2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1989, 1993, 1995
5 * The Regents of the University of California. All rights reserved.
7 * This code is derived from software contributed to Berkeley by
8 * Poul-Henning Kamp of the FreeBSD Project.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * @(#)vfs_cache.c 8.5 (Berkeley) 3/22/95
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
41 #include "opt_ktrace.h"
43 #include <sys/param.h>
44 #include <sys/systm.h>
45 #include <sys/capsicum.h>
46 #include <sys/counter.h>
47 #include <sys/filedesc.h>
48 #include <sys/fnv_hash.h>
49 #include <sys/kernel.h>
52 #include <sys/malloc.h>
53 #include <sys/fcntl.h>
55 #include <sys/mount.h>
56 #include <sys/namei.h>
62 #include <sys/syscallsubr.h>
63 #include <sys/sysctl.h>
64 #include <sys/sysproto.h>
65 #include <sys/vnode.h>
68 #include <sys/ktrace.h>
71 #include <machine/_inttypes.h>
74 #include <sys/capsicum.h>
76 #include <security/audit/audit.h>
77 #include <security/mac/mac_framework.h>
86 * High level overview of name caching in the VFS layer.
88 * Originally caching was implemented as part of UFS, later extracted to allow
89 * use by other filesystems. A decision was made to make it optional and
90 * completely detached from the rest of the kernel, which comes with limitations
91 * outlined near the end of this comment block.
93 * This fundamental choice needs to be revisited. In the meantime, the current
94 * state is described below. Significance of all notable routines is explained
95 * in comments placed above their implementation. Scattered thoroughout the
96 * file are TODO comments indicating shortcomings which can be fixed without
97 * reworking everything (most of the fixes will likely be reusable). Various
98 * details are omitted from this explanation to not clutter the overview, they
99 * have to be checked by reading the code and associated commentary.
101 * Keep in mind that it's individual path components which are cached, not full
102 * paths. That is, for a fully cached path "foo/bar/baz" there are 3 entries,
105 * I. Data organization
107 * Entries are described by "struct namecache" objects and stored in a hash
108 * table. See cache_get_hash for more information.
110 * "struct vnode" contains pointers to source entries (names which can be found
111 * when traversing through said vnode), destination entries (names of that
112 * vnode (see "Limitations" for a breakdown on the subject) and a pointer to
115 * The (directory vnode; name) tuple reliably determines the target entry if
118 * Since there are no small locks at this time (all are 32 bytes in size on
119 * LP64), the code works around the problem by introducing lock arrays to
120 * protect hash buckets and vnode lists.
122 * II. Filesystem integration
124 * Filesystems participating in name caching do the following:
125 * - set vop_lookup routine to vfs_cache_lookup
126 * - set vop_cachedlookup to whatever can perform the lookup if the above fails
127 * - if they support lockless lookup (see below), vop_fplookup_vexec and
128 * vop_fplookup_symlink are set along with the MNTK_FPLOOKUP flag on the
130 * - call cache_purge or cache_vop_* routines to eliminate stale entries as
132 * - call cache_enter to add entries depending on the MAKEENTRY flag
134 * With the above in mind, there are 2 entry points when doing lookups:
135 * - ... -> namei -> cache_fplookup -- this is the default
136 * - ... -> VOP_LOOKUP -> vfs_cache_lookup -- normally only called by namei
137 * should the above fail
139 * Example code flow how an entry is added:
140 * ... -> namei -> cache_fplookup -> cache_fplookup_noentry -> VOP_LOOKUP ->
141 * vfs_cache_lookup -> VOP_CACHEDLOOKUP -> ufs_lookup_ino -> cache_enter
143 * III. Performance considerations
145 * For lockless case forward lookup avoids any writes to shared areas apart
146 * from the terminal path component. In other words non-modifying lookups of
147 * different files don't suffer any scalability problems in the namecache.
148 * Looking up the same file is limited by VFS and goes beyond the scope of this
151 * At least on amd64 the single-threaded bottleneck for long paths is hashing
152 * (see cache_get_hash). There are cases where the code issues acquire fence
153 * multiple times, they can be combined on architectures which suffer from it.
155 * For locked case each encountered vnode has to be referenced and locked in
156 * order to be handed out to the caller (normally that's namei). This
157 * introduces significant hit single-threaded and serialization multi-threaded.
159 * Reverse lookup (e.g., "getcwd") fully scales provided it is fully cached --
160 * avoids any writes to shared areas to any components.
162 * Unrelated insertions are partially serialized on updating the global entry
163 * counter and possibly serialized on colliding bucket or vnode locks.
167 * Note not everything has an explicit dtrace probe nor it should have, thus
168 * some of the one-liners below depend on implementation details.
172 * # Check what lookups failed to be handled in a lockless manner. Column 1 is
173 * # line number, column 2 is status code (see cache_fpl_status)
174 * dtrace -n 'vfs:fplookup:lookup:done { @[arg1, arg2] = count(); }'
176 * # Lengths of names added by binary name
177 * dtrace -n 'fbt::cache_enter_time:entry { @[execname] = quantize(args[2]->cn_namelen); }'
179 * # Same as above but only those which exceed 64 characters
180 * dtrace -n 'fbt::cache_enter_time:entry /args[2]->cn_namelen > 64/ { @[execname] = quantize(args[2]->cn_namelen); }'
182 * # Who is performing lookups with spurious slashes (e.g., "foo//bar") and what
184 * dtrace -n 'fbt::cache_fplookup_skip_slashes:entry { @[execname, stringof(args[0]->cnp->cn_pnbuf)] = count(); }'
186 * V. Limitations and implementation defects
188 * - since it is possible there is no entry for an open file, tools like
189 * "procstat" may fail to resolve fd -> vnode -> path to anything
190 * - even if a filesystem adds an entry, it may get purged (e.g., due to memory
191 * shortage) in which case the above problem applies
192 * - hardlinks are not tracked, thus if a vnode is reachable in more than one
193 * way, resolving a name may return a different path than the one used to
194 * open it (even if said path is still valid)
195 * - by default entries are not added for newly created files
196 * - adding an entry may need to evict negative entry first, which happens in 2
197 * distinct places (evicting on lookup, adding in a later VOP) making it
198 * impossible to simply reuse it
199 * - there is a simple scheme to evict negative entries as the cache is approaching
200 * its capacity, but it is very unclear if doing so is a good idea to begin with
201 * - vnodes are subject to being recycled even if target inode is left in memory,
202 * which loses the name cache entries when it perhaps should not. in case of tmpfs
203 * names get duplicated -- kept by filesystem itself and namecache separately
204 * - struct namecache has a fixed size and comes in 2 variants, often wasting space.
205 * now hard to replace with malloc due to dependence on SMR.
206 * - lack of better integration with the kernel also turns nullfs into a layered
207 * filesystem instead of something which can take advantage of caching
210 static SYSCTL_NODE(_vfs, OID_AUTO, cache, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
213 SDT_PROVIDER_DECLARE(vfs);
214 SDT_PROBE_DEFINE3(vfs, namecache, enter, done, "struct vnode *", "char *",
216 SDT_PROBE_DEFINE3(vfs, namecache, enter, duplicate, "struct vnode *", "char *",
218 SDT_PROBE_DEFINE2(vfs, namecache, enter_negative, done, "struct vnode *",
220 SDT_PROBE_DEFINE2(vfs, namecache, fullpath_smr, hit, "struct vnode *",
222 SDT_PROBE_DEFINE4(vfs, namecache, fullpath_smr, miss, "struct vnode *",
223 "struct namecache *", "int", "int");
224 SDT_PROBE_DEFINE1(vfs, namecache, fullpath, entry, "struct vnode *");
225 SDT_PROBE_DEFINE3(vfs, namecache, fullpath, hit, "struct vnode *",
226 "char *", "struct vnode *");
227 SDT_PROBE_DEFINE1(vfs, namecache, fullpath, miss, "struct vnode *");
228 SDT_PROBE_DEFINE3(vfs, namecache, fullpath, return, "int",
229 "struct vnode *", "char *");
230 SDT_PROBE_DEFINE3(vfs, namecache, lookup, hit, "struct vnode *", "char *",
232 SDT_PROBE_DEFINE2(vfs, namecache, lookup, hit__negative,
233 "struct vnode *", "char *");
234 SDT_PROBE_DEFINE2(vfs, namecache, lookup, miss, "struct vnode *",
236 SDT_PROBE_DEFINE2(vfs, namecache, removecnp, hit, "struct vnode *",
237 "struct componentname *");
238 SDT_PROBE_DEFINE2(vfs, namecache, removecnp, miss, "struct vnode *",
239 "struct componentname *");
240 SDT_PROBE_DEFINE1(vfs, namecache, purge, done, "struct vnode *");
241 SDT_PROBE_DEFINE1(vfs, namecache, purge, batch, "int");
242 SDT_PROBE_DEFINE1(vfs, namecache, purge_negative, done, "struct vnode *");
243 SDT_PROBE_DEFINE1(vfs, namecache, purgevfs, done, "struct mount *");
244 SDT_PROBE_DEFINE3(vfs, namecache, zap, done, "struct vnode *", "char *",
246 SDT_PROBE_DEFINE2(vfs, namecache, zap_negative, done, "struct vnode *",
248 SDT_PROBE_DEFINE2(vfs, namecache, evict_negative, done, "struct vnode *",
250 SDT_PROBE_DEFINE1(vfs, namecache, symlink, alloc__fail, "size_t");
252 SDT_PROBE_DEFINE3(vfs, fplookup, lookup, done, "struct nameidata", "int", "bool");
253 SDT_PROBE_DECLARE(vfs, namei, lookup, entry);
254 SDT_PROBE_DECLARE(vfs, namei, lookup, return);
257 * This structure describes the elements in the cache of recent
258 * names looked up by namei.
264 _Static_assert(sizeof(struct negstate) <= sizeof(struct vnode *),
265 "the state must fit in a union with a pointer without growing it");
268 LIST_ENTRY(namecache) nc_src; /* source vnode list */
269 TAILQ_ENTRY(namecache) nc_dst; /* destination vnode list */
270 CK_SLIST_ENTRY(namecache) nc_hash;/* hash chain */
271 struct vnode *nc_dvp; /* vnode of parent of name */
273 struct vnode *nu_vp; /* vnode the name refers to */
274 struct negstate nu_neg;/* negative entry state */
276 u_char nc_flag; /* flag bits */
277 u_char nc_nlen; /* length of name */
278 char nc_name[0]; /* segment name + nul */
282 * struct namecache_ts repeats struct namecache layout up to the
284 * struct namecache_ts is used in place of struct namecache when time(s) need
285 * to be stored. The nc_dotdottime field is used when a cache entry is mapping
286 * both a non-dotdot directory name plus dotdot for the directory's
289 * See below for alignment requirement.
291 struct namecache_ts {
292 struct timespec nc_time; /* timespec provided by fs */
293 struct timespec nc_dotdottime; /* dotdot timespec provided by fs */
294 int nc_ticks; /* ticks value when entry was added */
296 struct namecache nc_nc;
299 TAILQ_HEAD(cache_freebatch, namecache);
302 * At least mips n32 performs 64-bit accesses to timespec as found
303 * in namecache_ts and requires them to be aligned. Since others
304 * may be in the same spot suffer a little bit and enforce the
305 * alignment for everyone. Note this is a nop for 64-bit platforms.
307 #define CACHE_ZONE_ALIGNMENT UMA_ALIGNOF(time_t)
310 * TODO: the initial value of CACHE_PATH_CUTOFF was inherited from the
311 * 4.4 BSD codebase. Later on struct namecache was tweaked to become
312 * smaller and the value was bumped to retain the total size, but it
313 * was never re-evaluated for suitability. A simple test counting
314 * lengths during package building shows that the value of 45 covers
315 * about 86% of all added entries, reaching 99% at 65.
317 * Regardless of the above, use of dedicated zones instead of malloc may be
318 * inducing additional waste. This may be hard to address as said zones are
319 * tied to VFS SMR. Even if retaining them, the current split should be
323 #define CACHE_PATH_CUTOFF 45
324 #define CACHE_LARGE_PAD 6
326 #define CACHE_PATH_CUTOFF 41
327 #define CACHE_LARGE_PAD 2
330 #define CACHE_ZONE_SMALL_SIZE (offsetof(struct namecache, nc_name) + CACHE_PATH_CUTOFF + 1)
331 #define CACHE_ZONE_SMALL_TS_SIZE (offsetof(struct namecache_ts, nc_nc) + CACHE_ZONE_SMALL_SIZE)
332 #define CACHE_ZONE_LARGE_SIZE (offsetof(struct namecache, nc_name) + NAME_MAX + 1 + CACHE_LARGE_PAD)
333 #define CACHE_ZONE_LARGE_TS_SIZE (offsetof(struct namecache_ts, nc_nc) + CACHE_ZONE_LARGE_SIZE)
335 _Static_assert((CACHE_ZONE_SMALL_SIZE % (CACHE_ZONE_ALIGNMENT + 1)) == 0, "bad zone size");
336 _Static_assert((CACHE_ZONE_SMALL_TS_SIZE % (CACHE_ZONE_ALIGNMENT + 1)) == 0, "bad zone size");
337 _Static_assert((CACHE_ZONE_LARGE_SIZE % (CACHE_ZONE_ALIGNMENT + 1)) == 0, "bad zone size");
338 _Static_assert((CACHE_ZONE_LARGE_TS_SIZE % (CACHE_ZONE_ALIGNMENT + 1)) == 0, "bad zone size");
340 #define nc_vp n_un.nu_vp
341 #define nc_neg n_un.nu_neg
344 * Flags in namecache.nc_flag
346 #define NCF_WHITE 0x01
347 #define NCF_ISDOTDOT 0x02
350 #define NCF_DVDROP 0x10
351 #define NCF_NEGATIVE 0x20
352 #define NCF_INVALID 0x40
356 * Flags in negstate.neg_flag
360 static bool cache_neg_evict_cond(u_long lnumcache);
363 * Mark an entry as invalid.
365 * This is called before it starts getting deconstructed.
368 cache_ncp_invalidate(struct namecache *ncp)
371 KASSERT((ncp->nc_flag & NCF_INVALID) == 0,
372 ("%s: entry %p already invalid", __func__, ncp));
373 atomic_store_char(&ncp->nc_flag, ncp->nc_flag | NCF_INVALID);
374 atomic_thread_fence_rel();
378 * Check whether the entry can be safely used.
380 * All places which elide locks are supposed to call this after they are
381 * done with reading from an entry.
383 #define cache_ncp_canuse(ncp) ({ \
384 struct namecache *_ncp = (ncp); \
387 atomic_thread_fence_acq(); \
388 _nc_flag = atomic_load_char(&_ncp->nc_flag); \
389 __predict_true((_nc_flag & (NCF_INVALID | NCF_WIP)) == 0); \
393 * Like the above but also checks NCF_WHITE.
395 #define cache_fpl_neg_ncp_canuse(ncp) ({ \
396 struct namecache *_ncp = (ncp); \
399 atomic_thread_fence_acq(); \
400 _nc_flag = atomic_load_char(&_ncp->nc_flag); \
401 __predict_true((_nc_flag & (NCF_INVALID | NCF_WIP | NCF_WHITE)) == 0); \
406 static SYSCTL_NODE(_vfs_cache, OID_AUTO, param, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
407 "Name cache parameters");
409 static u_int __read_mostly ncsize; /* the size as computed on creation or resizing */
410 SYSCTL_UINT(_vfs_cache_param, OID_AUTO, size, CTLFLAG_RW, &ncsize, 0,
411 "Total namecache capacity");
413 u_int ncsizefactor = 2;
414 SYSCTL_UINT(_vfs_cache_param, OID_AUTO, sizefactor, CTLFLAG_RW, &ncsizefactor, 0,
415 "Size factor for namecache");
417 static u_long __read_mostly ncnegfactor = 5; /* ratio of negative entries */
418 SYSCTL_ULONG(_vfs_cache_param, OID_AUTO, negfactor, CTLFLAG_RW, &ncnegfactor, 0,
419 "Ratio of negative namecache entries");
422 * Negative entry % of namecache capacity above which automatic eviction is allowed.
424 * Check cache_neg_evict_cond for details.
426 static u_int ncnegminpct = 3;
428 static u_int __read_mostly neg_min; /* the above recomputed against ncsize */
429 SYSCTL_UINT(_vfs_cache_param, OID_AUTO, negmin, CTLFLAG_RD, &neg_min, 0,
430 "Negative entry count above which automatic eviction is allowed");
433 * Structures associated with name caching.
435 #define NCHHASH(hash) \
436 (&nchashtbl[(hash) & nchash])
437 static __read_mostly CK_SLIST_HEAD(nchashhead, namecache) *nchashtbl;/* Hash Table */
438 static u_long __read_mostly nchash; /* size of hash table */
439 SYSCTL_ULONG(_debug, OID_AUTO, nchash, CTLFLAG_RD, &nchash, 0,
440 "Size of namecache hash table");
441 static u_long __exclusive_cache_line numneg; /* number of negative entries allocated */
442 static u_long __exclusive_cache_line numcache;/* number of cache entries allocated */
444 struct nchstats nchstats; /* cache effectiveness statistics */
446 static bool __read_frequently cache_fast_revlookup = true;
447 SYSCTL_BOOL(_vfs, OID_AUTO, cache_fast_revlookup, CTLFLAG_RW,
448 &cache_fast_revlookup, 0, "");
450 static bool __read_mostly cache_rename_add = true;
451 SYSCTL_BOOL(_vfs, OID_AUTO, cache_rename_add, CTLFLAG_RW,
452 &cache_rename_add, 0, "");
454 static u_int __exclusive_cache_line neg_cycle;
457 #define numneglists (ncneghash + 1)
460 struct mtx nl_evict_lock;
461 struct mtx nl_lock __aligned(CACHE_LINE_SIZE);
462 TAILQ_HEAD(, namecache) nl_list;
463 TAILQ_HEAD(, namecache) nl_hotlist;
465 } __aligned(CACHE_LINE_SIZE);
467 static struct neglist neglists[numneglists];
469 static inline struct neglist *
470 NCP2NEGLIST(struct namecache *ncp)
473 return (&neglists[(((uintptr_t)(ncp) >> 8) & ncneghash)]);
476 static inline struct negstate *
477 NCP2NEGSTATE(struct namecache *ncp)
480 MPASS(atomic_load_char(&ncp->nc_flag) & NCF_NEGATIVE);
481 return (&ncp->nc_neg);
484 #define numbucketlocks (ncbuckethash + 1)
485 static u_int __read_mostly ncbuckethash;
486 static struct mtx_padalign __read_mostly *bucketlocks;
487 #define HASH2BUCKETLOCK(hash) \
488 ((struct mtx *)(&bucketlocks[((hash) & ncbuckethash)]))
490 #define numvnodelocks (ncvnodehash + 1)
491 static u_int __read_mostly ncvnodehash;
492 static struct mtx __read_mostly *vnodelocks;
493 static inline struct mtx *
494 VP2VNODELOCK(struct vnode *vp)
497 return (&vnodelocks[(((uintptr_t)(vp) >> 8) & ncvnodehash)]);
501 cache_out_ts(struct namecache *ncp, struct timespec *tsp, int *ticksp)
503 struct namecache_ts *ncp_ts;
505 KASSERT((ncp->nc_flag & NCF_TS) != 0 ||
506 (tsp == NULL && ticksp == NULL),
512 ncp_ts = __containerof(ncp, struct namecache_ts, nc_nc);
513 *tsp = ncp_ts->nc_time;
514 *ticksp = ncp_ts->nc_ticks;
518 static int __read_mostly doingcache = 1; /* 1 => enable the cache */
519 SYSCTL_INT(_debug, OID_AUTO, vfscache, CTLFLAG_RW, &doingcache, 0,
520 "VFS namecache enabled");
523 /* Export size information to userland */
524 SYSCTL_INT(_debug_sizeof, OID_AUTO, namecache, CTLFLAG_RD, SYSCTL_NULL_INT_PTR,
525 sizeof(struct namecache), "sizeof(struct namecache)");
528 * The new name cache statistics
530 static SYSCTL_NODE(_vfs_cache, OID_AUTO, stats, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
531 "Name cache statistics");
533 #define STATNODE_ULONG(name, varname, descr) \
534 SYSCTL_ULONG(_vfs_cache_stats, OID_AUTO, name, CTLFLAG_RD, &varname, 0, descr);
535 #define STATNODE_COUNTER(name, varname, descr) \
536 static COUNTER_U64_DEFINE_EARLY(varname); \
537 SYSCTL_COUNTER_U64(_vfs_cache_stats, OID_AUTO, name, CTLFLAG_RD, &varname, \
539 STATNODE_ULONG(neg, numneg, "Number of negative cache entries");
540 STATNODE_ULONG(count, numcache, "Number of cache entries");
541 STATNODE_COUNTER(heldvnodes, numcachehv, "Number of namecache entries with vnodes held");
542 STATNODE_COUNTER(drops, numdrops, "Number of dropped entries due to reaching the limit");
543 STATNODE_COUNTER(dothits, dothits, "Number of '.' hits");
544 STATNODE_COUNTER(dotdothis, dotdothits, "Number of '..' hits");
545 STATNODE_COUNTER(miss, nummiss, "Number of cache misses");
546 STATNODE_COUNTER(misszap, nummisszap, "Number of cache misses we do not want to cache");
547 STATNODE_COUNTER(posszaps, numposzaps,
548 "Number of cache hits (positive) we do not want to cache");
549 STATNODE_COUNTER(poshits, numposhits, "Number of cache hits (positive)");
550 STATNODE_COUNTER(negzaps, numnegzaps,
551 "Number of cache hits (negative) we do not want to cache");
552 STATNODE_COUNTER(neghits, numneghits, "Number of cache hits (negative)");
553 /* These count for vn_getcwd(), too. */
554 STATNODE_COUNTER(fullpathcalls, numfullpathcalls, "Number of fullpath search calls");
555 STATNODE_COUNTER(fullpathfail1, numfullpathfail1, "Number of fullpath search errors (ENOTDIR)");
556 STATNODE_COUNTER(fullpathfail2, numfullpathfail2,
557 "Number of fullpath search errors (VOP_VPTOCNP failures)");
558 STATNODE_COUNTER(fullpathfail4, numfullpathfail4, "Number of fullpath search errors (ENOMEM)");
559 STATNODE_COUNTER(fullpathfound, numfullpathfound, "Number of successful fullpath calls");
560 STATNODE_COUNTER(symlinktoobig, symlinktoobig, "Number of times symlink did not fit the cache");
563 * Debug or developer statistics.
565 static SYSCTL_NODE(_vfs_cache, OID_AUTO, debug, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
566 "Name cache debugging");
567 #define DEBUGNODE_ULONG(name, varname, descr) \
568 SYSCTL_ULONG(_vfs_cache_debug, OID_AUTO, name, CTLFLAG_RD, &varname, 0, descr);
569 #define DEBUGNODE_COUNTER(name, varname, descr) \
570 static COUNTER_U64_DEFINE_EARLY(varname); \
571 SYSCTL_COUNTER_U64(_vfs_cache_debug, OID_AUTO, name, CTLFLAG_RD, &varname, \
573 DEBUGNODE_COUNTER(zap_bucket_relock_success, zap_bucket_relock_success,
574 "Number of successful removals after relocking");
575 static long zap_bucket_fail;
576 DEBUGNODE_ULONG(zap_bucket_fail, zap_bucket_fail, "");
577 static long zap_bucket_fail2;
578 DEBUGNODE_ULONG(zap_bucket_fail2, zap_bucket_fail2, "");
579 static long cache_lock_vnodes_cel_3_failures;
580 DEBUGNODE_ULONG(vnodes_cel_3_failures, cache_lock_vnodes_cel_3_failures,
581 "Number of times 3-way vnode locking failed");
583 static void cache_fplookup_lockout(void);
584 static void cache_fplookup_restore(void);
586 static void cache_zap_locked(struct namecache *ncp);
587 static int vn_fullpath_hardlink(struct nameidata *ndp, char **retbuf,
588 char **freebuf, size_t *buflen);
589 static int vn_fullpath_any_smr(struct vnode *vp, struct vnode *rdir, char *buf,
590 char **retbuf, size_t *buflen, size_t addend);
591 static int vn_fullpath_any(struct vnode *vp, struct vnode *rdir, char *buf,
592 char **retbuf, size_t *buflen);
593 static int vn_fullpath_dir(struct vnode *vp, struct vnode *rdir, char *buf,
594 char **retbuf, size_t *len, size_t addend);
596 static MALLOC_DEFINE(M_VFSCACHE, "vfscache", "VFS name cache entries");
599 cache_assert_vlp_locked(struct mtx *vlp)
603 mtx_assert(vlp, MA_OWNED);
607 cache_assert_vnode_locked(struct vnode *vp)
611 vlp = VP2VNODELOCK(vp);
612 cache_assert_vlp_locked(vlp);
616 * Directory vnodes with entries are held for two reasons:
617 * 1. make them less of a target for reclamation in vnlru
618 * 2. suffer smaller performance penalty in locked lookup as requeieing is avoided
620 * It will be feasible to stop doing it altogether if all filesystems start
621 * supporting lockless lookup.
624 cache_hold_vnode(struct vnode *vp)
627 cache_assert_vnode_locked(vp);
628 VNPASS(LIST_EMPTY(&vp->v_cache_src), vp);
630 counter_u64_add(numcachehv, 1);
634 cache_drop_vnode(struct vnode *vp)
638 * Called after all locks are dropped, meaning we can't assert
639 * on the state of v_cache_src.
642 counter_u64_add(numcachehv, -1);
648 static uma_zone_t __read_mostly cache_zone_small;
649 static uma_zone_t __read_mostly cache_zone_small_ts;
650 static uma_zone_t __read_mostly cache_zone_large;
651 static uma_zone_t __read_mostly cache_zone_large_ts;
654 cache_symlink_alloc(size_t size, int flags)
657 if (size < CACHE_ZONE_SMALL_SIZE) {
658 return (uma_zalloc_smr(cache_zone_small, flags));
660 if (size < CACHE_ZONE_LARGE_SIZE) {
661 return (uma_zalloc_smr(cache_zone_large, flags));
663 counter_u64_add(symlinktoobig, 1);
664 SDT_PROBE1(vfs, namecache, symlink, alloc__fail, size);
669 cache_symlink_free(char *string, size_t size)
672 MPASS(string != NULL);
673 KASSERT(size < CACHE_ZONE_LARGE_SIZE,
674 ("%s: size %zu too big", __func__, size));
676 if (size < CACHE_ZONE_SMALL_SIZE) {
677 uma_zfree_smr(cache_zone_small, string);
680 if (size < CACHE_ZONE_LARGE_SIZE) {
681 uma_zfree_smr(cache_zone_large, string);
684 __assert_unreachable();
687 static struct namecache *
688 cache_alloc_uma(int len, bool ts)
690 struct namecache_ts *ncp_ts;
691 struct namecache *ncp;
693 if (__predict_false(ts)) {
694 if (len <= CACHE_PATH_CUTOFF)
695 ncp_ts = uma_zalloc_smr(cache_zone_small_ts, M_WAITOK);
697 ncp_ts = uma_zalloc_smr(cache_zone_large_ts, M_WAITOK);
698 ncp = &ncp_ts->nc_nc;
700 if (len <= CACHE_PATH_CUTOFF)
701 ncp = uma_zalloc_smr(cache_zone_small, M_WAITOK);
703 ncp = uma_zalloc_smr(cache_zone_large, M_WAITOK);
709 cache_free_uma(struct namecache *ncp)
711 struct namecache_ts *ncp_ts;
713 if (__predict_false(ncp->nc_flag & NCF_TS)) {
714 ncp_ts = __containerof(ncp, struct namecache_ts, nc_nc);
715 if (ncp->nc_nlen <= CACHE_PATH_CUTOFF)
716 uma_zfree_smr(cache_zone_small_ts, ncp_ts);
718 uma_zfree_smr(cache_zone_large_ts, ncp_ts);
720 if (ncp->nc_nlen <= CACHE_PATH_CUTOFF)
721 uma_zfree_smr(cache_zone_small, ncp);
723 uma_zfree_smr(cache_zone_large, ncp);
727 static struct namecache *
728 cache_alloc(int len, bool ts)
733 * Avoid blowout in namecache entries.
736 * 1. filesystems may end up trying to add an already existing entry
737 * (for example this can happen after a cache miss during concurrent
738 * lookup), in which case we will call cache_neg_evict despite not
740 * 2. the routine may fail to free anything and no provisions are made
741 * to make it try harder (see the inside for failure modes)
742 * 3. it only ever looks at negative entries.
744 lnumcache = atomic_fetchadd_long(&numcache, 1) + 1;
745 if (cache_neg_evict_cond(lnumcache)) {
746 lnumcache = atomic_load_long(&numcache);
748 if (__predict_false(lnumcache >= ncsize)) {
749 atomic_subtract_long(&numcache, 1);
750 counter_u64_add(numdrops, 1);
753 return (cache_alloc_uma(len, ts));
757 cache_free(struct namecache *ncp)
761 if ((ncp->nc_flag & NCF_DVDROP) != 0) {
762 cache_drop_vnode(ncp->nc_dvp);
765 atomic_subtract_long(&numcache, 1);
769 cache_free_batch(struct cache_freebatch *batch)
771 struct namecache *ncp, *nnp;
775 if (TAILQ_EMPTY(batch))
777 TAILQ_FOREACH_SAFE(ncp, batch, nc_dst, nnp) {
778 if ((ncp->nc_flag & NCF_DVDROP) != 0) {
779 cache_drop_vnode(ncp->nc_dvp);
784 atomic_subtract_long(&numcache, i);
786 SDT_PROBE1(vfs, namecache, purge, batch, i);
792 * The code was made to use FNV in 2001 and this choice needs to be revisited.
794 * Short summary of the difficulty:
795 * The longest name which can be inserted is NAME_MAX characters in length (or
796 * 255 at the time of writing this comment), while majority of names used in
797 * practice are significantly shorter (mostly below 10). More importantly
798 * majority of lookups performed find names are even shorter than that.
800 * This poses a problem where hashes which do better than FNV past word size
801 * (or so) tend to come with additional overhead when finalizing the result,
802 * making them noticeably slower for the most commonly used range.
804 * Consider a path like: /usr/obj/usr/src/sys/amd64/GENERIC/vnode_if.c
806 * When looking it up the most time consuming part by a large margin (at least
807 * on amd64) is hashing. Replacing FNV with something which pessimizes short
808 * input would make the slowest part stand out even more.
812 * TODO: With the value stored we can do better than computing the hash based
816 cache_prehash(struct vnode *vp)
819 vp->v_nchash = fnv_32_buf(&vp, sizeof(vp), FNV1_32_INIT);
823 cache_get_hash(char *name, u_char len, struct vnode *dvp)
826 return (fnv_32_buf(name, len, dvp->v_nchash));
830 cache_get_hash_iter_start(struct vnode *dvp)
833 return (dvp->v_nchash);
837 cache_get_hash_iter(char c, uint32_t hash)
840 return (fnv_32_buf(&c, 1, hash));
844 cache_get_hash_iter_finish(uint32_t hash)
850 static inline struct nchashhead *
851 NCP2BUCKET(struct namecache *ncp)
855 hash = cache_get_hash(ncp->nc_name, ncp->nc_nlen, ncp->nc_dvp);
856 return (NCHHASH(hash));
859 static inline struct mtx *
860 NCP2BUCKETLOCK(struct namecache *ncp)
864 hash = cache_get_hash(ncp->nc_name, ncp->nc_nlen, ncp->nc_dvp);
865 return (HASH2BUCKETLOCK(hash));
870 cache_assert_bucket_locked(struct namecache *ncp)
874 blp = NCP2BUCKETLOCK(ncp);
875 mtx_assert(blp, MA_OWNED);
879 cache_assert_bucket_unlocked(struct namecache *ncp)
883 blp = NCP2BUCKETLOCK(ncp);
884 mtx_assert(blp, MA_NOTOWNED);
887 #define cache_assert_bucket_locked(x) do { } while (0)
888 #define cache_assert_bucket_unlocked(x) do { } while (0)
891 #define cache_sort_vnodes(x, y) _cache_sort_vnodes((void **)(x), (void **)(y))
893 _cache_sort_vnodes(void **p1, void **p2)
897 MPASS(*p1 != NULL || *p2 != NULL);
907 cache_lock_all_buckets(void)
911 for (i = 0; i < numbucketlocks; i++)
912 mtx_lock(&bucketlocks[i]);
916 cache_unlock_all_buckets(void)
920 for (i = 0; i < numbucketlocks; i++)
921 mtx_unlock(&bucketlocks[i]);
925 cache_lock_all_vnodes(void)
929 for (i = 0; i < numvnodelocks; i++)
930 mtx_lock(&vnodelocks[i]);
934 cache_unlock_all_vnodes(void)
938 for (i = 0; i < numvnodelocks; i++)
939 mtx_unlock(&vnodelocks[i]);
943 cache_trylock_vnodes(struct mtx *vlp1, struct mtx *vlp2)
946 cache_sort_vnodes(&vlp1, &vlp2);
949 if (!mtx_trylock(vlp1))
952 if (!mtx_trylock(vlp2)) {
962 cache_lock_vnodes(struct mtx *vlp1, struct mtx *vlp2)
965 MPASS(vlp1 != NULL || vlp2 != NULL);
975 cache_unlock_vnodes(struct mtx *vlp1, struct mtx *vlp2)
978 MPASS(vlp1 != NULL || vlp2 != NULL);
987 sysctl_nchstats(SYSCTL_HANDLER_ARGS)
989 struct nchstats snap;
991 if (req->oldptr == NULL)
992 return (SYSCTL_OUT(req, 0, sizeof(snap)));
995 snap.ncs_goodhits = counter_u64_fetch(numposhits);
996 snap.ncs_neghits = counter_u64_fetch(numneghits);
997 snap.ncs_badhits = counter_u64_fetch(numposzaps) +
998 counter_u64_fetch(numnegzaps);
999 snap.ncs_miss = counter_u64_fetch(nummisszap) +
1000 counter_u64_fetch(nummiss);
1002 return (SYSCTL_OUT(req, &snap, sizeof(snap)));
1004 SYSCTL_PROC(_vfs_cache, OID_AUTO, nchstats, CTLTYPE_OPAQUE | CTLFLAG_RD |
1005 CTLFLAG_MPSAFE, 0, 0, sysctl_nchstats, "LU",
1006 "VFS cache effectiveness statistics");
1009 cache_recalc_neg_min(u_int val)
1012 neg_min = (ncsize * val) / 100;
1016 sysctl_negminpct(SYSCTL_HANDLER_ARGS)
1022 error = sysctl_handle_int(oidp, &val, 0, req);
1023 if (error != 0 || req->newptr == NULL)
1026 if (val == ncnegminpct)
1028 if (val < 0 || val > 99)
1031 cache_recalc_neg_min(val);
1035 SYSCTL_PROC(_vfs_cache_param, OID_AUTO, negminpct,
1036 CTLTYPE_INT | CTLFLAG_MPSAFE | CTLFLAG_RW, NULL, 0, sysctl_negminpct,
1037 "I", "Negative entry \% of namecache capacity above which automatic eviction is allowed");
1041 * Grab an atomic snapshot of the name cache hash chain lengths
1043 static SYSCTL_NODE(_debug, OID_AUTO, hashstat,
1044 CTLFLAG_RW | CTLFLAG_MPSAFE, NULL,
1045 "hash table stats");
1048 sysctl_debug_hashstat_rawnchash(SYSCTL_HANDLER_ARGS)
1050 struct nchashhead *ncpp;
1051 struct namecache *ncp;
1052 int i, error, n_nchash, *cntbuf;
1055 n_nchash = nchash + 1; /* nchash is max index, not count */
1056 if (req->oldptr == NULL)
1057 return SYSCTL_OUT(req, 0, n_nchash * sizeof(int));
1058 cntbuf = malloc(n_nchash * sizeof(int), M_TEMP, M_ZERO | M_WAITOK);
1059 cache_lock_all_buckets();
1060 if (n_nchash != nchash + 1) {
1061 cache_unlock_all_buckets();
1062 free(cntbuf, M_TEMP);
1065 /* Scan hash tables counting entries */
1066 for (ncpp = nchashtbl, i = 0; i < n_nchash; ncpp++, i++)
1067 CK_SLIST_FOREACH(ncp, ncpp, nc_hash)
1069 cache_unlock_all_buckets();
1070 for (error = 0, i = 0; i < n_nchash; i++)
1071 if ((error = SYSCTL_OUT(req, &cntbuf[i], sizeof(int))) != 0)
1073 free(cntbuf, M_TEMP);
1076 SYSCTL_PROC(_debug_hashstat, OID_AUTO, rawnchash, CTLTYPE_INT|CTLFLAG_RD|
1077 CTLFLAG_MPSAFE, 0, 0, sysctl_debug_hashstat_rawnchash, "S,int",
1078 "nchash chain lengths");
1081 sysctl_debug_hashstat_nchash(SYSCTL_HANDLER_ARGS)
1084 struct nchashhead *ncpp;
1085 struct namecache *ncp;
1087 int count, maxlength, used, pct;
1090 return SYSCTL_OUT(req, 0, 4 * sizeof(int));
1092 cache_lock_all_buckets();
1093 n_nchash = nchash + 1; /* nchash is max index, not count */
1097 /* Scan hash tables for applicable entries */
1098 for (ncpp = nchashtbl; n_nchash > 0; n_nchash--, ncpp++) {
1100 CK_SLIST_FOREACH(ncp, ncpp, nc_hash) {
1105 if (maxlength < count)
1108 n_nchash = nchash + 1;
1109 cache_unlock_all_buckets();
1110 pct = (used * 100) / (n_nchash / 100);
1111 error = SYSCTL_OUT(req, &n_nchash, sizeof(n_nchash));
1114 error = SYSCTL_OUT(req, &used, sizeof(used));
1117 error = SYSCTL_OUT(req, &maxlength, sizeof(maxlength));
1120 error = SYSCTL_OUT(req, &pct, sizeof(pct));
1125 SYSCTL_PROC(_debug_hashstat, OID_AUTO, nchash, CTLTYPE_INT|CTLFLAG_RD|
1126 CTLFLAG_MPSAFE, 0, 0, sysctl_debug_hashstat_nchash, "I",
1127 "nchash statistics (number of total/used buckets, maximum chain length, usage percentage)");
1131 * Negative entries management
1133 * Various workloads create plenty of negative entries and barely use them
1134 * afterwards. Moreover malicious users can keep performing bogus lookups
1135 * adding even more entries. For example "make tinderbox" as of writing this
1136 * comment ends up with 2.6M namecache entries in total, 1.2M of which are
1139 * As such, a rather aggressive eviction method is needed. The currently
1140 * employed method is a placeholder.
1142 * Entries are split over numneglists separate lists, each of which is further
1143 * split into hot and cold entries. Entries get promoted after getting a hit.
1144 * Eviction happens on addition of new entry.
1146 static SYSCTL_NODE(_vfs_cache, OID_AUTO, neg, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
1147 "Name cache negative entry statistics");
1149 SYSCTL_ULONG(_vfs_cache_neg, OID_AUTO, count, CTLFLAG_RD, &numneg, 0,
1150 "Number of negative cache entries");
1152 static COUNTER_U64_DEFINE_EARLY(neg_created);
1153 SYSCTL_COUNTER_U64(_vfs_cache_neg, OID_AUTO, created, CTLFLAG_RD, &neg_created,
1154 "Number of created negative entries");
1156 static COUNTER_U64_DEFINE_EARLY(neg_evicted);
1157 SYSCTL_COUNTER_U64(_vfs_cache_neg, OID_AUTO, evicted, CTLFLAG_RD, &neg_evicted,
1158 "Number of evicted negative entries");
1160 static COUNTER_U64_DEFINE_EARLY(neg_evict_skipped_empty);
1161 SYSCTL_COUNTER_U64(_vfs_cache_neg, OID_AUTO, evict_skipped_empty, CTLFLAG_RD,
1162 &neg_evict_skipped_empty,
1163 "Number of times evicting failed due to lack of entries");
1165 static COUNTER_U64_DEFINE_EARLY(neg_evict_skipped_missed);
1166 SYSCTL_COUNTER_U64(_vfs_cache_neg, OID_AUTO, evict_skipped_missed, CTLFLAG_RD,
1167 &neg_evict_skipped_missed,
1168 "Number of times evicting failed due to target entry disappearing");
1170 static COUNTER_U64_DEFINE_EARLY(neg_evict_skipped_contended);
1171 SYSCTL_COUNTER_U64(_vfs_cache_neg, OID_AUTO, evict_skipped_contended, CTLFLAG_RD,
1172 &neg_evict_skipped_contended,
1173 "Number of times evicting failed due to contention");
1175 SYSCTL_COUNTER_U64(_vfs_cache_neg, OID_AUTO, hits, CTLFLAG_RD, &numneghits,
1176 "Number of cache hits (negative)");
1179 sysctl_neg_hot(SYSCTL_HANDLER_ARGS)
1184 for (i = 0; i < numneglists; i++)
1185 out += neglists[i].nl_hotnum;
1187 return (SYSCTL_OUT(req, &out, sizeof(out)));
1189 SYSCTL_PROC(_vfs_cache_neg, OID_AUTO, hot, CTLTYPE_INT | CTLFLAG_RD |
1190 CTLFLAG_MPSAFE, 0, 0, sysctl_neg_hot, "I",
1191 "Number of hot negative entries");
1194 cache_neg_init(struct namecache *ncp)
1196 struct negstate *ns;
1198 ncp->nc_flag |= NCF_NEGATIVE;
1199 ns = NCP2NEGSTATE(ncp);
1202 counter_u64_add(neg_created, 1);
1205 #define CACHE_NEG_PROMOTION_THRESH 2
1208 cache_neg_hit_prep(struct namecache *ncp)
1210 struct negstate *ns;
1213 ns = NCP2NEGSTATE(ncp);
1214 n = atomic_load_char(&ns->neg_hit);
1216 if (n >= CACHE_NEG_PROMOTION_THRESH)
1218 if (atomic_fcmpset_8(&ns->neg_hit, &n, n + 1))
1221 return (n + 1 == CACHE_NEG_PROMOTION_THRESH);
1225 * Nothing to do here but it is provided for completeness as some
1226 * cache_neg_hit_prep callers may end up returning without even
1227 * trying to promote.
1229 #define cache_neg_hit_abort(ncp) do { } while (0)
1232 cache_neg_hit_finish(struct namecache *ncp)
1235 SDT_PROBE2(vfs, namecache, lookup, hit__negative, ncp->nc_dvp, ncp->nc_name);
1236 counter_u64_add(numneghits, 1);
1240 * Move a negative entry to the hot list.
1243 cache_neg_promote_locked(struct namecache *ncp)
1246 struct negstate *ns;
1248 ns = NCP2NEGSTATE(ncp);
1249 nl = NCP2NEGLIST(ncp);
1250 mtx_assert(&nl->nl_lock, MA_OWNED);
1251 if ((ns->neg_flag & NEG_HOT) == 0) {
1252 TAILQ_REMOVE(&nl->nl_list, ncp, nc_dst);
1253 TAILQ_INSERT_TAIL(&nl->nl_hotlist, ncp, nc_dst);
1255 ns->neg_flag |= NEG_HOT;
1260 * Move a hot negative entry to the cold list.
1263 cache_neg_demote_locked(struct namecache *ncp)
1266 struct negstate *ns;
1268 ns = NCP2NEGSTATE(ncp);
1269 nl = NCP2NEGLIST(ncp);
1270 mtx_assert(&nl->nl_lock, MA_OWNED);
1271 MPASS(ns->neg_flag & NEG_HOT);
1272 TAILQ_REMOVE(&nl->nl_hotlist, ncp, nc_dst);
1273 TAILQ_INSERT_TAIL(&nl->nl_list, ncp, nc_dst);
1275 ns->neg_flag &= ~NEG_HOT;
1276 atomic_store_char(&ns->neg_hit, 0);
1280 * Move a negative entry to the hot list if it matches the lookup.
1282 * We have to take locks, but they may be contended and in the worst
1283 * case we may need to go off CPU. We don't want to spin within the
1284 * smr section and we can't block with it. Exiting the section means
1285 * the found entry could have been evicted. We are going to look it
1289 cache_neg_promote_cond(struct vnode *dvp, struct componentname *cnp,
1290 struct namecache *oncp, uint32_t hash)
1292 struct namecache *ncp;
1296 nl = NCP2NEGLIST(oncp);
1298 mtx_lock(&nl->nl_lock);
1300 * For hash iteration.
1305 * Avoid all surprises by only succeeding if we got the same entry and
1306 * bailing completely otherwise.
1307 * XXX There are no provisions to keep the vnode around, meaning we may
1308 * end up promoting a negative entry for a *new* vnode and returning
1309 * ENOENT on its account. This is the error we want to return anyway
1310 * and promotion is harmless.
1312 * In particular at this point there can be a new ncp which matches the
1313 * search but hashes to a different neglist.
1315 CK_SLIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) {
1321 * No match to begin with.
1323 if (__predict_false(ncp == NULL)) {
1328 * The newly found entry may be something different...
1330 if (!(ncp->nc_dvp == dvp && ncp->nc_nlen == cnp->cn_namelen &&
1331 !bcmp(ncp->nc_name, cnp->cn_nameptr, ncp->nc_nlen))) {
1336 * ... and not even negative.
1338 nc_flag = atomic_load_char(&ncp->nc_flag);
1339 if ((nc_flag & NCF_NEGATIVE) == 0) {
1343 if (!cache_ncp_canuse(ncp)) {
1347 cache_neg_promote_locked(ncp);
1348 cache_neg_hit_finish(ncp);
1350 mtx_unlock(&nl->nl_lock);
1354 mtx_unlock(&nl->nl_lock);
1359 cache_neg_promote(struct namecache *ncp)
1363 nl = NCP2NEGLIST(ncp);
1364 mtx_lock(&nl->nl_lock);
1365 cache_neg_promote_locked(ncp);
1366 mtx_unlock(&nl->nl_lock);
1370 cache_neg_insert(struct namecache *ncp)
1374 MPASS(ncp->nc_flag & NCF_NEGATIVE);
1375 cache_assert_bucket_locked(ncp);
1376 nl = NCP2NEGLIST(ncp);
1377 mtx_lock(&nl->nl_lock);
1378 TAILQ_INSERT_TAIL(&nl->nl_list, ncp, nc_dst);
1379 mtx_unlock(&nl->nl_lock);
1380 atomic_add_long(&numneg, 1);
1384 cache_neg_remove(struct namecache *ncp)
1387 struct negstate *ns;
1389 cache_assert_bucket_locked(ncp);
1390 nl = NCP2NEGLIST(ncp);
1391 ns = NCP2NEGSTATE(ncp);
1392 mtx_lock(&nl->nl_lock);
1393 if ((ns->neg_flag & NEG_HOT) != 0) {
1394 TAILQ_REMOVE(&nl->nl_hotlist, ncp, nc_dst);
1397 TAILQ_REMOVE(&nl->nl_list, ncp, nc_dst);
1399 mtx_unlock(&nl->nl_lock);
1400 atomic_subtract_long(&numneg, 1);
1403 static struct neglist *
1404 cache_neg_evict_select_list(void)
1409 c = atomic_fetchadd_int(&neg_cycle, 1) + 1;
1410 nl = &neglists[c % numneglists];
1411 if (!mtx_trylock(&nl->nl_evict_lock)) {
1412 counter_u64_add(neg_evict_skipped_contended, 1);
1418 static struct namecache *
1419 cache_neg_evict_select_entry(struct neglist *nl)
1421 struct namecache *ncp, *lncp;
1422 struct negstate *ns, *lns;
1425 mtx_assert(&nl->nl_evict_lock, MA_OWNED);
1426 mtx_assert(&nl->nl_lock, MA_OWNED);
1427 ncp = TAILQ_FIRST(&nl->nl_list);
1431 lns = NCP2NEGSTATE(lncp);
1432 for (i = 1; i < 4; i++) {
1433 ncp = TAILQ_NEXT(ncp, nc_dst);
1436 ns = NCP2NEGSTATE(ncp);
1437 if (ns->neg_hit < lns->neg_hit) {
1446 cache_neg_evict(void)
1448 struct namecache *ncp, *ncp2;
1457 nl = cache_neg_evict_select_list();
1462 mtx_lock(&nl->nl_lock);
1463 ncp = TAILQ_FIRST(&nl->nl_hotlist);
1465 cache_neg_demote_locked(ncp);
1467 ncp = cache_neg_evict_select_entry(nl);
1469 counter_u64_add(neg_evict_skipped_empty, 1);
1470 mtx_unlock(&nl->nl_lock);
1471 mtx_unlock(&nl->nl_evict_lock);
1474 nlen = ncp->nc_nlen;
1476 hash = cache_get_hash(ncp->nc_name, nlen, dvp);
1477 dvlp = VP2VNODELOCK(dvp);
1478 blp = HASH2BUCKETLOCK(hash);
1479 mtx_unlock(&nl->nl_lock);
1480 mtx_unlock(&nl->nl_evict_lock);
1484 * Note that since all locks were dropped above, the entry may be
1485 * gone or reallocated to be something else.
1487 CK_SLIST_FOREACH(ncp2, (NCHHASH(hash)), nc_hash) {
1488 if (ncp2 == ncp && ncp2->nc_dvp == dvp &&
1489 ncp2->nc_nlen == nlen && (ncp2->nc_flag & NCF_NEGATIVE) != 0)
1493 counter_u64_add(neg_evict_skipped_missed, 1);
1497 MPASS(dvlp == VP2VNODELOCK(ncp->nc_dvp));
1498 MPASS(blp == NCP2BUCKETLOCK(ncp));
1499 SDT_PROBE2(vfs, namecache, evict_negative, done, ncp->nc_dvp,
1501 cache_zap_locked(ncp);
1502 counter_u64_add(neg_evicted, 1);
1513 * Maybe evict a negative entry to create more room.
1515 * The ncnegfactor parameter limits what fraction of the total count
1516 * can comprise of negative entries. However, if the cache is just
1517 * warming up this leads to excessive evictions. As such, ncnegminpct
1518 * (recomputed to neg_min) dictates whether the above should be
1521 * Try evicting if the cache is close to full capacity regardless of
1522 * other considerations.
1525 cache_neg_evict_cond(u_long lnumcache)
1529 if (ncsize - 1000 < lnumcache)
1531 lnumneg = atomic_load_long(&numneg);
1532 if (lnumneg < neg_min)
1534 if (lnumneg * ncnegfactor < lnumcache)
1537 return (cache_neg_evict());
1541 * cache_zap_locked():
1543 * Removes a namecache entry from cache, whether it contains an actual
1544 * pointer to a vnode or if it is just a negative cache entry.
1547 cache_zap_locked(struct namecache *ncp)
1549 struct nchashhead *ncpp;
1550 struct vnode *dvp, *vp;
1555 if (!(ncp->nc_flag & NCF_NEGATIVE))
1556 cache_assert_vnode_locked(vp);
1557 cache_assert_vnode_locked(dvp);
1558 cache_assert_bucket_locked(ncp);
1560 cache_ncp_invalidate(ncp);
1562 ncpp = NCP2BUCKET(ncp);
1563 CK_SLIST_REMOVE(ncpp, ncp, namecache, nc_hash);
1564 if (!(ncp->nc_flag & NCF_NEGATIVE)) {
1565 SDT_PROBE3(vfs, namecache, zap, done, dvp, ncp->nc_name, vp);
1566 TAILQ_REMOVE(&vp->v_cache_dst, ncp, nc_dst);
1567 if (ncp == vp->v_cache_dd) {
1568 atomic_store_ptr(&vp->v_cache_dd, NULL);
1571 SDT_PROBE2(vfs, namecache, zap_negative, done, dvp, ncp->nc_name);
1572 cache_neg_remove(ncp);
1574 if (ncp->nc_flag & NCF_ISDOTDOT) {
1575 if (ncp == dvp->v_cache_dd) {
1576 atomic_store_ptr(&dvp->v_cache_dd, NULL);
1579 LIST_REMOVE(ncp, nc_src);
1580 if (LIST_EMPTY(&dvp->v_cache_src)) {
1581 ncp->nc_flag |= NCF_DVDROP;
1587 cache_zap_negative_locked_vnode_kl(struct namecache *ncp, struct vnode *vp)
1591 MPASS(ncp->nc_dvp == vp);
1592 MPASS(ncp->nc_flag & NCF_NEGATIVE);
1593 cache_assert_vnode_locked(vp);
1595 blp = NCP2BUCKETLOCK(ncp);
1597 cache_zap_locked(ncp);
1602 cache_zap_locked_vnode_kl2(struct namecache *ncp, struct vnode *vp,
1605 struct mtx *pvlp, *vlp1, *vlp2, *to_unlock;
1608 MPASS(vp == ncp->nc_dvp || vp == ncp->nc_vp);
1609 cache_assert_vnode_locked(vp);
1611 if (ncp->nc_flag & NCF_NEGATIVE) {
1612 if (*vlpp != NULL) {
1616 cache_zap_negative_locked_vnode_kl(ncp, vp);
1620 pvlp = VP2VNODELOCK(vp);
1621 blp = NCP2BUCKETLOCK(ncp);
1622 vlp1 = VP2VNODELOCK(ncp->nc_dvp);
1623 vlp2 = VP2VNODELOCK(ncp->nc_vp);
1625 if (*vlpp == vlp1 || *vlpp == vlp2) {
1629 if (*vlpp != NULL) {
1633 cache_sort_vnodes(&vlp1, &vlp2);
1638 if (!mtx_trylock(vlp1))
1644 cache_zap_locked(ncp);
1646 if (to_unlock != NULL)
1647 mtx_unlock(to_unlock);
1654 MPASS(*vlpp == NULL);
1660 * If trylocking failed we can get here. We know enough to take all needed locks
1661 * in the right order and re-lookup the entry.
1664 cache_zap_unlocked_bucket(struct namecache *ncp, struct componentname *cnp,
1665 struct vnode *dvp, struct mtx *dvlp, struct mtx *vlp, uint32_t hash,
1668 struct namecache *rncp;
1670 cache_assert_bucket_unlocked(ncp);
1672 cache_sort_vnodes(&dvlp, &vlp);
1673 cache_lock_vnodes(dvlp, vlp);
1675 CK_SLIST_FOREACH(rncp, (NCHHASH(hash)), nc_hash) {
1676 if (rncp == ncp && rncp->nc_dvp == dvp &&
1677 rncp->nc_nlen == cnp->cn_namelen &&
1678 !bcmp(rncp->nc_name, cnp->cn_nameptr, rncp->nc_nlen))
1682 cache_zap_locked(rncp);
1684 cache_unlock_vnodes(dvlp, vlp);
1685 counter_u64_add(zap_bucket_relock_success, 1);
1690 cache_unlock_vnodes(dvlp, vlp);
1694 static int __noinline
1695 cache_zap_locked_bucket(struct namecache *ncp, struct componentname *cnp,
1696 uint32_t hash, struct mtx *blp)
1698 struct mtx *dvlp, *vlp;
1701 cache_assert_bucket_locked(ncp);
1703 dvlp = VP2VNODELOCK(ncp->nc_dvp);
1705 if (!(ncp->nc_flag & NCF_NEGATIVE))
1706 vlp = VP2VNODELOCK(ncp->nc_vp);
1707 if (cache_trylock_vnodes(dvlp, vlp) == 0) {
1708 cache_zap_locked(ncp);
1710 cache_unlock_vnodes(dvlp, vlp);
1716 return (cache_zap_unlocked_bucket(ncp, cnp, dvp, dvlp, vlp, hash, blp));
1719 static __noinline int
1720 cache_remove_cnp(struct vnode *dvp, struct componentname *cnp)
1722 struct namecache *ncp;
1724 struct mtx *dvlp, *dvlp2;
1728 if (cnp->cn_namelen == 2 &&
1729 cnp->cn_nameptr[0] == '.' && cnp->cn_nameptr[1] == '.') {
1730 dvlp = VP2VNODELOCK(dvp);
1734 ncp = dvp->v_cache_dd;
1739 SDT_PROBE2(vfs, namecache, removecnp, miss, dvp, cnp);
1742 if ((ncp->nc_flag & NCF_ISDOTDOT) != 0) {
1743 if (!cache_zap_locked_vnode_kl2(ncp, dvp, &dvlp2))
1745 MPASS(dvp->v_cache_dd == NULL);
1751 atomic_store_ptr(&dvp->v_cache_dd, NULL);
1756 SDT_PROBE2(vfs, namecache, removecnp, hit, dvp, cnp);
1760 hash = cache_get_hash(cnp->cn_nameptr, cnp->cn_namelen, dvp);
1761 blp = HASH2BUCKETLOCK(hash);
1763 if (CK_SLIST_EMPTY(NCHHASH(hash)))
1768 CK_SLIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) {
1769 if (ncp->nc_dvp == dvp && ncp->nc_nlen == cnp->cn_namelen &&
1770 !bcmp(ncp->nc_name, cnp->cn_nameptr, ncp->nc_nlen))
1779 error = cache_zap_locked_bucket(ncp, cnp, hash, blp);
1780 if (__predict_false(error != 0)) {
1784 counter_u64_add(numposzaps, 1);
1785 SDT_PROBE2(vfs, namecache, removecnp, hit, dvp, cnp);
1789 counter_u64_add(nummisszap, 1);
1790 SDT_PROBE2(vfs, namecache, removecnp, miss, dvp, cnp);
1794 static int __noinline
1795 cache_lookup_dot(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp,
1796 struct timespec *tsp, int *ticksp)
1801 counter_u64_add(dothits, 1);
1802 SDT_PROBE3(vfs, namecache, lookup, hit, dvp, ".", *vpp);
1809 * When we lookup "." we still can be asked to lock it
1812 ltype = cnp->cn_lkflags & LK_TYPE_MASK;
1813 if (ltype != VOP_ISLOCKED(*vpp)) {
1814 if (ltype == LK_EXCLUSIVE) {
1815 vn_lock(*vpp, LK_UPGRADE | LK_RETRY);
1816 if (VN_IS_DOOMED((*vpp))) {
1817 /* forced unmount */
1823 vn_lock(*vpp, LK_DOWNGRADE | LK_RETRY);
1828 static int __noinline
1829 cache_lookup_dotdot(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp,
1830 struct timespec *tsp, int *ticksp)
1832 struct namecache_ts *ncp_ts;
1833 struct namecache *ncp;
1839 MPASS((cnp->cn_flags & ISDOTDOT) != 0);
1841 if ((cnp->cn_flags & MAKEENTRY) == 0) {
1842 cache_remove_cnp(dvp, cnp);
1846 counter_u64_add(dotdothits, 1);
1848 dvlp = VP2VNODELOCK(dvp);
1850 ncp = dvp->v_cache_dd;
1852 SDT_PROBE2(vfs, namecache, lookup, miss, dvp, "..");
1856 if ((ncp->nc_flag & NCF_ISDOTDOT) != 0) {
1857 if (ncp->nc_flag & NCF_NEGATIVE)
1864 goto negative_success;
1865 SDT_PROBE3(vfs, namecache, lookup, hit, dvp, "..", *vpp);
1866 cache_out_ts(ncp, tsp, ticksp);
1867 if ((ncp->nc_flag & (NCF_ISDOTDOT | NCF_DTS)) ==
1868 NCF_DTS && tsp != NULL) {
1869 ncp_ts = __containerof(ncp, struct namecache_ts, nc_nc);
1870 *tsp = ncp_ts->nc_dotdottime;
1874 ltype = VOP_ISLOCKED(dvp);
1876 vs = vget_prep(*vpp);
1878 error = vget_finish(*vpp, cnp->cn_lkflags, vs);
1879 vn_lock(dvp, ltype | LK_RETRY);
1880 if (VN_IS_DOOMED(dvp)) {
1892 if (__predict_false(cnp->cn_nameiop == CREATE)) {
1893 if (cnp->cn_flags & ISLASTCN) {
1894 counter_u64_add(numnegzaps, 1);
1895 cache_zap_negative_locked_vnode_kl(ncp, dvp);
1902 whiteout = (ncp->nc_flag & NCF_WHITE);
1903 cache_out_ts(ncp, tsp, ticksp);
1904 if (cache_neg_hit_prep(ncp))
1905 cache_neg_promote(ncp);
1907 cache_neg_hit_finish(ncp);
1910 cnp->cn_flags |= ISWHITEOUT;
1915 * Lookup a name in the name cache
1919 * - dvp: Parent directory in which to search.
1920 * - vpp: Return argument. Will contain desired vnode on cache hit.
1921 * - cnp: Parameters of the name search. The most interesting bits of
1922 * the cn_flags field have the following meanings:
1923 * - MAKEENTRY: If clear, free an entry from the cache rather than look
1925 * - ISDOTDOT: Must be set if and only if cn_nameptr == ".."
1926 * - tsp: Return storage for cache timestamp. On a successful (positive
1927 * or negative) lookup, tsp will be filled with any timespec that
1928 * was stored when this cache entry was created. However, it will
1929 * be clear for "." entries.
1930 * - ticks: Return storage for alternate cache timestamp. On a successful
1931 * (positive or negative) lookup, it will contain the ticks value
1932 * that was current when the cache entry was created, unless cnp
1935 * Either both tsp and ticks have to be provided or neither of them.
1939 * - -1: A positive cache hit. vpp will contain the desired vnode.
1940 * - ENOENT: A negative cache hit, or dvp was recycled out from under us due
1941 * to a forced unmount. vpp will not be modified. If the entry
1942 * is a whiteout, then the ISWHITEOUT flag will be set in
1944 * - 0: A cache miss. vpp will not be modified.
1948 * On a cache hit, vpp will be returned locked and ref'd. If we're looking up
1949 * .., dvp is unlocked. If we're looking up . an extra ref is taken, but the
1950 * lock is not recursively acquired.
1952 static int __noinline
1953 cache_lookup_fallback(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp,
1954 struct timespec *tsp, int *ticksp)
1956 struct namecache *ncp;
1963 MPASS((cnp->cn_flags & ISDOTDOT) == 0);
1964 MPASS((cnp->cn_flags & (MAKEENTRY | NC_KEEPPOSENTRY)) != 0);
1967 hash = cache_get_hash(cnp->cn_nameptr, cnp->cn_namelen, dvp);
1968 blp = HASH2BUCKETLOCK(hash);
1971 CK_SLIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) {
1972 if (ncp->nc_dvp == dvp && ncp->nc_nlen == cnp->cn_namelen &&
1973 !bcmp(ncp->nc_name, cnp->cn_nameptr, ncp->nc_nlen))
1977 if (__predict_false(ncp == NULL)) {
1979 SDT_PROBE2(vfs, namecache, lookup, miss, dvp, cnp->cn_nameptr);
1980 counter_u64_add(nummiss, 1);
1984 if (ncp->nc_flag & NCF_NEGATIVE)
1985 goto negative_success;
1987 counter_u64_add(numposhits, 1);
1989 SDT_PROBE3(vfs, namecache, lookup, hit, dvp, ncp->nc_name, *vpp);
1990 cache_out_ts(ncp, tsp, ticksp);
1992 vs = vget_prep(*vpp);
1994 error = vget_finish(*vpp, cnp->cn_lkflags, vs);
2002 * We don't get here with regular lookup apart from corner cases.
2004 if (__predict_true(cnp->cn_nameiop == CREATE)) {
2005 if (cnp->cn_flags & ISLASTCN) {
2006 counter_u64_add(numnegzaps, 1);
2007 error = cache_zap_locked_bucket(ncp, cnp, hash, blp);
2008 if (__predict_false(error != 0)) {
2017 whiteout = (ncp->nc_flag & NCF_WHITE);
2018 cache_out_ts(ncp, tsp, ticksp);
2019 if (cache_neg_hit_prep(ncp))
2020 cache_neg_promote(ncp);
2022 cache_neg_hit_finish(ncp);
2025 cnp->cn_flags |= ISWHITEOUT;
2030 cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp,
2031 struct timespec *tsp, int *ticksp)
2033 struct namecache *ncp;
2037 bool whiteout, neg_promote;
2040 MPASS((tsp == NULL && ticksp == NULL) || (tsp != NULL && ticksp != NULL));
2043 if (__predict_false(!doingcache)) {
2044 cnp->cn_flags &= ~MAKEENTRY;
2049 if (__predict_false(cnp->cn_nameptr[0] == '.')) {
2050 if (cnp->cn_namelen == 1)
2051 return (cache_lookup_dot(dvp, vpp, cnp, tsp, ticksp));
2052 if (cnp->cn_namelen == 2 && cnp->cn_nameptr[1] == '.')
2053 return (cache_lookup_dotdot(dvp, vpp, cnp, tsp, ticksp));
2056 MPASS((cnp->cn_flags & ISDOTDOT) == 0);
2058 if ((cnp->cn_flags & (MAKEENTRY | NC_KEEPPOSENTRY)) == 0) {
2059 cache_remove_cnp(dvp, cnp);
2063 hash = cache_get_hash(cnp->cn_nameptr, cnp->cn_namelen, dvp);
2066 CK_SLIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) {
2067 if (ncp->nc_dvp == dvp && ncp->nc_nlen == cnp->cn_namelen &&
2068 !bcmp(ncp->nc_name, cnp->cn_nameptr, ncp->nc_nlen))
2072 if (__predict_false(ncp == NULL)) {
2074 SDT_PROBE2(vfs, namecache, lookup, miss, dvp, cnp->cn_nameptr);
2075 counter_u64_add(nummiss, 1);
2079 nc_flag = atomic_load_char(&ncp->nc_flag);
2080 if (nc_flag & NCF_NEGATIVE)
2081 goto negative_success;
2083 counter_u64_add(numposhits, 1);
2085 SDT_PROBE3(vfs, namecache, lookup, hit, dvp, ncp->nc_name, *vpp);
2086 cache_out_ts(ncp, tsp, ticksp);
2088 if (!cache_ncp_canuse(ncp)) {
2093 vs = vget_prep_smr(*vpp);
2095 if (__predict_false(vs == VGET_NONE)) {
2099 error = vget_finish(*vpp, cnp->cn_lkflags, vs);
2106 if (cnp->cn_nameiop == CREATE) {
2107 if (cnp->cn_flags & ISLASTCN) {
2113 cache_out_ts(ncp, tsp, ticksp);
2114 whiteout = (atomic_load_char(&ncp->nc_flag) & NCF_WHITE);
2115 neg_promote = cache_neg_hit_prep(ncp);
2116 if (!cache_ncp_canuse(ncp)) {
2117 cache_neg_hit_abort(ncp);
2123 if (!cache_neg_promote_cond(dvp, cnp, ncp, hash))
2126 cache_neg_hit_finish(ncp);
2130 cnp->cn_flags |= ISWHITEOUT;
2133 return (cache_lookup_fallback(dvp, vpp, cnp, tsp, ticksp));
2136 struct celockstate {
2140 CTASSERT((nitems(((struct celockstate *)0)->vlp) == 3));
2141 CTASSERT((nitems(((struct celockstate *)0)->blp) == 2));
2144 cache_celockstate_init(struct celockstate *cel)
2147 bzero(cel, sizeof(*cel));
2151 cache_lock_vnodes_cel(struct celockstate *cel, struct vnode *vp,
2154 struct mtx *vlp1, *vlp2;
2156 MPASS(cel->vlp[0] == NULL);
2157 MPASS(cel->vlp[1] == NULL);
2158 MPASS(cel->vlp[2] == NULL);
2160 MPASS(vp != NULL || dvp != NULL);
2162 vlp1 = VP2VNODELOCK(vp);
2163 vlp2 = VP2VNODELOCK(dvp);
2164 cache_sort_vnodes(&vlp1, &vlp2);
2175 cache_unlock_vnodes_cel(struct celockstate *cel)
2178 MPASS(cel->vlp[0] != NULL || cel->vlp[1] != NULL);
2180 if (cel->vlp[0] != NULL)
2181 mtx_unlock(cel->vlp[0]);
2182 if (cel->vlp[1] != NULL)
2183 mtx_unlock(cel->vlp[1]);
2184 if (cel->vlp[2] != NULL)
2185 mtx_unlock(cel->vlp[2]);
2189 cache_lock_vnodes_cel_3(struct celockstate *cel, struct vnode *vp)
2194 cache_assert_vlp_locked(cel->vlp[0]);
2195 cache_assert_vlp_locked(cel->vlp[1]);
2196 MPASS(cel->vlp[2] == NULL);
2199 vlp = VP2VNODELOCK(vp);
2202 if (vlp >= cel->vlp[1]) {
2205 if (mtx_trylock(vlp))
2207 cache_lock_vnodes_cel_3_failures++;
2208 cache_unlock_vnodes_cel(cel);
2209 if (vlp < cel->vlp[0]) {
2211 mtx_lock(cel->vlp[0]);
2212 mtx_lock(cel->vlp[1]);
2214 if (cel->vlp[0] != NULL)
2215 mtx_lock(cel->vlp[0]);
2217 mtx_lock(cel->vlp[1]);
2227 cache_lock_buckets_cel(struct celockstate *cel, struct mtx *blp1,
2231 MPASS(cel->blp[0] == NULL);
2232 MPASS(cel->blp[1] == NULL);
2234 cache_sort_vnodes(&blp1, &blp2);
2245 cache_unlock_buckets_cel(struct celockstate *cel)
2248 if (cel->blp[0] != NULL)
2249 mtx_unlock(cel->blp[0]);
2250 mtx_unlock(cel->blp[1]);
2254 * Lock part of the cache affected by the insertion.
2256 * This means vnodelocks for dvp, vp and the relevant bucketlock.
2257 * However, insertion can result in removal of an old entry. In this
2258 * case we have an additional vnode and bucketlock pair to lock.
2260 * That is, in the worst case we have to lock 3 vnodes and 2 bucketlocks, while
2261 * preserving the locking order (smaller address first).
2264 cache_enter_lock(struct celockstate *cel, struct vnode *dvp, struct vnode *vp,
2267 struct namecache *ncp;
2268 struct mtx *blps[2];
2271 blps[0] = HASH2BUCKETLOCK(hash);
2274 cache_lock_vnodes_cel(cel, dvp, vp);
2275 if (vp == NULL || vp->v_type != VDIR)
2277 ncp = atomic_load_consume_ptr(&vp->v_cache_dd);
2280 nc_flag = atomic_load_char(&ncp->nc_flag);
2281 if ((nc_flag & NCF_ISDOTDOT) == 0)
2283 MPASS(ncp->nc_dvp == vp);
2284 blps[1] = NCP2BUCKETLOCK(ncp);
2285 if ((nc_flag & NCF_NEGATIVE) != 0)
2287 if (cache_lock_vnodes_cel_3(cel, ncp->nc_vp))
2290 * All vnodes got re-locked. Re-validate the state and if
2291 * nothing changed we are done. Otherwise restart.
2293 if (ncp == vp->v_cache_dd &&
2294 (ncp->nc_flag & NCF_ISDOTDOT) != 0 &&
2295 blps[1] == NCP2BUCKETLOCK(ncp) &&
2296 VP2VNODELOCK(ncp->nc_vp) == cel->vlp[2])
2298 cache_unlock_vnodes_cel(cel);
2303 cache_lock_buckets_cel(cel, blps[0], blps[1]);
2307 cache_enter_lock_dd(struct celockstate *cel, struct vnode *dvp, struct vnode *vp,
2310 struct namecache *ncp;
2311 struct mtx *blps[2];
2314 blps[0] = HASH2BUCKETLOCK(hash);
2317 cache_lock_vnodes_cel(cel, dvp, vp);
2318 ncp = atomic_load_consume_ptr(&dvp->v_cache_dd);
2321 nc_flag = atomic_load_char(&ncp->nc_flag);
2322 if ((nc_flag & NCF_ISDOTDOT) == 0)
2324 MPASS(ncp->nc_dvp == dvp);
2325 blps[1] = NCP2BUCKETLOCK(ncp);
2326 if ((nc_flag & NCF_NEGATIVE) != 0)
2328 if (cache_lock_vnodes_cel_3(cel, ncp->nc_vp))
2330 if (ncp == dvp->v_cache_dd &&
2331 (ncp->nc_flag & NCF_ISDOTDOT) != 0 &&
2332 blps[1] == NCP2BUCKETLOCK(ncp) &&
2333 VP2VNODELOCK(ncp->nc_vp) == cel->vlp[2])
2335 cache_unlock_vnodes_cel(cel);
2340 cache_lock_buckets_cel(cel, blps[0], blps[1]);
2344 cache_enter_unlock(struct celockstate *cel)
2347 cache_unlock_buckets_cel(cel);
2348 cache_unlock_vnodes_cel(cel);
2351 static void __noinline
2352 cache_enter_dotdot_prep(struct vnode *dvp, struct vnode *vp,
2353 struct componentname *cnp)
2355 struct celockstate cel;
2356 struct namecache *ncp;
2360 if (atomic_load_ptr(&dvp->v_cache_dd) == NULL)
2362 len = cnp->cn_namelen;
2363 cache_celockstate_init(&cel);
2364 hash = cache_get_hash(cnp->cn_nameptr, len, dvp);
2365 cache_enter_lock_dd(&cel, dvp, vp, hash);
2366 ncp = dvp->v_cache_dd;
2367 if (ncp != NULL && (ncp->nc_flag & NCF_ISDOTDOT)) {
2368 KASSERT(ncp->nc_dvp == dvp, ("wrong isdotdot parent"));
2369 cache_zap_locked(ncp);
2373 atomic_store_ptr(&dvp->v_cache_dd, NULL);
2374 cache_enter_unlock(&cel);
2380 * Add an entry to the cache.
2383 cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp,
2384 struct timespec *tsp, struct timespec *dtsp)
2386 struct celockstate cel;
2387 struct namecache *ncp, *n2, *ndd;
2388 struct namecache_ts *ncp_ts;
2389 struct nchashhead *ncpp;
2394 KASSERT(cnp->cn_namelen <= NAME_MAX,
2395 ("%s: passed len %ld exceeds NAME_MAX (%d)", __func__, cnp->cn_namelen,
2397 VNPASS(dvp != vp, dvp);
2398 VNPASS(!VN_IS_DOOMED(dvp), dvp);
2399 VNPASS(dvp->v_type != VNON, dvp);
2401 VNPASS(!VN_IS_DOOMED(vp), vp);
2402 VNPASS(vp->v_type != VNON, vp);
2406 if (__predict_false(!doingcache))
2411 if (__predict_false(cnp->cn_nameptr[0] == '.')) {
2412 if (cnp->cn_namelen == 1)
2414 if (cnp->cn_namelen == 2 && cnp->cn_nameptr[1] == '.') {
2415 cache_enter_dotdot_prep(dvp, vp, cnp);
2416 flag = NCF_ISDOTDOT;
2420 ncp = cache_alloc(cnp->cn_namelen, tsp != NULL);
2424 cache_celockstate_init(&cel);
2429 * Calculate the hash key and setup as much of the new
2430 * namecache entry as possible before acquiring the lock.
2432 ncp->nc_flag = flag | NCF_WIP;
2435 cache_neg_init(ncp);
2438 ncp_ts = __containerof(ncp, struct namecache_ts, nc_nc);
2439 ncp_ts->nc_time = *tsp;
2440 ncp_ts->nc_ticks = ticks;
2441 ncp_ts->nc_nc.nc_flag |= NCF_TS;
2443 ncp_ts->nc_dotdottime = *dtsp;
2444 ncp_ts->nc_nc.nc_flag |= NCF_DTS;
2447 len = ncp->nc_nlen = cnp->cn_namelen;
2448 hash = cache_get_hash(cnp->cn_nameptr, len, dvp);
2449 memcpy(ncp->nc_name, cnp->cn_nameptr, len);
2450 ncp->nc_name[len] = '\0';
2451 cache_enter_lock(&cel, dvp, vp, hash);
2454 * See if this vnode or negative entry is already in the cache
2455 * with this name. This can happen with concurrent lookups of
2456 * the same path name.
2458 ncpp = NCHHASH(hash);
2459 CK_SLIST_FOREACH(n2, ncpp, nc_hash) {
2460 if (n2->nc_dvp == dvp &&
2461 n2->nc_nlen == cnp->cn_namelen &&
2462 !bcmp(n2->nc_name, cnp->cn_nameptr, n2->nc_nlen)) {
2463 MPASS(cache_ncp_canuse(n2));
2464 if ((n2->nc_flag & NCF_NEGATIVE) != 0)
2466 ("%s: found entry pointing to a different vnode (%p != %p)",
2467 __func__, NULL, vp));
2469 KASSERT(n2->nc_vp == vp,
2470 ("%s: found entry pointing to a different vnode (%p != %p)",
2471 __func__, n2->nc_vp, vp));
2473 * Entries are supposed to be immutable unless in the
2474 * process of getting destroyed. Accommodating for
2475 * changing timestamps is possible but not worth it.
2476 * This should be harmless in terms of correctness, in
2477 * the worst case resulting in an earlier expiration.
2478 * Alternatively, the found entry can be replaced
2481 MPASS((n2->nc_flag & (NCF_TS | NCF_DTS)) == (ncp->nc_flag & (NCF_TS | NCF_DTS)));
2484 KASSERT((n2->nc_flag & NCF_TS) != 0,
2486 n2_ts = __containerof(n2, struct namecache_ts, nc_nc);
2487 n2_ts->nc_time = ncp_ts->nc_time;
2488 n2_ts->nc_ticks = ncp_ts->nc_ticks;
2490 n2_ts->nc_dotdottime = ncp_ts->nc_dotdottime;
2491 n2_ts->nc_nc.nc_flag |= NCF_DTS;
2495 SDT_PROBE3(vfs, namecache, enter, duplicate, dvp, ncp->nc_name,
2497 goto out_unlock_free;
2501 if (flag == NCF_ISDOTDOT) {
2503 * See if we are trying to add .. entry, but some other lookup
2504 * has populated v_cache_dd pointer already.
2506 if (dvp->v_cache_dd != NULL)
2507 goto out_unlock_free;
2508 KASSERT(vp == NULL || vp->v_type == VDIR,
2509 ("wrong vnode type %p", vp));
2510 atomic_thread_fence_rel();
2511 atomic_store_ptr(&dvp->v_cache_dd, ncp);
2515 if (flag != NCF_ISDOTDOT) {
2517 * For this case, the cache entry maps both the
2518 * directory name in it and the name ".." for the
2519 * directory's parent.
2521 if ((ndd = vp->v_cache_dd) != NULL) {
2522 if ((ndd->nc_flag & NCF_ISDOTDOT) != 0)
2523 cache_zap_locked(ndd);
2527 atomic_thread_fence_rel();
2528 atomic_store_ptr(&vp->v_cache_dd, ncp);
2529 } else if (vp->v_type != VDIR) {
2530 if (vp->v_cache_dd != NULL) {
2531 atomic_store_ptr(&vp->v_cache_dd, NULL);
2536 if (flag != NCF_ISDOTDOT) {
2537 if (LIST_EMPTY(&dvp->v_cache_src)) {
2538 cache_hold_vnode(dvp);
2540 LIST_INSERT_HEAD(&dvp->v_cache_src, ncp, nc_src);
2544 * If the entry is "negative", we place it into the
2545 * "negative" cache queue, otherwise, we place it into the
2546 * destination vnode's cache entries queue.
2549 TAILQ_INSERT_HEAD(&vp->v_cache_dst, ncp, nc_dst);
2550 SDT_PROBE3(vfs, namecache, enter, done, dvp, ncp->nc_name,
2553 if (cnp->cn_flags & ISWHITEOUT)
2554 atomic_store_char(&ncp->nc_flag, ncp->nc_flag | NCF_WHITE);
2555 cache_neg_insert(ncp);
2556 SDT_PROBE2(vfs, namecache, enter_negative, done, dvp,
2561 * Insert the new namecache entry into the appropriate chain
2562 * within the cache entries table.
2564 CK_SLIST_INSERT_HEAD(ncpp, ncp, nc_hash);
2566 atomic_thread_fence_rel();
2568 * Mark the entry as fully constructed.
2569 * It is immutable past this point until its removal.
2571 atomic_store_char(&ncp->nc_flag, ncp->nc_flag & ~NCF_WIP);
2573 cache_enter_unlock(&cel);
2578 cache_enter_unlock(&cel);
2584 cache_roundup_2(u_int val)
2588 for (res = 1; res <= val; res <<= 1)
2594 static struct nchashhead *
2595 nchinittbl(u_long elements, u_long *hashmask)
2597 struct nchashhead *hashtbl;
2600 hashsize = cache_roundup_2(elements) / 2;
2602 hashtbl = malloc((u_long)hashsize * sizeof(*hashtbl), M_VFSCACHE, M_WAITOK);
2603 for (i = 0; i < hashsize; i++)
2604 CK_SLIST_INIT(&hashtbl[i]);
2605 *hashmask = hashsize - 1;
2610 ncfreetbl(struct nchashhead *hashtbl)
2613 free(hashtbl, M_VFSCACHE);
2617 * Name cache initialization, from vfs_init() when we are booting
2620 nchinit(void *dummy __unused)
2624 cache_zone_small = uma_zcreate("S VFS Cache", CACHE_ZONE_SMALL_SIZE,
2625 NULL, NULL, NULL, NULL, CACHE_ZONE_ALIGNMENT, UMA_ZONE_ZINIT);
2626 cache_zone_small_ts = uma_zcreate("STS VFS Cache", CACHE_ZONE_SMALL_TS_SIZE,
2627 NULL, NULL, NULL, NULL, CACHE_ZONE_ALIGNMENT, UMA_ZONE_ZINIT);
2628 cache_zone_large = uma_zcreate("L VFS Cache", CACHE_ZONE_LARGE_SIZE,
2629 NULL, NULL, NULL, NULL, CACHE_ZONE_ALIGNMENT, UMA_ZONE_ZINIT);
2630 cache_zone_large_ts = uma_zcreate("LTS VFS Cache", CACHE_ZONE_LARGE_TS_SIZE,
2631 NULL, NULL, NULL, NULL, CACHE_ZONE_ALIGNMENT, UMA_ZONE_ZINIT);
2633 VFS_SMR_ZONE_SET(cache_zone_small);
2634 VFS_SMR_ZONE_SET(cache_zone_small_ts);
2635 VFS_SMR_ZONE_SET(cache_zone_large);
2636 VFS_SMR_ZONE_SET(cache_zone_large_ts);
2638 ncsize = desiredvnodes * ncsizefactor;
2639 cache_recalc_neg_min(ncnegminpct);
2640 nchashtbl = nchinittbl(desiredvnodes * 2, &nchash);
2641 ncbuckethash = cache_roundup_2(mp_ncpus * mp_ncpus) - 1;
2642 if (ncbuckethash < 7) /* arbitrarily chosen to avoid having one lock */
2644 if (ncbuckethash > nchash)
2645 ncbuckethash = nchash;
2646 bucketlocks = malloc(sizeof(*bucketlocks) * numbucketlocks, M_VFSCACHE,
2648 for (i = 0; i < numbucketlocks; i++)
2649 mtx_init(&bucketlocks[i], "ncbuc", NULL, MTX_DUPOK | MTX_RECURSE);
2650 ncvnodehash = ncbuckethash;
2651 vnodelocks = malloc(sizeof(*vnodelocks) * numvnodelocks, M_VFSCACHE,
2653 for (i = 0; i < numvnodelocks; i++)
2654 mtx_init(&vnodelocks[i], "ncvn", NULL, MTX_DUPOK | MTX_RECURSE);
2656 for (i = 0; i < numneglists; i++) {
2657 mtx_init(&neglists[i].nl_evict_lock, "ncnege", NULL, MTX_DEF);
2658 mtx_init(&neglists[i].nl_lock, "ncnegl", NULL, MTX_DEF);
2659 TAILQ_INIT(&neglists[i].nl_list);
2660 TAILQ_INIT(&neglists[i].nl_hotlist);
2663 SYSINIT(vfs, SI_SUB_VFS, SI_ORDER_SECOND, nchinit, NULL);
2666 cache_vnode_init(struct vnode *vp)
2669 LIST_INIT(&vp->v_cache_src);
2670 TAILQ_INIT(&vp->v_cache_dst);
2671 vp->v_cache_dd = NULL;
2676 * Induce transient cache misses for lockless operation in cache_lookup() by
2677 * using a temporary hash table.
2679 * This will force a fs lookup.
2681 * Synchronisation is done in 2 steps, calling vfs_smr_synchronize each time
2682 * to observe all CPUs not performing the lookup.
2685 cache_changesize_set_temp(struct nchashhead *temptbl, u_long temphash)
2688 MPASS(temphash < nchash);
2690 * Change the size. The new size is smaller and can safely be used
2691 * against the existing table. All lookups which now hash wrong will
2692 * result in a cache miss, which all callers are supposed to know how
2695 atomic_store_long(&nchash, temphash);
2696 atomic_thread_fence_rel();
2697 vfs_smr_synchronize();
2699 * At this point everyone sees the updated hash value, but they still
2700 * see the old table.
2702 atomic_store_ptr(&nchashtbl, temptbl);
2703 atomic_thread_fence_rel();
2704 vfs_smr_synchronize();
2706 * At this point everyone sees the updated table pointer and size pair.
2711 * Set the new hash table.
2713 * Similarly to cache_changesize_set_temp(), this has to synchronize against
2714 * lockless operation in cache_lookup().
2717 cache_changesize_set_new(struct nchashhead *new_tbl, u_long new_hash)
2720 MPASS(nchash < new_hash);
2722 * Change the pointer first. This wont result in out of bounds access
2723 * since the temporary table is guaranteed to be smaller.
2725 atomic_store_ptr(&nchashtbl, new_tbl);
2726 atomic_thread_fence_rel();
2727 vfs_smr_synchronize();
2729 * At this point everyone sees the updated pointer value, but they
2730 * still see the old size.
2732 atomic_store_long(&nchash, new_hash);
2733 atomic_thread_fence_rel();
2734 vfs_smr_synchronize();
2736 * At this point everyone sees the updated table pointer and size pair.
2741 cache_changesize(u_long newmaxvnodes)
2743 struct nchashhead *new_nchashtbl, *old_nchashtbl, *temptbl;
2744 u_long new_nchash, old_nchash, temphash;
2745 struct namecache *ncp;
2750 newncsize = newmaxvnodes * ncsizefactor;
2751 newmaxvnodes = cache_roundup_2(newmaxvnodes * 2);
2752 if (newmaxvnodes < numbucketlocks)
2753 newmaxvnodes = numbucketlocks;
2755 new_nchashtbl = nchinittbl(newmaxvnodes, &new_nchash);
2756 /* If same hash table size, nothing to do */
2757 if (nchash == new_nchash) {
2758 ncfreetbl(new_nchashtbl);
2762 temptbl = nchinittbl(1, &temphash);
2765 * Move everything from the old hash table to the new table.
2766 * None of the namecache entries in the table can be removed
2767 * because to do so, they have to be removed from the hash table.
2769 cache_fplookup_lockout();
2770 cache_lock_all_vnodes();
2771 cache_lock_all_buckets();
2772 old_nchashtbl = nchashtbl;
2773 old_nchash = nchash;
2774 cache_changesize_set_temp(temptbl, temphash);
2775 for (i = 0; i <= old_nchash; i++) {
2776 while ((ncp = CK_SLIST_FIRST(&old_nchashtbl[i])) != NULL) {
2777 hash = cache_get_hash(ncp->nc_name, ncp->nc_nlen,
2779 CK_SLIST_REMOVE(&old_nchashtbl[i], ncp, namecache, nc_hash);
2780 CK_SLIST_INSERT_HEAD(&new_nchashtbl[hash & new_nchash], ncp, nc_hash);
2784 cache_recalc_neg_min(ncnegminpct);
2785 cache_changesize_set_new(new_nchashtbl, new_nchash);
2786 cache_unlock_all_buckets();
2787 cache_unlock_all_vnodes();
2788 cache_fplookup_restore();
2789 ncfreetbl(old_nchashtbl);
2794 * Remove all entries from and to a particular vnode.
2797 cache_purge_impl(struct vnode *vp)
2799 struct cache_freebatch batch;
2800 struct namecache *ncp;
2801 struct mtx *vlp, *vlp2;
2804 vlp = VP2VNODELOCK(vp);
2808 while (!LIST_EMPTY(&vp->v_cache_src)) {
2809 ncp = LIST_FIRST(&vp->v_cache_src);
2810 if (!cache_zap_locked_vnode_kl2(ncp, vp, &vlp2))
2812 TAILQ_INSERT_TAIL(&batch, ncp, nc_dst);
2814 while (!TAILQ_EMPTY(&vp->v_cache_dst)) {
2815 ncp = TAILQ_FIRST(&vp->v_cache_dst);
2816 if (!cache_zap_locked_vnode_kl2(ncp, vp, &vlp2))
2818 TAILQ_INSERT_TAIL(&batch, ncp, nc_dst);
2820 ncp = vp->v_cache_dd;
2822 KASSERT(ncp->nc_flag & NCF_ISDOTDOT,
2823 ("lost dotdot link"));
2824 if (!cache_zap_locked_vnode_kl2(ncp, vp, &vlp2))
2826 TAILQ_INSERT_TAIL(&batch, ncp, nc_dst);
2828 KASSERT(vp->v_cache_dd == NULL, ("incomplete purge"));
2832 cache_free_batch(&batch);
2836 * Opportunistic check to see if there is anything to do.
2839 cache_has_entries(struct vnode *vp)
2842 if (LIST_EMPTY(&vp->v_cache_src) && TAILQ_EMPTY(&vp->v_cache_dst) &&
2843 atomic_load_ptr(&vp->v_cache_dd) == NULL)
2849 cache_purge(struct vnode *vp)
2852 SDT_PROBE1(vfs, namecache, purge, done, vp);
2853 if (!cache_has_entries(vp))
2855 cache_purge_impl(vp);
2859 * Only to be used by vgone.
2862 cache_purge_vgone(struct vnode *vp)
2866 VNPASS(VN_IS_DOOMED(vp), vp);
2867 if (cache_has_entries(vp)) {
2868 cache_purge_impl(vp);
2873 * Serialize against a potential thread doing cache_purge.
2875 vlp = VP2VNODELOCK(vp);
2876 mtx_wait_unlocked(vlp);
2877 if (cache_has_entries(vp)) {
2878 cache_purge_impl(vp);
2885 * Remove all negative entries for a particular directory vnode.
2888 cache_purge_negative(struct vnode *vp)
2890 struct cache_freebatch batch;
2891 struct namecache *ncp, *nnp;
2894 SDT_PROBE1(vfs, namecache, purge_negative, done, vp);
2895 if (LIST_EMPTY(&vp->v_cache_src))
2898 vlp = VP2VNODELOCK(vp);
2900 LIST_FOREACH_SAFE(ncp, &vp->v_cache_src, nc_src, nnp) {
2901 if (!(ncp->nc_flag & NCF_NEGATIVE))
2903 cache_zap_negative_locked_vnode_kl(ncp, vp);
2904 TAILQ_INSERT_TAIL(&batch, ncp, nc_dst);
2907 cache_free_batch(&batch);
2911 * Entry points for modifying VOP operations.
2914 cache_vop_rename(struct vnode *fdvp, struct vnode *fvp, struct vnode *tdvp,
2915 struct vnode *tvp, struct componentname *fcnp, struct componentname *tcnp)
2918 ASSERT_VOP_IN_SEQC(fdvp);
2919 ASSERT_VOP_IN_SEQC(fvp);
2920 ASSERT_VOP_IN_SEQC(tdvp);
2922 ASSERT_VOP_IN_SEQC(tvp);
2927 KASSERT(!cache_remove_cnp(tdvp, tcnp),
2928 ("%s: lingering negative entry", __func__));
2930 cache_remove_cnp(tdvp, tcnp);
2936 * Historically renaming was always purging all revelang entries,
2937 * but that's quite wasteful. In particular turns out that in many cases
2938 * the target file is immediately accessed after rename, inducing a cache
2941 * Recode this to reduce relocking and reuse the existing entry (if any)
2942 * instead of just removing it above and allocating a new one here.
2944 if (cache_rename_add) {
2945 cache_enter(tdvp, fvp, tcnp);
2950 cache_vop_rmdir(struct vnode *dvp, struct vnode *vp)
2953 ASSERT_VOP_IN_SEQC(dvp);
2954 ASSERT_VOP_IN_SEQC(vp);
2960 * Validate that if an entry exists it matches.
2963 cache_validate(struct vnode *dvp, struct vnode *vp, struct componentname *cnp)
2965 struct namecache *ncp;
2969 hash = cache_get_hash(cnp->cn_nameptr, cnp->cn_namelen, dvp);
2970 if (CK_SLIST_EMPTY(NCHHASH(hash)))
2972 blp = HASH2BUCKETLOCK(hash);
2974 CK_SLIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) {
2975 if (ncp->nc_dvp == dvp && ncp->nc_nlen == cnp->cn_namelen &&
2976 !bcmp(ncp->nc_name, cnp->cn_nameptr, ncp->nc_nlen)) {
2977 if (ncp->nc_vp != vp)
2978 panic("%s: mismatch (%p != %p); ncp %p [%s] dvp %p\n",
2979 __func__, vp, ncp->nc_vp, ncp, ncp->nc_name, ncp->nc_dvp);
2987 * Flush all entries referencing a particular filesystem.
2990 cache_purgevfs(struct mount *mp)
2992 struct vnode *vp, *mvp;
2994 SDT_PROBE1(vfs, namecache, purgevfs, done, mp);
2996 * Somewhat wasteful iteration over all vnodes. Would be better to
2997 * support filtering and avoid the interlock to begin with.
2999 MNT_VNODE_FOREACH_ALL(vp, mp, mvp) {
3000 if (!cache_has_entries(vp)) {
3012 * Perform canonical checks and cache lookup and pass on to filesystem
3013 * through the vop_cachedlookup only if needed.
3017 vfs_cache_lookup(struct vop_lookup_args *ap)
3021 struct vnode **vpp = ap->a_vpp;
3022 struct componentname *cnp = ap->a_cnp;
3023 int flags = cnp->cn_flags;
3028 if (dvp->v_type != VDIR)
3031 if ((flags & ISLASTCN) && (dvp->v_mount->mnt_flag & MNT_RDONLY) &&
3032 (cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME))
3035 error = vn_dir_check_exec(dvp, cnp);
3039 error = cache_lookup(dvp, vpp, cnp, NULL, NULL);
3041 return (VOP_CACHEDLOOKUP(dvp, vpp, cnp));
3047 /* Implementation of the getcwd syscall. */
3049 sys___getcwd(struct thread *td, struct __getcwd_args *uap)
3055 buflen = uap->buflen;
3056 if (__predict_false(buflen < 2))
3058 if (buflen > MAXPATHLEN)
3059 buflen = MAXPATHLEN;
3061 buf = uma_zalloc(namei_zone, M_WAITOK);
3062 error = vn_getcwd(buf, &retbuf, &buflen);
3064 error = copyout(retbuf, uap->buf, buflen);
3065 uma_zfree(namei_zone, buf);
3070 vn_getcwd(char *buf, char **retbuf, size_t *buflen)
3076 pwd = pwd_get_smr();
3077 error = vn_fullpath_any_smr(pwd->pwd_cdir, pwd->pwd_rdir, buf, retbuf,
3079 VFS_SMR_ASSERT_NOT_ENTERED();
3081 pwd = pwd_hold(curthread);
3082 error = vn_fullpath_any(pwd->pwd_cdir, pwd->pwd_rdir, buf,
3088 if (KTRPOINT(curthread, KTR_NAMEI) && error == 0)
3095 kern___realpathat(struct thread *td, int fd, const char *path, char *buf,
3096 size_t size, int flags, enum uio_seg pathseg)
3098 struct nameidata nd;
3099 char *retbuf, *freebuf;
3104 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | SAVENAME | WANTPARENT | AUDITVNODE1,
3105 pathseg, path, fd, &cap_fstat_rights, td);
3106 if ((error = namei(&nd)) != 0)
3108 error = vn_fullpath_hardlink(&nd, &retbuf, &freebuf, &size);
3110 error = copyout(retbuf, buf, size);
3111 free(freebuf, M_TEMP);
3118 sys___realpathat(struct thread *td, struct __realpathat_args *uap)
3121 return (kern___realpathat(td, uap->fd, uap->path, uap->buf, uap->size,
3122 uap->flags, UIO_USERSPACE));
3126 * Retrieve the full filesystem path that correspond to a vnode from the name
3127 * cache (if available)
3130 vn_fullpath(struct vnode *vp, char **retbuf, char **freebuf)
3137 if (__predict_false(vp == NULL))
3140 buflen = MAXPATHLEN;
3141 buf = malloc(buflen, M_TEMP, M_WAITOK);
3143 pwd = pwd_get_smr();
3144 error = vn_fullpath_any_smr(vp, pwd->pwd_rdir, buf, retbuf, &buflen, 0);
3145 VFS_SMR_ASSERT_NOT_ENTERED();
3147 pwd = pwd_hold(curthread);
3148 error = vn_fullpath_any(vp, pwd->pwd_rdir, buf, retbuf, &buflen);
3159 * This function is similar to vn_fullpath, but it attempts to lookup the
3160 * pathname relative to the global root mount point. This is required for the
3161 * auditing sub-system, as audited pathnames must be absolute, relative to the
3162 * global root mount point.
3165 vn_fullpath_global(struct vnode *vp, char **retbuf, char **freebuf)
3171 if (__predict_false(vp == NULL))
3173 buflen = MAXPATHLEN;
3174 buf = malloc(buflen, M_TEMP, M_WAITOK);
3176 error = vn_fullpath_any_smr(vp, rootvnode, buf, retbuf, &buflen, 0);
3177 VFS_SMR_ASSERT_NOT_ENTERED();
3179 error = vn_fullpath_any(vp, rootvnode, buf, retbuf, &buflen);
3188 static struct namecache *
3189 vn_dd_from_dst(struct vnode *vp)
3191 struct namecache *ncp;
3193 cache_assert_vnode_locked(vp);
3194 TAILQ_FOREACH(ncp, &vp->v_cache_dst, nc_dst) {
3195 if ((ncp->nc_flag & NCF_ISDOTDOT) == 0)
3202 vn_vptocnp(struct vnode **vp, char *buf, size_t *buflen)
3205 struct namecache *ncp;
3209 vlp = VP2VNODELOCK(*vp);
3211 ncp = (*vp)->v_cache_dd;
3212 if (ncp != NULL && (ncp->nc_flag & NCF_ISDOTDOT) == 0) {
3213 KASSERT(ncp == vn_dd_from_dst(*vp),
3214 ("%s: mismatch for dd entry (%p != %p)", __func__,
3215 ncp, vn_dd_from_dst(*vp)));
3217 ncp = vn_dd_from_dst(*vp);
3220 if (*buflen < ncp->nc_nlen) {
3223 counter_u64_add(numfullpathfail4, 1);
3225 SDT_PROBE3(vfs, namecache, fullpath, return, error,
3229 *buflen -= ncp->nc_nlen;
3230 memcpy(buf + *buflen, ncp->nc_name, ncp->nc_nlen);
3231 SDT_PROBE3(vfs, namecache, fullpath, hit, ncp->nc_dvp,
3240 SDT_PROBE1(vfs, namecache, fullpath, miss, vp);
3243 vn_lock(*vp, LK_SHARED | LK_RETRY);
3244 error = VOP_VPTOCNP(*vp, &dvp, buf, buflen);
3247 counter_u64_add(numfullpathfail2, 1);
3248 SDT_PROBE3(vfs, namecache, fullpath, return, error, vp, NULL);
3253 if (VN_IS_DOOMED(dvp)) {
3254 /* forced unmount */
3257 SDT_PROBE3(vfs, namecache, fullpath, return, error, vp, NULL);
3261 * *vp has its use count incremented still.
3268 * Resolve a directory to a pathname.
3270 * The name of the directory can always be found in the namecache or fetched
3271 * from the filesystem. There is also guaranteed to be only one parent, meaning
3272 * we can just follow vnodes up until we find the root.
3274 * The vnode must be referenced.
3277 vn_fullpath_dir(struct vnode *vp, struct vnode *rdir, char *buf, char **retbuf,
3278 size_t *len, size_t addend)
3280 #ifdef KDTRACE_HOOKS
3281 struct vnode *startvp = vp;
3286 bool slash_prefixed;
3288 VNPASS(vp->v_type == VDIR || VN_IS_DOOMED(vp), vp);
3289 VNPASS(vp->v_usecount > 0, vp);
3293 slash_prefixed = true;
3298 slash_prefixed = false;
3303 SDT_PROBE1(vfs, namecache, fullpath, entry, vp);
3304 counter_u64_add(numfullpathcalls, 1);
3305 while (vp != rdir && vp != rootvnode) {
3307 * The vp vnode must be already fully constructed,
3308 * since it is either found in namecache or obtained
3309 * from VOP_VPTOCNP(). We may test for VV_ROOT safely
3310 * without obtaining the vnode lock.
3312 if ((vp->v_vflag & VV_ROOT) != 0) {
3313 vn_lock(vp, LK_RETRY | LK_SHARED);
3316 * With the vnode locked, check for races with
3317 * unmount, forced or not. Note that we
3318 * already verified that vp is not equal to
3319 * the root vnode, which means that
3320 * mnt_vnodecovered can be NULL only for the
3323 if (VN_IS_DOOMED(vp) ||
3324 (vp1 = vp->v_mount->mnt_vnodecovered) == NULL ||
3325 vp1->v_mountedhere != vp->v_mount) {
3328 SDT_PROBE3(vfs, namecache, fullpath, return,
3338 if (vp->v_type != VDIR) {
3340 counter_u64_add(numfullpathfail1, 1);
3342 SDT_PROBE3(vfs, namecache, fullpath, return,
3346 error = vn_vptocnp(&vp, buf, &buflen);
3352 SDT_PROBE3(vfs, namecache, fullpath, return, error,
3356 buf[--buflen] = '/';
3357 slash_prefixed = true;
3361 if (!slash_prefixed) {
3364 counter_u64_add(numfullpathfail4, 1);
3365 SDT_PROBE3(vfs, namecache, fullpath, return, ENOMEM,
3369 buf[--buflen] = '/';
3371 counter_u64_add(numfullpathfound, 1);
3374 *retbuf = buf + buflen;
3375 SDT_PROBE3(vfs, namecache, fullpath, return, 0, startvp, *retbuf);
3382 * Resolve an arbitrary vnode to a pathname.
3385 * - hardlinks are not tracked, thus if the vnode is not a directory this can
3386 * resolve to a different path than the one used to find it
3387 * - namecache is not mandatory, meaning names are not guaranteed to be added
3388 * (in which case resolving fails)
3390 static void __inline
3391 cache_rev_failed_impl(int *reason, int line)
3396 #define cache_rev_failed(var) cache_rev_failed_impl((var), __LINE__)
3399 vn_fullpath_any_smr(struct vnode *vp, struct vnode *rdir, char *buf,
3400 char **retbuf, size_t *buflen, size_t addend)
3402 #ifdef KDTRACE_HOOKS
3403 struct vnode *startvp = vp;
3407 struct namecache *ncp;
3411 #ifdef KDTRACE_HOOKS
3414 seqc_t vp_seqc, tvp_seqc;
3417 VFS_SMR_ASSERT_ENTERED();
3419 if (!cache_fast_revlookup) {
3424 orig_buflen = *buflen;
3427 MPASS(*buflen >= 2);
3429 buf[*buflen] = '\0';
3432 if (vp == rdir || vp == rootvnode) {
3440 #ifdef KDTRACE_HOOKS
3444 ncp = NULL; /* for sdt probe down below */
3445 vp_seqc = vn_seqc_read_any(vp);
3446 if (seqc_in_modify(vp_seqc)) {
3447 cache_rev_failed(&reason);
3452 #ifdef KDTRACE_HOOKS
3455 if ((vp->v_vflag & VV_ROOT) != 0) {
3456 mp = atomic_load_ptr(&vp->v_mount);
3458 cache_rev_failed(&reason);
3461 tvp = atomic_load_ptr(&mp->mnt_vnodecovered);
3462 tvp_seqc = vn_seqc_read_any(tvp);
3463 if (seqc_in_modify(tvp_seqc)) {
3464 cache_rev_failed(&reason);
3467 if (!vn_seqc_consistent(vp, vp_seqc)) {
3468 cache_rev_failed(&reason);
3475 ncp = atomic_load_consume_ptr(&vp->v_cache_dd);
3477 cache_rev_failed(&reason);
3480 nc_flag = atomic_load_char(&ncp->nc_flag);
3481 if ((nc_flag & NCF_ISDOTDOT) != 0) {
3482 cache_rev_failed(&reason);
3485 if (ncp->nc_nlen >= *buflen) {
3486 cache_rev_failed(&reason);
3490 *buflen -= ncp->nc_nlen;
3491 memcpy(buf + *buflen, ncp->nc_name, ncp->nc_nlen);
3495 tvp_seqc = vn_seqc_read_any(tvp);
3496 if (seqc_in_modify(tvp_seqc)) {
3497 cache_rev_failed(&reason);
3500 if (!vn_seqc_consistent(vp, vp_seqc)) {
3501 cache_rev_failed(&reason);
3505 * Acquire fence provided by vn_seqc_read_any above.
3507 if (__predict_false(atomic_load_ptr(&vp->v_cache_dd) != ncp)) {
3508 cache_rev_failed(&reason);
3511 if (!cache_ncp_canuse(ncp)) {
3512 cache_rev_failed(&reason);
3517 if (vp == rdir || vp == rootvnode)
3522 *retbuf = buf + *buflen;
3523 *buflen = orig_buflen - *buflen + addend;
3524 SDT_PROBE2(vfs, namecache, fullpath_smr, hit, startvp, *retbuf);
3528 *buflen = orig_buflen;
3529 SDT_PROBE4(vfs, namecache, fullpath_smr, miss, startvp, ncp, reason, i);
3535 vn_fullpath_any(struct vnode *vp, struct vnode *rdir, char *buf, char **retbuf,
3538 size_t orig_buflen, addend;
3544 orig_buflen = *buflen;
3548 if (vp->v_type != VDIR) {
3550 buf[*buflen] = '\0';
3551 error = vn_vptocnp(&vp, buf, buflen);
3560 addend = orig_buflen - *buflen;
3563 return (vn_fullpath_dir(vp, rdir, buf, retbuf, buflen, addend));
3567 * Resolve an arbitrary vnode to a pathname (taking care of hardlinks).
3569 * Since the namecache does not track hardlinks, the caller is expected to first
3570 * look up the target vnode with SAVENAME | WANTPARENT flags passed to namei.
3572 * Then we have 2 cases:
3573 * - if the found vnode is a directory, the path can be constructed just by
3574 * following names up the chain
3575 * - otherwise we populate the buffer with the saved name and start resolving
3579 vn_fullpath_hardlink(struct nameidata *ndp, char **retbuf, char **freebuf,
3584 struct componentname *cnp;
3592 if (*buflen > MAXPATHLEN)
3593 *buflen = MAXPATHLEN;
3595 buf = malloc(*buflen, M_TEMP, M_WAITOK);
3600 * Check for VBAD to work around the vp_crossmp bug in lookup().
3602 * For example consider tmpfs on /tmp and realpath /tmp. ni_vp will be
3603 * set to mount point's root vnode while ni_dvp will be vp_crossmp.
3604 * If the type is VDIR (like in this very case) we can skip looking
3605 * at ni_dvp in the first place. However, since vnodes get passed here
3606 * unlocked the target may transition to doomed state (type == VBAD)
3607 * before we get to evaluate the condition. If this happens, we will
3608 * populate part of the buffer and descend to vn_fullpath_dir with
3609 * vp == vp_crossmp. Prevent the problem by checking for VBAD.
3611 * This should be atomic_load(&vp->v_type) but it is illegal to take
3612 * an address of a bit field, even if said field is sized to char.
3613 * Work around the problem by reading the value into a full-sized enum
3614 * and then re-reading it with atomic_load which will still prevent
3615 * the compiler from re-reading down the road.
3618 type = atomic_load_int(&type);
3625 addend = cnp->cn_namelen + 2;
3626 if (*buflen < addend) {
3631 tmpbuf = buf + *buflen;
3633 memcpy(&tmpbuf[1], cnp->cn_nameptr, cnp->cn_namelen);
3634 tmpbuf[addend - 1] = '\0';
3639 pwd = pwd_get_smr();
3640 error = vn_fullpath_any_smr(vp, pwd->pwd_rdir, buf, retbuf, buflen,
3642 VFS_SMR_ASSERT_NOT_ENTERED();
3644 pwd = pwd_hold(curthread);
3646 error = vn_fullpath_dir(vp, pwd->pwd_rdir, buf, retbuf, buflen,
3662 vn_dir_dd_ino(struct vnode *vp)
3664 struct namecache *ncp;
3669 ASSERT_VOP_LOCKED(vp, "vn_dir_dd_ino");
3670 vlp = VP2VNODELOCK(vp);
3672 TAILQ_FOREACH(ncp, &(vp->v_cache_dst), nc_dst) {
3673 if ((ncp->nc_flag & NCF_ISDOTDOT) != 0)
3676 vs = vget_prep(ddvp);
3678 if (vget_finish(ddvp, LK_SHARED | LK_NOWAIT, vs))
3687 vn_commname(struct vnode *vp, char *buf, u_int buflen)
3689 struct namecache *ncp;
3693 vlp = VP2VNODELOCK(vp);
3695 TAILQ_FOREACH(ncp, &vp->v_cache_dst, nc_dst)
3696 if ((ncp->nc_flag & NCF_ISDOTDOT) == 0)
3702 l = min(ncp->nc_nlen, buflen - 1);
3703 memcpy(buf, ncp->nc_name, l);
3710 * This function updates path string to vnode's full global path
3711 * and checks the size of the new path string against the pathlen argument.
3713 * Requires a locked, referenced vnode.
3714 * Vnode is re-locked on success or ENODEV, otherwise unlocked.
3716 * If vp is a directory, the call to vn_fullpath_global() always succeeds
3717 * because it falls back to the ".." lookup if the namecache lookup fails.
3720 vn_path_to_global_path(struct thread *td, struct vnode *vp, char *path,
3723 struct nameidata nd;
3728 ASSERT_VOP_ELOCKED(vp, __func__);
3730 /* Construct global filesystem path from vp. */
3732 error = vn_fullpath_global(vp, &rpath, &fbuf);
3739 if (strlen(rpath) >= pathlen) {
3741 error = ENAMETOOLONG;
3746 * Re-lookup the vnode by path to detect a possible rename.
3747 * As a side effect, the vnode is relocked.
3748 * If vnode was renamed, return ENOENT.
3750 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1,
3751 UIO_SYSSPACE, path, td);
3757 NDFREE(&nd, NDF_ONLY_PNBUF);
3761 strcpy(path, rpath);
3774 db_print_vpath(struct vnode *vp)
3777 while (vp != NULL) {
3778 db_printf("%p: ", vp);
3779 if (vp == rootvnode) {
3783 if (vp->v_vflag & VV_ROOT) {
3784 db_printf("<mount point>");
3785 vp = vp->v_mount->mnt_vnodecovered;
3787 struct namecache *ncp;
3791 ncp = TAILQ_FIRST(&vp->v_cache_dst);
3794 for (i = 0; i < ncp->nc_nlen; i++)
3795 db_printf("%c", *ncn++);
3808 DB_SHOW_COMMAND(vpath, db_show_vpath)
3813 db_printf("usage: show vpath <struct vnode *>\n");
3817 vp = (struct vnode *)addr;
3823 static int cache_fast_lookup = 1;
3824 static char __read_frequently cache_fast_lookup_enabled = true;
3826 #define CACHE_FPL_FAILED -2020
3829 cache_fast_lookup_enabled_recalc(void)
3835 mac_on = mac_vnode_check_lookup_enabled();
3836 mac_on |= mac_vnode_check_readlink_enabled();
3841 lookup_flag = atomic_load_int(&cache_fast_lookup);
3842 if (lookup_flag && !mac_on) {
3843 atomic_store_char(&cache_fast_lookup_enabled, true);
3845 atomic_store_char(&cache_fast_lookup_enabled, false);
3850 syscal_vfs_cache_fast_lookup(SYSCTL_HANDLER_ARGS)
3854 old = atomic_load_int(&cache_fast_lookup);
3855 error = sysctl_handle_int(oidp, arg1, arg2, req);
3856 if (error == 0 && req->newptr && old != atomic_load_int(&cache_fast_lookup))
3857 cache_fast_lookup_enabled_recalc();
3860 SYSCTL_PROC(_vfs, OID_AUTO, cache_fast_lookup, CTLTYPE_INT|CTLFLAG_RW|CTLFLAG_MPSAFE,
3861 &cache_fast_lookup, 0, syscal_vfs_cache_fast_lookup, "IU", "");
3864 * Disable lockless lookup and observe all CPUs not executing it.
3866 * Used when resizing the hash table.
3868 * TODO: no provisions are made to handle tweaking of the knob at the same time
3871 cache_fplookup_lockout(void)
3875 on = atomic_load_char(&cache_fast_lookup_enabled);
3877 atomic_store_char(&cache_fast_lookup_enabled, false);
3878 atomic_thread_fence_rel();
3879 vfs_smr_synchronize();
3884 cache_fplookup_restore(void)
3887 cache_fast_lookup_enabled_recalc();
3891 * Components of nameidata (or objects it can point to) which may
3892 * need restoring in case fast path lookup fails.
3894 struct nameidata_outer {
3899 struct nameidata_saved {
3907 struct cache_fpl_debug {
3913 struct nameidata *ndp;
3914 struct componentname *cnp;
3921 struct nameidata_saved snd;
3922 struct nameidata_outer snd_outer;
3924 enum cache_fpl_status status:8;
3930 struct cache_fpl_debug debug;
3934 static bool cache_fplookup_is_mp(struct cache_fpl *fpl);
3935 static int cache_fplookup_cross_mount(struct cache_fpl *fpl);
3936 static int cache_fplookup_partial_setup(struct cache_fpl *fpl);
3937 static int cache_fplookup_skip_slashes(struct cache_fpl *fpl);
3938 static int cache_fplookup_trailingslash(struct cache_fpl *fpl);
3939 static void cache_fpl_pathlen_dec(struct cache_fpl *fpl);
3940 static void cache_fpl_pathlen_inc(struct cache_fpl *fpl);
3941 static void cache_fpl_pathlen_add(struct cache_fpl *fpl, size_t n);
3942 static void cache_fpl_pathlen_sub(struct cache_fpl *fpl, size_t n);
3945 cache_fpl_cleanup_cnp(struct componentname *cnp)
3948 uma_zfree(namei_zone, cnp->cn_pnbuf);
3950 cnp->cn_pnbuf = NULL;
3951 cnp->cn_nameptr = NULL;
3955 static struct vnode *
3956 cache_fpl_handle_root(struct cache_fpl *fpl)
3958 struct nameidata *ndp;
3959 struct componentname *cnp;
3964 MPASS(*(cnp->cn_nameptr) == '/');
3966 cache_fpl_pathlen_dec(fpl);
3968 if (__predict_false(*(cnp->cn_nameptr) == '/')) {
3971 cache_fpl_pathlen_dec(fpl);
3972 } while (*(cnp->cn_nameptr) == '/');
3975 return (ndp->ni_rootdir);
3979 cache_fpl_checkpoint_outer(struct cache_fpl *fpl)
3982 fpl->snd_outer.ni_pathlen = fpl->ndp->ni_pathlen;
3983 fpl->snd_outer.cn_flags = fpl->ndp->ni_cnd.cn_flags;
3987 cache_fpl_checkpoint(struct cache_fpl *fpl)
3991 fpl->snd.cn_nameptr = fpl->ndp->ni_cnd.cn_nameptr;
3992 fpl->snd.ni_pathlen = fpl->debug.ni_pathlen;
3997 cache_fpl_restore_partial(struct cache_fpl *fpl)
4000 fpl->ndp->ni_cnd.cn_flags = fpl->snd_outer.cn_flags;
4002 fpl->debug.ni_pathlen = fpl->snd.ni_pathlen;
4007 cache_fpl_restore_abort(struct cache_fpl *fpl)
4010 cache_fpl_restore_partial(fpl);
4012 * It is 0 on entry by API contract.
4014 fpl->ndp->ni_resflags = 0;
4015 fpl->ndp->ni_cnd.cn_nameptr = fpl->ndp->ni_cnd.cn_pnbuf;
4016 fpl->ndp->ni_pathlen = fpl->snd_outer.ni_pathlen;
4020 #define cache_fpl_smr_assert_entered(fpl) ({ \
4021 struct cache_fpl *_fpl = (fpl); \
4022 MPASS(_fpl->in_smr == true); \
4023 VFS_SMR_ASSERT_ENTERED(); \
4025 #define cache_fpl_smr_assert_not_entered(fpl) ({ \
4026 struct cache_fpl *_fpl = (fpl); \
4027 MPASS(_fpl->in_smr == false); \
4028 VFS_SMR_ASSERT_NOT_ENTERED(); \
4031 cache_fpl_assert_status(struct cache_fpl *fpl)
4034 switch (fpl->status) {
4035 case CACHE_FPL_STATUS_UNSET:
4036 __assert_unreachable();
4038 case CACHE_FPL_STATUS_DESTROYED:
4039 case CACHE_FPL_STATUS_ABORTED:
4040 case CACHE_FPL_STATUS_PARTIAL:
4041 case CACHE_FPL_STATUS_HANDLED:
4046 #define cache_fpl_smr_assert_entered(fpl) do { } while (0)
4047 #define cache_fpl_smr_assert_not_entered(fpl) do { } while (0)
4048 #define cache_fpl_assert_status(fpl) do { } while (0)
4051 #define cache_fpl_smr_enter_initial(fpl) ({ \
4052 struct cache_fpl *_fpl = (fpl); \
4054 _fpl->in_smr = true; \
4057 #define cache_fpl_smr_enter(fpl) ({ \
4058 struct cache_fpl *_fpl = (fpl); \
4059 MPASS(_fpl->in_smr == false); \
4061 _fpl->in_smr = true; \
4064 #define cache_fpl_smr_exit(fpl) ({ \
4065 struct cache_fpl *_fpl = (fpl); \
4066 MPASS(_fpl->in_smr == true); \
4068 _fpl->in_smr = false; \
4072 cache_fpl_aborted_early_impl(struct cache_fpl *fpl, int line)
4075 if (fpl->status != CACHE_FPL_STATUS_UNSET) {
4076 KASSERT(fpl->status == CACHE_FPL_STATUS_PARTIAL,
4077 ("%s: converting to abort from %d at %d, set at %d\n",
4078 __func__, fpl->status, line, fpl->line));
4080 cache_fpl_smr_assert_not_entered(fpl);
4081 fpl->status = CACHE_FPL_STATUS_ABORTED;
4083 return (CACHE_FPL_FAILED);
4086 #define cache_fpl_aborted_early(x) cache_fpl_aborted_early_impl((x), __LINE__)
4088 static int __noinline
4089 cache_fpl_aborted_impl(struct cache_fpl *fpl, int line)
4091 struct nameidata *ndp;
4092 struct componentname *cnp;
4097 if (fpl->status != CACHE_FPL_STATUS_UNSET) {
4098 KASSERT(fpl->status == CACHE_FPL_STATUS_PARTIAL,
4099 ("%s: converting to abort from %d at %d, set at %d\n",
4100 __func__, fpl->status, line, fpl->line));
4102 fpl->status = CACHE_FPL_STATUS_ABORTED;
4105 cache_fpl_smr_exit(fpl);
4106 cache_fpl_restore_abort(fpl);
4108 * Resolving symlinks overwrites data passed by the caller.
4111 if (ndp->ni_loopcnt > 0) {
4112 fpl->status = CACHE_FPL_STATUS_DESTROYED;
4113 cache_fpl_cleanup_cnp(cnp);
4115 return (CACHE_FPL_FAILED);
4118 #define cache_fpl_aborted(x) cache_fpl_aborted_impl((x), __LINE__)
4120 static int __noinline
4121 cache_fpl_partial_impl(struct cache_fpl *fpl, int line)
4124 KASSERT(fpl->status == CACHE_FPL_STATUS_UNSET,
4125 ("%s: setting to partial at %d, but already set to %d at %d\n",
4126 __func__, line, fpl->status, fpl->line));
4127 cache_fpl_smr_assert_entered(fpl);
4128 fpl->status = CACHE_FPL_STATUS_PARTIAL;
4130 return (cache_fplookup_partial_setup(fpl));
4133 #define cache_fpl_partial(x) cache_fpl_partial_impl((x), __LINE__)
4136 cache_fpl_handled_impl(struct cache_fpl *fpl, int line)
4139 KASSERT(fpl->status == CACHE_FPL_STATUS_UNSET,
4140 ("%s: setting to handled at %d, but already set to %d at %d\n",
4141 __func__, line, fpl->status, fpl->line));
4142 cache_fpl_smr_assert_not_entered(fpl);
4143 fpl->status = CACHE_FPL_STATUS_HANDLED;
4148 #define cache_fpl_handled(x) cache_fpl_handled_impl((x), __LINE__)
4151 cache_fpl_handled_error_impl(struct cache_fpl *fpl, int error, int line)
4154 KASSERT(fpl->status == CACHE_FPL_STATUS_UNSET,
4155 ("%s: setting to handled at %d, but already set to %d at %d\n",
4156 __func__, line, fpl->status, fpl->line));
4158 MPASS(error != CACHE_FPL_FAILED);
4159 cache_fpl_smr_assert_not_entered(fpl);
4160 fpl->status = CACHE_FPL_STATUS_HANDLED;
4164 fpl->savename = false;
4168 #define cache_fpl_handled_error(x, e) cache_fpl_handled_error_impl((x), (e), __LINE__)
4171 cache_fpl_terminated(struct cache_fpl *fpl)
4174 return (fpl->status != CACHE_FPL_STATUS_UNSET);
4177 #define CACHE_FPL_SUPPORTED_CN_FLAGS \
4178 (NC_NOMAKEENTRY | NC_KEEPPOSENTRY | LOCKLEAF | LOCKPARENT | WANTPARENT | \
4179 FAILIFEXISTS | FOLLOW | LOCKSHARED | SAVENAME | SAVESTART | WILLBEDIR | \
4180 ISOPEN | NOMACCHECK | AUDITVNODE1 | AUDITVNODE2 | NOCAPCHECK)
4182 #define CACHE_FPL_INTERNAL_CN_FLAGS \
4183 (ISDOTDOT | MAKEENTRY | ISLASTCN)
4185 _Static_assert((CACHE_FPL_SUPPORTED_CN_FLAGS & CACHE_FPL_INTERNAL_CN_FLAGS) == 0,
4186 "supported and internal flags overlap");
4189 cache_fpl_islastcn(struct nameidata *ndp)
4192 return (*ndp->ni_next == 0);
4196 cache_fpl_istrailingslash(struct cache_fpl *fpl)
4199 return (*(fpl->nulchar - 1) == '/');
4203 cache_fpl_isdotdot(struct componentname *cnp)
4206 if (cnp->cn_namelen == 2 &&
4207 cnp->cn_nameptr[1] == '.' && cnp->cn_nameptr[0] == '.')
4213 cache_can_fplookup(struct cache_fpl *fpl)
4215 struct nameidata *ndp;
4216 struct componentname *cnp;
4221 td = cnp->cn_thread;
4223 if (!atomic_load_char(&cache_fast_lookup_enabled)) {
4224 cache_fpl_aborted_early(fpl);
4227 if ((cnp->cn_flags & ~CACHE_FPL_SUPPORTED_CN_FLAGS) != 0) {
4228 cache_fpl_aborted_early(fpl);
4231 if (IN_CAPABILITY_MODE(td)) {
4232 cache_fpl_aborted_early(fpl);
4235 if (AUDITING_TD(td)) {
4236 cache_fpl_aborted_early(fpl);
4239 if (ndp->ni_startdir != NULL) {
4240 cache_fpl_aborted_early(fpl);
4247 cache_fplookup_dirfd(struct cache_fpl *fpl, struct vnode **vpp)
4249 struct nameidata *ndp;
4254 error = fgetvp_lookup_smr(ndp->ni_dirfd, ndp, vpp, &fsearch);
4255 if (__predict_false(error != 0)) {
4256 return (cache_fpl_aborted(fpl));
4258 fpl->fsearch = fsearch;
4262 static int __noinline
4263 cache_fplookup_negative_promote(struct cache_fpl *fpl, struct namecache *oncp,
4266 struct componentname *cnp;
4272 cache_fpl_smr_exit(fpl);
4273 if (cache_neg_promote_cond(dvp, cnp, oncp, hash))
4274 return (cache_fpl_handled_error(fpl, ENOENT));
4276 return (cache_fpl_aborted(fpl));
4280 * The target vnode is not supported, prepare for the slow path to take over.
4282 static int __noinline
4283 cache_fplookup_partial_setup(struct cache_fpl *fpl)
4285 struct nameidata *ndp;
4286 struct componentname *cnp;
4296 dvp_seqc = fpl->dvp_seqc;
4298 if (!pwd_hold_smr(pwd)) {
4299 return (cache_fpl_aborted(fpl));
4303 * Note that seqc is checked before the vnode is locked, so by
4304 * the time regular lookup gets to it it may have moved.
4306 * Ultimately this does not affect correctness, any lookup errors
4307 * are userspace racing with itself. It is guaranteed that any
4308 * path which ultimately gets found could also have been found
4309 * by regular lookup going all the way in absence of concurrent
4312 dvs = vget_prep_smr(dvp);
4313 cache_fpl_smr_exit(fpl);
4314 if (__predict_false(dvs == VGET_NONE)) {
4316 return (cache_fpl_aborted(fpl));
4319 vget_finish_ref(dvp, dvs);
4320 if (!vn_seqc_consistent(dvp, dvp_seqc)) {
4323 return (cache_fpl_aborted(fpl));
4326 cache_fpl_restore_partial(fpl);
4328 if (cnp->cn_nameptr != fpl->snd.cn_nameptr) {
4329 panic("%s: cn_nameptr mismatch (%p != %p) full [%s]\n", __func__,
4330 cnp->cn_nameptr, fpl->snd.cn_nameptr, cnp->cn_pnbuf);
4334 ndp->ni_startdir = dvp;
4335 cnp->cn_flags |= MAKEENTRY;
4336 if (cache_fpl_islastcn(ndp))
4337 cnp->cn_flags |= ISLASTCN;
4338 if (cache_fpl_isdotdot(cnp))
4339 cnp->cn_flags |= ISDOTDOT;
4342 * Skip potential extra slashes parsing did not take care of.
4343 * cache_fplookup_skip_slashes explains the mechanism.
4345 if (__predict_false(*(cnp->cn_nameptr) == '/')) {
4348 cache_fpl_pathlen_dec(fpl);
4349 } while (*(cnp->cn_nameptr) == '/');
4352 ndp->ni_pathlen = fpl->nulchar - cnp->cn_nameptr + 1;
4354 if (ndp->ni_pathlen != fpl->debug.ni_pathlen) {
4355 panic("%s: mismatch (%zu != %zu) nulchar %p nameptr %p [%s] ; full string [%s]\n",
4356 __func__, ndp->ni_pathlen, fpl->debug.ni_pathlen, fpl->nulchar,
4357 cnp->cn_nameptr, cnp->cn_nameptr, cnp->cn_pnbuf);
4364 cache_fplookup_final_child(struct cache_fpl *fpl, enum vgetstate tvs)
4366 struct componentname *cnp;
4373 tvp_seqc = fpl->tvp_seqc;
4375 if ((cnp->cn_flags & LOCKLEAF) != 0) {
4376 lkflags = LK_SHARED;
4377 if ((cnp->cn_flags & LOCKSHARED) == 0)
4378 lkflags = LK_EXCLUSIVE;
4379 error = vget_finish(tvp, lkflags, tvs);
4380 if (__predict_false(error != 0)) {
4381 return (cache_fpl_aborted(fpl));
4384 vget_finish_ref(tvp, tvs);
4387 if (!vn_seqc_consistent(tvp, tvp_seqc)) {
4388 if ((cnp->cn_flags & LOCKLEAF) != 0)
4392 return (cache_fpl_aborted(fpl));
4395 return (cache_fpl_handled(fpl));
4399 * They want to possibly modify the state of the namecache.
4401 static int __noinline
4402 cache_fplookup_final_modifying(struct cache_fpl *fpl)
4404 struct nameidata *ndp;
4405 struct componentname *cnp;
4407 struct vnode *dvp, *tvp;
4416 dvp_seqc = fpl->dvp_seqc;
4418 MPASS(*(cnp->cn_nameptr) != '/');
4419 MPASS(cache_fpl_islastcn(ndp));
4420 if ((cnp->cn_flags & LOCKPARENT) == 0)
4421 MPASS((cnp->cn_flags & WANTPARENT) != 0);
4422 MPASS((cnp->cn_flags & TRAILINGSLASH) == 0);
4423 MPASS(cnp->cn_nameiop == CREATE || cnp->cn_nameiop == DELETE ||
4424 cnp->cn_nameiop == RENAME);
4425 MPASS((cnp->cn_flags & MAKEENTRY) == 0);
4426 MPASS((cnp->cn_flags & ISDOTDOT) == 0);
4428 docache = (cnp->cn_flags & NOCACHE) ^ NOCACHE;
4429 if (cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME)
4433 * Regular lookup nulifies the slash, which we don't do here.
4434 * Don't take chances with filesystem routines seeing it for
4437 if (cache_fpl_istrailingslash(fpl)) {
4438 return (cache_fpl_partial(fpl));
4441 mp = atomic_load_ptr(&dvp->v_mount);
4442 if (__predict_false(mp == NULL)) {
4443 return (cache_fpl_aborted(fpl));
4446 if (__predict_false(mp->mnt_flag & MNT_RDONLY)) {
4447 cache_fpl_smr_exit(fpl);
4449 * Original code keeps not checking for CREATE which
4450 * might be a bug. For now let the old lookup decide.
4452 if (cnp->cn_nameiop == CREATE) {
4453 return (cache_fpl_aborted(fpl));
4455 return (cache_fpl_handled_error(fpl, EROFS));
4458 if (fpl->tvp != NULL && (cnp->cn_flags & FAILIFEXISTS) != 0) {
4459 cache_fpl_smr_exit(fpl);
4460 return (cache_fpl_handled_error(fpl, EEXIST));
4464 * Secure access to dvp; check cache_fplookup_partial_setup for
4467 * XXX At least UFS requires its lookup routine to be called for
4468 * the last path component, which leads to some level of complication
4470 * - the target routine always locks the target vnode, but our caller
4471 * may not need it locked
4472 * - some of the VOP machinery asserts that the parent is locked, which
4473 * once more may be not required
4475 * TODO: add a flag for filesystems which don't need this.
4477 dvs = vget_prep_smr(dvp);
4478 cache_fpl_smr_exit(fpl);
4479 if (__predict_false(dvs == VGET_NONE)) {
4480 return (cache_fpl_aborted(fpl));
4483 vget_finish_ref(dvp, dvs);
4484 if (!vn_seqc_consistent(dvp, dvp_seqc)) {
4486 return (cache_fpl_aborted(fpl));
4489 error = vn_lock(dvp, LK_EXCLUSIVE);
4490 if (__predict_false(error != 0)) {
4492 return (cache_fpl_aborted(fpl));
4496 cnp->cn_flags |= ISLASTCN;
4498 cnp->cn_flags |= MAKEENTRY;
4499 if (cache_fpl_isdotdot(cnp))
4500 cnp->cn_flags |= ISDOTDOT;
4501 cnp->cn_lkflags = LK_EXCLUSIVE;
4502 error = VOP_LOOKUP(dvp, &tvp, cnp);
4510 return (cache_fpl_handled_error(fpl, error));
4513 return (cache_fpl_aborted(fpl));
4517 fpl->savename = (cnp->cn_flags & SAVENAME) != 0;
4520 if ((cnp->cn_flags & SAVESTART) != 0) {
4521 ndp->ni_startdir = dvp;
4522 vrefact(ndp->ni_startdir);
4523 cnp->cn_flags |= SAVENAME;
4524 fpl->savename = true;
4526 MPASS(error == EJUSTRETURN);
4527 if ((cnp->cn_flags & LOCKPARENT) == 0) {
4530 return (cache_fpl_handled(fpl));
4534 * There are very hairy corner cases concerning various flag combinations
4535 * and locking state. In particular here we only hold one lock instead of
4538 * Skip the complexity as it is of no significance for normal workloads.
4540 if (__predict_false(tvp == dvp)) {
4543 return (cache_fpl_aborted(fpl));
4547 * If they want the symlink itself we are fine, but if they want to
4548 * follow it regular lookup has to be engaged.
4550 if (tvp->v_type == VLNK) {
4551 if ((cnp->cn_flags & FOLLOW) != 0) {
4554 return (cache_fpl_aborted(fpl));
4559 * Since we expect this to be the terminal vnode it should almost never
4562 if (__predict_false(cache_fplookup_is_mp(fpl))) {
4565 return (cache_fpl_aborted(fpl));
4568 if ((cnp->cn_flags & FAILIFEXISTS) != 0) {
4571 return (cache_fpl_handled_error(fpl, EEXIST));
4574 if ((cnp->cn_flags & LOCKLEAF) == 0) {
4578 if ((cnp->cn_flags & LOCKPARENT) == 0) {
4582 if ((cnp->cn_flags & SAVESTART) != 0) {
4583 ndp->ni_startdir = dvp;
4584 vrefact(ndp->ni_startdir);
4585 cnp->cn_flags |= SAVENAME;
4586 fpl->savename = true;
4589 return (cache_fpl_handled(fpl));
4592 static int __noinline
4593 cache_fplookup_modifying(struct cache_fpl *fpl)
4595 struct nameidata *ndp;
4599 if (!cache_fpl_islastcn(ndp)) {
4600 return (cache_fpl_partial(fpl));
4602 return (cache_fplookup_final_modifying(fpl));
4605 static int __noinline
4606 cache_fplookup_final_withparent(struct cache_fpl *fpl)
4608 struct componentname *cnp;
4609 enum vgetstate dvs, tvs;
4610 struct vnode *dvp, *tvp;
4616 dvp_seqc = fpl->dvp_seqc;
4619 MPASS((cnp->cn_flags & (LOCKPARENT|WANTPARENT)) != 0);
4622 * This is less efficient than it can be for simplicity.
4624 dvs = vget_prep_smr(dvp);
4625 if (__predict_false(dvs == VGET_NONE)) {
4626 return (cache_fpl_aborted(fpl));
4628 tvs = vget_prep_smr(tvp);
4629 if (__predict_false(tvs == VGET_NONE)) {
4630 cache_fpl_smr_exit(fpl);
4631 vget_abort(dvp, dvs);
4632 return (cache_fpl_aborted(fpl));
4635 cache_fpl_smr_exit(fpl);
4637 if ((cnp->cn_flags & LOCKPARENT) != 0) {
4638 error = vget_finish(dvp, LK_EXCLUSIVE, dvs);
4639 if (__predict_false(error != 0)) {
4640 vget_abort(tvp, tvs);
4641 return (cache_fpl_aborted(fpl));
4644 vget_finish_ref(dvp, dvs);
4647 if (!vn_seqc_consistent(dvp, dvp_seqc)) {
4648 vget_abort(tvp, tvs);
4649 if ((cnp->cn_flags & LOCKPARENT) != 0)
4653 return (cache_fpl_aborted(fpl));
4656 error = cache_fplookup_final_child(fpl, tvs);
4657 if (__predict_false(error != 0)) {
4658 MPASS(fpl->status == CACHE_FPL_STATUS_ABORTED ||
4659 fpl->status == CACHE_FPL_STATUS_DESTROYED);
4660 if ((cnp->cn_flags & LOCKPARENT) != 0)
4667 MPASS(fpl->status == CACHE_FPL_STATUS_HANDLED);
4672 cache_fplookup_final(struct cache_fpl *fpl)
4674 struct componentname *cnp;
4676 struct vnode *dvp, *tvp;
4681 dvp_seqc = fpl->dvp_seqc;
4684 MPASS(*(cnp->cn_nameptr) != '/');
4686 if (cnp->cn_nameiop != LOOKUP) {
4687 return (cache_fplookup_final_modifying(fpl));
4690 if ((cnp->cn_flags & (LOCKPARENT|WANTPARENT)) != 0)
4691 return (cache_fplookup_final_withparent(fpl));
4693 tvs = vget_prep_smr(tvp);
4694 if (__predict_false(tvs == VGET_NONE)) {
4695 return (cache_fpl_partial(fpl));
4698 if (!vn_seqc_consistent(dvp, dvp_seqc)) {
4699 cache_fpl_smr_exit(fpl);
4700 vget_abort(tvp, tvs);
4701 return (cache_fpl_aborted(fpl));
4704 cache_fpl_smr_exit(fpl);
4705 return (cache_fplookup_final_child(fpl, tvs));
4709 * Comment from locked lookup:
4710 * Check for degenerate name (e.g. / or "") which is a way of talking about a
4711 * directory, e.g. like "/." or ".".
4713 static int __noinline
4714 cache_fplookup_degenerate(struct cache_fpl *fpl)
4716 struct componentname *cnp;
4724 fpl->tvp = fpl->dvp;
4725 fpl->tvp_seqc = fpl->dvp_seqc;
4731 for (cp = cnp->cn_pnbuf; *cp != '\0'; cp++) {
4733 ("%s: encountered non-slash; string [%s]\n", __func__,
4738 if (__predict_false(cnp->cn_nameiop != LOOKUP)) {
4739 cache_fpl_smr_exit(fpl);
4740 return (cache_fpl_handled_error(fpl, EISDIR));
4743 MPASS((cnp->cn_flags & SAVESTART) == 0);
4745 if ((cnp->cn_flags & (LOCKPARENT|WANTPARENT)) != 0) {
4746 return (cache_fplookup_final_withparent(fpl));
4749 dvs = vget_prep_smr(dvp);
4750 cache_fpl_smr_exit(fpl);
4751 if (__predict_false(dvs == VGET_NONE)) {
4752 return (cache_fpl_aborted(fpl));
4755 if ((cnp->cn_flags & LOCKLEAF) != 0) {
4756 lkflags = LK_SHARED;
4757 if ((cnp->cn_flags & LOCKSHARED) == 0)
4758 lkflags = LK_EXCLUSIVE;
4759 error = vget_finish(dvp, lkflags, dvs);
4760 if (__predict_false(error != 0)) {
4761 return (cache_fpl_aborted(fpl));
4764 vget_finish_ref(dvp, dvs);
4766 return (cache_fpl_handled(fpl));
4769 static int __noinline
4770 cache_fplookup_noentry(struct cache_fpl *fpl)
4772 struct nameidata *ndp;
4773 struct componentname *cnp;
4775 struct vnode *dvp, *tvp;
4783 dvp_seqc = fpl->dvp_seqc;
4785 MPASS((cnp->cn_flags & MAKEENTRY) == 0);
4786 MPASS((cnp->cn_flags & ISDOTDOT) == 0);
4787 MPASS(!cache_fpl_isdotdot(cnp));
4790 * Hack: delayed name len checking.
4792 if (__predict_false(cnp->cn_namelen > NAME_MAX)) {
4793 cache_fpl_smr_exit(fpl);
4794 return (cache_fpl_handled_error(fpl, ENAMETOOLONG));
4797 if (cnp->cn_nameptr[0] == '/') {
4798 return (cache_fplookup_skip_slashes(fpl));
4801 if (cnp->cn_nameptr[0] == '\0') {
4802 if (fpl->tvp == NULL) {
4803 return (cache_fplookup_degenerate(fpl));
4805 return (cache_fplookup_trailingslash(fpl));
4808 if (cnp->cn_nameiop != LOOKUP) {
4810 return (cache_fplookup_modifying(fpl));
4813 MPASS((cnp->cn_flags & SAVESTART) == 0);
4816 * Only try to fill in the component if it is the last one,
4817 * otherwise not only there may be several to handle but the
4818 * walk may be complicated.
4820 if (!cache_fpl_islastcn(ndp)) {
4821 return (cache_fpl_partial(fpl));
4825 * Regular lookup nulifies the slash, which we don't do here.
4826 * Don't take chances with filesystem routines seeing it for
4829 if (cache_fpl_istrailingslash(fpl)) {
4830 return (cache_fpl_partial(fpl));
4834 * Secure access to dvp; check cache_fplookup_partial_setup for
4837 dvs = vget_prep_smr(dvp);
4838 cache_fpl_smr_exit(fpl);
4839 if (__predict_false(dvs == VGET_NONE)) {
4840 return (cache_fpl_aborted(fpl));
4843 vget_finish_ref(dvp, dvs);
4844 if (!vn_seqc_consistent(dvp, dvp_seqc)) {
4846 return (cache_fpl_aborted(fpl));
4849 error = vn_lock(dvp, LK_SHARED);
4850 if (__predict_false(error != 0)) {
4852 return (cache_fpl_aborted(fpl));
4857 * TODO: provide variants which don't require locking either vnode.
4859 cnp->cn_flags |= ISLASTCN;
4860 docache = (cnp->cn_flags & NOCACHE) ^ NOCACHE;
4862 cnp->cn_flags |= MAKEENTRY;
4863 cnp->cn_lkflags = LK_SHARED;
4864 if ((cnp->cn_flags & LOCKSHARED) == 0) {
4865 cnp->cn_lkflags = LK_EXCLUSIVE;
4867 error = VOP_LOOKUP(dvp, &tvp, cnp);
4875 return (cache_fpl_handled_error(fpl, error));
4878 return (cache_fpl_aborted(fpl));
4882 if (!fpl->savename) {
4883 MPASS((cnp->cn_flags & SAVENAME) == 0);
4887 MPASS(error == EJUSTRETURN);
4888 if ((cnp->cn_flags & (WANTPARENT | LOCKPARENT)) == 0) {
4890 } else if ((cnp->cn_flags & LOCKPARENT) == 0) {
4893 return (cache_fpl_handled(fpl));
4896 if (tvp->v_type == VLNK) {
4897 if ((cnp->cn_flags & FOLLOW) != 0) {
4900 return (cache_fpl_aborted(fpl));
4904 if (__predict_false(cache_fplookup_is_mp(fpl))) {
4907 return (cache_fpl_aborted(fpl));
4910 if ((cnp->cn_flags & LOCKLEAF) == 0) {
4914 if ((cnp->cn_flags & (WANTPARENT | LOCKPARENT)) == 0) {
4916 } else if ((cnp->cn_flags & LOCKPARENT) == 0) {
4919 return (cache_fpl_handled(fpl));
4922 static int __noinline
4923 cache_fplookup_dot(struct cache_fpl *fpl)
4927 MPASS(!seqc_in_modify(fpl->dvp_seqc));
4929 * Just re-assign the value. seqc will be checked later for the first
4930 * non-dot path component in line and/or before deciding to return the
4933 fpl->tvp = fpl->dvp;
4934 fpl->tvp_seqc = fpl->dvp_seqc;
4936 counter_u64_add(dothits, 1);
4937 SDT_PROBE3(vfs, namecache, lookup, hit, fpl->dvp, ".", fpl->dvp);
4940 if (cache_fplookup_is_mp(fpl)) {
4941 error = cache_fplookup_cross_mount(fpl);
4946 static int __noinline
4947 cache_fplookup_dotdot(struct cache_fpl *fpl)
4949 struct nameidata *ndp;
4950 struct componentname *cnp;
4951 struct namecache *ncp;
4960 MPASS(cache_fpl_isdotdot(cnp));
4963 * XXX this is racy the same way regular lookup is
4965 for (pr = cnp->cn_cred->cr_prison; pr != NULL;
4967 if (dvp == pr->pr_root)
4970 if (dvp == ndp->ni_rootdir ||
4971 dvp == ndp->ni_topdir ||
4975 fpl->tvp_seqc = vn_seqc_read_any(dvp);
4976 if (seqc_in_modify(fpl->tvp_seqc)) {
4977 return (cache_fpl_aborted(fpl));
4982 if ((dvp->v_vflag & VV_ROOT) != 0) {
4985 * The opposite of climb mount is needed here.
4987 return (cache_fpl_partial(fpl));
4990 ncp = atomic_load_consume_ptr(&dvp->v_cache_dd);
4992 return (cache_fpl_aborted(fpl));
4995 nc_flag = atomic_load_char(&ncp->nc_flag);
4996 if ((nc_flag & NCF_ISDOTDOT) != 0) {
4997 if ((nc_flag & NCF_NEGATIVE) != 0)
4998 return (cache_fpl_aborted(fpl));
4999 fpl->tvp = ncp->nc_vp;
5001 fpl->tvp = ncp->nc_dvp;
5004 fpl->tvp_seqc = vn_seqc_read_any(fpl->tvp);
5005 if (seqc_in_modify(fpl->tvp_seqc)) {
5006 return (cache_fpl_partial(fpl));
5010 * Acquire fence provided by vn_seqc_read_any above.
5012 if (__predict_false(atomic_load_ptr(&dvp->v_cache_dd) != ncp)) {
5013 return (cache_fpl_aborted(fpl));
5016 if (!cache_ncp_canuse(ncp)) {
5017 return (cache_fpl_aborted(fpl));
5020 counter_u64_add(dotdothits, 1);
5024 static int __noinline
5025 cache_fplookup_neg(struct cache_fpl *fpl, struct namecache *ncp, uint32_t hash)
5030 nc_flag = atomic_load_char(&ncp->nc_flag);
5031 MPASS((nc_flag & NCF_NEGATIVE) != 0);
5033 * If they want to create an entry we need to replace this one.
5035 if (__predict_false(fpl->cnp->cn_nameiop != LOOKUP)) {
5037 return (cache_fplookup_modifying(fpl));
5039 neg_promote = cache_neg_hit_prep(ncp);
5040 if (!cache_fpl_neg_ncp_canuse(ncp)) {
5041 cache_neg_hit_abort(ncp);
5042 return (cache_fpl_partial(fpl));
5045 return (cache_fplookup_negative_promote(fpl, ncp, hash));
5047 cache_neg_hit_finish(ncp);
5048 cache_fpl_smr_exit(fpl);
5049 return (cache_fpl_handled_error(fpl, ENOENT));
5053 * Resolve a symlink. Called by filesystem-specific routines.
5056 * ... -> cache_fplookup_symlink -> VOP_FPLOOKUP_SYMLINK -> cache_symlink_resolve
5059 cache_symlink_resolve(struct cache_fpl *fpl, const char *string, size_t len)
5061 struct nameidata *ndp;
5062 struct componentname *cnp;
5068 if (__predict_false(len == 0)) {
5072 if (__predict_false(len > MAXPATHLEN - 2)) {
5073 if (cache_fpl_istrailingslash(fpl)) {
5078 ndp->ni_pathlen = fpl->nulchar - cnp->cn_nameptr - cnp->cn_namelen + 1;
5080 if (ndp->ni_pathlen != fpl->debug.ni_pathlen) {
5081 panic("%s: mismatch (%zu != %zu) nulchar %p nameptr %p [%s] ; full string [%s]\n",
5082 __func__, ndp->ni_pathlen, fpl->debug.ni_pathlen, fpl->nulchar,
5083 cnp->cn_nameptr, cnp->cn_nameptr, cnp->cn_pnbuf);
5087 if (__predict_false(len + ndp->ni_pathlen > MAXPATHLEN)) {
5088 return (ENAMETOOLONG);
5091 if (__predict_false(ndp->ni_loopcnt++ >= MAXSYMLINKS)) {
5096 if (ndp->ni_pathlen > 1) {
5097 bcopy(ndp->ni_next, cnp->cn_pnbuf + len, ndp->ni_pathlen);
5099 if (cache_fpl_istrailingslash(fpl)) {
5101 cnp->cn_pnbuf[len] = '/';
5102 cnp->cn_pnbuf[len + 1] = '\0';
5104 cnp->cn_pnbuf[len] = '\0';
5107 bcopy(string, cnp->cn_pnbuf, len);
5109 ndp->ni_pathlen += adjust;
5110 cache_fpl_pathlen_add(fpl, adjust);
5111 cnp->cn_nameptr = cnp->cn_pnbuf;
5112 fpl->nulchar = &cnp->cn_nameptr[ndp->ni_pathlen - 1];
5117 static int __noinline
5118 cache_fplookup_symlink(struct cache_fpl *fpl)
5121 struct nameidata *ndp;
5122 struct componentname *cnp;
5123 struct vnode *dvp, *tvp;
5131 if (cache_fpl_islastcn(ndp)) {
5132 if ((cnp->cn_flags & FOLLOW) == 0) {
5133 return (cache_fplookup_final(fpl));
5137 mp = atomic_load_ptr(&dvp->v_mount);
5138 if (__predict_false(mp == NULL)) {
5139 return (cache_fpl_aborted(fpl));
5143 * Note this check races against setting the flag just like regular
5146 if (__predict_false((mp->mnt_flag & MNT_NOSYMFOLLOW) != 0)) {
5147 cache_fpl_smr_exit(fpl);
5148 return (cache_fpl_handled_error(fpl, EACCES));
5151 error = VOP_FPLOOKUP_SYMLINK(tvp, fpl);
5152 if (__predict_false(error != 0)) {
5155 return (cache_fpl_partial(fpl));
5159 cache_fpl_smr_exit(fpl);
5160 return (cache_fpl_handled_error(fpl, error));
5162 return (cache_fpl_aborted(fpl));
5166 if (*(cnp->cn_nameptr) == '/') {
5167 fpl->dvp = cache_fpl_handle_root(fpl);
5168 fpl->dvp_seqc = vn_seqc_read_any(fpl->dvp);
5169 if (seqc_in_modify(fpl->dvp_seqc)) {
5170 return (cache_fpl_aborted(fpl));
5177 cache_fplookup_next(struct cache_fpl *fpl)
5179 struct componentname *cnp;
5180 struct namecache *ncp;
5181 struct vnode *dvp, *tvp;
5190 if (__predict_false(cnp->cn_nameptr[0] == '.')) {
5191 if (cnp->cn_namelen == 1) {
5192 return (cache_fplookup_dot(fpl));
5194 if (cnp->cn_namelen == 2 && cnp->cn_nameptr[1] == '.') {
5195 return (cache_fplookup_dotdot(fpl));
5199 MPASS(!cache_fpl_isdotdot(cnp));
5201 CK_SLIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) {
5202 if (ncp->nc_dvp == dvp && ncp->nc_nlen == cnp->cn_namelen &&
5203 !bcmp(ncp->nc_name, cnp->cn_nameptr, ncp->nc_nlen))
5207 if (__predict_false(ncp == NULL)) {
5208 return (cache_fplookup_noentry(fpl));
5211 tvp = atomic_load_ptr(&ncp->nc_vp);
5212 nc_flag = atomic_load_char(&ncp->nc_flag);
5213 if ((nc_flag & NCF_NEGATIVE) != 0) {
5214 return (cache_fplookup_neg(fpl, ncp, hash));
5217 if (!cache_ncp_canuse(ncp)) {
5218 return (cache_fpl_partial(fpl));
5222 fpl->tvp_seqc = vn_seqc_read_any(tvp);
5223 if (seqc_in_modify(fpl->tvp_seqc)) {
5224 return (cache_fpl_partial(fpl));
5227 counter_u64_add(numposhits, 1);
5228 SDT_PROBE3(vfs, namecache, lookup, hit, dvp, ncp->nc_name, tvp);
5231 if (cache_fplookup_is_mp(fpl)) {
5232 error = cache_fplookup_cross_mount(fpl);
5238 cache_fplookup_mp_supported(struct mount *mp)
5242 if ((mp->mnt_kern_flag & MNTK_FPLOOKUP) == 0)
5248 * Walk up the mount stack (if any).
5250 * Correctness is provided in the following ways:
5251 * - all vnodes are protected from freeing with SMR
5252 * - struct mount objects are type stable making them always safe to access
5253 * - stability of the particular mount is provided by busying it
5254 * - relationship between the vnode which is mounted on and the mount is
5255 * verified with the vnode sequence counter after busying
5256 * - association between root vnode of the mount and the mount is protected
5259 * From that point on we can read the sequence counter of the root vnode
5260 * and get the next mount on the stack (if any) using the same protection.
5262 * By the end of successful walk we are guaranteed the reached state was
5263 * indeed present at least at some point which matches the regular lookup.
5265 static int __noinline
5266 cache_fplookup_climb_mount(struct cache_fpl *fpl)
5268 struct mount *mp, *prev_mp;
5269 struct mount_pcpu *mpcpu, *prev_mpcpu;
5274 vp_seqc = fpl->tvp_seqc;
5276 VNPASS(vp->v_type == VDIR || vp->v_type == VBAD, vp);
5277 mp = atomic_load_ptr(&vp->v_mountedhere);
5278 if (__predict_false(mp == NULL)) {
5284 if (!vfs_op_thread_enter_crit(mp, mpcpu)) {
5285 if (prev_mp != NULL)
5286 vfs_op_thread_exit_crit(prev_mp, prev_mpcpu);
5287 return (cache_fpl_partial(fpl));
5289 if (prev_mp != NULL)
5290 vfs_op_thread_exit_crit(prev_mp, prev_mpcpu);
5291 if (!vn_seqc_consistent(vp, vp_seqc)) {
5292 vfs_op_thread_exit_crit(mp, mpcpu);
5293 return (cache_fpl_partial(fpl));
5295 if (!cache_fplookup_mp_supported(mp)) {
5296 vfs_op_thread_exit_crit(mp, mpcpu);
5297 return (cache_fpl_partial(fpl));
5299 vp = atomic_load_ptr(&mp->mnt_rootvnode);
5301 vfs_op_thread_exit_crit(mp, mpcpu);
5302 return (cache_fpl_partial(fpl));
5304 vp_seqc = vn_seqc_read_any(vp);
5305 if (seqc_in_modify(vp_seqc)) {
5306 vfs_op_thread_exit_crit(mp, mpcpu);
5307 return (cache_fpl_partial(fpl));
5311 mp = atomic_load_ptr(&vp->v_mountedhere);
5316 vfs_op_thread_exit_crit(prev_mp, prev_mpcpu);
5318 fpl->tvp_seqc = vp_seqc;
5322 static int __noinline
5323 cache_fplookup_cross_mount(struct cache_fpl *fpl)
5326 struct mount_pcpu *mpcpu;
5331 vp_seqc = fpl->tvp_seqc;
5333 VNPASS(vp->v_type == VDIR || vp->v_type == VBAD, vp);
5334 mp = atomic_load_ptr(&vp->v_mountedhere);
5335 if (__predict_false(mp == NULL)) {
5339 if (!vfs_op_thread_enter_crit(mp, mpcpu)) {
5340 return (cache_fpl_partial(fpl));
5342 if (!vn_seqc_consistent(vp, vp_seqc)) {
5343 vfs_op_thread_exit_crit(mp, mpcpu);
5344 return (cache_fpl_partial(fpl));
5346 if (!cache_fplookup_mp_supported(mp)) {
5347 vfs_op_thread_exit_crit(mp, mpcpu);
5348 return (cache_fpl_partial(fpl));
5350 vp = atomic_load_ptr(&mp->mnt_rootvnode);
5351 if (__predict_false(vp == NULL)) {
5352 vfs_op_thread_exit_crit(mp, mpcpu);
5353 return (cache_fpl_partial(fpl));
5355 vp_seqc = vn_seqc_read_any(vp);
5356 vfs_op_thread_exit_crit(mp, mpcpu);
5357 if (seqc_in_modify(vp_seqc)) {
5358 return (cache_fpl_partial(fpl));
5360 mp = atomic_load_ptr(&vp->v_mountedhere);
5361 if (__predict_false(mp != NULL)) {
5363 * There are possibly more mount points on top.
5364 * Normally this does not happen so for simplicity just start
5367 return (cache_fplookup_climb_mount(fpl));
5371 fpl->tvp_seqc = vp_seqc;
5376 * Check if a vnode is mounted on.
5379 cache_fplookup_is_mp(struct cache_fpl *fpl)
5384 return ((vn_irflag_read(vp) & VIRF_MOUNTPOINT) != 0);
5390 * The code was originally copy-pasted from regular lookup and despite
5391 * clean ups leaves performance on the table. Any modifications here
5392 * must take into account that in case off fallback the resulting
5393 * nameidata state has to be compatible with the original.
5397 * Debug ni_pathlen tracking.
5401 cache_fpl_pathlen_add(struct cache_fpl *fpl, size_t n)
5404 fpl->debug.ni_pathlen += n;
5405 KASSERT(fpl->debug.ni_pathlen <= PATH_MAX,
5406 ("%s: pathlen overflow to %zd\n", __func__, fpl->debug.ni_pathlen));
5410 cache_fpl_pathlen_sub(struct cache_fpl *fpl, size_t n)
5413 fpl->debug.ni_pathlen -= n;
5414 KASSERT(fpl->debug.ni_pathlen <= PATH_MAX,
5415 ("%s: pathlen underflow to %zd\n", __func__, fpl->debug.ni_pathlen));
5419 cache_fpl_pathlen_inc(struct cache_fpl *fpl)
5422 cache_fpl_pathlen_add(fpl, 1);
5426 cache_fpl_pathlen_dec(struct cache_fpl *fpl)
5429 cache_fpl_pathlen_sub(fpl, 1);
5433 cache_fpl_pathlen_add(struct cache_fpl *fpl, size_t n)
5438 cache_fpl_pathlen_sub(struct cache_fpl *fpl, size_t n)
5443 cache_fpl_pathlen_inc(struct cache_fpl *fpl)
5448 cache_fpl_pathlen_dec(struct cache_fpl *fpl)
5454 cache_fplookup_parse(struct cache_fpl *fpl)
5456 struct nameidata *ndp;
5457 struct componentname *cnp;
5467 * Find the end of this path component, it is either / or nul.
5469 * Store / as a temporary sentinel so that we only have one character
5470 * to test for. Pathnames tend to be short so this should not be
5471 * resulting in cache misses.
5473 * TODO: fix this to be word-sized.
5475 KASSERT(&cnp->cn_nameptr[fpl->debug.ni_pathlen - 1] == fpl->nulchar,
5476 ("%s: mismatch between pathlen (%zu) and nulchar (%p != %p), string [%s]\n",
5477 __func__, fpl->debug.ni_pathlen, &cnp->cn_nameptr[fpl->debug.ni_pathlen - 1],
5478 fpl->nulchar, cnp->cn_pnbuf));
5479 KASSERT(*fpl->nulchar == '\0',
5480 ("%s: expected nul at %p; string [%s]\n", __func__, fpl->nulchar,
5482 hash = cache_get_hash_iter_start(dvp);
5483 *fpl->nulchar = '/';
5484 for (cp = cnp->cn_nameptr; *cp != '/'; cp++) {
5485 KASSERT(*cp != '\0',
5486 ("%s: encountered unexpected nul; string [%s]\n", __func__,
5488 hash = cache_get_hash_iter(*cp, hash);
5491 *fpl->nulchar = '\0';
5492 fpl->hash = cache_get_hash_iter_finish(hash);
5494 cnp->cn_namelen = cp - cnp->cn_nameptr;
5495 cache_fpl_pathlen_sub(fpl, cnp->cn_namelen);
5499 * cache_get_hash only accepts lengths up to NAME_MAX. This is fine since
5500 * we are going to fail this lookup with ENAMETOOLONG (see below).
5502 if (cnp->cn_namelen <= NAME_MAX) {
5503 if (fpl->hash != cache_get_hash(cnp->cn_nameptr, cnp->cn_namelen, dvp)) {
5504 panic("%s: mismatched hash for [%s] len %ld", __func__,
5505 cnp->cn_nameptr, cnp->cn_namelen);
5511 * Hack: we have to check if the found path component's length exceeds
5512 * NAME_MAX. However, the condition is very rarely true and check can
5513 * be elided in the common case -- if an entry was found in the cache,
5514 * then it could not have been too long to begin with.
5520 cache_fplookup_parse_advance(struct cache_fpl *fpl)
5522 struct nameidata *ndp;
5523 struct componentname *cnp;
5528 cnp->cn_nameptr = ndp->ni_next;
5529 KASSERT(*(cnp->cn_nameptr) == '/',
5530 ("%s: should have seen slash at %p ; buf %p [%s]\n", __func__,
5531 cnp->cn_nameptr, cnp->cn_pnbuf, cnp->cn_pnbuf));
5533 cache_fpl_pathlen_dec(fpl);
5537 * Skip spurious slashes in a pathname (e.g., "foo///bar") and retry.
5539 * Lockless lookup tries to elide checking for spurious slashes and should they
5540 * be present is guaranteed to fail to find an entry. In this case the caller
5541 * must check if the name starts with a slash and call this routine. It is
5542 * going to fast forward across the spurious slashes and set the state up for
5545 static int __noinline
5546 cache_fplookup_skip_slashes(struct cache_fpl *fpl)
5548 struct nameidata *ndp;
5549 struct componentname *cnp;
5554 MPASS(*(cnp->cn_nameptr) == '/');
5557 cache_fpl_pathlen_dec(fpl);
5558 } while (*(cnp->cn_nameptr) == '/');
5561 * Go back to one slash so that cache_fplookup_parse_advance has
5562 * something to skip.
5565 cache_fpl_pathlen_inc(fpl);
5568 * cache_fplookup_parse_advance starts from ndp->ni_next
5570 ndp->ni_next = cnp->cn_nameptr;
5573 * See cache_fplookup_dot.
5575 fpl->tvp = fpl->dvp;
5576 fpl->tvp_seqc = fpl->dvp_seqc;
5582 * Handle trailing slashes (e.g., "foo/").
5584 * If a trailing slash is found the terminal vnode must be a directory.
5585 * Regular lookup shortens the path by nulifying the first trailing slash and
5586 * sets the TRAILINGSLASH flag to denote this took place. There are several
5587 * checks on it performed later.
5589 * Similarly to spurious slashes, lockless lookup handles this in a speculative
5590 * manner relying on an invariant that a non-directory vnode will get a miss.
5591 * In this case cn_nameptr[0] == '\0' and cn_namelen == 0.
5593 * Thus for a path like "foo/bar/" the code unwinds the state back to "bar/"
5594 * and denotes this is the last path component, which avoids looping back.
5596 * Only plain lookups are supported for now to restrict corner cases to handle.
5598 static int __noinline
5599 cache_fplookup_trailingslash(struct cache_fpl *fpl)
5604 struct nameidata *ndp;
5605 struct componentname *cnp;
5606 struct namecache *ncp;
5608 char *cn_nameptr_orig, *cn_nameptr_slash;
5615 tvp_seqc = fpl->tvp_seqc;
5617 MPASS(fpl->dvp == fpl->tvp);
5618 KASSERT(cache_fpl_istrailingslash(fpl),
5619 ("%s: expected trailing slash at %p; string [%s]\n", __func__, fpl->nulchar - 1,
5621 KASSERT(cnp->cn_nameptr[0] == '\0',
5622 ("%s: expected nul char at %p; string [%s]\n", __func__, &cnp->cn_nameptr[0],
5624 KASSERT(cnp->cn_namelen == 0,
5625 ("%s: namelen 0 but got %ld; string [%s]\n", __func__, cnp->cn_namelen,
5627 MPASS(cnp->cn_nameptr > cnp->cn_pnbuf);
5629 if (cnp->cn_nameiop != LOOKUP) {
5630 return (cache_fpl_aborted(fpl));
5633 if (__predict_false(tvp->v_type != VDIR)) {
5634 if (!vn_seqc_consistent(tvp, tvp_seqc)) {
5635 return (cache_fpl_aborted(fpl));
5637 cache_fpl_smr_exit(fpl);
5638 return (cache_fpl_handled_error(fpl, ENOTDIR));
5642 * Denote the last component.
5644 ndp->ni_next = &cnp->cn_nameptr[0];
5645 MPASS(cache_fpl_islastcn(ndp));
5648 * Unwind trailing slashes.
5650 cn_nameptr_orig = cnp->cn_nameptr;
5651 while (cnp->cn_nameptr >= cnp->cn_pnbuf) {
5653 if (cnp->cn_nameptr[0] != '/') {
5659 * Unwind to the beginning of the path component.
5661 * Note the path may or may not have started with a slash.
5663 cn_nameptr_slash = cnp->cn_nameptr;
5664 while (cnp->cn_nameptr > cnp->cn_pnbuf) {
5666 if (cnp->cn_nameptr[0] == '/') {
5670 if (cnp->cn_nameptr[0] == '/') {
5674 cnp->cn_namelen = cn_nameptr_slash - cnp->cn_nameptr + 1;
5675 cache_fpl_pathlen_add(fpl, cn_nameptr_orig - cnp->cn_nameptr);
5676 cache_fpl_checkpoint(fpl);
5679 ni_pathlen = fpl->nulchar - cnp->cn_nameptr + 1;
5680 if (ni_pathlen != fpl->debug.ni_pathlen) {
5681 panic("%s: mismatch (%zu != %zu) nulchar %p nameptr %p [%s] ; full string [%s]\n",
5682 __func__, ni_pathlen, fpl->debug.ni_pathlen, fpl->nulchar,
5683 cnp->cn_nameptr, cnp->cn_nameptr, cnp->cn_pnbuf);
5688 * If this was a "./" lookup the parent directory is already correct.
5690 if (cnp->cn_nameptr[0] == '.' && cnp->cn_namelen == 1) {
5695 * Otherwise we need to look it up.
5698 ncp = atomic_load_consume_ptr(&tvp->v_cache_dd);
5699 if (__predict_false(ncp == NULL)) {
5700 return (cache_fpl_aborted(fpl));
5702 nc_flag = atomic_load_char(&ncp->nc_flag);
5703 if ((nc_flag & NCF_ISDOTDOT) != 0) {
5704 return (cache_fpl_aborted(fpl));
5706 fpl->dvp = ncp->nc_dvp;
5707 fpl->dvp_seqc = vn_seqc_read_any(fpl->dvp);
5708 if (seqc_in_modify(fpl->dvp_seqc)) {
5709 return (cache_fpl_aborted(fpl));
5715 * See the API contract for VOP_FPLOOKUP_VEXEC.
5717 static int __noinline
5718 cache_fplookup_failed_vexec(struct cache_fpl *fpl, int error)
5720 struct componentname *cnp;
5726 dvp_seqc = fpl->dvp_seqc;
5729 * TODO: Due to ignoring trailing slashes lookup will perform a
5730 * permission check on the last dir when it should not be doing it. It
5731 * may fail, but said failure should be ignored. It is possible to fix
5732 * it up fully without resorting to regular lookup, but for now just
5735 if (cache_fpl_istrailingslash(fpl)) {
5736 return (cache_fpl_aborted(fpl));
5740 * Hack: delayed degenerate path checking.
5742 if (cnp->cn_nameptr[0] == '\0' && fpl->tvp == NULL) {
5743 return (cache_fplookup_degenerate(fpl));
5747 * Hack: delayed name len checking.
5749 if (__predict_false(cnp->cn_namelen > NAME_MAX)) {
5750 cache_fpl_smr_exit(fpl);
5751 return (cache_fpl_handled_error(fpl, ENAMETOOLONG));
5755 * Hack: they may be looking up foo/bar, where foo is not a directory.
5756 * In such a case we need to return ENOTDIR, but we may happen to get
5757 * here with a different error.
5759 if (dvp->v_type != VDIR) {
5764 * Hack: handle O_SEARCH.
5766 * Open Group Base Specifications Issue 7, 2018 edition states:
5768 * If the access mode of the open file description associated with the
5769 * file descriptor is not O_SEARCH, the function shall check whether
5770 * directory searches are permitted using the current permissions of
5771 * the directory underlying the file descriptor. If the access mode is
5772 * O_SEARCH, the function shall not perform the check.
5775 * Regular lookup tests for the NOEXECCHECK flag for every path
5776 * component to decide whether to do the permission check. However,
5777 * since most lookups never have the flag (and when they do it is only
5778 * present for the first path component), lockless lookup only acts on
5779 * it if there is a permission problem. Here the flag is represented
5780 * with a boolean so that we don't have to clear it on the way out.
5782 * For simplicity this always aborts.
5783 * TODO: check if this is the first lookup and ignore the permission
5784 * problem. Note the flag has to survive fallback (if it happens to be
5788 return (cache_fpl_aborted(fpl));
5793 if (!vn_seqc_consistent(dvp, dvp_seqc)) {
5794 error = cache_fpl_aborted(fpl);
5796 cache_fpl_partial(fpl);
5800 if (!vn_seqc_consistent(dvp, dvp_seqc)) {
5801 error = cache_fpl_aborted(fpl);
5803 cache_fpl_smr_exit(fpl);
5804 cache_fpl_handled_error(fpl, error);
5812 cache_fplookup_impl(struct vnode *dvp, struct cache_fpl *fpl)
5814 struct nameidata *ndp;
5815 struct componentname *cnp;
5822 cache_fpl_checkpoint(fpl);
5825 * The vnode at hand is almost always stable, skip checking for it.
5826 * Worst case this postpones the check towards the end of the iteration
5830 fpl->dvp_seqc = vn_seqc_read_notmodify(fpl->dvp);
5832 mp = atomic_load_ptr(&dvp->v_mount);
5833 if (__predict_false(mp == NULL || !cache_fplookup_mp_supported(mp))) {
5834 return (cache_fpl_aborted(fpl));
5837 MPASS(fpl->tvp == NULL);
5840 cache_fplookup_parse(fpl);
5842 error = VOP_FPLOOKUP_VEXEC(fpl->dvp, cnp->cn_cred);
5843 if (__predict_false(error != 0)) {
5844 error = cache_fplookup_failed_vexec(fpl, error);
5848 error = cache_fplookup_next(fpl);
5849 if (__predict_false(cache_fpl_terminated(fpl))) {
5853 VNPASS(!seqc_in_modify(fpl->tvp_seqc), fpl->tvp);
5855 if (fpl->tvp->v_type == VLNK) {
5856 error = cache_fplookup_symlink(fpl);
5857 if (cache_fpl_terminated(fpl)) {
5861 if (cache_fpl_islastcn(ndp)) {
5862 error = cache_fplookup_final(fpl);
5866 if (!vn_seqc_consistent(fpl->dvp, fpl->dvp_seqc)) {
5867 error = cache_fpl_aborted(fpl);
5871 fpl->dvp = fpl->tvp;
5872 fpl->dvp_seqc = fpl->tvp_seqc;
5873 cache_fplookup_parse_advance(fpl);
5876 cache_fpl_checkpoint(fpl);
5883 * Fast path lookup protected with SMR and sequence counters.
5885 * Note: all VOP_FPLOOKUP_VEXEC routines have a comment referencing this one.
5887 * Filesystems can opt in by setting the MNTK_FPLOOKUP flag and meeting criteria
5890 * Traditional vnode lookup conceptually looks like this:
5896 * vn_unlock(current);
5903 * Each jump to the next vnode is safe memory-wise and atomic with respect to
5904 * any modifications thanks to holding respective locks.
5906 * The same guarantee can be provided with a combination of safe memory
5907 * reclamation and sequence counters instead. If all operations which affect
5908 * the relationship between the current vnode and the one we are looking for
5909 * also modify the counter, we can verify whether all the conditions held as
5910 * we made the jump. This includes things like permissions, mount points etc.
5911 * Counter modification is provided by enclosing relevant places in
5912 * vn_seqc_write_begin()/end() calls.
5914 * Thus this translates to:
5917 * dvp_seqc = seqc_read_any(dvp);
5918 * if (seqc_in_modify(dvp_seqc)) // someone is altering the vnode
5922 * tvp_seqc = seqc_read_any(tvp);
5923 * if (seqc_in_modify(tvp_seqc)) // someone is altering the target vnode
5925 * if (!seqc_consistent(dvp, dvp_seqc) // someone is altering the vnode
5927 * dvp = tvp; // we know nothing of importance has changed
5928 * dvp_seqc = tvp_seqc; // store the counter for the tvp iteration
5932 * vget(); // secure the vnode
5933 * if (!seqc_consistent(tvp, tvp_seqc) // final check
5935 * // at this point we know nothing has changed for any parent<->child pair
5936 * // as they were crossed during the lookup, meaning we matched the guarantee
5937 * // of the locked variant
5940 * The API contract for VOP_FPLOOKUP_VEXEC routines is as follows:
5941 * - they are called while within vfs_smr protection which they must never exit
5942 * - EAGAIN can be returned to denote checking could not be performed, it is
5943 * always valid to return it
5944 * - if the sequence counter has not changed the result must be valid
5945 * - if the sequence counter has changed both false positives and false negatives
5946 * are permitted (since the result will be rejected later)
5947 * - for simple cases of unix permission checks vaccess_vexec_smr can be used
5949 * Caveats to watch out for:
5950 * - vnodes are passed unlocked and unreferenced with nothing stopping
5951 * VOP_RECLAIM, in turn meaning that ->v_data can become NULL. It is advised
5952 * to use atomic_load_ptr to fetch it.
5953 * - the aforementioned object can also get freed, meaning absent other means it
5954 * should be protected with vfs_smr
5955 * - either safely checking permissions as they are modified or guaranteeing
5956 * their stability is left to the routine
5959 cache_fplookup(struct nameidata *ndp, enum cache_fpl_status *status,
5962 struct cache_fpl fpl;
5965 struct componentname *cnp;
5968 fpl.status = CACHE_FPL_STATUS_UNSET;
5971 fpl.cnp = cnp = &ndp->ni_cnd;
5972 MPASS(ndp->ni_lcf == 0);
5973 MPASS(curthread == cnp->cn_thread);
5974 KASSERT ((cnp->cn_flags & CACHE_FPL_INTERNAL_CN_FLAGS) == 0,
5975 ("%s: internal flags found in cn_flags %" PRIx64, __func__,
5977 if ((cnp->cn_flags & SAVESTART) != 0) {
5978 MPASS(cnp->cn_nameiop != LOOKUP);
5980 MPASS(cnp->cn_nameptr == cnp->cn_pnbuf);
5982 if (__predict_false(!cache_can_fplookup(&fpl))) {
5983 *status = fpl.status;
5984 SDT_PROBE3(vfs, fplookup, lookup, done, ndp, fpl.line, fpl.status);
5985 return (EOPNOTSUPP);
5988 cache_fpl_checkpoint_outer(&fpl);
5990 cache_fpl_smr_enter_initial(&fpl);
5992 fpl.debug.ni_pathlen = ndp->ni_pathlen;
5994 fpl.nulchar = &cnp->cn_nameptr[ndp->ni_pathlen - 1];
5995 fpl.fsearch = false;
5996 fpl.savename = (cnp->cn_flags & SAVENAME) != 0;
5997 fpl.tvp = NULL; /* for degenerate path handling */
5999 pwd = pwd_get_smr();
6001 ndp->ni_rootdir = pwd->pwd_rdir;
6002 ndp->ni_topdir = pwd->pwd_jdir;
6004 if (cnp->cn_pnbuf[0] == '/') {
6005 dvp = cache_fpl_handle_root(&fpl);
6006 MPASS(ndp->ni_resflags == 0);
6007 ndp->ni_resflags = NIRES_ABS;
6009 if (ndp->ni_dirfd == AT_FDCWD) {
6010 dvp = pwd->pwd_cdir;
6012 error = cache_fplookup_dirfd(&fpl, &dvp);
6013 if (__predict_false(error != 0)) {
6019 SDT_PROBE4(vfs, namei, lookup, entry, dvp, cnp->cn_pnbuf, cnp->cn_flags, true);
6020 error = cache_fplookup_impl(dvp, &fpl);
6022 cache_fpl_smr_assert_not_entered(&fpl);
6023 cache_fpl_assert_status(&fpl);
6024 *status = fpl.status;
6025 if (SDT_PROBES_ENABLED()) {
6026 SDT_PROBE3(vfs, fplookup, lookup, done, ndp, fpl.line, fpl.status);
6027 if (fpl.status == CACHE_FPL_STATUS_HANDLED)
6028 SDT_PROBE4(vfs, namei, lookup, return, error, ndp->ni_vp, true,
6032 if (__predict_true(fpl.status == CACHE_FPL_STATUS_HANDLED)) {
6033 MPASS(error != CACHE_FPL_FAILED);
6035 MPASS(fpl.dvp == NULL);
6036 MPASS(fpl.tvp == NULL);
6037 MPASS(fpl.savename == false);
6039 ndp->ni_dvp = fpl.dvp;
6040 ndp->ni_vp = fpl.tvp;
6042 cnp->cn_flags |= HASBUF;
6044 cache_fpl_cleanup_cnp(cnp);
projects / FreeBSD / FreeBSD.git / blob