2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1999-2004 Poul-Henning Kamp
5 * Copyright (c) 1999 Michael Smith
6 * Copyright (c) 1989, 1993
7 * The Regents of the University of California. All rights reserved.
8 * (c) UNIX System Laboratories, Inc.
9 * All or some portions of this file are derived from material licensed
10 * to the University of California by American Telephone and Telegraph
11 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
12 * the permission of UNIX System Laboratories, Inc.
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
17 * 1. Redistributions of source code must retain the above copyright
18 * notice, this list of conditions and the following disclaimer.
19 * 2. Redistributions in binary form must reproduce the above copyright
20 * notice, this list of conditions and the following disclaimer in the
21 * documentation and/or other materials provided with the distribution.
22 * 3. Neither the name of the University nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39 #include <sys/cdefs.h>
40 __FBSDID("$FreeBSD$");
42 #include <sys/param.h>
45 #include <sys/eventhandler.h>
46 #include <sys/fcntl.h>
48 #include <sys/kernel.h>
50 #include <sys/libkern.h>
51 #include <sys/malloc.h>
52 #include <sys/mount.h>
53 #include <sys/mutex.h>
54 #include <sys/namei.h>
57 #include <sys/filedesc.h>
58 #include <sys/reboot.h>
60 #include <sys/syscallsubr.h>
61 #include <sys/sysproto.h>
63 #include <sys/sysctl.h>
64 #include <sys/sysent.h>
65 #include <sys/systm.h>
66 #include <sys/vnode.h>
69 #include <geom/geom.h>
71 #include <machine/stdarg.h>
73 #include <security/audit/audit.h>
74 #include <security/mac/mac_framework.h>
76 #define VFS_MOUNTARG_SIZE_MAX (1024 * 64)
78 static int vfs_domount(struct thread *td, const char *fstype, char *fspath,
79 uint64_t fsflags, struct vfsoptlist **optlist);
80 static void free_mntarg(struct mntarg *ma);
82 static int usermount = 0;
83 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0,
84 "Unprivileged users may mount and unmount file systems");
86 static bool default_autoro = false;
87 SYSCTL_BOOL(_vfs, OID_AUTO, default_autoro, CTLFLAG_RW, &default_autoro, 0,
88 "Retry failed r/w mount as r/o if no explicit ro/rw option is specified");
90 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure");
91 MALLOC_DEFINE(M_STATFS, "statfs", "statfs structure");
92 static uma_zone_t mount_zone;
94 /* List of mounted filesystems. */
95 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist);
97 /* For any iteration/modification of mountlist */
98 struct mtx mountlist_mtx;
99 MTX_SYSINIT(mountlist, &mountlist_mtx, "mountlist", MTX_DEF);
101 EVENTHANDLER_LIST_DEFINE(vfs_mounted);
102 EVENTHANDLER_LIST_DEFINE(vfs_unmounted);
105 * Global opts, taken by all filesystems
107 static const char *global_opts[] = {
119 mount_init(void *mem, int size, int flags)
123 mp = (struct mount *)mem;
124 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF);
125 mtx_init(&mp->mnt_listmtx, "struct mount vlist mtx", NULL, MTX_DEF);
126 lockinit(&mp->mnt_explock, PVFS, "explock", 0, 0);
127 mp->mnt_thread_in_ops_pcpu = uma_zalloc_pcpu(pcpu_zone_int,
129 mp->mnt_ref_pcpu = uma_zalloc_pcpu(pcpu_zone_int,
131 mp->mnt_lockref_pcpu = uma_zalloc_pcpu(pcpu_zone_int,
133 mp->mnt_writeopcount_pcpu = uma_zalloc_pcpu(pcpu_zone_int,
137 mp->mnt_rootvnode = NULL;
142 mount_fini(void *mem, int size)
146 mp = (struct mount *)mem;
147 uma_zfree_pcpu(pcpu_zone_int, mp->mnt_writeopcount_pcpu);
148 uma_zfree_pcpu(pcpu_zone_int, mp->mnt_lockref_pcpu);
149 uma_zfree_pcpu(pcpu_zone_int, mp->mnt_ref_pcpu);
150 uma_zfree_pcpu(pcpu_zone_int, mp->mnt_thread_in_ops_pcpu);
151 lockdestroy(&mp->mnt_explock);
152 mtx_destroy(&mp->mnt_listmtx);
153 mtx_destroy(&mp->mnt_mtx);
157 vfs_mount_init(void *dummy __unused)
160 mount_zone = uma_zcreate("Mountpoints", sizeof(struct mount), NULL,
161 NULL, mount_init, mount_fini, UMA_ALIGN_CACHE, UMA_ZONE_NOFREE);
163 SYSINIT(vfs_mount, SI_SUB_VFS, SI_ORDER_ANY, vfs_mount_init, NULL);
166 * ---------------------------------------------------------------------
167 * Functions for building and sanitizing the mount options
170 /* Remove one mount option. */
172 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt)
175 TAILQ_REMOVE(opts, opt, link);
176 free(opt->name, M_MOUNT);
177 if (opt->value != NULL)
178 free(opt->value, M_MOUNT);
182 /* Release all resources related to the mount options. */
184 vfs_freeopts(struct vfsoptlist *opts)
188 while (!TAILQ_EMPTY(opts)) {
189 opt = TAILQ_FIRST(opts);
190 vfs_freeopt(opts, opt);
196 vfs_deleteopt(struct vfsoptlist *opts, const char *name)
198 struct vfsopt *opt, *temp;
202 TAILQ_FOREACH_SAFE(opt, opts, link, temp) {
203 if (strcmp(opt->name, name) == 0)
204 vfs_freeopt(opts, opt);
209 vfs_isopt_ro(const char *opt)
212 if (strcmp(opt, "ro") == 0 || strcmp(opt, "rdonly") == 0 ||
213 strcmp(opt, "norw") == 0)
219 vfs_isopt_rw(const char *opt)
222 if (strcmp(opt, "rw") == 0 || strcmp(opt, "noro") == 0)
228 * Check if options are equal (with or without the "no" prefix).
231 vfs_equalopts(const char *opt1, const char *opt2)
235 /* "opt" vs. "opt" or "noopt" vs. "noopt" */
236 if (strcmp(opt1, opt2) == 0)
238 /* "noopt" vs. "opt" */
239 if (strncmp(opt1, "no", 2) == 0 && strcmp(opt1 + 2, opt2) == 0)
241 /* "opt" vs. "noopt" */
242 if (strncmp(opt2, "no", 2) == 0 && strcmp(opt1, opt2 + 2) == 0)
244 while ((p = strchr(opt1, '.')) != NULL &&
245 !strncmp(opt1, opt2, ++p - opt1)) {
248 /* "foo.noopt" vs. "foo.opt" */
249 if (strncmp(opt1, "no", 2) == 0 && strcmp(opt1 + 2, opt2) == 0)
251 /* "foo.opt" vs. "foo.noopt" */
252 if (strncmp(opt2, "no", 2) == 0 && strcmp(opt1, opt2 + 2) == 0)
255 /* "ro" / "rdonly" / "norw" / "rw" / "noro" */
256 if ((vfs_isopt_ro(opt1) || vfs_isopt_rw(opt1)) &&
257 (vfs_isopt_ro(opt2) || vfs_isopt_rw(opt2)))
263 * If a mount option is specified several times,
264 * (with or without the "no" prefix) only keep
265 * the last occurrence of it.
268 vfs_sanitizeopts(struct vfsoptlist *opts)
270 struct vfsopt *opt, *opt2, *tmp;
272 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) {
273 opt2 = TAILQ_PREV(opt, vfsoptlist, link);
274 while (opt2 != NULL) {
275 if (vfs_equalopts(opt->name, opt2->name)) {
276 tmp = TAILQ_PREV(opt2, vfsoptlist, link);
277 vfs_freeopt(opts, opt2);
280 opt2 = TAILQ_PREV(opt2, vfsoptlist, link);
287 * Build a linked list of mount options from a struct uio.
290 vfs_buildopts(struct uio *auio, struct vfsoptlist **options)
292 struct vfsoptlist *opts;
294 size_t memused, namelen, optlen;
295 unsigned int i, iovcnt;
298 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK);
301 iovcnt = auio->uio_iovcnt;
302 for (i = 0; i < iovcnt; i += 2) {
303 namelen = auio->uio_iov[i].iov_len;
304 optlen = auio->uio_iov[i + 1].iov_len;
305 memused += sizeof(struct vfsopt) + optlen + namelen;
307 * Avoid consuming too much memory, and attempts to overflow
310 if (memused > VFS_MOUNTARG_SIZE_MAX ||
311 optlen > VFS_MOUNTARG_SIZE_MAX ||
312 namelen > VFS_MOUNTARG_SIZE_MAX) {
317 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK);
318 opt->name = malloc(namelen, M_MOUNT, M_WAITOK);
325 * Do this early, so jumps to "bad" will free the current
328 TAILQ_INSERT_TAIL(opts, opt, link);
330 if (auio->uio_segflg == UIO_SYSSPACE) {
331 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen);
333 error = copyin(auio->uio_iov[i].iov_base, opt->name,
338 /* Ensure names are null-terminated strings. */
339 if (namelen == 0 || opt->name[namelen - 1] != '\0') {
345 opt->value = malloc(optlen, M_MOUNT, M_WAITOK);
346 if (auio->uio_segflg == UIO_SYSSPACE) {
347 bcopy(auio->uio_iov[i + 1].iov_base, opt->value,
350 error = copyin(auio->uio_iov[i + 1].iov_base,
357 vfs_sanitizeopts(opts);
366 * Merge the old mount options with the new ones passed
367 * in the MNT_UPDATE case.
369 * XXX: This function will keep a "nofoo" option in the new
370 * options. E.g, if the option's canonical name is "foo",
371 * "nofoo" ends up in the mount point's active options.
374 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *oldopts)
376 struct vfsopt *opt, *new;
378 TAILQ_FOREACH(opt, oldopts, link) {
379 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK);
380 new->name = strdup(opt->name, M_MOUNT);
382 new->value = malloc(opt->len, M_MOUNT, M_WAITOK);
383 bcopy(opt->value, new->value, opt->len);
387 new->seen = opt->seen;
388 TAILQ_INSERT_HEAD(toopts, new, link);
390 vfs_sanitizeopts(toopts);
394 * Mount a filesystem.
396 #ifndef _SYS_SYSPROTO_H_
404 sys_nmount(struct thread *td, struct nmount_args *uap)
412 * Mount flags are now 64-bits. On 32-bit archtectures only
413 * 32-bits are passed in, but from here on everything handles
414 * 64-bit flags correctly.
418 AUDIT_ARG_FFLAGS(flags);
419 CTR4(KTR_VFS, "%s: iovp %p with iovcnt %d and flags %d", __func__,
420 uap->iovp, uap->iovcnt, flags);
423 * Filter out MNT_ROOTFS. We do not want clients of nmount() in
424 * userspace to set this flag, but we must filter it out if we want
425 * MNT_UPDATE on the root file system to work.
426 * MNT_ROOTFS should only be set by the kernel when mounting its
429 flags &= ~MNT_ROOTFS;
431 iovcnt = uap->iovcnt;
433 * Check that we have an even number of iovec's
434 * and that we have at least two options.
436 if ((iovcnt & 1) || (iovcnt < 4)) {
437 CTR2(KTR_VFS, "%s: failed for invalid iovcnt %d", __func__,
442 error = copyinuio(uap->iovp, iovcnt, &auio);
444 CTR2(KTR_VFS, "%s: failed for invalid uio op with %d errno",
448 error = vfs_donmount(td, flags, auio);
455 * ---------------------------------------------------------------------
456 * Various utility functions
460 vfs_ref(struct mount *mp)
463 CTR2(KTR_VFS, "%s: mp %p", __func__, mp);
464 if (vfs_op_thread_enter(mp)) {
465 vfs_mp_count_add_pcpu(mp, ref, 1);
466 vfs_op_thread_exit(mp);
476 vfs_rel(struct mount *mp)
479 CTR2(KTR_VFS, "%s: mp %p", __func__, mp);
480 if (vfs_op_thread_enter(mp)) {
481 vfs_mp_count_sub_pcpu(mp, ref, 1);
482 vfs_op_thread_exit(mp);
492 * Allocate and initialize the mount point struct.
495 vfs_mount_alloc(struct vnode *vp, struct vfsconf *vfsp, const char *fspath,
500 mp = uma_zalloc(mount_zone, M_WAITOK);
501 bzero(&mp->mnt_startzero,
502 __rangeof(struct mount, mnt_startzero, mnt_endzero));
503 TAILQ_INIT(&mp->mnt_nvnodelist);
504 mp->mnt_nvnodelistsize = 0;
505 TAILQ_INIT(&mp->mnt_activevnodelist);
506 mp->mnt_activevnodelistsize = 0;
507 TAILQ_INIT(&mp->mnt_tmpfreevnodelist);
508 mp->mnt_tmpfreevnodelistsize = 0;
509 if (mp->mnt_ref != 0 || mp->mnt_lockref != 0 ||
510 mp->mnt_writeopcount != 0)
511 panic("%s: non-zero counters on new mp %p\n", __func__, mp);
512 if (mp->mnt_vfs_ops != 1)
513 panic("%s: vfs_ops should be 1 but %d found\n", __func__,
515 (void) vfs_busy(mp, MBF_NOWAIT);
516 atomic_add_acq_int(&vfsp->vfc_refcount, 1);
517 mp->mnt_op = vfsp->vfc_vfsops;
519 mp->mnt_stat.f_type = vfsp->vfc_typenum;
521 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN);
522 mp->mnt_vnodecovered = vp;
523 mp->mnt_cred = crdup(cred);
524 mp->mnt_stat.f_owner = cred->cr_uid;
525 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN);
526 mp->mnt_iosize_max = DFLTPHYS;
529 mac_mount_create(cred, mp);
531 arc4rand(&mp->mnt_hashseed, sizeof mp->mnt_hashseed, 0);
532 TAILQ_INIT(&mp->mnt_uppers);
537 * Destroy the mount struct previously allocated by vfs_mount_alloc().
540 vfs_mount_destroy(struct mount *mp)
543 if (mp->mnt_vfs_ops == 0)
544 panic("%s: entered with zero vfs_ops\n", __func__);
546 vfs_assert_mount_counters(mp);
549 mp->mnt_kern_flag |= MNTK_REFEXPIRE;
550 if (mp->mnt_kern_flag & MNTK_MWAIT) {
551 mp->mnt_kern_flag &= ~MNTK_MWAIT;
555 msleep(mp, MNT_MTX(mp), PVFS, "mntref", 0);
556 KASSERT(mp->mnt_ref == 0,
557 ("%s: invalid refcount in the drain path @ %s:%d", __func__,
558 __FILE__, __LINE__));
559 if (mp->mnt_writeopcount != 0)
560 panic("vfs_mount_destroy: nonzero writeopcount");
561 if (mp->mnt_secondary_writes != 0)
562 panic("vfs_mount_destroy: nonzero secondary_writes");
563 atomic_subtract_rel_int(&mp->mnt_vfc->vfc_refcount, 1);
564 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) {
567 TAILQ_FOREACH(vp, &mp->mnt_nvnodelist, v_nmntvnodes)
568 vn_printf(vp, "dangling vnode ");
569 panic("unmount: dangling vnode");
571 KASSERT(TAILQ_EMPTY(&mp->mnt_uppers), ("mnt_uppers"));
572 if (mp->mnt_nvnodelistsize != 0)
573 panic("vfs_mount_destroy: nonzero nvnodelistsize");
574 if (mp->mnt_activevnodelistsize != 0)
575 panic("vfs_mount_destroy: nonzero activevnodelistsize");
576 if (mp->mnt_tmpfreevnodelistsize != 0)
577 panic("vfs_mount_destroy: nonzero tmpfreevnodelistsize");
578 if (mp->mnt_lockref != 0)
579 panic("vfs_mount_destroy: nonzero lock refcount");
582 if (mp->mnt_vfs_ops != 1)
583 panic("%s: vfs_ops should be 1 but %d found\n", __func__,
586 if (mp->mnt_rootvnode != NULL)
587 panic("%s: mount point still has a root vnode %p\n", __func__,
590 if (mp->mnt_vnodecovered != NULL)
591 vrele(mp->mnt_vnodecovered);
593 mac_mount_destroy(mp);
595 if (mp->mnt_opt != NULL)
596 vfs_freeopts(mp->mnt_opt);
597 crfree(mp->mnt_cred);
598 uma_zfree(mount_zone, mp);
602 vfs_should_downgrade_to_ro_mount(uint64_t fsflags, int error)
604 /* This is an upgrade of an exisiting mount. */
605 if ((fsflags & MNT_UPDATE) != 0)
607 /* This is already an R/O mount. */
608 if ((fsflags & MNT_RDONLY) != 0)
612 case ENODEV: /* generic, geom, ... */
613 case EACCES: /* cam/scsi, ... */
614 case EROFS: /* md, mmcsd, ... */
616 * These errors can be returned by the storage layer to signal
617 * that the media is read-only. No harm in the R/O mount
618 * attempt if the error was returned for some other reason.
627 vfs_donmount(struct thread *td, uint64_t fsflags, struct uio *fsoptions)
629 struct vfsoptlist *optlist;
630 struct vfsopt *opt, *tmp_opt;
631 char *fstype, *fspath, *errmsg;
632 int error, fstypelen, fspathlen, errmsg_len, errmsg_pos;
635 errmsg = fspath = NULL;
636 errmsg_len = fspathlen = 0;
638 autoro = default_autoro;
640 error = vfs_buildopts(fsoptions, &optlist);
644 if (vfs_getopt(optlist, "errmsg", (void **)&errmsg, &errmsg_len) == 0)
645 errmsg_pos = vfs_getopt_pos(optlist, "errmsg");
648 * We need these two options before the others,
649 * and they are mandatory for any filesystem.
650 * Ensure they are NUL terminated as well.
653 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen);
654 if (error || fstypelen <= 0 || fstype[fstypelen - 1] != '\0') {
657 strncpy(errmsg, "Invalid fstype", errmsg_len);
661 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen);
662 if (error || fspathlen <= 0 || fspath[fspathlen - 1] != '\0') {
665 strncpy(errmsg, "Invalid fspath", errmsg_len);
670 * We need to see if we have the "update" option
671 * before we call vfs_domount(), since vfs_domount() has special
672 * logic based on MNT_UPDATE. This is very important
673 * when we want to update the root filesystem.
675 TAILQ_FOREACH_SAFE(opt, optlist, link, tmp_opt) {
678 if (strcmp(opt->name, "update") == 0) {
679 fsflags |= MNT_UPDATE;
682 else if (strcmp(opt->name, "async") == 0)
683 fsflags |= MNT_ASYNC;
684 else if (strcmp(opt->name, "force") == 0) {
685 fsflags |= MNT_FORCE;
688 else if (strcmp(opt->name, "reload") == 0) {
689 fsflags |= MNT_RELOAD;
692 else if (strcmp(opt->name, "multilabel") == 0)
693 fsflags |= MNT_MULTILABEL;
694 else if (strcmp(opt->name, "noasync") == 0)
695 fsflags &= ~MNT_ASYNC;
696 else if (strcmp(opt->name, "noatime") == 0)
697 fsflags |= MNT_NOATIME;
698 else if (strcmp(opt->name, "atime") == 0) {
699 free(opt->name, M_MOUNT);
700 opt->name = strdup("nonoatime", M_MOUNT);
702 else if (strcmp(opt->name, "noclusterr") == 0)
703 fsflags |= MNT_NOCLUSTERR;
704 else if (strcmp(opt->name, "clusterr") == 0) {
705 free(opt->name, M_MOUNT);
706 opt->name = strdup("nonoclusterr", M_MOUNT);
708 else if (strcmp(opt->name, "noclusterw") == 0)
709 fsflags |= MNT_NOCLUSTERW;
710 else if (strcmp(opt->name, "clusterw") == 0) {
711 free(opt->name, M_MOUNT);
712 opt->name = strdup("nonoclusterw", M_MOUNT);
714 else if (strcmp(opt->name, "noexec") == 0)
715 fsflags |= MNT_NOEXEC;
716 else if (strcmp(opt->name, "exec") == 0) {
717 free(opt->name, M_MOUNT);
718 opt->name = strdup("nonoexec", M_MOUNT);
720 else if (strcmp(opt->name, "nosuid") == 0)
721 fsflags |= MNT_NOSUID;
722 else if (strcmp(opt->name, "suid") == 0) {
723 free(opt->name, M_MOUNT);
724 opt->name = strdup("nonosuid", M_MOUNT);
726 else if (strcmp(opt->name, "nosymfollow") == 0)
727 fsflags |= MNT_NOSYMFOLLOW;
728 else if (strcmp(opt->name, "symfollow") == 0) {
729 free(opt->name, M_MOUNT);
730 opt->name = strdup("nonosymfollow", M_MOUNT);
732 else if (strcmp(opt->name, "noro") == 0) {
733 fsflags &= ~MNT_RDONLY;
736 else if (strcmp(opt->name, "rw") == 0) {
737 fsflags &= ~MNT_RDONLY;
740 else if (strcmp(opt->name, "ro") == 0) {
741 fsflags |= MNT_RDONLY;
744 else if (strcmp(opt->name, "rdonly") == 0) {
745 free(opt->name, M_MOUNT);
746 opt->name = strdup("ro", M_MOUNT);
747 fsflags |= MNT_RDONLY;
750 else if (strcmp(opt->name, "autoro") == 0) {
754 else if (strcmp(opt->name, "suiddir") == 0)
755 fsflags |= MNT_SUIDDIR;
756 else if (strcmp(opt->name, "sync") == 0)
757 fsflags |= MNT_SYNCHRONOUS;
758 else if (strcmp(opt->name, "union") == 0)
759 fsflags |= MNT_UNION;
760 else if (strcmp(opt->name, "automounted") == 0) {
761 fsflags |= MNT_AUTOMOUNTED;
763 } else if (strcmp(opt->name, "nocover") == 0) {
764 fsflags |= MNT_NOCOVER;
766 } else if (strcmp(opt->name, "cover") == 0) {
767 fsflags &= ~MNT_NOCOVER;
769 } else if (strcmp(opt->name, "emptydir") == 0) {
770 fsflags |= MNT_EMPTYDIR;
772 } else if (strcmp(opt->name, "noemptydir") == 0) {
773 fsflags &= ~MNT_EMPTYDIR;
777 vfs_freeopt(optlist, opt);
781 * Be ultra-paranoid about making sure the type and fspath
782 * variables will fit in our mp buffers, including the
785 if (fstypelen > MFSNAMELEN || fspathlen > MNAMELEN) {
786 error = ENAMETOOLONG;
790 error = vfs_domount(td, fstype, fspath, fsflags, &optlist);
793 * See if we can mount in the read-only mode if the error code suggests
794 * that it could be possible and the mount options allow for that.
795 * Never try it if "[no]{ro|rw}" has been explicitly requested and not
796 * overridden by "autoro".
798 if (autoro && vfs_should_downgrade_to_ro_mount(fsflags, error)) {
799 printf("%s: R/W mount failed, possibly R/O media,"
800 " trying R/O mount\n", __func__);
801 fsflags |= MNT_RDONLY;
802 error = vfs_domount(td, fstype, fspath, fsflags, &optlist);
805 /* copyout the errmsg */
806 if (errmsg_pos != -1 && ((2 * errmsg_pos + 1) < fsoptions->uio_iovcnt)
807 && errmsg_len > 0 && errmsg != NULL) {
808 if (fsoptions->uio_segflg == UIO_SYSSPACE) {
810 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base,
811 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len);
814 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base,
815 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len);
820 vfs_freeopts(optlist);
827 #ifndef _SYS_SYSPROTO_H_
837 sys_mount(struct thread *td, struct mount_args *uap)
840 struct vfsconf *vfsp = NULL;
841 struct mntarg *ma = NULL;
846 * Mount flags are now 64-bits. On 32-bit architectures only
847 * 32-bits are passed in, but from here on everything handles
848 * 64-bit flags correctly.
852 AUDIT_ARG_FFLAGS(flags);
855 * Filter out MNT_ROOTFS. We do not want clients of mount() in
856 * userspace to set this flag, but we must filter it out if we want
857 * MNT_UPDATE on the root file system to work.
858 * MNT_ROOTFS should only be set by the kernel when mounting its
861 flags &= ~MNT_ROOTFS;
863 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK);
864 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL);
866 free(fstype, M_TEMP);
870 AUDIT_ARG_TEXT(fstype);
871 vfsp = vfs_byname_kld(fstype, td, &error);
872 free(fstype, M_TEMP);
875 if (((vfsp->vfc_flags & VFCF_SBDRY) != 0 &&
876 vfsp->vfc_vfsops_sd->vfs_cmount == NULL) ||
877 ((vfsp->vfc_flags & VFCF_SBDRY) == 0 &&
878 vfsp->vfc_vfsops->vfs_cmount == NULL))
881 ma = mount_argsu(ma, "fstype", uap->type, MFSNAMELEN);
882 ma = mount_argsu(ma, "fspath", uap->path, MNAMELEN);
883 ma = mount_argb(ma, flags & MNT_RDONLY, "noro");
884 ma = mount_argb(ma, !(flags & MNT_NOSUID), "nosuid");
885 ma = mount_argb(ma, !(flags & MNT_NOEXEC), "noexec");
887 if ((vfsp->vfc_flags & VFCF_SBDRY) != 0)
888 return (vfsp->vfc_vfsops_sd->vfs_cmount(ma, uap->data, flags));
889 return (vfsp->vfc_vfsops->vfs_cmount(ma, uap->data, flags));
893 * vfs_domount_first(): first file system mount (not update)
897 struct thread *td, /* Calling thread. */
898 struct vfsconf *vfsp, /* File system type. */
899 char *fspath, /* Mount path. */
900 struct vnode *vp, /* Vnode to be covered. */
901 uint64_t fsflags, /* Flags common to all filesystems. */
902 struct vfsoptlist **optlist /* Options local to the filesystem. */
910 ASSERT_VOP_ELOCKED(vp, __func__);
911 KASSERT((fsflags & MNT_UPDATE) == 0, ("MNT_UPDATE shouldn't be here"));
913 if ((fsflags & MNT_EMPTYDIR) != 0) {
914 error = vfs_emptydir(vp);
922 * If the jail of the calling thread lacks permission for this type of
923 * file system, deny immediately.
925 if (jailed(td->td_ucred) && !prison_allow(td->td_ucred,
926 vfsp->vfc_prison_flag)) {
932 * If the user is not root, ensure that they own the directory
933 * onto which we are attempting to mount.
935 error = VOP_GETATTR(vp, &va, td->td_ucred);
936 if (error == 0 && va.va_uid != td->td_ucred->cr_uid)
937 error = priv_check_cred(td->td_ucred, PRIV_VFS_ADMIN);
939 error = vinvalbuf(vp, V_SAVE, 0, 0);
940 if (error == 0 && vp->v_type != VDIR)
944 if ((vp->v_iflag & VI_MOUNT) == 0 && vp->v_mountedhere == NULL)
945 vp->v_iflag |= VI_MOUNT;
956 /* Allocate and initialize the filesystem. */
957 mp = vfs_mount_alloc(vp, vfsp, fspath, td->td_ucred);
958 /* XXXMAC: pass to vfs_mount_alloc? */
959 mp->mnt_optnew = *optlist;
960 /* Set the mount level flags. */
961 mp->mnt_flag = (fsflags & (MNT_UPDATEMASK | MNT_ROOTFS | MNT_RDONLY));
964 * Mount the filesystem.
965 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they
966 * get. No freeing of cn_pnbuf.
969 if ((error = VFS_MOUNT(mp)) != 0 ||
970 (error1 = VFS_STATFS(mp, &mp->mnt_stat)) != 0 ||
971 (error1 = VFS_ROOT(mp, LK_EXCLUSIVE, &newdp)) != 0) {
974 if ((error1 = VFS_UNMOUNT(mp, 0)) != 0)
975 printf("VFS_UNMOUNT returned %d\n", error1);
978 mp->mnt_vnodecovered = NULL;
979 vfs_mount_destroy(mp);
981 vp->v_iflag &= ~VI_MOUNT;
986 VOP_UNLOCK(newdp, 0);
988 if (mp->mnt_opt != NULL)
989 vfs_freeopts(mp->mnt_opt);
990 mp->mnt_opt = mp->mnt_optnew;
994 * Prevent external consumers of mount options from reading mnt_optnew.
996 mp->mnt_optnew = NULL;
999 if ((mp->mnt_flag & MNT_ASYNC) != 0 &&
1000 (mp->mnt_kern_flag & MNTK_NOASYNC) == 0)
1001 mp->mnt_kern_flag |= MNTK_ASYNC;
1003 mp->mnt_kern_flag &= ~MNTK_ASYNC;
1006 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
1009 vp->v_iflag &= ~VI_MOUNT;
1011 vp->v_mountedhere = mp;
1012 /* Place the new filesystem at the end of the mount list. */
1013 mtx_lock(&mountlist_mtx);
1014 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list);
1015 mtx_unlock(&mountlist_mtx);
1016 vfs_event_signal(NULL, VQ_MOUNT, 0);
1017 vn_lock(newdp, LK_EXCLUSIVE | LK_RETRY);
1019 EVENTHANDLER_DIRECT_INVOKE(vfs_mounted, mp, newdp, td);
1020 VOP_UNLOCK(newdp, 0);
1021 mountcheckdirs(vp, newdp);
1023 if ((mp->mnt_flag & MNT_RDONLY) == 0)
1024 vfs_allocate_syncvnode(mp);
1031 * vfs_domount_update(): update of mounted file system
1035 struct thread *td, /* Calling thread. */
1036 struct vnode *vp, /* Mount point vnode. */
1037 uint64_t fsflags, /* Flags common to all filesystems. */
1038 struct vfsoptlist **optlist /* Options local to the filesystem. */
1041 struct export_args export;
1042 struct vnode *rootvp;
1045 int error, export_error, len;
1048 ASSERT_VOP_ELOCKED(vp, __func__);
1049 KASSERT((fsflags & MNT_UPDATE) != 0, ("MNT_UPDATE should be here"));
1052 if ((vp->v_vflag & VV_ROOT) == 0) {
1053 if (vfs_copyopt(*optlist, "export", &export, sizeof(export))
1063 * We only allow the filesystem to be reloaded if it
1064 * is currently mounted read-only.
1066 flag = mp->mnt_flag;
1067 if ((fsflags & MNT_RELOAD) != 0 && (flag & MNT_RDONLY) == 0) {
1069 return (EOPNOTSUPP); /* Needs translation */
1072 * Only privileged root, or (if MNT_USER is set) the user that
1073 * did the original mount is permitted to update it.
1075 error = vfs_suser(mp, td);
1080 if (vfs_busy(mp, MBF_NOWAIT)) {
1085 if ((vp->v_iflag & VI_MOUNT) != 0 || vp->v_mountedhere != NULL) {
1091 vp->v_iflag |= VI_MOUNT;
1098 if ((mp->mnt_kern_flag & MNTK_UNMOUNT) != 0) {
1103 mp->mnt_flag &= ~MNT_UPDATEMASK;
1104 mp->mnt_flag |= fsflags & (MNT_RELOAD | MNT_FORCE | MNT_UPDATE |
1105 MNT_SNAPSHOT | MNT_ROOTFS | MNT_UPDATEMASK | MNT_RDONLY);
1106 if ((mp->mnt_flag & MNT_ASYNC) == 0)
1107 mp->mnt_kern_flag &= ~MNTK_ASYNC;
1108 rootvp = vfs_cache_root_clear(mp);
1112 mp->mnt_optnew = *optlist;
1113 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt);
1116 * Mount the filesystem.
1117 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they
1118 * get. No freeing of cn_pnbuf.
1120 error = VFS_MOUNT(mp);
1123 /* Process the export option. */
1124 if (error == 0 && vfs_getopt(mp->mnt_optnew, "export", &bufp,
1126 /* Assume that there is only 1 ABI for each length. */
1128 case (sizeof(struct oexport_args)):
1129 bzero(&export, sizeof(export));
1131 case (sizeof(export)):
1132 bcopy(bufp, &export, len);
1133 export_error = vfs_export(mp, &export);
1136 export_error = EINVAL;
1143 mp->mnt_flag &= ~(MNT_UPDATE | MNT_RELOAD | MNT_FORCE |
1147 * If we fail, restore old mount flags. MNT_QUOTA is special,
1148 * because it is not part of MNT_UPDATEMASK, but it could have
1149 * changed in the meantime if quotactl(2) was called.
1150 * All in all we want current value of MNT_QUOTA, not the old
1153 mp->mnt_flag = (mp->mnt_flag & MNT_QUOTA) | (flag & ~MNT_QUOTA);
1155 if ((mp->mnt_flag & MNT_ASYNC) != 0 &&
1156 (mp->mnt_kern_flag & MNTK_NOASYNC) == 0)
1157 mp->mnt_kern_flag |= MNTK_ASYNC;
1159 mp->mnt_kern_flag &= ~MNTK_ASYNC;
1165 if (mp->mnt_opt != NULL)
1166 vfs_freeopts(mp->mnt_opt);
1167 mp->mnt_opt = mp->mnt_optnew;
1169 (void)VFS_STATFS(mp, &mp->mnt_stat);
1171 * Prevent external consumers of mount options from reading
1174 mp->mnt_optnew = NULL;
1176 if ((mp->mnt_flag & MNT_RDONLY) == 0)
1177 vfs_allocate_syncvnode(mp);
1179 vfs_deallocate_syncvnode(mp);
1184 vp->v_iflag &= ~VI_MOUNT;
1187 return (error != 0 ? error : export_error);
1191 * vfs_domount(): actually attempt a filesystem mount.
1195 struct thread *td, /* Calling thread. */
1196 const char *fstype, /* Filesystem type. */
1197 char *fspath, /* Mount path. */
1198 uint64_t fsflags, /* Flags common to all filesystems. */
1199 struct vfsoptlist **optlist /* Options local to the filesystem. */
1202 struct vfsconf *vfsp;
1203 struct nameidata nd;
1209 * Be ultra-paranoid about making sure the type and fspath
1210 * variables will fit in our mp buffers, including the
1213 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN)
1214 return (ENAMETOOLONG);
1216 if (jailed(td->td_ucred) || usermount == 0) {
1217 if ((error = priv_check(td, PRIV_VFS_MOUNT)) != 0)
1222 * Do not allow NFS export or MNT_SUIDDIR by unprivileged users.
1224 if (fsflags & MNT_EXPORTED) {
1225 error = priv_check(td, PRIV_VFS_MOUNT_EXPORTED);
1229 if (fsflags & MNT_SUIDDIR) {
1230 error = priv_check(td, PRIV_VFS_MOUNT_SUIDDIR);
1235 * Silently enforce MNT_NOSUID and MNT_USER for unprivileged users.
1237 if ((fsflags & (MNT_NOSUID | MNT_USER)) != (MNT_NOSUID | MNT_USER)) {
1238 if (priv_check(td, PRIV_VFS_MOUNT_NONUSER) != 0)
1239 fsflags |= MNT_NOSUID | MNT_USER;
1242 /* Load KLDs before we lock the covered vnode to avoid reversals. */
1244 if ((fsflags & MNT_UPDATE) == 0) {
1245 /* Don't try to load KLDs if we're mounting the root. */
1246 if (fsflags & MNT_ROOTFS)
1247 vfsp = vfs_byname(fstype);
1249 vfsp = vfs_byname_kld(fstype, td, &error);
1255 * Get vnode to be covered or mount point's vnode in case of MNT_UPDATE.
1257 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1,
1258 UIO_SYSSPACE, fspath, td);
1262 NDFREE(&nd, NDF_ONLY_PNBUF);
1264 if ((fsflags & MNT_UPDATE) == 0) {
1265 if ((vp->v_vflag & VV_ROOT) != 0 &&
1266 (fsflags & MNT_NOCOVER) != 0) {
1270 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK);
1271 strcpy(pathbuf, fspath);
1272 error = vn_path_to_global_path(td, vp, pathbuf, MNAMELEN);
1273 /* debug.disablefullpath == 1 results in ENODEV */
1274 if (error == 0 || error == ENODEV) {
1275 error = vfs_domount_first(td, vfsp, pathbuf, vp,
1278 free(pathbuf, M_TEMP);
1280 error = vfs_domount_update(td, vp, fsflags, optlist);
1286 * Unmount a filesystem.
1288 * Note: unmount takes a path to the vnode mounted on as argument, not
1289 * special file (as before).
1291 #ifndef _SYS_SYSPROTO_H_
1292 struct unmount_args {
1299 sys_unmount(struct thread *td, struct unmount_args *uap)
1301 struct nameidata nd;
1304 int error, id0, id1;
1306 AUDIT_ARG_VALUE(uap->flags);
1307 if (jailed(td->td_ucred) || usermount == 0) {
1308 error = priv_check(td, PRIV_VFS_UNMOUNT);
1313 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK);
1314 error = copyinstr(uap->path, pathbuf, MNAMELEN, NULL);
1316 free(pathbuf, M_TEMP);
1319 if (uap->flags & MNT_BYFSID) {
1320 AUDIT_ARG_TEXT(pathbuf);
1321 /* Decode the filesystem ID. */
1322 if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) {
1323 free(pathbuf, M_TEMP);
1327 mtx_lock(&mountlist_mtx);
1328 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) {
1329 if (mp->mnt_stat.f_fsid.val[0] == id0 &&
1330 mp->mnt_stat.f_fsid.val[1] == id1) {
1335 mtx_unlock(&mountlist_mtx);
1338 * Try to find global path for path argument.
1340 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1,
1341 UIO_SYSSPACE, pathbuf, td);
1342 if (namei(&nd) == 0) {
1343 NDFREE(&nd, NDF_ONLY_PNBUF);
1344 error = vn_path_to_global_path(td, nd.ni_vp, pathbuf,
1346 if (error == 0 || error == ENODEV)
1349 mtx_lock(&mountlist_mtx);
1350 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) {
1351 if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0) {
1356 mtx_unlock(&mountlist_mtx);
1358 free(pathbuf, M_TEMP);
1361 * Previously we returned ENOENT for a nonexistent path and
1362 * EINVAL for a non-mountpoint. We cannot tell these apart
1363 * now, so in the !MNT_BYFSID case return the more likely
1364 * EINVAL for compatibility.
1366 return ((uap->flags & MNT_BYFSID) ? ENOENT : EINVAL);
1370 * Don't allow unmounting the root filesystem.
1372 if (mp->mnt_flag & MNT_ROOTFS) {
1376 error = dounmount(mp, uap->flags, td);
1381 * Return error if any of the vnodes, ignoring the root vnode
1382 * and the syncer vnode, have non-zero usecount.
1384 * This function is purely advisory - it can return false positives
1388 vfs_check_usecounts(struct mount *mp)
1390 struct vnode *vp, *mvp;
1392 MNT_VNODE_FOREACH_ALL(vp, mp, mvp) {
1393 if ((vp->v_vflag & VV_ROOT) == 0 && vp->v_type != VNON &&
1394 vp->v_usecount != 0) {
1396 MNT_VNODE_FOREACH_ALL_ABORT(mp, mvp);
1406 dounmount_cleanup(struct mount *mp, struct vnode *coveredvp, int mntkflags)
1409 mtx_assert(MNT_MTX(mp), MA_OWNED);
1410 mp->mnt_kern_flag &= ~mntkflags;
1411 if ((mp->mnt_kern_flag & MNTK_MWAIT) != 0) {
1412 mp->mnt_kern_flag &= ~MNTK_MWAIT;
1415 vfs_op_exit_locked(mp);
1417 if (coveredvp != NULL) {
1418 VOP_UNLOCK(coveredvp, 0);
1421 vn_finished_write(mp);
1425 * There are various reference counters associated with the mount point.
1426 * Normally it is permitted to modify them without taking the mnt ilock,
1427 * but this behavior can be temporarily disabled if stable value is needed
1428 * or callers are expected to block (e.g. to not allow new users during
1432 vfs_op_enter(struct mount *mp)
1438 if (mp->mnt_vfs_ops > 1) {
1443 * Paired with a fence in vfs_op_thread_enter(). See the comment
1444 * above it for details.
1446 atomic_thread_fence_seq_cst();
1447 vfs_op_barrier_wait(mp);
1449 * Paired with a fence in vfs_op_thread_exit().
1451 atomic_thread_fence_acq();
1454 zpcpu_replace_cpu(mp->mnt_ref_pcpu, 0, cpu);
1456 zpcpu_replace_cpu(mp->mnt_lockref_pcpu, 0, cpu);
1457 mp->mnt_writeopcount +=
1458 zpcpu_replace_cpu(mp->mnt_writeopcount_pcpu, 0, cpu);
1461 vfs_assert_mount_counters(mp);
1465 vfs_op_exit_locked(struct mount *mp)
1468 mtx_assert(MNT_MTX(mp), MA_OWNED);
1470 if (mp->mnt_vfs_ops <= 0)
1471 panic("%s: invalid vfs_ops count %d for mp %p\n",
1472 __func__, mp->mnt_vfs_ops, mp);
1477 vfs_op_exit(struct mount *mp)
1481 vfs_op_exit_locked(mp);
1486 * It is assumed the caller already posted at least an acquire barrier.
1489 vfs_op_barrier_wait(struct mount *mp)
1495 in_op = zpcpu_get_cpu(mp->mnt_thread_in_ops_pcpu, cpu);
1496 while (atomic_load_int(in_op))
1503 vfs_assert_mount_counters(struct mount *mp)
1507 if (mp->mnt_vfs_ops == 0)
1511 if (*(int *)zpcpu_get_cpu(mp->mnt_ref_pcpu, cpu) != 0 ||
1512 *(int *)zpcpu_get_cpu(mp->mnt_lockref_pcpu, cpu) != 0 ||
1513 *(int *)zpcpu_get_cpu(mp->mnt_writeopcount_pcpu, cpu) != 0)
1514 vfs_dump_mount_counters(mp);
1519 vfs_dump_mount_counters(struct mount *mp)
1522 int ref, lockref, writeopcount;
1524 printf("%s: mp %p vfs_ops %d\n", __func__, mp, mp->mnt_vfs_ops);
1529 count = zpcpu_get_cpu(mp->mnt_ref_pcpu, cpu);
1530 printf("%d ", *count);
1534 printf(" lockref : ");
1535 lockref = mp->mnt_lockref;
1537 count = zpcpu_get_cpu(mp->mnt_lockref_pcpu, cpu);
1538 printf("%d ", *count);
1542 printf("writeopcount: ");
1543 writeopcount = mp->mnt_writeopcount;
1545 count = zpcpu_get_cpu(mp->mnt_writeopcount_pcpu, cpu);
1546 printf("%d ", *count);
1547 writeopcount += *count;
1551 printf("counter struct total\n");
1552 printf("ref %-5d %-5d\n", mp->mnt_ref, ref);
1553 printf("lockref %-5d %-5d\n", mp->mnt_lockref, lockref);
1554 printf("writeopcount %-5d %-5d\n", mp->mnt_writeopcount, writeopcount);
1556 panic("invalid counts on struct mount");
1561 vfs_mount_fetch_counter(struct mount *mp, enum mount_counter which)
1568 base = &mp->mnt_ref;
1569 pcpu = mp->mnt_ref_pcpu;
1571 case MNT_COUNT_LOCKREF:
1572 base = &mp->mnt_lockref;
1573 pcpu = mp->mnt_lockref_pcpu;
1575 case MNT_COUNT_WRITEOPCOUNT:
1576 base = &mp->mnt_writeopcount;
1577 pcpu = mp->mnt_writeopcount_pcpu;
1583 sum += *(int *)zpcpu_get_cpu(pcpu, cpu);
1589 * Do the actual filesystem unmount.
1592 dounmount(struct mount *mp, int flags, struct thread *td)
1594 struct vnode *coveredvp, *rootvp;
1596 uint64_t async_flag;
1599 if ((coveredvp = mp->mnt_vnodecovered) != NULL) {
1600 mnt_gen_r = mp->mnt_gen;
1603 vn_lock(coveredvp, LK_EXCLUSIVE | LK_INTERLOCK | LK_RETRY);
1605 * Check for mp being unmounted while waiting for the
1606 * covered vnode lock.
1608 if (coveredvp->v_mountedhere != mp ||
1609 coveredvp->v_mountedhere->mnt_gen != mnt_gen_r) {
1610 VOP_UNLOCK(coveredvp, 0);
1618 * Only privileged root, or (if MNT_USER is set) the user that did the
1619 * original mount is permitted to unmount this filesystem.
1621 error = vfs_suser(mp, td);
1623 if (coveredvp != NULL) {
1624 VOP_UNLOCK(coveredvp, 0);
1633 vn_start_write(NULL, &mp, V_WAIT | V_MNTREF);
1635 if ((mp->mnt_kern_flag & MNTK_UNMOUNT) != 0 ||
1636 (mp->mnt_flag & MNT_UPDATE) != 0 ||
1637 !TAILQ_EMPTY(&mp->mnt_uppers)) {
1638 dounmount_cleanup(mp, coveredvp, 0);
1641 mp->mnt_kern_flag |= MNTK_UNMOUNT;
1642 rootvp = vfs_cache_root_clear(mp);
1643 if (flags & MNT_NONBUSY) {
1645 error = vfs_check_usecounts(mp);
1648 dounmount_cleanup(mp, coveredvp, MNTK_UNMOUNT);
1654 /* Allow filesystems to detect that a forced unmount is in progress. */
1655 if (flags & MNT_FORCE) {
1656 mp->mnt_kern_flag |= MNTK_UNMOUNTF;
1659 * Must be done after setting MNTK_UNMOUNTF and before
1660 * waiting for mnt_lockref to become 0.
1666 if (mp->mnt_lockref) {
1667 mp->mnt_kern_flag |= MNTK_DRAINING;
1668 error = msleep(&mp->mnt_lockref, MNT_MTX(mp), PVFS,
1672 KASSERT(mp->mnt_lockref == 0,
1673 ("%s: invalid lock refcount in the drain path @ %s:%d",
1674 __func__, __FILE__, __LINE__));
1676 ("%s: invalid return value for msleep in the drain path @ %s:%d",
1677 __func__, __FILE__, __LINE__));
1682 if (mp->mnt_flag & MNT_EXPUBLIC)
1683 vfs_setpublicfs(NULL, NULL, NULL);
1686 * From now, we can claim that the use reference on the
1687 * coveredvp is ours, and the ref can be released only by
1688 * successfull unmount by us, or left for later unmount
1689 * attempt. The previously acquired hold reference is no
1690 * longer needed to protect the vnode from reuse.
1692 if (coveredvp != NULL)
1695 vfs_msync(mp, MNT_WAIT);
1697 async_flag = mp->mnt_flag & MNT_ASYNC;
1698 mp->mnt_flag &= ~MNT_ASYNC;
1699 mp->mnt_kern_flag &= ~MNTK_ASYNC;
1701 cache_purgevfs(mp, false); /* remove cache entries for this file sys */
1702 vfs_deallocate_syncvnode(mp);
1703 if ((mp->mnt_flag & MNT_RDONLY) != 0 || (flags & MNT_FORCE) != 0 ||
1704 (error = VFS_SYNC(mp, MNT_WAIT)) == 0)
1705 error = VFS_UNMOUNT(mp, flags);
1706 vn_finished_write(mp);
1708 * If we failed to flush the dirty blocks for this mount point,
1709 * undo all the cdir/rdir and rootvnode changes we made above.
1710 * Unless we failed to do so because the device is reporting that
1711 * it doesn't exist anymore.
1713 if (error && error != ENXIO) {
1715 if ((mp->mnt_flag & MNT_RDONLY) == 0) {
1717 vfs_allocate_syncvnode(mp);
1720 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF);
1721 mp->mnt_flag |= async_flag;
1722 if ((mp->mnt_flag & MNT_ASYNC) != 0 &&
1723 (mp->mnt_kern_flag & MNTK_NOASYNC) == 0)
1724 mp->mnt_kern_flag |= MNTK_ASYNC;
1725 if (mp->mnt_kern_flag & MNTK_MWAIT) {
1726 mp->mnt_kern_flag &= ~MNTK_MWAIT;
1729 vfs_op_exit_locked(mp);
1732 VOP_UNLOCK(coveredvp, 0);
1735 mtx_lock(&mountlist_mtx);
1736 TAILQ_REMOVE(&mountlist, mp, mnt_list);
1737 mtx_unlock(&mountlist_mtx);
1738 EVENTHANDLER_DIRECT_INVOKE(vfs_unmounted, mp, td);
1739 if (coveredvp != NULL) {
1740 coveredvp->v_mountedhere = NULL;
1741 VOP_UNLOCK(coveredvp, 0);
1743 vfs_event_signal(NULL, VQ_UNMOUNT, 0);
1744 if (rootvnode != NULL && mp == rootvnode->v_mount) {
1748 if (mp == rootdevmp)
1750 vfs_mount_destroy(mp);
1755 * Report errors during filesystem mounting.
1758 vfs_mount_error(struct mount *mp, const char *fmt, ...)
1760 struct vfsoptlist *moptlist = mp->mnt_optnew;
1765 error = vfs_getopt(moptlist, "errmsg", (void **)&errmsg, &len);
1766 if (error || errmsg == NULL || len <= 0)
1770 vsnprintf(errmsg, (size_t)len, fmt, ap);
1775 vfs_opterror(struct vfsoptlist *opts, const char *fmt, ...)
1781 error = vfs_getopt(opts, "errmsg", (void **)&errmsg, &len);
1782 if (error || errmsg == NULL || len <= 0)
1786 vsnprintf(errmsg, (size_t)len, fmt, ap);
1791 * ---------------------------------------------------------------------
1792 * Functions for querying mount options/arguments from filesystems.
1796 * Check that no unknown options are given
1799 vfs_filteropt(struct vfsoptlist *opts, const char **legal)
1803 const char **t, *p, *q;
1806 TAILQ_FOREACH(opt, opts, link) {
1809 if (p[0] == 'n' && p[1] == 'o')
1811 for(t = global_opts; *t != NULL; t++) {
1812 if (strcmp(*t, p) == 0)
1815 if (strcmp(*t, q) == 0)
1821 for(t = legal; *t != NULL; t++) {
1822 if (strcmp(*t, p) == 0)
1825 if (strcmp(*t, q) == 0)
1831 snprintf(errmsg, sizeof(errmsg),
1832 "mount option <%s> is unknown", p);
1836 TAILQ_FOREACH(opt, opts, link) {
1837 if (strcmp(opt->name, "errmsg") == 0) {
1838 strncpy((char *)opt->value, errmsg, opt->len);
1843 printf("%s\n", errmsg);
1849 * Get a mount option by its name.
1851 * Return 0 if the option was found, ENOENT otherwise.
1852 * If len is non-NULL it will be filled with the length
1853 * of the option. If buf is non-NULL, it will be filled
1854 * with the address of the option.
1857 vfs_getopt(struct vfsoptlist *opts, const char *name, void **buf, int *len)
1861 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL"));
1863 TAILQ_FOREACH(opt, opts, link) {
1864 if (strcmp(name, opt->name) == 0) {
1877 vfs_getopt_pos(struct vfsoptlist *opts, const char *name)
1884 TAILQ_FOREACH(opt, opts, link) {
1885 if (strcmp(name, opt->name) == 0) {
1894 vfs_getopt_size(struct vfsoptlist *opts, const char *name, off_t *value)
1896 char *opt_value, *vtp;
1900 error = vfs_getopt(opts, name, (void **)&opt_value, &opt_len);
1903 if (opt_len == 0 || opt_value == NULL)
1905 if (opt_value[0] == '\0' || opt_value[opt_len - 1] != '\0')
1907 iv = strtoq(opt_value, &vtp, 0);
1908 if (vtp == opt_value || (vtp[0] != '\0' && vtp[1] != '\0'))
1935 vfs_getopts(struct vfsoptlist *opts, const char *name, int *error)
1940 TAILQ_FOREACH(opt, opts, link) {
1941 if (strcmp(name, opt->name) != 0)
1944 if (opt->len == 0 ||
1945 ((char *)opt->value)[opt->len - 1] != '\0') {
1949 return (opt->value);
1956 vfs_flagopt(struct vfsoptlist *opts, const char *name, uint64_t *w,
1961 TAILQ_FOREACH(opt, opts, link) {
1962 if (strcmp(name, opt->name) == 0) {
1975 vfs_scanopt(struct vfsoptlist *opts, const char *name, const char *fmt, ...)
1981 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL"));
1983 TAILQ_FOREACH(opt, opts, link) {
1984 if (strcmp(name, opt->name) != 0)
1987 if (opt->len == 0 || opt->value == NULL)
1989 if (((char *)opt->value)[opt->len - 1] != '\0')
1992 ret = vsscanf(opt->value, fmt, ap);
2000 vfs_setopt(struct vfsoptlist *opts, const char *name, void *value, int len)
2004 TAILQ_FOREACH(opt, opts, link) {
2005 if (strcmp(name, opt->name) != 0)
2008 if (opt->value == NULL)
2011 if (opt->len != len)
2013 bcopy(value, opt->value, len);
2021 vfs_setopt_part(struct vfsoptlist *opts, const char *name, void *value, int len)
2025 TAILQ_FOREACH(opt, opts, link) {
2026 if (strcmp(name, opt->name) != 0)
2029 if (opt->value == NULL)
2035 bcopy(value, opt->value, len);
2043 vfs_setopts(struct vfsoptlist *opts, const char *name, const char *value)
2047 TAILQ_FOREACH(opt, opts, link) {
2048 if (strcmp(name, opt->name) != 0)
2051 if (opt->value == NULL)
2052 opt->len = strlen(value) + 1;
2053 else if (strlcpy(opt->value, value, opt->len) >= opt->len)
2061 * Find and copy a mount option.
2063 * The size of the buffer has to be specified
2064 * in len, if it is not the same length as the
2065 * mount option, EINVAL is returned.
2066 * Returns ENOENT if the option is not found.
2069 vfs_copyopt(struct vfsoptlist *opts, const char *name, void *dest, int len)
2073 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL"));
2075 TAILQ_FOREACH(opt, opts, link) {
2076 if (strcmp(name, opt->name) == 0) {
2078 if (len != opt->len)
2080 bcopy(opt->value, dest, opt->len);
2088 __vfs_statfs(struct mount *mp, struct statfs *sbp)
2092 * Filesystems only fill in part of the structure for updates, we
2093 * have to read the entirety first to get all content.
2095 memcpy(sbp, &mp->mnt_stat, sizeof(*sbp));
2098 * Set these in case the underlying filesystem fails to do so.
2100 sbp->f_version = STATFS_VERSION;
2101 sbp->f_namemax = NAME_MAX;
2102 sbp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
2104 return (mp->mnt_op->vfs_statfs(mp, sbp));
2108 vfs_mountedfrom(struct mount *mp, const char *from)
2111 bzero(mp->mnt_stat.f_mntfromname, sizeof mp->mnt_stat.f_mntfromname);
2112 strlcpy(mp->mnt_stat.f_mntfromname, from,
2113 sizeof mp->mnt_stat.f_mntfromname);
2117 * ---------------------------------------------------------------------
2118 * This is the api for building mount args and mounting filesystems from
2119 * inside the kernel.
2121 * The API works by accumulation of individual args. First error is
2124 * XXX: should be documented in new manpage kernel_mount(9)
2127 /* A memory allocation which must be freed when we are done */
2129 SLIST_ENTRY(mntaarg) next;
2132 /* The header for the mount arguments */
2137 SLIST_HEAD(, mntaarg) list;
2141 * Add a boolean argument.
2143 * flag is the boolean value.
2144 * name must start with "no".
2147 mount_argb(struct mntarg *ma, int flag, const char *name)
2150 KASSERT(name[0] == 'n' && name[1] == 'o',
2151 ("mount_argb(...,%s): name must start with 'no'", name));
2153 return (mount_arg(ma, name + (flag ? 2 : 0), NULL, 0));
2157 * Add an argument printf style
2160 mount_argf(struct mntarg *ma, const char *name, const char *fmt, ...)
2163 struct mntaarg *maa;
2168 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO);
2169 SLIST_INIT(&ma->list);
2174 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2),
2176 ma->v[ma->len].iov_base = (void *)(uintptr_t)name;
2177 ma->v[ma->len].iov_len = strlen(name) + 1;
2180 sb = sbuf_new_auto();
2182 sbuf_vprintf(sb, fmt, ap);
2185 len = sbuf_len(sb) + 1;
2186 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO);
2187 SLIST_INSERT_HEAD(&ma->list, maa, next);
2188 bcopy(sbuf_data(sb), maa + 1, len);
2191 ma->v[ma->len].iov_base = maa + 1;
2192 ma->v[ma->len].iov_len = len;
2199 * Add an argument which is a userland string.
2202 mount_argsu(struct mntarg *ma, const char *name, const void *val, int len)
2204 struct mntaarg *maa;
2210 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO);
2211 SLIST_INIT(&ma->list);
2215 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO);
2216 SLIST_INSERT_HEAD(&ma->list, maa, next);
2217 tbuf = (void *)(maa + 1);
2218 ma->error = copyinstr(val, tbuf, len, NULL);
2219 return (mount_arg(ma, name, tbuf, -1));
2225 * If length is -1, treat value as a C string.
2228 mount_arg(struct mntarg *ma, const char *name, const void *val, int len)
2232 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO);
2233 SLIST_INIT(&ma->list);
2238 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2),
2240 ma->v[ma->len].iov_base = (void *)(uintptr_t)name;
2241 ma->v[ma->len].iov_len = strlen(name) + 1;
2244 ma->v[ma->len].iov_base = (void *)(uintptr_t)val;
2246 ma->v[ma->len].iov_len = strlen(val) + 1;
2248 ma->v[ma->len].iov_len = len;
2254 * Free a mntarg structure
2257 free_mntarg(struct mntarg *ma)
2259 struct mntaarg *maa;
2261 while (!SLIST_EMPTY(&ma->list)) {
2262 maa = SLIST_FIRST(&ma->list);
2263 SLIST_REMOVE_HEAD(&ma->list, next);
2266 free(ma->v, M_MOUNT);
2271 * Mount a filesystem
2274 kernel_mount(struct mntarg *ma, uint64_t flags)
2279 KASSERT(ma != NULL, ("kernel_mount NULL ma"));
2280 KASSERT(ma->v != NULL, ("kernel_mount NULL ma->v"));
2281 KASSERT(!(ma->len & 1), ("kernel_mount odd ma->len (%d)", ma->len));
2283 auio.uio_iov = ma->v;
2284 auio.uio_iovcnt = ma->len;
2285 auio.uio_segflg = UIO_SYSSPACE;
2289 error = vfs_donmount(curthread, flags, &auio);
2295 * A printflike function to mount a filesystem.
2298 kernel_vmount(int flags, ...)
2300 struct mntarg *ma = NULL;
2306 va_start(ap, flags);
2308 cp = va_arg(ap, const char *);
2311 vp = va_arg(ap, const void *);
2312 ma = mount_arg(ma, cp, vp, (vp != NULL ? -1 : 0));
2316 error = kernel_mount(ma, flags);
2321 vfs_oexport_conv(const struct oexport_args *oexp, struct export_args *exp)
2324 bcopy(oexp, exp, sizeof(*oexp));
2325 exp->ex_numsecflavors = 0;
projects / FreeBSD / FreeBSD.git / blob