2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include "opt_capsicum.h"
41 #include "opt_compat.h"
42 #include "opt_ktrace.h"
44 #include <sys/param.h>
45 #include <sys/systm.h>
48 #include <sys/capsicum.h>
50 #include <sys/sysent.h>
51 #include <sys/malloc.h>
52 #include <sys/mount.h>
53 #include <sys/mutex.h>
54 #include <sys/sysproto.h>
55 #include <sys/namei.h>
56 #include <sys/filedesc.h>
57 #include <sys/kernel.h>
58 #include <sys/fcntl.h>
60 #include <sys/filio.h>
61 #include <sys/limits.h>
62 #include <sys/linker.h>
63 #include <sys/rwlock.h>
67 #include <sys/unistd.h>
68 #include <sys/vnode.h>
71 #include <sys/dirent.h>
73 #include <sys/syscallsubr.h>
74 #include <sys/sysctl.h>
76 #include <sys/ktrace.h>
79 #include <machine/stdarg.h>
81 #include <security/audit/audit.h>
82 #include <security/mac/mac_framework.h>
85 #include <vm/vm_object.h>
86 #include <vm/vm_page.h>
89 #include <ufs/ufs/quota.h>
91 MALLOC_DEFINE(M_FADVISE, "fadvise", "posix_fadvise(2) information");
93 SDT_PROVIDER_DEFINE(vfs);
94 SDT_PROBE_DEFINE2(vfs, , stat, mode, "char *", "int");
95 SDT_PROBE_DEFINE2(vfs, , stat, reg, "char *", "int");
97 static int kern_chflagsat(struct thread *td, int fd, const char *path,
98 enum uio_seg pathseg, u_long flags, int atflag);
99 static int setfflags(struct thread *td, struct vnode *, u_long);
100 static int getutimes(const struct timeval *, enum uio_seg, struct timespec *);
101 static int getutimens(const struct timespec *, enum uio_seg,
102 struct timespec *, int *);
103 static int setutimes(struct thread *td, struct vnode *,
104 const struct timespec *, int, int);
105 static int vn_access(struct vnode *vp, int user_flags, struct ucred *cred,
109 * Sync each mounted filesystem.
111 #ifndef _SYS_SYSPROTO_H_
118 sys_sync(struct thread *td, struct sync_args *uap)
120 struct mount *mp, *nmp;
123 mtx_lock(&mountlist_mtx);
124 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
125 if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK)) {
126 nmp = TAILQ_NEXT(mp, mnt_list);
129 if ((mp->mnt_flag & MNT_RDONLY) == 0 &&
130 vn_start_write(NULL, &mp, V_NOWAIT) == 0) {
131 save = curthread_pflags_set(TDP_SYNCIO);
132 vfs_msync(mp, MNT_NOWAIT);
133 VFS_SYNC(mp, MNT_NOWAIT);
134 curthread_pflags_restore(save);
135 vn_finished_write(mp);
137 mtx_lock(&mountlist_mtx);
138 nmp = TAILQ_NEXT(mp, mnt_list);
141 mtx_unlock(&mountlist_mtx);
146 * Change filesystem quotas.
148 #ifndef _SYS_SYSPROTO_H_
149 struct quotactl_args {
157 sys_quotactl(struct thread *td, struct quotactl_args *uap)
163 AUDIT_ARG_CMD(uap->cmd);
164 AUDIT_ARG_UID(uap->uid);
165 if (!prison_allow(td->td_ucred, PR_ALLOW_QUOTAS))
167 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
169 if ((error = namei(&nd)) != 0)
171 NDFREE(&nd, NDF_ONLY_PNBUF);
172 mp = nd.ni_vp->v_mount;
175 error = vfs_busy(mp, 0);
179 error = VFS_QUOTACTL(mp, uap->cmd, uap->uid, uap->arg);
182 * Since quota on operation typically needs to open quota
183 * file, the Q_QUOTAON handler needs to unbusy the mount point
184 * before calling into namei. Otherwise, unmount might be
185 * started between two vfs_busy() invocations (first is our,
186 * second is from mount point cross-walk code in lookup()),
189 * Require that Q_QUOTAON handles the vfs_busy() reference on
190 * its own, always returning with ubusied mount point.
192 if ((uap->cmd >> SUBCMDSHIFT) != Q_QUOTAON)
198 * Used by statfs conversion routines to scale the block size up if
199 * necessary so that all of the block counts are <= 'max_size'. Note
200 * that 'max_size' should be a bitmask, i.e. 2^n - 1 for some non-zero
204 statfs_scale_blocks(struct statfs *sf, long max_size)
209 KASSERT(powerof2(max_size + 1), ("%s: invalid max_size", __func__));
212 * Attempt to scale the block counts to give a more accurate
213 * overview to userland of the ratio of free space to used
214 * space. To do this, find the largest block count and compute
215 * a divisor that lets it fit into a signed integer <= max_size.
217 if (sf->f_bavail < 0)
218 count = -sf->f_bavail;
220 count = sf->f_bavail;
221 count = MAX(sf->f_blocks, MAX(sf->f_bfree, count));
222 if (count <= max_size)
225 count >>= flsl(max_size);
232 sf->f_bsize <<= shift;
233 sf->f_blocks >>= shift;
234 sf->f_bfree >>= shift;
235 sf->f_bavail >>= shift;
239 kern_do_statfs(struct thread *td, struct mount *mp, struct statfs *buf)
246 error = vfs_busy(mp, 0);
251 error = mac_mount_check_stat(td->td_ucred, mp);
256 * Set these in case the underlying filesystem fails to do so.
259 sp->f_version = STATFS_VERSION;
260 sp->f_namemax = NAME_MAX;
261 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
262 error = VFS_STATFS(mp, sp);
266 if (priv_check(td, PRIV_VFS_GENERATION)) {
267 buf->f_fsid.val[0] = buf->f_fsid.val[1] = 0;
268 prison_enforce_statfs(td->td_ucred, mp, buf);
276 * Get filesystem statistics.
278 #ifndef _SYS_SYSPROTO_H_
285 sys_statfs(struct thread *td, struct statfs_args *uap)
290 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
291 error = kern_statfs(td, uap->path, UIO_USERSPACE, sfp);
293 error = copyout(sfp, uap->buf, sizeof(struct statfs));
299 kern_statfs(struct thread *td, char *path, enum uio_seg pathseg,
306 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
311 mp = nd.ni_vp->v_mount;
313 NDFREE(&nd, NDF_ONLY_PNBUF);
315 return (kern_do_statfs(td, mp, buf));
319 * Get filesystem statistics.
321 #ifndef _SYS_SYSPROTO_H_
322 struct fstatfs_args {
328 sys_fstatfs(struct thread *td, struct fstatfs_args *uap)
333 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
334 error = kern_fstatfs(td, uap->fd, sfp);
336 error = copyout(sfp, uap->buf, sizeof(struct statfs));
342 kern_fstatfs(struct thread *td, int fd, struct statfs *buf)
351 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FSTATFS), &fp);
355 vn_lock(vp, LK_SHARED | LK_RETRY);
357 AUDIT_ARG_VNODE1(vp);
364 return (kern_do_statfs(td, mp, buf));
368 * Get statistics on all filesystems.
370 #ifndef _SYS_SYSPROTO_H_
371 struct getfsstat_args {
378 sys_getfsstat(struct thread *td, struct getfsstat_args *uap)
383 if (uap->bufsize < 0 || uap->bufsize > SIZE_MAX)
385 error = kern_getfsstat(td, &uap->buf, uap->bufsize, &count,
386 UIO_USERSPACE, uap->mode);
388 td->td_retval[0] = count;
393 * If (bufsize > 0 && bufseg == UIO_SYSSPACE)
394 * The caller is responsible for freeing memory which will be allocated
398 kern_getfsstat(struct thread *td, struct statfs **buf, size_t bufsize,
399 size_t *countp, enum uio_seg bufseg, int mode)
401 struct mount *mp, *nmp;
402 struct statfs *sfsp, *sp, *sptmp, *tofree;
403 size_t count, maxcount;
414 maxcount = bufsize / sizeof(struct statfs);
418 } else if (bufseg == UIO_USERSPACE) {
421 } else /* if (bufseg == UIO_SYSSPACE) */ {
423 mtx_lock(&mountlist_mtx);
424 TAILQ_FOREACH(mp, &mountlist, mnt_list) {
427 mtx_unlock(&mountlist_mtx);
428 if (maxcount > count)
430 tofree = sfsp = *buf = malloc(maxcount * sizeof(struct statfs),
434 mtx_lock(&mountlist_mtx);
435 for (mp = TAILQ_FIRST(&mountlist); mp != NULL; mp = nmp) {
436 if (prison_canseemount(td->td_ucred, mp) != 0) {
437 nmp = TAILQ_NEXT(mp, mnt_list);
441 if (mac_mount_check_stat(td->td_ucred, mp) != 0) {
442 nmp = TAILQ_NEXT(mp, mnt_list);
446 if (mode == MNT_WAIT) {
447 if (vfs_busy(mp, MBF_MNTLSTLOCK) != 0) {
449 * If vfs_busy() failed, and MBF_NOWAIT
450 * wasn't passed, then the mp is gone.
451 * Furthermore, because of MBF_MNTLSTLOCK,
452 * the mountlist_mtx was dropped. We have
453 * no other choice than to start over.
455 mtx_unlock(&mountlist_mtx);
456 free(tofree, M_STATFS);
460 if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK) != 0) {
461 nmp = TAILQ_NEXT(mp, mnt_list);
465 if (sfsp != NULL && count < maxcount) {
468 * Set these in case the underlying filesystem
471 sp->f_version = STATFS_VERSION;
472 sp->f_namemax = NAME_MAX;
473 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
475 * If MNT_NOWAIT is specified, do not refresh
478 if (mode != MNT_NOWAIT) {
479 error = VFS_STATFS(mp, sp);
481 mtx_lock(&mountlist_mtx);
482 nmp = TAILQ_NEXT(mp, mnt_list);
487 if (priv_check(td, PRIV_VFS_GENERATION)) {
488 sptmp = malloc(sizeof(struct statfs), M_STATFS,
491 sptmp->f_fsid.val[0] = sptmp->f_fsid.val[1] = 0;
492 prison_enforce_statfs(td->td_ucred, mp, sptmp);
496 if (bufseg == UIO_SYSSPACE) {
497 bcopy(sp, sfsp, sizeof(*sp));
498 free(sptmp, M_STATFS);
499 } else /* if (bufseg == UIO_USERSPACE) */ {
500 error = copyout(sp, sfsp, sizeof(*sp));
501 free(sptmp, M_STATFS);
510 mtx_lock(&mountlist_mtx);
511 nmp = TAILQ_NEXT(mp, mnt_list);
514 mtx_unlock(&mountlist_mtx);
515 if (sfsp != NULL && count > maxcount)
522 #ifdef COMPAT_FREEBSD4
524 * Get old format filesystem statistics.
526 static void cvtstatfs(struct statfs *, struct ostatfs *);
528 #ifndef _SYS_SYSPROTO_H_
529 struct freebsd4_statfs_args {
535 freebsd4_statfs(struct thread *td, struct freebsd4_statfs_args *uap)
541 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
542 error = kern_statfs(td, uap->path, UIO_USERSPACE, sfp);
544 cvtstatfs(sfp, &osb);
545 error = copyout(&osb, uap->buf, sizeof(osb));
552 * Get filesystem statistics.
554 #ifndef _SYS_SYSPROTO_H_
555 struct freebsd4_fstatfs_args {
561 freebsd4_fstatfs(struct thread *td, struct freebsd4_fstatfs_args *uap)
567 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
568 error = kern_fstatfs(td, uap->fd, sfp);
570 cvtstatfs(sfp, &osb);
571 error = copyout(&osb, uap->buf, sizeof(osb));
578 * Get statistics on all filesystems.
580 #ifndef _SYS_SYSPROTO_H_
581 struct freebsd4_getfsstat_args {
588 freebsd4_getfsstat(struct thread *td, struct freebsd4_getfsstat_args *uap)
590 struct statfs *buf, *sp;
595 if (uap->bufsize < 0)
597 count = uap->bufsize / sizeof(struct ostatfs);
598 if (count > SIZE_MAX / sizeof(struct statfs))
600 size = count * sizeof(struct statfs);
601 error = kern_getfsstat(td, &buf, size, &count, UIO_SYSSPACE,
605 td->td_retval[0] = count;
608 while (count != 0 && error == 0) {
610 error = copyout(&osb, uap->buf, sizeof(osb));
621 * Implement fstatfs() for (NFS) file handles.
623 #ifndef _SYS_SYSPROTO_H_
624 struct freebsd4_fhstatfs_args {
625 struct fhandle *u_fhp;
630 freebsd4_fhstatfs(struct thread *td, struct freebsd4_fhstatfs_args *uap)
637 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
640 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
641 error = kern_fhstatfs(td, fh, sfp);
643 cvtstatfs(sfp, &osb);
644 error = copyout(&osb, uap->buf, sizeof(osb));
651 * Convert a new format statfs structure to an old format statfs structure.
654 cvtstatfs(struct statfs *nsp, struct ostatfs *osp)
657 statfs_scale_blocks(nsp, LONG_MAX);
658 bzero(osp, sizeof(*osp));
659 osp->f_bsize = nsp->f_bsize;
660 osp->f_iosize = MIN(nsp->f_iosize, LONG_MAX);
661 osp->f_blocks = nsp->f_blocks;
662 osp->f_bfree = nsp->f_bfree;
663 osp->f_bavail = nsp->f_bavail;
664 osp->f_files = MIN(nsp->f_files, LONG_MAX);
665 osp->f_ffree = MIN(nsp->f_ffree, LONG_MAX);
666 osp->f_owner = nsp->f_owner;
667 osp->f_type = nsp->f_type;
668 osp->f_flags = nsp->f_flags;
669 osp->f_syncwrites = MIN(nsp->f_syncwrites, LONG_MAX);
670 osp->f_asyncwrites = MIN(nsp->f_asyncwrites, LONG_MAX);
671 osp->f_syncreads = MIN(nsp->f_syncreads, LONG_MAX);
672 osp->f_asyncreads = MIN(nsp->f_asyncreads, LONG_MAX);
673 strlcpy(osp->f_fstypename, nsp->f_fstypename,
674 MIN(MFSNAMELEN, OMFSNAMELEN));
675 strlcpy(osp->f_mntonname, nsp->f_mntonname,
676 MIN(MNAMELEN, OMNAMELEN));
677 strlcpy(osp->f_mntfromname, nsp->f_mntfromname,
678 MIN(MNAMELEN, OMNAMELEN));
679 osp->f_fsid = nsp->f_fsid;
681 #endif /* COMPAT_FREEBSD4 */
684 * Change current working directory to a given file descriptor.
686 #ifndef _SYS_SYSPROTO_H_
692 sys_fchdir(struct thread *td, struct fchdir_args *uap)
694 struct vnode *vp, *tdp;
700 AUDIT_ARG_FD(uap->fd);
701 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_FCHDIR),
708 vn_lock(vp, LK_SHARED | LK_RETRY);
709 AUDIT_ARG_VNODE1(vp);
710 error = change_dir(vp, td);
711 while (!error && (mp = vp->v_mountedhere) != NULL) {
714 error = VFS_ROOT(mp, LK_SHARED, &tdp);
731 * Change current working directory (``.'').
733 #ifndef _SYS_SYSPROTO_H_
739 sys_chdir(struct thread *td, struct chdir_args *uap)
742 return (kern_chdir(td, uap->path, UIO_USERSPACE));
746 kern_chdir(struct thread *td, char *path, enum uio_seg pathseg)
751 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
753 if ((error = namei(&nd)) != 0)
755 if ((error = change_dir(nd.ni_vp, td)) != 0) {
757 NDFREE(&nd, NDF_ONLY_PNBUF);
760 VOP_UNLOCK(nd.ni_vp, 0);
761 NDFREE(&nd, NDF_ONLY_PNBUF);
762 pwd_chdir(td, nd.ni_vp);
767 * Change notion of root (``/'') directory.
769 #ifndef _SYS_SYSPROTO_H_
775 sys_chroot(struct thread *td, struct chroot_args *uap)
780 error = priv_check(td, PRIV_VFS_CHROOT);
783 NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
784 UIO_USERSPACE, uap->path, td);
788 error = change_dir(nd.ni_vp, td);
792 error = mac_vnode_check_chroot(td->td_ucred, nd.ni_vp);
796 VOP_UNLOCK(nd.ni_vp, 0);
797 error = pwd_chroot(td, nd.ni_vp);
799 NDFREE(&nd, NDF_ONLY_PNBUF);
804 NDFREE(&nd, NDF_ONLY_PNBUF);
809 * Common routine for chroot and chdir. Callers must provide a locked vnode
813 change_dir(struct vnode *vp, struct thread *td)
819 ASSERT_VOP_LOCKED(vp, "change_dir(): vp not locked");
820 if (vp->v_type != VDIR)
823 error = mac_vnode_check_chdir(td->td_ucred, vp);
827 return (VOP_ACCESS(vp, VEXEC, td->td_ucred, td));
831 flags_to_rights(int flags, cap_rights_t *rightsp)
834 if (flags & O_EXEC) {
835 cap_rights_set(rightsp, CAP_FEXECVE);
837 switch ((flags & O_ACCMODE)) {
839 cap_rights_set(rightsp, CAP_READ);
842 cap_rights_set(rightsp, CAP_READ);
845 cap_rights_set(rightsp, CAP_WRITE);
846 if (!(flags & (O_APPEND | O_TRUNC)))
847 cap_rights_set(rightsp, CAP_SEEK);
853 cap_rights_set(rightsp, CAP_CREATE);
856 cap_rights_set(rightsp, CAP_FTRUNCATE);
858 if (flags & (O_SYNC | O_FSYNC))
859 cap_rights_set(rightsp, CAP_FSYNC);
861 if (flags & (O_EXLOCK | O_SHLOCK))
862 cap_rights_set(rightsp, CAP_FLOCK);
866 * Check permissions, allocate an open file structure, and call the device
867 * open routine if any.
869 #ifndef _SYS_SYSPROTO_H_
877 sys_open(struct thread *td, struct open_args *uap)
880 return (kern_openat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
881 uap->flags, uap->mode));
884 #ifndef _SYS_SYSPROTO_H_
893 sys_openat(struct thread *td, struct openat_args *uap)
896 AUDIT_ARG_FD(uap->fd);
897 return (kern_openat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
902 kern_openat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
905 struct proc *p = td->td_proc;
906 struct filedesc *fdp = p->p_fd;
911 int cmode, error, indx;
915 AUDIT_ARG_FFLAGS(flags);
916 AUDIT_ARG_MODE(mode);
917 cap_rights_init(&rights, CAP_LOOKUP);
918 flags_to_rights(flags, &rights);
920 * Only one of the O_EXEC, O_RDONLY, O_WRONLY and O_RDWR flags
923 if (flags & O_EXEC) {
924 if (flags & O_ACCMODE)
926 } else if ((flags & O_ACCMODE) == O_ACCMODE) {
929 flags = FFLAGS(flags);
933 * Allocate a file structure. The descriptor to reference it
934 * is allocated and set by finstall() below.
936 error = falloc_noinstall(td, &fp);
940 * An extra reference on `fp' has been held for us by
941 * falloc_noinstall().
943 /* Set the flags early so the finit in devfs can pick them up. */
944 fp->f_flag = flags & FMASK;
945 cmode = ((mode & ~fdp->fd_cmask) & ALLPERMS) & ~S_ISTXT;
946 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | AUDITVNODE1, pathseg, path, fd,
948 td->td_dupfd = -1; /* XXX check for fdopen */
949 error = vn_open(&nd, &flags, cmode, fp);
952 * If the vn_open replaced the method vector, something
953 * wonderous happened deep below and we just pass it up
954 * pretending we know what we do.
956 if (error == ENXIO && fp->f_ops != &badfileops)
960 * Handle special fdopen() case. bleh.
962 * Don't do this for relative (capability) lookups; we don't
963 * understand exactly what would happen, and we don't think
964 * that it ever should.
966 if ((nd.ni_lcf & NI_LCF_STRICTRELATIVE) == 0 &&
967 (error == ENODEV || error == ENXIO) &&
969 error = dupfdopen(td, fdp, td->td_dupfd, flags, error,
978 NDFREE(&nd, NDF_ONLY_PNBUF);
982 * Store the vnode, for any f_type. Typically, the vnode use
983 * count is decremented by direct call to vn_closefile() for
984 * files that switched type in the cdevsw fdopen() method.
988 * If the file wasn't claimed by devfs bind it to the normal
989 * vnode operations here.
991 if (fp->f_ops == &badfileops) {
992 KASSERT(vp->v_type != VFIFO, ("Unexpected fifo."));
994 finit(fp, (flags & FMASK) | (fp->f_flag & FHASLOCK),
995 DTYPE_VNODE, vp, &vnops);
999 if (flags & O_TRUNC) {
1000 error = fo_truncate(fp, 0, td->td_ucred, td);
1006 * If we haven't already installed the FD (for dupfdopen), do so now.
1009 struct filecaps *fcaps;
1012 if ((nd.ni_lcf & NI_LCF_STRICTRELATIVE) != 0)
1013 fcaps = &nd.ni_filecaps;
1017 error = finstall(td, fp, &indx, flags, fcaps);
1018 /* On success finstall() consumes fcaps. */
1020 filecaps_free(&nd.ni_filecaps);
1024 filecaps_free(&nd.ni_filecaps);
1028 * Release our private reference, leaving the one associated with
1029 * the descriptor table intact.
1032 td->td_retval[0] = indx;
1035 KASSERT(indx == -1, ("indx=%d, should be -1", indx));
1044 #ifndef _SYS_SYSPROTO_H_
1045 struct ocreat_args {
1051 ocreat(struct thread *td, struct ocreat_args *uap)
1054 return (kern_openat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1055 O_WRONLY | O_CREAT | O_TRUNC, uap->mode));
1057 #endif /* COMPAT_43 */
1060 * Create a special file.
1062 #ifndef _SYS_SYSPROTO_H_
1070 sys_mknod(struct thread *td, struct mknod_args *uap)
1073 return (kern_mknodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1074 uap->mode, uap->dev));
1077 #ifndef _SYS_SYSPROTO_H_
1078 struct mknodat_args {
1086 sys_mknodat(struct thread *td, struct mknodat_args *uap)
1089 return (kern_mknodat(td, uap->fd, uap->path, UIO_USERSPACE, uap->mode,
1094 kern_mknodat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1100 struct nameidata nd;
1101 cap_rights_t rights;
1102 int error, whiteout = 0;
1104 AUDIT_ARG_MODE(mode);
1106 switch (mode & S_IFMT) {
1109 error = priv_check(td, PRIV_VFS_MKNOD_DEV);
1110 if (error == 0 && dev == VNOVAL)
1114 error = priv_check(td, PRIV_VFS_MKNOD_WHT);
1118 return (kern_mkfifoat(td, fd, path, pathseg, mode));
1128 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
1129 NOCACHE, pathseg, path, fd, cap_rights_init(&rights, CAP_MKNODAT),
1131 if ((error = namei(&nd)) != 0)
1135 NDFREE(&nd, NDF_ONLY_PNBUF);
1136 if (vp == nd.ni_dvp)
1144 vattr.va_mode = (mode & ALLPERMS) &
1145 ~td->td_proc->p_fd->fd_cmask;
1146 vattr.va_rdev = dev;
1149 switch (mode & S_IFMT) {
1151 vattr.va_type = VCHR;
1154 vattr.va_type = VBLK;
1160 panic("kern_mknod: invalid mode");
1163 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1164 NDFREE(&nd, NDF_ONLY_PNBUF);
1166 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1171 if (error == 0 && !whiteout)
1172 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp,
1173 &nd.ni_cnd, &vattr);
1177 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, CREATE);
1179 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp,
1180 &nd.ni_cnd, &vattr);
1185 NDFREE(&nd, NDF_ONLY_PNBUF);
1187 vn_finished_write(mp);
1192 * Create a named pipe.
1194 #ifndef _SYS_SYSPROTO_H_
1195 struct mkfifo_args {
1201 sys_mkfifo(struct thread *td, struct mkfifo_args *uap)
1204 return (kern_mkfifoat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1208 #ifndef _SYS_SYSPROTO_H_
1209 struct mkfifoat_args {
1216 sys_mkfifoat(struct thread *td, struct mkfifoat_args *uap)
1219 return (kern_mkfifoat(td, uap->fd, uap->path, UIO_USERSPACE,
1224 kern_mkfifoat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1229 struct nameidata nd;
1230 cap_rights_t rights;
1233 AUDIT_ARG_MODE(mode);
1236 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
1237 NOCACHE, pathseg, path, fd, cap_rights_init(&rights, CAP_MKFIFOAT),
1239 if ((error = namei(&nd)) != 0)
1241 if (nd.ni_vp != NULL) {
1242 NDFREE(&nd, NDF_ONLY_PNBUF);
1243 if (nd.ni_vp == nd.ni_dvp)
1250 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1251 NDFREE(&nd, NDF_ONLY_PNBUF);
1253 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1258 vattr.va_type = VFIFO;
1259 vattr.va_mode = (mode & ALLPERMS) & ~td->td_proc->p_fd->fd_cmask;
1261 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1266 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
1273 vn_finished_write(mp);
1274 NDFREE(&nd, NDF_ONLY_PNBUF);
1279 * Make a hard file link.
1281 #ifndef _SYS_SYSPROTO_H_
1288 sys_link(struct thread *td, struct link_args *uap)
1291 return (kern_linkat(td, AT_FDCWD, AT_FDCWD, uap->path, uap->link,
1292 UIO_USERSPACE, FOLLOW));
1295 #ifndef _SYS_SYSPROTO_H_
1296 struct linkat_args {
1305 sys_linkat(struct thread *td, struct linkat_args *uap)
1310 if (flag & ~AT_SYMLINK_FOLLOW)
1313 return (kern_linkat(td, uap->fd1, uap->fd2, uap->path1, uap->path2,
1314 UIO_USERSPACE, (flag & AT_SYMLINK_FOLLOW) ? FOLLOW : NOFOLLOW));
1317 int hardlink_check_uid = 0;
1318 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_uid, CTLFLAG_RW,
1319 &hardlink_check_uid, 0,
1320 "Unprivileged processes cannot create hard links to files owned by other "
1322 static int hardlink_check_gid = 0;
1323 SYSCTL_INT(_security_bsd, OID_AUTO, hardlink_check_gid, CTLFLAG_RW,
1324 &hardlink_check_gid, 0,
1325 "Unprivileged processes cannot create hard links to files owned by other "
1329 can_hardlink(struct vnode *vp, struct ucred *cred)
1334 if (!hardlink_check_uid && !hardlink_check_gid)
1337 error = VOP_GETATTR(vp, &va, cred);
1341 if (hardlink_check_uid && cred->cr_uid != va.va_uid) {
1342 error = priv_check_cred(cred, PRIV_VFS_LINK, 0);
1347 if (hardlink_check_gid && !groupmember(va.va_gid, cred)) {
1348 error = priv_check_cred(cred, PRIV_VFS_LINK, 0);
1357 kern_linkat(struct thread *td, int fd1, int fd2, char *path1, char *path2,
1358 enum uio_seg segflg, int follow)
1362 struct nameidata nd;
1363 cap_rights_t rights;
1368 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, segflg, path1, fd1,
1369 cap_rights_init(&rights, CAP_LINKAT_SOURCE), td);
1371 if ((error = namei(&nd)) != 0)
1373 NDFREE(&nd, NDF_ONLY_PNBUF);
1375 if (vp->v_type == VDIR) {
1377 return (EPERM); /* POSIX */
1379 NDINIT_ATRIGHTS(&nd, CREATE,
1380 LOCKPARENT | SAVENAME | AUDITVNODE2 | NOCACHE, segflg, path2, fd2,
1381 cap_rights_init(&rights, CAP_LINKAT_TARGET), td);
1382 if ((error = namei(&nd)) == 0) {
1383 if (nd.ni_vp != NULL) {
1384 NDFREE(&nd, NDF_ONLY_PNBUF);
1385 if (nd.ni_dvp == nd.ni_vp)
1392 } else if (nd.ni_dvp->v_mount != vp->v_mount) {
1394 * Cross-device link. No need to recheck
1395 * vp->v_type, since it cannot change, except
1398 NDFREE(&nd, NDF_ONLY_PNBUF);
1402 } else if ((error = vn_lock(vp, LK_EXCLUSIVE)) == 0) {
1403 error = can_hardlink(vp, td->td_ucred);
1406 error = mac_vnode_check_link(td->td_ucred,
1407 nd.ni_dvp, vp, &nd.ni_cnd);
1412 NDFREE(&nd, NDF_ONLY_PNBUF);
1415 error = vn_start_write(vp, &mp, V_NOWAIT);
1419 NDFREE(&nd, NDF_ONLY_PNBUF);
1420 error = vn_start_write(NULL, &mp,
1426 error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
1429 vn_finished_write(mp);
1430 NDFREE(&nd, NDF_ONLY_PNBUF);
1433 NDFREE(&nd, NDF_ONLY_PNBUF);
1443 * Make a symbolic link.
1445 #ifndef _SYS_SYSPROTO_H_
1446 struct symlink_args {
1452 sys_symlink(struct thread *td, struct symlink_args *uap)
1455 return (kern_symlinkat(td, uap->path, AT_FDCWD, uap->link,
1459 #ifndef _SYS_SYSPROTO_H_
1460 struct symlinkat_args {
1467 sys_symlinkat(struct thread *td, struct symlinkat_args *uap)
1470 return (kern_symlinkat(td, uap->path1, uap->fd, uap->path2,
1475 kern_symlinkat(struct thread *td, char *path1, int fd, char *path2,
1476 enum uio_seg segflg)
1481 struct nameidata nd;
1483 cap_rights_t rights;
1485 if (segflg == UIO_SYSSPACE) {
1488 syspath = uma_zalloc(namei_zone, M_WAITOK);
1489 if ((error = copyinstr(path1, syspath, MAXPATHLEN, NULL)) != 0)
1492 AUDIT_ARG_TEXT(syspath);
1495 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
1496 NOCACHE, segflg, path2, fd, cap_rights_init(&rights, CAP_SYMLINKAT),
1498 if ((error = namei(&nd)) != 0)
1501 NDFREE(&nd, NDF_ONLY_PNBUF);
1502 if (nd.ni_vp == nd.ni_dvp)
1510 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1511 NDFREE(&nd, NDF_ONLY_PNBUF);
1513 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1518 vattr.va_mode = ACCESSPERMS &~ td->td_proc->p_fd->fd_cmask;
1520 vattr.va_type = VLNK;
1521 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
1526 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr, syspath);
1532 NDFREE(&nd, NDF_ONLY_PNBUF);
1534 vn_finished_write(mp);
1536 if (segflg != UIO_SYSSPACE)
1537 uma_zfree(namei_zone, syspath);
1542 * Delete a whiteout from the filesystem.
1544 #ifndef _SYS_SYSPROTO_H_
1545 struct undelete_args {
1550 sys_undelete(struct thread *td, struct undelete_args *uap)
1553 struct nameidata nd;
1558 NDINIT(&nd, DELETE, LOCKPARENT | DOWHITEOUT | AUDITVNODE1,
1559 UIO_USERSPACE, uap->path, td);
1564 if (nd.ni_vp != NULLVP || !(nd.ni_cnd.cn_flags & ISWHITEOUT)) {
1565 NDFREE(&nd, NDF_ONLY_PNBUF);
1566 if (nd.ni_vp == nd.ni_dvp)
1574 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1575 NDFREE(&nd, NDF_ONLY_PNBUF);
1577 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
1581 error = VOP_WHITEOUT(nd.ni_dvp, &nd.ni_cnd, DELETE);
1582 NDFREE(&nd, NDF_ONLY_PNBUF);
1584 vn_finished_write(mp);
1589 * Delete a name from the filesystem.
1591 #ifndef _SYS_SYSPROTO_H_
1592 struct unlink_args {
1597 sys_unlink(struct thread *td, struct unlink_args *uap)
1600 return (kern_unlinkat(td, AT_FDCWD, uap->path, UIO_USERSPACE, 0));
1603 #ifndef _SYS_SYSPROTO_H_
1604 struct unlinkat_args {
1611 sys_unlinkat(struct thread *td, struct unlinkat_args *uap)
1613 int flag = uap->flag;
1615 char *path = uap->path;
1617 if (flag & ~AT_REMOVEDIR)
1620 if (flag & AT_REMOVEDIR)
1621 return (kern_rmdirat(td, fd, path, UIO_USERSPACE));
1623 return (kern_unlinkat(td, fd, path, UIO_USERSPACE, 0));
1627 kern_unlinkat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1632 struct nameidata nd;
1634 cap_rights_t rights;
1639 NDINIT_ATRIGHTS(&nd, DELETE, LOCKPARENT | LOCKLEAF | AUDITVNODE1,
1640 pathseg, path, fd, cap_rights_init(&rights, CAP_UNLINKAT), td);
1641 if ((error = namei(&nd)) != 0)
1642 return (error == EINVAL ? EPERM : error);
1644 if (vp->v_type == VDIR && oldinum == 0) {
1645 error = EPERM; /* POSIX */
1646 } else if (oldinum != 0 &&
1647 ((error = vn_stat(vp, &sb, td->td_ucred, NOCRED, td)) == 0) &&
1648 sb.st_ino != oldinum) {
1649 error = EIDRM; /* Identifier removed */
1652 * The root of a mounted filesystem cannot be deleted.
1654 * XXX: can this only be a VDIR case?
1656 if (vp->v_vflag & VV_ROOT)
1660 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
1661 NDFREE(&nd, NDF_ONLY_PNBUF);
1663 if (vp == nd.ni_dvp)
1667 if ((error = vn_start_write(NULL, &mp,
1668 V_XSLEEP | PCATCH)) != 0)
1673 error = mac_vnode_check_unlink(td->td_ucred, nd.ni_dvp, vp,
1678 vfs_notify_upper(vp, VFS_NOTIFY_UPPER_UNLINK);
1679 error = VOP_REMOVE(nd.ni_dvp, vp, &nd.ni_cnd);
1683 vn_finished_write(mp);
1685 NDFREE(&nd, NDF_ONLY_PNBUF);
1687 if (vp == nd.ni_dvp)
1695 * Reposition read/write file offset.
1697 #ifndef _SYS_SYSPROTO_H_
1706 sys_lseek(struct thread *td, struct lseek_args *uap)
1709 return (kern_lseek(td, uap->fd, uap->offset, uap->whence));
1713 kern_lseek(struct thread *td, int fd, off_t offset, int whence)
1716 cap_rights_t rights;
1720 error = fget(td, fd, cap_rights_init(&rights, CAP_SEEK), &fp);
1723 error = (fp->f_ops->fo_flags & DFLAG_SEEKABLE) != 0 ?
1724 fo_seek(fp, offset, whence, td) : ESPIPE;
1729 #if defined(COMPAT_43)
1731 * Reposition read/write file offset.
1733 #ifndef _SYS_SYSPROTO_H_
1734 struct olseek_args {
1741 olseek(struct thread *td, struct olseek_args *uap)
1744 return (kern_lseek(td, uap->fd, uap->offset, uap->whence));
1746 #endif /* COMPAT_43 */
1748 #if defined(COMPAT_FREEBSD6)
1749 /* Version with the 'pad' argument */
1751 freebsd6_lseek(struct thread *td, struct freebsd6_lseek_args *uap)
1754 return (kern_lseek(td, uap->fd, uap->offset, uap->whence));
1759 * Check access permissions using passed credentials.
1762 vn_access(struct vnode *vp, int user_flags, struct ucred *cred,
1768 /* Flags == 0 means only check for existence. */
1769 if (user_flags == 0)
1773 if (user_flags & R_OK)
1775 if (user_flags & W_OK)
1777 if (user_flags & X_OK)
1780 error = mac_vnode_check_access(cred, vp, accmode);
1784 if ((accmode & VWRITE) == 0 || (error = vn_writechk(vp)) == 0)
1785 error = VOP_ACCESS(vp, accmode, cred, td);
1790 * Check access permissions using "real" credentials.
1792 #ifndef _SYS_SYSPROTO_H_
1793 struct access_args {
1799 sys_access(struct thread *td, struct access_args *uap)
1802 return (kern_accessat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1806 #ifndef _SYS_SYSPROTO_H_
1807 struct faccessat_args {
1815 sys_faccessat(struct thread *td, struct faccessat_args *uap)
1818 return (kern_accessat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
1823 kern_accessat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
1824 int flag, int amode)
1826 struct ucred *cred, *usecred;
1828 struct nameidata nd;
1829 cap_rights_t rights;
1832 if (flag & ~AT_EACCESS)
1834 if (amode != F_OK && (amode & ~(R_OK | W_OK | X_OK)) != 0)
1838 * Create and modify a temporary credential instead of one that
1839 * is potentially shared (if we need one).
1841 cred = td->td_ucred;
1842 if ((flag & AT_EACCESS) == 0 &&
1843 ((cred->cr_uid != cred->cr_ruid ||
1844 cred->cr_rgid != cred->cr_groups[0]))) {
1845 usecred = crdup(cred);
1846 usecred->cr_uid = cred->cr_ruid;
1847 usecred->cr_groups[0] = cred->cr_rgid;
1848 td->td_ucred = usecred;
1851 AUDIT_ARG_VALUE(amode);
1852 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF |
1853 AUDITVNODE1, pathseg, path, fd, cap_rights_init(&rights, CAP_FSTAT),
1855 if ((error = namei(&nd)) != 0)
1859 error = vn_access(vp, amode, usecred, td);
1860 NDFREE(&nd, NDF_ONLY_PNBUF);
1863 if (usecred != cred) {
1864 td->td_ucred = cred;
1871 * Check access permissions using "effective" credentials.
1873 #ifndef _SYS_SYSPROTO_H_
1874 struct eaccess_args {
1880 sys_eaccess(struct thread *td, struct eaccess_args *uap)
1883 return (kern_accessat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
1884 AT_EACCESS, uap->amode));
1887 #if defined(COMPAT_43)
1889 * Get file status; this version follows links.
1891 #ifndef _SYS_SYSPROTO_H_
1898 ostat(struct thread *td, struct ostat_args *uap)
1904 error = kern_statat(td, 0, AT_FDCWD, uap->path, UIO_USERSPACE,
1909 return (copyout(&osb, uap->ub, sizeof (osb)));
1913 * Get file status; this version does not follow links.
1915 #ifndef _SYS_SYSPROTO_H_
1916 struct olstat_args {
1922 olstat(struct thread *td, struct olstat_args *uap)
1928 error = kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->path,
1929 UIO_USERSPACE, &sb, NULL);
1933 return (copyout(&osb, uap->ub, sizeof (osb)));
1937 * Convert from an old to a new stat structure.
1940 cvtstat(struct stat *st, struct ostat *ost)
1943 bzero(ost, sizeof(*ost));
1944 ost->st_dev = st->st_dev;
1945 ost->st_ino = st->st_ino;
1946 ost->st_mode = st->st_mode;
1947 ost->st_nlink = st->st_nlink;
1948 ost->st_uid = st->st_uid;
1949 ost->st_gid = st->st_gid;
1950 ost->st_rdev = st->st_rdev;
1951 if (st->st_size < (quad_t)1 << 32)
1952 ost->st_size = st->st_size;
1955 ost->st_atim = st->st_atim;
1956 ost->st_mtim = st->st_mtim;
1957 ost->st_ctim = st->st_ctim;
1958 ost->st_blksize = st->st_blksize;
1959 ost->st_blocks = st->st_blocks;
1960 ost->st_flags = st->st_flags;
1961 ost->st_gen = st->st_gen;
1963 #endif /* COMPAT_43 */
1966 * Get file status; this version follows links.
1968 #ifndef _SYS_SYSPROTO_H_
1975 sys_stat(struct thread *td, struct stat_args *uap)
1980 error = kern_statat(td, 0, AT_FDCWD, uap->path, UIO_USERSPACE,
1983 error = copyout(&sb, uap->ub, sizeof (sb));
1987 #ifndef _SYS_SYSPROTO_H_
1988 struct fstatat_args {
1996 sys_fstatat(struct thread *td, struct fstatat_args *uap)
2001 error = kern_statat(td, uap->flag, uap->fd, uap->path,
2002 UIO_USERSPACE, &sb, NULL);
2004 error = copyout(&sb, uap->buf, sizeof (sb));
2009 kern_statat(struct thread *td, int flag, int fd, char *path,
2010 enum uio_seg pathseg, struct stat *sbp,
2011 void (*hook)(struct vnode *vp, struct stat *sbp))
2013 struct nameidata nd;
2015 cap_rights_t rights;
2018 if (flag & ~AT_SYMLINK_NOFOLLOW)
2021 NDINIT_ATRIGHTS(&nd, LOOKUP, ((flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW :
2022 FOLLOW) | LOCKSHARED | LOCKLEAF | AUDITVNODE1, pathseg, path, fd,
2023 cap_rights_init(&rights, CAP_FSTAT), td);
2025 if ((error = namei(&nd)) != 0)
2027 error = vn_stat(nd.ni_vp, &sb, td->td_ucred, NOCRED, td);
2029 SDT_PROBE2(vfs, , stat, mode, path, sb.st_mode);
2030 if (S_ISREG(sb.st_mode))
2031 SDT_PROBE2(vfs, , stat, reg, path, pathseg);
2032 if (__predict_false(hook != NULL))
2033 hook(nd.ni_vp, &sb);
2035 NDFREE(&nd, NDF_ONLY_PNBUF);
2041 if (KTRPOINT(td, KTR_STRUCT))
2048 * Get file status; this version does not follow links.
2050 #ifndef _SYS_SYSPROTO_H_
2057 sys_lstat(struct thread *td, struct lstat_args *uap)
2062 error = kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->path,
2063 UIO_USERSPACE, &sb, NULL);
2065 error = copyout(&sb, uap->ub, sizeof (sb));
2070 * Implementation of the NetBSD [l]stat() functions.
2073 cvtnstat( struct stat *sb, struct nstat *nsb)
2076 bzero(nsb, sizeof *nsb);
2077 nsb->st_dev = sb->st_dev;
2078 nsb->st_ino = sb->st_ino;
2079 nsb->st_mode = sb->st_mode;
2080 nsb->st_nlink = sb->st_nlink;
2081 nsb->st_uid = sb->st_uid;
2082 nsb->st_gid = sb->st_gid;
2083 nsb->st_rdev = sb->st_rdev;
2084 nsb->st_atim = sb->st_atim;
2085 nsb->st_mtim = sb->st_mtim;
2086 nsb->st_ctim = sb->st_ctim;
2087 nsb->st_size = sb->st_size;
2088 nsb->st_blocks = sb->st_blocks;
2089 nsb->st_blksize = sb->st_blksize;
2090 nsb->st_flags = sb->st_flags;
2091 nsb->st_gen = sb->st_gen;
2092 nsb->st_birthtim = sb->st_birthtim;
2095 #ifndef _SYS_SYSPROTO_H_
2102 sys_nstat(struct thread *td, struct nstat_args *uap)
2108 error = kern_statat(td, 0, AT_FDCWD, uap->path, UIO_USERSPACE,
2112 cvtnstat(&sb, &nsb);
2113 return (copyout(&nsb, uap->ub, sizeof (nsb)));
2117 * NetBSD lstat. Get file status; this version does not follow links.
2119 #ifndef _SYS_SYSPROTO_H_
2126 sys_nlstat(struct thread *td, struct nlstat_args *uap)
2132 error = kern_statat(td, AT_SYMLINK_NOFOLLOW, AT_FDCWD, uap->path,
2133 UIO_USERSPACE, &sb, NULL);
2136 cvtnstat(&sb, &nsb);
2137 return (copyout(&nsb, uap->ub, sizeof (nsb)));
2141 * Get configurable pathname variables.
2143 #ifndef _SYS_SYSPROTO_H_
2144 struct pathconf_args {
2150 sys_pathconf(struct thread *td, struct pathconf_args *uap)
2153 return (kern_pathconf(td, uap->path, UIO_USERSPACE, uap->name, FOLLOW));
2156 #ifndef _SYS_SYSPROTO_H_
2157 struct lpathconf_args {
2163 sys_lpathconf(struct thread *td, struct lpathconf_args *uap)
2166 return (kern_pathconf(td, uap->path, UIO_USERSPACE, uap->name,
2171 kern_pathconf(struct thread *td, char *path, enum uio_seg pathseg, int name,
2174 struct nameidata nd;
2177 NDINIT(&nd, LOOKUP, LOCKSHARED | LOCKLEAF | AUDITVNODE1 | flags,
2179 if ((error = namei(&nd)) != 0)
2181 NDFREE(&nd, NDF_ONLY_PNBUF);
2183 error = VOP_PATHCONF(nd.ni_vp, name, td->td_retval);
2189 * Return target name of a symbolic link.
2191 #ifndef _SYS_SYSPROTO_H_
2192 struct readlink_args {
2199 sys_readlink(struct thread *td, struct readlink_args *uap)
2202 return (kern_readlinkat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2203 uap->buf, UIO_USERSPACE, uap->count));
2205 #ifndef _SYS_SYSPROTO_H_
2206 struct readlinkat_args {
2214 sys_readlinkat(struct thread *td, struct readlinkat_args *uap)
2217 return (kern_readlinkat(td, uap->fd, uap->path, UIO_USERSPACE,
2218 uap->buf, UIO_USERSPACE, uap->bufsize));
2222 kern_readlinkat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2223 char *buf, enum uio_seg bufseg, size_t count)
2228 struct nameidata nd;
2231 if (count > IOSIZE_MAX)
2234 NDINIT_AT(&nd, LOOKUP, NOFOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
2235 pathseg, path, fd, td);
2237 if ((error = namei(&nd)) != 0)
2239 NDFREE(&nd, NDF_ONLY_PNBUF);
2242 error = mac_vnode_check_readlink(td->td_ucred, vp);
2248 if (vp->v_type != VLNK && (vp->v_vflag & VV_READLINK) == 0)
2251 aiov.iov_base = buf;
2252 aiov.iov_len = count;
2253 auio.uio_iov = &aiov;
2254 auio.uio_iovcnt = 1;
2255 auio.uio_offset = 0;
2256 auio.uio_rw = UIO_READ;
2257 auio.uio_segflg = bufseg;
2259 auio.uio_resid = count;
2260 error = VOP_READLINK(vp, &auio, td->td_ucred);
2261 td->td_retval[0] = count - auio.uio_resid;
2268 * Common implementation code for chflags() and fchflags().
2271 setfflags(struct thread *td, struct vnode *vp, u_long flags)
2277 /* We can't support the value matching VNOVAL. */
2278 if (flags == VNOVAL)
2279 return (EOPNOTSUPP);
2282 * Prevent non-root users from setting flags on devices. When
2283 * a device is reused, users can retain ownership of the device
2284 * if they are allowed to set flags and programs assume that
2285 * chown can't fail when done as root.
2287 if (vp->v_type == VCHR || vp->v_type == VBLK) {
2288 error = priv_check(td, PRIV_VFS_CHFLAGS_DEV);
2293 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2296 vattr.va_flags = flags;
2297 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2299 error = mac_vnode_check_setflags(td->td_ucred, vp, vattr.va_flags);
2302 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
2304 vn_finished_write(mp);
2309 * Change flags of a file given a path name.
2311 #ifndef _SYS_SYSPROTO_H_
2312 struct chflags_args {
2318 sys_chflags(struct thread *td, struct chflags_args *uap)
2321 return (kern_chflagsat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2325 #ifndef _SYS_SYSPROTO_H_
2326 struct chflagsat_args {
2334 sys_chflagsat(struct thread *td, struct chflagsat_args *uap)
2337 const char *path = uap->path;
2338 u_long flags = uap->flags;
2339 int atflag = uap->atflag;
2341 if (atflag & ~AT_SYMLINK_NOFOLLOW)
2344 return (kern_chflagsat(td, fd, path, UIO_USERSPACE, flags, atflag));
2348 * Same as chflags() but doesn't follow symlinks.
2350 #ifndef _SYS_SYSPROTO_H_
2351 struct lchflags_args {
2357 sys_lchflags(struct thread *td, struct lchflags_args *uap)
2360 return (kern_chflagsat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2361 uap->flags, AT_SYMLINK_NOFOLLOW));
2365 kern_chflagsat(struct thread *td, int fd, const char *path,
2366 enum uio_seg pathseg, u_long flags, int atflag)
2368 struct nameidata nd;
2369 cap_rights_t rights;
2372 AUDIT_ARG_FFLAGS(flags);
2373 follow = (atflag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2374 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, pathseg, path, fd,
2375 cap_rights_init(&rights, CAP_FCHFLAGS), td);
2376 if ((error = namei(&nd)) != 0)
2378 NDFREE(&nd, NDF_ONLY_PNBUF);
2379 error = setfflags(td, nd.ni_vp, flags);
2385 * Change flags of a file given a file descriptor.
2387 #ifndef _SYS_SYSPROTO_H_
2388 struct fchflags_args {
2394 sys_fchflags(struct thread *td, struct fchflags_args *uap)
2397 cap_rights_t rights;
2400 AUDIT_ARG_FD(uap->fd);
2401 AUDIT_ARG_FFLAGS(uap->flags);
2402 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_FCHFLAGS),
2407 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
2408 AUDIT_ARG_VNODE1(fp->f_vnode);
2409 VOP_UNLOCK(fp->f_vnode, 0);
2411 error = setfflags(td, fp->f_vnode, uap->flags);
2417 * Common implementation code for chmod(), lchmod() and fchmod().
2420 setfmode(struct thread *td, struct ucred *cred, struct vnode *vp, int mode)
2426 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2428 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2430 vattr.va_mode = mode & ALLPERMS;
2432 error = mac_vnode_check_setmode(cred, vp, vattr.va_mode);
2435 error = VOP_SETATTR(vp, &vattr, cred);
2437 vn_finished_write(mp);
2442 * Change mode of a file given path name.
2444 #ifndef _SYS_SYSPROTO_H_
2451 sys_chmod(struct thread *td, struct chmod_args *uap)
2454 return (kern_fchmodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2458 #ifndef _SYS_SYSPROTO_H_
2459 struct fchmodat_args {
2467 sys_fchmodat(struct thread *td, struct fchmodat_args *uap)
2469 int flag = uap->flag;
2471 char *path = uap->path;
2472 mode_t mode = uap->mode;
2474 if (flag & ~AT_SYMLINK_NOFOLLOW)
2477 return (kern_fchmodat(td, fd, path, UIO_USERSPACE, mode, flag));
2481 * Change mode of a file given path name (don't follow links.)
2483 #ifndef _SYS_SYSPROTO_H_
2484 struct lchmod_args {
2490 sys_lchmod(struct thread *td, struct lchmod_args *uap)
2493 return (kern_fchmodat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2494 uap->mode, AT_SYMLINK_NOFOLLOW));
2498 kern_fchmodat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2499 mode_t mode, int flag)
2501 struct nameidata nd;
2502 cap_rights_t rights;
2505 AUDIT_ARG_MODE(mode);
2506 follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2507 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, pathseg, path, fd,
2508 cap_rights_init(&rights, CAP_FCHMOD), td);
2509 if ((error = namei(&nd)) != 0)
2511 NDFREE(&nd, NDF_ONLY_PNBUF);
2512 error = setfmode(td, td->td_ucred, nd.ni_vp, mode);
2518 * Change mode of a file given a file descriptor.
2520 #ifndef _SYS_SYSPROTO_H_
2521 struct fchmod_args {
2527 sys_fchmod(struct thread *td, struct fchmod_args *uap)
2530 cap_rights_t rights;
2533 AUDIT_ARG_FD(uap->fd);
2534 AUDIT_ARG_MODE(uap->mode);
2536 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_FCHMOD), &fp);
2539 error = fo_chmod(fp, uap->mode, td->td_ucred, td);
2545 * Common implementation for chown(), lchown(), and fchown()
2548 setfown(struct thread *td, struct ucred *cred, struct vnode *vp, uid_t uid,
2555 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2557 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2562 error = mac_vnode_check_setowner(cred, vp, vattr.va_uid,
2566 error = VOP_SETATTR(vp, &vattr, cred);
2568 vn_finished_write(mp);
2573 * Set ownership given a path name.
2575 #ifndef _SYS_SYSPROTO_H_
2583 sys_chown(struct thread *td, struct chown_args *uap)
2586 return (kern_fchownat(td, AT_FDCWD, uap->path, UIO_USERSPACE, uap->uid,
2590 #ifndef _SYS_SYSPROTO_H_
2591 struct fchownat_args {
2600 sys_fchownat(struct thread *td, struct fchownat_args *uap)
2605 if (flag & ~AT_SYMLINK_NOFOLLOW)
2608 return (kern_fchownat(td, uap->fd, uap->path, UIO_USERSPACE, uap->uid,
2609 uap->gid, uap->flag));
2613 kern_fchownat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2614 int uid, int gid, int flag)
2616 struct nameidata nd;
2617 cap_rights_t rights;
2620 AUDIT_ARG_OWNER(uid, gid);
2621 follow = (flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW : FOLLOW;
2622 NDINIT_ATRIGHTS(&nd, LOOKUP, follow | AUDITVNODE1, pathseg, path, fd,
2623 cap_rights_init(&rights, CAP_FCHOWN), td);
2625 if ((error = namei(&nd)) != 0)
2627 NDFREE(&nd, NDF_ONLY_PNBUF);
2628 error = setfown(td, td->td_ucred, nd.ni_vp, uid, gid);
2634 * Set ownership given a path name, do not cross symlinks.
2636 #ifndef _SYS_SYSPROTO_H_
2637 struct lchown_args {
2644 sys_lchown(struct thread *td, struct lchown_args *uap)
2647 return (kern_fchownat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2648 uap->uid, uap->gid, AT_SYMLINK_NOFOLLOW));
2652 * Set ownership given a file descriptor.
2654 #ifndef _SYS_SYSPROTO_H_
2655 struct fchown_args {
2662 sys_fchown(struct thread *td, struct fchown_args *uap)
2665 cap_rights_t rights;
2668 AUDIT_ARG_FD(uap->fd);
2669 AUDIT_ARG_OWNER(uap->uid, uap->gid);
2670 error = fget(td, uap->fd, cap_rights_init(&rights, CAP_FCHOWN), &fp);
2673 error = fo_chown(fp, uap->uid, uap->gid, td->td_ucred, td);
2679 * Common implementation code for utimes(), lutimes(), and futimes().
2682 getutimes(const struct timeval *usrtvp, enum uio_seg tvpseg,
2683 struct timespec *tsp)
2685 struct timeval tv[2];
2686 const struct timeval *tvp;
2689 if (usrtvp == NULL) {
2690 vfs_timestamp(&tsp[0]);
2693 if (tvpseg == UIO_SYSSPACE) {
2696 if ((error = copyin(usrtvp, tv, sizeof(tv))) != 0)
2701 if (tvp[0].tv_usec < 0 || tvp[0].tv_usec >= 1000000 ||
2702 tvp[1].tv_usec < 0 || tvp[1].tv_usec >= 1000000)
2704 TIMEVAL_TO_TIMESPEC(&tvp[0], &tsp[0]);
2705 TIMEVAL_TO_TIMESPEC(&tvp[1], &tsp[1]);
2711 * Common implementation code for futimens(), utimensat().
2713 #define UTIMENS_NULL 0x1
2714 #define UTIMENS_EXIT 0x2
2716 getutimens(const struct timespec *usrtsp, enum uio_seg tspseg,
2717 struct timespec *tsp, int *retflags)
2719 struct timespec tsnow;
2722 vfs_timestamp(&tsnow);
2724 if (usrtsp == NULL) {
2727 *retflags |= UTIMENS_NULL;
2730 if (tspseg == UIO_SYSSPACE) {
2733 } else if ((error = copyin(usrtsp, tsp, sizeof(*tsp) * 2)) != 0)
2735 if (tsp[0].tv_nsec == UTIME_OMIT && tsp[1].tv_nsec == UTIME_OMIT)
2736 *retflags |= UTIMENS_EXIT;
2737 if (tsp[0].tv_nsec == UTIME_NOW && tsp[1].tv_nsec == UTIME_NOW)
2738 *retflags |= UTIMENS_NULL;
2739 if (tsp[0].tv_nsec == UTIME_OMIT)
2740 tsp[0].tv_sec = VNOVAL;
2741 else if (tsp[0].tv_nsec == UTIME_NOW)
2743 else if (tsp[0].tv_nsec < 0 || tsp[0].tv_nsec >= 1000000000L)
2745 if (tsp[1].tv_nsec == UTIME_OMIT)
2746 tsp[1].tv_sec = VNOVAL;
2747 else if (tsp[1].tv_nsec == UTIME_NOW)
2749 else if (tsp[1].tv_nsec < 0 || tsp[1].tv_nsec >= 1000000000L)
2756 * Common implementation code for utimes(), lutimes(), futimes(), futimens(),
2760 setutimes(struct thread *td, struct vnode *vp, const struct timespec *ts,
2761 int numtimes, int nullflag)
2765 int error, setbirthtime;
2767 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0)
2769 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
2771 if (numtimes < 3 && !VOP_GETATTR(vp, &vattr, td->td_ucred) &&
2772 timespeccmp(&ts[1], &vattr.va_birthtime, < ))
2775 vattr.va_atime = ts[0];
2776 vattr.va_mtime = ts[1];
2778 vattr.va_birthtime = ts[1];
2780 vattr.va_birthtime = ts[2];
2782 vattr.va_vaflags |= VA_UTIMES_NULL;
2784 error = mac_vnode_check_setutimes(td->td_ucred, vp, vattr.va_atime,
2788 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
2790 vn_finished_write(mp);
2795 * Set the access and modification times of a file.
2797 #ifndef _SYS_SYSPROTO_H_
2798 struct utimes_args {
2800 struct timeval *tptr;
2804 sys_utimes(struct thread *td, struct utimes_args *uap)
2807 return (kern_utimesat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
2808 uap->tptr, UIO_USERSPACE));
2811 #ifndef _SYS_SYSPROTO_H_
2812 struct futimesat_args {
2815 const struct timeval * times;
2819 sys_futimesat(struct thread *td, struct futimesat_args *uap)
2822 return (kern_utimesat(td, uap->fd, uap->path, UIO_USERSPACE,
2823 uap->times, UIO_USERSPACE));
2827 kern_utimesat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2828 struct timeval *tptr, enum uio_seg tptrseg)
2830 struct nameidata nd;
2831 struct timespec ts[2];
2832 cap_rights_t rights;
2835 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
2837 NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | AUDITVNODE1, pathseg, path, fd,
2838 cap_rights_init(&rights, CAP_FUTIMES), td);
2840 if ((error = namei(&nd)) != 0)
2842 NDFREE(&nd, NDF_ONLY_PNBUF);
2843 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
2849 * Set the access and modification times of a file.
2851 #ifndef _SYS_SYSPROTO_H_
2852 struct lutimes_args {
2854 struct timeval *tptr;
2858 sys_lutimes(struct thread *td, struct lutimes_args *uap)
2861 return (kern_lutimes(td, uap->path, UIO_USERSPACE, uap->tptr,
2866 kern_lutimes(struct thread *td, char *path, enum uio_seg pathseg,
2867 struct timeval *tptr, enum uio_seg tptrseg)
2869 struct timespec ts[2];
2870 struct nameidata nd;
2873 if ((error = getutimes(tptr, tptrseg, ts)) != 0)
2875 NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNODE1, pathseg, path, td);
2876 if ((error = namei(&nd)) != 0)
2878 NDFREE(&nd, NDF_ONLY_PNBUF);
2879 error = setutimes(td, nd.ni_vp, ts, 2, tptr == NULL);
2885 * Set the access and modification times of a file.
2887 #ifndef _SYS_SYSPROTO_H_
2888 struct futimes_args {
2890 struct timeval *tptr;
2894 sys_futimes(struct thread *td, struct futimes_args *uap)
2897 return (kern_futimes(td, uap->fd, uap->tptr, UIO_USERSPACE));
2901 kern_futimes(struct thread *td, int fd, struct timeval *tptr,
2902 enum uio_seg tptrseg)
2904 struct timespec ts[2];
2906 cap_rights_t rights;
2910 error = getutimes(tptr, tptrseg, ts);
2913 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FUTIMES), &fp);
2917 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
2918 AUDIT_ARG_VNODE1(fp->f_vnode);
2919 VOP_UNLOCK(fp->f_vnode, 0);
2921 error = setutimes(td, fp->f_vnode, ts, 2, tptr == NULL);
2927 sys_futimens(struct thread *td, struct futimens_args *uap)
2930 return (kern_futimens(td, uap->fd, uap->times, UIO_USERSPACE));
2934 kern_futimens(struct thread *td, int fd, struct timespec *tptr,
2935 enum uio_seg tptrseg)
2937 struct timespec ts[2];
2939 cap_rights_t rights;
2943 error = getutimens(tptr, tptrseg, ts, &flags);
2946 if (flags & UTIMENS_EXIT)
2948 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FUTIMES), &fp);
2952 vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY);
2953 AUDIT_ARG_VNODE1(fp->f_vnode);
2954 VOP_UNLOCK(fp->f_vnode, 0);
2956 error = setutimes(td, fp->f_vnode, ts, 2, flags & UTIMENS_NULL);
2962 sys_utimensat(struct thread *td, struct utimensat_args *uap)
2965 return (kern_utimensat(td, uap->fd, uap->path, UIO_USERSPACE,
2966 uap->times, UIO_USERSPACE, uap->flag));
2970 kern_utimensat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
2971 struct timespec *tptr, enum uio_seg tptrseg, int flag)
2973 struct nameidata nd;
2974 struct timespec ts[2];
2975 cap_rights_t rights;
2978 if (flag & ~AT_SYMLINK_NOFOLLOW)
2981 if ((error = getutimens(tptr, tptrseg, ts, &flags)) != 0)
2983 NDINIT_ATRIGHTS(&nd, LOOKUP, ((flag & AT_SYMLINK_NOFOLLOW) ? NOFOLLOW :
2984 FOLLOW) | AUDITVNODE1, pathseg, path, fd,
2985 cap_rights_init(&rights, CAP_FUTIMES), td);
2986 if ((error = namei(&nd)) != 0)
2989 * We are allowed to call namei() regardless of 2xUTIME_OMIT.
2991 * "If both tv_nsec fields are UTIME_OMIT... EACCESS may be detected."
2992 * "Search permission is denied by a component of the path prefix."
2994 NDFREE(&nd, NDF_ONLY_PNBUF);
2995 if ((flags & UTIMENS_EXIT) == 0)
2996 error = setutimes(td, nd.ni_vp, ts, 2, flags & UTIMENS_NULL);
3002 * Truncate a file given its path name.
3004 #ifndef _SYS_SYSPROTO_H_
3005 struct truncate_args {
3012 sys_truncate(struct thread *td, struct truncate_args *uap)
3015 return (kern_truncate(td, uap->path, UIO_USERSPACE, uap->length));
3019 kern_truncate(struct thread *td, char *path, enum uio_seg pathseg, off_t length)
3025 struct nameidata nd;
3030 NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1, pathseg, path, td);
3031 if ((error = namei(&nd)) != 0)
3034 rl_cookie = vn_rangelock_wlock(vp, 0, OFF_MAX);
3035 if ((error = vn_start_write(vp, &mp, V_WAIT | PCATCH)) != 0) {
3036 vn_rangelock_unlock(vp, rl_cookie);
3040 NDFREE(&nd, NDF_ONLY_PNBUF);
3041 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
3042 if (vp->v_type == VDIR)
3045 else if ((error = mac_vnode_check_write(td->td_ucred, NOCRED, vp))) {
3048 else if ((error = vn_writechk(vp)) == 0 &&
3049 (error = VOP_ACCESS(vp, VWRITE, td->td_ucred, td)) == 0) {
3051 vattr.va_size = length;
3052 error = VOP_SETATTR(vp, &vattr, td->td_ucred);
3055 vn_finished_write(mp);
3056 vn_rangelock_unlock(vp, rl_cookie);
3061 #if defined(COMPAT_43)
3063 * Truncate a file given its path name.
3065 #ifndef _SYS_SYSPROTO_H_
3066 struct otruncate_args {
3072 otruncate(struct thread *td, struct otruncate_args *uap)
3075 return (kern_truncate(td, uap->path, UIO_USERSPACE, uap->length));
3077 #endif /* COMPAT_43 */
3079 #if defined(COMPAT_FREEBSD6)
3080 /* Versions with the pad argument */
3082 freebsd6_truncate(struct thread *td, struct freebsd6_truncate_args *uap)
3085 return (kern_truncate(td, uap->path, UIO_USERSPACE, uap->length));
3089 freebsd6_ftruncate(struct thread *td, struct freebsd6_ftruncate_args *uap)
3092 return (kern_ftruncate(td, uap->fd, uap->length));
3097 kern_fsync(struct thread *td, int fd, bool fullsync)
3102 cap_rights_t rights;
3103 int error, lock_flags;
3106 error = getvnode(td, fd, cap_rights_init(&rights, CAP_FSYNC), &fp);
3112 /* XXXKIB: compete outstanding aio writes */;
3114 error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
3117 if (MNT_SHARED_WRITES(mp) ||
3118 ((mp == NULL) && MNT_SHARED_WRITES(vp->v_mount))) {
3119 lock_flags = LK_SHARED;
3121 lock_flags = LK_EXCLUSIVE;
3123 vn_lock(vp, lock_flags | LK_RETRY);
3124 AUDIT_ARG_VNODE1(vp);
3125 if (vp->v_object != NULL) {
3126 VM_OBJECT_WLOCK(vp->v_object);
3127 vm_object_page_clean(vp->v_object, 0, 0, 0);
3128 VM_OBJECT_WUNLOCK(vp->v_object);
3130 error = fullsync ? VOP_FSYNC(vp, MNT_WAIT, td) : VOP_FDATASYNC(vp, td);
3132 vn_finished_write(mp);
3139 * Sync an open file.
3141 #ifndef _SYS_SYSPROTO_H_
3147 sys_fsync(struct thread *td, struct fsync_args *uap)
3150 return (kern_fsync(td, uap->fd, true));
3154 sys_fdatasync(struct thread *td, struct fdatasync_args *uap)
3157 return (kern_fsync(td, uap->fd, false));
3161 * Rename files. Source and destination must either both be directories, or
3162 * both not be directories. If target is a directory, it must be empty.
3164 #ifndef _SYS_SYSPROTO_H_
3165 struct rename_args {
3171 sys_rename(struct thread *td, struct rename_args *uap)
3174 return (kern_renameat(td, AT_FDCWD, uap->from, AT_FDCWD,
3175 uap->to, UIO_USERSPACE));
3178 #ifndef _SYS_SYSPROTO_H_
3179 struct renameat_args {
3187 sys_renameat(struct thread *td, struct renameat_args *uap)
3190 return (kern_renameat(td, uap->oldfd, uap->old, uap->newfd, uap->new,
3195 kern_renameat(struct thread *td, int oldfd, char *old, int newfd, char *new,
3196 enum uio_seg pathseg)
3198 struct mount *mp = NULL;
3199 struct vnode *tvp, *fvp, *tdvp;
3200 struct nameidata fromnd, tond;
3201 cap_rights_t rights;
3207 NDINIT_ATRIGHTS(&fromnd, DELETE, LOCKPARENT | LOCKLEAF | SAVESTART |
3208 AUDITVNODE1, pathseg, old, oldfd,
3209 cap_rights_init(&rights, CAP_RENAMEAT_SOURCE), td);
3211 NDINIT_ATRIGHTS(&fromnd, DELETE, WANTPARENT | SAVESTART | AUDITVNODE1,
3212 pathseg, old, oldfd,
3213 cap_rights_init(&rights, CAP_RENAMEAT_SOURCE), td);
3216 if ((error = namei(&fromnd)) != 0)
3219 error = mac_vnode_check_rename_from(td->td_ucred, fromnd.ni_dvp,
3220 fromnd.ni_vp, &fromnd.ni_cnd);
3221 VOP_UNLOCK(fromnd.ni_dvp, 0);
3222 if (fromnd.ni_dvp != fromnd.ni_vp)
3223 VOP_UNLOCK(fromnd.ni_vp, 0);
3226 NDINIT_ATRIGHTS(&tond, RENAME, LOCKPARENT | LOCKLEAF | NOCACHE |
3227 SAVESTART | AUDITVNODE2, pathseg, new, newfd,
3228 cap_rights_init(&rights, CAP_RENAMEAT_TARGET), td);
3229 if (fromnd.ni_vp->v_type == VDIR)
3230 tond.ni_cnd.cn_flags |= WILLBEDIR;
3231 if ((error = namei(&tond)) != 0) {
3232 /* Translate error code for rename("dir1", "dir2/."). */
3233 if (error == EISDIR && fvp->v_type == VDIR)
3235 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3236 vrele(fromnd.ni_dvp);
3242 error = vn_start_write(fvp, &mp, V_NOWAIT);
3244 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3245 NDFREE(&tond, NDF_ONLY_PNBUF);
3252 vrele(fromnd.ni_dvp);
3254 vrele(tond.ni_startdir);
3255 if (fromnd.ni_startdir != NULL)
3256 vrele(fromnd.ni_startdir);
3257 error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH);
3263 if (fvp->v_type == VDIR && tvp->v_type != VDIR) {
3266 } else if (fvp->v_type != VDIR && tvp->v_type == VDIR) {
3271 if (newfd != AT_FDCWD) {
3273 * If the target already exists we require CAP_UNLINKAT
3276 error = cap_check(&tond.ni_filecaps.fc_rights,
3277 cap_rights_init(&rights, CAP_UNLINKAT));
3288 * If the source is the same as the destination (that is, if they
3289 * are links to the same vnode), then there is nothing to do.
3295 error = mac_vnode_check_rename_to(td->td_ucred, tdvp,
3296 tond.ni_vp, fromnd.ni_dvp == tdvp, &tond.ni_cnd);
3300 error = VOP_RENAME(fromnd.ni_dvp, fromnd.ni_vp, &fromnd.ni_cnd,
3301 tond.ni_dvp, tond.ni_vp, &tond.ni_cnd);
3302 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3303 NDFREE(&tond, NDF_ONLY_PNBUF);
3305 NDFREE(&fromnd, NDF_ONLY_PNBUF);
3306 NDFREE(&tond, NDF_ONLY_PNBUF);
3313 vrele(fromnd.ni_dvp);
3316 vrele(tond.ni_startdir);
3317 vn_finished_write(mp);
3319 if (fromnd.ni_startdir)
3320 vrele(fromnd.ni_startdir);
3327 * Make a directory file.
3329 #ifndef _SYS_SYSPROTO_H_
3336 sys_mkdir(struct thread *td, struct mkdir_args *uap)
3339 return (kern_mkdirat(td, AT_FDCWD, uap->path, UIO_USERSPACE,
3343 #ifndef _SYS_SYSPROTO_H_
3344 struct mkdirat_args {
3351 sys_mkdirat(struct thread *td, struct mkdirat_args *uap)
3354 return (kern_mkdirat(td, uap->fd, uap->path, UIO_USERSPACE, uap->mode));
3358 kern_mkdirat(struct thread *td, int fd, char *path, enum uio_seg segflg,
3364 struct nameidata nd;
3365 cap_rights_t rights;
3368 AUDIT_ARG_MODE(mode);
3371 NDINIT_ATRIGHTS(&nd, CREATE, LOCKPARENT | SAVENAME | AUDITVNODE1 |
3372 NOCACHE, segflg, path, fd, cap_rights_init(&rights, CAP_MKDIRAT),
3374 nd.ni_cnd.cn_flags |= WILLBEDIR;
3375 if ((error = namei(&nd)) != 0)
3379 NDFREE(&nd, NDF_ONLY_PNBUF);
3381 * XXX namei called with LOCKPARENT but not LOCKLEAF has
3382 * the strange behaviour of leaving the vnode unlocked
3383 * if the target is the same vnode as the parent.
3385 if (vp == nd.ni_dvp)
3392 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3393 NDFREE(&nd, NDF_ONLY_PNBUF);
3395 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3400 vattr.va_type = VDIR;
3401 vattr.va_mode = (mode & ACCESSPERMS) &~ td->td_proc->p_fd->fd_cmask;
3403 error = mac_vnode_check_create(td->td_ucred, nd.ni_dvp, &nd.ni_cnd,
3408 error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
3412 NDFREE(&nd, NDF_ONLY_PNBUF);
3416 vn_finished_write(mp);
3421 * Remove a directory file.
3423 #ifndef _SYS_SYSPROTO_H_
3429 sys_rmdir(struct thread *td, struct rmdir_args *uap)
3432 return (kern_rmdirat(td, AT_FDCWD, uap->path, UIO_USERSPACE));
3436 kern_rmdirat(struct thread *td, int fd, char *path, enum uio_seg pathseg)
3440 struct nameidata nd;
3441 cap_rights_t rights;
3446 NDINIT_ATRIGHTS(&nd, DELETE, LOCKPARENT | LOCKLEAF | AUDITVNODE1,
3447 pathseg, path, fd, cap_rights_init(&rights, CAP_UNLINKAT), td);
3448 if ((error = namei(&nd)) != 0)
3451 if (vp->v_type != VDIR) {
3456 * No rmdir "." please.
3458 if (nd.ni_dvp == vp) {
3463 * The root of a mounted filesystem cannot be deleted.
3465 if (vp->v_vflag & VV_ROOT) {
3470 error = mac_vnode_check_unlink(td->td_ucred, nd.ni_dvp, vp,
3475 if (vn_start_write(nd.ni_dvp, &mp, V_NOWAIT) != 0) {
3476 NDFREE(&nd, NDF_ONLY_PNBUF);
3478 if (nd.ni_dvp == vp)
3482 if ((error = vn_start_write(NULL, &mp, V_XSLEEP | PCATCH)) != 0)
3486 vfs_notify_upper(vp, VFS_NOTIFY_UPPER_UNLINK);
3487 error = VOP_RMDIR(nd.ni_dvp, nd.ni_vp, &nd.ni_cnd);
3488 vn_finished_write(mp);
3490 NDFREE(&nd, NDF_ONLY_PNBUF);
3492 if (nd.ni_dvp == vp)
3501 * Read a block of directory entries in a filesystem independent format.
3503 #ifndef _SYS_SYSPROTO_H_
3504 struct ogetdirentries_args {
3512 ogetdirentries(struct thread *td, struct ogetdirentries_args *uap)
3517 error = kern_ogetdirentries(td, uap, &loff);
3519 error = copyout(&loff, uap->basep, sizeof(long));
3524 kern_ogetdirentries(struct thread *td, struct ogetdirentries_args *uap,
3529 struct uio auio, kuio;
3530 struct iovec aiov, kiov;
3531 struct dirent *dp, *edp;
3532 cap_rights_t rights;
3534 int error, eofflag, readcnt;
3538 /* XXX arbitrary sanity limit on `count'. */
3539 if (uap->count > 64 * 1024)
3541 error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_READ), &fp);
3544 if ((fp->f_flag & FREAD) == 0) {
3549 foffset = foffset_lock(fp, 0);
3551 if (vp->v_type != VDIR) {
3552 foffset_unlock(fp, foffset, 0);
3556 aiov.iov_base = uap->buf;
3557 aiov.iov_len = uap->count;
3558 auio.uio_iov = &aiov;
3559 auio.uio_iovcnt = 1;
3560 auio.uio_rw = UIO_READ;
3561 auio.uio_segflg = UIO_USERSPACE;
3563 auio.uio_resid = uap->count;
3564 vn_lock(vp, LK_SHARED | LK_RETRY);
3565 loff = auio.uio_offset = foffset;
3567 error = mac_vnode_check_readdir(td->td_ucred, vp);
3570 foffset_unlock(fp, foffset, FOF_NOUPDATE);
3575 # if (BYTE_ORDER != LITTLE_ENDIAN)
3576 if (vp->v_mount->mnt_maxsymlinklen <= 0) {
3577 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag,
3579 foffset = auio.uio_offset;
3584 kuio.uio_iov = &kiov;
3585 kuio.uio_segflg = UIO_SYSSPACE;
3586 kiov.iov_len = uap->count;
3587 dirbuf = malloc(uap->count, M_TEMP, M_WAITOK);
3588 kiov.iov_base = dirbuf;
3589 error = VOP_READDIR(vp, &kuio, fp->f_cred, &eofflag,
3591 foffset = kuio.uio_offset;
3593 readcnt = uap->count - kuio.uio_resid;
3594 edp = (struct dirent *)&dirbuf[readcnt];
3595 for (dp = (struct dirent *)dirbuf; dp < edp; ) {
3596 # if (BYTE_ORDER == LITTLE_ENDIAN)
3598 * The expected low byte of
3599 * dp->d_namlen is our dp->d_type.
3600 * The high MBZ byte of dp->d_namlen
3601 * is our dp->d_namlen.
3603 dp->d_type = dp->d_namlen;
3607 * The dp->d_type is the high byte
3608 * of the expected dp->d_namlen,
3609 * so must be zero'ed.
3613 if (dp->d_reclen > 0) {
3614 dp = (struct dirent *)
3615 ((char *)dp + dp->d_reclen);
3622 error = uiomove(dirbuf, readcnt, &auio);
3624 free(dirbuf, M_TEMP);
3628 foffset_unlock(fp, foffset, 0);
3632 if (uap->count == auio.uio_resid &&
3633 (vp->v_vflag & VV_ROOT) &&
3634 (vp->v_mount->mnt_flag & MNT_UNION)) {
3635 struct vnode *tvp = vp;
3636 vp = vp->v_mount->mnt_vnodecovered;
3645 foffset_unlock(fp, foffset, 0);
3647 td->td_retval[0] = uap->count - auio.uio_resid;
3652 #endif /* COMPAT_43 */
3655 * Read a block of directory entries in a filesystem independent format.
3657 #ifndef _SYS_SYSPROTO_H_
3658 struct getdirentries_args {
3666 sys_getdirentries(struct thread *td, struct getdirentries_args *uap)
3671 error = kern_getdirentries(td, uap->fd, uap->buf, uap->count, &base,
3672 NULL, UIO_USERSPACE);
3675 if (uap->basep != NULL)
3676 error = copyout(&base, uap->basep, sizeof(long));
3681 kern_getdirentries(struct thread *td, int fd, char *buf, u_int count,
3682 long *basep, ssize_t *residp, enum uio_seg bufseg)
3688 cap_rights_t rights;
3694 if (count > IOSIZE_MAX)
3696 auio.uio_resid = count;
3697 error = getvnode(td, fd, cap_rights_init(&rights, CAP_READ), &fp);
3700 if ((fp->f_flag & FREAD) == 0) {
3705 foffset = foffset_lock(fp, 0);
3707 if (vp->v_type != VDIR) {
3711 aiov.iov_base = buf;
3712 aiov.iov_len = count;
3713 auio.uio_iov = &aiov;
3714 auio.uio_iovcnt = 1;
3715 auio.uio_rw = UIO_READ;
3716 auio.uio_segflg = bufseg;
3718 vn_lock(vp, LK_SHARED | LK_RETRY);
3719 AUDIT_ARG_VNODE1(vp);
3720 loff = auio.uio_offset = foffset;
3722 error = mac_vnode_check_readdir(td->td_ucred, vp);
3725 error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, NULL,
3727 foffset = auio.uio_offset;
3732 if (count == auio.uio_resid &&
3733 (vp->v_vflag & VV_ROOT) &&
3734 (vp->v_mount->mnt_flag & MNT_UNION)) {
3735 struct vnode *tvp = vp;
3737 vp = vp->v_mount->mnt_vnodecovered;
3748 *residp = auio.uio_resid;
3749 td->td_retval[0] = count - auio.uio_resid;
3751 foffset_unlock(fp, foffset, 0);
3756 #ifndef _SYS_SYSPROTO_H_
3757 struct getdents_args {
3764 sys_getdents(struct thread *td, struct getdents_args *uap)
3766 struct getdirentries_args ap;
3770 ap.count = uap->count;
3772 return (sys_getdirentries(td, &ap));
3776 * Set the mode mask for creation of filesystem nodes.
3778 #ifndef _SYS_SYSPROTO_H_
3784 sys_umask(struct thread *td, struct umask_args *uap)
3786 struct filedesc *fdp;
3788 fdp = td->td_proc->p_fd;
3789 FILEDESC_XLOCK(fdp);
3790 td->td_retval[0] = fdp->fd_cmask;
3791 fdp->fd_cmask = uap->newmask & ALLPERMS;
3792 FILEDESC_XUNLOCK(fdp);
3797 * Void all references to file by ripping underlying filesystem away from
3800 #ifndef _SYS_SYSPROTO_H_
3801 struct revoke_args {
3806 sys_revoke(struct thread *td, struct revoke_args *uap)
3810 struct nameidata nd;
3813 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
3815 if ((error = namei(&nd)) != 0)
3818 NDFREE(&nd, NDF_ONLY_PNBUF);
3819 if (vp->v_type != VCHR || vp->v_rdev == NULL) {
3824 error = mac_vnode_check_revoke(td->td_ucred, vp);
3828 error = VOP_GETATTR(vp, &vattr, td->td_ucred);
3831 if (td->td_ucred->cr_uid != vattr.va_uid) {
3832 error = priv_check(td, PRIV_VFS_ADMIN);
3837 VOP_REVOKE(vp, REVOKEALL);
3844 * Convert a user file descriptor to a kernel file entry and check that, if it
3845 * is a capability, the correct rights are present. A reference on the file
3846 * entry is held upon returning.
3849 getvnode(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp)
3854 error = fget_unlocked(td->td_proc->p_fd, fd, rightsp, &fp, NULL);
3859 * The file could be not of the vnode type, or it may be not
3860 * yet fully initialized, in which case the f_vnode pointer
3861 * may be set, but f_ops is still badfileops. E.g.,
3862 * devfs_open() transiently create such situation to
3863 * facilitate csw d_fdopen().
3865 * Dupfdopen() handling in kern_openat() installs the
3866 * half-baked file into the process descriptor table, allowing
3867 * other thread to dereference it. Guard against the race by
3870 if (fp->f_vnode == NULL || fp->f_ops == &badfileops) {
3880 * Get an (NFS) file handle.
3882 #ifndef _SYS_SYSPROTO_H_
3883 struct lgetfh_args {
3889 sys_lgetfh(struct thread *td, struct lgetfh_args *uap)
3891 struct nameidata nd;
3896 error = priv_check(td, PRIV_VFS_GETFH);
3899 NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
3904 NDFREE(&nd, NDF_ONLY_PNBUF);
3906 bzero(&fh, sizeof(fh));
3907 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
3908 error = VOP_VPTOFH(vp, &fh.fh_fid);
3911 error = copyout(&fh, uap->fhp, sizeof (fh));
3915 #ifndef _SYS_SYSPROTO_H_
3922 sys_getfh(struct thread *td, struct getfh_args *uap)
3924 struct nameidata nd;
3929 error = priv_check(td, PRIV_VFS_GETFH);
3932 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_USERSPACE,
3937 NDFREE(&nd, NDF_ONLY_PNBUF);
3939 bzero(&fh, sizeof(fh));
3940 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
3941 error = VOP_VPTOFH(vp, &fh.fh_fid);
3944 error = copyout(&fh, uap->fhp, sizeof (fh));
3949 * syscall for the rpc.lockd to use to translate a NFS file handle into an
3952 * warning: do not remove the priv_check() call or this becomes one giant
3955 #ifndef _SYS_SYSPROTO_H_
3956 struct fhopen_args {
3957 const struct fhandle *u_fhp;
3962 sys_fhopen(struct thread *td, struct fhopen_args *uap)
3971 error = priv_check(td, PRIV_VFS_FHOPEN);
3975 fmode = FFLAGS(uap->flags);
3976 /* why not allow a non-read/write open for our lockd? */
3977 if (((fmode & (FREAD | FWRITE)) == 0) || (fmode & O_CREAT))
3979 error = copyin(uap->u_fhp, &fhp, sizeof(fhp));
3982 /* find the mount point */
3983 mp = vfs_busyfs(&fhp.fh_fsid);
3986 /* now give me my vnode, it gets returned to me locked */
3987 error = VFS_FHTOVP(mp, &fhp.fh_fid, LK_EXCLUSIVE, &vp);
3992 error = falloc_noinstall(td, &fp);
3998 * An extra reference on `fp' has been held for us by
3999 * falloc_noinstall().
4005 error = vn_open_vnode(vp, fmode, td->td_ucred, td, fp);
4007 KASSERT(fp->f_ops == &badfileops,
4008 ("VOP_OPEN in fhopen() set f_ops"));
4009 KASSERT(td->td_dupfd < 0,
4010 ("fhopen() encountered fdopen()"));
4020 finit(fp, (fmode & FMASK) | (fp->f_flag & FHASLOCK), DTYPE_VNODE, vp,
4023 if ((fmode & O_TRUNC) != 0) {
4024 error = fo_truncate(fp, 0, td->td_ucred, td);
4029 error = finstall(td, fp, &indx, fmode, NULL);
4032 td->td_retval[0] = indx;
4037 * Stat an (NFS) file handle.
4039 #ifndef _SYS_SYSPROTO_H_
4040 struct fhstat_args {
4041 struct fhandle *u_fhp;
4046 sys_fhstat(struct thread *td, struct fhstat_args *uap)
4052 error = copyin(uap->u_fhp, &fh, sizeof(fh));
4055 error = kern_fhstat(td, fh, &sb);
4057 error = copyout(&sb, uap->sb, sizeof(sb));
4062 kern_fhstat(struct thread *td, struct fhandle fh, struct stat *sb)
4068 error = priv_check(td, PRIV_VFS_FHSTAT);
4071 if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL)
4073 error = VFS_FHTOVP(mp, &fh.fh_fid, LK_EXCLUSIVE, &vp);
4077 error = vn_stat(vp, sb, td->td_ucred, NOCRED, td);
4083 * Implement fstatfs() for (NFS) file handles.
4085 #ifndef _SYS_SYSPROTO_H_
4086 struct fhstatfs_args {
4087 struct fhandle *u_fhp;
4092 sys_fhstatfs(struct thread *td, struct fhstatfs_args *uap)
4098 error = copyin(uap->u_fhp, &fh, sizeof(fhandle_t));
4101 sfp = malloc(sizeof(struct statfs), M_STATFS, M_WAITOK);
4102 error = kern_fhstatfs(td, fh, sfp);
4104 error = copyout(sfp, uap->buf, sizeof(*sfp));
4105 free(sfp, M_STATFS);
4110 kern_fhstatfs(struct thread *td, fhandle_t fh, struct statfs *buf)
4117 error = priv_check(td, PRIV_VFS_FHSTATFS);
4120 if ((mp = vfs_busyfs(&fh.fh_fsid)) == NULL)
4122 error = VFS_FHTOVP(mp, &fh.fh_fid, LK_EXCLUSIVE, &vp);
4128 error = prison_canseemount(td->td_ucred, mp);
4132 error = mac_mount_check_stat(td->td_ucred, mp);
4137 * Set these in case the underlying filesystem fails to do so.
4140 sp->f_version = STATFS_VERSION;
4141 sp->f_namemax = NAME_MAX;
4142 sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK;
4143 error = VFS_STATFS(mp, sp);
4152 kern_posix_fallocate(struct thread *td, int fd, off_t offset, off_t len)
4157 cap_rights_t rights;
4158 off_t olen, ooffset;
4161 if (offset < 0 || len <= 0)
4163 /* Check for wrap. */
4164 if (offset > OFF_MAX - len)
4166 error = fget(td, fd, cap_rights_init(&rights, CAP_PWRITE), &fp);
4169 if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
4173 if ((fp->f_flag & FWRITE) == 0) {
4177 if (fp->f_type != DTYPE_VNODE) {
4182 if (vp->v_type != VREG) {
4187 /* Allocating blocks may take a long time, so iterate. */
4194 error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
4197 error = vn_lock(vp, LK_EXCLUSIVE);
4199 vn_finished_write(mp);
4203 error = mac_vnode_check_write(td->td_ucred, fp->f_cred, vp);
4206 error = VOP_ALLOCATE(vp, &offset, &len);
4208 vn_finished_write(mp);
4210 if (olen + ooffset != offset + len) {
4211 panic("offset + len changed from %jx/%jx to %jx/%jx",
4212 ooffset, olen, offset, len);
4214 if (error != 0 || len == 0)
4216 KASSERT(olen > len, ("Iteration did not make progress?"));
4225 sys_posix_fallocate(struct thread *td, struct posix_fallocate_args *uap)
4229 error = kern_posix_fallocate(td, uap->fd, uap->offset, uap->len);
4230 return (kern_posix_error(td, error));
4234 * Unlike madvise(2), we do not make a best effort to remember every
4235 * possible caching hint. Instead, we remember the last setting with
4236 * the exception that we will allow POSIX_FADV_NORMAL to adjust the
4237 * region of any current setting.
4240 kern_posix_fadvise(struct thread *td, int fd, off_t offset, off_t len,
4243 struct fadvise_info *fa, *new;
4246 cap_rights_t rights;
4250 if (offset < 0 || len < 0 || offset > OFF_MAX - len)
4253 case POSIX_FADV_SEQUENTIAL:
4254 case POSIX_FADV_RANDOM:
4255 case POSIX_FADV_NOREUSE:
4256 new = malloc(sizeof(*fa), M_FADVISE, M_WAITOK);
4258 case POSIX_FADV_NORMAL:
4259 case POSIX_FADV_WILLNEED:
4260 case POSIX_FADV_DONTNEED:
4266 /* XXX: CAP_POSIX_FADVISE? */
4267 error = fget(td, fd, cap_rights_init(&rights), &fp);
4270 if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
4274 if (fp->f_type != DTYPE_VNODE) {
4279 if (vp->v_type != VREG) {
4286 end = offset + len - 1;
4288 case POSIX_FADV_SEQUENTIAL:
4289 case POSIX_FADV_RANDOM:
4290 case POSIX_FADV_NOREUSE:
4292 * Try to merge any existing non-standard region with
4293 * this new region if possible, otherwise create a new
4294 * non-standard region for this request.
4296 mtx_pool_lock(mtxpool_sleep, fp);
4298 if (fa != NULL && fa->fa_advice == advice &&
4299 ((fa->fa_start <= end && fa->fa_end >= offset) ||
4300 (end != OFF_MAX && fa->fa_start == end + 1) ||
4301 (fa->fa_end != OFF_MAX && fa->fa_end + 1 == offset))) {
4302 if (offset < fa->fa_start)
4303 fa->fa_start = offset;
4304 if (end > fa->fa_end)
4307 new->fa_advice = advice;
4308 new->fa_start = offset;
4313 mtx_pool_unlock(mtxpool_sleep, fp);
4315 case POSIX_FADV_NORMAL:
4317 * If a the "normal" region overlaps with an existing
4318 * non-standard region, trim or remove the
4319 * non-standard region.
4321 mtx_pool_lock(mtxpool_sleep, fp);
4324 if (offset <= fa->fa_start && end >= fa->fa_end) {
4326 fp->f_advice = NULL;
4327 } else if (offset <= fa->fa_start &&
4328 end >= fa->fa_start)
4329 fa->fa_start = end + 1;
4330 else if (offset <= fa->fa_end && end >= fa->fa_end)
4331 fa->fa_end = offset - 1;
4332 else if (offset >= fa->fa_start && end <= fa->fa_end) {
4334 * If the "normal" region is a middle
4335 * portion of the existing
4336 * non-standard region, just remove
4337 * the whole thing rather than picking
4338 * one side or the other to
4342 fp->f_advice = NULL;
4345 mtx_pool_unlock(mtxpool_sleep, fp);
4347 case POSIX_FADV_WILLNEED:
4348 case POSIX_FADV_DONTNEED:
4349 error = VOP_ADVISE(vp, offset, end, advice);
4355 free(new, M_FADVISE);
4360 sys_posix_fadvise(struct thread *td, struct posix_fadvise_args *uap)
4364 error = kern_posix_fadvise(td, uap->fd, uap->offset, uap->len,
4366 return (kern_posix_error(td, error));