2 * Copyright (c) 1999-2004 Poul-Henning Kamp
3 * Copyright (c) 1999 Michael Smith
4 * Copyright (c) 1989, 1993
5 * The Regents of the University of California. All rights reserved.
6 * (c) UNIX System Laboratories, Inc.
7 * All or some portions of this file are derived from material licensed
8 * to the University of California by American Telephone and Telegraph
9 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
10 * the permission of UNIX System Laboratories, Inc.
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 4. Neither the name of the University nor the names of its contributors
21 * may be used to endorse or promote products derived from this software
22 * without specific prior written permission.
24 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include <sys/param.h>
43 #include <sys/kernel.h>
44 #include <sys/libkern.h>
46 #include <sys/malloc.h>
47 #include <sys/mount.h>
48 #include <sys/mutex.h>
49 #include <sys/namei.h>
51 #include <sys/filedesc.h>
52 #include <sys/reboot.h>
53 #include <sys/syscallsubr.h>
54 #include <sys/sysproto.h>
56 #include <sys/sysctl.h>
57 #include <sys/sysent.h>
58 #include <sys/systm.h>
59 #include <sys/vnode.h>
61 #include <geom/geom.h>
63 #include <machine/stdarg.h>
65 #include "opt_rootdevname.h"
73 #define ROOTNAME "root_device"
74 #define VFS_MOUNTARG_SIZE_MAX (1024 * 64)
76 static int vfs_domount(struct thread *td, const char *fstype,
77 char *fspath, int fsflags, void *fsdata);
78 static int vfs_mount_alloc(struct vnode *dvp, struct vfsconf *vfsp,
79 const char *fspath, struct thread *td, struct mount **mpp);
80 static int vfs_mountroot_ask(void);
81 static int vfs_mountroot_try(const char *mountfrom);
82 static int vfs_donmount(struct thread *td, int fsflags,
83 struct uio *fsoptions);
84 static void free_mntarg(struct mntarg *ma);
85 static void vfs_mount_destroy(struct mount *, struct thread *);
86 static int vfs_getopt_pos(struct vfsoptlist *opts, const char *name);
88 static int usermount = 0;
89 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0,
90 "Unprivileged users may mount and unmount file systems");
92 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure");
94 /* List of mounted filesystems. */
95 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist);
97 /* For any iteration/modification of mountlist */
98 struct mtx mountlist_mtx;
99 MTX_SYSINIT(mountlist, &mountlist_mtx, "mountlist", MTX_DEF);
101 TAILQ_HEAD(vfsoptlist, vfsopt);
103 TAILQ_ENTRY(vfsopt) link;
110 * The vnode of the system's root (/ in the filesystem, without chroot
113 struct vnode *rootvnode;
116 * The root filesystem is detailed in the kernel environment variable
117 * vfs.root.mountfrom, which is expected to be in the general format
120 * vfsname := the name of a VFS known to the kernel and capable
121 * of being mounted as root
122 * path := disk device name or other data used by the filesystem
123 * to locate its physical store
127 * Global opts, taken by all filesystems
129 static const char *global_opts[] = {
139 * The root specifiers we will try if RB_CDROM is specified.
141 static char *cdrom_rootdevnames[] = {
147 /* legacy find-root code */
148 char *rootdevnames[2] = {NULL, NULL};
150 # define ROOTDEVNAME NULL
152 static const char *ctrootdevname = ROOTDEVNAME;
155 * ---------------------------------------------------------------------
156 * Functions for building and sanitizing the mount options
159 /* Remove one mount option. */
161 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt)
164 TAILQ_REMOVE(opts, opt, link);
165 free(opt->name, M_MOUNT);
166 if (opt->value != NULL)
167 free(opt->value, M_MOUNT);
169 else if (opt->len != 0)
170 panic("%s: mount option with NULL value but length != 0",
176 /* Release all resources related to the mount options. */
178 vfs_freeopts(struct vfsoptlist *opts)
182 while (!TAILQ_EMPTY(opts)) {
183 opt = TAILQ_FIRST(opts);
184 vfs_freeopt(opts, opt);
190 * Check if options are equal (with or without the "no" prefix).
193 vfs_equalopts(const char *opt1, const char *opt2)
196 /* "opt" vs. "opt" or "noopt" vs. "noopt" */
197 if (strcmp(opt1, opt2) == 0)
199 /* "noopt" vs. "opt" */
200 if (strncmp(opt1, "no", 2) == 0 && strcmp(opt1 + 2, opt2) == 0)
202 /* "opt" vs. "noopt" */
203 if (strncmp(opt2, "no", 2) == 0 && strcmp(opt1, opt2 + 2) == 0)
209 * If a mount option is specified several times,
210 * (with or without the "no" prefix) only keep
211 * the last occurence of it.
214 vfs_sanitizeopts(struct vfsoptlist *opts)
216 struct vfsopt *opt, *opt2, *tmp;
218 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) {
219 opt2 = TAILQ_PREV(opt, vfsoptlist, link);
220 while (opt2 != NULL) {
221 if (vfs_equalopts(opt->name, opt2->name)) {
222 tmp = TAILQ_PREV(opt2, vfsoptlist, link);
223 vfs_freeopt(opts, opt2);
226 opt2 = TAILQ_PREV(opt2, vfsoptlist, link);
233 * Build a linked list of mount options from a struct uio.
236 vfs_buildopts(struct uio *auio, struct vfsoptlist **options)
238 struct vfsoptlist *opts;
241 unsigned int i, iovcnt;
242 int error, namelen, optlen;
244 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK);
247 iovcnt = auio->uio_iovcnt;
248 for (i = 0; i < iovcnt; i += 2) {
249 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK);
250 namelen = auio->uio_iov[i].iov_len;
251 optlen = auio->uio_iov[i + 1].iov_len;
252 opt->name = malloc(namelen, M_MOUNT, M_WAITOK);
257 * Do this early, so jumps to "bad" will free the current
260 TAILQ_INSERT_TAIL(opts, opt, link);
261 memused += sizeof(struct vfsopt) + optlen + namelen;
264 * Avoid consuming too much memory, and attempts to overflow
267 if (memused > VFS_MOUNTARG_SIZE_MAX ||
268 optlen > VFS_MOUNTARG_SIZE_MAX ||
269 namelen > VFS_MOUNTARG_SIZE_MAX) {
274 if (auio->uio_segflg == UIO_SYSSPACE) {
275 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen);
277 error = copyin(auio->uio_iov[i].iov_base, opt->name,
282 /* Ensure names are null-terminated strings. */
283 if (opt->name[namelen - 1] != '\0') {
289 opt->value = malloc(optlen, M_MOUNT, M_WAITOK);
290 if (auio->uio_segflg == UIO_SYSSPACE) {
291 bcopy(auio->uio_iov[i + 1].iov_base, opt->value,
294 error = copyin(auio->uio_iov[i + 1].iov_base,
301 vfs_sanitizeopts(opts);
310 * Merge the old mount options with the new ones passed
311 * in the MNT_UPDATE case.
314 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts)
316 struct vfsopt *opt, *opt2, *new;
318 TAILQ_FOREACH(opt, opts, link) {
320 * Check that this option hasn't been redefined
321 * nor cancelled with a "no" mount option.
323 opt2 = TAILQ_FIRST(toopts);
324 while (opt2 != NULL) {
325 if (strcmp(opt2->name, opt->name) == 0)
327 if (strncmp(opt2->name, "no", 2) == 0 &&
328 strcmp(opt2->name + 2, opt->name) == 0) {
329 vfs_freeopt(toopts, opt2);
332 opt2 = TAILQ_NEXT(opt2, link);
334 /* We want this option, duplicate it. */
335 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK);
336 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK);
337 strcpy(new->name, opt->name);
339 new->value = malloc(opt->len, M_MOUNT, M_WAITOK);
340 bcopy(opt->value, new->value, opt->len);
345 TAILQ_INSERT_TAIL(toopts, new, link);
352 * ---------------------------------------------------------------------
358 struct nmount_args /* {
370 /* Kick out MNT_ROOTFS early as it is legal internally */
371 if (uap->flags & MNT_ROOTFS)
374 iovcnt = uap->iovcnt;
376 * Check that we have an even number of iovec's
377 * and that we have at least two options.
379 if ((iovcnt & 1) || (iovcnt < 4))
382 error = copyinuio(uap->iovp, iovcnt, &auio);
386 for (i = 0; i < iovcnt; i++) {
387 if (iov->iov_len > MMAXOPTIONLEN) {
393 error = vfs_donmount(td, uap->flags, auio);
400 * ---------------------------------------------------------------------
401 * Various utility functions
405 * Allocate and initialize the mount point struct.
408 vfs_mount_alloc(struct vnode *vp, struct vfsconf *vfsp,
409 const char *fspath, struct thread *td, struct mount **mpp)
413 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO);
414 TAILQ_INIT(&mp->mnt_nvnodelist);
415 mp->mnt_nvnodelistsize = 0;
416 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF);
417 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, 0);
418 vfs_busy(mp, LK_NOWAIT, 0, td);
419 mp->mnt_op = vfsp->vfc_vfsops;
421 vfsp->vfc_refcount++;
422 mp->mnt_stat.f_type = vfsp->vfc_typenum;
423 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK;
424 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN);
425 mp->mnt_vnodecovered = vp;
426 mp->mnt_cred = crdup(td->td_ucred);
427 mp->mnt_stat.f_owner = td->td_ucred->cr_uid;
428 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN);
429 mp->mnt_iosize_max = DFLTPHYS;
432 mac_create_mount(td->td_ucred, mp);
434 arc4rand(&mp->mnt_hashseed, sizeof mp->mnt_hashseed, 0);
440 * Destroy the mount struct previously allocated by vfs_mount_alloc().
443 vfs_mount_destroy(struct mount *mp, struct thread *td)
446 mp->mnt_vfc->vfc_refcount--;
447 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist))
448 panic("unmount: dangling vnode");
450 lockdestroy(&mp->mnt_lock);
452 if (mp->mnt_kern_flag & MNTK_MWAIT)
455 mtx_destroy(&mp->mnt_mtx);
457 mac_destroy_mount(mp);
459 if (mp->mnt_opt != NULL)
460 vfs_freeopts(mp->mnt_opt);
461 crfree(mp->mnt_cred);
466 vfs_donmount(struct thread *td, int fsflags, struct uio *fsoptions)
468 struct vfsoptlist *optlist;
469 char *fstype, *fspath, *errmsg;
470 int error, fstypelen, fspathlen, errmsg_len, errmsg_pos;
475 error = vfs_buildopts(fsoptions, &optlist);
479 if (vfs_getopt(optlist, "errmsg", (void **)&errmsg, &errmsg_len) == 0)
480 errmsg_pos = vfs_getopt_pos(optlist, "errmsg");
485 * We need these two options before the others,
486 * and they are mandatory for any filesystem.
487 * Ensure they are NUL terminated as well.
490 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen);
491 if (error || fstype[fstypelen - 1] != '\0') {
494 strncpy(errmsg, "Invalid fstype", errmsg_len);
498 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen);
499 if (error || fspath[fspathlen - 1] != '\0') {
502 strncpy(errmsg, "Invalid fspath", errmsg_len);
507 * We need to see if we have the "update" option
508 * before we call vfs_domount(), since vfs_domount() has special
509 * logic based on MNT_UPDATE. This is very important
510 * when we want to update the root filesystem.
512 if (vfs_getopt(optlist, "update", NULL, NULL) == 0)
513 fsflags |= MNT_UPDATE;
515 if (vfs_getopt(optlist, "async", NULL, NULL) == 0)
516 fsflags |= MNT_ASYNC;
518 if (vfs_getopt(optlist, "force", NULL, NULL) == 0)
519 fsflags |= MNT_FORCE;
521 if (vfs_getopt(optlist, "multilabel", NULL, NULL) == 0)
522 fsflags |= MNT_MULTILABEL;
524 if (vfs_getopt(optlist, "noasync", NULL, NULL) == 0)
525 fsflags &= ~MNT_ASYNC;
527 if (vfs_getopt(optlist, "noatime", NULL, NULL) == 0)
528 fsflags |= MNT_NOATIME;
530 if (vfs_getopt(optlist, "noclusterr", NULL, NULL) == 0)
531 fsflags |= MNT_NOCLUSTERR;
533 if (vfs_getopt(optlist, "noclusterw", NULL, NULL) == 0)
534 fsflags |= MNT_NOCLUSTERW;
536 if (vfs_getopt(optlist, "noexec", NULL, NULL) == 0)
537 fsflags |= MNT_NOEXEC;
539 if (vfs_getopt(optlist, "nosuid", NULL, NULL) == 0)
540 fsflags |= MNT_NOSUID;
542 if (vfs_getopt(optlist, "nosymfollow", NULL, NULL) == 0)
543 fsflags |= MNT_NOSYMFOLLOW;
545 if (vfs_getopt(optlist, "snapshot", NULL, NULL) == 0)
546 fsflags |= MNT_SNAPSHOT;
548 if (vfs_getopt(optlist, "suiddir", NULL, NULL) == 0)
549 fsflags |= MNT_SUIDDIR;
551 if (vfs_getopt(optlist, "sync", NULL, NULL) == 0)
552 fsflags |= MNT_SYNCHRONOUS;
554 if (vfs_getopt(optlist, "union", NULL, NULL) == 0)
555 fsflags |= MNT_UNION;
558 * Be ultra-paranoid about making sure the type and fspath
559 * variables will fit in our mp buffers, including the
562 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) {
563 error = ENAMETOOLONG;
568 error = vfs_domount(td, fstype, fspath, fsflags, optlist);
571 /* copyout the errmsg */
572 if (errmsg_pos != -1 && ((2 * errmsg_pos + 1) < fsoptions->uio_iovcnt)
573 && errmsg_len > 0 && errmsg != NULL) {
574 if (fsoptions->uio_segflg == UIO_SYSSPACE) {
575 strncpy(fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base,
577 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len);
580 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base,
581 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len,
587 vfs_freeopts(optlist);
592 * ---------------------------------------------------------------------
595 #ifndef _SYS_SYSPROTO_H_
607 struct mount_args /* {
615 struct vfsconf *vfsp = NULL;
616 struct mntarg *ma = NULL;
619 /* Kick out MNT_ROOTFS early as it is legal internally */
620 uap->flags &= ~MNT_ROOTFS;
622 if (uap->data == NULL)
625 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK);
626 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL);
628 mtx_lock(&Giant); /* XXX ? */
629 vfsp = vfs_byname_kld(fstype, td, &error);
632 free(fstype, M_TEMP);
637 if (vfsp->vfc_vfsops->vfs_cmount == NULL)
640 ma = mount_argsu(ma, "fstype", uap->type, MNAMELEN);
641 ma = mount_argsu(ma, "fspath", uap->path, MNAMELEN);
642 ma = mount_argb(ma, uap->flags & MNT_RDONLY, "noro");
643 ma = mount_argb(ma, !(uap->flags & MNT_NOSUID), "nosuid");
644 ma = mount_argb(ma, !(uap->flags & MNT_NOEXEC), "noexec");
646 error = vfsp->vfc_vfsops->vfs_cmount(ma, uap->data, uap->flags, td);
652 * vfs_domount(): actually attempt a filesystem mount.
656 struct thread *td, /* Flags common to all filesystems. */
657 const char *fstype, /* Filesystem type. */
658 char *fspath, /* Mount path. */
659 int fsflags, /* Flags common to all filesystems. */
660 void *fsdata /* Options local to the filesystem. */
665 struct vfsconf *vfsp;
666 int error, flag = 0, kern_flag = 0;
670 mtx_assert(&Giant, MA_OWNED);
673 * Be ultra-paranoid about making sure the type and fspath
674 * variables will fit in our mp buffers, including the
677 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN)
678 return (ENAMETOOLONG);
680 if (jailed(td->td_ucred))
682 if (usermount == 0) {
683 if ((error = suser(td)) != 0)
688 * Do not allow NFS export or MNT_SUIDDIR by unprivileged users.
690 if (fsflags & (MNT_EXPORTED | MNT_SUIDDIR)) {
691 if ((error = suser(td)) != 0)
695 * Silently enforce MNT_NOSUID and MNT_USER for
696 * unprivileged users.
699 fsflags |= MNT_NOSUID | MNT_USER;
701 * Get vnode to be covered
703 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td);
704 if ((error = namei(&nd)) != 0)
706 NDFREE(&nd, NDF_ONLY_PNBUF);
708 if (fsflags & MNT_UPDATE) {
709 if ((vp->v_vflag & VV_ROOT) == 0) {
715 kern_flag = mp->mnt_kern_flag;
717 * We only allow the filesystem to be reloaded if it
718 * is currently mounted read-only.
720 if ((fsflags & MNT_RELOAD) &&
721 ((mp->mnt_flag & MNT_RDONLY) == 0)) {
723 return (EOPNOTSUPP); /* Needs translation */
726 * Only privileged root, or (if MNT_USER is set) the user that
727 * did the original mount is permitted to update it.
729 error = vfs_suser(mp, td);
734 if (vfs_busy(mp, LK_NOWAIT, 0, td)) {
739 if ((vp->v_iflag & VI_MOUNT) != 0 ||
740 vp->v_mountedhere != NULL) {
746 vp->v_iflag |= VI_MOUNT;
748 mp->mnt_flag |= fsflags &
749 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT | MNT_ROOTFS);
750 VOP_UNLOCK(vp, 0, td);
751 mp->mnt_optnew = fsdata;
752 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt);
755 * If the user is not root, ensure that they own the directory
756 * onto which we are attempting to mount.
758 error = VOP_GETATTR(vp, &va, td->td_ucred, td);
763 if (va.va_uid != td->td_ucred->cr_uid) {
764 if ((error = suser(td)) != 0) {
769 error = vinvalbuf(vp, V_SAVE, td, 0, 0);
774 if (vp->v_type != VDIR) {
778 vfsp = vfs_byname_kld(fstype, td, &error);
784 if ((vp->v_iflag & VI_MOUNT) != 0 ||
785 vp->v_mountedhere != NULL) {
790 vp->v_iflag |= VI_MOUNT;
794 * Allocate and initialize the filesystem.
796 error = vfs_mount_alloc(vp, vfsp, fspath, td, &mp);
801 VOP_UNLOCK(vp, 0, td);
803 /* XXXMAC: pass to vfs_mount_alloc? */
804 mp->mnt_optnew = fsdata;
808 * Set the mount level flags.
810 if (fsflags & MNT_RDONLY)
811 mp->mnt_flag |= MNT_RDONLY;
812 mp->mnt_flag &=~ MNT_UPDATEMASK;
813 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE | MNT_ROOTFS);
815 * Mount the filesystem.
816 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they
817 * get. No freeing of cn_pnbuf.
819 error = VFS_MOUNT(mp, td);
821 if (mp->mnt_opt != NULL)
822 vfs_freeopts(mp->mnt_opt);
823 mp->mnt_opt = mp->mnt_optnew;
824 VFS_STATFS(mp, &mp->mnt_stat, td);
827 * Prevent external consumers of mount options from reading
830 mp->mnt_optnew = NULL;
831 if (mp->mnt_flag & MNT_UPDATE) {
833 ~(MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT);
836 mp->mnt_kern_flag = kern_flag;
838 if ((mp->mnt_flag & MNT_RDONLY) == 0) {
839 if (mp->mnt_syncer == NULL)
840 error = vfs_allocate_syncvnode(mp);
842 if (mp->mnt_syncer != NULL)
843 vrele(mp->mnt_syncer);
844 mp->mnt_syncer = NULL;
848 vp->v_iflag &= ~VI_MOUNT;
853 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
855 * Put the new filesystem on the mount list after root.
862 vp->v_iflag &= ~VI_MOUNT;
864 vp->v_mountedhere = mp;
865 mtx_lock(&mountlist_mtx);
866 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list);
867 mtx_unlock(&mountlist_mtx);
868 vfs_event_signal(NULL, VQ_MOUNT, 0);
869 if (VFS_ROOT(mp, LK_EXCLUSIVE, &newdp, td))
870 panic("mount: lost mount");
871 mountcheckdirs(vp, newdp);
873 VOP_UNLOCK(vp, 0, td);
874 if ((mp->mnt_flag & MNT_RDONLY) == 0)
875 error = vfs_allocate_syncvnode(mp);
881 vp->v_iflag &= ~VI_MOUNT;
883 vfs_mount_destroy(mp, td);
890 * ---------------------------------------------------------------------
891 * Unmount a filesystem.
893 * Note: unmount takes a path to the vnode mounted on as argument,
894 * not special file (as before).
896 #ifndef _SYS_SYSPROTO_H_
897 struct unmount_args {
906 register struct unmount_args /* {
915 if (jailed(td->td_ucred))
917 if (usermount == 0) {
918 if ((error = suser(td)) != 0)
922 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK);
923 error = copyinstr(uap->path, pathbuf, MNAMELEN, NULL);
925 free(pathbuf, M_TEMP);
928 if (uap->flags & MNT_BYFSID) {
929 /* Decode the filesystem ID. */
930 if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) {
931 free(pathbuf, M_TEMP);
935 mtx_lock(&mountlist_mtx);
936 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) {
937 if (mp->mnt_stat.f_fsid.val[0] == id0 &&
938 mp->mnt_stat.f_fsid.val[1] == id1)
941 mtx_unlock(&mountlist_mtx);
943 mtx_lock(&mountlist_mtx);
944 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) {
945 if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0)
948 mtx_unlock(&mountlist_mtx);
950 free(pathbuf, M_TEMP);
953 * Previously we returned ENOENT for a nonexistent path and
954 * EINVAL for a non-mountpoint. We cannot tell these apart
955 * now, so in the !MNT_BYFSID case return the more likely
956 * EINVAL for compatibility.
958 return ((uap->flags & MNT_BYFSID) ? ENOENT : EINVAL);
962 * Only privileged root, or (if MNT_USER is set) the user that did the
963 * original mount is permitted to unmount this filesystem.
965 error = vfs_suser(mp, td);
970 * Don't allow unmounting the root filesystem.
972 if (mp->mnt_flag & MNT_ROOTFS)
975 error = dounmount(mp, uap->flags, td);
981 * Do the actual filesystem unmount.
984 dounmount(mp, flags, td)
989 struct vnode *coveredvp, *fsrootvp;
993 mtx_assert(&Giant, MA_OWNED);
996 if (mp->mnt_kern_flag & MNTK_UNMOUNT) {
1000 mp->mnt_kern_flag |= MNTK_UNMOUNT;
1001 /* Allow filesystems to detect that a forced unmount is in progress. */
1002 if (flags & MNT_FORCE)
1003 mp->mnt_kern_flag |= MNTK_UNMOUNTF;
1004 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK |
1005 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), MNT_MTX(mp), td);
1008 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF);
1009 if (mp->mnt_kern_flag & MNTK_MWAIT)
1014 vn_start_write(NULL, &mp, V_WAIT);
1016 if (mp->mnt_flag & MNT_EXPUBLIC)
1017 vfs_setpublicfs(NULL, NULL, NULL);
1019 vfs_msync(mp, MNT_WAIT);
1020 async_flag = mp->mnt_flag & MNT_ASYNC;
1021 mp->mnt_flag &= ~MNT_ASYNC;
1022 cache_purgevfs(mp); /* remove cache entries for this file sys */
1023 if (mp->mnt_syncer != NULL)
1024 vrele(mp->mnt_syncer);
1026 * For forced unmounts, move process cdir/rdir refs on the fs root
1027 * vnode to the covered vnode. For non-forced unmounts we want
1028 * such references to cause an EBUSY error.
1030 if ((flags & MNT_FORCE) &&
1031 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp, td) == 0) {
1032 if (mp->mnt_vnodecovered != NULL)
1033 mountcheckdirs(fsrootvp, mp->mnt_vnodecovered);
1034 if (fsrootvp == rootvnode) {
1040 if (((mp->mnt_flag & MNT_RDONLY) ||
1041 (error = VFS_SYNC(mp, MNT_WAIT, td)) == 0) ||
1042 (flags & MNT_FORCE)) {
1043 error = VFS_UNMOUNT(mp, flags, td);
1045 vn_finished_write(mp);
1047 /* Undo cdir/rdir and rootvnode changes made above. */
1048 if ((flags & MNT_FORCE) &&
1049 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp, td) == 0) {
1050 if (mp->mnt_vnodecovered != NULL)
1051 mountcheckdirs(mp->mnt_vnodecovered, fsrootvp);
1052 if (rootvnode == NULL) {
1053 rootvnode = fsrootvp;
1058 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL)
1059 (void) vfs_allocate_syncvnode(mp);
1061 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF);
1062 mp->mnt_flag |= async_flag;
1063 lockmgr(&mp->mnt_lock, LK_RELEASE, NULL, td);
1064 if (mp->mnt_kern_flag & MNTK_MWAIT)
1069 mtx_lock(&mountlist_mtx);
1070 TAILQ_REMOVE(&mountlist, mp, mnt_list);
1071 if ((coveredvp = mp->mnt_vnodecovered) != NULL)
1072 coveredvp->v_mountedhere = NULL;
1073 mtx_unlock(&mountlist_mtx);
1074 vfs_event_signal(NULL, VQ_UNMOUNT, 0);
1075 vfs_mount_destroy(mp, td);
1076 if (coveredvp != NULL)
1082 * ---------------------------------------------------------------------
1083 * Mounting of root filesystem
1087 struct root_hold_token {
1089 LIST_ENTRY(root_hold_token) list;
1092 static LIST_HEAD(, root_hold_token) root_holds =
1093 LIST_HEAD_INITIALIZER(&root_holds);
1095 struct root_hold_token *
1096 root_mount_hold(const char *identifier)
1098 struct root_hold_token *h;
1100 h = malloc(sizeof *h, M_DEVBUF, M_ZERO | M_WAITOK);
1101 h->who = identifier;
1102 mtx_lock(&mountlist_mtx);
1103 LIST_INSERT_HEAD(&root_holds, h, list);
1104 mtx_unlock(&mountlist_mtx);
1109 root_mount_rel(struct root_hold_token *h)
1112 mtx_lock(&mountlist_mtx);
1113 LIST_REMOVE(h, list);
1114 wakeup(&root_holds);
1115 mtx_unlock(&mountlist_mtx);
1120 root_mount_wait(void)
1122 struct root_hold_token *h;
1128 mtx_lock(&mountlist_mtx);
1129 if (LIST_EMPTY(&root_holds)) {
1130 mtx_unlock(&mountlist_mtx);
1133 printf("Root mount waiting for:");
1134 LIST_FOREACH(h, &root_holds, list)
1135 printf(" %s", h->who);
1137 msleep(&root_holds, &mountlist_mtx, PZERO | PDROP, "roothold",
1143 set_rootvnode(struct thread *td)
1147 if (VFS_ROOT(TAILQ_FIRST(&mountlist), LK_EXCLUSIVE, &rootvnode, td))
1148 panic("Cannot find root vnode");
1151 FILEDESC_LOCK(p->p_fd);
1153 if (p->p_fd->fd_cdir != NULL)
1154 vrele(p->p_fd->fd_cdir);
1155 p->p_fd->fd_cdir = rootvnode;
1158 if (p->p_fd->fd_rdir != NULL)
1159 vrele(p->p_fd->fd_rdir);
1160 p->p_fd->fd_rdir = rootvnode;
1163 FILEDESC_UNLOCK(p->p_fd);
1165 VOP_UNLOCK(rootvnode, 0, td);
1169 * Mount /devfs as our root filesystem, but do not put it on the mountlist
1170 * yet. Create a /dev -> / symlink so that absolute pathnames will lookup.
1176 struct thread *td = curthread;
1177 struct vfsconf *vfsp;
1178 struct mount *mp = NULL;
1181 vfsp = vfs_byname("devfs");
1182 KASSERT(vfsp != NULL, ("Could not find devfs by name"));
1186 error = vfs_mount_alloc(NULLVP, vfsp, "/dev", td, &mp);
1187 KASSERT(error == 0, ("vfs_mount_alloc failed %d", error));
1191 error = VFS_MOUNT(mp, curthread);
1192 KASSERT(error == 0, ("VFS_MOUNT(devfs) failed %d", error));
1196 mtx_lock(&mountlist_mtx);
1197 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list);
1198 mtx_unlock(&mountlist_mtx);
1202 error = kern_symlink(td, "/", "dev", UIO_SYSSPACE);
1204 printf("kern_symlink /dev -> / returns %d\n", error);
1208 * Surgically move our devfs to be mounted on /dev.
1212 devfs_fixup(struct thread *td)
1214 struct nameidata nd;
1216 struct vnode *vp, *dvp;
1219 /* Remove our devfs mount from the mountlist and purge the cache */
1220 mtx_lock(&mountlist_mtx);
1221 mp = TAILQ_FIRST(&mountlist);
1222 TAILQ_REMOVE(&mountlist, mp, mnt_list);
1223 mtx_unlock(&mountlist_mtx);
1226 VFS_ROOT(mp, LK_EXCLUSIVE, &dvp, td);
1228 dvp->v_iflag &= ~VI_MOUNT;
1229 dvp->v_mountedhere = NULL;
1232 /* Set up the real rootvnode, and purge the cache */
1233 TAILQ_FIRST(&mountlist)->mnt_vnodecovered = NULL;
1235 cache_purgevfs(rootvnode->v_mount);
1237 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, "/dev", td);
1240 printf("Lookup of /dev for devfs, error: %d\n", error);
1243 NDFREE(&nd, NDF_ONLY_PNBUF);
1245 if (vp->v_type != VDIR) {
1248 error = vinvalbuf(vp, V_SAVE, td, 0, 0);
1253 mp->mnt_vnodecovered = vp;
1254 vp->v_mountedhere = mp;
1255 mtx_lock(&mountlist_mtx);
1256 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list);
1257 mtx_unlock(&mountlist_mtx);
1258 VOP_UNLOCK(vp, 0, td);
1262 /* Unlink the no longer needed /dev/dev -> / symlink */
1263 kern_unlink(td, "/dev/dev", UIO_SYSSPACE);
1267 * Report errors during filesystem mounting.
1270 vfs_mount_error(struct mount *mp, const char *fmt, ...)
1272 struct vfsoptlist *moptlist = mp->mnt_optnew;
1277 error = vfs_getopt(moptlist, "errmsg", (void **)&errmsg, &len);
1278 if (error || errmsg == NULL || len <= 0)
1282 vsnprintf(errmsg, (size_t)len, fmt, ap);
1287 * Find and mount the root filesystem
1293 int error, i, asked = 0;
1300 * We are booted with instructions to prompt for the root filesystem.
1302 if (boothowto & RB_ASKNAME) {
1303 if (!vfs_mountroot_ask())
1309 * The root filesystem information is compiled in, and we are
1310 * booted with instructions to use it.
1312 if (ctrootdevname != NULL && (boothowto & RB_DFLTROOT)) {
1313 if (!vfs_mountroot_try(ctrootdevname))
1315 ctrootdevname = NULL;
1319 * We've been given the generic "use CDROM as root" flag. This is
1320 * necessary because one media may be used in many different
1321 * devices, so we need to search for them.
1323 if (boothowto & RB_CDROM) {
1324 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) {
1325 if (!vfs_mountroot_try(cdrom_rootdevnames[i]))
1331 * Try to use the value read by the loader from /etc/fstab, or
1332 * supplied via some other means. This is the preferred
1335 cp = getenv("vfs.root.mountfrom");
1337 error = vfs_mountroot_try(cp);
1344 * Try values that may have been computed by code during boot
1346 if (!vfs_mountroot_try(rootdevnames[0]))
1348 if (!vfs_mountroot_try(rootdevnames[1]))
1352 * If we (still) have a compiled-in default, try it.
1354 if (ctrootdevname != NULL)
1355 if (!vfs_mountroot_try(ctrootdevname))
1358 * Everything so far has failed, prompt on the console if we haven't
1359 * already tried that.
1362 if (!vfs_mountroot_ask())
1365 panic("Root mount failed, startup aborted.");
1369 * Mount (mountfrom) as the root filesystem.
1372 vfs_mountroot_try(const char *mountfrom)
1375 char *vfsname, *path;
1385 if (mountfrom == NULL)
1386 return (error); /* don't complain */
1387 printf("Trying to mount root from %s\n", mountfrom);
1389 /* parse vfs name and path */
1390 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK);
1391 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK);
1392 vfsname[0] = path[0] = 0;
1393 sprintf(patt, "%%%d[a-z0-9]:%%%ds", MFSNAMELEN, MNAMELEN);
1394 if (sscanf(mountfrom, patt, vfsname, path) < 1)
1397 if (path[0] == '\0')
1398 strcpy(path, ROOTNAME);
1400 error = kernel_vmount(
1401 MNT_RDONLY | MNT_ROOTFS,
1408 * We mount devfs prior to mounting the / FS, so the first
1409 * entry will typically be devfs.
1411 mp = TAILQ_FIRST(&mountlist);
1412 KASSERT(mp != NULL, ("%s: mountlist is empty", __func__));
1415 * Iterate over all currently mounted file systems and use
1416 * the time stamp found to check and/or initialize the RTC.
1417 * Typically devfs has no time stamp and the only other FS
1418 * is the actual / FS.
1419 * Call inittodr() only once and pass it the largest of the
1420 * timestamps we encounter.
1424 if (mp->mnt_time > timebase)
1425 timebase = mp->mnt_time;
1426 mp = TAILQ_NEXT(mp, mnt_list);
1427 } while (mp != NULL);
1430 devfs_fixup(curthread);
1433 free(path, M_MOUNT);
1434 free(vfsname, M_MOUNT);
1439 * ---------------------------------------------------------------------
1440 * Interactive root filesystem selection code.
1444 vfs_mountroot_ask(void)
1449 printf("\nManual root filesystem specification:\n");
1450 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n");
1451 #if defined(__i386__) || defined(__ia64__)
1452 printf(" eg. ufs:da0s1a\n");
1454 printf(" eg. ufs:/dev/da0a\n");
1456 printf(" ? List valid disk boot devices\n");
1457 printf(" <empty line> Abort manual input\n");
1458 printf("\nmountroot> ");
1459 gets(name, sizeof(name), 1);
1460 if (name[0] == '\0')
1462 if (name[0] == '?') {
1463 printf("\nList of GEOM managed disk devices:\n ");
1467 if (!vfs_mountroot_try(name))
1473 * ---------------------------------------------------------------------
1474 * Functions for querying mount options/arguments from filesystems.
1478 * Check that no unknown options are given
1481 vfs_filteropt(struct vfsoptlist *opts, const char **legal)
1487 TAILQ_FOREACH(opt, opts, link) {
1489 if (p[0] == 'n' && p[1] == 'o')
1491 for(t = global_opts; *t != NULL; t++)
1496 for(t = legal; *t != NULL; t++)
1501 printf("mount option <%s> is unknown\n", p);
1508 * Get a mount option by its name.
1510 * Return 0 if the option was found, ENOENT otherwise.
1511 * If len is non-NULL it will be filled with the length
1512 * of the option. If buf is non-NULL, it will be filled
1513 * with the address of the option.
1516 vfs_getopt(opts, name, buf, len)
1517 struct vfsoptlist *opts;
1524 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL"));
1526 TAILQ_FOREACH(opt, opts, link) {
1527 if (strcmp(name, opt->name) == 0) {
1539 vfs_getopt_pos(struct vfsoptlist *opts, const char *name)
1548 TAILQ_FOREACH(opt, opts, link) {
1549 if (strcmp(name, opt->name) == 0)
1557 vfs_getopts(struct vfsoptlist *opts, const char *name, int *error)
1562 TAILQ_FOREACH(opt, opts, link) {
1563 if (strcmp(name, opt->name) != 0)
1565 if (((char *)opt->value)[opt->len - 1] != '\0') {
1569 return (opt->value);
1575 vfs_flagopt(struct vfsoptlist *opts, const char *name, u_int *w, u_int val)
1579 TAILQ_FOREACH(opt, opts, link) {
1580 if (strcmp(name, opt->name) == 0) {
1592 vfs_scanopt(struct vfsoptlist *opts, const char *name, const char *fmt, ...)
1598 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL"));
1600 TAILQ_FOREACH(opt, opts, link) {
1601 if (strcmp(name, opt->name) != 0)
1603 if (((char *)opt->value)[opt->len - 1] != '\0')
1606 ret = vsscanf(opt->value, fmt, ap);
1614 * Find and copy a mount option.
1616 * The size of the buffer has to be specified
1617 * in len, if it is not the same length as the
1618 * mount option, EINVAL is returned.
1619 * Returns ENOENT if the option is not found.
1622 vfs_copyopt(opts, name, dest, len)
1623 struct vfsoptlist *opts;
1630 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL"));
1632 TAILQ_FOREACH(opt, opts, link) {
1633 if (strcmp(name, opt->name) == 0) {
1634 if (len != opt->len)
1636 bcopy(opt->value, dest, opt->len);
1644 * This is a helper function for filesystems to traverse their
1645 * vnodes. See MNT_VNODE_FOREACH() in sys/mount.h
1649 __mnt_vnode_next(struct vnode **nvp, struct mount *mp)
1653 mtx_assert(&mp->mnt_mtx, MA_OWNED);
1656 /* Check if we are done */
1659 /* If our next vnode is no longer ours, start over */
1660 if (vp->v_mount != mp)
1661 vp = TAILQ_FIRST(&mp->mnt_nvnodelist);
1662 /* Save pointer to next vnode in list */
1664 *nvp = TAILQ_NEXT(vp, v_nmntvnodes);
1671 __vfs_statfs(struct mount *mp, struct statfs *sbp, struct thread *td)
1675 error = mp->mnt_op->vfs_statfs(mp, &mp->mnt_stat, td);
1676 if (sbp != &mp->mnt_stat)
1677 *sbp = mp->mnt_stat;
1682 vfs_mountedfrom(struct mount *mp, const char *from)
1685 bzero(mp->mnt_stat.f_mntfromname, sizeof mp->mnt_stat.f_mntfromname);
1686 strlcpy(mp->mnt_stat.f_mntfromname, from,
1687 sizeof mp->mnt_stat.f_mntfromname);
1691 * ---------------------------------------------------------------------
1692 * This is the api for building mount args and mounting filesystems from
1693 * inside the kernel.
1695 * The API works by accumulation of individual args. First error is
1698 * XXX: should be documented in new manpage kernel_mount(9)
1701 /* A memory allocation which must be freed when we are done */
1703 SLIST_ENTRY(mntaarg) next;
1706 /* The header for the mount arguments */
1711 SLIST_HEAD(, mntaarg) list;
1715 * Add a boolean argument.
1717 * flag is the boolean value.
1718 * name must start with "no".
1721 mount_argb(struct mntarg *ma, int flag, const char *name)
1724 KASSERT(name[0] == 'n' && name[1] == 'o',
1725 ("mount_argb(...,%s): name must start with 'no'", name));
1727 return (mount_arg(ma, name + (flag ? 2 : 0), NULL, 0));
1731 * Add an argument printf style
1734 mount_argf(struct mntarg *ma, const char *name, const char *fmt, ...)
1737 struct mntaarg *maa;
1742 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO);
1743 SLIST_INIT(&ma->list);
1748 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2),
1750 ma->v[ma->len].iov_base = (void *)(uintptr_t)name;
1751 ma->v[ma->len].iov_len = strlen(name) + 1;
1754 sb = sbuf_new(NULL, NULL, 0, SBUF_AUTOEXTEND);
1756 sbuf_vprintf(sb, fmt, ap);
1759 len = sbuf_len(sb) + 1;
1760 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO);
1761 SLIST_INSERT_HEAD(&ma->list, maa, next);
1762 bcopy(sbuf_data(sb), maa + 1, len);
1765 ma->v[ma->len].iov_base = maa + 1;
1766 ma->v[ma->len].iov_len = len;
1773 * Add an argument which is a userland string.
1776 mount_argsu(struct mntarg *ma, const char *name, const void *val, int len)
1778 struct mntaarg *maa;
1784 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO);
1785 SLIST_INIT(&ma->list);
1789 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO);
1790 SLIST_INSERT_HEAD(&ma->list, maa, next);
1791 tbuf = (void *)(maa + 1);
1792 ma->error = copyinstr(val, tbuf, len, NULL);
1793 return (mount_arg(ma, name, tbuf, -1));
1799 * If length is -1, use printf.
1802 mount_arg(struct mntarg *ma, const char *name, const void *val, int len)
1806 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO);
1807 SLIST_INIT(&ma->list);
1812 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2),
1814 ma->v[ma->len].iov_base = (void *)(uintptr_t)name;
1815 ma->v[ma->len].iov_len = strlen(name) + 1;
1818 ma->v[ma->len].iov_base = (void *)(uintptr_t)val;
1820 ma->v[ma->len].iov_len = strlen(val) + 1;
1822 ma->v[ma->len].iov_len = len;
1828 * Free a mntarg structure
1831 free_mntarg(struct mntarg *ma)
1833 struct mntaarg *maa;
1835 while (!SLIST_EMPTY(&ma->list)) {
1836 maa = SLIST_FIRST(&ma->list);
1837 SLIST_REMOVE_HEAD(&ma->list, next);
1840 free(ma->v, M_MOUNT);
1845 * Mount a filesystem
1848 kernel_mount(struct mntarg *ma, int flags)
1853 KASSERT(ma != NULL, ("kernel_mount NULL ma"));
1854 KASSERT(ma->v != NULL, ("kernel_mount NULL ma->v"));
1855 KASSERT(!(ma->len & 1), ("kernel_mount odd ma->len (%d)", ma->len));
1857 auio.uio_iov = ma->v;
1858 auio.uio_iovcnt = ma->len;
1859 auio.uio_segflg = UIO_SYSSPACE;
1863 error = vfs_donmount(curthread, flags, &auio);
1869 * A printflike function to mount a filesystem.
1872 kernel_vmount(int flags, ...)
1874 struct mntarg *ma = NULL;
1880 va_start(ap, flags);
1882 cp = va_arg(ap, const char *);
1885 vp = va_arg(ap, const void *);
1886 ma = mount_arg(ma, cp, vp, -1);
1890 error = kernel_mount(ma, flags);