2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include "opt_capsicum.h"
41 #include "opt_compat.h"
42 #include "opt_kdtrace.h"
43 #include "opt_ktrace.h"
45 #include <sys/param.h>
46 #include <sys/systm.h>
49 #include <sys/capability.h>
51 #include <sys/sysent.h>
52 #include <sys/malloc.h>
53 #include <sys/mount.h>
54 #include <sys/mutex.h>
55 #include <sys/sysproto.h>
56 #include <sys/namei.h>
57 #include <sys/filedesc.h>
58 #include <sys/kernel.h>
59 #include <sys/fcntl.h>
61 #include <sys/filio.h>
62 #include <sys/limits.h>
63 #include <sys/linker.h>
67 #include <sys/unistd.h>
68 #include <sys/vnode.h>
71 #include <sys/dirent.h>
73 #include <sys/syscallsubr.h>
74 #include <sys/sysctl.h>
76 #include <sys/ktrace.h>
79 #include <machine/stdarg.h>
81 #include <security/audit/audit.h>
82 #include <security/mac/mac_framework.h>
85 #include <vm/vm_object.h>
86 #include <vm/vm_page.h>
89 SDT_PROVIDER_DEFINE(vfs);
90 SDT_PROBE_DEFINE(vfs, , stat, mode, mode);
91 SDT_PROBE_ARGTYPE(vfs, , stat, mode, 0, "char *");
92 SDT_PROBE_ARGTYPE(vfs, , stat, mode, 1, "int");
93 SDT_PROBE_DEFINE(vfs, , stat, reg, reg);
94 SDT_PROBE_ARGTYPE(vfs, , stat, reg, 0, "char *");
95 SDT_PROBE_ARGTYPE(vfs, , stat, reg, 1, "int");
97 static int chroot_refuse_vdir_fds(struct filedesc *fdp);
98 static int getutimes(const struct timeval *, enum uio_seg, struct timespec *);
99 static int setfown(struct thread *td, struct vnode *, uid_t, gid_t);
100 static int setfmode(struct thread *td, struct vnode *, int);
101 static int setfflags(struct thread *td, struct vnode *, int);
102 static int setutimes(struct thread *td, struct vnode *,
103 const struct timespec *, int, int);
104 static int vn_access(struct vnode *vp, int user_flags, struct ucred *cred,
108 * The module initialization routine for POSIX asynchronous I/O will
109 * set this to the version of AIO that it implements. (Zero means
110 * that it is not implemented.) This value is used here by pathconf()
111 * and in kern_descrip.c by fpathconf().
113 int async_io_version;
116 static int syncprt = 0;
117 SYSCTL_INT(_debug, OID_AUTO, syncprt, CTLFLAG_RW, &syncprt, 0, "");
121 * Sync each mounted filesystem.
123 #ifndef _SYS_SYSPROTO_H_
132 struct sync_args *uap;
134 struct mount *mp, *nmp;
137 mtx_lock(&mountlist_mtx);
138 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
139 if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK)) {
140 nmp = TAILQ_NEXT(mp, mnt_list);
143 vfslocked = VFS_LOCK_GIANT(mp);
144 if ((mp->mnt_flag & MNT_RDONLY) == 0 &&
145 vn_start_write(NULL, &mp, V_NOWAIT) == 0) {
148 mp->mnt_kern_flag &= ~MNTK_ASYNC;
150 vfs_msync(mp, MNT_NOWAIT);
151 VFS_SYNC(mp, MNT_NOWAIT);
154 if ((mp->mnt_flag & MNT_ASYNC) != 0 &&
155 mp->mnt_noasync == 0)
156 mp->mnt_kern_flag |= MNTK_ASYNC;
158 vn_finished_write(mp);
160 VFS_UNLOCK_GIANT(vfslocked);
161 mtx_lock(&mountlist_mtx);
162 nmp = TAILQ_NEXT(mp, mnt_list);
165 mtx_unlock(&mountlist_mtx);
170 * Change filesystem quotas.
172 #ifndef _SYS_SYSPROTO_H_
173 struct quotactl_args {
183 register struct quotactl_args /* {
195 AUDIT_ARG_CMD(uap->cmd);
196 AUDIT_ARG_UID(uap->uid);
197 if (!prison_allow(td->td_ucred, PR_ALLOW_QUOTAS))
199 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
200 UIO_USERSPACE, uap->path, td);
201 if ((error = namei(&nd)) != 0)
203 vfslocked = NDHASGIANT(&nd);
204 NDFREE(&nd, NDF_ONLY_PNBUF);
205 mp = nd.ni_vp->v_mount;
208 error = vfs_busy(mp, 0);
211 VFS_UNLOCK_GIANT(vfslocked);
214 error = VFS_QUOTACTL(mp, uap->cmd, uap->uid, uap->arg);
216 VFS_UNLOCK_GIANT(vfslocked);
221 * Used by statfs conversion routines to scale the block size up if
222 * necessary so that all of the block counts are <= 'max_size'. Note
223 * that 'max_size' should be a bitmask, i.e. 2^n - 1 for some non-zero
227 statfs_scale_blocks(struct statfs *sf, long max_size)
232 KASSERT(powerof2(max_size + 1), ("%s: invalid max_size", __func__));
235 * Attempt to scale the block counts to give a more accurate
236 * overview to userland of the ratio of free space to used
237 * space. To do this, find the largest block count and compute
238 * a divisor that lets it fit into a signed integer <= max_size.
240 if (sf->f_bavail < 0)
241 count = -sf->f_bavail;
243 count = sf->f_bavail;
244 count = MAX(sf->f_blocks, MAX(sf->f_bfree, count));
245 if (count <= max_size)
248 count >>= flsl(max_size);
255 sf->f_bsize <<= shift;
256 sf->f_blocks >>= shift;
257 sf->f_bfree >>= shift;
258 sf->f_bavail >>= shift;
262 * Get filesystem statistics.
264 #ifndef _SYS_SYSPROTO_H_
273 register struct statfs_args /* {
281 error = kern_statfs(td, uap->path, UIO_USERSPACE, &sf);
283 error = copyout(&sf, uap->buf, sizeof(sf));
288 kern_statfs(struct thread *td, char *path, enum uio_seg pathseg,
292 struct statfs *sp, sb;
297 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE |
298 AUDITVNODE1, pathseg, path, td);
302 vfslocked = NDHASGIANT(&nd);
303 mp = nd.ni_vp->v_mount;
305 NDFREE(&nd, NDF_ONLY_PNBUF);
307 error = vfs_busy(mp, 0);
310 VFS_UNLOCK_GIANT(vfslocked);
314 error = mac_mount_check_stat(td->td_ucred, mp);
319 * Set these in case the underlying filesystem fails to do so.
322 sp->f_version = STATFS_VERSION;
323 sp->f_namemax = NAME_MAX;
324 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
325 error = VFS_STATFS(mp, sp);
328 if (priv_check(td, PRIV_VFS_GENERATION)) {
329 bcopy(sp, &sb, sizeof(sb));
330 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
331 prison_enforce_statfs(td->td_ucred, mp, &sb);
337 VFS_UNLOCK_GIANT(vfslocked);
342 * Get filesystem statistics.
344 #ifndef _SYS_SYSPROTO_H_
345 struct fstatfs_args {
353 register struct fstatfs_args /* {
361 error = kern_fstatfs(td, uap->fd, &sf);
363 error = copyout(&sf, uap->buf, sizeof(sf));
368 kern_fstatfs(struct thread *td, int fd, struct statfs *buf)
372 struct statfs *sp, sb;
378 error = getvnode(td->td_proc->p_fd, fd, CAP_FSTATFS, &fp);
382 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
383 vn_lock(vp, LK_SHARED | LK_RETRY);
385 AUDIT_ARG_VNODE1(vp);
396 error = vfs_busy(mp, 0);
399 VFS_UNLOCK_GIANT(vfslocked);
403 error = mac_mount_check_stat(td->td_ucred, mp);
408 * Set these in case the underlying filesystem fails to do so.
411 sp->f_version = STATFS_VERSION;
412 sp->f_namemax = NAME_MAX;
413 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
414 error = VFS_STATFS(mp, sp);
417 if (priv_check(td, PRIV_VFS_GENERATION)) {
418 bcopy(sp, &sb, sizeof(sb));
419 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
420 prison_enforce_statfs(td->td_ucred, mp, &sb);
427 VFS_UNLOCK_GIANT(vfslocked);
432 * Get statistics on all filesystems.
434 #ifndef _SYS_SYSPROTO_H_
435 struct getfsstat_args {
444 register struct getfsstat_args /* {
451 return (kern_getfsstat(td, &uap->buf, uap->bufsize, UIO_USERSPACE,
456 * If (bufsize > 0 && bufseg == UIO_SYSSPACE)
457 * The caller is responsible for freeing memory which will be allocated
461 kern_getfsstat(struct thread *td, struct statfs **buf, size_t bufsize,
462 enum uio_seg bufseg, int flags)
464 struct mount *mp, *nmp;
465 struct statfs *sfsp, *sp, sb;
466 size_t count, maxcount;
470 maxcount = bufsize / sizeof(struct statfs);
473 else if (bufseg == UIO_USERSPACE)
475 else /* if (bufseg == UIO_SYSSPACE) */ {
477 mtx_lock(&mountlist_mtx);
478 TAILQ_FOREACH(mp, &mountlist, mnt_list) {
481 mtx_unlock(&mountlist_mtx);
482 if (maxcount > count)
484 sfsp = *buf = malloc(maxcount * sizeof(struct statfs), M_TEMP,
488 mtx_lock(&mountlist_mtx);
489 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
490 if (prison_canseemount(td->td_ucred, mp) != 0) {
491 nmp = TAILQ_NEXT(mp, mnt_list);
495 if (mac_mount_check_stat(td->td_ucred, mp) != 0) {
496 nmp = TAILQ_NEXT(mp, mnt_list);
500 if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK)) {
501 nmp = TAILQ_NEXT(mp, mnt_list);
504 vfslocked = VFS_LOCK_GIANT(mp);
505 if (sfsp && count < maxcount) {
508 * Set these in case the underlying filesystem
511 sp->f_version = STATFS_VERSION;
512 sp->f_namemax = NAME_MAX;
513 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
515 * If MNT_NOWAIT or MNT_LAZY is specified, do not
516 * refresh the fsstat cache. MNT_NOWAIT or MNT_LAZY
517 * overrides MNT_WAIT.
519 if (((flags & (MNT_LAZY|MNT_NOWAIT)) == 0 ||
520 (flags & MNT_WAIT)) &&
521 (error = VFS_STATFS(mp, sp))) {
522 VFS_UNLOCK_GIANT(vfslocked);
523 mtx_lock(&mountlist_mtx);
524 nmp = TAILQ_NEXT(mp, mnt_list);
528 if (priv_check(td, PRIV_VFS_GENERATION)) {
529 bcopy(sp, &sb, sizeof(sb));
530 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
531 prison_enforce_statfs(td->td_ucred, mp, &sb);
534 if (bufseg == UIO_SYSSPACE)
535 bcopy(sp, sfsp, sizeof(*sp));
536 else /* if (bufseg == UIO_USERSPACE) */ {
537 error = copyout(sp, sfsp, sizeof(*sp));
540 VFS_UNLOCK_GIANT(vfslocked);
546 VFS_UNLOCK_GIANT(vfslocked);
548 mtx_lock(&mountlist_mtx);
549 nmp = TAILQ_NEXT(mp, mnt_list);
552 mtx_unlock(&mountlist_mtx);
553 if (sfsp && count > maxcount)
554 td->td_retval[0] = maxcount;
556 td->td_retval[0] = count;
560 #ifdef COMPAT_FREEBSD4
562 * Get old format filesystem statistics.
564 static void cvtstatfs(struct statfs *, struct ostatfs *);
566 #ifndef _SYS_SYSPROTO_H_
567 struct freebsd4_statfs_args {
573 freebsd4_statfs(td, uap)
575 struct freebsd4_statfs_args /* {
584 error = kern_statfs(td, uap->path, UIO_USERSPACE, &sf);
587 cvtstatfs(&sf, &osb);
588 return (copyout(&osb, uap->buf, sizeof(osb)));
592 * Get filesystem statistics.
594 #ifndef _SYS_SYSPROTO_H_
595 struct freebsd4_fstatfs_args {
601 freebsd4_fstatfs(td, uap)
603 struct freebsd4_fstatfs_args /* {
612 error = kern_fstatfs(td, uap->fd, &sf);
615 cvtstatfs(&sf, &osb);
616 return (copyout(&osb, uap->buf, sizeof(osb)));
620 * Get statistics on all filesystems.
622 #ifndef _SYS_SYSPROTO_H_
623 struct freebsd4_getfsstat_args {
630 freebsd4_getfsstat(td, uap)
632 register struct freebsd4_getfsstat_args /* {
638 struct statfs *buf, *sp;
643 count = uap->bufsize / sizeof(struct ostatfs);
644 size = count * sizeof(struct statfs);
645 error = kern_getfsstat(td, &buf, size, UIO_SYSSPACE, uap->flags);
647 count = td->td_retval[0];
649 while (count > 0 && error == 0) {
651 error = copyout(&osb, uap->buf, sizeof(osb));
662 * Implement fstatfs() for (NFS) file handles.
664 #ifndef _SYS_SYSPROTO_H_
665 struct freebsd4_fhstatfs_args {
666 struct fhandle *u_fhp;
671 freebsd4_fhstatfs(td, uap)
673 struct freebsd4_fhstatfs_args /* {
674 struct fhandle *u_fhp;
683 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
686 error = kern_fhstatfs(td, fh, &sf);
689 cvtstatfs(&sf, &osb);
690 return (copyout(&osb, uap->buf, sizeof(osb)));
694 * Convert a new format statfs structure to an old format statfs structure.
702 statfs_scale_blocks(nsp, LONG_MAX);
703 bzero(osp, sizeof(*osp));
704 osp->f_bsize = nsp->f_bsize;
705 osp->f_iosize = MIN(nsp->f_iosize, LONG_MAX);
706 osp->f_blocks = nsp->f_blocks;
707 osp->f_bfree = nsp->f_bfree;
708 osp->f_bavail = nsp->f_bavail;
709 osp->f_files = MIN(nsp->f_files, LONG_MAX);
710 osp->f_ffree = MIN(nsp->f_ffree, LONG_MAX);
711 osp->f_owner = nsp->f_owner;
712 osp->f_type = nsp->f_type;
713 osp->f_flags = nsp->f_flags;
714 osp->f_syncwrites = MIN(nsp->f_syncwrites, LONG_MAX);
715 osp->f_asyncwrites = MIN(nsp->f_asyncwrites, LONG_MAX);
716 osp->f_syncreads = MIN(nsp->f_syncreads, LONG_MAX);
717 osp->f_asyncreads = MIN(nsp->f_asyncreads, LONG_MAX);
718 strlcpy(osp->f_fstypename, nsp->f_fstypename,
719 MIN(MFSNAMELEN, OMFSNAMELEN));
720 strlcpy(osp->f_mntonname, nsp->f_mntonname,
721 MIN(MNAMELEN, OMNAMELEN));
722 strlcpy(osp->f_mntfromname, nsp->f_mntfromname,
723 MIN(MNAMELEN, OMNAMELEN));
724 osp->f_fsid = nsp->f_fsid;
726 #endif /* COMPAT_FREEBSD4 */
729 * Change current working directory to a given file descriptor.
731 #ifndef _SYS_SYSPROTO_H_
739 struct fchdir_args /* {
743 register struct filedesc *fdp = td->td_proc->p_fd;
744 struct vnode *vp, *tdp, *vpold;
750 AUDIT_ARG_FD(uap->fd);
751 if ((error = getvnode(fdp, uap->fd, CAP_FCHDIR, &fp)) != 0)
756 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
757 vn_lock(vp, LK_SHARED | LK_RETRY);
758 AUDIT_ARG_VNODE1(vp);
759 error = change_dir(vp, td);
760 while (!error && (mp = vp->v_mountedhere) != NULL) {
764 tvfslocked = VFS_LOCK_GIANT(mp);
765 error = VFS_ROOT(mp, LK_SHARED, &tdp);
768 VFS_UNLOCK_GIANT(tvfslocked);
772 VFS_UNLOCK_GIANT(vfslocked);
774 vfslocked = tvfslocked;
778 VFS_UNLOCK_GIANT(vfslocked);
782 VFS_UNLOCK_GIANT(vfslocked);
784 vpold = fdp->fd_cdir;
786 FILEDESC_XUNLOCK(fdp);
787 vfslocked = VFS_LOCK_GIANT(vpold->v_mount);
789 VFS_UNLOCK_GIANT(vfslocked);
794 * Change current working directory (``.'').
796 #ifndef _SYS_SYSPROTO_H_
804 struct chdir_args /* {
809 return (kern_chdir(td, uap->path, UIO_USERSPACE));
813 kern_chdir(struct thread *td, char *path, enum uio_seg pathseg)
815 register struct filedesc *fdp = td->td_proc->p_fd;
821 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1 |
822 MPSAFE, pathseg, path, td);
823 if ((error = namei(&nd)) != 0)
825 vfslocked = NDHASGIANT(&nd);
826 if ((error = change_dir(nd.ni_vp, td)) != 0) {
828 VFS_UNLOCK_GIANT(vfslocked);
829 NDFREE(&nd, NDF_ONLY_PNBUF);
832 VOP_UNLOCK(nd.ni_vp, 0);
833 VFS_UNLOCK_GIANT(vfslocked);
834 NDFREE(&nd, NDF_ONLY_PNBUF);
837 fdp->fd_cdir = nd.ni_vp;
838 FILEDESC_XUNLOCK(fdp);
839 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
841 VFS_UNLOCK_GIANT(vfslocked);
846 * Helper function for raised chroot(2) security function: Refuse if
847 * any filedescriptors are open directories.
850 chroot_refuse_vdir_fds(fdp)
851 struct filedesc *fdp;
857 FILEDESC_LOCK_ASSERT(fdp);
859 for (fd = 0; fd < fdp->fd_nfiles ; fd++) {
860 fp = fget_locked(fdp, fd);
863 if (fp->f_type == DTYPE_VNODE) {
865 if (vp->v_type == VDIR)
873 * This sysctl determines if we will allow a process to chroot(2) if it
874 * has a directory open:
875 * 0: disallowed for all processes.
876 * 1: allowed for processes that were not already chroot(2)'ed.
877 * 2: allowed for all processes.
880 static int chroot_allow_open_directories = 1;
882 SYSCTL_INT(_kern, OID_AUTO, chroot_allow_open_directories, CTLFLAG_RW,
883 &chroot_allow_open_directories, 0, "");
886 * Change notion of root (``/'') directory.
888 #ifndef _SYS_SYSPROTO_H_
896 struct chroot_args /* {
904 error = priv_check(td, PRIV_VFS_CHROOT);
907 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE |
908 AUDITVNODE1, UIO_USERSPACE, uap->path, td);
912 vfslocked = NDHASGIANT(&nd);
913 if ((error = change_dir(nd.ni_vp, td)) != 0)
916 if ((error = mac_vnode_check_chroot(td->td_ucred, nd.ni_vp)))
919 VOP_UNLOCK(nd.ni_vp, 0);
920 error = change_root(nd.ni_vp, td);
922 VFS_UNLOCK_GIANT(vfslocked);
923 NDFREE(&nd, NDF_ONLY_PNBUF);
927 VFS_UNLOCK_GIANT(vfslocked);
929 NDFREE(&nd, NDF_ONLY_PNBUF);
934 * Common routine for chroot and chdir. Callers must provide a locked vnode
944 ASSERT_VOP_LOCKED(vp, "change_dir(): vp not locked");
945 if (vp->v_type != VDIR)
948 error = mac_vnode_check_chdir(td->td_ucred, vp);
952 error = VOP_ACCESS(vp, VEXEC, td->td_ucred, td);
957 * Common routine for kern_chroot() and jail_attach(). The caller is
958 * responsible for invoking priv_check() and mac_vnode_check_chroot() to
959 * authorize this operation.
966 struct filedesc *fdp;
971 VFS_ASSERT_GIANT(vp->v_mount);
972 fdp = td->td_proc->p_fd;
974 if (chroot_allow_open_directories == 0 ||
975 (chroot_allow_open_directories == 1 && fdp->fd_rdir != rootvnode)) {
976 error = chroot_refuse_vdir_fds(fdp);
978 FILEDESC_XUNLOCK(fdp);
982 oldvp = fdp->fd_rdir;
989 FILEDESC_XUNLOCK(fdp);
990 vfslocked = VFS_LOCK_GIANT(oldvp->v_mount);
992 VFS_UNLOCK_GIANT(vfslocked);
996 static __inline cap_rights_t
997 flags_to_rights(int flags)
999 cap_rights_t rights = 0;
1001 switch ((flags & O_ACCMODE)) {
1011 rights |= CAP_WRITE;
1015 rights |= CAP_FEXECVE;
1019 if (flags & O_CREAT)
1020 rights |= CAP_CREATE;
1022 if (flags & O_TRUNC)
1023 rights |= CAP_FTRUNCATE;
1025 if ((flags & O_EXLOCK) || (flags & O_SHLOCK))
1026 rights |= CAP_FLOCK;
1032 * Check permissions, allocate an open file structure, and call the device
1033 * open routine if any.
1035 #ifndef _SYS_SYSPROTO_H_
1045 register struct open_args /* {
1052 return (kern_open(td, uap->path, UIO_USERSPACE, uap->flags, uap->mode));
1055 #ifndef _SYS_SYSPROTO_H_
1056 struct openat_args {
1064 openat(struct thread *td, struct openat_args *uap)
1067 return (kern_openat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
1072 kern_open(struct thread *td, char *path, enum uio_seg pathseg, int flags,
1076 return (kern_openat(td, AT_FDCWD, path, pathseg, flags, mode));
1080 kern_openat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1081 int flags, int mode)
1083 struct proc *p = td->td_proc;
1084 struct filedesc *fdp = p->p_fd;
1089 int type, indx = -1, error;
1091 struct nameidata nd;
1093 cap_rights_t rights_needed = CAP_LOOKUP;
1095 AUDIT_ARG_FFLAGS(flags);
1096 AUDIT_ARG_MODE(mode);
1097 /* XXX: audit dirfd */
1098 rights_needed |= flags_to_rights(flags);
1100 * Only one of the O_EXEC, O_RDONLY, O_WRONLY and O_RDWR flags
1103 if (flags & O_EXEC) {
1104 if (flags & O_ACCMODE)
1106 } else if ((flags & O_ACCMODE) == O_ACCMODE)
1109 flags = FFLAGS(flags);
1112 * allocate the file descriptor, but don't install a descriptor yet
1114 error = falloc_noinstall(td, &nfp);
1117 /* An extra reference on `nfp' has been held for us by falloc_noinstall(). */
1119 /* Set the flags early so the finit in devfs can pick them up. */
1120 fp->f_flag = flags & FMASK;
1121 cmode = ((mode &~ fdp->fd_cmask) & ALLPERMS) &~ S_ISTXT;
1122 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | AUDITVNODE1 | MPSAFE, pathseg,
1123 path, fd, rights_needed, td);
1124 td->td_dupfd = -1; /* XXX check for fdopen */
1125 error = vn_open(&nd, &flags, cmode, fp);
1128 * If the vn_open replaced the method vector, something
1129 * wonderous happened deep below and we just pass it up
1130 * pretending we know what we do.
1132 if (error == ENXIO && fp->f_ops != &badfileops)
1136 * handle special fdopen() case. bleh. dupfdopen() is
1137 * responsible for dropping the old contents of ofiles[indx]
1140 * Don't do this for relative (capability) lookups; we don't
1141 * understand exactly what would happen, and we don't think
1142 * that it ever should.
1144 if ((nd.ni_strictrelative == 0) &&
1145 (error == ENODEV || error == ENXIO) &&
1146 (td->td_dupfd >= 0)) {
1147 /* XXX from fdopen */
1148 if ((error = finstall(td, fp, &indx, flags)) != 0)
1150 if ((error = dupfdopen(td, fdp, indx, td->td_dupfd,
1151 flags, error)) == 0)
1155 * Clean up the descriptor, but only if another thread hadn't
1156 * replaced or closed it.
1159 fdclose(fdp, fp, indx, td);
1162 if (error == ERESTART)
1167 vfslocked = NDHASGIANT(&nd);
1168 NDFREE(&nd, NDF_ONLY_PNBUF);
1172 * Store the vnode, for any f_type. Typically, the vnode use
1173 * count is decremented by direct call to vn_closefile() for
1174 * files that switched type in the cdevsw fdopen() method.
1178 * If the file wasn't claimed by devfs bind it to the normal
1179 * vnode operations here.
1181 if (fp->f_ops == &badfileops) {
1182 KASSERT(vp->v_type != VFIFO, ("Unexpected fifo."));
1184 finit(fp, flags & FMASK, DTYPE_VNODE, vp, &vnops);
1188 if (fp->f_type == DTYPE_VNODE && (flags & (O_EXLOCK | O_SHLOCK)) != 0) {
1189 lf.l_whence = SEEK_SET;
1192 if (flags & O_EXLOCK)
1193 lf.l_type = F_WRLCK;
1195 lf.l_type = F_RDLCK;
1197 if ((flags & FNONBLOCK) == 0)
1199 if ((error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf,
1202 atomic_set_int(&fp->f_flag, FHASLOCK);
1204 if (flags & O_TRUNC) {
1205 error = fo_truncate(fp, 0, td->td_ucred, td);
1209 VFS_UNLOCK_GIANT(vfslocked);
1212 * If we haven't already installed the FD (for dupfdopen), do so now.
1216 if (nd.ni_strictrelative == 1) {
1218 * We are doing a strict relative lookup; wrap the
1219 * result in a capability.
1221 if ((error = kern_capwrap(td, fp, nd.ni_baserights,
1226 if ((error = finstall(td, fp, &indx, flags)) != 0)
1232 * Release our private reference, leaving the one associated with
1233 * the descriptor table intact.
1236 td->td_retval[0] = indx;
1239 VFS_UNLOCK_GIANT(vfslocked);
1242 fdclose(fdp, fp, indx, td);
1244 td->td_retval[0] = -1;
1252 #ifndef _SYS_SYSPROTO_H_
1253 struct ocreat_args {
1261 register struct ocreat_args /* {
1267 return (kern_open(td, uap->path, UIO_USERSPACE,
1268 O_WRONLY | O_CREAT | O_TRUNC, uap->mode));
1270 #endif /* COMPAT_43 */
1273 * Create a special file.
1275 #ifndef _SYS_SYSPROTO_H_
1285 register struct mknod_args /* {
1292 return (kern_mknod(td, uap->path, UIO_USERSPACE, uap->mode, uap->dev));
1295 #ifndef _SYS_SYSPROTO_H_
1296 struct mknodat_args {
1304 mknodat(struct thread *td, struct mknodat_args *uap)
1307 return (kern_mknodat(td, uap->fd, uap->path, UIO_USERSPACE, uap->mode,
1312 kern_mknod(struct thread *td, char *path, enum uio_seg pathseg, int mode,
1316 return (kern_mknodat(td, AT_FDCWD, path, pathseg, mode, dev));
1320 kern_mknodat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1328 struct nameidata nd;
1331 AUDIT_ARG_MODE(mode);
1333 switch (mode & S_IFMT) {
1336 error = priv_check(td, PRIV_VFS_MKNOD_DEV);
1339 error = priv_check(td, PRIV_VFS_MKNOD_BAD);
1342 error = priv_check(td, PRIV_VFS_MKNOD_WHT);
1346 return (kern_mkfifoat(td, fd, path, pathseg, mode));
1356 NDINIT_ATRIGHTS(&nd, CREATE,
1357 LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1, pathseg, path, fd,
1359 if ((error = namei(&nd)) != 0)
1361 vfslocked = NDHASGIANT(&nd);
1364 NDFREE(&nd, NDF_ONLY_PNBUF);
1365 if (vp == nd.ni_dvp)
1370 VFS_UNLOCK_GIANT(vfslocked);
1374 vattr.va_mode = (mode & ALLPERMS) &
1375 ~td->td_proc->p_fd->fd_cmask;
1376 vattr.va_rdev = dev;
1379 switch (mode & S_IFMT) {
1380 case S_IFMT: /* used by badsect to flag bad sectors */
1381 vattr.va_type = VBAD;
1384 vattr.va_type = VCHR;
1387 vattr.va_type = VBLK;
1393 panic("kern_mknod: invalid mode");
1396 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1397 NDFREE(&nd, NDF_ONLY_PNBUF);
1399 VFS_UNLOCK_GIANT(vfslocked);
1400 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1405 if (error == 0 && !whiteout)
1406 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp,
1407 &nd.ni_cnd, &vattr);
1411 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, CREATE);
1413 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp,
1414 &nd.ni_cnd, &vattr);
1419 NDFREE(&nd, NDF_ONLY_PNBUF);
1421 vn_finished_write(mp);
1422 VFS_UNLOCK_GIANT(vfslocked);
1427 * Create a named pipe.
1429 #ifndef _SYS_SYSPROTO_H_
1430 struct mkfifo_args {
1438 register struct mkfifo_args /* {
1444 return (kern_mkfifo(td, uap->path, UIO_USERSPACE, uap->mode));
1447 #ifndef _SYS_SYSPROTO_H_
1448 struct mkfifoat_args {
1455 mkfifoat(struct thread *td, struct mkfifoat_args *uap)
1458 return (kern_mkfifoat(td, uap->fd, uap->path, UIO_USERSPACE,
1463 kern_mkfifo(struct thread *td, char *path, enum uio_seg pathseg, int mode)
1466 return (kern_mkfifoat(td, AT_FDCWD, path, pathseg, mode));
1470 kern_mkfifoat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1476 struct nameidata nd;
1479 AUDIT_ARG_MODE(mode);
1482 NDINIT_AT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1,
1483 pathseg, path, fd, td);
1484 if ((error = namei(&nd)) != 0)
1486 vfslocked = NDHASGIANT(&nd);
1487 if (nd.ni_vp != NULL) {
1488 NDFREE(&nd, NDF_ONLY_PNBUF);
1489 if (nd.ni_vp == nd.ni_dvp)
1494 VFS_UNLOCK_GIANT(vfslocked);
1497 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1498 NDFREE(&nd, NDF_ONLY_PNBUF);
1500 VFS_UNLOCK_GIANT(vfslocked);
1501 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1506 vattr.va_type = VFIFO;
1507 vattr.va_mode = (mode & ALLPERMS) & ~td->td_proc->p_fd->fd_cmask;
1509 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1514 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
1521 vn_finished_write(mp);
1522 VFS_UNLOCK_GIANT(vfslocked);
1523 NDFREE(&nd, NDF_ONLY_PNBUF);
1528 * Make a hard file link.
1530 #ifndef _SYS_SYSPROTO_H_
1539 register struct link_args /* {
1545 return (kern_link(td, uap->path, uap->link, UIO_USERSPACE));
1548 #ifndef _SYS_SYSPROTO_H_
1549 struct linkat_args {
1558 linkat(struct thread *td, struct linkat_args *uap)
1563 if (flag & ~AT_SYMLINK_FOLLOW)
1566 return (kern_linkat(td, uap->fd1, uap->fd2, uap->path1, uap->path2,
1567 UIO_USERSPACE, (flag & AT_SYMLINK_FOLLOW) ? FOLLOW : NOFOLLOW));
1570 int hardlink_check_uid = 0;
1571 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_uid, CTLFLAG_RW,
1572 &hardlink_check_uid, 0,
1573 "Unprivileged processes cannot create hard links to files owned by other "
1575 static int hardlink_check_gid = 0;
1576 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_gid, CTLFLAG_RW,
1577 &hardlink_check_gid, 0,
1578 "Unprivileged processes cannot create hard links to files owned by other "
1582 can_hardlink(struct vnode *vp, struct ucred *cred)
1587 if (!hardlink_check_uid && !hardlink_check_gid)
1590 error = VOP_GETATTR(vp, &va, cred);
1594 if (hardlink_check_uid && cred->cr_uid != va.va_uid) {
1595 error = priv_check_cred(cred, PRIV_VFS_LINK, 0);
1600 if (hardlink_check_gid && !groupmember(va.va_gid, cred)) {
1601 error = priv_check_cred(cred, PRIV_VFS_LINK, 0);
1610 kern_link(struct thread *td, char *path, char *link, enum uio_seg segflg)
1613 return (kern_linkat(td, AT_FDCWD, AT_FDCWD, path,link, segflg, FOLLOW));
1617 kern_linkat(struct thread *td, int fd1, int fd2, char *path1, char *path2,
1618 enum uio_seg segflg, int follow)
1622 struct nameidata nd;
1628 NDINIT_AT(&nd, LOOKUP, follow | MPSAFE | AUDITVNODE1, segflg, path1,
1631 if ((error = namei(&nd)) != 0)
1633 vfslocked = NDHASGIANT(&nd);
1634 NDFREE(&nd, NDF_ONLY_PNBUF);
1636 if (vp->v_type == VDIR) {
1638 VFS_UNLOCK_GIANT(vfslocked);
1639 return (EPERM); /* POSIX */
1641 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0) {
1643 VFS_UNLOCK_GIANT(vfslocked);
1646 NDINIT_AT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE2,
1647 segflg, path2, fd2, td);
1648 if ((error = namei(&nd)) == 0) {
1649 lvfslocked = NDHASGIANT(&nd);
1650 if (nd.ni_vp != NULL) {
1651 if (nd.ni_dvp == nd.ni_vp)
1657 } else if ((error = vn_lock(vp, LK_EXCLUSIVE | LK_RETRY))
1659 error = can_hardlink(vp, td->td_ucred);
1662 error = mac_vnode_check_link(td->td_ucred,
1663 nd.ni_dvp, vp, &nd.ni_cnd);
1666 error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
1670 NDFREE(&nd, NDF_ONLY_PNBUF);
1671 VFS_UNLOCK_GIANT(lvfslocked);
1674 vn_finished_write(mp);
1675 VFS_UNLOCK_GIANT(vfslocked);
1680 * Make a symbolic link.
1682 #ifndef _SYS_SYSPROTO_H_
1683 struct symlink_args {
1691 register struct symlink_args /* {
1697 return (kern_symlink(td, uap->path, uap->link, UIO_USERSPACE));
1700 #ifndef _SYS_SYSPROTO_H_
1701 struct symlinkat_args {
1708 symlinkat(struct thread *td, struct symlinkat_args *uap)
1711 return (kern_symlinkat(td, uap->path1, uap->fd, uap->path2,
1716 kern_symlink(struct thread *td, char *path, char *link, enum uio_seg segflg)
1719 return (kern_symlinkat(td, path, AT_FDCWD, link, segflg));
1723 kern_symlinkat(struct thread *td, char *path1, int fd, char *path2,
1724 enum uio_seg segflg)
1730 struct nameidata nd;
1733 if (segflg == UIO_SYSSPACE) {
1736 syspath = uma_zalloc(namei_zone, M_WAITOK);
1737 if ((error = copyinstr(path1, syspath, MAXPATHLEN, NULL)) != 0)
1740 AUDIT_ARG_TEXT(syspath);
1743 NDINIT_AT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1,
1744 segflg, path2, fd, td);
1745 if ((error = namei(&nd)) != 0)
1747 vfslocked = NDHASGIANT(&nd);
1749 NDFREE(&nd, NDF_ONLY_PNBUF);
1750 if (nd.ni_vp == nd.ni_dvp)
1755 VFS_UNLOCK_GIANT(vfslocked);
1759 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1760 NDFREE(&nd, NDF_ONLY_PNBUF);
1762 VFS_UNLOCK_GIANT(vfslocked);
1763 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1768 vattr.va_mode = ACCESSPERMS &~ td->td_proc->p_fd->fd_cmask;
1770 vattr.va_type = VLNK;
1771 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1776 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr, syspath);
1782 NDFREE(&nd, NDF_ONLY_PNBUF);
1784 vn_finished_write(mp);
1785 VFS_UNLOCK_GIANT(vfslocked);
1787 if (segflg != UIO_SYSSPACE)
1788 uma_zfree(namei_zone, syspath);
1793 * Delete a whiteout from the filesystem.
1798 register struct undelete_args /* {
1804 struct nameidata nd;
1809 NDINIT(&nd, DELETE, LOCKPARENT | DOWHITEOUT | MPSAFE | AUDITVNODE1,
1810 UIO_USERSPACE, uap->path, td);
1814 vfslocked = NDHASGIANT(&nd);
1816 if (nd.ni_vp != NULLVP || !(nd.ni_cnd.cn_flags & ISWHITEOUT)) {
1817 NDFREE(&nd, NDF_ONLY_PNBUF);
1818 if (nd.ni_vp == nd.ni_dvp)
1824 VFS_UNLOCK_GIANT(vfslocked);
1827 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1828 NDFREE(&nd, NDF_ONLY_PNBUF);
1830 VFS_UNLOCK_GIANT(vfslocked);
1831 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1835 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, DELETE);
1836 NDFREE(&nd, NDF_ONLY_PNBUF);
1838 vn_finished_write(mp);
1839 VFS_UNLOCK_GIANT(vfslocked);
1844 * Delete a name from the filesystem.
1846 #ifndef _SYS_SYSPROTO_H_
1847 struct unlink_args {
1854 struct unlink_args /* {
1859 return (kern_unlink(td, uap->path, UIO_USERSPACE));
1862 #ifndef _SYS_SYSPROTO_H_
1863 struct unlinkat_args {
1870 unlinkat(struct thread *td, struct unlinkat_args *uap)
1872 int flag = uap->flag;
1874 char *path = uap->path;
1876 if (flag & ~AT_REMOVEDIR)
1879 if (flag & AT_REMOVEDIR)
1880 return (kern_rmdirat(td, fd, path, UIO_USERSPACE));
1882 return (kern_unlinkat(td, fd, path, UIO_USERSPACE, 0));
1886 kern_unlink(struct thread *td, char *path, enum uio_seg pathseg)
1889 return (kern_unlinkat(td, AT_FDCWD, path, pathseg, 0));
1893 kern_unlinkat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1899 struct nameidata nd;
1905 NDINIT_AT(&nd, DELETE, LOCKPARENT | LOCKLEAF | MPSAFE | AUDITVNODE1,
1906 pathseg, path, fd, td);
1907 if ((error = namei(&nd)) != 0)
1908 return (error == EINVAL ? EPERM : error);
1909 vfslocked = NDHASGIANT(&nd);
1911 if (vp->v_type == VDIR && oldinum == 0) {
1912 error = EPERM; /* POSIX */
1913 } else if (oldinum != 0 &&
1914 ((error = vn_stat(vp, &sb, td->td_ucred, NOCRED, td)) == 0) &&
1915 sb.st_ino != oldinum) {
1916 error = EIDRM; /* Identifier removed */
1919 * The root of a mounted filesystem cannot be deleted.
1921 * XXX: can this only be a VDIR case?
1923 if (vp->v_vflag & VV_ROOT)
1927 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1928 NDFREE(&nd, NDF_ONLY_PNBUF);
1930 if (vp == nd.ni_dvp)
1934 VFS_UNLOCK_GIANT(vfslocked);
1935 if ((error = vn_start_write(NULL, &mp,
1936 V_XSLEEP | PCATCH)) != 0)
1941 error = mac_vnode_check_unlink(td->td_ucred, nd.ni_dvp, vp,
1946 error = VOP_REMOVE(nd.ni_dvp, vp, &nd.ni_cnd);
1950 vn_finished_write(mp);
1952 NDFREE(&nd, NDF_ONLY_PNBUF);
1954 if (vp == nd.ni_dvp)
1958 VFS_UNLOCK_GIANT(vfslocked);
1963 * Reposition read/write file offset.
1965 #ifndef _SYS_SYSPROTO_H_
1976 register struct lseek_args /* {
1983 struct ucred *cred = td->td_ucred;
1991 AUDIT_ARG_FD(uap->fd);
1992 if ((error = fget(td, uap->fd, CAP_SEEK, &fp)) != 0)
1994 if (!(fp->f_ops->fo_flags & DFLAG_SEEKABLE)) {
1999 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
2000 noneg = (vp->v_type != VCHR);
2001 offset = uap->offset;
2002 switch (uap->whence) {
2005 (fp->f_offset < 0 ||
2006 (offset > 0 && fp->f_offset > OFF_MAX - offset))) {
2010 offset += fp->f_offset;
2013 vn_lock(vp, LK_SHARED | LK_RETRY);
2014 error = VOP_GETATTR(vp, &vattr, cred);
2020 * If the file references a disk device, then fetch
2021 * the media size and use that to determine the ending
2024 if (vattr.va_size == 0 && vp->v_type == VCHR &&
2025 fo_ioctl(fp, DIOCGMEDIASIZE, &size, cred, td) == 0)
2026 vattr.va_size = size;
2028 (vattr.va_size > OFF_MAX ||
2029 (offset > 0 && vattr.va_size > OFF_MAX - offset))) {
2033 offset += vattr.va_size;
2038 error = fo_ioctl(fp, FIOSEEKDATA, &offset, cred, td);
2041 error = fo_ioctl(fp, FIOSEEKHOLE, &offset, cred, td);
2046 if (error == 0 && noneg && offset < 0)
2050 fp->f_offset = offset;
2051 *(off_t *)(td->td_retval) = fp->f_offset;
2054 VFS_UNLOCK_GIANT(vfslocked);
2058 #if defined(COMPAT_43)
2060 * Reposition read/write file offset.
2062 #ifndef _SYS_SYSPROTO_H_
2063 struct olseek_args {
2072 register struct olseek_args /* {
2078 struct lseek_args /* {
2086 nuap.offset = uap->offset;
2087 nuap.whence = uap->whence;
2088 return (lseek(td, &nuap));
2090 #endif /* COMPAT_43 */
2092 /* Version with the 'pad' argument */
2094 freebsd6_lseek(td, uap)
2096 register struct freebsd6_lseek_args *uap;
2098 struct lseek_args ouap;
2101 ouap.offset = uap->offset;
2102 ouap.whence = uap->whence;
2103 return (lseek(td, &ouap));
2107 * Check access permissions using passed credentials.
2110 vn_access(vp, user_flags, cred, td)
2119 /* Flags == 0 means only check for existence. */
2123 if (user_flags & R_OK)
2125 if (user_flags & W_OK)
2127 if (user_flags & X_OK)
2130 error = mac_vnode_check_access(cred, vp, accmode);
2134 if ((accmode & VWRITE) == 0 || (error = vn_writechk(vp)) == 0)
2135 error = VOP_ACCESS(vp, accmode, cred, td);
2141 * Check access permissions using "real" credentials.
2143 #ifndef _SYS_SYSPROTO_H_
2144 struct access_args {
2152 register struct access_args /* {
2158 return (kern_access(td, uap->path, UIO_USERSPACE, uap->flags));
2161 #ifndef _SYS_SYSPROTO_H_
2162 struct faccessat_args {
2170 faccessat(struct thread *td, struct faccessat_args *uap)
2173 if (uap->flag & ~AT_EACCESS)
2175 return (kern_accessat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
2180 kern_access(struct thread *td, char *path, enum uio_seg pathseg, int mode)
2183 return (kern_accessat(td, AT_FDCWD, path, pathseg, 0, mode));
2187 kern_accessat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2188 int flags, int mode)
2190 struct ucred *cred, *tmpcred;
2192 struct nameidata nd;
2197 * Create and modify a temporary credential instead of one that
2198 * is potentially shared.
2200 if (!(flags & AT_EACCESS)) {
2201 cred = td->td_ucred;
2202 tmpcred = crdup(cred);
2203 tmpcred->cr_uid = cred->cr_ruid;
2204 tmpcred->cr_groups[0] = cred->cr_rgid;
2205 td->td_ucred = tmpcred;
2207 cred = tmpcred = td->td_ucred;
2208 AUDIT_ARG_VALUE(mode);
2209 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE |
2210 AUDITVNODE1, pathseg, path, fd, CAP_FSTAT, td);
2211 if ((error = namei(&nd)) != 0)
2213 vfslocked = NDHASGIANT(&nd);
2216 error = vn_access(vp, mode, tmpcred, td);
2217 NDFREE(&nd, NDF_ONLY_PNBUF);
2219 VFS_UNLOCK_GIANT(vfslocked);
2221 if (!(flags & AT_EACCESS)) {
2222 td->td_ucred = cred;
2229 * Check access permissions using "effective" credentials.
2231 #ifndef _SYS_SYSPROTO_H_
2232 struct eaccess_args {
2240 register struct eaccess_args /* {
2246 return (kern_eaccess(td, uap->path, UIO_USERSPACE, uap->flags));
2250 kern_eaccess(struct thread *td, char *path, enum uio_seg pathseg, int flags)
2253 return (kern_accessat(td, AT_FDCWD, path, pathseg, AT_EACCESS, flags));
2256 #if defined(COMPAT_43)
2258 * Get file status; this version follows links.
2260 #ifndef _SYS_SYSPROTO_H_
2269 register struct ostat_args /* {
2278 error = kern_stat(td, uap->path, UIO_USERSPACE, &sb);
2282 error = copyout(&osb, uap->ub, sizeof (osb));
2287 * Get file status; this version does not follow links.
2289 #ifndef _SYS_SYSPROTO_H_
2290 struct olstat_args {
2298 register struct olstat_args /* {
2307 error = kern_lstat(td, uap->path, UIO_USERSPACE, &sb);
2311 error = copyout(&osb, uap->ub, sizeof (osb));
2316 * Convert from an old to a new stat structure.
2324 ost->st_dev = st->st_dev;
2325 ost->st_ino = st->st_ino;
2326 ost->st_mode = st->st_mode;
2327 ost->st_nlink = st->st_nlink;
2328 ost->st_uid = st->st_uid;
2329 ost->st_gid = st->st_gid;
2330 ost->st_rdev = st->st_rdev;
2331 if (st->st_size < (quad_t)1 << 32)
2332 ost->st_size = st->st_size;
2335 ost->st_atim = st->st_atim;
2336 ost->st_mtim = st->st_mtim;
2337 ost->st_ctim = st->st_ctim;
2338 ost->st_blksize = st->st_blksize;
2339 ost->st_blocks = st->st_blocks;
2340 ost->st_flags = st->st_flags;
2341 ost->st_gen = st->st_gen;
2343 #endif /* COMPAT_43 */
2346 * Get file status; this version follows links.
2348 #ifndef _SYS_SYSPROTO_H_
2357 register struct stat_args /* {
2365 error = kern_stat(td, uap->path, UIO_USERSPACE, &sb);
2367 error = copyout(&sb, uap->ub, sizeof (sb));
2371 #ifndef _SYS_SYSPROTO_H_
2372 struct fstatat_args {
2380 fstatat(struct thread *td, struct fstatat_args *uap)
2385 error = kern_statat(td, uap->flag, uap->fd, uap->path,
2386 UIO_USERSPACE, &sb);
2388 error = copyout(&sb, uap->buf, sizeof (sb));
2393 kern_stat(struct thread *td, char *path, enum uio_seg pathseg, struct stat *sbp)
2396 return (kern_statat(td, 0, AT_FDCWD, path, pathseg, sbp));
2400 kern_statat(struct thread *td, int flag, int fd, char *path,
2401 enum uio_seg pathseg, struct stat *sbp)
2404 return (kern_statat_vnhook(td, flag, fd, path, pathseg, sbp, NULL));
2408 kern_statat_vnhook(struct thread *td, int flag, int fd, char *path,
2409 enum uio_seg pathseg, struct stat *sbp,
2410 void (*hook)(struct vnode *vp, struct stat *sbp))
2412 struct nameidata nd;
2414 int error, vfslocked;
2416 if (flag & ~AT_SYMLINK_NOFOLLOW)
2419 NDINIT_ATRIGHTS(&nd, LOOKUP, ((flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW :
2420 FOLLOW) | LOCKSHARED | LOCKLEAF | AUDITVNODE1 | MPSAFE, pathseg,
2421 path, fd, CAP_FSTAT, td);
2423 if ((error = namei(&nd)) != 0)
2425 vfslocked = NDHASGIANT(&nd);
2426 error = vn_stat(nd.ni_vp, &sb, td->td_ucred, NOCRED, td);
2428 SDT_PROBE(vfs, , stat, mode, path, sb.st_mode, 0, 0, 0);
2429 if (S_ISREG(sb.st_mode))
2430 SDT_PROBE(vfs, , stat, reg, path, pathseg, 0, 0, 0);
2431 if (__predict_false(hook != NULL))
2432 hook(nd.ni_vp, &sb);
2434 NDFREE(&nd, NDF_ONLY_PNBUF);
2436 VFS_UNLOCK_GIANT(vfslocked);
2441 if (KTRPOINT(td, KTR_STRUCT))
2448 * Get file status; this version does not follow links.
2450 #ifndef _SYS_SYSPROTO_H_
2459 register struct lstat_args /* {
2467 error = kern_lstat(td, uap->path, UIO_USERSPACE, &sb);
2469 error = copyout(&sb, uap->ub, sizeof (sb));
2474 kern_lstat(struct thread *td, char *path, enum uio_seg pathseg, struct stat *sbp)
2477 return (kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, path, pathseg,
2482 * Implementation of the NetBSD [l]stat() functions.
2489 bzero(nsb, sizeof *nsb);
2490 nsb->st_dev = sb->st_dev;
2491 nsb->st_ino = sb->st_ino;
2492 nsb->st_mode = sb->st_mode;
2493 nsb->st_nlink = sb->st_nlink;
2494 nsb->st_uid = sb->st_uid;
2495 nsb->st_gid = sb->st_gid;
2496 nsb->st_rdev = sb->st_rdev;
2497 nsb->st_atim = sb->st_atim;
2498 nsb->st_mtim = sb->st_mtim;
2499 nsb->st_ctim = sb->st_ctim;
2500 nsb->st_size = sb->st_size;
2501 nsb->st_blocks = sb->st_blocks;
2502 nsb->st_blksize = sb->st_blksize;
2503 nsb->st_flags = sb->st_flags;
2504 nsb->st_gen = sb->st_gen;
2505 nsb->st_birthtim = sb->st_birthtim;
2508 #ifndef _SYS_SYSPROTO_H_
2517 register struct nstat_args /* {
2526 error = kern_stat(td, uap->path, UIO_USERSPACE, &sb);
2529 cvtnstat(&sb, &nsb);
2530 error = copyout(&nsb, uap->ub, sizeof (nsb));
2535 * NetBSD lstat. Get file status; this version does not follow links.
2537 #ifndef _SYS_SYSPROTO_H_
2546 register struct nlstat_args /* {
2555 error = kern_lstat(td, uap->path, UIO_USERSPACE, &sb);
2558 cvtnstat(&sb, &nsb);
2559 error = copyout(&nsb, uap->ub, sizeof (nsb));
2564 * Get configurable pathname variables.
2566 #ifndef _SYS_SYSPROTO_H_
2567 struct pathconf_args {
2575 register struct pathconf_args /* {
2581 return (kern_pathconf(td, uap->path, UIO_USERSPACE, uap->name, FOLLOW));
2584 #ifndef _SYS_SYSPROTO_H_
2585 struct lpathconf_args {
2593 register struct lpathconf_args /* {
2599 return (kern_pathconf(td, uap->path, UIO_USERSPACE, uap->name, NOFOLLOW));
2603 kern_pathconf(struct thread *td, char *path, enum uio_seg pathseg, int name,
2606 struct nameidata nd;
2607 int error, vfslocked;
2609 NDINIT(&nd, LOOKUP, LOCKSHARED | LOCKLEAF | MPSAFE | AUDITVNODE1 |
2610 flags, pathseg, path, td);
2611 if ((error = namei(&nd)) != 0)
2613 vfslocked = NDHASGIANT(&nd);
2614 NDFREE(&nd, NDF_ONLY_PNBUF);
2616 /* If asynchronous I/O is available, it works for all files. */
2617 if (name == _PC_ASYNC_IO)
2618 td->td_retval[0] = async_io_version;
2620 error = VOP_PATHCONF(nd.ni_vp, name, td->td_retval);
2622 VFS_UNLOCK_GIANT(vfslocked);
2627 * Return target name of a symbolic link.
2629 #ifndef _SYS_SYSPROTO_H_
2630 struct readlink_args {
2639 register struct readlink_args /* {
2646 return (kern_readlink(td, uap->path, UIO_USERSPACE, uap->buf,
2647 UIO_USERSPACE, uap->count));
2649 #ifndef _SYS_SYSPROTO_H_
2650 struct readlinkat_args {
2658 readlinkat(struct thread *td, struct readlinkat_args *uap)
2661 return (kern_readlinkat(td, uap->fd, uap->path, UIO_USERSPACE,
2662 uap->buf, UIO_USERSPACE, uap->bufsize));
2666 kern_readlink(struct thread *td, char *path, enum uio_seg pathseg, char *buf,
2667 enum uio_seg bufseg, size_t count)
2670 return (kern_readlinkat(td, AT_FDCWD, path, pathseg, buf, bufseg,
2675 kern_readlinkat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2676 char *buf, enum uio_seg bufseg, size_t count)
2682 struct nameidata nd;
2685 if (count > INT_MAX)
2688 NDINIT_AT(&nd, LOOKUP, NOFOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE |
2689 AUDITVNODE1, pathseg, path, fd, td);
2691 if ((error = namei(&nd)) != 0)
2693 NDFREE(&nd, NDF_ONLY_PNBUF);
2694 vfslocked = NDHASGIANT(&nd);
2697 error = mac_vnode_check_readlink(td->td_ucred, vp);
2700 VFS_UNLOCK_GIANT(vfslocked);
2704 if (vp->v_type != VLNK)
2707 aiov.iov_base = buf;
2708 aiov.iov_len = count;
2709 auio.uio_iov = &aiov;
2710 auio.uio_iovcnt = 1;
2711 auio.uio_offset = 0;
2712 auio.uio_rw = UIO_READ;
2713 auio.uio_segflg = bufseg;
2715 auio.uio_resid = count;
2716 error = VOP_READLINK(vp, &auio, td->td_ucred);
2719 VFS_UNLOCK_GIANT(vfslocked);
2720 td->td_retval[0] = count - auio.uio_resid;
2725 * Common implementation code for chflags() and fchflags().
2728 setfflags(td, vp, flags)
2738 * Prevent non-root users from setting flags on devices. When
2739 * a device is reused, users can retain ownership of the device
2740 * if they are allowed to set flags and programs assume that
2741 * chown can't fail when done as root.
2743 if (vp->v_type == VCHR || vp->v_type == VBLK) {
2744 error = priv_check(td, PRIV_VFS_CHFLAGS_DEV);
2749 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2751 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2753 vattr.va_flags = flags;
2755 error = mac_vnode_check_setflags(td->td_ucred, vp, vattr.va_flags);
2758 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
2760 vn_finished_write(mp);
2765 * Change flags of a file given a path name.
2767 #ifndef _SYS_SYSPROTO_H_
2768 struct chflags_args {
2776 register struct chflags_args /* {
2782 struct nameidata nd;
2785 AUDIT_ARG_FFLAGS(uap->flags);
2786 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, UIO_USERSPACE,
2788 if ((error = namei(&nd)) != 0)
2790 NDFREE(&nd, NDF_ONLY_PNBUF);
2791 vfslocked = NDHASGIANT(&nd);
2792 error = setfflags(td, nd.ni_vp, uap->flags);
2794 VFS_UNLOCK_GIANT(vfslocked);
2799 * Same as chflags() but doesn't follow symlinks.
2804 register struct lchflags_args /* {
2810 struct nameidata nd;
2813 AUDIT_ARG_FFLAGS(uap->flags);
2814 NDINIT(&nd, LOOKUP, NOFOLLOW | MPSAFE | AUDITVNODE1, UIO_USERSPACE,
2816 if ((error = namei(&nd)) != 0)
2818 vfslocked = NDHASGIANT(&nd);
2819 NDFREE(&nd, NDF_ONLY_PNBUF);
2820 error = setfflags(td, nd.ni_vp, uap->flags);
2822 VFS_UNLOCK_GIANT(vfslocked);
2827 * Change flags of a file given a file descriptor.
2829 #ifndef _SYS_SYSPROTO_H_
2830 struct fchflags_args {
2838 register struct fchflags_args /* {
2847 AUDIT_ARG_FD(uap->fd);
2848 AUDIT_ARG_FFLAGS(uap->flags);
2849 if ((error = getvnode(td->td_proc->p_fd, uap->fd, CAP_FCHFLAGS,
2852 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
2854 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
2855 AUDIT_ARG_VNODE1(fp->f_vnode);
2856 VOP_UNLOCK(fp->f_vnode, 0);
2858 error = setfflags(td, fp->f_vnode, uap->flags);
2859 VFS_UNLOCK_GIANT(vfslocked);
2865 * Common implementation code for chmod(), lchmod() and fchmod().
2868 setfmode(td, vp, mode)
2877 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2879 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2881 vattr.va_mode = mode & ALLPERMS;
2883 error = mac_vnode_check_setmode(td->td_ucred, vp, vattr.va_mode);
2886 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
2888 vn_finished_write(mp);
2893 * Change mode of a file given path name.
2895 #ifndef _SYS_SYSPROTO_H_
2904 register struct chmod_args /* {
2910 return (kern_chmod(td, uap->path, UIO_USERSPACE, uap->mode));
2913 #ifndef _SYS_SYSPROTO_H_
2914 struct fchmodat_args {
2922 fchmodat(struct thread *td, struct fchmodat_args *uap)
2924 int flag = uap->flag;
2926 char *path = uap->path;
2927 mode_t mode = uap->mode;
2929 if (flag & ~AT_SYMLINK_NOFOLLOW)
2932 return (kern_fchmodat(td, fd, path, UIO_USERSPACE, mode, flag));
2936 kern_chmod(struct thread *td, char *path, enum uio_seg pathseg, int mode)
2939 return (kern_fchmodat(td, AT_FDCWD, path, pathseg, mode, 0));
2943 * Change mode of a file given path name (don't follow links.)
2945 #ifndef _SYS_SYSPROTO_H_
2946 struct lchmod_args {
2954 register struct lchmod_args /* {
2960 return (kern_fchmodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2961 uap->mode, AT_SYMLINK_NOFOLLOW));
2966 kern_fchmodat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2967 mode_t mode, int flag)
2970 struct nameidata nd;
2974 AUDIT_ARG_MODE(mode);
2975 follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2976 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | MPSAFE | AUDITVNODE1, pathseg,
2977 path, fd, CAP_FCHMOD, td);
2978 if ((error = namei(&nd)) != 0)
2980 vfslocked = NDHASGIANT(&nd);
2981 NDFREE(&nd, NDF_ONLY_PNBUF);
2982 error = setfmode(td, nd.ni_vp, mode);
2984 VFS_UNLOCK_GIANT(vfslocked);
2989 * Change mode of a file given a file descriptor.
2991 #ifndef _SYS_SYSPROTO_H_
2992 struct fchmod_args {
3000 register struct fchmod_args /* {
3009 AUDIT_ARG_FD(uap->fd);
3010 AUDIT_ARG_MODE(uap->mode);
3011 if ((error = getvnode(td->td_proc->p_fd, uap->fd, CAP_FCHMOD,
3014 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
3016 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
3017 AUDIT_ARG_VNODE1(fp->f_vnode);
3018 VOP_UNLOCK(fp->f_vnode, 0);
3020 error = setfmode(td, fp->f_vnode, uap->mode);
3021 VFS_UNLOCK_GIANT(vfslocked);
3027 * Common implementation for chown(), lchown(), and fchown()
3030 setfown(td, vp, uid, gid)
3040 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
3042 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
3047 error = mac_vnode_check_setowner(td->td_ucred, vp, vattr.va_uid,
3051 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
3053 vn_finished_write(mp);
3058 * Set ownership given a path name.
3060 #ifndef _SYS_SYSPROTO_H_
3070 register struct chown_args /* {
3077 return (kern_chown(td, uap->path, UIO_USERSPACE, uap->uid, uap->gid));
3080 #ifndef _SYS_SYSPROTO_H_
3081 struct fchownat_args {
3090 fchownat(struct thread *td, struct fchownat_args *uap)
3095 if (flag & ~AT_SYMLINK_NOFOLLOW)
3098 return (kern_fchownat(td, uap->fd, uap->path, UIO_USERSPACE, uap->uid,
3099 uap->gid, uap->flag));
3103 kern_chown(struct thread *td, char *path, enum uio_seg pathseg, int uid,
3107 return (kern_fchownat(td, AT_FDCWD, path, pathseg, uid, gid, 0));
3111 kern_fchownat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
3112 int uid, int gid, int flag)
3114 struct nameidata nd;
3115 int error, vfslocked, follow;
3117 AUDIT_ARG_OWNER(uid, gid);
3118 follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
3119 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | MPSAFE | AUDITVNODE1, pathseg,
3120 path, fd, CAP_FCHOWN, td);
3122 if ((error = namei(&nd)) != 0)
3124 vfslocked = NDHASGIANT(&nd);
3125 NDFREE(&nd, NDF_ONLY_PNBUF);
3126 error = setfown(td, nd.ni_vp, uid, gid);
3128 VFS_UNLOCK_GIANT(vfslocked);
3133 * Set ownership given a path name, do not cross symlinks.
3135 #ifndef _SYS_SYSPROTO_H_
3136 struct lchown_args {
3145 register struct lchown_args /* {
3152 return (kern_lchown(td, uap->path, UIO_USERSPACE, uap->uid, uap->gid));
3156 kern_lchown(struct thread *td, char *path, enum uio_seg pathseg, int uid,
3160 return (kern_fchownat(td, AT_FDCWD, path, pathseg, uid, gid,
3161 AT_SYMLINK_NOFOLLOW));
3165 * Set ownership given a file descriptor.
3167 #ifndef _SYS_SYSPROTO_H_
3168 struct fchown_args {
3177 register struct fchown_args /* {
3187 AUDIT_ARG_FD(uap->fd);
3188 AUDIT_ARG_OWNER(uap->uid, uap->gid);
3189 if ((error = getvnode(td->td_proc->p_fd, uap->fd, CAP_FCHOWN, &fp))
3192 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
3194 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
3195 AUDIT_ARG_VNODE1(fp->f_vnode);
3196 VOP_UNLOCK(fp->f_vnode, 0);
3198 error = setfown(td, fp->f_vnode, uap->uid, uap->gid);
3199 VFS_UNLOCK_GIANT(vfslocked);
3205 * Common implementation code for utimes(), lutimes(), and futimes().
3208 getutimes(usrtvp, tvpseg, tsp)
3209 const struct timeval *usrtvp;
3210 enum uio_seg tvpseg;
3211 struct timespec *tsp;
3213 struct timeval tv[2];
3214 const struct timeval *tvp;
3217 if (usrtvp == NULL) {
3218 vfs_timestamp(&tsp[0]);
3221 if (tvpseg == UIO_SYSSPACE) {
3224 if ((error = copyin(usrtvp, tv, sizeof(tv))) != 0)
3229 if (tvp[0].tv_usec < 0 || tvp[0].tv_usec >= 1000000 ||
3230 tvp[1].tv_usec < 0 || tvp[1].tv_usec >= 1000000)
3232 TIMEVAL_TO_TIMESPEC(&tvp[0], &tsp[0]);
3233 TIMEVAL_TO_TIMESPEC(&tvp[1], &tsp[1]);
3239 * Common implementation code for utimes(), lutimes(), and futimes().
3242 setutimes(td, vp, ts, numtimes, nullflag)
3245 const struct timespec *ts;
3249 int error, setbirthtime;
3253 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
3255 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
3257 if (numtimes < 3 && !VOP_GETATTR(vp, &vattr, td->td_ucred) &&
3258 timespeccmp(&ts[1], &vattr.va_birthtime, < ))
3261 vattr.va_atime = ts[0];
3262 vattr.va_mtime = ts[1];
3264 vattr.va_birthtime = ts[1];
3266 vattr.va_birthtime = ts[2];
3268 vattr.va_vaflags |= VA_UTIMES_NULL;
3270 error = mac_vnode_check_setutimes(td->td_ucred, vp, vattr.va_atime,
3274 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
3276 vn_finished_write(mp);
3281 * Set the access and modification times of a file.
3283 #ifndef _SYS_SYSPROTO_H_
3284 struct utimes_args {
3286 struct timeval *tptr;
3292 register struct utimes_args /* {
3294 struct timeval *tptr;
3298 return (kern_utimes(td, uap->path, UIO_USERSPACE, uap->tptr,
3302 #ifndef _SYS_SYSPROTO_H_
3303 struct futimesat_args {
3306 const struct timeval * times;
3310 futimesat(struct thread *td, struct futimesat_args *uap)
3313 return (kern_utimesat(td, uap->fd, uap->path, UIO_USERSPACE,
3314 uap->times, UIO_USERSPACE));
3318 kern_utimes(struct thread *td, char *path, enum uio_seg pathseg,
3319 struct timeval *tptr, enum uio_seg tptrseg)
3322 return (kern_utimesat(td, AT_FDCWD, path, pathseg, tptr, tptrseg));
3326 kern_utimesat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
3327 struct timeval *tptr, enum uio_seg tptrseg)
3329 struct nameidata nd;
3330 struct timespec ts[2];
3331 int error, vfslocked;
3333 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
3335 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, pathseg,
3336 path, fd, CAP_FUTIMES, td);
3338 if ((error = namei(&nd)) != 0)
3340 vfslocked = NDHASGIANT(&nd);
3341 NDFREE(&nd, NDF_ONLY_PNBUF);
3342 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
3344 VFS_UNLOCK_GIANT(vfslocked);
3349 * Set the access and modification times of a file.
3351 #ifndef _SYS_SYSPROTO_H_
3352 struct lutimes_args {
3354 struct timeval *tptr;
3360 register struct lutimes_args /* {
3362 struct timeval *tptr;
3366 return (kern_lutimes(td, uap->path, UIO_USERSPACE, uap->tptr,
3371 kern_lutimes(struct thread *td, char *path, enum uio_seg pathseg,
3372 struct timeval *tptr, enum uio_seg tptrseg)
3374 struct timespec ts[2];
3376 struct nameidata nd;
3379 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
3381 NDINIT(&nd, LOOKUP, NOFOLLOW | MPSAFE | AUDITVNODE1, pathseg, path, td);
3382 if ((error = namei(&nd)) != 0)
3384 vfslocked = NDHASGIANT(&nd);
3385 NDFREE(&nd, NDF_ONLY_PNBUF);
3386 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
3388 VFS_UNLOCK_GIANT(vfslocked);
3393 * Set the access and modification times of a file.
3395 #ifndef _SYS_SYSPROTO_H_
3396 struct futimes_args {
3398 struct timeval *tptr;
3404 register struct futimes_args /* {
3406 struct timeval *tptr;
3410 return (kern_futimes(td, uap->fd, uap->tptr, UIO_USERSPACE));
3414 kern_futimes(struct thread *td, int fd, struct timeval *tptr,
3415 enum uio_seg tptrseg)
3417 struct timespec ts[2];
3423 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
3425 if ((error = getvnode(td->td_proc->p_fd, fd, CAP_FUTIMES, &fp))
3428 vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount);
3430 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
3431 AUDIT_ARG_VNODE1(fp->f_vnode);
3432 VOP_UNLOCK(fp->f_vnode, 0);
3434 error = setutimes(td, fp->f_vnode, ts, 2, tptr == NULL);
3435 VFS_UNLOCK_GIANT(vfslocked);
3441 * Truncate a file given its path name.
3443 #ifndef _SYS_SYSPROTO_H_
3444 struct truncate_args {
3453 register struct truncate_args /* {
3460 return (kern_truncate(td, uap->path, UIO_USERSPACE, uap->length));
3464 kern_truncate(struct thread *td, char *path, enum uio_seg pathseg, off_t length)
3470 struct nameidata nd;
3475 NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, pathseg, path, td);
3476 if ((error = namei(&nd)) != 0)
3478 vfslocked = NDHASGIANT(&nd);
3480 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0) {
3482 VFS_UNLOCK_GIANT(vfslocked);
3485 NDFREE(&nd, NDF_ONLY_PNBUF);
3486 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
3487 if (vp->v_type == VDIR)
3490 else if ((error = mac_vnode_check_write(td->td_ucred, NOCRED, vp))) {
3493 else if ((error = vn_writechk(vp)) == 0 &&
3494 (error = VOP_ACCESS(vp, VWRITE, td->td_ucred, td)) == 0) {
3496 vattr.va_size = length;
3497 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
3500 vn_finished_write(mp);
3501 VFS_UNLOCK_GIANT(vfslocked);
3505 #if defined(COMPAT_43)
3507 * Truncate a file given its path name.
3509 #ifndef _SYS_SYSPROTO_H_
3510 struct otruncate_args {
3518 register struct otruncate_args /* {
3523 struct truncate_args /* {
3529 nuap.path = uap->path;
3530 nuap.length = uap->length;
3531 return (truncate(td, &nuap));
3533 #endif /* COMPAT_43 */
3535 /* Versions with the pad argument */
3537 freebsd6_truncate(struct thread *td, struct freebsd6_truncate_args *uap)
3539 struct truncate_args ouap;
3541 ouap.path = uap->path;
3542 ouap.length = uap->length;
3543 return (truncate(td, &ouap));
3547 freebsd6_ftruncate(struct thread *td, struct freebsd6_ftruncate_args *uap)
3549 struct ftruncate_args ouap;
3552 ouap.length = uap->length;
3553 return (ftruncate(td, &ouap));
3557 * Sync an open file.
3559 #ifndef _SYS_SYSPROTO_H_
3567 struct fsync_args /* {
3575 int error, lock_flags;
3577 AUDIT_ARG_FD(uap->fd);
3578 if ((error = getvnode(td->td_proc->p_fd, uap->fd, CAP_FSYNC,
3582 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
3583 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
3585 if (MNT_SHARED_WRITES(mp) ||
3586 ((mp == NULL) && MNT_SHARED_WRITES(vp->v_mount))) {
3587 lock_flags = LK_SHARED;
3589 lock_flags = LK_EXCLUSIVE;
3591 vn_lock(vp, lock_flags | LK_RETRY);
3592 AUDIT_ARG_VNODE1(vp);
3593 if (vp->v_object != NULL) {
3594 VM_OBJECT_LOCK(vp->v_object);
3595 vm_object_page_clean(vp->v_object, 0, 0, 0);
3596 VM_OBJECT_UNLOCK(vp->v_object);
3598 error = VOP_FSYNC(vp, MNT_WAIT, td);
3601 vn_finished_write(mp);
3603 VFS_UNLOCK_GIANT(vfslocked);
3609 * Rename files. Source and destination must either both be directories, or
3610 * both not be directories. If target is a directory, it must be empty.
3612 #ifndef _SYS_SYSPROTO_H_
3613 struct rename_args {
3621 register struct rename_args /* {
3627 return (kern_rename(td, uap->from, uap->to, UIO_USERSPACE));
3630 #ifndef _SYS_SYSPROTO_H_
3631 struct renameat_args {
3639 renameat(struct thread *td, struct renameat_args *uap)
3642 return (kern_renameat(td, uap->oldfd, uap->old, uap->newfd, uap->new,
3647 kern_rename(struct thread *td, char *from, char *to, enum uio_seg pathseg)
3650 return (kern_renameat(td, AT_FDCWD, from, AT_FDCWD, to, pathseg));
3654 kern_renameat(struct thread *td, int oldfd, char *old, int newfd, char *new,
3655 enum uio_seg pathseg)
3657 struct mount *mp = NULL;
3658 struct vnode *tvp, *fvp, *tdvp;
3659 struct nameidata fromnd, tond;
3666 NDINIT_ATRIGHTS(&fromnd, DELETE, LOCKPARENT | LOCKLEAF | SAVESTART |
3667 MPSAFE | AUDITVNODE1, pathseg, old, oldfd, CAP_DELETE, td);
3669 NDINIT_ATRIGHTS(&fromnd, DELETE, WANTPARENT | SAVESTART | MPSAFE |
3670 AUDITVNODE1, pathseg, old, oldfd, CAP_DELETE, td);
3673 if ((error = namei(&fromnd)) != 0)
3675 fvfslocked = NDHASGIANT(&fromnd);
3678 error = mac_vnode_check_rename_from(td->td_ucred, fromnd.ni_dvp,
3679 fromnd.ni_vp, &fromnd.ni_cnd);
3680 VOP_UNLOCK(fromnd.ni_dvp, 0);
3681 if (fromnd.ni_dvp != fromnd.ni_vp)
3682 VOP_UNLOCK(fromnd.ni_vp, 0);
3686 error = vn_start_write(fvp, &mp, V_WAIT | PCATCH);
3688 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3689 vrele(fromnd.ni_dvp);
3693 NDINIT_ATRIGHTS(&tond, RENAME, LOCKPARENT | LOCKLEAF | NOCACHE |
3694 SAVESTART | MPSAFE | AUDITVNODE2, pathseg, new, newfd, CAP_CREATE,
3696 if (fromnd.ni_vp->v_type == VDIR)
3697 tond.ni_cnd.cn_flags |= WILLBEDIR;
3698 if ((error = namei(&tond)) != 0) {
3699 /* Translate error code for rename("dir1", "dir2/."). */
3700 if (error == EISDIR && fvp->v_type == VDIR)
3702 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3703 vrele(fromnd.ni_dvp);
3705 vn_finished_write(mp);
3708 tvfslocked = NDHASGIANT(&tond);
3712 if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
3715 } else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
3725 * If the source is the same as the destination (that is, if they
3726 * are links to the same vnode), then there is nothing to do.
3732 error = mac_vnode_check_rename_to(td->td_ucred, tdvp,
3733 tond.ni_vp, fromnd.ni_dvp == tdvp, &tond.ni_cnd);
3737 error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
3738 tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
3739 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3740 NDFREE(&tond, NDF_ONLY_PNBUF);
3742 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3743 NDFREE(&tond, NDF_ONLY_PNBUF);
3750 vrele(fromnd.ni_dvp);
3753 vrele(tond.ni_startdir);
3754 vn_finished_write(mp);
3756 if (fromnd.ni_startdir)
3757 vrele(fromnd.ni_startdir);
3758 VFS_UNLOCK_GIANT(fvfslocked);
3759 VFS_UNLOCK_GIANT(tvfslocked);
3766 * Make a directory file.
3768 #ifndef _SYS_SYSPROTO_H_
3777 register struct mkdir_args /* {
3783 return (kern_mkdir(td, uap->path, UIO_USERSPACE, uap->mode));
3786 #ifndef _SYS_SYSPROTO_H_
3787 struct mkdirat_args {
3794 mkdirat(struct thread *td, struct mkdirat_args *uap)
3797 return (kern_mkdirat(td, uap->fd, uap->path, UIO_USERSPACE, uap->mode));
3801 kern_mkdir(struct thread *td, char *path, enum uio_seg segflg, int mode)
3804 return (kern_mkdirat(td, AT_FDCWD, path, segflg, mode));
3808 kern_mkdirat(struct thread *td, int fd, char *path, enum uio_seg segflg,
3815 struct nameidata nd;
3818 AUDIT_ARG_MODE(mode);
3821 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE |
3822 AUDITVNODE1, segflg, path, fd, CAP_MKDIR, td);
3823 nd.ni_cnd.cn_flags |= WILLBEDIR;
3824 if ((error = namei(&nd)) != 0)
3826 vfslocked = NDHASGIANT(&nd);
3829 NDFREE(&nd, NDF_ONLY_PNBUF);
3831 * XXX namei called with LOCKPARENT but not LOCKLEAF has
3832 * the strange behaviour of leaving the vnode unlocked
3833 * if the target is the same vnode as the parent.
3835 if (vp == nd.ni_dvp)
3840 VFS_UNLOCK_GIANT(vfslocked);
3843 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3844 NDFREE(&nd, NDF_ONLY_PNBUF);
3846 VFS_UNLOCK_GIANT(vfslocked);
3847 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3852 vattr.va_type = VDIR;
3853 vattr.va_mode = (mode & ACCESSPERMS) &~ td->td_proc->p_fd->fd_cmask;
3855 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
3860 error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
3864 NDFREE(&nd, NDF_ONLY_PNBUF);
3868 vn_finished_write(mp);
3869 VFS_UNLOCK_GIANT(vfslocked);
3874 * Remove a directory file.
3876 #ifndef _SYS_SYSPROTO_H_
3884 struct rmdir_args /* {
3889 return (kern_rmdir(td, uap->path, UIO_USERSPACE));
3893 kern_rmdir(struct thread *td, char *path, enum uio_seg pathseg)
3896 return (kern_rmdirat(td, AT_FDCWD, path, pathseg));
3900 kern_rmdirat(struct thread *td, int fd, char *path, enum uio_seg pathseg)
3905 struct nameidata nd;
3910 NDINIT_ATRIGHTS(&nd, DELETE, LOCKPARENT | LOCKLEAF | MPSAFE |
3911 AUDITVNODE1, pathseg, path, fd, CAP_RMDIR, td);
3912 if ((error = namei(&nd)) != 0)
3914 vfslocked = NDHASGIANT(&nd);
3916 if (vp->v_type != VDIR) {
3921 * No rmdir "." please.
3923 if (nd.ni_dvp == vp) {
3928 * The root of a mounted filesystem cannot be deleted.
3930 if (vp->v_vflag & VV_ROOT) {
3935 error = mac_vnode_check_unlink(td->td_ucred, nd.ni_dvp, vp,
3940 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3941 NDFREE(&nd, NDF_ONLY_PNBUF);
3943 if (nd.ni_dvp == vp)
3947 VFS_UNLOCK_GIANT(vfslocked);
3948 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3952 error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
3953 vn_finished_write(mp);
3955 NDFREE(&nd, NDF_ONLY_PNBUF);
3957 if (nd.ni_dvp == vp)
3961 VFS_UNLOCK_GIANT(vfslocked);
3967 * Read a block of directory entries in a filesystem independent format.
3969 #ifndef _SYS_SYSPROTO_H_
3970 struct ogetdirentries_args {
3978 ogetdirentries(struct thread *td, struct ogetdirentries_args *uap)
3983 error = kern_ogetdirentries(td, uap, &loff);
3985 error = copyout(&loff, uap->basep, sizeof(long));
3990 kern_ogetdirentries(struct thread *td, struct ogetdirentries_args *uap,
3995 struct uio auio, kuio;
3996 struct iovec aiov, kiov;
3997 struct dirent *dp, *edp;
3999 int error, eofflag, readcnt, vfslocked;
4002 /* XXX arbitrary sanity limit on `count'. */
4003 if (uap->count > 64 * 1024)
4005 if ((error = getvnode(td->td_proc->p_fd, uap->fd, CAP_READ,
4008 if ((fp->f_flag & FREAD) == 0) {
4014 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
4015 if (vp->v_type != VDIR) {
4016 VFS_UNLOCK_GIANT(vfslocked);
4020 aiov.iov_base = uap->buf;
4021 aiov.iov_len = uap->count;
4022 auio.uio_iov = &aiov;
4023 auio.uio_iovcnt = 1;
4024 auio.uio_rw = UIO_READ;
4025 auio.uio_segflg = UIO_USERSPACE;
4027 auio.uio_resid = uap->count;
4028 vn_lock(vp, LK_SHARED | LK_RETRY);
4029 loff = auio.uio_offset = fp->f_offset;
4031 error = mac_vnode_check_readdir(td->td_ucred, vp);
4034 VFS_UNLOCK_GIANT(vfslocked);
4039 # if (BYTE_ORDER != LITTLE_ENDIAN)
4040 if (vp->v_mount->mnt_maxsymlinklen <= 0) {
4041 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag,
4043 fp->f_offset = auio.uio_offset;
4048 kuio.uio_iov = &kiov;
4049 kuio.uio_segflg = UIO_SYSSPACE;
4050 kiov.iov_len = uap->count;
4051 dirbuf = malloc(uap->count, M_TEMP, M_WAITOK);
4052 kiov.iov_base = dirbuf;
4053 error = VOP_READDIR(vp, &kuio, fp->f_cred, &eofflag,
4055 fp->f_offset = kuio.uio_offset;
4057 readcnt = uap->count - kuio.uio_resid;
4058 edp = (struct dirent *)&dirbuf[readcnt];
4059 for (dp = (struct dirent *)dirbuf; dp < edp; ) {
4060 # if (BYTE_ORDER == LITTLE_ENDIAN)
4062 * The expected low byte of
4063 * dp->d_namlen is our dp->d_type.
4064 * The high MBZ byte of dp->d_namlen
4065 * is our dp->d_namlen.
4067 dp->d_type = dp->d_namlen;
4071 * The dp->d_type is the high byte
4072 * of the expected dp->d_namlen,
4073 * so must be zero'ed.
4077 if (dp->d_reclen > 0) {
4078 dp = (struct dirent *)
4079 ((char *)dp + dp->d_reclen);
4086 error = uiomove(dirbuf, readcnt, &auio);
4088 free(dirbuf, M_TEMP);
4092 VFS_UNLOCK_GIANT(vfslocked);
4096 if (uap->count == auio.uio_resid &&
4097 (vp->v_vflag & VV_ROOT) &&
4098 (vp->v_mount->mnt_flag & MNT_UNION)) {
4099 struct vnode *tvp = vp;
4100 vp = vp->v_mount->mnt_vnodecovered;
4106 VFS_UNLOCK_GIANT(vfslocked);
4110 VFS_UNLOCK_GIANT(vfslocked);
4112 td->td_retval[0] = uap->count - auio.uio_resid;
4117 #endif /* COMPAT_43 */
4120 * Read a block of directory entries in a filesystem independent format.
4122 #ifndef _SYS_SYSPROTO_H_
4123 struct getdirentries_args {
4131 getdirentries(td, uap)
4133 register struct getdirentries_args /* {
4143 error = kern_getdirentries(td, uap->fd, uap->buf, uap->count, &base);
4146 if (uap->basep != NULL)
4147 error = copyout(&base, uap->basep, sizeof(long));
4152 kern_getdirentries(struct thread *td, int fd, char *buf, u_int count,
4164 if (count > INT_MAX)
4166 if ((error = getvnode(td->td_proc->p_fd, fd, CAP_READ | CAP_SEEK,
4169 if ((fp->f_flag & FREAD) == 0) {
4175 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
4176 if (vp->v_type != VDIR) {
4177 VFS_UNLOCK_GIANT(vfslocked);
4181 aiov.iov_base = buf;
4182 aiov.iov_len = count;
4183 auio.uio_iov = &aiov;
4184 auio.uio_iovcnt = 1;
4185 auio.uio_rw = UIO_READ;
4186 auio.uio_segflg = UIO_USERSPACE;
4188 auio.uio_resid = count;
4189 vn_lock(vp, LK_SHARED | LK_RETRY);
4190 AUDIT_ARG_VNODE1(vp);
4191 loff = auio.uio_offset = fp->f_offset;
4193 error = mac_vnode_check_readdir(td->td_ucred, vp);
4196 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, NULL,
4198 fp->f_offset = auio.uio_offset;
4201 VFS_UNLOCK_GIANT(vfslocked);
4204 if (count == auio.uio_resid &&
4205 (vp->v_vflag & VV_ROOT) &&
4206 (vp->v_mount->mnt_flag & MNT_UNION)) {
4207 struct vnode *tvp = vp;
4208 vp = vp->v_mount->mnt_vnodecovered;
4214 VFS_UNLOCK_GIANT(vfslocked);
4218 VFS_UNLOCK_GIANT(vfslocked);
4220 td->td_retval[0] = count - auio.uio_resid;
4226 #ifndef _SYS_SYSPROTO_H_
4227 struct getdents_args {
4236 register struct getdents_args /* {
4242 struct getdirentries_args ap;
4245 ap.count = uap->count;
4247 return (getdirentries(td, &ap));
4251 * Set the mode mask for creation of filesystem nodes.
4253 #ifndef _SYS_SYSPROTO_H_
4261 struct umask_args /* {
4265 register struct filedesc *fdp;
4267 FILEDESC_XLOCK(td->td_proc->p_fd);
4268 fdp = td->td_proc->p_fd;
4269 td->td_retval[0] = fdp->fd_cmask;
4270 fdp->fd_cmask = uap->newmask & ALLPERMS;
4271 FILEDESC_XUNLOCK(td->td_proc->p_fd);
4276 * Void all references to file by ripping underlying filesystem away from
4279 #ifndef _SYS_SYSPROTO_H_
4280 struct revoke_args {
4287 register struct revoke_args /* {
4294 struct nameidata nd;
4297 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
4298 UIO_USERSPACE, uap->path, td);
4299 if ((error = namei(&nd)) != 0)
4301 vfslocked = NDHASGIANT(&nd);
4303 NDFREE(&nd, NDF_ONLY_PNBUF);
4304 if (vp->v_type != VCHR || vp->v_rdev == NULL) {
4309 error = mac_vnode_check_revoke(td->td_ucred, vp);
4313 error = VOP_GETATTR(vp, &vattr, td->td_ucred);
4316 if (td->td_ucred->cr_uid != vattr.va_uid) {
4317 error = priv_check(td, PRIV_VFS_ADMIN);
4322 VOP_REVOKE(vp, REVOKEALL);
4325 VFS_UNLOCK_GIANT(vfslocked);
4330 * Convert a user file descriptor to a kernel file entry and check that, if it
4331 * is a capability, the correct rights are present. A reference on the file
4332 * entry is held upon returning.
4335 getvnode(struct filedesc *fdp, int fd, cap_rights_t rights,
4340 struct file *fp_fromcap;
4346 if ((fdp == NULL) || (fp = fget_unlocked(fdp, fd)) == NULL)
4350 * If the file descriptor is for a capability, test rights and use the
4351 * file descriptor referenced by the capability.
4353 error = cap_funwrap(fp, rights, &fp_fromcap);
4355 fdrop(fp, curthread);
4358 if (fp != fp_fromcap) {
4360 fdrop(fp, curthread);
4363 #endif /* CAPABILITIES */
4364 if (fp->f_vnode == NULL) {
4365 fdrop(fp, curthread);
4374 * Get an (NFS) file handle.
4376 #ifndef _SYS_SYSPROTO_H_
4377 struct lgetfh_args {
4385 register struct lgetfh_args *uap;
4387 struct nameidata nd;
4389 register struct vnode *vp;
4393 error = priv_check(td, PRIV_VFS_GETFH);
4396 NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
4397 UIO_USERSPACE, uap->fname, td);
4401 vfslocked = NDHASGIANT(&nd);
4402 NDFREE(&nd, NDF_ONLY_PNBUF);
4404 bzero(&fh, sizeof(fh));
4405 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
4406 error = VOP_VPTOFH(vp, &fh.fh_fid);
4408 VFS_UNLOCK_GIANT(vfslocked);
4411 error = copyout(&fh, uap->fhp, sizeof (fh));
4415 #ifndef _SYS_SYSPROTO_H_
4424 register struct getfh_args *uap;
4426 struct nameidata nd;
4428 register struct vnode *vp;
4432 error = priv_check(td, PRIV_VFS_GETFH);
4435 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
4436 UIO_USERSPACE, uap->fname, td);
4440 vfslocked = NDHASGIANT(&nd);
4441 NDFREE(&nd, NDF_ONLY_PNBUF);
4443 bzero(&fh, sizeof(fh));
4444 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
4445 error = VOP_VPTOFH(vp, &fh.fh_fid);
4447 VFS_UNLOCK_GIANT(vfslocked);
4450 error = copyout(&fh, uap->fhp, sizeof (fh));
4455 * syscall for the rpc.lockd to use to translate a NFS file handle into an
4458 * warning: do not remove the priv_check() call or this becomes one giant
4461 #ifndef _SYS_SYSPROTO_H_
4462 struct fhopen_args {
4463 const struct fhandle *u_fhp;
4470 struct fhopen_args /* {
4471 const struct fhandle *u_fhp;
4475 struct proc *p = td->td_proc;
4480 struct vattr *vap = &vat;
4483 register struct filedesc *fdp = p->p_fd;
4484 int fmode, error, type;
4490 error = priv_check(td, PRIV_VFS_FHOPEN);
4493 fmode = FFLAGS(uap->flags);
4494 /* why not allow a non-read/write open for our lockd? */
4495 if (((fmode & (FREAD | FWRITE)) == 0) || (fmode & O_CREAT))
4497 error = copyin(uap->u_fhp, &fhp, sizeof(fhp));
4500 /* find the mount point */
4501 mp = vfs_busyfs(&fhp.fh_fsid);
4504 vfslocked = VFS_LOCK_GIANT(mp);
4505 /* now give me my vnode, it gets returned to me locked */
4506 error = VFS_FHTOVP(mp, &fhp.fh_fid, LK_EXCLUSIVE, &vp);
4511 * from now on we have to make sure not
4512 * to forget about the vnode
4513 * any error that causes an abort must vput(vp)
4514 * just set error = err and 'goto bad;'.
4520 if (vp->v_type == VLNK) {
4524 if (vp->v_type == VSOCK) {
4528 if (vp->v_type != VDIR && fmode & O_DIRECTORY) {
4533 if (fmode & (FWRITE | O_TRUNC)) {
4534 if (vp->v_type == VDIR) {
4538 error = vn_writechk(vp);
4545 if ((fmode & O_APPEND) && (fmode & FWRITE))
4548 error = mac_vnode_check_open(td->td_ucred, vp, accmode);
4553 error = VOP_ACCESS(vp, accmode, td->td_ucred, td);
4557 if (fmode & O_TRUNC) {
4559 VOP_UNLOCK(vp, 0); /* XXX */
4560 if ((error = vn_start_write(NULL, &mp, V_WAIT | PCATCH)) != 0) {
4565 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); /* XXX */
4569 * We don't yet have fp->f_cred, so use td->td_ucred, which
4572 error = mac_vnode_check_write(td->td_ucred, td->td_ucred, vp);
4577 error = VOP_SETATTR(vp, vap, td->td_ucred);
4581 vn_finished_write(mp);
4585 error = VOP_OPEN(vp, fmode, td->td_ucred, td, NULL);
4593 * end of vn_open code
4596 if ((error = falloc(td, &nfp, &indx, fmode)) != 0) {
4601 /* An extra reference on `nfp' has been held for us by falloc(). */
4604 finit(nfp, fmode & FMASK, DTYPE_VNODE, vp, &vnops);
4605 if (fmode & (O_EXLOCK | O_SHLOCK)) {
4606 lf.l_whence = SEEK_SET;
4609 if (fmode & O_EXLOCK)
4610 lf.l_type = F_WRLCK;
4612 lf.l_type = F_RDLCK;
4614 if ((fmode & FNONBLOCK) == 0)
4617 if ((error = VOP_ADVLOCK(vp, (caddr_t)fp, F_SETLK, &lf,
4620 * The lock request failed. Normally close the
4621 * descriptor but handle the case where someone might
4622 * have dup()d or close()d it when we weren't looking.
4624 fdclose(fdp, fp, indx, td);
4627 * release our private reference
4632 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
4633 atomic_set_int(&fp->f_flag, FHASLOCK);
4638 VFS_UNLOCK_GIANT(vfslocked);
4639 td->td_retval[0] = indx;
4645 VFS_UNLOCK_GIANT(vfslocked);
4650 * Stat an (NFS) file handle.
4652 #ifndef _SYS_SYSPROTO_H_
4653 struct fhstat_args {
4654 struct fhandle *u_fhp;
4661 register struct fhstat_args /* {
4662 struct fhandle *u_fhp;
4673 error = priv_check(td, PRIV_VFS_FHSTAT);
4676 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
4679 if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL)
4681 vfslocked = VFS_LOCK_GIANT(mp);
4682 error = VFS_FHTOVP(mp, &fh.fh_fid, LK_EXCLUSIVE, &vp);
4685 VFS_UNLOCK_GIANT(vfslocked);
4688 error = vn_stat(vp, &sb, td->td_ucred, NOCRED, td);
4690 VFS_UNLOCK_GIANT(vfslocked);
4693 error = copyout(&sb, uap->sb, sizeof(sb));
4698 * Implement fstatfs() for (NFS) file handles.
4700 #ifndef _SYS_SYSPROTO_H_
4701 struct fhstatfs_args {
4702 struct fhandle *u_fhp;
4709 struct fhstatfs_args /* {
4710 struct fhandle *u_fhp;
4718 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
4721 error = kern_fhstatfs(td, fh, &sf);
4724 return (copyout(&sf, uap->buf, sizeof(sf)));
4728 kern_fhstatfs(struct thread *td, fhandle_t fh, struct statfs *buf)
4736 error = priv_check(td, PRIV_VFS_FHSTATFS);
4739 if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL)
4741 vfslocked = VFS_LOCK_GIANT(mp);
4742 error = VFS_FHTOVP(mp, &fh.fh_fid, LK_EXCLUSIVE, &vp);
4745 VFS_UNLOCK_GIANT(vfslocked);
4749 error = prison_canseemount(td->td_ucred, mp);
4753 error = mac_mount_check_stat(td->td_ucred, mp);
4758 * Set these in case the underlying filesystem fails to do so.
4761 sp->f_version = STATFS_VERSION;
4762 sp->f_namemax = NAME_MAX;
4763 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
4764 error = VFS_STATFS(mp, sp);
4769 VFS_UNLOCK_GIANT(vfslocked);
4774 kern_posix_fallocate(struct thread *td, int fd, off_t offset, off_t len)
4779 off_t olen, ooffset;
4780 int error, vfslocked;
4784 error = fget(td, fd, CAP_WRITE, &fp);
4788 switch (fp->f_type) {
4799 if ((fp->f_flag & FWRITE) == 0) {
4804 if (vp->v_type != VREG) {
4808 if (offset < 0 || len <= 0) {
4812 /* Check for wrap. */
4813 if (offset > OFF_MAX - len) {
4818 /* Allocating blocks may take a long time, so iterate. */
4824 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
4826 error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
4828 VFS_UNLOCK_GIANT(vfslocked);
4831 error = vn_lock(vp, LK_EXCLUSIVE);
4833 vn_finished_write(mp);
4834 VFS_UNLOCK_GIANT(vfslocked);
4838 error = mac_vnode_check_write(td->td_ucred, fp->f_cred, vp);
4841 error = VOP_ALLOCATE(vp, &offset, &len);
4843 vn_finished_write(mp);
4844 VFS_UNLOCK_GIANT(vfslocked);
4846 if (olen + ooffset != offset + len) {
4847 panic("offset + len changed from %jx/%jx to %jx/%jx",
4848 ooffset, olen, offset, len);
4850 if (error != 0 || len == 0)
4852 KASSERT(olen > len, ("Iteration did not make progress?"));
4862 posix_fallocate(struct thread *td, struct posix_fallocate_args *uap)
4865 return (kern_posix_fallocate(td, uap->fd, uap->offset, uap->len));