/*
* Perform chown operation on inode ip;
* inode must be locked prior to call.
*/
static int
ext2fs_chown(struct vnode *vp, uid_t uid, gid_t gid, kauth_cred_t cred,
struct lwp *l)
{
struct inode *ip = VTOI(vp);
uid_t ouid;
gid_t ogid;
int error;
if (uid == (uid_t)VNOVAL)
uid = ip->i_uid;
if (gid == (gid_t)VNOVAL)
gid = ip->i_gid;
error = kauth_authorize_vnode(cred, KAUTH_VNODE_CHANGE_OWNERSHIP, vp,
NULL, genfs_can_chown(cred, ip->i_uid, ip->i_gid, uid, gid));
if (error)
return (error);
ogid = ip->i_gid;
ouid = ip->i_uid;
ip->i_e2fs_gid = gid & 0xffff;
ip->i_e2fs_uid = uid & 0xffff;
if (ip->i_e2fs->e2fs.e2fs_rev > E2FS_REV0) {
ip->i_e2fs_gid_high = (gid >> 16) & 0xffff;
ip->i_e2fs_uid_high = (uid >> 16) & 0xffff;
} else {
/*
* Perform chown operation on inode ip;
* inode must be locked prior to call.
*/
static int
ufs_chown(struct vnode *vp, uid_t uid, gid_t gid, kauth_cred_t cred,
struct lwp *l)
{
struct inode *ip;
int error = 0;
#if defined(QUOTA) || defined(QUOTA2)
uid_t ouid;
gid_t ogid;
int64_t change;
#endif
ip = VTOI(vp);
error = 0;
if (uid == (uid_t)VNOVAL)
uid = ip->i_uid;
if (gid == (gid_t)VNOVAL)
gid = ip->i_gid;
error = kauth_authorize_vnode(cred, KAUTH_VNODE_CHANGE_OWNERSHIP, vp,
NULL, genfs_can_chown(cred, ip->i_uid, ip->i_gid, uid, gid));
if (error)
return (error);
fstrans_start(vp->v_mount, FSTRANS_SHARED);
#if defined(QUOTA) || defined(QUOTA2)
ogid = ip->i_gid;
ouid = ip->i_uid;
change = DIP(ip, blocks);
(void) chkdq(ip, -change, cred, 0);
(void) chkiq(ip, -1, cred, 0);
#endif
ip->i_gid = gid;
DIP_ASSIGN(ip, gid, gid);
ip->i_uid = uid;
DIP_ASSIGN(ip, uid, uid);
#if defined(QUOTA) || defined(QUOTA2)
if ((error = chkdq(ip, change, cred, 0)) == 0) {
if ((error = chkiq(ip, 1, cred, 0)) == 0)
goto good;
else
(void) chkdq(ip, -change, cred, FORCE);
}
ip->i_gid = ogid;
DIP_ASSIGN(ip, gid, ogid);
ip->i_uid = ouid;
DIP_ASSIGN(ip, uid, ouid);
(void) chkdq(ip, change, cred, FORCE);
(void) chkiq(ip, 1, cred, FORCE);
fstrans_done(vp->v_mount);
return (error);
good:
#endif /* QUOTA || QUOTA2 */
ip->i_flag |= IN_CHANGE;
UFS_WAPBL_UPDATE(vp, NULL, NULL, 0);
fstrans_done(vp->v_mount);
return (0);
}
static int
ufs_check_permitted(struct vnode *vp, struct inode *ip, mode_t mode,
kauth_cred_t cred)
{
return kauth_authorize_vnode(cred, KAUTH_ACCESS_ACTION(mode, vp->v_type,
ip->i_mode & ALLPERMS), vp, NULL, genfs_can_access(vp->v_type,
ip->i_mode & ALLPERMS, ip->i_uid, ip->i_gid, mode, cred));
}
static int
ext2fs_check_permitted(struct vnode *vp, struct inode *ip, mode_t mode,
kauth_cred_t cred)
{
return kauth_authorize_vnode(cred, kauth_access_action(mode, vp->v_type,
ip->i_e2fs_mode & ALLPERMS), vp, NULL, genfs_can_access(vp->v_type,
ip->i_e2fs_mode & ALLPERMS, ip->i_uid, ip->i_gid, mode, cred));
}
static int
adosfs_check_permitted(struct vnode *vp, struct anode *ap, mode_t mode,
kauth_cred_t cred)
{
mode_t file_mode = adunixprot(ap->adprot) & ap->amp->mask;
return kauth_authorize_vnode(cred, KAUTH_ACCESS_ACTION(mode,
vp->v_type, file_mode), vp, NULL, genfs_can_access(vp->v_type,
file_mode, ap->uid, ap->gid, mode, cred));
}
static int
sysvbfs_check_permitted(struct vnode *vp, struct sysvbfs_node *bnode,
mode_t mode, kauth_cred_t cred)
{
struct bfs_fileattr *attr = &bnode->inode->attr;
return kauth_authorize_vnode(cred, KAUTH_ACCESS_ACTION(mode,
vp->v_type, attr->mode), vp, NULL, genfs_can_access(vp->v_type,
attr->mode, attr->uid, attr->gid, mode, cred));
}
/*
* Check mode permission on inode pointer. Mode is READ, WRITE or EXEC.
* The mode is shifted to select the owner/group/other fields. The
* super user is granted all permissions.
*/
static int
filecore_check_permitted(struct vnode *vp, struct filecore_node *ip,
mode_t mode, kauth_cred_t cred)
{
struct filecore_mnt *fcmp = ip->i_mnt;
return kauth_authorize_vnode(cred, KAUTH_ACCESS_ACTION(mode,
vp->v_type, filecore_mode(ip)), vp, NULL,
genfs_can_access(vp->v_type, filecore_mode(ip), fcmp->fc_uid,
fcmp->fc_gid, mode, cred));
}
static int
v7fs_check_permitted(struct vnode *vp, struct v7fs_node *v7node,
mode_t mode, kauth_cred_t cred)
{
struct v7fs_inode *inode = &v7node->inode;
return kauth_authorize_vnode(cred, KAUTH_ACCESS_ACTION(mode,
vp->v_type, inode->mode), vp, NULL, genfs_can_access(vp->v_type,
inode->mode, inode->uid, inode->gid, mode, cred));
}
static int
smbfs_check_permitted(struct vnode *vp, struct smbnode *np, mode_t mode,
kauth_cred_t cred)
{
struct smbmount *smp = VTOSMBFS(vp);
mode_t file_mode = (vp->v_type == VDIR) ? smp->sm_args.dir_mode :
smp->sm_args.file_mode;
return kauth_authorize_vnode(cred, KAUTH_ACCESS_ACTION(mode,
vp->v_type, file_mode), vp, NULL, genfs_can_access(vp->v_type,
file_mode, smp->sm_args.uid, smp->sm_args.gid, mode, cred));
}
static int
ntfs_check_permitted(struct vnode *vp, struct ntnode *ip, mode_t mode,
kauth_cred_t cred)
{
mode_t file_mode;
file_mode = ip->i_mp->ntm_mode | (S_IXUSR|S_IXGRP|S_IXOTH);
return kauth_authorize_vnode(cred, KAUTH_ACCESS_ACTION(mode, vp->v_type,
file_mode), vp, NULL, genfs_can_access(vp->v_type, file_mode,
ip->i_mp->ntm_uid, ip->i_mp->ntm_gid, mode, cred));
}
/*
* Change the mode on a file.
* Inode must be locked before calling.
*/
static int
ptyfs_chmod(struct vnode *vp, mode_t mode, kauth_cred_t cred, struct lwp *l)
{
struct ptyfsnode *ptyfs = VTOPTYFS(vp);
int error;
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_SECURITY, vp,
NULL, genfs_can_chmod(vp->v_type, cred, ptyfs->ptyfs_uid,
ptyfs->ptyfs_gid, mode));
if (error)
return (error);
ptyfs->ptyfs_mode &= ~ALLPERMS;
ptyfs->ptyfs_mode |= (mode & ALLPERMS);
return 0;
}
/*
* Change the mode on a file.
* Inode must be locked before calling.
*/
static int
ext2fs_chmod(struct vnode *vp, int mode, kauth_cred_t cred, struct lwp *l)
{
struct inode *ip = VTOI(vp);
int error;
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_SECURITY, vp,
NULL, genfs_can_chmod(vp->v_type, cred, ip->i_uid, ip->i_gid,
mode));
if (error)
return (error);
ip->i_e2fs_mode &= ~ALLPERMS;
ip->i_e2fs_mode |= (mode & ALLPERMS);
ip->i_flag |= IN_CHANGE;
return (0);
}
/*
* Change the mode on a file.
* Inode must be locked before calling.
*/
static int
ulfs_chmod(struct vnode *vp, int mode, kauth_cred_t cred, struct lwp *l)
{
struct inode *ip;
int error;
ip = VTOI(vp);
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_SECURITY, vp,
NULL, genfs_can_chmod(vp->v_type, cred, ip->i_uid, ip->i_gid, mode));
if (error)
return (error);
fstrans_start(vp->v_mount, FSTRANS_SHARED);
ip->i_mode &= ~ALLPERMS;
ip->i_mode |= (mode & ALLPERMS);
ip->i_flag |= IN_CHANGE;
DIP_ASSIGN(ip, mode, ip->i_mode);
fstrans_done(vp->v_mount);
return (0);
}
/*
* implement access checking.
*
* actually, the check for super-user is slightly
* broken since it will allow read access to write-only
* objects. this doesn't cause any particular trouble
* but does mean that the i/o entry points need to check
* that the operation really does make sense.
*/
int
ptyfs_access(void *v)
{
struct vop_access_args /* {
struct vnode *a_vp;
int a_mode;
kauth_cred_t a_cred;
} */ *ap = v;
struct vattr va;
int error;
if ((error = VOP_GETATTR(ap->a_vp, &va, ap->a_cred)) != 0)
return error;
return kauth_authorize_vnode(ap->a_cred,
KAUTH_ACCESS_ACTION(ap->a_mode, ap->a_vp->v_type, va.va_mode),
ap->a_vp, NULL, genfs_can_access(va.va_type, va.va_mode, va.va_uid,
va.va_gid, ap->a_mode, ap->a_cred));
return error;
}
/*
* Perform chown operation on inode ip;
* inode must be locked prior to call.
*/
static int
ptyfs_chown(struct vnode *vp, uid_t uid, gid_t gid, kauth_cred_t cred,
struct lwp *l)
{
struct ptyfsnode *ptyfs = VTOPTYFS(vp);
int error;
if (uid == (uid_t)VNOVAL)
uid = ptyfs->ptyfs_uid;
if (gid == (gid_t)VNOVAL)
gid = ptyfs->ptyfs_gid;
error = kauth_authorize_vnode(cred, KAUTH_VNODE_CHANGE_OWNERSHIP, vp,
NULL, genfs_can_chown(cred, ptyfs->ptyfs_uid, ptyfs->ptyfs_gid,
uid, gid));
if (error)
return (error);
ptyfs->ptyfs_gid = gid;
ptyfs->ptyfs_uid = uid;
return 0;
}
/*
* genfs_rename_remove: Remove the entry for the non-directory vp with
* componentname cnp from the directory dvp, using the lookup results
* de. It is the responsibility of gro_remove to purge the name cache
* and note kevents.
*
* Everything must be locked and referenced.
*/
static int
genfs_rename_remove(const struct genfs_rename_ops *ops,
struct mount *mp, kauth_cred_t cred,
struct vnode *dvp, struct componentname *cnp, void *de, struct vnode *vp)
{
int error;
KASSERT(ops != NULL);
KASSERT(mp != NULL);
KASSERT(dvp != NULL);
KASSERT(cnp != NULL);
KASSERT(vp != NULL);
KASSERT(dvp != vp);
KASSERT(dvp->v_type == VDIR);
KASSERT(vp->v_type != VDIR);
KASSERT(dvp->v_mount == mp);
KASSERT(vp->v_mount == mp);
KASSERT(VOP_ISLOCKED(dvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE);
error = ops->gro_remove_check_possible(mp, dvp, vp);
if (error)
return error;
error = ops->gro_remove_check_permitted(mp, cred, dvp, vp);
error = kauth_authorize_vnode(cred, KAUTH_VNODE_DELETE, vp, dvp,
error);
if (error)
return error;
error = ops->gro_remove(mp, cred, dvp, cnp, de, vp);
if (error)
return error;
return 0;
}
/*
* Set attribute vnode op. called from several syscalls
*/
int
ext2fs_setattr(void *v)
{
struct vop_setattr_args /* {
struct vnode *a_vp;
struct vattr *a_vap;
kauth_cred_t a_cred;
} */ *ap = v;
struct vattr *vap = ap->a_vap;
struct vnode *vp = ap->a_vp;
struct inode *ip = VTOI(vp);
kauth_cred_t cred = ap->a_cred;
struct lwp *l = curlwp;
int error;
kauth_action_t action = KAUTH_VNODE_WRITE_FLAGS;
bool changing_sysflags = false;
/*
* Check for unsettable attributes.
*/
if ((vap->va_type != VNON) || (vap->va_nlink != (nlink_t)VNOVAL) ||
(vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) ||
(vap->va_blocksize != VNOVAL) || (vap->va_rdev != VNOVAL) ||
((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) {
return (EINVAL);
}
if (vap->va_flags != VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return (EROFS);
/*
* Check if we're allowed to change the flags.
* If EXT2FS_SYSTEM_FLAGS is set, then the flags are treated
* as system flags, otherwise they're considered to be user
* flags.
*/
#ifdef EXT2FS_SYSTEM_FLAGS
/* Indicate we're changing system flags if we are. */
if ((vap->va_flags & SF_APPEND) ||
(vap->va_flags & SF_IMMUTABLE)) {
action |= KAUTH_VNODE_WRITE_SYSFLAGS;
changing_sysflags = true;
}
/* Indicate the node has system flags if it does. */
if (ip->i_e2fs_flags & (EXT2_APPEND | EXT2_IMMUTABLE)) {
action |= KAUTH_VNODE_HAS_SYSFLAGS;
}
#endif /* EXT2FS_SYSTEM_FLAGS */
error = kauth_authorize_vnode(cred, action, vp, NULL,
genfs_can_chflags(cred, vp->v_type, ip->i_uid,
changing_sysflags));
if (error)
return (error);
#ifdef EXT2FS_SYSTEM_FLAGS
ip->i_e2fs_flags &= ~(EXT2_APPEND | EXT2_IMMUTABLE);
ip->i_e2fs_flags |=
(vap->va_flags & SF_APPEND) ? EXT2_APPEND : 0 |
(vap->va_flags & SF_IMMUTABLE) ? EXT2_IMMUTABLE : 0;
#else
ip->i_e2fs_flags &= ~(EXT2_APPEND | EXT2_IMMUTABLE);
ip->i_e2fs_flags |=
(vap->va_flags & UF_APPEND) ? EXT2_APPEND : 0 |
(vap->va_flags & UF_IMMUTABLE) ? EXT2_IMMUTABLE : 0;
#endif
ip->i_flag |= IN_CHANGE;
if (vap->va_flags & (IMMUTABLE | APPEND))
return (0);
}
if (ip->i_e2fs_flags & (EXT2_APPEND | EXT2_IMMUTABLE))
return (EPERM);
/*
* Go through the fields and update iff not VNOVAL.
*/
if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return (EROFS);
error = ext2fs_chown(vp, vap->va_uid, vap->va_gid, cred, l);
if (error)
return (error);
}
if (vap->va_size != VNOVAL) {
/*
* Disallow write attempts on read-only file systems;
* unless the file is a socket, fifo, or a block or
* character device resident on the file system.
*/
switch (vp->v_type) {
case VDIR:
return (EISDIR);
case VLNK:
case VREG:
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return (EROFS);
default:
break;
}
error = ext2fs_truncate(vp, vap->va_size, 0, cred);
if (error)
return (error);
}
ip = VTOI(vp);
if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return (EROFS);
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_TIMES, vp,
NULL, genfs_can_chtimes(vp, vap->va_vaflags, ip->i_uid,
cred));
if (error)
return (error);
if (vap->va_atime.tv_sec != VNOVAL)
if (!(vp->v_mount->mnt_flag & MNT_NOATIME))
ip->i_flag |= IN_ACCESS;
if (vap->va_mtime.tv_sec != VNOVAL) {
ip->i_flag |= IN_CHANGE | IN_UPDATE;
if (vp->v_mount->mnt_flag & MNT_RELATIME)
ip->i_flag |= IN_ACCESS;
}
error = ext2fs_update(vp, &vap->va_atime, &vap->va_mtime,
UPDATE_WAIT);
if (error)
return (error);
}
error = 0;
if (vap->va_mode != (mode_t)VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return (EROFS);
error = ext2fs_chmod(vp, (int)vap->va_mode, cred, l);
}
VN_KNOTE(vp, NOTE_ATTRIB);
return (error);
}
int
v7fs_setattr(void *v)
{
struct vop_setattr_args /* {
struct vnode *a_vp;
struct vattr *a_vap;
kauth_cred_t a_cred;
struct proc *p;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
struct vattr *vap = ap->a_vap;
struct v7fs_node *v7node = vp->v_data;
struct v7fs_self *fs = v7node->v7fsmount->core;
struct v7fs_inode *inode = &v7node->inode;
kauth_cred_t cred = ap->a_cred;
struct timespec *acc, *mod;
int error = 0;
acc = mod = NULL;
DPRINTF("\n");
if (vp->v_mount->mnt_flag & MNT_RDONLY) {
switch (vp->v_type) {
default:
/* special file is always writable. */
break;
case VDIR:
case VLNK:
case VREG:
DPRINTF("read-only mount\n");
return EROFS;
}
}
if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) ||
(vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) ||
(vap->va_blocksize != VNOVAL) || (vap->va_rdev != VNOVAL) ||
((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) {
DPRINTF("invalid request\n");
return EINVAL;
}
/* File pointer mode. */
if (vap->va_flags != VNOVAL) {
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_FLAGS,
vp, NULL, genfs_can_chflags(cred, vp->v_type, inode->uid,
false));
if (error)
return error;
inode->append_mode = vap->va_flags & SF_APPEND;
}
/* File size change. */
if ((vap->va_size != VNOVAL) && (vp->v_type == VREG)) {
error = v7fs_datablock_size_change(fs, vap->va_size, inode);
if (error == 0)
uvm_vnp_setsize(vp, vap->va_size);
}
uid_t uid = inode->uid;
gid_t gid = inode->gid;
if (vap->va_uid != (uid_t)VNOVAL) {
uid = vap->va_uid;
error = kauth_authorize_vnode(cred,
KAUTH_VNODE_CHANGE_OWNERSHIP, vp, NULL,
genfs_can_chown(cred, inode->uid, inode->gid, uid,
gid));
if (error)
return error;
inode->uid = uid;
}
if (vap->va_gid != (uid_t)VNOVAL) {
gid = vap->va_gid;
error = kauth_authorize_vnode(cred,
KAUTH_VNODE_CHANGE_OWNERSHIP, vp, NULL,
genfs_can_chown(cred, inode->uid, inode->gid, uid,
gid));
if (error)
return error;
inode->gid = gid;
}
if (vap->va_mode != (mode_t)VNOVAL) {
mode_t mode = vap->va_mode;
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_SECURITY,
vp, NULL, genfs_can_chmod(vp->v_type, cred, inode->uid, inode->gid,
mode));
if (error) {
return error;
}
v7fs_inode_chmod(inode, mode);
}
if ((vap->va_atime.tv_sec != VNOVAL) ||
(vap->va_mtime.tv_sec != VNOVAL) ||
(vap->va_ctime.tv_sec != VNOVAL)) {
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_TIMES, vp,
NULL, genfs_can_chtimes(vp, vap->va_vaflags, inode->uid,
cred));
if (error)
return error;
if (vap->va_atime.tv_sec != VNOVAL) {
acc = &vap->va_atime;
}
if (vap->va_mtime.tv_sec != VNOVAL) {
mod = &vap->va_mtime;
v7node->update_mtime = true;
}
if (vap->va_ctime.tv_sec != VNOVAL) {
v7node->update_ctime = true;
}
}
v7node->update_atime = true;
v7fs_update(vp, acc, mod, 0);
return error;
}
int
sysvbfs_setattr(void *arg)
{
struct vop_setattr_args /* {
struct vnode *a_vp;
struct vattr *a_vap;
kauth_cred_t a_cred;
struct proc *p;
} */ *ap = arg;
struct vnode *vp = ap->a_vp;
struct vattr *vap = ap->a_vap;
struct sysvbfs_node *bnode = vp->v_data;
struct bfs_inode *inode = bnode->inode;
struct bfs_fileattr *attr = &inode->attr;
struct bfs *bfs = bnode->bmp->bfs;
kauth_cred_t cred = ap->a_cred;
int error;
DPRINTF("%s:\n", __func__);
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) ||
(vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) ||
(vap->va_blocksize != VNOVAL) || (vap->va_rdev != VNOVAL) ||
((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL))
return EINVAL;
if (vap->va_flags != VNOVAL)
return EOPNOTSUPP;
if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) {
uid_t uid =
(vap->va_uid != (uid_t)VNOVAL) ? vap->va_uid : attr->uid;
gid_t gid =
(vap->va_gid != (gid_t)VNOVAL) ? vap->va_gid : attr->gid;
error = kauth_authorize_vnode(cred,
KAUTH_VNODE_CHANGE_OWNERSHIP, vp, NULL,
genfs_can_chown(cred, attr->uid, attr->gid, uid, gid));
if (error)
return error;
attr->uid = uid;
attr->gid = gid;
}
if (vap->va_size != VNOVAL)
switch (vp->v_type) {
case VDIR:
return EISDIR;
case VCHR:
case VBLK:
case VFIFO:
break;
case VREG:
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
sysvbfs_file_setsize(vp, vap->va_size);
break;
default:
return EOPNOTSUPP;
}
if (vap->va_mode != (mode_t)VNOVAL) {
mode_t mode = vap->va_mode;
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_SECURITY,
vp, NULL, genfs_can_chmod(vp->v_type, cred, attr->uid,
attr->gid, mode));
if (error)
return error;
attr->mode = mode;
}
if ((vap->va_atime.tv_sec != VNOVAL) ||
(vap->va_mtime.tv_sec != VNOVAL) ||
(vap->va_ctime.tv_sec != VNOVAL)) {
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_TIMES, vp,
NULL, genfs_can_chtimes(vp, vap->va_vaflags, attr->uid,
cred));
if (error)
return error;
if (vap->va_atime.tv_sec != VNOVAL)
attr->atime = vap->va_atime.tv_sec;
if (vap->va_mtime.tv_sec != VNOVAL)
attr->mtime = vap->va_mtime.tv_sec;
if (vap->va_ctime.tv_sec != VNOVAL)
attr->ctime = vap->va_ctime.tv_sec;
}
bfs_inode_set_attr(bfs, inode, attr);
return 0;
}
/*
* Allocate a new inode.
*/
int
ulfs_makeinode(int mode, struct vnode *dvp, const struct ulfs_lookup_results *ulr,
struct vnode **vpp, struct componentname *cnp)
{
struct inode *ip, *pdir;
struct lfs_direct *newdir;
struct vnode *tvp;
int error;
pdir = VTOI(dvp);
if ((mode & LFS_IFMT) == 0)
mode |= LFS_IFREG;
if ((error = lfs_valloc(dvp, mode, cnp->cn_cred, vpp)) != 0) {
return (error);
}
tvp = *vpp;
ip = VTOI(tvp);
ip->i_gid = pdir->i_gid;
DIP_ASSIGN(ip, gid, ip->i_gid);
ip->i_uid = kauth_cred_geteuid(cnp->cn_cred);
DIP_ASSIGN(ip, uid, ip->i_uid);
#if defined(LFS_QUOTA) || defined(LFS_QUOTA2)
if ((error = lfs_chkiq(ip, 1, cnp->cn_cred, 0))) {
lfs_vfree(tvp, ip->i_number, mode);
vput(tvp);
return (error);
}
#endif
ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
ip->i_mode = mode;
DIP_ASSIGN(ip, mode, mode);
tvp->v_type = IFTOVT(mode); /* Rest init'd in getnewvnode(). */
ip->i_nlink = 1;
DIP_ASSIGN(ip, nlink, 1);
/* Authorize setting SGID if needed. */
if (ip->i_mode & ISGID) {
error = kauth_authorize_vnode(cnp->cn_cred, KAUTH_VNODE_WRITE_SECURITY,
tvp, NULL, genfs_can_chmod(tvp->v_type, cnp->cn_cred, ip->i_uid,
ip->i_gid, mode));
if (error) {
ip->i_mode &= ~ISGID;
DIP_ASSIGN(ip, mode, ip->i_mode);
}
}
if (cnp->cn_flags & ISWHITEOUT) {
ip->i_flags |= UF_OPAQUE;
DIP_ASSIGN(ip, flags, ip->i_flags);
}
/*
* Make sure inode goes to disk before directory entry.
*/
if ((error = lfs_update(tvp, NULL, NULL, UPDATE_DIROP)) != 0)
goto bad;
newdir = pool_cache_get(ulfs_direct_cache, PR_WAITOK);
ulfs_makedirentry(ip, cnp, newdir);
error = ulfs_direnter(dvp, ulr, tvp, newdir, cnp, NULL);
pool_cache_put(ulfs_direct_cache, newdir);
if (error)
goto bad;
*vpp = tvp;
return (0);
bad:
/*
* Write error occurred trying to update the inode
* or the directory so must deallocate the inode.
*/
ip->i_nlink = 0;
DIP_ASSIGN(ip, nlink, 0);
ip->i_flag |= IN_CHANGE;
/* If IN_ADIROP, account for it */
lfs_unmark_vnode(tvp);
tvp->v_type = VNON; /* explodes later if VBLK */
vput(tvp);
return (error);
}
int
smbfs_setattr(void *v)
{
struct vop_setattr_args /* {
struct vnode *a_vp;
struct vattr *a_vap;
kauth_cred_t a_cred;
} */ *ap = v;
struct lwp *l = curlwp;
struct vnode *vp = ap->a_vp;
struct smbnode *np = VTOSMB(vp);
struct vattr *vap = ap->a_vap;
struct timespec *mtime, *atime;
struct smb_cred scred;
struct smb_share *ssp = np->n_mount->sm_share;
struct smb_vc *vcp = SSTOVC(ssp);
u_quad_t tsize = 0;
int isreadonly, doclose, error = 0;
SMBVDEBUG0("\n");
if (vap->va_flags != VNOVAL)
return EOPNOTSUPP;
isreadonly = (vp->v_mount->mnt_flag & MNT_RDONLY);
/*
* Disallow write attempts if the filesystem is mounted read-only.
*/
if ((vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL ||
vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL ||
vap->va_mode != (mode_t)VNOVAL) && isreadonly)
return EROFS;
smb_makescred(&scred, l, ap->a_cred);
if (vap->va_size != VNOVAL) {
switch (vp->v_type) {
case VDIR:
return EISDIR;
case VREG:
break;
default:
return EINVAL;
};
if (isreadonly)
return EROFS;
doclose = 0;
tsize = np->n_size;
np->n_size = vap->va_size;
uvm_vnp_setsize(vp, vap->va_size);
if ((np->n_flag & NOPEN) == 0) {
error = smbfs_smb_open(np,
SMB_SM_DENYNONE|SMB_AM_OPENRW, &scred);
if (error == 0)
doclose = 1;
}
if (error == 0)
error = smbfs_smb_setfsize(np, vap->va_size, &scred);
if (doclose)
smbfs_smb_close(ssp, np->n_fid, NULL, &scred);
if (error) {
np->n_size = tsize;
uvm_vnp_setsize(vp, tsize);
return (error);
}
}
mtime = atime = NULL;
if (vap->va_mtime.tv_sec != VNOVAL)
mtime = &vap->va_mtime;
if (vap->va_atime.tv_sec != VNOVAL)
atime = &vap->va_atime;
if (mtime != atime) {
error = kauth_authorize_vnode(ap->a_cred,
KAUTH_VNODE_WRITE_TIMES, ap->a_vp, NULL,
genfs_can_chtimes(ap->a_vp, vap->va_vaflags,
VTOSMBFS(vp)->sm_args.uid, ap->a_cred));
if (error)
return (error);
#if 0
if (mtime == NULL)
mtime = &np->n_mtime;
if (atime == NULL)
atime = &np->n_atime;
#endif
/*
* If file is opened, then we can use handle based calls.
* If not, use path based ones.
*/
if ((np->n_flag & NOPEN) == 0) {
if (vcp->vc_flags & SMBV_WIN95) {
error = VOP_OPEN(vp, FWRITE, ap->a_cred);
if (!error) {
/* error = smbfs_smb_setfattrNT(np, 0, mtime, atime, &scred);
VOP_GETATTR(vp, &vattr, ap->a_cred);*/
if (mtime)
np->n_mtime = *mtime;
VOP_CLOSE(vp, FWRITE, ap->a_cred);
}
} else if (SMB_CAPS(vcp) & SMB_CAP_NT_SMBS) {
error = smbfs_smb_setpattrNT(np, 0, mtime, atime, &scred);
} else if (SMB_DIALECT(vcp) >= SMB_DIALECT_LANMAN2_0) {
error = smbfs_smb_setptime2(np, mtime, atime, 0, &scred);
} else {
error = smbfs_smb_setpattr(np, 0, mtime, &scred);
}
} else {
if (SMB_CAPS(vcp) & SMB_CAP_NT_SMBS) {
error = smbfs_smb_setfattrNT(np, 0, mtime, atime, &scred);
} else if (SMB_DIALECT(vcp) >= SMB_DIALECT_LANMAN1_0) {
error = smbfs_smb_setftime(np, mtime, atime, &scred);
} else {
/*
* XXX I have no idea how to handle this for core
* level servers. The possible solution is to
* update mtime after file is closed.
*/
}
}
}
/*
* Invalidate attribute cache in case if server doesn't set
* required attributes.
*/
smbfs_attr_cacheremove(vp); /* invalidate cache */
VOP_GETATTR(vp, vap, ap->a_cred);
np->n_mtime.tv_sec = vap->va_mtime.tv_sec;
VN_KNOTE(vp, NOTE_ATTRIB);
return error;
}
/*
* genfs_sane_rename: Generic implementation of the saner API for the
* rename vop. Handles ancestry checks, locking, and permissions
* checks. Caller is responsible for implementing the genfs rename
* operations.
*
* fdvp and tdvp must be referenced and unlocked.
*/
int
genfs_sane_rename(const struct genfs_rename_ops *ops,
struct vnode *fdvp, struct componentname *fcnp, void *fde,
struct vnode *tdvp, struct componentname *tcnp, void *tde,
kauth_cred_t cred, bool posixly_correct)
{
struct mount *mp;
struct vnode *fvp = NULL, *tvp = NULL;
int error;
KASSERT(ops != NULL);
KASSERT(fdvp != NULL);
KASSERT(fcnp != NULL);
KASSERT(tdvp != NULL);
KASSERT(tcnp != NULL);
/* KASSERT(VOP_ISLOCKED(fdvp) != LK_EXCLUSIVE); */
/* KASSERT(VOP_ISLOCKED(tdvp) != LK_EXCLUSIVE); */
KASSERT(fdvp->v_type == VDIR);
KASSERT(tdvp->v_type == VDIR);
KASSERT(fdvp->v_mount == tdvp->v_mount);
KASSERT(fcnp != tcnp);
KASSERT(fcnp->cn_nameiop == DELETE);
KASSERT(tcnp->cn_nameiop == RENAME);
/* XXX Want a better equality test. */
KASSERT(kauth_cred_uidmatch(cred, fcnp->cn_cred));
KASSERT(kauth_cred_uidmatch(cred, tcnp->cn_cred));
mp = fdvp->v_mount;
KASSERT(mp != NULL);
KASSERT(mp == tdvp->v_mount);
/* XXX How can we be sure this stays true? */
KASSERT((mp->mnt_flag & MNT_RDONLY) == 0);
/* Reject rename("x/..", ...) and rename(..., "x/..") early. */
if ((fcnp->cn_flags | tcnp->cn_flags) & ISDOTDOT)
return EINVAL; /* XXX EISDIR? */
error = genfs_rename_enter(ops, mp, cred,
fdvp, fcnp, fde, &fvp,
tdvp, tcnp, tde, &tvp);
if (error)
return error;
/*
* Check that everything is locked and looks right.
*/
KASSERT(fvp != NULL);
KASSERT(VOP_ISLOCKED(fdvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(fvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(tdvp) == LK_EXCLUSIVE);
KASSERT((tvp == NULL) || (VOP_ISLOCKED(tvp) == LK_EXCLUSIVE));
/*
* If the source and destination are the same object, we need
* only at most delete the source entry. We are guaranteed at
* this point that the entries are distinct.
*/
if (fvp == tvp) {
KASSERT(tvp != NULL);
if (fvp->v_type == VDIR)
/* XXX This shouldn't be possible. */
error = EINVAL;
else if (posixly_correct)
/* POSIX sez to leave them alone. */
error = 0;
else if ((fdvp == tdvp) &&
(fcnp->cn_namelen == tcnp->cn_namelen) &&
(memcmp(fcnp->cn_nameptr, tcnp->cn_nameptr,
fcnp->cn_namelen) == 0))
/* Renaming an entry over itself does nothing. */
error = 0;
else
/* XXX Can't use VOP_REMOVE because of locking. */
error = genfs_rename_remove(ops, mp, cred,
fdvp, fcnp, fde, fvp);
goto out;
}
KASSERT(fvp != tvp);
KASSERT((fdvp != tdvp) ||
(fcnp->cn_namelen != tcnp->cn_namelen) ||
(memcmp(fcnp->cn_nameptr, tcnp->cn_nameptr, fcnp->cn_namelen)
!= 0));
/*
* If the target exists, refuse to rename a directory over a
* non-directory or vice versa, or to clobber a non-empty
* directory.
*/
if (tvp != NULL) {
if (fvp->v_type == VDIR && tvp->v_type == VDIR)
error =
(ops->gro_directory_empty_p(mp, cred, tvp, tdvp)?
0 : ENOTEMPTY);
else if (fvp->v_type == VDIR && tvp->v_type != VDIR)
error = ENOTDIR;
else if (fvp->v_type != VDIR && tvp->v_type == VDIR)
error = EISDIR;
else
error = 0;
if (error)
goto out;
KASSERT((fvp->v_type == VDIR) == (tvp->v_type == VDIR));
}
/*
* Authorize the rename.
*/
error = ops->gro_rename_check_possible(mp, fdvp, fvp, tdvp, tvp);
if (error)
goto out;
error = ops->gro_rename_check_permitted(mp, cred, fdvp, fvp, tdvp, tvp);
error = kauth_authorize_vnode(cred, KAUTH_VNODE_DELETE, fvp, fdvp,
error);
error = kauth_authorize_vnode(cred, KAUTH_VNODE_RENAME, tvp, tdvp,
error);
if (error)
goto out;
/*
* Everything is hunky-dory. Shuffle the directory entries.
*/
error = ops->gro_rename(mp, cred,
fdvp, fcnp, fde, fvp,
tdvp, tcnp, tde, tvp);
if (error)
goto out;
/* Success! */
out: genfs_rename_exit(ops, mp, fdvp, fvp, tdvp, tvp);
return error;
}
/*
* Convert a component of a pathname into a pointer to a locked inode.
* This is a very central and rather complicated routine.
* If the file system is not maintained in a strict tree hierarchy,
* this can result in a deadlock situation (see comments in code below).
*
* The cnp->cn_nameiop argument is LOOKUP, CREATE, RENAME, or DELETE depending
* on whether the name is to be looked up, created, renamed, or deleted.
* When CREATE, RENAME, or DELETE is specified, information usable in
* creating, renaming, or deleting a directory entry may be calculated.
* If flag has LOCKPARENT or'ed into it and the target of the pathname
* exists, lookup returns both the target and its parent directory locked.
* When creating or renaming and LOCKPARENT is specified, the target may
* not be ".". When deleting and LOCKPARENT is specified, the target may
* be "."., but the caller must check to ensure it does an vrele and vput
* instead of two vputs.
*
* Overall outline of ext2fs_lookup:
*
* check accessibility of directory
* look for name in cache, if found, then if at end of path
* and deleting or creating, drop it, else return name
* search for name in directory, to found or notfound
* notfound:
* if creating, return locked directory, leaving info on available slots
* else return error
* found:
* if at end of path and deleting, return information to allow delete
* if at end of path and rewriting (RENAME and LOCKPARENT), lock target
* inode and return info to allow rewrite
* if not at end, add name to cache; if at end and neither creating
* nor deleting, add name to cache
*/
int
ext2fs_lookup(void *v)
{
struct vop_lookup_v2_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
} */ *ap = v;
struct vnode *vdp = ap->a_dvp; /* vnode for directory being searched */
struct inode *dp = VTOI(vdp); /* inode for directory being searched */
struct buf *bp; /* a buffer of directory entries */
struct ext2fs_direct *ep; /* the current directory entry */
int entryoffsetinblock; /* offset of ep in bp's buffer */
enum {NONE, COMPACT, FOUND} slotstatus;
doff_t slotoffset; /* offset of area with free space */
int slotsize; /* size of area at slotoffset */
int slotfreespace; /* amount of space free in slot */
int slotneeded; /* size of the entry we're seeking */
int numdirpasses; /* strategy for directory search */
doff_t endsearch; /* offset to end directory search */
doff_t prevoff; /* prev entry dp->i_offset */
struct vnode *tdp; /* returned by vcache_get */
doff_t enduseful; /* pointer past last used dir slot */
u_long bmask; /* block offset mask */
int namlen, error;
struct vnode **vpp = ap->a_vpp;
struct componentname *cnp = ap->a_cnp;
kauth_cred_t cred = cnp->cn_cred;
int flags;
int nameiop = cnp->cn_nameiop;
struct ufsmount *ump = dp->i_ump;
int dirblksiz = ump->um_dirblksiz;
ino_t foundino;
struct ufs_lookup_results *results;
flags = cnp->cn_flags;
bp = NULL;
slotoffset = -1;
*vpp = NULL;
/*
* Produce the auxiliary lookup results into i_crap. Increment
* its serial number so elsewhere we can tell if we're using
* stale results. This should not be done this way. XXX.
*/
results = &dp->i_crap;
dp->i_crapcounter++;
/*
* Check accessiblity of directory.
*/
if ((error = VOP_ACCESS(vdp, VEXEC, cred)) != 0)
return (error);
if ((flags & ISLASTCN) && (vdp->v_mount->mnt_flag & MNT_RDONLY) &&
(cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME))
return (EROFS);
/*
* We now have a segment name to search for, and a directory to search.
*
* Before tediously performing a linear scan of the directory,
* check the name cache to see if the directory/name pair
* we are looking for is known already.
*/
if (cache_lookup(vdp, cnp->cn_nameptr, cnp->cn_namelen,
cnp->cn_nameiop, cnp->cn_flags, NULL, vpp)) {
return *vpp == NULLVP ? ENOENT : 0;
}
/*
* Suppress search for slots unless creating
* file and at end of pathname, in which case
* we watch for a place to put the new file in
* case it doesn't already exist.
*/
slotstatus = FOUND;
slotfreespace = slotsize = slotneeded = 0;
if ((nameiop == CREATE || nameiop == RENAME) &&
(flags & ISLASTCN)) {
slotstatus = NONE;
slotneeded = EXT2FS_DIRSIZ(cnp->cn_namelen);
}
/*
* If there is cached information on a previous search of
* this directory, pick up where we last left off.
* We cache only lookups as these are the most common
* and have the greatest payoff. Caching CREATE has little
* benefit as it usually must search the entire directory
* to determine that the entry does not exist. Caching the
* location of the last DELETE or RENAME has not reduced
* profiling time and hence has been removed in the interest
* of simplicity.
*/
bmask = vdp->v_mount->mnt_stat.f_iosize - 1;
if (nameiop != LOOKUP || results->ulr_diroff == 0 ||
results->ulr_diroff >= ext2fs_size(dp)) {
entryoffsetinblock = 0;
results->ulr_offset = 0;
numdirpasses = 1;
} else {
results->ulr_offset = results->ulr_diroff;
if ((entryoffsetinblock = results->ulr_offset & bmask) &&
(error = ext2fs_blkatoff(vdp, (off_t)results->ulr_offset, NULL, &bp)))
return (error);
numdirpasses = 2;
namecache_count_2passes();
}
prevoff = results->ulr_offset;
endsearch = roundup(ext2fs_size(dp), dirblksiz);
enduseful = 0;
searchloop:
while (results->ulr_offset < endsearch) {
if (curcpu()->ci_schedstate.spc_flags & SPCF_SHOULDYIELD)
preempt();
/*
* If necessary, get the next directory block.
*/
if ((results->ulr_offset & bmask) == 0) {
if (bp != NULL)
brelse(bp, 0);
error = ext2fs_blkatoff(vdp, (off_t)results->ulr_offset, NULL,
&bp);
if (error != 0)
return (error);
entryoffsetinblock = 0;
}
/*
* If still looking for a slot, and at a dirblksize
* boundary, have to start looking for free space again.
*/
if (slotstatus == NONE &&
(entryoffsetinblock & (dirblksiz - 1)) == 0) {
slotoffset = -1;
slotfreespace = 0;
}
/*
* Get pointer to next entry.
* Full validation checks are slow, so we only check
* enough to insure forward progress through the
* directory. Complete checks can be run by patching
* "dirchk" to be true.
*/
KASSERT(bp != NULL);
ep = (struct ext2fs_direct *)
((char *)bp->b_data + entryoffsetinblock);
if (ep->e2d_reclen == 0 ||
(dirchk &&
ext2fs_dirbadentry(vdp, ep, entryoffsetinblock))) {
int i;
ufs_dirbad(dp, results->ulr_offset, "mangled entry");
i = dirblksiz - (entryoffsetinblock & (dirblksiz - 1));
results->ulr_offset += i;
entryoffsetinblock += i;
continue;
}
/*
* If an appropriate sized slot has not yet been found,
* check to see if one is available. Also accumulate space
* in the current block so that we can determine if
* compaction is viable.
*/
if (slotstatus != FOUND) {
int size = fs2h16(ep->e2d_reclen);
if (ep->e2d_ino != 0)
size -= EXT2FS_DIRSIZ(ep->e2d_namlen);
if (size > 0) {
if (size >= slotneeded) {
slotstatus = FOUND;
slotoffset = results->ulr_offset;
slotsize = fs2h16(ep->e2d_reclen);
} else if (slotstatus == NONE) {
slotfreespace += size;
if (slotoffset == -1)
slotoffset = results->ulr_offset;
if (slotfreespace >= slotneeded) {
slotstatus = COMPACT;
slotsize = results->ulr_offset +
fs2h16(ep->e2d_reclen) -
slotoffset;
}
}
}
}
/*
* Check for a name match.
*/
if (ep->e2d_ino) {
namlen = ep->e2d_namlen;
if (namlen == cnp->cn_namelen &&
!memcmp(cnp->cn_nameptr, ep->e2d_name,
(unsigned)namlen)) {
/*
* Save directory entry's inode number and
* reclen in ndp->ni_ufs area, and release
* directory buffer.
*/
foundino = fs2h32(ep->e2d_ino);
results->ulr_reclen = fs2h16(ep->e2d_reclen);
goto found;
}
}
prevoff = results->ulr_offset;
results->ulr_offset += fs2h16(ep->e2d_reclen);
entryoffsetinblock += fs2h16(ep->e2d_reclen);
if (ep->e2d_ino)
enduseful = results->ulr_offset;
}
/* notfound: */
/*
* If we started in the middle of the directory and failed
* to find our target, we must check the beginning as well.
*/
if (numdirpasses == 2) {
numdirpasses--;
results->ulr_offset = 0;
endsearch = results->ulr_diroff;
goto searchloop;
}
if (bp != NULL)
brelse(bp, 0);
/*
* If creating, and at end of pathname and current
* directory has not been removed, then can consider
* allowing file to be created.
*/
if ((nameiop == CREATE || nameiop == RENAME) &&
(flags & ISLASTCN) && dp->i_e2fs_nlink != 0) {
/*
* Access for write is interpreted as allowing
* creation of files in the directory.
*/
error = VOP_ACCESS(vdp, VWRITE, cred);
if (error)
return (error);
/*
* Return an indication of where the new directory
* entry should be put. If we didn't find a slot,
* then set results->ulr_count to 0 indicating
* that the new slot belongs at the end of the
* directory. If we found a slot, then the new entry
* can be put in the range from results->ulr_offset to
* results->ulr_offset + results->ulr_count.
*/
if (slotstatus == NONE) {
results->ulr_offset = roundup(ext2fs_size(dp), dirblksiz);
results->ulr_count = 0;
enduseful = results->ulr_offset;
} else {
results->ulr_offset = slotoffset;
results->ulr_count = slotsize;
if (enduseful < slotoffset + slotsize)
enduseful = slotoffset + slotsize;
}
results->ulr_endoff = roundup(enduseful, dirblksiz);
#if 0
dp->i_flag |= IN_CHANGE | IN_UPDATE;
#endif
/*
* We return with the directory locked, so that
* the parameters we set up above will still be
* valid if we actually decide to do a direnter().
* We return ni_vp == NULL to indicate that the entry
* does not currently exist; we leave a pointer to
* the (locked) directory inode in ndp->ni_dvp.
*
* NB - if the directory is unlocked, then this
* information cannot be used.
*/
return (EJUSTRETURN);
}
/*
* Insert name into cache (as non-existent) if appropriate.
*/
if (nameiop != CREATE) {
cache_enter(vdp, *vpp, cnp->cn_nameptr, cnp->cn_namelen,
cnp->cn_flags);
}
return ENOENT;
found:
if (numdirpasses == 2)
namecache_count_pass2();
/*
* Check that directory length properly reflects presence
* of this entry.
*/
if (results->ulr_offset + EXT2FS_DIRSIZ(ep->e2d_namlen) > ext2fs_size(dp)) {
ufs_dirbad(dp, results->ulr_offset, "i_size too small");
error = ext2fs_setsize(dp,
results->ulr_offset + EXT2FS_DIRSIZ(ep->e2d_namlen));
if (error) {
brelse(bp, 0);
return (error);
}
dp->i_flag |= IN_CHANGE | IN_UPDATE;
uvm_vnp_setsize(vdp, ext2fs_size(dp));
}
brelse(bp, 0);
/*
* Found component in pathname.
* If the final component of path name, save information
* in the cache as to where the entry was found.
*/
if ((flags & ISLASTCN) && nameiop == LOOKUP)
results->ulr_diroff = results->ulr_offset &~ (dirblksiz - 1);
/*
* If deleting, and at end of pathname, return
* parameters which can be used to remove file.
* Lock the inode, being careful with ".".
*/
if (nameiop == DELETE && (flags & ISLASTCN)) {
/*
* Return pointer to current entry in results->ulr_offset,
* and distance past previous entry (if there
* is a previous entry in this block) in results->ulr_count.
* Save directory inode pointer in ndp->ni_dvp for dirremove().
*/
if ((results->ulr_offset & (dirblksiz - 1)) == 0)
results->ulr_count = 0;
else
results->ulr_count = results->ulr_offset - prevoff;
if (dp->i_number == foundino) {
vref(vdp);
tdp = vdp;
} else {
error = vcache_get(vdp->v_mount,
&foundino, sizeof(foundino), &tdp);
if (error)
return (error);
}
/*
* Write access to directory required to delete files.
*/
if ((error = VOP_ACCESS(vdp, VWRITE, cred)) != 0) {
vrele(tdp);
return (error);
}
/*
* If directory is "sticky", then user must own
* the directory, or the file in it, else she
* may not delete it (unless she's root). This
* implements append-only directories.
*/
if (dp->i_e2fs_mode & ISVTX) {
error = kauth_authorize_vnode(cred, KAUTH_VNODE_DELETE,
tdp, vdp, genfs_can_sticky(cred, dp->i_uid,
VTOI(tdp)->i_uid));
if (error) {
vrele(tdp);
return (EPERM);
}
}
*vpp = tdp;
return (0);
}
/*
* If rewriting (RENAME), return the inode and the
* information required to rewrite the present directory
* Must get inode of directory entry to verify it's a
* regular file, or empty directory.
*/
if (nameiop == RENAME && (flags & ISLASTCN)) {
error = VOP_ACCESS(vdp, VWRITE, cred);
if (error)
return (error);
/*
* Careful about locking second inode.
* This can only occur if the target is ".".
*/
if (dp->i_number == foundino)
return (EISDIR);
error = vcache_get(vdp->v_mount,
&foundino, sizeof(foundino), &tdp);
if (error)
return (error);
*vpp = tdp;
return (0);
}
if (dp->i_number == foundino) {
vref(vdp); /* we want ourself, ie "." */
*vpp = vdp;
} else {
error = vcache_get(vdp->v_mount,
&foundino, sizeof(foundino), &tdp);
if (error)
return (error);
*vpp = tdp;
}
/*
* Insert name into cache if appropriate.
*/
cache_enter(vdp, *vpp, cnp->cn_nameptr, cnp->cn_namelen, cnp->cn_flags);
return 0;
}
/*ARGSUSED*/
int
ptyfs_setattr(void *v)
{
struct vop_setattr_args /* {
struct vnodeop_desc *a_desc;
struct vnode *a_vp;
struct vattr *a_vap;
kauth_cred_t a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
struct ptyfsnode *ptyfs = VTOPTYFS(vp);
struct vattr *vap = ap->a_vap;
kauth_cred_t cred = ap->a_cred;
struct lwp *l = curlwp;
int error;
kauth_action_t action = KAUTH_VNODE_WRITE_FLAGS;
bool changing_sysflags = false;
if (vap->va_size != VNOVAL) {
switch (ptyfs->ptyfs_type) {
case PTYFSroot:
return EISDIR;
case PTYFSpts:
case PTYFSptc:
break;
default:
return EINVAL;
}
}
if (vap->va_flags != VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
/* Immutable and append-only flags are not supported on ptyfs. */
if (vap->va_flags & (IMMUTABLE | APPEND))
return EINVAL;
/* Snapshot flag cannot be set or cleared */
if ((vap->va_flags & SF_SNAPSHOT) != (ptyfs->ptyfs_flags & SF_SNAPSHOT))
return EPERM;
if ((ptyfs->ptyfs_flags & SF_SETTABLE) != (vap->va_flags & SF_SETTABLE)) {
changing_sysflags = true;
action |= KAUTH_VNODE_WRITE_SYSFLAGS;
}
error = kauth_authorize_vnode(cred, action, vp, NULL,
genfs_can_chflags(cred, vp->v_type, ptyfs->ptyfs_uid,
changing_sysflags));
if (error)
return error;
if (changing_sysflags) {
ptyfs->ptyfs_flags = vap->va_flags;
} else {
ptyfs->ptyfs_flags &= SF_SETTABLE;
ptyfs->ptyfs_flags |= (vap->va_flags & UF_SETTABLE);
}
ptyfs->ptyfs_status |= PTYFS_CHANGE;
}
/*
* Go through the fields and update iff not VNOVAL.
*/
if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
if (ptyfs->ptyfs_type == PTYFSroot)
return EPERM;
error = ptyfs_chown(vp, vap->va_uid, vap->va_gid, cred, l);
if (error)
return error;
}
if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL ||
vap->va_birthtime.tv_sec != VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
if ((ptyfs->ptyfs_flags & SF_SNAPSHOT) != 0)
return EPERM;
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_TIMES, vp,
NULL, genfs_can_chtimes(vp, vap->va_vaflags,
ptyfs->ptyfs_uid, cred));
if (error)
return (error);
if (vap->va_atime.tv_sec != VNOVAL)
if (!(vp->v_mount->mnt_flag & MNT_NOATIME))
ptyfs->ptyfs_status |= PTYFS_ACCESS;
if (vap->va_mtime.tv_sec != VNOVAL) {
ptyfs->ptyfs_status |= PTYFS_CHANGE | PTYFS_MODIFY;
if (vp->v_mount->mnt_flag & MNT_RELATIME)
ptyfs->ptyfs_status |= PTYFS_ACCESS;
}
if (vap->va_birthtime.tv_sec != VNOVAL)
ptyfs->ptyfs_birthtime = vap->va_birthtime;
ptyfs->ptyfs_status |= PTYFS_CHANGE;
error = ptyfs_update(vp, &vap->va_atime, &vap->va_mtime, 0);
if (error)
return error;
}
if (vap->va_mode != (mode_t)VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
if (ptyfs->ptyfs_type == PTYFSroot)
return EPERM;
if ((ptyfs->ptyfs_flags & SF_SNAPSHOT) != 0 &&
(vap->va_mode &
(S_IXUSR|S_IWUSR|S_IXGRP|S_IWGRP|S_IXOTH|S_IWOTH)))
return EPERM;
error = ptyfs_chmod(vp, vap->va_mode, cred, l);
if (error)
return error;
}
VN_KNOTE(vp, NOTE_ATTRIB);
return 0;
}
/*
* Set attribute vnode op. called from several syscalls
*/
int
ufs_setattr(void *v)
{
struct vop_setattr_args /* {
struct vnode *a_vp;
struct vattr *a_vap;
kauth_cred_t a_cred;
} */ *ap = v;
struct vattr *vap;
struct vnode *vp;
struct inode *ip;
kauth_cred_t cred;
struct lwp *l;
int error;
kauth_action_t action;
bool changing_sysflags;
vap = ap->a_vap;
vp = ap->a_vp;
ip = VTOI(vp);
cred = ap->a_cred;
l = curlwp;
action = KAUTH_VNODE_WRITE_FLAGS;
changing_sysflags = false;
/*
* Check for unsettable attributes.
*/
if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) ||
(vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) ||
(vap->va_blocksize != VNOVAL) || (vap->va_rdev != VNOVAL) ||
((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) {
return (EINVAL);
}
fstrans_start(vp->v_mount, FSTRANS_SHARED);
if (vap->va_flags != VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY) {
error = EROFS;
goto out;
}
/* Snapshot flag cannot be set or cleared */
if ((vap->va_flags & (SF_SNAPSHOT | SF_SNAPINVAL)) !=
(ip->i_flags & (SF_SNAPSHOT | SF_SNAPINVAL))) {
error = EPERM;
goto out;
}
if (ip->i_flags & (SF_IMMUTABLE | SF_APPEND)) {
action |= KAUTH_VNODE_HAS_SYSFLAGS;
}
if ((vap->va_flags & SF_SETTABLE) !=
(ip->i_flags & SF_SETTABLE)) {
action |= KAUTH_VNODE_WRITE_SYSFLAGS;
changing_sysflags = true;
}
error = kauth_authorize_vnode(cred, action, vp, NULL,
genfs_can_chflags(cred, vp->v_type, ip->i_uid,
changing_sysflags));
if (error)
goto out;
if (changing_sysflags) {
error = UFS_WAPBL_BEGIN(vp->v_mount);
if (error)
goto out;
ip->i_flags = vap->va_flags;
DIP_ASSIGN(ip, flags, ip->i_flags);
} else {
error = UFS_WAPBL_BEGIN(vp->v_mount);
if (error)
goto out;
ip->i_flags &= SF_SETTABLE;
ip->i_flags |= (vap->va_flags & UF_SETTABLE);
DIP_ASSIGN(ip, flags, ip->i_flags);
}
ip->i_flag |= IN_CHANGE;
UFS_WAPBL_UPDATE(vp, NULL, NULL, 0);
UFS_WAPBL_END(vp->v_mount);
if (vap->va_flags & (IMMUTABLE | APPEND)) {
error = 0;
goto out;
}
}
if (ip->i_flags & (IMMUTABLE | APPEND)) {
error = EPERM;
goto out;
}
/*
* Go through the fields and update iff not VNOVAL.
*/
if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY) {
error = EROFS;
goto out;
}
error = UFS_WAPBL_BEGIN(vp->v_mount);
if (error)
goto out;
error = ufs_chown(vp, vap->va_uid, vap->va_gid, cred, l);
UFS_WAPBL_END(vp->v_mount);
if (error)
goto out;
}
if (vap->va_size != VNOVAL) {
/*
* Disallow write attempts on read-only file systems;
* unless the file is a socket, fifo, or a block or
* character device resident on the file system.
*/
switch (vp->v_type) {
case VDIR:
error = EISDIR;
goto out;
case VCHR:
case VBLK:
case VFIFO:
break;
case VREG:
if (vp->v_mount->mnt_flag & MNT_RDONLY) {
error = EROFS;
goto out;
}
if ((ip->i_flags & SF_SNAPSHOT) != 0) {
error = EPERM;
goto out;
}
error = ufs_truncate(vp, vap->va_size, cred);
if (error)
goto out;
break;
default:
error = EOPNOTSUPP;
goto out;
}
}
ip = VTOI(vp);
if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL ||
vap->va_birthtime.tv_sec != VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY) {
error = EROFS;
goto out;
}
if ((ip->i_flags & SF_SNAPSHOT) != 0) {
error = EPERM;
goto out;
}
error = kauth_authorize_vnode(cred, KAUTH_VNODE_WRITE_TIMES, vp,
NULL, genfs_can_chtimes(vp, vap->va_vaflags, ip->i_uid, cred));
if (error)
goto out;
error = UFS_WAPBL_BEGIN(vp->v_mount);
if (error)
goto out;
if (vap->va_atime.tv_sec != VNOVAL)
if (!(vp->v_mount->mnt_flag & MNT_NOATIME))
ip->i_flag |= IN_ACCESS;
if (vap->va_mtime.tv_sec != VNOVAL) {
ip->i_flag |= IN_CHANGE | IN_UPDATE;
if (vp->v_mount->mnt_flag & MNT_RELATIME)
ip->i_flag |= IN_ACCESS;
}
if (vap->va_birthtime.tv_sec != VNOVAL &&
ip->i_ump->um_fstype == UFS2) {
ip->i_ffs2_birthtime = vap->va_birthtime.tv_sec;
ip->i_ffs2_birthnsec = vap->va_birthtime.tv_nsec;
}
error = UFS_UPDATE(vp, &vap->va_atime, &vap->va_mtime, 0);
UFS_WAPBL_END(vp->v_mount);
if (error)
goto out;
}
error = 0;
if (vap->va_mode != (mode_t)VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY) {
error = EROFS;
goto out;
}
if ((ip->i_flags & SF_SNAPSHOT) != 0 &&
(vap->va_mode & (S_IXUSR | S_IWUSR | S_IXGRP | S_IWGRP |
S_IXOTH | S_IWOTH))) {
error = EPERM;
goto out;
}
error = UFS_WAPBL_BEGIN(vp->v_mount);
if (error)
goto out;
error = ufs_chmod(vp, (int)vap->va_mode, cred, l);
UFS_WAPBL_END(vp->v_mount);
}
VN_KNOTE(vp, NOTE_ATTRIB);
out:
fstrans_done(vp->v_mount);
return (error);
}
/*
* Convert a component of a pathname into a pointer to a locked inode.
* This is a very central and rather complicated routine.
* If the file system is not maintained in a strict tree hierarchy,
* this can result in a deadlock situation (see comments in code below).
*
* The cnp->cn_nameiop argument is LOOKUP, CREATE, RENAME, or DELETE depending
* on whether the name is to be looked up, created, renamed, or deleted.
* When CREATE, RENAME, or DELETE is specified, information usable in
* creating, renaming, or deleting a directory entry may be calculated.
* If flag has LOCKPARENT or'ed into it and the target of the pathname
* exists, lookup returns both the target and its parent directory locked.
* When creating or renaming and LOCKPARENT is specified, the target may
* not be ".". When deleting and LOCKPARENT is specified, the target may
* be "."., but the caller must check to ensure it does an vrele and vput
* instead of two vputs.
*
* Overall outline of ulfs_lookup:
*
* check accessibility of directory
* look for name in cache, if found, then if at end of path
* and deleting or creating, drop it, else return name
* search for name in directory, to found or notfound
* notfound:
* if creating, return locked directory, leaving info on available slots
* else return error
* found:
* if at end of path and deleting, return information to allow delete
* if at end of path and rewriting (RENAME and LOCKPARENT), lock target
* inode and return info to allow rewrite
* if not at end, add name to cache; if at end and neither creating
* nor deleting, add name to cache
*/
int
ulfs_lookup(void *v)
{
struct vop_lookup_v2_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
} */ *ap = v;
struct vnode *vdp = ap->a_dvp; /* vnode for directory being searched */
struct inode *dp = VTOI(vdp); /* inode for directory being searched */
struct buf *bp; /* a buffer of directory entries */
struct lfs_direct *ep; /* the current directory entry */
int entryoffsetinblock; /* offset of ep in bp's buffer */
enum {
NONE, /* need to search a slot for our new entry */
COMPACT, /* a compaction can make a slot in the current
DIRBLKSIZ block */
FOUND, /* found a slot (or no need to search) */
} slotstatus;
doff_t slotoffset; /* offset of area with free space.
a special value -1 for invalid */
int slotsize; /* size of area at slotoffset */
int slotfreespace; /* accumulated amount of space free in
the current DIRBLKSIZ block */
int slotneeded; /* size of the entry we're seeking */
int numdirpasses; /* strategy for directory search */
doff_t endsearch; /* offset to end directory search */
doff_t prevoff; /* previous value of ulr_offset */
struct vnode *pdp; /* saved dp during symlink work */
struct vnode *tdp; /* returned by VFS_VGET */
doff_t enduseful; /* pointer past last used dir slot.
used for directory truncation. */
u_long bmask; /* block offset mask */
int error;
struct vnode **vpp = ap->a_vpp;
struct componentname *cnp = ap->a_cnp;
kauth_cred_t cred = cnp->cn_cred;
int flags;
int nameiop = cnp->cn_nameiop;
struct lfs *fs = dp->i_lfs;
const int needswap = ULFS_MPNEEDSWAP(fs);
int dirblksiz = fs->um_dirblksiz;
ino_t foundino;
struct ulfs_lookup_results *results;
int iswhiteout; /* temp result from cache_lookup() */
flags = cnp->cn_flags;
bp = NULL;
slotoffset = -1;
*vpp = NULL;
endsearch = 0; /* silence compiler warning */
/*
* Produce the auxiliary lookup results into i_crap. Increment
* its serial number so elsewhere we can tell if we're using
* stale results. This should not be done this way. XXX.
*/
results = &dp->i_crap;
dp->i_crapcounter++;
/*
* Check accessiblity of directory.
*/
if ((error = VOP_ACCESS(vdp, VEXEC, cred)) != 0)
return (error);
if ((flags & ISLASTCN) && (vdp->v_mount->mnt_flag & MNT_RDONLY) &&
(nameiop == DELETE || nameiop == RENAME))
return (EROFS);
/*
* We now have a segment name to search for, and a directory to search.
*
* Before tediously performing a linear scan of the directory,
* check the name cache to see if the directory/name pair
* we are looking for is known already.
*/
if (cache_lookup(vdp, cnp->cn_nameptr, cnp->cn_namelen,
cnp->cn_nameiop, cnp->cn_flags, &iswhiteout, vpp)) {
if (iswhiteout) {
cnp->cn_flags |= ISWHITEOUT;
}
return *vpp == NULLVP ? ENOENT : 0;
}
if (iswhiteout) {
/*
* The namecache set iswhiteout without finding a
* cache entry. As of this writing (20121014), this
* can happen if there was a whiteout entry that has
* been invalidated by the lookup. It is not clear if
* it is correct to set ISWHITEOUT in this case or
* not; however, doing so retains the prior behavior,
* so we'll go with that until some clearer answer
* appears. XXX
*/
cnp->cn_flags |= ISWHITEOUT;
}
fstrans_start(vdp->v_mount, FSTRANS_SHARED);
/*
* Suppress search for slots unless creating
* file and at end of pathname, in which case
* we watch for a place to put the new file in
* case it doesn't already exist.
*/
slotstatus = FOUND;
slotfreespace = slotsize = slotneeded = 0;
if ((nameiop == CREATE || nameiop == RENAME) && (flags & ISLASTCN)) {
slotstatus = NONE;
slotneeded = LFS_DIRECTSIZ(cnp->cn_namelen);
}
/*
* If there is cached information on a previous search of
* this directory, pick up where we last left off.
* We cache only lookups as these are the most common
* and have the greatest payoff. Caching CREATE has little
* benefit as it usually must search the entire directory
* to determine that the entry does not exist. Caching the
* location of the last DELETE or RENAME has not reduced
* profiling time and hence has been removed in the interest
* of simplicity.
*/
bmask = vdp->v_mount->mnt_stat.f_iosize - 1;
#ifdef LFS_DIRHASH
/*
* Use dirhash for fast operations on large directories. The logic
* to determine whether to hash the directory is contained within
* ulfsdirhash_build(); a zero return means that it decided to hash
* this directory and it successfully built up the hash table.
*/
if (ulfsdirhash_build(dp) == 0) {
/* Look for a free slot if needed. */
enduseful = dp->i_size;
if (slotstatus != FOUND) {
slotoffset = ulfsdirhash_findfree(dp, slotneeded,
&slotsize);
if (slotoffset >= 0) {
slotstatus = COMPACT;
enduseful = ulfsdirhash_enduseful(dp);
if (enduseful < 0)
enduseful = dp->i_size;
}
}
/* Look up the component. */
numdirpasses = 1;
entryoffsetinblock = 0; /* silence compiler warning */
switch (ulfsdirhash_lookup(dp, cnp->cn_nameptr, cnp->cn_namelen,
&results->ulr_offset, &bp, nameiop == DELETE ? &prevoff : NULL)) {
case 0:
ep = (struct lfs_direct *)((char *)bp->b_data +
(results->ulr_offset & bmask));
goto foundentry;
case ENOENT:
results->ulr_offset = roundup(dp->i_size, dirblksiz);
goto notfound;
default:
/* Something failed; just do a linear search. */
break;
}
}
#endif /* LFS_DIRHASH */
if (nameiop != LOOKUP || results->ulr_diroff == 0 ||
results->ulr_diroff >= dp->i_size) {
entryoffsetinblock = 0;
results->ulr_offset = 0;
numdirpasses = 1;
} else {
results->ulr_offset = results->ulr_diroff;
if ((entryoffsetinblock = results->ulr_offset & bmask) &&
(error = ulfs_blkatoff(vdp, (off_t)results->ulr_offset,
NULL, &bp, false)))
goto out;
numdirpasses = 2;
namecache_count_2passes();
}
prevoff = results->ulr_offset;
endsearch = roundup(dp->i_size, dirblksiz);
enduseful = 0;
searchloop:
while (results->ulr_offset < endsearch) {
if (curcpu()->ci_schedstate.spc_flags & SPCF_SHOULDYIELD)
preempt();
/*
* If necessary, get the next directory block.
*/
if ((results->ulr_offset & bmask) == 0) {
if (bp != NULL)
brelse(bp, 0);
error = ulfs_blkatoff(vdp, (off_t)results->ulr_offset,
NULL, &bp, false);
if (error)
goto out;
entryoffsetinblock = 0;
}
/*
* If still looking for a slot, and at a DIRBLKSIZ
* boundary, have to start looking for free space again.
*/
if (slotstatus == NONE &&
(entryoffsetinblock & (dirblksiz - 1)) == 0) {
slotoffset = -1;
slotfreespace = 0;
}
/*
* Get pointer to next entry.
* Full validation checks are slow, so we only check
* enough to insure forward progress through the
* directory. Complete checks can be run by patching
* "lfs_dirchk" to be true.
*/
KASSERT(bp != NULL);
ep = (struct lfs_direct *)((char *)bp->b_data + entryoffsetinblock);
if (ep->d_reclen == 0 ||
(lfs_dirchk && ulfs_dirbadentry(vdp, ep, entryoffsetinblock))) {
int i;
ulfs_dirbad(dp, results->ulr_offset, "mangled entry");
i = dirblksiz - (entryoffsetinblock & (dirblksiz - 1));
results->ulr_offset += i;
entryoffsetinblock += i;
continue;
}
/*
* If an appropriate sized slot has not yet been found,
* check to see if one is available. Also accumulate space
* in the current block so that we can determine if
* compaction is viable.
*/
if (slotstatus != FOUND) {
int size = ulfs_rw16(ep->d_reclen, needswap);
if (ep->d_ino != 0)
size -= LFS_DIRSIZ(FSFMT(vdp), ep, needswap);
if (size > 0) {
if (size >= slotneeded) {
slotstatus = FOUND;
slotoffset = results->ulr_offset;
slotsize = ulfs_rw16(ep->d_reclen,
needswap);
} else if (slotstatus == NONE) {
slotfreespace += size;
if (slotoffset == -1)
slotoffset = results->ulr_offset;
if (slotfreespace >= slotneeded) {
slotstatus = COMPACT;
slotsize = results->ulr_offset +
ulfs_rw16(ep->d_reclen,
needswap) -
slotoffset;
}
}
}
}
/*
* Check for a name match.
*/
if (ep->d_ino) {
int namlen;
#if (BYTE_ORDER == LITTLE_ENDIAN)
if (FSFMT(vdp) && needswap == 0)
namlen = ep->d_type;
else
namlen = ep->d_namlen;
#else
if (FSFMT(vdp) && needswap != 0)
namlen = ep->d_type;
else
namlen = ep->d_namlen;
#endif
if (namlen == cnp->cn_namelen &&
!memcmp(cnp->cn_nameptr, ep->d_name,
(unsigned)namlen)) {
#ifdef LFS_DIRHASH
foundentry:
#endif
/*
* Save directory entry's inode number and
* reclen, and release directory buffer.
*/
if (!FSFMT(vdp) && ep->d_type == LFS_DT_WHT) {
slotstatus = FOUND;
slotoffset = results->ulr_offset;
slotsize = ulfs_rw16(ep->d_reclen,
needswap);
results->ulr_reclen = slotsize;
/*
* This is used to set
* results->ulr_endoff,
* which may be used by ulfs_direnter()
* as a length to truncate the
* directory to. Therefore, it must
* point past the end of the last
* non-empty directory entry. We don't
* know where that is in this case, so
* we effectively disable shrinking by
* using the existing size of the
* directory.
*
* Note that we wouldn't expect to
* shrink the directory while rewriting
* an existing entry anyway.
*/
enduseful = endsearch;
cnp->cn_flags |= ISWHITEOUT;
numdirpasses--;
goto notfound;
}
foundino = ulfs_rw32(ep->d_ino, needswap);
results->ulr_reclen =
ulfs_rw16(ep->d_reclen, needswap);
goto found;
}
}
prevoff = results->ulr_offset;
results->ulr_offset += ulfs_rw16(ep->d_reclen, needswap);
entryoffsetinblock += ulfs_rw16(ep->d_reclen, needswap);
if (ep->d_ino)
enduseful = results->ulr_offset;
}
notfound:
/*
* If we started in the middle of the directory and failed
* to find our target, we must check the beginning as well.
*/
if (numdirpasses == 2) {
numdirpasses--;
results->ulr_offset = 0;
endsearch = results->ulr_diroff;
goto searchloop;
}
if (bp != NULL)
brelse(bp, 0);
/*
* If creating, and at end of pathname and current
* directory has not been removed, then can consider
* allowing file to be created.
*/
if ((nameiop == CREATE || nameiop == RENAME ||
(nameiop == DELETE &&
(cnp->cn_flags & DOWHITEOUT) &&
(cnp->cn_flags & ISWHITEOUT))) &&
(flags & ISLASTCN) && dp->i_nlink != 0) {
/*
* Access for write is interpreted as allowing
* creation of files in the directory.
*/
error = VOP_ACCESS(vdp, VWRITE, cred);
if (error)
goto out;
/*
* Return an indication of where the new directory
* entry should be put. If we didn't find a slot,
* then set results->ulr_count to 0 indicating
* that the new slot belongs at the end of the
* directory. If we found a slot, then the new entry
* can be put in the range from results->ulr_offset to
* results->ulr_offset + results->ulr_count.
*/
if (slotstatus == NONE) {
results->ulr_offset = roundup(dp->i_size, dirblksiz);
results->ulr_count = 0;
enduseful = results->ulr_offset;
} else if (nameiop == DELETE) {
results->ulr_offset = slotoffset;
if ((results->ulr_offset & (dirblksiz - 1)) == 0)
results->ulr_count = 0;
else
results->ulr_count =
results->ulr_offset - prevoff;
} else {
results->ulr_offset = slotoffset;
results->ulr_count = slotsize;
if (enduseful < slotoffset + slotsize)
enduseful = slotoffset + slotsize;
}
results->ulr_endoff = roundup(enduseful, dirblksiz);
#if 0 /* commented out by dbj. none of the on disk fields changed */
dp->i_flag |= IN_CHANGE | IN_UPDATE;
#endif
/*
* We return with the directory locked, so that
* the parameters we set up above will still be
* valid if we actually decide to do a direnter().
* We return ni_vp == NULL to indicate that the entry
* does not currently exist; we leave a pointer to
* the (locked) directory inode in ndp->ni_dvp.
*
* NB - if the directory is unlocked, then this
* information cannot be used.
*/
error = EJUSTRETURN;
goto out;
}
/*
* Insert name into cache (as non-existent) if appropriate.
*/
if (nameiop != CREATE) {
cache_enter(vdp, *vpp, cnp->cn_nameptr, cnp->cn_namelen,
cnp->cn_flags);
}
error = ENOENT;
goto out;
found:
if (numdirpasses == 2)
namecache_count_pass2();
/*
* Check that directory length properly reflects presence
* of this entry.
*/
if (results->ulr_offset + LFS_DIRSIZ(FSFMT(vdp), ep, needswap) > dp->i_size) {
ulfs_dirbad(dp, results->ulr_offset, "i_size too small");
dp->i_size =
results->ulr_offset + LFS_DIRSIZ(FSFMT(vdp), ep, needswap);
DIP_ASSIGN(dp, size, dp->i_size);
dp->i_flag |= IN_CHANGE | IN_UPDATE;
}
brelse(bp, 0);
/*
* Found component in pathname.
* If the final component of path name, save information
* in the cache as to where the entry was found.
*/
if ((flags & ISLASTCN) && nameiop == LOOKUP)
results->ulr_diroff = results->ulr_offset &~ (dirblksiz - 1);
/*
* If deleting, and at end of pathname, return
* parameters which can be used to remove file.
* Lock the inode, being careful with ".".
*/
if (nameiop == DELETE && (flags & ISLASTCN)) {
/*
* Return pointer to current entry in results->ulr_offset,
* and distance past previous entry (if there
* is a previous entry in this block) in results->ulr_count.
* Save directory inode pointer in ndp->ni_dvp for dirremove().
*/
if ((results->ulr_offset & (dirblksiz - 1)) == 0)
results->ulr_count = 0;
else
results->ulr_count = results->ulr_offset - prevoff;
if (dp->i_number == foundino) {
vref(vdp);
tdp = vdp;
} else {
if (flags & ISDOTDOT)
VOP_UNLOCK(vdp); /* race to get the inode */
error = VFS_VGET(vdp->v_mount, foundino, &tdp);
if (flags & ISDOTDOT)
vn_lock(vdp, LK_EXCLUSIVE | LK_RETRY);
if (error)
goto out;
}
/*
* Write access to directory required to delete files.
*/
error = VOP_ACCESS(vdp, VWRITE, cred);
if (error) {
if (dp->i_number == foundino)
vrele(tdp);
else
vput(tdp);
goto out;
}
/*
* If directory is "sticky", then user must own
* the directory, or the file in it, else she
* may not delete it (unless she's root). This
* implements append-only directories.
*/
if (dp->i_mode & ISVTX) {
error = kauth_authorize_vnode(cred, KAUTH_VNODE_DELETE,
tdp, vdp, genfs_can_sticky(cred, dp->i_uid,
VTOI(tdp)->i_uid));
if (error) {
if (dp->i_number == foundino)
vrele(tdp);
else
vput(tdp);
error = EPERM;
goto out;
}
}
*vpp = tdp;
error = 0;
goto out;
}
/*
* If rewriting (RENAME), return the inode and the
* information required to rewrite the present directory
* Must get inode of directory entry to verify it's a
* regular file, or empty directory.
*/
if (nameiop == RENAME && (flags & ISLASTCN)) {
error = VOP_ACCESS(vdp, VWRITE, cred);
if (error)
goto out;
/*
* Careful about locking second inode.
* This can only occur if the target is ".".
*/
if (dp->i_number == foundino) {
error = EISDIR;
goto out;
}
if (flags & ISDOTDOT)
VOP_UNLOCK(vdp); /* race to get the inode */
error = VFS_VGET(vdp->v_mount, foundino, &tdp);
if (flags & ISDOTDOT)
vn_lock(vdp, LK_EXCLUSIVE | LK_RETRY);
if (error)
goto out;
*vpp = tdp;
error = 0;
goto out;
}
/*
* Step through the translation in the name. We do not `vput' the
* directory because we may need it again if a symbolic link
* is relative to the current directory. Instead we save it
* unlocked as "pdp". We must get the target inode before unlocking
* the directory to insure that the inode will not be removed
* before we get it. We prevent deadlock by always fetching
* inodes from the root, moving down the directory tree. Thus
* when following backward pointers ".." we must unlock the
* parent directory before getting the requested directory.
* There is a potential race condition here if both the current
* and parent directories are removed before the VFS_VGET for the
* inode associated with ".." returns. We hope that this occurs
* infrequently since we cannot avoid this race condition without
* implementing a sophisticated deadlock detection algorithm.
* Note also that this simple deadlock detection scheme will not
* work if the file system has any hard links other than ".."
* that point backwards in the directory structure.
*/
pdp = vdp;
if (flags & ISDOTDOT) {
VOP_UNLOCK(pdp); /* race to get the inode */
error = VFS_VGET(vdp->v_mount, foundino, &tdp);
vn_lock(pdp, LK_EXCLUSIVE | LK_RETRY);
if (error) {
goto out;
}
*vpp = tdp;
} else if (dp->i_number == foundino) {
vref(vdp); /* we want ourself, ie "." */
*vpp = vdp;
} else {
error = VFS_VGET(vdp->v_mount, foundino, &tdp);
if (error)
goto out;
*vpp = tdp;
}
/*
* Insert name into cache if appropriate.
*/
cache_enter(vdp, *vpp, cnp->cn_nameptr, cnp->cn_namelen, cnp->cn_flags);
error = 0;
out:
if (error == 0 && *vpp != vdp)
VOP_UNLOCK(*vpp);
fstrans_done(vdp->v_mount);
return error;
}
/*
* Allocate a new inode.
*/
int
ufs_makeinode(int mode, struct vnode *dvp, const struct ufs_lookup_results *ulr,
struct vnode **vpp, struct componentname *cnp)
{
struct inode *ip, *pdir;
struct direct *newdir;
struct vnode *tvp;
int error;
UFS_WAPBL_JUNLOCK_ASSERT(dvp->v_mount);
pdir = VTOI(dvp);
if ((mode & IFMT) == 0)
mode |= IFREG;
if ((error = UFS_VALLOC(dvp, mode, cnp->cn_cred, vpp)) != 0) {
return (error);
}
tvp = *vpp;
ip = VTOI(tvp);
ip->i_gid = pdir->i_gid;
DIP_ASSIGN(ip, gid, ip->i_gid);
ip->i_uid = kauth_cred_geteuid(cnp->cn_cred);
DIP_ASSIGN(ip, uid, ip->i_uid);
error = UFS_WAPBL_BEGIN1(dvp->v_mount, dvp);
if (error) {
/*
* Note, we can't VOP_VFREE(tvp) here like we should
* because we can't write to the disk. Instead, we leave
* the vnode dangling from the journal.
*/
vput(tvp);
return (error);
}
#if defined(QUOTA) || defined(QUOTA2)
if ((error = chkiq(ip, 1, cnp->cn_cred, 0))) {
UFS_VFREE(tvp, ip->i_number, mode);
UFS_WAPBL_END1(dvp->v_mount, dvp);
vput(tvp);
return (error);
}
#endif
ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
ip->i_mode = mode;
DIP_ASSIGN(ip, mode, mode);
tvp->v_type = IFTOVT(mode); /* Rest init'd in getnewvnode(). */
ip->i_nlink = 1;
DIP_ASSIGN(ip, nlink, 1);
/* Authorize setting SGID if needed. */
if (ip->i_mode & ISGID) {
error = kauth_authorize_vnode(cnp->cn_cred, KAUTH_VNODE_WRITE_SECURITY,
tvp, NULL, genfs_can_chmod(tvp->v_type, cnp->cn_cred, ip->i_uid,
ip->i_gid, mode));
if (error) {
ip->i_mode &= ~ISGID;
DIP_ASSIGN(ip, mode, ip->i_mode);
}
}
if (cnp->cn_flags & ISWHITEOUT) {
ip->i_flags |= UF_OPAQUE;
DIP_ASSIGN(ip, flags, ip->i_flags);
}
/*
* Make sure inode goes to disk before directory entry.
*/
if ((error = UFS_UPDATE(tvp, NULL, NULL, UPDATE_DIROP)) != 0)
goto bad;
newdir = pool_cache_get(ufs_direct_cache, PR_WAITOK);
ufs_makedirentry(ip, cnp, newdir);
error = ufs_direnter(dvp, ulr, tvp, newdir, cnp, NULL);
pool_cache_put(ufs_direct_cache, newdir);
if (error)
goto bad;
*vpp = tvp;
return (0);
bad:
/*
* Write error occurred trying to update the inode
* or the directory so must deallocate the inode.
*/
ip->i_nlink = 0;
DIP_ASSIGN(ip, nlink, 0);
ip->i_flag |= IN_CHANGE;
UFS_WAPBL_UPDATE(tvp, NULL, NULL, 0);
tvp->v_type = VNON; /* explodes later if VBLK */
UFS_WAPBL_END1(dvp->v_mount, dvp);
vput(tvp);
return (error);
}
/*
* Allocate a new inode.
*/
int
ulfs_makeinode(struct vattr *vap, struct vnode *dvp,
const struct ulfs_lookup_results *ulr,
struct vnode **vpp, struct componentname *cnp)
{
struct inode *ip;
struct vnode *tvp;
int error;
error = vcache_new(dvp->v_mount, dvp, vap, cnp->cn_cred, &tvp);
if (error)
return error;
error = vn_lock(tvp, LK_EXCLUSIVE);
if (error) {
vrele(tvp);
return error;
}
lfs_mark_vnode(tvp);
*vpp = tvp;
ip = VTOI(tvp);
ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
ip->i_nlink = 1;
DIP_ASSIGN(ip, nlink, 1);
/* Authorize setting SGID if needed. */
if (ip->i_mode & ISGID) {
error = kauth_authorize_vnode(cnp->cn_cred, KAUTH_VNODE_WRITE_SECURITY,
tvp, NULL, genfs_can_chmod(tvp->v_type, cnp->cn_cred, ip->i_uid,
ip->i_gid, MAKEIMODE(vap->va_type, vap->va_mode)));
if (error) {
ip->i_mode &= ~ISGID;
DIP_ASSIGN(ip, mode, ip->i_mode);
}
}
if (cnp->cn_flags & ISWHITEOUT) {
ip->i_flags |= UF_OPAQUE;
DIP_ASSIGN(ip, flags, ip->i_flags);
}
/*
* Make sure inode goes to disk before directory entry.
*/
if ((error = lfs_update(tvp, NULL, NULL, UPDATE_DIROP)) != 0)
goto bad;
error = ulfs_direnter(dvp, ulr, tvp,
cnp, ip->i_number, LFS_IFTODT(ip->i_mode), NULL);
if (error)
goto bad;
*vpp = tvp;
return (0);
bad:
/*
* Write error occurred trying to update the inode
* or the directory so must deallocate the inode.
*/
ip->i_nlink = 0;
DIP_ASSIGN(ip, nlink, 0);
ip->i_flag |= IN_CHANGE;
/* If IN_ADIROP, account for it */
lfs_unmark_vnode(tvp);
vput(tvp);
return (error);
}
