1 /* 2 * Copyright (c) 1982, 1986, 1989, 1993, 1995 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)ufs_vnops.c 8.27 (Berkeley) 5/27/95 39 * $FreeBSD: src/sys/ufs/ufs/ufs_vnops.c,v 1.131.2.8 2003/01/02 17:26:19 bde Exp $ 40 * $DragonFly: src/sys/vfs/ufs/ufs_vnops.c,v 1.60 2007/05/09 00:53:36 dillon Exp $ 41 */ 42 43 #include "opt_quota.h" 44 #include "opt_suiddir.h" 45 #include "opt_ufs.h" 46 47 #include <sys/param.h> 48 #include <sys/systm.h> 49 #include <sys/kernel.h> 50 #include <sys/fcntl.h> 51 #include <sys/stat.h> 52 #include <sys/buf.h> 53 #include <sys/proc.h> 54 #include <sys/namei.h> 55 #include <sys/mount.h> 56 #include <sys/unistd.h> 57 #include <sys/vnode.h> 58 #include <sys/malloc.h> 59 #include <sys/dirent.h> 60 #include <sys/lockf.h> 61 #include <sys/event.h> 62 #include <sys/conf.h> 63 64 #include <sys/file.h> /* XXX */ 65 #include <sys/jail.h> 66 67 #include <vm/vm.h> 68 #include <vm/vm_extern.h> 69 70 #include <vfs/fifofs/fifo.h> 71 72 #include "quota.h" 73 #include "inode.h" 74 #include "dir.h" 75 #include "ufsmount.h" 76 #include "ufs_extern.h" 77 #include "ffs_extern.h" 78 #ifdef UFS_DIRHASH 79 #include "dirhash.h" 80 #endif 81 82 static int ufs_access (struct vop_access_args *); 83 static int ufs_advlock (struct vop_advlock_args *); 84 static int ufs_chmod (struct vnode *, int, struct ucred *); 85 static int ufs_chown (struct vnode *, uid_t, gid_t, struct ucred *); 86 static int ufs_close (struct vop_close_args *); 87 static int ufs_create (struct vop_old_create_args *); 88 static int ufs_getattr (struct vop_getattr_args *); 89 static int ufs_link (struct vop_old_link_args *); 90 static int ufs_makeinode (int mode, struct vnode *, struct vnode **, struct componentname *); 91 static int ufs_missingop (struct vop_generic_args *ap); 92 static int ufs_mkdir (struct vop_old_mkdir_args *); 93 static int ufs_mknod (struct vop_old_mknod_args *); 94 static int ufs_mmap (struct vop_mmap_args *); 95 static int ufs_open (struct vop_open_args *); 96 static int ufs_pathconf (struct vop_pathconf_args *); 97 static int ufs_print (struct vop_print_args *); 98 static int ufs_readdir (struct vop_readdir_args *); 99 static int ufs_readlink (struct vop_readlink_args *); 100 static int ufs_remove (struct vop_old_remove_args *); 101 static int ufs_rename (struct vop_old_rename_args *); 102 static int ufs_rmdir (struct vop_old_rmdir_args *); 103 static int ufs_setattr (struct vop_setattr_args *); 104 static int ufs_strategy (struct vop_strategy_args *); 105 static int ufs_symlink (struct vop_old_symlink_args *); 106 static int ufs_whiteout (struct vop_old_whiteout_args *); 107 static int ufsfifo_close (struct vop_close_args *); 108 static int ufsfifo_kqfilter (struct vop_kqfilter_args *); 109 static int ufsfifo_read (struct vop_read_args *); 110 static int ufsfifo_write (struct vop_write_args *); 111 static int ufsspec_close (struct vop_close_args *); 112 static int ufsspec_read (struct vop_read_args *); 113 static int ufsspec_write (struct vop_write_args *); 114 static int filt_ufsread (struct knote *kn, long hint); 115 static int filt_ufswrite (struct knote *kn, long hint); 116 static int filt_ufsvnode (struct knote *kn, long hint); 117 static void filt_ufsdetach (struct knote *kn); 118 static int ufs_kqfilter (struct vop_kqfilter_args *ap); 119 120 union _qcvt { 121 int64_t qcvt; 122 int32_t val[2]; 123 }; 124 #define SETHIGH(q, h) { \ 125 union _qcvt tmp; \ 126 tmp.qcvt = (q); \ 127 tmp.val[_QUAD_HIGHWORD] = (h); \ 128 (q) = tmp.qcvt; \ 129 } 130 #define SETLOW(q, l) { \ 131 union _qcvt tmp; \ 132 tmp.qcvt = (q); \ 133 tmp.val[_QUAD_LOWWORD] = (l); \ 134 (q) = tmp.qcvt; \ 135 } 136 #define VN_KNOTE(vp, b) \ 137 KNOTE(&vp->v_pollinfo.vpi_selinfo.si_note, (b)) 138 139 #define OFSFMT(vp) ((vp)->v_mount->mnt_maxsymlinklen <= 0) 140 141 /* 142 * A virgin directory (no blushing please). 143 */ 144 static struct dirtemplate mastertemplate = { 145 0, 12, DT_DIR, 1, ".", 146 0, DIRBLKSIZ - 12, DT_DIR, 2, ".." 147 }; 148 static struct odirtemplate omastertemplate = { 149 0, 12, 1, ".", 150 0, DIRBLKSIZ - 12, 2, ".." 151 }; 152 153 void 154 ufs_itimes(struct vnode *vp) 155 { 156 struct inode *ip; 157 struct timespec ts; 158 159 ip = VTOI(vp); 160 if ((ip->i_flag & (IN_ACCESS | IN_CHANGE | IN_UPDATE)) == 0) 161 return; 162 if ((vp->v_type == VBLK || vp->v_type == VCHR) && !DOINGSOFTDEP(vp)) 163 ip->i_flag |= IN_LAZYMOD; 164 else 165 ip->i_flag |= IN_MODIFIED; 166 if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) { 167 vfs_timestamp(&ts); 168 if (ip->i_flag & IN_ACCESS) { 169 ip->i_atime = ts.tv_sec; 170 ip->i_atimensec = ts.tv_nsec; 171 } 172 if (ip->i_flag & IN_UPDATE) { 173 ip->i_mtime = ts.tv_sec; 174 ip->i_mtimensec = ts.tv_nsec; 175 ip->i_modrev++; 176 } 177 if (ip->i_flag & IN_CHANGE) { 178 ip->i_ctime = ts.tv_sec; 179 ip->i_ctimensec = ts.tv_nsec; 180 } 181 } 182 ip->i_flag &= ~(IN_ACCESS | IN_CHANGE | IN_UPDATE); 183 } 184 185 /* 186 * Create a regular file 187 * 188 * ufs_create(struct vnode *a_dvp, struct vnode **a_vpp, 189 * struct componentname *a_cnp, struct vattr *a_vap) 190 */ 191 static 192 int 193 ufs_create(struct vop_old_create_args *ap) 194 { 195 int error; 196 197 error = 198 ufs_makeinode(MAKEIMODE(ap->a_vap->va_type, ap->a_vap->va_mode), 199 ap->a_dvp, ap->a_vpp, ap->a_cnp); 200 if (error) 201 return (error); 202 VN_KNOTE(ap->a_dvp, NOTE_WRITE); 203 return (0); 204 } 205 206 /* 207 * Mknod vnode call 208 * 209 * ufs_mknod(struct vnode *a_dvp, struct vnode **a_vpp, 210 * struct componentname *a_cnp, struct vattr *a_vap) 211 */ 212 /* ARGSUSED */ 213 static 214 int 215 ufs_mknod(struct vop_old_mknod_args *ap) 216 { 217 struct vattr *vap = ap->a_vap; 218 struct vnode **vpp = ap->a_vpp; 219 struct inode *ip; 220 ino_t ino; 221 int error; 222 223 /* 224 * UFS cannot represent the entire major/minor range supported by 225 * the kernel. 226 */ 227 if (vap->va_rmajor != VNOVAL && 228 makeudev(vap->va_rmajor, vap->va_rminor) == NOUDEV) { 229 return(EINVAL); 230 } 231 232 error = ufs_makeinode(MAKEIMODE(vap->va_type, vap->va_mode), 233 ap->a_dvp, vpp, ap->a_cnp); 234 if (error) 235 return (error); 236 VN_KNOTE(ap->a_dvp, NOTE_WRITE); 237 ip = VTOI(*vpp); 238 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 239 if (vap->va_rmajor != VNOVAL) { 240 /* 241 * Want to be able to use this to make badblock 242 * inodes, so don't truncate the dev number. 243 */ 244 ip->i_rdev = makeudev(vap->va_rmajor, vap->va_rminor); 245 } 246 /* 247 * Remove inode, then reload it through VFS_VGET so it is 248 * checked to see if it is an alias of an existing entry in 249 * the inode cache. 250 */ 251 (*vpp)->v_type = VNON; 252 ino = ip->i_number; /* Save this before vgone() invalidates ip. */ 253 vgone_vxlocked(*vpp); 254 vput(*vpp); 255 error = VFS_VGET(ap->a_dvp->v_mount, ino, vpp); 256 if (error) { 257 *vpp = NULL; 258 return (error); 259 } 260 return (0); 261 } 262 263 /* 264 * Open called. 265 * 266 * Nothing to do. 267 * 268 * ufs_open(struct vnode *a_vp, int a_mode, struct ucred *a_cred, 269 * struct thread *a_td) 270 */ 271 /* ARGSUSED */ 272 static 273 int 274 ufs_open(struct vop_open_args *ap) 275 { 276 struct vnode *vp = ap->a_vp; 277 278 /* 279 * Files marked append-only must be opened for appending. 280 */ 281 if ((VTOI(vp)->i_flags & APPEND) && 282 (ap->a_mode & (FWRITE | O_APPEND)) == FWRITE) { 283 return (EPERM); 284 } 285 286 return (vop_stdopen(ap)); 287 } 288 289 /* 290 * Close called. 291 * 292 * Update the times on the inode. 293 * 294 * ufs_close(struct vnode *a_vp, int a_fflag, struct ucred *a_cred, 295 * struct thread *a_td) 296 */ 297 /* ARGSUSED */ 298 static 299 int 300 ufs_close(struct vop_close_args *ap) 301 { 302 struct vnode *vp = ap->a_vp; 303 304 if (vp->v_sysref.refcnt > 1) 305 ufs_itimes(vp); 306 return (vop_stdclose(ap)); 307 } 308 309 /* 310 * ufs_access(struct vnode *a_vp, int a_mode, struct ucred *a_cred, 311 * struct thread *a_td) 312 */ 313 static 314 int 315 ufs_access(struct vop_access_args *ap) 316 { 317 struct vnode *vp = ap->a_vp; 318 struct inode *ip = VTOI(vp); 319 struct ucred *cred = ap->a_cred; 320 mode_t mask, mode = ap->a_mode; 321 gid_t *gp; 322 int i; 323 #ifdef QUOTA 324 int error; 325 #endif 326 327 /* 328 * Disallow write attempts on read-only filesystems; 329 * unless the file is a socket, fifo, or a block or 330 * character device resident on the filesystem. 331 */ 332 if (mode & VWRITE) { 333 switch (vp->v_type) { 334 case VDIR: 335 case VLNK: 336 case VREG: 337 if (vp->v_mount->mnt_flag & MNT_RDONLY) 338 return (EROFS); 339 #ifdef QUOTA 340 if ((error = ufs_getinoquota(ip)) != 0) 341 return (error); 342 #endif 343 break; 344 default: 345 break; 346 } 347 } 348 349 /* If immutable bit set, nobody gets to write it. */ 350 if ((mode & VWRITE) && (ip->i_flags & IMMUTABLE)) 351 return (EPERM); 352 353 /* Otherwise, user id 0 always gets access. */ 354 if (cred->cr_uid == 0) 355 return (0); 356 357 mask = 0; 358 359 /* Otherwise, check the owner. */ 360 if (cred->cr_uid == ip->i_uid) { 361 if (mode & VEXEC) 362 mask |= S_IXUSR; 363 if (mode & VREAD) 364 mask |= S_IRUSR; 365 if (mode & VWRITE) 366 mask |= S_IWUSR; 367 return ((ip->i_mode & mask) == mask ? 0 : EACCES); 368 } 369 370 /* Otherwise, check the groups. */ 371 for (i = 0, gp = cred->cr_groups; i < cred->cr_ngroups; i++, gp++) 372 if (ip->i_gid == *gp) { 373 if (mode & VEXEC) 374 mask |= S_IXGRP; 375 if (mode & VREAD) 376 mask |= S_IRGRP; 377 if (mode & VWRITE) 378 mask |= S_IWGRP; 379 return ((ip->i_mode & mask) == mask ? 0 : EACCES); 380 } 381 382 /* Otherwise, check everyone else. */ 383 if (mode & VEXEC) 384 mask |= S_IXOTH; 385 if (mode & VREAD) 386 mask |= S_IROTH; 387 if (mode & VWRITE) 388 mask |= S_IWOTH; 389 return ((ip->i_mode & mask) == mask ? 0 : EACCES); 390 } 391 392 /* 393 * ufs_getattr(struct vnode *a_vp, struct vattr *a_vap, 394 * struct thread *a_td) 395 */ 396 /* ARGSUSED */ 397 static 398 int 399 ufs_getattr(struct vop_getattr_args *ap) 400 { 401 struct vnode *vp = ap->a_vp; 402 struct inode *ip = VTOI(vp); 403 struct vattr *vap = ap->a_vap; 404 405 /* 406 * This may cause i_fsmid to be updated even if no change (0) 407 * is returned, but we should only write out the inode if non-zero 408 * is returned and if the mount is read-write. 409 */ 410 if (cache_check_fsmid_vp(vp, &ip->i_fsmid) && 411 (vp->v_mount->mnt_flag & MNT_RDONLY) == 0 412 ) { 413 ip->i_flag |= IN_LAZYMOD; 414 } 415 416 ufs_itimes(vp); 417 /* 418 * Copy from inode table 419 */ 420 vap->va_fsid = dev2udev(ip->i_dev); 421 vap->va_fileid = ip->i_number; 422 vap->va_mode = ip->i_mode & ~IFMT; 423 vap->va_nlink = VFSTOUFS(vp->v_mount)->um_i_effnlink_valid ? 424 ip->i_effnlink : ip->i_nlink; 425 vap->va_uid = ip->i_uid; 426 vap->va_gid = ip->i_gid; 427 vap->va_rmajor = umajor(ip->i_rdev); 428 vap->va_rminor = uminor(ip->i_rdev); 429 vap->va_size = ip->i_din.di_size; 430 vap->va_atime.tv_sec = ip->i_atime; 431 vap->va_atime.tv_nsec = ip->i_atimensec; 432 vap->va_mtime.tv_sec = ip->i_mtime; 433 vap->va_mtime.tv_nsec = ip->i_mtimensec; 434 vap->va_ctime.tv_sec = ip->i_ctime; 435 vap->va_ctime.tv_nsec = ip->i_ctimensec; 436 vap->va_flags = ip->i_flags; 437 vap->va_gen = ip->i_gen; 438 vap->va_blocksize = vp->v_mount->mnt_stat.f_iosize; 439 vap->va_bytes = dbtob((u_quad_t)ip->i_blocks); 440 vap->va_type = IFTOVT(ip->i_mode); 441 vap->va_filerev = ip->i_modrev; 442 vap->va_fsmid = ip->i_fsmid; 443 return (0); 444 } 445 446 /* 447 * Set attribute vnode op. called from several syscalls 448 * 449 * ufs_setattr(struct vnode *a_vp, struct vattr *a_vap, 450 * struct ucred *a_cred, struct thread *a_td) 451 */ 452 static 453 int 454 ufs_setattr(struct vop_setattr_args *ap) 455 { 456 struct vattr *vap = ap->a_vap; 457 struct vnode *vp = ap->a_vp; 458 struct inode *ip = VTOI(vp); 459 struct ucred *cred = ap->a_cred; 460 int error; 461 462 /* 463 * Check for unsettable attributes. 464 */ 465 if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) || 466 (vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) || 467 (vap->va_blocksize != VNOVAL) || (vap->va_rmajor != VNOVAL) || 468 ((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) { 469 return (EINVAL); 470 } 471 if (vap->va_flags != VNOVAL) { 472 if (vp->v_mount->mnt_flag & MNT_RDONLY) 473 return (EROFS); 474 if (cred->cr_uid != ip->i_uid && 475 (error = suser_cred(cred, PRISON_ROOT))) 476 return (error); 477 /* 478 * Note that a root chflags becomes a user chflags when 479 * we are jailed, unless the jail.chflags_allowed sysctl 480 * is set. 481 */ 482 if (cred->cr_uid == 0 && 483 (!jailed(cred) || jail_chflags_allowed)) { 484 if ((ip->i_flags 485 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) && 486 securelevel > 0) 487 return (EPERM); 488 ip->i_flags = vap->va_flags; 489 } else { 490 if (ip->i_flags 491 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) || 492 (vap->va_flags & UF_SETTABLE) != vap->va_flags) 493 return (EPERM); 494 ip->i_flags &= SF_SETTABLE; 495 ip->i_flags |= (vap->va_flags & UF_SETTABLE); 496 } 497 ip->i_flag |= IN_CHANGE; 498 if (vap->va_flags & (IMMUTABLE | APPEND)) 499 return (0); 500 } 501 if (ip->i_flags & (IMMUTABLE | APPEND)) 502 return (EPERM); 503 /* 504 * Go through the fields and update iff not VNOVAL. 505 */ 506 if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) { 507 if (vp->v_mount->mnt_flag & MNT_RDONLY) 508 return (EROFS); 509 if ((error = ufs_chown(vp, vap->va_uid, vap->va_gid, cred)) != 0) 510 return (error); 511 } 512 if (vap->va_size != VNOVAL) { 513 /* 514 * Disallow write attempts on read-only filesystems; 515 * unless the file is a socket, fifo, or a block or 516 * character device resident on the filesystem. 517 */ 518 switch (vp->v_type) { 519 case VDIR: 520 return (EISDIR); 521 case VLNK: 522 case VREG: 523 if (vp->v_mount->mnt_flag & MNT_RDONLY) 524 return (EROFS); 525 break; 526 default: 527 break; 528 } 529 if ((error = ffs_truncate(vp, vap->va_size, 0, cred)) != 0) 530 return (error); 531 } 532 ip = VTOI(vp); 533 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 534 if (vp->v_mount->mnt_flag & MNT_RDONLY) 535 return (EROFS); 536 if (cred->cr_uid != ip->i_uid && 537 (error = suser_cred(cred, PRISON_ROOT)) && 538 ((vap->va_vaflags & VA_UTIMES_NULL) == 0 || 539 (error = VOP_ACCESS(vp, VWRITE, cred)))) 540 return (error); 541 if (vap->va_atime.tv_sec != VNOVAL) 542 ip->i_flag |= IN_ACCESS; 543 if (vap->va_mtime.tv_sec != VNOVAL) 544 ip->i_flag |= IN_CHANGE | IN_UPDATE; 545 ufs_itimes(vp); 546 if (vap->va_atime.tv_sec != VNOVAL) { 547 ip->i_atime = vap->va_atime.tv_sec; 548 ip->i_atimensec = vap->va_atime.tv_nsec; 549 } 550 if (vap->va_mtime.tv_sec != VNOVAL) { 551 ip->i_mtime = vap->va_mtime.tv_sec; 552 ip->i_mtimensec = vap->va_mtime.tv_nsec; 553 } 554 error = ffs_update(vp, 0); 555 if (error) 556 return (error); 557 } 558 error = 0; 559 if (vap->va_mode != (mode_t)VNOVAL) { 560 if (vp->v_mount->mnt_flag & MNT_RDONLY) 561 return (EROFS); 562 error = ufs_chmod(vp, (int)vap->va_mode, cred); 563 } 564 VN_KNOTE(vp, NOTE_ATTRIB); 565 return (error); 566 } 567 568 /* 569 * Change the mode on a file. 570 * Inode must be locked before calling. 571 */ 572 static int 573 ufs_chmod(struct vnode *vp, int mode, struct ucred *cred) 574 { 575 struct inode *ip = VTOI(vp); 576 int error; 577 578 if (cred->cr_uid != ip->i_uid) { 579 error = suser_cred(cred, PRISON_ROOT); 580 if (error) 581 return (error); 582 } 583 if (cred->cr_uid) { 584 if (vp->v_type != VDIR && (mode & S_ISTXT)) 585 return (EFTYPE); 586 if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) 587 return (EPERM); 588 } 589 ip->i_mode &= ~ALLPERMS; 590 ip->i_mode |= (mode & ALLPERMS); 591 ip->i_flag |= IN_CHANGE; 592 return (0); 593 } 594 595 /* 596 * Perform chown operation on inode ip; 597 * inode must be locked prior to call. 598 */ 599 static int 600 ufs_chown(struct vnode *vp, uid_t uid, gid_t gid, struct ucred *cred) 601 { 602 struct inode *ip = VTOI(vp); 603 uid_t ouid; 604 gid_t ogid; 605 int error = 0; 606 #ifdef QUOTA 607 int i; 608 long change; 609 #endif 610 611 if (uid == (uid_t)VNOVAL) 612 uid = ip->i_uid; 613 if (gid == (gid_t)VNOVAL) 614 gid = ip->i_gid; 615 /* 616 * If we don't own the file, are trying to change the owner 617 * of the file, or are not a member of the target group, 618 * the caller must be superuser or the call fails. 619 */ 620 if ((cred->cr_uid != ip->i_uid || uid != ip->i_uid || 621 (gid != ip->i_gid && !(cred->cr_gid == gid || 622 groupmember((gid_t)gid, cred)))) && 623 (error = suser_cred(cred, PRISON_ROOT))) 624 return (error); 625 ogid = ip->i_gid; 626 ouid = ip->i_uid; 627 #ifdef QUOTA 628 if ((error = ufs_getinoquota(ip)) != 0) 629 return (error); 630 if (ouid == uid) { 631 ufs_dqrele(vp, ip->i_dquot[USRQUOTA]); 632 ip->i_dquot[USRQUOTA] = NODQUOT; 633 } 634 if (ogid == gid) { 635 ufs_dqrele(vp, ip->i_dquot[GRPQUOTA]); 636 ip->i_dquot[GRPQUOTA] = NODQUOT; 637 } 638 change = ip->i_blocks; 639 (void) ufs_chkdq(ip, -change, cred, CHOWN); 640 (void) ufs_chkiq(ip, -1, cred, CHOWN); 641 for (i = 0; i < MAXQUOTAS; i++) { 642 ufs_dqrele(vp, ip->i_dquot[i]); 643 ip->i_dquot[i] = NODQUOT; 644 } 645 #endif 646 ip->i_gid = gid; 647 ip->i_uid = uid; 648 #ifdef QUOTA 649 if ((error = ufs_getinoquota(ip)) == 0) { 650 if (ouid == uid) { 651 ufs_dqrele(vp, ip->i_dquot[USRQUOTA]); 652 ip->i_dquot[USRQUOTA] = NODQUOT; 653 } 654 if (ogid == gid) { 655 ufs_dqrele(vp, ip->i_dquot[GRPQUOTA]); 656 ip->i_dquot[GRPQUOTA] = NODQUOT; 657 } 658 if ((error = ufs_chkdq(ip, change, cred, CHOWN)) == 0) { 659 if ((error = ufs_chkiq(ip, 1, cred, CHOWN)) == 0) 660 goto good; 661 else 662 (void)ufs_chkdq(ip, -change, cred, CHOWN|FORCE); 663 } 664 for (i = 0; i < MAXQUOTAS; i++) { 665 ufs_dqrele(vp, ip->i_dquot[i]); 666 ip->i_dquot[i] = NODQUOT; 667 } 668 } 669 ip->i_gid = ogid; 670 ip->i_uid = ouid; 671 if (ufs_getinoquota(ip) == 0) { 672 if (ouid == uid) { 673 ufs_dqrele(vp, ip->i_dquot[USRQUOTA]); 674 ip->i_dquot[USRQUOTA] = NODQUOT; 675 } 676 if (ogid == gid) { 677 ufs_dqrele(vp, ip->i_dquot[GRPQUOTA]); 678 ip->i_dquot[GRPQUOTA] = NODQUOT; 679 } 680 (void) ufs_chkdq(ip, change, cred, FORCE|CHOWN); 681 (void) ufs_chkiq(ip, 1, cred, FORCE|CHOWN); 682 (void) ufs_getinoquota(ip); 683 } 684 return (error); 685 good: 686 if (ufs_getinoquota(ip)) 687 panic("ufs_chown: lost quota"); 688 #endif /* QUOTA */ 689 ip->i_flag |= IN_CHANGE; 690 if (cred->cr_uid != 0 && (ouid != uid || ogid != gid)) 691 ip->i_mode &= ~(ISUID | ISGID); 692 return (0); 693 } 694 695 /* 696 * Mmap a file 697 * 698 * NB Currently unsupported. 699 * 700 * ufs_mmap(struct vnode *a_vp, int a_fflags, struct ucred *a_cred, 701 * struct thread *a_td) 702 */ 703 /* ARGSUSED */ 704 static 705 int 706 ufs_mmap(struct vop_mmap_args *ap) 707 { 708 return (EINVAL); 709 } 710 711 /* 712 * ufs_remove(struct vnode *a_dvp, struct vnode *a_vp, 713 * struct componentname *a_cnp) 714 */ 715 static 716 int 717 ufs_remove(struct vop_old_remove_args *ap) 718 { 719 struct inode *ip; 720 struct vnode *vp = ap->a_vp; 721 struct vnode *dvp = ap->a_dvp; 722 int error; 723 724 ip = VTOI(vp); 725 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 726 (VTOI(dvp)->i_flags & APPEND)) { 727 error = EPERM; 728 goto out; 729 } 730 error = ufs_dirremove(dvp, ip, ap->a_cnp->cn_flags, 0); 731 VN_KNOTE(vp, NOTE_DELETE); 732 VN_KNOTE(dvp, NOTE_WRITE); 733 out: 734 return (error); 735 } 736 737 /* 738 * link vnode call 739 * 740 * ufs_link(struct vnode *a_tdvp, struct vnode *a_vp, 741 * struct componentname *a_cnp) 742 */ 743 static 744 int 745 ufs_link(struct vop_old_link_args *ap) 746 { 747 struct vnode *vp = ap->a_vp; 748 struct vnode *tdvp = ap->a_tdvp; 749 struct componentname *cnp = ap->a_cnp; 750 struct inode *ip; 751 struct direct newdir; 752 int error; 753 754 if (tdvp->v_mount != vp->v_mount) { 755 error = EXDEV; 756 goto out2; 757 } 758 if (tdvp != vp && (error = vn_lock(vp, LK_EXCLUSIVE))) { 759 goto out2; 760 } 761 ip = VTOI(vp); 762 if ((nlink_t)ip->i_nlink >= LINK_MAX) { 763 error = EMLINK; 764 goto out1; 765 } 766 if (ip->i_flags & (IMMUTABLE | APPEND)) { 767 error = EPERM; 768 goto out1; 769 } 770 ip->i_effnlink++; 771 ip->i_nlink++; 772 ip->i_flag |= IN_CHANGE; 773 if (DOINGSOFTDEP(vp)) 774 softdep_change_linkcnt(ip); 775 error = ffs_update(vp, !(DOINGSOFTDEP(vp) | DOINGASYNC(vp))); 776 if (!error) { 777 ufs_makedirentry(ip, cnp, &newdir); 778 error = ufs_direnter(tdvp, vp, &newdir, cnp, NULL); 779 } 780 781 if (error) { 782 ip->i_effnlink--; 783 ip->i_nlink--; 784 ip->i_flag |= IN_CHANGE; 785 if (DOINGSOFTDEP(vp)) 786 softdep_change_linkcnt(ip); 787 } 788 out1: 789 if (tdvp != vp) 790 vn_unlock(vp); 791 out2: 792 VN_KNOTE(vp, NOTE_LINK); 793 VN_KNOTE(tdvp, NOTE_WRITE); 794 return (error); 795 } 796 797 /* 798 * whiteout vnode call 799 * 800 * ufs_whiteout(struct vnode *a_dvp, struct componentname *a_cnp, int a_flags) 801 */ 802 static 803 int 804 ufs_whiteout(struct vop_old_whiteout_args *ap) 805 { 806 struct vnode *dvp = ap->a_dvp; 807 struct componentname *cnp = ap->a_cnp; 808 struct direct newdir; 809 int error = 0; 810 811 switch (ap->a_flags) { 812 case NAMEI_LOOKUP: 813 /* 4.4 format directories support whiteout operations */ 814 if (dvp->v_mount->mnt_maxsymlinklen > 0) 815 return (0); 816 return (EOPNOTSUPP); 817 818 case NAMEI_CREATE: 819 /* create a new directory whiteout */ 820 #ifdef DIAGNOSTIC 821 if (dvp->v_mount->mnt_maxsymlinklen <= 0) 822 panic("ufs_whiteout: old format filesystem"); 823 #endif 824 825 newdir.d_ino = WINO; 826 newdir.d_namlen = cnp->cn_namelen; 827 bcopy(cnp->cn_nameptr, newdir.d_name, (unsigned)cnp->cn_namelen + 1); 828 newdir.d_type = DT_WHT; 829 error = ufs_direnter(dvp, NULL, &newdir, cnp, NULL); 830 break; 831 832 case NAMEI_DELETE: 833 /* remove an existing directory whiteout */ 834 #ifdef DIAGNOSTIC 835 if (dvp->v_mount->mnt_maxsymlinklen <= 0) 836 panic("ufs_whiteout: old format filesystem"); 837 #endif 838 839 cnp->cn_flags &= ~CNP_DOWHITEOUT; 840 error = ufs_dirremove(dvp, NULL, cnp->cn_flags, 0); 841 break; 842 default: 843 panic("ufs_whiteout: unknown op"); 844 } 845 return (error); 846 } 847 848 /* 849 * Rename system call. 850 * rename("foo", "bar"); 851 * is essentially 852 * unlink("bar"); 853 * link("foo", "bar"); 854 * unlink("foo"); 855 * but ``atomically''. Can't do full commit without saving state in the 856 * inode on disk which isn't feasible at this time. Best we can do is 857 * always guarantee the target exists. 858 * 859 * Basic algorithm is: 860 * 861 * 1) Bump link count on source while we're linking it to the 862 * target. This also ensure the inode won't be deleted out 863 * from underneath us while we work (it may be truncated by 864 * a concurrent `trunc' or `open' for creation). 865 * 2) Link source to destination. If destination already exists, 866 * delete it first. 867 * 3) Unlink source reference to inode if still around. If a 868 * directory was moved and the parent of the destination 869 * is different from the source, patch the ".." entry in the 870 * directory. 871 * 872 * ufs_rename(struct vnode *a_fdvp, struct vnode *a_fvp, 873 * struct componentname *a_fcnp, struct vnode *a_tdvp, 874 * struct vnode *a_tvp, struct componentname *a_tcnp) 875 */ 876 static 877 int 878 ufs_rename(struct vop_old_rename_args *ap) 879 { 880 struct vnode *tvp = ap->a_tvp; 881 struct vnode *tdvp = ap->a_tdvp; 882 struct vnode *fvp = ap->a_fvp; 883 struct vnode *fdvp = ap->a_fdvp; 884 struct componentname *tcnp = ap->a_tcnp; 885 struct componentname *fcnp = ap->a_fcnp; 886 struct inode *ip, *xp, *dp; 887 struct direct newdir; 888 ino_t oldparent = 0, newparent = 0; 889 int doingdirectory = 0; 890 int error = 0, ioflag; 891 892 /* 893 * Check for cross-device rename. 894 */ 895 if ((fvp->v_mount != tdvp->v_mount) || 896 (tvp && (fvp->v_mount != tvp->v_mount))) { 897 error = EXDEV; 898 abortit: 899 if (tdvp == tvp) 900 vrele(tdvp); 901 else 902 vput(tdvp); 903 if (tvp) 904 vput(tvp); 905 vrele(fdvp); 906 vrele(fvp); 907 return (error); 908 } 909 910 if (tvp && ((VTOI(tvp)->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 911 (VTOI(tdvp)->i_flags & APPEND))) { 912 error = EPERM; 913 goto abortit; 914 } 915 916 /* 917 * Renaming a file to itself has no effect. The upper layers should 918 * not call us in that case. Temporarily just warn if they do. 919 */ 920 if (fvp == tvp) { 921 kprintf("ufs_rename: fvp == tvp (can't happen)\n"); 922 error = 0; 923 goto abortit; 924 } 925 926 if ((error = vn_lock(fvp, LK_EXCLUSIVE)) != 0) 927 goto abortit; 928 929 /* 930 * Note: now that fvp is locked we have to be sure to unlock it before 931 * using the 'abortit' target. 932 */ 933 dp = VTOI(fdvp); 934 ip = VTOI(fvp); 935 if (ip->i_nlink >= LINK_MAX) { 936 vn_unlock(fvp); 937 error = EMLINK; 938 goto abortit; 939 } 940 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) 941 || (dp->i_flags & APPEND)) { 942 vn_unlock(fvp); 943 error = EPERM; 944 goto abortit; 945 } 946 if ((ip->i_mode & IFMT) == IFDIR) { 947 /* 948 * Avoid ".", "..", and aliases of "." for obvious reasons. 949 */ 950 if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') || 951 dp == ip || (fcnp->cn_flags | tcnp->cn_flags) & CNP_ISDOTDOT || 952 (ip->i_flag & IN_RENAME)) { 953 vn_unlock(fvp); 954 error = EINVAL; 955 goto abortit; 956 } 957 ip->i_flag |= IN_RENAME; 958 oldparent = dp->i_number; 959 doingdirectory = 1; 960 } 961 VN_KNOTE(fdvp, NOTE_WRITE); /* XXX right place? */ 962 963 /* 964 * fvp still locked. ip->i_flag has IN_RENAME set if doingdirectory. 965 * Cleanup fvp requirements so we can unlock it. 966 * 967 * tvp and tdvp are locked. tvp may be NULL. Now that dp and xp 968 * is setup we can use the 'bad' target if we unlock fvp. We cannot 969 * use the abortit target anymore because of IN_RENAME. 970 */ 971 dp = VTOI(tdvp); 972 if (tvp) 973 xp = VTOI(tvp); 974 else 975 xp = NULL; 976 977 /* 978 * 1) Bump link count while we're moving stuff 979 * around. If we crash somewhere before 980 * completing our work, the link count 981 * may be wrong, but correctable. 982 */ 983 ip->i_effnlink++; 984 ip->i_nlink++; 985 ip->i_flag |= IN_CHANGE; 986 if (DOINGSOFTDEP(fvp)) 987 softdep_change_linkcnt(ip); 988 if ((error = ffs_update(fvp, !(DOINGSOFTDEP(fvp) | 989 DOINGASYNC(fvp)))) != 0) { 990 vn_unlock(fvp); 991 goto bad; 992 } 993 994 /* 995 * If ".." must be changed (ie the directory gets a new 996 * parent) then the source directory must not be in the 997 * directory heirarchy above the target, as this would 998 * orphan everything below the source directory. Also 999 * the user must have write permission in the source so 1000 * as to be able to change "..". We must repeat the call 1001 * to namei, as the parent directory is unlocked by the 1002 * call to checkpath(). 1003 */ 1004 error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred); 1005 vn_unlock(fvp); 1006 1007 /* 1008 * We are now back to where we were in that fvp, fdvp are unlocked 1009 * and tvp, tdvp are locked. tvp may be NULL. IN_RENAME may be 1010 * set. Only the bad target or, if we clean up tvp and tdvp, the 1011 * out target, may be used. 1012 */ 1013 if (oldparent != dp->i_number) 1014 newparent = dp->i_number; 1015 if (doingdirectory && newparent) { 1016 if (error) /* write access check above */ 1017 goto bad; 1018 1019 /* 1020 * Once we start messing with tvp and tdvp we cannot use the 1021 * 'bad' target, only finish cleaning tdvp and tvp up and 1022 * use the 'out' target. 1023 * 1024 * This cleans up tvp. 1025 */ 1026 if (xp != NULL) { 1027 vput(tvp); 1028 xp = NULL; 1029 } 1030 1031 /* 1032 * This is a real mess. ufs_checkpath vput's the target 1033 * directory so retain an extra ref and note that tdvp will 1034 * lose its lock on return. This leaves us with one good 1035 * ref after ufs_checkpath returns. 1036 */ 1037 vref(tdvp); 1038 error = ufs_checkpath(ip, dp, tcnp->cn_cred); 1039 tcnp->cn_flags |= CNP_PDIRUNLOCK; 1040 if (error) { 1041 vrele(tdvp); 1042 goto out; 1043 } 1044 1045 /* 1046 * relookup no longer messes with tdvp's refs. tdvp must be 1047 * unlocked on entry and will be locked on a successful 1048 * return. 1049 */ 1050 error = relookup(tdvp, &tvp, tcnp); 1051 if (error) { 1052 if (tcnp->cn_flags & CNP_PDIRUNLOCK) 1053 vrele(tdvp); 1054 else 1055 vput(tdvp); 1056 goto out; 1057 } 1058 KKASSERT((tcnp->cn_flags & CNP_PDIRUNLOCK) == 0); 1059 dp = VTOI(tdvp); 1060 if (tvp) 1061 xp = VTOI(tvp); 1062 } 1063 1064 /* 1065 * We are back to fvp, fdvp unlocked, tvp, tdvp locked. tvp may 1066 * be NULL (xp will also be NULL in that case), and IN_RENAME will 1067 * be set if doingdirectory. This means we can use the 'bad' target 1068 * again. 1069 */ 1070 1071 /* 1072 * 2) If target doesn't exist, link the target 1073 * to the source and unlink the source. 1074 * Otherwise, rewrite the target directory 1075 * entry to reference the source inode and 1076 * expunge the original entry's existence. 1077 */ 1078 if (xp == NULL) { 1079 if (dp->i_dev != ip->i_dev) 1080 panic("ufs_rename: EXDEV"); 1081 /* 1082 * Account for ".." in new directory. 1083 * When source and destination have the same 1084 * parent we don't fool with the link count. 1085 */ 1086 if (doingdirectory && newparent) { 1087 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1088 error = EMLINK; 1089 goto bad; 1090 } 1091 dp->i_effnlink++; 1092 dp->i_nlink++; 1093 dp->i_flag |= IN_CHANGE; 1094 if (DOINGSOFTDEP(tdvp)) 1095 softdep_change_linkcnt(dp); 1096 error = ffs_update(tdvp, !(DOINGSOFTDEP(tdvp) | 1097 DOINGASYNC(tdvp))); 1098 if (error) 1099 goto bad; 1100 } 1101 ufs_makedirentry(ip, tcnp, &newdir); 1102 error = ufs_direnter(tdvp, NULL, &newdir, tcnp, NULL); 1103 if (error) { 1104 if (doingdirectory && newparent) { 1105 dp->i_effnlink--; 1106 dp->i_nlink--; 1107 dp->i_flag |= IN_CHANGE; 1108 if (DOINGSOFTDEP(tdvp)) 1109 softdep_change_linkcnt(dp); 1110 (void)ffs_update(tdvp, 1); 1111 } 1112 goto bad; 1113 } 1114 VN_KNOTE(tdvp, NOTE_WRITE); 1115 vput(tdvp); 1116 } else { 1117 if (xp->i_dev != dp->i_dev || xp->i_dev != ip->i_dev) 1118 panic("ufs_rename: EXDEV"); 1119 /* 1120 * Short circuit rename(foo, foo). 1121 */ 1122 if (xp->i_number == ip->i_number) 1123 panic("ufs_rename: same file"); 1124 /* 1125 * If the parent directory is "sticky", then the user must 1126 * own the parent directory, or the destination of the rename, 1127 * otherwise the destination may not be changed (except by 1128 * root). This implements append-only directories. 1129 */ 1130 if ((dp->i_mode & S_ISTXT) && tcnp->cn_cred->cr_uid != 0 && 1131 tcnp->cn_cred->cr_uid != dp->i_uid && 1132 xp->i_uid != tcnp->cn_cred->cr_uid) { 1133 error = EPERM; 1134 goto bad; 1135 } 1136 /* 1137 * Target must be empty if a directory and have no links 1138 * to it. Also, ensure source and target are compatible 1139 * (both directories, or both not directories). 1140 * 1141 * Purge the file or directory being replaced from the 1142 * nameccache. 1143 */ 1144 if ((xp->i_mode&IFMT) == IFDIR) { 1145 if ((xp->i_effnlink > 2) || 1146 !ufs_dirempty(xp, dp->i_number, tcnp->cn_cred)) { 1147 error = ENOTEMPTY; 1148 goto bad; 1149 } 1150 if (!doingdirectory) { 1151 error = ENOTDIR; 1152 goto bad; 1153 } 1154 /* cache_purge removed - handled by VFS compat layer */ 1155 } else if (doingdirectory == 0) { 1156 /* cache_purge removed - handled by VFS compat layer */ 1157 } else { 1158 error = EISDIR; 1159 goto bad; 1160 } 1161 /* 1162 * note: inode passed to ufs_dirrewrite() is 0 for a 1163 * non-directory file rename, 1 for a directory rename 1164 * in the same directory, and > 1 for an inode representing 1165 * the new directory. 1166 */ 1167 error = ufs_dirrewrite(dp, xp, ip->i_number, 1168 IFTODT(ip->i_mode), 1169 (doingdirectory && newparent) ? 1170 newparent : (ino_t)doingdirectory); 1171 if (error) 1172 goto bad; 1173 if (doingdirectory) { 1174 if (!newparent) { 1175 dp->i_effnlink--; 1176 if (DOINGSOFTDEP(tdvp)) 1177 softdep_change_linkcnt(dp); 1178 } 1179 xp->i_effnlink--; 1180 if (DOINGSOFTDEP(tvp)) 1181 softdep_change_linkcnt(xp); 1182 } 1183 if (doingdirectory && !DOINGSOFTDEP(tvp)) { 1184 /* 1185 * Truncate inode. The only stuff left in the directory 1186 * is "." and "..". The "." reference is inconsequential 1187 * since we are quashing it. We have removed the "." 1188 * reference and the reference in the parent directory, 1189 * but there may be other hard links. The soft 1190 * dependency code will arrange to do these operations 1191 * after the parent directory entry has been deleted on 1192 * disk, so when running with that code we avoid doing 1193 * them now. 1194 */ 1195 if (!newparent) { 1196 dp->i_nlink--; 1197 dp->i_flag |= IN_CHANGE; 1198 } 1199 xp->i_nlink--; 1200 xp->i_flag |= IN_CHANGE; 1201 ioflag = DOINGASYNC(tvp) ? 0 : IO_SYNC; 1202 error = ffs_truncate(tvp, (off_t)0, ioflag, 1203 tcnp->cn_cred); 1204 if (error) 1205 goto bad; 1206 } 1207 VN_KNOTE(tdvp, NOTE_WRITE); 1208 vput(tdvp); 1209 VN_KNOTE(tvp, NOTE_DELETE); 1210 vput(tvp); 1211 xp = NULL; 1212 } 1213 1214 /* 1215 * tvp and tdvp have been cleaned up. only fvp and fdvp (both 1216 * unlocked) remain. We are about to overwrite fvp but we have to 1217 * keep 'ip' intact so we cannot release the old fvp, which is still 1218 * refd and accessible via ap->a_fvp. 1219 * 1220 * This means we cannot use either 'bad' or 'out' to cleanup any 1221 * more. 1222 */ 1223 1224 /* 1225 * 3) Unlink the source. 1226 */ 1227 fcnp->cn_flags &= ~CNP_MODMASK; 1228 fcnp->cn_flags |= CNP_LOCKPARENT; 1229 error = relookup(fdvp, &fvp, fcnp); 1230 if (error || fvp == NULL) { 1231 /* 1232 * From name has disappeared. IN_RENAME will not be set if 1233 * we get past the panic so we don't have to clean it up. 1234 */ 1235 if (doingdirectory) 1236 panic("ufs_rename: lost dir entry"); 1237 vrele(ap->a_fvp); 1238 if (fcnp->cn_flags & CNP_PDIRUNLOCK) 1239 vrele(fdvp); 1240 else 1241 vput(fdvp); 1242 return(0); 1243 } 1244 KKASSERT((fcnp->cn_flags & CNP_PDIRUNLOCK) == 0); 1245 1246 /* 1247 * fdvp and fvp are locked. 1248 */ 1249 xp = VTOI(fvp); 1250 dp = VTOI(fdvp); 1251 1252 /* 1253 * Ensure that the directory entry still exists and has not 1254 * changed while the new name has been entered. If the source is 1255 * a file then the entry may have been unlinked or renamed. In 1256 * either case there is no further work to be done. If the source 1257 * is a directory then it cannot have been rmdir'ed; the IN_RENAME 1258 * flag ensures that it cannot be moved by another rename or removed 1259 * by a rmdir. Cleanup IN_RENAME. 1260 */ 1261 if (xp != ip) { 1262 if (doingdirectory) 1263 panic("ufs_rename: lost dir entry"); 1264 } else { 1265 /* 1266 * If the source is a directory with a 1267 * new parent, the link count of the old 1268 * parent directory must be decremented 1269 * and ".." set to point to the new parent. 1270 */ 1271 if (doingdirectory && newparent) { 1272 xp->i_offset = mastertemplate.dot_reclen; 1273 ufs_dirrewrite(xp, dp, newparent, DT_DIR, 0); 1274 /* cache_purge removed - handled by VFS compat layer */ 1275 } 1276 error = ufs_dirremove(fdvp, xp, fcnp->cn_flags, 0); 1277 xp->i_flag &= ~IN_RENAME; 1278 } 1279 1280 VN_KNOTE(fvp, NOTE_RENAME); 1281 vput(fdvp); 1282 vput(fvp); 1283 vrele(ap->a_fvp); 1284 return (error); 1285 1286 bad: 1287 if (xp) 1288 vput(ITOV(xp)); 1289 vput(ITOV(dp)); 1290 out: 1291 if (doingdirectory) 1292 ip->i_flag &= ~IN_RENAME; 1293 if (vn_lock(fvp, LK_EXCLUSIVE) == 0) { 1294 ip->i_effnlink--; 1295 ip->i_nlink--; 1296 ip->i_flag |= IN_CHANGE; 1297 ip->i_flag &= ~IN_RENAME; 1298 if (DOINGSOFTDEP(fvp)) 1299 softdep_change_linkcnt(ip); 1300 vput(fvp); 1301 } else { 1302 vrele(fvp); 1303 } 1304 return (error); 1305 } 1306 1307 /* 1308 * Mkdir system call 1309 * 1310 * ufs_mkdir(struct vnode *a_dvp, struct vnode **a_vpp, 1311 * struct componentname *a_cnp, struct vattr *a_vap) 1312 */ 1313 static 1314 int 1315 ufs_mkdir(struct vop_old_mkdir_args *ap) 1316 { 1317 struct vnode *dvp = ap->a_dvp; 1318 struct vattr *vap = ap->a_vap; 1319 struct componentname *cnp = ap->a_cnp; 1320 struct inode *ip, *dp; 1321 struct vnode *tvp; 1322 struct buf *bp; 1323 struct dirtemplate dirtemplate, *dtp; 1324 struct direct newdir; 1325 int error, dmode; 1326 long blkoff; 1327 1328 dp = VTOI(dvp); 1329 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1330 error = EMLINK; 1331 goto out; 1332 } 1333 dmode = vap->va_mode & 0777; 1334 dmode |= IFDIR; 1335 /* 1336 * Must simulate part of ufs_makeinode here to acquire the inode, 1337 * but not have it entered in the parent directory. The entry is 1338 * made later after writing "." and ".." entries. 1339 */ 1340 error = ffs_valloc(dvp, dmode, cnp->cn_cred, &tvp); 1341 if (error) 1342 goto out; 1343 ip = VTOI(tvp); 1344 ip->i_gid = dp->i_gid; 1345 #ifdef SUIDDIR 1346 { 1347 #ifdef QUOTA 1348 struct ucred ucred, *ucp; 1349 ucp = cnp->cn_cred; 1350 #endif 1351 /* 1352 * If we are hacking owners here, (only do this where told to) 1353 * and we are not giving it TO root, (would subvert quotas) 1354 * then go ahead and give it to the other user. 1355 * The new directory also inherits the SUID bit. 1356 * If user's UID and dir UID are the same, 1357 * 'give it away' so that the SUID is still forced on. 1358 */ 1359 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 1360 (dp->i_mode & ISUID) && dp->i_uid) { 1361 dmode |= ISUID; 1362 ip->i_uid = dp->i_uid; 1363 #ifdef QUOTA 1364 if (dp->i_uid != cnp->cn_cred->cr_uid) { 1365 /* 1366 * Make sure the correct user gets charged 1367 * for the space. 1368 * Make a dummy credential for the victim. 1369 * XXX This seems to never be accessed out of 1370 * our context so a stack variable is ok. 1371 */ 1372 ucred.cr_ref = 1; 1373 ucred.cr_uid = ip->i_uid; 1374 ucred.cr_ngroups = 1; 1375 ucred.cr_groups[0] = dp->i_gid; 1376 ucp = &ucred; 1377 } 1378 #endif 1379 } else 1380 ip->i_uid = cnp->cn_cred->cr_uid; 1381 #ifdef QUOTA 1382 if ((error = ufs_getinoquota(ip)) || 1383 (error = ufs_chkiq(ip, 1, ucp, 0))) { 1384 ffs_vfree(tvp, ip->i_number, dmode); 1385 vput(tvp); 1386 return (error); 1387 } 1388 #endif 1389 } 1390 #else /* !SUIDDIR */ 1391 ip->i_uid = cnp->cn_cred->cr_uid; 1392 #ifdef QUOTA 1393 if ((error = ufs_getinoquota(ip)) || 1394 (error = ufs_chkiq(ip, 1, cnp->cn_cred, 0))) { 1395 ffs_vfree(tvp, ip->i_number, dmode); 1396 vput(tvp); 1397 return (error); 1398 } 1399 #endif 1400 #endif /* !SUIDDIR */ 1401 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 1402 ip->i_mode = dmode; 1403 tvp->v_type = VDIR; /* Rest init'd in getnewvnode(). */ 1404 ip->i_effnlink = 2; 1405 ip->i_nlink = 2; 1406 if (DOINGSOFTDEP(tvp)) 1407 softdep_change_linkcnt(ip); 1408 if (cnp->cn_flags & CNP_ISWHITEOUT) 1409 ip->i_flags |= UF_OPAQUE; 1410 1411 /* 1412 * Bump link count in parent directory to reflect work done below. 1413 * Should be done before reference is created so cleanup is 1414 * possible if we crash. 1415 */ 1416 dp->i_effnlink++; 1417 dp->i_nlink++; 1418 dp->i_flag |= IN_CHANGE; 1419 if (DOINGSOFTDEP(dvp)) 1420 softdep_change_linkcnt(dp); 1421 error = ffs_update(tvp, !(DOINGSOFTDEP(dvp) | DOINGASYNC(dvp))); 1422 if (error) 1423 goto bad; 1424 1425 /* 1426 * The vnode must have a VM object in order to issue buffer cache 1427 * ops on it. 1428 */ 1429 vinitvmio(tvp, DIRBLKSIZ); 1430 1431 /* 1432 * Initialize directory with "." and ".." from static template. 1433 */ 1434 if (dvp->v_mount->mnt_maxsymlinklen > 0) 1435 dtp = &mastertemplate; 1436 else 1437 dtp = (struct dirtemplate *)&omastertemplate; 1438 dirtemplate = *dtp; 1439 dirtemplate.dot_ino = ip->i_number; 1440 dirtemplate.dotdot_ino = dp->i_number; 1441 vnode_pager_setsize(tvp, DIRBLKSIZ); 1442 error = VOP_BALLOC(tvp, 0LL, DIRBLKSIZ, cnp->cn_cred, B_CLRBUF, &bp); 1443 if (error) 1444 goto bad; 1445 ip->i_size = DIRBLKSIZ; 1446 ip->i_flag |= IN_CHANGE | IN_UPDATE; 1447 bcopy((caddr_t)&dirtemplate, (caddr_t)bp->b_data, sizeof dirtemplate); 1448 if (DOINGSOFTDEP(tvp)) { 1449 /* 1450 * Ensure that the entire newly allocated block is a 1451 * valid directory so that future growth within the 1452 * block does not have to ensure that the block is 1453 * written before the inode. 1454 */ 1455 blkoff = DIRBLKSIZ; 1456 while (blkoff < bp->b_bcount) { 1457 ((struct direct *) 1458 (bp->b_data + blkoff))->d_reclen = DIRBLKSIZ; 1459 blkoff += DIRBLKSIZ; 1460 } 1461 } 1462 if ((error = ffs_update(tvp, !(DOINGSOFTDEP(tvp) | 1463 DOINGASYNC(tvp)))) != 0) { 1464 bwrite(bp); 1465 goto bad; 1466 } 1467 /* 1468 * Directory set up, now install its entry in the parent directory. 1469 * 1470 * If we are not doing soft dependencies, then we must write out the 1471 * buffer containing the new directory body before entering the new 1472 * name in the parent. If we are doing soft dependencies, then the 1473 * buffer containing the new directory body will be passed to and 1474 * released in the soft dependency code after the code has attached 1475 * an appropriate ordering dependency to the buffer which ensures that 1476 * the buffer is written before the new name is written in the parent. 1477 */ 1478 if (DOINGASYNC(dvp)) 1479 bdwrite(bp); 1480 else if (!DOINGSOFTDEP(dvp) && (error = bwrite(bp)) != 0) 1481 goto bad; 1482 ufs_makedirentry(ip, cnp, &newdir); 1483 error = ufs_direnter(dvp, tvp, &newdir, cnp, bp); 1484 1485 bad: 1486 if (error == 0) { 1487 VN_KNOTE(dvp, NOTE_WRITE | NOTE_LINK); 1488 *ap->a_vpp = tvp; 1489 } else { 1490 dp->i_effnlink--; 1491 dp->i_nlink--; 1492 dp->i_flag |= IN_CHANGE; 1493 if (DOINGSOFTDEP(dvp)) 1494 softdep_change_linkcnt(dp); 1495 /* 1496 * No need to do an explicit VOP_TRUNCATE here, vrele will 1497 * do this for us because we set the link count to 0. 1498 */ 1499 ip->i_effnlink = 0; 1500 ip->i_nlink = 0; 1501 ip->i_flag |= IN_CHANGE; 1502 if (DOINGSOFTDEP(tvp)) 1503 softdep_change_linkcnt(ip); 1504 vput(tvp); 1505 } 1506 out: 1507 return (error); 1508 } 1509 1510 /* 1511 * Rmdir system call. 1512 * 1513 * ufs_rmdir(struct vnode *a_dvp, struct vnode *a_vp, 1514 * struct componentname *a_cnp) 1515 */ 1516 static 1517 int 1518 ufs_rmdir(struct vop_old_rmdir_args *ap) 1519 { 1520 struct vnode *vp = ap->a_vp; 1521 struct vnode *dvp = ap->a_dvp; 1522 struct componentname *cnp = ap->a_cnp; 1523 struct inode *ip, *dp; 1524 int error, ioflag; 1525 1526 ip = VTOI(vp); 1527 dp = VTOI(dvp); 1528 1529 /* 1530 * Do not remove a directory that is in the process of being renamed. 1531 * Verify the directory is empty (and valid). Rmdir ".." will not be 1532 * valid since ".." will contain a reference to the current directory 1533 * and thus be non-empty. Do not allow the removal of mounted on 1534 * directories (this can happen when an NFS exported filesystem 1535 * tries to remove a locally mounted on directory). 1536 */ 1537 error = 0; 1538 if (ip->i_flag & IN_RENAME) { 1539 error = EINVAL; 1540 goto out; 1541 } 1542 if (ip->i_effnlink != 2 || 1543 !ufs_dirempty(ip, dp->i_number, cnp->cn_cred)) { 1544 error = ENOTEMPTY; 1545 goto out; 1546 } 1547 if ((dp->i_flags & APPEND) 1548 || (ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))) { 1549 error = EPERM; 1550 goto out; 1551 } 1552 /* 1553 * Delete reference to directory before purging 1554 * inode. If we crash in between, the directory 1555 * will be reattached to lost+found, 1556 */ 1557 dp->i_effnlink--; 1558 ip->i_effnlink--; 1559 if (DOINGSOFTDEP(vp)) { 1560 softdep_change_linkcnt(dp); 1561 softdep_change_linkcnt(ip); 1562 } 1563 error = ufs_dirremove(dvp, ip, cnp->cn_flags, 1); 1564 if (error) { 1565 dp->i_effnlink++; 1566 ip->i_effnlink++; 1567 if (DOINGSOFTDEP(vp)) { 1568 softdep_change_linkcnt(dp); 1569 softdep_change_linkcnt(ip); 1570 } 1571 goto out; 1572 } 1573 VN_KNOTE(dvp, NOTE_WRITE | NOTE_LINK); 1574 /* 1575 * Truncate inode. The only stuff left in the directory is "." and 1576 * "..". The "." reference is inconsequential since we are quashing 1577 * it. The soft dependency code will arrange to do these operations 1578 * after the parent directory entry has been deleted on disk, so 1579 * when running with that code we avoid doing them now. 1580 */ 1581 if (!DOINGSOFTDEP(vp)) { 1582 dp->i_nlink--; 1583 dp->i_flag |= IN_CHANGE; 1584 ip->i_nlink--; 1585 ip->i_flag |= IN_CHANGE; 1586 ioflag = DOINGASYNC(vp) ? 0 : IO_SYNC; 1587 error = ffs_truncate(vp, (off_t)0, ioflag, cnp->cn_cred); 1588 } 1589 /* cache_purge removed - handled by VFS compat layer */ 1590 #ifdef UFS_DIRHASH 1591 /* Kill any active hash; i_effnlink == 0, so it will not come back. */ 1592 if (ip->i_dirhash != NULL) 1593 ufsdirhash_free(ip); 1594 #endif 1595 out: 1596 VN_KNOTE(vp, NOTE_DELETE); 1597 return (error); 1598 } 1599 1600 /* 1601 * symlink -- make a symbolic link 1602 * 1603 * ufs_symlink(struct vnode *a_dvp, struct vnode **a_vpp, 1604 * struct componentname *a_cnp, struct vattr *a_vap, 1605 * char *a_target) 1606 */ 1607 static 1608 int 1609 ufs_symlink(struct vop_old_symlink_args *ap) 1610 { 1611 struct vnode *vp, **vpp = ap->a_vpp; 1612 struct inode *ip; 1613 int len, error; 1614 1615 error = ufs_makeinode(IFLNK | ap->a_vap->va_mode, ap->a_dvp, 1616 vpp, ap->a_cnp); 1617 if (error) 1618 return (error); 1619 VN_KNOTE(ap->a_dvp, NOTE_WRITE); 1620 vp = *vpp; 1621 len = strlen(ap->a_target); 1622 if (len < vp->v_mount->mnt_maxsymlinklen) { 1623 ip = VTOI(vp); 1624 bcopy(ap->a_target, (char *)ip->i_shortlink, len); 1625 ip->i_size = len; 1626 ip->i_flag |= IN_CHANGE | IN_UPDATE; 1627 } else { 1628 /* 1629 * Make sure we have a VM object in order to use 1630 * the buffer cache. 1631 */ 1632 if (vp->v_object == NULL) 1633 vinitvmio(vp, 0); 1634 error = vn_rdwr(UIO_WRITE, vp, ap->a_target, len, (off_t)0, 1635 UIO_SYSSPACE, IO_NODELOCKED, 1636 ap->a_cnp->cn_cred, NULL); 1637 } 1638 if (error) 1639 vput(vp); 1640 return (error); 1641 } 1642 1643 /* 1644 * Vnode op for reading directories. 1645 * 1646 * ufs_readdir(struct vnode *a_vp, struct uio *a_uio, struct ucred *a_cred, 1647 * int *a_eofflag, int *ncookies, u_long **a_cookies) 1648 */ 1649 static 1650 int 1651 ufs_readdir(struct vop_readdir_args *ap) 1652 { 1653 struct uio *uio = ap->a_uio; 1654 struct vnode *vp = ap->a_vp; 1655 struct direct *dp; 1656 struct buf *bp; 1657 int retval; 1658 int error; 1659 int offset; /* offset into buffer cache buffer */ 1660 int eoffset; /* end of buffer clipped to file EOF */ 1661 int pickup; /* pickup point */ 1662 int ncookies; 1663 int cookie_index; 1664 u_long *cookies; 1665 1666 if (uio->uio_offset < 0) 1667 return (EINVAL); 1668 /* 1669 * Guess the number of cookies needed. Make sure we compute at 1670 * least 1, and no more then a reasonable limit. 1671 */ 1672 if (ap->a_ncookies) { 1673 ncookies = uio->uio_resid / 16 + 1; 1674 if (ncookies > 1024) 1675 ncookies = 1024; 1676 cookies = kmalloc(ncookies * sizeof(u_long), M_TEMP, M_WAITOK); 1677 } else { 1678 ncookies = -1; /* force conditionals below */ 1679 cookies = NULL; 1680 } 1681 cookie_index = 0; 1682 1683 if ((error = vn_lock(vp, LK_EXCLUSIVE | LK_RETRY)) != 0) 1684 return (error); 1685 1686 /* 1687 * Past or at EOF 1688 */ 1689 if (uio->uio_offset >= VTOI(vp)->i_size) { 1690 if (ap->a_eofflag) 1691 *ap->a_eofflag = 1; 1692 if (ap->a_ncookies) { 1693 *ap->a_ncookies = cookie_index; 1694 *ap->a_cookies = cookies; 1695 } 1696 goto done; 1697 } 1698 1699 /* 1700 * Loop until we run out of cookies, we run out of user buffer, 1701 * or we hit the directory EOF. 1702 * 1703 * Always start scans at the beginning of the buffer, don't trust 1704 * the offset supplied by userland. 1705 */ 1706 while ((error = ffs_blkatoff_ra(vp, uio->uio_offset, NULL, &bp, 2)) == 0) { 1707 pickup = (int)(uio->uio_offset - bp->b_loffset); 1708 offset = 0; 1709 retval = 0; 1710 if (bp->b_loffset + bp->b_bcount > VTOI(vp)->i_size) 1711 eoffset = (int)(VTOI(vp)->i_size - bp->b_loffset); 1712 else 1713 eoffset = bp->b_bcount; 1714 1715 while (offset < eoffset) { 1716 dp = (struct direct *)(bp->b_data + offset); 1717 if (dp->d_reclen <= 0 || (dp->d_reclen & 3) || 1718 offset + dp->d_reclen > bp->b_bcount) { 1719 error = EIO; 1720 break; 1721 } 1722 if (offsetof(struct direct, d_name[dp->d_namlen]) > dp->d_reclen) { 1723 error = EIO; 1724 break; 1725 } 1726 if (offset < pickup) { 1727 offset += dp->d_reclen; 1728 continue; 1729 } 1730 #if BYTE_ORDER == LITTLE_ENDIAN 1731 if (OFSFMT(vp)) { 1732 retval = vop_write_dirent(&error, uio, 1733 dp->d_ino, dp->d_namlen, dp->d_type, 1734 dp->d_name); 1735 } else 1736 #endif 1737 { 1738 retval = vop_write_dirent(&error, uio, 1739 dp->d_ino, dp->d_type, dp->d_namlen, 1740 dp->d_name); 1741 } 1742 if (retval) 1743 break; 1744 if (cookies) { 1745 cookies[cookie_index] = 1746 (u_long)bp->b_loffset + offset; 1747 } 1748 ++cookie_index; 1749 offset += dp->d_reclen; 1750 if (cookie_index == ncookies) 1751 break; 1752 } 1753 1754 /* 1755 * This will align the next loop to the beginning of the 1756 * next block, and pickup will calculate to 0. 1757 */ 1758 uio->uio_offset = bp->b_loffset + offset; 1759 brelse(bp); 1760 1761 if (retval || error || cookie_index == ncookies || 1762 uio->uio_offset >= VTOI(vp)->i_size) { 1763 break; 1764 } 1765 } 1766 if (ap->a_eofflag) 1767 *ap->a_eofflag = VTOI(vp)->i_size <= uio->uio_offset; 1768 1769 /* 1770 * Report errors only if we didn't manage to read anything 1771 */ 1772 if (error && cookie_index == 0) { 1773 if (cookies) { 1774 kfree(cookies, M_TEMP); 1775 *ap->a_ncookies = 0; 1776 *ap->a_cookies = NULL; 1777 } 1778 } else { 1779 error = 0; 1780 if (cookies) { 1781 *ap->a_ncookies = cookie_index; 1782 *ap->a_cookies = cookies; 1783 } 1784 } 1785 done: 1786 vn_unlock(vp); 1787 return (error); 1788 } 1789 1790 /* 1791 * Return target name of a symbolic link 1792 * 1793 * ufs_readlink(struct vnode *a_vp, struct uio *a_uio, struct ucred *a_cred) 1794 */ 1795 static 1796 int 1797 ufs_readlink(struct vop_readlink_args *ap) 1798 { 1799 struct vnode *vp = ap->a_vp; 1800 struct inode *ip = VTOI(vp); 1801 int isize; 1802 1803 isize = ip->i_size; 1804 if ((isize < vp->v_mount->mnt_maxsymlinklen) || 1805 (ip->i_din.di_blocks == 0)) { /* XXX - for old fastlink support */ 1806 uiomove((char *)ip->i_shortlink, isize, ap->a_uio); 1807 return (0); 1808 } 1809 1810 /* 1811 * Perform the equivalent of an OPEN on vp so we can issue a 1812 * VOP_READ. 1813 */ 1814 return (VOP_READ(vp, ap->a_uio, 0, ap->a_cred)); 1815 } 1816 1817 /* 1818 * Calculate the logical to physical mapping if not done already, 1819 * then call the device strategy routine. 1820 * 1821 * In order to be able to swap to a file, the VOP_BMAP operation may not 1822 * deadlock on memory. See ufs_bmap() for details. 1823 * 1824 * ufs_strategy(struct vnode *a_vp, struct bio *a_bio) 1825 */ 1826 static 1827 int 1828 ufs_strategy(struct vop_strategy_args *ap) 1829 { 1830 struct bio *bio = ap->a_bio; 1831 struct bio *nbio; 1832 struct buf *bp = bio->bio_buf; 1833 struct vnode *vp = ap->a_vp; 1834 struct inode *ip; 1835 int error; 1836 1837 ip = VTOI(vp); 1838 if (vp->v_type == VBLK || vp->v_type == VCHR) 1839 panic("ufs_strategy: spec"); 1840 nbio = push_bio(bio); 1841 if (nbio->bio_offset == NOOFFSET) { 1842 error = VOP_BMAP(vp, bio->bio_offset, NULL, &nbio->bio_offset, 1843 NULL, NULL); 1844 if (error) { 1845 bp->b_error = error; 1846 bp->b_flags |= B_ERROR; 1847 /* I/O was never started on nbio, must biodone(bio) */ 1848 biodone(bio); 1849 return (error); 1850 } 1851 if (nbio->bio_offset == NOOFFSET) 1852 vfs_bio_clrbuf(bp); 1853 } 1854 if (nbio->bio_offset == NOOFFSET) { 1855 /* 1856 * We hit a hole in the file. The buffer has been zero-filled 1857 * so just biodone() it. 1858 */ 1859 biodone(bio); 1860 } else { 1861 vn_strategy(ip->i_devvp, nbio); 1862 } 1863 return (0); 1864 } 1865 1866 /* 1867 * Print out the contents of an inode. 1868 * 1869 * ufs_print(struct vnode *a_vp) 1870 */ 1871 static 1872 int 1873 ufs_print(struct vop_print_args *ap) 1874 { 1875 struct vnode *vp = ap->a_vp; 1876 struct inode *ip = VTOI(vp); 1877 1878 kprintf("tag VT_UFS, ino %lu, on dev %s (%d, %d)", 1879 (u_long)ip->i_number, devtoname(ip->i_dev), major(ip->i_dev), 1880 minor(ip->i_dev)); 1881 if (vp->v_type == VFIFO) 1882 fifo_printinfo(vp); 1883 lockmgr_printinfo(&vp->v_lock); 1884 kprintf("\n"); 1885 return (0); 1886 } 1887 1888 /* 1889 * Read wrapper for special devices. 1890 * 1891 * ufsspec_read(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1892 * struct ucred *a_cred) 1893 */ 1894 static 1895 int 1896 ufsspec_read(struct vop_read_args *ap) 1897 { 1898 int error, resid; 1899 struct inode *ip; 1900 struct uio *uio; 1901 1902 uio = ap->a_uio; 1903 resid = uio->uio_resid; 1904 error = VOCALL(&spec_vnode_vops, &ap->a_head); 1905 /* 1906 * The inode may have been revoked during the call, so it must not 1907 * be accessed blindly here or in the other wrapper functions. 1908 */ 1909 ip = VTOI(ap->a_vp); 1910 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 1911 ip->i_flag |= IN_ACCESS; 1912 return (error); 1913 } 1914 1915 /* 1916 * Write wrapper for special devices. 1917 * 1918 * ufsspec_write(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1919 * struct ucred *a_cred) 1920 */ 1921 static 1922 int 1923 ufsspec_write(struct vop_write_args *ap) 1924 { 1925 int error, resid; 1926 struct inode *ip; 1927 struct uio *uio; 1928 1929 uio = ap->a_uio; 1930 resid = uio->uio_resid; 1931 error = VOCALL(&spec_vnode_vops, &ap->a_head); 1932 ip = VTOI(ap->a_vp); 1933 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 1934 VTOI(ap->a_vp)->i_flag |= IN_CHANGE | IN_UPDATE; 1935 return (error); 1936 } 1937 1938 /* 1939 * Close wrapper for special devices. 1940 * 1941 * Update the times on the inode then do device close. 1942 * 1943 * ufsspec_close(struct vnode *a_vp, int a_fflag, struct ucred *a_cred, 1944 * struct thread *a_td) 1945 */ 1946 static 1947 int 1948 ufsspec_close(struct vop_close_args *ap) 1949 { 1950 struct vnode *vp = ap->a_vp; 1951 1952 if (vp->v_sysref.refcnt > 1) 1953 ufs_itimes(vp); 1954 return (VOCALL(&spec_vnode_vops, &ap->a_head)); 1955 } 1956 1957 /* 1958 * Read wrapper for fifos. 1959 * 1960 * ufsfifo_read(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1961 * struct ucred *a_cred) 1962 */ 1963 static 1964 int 1965 ufsfifo_read(struct vop_read_args *ap) 1966 { 1967 int error, resid; 1968 struct inode *ip; 1969 struct uio *uio; 1970 1971 uio = ap->a_uio; 1972 resid = uio->uio_resid; 1973 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 1974 ip = VTOI(ap->a_vp); 1975 if ((ap->a_vp->v_mount->mnt_flag & MNT_NOATIME) == 0 && ip != NULL && 1976 (uio->uio_resid != resid || (error == 0 && resid != 0))) 1977 VTOI(ap->a_vp)->i_flag |= IN_ACCESS; 1978 return (error); 1979 } 1980 1981 /* 1982 * Write wrapper for fifos. 1983 * 1984 * ufsfifo_write(struct vnode *a_vp, struct uio *a_uio, int a_ioflag, 1985 * struct ucred *a_cred) 1986 */ 1987 static 1988 int 1989 ufsfifo_write(struct vop_write_args *ap) 1990 { 1991 int error, resid; 1992 struct inode *ip; 1993 struct uio *uio; 1994 1995 uio = ap->a_uio; 1996 resid = uio->uio_resid; 1997 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 1998 ip = VTOI(ap->a_vp); 1999 if (ip != NULL && (uio->uio_resid != resid || (error == 0 && resid != 0))) 2000 VTOI(ap->a_vp)->i_flag |= IN_CHANGE | IN_UPDATE; 2001 return (error); 2002 } 2003 2004 /* 2005 * Close wrapper for fifos. 2006 * 2007 * Update the times on the inode then do device close. 2008 * 2009 * ufsfifo_close(struct vnode *a_vp, int a_fflag, struct ucred *a_cred, 2010 * struct thread *a_td) 2011 */ 2012 static 2013 int 2014 ufsfifo_close(struct vop_close_args *ap) 2015 { 2016 struct vnode *vp = ap->a_vp; 2017 2018 if (vp->v_sysref.refcnt > 1) 2019 ufs_itimes(vp); 2020 return (VOCALL(&fifo_vnode_vops, &ap->a_head)); 2021 } 2022 2023 /* 2024 * Kqfilter wrapper for fifos. 2025 * 2026 * Fall through to ufs kqfilter routines if needed 2027 */ 2028 static 2029 int 2030 ufsfifo_kqfilter(struct vop_kqfilter_args *ap) 2031 { 2032 int error; 2033 2034 error = VOCALL(&fifo_vnode_vops, &ap->a_head); 2035 if (error) 2036 error = ufs_kqfilter(ap); 2037 return (error); 2038 } 2039 2040 /* 2041 * Return POSIX pathconf information applicable to ufs filesystems. 2042 * 2043 * ufs_pathconf(struct vnode *a_vp, int a_name, int *a_retval) 2044 */ 2045 static 2046 int 2047 ufs_pathconf(struct vop_pathconf_args *ap) 2048 { 2049 switch (ap->a_name) { 2050 case _PC_LINK_MAX: 2051 *ap->a_retval = LINK_MAX; 2052 return (0); 2053 case _PC_NAME_MAX: 2054 *ap->a_retval = NAME_MAX; 2055 return (0); 2056 case _PC_PATH_MAX: 2057 *ap->a_retval = PATH_MAX; 2058 return (0); 2059 case _PC_PIPE_BUF: 2060 *ap->a_retval = PIPE_BUF; 2061 return (0); 2062 case _PC_CHOWN_RESTRICTED: 2063 *ap->a_retval = 1; 2064 return (0); 2065 case _PC_NO_TRUNC: 2066 *ap->a_retval = 1; 2067 return (0); 2068 default: 2069 return (EINVAL); 2070 } 2071 /* NOTREACHED */ 2072 } 2073 2074 /* 2075 * Advisory record locking support 2076 * 2077 * ufs_advlock(struct vnode *a_vp, caddr_t a_id, int a_op, struct flock *a_fl, 2078 * int a_flags) 2079 */ 2080 static 2081 int 2082 ufs_advlock(struct vop_advlock_args *ap) 2083 { 2084 struct inode *ip = VTOI(ap->a_vp); 2085 2086 return (lf_advlock(ap, &(ip->i_lockf), ip->i_size)); 2087 } 2088 2089 /* 2090 * Initialize the vnode associated with a new inode, handle aliased 2091 * vnodes. 2092 * 2093 * Make sure directories have their VM object now rather then later, 2094 * saving us from having to check on all the myrid directory VOPs 2095 * that might be executed without a VOP_OPEN being performed. 2096 */ 2097 int 2098 ufs_vinit(struct mount *mntp, struct vnode **vpp) 2099 { 2100 struct inode *ip; 2101 struct vnode *vp; 2102 struct timeval tv; 2103 2104 vp = *vpp; 2105 ip = VTOI(vp); 2106 2107 vp->v_type = IFTOVT(ip->i_mode); 2108 2109 switch(vp->v_type) { 2110 case VCHR: 2111 case VBLK: 2112 vp->v_ops = &mntp->mnt_vn_spec_ops; 2113 addaliasu(vp, umajor(ip->i_rdev), uminor(ip->i_rdev)); 2114 break; 2115 case VFIFO: 2116 vp->v_ops = &mntp->mnt_vn_fifo_ops; 2117 break; 2118 case VDIR: 2119 case VREG: 2120 vinitvmio(vp, ip->i_size); 2121 break; 2122 case VLNK: 2123 if (ip->i_size >= vp->v_mount->mnt_maxsymlinklen) 2124 vinitvmio(vp, ip->i_size); 2125 break; 2126 default: 2127 break; 2128 2129 } 2130 2131 if (ip->i_number == ROOTINO) 2132 vp->v_flag |= VROOT; 2133 /* 2134 * Initialize modrev times 2135 */ 2136 getmicrouptime(&tv); 2137 SETHIGH(ip->i_modrev, tv.tv_sec); 2138 SETLOW(ip->i_modrev, tv.tv_usec * 4294); 2139 *vpp = vp; 2140 return (0); 2141 } 2142 2143 /* 2144 * Allocate a new inode. 2145 */ 2146 static 2147 int 2148 ufs_makeinode(int mode, struct vnode *dvp, struct vnode **vpp, 2149 struct componentname *cnp) 2150 { 2151 struct inode *ip, *pdir; 2152 struct direct newdir; 2153 struct vnode *tvp; 2154 int error; 2155 2156 pdir = VTOI(dvp); 2157 *vpp = NULL; 2158 if ((mode & IFMT) == 0) 2159 mode |= IFREG; 2160 2161 error = ffs_valloc(dvp, mode, cnp->cn_cred, &tvp); 2162 if (error) 2163 return (error); 2164 ip = VTOI(tvp); 2165 ip->i_gid = pdir->i_gid; 2166 #ifdef SUIDDIR 2167 { 2168 #ifdef QUOTA 2169 struct ucred ucred, *ucp; 2170 ucp = cnp->cn_cred; 2171 #endif 2172 /* 2173 * If we are not the owner of the directory, 2174 * and we are hacking owners here, (only do this where told to) 2175 * and we are not giving it TO root, (would subvert quotas) 2176 * then go ahead and give it to the other user. 2177 * Note that this drops off the execute bits for security. 2178 */ 2179 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 2180 (pdir->i_mode & ISUID) && 2181 (pdir->i_uid != cnp->cn_cred->cr_uid) && pdir->i_uid) { 2182 ip->i_uid = pdir->i_uid; 2183 mode &= ~07111; 2184 #ifdef QUOTA 2185 /* 2186 * Make sure the correct user gets charged 2187 * for the space. 2188 * Quickly knock up a dummy credential for the victim. 2189 * XXX This seems to never be accessed out of our 2190 * context so a stack variable is ok. 2191 */ 2192 ucred.cr_ref = 1; 2193 ucred.cr_uid = ip->i_uid; 2194 ucred.cr_ngroups = 1; 2195 ucred.cr_groups[0] = pdir->i_gid; 2196 ucp = &ucred; 2197 #endif 2198 } else 2199 ip->i_uid = cnp->cn_cred->cr_uid; 2200 2201 #ifdef QUOTA 2202 if ((error = ufs_getinoquota(ip)) || 2203 (error = ufs_chkiq(ip, 1, ucp, 0))) { 2204 ffs_vfree(tvp, ip->i_number, mode); 2205 vput(tvp); 2206 return (error); 2207 } 2208 #endif 2209 } 2210 #else /* !SUIDDIR */ 2211 ip->i_uid = cnp->cn_cred->cr_uid; 2212 #ifdef QUOTA 2213 if ((error = ufs_getinoquota(ip)) || 2214 (error = ufs_chkiq(ip, 1, cnp->cn_cred, 0))) { 2215 ffs_vfree(tvp, ip->i_number, mode); 2216 vput(tvp); 2217 return (error); 2218 } 2219 #endif 2220 #endif /* !SUIDDIR */ 2221 ip->i_fsmid = cache_getnewfsmid(); 2222 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 2223 ip->i_mode = mode; 2224 tvp->v_type = IFTOVT(mode); /* Rest init'd in getnewvnode(). */ 2225 ip->i_effnlink = 1; 2226 ip->i_nlink = 1; 2227 if (DOINGSOFTDEP(tvp)) 2228 softdep_change_linkcnt(ip); 2229 if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) && 2230 suser_cred(cnp->cn_cred, 0)) { 2231 ip->i_mode &= ~ISGID; 2232 } 2233 2234 if (cnp->cn_flags & CNP_ISWHITEOUT) 2235 ip->i_flags |= UF_OPAQUE; 2236 2237 /* 2238 * Regular files and directories need VM objects. Softlinks do 2239 * not (not immediately anyway). 2240 */ 2241 if (tvp->v_type == VREG || tvp->v_type == VDIR) 2242 vinitvmio(tvp, 0); 2243 2244 /* 2245 * Make sure inode goes to disk before directory entry. 2246 */ 2247 error = ffs_update(tvp, !(DOINGSOFTDEP(tvp) | DOINGASYNC(tvp))); 2248 if (error) 2249 goto bad; 2250 ufs_makedirentry(ip, cnp, &newdir); 2251 error = ufs_direnter(dvp, tvp, &newdir, cnp, NULL); 2252 if (error) 2253 goto bad; 2254 *vpp = tvp; 2255 return (0); 2256 2257 bad: 2258 /* 2259 * Write error occurred trying to update the inode 2260 * or the directory so must deallocate the inode. 2261 */ 2262 ip->i_effnlink = 0; 2263 ip->i_nlink = 0; 2264 ip->i_flag |= IN_CHANGE; 2265 if (DOINGSOFTDEP(tvp)) 2266 softdep_change_linkcnt(ip); 2267 vput(tvp); 2268 return (error); 2269 } 2270 2271 static int 2272 ufs_missingop(struct vop_generic_args *ap) 2273 { 2274 panic("no vop function for %s in ufs child", ap->a_desc->sd_name); 2275 return (EOPNOTSUPP); 2276 } 2277 2278 static struct filterops ufsread_filtops = 2279 { 1, NULL, filt_ufsdetach, filt_ufsread }; 2280 static struct filterops ufswrite_filtops = 2281 { 1, NULL, filt_ufsdetach, filt_ufswrite }; 2282 static struct filterops ufsvnode_filtops = 2283 { 1, NULL, filt_ufsdetach, filt_ufsvnode }; 2284 2285 /* 2286 * ufs_kqfilter(struct vnode *a_vp, struct knote *a_kn) 2287 */ 2288 static int 2289 ufs_kqfilter(struct vop_kqfilter_args *ap) 2290 { 2291 struct vnode *vp = ap->a_vp; 2292 struct knote *kn = ap->a_kn; 2293 lwkt_tokref ilock; 2294 2295 switch (kn->kn_filter) { 2296 case EVFILT_READ: 2297 kn->kn_fop = &ufsread_filtops; 2298 break; 2299 case EVFILT_WRITE: 2300 kn->kn_fop = &ufswrite_filtops; 2301 break; 2302 case EVFILT_VNODE: 2303 kn->kn_fop = &ufsvnode_filtops; 2304 break; 2305 default: 2306 return (1); 2307 } 2308 2309 kn->kn_hook = (caddr_t)vp; 2310 2311 lwkt_gettoken(&ilock, &vp->v_pollinfo.vpi_token); 2312 SLIST_INSERT_HEAD(&vp->v_pollinfo.vpi_selinfo.si_note, kn, kn_selnext); 2313 lwkt_reltoken(&ilock); 2314 2315 return (0); 2316 } 2317 2318 static void 2319 filt_ufsdetach(struct knote *kn) 2320 { 2321 struct vnode *vp = (struct vnode *)kn->kn_hook; 2322 lwkt_tokref ilock; 2323 2324 lwkt_gettoken(&ilock, &vp->v_pollinfo.vpi_token); 2325 SLIST_REMOVE(&vp->v_pollinfo.vpi_selinfo.si_note, 2326 kn, knote, kn_selnext); 2327 lwkt_reltoken(&ilock); 2328 } 2329 2330 /*ARGSUSED*/ 2331 static int 2332 filt_ufsread(struct knote *kn, long hint) 2333 { 2334 struct vnode *vp = (struct vnode *)kn->kn_hook; 2335 struct inode *ip = VTOI(vp); 2336 2337 /* 2338 * filesystem is gone, so set the EOF flag and schedule 2339 * the knote for deletion. 2340 */ 2341 if (hint == NOTE_REVOKE) { 2342 kn->kn_flags |= (EV_EOF | EV_ONESHOT); 2343 return (1); 2344 } 2345 2346 kn->kn_data = ip->i_size - kn->kn_fp->f_offset; 2347 return (kn->kn_data != 0); 2348 } 2349 2350 /*ARGSUSED*/ 2351 static int 2352 filt_ufswrite(struct knote *kn, long hint) 2353 { 2354 /* 2355 * filesystem is gone, so set the EOF flag and schedule 2356 * the knote for deletion. 2357 */ 2358 if (hint == NOTE_REVOKE) 2359 kn->kn_flags |= (EV_EOF | EV_ONESHOT); 2360 2361 kn->kn_data = 0; 2362 return (1); 2363 } 2364 2365 static int 2366 filt_ufsvnode(struct knote *kn, long hint) 2367 { 2368 if (kn->kn_sfflags & hint) 2369 kn->kn_fflags |= hint; 2370 if (hint == NOTE_REVOKE) { 2371 kn->kn_flags |= EV_EOF; 2372 return (1); 2373 } 2374 return (kn->kn_fflags != 0); 2375 } 2376 2377 /* Global vfs data structures for ufs. */ 2378 static struct vop_ops ufs_vnode_vops = { 2379 .vop_default = vop_defaultop, 2380 .vop_fsync = (void *)ufs_missingop, 2381 .vop_read = (void *)ufs_missingop, 2382 .vop_reallocblks = (void *)ufs_missingop, 2383 .vop_write = (void *)ufs_missingop, 2384 .vop_access = ufs_access, 2385 .vop_advlock = ufs_advlock, 2386 .vop_bmap = ufs_bmap, 2387 .vop_old_lookup = ufs_lookup, 2388 .vop_close = ufs_close, 2389 .vop_old_create = ufs_create, 2390 .vop_getattr = ufs_getattr, 2391 .vop_inactive = ufs_inactive, 2392 .vop_old_link = ufs_link, 2393 .vop_old_mkdir = ufs_mkdir, 2394 .vop_old_mknod = ufs_mknod, 2395 .vop_mmap = ufs_mmap, 2396 .vop_open = ufs_open, 2397 .vop_pathconf = ufs_pathconf, 2398 .vop_poll = vop_stdpoll, 2399 .vop_kqfilter = ufs_kqfilter, 2400 .vop_print = ufs_print, 2401 .vop_readdir = ufs_readdir, 2402 .vop_readlink = ufs_readlink, 2403 .vop_reclaim = ufs_reclaim, 2404 .vop_old_remove = ufs_remove, 2405 .vop_old_rename = ufs_rename, 2406 .vop_old_rmdir = ufs_rmdir, 2407 .vop_setattr = ufs_setattr, 2408 .vop_strategy = ufs_strategy, 2409 .vop_old_symlink = ufs_symlink, 2410 .vop_old_whiteout = ufs_whiteout 2411 }; 2412 2413 static struct vop_ops ufs_spec_vops = { 2414 .vop_default = spec_vnoperate, 2415 .vop_fsync = (void *)ufs_missingop, 2416 .vop_access = ufs_access, 2417 .vop_close = ufsspec_close, 2418 .vop_getattr = ufs_getattr, 2419 .vop_inactive = ufs_inactive, 2420 .vop_print = ufs_print, 2421 .vop_read = ufsspec_read, 2422 .vop_reclaim = ufs_reclaim, 2423 .vop_setattr = ufs_setattr, 2424 .vop_write = ufsspec_write 2425 }; 2426 2427 static struct vop_ops ufs_fifo_vops = { 2428 .vop_default = fifo_vnoperate, 2429 .vop_fsync = (void *)ufs_missingop, 2430 .vop_access = ufs_access, 2431 .vop_close = ufsfifo_close, 2432 .vop_getattr = ufs_getattr, 2433 .vop_inactive = ufs_inactive, 2434 .vop_kqfilter = ufsfifo_kqfilter, 2435 .vop_print = ufs_print, 2436 .vop_read = ufsfifo_read, 2437 .vop_reclaim = ufs_reclaim, 2438 .vop_setattr = ufs_setattr, 2439 .vop_write = ufsfifo_write 2440 }; 2441 2442 VNODEOP_SET(ufs_vnode_vops); 2443 VNODEOP_SET(ufs_spec_vops); 2444 VNODEOP_SET(ufs_fifo_vops); 2445 2446 /* 2447 * ufs_vnoperate() 2448 */ 2449 int 2450 ufs_vnoperate(struct vop_generic_args *ap) 2451 { 2452 return (VOCALL(&ufs_vnode_vops, ap)); 2453 } 2454 2455 /* 2456 * ufs_vnoperatefifo() 2457 */ 2458 int 2459 ufs_vnoperatefifo(struct vop_generic_args *ap) 2460 { 2461 return (VOCALL(&ufs_fifo_vops, ap)); 2462 } 2463 2464 /* 2465 * ufs_vnoperatespec() 2466 */ 2467 int 2468 ufs_vnoperatespec(struct vop_generic_args *ap) 2469 { 2470 return (VOCALL(&ufs_spec_vops, ap)); 2471 } 2472