad; 1225 } 1226 VN_KNOTE(tdvp, NOTE_WRITE); 1227 vput(tdvp); 1228 VN_KNOTE(tvp, NOTE_DELETE); 1229 vput(tvp); 1230 xp = NULL; 1231 } 1232 1233 /* 1234 * tvp and tdvp have been cleaned up. only fvp and fdvp (both 1235 * unlocked) remain. We are about to overwrite fvp but we have to 1236 * keep 'ip' intact so we cannot release the old fvp, which is still 1237 * refd and accessible via ap->a_fvp. 1238 * 1239 * This means we cannot use either 'bad' or 'out' to cleanup any 1240 * more. 1241 */ 1242 1243 /* 1244 * 3) Unlink the source. 1245 */ 1246 fcnp->cn_flags &= ~CNP_MODMASK; 1247 fcnp->cn_flags |= CNP_LOCKPARENT; 1248 error = relookup(fdvp, &fvp, fcnp); 1249 if (error || fvp == NULL) { 1250 /* 1251 * From name has disappeared. IN_RENAME will not be set if 1252 * we get past the panic so we don't have to clean it up. 1253 */ 1254 if (doingdirectory) 1255 panic("ufs_rename: lost dir entry"); 1256 vrele(ap->a_fvp); 1257 if (fcnp->cn_flags & CNP_PDIRUNLOCK) 1258 vrele(fdvp); 1259 else 1260 vput(fdvp); 1261 return(0); 1262 } 1263 KKASSERT((fcnp->cn_flags & CNP_PDIRUNLOCK) == 0); 1264 1265 /* 1266 * fdvp and fvp are locked. 1267 */ 1268 xp = VTOI(fvp); 1269 dp = VTOI(fdvp); 1270 1271 /* 1272 * Ensure that the directory entry still exists and has not 1273 * changed while the new name has been entered. If the source is 1274 * a file then the entry may have been unlinked or renamed. In 1275 * either case there is no further work to be done. If the source 1276 * is a directory then it cannot have been rmdir'ed; the IN_RENAME 1277 * flag ensures that it cannot be moved by another rename or removed 1278 * by a rmdir. Cleanup IN_RENAME. 1279 */ 1280 if (xp != ip) { 1281 if (doingdirectory) 1282 panic("ufs_rename: lost dir entry"); 1283 } else { 1284 /* 1285 * If the source is a directory with a 1286 * new parent, the link count of the old 1287 * parent directory must be decremented 1288 * and ".." set to point to the new parent. 1289 */ 1290 if (doingdirectory && newparent) { 1291 xp->i_offset = mastertemplate.dot_reclen; 1292 ufs_dirrewrite(xp, dp, newparent, DT_DIR, 0); 1293 /* cache_purge removed - handled by VFS compat layer */ 1294 } 1295 error = ufs_dirremove(fdvp, xp, fcnp->cn_flags, 0); 1296 xp->i_flag &= ~IN_RENAME; 1297 } 1298 1299 VN_KNOTE(fvp, NOTE_RENAME); 1300 vput(fdvp); 1301 vput(fvp); 1302 vrele(ap->a_fvp); 1303 return (error); 1304 1305 bad: 1306 if (xp) 1307 vput(ITOV(xp)); 1308 vput(ITOV(dp)); 1309 out: 1310 if (doingdirectory) 1311 ip->i_flag &= ~IN_RENAME; 1312 if (vn_lock(fvp, LK_EXCLUSIVE) == 0) { 1313 ip->i_effnlink--; 1314 ip->i_nlink--; 1315 ip->i_flag |= IN_CHANGE; 1316 ip->i_flag &= ~IN_RENAME; 1317 if (DOINGSOFTDEP(fvp)) 1318 softdep_change_linkcnt(ip); 1319 vput(fvp); 1320 } else { 1321 vrele(fvp); 1322 } 1323 return (error); 1324 } 1325 1326 /* 1327 * Mkdir system call 1328 * 1329 * ufs_mkdir(struct vnode *a_dvp, struct vnode **a_vpp, 1330 * struct componentname *a_cnp, struct vattr *a_vap) 1331 */ 1332 static 1333 int 1334 ufs_mkdir(struct vop_old_mkdir_args *ap) 1335 { 1336 struct vnode *dvp = ap->a_dvp; 1337 struct vattr *vap = ap->a_vap; 1338 struct componentname *cnp = ap->a_cnp; 1339 struct inode *ip, *dp; 1340 struct vnode *tvp; 1341 struct buf *bp; 1342 struct dirtemplate dirtemplate, *dtp; 1343 struct direct newdir; 1344 int error, dmode; 1345 long blkoff; 1346 1347 dp = VTOI(dvp); 1348 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1349 error = EMLINK; 1350 goto out; 1351 } 1352 dmode = vap->va_mode & 0777; 1353 dmode |= IFDIR; 1354 /* 1355 * Must simulate part of ufs_makeinode here to acquire the inode, 1356 * but not have it entered in the parent directory. The entry is 1357 * made later after writing "." and ".." entries. 1358 */ 1359 error = ffs_valloc(dvp, dmode, cnp->cn_cred, &tvp); 1360 if (error) 1361 goto out; 1362 ip = VTOI(tvp); 1363 ip->i_gid = dp->i_gid; 1364 #ifdef SUIDDIR 1365 { 1366 #ifdef QUOTA 1367 struct ucred ucred, *ucp; 1368 ucp = cnp->cn_cred; 1369 #endif 1370 /* 1371 * If we are hacking owners here, (only do this where told to) 1372 * and we are not giving it TO root, (would subvert quotas) 1373 * then go ahead and give it to the other user. 1374 * The new directory also inherits the SUID bit. 1375 * If user's UID and dir UID are the same, 1376 * 'give it away' so that the SUID is still forced on. 1377 */ 1378 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 1379 (dp->i_mode & ISUID) && dp->i_uid) { 1380 dmode |= ISUID; 1381 ip->i_uid = dp->i_uid; 1382 #ifdef QUOTA 1383 if (dp->i_uid != cnp->cn_cred->cr_uid) { 1384 /* 1385 * Make sure the correct user gets charged 1386 * for the space. 1387 * Make a dummy credential for the victim. 1388 * XXX This seems to never be accessed out of 1389 * our context so a stack variable is ok. 1390 */ 1391 ucred.cr_ref = 1; 1392 ucred.cr_uid = ip->i_uid; 1393 ucred.cr_ngroups = 1; 1394 ucred.cr_groups[0] = dp->i_gid; 1395 ucp = &ucred; 1396 } 1397 #endif 1398 } else 1399 ip->i_uid = cnp->cn_cred->cr_uid; 1400 #ifdef QUOTA 1401 if ((error = ufs_getinoquota(ip)) || 1402 (error = ufs_chkiq(ip, 1, ucp, 0))) { 1403 ffs_vfree(tvp, ip->i_number, dmode); 1404 vput(tvp); 1405 return (error); 1406 } 1407 #endif 1408 } 1409 #else /* !SUIDDIR */ 1410 ip->i_uid = cnp->cn_cred->cr_uid; 1411 #ifdef QUOTA 1412 if ((error = ufs_getinoquota(ip)) || 1413 (error = ufs_chkiq(ip, 1, cnp->cn_cred, 0))) { 1414 ffs_vfree(tvp, ip->i_number, dmode); 1415 vput(tvp); 1416 return (error); 1417 } 1418 #endif 1419 #endif /* !SUIDDIR */ 1420 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 1421 ip->i_mode = dmode; 1422 tvp->v_type = VDIR; /* Rest init'd in getnewvnode(). */ 1423 ip->i_effnlink = 2; 1424 ip->i_nlink = 2; 1425 if (DOINGSOFTDEP(tvp)) 1426 softdep_change_linkcnt(ip); 1427 if (cnp->cn_flags & CNP_ISWHITEOUT) 1428 ip->i_flags |= UF_OPAQUE; 1429 1430 /* 1431 * Bump link count in parent directory to reflect work done below. 1432 * Should be done before reference is created so cleanup is 1433 * possible if we crash. 1434 */ 1435 dp->i_effnlink++; 1436 dp->i_nlink++; 1437 dp->i_flag |= IN_CHANGE; 1438 if (DOINGSOFTDEP(dvp)) 1439 softdep_change_linkcnt(dp); 1440 error = ffs_update(tvp, !(DOINGSOFTDEP(dvp) | DOINGASYNC(dvp))); 1441 if (error) 1442 goto bad; 1443 1444 /* 1445 * The vnode must have a VM object in order to issue buffer cache 1446 * ops on it. 1447 */ 1448 vinitvmio(tvp, DIRBLKSIZ); 1449 1450 /* 1451 * Initialize directory with "." and ".." from static template. 1452 */ 1453 if (dvp->v_mount->mnt_maxsymlinklen > 0) 1454 dtp = &mastertemplate; 1455 else 1456 dtp = (struct dirtemplate *)&omastertemplate; 1457 dirtemplate = *dtp; 1458 dirtemplate.dot_ino = ip->i_number; 1459 dirtemplate.dotdot_ino = dp->i_number; 1460 vnode_pager_setsize(tvp, DIRBLKSIZ); 1461 error = VOP_BALLOC(tvp, 0LL, DIRBLKSIZ, cnp->cn_cred, B_CLRBUF, &bp); 1462 if (error) 1463 goto bad; 1464 ip->i_size = DIRBLKSIZ; 1465 ip->i_flag |= IN_CHANGE | IN_UPDATE; 1466 bcopy((caddr_t)&dirtemplate, (caddr_t)bp->b_data, sizeof dirtemplate); 1467 if (DOINGSOFTDEP(tvp)) { 1468 /* 1469 * Ensure that the entire newly allocated block is a 1470 * valid directory so that future growth within the 1471 * block does not have to ensure that the block is 1472 * written before the inode. 1473 */ 1474 blkoff = DIRBLKSIZ; 1475 while (blkoff < bp->b_bcount) { 1476 ((struct direct *) 1477 (bp->b_data + blkoff))->d_reclen = DIRBLKSIZ; 1478 blkoff += DIRBLKSIZ; 1479 } 1480 } 1481 if ((error = ffs_update(tvp, !(DOINGSOFTDEP(tvp) | 1482 DOINGASYNC(tvp)))) != 0) { 1483 bwrite(bp); 1484 goto bad; 1485 } 1486 /* 1487 * Directory set up, now install its entry in the parent directory. 1488 * 1489 * If we are not doing soft dependencies, then we must write out the 1490 * buffer containing the new directory body before entering the new 1491 * name in the parent. If we are doing soft dependencies, then the 1492 * buffer containing the new directory body will be passed to and 1493 * released in the soft dependency code after the code has attached 1494 * an appropriate ordering dependency to the buffer which ensures that 1495 * the buffer is written before the new name is written in the parent. 1496 */ 1497 if (DOINGASYNC(dvp)) 1498 bdwrite(bp); 1499 else if (!DOINGSOFTDEP(dvp) && (error = bwrite(bp)) != 0) 1500 goto bad; 1501 ufs_makedirentry(ip, cnp, &newdir); 1502 error = ufs_direnter(dvp, tvp, &newdir, cnp, bp); 1503 1504 bad: 1505 if (error == 0) { 1506 VN_KNOTE(dvp, NOTE_WRITE | NOTE_LINK); 1507 *ap->a_vpp = tvp; 1508 } else { 1509 dp->i_effnlink--; 1510 dp->i_nlink--; 1511 dp->i_flag |= IN_CHANGE; 1512 if (DOINGSOFTDEP(dvp)) 1513 softdep_change_linkcnt(dp); 1514 /* 1515 * No need to do an explicit VOP_TRUNCATE here, vrele will 1516 * do this for us because we set the link count to 0. 1517 */ 1518 ip->i_effnlink = 0; 1519 ip->i_nlink = 0; 1520 ip->i_flag |= IN_CHANGE; 1521 if (DOINGSOFTDEP(tvp)) 1522 softdep_change_linkcnt(ip); 1523 vput(tvp); 1524 } 1525 out: 1526 return (error); 1527 } 1528 1529 /* 1530 * Rmdir system call. 1531 * 1532 * ufs_rmdir(struct vnode *a_dvp, struct vnode *a_vp, 1533 * struct componentname *a_cnp) 1534 */ 1535 static 1536 int 1537 ufs_rmdir(struct vop_old_rmdir_args *ap) 1538 { 1539 struct vnode *vp = ap->a_vp; 1540 struct vnode *dvp = ap->a_dvp; 1541 struct componentname *cnp = ap->a_cnp; 1542 struct inode *ip, *dp; 1543 int error, ioflag; 1544 1545 ip = VTOI(vp); 1546 dp = VTOI(dvp); 1547 1548 /* 1549 * Do not remove a directory that is in the process of being renamed. 1550 * Verify the directory is empty (and valid). Rmdir ".." will not be 1551 * valid since ".." will contain a reference to the current directory 1552 * and thus be non-empty. Do not allow the removal of mounted on 1553 * directories (this can happen when an NFS exported filesystem 1554 * tries to remove a locally mounted on directory). 1555 */ 1556 error = 0; 1557 if (ip->i_flag & IN_RENAME) { 1558 error = EINVAL; 1559 goto out; 1560 } 1561 if (ip->i_effnlink != 2 || 1562 !ufs_dirempty(ip, dp->i_number, cnp->cn_cred)) { 1563 error = ENOTEMPTY; 1564 goto out; 1565 } 1566 if ((dp->i_flags & APPEND) 1567 || (ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))) { 1568 error = EPERM; 1569 goto out; 1570 } 1571 /* 1572 * Delete reference to directory before purging 1573 * inode. If we crash in between, the directory 1574 * will be reattached to lost+found, 1575 */ 1576 dp->i_effnlink--; 1577 ip->i_effnlink--; 1578 if (DOINGSOFTDEP(vp)) { 1579 softdep_change_linkcnt(dp); 1580 softdep_change_linkcnt(ip); 1581 } 1582 error = ufs_dirremove(dvp, ip, cnp->cn_flags, 1); 1583 if (error) { 1584 dp->i_effnlink++; 1585 ip->i_effnlink++; 1586 if (DOINGSOFTDEP(vp)) { 1587 softdep_change_linkcnt(dp); 1588 softdep_change_linkcnt(ip); 1589 } 1590 goto out; 1591 } 1592 VN_KNOTE(dvp, NOTE_WRITE | NOTE_LINK); 1593 /* 1594 * Truncate inode. The only stuff left in the directory is "." and 1595 * "..". The "." reference is inconsequential since we are quashing 1596 * it. The soft dependency code will arrange to do these operations 1597 * after the parent directory entry has been deleted on disk, so 1598 * when running with that code we avoid doing them now. 1599 */ 1600 if (!DOINGSOFTDEP(vp)) { 1601 dp->i_nlink--; 1602 dp->i_flag |= IN_CHANGE; 1603 ip->i_nlink--; 1604 ip->i_flag |= IN_CHANGE; 1605 ioflag = DOINGASYNC(vp) ? 0 : IO_SYNC; 1606 error = ffs_truncate(vp, (off_t)0, ioflag, cnp->cn_cred); 1607 } 1608 /* cache_purge removed - handled by VFS compat layer */ 1609 #ifdef UFS_DIRHASH 1610 /* Kill any active hash; i_effnlink == 0, so it will not come back. */ 1611 if (ip->i_dirhash != NULL) 1612 ufsdirhash_free(ip); 1613 #endif 1614 out: 1615 VN_KNOTE(vp, NOTE_DELETE); 1616 return (error); 1617 } 1618 1619 /* 1620 * symlink -- make a symbolic link 1621 * 1622 * ufs_symlink(struct vnode *a_dvp, struct vnode **a_vpp, 1623 * struct componentname *a_cnp, struct vattr *a_vap, 1624 * char *a_target) 1625 */ 1626 static 1627 int 1628 ufs_symlink(struct vop_old_symlink_args *ap) 1629 { 1630 struct vnode *vp, **vpp = ap->a_vpp; 1631 struct inode *ip; 1632 int len, error; 1633 1634 error = ufs_makeinode(IFLNK | ap->a_vap->va_mode, ap->a_dvp, 1635 vpp, ap->a_cnp); 1636 if (error) 1637 return (error); 1638 VN_KNOTE(ap->a_dvp, NOTE_WRITE); 1639 vp = *vpp; 1640 len = strlen(ap->a_target); 1641 if (len < vp->v_mount->mnt_maxsymlinklen) { 1642 ip = VTOI(vp); 1643 bcopy(ap->a_target, (char *)ip->i_shortlink, len); 1644 ip->i_size = len; 1645 ip->i_flag |= IN_CHANGE | IN_UPDATE; 1646 } else { 1647 /* 1648 * Make sure we have a VM object in order to use 1649 * the buffer cache. 1650 */ 1651 if (vp->v_object == NULL) 1652 vinitvmio(vp, 0); 1653 error = vn_rdwr(UIO_WRITE, vp, ap->a_target, len, (off_t)0, 1654 UIO_SYSSPACE, IO_NODELOCKED, 1655 ap->a_cnp->cn_cred, NULL); 1656 } 1657 if (error) 1658 vput(vp); 1659 return (error); 1660 } 1661 1662 /* 1663 * Vnode op for reading directories. 1664 * 1665 * ufs_readdir(struct vnode *a_vp, struct uio *a_uio, struct ucred *a_cred, 1666 * int *a_eofflag, int *ncookies, off_t **a_cookies) 1667 */ 1668 static 1669 int 1670 ufs_readdir(struct vop_readdir_args *ap) 1671 { 1672 struct uio *uio = ap->a_uio; 1673 struct vnode *vp = ap->a_vp; 1674 struct direct *dp; 1675 struct buf *bp; 1676 int retval; 1677 int error; 1678 int offset; /* offset into buffer cache buffer */ 1679 int eoffset; /* end of buffer clipped to file EOF */ 1680 int pickup; /* pickup point */ 1681 int ncookies; 1682 int cookie_index; 1683 off_t *cookies; 1684 1685 if (uio->uio_offset < 0) 1686 return (EINVAL); 1687 /* 1688 * Guess the number of cookies needed. Make sure we compute at 1689 * least 1, and no more then a reasonable limit. 1690 */ 1691 if (ap->a_ncookies) { 1692 ncookies = uio->uio_resid / 16 + 1; 1693 if (ncookies > 1024) 1694 ncookies = 1024; 1695 cookies = kmalloc(ncookies * sizeof(off_t), M_TEMP, M_WAITOK); 1696 } else { 1697 ncookies = -1; /* force conditionals below */ 1698 cookies = NULL; 1699 } 1700 cookie_index = 0; 1701 1702 if ((error = vn_lock(vp, LK_EXCLUSIVE | LK_RETRY)) != 0) 1703 return (error); 1704 1705 /* 1706 * Past or at EOF 1707 */ 1708 if (uio->uio_offset >= VTOI(vp)->i_size) { 1709 if (ap->a_eofflag) 1710 *ap->a_eofflag = 1; 1711 if (ap->a_ncookies) { 1712 *ap->a_ncookies = cookie_index; 1713 *ap->a_cookies = cookies; 1714 } 1715 goto done; 1716 } 1717 1718 /* 1719 * Loop until we run out of cookies, we run out of user buffer, 1720 * or we hit the directory EOF. 1721 * 1722 * Always start scans at the beginning of the buffer, don't trust 1723 * the offset supplied by userland. 1724 */ 1725 while ((error = ffs_blkatoff_ra(vp, uio->uio_offset, NULL, &bp, 2)) == 0) { 1726 pickup = (int)(uio->uio_offset - bp->b_loffset); 1727 offset = 0; 1728 retval = 0; 1729 if (bp->b_loffset + bp->b_bcount > VTOI(vp)->i_size) 1730 eoffset = (int)(VTOI(vp)->i_size - bp->b_loffset); 1731 else 1732 eoffset = bp->b_bcount; 1733 1734 while (offset < eoffset) { 1735 dp = (struct direct *)(bp->b_data + offset); 1736 if (dp->d_reclen <= 0 || (dp->d_reclen & 3) || 1737 offset + dp->d_reclen > bp->b_bcount) { 1738 error = EIO; 1739 break; 1740 } 1741 if (offsetof(struct direct, d_name[dp->d_namlen]) > dp->d_reclen) { 1742 error = EIO; 1743 break; 1744 } 1745 if (offset < pickup) { 1746 offset += dp->d_reclen; 1747 continue; 1748 } 1749 #if BYTE_ORDER == LITTLE_ENDIAN 1750 if (OFSFMT(vp)) { 1751 retval = vop_write_dirent(&error, uio, 1752 dp->d_ino, dp->d_namlen, dp->d_type, 1753 dp->d_name); 1754 } else 1755 #endif 1756 { 1757 retval = vop_write_dirent(&error, uio, 1758 dp->d_ino, dp->d_type, dp->d_namlen, 1759 dp->d_name); 1760 } 1761 if (retval) 1762 break; 1763 if (cookies) 1764 cookies[cookie_index] = bp->b_loffset + offset; 1765 ++cookie_index; 1766 offset += dp->d_reclen; 1767 if (cookie_index == ncookies) 1768 break; 1769 } 1770 1771 /* 1772 * This will align the next loop to the beginning of the 1773 * next block, and pickup will calculate to 0. 1774 */ 1775 uio->uio_offset = bp->b_loffset + offset; 1776 brelse(bp); 1777 1778 if (retval || error || cookie_index == ncookies || 1779 uio->uio_offset >= VTOI(vp)->i_size) { 1780 break; 1781 } 1782 } 1783 if (ap->a_eofflag) 1784 *ap->a_eofflag = VTOI(vp)->i_size <= uio->uio_offset; 1785 1786 /* 1787 * Report errors only if we didn't manage to read anything 1788 */ 1789 if (error && cookie_index == 0) { 1790 if (cookies) { 1791 kfree(cookies, M_TEMP); 1792 *ap->a_ncookies = 0; 1793 *ap->a_cookies = NULL; 1794 } 1795 } else { 1796 error = 0; 1797 if (cookies) { 1798 *ap->a_ncookies = cookie_index; 1799 *ap->a_cookies = cookies; 1800 } 1801 } 1802 done: 1803 vn_unlock(vp); 1804 return (error); 1805 } 1806 1807 /* 1808 * Return target name of a symbolic link 1809 * 1810 * ufs_readlink(struct vnode *a_vp, struct uio *a_uio, struct ucred *a_cred) 1811 */ 1812 static 1813 int 1814 ufs_readlink(struct vop_readlink_args *ap) 1815 { 1816 struct vnode *vp = ap->a_vp; 1817 struct inode *ip = VTOI(vp); 1818 int isize; 1819 1820 isize = ip->i_size; 1821 if ((isize < vp->v_mount->mnt_maxsymlinklen) || 1822 (ip->i_din.di_blocks == 0)) { /* XXX - for old fastlink support */ 1823 uiomove((char *)ip->i_shortlink, isize, ap->a_uio); 1824 return (0); 1825 } 1826 1827 /* 1828 * Perform the equivalent of an OPEN on vp so we can issue a 1829 * VOP_READ. 1830 */ 1831 return (VOP_READ(vp, ap->a_uio, 0, ap->a_cred)); 1832 } 1833 1834 /* 1835 * Calculate the logical to physical mapping if not done already, 1836 * then call the device strategy routine. 1837 * 1838 * In order to be able to swap to a file, the VOP_BMAP operation may not 1839 * deadlock on memory. See ufs_bmap() for details. 1840 * 1841 * ufs_strategy(struct vnode *a_vp, struct bio *a_bio) 1842 */ 1843 static 1844 int 1845 ufs_strategy(struct vop_strategy_args *ap) 1846 { 1847 struct bio *bio = ap->a_bio; 1848 struct bio *nbio; 1849 struct buf *bp = bio->bio_buf; 1850 struct vnode *vp = ap->a_vp; 1851 struct inode *ip; 1852 int error; 1853 1854 ip = VTOI(vp); 1855 if (vp->v_type == VBLK || vp->v_type == VCHR) 1856 panic("ufs_strategy: spec"); 1857 nbio = push_bio(bio); 1858 if (nbio->bio_offset == NOOFFSET) { 1859 error = VOP_BMAP(vp, bio->bio_offset, &nbio->bio_offset, 1860 NULL, NULL, bp->b_cmd); 1861 if (error) { 1862 bp->b_error = error; 1863 bp->b_flags |= B_ERROR; 1864 /* I/O was never started on nbio, must biodone(bio) */ 1865 biodone(bio); 1866 return (error); 1867 } 1868 if (nbio->bio_offset == NOOFFSET) 1869 vfs_bio_clrbuf(bp); 1870 } 1871 if (nbio->bio_offset == NOOFFSET) { 1872 /* 1873 * We hit a hole in the file. The buffer has been zero-filled 1874 * so just biodone() it. 1875 */ 1876 biodone(bio); 1877 } else { 1878 vn_strategy(ip->i_devvp, nbio); 1879 } 1880 return (0); 1881 } 1882 1883 /* 1884 * Print out the contents of an inode. 1885 * 1886 * ufs_print(struct vnode *a_vp) 1887 */ 1888 static 1889 int 1890 ufs_print(struct vop_print_args *ap) 1891 { 1892 struct vnode *vp = ap->a_vp; 1893 struct inode *ip = VTOI(vp); 1894 1895 kprintf("tag VT_UFS, ino %lu, on dev %s (%d, %d)", 1896 (u_long)ip->i_number, devtoname(ip->i_dev), major(ip->i_dev), 1897 minor(ip->i_dev)); 1898 if (vp->v_type == VFIFO) 1899 fifo_printinfo(vp); 1900 lockmgr_printinfo(&vp->v_lock); 1901 kprintf("\n"); 1902 return (0); 1903 } 1904 1905 /* 1906 * Read wrapper for special devices. 1907 * 1908 * ufsspec_read(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1909 * struct ucred *a_cred) 1910 */ 1911 static 1912 int 1913 ufsspec_read(struct vop_read_args *ap) 1914 { 1915 int error, resid; 1916 struct inode *ip; 1917 struct uio *uio; 1918 1919 uio = ap->a_uio; 1920 resid = uio->uio_resid; 1921 error = VOCALL(&spec_vnode_vops, &ap->a_head); 1922 /* 1923 * The inode may have been revoked during the call, so it must not 1924 * be accessed blindly here or in the other wrapper functions. 1925 */ 1926 ip = VTOI(ap->a_vp); 1927 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 1928 ip->i_flag |= IN_ACCESS; 1929 return (error); 1930 } 1931 1932 /* 1933 * Write wrapper for special devices. 1934 * 1935 * ufsspec_write(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1936 * struct ucred *a_cred) 1937 */ 1938 static 1939 int 1940 ufsspec_write(struct vop_write_args *ap) 1941 { 1942 int error, resid; 1943 struct inode *ip; 1944 struct uio *uio; 1945 1946 uio = ap->a_uio; 1947 resid = uio->uio_resid; 1948 error = VOCALL(&spec_vnode_vops, &ap->a_head); 1949 ip = VTOI(ap->a_vp); 1950 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 1951 VTOI(ap->a_vp)->i_flag |= IN_CHANGE | IN_UPDATE; 1952 return (error); 1953 } 1954 1955 /* 1956 * Close wrapper for special devices. 1957 * 1958 * Update the times on the inode then do device close. 1959 * 1960 * ufsspec_close(struct vnode *a_vp, int a_fflag) 1961 */ 1962 static 1963 int 1964 ufsspec_close(struct vop_close_args *ap) 1965 { 1966 struct vnode *vp = ap->a_vp; 1967 1968 if (vp->v_sysref.refcnt > 1) 1969 ufs_itimes(vp); 1970 return (VOCALL(&spec_vnode_vops, &ap->a_head)); 1971 } 1972 1973 /* 1974 * Read wrapper for fifos. 1975 * 1976 * ufsfifo_read(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1977 * struct ucred *a_cred) 1978 */ 1979 static 1980 int 1981 ufsfifo_read(struct vop_read_args *ap) 1982 { 1983 int error, resid; 1984 struct inode *ip; 1985 struct uio *uio; 1986 1987 uio = ap->a_uio; 1988 resid = uio->uio_resid; 1989 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 1990 ip = VTOI(ap->a_vp); 1991 if ((ap->a_vp->v_mount->mnt_flag & MNT_NOATIME) == 0 && ip != NULL && 1992 (uio->uio_resid != resid || (error == 0 && resid != 0))) 1993 VTOI(ap->a_vp)->i_flag |= IN_ACCESS; 1994 return (error); 1995 } 1996 1997 /* 1998 * Write wrapper for fifos. 1999 * 2000 * ufsfifo_write(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 2001 * struct ucred *a_cred) 2002 */ 2003 static 2004 int 2005 ufsfifo_write(struct vop_write_args *ap) 2006 { 2007 int error, resid; 2008 struct inode *ip; 2009 struct uio *uio; 2010 2011 uio = ap->a_uio; 2012 resid = uio->uio_resid; 2013 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 2014 ip = VTOI(ap->a_vp); 2015 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 2016 VTOI(ap->a_vp)->i_flag |= IN_CHANGE | IN_UPDATE; 2017 return (error); 2018 } 2019 2020 /* 2021 * Close wrapper for fifos. 2022 * 2023 * Update the times on the inode then do device close. 2024 * 2025 * ufsfifo_close(struct vnode *a_vp, int a_fflag) 2026 */ 2027 static 2028 int 2029 ufsfifo_close(struct vop_close_args *ap) 2030 { 2031 struct vnode *vp = ap->a_vp; 2032 2033 if (vp->v_sysref.refcnt > 1) 2034 ufs_itimes(vp); 2035 return (VOCALL(&fifo_vnode_vops, &ap->a_head)); 2036 } 2037 2038 /* 2039 * Kqfilter wrapper for fifos. 2040 * 2041 * Fall through to ufs kqfilter routines if needed 2042 */ 2043 static 2044 int 2045 ufsfifo_kqfilter(struct vop_kqfilter_args *ap) 2046 { 2047 int error; 2048 2049 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 2050 if (error) 2051 error = ufs_kqfilter(ap); 2052 return (error); 2053 } 2054 2055 /* 2056 * Advisory record locking support 2057 * 2058 * ufs_advlock(struct vnode *a_vp, caddr_t a_id, int a_op, struct flock *a_fl, 2059 * int a_flags) 2060 */ 2061 static 2062 int 2063 ufs_advlock(struct vop_advlock_args *ap) 2064 { 2065 struct inode *ip = VTOI(ap->a_vp); 2066 2067 return (lf_advlock(ap, &(ip->i_lockf), ip->i_size)); 2068 } 2069 2070 /* 2071 * Initialize the vnode associated with a new inode, handle aliased 2072 * vnodes. 2073 * 2074 * Make sure directories have their VM object now rather then later, 2075 * saving us from having to check on all the myrid directory VOPs 2076 * that might be executed without a VOP_OPEN being performed. 2077 */ 2078 int 2079 ufs_vinit(struct mount *mntp, struct vnode **vpp) 2080 { 2081 struct inode *ip; 2082 struct vnode *vp; 2083 struct timeval tv; 2084 2085 vp = *vpp; 2086 ip = VTOI(vp); 2087 2088 vp->v_type = IFTOVT(ip->i_mode); 2089 2090 switch(vp->v_type) { 2091 case VCHR: 2092 case VBLK: 2093 vp->v_ops = &mntp->mnt_vn_spec_ops; 2094 addaliasu(vp, umajor(ip->i_rdev), uminor(ip->i_rdev)); 2095 break; 2096 case VFIFO: 2097 vp->v_ops = &mntp->mnt_vn_fifo_ops; 2098 break; 2099 case VDIR: 2100 case VREG: 2101 vinitvmio(vp, ip->i_size); 2102 break; 2103 case VLNK: 2104 if (ip->i_size >= vp->v_mount->mnt_maxsymlinklen) 2105 vinitvmio(vp, ip->i_size); 2106 break; 2107 default: 2108 break; 2109 2110 } 2111 2112 if (ip->i_number == ROOTINO) 2113 vp->v_flag |= VROOT; 2114 /* 2115 * Initialize modrev times 2116 */ 2117 getmicrouptime(&tv); 2118 SETHIGH(ip->i_modrev, tv.tv_sec); 2119 SETLOW(ip->i_modrev, tv.tv_usec * 4294); 2120 *vpp = vp; 2121 return (0); 2122 } 2123 2124 /* 2125 * Allocate a new inode. 2126 */ 2127 static 2128 int 2129 ufs_makeinode(int mode, struct vnode *dvp, struct vnode **vpp, 2130 struct componentname *cnp) 2131 { 2132 struct inode *ip, *pdir; 2133 struct direct newdir; 2134 struct vnode *tvp; 2135 int error; 2136 2137 pdir = VTOI(dvp); 2138 *vpp = NULL; 2139 if ((mode & IFMT) == 0) 2140 mode |= IFREG; 2141 2142 error = ffs_valloc(dvp, mode, cnp->cn_cred, &tvp); 2143 if (error) 2144 return (error); 2145 ip = VTOI(tvp); 2146 ip->i_flags = pdir->i_flags & (SF_NOHISTORY|UF_NOHISTORY|UF_NODUMP); 2147 ip->i_gid = pdir->i_gid; 2148 #ifdef SUIDDIR 2149 { 2150 #ifdef QUOTA 2151 struct ucred ucred, *ucp; 2152 ucp = cnp->cn_cred; 2153 #endif 2154 /* 2155 * If we are not the owner of the directory, 2156 * and we are hacking owners here, (only do this where told to) 2157 * and we are not giving it TO root, (would subvert quotas) 2158 * then go ahead and give it to the other user. 2159 * Note that this drops off the execute bits for security. 2160 */ 2161 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 2162 (pdir->i_mode & ISUID) && 2163 (pdir->i_uid != cnp->cn_cred->cr_uid) && pdir->i_uid) { 2164 ip->i_uid = pdir->i_uid; 2165 mode &= ~07111; 2166 #ifdef QUOTA 2167 /* 2168 * Make sure the correct user gets charged 2169 * for the space. 2170 * Quickly knock up a dummy credential for the victim. 2171 * XXX This seems to never be accessed out of our 2172 * context so a stack variable is ok. 2173 */ 2174 ucred.cr_ref = 1; 2175 ucred.cr_uid = ip->i_uid; 2176 ucred.cr_ngroups = 1; 2177 ucred.cr_groups[0] = pdir->i_gid; 2178 ucp = &ucred; 2179 #endif 2180 } else 2181 ip->i_uid = cnp->cn_cred->cr_uid; 2182 2183 #ifdef QUOTA 2184 if ((error = ufs_getinoquota(ip)) || 2185 (error = ufs_chkiq(ip, 1, ucp, 0))) { 2186 ffs_vfree(tvp, ip->i_number, mode); 2187 vput(tvp); 2188 return (error); 2189 } 2190 #endif 2191 } 2192 #else /* !SUIDDIR */ 2193 ip->i_uid = cnp->cn_cred->cr_uid; 2194 #ifdef QUOTA 2195 if ((error = ufs_getinoquota(ip)) || 2196 (error = ufs_chkiq(ip, 1, cnp->cn_cred, 0))) { 2197 ffs_vfree(tvp, ip->i_number, mode); 2198 vput(tvp); 2199 return (error); 2200 } 2201 #endif 2202 #endif /* !SUIDDIR */ 2203 ip->i_fsmid = cache_getnewfsmid(); 2204 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 2205 ip->i_mode = mode; 2206 tvp->v_type = IFTOVT(mode); /* Rest init'd in getnewvnode(). */ 2207 ip->i_effnlink = 1; 2208 ip->i_nlink = 1; 2209 if (DOINGSOFTDEP(tvp)) 2210 softdep_change_linkcnt(ip); 2211 if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) && 2212 priv_check_cred(cnp->cn_cred, PRIV_ROOT, 0)) { 2213 ip->i_mode &= ~ISGID; 2214 } 2215 2216 if (cnp->cn_flags & CNP_ISWHITEOUT) 2217 ip->i_flags |= UF_OPAQUE; 2218 2219 /* 2220 * Regular files and directories need VM objects. Softlinks do 2221 * not (not immediately anyway). 2222 */ 2223 if (tvp->v_type == VREG || tvp->v_type == VDIR) 2224 vinitvmio(tvp, 0); 2225 2226 /* 2227 * Make sure inode goes to disk before directory entry. 2228 */ 2229 error = ffs_update(tvp, !(DOINGSOFTDEP(tvp) | DOINGASYNC(tvp))); 2230 if (error) 2231 goto bad; 2232 ufs_makedirentry(ip, cnp, &newdir); 2233 error = ufs_direnter(dvp, tvp, &newdir, cnp, NULL); 2234 if (error) 2235 goto bad; 2236 *vpp = tvp; 2237 return (0); 2238 2239 bad: 2240 /* 2241 * Write error occurred trying to update the inode 2242 * or the directory so must deallocate the inode. 2243 */ 2244 ip->i_effnlink = 0; 2245 ip->i_nlink = 0; 2246 ip->i_flag |= IN_CHANGE; 2247 if (DOINGSOFTDEP(tvp)) 2248 softdep_change_linkcnt(ip); 2249 vput(tvp); 2250 return (error); 2251 } 2252 2253 static int 2254 ufs_missingop(struct vop_generic_args *ap) 2255 { 2256 panic("no vop function for %s in ufs child", ap->a_desc->sd_name); 2257 return (EOPNOTSUPP); 2258 } 2259 2260 static struct filterops ufsread_filtops = 2261 { 1, NULL, filt_ufsdetach, filt_ufsread }; 2262 static struct filterops ufswrite_filtops = 2263 { 1, NULL, filt_ufsdetach, filt_ufswrite }; 2264 static struct filterops ufsvnode_filtops = 2265 { 1, NULL, filt_ufsdetach, filt_ufsvnode }; 2266 2267 /* 2268 * ufs_kqfilter(struct vnode *a_vp, struct knote *a_kn) 2269 */ 2270 static int 2271 ufs_kqfilter(struct vop_kqfilter_args *ap) 2272 { 2273 struct vnode *vp = ap->a_vp; 2274 struct knote *kn = ap->a_kn; 2275 lwkt_tokref ilock; 2276 2277 switch (kn->kn_filter) { 2278 case EVFILT_READ: 2279 kn->kn_fop = &ufsread_filtops; 2280 break; 2281 case EVFILT_WRITE: 2282 kn->kn_fop = &ufswrite_filtops; 2283 break; 2284 case EVFILT_VNODE: 2285 kn->kn_fop = &ufsvnode_filtops; 2286 break; 2287 default: 2288 return (1); 2289 } 2290 2291 kn->kn_hook = (caddr_t)vp; 2292 2293 lwkt_gettoken(&ilock, &vp->v_pollinfo.vpi_token); 2294 SLIST_INSERT_HEAD(&vp->v_pollinfo.vpi_selinfo.si_note, kn, kn_selnext); 2295 lwkt_reltoken(&ilock); 2296 2297 return (0); 2298 } 2299 2300 static void 2301 filt_ufsdetach(struct knote *kn) 2302 { 2303 struct vnode *vp = (struct vnode *)kn->kn_hook; 2304 lwkt_tokref ilock; 2305 2306 lwkt_gettoken(&ilock, &vp->v_pollinfo.vpi_token); 2307 SLIST_REMOVE(&vp->v_pollinfo.vpi_selinfo.si_note, 2308 kn, knote, kn_selnext); 2309 lwkt_reltoken(&ilock); 2310 } 2311 2312 /*ARGSUSED*/ 2313 static int 2314 filt_ufsread(struct knote *kn, long hint) 2315 { 2316 struct vnode *vp = (struct vnode *)kn->kn_hook; 2317 struct inode *ip = VTOI(vp); 2318 2319 /* 2320 * filesystem is gone, so set the EOF flag and schedule 2321 * the knote for deletion. 2322 */ 2323 if (hint == NOTE_REVOKE) { 2324 kn->kn_flags |= (EV_EOF | EV_ONESHOT); 2325 return (1); 2326 } 2327 2328 kn->kn_data = ip->i_size - kn->kn_fp->f_offset; 2329 return (kn->kn_data != 0); 2330 } 2331 2332 /*ARGSUSED*/ 2333 static int 2334 filt_ufswrite(struct knote *kn, long hint) 2335 { 2336 /* 2337 * filesystem is gone, so set the EOF flag and schedule 2338 * the knote for deletion. 2339 */ 2340 if (hint == NOTE_REVOKE) 2341 kn->kn_flags |= (EV_EOF | EV_ONESHOT); 2342 2343 kn->kn_data = 0; 2344 return (1); 2345 } 2346 2347 static int 2348 filt_ufsvnode(struct knote *kn, long hint) 2349 { 2350 if (kn->kn_sfflags & hint) 2351 kn->kn_fflags |= hint; 2352 if (hint == NOTE_REVOKE) { 2353 kn->kn_flags |= EV_EOF; 2354 return (1); 2355 } 2356 return (kn->kn_fflags != 0); 2357 } 2358 2359 /* Global vfs data structures for ufs. */ 2360 static struct vop_ops ufs_vnode_vops = { 2361 .vop_default = vop_defaultop, 2362 .vop_fsync = (void *)ufs_missingop, 2363 .vop_read = (void *)ufs_missingop, 2364 .vop_reallocblks = (void *)ufs_missingop, 2365 .vop_write = (void *)ufs_missingop, 2366 .vop_access = ufs_access, 2367 .vop_advlock = ufs_advlock, 2368 .vop_bmap = ufs_bmap, 2369 .vop_old_lookup = ufs_lookup, 2370 .vop_close = ufs_close, 2371 .vop_old_create = ufs_create, 2372 .vop_getattr = ufs_getattr, 2373 .vop_inactive = ufs_inactive, 2374 .vop_old_link = ufs_link, 2375 .vop_old_mkdir = ufs_mkdir, 2376 .vop_old_mknod = ufs_mknod, 2377 .vop_mmap = ufs_mmap, 2378 .vop_open = ufs_open, 2379 .vop_pathconf = vop_stdpathconf, 2380 .vop_poll = vop_stdpoll, 2381 .vop_kqfilter = ufs_kqfilter, 2382 .vop_print = ufs_print, 2383 .vop_readdir = ufs_readdir, 2384 .vop_readlink = ufs_readlink, 2385 .vop_reclaim = ufs_reclaim, 2386 .vop_old_remove = ufs_remove, 2387 .vop_old_rename = ufs_rename, 2388 .vop_old_rmdir = ufs_rmdir, 2389 .vop_setattr = ufs_setattr, 2390 .vop_markatime = ufs_markatime, 2391 .vop_strategy = ufs_strategy, 2392 .vop_old_symlink = ufs_symlink, 2393 .vop_old_whiteout = ufs_whiteout 2394 }; 2395 2396 static struct vop_ops ufs_spec_vops = { 2397 .vop_default = spec_vnoperate, 2398 .vop_fsync = (void *)ufs_missingop, 2399 .vop_access = ufs_access, 2400 .vop_close = ufsspec_close, 2401 .vop_getattr = ufs_getattr, 2402 .vop_inactive = ufs_inactive, 2403 .vop_print = ufs_print, 2404 .vop_read = ufsspec_read, 2405 .vop_reclaim = ufs_reclaim, 2406 .vop_setattr = ufs_setattr, 2407 .vop_markatime = ufs_markatime, 2408 .vop_write = ufsspec_write 2409 }; 2410 2411 static struct vop_ops ufs_fifo_vops = { 2412 .vop_default = fifo_vnoperate, 2413 .vop_fsync = (void *)ufs_missingop, 2414 .vop_access = ufs_access, 2415 .vop_close = ufsfifo_close, 2416 .vop_getattr = ufs_getattr, 2417 .vop_inactive = ufs_inactive, 2418 .vop_kqfilter = ufsfifo_kqfilter, 2419 .vop_print = ufs_print, 2420 .vop_read = ufsfifo_read, 2421 .vop_reclaim = ufs_reclaim, 2422 .vop_setattr = ufs_setattr, 2423 .vop_markatime = ufs_markatime, 2424 .vop_write = ufsfifo_write 2425 }; 2426 2427 VNODEOP_SET(ufs_vnode_vops); 2428 VNODEOP_SET(ufs_spec_vops); 2429 VNODEOP_SET(ufs_fifo_vops); 2430 2431 /* 2432 * ufs_vnoperate() 2433 */ 2434 int 2435 ufs_vnoperate(struct vop_generic_args *ap) 2436 { 2437 return (VOCALL(&ufs_vnode_vops, ap)); 2438 } 2439 2440 /* 2441 * ufs_vnoperatefifo() 2442 */ 2443 int 2444 ufs_vnoperatefifo(struct vop_generic_args *ap) 2445 { 2446 return (VOCALL(&ufs_fifo_vops, ap)); 2447 } 2448 2449 /* 2450 * ufs_vnoperatespec() 2451 */ 2452 int 2453 ufs_vnoperatespec(struct vop_generic_args *ap) 2454 { 2455 return (VOCALL(&ufs_spec_vops, ap)); 2456 } 2457