static int
check_overwrite(GtkWidget *parent, const char *filename)
{
int r;
char *buf;
if (filename == NULL || naccess(filename, W_OK))
return 0;
buf = g_strdup_printf(_("`%s'\n\nOverwrite existing file?"), CHK_STR(filename));
r = message_box(parent, buf, "Driver", RESPONS_YESNO);
g_free(buf);
return r != IDYES;
}
/*
* Do a generic nlookup. Note that the passed nd is not nlookup_done()'d
* on return, even if an error occurs. If no error occurs or NLC_CREATE
* is flagged and ENOENT is returned, then the returned nl_nch is always
* referenced and locked exclusively.
*
* WARNING: For any general error other than ENOENT w/NLC_CREATE, the
* the resulting nl_nch may or may not be locked and if locked
* might be locked either shared or exclusive.
*
* Intermediate directory elements, including the current directory, require
* execute (search) permission. nlookup does not examine the access
* permissions on the returned element.
*
* If NLC_CREATE is set the last directory must allow node creation,
* and an error code of 0 will be returned for a non-existant
* target (not ENOENT).
*
* If NLC_RENAME_DST is set the last directory mut allow node deletion,
* plus the sticky check is made, and an error code of 0 will be returned
* for a non-existant target (not ENOENT).
*
* If NLC_DELETE is set the last directory mut allow node deletion,
* plus the sticky check is made.
*
* If NLC_REFDVP is set nd->nl_dvp will be set to the directory vnode
* of the returned entry. The vnode will be referenced, but not locked,
* and will be released by nlookup_done() along with everything else.
*
* NOTE: As an optimization we attempt to obtain a shared namecache lock
* on any intermediate elements. On success, the returned element
* is ALWAYS locked exclusively.
*/
int
nlookup(struct nlookupdata *nd)
{
globaldata_t gd = mycpu;
struct nlcomponent nlc;
struct nchandle nch;
struct nchandle par;
struct nchandle nctmp;
struct mount *mp;
struct vnode *hvp; /* hold to prevent recyclement */
int wasdotordotdot;
char *ptr;
char *nptr;
int error;
int len;
int dflags;
int hit = 1;
int saveflag = nd->nl_flags & ~NLC_NCDIR;
boolean_t doretry = FALSE;
boolean_t inretry = FALSE;
nlookup_start:
#ifdef KTRACE
if (KTRPOINT(nd->nl_td, KTR_NAMEI))
ktrnamei(nd->nl_td->td_lwp, nd->nl_path);
#endif
bzero(&nlc, sizeof(nlc));
/*
* Setup for the loop. The current working namecache element is
* always at least referenced. We lock it as required, but always
* return a locked, resolved namecache entry.
*/
nd->nl_loopcnt = 0;
if (nd->nl_dvp) {
vrele(nd->nl_dvp);
nd->nl_dvp = NULL;
}
ptr = nd->nl_path;
/*
* Loop on the path components. At the top of the loop nd->nl_nch
* is ref'd and unlocked and represents our current position.
*/
for (;;) {
/*
* Make sure nl_nch is locked so we can access the vnode, resolution
* state, etc.
*/
if ((nd->nl_flags & NLC_NCPISLOCKED) == 0) {
nd->nl_flags |= NLC_NCPISLOCKED;
cache_lock_maybe_shared(&nd->nl_nch, wantsexcllock(nd, ptr));
}
/*
* Check if the root directory should replace the current
* directory. This is done at the start of a translation
* or after a symbolic link has been found. In other cases
* ptr will never be pointing at a '/'.
*/
if (*ptr == '/') {
do {
++ptr;
} while (*ptr == '/');
cache_unlock(&nd->nl_nch);
cache_get_maybe_shared(&nd->nl_rootnch, &nch,
wantsexcllock(nd, ptr));
if (nd->nl_flags & NLC_NCDIR) {
cache_drop_ncdir(&nd->nl_nch);
nd->nl_flags &= ~NLC_NCDIR;
} else {
cache_drop(&nd->nl_nch);
}
nd->nl_nch = nch; /* remains locked */
/*
* Fast-track termination. There is no parent directory of
* the root in the same mount from the point of view of
* the caller so return EACCES if NLC_REFDVP is specified,
* and EEXIST if NLC_CREATE is also specified.
* e.g. 'rmdir /' or 'mkdir /' are not allowed.
*/
if (*ptr == 0) {
if (nd->nl_flags & NLC_REFDVP)
error = (nd->nl_flags & NLC_CREATE) ? EEXIST : EACCES;
else
error = 0;
break;
}
continue;
}
/*
* Pre-calculate next path component so we can check whether the
* current component directory is the last directory in the path
* or not.
*/
for (nptr = ptr; *nptr && *nptr != '/'; ++nptr)
;
/*
* Check directory search permissions (nd->nl_nch is locked & refd).
* This will load dflags to obtain directory-special permissions to
* be checked along with the last component.
*
* We only need to pass-in &dflags for the second-to-last component.
* Optimize by passing-in NULL for any prior components, which may
* allow the code to bypass the naccess() call.
*/
dflags = 0;
if (*nptr == '/')
error = naccess(&nd->nl_nch, NLC_EXEC, nd->nl_cred, NULL);
else
error = naccess(&nd->nl_nch, NLC_EXEC, nd->nl_cred, &dflags);
if (error) {
if (keeperror(nd, error))
break;
error = 0;
}
/*
* Extract the next (or last) path component. Path components are
* limited to 255 characters.
*/
nlc.nlc_nameptr = ptr;
nlc.nlc_namelen = nptr - ptr;
ptr = nptr;
if (nlc.nlc_namelen >= 256) {
error = ENAMETOOLONG;
break;
}
/*
* Lookup the path component in the cache, creating an unresolved
* entry if necessary. We have to handle "." and ".." as special
* cases.
*
* When handling ".." we have to detect a traversal back through a
* mount point. If we are at the root, ".." just returns the root.
*
* When handling "." or ".." we also have to recalculate dflags
* since our dflags will be for some sub-directory instead of the
* parent dir.
*
* This subsection returns a locked, refd 'nch' unless it errors out,
* and an unlocked but still ref'd nd->nl_nch.
*
* The namecache topology is not allowed to be disconnected, so
* encountering a NULL parent will generate EINVAL. This typically
* occurs when a directory is removed out from under a process.
*
* WARNING! The unlocking of nd->nl_nch is sensitive code.
*/
KKASSERT(nd->nl_flags & NLC_NCPISLOCKED);
if (nlc.nlc_namelen == 1 && nlc.nlc_nameptr[0] == '.') {
cache_unlock(&nd->nl_nch);
nd->nl_flags &= ~NLC_NCPISLOCKED;
cache_get_maybe_shared(&nd->nl_nch, &nch, wantsexcllock(nd, ptr));
wasdotordotdot = 1;
} else if (nlc.nlc_namelen == 2 &&
nlc.nlc_nameptr[0] == '.' && nlc.nlc_nameptr[1] == '.') {
if (nd->nl_nch.mount == nd->nl_rootnch.mount &&
nd->nl_nch.ncp == nd->nl_rootnch.ncp
) {
/*
* ".." at the root returns the root
*/
cache_unlock(&nd->nl_nch);
nd->nl_flags &= ~NLC_NCPISLOCKED;
cache_get_maybe_shared(&nd->nl_nch, &nch,
wantsexcllock(nd, ptr));
} else {
/*
* Locate the parent ncp. If we are at the root of a
* filesystem mount we have to skip to the mounted-on
* point in the underlying filesystem.
*
* Expect the parent to always be good since the
* mountpoint doesn't go away. XXX hack. cache_get()
* requires the ncp to already have a ref as a safety.
*
* However, a process which has been broken out of a chroot
* will wind up with a NULL parent if it tries to '..' above
* the real root, deal with the case. Note that this does
* not protect us from a jail breakout, it just stops a panic
* if the jail-broken process tries to '..' past the real
* root.
*/
nctmp = nd->nl_nch;
while (nctmp.ncp == nctmp.mount->mnt_ncmountpt.ncp) {
nctmp = nctmp.mount->mnt_ncmounton;
if (nctmp.ncp == NULL)
break;
}
if (nctmp.ncp == NULL) {
if (curthread->td_proc) {
kprintf("vfs_nlookup: '..' traverse broke "
"jail: pid %d (%s)\n",
curthread->td_proc->p_pid,
curthread->td_comm);
}
nctmp = nd->nl_rootnch;
} else {
nctmp.ncp = nctmp.ncp->nc_parent;
}
cache_hold(&nctmp);
cache_unlock(&nd->nl_nch);
nd->nl_flags &= ~NLC_NCPISLOCKED;
cache_get_maybe_shared(&nctmp, &nch, wantsexcllock(nd, ptr));
cache_drop(&nctmp); /* NOTE: zero's nctmp */
}
wasdotordotdot = 2;
} else {
/*
* Must unlock nl_nch when traversing down the path. However,
* the child ncp has not yet been found/created and the parent's
* child list might be empty. Thus releasing the lock can
* allow a race whereby the parent ncp's vnode is recycled.
* This case can occur especially when maxvnodes is set very low.
*
* We need the parent's ncp to remain resolved for all normal
* filesystem activities, so we vhold() the vp during the lookup
* to prevent recyclement due to vnlru / maxvnodes.
*
* If we race an unlink or rename the ncp might be marked
* DESTROYED after resolution, requiring a retry.
*/
if ((hvp = nd->nl_nch.ncp->nc_vp) != NULL)
vhold(hvp);
cache_unlock(&nd->nl_nch);
nd->nl_flags &= ~NLC_NCPISLOCKED;
error = cache_nlookup_maybe_shared(&nd->nl_nch, &nlc,
wantsexcllock(nd, ptr), &nch);
if (error == EWOULDBLOCK) {
nch = cache_nlookup(&nd->nl_nch, &nlc);
if (nch.ncp->nc_flag & NCF_UNRESOLVED)
hit = 0;
for (;;) {
error = cache_resolve(&nch, nd->nl_cred);
if (error != EAGAIN &&
(nch.ncp->nc_flag & NCF_DESTROYED) == 0) {
if (error == ESTALE) {
if (!inretry)
error = ENOENT;
doretry = TRUE;
}
break;
}
kprintf("[diagnostic] nlookup: relookup %*.*s\n",
nch.ncp->nc_nlen, nch.ncp->nc_nlen,
nch.ncp->nc_name);
cache_put(&nch);
nch = cache_nlookup(&nd->nl_nch, &nlc);
}
}
if (hvp)
vdrop(hvp);
wasdotordotdot = 0;
}
/*
* If the last component was "." or ".." our dflags no longer
* represents the parent directory and we have to explicitly
* look it up.
*
* Expect the parent to be good since nch is locked.
*/
if (wasdotordotdot && error == 0) {
dflags = 0;
if ((par.ncp = nch.ncp->nc_parent) != NULL) {
par.mount = nch.mount;
cache_hold(&par);
cache_lock_maybe_shared(&par, wantsexcllock(nd, ptr));
error = naccess(&par, 0, nd->nl_cred, &dflags);
cache_put(&par);
if (error) {
if (!keeperror(nd, error))
error = 0;
}
}
}
/*
* [end of subsection]
*
* nch is locked and referenced.
* nd->nl_nch is unlocked and referenced.
*
* nl_nch must be unlocked or we could chain lock to the root
* if a resolve gets stuck (e.g. in NFS).
*/
KKASSERT((nd->nl_flags & NLC_NCPISLOCKED) == 0);
/*
* Resolve the namespace if necessary. The ncp returned by
* cache_nlookup() is referenced and locked.
*
* XXX neither '.' nor '..' should return EAGAIN since they were
* previously resolved and thus cannot be newly created ncp's.
*/
if (nch.ncp->nc_flag & NCF_UNRESOLVED) {
hit = 0;
error = cache_resolve(&nch, nd->nl_cred);
if (error == ESTALE) {
if (!inretry)
error = ENOENT;
doretry = TRUE;
}
KKASSERT(error != EAGAIN);
} else {
error = nch.ncp->nc_error;
}
/*
* Early completion. ENOENT is not an error if this is the last
* component and NLC_CREATE or NLC_RENAME (rename target) was
* requested. Note that ncp->nc_error is left as ENOENT in that
* case, which we check later on.
*
* Also handle invalid '.' or '..' components terminating a path
* for a create/rename/delete. The standard requires this and pax
* pretty stupidly depends on it.
*/
if (islastelement(ptr)) {
if (error == ENOENT &&
(nd->nl_flags & (NLC_CREATE | NLC_RENAME_DST))
) {
if (nd->nl_flags & NLC_NFS_RDONLY) {
error = EROFS;
} else {
error = naccess(&nch, nd->nl_flags | dflags,
nd->nl_cred, NULL);
}
}
if (error == 0 && wasdotordotdot &&
(nd->nl_flags & (NLC_CREATE | NLC_DELETE |
NLC_RENAME_SRC | NLC_RENAME_DST))) {
/*
* POSIX junk
*/
if (nd->nl_flags & NLC_CREATE)
error = EEXIST;
else if (nd->nl_flags & NLC_DELETE)
error = (wasdotordotdot == 1) ? EINVAL : ENOTEMPTY;
else
error = EINVAL;
}
}
/*
* Early completion on error.
*/
if (error) {
cache_put(&nch);
break;
}
/*
* If the element is a symlink and it is either not the last
* element or it is the last element and we are allowed to
* follow symlinks, resolve the symlink.
*/
if ((nch.ncp->nc_flag & NCF_ISSYMLINK) &&
(*ptr || (nd->nl_flags & NLC_FOLLOW))
) {
if (nd->nl_loopcnt++ >= MAXSYMLINKS) {
error = ELOOP;
cache_put(&nch);
break;
}
error = nreadsymlink(nd, &nch, &nlc);
cache_put(&nch);
if (error)
break;
/*
* Concatenate trailing path elements onto the returned symlink.
* Note that if the path component (ptr) is not exhausted, it
* will being with a '/', so we do not have to add another one.
*
* The symlink may not be empty.
*/
len = strlen(ptr);
if (nlc.nlc_namelen == 0 || nlc.nlc_namelen + len >= MAXPATHLEN) {
error = nlc.nlc_namelen ? ENAMETOOLONG : ENOENT;
objcache_put(namei_oc, nlc.nlc_nameptr);
break;
}
bcopy(ptr, nlc.nlc_nameptr + nlc.nlc_namelen, len + 1);
if (nd->nl_flags & NLC_HASBUF)
objcache_put(namei_oc, nd->nl_path);
nd->nl_path = nlc.nlc_nameptr;
nd->nl_flags |= NLC_HASBUF;
ptr = nd->nl_path;
/*
* Go back up to the top to resolve any initial '/'s in the
* symlink.
*/
continue;
}
/*
* If the element is a directory and we are crossing a mount point,
* Locate the mount.
*/
while ((nch.ncp->nc_flag & NCF_ISMOUNTPT) &&
(nd->nl_flags & NLC_NOCROSSMOUNT) == 0 &&
(mp = cache_findmount(&nch)) != NULL
) {
struct vnode *tdp;
int vfs_do_busy = 0;
/*
* VFS must be busied before the namecache entry is locked,
* but we don't want to waste time calling vfs_busy() if the
* mount point is already resolved.
*/
again:
cache_put(&nch);
if (vfs_do_busy) {
while (vfs_busy(mp, 0)) {
if (mp->mnt_kern_flag & MNTK_UNMOUNT) {
kprintf("nlookup: warning umount race avoided\n");
cache_dropmount(mp);
error = EBUSY;
vfs_do_busy = 0;
goto double_break;
}
}
}
cache_get_maybe_shared(&mp->mnt_ncmountpt, &nch,
wantsexcllock(nd, ptr));
if (nch.ncp->nc_flag & NCF_UNRESOLVED) {
if (vfs_do_busy == 0) {
vfs_do_busy = 1;
goto again;
}
error = VFS_ROOT(mp, &tdp);
vfs_unbusy(mp);
vfs_do_busy = 0;
if (keeperror(nd, error)) {
cache_dropmount(mp);
break;
}
if (error == 0) {
cache_setvp(&nch, tdp);
vput(tdp);
}
}
if (vfs_do_busy)
vfs_unbusy(mp);
cache_dropmount(mp);
}
if (keeperror(nd, error)) {
cache_put(&nch);
double_break:
break;
}
/*
* Skip any slashes to get to the next element. If there
* are any slashes at all the current element must be a
* directory or, in the create case, intended to become a directory.
* If it isn't we break without incrementing ptr and fall through
* to the failure case below.
*/
while (*ptr == '/') {
if ((nch.ncp->nc_flag & NCF_ISDIR) == 0 &&
!(nd->nl_flags & NLC_WILLBEDIR)
) {
break;
}
++ptr;
}
/*
* Continuation case: additional elements and the current
* element is a directory.
*/
if (*ptr && (nch.ncp->nc_flag & NCF_ISDIR)) {
if (nd->nl_flags & NLC_NCDIR) {
cache_drop_ncdir(&nd->nl_nch);
nd->nl_flags &= ~NLC_NCDIR;
} else {
cache_drop(&nd->nl_nch);
}
cache_unlock(&nch);
KKASSERT((nd->nl_flags & NLC_NCPISLOCKED) == 0);
nd->nl_nch = nch;
continue;
}
/*
* Failure case: additional elements and the current element
* is not a directory
*/
if (*ptr) {
cache_put(&nch);
error = ENOTDIR;
break;
}
/*
* Successful lookup of last element.
*
* Check permissions if the target exists. If the target does not
* exist directory permissions were already tested in the early
* completion code above.
*
* nd->nl_flags will be adjusted on return with NLC_APPENDONLY
* if the file is marked append-only, and NLC_STICKY if the directory
* containing the file is sticky.
*/
if (nch.ncp->nc_vp && (nd->nl_flags & NLC_ALLCHKS)) {
error = naccess(&nch, nd->nl_flags | dflags,
nd->nl_cred, NULL);
if (keeperror(nd, error)) {
cache_put(&nch);
break;
}
}
/*
* Termination: no more elements.
*
* If NLC_REFDVP is set acquire a referenced parent dvp.
*/
if (nd->nl_flags & NLC_REFDVP) {
cache_lock(&nd->nl_nch);
error = cache_vref(&nd->nl_nch, nd->nl_cred, &nd->nl_dvp);
cache_unlock(&nd->nl_nch);
if (keeperror(nd, error)) {
kprintf("NLC_REFDVP: Cannot ref dvp of %p\n", nch.ncp);
cache_put(&nch);
break;
}
}
if (nd->nl_flags & NLC_NCDIR) {
cache_drop_ncdir(&nd->nl_nch);
nd->nl_flags &= ~NLC_NCDIR;
} else {
cache_drop(&nd->nl_nch);
}
nd->nl_nch = nch;
nd->nl_flags |= NLC_NCPISLOCKED;
error = 0;
break;
}
if (hit)
++gd->gd_nchstats->ncs_longhits;
else
++gd->gd_nchstats->ncs_longmiss;
if (nd->nl_flags & NLC_NCPISLOCKED)
KKASSERT(cache_lockstatus(&nd->nl_nch) > 0);
/*
* Retry the whole thing if doretry flag is set, but only once.
* autofs(5) may mount another filesystem under its root directory
* while resolving a path.
*/
if (doretry && !inretry) {
inretry = TRUE;
nd->nl_flags &= NLC_NCDIR;
nd->nl_flags |= saveflag;
goto nlookup_start;
}
/*
* NOTE: If NLC_CREATE was set the ncp may represent a negative hit
* (ncp->nc_error will be ENOENT), but we will still return an error
* code of 0.
*/
return(error);
}
static void
fsok(GtkWidget *dlg)
{
struct nGetOpenFileData *data;
char *file, *file2, **farray;
const char *filter_name;
int i, k, len, n;
GStatBuf buf;
GSList *top, *list;
GtkFileFilter *filter;
data = &FileSelection;
top = gtk_file_chooser_get_filenames(GTK_FILE_CHOOSER(dlg));
filter = gtk_file_chooser_get_filter(GTK_FILE_CHOOSER(dlg));
if (filter) {
filter_name = gtk_file_filter_get_name(filter);
} else {
filter_name = NULL;
}
if (filter_name == NULL || strcmp(filter_name, _("All")) == 0) {
data->ext = NULL;
}
n = g_slist_length(top);
farray = g_malloc(sizeof(*farray) * (n + 1));
if (farray == NULL) {
free_str_list(top);
return;
}
data->file = farray;
k = 0;
for (list = top; list; list = list->next) {
char *tmp;
tmp = (char *) list->data;
if (tmp == NULL || strlen(tmp) < 1) {
gdk_beep();
continue;
}
file = get_utf8_filename(tmp);
for (i = strlen(file) - 1; (i > 0) && (file[i] != '/') && (file[i] != '.'); i--);
if ((file[i] != '.') && data->ext) {
len = strlen(data->ext) + 1;
} else {
len = 0;
}
if (len) {
file2 = g_strdup_printf("%s.%s", file, data->ext);
g_free(file);
} else {
file2 = file;
}
if (file2) {
if (data->mustexist) {
if ((nstat(file2, &buf) != 0) || ((buf.st_mode & S_IFMT) != S_IFREG)
|| (naccess(file2, R_OK) != 0)) {
gdk_beep();
error22(NULL, 0, "I/O error", file2);
g_free(file2);
continue;
}
} else {
if ((nstat(file2, &buf) == 0) && ((buf.st_mode & S_IFMT) != S_IFREG)) {
gdk_beep();
error22(NULL, 0, "I/O error", file2);
g_free(file2);
continue;
}
}
farray[k] = file2;
k++;
}
}
if (k == 0)
return;
if (data->changedir && k > 0) {
data->chdir = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(data->chdir_cb));
if (data->chdir && data->init_dir) {
char *dir;
g_free(*(data->init_dir));
dir = g_path_get_dirname(farray[0]);
*(data->init_dir) = dir;
}
}
farray[k] = NULL;
free_str_list(top);
data->ret = IDOK;
}
static int
naccess(struct nchandle *nch, int nflags, struct ucred *cred, int *nflagsp)
{
struct vnode *vp;
struct vattr va;
struct namecache *ncp;
int error;
int cflags;
KKASSERT(cache_lockstatus(nch) > 0);
ncp = nch->ncp;
if (ncp->nc_flag & NCF_UNRESOLVED) {
cache_resolve(nch, cred);
ncp = nch->ncp;
}
error = ncp->nc_error;
/*
* Directory permissions checks. Silently ignore ENOENT if these
* tests pass. It isn't an error.
*
* We can safely resolve ncp->nc_parent because ncp is currently
* locked.
*/
if (nflags & (NLC_CREATE | NLC_DELETE | NLC_RENAME_SRC | NLC_RENAME_DST)) {
if (((nflags & NLC_CREATE) && ncp->nc_vp == NULL) ||
((nflags & NLC_DELETE) && ncp->nc_vp != NULL) ||
((nflags & NLC_RENAME_SRC) && ncp->nc_vp != NULL) ||
(nflags & NLC_RENAME_DST)
) {
struct nchandle par;
if ((par.ncp = ncp->nc_parent) == NULL) {
if (error != EAGAIN)
error = EINVAL;
} else if (error == 0 || error == ENOENT) {
par.mount = nch->mount;
cache_hold(&par);
cache_lock_maybe_shared(&par, 0);
error = naccess(&par, NLC_WRITE, cred, NULL);
cache_put(&par);
}
}
}
/*
* NLC_EXCL check. Target file must not exist.
*/
if (error == 0 && (nflags & NLC_EXCL) && ncp->nc_vp != NULL)
error = EEXIST;
/*
* Try to short-cut the vnode operation for intermediate directory
* components. This is a major SMP win because it avoids having
* to execute a lot of code for intermediate directory components,
* including shared refs and locks on intermediate directory vnodes.
*
* We can only do this if the caller does not need nflagsp.
*/
if (error == 0 && nflagsp == NULL &&
nflags == NLC_EXEC && (ncp->nc_flag & NCF_WXOK)) {
return 0;
}
/*
* Get the vnode attributes so we can do the rest of our checks.
*
* NOTE: We only call naccess_va() if the target exists.
*/
if (error == 0) {
error = cache_vget(nch, cred, LK_SHARED, &vp);
if (error == ENOENT) {
/*
* Silently zero-out ENOENT if creating or renaming
* (rename target). It isn't an error.
*/
if (nflags & (NLC_CREATE | NLC_RENAME_DST))
error = 0;
} else if (error == 0) {
/*
* Get the vnode attributes and check for illegal O_TRUNC
* requests and read-only mounts.
*
* NOTE: You can still open devices on read-only mounts for
* writing.
*
* NOTE: creates/deletes/renames are handled by the NLC_WRITE
* check on the parent directory above.
*
* XXX cache the va in the namecache or in the vnode
*/
error = VOP_GETATTR(vp, &va);
if (error == 0 && (nflags & NLC_TRUNCATE)) {
switch(va.va_type) {
case VREG:
case VDATABASE:
case VCHR:
case VBLK:
case VFIFO:
break;
case VDIR:
error = EISDIR;
break;
default:
error = EINVAL;
break;
}
}
if (error == 0 && (nflags & NLC_WRITE) && vp->v_mount &&
(vp->v_mount->mnt_flag & MNT_RDONLY)
) {
switch(va.va_type) {
case VDIR:
case VLNK:
case VREG:
case VDATABASE:
error = EROFS;
break;
default:
break;
}
}
vput(vp);
/*
* Check permissions based on file attributes. The passed
* flags (*nflagsp) are modified with feedback based on
* special attributes and requirements.
*/
if (error == 0) {
/*
* Adjust the returned (*nflagsp) if non-NULL.
*/
if (nflagsp) {
if ((va.va_mode & VSVTX) && va.va_uid != cred->cr_uid)
*nflagsp |= NLC_STICKY;
if (va.va_flags & APPEND)
*nflagsp |= NLC_APPENDONLY;
if (va.va_flags & IMMUTABLE)
*nflagsp |= NLC_IMMUTABLE;
}
/*
* NCF_WXOK can be set for world-searchable directories.
*
* XXX When we implement capabilities this code would also
* need a cap check, or only set the flag if there are no
* capabilities.
*/
cflags = 0;
if (va.va_type == VDIR &&
(va.va_mode & S_WXOK_MASK) == S_WXOK_MASK) {
cflags |= NCF_WXOK;
}
/*
* Track swapcache management flags in the namecache.
*
* Calculate the flags based on the current vattr info
* and recalculate the inherited flags from the parent
* (the original cache linkage may have occurred without
* getattrs and thus have stale flags).
*/
if (va.va_flags & SF_NOCACHE)
cflags |= NCF_SF_NOCACHE;
if (va.va_flags & UF_CACHE)
cflags |= NCF_UF_CACHE;
if (ncp->nc_parent) {
if (ncp->nc_parent->nc_flag &
(NCF_SF_NOCACHE | NCF_SF_PNOCACHE)) {
cflags |= NCF_SF_PNOCACHE;
}
if (ncp->nc_parent->nc_flag &
(NCF_UF_CACHE | NCF_UF_PCACHE)) {
cflags |= NCF_UF_PCACHE;
}
}
/*
* We're not supposed to update nc_flag when holding a shared
* lock, but we allow the case for certain flags. Note that
* holding an exclusive lock allows updating nc_flag without
* atomics. nc_flag is not allowe to be updated at all unless
* a shared or exclusive lock is held.
*/
atomic_clear_short(&ncp->nc_flag,
(NCF_SF_NOCACHE | NCF_UF_CACHE |
NCF_SF_PNOCACHE | NCF_UF_PCACHE |
NCF_WXOK) & ~cflags);
atomic_set_short(&ncp->nc_flag, cflags);
/*
* Process general access.
*/
error = naccess_va(&va, nflags, cred);
}
}
}
return(error);
}