2 * Copyright (c) 1982, 1986, 1989, 1993, 1995
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * @(#)ufs_vnops.c 8.27 (Berkeley) 5/27/95
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
40 #include "opt_quota.h"
41 #include "opt_suiddir.h"
45 #include <sys/param.h>
46 #include <sys/systm.h>
47 #include <sys/malloc.h>
48 #include <sys/namei.h>
49 #include <sys/kernel.h>
50 #include <sys/fcntl.h>
51 #include <sys/filio.h>
55 #include <sys/mount.h>
57 #include <sys/refcount.h>
58 #include <sys/unistd.h>
59 #include <sys/vnode.h>
60 #include <sys/dirent.h>
61 #include <sys/lockf.h>
65 #include <security/mac/mac_framework.h>
67 #include <sys/file.h> /* XXX */
70 #include <vm/vm_extern.h>
72 #include <fs/fifofs/fifo.h>
74 #include <ufs/ufs/acl.h>
75 #include <ufs/ufs/extattr.h>
76 #include <ufs/ufs/quota.h>
77 #include <ufs/ufs/inode.h>
78 #include <ufs/ufs/dir.h>
79 #include <ufs/ufs/ufsmount.h>
80 #include <ufs/ufs/ufs_extern.h>
82 #include <ufs/ufs/dirhash.h>
85 #include <ufs/ufs/gjournal.h>
86 FEATURE(ufs_gjournal, "Journaling support through GEOM for UFS");
90 FEATURE(ufs_quota, "UFS disk quotas support");
91 FEATURE(ufs_quota64, "64bit UFS disk quotas support");
96 "Give all new files in directory the same ownership as the directory");
100 #include <ufs/ffs/ffs_extern.h>
102 static vop_accessx_t ufs_accessx;
103 static int ufs_chmod(struct vnode *, int, struct ucred *, struct thread *);
104 static int ufs_chown(struct vnode *, uid_t, gid_t, struct ucred *, struct thread *);
105 static vop_close_t ufs_close;
106 static vop_create_t ufs_create;
107 static vop_getattr_t ufs_getattr;
108 static vop_ioctl_t ufs_ioctl;
109 static vop_link_t ufs_link;
110 static int ufs_makeinode(int mode, struct vnode *, struct vnode **, struct componentname *);
111 static vop_markatime_t ufs_markatime;
112 static vop_mkdir_t ufs_mkdir;
113 static vop_mknod_t ufs_mknod;
114 static vop_open_t ufs_open;
115 static vop_pathconf_t ufs_pathconf;
116 static vop_print_t ufs_print;
117 static vop_readlink_t ufs_readlink;
118 static vop_remove_t ufs_remove;
119 static vop_rename_t ufs_rename;
120 static vop_rmdir_t ufs_rmdir;
121 static vop_setattr_t ufs_setattr;
122 static vop_strategy_t ufs_strategy;
123 static vop_symlink_t ufs_symlink;
124 static vop_whiteout_t ufs_whiteout;
125 static vop_close_t ufsfifo_close;
126 static vop_kqfilter_t ufsfifo_kqfilter;
127 static vop_pathconf_t ufsfifo_pathconf;
129 SYSCTL_NODE(_vfs, OID_AUTO, ufs, CTLFLAG_RD, 0, "UFS filesystem");
132 * A virgin directory (no blushing please).
134 static struct dirtemplate mastertemplate = {
135 0, 12, DT_DIR, 1, ".",
136 0, DIRBLKSIZ - 12, DT_DIR, 2, ".."
138 static struct odirtemplate omastertemplate = {
140 0, DIRBLKSIZ - 12, 2, ".."
144 ufs_itimes_locked(struct vnode *vp)
149 ASSERT_VI_LOCKED(vp, __func__);
154 if ((ip->i_flag & (IN_ACCESS | IN_CHANGE | IN_UPDATE)) == 0)
157 if ((vp->v_type == VBLK || vp->v_type == VCHR) && !DOINGSOFTDEP(vp))
158 ip->i_flag |= IN_LAZYMOD;
159 else if (((vp->v_mount->mnt_kern_flag &
160 (MNTK_SUSPENDED | MNTK_SUSPEND)) == 0) ||
161 (ip->i_flag & (IN_CHANGE | IN_UPDATE)))
162 ip->i_flag |= IN_MODIFIED;
163 else if (ip->i_flag & IN_ACCESS)
164 ip->i_flag |= IN_LAZYACCESS;
166 if (ip->i_flag & IN_ACCESS) {
167 DIP_SET(ip, i_atime, ts.tv_sec);
168 DIP_SET(ip, i_atimensec, ts.tv_nsec);
170 if (ip->i_flag & IN_UPDATE) {
171 DIP_SET(ip, i_mtime, ts.tv_sec);
172 DIP_SET(ip, i_mtimensec, ts.tv_nsec);
174 if (ip->i_flag & IN_CHANGE) {
175 DIP_SET(ip, i_ctime, ts.tv_sec);
176 DIP_SET(ip, i_ctimensec, ts.tv_nsec);
177 DIP_SET(ip, i_modrev, DIP(ip, i_modrev) + 1);
181 ip->i_flag &= ~(IN_ACCESS | IN_CHANGE | IN_UPDATE);
185 ufs_itimes(struct vnode *vp)
189 ufs_itimes_locked(vp);
194 * Create a regular file
198 struct vop_create_args /* {
200 struct vnode **a_vpp;
201 struct componentname *a_cnp;
208 ufs_makeinode(MAKEIMODE(ap->a_vap->va_type, ap->a_vap->va_mode),
209 ap->a_dvp, ap->a_vpp, ap->a_cnp);
221 struct vop_mknod_args /* {
223 struct vnode **a_vpp;
224 struct componentname *a_cnp;
228 struct vattr *vap = ap->a_vap;
229 struct vnode **vpp = ap->a_vpp;
234 error = ufs_makeinode(MAKEIMODE(vap->va_type, vap->va_mode),
235 ap->a_dvp, vpp, ap->a_cnp);
239 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
240 if (vap->va_rdev != VNOVAL) {
242 * Want to be able to use this to make badblock
243 * inodes, so don't truncate the dev number.
245 DIP_SET(ip, i_rdev, vap->va_rdev);
248 * Remove inode, then reload it through VFS_VGET so it is
249 * checked to see if it is an alias of an existing entry in
250 * the inode cache. XXX I don't believe this is necessary now.
252 (*vpp)->v_type = VNON;
253 ino = ip->i_number; /* Save this before vgone() invalidates ip. */
256 error = VFS_VGET(ap->a_dvp->v_mount, ino, LK_EXCLUSIVE, vpp);
269 ufs_open(struct vop_open_args *ap)
271 struct vnode *vp = ap->a_vp;
274 if (vp->v_type == VCHR || vp->v_type == VBLK)
279 * Files marked append-only must be opened for appending.
281 if ((ip->i_flags & APPEND) &&
282 (ap->a_mode & (FWRITE | O_APPEND)) == FWRITE)
284 vnode_create_vobject(vp, DIP(ip, i_size), ap->a_td);
291 * Update the times on the inode.
296 struct vop_close_args /* {
299 struct ucred *a_cred;
303 struct vnode *vp = ap->a_vp;
307 usecount = vp->v_usecount;
309 ufs_itimes_locked(vp);
316 struct vop_accessx_args /* {
319 struct ucred *a_cred;
323 struct vnode *vp = ap->a_vp;
324 struct inode *ip = VTOI(vp);
325 accmode_t accmode = ap->a_accmode;
336 * Disallow write attempts on read-only filesystems;
337 * unless the file is a socket, fifo, or a block or
338 * character device resident on the filesystem.
340 if (accmode & VMODIFY_PERMS) {
341 switch (vp->v_type) {
345 if (vp->v_mount->mnt_flag & MNT_RDONLY)
349 * Inode is accounted in the quotas only if struct
350 * dquot is attached to it. VOP_ACCESS() is called
351 * from vn_open_cred() and provides a convenient
352 * point to call getinoquota().
354 if (VOP_ISLOCKED(vp) != LK_EXCLUSIVE) {
357 * Upgrade vnode lock, since getinoquota()
358 * requires exclusive lock to modify inode.
362 vn_lock(vp, LK_UPGRADE | LK_RETRY);
364 if (vp->v_iflag & VI_DOOMED) {
372 error = getinoquota(ip);
375 vn_lock(vp, LK_DOWNGRADE | LK_RETRY);
386 * If immutable bit set, nobody gets to write it. "& ~VADMIN_PERMS"
387 * is here, because without it, * it would be impossible for the owner
388 * to remove the IMMUTABLE flag.
390 if ((accmode & (VMODIFY_PERMS & ~VADMIN_PERMS)) &&
391 (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT)))
395 if ((vp->v_mount->mnt_flag & (MNT_ACLS | MNT_NFS4ACLS)) != 0) {
396 if (vp->v_mount->mnt_flag & MNT_NFS4ACLS)
397 type = ACL_TYPE_NFS4;
399 type = ACL_TYPE_ACCESS;
401 acl = acl_alloc(M_WAITOK);
402 if (type == ACL_TYPE_NFS4)
403 error = ufs_getacl_nfs4_internal(vp, acl, ap->a_td);
405 error = VOP_GETACL(vp, type, acl, ap->a_cred, ap->a_td);
408 if (type == ACL_TYPE_NFS4) {
409 error = vaccess_acl_nfs4(vp->v_type, ip->i_uid,
410 ip->i_gid, acl, accmode, ap->a_cred, NULL);
412 error = vfs_unixify_accmode(&accmode);
414 error = vaccess_acl_posix1e(vp->v_type, ip->i_uid,
415 ip->i_gid, acl, accmode, ap->a_cred, NULL);
419 if (error != EOPNOTSUPP)
421 "ufs_accessx(): Error retrieving ACL on object (%d).\n",
424 * XXX: Fall back until debugged. Should
425 * eventually possibly log an error, and return
428 error = vfs_unixify_accmode(&accmode);
430 error = vaccess(vp->v_type, ip->i_mode, ip->i_uid,
431 ip->i_gid, accmode, ap->a_cred, NULL);
437 #endif /* !UFS_ACL */
438 error = vfs_unixify_accmode(&accmode);
440 error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, ip->i_gid,
441 accmode, ap->a_cred, NULL);
448 struct vop_getattr_args /* {
451 struct ucred *a_cred;
454 struct vnode *vp = ap->a_vp;
455 struct inode *ip = VTOI(vp);
456 struct vattr *vap = ap->a_vap;
459 ufs_itimes_locked(vp);
460 if (ip->i_ump->um_fstype == UFS1) {
461 vap->va_atime.tv_sec = ip->i_din1->di_atime;
462 vap->va_atime.tv_nsec = ip->i_din1->di_atimensec;
464 vap->va_atime.tv_sec = ip->i_din2->di_atime;
465 vap->va_atime.tv_nsec = ip->i_din2->di_atimensec;
469 * Copy from inode table
471 vap->va_fsid = dev2udev(ip->i_dev);
472 vap->va_fileid = ip->i_number;
473 vap->va_mode = ip->i_mode & ~IFMT;
474 vap->va_nlink = ip->i_effnlink;
475 vap->va_uid = ip->i_uid;
476 vap->va_gid = ip->i_gid;
477 if (ip->i_ump->um_fstype == UFS1) {
478 vap->va_rdev = ip->i_din1->di_rdev;
479 vap->va_size = ip->i_din1->di_size;
480 vap->va_mtime.tv_sec = ip->i_din1->di_mtime;
481 vap->va_mtime.tv_nsec = ip->i_din1->di_mtimensec;
482 vap->va_ctime.tv_sec = ip->i_din1->di_ctime;
483 vap->va_ctime.tv_nsec = ip->i_din1->di_ctimensec;
484 vap->va_bytes = dbtob((u_quad_t)ip->i_din1->di_blocks);
485 vap->va_filerev = ip->i_din1->di_modrev;
487 vap->va_rdev = ip->i_din2->di_rdev;
488 vap->va_size = ip->i_din2->di_size;
489 vap->va_mtime.tv_sec = ip->i_din2->di_mtime;
490 vap->va_mtime.tv_nsec = ip->i_din2->di_mtimensec;
491 vap->va_ctime.tv_sec = ip->i_din2->di_ctime;
492 vap->va_ctime.tv_nsec = ip->i_din2->di_ctimensec;
493 vap->va_birthtime.tv_sec = ip->i_din2->di_birthtime;
494 vap->va_birthtime.tv_nsec = ip->i_din2->di_birthnsec;
495 vap->va_bytes = dbtob((u_quad_t)ip->i_din2->di_blocks);
496 vap->va_filerev = ip->i_din2->di_modrev;
498 vap->va_flags = ip->i_flags;
499 vap->va_gen = ip->i_gen;
500 vap->va_blocksize = vp->v_mount->mnt_stat.f_iosize;
501 vap->va_type = IFTOVT(ip->i_mode);
506 * Set attribute vnode op. called from several syscalls
510 struct vop_setattr_args /* {
513 struct ucred *a_cred;
516 struct vattr *vap = ap->a_vap;
517 struct vnode *vp = ap->a_vp;
518 struct inode *ip = VTOI(vp);
519 struct ucred *cred = ap->a_cred;
520 struct thread *td = curthread;
524 * Check for unsettable attributes.
526 if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) ||
527 (vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) ||
528 (vap->va_blocksize != VNOVAL) || (vap->va_rdev != VNOVAL) ||
529 ((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) {
532 if (vap->va_flags != VNOVAL) {
533 if ((vap->va_flags & ~(UF_NODUMP | UF_IMMUTABLE | UF_APPEND |
534 UF_OPAQUE | UF_NOUNLINK | SF_ARCHIVED | SF_IMMUTABLE |
535 SF_APPEND | SF_NOUNLINK | SF_SNAPSHOT)) != 0)
537 if (vp->v_mount->mnt_flag & MNT_RDONLY)
540 * Callers may only modify the file flags on objects they
541 * have VADMIN rights for.
543 if ((error = VOP_ACCESS(vp, VADMIN, cred, td)))
546 * Unprivileged processes are not permitted to unset system
547 * flags, or modify flags if any system flags are set.
548 * Privileged non-jail processes may not modify system flags
549 * if securelevel > 0 and any existing system flags are set.
550 * Privileged jail processes behave like privileged non-jail
551 * processes if the security.jail.chflags_allowed sysctl is
552 * is non-zero; otherwise, they behave like unprivileged
555 if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0)) {
557 (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) {
558 error = securelevel_gt(cred, 0);
562 /* Snapshot flag cannot be set or cleared */
563 if (((vap->va_flags & SF_SNAPSHOT) != 0 &&
564 (ip->i_flags & SF_SNAPSHOT) == 0) ||
565 ((vap->va_flags & SF_SNAPSHOT) == 0 &&
566 (ip->i_flags & SF_SNAPSHOT) != 0))
568 ip->i_flags = vap->va_flags;
569 DIP_SET(ip, i_flags, vap->va_flags);
572 (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) ||
573 (vap->va_flags & UF_SETTABLE) != vap->va_flags)
575 ip->i_flags &= SF_SETTABLE;
576 ip->i_flags |= (vap->va_flags & UF_SETTABLE);
577 DIP_SET(ip, i_flags, ip->i_flags);
579 ip->i_flag |= IN_CHANGE;
580 error = UFS_UPDATE(vp, 0);
581 if (ip->i_flags & (IMMUTABLE | APPEND))
585 * If immutable or append, no one can change any of its attributes
586 * except the ones already handled (in some cases, file flags
587 * including the immutability flags themselves for the superuser).
589 if (ip->i_flags & (IMMUTABLE | APPEND))
592 * Go through the fields and update iff not VNOVAL.
594 if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) {
595 if (vp->v_mount->mnt_flag & MNT_RDONLY)
597 if ((error = ufs_chown(vp, vap->va_uid, vap->va_gid, cred,
601 if (vap->va_size != VNOVAL) {
603 * XXX most of the following special cases should be in
604 * callers instead of in N filesystems. The VDIR check
607 switch (vp->v_type) {
613 * Truncation should have an effect in these cases.
614 * Disallow it if the filesystem is read-only or
615 * the file is being snapshotted.
617 if (vp->v_mount->mnt_flag & MNT_RDONLY)
619 if ((ip->i_flags & SF_SNAPSHOT) != 0)
624 * According to POSIX, the result is unspecified
625 * for file types other than regular files,
626 * directories and shared memory objects. We
627 * don't support shared memory objects in the file
628 * system, and have dubious support for truncating
629 * symlinks. Just ignore the request in other cases.
633 if ((error = UFS_TRUNCATE(vp, vap->va_size, IO_NORMAL,
637 if (vap->va_atime.tv_sec != VNOVAL ||
638 vap->va_mtime.tv_sec != VNOVAL ||
639 vap->va_birthtime.tv_sec != VNOVAL) {
640 if (vp->v_mount->mnt_flag & MNT_RDONLY)
642 if ((ip->i_flags & SF_SNAPSHOT) != 0)
646 * If times is NULL, ... The caller must be the owner of
647 * the file, have permission to write the file, or be the
649 * If times is non-NULL, ... The caller must be the owner of
650 * the file or be the super-user.
652 * Possibly for historical reasons, try to use VADMIN in
653 * preference to VWRITE for a NULL timestamp. This means we
654 * will return EACCES in preference to EPERM if neither
657 if (vap->va_vaflags & VA_UTIMES_NULL) {
659 * NFSv4.1, draft 21, 6.2.1.3.1, Discussion of Mask Attributes
661 * "A user having ACL_WRITE_DATA or ACL_WRITE_ATTRIBUTES
662 * will be allowed to set the times [..] to the current
665 * XXX: Calling it four times seems a little excessive.
667 error = VOP_ACCESSX(vp, VWRITE_ATTRIBUTES, cred, td);
669 error = VOP_ACCESS(vp, VWRITE, cred, td);
671 error = VOP_ACCESSX(vp, VWRITE_ATTRIBUTES, cred, td);
674 if (vap->va_atime.tv_sec != VNOVAL)
675 ip->i_flag |= IN_ACCESS;
676 if (vap->va_mtime.tv_sec != VNOVAL)
677 ip->i_flag |= IN_CHANGE | IN_UPDATE;
678 if (vap->va_birthtime.tv_sec != VNOVAL &&
679 ip->i_ump->um_fstype == UFS2)
680 ip->i_flag |= IN_MODIFIED;
682 if (vap->va_atime.tv_sec != VNOVAL) {
683 DIP_SET(ip, i_atime, vap->va_atime.tv_sec);
684 DIP_SET(ip, i_atimensec, vap->va_atime.tv_nsec);
686 if (vap->va_mtime.tv_sec != VNOVAL) {
687 DIP_SET(ip, i_mtime, vap->va_mtime.tv_sec);
688 DIP_SET(ip, i_mtimensec, vap->va_mtime.tv_nsec);
690 if (vap->va_birthtime.tv_sec != VNOVAL &&
691 ip->i_ump->um_fstype == UFS2) {
692 ip->i_din2->di_birthtime = vap->va_birthtime.tv_sec;
693 ip->i_din2->di_birthnsec = vap->va_birthtime.tv_nsec;
695 error = UFS_UPDATE(vp, 0);
700 if (vap->va_mode != (mode_t)VNOVAL) {
701 if (vp->v_mount->mnt_flag & MNT_RDONLY)
703 if ((ip->i_flags & SF_SNAPSHOT) != 0 && (vap->va_mode &
704 (S_IXUSR | S_IWUSR | S_IXGRP | S_IWGRP | S_IXOTH | S_IWOTH)))
706 error = ufs_chmod(vp, (int)vap->va_mode, cred, td);
713 ufs_update_nfs4_acl_after_mode_change(struct vnode *vp, int mode,
714 int file_owner_id, struct ucred *cred, struct thread *td)
719 aclp = acl_alloc(M_WAITOK);
720 error = ufs_getacl_nfs4_internal(vp, aclp, td);
722 * We don't have to handle EOPNOTSUPP here, as the filesystem claims
728 acl_nfs4_sync_acl_from_mode(aclp, mode, file_owner_id);
729 error = ufs_setacl_nfs4_internal(vp, aclp, td);
738 * Mark this file's access time for update for vfs_mark_atime(). This
739 * is called from execve() and mmap().
743 struct vop_markatime_args /* {
747 struct vnode *vp = ap->a_vp;
748 struct inode *ip = VTOI(vp);
751 ip->i_flag |= IN_ACCESS;
754 * XXXKIB No UFS_UPDATE(ap->a_vp, 0) there.
760 * Change the mode on a file.
761 * Inode must be locked before calling.
764 ufs_chmod(vp, mode, cred, td)
770 struct inode *ip = VTOI(vp);
774 * To modify the permissions on a file, must possess VADMIN
777 if ((error = VOP_ACCESSX(vp, VWRITE_ACL, cred, td)))
780 * Privileged processes may set the sticky bit on non-directories,
781 * as well as set the setgid bit on a file with a group that the
782 * process is not a member of. Both of these are allowed in
785 if (vp->v_type != VDIR && (mode & S_ISTXT)) {
786 if (priv_check_cred(cred, PRIV_VFS_STICKYFILE, 0))
789 if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) {
790 error = priv_check_cred(cred, PRIV_VFS_SETGID, 0);
796 * Deny setting setuid if we are not the file owner.
798 if ((mode & ISUID) && ip->i_uid != cred->cr_uid) {
799 error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0);
804 ip->i_mode &= ~ALLPERMS;
805 ip->i_mode |= (mode & ALLPERMS);
806 DIP_SET(ip, i_mode, ip->i_mode);
807 ip->i_flag |= IN_CHANGE;
809 if ((vp->v_mount->mnt_flag & MNT_NFS4ACLS) != 0)
810 error = ufs_update_nfs4_acl_after_mode_change(vp, mode, ip->i_uid, cred, td);
812 if (error == 0 && (ip->i_flag & IN_CHANGE) != 0)
813 error = UFS_UPDATE(vp, 0);
819 * Perform chown operation on inode ip;
820 * inode must be locked prior to call.
823 ufs_chown(vp, uid, gid, cred, td)
830 struct inode *ip = VTOI(vp);
839 if (uid == (uid_t)VNOVAL)
841 if (gid == (gid_t)VNOVAL)
844 * To modify the ownership of a file, must possess VADMIN for that
847 if ((error = VOP_ACCESSX(vp, VWRITE_OWNER, cred, td)))
850 * To change the owner of a file, or change the group of a file to a
851 * group of which we are not a member, the caller must have
854 if (((uid != ip->i_uid && uid != cred->cr_uid) ||
855 (gid != ip->i_gid && !groupmember(gid, cred))) &&
856 (error = priv_check_cred(cred, PRIV_VFS_CHOWN, 0)))
861 if ((error = getinoquota(ip)) != 0)
864 dqrele(vp, ip->i_dquot[USRQUOTA]);
865 ip->i_dquot[USRQUOTA] = NODQUOT;
868 dqrele(vp, ip->i_dquot[GRPQUOTA]);
869 ip->i_dquot[GRPQUOTA] = NODQUOT;
871 change = DIP(ip, i_blocks);
872 (void) chkdq(ip, -change, cred, CHOWN);
873 (void) chkiq(ip, -1, cred, CHOWN);
874 for (i = 0; i < MAXQUOTAS; i++) {
875 dqrele(vp, ip->i_dquot[i]);
876 ip->i_dquot[i] = NODQUOT;
880 DIP_SET(ip, i_gid, gid);
882 DIP_SET(ip, i_uid, uid);
884 if ((error = getinoquota(ip)) == 0) {
886 dqrele(vp, ip->i_dquot[USRQUOTA]);
887 ip->i_dquot[USRQUOTA] = NODQUOT;
890 dqrele(vp, ip->i_dquot[GRPQUOTA]);
891 ip->i_dquot[GRPQUOTA] = NODQUOT;
893 if ((error = chkdq(ip, change, cred, CHOWN)) == 0) {
894 if ((error = chkiq(ip, 1, cred, CHOWN)) == 0)
897 (void) chkdq(ip, -change, cred, CHOWN|FORCE);
899 for (i = 0; i < MAXQUOTAS; i++) {
900 dqrele(vp, ip->i_dquot[i]);
901 ip->i_dquot[i] = NODQUOT;
905 DIP_SET(ip, i_gid, ogid);
907 DIP_SET(ip, i_uid, ouid);
908 if (getinoquota(ip) == 0) {
910 dqrele(vp, ip->i_dquot[USRQUOTA]);
911 ip->i_dquot[USRQUOTA] = NODQUOT;
914 dqrele(vp, ip->i_dquot[GRPQUOTA]);
915 ip->i_dquot[GRPQUOTA] = NODQUOT;
917 (void) chkdq(ip, change, cred, FORCE|CHOWN);
918 (void) chkiq(ip, 1, cred, FORCE|CHOWN);
919 (void) getinoquota(ip);
924 panic("ufs_chown: lost quota");
926 ip->i_flag |= IN_CHANGE;
927 if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) {
928 if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID, 0)) {
929 ip->i_mode &= ~(ISUID | ISGID);
930 DIP_SET(ip, i_mode, ip->i_mode);
933 error = UFS_UPDATE(vp, 0);
939 struct vop_remove_args /* {
942 struct componentname *a_cnp;
946 struct vnode *vp = ap->a_vp;
947 struct vnode *dvp = ap->a_dvp;
953 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) ||
954 (VTOI(dvp)->i_flags & APPEND)) {
959 ufs_gjournal_orphan(vp);
961 error = ufs_dirremove(dvp, ip, ap->a_cnp->cn_flags, 0);
962 if (ip->i_nlink <= 0)
963 vp->v_vflag |= VV_NOSYNC;
964 if ((ip->i_flags & SF_SNAPSHOT) != 0) {
966 * Avoid deadlock where another thread is trying to
967 * update the inodeblock for dvp and is waiting on
968 * snaplk. Temporary unlock the vnode lock for the
969 * unlinked file and sync the directory. This should
970 * allow vput() of the directory to not block later on
971 * while holding the snapshot vnode locked, assuming
972 * that the directory hasn't been unlinked too.
975 (void) VOP_FSYNC(dvp, MNT_WAIT, td);
976 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
987 struct vop_link_args /* {
988 struct vnode *a_tdvp;
990 struct componentname *a_cnp;
993 struct vnode *vp = ap->a_vp;
994 struct vnode *tdvp = ap->a_tdvp;
995 struct componentname *cnp = ap->a_cnp;
997 struct direct newdir;
1001 if ((cnp->cn_flags & HASBUF) == 0)
1002 panic("ufs_link: no name");
1004 if (tdvp->v_mount != vp->v_mount) {
1008 if (VTOI(tdvp)->i_effnlink < 2)
1009 panic("ufs_link: Bad link count %d on parent",
1010 VTOI(tdvp)->i_effnlink);
1012 if ((nlink_t)ip->i_nlink >= LINK_MAX) {
1017 * The file may have been removed after namei droped the original
1020 if (ip->i_effnlink == 0) {
1024 if (ip->i_flags & (IMMUTABLE | APPEND)) {
1030 DIP_SET(ip, i_nlink, ip->i_nlink);
1031 ip->i_flag |= IN_CHANGE;
1032 if (DOINGSOFTDEP(vp))
1033 softdep_setup_link(VTOI(tdvp), ip);
1034 error = UFS_UPDATE(vp, !(DOINGSOFTDEP(vp) | DOINGASYNC(vp)));
1036 ufs_makedirentry(ip, cnp, &newdir);
1037 error = ufs_direnter(tdvp, vp, &newdir, cnp, NULL, 0);
1043 DIP_SET(ip, i_nlink, ip->i_nlink);
1044 ip->i_flag |= IN_CHANGE;
1045 if (DOINGSOFTDEP(vp))
1046 softdep_revert_link(VTOI(tdvp), ip);
1053 * whiteout vnode call
1057 struct vop_whiteout_args /* {
1058 struct vnode *a_dvp;
1059 struct componentname *a_cnp;
1063 struct vnode *dvp = ap->a_dvp;
1064 struct componentname *cnp = ap->a_cnp;
1065 struct direct newdir;
1068 switch (ap->a_flags) {
1070 /* 4.4 format directories support whiteout operations */
1071 if (dvp->v_mount->mnt_maxsymlinklen > 0)
1073 return (EOPNOTSUPP);
1076 /* create a new directory whiteout */
1078 if ((cnp->cn_flags & SAVENAME) == 0)
1079 panic("ufs_whiteout: missing name");
1080 if (dvp->v_mount->mnt_maxsymlinklen <= 0)
1081 panic("ufs_whiteout: old format filesystem");
1084 newdir.d_ino = WINO;
1085 newdir.d_namlen = cnp->cn_namelen;
1086 bcopy(cnp->cn_nameptr, newdir.d_name, (unsigned)cnp->cn_namelen + 1);
1087 newdir.d_type = DT_WHT;
1088 error = ufs_direnter(dvp, NULL, &newdir, cnp, NULL, 0);
1092 /* remove an existing directory whiteout */
1094 if (dvp->v_mount->mnt_maxsymlinklen <= 0)
1095 panic("ufs_whiteout: old format filesystem");
1098 cnp->cn_flags &= ~DOWHITEOUT;
1099 error = ufs_dirremove(dvp, NULL, cnp->cn_flags, 0);
1102 panic("ufs_whiteout: unknown op");
1107 static volatile int rename_restarts;
1108 SYSCTL_INT(_vfs_ufs, OID_AUTO, rename_restarts, CTLFLAG_RD,
1109 __DEVOLATILE(int *, &rename_restarts), 0,
1110 "Times rename had to restart due to lock contention");
1113 * Rename system call.
1114 * rename("foo", "bar");
1117 * link("foo", "bar");
1119 * but ``atomically''. Can't do full commit without saving state in the
1120 * inode on disk which isn't feasible at this time. Best we can do is
1121 * always guarantee the target exists.
1123 * Basic algorithm is:
1125 * 1) Bump link count on source while we're linking it to the
1126 * target. This also ensure the inode won't be deleted out
1127 * from underneath us while we work (it may be truncated by
1128 * a concurrent `trunc' or `open' for creation).
1129 * 2) Link source to destination. If destination already exists,
1131 * 3) Unlink source reference to inode if still around. If a
1132 * directory was moved and the parent of the destination
1133 * is different from the source, patch the ".." entry in the
1138 struct vop_rename_args /* {
1139 struct vnode *a_fdvp;
1140 struct vnode *a_fvp;
1141 struct componentname *a_fcnp;
1142 struct vnode *a_tdvp;
1143 struct vnode *a_tvp;
1144 struct componentname *a_tcnp;
1147 struct vnode *tvp = ap->a_tvp;
1148 struct vnode *tdvp = ap->a_tdvp;
1149 struct vnode *fvp = ap->a_fvp;
1150 struct vnode *fdvp = ap->a_fdvp;
1152 struct componentname *tcnp = ap->a_tcnp;
1153 struct componentname *fcnp = ap->a_fcnp;
1154 struct thread *td = fcnp->cn_thread;
1155 struct inode *fip, *tip, *tdp, *fdp;
1156 struct direct newdir;
1158 int doingdirectory, newparent;
1164 if ((tcnp->cn_flags & HASBUF) == 0 ||
1165 (fcnp->cn_flags & HASBUF) == 0)
1166 panic("ufs_rename: no name");
1170 VOP_UNLOCK(tdvp, 0);
1171 if (tvp && tvp != tdvp)
1174 * Check for cross-device rename.
1176 if ((fvp->v_mount != tdvp->v_mount) ||
1177 (tvp && (fvp->v_mount != tvp->v_mount))) {
1182 error = vfs_busy(mp, 0);
1189 * We need to acquire 2 to 4 locks depending on whether tvp is NULL
1190 * and fdvp and tdvp are the same directory. Subsequently we need
1191 * to double-check all paths and in the directory rename case we
1192 * need to verify that we are not creating a directory loop. To
1193 * handle this we acquire all but fdvp using non-blocking
1194 * acquisitions. If we fail to acquire any lock in the path we will
1195 * drop all held locks, acquire the new lock in a blocking fashion,
1196 * and then release it and restart the rename. This acquire/release
1197 * step ensures that we do not spin on a lock waiting for release.
1199 error = vn_lock(fdvp, LK_EXCLUSIVE);
1202 if (vn_lock(tdvp, LK_EXCLUSIVE | LK_NOWAIT) != 0) {
1203 VOP_UNLOCK(fdvp, 0);
1204 error = vn_lock(tdvp, LK_EXCLUSIVE);
1207 VOP_UNLOCK(tdvp, 0);
1208 atomic_add_int(&rename_restarts, 1);
1212 * Re-resolve fvp to be certain it still exists and fetch the
1215 error = ufs_lookup_ino(fdvp, NULL, fcnp, &ino);
1217 VOP_UNLOCK(fdvp, 0);
1218 VOP_UNLOCK(tdvp, 0);
1221 error = VFS_VGET(mp, ino, LK_EXCLUSIVE | LK_NOWAIT, &nvp);
1223 VOP_UNLOCK(fdvp, 0);
1224 VOP_UNLOCK(tdvp, 0);
1227 error = VFS_VGET(mp, ino, LK_EXCLUSIVE, &nvp);
1233 atomic_add_int(&rename_restarts, 1);
1239 * Re-resolve tvp and acquire the vnode lock if present.
1241 error = ufs_lookup_ino(tdvp, NULL, tcnp, &ino);
1242 if (error != 0 && error != EJUSTRETURN) {
1243 VOP_UNLOCK(fdvp, 0);
1244 VOP_UNLOCK(tdvp, 0);
1249 * If tvp disappeared we just carry on.
1251 if (error == EJUSTRETURN && tvp != NULL) {
1256 * Get the tvp ino if the lookup succeeded. We may have to restart
1257 * if the non-blocking acquire fails.
1261 error = VFS_VGET(mp, ino, LK_EXCLUSIVE | LK_NOWAIT, &nvp);
1266 VOP_UNLOCK(fdvp, 0);
1267 VOP_UNLOCK(tdvp, 0);
1271 error = VFS_VGET(mp, ino, LK_EXCLUSIVE, &nvp);
1275 atomic_add_int(&rename_restarts, 1);
1285 if (tvp && ((VTOI(tvp)->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) ||
1286 (VTOI(tdvp)->i_flags & APPEND))) {
1291 * Renaming a file to itself has no effect. The upper layers should
1292 * not call us in that case. However, things could change after
1293 * we drop the locks above.
1301 ino = fip->i_number;
1302 if (fip->i_nlink >= LINK_MAX) {
1306 if ((fip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))
1307 || (fdp->i_flags & APPEND)) {
1311 if ((fip->i_mode & IFMT) == IFDIR) {
1313 * Avoid ".", "..", and aliases of "." for obvious reasons.
1315 if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') ||
1317 (fcnp->cn_flags | tcnp->cn_flags) & ISDOTDOT) {
1321 if (fdp->i_number != tdp->i_number)
1322 newparent = tdp->i_number;
1325 if ((fvp->v_type == VDIR && fvp->v_mountedhere != NULL) ||
1326 (tvp != NULL && tvp->v_type == VDIR &&
1327 tvp->v_mountedhere != NULL)) {
1333 * If ".." must be changed (ie the directory gets a new
1334 * parent) then the source directory must not be in the
1335 * directory hierarchy above the target, as this would
1336 * orphan everything below the source directory. Also
1337 * the user must have write permission in the source so
1338 * as to be able to change "..".
1340 if (doingdirectory && newparent) {
1341 error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred, tcnp->cn_thread);
1344 error = ufs_checkpath(ino, fdp->i_number, tdp, tcnp->cn_cred,
1347 * We encountered a lock that we have to wait for. Unlock
1348 * everything else and VGET before restarting.
1351 VOP_UNLOCK(fdvp, 0);
1353 VOP_UNLOCK(tdvp, 0);
1356 error = VFS_VGET(mp, ino, LK_SHARED, &nvp);
1359 atomic_add_int(&rename_restarts, 1);
1364 if ((tcnp->cn_flags & SAVESTART) == 0)
1365 panic("ufs_rename: lost to startdir");
1367 if (fip->i_effnlink == 0 || fdp->i_effnlink == 0 ||
1368 tdp->i_effnlink == 0)
1369 panic("Bad effnlink fip %p, fdp %p, tdp %p", fip, fdp, tdp);
1372 * 1) Bump link count while we're moving stuff
1373 * around. If we crash somewhere before
1374 * completing our work, the link count
1375 * may be wrong, but correctable.
1379 DIP_SET(fip, i_nlink, fip->i_nlink);
1380 fip->i_flag |= IN_CHANGE;
1381 if (DOINGSOFTDEP(fvp))
1382 softdep_setup_link(tdp, fip);
1383 error = UFS_UPDATE(fvp, !(DOINGSOFTDEP(fvp) | DOINGASYNC(fvp)));
1388 * 2) If target doesn't exist, link the target
1389 * to the source and unlink the source.
1390 * Otherwise, rewrite the target directory
1391 * entry to reference the source inode and
1392 * expunge the original entry's existence.
1395 if (tdp->i_dev != fip->i_dev)
1396 panic("ufs_rename: EXDEV");
1397 if (doingdirectory && newparent) {
1399 * Account for ".." in new directory.
1400 * When source and destination have the same
1401 * parent we don't adjust the link count. The
1402 * actual link modification is completed when
1403 * .. is rewritten below.
1405 if ((nlink_t)tdp->i_nlink >= LINK_MAX) {
1410 ufs_makedirentry(fip, tcnp, &newdir);
1411 error = ufs_direnter(tdvp, NULL, &newdir, tcnp, NULL, 1);
1414 /* Setup tdvp for directory compaction if needed. */
1415 if (tdp->i_count && tdp->i_endoff &&
1416 tdp->i_endoff < tdp->i_size)
1417 endoff = tdp->i_endoff;
1419 if (tip->i_dev != tdp->i_dev || tip->i_dev != fip->i_dev)
1420 panic("ufs_rename: EXDEV");
1422 * Short circuit rename(foo, foo).
1424 if (tip->i_number == fip->i_number)
1425 panic("ufs_rename: same file");
1427 * If the parent directory is "sticky", then the caller
1428 * must possess VADMIN for the parent directory, or the
1429 * destination of the rename. This implements append-only
1432 if ((tdp->i_mode & S_ISTXT) &&
1433 VOP_ACCESS(tdvp, VADMIN, tcnp->cn_cred, td) &&
1434 VOP_ACCESS(tvp, VADMIN, tcnp->cn_cred, td)) {
1439 * Target must be empty if a directory and have no links
1440 * to it. Also, ensure source and target are compatible
1441 * (both directories, or both not directories).
1443 if ((tip->i_mode & IFMT) == IFDIR) {
1444 if ((tip->i_effnlink > 2) ||
1445 !ufs_dirempty(tip, tdp->i_number, tcnp->cn_cred)) {
1449 if (!doingdirectory) {
1454 } else if (doingdirectory) {
1458 if (doingdirectory) {
1461 if (DOINGSOFTDEP(tdvp))
1462 softdep_change_linkcnt(tdp);
1465 if (DOINGSOFTDEP(tvp))
1466 softdep_change_linkcnt(tip);
1468 error = ufs_dirrewrite(tdp, tip, fip->i_number,
1469 IFTODT(fip->i_mode),
1470 (doingdirectory && newparent) ? newparent : doingdirectory);
1472 if (doingdirectory) {
1475 if (DOINGSOFTDEP(tdvp))
1476 softdep_change_linkcnt(tdp);
1479 if (DOINGSOFTDEP(tvp))
1480 softdep_change_linkcnt(tip);
1483 if (doingdirectory && !DOINGSOFTDEP(tvp)) {
1485 * The only stuff left in the directory is "."
1486 * and "..". The "." reference is inconsequential
1487 * since we are quashing it. We have removed the "."
1488 * reference and the reference in the parent directory,
1489 * but there may be other hard links. The soft
1490 * dependency code will arrange to do these operations
1491 * after the parent directory entry has been deleted on
1492 * disk, so when running with that code we avoid doing
1497 DIP_SET(tdp, i_nlink, tdp->i_nlink);
1498 tdp->i_flag |= IN_CHANGE;
1501 DIP_SET(tip, i_nlink, tip->i_nlink);
1502 tip->i_flag |= IN_CHANGE;
1507 * 3) Unlink the source. We have to resolve the path again to
1508 * fixup the directory offset and count for ufs_dirremove.
1511 error = ufs_lookup_ino(fdvp, NULL, fcnp, &ino);
1513 panic("ufs_rename: from entry went away!");
1514 if (ino != fip->i_number)
1515 panic("ufs_rename: ino mismatch %d != %d\n", ino,
1519 * If the source is a directory with a
1520 * new parent, the link count of the old
1521 * parent directory must be decremented
1522 * and ".." set to point to the new parent.
1524 if (doingdirectory && newparent) {
1526 * If tip exists we simply use its link, otherwise we must
1532 DIP_SET(tdp, i_nlink, tdp->i_nlink);
1533 tdp->i_flag |= IN_CHANGE;
1534 if (DOINGSOFTDEP(tdvp))
1535 softdep_setup_dotdot_link(tdp, fip);
1536 error = UFS_UPDATE(tdvp, !(DOINGSOFTDEP(tdvp) |
1538 /* Don't go to bad here as the new link exists. */
1541 } else if (DOINGSUJ(tdvp))
1542 /* Journal must account for each new link. */
1543 softdep_setup_dotdot_link(tdp, fip);
1544 fip->i_offset = mastertemplate.dot_reclen;
1545 ufs_dirrewrite(fip, fdp, newparent, DT_DIR, 0);
1548 error = ufs_dirremove(fdvp, fip, fcnp->cn_flags, 0);
1550 * The kern_renameat() looks up the fvp using the DELETE flag, which
1551 * causes the removal of the name cache entry for fvp.
1552 * As the relookup of the fvp is done in two steps:
1553 * ufs_lookup_ino() and then VFS_VGET(), another thread might do a
1554 * normal lookup of the from name just before the VFS_VGET() call,
1555 * causing the cache entry to be re-instantiated.
1557 * The same issue also applies to tvp if it exists as
1558 * otherwise we may have a stale name cache entry for the new
1559 * name that references the old i-node if it has other links
1560 * or open file descriptors.
1565 cache_purge_negative(tdvp);
1573 * If compaction or fsync was requested do it now that other locks
1574 * are no longer needed.
1576 if (error == 0 && endoff != 0) {
1578 if (tdp->i_dirhash != NULL)
1579 ufsdirhash_dirtrunc(tdp, endoff);
1581 UFS_TRUNCATE(tdvp, endoff, IO_NORMAL | IO_SYNC, tcnp->cn_cred,
1584 if (error == 0 && tdp->i_flag & IN_NEEDSYNC)
1585 error = VOP_FSYNC(tdvp, MNT_WAIT, td);
1594 DIP_SET(fip, i_nlink, fip->i_nlink);
1595 fip->i_flag |= IN_CHANGE;
1596 if (DOINGSOFTDEP(fvp))
1597 softdep_revert_link(tdp, fip);
1614 ufs_do_posix1e_acl_inheritance_dir(struct vnode *dvp, struct vnode *tvp,
1615 mode_t dmode, struct ucred *cred, struct thread *td)
1618 struct inode *ip = VTOI(tvp);
1619 struct acl *dacl, *acl;
1621 acl = acl_alloc(M_WAITOK);
1622 dacl = acl_alloc(M_WAITOK);
1625 * Retrieve default ACL from parent, if any.
1627 error = VOP_GETACL(dvp, ACL_TYPE_DEFAULT, acl, cred, td);
1631 * Retrieved a default ACL, so merge mode and ACL if
1632 * necessary. If the ACL is empty, fall through to
1633 * the "not defined or available" case.
1635 if (acl->acl_cnt != 0) {
1636 dmode = acl_posix1e_newfilemode(dmode, acl);
1638 DIP_SET(ip, i_mode, dmode);
1640 ufs_sync_acl_from_inode(ip, acl);
1647 * Just use the mode as-is.
1650 DIP_SET(ip, i_mode, dmode);
1659 * XXX: If we abort now, will Soft Updates notify the extattr
1660 * code that the EAs for the file need to be released?
1662 error = VOP_SETACL(tvp, ACL_TYPE_ACCESS, acl, cred, td);
1664 error = VOP_SETACL(tvp, ACL_TYPE_DEFAULT, dacl, cred, td);
1671 * XXX: This should not happen, as EOPNOTSUPP above
1672 * was supposed to free acl.
1674 printf("ufs_mkdir: VOP_GETACL() but no VOP_SETACL()\n");
1676 panic("ufs_mkdir: VOP_GETACL() but no VOP_SETACL()");
1692 ufs_do_posix1e_acl_inheritance_file(struct vnode *dvp, struct vnode *tvp,
1693 mode_t mode, struct ucred *cred, struct thread *td)
1696 struct inode *ip = VTOI(tvp);
1699 acl = acl_alloc(M_WAITOK);
1702 * Retrieve default ACL for parent, if any.
1704 error = VOP_GETACL(dvp, ACL_TYPE_DEFAULT, acl, cred, td);
1708 * Retrieved a default ACL, so merge mode and ACL if
1711 if (acl->acl_cnt != 0) {
1713 * Two possible ways for default ACL to not
1714 * be present. First, the EA can be
1715 * undefined, or second, the default ACL can
1716 * be blank. If it's blank, fall through to
1717 * the it's not defined case.
1719 mode = acl_posix1e_newfilemode(mode, acl);
1721 DIP_SET(ip, i_mode, mode);
1722 ufs_sync_acl_from_inode(ip, acl);
1729 * Just use the mode as-is.
1732 DIP_SET(ip, i_mode, mode);
1741 * XXX: If we abort now, will Soft Updates notify the extattr
1742 * code that the EAs for the file need to be released?
1744 error = VOP_SETACL(tvp, ACL_TYPE_ACCESS, acl, cred, td);
1751 * XXX: This should not happen, as EOPNOTSUPP above was
1752 * supposed to free acl.
1754 printf("ufs_makeinode: VOP_GETACL() but no "
1756 /* panic("ufs_makeinode: VOP_GETACL() but no "
1771 ufs_do_nfs4_acl_inheritance(struct vnode *dvp, struct vnode *tvp,
1772 mode_t child_mode, struct ucred *cred, struct thread *td)
1775 struct acl *parent_aclp, *child_aclp;
1777 parent_aclp = acl_alloc(M_WAITOK);
1778 child_aclp = acl_alloc(M_WAITOK | M_ZERO);
1780 error = ufs_getacl_nfs4_internal(dvp, parent_aclp, td);
1783 acl_nfs4_compute_inherited_acl(parent_aclp, child_aclp,
1784 child_mode, VTOI(tvp)->i_uid, tvp->v_type == VDIR);
1785 error = ufs_setacl_nfs4_internal(tvp, child_aclp, td);
1789 acl_free(parent_aclp);
1790 acl_free(child_aclp);
1801 struct vop_mkdir_args /* {
1802 struct vnode *a_dvp;
1803 struct vnode **a_vpp;
1804 struct componentname *a_cnp;
1805 struct vattr *a_vap;
1808 struct vnode *dvp = ap->a_dvp;
1809 struct vattr *vap = ap->a_vap;
1810 struct componentname *cnp = ap->a_cnp;
1811 struct inode *ip, *dp;
1814 struct dirtemplate dirtemplate, *dtp;
1815 struct direct newdir;
1820 if ((cnp->cn_flags & HASBUF) == 0)
1821 panic("ufs_mkdir: no name");
1824 if ((nlink_t)dp->i_nlink >= LINK_MAX) {
1828 dmode = vap->va_mode & 0777;
1831 * Must simulate part of ufs_makeinode here to acquire the inode,
1832 * but not have it entered in the parent directory. The entry is
1833 * made later after writing "." and ".." entries.
1835 error = UFS_VALLOC(dvp, dmode, cnp->cn_cred, &tvp);
1839 ip->i_gid = dp->i_gid;
1840 DIP_SET(ip, i_gid, dp->i_gid);
1844 struct ucred ucred, *ucp;
1849 * If we are hacking owners here, (only do this where told to)
1850 * and we are not giving it TO root, (would subvert quotas)
1851 * then go ahead and give it to the other user.
1852 * The new directory also inherits the SUID bit.
1853 * If user's UID and dir UID are the same,
1854 * 'give it away' so that the SUID is still forced on.
1856 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) &&
1857 (dp->i_mode & ISUID) && dp->i_uid) {
1859 ip->i_uid = dp->i_uid;
1860 DIP_SET(ip, i_uid, dp->i_uid);
1862 if (dp->i_uid != cnp->cn_cred->cr_uid) {
1864 * Make sure the correct user gets charged
1866 * Make a dummy credential for the victim.
1867 * XXX This seems to never be accessed out of
1868 * our context so a stack variable is ok.
1870 refcount_init(&ucred.cr_ref, 1);
1871 ucred.cr_uid = ip->i_uid;
1872 ucred.cr_ngroups = 1;
1873 ucred.cr_groups = &ucred_group;
1874 ucred.cr_groups[0] = dp->i_gid;
1879 ip->i_uid = cnp->cn_cred->cr_uid;
1880 DIP_SET(ip, i_uid, ip->i_uid);
1883 if ((error = getinoquota(ip)) ||
1884 (error = chkiq(ip, 1, ucp, 0))) {
1885 if (DOINGSOFTDEP(tvp))
1886 softdep_revert_link(dp, ip);
1887 UFS_VFREE(tvp, ip->i_number, dmode);
1893 #else /* !SUIDDIR */
1894 ip->i_uid = cnp->cn_cred->cr_uid;
1895 DIP_SET(ip, i_uid, ip->i_uid);
1897 if ((error = getinoquota(ip)) ||
1898 (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
1899 if (DOINGSOFTDEP(tvp))
1900 softdep_revert_link(dp, ip);
1901 UFS_VFREE(tvp, ip->i_number, dmode);
1906 #endif /* !SUIDDIR */
1907 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
1909 DIP_SET(ip, i_mode, dmode);
1910 tvp->v_type = VDIR; /* Rest init'd in getnewvnode(). */
1913 DIP_SET(ip, i_nlink, 2);
1915 if (cnp->cn_flags & ISWHITEOUT) {
1916 ip->i_flags |= UF_OPAQUE;
1917 DIP_SET(ip, i_flags, ip->i_flags);
1921 * Bump link count in parent directory to reflect work done below.
1922 * Should be done before reference is created so cleanup is
1923 * possible if we crash.
1927 DIP_SET(dp, i_nlink, dp->i_nlink);
1928 dp->i_flag |= IN_CHANGE;
1929 if (DOINGSOFTDEP(dvp))
1930 softdep_setup_mkdir(dp, ip);
1931 error = UFS_UPDATE(dvp, !(DOINGSOFTDEP(dvp) | DOINGASYNC(dvp)));
1935 if (dvp->v_mount->mnt_flag & MNT_MULTILABEL) {
1936 error = mac_vnode_create_extattr(cnp->cn_cred, dvp->v_mount,
1943 if (dvp->v_mount->mnt_flag & MNT_ACLS) {
1944 error = ufs_do_posix1e_acl_inheritance_dir(dvp, tvp, dmode,
1945 cnp->cn_cred, cnp->cn_thread);
1948 } else if (dvp->v_mount->mnt_flag & MNT_NFS4ACLS) {
1949 error = ufs_do_nfs4_acl_inheritance(dvp, tvp, dmode,
1950 cnp->cn_cred, cnp->cn_thread);
1954 #endif /* !UFS_ACL */
1957 * Initialize directory with "." and ".." from static template.
1959 if (dvp->v_mount->mnt_maxsymlinklen > 0)
1960 dtp = &mastertemplate;
1962 dtp = (struct dirtemplate *)&omastertemplate;
1964 dirtemplate.dot_ino = ip->i_number;
1965 dirtemplate.dotdot_ino = dp->i_number;
1966 if ((error = UFS_BALLOC(tvp, (off_t)0, DIRBLKSIZ, cnp->cn_cred,
1967 BA_CLRBUF, &bp)) != 0)
1969 ip->i_size = DIRBLKSIZ;
1970 DIP_SET(ip, i_size, DIRBLKSIZ);
1971 ip->i_flag |= IN_CHANGE | IN_UPDATE;
1972 vnode_pager_setsize(tvp, (u_long)ip->i_size);
1973 bcopy((caddr_t)&dirtemplate, (caddr_t)bp->b_data, sizeof dirtemplate);
1974 if (DOINGSOFTDEP(tvp)) {
1976 * Ensure that the entire newly allocated block is a
1977 * valid directory so that future growth within the
1978 * block does not have to ensure that the block is
1979 * written before the inode.
1982 while (blkoff < bp->b_bcount) {
1984 (bp->b_data + blkoff))->d_reclen = DIRBLKSIZ;
1985 blkoff += DIRBLKSIZ;
1988 if ((error = UFS_UPDATE(tvp, !(DOINGSOFTDEP(tvp) |
1989 DOINGASYNC(tvp)))) != 0) {
1994 * Directory set up, now install its entry in the parent directory.
1996 * If we are not doing soft dependencies, then we must write out the
1997 * buffer containing the new directory body before entering the new
1998 * name in the parent. If we are doing soft dependencies, then the
1999 * buffer containing the new directory body will be passed to and
2000 * released in the soft dependency code after the code has attached
2001 * an appropriate ordering dependency to the buffer which ensures that
2002 * the buffer is written before the new name is written in the parent.
2004 if (DOINGASYNC(dvp))
2006 else if (!DOINGSOFTDEP(dvp) && ((error = bwrite(bp))))
2008 ufs_makedirentry(ip, cnp, &newdir);
2009 error = ufs_direnter(dvp, tvp, &newdir, cnp, bp, 0);
2017 DIP_SET(dp, i_nlink, dp->i_nlink);
2018 dp->i_flag |= IN_CHANGE;
2020 * No need to do an explicit VOP_TRUNCATE here, vrele will
2021 * do this for us because we set the link count to 0.
2025 DIP_SET(ip, i_nlink, 0);
2026 ip->i_flag |= IN_CHANGE;
2027 if (DOINGSOFTDEP(tvp))
2028 softdep_revert_mkdir(dp, ip);
2037 * Rmdir system call.
2041 struct vop_rmdir_args /* {
2042 struct vnode *a_dvp;
2044 struct componentname *a_cnp;
2047 struct vnode *vp = ap->a_vp;
2048 struct vnode *dvp = ap->a_dvp;
2049 struct componentname *cnp = ap->a_cnp;
2050 struct inode *ip, *dp;
2057 * Do not remove a directory that is in the process of being renamed.
2058 * Verify the directory is empty (and valid). Rmdir ".." will not be
2059 * valid since ".." will contain a reference to the current directory
2060 * and thus be non-empty. Do not allow the removal of mounted on
2061 * directories (this can happen when an NFS exported filesystem
2062 * tries to remove a locally mounted on directory).
2065 if (ip->i_effnlink < 2) {
2069 if (dp->i_effnlink < 3)
2070 panic("ufs_dirrem: Bad link count %d on parent",
2072 if (!ufs_dirempty(ip, dp->i_number, cnp->cn_cred)) {
2076 if ((dp->i_flags & APPEND)
2077 || (ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))) {
2081 if (vp->v_mountedhere != 0) {
2086 ufs_gjournal_orphan(vp);
2089 * Delete reference to directory before purging
2090 * inode. If we crash in between, the directory
2091 * will be reattached to lost+found,
2095 if (DOINGSOFTDEP(vp))
2096 softdep_setup_rmdir(dp, ip);
2097 error = ufs_dirremove(dvp, ip, cnp->cn_flags, 1);
2101 if (DOINGSOFTDEP(vp))
2102 softdep_revert_rmdir(dp, ip);
2107 * The only stuff left in the directory is "." and "..". The "."
2108 * reference is inconsequential since we are quashing it. The soft
2109 * dependency code will arrange to do these operations after
2110 * the parent directory entry has been deleted on disk, so
2111 * when running with that code we avoid doing them now.
2113 if (!DOINGSOFTDEP(vp)) {
2115 DIP_SET(dp, i_nlink, dp->i_nlink);
2116 dp->i_flag |= IN_CHANGE;
2117 error = UFS_UPDATE(dvp, 0);
2119 DIP_SET(ip, i_nlink, ip->i_nlink);
2120 ip->i_flag |= IN_CHANGE;
2124 /* Kill any active hash; i_effnlink == 0, so it will not come back. */
2125 if (ip->i_dirhash != NULL)
2126 ufsdirhash_free(ip);
2133 * symlink -- make a symbolic link
2137 struct vop_symlink_args /* {
2138 struct vnode *a_dvp;
2139 struct vnode **a_vpp;
2140 struct componentname *a_cnp;
2141 struct vattr *a_vap;
2145 struct vnode *vp, **vpp = ap->a_vpp;
2149 error = ufs_makeinode(IFLNK | ap->a_vap->va_mode, ap->a_dvp,
2154 len = strlen(ap->a_target);
2155 if (len < vp->v_mount->mnt_maxsymlinklen) {
2157 bcopy(ap->a_target, SHORTLINK(ip), len);
2159 DIP_SET(ip, i_size, len);
2160 ip->i_flag |= IN_CHANGE | IN_UPDATE;
2161 error = UFS_UPDATE(vp, 0);
2163 error = vn_rdwr(UIO_WRITE, vp, ap->a_target, len, (off_t)0,
2164 UIO_SYSSPACE, IO_NODELOCKED | IO_NOMACCHECK,
2165 ap->a_cnp->cn_cred, NOCRED, NULL, NULL);
2172 * Vnode op for reading directories.
2174 * The routine below assumes that the on-disk format of a directory
2175 * is the same as that defined by <sys/dirent.h>. If the on-disk
2176 * format changes, then it will be necessary to do a conversion
2177 * from the on-disk format that read returns to the format defined
2178 * by <sys/dirent.h>.
2182 struct vop_readdir_args /* {
2185 struct ucred *a_cred;
2191 struct uio *uio = ap->a_uio;
2197 if (ap->a_ncookies != NULL)
2199 * Ensure that the block is aligned. The caller can use
2200 * the cookies to determine where in the block to start.
2202 uio->uio_offset &= ~(DIRBLKSIZ - 1);
2203 ip = VTOI(ap->a_vp);
2204 if (ip->i_effnlink == 0)
2206 off = uio->uio_offset;
2207 count = uio->uio_resid;
2208 /* Make sure we don't return partial entries. */
2209 if (count <= ((uio->uio_offset + count) & (DIRBLKSIZ -1)))
2211 count -= (uio->uio_offset + count) & (DIRBLKSIZ -1);
2212 lost = uio->uio_resid - count;
2213 uio->uio_resid = count;
2214 uio->uio_iov->iov_len = count;
2215 # if (BYTE_ORDER == LITTLE_ENDIAN)
2216 if (ap->a_vp->v_mount->mnt_maxsymlinklen > 0) {
2217 error = VOP_READ(ap->a_vp, uio, 0, ap->a_cred);
2219 struct dirent *dp, *edp;
2227 auio.uio_iov = &aiov;
2228 auio.uio_iovcnt = 1;
2229 auio.uio_segflg = UIO_SYSSPACE;
2230 aiov.iov_len = count;
2231 dirbuf = malloc(count, M_TEMP, M_WAITOK);
2232 aiov.iov_base = dirbuf;
2233 error = VOP_READ(ap->a_vp, &auio, 0, ap->a_cred);
2235 readcnt = count - auio.uio_resid;
2236 edp = (struct dirent *)&dirbuf[readcnt];
2237 for (dp = (struct dirent *)dirbuf; dp < edp; ) {
2239 dp->d_namlen = dp->d_type;
2241 if (dp->d_reclen > 0) {
2242 dp = (struct dirent *)
2243 ((char *)dp + dp->d_reclen);
2250 error = uiomove(dirbuf, readcnt, uio);
2252 free(dirbuf, M_TEMP);
2255 error = VOP_READ(ap->a_vp, uio, 0, ap->a_cred);
2257 if (!error && ap->a_ncookies != NULL) {
2258 struct dirent* dpStart;
2259 struct dirent* dpEnd;
2265 if (uio->uio_segflg != UIO_SYSSPACE || uio->uio_iovcnt != 1)
2266 panic("ufs_readdir: unexpected uio from NFS server");
2267 dpStart = (struct dirent *)
2268 ((char *)uio->uio_iov->iov_base - (uio->uio_offset - off));
2269 dpEnd = (struct dirent *) uio->uio_iov->iov_base;
2270 for (dp = dpStart, ncookies = 0;
2272 dp = (struct dirent *)((caddr_t) dp + dp->d_reclen))
2274 cookies = malloc(ncookies * sizeof(u_long), M_TEMP,
2276 for (dp = dpStart, cookiep = cookies;
2278 dp = (struct dirent *)((caddr_t) dp + dp->d_reclen)) {
2279 off += dp->d_reclen;
2280 *cookiep++ = (u_long) off;
2282 *ap->a_ncookies = ncookies;
2283 *ap->a_cookies = cookies;
2285 uio->uio_resid += lost;
2287 *ap->a_eofflag = VTOI(ap->a_vp)->i_size <= uio->uio_offset;
2292 * Return target name of a symbolic link
2296 struct vop_readlink_args /* {
2299 struct ucred *a_cred;
2302 struct vnode *vp = ap->a_vp;
2303 struct inode *ip = VTOI(vp);
2307 if ((isize < vp->v_mount->mnt_maxsymlinklen) ||
2308 DIP(ip, i_blocks) == 0) { /* XXX - for old fastlink support */
2309 return (uiomove(SHORTLINK(ip), isize, ap->a_uio));
2311 return (VOP_READ(vp, ap->a_uio, 0, ap->a_cred));
2315 * Calculate the logical to physical mapping if not done already,
2316 * then call the device strategy routine.
2318 * In order to be able to swap to a file, the ufs_bmaparray() operation may not
2319 * deadlock on memory. See ufs_bmap() for details.
2323 struct vop_strategy_args /* {
2328 struct buf *bp = ap->a_bp;
2329 struct vnode *vp = ap->a_vp;
2336 if (bp->b_blkno == bp->b_lblkno) {
2337 error = ufs_bmaparray(vp, bp->b_lblkno, &blkno, bp, NULL, NULL);
2338 bp->b_blkno = blkno;
2340 bp->b_error = error;
2341 bp->b_ioflags |= BIO_ERROR;
2345 if ((long)bp->b_blkno == -1)
2348 if ((long)bp->b_blkno == -1) {
2352 bp->b_iooffset = dbtob(bp->b_blkno);
2353 bo = ip->i_umbufobj;
2354 BO_STRATEGY(bo, bp);
2359 * Print out the contents of an inode.
2363 struct vop_print_args /* {
2367 struct vnode *vp = ap->a_vp;
2368 struct inode *ip = VTOI(vp);
2370 printf("\tino %lu, on dev %s", (u_long)ip->i_number,
2371 devtoname(ip->i_dev));
2372 if (vp->v_type == VFIFO)
2379 * Close wrapper for fifos.
2381 * Update the times on the inode then do device close.
2385 struct vop_close_args /* {
2388 struct ucred *a_cred;
2389 struct thread *a_td;
2392 struct vnode *vp = ap->a_vp;
2396 usecount = vp->v_usecount;
2398 ufs_itimes_locked(vp);
2400 return (fifo_specops.vop_close(ap));
2404 * Kqfilter wrapper for fifos.
2406 * Fall through to ufs kqfilter routines if needed
2409 ufsfifo_kqfilter(ap)
2410 struct vop_kqfilter_args *ap;
2414 error = fifo_specops.vop_kqfilter(ap);
2416 error = vfs_kqfilter(ap);
2421 * Return POSIX pathconf information applicable to fifos.
2424 ufsfifo_pathconf(ap)
2425 struct vop_pathconf_args /* {
2432 switch (ap->a_name) {
2433 case _PC_ACL_EXTENDED:
2435 case _PC_ACL_PATH_MAX:
2436 case _PC_MAC_PRESENT:
2437 return (ufs_pathconf(ap));
2439 return (fifo_specops.vop_pathconf(ap));
2445 * Return POSIX pathconf information applicable to ufs filesystems.
2449 struct vop_pathconf_args /* {
2458 switch (ap->a_name) {
2460 *ap->a_retval = LINK_MAX;
2463 *ap->a_retval = NAME_MAX;
2466 *ap->a_retval = PATH_MAX;
2469 *ap->a_retval = PIPE_BUF;
2471 case _PC_CHOWN_RESTRICTED:
2477 case _PC_ACL_EXTENDED:
2479 if (ap->a_vp->v_mount->mnt_flag & MNT_ACLS)
2490 if (ap->a_vp->v_mount->mnt_flag & MNT_NFS4ACLS)
2499 case _PC_ACL_PATH_MAX:
2501 if (ap->a_vp->v_mount->mnt_flag & (MNT_ACLS | MNT_NFS4ACLS))
2502 *ap->a_retval = ACL_MAX_ENTRIES;
2509 case _PC_MAC_PRESENT:
2511 if (ap->a_vp->v_mount->mnt_flag & MNT_MULTILABEL)
2519 case _PC_MIN_HOLE_SIZE:
2520 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize;
2523 /* _PC_ASYNC_IO should have been handled by upper layers. */
2524 KASSERT(0, ("_PC_ASYNC_IO should not get here"));
2533 case _PC_ALLOC_SIZE_MIN:
2534 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_bsize;
2536 case _PC_FILESIZEBITS:
2539 case _PC_REC_INCR_XFER_SIZE:
2540 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize;
2542 case _PC_REC_MAX_XFER_SIZE:
2543 *ap->a_retval = -1; /* means ``unlimited'' */
2545 case _PC_REC_MIN_XFER_SIZE:
2546 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize;
2548 case _PC_REC_XFER_ALIGN:
2549 *ap->a_retval = PAGE_SIZE;
2551 case _PC_SYMLINK_MAX:
2552 *ap->a_retval = MAXPATHLEN;
2563 * Initialize the vnode associated with a new inode, handle aliased
2567 ufs_vinit(mntp, fifoops, vpp)
2569 struct vop_vector *fifoops;
2577 vp->v_type = IFTOVT(ip->i_mode);
2578 if (vp->v_type == VFIFO)
2580 ASSERT_VOP_LOCKED(vp, "ufs_vinit");
2581 if (ip->i_number == ROOTINO)
2582 vp->v_vflag |= VV_ROOT;
2588 * Allocate a new inode.
2589 * Vnode dvp must be locked.
2592 ufs_makeinode(mode, dvp, vpp, cnp)
2596 struct componentname *cnp;
2598 struct inode *ip, *pdir;
2599 struct direct newdir;
2605 if ((cnp->cn_flags & HASBUF) == 0)
2606 panic("ufs_makeinode: no name");
2609 if ((mode & IFMT) == 0)
2612 if (VTOI(dvp)->i_effnlink < 2)
2613 panic("ufs_makeinode: Bad link count %d on parent",
2614 VTOI(dvp)->i_effnlink);
2615 error = UFS_VALLOC(dvp, mode, cnp->cn_cred, &tvp);
2619 ip->i_gid = pdir->i_gid;
2620 DIP_SET(ip, i_gid, pdir->i_gid);
2624 struct ucred ucred, *ucp;
2629 * If we are not the owner of the directory,
2630 * and we are hacking owners here, (only do this where told to)
2631 * and we are not giving it TO root, (would subvert quotas)
2632 * then go ahead and give it to the other user.
2633 * Note that this drops off the execute bits for security.
2635 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) &&
2636 (pdir->i_mode & ISUID) &&
2637 (pdir->i_uid != cnp->cn_cred->cr_uid) && pdir->i_uid) {
2638 ip->i_uid = pdir->i_uid;
2639 DIP_SET(ip, i_uid, ip->i_uid);
2643 * Make sure the correct user gets charged
2645 * Quickly knock up a dummy credential for the victim.
2646 * XXX This seems to never be accessed out of our
2647 * context so a stack variable is ok.
2649 refcount_init(&ucred.cr_ref, 1);
2650 ucred.cr_uid = ip->i_uid;
2651 ucred.cr_ngroups = 1;
2652 ucred.cr_groups = &ucred_group;
2653 ucred.cr_groups[0] = pdir->i_gid;
2657 ip->i_uid = cnp->cn_cred->cr_uid;
2658 DIP_SET(ip, i_uid, ip->i_uid);
2662 if ((error = getinoquota(ip)) ||
2663 (error = chkiq(ip, 1, ucp, 0))) {
2664 if (DOINGSOFTDEP(tvp))
2665 softdep_revert_link(pdir, ip);
2666 UFS_VFREE(tvp, ip->i_number, mode);
2672 #else /* !SUIDDIR */
2673 ip->i_uid = cnp->cn_cred->cr_uid;
2674 DIP_SET(ip, i_uid, ip->i_uid);
2676 if ((error = getinoquota(ip)) ||
2677 (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
2678 if (DOINGSOFTDEP(tvp))
2679 softdep_revert_link(pdir, ip);
2680 UFS_VFREE(tvp, ip->i_number, mode);
2685 #endif /* !SUIDDIR */
2686 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
2688 DIP_SET(ip, i_mode, mode);
2689 tvp->v_type = IFTOVT(mode); /* Rest init'd in getnewvnode(). */
2692 DIP_SET(ip, i_nlink, 1);
2693 if (DOINGSOFTDEP(tvp))
2694 softdep_setup_create(VTOI(dvp), ip);
2695 if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) &&
2696 priv_check_cred(cnp->cn_cred, PRIV_VFS_SETGID, 0)) {
2697 ip->i_mode &= ~ISGID;
2698 DIP_SET(ip, i_mode, ip->i_mode);
2701 if (cnp->cn_flags & ISWHITEOUT) {
2702 ip->i_flags |= UF_OPAQUE;
2703 DIP_SET(ip, i_flags, ip->i_flags);
2707 * Make sure inode goes to disk before directory entry.
2709 error = UFS_UPDATE(tvp, !(DOINGSOFTDEP(tvp) | DOINGASYNC(tvp)));
2713 if (dvp->v_mount->mnt_flag & MNT_MULTILABEL) {
2714 error = mac_vnode_create_extattr(cnp->cn_cred, dvp->v_mount,
2721 if (dvp->v_mount->mnt_flag & MNT_ACLS) {
2722 error = ufs_do_posix1e_acl_inheritance_file(dvp, tvp, mode,
2723 cnp->cn_cred, cnp->cn_thread);
2726 } else if (dvp->v_mount->mnt_flag & MNT_NFS4ACLS) {
2727 error = ufs_do_nfs4_acl_inheritance(dvp, tvp, mode,
2728 cnp->cn_cred, cnp->cn_thread);
2732 #endif /* !UFS_ACL */
2733 ufs_makedirentry(ip, cnp, &newdir);
2734 error = ufs_direnter(dvp, tvp, &newdir, cnp, NULL, 0);
2742 * Write error occurred trying to update the inode
2743 * or the directory so must deallocate the inode.
2747 DIP_SET(ip, i_nlink, 0);
2748 ip->i_flag |= IN_CHANGE;
2749 if (DOINGSOFTDEP(tvp))
2750 softdep_revert_create(VTOI(dvp), ip);
2756 ufs_ioctl(struct vop_ioctl_args *ap)
2759 switch (ap->a_command) {
2762 return (vn_bmap_seekhole(ap->a_vp, ap->a_command,
2763 (off_t *)ap->a_data, ap->a_cred));
2769 /* Global vfs data structures for ufs. */
2770 struct vop_vector ufs_vnodeops = {
2771 .vop_default = &default_vnodeops,
2772 .vop_fsync = VOP_PANIC,
2773 .vop_read = VOP_PANIC,
2774 .vop_reallocblks = VOP_PANIC,
2775 .vop_write = VOP_PANIC,
2776 .vop_accessx = ufs_accessx,
2777 .vop_bmap = ufs_bmap,
2778 .vop_cachedlookup = ufs_lookup,
2779 .vop_close = ufs_close,
2780 .vop_create = ufs_create,
2781 .vop_getattr = ufs_getattr,
2782 .vop_inactive = ufs_inactive,
2783 .vop_ioctl = ufs_ioctl,
2784 .vop_link = ufs_link,
2785 .vop_lookup = vfs_cache_lookup,
2786 .vop_markatime = ufs_markatime,
2787 .vop_mkdir = ufs_mkdir,
2788 .vop_mknod = ufs_mknod,
2789 .vop_open = ufs_open,
2790 .vop_pathconf = ufs_pathconf,
2791 .vop_poll = vop_stdpoll,
2792 .vop_print = ufs_print,
2793 .vop_readdir = ufs_readdir,
2794 .vop_readlink = ufs_readlink,
2795 .vop_reclaim = ufs_reclaim,
2796 .vop_remove = ufs_remove,
2797 .vop_rename = ufs_rename,
2798 .vop_rmdir = ufs_rmdir,
2799 .vop_setattr = ufs_setattr,
2801 .vop_setlabel = vop_stdsetlabel_ea,
2803 .vop_strategy = ufs_strategy,
2804 .vop_symlink = ufs_symlink,
2805 .vop_whiteout = ufs_whiteout,
2807 .vop_getextattr = ufs_getextattr,
2808 .vop_deleteextattr = ufs_deleteextattr,
2809 .vop_setextattr = ufs_setextattr,
2812 .vop_getacl = ufs_getacl,
2813 .vop_setacl = ufs_setacl,
2814 .vop_aclcheck = ufs_aclcheck,
2818 struct vop_vector ufs_fifoops = {
2819 .vop_default = &fifo_specops,
2820 .vop_fsync = VOP_PANIC,
2821 .vop_accessx = ufs_accessx,
2822 .vop_close = ufsfifo_close,
2823 .vop_getattr = ufs_getattr,
2824 .vop_inactive = ufs_inactive,
2825 .vop_kqfilter = ufsfifo_kqfilter,
2826 .vop_markatime = ufs_markatime,
2827 .vop_pathconf = ufsfifo_pathconf,
2828 .vop_print = ufs_print,
2829 .vop_read = VOP_PANIC,
2830 .vop_reclaim = ufs_reclaim,
2831 .vop_setattr = ufs_setattr,
2833 .vop_setlabel = vop_stdsetlabel_ea,
2835 .vop_write = VOP_PANIC,
2837 .vop_getextattr = ufs_getextattr,
2838 .vop_deleteextattr = ufs_deleteextattr,
2839 .vop_setextattr = ufs_setextattr,
2842 .vop_getacl = ufs_getacl,
2843 .vop_setacl = ufs_setacl,
2844 .vop_aclcheck = ufs_aclcheck,
projects / FreeBSD / releng / 9.2.git / blob