2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1982, 1986, 1989, 1993, 1995
5 * The Regents of the University of California. All rights reserved.
6 * (c) UNIX System Laboratories, Inc.
7 * All or some portions of this file are derived from material licensed
8 * to the University of California by American Telephone and Telegraph
9 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
10 * the permission of UNIX System Laboratories, Inc.
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 3. Neither the name of the University nor the names of its contributors
21 * may be used to endorse or promote products derived from this software
22 * without specific prior written permission.
24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * @(#)ufs_vnops.c 8.27 (Berkeley) 5/27/95
39 #include <sys/cdefs.h>
40 __FBSDID("$FreeBSD$");
42 #include "opt_quota.h"
43 #include "opt_suiddir.h"
47 #include <sys/param.h>
48 #include <sys/systm.h>
49 #include <sys/malloc.h>
50 #include <sys/namei.h>
51 #include <sys/kernel.h>
52 #include <sys/fcntl.h>
53 #include <sys/filio.h>
57 #include <sys/mount.h>
59 #include <sys/refcount.h>
60 #include <sys/unistd.h>
61 #include <sys/vnode.h>
62 #include <sys/dirent.h>
63 #include <sys/lockf.h>
68 #include <security/audit/audit.h>
69 #include <security/mac/mac_framework.h>
71 #include <sys/file.h> /* XXX */
74 #include <vm/vm_extern.h>
76 #include <ufs/ufs/acl.h>
77 #include <ufs/ufs/extattr.h>
78 #include <ufs/ufs/quota.h>
79 #include <ufs/ufs/inode.h>
80 #include <ufs/ufs/dir.h>
81 #include <ufs/ufs/ufsmount.h>
82 #include <ufs/ufs/ufs_extern.h>
84 #include <ufs/ufs/dirhash.h>
87 #include <ufs/ufs/gjournal.h>
88 FEATURE(ufs_gjournal, "Journaling support through GEOM for UFS");
92 FEATURE(ufs_quota, "UFS disk quotas support");
93 FEATURE(ufs_quota64, "64bit UFS disk quotas support");
98 "Give all new files in directory the same ownership as the directory");
103 #include <ufs/ffs/ffs_extern.h>
105 static vop_accessx_t ufs_accessx;
106 static vop_fplookup_vexec_t ufs_fplookup_vexec;
107 static int ufs_chmod(struct vnode *, int, struct ucred *, struct thread *);
108 static int ufs_chown(struct vnode *, uid_t, gid_t, struct ucred *, struct thread *);
109 static vop_close_t ufs_close;
110 static vop_create_t ufs_create;
111 static vop_stat_t ufs_stat;
112 static vop_getattr_t ufs_getattr;
113 static vop_ioctl_t ufs_ioctl;
114 static vop_link_t ufs_link;
115 static int ufs_makeinode(int mode, struct vnode *, struct vnode **, struct componentname *, const char *);
116 static vop_mmapped_t ufs_mmapped;
117 static vop_mkdir_t ufs_mkdir;
118 static vop_mknod_t ufs_mknod;
119 static vop_open_t ufs_open;
120 static vop_pathconf_t ufs_pathconf;
121 static vop_print_t ufs_print;
122 static vop_readlink_t ufs_readlink;
123 static vop_remove_t ufs_remove;
124 static vop_rename_t ufs_rename;
125 static vop_rmdir_t ufs_rmdir;
126 static vop_setattr_t ufs_setattr;
127 static vop_strategy_t ufs_strategy;
128 static vop_symlink_t ufs_symlink;
129 static vop_whiteout_t ufs_whiteout;
130 static vop_close_t ufsfifo_close;
131 static vop_kqfilter_t ufsfifo_kqfilter;
133 SYSCTL_NODE(_vfs, OID_AUTO, ufs, CTLFLAG_RD | CTLFLAG_MPSAFE, 0,
137 * A virgin directory (no blushing please).
139 static struct dirtemplate mastertemplate = {
140 0, 12, DT_DIR, 1, ".",
141 0, DIRBLKSIZ - 12, DT_DIR, 2, ".."
143 static struct odirtemplate omastertemplate = {
145 0, DIRBLKSIZ - 12, 2, ".."
149 ufs_itimes_locked(struct vnode *vp)
154 ASSERT_VI_LOCKED(vp, __func__);
159 if ((ip->i_flag & (IN_ACCESS | IN_CHANGE | IN_UPDATE)) == 0)
162 if ((vp->v_type == VBLK || vp->v_type == VCHR) && !DOINGSOFTDEP(vp))
163 UFS_INODE_SET_FLAG(ip, IN_LAZYMOD);
164 else if (((vp->v_mount->mnt_kern_flag &
165 (MNTK_SUSPENDED | MNTK_SUSPEND)) == 0) ||
166 (ip->i_flag & (IN_CHANGE | IN_UPDATE)))
167 UFS_INODE_SET_FLAG(ip, IN_MODIFIED);
168 else if (ip->i_flag & IN_ACCESS)
169 UFS_INODE_SET_FLAG(ip, IN_LAZYACCESS);
171 if (ip->i_flag & IN_ACCESS) {
172 DIP_SET(ip, i_atime, ts.tv_sec);
173 DIP_SET(ip, i_atimensec, ts.tv_nsec);
175 if (ip->i_flag & IN_UPDATE) {
176 DIP_SET(ip, i_mtime, ts.tv_sec);
177 DIP_SET(ip, i_mtimensec, ts.tv_nsec);
179 if (ip->i_flag & IN_CHANGE) {
180 DIP_SET(ip, i_ctime, ts.tv_sec);
181 DIP_SET(ip, i_ctimensec, ts.tv_nsec);
182 DIP_SET(ip, i_modrev, DIP(ip, i_modrev) + 1);
186 ip->i_flag &= ~(IN_ACCESS | IN_CHANGE | IN_UPDATE);
190 ufs_itimes(struct vnode *vp)
194 ufs_itimes_locked(vp);
199 * Create a regular file
203 struct vop_create_args /* {
205 struct vnode **a_vpp;
206 struct componentname *a_cnp;
213 ufs_makeinode(MAKEIMODE(ap->a_vap->va_type, ap->a_vap->va_mode),
214 ap->a_dvp, ap->a_vpp, ap->a_cnp, "ufs_create");
217 if ((ap->a_cnp->cn_flags & MAKEENTRY) != 0)
218 cache_enter(ap->a_dvp, *ap->a_vpp, ap->a_cnp);
228 struct vop_mknod_args /* {
230 struct vnode **a_vpp;
231 struct componentname *a_cnp;
235 struct vattr *vap = ap->a_vap;
236 struct vnode **vpp = ap->a_vpp;
241 error = ufs_makeinode(MAKEIMODE(vap->va_type, vap->va_mode),
242 ap->a_dvp, vpp, ap->a_cnp, "ufs_mknod");
246 UFS_INODE_SET_FLAG(ip, IN_ACCESS | IN_CHANGE | IN_UPDATE);
247 if (vap->va_rdev != VNOVAL) {
249 * Want to be able to use this to make badblock
250 * inodes, so don't truncate the dev number.
252 DIP_SET(ip, i_rdev, vap->va_rdev);
255 * Remove inode, then reload it through VFS_VGET so it is
256 * checked to see if it is an alias of an existing entry in
257 * the inode cache. XXX I don't believe this is necessary now.
259 (*vpp)->v_type = VNON;
260 ino = ip->i_number; /* Save this before vgone() invalidates ip. */
263 error = VFS_VGET(ap->a_dvp->v_mount, ino, LK_EXCLUSIVE, vpp);
276 ufs_open(struct vop_open_args *ap)
278 struct vnode *vp = ap->a_vp;
281 if (vp->v_type == VCHR || vp->v_type == VBLK)
285 vnode_create_vobject(vp, DIP(ip, i_size), ap->a_td);
286 if (vp->v_type == VREG && (vp->v_irflag & VIRF_PGREAD) == 0) {
288 vp->v_irflag |= VIRF_PGREAD;
293 * Files marked append-only must be opened for appending.
295 if ((ip->i_flags & APPEND) &&
296 (ap->a_mode & (FWRITE | O_APPEND)) == FWRITE)
305 * Update the times on the inode.
310 struct vop_close_args /* {
313 struct ucred *a_cred;
317 struct vnode *vp = ap->a_vp;
321 usecount = vp->v_usecount;
323 ufs_itimes_locked(vp);
330 struct vop_accessx_args /* {
333 struct ucred *a_cred;
337 struct vnode *vp = ap->a_vp;
338 struct inode *ip = VTOI(vp);
339 accmode_t accmode = ap->a_accmode;
347 * Disallow write attempts on read-only filesystems;
348 * unless the file is a socket, fifo, or a block or
349 * character device resident on the filesystem.
351 if (accmode & VMODIFY_PERMS) {
352 switch (vp->v_type) {
356 if (vp->v_mount->mnt_flag & MNT_RDONLY)
360 * Inode is accounted in the quotas only if struct
361 * dquot is attached to it. VOP_ACCESS() is called
362 * from vn_open_cred() and provides a convenient
363 * point to call getinoquota(). The lock mode is
364 * exclusive when the file is opening for write.
366 if (VOP_ISLOCKED(vp) == LK_EXCLUSIVE) {
367 error = getinoquota(ip);
379 * If immutable bit set, nobody gets to write it. "& ~VADMIN_PERMS"
380 * permits the owner of the file to remove the IMMUTABLE flag.
382 if ((accmode & (VMODIFY_PERMS & ~VADMIN_PERMS)) &&
383 (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT)))
387 if ((vp->v_mount->mnt_flag & (MNT_ACLS | MNT_NFS4ACLS)) != 0) {
388 if (vp->v_mount->mnt_flag & MNT_NFS4ACLS)
389 type = ACL_TYPE_NFS4;
391 type = ACL_TYPE_ACCESS;
393 acl = acl_alloc(M_WAITOK);
394 if (type == ACL_TYPE_NFS4)
395 error = ufs_getacl_nfs4_internal(vp, acl, ap->a_td);
397 error = VOP_GETACL(vp, type, acl, ap->a_cred, ap->a_td);
400 if (type == ACL_TYPE_NFS4) {
401 error = vaccess_acl_nfs4(vp->v_type, ip->i_uid,
402 ip->i_gid, acl, accmode, ap->a_cred);
404 error = vfs_unixify_accmode(&accmode);
406 error = vaccess_acl_posix1e(vp->v_type, ip->i_uid,
407 ip->i_gid, acl, accmode, ap->a_cred);
411 if (error != EOPNOTSUPP)
413 "ufs_accessx(): Error retrieving ACL on object (%d).\n",
416 * XXX: Fall back until debugged. Should
417 * eventually possibly log an error, and return
420 error = vfs_unixify_accmode(&accmode);
422 error = vaccess(vp->v_type, ip->i_mode,
423 ip->i_uid, ip->i_gid, accmode, ap->a_cred);
429 #endif /* !UFS_ACL */
430 error = vfs_unixify_accmode(&accmode);
432 error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, ip->i_gid,
433 accmode, ap->a_cred);
438 * VOP_FPLOOKUP_VEXEC routines are subject to special circumstances, see
439 * the comment above cache_fplookup for details.
442 ufs_fplookup_vexec(ap)
443 struct vop_fplookup_vexec_args /* {
445 struct ucred *a_cred;
456 if (__predict_false(ip == NULL))
462 * ACLs are not supported and UFS clears/sets this flag on mount and
463 * remount. However, we may still be racing with seeing them and there
464 * is no provision to make sure they were accounted for. This matches
465 * the behavior of the locked case, since the lookup there is also
466 * racy: mount takes no measures to block anyone from progressing.
468 all_x = S_IXUSR | S_IXGRP | S_IXOTH;
469 mode = atomic_load_short(&ip->i_mode);
470 if (__predict_true((mode & all_x) == all_x))
474 return (vaccess_vexec_smr(mode, ip->i_uid, ip->i_gid, cred));
479 ufs_stat(struct vop_stat_args *ap)
481 struct vnode *vp = ap->a_vp;
482 struct inode *ip = VTOI(vp);
483 struct stat *sb = ap->a_sb;
486 error = vop_stat_helper_pre(ap);
487 if (__predict_false(error))
491 ufs_itimes_locked(vp);
493 sb->st_atim.tv_sec = ip->i_din1->di_atime;
494 sb->st_atim.tv_nsec = ip->i_din1->di_atimensec;
496 sb->st_atim.tv_sec = ip->i_din2->di_atime;
497 sb->st_atim.tv_nsec = ip->i_din2->di_atimensec;
501 sb->st_dev = dev2udev(ITOUMP(ip)->um_dev);
502 sb->st_ino = ip->i_number;
503 sb->st_mode = (ip->i_mode & ~IFMT) | VTTOIF(vp->v_type);
504 sb->st_nlink = ip->i_effnlink;
505 sb->st_uid = ip->i_uid;
506 sb->st_gid = ip->i_gid;
508 sb->st_rdev = ip->i_din1->di_rdev;
509 sb->st_size = ip->i_din1->di_size;
510 sb->st_mtim.tv_sec = ip->i_din1->di_mtime;
511 sb->st_mtim.tv_nsec = ip->i_din1->di_mtimensec;
512 sb->st_ctim.tv_sec = ip->i_din1->di_ctime;
513 sb->st_ctim.tv_nsec = ip->i_din1->di_ctimensec;
514 sb->st_birthtim.tv_sec = -1;
515 sb->st_birthtim.tv_nsec = 0;
516 sb->st_blocks = dbtob((u_quad_t)ip->i_din1->di_blocks) / S_BLKSIZE;
518 sb->st_rdev = ip->i_din2->di_rdev;
519 sb->st_size = ip->i_din2->di_size;
520 sb->st_mtim.tv_sec = ip->i_din2->di_mtime;
521 sb->st_mtim.tv_nsec = ip->i_din2->di_mtimensec;
522 sb->st_ctim.tv_sec = ip->i_din2->di_ctime;
523 sb->st_ctim.tv_nsec = ip->i_din2->di_ctimensec;
524 sb->st_birthtim.tv_sec = ip->i_din2->di_birthtime;
525 sb->st_birthtim.tv_nsec = ip->i_din2->di_birthnsec;
526 sb->st_blocks = dbtob((u_quad_t)ip->i_din2->di_blocks) / S_BLKSIZE;
529 sb->st_blksize = max(PAGE_SIZE, vp->v_mount->mnt_stat.f_iosize);
530 sb->st_flags = ip->i_flags;
531 sb->st_gen = ip->i_gen;
533 return (vop_stat_helper_post(ap, error));
539 struct vop_getattr_args /* {
542 struct ucred *a_cred;
545 struct vnode *vp = ap->a_vp;
546 struct inode *ip = VTOI(vp);
547 struct vattr *vap = ap->a_vap;
550 ufs_itimes_locked(vp);
552 vap->va_atime.tv_sec = ip->i_din1->di_atime;
553 vap->va_atime.tv_nsec = ip->i_din1->di_atimensec;
555 vap->va_atime.tv_sec = ip->i_din2->di_atime;
556 vap->va_atime.tv_nsec = ip->i_din2->di_atimensec;
560 * Copy from inode table
562 vap->va_fsid = dev2udev(ITOUMP(ip)->um_dev);
563 vap->va_fileid = ip->i_number;
564 vap->va_mode = ip->i_mode & ~IFMT;
565 vap->va_nlink = ip->i_effnlink;
566 vap->va_uid = ip->i_uid;
567 vap->va_gid = ip->i_gid;
569 vap->va_rdev = ip->i_din1->di_rdev;
570 vap->va_size = ip->i_din1->di_size;
571 vap->va_mtime.tv_sec = ip->i_din1->di_mtime;
572 vap->va_mtime.tv_nsec = ip->i_din1->di_mtimensec;
573 vap->va_ctime.tv_sec = ip->i_din1->di_ctime;
574 vap->va_ctime.tv_nsec = ip->i_din1->di_ctimensec;
575 vap->va_bytes = dbtob((u_quad_t)ip->i_din1->di_blocks);
576 vap->va_filerev = ip->i_din1->di_modrev;
578 vap->va_rdev = ip->i_din2->di_rdev;
579 vap->va_size = ip->i_din2->di_size;
580 vap->va_mtime.tv_sec = ip->i_din2->di_mtime;
581 vap->va_mtime.tv_nsec = ip->i_din2->di_mtimensec;
582 vap->va_ctime.tv_sec = ip->i_din2->di_ctime;
583 vap->va_ctime.tv_nsec = ip->i_din2->di_ctimensec;
584 vap->va_birthtime.tv_sec = ip->i_din2->di_birthtime;
585 vap->va_birthtime.tv_nsec = ip->i_din2->di_birthnsec;
586 vap->va_bytes = dbtob((u_quad_t)ip->i_din2->di_blocks);
587 vap->va_filerev = ip->i_din2->di_modrev;
589 vap->va_flags = ip->i_flags;
590 vap->va_gen = ip->i_gen;
591 vap->va_blocksize = vp->v_mount->mnt_stat.f_iosize;
592 vap->va_type = IFTOVT(ip->i_mode);
597 * Set attribute vnode op. called from several syscalls
601 struct vop_setattr_args /* {
604 struct ucred *a_cred;
607 struct vattr *vap = ap->a_vap;
608 struct vnode *vp = ap->a_vp;
609 struct inode *ip = VTOI(vp);
610 struct ucred *cred = ap->a_cred;
611 struct thread *td = curthread;
615 * Check for unsettable attributes.
617 if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) ||
618 (vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) ||
619 (vap->va_blocksize != VNOVAL) || (vap->va_rdev != VNOVAL) ||
620 ((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) {
623 if (vap->va_flags != VNOVAL) {
624 if ((vap->va_flags & ~(SF_APPEND | SF_ARCHIVED | SF_IMMUTABLE |
625 SF_NOUNLINK | SF_SNAPSHOT | UF_APPEND | UF_ARCHIVE |
626 UF_HIDDEN | UF_IMMUTABLE | UF_NODUMP | UF_NOUNLINK |
627 UF_OFFLINE | UF_OPAQUE | UF_READONLY | UF_REPARSE |
628 UF_SPARSE | UF_SYSTEM)) != 0)
630 if (vp->v_mount->mnt_flag & MNT_RDONLY)
633 * Callers may only modify the file flags on objects they
634 * have VADMIN rights for.
636 if ((error = VOP_ACCESS(vp, VADMIN, cred, td)))
639 * Unprivileged processes are not permitted to unset system
640 * flags, or modify flags if any system flags are set.
641 * Privileged non-jail processes may not modify system flags
642 * if securelevel > 0 and any existing system flags are set.
643 * Privileged jail processes behave like privileged non-jail
644 * processes if the PR_ALLOW_CHFLAGS permission bit is set;
645 * otherwise, they behave like unprivileged processes.
647 if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS)) {
649 (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) {
650 error = securelevel_gt(cred, 0);
654 /* The snapshot flag cannot be toggled. */
655 if ((vap->va_flags ^ ip->i_flags) & SF_SNAPSHOT)
659 (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) ||
660 ((vap->va_flags ^ ip->i_flags) & SF_SETTABLE))
663 ip->i_flags = vap->va_flags;
664 DIP_SET(ip, i_flags, vap->va_flags);
665 UFS_INODE_SET_FLAG(ip, IN_CHANGE);
666 error = UFS_UPDATE(vp, 0);
667 if (ip->i_flags & (IMMUTABLE | APPEND))
671 * If immutable or append, no one can change any of its attributes
672 * except the ones already handled (in some cases, file flags
673 * including the immutability flags themselves for the superuser).
675 if (ip->i_flags & (IMMUTABLE | APPEND))
678 * Go through the fields and update iff not VNOVAL.
680 if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) {
681 if (vp->v_mount->mnt_flag & MNT_RDONLY)
683 if ((error = ufs_chown(vp, vap->va_uid, vap->va_gid, cred,
687 if (vap->va_size != VNOVAL) {
689 * XXX most of the following special cases should be in
690 * callers instead of in N filesystems. The VDIR check
693 switch (vp->v_type) {
699 * Truncation should have an effect in these cases.
700 * Disallow it if the filesystem is read-only or
701 * the file is being snapshotted.
703 if (vp->v_mount->mnt_flag & MNT_RDONLY)
705 if ((ip->i_flags & SF_SNAPSHOT) != 0)
710 * According to POSIX, the result is unspecified
711 * for file types other than regular files,
712 * directories and shared memory objects. We
713 * don't support shared memory objects in the file
714 * system, and have dubious support for truncating
715 * symlinks. Just ignore the request in other cases.
719 if ((error = UFS_TRUNCATE(vp, vap->va_size, IO_NORMAL |
720 ((vap->va_vaflags & VA_SYNC) != 0 ? IO_SYNC : 0),
724 if (vap->va_atime.tv_sec != VNOVAL ||
725 vap->va_mtime.tv_sec != VNOVAL ||
726 vap->va_birthtime.tv_sec != VNOVAL) {
727 if (vp->v_mount->mnt_flag & MNT_RDONLY)
729 if ((ip->i_flags & SF_SNAPSHOT) != 0)
731 error = vn_utimes_perm(vp, vap, cred, td);
734 UFS_INODE_SET_FLAG(ip, IN_CHANGE | IN_MODIFIED);
735 if (vap->va_atime.tv_sec != VNOVAL) {
736 ip->i_flag &= ~IN_ACCESS;
737 DIP_SET(ip, i_atime, vap->va_atime.tv_sec);
738 DIP_SET(ip, i_atimensec, vap->va_atime.tv_nsec);
740 if (vap->va_mtime.tv_sec != VNOVAL) {
741 ip->i_flag &= ~IN_UPDATE;
742 DIP_SET(ip, i_mtime, vap->va_mtime.tv_sec);
743 DIP_SET(ip, i_mtimensec, vap->va_mtime.tv_nsec);
745 if (vap->va_birthtime.tv_sec != VNOVAL && I_IS_UFS2(ip)) {
746 ip->i_din2->di_birthtime = vap->va_birthtime.tv_sec;
747 ip->i_din2->di_birthnsec = vap->va_birthtime.tv_nsec;
749 error = UFS_UPDATE(vp, 0);
754 if (vap->va_mode != (mode_t)VNOVAL) {
755 if (vp->v_mount->mnt_flag & MNT_RDONLY)
757 if ((ip->i_flags & SF_SNAPSHOT) != 0 && (vap->va_mode &
758 (S_IXUSR | S_IWUSR | S_IXGRP | S_IWGRP | S_IXOTH | S_IWOTH)))
760 error = ufs_chmod(vp, (int)vap->va_mode, cred, td);
767 ufs_update_nfs4_acl_after_mode_change(struct vnode *vp, int mode,
768 int file_owner_id, struct ucred *cred, struct thread *td)
773 aclp = acl_alloc(M_WAITOK);
774 error = ufs_getacl_nfs4_internal(vp, aclp, td);
776 * We don't have to handle EOPNOTSUPP here, as the filesystem claims
782 acl_nfs4_sync_acl_from_mode(aclp, mode, file_owner_id);
783 error = ufs_setacl_nfs4_internal(vp, aclp, td);
793 struct vop_mmapped_args /* {
805 if ((mp->mnt_flag & (MNT_NOATIME | MNT_RDONLY)) == 0)
806 UFS_INODE_SET_FLAG_SHARED(ip, IN_ACCESS);
808 * XXXKIB No UFS_UPDATE(ap->a_vp, 0) there.
814 * Change the mode on a file.
815 * Inode must be locked before calling.
818 ufs_chmod(vp, mode, cred, td)
824 struct inode *ip = VTOI(vp);
828 * To modify the permissions on a file, must possess VADMIN
831 if ((error = VOP_ACCESSX(vp, VWRITE_ACL, cred, td)))
834 * Privileged processes may set the sticky bit on non-directories,
835 * as well as set the setgid bit on a file with a group that the
836 * process is not a member of. Both of these are allowed in
839 if (vp->v_type != VDIR && (mode & S_ISTXT)) {
840 if (priv_check_cred(cred, PRIV_VFS_STICKYFILE))
843 if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) {
844 error = priv_check_cred(cred, PRIV_VFS_SETGID);
850 * Deny setting setuid if we are not the file owner.
852 if ((mode & ISUID) && ip->i_uid != cred->cr_uid) {
853 error = priv_check_cred(cred, PRIV_VFS_ADMIN);
858 newmode = ip->i_mode & ~ALLPERMS;
859 newmode |= (mode & ALLPERMS);
860 UFS_INODE_SET_MODE(ip, newmode);
861 DIP_SET(ip, i_mode, ip->i_mode);
862 UFS_INODE_SET_FLAG(ip, IN_CHANGE);
864 if ((vp->v_mount->mnt_flag & MNT_NFS4ACLS) != 0)
865 error = ufs_update_nfs4_acl_after_mode_change(vp, mode, ip->i_uid, cred, td);
867 if (error == 0 && (ip->i_flag & IN_CHANGE) != 0)
868 error = UFS_UPDATE(vp, 0);
874 * Perform chown operation on inode ip;
875 * inode must be locked prior to call.
878 ufs_chown(vp, uid, gid, cred, td)
885 struct inode *ip = VTOI(vp);
894 if (uid == (uid_t)VNOVAL)
896 if (gid == (gid_t)VNOVAL)
899 * To modify the ownership of a file, must possess VADMIN for that
902 if ((error = VOP_ACCESSX(vp, VWRITE_OWNER, cred, td)))
905 * To change the owner of a file, or change the group of a file to a
906 * group of which we are not a member, the caller must have
909 if (((uid != ip->i_uid && uid != cred->cr_uid) ||
910 (gid != ip->i_gid && !groupmember(gid, cred))) &&
911 (error = priv_check_cred(cred, PRIV_VFS_CHOWN)))
916 if ((error = getinoquota(ip)) != 0)
919 dqrele(vp, ip->i_dquot[USRQUOTA]);
920 ip->i_dquot[USRQUOTA] = NODQUOT;
923 dqrele(vp, ip->i_dquot[GRPQUOTA]);
924 ip->i_dquot[GRPQUOTA] = NODQUOT;
926 change = DIP(ip, i_blocks);
927 (void) chkdq(ip, -change, cred, CHOWN|FORCE);
928 (void) chkiq(ip, -1, cred, CHOWN|FORCE);
929 for (i = 0; i < MAXQUOTAS; i++) {
930 dqrele(vp, ip->i_dquot[i]);
931 ip->i_dquot[i] = NODQUOT;
935 DIP_SET(ip, i_gid, gid);
937 DIP_SET(ip, i_uid, uid);
939 if ((error = getinoquota(ip)) == 0) {
941 dqrele(vp, ip->i_dquot[USRQUOTA]);
942 ip->i_dquot[USRQUOTA] = NODQUOT;
945 dqrele(vp, ip->i_dquot[GRPQUOTA]);
946 ip->i_dquot[GRPQUOTA] = NODQUOT;
948 if ((error = chkdq(ip, change, cred, CHOWN)) == 0) {
949 if ((error = chkiq(ip, 1, cred, CHOWN)) == 0)
952 (void) chkdq(ip, -change, cred, CHOWN|FORCE);
954 for (i = 0; i < MAXQUOTAS; i++) {
955 dqrele(vp, ip->i_dquot[i]);
956 ip->i_dquot[i] = NODQUOT;
960 DIP_SET(ip, i_gid, ogid);
962 DIP_SET(ip, i_uid, ouid);
963 if (getinoquota(ip) == 0) {
965 dqrele(vp, ip->i_dquot[USRQUOTA]);
966 ip->i_dquot[USRQUOTA] = NODQUOT;
969 dqrele(vp, ip->i_dquot[GRPQUOTA]);
970 ip->i_dquot[GRPQUOTA] = NODQUOT;
972 (void) chkdq(ip, change, cred, FORCE|CHOWN);
973 (void) chkiq(ip, 1, cred, FORCE|CHOWN);
974 (void) getinoquota(ip);
979 panic("ufs_chown: lost quota");
981 UFS_INODE_SET_FLAG(ip, IN_CHANGE);
982 if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) {
983 if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID)) {
984 UFS_INODE_SET_MODE(ip, ip->i_mode & ~(ISUID | ISGID));
985 DIP_SET(ip, i_mode, ip->i_mode);
988 error = UFS_UPDATE(vp, 0);
994 struct vop_remove_args /* {
997 struct componentname *a_cnp;
1001 struct vnode *vp = ap->a_vp;
1002 struct vnode *dvp = ap->a_dvp;
1008 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) ||
1009 (VTOI(dvp)->i_flags & APPEND))
1011 if (DOINGSOFTDEP(dvp)) {
1012 error = softdep_prelink(dvp, vp, true);
1014 MPASS(error == ERELOOKUP);
1020 ufs_gjournal_orphan(vp);
1022 error = ufs_dirremove(dvp, ip, ap->a_cnp->cn_flags, 0);
1023 if (ip->i_nlink <= 0)
1024 vp->v_vflag |= VV_NOSYNC;
1025 if ((ip->i_flags & SF_SNAPSHOT) != 0) {
1027 * Avoid deadlock where another thread is trying to
1028 * update the inodeblock for dvp and is waiting on
1029 * snaplk. Temporary unlock the vnode lock for the
1030 * unlinked file and sync the directory. This should
1031 * allow vput() of the directory to not block later on
1032 * while holding the snapshot vnode locked, assuming
1033 * that the directory hasn't been unlinked too.
1036 (void) VOP_FSYNC(dvp, MNT_WAIT, td);
1037 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
1043 print_bad_link_count(const char *funcname, struct vnode *dvp)
1048 uprintf("%s: Bad link count %d on parent inode %jd in file system %s\n",
1049 funcname, dip->i_effnlink, (intmax_t)dip->i_number,
1050 dvp->v_mount->mnt_stat.f_mntonname);
1058 struct vop_link_args /* {
1059 struct vnode *a_tdvp;
1061 struct componentname *a_cnp;
1064 struct vnode *vp = ap->a_vp;
1065 struct vnode *tdvp = ap->a_tdvp;
1066 struct componentname *cnp = ap->a_cnp;
1068 struct direct newdir;
1072 if ((cnp->cn_flags & HASBUF) == 0)
1073 panic("ufs_link: no name");
1076 if (DOINGSOFTDEP(tdvp)) {
1077 error = softdep_prelink(tdvp, vp, true);
1079 MPASS(error == ERELOOKUP);
1084 if (VTOI(tdvp)->i_effnlink < 2) {
1085 print_bad_link_count("ufs_link", tdvp);
1090 if (ip->i_nlink >= UFS_LINK_MAX) {
1095 * The file may have been removed after namei droped the original
1098 if (ip->i_effnlink == 0) {
1102 if (ip->i_flags & (IMMUTABLE | APPEND)) {
1109 DIP_SET(ip, i_nlink, ip->i_nlink);
1110 UFS_INODE_SET_FLAG(ip, IN_CHANGE);
1111 if (DOINGSOFTDEP(vp))
1112 softdep_setup_link(VTOI(tdvp), ip);
1113 error = UFS_UPDATE(vp, !DOINGSOFTDEP(vp) && !DOINGASYNC(vp));
1115 ufs_makedirentry(ip, cnp, &newdir);
1116 error = ufs_direnter(tdvp, vp, &newdir, cnp, NULL, 0);
1122 DIP_SET(ip, i_nlink, ip->i_nlink);
1123 UFS_INODE_SET_FLAG(ip, IN_CHANGE);
1124 if (DOINGSOFTDEP(vp))
1125 softdep_revert_link(VTOI(tdvp), ip);
1132 * whiteout vnode call
1136 struct vop_whiteout_args /* {
1137 struct vnode *a_dvp;
1138 struct componentname *a_cnp;
1142 struct vnode *dvp = ap->a_dvp;
1143 struct componentname *cnp = ap->a_cnp;
1144 struct direct newdir;
1147 if (DOINGSOFTDEP(dvp) && (ap->a_flags == CREATE ||
1148 ap->a_flags == DELETE)) {
1149 error = softdep_prelink(dvp, NULL, true);
1151 MPASS(error == ERELOOKUP);
1156 switch (ap->a_flags) {
1158 /* 4.4 format directories support whiteout operations */
1159 if (dvp->v_mount->mnt_maxsymlinklen > 0)
1161 return (EOPNOTSUPP);
1164 /* create a new directory whiteout */
1166 if ((cnp->cn_flags & SAVENAME) == 0)
1167 panic("ufs_whiteout: missing name");
1168 if (dvp->v_mount->mnt_maxsymlinklen <= 0)
1169 panic("ufs_whiteout: old format filesystem");
1172 newdir.d_ino = UFS_WINO;
1173 newdir.d_namlen = cnp->cn_namelen;
1174 bcopy(cnp->cn_nameptr, newdir.d_name, (unsigned)cnp->cn_namelen + 1);
1175 newdir.d_type = DT_WHT;
1176 error = ufs_direnter(dvp, NULL, &newdir, cnp, NULL, 0);
1180 /* remove an existing directory whiteout */
1182 if (dvp->v_mount->mnt_maxsymlinklen <= 0)
1183 panic("ufs_whiteout: old format filesystem");
1186 cnp->cn_flags &= ~DOWHITEOUT;
1187 error = ufs_dirremove(dvp, NULL, cnp->cn_flags, 0);
1190 panic("ufs_whiteout: unknown op");
1195 static volatile int rename_restarts;
1196 SYSCTL_INT(_vfs_ufs, OID_AUTO, rename_restarts, CTLFLAG_RD,
1197 __DEVOLATILE(int *, &rename_restarts), 0,
1198 "Times rename had to restart due to lock contention");
1201 * Rename system call.
1202 * rename("foo", "bar");
1205 * link("foo", "bar");
1207 * but ``atomically''. Can't do full commit without saving state in the
1208 * inode on disk which isn't feasible at this time. Best we can do is
1209 * always guarantee the target exists.
1211 * Basic algorithm is:
1213 * 1) Bump link count on source while we're linking it to the
1214 * target. This also ensure the inode won't be deleted out
1215 * from underneath us while we work (it may be truncated by
1216 * a concurrent `trunc' or `open' for creation).
1217 * 2) Link source to destination. If destination already exists,
1219 * 3) Unlink source reference to inode if still around. If a
1220 * directory was moved and the parent of the destination
1221 * is different from the source, patch the ".." entry in the
1226 struct vop_rename_args /* {
1227 struct vnode *a_fdvp;
1228 struct vnode *a_fvp;
1229 struct componentname *a_fcnp;
1230 struct vnode *a_tdvp;
1231 struct vnode *a_tvp;
1232 struct componentname *a_tcnp;
1235 struct vnode *tvp = ap->a_tvp;
1236 struct vnode *tdvp = ap->a_tdvp;
1237 struct vnode *fvp = ap->a_fvp;
1238 struct vnode *fdvp = ap->a_fdvp;
1240 struct componentname *tcnp = ap->a_tcnp;
1241 struct componentname *fcnp = ap->a_fcnp;
1242 struct thread *td = fcnp->cn_thread;
1243 struct inode *fip, *tip, *tdp, *fdp;
1244 struct direct newdir;
1246 int doingdirectory, newparent;
1252 want_seqc_end = false;
1255 if ((tcnp->cn_flags & HASBUF) == 0 ||
1256 (fcnp->cn_flags & HASBUF) == 0)
1257 panic("ufs_rename: no name");
1262 if (tvp && tvp != tdvp)
1265 * Check for cross-device rename.
1267 if ((fvp->v_mount != tdvp->v_mount) ||
1268 (tvp && (fvp->v_mount != tvp->v_mount))) {
1275 * We need to acquire 2 to 4 locks depending on whether tvp is NULL
1276 * and fdvp and tdvp are the same directory. Subsequently we need
1277 * to double-check all paths and in the directory rename case we
1278 * need to verify that we are not creating a directory loop. To
1279 * handle this we acquire all but fdvp using non-blocking
1280 * acquisitions. If we fail to acquire any lock in the path we will
1281 * drop all held locks, acquire the new lock in a blocking fashion,
1282 * and then release it and restart the rename. This acquire/release
1283 * step ensures that we do not spin on a lock waiting for release.
1285 error = vn_lock(fdvp, LK_EXCLUSIVE);
1288 if (vn_lock(tdvp, LK_EXCLUSIVE | LK_NOWAIT) != 0) {
1290 error = vn_lock(tdvp, LK_EXCLUSIVE);
1294 atomic_add_int(&rename_restarts, 1);
1298 * Re-resolve fvp to be certain it still exists and fetch the
1301 error = ufs_lookup_ino(fdvp, NULL, fcnp, &ino);
1307 error = VFS_VGET(mp, ino, LK_EXCLUSIVE | LK_NOWAIT, &nvp);
1313 error = VFS_VGET(mp, ino, LK_EXCLUSIVE, &nvp);
1319 atomic_add_int(&rename_restarts, 1);
1325 * Re-resolve tvp and acquire the vnode lock if present.
1327 error = ufs_lookup_ino(tdvp, NULL, tcnp, &ino);
1328 if (error != 0 && error != EJUSTRETURN) {
1335 * If tvp disappeared we just carry on.
1337 if (error == EJUSTRETURN && tvp != NULL) {
1342 * Get the tvp ino if the lookup succeeded. We may have to restart
1343 * if the non-blocking acquire fails.
1347 error = VFS_VGET(mp, ino, LK_EXCLUSIVE | LK_NOWAIT, &nvp);
1357 error = VFS_VGET(mp, ino, LK_EXCLUSIVE, &nvp);
1361 atomic_add_int(&rename_restarts, 1);
1366 if (DOINGSOFTDEP(fdvp)) {
1367 error = softdep_prerename(fdvp, fvp, tdvp, tvp);
1369 if (error == ERELOOKUP) {
1370 atomic_add_int(&rename_restarts, 1);
1383 if (tvp && ((VTOI(tvp)->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) ||
1384 (VTOI(tdvp)->i_flags & APPEND))) {
1389 * Renaming a file to itself has no effect. The upper layers should
1390 * not call us in that case. However, things could change after
1391 * we drop the locks above.
1399 ino = fip->i_number;
1400 if (fip->i_nlink >= UFS_LINK_MAX) {
1404 if ((fip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))
1405 || (fdp->i_flags & APPEND)) {
1409 if ((fip->i_mode & IFMT) == IFDIR) {
1411 * Avoid ".", "..", and aliases of "." for obvious reasons.
1413 if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') ||
1415 (fcnp->cn_flags | tcnp->cn_flags) & ISDOTDOT) {
1419 if (fdp->i_number != tdp->i_number)
1420 newparent = tdp->i_number;
1423 if ((fvp->v_type == VDIR && fvp->v_mountedhere != NULL) ||
1424 (tvp != NULL && tvp->v_type == VDIR &&
1425 tvp->v_mountedhere != NULL)) {
1431 * If ".." must be changed (ie the directory gets a new
1432 * parent) then the source directory must not be in the
1433 * directory hierarchy above the target, as this would
1434 * orphan everything below the source directory. Also
1435 * the user must have write permission in the source so
1436 * as to be able to change "..".
1438 if (doingdirectory && newparent) {
1439 error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred, tcnp->cn_thread);
1442 error = ufs_checkpath(ino, fdp->i_number, tdp, tcnp->cn_cred,
1445 * We encountered a lock that we have to wait for. Unlock
1446 * everything else and VGET before restarting.
1454 error = VFS_VGET(mp, ino, LK_SHARED, &nvp);
1457 atomic_add_int(&rename_restarts, 1);
1462 if ((tcnp->cn_flags & SAVESTART) == 0)
1463 panic("ufs_rename: lost to startdir");
1465 if (fip->i_effnlink == 0 || fdp->i_effnlink == 0 ||
1466 tdp->i_effnlink == 0)
1467 panic("Bad effnlink fip %p, fdp %p, tdp %p", fip, fdp, tdp);
1470 vn_seqc_write_begin(tvp);
1471 vn_seqc_write_begin(tdvp);
1472 vn_seqc_write_begin(fvp);
1473 vn_seqc_write_begin(fdvp);
1474 want_seqc_end = true;
1477 * 1) Bump link count while we're moving stuff
1478 * around. If we crash somewhere before
1479 * completing our work, the link count
1480 * may be wrong, but correctable.
1484 DIP_SET(fip, i_nlink, fip->i_nlink);
1485 UFS_INODE_SET_FLAG(fip, IN_CHANGE);
1486 if (DOINGSOFTDEP(fvp))
1487 softdep_setup_link(tdp, fip);
1488 error = UFS_UPDATE(fvp, !DOINGSOFTDEP(fvp) && !DOINGASYNC(fvp));
1493 * 2) If target doesn't exist, link the target
1494 * to the source and unlink the source.
1495 * Otherwise, rewrite the target directory
1496 * entry to reference the source inode and
1497 * expunge the original entry's existence.
1500 if (ITODEV(tdp) != ITODEV(fip))
1501 panic("ufs_rename: EXDEV");
1502 if (doingdirectory && newparent) {
1504 * Account for ".." in new directory.
1505 * When source and destination have the same
1506 * parent we don't adjust the link count. The
1507 * actual link modification is completed when
1508 * .. is rewritten below.
1510 if (tdp->i_nlink >= UFS_LINK_MAX) {
1515 ufs_makedirentry(fip, tcnp, &newdir);
1516 error = ufs_direnter(tdvp, NULL, &newdir, tcnp, NULL, 1);
1519 /* Setup tdvp for directory compaction if needed. */
1520 if (I_COUNT(tdp) != 0 && I_ENDOFF(tdp) != 0 &&
1521 I_ENDOFF(tdp) < tdp->i_size)
1522 endoff = I_ENDOFF(tdp);
1524 if (ITODEV(tip) != ITODEV(tdp) || ITODEV(tip) != ITODEV(fip))
1525 panic("ufs_rename: EXDEV");
1527 * Short circuit rename(foo, foo).
1529 if (tip->i_number == fip->i_number)
1530 panic("ufs_rename: same file");
1532 * If the parent directory is "sticky", then the caller
1533 * must possess VADMIN for the parent directory, or the
1534 * destination of the rename. This implements append-only
1537 if ((tdp->i_mode & S_ISTXT) &&
1538 VOP_ACCESS(tdvp, VADMIN, tcnp->cn_cred, td) &&
1539 VOP_ACCESS(tvp, VADMIN, tcnp->cn_cred, td)) {
1544 * Target must be empty if a directory and have no links
1545 * to it. Also, ensure source and target are compatible
1546 * (both directories, or both not directories).
1548 if ((tip->i_mode & IFMT) == IFDIR) {
1549 if ((tip->i_effnlink > 2) ||
1550 !ufs_dirempty(tip, tdp->i_number, tcnp->cn_cred)) {
1554 if (!doingdirectory) {
1559 } else if (doingdirectory) {
1563 if (doingdirectory) {
1566 if (DOINGSOFTDEP(tdvp))
1567 softdep_change_linkcnt(tdp);
1570 if (DOINGSOFTDEP(tvp))
1571 softdep_change_linkcnt(tip);
1573 error = ufs_dirrewrite(tdp, tip, fip->i_number,
1574 IFTODT(fip->i_mode),
1575 (doingdirectory && newparent) ? newparent : doingdirectory);
1577 if (doingdirectory) {
1580 if (DOINGSOFTDEP(tdvp))
1581 softdep_change_linkcnt(tdp);
1584 if (DOINGSOFTDEP(tvp))
1585 softdep_change_linkcnt(tip);
1589 if (doingdirectory && !DOINGSOFTDEP(tvp)) {
1591 * The only stuff left in the directory is "."
1592 * and "..". The "." reference is inconsequential
1593 * since we are quashing it. We have removed the "."
1594 * reference and the reference in the parent directory,
1595 * but there may be other hard links. The soft
1596 * dependency code will arrange to do these operations
1597 * after the parent directory entry has been deleted on
1598 * disk, so when running with that code we avoid doing
1603 DIP_SET(tdp, i_nlink, tdp->i_nlink);
1604 UFS_INODE_SET_FLAG(tdp, IN_CHANGE);
1607 DIP_SET(tip, i_nlink, tip->i_nlink);
1608 UFS_INODE_SET_FLAG(tip, IN_CHANGE);
1613 * 3) Unlink the source. We have to resolve the path again to
1614 * fixup the directory offset and count for ufs_dirremove.
1617 error = ufs_lookup_ino(fdvp, NULL, fcnp, &ino);
1619 panic("ufs_rename: from entry went away!");
1620 if (ino != fip->i_number)
1621 panic("ufs_rename: ino mismatch %ju != %ju\n",
1622 (uintmax_t)ino, (uintmax_t)fip->i_number);
1625 * If the source is a directory with a
1626 * new parent, the link count of the old
1627 * parent directory must be decremented
1628 * and ".." set to point to the new parent.
1630 if (doingdirectory && newparent) {
1632 * If tip exists we simply use its link, otherwise we must
1638 DIP_SET(tdp, i_nlink, tdp->i_nlink);
1639 UFS_INODE_SET_FLAG(tdp, IN_CHANGE);
1640 if (DOINGSOFTDEP(tdvp))
1641 softdep_setup_dotdot_link(tdp, fip);
1642 error = UFS_UPDATE(tdvp, !DOINGSOFTDEP(tdvp) &&
1644 /* Don't go to bad here as the new link exists. */
1647 } else if (DOINGSUJ(tdvp))
1648 /* Journal must account for each new link. */
1649 softdep_setup_dotdot_link(tdp, fip);
1650 SET_I_OFFSET(fip, mastertemplate.dot_reclen);
1651 ufs_dirrewrite(fip, fdp, newparent, DT_DIR, 0);
1654 error = ufs_dirremove(fdvp, fip, fcnp->cn_flags, 0);
1656 * The kern_renameat() looks up the fvp using the DELETE flag, which
1657 * causes the removal of the name cache entry for fvp.
1658 * As the relookup of the fvp is done in two steps:
1659 * ufs_lookup_ino() and then VFS_VGET(), another thread might do a
1660 * normal lookup of the from name just before the VFS_VGET() call,
1661 * causing the cache entry to be re-instantiated.
1663 * The same issue also applies to tvp if it exists as
1664 * otherwise we may have a stale name cache entry for the new
1665 * name that references the old i-node if it has other links
1666 * or open file descriptors.
1668 cache_vop_rename(fdvp, fvp, tdvp, tvp, fcnp, tcnp);
1671 if (want_seqc_end) {
1673 vn_seqc_write_end(tvp);
1674 vn_seqc_write_end(tdvp);
1675 vn_seqc_write_end(fvp);
1676 vn_seqc_write_end(fdvp);
1684 * If compaction or fsync was requested do it now that other locks
1685 * are no longer needed.
1687 if (error == 0 && endoff != 0) {
1689 error = UFS_TRUNCATE(tdvp, endoff, IO_NORMAL |
1690 (DOINGASYNC(tdvp) ? 0 : IO_SYNC), tcnp->cn_cred);
1691 } while (error == ERELOOKUP);
1692 if (error != 0 && !ffs_fsfail_cleanup(VFSTOUFS(mp), error))
1694 "ufs_rename: failed to truncate, error %d\n",
1698 ufsdirhash_free(tdp);
1699 else if (tdp->i_dirhash != NULL)
1700 ufsdirhash_dirtrunc(tdp, endoff);
1703 * Even if the directory compaction failed, rename was
1704 * succesful. Do not propagate a UFS_TRUNCATE() error
1709 if (error == 0 && tdp->i_flag & IN_NEEDSYNC) {
1711 error = VOP_FSYNC(tdvp, MNT_WAIT, td);
1712 } while (error == ERELOOKUP);
1720 DIP_SET(fip, i_nlink, fip->i_nlink);
1721 UFS_INODE_SET_FLAG(fip, IN_CHANGE);
1722 if (DOINGSOFTDEP(fvp))
1723 softdep_revert_link(tdp, fip);
1727 if (want_seqc_end) {
1729 vn_seqc_write_end(tvp);
1730 vn_seqc_write_end(tdvp);
1731 vn_seqc_write_end(fvp);
1732 vn_seqc_write_end(fdvp);
1746 ufs_do_posix1e_acl_inheritance_dir(struct vnode *dvp, struct vnode *tvp,
1747 mode_t dmode, struct ucred *cred, struct thread *td)
1750 struct inode *ip = VTOI(tvp);
1751 struct acl *dacl, *acl;
1753 acl = acl_alloc(M_WAITOK);
1754 dacl = acl_alloc(M_WAITOK);
1757 * Retrieve default ACL from parent, if any.
1759 error = VOP_GETACL(dvp, ACL_TYPE_DEFAULT, acl, cred, td);
1763 * Retrieved a default ACL, so merge mode and ACL if
1764 * necessary. If the ACL is empty, fall through to
1765 * the "not defined or available" case.
1767 if (acl->acl_cnt != 0) {
1768 dmode = acl_posix1e_newfilemode(dmode, acl);
1769 UFS_INODE_SET_MODE(ip, dmode);
1770 DIP_SET(ip, i_mode, dmode);
1772 ufs_sync_acl_from_inode(ip, acl);
1779 * Just use the mode as-is.
1781 UFS_INODE_SET_MODE(ip, dmode);
1782 DIP_SET(ip, i_mode, dmode);
1791 * XXX: If we abort now, will Soft Updates notify the extattr
1792 * code that the EAs for the file need to be released?
1794 error = VOP_SETACL(tvp, ACL_TYPE_ACCESS, acl, cred, td);
1796 error = VOP_SETACL(tvp, ACL_TYPE_DEFAULT, dacl, cred, td);
1803 * XXX: This should not happen, as EOPNOTSUPP above
1804 * was supposed to free acl.
1806 printf("ufs_mkdir: VOP_GETACL() but no VOP_SETACL()\n");
1808 panic("ufs_mkdir: VOP_GETACL() but no VOP_SETACL()");
1824 ufs_do_posix1e_acl_inheritance_file(struct vnode *dvp, struct vnode *tvp,
1825 mode_t mode, struct ucred *cred, struct thread *td)
1828 struct inode *ip = VTOI(tvp);
1831 acl = acl_alloc(M_WAITOK);
1834 * Retrieve default ACL for parent, if any.
1836 error = VOP_GETACL(dvp, ACL_TYPE_DEFAULT, acl, cred, td);
1840 * Retrieved a default ACL, so merge mode and ACL if
1843 if (acl->acl_cnt != 0) {
1845 * Two possible ways for default ACL to not
1846 * be present. First, the EA can be
1847 * undefined, or second, the default ACL can
1848 * be blank. If it's blank, fall through to
1849 * the it's not defined case.
1851 mode = acl_posix1e_newfilemode(mode, acl);
1852 UFS_INODE_SET_MODE(ip, mode);
1853 DIP_SET(ip, i_mode, mode);
1854 ufs_sync_acl_from_inode(ip, acl);
1861 * Just use the mode as-is.
1863 UFS_INODE_SET_MODE(ip, mode);
1864 DIP_SET(ip, i_mode, mode);
1873 * XXX: If we abort now, will Soft Updates notify the extattr
1874 * code that the EAs for the file need to be released?
1876 error = VOP_SETACL(tvp, ACL_TYPE_ACCESS, acl, cred, td);
1883 * XXX: This should not happen, as EOPNOTSUPP above was
1884 * supposed to free acl.
1886 printf("ufs_do_posix1e_acl_inheritance_file: VOP_GETACL() "
1887 "but no VOP_SETACL()\n");
1888 /* panic("ufs_do_posix1e_acl_inheritance_file: VOP_GETACL() "
1889 "but no VOP_SETACL()"); */
1903 ufs_do_nfs4_acl_inheritance(struct vnode *dvp, struct vnode *tvp,
1904 mode_t child_mode, struct ucred *cred, struct thread *td)
1907 struct acl *parent_aclp, *child_aclp;
1909 parent_aclp = acl_alloc(M_WAITOK);
1910 child_aclp = acl_alloc(M_WAITOK | M_ZERO);
1912 error = ufs_getacl_nfs4_internal(dvp, parent_aclp, td);
1915 acl_nfs4_compute_inherited_acl(parent_aclp, child_aclp,
1916 child_mode, VTOI(tvp)->i_uid, tvp->v_type == VDIR);
1917 error = ufs_setacl_nfs4_internal(tvp, child_aclp, td);
1921 acl_free(parent_aclp);
1922 acl_free(child_aclp);
1933 struct vop_mkdir_args /* {
1934 struct vnode *a_dvp;
1935 struct vnode **a_vpp;
1936 struct componentname *a_cnp;
1937 struct vattr *a_vap;
1940 struct vnode *dvp = ap->a_dvp;
1941 struct vattr *vap = ap->a_vap;
1942 struct componentname *cnp = ap->a_cnp;
1943 struct inode *ip, *dp;
1946 struct dirtemplate dirtemplate, *dtp;
1947 struct direct newdir;
1952 if ((cnp->cn_flags & HASBUF) == 0)
1953 panic("ufs_mkdir: no name");
1956 if (dp->i_nlink >= UFS_LINK_MAX) {
1960 dmode = vap->va_mode & 0777;
1964 * Must simulate part of ufs_makeinode here to acquire the inode,
1965 * but not have it entered in the parent directory. The entry is
1966 * made later after writing "." and ".." entries.
1968 if (dp->i_effnlink < 2) {
1969 print_bad_link_count("ufs_mkdir", dvp);
1974 if (DOINGSOFTDEP(dvp)) {
1975 error = softdep_prelink(dvp, NULL, true);
1977 MPASS(error == ERELOOKUP);
1982 error = UFS_VALLOC(dvp, dmode, cnp->cn_cred, &tvp);
1985 vn_seqc_write_begin(tvp);
1987 ip->i_gid = dp->i_gid;
1988 DIP_SET(ip, i_gid, dp->i_gid);
1992 struct ucred ucred, *ucp;
1997 * If we are hacking owners here, (only do this where told to)
1998 * and we are not giving it TO root, (would subvert quotas)
1999 * then go ahead and give it to the other user.
2000 * The new directory also inherits the SUID bit.
2001 * If user's UID and dir UID are the same,
2002 * 'give it away' so that the SUID is still forced on.
2004 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) &&
2005 (dp->i_mode & ISUID) && dp->i_uid) {
2007 ip->i_uid = dp->i_uid;
2008 DIP_SET(ip, i_uid, dp->i_uid);
2010 if (dp->i_uid != cnp->cn_cred->cr_uid) {
2012 * Make sure the correct user gets charged
2014 * Make a dummy credential for the victim.
2015 * XXX This seems to never be accessed out of
2016 * our context so a stack variable is ok.
2018 refcount_init(&ucred.cr_ref, 1);
2019 ucred.cr_uid = ip->i_uid;
2020 ucred.cr_ngroups = 1;
2021 ucred.cr_groups = &ucred_group;
2022 ucred.cr_groups[0] = dp->i_gid;
2027 ip->i_uid = cnp->cn_cred->cr_uid;
2028 DIP_SET(ip, i_uid, ip->i_uid);
2031 if ((error = getinoquota(ip)) ||
2032 (error = chkiq(ip, 1, ucp, 0))) {
2033 if (DOINGSOFTDEP(tvp))
2034 softdep_revert_link(dp, ip);
2035 UFS_VFREE(tvp, ip->i_number, dmode);
2036 vn_seqc_write_end(tvp);
2043 #else /* !SUIDDIR */
2044 ip->i_uid = cnp->cn_cred->cr_uid;
2045 DIP_SET(ip, i_uid, ip->i_uid);
2047 if ((error = getinoquota(ip)) ||
2048 (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
2049 if (DOINGSOFTDEP(tvp))
2050 softdep_revert_link(dp, ip);
2051 UFS_VFREE(tvp, ip->i_number, dmode);
2052 vn_seqc_write_end(tvp);
2058 #endif /* !SUIDDIR */
2059 UFS_INODE_SET_FLAG(ip, IN_ACCESS | IN_CHANGE | IN_UPDATE);
2060 UFS_INODE_SET_MODE(ip, dmode);
2061 DIP_SET(ip, i_mode, dmode);
2062 tvp->v_type = VDIR; /* Rest init'd in getnewvnode(). */
2065 DIP_SET(ip, i_nlink, 2);
2067 if (cnp->cn_flags & ISWHITEOUT) {
2068 ip->i_flags |= UF_OPAQUE;
2069 DIP_SET(ip, i_flags, ip->i_flags);
2073 * Bump link count in parent directory to reflect work done below.
2074 * Should be done before reference is created so cleanup is
2075 * possible if we crash.
2079 DIP_SET(dp, i_nlink, dp->i_nlink);
2080 UFS_INODE_SET_FLAG(dp, IN_CHANGE);
2081 if (DOINGSOFTDEP(dvp))
2082 softdep_setup_mkdir(dp, ip);
2083 error = UFS_UPDATE(dvp, !DOINGSOFTDEP(dvp) && !DOINGASYNC(dvp));
2087 if (dvp->v_mount->mnt_flag & MNT_MULTILABEL) {
2088 error = mac_vnode_create_extattr(cnp->cn_cred, dvp->v_mount,
2095 if (dvp->v_mount->mnt_flag & MNT_ACLS) {
2096 error = ufs_do_posix1e_acl_inheritance_dir(dvp, tvp, dmode,
2097 cnp->cn_cred, cnp->cn_thread);
2100 } else if (dvp->v_mount->mnt_flag & MNT_NFS4ACLS) {
2101 error = ufs_do_nfs4_acl_inheritance(dvp, tvp, dmode,
2102 cnp->cn_cred, cnp->cn_thread);
2106 #endif /* !UFS_ACL */
2109 * Initialize directory with "." and ".." from static template.
2111 if (dvp->v_mount->mnt_maxsymlinklen > 0)
2112 dtp = &mastertemplate;
2114 dtp = (struct dirtemplate *)&omastertemplate;
2116 dirtemplate.dot_ino = ip->i_number;
2117 dirtemplate.dotdot_ino = dp->i_number;
2118 vnode_pager_setsize(tvp, DIRBLKSIZ);
2119 if ((error = UFS_BALLOC(tvp, (off_t)0, DIRBLKSIZ, cnp->cn_cred,
2120 BA_CLRBUF, &bp)) != 0)
2122 ip->i_size = DIRBLKSIZ;
2123 DIP_SET(ip, i_size, DIRBLKSIZ);
2124 UFS_INODE_SET_FLAG(ip, IN_SIZEMOD | IN_CHANGE | IN_UPDATE);
2125 bcopy((caddr_t)&dirtemplate, (caddr_t)bp->b_data, sizeof dirtemplate);
2126 if (DOINGSOFTDEP(tvp)) {
2128 * Ensure that the entire newly allocated block is a
2129 * valid directory so that future growth within the
2130 * block does not have to ensure that the block is
2131 * written before the inode.
2134 while (blkoff < bp->b_bcount) {
2136 (bp->b_data + blkoff))->d_reclen = DIRBLKSIZ;
2137 blkoff += DIRBLKSIZ;
2140 if ((error = UFS_UPDATE(tvp, !DOINGSOFTDEP(tvp) &&
2141 !DOINGASYNC(tvp))) != 0) {
2146 * Directory set up, now install its entry in the parent directory.
2148 * If we are not doing soft dependencies, then we must write out the
2149 * buffer containing the new directory body before entering the new
2150 * name in the parent. If we are doing soft dependencies, then the
2151 * buffer containing the new directory body will be passed to and
2152 * released in the soft dependency code after the code has attached
2153 * an appropriate ordering dependency to the buffer which ensures that
2154 * the buffer is written before the new name is written in the parent.
2156 if (DOINGASYNC(dvp))
2158 else if (!DOINGSOFTDEP(dvp) && ((error = bwrite(bp))))
2160 ufs_makedirentry(ip, cnp, &newdir);
2161 error = ufs_direnter(dvp, tvp, &newdir, cnp, bp, 0);
2166 vn_seqc_write_end(tvp);
2170 DIP_SET(dp, i_nlink, dp->i_nlink);
2171 UFS_INODE_SET_FLAG(dp, IN_CHANGE);
2173 * No need to do an explicit VOP_TRUNCATE here, vrele will
2174 * do this for us because we set the link count to 0.
2178 DIP_SET(ip, i_nlink, 0);
2179 UFS_INODE_SET_FLAG(ip, IN_CHANGE);
2180 if (DOINGSOFTDEP(tvp))
2181 softdep_revert_mkdir(dp, ip);
2182 vn_seqc_write_end(tvp);
2191 * Rmdir system call.
2195 struct vop_rmdir_args /* {
2196 struct vnode *a_dvp;
2198 struct componentname *a_cnp;
2201 struct vnode *vp = ap->a_vp;
2202 struct vnode *dvp = ap->a_dvp;
2203 struct componentname *cnp = ap->a_cnp;
2204 struct inode *ip, *dp;
2211 * Do not remove a directory that is in the process of being renamed.
2212 * Verify the directory is empty (and valid). Rmdir ".." will not be
2213 * valid since ".." will contain a reference to the current directory
2214 * and thus be non-empty. Do not allow the removal of mounted on
2215 * directories (this can happen when an NFS exported filesystem
2216 * tries to remove a locally mounted on directory).
2219 if (dp->i_effnlink <= 2) {
2220 if (dp->i_effnlink == 2)
2221 print_bad_link_count("ufs_rmdir", dvp);
2225 if (!ufs_dirempty(ip, dp->i_number, cnp->cn_cred)) {
2229 if ((dp->i_flags & APPEND)
2230 || (ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))) {
2234 if (vp->v_mountedhere != 0) {
2238 if (DOINGSOFTDEP(dvp)) {
2239 error = softdep_prelink(dvp, vp, false);
2241 MPASS(error == ERELOOKUP);
2247 ufs_gjournal_orphan(vp);
2250 * Delete reference to directory before purging
2251 * inode. If we crash in between, the directory
2252 * will be reattached to lost+found,
2256 if (DOINGSOFTDEP(vp))
2257 softdep_setup_rmdir(dp, ip);
2258 error = ufs_dirremove(dvp, ip, cnp->cn_flags, 1);
2262 if (DOINGSOFTDEP(vp))
2263 softdep_revert_rmdir(dp, ip);
2267 * The only stuff left in the directory is "." and "..". The "."
2268 * reference is inconsequential since we are quashing it. The soft
2269 * dependency code will arrange to do these operations after
2270 * the parent directory entry has been deleted on disk, so
2271 * when running with that code we avoid doing them now.
2273 if (!DOINGSOFTDEP(vp)) {
2275 DIP_SET(dp, i_nlink, dp->i_nlink);
2276 UFS_INODE_SET_FLAG(dp, IN_CHANGE);
2277 error = UFS_UPDATE(dvp, 0);
2279 DIP_SET(ip, i_nlink, ip->i_nlink);
2280 UFS_INODE_SET_FLAG(ip, IN_CHANGE);
2282 cache_vop_rmdir(dvp, vp);
2284 /* Kill any active hash; i_effnlink == 0, so it will not come back. */
2285 if (ip->i_dirhash != NULL)
2286 ufsdirhash_free(ip);
2293 * symlink -- make a symbolic link
2297 struct vop_symlink_args /* {
2298 struct vnode *a_dvp;
2299 struct vnode **a_vpp;
2300 struct componentname *a_cnp;
2301 struct vattr *a_vap;
2302 const char *a_target;
2305 struct vnode *vp, **vpp = ap->a_vpp;
2309 error = ufs_makeinode(IFLNK | ap->a_vap->va_mode, ap->a_dvp,
2310 vpp, ap->a_cnp, "ufs_symlink");
2314 len = strlen(ap->a_target);
2315 if (len < vp->v_mount->mnt_maxsymlinklen) {
2317 bcopy(ap->a_target, SHORTLINK(ip), len);
2319 DIP_SET(ip, i_size, len);
2320 UFS_INODE_SET_FLAG(ip, IN_SIZEMOD | IN_CHANGE | IN_UPDATE);
2321 error = UFS_UPDATE(vp, 0);
2323 error = vn_rdwr(UIO_WRITE, vp, __DECONST(void *, ap->a_target),
2324 len, (off_t)0, UIO_SYSSPACE, IO_NODELOCKED | IO_NOMACCHECK,
2325 ap->a_cnp->cn_cred, NOCRED, NULL, NULL);
2332 * Vnode op for reading directories.
2336 struct vop_readdir_args /* {
2339 struct ucred *a_cred;
2345 struct vnode *vp = ap->a_vp;
2346 struct uio *uio = ap->a_uio;
2349 struct direct *dp, *edp;
2351 struct dirent dstdp;
2352 off_t offset, startoffset;
2353 size_t readcnt, skipcnt;
2358 if (uio->uio_offset < 0)
2361 if (ip->i_effnlink == 0)
2363 if (ap->a_ncookies != NULL) {
2364 if (uio->uio_resid < 0)
2367 ncookies = uio->uio_resid;
2368 if (uio->uio_offset >= ip->i_size)
2370 else if (ip->i_size - uio->uio_offset < ncookies)
2371 ncookies = ip->i_size - uio->uio_offset;
2372 ncookies = ncookies / (offsetof(struct direct, d_name) + 4) + 1;
2373 cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK);
2374 *ap->a_ncookies = ncookies;
2375 *ap->a_cookies = cookies;
2380 offset = startoffset = uio->uio_offset;
2381 startresid = uio->uio_resid;
2383 while (error == 0 && uio->uio_resid > 0 &&
2384 uio->uio_offset < ip->i_size) {
2385 error = UFS_BLKATOFF(vp, uio->uio_offset, NULL, &bp);
2388 if (bp->b_offset + bp->b_bcount > ip->i_size)
2389 readcnt = ip->i_size - bp->b_offset;
2391 readcnt = bp->b_bcount;
2392 skipcnt = (size_t)(uio->uio_offset - bp->b_offset) &
2393 ~(size_t)(DIRBLKSIZ - 1);
2394 offset = bp->b_offset + skipcnt;
2395 dp = (struct direct *)&bp->b_data[skipcnt];
2396 edp = (struct direct *)&bp->b_data[readcnt];
2397 while (error == 0 && uio->uio_resid > 0 && dp < edp) {
2398 if (dp->d_reclen <= offsetof(struct direct, d_name) ||
2399 (caddr_t)dp + dp->d_reclen > (caddr_t)edp) {
2403 #if BYTE_ORDER == LITTLE_ENDIAN
2404 /* Old filesystem format. */
2405 if (vp->v_mount->mnt_maxsymlinklen <= 0) {
2406 dstdp.d_namlen = dp->d_type;
2407 dstdp.d_type = dp->d_namlen;
2411 dstdp.d_namlen = dp->d_namlen;
2412 dstdp.d_type = dp->d_type;
2414 if (offsetof(struct direct, d_name) + dstdp.d_namlen >
2419 if (offset < startoffset || dp->d_ino == 0)
2421 dstdp.d_fileno = dp->d_ino;
2422 dstdp.d_reclen = GENERIC_DIRSIZ(&dstdp);
2423 bcopy(dp->d_name, dstdp.d_name, dstdp.d_namlen);
2424 /* NOTE: d_off is the offset of the *next* entry. */
2425 dstdp.d_off = offset + dp->d_reclen;
2426 dirent_terminate(&dstdp);
2427 if (dstdp.d_reclen > uio->uio_resid) {
2428 if (uio->uio_resid == startresid)
2431 error = EJUSTRETURN;
2435 error = uiomove((caddr_t)&dstdp, dstdp.d_reclen, uio);
2438 if (cookies != NULL) {
2439 KASSERT(ncookies > 0,
2440 ("ufs_readdir: cookies buffer too small"));
2441 *cookies = offset + dp->d_reclen;
2446 offset += dp->d_reclen;
2447 dp = (struct direct *)((caddr_t)dp + dp->d_reclen);
2450 uio->uio_offset = offset;
2452 /* We need to correct uio_offset. */
2453 uio->uio_offset = offset;
2454 if (error == EJUSTRETURN)
2456 if (ap->a_ncookies != NULL) {
2458 ap->a_ncookies -= ncookies;
2460 free(*ap->a_cookies, M_TEMP);
2461 *ap->a_ncookies = 0;
2462 *ap->a_cookies = NULL;
2465 if (error == 0 && ap->a_eofflag)
2466 *ap->a_eofflag = ip->i_size <= uio->uio_offset;
2471 * Return target name of a symbolic link
2475 struct vop_readlink_args /* {
2478 struct ucred *a_cred;
2481 struct vnode *vp = ap->a_vp;
2482 struct inode *ip = VTOI(vp);
2486 if ((isize < vp->v_mount->mnt_maxsymlinklen) ||
2487 DIP(ip, i_blocks) == 0) { /* XXX - for old fastlink support */
2488 return (uiomove(SHORTLINK(ip), isize, ap->a_uio));
2490 return (VOP_READ(vp, ap->a_uio, 0, ap->a_cred));
2494 * Calculate the logical to physical mapping if not done already,
2495 * then call the device strategy routine.
2497 * In order to be able to swap to a file, the ufs_bmaparray() operation may not
2498 * deadlock on memory. See ufs_bmap() for details.
2502 struct vop_strategy_args /* {
2507 struct buf *bp = ap->a_bp;
2508 struct vnode *vp = ap->a_vp;
2512 if (bp->b_blkno == bp->b_lblkno) {
2513 error = ufs_bmaparray(vp, bp->b_lblkno, &blkno, bp, NULL, NULL);
2514 bp->b_blkno = blkno;
2516 bp->b_error = error;
2517 bp->b_ioflags |= BIO_ERROR;
2521 if ((long)bp->b_blkno == -1)
2524 if ((long)bp->b_blkno == -1) {
2528 bp->b_iooffset = dbtob(bp->b_blkno);
2529 BO_STRATEGY(VFSTOUFS(vp->v_mount)->um_bo, bp);
2534 * Print out the contents of an inode.
2538 struct vop_print_args /* {
2542 struct vnode *vp = ap->a_vp;
2543 struct inode *ip = VTOI(vp);
2545 printf("\tnlink=%d, effnlink=%d, size=%jd", ip->i_nlink,
2546 ip->i_effnlink, (intmax_t)ip->i_size);
2548 printf(", extsize %d", ip->i_din2->di_extsize);
2549 printf("\n\tgeneration=%jx, uid=%d, gid=%d, flags=0x%b\n",
2550 (uintmax_t)ip->i_gen, ip->i_uid, ip->i_gid,
2551 (u_int)ip->i_flags, PRINT_INODE_FLAGS);
2552 printf("\tino %lu, on dev %s", (u_long)ip->i_number,
2553 devtoname(ITODEV(ip)));
2554 if (vp->v_type == VFIFO)
2561 * Close wrapper for fifos.
2563 * Update the times on the inode then do device close.
2567 struct vop_close_args /* {
2570 struct ucred *a_cred;
2571 struct thread *a_td;
2574 struct vnode *vp = ap->a_vp;
2578 usecount = vp->v_usecount;
2580 ufs_itimes_locked(vp);
2582 return (fifo_specops.vop_close(ap));
2586 * Kqfilter wrapper for fifos.
2588 * Fall through to ufs kqfilter routines if needed
2591 ufsfifo_kqfilter(ap)
2592 struct vop_kqfilter_args *ap;
2596 error = fifo_specops.vop_kqfilter(ap);
2598 error = vfs_kqfilter(ap);
2603 * Return POSIX pathconf information applicable to ufs filesystems.
2607 struct vop_pathconf_args /* {
2616 switch (ap->a_name) {
2618 *ap->a_retval = UFS_LINK_MAX;
2621 *ap->a_retval = UFS_MAXNAMLEN;
2624 if (ap->a_vp->v_type == VDIR || ap->a_vp->v_type == VFIFO)
2625 *ap->a_retval = PIPE_BUF;
2629 case _PC_CHOWN_RESTRICTED:
2636 case _PC_ACL_EXTENDED:
2637 if (ap->a_vp->v_mount->mnt_flag & MNT_ACLS)
2643 if (ap->a_vp->v_mount->mnt_flag & MNT_NFS4ACLS)
2649 case _PC_ACL_PATH_MAX:
2651 if (ap->a_vp->v_mount->mnt_flag & (MNT_ACLS | MNT_NFS4ACLS))
2652 *ap->a_retval = ACL_MAX_ENTRIES;
2660 case _PC_MAC_PRESENT:
2661 if (ap->a_vp->v_mount->mnt_flag & MNT_MULTILABEL)
2667 case _PC_MIN_HOLE_SIZE:
2668 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize;
2676 case _PC_ALLOC_SIZE_MIN:
2677 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_bsize;
2679 case _PC_FILESIZEBITS:
2682 case _PC_REC_INCR_XFER_SIZE:
2683 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize;
2685 case _PC_REC_MAX_XFER_SIZE:
2686 *ap->a_retval = -1; /* means ``unlimited'' */
2688 case _PC_REC_MIN_XFER_SIZE:
2689 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize;
2691 case _PC_REC_XFER_ALIGN:
2692 *ap->a_retval = PAGE_SIZE;
2694 case _PC_SYMLINK_MAX:
2695 *ap->a_retval = MAXPATHLEN;
2699 error = vop_stdpathconf(ap);
2706 * Initialize the vnode associated with a new inode, handle aliased
2710 ufs_vinit(mntp, fifoops, vpp)
2712 struct vop_vector *fifoops;
2719 ASSERT_VOP_LOCKED(vp, "ufs_vinit");
2721 vp->v_type = IFTOVT(ip->i_mode);
2723 * Only unallocated inodes should be of type VNON.
2725 if (ip->i_mode != 0 && vp->v_type == VNON)
2727 if (vp->v_type == VFIFO)
2729 if (ip->i_number == UFS_ROOTINO)
2730 vp->v_vflag |= VV_ROOT;
2736 * Allocate a new inode.
2737 * Vnode dvp must be locked.
2740 ufs_makeinode(mode, dvp, vpp, cnp, callfunc)
2744 struct componentname *cnp;
2745 const char *callfunc;
2747 struct inode *ip, *pdir;
2748 struct direct newdir;
2754 if ((cnp->cn_flags & HASBUF) == 0)
2755 panic("%s: no name", callfunc);
2758 if ((mode & IFMT) == 0)
2761 if (pdir->i_effnlink < 2) {
2762 print_bad_link_count(callfunc, dvp);
2765 if (DOINGSOFTDEP(dvp)) {
2766 error = softdep_prelink(dvp, NULL, true);
2768 MPASS(error == ERELOOKUP);
2772 error = UFS_VALLOC(dvp, mode, cnp->cn_cred, &tvp);
2776 ip->i_gid = pdir->i_gid;
2777 DIP_SET(ip, i_gid, pdir->i_gid);
2781 struct ucred ucred, *ucp;
2786 * If we are not the owner of the directory,
2787 * and we are hacking owners here, (only do this where told to)
2788 * and we are not giving it TO root, (would subvert quotas)
2789 * then go ahead and give it to the other user.
2790 * Note that this drops off the execute bits for security.
2792 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) &&
2793 (pdir->i_mode & ISUID) &&
2794 (pdir->i_uid != cnp->cn_cred->cr_uid) && pdir->i_uid) {
2795 ip->i_uid = pdir->i_uid;
2796 DIP_SET(ip, i_uid, ip->i_uid);
2800 * Make sure the correct user gets charged
2802 * Quickly knock up a dummy credential for the victim.
2803 * XXX This seems to never be accessed out of our
2804 * context so a stack variable is ok.
2806 refcount_init(&ucred.cr_ref, 1);
2807 ucred.cr_uid = ip->i_uid;
2808 ucred.cr_ngroups = 1;
2809 ucred.cr_groups = &ucred_group;
2810 ucred.cr_groups[0] = pdir->i_gid;
2814 ip->i_uid = cnp->cn_cred->cr_uid;
2815 DIP_SET(ip, i_uid, ip->i_uid);
2819 if ((error = getinoquota(ip)) ||
2820 (error = chkiq(ip, 1, ucp, 0))) {
2821 if (DOINGSOFTDEP(tvp))
2822 softdep_revert_link(pdir, ip);
2823 UFS_VFREE(tvp, ip->i_number, mode);
2830 #else /* !SUIDDIR */
2831 ip->i_uid = cnp->cn_cred->cr_uid;
2832 DIP_SET(ip, i_uid, ip->i_uid);
2834 if ((error = getinoquota(ip)) ||
2835 (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
2836 if (DOINGSOFTDEP(tvp))
2837 softdep_revert_link(pdir, ip);
2838 UFS_VFREE(tvp, ip->i_number, mode);
2844 #endif /* !SUIDDIR */
2845 vn_seqc_write_begin(tvp); /* Mostly to cover asserts */
2846 UFS_INODE_SET_FLAG(ip, IN_ACCESS | IN_CHANGE | IN_UPDATE);
2847 UFS_INODE_SET_MODE(ip, mode);
2848 DIP_SET(ip, i_mode, mode);
2849 tvp->v_type = IFTOVT(mode); /* Rest init'd in getnewvnode(). */
2852 DIP_SET(ip, i_nlink, 1);
2853 if (DOINGSOFTDEP(tvp))
2854 softdep_setup_create(VTOI(dvp), ip);
2855 if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) &&
2856 priv_check_cred(cnp->cn_cred, PRIV_VFS_SETGID)) {
2857 UFS_INODE_SET_MODE(ip, ip->i_mode & ~ISGID);
2858 DIP_SET(ip, i_mode, ip->i_mode);
2861 if (cnp->cn_flags & ISWHITEOUT) {
2862 ip->i_flags |= UF_OPAQUE;
2863 DIP_SET(ip, i_flags, ip->i_flags);
2867 * Make sure inode goes to disk before directory entry.
2869 error = UFS_UPDATE(tvp, !DOINGSOFTDEP(tvp) && !DOINGASYNC(tvp));
2873 if (dvp->v_mount->mnt_flag & MNT_MULTILABEL) {
2874 error = mac_vnode_create_extattr(cnp->cn_cred, dvp->v_mount,
2881 if (dvp->v_mount->mnt_flag & MNT_ACLS) {
2882 error = ufs_do_posix1e_acl_inheritance_file(dvp, tvp, mode,
2883 cnp->cn_cred, cnp->cn_thread);
2886 } else if (dvp->v_mount->mnt_flag & MNT_NFS4ACLS) {
2887 error = ufs_do_nfs4_acl_inheritance(dvp, tvp, mode,
2888 cnp->cn_cred, cnp->cn_thread);
2892 #endif /* !UFS_ACL */
2893 ufs_makedirentry(ip, cnp, &newdir);
2894 error = ufs_direnter(dvp, tvp, &newdir, cnp, NULL, 0);
2897 vn_seqc_write_end(tvp);
2903 * Write error occurred trying to update the inode
2904 * or the directory so must deallocate the inode.
2908 DIP_SET(ip, i_nlink, 0);
2909 UFS_INODE_SET_FLAG(ip, IN_CHANGE);
2910 if (DOINGSOFTDEP(tvp))
2911 softdep_revert_create(VTOI(dvp), ip);
2912 vn_seqc_write_end(tvp);
2919 ufs_ioctl(struct vop_ioctl_args *ap)
2925 switch (ap->a_command) {
2927 error = vn_lock(vp, LK_SHARED);
2929 error = ufs_bmap_seekdata(vp, (off_t *)ap->a_data);
2935 return (vn_bmap_seekhole(vp, ap->a_command, (off_t *)ap->a_data,
2943 ufs_read_pgcache(struct vop_read_pgcache_args *ap)
2950 MPASS((vp->v_irflag & VIRF_PGREAD) != 0);
2952 if (uio->uio_resid > ptoa(io_hold_cnt) || uio->uio_offset < 0 ||
2953 (ap->a_ioflag & IO_DIRECT) != 0)
2954 return (EJUSTRETURN);
2955 return (vn_read_from_obj(vp, uio));
2958 /* Global vfs data structures for ufs. */
2959 struct vop_vector ufs_vnodeops = {
2960 .vop_default = &default_vnodeops,
2961 .vop_fsync = VOP_PANIC,
2962 .vop_read = VOP_PANIC,
2963 .vop_reallocblks = VOP_PANIC,
2964 .vop_write = VOP_PANIC,
2965 .vop_accessx = ufs_accessx,
2966 .vop_bmap = ufs_bmap,
2967 .vop_fplookup_vexec = ufs_fplookup_vexec,
2968 .vop_cachedlookup = ufs_lookup,
2969 .vop_close = ufs_close,
2970 .vop_create = ufs_create,
2971 .vop_stat = ufs_stat,
2972 .vop_getattr = ufs_getattr,
2973 .vop_inactive = ufs_inactive,
2974 .vop_ioctl = ufs_ioctl,
2975 .vop_link = ufs_link,
2976 .vop_lookup = vfs_cache_lookup,
2977 .vop_mmapped = ufs_mmapped,
2978 .vop_mkdir = ufs_mkdir,
2979 .vop_mknod = ufs_mknod,
2980 .vop_need_inactive = ufs_need_inactive,
2981 .vop_open = ufs_open,
2982 .vop_pathconf = ufs_pathconf,
2983 .vop_poll = vop_stdpoll,
2984 .vop_print = ufs_print,
2985 .vop_read_pgcache = ufs_read_pgcache,
2986 .vop_readdir = ufs_readdir,
2987 .vop_readlink = ufs_readlink,
2988 .vop_reclaim = ufs_reclaim,
2989 .vop_remove = ufs_remove,
2990 .vop_rename = ufs_rename,
2991 .vop_rmdir = ufs_rmdir,
2992 .vop_setattr = ufs_setattr,
2994 .vop_setlabel = vop_stdsetlabel_ea,
2996 .vop_strategy = ufs_strategy,
2997 .vop_symlink = ufs_symlink,
2998 .vop_whiteout = ufs_whiteout,
3000 .vop_getextattr = ufs_getextattr,
3001 .vop_deleteextattr = ufs_deleteextattr,
3002 .vop_setextattr = ufs_setextattr,
3005 .vop_getacl = ufs_getacl,
3006 .vop_setacl = ufs_setacl,
3007 .vop_aclcheck = ufs_aclcheck,
3010 VFS_VOP_VECTOR_REGISTER(ufs_vnodeops);
3012 struct vop_vector ufs_fifoops = {
3013 .vop_default = &fifo_specops,
3014 .vop_fsync = VOP_PANIC,
3015 .vop_accessx = ufs_accessx,
3016 .vop_close = ufsfifo_close,
3017 .vop_getattr = ufs_getattr,
3018 .vop_inactive = ufs_inactive,
3019 .vop_kqfilter = ufsfifo_kqfilter,
3020 .vop_pathconf = ufs_pathconf,
3021 .vop_print = ufs_print,
3022 .vop_read = VOP_PANIC,
3023 .vop_reclaim = ufs_reclaim,
3024 .vop_setattr = ufs_setattr,
3026 .vop_setlabel = vop_stdsetlabel_ea,
3028 .vop_write = VOP_PANIC,
3030 .vop_getextattr = ufs_getextattr,
3031 .vop_deleteextattr = ufs_deleteextattr,
3032 .vop_setextattr = ufs_setextattr,
3035 .vop_getacl = ufs_getacl,
3036 .vop_setacl = ufs_setacl,
3037 .vop_aclcheck = ufs_aclcheck,
3040 VFS_VOP_VECTOR_REGISTER(ufs_fifoops);