2 * Copyright (c) 1999-2004 Poul-Henning Kamp
3 * Copyright (c) 1999 Michael Smith
4 * Copyright (c) 1989, 1993
5 * The Regents of the University of California. All rights reserved.
6 * (c) UNIX System Laboratories, Inc.
7 * All or some portions of this file are derived from material licensed
8 * to the University of California by American Telephone and Telegraph
9 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
10 * the permission of UNIX System Laboratories, Inc.
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 4. Neither the name of the University nor the names of its contributors
21 * may be used to endorse or promote products derived from this software
22 * without specific prior written permission.
24 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include <sys/param.h>
42 #include <sys/fcntl.h>
44 #include <sys/kernel.h>
45 #include <sys/libkern.h>
46 #include <sys/malloc.h>
47 #include <sys/mount.h>
48 #include <sys/mutex.h>
49 #include <sys/namei.h>
52 #include <sys/filedesc.h>
53 #include <sys/reboot.h>
54 #include <sys/syscallsubr.h>
55 #include <sys/sysproto.h>
57 #include <sys/sysctl.h>
58 #include <sys/sysent.h>
59 #include <sys/systm.h>
60 #include <sys/vnode.h>
63 #include <geom/geom.h>
65 #include <machine/stdarg.h>
67 #include <security/audit/audit.h>
68 #include <security/mac/mac_framework.h>
70 #include "opt_rootdevname.h"
72 #define ROOTNAME "root_device"
73 #define VFS_MOUNTARG_SIZE_MAX (1024 * 64)
75 static void set_rootvnode(void);
76 static int vfs_domount(struct thread *td, const char *fstype,
77 char *fspath, int fsflags, void *fsdata);
78 static int vfs_mountroot_ask(void);
79 static int vfs_mountroot_try(const char *mountfrom, const char *options);
80 static void free_mntarg(struct mntarg *ma);
82 static int usermount = 0;
83 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0,
84 "Unprivileged users may mount and unmount file systems");
86 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure");
87 MALLOC_DEFINE(M_VNODE_MARKER, "vnodemarker", "vnode marker");
88 static uma_zone_t mount_zone;
90 /* List of mounted filesystems. */
91 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist);
93 /* For any iteration/modification of mountlist */
94 struct mtx mountlist_mtx;
95 MTX_SYSINIT(mountlist, &mountlist_mtx, "mountlist", MTX_DEF);
98 * The vnode of the system's root (/ in the filesystem, without chroot
101 struct vnode *rootvnode;
104 * The root filesystem is detailed in the kernel environment variable
105 * vfs.root.mountfrom, which is expected to be in the general format
107 * <vfsname>:[<path>][ <vfsname>:[<path>] ...]
108 * vfsname := the name of a VFS known to the kernel and capable
109 * of being mounted as root
110 * path := disk device name or other data used by the filesystem
111 * to locate its physical store
113 * If the environment variable vfs.root.mountfrom is a space separated list,
114 * each list element is tried in turn and the root filesystem will be mounted
115 * from the first one that suceeds.
117 * The environment variable vfs.root.mountfrom.options is a comma delimited
118 * set of string mount options. These mount options must be parseable
119 * by nmount() in the kernel.
123 * Global opts, taken by all filesystems
125 static const char *global_opts[] = {
137 * The root specifiers we will try if RB_CDROM is specified.
139 static char *cdrom_rootdevnames[] = {
145 /* legacy find-root code */
146 char *rootdevnames[2] = {NULL, NULL};
148 # define ROOTDEVNAME NULL
150 static const char *ctrootdevname = ROOTDEVNAME;
153 * ---------------------------------------------------------------------
154 * Functions for building and sanitizing the mount options
157 /* Remove one mount option. */
159 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt)
162 TAILQ_REMOVE(opts, opt, link);
163 free(opt->name, M_MOUNT);
164 if (opt->value != NULL)
165 free(opt->value, M_MOUNT);
169 /* Release all resources related to the mount options. */
171 vfs_freeopts(struct vfsoptlist *opts)
175 while (!TAILQ_EMPTY(opts)) {
176 opt = TAILQ_FIRST(opts);
177 vfs_freeopt(opts, opt);
183 vfs_deleteopt(struct vfsoptlist *opts, const char *name)
185 struct vfsopt *opt, *temp;
189 TAILQ_FOREACH_SAFE(opt, opts, link, temp) {
190 if (strcmp(opt->name, name) == 0)
191 vfs_freeopt(opts, opt);
196 vfs_isopt_ro(const char *opt)
199 if (strcmp(opt, "ro") == 0 || strcmp(opt, "rdonly") == 0 ||
200 strcmp(opt, "norw") == 0)
206 vfs_isopt_rw(const char *opt)
209 if (strcmp(opt, "rw") == 0 || strcmp(opt, "noro") == 0)
215 * Check if options are equal (with or without the "no" prefix).
218 vfs_equalopts(const char *opt1, const char *opt2)
222 /* "opt" vs. "opt" or "noopt" vs. "noopt" */
223 if (strcmp(opt1, opt2) == 0)
225 /* "noopt" vs. "opt" */
226 if (strncmp(opt1, "no", 2) == 0 && strcmp(opt1 + 2, opt2) == 0)
228 /* "opt" vs. "noopt" */
229 if (strncmp(opt2, "no", 2) == 0 && strcmp(opt1, opt2 + 2) == 0)
231 while ((p = strchr(opt1, '.')) != NULL &&
232 !strncmp(opt1, opt2, ++p - opt1)) {
235 /* "foo.noopt" vs. "foo.opt" */
236 if (strncmp(opt1, "no", 2) == 0 && strcmp(opt1 + 2, opt2) == 0)
238 /* "foo.opt" vs. "foo.noopt" */
239 if (strncmp(opt2, "no", 2) == 0 && strcmp(opt1, opt2 + 2) == 0)
242 /* "ro" / "rdonly" / "norw" / "rw" / "noro" */
243 if ((vfs_isopt_ro(opt1) || vfs_isopt_rw(opt1)) &&
244 (vfs_isopt_ro(opt2) || vfs_isopt_rw(opt2)))
250 * If a mount option is specified several times,
251 * (with or without the "no" prefix) only keep
252 * the last occurence of it.
255 vfs_sanitizeopts(struct vfsoptlist *opts)
257 struct vfsopt *opt, *opt2, *tmp;
259 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) {
260 opt2 = TAILQ_PREV(opt, vfsoptlist, link);
261 while (opt2 != NULL) {
262 if (vfs_equalopts(opt->name, opt2->name)) {
263 tmp = TAILQ_PREV(opt2, vfsoptlist, link);
264 vfs_freeopt(opts, opt2);
267 opt2 = TAILQ_PREV(opt2, vfsoptlist, link);
274 * Build a linked list of mount options from a struct uio.
277 vfs_buildopts(struct uio *auio, struct vfsoptlist **options)
279 struct vfsoptlist *opts;
281 size_t memused, namelen, optlen;
282 unsigned int i, iovcnt;
285 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK);
288 iovcnt = auio->uio_iovcnt;
289 for (i = 0; i < iovcnt; i += 2) {
290 namelen = auio->uio_iov[i].iov_len;
291 optlen = auio->uio_iov[i + 1].iov_len;
292 memused += sizeof(struct vfsopt) + optlen + namelen;
294 * Avoid consuming too much memory, and attempts to overflow
297 if (memused > VFS_MOUNTARG_SIZE_MAX ||
298 optlen > VFS_MOUNTARG_SIZE_MAX ||
299 namelen > VFS_MOUNTARG_SIZE_MAX) {
304 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK);
305 opt->name = malloc(namelen, M_MOUNT, M_WAITOK);
312 * Do this early, so jumps to "bad" will free the current
315 TAILQ_INSERT_TAIL(opts, opt, link);
317 if (auio->uio_segflg == UIO_SYSSPACE) {
318 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen);
320 error = copyin(auio->uio_iov[i].iov_base, opt->name,
325 /* Ensure names are null-terminated strings. */
326 if (namelen == 0 || opt->name[namelen - 1] != '\0') {
332 opt->value = malloc(optlen, M_MOUNT, M_WAITOK);
333 if (auio->uio_segflg == UIO_SYSSPACE) {
334 bcopy(auio->uio_iov[i + 1].iov_base, opt->value,
337 error = copyin(auio->uio_iov[i + 1].iov_base,
344 vfs_sanitizeopts(opts);
353 * Merge the old mount options with the new ones passed
354 * in the MNT_UPDATE case.
356 * XXX This function will keep a "nofoo" option in the
357 * new options if there is no matching "foo" option
358 * to be cancelled in the old options. This is a bug
359 * if the option's canonical name is "foo". E.g., "noro"
360 * shouldn't end up in the mount point's active options,
364 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts)
366 struct vfsopt *opt, *opt2, *new;
368 TAILQ_FOREACH(opt, opts, link) {
370 * Check that this option hasn't been redefined
371 * nor cancelled with a "no" mount option.
373 opt2 = TAILQ_FIRST(toopts);
374 while (opt2 != NULL) {
375 if (strcmp(opt2->name, opt->name) == 0)
377 if (strncmp(opt2->name, "no", 2) == 0 &&
378 strcmp(opt2->name + 2, opt->name) == 0) {
379 vfs_freeopt(toopts, opt2);
382 opt2 = TAILQ_NEXT(opt2, link);
384 /* We want this option, duplicate it. */
385 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK);
386 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK);
387 strcpy(new->name, opt->name);
389 new->value = malloc(opt->len, M_MOUNT, M_WAITOK);
390 bcopy(opt->value, new->value, opt->len);
395 new->seen = opt->seen;
396 TAILQ_INSERT_TAIL(toopts, new, link);
403 * Mount a filesystem.
408 struct nmount_args /* {
418 AUDIT_ARG_FFLAGS(uap->flags);
419 CTR4(KTR_VFS, "%s: iovp %p with iovcnt %d and flags %d", __func__,
420 uap->iovp, uap->iovcnt, uap->flags);
423 * Filter out MNT_ROOTFS. We do not want clients of nmount() in
424 * userspace to set this flag, but we must filter it out if we want
425 * MNT_UPDATE on the root file system to work.
426 * MNT_ROOTFS should only be set in the kernel in vfs_mountroot_try().
428 uap->flags &= ~MNT_ROOTFS;
430 iovcnt = uap->iovcnt;
432 * Check that we have an even number of iovec's
433 * and that we have at least two options.
435 if ((iovcnt & 1) || (iovcnt < 4)) {
436 CTR2(KTR_VFS, "%s: failed for invalid iovcnt %d", __func__,
441 error = copyinuio(uap->iovp, iovcnt, &auio);
443 CTR2(KTR_VFS, "%s: failed for invalid uio op with %d errno",
447 error = vfs_donmount(td, uap->flags, auio);
454 * ---------------------------------------------------------------------
455 * Various utility functions
459 vfs_ref(struct mount *mp)
462 CTR2(KTR_VFS, "%s: mp %p", __func__, mp);
469 vfs_rel(struct mount *mp)
472 CTR2(KTR_VFS, "%s: mp %p", __func__, mp);
479 mount_init(void *mem, int size, int flags)
483 mp = (struct mount *)mem;
484 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF);
485 lockinit(&mp->mnt_explock, PVFS, "explock", 0, 0);
490 mount_fini(void *mem, int size)
494 mp = (struct mount *)mem;
495 lockdestroy(&mp->mnt_explock);
496 mtx_destroy(&mp->mnt_mtx);
500 * Allocate and initialize the mount point struct.
503 vfs_mount_alloc(struct vnode *vp, struct vfsconf *vfsp, const char *fspath,
508 mp = uma_zalloc(mount_zone, M_WAITOK);
509 bzero(&mp->mnt_startzero,
510 __rangeof(struct mount, mnt_startzero, mnt_endzero));
511 TAILQ_INIT(&mp->mnt_nvnodelist);
512 mp->mnt_nvnodelistsize = 0;
514 (void) vfs_busy(mp, MBF_NOWAIT);
515 mp->mnt_op = vfsp->vfc_vfsops;
517 vfsp->vfc_refcount++; /* XXX Unlocked */
518 mp->mnt_stat.f_type = vfsp->vfc_typenum;
520 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN);
521 mp->mnt_vnodecovered = vp;
522 mp->mnt_cred = crdup(cred);
523 mp->mnt_stat.f_owner = cred->cr_uid;
524 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN);
525 mp->mnt_iosize_max = DFLTPHYS;
528 mac_mount_create(cred, mp);
530 arc4rand(&mp->mnt_hashseed, sizeof mp->mnt_hashseed, 0);
535 * Destroy the mount struct previously allocated by vfs_mount_alloc().
538 vfs_mount_destroy(struct mount *mp)
542 mp->mnt_kern_flag |= MNTK_REFEXPIRE;
543 if (mp->mnt_kern_flag & MNTK_MWAIT) {
544 mp->mnt_kern_flag &= ~MNTK_MWAIT;
548 msleep(mp, MNT_MTX(mp), PVFS, "mntref", 0);
549 KASSERT(mp->mnt_ref == 0,
550 ("%s: invalid refcount in the drain path @ %s:%d", __func__,
551 __FILE__, __LINE__));
552 if (mp->mnt_writeopcount != 0)
553 panic("vfs_mount_destroy: nonzero writeopcount");
554 if (mp->mnt_secondary_writes != 0)
555 panic("vfs_mount_destroy: nonzero secondary_writes");
556 mp->mnt_vfc->vfc_refcount--;
557 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) {
560 TAILQ_FOREACH(vp, &mp->mnt_nvnodelist, v_nmntvnodes)
562 panic("unmount: dangling vnode");
564 if (mp->mnt_nvnodelistsize != 0)
565 panic("vfs_mount_destroy: nonzero nvnodelistsize");
566 if (mp->mnt_lockref != 0)
567 panic("vfs_mount_destroy: nonzero lock refcount");
570 mac_mount_destroy(mp);
572 if (mp->mnt_opt != NULL)
573 vfs_freeopts(mp->mnt_opt);
574 crfree(mp->mnt_cred);
575 uma_zfree(mount_zone, mp);
579 vfs_donmount(struct thread *td, int fsflags, struct uio *fsoptions)
581 struct vfsoptlist *optlist;
582 struct vfsopt *opt, *noro_opt, *tmp_opt;
583 char *fstype, *fspath, *errmsg;
584 int error, fstypelen, fspathlen, errmsg_len, errmsg_pos;
585 int has_rw, has_noro;
587 errmsg = fspath = NULL;
588 errmsg_len = has_noro = has_rw = fspathlen = 0;
591 error = vfs_buildopts(fsoptions, &optlist);
595 if (vfs_getopt(optlist, "errmsg", (void **)&errmsg, &errmsg_len) == 0)
596 errmsg_pos = vfs_getopt_pos(optlist, "errmsg");
599 * We need these two options before the others,
600 * and they are mandatory for any filesystem.
601 * Ensure they are NUL terminated as well.
604 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen);
605 if (error || fstype[fstypelen - 1] != '\0') {
608 strncpy(errmsg, "Invalid fstype", errmsg_len);
612 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen);
613 if (error || fspath[fspathlen - 1] != '\0') {
616 strncpy(errmsg, "Invalid fspath", errmsg_len);
621 * We need to see if we have the "update" option
622 * before we call vfs_domount(), since vfs_domount() has special
623 * logic based on MNT_UPDATE. This is very important
624 * when we want to update the root filesystem.
626 TAILQ_FOREACH_SAFE(opt, optlist, link, tmp_opt) {
627 if (strcmp(opt->name, "update") == 0) {
628 fsflags |= MNT_UPDATE;
629 vfs_freeopt(optlist, opt);
631 else if (strcmp(opt->name, "async") == 0)
632 fsflags |= MNT_ASYNC;
633 else if (strcmp(opt->name, "force") == 0) {
634 fsflags |= MNT_FORCE;
635 vfs_freeopt(optlist, opt);
637 else if (strcmp(opt->name, "reload") == 0) {
638 fsflags |= MNT_RELOAD;
639 vfs_freeopt(optlist, opt);
641 else if (strcmp(opt->name, "multilabel") == 0)
642 fsflags |= MNT_MULTILABEL;
643 else if (strcmp(opt->name, "noasync") == 0)
644 fsflags &= ~MNT_ASYNC;
645 else if (strcmp(opt->name, "noatime") == 0)
646 fsflags |= MNT_NOATIME;
647 else if (strcmp(opt->name, "atime") == 0) {
648 free(opt->name, M_MOUNT);
649 opt->name = strdup("nonoatime", M_MOUNT);
651 else if (strcmp(opt->name, "noclusterr") == 0)
652 fsflags |= MNT_NOCLUSTERR;
653 else if (strcmp(opt->name, "clusterr") == 0) {
654 free(opt->name, M_MOUNT);
655 opt->name = strdup("nonoclusterr", M_MOUNT);
657 else if (strcmp(opt->name, "noclusterw") == 0)
658 fsflags |= MNT_NOCLUSTERW;
659 else if (strcmp(opt->name, "clusterw") == 0) {
660 free(opt->name, M_MOUNT);
661 opt->name = strdup("nonoclusterw", M_MOUNT);
663 else if (strcmp(opt->name, "noexec") == 0)
664 fsflags |= MNT_NOEXEC;
665 else if (strcmp(opt->name, "exec") == 0) {
666 free(opt->name, M_MOUNT);
667 opt->name = strdup("nonoexec", M_MOUNT);
669 else if (strcmp(opt->name, "nosuid") == 0)
670 fsflags |= MNT_NOSUID;
671 else if (strcmp(opt->name, "suid") == 0) {
672 free(opt->name, M_MOUNT);
673 opt->name = strdup("nonosuid", M_MOUNT);
675 else if (strcmp(opt->name, "nosymfollow") == 0)
676 fsflags |= MNT_NOSYMFOLLOW;
677 else if (strcmp(opt->name, "symfollow") == 0) {
678 free(opt->name, M_MOUNT);
679 opt->name = strdup("nonosymfollow", M_MOUNT);
681 else if (strcmp(opt->name, "noro") == 0) {
682 fsflags &= ~MNT_RDONLY;
685 else if (strcmp(opt->name, "rw") == 0) {
686 fsflags &= ~MNT_RDONLY;
689 else if (strcmp(opt->name, "ro") == 0)
690 fsflags |= MNT_RDONLY;
691 else if (strcmp(opt->name, "rdonly") == 0) {
692 free(opt->name, M_MOUNT);
693 opt->name = strdup("ro", M_MOUNT);
694 fsflags |= MNT_RDONLY;
696 else if (strcmp(opt->name, "suiddir") == 0)
697 fsflags |= MNT_SUIDDIR;
698 else if (strcmp(opt->name, "sync") == 0)
699 fsflags |= MNT_SYNCHRONOUS;
700 else if (strcmp(opt->name, "union") == 0)
701 fsflags |= MNT_UNION;
705 * If "rw" was specified as a mount option, and we
706 * are trying to update a mount-point from "ro" to "rw",
707 * we need a mount option "noro", since in vfs_mergeopts(),
708 * "noro" will cancel "ro", but "rw" will not do anything.
710 if (has_rw && !has_noro) {
711 noro_opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK);
712 noro_opt->name = strdup("noro", M_MOUNT);
713 noro_opt->value = NULL;
717 TAILQ_INSERT_TAIL(optlist, noro_opt, link);
721 * Be ultra-paranoid about making sure the type and fspath
722 * variables will fit in our mp buffers, including the
725 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) {
726 error = ENAMETOOLONG;
731 error = vfs_domount(td, fstype, fspath, fsflags, optlist);
734 /* copyout the errmsg */
735 if (errmsg_pos != -1 && ((2 * errmsg_pos + 1) < fsoptions->uio_iovcnt)
736 && errmsg_len > 0 && errmsg != NULL) {
737 if (fsoptions->uio_segflg == UIO_SYSSPACE) {
739 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base,
740 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len);
743 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base,
744 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len);
749 vfs_freeopts(optlist);
756 #ifndef _SYS_SYSPROTO_H_
768 struct mount_args /* {
776 struct vfsconf *vfsp = NULL;
777 struct mntarg *ma = NULL;
780 AUDIT_ARG_FFLAGS(uap->flags);
783 * Filter out MNT_ROOTFS. We do not want clients of mount() in
784 * userspace to set this flag, but we must filter it out if we want
785 * MNT_UPDATE on the root file system to work.
786 * MNT_ROOTFS should only be set in the kernel in vfs_mountroot_try().
788 uap->flags &= ~MNT_ROOTFS;
790 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK);
791 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL);
793 free(fstype, M_TEMP);
797 AUDIT_ARG_TEXT(fstype);
799 vfsp = vfs_byname_kld(fstype, td, &error);
800 free(fstype, M_TEMP);
805 if (vfsp->vfc_vfsops->vfs_cmount == NULL) {
810 ma = mount_argsu(ma, "fstype", uap->type, MNAMELEN);
811 ma = mount_argsu(ma, "fspath", uap->path, MNAMELEN);
812 ma = mount_argb(ma, uap->flags & MNT_RDONLY, "noro");
813 ma = mount_argb(ma, !(uap->flags & MNT_NOSUID), "nosuid");
814 ma = mount_argb(ma, !(uap->flags & MNT_NOEXEC), "noexec");
816 error = vfsp->vfc_vfsops->vfs_cmount(ma, uap->data, uap->flags);
823 * vfs_domount(): actually attempt a filesystem mount.
827 struct thread *td, /* Calling thread. */
828 const char *fstype, /* Filesystem type. */
829 char *fspath, /* Mount path. */
830 int fsflags, /* Flags common to all filesystems. */
831 void *fsdata /* Options local to the filesystem. */
836 struct vfsconf *vfsp;
837 struct oexport_args oexport;
838 struct export_args export;
843 mtx_assert(&Giant, MA_OWNED);
845 * Be ultra-paranoid about making sure the type and fspath
846 * variables will fit in our mp buffers, including the
849 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN)
850 return (ENAMETOOLONG);
852 if (jailed(td->td_ucred) || usermount == 0) {
853 if ((error = priv_check(td, PRIV_VFS_MOUNT)) != 0)
858 * Do not allow NFS export or MNT_SUIDDIR by unprivileged users.
860 if (fsflags & MNT_EXPORTED) {
861 error = priv_check(td, PRIV_VFS_MOUNT_EXPORTED);
865 if (fsflags & MNT_SUIDDIR) {
866 error = priv_check(td, PRIV_VFS_MOUNT_SUIDDIR);
871 * Silently enforce MNT_NOSUID and MNT_USER for unprivileged users.
873 if ((fsflags & (MNT_NOSUID | MNT_USER)) != (MNT_NOSUID | MNT_USER)) {
874 if (priv_check(td, PRIV_VFS_MOUNT_NONUSER) != 0)
875 fsflags |= MNT_NOSUID | MNT_USER;
878 /* Load KLDs before we lock the covered vnode to avoid reversals. */
880 if ((fsflags & MNT_UPDATE) == 0) {
881 /* Don't try to load KLDs if we're mounting the root. */
882 if (fsflags & MNT_ROOTFS)
883 vfsp = vfs_byname(fstype);
885 vfsp = vfs_byname_kld(fstype, td, &error);
888 if (jailed(td->td_ucred) && !(vfsp->vfc_flags & VFCF_JAIL))
892 * Get vnode to be covered
894 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_SYSSPACE,
896 if ((error = namei(&nd)) != 0)
898 NDFREE(&nd, NDF_ONLY_PNBUF);
900 if (fsflags & MNT_UPDATE) {
901 if ((vp->v_vflag & VV_ROOT) == 0) {
909 * We only allow the filesystem to be reloaded if it
910 * is currently mounted read-only.
912 if ((fsflags & MNT_RELOAD) &&
913 ((mp->mnt_flag & MNT_RDONLY) == 0)) {
916 return (EOPNOTSUPP); /* Needs translation */
920 * Only privileged root, or (if MNT_USER is set) the user that
921 * did the original mount is permitted to update it.
923 error = vfs_suser(mp, td);
928 if (vfs_busy(mp, MBF_NOWAIT)) {
933 if ((vp->v_iflag & VI_MOUNT) != 0 ||
934 vp->v_mountedhere != NULL) {
940 vp->v_iflag |= VI_MOUNT;
943 mp->mnt_flag |= fsflags &
944 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT | MNT_ROOTFS);
947 mp->mnt_optnew = fsdata;
948 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt);
951 * If the user is not root, ensure that they own the directory
952 * onto which we are attempting to mount.
954 error = VOP_GETATTR(vp, &va, td->td_ucred);
959 if (va.va_uid != td->td_ucred->cr_uid) {
960 error = priv_check_cred(td->td_ucred, PRIV_VFS_ADMIN,
967 error = vinvalbuf(vp, V_SAVE, 0, 0);
972 if (vp->v_type != VDIR) {
977 if ((vp->v_iflag & VI_MOUNT) != 0 ||
978 vp->v_mountedhere != NULL) {
983 vp->v_iflag |= VI_MOUNT;
987 * Allocate and initialize the filesystem.
989 mp = vfs_mount_alloc(vp, vfsp, fspath, td->td_ucred);
992 /* XXXMAC: pass to vfs_mount_alloc? */
993 mp->mnt_optnew = fsdata;
997 * Set the mount level flags.
1000 mp->mnt_flag = (mp->mnt_flag & ~MNT_UPDATEMASK) |
1001 (fsflags & (MNT_UPDATEMASK | MNT_FORCE | MNT_ROOTFS |
1003 if ((mp->mnt_flag & MNT_ASYNC) == 0)
1004 mp->mnt_kern_flag &= ~MNTK_ASYNC;
1007 * Mount the filesystem.
1008 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they
1009 * get. No freeing of cn_pnbuf.
1011 error = VFS_MOUNT(mp);
1014 * Process the export option only if we are
1015 * updating mount options.
1017 if (!error && (fsflags & MNT_UPDATE)) {
1018 if (vfs_copyopt(mp->mnt_optnew, "export", &export,
1019 sizeof(export)) == 0)
1020 error = vfs_export(mp, &export);
1021 else if (vfs_copyopt(mp->mnt_optnew, "export", &oexport,
1022 sizeof(oexport)) == 0) {
1023 export.ex_flags = oexport.ex_flags;
1024 export.ex_root = oexport.ex_root;
1025 export.ex_anon = oexport.ex_anon;
1026 export.ex_addr = oexport.ex_addr;
1027 export.ex_addrlen = oexport.ex_addrlen;
1028 export.ex_mask = oexport.ex_mask;
1029 export.ex_masklen = oexport.ex_masklen;
1030 export.ex_indexfile = oexport.ex_indexfile;
1031 export.ex_numsecflavors = 0;
1032 error = vfs_export(mp, &export);
1037 if (mp->mnt_opt != NULL)
1038 vfs_freeopts(mp->mnt_opt);
1039 mp->mnt_opt = mp->mnt_optnew;
1040 (void)VFS_STATFS(mp, &mp->mnt_stat);
1043 * Prevent external consumers of mount options from reading
1046 mp->mnt_optnew = NULL;
1047 if (mp->mnt_flag & MNT_UPDATE) {
1050 mp->mnt_flag = (mp->mnt_flag & MNT_QUOTA) |
1051 (flag & ~MNT_QUOTA);
1053 mp->mnt_flag &= ~(MNT_UPDATE | MNT_RELOAD |
1054 MNT_FORCE | MNT_SNAPSHOT);
1055 if ((mp->mnt_flag & MNT_ASYNC) != 0 && mp->mnt_noasync == 0)
1056 mp->mnt_kern_flag |= MNTK_ASYNC;
1058 mp->mnt_kern_flag &= ~MNTK_ASYNC;
1060 if ((mp->mnt_flag & MNT_RDONLY) == 0) {
1061 if (mp->mnt_syncer == NULL)
1062 error = vfs_allocate_syncvnode(mp);
1064 if (mp->mnt_syncer != NULL)
1065 vrele(mp->mnt_syncer);
1066 mp->mnt_syncer = NULL;
1070 vp->v_iflag &= ~VI_MOUNT;
1076 if ((mp->mnt_flag & MNT_ASYNC) != 0 && mp->mnt_noasync == 0)
1077 mp->mnt_kern_flag |= MNTK_ASYNC;
1079 mp->mnt_kern_flag &= ~MNTK_ASYNC;
1081 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
1083 * Put the new filesystem on the mount list after root.
1087 struct vnode *newdp;
1090 vp->v_iflag &= ~VI_MOUNT;
1092 vp->v_mountedhere = mp;
1093 mtx_lock(&mountlist_mtx);
1094 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list);
1095 mtx_unlock(&mountlist_mtx);
1096 vfs_event_signal(NULL, VQ_MOUNT, 0);
1097 if (VFS_ROOT(mp, LK_EXCLUSIVE, &newdp))
1098 panic("mount: lost mount");
1099 VOP_UNLOCK(newdp, 0);
1101 mountcheckdirs(vp, newdp);
1103 if ((mp->mnt_flag & MNT_RDONLY) == 0)
1104 error = vfs_allocate_syncvnode(mp);
1110 vp->v_iflag &= ~VI_MOUNT;
1113 vfs_mount_destroy(mp);
1120 * Unmount a filesystem.
1122 * Note: unmount takes a path to the vnode mounted on as argument, not
1123 * special file (as before).
1125 #ifndef _SYS_SYSPROTO_H_
1126 struct unmount_args {
1135 register struct unmount_args /* {
1142 int error, id0, id1;
1144 AUDIT_ARG_VALUE(uap->flags);
1145 if (jailed(td->td_ucred) || usermount == 0) {
1146 error = priv_check(td, PRIV_VFS_UNMOUNT);
1151 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK);
1152 error = copyinstr(uap->path, pathbuf, MNAMELEN, NULL);
1154 free(pathbuf, M_TEMP);
1158 if (uap->flags & MNT_BYFSID) {
1159 AUDIT_ARG_TEXT(pathbuf);
1160 /* Decode the filesystem ID. */
1161 if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) {
1163 free(pathbuf, M_TEMP);
1167 mtx_lock(&mountlist_mtx);
1168 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) {
1169 if (mp->mnt_stat.f_fsid.val[0] == id0 &&
1170 mp->mnt_stat.f_fsid.val[1] == id1)
1173 mtx_unlock(&mountlist_mtx);
1175 AUDIT_ARG_UPATH1(td, pathbuf);
1176 mtx_lock(&mountlist_mtx);
1177 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) {
1178 if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0)
1181 mtx_unlock(&mountlist_mtx);
1183 free(pathbuf, M_TEMP);
1186 * Previously we returned ENOENT for a nonexistent path and
1187 * EINVAL for a non-mountpoint. We cannot tell these apart
1188 * now, so in the !MNT_BYFSID case return the more likely
1189 * EINVAL for compatibility.
1192 return ((uap->flags & MNT_BYFSID) ? ENOENT : EINVAL);
1196 * Don't allow unmounting the root filesystem.
1198 if (mp->mnt_flag & MNT_ROOTFS) {
1202 error = dounmount(mp, uap->flags, td);
1208 * Do the actual filesystem unmount.
1211 dounmount(mp, flags, td)
1216 struct vnode *coveredvp, *fsrootvp;
1221 mtx_assert(&Giant, MA_OWNED);
1223 if ((coveredvp = mp->mnt_vnodecovered) != NULL) {
1224 mnt_gen_r = mp->mnt_gen;
1227 vn_lock(coveredvp, LK_EXCLUSIVE | LK_INTERLOCK | LK_RETRY);
1230 * Check for mp being unmounted while waiting for the
1231 * covered vnode lock.
1233 if (coveredvp->v_mountedhere != mp ||
1234 coveredvp->v_mountedhere->mnt_gen != mnt_gen_r) {
1235 VOP_UNLOCK(coveredvp, 0);
1240 * Only privileged root, or (if MNT_USER is set) the user that did the
1241 * original mount is permitted to unmount this filesystem.
1243 error = vfs_suser(mp, td);
1246 VOP_UNLOCK(coveredvp, 0);
1251 if (mp->mnt_kern_flag & MNTK_UNMOUNT) {
1254 VOP_UNLOCK(coveredvp, 0);
1257 mp->mnt_kern_flag |= MNTK_UNMOUNT | MNTK_NOINSMNTQ;
1258 /* Allow filesystems to detect that a forced unmount is in progress. */
1259 if (flags & MNT_FORCE)
1260 mp->mnt_kern_flag |= MNTK_UNMOUNTF;
1262 if (mp->mnt_lockref) {
1263 if ((flags & MNT_FORCE) == 0) {
1264 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_NOINSMNTQ |
1266 if (mp->mnt_kern_flag & MNTK_MWAIT) {
1267 mp->mnt_kern_flag &= ~MNTK_MWAIT;
1272 VOP_UNLOCK(coveredvp, 0);
1275 mp->mnt_kern_flag |= MNTK_DRAINING;
1276 error = msleep(&mp->mnt_lockref, MNT_MTX(mp), PVFS,
1280 KASSERT(mp->mnt_lockref == 0,
1281 ("%s: invalid lock refcount in the drain path @ %s:%d",
1282 __func__, __FILE__, __LINE__));
1284 ("%s: invalid return value for msleep in the drain path @ %s:%d",
1285 __func__, __FILE__, __LINE__));
1286 vn_start_write(NULL, &mp, V_WAIT);
1288 if (mp->mnt_flag & MNT_EXPUBLIC)
1289 vfs_setpublicfs(NULL, NULL, NULL);
1291 vfs_msync(mp, MNT_WAIT);
1293 async_flag = mp->mnt_flag & MNT_ASYNC;
1294 mp->mnt_flag &= ~MNT_ASYNC;
1295 mp->mnt_kern_flag &= ~MNTK_ASYNC;
1297 cache_purgevfs(mp); /* remove cache entries for this file sys */
1298 if (mp->mnt_syncer != NULL)
1299 vrele(mp->mnt_syncer);
1301 * For forced unmounts, move process cdir/rdir refs on the fs root
1302 * vnode to the covered vnode. For non-forced unmounts we want
1303 * such references to cause an EBUSY error.
1305 if ((flags & MNT_FORCE) &&
1306 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp) == 0) {
1307 if (mp->mnt_vnodecovered != NULL)
1308 mountcheckdirs(fsrootvp, mp->mnt_vnodecovered);
1309 if (fsrootvp == rootvnode) {
1315 if (((mp->mnt_flag & MNT_RDONLY) ||
1316 (error = VFS_SYNC(mp, MNT_WAIT)) == 0) || (flags & MNT_FORCE) != 0)
1317 error = VFS_UNMOUNT(mp, flags);
1318 vn_finished_write(mp);
1320 * If we failed to flush the dirty blocks for this mount point,
1321 * undo all the cdir/rdir and rootvnode changes we made above.
1322 * Unless we failed to do so because the device is reporting that
1323 * it doesn't exist anymore.
1325 if (error && error != ENXIO) {
1326 if ((flags & MNT_FORCE) &&
1327 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp) == 0) {
1328 if (mp->mnt_vnodecovered != NULL)
1329 mountcheckdirs(mp->mnt_vnodecovered, fsrootvp);
1330 if (rootvnode == NULL) {
1331 rootvnode = fsrootvp;
1337 mp->mnt_kern_flag &= ~MNTK_NOINSMNTQ;
1338 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) {
1340 (void) vfs_allocate_syncvnode(mp);
1343 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF);
1344 mp->mnt_flag |= async_flag;
1345 if ((mp->mnt_flag & MNT_ASYNC) != 0 && mp->mnt_noasync == 0)
1346 mp->mnt_kern_flag |= MNTK_ASYNC;
1347 if (mp->mnt_kern_flag & MNTK_MWAIT) {
1348 mp->mnt_kern_flag &= ~MNTK_MWAIT;
1353 VOP_UNLOCK(coveredvp, 0);
1356 mtx_lock(&mountlist_mtx);
1357 TAILQ_REMOVE(&mountlist, mp, mnt_list);
1358 mtx_unlock(&mountlist_mtx);
1359 if (coveredvp != NULL) {
1360 coveredvp->v_mountedhere = NULL;
1363 vfs_event_signal(NULL, VQ_UNMOUNT, 0);
1364 vfs_mount_destroy(mp);
1369 * ---------------------------------------------------------------------
1370 * Mounting of root filesystem
1374 struct root_hold_token {
1376 LIST_ENTRY(root_hold_token) list;
1379 static LIST_HEAD(, root_hold_token) root_holds =
1380 LIST_HEAD_INITIALIZER(root_holds);
1382 static int root_mount_complete;
1387 struct root_hold_token *
1388 root_mount_hold(const char *identifier)
1390 struct root_hold_token *h;
1395 h = malloc(sizeof *h, M_DEVBUF, M_ZERO | M_WAITOK);
1396 h->who = identifier;
1397 mtx_lock(&mountlist_mtx);
1398 LIST_INSERT_HEAD(&root_holds, h, list);
1399 mtx_unlock(&mountlist_mtx);
1404 * Release root mount.
1407 root_mount_rel(struct root_hold_token *h)
1412 mtx_lock(&mountlist_mtx);
1413 LIST_REMOVE(h, list);
1414 wakeup(&root_holds);
1415 mtx_unlock(&mountlist_mtx);
1420 * Wait for all subsystems to release root mount.
1423 root_mount_prepare(void)
1425 struct root_hold_token *h;
1426 struct timeval lastfail;
1433 mtx_lock(&mountlist_mtx);
1434 if (LIST_EMPTY(&root_holds)) {
1435 mtx_unlock(&mountlist_mtx);
1438 if (ppsratecheck(&lastfail, &curfail, 1)) {
1439 printf("Root mount waiting for:");
1440 LIST_FOREACH(h, &root_holds, list)
1441 printf(" %s", h->who);
1444 msleep(&root_holds, &mountlist_mtx, PZERO | PDROP, "roothold",
1450 * Root was mounted, share the good news.
1453 root_mount_done(void)
1456 /* Keep prison0's root in sync with the global rootvnode. */
1457 mtx_lock(&prison0.pr_mtx);
1458 prison0.pr_root = rootvnode;
1459 vref(prison0.pr_root);
1460 mtx_unlock(&prison0.pr_mtx);
1462 * Use a mutex to prevent the wakeup being missed and waiting for
1463 * an extra 1 second sleep.
1465 mtx_lock(&mountlist_mtx);
1466 root_mount_complete = 1;
1467 wakeup(&root_mount_complete);
1468 mtx_unlock(&mountlist_mtx);
1472 * Return true if root is already mounted.
1478 /* No mutex is acquired here because int stores are atomic. */
1479 return (root_mount_complete);
1483 * Wait until root is mounted.
1486 root_mount_wait(void)
1490 * Panic on an obvious deadlock - the function can't be called from
1491 * a thread which is doing the whole SYSINIT stuff.
1493 KASSERT(curthread->td_proc->p_pid != 0,
1494 ("root_mount_wait: cannot be called from the swapper thread"));
1495 mtx_lock(&mountlist_mtx);
1496 while (!root_mount_complete) {
1497 msleep(&root_mount_complete, &mountlist_mtx, PZERO, "rootwait",
1500 mtx_unlock(&mountlist_mtx);
1508 if (VFS_ROOT(TAILQ_FIRST(&mountlist), LK_EXCLUSIVE, &rootvnode))
1509 panic("Cannot find root vnode");
1511 VOP_UNLOCK(rootvnode, 0);
1513 p = curthread->td_proc;
1514 FILEDESC_XLOCK(p->p_fd);
1516 if (p->p_fd->fd_cdir != NULL)
1517 vrele(p->p_fd->fd_cdir);
1518 p->p_fd->fd_cdir = rootvnode;
1521 if (p->p_fd->fd_rdir != NULL)
1522 vrele(p->p_fd->fd_rdir);
1523 p->p_fd->fd_rdir = rootvnode;
1526 FILEDESC_XUNLOCK(p->p_fd);
1528 EVENTHANDLER_INVOKE(mountroot);
1532 * Mount /devfs as our root filesystem, but do not put it on the mountlist
1533 * yet. Create a /dev -> / symlink so that absolute pathnames will lookup.
1539 struct thread *td = curthread;
1540 struct vfsoptlist *opts;
1541 struct vfsconf *vfsp;
1542 struct mount *mp = NULL;
1545 vfsp = vfs_byname("devfs");
1546 KASSERT(vfsp != NULL, ("Could not find devfs by name"));
1550 mp = vfs_mount_alloc(NULLVP, vfsp, "/dev", td->td_ucred);
1552 error = VFS_MOUNT(mp);
1553 KASSERT(error == 0, ("VFS_MOUNT(devfs) failed %d", error));
1557 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK);
1561 mtx_lock(&mountlist_mtx);
1562 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list);
1563 mtx_unlock(&mountlist_mtx);
1567 error = kern_symlink(td, "/", "dev", UIO_SYSSPACE);
1569 printf("kern_symlink /dev -> / returns %d\n", error);
1573 * Surgically move our devfs to be mounted on /dev.
1577 devfs_fixup(struct thread *td)
1579 struct nameidata nd;
1581 struct vnode *vp, *dvp;
1584 /* Remove our devfs mount from the mountlist and purge the cache */
1585 mtx_lock(&mountlist_mtx);
1586 mp = TAILQ_FIRST(&mountlist);
1587 TAILQ_REMOVE(&mountlist, mp, mnt_list);
1588 mtx_unlock(&mountlist_mtx);
1591 VFS_ROOT(mp, LK_EXCLUSIVE, &dvp);
1593 dvp->v_iflag &= ~VI_MOUNT;
1595 dvp->v_mountedhere = NULL;
1597 /* Set up the real rootvnode, and purge the cache */
1598 TAILQ_FIRST(&mountlist)->mnt_vnodecovered = NULL;
1600 cache_purgevfs(rootvnode->v_mount);
1602 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, "/dev", td);
1605 printf("Lookup of /dev for devfs, error: %d\n", error);
1608 NDFREE(&nd, NDF_ONLY_PNBUF);
1610 if (vp->v_type != VDIR) {
1613 error = vinvalbuf(vp, V_SAVE, 0, 0);
1618 mp->mnt_vnodecovered = vp;
1619 vp->v_mountedhere = mp;
1620 mtx_lock(&mountlist_mtx);
1621 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list);
1622 mtx_unlock(&mountlist_mtx);
1627 /* Unlink the no longer needed /dev/dev -> / symlink */
1628 kern_unlink(td, "/dev/dev", UIO_SYSSPACE);
1632 * Report errors during filesystem mounting.
1635 vfs_mount_error(struct mount *mp, const char *fmt, ...)
1637 struct vfsoptlist *moptlist = mp->mnt_optnew;
1642 error = vfs_getopt(moptlist, "errmsg", (void **)&errmsg, &len);
1643 if (error || errmsg == NULL || len <= 0)
1647 vsnprintf(errmsg, (size_t)len, fmt, ap);
1652 vfs_opterror(struct vfsoptlist *opts, const char *fmt, ...)
1658 error = vfs_getopt(opts, "errmsg", (void **)&errmsg, &len);
1659 if (error || errmsg == NULL || len <= 0)
1663 vsnprintf(errmsg, (size_t)len, fmt, ap);
1668 * Find and mount the root filesystem
1673 char *cp, *cpt, *options, *tmpdev;
1674 int error, i, asked = 0;
1678 root_mount_prepare();
1680 mount_zone = uma_zcreate("Mountpoints", sizeof(struct mount),
1681 NULL, NULL, mount_init, mount_fini,
1682 UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
1686 * We are booted with instructions to prompt for the root filesystem.
1688 if (boothowto & RB_ASKNAME) {
1689 if (!vfs_mountroot_ask())
1694 options = getenv("vfs.root.mountfrom.options");
1697 * The root filesystem information is compiled in, and we are
1698 * booted with instructions to use it.
1700 if (ctrootdevname != NULL && (boothowto & RB_DFLTROOT)) {
1701 if (!vfs_mountroot_try(ctrootdevname, options))
1703 ctrootdevname = NULL;
1707 * We've been given the generic "use CDROM as root" flag. This is
1708 * necessary because one media may be used in many different
1709 * devices, so we need to search for them.
1711 if (boothowto & RB_CDROM) {
1712 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) {
1713 if (!vfs_mountroot_try(cdrom_rootdevnames[i], options))
1719 * Try to use the value read by the loader from /etc/fstab, or
1720 * supplied via some other means. This is the preferred
1723 cp = getenv("vfs.root.mountfrom");
1726 while ((tmpdev = strsep(&cpt, " \t")) != NULL) {
1727 error = vfs_mountroot_try(tmpdev, options);
1737 * Try values that may have been computed by code during boot
1739 if (!vfs_mountroot_try(rootdevnames[0], options))
1741 if (!vfs_mountroot_try(rootdevnames[1], options))
1745 * If we (still) have a compiled-in default, try it.
1747 if (ctrootdevname != NULL)
1748 if (!vfs_mountroot_try(ctrootdevname, options))
1751 * Everything so far has failed, prompt on the console if we haven't
1752 * already tried that.
1755 if (!vfs_mountroot_ask())
1758 panic("Root mount failed, startup aborted.");
1765 static struct mntarg *
1766 parse_mountroot_options(struct mntarg *ma, const char *options)
1769 char *name, *name_arg;
1770 char *val, *val_arg;
1773 if (options == NULL || options[0] == '\0')
1776 p = opts = strdup(options, M_MOUNT);
1781 while((name = strsep(&p, ",")) != NULL) {
1782 if (name[0] == '\0')
1785 val = strchr(name, '=');
1790 if( strcmp(name, "rw") == 0 ||
1791 strcmp(name, "noro") == 0) {
1793 * The first time we mount the root file system,
1794 * we need to mount 'ro', so We need to ignore
1795 * 'rw' and 'noro' mount options.
1799 name_arg = strdup(name, M_MOUNT);
1802 val_arg = strdup(val, M_MOUNT);
1804 ma = mount_arg(ma, name_arg, val_arg,
1805 (val_arg != NULL ? -1 : 0));
1807 free(opts, M_MOUNT);
1812 * Mount (mountfrom) as the root filesystem.
1815 vfs_mountroot_try(const char *mountfrom, const char *options)
1819 char *vfsname, *path;
1830 bzero(errmsg, sizeof(errmsg));
1832 if (mountfrom == NULL)
1833 return (error); /* don't complain */
1834 printf("Trying to mount root from %s\n", mountfrom);
1836 /* parse vfs name and path */
1837 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK);
1838 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK);
1839 vfsname[0] = path[0] = 0;
1840 sprintf(patt, "%%%d[a-z0-9]:%%%ds", MFSNAMELEN, MNAMELEN);
1841 if (sscanf(mountfrom, patt, vfsname, path) < 1)
1844 if (path[0] == '\0')
1845 strcpy(path, ROOTNAME);
1847 ma = mount_arg(ma, "fstype", vfsname, -1);
1848 ma = mount_arg(ma, "fspath", "/", -1);
1849 ma = mount_arg(ma, "from", path, -1);
1850 ma = mount_arg(ma, "errmsg", errmsg, sizeof(errmsg));
1851 ma = mount_arg(ma, "ro", NULL, 0);
1852 ma = parse_mountroot_options(ma, options);
1853 error = kernel_mount(ma, MNT_ROOTFS);
1857 * We mount devfs prior to mounting the / FS, so the first
1858 * entry will typically be devfs.
1860 mp = TAILQ_FIRST(&mountlist);
1861 KASSERT(mp != NULL, ("%s: mountlist is empty", __func__));
1864 * Iterate over all currently mounted file systems and use
1865 * the time stamp found to check and/or initialize the RTC.
1866 * Typically devfs has no time stamp and the only other FS
1867 * is the actual / FS.
1868 * Call inittodr() only once and pass it the largest of the
1869 * timestamps we encounter.
1873 if (mp->mnt_time > timebase)
1874 timebase = mp->mnt_time;
1875 mp = TAILQ_NEXT(mp, mnt_list);
1876 } while (mp != NULL);
1879 devfs_fixup(curthread);
1883 printf("ROOT MOUNT ERROR: %s\n", errmsg);
1884 printf("If you have invalid mount options, reboot, and ");
1885 printf("first try the following from\n");
1886 printf("the loader prompt:\n\n");
1887 printf(" set vfs.root.mountfrom.options=rw\n\n");
1888 printf("and then remove invalid mount options from ");
1889 printf("/etc/fstab.\n\n");
1892 free(path, M_MOUNT);
1893 free(vfsname, M_MOUNT);
1898 * ---------------------------------------------------------------------
1899 * Interactive root filesystem selection code.
1903 vfs_mountroot_ask(void)
1910 printf("Loader variables:\n");
1911 printf("vfs.root.mountfrom=");
1912 mountfrom = getenv("vfs.root.mountfrom");
1913 if (mountfrom != NULL) {
1914 printf("%s", mountfrom);
1917 printf("vfs.root.mountfrom.options=");
1918 options = getenv("vfs.root.mountfrom.options");
1919 if (options != NULL) {
1920 printf("%s", options);
1925 printf("\nManual root filesystem specification:\n");
1926 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n");
1927 printf(" eg. ufs:/dev/da0s1a\n");
1928 printf(" eg. cd9660:/dev/acd0\n");
1929 printf(" This is equivalent to: ");
1930 printf("mount -t cd9660 /dev/acd0 /\n");
1932 printf(" ? List valid disk boot devices\n");
1933 printf(" <empty line> Abort manual input\n");
1934 printf("\nmountroot> ");
1935 gets(name, sizeof(name), 1);
1936 if (name[0] == '\0')
1938 if (name[0] == '?') {
1939 printf("\nList of GEOM managed disk devices:\n ");
1943 if (!vfs_mountroot_try(name, NULL))
1949 * ---------------------------------------------------------------------
1950 * Functions for querying mount options/arguments from filesystems.
1954 * Check that no unknown options are given
1957 vfs_filteropt(struct vfsoptlist *opts, const char **legal)
1961 const char **t, *p, *q;
1964 TAILQ_FOREACH(opt, opts, link) {
1967 if (p[0] == 'n' && p[1] == 'o')
1969 for(t = global_opts; *t != NULL; t++) {
1970 if (strcmp(*t, p) == 0)
1973 if (strcmp(*t, q) == 0)
1979 for(t = legal; *t != NULL; t++) {
1980 if (strcmp(*t, p) == 0)
1983 if (strcmp(*t, q) == 0)
1989 snprintf(errmsg, sizeof(errmsg),
1990 "mount option <%s> is unknown", p);
1991 printf("%s\n", errmsg);
1995 TAILQ_FOREACH(opt, opts, link) {
1996 if (strcmp(opt->name, "errmsg") == 0) {
1997 strncpy((char *)opt->value, errmsg, opt->len);
2005 * Get a mount option by its name.
2007 * Return 0 if the option was found, ENOENT otherwise.
2008 * If len is non-NULL it will be filled with the length
2009 * of the option. If buf is non-NULL, it will be filled
2010 * with the address of the option.
2013 vfs_getopt(opts, name, buf, len)
2014 struct vfsoptlist *opts;
2021 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL"));
2023 TAILQ_FOREACH(opt, opts, link) {
2024 if (strcmp(name, opt->name) == 0) {
2037 vfs_getopt_pos(struct vfsoptlist *opts, const char *name)
2044 TAILQ_FOREACH(opt, opts, link) {
2045 if (strcmp(name, opt->name) == 0) {
2054 vfs_getopts(struct vfsoptlist *opts, const char *name, int *error)
2059 TAILQ_FOREACH(opt, opts, link) {
2060 if (strcmp(name, opt->name) != 0)
2063 if (opt->len == 0 ||
2064 ((char *)opt->value)[opt->len - 1] != '\0') {
2068 return (opt->value);
2075 vfs_flagopt(struct vfsoptlist *opts, const char *name, u_int *w, u_int val)
2079 TAILQ_FOREACH(opt, opts, link) {
2080 if (strcmp(name, opt->name) == 0) {
2093 vfs_scanopt(struct vfsoptlist *opts, const char *name, const char *fmt, ...)
2099 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL"));
2101 TAILQ_FOREACH(opt, opts, link) {
2102 if (strcmp(name, opt->name) != 0)
2105 if (opt->len == 0 || opt->value == NULL)
2107 if (((char *)opt->value)[opt->len - 1] != '\0')
2110 ret = vsscanf(opt->value, fmt, ap);
2118 vfs_setopt(struct vfsoptlist *opts, const char *name, void *value, int len)
2122 TAILQ_FOREACH(opt, opts, link) {
2123 if (strcmp(name, opt->name) != 0)
2126 if (opt->value == NULL)
2129 if (opt->len != len)
2131 bcopy(value, opt->value, len);
2139 vfs_setopt_part(struct vfsoptlist *opts, const char *name, void *value, int len)
2143 TAILQ_FOREACH(opt, opts, link) {
2144 if (strcmp(name, opt->name) != 0)
2147 if (opt->value == NULL)
2153 bcopy(value, opt->value, len);
2161 vfs_setopts(struct vfsoptlist *opts, const char *name, const char *value)
2165 TAILQ_FOREACH(opt, opts, link) {
2166 if (strcmp(name, opt->name) != 0)
2169 if (opt->value == NULL)
2170 opt->len = strlen(value) + 1;
2171 else if (strlcpy(opt->value, value, opt->len) >= opt->len)
2179 * Find and copy a mount option.
2181 * The size of the buffer has to be specified
2182 * in len, if it is not the same length as the
2183 * mount option, EINVAL is returned.
2184 * Returns ENOENT if the option is not found.
2187 vfs_copyopt(opts, name, dest, len)
2188 struct vfsoptlist *opts;
2195 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL"));
2197 TAILQ_FOREACH(opt, opts, link) {
2198 if (strcmp(name, opt->name) == 0) {
2200 if (len != opt->len)
2202 bcopy(opt->value, dest, opt->len);
2210 * This is a helper function for filesystems to traverse their
2211 * vnodes. See MNT_VNODE_FOREACH() in sys/mount.h
2215 __mnt_vnode_next(struct vnode **mvp, struct mount *mp)
2219 mtx_assert(MNT_MTX(mp), MA_OWNED);
2221 KASSERT((*mvp)->v_mount == mp, ("marker vnode mount list mismatch"));
2222 if ((*mvp)->v_yield++ == 500) {
2224 (*mvp)->v_yield = 0;
2228 vp = TAILQ_NEXT(*mvp, v_nmntvnodes);
2229 while (vp != NULL && vp->v_type == VMARKER)
2230 vp = TAILQ_NEXT(vp, v_nmntvnodes);
2232 /* Check if we are done */
2234 __mnt_vnode_markerfree(mvp, mp);
2237 TAILQ_REMOVE(&mp->mnt_nvnodelist, *mvp, v_nmntvnodes);
2238 TAILQ_INSERT_AFTER(&mp->mnt_nvnodelist, vp, *mvp, v_nmntvnodes);
2243 __mnt_vnode_first(struct vnode **mvp, struct mount *mp)
2247 mtx_assert(MNT_MTX(mp), MA_OWNED);
2249 vp = TAILQ_FIRST(&mp->mnt_nvnodelist);
2250 while (vp != NULL && vp->v_type == VMARKER)
2251 vp = TAILQ_NEXT(vp, v_nmntvnodes);
2253 /* Check if we are done */
2260 *mvp = (struct vnode *) malloc(sizeof(struct vnode),
2264 (*mvp)->v_type = VMARKER;
2266 vp = TAILQ_FIRST(&mp->mnt_nvnodelist);
2267 while (vp != NULL && vp->v_type == VMARKER)
2268 vp = TAILQ_NEXT(vp, v_nmntvnodes);
2270 /* Check if we are done */
2273 free(*mvp, M_VNODE_MARKER);
2279 (*mvp)->v_mount = mp;
2280 TAILQ_INSERT_AFTER(&mp->mnt_nvnodelist, vp, *mvp, v_nmntvnodes);
2286 __mnt_vnode_markerfree(struct vnode **mvp, struct mount *mp)
2292 mtx_assert(MNT_MTX(mp), MA_OWNED);
2294 KASSERT((*mvp)->v_mount == mp, ("marker vnode mount list mismatch"));
2295 TAILQ_REMOVE(&mp->mnt_nvnodelist, *mvp, v_nmntvnodes);
2297 free(*mvp, M_VNODE_MARKER);
2305 __vfs_statfs(struct mount *mp, struct statfs *sbp)
2309 error = mp->mnt_op->vfs_statfs(mp, &mp->mnt_stat);
2310 if (sbp != &mp->mnt_stat)
2311 *sbp = mp->mnt_stat;
2316 vfs_mountedfrom(struct mount *mp, const char *from)
2319 bzero(mp->mnt_stat.f_mntfromname, sizeof mp->mnt_stat.f_mntfromname);
2320 strlcpy(mp->mnt_stat.f_mntfromname, from,
2321 sizeof mp->mnt_stat.f_mntfromname);
2325 * ---------------------------------------------------------------------
2326 * This is the api for building mount args and mounting filesystems from
2327 * inside the kernel.
2329 * The API works by accumulation of individual args. First error is
2332 * XXX: should be documented in new manpage kernel_mount(9)
2335 /* A memory allocation which must be freed when we are done */
2337 SLIST_ENTRY(mntaarg) next;
2340 /* The header for the mount arguments */
2345 SLIST_HEAD(, mntaarg) list;
2349 * Add a boolean argument.
2351 * flag is the boolean value.
2352 * name must start with "no".
2355 mount_argb(struct mntarg *ma, int flag, const char *name)
2358 KASSERT(name[0] == 'n' && name[1] == 'o',
2359 ("mount_argb(...,%s): name must start with 'no'", name));
2361 return (mount_arg(ma, name + (flag ? 2 : 0), NULL, 0));
2365 * Add an argument printf style
2368 mount_argf(struct mntarg *ma, const char *name, const char *fmt, ...)
2371 struct mntaarg *maa;
2376 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO);
2377 SLIST_INIT(&ma->list);
2382 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2),
2384 ma->v[ma->len].iov_base = (void *)(uintptr_t)name;
2385 ma->v[ma->len].iov_len = strlen(name) + 1;
2388 sb = sbuf_new_auto();
2390 sbuf_vprintf(sb, fmt, ap);
2393 len = sbuf_len(sb) + 1;
2394 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO);
2395 SLIST_INSERT_HEAD(&ma->list, maa, next);
2396 bcopy(sbuf_data(sb), maa + 1, len);
2399 ma->v[ma->len].iov_base = maa + 1;
2400 ma->v[ma->len].iov_len = len;
2407 * Add an argument which is a userland string.
2410 mount_argsu(struct mntarg *ma, const char *name, const void *val, int len)
2412 struct mntaarg *maa;
2418 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO);
2419 SLIST_INIT(&ma->list);
2423 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO);
2424 SLIST_INSERT_HEAD(&ma->list, maa, next);
2425 tbuf = (void *)(maa + 1);
2426 ma->error = copyinstr(val, tbuf, len, NULL);
2427 return (mount_arg(ma, name, tbuf, -1));
2433 * If length is -1, treat value as a C string.
2436 mount_arg(struct mntarg *ma, const char *name, const void *val, int len)
2440 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO);
2441 SLIST_INIT(&ma->list);
2446 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2),
2448 ma->v[ma->len].iov_base = (void *)(uintptr_t)name;
2449 ma->v[ma->len].iov_len = strlen(name) + 1;
2452 ma->v[ma->len].iov_base = (void *)(uintptr_t)val;
2454 ma->v[ma->len].iov_len = strlen(val) + 1;
2456 ma->v[ma->len].iov_len = len;
2462 * Free a mntarg structure
2465 free_mntarg(struct mntarg *ma)
2467 struct mntaarg *maa;
2469 while (!SLIST_EMPTY(&ma->list)) {
2470 maa = SLIST_FIRST(&ma->list);
2471 SLIST_REMOVE_HEAD(&ma->list, next);
2474 free(ma->v, M_MOUNT);
2479 * Mount a filesystem
2482 kernel_mount(struct mntarg *ma, int flags)
2487 KASSERT(ma != NULL, ("kernel_mount NULL ma"));
2488 KASSERT(ma->v != NULL, ("kernel_mount NULL ma->v"));
2489 KASSERT(!(ma->len & 1), ("kernel_mount odd ma->len (%d)", ma->len));
2491 auio.uio_iov = ma->v;
2492 auio.uio_iovcnt = ma->len;
2493 auio.uio_segflg = UIO_SYSSPACE;
2497 error = vfs_donmount(curthread, flags, &auio);
2503 * A printflike function to mount a filesystem.
2506 kernel_vmount(int flags, ...)
2508 struct mntarg *ma = NULL;
2514 va_start(ap, flags);
2516 cp = va_arg(ap, const char *);
2519 vp = va_arg(ap, const void *);
2520 ma = mount_arg(ma, cp, vp, (vp != NULL ? -1 : 0));
2524 error = kernel_mount(ma, flags);
2529 vfs_oexport_conv(const struct oexport_args *oexp, struct export_args *exp)
2532 bcopy(oexp, exp, sizeof(*oexp));
2533 exp->ex_numsecflavors = 0;
projects / FreeBSD / stable / 8.git / blob