2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include "opt_compat.h"
43 #include <sys/param.h>
44 #include <sys/systm.h>
47 #include <sys/sysent.h>
49 #include <sys/malloc.h>
50 #include <sys/mount.h>
51 #include <sys/mutex.h>
52 #include <sys/sysproto.h>
53 #include <sys/namei.h>
54 #include <sys/filedesc.h>
55 #include <sys/kernel.h>
56 #include <sys/fcntl.h>
58 #include <sys/limits.h>
59 #include <sys/linker.h>
62 #include <sys/unistd.h>
63 #include <sys/vnode.h>
65 #include <sys/dirent.h>
66 #include <sys/extattr.h>
68 #include <sys/syscallsubr.h>
69 #include <sys/sysctl.h>
71 #include <machine/stdarg.h>
73 #include <security/audit/audit.h>
76 #include <vm/vm_object.h>
77 #include <vm/vm_page.h>
80 static int chroot_refuse_vdir_fds(struct filedesc *fdp);
81 static int getutimes(const struct timeval *, enum uio_seg, struct timespec *);
82 static int setfown(struct thread *td, struct vnode *, uid_t, gid_t);
83 static int setfmode(struct thread *td, struct vnode *, int);
84 static int setfflags(struct thread *td, struct vnode *, int);
85 static int setutimes(struct thread *td, struct vnode *,
86 const struct timespec *, int, int);
87 static int vn_access(struct vnode *vp, int user_flags, struct ucred *cred,
90 static int extattr_list_vp(struct vnode *vp, int attrnamespace, void *data,
91 size_t nbytes, struct thread *td);
93 int (*union_dircheckp)(struct thread *td, struct vnode **, struct file *);
96 * The module initialization routine for POSIX asynchronous I/O will
97 * set this to the version of AIO that it implements. (Zero means
98 * that it is not implemented.) This value is used here by pathconf()
99 * and in kern_descrip.c by fpathconf().
101 int async_io_version;
104 * Sync each mounted filesystem.
106 #ifndef _SYS_SYSPROTO_H_
113 static int syncprt = 0;
114 SYSCTL_INT(_debug, OID_AUTO, syncprt, CTLFLAG_RW, &syncprt, 0, "");
121 struct sync_args *uap;
123 struct mount *mp, *nmp;
127 mtx_lock(&mountlist_mtx);
128 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
129 if (vfs_busy(mp, LK_NOWAIT, &mountlist_mtx, td)) {
130 nmp = TAILQ_NEXT(mp, mnt_list);
133 vfslocked = VFS_LOCK_GIANT(mp);
134 if ((mp->mnt_flag & MNT_RDONLY) == 0 &&
135 vn_start_write(NULL, &mp, V_NOWAIT) == 0) {
137 asyncflag = mp->mnt_flag & MNT_ASYNC;
138 mp->mnt_flag &= ~MNT_ASYNC;
140 vfs_msync(mp, MNT_NOWAIT);
141 VFS_SYNC(mp, MNT_NOWAIT, td);
143 mp->mnt_flag |= asyncflag;
145 vn_finished_write(mp);
147 VFS_UNLOCK_GIANT(vfslocked);
148 mtx_lock(&mountlist_mtx);
149 nmp = TAILQ_NEXT(mp, mnt_list);
152 mtx_unlock(&mountlist_mtx);
156 /* XXX PRISON: could be per prison flag */
157 static int prison_quotas;
159 SYSCTL_INT(_kern_prison, OID_AUTO, quotas, CTLFLAG_RW, &prison_quotas, 0, "");
163 * Change filesystem quotas.
167 #ifndef _SYS_SYSPROTO_H_
168 struct quotactl_args {
178 register struct quotactl_args /* {
185 struct mount *mp, *vmp;
190 AUDIT_ARG(cmd, uap->cmd);
191 AUDIT_ARG(uid, uap->uid);
192 if (jailed(td->td_ucred) && !prison_quotas)
194 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1,
195 UIO_USERSPACE, uap->path, td);
196 if ((error = namei(&nd)) != 0)
198 vfslocked = NDHASGIANT(&nd);
199 NDFREE(&nd, NDF_ONLY_PNBUF);
200 error = vn_start_write(nd.ni_vp, &vmp, V_WAIT | PCATCH);
201 mp = nd.ni_vp->v_mount;
205 error = VFS_QUOTACTL(mp, uap->cmd, uap->uid, uap->arg, td);
206 vn_finished_write(vmp);
208 VFS_UNLOCK_GIANT(vfslocked);
213 * Get filesystem statistics.
215 #ifndef _SYS_SYSPROTO_H_
224 register struct statfs_args /* {
232 error = kern_statfs(td, uap->path, UIO_USERSPACE, &sf);
234 error = copyout(&sf, uap->buf, sizeof(sf));
239 kern_statfs(struct thread *td, char *path, enum uio_seg pathseg,
243 struct statfs *sp, sb;
248 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
253 vfslocked = NDHASGIANT(&nd);
254 mp = nd.ni_vp->v_mount;
256 NDFREE(&nd, NDF_ONLY_PNBUF);
259 error = mac_check_mount_stat(td->td_ucred, mp);
264 * Set these in case the underlying filesystem fails to do so.
267 sp->f_version = STATFS_VERSION;
268 sp->f_namemax = NAME_MAX;
269 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
270 error = VFS_STATFS(mp, sp, td);
274 bcopy(sp, &sb, sizeof(sb));
275 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
276 prison_enforce_statfs(td->td_ucred, mp, &sb);
282 VFS_UNLOCK_GIANT(vfslocked);
283 if (mtx_owned(&Giant))
284 printf("statfs(%d): %s: %d\n", vfslocked, path, error);
289 * Get filesystem statistics.
291 #ifndef _SYS_SYSPROTO_H_
292 struct fstatfs_args {
300 register struct fstatfs_args /* {
308 error = kern_fstatfs(td, uap->fd, &sf);
310 error = copyout(&sf, uap->buf, sizeof(sf));
315 kern_fstatfs(struct thread *td, int fd, struct statfs *buf)
319 struct statfs *sp, sb;
325 error = getvnode(td->td_proc->p_fd, fd, &fp);
329 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
330 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
332 AUDIT_ARG(vnode, vp, ARG_VNODE1);
337 VOP_UNLOCK(vp, 0, td);
339 if (vp->v_iflag & VI_DOOMED) {
344 error = mac_check_mount_stat(td->td_ucred, mp);
349 * Set these in case the underlying filesystem fails to do so.
352 sp->f_version = STATFS_VERSION;
353 sp->f_namemax = NAME_MAX;
354 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
355 error = VFS_STATFS(mp, sp, td);
359 bcopy(sp, &sb, sizeof(sb));
360 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
361 prison_enforce_statfs(td->td_ucred, mp, &sb);
368 VFS_UNLOCK_GIANT(vfslocked);
373 * Get statistics on all filesystems.
375 #ifndef _SYS_SYSPROTO_H_
376 struct getfsstat_args {
385 register struct getfsstat_args /* {
392 return (kern_getfsstat(td, &uap->buf, uap->bufsize, UIO_USERSPACE,
397 * If (bufsize > 0 && bufseg == UIO_SYSSPACE)
398 * The caller is responsible for freeing memory which will be allocated
402 kern_getfsstat(struct thread *td, struct statfs **buf, size_t bufsize,
403 enum uio_seg bufseg, int flags)
405 struct mount *mp, *nmp;
406 struct statfs *sfsp, *sp, sb;
407 size_t count, maxcount;
411 maxcount = bufsize / sizeof(struct statfs);
414 else if (bufseg == UIO_USERSPACE)
416 else /* if (bufseg == UIO_SYSSPACE) */ {
418 mtx_lock(&mountlist_mtx);
419 TAILQ_FOREACH(mp, &mountlist, mnt_list) {
422 mtx_unlock(&mountlist_mtx);
423 if (maxcount > count)
425 sfsp = *buf = malloc(maxcount * sizeof(struct statfs), M_TEMP,
429 mtx_lock(&mountlist_mtx);
430 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
431 if (prison_canseemount(td->td_ucred, mp) != 0) {
432 nmp = TAILQ_NEXT(mp, mnt_list);
436 if (mac_check_mount_stat(td->td_ucred, mp) != 0) {
437 nmp = TAILQ_NEXT(mp, mnt_list);
441 if (vfs_busy(mp, LK_NOWAIT, &mountlist_mtx, td)) {
442 nmp = TAILQ_NEXT(mp, mnt_list);
445 vfslocked = VFS_LOCK_GIANT(mp);
446 if (sfsp && count < maxcount) {
449 * Set these in case the underlying filesystem
452 sp->f_version = STATFS_VERSION;
453 sp->f_namemax = NAME_MAX;
454 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
456 * If MNT_NOWAIT or MNT_LAZY is specified, do not
457 * refresh the fsstat cache. MNT_NOWAIT or MNT_LAZY
458 * overrides MNT_WAIT.
460 if (((flags & (MNT_LAZY|MNT_NOWAIT)) == 0 ||
461 (flags & MNT_WAIT)) &&
462 (error = VFS_STATFS(mp, sp, td))) {
463 VFS_UNLOCK_GIANT(vfslocked);
464 mtx_lock(&mountlist_mtx);
465 nmp = TAILQ_NEXT(mp, mnt_list);
470 bcopy(sp, &sb, sizeof(sb));
471 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
472 prison_enforce_statfs(td->td_ucred, mp, &sb);
475 if (bufseg == UIO_SYSSPACE)
476 bcopy(sp, sfsp, sizeof(*sp));
477 else /* if (bufseg == UIO_USERSPACE) */ {
478 error = copyout(sp, sfsp, sizeof(*sp));
481 VFS_UNLOCK_GIANT(vfslocked);
487 VFS_UNLOCK_GIANT(vfslocked);
489 mtx_lock(&mountlist_mtx);
490 nmp = TAILQ_NEXT(mp, mnt_list);
493 mtx_unlock(&mountlist_mtx);
494 if (sfsp && count > maxcount)
495 td->td_retval[0] = maxcount;
497 td->td_retval[0] = count;
501 #ifdef COMPAT_FREEBSD4
503 * Get old format filesystem statistics.
505 static void cvtstatfs(struct statfs *, struct ostatfs *);
507 #ifndef _SYS_SYSPROTO_H_
508 struct freebsd4_statfs_args {
514 freebsd4_statfs(td, uap)
516 struct freebsd4_statfs_args /* {
525 error = kern_statfs(td, uap->path, UIO_USERSPACE, &sf);
528 cvtstatfs(&sf, &osb);
529 return (copyout(&osb, uap->buf, sizeof(osb)));
533 * Get filesystem statistics.
535 #ifndef _SYS_SYSPROTO_H_
536 struct freebsd4_fstatfs_args {
542 freebsd4_fstatfs(td, uap)
544 struct freebsd4_fstatfs_args /* {
553 error = kern_fstatfs(td, uap->fd, &sf);
556 cvtstatfs(&sf, &osb);
557 return (copyout(&osb, uap->buf, sizeof(osb)));
561 * Get statistics on all filesystems.
563 #ifndef _SYS_SYSPROTO_H_
564 struct freebsd4_getfsstat_args {
571 freebsd4_getfsstat(td, uap)
573 register struct freebsd4_getfsstat_args /* {
579 struct statfs *buf, *sp;
584 count = uap->bufsize / sizeof(struct ostatfs);
585 size = count * sizeof(struct statfs);
586 error = kern_getfsstat(td, &buf, size, UIO_SYSSPACE, uap->flags);
588 count = td->td_retval[0];
590 while (count > 0 && error == 0) {
592 error = copyout(&osb, uap->buf, sizeof(osb));
603 * Implement fstatfs() for (NFS) file handles.
605 #ifndef _SYS_SYSPROTO_H_
606 struct freebsd4_fhstatfs_args {
607 struct fhandle *u_fhp;
612 freebsd4_fhstatfs(td, uap)
614 struct freebsd4_fhstatfs_args /* {
615 struct fhandle *u_fhp;
624 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
627 error = kern_fhstatfs(td, fh, &sf);
630 cvtstatfs(&sf, &osb);
631 return (copyout(&osb, uap->buf, sizeof(osb)));
635 * Convert a new format statfs structure to an old format statfs structure.
643 bzero(osp, sizeof(*osp));
644 osp->f_bsize = MIN(nsp->f_bsize, LONG_MAX);
645 osp->f_iosize = MIN(nsp->f_iosize, LONG_MAX);
646 osp->f_blocks = MIN(nsp->f_blocks, LONG_MAX);
647 osp->f_bfree = MIN(nsp->f_bfree, LONG_MAX);
648 osp->f_bavail = MIN(nsp->f_bavail, LONG_MAX);
649 osp->f_files = MIN(nsp->f_files, LONG_MAX);
650 osp->f_ffree = MIN(nsp->f_ffree, LONG_MAX);
651 osp->f_owner = nsp->f_owner;
652 osp->f_type = nsp->f_type;
653 osp->f_flags = nsp->f_flags;
654 osp->f_syncwrites = MIN(nsp->f_syncwrites, LONG_MAX);
655 osp->f_asyncwrites = MIN(nsp->f_asyncwrites, LONG_MAX);
656 osp->f_syncreads = MIN(nsp->f_syncreads, LONG_MAX);
657 osp->f_asyncreads = MIN(nsp->f_asyncreads, LONG_MAX);
658 strlcpy(osp->f_fstypename, nsp->f_fstypename,
659 MIN(MFSNAMELEN, OMFSNAMELEN));
660 strlcpy(osp->f_mntonname, nsp->f_mntonname,
661 MIN(MNAMELEN, OMNAMELEN));
662 strlcpy(osp->f_mntfromname, nsp->f_mntfromname,
663 MIN(MNAMELEN, OMNAMELEN));
664 osp->f_fsid = nsp->f_fsid;
666 #endif /* COMPAT_FREEBSD4 */
669 * Change current working directory to a given file descriptor.
671 #ifndef _SYS_SYSPROTO_H_
679 struct fchdir_args /* {
683 register struct filedesc *fdp = td->td_proc->p_fd;
684 struct vnode *vp, *tdp, *vpold;
690 AUDIT_ARG(fd, uap->fd);
691 if ((error = getvnode(fdp, uap->fd, &fp)) != 0)
696 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
697 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
698 AUDIT_ARG(vnode, vp, ARG_VNODE1);
699 error = change_dir(vp, td);
700 while (!error && (mp = vp->v_mountedhere) != NULL) {
702 if (vfs_busy(mp, 0, 0, td))
704 tvfslocked = VFS_LOCK_GIANT(mp);
705 error = VFS_ROOT(mp, LK_EXCLUSIVE, &tdp, td);
708 VFS_UNLOCK_GIANT(tvfslocked);
712 VFS_UNLOCK_GIANT(vfslocked);
714 vfslocked = tvfslocked;
718 VFS_UNLOCK_GIANT(vfslocked);
721 VOP_UNLOCK(vp, 0, td);
722 VFS_UNLOCK_GIANT(vfslocked);
723 FILEDESC_LOCK_FAST(fdp);
724 vpold = fdp->fd_cdir;
726 FILEDESC_UNLOCK_FAST(fdp);
727 vfslocked = VFS_LOCK_GIANT(vpold->v_mount);
729 VFS_UNLOCK_GIANT(vfslocked);
734 * Change current working directory (``.'').
736 #ifndef _SYS_SYSPROTO_H_
744 struct chdir_args /* {
749 return (kern_chdir(td, uap->path, UIO_USERSPACE));
753 kern_chdir(struct thread *td, char *path, enum uio_seg pathseg)
755 register struct filedesc *fdp = td->td_proc->p_fd;
761 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1 | MPSAFE,
763 if ((error = namei(&nd)) != 0)
765 vfslocked = NDHASGIANT(&nd);
766 if ((error = change_dir(nd.ni_vp, td)) != 0) {
768 VFS_UNLOCK_GIANT(vfslocked);
769 NDFREE(&nd, NDF_ONLY_PNBUF);
772 VOP_UNLOCK(nd.ni_vp, 0, td);
773 VFS_UNLOCK_GIANT(vfslocked);
774 NDFREE(&nd, NDF_ONLY_PNBUF);
775 FILEDESC_LOCK_FAST(fdp);
777 fdp->fd_cdir = nd.ni_vp;
778 FILEDESC_UNLOCK_FAST(fdp);
779 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
781 VFS_UNLOCK_GIANT(vfslocked);
786 * Helper function for raised chroot(2) security function: Refuse if
787 * any filedescriptors are open directories.
790 chroot_refuse_vdir_fds(fdp)
791 struct filedesc *fdp;
797 FILEDESC_LOCK_ASSERT(fdp, MA_OWNED);
798 for (fd = 0; fd < fdp->fd_nfiles ; fd++) {
799 fp = fget_locked(fdp, fd);
802 if (fp->f_type == DTYPE_VNODE) {
804 if (vp->v_type == VDIR)
812 * This sysctl determines if we will allow a process to chroot(2) if it
813 * has a directory open:
814 * 0: disallowed for all processes.
815 * 1: allowed for processes that were not already chroot(2)'ed.
816 * 2: allowed for all processes.
819 static int chroot_allow_open_directories = 1;
821 SYSCTL_INT(_kern, OID_AUTO, chroot_allow_open_directories, CTLFLAG_RW,
822 &chroot_allow_open_directories, 0, "");
825 * Change notion of root (``/'') directory.
827 #ifndef _SYS_SYSPROTO_H_
835 struct chroot_args /* {
843 error = suser_cred(td->td_ucred, SUSER_ALLOWJAIL);
846 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
847 UIO_USERSPACE, uap->path, td);
851 vfslocked = NDHASGIANT(&nd);
852 if ((error = change_dir(nd.ni_vp, td)) != 0)
855 if ((error = mac_check_vnode_chroot(td->td_ucred, nd.ni_vp)))
858 VOP_UNLOCK(nd.ni_vp, 0, td);
859 error = change_root(nd.ni_vp, td);
861 VFS_UNLOCK_GIANT(vfslocked);
862 NDFREE(&nd, NDF_ONLY_PNBUF);
866 VFS_UNLOCK_GIANT(vfslocked);
868 NDFREE(&nd, NDF_ONLY_PNBUF);
873 * Common routine for chroot and chdir. Callers must provide a locked vnode
883 ASSERT_VOP_LOCKED(vp, "change_dir(): vp not locked");
884 if (vp->v_type != VDIR)
887 error = mac_check_vnode_chdir(td->td_ucred, vp);
891 error = VOP_ACCESS(vp, VEXEC, td->td_ucred, td);
896 * Common routine for kern_chroot() and jail_attach(). The caller is
897 * responsible for invoking suser() and mac_check_chroot() to authorize this
905 struct filedesc *fdp;
910 VFS_ASSERT_GIANT(vp->v_mount);
911 fdp = td->td_proc->p_fd;
913 if (chroot_allow_open_directories == 0 ||
914 (chroot_allow_open_directories == 1 && fdp->fd_rdir != rootvnode)) {
915 error = chroot_refuse_vdir_fds(fdp);
917 FILEDESC_UNLOCK(fdp);
921 oldvp = fdp->fd_rdir;
928 FILEDESC_UNLOCK(fdp);
929 vfslocked = VFS_LOCK_GIANT(oldvp->v_mount);
931 VFS_UNLOCK_GIANT(vfslocked);
936 * Check permissions, allocate an open file structure,
937 * and call the device open routine if any.
941 #ifndef _SYS_SYSPROTO_H_
951 register struct open_args /* {
958 return kern_open(td, uap->path, UIO_USERSPACE, uap->flags, uap->mode);
962 kern_open(struct thread *td, char *path, enum uio_seg pathseg, int flags,
965 struct proc *p = td->td_proc;
966 struct filedesc *fdp = p->p_fd;
973 int type, indx, error;
978 AUDIT_ARG(fflags, flags);
979 AUDIT_ARG(mode, mode);
980 if ((flags & O_ACCMODE) == O_ACCMODE)
982 flags = FFLAGS(flags);
983 error = falloc(td, &nfp, &indx);
986 /* An extra reference on `nfp' has been held for us by falloc(). */
988 cmode = ((mode &~ fdp->fd_cmask) & ALLPERMS) &~ S_ISTXT;
989 NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1 | MPSAFE, pathseg, path, td);
990 td->td_dupfd = -1; /* XXX check for fdopen */
991 error = vn_open(&nd, &flags, cmode, indx);
994 * If the vn_open replaced the method vector, something
995 * wonderous happened deep below and we just pass it up
996 * pretending we know what we do.
998 if (error == ENXIO && fp->f_ops != &badfileops) {
1000 td->td_retval[0] = indx;
1005 * release our own reference
1010 * handle special fdopen() case. bleh. dupfdopen() is
1011 * responsible for dropping the old contents of ofiles[indx]
1014 if ((error == ENODEV || error == ENXIO) &&
1015 td->td_dupfd >= 0 && /* XXX from fdopen */
1017 dupfdopen(td, fdp, indx, td->td_dupfd, flags, error)) == 0) {
1018 td->td_retval[0] = indx;
1022 * Clean up the descriptor, but only if another thread hadn't
1023 * replaced or closed it.
1025 fdclose(fdp, fp, indx, td);
1027 if (error == ERESTART)
1032 vfslocked = NDHASGIANT(&nd);
1033 NDFREE(&nd, NDF_ONLY_PNBUF);
1037 * There should be 2 references on the file, one from the descriptor
1038 * table, and one for us.
1040 * Handle the case where someone closed the file (via its file
1041 * descriptor) while we were blocked. The end result should look
1042 * like opening the file succeeded but it was immediately closed.
1043 * We call vn_close() manually because we haven't yet hooked up
1044 * the various 'struct file' fields.
1048 if (fp->f_count == 1) {
1050 KASSERT(fdp->fd_ofiles[indx] != fp,
1051 ("Open file descriptor lost all refs"));
1053 FILEDESC_UNLOCK(fdp);
1054 VOP_UNLOCK(vp, 0, td);
1055 vn_close(vp, flags & FMASK, fp->f_cred, td);
1056 VFS_UNLOCK_GIANT(vfslocked);
1058 td->td_retval[0] = indx;
1062 if (fp->f_data == NULL)
1064 fp->f_flag = flags & FMASK;
1065 if (fp->f_ops == &badfileops)
1068 fp->f_type = (vp->v_type == VFIFO ? DTYPE_FIFO : DTYPE_VNODE);
1070 FILEDESC_UNLOCK(fdp);
1072 VOP_UNLOCK(vp, 0, td);
1073 if (flags & (O_EXLOCK | O_SHLOCK)) {
1074 lf.l_whence = SEEK_SET;
1077 if (flags & O_EXLOCK)
1078 lf.l_type = F_WRLCK;
1080 lf.l_type = F_RDLCK;
1082 if ((flags & FNONBLOCK) == 0)
1084 if ((error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf,
1087 fp->f_flag |= FHASLOCK;
1089 if (flags & O_TRUNC) {
1090 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
1092 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
1095 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
1097 error = mac_check_vnode_write(td->td_ucred, fp->f_cred, vp);
1100 error = VOP_SETATTR(vp, &vat, td->td_ucred, td);
1101 VOP_UNLOCK(vp, 0, td);
1102 vn_finished_write(mp);
1106 VFS_UNLOCK_GIANT(vfslocked);
1108 * Release our private reference, leaving the one associated with
1109 * the descriptor table intact.
1112 td->td_retval[0] = indx;
1115 VFS_UNLOCK_GIANT(vfslocked);
1116 fdclose(fdp, fp, indx, td);
1127 #ifndef _SYS_SYSPROTO_H_
1128 struct ocreat_args {
1136 register struct ocreat_args /* {
1142 return (kern_open(td, uap->path, UIO_USERSPACE,
1143 O_WRONLY | O_CREAT | O_TRUNC, uap->mode));
1145 #endif /* COMPAT_43 */
1148 * Create a special file.
1150 #ifndef _SYS_SYSPROTO_H_
1160 register struct mknod_args /* {
1167 return (kern_mknod(td, uap->path, UIO_USERSPACE, uap->mode, uap->dev));
1171 kern_mknod(struct thread *td, char *path, enum uio_seg pathseg, int mode,
1179 struct nameidata nd;
1182 AUDIT_ARG(mode, mode);
1183 AUDIT_ARG(dev, dev);
1184 switch (mode & S_IFMT) {
1190 error = suser_cred(td->td_ucred, SUSER_ALLOWJAIL);
1197 NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1,
1199 if ((error = namei(&nd)) != 0)
1201 vfslocked = NDHASGIANT(&nd);
1204 NDFREE(&nd, NDF_ONLY_PNBUF);
1205 if (vp == nd.ni_dvp)
1210 VFS_UNLOCK_GIANT(vfslocked);
1214 FILEDESC_LOCK_FAST(td->td_proc->p_fd);
1215 vattr.va_mode = (mode & ALLPERMS) &
1216 ~td->td_proc->p_fd->fd_cmask;
1217 FILEDESC_UNLOCK_FAST(td->td_proc->p_fd);
1218 vattr.va_rdev = dev;
1221 switch (mode & S_IFMT) {
1222 case S_IFMT: /* used by badsect to flag bad sectors */
1223 vattr.va_type = VBAD;
1226 vattr.va_type = VCHR;
1229 vattr.va_type = VBLK;
1239 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1240 NDFREE(&nd, NDF_ONLY_PNBUF);
1242 VFS_UNLOCK_GIANT(vfslocked);
1243 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1248 if (error == 0 && !whiteout)
1249 error = mac_check_vnode_create(td->td_ucred, nd.ni_dvp,
1250 &nd.ni_cnd, &vattr);
1253 VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
1255 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, CREATE);
1257 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp,
1258 &nd.ni_cnd, &vattr);
1263 NDFREE(&nd, NDF_ONLY_PNBUF);
1265 vn_finished_write(mp);
1266 VFS_UNLOCK_GIANT(vfslocked);
1271 * Create a named pipe.
1273 #ifndef _SYS_SYSPROTO_H_
1274 struct mkfifo_args {
1282 register struct mkfifo_args /* {
1288 return (kern_mkfifo(td, uap->path, UIO_USERSPACE, uap->mode));
1292 kern_mkfifo(struct thread *td, char *path, enum uio_seg pathseg, int mode)
1297 struct nameidata nd;
1300 AUDIT_ARG(mode, mode);
1303 NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1,
1305 if ((error = namei(&nd)) != 0)
1307 vfslocked = NDHASGIANT(&nd);
1308 if (nd.ni_vp != NULL) {
1309 NDFREE(&nd, NDF_ONLY_PNBUF);
1310 if (nd.ni_vp == nd.ni_dvp)
1315 VFS_UNLOCK_GIANT(vfslocked);
1318 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1319 NDFREE(&nd, NDF_ONLY_PNBUF);
1321 VFS_UNLOCK_GIANT(vfslocked);
1322 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1327 vattr.va_type = VFIFO;
1328 FILEDESC_LOCK_FAST(td->td_proc->p_fd);
1329 vattr.va_mode = (mode & ALLPERMS) & ~td->td_proc->p_fd->fd_cmask;
1330 FILEDESC_UNLOCK_FAST(td->td_proc->p_fd);
1332 error = mac_check_vnode_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1337 VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
1338 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
1345 vn_finished_write(mp);
1346 VFS_UNLOCK_GIANT(vfslocked);
1347 NDFREE(&nd, NDF_ONLY_PNBUF);
1352 * Make a hard file link.
1354 #ifndef _SYS_SYSPROTO_H_
1363 register struct link_args /* {
1370 error = kern_link(td, uap->path, uap->link, UIO_USERSPACE);
1374 static int hardlink_check_uid = 0;
1375 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_uid, CTLFLAG_RW,
1376 &hardlink_check_uid, 0,
1377 "Unprivileged processes cannot create hard links to files owned by other "
1379 static int hardlink_check_gid = 0;
1380 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_gid, CTLFLAG_RW,
1381 &hardlink_check_gid, 0,
1382 "Unprivileged processes cannot create hard links to files owned by other "
1386 can_hardlink(struct vnode *vp, struct thread *td, struct ucred *cred)
1391 if (suser_cred(cred, SUSER_ALLOWJAIL) == 0)
1394 if (!hardlink_check_uid && !hardlink_check_gid)
1397 error = VOP_GETATTR(vp, &va, cred, td);
1401 if (hardlink_check_uid) {
1402 if (cred->cr_uid != va.va_uid)
1406 if (hardlink_check_gid) {
1407 if (!groupmember(va.va_gid, cred))
1415 kern_link(struct thread *td, char *path, char *link, enum uio_seg segflg)
1419 struct nameidata nd;
1425 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, segflg, path, td);
1426 if ((error = namei(&nd)) != 0)
1428 vfslocked = NDHASGIANT(&nd);
1429 NDFREE(&nd, NDF_ONLY_PNBUF);
1431 if (vp->v_type == VDIR) {
1433 VFS_UNLOCK_GIANT(vfslocked);
1434 return (EPERM); /* POSIX */
1436 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0) {
1438 VFS_UNLOCK_GIANT(vfslocked);
1441 NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE2,
1443 if ((error = namei(&nd)) == 0) {
1444 lvfslocked = NDHASGIANT(&nd);
1445 if (nd.ni_vp != NULL) {
1446 if (nd.ni_dvp == nd.ni_vp)
1452 } else if ((error = vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td))
1454 VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
1455 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
1456 error = can_hardlink(vp, td, td->td_ucred);
1459 error = mac_check_vnode_link(td->td_ucred,
1460 nd.ni_dvp, vp, &nd.ni_cnd);
1463 error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
1464 VOP_UNLOCK(vp, 0, td);
1467 NDFREE(&nd, NDF_ONLY_PNBUF);
1468 VFS_UNLOCK_GIANT(lvfslocked);
1471 vn_finished_write(mp);
1472 VFS_UNLOCK_GIANT(vfslocked);
1477 * Make a symbolic link.
1479 #ifndef _SYS_SYSPROTO_H_
1480 struct symlink_args {
1488 register struct symlink_args /* {
1494 return (kern_symlink(td, uap->path, uap->link, UIO_USERSPACE));
1498 kern_symlink(struct thread *td, char *path, char *link, enum uio_seg segflg)
1504 struct nameidata nd;
1507 if (segflg == UIO_SYSSPACE) {
1510 syspath = uma_zalloc(namei_zone, M_WAITOK);
1511 if ((error = copyinstr(path, syspath, MAXPATHLEN, NULL)) != 0)
1514 AUDIT_ARG(text, syspath);
1517 NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1,
1519 if ((error = namei(&nd)) != 0)
1521 vfslocked = NDHASGIANT(&nd);
1523 NDFREE(&nd, NDF_ONLY_PNBUF);
1524 if (nd.ni_vp == nd.ni_dvp)
1529 VFS_UNLOCK_GIANT(vfslocked);
1533 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1534 NDFREE(&nd, NDF_ONLY_PNBUF);
1536 VFS_UNLOCK_GIANT(vfslocked);
1537 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1542 FILEDESC_LOCK_FAST(td->td_proc->p_fd);
1543 vattr.va_mode = ACCESSPERMS &~ td->td_proc->p_fd->fd_cmask;
1544 FILEDESC_UNLOCK_FAST(td->td_proc->p_fd);
1546 vattr.va_type = VLNK;
1547 error = mac_check_vnode_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1552 VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
1553 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr, syspath);
1559 NDFREE(&nd, NDF_ONLY_PNBUF);
1561 vn_finished_write(mp);
1562 VFS_UNLOCK_GIANT(vfslocked);
1564 if (segflg != UIO_SYSSPACE)
1565 uma_zfree(namei_zone, syspath);
1570 * Delete a whiteout from the filesystem.
1575 register struct undelete_args /* {
1581 struct nameidata nd;
1586 NDINIT(&nd, DELETE, LOCKPARENT | DOWHITEOUT | MPSAFE | AUDITVNODE1,
1587 UIO_USERSPACE, uap->path, td);
1591 vfslocked = NDHASGIANT(&nd);
1593 if (nd.ni_vp != NULLVP || !(nd.ni_cnd.cn_flags & ISWHITEOUT)) {
1594 NDFREE(&nd, NDF_ONLY_PNBUF);
1595 if (nd.ni_vp == nd.ni_dvp)
1601 VFS_UNLOCK_GIANT(vfslocked);
1604 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1605 NDFREE(&nd, NDF_ONLY_PNBUF);
1607 VFS_UNLOCK_GIANT(vfslocked);
1608 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1612 VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
1613 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, DELETE);
1614 NDFREE(&nd, NDF_ONLY_PNBUF);
1616 vn_finished_write(mp);
1617 VFS_UNLOCK_GIANT(vfslocked);
1622 * Delete a name from the filesystem.
1624 #ifndef _SYS_SYSPROTO_H_
1625 struct unlink_args {
1632 struct unlink_args /* {
1638 error = kern_unlink(td, uap->path, UIO_USERSPACE);
1643 kern_unlink(struct thread *td, char *path, enum uio_seg pathseg)
1648 struct nameidata nd;
1653 NDINIT(&nd, DELETE, LOCKPARENT | LOCKLEAF | MPSAFE | AUDITVNODE1,
1655 if ((error = namei(&nd)) != 0)
1656 return (error == EINVAL ? EPERM : error);
1657 vfslocked = NDHASGIANT(&nd);
1659 if (vp->v_type == VDIR)
1660 error = EPERM; /* POSIX */
1663 * The root of a mounted filesystem cannot be deleted.
1665 * XXX: can this only be a VDIR case?
1667 if (vp->v_vflag & VV_ROOT)
1671 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1672 NDFREE(&nd, NDF_ONLY_PNBUF);
1674 if (vp == nd.ni_dvp)
1678 VFS_UNLOCK_GIANT(vfslocked);
1679 if ((error = vn_start_write(NULL, &mp,
1680 V_XSLEEP | PCATCH)) != 0)
1685 error = mac_check_vnode_delete(td->td_ucred, nd.ni_dvp, vp,
1690 VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
1691 error = VOP_REMOVE(nd.ni_dvp, vp, &nd.ni_cnd);
1695 vn_finished_write(mp);
1697 NDFREE(&nd, NDF_ONLY_PNBUF);
1699 if (vp == nd.ni_dvp)
1703 VFS_UNLOCK_GIANT(vfslocked);
1708 * Reposition read/write file offset.
1710 #ifndef _SYS_SYSPROTO_H_
1721 register struct lseek_args /* {
1728 struct ucred *cred = td->td_ucred;
1736 if ((error = fget(td, uap->fd, &fp)) != 0)
1738 if (!(fp->f_ops->fo_flags & DFLAG_SEEKABLE)) {
1743 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
1744 noneg = (vp->v_type != VCHR);
1745 offset = uap->offset;
1746 switch (uap->whence) {
1749 (fp->f_offset < 0 ||
1750 (offset > 0 && fp->f_offset > OFF_MAX - offset))) {
1754 offset += fp->f_offset;
1757 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
1758 error = VOP_GETATTR(vp, &vattr, cred, td);
1759 VOP_UNLOCK(vp, 0, td);
1763 (vattr.va_size > OFF_MAX ||
1764 (offset > 0 && vattr.va_size > OFF_MAX - offset))) {
1768 offset += vattr.va_size;
1775 if (error == 0 && noneg && offset < 0)
1779 fp->f_offset = offset;
1780 *(off_t *)(td->td_retval) = fp->f_offset;
1783 VFS_UNLOCK_GIANT(vfslocked);
1787 #if defined(COMPAT_43)
1789 * Reposition read/write file offset.
1791 #ifndef _SYS_SYSPROTO_H_
1792 struct olseek_args {
1801 register struct olseek_args /* {
1807 struct lseek_args /* {
1816 nuap.offset = uap->offset;
1817 nuap.whence = uap->whence;
1818 error = lseek(td, &nuap);
1821 #endif /* COMPAT_43 */
1824 * Check access permissions using passed credentials.
1827 vn_access(vp, user_flags, cred, td)
1835 /* Flags == 0 means only check for existence. */
1839 if (user_flags & R_OK)
1841 if (user_flags & W_OK)
1843 if (user_flags & X_OK)
1846 error = mac_check_vnode_access(cred, vp, flags);
1850 if ((flags & VWRITE) == 0 || (error = vn_writechk(vp)) == 0)
1851 error = VOP_ACCESS(vp, flags, cred, td);
1857 * Check access permissions using "real" credentials.
1859 #ifndef _SYS_SYSPROTO_H_
1860 struct access_args {
1868 register struct access_args /* {
1874 return (kern_access(td, uap->path, UIO_USERSPACE, uap->flags));
1878 kern_access(struct thread *td, char *path, enum uio_seg pathseg, int flags)
1880 struct ucred *cred, *tmpcred;
1881 register struct vnode *vp;
1882 struct nameidata nd;
1887 * Create and modify a temporary credential instead of one that
1888 * is potentially shared. This could also mess up socket
1889 * buffer accounting which can run in an interrupt context.
1891 cred = td->td_ucred;
1892 tmpcred = crdup(cred);
1893 tmpcred->cr_uid = cred->cr_ruid;
1894 tmpcred->cr_groups[0] = cred->cr_rgid;
1895 td->td_ucred = tmpcred;
1896 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
1898 if ((error = namei(&nd)) != 0)
1900 vfslocked = NDHASGIANT(&nd);
1903 error = vn_access(vp, flags, tmpcred, td);
1904 NDFREE(&nd, NDF_ONLY_PNBUF);
1906 VFS_UNLOCK_GIANT(vfslocked);
1908 td->td_ucred = cred;
1914 * Check access permissions using "effective" credentials.
1916 #ifndef _SYS_SYSPROTO_H_
1917 struct eaccess_args {
1925 register struct eaccess_args /* {
1931 return (kern_eaccess(td, uap->path, UIO_USERSPACE, uap->flags));
1935 kern_eaccess(struct thread *td, char *path, enum uio_seg pathseg, int flags)
1937 struct nameidata nd;
1942 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
1944 if ((error = namei(&nd)) != 0)
1947 vfslocked = NDHASGIANT(&nd);
1948 error = vn_access(vp, flags, td->td_ucred, td);
1949 NDFREE(&nd, NDF_ONLY_PNBUF);
1951 VFS_UNLOCK_GIANT(vfslocked);
1955 #if defined(COMPAT_43)
1957 * Get file status; this version follows links.
1959 #ifndef _SYS_SYSPROTO_H_
1968 register struct ostat_args /* {
1977 error = kern_stat(td, uap->path, UIO_USERSPACE, &sb);
1981 error = copyout(&osb, uap->ub, sizeof (osb));
1986 * Get file status; this version does not follow links.
1988 #ifndef _SYS_SYSPROTO_H_
1989 struct olstat_args {
1997 register struct olstat_args /* {
2006 error = kern_lstat(td, uap->path, UIO_USERSPACE, &sb);
2010 error = copyout(&osb, uap->ub, sizeof (osb));
2015 * Convert from an old to a new stat structure.
2023 ost->st_dev = st->st_dev;
2024 ost->st_ino = st->st_ino;
2025 ost->st_mode = st->st_mode;
2026 ost->st_nlink = st->st_nlink;
2027 ost->st_uid = st->st_uid;
2028 ost->st_gid = st->st_gid;
2029 ost->st_rdev = st->st_rdev;
2030 if (st->st_size < (quad_t)1 << 32)
2031 ost->st_size = st->st_size;
2034 ost->st_atime = st->st_atime;
2035 ost->st_mtime = st->st_mtime;
2036 ost->st_ctime = st->st_ctime;
2037 ost->st_blksize = st->st_blksize;
2038 ost->st_blocks = st->st_blocks;
2039 ost->st_flags = st->st_flags;
2040 ost->st_gen = st->st_gen;
2042 #endif /* COMPAT_43 */
2045 * Get file status; this version follows links.
2047 #ifndef _SYS_SYSPROTO_H_
2056 register struct stat_args /* {
2064 error = kern_stat(td, uap->path, UIO_USERSPACE, &sb);
2066 error = copyout(&sb, uap->ub, sizeof (sb));
2071 kern_stat(struct thread *td, char *path, enum uio_seg pathseg, struct stat *sbp)
2073 struct nameidata nd;
2075 int error, vfslocked;
2078 FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE | AUDITVNODE1,
2080 if ((error = namei(&nd)) != 0)
2082 vfslocked = NDHASGIANT(&nd);
2083 error = vn_stat(nd.ni_vp, &sb, td->td_ucred, NOCRED, td);
2084 NDFREE(&nd, NDF_ONLY_PNBUF);
2086 VFS_UNLOCK_GIANT(vfslocked);
2087 if (mtx_owned(&Giant))
2088 printf("stat(%d): %s\n", vfslocked, path);
2096 * Get file status; this version does not follow links.
2098 #ifndef _SYS_SYSPROTO_H_
2107 register struct lstat_args /* {
2115 error = kern_lstat(td, uap->path, UIO_USERSPACE, &sb);
2117 error = copyout(&sb, uap->ub, sizeof (sb));
2122 kern_lstat(struct thread *td, char *path, enum uio_seg pathseg, struct stat *sbp)
2126 struct nameidata nd;
2127 int error, vfslocked;
2130 NOFOLLOW | LOCKLEAF | LOCKSHARED | MPSAFE | AUDITVNODE1,
2132 if ((error = namei(&nd)) != 0)
2134 vfslocked = NDHASGIANT(&nd);
2136 error = vn_stat(vp, &sb, td->td_ucred, NOCRED, td);
2137 NDFREE(&nd, NDF_ONLY_PNBUF);
2139 VFS_UNLOCK_GIANT(vfslocked);
2147 * Implementation of the NetBSD [l]stat() functions.
2154 bzero(nsb, sizeof *nsb);
2155 nsb->st_dev = sb->st_dev;
2156 nsb->st_ino = sb->st_ino;
2157 nsb->st_mode = sb->st_mode;
2158 nsb->st_nlink = sb->st_nlink;
2159 nsb->st_uid = sb->st_uid;
2160 nsb->st_gid = sb->st_gid;
2161 nsb->st_rdev = sb->st_rdev;
2162 nsb->st_atimespec = sb->st_atimespec;
2163 nsb->st_mtimespec = sb->st_mtimespec;
2164 nsb->st_ctimespec = sb->st_ctimespec;
2165 nsb->st_size = sb->st_size;
2166 nsb->st_blocks = sb->st_blocks;
2167 nsb->st_blksize = sb->st_blksize;
2168 nsb->st_flags = sb->st_flags;
2169 nsb->st_gen = sb->st_gen;
2170 nsb->st_birthtimespec = sb->st_birthtimespec;
2173 #ifndef _SYS_SYSPROTO_H_
2182 register struct nstat_args /* {
2191 error = kern_stat(td, uap->path, UIO_USERSPACE, &sb);
2194 cvtnstat(&sb, &nsb);
2195 error = copyout(&nsb, uap->ub, sizeof (nsb));
2200 * NetBSD lstat. Get file status; this version does not follow links.
2202 #ifndef _SYS_SYSPROTO_H_
2211 register struct nlstat_args /* {
2220 error = kern_lstat(td, uap->path, UIO_USERSPACE, &sb);
2223 cvtnstat(&sb, &nsb);
2224 error = copyout(&nsb, uap->ub, sizeof (nsb));
2229 * Get configurable pathname variables.
2231 #ifndef _SYS_SYSPROTO_H_
2232 struct pathconf_args {
2240 register struct pathconf_args /* {
2246 return (kern_pathconf(td, uap->path, UIO_USERSPACE, uap->name));
2250 kern_pathconf(struct thread *td, char *path, enum uio_seg pathseg, int name)
2252 struct nameidata nd;
2253 int error, vfslocked;
2255 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
2257 if ((error = namei(&nd)) != 0)
2259 vfslocked = NDHASGIANT(&nd);
2260 NDFREE(&nd, NDF_ONLY_PNBUF);
2262 /* If asynchronous I/O is available, it works for all files. */
2263 if (name == _PC_ASYNC_IO)
2264 td->td_retval[0] = async_io_version;
2266 error = VOP_PATHCONF(nd.ni_vp, name, td->td_retval);
2268 VFS_UNLOCK_GIANT(vfslocked);
2273 * Return target name of a symbolic link.
2275 #ifndef _SYS_SYSPROTO_H_
2276 struct readlink_args {
2285 register struct readlink_args /* {
2292 return (kern_readlink(td, uap->path, UIO_USERSPACE, uap->buf,
2293 UIO_USERSPACE, uap->count));
2297 kern_readlink(struct thread *td, char *path, enum uio_seg pathseg, char *buf,
2298 enum uio_seg bufseg, int count)
2300 register struct vnode *vp;
2304 struct nameidata nd;
2307 NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
2309 if ((error = namei(&nd)) != 0)
2311 NDFREE(&nd, NDF_ONLY_PNBUF);
2312 vfslocked = NDHASGIANT(&nd);
2315 error = mac_check_vnode_readlink(td->td_ucred, vp);
2318 VFS_UNLOCK_GIANT(vfslocked);
2322 if (vp->v_type != VLNK)
2325 aiov.iov_base = buf;
2326 aiov.iov_len = count;
2327 auio.uio_iov = &aiov;
2328 auio.uio_iovcnt = 1;
2329 auio.uio_offset = 0;
2330 auio.uio_rw = UIO_READ;
2331 auio.uio_segflg = bufseg;
2333 auio.uio_resid = count;
2334 error = VOP_READLINK(vp, &auio, td->td_ucred);
2337 VFS_UNLOCK_GIANT(vfslocked);
2338 td->td_retval[0] = count - auio.uio_resid;
2343 * Common implementation code for chflags() and fchflags().
2346 setfflags(td, vp, flags)
2356 * Prevent non-root users from setting flags on devices. When
2357 * a device is reused, users can retain ownership of the device
2358 * if they are allowed to set flags and programs assume that
2359 * chown can't fail when done as root.
2361 if (vp->v_type == VCHR || vp->v_type == VBLK) {
2362 error = suser_cred(td->td_ucred, SUSER_ALLOWJAIL);
2367 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2369 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
2370 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
2372 vattr.va_flags = flags;
2374 error = mac_check_vnode_setflags(td->td_ucred, vp, vattr.va_flags);
2377 error = VOP_SETATTR(vp, &vattr, td->td_ucred, td);
2378 VOP_UNLOCK(vp, 0, td);
2379 vn_finished_write(mp);
2384 * Change flags of a file given a path name.
2386 #ifndef _SYS_SYSPROTO_H_
2387 struct chflags_args {
2395 register struct chflags_args /* {
2401 struct nameidata nd;
2404 AUDIT_ARG(fflags, uap->flags);
2405 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, UIO_USERSPACE,
2407 if ((error = namei(&nd)) != 0)
2409 NDFREE(&nd, NDF_ONLY_PNBUF);
2410 vfslocked = NDHASGIANT(&nd);
2411 error = setfflags(td, nd.ni_vp, uap->flags);
2413 VFS_UNLOCK_GIANT(vfslocked);
2418 * Same as chflags() but doesn't follow symlinks.
2423 register struct lchflags_args /* {
2429 struct nameidata nd;
2432 AUDIT_ARG(fflags, uap->flags);
2433 NDINIT(&nd, LOOKUP, NOFOLLOW | MPSAFE | AUDITVNODE1, UIO_USERSPACE,
2435 if ((error = namei(&nd)) != 0)
2437 vfslocked = NDHASGIANT(&nd);
2438 NDFREE(&nd, NDF_ONLY_PNBUF);
2439 error = setfflags(td, nd.ni_vp, uap->flags);
2441 VFS_UNLOCK_GIANT(vfslocked);
2446 * Change flags of a file given a file descriptor.
2448 #ifndef _SYS_SYSPROTO_H_
2449 struct fchflags_args {
2457 register struct fchflags_args /* {
2466 AUDIT_ARG(fd, uap->fd);
2467 AUDIT_ARG(fflags, uap->flags);
2468 if ((error = getvnode(td->td_proc->p_fd, uap->fd, &fp)) != 0)
2470 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
2472 vn_lock(fp->f_vnode, LK_EXCLUSIVE | LK_RETRY, td);
2473 AUDIT_ARG(vnode, fp->f_vnode, ARG_VNODE1);
2474 VOP_UNLOCK(fp->f_vnode, 0, td);
2476 error = setfflags(td, fp->f_vnode, uap->flags);
2477 VFS_UNLOCK_GIANT(vfslocked);
2483 * Common implementation code for chmod(), lchmod() and fchmod().
2486 setfmode(td, vp, mode)
2495 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2497 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
2498 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
2500 vattr.va_mode = mode & ALLPERMS;
2502 error = mac_check_vnode_setmode(td->td_ucred, vp, vattr.va_mode);
2505 error = VOP_SETATTR(vp, &vattr, td->td_ucred, td);
2506 VOP_UNLOCK(vp, 0, td);
2507 vn_finished_write(mp);
2512 * Change mode of a file given path name.
2514 #ifndef _SYS_SYSPROTO_H_
2523 register struct chmod_args /* {
2529 return (kern_chmod(td, uap->path, UIO_USERSPACE, uap->mode));
2533 kern_chmod(struct thread *td, char *path, enum uio_seg pathseg, int mode)
2536 struct nameidata nd;
2539 AUDIT_ARG(mode, mode);
2540 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, pathseg, path, td);
2541 if ((error = namei(&nd)) != 0)
2543 vfslocked = NDHASGIANT(&nd);
2544 NDFREE(&nd, NDF_ONLY_PNBUF);
2545 error = setfmode(td, nd.ni_vp, mode);
2547 VFS_UNLOCK_GIANT(vfslocked);
2552 * Change mode of a file given path name (don't follow links.)
2554 #ifndef _SYS_SYSPROTO_H_
2555 struct lchmod_args {
2563 register struct lchmod_args /* {
2569 struct nameidata nd;
2572 AUDIT_ARG(mode, (mode_t)uap->mode);
2573 NDINIT(&nd, LOOKUP, NOFOLLOW | MPSAFE | AUDITVNODE1, UIO_USERSPACE,
2575 if ((error = namei(&nd)) != 0)
2577 vfslocked = NDHASGIANT(&nd);
2578 NDFREE(&nd, NDF_ONLY_PNBUF);
2579 error = setfmode(td, nd.ni_vp, uap->mode);
2581 VFS_UNLOCK_GIANT(vfslocked);
2586 * Change mode of a file given a file descriptor.
2588 #ifndef _SYS_SYSPROTO_H_
2589 struct fchmod_args {
2597 register struct fchmod_args /* {
2606 AUDIT_ARG(fd, uap->fd);
2607 AUDIT_ARG(mode, uap->mode);
2608 if ((error = getvnode(td->td_proc->p_fd, uap->fd, &fp)) != 0)
2610 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
2612 vn_lock(fp->f_vnode, LK_EXCLUSIVE | LK_RETRY, td);
2613 AUDIT_ARG(vnode, fp->f_vnode, ARG_VNODE1);
2614 VOP_UNLOCK(fp->f_vnode, 0, td);
2616 error = setfmode(td, fp->f_vnode, uap->mode);
2617 VFS_UNLOCK_GIANT(vfslocked);
2623 * Common implementation for chown(), lchown(), and fchown()
2626 setfown(td, vp, uid, gid)
2636 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2638 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
2639 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
2644 error = mac_check_vnode_setowner(td->td_ucred, vp, vattr.va_uid,
2648 error = VOP_SETATTR(vp, &vattr, td->td_ucred, td);
2649 VOP_UNLOCK(vp, 0, td);
2650 vn_finished_write(mp);
2655 * Set ownership given a path name.
2657 #ifndef _SYS_SYSPROTO_H_
2667 register struct chown_args /* {
2674 return (kern_chown(td, uap->path, UIO_USERSPACE, uap->uid, uap->gid));
2678 kern_chown(struct thread *td, char *path, enum uio_seg pathseg, int uid,
2682 struct nameidata nd;
2685 AUDIT_ARG(owner, uid, gid);
2686 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, pathseg, path, td);
2687 if ((error = namei(&nd)) != 0)
2689 vfslocked = NDHASGIANT(&nd);
2690 NDFREE(&nd, NDF_ONLY_PNBUF);
2691 error = setfown(td, nd.ni_vp, uid, gid);
2693 VFS_UNLOCK_GIANT(vfslocked);
2698 * Set ownership given a path name, do not cross symlinks.
2700 #ifndef _SYS_SYSPROTO_H_
2701 struct lchown_args {
2710 register struct lchown_args /* {
2717 return (kern_lchown(td, uap->path, UIO_USERSPACE, uap->uid, uap->gid));
2721 kern_lchown(struct thread *td, char *path, enum uio_seg pathseg, int uid,
2725 struct nameidata nd;
2728 AUDIT_ARG(owner, uid, gid);
2729 NDINIT(&nd, LOOKUP, NOFOLLOW | MPSAFE | AUDITVNODE1, pathseg, path, td);
2730 if ((error = namei(&nd)) != 0)
2732 vfslocked = NDHASGIANT(&nd);
2733 NDFREE(&nd, NDF_ONLY_PNBUF);
2734 error = setfown(td, nd.ni_vp, uid, gid);
2736 VFS_UNLOCK_GIANT(vfslocked);
2741 * Set ownership given a file descriptor.
2743 #ifndef _SYS_SYSPROTO_H_
2744 struct fchown_args {
2753 register struct fchown_args /* {
2763 AUDIT_ARG(fd, uap->fd);
2764 AUDIT_ARG(owner, uap->uid, uap->gid);
2765 if ((error = getvnode(td->td_proc->p_fd, uap->fd, &fp)) != 0)
2767 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
2769 vn_lock(fp->f_vnode, LK_EXCLUSIVE | LK_RETRY, td);
2770 AUDIT_ARG(vnode, fp->f_vnode, ARG_VNODE1);
2771 VOP_UNLOCK(fp->f_vnode, 0, td);
2773 error = setfown(td, fp->f_vnode, uap->uid, uap->gid);
2774 VFS_UNLOCK_GIANT(vfslocked);
2780 * Common implementation code for utimes(), lutimes(), and futimes().
2783 getutimes(usrtvp, tvpseg, tsp)
2784 const struct timeval *usrtvp;
2785 enum uio_seg tvpseg;
2786 struct timespec *tsp;
2788 struct timeval tv[2];
2789 const struct timeval *tvp;
2792 if (usrtvp == NULL) {
2794 TIMEVAL_TO_TIMESPEC(&tv[0], &tsp[0]);
2797 if (tvpseg == UIO_SYSSPACE) {
2800 if ((error = copyin(usrtvp, tv, sizeof(tv))) != 0)
2805 if (tvp[0].tv_usec < 0 || tvp[0].tv_usec >= 1000000 ||
2806 tvp[1].tv_usec < 0 || tvp[1].tv_usec >= 1000000)
2808 TIMEVAL_TO_TIMESPEC(&tvp[0], &tsp[0]);
2809 TIMEVAL_TO_TIMESPEC(&tvp[1], &tsp[1]);
2815 * Common implementation code for utimes(), lutimes(), and futimes().
2818 setutimes(td, vp, ts, numtimes, nullflag)
2821 const struct timespec *ts;
2825 int error, setbirthtime;
2829 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2831 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
2832 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
2834 if (numtimes < 3 && VOP_GETATTR(vp, &vattr, td->td_ucred, td) == 0 &&
2835 timespeccmp(&ts[1], &vattr.va_birthtime, < ))
2838 vattr.va_atime = ts[0];
2839 vattr.va_mtime = ts[1];
2841 vattr.va_birthtime = ts[1];
2843 vattr.va_birthtime = ts[2];
2845 vattr.va_vaflags |= VA_UTIMES_NULL;
2847 error = mac_check_vnode_setutimes(td->td_ucred, vp, vattr.va_atime,
2851 error = VOP_SETATTR(vp, &vattr, td->td_ucred, td);
2852 VOP_UNLOCK(vp, 0, td);
2853 vn_finished_write(mp);
2858 * Set the access and modification times of a file.
2860 #ifndef _SYS_SYSPROTO_H_
2861 struct utimes_args {
2863 struct timeval *tptr;
2869 register struct utimes_args /* {
2871 struct timeval *tptr;
2875 return (kern_utimes(td, uap->path, UIO_USERSPACE, uap->tptr,
2880 kern_utimes(struct thread *td, char *path, enum uio_seg pathseg,
2881 struct timeval *tptr, enum uio_seg tptrseg)
2883 struct timespec ts[2];
2885 struct nameidata nd;
2888 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
2890 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, pathseg, path, td);
2891 if ((error = namei(&nd)) != 0)
2893 vfslocked = NDHASGIANT(&nd);
2894 NDFREE(&nd, NDF_ONLY_PNBUF);
2895 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
2897 VFS_UNLOCK_GIANT(vfslocked);
2902 * Set the access and modification times of a file.
2904 #ifndef _SYS_SYSPROTO_H_
2905 struct lutimes_args {
2907 struct timeval *tptr;
2913 register struct lutimes_args /* {
2915 struct timeval *tptr;
2919 return (kern_lutimes(td, uap->path, UIO_USERSPACE, uap->tptr,
2924 kern_lutimes(struct thread *td, char *path, enum uio_seg pathseg,
2925 struct timeval *tptr, enum uio_seg tptrseg)
2927 struct timespec ts[2];
2929 struct nameidata nd;
2932 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
2934 NDINIT(&nd, LOOKUP, NOFOLLOW | MPSAFE | AUDITVNODE1, pathseg, path, td);
2935 if ((error = namei(&nd)) != 0)
2937 vfslocked = NDHASGIANT(&nd);
2938 NDFREE(&nd, NDF_ONLY_PNBUF);
2939 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
2941 VFS_UNLOCK_GIANT(vfslocked);
2946 * Set the access and modification times of a file.
2948 #ifndef _SYS_SYSPROTO_H_
2949 struct futimes_args {
2951 struct timeval *tptr;
2957 register struct futimes_args /* {
2959 struct timeval *tptr;
2963 return (kern_futimes(td, uap->fd, uap->tptr, UIO_USERSPACE));
2967 kern_futimes(struct thread *td, int fd, struct timeval *tptr,
2968 enum uio_seg tptrseg)
2970 struct timespec ts[2];
2976 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
2978 if ((error = getvnode(td->td_proc->p_fd, fd, &fp)) != 0)
2980 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
2982 vn_lock(fp->f_vnode, LK_EXCLUSIVE | LK_RETRY, td);
2983 AUDIT_ARG(vnode, fp->f_vnode, ARG_VNODE1);
2984 VOP_UNLOCK(fp->f_vnode, 0, td);
2986 error = setutimes(td, fp->f_vnode, ts, 2, tptr == NULL);
2987 VFS_UNLOCK_GIANT(vfslocked);
2993 * Truncate a file given its path name.
2995 #ifndef _SYS_SYSPROTO_H_
2996 struct truncate_args {
3005 register struct truncate_args /* {
3012 return (kern_truncate(td, uap->path, UIO_USERSPACE, uap->length));
3016 kern_truncate(struct thread *td, char *path, enum uio_seg pathseg, off_t length)
3022 struct nameidata nd;
3027 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, pathseg, path, td);
3028 if ((error = namei(&nd)) != 0)
3030 vfslocked = NDHASGIANT(&nd);
3032 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0) {
3034 VFS_UNLOCK_GIANT(vfslocked);
3037 NDFREE(&nd, NDF_ONLY_PNBUF);
3038 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
3039 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3040 if (vp->v_type == VDIR)
3043 else if ((error = mac_check_vnode_write(td->td_ucred, NOCRED, vp))) {
3046 else if ((error = vn_writechk(vp)) == 0 &&
3047 (error = VOP_ACCESS(vp, VWRITE, td->td_ucred, td)) == 0) {
3049 vattr.va_size = length;
3050 error = VOP_SETATTR(vp, &vattr, td->td_ucred, td);
3053 vn_finished_write(mp);
3054 VFS_UNLOCK_GIANT(vfslocked);
3059 * Truncate a file given a file descriptor.
3061 #ifndef _SYS_SYSPROTO_H_
3062 struct ftruncate_args {
3071 register struct ftruncate_args /* {
3084 AUDIT_ARG(fd, uap->fd);
3085 if (uap->length < 0)
3087 if ((error = getvnode(td->td_proc->p_fd, uap->fd, &fp)) != 0)
3089 if ((fp->f_flag & FWRITE) == 0) {
3094 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
3095 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
3097 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
3098 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3099 AUDIT_ARG(vnode, vp, ARG_VNODE1);
3100 if (vp->v_type == VDIR)
3103 else if ((error = mac_check_vnode_write(td->td_ucred, fp->f_cred,
3107 else if ((error = vn_writechk(vp)) == 0) {
3109 vattr.va_size = uap->length;
3110 error = VOP_SETATTR(vp, &vattr, fp->f_cred, td);
3112 VOP_UNLOCK(vp, 0, td);
3113 vn_finished_write(mp);
3115 VFS_UNLOCK_GIANT(vfslocked);
3120 #if defined(COMPAT_43)
3122 * Truncate a file given its path name.
3124 #ifndef _SYS_SYSPROTO_H_
3125 struct otruncate_args {
3133 register struct otruncate_args /* {
3138 struct truncate_args /* {
3144 nuap.path = uap->path;
3145 nuap.length = uap->length;
3146 return (truncate(td, &nuap));
3150 * Truncate a file given a file descriptor.
3152 #ifndef _SYS_SYSPROTO_H_
3153 struct oftruncate_args {
3161 register struct oftruncate_args /* {
3166 struct ftruncate_args /* {
3173 nuap.length = uap->length;
3174 return (ftruncate(td, &nuap));
3176 #endif /* COMPAT_43 */
3179 * Sync an open file.
3181 #ifndef _SYS_SYSPROTO_H_
3189 struct fsync_args /* {
3199 AUDIT_ARG(fd, uap->fd);
3200 if ((error = getvnode(td->td_proc->p_fd, uap->fd, &fp)) != 0)
3203 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
3204 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
3206 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3207 AUDIT_ARG(vnode, vp, ARG_VNODE1);
3208 if (vp->v_object != NULL) {
3209 VM_OBJECT_LOCK(vp->v_object);
3210 vm_object_page_clean(vp->v_object, 0, 0, 0);
3211 VM_OBJECT_UNLOCK(vp->v_object);
3213 error = VOP_FSYNC(vp, MNT_WAIT, td);
3215 VOP_UNLOCK(vp, 0, td);
3216 vn_finished_write(mp);
3218 VFS_UNLOCK_GIANT(vfslocked);
3224 * Rename files. Source and destination must either both be directories,
3225 * or both not be directories. If target is a directory, it must be empty.
3227 #ifndef _SYS_SYSPROTO_H_
3228 struct rename_args {
3236 register struct rename_args /* {
3242 return (kern_rename(td, uap->from, uap->to, UIO_USERSPACE));
3246 kern_rename(struct thread *td, char *from, char *to, enum uio_seg pathseg)
3248 struct mount *mp = NULL;
3249 struct vnode *tvp, *fvp, *tdvp;
3250 struct nameidata fromnd, tond;
3257 NDINIT(&fromnd, DELETE, LOCKPARENT | LOCKLEAF | SAVESTART | MPSAFE |
3258 AUDITVNODE1, pathseg, from, td);
3260 NDINIT(&fromnd, DELETE, WANTPARENT | SAVESTART | MPSAFE |
3261 AUDITVNODE1, pathseg, from, td);
3263 if ((error = namei(&fromnd)) != 0)
3265 fvfslocked = NDHASGIANT(&fromnd);
3268 error = mac_check_vnode_rename_from(td->td_ucred, fromnd.ni_dvp,
3269 fromnd.ni_vp, &fromnd.ni_cnd);
3270 VOP_UNLOCK(fromnd.ni_dvp, 0, td);
3271 VOP_UNLOCK(fromnd.ni_vp, 0, td);
3275 error = vn_start_write(fvp, &mp, V_WAIT | PCATCH);
3277 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3278 vrele(fromnd.ni_dvp);
3282 NDINIT(&tond, RENAME, LOCKPARENT | LOCKLEAF | NOCACHE | SAVESTART |
3283 MPSAFE | AUDITVNODE2, pathseg, to, td);
3284 if (fromnd.ni_vp->v_type == VDIR)
3285 tond.ni_cnd.cn_flags |= WILLBEDIR;
3286 if ((error = namei(&tond)) != 0) {
3287 /* Translate error code for rename("dir1", "dir2/."). */
3288 if (error == EISDIR && fvp->v_type == VDIR)
3290 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3291 vrele(fromnd.ni_dvp);
3293 vn_finished_write(mp);
3296 tvfslocked = NDHASGIANT(&tond);
3300 if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
3303 } else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
3311 * If the source is the same as the destination (that is, if they
3312 * are links to the same vnode), then there is nothing to do.
3318 error = mac_check_vnode_rename_to(td->td_ucred, tdvp,
3319 tond.ni_vp, fromnd.ni_dvp == tdvp, &tond.ni_cnd);
3323 VOP_LEASE(tdvp, td, td->td_ucred, LEASE_WRITE);
3324 if (fromnd.ni_dvp != tdvp) {
3325 VOP_LEASE(fromnd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
3328 VOP_LEASE(tvp, td, td->td_ucred, LEASE_WRITE);
3330 error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
3331 tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
3332 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3333 NDFREE(&tond, NDF_ONLY_PNBUF);
3335 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3336 NDFREE(&tond, NDF_ONLY_PNBUF);
3343 vrele(fromnd.ni_dvp);
3346 vrele(tond.ni_startdir);
3347 vn_finished_write(mp);
3349 if (fromnd.ni_startdir)
3350 vrele(fromnd.ni_startdir);
3351 VFS_UNLOCK_GIANT(fvfslocked);
3352 VFS_UNLOCK_GIANT(tvfslocked);
3359 * Make a directory file.
3361 #ifndef _SYS_SYSPROTO_H_
3370 register struct mkdir_args /* {
3376 return (kern_mkdir(td, uap->path, UIO_USERSPACE, uap->mode));
3380 kern_mkdir(struct thread *td, char *path, enum uio_seg segflg, int mode)
3386 struct nameidata nd;
3389 AUDIT_ARG(mode, mode);
3392 NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1,
3394 nd.ni_cnd.cn_flags |= WILLBEDIR;
3395 if ((error = namei(&nd)) != 0)
3397 vfslocked = NDHASGIANT(&nd);
3400 NDFREE(&nd, NDF_ONLY_PNBUF);
3402 * XXX namei called with LOCKPARENT but not LOCKLEAF has
3403 * the strange behaviour of leaving the vnode unlocked
3404 * if the target is the same vnode as the parent.
3406 if (vp == nd.ni_dvp)
3411 VFS_UNLOCK_GIANT(vfslocked);
3414 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3415 NDFREE(&nd, NDF_ONLY_PNBUF);
3417 VFS_UNLOCK_GIANT(vfslocked);
3418 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3423 vattr.va_type = VDIR;
3424 FILEDESC_LOCK_FAST(td->td_proc->p_fd);
3425 vattr.va_mode = (mode & ACCESSPERMS) &~ td->td_proc->p_fd->fd_cmask;
3426 FILEDESC_UNLOCK_FAST(td->td_proc->p_fd);
3428 error = mac_check_vnode_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
3433 VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
3434 error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
3438 NDFREE(&nd, NDF_ONLY_PNBUF);
3442 vn_finished_write(mp);
3443 VFS_UNLOCK_GIANT(vfslocked);
3448 * Remove a directory file.
3450 #ifndef _SYS_SYSPROTO_H_
3458 struct rmdir_args /* {
3463 return (kern_rmdir(td, uap->path, UIO_USERSPACE));
3467 kern_rmdir(struct thread *td, char *path, enum uio_seg pathseg)
3472 struct nameidata nd;
3477 NDINIT(&nd, DELETE, LOCKPARENT | LOCKLEAF | MPSAFE | AUDITVNODE1,
3479 if ((error = namei(&nd)) != 0)
3481 vfslocked = NDHASGIANT(&nd);
3483 if (vp->v_type != VDIR) {
3488 * No rmdir "." please.
3490 if (nd.ni_dvp == vp) {
3495 * The root of a mounted filesystem cannot be deleted.
3497 if (vp->v_vflag & VV_ROOT) {
3502 error = mac_check_vnode_delete(td->td_ucred, nd.ni_dvp, vp,
3507 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3508 NDFREE(&nd, NDF_ONLY_PNBUF);
3510 if (nd.ni_dvp == vp)
3514 VFS_UNLOCK_GIANT(vfslocked);
3515 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3519 VOP_LEASE(nd.ni_dvp, td, td->td_ucred, LEASE_WRITE);
3520 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
3521 error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
3522 vn_finished_write(mp);
3524 NDFREE(&nd, NDF_ONLY_PNBUF);
3526 if (nd.ni_dvp == vp)
3530 VFS_UNLOCK_GIANT(vfslocked);
3536 * Read a block of directory entries in a filesystem independent format.
3538 #ifndef _SYS_SYSPROTO_H_
3539 struct ogetdirentries_args {
3547 ogetdirentries(td, uap)
3549 register struct ogetdirentries_args /* {
3558 struct uio auio, kuio;
3559 struct iovec aiov, kiov;
3560 struct dirent *dp, *edp;
3562 int error, eofflag, readcnt, vfslocked;
3565 /* XXX arbitrary sanity limit on `count'. */
3566 if (uap->count > 64 * 1024)
3568 if ((error = getvnode(td->td_proc->p_fd, uap->fd, &fp)) != 0)
3570 if ((fp->f_flag & FREAD) == 0) {
3576 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
3577 if (vp->v_type != VDIR) {
3578 VFS_UNLOCK_GIANT(vfslocked);
3582 aiov.iov_base = uap->buf;
3583 aiov.iov_len = uap->count;
3584 auio.uio_iov = &aiov;
3585 auio.uio_iovcnt = 1;
3586 auio.uio_rw = UIO_READ;
3587 auio.uio_segflg = UIO_USERSPACE;
3589 auio.uio_resid = uap->count;
3590 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3591 loff = auio.uio_offset = fp->f_offset;
3593 error = mac_check_vnode_readdir(td->td_ucred, vp);
3595 VOP_UNLOCK(vp, 0, td);
3596 VFS_UNLOCK_GIANT(vfslocked);
3601 # if (BYTE_ORDER != LITTLE_ENDIAN)
3602 if (vp->v_mount->mnt_maxsymlinklen <= 0) {
3603 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag,
3605 fp->f_offset = auio.uio_offset;
3610 kuio.uio_iov = &kiov;
3611 kuio.uio_segflg = UIO_SYSSPACE;
3612 kiov.iov_len = uap->count;
3613 MALLOC(dirbuf, caddr_t, uap->count, M_TEMP, M_WAITOK);
3614 kiov.iov_base = dirbuf;
3615 error = VOP_READDIR(vp, &kuio, fp->f_cred, &eofflag,
3617 fp->f_offset = kuio.uio_offset;
3619 readcnt = uap->count - kuio.uio_resid;
3620 edp = (struct dirent *)&dirbuf[readcnt];
3621 for (dp = (struct dirent *)dirbuf; dp < edp; ) {
3622 # if (BYTE_ORDER == LITTLE_ENDIAN)
3624 * The expected low byte of
3625 * dp->d_namlen is our dp->d_type.
3626 * The high MBZ byte of dp->d_namlen
3627 * is our dp->d_namlen.
3629 dp->d_type = dp->d_namlen;
3633 * The dp->d_type is the high byte
3634 * of the expected dp->d_namlen,
3635 * so must be zero'ed.
3639 if (dp->d_reclen > 0) {
3640 dp = (struct dirent *)
3641 ((char *)dp + dp->d_reclen);
3648 error = uiomove(dirbuf, readcnt, &auio);
3650 FREE(dirbuf, M_TEMP);
3652 VOP_UNLOCK(vp, 0, td);
3654 VFS_UNLOCK_GIANT(vfslocked);
3658 if (uap->count == auio.uio_resid) {
3659 if (union_dircheckp) {
3660 error = union_dircheckp(td, &vp, fp);
3662 VFS_UNLOCK_GIANT(vfslocked);
3666 VFS_UNLOCK_GIANT(vfslocked);
3672 * XXX We could delay dropping the lock above but
3673 * union_dircheckp complicates things.
3675 vn_lock(vp, LK_EXCLUSIVE|LK_RETRY, td);
3676 if ((vp->v_vflag & VV_ROOT) &&
3677 (vp->v_mount->mnt_flag & MNT_UNION)) {
3678 struct vnode *tvp = vp;
3679 vp = vp->v_mount->mnt_vnodecovered;
3685 VFS_UNLOCK_GIANT(vfslocked);
3688 VOP_UNLOCK(vp, 0, td);
3690 VFS_UNLOCK_GIANT(vfslocked);
3691 error = copyout(&loff, uap->basep, sizeof(long));
3693 td->td_retval[0] = uap->count - auio.uio_resid;
3696 #endif /* COMPAT_43 */
3699 * Read a block of directory entries in a filesystem independent format.
3701 #ifndef _SYS_SYSPROTO_H_
3702 struct getdirentries_args {
3710 getdirentries(td, uap)
3712 register struct getdirentries_args /* {
3727 AUDIT_ARG(fd, uap->fd);
3728 if ((error = getvnode(td->td_proc->p_fd, uap->fd, &fp)) != 0)
3730 if ((fp->f_flag & FREAD) == 0) {
3736 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
3737 if (vp->v_type != VDIR) {
3741 aiov.iov_base = uap->buf;
3742 aiov.iov_len = uap->count;
3743 auio.uio_iov = &aiov;
3744 auio.uio_iovcnt = 1;
3745 auio.uio_rw = UIO_READ;
3746 auio.uio_segflg = UIO_USERSPACE;
3748 auio.uio_resid = uap->count;
3749 /* vn_lock(vp, LK_SHARED | LK_RETRY, td); */
3750 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3751 AUDIT_ARG(vnode, vp, ARG_VNODE1);
3752 loff = auio.uio_offset = fp->f_offset;
3754 error = mac_check_vnode_readdir(td->td_ucred, vp);
3757 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, NULL,
3759 fp->f_offset = auio.uio_offset;
3760 VOP_UNLOCK(vp, 0, td);
3763 if (uap->count == auio.uio_resid) {
3764 if (union_dircheckp) {
3765 error = union_dircheckp(td, &vp, fp);
3767 VFS_UNLOCK_GIANT(vfslocked);
3774 * XXX We could delay dropping the lock above but
3775 * union_dircheckp complicates things.
3777 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
3778 if ((vp->v_vflag & VV_ROOT) &&
3779 (vp->v_mount->mnt_flag & MNT_UNION)) {
3780 struct vnode *tvp = vp;
3781 vp = vp->v_mount->mnt_vnodecovered;
3787 VFS_UNLOCK_GIANT(vfslocked);
3790 VOP_UNLOCK(vp, 0, td);
3792 if (uap->basep != NULL) {
3793 error = copyout(&loff, uap->basep, sizeof(long));
3795 td->td_retval[0] = uap->count - auio.uio_resid;
3797 VFS_UNLOCK_GIANT(vfslocked);
3801 #ifndef _SYS_SYSPROTO_H_
3802 struct getdents_args {
3811 register struct getdents_args /* {
3817 struct getdirentries_args ap;
3820 ap.count = uap->count;
3822 return (getdirentries(td, &ap));
3826 * Set the mode mask for creation of filesystem nodes.
3830 #ifndef _SYS_SYSPROTO_H_
3838 struct umask_args /* {
3842 register struct filedesc *fdp;
3844 FILEDESC_LOCK_FAST(td->td_proc->p_fd);
3845 fdp = td->td_proc->p_fd;
3846 td->td_retval[0] = fdp->fd_cmask;
3847 fdp->fd_cmask = uap->newmask & ALLPERMS;
3848 FILEDESC_UNLOCK_FAST(td->td_proc->p_fd);
3853 * Void all references to file by ripping underlying filesystem
3856 #ifndef _SYS_SYSPROTO_H_
3857 struct revoke_args {
3864 register struct revoke_args /* {
3871 struct nameidata nd;
3874 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
3875 UIO_USERSPACE, uap->path, td);
3876 if ((error = namei(&nd)) != 0)
3878 vfslocked = NDHASGIANT(&nd);
3880 NDFREE(&nd, NDF_ONLY_PNBUF);
3881 if (vp->v_type != VCHR) {
3886 error = mac_check_vnode_revoke(td->td_ucred, vp);
3890 error = VOP_GETATTR(vp, &vattr, td->td_ucred, td);
3893 if (td->td_ucred->cr_uid != vattr.va_uid) {
3894 error = suser_cred(td->td_ucred, SUSER_ALLOWJAIL);
3899 VOP_REVOKE(vp, REVOKEALL);
3902 VFS_UNLOCK_GIANT(vfslocked);
3907 * Convert a user file descriptor to a kernel file entry.
3908 * A reference on the file entry is held upon returning.
3911 getvnode(fdp, fd, fpp)
3912 struct filedesc *fdp;
3924 if ((u_int)fd >= fdp->fd_nfiles ||
3925 (fp = fdp->fd_ofiles[fd]) == NULL)
3927 else if (fp->f_vnode == NULL) {
3934 FILEDESC_UNLOCK(fdp);
3941 * Get (NFS) file handle
3943 #ifndef _SYS_SYSPROTO_H_
3944 struct lgetfh_args {
3952 register struct lgetfh_args *uap;
3954 struct nameidata nd;
3956 register struct vnode *vp;
3963 NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
3964 UIO_USERSPACE, uap->fname, td);
3968 vfslocked = NDHASGIANT(&nd);
3969 NDFREE(&nd, NDF_ONLY_PNBUF);
3971 bzero(&fh, sizeof(fh));
3972 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
3973 error = VFS_VPTOFH(vp, &fh.fh_fid);
3975 VFS_UNLOCK_GIANT(vfslocked);
3978 error = copyout(&fh, uap->fhp, sizeof (fh));
3982 #ifndef _SYS_SYSPROTO_H_
3991 register struct getfh_args *uap;
3993 struct nameidata nd;
3995 register struct vnode *vp;
4002 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
4003 UIO_USERSPACE, uap->fname, td);
4007 vfslocked = NDHASGIANT(&nd);
4008 NDFREE(&nd, NDF_ONLY_PNBUF);
4010 bzero(&fh, sizeof(fh));
4011 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
4012 error = VFS_VPTOFH(vp, &fh.fh_fid);
4014 VFS_UNLOCK_GIANT(vfslocked);
4017 error = copyout(&fh, uap->fhp, sizeof (fh));
4022 * syscall for the rpc.lockd to use to translate a NFS file handle into
4023 * an open descriptor.
4025 * warning: do not remove the suser() call or this becomes one giant
4030 #ifndef _SYS_SYSPROTO_H_
4031 struct fhopen_args {
4032 const struct fhandle *u_fhp;
4039 struct fhopen_args /* {
4040 const struct fhandle *u_fhp;
4044 struct proc *p = td->td_proc;
4049 struct vattr *vap = &vat;
4052 register struct filedesc *fdp = p->p_fd;
4053 int fmode, mode, error, type;
4061 fmode = FFLAGS(uap->flags);
4062 /* why not allow a non-read/write open for our lockd? */
4063 if (((fmode & (FREAD | FWRITE)) == 0) || (fmode & O_CREAT))
4065 error = copyin(uap->u_fhp, &fhp, sizeof(fhp));
4068 /* find the mount point */
4069 mp = vfs_getvfs(&fhp.fh_fsid);
4072 vfslocked = VFS_LOCK_GIANT(mp);
4073 /* now give me my vnode, it gets returned to me locked */
4074 error = VFS_FHTOVP(mp, &fhp.fh_fid, &vp);
4078 * from now on we have to make sure not
4079 * to forget about the vnode
4080 * any error that causes an abort must vput(vp)
4081 * just set error = err and 'goto bad;'.
4087 if (vp->v_type == VLNK) {
4091 if (vp->v_type == VSOCK) {
4096 if (fmode & (FWRITE | O_TRUNC)) {
4097 if (vp->v_type == VDIR) {
4101 error = vn_writechk(vp);
4108 if (fmode & O_APPEND)
4111 error = mac_check_vnode_open(td->td_ucred, vp, mode);
4116 error = VOP_ACCESS(vp, mode, td->td_ucred, td);
4120 if (fmode & O_TRUNC) {
4121 VOP_UNLOCK(vp, 0, td); /* XXX */
4122 if ((error = vn_start_write(NULL, &mp, V_WAIT | PCATCH)) != 0) {
4126 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
4127 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); /* XXX */
4130 * We don't yet have fp->f_cred, so use td->td_ucred, which
4133 error = mac_check_vnode_write(td->td_ucred, td->td_ucred, vp);
4138 error = VOP_SETATTR(vp, vap, td->td_ucred, td);
4142 vn_finished_write(mp);
4146 error = VOP_OPEN(vp, fmode, td->td_ucred, td, -1);
4154 * end of vn_open code
4157 if ((error = falloc(td, &nfp, &indx)) != 0) {
4162 /* An extra reference on `nfp' has been held for us by falloc(). */
4167 nfp->f_flag = fmode & FMASK;
4168 nfp->f_ops = &vnops;
4169 nfp->f_type = DTYPE_VNODE;
4170 if (fmode & (O_EXLOCK | O_SHLOCK)) {
4171 lf.l_whence = SEEK_SET;
4174 if (fmode & O_EXLOCK)
4175 lf.l_type = F_WRLCK;
4177 lf.l_type = F_RDLCK;
4179 if ((fmode & FNONBLOCK) == 0)
4181 VOP_UNLOCK(vp, 0, td);
4182 if ((error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf,
4185 * The lock request failed. Normally close the
4186 * descriptor but handle the case where someone might
4187 * have dup()d or close()d it when we weren't looking.
4189 fdclose(fdp, fp, indx, td);
4192 * release our private reference
4197 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
4198 fp->f_flag |= FHASLOCK;
4201 VOP_UNLOCK(vp, 0, td);
4204 VFS_UNLOCK_GIANT(vfslocked);
4205 td->td_retval[0] = indx;
4212 VFS_UNLOCK_GIANT(vfslocked);
4217 * Stat an (NFS) file handle.
4221 #ifndef _SYS_SYSPROTO_H_
4222 struct fhstat_args {
4223 struct fhandle *u_fhp;
4230 register struct fhstat_args /* {
4231 struct fhandle *u_fhp;
4245 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
4248 if ((mp = vfs_getvfs(&fh.fh_fsid)) == NULL)
4250 vfslocked = VFS_LOCK_GIANT(mp);
4251 if ((error = VFS_FHTOVP(mp, &fh.fh_fid, &vp))) {
4253 VFS_UNLOCK_GIANT(vfslocked);
4256 error = vn_stat(vp, &sb, td->td_ucred, NOCRED, td);
4259 VFS_UNLOCK_GIANT(vfslocked);
4262 error = copyout(&sb, uap->sb, sizeof(sb));
4267 * Implement fstatfs() for (NFS) file handles.
4271 #ifndef _SYS_SYSPROTO_H_
4272 struct fhstatfs_args {
4273 struct fhandle *u_fhp;
4280 struct fhstatfs_args /* {
4281 struct fhandle *u_fhp;
4289 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
4292 error = kern_fhstatfs(td, fh, &sf);
4295 return (copyout(&sf, uap->buf, sizeof(sf)));
4299 kern_fhstatfs(struct thread *td, fhandle_t fh, struct statfs *buf)
4310 if ((mp = vfs_getvfs(&fh.fh_fsid)) == NULL)
4312 vfslocked = VFS_LOCK_GIANT(mp);
4313 error = VFS_FHTOVP(mp, &fh.fh_fid, &vp);
4315 VFS_UNLOCK_GIANT(vfslocked);
4320 error = prison_canseemount(td->td_ucred, mp);
4324 error = mac_check_mount_stat(td->td_ucred, mp);
4329 * Set these in case the underlying filesystem fails to do so.
4332 sp->f_version = STATFS_VERSION;
4333 sp->f_namemax = NAME_MAX;
4334 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
4335 error = VFS_STATFS(mp, sp, td);
4340 VFS_UNLOCK_GIANT(vfslocked);
4345 * Syscall to push extended attribute configuration information into the
4346 * VFS. Accepts a path, which it converts to a mountpoint, as well as
4347 * a command (int cmd), and attribute name and misc data. For now, the
4348 * attribute name is left in userspace for consumption by the VFS_op.
4349 * It will probably be changed to be copied into sysspace by the
4350 * syscall in the future, once issues with various consumers of the
4351 * attribute code have raised their hands.
4353 * Currently this is used only by UFS Extended Attributes.
4358 struct extattrctl_args /* {
4361 const char *filename;
4363 const char *attrname;
4366 struct vnode *filename_vp;
4367 struct nameidata nd;
4368 struct mount *mp, *mp_writable;
4369 char attrname[EXTATTR_MAXNAMELEN];
4370 int vfslocked, fnvfslocked, error;
4372 AUDIT_ARG(cmd, uap->cmd);
4373 AUDIT_ARG(value, uap->attrnamespace);
4375 * uap->attrname is not always defined. We check again later when we
4376 * invoke the VFS call so as to pass in NULL there if needed.
4378 if (uap->attrname != NULL) {
4379 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN,
4384 AUDIT_ARG(text, attrname);
4386 vfslocked = fnvfslocked = 0;
4388 * uap->filename is not always defined. If it is, grab a vnode lock,
4389 * which VFS_EXTATTRCTL() will later release.
4392 if (uap->filename != NULL) {
4393 NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | LOCKLEAF |
4394 AUDITVNODE2, UIO_USERSPACE, uap->filename, td);
4398 fnvfslocked = NDHASGIANT(&nd);
4399 filename_vp = nd.ni_vp;
4400 NDFREE(&nd, NDF_NO_VP_RELE | NDF_NO_VP_UNLOCK);
4403 /* uap->path is always defined. */
4404 NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
4408 if (filename_vp != NULL)
4412 vfslocked = NDHASGIANT(&nd);
4413 mp = nd.ni_vp->v_mount;
4414 error = vn_start_write(nd.ni_vp, &mp_writable, V_WAIT | PCATCH);
4417 if (filename_vp != NULL)
4422 error = VFS_EXTATTRCTL(mp, uap->cmd, filename_vp, uap->attrnamespace,
4423 uap->attrname != NULL ? attrname : NULL, td);
4425 vn_finished_write(mp_writable);
4427 * VFS_EXTATTRCTL will have unlocked, but not de-ref'd,
4428 * filename_vp, so vrele it if it is defined.
4430 if (filename_vp != NULL)
4433 VFS_UNLOCK_GIANT(fnvfslocked);
4434 VFS_UNLOCK_GIANT(vfslocked);
4439 * Set a named extended attribute on a file or directory
4441 * Arguments: unlocked vnode "vp", attribute namespace "attrnamespace",
4442 * kernelspace string pointer "attrname", userspace buffer
4443 * pointer "data", buffer length "nbytes", thread "td".
4444 * Returns: 0 on success, an error number otherwise
4446 * References: vp must be a valid reference for the duration of the call
4449 extattr_set_vp(struct vnode *vp, int attrnamespace, const char *attrname,
4450 void *data, size_t nbytes, struct thread *td)
4458 VFS_ASSERT_GIANT(vp->v_mount);
4459 error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
4462 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
4463 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
4465 aiov.iov_base = data;
4466 aiov.iov_len = nbytes;
4467 auio.uio_iov = &aiov;
4468 auio.uio_iovcnt = 1;
4469 auio.uio_offset = 0;
4470 if (nbytes > INT_MAX) {
4474 auio.uio_resid = nbytes;
4475 auio.uio_rw = UIO_WRITE;
4476 auio.uio_segflg = UIO_USERSPACE;
4481 error = mac_check_vnode_setextattr(td->td_ucred, vp, attrnamespace,
4487 error = VOP_SETEXTATTR(vp, attrnamespace, attrname, &auio,
4489 cnt -= auio.uio_resid;
4490 td->td_retval[0] = cnt;
4493 VOP_UNLOCK(vp, 0, td);
4494 vn_finished_write(mp);
4499 extattr_set_fd(td, uap)
4501 struct extattr_set_fd_args /* {
4504 const char *attrname;
4510 char attrname[EXTATTR_MAXNAMELEN];
4511 int vfslocked, error;
4513 AUDIT_ARG(fd, uap->fd);
4514 AUDIT_ARG(value, uap->attrnamespace);
4515 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
4518 AUDIT_ARG(text, attrname);
4520 error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
4524 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
4525 error = extattr_set_vp(fp->f_vnode, uap->attrnamespace,
4526 attrname, uap->data, uap->nbytes, td);
4528 VFS_UNLOCK_GIANT(vfslocked);
4534 extattr_set_file(td, uap)
4536 struct extattr_set_file_args /* {
4539 const char *attrname;
4544 struct nameidata nd;
4545 char attrname[EXTATTR_MAXNAMELEN];
4546 int vfslocked, error;
4548 AUDIT_ARG(value, uap->attrnamespace);
4549 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
4552 AUDIT_ARG(text, attrname);
4554 NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
4559 NDFREE(&nd, NDF_ONLY_PNBUF);
4561 vfslocked = NDHASGIANT(&nd);
4562 error = extattr_set_vp(nd.ni_vp, uap->attrnamespace, attrname,
4563 uap->data, uap->nbytes, td);
4566 VFS_UNLOCK_GIANT(vfslocked);
4571 extattr_set_link(td, uap)
4573 struct extattr_set_link_args /* {
4576 const char *attrname;
4581 struct nameidata nd;
4582 char attrname[EXTATTR_MAXNAMELEN];
4583 int vfslocked, error;
4585 AUDIT_ARG(value, uap->attrnamespace);
4586 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
4589 AUDIT_ARG(text, attrname);
4591 NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
4596 NDFREE(&nd, NDF_ONLY_PNBUF);
4598 vfslocked = NDHASGIANT(&nd);
4599 error = extattr_set_vp(nd.ni_vp, uap->attrnamespace, attrname,
4600 uap->data, uap->nbytes, td);
4603 VFS_UNLOCK_GIANT(vfslocked);
4608 * Get a named extended attribute on a file or directory
4610 * Arguments: unlocked vnode "vp", attribute namespace "attrnamespace",
4611 * kernelspace string pointer "attrname", userspace buffer
4612 * pointer "data", buffer length "nbytes", thread "td".
4613 * Returns: 0 on success, an error number otherwise
4615 * References: vp must be a valid reference for the duration of the call
4618 extattr_get_vp(struct vnode *vp, int attrnamespace, const char *attrname,
4619 void *data, size_t nbytes, struct thread *td)
4621 struct uio auio, *auiop;
4624 size_t size, *sizep;
4627 VFS_ASSERT_GIANT(vp->v_mount);
4628 VOP_LEASE(vp, td, td->td_ucred, LEASE_READ);
4629 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
4632 * Slightly unusual semantics: if the user provides a NULL data
4633 * pointer, they don't want to receive the data, just the
4634 * maximum read length.
4640 aiov.iov_base = data;
4641 aiov.iov_len = nbytes;
4642 auio.uio_iov = &aiov;
4643 auio.uio_iovcnt = 1;
4644 auio.uio_offset = 0;
4645 if (nbytes > INT_MAX) {
4649 auio.uio_resid = nbytes;
4650 auio.uio_rw = UIO_READ;
4651 auio.uio_segflg = UIO_USERSPACE;
4659 error = mac_check_vnode_getextattr(td->td_ucred, vp, attrnamespace,
4665 error = VOP_GETEXTATTR(vp, attrnamespace, attrname, auiop, sizep,
4668 if (auiop != NULL) {
4669 cnt -= auio.uio_resid;
4670 td->td_retval[0] = cnt;
4672 td->td_retval[0] = size;
4675 VOP_UNLOCK(vp, 0, td);
4680 extattr_get_fd(td, uap)
4682 struct extattr_get_fd_args /* {
4685 const char *attrname;
4691 char attrname[EXTATTR_MAXNAMELEN];
4692 int vfslocked, error;
4694 AUDIT_ARG(fd, uap->fd);
4695 AUDIT_ARG(value, uap->attrnamespace);
4696 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
4699 AUDIT_ARG(text, attrname);
4701 error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
4705 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
4706 error = extattr_get_vp(fp->f_vnode, uap->attrnamespace,
4707 attrname, uap->data, uap->nbytes, td);
4710 VFS_UNLOCK_GIANT(vfslocked);
4715 extattr_get_file(td, uap)
4717 struct extattr_get_file_args /* {
4720 const char *attrname;
4725 struct nameidata nd;
4726 char attrname[EXTATTR_MAXNAMELEN];
4727 int vfslocked, error;
4729 AUDIT_ARG(value, uap->attrnamespace);
4730 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
4733 AUDIT_ARG(text, attrname);
4735 NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
4740 NDFREE(&nd, NDF_ONLY_PNBUF);
4742 vfslocked = NDHASGIANT(&nd);
4743 error = extattr_get_vp(nd.ni_vp, uap->attrnamespace, attrname,
4744 uap->data, uap->nbytes, td);
4747 VFS_UNLOCK_GIANT(vfslocked);
4752 extattr_get_link(td, uap)
4754 struct extattr_get_link_args /* {
4757 const char *attrname;
4762 struct nameidata nd;
4763 char attrname[EXTATTR_MAXNAMELEN];
4764 int vfslocked, error;
4766 AUDIT_ARG(value, uap->attrnamespace);
4767 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
4770 AUDIT_ARG(text, attrname);
4772 NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
4777 NDFREE(&nd, NDF_ONLY_PNBUF);
4779 vfslocked = NDHASGIANT(&nd);
4780 error = extattr_get_vp(nd.ni_vp, uap->attrnamespace, attrname,
4781 uap->data, uap->nbytes, td);
4784 VFS_UNLOCK_GIANT(vfslocked);
4789 * extattr_delete_vp(): Delete a named extended attribute on a file or
4792 * Arguments: unlocked vnode "vp", attribute namespace "attrnamespace",
4793 * kernelspace string pointer "attrname", proc "p"
4794 * Returns: 0 on success, an error number otherwise
4796 * References: vp must be a valid reference for the duration of the call
4799 extattr_delete_vp(struct vnode *vp, int attrnamespace, const char *attrname,
4805 VFS_ASSERT_GIANT(vp->v_mount);
4806 error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
4809 VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
4810 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
4813 error = mac_check_vnode_deleteextattr(td->td_ucred, vp, attrnamespace,
4819 error = VOP_DELETEEXTATTR(vp, attrnamespace, attrname, td->td_ucred,
4821 if (error == EOPNOTSUPP)
4822 error = VOP_SETEXTATTR(vp, attrnamespace, attrname, NULL,
4827 VOP_UNLOCK(vp, 0, td);
4828 vn_finished_write(mp);
4833 extattr_delete_fd(td, uap)
4835 struct extattr_delete_fd_args /* {
4838 const char *attrname;
4842 char attrname[EXTATTR_MAXNAMELEN];
4843 int vfslocked, error;
4845 AUDIT_ARG(fd, uap->fd);
4846 AUDIT_ARG(value, uap->attrnamespace);
4847 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
4850 AUDIT_ARG(text, attrname);
4852 error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
4856 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
4857 error = extattr_delete_vp(fp->f_vnode, uap->attrnamespace,
4860 VFS_UNLOCK_GIANT(vfslocked);
4865 extattr_delete_file(td, uap)
4867 struct extattr_delete_file_args /* {
4870 const char *attrname;
4873 struct nameidata nd;
4874 char attrname[EXTATTR_MAXNAMELEN];
4875 int vfslocked, error;
4877 AUDIT_ARG(value, uap->attrnamespace);
4878 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
4881 AUDIT_ARG(text, attrname);
4883 NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
4888 NDFREE(&nd, NDF_ONLY_PNBUF);
4890 vfslocked = NDHASGIANT(&nd);
4891 error = extattr_delete_vp(nd.ni_vp, uap->attrnamespace, attrname, td);
4893 VFS_UNLOCK_GIANT(vfslocked);
4898 extattr_delete_link(td, uap)
4900 struct extattr_delete_link_args /* {
4903 const char *attrname;
4906 struct nameidata nd;
4907 char attrname[EXTATTR_MAXNAMELEN];
4908 int vfslocked, error;
4910 AUDIT_ARG(value, uap->attrnamespace);
4911 error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
4914 AUDIT_ARG(text, attrname);
4916 NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
4921 NDFREE(&nd, NDF_ONLY_PNBUF);
4923 vfslocked = NDHASGIANT(&nd);
4924 error = extattr_delete_vp(nd.ni_vp, uap->attrnamespace, attrname, td);
4926 VFS_UNLOCK_GIANT(vfslocked);
4931 * Retrieve a list of extended attributes on a file or directory.
4933 * Arguments: unlocked vnode "vp", attribute namespace 'attrnamespace",
4934 * userspace buffer pointer "data", buffer length "nbytes",
4936 * Returns: 0 on success, an error number otherwise
4938 * References: vp must be a valid reference for the duration of the call
4941 extattr_list_vp(struct vnode *vp, int attrnamespace, void *data,
4942 size_t nbytes, struct thread *td)
4944 struct uio auio, *auiop;
4945 size_t size, *sizep;
4950 VFS_ASSERT_GIANT(vp->v_mount);
4951 VOP_LEASE(vp, td, td->td_ucred, LEASE_READ);
4952 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
4958 aiov.iov_base = data;
4959 aiov.iov_len = nbytes;
4960 auio.uio_iov = &aiov;
4961 auio.uio_iovcnt = 1;
4962 auio.uio_offset = 0;
4963 if (nbytes > INT_MAX) {
4967 auio.uio_resid = nbytes;
4968 auio.uio_rw = UIO_READ;
4969 auio.uio_segflg = UIO_USERSPACE;
4977 error = mac_check_vnode_listextattr(td->td_ucred, vp, attrnamespace);
4982 error = VOP_LISTEXTATTR(vp, attrnamespace, auiop, sizep,
4985 if (auiop != NULL) {
4986 cnt -= auio.uio_resid;
4987 td->td_retval[0] = cnt;
4989 td->td_retval[0] = size;
4992 VOP_UNLOCK(vp, 0, td);
4998 extattr_list_fd(td, uap)
5000 struct extattr_list_fd_args /* {
5008 int vfslocked, error;
5010 AUDIT_ARG(fd, uap->fd);
5011 AUDIT_ARG(value, uap->attrnamespace);
5012 error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
5016 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
5017 error = extattr_list_vp(fp->f_vnode, uap->attrnamespace, uap->data,
5021 VFS_UNLOCK_GIANT(vfslocked);
5026 extattr_list_file(td, uap)
5028 struct extattr_list_file_args /* {
5035 struct nameidata nd;
5036 int vfslocked, error;
5038 AUDIT_ARG(value, uap->attrnamespace);
5039 NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
5044 NDFREE(&nd, NDF_ONLY_PNBUF);
5046 vfslocked = NDHASGIANT(&nd);
5047 error = extattr_list_vp(nd.ni_vp, uap->attrnamespace, uap->data,
5051 VFS_UNLOCK_GIANT(vfslocked);
5056 extattr_list_link(td, uap)
5058 struct extattr_list_link_args /* {
5065 struct nameidata nd;
5066 int vfslocked, error;
5068 AUDIT_ARG(value, uap->attrnamespace);
5069 NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
5074 NDFREE(&nd, NDF_ONLY_PNBUF);
5076 vfslocked = NDHASGIANT(&nd);
5077 error = extattr_list_vp(nd.ni_vp, uap->attrnamespace, uap->data,
5081 VFS_UNLOCK_GIANT(vfslocked);