int
sys_lfs_markv(struct lwp *l, const struct sys_lfs_markv_args *uap, register_t *retval)
{
/* {
syscallarg(fsid_t *) fsidp;
syscallarg(struct block_info *) blkiov;
syscallarg(int) blkcnt;
} */
BLOCK_INFO *blkiov;
int blkcnt, error;
fsid_t fsid;
struct lfs *fs;
struct mount *mntp;
error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LFS,
KAUTH_REQ_SYSTEM_LFS_MARKV, NULL, NULL, NULL);
if (error)
return (error);
if ((error = copyin(SCARG(uap, fsidp), &fsid, sizeof(fsid_t))) != 0)
return (error);
if ((mntp = vfs_getvfs(fsidp)) == NULL)
return (ENOENT);
fs = VFSTOULFS(mntp)->um_lfs;
blkcnt = SCARG(uap, blkcnt);
if ((u_int) blkcnt > LFS_MARKV_MAXBLKCNT)
return (EINVAL);
KERNEL_LOCK(1, NULL);
blkiov = lfs_malloc(fs, blkcnt * sizeof(BLOCK_INFO), LFS_NB_BLKIOV);
if ((error = copyin(SCARG(uap, blkiov), blkiov,
blkcnt * sizeof(BLOCK_INFO))) != 0)
goto out;
if ((error = lfs_markv(p, &fsid, blkiov, blkcnt)) == 0)
copyout(blkiov, SCARG(uap, blkiov),
blkcnt * sizeof(BLOCK_INFO));
out:
lfs_free(fs, blkiov, LFS_NB_BLKIOV);
KERNEL_UNLOCK_ONE(NULL);
return error;
}
int
sys_lfs_bmapv(struct lwp *l, const struct sys_lfs_bmapv_args *uap, register_t *retval)
{
/* {
syscallarg(fsid_t *) fsidp;
syscallarg(struct block_info *) blkiov;
syscallarg(int) blkcnt;
} */
BLOCK_INFO *blkiov;
int blkcnt, error;
fsid_t fsid;
struct lfs *fs;
struct mount *mntp;
if ((error = copyin(SCARG(uap, fsidp), &fsid, sizeof(fsid_t))) != 0)
return (error);
if ((mntp = vfs_getvfs(&fsid)) == NULL)
return (ENOENT);
fs = VFSTOULFS(mntp)->um_lfs;
blkcnt = SCARG(uap, blkcnt);
#if SIZE_T_MAX <= UINT_MAX
if ((u_int) blkcnt > SIZE_T_MAX / sizeof(BLOCK_INFO))
return (EINVAL);
#endif
KERNEL_LOCK(1, NULL);
blkiov = lfs_malloc(fs, blkcnt * sizeof(BLOCK_INFO), LFS_NB_BLKIOV);
if ((error = copyin(SCARG(uap, blkiov), blkiov,
blkcnt * sizeof(BLOCK_INFO))) != 0)
goto out;
if ((error = lfs_bmapv(l, &fsid, blkiov, blkcnt)) == 0)
copyout(blkiov, SCARG(uap, blkiov),
blkcnt * sizeof(BLOCK_INFO));
out:
lfs_free(fs, blkiov, LFS_NB_BLKIOV);
KERNEL_UNLOCK_ONE(NULL);
return error;
}
/*
* This will block until a segment in file system fsid is written. A timeout
* in milliseconds may be specified which will awake the cleaner automatically.
* An fsid of -1 means any file system, and a timeout of 0 means forever.
*/
int
lfs_segwait(fsid_t *fsidp, struct timeval *tv)
{
struct mount *mntp;
void *addr;
u_long timeout;
int error;
KERNEL_LOCK(1, NULL);
if (fsidp == NULL || (mntp = vfs_getvfs(fsidp)) == NULL)
addr = &lfs_allclean_wakeup;
else
addr = &VFSTOULFS(mntp)->um_lfs->lfs_nextseg;
/*
* XXX THIS COULD SLEEP FOREVER IF TIMEOUT IS {0,0}!
* XXX IS THAT WHAT IS INTENDED?
*/
timeout = tvtohz(tv);
error = tsleep(addr, PCATCH | PVFS, "segment", timeout);
KERNEL_UNLOCK_ONE(NULL);
return (error == ERESTART ? EINTR : 0);
}
/*
* fhstat_args(struct fhandle *u_fhp, struct dfbsd12_stat *sb)
*
* MPALMOSTSAFE
*/
int
sys_dfbsd12_fhstat(struct dfbsd12_fhstat_args *uap)
{
struct thread *td = curthread;
struct dfbsd12_stat osb;
struct stat sb;
fhandle_t fh;
struct mount *mp;
struct vnode *vp;
int error;
/*
* Must be super user
*/
error = priv_check(td, PRIV_ROOT);
if (error)
return (error);
error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
if (error)
return (error);
get_mplock();
if ((mp = vfs_getvfs(&fh.fh_fsid)) == NULL) {
error = ESTALE;
goto done;
}
if ((error = VFS_FHTOVP(mp, NULL, &fh.fh_fid, &vp)))
goto done;
error = vn_stat(vp, &sb, td->td_ucred);
vput(vp);
if (error)
goto done;
cvtstat(&osb, &sb);
error = copyout(&osb, uap->sb, sizeof(osb));
done:
rel_mplock();
return (error);
}
int
compat_30_netbsd32_fhstat(struct lwp *l, const struct compat_30_netbsd32_fhstat_args *uap, register_t *retval)
{
/* {
syscallarg(const netbsd32_fhandlep_t) fhp;
syscallarg(netbsd32_stat13p_t) sb;
} */
struct stat sb;
struct netbsd32_stat13 sb32;
int error;
struct compat_30_fhandle fh;
struct mount *mp;
struct vnode *vp;
/*
* Must be super user
*/
if ((error = kauth_authorize_system(l->l_cred,
KAUTH_SYSTEM_FILEHANDLE, 0, NULL, NULL, NULL)))
return (error);
if ((error = copyin(SCARG_P32(uap, fhp), &fh, sizeof(fh))) != 0)
return (error);
if ((mp = vfs_getvfs(&fh.fh_fsid)) == NULL)
return (ESTALE);
if (mp->mnt_op->vfs_fhtovp == NULL)
return EOPNOTSUPP;
if ((error = VFS_FHTOVP(mp, (struct fid*)&fh.fh_fid, &vp)))
return (error);
error = vn_stat(vp, &sb);
vput(vp);
if (error)
return (error);
netbsd32_from___stat13(&sb, &sb32);
error = copyout(&sb32, SCARG_P32(uap, sb), sizeof(sb));
return (error);
}
/*
* sys_lfs_segclean:
*
* Mark the segment clean.
*
* 0 on success
* -1/errno is return on error.
*/
int
sys_lfs_segclean(struct lwp *l, const struct sys_lfs_segclean_args *uap, register_t *retval)
{
/* {
syscallarg(fsid_t *) fsidp;
syscallarg(u_long) segment;
} */
struct lfs *fs;
struct mount *mntp;
fsid_t fsid;
int error;
unsigned long segnum;
error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LFS,
KAUTH_REQ_SYSTEM_LFS_SEGCLEAN, NULL, NULL, NULL);
if (error)
return (error);
if ((error = copyin(SCARG(uap, fsidp), &fsid, sizeof(fsid_t))) != 0)
return (error);
if ((mntp = vfs_getvfs(&fsid)) == NULL)
return (ENOENT);
fs = VFSTOULFS(mntp)->um_lfs;
segnum = SCARG(uap, segment);
if ((error = vfs_busy(mntp, NULL)) != 0)
return (error);
KERNEL_LOCK(1, NULL);
lfs_seglock(fs, SEGM_PROT);
error = lfs_do_segclean(fs, segnum);
lfs_segunlock(fs);
KERNEL_UNLOCK_ONE(NULL);
vfs_unbusy(mntp, false, NULL);
return error;
}
static errno_t
fuse_vfsop_mount(mount_t mp, __unused vnode_t devvp, user_addr_t udata,
vfs_context_t context)
{
int err = 0;
int mntopts = 0;
bool mounted = false;
uint32_t max_read = ~0;
size_t len;
fuse_device_t fdev = NULL;
struct fuse_data *data = NULL;
fuse_mount_args fusefs_args;
struct vfsstatfs *vfsstatfsp = vfs_statfs(mp);
#if M_FUSE4X_ENABLE_BIGLOCK
lck_mtx_t *biglock;
#endif
fuse_trace_printf_vfsop();
if (vfs_isupdate(mp)) {
return ENOTSUP;
}
err = copyin(udata, &fusefs_args, sizeof(fusefs_args));
if (err) {
return EINVAL;
}
/*
* Interesting flags that we can receive from mount or may want to
* otherwise forcibly set include:
*
* MNT_ASYNC
* MNT_AUTOMOUNTED
* MNT_DEFWRITE
* MNT_DONTBROWSE
* MNT_IGNORE_OWNERSHIP
* MNT_JOURNALED
* MNT_NODEV
* MNT_NOEXEC
* MNT_NOSUID
* MNT_NOUSERXATTR
* MNT_RDONLY
* MNT_SYNCHRONOUS
* MNT_UNION
*/
err = ENOTSUP;
#if M_FUSE4X_ENABLE_UNSUPPORTED
vfs_setlocklocal(mp);
#endif /* M_FUSE4X_ENABLE_UNSUPPORTED */
/** Option Processing. **/
if (*fusefs_args.fstypename) {
size_t typenamelen = strlen(fusefs_args.fstypename);
if (typenamelen > FUSE_FSTYPENAME_MAXLEN) {
return EINVAL;
}
snprintf(vfsstatfsp->f_fstypename, MFSTYPENAMELEN, "%s%s",
FUSE_FSTYPENAME_PREFIX, fusefs_args.fstypename);
}
if (!*fusefs_args.fsname)
return EINVAL;
if ((fusefs_args.daemon_timeout > FUSE_MAX_DAEMON_TIMEOUT) ||
(fusefs_args.daemon_timeout < FUSE_MIN_DAEMON_TIMEOUT)) {
return EINVAL;
}
if ((fusefs_args.init_timeout > FUSE_MAX_INIT_TIMEOUT) ||
(fusefs_args.init_timeout < FUSE_MIN_INIT_TIMEOUT)) {
return EINVAL;
}
if (fusefs_args.altflags & FUSE_MOPT_SPARSE) {
mntopts |= FSESS_SPARSE;
}
if (fusefs_args.altflags & FUSE_MOPT_AUTO_CACHE) {
mntopts |= FSESS_AUTO_CACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_AUTO_XATTR) {
if (fusefs_args.altflags & FUSE_MOPT_NATIVE_XATTR) {
return EINVAL;
}
mntopts |= FSESS_AUTO_XATTR;
} else if (fusefs_args.altflags & FUSE_MOPT_NATIVE_XATTR) {
mntopts |= FSESS_NATIVE_XATTR;
}
if (fusefs_args.altflags & FUSE_MOPT_JAIL_SYMLINKS) {
mntopts |= FSESS_JAIL_SYMLINKS;
}
/*
* Note that unlike Linux, which keeps allow_root in user-space and
* passes allow_other in that case to the kernel, we let allow_root
* reach the kernel. The 'if' ordering is important here.
*/
if (fusefs_args.altflags & FUSE_MOPT_ALLOW_ROOT) {
int is_member = 0;
if ((kauth_cred_ismember_gid(kauth_cred_get(), fuse_admin_group, &is_member) != 0) || !is_member) {
log("fuse4x: caller is not a member of fuse4x admin group. "
"Either add user (id=%d) to group (id=%d), "
"or set correct '" SYSCTL_FUSE4X_TUNABLES_ADMIN "' sysctl value.\n",
kauth_cred_getuid(kauth_cred_get()), fuse_admin_group);
return EPERM;
}
mntopts |= FSESS_ALLOW_ROOT;
} else if (fusefs_args.altflags & FUSE_MOPT_ALLOW_OTHER) {
if (!fuse_allow_other && !fuse_vfs_context_issuser(context)) {
int is_member = 0;
if ((kauth_cred_ismember_gid(kauth_cred_get(), fuse_admin_group, &is_member) != 0) || !is_member) {
log("fuse4x: caller is not a member of fuse4x admin group. "
"Either add user (id=%d) to group (id=%d), "
"or set correct '" SYSCTL_FUSE4X_TUNABLES_ADMIN "' sysctl value.\n",
kauth_cred_getuid(kauth_cred_get()), fuse_admin_group);
return EPERM;
}
}
mntopts |= FSESS_ALLOW_OTHER;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_APPLEDOUBLE) {
mntopts |= FSESS_NO_APPLEDOUBLE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_APPLEXATTR) {
mntopts |= FSESS_NO_APPLEXATTR;
}
if ((fusefs_args.altflags & FUSE_MOPT_FSID) && (fusefs_args.fsid != 0)) {
fsid_t fsid;
mount_t other_mp;
uint32_t target_dev;
target_dev = FUSE_MAKEDEV(FUSE_CUSTOM_FSID_DEVICE_MAJOR,
fusefs_args.fsid);
fsid.val[0] = target_dev;
fsid.val[1] = FUSE_CUSTOM_FSID_VAL1;
other_mp = vfs_getvfs(&fsid);
if (other_mp != NULL) {
return EPERM;
}
vfsstatfsp->f_fsid.val[0] = target_dev;
vfsstatfsp->f_fsid.val[1] = FUSE_CUSTOM_FSID_VAL1;
} else {
vfs_getnewfsid(mp);
}
if (fusefs_args.altflags & FUSE_MOPT_NO_ATTRCACHE) {
mntopts |= FSESS_NO_ATTRCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_READAHEAD) {
mntopts |= FSESS_NO_READAHEAD;
}
if (fusefs_args.altflags & (FUSE_MOPT_NO_UBC | FUSE_MOPT_DIRECT_IO)) {
mntopts |= FSESS_NO_UBC;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_VNCACHE) {
mntopts |= FSESS_NO_VNCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NEGATIVE_VNCACHE) {
if (mntopts & FSESS_NO_VNCACHE) {
return EINVAL;
}
mntopts |= FSESS_NEGATIVE_VNCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_SYNCWRITES) {
/* Cannot mix 'nosyncwrites' with 'noubc' or 'noreadahead'. */
if (mntopts & (FSESS_NO_READAHEAD | FSESS_NO_UBC)) {
log("fuse4x: cannot mix 'nosyncwrites' with 'noubc' or 'noreadahead'\n");
return EINVAL;
}
mntopts |= FSESS_NO_SYNCWRITES;
vfs_clearflags(mp, MNT_SYNCHRONOUS);
vfs_setflags(mp, MNT_ASYNC);
/* We check for this only if we have nosyncwrites in the first place. */
if (fusefs_args.altflags & FUSE_MOPT_NO_SYNCONCLOSE) {
mntopts |= FSESS_NO_SYNCONCLOSE;
}
} else {
vfs_clearflags(mp, MNT_ASYNC);
vfs_setflags(mp, MNT_SYNCHRONOUS);
}
if (mntopts & FSESS_NO_UBC) {
/* If no buffer cache, disallow exec from file system. */
vfs_setflags(mp, MNT_NOEXEC);
}
vfs_setauthopaque(mp);
vfs_setauthopaqueaccess(mp);
if ((fusefs_args.altflags & FUSE_MOPT_DEFAULT_PERMISSIONS) &&
(fusefs_args.altflags & FUSE_MOPT_DEFER_PERMISSIONS)) {
return EINVAL;
}
if (fusefs_args.altflags & FUSE_MOPT_DEFAULT_PERMISSIONS) {
mntopts |= FSESS_DEFAULT_PERMISSIONS;
vfs_clearauthopaque(mp);
}
if (fusefs_args.altflags & FUSE_MOPT_DEFER_PERMISSIONS) {
mntopts |= FSESS_DEFER_PERMISSIONS;
}
if (fusefs_args.altflags & FUSE_MOPT_EXTENDED_SECURITY) {
mntopts |= FSESS_EXTENDED_SECURITY;
vfs_setextendedsecurity(mp);
}
if (fusefs_args.altflags & FUSE_MOPT_LOCALVOL) {
vfs_setflags(mp, MNT_LOCAL);
}
/* done checking incoming option bits */
err = 0;
vfs_setfsprivate(mp, NULL);
fdev = fuse_device_get(fusefs_args.rdev);
if (!fdev) {
log("fuse4x: invalid device file (number=%d)\n", fusefs_args.rdev);
return EINVAL;
}
fuse_lck_mtx_lock(fdev->mtx);
data = fdev->data;
if (!data) {
fuse_lck_mtx_unlock(fdev->mtx);
return ENXIO;
}
#if M_FUSE4X_ENABLE_BIGLOCK
biglock = data->biglock;
fuse_biglock_lock(biglock);
#endif
if (data->dataflags & FSESS_MOUNTED) {
#if M_FUSE4X_ENABLE_BIGLOCK
fuse_biglock_unlock(biglock);
#endif
fuse_lck_mtx_unlock(fdev->mtx);
return EALREADY;
}
if (!(data->dataflags & FSESS_OPENED)) {
fuse_lck_mtx_unlock(fdev->mtx);
err = ENXIO;
goto out;
}
data->dataflags |= FSESS_MOUNTED;
OSAddAtomic(1, (SInt32 *)&fuse_mount_count);
mounted = true;
if (fdata_dead_get(data)) {
fuse_lck_mtx_unlock(fdev->mtx);
err = ENOTCONN;
goto out;
}
if (!data->daemoncred) {
panic("fuse4x: daemon found but identity unknown");
}
if (fuse_vfs_context_issuser(context) &&
kauth_cred_getuid(vfs_context_ucred(context)) != kauth_cred_getuid(data->daemoncred)) {
fuse_lck_mtx_unlock(fdev->mtx);
err = EPERM;
log("fuse4x: fuse daemon running by user_id=%d does not have privileges to mount on directory %s owned by user_id=%d\n",
kauth_cred_getuid(data->daemoncred), vfsstatfsp->f_mntonname, kauth_cred_getuid(vfs_context_ucred(context)));
goto out;
}
data->mp = mp;
data->fdev = fdev;
data->dataflags |= mntopts;
data->daemon_timeout.tv_sec = fusefs_args.daemon_timeout;
data->daemon_timeout.tv_nsec = 0;
if (data->daemon_timeout.tv_sec) {
data->daemon_timeout_p = &(data->daemon_timeout);
} else {
data->daemon_timeout_p = NULL;
}
data->init_timeout.tv_sec = fusefs_args.init_timeout;
data->init_timeout.tv_nsec = 0;
data->max_read = max_read;
data->fssubtype = fusefs_args.fssubtype;
data->mountaltflags = fusefs_args.altflags;
data->noimplflags = (uint64_t)0;
data->blocksize = fuse_round_size(fusefs_args.blocksize,
FUSE_MIN_BLOCKSIZE, FUSE_MAX_BLOCKSIZE);
data->iosize = fuse_round_size(fusefs_args.iosize,
FUSE_MIN_IOSIZE, FUSE_MAX_IOSIZE);
if (data->iosize < data->blocksize) {
data->iosize = data->blocksize;
}
data->userkernel_bufsize = FUSE_DEFAULT_USERKERNEL_BUFSIZE;
copystr(fusefs_args.fsname, vfsstatfsp->f_mntfromname,
MNAMELEN - 1, &len);
bzero(vfsstatfsp->f_mntfromname + len, MNAMELEN - len);
copystr(fusefs_args.volname, data->volname, MAXPATHLEN - 1, &len);
bzero(data->volname + len, MAXPATHLEN - len);
/* previous location of vfs_setioattr() */
vfs_setfsprivate(mp, data);
fuse_lck_mtx_unlock(fdev->mtx);
/* Send a handshake message to the daemon. */
fuse_send_init(data, context);
struct vfs_attr vfs_attr;
VFSATTR_INIT(&vfs_attr);
// Our vfs_getattr() doesn't look at most *_IS_ACTIVE()'s
err = fuse_vfsop_getattr(mp, &vfs_attr, context);
if (!err) {
vfsstatfsp->f_bsize = vfs_attr.f_bsize;
vfsstatfsp->f_iosize = vfs_attr.f_iosize;
vfsstatfsp->f_blocks = vfs_attr.f_blocks;
vfsstatfsp->f_bfree = vfs_attr.f_bfree;
vfsstatfsp->f_bavail = vfs_attr.f_bavail;
vfsstatfsp->f_bused = vfs_attr.f_bused;
vfsstatfsp->f_files = vfs_attr.f_files;
vfsstatfsp->f_ffree = vfs_attr.f_ffree;
// vfsstatfsp->f_fsid already handled above
vfsstatfsp->f_owner = kauth_cred_getuid(data->daemoncred);
vfsstatfsp->f_flags = vfs_flags(mp);
// vfsstatfsp->f_fstypename already handled above
// vfsstatfsp->f_mntonname handled elsewhere
// vfsstatfsp->f_mnfromname already handled above
vfsstatfsp->f_fssubtype = data->fssubtype;
}
if (fusefs_args.altflags & FUSE_MOPT_BLOCKSIZE) {
vfsstatfsp->f_bsize = data->blocksize;
} else {
//data->blocksize = vfsstatfsp->f_bsize;
}
if (fusefs_args.altflags & FUSE_MOPT_IOSIZE) {
vfsstatfsp->f_iosize = data->iosize;
} else {
//data->iosize = (uint32_t)vfsstatfsp->f_iosize;
vfsstatfsp->f_iosize = data->iosize;
}
out:
if (err) {
vfs_setfsprivate(mp, NULL);
fuse_lck_mtx_lock(fdev->mtx);
data = fdev->data; /* again */
if (mounted) {
OSAddAtomic(-1, (SInt32 *)&fuse_mount_count);
}
if (data) {
data->dataflags &= ~FSESS_MOUNTED;
if (!(data->dataflags & FSESS_OPENED)) {
#if M_FUSE4X_ENABLE_BIGLOCK
assert(biglock == data->biglock);
fuse_biglock_unlock(biglock);
#endif
fuse_device_close_final(fdev);
/* data is gone now */
}
}
fuse_lck_mtx_unlock(fdev->mtx);
} else {
vnode_t fuse_rootvp = NULLVP;
err = fuse_vfsop_root(mp, &fuse_rootvp, context);
if (err) {
goto out; /* go back and follow error path */
}
err = vnode_ref(fuse_rootvp);
(void)vnode_put(fuse_rootvp);
if (err) {
goto out; /* go back and follow error path */
} else {
struct vfsioattr ioattr;
vfs_ioattr(mp, &ioattr);
ioattr.io_devblocksize = data->blocksize;
vfs_setioattr(mp, &ioattr);
}
}
#if M_FUSE4X_ENABLE_BIGLOCK
fuse_lck_mtx_lock(fdev->mtx);
data = fdev->data; /* ...and again */
if(data) {
assert(data->biglock == biglock);
fuse_biglock_unlock(biglock);
}
fuse_lck_mtx_unlock(fdev->mtx);
#endif
return err;
}
int
lfs_bmapv(struct proc *p, fsid_t *fsidp, BLOCK_INFO *blkiov, int blkcnt)
{
BLOCK_INFO *blkp;
IFILE *ifp;
struct buf *bp;
struct inode *ip = NULL;
struct lfs *fs;
struct mount *mntp;
struct ulfsmount *ump;
struct vnode *vp;
ino_t lastino;
daddr_t v_daddr;
int cnt, error;
int numrefed = 0;
lfs_cleaner_pid = p->p_pid;
if ((mntp = vfs_getvfs(fsidp)) == NULL)
return (ENOENT);
ump = VFSTOULFS(mntp);
if ((error = vfs_busy(mntp, NULL)) != 0)
return (error);
cnt = blkcnt;
fs = VFSTOULFS(mntp)->um_lfs;
error = 0;
/* these were inside the initialization for the for loop */
v_daddr = LFS_UNUSED_DADDR;
lastino = LFS_UNUSED_INUM;
for (blkp = blkiov; cnt--; ++blkp)
{
/*
* Get the IFILE entry (only once) and see if the file still
* exists.
*/
if (lastino != blkp->bi_inode) {
/*
* Finish the old file, if there was one. The presence
* of a usable vnode in vp is signaled by a valid
* v_daddr.
*/
if (v_daddr != LFS_UNUSED_DADDR) {
lfs_vunref(vp);
if (VTOI(vp)->i_lfs_iflags & LFSI_BMAP) {
mutex_enter(vp->v_interlock);
if (vget(vp, LK_NOWAIT) == 0) {
if (! vrecycle(vp))
vrele(vp);
}
}
numrefed--;
}
/*
* Start a new file
*/
lastino = blkp->bi_inode;
if (blkp->bi_inode == LFS_IFILE_INUM)
v_daddr = fs->lfs_idaddr;
else {
LFS_IENTRY(ifp, fs, blkp->bi_inode, bp);
v_daddr = ifp->if_daddr;
brelse(bp, 0);
}
if (v_daddr == LFS_UNUSED_DADDR) {
blkp->bi_daddr = LFS_UNUSED_DADDR;
continue;
}
/*
* A regular call to VFS_VGET could deadlock
* here. Instead, we try an unlocked access.
*/
mutex_enter(&ulfs_ihash_lock);
vp = ulfs_ihashlookup(ump->um_dev, blkp->bi_inode);
if (vp != NULL && !(vp->v_iflag & VI_XLOCK)) {
ip = VTOI(vp);
mutex_enter(vp->v_interlock);
mutex_exit(&ulfs_ihash_lock);
if (lfs_vref(vp)) {
v_daddr = LFS_UNUSED_DADDR;
continue;
}
numrefed++;
} else {
mutex_exit(&ulfs_ihash_lock);
/*
* Don't VFS_VGET if we're being unmounted,
* since we hold vfs_busy().
*/
if (mntp->mnt_iflag & IMNT_UNMOUNT) {
v_daddr = LFS_UNUSED_DADDR;
continue;
}
error = VFS_VGET(mntp, blkp->bi_inode, &vp);
if (error) {
DLOG((DLOG_CLEAN, "lfs_bmapv: vget ino"
"%d failed with %d",
blkp->bi_inode,error));
v_daddr = LFS_UNUSED_DADDR;
continue;
} else {
KASSERT(VOP_ISLOCKED(vp));
VTOI(vp)->i_lfs_iflags |= LFSI_BMAP;
VOP_UNLOCK(vp);
numrefed++;
}
}
ip = VTOI(vp);
} else if (v_daddr == LFS_UNUSED_DADDR) {
/*
* This can only happen if the vnode is dead.
* Keep going. Note that we DO NOT set the
* bi_addr to anything -- if we failed to get
* the vnode, for example, we want to assume
* conservatively that all of its blocks *are*
* located in the segment in question.
* lfs_markv will throw them out if we are
* wrong.
*/
/* blkp->bi_daddr = LFS_UNUSED_DADDR; */
continue;
}
/* Past this point we are guaranteed that vp, ip are valid. */
if (blkp->bi_lbn == LFS_UNUSED_LBN) {
/*
* We just want the inode address, which is
* conveniently in v_daddr.
*/
blkp->bi_daddr = v_daddr;
} else {
daddr_t bi_daddr;
/* XXX ondisk32 */
error = VOP_BMAP(vp, blkp->bi_lbn, NULL,
&bi_daddr, NULL);
if (error)
{
blkp->bi_daddr = LFS_UNUSED_DADDR;
continue;
}
blkp->bi_daddr = LFS_DBTOFSB(fs, bi_daddr);
/* Fill in the block size, too */
if (blkp->bi_lbn >= 0)
blkp->bi_size = lfs_blksize(fs, ip, blkp->bi_lbn);
else
blkp->bi_size = fs->lfs_bsize;
}
}
/*
* Finish the old file, if there was one. The presence
* of a usable vnode in vp is signaled by a valid v_daddr.
*/
if (v_daddr != LFS_UNUSED_DADDR) {
lfs_vunref(vp);
/* Recycle as above. */
if (ip->i_lfs_iflags & LFSI_BMAP) {
mutex_enter(vp->v_interlock);
if (vget(vp, LK_NOWAIT) == 0) {
if (! vrecycle(vp))
vrele(vp);
}
}
numrefed--;
}
#ifdef DIAGNOSTIC
if (numrefed != 0)
panic("lfs_bmapv: numrefed=%d", numrefed);
#endif
vfs_unbusy(mntp, false, NULL);
return 0;
}
int
sys_lfs_bmapv(struct lwp *l, const struct sys_lfs_bmapv_args *uap, register_t *retval)
{
/* {
syscallarg(fsid_t *) fsidp;
syscallarg(struct block_info *) blkiov;
syscallarg(int) blkcnt;
} */
BLOCK_INFO *blkiov;
BLOCK_INFO_15 *blkiov15;
int i, blkcnt, error;
fsid_t fsid;
struct lfs *fs;
struct mount *mntp;
error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LFS,
KAUTH_REQ_SYSTEM_LFS_BMAPV, NULL, NULL, NULL);
if (error)
return (error);
if ((error = copyin(SCARG(uap, fsidp), &fsid, sizeof(fsid_t))) != 0)
return (error);
if ((mntp = vfs_getvfs(&fsid)) == NULL)
return (ENOENT);
fs = VFSTOULFS(mntp)->um_lfs;
blkcnt = SCARG(uap, blkcnt);
if ((size_t) blkcnt > SIZE_T_MAX / sizeof(BLOCK_INFO))
return (EINVAL);
KERNEL_LOCK(1, NULL);
blkiov = lfs_malloc(fs, blkcnt * sizeof(BLOCK_INFO), LFS_NB_BLKIOV);
blkiov15 = lfs_malloc(fs, blkcnt * sizeof(BLOCK_INFO_15), LFS_NB_BLKIOV);
if ((error = copyin(SCARG(uap, blkiov), blkiov15,
blkcnt * sizeof(BLOCK_INFO_15))) != 0)
goto out;
for (i = 0; i < blkcnt; i++) {
blkiov[i].bi_inode = blkiov15[i].bi_inode;
blkiov[i].bi_lbn = blkiov15[i].bi_lbn;
blkiov[i].bi_daddr = blkiov15[i].bi_daddr;
blkiov[i].bi_segcreate = blkiov15[i].bi_segcreate;
blkiov[i].bi_version = blkiov15[i].bi_version;
blkiov[i].bi_bp = blkiov15[i].bi_bp;
blkiov[i].bi_size = blkiov15[i].bi_size;
}
if ((error = lfs_bmapv(l->l_proc, &fsid, blkiov, blkcnt)) == 0) {
for (i = 0; i < blkcnt; i++) {
blkiov15[i].bi_inode = blkiov[i].bi_inode;
blkiov15[i].bi_lbn = blkiov[i].bi_lbn;
blkiov15[i].bi_daddr = blkiov[i].bi_daddr;
blkiov15[i].bi_segcreate = blkiov[i].bi_segcreate;
blkiov15[i].bi_version = blkiov[i].bi_version;
blkiov15[i].bi_bp = blkiov[i].bi_bp;
blkiov15[i].bi_size = blkiov[i].bi_size;
}
copyout(blkiov15, SCARG(uap, blkiov),
blkcnt * sizeof(BLOCK_INFO_15));
}
out:
lfs_free(fs, blkiov, LFS_NB_BLKIOV);
lfs_free(fs, blkiov15, LFS_NB_BLKIOV);
KERNEL_UNLOCK_ONE(NULL);
return error;
}
int
lfs_markv(struct proc *p, fsid_t *fsidp, BLOCK_INFO *blkiov,
int blkcnt)
{
BLOCK_INFO *blkp;
IFILE *ifp;
struct buf *bp;
struct inode *ip = NULL;
struct lfs *fs;
struct mount *mntp;
struct vnode *vp = NULL;
ino_t lastino;
daddr_t b_daddr, v_daddr;
int cnt, error;
int do_again = 0;
int numrefed = 0;
ino_t maxino;
size_t obsize;
/* number of blocks/inodes that we have already bwrite'ed */
int nblkwritten, ninowritten;
if ((mntp = vfs_getvfs(fsidp)) == NULL)
return (ENOENT);
fs = VFSTOULFS(mntp)->um_lfs;
if (fs->lfs_ronly)
return EROFS;
maxino = (lfs_fragstoblks(fs, VTOI(fs->lfs_ivnode)->i_ffs1_blocks) -
fs->lfs_cleansz - fs->lfs_segtabsz) * fs->lfs_ifpb;
cnt = blkcnt;
if ((error = vfs_busy(mntp, NULL)) != 0)
return (error);
/*
* This seglock is just to prevent the fact that we might have to sleep
* from allowing the possibility that our blocks might become
* invalid.
*
* It is also important to note here that unless we specify SEGM_CKP,
* any Ifile blocks that we might be asked to clean will never get
* to the disk.
*/
lfs_seglock(fs, SEGM_CLEAN | SEGM_CKP | SEGM_SYNC);
/* Mark blocks/inodes dirty. */
error = 0;
/* these were inside the initialization for the for loop */
v_daddr = LFS_UNUSED_DADDR;
lastino = LFS_UNUSED_INUM;
nblkwritten = ninowritten = 0;
for (blkp = blkiov; cnt--; ++blkp)
{
/* Bounds-check incoming data, avoid panic for failed VGET */
if (blkp->bi_inode <= 0 || blkp->bi_inode >= maxino) {
error = EINVAL;
goto err3;
}
/*
* Get the IFILE entry (only once) and see if the file still
* exists.
*/
if (lastino != blkp->bi_inode) {
/*
* Finish the old file, if there was one. The presence
* of a usable vnode in vp is signaled by a valid v_daddr.
*/
if (v_daddr != LFS_UNUSED_DADDR) {
lfs_vunref(vp);
numrefed--;
}
/*
* Start a new file
*/
lastino = blkp->bi_inode;
if (blkp->bi_inode == LFS_IFILE_INUM)
v_daddr = fs->lfs_idaddr;
else {
LFS_IENTRY(ifp, fs, blkp->bi_inode, bp);
/* XXX fix for force write */
v_daddr = ifp->if_daddr;
brelse(bp, 0);
}
if (v_daddr == LFS_UNUSED_DADDR)
continue;
/* Get the vnode/inode. */
error = lfs_fastvget(mntp, blkp->bi_inode, v_daddr,
&vp,
(blkp->bi_lbn == LFS_UNUSED_LBN
? blkp->bi_bp
: NULL));
if (!error) {
numrefed++;
}
if (error) {
DLOG((DLOG_CLEAN, "lfs_markv: lfs_fastvget"
" failed with %d (ino %d, segment %d)\n",
error, blkp->bi_inode,
lfs_dtosn(fs, blkp->bi_daddr)));
/*
* If we got EAGAIN, that means that the
* Inode was locked. This is
* recoverable: just clean the rest of
* this segment, and let the cleaner try
* again with another. (When the
* cleaner runs again, this segment will
* sort high on the list, since it is
* now almost entirely empty.) But, we
* still set v_daddr = LFS_UNUSED_ADDR
* so as not to test this over and over
* again.
*/
if (error == EAGAIN) {
error = 0;
do_again++;
}
#ifdef DIAGNOSTIC
else if (error != ENOENT)
panic("lfs_markv VFS_VGET FAILED");
#endif
/* lastino = LFS_UNUSED_INUM; */
v_daddr = LFS_UNUSED_DADDR;
vp = NULL;
ip = NULL;
continue;
}
ip = VTOI(vp);
ninowritten++;
} else if (v_daddr == LFS_UNUSED_DADDR) {
/*
* This can only happen if the vnode is dead (or
* in any case we can't get it...e.g., it is
* inlocked). Keep going.
*/
continue;
}
/* Past this point we are guaranteed that vp, ip are valid. */
/* Can't clean VU_DIROP directories in case of truncation */
/* XXX - maybe we should mark removed dirs specially? */
if (vp->v_type == VDIR && (vp->v_uflag & VU_DIROP)) {
do_again++;
continue;
}
/* If this BLOCK_INFO didn't contain a block, keep going. */
if (blkp->bi_lbn == LFS_UNUSED_LBN) {
/* XXX need to make sure that the inode gets written in this case */
/* XXX but only write the inode if it's the right one */
if (blkp->bi_inode != LFS_IFILE_INUM) {
LFS_IENTRY(ifp, fs, blkp->bi_inode, bp);
if (ifp->if_daddr == blkp->bi_daddr) {
mutex_enter(&lfs_lock);
LFS_SET_UINO(ip, IN_CLEANING);
mutex_exit(&lfs_lock);
}
brelse(bp, 0);
}
continue;
}
b_daddr = 0;
if (VOP_BMAP(vp, blkp->bi_lbn, NULL, &b_daddr, NULL) ||
LFS_DBTOFSB(fs, b_daddr) != blkp->bi_daddr)
{
if (lfs_dtosn(fs, LFS_DBTOFSB(fs, b_daddr)) ==
lfs_dtosn(fs, blkp->bi_daddr))
{
DLOG((DLOG_CLEAN, "lfs_markv: wrong da same seg: %llx vs %llx\n",
(long long)blkp->bi_daddr, (long long)LFS_DBTOFSB(fs, b_daddr)));
}
do_again++;
continue;
}
/*
* Check block sizes. The blocks being cleaned come from
* disk, so they should have the same size as their on-disk
* counterparts.
*/
if (blkp->bi_lbn >= 0)
obsize = lfs_blksize(fs, ip, blkp->bi_lbn);
else
obsize = fs->lfs_bsize;
/* Check for fragment size change */
if (blkp->bi_lbn >= 0 && blkp->bi_lbn < ULFS_NDADDR) {
obsize = ip->i_lfs_fragsize[blkp->bi_lbn];
}
if (obsize != blkp->bi_size) {
DLOG((DLOG_CLEAN, "lfs_markv: ino %d lbn %lld wrong"
" size (%ld != %d), try again\n",
blkp->bi_inode, (long long)blkp->bi_lbn,
(long) obsize, blkp->bi_size));
do_again++;
continue;
}
/*
* If we get to here, then we are keeping the block. If
* it is an indirect block, we want to actually put it
* in the buffer cache so that it can be updated in the
* finish_meta section. If it's not, we need to
* allocate a fake buffer so that writeseg can perform
* the copyin and write the buffer.
*/
if (ip->i_number != LFS_IFILE_INUM && blkp->bi_lbn >= 0) {
/* Data Block */
bp = lfs_fakebuf(fs, vp, blkp->bi_lbn,
blkp->bi_size, blkp->bi_bp);
/* Pretend we used bread() to get it */
bp->b_blkno = LFS_FSBTODB(fs, blkp->bi_daddr);
} else {
/* Indirect block or ifile */
if (blkp->bi_size != fs->lfs_bsize &&
ip->i_number != LFS_IFILE_INUM)
panic("lfs_markv: partial indirect block?"
" size=%d\n", blkp->bi_size);
bp = getblk(vp, blkp->bi_lbn, blkp->bi_size, 0, 0);
if (!(bp->b_oflags & (BO_DONE|BO_DELWRI))) {
/*
* The block in question was not found
* in the cache; i.e., the block that
* getblk() returned is empty. So, we
* can (and should) copy in the
* contents, because we've already
* determined that this was the right
* version of this block on disk.
*
* And, it can't have changed underneath
* us, because we have the segment lock.
*/
error = copyin(blkp->bi_bp, bp->b_data, blkp->bi_size);
if (error)
goto err2;
}
}
if ((error = lfs_bwrite_ext(bp, BW_CLEAN)) != 0)
goto err2;
nblkwritten++;
/*
* XXX should account indirect blocks and ifile pages as well
*/
if (nblkwritten + lfs_lblkno(fs, ninowritten * sizeof (struct ulfs1_dinode))
> LFS_MARKV_MAX_BLOCKS) {
DLOG((DLOG_CLEAN, "lfs_markv: writing %d blks %d inos\n",
nblkwritten, ninowritten));
lfs_segwrite(mntp, SEGM_CLEAN);
nblkwritten = ninowritten = 0;
}
}
/*
* Finish the old file, if there was one
*/
if (v_daddr != LFS_UNUSED_DADDR) {
lfs_vunref(vp);
numrefed--;
}
#ifdef DIAGNOSTIC
if (numrefed != 0)
panic("lfs_markv: numrefed=%d", numrefed);
#endif
DLOG((DLOG_CLEAN, "lfs_markv: writing %d blks %d inos (check point)\n",
nblkwritten, ninowritten));
/*
* The last write has to be SEGM_SYNC, because of calling semantics.
* It also has to be SEGM_CKP, because otherwise we could write
* over the newly cleaned data contained in a checkpoint, and then
* we'd be unhappy at recovery time.
*/
lfs_segwrite(mntp, SEGM_CLEAN | SEGM_CKP | SEGM_SYNC);
lfs_segunlock(fs);
vfs_unbusy(mntp, false, NULL);
if (error)
return (error);
else if (do_again)
return EAGAIN;
return 0;
err2:
DLOG((DLOG_CLEAN, "lfs_markv err2\n"));
/*
* XXX we're here because copyin() failed.
* XXX it means that we can't trust the cleanerd. too bad.
* XXX how can we recover from this?
*/
err3:
/*
* XXX should do segwrite here anyway?
*/
if (v_daddr != LFS_UNUSED_DADDR) {
lfs_vunref(vp);
--numrefed;
}
lfs_segunlock(fs);
vfs_unbusy(mntp, false, NULL);
#ifdef DIAGNOSTIC
if (numrefed != 0)
panic("lfs_markv: numrefed=%d", numrefed);
#endif
return (error);
}
int
lfs_bmapv(struct lwp *l, fsid_t *fsidp, BLOCK_INFO *blkiov, int blkcnt)
{
BLOCK_INFO *blkp;
IFILE *ifp;
struct buf *bp;
struct inode *ip = NULL;
struct lfs *fs;
struct mount *mntp;
struct ulfsmount *ump;
struct vnode *vp;
ino_t lastino;
daddr_t v_daddr;
int cnt, error;
int numrefed = 0;
error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LFS,
KAUTH_REQ_SYSTEM_LFS_BMAPV, NULL, NULL, NULL);
if (error)
return (error);
if ((mntp = vfs_getvfs(fsidp)) == NULL)
return (ENOENT);
if ((error = vfs_busy(mntp, NULL)) != 0)
return (error);
ump = VFSTOULFS(mntp);
fs = ump->um_lfs;
if (fs->lfs_cleaner_thread == NULL)
fs->lfs_cleaner_thread = curlwp;
KASSERT(fs->lfs_cleaner_thread == curlwp);
cnt = blkcnt;
error = 0;
/* these were inside the initialization for the for loop */
vp = NULL;
v_daddr = LFS_UNUSED_DADDR;
lastino = LFS_UNUSED_INUM;
for (blkp = blkiov; cnt--; ++blkp)
{
/*
* Get the IFILE entry (only once) and see if the file still
* exists.
*/
if (lastino != blkp->bi_inode) {
/*
* Finish the old file, if there was one.
*/
if (vp != NULL) {
vput(vp);
vp = NULL;
numrefed--;
}
/*
* Start a new file
*/
lastino = blkp->bi_inode;
if (blkp->bi_inode == LFS_IFILE_INUM)
v_daddr = lfs_sb_getidaddr(fs);
else {
LFS_IENTRY(ifp, fs, blkp->bi_inode, bp);
v_daddr = lfs_if_getdaddr(fs, ifp);
brelse(bp, 0);
}
if (v_daddr == LFS_UNUSED_DADDR) {
blkp->bi_daddr = LFS_UNUSED_DADDR;
continue;
}
error = lfs_fastvget(mntp, blkp->bi_inode, NULL,
LK_SHARED, &vp);
if (error) {
DLOG((DLOG_CLEAN, "lfs_bmapv: lfs_fastvget ino"
"%d failed with %d",
blkp->bi_inode,error));
KASSERT(vp == NULL);
continue;
} else {
KASSERT(VOP_ISLOCKED(vp));
numrefed++;
}
ip = VTOI(vp);
} else if (vp == NULL) {
/*
* This can only happen if the vnode is dead.
* Keep going. Note that we DO NOT set the
* bi_addr to anything -- if we failed to get
* the vnode, for example, we want to assume
* conservatively that all of its blocks *are*
* located in the segment in question.
* lfs_markv will throw them out if we are
* wrong.
*/
continue;
}
/* Past this point we are guaranteed that vp, ip are valid. */
if (blkp->bi_lbn == LFS_UNUSED_LBN) {
/*
* We just want the inode address, which is
* conveniently in v_daddr.
*/
blkp->bi_daddr = v_daddr;
} else {
daddr_t bi_daddr;
error = VOP_BMAP(vp, blkp->bi_lbn, NULL,
&bi_daddr, NULL);
if (error)
{
blkp->bi_daddr = LFS_UNUSED_DADDR;
continue;
}
blkp->bi_daddr = LFS_DBTOFSB(fs, bi_daddr);
/* Fill in the block size, too */
if (blkp->bi_lbn >= 0)
blkp->bi_size = lfs_blksize(fs, ip, blkp->bi_lbn);
else
blkp->bi_size = lfs_sb_getbsize(fs);
}
}
/*
* Finish the old file, if there was one.
*/
if (vp != NULL) {
vput(vp);
vp = NULL;
numrefed--;
}
#ifdef DIAGNOSTIC
if (numrefed != 0)
panic("lfs_bmapv: numrefed=%d", numrefed);
#endif
vfs_unbusy(mntp, false, NULL);
return 0;
}
static errno_t
fuse_vfsop_mount(mount_t mp, __unused vnode_t devvp, user_addr_t udata,
vfs_context_t context)
{
int err = 0;
int mntopts = 0;
bool mounted = false;
uint32_t drandom = 0;
uint32_t max_read = ~0;
size_t len;
fuse_device_t fdev = NULL;
struct fuse_data *data = NULL;
fuse_mount_args fusefs_args;
struct vfsstatfs *vfsstatfsp = vfs_statfs(mp);
kern_return_t kr;
thread_t init_thread;
#if M_OSXFUSE_ENABLE_BIG_LOCK
fuse_biglock_t *biglock;
#endif
fuse_trace_printf_vfsop();
if (vfs_isupdate(mp)) {
return ENOTSUP;
}
err = copyin(udata, &fusefs_args, sizeof(fusefs_args));
if (err) {
return EINVAL;
}
/*
* Interesting flags that we can receive from mount or may want to
* otherwise forcibly set include:
*
* MNT_ASYNC
* MNT_AUTOMOUNTED
* MNT_DEFWRITE
* MNT_DONTBROWSE
* MNT_IGNORE_OWNERSHIP
* MNT_JOURNALED
* MNT_NODEV
* MNT_NOEXEC
* MNT_NOSUID
* MNT_NOUSERXATTR
* MNT_RDONLY
* MNT_SYNCHRONOUS
* MNT_UNION
*/
#if M_OSXFUSE_ENABLE_UNSUPPORTED
vfs_setlocklocal(mp);
#endif /* M_OSXFUSE_ENABLE_UNSUPPORTED */
/** Option Processing. **/
if (fusefs_args.altflags & FUSE_MOPT_FSTYPENAME) {
size_t typenamelen = strlen(fusefs_args.fstypename);
if ((typenamelen <= 0) || (typenamelen > FUSE_FSTYPENAME_MAXLEN)) {
return EINVAL;
}
snprintf(vfsstatfsp->f_fstypename, MFSTYPENAMELEN, "%s%s",
OSXFUSE_FSTYPENAME_PREFIX, fusefs_args.fstypename);
}
if ((fusefs_args.daemon_timeout > FUSE_MAX_DAEMON_TIMEOUT) ||
(fusefs_args.daemon_timeout < FUSE_MIN_DAEMON_TIMEOUT)) {
return EINVAL;
}
if (fusefs_args.altflags & FUSE_MOPT_SPARSE) {
mntopts |= FSESS_SPARSE;
}
if (fusefs_args.altflags & FUSE_MOPT_SLOW_STATFS) {
mntopts |= FSESS_SLOW_STATFS;
}
if (fusefs_args.altflags & FUSE_MOPT_AUTO_CACHE) {
mntopts |= FSESS_AUTO_CACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_AUTO_XATTR) {
if (fusefs_args.altflags & FUSE_MOPT_NATIVE_XATTR) {
return EINVAL;
}
mntopts |= FSESS_AUTO_XATTR;
} else if (fusefs_args.altflags & FUSE_MOPT_NATIVE_XATTR) {
mntopts |= FSESS_NATIVE_XATTR;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_BROWSE) {
vfs_setflags(mp, MNT_DONTBROWSE);
}
if (fusefs_args.altflags & FUSE_MOPT_JAIL_SYMLINKS) {
mntopts |= FSESS_JAIL_SYMLINKS;
}
/*
* Note that unlike Linux, which keeps allow_root in user-space and
* passes allow_other in that case to the kernel, we let allow_root
* reach the kernel. The 'if' ordering is important here.
*/
if (fusefs_args.altflags & FUSE_MOPT_ALLOW_ROOT) {
int is_member = 0;
if ((kauth_cred_ismember_gid(kauth_cred_get(), fuse_admin_group,
&is_member) == 0) && is_member) {
mntopts |= FSESS_ALLOW_ROOT;
} else {
IOLog("OSXFUSE: caller not a member of OSXFUSE admin group (%d)\n",
fuse_admin_group);
return EPERM;
}
} else if (fusefs_args.altflags & FUSE_MOPT_ALLOW_OTHER) {
if (!fuse_allow_other && !fuse_vfs_context_issuser(context)) {
int is_member = 0;
if ((kauth_cred_ismember_gid(kauth_cred_get(), fuse_admin_group,
&is_member) != 0) || !is_member) {
return EPERM;
}
}
mntopts |= FSESS_ALLOW_OTHER;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_APPLEDOUBLE) {
mntopts |= FSESS_NO_APPLEDOUBLE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_APPLEXATTR) {
mntopts |= FSESS_NO_APPLEXATTR;
}
if ((fusefs_args.altflags & FUSE_MOPT_FSID) && (fusefs_args.fsid != 0)) {
fsid_t fsid;
mount_t other_mp;
uint32_t target_dev;
target_dev = FUSE_MAKEDEV(FUSE_CUSTOM_FSID_DEVICE_MAJOR,
fusefs_args.fsid);
fsid.val[0] = target_dev;
fsid.val[1] = FUSE_CUSTOM_FSID_VAL1;
other_mp = vfs_getvfs(&fsid);
if (other_mp != NULL) {
return EPERM;
}
vfsstatfsp->f_fsid.val[0] = target_dev;
vfsstatfsp->f_fsid.val[1] = FUSE_CUSTOM_FSID_VAL1;
} else {
vfs_getnewfsid(mp);
}
if (fusefs_args.altflags & FUSE_MOPT_NO_LOCALCACHES) {
mntopts |= FSESS_NO_ATTRCACHE;
mntopts |= FSESS_NO_READAHEAD;
mntopts |= FSESS_NO_UBC;
mntopts |= FSESS_NO_VNCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_ATTRCACHE) {
mntopts |= FSESS_NO_ATTRCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_READAHEAD) {
mntopts |= FSESS_NO_READAHEAD;
}
if (fusefs_args.altflags & (FUSE_MOPT_NO_UBC | FUSE_MOPT_DIRECT_IO)) {
mntopts |= FSESS_NO_UBC;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_VNCACHE) {
mntopts |= FSESS_NO_VNCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NEGATIVE_VNCACHE) {
if (mntopts & FSESS_NO_VNCACHE) {
return EINVAL;
}
mntopts |= FSESS_NEGATIVE_VNCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_SYNCWRITES) {
/* Cannot mix 'nosyncwrites' with 'noubc' or 'noreadahead'. */
if (mntopts & (FSESS_NO_READAHEAD | FSESS_NO_UBC)) {
return EINVAL;
}
mntopts |= FSESS_NO_SYNCWRITES;
vfs_clearflags(mp, MNT_SYNCHRONOUS);
vfs_setflags(mp, MNT_ASYNC);
/* We check for this only if we have nosyncwrites in the first place. */
if (fusefs_args.altflags & FUSE_MOPT_NO_SYNCONCLOSE) {
mntopts |= FSESS_NO_SYNCONCLOSE;
}
} else {
vfs_clearflags(mp, MNT_ASYNC);
vfs_setflags(mp, MNT_SYNCHRONOUS);
}
if (mntopts & FSESS_NO_UBC) {
/* If no buffer cache, disallow exec from file system. */
vfs_setflags(mp, MNT_NOEXEC);
}
vfs_setauthopaque(mp);
vfs_setauthopaqueaccess(mp);
if ((fusefs_args.altflags & FUSE_MOPT_DEFAULT_PERMISSIONS) &&
(fusefs_args.altflags & FUSE_MOPT_DEFER_PERMISSIONS)) {
return EINVAL;
}
if (fusefs_args.altflags & FUSE_MOPT_DEFAULT_PERMISSIONS) {
mntopts |= FSESS_DEFAULT_PERMISSIONS;
vfs_clearauthopaque(mp);
}
if (fusefs_args.altflags & FUSE_MOPT_DEFER_PERMISSIONS) {
mntopts |= FSESS_DEFER_PERMISSIONS;
}
if (fusefs_args.altflags & FUSE_MOPT_EXTENDED_SECURITY) {
mntopts |= FSESS_EXTENDED_SECURITY;
vfs_setextendedsecurity(mp);
}
if (fusefs_args.altflags & FUSE_MOPT_LOCALVOL) {
mntopts |= FSESS_LOCALVOL;
vfs_setflags(mp, MNT_LOCAL);
}
/* done checking incoming option bits */
err = 0;
vfs_setfsprivate(mp, NULL);
fdev = fuse_device_get(fusefs_args.rdev);
if (!fdev) {
return EINVAL;
}
fuse_device_lock(fdev);
drandom = fuse_device_get_random(fdev);
if (fusefs_args.random != drandom) {
fuse_device_unlock(fdev);
IOLog("OSXFUSE: failing mount because of mismatched random\n");
return EINVAL;
}
data = fuse_device_get_mpdata(fdev);
if (!data) {
fuse_device_unlock(fdev);
return ENXIO;
}
#if M_OSXFUSE_ENABLE_BIG_LOCK
biglock = data->biglock;
fuse_biglock_lock(biglock);
#endif
if (data->mount_state != FM_NOTMOUNTED) {
#if M_OSXFUSE_ENABLE_BIG_LOCK
fuse_biglock_unlock(biglock);
#endif
fuse_device_unlock(fdev);
return EALREADY;
}
if (!(data->dataflags & FSESS_OPENED)) {
fuse_device_unlock(fdev);
err = ENXIO;
goto out;
}
data->mount_state = FM_MOUNTED;
OSAddAtomic(1, (SInt32 *)&fuse_mount_count);
mounted = true;
if (fdata_dead_get(data)) {
fuse_device_unlock(fdev);
err = ENOTCONN;
goto out;
}
if (!data->daemoncred) {
panic("OSXFUSE: daemon found but identity unknown");
}
if (fuse_vfs_context_issuser(context) &&
kauth_cred_getuid(vfs_context_ucred(context)) != kauth_cred_getuid(data->daemoncred)) {
fuse_device_unlock(fdev);
err = EPERM;
goto out;
}
data->mp = mp;
data->fdev = fdev;
data->dataflags |= mntopts;
data->daemon_timeout.tv_sec = fusefs_args.daemon_timeout;
data->daemon_timeout.tv_nsec = 0;
if (data->daemon_timeout.tv_sec) {
data->daemon_timeout_p = &(data->daemon_timeout);
} else {
data->daemon_timeout_p = (struct timespec *)0;
}
data->max_read = max_read;
data->fssubtype = fusefs_args.fssubtype;
data->mountaltflags = fusefs_args.altflags;
data->noimplflags = (uint64_t)0;
data->blocksize = fuse_round_size(fusefs_args.blocksize,
FUSE_MIN_BLOCKSIZE, FUSE_MAX_BLOCKSIZE);
data->iosize = fuse_round_size(fusefs_args.iosize,
FUSE_MIN_IOSIZE, FUSE_MAX_IOSIZE);
if (data->iosize < data->blocksize) {
data->iosize = data->blocksize;
}
data->userkernel_bufsize = FUSE_DEFAULT_USERKERNEL_BUFSIZE;
copystr(fusefs_args.fsname, vfsstatfsp->f_mntfromname,
MNAMELEN - 1, &len);
bzero(vfsstatfsp->f_mntfromname + len, MNAMELEN - len);
copystr(fusefs_args.volname, data->volname, MAXPATHLEN - 1, &len);
bzero(data->volname + len, MAXPATHLEN - len);
/* previous location of vfs_setioattr() */
vfs_setfsprivate(mp, data);
fuse_device_unlock(fdev);
/* Send a handshake message to the daemon. */
kr = kernel_thread_start(fuse_internal_init, data, &init_thread);
if (kr != KERN_SUCCESS) {
IOLog("OSXFUSE: could not start init thread\n");
err = ENOTCONN;
} else {
thread_deallocate(init_thread);
}
out:
if (err) {
vfs_setfsprivate(mp, NULL);
fuse_device_lock(fdev);
data = fuse_device_get_mpdata(fdev); /* again */
if (mounted) {
OSAddAtomic(-1, (SInt32 *)&fuse_mount_count);
}
if (data) {
data->mount_state = FM_NOTMOUNTED;
if (!(data->dataflags & FSESS_OPENED)) {
#if M_OSXFUSE_ENABLE_BIG_LOCK
assert(biglock == data->biglock);
fuse_biglock_unlock(biglock);
#endif
fuse_device_close_final(fdev);
/* data is gone now */
}
}
fuse_device_unlock(fdev);
} else {
vnode_t fuse_rootvp = NULLVP;
err = fuse_vfsop_root(mp, &fuse_rootvp, context);
if (err) {
goto out; /* go back and follow error path */
}
err = vnode_ref(fuse_rootvp);
#if M_OSXFUSE_ENABLE_BIG_LOCK
/*
* Even though fuse_rootvp will not be reclaimed when calling vnode_put
* because we incremented its usecount by calling vnode_ref release
* biglock just to be safe.
*/
fuse_biglock_unlock(biglock);
#endif /* M_OSXFUSE_ENABLE_BIG_LOCK */
(void)vnode_put(fuse_rootvp);
#if M_OSXFUSE_ENABLE_BIG_LOCK
fuse_biglock_lock(biglock);
#endif
if (err) {
goto out; /* go back and follow error path */
} else {
struct vfsioattr ioattr;
vfs_ioattr(mp, &ioattr);
ioattr.io_maxreadcnt = ioattr.io_maxwritecnt = data->iosize;
ioattr.io_segreadcnt = ioattr.io_segwritecnt = data->iosize / PAGE_SIZE;
ioattr.io_maxsegreadsize = ioattr.io_maxsegwritesize = data->iosize;
ioattr.io_devblocksize = data->blocksize;
vfs_setioattr(mp, &ioattr);
}
}
#if M_OSXFUSE_ENABLE_BIG_LOCK
fuse_device_lock(fdev);
data = fuse_device_get_mpdata(fdev); /* ...and again */
if(data) {
assert(data->biglock == biglock);
fuse_biglock_unlock(biglock);
}
fuse_device_unlock(fdev);
#endif
return err;
}
