2 * Copyright (c) 1999-2002 Robert N. M. Watson
3 * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
6 * This software was developed by Robert Watson for the TrustedBSD Project.
8 * This software was developed for the FreeBSD Project in part by Network
9 * Associates Laboratories, the Security Research Division of Network
10 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
11 * as part of the DARPA CHATS research program.
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * Support for filesystem extended attribute: UFS-specific support functions.
40 #include <sys/cdefs.h>
41 __FBSDID("$FreeBSD$");
45 #include <sys/param.h>
46 #include <sys/systm.h>
47 #include <sys/kernel.h>
48 #include <sys/namei.h>
49 #include <sys/malloc.h>
50 #include <sys/fcntl.h>
53 #include <sys/vnode.h>
54 #include <sys/mount.h>
56 #include <sys/dirent.h>
57 #include <sys/extattr.h>
59 #include <sys/sysctl.h>
63 #include <ufs/ufs/dir.h>
64 #include <ufs/ufs/extattr.h>
65 #include <ufs/ufs/quota.h>
66 #include <ufs/ufs/ufsmount.h>
67 #include <ufs/ufs/inode.h>
68 #include <ufs/ufs/ufs_extern.h>
72 static MALLOC_DEFINE(M_UFS_EXTATTR, "ufs_extattr", "ufs extended attribute");
74 static int ufs_extattr_sync = 0;
75 SYSCTL_INT(_debug, OID_AUTO, ufs_extattr_sync, CTLFLAG_RW, &ufs_extattr_sync,
78 static int ufs_extattr_valid_attrname(int attrnamespace,
79 const char *attrname);
80 static int ufs_extattr_enable_with_open(struct ufsmount *ump,
81 struct vnode *vp, int attrnamespace, const char *attrname,
83 static int ufs_extattr_enable(struct ufsmount *ump, int attrnamespace,
84 const char *attrname, struct vnode *backing_vnode,
86 static int ufs_extattr_disable(struct ufsmount *ump, int attrnamespace,
87 const char *attrname, struct thread *td);
88 static int ufs_extattr_get(struct vnode *vp, int attrnamespace,
89 const char *name, struct uio *uio, size_t *size,
90 struct ucred *cred, struct thread *td);
91 static int ufs_extattr_set(struct vnode *vp, int attrnamespace,
92 const char *name, struct uio *uio, struct ucred *cred,
94 static int ufs_extattr_rm(struct vnode *vp, int attrnamespace,
95 const char *name, struct ucred *cred, struct thread *td);
96 static int ufs_extattr_autostart_locked(struct mount *mp,
98 static int ufs_extattr_start_locked(struct ufsmount *ump,
102 * Per-FS attribute lock protecting attribute operations.
104 * XXXRW: Perhaps something more fine-grained would be appropriate, but at
105 * the end of the day we're going to contend on the vnode lock for the
106 * backing file anyway.
109 ufs_extattr_uepm_lock(struct ufsmount *ump, struct thread *td)
112 sx_xlock(&ump->um_extattr.uepm_lock);
116 ufs_extattr_uepm_unlock(struct ufsmount *ump, struct thread *td)
119 sx_xunlock(&ump->um_extattr.uepm_lock);
123 * Determine whether the name passed is a valid name for an actual
126 * Invalid currently consists of:
127 * NULL pointer for attrname
128 * zero-length attrname (used to retrieve application attribute list)
131 ufs_extattr_valid_attrname(int attrnamespace, const char *attrname)
134 if (attrname == NULL)
136 if (strlen(attrname) == 0)
142 * Locate an attribute given a name and mountpoint.
143 * Must be holding uepm lock for the mount point.
145 static struct ufs_extattr_list_entry *
146 ufs_extattr_find_attr(struct ufsmount *ump, int attrnamespace,
147 const char *attrname)
149 struct ufs_extattr_list_entry *search_attribute;
151 sx_assert(&ump->um_extattr.uepm_lock, SA_XLOCKED);
153 for (search_attribute = LIST_FIRST(&ump->um_extattr.uepm_list);
154 search_attribute != NULL;
155 search_attribute = LIST_NEXT(search_attribute, uele_entries)) {
156 if (!(strncmp(attrname, search_attribute->uele_attrname,
157 UFS_EXTATTR_MAXEXTATTRNAME)) &&
158 (attrnamespace == search_attribute->uele_attrnamespace)) {
159 return (search_attribute);
167 * Initialize per-FS structures supporting extended attributes. Do not
168 * start extended attributes yet.
171 ufs_extattr_uepm_init(struct ufs_extattr_per_mount *uepm)
174 uepm->uepm_flags = 0;
175 LIST_INIT(&uepm->uepm_list);
176 sx_init(&uepm->uepm_lock, "ufs_extattr_sx");
177 uepm->uepm_flags |= UFS_EXTATTR_UEPM_INITIALIZED;
181 * Destroy per-FS structures supporting extended attributes. Assumes
182 * that EAs have already been stopped, and will panic if not.
185 ufs_extattr_uepm_destroy(struct ufs_extattr_per_mount *uepm)
188 if (!(uepm->uepm_flags & UFS_EXTATTR_UEPM_INITIALIZED))
189 panic("ufs_extattr_uepm_destroy: not initialized");
191 if ((uepm->uepm_flags & UFS_EXTATTR_UEPM_STARTED))
192 panic("ufs_extattr_uepm_destroy: called while still started");
195 * It's not clear that either order for the next two lines is
196 * ideal, and it should never be a problem if this is only called
197 * during unmount, and with vfs_busy().
199 uepm->uepm_flags &= ~UFS_EXTATTR_UEPM_INITIALIZED;
200 sx_destroy(&uepm->uepm_lock);
204 * Start extended attribute support on an FS.
207 ufs_extattr_start(struct mount *mp, struct thread *td)
209 struct ufsmount *ump;
214 ufs_extattr_uepm_lock(ump, td);
215 error = ufs_extattr_start_locked(ump, td);
216 ufs_extattr_uepm_unlock(ump, td);
221 ufs_extattr_start_locked(struct ufsmount *ump, struct thread *td)
223 if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_INITIALIZED))
225 if (ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_STARTED)
228 ump->um_extattr.uepm_flags |= UFS_EXTATTR_UEPM_STARTED;
229 ump->um_extattr.uepm_ucred = crhold(td->td_ucred);
233 #ifdef UFS_EXTATTR_AUTOSTART
235 * Helper routine: given a locked parent directory and filename, return
236 * the locked vnode of the inode associated with the name. Will not
237 * follow symlinks, may return any type of vnode. Lock on parent will
238 * be released even in the event of a failure. In the event that the
239 * target is the parent (i.e., "."), there will be two references and
240 * one lock, requiring the caller to possibly special-case.
242 #define UE_GETDIR_LOCKPARENT 1
243 #define UE_GETDIR_LOCKPARENT_DONT 2
245 ufs_extattr_lookup(struct vnode *start_dvp, int lockparent, char *dirname,
246 struct vnode **vp, struct thread *td)
248 struct vop_cachedlookup_args vargs;
249 struct componentname cnp;
250 struct vnode *target_vp;
253 bzero(&cnp, sizeof(cnp));
254 cnp.cn_nameiop = LOOKUP;
255 cnp.cn_flags = ISLASTCN;
256 if (lockparent == UE_GETDIR_LOCKPARENT)
257 cnp.cn_flags |= LOCKPARENT;
258 cnp.cn_lkflags = LK_EXCLUSIVE;
260 cnp.cn_cred = td->td_ucred;
261 cnp.cn_pnbuf = uma_zalloc(namei_zone, M_WAITOK);
262 cnp.cn_nameptr = cnp.cn_pnbuf;
263 error = copystr(dirname, cnp.cn_pnbuf, MAXPATHLEN,
264 (size_t *) &cnp.cn_namelen);
266 if (lockparent == UE_GETDIR_LOCKPARENT_DONT) {
267 VOP_UNLOCK(start_dvp, 0, td);
269 uma_zfree(namei_zone, cnp.cn_pnbuf);
270 printf("ufs_extattr_lookup: copystr failed\n");
273 cnp.cn_namelen--; /* trim nul termination */
274 vargs.a_gen.a_desc = NULL;
275 vargs.a_dvp = start_dvp;
276 vargs.a_vpp = &target_vp;
278 error = ufs_lookup(&vargs);
279 uma_zfree(namei_zone, cnp.cn_pnbuf);
282 * Error condition, may have to release the lock on the parent
283 * if ufs_lookup() didn't.
285 if (lockparent == UE_GETDIR_LOCKPARENT_DONT)
286 VOP_UNLOCK(start_dvp, 0, td);
289 * Check that ufs_lookup() didn't release the lock when we
292 if (lockparent == UE_GETDIR_LOCKPARENT)
293 ASSERT_VOP_LOCKED(start_dvp, "ufs_extattr_lookup");
298 if (target_vp == start_dvp)
299 panic("ufs_extattr_lookup: target_vp == start_dvp");
302 if (target_vp != start_dvp && lockparent == UE_GETDIR_LOCKPARENT_DONT)
303 VOP_UNLOCK(start_dvp, 0, td);
305 if (lockparent == UE_GETDIR_LOCKPARENT)
306 ASSERT_VOP_LOCKED(start_dvp, "ufs_extattr_lookup");
308 /* printf("ufs_extattr_lookup: success\n"); */
312 #endif /* !UFS_EXTATTR_AUTOSTART */
315 * Enable an EA using the passed filesystem, backing vnode, attribute name,
316 * namespace, and proc. Will perform a VOP_OPEN() on the vp, so expects vp
317 * to be locked when passed in. The vnode will be returned unlocked,
318 * regardless of success/failure of the function. As a result, the caller
319 * will always need to vrele(), but not vput().
322 ufs_extattr_enable_with_open(struct ufsmount *ump, struct vnode *vp,
323 int attrnamespace, const char *attrname, struct thread *td)
327 error = VOP_OPEN(vp, FREAD|FWRITE, td->td_ucred, td, NULL);
329 printf("ufs_extattr_enable_with_open.VOP_OPEN(): failed "
331 VOP_UNLOCK(vp, 0, td);
339 VOP_UNLOCK(vp, 0, td);
341 error = ufs_extattr_enable(ump, attrnamespace, attrname, vp, td);
343 vn_close(vp, FREAD|FWRITE, td->td_ucred, td);
347 #ifdef UFS_EXTATTR_AUTOSTART
349 * Given a locked directory vnode, iterate over the names in the directory
350 * and use ufs_extattr_lookup() to retrieve locked vnodes of potential
351 * attribute files. Then invoke ufs_extattr_enable_with_open() on each
352 * to attempt to start the attribute. Leaves the directory locked on
356 ufs_extattr_iterate_directory(struct ufsmount *ump, struct vnode *dvp,
357 int attrnamespace, struct thread *td)
359 struct vop_readdir_args vargs;
360 struct dirent *dp, *edp;
361 struct vnode *attr_vp;
365 int error, eofflag = 0;
367 if (dvp->v_type != VDIR)
370 MALLOC(dirbuf, char *, DIRBLKSIZ, M_TEMP, M_WAITOK);
372 auio.uio_iov = &aiov;
374 auio.uio_rw = UIO_READ;
375 auio.uio_segflg = UIO_SYSSPACE;
379 vargs.a_gen.a_desc = NULL;
382 vargs.a_cred = td->td_ucred;
383 vargs.a_eofflag = &eofflag;
384 vargs.a_ncookies = NULL;
385 vargs.a_cookies = NULL;
388 auio.uio_resid = DIRBLKSIZ;
389 aiov.iov_base = dirbuf;
390 aiov.iov_len = DIRBLKSIZ;
391 error = ufs_readdir(&vargs);
393 printf("ufs_extattr_iterate_directory: ufs_readdir "
399 * XXXRW: While in UFS, we always get DIRBLKSIZ returns from
400 * the directory code on success, on other file systems this
401 * may not be the case. For portability, we should check the
402 * read length on return from ufs_readdir().
404 edp = (struct dirent *)&dirbuf[DIRBLKSIZ];
405 for (dp = (struct dirent *)dirbuf; dp < edp; ) {
406 #if (BYTE_ORDER == LITTLE_ENDIAN)
407 dp->d_type = dp->d_namlen;
412 if (dp->d_reclen == 0)
414 error = ufs_extattr_lookup(dvp, UE_GETDIR_LOCKPARENT,
415 dp->d_name, &attr_vp, td);
417 printf("ufs_extattr_iterate_directory: lookup "
418 "%s %d\n", dp->d_name, error);
419 } else if (attr_vp == dvp) {
421 } else if (attr_vp->v_type != VREG) {
424 error = ufs_extattr_enable_with_open(ump,
425 attr_vp, attrnamespace, dp->d_name, td);
428 printf("ufs_extattr_iterate_directory: "
429 "enable %s %d\n", dp->d_name,
431 } else if (bootverbose) {
432 printf("UFS autostarted EA %s\n",
436 dp = (struct dirent *) ((char *)dp + dp->d_reclen);
441 FREE(dirbuf, M_TEMP);
447 * Auto-start of extended attributes, to be executed (optionally) at
451 ufs_extattr_autostart(struct mount *mp, struct thread *td)
453 struct ufsmount *ump;
457 ufs_extattr_uepm_lock(ump, td);
458 error = ufs_extattr_autostart_locked(mp, td);
459 ufs_extattr_uepm_unlock(ump, td);
464 ufs_extattr_autostart_locked(struct mount *mp, struct thread *td)
466 struct vnode *rvp, *attr_dvp, *attr_system_dvp, *attr_user_dvp;
467 struct ufsmount *ump = VFSTOUFS(mp);
471 * UFS_EXTATTR applies only to UFS1, as UFS2 uses native extended
472 * attributes, so don't autostart.
474 if (ump->um_fstype != UFS1)
478 * Does UFS_EXTATTR_FSROOTSUBDIR exist off the filesystem root?
479 * If so, automatically start EA's.
481 error = VFS_ROOT(mp, LK_EXCLUSIVE, &rvp, td);
483 printf("ufs_extattr_autostart.VFS_ROOT() returned %d\n",
488 error = ufs_extattr_lookup(rvp, UE_GETDIR_LOCKPARENT_DONT,
489 UFS_EXTATTR_FSROOTSUBDIR, &attr_dvp, td);
491 /* rvp ref'd but now unlocked */
495 if (rvp == attr_dvp) {
496 /* Should never happen. */
503 if (attr_dvp->v_type != VDIR) {
504 printf("ufs_extattr_autostart: %s != VDIR\n",
505 UFS_EXTATTR_FSROOTSUBDIR);
506 goto return_vput_attr_dvp;
509 error = ufs_extattr_start_locked(ump, td);
511 printf("ufs_extattr_autostart: ufs_extattr_start failed (%d)\n",
513 goto return_vput_attr_dvp;
517 * Look for two subdirectories: UFS_EXTATTR_SUBDIR_SYSTEM,
518 * UFS_EXTATTR_SUBDIR_USER. For each, iterate over the sub-directory,
519 * and start with appropriate type. Failures in either don't
520 * result in an over-all failure. attr_dvp is left locked to
521 * be cleaned up on exit.
523 error = ufs_extattr_lookup(attr_dvp, UE_GETDIR_LOCKPARENT,
524 UFS_EXTATTR_SUBDIR_SYSTEM, &attr_system_dvp, td);
526 error = ufs_extattr_iterate_directory(VFSTOUFS(mp),
527 attr_system_dvp, EXTATTR_NAMESPACE_SYSTEM, td);
529 printf("ufs_extattr_iterate_directory returned %d\n",
531 vput(attr_system_dvp);
534 error = ufs_extattr_lookup(attr_dvp, UE_GETDIR_LOCKPARENT,
535 UFS_EXTATTR_SUBDIR_USER, &attr_user_dvp, td);
537 error = ufs_extattr_iterate_directory(VFSTOUFS(mp),
538 attr_user_dvp, EXTATTR_NAMESPACE_USER, td);
540 printf("ufs_extattr_iterate_directory returned %d\n",
545 /* Mask startup failures in sub-directories. */
548 return_vput_attr_dvp:
553 #endif /* !UFS_EXTATTR_AUTOSTART */
556 * Stop extended attribute support on an FS.
559 ufs_extattr_stop(struct mount *mp, struct thread *td)
561 struct ufs_extattr_list_entry *uele;
562 struct ufsmount *ump = VFSTOUFS(mp);
565 ufs_extattr_uepm_lock(ump, td);
567 if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_STARTED)) {
572 while ((uele = LIST_FIRST(&ump->um_extattr.uepm_list)) != NULL) {
573 ufs_extattr_disable(ump, uele->uele_attrnamespace,
574 uele->uele_attrname, td);
577 ump->um_extattr.uepm_flags &= ~UFS_EXTATTR_UEPM_STARTED;
579 crfree(ump->um_extattr.uepm_ucred);
580 ump->um_extattr.uepm_ucred = NULL;
583 ufs_extattr_uepm_unlock(ump, td);
589 * Enable a named attribute on the specified filesystem; provide an
590 * unlocked backing vnode to hold the attribute data.
593 ufs_extattr_enable(struct ufsmount *ump, int attrnamespace,
594 const char *attrname, struct vnode *backing_vnode, struct thread *td)
596 struct ufs_extattr_list_entry *attribute;
601 if (!ufs_extattr_valid_attrname(attrnamespace, attrname))
603 if (backing_vnode->v_type != VREG)
606 MALLOC(attribute, struct ufs_extattr_list_entry *,
607 sizeof(struct ufs_extattr_list_entry), M_UFS_EXTATTR, M_WAITOK);
608 if (attribute == NULL)
611 if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_STARTED)) {
616 if (ufs_extattr_find_attr(ump, attrnamespace, attrname)) {
621 strncpy(attribute->uele_attrname, attrname,
622 UFS_EXTATTR_MAXEXTATTRNAME);
623 attribute->uele_attrnamespace = attrnamespace;
624 bzero(&attribute->uele_fileheader,
625 sizeof(struct ufs_extattr_fileheader));
627 attribute->uele_backing_vnode = backing_vnode;
629 auio.uio_iov = &aiov;
631 aiov.iov_base = (caddr_t) &attribute->uele_fileheader;
632 aiov.iov_len = sizeof(struct ufs_extattr_fileheader);
633 auio.uio_resid = sizeof(struct ufs_extattr_fileheader);
634 auio.uio_offset = (off_t) 0;
635 auio.uio_segflg = UIO_SYSSPACE;
636 auio.uio_rw = UIO_READ;
639 vn_lock(backing_vnode, LK_SHARED | LK_RETRY, td);
640 error = VOP_READ(backing_vnode, &auio, IO_NODELOCKED,
641 ump->um_extattr.uepm_ucred);
644 goto unlock_free_exit;
646 if (auio.uio_resid != 0) {
647 printf("ufs_extattr_enable: malformed attribute header\n");
649 goto unlock_free_exit;
652 if (attribute->uele_fileheader.uef_magic != UFS_EXTATTR_MAGIC) {
653 printf("ufs_extattr_enable: invalid attribute header magic\n");
655 goto unlock_free_exit;
658 if (attribute->uele_fileheader.uef_version != UFS_EXTATTR_VERSION) {
659 printf("ufs_extattr_enable: incorrect attribute header "
662 goto unlock_free_exit;
665 ASSERT_VOP_LOCKED(backing_vnode, "ufs_extattr_enable");
666 LIST_INSERT_HEAD(&ump->um_extattr.uepm_list, attribute,
669 VOP_UNLOCK(backing_vnode, 0, td);
673 VOP_UNLOCK(backing_vnode, 0, td);
676 FREE(attribute, M_UFS_EXTATTR);
681 * Disable extended attribute support on an FS.
684 ufs_extattr_disable(struct ufsmount *ump, int attrnamespace,
685 const char *attrname, struct thread *td)
687 struct ufs_extattr_list_entry *uele;
690 if (!ufs_extattr_valid_attrname(attrnamespace, attrname))
693 uele = ufs_extattr_find_attr(ump, attrnamespace, attrname);
697 LIST_REMOVE(uele, uele_entries);
699 vn_lock(uele->uele_backing_vnode, LK_SHARED | LK_RETRY,
701 ASSERT_VOP_LOCKED(uele->uele_backing_vnode, "ufs_extattr_disable");
702 VOP_UNLOCK(uele->uele_backing_vnode, 0, td);
703 error = vn_close(uele->uele_backing_vnode, FREAD|FWRITE,
706 FREE(uele, M_UFS_EXTATTR);
712 * VFS call to manage extended attributes in UFS. If filename_vp is
713 * non-NULL, it must be passed in locked, and regardless of errors in
714 * processing, will be unlocked.
717 ufs_extattrctl(struct mount *mp, int cmd, struct vnode *filename_vp,
718 int attrnamespace, const char *attrname, struct thread *td)
720 struct ufsmount *ump = VFSTOUFS(mp);
724 * Processes with privilege, but in jail, are not allowed to
725 * configure extended attributes.
727 error = priv_check(td, PRIV_UFS_EXTATTRCTL);
729 if (filename_vp != NULL)
730 VOP_UNLOCK(filename_vp, 0, td);
735 * We only allow extattrctl(2) on UFS1 file systems, as UFS2 uses
736 * native extended attributes.
738 if (ump->um_fstype != UFS1) {
739 if (filename_vp != NULL)
740 VOP_UNLOCK(filename_vp, 0, td);
745 case UFS_EXTATTR_CMD_START:
746 if (filename_vp != NULL) {
747 VOP_UNLOCK(filename_vp, 0, td);
750 if (attrname != NULL)
753 error = ufs_extattr_start(mp, td);
757 case UFS_EXTATTR_CMD_STOP:
758 if (filename_vp != NULL) {
759 VOP_UNLOCK(filename_vp, 0, td);
762 if (attrname != NULL)
765 error = ufs_extattr_stop(mp, td);
769 case UFS_EXTATTR_CMD_ENABLE:
771 if (filename_vp == NULL)
773 if (attrname == NULL) {
774 VOP_UNLOCK(filename_vp, 0, td);
779 * ufs_extattr_enable_with_open() will always unlock the
780 * vnode, regardless of failure.
782 ufs_extattr_uepm_lock(ump, td);
783 error = ufs_extattr_enable_with_open(ump, filename_vp,
784 attrnamespace, attrname, td);
785 ufs_extattr_uepm_unlock(ump, td);
789 case UFS_EXTATTR_CMD_DISABLE:
791 if (filename_vp != NULL) {
792 VOP_UNLOCK(filename_vp, 0, td);
795 if (attrname == NULL)
798 ufs_extattr_uepm_lock(ump, td);
799 error = ufs_extattr_disable(ump, attrnamespace, attrname,
801 ufs_extattr_uepm_unlock(ump, td);
811 * Vnode operating to retrieve a named extended attribute.
814 ufs_getextattr(struct vop_getextattr_args *ap)
817 IN struct vnode *a_vp;
818 IN int a_attrnamespace;
819 IN const char *a_name;
820 INOUT struct uio *a_uio;
822 IN struct ucred *a_cred;
823 IN struct thread *a_td;
827 struct mount *mp = ap->a_vp->v_mount;
828 struct ufsmount *ump = VFSTOUFS(mp);
831 ufs_extattr_uepm_lock(ump, ap->a_td);
833 error = ufs_extattr_get(ap->a_vp, ap->a_attrnamespace, ap->a_name,
834 ap->a_uio, ap->a_size, ap->a_cred, ap->a_td);
836 ufs_extattr_uepm_unlock(ump, ap->a_td);
842 * Real work associated with retrieving a named attribute--assumes that
843 * the attribute lock has already been grabbed.
846 ufs_extattr_get(struct vnode *vp, int attrnamespace, const char *name,
847 struct uio *uio, size_t *size, struct ucred *cred, struct thread *td)
849 struct ufs_extattr_list_entry *attribute;
850 struct ufs_extattr_header ueh;
851 struct iovec local_aiov;
852 struct uio local_aio;
853 struct mount *mp = vp->v_mount;
854 struct ufsmount *ump = VFSTOUFS(mp);
855 struct inode *ip = VTOI(vp);
860 if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_STARTED))
863 if (strlen(name) == 0)
866 error = extattr_check_cred(vp, attrnamespace, cred, td, IREAD);
870 attribute = ufs_extattr_find_attr(ump, attrnamespace, name);
875 * Allow only offsets of zero to encourage the read/replace
876 * extended attribute semantic. Otherwise we can't guarantee
877 * atomicity, as we don't provide locks for extended attributes.
879 if (uio != NULL && uio->uio_offset != 0)
883 * Find base offset of header in file based on file header size, and
884 * data header size + maximum data size, indexed by inode number.
886 base_offset = sizeof(struct ufs_extattr_fileheader) +
887 ip->i_number * (sizeof(struct ufs_extattr_header) +
888 attribute->uele_fileheader.uef_size);
891 * Read in the data header to see if the data is defined, and if so
894 bzero(&ueh, sizeof(struct ufs_extattr_header));
895 local_aiov.iov_base = (caddr_t) &ueh;
896 local_aiov.iov_len = sizeof(struct ufs_extattr_header);
897 local_aio.uio_iov = &local_aiov;
898 local_aio.uio_iovcnt = 1;
899 local_aio.uio_rw = UIO_READ;
900 local_aio.uio_segflg = UIO_SYSSPACE;
901 local_aio.uio_td = td;
902 local_aio.uio_offset = base_offset;
903 local_aio.uio_resid = sizeof(struct ufs_extattr_header);
908 * Don't need to get a lock on the backing file if the getattr is
909 * being applied to the backing file, as the lock is already held.
911 if (attribute->uele_backing_vnode != vp)
912 vn_lock(attribute->uele_backing_vnode, LK_SHARED |
915 error = VOP_READ(attribute->uele_backing_vnode, &local_aio,
916 IO_NODELOCKED, ump->um_extattr.uepm_ucred);
921 if ((ueh.ueh_flags & UFS_EXTATTR_ATTR_FLAG_INUSE) == 0) {
926 /* Valid for the current inode generation? */
927 if (ueh.ueh_i_gen != ip->i_gen) {
929 * The inode itself has a different generation number
930 * than the attribute data. For now, the best solution
931 * is to coerce this to undefined, and let it get cleaned
932 * up by the next write or extattrctl clean.
934 printf("ufs_extattr_get (%s): inode number inconsistency (%d, %jd)\n",
935 mp->mnt_stat.f_mntonname, ueh.ueh_i_gen, (intmax_t)ip->i_gen);
940 /* Local size consistency check. */
941 if (ueh.ueh_len > attribute->uele_fileheader.uef_size) {
946 /* Return full data size if caller requested it. */
950 /* Return data if the caller requested it. */
952 /* Allow for offset into the attribute data. */
953 uio->uio_offset = base_offset + sizeof(struct
957 * Figure out maximum to transfer -- use buffer size and
960 len = MIN(uio->uio_resid, ueh.ueh_len);
961 old_len = uio->uio_resid;
962 uio->uio_resid = len;
964 error = VOP_READ(attribute->uele_backing_vnode, uio,
965 IO_NODELOCKED, ump->um_extattr.uepm_ucred);
969 uio->uio_resid = old_len - (len - uio->uio_resid);
977 if (attribute->uele_backing_vnode != vp)
978 VOP_UNLOCK(attribute->uele_backing_vnode, 0, td);
984 * Vnode operation to remove a named attribute.
987 ufs_deleteextattr(struct vop_deleteextattr_args *ap)
990 IN struct vnode *a_vp;
991 IN int a_attrnamespace;
992 IN const char *a_name;
993 IN struct ucred *a_cred;
994 IN struct thread *a_td;
998 struct mount *mp = ap->a_vp->v_mount;
999 struct ufsmount *ump = VFSTOUFS(mp);
1002 ufs_extattr_uepm_lock(ump, ap->a_td);
1004 error = ufs_extattr_rm(ap->a_vp, ap->a_attrnamespace, ap->a_name,
1005 ap->a_cred, ap->a_td);
1008 ufs_extattr_uepm_unlock(ump, ap->a_td);
1014 * Vnode operation to set a named attribute.
1017 ufs_setextattr(struct vop_setextattr_args *ap)
1020 IN struct vnode *a_vp;
1021 IN int a_attrnamespace;
1022 IN const char *a_name;
1023 INOUT struct uio *a_uio;
1024 IN struct ucred *a_cred;
1025 IN struct thread *a_td;
1029 struct mount *mp = ap->a_vp->v_mount;
1030 struct ufsmount *ump = VFSTOUFS(mp);
1033 ufs_extattr_uepm_lock(ump, ap->a_td);
1036 * XXX: No longer a supported way to delete extended attributes.
1038 if (ap->a_uio == NULL)
1041 error = ufs_extattr_set(ap->a_vp, ap->a_attrnamespace, ap->a_name,
1042 ap->a_uio, ap->a_cred, ap->a_td);
1044 ufs_extattr_uepm_unlock(ump, ap->a_td);
1050 * Real work associated with setting a vnode's extended attributes;
1051 * assumes that the attribute lock has already been grabbed.
1054 ufs_extattr_set(struct vnode *vp, int attrnamespace, const char *name,
1055 struct uio *uio, struct ucred *cred, struct thread *td)
1057 struct ufs_extattr_list_entry *attribute;
1058 struct ufs_extattr_header ueh;
1059 struct iovec local_aiov;
1060 struct uio local_aio;
1061 struct mount *mp = vp->v_mount;
1062 struct ufsmount *ump = VFSTOUFS(mp);
1063 struct inode *ip = VTOI(vp);
1065 int error = 0, ioflag;
1067 if (vp->v_mount->mnt_flag & MNT_RDONLY)
1069 if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_STARTED))
1070 return (EOPNOTSUPP);
1071 if (!ufs_extattr_valid_attrname(attrnamespace, name))
1074 error = extattr_check_cred(vp, attrnamespace, cred, td, IWRITE);
1078 attribute = ufs_extattr_find_attr(ump, attrnamespace, name);
1083 * Early rejection of invalid offsets/length.
1084 * Reject: any offset but 0 (replace)
1085 * Any size greater than attribute size limit
1087 if (uio->uio_offset != 0 ||
1088 uio->uio_resid > attribute->uele_fileheader.uef_size)
1092 * Find base offset of header in file based on file header size, and
1093 * data header size + maximum data size, indexed by inode number.
1095 base_offset = sizeof(struct ufs_extattr_fileheader) +
1096 ip->i_number * (sizeof(struct ufs_extattr_header) +
1097 attribute->uele_fileheader.uef_size);
1100 * Write out a data header for the data.
1102 ueh.ueh_len = uio->uio_resid;
1103 ueh.ueh_flags = UFS_EXTATTR_ATTR_FLAG_INUSE;
1104 ueh.ueh_i_gen = ip->i_gen;
1105 local_aiov.iov_base = (caddr_t) &ueh;
1106 local_aiov.iov_len = sizeof(struct ufs_extattr_header);
1107 local_aio.uio_iov = &local_aiov;
1108 local_aio.uio_iovcnt = 1;
1109 local_aio.uio_rw = UIO_WRITE;
1110 local_aio.uio_segflg = UIO_SYSSPACE;
1111 local_aio.uio_td = td;
1112 local_aio.uio_offset = base_offset;
1113 local_aio.uio_resid = sizeof(struct ufs_extattr_header);
1118 * Don't need to get a lock on the backing file if the setattr is
1119 * being applied to the backing file, as the lock is already held.
1121 if (attribute->uele_backing_vnode != vp)
1122 vn_lock(attribute->uele_backing_vnode,
1123 LK_EXCLUSIVE | LK_RETRY, td);
1125 ioflag = IO_NODELOCKED;
1126 if (ufs_extattr_sync)
1128 error = VOP_WRITE(attribute->uele_backing_vnode, &local_aio, ioflag,
1129 ump->um_extattr.uepm_ucred);
1131 goto vopunlock_exit;
1133 if (local_aio.uio_resid != 0) {
1135 goto vopunlock_exit;
1139 * Write out user data.
1141 uio->uio_offset = base_offset + sizeof(struct ufs_extattr_header);
1143 ioflag = IO_NODELOCKED;
1144 if (ufs_extattr_sync)
1146 error = VOP_WRITE(attribute->uele_backing_vnode, uio, ioflag,
1147 ump->um_extattr.uepm_ucred);
1150 uio->uio_offset = 0;
1152 if (attribute->uele_backing_vnode != vp)
1153 VOP_UNLOCK(attribute->uele_backing_vnode, 0, td);
1159 * Real work associated with removing an extended attribute from a vnode.
1160 * Assumes the attribute lock has already been grabbed.
1163 ufs_extattr_rm(struct vnode *vp, int attrnamespace, const char *name,
1164 struct ucred *cred, struct thread *td)
1166 struct ufs_extattr_list_entry *attribute;
1167 struct ufs_extattr_header ueh;
1168 struct iovec local_aiov;
1169 struct uio local_aio;
1170 struct mount *mp = vp->v_mount;
1171 struct ufsmount *ump = VFSTOUFS(mp);
1172 struct inode *ip = VTOI(vp);
1174 int error = 0, ioflag;
1176 if (vp->v_mount->mnt_flag & MNT_RDONLY)
1178 if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_STARTED))
1179 return (EOPNOTSUPP);
1180 if (!ufs_extattr_valid_attrname(attrnamespace, name))
1183 error = extattr_check_cred(vp, attrnamespace, cred, td, IWRITE);
1187 attribute = ufs_extattr_find_attr(ump, attrnamespace, name);
1192 * Find base offset of header in file based on file header size, and
1193 * data header size + maximum data size, indexed by inode number.
1195 base_offset = sizeof(struct ufs_extattr_fileheader) +
1196 ip->i_number * (sizeof(struct ufs_extattr_header) +
1197 attribute->uele_fileheader.uef_size);
1200 * Check to see if currently defined.
1202 bzero(&ueh, sizeof(struct ufs_extattr_header));
1204 local_aiov.iov_base = (caddr_t) &ueh;
1205 local_aiov.iov_len = sizeof(struct ufs_extattr_header);
1206 local_aio.uio_iov = &local_aiov;
1207 local_aio.uio_iovcnt = 1;
1208 local_aio.uio_rw = UIO_READ;
1209 local_aio.uio_segflg = UIO_SYSSPACE;
1210 local_aio.uio_td = td;
1211 local_aio.uio_offset = base_offset;
1212 local_aio.uio_resid = sizeof(struct ufs_extattr_header);
1215 * Don't need to get the lock on the backing vnode if the vnode we're
1216 * modifying is it, as we already hold the lock.
1218 if (attribute->uele_backing_vnode != vp)
1219 vn_lock(attribute->uele_backing_vnode,
1220 LK_EXCLUSIVE | LK_RETRY, td);
1222 error = VOP_READ(attribute->uele_backing_vnode, &local_aio,
1223 IO_NODELOCKED, ump->um_extattr.uepm_ucred);
1225 goto vopunlock_exit;
1228 if ((ueh.ueh_flags & UFS_EXTATTR_ATTR_FLAG_INUSE) == 0) {
1230 goto vopunlock_exit;
1233 /* Valid for the current inode generation? */
1234 if (ueh.ueh_i_gen != ip->i_gen) {
1236 * The inode itself has a different generation number than
1237 * the attribute data. For now, the best solution is to
1238 * coerce this to undefined, and let it get cleaned up by
1239 * the next write or extattrctl clean.
1241 printf("ufs_extattr_rm (%s): inode number inconsistency (%d, %jd)\n",
1242 mp->mnt_stat.f_mntonname, ueh.ueh_i_gen, (intmax_t)ip->i_gen);
1244 goto vopunlock_exit;
1247 /* Flag it as not in use. */
1251 local_aiov.iov_base = (caddr_t) &ueh;
1252 local_aiov.iov_len = sizeof(struct ufs_extattr_header);
1253 local_aio.uio_iov = &local_aiov;
1254 local_aio.uio_iovcnt = 1;
1255 local_aio.uio_rw = UIO_WRITE;
1256 local_aio.uio_segflg = UIO_SYSSPACE;
1257 local_aio.uio_td = td;
1258 local_aio.uio_offset = base_offset;
1259 local_aio.uio_resid = sizeof(struct ufs_extattr_header);
1261 ioflag = IO_NODELOCKED;
1262 if (ufs_extattr_sync)
1264 error = VOP_WRITE(attribute->uele_backing_vnode, &local_aio, ioflag,
1265 ump->um_extattr.uepm_ucred);
1267 goto vopunlock_exit;
1269 if (local_aio.uio_resid != 0)
1273 VOP_UNLOCK(attribute->uele_backing_vnode, 0, td);
1279 * Called by UFS when an inode is no longer active and should have its
1280 * attributes stripped.
1283 ufs_extattr_vnode_inactive(struct vnode *vp, struct thread *td)
1285 struct ufs_extattr_list_entry *uele;
1286 struct mount *mp = vp->v_mount;
1287 struct ufsmount *ump = VFSTOUFS(mp);
1290 * In that case, we cannot lock. We should not have any active vnodes
1291 * on the fs if this is not yet initialized but is going to be, so
1292 * this can go unlocked.
1294 if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_INITIALIZED))
1297 ufs_extattr_uepm_lock(ump, td);
1299 if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_STARTED)) {
1300 ufs_extattr_uepm_unlock(ump, td);
1304 LIST_FOREACH(uele, &ump->um_extattr.uepm_list, uele_entries)
1305 ufs_extattr_rm(vp, uele->uele_attrnamespace,
1306 uele->uele_attrname, NULL, td);
1308 ufs_extattr_uepm_unlock(ump, td);
1311 #endif /* !UFS_EXTATTR */