static int
fuse_vfsop_mount(struct mount *mp)
{
int err;
uint64_t mntopts, __mntopts;
int max_read_set;
uint32_t max_read;
int daemon_timeout;
int fd;
size_t len;
struct cdev *fdev;
struct fuse_data *data;
struct thread *td;
struct file *fp, *fptmp;
char *fspec, *subtype;
struct vfsoptlist *opts;
subtype = NULL;
max_read_set = 0;
max_read = ~0;
err = 0;
mntopts = 0;
__mntopts = 0;
td = curthread;
fuse_trace_printf_vfsop();
if (mp->mnt_flag & MNT_UPDATE)
return EOPNOTSUPP;
mp->mnt_flag |= MNT_SYNCHRONOUS;
mp->mnt_data = NULL;
/* Get the new options passed to mount */
opts = mp->mnt_optnew;
if (!opts)
return EINVAL;
/* `fspath' contains the mount point (eg. /mnt/fuse/sshfs); REQUIRED */
if (!vfs_getopts(opts, "fspath", &err))
return err;
/* `from' contains the device name (eg. /dev/fuse0); REQUIRED */
fspec = vfs_getopts(opts, "from", &err);
if (!fspec)
return err;
/* `fd' contains the filedescriptor for this session; REQUIRED */
if (vfs_scanopt(opts, "fd", "%d", &fd) != 1)
return EINVAL;
err = fuse_getdevice(fspec, td, &fdev);
if (err != 0)
return err;
/*
* With the help of underscored options the mount program
* can inform us from the flags it sets by default
*/
FUSE_FLAGOPT(allow_other, FSESS_DAEMON_CAN_SPY);
FUSE_FLAGOPT(push_symlinks_in, FSESS_PUSH_SYMLINKS_IN);
FUSE_FLAGOPT(default_permissions, FSESS_DEFAULT_PERMISSIONS);
FUSE_FLAGOPT(no_attrcache, FSESS_NO_ATTRCACHE);
FUSE_FLAGOPT(no_readahed, FSESS_NO_READAHEAD);
FUSE_FLAGOPT(no_datacache, FSESS_NO_DATACACHE);
FUSE_FLAGOPT(no_namecache, FSESS_NO_NAMECACHE);
FUSE_FLAGOPT(no_mmap, FSESS_NO_MMAP);
FUSE_FLAGOPT(brokenio, FSESS_BROKENIO);
if (vfs_scanopt(opts, "max_read=", "%u", &max_read) == 1)
max_read_set = 1;
if (vfs_scanopt(opts, "timeout=", "%u", &daemon_timeout) == 1) {
if (daemon_timeout < FUSE_MIN_DAEMON_TIMEOUT)
daemon_timeout = FUSE_MIN_DAEMON_TIMEOUT;
else if (daemon_timeout > FUSE_MAX_DAEMON_TIMEOUT)
daemon_timeout = FUSE_MAX_DAEMON_TIMEOUT;
} else {
daemon_timeout = FUSE_DEFAULT_DAEMON_TIMEOUT;
}
subtype = vfs_getopts(opts, "subtype=", &err);
FS_DEBUG2G("mntopts 0x%jx\n", (uintmax_t)mntopts);
err = fget(td, fd, CAP_READ, &fp);
if (err != 0) {
FS_DEBUG("invalid or not opened device: data=%p\n", data);
goto out;
}
fptmp = td->td_fpop;
td->td_fpop = fp;
err = devfs_get_cdevpriv((void **)&data);
td->td_fpop = fptmp;
fdrop(fp, td);
FUSE_LOCK();
if (err != 0 || data == NULL || data->mp != NULL) {
FS_DEBUG("invalid or not opened device: data=%p data.mp=%p\n",
data, data != NULL ? data->mp : NULL);
err = ENXIO;
FUSE_UNLOCK();
goto out;
}
if (fdata_get_dead(data)) {
FS_DEBUG("device is dead during mount: data=%p\n", data);
err = ENOTCONN;
FUSE_UNLOCK();
goto out;
}
/* Sanity + permission checks */
if (!data->daemoncred)
panic("fuse daemon found, but identity unknown");
if (mntopts & FSESS_DAEMON_CAN_SPY)
err = priv_check(td, PRIV_VFS_FUSE_ALLOWOTHER);
if (err == 0 && td->td_ucred->cr_uid != data->daemoncred->cr_uid)
/* are we allowed to do the first mount? */
err = priv_check(td, PRIV_VFS_FUSE_MOUNT_NONUSER);
if (err) {
FUSE_UNLOCK();
goto out;
}
/* We need this here as this slot is used by getnewvnode() */
mp->mnt_stat.f_iosize = PAGE_SIZE;
mp->mnt_data = data;
data->ref++;
data->mp = mp;
data->dataflags |= mntopts;
data->max_read = max_read;
data->daemon_timeout = daemon_timeout;
#ifdef XXXIP
if (!priv_check(td, PRIV_VFS_FUSE_SYNC_UNMOUNT))
data->dataflags |= FSESS_CAN_SYNC_UNMOUNT;
#endif
FUSE_UNLOCK();
vfs_getnewfsid(mp);
mp->mnt_flag |= MNT_LOCAL;
mp->mnt_kern_flag |= MNTK_MPSAFE;
if (subtype) {
strlcat(mp->mnt_stat.f_fstypename, ".", MFSNAMELEN);
strlcat(mp->mnt_stat.f_fstypename, subtype, MFSNAMELEN);
}
copystr(fspec, mp->mnt_stat.f_mntfromname, MNAMELEN - 1, &len);
bzero(mp->mnt_stat.f_mntfromname + len, MNAMELEN - len);
FS_DEBUG2G("mp %p: %s\n", mp, mp->mnt_stat.f_mntfromname);
/* Now handshaking with daemon */
fuse_internal_send_init(data, td);
out:
if (err) {
FUSE_LOCK();
if (data->mp == mp) {
/*
* Destroy device only if we acquired reference to
* it
*/
FS_DEBUG("mount failed, destroy device: data=%p mp=%p"
" err=%d\n",
data, mp, err);
data->mp = NULL;
fdata_trydestroy(data);
}
FUSE_UNLOCK();
dev_rel(fdev);
}
return err;
}
static errno_t
fuse_vfsop_mount(mount_t mp, __unused vnode_t devvp, user_addr_t udata,
vfs_context_t context)
{
int err = 0;
int mntopts = 0;
int mounted = 0;
uint32_t drandom = 0;
uint32_t max_read = ~0;
size_t len;
fuse_device_t fdev = FUSE_DEVICE_NULL;
struct fuse_data *data = NULL;
fuse_mount_args fusefs_args;
struct vfsstatfs *vfsstatfsp = vfs_statfs(mp);
fuse_trace_printf_vfsop();
if (vfs_isupdate(mp)) {
return ENOTSUP;
}
err = copyin(udata, &fusefs_args, sizeof(fusefs_args));
if (err) {
return EINVAL;
}
/*
* Interesting flags that we can receive from mount or may want to
* otherwise forcibly set include:
*
* MNT_ASYNC
* MNT_AUTOMOUNTED
* MNT_DEFWRITE
* MNT_DONTBROWSE
* MNT_IGNORE_OWNERSHIP
* MNT_JOURNALED
* MNT_NODEV
* MNT_NOEXEC
* MNT_NOSUID
* MNT_NOUSERXATTR
* MNT_RDONLY
* MNT_SYNCHRONOUS
* MNT_UNION
*/
err = ENOTSUP;
vfs_setlocklocal(mp);
/** Option Processing. **/
if (fusefs_args.altflags & FUSE_MOPT_FSTYPENAME) {
size_t typenamelen = strlen(fusefs_args.fstypename);
if ((typenamelen <= 0) || (typenamelen > FUSE_FSTYPENAME_MAXLEN)) {
return EINVAL;
}
snprintf(vfsstatfsp->f_fstypename, MFSTYPENAMELEN, "%s%s",
FUSE_FSTYPENAME_PREFIX, fusefs_args.fstypename);
}
if ((fusefs_args.daemon_timeout > FUSE_MAX_DAEMON_TIMEOUT) ||
(fusefs_args.daemon_timeout < FUSE_MIN_DAEMON_TIMEOUT)) {
return EINVAL;
}
if ((fusefs_args.init_timeout > FUSE_MAX_INIT_TIMEOUT) ||
(fusefs_args.init_timeout < FUSE_MIN_INIT_TIMEOUT)) {
return EINVAL;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_ALERTS) {
mntopts |= FSESS_NO_ALERTS;
}
if (fusefs_args.altflags & FUSE_MOPT_AUTO_CACHE) {
mntopts |= FSESS_AUTO_CACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_SPARSE) {
mntopts |= FSESS_SPARSE;
}
if (fusefs_args.altflags & FUSE_MOPT_AUTO_XATTR) {
mntopts |= FSESS_AUTO_XATTR;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_BROWSE) {
vfs_setflags(mp, MNT_DONTBROWSE);
}
if (fusefs_args.altflags & FUSE_MOPT_JAIL_SYMLINKS) {
mntopts |= FSESS_JAIL_SYMLINKS;
}
/*
* Note that unlike Linux, which keeps allow_root in user-space and
* passes allow_other in that case to the kernel, we let allow_root
* reach the kernel. The 'if' ordering is important here.
*/
if (fusefs_args.altflags & FUSE_MOPT_ALLOW_ROOT) {
int is_member = 0;
if ((kauth_cred_ismember_gid(kauth_cred_get(), fuse_admin_group,
&is_member) == 0) && is_member) {
mntopts |= FSESS_ALLOW_ROOT;
} else {
IOLog("MacFUSE: caller not a member of MacFUSE admin group (%d)\n",
fuse_admin_group);
return EPERM;
}
} else if (fusefs_args.altflags & FUSE_MOPT_ALLOW_OTHER) {
if (!fuse_allow_other && !fuse_vfs_context_issuser(context)) {
int is_member = 0;
if ((kauth_cred_ismember_gid(kauth_cred_get(), fuse_admin_group,
&is_member) != 0) || !is_member) {
return EPERM;
}
}
mntopts |= FSESS_ALLOW_OTHER;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_APPLEDOUBLE) {
mntopts |= FSESS_NO_APPLEDOUBLE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_APPLEXATTR) {
mntopts |= FSESS_NO_APPLEXATTR;
}
if ((fusefs_args.altflags & FUSE_MOPT_FSID) && (fusefs_args.fsid != 0)) {
fsid_t fsid;
mount_t other_mp;
uint32_t target_dev;
target_dev = FUSE_MAKEDEV(FUSE_CUSTOM_FSID_DEVICE_MAJOR,
fusefs_args.fsid);
fsid.val[0] = target_dev;
fsid.val[1] = FUSE_CUSTOM_FSID_VAL1;
other_mp = vfs_getvfs(&fsid);
if (other_mp != NULL) {
return EPERM;
}
vfsstatfsp->f_fsid.val[0] = target_dev;
vfsstatfsp->f_fsid.val[1] = FUSE_CUSTOM_FSID_VAL1;
} else {
vfs_getnewfsid(mp);
}
if (fusefs_args.altflags & FUSE_MOPT_KILL_ON_UNMOUNT) {
mntopts |= FSESS_KILL_ON_UNMOUNT;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_LOCALCACHES) {
mntopts |= FSESS_NO_ATTRCACHE;
mntopts |= FSESS_NO_READAHEAD;
mntopts |= FSESS_NO_UBC;
mntopts |= FSESS_NO_VNCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_ATTRCACHE) {
mntopts |= FSESS_NO_ATTRCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_READAHEAD) {
mntopts |= FSESS_NO_READAHEAD;
}
if (fusefs_args.altflags & (FUSE_MOPT_NO_UBC | FUSE_MOPT_DIRECT_IO)) {
mntopts |= FSESS_NO_UBC;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_VNCACHE) {
mntopts |= FSESS_NO_VNCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NEGATIVE_VNCACHE) {
if (mntopts & FSESS_NO_VNCACHE) {
return EINVAL;
}
mntopts |= FSESS_NEGATIVE_VNCACHE;
}
if (fusefs_args.altflags & FUSE_MOPT_NO_SYNCWRITES) {
/* Cannot mix 'nosyncwrites' with 'noubc' or 'noreadahead'. */
if (mntopts & (FSESS_NO_READAHEAD | FSESS_NO_UBC)) {
return EINVAL;
}
mntopts |= FSESS_NO_SYNCWRITES;
vfs_clearflags(mp, MNT_SYNCHRONOUS);
vfs_setflags(mp, MNT_ASYNC);
/* We check for this only if we have nosyncwrites in the first place. */
if (fusefs_args.altflags & FUSE_MOPT_NO_SYNCONCLOSE) {
mntopts |= FSESS_NO_SYNCONCLOSE;
}
} else {
vfs_clearflags(mp, MNT_ASYNC);
vfs_setflags(mp, MNT_SYNCHRONOUS);
}
if (mntopts & FSESS_NO_UBC) {
/* If no buffer cache, disallow exec from file system. */
vfs_setflags(mp, MNT_NOEXEC);
}
vfs_setauthopaque(mp);
vfs_setauthopaqueaccess(mp);
if ((fusefs_args.altflags & FUSE_MOPT_DEFAULT_PERMISSIONS) &&
(fusefs_args.altflags & FUSE_MOPT_DEFER_PERMISSIONS)) {
return EINVAL;
}
if (fusefs_args.altflags & FUSE_MOPT_DEFAULT_PERMISSIONS) {
mntopts |= FSESS_DEFAULT_PERMISSIONS;
vfs_clearauthopaque(mp);
}
if (fusefs_args.altflags & FUSE_MOPT_DEFER_PERMISSIONS) {
mntopts |= FSESS_DEFER_PERMISSIONS;
}
if (fusefs_args.altflags & FUSE_MOPT_EXTENDED_SECURITY) {
mntopts |= FSESS_EXTENDED_SECURITY;
vfs_setextendedsecurity(mp);
}
if (fusefs_args.altflags & FUSE_MOPT_LOCALVOL) {
mntopts |= FSESS_LOCALVOL;
vfs_setflags(mp, MNT_LOCAL);
}
/* done checking incoming option bits */
err = 0;
vfs_setfsprivate(mp, NULL);
fdev = fuse_device_get(fusefs_args.rdev);
if (!fdev) {
return EINVAL;
}
fuse_device_lock(fdev);
drandom = fuse_device_get_random(fdev);
if (fusefs_args.random != drandom) {
fuse_device_unlock(fdev);
IOLog("MacFUSE: failing mount because of mismatched random\n");
return EINVAL;
}
data = fuse_device_get_mpdata(fdev);
if (!data) {
fuse_device_unlock(fdev);
return ENXIO;
}
if (data->mount_state != FM_NOTMOUNTED) {
fuse_device_unlock(fdev);
return EALREADY;
}
if (!(data->dataflags & FSESS_OPENED)) {
fuse_device_unlock(fdev);
err = ENXIO;
goto out;
}
data->mount_state = FM_MOUNTED;
OSAddAtomic(1, (SInt32 *)&fuse_mount_count);
mounted = 1;
if (fdata_dead_get(data)) {
fuse_device_unlock(fdev);
err = ENOTCONN;
goto out;
}
if (!data->daemoncred) {
panic("MacFUSE: daemon found but identity unknown");
}
if (fuse_vfs_context_issuser(context) &&
vfs_context_ucred(context)->cr_uid != data->daemoncred->cr_uid) {
fuse_device_unlock(fdev);
err = EPERM;
goto out;
}
data->mp = mp;
data->fdev = fdev;
data->dataflags |= mntopts;
data->daemon_timeout.tv_sec = fusefs_args.daemon_timeout;
data->daemon_timeout.tv_nsec = 0;
if (data->daemon_timeout.tv_sec) {
data->daemon_timeout_p = &(data->daemon_timeout);
} else {
data->daemon_timeout_p = (struct timespec *)0;
}
data->init_timeout.tv_sec = fusefs_args.init_timeout;
data->init_timeout.tv_nsec = 0;
data->max_read = max_read;
data->fssubtype = fusefs_args.fssubtype;
data->mountaltflags = fusefs_args.altflags;
data->noimplflags = (uint64_t)0;
data->blocksize = fuse_round_size(fusefs_args.blocksize,
FUSE_MIN_BLOCKSIZE, FUSE_MAX_BLOCKSIZE);
data->iosize = fuse_round_size(fusefs_args.iosize,
FUSE_MIN_IOSIZE, FUSE_MAX_IOSIZE);
if (data->iosize < data->blocksize) {
data->iosize = data->blocksize;
}
data->userkernel_bufsize = FUSE_DEFAULT_USERKERNEL_BUFSIZE;
copystr(fusefs_args.fsname, vfsstatfsp->f_mntfromname,
MNAMELEN - 1, &len);
bzero(vfsstatfsp->f_mntfromname + len, MNAMELEN - len);
copystr(fusefs_args.volname, data->volname, MAXPATHLEN - 1, &len);
bzero(data->volname + len, MAXPATHLEN - len);
/* previous location of vfs_setioattr() */
vfs_setfsprivate(mp, data);
fuse_device_unlock(fdev);
/* Handshake with the daemon. Blocking. */
err = fuse_internal_send_init(data, context);
if (!err) {
struct vfs_attr vfs_attr;
VFSATTR_INIT(&vfs_attr);
/* Our vfs_getattr() doesn't look at most *_IS_ACTIVE()'s */
err = fuse_vfsop_getattr(mp, &vfs_attr, context);
if (!err) {
vfsstatfsp->f_bsize = vfs_attr.f_bsize;
vfsstatfsp->f_iosize = vfs_attr.f_iosize;
vfsstatfsp->f_blocks = vfs_attr.f_blocks;
vfsstatfsp->f_bfree = vfs_attr.f_bfree;
vfsstatfsp->f_bavail = vfs_attr.f_bavail;
vfsstatfsp->f_bused = vfs_attr.f_bused;
vfsstatfsp->f_files = vfs_attr.f_files;
vfsstatfsp->f_ffree = vfs_attr.f_ffree;
/* vfsstatfsp->f_fsid already handled above */
vfsstatfsp->f_owner = data->daemoncred->cr_uid;
vfsstatfsp->f_flags = vfs_flags(mp);
/* vfsstatfsp->f_fstypename already handled above */
/* vfsstatfsp->f_mntonname handled elsewhere */
/* vfsstatfsp->f_mnfromname already handled above */
vfsstatfsp->f_fssubtype = data->fssubtype;
}
if (fusefs_args.altflags & FUSE_MOPT_BLOCKSIZE) {
vfsstatfsp->f_bsize = data->blocksize;
} else {
//data->blocksize = vfsstatfsp->f_bsize;
}
if (fusefs_args.altflags & FUSE_MOPT_IOSIZE) {
vfsstatfsp->f_iosize = data->iosize;
} else {
//data->iosize = (uint32_t)vfsstatfsp->f_iosize;
vfsstatfsp->f_iosize = data->iosize;
}
}
out:
if (err) {
vfs_setfsprivate(mp, NULL);
fuse_device_lock(fdev);
data = fuse_device_get_mpdata(fdev); /* again */
if (mounted) {
OSAddAtomic(-1, (SInt32 *)&fuse_mount_count);
}
if (data) {
data->mount_state = FM_NOTMOUNTED;
if (!(data->dataflags & FSESS_OPENED)) {
fuse_device_close_final(fdev);
/* data is gone now */
}
}
fuse_device_unlock(fdev);
} else {
vnode_t fuse_rootvp = NULLVP;
err = fuse_vfsop_root(mp, &fuse_rootvp, context);
if (err) {
goto out; /* go back and follow error path */
}
err = vnode_ref(fuse_rootvp);
(void)vnode_put(fuse_rootvp);
if (err) {
goto out; /* go back and follow error path */
} else {
struct vfsioattr ioattr;
vfs_ioattr(mp, &ioattr);
ioattr.io_devblocksize = data->blocksize;
vfs_setioattr(mp, &ioattr);
}
}
return err;
}
