2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the University of
21 * California, Berkeley and its contributors.
22 * 4. Neither the name of the University nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 * @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94
39 * $FreeBSD: src/sys/kern/vfs_syscalls.c,v 1.151.2.18 2003/04/04 20:35:58 tegge Exp $
40 * $DragonFly: src/sys/kern/vfs_syscalls.c,v 1.60 2005/03/29 00:35:55 drhodus Exp $
43 #include <sys/param.h>
44 #include <sys/systm.h>
47 #include <sys/sysent.h>
48 #include <sys/malloc.h>
49 #include <sys/mount.h>
50 #include <sys/mountctl.h>
51 #include <sys/sysproto.h>
52 #include <sys/filedesc.h>
53 #include <sys/kernel.h>
54 #include <sys/fcntl.h>
56 #include <sys/linker.h>
58 #include <sys/unistd.h>
59 #include <sys/vnode.h>
61 #include <sys/namei.h>
62 #include <sys/nlookup.h>
63 #include <sys/dirent.h>
64 #include <sys/extattr.h>
65 #include <sys/kern_syscall.h>
67 #include <machine/limits.h>
68 #include <vfs/union/union.h>
69 #include <sys/sysctl.h>
71 #include <vm/vm_object.h>
72 #include <vm/vm_zone.h>
73 #include <vm/vm_page.h>
75 #include <sys/file2.h>
77 static int checkvp_chdir (struct vnode *vn, struct thread *td);
78 static void checkdirs (struct vnode *olddp, struct namecache *ncp);
79 static int chroot_refuse_vdir_fds (struct filedesc *fdp);
80 static int chroot_visible_mnt(struct mount *mp, struct proc *p);
81 static int getutimes (const struct timeval *, struct timespec *);
82 static int setfown (struct vnode *, uid_t, gid_t);
83 static int setfmode (struct vnode *, int);
84 static int setfflags (struct vnode *, int);
85 static int setutimes (struct vnode *, const struct timespec *, int);
86 static int usermount = 0; /* if 1, non-root can mount fs. */
88 int (*union_dircheckp) (struct thread *, struct vnode **, struct file *);
90 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, "");
93 * Virtual File System System Calls
97 * Mount a file system.
100 * mount_args(char *type, char *path, int flags, caddr_t data)
104 mount(struct mount_args *uap)
106 struct thread *td = curthread;
107 struct proc *p = td->td_proc;
109 struct namecache *ncp;
111 struct vfsconf *vfsp;
112 int error, flag = 0, flag2 = 0;
114 struct nlookupdata nd;
115 char fstypename[MFSNAMELEN];
117 struct nlcomponent nlc;
120 if (p->p_ucred->cr_prison != NULL)
122 if (usermount == 0 && (error = suser(td)))
125 * Do not allow NFS export by non-root users.
127 if (uap->flags & MNT_EXPORTED) {
133 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users
136 uap->flags |= MNT_NOSUID | MNT_NODEV;
139 * Lookup the requested path and extract the ncp and vnode.
141 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
143 if ((error = nlookup(&nd)) == 0) {
144 if (nd.nl_ncp->nc_vp == NULL)
154 * Extract the locked+refd ncp and cleanup the nd structure
161 * now we have the locked ref'd ncp and unreferenced vnode.
164 if ((error = vget(vp, LK_EXCLUSIVE, td)) != 0) {
171 * Now we have an unlocked ref'd ncp and a locked ref'd vp
173 if (uap->flags & MNT_UPDATE) {
174 if ((vp->v_flag & VROOT) == 0) {
181 flag2 = mp->mnt_kern_flag;
183 * We only allow the filesystem to be reloaded if it
184 * is currently mounted read-only.
186 if ((uap->flags & MNT_RELOAD) &&
187 ((mp->mnt_flag & MNT_RDONLY) == 0)) {
190 return (EOPNOTSUPP); /* Needs translation */
193 * Only root, or the user that did the original mount is
194 * permitted to update it.
196 if (mp->mnt_stat.f_owner != p->p_ucred->cr_uid &&
197 (error = suser(td))) {
202 if (vfs_busy(mp, LK_NOWAIT, NULL, td)) {
207 if ((vp->v_flag & VMOUNT) != 0 ||
208 vp->v_mountedhere != NULL) {
214 vp->v_flag |= VMOUNT;
216 uap->flags & (MNT_RELOAD | MNT_FORCE | MNT_UPDATE);
217 VOP_UNLOCK(vp, 0, td);
221 * If the user is not root, ensure that they own the directory
222 * onto which we are attempting to mount.
224 if ((error = VOP_GETATTR(vp, &va, td)) ||
225 (va.va_uid != p->p_ucred->cr_uid &&
226 (error = suser(td)))) {
231 if ((error = vinvalbuf(vp, V_SAVE, td, 0, 0)) != 0) {
236 if (vp->v_type != VDIR) {
241 if ((error = copyinstr(uap->type, fstypename, MFSNAMELEN, NULL)) != 0) {
246 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) {
247 if (!strcmp(vfsp->vfc_name, fstypename))
253 /* Only load modules for root (very important!) */
254 if ((error = suser(td)) != 0) {
259 error = linker_load_file(fstypename, &lf);
260 if (error || lf == NULL) {
268 /* lookup again, see if the VFS was loaded */
269 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) {
270 if (!strcmp(vfsp->vfc_name, fstypename))
275 linker_file_unload(lf);
281 if ((vp->v_flag & VMOUNT) != 0 ||
282 vp->v_mountedhere != NULL) {
287 vp->v_flag |= VMOUNT;
290 * Allocate and initialize the filesystem.
292 mp = malloc(sizeof(struct mount), M_MOUNT, M_ZERO|M_WAITOK);
293 TAILQ_INIT(&mp->mnt_nvnodelist);
294 TAILQ_INIT(&mp->mnt_reservedvnlist);
295 TAILQ_INIT(&mp->mnt_jlist);
296 mp->mnt_nvnodelistsize = 0;
297 lockinit(&mp->mnt_lock, 0, "vfslock", 0, LK_NOPAUSE);
298 vfs_busy(mp, LK_NOWAIT, NULL, td);
299 mp->mnt_op = vfsp->vfc_vfsops;
301 vfsp->vfc_refcount++;
302 mp->mnt_stat.f_type = vfsp->vfc_typenum;
303 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK;
304 strncpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN);
305 mp->mnt_vnodecovered = vp;
306 mp->mnt_stat.f_owner = p->p_ucred->cr_uid;
307 mp->mnt_iosize_max = DFLTPHYS;
308 VOP_UNLOCK(vp, 0, td);
311 * Set the mount level flags.
313 if (uap->flags & MNT_RDONLY)
314 mp->mnt_flag |= MNT_RDONLY;
315 else if (mp->mnt_flag & MNT_RDONLY)
316 mp->mnt_kern_flag |= MNTK_WANTRDWR;
317 mp->mnt_flag &=~ (MNT_NOSUID | MNT_NOEXEC | MNT_NODEV |
318 MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC | MNT_NOATIME |
319 MNT_NOSYMFOLLOW | MNT_IGNORE |
320 MNT_NOCLUSTERR | MNT_NOCLUSTERW | MNT_SUIDDIR);
321 mp->mnt_flag |= uap->flags & (MNT_NOSUID | MNT_NOEXEC |
322 MNT_NODEV | MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC | MNT_FORCE |
323 MNT_NOSYMFOLLOW | MNT_IGNORE |
324 MNT_NOATIME | MNT_NOCLUSTERR | MNT_NOCLUSTERW | MNT_SUIDDIR);
326 * Mount the filesystem.
327 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they
330 error = VFS_MOUNT(mp, uap->path, uap->data, td);
331 if (mp->mnt_flag & MNT_UPDATE) {
332 if (mp->mnt_kern_flag & MNTK_WANTRDWR)
333 mp->mnt_flag &= ~MNT_RDONLY;
334 mp->mnt_flag &=~ (MNT_UPDATE | MNT_RELOAD | MNT_FORCE);
335 mp->mnt_kern_flag &=~ MNTK_WANTRDWR;
338 mp->mnt_kern_flag = flag2;
341 vp->v_flag &= ~VMOUNT;
346 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
348 * Put the new filesystem on the mount list after root. The mount
349 * point gets its own mnt_ncp which is a special ncp linking the
350 * vnode-under to the root of the new mount. The lookup code
351 * detects the mount point going forward and detects the special
352 * mnt_ncp via NCP_MOUNTPT going backwards.
354 * It is not necessary to invalidate or purge the vnode underneath
355 * because elements under the mount will be given their own glue
359 nlc.nlc_nameptr = "";
361 mp->mnt_ncp = cache_nlookup(ncp, &nlc);
362 cache_setunresolved(mp->mnt_ncp);
363 mp->mnt_ncp->nc_flag |= NCF_MOUNTPT;
364 mp->mnt_ncp->nc_mount = mp;
366 /* XXX get the root of the fs and cache_setvp(mnt_ncp...) */
367 vp->v_flag &= ~VMOUNT;
368 vp->v_mountedhere = mp;
369 lwkt_gettoken(&ilock, &mountlist_token);
370 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list);
371 lwkt_reltoken(&ilock);
372 checkdirs(vp, mp->mnt_ncp);
373 cache_unlock(mp->mnt_ncp); /* leave ref intact */
374 VOP_UNLOCK(vp, 0, td);
375 error = vfs_allocate_syncvnode(mp);
377 if ((error = VFS_START(mp, 0, td)) != 0)
380 vfs_rm_vnodeops(&mp->mnt_vn_coherency_ops);
381 vfs_rm_vnodeops(&mp->mnt_vn_journal_ops);
382 vfs_rm_vnodeops(&mp->mnt_vn_norm_ops);
383 vfs_rm_vnodeops(&mp->mnt_vn_spec_ops);
384 vfs_rm_vnodeops(&mp->mnt_vn_fifo_ops);
385 vp->v_flag &= ~VMOUNT;
386 mp->mnt_vfc->vfc_refcount--;
396 * Scan all active processes to see if any of them have a current
397 * or root directory onto which the new filesystem has just been
398 * mounted. If so, replace them with the new mount point.
400 * The passed ncp is ref'd and locked (from the mount code) and
401 * must be associated with the vnode representing the root of the
405 checkdirs(struct vnode *olddp, struct namecache *ncp)
407 struct filedesc *fdp;
412 if (olddp->v_usecount == 1)
414 mp = olddp->v_mountedhere;
415 if (VFS_ROOT(mp, &newdp))
416 panic("mount: lost mount");
417 cache_setvp(ncp, newdp);
419 if (rootvnode == olddp) {
421 vfs_cache_setroot(newdp, cache_hold(ncp));
424 FOREACH_PROC_IN_SYSTEM(p) {
426 if (fdp->fd_cdir == olddp) {
429 fdp->fd_cdir = newdp;
430 cache_drop(fdp->fd_ncdir);
431 fdp->fd_ncdir = cache_hold(ncp);
433 if (fdp->fd_rdir == olddp) {
436 fdp->fd_rdir = newdp;
437 cache_drop(fdp->fd_nrdir);
438 fdp->fd_nrdir = cache_hold(ncp);
445 * Unmount a file system.
447 * Note: unmount takes a path to the vnode mounted on as argument,
448 * not special file (as before).
451 * umount_args(char *path, int flags)
455 unmount(struct unmount_args *uap)
457 struct thread *td = curthread;
458 struct proc *p = td->td_proc;
462 struct nlookupdata nd;
465 if (p->p_ucred->cr_prison != NULL)
467 if (usermount == 0 && (error = suser(td)))
471 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
473 error = nlookup(&nd);
475 error = cache_vget(nd.nl_ncp, nd.nl_cred, LK_EXCLUSIVE, &vp);
483 * Only root, or the user that did the original mount is
484 * permitted to unmount this filesystem.
486 if ((mp->mnt_stat.f_owner != p->p_ucred->cr_uid) &&
487 (error = suser(td))) {
493 * Don't allow unmounting the root file system.
495 if (mp->mnt_flag & MNT_ROOTFS) {
501 * Must be the root of the filesystem
503 if ((vp->v_flag & VROOT) == 0) {
508 return (dounmount(mp, uap->flags, td));
512 * Do the actual file system unmount.
515 dounmount(struct mount *mp, int flags, struct thread *td)
517 struct vnode *coveredvp;
522 lwkt_gettoken(&ilock, &mountlist_token);
523 if (mp->mnt_kern_flag & MNTK_UNMOUNT) {
524 lwkt_reltoken(&ilock);
527 mp->mnt_kern_flag |= MNTK_UNMOUNT;
528 /* Allow filesystems to detect that a forced unmount is in progress. */
529 if (flags & MNT_FORCE)
530 mp->mnt_kern_flag |= MNTK_UNMOUNTF;
531 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK |
532 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), &ilock, td);
534 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF);
535 if (mp->mnt_kern_flag & MNTK_MWAIT)
540 if (mp->mnt_flag & MNT_EXPUBLIC)
541 vfs_setpublicfs(NULL, NULL, NULL);
543 vfs_msync(mp, MNT_WAIT);
544 async_flag = mp->mnt_flag & MNT_ASYNC;
545 mp->mnt_flag &=~ MNT_ASYNC;
546 cache_purgevfs(mp); /* remove cache entries for this file sys */
547 if (mp->mnt_syncer != NULL)
548 vrele(mp->mnt_syncer);
549 if (((mp->mnt_flag & MNT_RDONLY) ||
550 (error = VFS_SYNC(mp, MNT_WAIT, td)) == 0) ||
552 error = VFS_UNMOUNT(mp, flags, td);
553 lwkt_gettokref(&ilock);
555 if (mp->mnt_syncer == NULL)
556 vfs_allocate_syncvnode(mp);
557 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF);
558 mp->mnt_flag |= async_flag;
559 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK | LK_REENABLE,
561 if (mp->mnt_kern_flag & MNTK_MWAIT)
566 * Clean up any journals still associated with the mount after
567 * filesystem activity has ceased.
569 journal_remove_all_journals(mp,
570 ((flags & MNT_FORCE) ? MC_JOURNAL_STOP_IMM : 0));
572 TAILQ_REMOVE(&mountlist, mp, mnt_list);
575 * Remove any installed vnode ops here so the individual VFSs don't
578 vfs_rm_vnodeops(&mp->mnt_vn_coherency_ops);
579 vfs_rm_vnodeops(&mp->mnt_vn_journal_ops);
580 vfs_rm_vnodeops(&mp->mnt_vn_norm_ops);
581 vfs_rm_vnodeops(&mp->mnt_vn_spec_ops);
582 vfs_rm_vnodeops(&mp->mnt_vn_fifo_ops);
584 if ((coveredvp = mp->mnt_vnodecovered) != NULLVP) {
585 coveredvp->v_mountedhere = NULL;
587 cache_drop(mp->mnt_ncp);
590 mp->mnt_vfc->vfc_refcount--;
591 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist))
592 panic("unmount: dangling vnode");
593 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, &ilock, td);
594 if (mp->mnt_kern_flag & MNTK_MWAIT)
601 * Sync each mounted filesystem.
605 static int syncprt = 0;
606 SYSCTL_INT(_debug, OID_AUTO, syncprt, CTLFLAG_RW, &syncprt, 0, "");
611 sync(struct sync_args *uap)
613 struct thread *td = curthread;
614 struct mount *mp, *nmp;
618 lwkt_gettoken(&ilock, &mountlist_token);
619 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
620 if (vfs_busy(mp, LK_NOWAIT, &ilock, td)) {
621 nmp = TAILQ_NEXT(mp, mnt_list);
624 if ((mp->mnt_flag & MNT_RDONLY) == 0) {
625 asyncflag = mp->mnt_flag & MNT_ASYNC;
626 mp->mnt_flag &= ~MNT_ASYNC;
627 vfs_msync(mp, MNT_NOWAIT);
628 VFS_SYNC(mp, MNT_NOWAIT, td);
629 mp->mnt_flag |= asyncflag;
631 lwkt_gettokref(&ilock);
632 nmp = TAILQ_NEXT(mp, mnt_list);
635 lwkt_reltoken(&ilock);
637 * print out buffer pool stat information on each sync() call.
646 /* XXX PRISON: could be per prison flag */
647 static int prison_quotas;
649 SYSCTL_INT(_kern_prison, OID_AUTO, quotas, CTLFLAG_RW, &prison_quotas, 0, "");
653 * quotactl_args(char *path, int fcmd, int uid, caddr_t arg)
655 * Change filesystem quotas.
659 quotactl(struct quotactl_args *uap)
661 struct nlookupdata nd;
669 if (p->p_ucred->cr_prison && !prison_quotas)
672 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
674 error = nlookup(&nd);
676 mp = nd.nl_ncp->nc_mount;
677 error = VFS_QUOTACTL(mp, uap->cmd, uap->uid,
685 * mountctl(char *path, int op, int fd, const void *ctl, int ctllen,
686 * void *buf, int buflen)
688 * This function operates on a mount point and executes the specified
689 * operation using the specified control data, and possibly returns data.
691 * The actual number of bytes stored in the result buffer is returned, 0
692 * if none, otherwise an error is returned.
696 mountctl(struct mountctl_args *uap)
698 struct thread *td = curthread;
699 struct proc *p = td->td_proc;
700 struct filedesc *fdp = p->p_fd;
708 * Sanity and permissions checks. We must be root.
711 if (p->p_ucred->cr_prison != NULL)
713 if ((error = suser(td)) != 0)
717 * Argument length checks
719 if (uap->ctllen < 0 || uap->ctllen > 1024)
721 if (uap->buflen < 0 || uap->buflen > 16 * 1024)
723 if (uap->path == NULL)
727 * Allocate the necessary buffers and copyin data
729 path = zalloc(namei_zone);
730 error = copyinstr(uap->path, path, MAXPATHLEN, NULL);
735 ctl = malloc(uap->ctllen + 1, M_TEMP, M_WAITOK|M_ZERO);
736 error = copyin(uap->ctl, ctl, uap->ctllen);
741 buf = malloc(uap->buflen + 1, M_TEMP, M_WAITOK|M_ZERO);
744 * Validate the descriptor
748 } else if ((u_int)uap->fd >= fdp->fd_nfiles ||
749 (fp = fdp->fd_ofiles[uap->fd]) == NULL) {
757 * Execute the internal kernel function and clean up.
759 error = kern_mountctl(path, uap->op, fp, ctl, uap->ctllen, buf, uap->buflen, &uap->sysmsg_result);
762 if (error == 0 && uap->sysmsg_result > 0)
763 error = copyout(buf, uap->buf, uap->sysmsg_result);
766 zfree(namei_zone, path);
775 * Execute a mount control operation by resolving the path to a mount point
776 * and calling vop_mountctl().
779 kern_mountctl(const char *path, int op, struct file *fp,
780 const void *ctl, int ctllen,
781 void *buf, int buflen, int *res)
785 struct nlookupdata nd;
790 error = nlookup_init(&nd, path, UIO_SYSSPACE, NLC_FOLLOW);
792 error = nlookup(&nd);
794 error = cache_vget(nd.nl_ncp, nd.nl_cred, LK_EXCLUSIVE, &vp);
802 * Must be the root of the filesystem
804 if ((vp->v_flag & VROOT) == 0) {
808 error = vop_mountctl(mp->mnt_vn_use_ops, op, fp, ctl, ctllen,
815 kern_statfs(struct nlookupdata *nd, struct statfs *buf)
817 struct thread *td = curthread;
818 struct proc *p = td->td_proc;
821 char *fullpath, *freepath;
824 if ((error = nlookup(nd)) != 0)
826 mp = nd->nl_ncp->nc_mount;
828 if ((error = VFS_STATFS(mp, sp, td)) != 0)
831 error = cache_fullpath(p, mp->mnt_ncp, &fullpath, &freepath);
834 bzero(sp->f_mntonname, sizeof(sp->f_mntonname));
835 strlcpy(sp->f_mntonname, fullpath, sizeof(sp->f_mntonname));
836 free(freepath, M_TEMP);
838 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
839 bcopy(sp, buf, sizeof(*buf));
840 /* Only root should have access to the fsid's. */
842 buf->f_fsid.val[0] = buf->f_fsid.val[1] = 0;
847 * statfs_args(char *path, struct statfs *buf)
849 * Get filesystem statistics.
852 statfs(struct statfs_args *uap)
854 struct nlookupdata nd;
858 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
860 error = kern_statfs(&nd, &buf);
863 error = copyout(&buf, uap->buf, sizeof(*uap->buf));
868 kern_fstatfs(int fd, struct statfs *buf)
870 struct thread *td = curthread;
871 struct proc *p = td->td_proc;
875 char *fullpath, *freepath;
879 error = getvnode(p->p_fd, fd, &fp);
882 mp = ((struct vnode *)fp->f_data)->v_mount;
886 error = VFS_STATFS(mp, sp, td);
890 error = cache_fullpath(p, mp->mnt_ncp, &fullpath, &freepath);
893 bzero(sp->f_mntonname, sizeof(sp->f_mntonname));
894 strlcpy(sp->f_mntonname, fullpath, sizeof(sp->f_mntonname));
895 free(freepath, M_TEMP);
897 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
898 bcopy(sp, buf, sizeof(*buf));
900 /* Only root should have access to the fsid's. */
902 buf->f_fsid.val[0] = buf->f_fsid.val[1] = 0;
907 * fstatfs_args(int fd, struct statfs *buf)
909 * Get filesystem statistics.
912 fstatfs(struct fstatfs_args *uap)
917 error = kern_fstatfs(uap->fd, &buf);
920 error = copyout(&buf, uap->buf, sizeof(*uap->buf));
925 * getfsstat_args(struct statfs *buf, long bufsize, int flags)
927 * Get statistics on all filesystems.
931 getfsstat(struct getfsstat_args *uap)
933 struct thread *td = curthread;
934 struct proc *p = td->td_proc;
935 struct mount *mp, *nmp;
936 struct statfs *sp, *sfsp;
938 long count, maxcount, error;
940 char *freepath, *fullpath;
942 if (p != NULL && (p->p_fd->fd_nrdir->nc_flag & NCF_ROOT) == 0)
947 maxcount = uap->bufsize / sizeof(struct statfs);
950 lwkt_gettoken(&ilock, &mountlist_token);
951 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
952 if (vfs_busy(mp, LK_NOWAIT, &ilock, td)) {
953 nmp = TAILQ_NEXT(mp, mnt_list);
956 if (sfsp && count < maxcount) {
957 if (is_chrooted && !chroot_visible_mnt(mp, p)) {
958 lwkt_gettokref(&ilock);
959 nmp = TAILQ_NEXT(mp, mnt_list);
965 * If MNT_NOWAIT or MNT_LAZY is specified, do not
966 * refresh the fsstat cache. MNT_NOWAIT or MNT_LAZY
967 * overrides MNT_WAIT.
969 if (((uap->flags & (MNT_LAZY|MNT_NOWAIT)) == 0 ||
970 (uap->flags & MNT_WAIT)) &&
971 (error = VFS_STATFS(mp, sp, td))) {
972 lwkt_gettokref(&ilock);
973 nmp = TAILQ_NEXT(mp, mnt_list);
977 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
979 error = cache_fullpath(p, mp->mnt_ncp, &fullpath, &freepath);
982 bzero(sp->f_mntonname, sizeof(sp->f_mntonname));
983 strlcpy(sp->f_mntonname, fullpath,
984 sizeof(sp->f_mntonname));
985 free(freepath, M_TEMP);
987 error = copyout(sp, sfsp, sizeof(*sp));
995 lwkt_gettokref(&ilock);
996 nmp = TAILQ_NEXT(mp, mnt_list);
999 lwkt_reltoken(&ilock);
1000 if (sfsp && count > maxcount)
1001 uap->sysmsg_result = maxcount;
1003 uap->sysmsg_result = count;
1008 * fchdir_args(int fd)
1010 * Change current working directory to a given file descriptor.
1014 fchdir(struct fchdir_args *uap)
1016 struct thread *td = curthread;
1017 struct proc *p = td->td_proc;
1018 struct filedesc *fdp = p->p_fd;
1019 struct vnode *vp, *ovp;
1022 struct namecache *ncp, *oncp;
1023 struct namecache *nct;
1026 if ((error = getvnode(fdp, uap->fd, &fp)) != 0)
1028 vp = (struct vnode *)fp->f_data;
1030 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
1031 if (vp->v_type != VDIR || fp->f_ncp == NULL)
1034 error = VOP_ACCESS(vp, VEXEC, p->p_ucred, td);
1039 ncp = cache_hold(fp->f_ncp);
1040 while (!error && (mp = vp->v_mountedhere) != NULL) {
1041 error = nlookup_mp(mp, &nct);
1043 cache_unlock(nct); /* leave ref intact */
1046 error = vget(vp, LK_SHARED, td);
1047 KKASSERT(error == 0);
1054 oncp = fdp->fd_ncdir;
1055 VOP_UNLOCK(vp, 0, td); /* leave ref intact */
1057 fdp->fd_ncdir = ncp;
1068 kern_chdir(struct nlookupdata *nd)
1070 struct thread *td = curthread;
1071 struct proc *p = td->td_proc;
1072 struct filedesc *fdp = p->p_fd;
1073 struct vnode *vp, *ovp;
1074 struct namecache *oncp;
1077 if ((error = nlookup(nd)) != 0)
1079 if ((vp = nd->nl_ncp->nc_vp) == NULL)
1081 if ((error = vget(vp, LK_SHARED, td)) != 0)
1084 error = checkvp_chdir(vp, td);
1085 VOP_UNLOCK(vp, 0, td);
1088 oncp = fdp->fd_ncdir;
1089 cache_unlock(nd->nl_ncp); /* leave reference intact */
1090 fdp->fd_ncdir = nd->nl_ncp;
1102 * chdir_args(char *path)
1104 * Change current working directory (``.'').
1107 chdir(struct chdir_args *uap)
1109 struct nlookupdata nd;
1112 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
1114 error = kern_chdir(&nd);
1120 * Helper function for raised chroot(2) security function: Refuse if
1121 * any filedescriptors are open directories.
1124 chroot_refuse_vdir_fds(fdp)
1125 struct filedesc *fdp;
1132 for (fd = 0; fd < fdp->fd_nfiles ; fd++) {
1133 error = getvnode(fdp, fd, &fp);
1136 vp = (struct vnode *)fp->f_data;
1137 if (vp->v_type != VDIR)
1145 * This sysctl determines if we will allow a process to chroot(2) if it
1146 * has a directory open:
1147 * 0: disallowed for all processes.
1148 * 1: allowed for processes that were not already chroot(2)'ed.
1149 * 2: allowed for all processes.
1152 static int chroot_allow_open_directories = 1;
1154 SYSCTL_INT(_kern, OID_AUTO, chroot_allow_open_directories, CTLFLAG_RW,
1155 &chroot_allow_open_directories, 0, "");
1158 * chroot to the specified namecache entry. We obtain the vp from the
1159 * namecache data. The passed ncp must be locked and referenced and will
1160 * remain locked and referenced on return.
1163 kern_chroot(struct namecache *ncp)
1165 struct thread *td = curthread;
1166 struct proc *p = td->td_proc;
1167 struct filedesc *fdp = p->p_fd;
1172 * Only root can chroot
1174 if ((error = suser_cred(p->p_ucred, PRISON_ROOT)) != 0)
1178 * Disallow open directory descriptors (fchdir() breakouts).
1180 if (chroot_allow_open_directories == 0 ||
1181 (chroot_allow_open_directories == 1 && fdp->fd_rdir != rootvnode)) {
1182 if ((error = chroot_refuse_vdir_fds(fdp)) != 0)
1185 if ((vp = ncp->nc_vp) == NULL)
1188 if ((error = vget(vp, LK_SHARED, td)) != 0)
1192 * Check the validity of vp as a directory to change to and
1193 * associate it with rdir/jdir.
1195 error = checkvp_chdir(vp, td);
1196 VOP_UNLOCK(vp, 0, td); /* leave reference intact */
1198 vrele(fdp->fd_rdir);
1199 fdp->fd_rdir = vp; /* reference inherited by fd_rdir */
1200 cache_drop(fdp->fd_nrdir);
1201 fdp->fd_nrdir = cache_hold(ncp);
1202 if (fdp->fd_jdir == NULL) {
1205 fdp->fd_njdir = cache_hold(ncp);
1214 * chroot_args(char *path)
1216 * Change notion of root (``/'') directory.
1220 chroot(struct chroot_args *uap)
1222 struct thread *td = curthread;
1223 struct nlookupdata nd;
1226 KKASSERT(td->td_proc);
1227 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
1232 error = nlookup(&nd);
1234 error = kern_chroot(nd.nl_ncp);
1240 * Common routine for chroot and chdir. Given a locked, referenced vnode,
1241 * determine whether it is legal to chdir to the vnode. The vnode's state
1242 * is not changed by this call.
1245 checkvp_chdir(struct vnode *vp, struct thread *td)
1249 if (vp->v_type != VDIR)
1252 error = VOP_ACCESS(vp, VEXEC, td->td_proc->p_ucred, td);
1257 kern_open(struct nlookupdata *nd, int oflags, int mode, int *res)
1259 struct thread *td = curthread;
1260 struct proc *p = td->td_proc;
1261 struct filedesc *fdp = p->p_fd;
1266 int type, indx, error;
1269 if ((oflags & O_ACCMODE) == O_ACCMODE)
1271 flags = FFLAGS(oflags);
1272 error = falloc(p, &nfp, NULL);
1276 cmode = ((mode &~ fdp->fd_cmask) & ALLPERMS) &~ S_ISTXT;
1279 * XXX p_dupfd is a real mess. It allows a device to return a
1280 * file descriptor to be duplicated rather then doing the open
1286 * Call vn_open() to do the lookup and assign the vnode to the
1287 * file pointer. vn_open() does not change the ref count on fp
1288 * and the vnode, on success, will be inherited by the file pointer
1291 nd->nl_flags |= NLC_LOCKVP;
1292 error = vn_open(nd, fp, flags, cmode);
1296 * handle special fdopen() case. bleh. dupfdopen() is
1297 * responsible for dropping the old contents of ofiles[indx]
1300 * Note that if fsetfd() succeeds it will add a ref to fp
1301 * which represents the fd_ofiles[] assignment. We must still
1302 * drop our reference.
1304 if ((error == ENODEV || error == ENXIO) && p->p_dupfd >= 0) {
1305 if (fsetfd(p, fp, &indx) == 0) {
1306 error = dupfdopen(fdp, indx, p->p_dupfd, flags, error);
1309 fdrop(fp, td); /* our ref */
1312 if (fdp->fd_ofiles[indx] == fp) {
1313 fdp->fd_ofiles[indx] = NULL;
1314 fdrop(fp, td); /* fd_ofiles[] ref */
1318 fdrop(fp, td); /* our ref */
1319 if (error == ERESTART)
1325 * ref the vnode for ourselves so it can't be ripped out from under
1326 * is. XXX need an ND flag to request that the vnode be returned
1329 vp = (struct vnode *)fp->f_data;
1331 if ((error = fsetfd(p, fp, &indx)) != 0) {
1338 * If no error occurs the vp will have been assigned to the file
1344 * There should be 2 references on the file, one from the descriptor
1345 * table, and one for us.
1347 * Handle the case where someone closed the file (via its file
1348 * descriptor) while we were blocked. The end result should look
1349 * like opening the file succeeded but it was immediately closed.
1351 if (fp->f_count == 1) {
1352 KASSERT(fdp->fd_ofiles[indx] != fp,
1353 ("Open file descriptor lost all refs"));
1361 if (flags & (O_EXLOCK | O_SHLOCK)) {
1362 lf.l_whence = SEEK_SET;
1365 if (flags & O_EXLOCK)
1366 lf.l_type = F_WRLCK;
1368 lf.l_type = F_RDLCK;
1370 if ((flags & FNONBLOCK) == 0)
1373 if ((error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf, type)) != 0) {
1375 * lock request failed. Normally close the descriptor
1376 * but handle the case where someone might have dup()d
1377 * it when we weren't looking. One reference is
1378 * owned by the descriptor array, the other by us.
1381 if (fdp->fd_ofiles[indx] == fp) {
1382 fdp->fd_ofiles[indx] = NULL;
1388 fp->f_flag |= FHASLOCK;
1390 /* assert that vn_open created a backing object if one is needed */
1391 KASSERT(!vn_canvmio(vp) || VOP_GETVOBJECT(vp, NULL) == 0,
1392 ("open: vmio vnode has no backing object after vn_open"));
1397 * release our private reference, leaving the one associated with the
1398 * descriptor table intact.
1406 * open_args(char *path, int flags, int mode)
1408 * Check permissions, allocate an open file structure,
1409 * and call the device open routine if any.
1412 open(struct open_args *uap)
1414 struct nlookupdata nd;
1417 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
1419 error = kern_open(&nd, uap->flags,
1420 uap->mode, &uap->sysmsg_result);
1427 kern_mknod(struct nlookupdata *nd, int mode, int dev)
1429 struct namecache *ncp;
1430 struct thread *td = curthread;
1431 struct proc *p = td->td_proc;
1439 switch (mode & S_IFMT) {
1445 error = suser_cred(p->p_ucred, PRISON_ROOT);
1452 nd->nl_flags |= NLC_CREATE;
1453 if ((error = nlookup(nd)) != 0)
1460 vattr.va_mode = (mode & ALLPERMS) &~ p->p_fd->fd_cmask;
1461 vattr.va_rdev = dev;
1464 switch (mode & S_IFMT) {
1465 case S_IFMT: /* used by badsect to flag bad sectors */
1466 vattr.va_type = VBAD;
1469 vattr.va_type = VCHR;
1472 vattr.va_type = VBLK;
1483 error = VOP_NWHITEOUT(ncp, nd->nl_cred, NAMEI_CREATE);
1486 error = VOP_NMKNOD(ncp, &vp, nd->nl_cred, &vattr);
1495 * mknod_args(char *path, int mode, int dev)
1497 * Create a special file.
1500 mknod(struct mknod_args *uap)
1502 struct nlookupdata nd;
1505 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
1507 error = kern_mknod(&nd, uap->mode, uap->dev);
1513 kern_mkfifo(struct nlookupdata *nd, int mode)
1515 struct namecache *ncp;
1516 struct thread *td = curthread;
1517 struct proc *p = td->td_proc;
1524 nd->nl_flags |= NLC_CREATE;
1525 if ((error = nlookup(nd)) != 0)
1532 vattr.va_type = VFIFO;
1533 vattr.va_mode = (mode & ALLPERMS) &~ p->p_fd->fd_cmask;
1535 error = VOP_NMKNOD(ncp, &vp, nd->nl_cred, &vattr);
1542 * mkfifo_args(char *path, int mode)
1544 * Create a named pipe.
1547 mkfifo(struct mkfifo_args *uap)
1549 struct nlookupdata nd;
1552 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
1554 error = kern_mkfifo(&nd, uap->mode);
1560 kern_link(struct nlookupdata *nd, struct nlookupdata *linknd)
1562 struct thread *td = curthread;
1567 * Lookup the source and obtained a locked vnode.
1569 * XXX relookup on vget failure / race ?
1572 if ((error = nlookup(nd)) != 0)
1574 vp = nd->nl_ncp->nc_vp;
1575 KKASSERT(vp != NULL);
1576 if (vp->v_type == VDIR)
1577 return (EPERM); /* POSIX */
1578 if ((error = vget(vp, LK_EXCLUSIVE, td)) != 0)
1582 * Unlock the source so we can lookup the target without deadlocking
1583 * (XXX vp is locked already, possible other deadlock?). The target
1586 KKASSERT(nd->nl_flags & NLC_NCPISLOCKED);
1587 nd->nl_flags &= ~NLC_NCPISLOCKED;
1588 cache_unlock(nd->nl_ncp);
1590 linknd->nl_flags |= NLC_CREATE;
1591 if ((error = nlookup(linknd)) != 0) {
1595 if (linknd->nl_ncp->nc_vp) {
1601 * Finally run the new API VOP.
1603 error = VOP_NLINK(linknd->nl_ncp, vp, linknd->nl_cred);
1609 * link_args(char *path, char *link)
1611 * Make a hard file link.
1614 link(struct link_args *uap)
1616 struct nlookupdata nd, linknd;
1619 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
1621 error = nlookup_init(&linknd, uap->link, UIO_USERSPACE, 0);
1623 error = kern_link(&nd, &linknd);
1624 nlookup_done(&linknd);
1631 kern_symlink(struct nlookupdata *nd, char *path, int mode)
1633 struct namecache *ncp;
1639 nd->nl_flags |= NLC_CREATE;
1640 if ((error = nlookup(nd)) != 0)
1647 vattr.va_mode = mode;
1648 error = VOP_NSYMLINK(ncp, &vp, nd->nl_cred, &vattr, path);
1655 * symlink(char *path, char *link)
1657 * Make a symbolic link.
1660 symlink(struct symlink_args *uap)
1662 struct thread *td = curthread;
1663 struct nlookupdata nd;
1668 path = zalloc(namei_zone);
1669 error = copyinstr(uap->path, path, MAXPATHLEN, NULL);
1671 error = nlookup_init(&nd, uap->link, UIO_USERSPACE, 0);
1673 mode = ACCESSPERMS & ~td->td_proc->p_fd->fd_cmask;
1674 error = kern_symlink(&nd, path, mode);
1678 zfree(namei_zone, path);
1683 * undelete_args(char *path)
1685 * Delete a whiteout from the filesystem.
1689 undelete(struct undelete_args *uap)
1691 struct nlookupdata nd;
1694 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
1696 nd.nl_flags |= NLC_DELETE;
1698 error = nlookup(&nd);
1700 error = VOP_NWHITEOUT(nd.nl_ncp, nd.nl_cred, NAMEI_DELETE);
1706 kern_unlink(struct nlookupdata *nd)
1708 struct namecache *ncp;
1712 nd->nl_flags |= NLC_DELETE;
1713 if ((error = nlookup(nd)) != 0)
1716 error = VOP_NREMOVE(ncp, nd->nl_cred);
1721 * unlink_args(char *path)
1723 * Delete a name from the filesystem.
1726 unlink(struct unlink_args *uap)
1728 struct nlookupdata nd;
1731 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
1733 error = kern_unlink(&nd);
1739 kern_lseek(int fd, off_t offset, int whence, off_t *res)
1741 struct thread *td = curthread;
1742 struct proc *p = td->td_proc;
1743 struct filedesc *fdp = p->p_fd;
1748 if ((u_int)fd >= fdp->fd_nfiles ||
1749 (fp = fdp->fd_ofiles[fd]) == NULL)
1751 if (fp->f_type != DTYPE_VNODE)
1755 fp->f_offset += offset;
1758 error=VOP_GETATTR((struct vnode *)fp->f_data, &vattr, td);
1761 fp->f_offset = offset + vattr.va_size;
1764 fp->f_offset = offset;
1769 *res = fp->f_offset;
1774 * lseek_args(int fd, int pad, off_t offset, int whence)
1776 * Reposition read/write file offset.
1779 lseek(struct lseek_args *uap)
1783 error = kern_lseek(uap->fd, uap->offset, uap->whence,
1784 &uap->sysmsg_offset);
1790 kern_access(struct nlookupdata *nd, int aflags)
1792 struct thread *td = curthread;
1796 if ((error = nlookup(nd)) != 0)
1799 error = cache_vget(nd->nl_ncp, nd->nl_cred, LK_EXCLUSIVE, &vp);
1803 /* Flags == 0 means only check for existence. */
1812 if ((flags & VWRITE) == 0 || (error = vn_writechk(vp)) == 0)
1813 error = VOP_ACCESS(vp, flags, nd->nl_cred, td);
1816 * If the file handle is stale we have to re-resolve the
1817 * entry. This is a hack at the moment.
1819 if (error == ESTALE) {
1820 cache_setunresolved(nd->nl_ncp);
1821 error = cache_resolve(nd->nl_ncp, nd->nl_cred);
1834 * access_args(char *path, int flags)
1836 * Check access permissions.
1839 access(struct access_args *uap)
1841 struct nlookupdata nd;
1844 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
1846 error = kern_access(&nd, uap->flags);
1852 kern_stat(struct nlookupdata *nd, struct stat *st)
1858 if ((error = nlookup(nd)) != 0)
1861 if ((vp = nd->nl_ncp->nc_vp) == NULL)
1865 if ((error = vget(vp, LK_SHARED, td)) != 0)
1867 error = vn_stat(vp, st, td);
1870 * If the file handle is stale we have to re-resolve the entry. This
1871 * is a hack at the moment.
1873 if (error == ESTALE) {
1874 cache_setunresolved(nd->nl_ncp);
1875 error = cache_resolve(nd->nl_ncp, nd->nl_cred);
1886 * stat_args(char *path, struct stat *ub)
1888 * Get file status; this version follows links.
1891 stat(struct stat_args *uap)
1893 struct nlookupdata nd;
1897 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
1899 error = kern_stat(&nd, &st);
1901 error = copyout(&st, uap->ub, sizeof(*uap->ub));
1908 * lstat_args(char *path, struct stat *ub)
1910 * Get file status; this version does not follow links.
1913 lstat(struct lstat_args *uap)
1915 struct nlookupdata nd;
1919 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
1921 error = kern_stat(&nd, &st);
1923 error = copyout(&st, uap->ub, sizeof(*uap->ub));
1934 nsb->st_dev = sb->st_dev;
1935 nsb->st_ino = sb->st_ino;
1936 nsb->st_mode = sb->st_mode;
1937 nsb->st_nlink = sb->st_nlink;
1938 nsb->st_uid = sb->st_uid;
1939 nsb->st_gid = sb->st_gid;
1940 nsb->st_rdev = sb->st_rdev;
1941 nsb->st_atimespec = sb->st_atimespec;
1942 nsb->st_mtimespec = sb->st_mtimespec;
1943 nsb->st_ctimespec = sb->st_ctimespec;
1944 nsb->st_size = sb->st_size;
1945 nsb->st_blocks = sb->st_blocks;
1946 nsb->st_blksize = sb->st_blksize;
1947 nsb->st_flags = sb->st_flags;
1948 nsb->st_gen = sb->st_gen;
1949 nsb->st_qspare[0] = sb->st_qspare[0];
1950 nsb->st_qspare[1] = sb->st_qspare[1];
1954 * nstat_args(char *path, struct nstat *ub)
1958 nstat(struct nstat_args *uap)
1960 struct thread *td = curthread;
1964 struct nlookupdata nd;
1968 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
1970 error = nlookup(&nd);
1972 error = cache_vget(nd.nl_ncp, nd.nl_cred, LK_EXCLUSIVE, &vp);
1975 error = vn_stat(vp, &sb, td);
1978 cvtnstat(&sb, &nsb);
1979 error = copyout(&nsb, uap->ub, sizeof(nsb));
1986 * lstat_args(char *path, struct stat *ub)
1988 * Get file status; this version does not follow links.
1992 nlstat(struct nlstat_args *uap)
1994 struct thread *td = curthread;
1998 struct nlookupdata nd;
2002 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
2004 error = nlookup(&nd);
2006 error = cache_vget(nd.nl_ncp, nd.nl_cred, LK_EXCLUSIVE, &vp);
2009 error = vn_stat(vp, &sb, td);
2012 cvtnstat(&sb, &nsb);
2013 error = copyout(&nsb, uap->ub, sizeof(nsb));
2020 * pathconf_Args(char *path, int name)
2022 * Get configurable pathname variables.
2026 pathconf(struct pathconf_args *uap)
2028 struct nlookupdata nd;
2033 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
2035 error = nlookup(&nd);
2037 error = cache_vget(nd.nl_ncp, nd.nl_cred, LK_EXCLUSIVE, &vp);
2040 error = VOP_PATHCONF(vp, uap->name, uap->sysmsg_fds);
2048 * kern_readlink isn't properly split yet. There is a copyin burried
2049 * in VOP_READLINK().
2052 kern_readlink(struct nlookupdata *nd, char *buf, int count, int *res)
2054 struct thread *td = curthread;
2055 struct proc *p = td->td_proc;
2061 if ((error = nlookup(nd)) != 0)
2063 error = cache_vget(nd->nl_ncp, nd->nl_cred, LK_EXCLUSIVE, &vp);
2066 if (vp->v_type != VLNK) {
2069 aiov.iov_base = buf;
2070 aiov.iov_len = count;
2071 auio.uio_iov = &aiov;
2072 auio.uio_iovcnt = 1;
2073 auio.uio_offset = 0;
2074 auio.uio_rw = UIO_READ;
2075 auio.uio_segflg = UIO_USERSPACE;
2077 auio.uio_resid = count;
2078 error = VOP_READLINK(vp, &auio, p->p_ucred);
2081 *res = count - auio.uio_resid;
2086 * readlink_args(char *path, char *buf, int count)
2088 * Return target name of a symbolic link.
2091 readlink(struct readlink_args *uap)
2093 struct nlookupdata nd;
2096 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
2098 error = kern_readlink(&nd, uap->buf, uap->count,
2099 &uap->sysmsg_result);
2106 setfflags(struct vnode *vp, int flags)
2108 struct thread *td = curthread;
2109 struct proc *p = td->td_proc;
2114 * Prevent non-root users from setting flags on devices. When
2115 * a device is reused, users can retain ownership of the device
2116 * if they are allowed to set flags and programs assume that
2117 * chown can't fail when done as root.
2119 if ((vp->v_type == VCHR || vp->v_type == VBLK) &&
2120 ((error = suser_cred(p->p_ucred, PRISON_ROOT)) != 0))
2124 * note: vget is required for any operation that might mod the vnode
2125 * so VINACTIVE is properly cleared.
2127 VOP_LEASE(vp, td, p->p_ucred, LEASE_WRITE);
2128 if ((error = vget(vp, LK_EXCLUSIVE, td)) == 0) {
2130 vattr.va_flags = flags;
2131 error = VOP_SETATTR(vp, &vattr, p->p_ucred, td);
2138 * chflags(char *path, int flags)
2140 * Change flags of a file given a path name.
2144 chflags(struct chflags_args *uap)
2146 struct nlookupdata nd;
2151 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
2152 /* XXX Add NLC flag indicating modifying operation? */
2154 error = nlookup(&nd);
2156 error = cache_vref(nd.nl_ncp, nd.nl_cred, &vp);
2159 error = setfflags(vp, uap->flags);
2166 * fchflags_args(int fd, int flags)
2168 * Change flags of a file given a file descriptor.
2172 fchflags(struct fchflags_args *uap)
2174 struct thread *td = curthread;
2175 struct proc *p = td->td_proc;
2179 if ((error = getvnode(p->p_fd, uap->fd, &fp)) != 0)
2181 return setfflags((struct vnode *) fp->f_data, uap->flags);
2185 setfmode(struct vnode *vp, int mode)
2187 struct thread *td = curthread;
2188 struct proc *p = td->td_proc;
2193 * note: vget is required for any operation that might mod the vnode
2194 * so VINACTIVE is properly cleared.
2196 VOP_LEASE(vp, td, p->p_ucred, LEASE_WRITE);
2197 if ((error = vget(vp, LK_EXCLUSIVE, td)) == 0) {
2199 vattr.va_mode = mode & ALLPERMS;
2200 error = VOP_SETATTR(vp, &vattr, p->p_ucred, td);
2207 kern_chmod(struct nlookupdata *nd, int mode)
2212 /* XXX Add NLC flag indicating modifying operation? */
2213 if ((error = nlookup(nd)) != 0)
2215 if ((error = cache_vref(nd->nl_ncp, nd->nl_cred, &vp)) != 0)
2217 error = setfmode(vp, mode);
2223 * chmod_args(char *path, int mode)
2225 * Change mode of a file given path name.
2229 chmod(struct chmod_args *uap)
2231 struct nlookupdata nd;
2234 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
2236 error = kern_chmod(&nd, uap->mode);
2242 * lchmod_args(char *path, int mode)
2244 * Change mode of a file given path name (don't follow links.)
2248 lchmod(struct lchmod_args *uap)
2250 struct nlookupdata nd;
2253 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
2255 error = kern_chmod(&nd, uap->mode);
2261 * fchmod_args(int fd, int mode)
2263 * Change mode of a file given a file descriptor.
2267 fchmod(struct fchmod_args *uap)
2269 struct thread *td = curthread;
2270 struct proc *p = td->td_proc;
2274 if ((error = getvnode(p->p_fd, uap->fd, &fp)) != 0)
2276 return setfmode((struct vnode *)fp->f_data, uap->mode);
2280 setfown(struct vnode *vp, uid_t uid, gid_t gid)
2282 struct thread *td = curthread;
2283 struct proc *p = td->td_proc;
2288 * note: vget is required for any operation that might mod the vnode
2289 * so VINACTIVE is properly cleared.
2291 VOP_LEASE(vp, td, p->p_ucred, LEASE_WRITE);
2292 if ((error = vget(vp, LK_EXCLUSIVE, td)) == 0) {
2296 error = VOP_SETATTR(vp, &vattr, p->p_ucred, td);
2303 kern_chown(struct nlookupdata *nd, int uid, int gid)
2308 /* XXX Add NLC flag indicating modifying operation? */
2309 if ((error = nlookup(nd)) != 0)
2311 if ((error = cache_vref(nd->nl_ncp, nd->nl_cred, &vp)) != 0)
2313 error = setfown(vp, uid, gid);
2319 * chown(char *path, int uid, int gid)
2321 * Set ownership given a path name.
2324 chown(struct chown_args *uap)
2326 struct nlookupdata nd;
2329 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
2331 error = kern_chown(&nd, uap->uid, uap->gid);
2337 * lchown_args(char *path, int uid, int gid)
2339 * Set ownership given a path name, do not cross symlinks.
2342 lchown(struct lchown_args *uap)
2344 struct nlookupdata nd;
2347 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
2349 error = kern_chown(&nd, uap->uid, uap->gid);
2355 * fchown_args(int fd, int uid, int gid)
2357 * Set ownership given a file descriptor.
2361 fchown(struct fchown_args *uap)
2363 struct thread *td = curthread;
2364 struct proc *p = td->td_proc;
2368 if ((error = getvnode(p->p_fd, uap->fd, &fp)) != 0)
2370 return setfown((struct vnode *)fp->f_data,
2371 uap->uid, uap->gid);
2375 getutimes(const struct timeval *tvp, struct timespec *tsp)
2377 struct timeval tv[2];
2381 TIMEVAL_TO_TIMESPEC(&tv[0], &tsp[0]);
2384 TIMEVAL_TO_TIMESPEC(&tvp[0], &tsp[0]);
2385 TIMEVAL_TO_TIMESPEC(&tvp[1], &tsp[1]);
2391 setutimes(struct vnode *vp, const struct timespec *ts, int nullflag)
2393 struct thread *td = curthread;
2394 struct proc *p = td->td_proc;
2399 * note: vget is required for any operation that might mod the vnode
2400 * so VINACTIVE is properly cleared.
2402 VOP_LEASE(vp, td, p->p_ucred, LEASE_WRITE);
2403 if ((error = vget(vp, LK_EXCLUSIVE, td)) == 0) {
2405 vattr.va_atime = ts[0];
2406 vattr.va_mtime = ts[1];
2408 vattr.va_vaflags |= VA_UTIMES_NULL;
2409 error = VOP_SETATTR(vp, &vattr, p->p_ucred, td);
2416 kern_utimes(struct nlookupdata *nd, struct timeval *tptr)
2418 struct timespec ts[2];
2422 if ((error = getutimes(tptr, ts)) != 0)
2424 /* XXX Add NLC flag indicating modifying operation? */
2425 if ((error = nlookup(nd)) != 0)
2427 if ((error = cache_vref(nd->nl_ncp, nd->nl_cred, &vp)) != 0)
2429 error = setutimes(vp, ts, tptr == NULL);
2435 * utimes_args(char *path, struct timeval *tptr)
2437 * Set the access and modification times of a file.
2440 utimes(struct utimes_args *uap)
2442 struct timeval tv[2];
2443 struct nlookupdata nd;
2447 error = copyin(uap->tptr, tv, sizeof(tv));
2451 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
2453 error = kern_utimes(&nd, uap->tptr ? tv : NULL);
2459 * lutimes_args(char *path, struct timeval *tptr)
2461 * Set the access and modification times of a file.
2464 lutimes(struct lutimes_args *uap)
2466 struct timeval tv[2];
2467 struct nlookupdata nd;
2471 error = copyin(uap->tptr, tv, sizeof(tv));
2475 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
2477 error = kern_utimes(&nd, uap->tptr ? tv : NULL);
2483 kern_futimes(int fd, struct timeval *tptr)
2485 struct thread *td = curthread;
2486 struct proc *p = td->td_proc;
2487 struct timespec ts[2];
2491 error = getutimes(tptr, ts);
2494 error = getvnode(p->p_fd, fd, &fp);
2497 error = setutimes((struct vnode *)fp->f_data, ts, tptr == NULL);
2502 * futimes_args(int fd, struct timeval *tptr)
2504 * Set the access and modification times of a file.
2507 futimes(struct futimes_args *uap)
2509 struct timeval tv[2];
2513 error = copyin(uap->tptr, tv, sizeof(tv));
2518 error = kern_futimes(uap->fd, uap->tptr ? tv : NULL);
2524 kern_truncate(struct nlookupdata *nd, off_t length)
2532 /* XXX Add NLC flag indicating modifying operation? */
2533 if ((error = nlookup(nd)) != 0)
2535 if ((error = cache_vref(nd->nl_ncp, nd->nl_cred, &vp)) != 0)
2537 VOP_LEASE(vp, nd->nl_td, nd->nl_cred, LEASE_WRITE);
2538 if ((error = vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, nd->nl_td)) != 0) {
2542 if (vp->v_type == VDIR) {
2544 } else if ((error = vn_writechk(vp)) == 0 &&
2545 (error = VOP_ACCESS(vp, VWRITE, nd->nl_cred, nd->nl_td)) == 0) {
2547 vattr.va_size = length;
2548 error = VOP_SETATTR(vp, &vattr, nd->nl_cred, nd->nl_td);
2555 * truncate(char *path, int pad, off_t length)
2557 * Truncate a file given its path name.
2560 truncate(struct truncate_args *uap)
2562 struct nlookupdata nd;
2565 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
2567 error = kern_truncate(&nd, uap->length);
2573 kern_ftruncate(int fd, off_t length)
2575 struct thread *td = curthread;
2576 struct proc *p = td->td_proc;
2584 if ((error = getvnode(p->p_fd, fd, &fp)) != 0)
2586 if ((fp->f_flag & FWRITE) == 0)
2588 vp = (struct vnode *)fp->f_data;
2589 VOP_LEASE(vp, td, p->p_ucred, LEASE_WRITE);
2590 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
2591 if (vp->v_type == VDIR)
2593 else if ((error = vn_writechk(vp)) == 0) {
2595 vattr.va_size = length;
2596 error = VOP_SETATTR(vp, &vattr, fp->f_cred, td);
2598 VOP_UNLOCK(vp, 0, td);
2603 * ftruncate_args(int fd, int pad, off_t length)
2605 * Truncate a file given a file descriptor.
2608 ftruncate(struct ftruncate_args *uap)
2612 error = kern_ftruncate(uap->fd, uap->length);
2620 * Sync an open file.
2624 fsync(struct fsync_args *uap)
2626 struct thread *td = curthread;
2627 struct proc *p = td->td_proc;
2633 if ((error = getvnode(p->p_fd, uap->fd, &fp)) != 0)
2635 vp = (struct vnode *)fp->f_data;
2636 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
2637 if (VOP_GETVOBJECT(vp, &obj) == 0)
2638 vm_object_page_clean(obj, 0, 0, 0);
2639 if ((error = VOP_FSYNC(vp, MNT_WAIT, td)) == 0 &&
2640 vp->v_mount && (vp->v_mount->mnt_flag & MNT_SOFTDEP) &&
2642 error = (*bioops.io_fsync)(vp);
2643 VOP_UNLOCK(vp, 0, td);
2648 kern_rename(struct nlookupdata *fromnd, struct nlookupdata *tond)
2650 struct namecache *fncpd;
2651 struct namecache *tncpd;
2652 struct namecache *ncp;
2657 if ((error = nlookup(fromnd)) != 0)
2659 if ((fncpd = fromnd->nl_ncp->nc_parent) == NULL)
2664 * unlock the source ncp so we can lookup the target ncp without
2665 * deadlocking. The target may or may not exist so we do not check
2666 * for a target vp like kern_mkdir() and other creation functions do.
2668 * The source and target directories are ref'd and rechecked after
2669 * everything is relocked to determine if the source or target file
2672 KKASSERT(fromnd->nl_flags & NLC_NCPISLOCKED);
2673 fromnd->nl_flags &= ~NLC_NCPISLOCKED;
2674 cache_unlock(fromnd->nl_ncp);
2676 tond->nl_flags |= NLC_CREATE;
2677 if ((error = nlookup(tond)) != 0) {
2681 if ((tncpd = tond->nl_ncp->nc_parent) == NULL) {
2688 * If the source and target are the same there is nothing to do
2690 if (fromnd->nl_ncp == tond->nl_ncp) {
2697 * relock the source ncp
2699 if (cache_lock_nonblock(fromnd->nl_ncp) == 0) {
2700 cache_resolve(fromnd->nl_ncp, fromnd->nl_cred);
2701 } else if (fromnd->nl_ncp > tond->nl_ncp) {
2702 cache_lock(fromnd->nl_ncp);
2703 cache_resolve(fromnd->nl_ncp, fromnd->nl_cred);
2705 cache_unlock(tond->nl_ncp);
2706 cache_lock(fromnd->nl_ncp);
2707 cache_resolve(fromnd->nl_ncp, fromnd->nl_cred);
2708 cache_lock(tond->nl_ncp);
2709 cache_resolve(tond->nl_ncp, tond->nl_cred);
2711 fromnd->nl_flags |= NLC_NCPISLOCKED;
2714 * make sure the parent directories linkages are the same
2716 if (fncpd != fromnd->nl_ncp->nc_parent ||
2717 tncpd != tond->nl_ncp->nc_parent) {
2724 * Both the source and target must be within the same filesystem and
2725 * in the same filesystem as their parent directories within the
2726 * namecache topology.
2728 mp = fncpd->nc_mount;
2729 if (mp != tncpd->nc_mount || mp != fromnd->nl_ncp->nc_mount ||
2730 mp != tond->nl_ncp->nc_mount) {
2737 * If the target exists and either the source or target is a directory,
2738 * then both must be directories.
2740 if (tond->nl_ncp->nc_vp) {
2741 if (fromnd->nl_ncp->nc_vp->v_type == VDIR) {
2742 if (tond->nl_ncp->nc_vp->v_type != VDIR)
2744 } else if (tond->nl_ncp->nc_vp->v_type == VDIR) {
2750 * You cannot rename a source into itself or a subdirectory of itself.
2751 * We check this by travsersing the target directory upwards looking
2752 * for a match against the source.
2755 for (ncp = tncpd; ncp; ncp = ncp->nc_parent) {
2756 if (fromnd->nl_ncp == ncp) {
2767 error = VOP_NRENAME(fromnd->nl_ncp, tond->nl_ncp, tond->nl_cred);
2772 * rename_args(char *from, char *to)
2774 * Rename files. Source and destination must either both be directories,
2775 * or both not be directories. If target is a directory, it must be empty.
2778 rename(struct rename_args *uap)
2780 struct nlookupdata fromnd, tond;
2783 error = nlookup_init(&fromnd, uap->from, UIO_USERSPACE, 0);
2785 error = nlookup_init(&tond, uap->to, UIO_USERSPACE, 0);
2787 error = kern_rename(&fromnd, &tond);
2788 nlookup_done(&tond);
2790 nlookup_done(&fromnd);
2795 kern_mkdir(struct nlookupdata *nd, int mode)
2797 struct thread *td = curthread;
2798 struct proc *p = td->td_proc;
2799 struct namecache *ncp;
2805 nd->nl_flags |= NLC_WILLBEDIR | NLC_CREATE;
2806 if ((error = nlookup(nd)) != 0)
2814 vattr.va_type = VDIR;
2815 vattr.va_mode = (mode & ACCESSPERMS) &~ p->p_fd->fd_cmask;
2818 error = VOP_NMKDIR(ncp, &vp, p->p_ucred, &vattr);
2825 * mkdir_args(char *path, int mode)
2827 * Make a directory file.
2831 mkdir(struct mkdir_args *uap)
2833 struct nlookupdata nd;
2836 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
2838 error = kern_mkdir(&nd, uap->mode);
2844 kern_rmdir(struct nlookupdata *nd)
2846 struct namecache *ncp;
2850 nd->nl_flags |= NLC_DELETE;
2851 if ((error = nlookup(nd)) != 0)
2855 error = VOP_NRMDIR(ncp, nd->nl_cred);
2860 * rmdir_args(char *path)
2862 * Remove a directory file.
2866 rmdir(struct rmdir_args *uap)
2868 struct nlookupdata nd;
2871 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, 0);
2873 error = kern_rmdir(&nd);
2879 kern_getdirentries(int fd, char *buf, u_int count, long *basep, int *res)
2881 struct thread *td = curthread;
2882 struct proc *p = td->td_proc;
2890 if ((error = getvnode(p->p_fd, fd, &fp)) != 0)
2892 if ((fp->f_flag & FREAD) == 0)
2894 vp = (struct vnode *)fp->f_data;
2896 if (vp->v_type != VDIR)
2898 aiov.iov_base = buf;
2899 aiov.iov_len = count;
2900 auio.uio_iov = &aiov;
2901 auio.uio_iovcnt = 1;
2902 auio.uio_rw = UIO_READ;
2903 auio.uio_segflg = UIO_USERSPACE;
2905 auio.uio_resid = count;
2906 /* vn_lock(vp, LK_SHARED | LK_RETRY, td); */
2907 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
2908 loff = auio.uio_offset = fp->f_offset;
2909 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, NULL, NULL);
2910 fp->f_offset = auio.uio_offset;
2911 VOP_UNLOCK(vp, 0, td);
2914 if (count == auio.uio_resid) {
2915 if (union_dircheckp) {
2916 error = union_dircheckp(td, &vp, fp);
2922 if ((vp->v_flag & VROOT) &&
2923 (vp->v_mount->mnt_flag & MNT_UNION)) {
2924 struct vnode *tvp = vp;
2925 vp = vp->v_mount->mnt_vnodecovered;
2927 fp->f_data = (caddr_t)vp;
2936 *res = count - auio.uio_resid;
2941 * getdirentries_args(int fd, char *buf, u_int conut, long *basep)
2943 * Read a block of directory entries in a file system independent format.
2946 getdirentries(struct getdirentries_args *uap)
2951 error = kern_getdirentries(uap->fd, uap->buf, uap->count, &base,
2952 &uap->sysmsg_result);
2955 error = copyout(&base, uap->basep, sizeof(*uap->basep));
2960 * getdents_args(int fd, char *buf, size_t count)
2963 getdents(struct getdents_args *uap)
2967 error = kern_getdirentries(uap->fd, uap->buf, uap->count, NULL,
2968 &uap->sysmsg_result);
2974 * umask(int newmask)
2976 * Set the mode mask for creation of filesystem nodes.
2981 umask(struct umask_args *uap)
2983 struct thread *td = curthread;
2984 struct proc *p = td->td_proc;
2985 struct filedesc *fdp;
2988 uap->sysmsg_result = fdp->fd_cmask;
2989 fdp->fd_cmask = uap->newmask & ALLPERMS;
2994 * revoke(char *path)
2996 * Void all references to file by ripping underlying filesystem
3001 revoke(struct revoke_args *uap)
3003 struct thread *td = curthread;
3004 struct nlookupdata nd;
3011 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
3013 error = nlookup(&nd);
3015 error = cache_vref(nd.nl_ncp, nd.nl_cred, &vp);
3016 cred = crhold(nd.nl_cred);
3019 if (vp->v_type != VCHR && vp->v_type != VBLK)
3022 error = VOP_GETATTR(vp, &vattr, td);
3023 if (error == 0 && cred->cr_uid != vattr.va_uid)
3024 error = suser_cred(cred, PRISON_ROOT);
3025 if (error == 0 && count_udev(vp->v_udev) > 0) {
3026 if ((error = vx_lock(vp)) == 0) {
3027 VOP_REVOKE(vp, REVOKEALL);
3038 * Convert a user file descriptor to a kernel file entry.
3041 getvnode(struct filedesc *fdp, int fd, struct file **fpp)
3045 if ((u_int)fd >= fdp->fd_nfiles ||
3046 (fp = fdp->fd_ofiles[fd]) == NULL)
3048 if (fp->f_type != DTYPE_VNODE && fp->f_type != DTYPE_FIFO)
3054 * getfh_args(char *fname, fhandle_t *fhp)
3056 * Get (NFS) file handle
3059 getfh(struct getfh_args *uap)
3061 struct thread *td = curthread;
3062 struct nlookupdata nd;
3068 * Must be super user
3070 if ((error = suser(td)) != 0)
3074 error = nlookup_init(&nd, uap->fname, UIO_USERSPACE, NLC_FOLLOW);
3076 error = nlookup(&nd);
3078 error = cache_vget(nd.nl_ncp, nd.nl_cred, LK_EXCLUSIVE, &vp);
3081 bzero(&fh, sizeof(fh));
3082 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
3083 error = VFS_VPTOFH(vp, &fh.fh_fid);
3086 error = copyout(&fh, uap->fhp, sizeof(fh));
3092 * fhopen_args(const struct fhandle *u_fhp, int flags)
3094 * syscall for the rpc.lockd to use to translate a NFS file handle into
3095 * an open descriptor.
3097 * warning: do not remove the suser() call or this becomes one giant
3101 fhopen(struct fhopen_args *uap)
3103 struct thread *td = curthread;
3104 struct proc *p = td->td_proc;
3109 struct vattr *vap = &vat;
3111 struct filedesc *fdp = p->p_fd;
3112 int fmode, mode, error, type;
3118 * Must be super user
3124 fmode = FFLAGS(uap->flags);
3125 /* why not allow a non-read/write open for our lockd? */
3126 if (((fmode & (FREAD | FWRITE)) == 0) || (fmode & O_CREAT))
3128 error = copyin(uap->u_fhp, &fhp, sizeof(fhp));
3131 /* find the mount point */
3132 mp = vfs_getvfs(&fhp.fh_fsid);
3135 /* now give me my vnode, it gets returned to me locked */
3136 error = VFS_FHTOVP(mp, &fhp.fh_fid, &vp);
3140 * from now on we have to make sure not
3141 * to forget about the vnode
3142 * any error that causes an abort must vput(vp)
3143 * just set error = err and 'goto bad;'.
3149 if (vp->v_type == VLNK) {
3153 if (vp->v_type == VSOCK) {
3158 if (fmode & (FWRITE | O_TRUNC)) {
3159 if (vp->v_type == VDIR) {
3163 error = vn_writechk(vp);
3171 error = VOP_ACCESS(vp, mode, p->p_ucred, td);
3175 if (fmode & O_TRUNC) {
3176 VOP_UNLOCK(vp, 0, td); /* XXX */
3177 VOP_LEASE(vp, td, p->p_ucred, LEASE_WRITE);
3178 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); /* XXX */
3181 error = VOP_SETATTR(vp, vap, p->p_ucred, td);
3187 * VOP_OPEN needs the file pointer so it can potentially override
3190 * WARNING! no f_ncp will be associated when fhopen()ing a directory.
3193 if ((error = falloc(p, &nfp, NULL)) != 0)
3197 fp->f_data = (caddr_t)vp;
3198 fp->f_flag = fmode & FMASK;
3199 fp->f_ops = &vnode_fileops;
3200 fp->f_type = DTYPE_VNODE;
3202 error = VOP_OPEN(vp, fmode, p->p_ucred, fp, td);
3205 * setting f_ops this way prevents VOP_CLOSE from being
3206 * called or fdrop() releasing the vp from v_data. Since
3207 * the VOP_OPEN failed we don't want to VOP_CLOSE.
3209 fp->f_ops = &badfileops;
3218 * The fp now owns a reference on the vnode. We still have our own
3224 * Make sure that a VM object is created for VMIO support. If this
3225 * fails just fdrop() normally to clean up.
3227 if (vn_canvmio(vp) == TRUE) {
3228 if ((error = vfs_object_create(vp, td)) != 0) {
3235 * The open was successful, associate it with a file descriptor.
3237 if ((error = fsetfd(p, fp, &indx)) != 0) {
3244 if (fmode & (O_EXLOCK | O_SHLOCK)) {
3245 lf.l_whence = SEEK_SET;
3248 if (fmode & O_EXLOCK)
3249 lf.l_type = F_WRLCK;
3251 lf.l_type = F_RDLCK;
3253 if ((fmode & FNONBLOCK) == 0)
3255 VOP_UNLOCK(vp, 0, td);
3256 if ((error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf, type)) != 0) {
3258 * lock request failed. Normally close the descriptor
3259 * but handle the case where someone might have dup()d
3260 * or close()d it when we weren't looking.
3262 if (fdp->fd_ofiles[indx] == fp) {
3263 fdp->fd_ofiles[indx] = NULL;
3268 * release our private reference.
3274 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3275 fp->f_flag |= FHASLOCK;
3277 if ((vp->v_type == VREG) && (VOP_GETVOBJECT(vp, NULL) != 0))
3278 vfs_object_create(vp, td);
3282 uap->sysmsg_result = indx;
3291 * fhstat_args(struct fhandle *u_fhp, struct stat *sb)
3294 fhstat(struct fhstat_args *uap)
3296 struct thread *td = curthread;
3304 * Must be super user
3310 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
3314 if ((mp = vfs_getvfs(&fh.fh_fsid)) == NULL)
3316 if ((error = VFS_FHTOVP(mp, &fh.fh_fid, &vp)))
3318 error = vn_stat(vp, &sb, td);
3322 error = copyout(&sb, uap->sb, sizeof(sb));
3327 * fhstatfs_args(struct fhandle *u_fhp, struct statfs *buf)
3330 fhstatfs(struct fhstatfs_args *uap)
3332 struct thread *td = curthread;
3333 struct proc *p = td->td_proc;
3338 char *fullpath, *freepath;
3343 * Must be super user
3345 if ((error = suser(td)))
3348 if ((error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t))) != 0)
3351 if ((mp = vfs_getvfs(&fh.fh_fsid)) == NULL)
3354 if (p != NULL && (p->p_fd->fd_nrdir->nc_flag & NCF_ROOT) == 0 &&
3355 !chroot_visible_mnt(mp, p))
3358 if ((error = VFS_FHTOVP(mp, &fh.fh_fid, &vp)))
3363 if ((error = VFS_STATFS(mp, sp, td)) != 0)
3366 error = cache_fullpath(p, mp->mnt_ncp, &fullpath, &freepath);
3369 bzero(sp->f_mntonname, sizeof(sp->f_mntonname));
3370 strlcpy(sp->f_mntonname, fullpath, sizeof(sp->f_mntonname));
3371 free(freepath, M_TEMP);
3373 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
3375 bcopy(sp, &sb, sizeof(sb));
3376 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
3379 return (copyout(sp, uap->buf, sizeof(*sp)));
3383 * Syscall to push extended attribute configuration information into the
3384 * VFS. Accepts a path, which it converts to a mountpoint, as well as
3385 * a command (int cmd), and attribute name and misc data. For now, the
3386 * attribute name is left in userspace for consumption by the VFS_op.
3387 * It will probably be changed to be copied into sysspace by the
3388 * syscall in the future, once issues with various consumers of the
3389 * attribute code have raised their hands.
3391 * Currently this is used only by UFS Extended Attributes.
3394 extattrctl(struct extattrctl_args *uap)
3396 struct nlookupdata nd;
3402 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
3404 error = nlookup(&nd);
3406 mp = nd.nl_ncp->nc_mount;
3407 error = VFS_EXTATTRCTL(mp, uap->cmd,
3408 uap->attrname, uap->arg,
3416 * Syscall to set a named extended attribute on a file or directory.
3417 * Accepts attribute name, and a uio structure pointing to the data to set.
3418 * The uio is consumed in the style of writev(). The real work happens
3419 * in VOP_SETEXTATTR().
3422 extattr_set_file(struct extattr_set_file_args *uap)
3424 char attrname[EXTATTR_MAXNAMELEN];
3425 struct iovec aiov[UIO_SMALLIOV];
3426 struct iovec *needfree;
3427 struct nlookupdata nd;
3436 error = copyin(uap->attrname, attrname, EXTATTR_MAXNAMELEN);
3441 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
3443 error = nlookup(&nd);
3445 error = cache_vget(nd.nl_ncp, nd.nl_cred, LK_EXCLUSIVE, &vp);
3452 iovlen = uap->iovcnt * sizeof(struct iovec);
3453 if (uap->iovcnt > UIO_SMALLIOV) {
3454 if (uap->iovcnt > UIO_MAXIOV) {
3458 MALLOC(iov, struct iovec *, iovlen, M_IOV, M_WAITOK);
3464 auio.uio_iovcnt = uap->iovcnt;
3465 auio.uio_rw = UIO_WRITE;
3466 auio.uio_segflg = UIO_USERSPACE;
3467 auio.uio_td = nd.nl_td;
3468 auio.uio_offset = 0;
3469 if ((error = copyin(uap->iovp, iov, iovlen)))
3472 for (i = 0; i < uap->iovcnt; i++) {
3473 if (iov->iov_len > INT_MAX - auio.uio_resid) {
3477 auio.uio_resid += iov->iov_len;
3480 cnt = auio.uio_resid;
3481 error = VOP_SETEXTATTR(vp, attrname, &auio, nd.nl_cred, nd.nl_td);
3482 cnt -= auio.uio_resid;
3483 uap->sysmsg_result = cnt;
3488 FREE(needfree, M_IOV);
3493 * Syscall to get a named extended attribute on a file or directory.
3494 * Accepts attribute name, and a uio structure pointing to a buffer for the
3495 * data. The uio is consumed in the style of readv(). The real work
3496 * happens in VOP_GETEXTATTR();
3499 extattr_get_file(struct extattr_get_file_args *uap)
3501 char attrname[EXTATTR_MAXNAMELEN];
3502 struct iovec aiov[UIO_SMALLIOV];
3503 struct iovec *needfree;
3504 struct nlookupdata nd;
3513 error = copyin(uap->attrname, attrname, EXTATTR_MAXNAMELEN);
3518 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
3520 error = nlookup(&nd);
3522 error = cache_vget(nd.nl_ncp, nd.nl_cred, LK_EXCLUSIVE, &vp);
3528 iovlen = uap->iovcnt * sizeof (struct iovec);
3530 if (uap->iovcnt > UIO_SMALLIOV) {
3531 if (uap->iovcnt > UIO_MAXIOV) {
3535 MALLOC(iov, struct iovec *, iovlen, M_IOV, M_WAITOK);
3541 auio.uio_iovcnt = uap->iovcnt;
3542 auio.uio_rw = UIO_READ;
3543 auio.uio_segflg = UIO_USERSPACE;
3544 auio.uio_td = nd.nl_td;
3545 auio.uio_offset = 0;
3546 if ((error = copyin(uap->iovp, iov, iovlen)))
3549 for (i = 0; i < uap->iovcnt; i++) {
3550 if (iov->iov_len > INT_MAX - auio.uio_resid) {
3554 auio.uio_resid += iov->iov_len;
3557 cnt = auio.uio_resid;
3558 error = VOP_GETEXTATTR(vp, attrname, &auio, nd.nl_cred, nd.nl_td);
3559 cnt -= auio.uio_resid;
3560 uap->sysmsg_result = cnt;
3565 FREE(needfree, M_IOV);
3570 * Syscall to delete a named extended attribute from a file or directory.
3571 * Accepts attribute name. The real work happens in VOP_SETEXTATTR().
3574 extattr_delete_file(struct extattr_delete_file_args *uap)
3576 char attrname[EXTATTR_MAXNAMELEN];
3577 struct nlookupdata nd;
3581 error = copyin(uap->attrname, attrname, EXTATTR_MAXNAMELEN);
3586 error = nlookup_init(&nd, uap->path, UIO_USERSPACE, NLC_FOLLOW);
3588 error = nlookup(&nd);
3590 error = cache_vget(nd.nl_ncp, nd.nl_cred, LK_EXCLUSIVE, &vp);
3596 error = VOP_SETEXTATTR(vp, attrname, NULL, nd.nl_cred, nd.nl_td);
3603 * print out statistics from the current status of the buffer pool
3604 * this can be toggeled by the system control option debug.syncprt
3613 int counts[(MAXBSIZE / PAGE_SIZE) + 1];
3614 static char *bname[3] = { "LOCKED", "LRU", "AGE" };
3616 for (dp = bufqueues, i = 0; dp < &bufqueues[3]; dp++, i++) {
3618 for (j = 0; j <= MAXBSIZE/PAGE_SIZE; j++)
3621 TAILQ_FOREACH(bp, dp, b_freelist) {
3622 counts[bp->b_bufsize/PAGE_SIZE]++;
3626 printf("%s: total-%d", bname[i], count);
3627 for (j = 0; j <= MAXBSIZE/PAGE_SIZE; j++)
3629 printf(", %d-%d", j * PAGE_SIZE, counts[j]);
3636 chroot_visible_mnt(struct mount *mp, struct proc *p)
3638 struct namecache *ncp;
3640 * First check if this file system is below
3644 while (ncp != NULL && ncp != p->p_fd->fd_nrdir)
3645 ncp = ncp->nc_parent;
3648 * This is not below the chroot path.
3650 * Check if the chroot path is on the same filesystem,
3651 * by determing if we have to cross a mount point
3652 * before reaching mp->mnt_ncp.
3654 ncp = p->p_fd->fd_nrdir;
3655 while (ncp != NULL && ncp != mp->mnt_ncp) {
3656 if (ncp->nc_flag & NCF_MOUNTPT) {
3660 ncp = ncp->nc_parent;
3663 return(ncp != NULL);