2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include "opt_capsicum.h"
41 #include "opt_compat.h"
42 #include "opt_ktrace.h"
44 #include <sys/param.h>
45 #include <sys/systm.h>
48 #include <sys/capsicum.h>
50 #include <sys/sysent.h>
51 #include <sys/malloc.h>
52 #include <sys/mount.h>
53 #include <sys/mutex.h>
54 #include <sys/sysproto.h>
55 #include <sys/namei.h>
56 #include <sys/filedesc.h>
57 #include <sys/kernel.h>
58 #include <sys/fcntl.h>
60 #include <sys/filio.h>
61 #include <sys/limits.h>
62 #include <sys/linker.h>
63 #include <sys/rwlock.h>
67 #include <sys/unistd.h>
68 #include <sys/vnode.h>
71 #include <sys/dirent.h>
73 #include <sys/syscallsubr.h>
74 #include <sys/sysctl.h>
76 #include <sys/ktrace.h>
79 #include <machine/stdarg.h>
81 #include <security/audit/audit.h>
82 #include <security/mac/mac_framework.h>
85 #include <vm/vm_object.h>
86 #include <vm/vm_page.h>
89 #include <ufs/ufs/quota.h>
91 MALLOC_DEFINE(M_FADVISE, "fadvise", "posix_fadvise(2) information");
93 SDT_PROVIDER_DEFINE(vfs);
94 SDT_PROBE_DEFINE2(vfs, , stat, mode, "char *", "int");
95 SDT_PROBE_DEFINE2(vfs, , stat, reg, "char *", "int");
97 static int kern_chflagsat(struct thread *td, int fd, const char *path,
98 enum uio_seg pathseg, u_long flags, int atflag);
99 static int setfflags(struct thread *td, struct vnode *, u_long);
100 static int getutimes(const struct timeval *, enum uio_seg, struct timespec *);
101 static int getutimens(const struct timespec *, enum uio_seg,
102 struct timespec *, int *);
103 static int setutimes(struct thread *td, struct vnode *,
104 const struct timespec *, int, int);
105 static int vn_access(struct vnode *vp, int user_flags, struct ucred *cred,
109 * Sync each mounted filesystem.
111 #ifndef _SYS_SYSPROTO_H_
120 struct sync_args *uap;
122 struct mount *mp, *nmp;
125 mtx_lock(&mountlist_mtx);
126 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
127 if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK)) {
128 nmp = TAILQ_NEXT(mp, mnt_list);
131 if ((mp->mnt_flag & MNT_RDONLY) == 0 &&
132 vn_start_write(NULL, &mp, V_NOWAIT) == 0) {
133 save = curthread_pflags_set(TDP_SYNCIO);
134 vfs_msync(mp, MNT_NOWAIT);
135 VFS_SYNC(mp, MNT_NOWAIT);
136 curthread_pflags_restore(save);
137 vn_finished_write(mp);
139 mtx_lock(&mountlist_mtx);
140 nmp = TAILQ_NEXT(mp, mnt_list);
143 mtx_unlock(&mountlist_mtx);
148 * Change filesystem quotas.
150 #ifndef _SYS_SYSPROTO_H_
151 struct quotactl_args {
159 sys_quotactl(td, uap)
161 register struct quotactl_args /* {
172 AUDIT_ARG_CMD(uap->cmd);
173 AUDIT_ARG_UID(uap->uid);
174 if (!prison_allow(td->td_ucred, PR_ALLOW_QUOTAS))
176 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
178 if ((error = namei(&nd)) != 0)
180 NDFREE(&nd, NDF_ONLY_PNBUF);
181 mp = nd.ni_vp->v_mount;
184 error = vfs_busy(mp, 0);
188 error = VFS_QUOTACTL(mp, uap->cmd, uap->uid, uap->arg);
191 * Since quota on operation typically needs to open quota
192 * file, the Q_QUOTAON handler needs to unbusy the mount point
193 * before calling into namei. Otherwise, unmount might be
194 * started between two vfs_busy() invocations (first is our,
195 * second is from mount point cross-walk code in lookup()),
198 * Require that Q_QUOTAON handles the vfs_busy() reference on
199 * its own, always returning with ubusied mount point.
201 if ((uap->cmd >> SUBCMDSHIFT) != Q_QUOTAON)
207 * Used by statfs conversion routines to scale the block size up if
208 * necessary so that all of the block counts are <= 'max_size'. Note
209 * that 'max_size' should be a bitmask, i.e. 2^n - 1 for some non-zero
213 statfs_scale_blocks(struct statfs *sf, long max_size)
218 KASSERT(powerof2(max_size + 1), ("%s: invalid max_size", __func__));
221 * Attempt to scale the block counts to give a more accurate
222 * overview to userland of the ratio of free space to used
223 * space. To do this, find the largest block count and compute
224 * a divisor that lets it fit into a signed integer <= max_size.
226 if (sf->f_bavail < 0)
227 count = -sf->f_bavail;
229 count = sf->f_bavail;
230 count = MAX(sf->f_blocks, MAX(sf->f_bfree, count));
231 if (count <= max_size)
234 count >>= flsl(max_size);
241 sf->f_bsize <<= shift;
242 sf->f_blocks >>= shift;
243 sf->f_bfree >>= shift;
244 sf->f_bavail >>= shift;
248 * Get filesystem statistics.
250 #ifndef _SYS_SYSPROTO_H_
259 register struct statfs_args /* {
267 error = kern_statfs(td, uap->path, UIO_USERSPACE, &sf);
269 error = copyout(&sf, uap->buf, sizeof(sf));
274 kern_statfs(struct thread *td, char *path, enum uio_seg pathseg,
278 struct statfs *sp, sb;
282 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
287 mp = nd.ni_vp->v_mount;
289 NDFREE(&nd, NDF_ONLY_PNBUF);
291 error = vfs_busy(mp, 0);
296 error = mac_mount_check_stat(td->td_ucred, mp);
301 * Set these in case the underlying filesystem fails to do so.
304 sp->f_version = STATFS_VERSION;
305 sp->f_namemax = NAME_MAX;
306 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
307 error = VFS_STATFS(mp, sp);
310 if (priv_check(td, PRIV_VFS_GENERATION)) {
311 bcopy(sp, &sb, sizeof(sb));
312 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
313 prison_enforce_statfs(td->td_ucred, mp, &sb);
323 * Get filesystem statistics.
325 #ifndef _SYS_SYSPROTO_H_
326 struct fstatfs_args {
334 register struct fstatfs_args /* {
342 error = kern_fstatfs(td, uap->fd, &sf);
344 error = copyout(&sf, uap->buf, sizeof(sf));
349 kern_fstatfs(struct thread *td, int fd, struct statfs *buf)
353 struct statfs *sp, sb;
359 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FSTATFS), &fp);
363 vn_lock(vp, LK_SHARED | LK_RETRY);
365 AUDIT_ARG_VNODE1(vp);
376 error = vfs_busy(mp, 0);
381 error = mac_mount_check_stat(td->td_ucred, mp);
386 * Set these in case the underlying filesystem fails to do so.
389 sp->f_version = STATFS_VERSION;
390 sp->f_namemax = NAME_MAX;
391 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
392 error = VFS_STATFS(mp, sp);
395 if (priv_check(td, PRIV_VFS_GENERATION)) {
396 bcopy(sp, &sb, sizeof(sb));
397 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
398 prison_enforce_statfs(td->td_ucred, mp, &sb);
409 * Get statistics on all filesystems.
411 #ifndef _SYS_SYSPROTO_H_
412 struct getfsstat_args {
419 sys_getfsstat(td, uap)
421 register struct getfsstat_args /* {
430 if (uap->bufsize < 0 || uap->bufsize > SIZE_MAX)
432 error = kern_getfsstat(td, &uap->buf, uap->bufsize, &count,
433 UIO_USERSPACE, uap->flags);
435 td->td_retval[0] = count;
440 * If (bufsize > 0 && bufseg == UIO_SYSSPACE)
441 * The caller is responsible for freeing memory which will be allocated
445 kern_getfsstat(struct thread *td, struct statfs **buf, size_t bufsize,
446 size_t *countp, enum uio_seg bufseg, int flags)
448 struct mount *mp, *nmp;
449 struct statfs *sfsp, *sp, sb;
450 size_t count, maxcount;
453 maxcount = bufsize / sizeof(struct statfs);
456 else if (bufseg == UIO_USERSPACE)
458 else /* if (bufseg == UIO_SYSSPACE) */ {
460 mtx_lock(&mountlist_mtx);
461 TAILQ_FOREACH(mp, &mountlist, mnt_list) {
464 mtx_unlock(&mountlist_mtx);
465 if (maxcount > count)
467 sfsp = *buf = malloc(maxcount * sizeof(struct statfs), M_TEMP,
471 mtx_lock(&mountlist_mtx);
472 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
473 if (prison_canseemount(td->td_ucred, mp) != 0) {
474 nmp = TAILQ_NEXT(mp, mnt_list);
478 if (mac_mount_check_stat(td->td_ucred, mp) != 0) {
479 nmp = TAILQ_NEXT(mp, mnt_list);
483 if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK)) {
484 nmp = TAILQ_NEXT(mp, mnt_list);
487 if (sfsp && count < maxcount) {
490 * Set these in case the underlying filesystem
493 sp->f_version = STATFS_VERSION;
494 sp->f_namemax = NAME_MAX;
495 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
497 * If MNT_NOWAIT or MNT_LAZY is specified, do not
498 * refresh the fsstat cache. MNT_NOWAIT or MNT_LAZY
499 * overrides MNT_WAIT.
501 if (((flags & (MNT_LAZY|MNT_NOWAIT)) == 0 ||
502 (flags & MNT_WAIT)) &&
503 (error = VFS_STATFS(mp, sp))) {
504 mtx_lock(&mountlist_mtx);
505 nmp = TAILQ_NEXT(mp, mnt_list);
509 if (priv_check(td, PRIV_VFS_GENERATION)) {
510 bcopy(sp, &sb, sizeof(sb));
511 sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0;
512 prison_enforce_statfs(td->td_ucred, mp, &sb);
515 if (bufseg == UIO_SYSSPACE)
516 bcopy(sp, sfsp, sizeof(*sp));
517 else /* if (bufseg == UIO_USERSPACE) */ {
518 error = copyout(sp, sfsp, sizeof(*sp));
527 mtx_lock(&mountlist_mtx);
528 nmp = TAILQ_NEXT(mp, mnt_list);
531 mtx_unlock(&mountlist_mtx);
532 if (sfsp && count > maxcount)
539 #ifdef COMPAT_FREEBSD4
541 * Get old format filesystem statistics.
543 static void cvtstatfs(struct statfs *, struct ostatfs *);
545 #ifndef _SYS_SYSPROTO_H_
546 struct freebsd4_statfs_args {
552 freebsd4_statfs(td, uap)
554 struct freebsd4_statfs_args /* {
563 error = kern_statfs(td, uap->path, UIO_USERSPACE, &sf);
566 cvtstatfs(&sf, &osb);
567 return (copyout(&osb, uap->buf, sizeof(osb)));
571 * Get filesystem statistics.
573 #ifndef _SYS_SYSPROTO_H_
574 struct freebsd4_fstatfs_args {
580 freebsd4_fstatfs(td, uap)
582 struct freebsd4_fstatfs_args /* {
591 error = kern_fstatfs(td, uap->fd, &sf);
594 cvtstatfs(&sf, &osb);
595 return (copyout(&osb, uap->buf, sizeof(osb)));
599 * Get statistics on all filesystems.
601 #ifndef _SYS_SYSPROTO_H_
602 struct freebsd4_getfsstat_args {
609 freebsd4_getfsstat(td, uap)
611 register struct freebsd4_getfsstat_args /* {
617 struct statfs *buf, *sp;
622 if (uap->bufsize < 0)
624 count = uap->bufsize / sizeof(struct ostatfs);
625 if (count > SIZE_MAX / sizeof(struct statfs))
627 size = count * sizeof(struct statfs);
628 error = kern_getfsstat(td, &buf, size, &count, UIO_SYSSPACE,
630 td->td_retval[0] = count;
633 while (count != 0 && error == 0) {
635 error = copyout(&osb, uap->buf, sizeof(osb));
646 * Implement fstatfs() for (NFS) file handles.
648 #ifndef _SYS_SYSPROTO_H_
649 struct freebsd4_fhstatfs_args {
650 struct fhandle *u_fhp;
655 freebsd4_fhstatfs(td, uap)
657 struct freebsd4_fhstatfs_args /* {
658 struct fhandle *u_fhp;
667 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
670 error = kern_fhstatfs(td, fh, &sf);
673 cvtstatfs(&sf, &osb);
674 return (copyout(&osb, uap->buf, sizeof(osb)));
678 * Convert a new format statfs structure to an old format statfs structure.
686 statfs_scale_blocks(nsp, LONG_MAX);
687 bzero(osp, sizeof(*osp));
688 osp->f_bsize = nsp->f_bsize;
689 osp->f_iosize = MIN(nsp->f_iosize, LONG_MAX);
690 osp->f_blocks = nsp->f_blocks;
691 osp->f_bfree = nsp->f_bfree;
692 osp->f_bavail = nsp->f_bavail;
693 osp->f_files = MIN(nsp->f_files, LONG_MAX);
694 osp->f_ffree = MIN(nsp->f_ffree, LONG_MAX);
695 osp->f_owner = nsp->f_owner;
696 osp->f_type = nsp->f_type;
697 osp->f_flags = nsp->f_flags;
698 osp->f_syncwrites = MIN(nsp->f_syncwrites, LONG_MAX);
699 osp->f_asyncwrites = MIN(nsp->f_asyncwrites, LONG_MAX);
700 osp->f_syncreads = MIN(nsp->f_syncreads, LONG_MAX);
701 osp->f_asyncreads = MIN(nsp->f_asyncreads, LONG_MAX);
702 strlcpy(osp->f_fstypename, nsp->f_fstypename,
703 MIN(MFSNAMELEN, OMFSNAMELEN));
704 strlcpy(osp->f_mntonname, nsp->f_mntonname,
705 MIN(MNAMELEN, OMNAMELEN));
706 strlcpy(osp->f_mntfromname, nsp->f_mntfromname,
707 MIN(MNAMELEN, OMNAMELEN));
708 osp->f_fsid = nsp->f_fsid;
710 #endif /* COMPAT_FREEBSD4 */
713 * Change current working directory to a given file descriptor.
715 #ifndef _SYS_SYSPROTO_H_
723 struct fchdir_args /* {
727 struct vnode *vp, *tdp;
733 AUDIT_ARG_FD(uap->fd);
734 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_FCHDIR),
741 vn_lock(vp, LK_SHARED | LK_RETRY);
742 AUDIT_ARG_VNODE1(vp);
743 error = change_dir(vp, td);
744 while (!error && (mp = vp->v_mountedhere) != NULL) {
747 error = VFS_ROOT(mp, LK_SHARED, &tdp);
764 * Change current working directory (``.'').
766 #ifndef _SYS_SYSPROTO_H_
774 struct chdir_args /* {
779 return (kern_chdir(td, uap->path, UIO_USERSPACE));
783 kern_chdir(struct thread *td, char *path, enum uio_seg pathseg)
788 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
790 if ((error = namei(&nd)) != 0)
792 if ((error = change_dir(nd.ni_vp, td)) != 0) {
794 NDFREE(&nd, NDF_ONLY_PNBUF);
797 VOP_UNLOCK(nd.ni_vp, 0);
798 NDFREE(&nd, NDF_ONLY_PNBUF);
799 pwd_chdir(td, nd.ni_vp);
804 * Change notion of root (``/'') directory.
806 #ifndef _SYS_SYSPROTO_H_
814 struct chroot_args /* {
821 error = priv_check(td, PRIV_VFS_CHROOT);
824 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
825 UIO_USERSPACE, uap->path, td);
829 error = change_dir(nd.ni_vp, td);
833 error = mac_vnode_check_chroot(td->td_ucred, nd.ni_vp);
837 VOP_UNLOCK(nd.ni_vp, 0);
838 error = pwd_chroot(td, nd.ni_vp);
840 NDFREE(&nd, NDF_ONLY_PNBUF);
845 NDFREE(&nd, NDF_ONLY_PNBUF);
850 * Common routine for chroot and chdir. Callers must provide a locked vnode
862 ASSERT_VOP_LOCKED(vp, "change_dir(): vp not locked");
863 if (vp->v_type != VDIR)
866 error = mac_vnode_check_chdir(td->td_ucred, vp);
870 return (VOP_ACCESS(vp, VEXEC, td->td_ucred, td));
874 flags_to_rights(int flags, cap_rights_t *rightsp)
877 if (flags & O_EXEC) {
878 cap_rights_set(rightsp, CAP_FEXECVE);
880 switch ((flags & O_ACCMODE)) {
882 cap_rights_set(rightsp, CAP_READ);
885 cap_rights_set(rightsp, CAP_READ);
888 cap_rights_set(rightsp, CAP_WRITE);
889 if (!(flags & (O_APPEND | O_TRUNC)))
890 cap_rights_set(rightsp, CAP_SEEK);
896 cap_rights_set(rightsp, CAP_CREATE);
899 cap_rights_set(rightsp, CAP_FTRUNCATE);
901 if (flags & (O_SYNC | O_FSYNC))
902 cap_rights_set(rightsp, CAP_FSYNC);
904 if (flags & (O_EXLOCK | O_SHLOCK))
905 cap_rights_set(rightsp, CAP_FLOCK);
909 * Check permissions, allocate an open file structure, and call the device
910 * open routine if any.
912 #ifndef _SYS_SYSPROTO_H_
922 register struct open_args /* {
929 return (kern_openat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
930 uap->flags, uap->mode));
933 #ifndef _SYS_SYSPROTO_H_
942 sys_openat(struct thread *td, struct openat_args *uap)
945 return (kern_openat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
950 kern_openat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
953 struct proc *p = td->td_proc;
954 struct filedesc *fdp = p->p_fd;
959 int cmode, error, indx;
963 AUDIT_ARG_FFLAGS(flags);
964 AUDIT_ARG_MODE(mode);
965 /* XXX: audit dirfd */
966 cap_rights_init(&rights, CAP_LOOKUP);
967 flags_to_rights(flags, &rights);
969 * Only one of the O_EXEC, O_RDONLY, O_WRONLY and O_RDWR flags
972 if (flags & O_EXEC) {
973 if (flags & O_ACCMODE)
975 } else if ((flags & O_ACCMODE) == O_ACCMODE) {
978 flags = FFLAGS(flags);
982 * Allocate a file structure. The descriptor to reference it
983 * is allocated and set by finstall() below.
985 error = falloc_noinstall(td, &fp);
989 * An extra reference on `fp' has been held for us by
990 * falloc_noinstall().
992 /* Set the flags early so the finit in devfs can pick them up. */
993 fp->f_flag = flags & FMASK;
994 cmode = ((mode & ~fdp->fd_cmask) & ALLPERMS) & ~S_ISTXT;
995 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | AUDITVNODE1, pathseg, path, fd,
997 td->td_dupfd = -1; /* XXX check for fdopen */
998 error = vn_open(&nd, &flags, cmode, fp);
1001 * If the vn_open replaced the method vector, something
1002 * wonderous happened deep below and we just pass it up
1003 * pretending we know what we do.
1005 if (error == ENXIO && fp->f_ops != &badfileops)
1009 * Handle special fdopen() case. bleh.
1011 * Don't do this for relative (capability) lookups; we don't
1012 * understand exactly what would happen, and we don't think
1013 * that it ever should.
1015 if (nd.ni_strictrelative == 0 &&
1016 (error == ENODEV || error == ENXIO) &&
1017 td->td_dupfd >= 0) {
1018 error = dupfdopen(td, fdp, td->td_dupfd, flags, error,
1027 NDFREE(&nd, NDF_ONLY_PNBUF);
1031 * Store the vnode, for any f_type. Typically, the vnode use
1032 * count is decremented by direct call to vn_closefile() for
1033 * files that switched type in the cdevsw fdopen() method.
1037 * If the file wasn't claimed by devfs bind it to the normal
1038 * vnode operations here.
1040 if (fp->f_ops == &badfileops) {
1041 KASSERT(vp->v_type != VFIFO, ("Unexpected fifo."));
1043 finit(fp, (flags & FMASK) | (fp->f_flag & FHASLOCK),
1044 DTYPE_VNODE, vp, &vnops);
1048 if (flags & O_TRUNC) {
1049 error = fo_truncate(fp, 0, td->td_ucred, td);
1055 * If we haven't already installed the FD (for dupfdopen), do so now.
1058 struct filecaps *fcaps;
1061 if (nd.ni_strictrelative == 1)
1062 fcaps = &nd.ni_filecaps;
1066 error = finstall(td, fp, &indx, flags, fcaps);
1067 /* On success finstall() consumes fcaps. */
1069 filecaps_free(&nd.ni_filecaps);
1073 filecaps_free(&nd.ni_filecaps);
1077 * Release our private reference, leaving the one associated with
1078 * the descriptor table intact.
1081 td->td_retval[0] = indx;
1084 KASSERT(indx == -1, ("indx=%d, should be -1", indx));
1093 #ifndef _SYS_SYSPROTO_H_
1094 struct ocreat_args {
1102 register struct ocreat_args /* {
1108 return (kern_openat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1109 O_WRONLY | O_CREAT | O_TRUNC, uap->mode));
1111 #endif /* COMPAT_43 */
1114 * Create a special file.
1116 #ifndef _SYS_SYSPROTO_H_
1126 register struct mknod_args /* {
1133 return (kern_mknodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1134 uap->mode, uap->dev));
1137 #ifndef _SYS_SYSPROTO_H_
1138 struct mknodat_args {
1146 sys_mknodat(struct thread *td, struct mknodat_args *uap)
1149 return (kern_mknodat(td, uap->fd, uap->path, UIO_USERSPACE, uap->mode,
1154 kern_mknodat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1160 struct nameidata nd;
1161 cap_rights_t rights;
1162 int error, whiteout = 0;
1164 AUDIT_ARG_MODE(mode);
1166 switch (mode & S_IFMT) {
1169 error = priv_check(td, PRIV_VFS_MKNOD_DEV);
1172 error = priv_check(td, PRIV_VFS_MKNOD_BAD);
1175 error = priv_check(td, PRIV_VFS_MKNOD_WHT);
1179 return (kern_mkfifoat(td, fd, path, pathseg, mode));
1189 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
1190 NOCACHE, pathseg, path, fd, cap_rights_init(&rights, CAP_MKNODAT),
1192 if ((error = namei(&nd)) != 0)
1196 NDFREE(&nd, NDF_ONLY_PNBUF);
1197 if (vp == nd.ni_dvp)
1205 vattr.va_mode = (mode & ALLPERMS) &
1206 ~td->td_proc->p_fd->fd_cmask;
1207 vattr.va_rdev = dev;
1210 switch (mode & S_IFMT) {
1211 case S_IFMT: /* used by badsect to flag bad sectors */
1212 vattr.va_type = VBAD;
1215 vattr.va_type = VCHR;
1218 vattr.va_type = VBLK;
1224 panic("kern_mknod: invalid mode");
1227 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1228 NDFREE(&nd, NDF_ONLY_PNBUF);
1230 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1235 if (error == 0 && !whiteout)
1236 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp,
1237 &nd.ni_cnd, &vattr);
1241 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, CREATE);
1243 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp,
1244 &nd.ni_cnd, &vattr);
1249 NDFREE(&nd, NDF_ONLY_PNBUF);
1251 vn_finished_write(mp);
1256 * Create a named pipe.
1258 #ifndef _SYS_SYSPROTO_H_
1259 struct mkfifo_args {
1267 register struct mkfifo_args /* {
1273 return (kern_mkfifoat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1277 #ifndef _SYS_SYSPROTO_H_
1278 struct mkfifoat_args {
1285 sys_mkfifoat(struct thread *td, struct mkfifoat_args *uap)
1288 return (kern_mkfifoat(td, uap->fd, uap->path, UIO_USERSPACE,
1293 kern_mkfifoat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1298 struct nameidata nd;
1299 cap_rights_t rights;
1302 AUDIT_ARG_MODE(mode);
1305 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
1306 NOCACHE, pathseg, path, fd, cap_rights_init(&rights, CAP_MKFIFOAT),
1308 if ((error = namei(&nd)) != 0)
1310 if (nd.ni_vp != NULL) {
1311 NDFREE(&nd, NDF_ONLY_PNBUF);
1312 if (nd.ni_vp == nd.ni_dvp)
1319 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1320 NDFREE(&nd, NDF_ONLY_PNBUF);
1322 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1327 vattr.va_type = VFIFO;
1328 vattr.va_mode = (mode & ALLPERMS) & ~td->td_proc->p_fd->fd_cmask;
1330 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1335 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
1342 vn_finished_write(mp);
1343 NDFREE(&nd, NDF_ONLY_PNBUF);
1348 * Make a hard file link.
1350 #ifndef _SYS_SYSPROTO_H_
1359 register struct link_args /* {
1365 return (kern_linkat(td, AT_FDCWD, AT_FDCWD, uap->path, uap->link,
1366 UIO_USERSPACE, FOLLOW));
1369 #ifndef _SYS_SYSPROTO_H_
1370 struct linkat_args {
1379 sys_linkat(struct thread *td, struct linkat_args *uap)
1384 if (flag & ~AT_SYMLINK_FOLLOW)
1387 return (kern_linkat(td, uap->fd1, uap->fd2, uap->path1, uap->path2,
1388 UIO_USERSPACE, (flag & AT_SYMLINK_FOLLOW) ? FOLLOW : NOFOLLOW));
1391 int hardlink_check_uid = 0;
1392 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_uid, CTLFLAG_RW,
1393 &hardlink_check_uid, 0,
1394 "Unprivileged processes cannot create hard links to files owned by other "
1396 static int hardlink_check_gid = 0;
1397 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_gid, CTLFLAG_RW,
1398 &hardlink_check_gid, 0,
1399 "Unprivileged processes cannot create hard links to files owned by other "
1403 can_hardlink(struct vnode *vp, struct ucred *cred)
1408 if (!hardlink_check_uid && !hardlink_check_gid)
1411 error = VOP_GETATTR(vp, &va, cred);
1415 if (hardlink_check_uid && cred->cr_uid != va.va_uid) {
1416 error = priv_check_cred(cred, PRIV_VFS_LINK, 0);
1421 if (hardlink_check_gid && !groupmember(va.va_gid, cred)) {
1422 error = priv_check_cred(cred, PRIV_VFS_LINK, 0);
1431 kern_linkat(struct thread *td, int fd1, int fd2, char *path1, char *path2,
1432 enum uio_seg segflg, int follow)
1436 struct nameidata nd;
1437 cap_rights_t rights;
1442 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, segflg, path1, fd1,
1443 cap_rights_init(&rights, CAP_LINKAT_SOURCE), td);
1445 if ((error = namei(&nd)) != 0)
1447 NDFREE(&nd, NDF_ONLY_PNBUF);
1449 if (vp->v_type == VDIR) {
1451 return (EPERM); /* POSIX */
1453 NDINIT_ATRIGHTS(&nd, CREATE,
1454 LOCKPARENT | SAVENAME | AUDITVNODE2 | NOCACHE, segflg, path2, fd2,
1455 cap_rights_init(&rights, CAP_LINKAT_TARGET), td);
1456 if ((error = namei(&nd)) == 0) {
1457 if (nd.ni_vp != NULL) {
1458 NDFREE(&nd, NDF_ONLY_PNBUF);
1459 if (nd.ni_dvp == nd.ni_vp)
1466 } else if (nd.ni_dvp->v_mount != vp->v_mount) {
1468 * Cross-device link. No need to recheck
1469 * vp->v_type, since it cannot change, except
1472 NDFREE(&nd, NDF_ONLY_PNBUF);
1476 } else if ((error = vn_lock(vp, LK_EXCLUSIVE)) == 0) {
1477 error = can_hardlink(vp, td->td_ucred);
1480 error = mac_vnode_check_link(td->td_ucred,
1481 nd.ni_dvp, vp, &nd.ni_cnd);
1486 NDFREE(&nd, NDF_ONLY_PNBUF);
1489 error = vn_start_write(vp, &mp, V_NOWAIT);
1493 NDFREE(&nd, NDF_ONLY_PNBUF);
1494 error = vn_start_write(NULL, &mp,
1500 error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
1503 vn_finished_write(mp);
1504 NDFREE(&nd, NDF_ONLY_PNBUF);
1507 NDFREE(&nd, NDF_ONLY_PNBUF);
1517 * Make a symbolic link.
1519 #ifndef _SYS_SYSPROTO_H_
1520 struct symlink_args {
1526 sys_symlink(td, uap)
1528 register struct symlink_args /* {
1534 return (kern_symlinkat(td, uap->path, AT_FDCWD, uap->link,
1538 #ifndef _SYS_SYSPROTO_H_
1539 struct symlinkat_args {
1546 sys_symlinkat(struct thread *td, struct symlinkat_args *uap)
1549 return (kern_symlinkat(td, uap->path1, uap->fd, uap->path2,
1554 kern_symlinkat(struct thread *td, char *path1, int fd, char *path2,
1555 enum uio_seg segflg)
1560 struct nameidata nd;
1562 cap_rights_t rights;
1564 if (segflg == UIO_SYSSPACE) {
1567 syspath = uma_zalloc(namei_zone, M_WAITOK);
1568 if ((error = copyinstr(path1, syspath, MAXPATHLEN, NULL)) != 0)
1571 AUDIT_ARG_TEXT(syspath);
1574 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
1575 NOCACHE, segflg, path2, fd, cap_rights_init(&rights, CAP_SYMLINKAT),
1577 if ((error = namei(&nd)) != 0)
1580 NDFREE(&nd, NDF_ONLY_PNBUF);
1581 if (nd.ni_vp == nd.ni_dvp)
1589 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1590 NDFREE(&nd, NDF_ONLY_PNBUF);
1592 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1597 vattr.va_mode = ACCESSPERMS &~ td->td_proc->p_fd->fd_cmask;
1599 vattr.va_type = VLNK;
1600 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1605 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr, syspath);
1611 NDFREE(&nd, NDF_ONLY_PNBUF);
1613 vn_finished_write(mp);
1615 if (segflg != UIO_SYSSPACE)
1616 uma_zfree(namei_zone, syspath);
1621 * Delete a whiteout from the filesystem.
1624 sys_undelete(td, uap)
1626 register struct undelete_args /* {
1631 struct nameidata nd;
1636 NDINIT(&nd, DELETE, LOCKPARENT | DOWHITEOUT | AUDITVNODE1,
1637 UIO_USERSPACE, uap->path, td);
1642 if (nd.ni_vp != NULLVP || !(nd.ni_cnd.cn_flags & ISWHITEOUT)) {
1643 NDFREE(&nd, NDF_ONLY_PNBUF);
1644 if (nd.ni_vp == nd.ni_dvp)
1652 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1653 NDFREE(&nd, NDF_ONLY_PNBUF);
1655 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1659 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, DELETE);
1660 NDFREE(&nd, NDF_ONLY_PNBUF);
1662 vn_finished_write(mp);
1667 * Delete a name from the filesystem.
1669 #ifndef _SYS_SYSPROTO_H_
1670 struct unlink_args {
1677 struct unlink_args /* {
1682 return (kern_unlinkat(td, AT_FDCWD, uap->path, UIO_USERSPACE, 0));
1685 #ifndef _SYS_SYSPROTO_H_
1686 struct unlinkat_args {
1693 sys_unlinkat(struct thread *td, struct unlinkat_args *uap)
1695 int flag = uap->flag;
1697 char *path = uap->path;
1699 if (flag & ~AT_REMOVEDIR)
1702 if (flag & AT_REMOVEDIR)
1703 return (kern_rmdirat(td, fd, path, UIO_USERSPACE));
1705 return (kern_unlinkat(td, fd, path, UIO_USERSPACE, 0));
1709 kern_unlinkat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1714 struct nameidata nd;
1716 cap_rights_t rights;
1721 NDINIT_ATRIGHTS(&nd, DELETE, LOCKPARENT | LOCKLEAF | AUDITVNODE1,
1722 pathseg, path, fd, cap_rights_init(&rights, CAP_UNLINKAT), td);
1723 if ((error = namei(&nd)) != 0)
1724 return (error == EINVAL ? EPERM : error);
1726 if (vp->v_type == VDIR && oldinum == 0) {
1727 error = EPERM; /* POSIX */
1728 } else if (oldinum != 0 &&
1729 ((error = vn_stat(vp, &sb, td->td_ucred, NOCRED, td)) == 0) &&
1730 sb.st_ino != oldinum) {
1731 error = EIDRM; /* Identifier removed */
1734 * The root of a mounted filesystem cannot be deleted.
1736 * XXX: can this only be a VDIR case?
1738 if (vp->v_vflag & VV_ROOT)
1742 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1743 NDFREE(&nd, NDF_ONLY_PNBUF);
1745 if (vp == nd.ni_dvp)
1749 if ((error = vn_start_write(NULL, &mp,
1750 V_XSLEEP | PCATCH)) != 0)
1755 error = mac_vnode_check_unlink(td->td_ucred, nd.ni_dvp, vp,
1760 vfs_notify_upper(vp, VFS_NOTIFY_UPPER_UNLINK);
1761 error = VOP_REMOVE(nd.ni_dvp, vp, &nd.ni_cnd);
1765 vn_finished_write(mp);
1767 NDFREE(&nd, NDF_ONLY_PNBUF);
1769 if (vp == nd.ni_dvp)
1777 * Reposition read/write file offset.
1779 #ifndef _SYS_SYSPROTO_H_
1790 register struct lseek_args /* {
1798 cap_rights_t rights;
1801 AUDIT_ARG_FD(uap->fd);
1802 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_SEEK), &fp);
1805 error = (fp->f_ops->fo_flags & DFLAG_SEEKABLE) != 0 ?
1806 fo_seek(fp, uap->offset, uap->whence, td) : ESPIPE;
1811 #if defined(COMPAT_43)
1813 * Reposition read/write file offset.
1815 #ifndef _SYS_SYSPROTO_H_
1816 struct olseek_args {
1825 register struct olseek_args /* {
1831 struct lseek_args /* {
1839 nuap.offset = uap->offset;
1840 nuap.whence = uap->whence;
1841 return (sys_lseek(td, &nuap));
1843 #endif /* COMPAT_43 */
1845 #if defined(COMPAT_FREEBSD6)
1846 /* Version with the 'pad' argument */
1848 freebsd6_lseek(td, uap)
1850 register struct freebsd6_lseek_args *uap;
1852 struct lseek_args ouap;
1855 ouap.offset = uap->offset;
1856 ouap.whence = uap->whence;
1857 return (sys_lseek(td, &ouap));
1862 * Check access permissions using passed credentials.
1865 vn_access(vp, user_flags, cred, td)
1874 /* Flags == 0 means only check for existence. */
1875 if (user_flags == 0)
1879 if (user_flags & R_OK)
1881 if (user_flags & W_OK)
1883 if (user_flags & X_OK)
1886 error = mac_vnode_check_access(cred, vp, accmode);
1890 if ((accmode & VWRITE) == 0 || (error = vn_writechk(vp)) == 0)
1891 error = VOP_ACCESS(vp, accmode, cred, td);
1896 * Check access permissions using "real" credentials.
1898 #ifndef _SYS_SYSPROTO_H_
1899 struct access_args {
1907 register struct access_args /* {
1913 return (kern_accessat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1917 #ifndef _SYS_SYSPROTO_H_
1918 struct faccessat_args {
1926 sys_faccessat(struct thread *td, struct faccessat_args *uap)
1929 return (kern_accessat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
1934 kern_accessat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1935 int flag, int amode)
1937 struct ucred *cred, *usecred;
1939 struct nameidata nd;
1940 cap_rights_t rights;
1943 if (flag & ~AT_EACCESS)
1945 if (amode != F_OK && (amode & ~(R_OK | W_OK | X_OK)) != 0)
1949 * Create and modify a temporary credential instead of one that
1950 * is potentially shared (if we need one).
1952 cred = td->td_ucred;
1953 if ((flag & AT_EACCESS) == 0 &&
1954 ((cred->cr_uid != cred->cr_ruid ||
1955 cred->cr_rgid != cred->cr_groups[0]))) {
1956 usecred = crdup(cred);
1957 usecred->cr_uid = cred->cr_ruid;
1958 usecred->cr_groups[0] = cred->cr_rgid;
1959 td->td_ucred = usecred;
1962 AUDIT_ARG_VALUE(amode);
1963 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF |
1964 AUDITVNODE1, pathseg, path, fd, cap_rights_init(&rights, CAP_FSTAT),
1966 if ((error = namei(&nd)) != 0)
1970 error = vn_access(vp, amode, usecred, td);
1971 NDFREE(&nd, NDF_ONLY_PNBUF);
1974 if (usecred != cred) {
1975 td->td_ucred = cred;
1982 * Check access permissions using "effective" credentials.
1984 #ifndef _SYS_SYSPROTO_H_
1985 struct eaccess_args {
1991 sys_eaccess(td, uap)
1993 register struct eaccess_args /* {
1999 return (kern_accessat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2000 AT_EACCESS, uap->amode));
2003 #if defined(COMPAT_43)
2005 * Get file status; this version follows links.
2007 #ifndef _SYS_SYSPROTO_H_
2016 register struct ostat_args /* {
2025 error = kern_statat(td, 0, AT_FDCWD, uap->path, UIO_USERSPACE,
2030 return (copyout(&osb, uap->ub, sizeof (osb)));
2034 * Get file status; this version does not follow links.
2036 #ifndef _SYS_SYSPROTO_H_
2037 struct olstat_args {
2045 register struct olstat_args /* {
2054 error = kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->path,
2055 UIO_USERSPACE, &sb, NULL);
2059 return (copyout(&osb, uap->ub, sizeof (osb)));
2063 * Convert from an old to a new stat structure.
2071 ost->st_dev = st->st_dev;
2072 ost->st_ino = st->st_ino;
2073 ost->st_mode = st->st_mode;
2074 ost->st_nlink = st->st_nlink;
2075 ost->st_uid = st->st_uid;
2076 ost->st_gid = st->st_gid;
2077 ost->st_rdev = st->st_rdev;
2078 if (st->st_size < (quad_t)1 << 32)
2079 ost->st_size = st->st_size;
2082 ost->st_atim = st->st_atim;
2083 ost->st_mtim = st->st_mtim;
2084 ost->st_ctim = st->st_ctim;
2085 ost->st_blksize = st->st_blksize;
2086 ost->st_blocks = st->st_blocks;
2087 ost->st_flags = st->st_flags;
2088 ost->st_gen = st->st_gen;
2090 #endif /* COMPAT_43 */
2093 * Get file status; this version follows links.
2095 #ifndef _SYS_SYSPROTO_H_
2104 register struct stat_args /* {
2112 error = kern_statat(td, 0, AT_FDCWD, uap->path, UIO_USERSPACE,
2115 error = copyout(&sb, uap->ub, sizeof (sb));
2119 #ifndef _SYS_SYSPROTO_H_
2120 struct fstatat_args {
2128 sys_fstatat(struct thread *td, struct fstatat_args *uap)
2133 error = kern_statat(td, uap->flag, uap->fd, uap->path,
2134 UIO_USERSPACE, &sb, NULL);
2136 error = copyout(&sb, uap->buf, sizeof (sb));
2141 kern_statat(struct thread *td, int flag, int fd, char *path,
2142 enum uio_seg pathseg, struct stat *sbp,
2143 void (*hook)(struct vnode *vp, struct stat *sbp))
2145 struct nameidata nd;
2147 cap_rights_t rights;
2150 if (flag & ~AT_SYMLINK_NOFOLLOW)
2153 NDINIT_ATRIGHTS(&nd, LOOKUP, ((flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW :
2154 FOLLOW) | LOCKSHARED | LOCKLEAF | AUDITVNODE1, pathseg, path, fd,
2155 cap_rights_init(&rights, CAP_FSTAT), td);
2157 if ((error = namei(&nd)) != 0)
2159 error = vn_stat(nd.ni_vp, &sb, td->td_ucred, NOCRED, td);
2161 SDT_PROBE2(vfs, , stat, mode, path, sb.st_mode);
2162 if (S_ISREG(sb.st_mode))
2163 SDT_PROBE2(vfs, , stat, reg, path, pathseg);
2164 if (__predict_false(hook != NULL))
2165 hook(nd.ni_vp, &sb);
2167 NDFREE(&nd, NDF_ONLY_PNBUF);
2173 if (KTRPOINT(td, KTR_STRUCT))
2180 * Get file status; this version does not follow links.
2182 #ifndef _SYS_SYSPROTO_H_
2191 register struct lstat_args /* {
2199 error = kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->path,
2200 UIO_USERSPACE, &sb, NULL);
2202 error = copyout(&sb, uap->ub, sizeof (sb));
2207 * Implementation of the NetBSD [l]stat() functions.
2215 bzero(nsb, sizeof *nsb);
2216 nsb->st_dev = sb->st_dev;
2217 nsb->st_ino = sb->st_ino;
2218 nsb->st_mode = sb->st_mode;
2219 nsb->st_nlink = sb->st_nlink;
2220 nsb->st_uid = sb->st_uid;
2221 nsb->st_gid = sb->st_gid;
2222 nsb->st_rdev = sb->st_rdev;
2223 nsb->st_atim = sb->st_atim;
2224 nsb->st_mtim = sb->st_mtim;
2225 nsb->st_ctim = sb->st_ctim;
2226 nsb->st_size = sb->st_size;
2227 nsb->st_blocks = sb->st_blocks;
2228 nsb->st_blksize = sb->st_blksize;
2229 nsb->st_flags = sb->st_flags;
2230 nsb->st_gen = sb->st_gen;
2231 nsb->st_birthtim = sb->st_birthtim;
2234 #ifndef _SYS_SYSPROTO_H_
2243 register struct nstat_args /* {
2252 error = kern_statat(td, 0, AT_FDCWD, uap->path, UIO_USERSPACE,
2256 cvtnstat(&sb, &nsb);
2257 return (copyout(&nsb, uap->ub, sizeof (nsb)));
2261 * NetBSD lstat. Get file status; this version does not follow links.
2263 #ifndef _SYS_SYSPROTO_H_
2272 register struct nlstat_args /* {
2281 error = kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->path,
2282 UIO_USERSPACE, &sb, NULL);
2285 cvtnstat(&sb, &nsb);
2286 return (copyout(&nsb, uap->ub, sizeof (nsb)));
2290 * Get configurable pathname variables.
2292 #ifndef _SYS_SYSPROTO_H_
2293 struct pathconf_args {
2299 sys_pathconf(td, uap)
2301 register struct pathconf_args /* {
2307 return (kern_pathconf(td, uap->path, UIO_USERSPACE, uap->name, FOLLOW));
2310 #ifndef _SYS_SYSPROTO_H_
2311 struct lpathconf_args {
2317 sys_lpathconf(td, uap)
2319 register struct lpathconf_args /* {
2325 return (kern_pathconf(td, uap->path, UIO_USERSPACE, uap->name,
2330 kern_pathconf(struct thread *td, char *path, enum uio_seg pathseg, int name,
2333 struct nameidata nd;
2336 NDINIT(&nd, LOOKUP, LOCKSHARED | LOCKLEAF | AUDITVNODE1 | flags,
2338 if ((error = namei(&nd)) != 0)
2340 NDFREE(&nd, NDF_ONLY_PNBUF);
2342 error = VOP_PATHCONF(nd.ni_vp, name, td->td_retval);
2348 * Return target name of a symbolic link.
2350 #ifndef _SYS_SYSPROTO_H_
2351 struct readlink_args {
2358 sys_readlink(td, uap)
2360 register struct readlink_args /* {
2367 return (kern_readlinkat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2368 uap->buf, UIO_USERSPACE, uap->count));
2370 #ifndef _SYS_SYSPROTO_H_
2371 struct readlinkat_args {
2379 sys_readlinkat(struct thread *td, struct readlinkat_args *uap)
2382 return (kern_readlinkat(td, uap->fd, uap->path, UIO_USERSPACE,
2383 uap->buf, UIO_USERSPACE, uap->bufsize));
2387 kern_readlinkat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2388 char *buf, enum uio_seg bufseg, size_t count)
2393 struct nameidata nd;
2396 if (count > IOSIZE_MAX)
2399 NDINIT_AT(&nd, LOOKUP, NOFOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
2400 pathseg, path, fd, td);
2402 if ((error = namei(&nd)) != 0)
2404 NDFREE(&nd, NDF_ONLY_PNBUF);
2407 error = mac_vnode_check_readlink(td->td_ucred, vp);
2413 if (vp->v_type != VLNK)
2416 aiov.iov_base = buf;
2417 aiov.iov_len = count;
2418 auio.uio_iov = &aiov;
2419 auio.uio_iovcnt = 1;
2420 auio.uio_offset = 0;
2421 auio.uio_rw = UIO_READ;
2422 auio.uio_segflg = bufseg;
2424 auio.uio_resid = count;
2425 error = VOP_READLINK(vp, &auio, td->td_ucred);
2426 td->td_retval[0] = count - auio.uio_resid;
2433 * Common implementation code for chflags() and fchflags().
2436 setfflags(td, vp, flags)
2445 /* We can't support the value matching VNOVAL. */
2446 if (flags == VNOVAL)
2447 return (EOPNOTSUPP);
2450 * Prevent non-root users from setting flags on devices. When
2451 * a device is reused, users can retain ownership of the device
2452 * if they are allowed to set flags and programs assume that
2453 * chown can't fail when done as root.
2455 if (vp->v_type == VCHR || vp->v_type == VBLK) {
2456 error = priv_check(td, PRIV_VFS_CHFLAGS_DEV);
2461 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2464 vattr.va_flags = flags;
2465 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2467 error = mac_vnode_check_setflags(td->td_ucred, vp, vattr.va_flags);
2470 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
2472 vn_finished_write(mp);
2477 * Change flags of a file given a path name.
2479 #ifndef _SYS_SYSPROTO_H_
2480 struct chflags_args {
2486 sys_chflags(td, uap)
2488 register struct chflags_args /* {
2494 return (kern_chflagsat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2498 #ifndef _SYS_SYSPROTO_H_
2499 struct chflagsat_args {
2507 sys_chflagsat(struct thread *td, struct chflagsat_args *uap)
2510 const char *path = uap->path;
2511 u_long flags = uap->flags;
2512 int atflag = uap->atflag;
2514 if (atflag & ~AT_SYMLINK_NOFOLLOW)
2517 return (kern_chflagsat(td, fd, path, UIO_USERSPACE, flags, atflag));
2521 * Same as chflags() but doesn't follow symlinks.
2524 sys_lchflags(td, uap)
2526 register struct lchflags_args /* {
2532 return (kern_chflagsat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2533 uap->flags, AT_SYMLINK_NOFOLLOW));
2537 kern_chflagsat(struct thread *td, int fd, const char *path,
2538 enum uio_seg pathseg, u_long flags, int atflag)
2540 struct nameidata nd;
2541 cap_rights_t rights;
2544 AUDIT_ARG_FFLAGS(flags);
2545 follow = (atflag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2546 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, pathseg, path, fd,
2547 cap_rights_init(&rights, CAP_FCHFLAGS), td);
2548 if ((error = namei(&nd)) != 0)
2550 NDFREE(&nd, NDF_ONLY_PNBUF);
2551 error = setfflags(td, nd.ni_vp, flags);
2557 * Change flags of a file given a file descriptor.
2559 #ifndef _SYS_SYSPROTO_H_
2560 struct fchflags_args {
2566 sys_fchflags(td, uap)
2568 register struct fchflags_args /* {
2574 cap_rights_t rights;
2577 AUDIT_ARG_FD(uap->fd);
2578 AUDIT_ARG_FFLAGS(uap->flags);
2579 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_FCHFLAGS),
2584 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
2585 AUDIT_ARG_VNODE1(fp->f_vnode);
2586 VOP_UNLOCK(fp->f_vnode, 0);
2588 error = setfflags(td, fp->f_vnode, uap->flags);
2594 * Common implementation code for chmod(), lchmod() and fchmod().
2597 setfmode(td, cred, vp, mode)
2607 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2609 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2611 vattr.va_mode = mode & ALLPERMS;
2613 error = mac_vnode_check_setmode(cred, vp, vattr.va_mode);
2616 error = VOP_SETATTR(vp, &vattr, cred);
2618 vn_finished_write(mp);
2623 * Change mode of a file given path name.
2625 #ifndef _SYS_SYSPROTO_H_
2634 register struct chmod_args /* {
2640 return (kern_fchmodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2644 #ifndef _SYS_SYSPROTO_H_
2645 struct fchmodat_args {
2653 sys_fchmodat(struct thread *td, struct fchmodat_args *uap)
2655 int flag = uap->flag;
2657 char *path = uap->path;
2658 mode_t mode = uap->mode;
2660 if (flag & ~AT_SYMLINK_NOFOLLOW)
2663 return (kern_fchmodat(td, fd, path, UIO_USERSPACE, mode, flag));
2667 * Change mode of a file given path name (don't follow links.)
2669 #ifndef _SYS_SYSPROTO_H_
2670 struct lchmod_args {
2678 register struct lchmod_args /* {
2684 return (kern_fchmodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2685 uap->mode, AT_SYMLINK_NOFOLLOW));
2689 kern_fchmodat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2690 mode_t mode, int flag)
2692 struct nameidata nd;
2693 cap_rights_t rights;
2696 AUDIT_ARG_MODE(mode);
2697 follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2698 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, pathseg, path, fd,
2699 cap_rights_init(&rights, CAP_FCHMOD), td);
2700 if ((error = namei(&nd)) != 0)
2702 NDFREE(&nd, NDF_ONLY_PNBUF);
2703 error = setfmode(td, td->td_ucred, nd.ni_vp, mode);
2709 * Change mode of a file given a file descriptor.
2711 #ifndef _SYS_SYSPROTO_H_
2712 struct fchmod_args {
2718 sys_fchmod(struct thread *td, struct fchmod_args *uap)
2721 cap_rights_t rights;
2724 AUDIT_ARG_FD(uap->fd);
2725 AUDIT_ARG_MODE(uap->mode);
2727 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_FCHMOD), &fp);
2730 error = fo_chmod(fp, uap->mode, td->td_ucred, td);
2736 * Common implementation for chown(), lchown(), and fchown()
2739 setfown(td, cred, vp, uid, gid)
2750 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2752 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2757 error = mac_vnode_check_setowner(cred, vp, vattr.va_uid,
2761 error = VOP_SETATTR(vp, &vattr, cred);
2763 vn_finished_write(mp);
2768 * Set ownership given a path name.
2770 #ifndef _SYS_SYSPROTO_H_
2780 register struct chown_args /* {
2787 return (kern_fchownat(td, AT_FDCWD, uap->path, UIO_USERSPACE, uap->uid,
2791 #ifndef _SYS_SYSPROTO_H_
2792 struct fchownat_args {
2801 sys_fchownat(struct thread *td, struct fchownat_args *uap)
2806 if (flag & ~AT_SYMLINK_NOFOLLOW)
2809 return (kern_fchownat(td, uap->fd, uap->path, UIO_USERSPACE, uap->uid,
2810 uap->gid, uap->flag));
2814 kern_fchownat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2815 int uid, int gid, int flag)
2817 struct nameidata nd;
2818 cap_rights_t rights;
2821 AUDIT_ARG_OWNER(uid, gid);
2822 follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2823 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, pathseg, path, fd,
2824 cap_rights_init(&rights, CAP_FCHOWN), td);
2826 if ((error = namei(&nd)) != 0)
2828 NDFREE(&nd, NDF_ONLY_PNBUF);
2829 error = setfown(td, td->td_ucred, nd.ni_vp, uid, gid);
2835 * Set ownership given a path name, do not cross symlinks.
2837 #ifndef _SYS_SYSPROTO_H_
2838 struct lchown_args {
2847 register struct lchown_args /* {
2854 return (kern_fchownat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2855 uap->uid, uap->gid, AT_SYMLINK_NOFOLLOW));
2859 * Set ownership given a file descriptor.
2861 #ifndef _SYS_SYSPROTO_H_
2862 struct fchown_args {
2871 register struct fchown_args /* {
2878 cap_rights_t rights;
2881 AUDIT_ARG_FD(uap->fd);
2882 AUDIT_ARG_OWNER(uap->uid, uap->gid);
2883 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_FCHOWN), &fp);
2886 error = fo_chown(fp, uap->uid, uap->gid, td->td_ucred, td);
2892 * Common implementation code for utimes(), lutimes(), and futimes().
2895 getutimes(usrtvp, tvpseg, tsp)
2896 const struct timeval *usrtvp;
2897 enum uio_seg tvpseg;
2898 struct timespec *tsp;
2900 struct timeval tv[2];
2901 const struct timeval *tvp;
2904 if (usrtvp == NULL) {
2905 vfs_timestamp(&tsp[0]);
2908 if (tvpseg == UIO_SYSSPACE) {
2911 if ((error = copyin(usrtvp, tv, sizeof(tv))) != 0)
2916 if (tvp[0].tv_usec < 0 || tvp[0].tv_usec >= 1000000 ||
2917 tvp[1].tv_usec < 0 || tvp[1].tv_usec >= 1000000)
2919 TIMEVAL_TO_TIMESPEC(&tvp[0], &tsp[0]);
2920 TIMEVAL_TO_TIMESPEC(&tvp[1], &tsp[1]);
2926 * Common implementation code for futimens(), utimensat().
2928 #define UTIMENS_NULL 0x1
2929 #define UTIMENS_EXIT 0x2
2931 getutimens(const struct timespec *usrtsp, enum uio_seg tspseg,
2932 struct timespec *tsp, int *retflags)
2934 struct timespec tsnow;
2937 vfs_timestamp(&tsnow);
2939 if (usrtsp == NULL) {
2942 *retflags |= UTIMENS_NULL;
2945 if (tspseg == UIO_SYSSPACE) {
2948 } else if ((error = copyin(usrtsp, tsp, sizeof(*tsp) * 2)) != 0)
2950 if (tsp[0].tv_nsec == UTIME_OMIT && tsp[1].tv_nsec == UTIME_OMIT)
2951 *retflags |= UTIMENS_EXIT;
2952 if (tsp[0].tv_nsec == UTIME_NOW && tsp[1].tv_nsec == UTIME_NOW)
2953 *retflags |= UTIMENS_NULL;
2954 if (tsp[0].tv_nsec == UTIME_OMIT)
2955 tsp[0].tv_sec = VNOVAL;
2956 else if (tsp[0].tv_nsec == UTIME_NOW)
2958 else if (tsp[0].tv_nsec < 0 || tsp[0].tv_nsec >= 1000000000L)
2960 if (tsp[1].tv_nsec == UTIME_OMIT)
2961 tsp[1].tv_sec = VNOVAL;
2962 else if (tsp[1].tv_nsec == UTIME_NOW)
2964 else if (tsp[1].tv_nsec < 0 || tsp[1].tv_nsec >= 1000000000L)
2971 * Common implementation code for utimes(), lutimes(), futimes(), futimens(),
2975 setutimes(td, vp, ts, numtimes, nullflag)
2978 const struct timespec *ts;
2984 int error, setbirthtime;
2986 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2988 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2990 if (numtimes < 3 && !VOP_GETATTR(vp, &vattr, td->td_ucred) &&
2991 timespeccmp(&ts[1], &vattr.va_birthtime, < ))
2994 vattr.va_atime = ts[0];
2995 vattr.va_mtime = ts[1];
2997 vattr.va_birthtime = ts[1];
2999 vattr.va_birthtime = ts[2];
3001 vattr.va_vaflags |= VA_UTIMES_NULL;
3003 error = mac_vnode_check_setutimes(td->td_ucred, vp, vattr.va_atime,
3007 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
3009 vn_finished_write(mp);
3014 * Set the access and modification times of a file.
3016 #ifndef _SYS_SYSPROTO_H_
3017 struct utimes_args {
3019 struct timeval *tptr;
3025 register struct utimes_args /* {
3027 struct timeval *tptr;
3031 return (kern_utimesat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
3032 uap->tptr, UIO_USERSPACE));
3035 #ifndef _SYS_SYSPROTO_H_
3036 struct futimesat_args {
3039 const struct timeval * times;
3043 sys_futimesat(struct thread *td, struct futimesat_args *uap)
3046 return (kern_utimesat(td, uap->fd, uap->path, UIO_USERSPACE,
3047 uap->times, UIO_USERSPACE));
3051 kern_utimesat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
3052 struct timeval *tptr, enum uio_seg tptrseg)
3054 struct nameidata nd;
3055 struct timespec ts[2];
3056 cap_rights_t rights;
3059 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
3061 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | AUDITVNODE1, pathseg, path, fd,
3062 cap_rights_init(&rights, CAP_FUTIMES), td);
3064 if ((error = namei(&nd)) != 0)
3066 NDFREE(&nd, NDF_ONLY_PNBUF);
3067 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
3073 * Set the access and modification times of a file.
3075 #ifndef _SYS_SYSPROTO_H_
3076 struct lutimes_args {
3078 struct timeval *tptr;
3082 sys_lutimes(td, uap)
3084 register struct lutimes_args /* {
3086 struct timeval *tptr;
3090 return (kern_lutimes(td, uap->path, UIO_USERSPACE, uap->tptr,
3095 kern_lutimes(struct thread *td, char *path, enum uio_seg pathseg,
3096 struct timeval *tptr, enum uio_seg tptrseg)
3098 struct timespec ts[2];
3099 struct nameidata nd;
3102 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
3104 NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNODE1, pathseg, path, td);
3105 if ((error = namei(&nd)) != 0)
3107 NDFREE(&nd, NDF_ONLY_PNBUF);
3108 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
3114 * Set the access and modification times of a file.
3116 #ifndef _SYS_SYSPROTO_H_
3117 struct futimes_args {
3119 struct timeval *tptr;
3123 sys_futimes(td, uap)
3125 register struct futimes_args /* {
3127 struct timeval *tptr;
3131 return (kern_futimes(td, uap->fd, uap->tptr, UIO_USERSPACE));
3135 kern_futimes(struct thread *td, int fd, struct timeval *tptr,
3136 enum uio_seg tptrseg)
3138 struct timespec ts[2];
3140 cap_rights_t rights;
3144 error = getutimes(tptr, tptrseg, ts);
3147 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FUTIMES), &fp);
3151 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
3152 AUDIT_ARG_VNODE1(fp->f_vnode);
3153 VOP_UNLOCK(fp->f_vnode, 0);
3155 error = setutimes(td, fp->f_vnode, ts, 2, tptr == NULL);
3161 sys_futimens(struct thread *td, struct futimens_args *uap)
3164 return (kern_futimens(td, uap->fd, uap->times, UIO_USERSPACE));
3168 kern_futimens(struct thread *td, int fd, struct timespec *tptr,
3169 enum uio_seg tptrseg)
3171 struct timespec ts[2];
3173 cap_rights_t rights;
3177 error = getutimens(tptr, tptrseg, ts, &flags);
3180 if (flags & UTIMENS_EXIT)
3182 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FUTIMES), &fp);
3186 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
3187 AUDIT_ARG_VNODE1(fp->f_vnode);
3188 VOP_UNLOCK(fp->f_vnode, 0);
3190 error = setutimes(td, fp->f_vnode, ts, 2, flags & UTIMENS_NULL);
3196 sys_utimensat(struct thread *td, struct utimensat_args *uap)
3199 return (kern_utimensat(td, uap->fd, uap->path, UIO_USERSPACE,
3200 uap->times, UIO_USERSPACE, uap->flag));
3204 kern_utimensat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
3205 struct timespec *tptr, enum uio_seg tptrseg, int flag)
3207 struct nameidata nd;
3208 struct timespec ts[2];
3209 cap_rights_t rights;
3212 if (flag & ~AT_SYMLINK_NOFOLLOW)
3215 if ((error = getutimens(tptr, tptrseg, ts, &flags)) != 0)
3217 NDINIT_ATRIGHTS(&nd, LOOKUP, ((flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW :
3218 FOLLOW) | AUDITVNODE1, pathseg, path, fd,
3219 cap_rights_init(&rights, CAP_FUTIMES), td);
3220 if ((error = namei(&nd)) != 0)
3223 * We are allowed to call namei() regardless of 2xUTIME_OMIT.
3225 * "If both tv_nsec fields are UTIME_OMIT... EACCESS may be detected."
3226 * "Search permission is denied by a component of the path prefix."
3228 NDFREE(&nd, NDF_ONLY_PNBUF);
3229 if ((flags & UTIMENS_EXIT) == 0)
3230 error = setutimes(td, nd.ni_vp, ts, 2, flags & UTIMENS_NULL);
3236 * Truncate a file given its path name.
3238 #ifndef _SYS_SYSPROTO_H_
3239 struct truncate_args {
3246 sys_truncate(td, uap)
3248 register struct truncate_args /* {
3255 return (kern_truncate(td, uap->path, UIO_USERSPACE, uap->length));
3259 kern_truncate(struct thread *td, char *path, enum uio_seg pathseg, off_t length)
3265 struct nameidata nd;
3270 NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1, pathseg, path, td);
3271 if ((error = namei(&nd)) != 0)
3274 rl_cookie = vn_rangelock_wlock(vp, 0, OFF_MAX);
3275 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0) {
3276 vn_rangelock_unlock(vp, rl_cookie);
3280 NDFREE(&nd, NDF_ONLY_PNBUF);
3281 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
3282 if (vp->v_type == VDIR)
3285 else if ((error = mac_vnode_check_write(td->td_ucred, NOCRED, vp))) {
3288 else if ((error = vn_writechk(vp)) == 0 &&
3289 (error = VOP_ACCESS(vp, VWRITE, td->td_ucred, td)) == 0) {
3291 vattr.va_size = length;
3292 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
3295 vn_finished_write(mp);
3296 vn_rangelock_unlock(vp, rl_cookie);
3301 #if defined(COMPAT_43)
3303 * Truncate a file given its path name.
3305 #ifndef _SYS_SYSPROTO_H_
3306 struct otruncate_args {
3314 register struct otruncate_args /* {
3319 struct truncate_args /* {
3325 nuap.path = uap->path;
3326 nuap.length = uap->length;
3327 return (sys_truncate(td, &nuap));
3329 #endif /* COMPAT_43 */
3331 #if defined(COMPAT_FREEBSD6)
3332 /* Versions with the pad argument */
3334 freebsd6_truncate(struct thread *td, struct freebsd6_truncate_args *uap)
3336 struct truncate_args ouap;
3338 ouap.path = uap->path;
3339 ouap.length = uap->length;
3340 return (sys_truncate(td, &ouap));
3344 freebsd6_ftruncate(struct thread *td, struct freebsd6_ftruncate_args *uap)
3346 struct ftruncate_args ouap;
3349 ouap.length = uap->length;
3350 return (sys_ftruncate(td, &ouap));
3355 * Sync an open file.
3357 #ifndef _SYS_SYSPROTO_H_
3365 struct fsync_args /* {
3372 cap_rights_t rights;
3373 int error, lock_flags;
3375 AUDIT_ARG_FD(uap->fd);
3376 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_FSYNC), &fp);
3380 error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
3383 if (MNT_SHARED_WRITES(mp) ||
3384 ((mp == NULL) && MNT_SHARED_WRITES(vp->v_mount))) {
3385 lock_flags = LK_SHARED;
3387 lock_flags = LK_EXCLUSIVE;
3389 vn_lock(vp, lock_flags | LK_RETRY);
3390 AUDIT_ARG_VNODE1(vp);
3391 if (vp->v_object != NULL) {
3392 VM_OBJECT_WLOCK(vp->v_object);
3393 vm_object_page_clean(vp->v_object, 0, 0, 0);
3394 VM_OBJECT_WUNLOCK(vp->v_object);
3396 error = VOP_FSYNC(vp, MNT_WAIT, td);
3399 vn_finished_write(mp);
3406 * Rename files. Source and destination must either both be directories, or
3407 * both not be directories. If target is a directory, it must be empty.
3409 #ifndef _SYS_SYSPROTO_H_
3410 struct rename_args {
3418 register struct rename_args /* {
3424 return (kern_renameat(td, AT_FDCWD, uap->from, AT_FDCWD,
3425 uap->to, UIO_USERSPACE));
3428 #ifndef _SYS_SYSPROTO_H_
3429 struct renameat_args {
3437 sys_renameat(struct thread *td, struct renameat_args *uap)
3440 return (kern_renameat(td, uap->oldfd, uap->old, uap->newfd, uap->new,
3445 kern_renameat(struct thread *td, int oldfd, char *old, int newfd, char *new,
3446 enum uio_seg pathseg)
3448 struct mount *mp = NULL;
3449 struct vnode *tvp, *fvp, *tdvp;
3450 struct nameidata fromnd, tond;
3451 cap_rights_t rights;
3457 NDINIT_ATRIGHTS(&fromnd, DELETE, LOCKPARENT | LOCKLEAF | SAVESTART |
3458 AUDITVNODE1, pathseg, old, oldfd,
3459 cap_rights_init(&rights, CAP_RENAMEAT_SOURCE), td);
3461 NDINIT_ATRIGHTS(&fromnd, DELETE, WANTPARENT | SAVESTART | AUDITVNODE1,
3462 pathseg, old, oldfd,
3463 cap_rights_init(&rights, CAP_RENAMEAT_SOURCE), td);
3466 if ((error = namei(&fromnd)) != 0)
3469 error = mac_vnode_check_rename_from(td->td_ucred, fromnd.ni_dvp,
3470 fromnd.ni_vp, &fromnd.ni_cnd);
3471 VOP_UNLOCK(fromnd.ni_dvp, 0);
3472 if (fromnd.ni_dvp != fromnd.ni_vp)
3473 VOP_UNLOCK(fromnd.ni_vp, 0);
3476 NDINIT_ATRIGHTS(&tond, RENAME, LOCKPARENT | LOCKLEAF | NOCACHE |
3477 SAVESTART | AUDITVNODE2, pathseg, new, newfd,
3478 cap_rights_init(&rights, CAP_RENAMEAT_TARGET), td);
3479 if (fromnd.ni_vp->v_type == VDIR)
3480 tond.ni_cnd.cn_flags |= WILLBEDIR;
3481 if ((error = namei(&tond)) != 0) {
3482 /* Translate error code for rename("dir1", "dir2/."). */
3483 if (error == EISDIR && fvp->v_type == VDIR)
3485 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3486 vrele(fromnd.ni_dvp);
3492 error = vn_start_write(fvp, &mp, V_NOWAIT);
3494 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3495 NDFREE(&tond, NDF_ONLY_PNBUF);
3502 vrele(fromnd.ni_dvp);
3504 vrele(tond.ni_startdir);
3505 if (fromnd.ni_startdir != NULL)
3506 vrele(fromnd.ni_startdir);
3507 error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH);
3513 if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
3516 } else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
3521 if (newfd != AT_FDCWD) {
3523 * If the target already exists we require CAP_UNLINKAT
3526 error = cap_check(&tond.ni_filecaps.fc_rights,
3527 cap_rights_init(&rights, CAP_UNLINKAT));
3538 * If the source is the same as the destination (that is, if they
3539 * are links to the same vnode), then there is nothing to do.
3545 error = mac_vnode_check_rename_to(td->td_ucred, tdvp,
3546 tond.ni_vp, fromnd.ni_dvp == tdvp, &tond.ni_cnd);
3550 error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
3551 tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
3552 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3553 NDFREE(&tond, NDF_ONLY_PNBUF);
3555 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3556 NDFREE(&tond, NDF_ONLY_PNBUF);
3563 vrele(fromnd.ni_dvp);
3566 vrele(tond.ni_startdir);
3567 vn_finished_write(mp);
3569 if (fromnd.ni_startdir)
3570 vrele(fromnd.ni_startdir);
3577 * Make a directory file.
3579 #ifndef _SYS_SYSPROTO_H_
3588 register struct mkdir_args /* {
3594 return (kern_mkdirat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
3598 #ifndef _SYS_SYSPROTO_H_
3599 struct mkdirat_args {
3606 sys_mkdirat(struct thread *td, struct mkdirat_args *uap)
3609 return (kern_mkdirat(td, uap->fd, uap->path, UIO_USERSPACE, uap->mode));
3613 kern_mkdirat(struct thread *td, int fd, char *path, enum uio_seg segflg,
3619 struct nameidata nd;
3620 cap_rights_t rights;
3623 AUDIT_ARG_MODE(mode);
3626 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
3627 NOCACHE, segflg, path, fd, cap_rights_init(&rights, CAP_MKDIRAT),
3629 nd.ni_cnd.cn_flags |= WILLBEDIR;
3630 if ((error = namei(&nd)) != 0)
3634 NDFREE(&nd, NDF_ONLY_PNBUF);
3636 * XXX namei called with LOCKPARENT but not LOCKLEAF has
3637 * the strange behaviour of leaving the vnode unlocked
3638 * if the target is the same vnode as the parent.
3640 if (vp == nd.ni_dvp)
3647 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3648 NDFREE(&nd, NDF_ONLY_PNBUF);
3650 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3655 vattr.va_type = VDIR;
3656 vattr.va_mode = (mode & ACCESSPERMS) &~ td->td_proc->p_fd->fd_cmask;
3658 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
3663 error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
3667 NDFREE(&nd, NDF_ONLY_PNBUF);
3671 vn_finished_write(mp);
3676 * Remove a directory file.
3678 #ifndef _SYS_SYSPROTO_H_
3686 struct rmdir_args /* {
3691 return (kern_rmdirat(td, AT_FDCWD, uap->path, UIO_USERSPACE));
3695 kern_rmdirat(struct thread *td, int fd, char *path, enum uio_seg pathseg)
3699 struct nameidata nd;
3700 cap_rights_t rights;
3705 NDINIT_ATRIGHTS(&nd, DELETE, LOCKPARENT | LOCKLEAF | AUDITVNODE1,
3706 pathseg, path, fd, cap_rights_init(&rights, CAP_UNLINKAT), td);
3707 if ((error = namei(&nd)) != 0)
3710 if (vp->v_type != VDIR) {
3715 * No rmdir "." please.
3717 if (nd.ni_dvp == vp) {
3722 * The root of a mounted filesystem cannot be deleted.
3724 if (vp->v_vflag & VV_ROOT) {
3729 error = mac_vnode_check_unlink(td->td_ucred, nd.ni_dvp, vp,
3734 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3735 NDFREE(&nd, NDF_ONLY_PNBUF);
3737 if (nd.ni_dvp == vp)
3741 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3745 vfs_notify_upper(vp, VFS_NOTIFY_UPPER_UNLINK);
3746 error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
3747 vn_finished_write(mp);
3749 NDFREE(&nd, NDF_ONLY_PNBUF);
3751 if (nd.ni_dvp == vp)
3760 * Read a block of directory entries in a filesystem independent format.
3762 #ifndef _SYS_SYSPROTO_H_
3763 struct ogetdirentries_args {
3771 ogetdirentries(struct thread *td, struct ogetdirentries_args *uap)
3776 error = kern_ogetdirentries(td, uap, &loff);
3778 error = copyout(&loff, uap->basep, sizeof(long));
3783 kern_ogetdirentries(struct thread *td, struct ogetdirentries_args *uap,
3788 struct uio auio, kuio;
3789 struct iovec aiov, kiov;
3790 struct dirent *dp, *edp;
3791 cap_rights_t rights;
3793 int error, eofflag, readcnt;
3797 /* XXX arbitrary sanity limit on `count'. */
3798 if (uap->count > 64 * 1024)
3800 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_READ), &fp);
3803 if ((fp->f_flag & FREAD) == 0) {
3808 foffset = foffset_lock(fp, 0);
3810 if (vp->v_type != VDIR) {
3811 foffset_unlock(fp, foffset, 0);
3815 aiov.iov_base = uap->buf;
3816 aiov.iov_len = uap->count;
3817 auio.uio_iov = &aiov;
3818 auio.uio_iovcnt = 1;
3819 auio.uio_rw = UIO_READ;
3820 auio.uio_segflg = UIO_USERSPACE;
3822 auio.uio_resid = uap->count;
3823 vn_lock(vp, LK_SHARED | LK_RETRY);
3824 loff = auio.uio_offset = foffset;
3826 error = mac_vnode_check_readdir(td->td_ucred, vp);
3829 foffset_unlock(fp, foffset, FOF_NOUPDATE);
3834 # if (BYTE_ORDER != LITTLE_ENDIAN)
3835 if (vp->v_mount->mnt_maxsymlinklen <= 0) {
3836 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag,
3838 foffset = auio.uio_offset;
3843 kuio.uio_iov = &kiov;
3844 kuio.uio_segflg = UIO_SYSSPACE;
3845 kiov.iov_len = uap->count;
3846 dirbuf = malloc(uap->count, M_TEMP, M_WAITOK);
3847 kiov.iov_base = dirbuf;
3848 error = VOP_READDIR(vp, &kuio, fp->f_cred, &eofflag,
3850 foffset = kuio.uio_offset;
3852 readcnt = uap->count - kuio.uio_resid;
3853 edp = (struct dirent *)&dirbuf[readcnt];
3854 for (dp = (struct dirent *)dirbuf; dp < edp; ) {
3855 # if (BYTE_ORDER == LITTLE_ENDIAN)
3857 * The expected low byte of
3858 * dp->d_namlen is our dp->d_type.
3859 * The high MBZ byte of dp->d_namlen
3860 * is our dp->d_namlen.
3862 dp->d_type = dp->d_namlen;
3866 * The dp->d_type is the high byte
3867 * of the expected dp->d_namlen,
3868 * so must be zero'ed.
3872 if (dp->d_reclen > 0) {
3873 dp = (struct dirent *)
3874 ((char *)dp + dp->d_reclen);
3881 error = uiomove(dirbuf, readcnt, &auio);
3883 free(dirbuf, M_TEMP);
3887 foffset_unlock(fp, foffset, 0);
3891 if (uap->count == auio.uio_resid &&
3892 (vp->v_vflag & VV_ROOT) &&
3893 (vp->v_mount->mnt_flag & MNT_UNION)) {
3894 struct vnode *tvp = vp;
3895 vp = vp->v_mount->mnt_vnodecovered;
3904 foffset_unlock(fp, foffset, 0);
3906 td->td_retval[0] = uap->count - auio.uio_resid;
3911 #endif /* COMPAT_43 */
3914 * Read a block of directory entries in a filesystem independent format.
3916 #ifndef _SYS_SYSPROTO_H_
3917 struct getdirentries_args {
3925 sys_getdirentries(td, uap)
3927 register struct getdirentries_args /* {
3937 error = kern_getdirentries(td, uap->fd, uap->buf, uap->count, &base,
3938 NULL, UIO_USERSPACE);
3941 if (uap->basep != NULL)
3942 error = copyout(&base, uap->basep, sizeof(long));
3947 kern_getdirentries(struct thread *td, int fd, char *buf, u_int count,
3948 long *basep, ssize_t *residp, enum uio_seg bufseg)
3954 cap_rights_t rights;
3960 if (count > IOSIZE_MAX)
3962 auio.uio_resid = count;
3963 error = getvnode(td, fd, cap_rights_init(&rights, CAP_READ), &fp);
3966 if ((fp->f_flag & FREAD) == 0) {
3971 foffset = foffset_lock(fp, 0);
3973 if (vp->v_type != VDIR) {
3977 aiov.iov_base = buf;
3978 aiov.iov_len = count;
3979 auio.uio_iov = &aiov;
3980 auio.uio_iovcnt = 1;
3981 auio.uio_rw = UIO_READ;
3982 auio.uio_segflg = bufseg;
3984 vn_lock(vp, LK_SHARED | LK_RETRY);
3985 AUDIT_ARG_VNODE1(vp);
3986 loff = auio.uio_offset = foffset;
3988 error = mac_vnode_check_readdir(td->td_ucred, vp);
3991 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, NULL,
3993 foffset = auio.uio_offset;
3998 if (count == auio.uio_resid &&
3999 (vp->v_vflag & VV_ROOT) &&
4000 (vp->v_mount->mnt_flag & MNT_UNION)) {
4001 struct vnode *tvp = vp;
4003 vp = vp->v_mount->mnt_vnodecovered;
4014 *residp = auio.uio_resid;
4015 td->td_retval[0] = count - auio.uio_resid;
4017 foffset_unlock(fp, foffset, 0);
4022 #ifndef _SYS_SYSPROTO_H_
4023 struct getdents_args {
4030 sys_getdents(td, uap)
4032 register struct getdents_args /* {
4038 struct getdirentries_args ap;
4042 ap.count = uap->count;
4044 return (sys_getdirentries(td, &ap));
4048 * Set the mode mask for creation of filesystem nodes.
4050 #ifndef _SYS_SYSPROTO_H_
4058 struct umask_args /* {
4062 struct filedesc *fdp;
4064 fdp = td->td_proc->p_fd;
4065 FILEDESC_XLOCK(fdp);
4066 td->td_retval[0] = fdp->fd_cmask;
4067 fdp->fd_cmask = uap->newmask & ALLPERMS;
4068 FILEDESC_XUNLOCK(fdp);
4073 * Void all references to file by ripping underlying filesystem away from
4076 #ifndef _SYS_SYSPROTO_H_
4077 struct revoke_args {
4084 register struct revoke_args /* {
4090 struct nameidata nd;
4093 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
4095 if ((error = namei(&nd)) != 0)
4098 NDFREE(&nd, NDF_ONLY_PNBUF);
4099 if (vp->v_type != VCHR || vp->v_rdev == NULL) {
4104 error = mac_vnode_check_revoke(td->td_ucred, vp);
4108 error = VOP_GETATTR(vp, &vattr, td->td_ucred);
4111 if (td->td_ucred->cr_uid != vattr.va_uid) {
4112 error = priv_check(td, PRIV_VFS_ADMIN);
4117 VOP_REVOKE(vp, REVOKEALL);
4124 * Convert a user file descriptor to a kernel file entry and check that, if it
4125 * is a capability, the correct rights are present. A reference on the file
4126 * entry is held upon returning.
4129 getvnode(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp)
4134 error = fget_unlocked(td->td_proc->p_fd, fd, rightsp, &fp, NULL);
4139 * The file could be not of the vnode type, or it may be not
4140 * yet fully initialized, in which case the f_vnode pointer
4141 * may be set, but f_ops is still badfileops. E.g.,
4142 * devfs_open() transiently create such situation to
4143 * facilitate csw d_fdopen().
4145 * Dupfdopen() handling in kern_openat() installs the
4146 * half-baked file into the process descriptor table, allowing
4147 * other thread to dereference it. Guard against the race by
4150 if (fp->f_vnode == NULL || fp->f_ops == &badfileops) {
4160 * Get an (NFS) file handle.
4162 #ifndef _SYS_SYSPROTO_H_
4163 struct lgetfh_args {
4171 register struct lgetfh_args *uap;
4173 struct nameidata nd;
4175 register struct vnode *vp;
4178 error = priv_check(td, PRIV_VFS_GETFH);
4181 NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
4186 NDFREE(&nd, NDF_ONLY_PNBUF);
4188 bzero(&fh, sizeof(fh));
4189 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
4190 error = VOP_VPTOFH(vp, &fh.fh_fid);
4193 error = copyout(&fh, uap->fhp, sizeof (fh));
4197 #ifndef _SYS_SYSPROTO_H_
4206 register struct getfh_args *uap;
4208 struct nameidata nd;
4210 register struct vnode *vp;
4213 error = priv_check(td, PRIV_VFS_GETFH);
4216 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
4221 NDFREE(&nd, NDF_ONLY_PNBUF);
4223 bzero(&fh, sizeof(fh));
4224 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
4225 error = VOP_VPTOFH(vp, &fh.fh_fid);
4228 error = copyout(&fh, uap->fhp, sizeof (fh));
4233 * syscall for the rpc.lockd to use to translate a NFS file handle into an
4236 * warning: do not remove the priv_check() call or this becomes one giant
4239 #ifndef _SYS_SYSPROTO_H_
4240 struct fhopen_args {
4241 const struct fhandle *u_fhp;
4248 struct fhopen_args /* {
4249 const struct fhandle *u_fhp;
4260 error = priv_check(td, PRIV_VFS_FHOPEN);
4264 fmode = FFLAGS(uap->flags);
4265 /* why not allow a non-read/write open for our lockd? */
4266 if (((fmode & (FREAD | FWRITE)) == 0) || (fmode & O_CREAT))
4268 error = copyin(uap->u_fhp, &fhp, sizeof(fhp));
4271 /* find the mount point */
4272 mp = vfs_busyfs(&fhp.fh_fsid);
4275 /* now give me my vnode, it gets returned to me locked */
4276 error = VFS_FHTOVP(mp, &fhp.fh_fid, LK_EXCLUSIVE, &vp);
4281 error = falloc_noinstall(td, &fp);
4287 * An extra reference on `fp' has been held for us by
4288 * falloc_noinstall().
4294 error = vn_open_vnode(vp, fmode, td->td_ucred, td, fp);
4296 KASSERT(fp->f_ops == &badfileops,
4297 ("VOP_OPEN in fhopen() set f_ops"));
4298 KASSERT(td->td_dupfd < 0,
4299 ("fhopen() encountered fdopen()"));
4309 finit(fp, (fmode & FMASK) | (fp->f_flag & FHASLOCK), DTYPE_VNODE, vp,
4312 if ((fmode & O_TRUNC) != 0) {
4313 error = fo_truncate(fp, 0, td->td_ucred, td);
4318 error = finstall(td, fp, &indx, fmode, NULL);
4321 td->td_retval[0] = indx;
4326 * Stat an (NFS) file handle.
4328 #ifndef _SYS_SYSPROTO_H_
4329 struct fhstat_args {
4330 struct fhandle *u_fhp;
4337 register struct fhstat_args /* {
4338 struct fhandle *u_fhp;
4346 error = copyin(uap->u_fhp, &fh, sizeof(fh));
4349 error = kern_fhstat(td, fh, &sb);
4351 error = copyout(&sb, uap->sb, sizeof(sb));
4356 kern_fhstat(struct thread *td, struct fhandle fh, struct stat *sb)
4362 error = priv_check(td, PRIV_VFS_FHSTAT);
4365 if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL)
4367 error = VFS_FHTOVP(mp, &fh.fh_fid, LK_EXCLUSIVE, &vp);
4371 error = vn_stat(vp, sb, td->td_ucred, NOCRED, td);
4377 * Implement fstatfs() for (NFS) file handles.
4379 #ifndef _SYS_SYSPROTO_H_
4380 struct fhstatfs_args {
4381 struct fhandle *u_fhp;
4386 sys_fhstatfs(td, uap)
4388 struct fhstatfs_args /* {
4389 struct fhandle *u_fhp;
4397 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
4400 error = kern_fhstatfs(td, fh, &sf);
4403 return (copyout(&sf, uap->buf, sizeof(sf)));
4407 kern_fhstatfs(struct thread *td, fhandle_t fh, struct statfs *buf)
4414 error = priv_check(td, PRIV_VFS_FHSTATFS);
4417 if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL)
4419 error = VFS_FHTOVP(mp, &fh.fh_fid, LK_EXCLUSIVE, &vp);
4425 error = prison_canseemount(td->td_ucred, mp);
4429 error = mac_mount_check_stat(td->td_ucred, mp);
4434 * Set these in case the underlying filesystem fails to do so.
4437 sp->f_version = STATFS_VERSION;
4438 sp->f_namemax = NAME_MAX;
4439 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
4440 error = VFS_STATFS(mp, sp);
4449 kern_posix_fallocate(struct thread *td, int fd, off_t offset, off_t len)
4454 cap_rights_t rights;
4455 off_t olen, ooffset;
4458 if (offset < 0 || len <= 0)
4460 /* Check for wrap. */
4461 if (offset > OFF_MAX - len)
4463 error = fget(td, fd, cap_rights_init(&rights, CAP_WRITE), &fp);
4466 if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
4470 if ((fp->f_flag & FWRITE) == 0) {
4474 if (fp->f_type != DTYPE_VNODE) {
4479 if (vp->v_type != VREG) {
4484 /* Allocating blocks may take a long time, so iterate. */
4491 error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
4494 error = vn_lock(vp, LK_EXCLUSIVE);
4496 vn_finished_write(mp);
4500 error = mac_vnode_check_write(td->td_ucred, fp->f_cred, vp);
4503 error = VOP_ALLOCATE(vp, &offset, &len);
4505 vn_finished_write(mp);
4507 if (olen + ooffset != offset + len) {
4508 panic("offset + len changed from %jx/%jx to %jx/%jx",
4509 ooffset, olen, offset, len);
4511 if (error != 0 || len == 0)
4513 KASSERT(olen > len, ("Iteration did not make progress?"));
4522 sys_posix_fallocate(struct thread *td, struct posix_fallocate_args *uap)
4526 error = kern_posix_fallocate(td, uap->fd, uap->offset, uap->len);
4527 return (kern_posix_error(td, error));
4531 * Unlike madvise(2), we do not make a best effort to remember every
4532 * possible caching hint. Instead, we remember the last setting with
4533 * the exception that we will allow POSIX_FADV_NORMAL to adjust the
4534 * region of any current setting.
4537 kern_posix_fadvise(struct thread *td, int fd, off_t offset, off_t len,
4540 struct fadvise_info *fa, *new;
4543 cap_rights_t rights;
4547 if (offset < 0 || len < 0 || offset > OFF_MAX - len)
4550 case POSIX_FADV_SEQUENTIAL:
4551 case POSIX_FADV_RANDOM:
4552 case POSIX_FADV_NOREUSE:
4553 new = malloc(sizeof(*fa), M_FADVISE, M_WAITOK);
4555 case POSIX_FADV_NORMAL:
4556 case POSIX_FADV_WILLNEED:
4557 case POSIX_FADV_DONTNEED:
4563 /* XXX: CAP_POSIX_FADVISE? */
4564 error = fget(td, fd, cap_rights_init(&rights), &fp);
4567 if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
4571 if (fp->f_type != DTYPE_VNODE) {
4576 if (vp->v_type != VREG) {
4583 end = offset + len - 1;
4585 case POSIX_FADV_SEQUENTIAL:
4586 case POSIX_FADV_RANDOM:
4587 case POSIX_FADV_NOREUSE:
4589 * Try to merge any existing non-standard region with
4590 * this new region if possible, otherwise create a new
4591 * non-standard region for this request.
4593 mtx_pool_lock(mtxpool_sleep, fp);
4595 if (fa != NULL && fa->fa_advice == advice &&
4596 ((fa->fa_start <= end && fa->fa_end >= offset) ||
4597 (end != OFF_MAX && fa->fa_start == end + 1) ||
4598 (fa->fa_end != OFF_MAX && fa->fa_end + 1 == offset))) {
4599 if (offset < fa->fa_start)
4600 fa->fa_start = offset;
4601 if (end > fa->fa_end)
4604 new->fa_advice = advice;
4605 new->fa_start = offset;
4610 mtx_pool_unlock(mtxpool_sleep, fp);
4612 case POSIX_FADV_NORMAL:
4614 * If a the "normal" region overlaps with an existing
4615 * non-standard region, trim or remove the
4616 * non-standard region.
4618 mtx_pool_lock(mtxpool_sleep, fp);
4621 if (offset <= fa->fa_start && end >= fa->fa_end) {
4623 fp->f_advice = NULL;
4624 } else if (offset <= fa->fa_start &&
4625 end >= fa->fa_start)
4626 fa->fa_start = end + 1;
4627 else if (offset <= fa->fa_end && end >= fa->fa_end)
4628 fa->fa_end = offset - 1;
4629 else if (offset >= fa->fa_start && end <= fa->fa_end) {
4631 * If the "normal" region is a middle
4632 * portion of the existing
4633 * non-standard region, just remove
4634 * the whole thing rather than picking
4635 * one side or the other to
4639 fp->f_advice = NULL;
4642 mtx_pool_unlock(mtxpool_sleep, fp);
4644 case POSIX_FADV_WILLNEED:
4645 case POSIX_FADV_DONTNEED:
4646 error = VOP_ADVISE(vp, offset, end, advice);
4652 free(new, M_FADVISE);
4657 sys_posix_fadvise(struct thread *td, struct posix_fadvise_args *uap)
4661 error = kern_posix_fadvise(td, uap->fd, uap->offset, uap->len,
4663 return (kern_posix_error(td, error));