SecBSD
/
src
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
src/sys/tmpfs/tmpfs_vnops.c

2675 lines
66 KiB
C
Raw Permalink Blame History

/* $OpenBSD: tmpfs_vnops.c,v 1.55 2024/05/13 11:17:41 semarie Exp $ */
/* $NetBSD: tmpfs_vnops.c,v 1.100 2012/11/05 17:27:39 dholland Exp $ */
/*
* Copyright (c) 2005, 2006, 2007, 2012 The NetBSD Foundation, Inc.
* Copyright (c) 2013 Pedro Martelletto
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Julio M. Merino Vidal, developed as part of Google's Summer of Code
* 2005 program, and by Taylor R Campbell.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* tmpfs vnode interface.
*/
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/fcntl.h>
#include <sys/event.h>
#include <sys/namei.h>
#include <sys/stat.h>
#include <sys/uio.h>
#include <sys/unistd.h>
#include <sys/vnode.h>
#include <sys/lockf.h>
#include <sys/file.h>
#include <miscfs/fifofs/fifo.h>
#include <tmpfs/tmpfs_vnops.h>
#include <tmpfs/tmpfs.h>
int tmpfs_kqfilter(void *v);
/*
* vnode operations vector used for files stored in a tmpfs file system.
*/
const struct vops tmpfs_vops = {
.vop_lookup = tmpfs_lookup,
.vop_create = tmpfs_create,
.vop_mknod = tmpfs_mknod,
.vop_open = tmpfs_open,
.vop_close = tmpfs_close,
.vop_access = tmpfs_access,
.vop_getattr = tmpfs_getattr,
.vop_setattr = tmpfs_setattr,
.vop_read = tmpfs_read,
.vop_write = tmpfs_write,
.vop_ioctl = tmpfs_ioctl,
.vop_kqfilter = tmpfs_kqfilter,
.vop_revoke = vop_generic_revoke,
.vop_fsync = tmpfs_fsync,
.vop_remove = tmpfs_remove,
.vop_link = tmpfs_link,
.vop_rename = tmpfs_rename,
.vop_mkdir = tmpfs_mkdir,
.vop_rmdir = tmpfs_rmdir,
.vop_symlink = tmpfs_symlink,
.vop_readdir = tmpfs_readdir,
.vop_readlink = tmpfs_readlink,
.vop_abortop = vop_generic_abortop,
.vop_inactive = tmpfs_inactive,
.vop_reclaim = tmpfs_reclaim,
.vop_lock = tmpfs_lock,
.vop_unlock = tmpfs_unlock,
.vop_bmap = vop_generic_bmap,
.vop_strategy = tmpfs_strategy,
.vop_print = tmpfs_print,
.vop_islocked = tmpfs_islocked,
.vop_pathconf = tmpfs_pathconf,
.vop_advlock = tmpfs_advlock,
.vop_bwrite = tmpfs_bwrite,
};
/*
* tmpfs_lookup: path name traversal routine.
*
* Arguments: dvp (directory being searched), vpp (result),
* cnp (component name - path).
*
* => Caller holds a reference and lock on dvp.
* => We return looked-up vnode (vpp) locked, with a reference held.
*/
int
tmpfs_lookup(void *v)
{
struct vop_lookup_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
} */ *ap = v;
struct vnode *dvp = ap->a_dvp, **vpp = ap->a_vpp;
struct componentname *cnp = ap->a_cnp;
struct ucred *cred = cnp->cn_cred;
const int lastcn = (cnp->cn_flags & ISLASTCN) != 0;
const int lockparent = (cnp->cn_flags & LOCKPARENT) != 0;
tmpfs_node_t *dnode, *tnode;
tmpfs_dirent_t *de;
int cachefound;
int error;
KASSERT(VOP_ISLOCKED(dvp));
dnode = VP_TO_TMPFS_DIR(dvp);
cnp->cn_flags &= ~PDIRUNLOCK;
*vpp = NULL;
/* Check accessibility of directory. */
error = VOP_ACCESS(dvp, VEXEC, cred, curproc);
if (error) {
goto out;
}
/*
* If requesting the last path component on a read-only file system
* with a write operation, deny it.
*/
if (lastcn && (dvp->v_mount->mnt_flag & MNT_RDONLY) != 0 &&
(cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME)) {
error = EROFS;
goto out;
}
/*
* Avoid doing a linear scan of the directory if the requested
* directory/name couple is already in the cache.
*/
cachefound = cache_lookup(dvp, vpp, cnp);
if (cachefound == ENOENT /* && *vpp == NULLVP */)
return ENOENT; /* Negative cache hit. */
else if (cachefound != -1)
return 0; /* Found in cache. */
if (cnp->cn_flags & ISDOTDOT) {
tmpfs_node_t *pnode;
/*
* Lookup of ".." case.
*/
if (lastcn) {
if (cnp->cn_nameiop == RENAME) {
error = EINVAL;
goto out;
}
if (cnp->cn_nameiop == DELETE) {
/* Keep the name for tmpfs_rmdir(). */
cnp->cn_flags |= SAVENAME;
}
}
KASSERT(dnode->tn_type == VDIR);
pnode = dnode->tn_spec.tn_dir.tn_parent;
if (pnode == NULL) {
error = ENOENT;
goto out;
}
/*
* Lock the parent tn_nlock before releasing the vnode lock,
* and thus prevents parent from disappearing.
*/
rw_enter_write(&pnode->tn_nlock);
VOP_UNLOCK(dvp);
/*
* Get a vnode of the '..' entry and re-acquire the lock.
* Release the tn_nlock.
*/
error = tmpfs_vnode_get(dvp->v_mount, pnode, vpp);
vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY);
goto out;
} else if (cnp->cn_namelen == 1 && cnp->cn_nameptr[0] == '.') {
/*
* Lookup of "." case.
*/
if (lastcn && cnp->cn_nameiop == RENAME) {
error = EISDIR;
goto out;
}
vref(dvp);
*vpp = dvp;
error = 0;
goto done;
}
/*
* Other lookup cases: perform directory scan.
*/
de = tmpfs_dir_lookup(dnode, cnp);
if (de == NULL) {
/*
* The entry was not found in the directory. This is valid
* if we are creating or renaming an entry and are working
* on the last component of the path name.
*/
if (lastcn && (cnp->cn_nameiop == CREATE ||
cnp->cn_nameiop == RENAME)) {
error = VOP_ACCESS(dvp, VWRITE, cred, curproc);
if (error) {
goto out;
}
/*
* We are creating an entry in the file system, so
* save its name for further use by tmpfs_create().
*/
cnp->cn_flags |= SAVENAME;
error = EJUSTRETURN;
} else {
error = ENOENT;
}
goto done;
}
tnode = de->td_node;
/*
* If it is not the last path component and found a non-directory
* or non-link entry (which may itself be pointing to a directory),
* raise an error.
*/
if (!lastcn && tnode->tn_type != VDIR && tnode->tn_type != VLNK) {
error = ENOTDIR;
goto out;
}
/* Check the permissions. */
if (lastcn && (cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME)) {
error = VOP_ACCESS(dvp, VWRITE, cred, curproc);
if (error)
goto out;
/*
* If not root and directory is sticky, check for permission
* on directory or on file. This implements append-only
* directories.
*/
if ((dnode->tn_mode & S_ISTXT) != 0) {
if (cred->cr_uid != 0 &&
cred->cr_uid != dnode->tn_uid &&
cred->cr_uid != tnode->tn_uid) {
error = EPERM;
goto out;
}
}
/*
* XXX pedro: We might need cn_nameptr later in tmpfs_remove()
* or tmpfs_rmdir() for a tmpfs_dir_lookup(). We should really
* get rid of SAVENAME at some point.
*/
if (cnp->cn_nameiop == DELETE)
cnp->cn_flags |= SAVENAME;
}
/* Get a vnode for the matching entry. */
rw_enter_write(&tnode->tn_nlock);
error = tmpfs_vnode_get(dvp->v_mount, tnode, vpp);
done:
/*
* Cache the result, unless request was for creation (as it does
* not improve the performance).
*/
if ((cnp->cn_flags & MAKEENTRY) && cnp->cn_nameiop != CREATE) {
cache_enter(dvp, *vpp, cnp);
}
out:
/*
* If (1) we succeeded, (2) found a distinct vnode != .. to return and (3)
* were either explicitly told to keep the parent locked or are in the
* middle of a lookup, unlock the parent vnode.
*/
if ((error == 0 || error == EJUSTRETURN) && /* (1) */
(*vpp != dvp || (cnp->cn_flags & ISDOTDOT)) && /* (2) */
(!lockparent || !lastcn)) { /* (3) */
VOP_UNLOCK(dvp);
cnp->cn_flags |= PDIRUNLOCK;
} else
KASSERT(VOP_ISLOCKED(dvp));
KASSERT((*vpp && VOP_ISLOCKED(*vpp)) || error);
return error;
}
int
tmpfs_create(void *v)
{
struct vop_create_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
struct vattr *a_vap;
} */ *ap = v;
struct vnode *dvp = ap->a_dvp, **vpp = ap->a_vpp;
struct componentname *cnp = ap->a_cnp;
struct vattr *vap = ap->a_vap;
KASSERT(VOP_ISLOCKED(dvp));
KASSERT(cnp->cn_flags & HASBUF);
KASSERT(vap->va_type == VREG || vap->va_type == VSOCK);
return tmpfs_alloc_file(dvp, vpp, vap, cnp, NULL);
}
int
tmpfs_mknod(void *v)
{
struct vop_mknod_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
struct vattr *a_vap;
} */ *ap = v;
struct vnode *dvp = ap->a_dvp, **vpp = ap->a_vpp;
struct componentname *cnp = ap->a_cnp;
struct vattr *vap = ap->a_vap;
enum vtype vt = vap->va_type;
int error;
if (vt != VBLK && vt != VCHR && vt != VFIFO)
return EINVAL;
error = tmpfs_alloc_file(dvp, vpp, vap, cnp, NULL);
if (error == 0)
vput(*vpp);
return error;
}
int
tmpfs_open(void *v)
{
struct vop_open_args /* {
struct vnode *a_vp;
int a_mode;
kauth_cred_t a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
mode_t mode = ap->a_mode;
tmpfs_node_t *node;
KASSERT(VOP_ISLOCKED(vp));
node = VP_TO_TMPFS_NODE(vp);
if (node->tn_links < 1) {
/*
* The file is still active, but all its names have been
* removed (e.g. by a "rmdir $(pwd)"). It cannot be opened
* any more, as it is about to be destroyed.
*/
return ENOENT;
}
/* If the file is marked append-only, deny write requests. */
if ((node->tn_flags & APPEND) != 0 &&
(mode & (FWRITE | O_APPEND)) == FWRITE) {
return EPERM;
}
return 0;
}
int
tmpfs_close(void *v)
{
#ifdef DIAGNOSTIC
struct vop_close_args /* {
struct vnode *a_vp;
int a_fflag;
kauth_cred_t a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
KASSERT(VOP_ISLOCKED(vp));
#endif
return 0;
}
int
tmpfs_access(void *v)
{
struct vop_access_args /* {
struct vnode *a_vp;
int a_mode;
kauth_cred_t a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
mode_t mode = ap->a_mode;
tmpfs_node_t *node = VP_TO_TMPFS_NODE(vp);
const int writing = (mode & VWRITE) != 0;
KASSERT(VOP_ISLOCKED(vp));
/* Possible? */
switch (vp->v_type) {
case VDIR:
case VLNK:
case VREG:
if (writing && (vp->v_mount->mnt_flag & MNT_RDONLY) != 0) {
return EROFS;
}
break;
case VBLK:
case VCHR:
case VSOCK:
case VFIFO:
break;
default:
return EINVAL;
}
if (writing && (node->tn_flags & IMMUTABLE) != 0) {
return EPERM;
}
return (vaccess(vp->v_type, node->tn_mode, node->tn_uid, node->tn_gid,
mode, ap->a_cred));
}
int
tmpfs_getattr(void *v)
{
struct vop_getattr_args /* {
struct vnode *a_vp;
struct vattr *a_vap;
kauth_cred_t a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
struct vattr *vap = ap->a_vap;
tmpfs_node_t *node = VP_TO_TMPFS_NODE(vp);
vattr_null(vap);
vap->va_type = vp->v_type;
vap->va_mode = node->tn_mode;
vap->va_nlink = node->tn_links;
vap->va_uid = node->tn_uid;
vap->va_gid = node->tn_gid;
vap->va_fsid = vp->v_mount->mnt_stat.f_fsid.val[0];
vap->va_fileid = node->tn_id;
vap->va_size = node->tn_size;
vap->va_blocksize = PAGE_SIZE;
vap->va_atime = node->tn_atime;
vap->va_mtime = node->tn_mtime;
vap->va_ctime = node->tn_ctime;
/* vap->va_birthtime = node->tn_birthtime; */
vap->va_gen = TMPFS_NODE_GEN(node);
vap->va_flags = node->tn_flags;
vap->va_rdev = (vp->v_type == VBLK || vp->v_type == VCHR) ?
node->tn_spec.tn_dev.tn_rdev : VNOVAL;
vap->va_bytes = round_page(node->tn_size);
vap->va_filerev = VNOVAL;
vap->va_vaflags = 0;
vap->va_spare = VNOVAL; /* XXX */
return 0;
}
#define GOODTIME(tv) ((tv)->tv_nsec != VNOVAL)
/* XXX Should this operation be atomic? I think it should, but code in
* XXX other places (e.g., ufs) doesn't seem to be... */
int
tmpfs_setattr(void *v)
{
struct vop_setattr_args /* {
struct vnode *a_vp;
struct vattr *a_vap;
kauth_cred_t a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
struct vattr *vap = ap->a_vap;
struct ucred *cred = ap->a_cred;
struct proc *p = curproc;
int error = 0;
KASSERT(VOP_ISLOCKED(vp));
/* Abort if any unsettable attribute is given. */
if (vap->va_type != VNON || vap->va_nlink != VNOVAL ||
vap->va_fsid != VNOVAL || vap->va_fileid != VNOVAL ||
vap->va_blocksize != VNOVAL || GOODTIME(&vap->va_ctime) ||
vap->va_gen != VNOVAL || vap->va_rdev != VNOVAL ||
vap->va_bytes != VNOVAL) {
return EINVAL;
}
if (error == 0 && (vap->va_flags != VNOVAL))
error = tmpfs_chflags(vp, vap->va_flags, cred, p);
if (error == 0 && (vap->va_size != VNOVAL))
error = tmpfs_chsize(vp, vap->va_size, cred, p);
if (error == 0 && (vap->va_uid != VNOVAL || vap->va_gid != VNOVAL))
error = tmpfs_chown(vp, vap->va_uid, vap->va_gid, cred, p);
if (error == 0 && (vap->va_mode != VNOVAL))
error = tmpfs_chmod(vp, vap->va_mode, cred, p);
if (error == 0 && ((vap->va_vaflags & VA_UTIMES_CHANGE)
|| GOODTIME(&vap->va_atime)
|| GOODTIME(&vap->va_mtime)))
error = tmpfs_chtimes(vp, &vap->va_atime, &vap->va_mtime,
vap->va_vaflags, cred, p);
return error;
}
int
tmpfs_read(void *v)
{
struct vop_read_args /* {
struct vnode *a_vp;
struct uio *a_uio;
int a_ioflag;
struct ucred *a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
struct uio *uio = ap->a_uio;
/* const int ioflag = ap->a_ioflag; */
tmpfs_node_t *node;
int error;
KASSERT(VOP_ISLOCKED(vp));
if (vp->v_type != VREG) {
return EISDIR;
}
if (uio->uio_offset < 0) {
return EINVAL;
}
if (uio->uio_resid == 0)
return 0;
node = VP_TO_TMPFS_NODE(vp);
error = 0;
while (error == 0 && uio->uio_resid > 0) {
vsize_t len;
if (node->tn_size <= uio->uio_offset) {
break;
}
len = MIN(node->tn_size - uio->uio_offset, uio->uio_resid);
if (len == 0) {
break;
}
error = tmpfs_uiomove(node, uio, len);
}
if (!(vp->v_mount->mnt_flag & MNT_NOATIME))
tmpfs_update(node, TMPFS_NODE_ACCESSED);
return error;
}
int
tmpfs_write(void *v)
{
struct vop_write_args /* {
struct vnode *a_vp;
struct uio *a_uio;
int a_ioflag;
kauth_cred_t a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
struct uio *uio = ap->a_uio;
const int ioflag = ap->a_ioflag;
tmpfs_node_t *node;
off_t oldsize;
ssize_t overrun;
int extended;
int error;
KASSERT(VOP_ISLOCKED(vp));
node = VP_TO_TMPFS_NODE(vp);
oldsize = node->tn_size;
if (vp->v_type != VREG)
return (EINVAL);
if (uio->uio_resid == 0)
return (0);
if (ioflag & IO_APPEND) {
uio->uio_offset = node->tn_size;
}
if (uio->uio_offset < 0 ||
(u_int64_t)uio->uio_offset + uio->uio_resid > LLONG_MAX)
return (EFBIG);
/* do the filesize rlimit check */
if ((error = vn_fsizechk(vp, uio, ioflag, &overrun)))
return (error);
extended = uio->uio_offset + uio->uio_resid > node->tn_size;
if (extended) {
error = tmpfs_reg_resize(vp, uio->uio_offset + uio->uio_resid);
if (error)
goto out;
}
error = 0;
while (error == 0 && uio->uio_resid > 0) {
vsize_t len;
uvm_vnp_uncache(vp);
len = MIN(node->tn_size - uio->uio_offset, uio->uio_resid);
if (len == 0) {
break;
}
error = tmpfs_uiomove(node, uio, len);
}
if (error) {
(void)tmpfs_reg_resize(vp, oldsize);
}
tmpfs_update(node, TMPFS_NODE_MODIFIED | TMPFS_NODE_CHANGED);
if (extended)
VN_KNOTE(vp, NOTE_WRITE | NOTE_EXTEND);
else
VN_KNOTE(vp, NOTE_WRITE);
out:
if (error) {
KASSERT(oldsize == node->tn_size);
} else {
KASSERT(uio->uio_resid == 0);
/* correct the result for writes clamped by vn_fsizechk() */
uio->uio_resid += overrun;
}
return error;
}
int
tmpfs_fsync(void *v)
{
#ifdef DIAGNOSTIC
struct vop_fsync_args /* {
struct vnode *a_vp;
struct ucred *a_cred;
int a_flags;
off_t a_offlo;
off_t a_offhi;
struct lwp *a_l;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
/* Nothing to do. Just update. */
KASSERT(VOP_ISLOCKED(vp));
#endif
return 0;
}
/*
* tmpfs_remove: unlink a file.
*
* => Both directory (dvp) and file (vp) are locked.
* => We unlock and drop the reference on both.
*/
int
tmpfs_remove(void *v)
{
struct vop_remove_args /* {
struct vnode *a_dvp;
struct vnode *a_vp;
struct componentname *a_cnp;
} */ *ap = v;
struct vnode *dvp = ap->a_dvp, *vp = ap->a_vp;
struct componentname *cnp = ap->a_cnp;
tmpfs_node_t *dnode, *node;
tmpfs_dirent_t *de;
int error;
KASSERT(cnp->cn_flags & HASBUF);
if (vp->v_type == VDIR) {
error = EPERM;
goto out;
}
dnode = VP_TO_TMPFS_NODE(dvp);
node = VP_TO_TMPFS_NODE(vp);
/* Files marked as immutable or append-only cannot be deleted. */
if (node->tn_flags & (IMMUTABLE | APPEND)) {
error = EPERM;
goto out;
}
/*
* Likewise, files residing on directories marked as append-only cannot
* be deleted.
*/
if (dnode->tn_flags & APPEND) {
error = EPERM;
goto out;
}
/* Lookup the directory entry (check the cached hint first). */
de = tmpfs_dir_cached(node);
if (de == NULL) {
de = tmpfs_dir_lookup(dnode, cnp);
}
KASSERT(de && de->td_node == node);
/*
* Remove the entry from the directory (drops the link count) and
* destroy it.
* Note: the inode referred by it will not be destroyed
* until the vnode is reclaimed/recycled.
*/
tmpfs_dir_detach(dnode, de);
tmpfs_free_dirent(VFS_TO_TMPFS(vp->v_mount), de);
if (node->tn_links > 0) {
/* We removed a hard link. */
tmpfs_update(node, TMPFS_NODE_CHANGED);
}
error = 0;
out:
pool_put(&namei_pool, cnp->cn_pnbuf);
return error;
}
/*
* tmpfs_link: create a hard link.
*/
int
tmpfs_link(void *v)
{
struct vop_link_args /* {
struct vnode *a_dvp;
struct vnode *a_vp;
struct componentname *a_cnp;
} */ *ap = v;
struct vnode *dvp = ap->a_dvp;
struct vnode *vp = ap->a_vp;
struct componentname *cnp = ap->a_cnp;
tmpfs_node_t *dnode, *node;
tmpfs_dirent_t *de;
int error;
KASSERT(VOP_ISLOCKED(dvp));
KASSERT(dvp != vp);
dnode = VP_TO_TMPFS_DIR(dvp);
node = VP_TO_TMPFS_NODE(vp);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
/* Check for maximum number of links limit. */
if (node->tn_links == LINK_MAX) {
error = EMLINK;
goto out;
}
KASSERT(node->tn_links < LINK_MAX);
/* We cannot create links of files marked immutable or append-only. */
if (node->tn_flags & (IMMUTABLE | APPEND)) {
error = EPERM;
goto out;
}
if (TMPFS_DIRSEQ_FULL(dnode)) {
error = ENOSPC;
goto out;
}
/* Allocate a new directory entry to represent the inode. */
error = tmpfs_alloc_dirent(VFS_TO_TMPFS(vp->v_mount),
cnp->cn_nameptr, cnp->cn_namelen, &de);
if (error) {
goto out;
}
/*
* Insert the entry into the directory.
* It will increase the inode link count.
*/
tmpfs_dir_attach(dnode, de, node);
/* Update the timestamps and trigger the event. */
if (node->tn_vnode) {
VN_KNOTE(node->tn_vnode, NOTE_LINK);
}
tmpfs_update(node, TMPFS_NODE_CHANGED);
error = 0;
out:
pool_put(&namei_pool, cnp->cn_pnbuf);
VOP_UNLOCK(vp);
vput(dvp);
return error;
}
int
tmpfs_mkdir(void *v)
{
struct vop_mkdir_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
struct vattr *a_vap;
} */ *ap = v;
struct vnode *dvp = ap->a_dvp;
struct vnode **vpp = ap->a_vpp;
struct componentname *cnp = ap->a_cnp;
struct vattr *vap = ap->a_vap;
int error;
KASSERT(vap->va_type == VDIR);
error = tmpfs_alloc_file(dvp, vpp, vap, cnp, NULL);
vput(dvp);
return error;
}
int
tmpfs_rmdir(void *v)
{
struct vop_rmdir_args /* {
struct vnode *a_dvp;
struct vnode *a_vp;
struct componentname *a_cnp;
} */ *ap = v;
struct vnode *dvp = ap->a_dvp;
struct vnode *vp = ap->a_vp;
struct componentname *cnp = ap->a_cnp;
tmpfs_mount_t *tmp = VFS_TO_TMPFS(dvp->v_mount);
tmpfs_node_t *dnode = VP_TO_TMPFS_DIR(dvp);
tmpfs_node_t *node = VP_TO_TMPFS_DIR(vp);
tmpfs_dirent_t *de;
int error = 0;
KASSERT(VOP_ISLOCKED(dvp));
KASSERT(VOP_ISLOCKED(vp));
KASSERT(cnp->cn_flags & HASBUF);
if (cnp->cn_namelen == 2 && cnp->cn_nameptr[0] == '.' &&
cnp->cn_nameptr[1] == '.') {
error = ENOTEMPTY;
goto out;
}
KASSERT(node->tn_spec.tn_dir.tn_parent == dnode);
/*
* Directories with more than two entries ('.' and '..') cannot be
* removed.
*/
if (node->tn_size > 0) {
KASSERT(error == 0);
TAILQ_FOREACH(de, &node->tn_spec.tn_dir.tn_dir, td_entries) {
error = ENOTEMPTY;
break;
}
if (error)
goto out;
}
/* Lookup the directory entry (check the cached hint first). */
de = tmpfs_dir_cached(node);
if (de == NULL)
de = tmpfs_dir_lookup(dnode, cnp);
KASSERT(de && de->td_node == node);
/* Check flags to see if we are allowed to remove the directory. */
if (dnode->tn_flags & APPEND || node->tn_flags & (IMMUTABLE | APPEND)) {
error = EPERM;
goto out;
}
/* Decrement the link count for the virtual '.' entry. */
node->tn_links--;
tmpfs_update(node, TMPFS_NODE_STATUSALL);
/* Detach the directory entry from the directory. */
tmpfs_dir_detach(dnode, de);
/* Purge the cache for parent. */
cache_purge(dvp);
/*
* Destroy the directory entry.
* Note: the inode referred by it will not be destroyed
* until the vnode is reclaimed.
*/
tmpfs_free_dirent(tmp, de);
KASSERT(TAILQ_FIRST(&node->tn_spec.tn_dir.tn_dir) == NULL);
KASSERT(node->tn_links == 0);
out:
pool_put(&namei_pool, cnp->cn_pnbuf);
/* Release the nodes. */
vput(dvp);
vput(vp);
return error;
}
int
tmpfs_symlink(void *v)
{
struct vop_symlink_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
struct vattr *a_vap;
char *a_target;
} */ *ap = v;
struct vnode *dvp = ap->a_dvp;
struct vnode **vpp = ap->a_vpp;
struct componentname *cnp = ap->a_cnp;
struct vattr *vap = ap->a_vap;
char *target = ap->a_target;
int error;
KASSERT(vap->va_type == 0);
vap->va_type = VLNK;
error = tmpfs_alloc_file(dvp, vpp, vap, cnp, target);
vput(dvp);
if (error == 0)
vput(*vpp);
return error;
}
int
tmpfs_readdir(void *v)
{
struct vop_readdir_args /* {
struct vnode *a_vp;
struct uio *a_uio;
kauth_cred_t a_cred;
int *a_eofflag;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
struct uio *uio = ap->a_uio;
int *eofflag = ap->a_eofflag;
tmpfs_node_t *node;
int error;
KASSERT(VOP_ISLOCKED(vp));
/* This operation only makes sense on directory nodes. */
if (vp->v_type != VDIR) {
return ENOTDIR;
}
node = VP_TO_TMPFS_DIR(vp);
/*
* Retrieve the directory entries, unless it is being destroyed.
*/
if (node->tn_links) {
error = tmpfs_dir_getdents(node, uio);
} else {
error = 0;
}
if (eofflag != NULL) {
*eofflag = !error && uio->uio_offset == TMPFS_DIRSEQ_EOF;
}
return error;
}
int
tmpfs_readlink(void *v)
{
struct vop_readlink_args /* {
struct vnode *a_vp;
struct uio *a_uio;
kauth_cred_t a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
struct uio *uio = ap->a_uio;
tmpfs_node_t *node;
int error;
KASSERT(VOP_ISLOCKED(vp));
KASSERT(uio->uio_offset == 0);
KASSERT(vp->v_type == VLNK);
node = VP_TO_TMPFS_NODE(vp);
error = uiomove(node->tn_spec.tn_lnk.tn_link,
MIN((size_t)node->tn_size, uio->uio_resid), uio);
if (!(vp->v_mount->mnt_flag & MNT_NOATIME))
tmpfs_update(node, TMPFS_NODE_ACCESSED);
return error;
}
int
tmpfs_inactive(void *v)
{
struct vop_inactive_args /* {
struct vnode *a_vp;
int *a_recycle;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
tmpfs_node_t *node;
KASSERT(VOP_ISLOCKED(vp));
node = VP_TO_TMPFS_NODE(vp);
if (vp->v_type == VREG && tmpfs_uio_cached(node))
tmpfs_uio_uncache(node);
VOP_UNLOCK(vp);
/*
* If we are done with the node, reclaim it so that it can be reused
* immediately.
*/
if (node->tn_links == 0)
vrecycle(vp, curproc);
return 0;
}
int
tmpfs_reclaim(void *v)
{
struct vop_reclaim_args /* {
struct vnode *a_vp;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
tmpfs_mount_t *tmp = VFS_TO_TMPFS(vp->v_mount);
tmpfs_node_t *node = VP_TO_TMPFS_NODE(vp);
int racing;
/* Disassociate inode from vnode. */
rw_enter_write(&node->tn_nlock);
node->tn_vnode = NULL;
vp->v_data = NULL;
/* Check if tmpfs_vnode_get() is racing with us. */
racing = TMPFS_NODE_RECLAIMING(node);
rw_exit_write(&node->tn_nlock);
cache_purge(vp);
/*
* If inode is not referenced, i.e. no links, then destroy it.
* Note: if racing - inode is about to get a new vnode, leave it.
*/
if (node->tn_links == 0 && !racing) {
tmpfs_free_node(tmp, node);
}
return 0;
}
int
tmpfs_pathconf(void *v)
{
struct vop_pathconf_args /* {
struct vnode *a_vp;
int a_name;
register_t *a_retval;
} */ *ap = v;
const int name = ap->a_name;
register_t *retval = ap->a_retval;
int error = 0;
switch (name) {
case _PC_LINK_MAX:
*retval = LINK_MAX;
break;
case _PC_NAME_MAX:
*retval = TMPFS_MAXNAMLEN;
break;
case _PC_CHOWN_RESTRICTED:
*retval = 1;
break;
case _PC_NO_TRUNC:
*retval = 1;
break;
case _PC_FILESIZEBITS:
*retval = 64;
break;
case _PC_TIMESTAMP_RESOLUTION:
*retval = 1;
break;
default:
error = EINVAL;
}
return error;
}
int
tmpfs_advlock(void *v)
{
struct vop_advlock_args /* {
struct vnode *a_vp;
void * a_id;
int a_op;
struct flock *a_fl;
int a_flags;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
tmpfs_node_t *node = VP_TO_TMPFS_NODE(vp);
return lf_advlock(&node->tn_lockf, node->tn_size, ap->a_id, ap->a_op,
ap->a_fl, ap->a_flags);
}
int
tmpfs_print(void *v)
{
struct vop_print_args /* {
struct vnode *a_vp;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
tmpfs_node_t *node = VP_TO_TMPFS_NODE(vp);
printf("tag VT_TMPFS, tmpfs_node %p, flags 0x%x, links %d\n"
"\tmode 0%o, owner %d, group %d, size %lld",
node, node->tn_flags, node->tn_links, node->tn_mode, node->tn_uid,
node->tn_gid, node->tn_size);
#ifdef FIFO
if (vp->v_type == VFIFO)
fifo_printinfo(vp);
#endif
printf("\n");
return 0;
}
/* a null op */
int
tmpfs_bwrite(void *v)
{
return 0;
}
int
tmpfs_strategy(void *v)
{
return EOPNOTSUPP;
}
int
tmpfs_ioctl(void *v)
{
return ENOTTY;
}
int
tmpfs_lock(void *v)
{
struct vop_lock_args *ap = v;
tmpfs_node_t *tnp = VP_TO_TMPFS_NODE(ap->a_vp);
return rrw_enter(&tnp->tn_vlock, ap->a_flags & LK_RWFLAGS);
}
int
tmpfs_unlock(void *v)
{
struct vop_unlock_args *ap = v;
tmpfs_node_t *tnp = VP_TO_TMPFS_NODE(ap->a_vp);
rrw_exit(&tnp->tn_vlock);
return 0;
}
int
tmpfs_islocked(void *v)
{
struct vop_islocked_args *ap = v;
tmpfs_node_t *tnp = VP_TO_TMPFS_NODE(ap->a_vp);
return rrw_status(&tnp->tn_vlock);
}
/*
* tmpfs_rename: rename routine, the hairiest system call, with the
* insane API.
*
* Arguments: fdvp (from-parent vnode), fvp (from-leaf), tdvp (to-parent)
* and tvp (to-leaf), if exists (NULL if not).
*
* => Caller holds a reference on fdvp and fvp, they are unlocked.
* Note: fdvp and fvp can refer to the same object (i.e. when it is root).
*
* => Both tdvp and tvp are referenced and locked. It is our responsibility
* to release the references and unlock them (or destroy).
*/
/*
* First, some forward declarations of subroutines.
*/
int tmpfs_sane_rename(struct vnode *, struct componentname *,
struct vnode *, struct componentname *, struct ucred *, int);
int tmpfs_rename_enter(struct mount *, struct tmpfs_mount *,
struct ucred *,
struct vnode *, struct tmpfs_node *, struct componentname *,
struct tmpfs_dirent **, struct vnode **,
struct vnode *, struct tmpfs_node *, struct componentname *,
struct tmpfs_dirent **, struct vnode **);
int tmpfs_rename_enter_common(struct mount *, struct tmpfs_mount *,
struct ucred *,
struct vnode *, struct tmpfs_node *,
struct componentname *, struct tmpfs_dirent **, struct vnode **,
struct componentname *, struct tmpfs_dirent **, struct vnode **);
int tmpfs_rename_enter_separate(struct mount *, struct tmpfs_mount *,
struct ucred *,
struct vnode *, struct tmpfs_node *, struct componentname *,
struct tmpfs_dirent **, struct vnode **,
struct vnode *, struct tmpfs_node *, struct componentname *,
struct tmpfs_dirent **, struct vnode **);
void tmpfs_rename_exit(struct tmpfs_mount *,
struct vnode *, struct vnode *, struct vnode *, struct vnode *);
int tmpfs_rename_lock_directory(struct vnode *, struct tmpfs_node *);
int tmpfs_rename_genealogy(struct tmpfs_node *, struct tmpfs_node *,
struct tmpfs_node **);
int tmpfs_rename_lock(struct mount *, struct ucred *, int,
struct vnode *, struct tmpfs_node *, struct componentname *, int,
struct tmpfs_dirent **, struct vnode **,
struct vnode *, struct tmpfs_node *, struct componentname *, int,
struct tmpfs_dirent **, struct vnode **);
void tmpfs_rename_attachdetach(struct tmpfs_mount *,
struct vnode *, struct tmpfs_dirent *, struct vnode *,
struct vnode *, struct tmpfs_dirent *, struct vnode *);
int tmpfs_do_remove(struct tmpfs_mount *, struct vnode *,
struct tmpfs_node *, struct tmpfs_dirent *, struct vnode *, struct ucred *);
int tmpfs_rename_check_possible(struct tmpfs_node *,
struct tmpfs_node *, struct tmpfs_node *, struct tmpfs_node *);
int tmpfs_rename_check_permitted(struct ucred *,
struct tmpfs_node *, struct tmpfs_node *,
struct tmpfs_node *, struct tmpfs_node *);
int tmpfs_remove_check_possible(struct tmpfs_node *,
struct tmpfs_node *);
int tmpfs_remove_check_permitted(struct ucred *,
struct tmpfs_node *, struct tmpfs_node *);
int tmpfs_check_sticky(struct ucred *,
struct tmpfs_node *, struct tmpfs_node *);
void tmpfs_rename_cache_purge(struct vnode *, struct vnode *, struct vnode *,
struct vnode *);
void tmpfs_rename_abort(void *);
int
tmpfs_rename(void *v)
{
struct vop_rename_args /* {
struct vnode *a_fdvp;
struct vnode *a_fvp;
struct componentname *a_fcnp;
struct vnode *a_tdvp;
struct vnode *a_tvp;
struct componentname *a_tcnp;
} */ *ap = v;
struct vnode *fdvp = ap->a_fdvp;
struct vnode *fvp = ap->a_fvp;
struct componentname *fcnp = ap->a_fcnp;
struct vnode *tdvp = ap->a_tdvp;
struct vnode *tvp = ap->a_tvp;
struct componentname *tcnp = ap->a_tcnp;
struct ucred *cred;
int error;
KASSERT(fdvp != NULL);
KASSERT(fvp != NULL);
KASSERT(fcnp != NULL);
KASSERT(fcnp->cn_nameptr != NULL);
KASSERT(tdvp != NULL);
KASSERT(tcnp != NULL);
KASSERT(fcnp->cn_nameptr != NULL);
/* KASSERT(VOP_ISLOCKED(fdvp) != LK_EXCLUSIVE); */
/* KASSERT(VOP_ISLOCKED(fvp) != LK_EXCLUSIVE); */
KASSERT(fdvp->v_type == VDIR);
KASSERT(tdvp->v_type == VDIR);
KASSERT(fcnp->cn_flags & HASBUF);
KASSERT(tcnp->cn_flags & HASBUF);
cred = fcnp->cn_cred;
KASSERT(tcnp->cn_cred == cred);
/*
* Check for cross-device rename.
* Also don't allow renames of mount points.
*/
if (fvp->v_mount != tdvp->v_mount ||
fdvp->v_mount != fvp->v_mount ||
(tvp != NULL && (fvp->v_mount != tvp->v_mount))) {
tmpfs_rename_abort(v);
return EXDEV;
}
/*
* Can't check the locks on these until we know they're on
* the same FS, as not all FS do locking the same way.
*/
KASSERT(VOP_ISLOCKED(tdvp) == LK_EXCLUSIVE);
KASSERT((tvp == NULL) || (VOP_ISLOCKED(tvp) == LK_EXCLUSIVE));
/*
* Reject renaming '.' and '..'.
*/
if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') ||
(fcnp->cn_namelen == 2 && fcnp->cn_nameptr[0] == '.' &&
fcnp->cn_nameptr[1] == '.')) {
tmpfs_rename_abort(v);
return EINVAL;
}
/*
* Sanitize our world from the VFS insanity. Unlock the target
* directory and node, which are locked. Release the children,
* which are referenced. Check for rename("x", "y/."), which
* it is our responsibility to reject, not the caller's. (But
* the caller does reject rename("x/.", "y"). Go figure.)
*/
VOP_UNLOCK(tdvp);
if ((tvp != NULL) && (tvp != tdvp))
VOP_UNLOCK(tvp);
vrele(fvp);
if (tvp != NULL)
vrele(tvp);
if (tvp == tdvp) {
error = EINVAL;
goto out;
}
error = tmpfs_sane_rename(fdvp, fcnp, tdvp, tcnp, cred, 0);
out: /*
* All done, whether with success or failure. Release the
* directory nodes now, as the caller expects from the VFS
* protocol.
*/
vrele(fdvp);
vrele(tdvp);
return error;
}
/*
* tmpfs_sane_rename: rename routine, the hairiest system call, with
* the sane API.
*
* Arguments:
*
* . fdvp (from directory vnode),
* . fcnp (from component name),
* . tdvp (to directory vnode), and
* . tcnp (to component name).
*
* fdvp and tdvp must be referenced and unlocked.
*/
int
tmpfs_sane_rename(struct vnode *fdvp, struct componentname *fcnp,
struct vnode *tdvp, struct componentname *tcnp, struct ucred *cred,
int posixly_correct)
{
struct mount *mount;
struct tmpfs_mount *tmpfs;
struct tmpfs_node *fdnode, *tdnode;
struct tmpfs_dirent *fde, *tde;
struct vnode *fvp, *tvp;
char *newname;
int error;
KASSERT(fdvp != NULL);
KASSERT(fcnp != NULL);
KASSERT(tdvp != NULL);
KASSERT(tcnp != NULL);
/* KASSERT(VOP_ISLOCKED(fdvp) != LK_EXCLUSIVE); */
/* KASSERT(VOP_ISLOCKED(tdvp) != LK_EXCLUSIVE); */
KASSERT(fdvp->v_type == VDIR);
KASSERT(tdvp->v_type == VDIR);
KASSERT(fdvp->v_mount == tdvp->v_mount);
KASSERT((fcnp->cn_flags & ISDOTDOT) == 0);
KASSERT((tcnp->cn_flags & ISDOTDOT) == 0);
KASSERT((fcnp->cn_namelen != 1) || (fcnp->cn_nameptr[0] != '.'));
KASSERT((tcnp->cn_namelen != 1) || (tcnp->cn_nameptr[0] != '.'));
KASSERT((fcnp->cn_namelen != 2) || (fcnp->cn_nameptr[0] != '.') ||
(fcnp->cn_nameptr[1] != '.'));
KASSERT((tcnp->cn_namelen != 2) || (tcnp->cn_nameptr[0] != '.') ||
(tcnp->cn_nameptr[1] != '.'));
/*
* Pull out the tmpfs data structures.
*/
fdnode = VP_TO_TMPFS_NODE(fdvp);
tdnode = VP_TO_TMPFS_NODE(tdvp);
KASSERT(fdnode != NULL);
KASSERT(tdnode != NULL);
KASSERT(fdnode->tn_vnode == fdvp);
KASSERT(tdnode->tn_vnode == tdvp);
KASSERT(fdnode->tn_type == VDIR);
KASSERT(tdnode->tn_type == VDIR);
mount = fdvp->v_mount;
KASSERT(mount != NULL);
KASSERT(mount == tdvp->v_mount);
/* XXX How can we be sure this stays true? (Not that you're
* likely to mount a tmpfs read-only...) */
KASSERT((mount->mnt_flag & MNT_RDONLY) == 0);
tmpfs = VFS_TO_TMPFS(mount);
KASSERT(tmpfs != NULL);
/*
* Decide whether we need a new name, and allocate memory for
* it if so. Do this before locking anything or taking
* destructive actions so that we can back out safely and sleep
* safely. XXX Is sleeping an issue here? Can this just be
* moved into tmpfs_rename_attachdetach?
*/
if (tmpfs_strname_neqlen(fcnp, tcnp)) {
newname = tmpfs_strname_alloc(tmpfs, tcnp->cn_namelen);
if (newname == NULL) {
error = ENOSPC;
goto out_unlocked;
}
} else {
newname = NULL;
}
/*
* Lock and look up everything. GCC is not very clever.
*/
fde = tde = NULL;
fvp = tvp = NULL;
error = tmpfs_rename_enter(mount, tmpfs, cred,
fdvp, fdnode, fcnp, &fde, &fvp,
tdvp, tdnode, tcnp, &tde, &tvp);
if (error)
goto out_unlocked;
/*
* Check that everything is locked and looks right.
*/
KASSERT(fde != NULL);
KASSERT(fvp != NULL);
KASSERT(fde->td_node != NULL);
KASSERT(fde->td_node->tn_vnode == fvp);
KASSERT(fde->td_node->tn_type == fvp->v_type);
KASSERT((tde == NULL) == (tvp == NULL));
KASSERT((tde == NULL) || (tde->td_node != NULL));
KASSERT((tde == NULL) || (tde->td_node->tn_vnode == tvp));
KASSERT((tde == NULL) || (tde->td_node->tn_type == tvp->v_type));
KASSERT(VOP_ISLOCKED(fdvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(tdvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(fvp) == LK_EXCLUSIVE);
KASSERT((tvp == NULL) || (VOP_ISLOCKED(tvp) == LK_EXCLUSIVE));
/*
* If the source and destination are the same object, we need
* only at most delete the source entry.
*/
if (fvp == tvp) {
KASSERT(tvp != NULL);
if (fde->td_node->tn_type == VDIR) {
/* XXX How can this possibly happen? */
error = EINVAL;
goto out_locked;
}
if (!posixly_correct && (fde != tde)) {
/* XXX Doesn't work because of locking.
* error = VOP_REMOVE(fdvp, fvp);
*/
error = tmpfs_do_remove(tmpfs, fdvp, fdnode, fde, fvp,
cred);
if (error)
goto out_locked;
}
goto success;
}
KASSERT(fde != tde);
KASSERT(fvp != tvp);
/*
* If the target exists, refuse to rename a directory over a
* non-directory or vice versa, or to clobber a non-empty
* directory.
*/
if (tvp != NULL) {
KASSERT(tde != NULL);
KASSERT(tde->td_node != NULL);
if (fvp->v_type == VDIR && tvp->v_type == VDIR)
error = ((tde->td_node->tn_size > 0)? ENOTEMPTY : 0);
else if (fvp->v_type == VDIR && tvp->v_type != VDIR)
error = ENOTDIR;
else if (fvp->v_type != VDIR && tvp->v_type == VDIR)
error = EISDIR;
else
error = 0;
if (error)
goto out_locked;
KASSERT((fvp->v_type == VDIR) == (tvp->v_type == VDIR));
}
/*
* Authorize the rename.
*/
error = tmpfs_rename_check_possible(fdnode, fde->td_node,
tdnode, (tde? tde->td_node : NULL));
if (error)
goto out_locked;
error = tmpfs_rename_check_permitted(cred, fdnode, fde->td_node,
tdnode, (tde? tde->td_node : NULL));
if (error)
goto out_locked;
/*
* Everything is hunky-dory. Shuffle the directory entries.
*/
tmpfs_rename_attachdetach(tmpfs, fdvp, fde, fvp, tdvp, tde, tvp);
/*
* Update the directory entry's name necessary, and flag
* metadata updates. A memory allocation failure here is not
* OK because we've already committed some changes that we
* can't back out at this point, and we have things locked so
* we can't sleep, hence the early allocation above.
*/
if (newname != NULL) {
KASSERT(tcnp->cn_namelen <= TMPFS_MAXNAMLEN);
tmpfs_strname_free(tmpfs, fde->td_name, fde->td_namelen);
fde->td_namelen = (uint16_t)tcnp->cn_namelen;
(void)memcpy(newname, tcnp->cn_nameptr, tcnp->cn_namelen);
/* Commit newname and don't free it on the way out. */
fde->td_name = newname;
newname = NULL;
tmpfs_update(fde->td_node, TMPFS_NODE_CHANGED);
tmpfs_update(tdnode, TMPFS_NODE_MODIFIED);
}
success:
VN_KNOTE(fvp, NOTE_RENAME);
tmpfs_rename_cache_purge(fdvp, fvp, tdvp, tvp);
error = 0;
out_locked:
tmpfs_rename_exit(tmpfs, fdvp, fvp, tdvp, tvp);
out_unlocked:
/* KASSERT(VOP_ISLOCKED(fdvp) != LK_EXCLUSIVE); */
/* KASSERT(VOP_ISLOCKED(tdvp) != LK_EXCLUSIVE); */
/* KASSERT((fvp == NULL) || (VOP_ISLOCKED(fvp) != LK_EXCLUSIVE)); */
/* KASSERT((tvp == NULL) || (VOP_ISLOCKED(tvp) != LK_EXCLUSIVE)); */
if (newname != NULL)
tmpfs_strname_free(tmpfs, newname, tcnp->cn_namelen);
return error;
}
/*
* Look up fcnp in fdnode/fdvp and store its directory entry in fde_ret
* and the associated vnode in fvp_ret; fail if not found. Look up
* tcnp in tdnode/tdvp and store its directory entry in tde_ret and the
* associated vnode in tvp_ret; store null instead if not found. Fail
* if anything has been mounted on any of the nodes involved.
*
* fdvp and tdvp must be referenced.
*
* On entry, nothing is locked.
*
* On success, everything is locked, and *fvp_ret, and *tvp_ret if
* nonnull, are referenced. The only pairs of vnodes that may be
* identical are {fdvp, tdvp} and {fvp, tvp}.
*
* On failure, everything remains as was.
*
* Locking everything including the source and target nodes is
* necessary to make sure that, e.g., link count updates are OK. The
* locking order is, in general, ancestor-first, matching the order you
* need to use to look up a descendant anyway.
*/
int
tmpfs_rename_enter(struct mount *mount, struct tmpfs_mount *tmpfs,
struct ucred *cred,
struct vnode *fdvp, struct tmpfs_node *fdnode, struct componentname *fcnp,
struct tmpfs_dirent **fde_ret, struct vnode **fvp_ret,
struct vnode *tdvp, struct tmpfs_node *tdnode, struct componentname *tcnp,
struct tmpfs_dirent **tde_ret, struct vnode **tvp_ret)
{
int error;
KASSERT(mount != NULL);
KASSERT(tmpfs != NULL);
KASSERT(fdvp != NULL);
KASSERT(fdnode != NULL);
KASSERT(fcnp != NULL);
KASSERT(fde_ret != NULL);
KASSERT(fvp_ret != NULL);
KASSERT(tdvp != NULL);
KASSERT(tdnode != NULL);
KASSERT(tcnp != NULL);
KASSERT(tde_ret != NULL);
KASSERT(tvp_ret != NULL);
KASSERT(fdnode->tn_vnode == fdvp);
KASSERT(tdnode->tn_vnode == tdvp);
KASSERT(fdnode->tn_type == VDIR);
KASSERT(tdnode->tn_type == VDIR);
if (fdvp == tdvp) {
KASSERT(fdnode == tdnode);
error = tmpfs_rename_enter_common(mount, tmpfs, cred, fdvp,
fdnode, fcnp, fde_ret, fvp_ret, tcnp, tde_ret, tvp_ret);
} else {
KASSERT(fdnode != tdnode);
error = tmpfs_rename_enter_separate(mount, tmpfs, cred,
fdvp, fdnode, fcnp, fde_ret, fvp_ret,
tdvp, tdnode, tcnp, tde_ret, tvp_ret);
}
if (error)
return error;
KASSERT(*fde_ret != NULL);
KASSERT(*fvp_ret != NULL);
KASSERT((*tde_ret == NULL) == (*tvp_ret == NULL));
KASSERT((*tde_ret == NULL) || ((*tde_ret)->td_node != NULL));
KASSERT((*tde_ret == NULL) ||
((*tde_ret)->td_node->tn_vnode == *tvp_ret));
KASSERT(VOP_ISLOCKED(fdvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(*fvp_ret) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(tdvp) == LK_EXCLUSIVE);
KASSERT((*tvp_ret == NULL) ||
(VOP_ISLOCKED(*tvp_ret) == LK_EXCLUSIVE));
KASSERT(*fvp_ret != fdvp);
KASSERT(*fvp_ret != tdvp);
KASSERT(*tvp_ret != fdvp);
KASSERT(*tvp_ret != tdvp);
return 0;
}
/*
* Lock and look up with a common source/target directory.
*/
int
tmpfs_rename_enter_common(struct mount *mount, struct tmpfs_mount *tmpfs,
struct ucred *cred,
struct vnode *dvp, struct tmpfs_node *dnode,
struct componentname *fcnp,
struct tmpfs_dirent **fde_ret, struct vnode **fvp_ret,
struct componentname *tcnp,
struct tmpfs_dirent **tde_ret, struct vnode **tvp_ret)
{
struct tmpfs_dirent *fde, *tde;
struct vnode *fvp, *tvp;
int error;
error = tmpfs_rename_lock_directory(dvp, dnode);
if (error)
goto fail0;
/* Did we lose a race with mount? */
if (dvp->v_mountedhere != NULL) {
error = EBUSY;
goto fail1;
}
/* Make sure the caller may read the directory. */
error = VOP_ACCESS(dvp, VEXEC, cred, curproc);
if (error)
goto fail1;
/*
* The order in which we lock the source and target nodes is
* irrelevant because there can only be one rename on this
* directory in flight at a time, and we have it locked.
*/
fde = tmpfs_dir_lookup(dnode, fcnp);
if (fde == NULL) {
error = ENOENT;
goto fail1;
}
KASSERT(fde->td_node != NULL);
/* We ruled out `.' earlier. */
KASSERT(fde->td_node != dnode);
/* We ruled out `..' earlier. */
KASSERT(fde->td_node != dnode->tn_spec.tn_dir.tn_parent);
rw_enter_write(&fde->td_node->tn_nlock);
error = tmpfs_vnode_get(mount, fde->td_node, &fvp);
if (error)
goto fail1;
KASSERT(fvp != NULL);
KASSERT(VOP_ISLOCKED(fvp) == LK_EXCLUSIVE);
KASSERT(fvp != dvp);
KASSERT(fvp->v_mount == mount);
/* Refuse to rename a mount point. */
if ((fvp->v_type == VDIR) && (fvp->v_mountedhere != NULL)) {
error = EBUSY;
goto fail2;
}
tde = tmpfs_dir_lookup(dnode, tcnp);
if (tde == NULL) {
tvp = NULL;
} else {
KASSERT(tde->td_node != NULL);
/* We ruled out `.' earlier. */
KASSERT(tde->td_node != dnode);
/* We ruled out `..' earlier. */
KASSERT(tde->td_node != dnode->tn_spec.tn_dir.tn_parent);
if (tde->td_node != fde->td_node) {
rw_enter_write(&tde->td_node->tn_nlock);
error = tmpfs_vnode_get(mount, tde->td_node, &tvp);
if (error)
goto fail2;
KASSERT(tvp->v_mount == mount);
/* Refuse to rename over a mount point. */
if ((tvp->v_type == VDIR) &&
(tvp->v_mountedhere != NULL)) {
error = EBUSY;
goto fail3;
}
} else {
tvp = fvp;
vref(tvp);
}
KASSERT(tvp != NULL);
KASSERT(VOP_ISLOCKED(tvp) == LK_EXCLUSIVE);
}
KASSERT(tvp != dvp);
*fde_ret = fde;
*fvp_ret = fvp;
*tde_ret = tde;
*tvp_ret = tvp;
return 0;
fail3: if (tvp != NULL) {
if (tvp != fvp)
vput(tvp);
else
vrele(tvp);
}
fail2: vput(fvp);
fail1: VOP_UNLOCK(dvp);
fail0: return error;
}
/*
* Lock and look up with separate source and target directories.
*/
int
tmpfs_rename_enter_separate(struct mount *mount, struct tmpfs_mount *tmpfs,
struct ucred *cred,
struct vnode *fdvp, struct tmpfs_node *fdnode, struct componentname *fcnp,
struct tmpfs_dirent **fde_ret, struct vnode **fvp_ret,
struct vnode *tdvp, struct tmpfs_node *tdnode, struct componentname *tcnp,
struct tmpfs_dirent **tde_ret, struct vnode **tvp_ret)
{
struct tmpfs_node *intermediate_node;
struct tmpfs_dirent *fde, *tde;
struct vnode *fvp, *tvp;
int error;
KASSERT(fdvp != tdvp);
KASSERT(fdnode != tdnode);
#if 0 /* XXX */
mutex_enter(&tmpfs->tm_rename_lock);
#endif
error = tmpfs_rename_genealogy(fdnode, tdnode, &intermediate_node);
if (error)
goto fail;
/*
* intermediate_node == NULL means fdnode is not an ancestor of
* tdnode.
*/
if (intermediate_node == NULL)
error = tmpfs_rename_lock(mount, cred, ENOTEMPTY,
tdvp, tdnode, tcnp, 1, &tde, &tvp,
fdvp, fdnode, fcnp, 0, &fde, &fvp);
else
error = tmpfs_rename_lock(mount, cred, EINVAL,
fdvp, fdnode, fcnp, 0, &fde, &fvp,
tdvp, tdnode, tcnp, 1, &tde, &tvp);
if (error)
goto fail;
KASSERT(fde != NULL);
KASSERT(fde->td_node != NULL);
/*
* Reject rename("foo/bar", "foo/bar/baz/quux/zot").
*/
if (fde->td_node == intermediate_node) {
tmpfs_rename_exit(tmpfs, fdvp, fvp, tdvp, tvp);
return EINVAL;
}
*fde_ret = fde;
*fvp_ret = fvp;
*tde_ret = tde;
*tvp_ret = tvp;
return 0;
fail:
#if 0 /* XXX */
mutex_exit(&tmpfs->tm_rename_lock);
#endif
return error;
}
/*
* Unlock everything we locked for rename.
*
* fdvp and tdvp must be referenced.
*
* On entry, everything is locked, and fvp and tvp referenced.
*
* On exit, everything is unlocked, and fvp and tvp are released.
*/
void
tmpfs_rename_exit(struct tmpfs_mount *tmpfs,
struct vnode *fdvp, struct vnode *fvp,
struct vnode *tdvp, struct vnode *tvp)
{
KASSERT(tmpfs != NULL);
KASSERT(fdvp != NULL);
KASSERT(fvp != NULL);
KASSERT(fdvp != fvp);
KASSERT(fdvp != tvp);
KASSERT(tdvp != tvp);
KASSERT(tdvp != fvp);
KASSERT(VOP_ISLOCKED(fdvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(tdvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(fvp) == LK_EXCLUSIVE);
KASSERT((tvp == NULL) || (VOP_ISLOCKED(tvp) == LK_EXCLUSIVE));
if (tvp != NULL) {
if (tvp != fvp)
vput(tvp);
else
vrele(tvp);
}
VOP_UNLOCK(tdvp);
vput(fvp);
if (fdvp != tdvp)
VOP_UNLOCK(fdvp);
#if 0 /* XXX */
if (fdvp != tdvp)
mutex_exit(&tmpfs->tm_rename_lock);
#endif
}
/*
* Lock a directory, but fail if it has been rmdir'd.
*
* vp must be referenced.
*/
int
tmpfs_rename_lock_directory(struct vnode *vp, struct tmpfs_node *node)
{
KASSERT(vp != NULL);
KASSERT(node != NULL);
KASSERT(node->tn_vnode == vp);
KASSERT(node->tn_type == VDIR);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
if (node->tn_spec.tn_dir.tn_parent == NULL) {
VOP_UNLOCK(vp);
return ENOENT;
}
return 0;
}
/*
* Analyze the genealogy of the source and target nodes.
*
* On success, stores in *intermediate_node_ret either the child of
* fdnode of which tdnode is a descendant, or null if tdnode is not a
* descendant of fdnode at all.
*
* fdnode and tdnode must be unlocked and referenced. The file
* system's rename lock must also be held, to exclude concurrent
* changes to the file system's genealogy other than rmdir.
*
* XXX This causes an extra lock/unlock of tdnode in the case when
* we're just about to lock it again before locking anything else.
* However, changing that requires reorganizing the code to make it
* even more horrifically obscure.
*/
int
tmpfs_rename_genealogy(struct tmpfs_node *fdnode, struct tmpfs_node *tdnode,
struct tmpfs_node **intermediate_node_ret)
{
struct tmpfs_node *node = tdnode, *parent;
int error;
KASSERT(fdnode != NULL);
KASSERT(tdnode != NULL);
KASSERT(fdnode != tdnode);
KASSERT(intermediate_node_ret != NULL);
KASSERT(fdnode->tn_vnode != NULL);
KASSERT(tdnode->tn_vnode != NULL);
KASSERT(fdnode->tn_type == VDIR);
KASSERT(tdnode->tn_type == VDIR);
/*
* We need to provisionally lock tdnode->tn_vnode to keep rmdir
* from deleting it -- or any ancestor -- at an inopportune
* moment.
*/
error = tmpfs_rename_lock_directory(tdnode->tn_vnode, tdnode);
if (error)
return error;
for (;;) {
parent = node->tn_spec.tn_dir.tn_parent;
KASSERT(parent != NULL);
KASSERT(parent->tn_type == VDIR);
/* Did we hit the root without finding fdnode? */
if (parent == node) {
*intermediate_node_ret = NULL;
break;
}
/* Did we find that fdnode is an ancestor? */
if (parent == fdnode) {
*intermediate_node_ret = node;
break;
}
/* Neither -- keep ascending the family tree. */
node = parent;
}
VOP_UNLOCK(tdnode->tn_vnode);
return 0;
}
/*
* Lock directories a and b, which must be distinct, and look up and
* lock nodes a and b. Do a first and then b. Directory b may not be
* an ancestor of directory a, although directory a may be an ancestor
* of directory b. Fail with overlap_error if node a is directory b.
* Neither componentname may be `.' or `..'.
*
* a_dvp and b_dvp must be referenced.
*
* On entry, a_dvp and b_dvp are unlocked.
*
* On success,
* . a_dvp and b_dvp are locked,
* . *a_dirent_ret is filled with a directory entry whose node is
* locked and referenced,
* . *b_vp_ret is filled with the corresponding vnode,
* . *b_dirent_ret is filled either with null or with a directory entry
* whose node is locked and referenced,
* . *b_vp is filled either with null or with the corresponding vnode,
* and
* . the only pair of vnodes that may be identical is a_vp and b_vp.
*
* On failure, a_dvp and b_dvp are left unlocked, and *a_dirent_ret,
* *a_vp, *b_dirent_ret, and *b_vp are left alone.
*/
int
tmpfs_rename_lock(struct mount *mount, struct ucred *cred, int overlap_error,
struct vnode *a_dvp, struct tmpfs_node *a_dnode,
struct componentname *a_cnp, int a_missing_ok,
struct tmpfs_dirent **a_dirent_ret, struct vnode **a_vp_ret,
struct vnode *b_dvp, struct tmpfs_node *b_dnode,
struct componentname *b_cnp, int b_missing_ok,
struct tmpfs_dirent **b_dirent_ret, struct vnode **b_vp_ret)
{
struct tmpfs_dirent *a_dirent, *b_dirent;
struct vnode *a_vp, *b_vp;
int error;
KASSERT(a_dvp != NULL);
KASSERT(a_dnode != NULL);
KASSERT(a_cnp != NULL);
KASSERT(a_dirent_ret != NULL);
KASSERT(a_vp_ret != NULL);
KASSERT(b_dvp != NULL);
KASSERT(b_dnode != NULL);
KASSERT(b_cnp != NULL);
KASSERT(b_dirent_ret != NULL);
KASSERT(b_vp_ret != NULL);
KASSERT(a_dvp != b_dvp);
KASSERT(a_dnode != b_dnode);
KASSERT(a_dnode->tn_vnode == a_dvp);
KASSERT(b_dnode->tn_vnode == b_dvp);
KASSERT(a_dnode->tn_type == VDIR);
KASSERT(b_dnode->tn_type == VDIR);
KASSERT(a_missing_ok != b_missing_ok);
error = tmpfs_rename_lock_directory(a_dvp, a_dnode);
if (error)
goto fail0;
/* Did we lose a race with mount? */
if (a_dvp->v_mountedhere != NULL) {
error = EBUSY;
goto fail1;
}
/* Make sure the caller may read the directory. */
error = VOP_ACCESS(a_dvp, VEXEC, cred, curproc);
if (error)
goto fail1;
a_dirent = tmpfs_dir_lookup(a_dnode, a_cnp);
if (a_dirent != NULL) {
KASSERT(a_dirent->td_node != NULL);
/* We ruled out `.' earlier. */
KASSERT(a_dirent->td_node != a_dnode);
/* We ruled out `..' earlier. */
KASSERT(a_dirent->td_node !=
a_dnode->tn_spec.tn_dir.tn_parent);
if (a_dirent->td_node == b_dnode) {
error = overlap_error;
goto fail1;
}
rw_enter_write(&a_dirent->td_node->tn_nlock);
error = tmpfs_vnode_get(mount, a_dirent->td_node, &a_vp);
if (error)
goto fail1;
KASSERT(a_vp->v_mount == mount);
/* Refuse to rename (over) a mount point. */
if ((a_vp->v_type == VDIR) && (a_vp->v_mountedhere != NULL)) {
error = EBUSY;
goto fail2;
}
} else if (!a_missing_ok) {
error = ENOENT;
goto fail1;
} else {
a_vp = NULL;
}
KASSERT(a_vp != a_dvp);
KASSERT(a_vp != b_dvp);
error = tmpfs_rename_lock_directory(b_dvp, b_dnode);
if (error)
goto fail2;
/* Did we lose a race with mount? */
if (b_dvp->v_mountedhere != NULL) {
error = EBUSY;
goto fail3;
}
/* Make sure the caller may read the directory. */
error = VOP_ACCESS(b_dvp, VEXEC, cred, curproc);
if (error)
goto fail3;
b_dirent = tmpfs_dir_lookup(b_dnode, b_cnp);
if (b_dirent != NULL) {
KASSERT(b_dirent->td_node != NULL);
/* We ruled out `.' earlier. */
KASSERT(b_dirent->td_node != b_dnode);
/* We ruled out `..' earlier. */
KASSERT(b_dirent->td_node !=
b_dnode->tn_spec.tn_dir.tn_parent);
/* b is not an ancestor of a. */
KASSERT(b_dirent->td_node != a_dnode);
/* But the source and target nodes might be the same. */
if ((a_dirent == NULL) ||
(a_dirent->td_node != b_dirent->td_node)) {
rw_enter_write(&b_dirent->td_node->tn_nlock);
error = tmpfs_vnode_get(mount, b_dirent->td_node,
&b_vp);
if (error)
goto fail3;
KASSERT(b_vp->v_mount == mount);
KASSERT(a_vp != b_vp);
/* Refuse to rename (over) a mount point. */
if ((b_vp->v_type == VDIR) &&
(b_vp->v_mountedhere != NULL)) {
error = EBUSY;
goto fail4;
}
} else {
b_vp = a_vp;
vref(b_vp);
}
} else if (!b_missing_ok) {
error = ENOENT;
goto fail3;
} else {
b_vp = NULL;
}
KASSERT(b_vp != a_dvp);
KASSERT(b_vp != b_dvp);
KASSERT(VOP_ISLOCKED(a_dvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(b_dvp) == LK_EXCLUSIVE);
KASSERT(a_missing_ok || (a_dirent != NULL));
KASSERT(a_missing_ok || (a_dirent->td_node != NULL));
KASSERT(b_missing_ok || (b_dirent != NULL));
KASSERT(b_missing_ok || (b_dirent->td_node != NULL));
KASSERT((a_dirent == NULL) || (a_dirent->td_node != NULL));
KASSERT((a_dirent == NULL) || (a_dirent->td_node->tn_vnode == a_vp));
KASSERT((b_dirent == NULL) || (b_dirent->td_node != NULL));
KASSERT((b_dirent == NULL) || (b_dirent->td_node->tn_vnode == b_vp));
KASSERT((a_vp == NULL) || (VOP_ISLOCKED(a_vp) == LK_EXCLUSIVE));
KASSERT((b_vp == NULL) || (VOP_ISLOCKED(b_vp) == LK_EXCLUSIVE));
*a_dirent_ret = a_dirent;
*b_dirent_ret = b_dirent;
*a_vp_ret = a_vp;
*b_vp_ret = b_vp;
return 0;
fail4: if (b_vp != NULL) {
KASSERT(VOP_ISLOCKED(b_vp) == LK_EXCLUSIVE);
if (b_vp != a_vp)
vput(b_vp);
else
vrele(a_vp);
}
fail3: KASSERT(VOP_ISLOCKED(b_dvp) == LK_EXCLUSIVE);
VOP_UNLOCK(b_dvp);
fail2: if (a_vp != NULL) {
KASSERT(VOP_ISLOCKED(a_vp) == LK_EXCLUSIVE);
vput(a_vp);
}
fail1: KASSERT(VOP_ISLOCKED(a_dvp) == LK_EXCLUSIVE);
VOP_UNLOCK(a_dvp);
fail0: /* KASSERT(VOP_ISLOCKED(a_dvp) != LK_EXCLUSIVE); */
/* KASSERT(VOP_ISLOCKED(b_dvp) != LK_EXCLUSIVE); */
/* KASSERT((a_vp == NULL) || (VOP_ISLOCKED(a_vp) != LK_EXCLUSIVE)); */
/* KASSERT((b_vp == NULL) || (VOP_ISLOCKED(b_vp) != LK_EXCLUSIVE)); */
return error;
}
/*
* Shuffle the directory entries to move fvp from the directory fdvp
* into the directory tdvp. fde is fvp's directory entry in fdvp. If
* we are overwriting a target node, it is tvp, and tde is its
* directory entry in tdvp.
*
* fdvp, fvp, tdvp, and tvp must all be locked and referenced.
*/
void
tmpfs_rename_attachdetach(struct tmpfs_mount *tmpfs,
struct vnode *fdvp, struct tmpfs_dirent *fde, struct vnode *fvp,
struct vnode *tdvp, struct tmpfs_dirent *tde, struct vnode *tvp)
{
KASSERT(tmpfs != NULL);
KASSERT(fdvp != NULL);
KASSERT(fde != NULL);
KASSERT(fvp != NULL);
KASSERT(tdvp != NULL);
KASSERT(fde->td_node != NULL);
KASSERT(fde->td_node->tn_vnode == fvp);
KASSERT((tde == NULL) == (tvp == NULL));
KASSERT((tde == NULL) || (tde->td_node != NULL));
KASSERT((tde == NULL) || (tde->td_node->tn_vnode == tvp));
KASSERT(VOP_ISLOCKED(fdvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(tdvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(fvp) == LK_EXCLUSIVE);
KASSERT((tvp == NULL) || (VOP_ISLOCKED(tvp) == LK_EXCLUSIVE));
/*
* If we are moving from one directory to another, detach the
* source entry and reattach it to the target directory.
*/
if (fdvp != tdvp) {
/* tmpfs_dir_detach clobbers fde->td_node, so save it. */
struct tmpfs_node *fnode = fde->td_node;
tmpfs_node_t *fdnode = VP_TO_TMPFS_DIR(fdvp);
tmpfs_node_t *tdnode = VP_TO_TMPFS_DIR(tdvp);
tmpfs_dir_detach(fdnode, fde);
tmpfs_dir_attach(tdnode, fde, fnode);
} else if (tvp == NULL) {
/*
* We are changing the directory. tmpfs_dir_attach and
* tmpfs_dir_detach note the events for us, but for
* this case we don't call them, so we must note the
* event explicitly.
*/
VN_KNOTE(fdvp, NOTE_WRITE);
}
/*
* If we are replacing an existing target entry, delete it.
*/
if (tde != NULL) {
tmpfs_node_t *tdnode = VP_TO_TMPFS_DIR(tdvp);
KASSERT(tvp != NULL);
KASSERT(tde->td_node != NULL);
KASSERT((fvp->v_type == VDIR) == (tvp->v_type == VDIR));
if (tde->td_node->tn_type == VDIR) {
KASSERT(tde->td_node->tn_size == 0);
KASSERT(tde->td_node->tn_links == 2);
/* Decrement the extra link count for `.' so
* the vnode will be recycled when released. */
tde->td_node->tn_links--;
}
tmpfs_dir_detach(tdnode, tde);
tmpfs_free_dirent(tmpfs, tde);
}
}
/*
* Remove the entry de for the non-directory vp from the directory dvp.
*
* Everything must be locked and referenced.
*/
int
tmpfs_do_remove(struct tmpfs_mount *tmpfs, struct vnode *dvp,
struct tmpfs_node *dnode, struct tmpfs_dirent *de, struct vnode *vp,
struct ucred *cred)
{
int error;
KASSERT(tmpfs != NULL);
KASSERT(dvp != NULL);
KASSERT(dnode != NULL);
KASSERT(de != NULL);
KASSERT(vp != NULL);
KASSERT(dnode->tn_vnode == dvp);
KASSERT(de->td_node != NULL);
KASSERT(de->td_node->tn_vnode == vp);
KASSERT(VOP_ISLOCKED(dvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE);
error = tmpfs_remove_check_possible(dnode, de->td_node);
if (error)
return error;
error = tmpfs_remove_check_permitted(cred, dnode, de->td_node);
if (error)
return error;
/*
* If not root and directory is sticky, check for permission on
* directory or on file. This implements append-only directories.
*/
if ((dnode->tn_mode & S_ISTXT) != 0)
if (cred->cr_uid != 0 && cred->cr_uid != dnode->tn_uid &&
cred->cr_uid != de->td_node->tn_uid)
return EPERM;
tmpfs_dir_detach(dnode, de);
tmpfs_free_dirent(tmpfs, de);
return 0;
}
/*
* Check whether a rename is possible independent of credentials.
*
* Everything must be locked and referenced.
*/
int
tmpfs_rename_check_possible(
struct tmpfs_node *fdnode, struct tmpfs_node *fnode,
struct tmpfs_node *tdnode, struct tmpfs_node *tnode)
{
KASSERT(fdnode != NULL);
KASSERT(fnode != NULL);
KASSERT(tdnode != NULL);
KASSERT(fdnode != fnode);
KASSERT(tdnode != tnode);
KASSERT(fnode != tnode);
KASSERT(fdnode->tn_vnode != NULL);
KASSERT(fnode->tn_vnode != NULL);
KASSERT(tdnode->tn_vnode != NULL);
KASSERT((tnode == NULL) || (tnode->tn_vnode != NULL));
KASSERT(VOP_ISLOCKED(fdnode->tn_vnode) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(fnode->tn_vnode) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(tdnode->tn_vnode) == LK_EXCLUSIVE);
KASSERT((tnode == NULL) ||
(VOP_ISLOCKED(tnode->tn_vnode) == LK_EXCLUSIVE));
/*
* If fdnode is immutable, we can't write to it. If fdnode is
* append-only, the only change we can make is to add entries
* to it. If fnode is immutable, we can't change the links to
* it. If fnode is append-only...well, this is what UFS does.
*/
if ((fdnode->tn_flags | fnode->tn_flags) & (IMMUTABLE | APPEND))
return EPERM;
/*
* If tdnode is immutable, we can't write to it. If tdnode is
* append-only, we can add entries, but we can't change
* existing entries.
*/
if (tdnode->tn_flags & (IMMUTABLE | (tnode? APPEND : 0)))
return EPERM;
/*
* If tnode is immutable, we can't replace links to it. If
* tnode is append-only...well, this is what UFS does.
*/
if (tnode != NULL) {
KASSERT(tnode != NULL);
if ((tnode->tn_flags & (IMMUTABLE | APPEND)) != 0)
return EPERM;
}
return 0;
}
/*
* Check whether a rename is permitted given our credentials.
*
* Everything must be locked and referenced.
*/
int
tmpfs_rename_check_permitted(struct ucred *cred,
struct tmpfs_node *fdnode, struct tmpfs_node *fnode,
struct tmpfs_node *tdnode, struct tmpfs_node *tnode)
{
int error;
KASSERT(fdnode != NULL);
KASSERT(fnode != NULL);
KASSERT(tdnode != NULL);
KASSERT(fdnode != fnode);
KASSERT(tdnode != tnode);
KASSERT(fnode != tnode);
KASSERT(fdnode->tn_vnode != NULL);
KASSERT(fnode->tn_vnode != NULL);
KASSERT(tdnode->tn_vnode != NULL);
KASSERT((tnode == NULL) || (tnode->tn_vnode != NULL));
KASSERT(VOP_ISLOCKED(fdnode->tn_vnode) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(fnode->tn_vnode) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(tdnode->tn_vnode) == LK_EXCLUSIVE);
KASSERT((tnode == NULL) ||
(VOP_ISLOCKED(tnode->tn_vnode) == LK_EXCLUSIVE));
/*
* We need to remove or change an entry in the source directory.
*/
error = VOP_ACCESS(fdnode->tn_vnode, VWRITE, cred, curproc);
if (error)
return error;
/*
* If we are changing directories, then we need to write to the
* target directory to add or change an entry. Also, if fnode
* is a directory, we need to write to it to change its `..'
* entry.
*/
if (fdnode != tdnode) {
error = VOP_ACCESS(tdnode->tn_vnode, VWRITE, cred, curproc);
if (error)
return error;
if (fnode->tn_type == VDIR) {
error = VOP_ACCESS(fnode->tn_vnode, VWRITE, cred,
curproc);
if (error)
return error;
}
}
error = tmpfs_check_sticky(cred, fdnode, fnode);
if (error)
return error;
if (TMPFS_DIRSEQ_FULL(tdnode))
return (ENOSPC);
error = tmpfs_check_sticky(cred, tdnode, tnode);
if (error)
return error;
return 0;
}
/*
* Check whether removing node's entry in dnode is possible independent
* of credentials.
*
* Everything must be locked and referenced.
*/
int
tmpfs_remove_check_possible(struct tmpfs_node *dnode, struct tmpfs_node *node)
{
KASSERT(dnode != NULL);
KASSERT(dnode->tn_vnode != NULL);
KASSERT(node != NULL);
KASSERT(dnode != node);
KASSERT(VOP_ISLOCKED(dnode->tn_vnode) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(node->tn_vnode) == LK_EXCLUSIVE);
/*
* We want to delete the entry. If dnode is immutable, we
* can't write to it to delete the entry. If dnode is
* append-only, the only change we can make is to add entries,
* so we can't delete entries. If node is immutable, we can't
* change the links to it, so we can't delete the entry. If
* node is append-only...well, this is what UFS does.
*/
if ((dnode->tn_flags | node->tn_flags) & (IMMUTABLE | APPEND))
return EPERM;
return 0;
}
/*
* Check whether removing node's entry in dnode is permitted given our
* credentials.
*
* Everything must be locked and referenced.
*/
int
tmpfs_remove_check_permitted(struct ucred *cred,
struct tmpfs_node *dnode, struct tmpfs_node *node)
{
int error;
KASSERT(dnode != NULL);
KASSERT(dnode->tn_vnode != NULL);
KASSERT(node != NULL);
KASSERT(dnode != node);
KASSERT(VOP_ISLOCKED(dnode->tn_vnode) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(node->tn_vnode) == LK_EXCLUSIVE);
/*
* Check whether we are permitted to write to the source
* directory in order to delete an entry from it.
*/
error = VOP_ACCESS(dnode->tn_vnode, VWRITE, cred, curproc);
if (error)
return error;
error = tmpfs_check_sticky(cred, dnode, node);
if (error)
return error;
return 0;
}
/*
* Check whether we may change an entry in a sticky directory. If the
* directory is sticky, the user must own either the directory or, if
* it exists, the node, in order to change the entry.
*
* Everything must be locked and referenced.
*/
int
tmpfs_check_sticky(struct ucred *cred,
struct tmpfs_node *dnode, struct tmpfs_node *node)
{
KASSERT(dnode != NULL);
KASSERT(dnode->tn_vnode != NULL);
KASSERT(VOP_ISLOCKED(dnode->tn_vnode) == LK_EXCLUSIVE);
KASSERT((node == NULL) || (node->tn_vnode != NULL));
KASSERT((node == NULL) ||
(VOP_ISLOCKED(dnode->tn_vnode) == LK_EXCLUSIVE));
if (node == NULL)
return 0;
if (dnode->tn_mode & S_ISTXT) {
if (cred->cr_uid != 0 &&
cred->cr_uid != dnode->tn_uid &&
cred->cr_uid != node->tn_uid)
return EPERM;
}
return 0;
}
void
tmpfs_rename_cache_purge(struct vnode *fdvp, struct vnode *fvp,
struct vnode *tdvp, struct vnode *tvp)
{
KASSERT(fdvp != NULL);
KASSERT(fvp != NULL);
KASSERT(tdvp != NULL);
KASSERT(fdvp != fvp);
KASSERT(fdvp != tvp);
KASSERT(tdvp != fvp);
KASSERT(tdvp != tvp);
KASSERT(fvp != tvp);
KASSERT(fdvp->v_type == VDIR);
KASSERT(tdvp->v_type == VDIR);
/*
* XXX What actually needs to be purged?
*/
cache_purge(fdvp);
if (fvp->v_type == VDIR)
cache_purge(fvp);
if (tdvp != fdvp)
cache_purge(tdvp);
if ((tvp != NULL) && (tvp->v_type == VDIR))
cache_purge(tvp);
}
void
tmpfs_rename_abort(void *v)
{
struct vop_rename_args *ap = v;
struct vnode *fdvp = ap->a_fdvp;
struct vnode *fvp = ap->a_fvp;
struct componentname *fcnp = ap->a_fcnp;
struct vnode *tdvp = ap->a_tdvp;
struct vnode *tvp = ap->a_tvp;
struct componentname *tcnp = ap->a_tcnp;
VOP_ABORTOP(tdvp, tcnp);
if (tdvp == tvp)
vrele(tdvp);
else
vput(tdvp);
if (tvp != NULL)
vput(tvp);
VOP_ABORTOP(fdvp, fcnp);
vrele(fdvp);
vrele(fvp);
}
void filt_tmpfsdetach(struct knote *kn);
int filt_tmpfsread(struct knote *kn, long hint);
int filt_tmpfswrite(struct knote *kn, long hint);
int filt_tmpfsvnode(struct knote *kn, long hint);
const struct filterops tmpfsread_filtops = {
.f_flags = FILTEROP_ISFD,
.f_attach = NULL,
.f_detach = filt_tmpfsdetach,
.f_event = filt_tmpfsread,
};
const struct filterops tmpfswrite_filtops = {
.f_flags = FILTEROP_ISFD,
.f_attach = NULL,
.f_detach = filt_tmpfsdetach,
.f_event = filt_tmpfswrite,
};
const struct filterops tmpfsvnode_filtops = {
.f_flags = FILTEROP_ISFD,
.f_attach = NULL,
.f_detach = filt_tmpfsdetach,
.f_event = filt_tmpfsvnode,
};
int
tmpfs_kqfilter(void *v)
{
struct vop_kqfilter_args *ap = v;
struct vnode *vp = ap->a_vp;
struct knote *kn = ap->a_kn;
switch (kn->kn_filter) {
case EVFILT_READ:
kn->kn_fop = &tmpfsread_filtops;
break;
case EVFILT_WRITE:
kn->kn_fop = &tmpfswrite_filtops;
break;
case EVFILT_VNODE:
kn->kn_fop = &tmpfsvnode_filtops;
break;
default:
return (EINVAL);
}
kn->kn_hook = (caddr_t)vp;
klist_insert_locked(&vp->v_klist, kn);
return (0);
}
void
filt_tmpfsdetach(struct knote *kn)
{
struct vnode *vp = (struct vnode *)kn->kn_hook;
klist_remove_locked(&vp->v_klist, kn);
}
int
filt_tmpfsread(struct knote *kn, long hint)
{
struct vnode *vp = (struct vnode *)kn->kn_hook;
tmpfs_node_t *node = VP_TO_TMPFS_NODE(vp);
/*
* filesystem is gone, so set the EOF flag and schedule
* the knote for deletion.
*/
if (hint == NOTE_REVOKE) {
kn->kn_flags |= (EV_EOF | EV_ONESHOT);
return (1);
}
kn->kn_data = node->tn_size - foffset(kn->kn_fp);
if (kn->kn_data == 0 && kn->kn_sfflags & NOTE_EOF) {
kn->kn_fflags |= NOTE_EOF;
return (1);
}
if (kn->kn_flags & (__EV_POLL | __EV_SELECT))
return (1);
return (kn->kn_data != 0);
}
int
filt_tmpfswrite(struct knote *kn, long hint)
{
/*
* filesystem is gone, so set the EOF flag and schedule
* the knote for deletion.
*/
if (hint == NOTE_REVOKE) {
kn->kn_flags |= (EV_EOF | EV_ONESHOT);
return (1);
}
kn->kn_data = 0;
return (1);
}
int
filt_tmpfsvnode(struct knote *kn, long hint)
{
if (kn->kn_sfflags & hint)
kn->kn_fflags |= hint;
if (hint == NOTE_REVOKE) {
kn->kn_flags |= EV_EOF;
return (1);
}
return (kn->kn_fflags != 0);
}
Reference in New Issue View Git Blame Copy Permalink