2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include "opt_capsicum.h"
41 #include "opt_compat.h"
42 #include "opt_ktrace.h"
44 #include <sys/param.h>
45 #include <sys/systm.h>
48 #include <sys/capsicum.h>
50 #include <sys/sysent.h>
51 #include <sys/malloc.h>
52 #include <sys/mount.h>
53 #include <sys/mutex.h>
54 #include <sys/sysproto.h>
55 #include <sys/namei.h>
56 #include <sys/filedesc.h>
57 #include <sys/kernel.h>
58 #include <sys/fcntl.h>
60 #include <sys/filio.h>
61 #include <sys/limits.h>
62 #include <sys/linker.h>
63 #include <sys/rwlock.h>
67 #include <sys/unistd.h>
68 #include <sys/vnode.h>
71 #include <sys/dirent.h>
73 #include <sys/syscallsubr.h>
74 #include <sys/sysctl.h>
76 #include <sys/ktrace.h>
79 #include <machine/stdarg.h>
81 #include <security/audit/audit.h>
82 #include <security/mac/mac_framework.h>
85 #include <vm/vm_object.h>
86 #include <vm/vm_page.h>
89 #include <ufs/ufs/quota.h>
91 MALLOC_DEFINE(M_FADVISE, "fadvise", "posix_fadvise(2) information");
93 SDT_PROVIDER_DEFINE(vfs);
94 SDT_PROBE_DEFINE2(vfs, , stat, mode, "char *", "int");
95 SDT_PROBE_DEFINE2(vfs, , stat, reg, "char *", "int");
97 static int kern_chflagsat(struct thread *td, int fd, const char *path,
98 enum uio_seg pathseg, u_long flags, int atflag);
99 static int setfflags(struct thread *td, struct vnode *, u_long);
100 static int getutimes(const struct timeval *, enum uio_seg, struct timespec *);
101 static int getutimens(const struct timespec *, enum uio_seg,
102 struct timespec *, int *);
103 static int setutimes(struct thread *td, struct vnode *,
104 const struct timespec *, int, int);
105 static int vn_access(struct vnode *vp, int user_flags, struct ucred *cred,
109 * Sync each mounted filesystem.
111 #ifndef _SYS_SYSPROTO_H_
120 struct sync_args *uap;
122 struct mount *mp, *nmp;
125 mtx_lock(&mountlist_mtx);
126 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
127 if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK)) {
128 nmp = TAILQ_NEXT(mp, mnt_list);
131 if ((mp->mnt_flag & MNT_RDONLY) == 0 &&
132 vn_start_write(NULL, &mp, V_NOWAIT) == 0) {
133 save = curthread_pflags_set(TDP_SYNCIO);
134 vfs_msync(mp, MNT_NOWAIT);
135 VFS_SYNC(mp, MNT_NOWAIT);
136 curthread_pflags_restore(save);
137 vn_finished_write(mp);
139 mtx_lock(&mountlist_mtx);
140 nmp = TAILQ_NEXT(mp, mnt_list);
143 mtx_unlock(&mountlist_mtx);
148 * Change filesystem quotas.
150 #ifndef _SYS_SYSPROTO_H_
151 struct quotactl_args {
159 sys_quotactl(td, uap)
161 register struct quotactl_args /* {
172 AUDIT_ARG_CMD(uap->cmd);
173 AUDIT_ARG_UID(uap->uid);
174 if (!prison_allow(td->td_ucred, PR_ALLOW_QUOTAS))
176 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
178 if ((error = namei(&nd)) != 0)
180 NDFREE(&nd, NDF_ONLY_PNBUF);
181 mp = nd.ni_vp->v_mount;
184 error = vfs_busy(mp, 0);
188 error = VFS_QUOTACTL(mp, uap->cmd, uap->uid, uap->arg);
191 * Since quota on operation typically needs to open quota
192 * file, the Q_QUOTAON handler needs to unbusy the mount point
193 * before calling into namei. Otherwise, unmount might be
194 * started between two vfs_busy() invocations (first is our,
195 * second is from mount point cross-walk code in lookup()),
198 * Require that Q_QUOTAON handles the vfs_busy() reference on
199 * its own, always returning with ubusied mount point.
201 if ((uap->cmd >> SUBCMDSHIFT) != Q_QUOTAON)
207 * Used by statfs conversion routines to scale the block size up if
208 * necessary so that all of the block counts are <= 'max_size'. Note
209 * that 'max_size' should be a bitmask, i.e. 2^n - 1 for some non-zero
213 statfs_scale_blocks(struct statfs *sf, long max_size)
218 KASSERT(powerof2(max_size + 1), ("%s: invalid max_size", __func__));
221 * Attempt to scale the block counts to give a more accurate
222 * overview to userland of the ratio of free space to used
223 * space. To do this, find the largest block count and compute
224 * a divisor that lets it fit into a signed integer <= max_size.
226 if (sf->f_bavail < 0)
227 count = -sf->f_bavail;
229 count = sf->f_bavail;
230 count = MAX(sf->f_blocks, MAX(sf->f_bfree, count));
231 if (count <= max_size)
234 count >>= flsl(max_size);
241 sf->f_bsize <<= shift;
242 sf->f_blocks >>= shift;
243 sf->f_bfree >>= shift;
244 sf->f_bavail >>= shift;
248 kern_do_statfs(struct thread *td, struct mount *mp, struct statfs *buf)
255 error = vfs_busy(mp, 0);
260 error = mac_mount_check_stat(td->td_ucred, mp);
265 * Set these in case the underlying filesystem fails to do so.
268 sp->f_version = STATFS_VERSION;
269 sp->f_namemax = NAME_MAX;
270 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
271 error = VFS_STATFS(mp, sp);
275 if (priv_check(td, PRIV_VFS_GENERATION)) {
276 buf->f_fsid.val[0] = buf->f_fsid.val[1] = 0;
277 prison_enforce_statfs(td->td_ucred, mp, buf);
285 * Get filesystem statistics.
287 #ifndef _SYS_SYSPROTO_H_
296 register struct statfs_args /* {
304 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
305 error = kern_statfs(td, uap->path, UIO_USERSPACE, sfp);
307 error = copyout(sfp, uap->buf, sizeof(struct statfs));
313 kern_statfs(struct thread *td, char *path, enum uio_seg pathseg,
320 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
325 mp = nd.ni_vp->v_mount;
327 NDFREE(&nd, NDF_ONLY_PNBUF);
329 return (kern_do_statfs(td, mp, buf));
333 * Get filesystem statistics.
335 #ifndef _SYS_SYSPROTO_H_
336 struct fstatfs_args {
344 register struct fstatfs_args /* {
352 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
353 error = kern_fstatfs(td, uap->fd, sfp);
355 error = copyout(sfp, uap->buf, sizeof(struct statfs));
361 kern_fstatfs(struct thread *td, int fd, struct statfs *buf)
370 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FSTATFS), &fp);
374 vn_lock(vp, LK_SHARED | LK_RETRY);
376 AUDIT_ARG_VNODE1(vp);
383 return (kern_do_statfs(td, mp, buf));
387 * Get statistics on all filesystems.
389 #ifndef _SYS_SYSPROTO_H_
390 struct getfsstat_args {
397 sys_getfsstat(td, uap)
399 register struct getfsstat_args /* {
408 if (uap->bufsize < 0 || uap->bufsize > SIZE_MAX)
410 error = kern_getfsstat(td, &uap->buf, uap->bufsize, &count,
411 UIO_USERSPACE, uap->mode);
413 td->td_retval[0] = count;
418 * If (bufsize > 0 && bufseg == UIO_SYSSPACE)
419 * The caller is responsible for freeing memory which will be allocated
423 kern_getfsstat(struct thread *td, struct statfs **buf, size_t bufsize,
424 size_t *countp, enum uio_seg bufseg, int mode)
426 struct mount *mp, *nmp;
427 struct statfs *sfsp, *sp, *sptmp, *tofree;
428 size_t count, maxcount;
439 maxcount = bufsize / sizeof(struct statfs);
443 } else if (bufseg == UIO_USERSPACE) {
446 } else /* if (bufseg == UIO_SYSSPACE) */ {
448 mtx_lock(&mountlist_mtx);
449 TAILQ_FOREACH(mp, &mountlist, mnt_list) {
452 mtx_unlock(&mountlist_mtx);
453 if (maxcount > count)
455 tofree = sfsp = *buf = malloc(maxcount * sizeof(struct statfs),
459 mtx_lock(&mountlist_mtx);
460 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
461 if (prison_canseemount(td->td_ucred, mp) != 0) {
462 nmp = TAILQ_NEXT(mp, mnt_list);
466 if (mac_mount_check_stat(td->td_ucred, mp) != 0) {
467 nmp = TAILQ_NEXT(mp, mnt_list);
471 if (mode == MNT_WAIT) {
472 if (vfs_busy(mp, MBF_MNTLSTLOCK) != 0) {
474 * If vfs_busy() failed, and MBF_NOWAIT
475 * wasn't passed, then the mp is gone.
476 * Furthermore, because of MBF_MNTLSTLOCK,
477 * the mountlist_mtx was dropped. We have
478 * no other choice than to start over.
480 mtx_unlock(&mountlist_mtx);
481 free(tofree, M_STATFS);
485 if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK) != 0) {
486 nmp = TAILQ_NEXT(mp, mnt_list);
490 if (sfsp != NULL && count < maxcount) {
493 * Set these in case the underlying filesystem
496 sp->f_version = STATFS_VERSION;
497 sp->f_namemax = NAME_MAX;
498 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
500 * If MNT_NOWAIT is specified, do not refresh
503 if (mode != MNT_NOWAIT) {
504 error = VFS_STATFS(mp, sp);
506 mtx_lock(&mountlist_mtx);
507 nmp = TAILQ_NEXT(mp, mnt_list);
512 if (priv_check(td, PRIV_VFS_GENERATION)) {
513 sptmp = malloc(sizeof(struct statfs), M_STATFS,
516 sptmp->f_fsid.val[0] = sptmp->f_fsid.val[1] = 0;
517 prison_enforce_statfs(td->td_ucred, mp, sptmp);
521 if (bufseg == UIO_SYSSPACE) {
522 bcopy(sp, sfsp, sizeof(*sp));
523 free(sptmp, M_STATFS);
524 } else /* if (bufseg == UIO_USERSPACE) */ {
525 error = copyout(sp, sfsp, sizeof(*sp));
526 free(sptmp, M_STATFS);
535 mtx_lock(&mountlist_mtx);
536 nmp = TAILQ_NEXT(mp, mnt_list);
539 mtx_unlock(&mountlist_mtx);
540 if (sfsp != NULL && count > maxcount)
547 #ifdef COMPAT_FREEBSD4
549 * Get old format filesystem statistics.
551 static void cvtstatfs(struct statfs *, struct ostatfs *);
553 #ifndef _SYS_SYSPROTO_H_
554 struct freebsd4_statfs_args {
560 freebsd4_statfs(td, uap)
562 struct freebsd4_statfs_args /* {
571 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
572 error = kern_statfs(td, uap->path, UIO_USERSPACE, sfp);
574 cvtstatfs(sfp, &osb);
575 error = copyout(&osb, uap->buf, sizeof(osb));
582 * Get filesystem statistics.
584 #ifndef _SYS_SYSPROTO_H_
585 struct freebsd4_fstatfs_args {
591 freebsd4_fstatfs(td, uap)
593 struct freebsd4_fstatfs_args /* {
602 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
603 error = kern_fstatfs(td, uap->fd, sfp);
605 cvtstatfs(sfp, &osb);
606 error = copyout(&osb, uap->buf, sizeof(osb));
613 * Get statistics on all filesystems.
615 #ifndef _SYS_SYSPROTO_H_
616 struct freebsd4_getfsstat_args {
623 freebsd4_getfsstat(td, uap)
625 register struct freebsd4_getfsstat_args /* {
631 struct statfs *buf, *sp;
636 if (uap->bufsize < 0)
638 count = uap->bufsize / sizeof(struct ostatfs);
639 if (count > SIZE_MAX / sizeof(struct statfs))
641 size = count * sizeof(struct statfs);
642 error = kern_getfsstat(td, &buf, size, &count, UIO_SYSSPACE,
644 td->td_retval[0] = count;
647 while (count != 0 && error == 0) {
649 error = copyout(&osb, uap->buf, sizeof(osb));
660 * Implement fstatfs() for (NFS) file handles.
662 #ifndef _SYS_SYSPROTO_H_
663 struct freebsd4_fhstatfs_args {
664 struct fhandle *u_fhp;
669 freebsd4_fhstatfs(td, uap)
671 struct freebsd4_fhstatfs_args /* {
672 struct fhandle *u_fhp;
681 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
684 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
685 error = kern_fhstatfs(td, fh, sfp);
687 cvtstatfs(sfp, &osb);
688 error = copyout(&osb, uap->buf, sizeof(osb));
695 * Convert a new format statfs structure to an old format statfs structure.
703 statfs_scale_blocks(nsp, LONG_MAX);
704 bzero(osp, sizeof(*osp));
705 osp->f_bsize = nsp->f_bsize;
706 osp->f_iosize = MIN(nsp->f_iosize, LONG_MAX);
707 osp->f_blocks = nsp->f_blocks;
708 osp->f_bfree = nsp->f_bfree;
709 osp->f_bavail = nsp->f_bavail;
710 osp->f_files = MIN(nsp->f_files, LONG_MAX);
711 osp->f_ffree = MIN(nsp->f_ffree, LONG_MAX);
712 osp->f_owner = nsp->f_owner;
713 osp->f_type = nsp->f_type;
714 osp->f_flags = nsp->f_flags;
715 osp->f_syncwrites = MIN(nsp->f_syncwrites, LONG_MAX);
716 osp->f_asyncwrites = MIN(nsp->f_asyncwrites, LONG_MAX);
717 osp->f_syncreads = MIN(nsp->f_syncreads, LONG_MAX);
718 osp->f_asyncreads = MIN(nsp->f_asyncreads, LONG_MAX);
719 strlcpy(osp->f_fstypename, nsp->f_fstypename,
720 MIN(MFSNAMELEN, OMFSNAMELEN));
721 strlcpy(osp->f_mntonname, nsp->f_mntonname,
722 MIN(MNAMELEN, OMNAMELEN));
723 strlcpy(osp->f_mntfromname, nsp->f_mntfromname,
724 MIN(MNAMELEN, OMNAMELEN));
725 osp->f_fsid = nsp->f_fsid;
727 #endif /* COMPAT_FREEBSD4 */
730 * Change current working directory to a given file descriptor.
732 #ifndef _SYS_SYSPROTO_H_
740 struct fchdir_args /* {
744 struct vnode *vp, *tdp;
750 AUDIT_ARG_FD(uap->fd);
751 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_FCHDIR),
758 vn_lock(vp, LK_SHARED | LK_RETRY);
759 AUDIT_ARG_VNODE1(vp);
760 error = change_dir(vp, td);
761 while (!error && (mp = vp->v_mountedhere) != NULL) {
764 error = VFS_ROOT(mp, LK_SHARED, &tdp);
781 * Change current working directory (``.'').
783 #ifndef _SYS_SYSPROTO_H_
791 struct chdir_args /* {
796 return (kern_chdir(td, uap->path, UIO_USERSPACE));
800 kern_chdir(struct thread *td, char *path, enum uio_seg pathseg)
805 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
807 if ((error = namei(&nd)) != 0)
809 if ((error = change_dir(nd.ni_vp, td)) != 0) {
811 NDFREE(&nd, NDF_ONLY_PNBUF);
814 VOP_UNLOCK(nd.ni_vp, 0);
815 NDFREE(&nd, NDF_ONLY_PNBUF);
816 pwd_chdir(td, nd.ni_vp);
821 * Change notion of root (``/'') directory.
823 #ifndef _SYS_SYSPROTO_H_
831 struct chroot_args /* {
838 error = priv_check(td, PRIV_VFS_CHROOT);
841 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
842 UIO_USERSPACE, uap->path, td);
846 error = change_dir(nd.ni_vp, td);
850 error = mac_vnode_check_chroot(td->td_ucred, nd.ni_vp);
854 VOP_UNLOCK(nd.ni_vp, 0);
855 error = pwd_chroot(td, nd.ni_vp);
857 NDFREE(&nd, NDF_ONLY_PNBUF);
862 NDFREE(&nd, NDF_ONLY_PNBUF);
867 * Common routine for chroot and chdir. Callers must provide a locked vnode
879 ASSERT_VOP_LOCKED(vp, "change_dir(): vp not locked");
880 if (vp->v_type != VDIR)
883 error = mac_vnode_check_chdir(td->td_ucred, vp);
887 return (VOP_ACCESS(vp, VEXEC, td->td_ucred, td));
891 flags_to_rights(int flags, cap_rights_t *rightsp)
894 if (flags & O_EXEC) {
895 cap_rights_set(rightsp, CAP_FEXECVE);
897 switch ((flags & O_ACCMODE)) {
899 cap_rights_set(rightsp, CAP_READ);
902 cap_rights_set(rightsp, CAP_READ);
905 cap_rights_set(rightsp, CAP_WRITE);
906 if (!(flags & (O_APPEND | O_TRUNC)))
907 cap_rights_set(rightsp, CAP_SEEK);
913 cap_rights_set(rightsp, CAP_CREATE);
916 cap_rights_set(rightsp, CAP_FTRUNCATE);
918 if (flags & (O_SYNC | O_FSYNC))
919 cap_rights_set(rightsp, CAP_FSYNC);
921 if (flags & (O_EXLOCK | O_SHLOCK))
922 cap_rights_set(rightsp, CAP_FLOCK);
926 * Check permissions, allocate an open file structure, and call the device
927 * open routine if any.
929 #ifndef _SYS_SYSPROTO_H_
939 register struct open_args /* {
946 return (kern_openat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
947 uap->flags, uap->mode));
950 #ifndef _SYS_SYSPROTO_H_
959 sys_openat(struct thread *td, struct openat_args *uap)
962 return (kern_openat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
967 kern_openat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
970 struct proc *p = td->td_proc;
971 struct filedesc *fdp = p->p_fd;
976 int cmode, error, indx;
980 AUDIT_ARG_FFLAGS(flags);
981 AUDIT_ARG_MODE(mode);
982 /* XXX: audit dirfd */
983 cap_rights_init(&rights, CAP_LOOKUP);
984 flags_to_rights(flags, &rights);
986 * Only one of the O_EXEC, O_RDONLY, O_WRONLY and O_RDWR flags
989 if (flags & O_EXEC) {
990 if (flags & O_ACCMODE)
992 } else if ((flags & O_ACCMODE) == O_ACCMODE) {
995 flags = FFLAGS(flags);
999 * Allocate a file structure. The descriptor to reference it
1000 * is allocated and set by finstall() below.
1002 error = falloc_noinstall(td, &fp);
1006 * An extra reference on `fp' has been held for us by
1007 * falloc_noinstall().
1009 /* Set the flags early so the finit in devfs can pick them up. */
1010 fp->f_flag = flags & FMASK;
1011 cmode = ((mode & ~fdp->fd_cmask) & ALLPERMS) & ~S_ISTXT;
1012 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | AUDITVNODE1, pathseg, path, fd,
1014 td->td_dupfd = -1; /* XXX check for fdopen */
1015 error = vn_open(&nd, &flags, cmode, fp);
1018 * If the vn_open replaced the method vector, something
1019 * wonderous happened deep below and we just pass it up
1020 * pretending we know what we do.
1022 if (error == ENXIO && fp->f_ops != &badfileops)
1026 * Handle special fdopen() case. bleh.
1028 * Don't do this for relative (capability) lookups; we don't
1029 * understand exactly what would happen, and we don't think
1030 * that it ever should.
1032 if ((nd.ni_lcf & NI_LCF_STRICTRELATIVE) == 0 &&
1033 (error == ENODEV || error == ENXIO) &&
1034 td->td_dupfd >= 0) {
1035 error = dupfdopen(td, fdp, td->td_dupfd, flags, error,
1044 NDFREE(&nd, NDF_ONLY_PNBUF);
1048 * Store the vnode, for any f_type. Typically, the vnode use
1049 * count is decremented by direct call to vn_closefile() for
1050 * files that switched type in the cdevsw fdopen() method.
1054 * If the file wasn't claimed by devfs bind it to the normal
1055 * vnode operations here.
1057 if (fp->f_ops == &badfileops) {
1058 KASSERT(vp->v_type != VFIFO, ("Unexpected fifo."));
1060 finit(fp, (flags & FMASK) | (fp->f_flag & FHASLOCK),
1061 DTYPE_VNODE, vp, &vnops);
1065 if (flags & O_TRUNC) {
1066 error = fo_truncate(fp, 0, td->td_ucred, td);
1072 * If we haven't already installed the FD (for dupfdopen), do so now.
1075 struct filecaps *fcaps;
1078 if ((nd.ni_lcf & NI_LCF_STRICTRELATIVE) != 0)
1079 fcaps = &nd.ni_filecaps;
1083 error = finstall(td, fp, &indx, flags, fcaps);
1084 /* On success finstall() consumes fcaps. */
1086 filecaps_free(&nd.ni_filecaps);
1090 filecaps_free(&nd.ni_filecaps);
1094 * Release our private reference, leaving the one associated with
1095 * the descriptor table intact.
1098 td->td_retval[0] = indx;
1101 KASSERT(indx == -1, ("indx=%d, should be -1", indx));
1110 #ifndef _SYS_SYSPROTO_H_
1111 struct ocreat_args {
1119 register struct ocreat_args /* {
1125 return (kern_openat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1126 O_WRONLY | O_CREAT | O_TRUNC, uap->mode));
1128 #endif /* COMPAT_43 */
1131 * Create a special file.
1133 #ifndef _SYS_SYSPROTO_H_
1143 register struct mknod_args /* {
1150 return (kern_mknodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1151 uap->mode, uap->dev));
1154 #ifndef _SYS_SYSPROTO_H_
1155 struct mknodat_args {
1163 sys_mknodat(struct thread *td, struct mknodat_args *uap)
1166 return (kern_mknodat(td, uap->fd, uap->path, UIO_USERSPACE, uap->mode,
1171 kern_mknodat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1177 struct nameidata nd;
1178 cap_rights_t rights;
1179 int error, whiteout = 0;
1181 AUDIT_ARG_MODE(mode);
1183 switch (mode & S_IFMT) {
1186 error = priv_check(td, PRIV_VFS_MKNOD_DEV);
1187 if (error == 0 && dev == VNOVAL)
1191 error = priv_check(td, PRIV_VFS_MKNOD_BAD);
1194 error = priv_check(td, PRIV_VFS_MKNOD_WHT);
1198 return (kern_mkfifoat(td, fd, path, pathseg, mode));
1208 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
1209 NOCACHE, pathseg, path, fd, cap_rights_init(&rights, CAP_MKNODAT),
1211 if ((error = namei(&nd)) != 0)
1215 NDFREE(&nd, NDF_ONLY_PNBUF);
1216 if (vp == nd.ni_dvp)
1224 vattr.va_mode = (mode & ALLPERMS) &
1225 ~td->td_proc->p_fd->fd_cmask;
1226 vattr.va_rdev = dev;
1229 switch (mode & S_IFMT) {
1230 case S_IFMT: /* used by badsect to flag bad sectors */
1231 vattr.va_type = VBAD;
1234 vattr.va_type = VCHR;
1237 vattr.va_type = VBLK;
1243 panic("kern_mknod: invalid mode");
1246 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1247 NDFREE(&nd, NDF_ONLY_PNBUF);
1249 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1254 if (error == 0 && !whiteout)
1255 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp,
1256 &nd.ni_cnd, &vattr);
1260 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, CREATE);
1262 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp,
1263 &nd.ni_cnd, &vattr);
1268 NDFREE(&nd, NDF_ONLY_PNBUF);
1270 vn_finished_write(mp);
1275 * Create a named pipe.
1277 #ifndef _SYS_SYSPROTO_H_
1278 struct mkfifo_args {
1286 register struct mkfifo_args /* {
1292 return (kern_mkfifoat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1296 #ifndef _SYS_SYSPROTO_H_
1297 struct mkfifoat_args {
1304 sys_mkfifoat(struct thread *td, struct mkfifoat_args *uap)
1307 return (kern_mkfifoat(td, uap->fd, uap->path, UIO_USERSPACE,
1312 kern_mkfifoat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1317 struct nameidata nd;
1318 cap_rights_t rights;
1321 AUDIT_ARG_MODE(mode);
1324 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
1325 NOCACHE, pathseg, path, fd, cap_rights_init(&rights, CAP_MKFIFOAT),
1327 if ((error = namei(&nd)) != 0)
1329 if (nd.ni_vp != NULL) {
1330 NDFREE(&nd, NDF_ONLY_PNBUF);
1331 if (nd.ni_vp == nd.ni_dvp)
1338 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1339 NDFREE(&nd, NDF_ONLY_PNBUF);
1341 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1346 vattr.va_type = VFIFO;
1347 vattr.va_mode = (mode & ALLPERMS) & ~td->td_proc->p_fd->fd_cmask;
1349 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1354 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
1361 vn_finished_write(mp);
1362 NDFREE(&nd, NDF_ONLY_PNBUF);
1367 * Make a hard file link.
1369 #ifndef _SYS_SYSPROTO_H_
1378 register struct link_args /* {
1384 return (kern_linkat(td, AT_FDCWD, AT_FDCWD, uap->path, uap->link,
1385 UIO_USERSPACE, FOLLOW));
1388 #ifndef _SYS_SYSPROTO_H_
1389 struct linkat_args {
1398 sys_linkat(struct thread *td, struct linkat_args *uap)
1403 if (flag & ~AT_SYMLINK_FOLLOW)
1406 return (kern_linkat(td, uap->fd1, uap->fd2, uap->path1, uap->path2,
1407 UIO_USERSPACE, (flag & AT_SYMLINK_FOLLOW) ? FOLLOW : NOFOLLOW));
1410 int hardlink_check_uid = 0;
1411 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_uid, CTLFLAG_RW,
1412 &hardlink_check_uid, 0,
1413 "Unprivileged processes cannot create hard links to files owned by other "
1415 static int hardlink_check_gid = 0;
1416 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_gid, CTLFLAG_RW,
1417 &hardlink_check_gid, 0,
1418 "Unprivileged processes cannot create hard links to files owned by other "
1422 can_hardlink(struct vnode *vp, struct ucred *cred)
1427 if (!hardlink_check_uid && !hardlink_check_gid)
1430 error = VOP_GETATTR(vp, &va, cred);
1434 if (hardlink_check_uid && cred->cr_uid != va.va_uid) {
1435 error = priv_check_cred(cred, PRIV_VFS_LINK, 0);
1440 if (hardlink_check_gid && !groupmember(va.va_gid, cred)) {
1441 error = priv_check_cred(cred, PRIV_VFS_LINK, 0);
1450 kern_linkat(struct thread *td, int fd1, int fd2, char *path1, char *path2,
1451 enum uio_seg segflg, int follow)
1455 struct nameidata nd;
1456 cap_rights_t rights;
1461 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, segflg, path1, fd1,
1462 cap_rights_init(&rights, CAP_LINKAT_SOURCE), td);
1464 if ((error = namei(&nd)) != 0)
1466 NDFREE(&nd, NDF_ONLY_PNBUF);
1468 if (vp->v_type == VDIR) {
1470 return (EPERM); /* POSIX */
1472 NDINIT_ATRIGHTS(&nd, CREATE,
1473 LOCKPARENT | SAVENAME | AUDITVNODE2 | NOCACHE, segflg, path2, fd2,
1474 cap_rights_init(&rights, CAP_LINKAT_TARGET), td);
1475 if ((error = namei(&nd)) == 0) {
1476 if (nd.ni_vp != NULL) {
1477 NDFREE(&nd, NDF_ONLY_PNBUF);
1478 if (nd.ni_dvp == nd.ni_vp)
1485 } else if (nd.ni_dvp->v_mount != vp->v_mount) {
1487 * Cross-device link. No need to recheck
1488 * vp->v_type, since it cannot change, except
1491 NDFREE(&nd, NDF_ONLY_PNBUF);
1495 } else if ((error = vn_lock(vp, LK_EXCLUSIVE)) == 0) {
1496 error = can_hardlink(vp, td->td_ucred);
1499 error = mac_vnode_check_link(td->td_ucred,
1500 nd.ni_dvp, vp, &nd.ni_cnd);
1505 NDFREE(&nd, NDF_ONLY_PNBUF);
1508 error = vn_start_write(vp, &mp, V_NOWAIT);
1512 NDFREE(&nd, NDF_ONLY_PNBUF);
1513 error = vn_start_write(NULL, &mp,
1519 error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
1522 vn_finished_write(mp);
1523 NDFREE(&nd, NDF_ONLY_PNBUF);
1526 NDFREE(&nd, NDF_ONLY_PNBUF);
1536 * Make a symbolic link.
1538 #ifndef _SYS_SYSPROTO_H_
1539 struct symlink_args {
1545 sys_symlink(td, uap)
1547 register struct symlink_args /* {
1553 return (kern_symlinkat(td, uap->path, AT_FDCWD, uap->link,
1557 #ifndef _SYS_SYSPROTO_H_
1558 struct symlinkat_args {
1565 sys_symlinkat(struct thread *td, struct symlinkat_args *uap)
1568 return (kern_symlinkat(td, uap->path1, uap->fd, uap->path2,
1573 kern_symlinkat(struct thread *td, char *path1, int fd, char *path2,
1574 enum uio_seg segflg)
1579 struct nameidata nd;
1581 cap_rights_t rights;
1583 if (segflg == UIO_SYSSPACE) {
1586 syspath = uma_zalloc(namei_zone, M_WAITOK);
1587 if ((error = copyinstr(path1, syspath, MAXPATHLEN, NULL)) != 0)
1590 AUDIT_ARG_TEXT(syspath);
1593 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
1594 NOCACHE, segflg, path2, fd, cap_rights_init(&rights, CAP_SYMLINKAT),
1596 if ((error = namei(&nd)) != 0)
1599 NDFREE(&nd, NDF_ONLY_PNBUF);
1600 if (nd.ni_vp == nd.ni_dvp)
1608 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1609 NDFREE(&nd, NDF_ONLY_PNBUF);
1611 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1616 vattr.va_mode = ACCESSPERMS &~ td->td_proc->p_fd->fd_cmask;
1618 vattr.va_type = VLNK;
1619 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1624 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr, syspath);
1630 NDFREE(&nd, NDF_ONLY_PNBUF);
1632 vn_finished_write(mp);
1634 if (segflg != UIO_SYSSPACE)
1635 uma_zfree(namei_zone, syspath);
1640 * Delete a whiteout from the filesystem.
1643 sys_undelete(td, uap)
1645 register struct undelete_args /* {
1650 struct nameidata nd;
1655 NDINIT(&nd, DELETE, LOCKPARENT | DOWHITEOUT | AUDITVNODE1,
1656 UIO_USERSPACE, uap->path, td);
1661 if (nd.ni_vp != NULLVP || !(nd.ni_cnd.cn_flags & ISWHITEOUT)) {
1662 NDFREE(&nd, NDF_ONLY_PNBUF);
1663 if (nd.ni_vp == nd.ni_dvp)
1671 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1672 NDFREE(&nd, NDF_ONLY_PNBUF);
1674 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1678 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, DELETE);
1679 NDFREE(&nd, NDF_ONLY_PNBUF);
1681 vn_finished_write(mp);
1686 * Delete a name from the filesystem.
1688 #ifndef _SYS_SYSPROTO_H_
1689 struct unlink_args {
1696 struct unlink_args /* {
1701 return (kern_unlinkat(td, AT_FDCWD, uap->path, UIO_USERSPACE, 0));
1704 #ifndef _SYS_SYSPROTO_H_
1705 struct unlinkat_args {
1712 sys_unlinkat(struct thread *td, struct unlinkat_args *uap)
1714 int flag = uap->flag;
1716 char *path = uap->path;
1718 if (flag & ~AT_REMOVEDIR)
1721 if (flag & AT_REMOVEDIR)
1722 return (kern_rmdirat(td, fd, path, UIO_USERSPACE));
1724 return (kern_unlinkat(td, fd, path, UIO_USERSPACE, 0));
1728 kern_unlinkat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1733 struct nameidata nd;
1735 cap_rights_t rights;
1740 NDINIT_ATRIGHTS(&nd, DELETE, LOCKPARENT | LOCKLEAF | AUDITVNODE1,
1741 pathseg, path, fd, cap_rights_init(&rights, CAP_UNLINKAT), td);
1742 if ((error = namei(&nd)) != 0)
1743 return (error == EINVAL ? EPERM : error);
1745 if (vp->v_type == VDIR && oldinum == 0) {
1746 error = EPERM; /* POSIX */
1747 } else if (oldinum != 0 &&
1748 ((error = vn_stat(vp, &sb, td->td_ucred, NOCRED, td)) == 0) &&
1749 sb.st_ino != oldinum) {
1750 error = EIDRM; /* Identifier removed */
1753 * The root of a mounted filesystem cannot be deleted.
1755 * XXX: can this only be a VDIR case?
1757 if (vp->v_vflag & VV_ROOT)
1761 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1762 NDFREE(&nd, NDF_ONLY_PNBUF);
1764 if (vp == nd.ni_dvp)
1768 if ((error = vn_start_write(NULL, &mp,
1769 V_XSLEEP | PCATCH)) != 0)
1774 error = mac_vnode_check_unlink(td->td_ucred, nd.ni_dvp, vp,
1779 vfs_notify_upper(vp, VFS_NOTIFY_UPPER_UNLINK);
1780 error = VOP_REMOVE(nd.ni_dvp, vp, &nd.ni_cnd);
1784 vn_finished_write(mp);
1786 NDFREE(&nd, NDF_ONLY_PNBUF);
1788 if (vp == nd.ni_dvp)
1796 * Reposition read/write file offset.
1798 #ifndef _SYS_SYSPROTO_H_
1807 sys_lseek(struct thread *td, struct lseek_args *uap)
1810 return (kern_lseek(td, uap->fd, uap->offset, uap->whence));
1814 kern_lseek(struct thread *td, int fd, off_t offset, int whence)
1817 cap_rights_t rights;
1821 error = fget(td, fd, cap_rights_init(&rights, CAP_SEEK), &fp);
1824 error = (fp->f_ops->fo_flags & DFLAG_SEEKABLE) != 0 ?
1825 fo_seek(fp, offset, whence, td) : ESPIPE;
1830 #if defined(COMPAT_43)
1832 * Reposition read/write file offset.
1834 #ifndef _SYS_SYSPROTO_H_
1835 struct olseek_args {
1842 olseek(struct thread *td, struct olseek_args *uap)
1845 return (kern_lseek(td, uap->fd, uap->offset, uap->whence));
1847 #endif /* COMPAT_43 */
1849 #if defined(COMPAT_FREEBSD6)
1850 /* Version with the 'pad' argument */
1852 freebsd6_lseek(struct thread *td, struct freebsd6_lseek_args *uap)
1855 return (kern_lseek(td, uap->fd, uap->offset, uap->whence));
1860 * Check access permissions using passed credentials.
1863 vn_access(vp, user_flags, cred, td)
1872 /* Flags == 0 means only check for existence. */
1873 if (user_flags == 0)
1877 if (user_flags & R_OK)
1879 if (user_flags & W_OK)
1881 if (user_flags & X_OK)
1884 error = mac_vnode_check_access(cred, vp, accmode);
1888 if ((accmode & VWRITE) == 0 || (error = vn_writechk(vp)) == 0)
1889 error = VOP_ACCESS(vp, accmode, cred, td);
1894 * Check access permissions using "real" credentials.
1896 #ifndef _SYS_SYSPROTO_H_
1897 struct access_args {
1905 register struct access_args /* {
1911 return (kern_accessat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1915 #ifndef _SYS_SYSPROTO_H_
1916 struct faccessat_args {
1924 sys_faccessat(struct thread *td, struct faccessat_args *uap)
1927 return (kern_accessat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
1932 kern_accessat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1933 int flag, int amode)
1935 struct ucred *cred, *usecred;
1937 struct nameidata nd;
1938 cap_rights_t rights;
1941 if (flag & ~AT_EACCESS)
1943 if (amode != F_OK && (amode & ~(R_OK | W_OK | X_OK)) != 0)
1947 * Create and modify a temporary credential instead of one that
1948 * is potentially shared (if we need one).
1950 cred = td->td_ucred;
1951 if ((flag & AT_EACCESS) == 0 &&
1952 ((cred->cr_uid != cred->cr_ruid ||
1953 cred->cr_rgid != cred->cr_groups[0]))) {
1954 usecred = crdup(cred);
1955 usecred->cr_uid = cred->cr_ruid;
1956 usecred->cr_groups[0] = cred->cr_rgid;
1957 td->td_ucred = usecred;
1960 AUDIT_ARG_VALUE(amode);
1961 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF |
1962 AUDITVNODE1, pathseg, path, fd, cap_rights_init(&rights, CAP_FSTAT),
1964 if ((error = namei(&nd)) != 0)
1968 error = vn_access(vp, amode, usecred, td);
1969 NDFREE(&nd, NDF_ONLY_PNBUF);
1972 if (usecred != cred) {
1973 td->td_ucred = cred;
1980 * Check access permissions using "effective" credentials.
1982 #ifndef _SYS_SYSPROTO_H_
1983 struct eaccess_args {
1989 sys_eaccess(td, uap)
1991 register struct eaccess_args /* {
1997 return (kern_accessat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1998 AT_EACCESS, uap->amode));
2001 #if defined(COMPAT_43)
2003 * Get file status; this version follows links.
2005 #ifndef _SYS_SYSPROTO_H_
2014 register struct ostat_args /* {
2023 error = kern_statat(td, 0, AT_FDCWD, uap->path, UIO_USERSPACE,
2028 return (copyout(&osb, uap->ub, sizeof (osb)));
2032 * Get file status; this version does not follow links.
2034 #ifndef _SYS_SYSPROTO_H_
2035 struct olstat_args {
2043 register struct olstat_args /* {
2052 error = kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->path,
2053 UIO_USERSPACE, &sb, NULL);
2057 return (copyout(&osb, uap->ub, sizeof (osb)));
2061 * Convert from an old to a new stat structure.
2069 bzero(ost, sizeof(*ost));
2070 ost->st_dev = st->st_dev;
2071 ost->st_ino = st->st_ino;
2072 ost->st_mode = st->st_mode;
2073 ost->st_nlink = st->st_nlink;
2074 ost->st_uid = st->st_uid;
2075 ost->st_gid = st->st_gid;
2076 ost->st_rdev = st->st_rdev;
2077 if (st->st_size < (quad_t)1 << 32)
2078 ost->st_size = st->st_size;
2081 ost->st_atim = st->st_atim;
2082 ost->st_mtim = st->st_mtim;
2083 ost->st_ctim = st->st_ctim;
2084 ost->st_blksize = st->st_blksize;
2085 ost->st_blocks = st->st_blocks;
2086 ost->st_flags = st->st_flags;
2087 ost->st_gen = st->st_gen;
2089 #endif /* COMPAT_43 */
2092 * Get file status; this version follows links.
2094 #ifndef _SYS_SYSPROTO_H_
2103 register struct stat_args /* {
2111 error = kern_statat(td, 0, AT_FDCWD, uap->path, UIO_USERSPACE,
2114 error = copyout(&sb, uap->ub, sizeof (sb));
2118 #ifndef _SYS_SYSPROTO_H_
2119 struct fstatat_args {
2127 sys_fstatat(struct thread *td, struct fstatat_args *uap)
2132 error = kern_statat(td, uap->flag, uap->fd, uap->path,
2133 UIO_USERSPACE, &sb, NULL);
2135 error = copyout(&sb, uap->buf, sizeof (sb));
2140 kern_statat(struct thread *td, int flag, int fd, char *path,
2141 enum uio_seg pathseg, struct stat *sbp,
2142 void (*hook)(struct vnode *vp, struct stat *sbp))
2144 struct nameidata nd;
2146 cap_rights_t rights;
2149 if (flag & ~AT_SYMLINK_NOFOLLOW)
2152 NDINIT_ATRIGHTS(&nd, LOOKUP, ((flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW :
2153 FOLLOW) | LOCKSHARED | LOCKLEAF | AUDITVNODE1, pathseg, path, fd,
2154 cap_rights_init(&rights, CAP_FSTAT), td);
2156 if ((error = namei(&nd)) != 0)
2158 error = vn_stat(nd.ni_vp, &sb, td->td_ucred, NOCRED, td);
2160 SDT_PROBE2(vfs, , stat, mode, path, sb.st_mode);
2161 if (S_ISREG(sb.st_mode))
2162 SDT_PROBE2(vfs, , stat, reg, path, pathseg);
2163 if (__predict_false(hook != NULL))
2164 hook(nd.ni_vp, &sb);
2166 NDFREE(&nd, NDF_ONLY_PNBUF);
2172 if (KTRPOINT(td, KTR_STRUCT))
2179 * Get file status; this version does not follow links.
2181 #ifndef _SYS_SYSPROTO_H_
2190 register struct lstat_args /* {
2198 error = kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->path,
2199 UIO_USERSPACE, &sb, NULL);
2201 error = copyout(&sb, uap->ub, sizeof (sb));
2206 * Implementation of the NetBSD [l]stat() functions.
2214 bzero(nsb, sizeof *nsb);
2215 nsb->st_dev = sb->st_dev;
2216 nsb->st_ino = sb->st_ino;
2217 nsb->st_mode = sb->st_mode;
2218 nsb->st_nlink = sb->st_nlink;
2219 nsb->st_uid = sb->st_uid;
2220 nsb->st_gid = sb->st_gid;
2221 nsb->st_rdev = sb->st_rdev;
2222 nsb->st_atim = sb->st_atim;
2223 nsb->st_mtim = sb->st_mtim;
2224 nsb->st_ctim = sb->st_ctim;
2225 nsb->st_size = sb->st_size;
2226 nsb->st_blocks = sb->st_blocks;
2227 nsb->st_blksize = sb->st_blksize;
2228 nsb->st_flags = sb->st_flags;
2229 nsb->st_gen = sb->st_gen;
2230 nsb->st_birthtim = sb->st_birthtim;
2233 #ifndef _SYS_SYSPROTO_H_
2242 register struct nstat_args /* {
2251 error = kern_statat(td, 0, AT_FDCWD, uap->path, UIO_USERSPACE,
2255 cvtnstat(&sb, &nsb);
2256 return (copyout(&nsb, uap->ub, sizeof (nsb)));
2260 * NetBSD lstat. Get file status; this version does not follow links.
2262 #ifndef _SYS_SYSPROTO_H_
2271 register struct nlstat_args /* {
2280 error = kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->path,
2281 UIO_USERSPACE, &sb, NULL);
2284 cvtnstat(&sb, &nsb);
2285 return (copyout(&nsb, uap->ub, sizeof (nsb)));
2289 * Get configurable pathname variables.
2291 #ifndef _SYS_SYSPROTO_H_
2292 struct pathconf_args {
2298 sys_pathconf(td, uap)
2300 register struct pathconf_args /* {
2306 return (kern_pathconf(td, uap->path, UIO_USERSPACE, uap->name, FOLLOW));
2309 #ifndef _SYS_SYSPROTO_H_
2310 struct lpathconf_args {
2316 sys_lpathconf(td, uap)
2318 register struct lpathconf_args /* {
2324 return (kern_pathconf(td, uap->path, UIO_USERSPACE, uap->name,
2329 kern_pathconf(struct thread *td, char *path, enum uio_seg pathseg, int name,
2332 struct nameidata nd;
2335 NDINIT(&nd, LOOKUP, LOCKSHARED | LOCKLEAF | AUDITVNODE1 | flags,
2337 if ((error = namei(&nd)) != 0)
2339 NDFREE(&nd, NDF_ONLY_PNBUF);
2341 error = VOP_PATHCONF(nd.ni_vp, name, td->td_retval);
2347 * Return target name of a symbolic link.
2349 #ifndef _SYS_SYSPROTO_H_
2350 struct readlink_args {
2357 sys_readlink(td, uap)
2359 register struct readlink_args /* {
2366 return (kern_readlinkat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2367 uap->buf, UIO_USERSPACE, uap->count));
2369 #ifndef _SYS_SYSPROTO_H_
2370 struct readlinkat_args {
2378 sys_readlinkat(struct thread *td, struct readlinkat_args *uap)
2381 return (kern_readlinkat(td, uap->fd, uap->path, UIO_USERSPACE,
2382 uap->buf, UIO_USERSPACE, uap->bufsize));
2386 kern_readlinkat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2387 char *buf, enum uio_seg bufseg, size_t count)
2392 struct nameidata nd;
2395 if (count > IOSIZE_MAX)
2398 NDINIT_AT(&nd, LOOKUP, NOFOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
2399 pathseg, path, fd, td);
2401 if ((error = namei(&nd)) != 0)
2403 NDFREE(&nd, NDF_ONLY_PNBUF);
2406 error = mac_vnode_check_readlink(td->td_ucred, vp);
2412 if (vp->v_type != VLNK && (vp->v_vflag & VV_READLINK) == 0)
2415 aiov.iov_base = buf;
2416 aiov.iov_len = count;
2417 auio.uio_iov = &aiov;
2418 auio.uio_iovcnt = 1;
2419 auio.uio_offset = 0;
2420 auio.uio_rw = UIO_READ;
2421 auio.uio_segflg = bufseg;
2423 auio.uio_resid = count;
2424 error = VOP_READLINK(vp, &auio, td->td_ucred);
2425 td->td_retval[0] = count - auio.uio_resid;
2432 * Common implementation code for chflags() and fchflags().
2435 setfflags(td, vp, flags)
2444 /* We can't support the value matching VNOVAL. */
2445 if (flags == VNOVAL)
2446 return (EOPNOTSUPP);
2449 * Prevent non-root users from setting flags on devices. When
2450 * a device is reused, users can retain ownership of the device
2451 * if they are allowed to set flags and programs assume that
2452 * chown can't fail when done as root.
2454 if (vp->v_type == VCHR || vp->v_type == VBLK) {
2455 error = priv_check(td, PRIV_VFS_CHFLAGS_DEV);
2460 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2463 vattr.va_flags = flags;
2464 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2466 error = mac_vnode_check_setflags(td->td_ucred, vp, vattr.va_flags);
2469 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
2471 vn_finished_write(mp);
2476 * Change flags of a file given a path name.
2478 #ifndef _SYS_SYSPROTO_H_
2479 struct chflags_args {
2485 sys_chflags(td, uap)
2487 register struct chflags_args /* {
2493 return (kern_chflagsat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2497 #ifndef _SYS_SYSPROTO_H_
2498 struct chflagsat_args {
2506 sys_chflagsat(struct thread *td, struct chflagsat_args *uap)
2509 const char *path = uap->path;
2510 u_long flags = uap->flags;
2511 int atflag = uap->atflag;
2513 if (atflag & ~AT_SYMLINK_NOFOLLOW)
2516 return (kern_chflagsat(td, fd, path, UIO_USERSPACE, flags, atflag));
2520 * Same as chflags() but doesn't follow symlinks.
2523 sys_lchflags(td, uap)
2525 register struct lchflags_args /* {
2531 return (kern_chflagsat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2532 uap->flags, AT_SYMLINK_NOFOLLOW));
2536 kern_chflagsat(struct thread *td, int fd, const char *path,
2537 enum uio_seg pathseg, u_long flags, int atflag)
2539 struct nameidata nd;
2540 cap_rights_t rights;
2543 AUDIT_ARG_FFLAGS(flags);
2544 follow = (atflag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2545 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, pathseg, path, fd,
2546 cap_rights_init(&rights, CAP_FCHFLAGS), td);
2547 if ((error = namei(&nd)) != 0)
2549 NDFREE(&nd, NDF_ONLY_PNBUF);
2550 error = setfflags(td, nd.ni_vp, flags);
2556 * Change flags of a file given a file descriptor.
2558 #ifndef _SYS_SYSPROTO_H_
2559 struct fchflags_args {
2565 sys_fchflags(td, uap)
2567 register struct fchflags_args /* {
2573 cap_rights_t rights;
2576 AUDIT_ARG_FD(uap->fd);
2577 AUDIT_ARG_FFLAGS(uap->flags);
2578 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_FCHFLAGS),
2583 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
2584 AUDIT_ARG_VNODE1(fp->f_vnode);
2585 VOP_UNLOCK(fp->f_vnode, 0);
2587 error = setfflags(td, fp->f_vnode, uap->flags);
2593 * Common implementation code for chmod(), lchmod() and fchmod().
2596 setfmode(td, cred, vp, mode)
2606 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2608 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2610 vattr.va_mode = mode & ALLPERMS;
2612 error = mac_vnode_check_setmode(cred, vp, vattr.va_mode);
2615 error = VOP_SETATTR(vp, &vattr, cred);
2617 vn_finished_write(mp);
2622 * Change mode of a file given path name.
2624 #ifndef _SYS_SYSPROTO_H_
2633 register struct chmod_args /* {
2639 return (kern_fchmodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2643 #ifndef _SYS_SYSPROTO_H_
2644 struct fchmodat_args {
2652 sys_fchmodat(struct thread *td, struct fchmodat_args *uap)
2654 int flag = uap->flag;
2656 char *path = uap->path;
2657 mode_t mode = uap->mode;
2659 if (flag & ~AT_SYMLINK_NOFOLLOW)
2662 return (kern_fchmodat(td, fd, path, UIO_USERSPACE, mode, flag));
2666 * Change mode of a file given path name (don't follow links.)
2668 #ifndef _SYS_SYSPROTO_H_
2669 struct lchmod_args {
2677 register struct lchmod_args /* {
2683 return (kern_fchmodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2684 uap->mode, AT_SYMLINK_NOFOLLOW));
2688 kern_fchmodat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2689 mode_t mode, int flag)
2691 struct nameidata nd;
2692 cap_rights_t rights;
2695 AUDIT_ARG_MODE(mode);
2696 follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2697 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, pathseg, path, fd,
2698 cap_rights_init(&rights, CAP_FCHMOD), td);
2699 if ((error = namei(&nd)) != 0)
2701 NDFREE(&nd, NDF_ONLY_PNBUF);
2702 error = setfmode(td, td->td_ucred, nd.ni_vp, mode);
2708 * Change mode of a file given a file descriptor.
2710 #ifndef _SYS_SYSPROTO_H_
2711 struct fchmod_args {
2717 sys_fchmod(struct thread *td, struct fchmod_args *uap)
2720 cap_rights_t rights;
2723 AUDIT_ARG_FD(uap->fd);
2724 AUDIT_ARG_MODE(uap->mode);
2726 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_FCHMOD), &fp);
2729 error = fo_chmod(fp, uap->mode, td->td_ucred, td);
2735 * Common implementation for chown(), lchown(), and fchown()
2738 setfown(td, cred, vp, uid, gid)
2749 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2751 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2756 error = mac_vnode_check_setowner(cred, vp, vattr.va_uid,
2760 error = VOP_SETATTR(vp, &vattr, cred);
2762 vn_finished_write(mp);
2767 * Set ownership given a path name.
2769 #ifndef _SYS_SYSPROTO_H_
2779 register struct chown_args /* {
2786 return (kern_fchownat(td, AT_FDCWD, uap->path, UIO_USERSPACE, uap->uid,
2790 #ifndef _SYS_SYSPROTO_H_
2791 struct fchownat_args {
2800 sys_fchownat(struct thread *td, struct fchownat_args *uap)
2805 if (flag & ~AT_SYMLINK_NOFOLLOW)
2808 return (kern_fchownat(td, uap->fd, uap->path, UIO_USERSPACE, uap->uid,
2809 uap->gid, uap->flag));
2813 kern_fchownat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2814 int uid, int gid, int flag)
2816 struct nameidata nd;
2817 cap_rights_t rights;
2820 AUDIT_ARG_OWNER(uid, gid);
2821 follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2822 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, pathseg, path, fd,
2823 cap_rights_init(&rights, CAP_FCHOWN), td);
2825 if ((error = namei(&nd)) != 0)
2827 NDFREE(&nd, NDF_ONLY_PNBUF);
2828 error = setfown(td, td->td_ucred, nd.ni_vp, uid, gid);
2834 * Set ownership given a path name, do not cross symlinks.
2836 #ifndef _SYS_SYSPROTO_H_
2837 struct lchown_args {
2846 register struct lchown_args /* {
2853 return (kern_fchownat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2854 uap->uid, uap->gid, AT_SYMLINK_NOFOLLOW));
2858 * Set ownership given a file descriptor.
2860 #ifndef _SYS_SYSPROTO_H_
2861 struct fchown_args {
2870 register struct fchown_args /* {
2877 cap_rights_t rights;
2880 AUDIT_ARG_FD(uap->fd);
2881 AUDIT_ARG_OWNER(uap->uid, uap->gid);
2882 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_FCHOWN), &fp);
2885 error = fo_chown(fp, uap->uid, uap->gid, td->td_ucred, td);
2891 * Common implementation code for utimes(), lutimes(), and futimes().
2894 getutimes(usrtvp, tvpseg, tsp)
2895 const struct timeval *usrtvp;
2896 enum uio_seg tvpseg;
2897 struct timespec *tsp;
2899 struct timeval tv[2];
2900 const struct timeval *tvp;
2903 if (usrtvp == NULL) {
2904 vfs_timestamp(&tsp[0]);
2907 if (tvpseg == UIO_SYSSPACE) {
2910 if ((error = copyin(usrtvp, tv, sizeof(tv))) != 0)
2915 if (tvp[0].tv_usec < 0 || tvp[0].tv_usec >= 1000000 ||
2916 tvp[1].tv_usec < 0 || tvp[1].tv_usec >= 1000000)
2918 TIMEVAL_TO_TIMESPEC(&tvp[0], &tsp[0]);
2919 TIMEVAL_TO_TIMESPEC(&tvp[1], &tsp[1]);
2925 * Common implementation code for futimens(), utimensat().
2927 #define UTIMENS_NULL 0x1
2928 #define UTIMENS_EXIT 0x2
2930 getutimens(const struct timespec *usrtsp, enum uio_seg tspseg,
2931 struct timespec *tsp, int *retflags)
2933 struct timespec tsnow;
2936 vfs_timestamp(&tsnow);
2938 if (usrtsp == NULL) {
2941 *retflags |= UTIMENS_NULL;
2944 if (tspseg == UIO_SYSSPACE) {
2947 } else if ((error = copyin(usrtsp, tsp, sizeof(*tsp) * 2)) != 0)
2949 if (tsp[0].tv_nsec == UTIME_OMIT && tsp[1].tv_nsec == UTIME_OMIT)
2950 *retflags |= UTIMENS_EXIT;
2951 if (tsp[0].tv_nsec == UTIME_NOW && tsp[1].tv_nsec == UTIME_NOW)
2952 *retflags |= UTIMENS_NULL;
2953 if (tsp[0].tv_nsec == UTIME_OMIT)
2954 tsp[0].tv_sec = VNOVAL;
2955 else if (tsp[0].tv_nsec == UTIME_NOW)
2957 else if (tsp[0].tv_nsec < 0 || tsp[0].tv_nsec >= 1000000000L)
2959 if (tsp[1].tv_nsec == UTIME_OMIT)
2960 tsp[1].tv_sec = VNOVAL;
2961 else if (tsp[1].tv_nsec == UTIME_NOW)
2963 else if (tsp[1].tv_nsec < 0 || tsp[1].tv_nsec >= 1000000000L)
2970 * Common implementation code for utimes(), lutimes(), futimes(), futimens(),
2974 setutimes(td, vp, ts, numtimes, nullflag)
2977 const struct timespec *ts;
2983 int error, setbirthtime;
2985 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2987 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2989 if (numtimes < 3 && !VOP_GETATTR(vp, &vattr, td->td_ucred) &&
2990 timespeccmp(&ts[1], &vattr.va_birthtime, < ))
2993 vattr.va_atime = ts[0];
2994 vattr.va_mtime = ts[1];
2996 vattr.va_birthtime = ts[1];
2998 vattr.va_birthtime = ts[2];
3000 vattr.va_vaflags |= VA_UTIMES_NULL;
3002 error = mac_vnode_check_setutimes(td->td_ucred, vp, vattr.va_atime,
3006 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
3008 vn_finished_write(mp);
3013 * Set the access and modification times of a file.
3015 #ifndef _SYS_SYSPROTO_H_
3016 struct utimes_args {
3018 struct timeval *tptr;
3024 register struct utimes_args /* {
3026 struct timeval *tptr;
3030 return (kern_utimesat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
3031 uap->tptr, UIO_USERSPACE));
3034 #ifndef _SYS_SYSPROTO_H_
3035 struct futimesat_args {
3038 const struct timeval * times;
3042 sys_futimesat(struct thread *td, struct futimesat_args *uap)
3045 return (kern_utimesat(td, uap->fd, uap->path, UIO_USERSPACE,
3046 uap->times, UIO_USERSPACE));
3050 kern_utimesat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
3051 struct timeval *tptr, enum uio_seg tptrseg)
3053 struct nameidata nd;
3054 struct timespec ts[2];
3055 cap_rights_t rights;
3058 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
3060 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | AUDITVNODE1, pathseg, path, fd,
3061 cap_rights_init(&rights, CAP_FUTIMES), td);
3063 if ((error = namei(&nd)) != 0)
3065 NDFREE(&nd, NDF_ONLY_PNBUF);
3066 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
3072 * Set the access and modification times of a file.
3074 #ifndef _SYS_SYSPROTO_H_
3075 struct lutimes_args {
3077 struct timeval *tptr;
3081 sys_lutimes(td, uap)
3083 register struct lutimes_args /* {
3085 struct timeval *tptr;
3089 return (kern_lutimes(td, uap->path, UIO_USERSPACE, uap->tptr,
3094 kern_lutimes(struct thread *td, char *path, enum uio_seg pathseg,
3095 struct timeval *tptr, enum uio_seg tptrseg)
3097 struct timespec ts[2];
3098 struct nameidata nd;
3101 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
3103 NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNODE1, pathseg, path, td);
3104 if ((error = namei(&nd)) != 0)
3106 NDFREE(&nd, NDF_ONLY_PNBUF);
3107 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
3113 * Set the access and modification times of a file.
3115 #ifndef _SYS_SYSPROTO_H_
3116 struct futimes_args {
3118 struct timeval *tptr;
3122 sys_futimes(td, uap)
3124 register struct futimes_args /* {
3126 struct timeval *tptr;
3130 return (kern_futimes(td, uap->fd, uap->tptr, UIO_USERSPACE));
3134 kern_futimes(struct thread *td, int fd, struct timeval *tptr,
3135 enum uio_seg tptrseg)
3137 struct timespec ts[2];
3139 cap_rights_t rights;
3143 error = getutimes(tptr, tptrseg, ts);
3146 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FUTIMES), &fp);
3150 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
3151 AUDIT_ARG_VNODE1(fp->f_vnode);
3152 VOP_UNLOCK(fp->f_vnode, 0);
3154 error = setutimes(td, fp->f_vnode, ts, 2, tptr == NULL);
3160 sys_futimens(struct thread *td, struct futimens_args *uap)
3163 return (kern_futimens(td, uap->fd, uap->times, UIO_USERSPACE));
3167 kern_futimens(struct thread *td, int fd, struct timespec *tptr,
3168 enum uio_seg tptrseg)
3170 struct timespec ts[2];
3172 cap_rights_t rights;
3176 error = getutimens(tptr, tptrseg, ts, &flags);
3179 if (flags & UTIMENS_EXIT)
3181 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FUTIMES), &fp);
3185 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
3186 AUDIT_ARG_VNODE1(fp->f_vnode);
3187 VOP_UNLOCK(fp->f_vnode, 0);
3189 error = setutimes(td, fp->f_vnode, ts, 2, flags & UTIMENS_NULL);
3195 sys_utimensat(struct thread *td, struct utimensat_args *uap)
3198 return (kern_utimensat(td, uap->fd, uap->path, UIO_USERSPACE,
3199 uap->times, UIO_USERSPACE, uap->flag));
3203 kern_utimensat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
3204 struct timespec *tptr, enum uio_seg tptrseg, int flag)
3206 struct nameidata nd;
3207 struct timespec ts[2];
3208 cap_rights_t rights;
3211 if (flag & ~AT_SYMLINK_NOFOLLOW)
3214 if ((error = getutimens(tptr, tptrseg, ts, &flags)) != 0)
3216 NDINIT_ATRIGHTS(&nd, LOOKUP, ((flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW :
3217 FOLLOW) | AUDITVNODE1, pathseg, path, fd,
3218 cap_rights_init(&rights, CAP_FUTIMES), td);
3219 if ((error = namei(&nd)) != 0)
3222 * We are allowed to call namei() regardless of 2xUTIME_OMIT.
3224 * "If both tv_nsec fields are UTIME_OMIT... EACCESS may be detected."
3225 * "Search permission is denied by a component of the path prefix."
3227 NDFREE(&nd, NDF_ONLY_PNBUF);
3228 if ((flags & UTIMENS_EXIT) == 0)
3229 error = setutimes(td, nd.ni_vp, ts, 2, flags & UTIMENS_NULL);
3235 * Truncate a file given its path name.
3237 #ifndef _SYS_SYSPROTO_H_
3238 struct truncate_args {
3245 sys_truncate(td, uap)
3247 register struct truncate_args /* {
3254 return (kern_truncate(td, uap->path, UIO_USERSPACE, uap->length));
3258 kern_truncate(struct thread *td, char *path, enum uio_seg pathseg, off_t length)
3264 struct nameidata nd;
3269 NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1, pathseg, path, td);
3270 if ((error = namei(&nd)) != 0)
3273 rl_cookie = vn_rangelock_wlock(vp, 0, OFF_MAX);
3274 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0) {
3275 vn_rangelock_unlock(vp, rl_cookie);
3279 NDFREE(&nd, NDF_ONLY_PNBUF);
3280 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
3281 if (vp->v_type == VDIR)
3284 else if ((error = mac_vnode_check_write(td->td_ucred, NOCRED, vp))) {
3287 else if ((error = vn_writechk(vp)) == 0 &&
3288 (error = VOP_ACCESS(vp, VWRITE, td->td_ucred, td)) == 0) {
3290 vattr.va_size = length;
3291 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
3294 vn_finished_write(mp);
3295 vn_rangelock_unlock(vp, rl_cookie);
3300 #if defined(COMPAT_43)
3302 * Truncate a file given its path name.
3304 #ifndef _SYS_SYSPROTO_H_
3305 struct otruncate_args {
3311 otruncate(struct thread *td, struct otruncate_args *uap)
3314 return (kern_truncate(td, uap->path, UIO_USERSPACE, uap->length));
3316 #endif /* COMPAT_43 */
3318 #if defined(COMPAT_FREEBSD6)
3319 /* Versions with the pad argument */
3321 freebsd6_truncate(struct thread *td, struct freebsd6_truncate_args *uap)
3324 return (kern_truncate(td, uap->path, UIO_USERSPACE, uap->length));
3328 freebsd6_ftruncate(struct thread *td, struct freebsd6_ftruncate_args *uap)
3331 return (kern_ftruncate(td, uap->fd, uap->length));
3336 kern_fsync(struct thread *td, int fd, bool fullsync)
3341 cap_rights_t rights;
3342 int error, lock_flags;
3345 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FSYNC), &fp);
3351 /* XXXKIB: compete outstanding aio writes */;
3353 error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
3356 if (MNT_SHARED_WRITES(mp) ||
3357 ((mp == NULL) && MNT_SHARED_WRITES(vp->v_mount))) {
3358 lock_flags = LK_SHARED;
3360 lock_flags = LK_EXCLUSIVE;
3362 vn_lock(vp, lock_flags | LK_RETRY);
3363 AUDIT_ARG_VNODE1(vp);
3364 if (vp->v_object != NULL) {
3365 VM_OBJECT_WLOCK(vp->v_object);
3366 vm_object_page_clean(vp->v_object, 0, 0, 0);
3367 VM_OBJECT_WUNLOCK(vp->v_object);
3369 error = fullsync ? VOP_FSYNC(vp, MNT_WAIT, td) : VOP_FDATASYNC(vp, td);
3371 vn_finished_write(mp);
3378 * Sync an open file.
3380 #ifndef _SYS_SYSPROTO_H_
3386 sys_fsync(struct thread *td, struct fsync_args *uap)
3389 return (kern_fsync(td, uap->fd, true));
3393 sys_fdatasync(struct thread *td, struct fdatasync_args *uap)
3396 return (kern_fsync(td, uap->fd, false));
3400 * Rename files. Source and destination must either both be directories, or
3401 * both not be directories. If target is a directory, it must be empty.
3403 #ifndef _SYS_SYSPROTO_H_
3404 struct rename_args {
3412 register struct rename_args /* {
3418 return (kern_renameat(td, AT_FDCWD, uap->from, AT_FDCWD,
3419 uap->to, UIO_USERSPACE));
3422 #ifndef _SYS_SYSPROTO_H_
3423 struct renameat_args {
3431 sys_renameat(struct thread *td, struct renameat_args *uap)
3434 return (kern_renameat(td, uap->oldfd, uap->old, uap->newfd, uap->new,
3439 kern_renameat(struct thread *td, int oldfd, char *old, int newfd, char *new,
3440 enum uio_seg pathseg)
3442 struct mount *mp = NULL;
3443 struct vnode *tvp, *fvp, *tdvp;
3444 struct nameidata fromnd, tond;
3445 cap_rights_t rights;
3451 NDINIT_ATRIGHTS(&fromnd, DELETE, LOCKPARENT | LOCKLEAF | SAVESTART |
3452 AUDITVNODE1, pathseg, old, oldfd,
3453 cap_rights_init(&rights, CAP_RENAMEAT_SOURCE), td);
3455 NDINIT_ATRIGHTS(&fromnd, DELETE, WANTPARENT | SAVESTART | AUDITVNODE1,
3456 pathseg, old, oldfd,
3457 cap_rights_init(&rights, CAP_RENAMEAT_SOURCE), td);
3460 if ((error = namei(&fromnd)) != 0)
3463 error = mac_vnode_check_rename_from(td->td_ucred, fromnd.ni_dvp,
3464 fromnd.ni_vp, &fromnd.ni_cnd);
3465 VOP_UNLOCK(fromnd.ni_dvp, 0);
3466 if (fromnd.ni_dvp != fromnd.ni_vp)
3467 VOP_UNLOCK(fromnd.ni_vp, 0);
3470 NDINIT_ATRIGHTS(&tond, RENAME, LOCKPARENT | LOCKLEAF | NOCACHE |
3471 SAVESTART | AUDITVNODE2, pathseg, new, newfd,
3472 cap_rights_init(&rights, CAP_RENAMEAT_TARGET), td);
3473 if (fromnd.ni_vp->v_type == VDIR)
3474 tond.ni_cnd.cn_flags |= WILLBEDIR;
3475 if ((error = namei(&tond)) != 0) {
3476 /* Translate error code for rename("dir1", "dir2/."). */
3477 if (error == EISDIR && fvp->v_type == VDIR)
3479 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3480 vrele(fromnd.ni_dvp);
3486 error = vn_start_write(fvp, &mp, V_NOWAIT);
3488 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3489 NDFREE(&tond, NDF_ONLY_PNBUF);
3496 vrele(fromnd.ni_dvp);
3498 vrele(tond.ni_startdir);
3499 if (fromnd.ni_startdir != NULL)
3500 vrele(fromnd.ni_startdir);
3501 error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH);
3507 if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
3510 } else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
3515 if (newfd != AT_FDCWD) {
3517 * If the target already exists we require CAP_UNLINKAT
3520 error = cap_check(&tond.ni_filecaps.fc_rights,
3521 cap_rights_init(&rights, CAP_UNLINKAT));
3532 * If the source is the same as the destination (that is, if they
3533 * are links to the same vnode), then there is nothing to do.
3539 error = mac_vnode_check_rename_to(td->td_ucred, tdvp,
3540 tond.ni_vp, fromnd.ni_dvp == tdvp, &tond.ni_cnd);
3544 error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
3545 tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
3546 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3547 NDFREE(&tond, NDF_ONLY_PNBUF);
3549 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3550 NDFREE(&tond, NDF_ONLY_PNBUF);
3557 vrele(fromnd.ni_dvp);
3560 vrele(tond.ni_startdir);
3561 vn_finished_write(mp);
3563 if (fromnd.ni_startdir)
3564 vrele(fromnd.ni_startdir);
3571 * Make a directory file.
3573 #ifndef _SYS_SYSPROTO_H_
3582 register struct mkdir_args /* {
3588 return (kern_mkdirat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
3592 #ifndef _SYS_SYSPROTO_H_
3593 struct mkdirat_args {
3600 sys_mkdirat(struct thread *td, struct mkdirat_args *uap)
3603 return (kern_mkdirat(td, uap->fd, uap->path, UIO_USERSPACE, uap->mode));
3607 kern_mkdirat(struct thread *td, int fd, char *path, enum uio_seg segflg,
3613 struct nameidata nd;
3614 cap_rights_t rights;
3617 AUDIT_ARG_MODE(mode);
3620 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
3621 NOCACHE, segflg, path, fd, cap_rights_init(&rights, CAP_MKDIRAT),
3623 nd.ni_cnd.cn_flags |= WILLBEDIR;
3624 if ((error = namei(&nd)) != 0)
3628 NDFREE(&nd, NDF_ONLY_PNBUF);
3630 * XXX namei called with LOCKPARENT but not LOCKLEAF has
3631 * the strange behaviour of leaving the vnode unlocked
3632 * if the target is the same vnode as the parent.
3634 if (vp == nd.ni_dvp)
3641 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3642 NDFREE(&nd, NDF_ONLY_PNBUF);
3644 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3649 vattr.va_type = VDIR;
3650 vattr.va_mode = (mode & ACCESSPERMS) &~ td->td_proc->p_fd->fd_cmask;
3652 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
3657 error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
3661 NDFREE(&nd, NDF_ONLY_PNBUF);
3665 vn_finished_write(mp);
3670 * Remove a directory file.
3672 #ifndef _SYS_SYSPROTO_H_
3680 struct rmdir_args /* {
3685 return (kern_rmdirat(td, AT_FDCWD, uap->path, UIO_USERSPACE));
3689 kern_rmdirat(struct thread *td, int fd, char *path, enum uio_seg pathseg)
3693 struct nameidata nd;
3694 cap_rights_t rights;
3699 NDINIT_ATRIGHTS(&nd, DELETE, LOCKPARENT | LOCKLEAF | AUDITVNODE1,
3700 pathseg, path, fd, cap_rights_init(&rights, CAP_UNLINKAT), td);
3701 if ((error = namei(&nd)) != 0)
3704 if (vp->v_type != VDIR) {
3709 * No rmdir "." please.
3711 if (nd.ni_dvp == vp) {
3716 * The root of a mounted filesystem cannot be deleted.
3718 if (vp->v_vflag & VV_ROOT) {
3723 error = mac_vnode_check_unlink(td->td_ucred, nd.ni_dvp, vp,
3728 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3729 NDFREE(&nd, NDF_ONLY_PNBUF);
3731 if (nd.ni_dvp == vp)
3735 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3739 vfs_notify_upper(vp, VFS_NOTIFY_UPPER_UNLINK);
3740 error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
3741 vn_finished_write(mp);
3743 NDFREE(&nd, NDF_ONLY_PNBUF);
3745 if (nd.ni_dvp == vp)
3754 * Read a block of directory entries in a filesystem independent format.
3756 #ifndef _SYS_SYSPROTO_H_
3757 struct ogetdirentries_args {
3765 ogetdirentries(struct thread *td, struct ogetdirentries_args *uap)
3770 error = kern_ogetdirentries(td, uap, &loff);
3772 error = copyout(&loff, uap->basep, sizeof(long));
3777 kern_ogetdirentries(struct thread *td, struct ogetdirentries_args *uap,
3782 struct uio auio, kuio;
3783 struct iovec aiov, kiov;
3784 struct dirent *dp, *edp;
3785 cap_rights_t rights;
3787 int error, eofflag, readcnt;
3791 /* XXX arbitrary sanity limit on `count'. */
3792 if (uap->count > 64 * 1024)
3794 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_READ), &fp);
3797 if ((fp->f_flag & FREAD) == 0) {
3802 foffset = foffset_lock(fp, 0);
3804 if (vp->v_type != VDIR) {
3805 foffset_unlock(fp, foffset, 0);
3809 aiov.iov_base = uap->buf;
3810 aiov.iov_len = uap->count;
3811 auio.uio_iov = &aiov;
3812 auio.uio_iovcnt = 1;
3813 auio.uio_rw = UIO_READ;
3814 auio.uio_segflg = UIO_USERSPACE;
3816 auio.uio_resid = uap->count;
3817 vn_lock(vp, LK_SHARED | LK_RETRY);
3818 loff = auio.uio_offset = foffset;
3820 error = mac_vnode_check_readdir(td->td_ucred, vp);
3823 foffset_unlock(fp, foffset, FOF_NOUPDATE);
3828 # if (BYTE_ORDER != LITTLE_ENDIAN)
3829 if (vp->v_mount->mnt_maxsymlinklen <= 0) {
3830 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag,
3832 foffset = auio.uio_offset;
3837 kuio.uio_iov = &kiov;
3838 kuio.uio_segflg = UIO_SYSSPACE;
3839 kiov.iov_len = uap->count;
3840 dirbuf = malloc(uap->count, M_TEMP, M_WAITOK);
3841 kiov.iov_base = dirbuf;
3842 error = VOP_READDIR(vp, &kuio, fp->f_cred, &eofflag,
3844 foffset = kuio.uio_offset;
3846 readcnt = uap->count - kuio.uio_resid;
3847 edp = (struct dirent *)&dirbuf[readcnt];
3848 for (dp = (struct dirent *)dirbuf; dp < edp; ) {
3849 # if (BYTE_ORDER == LITTLE_ENDIAN)
3851 * The expected low byte of
3852 * dp->d_namlen is our dp->d_type.
3853 * The high MBZ byte of dp->d_namlen
3854 * is our dp->d_namlen.
3856 dp->d_type = dp->d_namlen;
3860 * The dp->d_type is the high byte
3861 * of the expected dp->d_namlen,
3862 * so must be zero'ed.
3866 if (dp->d_reclen > 0) {
3867 dp = (struct dirent *)
3868 ((char *)dp + dp->d_reclen);
3875 error = uiomove(dirbuf, readcnt, &auio);
3877 free(dirbuf, M_TEMP);
3881 foffset_unlock(fp, foffset, 0);
3885 if (uap->count == auio.uio_resid &&
3886 (vp->v_vflag & VV_ROOT) &&
3887 (vp->v_mount->mnt_flag & MNT_UNION)) {
3888 struct vnode *tvp = vp;
3889 vp = vp->v_mount->mnt_vnodecovered;
3898 foffset_unlock(fp, foffset, 0);
3900 td->td_retval[0] = uap->count - auio.uio_resid;
3905 #endif /* COMPAT_43 */
3908 * Read a block of directory entries in a filesystem independent format.
3910 #ifndef _SYS_SYSPROTO_H_
3911 struct getdirentries_args {
3919 sys_getdirentries(td, uap)
3921 register struct getdirentries_args /* {
3931 error = kern_getdirentries(td, uap->fd, uap->buf, uap->count, &base,
3932 NULL, UIO_USERSPACE);
3935 if (uap->basep != NULL)
3936 error = copyout(&base, uap->basep, sizeof(long));
3941 kern_getdirentries(struct thread *td, int fd, char *buf, u_int count,
3942 long *basep, ssize_t *residp, enum uio_seg bufseg)
3948 cap_rights_t rights;
3954 if (count > IOSIZE_MAX)
3956 auio.uio_resid = count;
3957 error = getvnode(td, fd, cap_rights_init(&rights, CAP_READ), &fp);
3960 if ((fp->f_flag & FREAD) == 0) {
3965 foffset = foffset_lock(fp, 0);
3967 if (vp->v_type != VDIR) {
3971 aiov.iov_base = buf;
3972 aiov.iov_len = count;
3973 auio.uio_iov = &aiov;
3974 auio.uio_iovcnt = 1;
3975 auio.uio_rw = UIO_READ;
3976 auio.uio_segflg = bufseg;
3978 vn_lock(vp, LK_SHARED | LK_RETRY);
3979 AUDIT_ARG_VNODE1(vp);
3980 loff = auio.uio_offset = foffset;
3982 error = mac_vnode_check_readdir(td->td_ucred, vp);
3985 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, NULL,
3987 foffset = auio.uio_offset;
3992 if (count == auio.uio_resid &&
3993 (vp->v_vflag & VV_ROOT) &&
3994 (vp->v_mount->mnt_flag & MNT_UNION)) {
3995 struct vnode *tvp = vp;
3997 vp = vp->v_mount->mnt_vnodecovered;
4008 *residp = auio.uio_resid;
4009 td->td_retval[0] = count - auio.uio_resid;
4011 foffset_unlock(fp, foffset, 0);
4016 #ifndef _SYS_SYSPROTO_H_
4017 struct getdents_args {
4024 sys_getdents(td, uap)
4026 register struct getdents_args /* {
4032 struct getdirentries_args ap;
4036 ap.count = uap->count;
4038 return (sys_getdirentries(td, &ap));
4042 * Set the mode mask for creation of filesystem nodes.
4044 #ifndef _SYS_SYSPROTO_H_
4052 struct umask_args /* {
4056 struct filedesc *fdp;
4058 fdp = td->td_proc->p_fd;
4059 FILEDESC_XLOCK(fdp);
4060 td->td_retval[0] = fdp->fd_cmask;
4061 fdp->fd_cmask = uap->newmask & ALLPERMS;
4062 FILEDESC_XUNLOCK(fdp);
4067 * Void all references to file by ripping underlying filesystem away from
4070 #ifndef _SYS_SYSPROTO_H_
4071 struct revoke_args {
4078 register struct revoke_args /* {
4084 struct nameidata nd;
4087 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
4089 if ((error = namei(&nd)) != 0)
4092 NDFREE(&nd, NDF_ONLY_PNBUF);
4093 if (vp->v_type != VCHR || vp->v_rdev == NULL) {
4098 error = mac_vnode_check_revoke(td->td_ucred, vp);
4102 error = VOP_GETATTR(vp, &vattr, td->td_ucred);
4105 if (td->td_ucred->cr_uid != vattr.va_uid) {
4106 error = priv_check(td, PRIV_VFS_ADMIN);
4111 VOP_REVOKE(vp, REVOKEALL);
4118 * Convert a user file descriptor to a kernel file entry and check that, if it
4119 * is a capability, the correct rights are present. A reference on the file
4120 * entry is held upon returning.
4123 getvnode(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp)
4128 error = fget_unlocked(td->td_proc->p_fd, fd, rightsp, &fp, NULL);
4133 * The file could be not of the vnode type, or it may be not
4134 * yet fully initialized, in which case the f_vnode pointer
4135 * may be set, but f_ops is still badfileops. E.g.,
4136 * devfs_open() transiently create such situation to
4137 * facilitate csw d_fdopen().
4139 * Dupfdopen() handling in kern_openat() installs the
4140 * half-baked file into the process descriptor table, allowing
4141 * other thread to dereference it. Guard against the race by
4144 if (fp->f_vnode == NULL || fp->f_ops == &badfileops) {
4154 * Get an (NFS) file handle.
4156 #ifndef _SYS_SYSPROTO_H_
4157 struct lgetfh_args {
4165 register struct lgetfh_args *uap;
4167 struct nameidata nd;
4169 register struct vnode *vp;
4172 error = priv_check(td, PRIV_VFS_GETFH);
4175 NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
4180 NDFREE(&nd, NDF_ONLY_PNBUF);
4182 bzero(&fh, sizeof(fh));
4183 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
4184 error = VOP_VPTOFH(vp, &fh.fh_fid);
4187 error = copyout(&fh, uap->fhp, sizeof (fh));
4191 #ifndef _SYS_SYSPROTO_H_
4200 register struct getfh_args *uap;
4202 struct nameidata nd;
4204 register struct vnode *vp;
4207 error = priv_check(td, PRIV_VFS_GETFH);
4210 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
4215 NDFREE(&nd, NDF_ONLY_PNBUF);
4217 bzero(&fh, sizeof(fh));
4218 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
4219 error = VOP_VPTOFH(vp, &fh.fh_fid);
4222 error = copyout(&fh, uap->fhp, sizeof (fh));
4227 * syscall for the rpc.lockd to use to translate a NFS file handle into an
4230 * warning: do not remove the priv_check() call or this becomes one giant
4233 #ifndef _SYS_SYSPROTO_H_
4234 struct fhopen_args {
4235 const struct fhandle *u_fhp;
4242 struct fhopen_args /* {
4243 const struct fhandle *u_fhp;
4254 error = priv_check(td, PRIV_VFS_FHOPEN);
4258 fmode = FFLAGS(uap->flags);
4259 /* why not allow a non-read/write open for our lockd? */
4260 if (((fmode & (FREAD | FWRITE)) == 0) || (fmode & O_CREAT))
4262 error = copyin(uap->u_fhp, &fhp, sizeof(fhp));
4265 /* find the mount point */
4266 mp = vfs_busyfs(&fhp.fh_fsid);
4269 /* now give me my vnode, it gets returned to me locked */
4270 error = VFS_FHTOVP(mp, &fhp.fh_fid, LK_EXCLUSIVE, &vp);
4275 error = falloc_noinstall(td, &fp);
4281 * An extra reference on `fp' has been held for us by
4282 * falloc_noinstall().
4288 error = vn_open_vnode(vp, fmode, td->td_ucred, td, fp);
4290 KASSERT(fp->f_ops == &badfileops,
4291 ("VOP_OPEN in fhopen() set f_ops"));
4292 KASSERT(td->td_dupfd < 0,
4293 ("fhopen() encountered fdopen()"));
4303 finit(fp, (fmode & FMASK) | (fp->f_flag & FHASLOCK), DTYPE_VNODE, vp,
4306 if ((fmode & O_TRUNC) != 0) {
4307 error = fo_truncate(fp, 0, td->td_ucred, td);
4312 error = finstall(td, fp, &indx, fmode, NULL);
4315 td->td_retval[0] = indx;
4320 * Stat an (NFS) file handle.
4322 #ifndef _SYS_SYSPROTO_H_
4323 struct fhstat_args {
4324 struct fhandle *u_fhp;
4331 register struct fhstat_args /* {
4332 struct fhandle *u_fhp;
4340 error = copyin(uap->u_fhp, &fh, sizeof(fh));
4343 error = kern_fhstat(td, fh, &sb);
4345 error = copyout(&sb, uap->sb, sizeof(sb));
4350 kern_fhstat(struct thread *td, struct fhandle fh, struct stat *sb)
4356 error = priv_check(td, PRIV_VFS_FHSTAT);
4359 if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL)
4361 error = VFS_FHTOVP(mp, &fh.fh_fid, LK_EXCLUSIVE, &vp);
4365 error = vn_stat(vp, sb, td->td_ucred, NOCRED, td);
4371 * Implement fstatfs() for (NFS) file handles.
4373 #ifndef _SYS_SYSPROTO_H_
4374 struct fhstatfs_args {
4375 struct fhandle *u_fhp;
4380 sys_fhstatfs(td, uap)
4382 struct fhstatfs_args /* {
4383 struct fhandle *u_fhp;
4391 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
4394 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
4395 error = kern_fhstatfs(td, fh, sfp);
4397 error = copyout(sfp, uap->buf, sizeof(*sfp));
4398 free(sfp, M_STATFS);
4403 kern_fhstatfs(struct thread *td, fhandle_t fh, struct statfs *buf)
4410 error = priv_check(td, PRIV_VFS_FHSTATFS);
4413 if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL)
4415 error = VFS_FHTOVP(mp, &fh.fh_fid, LK_EXCLUSIVE, &vp);
4421 error = prison_canseemount(td->td_ucred, mp);
4425 error = mac_mount_check_stat(td->td_ucred, mp);
4430 * Set these in case the underlying filesystem fails to do so.
4433 sp->f_version = STATFS_VERSION;
4434 sp->f_namemax = NAME_MAX;
4435 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
4436 error = VFS_STATFS(mp, sp);
4445 kern_posix_fallocate(struct thread *td, int fd, off_t offset, off_t len)
4450 cap_rights_t rights;
4451 off_t olen, ooffset;
4454 if (offset < 0 || len <= 0)
4456 /* Check for wrap. */
4457 if (offset > OFF_MAX - len)
4459 error = fget(td, fd, cap_rights_init(&rights, CAP_WRITE), &fp);
4462 if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
4466 if ((fp->f_flag & FWRITE) == 0) {
4470 if (fp->f_type != DTYPE_VNODE) {
4475 if (vp->v_type != VREG) {
4480 /* Allocating blocks may take a long time, so iterate. */
4487 error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
4490 error = vn_lock(vp, LK_EXCLUSIVE);
4492 vn_finished_write(mp);
4496 error = mac_vnode_check_write(td->td_ucred, fp->f_cred, vp);
4499 error = VOP_ALLOCATE(vp, &offset, &len);
4501 vn_finished_write(mp);
4503 if (olen + ooffset != offset + len) {
4504 panic("offset + len changed from %jx/%jx to %jx/%jx",
4505 ooffset, olen, offset, len);
4507 if (error != 0 || len == 0)
4509 KASSERT(olen > len, ("Iteration did not make progress?"));
4518 sys_posix_fallocate(struct thread *td, struct posix_fallocate_args *uap)
4522 error = kern_posix_fallocate(td, uap->fd, uap->offset, uap->len);
4523 return (kern_posix_error(td, error));
4527 * Unlike madvise(2), we do not make a best effort to remember every
4528 * possible caching hint. Instead, we remember the last setting with
4529 * the exception that we will allow POSIX_FADV_NORMAL to adjust the
4530 * region of any current setting.
4533 kern_posix_fadvise(struct thread *td, int fd, off_t offset, off_t len,
4536 struct fadvise_info *fa, *new;
4539 cap_rights_t rights;
4543 if (offset < 0 || len < 0 || offset > OFF_MAX - len)
4546 case POSIX_FADV_SEQUENTIAL:
4547 case POSIX_FADV_RANDOM:
4548 case POSIX_FADV_NOREUSE:
4549 new = malloc(sizeof(*fa), M_FADVISE, M_WAITOK);
4551 case POSIX_FADV_NORMAL:
4552 case POSIX_FADV_WILLNEED:
4553 case POSIX_FADV_DONTNEED:
4559 /* XXX: CAP_POSIX_FADVISE? */
4560 error = fget(td, fd, cap_rights_init(&rights), &fp);
4563 if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
4567 if (fp->f_type != DTYPE_VNODE) {
4572 if (vp->v_type != VREG) {
4579 end = offset + len - 1;
4581 case POSIX_FADV_SEQUENTIAL:
4582 case POSIX_FADV_RANDOM:
4583 case POSIX_FADV_NOREUSE:
4585 * Try to merge any existing non-standard region with
4586 * this new region if possible, otherwise create a new
4587 * non-standard region for this request.
4589 mtx_pool_lock(mtxpool_sleep, fp);
4591 if (fa != NULL && fa->fa_advice == advice &&
4592 ((fa->fa_start <= end && fa->fa_end >= offset) ||
4593 (end != OFF_MAX && fa->fa_start == end + 1) ||
4594 (fa->fa_end != OFF_MAX && fa->fa_end + 1 == offset))) {
4595 if (offset < fa->fa_start)
4596 fa->fa_start = offset;
4597 if (end > fa->fa_end)
4600 new->fa_advice = advice;
4601 new->fa_start = offset;
4606 mtx_pool_unlock(mtxpool_sleep, fp);
4608 case POSIX_FADV_NORMAL:
4610 * If a the "normal" region overlaps with an existing
4611 * non-standard region, trim or remove the
4612 * non-standard region.
4614 mtx_pool_lock(mtxpool_sleep, fp);
4617 if (offset <= fa->fa_start && end >= fa->fa_end) {
4619 fp->f_advice = NULL;
4620 } else if (offset <= fa->fa_start &&
4621 end >= fa->fa_start)
4622 fa->fa_start = end + 1;
4623 else if (offset <= fa->fa_end && end >= fa->fa_end)
4624 fa->fa_end = offset - 1;
4625 else if (offset >= fa->fa_start && end <= fa->fa_end) {
4627 * If the "normal" region is a middle
4628 * portion of the existing
4629 * non-standard region, just remove
4630 * the whole thing rather than picking
4631 * one side or the other to
4635 fp->f_advice = NULL;
4638 mtx_pool_unlock(mtxpool_sleep, fp);
4640 case POSIX_FADV_WILLNEED:
4641 case POSIX_FADV_DONTNEED:
4642 error = VOP_ADVISE(vp, offset, end, advice);
4648 free(new, M_FADVISE);
4653 sys_posix_fadvise(struct thread *td, struct posix_fadvise_args *uap)
4657 error = kern_posix_fadvise(td, uap->fd, uap->offset, uap->len,
4659 return (kern_posix_error(td, error));