47 */ 48 49#include "opt_suiddir.h" 50 51#include <sys/param.h> 52#include <sys/systm.h> 53#include <sys/resourcevar.h> 54#include <sys/kernel.h> 55#include <sys/fcntl.h> 56#include <sys/stat.h> 57#include <sys/bio.h> 58#include <sys/buf.h> 59#include <sys/proc.h> 60#include <sys/mount.h> 61#include <sys/unistd.h> 62#include <sys/time.h> 63#include <sys/vnode.h> 64#include <sys/namei.h> 65#include <sys/lockf.h> 66#include <sys/event.h> 67#include <sys/conf.h> 68#include <sys/file.h> 69 70#include <vm/vm.h> 71#include <vm/vm_extern.h> 72#include <vm/vnode_pager.h> 73 74#include <fs/fifofs/fifo.h> 75 76#include <sys/signalvar.h> 77#include <ufs/ufs/dir.h> 78 79#include <gnu/ext2fs/inode.h> 80#include <gnu/ext2fs/ext2_mount.h> 81#include <gnu/ext2fs/ext2_fs_sb.h> 82#include <gnu/ext2fs/fs.h> 83#include <gnu/ext2fs/ext2_extern.h> 84#include <gnu/ext2fs/ext2_fs.h> 85 86static int ext2_makeinode(int mode, struct vnode *, struct vnode **, struct componentname *); 87 88static int ext2_access(struct vop_access_args *); 89static int ext2_advlock(struct vop_advlock_args *); 90static int ext2_chmod(struct vnode *, int, struct ucred *, struct thread *); 91static int ext2_chown(struct vnode *, uid_t, gid_t, struct ucred *, 92 struct thread *); 93static int ext2_close(struct vop_close_args *); 94static int ext2_create(struct vop_create_args *); 95static int ext2_fsync(struct vop_fsync_args *); 96static int ext2_getattr(struct vop_getattr_args *); 97static int ext2_kqfilter(struct vop_kqfilter_args *ap); 98static int ext2_link(struct vop_link_args *); 99static int ext2_mkdir(struct vop_mkdir_args *); 100static int ext2_mknod(struct vop_mknod_args *); 101static int ext2_open(struct vop_open_args *); 102static int ext2_pathconf(struct vop_pathconf_args *); 103static int ext2_print(struct vop_print_args *); 104static int ext2_read(struct vop_read_args *); 105static int ext2_readlink(struct vop_readlink_args *); 106static int ext2_remove(struct vop_remove_args *); 107static int ext2_rename(struct vop_rename_args *); 108static int ext2_rmdir(struct vop_rmdir_args *); 109static int ext2_setattr(struct vop_setattr_args *); 110static int ext2_strategy(struct vop_strategy_args *); 111static int ext2_symlink(struct vop_symlink_args *); 112static int ext2_write(struct vop_write_args *); 113static int ext2fifo_close(struct vop_close_args *); 114static int ext2fifo_kqfilter(struct vop_kqfilter_args *); 115static int ext2fifo_read(struct vop_read_args *); 116static int ext2fifo_write(struct vop_write_args *); 117static int ext2spec_close(struct vop_close_args *); 118static int ext2spec_read(struct vop_read_args *); 119static int ext2spec_write(struct vop_write_args *); 120static int filt_ext2read(struct knote *kn, long hint); 121static int filt_ext2write(struct knote *kn, long hint); 122static int filt_ext2vnode(struct knote *kn, long hint); 123static void filt_ext2detach(struct knote *kn); 124 125/* Global vfs data structures for ext2. */ 126vop_t **ext2_vnodeop_p; 127static struct vnodeopv_entry_desc ext2_vnodeop_entries[] = { 128 { &vop_default_desc, (vop_t *) vop_defaultop }, 129 { &vop_access_desc, (vop_t *) ext2_access }, 130 { &vop_advlock_desc, (vop_t *) ext2_advlock }, 131 { &vop_bmap_desc, (vop_t *) ext2_bmap }, 132 { &vop_cachedlookup_desc, (vop_t *) ext2_lookup }, 133 { &vop_close_desc, (vop_t *) ext2_close }, 134 { &vop_create_desc, (vop_t *) ext2_create }, 135 { &vop_fsync_desc, (vop_t *) ext2_fsync }, 136 { &vop_getattr_desc, (vop_t *) ext2_getattr }, 137 { &vop_getwritemount_desc, (vop_t *) vop_stdgetwritemount }, 138 { &vop_inactive_desc, (vop_t *) ext2_inactive }, 139 { &vop_islocked_desc, (vop_t *) vop_stdislocked }, 140 { &vop_link_desc, (vop_t *) ext2_link }, 141 { &vop_lock_desc, (vop_t *) vop_stdlock }, 142 { &vop_lookup_desc, (vop_t *) vfs_cache_lookup }, 143 { &vop_mkdir_desc, (vop_t *) ext2_mkdir }, 144 { &vop_mknod_desc, (vop_t *) ext2_mknod }, 145 { &vop_open_desc, (vop_t *) ext2_open }, 146 { &vop_pathconf_desc, (vop_t *) ext2_pathconf }, 147 { &vop_poll_desc, (vop_t *) vop_stdpoll }, 148 { &vop_kqfilter_desc, (vop_t *) ext2_kqfilter }, 149 { &vop_print_desc, (vop_t *) ext2_print }, 150 { &vop_read_desc, (vop_t *) ext2_read }, 151 { &vop_readdir_desc, (vop_t *) ext2_readdir }, 152 { &vop_readlink_desc, (vop_t *) ext2_readlink }, 153 { &vop_reallocblks_desc, (vop_t *) ext2_reallocblks }, 154 { &vop_reclaim_desc, (vop_t *) ext2_reclaim }, 155 { &vop_remove_desc, (vop_t *) ext2_remove }, 156 { &vop_rename_desc, (vop_t *) ext2_rename }, 157 { &vop_rmdir_desc, (vop_t *) ext2_rmdir }, 158 { &vop_setattr_desc, (vop_t *) ext2_setattr }, 159 { &vop_strategy_desc, (vop_t *) ext2_strategy }, 160 { &vop_symlink_desc, (vop_t *) ext2_symlink }, 161 { &vop_unlock_desc, (vop_t *) vop_stdunlock }, 162 { &vop_write_desc, (vop_t *) ext2_write }, 163 { NULL, NULL } 164}; 165static struct vnodeopv_desc ext2fs_vnodeop_opv_desc = 166 { &ext2_vnodeop_p, ext2_vnodeop_entries }; 167 168vop_t **ext2_specop_p; 169static struct vnodeopv_entry_desc ext2_specop_entries[] = { 170 { &vop_default_desc, (vop_t *) spec_vnoperate }, 171 { &vop_access_desc, (vop_t *) ext2_access }, 172 { &vop_close_desc, (vop_t *) ext2spec_close }, 173 { &vop_fsync_desc, (vop_t *) ext2_fsync }, 174 { &vop_getattr_desc, (vop_t *) ext2_getattr }, 175 { &vop_inactive_desc, (vop_t *) ext2_inactive }, 176 { &vop_islocked_desc, (vop_t *) vop_stdislocked }, 177 { &vop_lock_desc, (vop_t *) vop_stdlock }, 178 { &vop_print_desc, (vop_t *) ext2_print }, 179 { &vop_read_desc, (vop_t *) ext2spec_read }, 180 { &vop_reclaim_desc, (vop_t *) ext2_reclaim }, 181 { &vop_setattr_desc, (vop_t *) ext2_setattr }, 182 { &vop_unlock_desc, (vop_t *) vop_stdunlock }, 183 { &vop_write_desc, (vop_t *) ext2spec_write }, 184 { NULL, NULL } 185}; 186static struct vnodeopv_desc ext2fs_specop_opv_desc = 187 { &ext2_specop_p, ext2_specop_entries }; 188 189vop_t **ext2_fifoop_p; 190static struct vnodeopv_entry_desc ext2_fifoop_entries[] = { 191 { &vop_default_desc, (vop_t *) fifo_vnoperate }, 192 { &vop_access_desc, (vop_t *) ext2_access }, 193 { &vop_close_desc, (vop_t *) ext2fifo_close }, 194 { &vop_fsync_desc, (vop_t *) ext2_fsync }, 195 { &vop_getattr_desc, (vop_t *) ext2_getattr }, 196 { &vop_inactive_desc, (vop_t *) ext2_inactive }, 197 { &vop_islocked_desc, (vop_t *) vop_stdislocked }, 198 { &vop_kqfilter_desc, (vop_t *) ext2fifo_kqfilter }, 199 { &vop_lock_desc, (vop_t *) vop_stdlock }, 200 { &vop_print_desc, (vop_t *) ext2_print }, 201 { &vop_read_desc, (vop_t *) ext2fifo_read }, 202 { &vop_reclaim_desc, (vop_t *) ext2_reclaim }, 203 { &vop_setattr_desc, (vop_t *) ext2_setattr }, 204 { &vop_unlock_desc, (vop_t *) vop_stdunlock }, 205 { &vop_write_desc, (vop_t *) ext2fifo_write }, 206 { NULL, NULL } 207}; 208static struct vnodeopv_desc ext2fs_fifoop_opv_desc = 209 { &ext2_fifoop_p, ext2_fifoop_entries }; 210 211 VNODEOP_SET(ext2fs_vnodeop_opv_desc); 212 VNODEOP_SET(ext2fs_specop_opv_desc); 213 VNODEOP_SET(ext2fs_fifoop_opv_desc); 214 215#include <gnu/ext2fs/ext2_readwrite.c> 216 217union _qcvt { 218 int64_t qcvt; 219 int32_t val[2]; 220}; 221#define SETHIGH(q, h) { \ 222 union _qcvt tmp; \ 223 tmp.qcvt = (q); \ 224 tmp.val[_QUAD_HIGHWORD] = (h); \ 225 (q) = tmp.qcvt; \ 226} 227#define SETLOW(q, l) { \ 228 union _qcvt tmp; \ 229 tmp.qcvt = (q); \ 230 tmp.val[_QUAD_LOWWORD] = (l); \ 231 (q) = tmp.qcvt; \ 232} 233 234/* 235 * A virgin directory (no blushing please). 236 * Note that the type and namlen fields are reversed relative to ext2. 237 * Also, we don't use `struct odirtemplate', since it would just cause 238 * endianness problems. 239 */ 240static struct dirtemplate mastertemplate = { 241 0, 12, 1, EXT2_FT_DIR, ".", 242 0, DIRBLKSIZ - 12, 2, EXT2_FT_DIR, ".." 243}; 244static struct dirtemplate omastertemplate = { 245 0, 12, 1, EXT2_FT_UNKNOWN, ".", 246 0, DIRBLKSIZ - 12, 2, EXT2_FT_UNKNOWN, ".." 247}; 248 249void 250ext2_itimes(vp) 251 struct vnode *vp; 252{ 253 struct inode *ip; 254 struct timespec ts; 255 256 ip = VTOI(vp); 257 if ((ip->i_flag & (IN_ACCESS | IN_CHANGE | IN_UPDATE)) == 0) 258 return; 259 if ((vp->v_type == VBLK || vp->v_type == VCHR)) 260 ip->i_flag |= IN_LAZYMOD; 261 else 262 ip->i_flag |= IN_MODIFIED; 263 if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) { 264 vfs_timestamp(&ts); 265 if (ip->i_flag & IN_ACCESS) { 266 ip->i_atime = ts.tv_sec; 267 ip->i_atimensec = ts.tv_nsec; 268 } 269 if (ip->i_flag & IN_UPDATE) { 270 ip->i_mtime = ts.tv_sec; 271 ip->i_mtimensec = ts.tv_nsec; 272 ip->i_modrev++; 273 } 274 if (ip->i_flag & IN_CHANGE) { 275 ip->i_ctime = ts.tv_sec; 276 ip->i_ctimensec = ts.tv_nsec; 277 } 278 } 279 ip->i_flag &= ~(IN_ACCESS | IN_CHANGE | IN_UPDATE); 280} 281 282/* 283 * Create a regular file 284 */ 285static int 286ext2_create(ap) 287 struct vop_create_args /* { 288 struct vnode *a_dvp; 289 struct vnode **a_vpp; 290 struct componentname *a_cnp; 291 struct vattr *a_vap; 292 } */ *ap; 293{ 294 int error; 295 296 error = 297 ext2_makeinode(MAKEIMODE(ap->a_vap->va_type, ap->a_vap->va_mode), 298 ap->a_dvp, ap->a_vpp, ap->a_cnp); 299 if (error) 300 return (error); 301 return (0); 302} 303 304/* 305 * Open called. 306 * 307 * Nothing to do. 308 */ 309int 310ext2_open(ap) 311 struct vop_open_args /* { 312 struct vnode *a_vp; 313 int a_mode; 314 struct ucred *a_cred; 315 struct thread *a_td; 316 } */ *ap; 317{ 318 319 /* 320 * Files marked append-only must be opened for appending. 321 */ 322 if ((VTOI(ap->a_vp)->i_flags & APPEND) && 323 (ap->a_mode & (FWRITE | O_APPEND)) == FWRITE) 324 return (EPERM); 325 return (0); 326} 327 328/* 329 * Close called. 330 * 331 * Update the times on the inode. 332 */ 333static int 334ext2_close(ap) 335 struct vop_close_args /* { 336 struct vnode *a_vp; 337 int a_fflag; 338 struct ucred *a_cred; 339 struct thread *a_td; 340 } */ *ap; 341{ 342 struct vnode *vp = ap->a_vp; 343 struct mount *mp; 344 345 mtx_lock(&vp->v_interlock); 346 if (vp->v_usecount > 1) { 347 ext2_itimes(vp); 348 mtx_unlock(&vp->v_interlock); 349 } else { 350 mtx_unlock(&vp->v_interlock); 351 /* 352 * If we are closing the last reference to an unlinked 353 * file, then it will be freed by the inactive routine. 354 * Because the freeing causes a the filesystem to be 355 * modified, it must be held up during periods when the 356 * filesystem is suspended. 357 * 358 * XXX - EAGAIN is returned to prevent vn_close from 359 * repeating the vrele operation. 360 */ 361 if (vp->v_type == VREG && VTOI(vp)->i_nlink == 0) { 362 (void) vn_start_write(vp, &mp, V_WAIT); 363 vrele(vp); 364 vn_finished_write(mp); 365 return (EAGAIN); 366 } 367 } 368 return (0); 369} 370 371static int 372ext2_access(ap) 373 struct vop_access_args /* { 374 struct vnode *a_vp; 375 int a_mode; 376 struct ucred *a_cred; 377 struct thread *a_td; 378 } */ *ap; 379{ 380 struct vnode *vp = ap->a_vp; 381 struct inode *ip = VTOI(vp); 382 mode_t mode = ap->a_mode; 383 int error; 384 385 /* 386 * Disallow write attempts on read-only file systems; 387 * unless the file is a socket, fifo, or a block or 388 * character device resident on the file system. 389 */ 390 if (mode & VWRITE) { 391 switch (vp->v_type) { 392 case VDIR: 393 case VLNK: 394 case VREG: 395 if (vp->v_mount->mnt_flag & MNT_RDONLY) 396 return (EROFS); 397 break; 398 default: 399 break; 400 } 401 } 402 403 /* If immutable bit set, nobody gets to write it. */ 404 if ((mode & VWRITE) && (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT))) 405 return (EPERM); 406 407 error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, ip->i_gid, 408 ap->a_mode, ap->a_cred, NULL); 409 return (error); 410} 411 412static int 413ext2_getattr(ap) 414 struct vop_getattr_args /* { 415 struct vnode *a_vp; 416 struct vattr *a_vap; 417 struct ucred *a_cred; 418 struct thread *a_td; 419 } */ *ap; 420{ 421 struct vnode *vp = ap->a_vp; 422 struct inode *ip = VTOI(vp); 423 struct vattr *vap = ap->a_vap; 424 425 ext2_itimes(vp); 426 /* 427 * Copy from inode table 428 */ 429 vap->va_fsid = dev2udev(ip->i_dev); 430 vap->va_fileid = ip->i_number; 431 vap->va_mode = ip->i_mode & ~IFMT; 432 vap->va_nlink = ip->i_nlink; 433 vap->va_uid = ip->i_uid; 434 vap->va_gid = ip->i_gid; 435 vap->va_rdev = ip->i_rdev; 436 vap->va_size = ip->i_size; 437 vap->va_atime.tv_sec = ip->i_atime; 438 vap->va_atime.tv_nsec = ip->i_atimensec; 439 vap->va_mtime.tv_sec = ip->i_mtime; 440 vap->va_mtime.tv_nsec = ip->i_mtimensec; 441 vap->va_ctime.tv_sec = ip->i_ctime; 442 vap->va_ctime.tv_nsec = ip->i_ctimensec; 443 vap->va_flags = ip->i_flags; 444 vap->va_gen = ip->i_gen; 445 vap->va_blocksize = vp->v_mount->mnt_stat.f_iosize; 446 vap->va_bytes = dbtob((u_quad_t)ip->i_blocks); 447 vap->va_type = IFTOVT(ip->i_mode); 448 vap->va_filerev = ip->i_modrev; 449 return (0); 450} 451 452/* 453 * Set attribute vnode op. called from several syscalls 454 */ 455int 456ext2_setattr(ap) 457 struct vop_setattr_args /* { 458 struct vnode *a_vp; 459 struct vattr *a_vap; 460 struct ucred *a_cred; 461 struct thread *a_td; 462 } */ *ap; 463{ 464 struct vattr *vap = ap->a_vap; 465 struct vnode *vp = ap->a_vp; 466 struct inode *ip = VTOI(vp); 467 struct ucred *cred = ap->a_cred; 468 struct thread *td = ap->a_td; 469 int error; 470 471 /* 472 * Check for unsettable attributes. 473 */ 474 if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) || 475 (vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) || 476 (vap->va_blocksize != VNOVAL) || (vap->va_rdev != VNOVAL) || 477 ((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) { 478 return (EINVAL); 479 } 480 if (vap->va_flags != VNOVAL) { 481 if (vp->v_mount->mnt_flag & MNT_RDONLY) 482 return (EROFS); 483 /* 484 * Callers may only modify the file flags on objects they 485 * have VADMIN rights for. 486 */ 487 if ((error = VOP_ACCESS(vp, VADMIN, cred, td))) 488 return (error); 489 /* 490 * Unprivileged processes and privileged processes in 491 * jail() are not permitted to unset system flags, or 492 * modify flags if any system flags are set. 493 * Privileged non-jail processes may not modify system flags 494 * if securelevel > 0 and any existing system flags are set. 495 */ 496 if (!suser_cred(cred, PRISON_ROOT)) { 497 if (ip->i_flags 498 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) { 499 error = securelevel_gt(cred, 0); 500 if (error) 501 return (error); 502 } 503 ip->i_flags = vap->va_flags; 504 } else { 505 if (ip->i_flags 506 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) || 507 (vap->va_flags & UF_SETTABLE) != vap->va_flags) 508 return (EPERM); 509 ip->i_flags &= SF_SETTABLE; 510 ip->i_flags |= (vap->va_flags & UF_SETTABLE); 511 } 512 ip->i_flag |= IN_CHANGE; 513 if (vap->va_flags & (IMMUTABLE | APPEND)) 514 return (0); 515 } 516 if (ip->i_flags & (IMMUTABLE | APPEND)) 517 return (EPERM); 518 /* 519 * Go through the fields and update iff not VNOVAL. 520 */ 521 if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) { 522 if (vp->v_mount->mnt_flag & MNT_RDONLY) 523 return (EROFS); 524 if ((error = ext2_chown(vp, vap->va_uid, vap->va_gid, cred, 525 td)) != 0) 526 return (error); 527 } 528 if (vap->va_size != VNOVAL) { 529 /* 530 * Disallow write attempts on read-only file systems; 531 * unless the file is a socket, fifo, or a block or 532 * character device resident on the file system. 533 */ 534 switch (vp->v_type) { 535 case VDIR: 536 return (EISDIR); 537 case VLNK: 538 case VREG: 539 if (vp->v_mount->mnt_flag & MNT_RDONLY) 540 return (EROFS); 541 break; 542 default: 543 break; 544 } 545 if ((error = ext2_truncate(vp, vap->va_size, 0, cred, td)) != 0) 546 return (error); 547 } 548 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 549 if (vp->v_mount->mnt_flag & MNT_RDONLY) 550 return (EROFS); 551 /* 552 * From utimes(2): 553 * If times is NULL, ... The caller must be the owner of 554 * the file, have permission to write the file, or be the 555 * super-user. 556 * If times is non-NULL, ... The caller must be the owner of 557 * the file or be the super-user. 558 */ 559 if ((error = VOP_ACCESS(vp, VADMIN, cred, td)) && 560 ((vap->va_vaflags & VA_UTIMES_NULL) == 0 || 561 (error = VOP_ACCESS(vp, VWRITE, cred, td)))) 562 return (error); 563 if (vap->va_atime.tv_sec != VNOVAL) 564 ip->i_flag |= IN_ACCESS; 565 if (vap->va_mtime.tv_sec != VNOVAL) 566 ip->i_flag |= IN_CHANGE | IN_UPDATE; 567 ext2_itimes(vp); 568 if (vap->va_atime.tv_sec != VNOVAL) { 569 ip->i_atime = vap->va_atime.tv_sec; 570 ip->i_atimensec = vap->va_atime.tv_nsec; 571 } 572 if (vap->va_mtime.tv_sec != VNOVAL) { 573 ip->i_mtime = vap->va_mtime.tv_sec; 574 ip->i_mtimensec = vap->va_mtime.tv_nsec; 575 } 576 error = ext2_update(vp, 0); 577 if (error) 578 return (error); 579 } 580 error = 0; 581 if (vap->va_mode != (mode_t)VNOVAL) { 582 if (vp->v_mount->mnt_flag & MNT_RDONLY) 583 return (EROFS); 584 error = ext2_chmod(vp, (int)vap->va_mode, cred, td); 585 } 586 VN_KNOTE(vp, NOTE_ATTRIB); 587 return (error); 588} 589 590/* 591 * Change the mode on a file. 592 * Inode must be locked before calling. 593 */ 594static int 595ext2_chmod(vp, mode, cred, td) 596 struct vnode *vp; 597 int mode; 598 struct ucred *cred; 599 struct thread *td; 600{ 601 struct inode *ip = VTOI(vp); 602 int error; 603 604 /* 605 * To modify the permissions on a file, must possess VADMIN 606 * for that file. 607 */ 608 if ((error = VOP_ACCESS(vp, VADMIN, cred, td))) 609 return (error); 610 /* 611 * Privileged processes may set the sticky bit on non-directories, 612 * as well as set the setgid bit on a file with a group that the 613 * process is not a member of. 614 */ 615 if (suser_cred(cred, PRISON_ROOT)) { 616 if (vp->v_type != VDIR && (mode & S_ISTXT)) 617 return (EFTYPE); 618 if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) 619 return (EPERM); 620 } 621 ip->i_mode &= ~ALLPERMS; 622 ip->i_mode |= (mode & ALLPERMS); 623 ip->i_flag |= IN_CHANGE; 624 return (0); 625} 626 627/* 628 * Perform chown operation on inode ip; 629 * inode must be locked prior to call. 630 */ 631static int 632ext2_chown(vp, uid, gid, cred, td) 633 struct vnode *vp; 634 uid_t uid; 635 gid_t gid; 636 struct ucred *cred; 637 struct thread *td; 638{ 639 struct inode *ip = VTOI(vp); 640 uid_t ouid; 641 gid_t ogid; 642 int error = 0; 643 644 if (uid == (uid_t)VNOVAL) 645 uid = ip->i_uid; 646 if (gid == (gid_t)VNOVAL) 647 gid = ip->i_gid; 648 /* 649 * To modify the ownership of a file, must possess VADMIN 650 * for that file. 651 */ 652 if ((error = VOP_ACCESS(vp, VADMIN, cred, td))) 653 return (error); 654 /* 655 * To change the owner of a file, or change the group of a file 656 * to a group of which we are not a member, the caller must 657 * have privilege. 658 */ 659 if ((uid != ip->i_uid || 660 (gid != ip->i_gid && !groupmember(gid, cred))) && 661 (error = suser_cred(cred, PRISON_ROOT))) 662 return (error); 663 ogid = ip->i_gid; 664 ouid = ip->i_uid; 665 ip->i_gid = gid; 666 ip->i_uid = uid; 667 ip->i_flag |= IN_CHANGE; 668 if (suser_cred(cred, PRISON_ROOT) && (ouid != uid || ogid != gid)) 669 ip->i_mode &= ~(ISUID | ISGID); 670 return (0); 671} 672 673/* 674 * Synch an open file. 675 */ 676/* ARGSUSED */ 677static int 678ext2_fsync(ap) 679 struct vop_fsync_args /* { 680 struct vnode *a_vp; 681 struct ucred *a_cred; 682 int a_waitfor; 683 struct thread *a_td; 684 } */ *ap; 685{ 686 struct vnode *vp = ap->a_vp; 687 struct buf *bp; 688 struct buf *nbp; 689 int s; 690 691 /* 692 * XXX why is all this fs specific? 693 */ 694 695 /* 696 * Flush all dirty buffers associated with a vnode. 697 */ 698 ext2_discard_prealloc(VTOI(vp)); 699 700loop: 701 s = splbio(); 702 for (bp = TAILQ_FIRST(&vp->v_dirtyblkhd); bp; bp = nbp) { 703 nbp = TAILQ_NEXT(bp, b_vnbufs); 704 if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_NOWAIT)) 705 continue; 706 if ((bp->b_flags & B_DELWRI) == 0) 707 panic("ext2_fsync: not dirty"); 708 bremfree(bp); 709 splx(s); 710 /* 711 * Wait for I/O associated with indirect blocks to complete, 712 * since there is no way to quickly wait for them below. 713 */ 714 if (bp->b_vp == vp || ap->a_waitfor == MNT_NOWAIT) 715 (void) bawrite(bp); 716 else 717 (void) bwrite(bp); 718 goto loop; 719 } 720 if (ap->a_waitfor == MNT_WAIT) { 721 while (vp->v_numoutput) { 722 vp->v_flag |= VBWAIT; 723 tsleep(&vp->v_numoutput, PRIBIO + 1, "e2fsyn", 0); 724 } 725#if DIAGNOSTIC 726 if (!TAILQ_EMPTY(&vp->v_dirtyblkhd)) { 727 vprint("ext2_fsync: dirty", vp); 728 goto loop; 729 } 730#endif 731 } 732 splx(s); 733 return (ext2_update(ap->a_vp, ap->a_waitfor == MNT_WAIT)); 734} 735 736/* 737 * Mknod vnode call 738 */ 739/* ARGSUSED */ 740static int 741ext2_mknod(ap) 742 struct vop_mknod_args /* { 743 struct vnode *a_dvp; 744 struct vnode **a_vpp; 745 struct componentname *a_cnp; 746 struct vattr *a_vap; 747 } */ *ap; 748{ 749 struct vattr *vap = ap->a_vap; 750 struct vnode **vpp = ap->a_vpp; 751 struct inode *ip; 752 ino_t ino; 753 int error; 754 755 error = ext2_makeinode(MAKEIMODE(vap->va_type, vap->va_mode), 756 ap->a_dvp, vpp, ap->a_cnp); 757 if (error) 758 return (error); 759 ip = VTOI(*vpp); 760 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 761 if (vap->va_rdev != VNOVAL) { 762 /* 763 * Want to be able to use this to make badblock 764 * inodes, so don't truncate the dev number. 765 */ 766 ip->i_rdev = vap->va_rdev; 767 } 768 /* 769 * Remove inode, then reload it through VFS_VGET so it is 770 * checked to see if it is an alias of an existing entry in 771 * the inode cache. 772 */ 773 vput(*vpp); 774 (*vpp)->v_type = VNON; 775 ino = ip->i_number; /* Save this before vgone() invalidates ip. */ 776 vgone(*vpp); 777 error = VFS_VGET(ap->a_dvp->v_mount, ino, LK_EXCLUSIVE, vpp); 778 if (error) { 779 *vpp = NULL; 780 return (error); 781 } 782 return (0); 783} 784 785static int 786ext2_remove(ap) 787 struct vop_remove_args /* { 788 struct vnode *a_dvp; 789 struct vnode *a_vp; 790 struct componentname *a_cnp; 791 } */ *ap; 792{ 793 struct inode *ip; 794 struct vnode *vp = ap->a_vp; 795 struct vnode *dvp = ap->a_dvp; 796 int error; 797 798 ip = VTOI(vp); 799 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 800 (VTOI(dvp)->i_flags & APPEND)) { 801 error = EPERM; 802 goto out; 803 } 804 error = ext2_dirremove(dvp, ap->a_cnp); 805 if (error == 0) { 806 ip->i_nlink--; 807 ip->i_flag |= IN_CHANGE; 808 } 809out: 810 return (error); 811} 812 813/* 814 * link vnode call 815 */ 816static int 817ext2_link(ap) 818 struct vop_link_args /* { 819 struct vnode *a_tdvp; 820 struct vnode *a_vp; 821 struct componentname *a_cnp; 822 } */ *ap; 823{ 824 struct vnode *vp = ap->a_vp; 825 struct vnode *tdvp = ap->a_tdvp; 826 struct componentname *cnp = ap->a_cnp; 827 struct thread *td = cnp->cn_thread; 828 struct inode *ip; 829 int error; 830 831#ifdef DIAGNOSTIC 832 if ((cnp->cn_flags & HASBUF) == 0) 833 panic("ext2_link: no name"); 834#endif 835 if (tdvp->v_mount != vp->v_mount) { 836 error = EXDEV; 837 goto out2; 838 } 839 if (tdvp != vp && (error = vn_lock(vp, LK_EXCLUSIVE, td))) { 840 goto out2; 841 } 842 ip = VTOI(vp); 843 if ((nlink_t)ip->i_nlink >= LINK_MAX) { 844 error = EMLINK; 845 goto out1; 846 } 847 if (ip->i_flags & (IMMUTABLE | APPEND)) { 848 error = EPERM; 849 goto out1; 850 } 851 ip->i_nlink++; 852 ip->i_flag |= IN_CHANGE; 853 error = ext2_update(vp, 1); 854 if (!error) 855 error = ext2_direnter(ip, tdvp, cnp); 856 if (error) { 857 ip->i_nlink--; 858 ip->i_flag |= IN_CHANGE; 859 } 860out1: 861 if (tdvp != vp) 862 VOP_UNLOCK(vp, 0, td); 863out2: 864 return (error); 865} 866 867/* 868 * Rename system call. 869 * See comments in sys/ufs/ufs/ufs_vnops.c 870 */ 871static int 872ext2_rename(ap) 873 struct vop_rename_args /* { 874 struct vnode *a_fdvp; 875 struct vnode *a_fvp; 876 struct componentname *a_fcnp; 877 struct vnode *a_tdvp; 878 struct vnode *a_tvp; 879 struct componentname *a_tcnp; 880 } */ *ap; 881{ 882 struct vnode *tvp = ap->a_tvp; 883 struct vnode *tdvp = ap->a_tdvp; 884 struct vnode *fvp = ap->a_fvp; 885 struct vnode *fdvp = ap->a_fdvp; 886 struct componentname *tcnp = ap->a_tcnp; 887 struct componentname *fcnp = ap->a_fcnp; 888 struct thread *td = fcnp->cn_thread; 889 struct inode *ip, *xp, *dp; 890 struct dirtemplate dirbuf; 891 int doingdirectory = 0, oldparent = 0, newparent = 0; 892 int error = 0; 893 u_char namlen; 894 895#ifdef DIAGNOSTIC 896 if ((tcnp->cn_flags & HASBUF) == 0 || 897 (fcnp->cn_flags & HASBUF) == 0) 898 panic("ext2_rename: no name"); 899#endif 900 /* 901 * Check for cross-device rename. 902 */ 903 if ((fvp->v_mount != tdvp->v_mount) || 904 (tvp && (fvp->v_mount != tvp->v_mount))) { 905 error = EXDEV; 906abortit: 907 if (tdvp == tvp) 908 vrele(tdvp); 909 else 910 vput(tdvp); 911 if (tvp) 912 vput(tvp); 913 vrele(fdvp); 914 vrele(fvp); 915 return (error); 916 } 917 918 if (tvp && ((VTOI(tvp)->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 919 (VTOI(tdvp)->i_flags & APPEND))) { 920 error = EPERM; 921 goto abortit; 922 } 923 924 /* 925 * Check if just deleting a link name or if we've lost a race. 926 * If another process completes the same rename after we've looked 927 * up the source and have blocked looking up the target, then the 928 * source and target inodes may be identical now although the 929 * names were never linked. 930 */ 931 if (fvp == tvp) { 932 if (fvp->v_type == VDIR) { 933 /* 934 * Linked directories are impossible, so we must 935 * have lost the race. Pretend that the rename 936 * completed before the lookup. 937 */ 938#ifdef UFS_RENAME_DEBUG 939 printf("ext2_rename: fvp == tvp for directories\n"); 940#endif 941 error = ENOENT; 942 goto abortit; 943 } 944 945 /* Release destination completely. */ 946 vput(tdvp); 947 vput(tvp); 948 949 /* 950 * Delete source. There is another race now that everything 951 * is unlocked, but this doesn't cause any new complications. 952 * Relookup() may find a file that is unrelated to the 953 * original one, or it may fail. Too bad. 954 */ 955 vrele(fdvp); 956 vrele(fvp); 957 fcnp->cn_flags &= ~MODMASK; 958 fcnp->cn_flags |= LOCKPARENT | LOCKLEAF; 959 fcnp->cn_nameiop = DELETE; 960 VREF(fdvp); 961 error = relookup(fdvp, &fvp, fcnp); 962 if (error == 0) 963 vrele(fdvp); 964 if (fvp == NULL) { 965#ifdef UFS_RENAME_DEBUG 966 printf("ext2_rename: from name disappeared\n"); 967#endif 968 return (ENOENT); 969 } 970 error = VOP_REMOVE(fdvp, fvp, fcnp); 971 if (fdvp == fvp) 972 vrele(fdvp); 973 else 974 vput(fdvp); 975 if (fvp != NULLVP) 976 vput(fvp); 977 return (error); 978 } 979 if ((error = vn_lock(fvp, LK_EXCLUSIVE, td)) != 0) 980 goto abortit; 981 dp = VTOI(fdvp); 982 ip = VTOI(fvp); 983 if (ip->i_nlink >= LINK_MAX) { 984 VOP_UNLOCK(fvp, 0, td); 985 error = EMLINK; 986 goto abortit; 987 } 988 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) 989 || (dp->i_flags & APPEND)) { 990 VOP_UNLOCK(fvp, 0, td); 991 error = EPERM; 992 goto abortit; 993 } 994 if ((ip->i_mode & IFMT) == IFDIR) { 995 /* 996 * Avoid ".", "..", and aliases of "." for obvious reasons. 997 */ 998 if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') || 999 dp == ip || (fcnp->cn_flags | tcnp->cn_flags) & ISDOTDOT || 1000 (ip->i_flag & IN_RENAME)) { 1001 VOP_UNLOCK(fvp, 0, td); 1002 error = EINVAL; 1003 goto abortit; 1004 } 1005 ip->i_flag |= IN_RENAME; 1006 oldparent = dp->i_number; 1007 doingdirectory++; 1008 } 1009 vrele(fdvp); 1010 1011 /* 1012 * When the target exists, both the directory 1013 * and target vnodes are returned locked. 1014 */ 1015 dp = VTOI(tdvp); 1016 xp = NULL; 1017 if (tvp) 1018 xp = VTOI(tvp); 1019 1020 /* 1021 * 1) Bump link count while we're moving stuff 1022 * around. If we crash somewhere before 1023 * completing our work, the link count 1024 * may be wrong, but correctable. 1025 */ 1026 ip->i_nlink++; 1027 ip->i_flag |= IN_CHANGE; 1028 if ((error = ext2_update(fvp, 1)) != 0) { 1029 VOP_UNLOCK(fvp, 0, td); 1030 goto bad; 1031 } 1032 1033 /* 1034 * If ".." must be changed (ie the directory gets a new 1035 * parent) then the source directory must not be in the 1036 * directory heirarchy above the target, as this would 1037 * orphan everything below the source directory. Also 1038 * the user must have write permission in the source so 1039 * as to be able to change "..". We must repeat the call 1040 * to namei, as the parent directory is unlocked by the 1041 * call to checkpath(). 1042 */ 1043 error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred, tcnp->cn_thread); 1044 VOP_UNLOCK(fvp, 0, td); 1045 if (oldparent != dp->i_number) 1046 newparent = dp->i_number; 1047 if (doingdirectory && newparent) { 1048 if (error) /* write access check above */ 1049 goto bad; 1050 if (xp != NULL) 1051 vput(tvp); 1052 error = ext2_checkpath(ip, dp, tcnp->cn_cred); 1053 if (error) 1054 goto out; 1055 VREF(tdvp); 1056 error = relookup(tdvp, &tvp, tcnp); 1057 if (error) 1058 goto out; 1059 vrele(tdvp); 1060 dp = VTOI(tdvp); 1061 xp = NULL; 1062 if (tvp) 1063 xp = VTOI(tvp); 1064 } 1065 /* 1066 * 2) If target doesn't exist, link the target 1067 * to the source and unlink the source. 1068 * Otherwise, rewrite the target directory 1069 * entry to reference the source inode and 1070 * expunge the original entry's existence. 1071 */ 1072 if (xp == NULL) { 1073 if (dp->i_dev != ip->i_dev) 1074 panic("ext2_rename: EXDEV"); 1075 /* 1076 * Account for ".." in new directory. 1077 * When source and destination have the same 1078 * parent we don't fool with the link count. 1079 */ 1080 if (doingdirectory && newparent) { 1081 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1082 error = EMLINK; 1083 goto bad; 1084 } 1085 dp->i_nlink++; 1086 dp->i_flag |= IN_CHANGE; 1087 error = ext2_update(tdvp, 1); 1088 if (error) 1089 goto bad; 1090 } 1091 error = ext2_direnter(ip, tdvp, tcnp); 1092 if (error) { 1093 if (doingdirectory && newparent) { 1094 dp->i_nlink--; 1095 dp->i_flag |= IN_CHANGE; 1096 (void)ext2_update(tdvp, 1); 1097 } 1098 goto bad; 1099 } 1100 vput(tdvp); 1101 } else { 1102 if (xp->i_dev != dp->i_dev || xp->i_dev != ip->i_dev) 1103 panic("ext2_rename: EXDEV"); 1104 /* 1105 * Short circuit rename(foo, foo). 1106 */ 1107 if (xp->i_number == ip->i_number) 1108 panic("ext2_rename: same file"); 1109 /* 1110 * If the parent directory is "sticky", then the user must 1111 * own the parent directory, or the destination of the rename, 1112 * otherwise the destination may not be changed (except by 1113 * root). This implements append-only directories. 1114 */ 1115 if ((dp->i_mode & S_ISTXT) && tcnp->cn_cred->cr_uid != 0 && 1116 tcnp->cn_cred->cr_uid != dp->i_uid && 1117 xp->i_uid != tcnp->cn_cred->cr_uid) { 1118 error = EPERM; 1119 goto bad; 1120 } 1121 /* 1122 * Target must be empty if a directory and have no links 1123 * to it. Also, ensure source and target are compatible 1124 * (both directories, or both not directories). 1125 */ 1126 if ((xp->i_mode&IFMT) == IFDIR) { 1127 if (! ext2_dirempty(xp, dp->i_number, tcnp->cn_cred) || 1128 xp->i_nlink > 2) { 1129 error = ENOTEMPTY; 1130 goto bad; 1131 } 1132 if (!doingdirectory) { 1133 error = ENOTDIR; 1134 goto bad; 1135 } 1136 cache_purge(tdvp); 1137 } else if (doingdirectory) { 1138 error = EISDIR; 1139 goto bad; 1140 } 1141 error = ext2_dirrewrite(dp, ip, tcnp); 1142 if (error) 1143 goto bad; 1144 /* 1145 * If the target directory is in the same 1146 * directory as the source directory, 1147 * decrement the link count on the parent 1148 * of the target directory. 1149 */ 1150 if (doingdirectory && !newparent) { 1151 dp->i_nlink--; 1152 dp->i_flag |= IN_CHANGE; 1153 } 1154 vput(tdvp); 1155 /* 1156 * Adjust the link count of the target to 1157 * reflect the dirrewrite above. If this is 1158 * a directory it is empty and there are 1159 * no links to it, so we can squash the inode and 1160 * any space associated with it. We disallowed 1161 * renaming over top of a directory with links to 1162 * it above, as the remaining link would point to 1163 * a directory without "." or ".." entries. 1164 */ 1165 xp->i_nlink--; 1166 if (doingdirectory) { 1167 if (--xp->i_nlink != 0) 1168 panic("ext2_rename: linked directory"); 1169 error = ext2_truncate(tvp, (off_t)0, IO_SYNC, 1170 tcnp->cn_cred, tcnp->cn_thread); 1171 } 1172 xp->i_flag |= IN_CHANGE; 1173 vput(tvp); 1174 xp = NULL; 1175 } 1176 1177 /* 1178 * 3) Unlink the source. 1179 */ 1180 fcnp->cn_flags &= ~MODMASK; 1181 fcnp->cn_flags |= LOCKPARENT | LOCKLEAF; 1182 VREF(fdvp); 1183 error = relookup(fdvp, &fvp, fcnp); 1184 if (error == 0) 1185 vrele(fdvp); 1186 if (fvp != NULL) { 1187 xp = VTOI(fvp); 1188 dp = VTOI(fdvp); 1189 } else { 1190 /* 1191 * From name has disappeared. 1192 */ 1193 if (doingdirectory) 1194 panic("ext2_rename: lost dir entry"); 1195 vrele(ap->a_fvp); 1196 return (0); 1197 } 1198 /* 1199 * Ensure that the directory entry still exists and has not 1200 * changed while the new name has been entered. If the source is 1201 * a file then the entry may have been unlinked or renamed. In 1202 * either case there is no further work to be done. If the source 1203 * is a directory then it cannot have been rmdir'ed; its link 1204 * count of three would cause a rmdir to fail with ENOTEMPTY. 1205 * The IN_RENAME flag ensures that it cannot be moved by another 1206 * rename. 1207 */ 1208 if (xp != ip) { 1209 if (doingdirectory) 1210 panic("ext2_rename: lost dir entry"); 1211 } else { 1212 /* 1213 * If the source is a directory with a 1214 * new parent, the link count of the old 1215 * parent directory must be decremented 1216 * and ".." set to point to the new parent. 1217 */ 1218 if (doingdirectory && newparent) { 1219 dp->i_nlink--; 1220 dp->i_flag |= IN_CHANGE; 1221 error = vn_rdwr(UIO_READ, fvp, (caddr_t)&dirbuf, 1222 sizeof (struct dirtemplate), (off_t)0, 1223 UIO_SYSSPACE, IO_NODELOCKED, 1224 tcnp->cn_cred, (int *)0, (struct thread *)0); 1225 if (error == 0) { 1226 /* Like ufs little-endian: */ 1227 namlen = dirbuf.dotdot_type; 1228 if (namlen != 2 || 1229 dirbuf.dotdot_name[0] != '.' || 1230 dirbuf.dotdot_name[1] != '.') { 1231 ext2_dirbad(xp, (doff_t)12, 1232 "rename: mangled dir"); 1233 } else { 1234 dirbuf.dotdot_ino = newparent; 1235 (void) vn_rdwr(UIO_WRITE, fvp, 1236 (caddr_t)&dirbuf, 1237 sizeof (struct dirtemplate), 1238 (off_t)0, UIO_SYSSPACE, 1239 IO_NODELOCKED|IO_SYNC, 1240 tcnp->cn_cred, (int *)0, 1241 (struct thread *)0); 1242 cache_purge(fdvp); 1243 } 1244 } 1245 } 1246 error = ext2_dirremove(fdvp, fcnp); 1247 if (!error) { 1248 xp->i_nlink--; 1249 xp->i_flag |= IN_CHANGE; 1250 } 1251 xp->i_flag &= ~IN_RENAME; 1252 } 1253 if (dp) 1254 vput(fdvp); 1255 if (xp) 1256 vput(fvp); 1257 vrele(ap->a_fvp); 1258 return (error); 1259 1260bad: 1261 if (xp) 1262 vput(ITOV(xp)); 1263 vput(ITOV(dp)); 1264out: 1265 if (doingdirectory) 1266 ip->i_flag &= ~IN_RENAME; 1267 if (vn_lock(fvp, LK_EXCLUSIVE, td) == 0) { 1268 ip->i_nlink--; 1269 ip->i_flag |= IN_CHANGE; 1270 ip->i_flag &= ~IN_RENAME; 1271 vput(fvp); 1272 } else 1273 vrele(fvp); 1274 return (error); 1275} 1276 1277/* 1278 * Mkdir system call 1279 */ 1280static int 1281ext2_mkdir(ap) 1282 struct vop_mkdir_args /* { 1283 struct vnode *a_dvp; 1284 struct vnode **a_vpp; 1285 struct componentname *a_cnp; 1286 struct vattr *a_vap; 1287 } */ *ap; 1288{ 1289 struct vnode *dvp = ap->a_dvp; 1290 struct vattr *vap = ap->a_vap; 1291 struct componentname *cnp = ap->a_cnp; 1292 struct inode *ip, *dp; 1293 struct vnode *tvp; 1294 struct dirtemplate dirtemplate, *dtp; 1295 int error, dmode; 1296 1297#ifdef DIAGNOSTIC 1298 if ((cnp->cn_flags & HASBUF) == 0) 1299 panic("ext2_mkdir: no name"); 1300#endif 1301 dp = VTOI(dvp); 1302 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1303 error = EMLINK; 1304 goto out; 1305 } 1306 dmode = vap->va_mode & 0777; 1307 dmode |= IFDIR; 1308 /* 1309 * Must simulate part of ext2_makeinode here to acquire the inode, 1310 * but not have it entered in the parent directory. The entry is 1311 * made later after writing "." and ".." entries. 1312 */ 1313 error = ext2_valloc(dvp, dmode, cnp->cn_cred, &tvp); 1314 if (error) 1315 goto out; 1316 ip = VTOI(tvp); 1317 ip->i_gid = dp->i_gid; 1318#ifdef SUIDDIR 1319 { 1320 /* 1321 * if we are hacking owners here, (only do this where told to) 1322 * and we are not giving it TOO root, (would subvert quotas) 1323 * then go ahead and give it to the other user. 1324 * The new directory also inherits the SUID bit. 1325 * If user's UID and dir UID are the same, 1326 * 'give it away' so that the SUID is still forced on. 1327 */ 1328 if ( (dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 1329 (dp->i_mode & ISUID) && dp->i_uid) { 1330 dmode |= ISUID; 1331 ip->i_uid = dp->i_uid; 1332 } else { 1333 ip->i_uid = cnp->cn_cred->cr_uid; 1334 } 1335 } 1336#else 1337 ip->i_uid = cnp->cn_cred->cr_uid; 1338#endif 1339 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 1340 ip->i_mode = dmode; 1341 tvp->v_type = VDIR; /* Rest init'd in getnewvnode(). */ 1342 ip->i_nlink = 2; 1343 if (cnp->cn_flags & ISWHITEOUT) 1344 ip->i_flags |= UF_OPAQUE; 1345 error = ext2_update(tvp, 1); 1346 1347 /* 1348 * Bump link count in parent directory 1349 * to reflect work done below. Should 1350 * be done before reference is created 1351 * so reparation is possible if we crash. 1352 */ 1353 dp->i_nlink++; 1354 dp->i_flag |= IN_CHANGE; 1355 error = ext2_update(dvp, 1); 1356 if (error) 1357 goto bad; 1358 1359 /* Initialize directory with "." and ".." from static template. */ 1360 if (EXT2_HAS_INCOMPAT_FEATURE(ip->i_e2fs->s_es, 1361 EXT2_FEATURE_INCOMPAT_FILETYPE)) 1362 dtp = &mastertemplate; 1363 else 1364 dtp = &omastertemplate; 1365 dirtemplate = *dtp; 1366 dirtemplate.dot_ino = ip->i_number; 1367 dirtemplate.dotdot_ino = dp->i_number; 1368 /* note that in ext2 DIRBLKSIZ == blocksize, not DEV_BSIZE 1369 * so let's just redefine it - for this function only 1370 */ 1371#undef DIRBLKSIZ 1372#define DIRBLKSIZ VTOI(dvp)->i_e2fs->s_blocksize 1373 dirtemplate.dotdot_reclen = DIRBLKSIZ - 12; 1374 error = vn_rdwr(UIO_WRITE, tvp, (caddr_t)&dirtemplate, 1375 sizeof (dirtemplate), (off_t)0, UIO_SYSSPACE, 1376 IO_NODELOCKED|IO_SYNC, cnp->cn_cred, (int *)0, (struct thread *)0); 1377 if (error) { 1378 dp->i_nlink--; 1379 dp->i_flag |= IN_CHANGE; 1380 goto bad; 1381 } 1382 if (DIRBLKSIZ > VFSTOEXT2(dvp->v_mount)->um_mountp->mnt_stat.f_bsize) 1383 /* XXX should grow with balloc() */ 1384 panic("ext2_mkdir: blksize"); 1385 else { 1386 ip->i_size = DIRBLKSIZ; 1387 ip->i_flag |= IN_CHANGE; 1388 } 1389 1390 /* Directory set up, now install its entry in the parent directory. */ 1391 error = ext2_direnter(ip, dvp, cnp); 1392 if (error) { 1393 dp->i_nlink--; 1394 dp->i_flag |= IN_CHANGE; 1395 } 1396bad: 1397 /* 1398 * No need to do an explicit VOP_TRUNCATE here, vrele will do this 1399 * for us because we set the link count to 0. 1400 */ 1401 if (error) { 1402 ip->i_nlink = 0; 1403 ip->i_flag |= IN_CHANGE; 1404 vput(tvp); 1405 } else 1406 *ap->a_vpp = tvp; 1407out: 1408 return (error); 1409#undef DIRBLKSIZ 1410#define DIRBLKSIZ DEV_BSIZE 1411} 1412 1413/* 1414 * Rmdir system call. 1415 */ 1416static int 1417ext2_rmdir(ap) 1418 struct vop_rmdir_args /* { 1419 struct vnode *a_dvp; 1420 struct vnode *a_vp; 1421 struct componentname *a_cnp; 1422 } */ *ap; 1423{ 1424 struct vnode *vp = ap->a_vp; 1425 struct vnode *dvp = ap->a_dvp; 1426 struct componentname *cnp = ap->a_cnp; 1427 struct thread *td = cnp->cn_thread; 1428 struct inode *ip, *dp; 1429 int error; 1430 1431 ip = VTOI(vp); 1432 dp = VTOI(dvp); 1433 1434 /* 1435 * Verify the directory is empty (and valid). 1436 * (Rmdir ".." won't be valid since 1437 * ".." will contain a reference to 1438 * the current directory and thus be 1439 * non-empty.) 1440 */ 1441 error = 0; 1442 if (ip->i_nlink != 2 || !ext2_dirempty(ip, dp->i_number, cnp->cn_cred)) { 1443 error = ENOTEMPTY; 1444 goto out; 1445 } 1446 if ((dp->i_flags & APPEND) 1447 || (ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))) { 1448 error = EPERM; 1449 goto out; 1450 } 1451 /* 1452 * Delete reference to directory before purging 1453 * inode. If we crash in between, the directory 1454 * will be reattached to lost+found, 1455 */ 1456 error = ext2_dirremove(dvp, cnp); 1457 if (error) 1458 goto out; 1459 dp->i_nlink--; 1460 dp->i_flag |= IN_CHANGE; 1461 cache_purge(dvp); 1462 VOP_UNLOCK(dvp, 0, td); 1463 /* 1464 * Truncate inode. The only stuff left 1465 * in the directory is "." and "..". The 1466 * "." reference is inconsequential since 1467 * we're quashing it. The ".." reference 1468 * has already been adjusted above. We've 1469 * removed the "." reference and the reference 1470 * in the parent directory, but there may be 1471 * other hard links so decrement by 2 and 1472 * worry about them later. 1473 */ 1474 ip->i_nlink -= 2; 1475 error = ext2_truncate(vp, (off_t)0, IO_SYNC, cnp->cn_cred, td); 1476 cache_purge(ITOV(ip)); 1477 vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY, td); 1478out: 1479 return (error); 1480} 1481 1482/* 1483 * symlink -- make a symbolic link 1484 */ 1485static int 1486ext2_symlink(ap) 1487 struct vop_symlink_args /* { 1488 struct vnode *a_dvp; 1489 struct vnode **a_vpp; 1490 struct componentname *a_cnp; 1491 struct vattr *a_vap; 1492 char *a_target; 1493 } */ *ap; 1494{ 1495 struct vnode *vp, **vpp = ap->a_vpp; 1496 struct inode *ip; 1497 int len, error; 1498 1499 error = ext2_makeinode(IFLNK | ap->a_vap->va_mode, ap->a_dvp, 1500 vpp, ap->a_cnp); 1501 if (error) 1502 return (error); 1503 vp = *vpp; 1504 len = strlen(ap->a_target); 1505 if (len < vp->v_mount->mnt_maxsymlinklen) { 1506 ip = VTOI(vp); 1507 bcopy(ap->a_target, (char *)ip->i_shortlink, len); 1508 ip->i_size = len; 1509 ip->i_flag |= IN_CHANGE | IN_UPDATE; 1510 } else 1511 error = vn_rdwr(UIO_WRITE, vp, ap->a_target, len, (off_t)0, 1512 UIO_SYSSPACE, IO_NODELOCKED, ap->a_cnp->cn_cred, (int *)0, 1513 (struct thread *)0); 1514 if (error) 1515 vput(vp); 1516 return (error); 1517} 1518 1519/* 1520 * Return target name of a symbolic link 1521 */ 1522static int 1523ext2_readlink(ap) 1524 struct vop_readlink_args /* { 1525 struct vnode *a_vp; 1526 struct uio *a_uio; 1527 struct ucred *a_cred; 1528 } */ *ap; 1529{ 1530 struct vnode *vp = ap->a_vp; 1531 struct inode *ip = VTOI(vp); 1532 int isize; 1533 1534 isize = ip->i_size; 1535 if (isize < vp->v_mount->mnt_maxsymlinklen) { 1536 uiomove((char *)ip->i_shortlink, isize, ap->a_uio); 1537 return (0); 1538 } 1539 return (VOP_READ(vp, ap->a_uio, 0, ap->a_cred)); 1540} 1541 1542/* 1543 * Calculate the logical to physical mapping if not done already, 1544 * then call the device strategy routine. 1545 * 1546 * In order to be able to swap to a file, the ext2_bmaparray() operation may not 1547 * deadlock on memory. See ext2_bmap() for details. 1548 */ 1549int 1550ext2_strategy(ap) 1551 struct vop_strategy_args /* { 1552 struct vnode *a_vp; 1553 struct buf *a_bp; 1554 } */ *ap; 1555{ 1556 struct buf *bp = ap->a_bp; 1557 struct vnode *vp = ap->a_vp; 1558 struct inode *ip;
| 47 */ 48 49#include "opt_suiddir.h" 50 51#include <sys/param.h> 52#include <sys/systm.h> 53#include <sys/resourcevar.h> 54#include <sys/kernel.h> 55#include <sys/fcntl.h> 56#include <sys/stat.h> 57#include <sys/bio.h> 58#include <sys/buf.h> 59#include <sys/proc.h> 60#include <sys/mount.h> 61#include <sys/unistd.h> 62#include <sys/time.h> 63#include <sys/vnode.h> 64#include <sys/namei.h> 65#include <sys/lockf.h> 66#include <sys/event.h> 67#include <sys/conf.h> 68#include <sys/file.h> 69 70#include <vm/vm.h> 71#include <vm/vm_extern.h> 72#include <vm/vnode_pager.h> 73 74#include <fs/fifofs/fifo.h> 75 76#include <sys/signalvar.h> 77#include <ufs/ufs/dir.h> 78 79#include <gnu/ext2fs/inode.h> 80#include <gnu/ext2fs/ext2_mount.h> 81#include <gnu/ext2fs/ext2_fs_sb.h> 82#include <gnu/ext2fs/fs.h> 83#include <gnu/ext2fs/ext2_extern.h> 84#include <gnu/ext2fs/ext2_fs.h> 85 86static int ext2_makeinode(int mode, struct vnode *, struct vnode **, struct componentname *); 87 88static int ext2_access(struct vop_access_args *); 89static int ext2_advlock(struct vop_advlock_args *); 90static int ext2_chmod(struct vnode *, int, struct ucred *, struct thread *); 91static int ext2_chown(struct vnode *, uid_t, gid_t, struct ucred *, 92 struct thread *); 93static int ext2_close(struct vop_close_args *); 94static int ext2_create(struct vop_create_args *); 95static int ext2_fsync(struct vop_fsync_args *); 96static int ext2_getattr(struct vop_getattr_args *); 97static int ext2_kqfilter(struct vop_kqfilter_args *ap); 98static int ext2_link(struct vop_link_args *); 99static int ext2_mkdir(struct vop_mkdir_args *); 100static int ext2_mknod(struct vop_mknod_args *); 101static int ext2_open(struct vop_open_args *); 102static int ext2_pathconf(struct vop_pathconf_args *); 103static int ext2_print(struct vop_print_args *); 104static int ext2_read(struct vop_read_args *); 105static int ext2_readlink(struct vop_readlink_args *); 106static int ext2_remove(struct vop_remove_args *); 107static int ext2_rename(struct vop_rename_args *); 108static int ext2_rmdir(struct vop_rmdir_args *); 109static int ext2_setattr(struct vop_setattr_args *); 110static int ext2_strategy(struct vop_strategy_args *); 111static int ext2_symlink(struct vop_symlink_args *); 112static int ext2_write(struct vop_write_args *); 113static int ext2fifo_close(struct vop_close_args *); 114static int ext2fifo_kqfilter(struct vop_kqfilter_args *); 115static int ext2fifo_read(struct vop_read_args *); 116static int ext2fifo_write(struct vop_write_args *); 117static int ext2spec_close(struct vop_close_args *); 118static int ext2spec_read(struct vop_read_args *); 119static int ext2spec_write(struct vop_write_args *); 120static int filt_ext2read(struct knote *kn, long hint); 121static int filt_ext2write(struct knote *kn, long hint); 122static int filt_ext2vnode(struct knote *kn, long hint); 123static void filt_ext2detach(struct knote *kn); 124 125/* Global vfs data structures for ext2. */ 126vop_t **ext2_vnodeop_p; 127static struct vnodeopv_entry_desc ext2_vnodeop_entries[] = { 128 { &vop_default_desc, (vop_t *) vop_defaultop }, 129 { &vop_access_desc, (vop_t *) ext2_access }, 130 { &vop_advlock_desc, (vop_t *) ext2_advlock }, 131 { &vop_bmap_desc, (vop_t *) ext2_bmap }, 132 { &vop_cachedlookup_desc, (vop_t *) ext2_lookup }, 133 { &vop_close_desc, (vop_t *) ext2_close }, 134 { &vop_create_desc, (vop_t *) ext2_create }, 135 { &vop_fsync_desc, (vop_t *) ext2_fsync }, 136 { &vop_getattr_desc, (vop_t *) ext2_getattr }, 137 { &vop_getwritemount_desc, (vop_t *) vop_stdgetwritemount }, 138 { &vop_inactive_desc, (vop_t *) ext2_inactive }, 139 { &vop_islocked_desc, (vop_t *) vop_stdislocked }, 140 { &vop_link_desc, (vop_t *) ext2_link }, 141 { &vop_lock_desc, (vop_t *) vop_stdlock }, 142 { &vop_lookup_desc, (vop_t *) vfs_cache_lookup }, 143 { &vop_mkdir_desc, (vop_t *) ext2_mkdir }, 144 { &vop_mknod_desc, (vop_t *) ext2_mknod }, 145 { &vop_open_desc, (vop_t *) ext2_open }, 146 { &vop_pathconf_desc, (vop_t *) ext2_pathconf }, 147 { &vop_poll_desc, (vop_t *) vop_stdpoll }, 148 { &vop_kqfilter_desc, (vop_t *) ext2_kqfilter }, 149 { &vop_print_desc, (vop_t *) ext2_print }, 150 { &vop_read_desc, (vop_t *) ext2_read }, 151 { &vop_readdir_desc, (vop_t *) ext2_readdir }, 152 { &vop_readlink_desc, (vop_t *) ext2_readlink }, 153 { &vop_reallocblks_desc, (vop_t *) ext2_reallocblks }, 154 { &vop_reclaim_desc, (vop_t *) ext2_reclaim }, 155 { &vop_remove_desc, (vop_t *) ext2_remove }, 156 { &vop_rename_desc, (vop_t *) ext2_rename }, 157 { &vop_rmdir_desc, (vop_t *) ext2_rmdir }, 158 { &vop_setattr_desc, (vop_t *) ext2_setattr }, 159 { &vop_strategy_desc, (vop_t *) ext2_strategy }, 160 { &vop_symlink_desc, (vop_t *) ext2_symlink }, 161 { &vop_unlock_desc, (vop_t *) vop_stdunlock }, 162 { &vop_write_desc, (vop_t *) ext2_write }, 163 { NULL, NULL } 164}; 165static struct vnodeopv_desc ext2fs_vnodeop_opv_desc = 166 { &ext2_vnodeop_p, ext2_vnodeop_entries }; 167 168vop_t **ext2_specop_p; 169static struct vnodeopv_entry_desc ext2_specop_entries[] = { 170 { &vop_default_desc, (vop_t *) spec_vnoperate }, 171 { &vop_access_desc, (vop_t *) ext2_access }, 172 { &vop_close_desc, (vop_t *) ext2spec_close }, 173 { &vop_fsync_desc, (vop_t *) ext2_fsync }, 174 { &vop_getattr_desc, (vop_t *) ext2_getattr }, 175 { &vop_inactive_desc, (vop_t *) ext2_inactive }, 176 { &vop_islocked_desc, (vop_t *) vop_stdislocked }, 177 { &vop_lock_desc, (vop_t *) vop_stdlock }, 178 { &vop_print_desc, (vop_t *) ext2_print }, 179 { &vop_read_desc, (vop_t *) ext2spec_read }, 180 { &vop_reclaim_desc, (vop_t *) ext2_reclaim }, 181 { &vop_setattr_desc, (vop_t *) ext2_setattr }, 182 { &vop_unlock_desc, (vop_t *) vop_stdunlock }, 183 { &vop_write_desc, (vop_t *) ext2spec_write }, 184 { NULL, NULL } 185}; 186static struct vnodeopv_desc ext2fs_specop_opv_desc = 187 { &ext2_specop_p, ext2_specop_entries }; 188 189vop_t **ext2_fifoop_p; 190static struct vnodeopv_entry_desc ext2_fifoop_entries[] = { 191 { &vop_default_desc, (vop_t *) fifo_vnoperate }, 192 { &vop_access_desc, (vop_t *) ext2_access }, 193 { &vop_close_desc, (vop_t *) ext2fifo_close }, 194 { &vop_fsync_desc, (vop_t *) ext2_fsync }, 195 { &vop_getattr_desc, (vop_t *) ext2_getattr }, 196 { &vop_inactive_desc, (vop_t *) ext2_inactive }, 197 { &vop_islocked_desc, (vop_t *) vop_stdislocked }, 198 { &vop_kqfilter_desc, (vop_t *) ext2fifo_kqfilter }, 199 { &vop_lock_desc, (vop_t *) vop_stdlock }, 200 { &vop_print_desc, (vop_t *) ext2_print }, 201 { &vop_read_desc, (vop_t *) ext2fifo_read }, 202 { &vop_reclaim_desc, (vop_t *) ext2_reclaim }, 203 { &vop_setattr_desc, (vop_t *) ext2_setattr }, 204 { &vop_unlock_desc, (vop_t *) vop_stdunlock }, 205 { &vop_write_desc, (vop_t *) ext2fifo_write }, 206 { NULL, NULL } 207}; 208static struct vnodeopv_desc ext2fs_fifoop_opv_desc = 209 { &ext2_fifoop_p, ext2_fifoop_entries }; 210 211 VNODEOP_SET(ext2fs_vnodeop_opv_desc); 212 VNODEOP_SET(ext2fs_specop_opv_desc); 213 VNODEOP_SET(ext2fs_fifoop_opv_desc); 214 215#include <gnu/ext2fs/ext2_readwrite.c> 216 217union _qcvt { 218 int64_t qcvt; 219 int32_t val[2]; 220}; 221#define SETHIGH(q, h) { \ 222 union _qcvt tmp; \ 223 tmp.qcvt = (q); \ 224 tmp.val[_QUAD_HIGHWORD] = (h); \ 225 (q) = tmp.qcvt; \ 226} 227#define SETLOW(q, l) { \ 228 union _qcvt tmp; \ 229 tmp.qcvt = (q); \ 230 tmp.val[_QUAD_LOWWORD] = (l); \ 231 (q) = tmp.qcvt; \ 232} 233 234/* 235 * A virgin directory (no blushing please). 236 * Note that the type and namlen fields are reversed relative to ext2. 237 * Also, we don't use `struct odirtemplate', since it would just cause 238 * endianness problems. 239 */ 240static struct dirtemplate mastertemplate = { 241 0, 12, 1, EXT2_FT_DIR, ".", 242 0, DIRBLKSIZ - 12, 2, EXT2_FT_DIR, ".." 243}; 244static struct dirtemplate omastertemplate = { 245 0, 12, 1, EXT2_FT_UNKNOWN, ".", 246 0, DIRBLKSIZ - 12, 2, EXT2_FT_UNKNOWN, ".." 247}; 248 249void 250ext2_itimes(vp) 251 struct vnode *vp; 252{ 253 struct inode *ip; 254 struct timespec ts; 255 256 ip = VTOI(vp); 257 if ((ip->i_flag & (IN_ACCESS | IN_CHANGE | IN_UPDATE)) == 0) 258 return; 259 if ((vp->v_type == VBLK || vp->v_type == VCHR)) 260 ip->i_flag |= IN_LAZYMOD; 261 else 262 ip->i_flag |= IN_MODIFIED; 263 if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) { 264 vfs_timestamp(&ts); 265 if (ip->i_flag & IN_ACCESS) { 266 ip->i_atime = ts.tv_sec; 267 ip->i_atimensec = ts.tv_nsec; 268 } 269 if (ip->i_flag & IN_UPDATE) { 270 ip->i_mtime = ts.tv_sec; 271 ip->i_mtimensec = ts.tv_nsec; 272 ip->i_modrev++; 273 } 274 if (ip->i_flag & IN_CHANGE) { 275 ip->i_ctime = ts.tv_sec; 276 ip->i_ctimensec = ts.tv_nsec; 277 } 278 } 279 ip->i_flag &= ~(IN_ACCESS | IN_CHANGE | IN_UPDATE); 280} 281 282/* 283 * Create a regular file 284 */ 285static int 286ext2_create(ap) 287 struct vop_create_args /* { 288 struct vnode *a_dvp; 289 struct vnode **a_vpp; 290 struct componentname *a_cnp; 291 struct vattr *a_vap; 292 } */ *ap; 293{ 294 int error; 295 296 error = 297 ext2_makeinode(MAKEIMODE(ap->a_vap->va_type, ap->a_vap->va_mode), 298 ap->a_dvp, ap->a_vpp, ap->a_cnp); 299 if (error) 300 return (error); 301 return (0); 302} 303 304/* 305 * Open called. 306 * 307 * Nothing to do. 308 */ 309int 310ext2_open(ap) 311 struct vop_open_args /* { 312 struct vnode *a_vp; 313 int a_mode; 314 struct ucred *a_cred; 315 struct thread *a_td; 316 } */ *ap; 317{ 318 319 /* 320 * Files marked append-only must be opened for appending. 321 */ 322 if ((VTOI(ap->a_vp)->i_flags & APPEND) && 323 (ap->a_mode & (FWRITE | O_APPEND)) == FWRITE) 324 return (EPERM); 325 return (0); 326} 327 328/* 329 * Close called. 330 * 331 * Update the times on the inode. 332 */ 333static int 334ext2_close(ap) 335 struct vop_close_args /* { 336 struct vnode *a_vp; 337 int a_fflag; 338 struct ucred *a_cred; 339 struct thread *a_td; 340 } */ *ap; 341{ 342 struct vnode *vp = ap->a_vp; 343 struct mount *mp; 344 345 mtx_lock(&vp->v_interlock); 346 if (vp->v_usecount > 1) { 347 ext2_itimes(vp); 348 mtx_unlock(&vp->v_interlock); 349 } else { 350 mtx_unlock(&vp->v_interlock); 351 /* 352 * If we are closing the last reference to an unlinked 353 * file, then it will be freed by the inactive routine. 354 * Because the freeing causes a the filesystem to be 355 * modified, it must be held up during periods when the 356 * filesystem is suspended. 357 * 358 * XXX - EAGAIN is returned to prevent vn_close from 359 * repeating the vrele operation. 360 */ 361 if (vp->v_type == VREG && VTOI(vp)->i_nlink == 0) { 362 (void) vn_start_write(vp, &mp, V_WAIT); 363 vrele(vp); 364 vn_finished_write(mp); 365 return (EAGAIN); 366 } 367 } 368 return (0); 369} 370 371static int 372ext2_access(ap) 373 struct vop_access_args /* { 374 struct vnode *a_vp; 375 int a_mode; 376 struct ucred *a_cred; 377 struct thread *a_td; 378 } */ *ap; 379{ 380 struct vnode *vp = ap->a_vp; 381 struct inode *ip = VTOI(vp); 382 mode_t mode = ap->a_mode; 383 int error; 384 385 /* 386 * Disallow write attempts on read-only file systems; 387 * unless the file is a socket, fifo, or a block or 388 * character device resident on the file system. 389 */ 390 if (mode & VWRITE) { 391 switch (vp->v_type) { 392 case VDIR: 393 case VLNK: 394 case VREG: 395 if (vp->v_mount->mnt_flag & MNT_RDONLY) 396 return (EROFS); 397 break; 398 default: 399 break; 400 } 401 } 402 403 /* If immutable bit set, nobody gets to write it. */ 404 if ((mode & VWRITE) && (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT))) 405 return (EPERM); 406 407 error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, ip->i_gid, 408 ap->a_mode, ap->a_cred, NULL); 409 return (error); 410} 411 412static int 413ext2_getattr(ap) 414 struct vop_getattr_args /* { 415 struct vnode *a_vp; 416 struct vattr *a_vap; 417 struct ucred *a_cred; 418 struct thread *a_td; 419 } */ *ap; 420{ 421 struct vnode *vp = ap->a_vp; 422 struct inode *ip = VTOI(vp); 423 struct vattr *vap = ap->a_vap; 424 425 ext2_itimes(vp); 426 /* 427 * Copy from inode table 428 */ 429 vap->va_fsid = dev2udev(ip->i_dev); 430 vap->va_fileid = ip->i_number; 431 vap->va_mode = ip->i_mode & ~IFMT; 432 vap->va_nlink = ip->i_nlink; 433 vap->va_uid = ip->i_uid; 434 vap->va_gid = ip->i_gid; 435 vap->va_rdev = ip->i_rdev; 436 vap->va_size = ip->i_size; 437 vap->va_atime.tv_sec = ip->i_atime; 438 vap->va_atime.tv_nsec = ip->i_atimensec; 439 vap->va_mtime.tv_sec = ip->i_mtime; 440 vap->va_mtime.tv_nsec = ip->i_mtimensec; 441 vap->va_ctime.tv_sec = ip->i_ctime; 442 vap->va_ctime.tv_nsec = ip->i_ctimensec; 443 vap->va_flags = ip->i_flags; 444 vap->va_gen = ip->i_gen; 445 vap->va_blocksize = vp->v_mount->mnt_stat.f_iosize; 446 vap->va_bytes = dbtob((u_quad_t)ip->i_blocks); 447 vap->va_type = IFTOVT(ip->i_mode); 448 vap->va_filerev = ip->i_modrev; 449 return (0); 450} 451 452/* 453 * Set attribute vnode op. called from several syscalls 454 */ 455int 456ext2_setattr(ap) 457 struct vop_setattr_args /* { 458 struct vnode *a_vp; 459 struct vattr *a_vap; 460 struct ucred *a_cred; 461 struct thread *a_td; 462 } */ *ap; 463{ 464 struct vattr *vap = ap->a_vap; 465 struct vnode *vp = ap->a_vp; 466 struct inode *ip = VTOI(vp); 467 struct ucred *cred = ap->a_cred; 468 struct thread *td = ap->a_td; 469 int error; 470 471 /* 472 * Check for unsettable attributes. 473 */ 474 if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) || 475 (vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) || 476 (vap->va_blocksize != VNOVAL) || (vap->va_rdev != VNOVAL) || 477 ((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) { 478 return (EINVAL); 479 } 480 if (vap->va_flags != VNOVAL) { 481 if (vp->v_mount->mnt_flag & MNT_RDONLY) 482 return (EROFS); 483 /* 484 * Callers may only modify the file flags on objects they 485 * have VADMIN rights for. 486 */ 487 if ((error = VOP_ACCESS(vp, VADMIN, cred, td))) 488 return (error); 489 /* 490 * Unprivileged processes and privileged processes in 491 * jail() are not permitted to unset system flags, or 492 * modify flags if any system flags are set. 493 * Privileged non-jail processes may not modify system flags 494 * if securelevel > 0 and any existing system flags are set. 495 */ 496 if (!suser_cred(cred, PRISON_ROOT)) { 497 if (ip->i_flags 498 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) { 499 error = securelevel_gt(cred, 0); 500 if (error) 501 return (error); 502 } 503 ip->i_flags = vap->va_flags; 504 } else { 505 if (ip->i_flags 506 & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) || 507 (vap->va_flags & UF_SETTABLE) != vap->va_flags) 508 return (EPERM); 509 ip->i_flags &= SF_SETTABLE; 510 ip->i_flags |= (vap->va_flags & UF_SETTABLE); 511 } 512 ip->i_flag |= IN_CHANGE; 513 if (vap->va_flags & (IMMUTABLE | APPEND)) 514 return (0); 515 } 516 if (ip->i_flags & (IMMUTABLE | APPEND)) 517 return (EPERM); 518 /* 519 * Go through the fields and update iff not VNOVAL. 520 */ 521 if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) { 522 if (vp->v_mount->mnt_flag & MNT_RDONLY) 523 return (EROFS); 524 if ((error = ext2_chown(vp, vap->va_uid, vap->va_gid, cred, 525 td)) != 0) 526 return (error); 527 } 528 if (vap->va_size != VNOVAL) { 529 /* 530 * Disallow write attempts on read-only file systems; 531 * unless the file is a socket, fifo, or a block or 532 * character device resident on the file system. 533 */ 534 switch (vp->v_type) { 535 case VDIR: 536 return (EISDIR); 537 case VLNK: 538 case VREG: 539 if (vp->v_mount->mnt_flag & MNT_RDONLY) 540 return (EROFS); 541 break; 542 default: 543 break; 544 } 545 if ((error = ext2_truncate(vp, vap->va_size, 0, cred, td)) != 0) 546 return (error); 547 } 548 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 549 if (vp->v_mount->mnt_flag & MNT_RDONLY) 550 return (EROFS); 551 /* 552 * From utimes(2): 553 * If times is NULL, ... The caller must be the owner of 554 * the file, have permission to write the file, or be the 555 * super-user. 556 * If times is non-NULL, ... The caller must be the owner of 557 * the file or be the super-user. 558 */ 559 if ((error = VOP_ACCESS(vp, VADMIN, cred, td)) && 560 ((vap->va_vaflags & VA_UTIMES_NULL) == 0 || 561 (error = VOP_ACCESS(vp, VWRITE, cred, td)))) 562 return (error); 563 if (vap->va_atime.tv_sec != VNOVAL) 564 ip->i_flag |= IN_ACCESS; 565 if (vap->va_mtime.tv_sec != VNOVAL) 566 ip->i_flag |= IN_CHANGE | IN_UPDATE; 567 ext2_itimes(vp); 568 if (vap->va_atime.tv_sec != VNOVAL) { 569 ip->i_atime = vap->va_atime.tv_sec; 570 ip->i_atimensec = vap->va_atime.tv_nsec; 571 } 572 if (vap->va_mtime.tv_sec != VNOVAL) { 573 ip->i_mtime = vap->va_mtime.tv_sec; 574 ip->i_mtimensec = vap->va_mtime.tv_nsec; 575 } 576 error = ext2_update(vp, 0); 577 if (error) 578 return (error); 579 } 580 error = 0; 581 if (vap->va_mode != (mode_t)VNOVAL) { 582 if (vp->v_mount->mnt_flag & MNT_RDONLY) 583 return (EROFS); 584 error = ext2_chmod(vp, (int)vap->va_mode, cred, td); 585 } 586 VN_KNOTE(vp, NOTE_ATTRIB); 587 return (error); 588} 589 590/* 591 * Change the mode on a file. 592 * Inode must be locked before calling. 593 */ 594static int 595ext2_chmod(vp, mode, cred, td) 596 struct vnode *vp; 597 int mode; 598 struct ucred *cred; 599 struct thread *td; 600{ 601 struct inode *ip = VTOI(vp); 602 int error; 603 604 /* 605 * To modify the permissions on a file, must possess VADMIN 606 * for that file. 607 */ 608 if ((error = VOP_ACCESS(vp, VADMIN, cred, td))) 609 return (error); 610 /* 611 * Privileged processes may set the sticky bit on non-directories, 612 * as well as set the setgid bit on a file with a group that the 613 * process is not a member of. 614 */ 615 if (suser_cred(cred, PRISON_ROOT)) { 616 if (vp->v_type != VDIR && (mode & S_ISTXT)) 617 return (EFTYPE); 618 if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) 619 return (EPERM); 620 } 621 ip->i_mode &= ~ALLPERMS; 622 ip->i_mode |= (mode & ALLPERMS); 623 ip->i_flag |= IN_CHANGE; 624 return (0); 625} 626 627/* 628 * Perform chown operation on inode ip; 629 * inode must be locked prior to call. 630 */ 631static int 632ext2_chown(vp, uid, gid, cred, td) 633 struct vnode *vp; 634 uid_t uid; 635 gid_t gid; 636 struct ucred *cred; 637 struct thread *td; 638{ 639 struct inode *ip = VTOI(vp); 640 uid_t ouid; 641 gid_t ogid; 642 int error = 0; 643 644 if (uid == (uid_t)VNOVAL) 645 uid = ip->i_uid; 646 if (gid == (gid_t)VNOVAL) 647 gid = ip->i_gid; 648 /* 649 * To modify the ownership of a file, must possess VADMIN 650 * for that file. 651 */ 652 if ((error = VOP_ACCESS(vp, VADMIN, cred, td))) 653 return (error); 654 /* 655 * To change the owner of a file, or change the group of a file 656 * to a group of which we are not a member, the caller must 657 * have privilege. 658 */ 659 if ((uid != ip->i_uid || 660 (gid != ip->i_gid && !groupmember(gid, cred))) && 661 (error = suser_cred(cred, PRISON_ROOT))) 662 return (error); 663 ogid = ip->i_gid; 664 ouid = ip->i_uid; 665 ip->i_gid = gid; 666 ip->i_uid = uid; 667 ip->i_flag |= IN_CHANGE; 668 if (suser_cred(cred, PRISON_ROOT) && (ouid != uid || ogid != gid)) 669 ip->i_mode &= ~(ISUID | ISGID); 670 return (0); 671} 672 673/* 674 * Synch an open file. 675 */ 676/* ARGSUSED */ 677static int 678ext2_fsync(ap) 679 struct vop_fsync_args /* { 680 struct vnode *a_vp; 681 struct ucred *a_cred; 682 int a_waitfor; 683 struct thread *a_td; 684 } */ *ap; 685{ 686 struct vnode *vp = ap->a_vp; 687 struct buf *bp; 688 struct buf *nbp; 689 int s; 690 691 /* 692 * XXX why is all this fs specific? 693 */ 694 695 /* 696 * Flush all dirty buffers associated with a vnode. 697 */ 698 ext2_discard_prealloc(VTOI(vp)); 699 700loop: 701 s = splbio(); 702 for (bp = TAILQ_FIRST(&vp->v_dirtyblkhd); bp; bp = nbp) { 703 nbp = TAILQ_NEXT(bp, b_vnbufs); 704 if (BUF_LOCK(bp, LK_EXCLUSIVE | LK_NOWAIT)) 705 continue; 706 if ((bp->b_flags & B_DELWRI) == 0) 707 panic("ext2_fsync: not dirty"); 708 bremfree(bp); 709 splx(s); 710 /* 711 * Wait for I/O associated with indirect blocks to complete, 712 * since there is no way to quickly wait for them below. 713 */ 714 if (bp->b_vp == vp || ap->a_waitfor == MNT_NOWAIT) 715 (void) bawrite(bp); 716 else 717 (void) bwrite(bp); 718 goto loop; 719 } 720 if (ap->a_waitfor == MNT_WAIT) { 721 while (vp->v_numoutput) { 722 vp->v_flag |= VBWAIT; 723 tsleep(&vp->v_numoutput, PRIBIO + 1, "e2fsyn", 0); 724 } 725#if DIAGNOSTIC 726 if (!TAILQ_EMPTY(&vp->v_dirtyblkhd)) { 727 vprint("ext2_fsync: dirty", vp); 728 goto loop; 729 } 730#endif 731 } 732 splx(s); 733 return (ext2_update(ap->a_vp, ap->a_waitfor == MNT_WAIT)); 734} 735 736/* 737 * Mknod vnode call 738 */ 739/* ARGSUSED */ 740static int 741ext2_mknod(ap) 742 struct vop_mknod_args /* { 743 struct vnode *a_dvp; 744 struct vnode **a_vpp; 745 struct componentname *a_cnp; 746 struct vattr *a_vap; 747 } */ *ap; 748{ 749 struct vattr *vap = ap->a_vap; 750 struct vnode **vpp = ap->a_vpp; 751 struct inode *ip; 752 ino_t ino; 753 int error; 754 755 error = ext2_makeinode(MAKEIMODE(vap->va_type, vap->va_mode), 756 ap->a_dvp, vpp, ap->a_cnp); 757 if (error) 758 return (error); 759 ip = VTOI(*vpp); 760 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 761 if (vap->va_rdev != VNOVAL) { 762 /* 763 * Want to be able to use this to make badblock 764 * inodes, so don't truncate the dev number. 765 */ 766 ip->i_rdev = vap->va_rdev; 767 } 768 /* 769 * Remove inode, then reload it through VFS_VGET so it is 770 * checked to see if it is an alias of an existing entry in 771 * the inode cache. 772 */ 773 vput(*vpp); 774 (*vpp)->v_type = VNON; 775 ino = ip->i_number; /* Save this before vgone() invalidates ip. */ 776 vgone(*vpp); 777 error = VFS_VGET(ap->a_dvp->v_mount, ino, LK_EXCLUSIVE, vpp); 778 if (error) { 779 *vpp = NULL; 780 return (error); 781 } 782 return (0); 783} 784 785static int 786ext2_remove(ap) 787 struct vop_remove_args /* { 788 struct vnode *a_dvp; 789 struct vnode *a_vp; 790 struct componentname *a_cnp; 791 } */ *ap; 792{ 793 struct inode *ip; 794 struct vnode *vp = ap->a_vp; 795 struct vnode *dvp = ap->a_dvp; 796 int error; 797 798 ip = VTOI(vp); 799 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 800 (VTOI(dvp)->i_flags & APPEND)) { 801 error = EPERM; 802 goto out; 803 } 804 error = ext2_dirremove(dvp, ap->a_cnp); 805 if (error == 0) { 806 ip->i_nlink--; 807 ip->i_flag |= IN_CHANGE; 808 } 809out: 810 return (error); 811} 812 813/* 814 * link vnode call 815 */ 816static int 817ext2_link(ap) 818 struct vop_link_args /* { 819 struct vnode *a_tdvp; 820 struct vnode *a_vp; 821 struct componentname *a_cnp; 822 } */ *ap; 823{ 824 struct vnode *vp = ap->a_vp; 825 struct vnode *tdvp = ap->a_tdvp; 826 struct componentname *cnp = ap->a_cnp; 827 struct thread *td = cnp->cn_thread; 828 struct inode *ip; 829 int error; 830 831#ifdef DIAGNOSTIC 832 if ((cnp->cn_flags & HASBUF) == 0) 833 panic("ext2_link: no name"); 834#endif 835 if (tdvp->v_mount != vp->v_mount) { 836 error = EXDEV; 837 goto out2; 838 } 839 if (tdvp != vp && (error = vn_lock(vp, LK_EXCLUSIVE, td))) { 840 goto out2; 841 } 842 ip = VTOI(vp); 843 if ((nlink_t)ip->i_nlink >= LINK_MAX) { 844 error = EMLINK; 845 goto out1; 846 } 847 if (ip->i_flags & (IMMUTABLE | APPEND)) { 848 error = EPERM; 849 goto out1; 850 } 851 ip->i_nlink++; 852 ip->i_flag |= IN_CHANGE; 853 error = ext2_update(vp, 1); 854 if (!error) 855 error = ext2_direnter(ip, tdvp, cnp); 856 if (error) { 857 ip->i_nlink--; 858 ip->i_flag |= IN_CHANGE; 859 } 860out1: 861 if (tdvp != vp) 862 VOP_UNLOCK(vp, 0, td); 863out2: 864 return (error); 865} 866 867/* 868 * Rename system call. 869 * See comments in sys/ufs/ufs/ufs_vnops.c 870 */ 871static int 872ext2_rename(ap) 873 struct vop_rename_args /* { 874 struct vnode *a_fdvp; 875 struct vnode *a_fvp; 876 struct componentname *a_fcnp; 877 struct vnode *a_tdvp; 878 struct vnode *a_tvp; 879 struct componentname *a_tcnp; 880 } */ *ap; 881{ 882 struct vnode *tvp = ap->a_tvp; 883 struct vnode *tdvp = ap->a_tdvp; 884 struct vnode *fvp = ap->a_fvp; 885 struct vnode *fdvp = ap->a_fdvp; 886 struct componentname *tcnp = ap->a_tcnp; 887 struct componentname *fcnp = ap->a_fcnp; 888 struct thread *td = fcnp->cn_thread; 889 struct inode *ip, *xp, *dp; 890 struct dirtemplate dirbuf; 891 int doingdirectory = 0, oldparent = 0, newparent = 0; 892 int error = 0; 893 u_char namlen; 894 895#ifdef DIAGNOSTIC 896 if ((tcnp->cn_flags & HASBUF) == 0 || 897 (fcnp->cn_flags & HASBUF) == 0) 898 panic("ext2_rename: no name"); 899#endif 900 /* 901 * Check for cross-device rename. 902 */ 903 if ((fvp->v_mount != tdvp->v_mount) || 904 (tvp && (fvp->v_mount != tvp->v_mount))) { 905 error = EXDEV; 906abortit: 907 if (tdvp == tvp) 908 vrele(tdvp); 909 else 910 vput(tdvp); 911 if (tvp) 912 vput(tvp); 913 vrele(fdvp); 914 vrele(fvp); 915 return (error); 916 } 917 918 if (tvp && ((VTOI(tvp)->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) || 919 (VTOI(tdvp)->i_flags & APPEND))) { 920 error = EPERM; 921 goto abortit; 922 } 923 924 /* 925 * Check if just deleting a link name or if we've lost a race. 926 * If another process completes the same rename after we've looked 927 * up the source and have blocked looking up the target, then the 928 * source and target inodes may be identical now although the 929 * names were never linked. 930 */ 931 if (fvp == tvp) { 932 if (fvp->v_type == VDIR) { 933 /* 934 * Linked directories are impossible, so we must 935 * have lost the race. Pretend that the rename 936 * completed before the lookup. 937 */ 938#ifdef UFS_RENAME_DEBUG 939 printf("ext2_rename: fvp == tvp for directories\n"); 940#endif 941 error = ENOENT; 942 goto abortit; 943 } 944 945 /* Release destination completely. */ 946 vput(tdvp); 947 vput(tvp); 948 949 /* 950 * Delete source. There is another race now that everything 951 * is unlocked, but this doesn't cause any new complications. 952 * Relookup() may find a file that is unrelated to the 953 * original one, or it may fail. Too bad. 954 */ 955 vrele(fdvp); 956 vrele(fvp); 957 fcnp->cn_flags &= ~MODMASK; 958 fcnp->cn_flags |= LOCKPARENT | LOCKLEAF; 959 fcnp->cn_nameiop = DELETE; 960 VREF(fdvp); 961 error = relookup(fdvp, &fvp, fcnp); 962 if (error == 0) 963 vrele(fdvp); 964 if (fvp == NULL) { 965#ifdef UFS_RENAME_DEBUG 966 printf("ext2_rename: from name disappeared\n"); 967#endif 968 return (ENOENT); 969 } 970 error = VOP_REMOVE(fdvp, fvp, fcnp); 971 if (fdvp == fvp) 972 vrele(fdvp); 973 else 974 vput(fdvp); 975 if (fvp != NULLVP) 976 vput(fvp); 977 return (error); 978 } 979 if ((error = vn_lock(fvp, LK_EXCLUSIVE, td)) != 0) 980 goto abortit; 981 dp = VTOI(fdvp); 982 ip = VTOI(fvp); 983 if (ip->i_nlink >= LINK_MAX) { 984 VOP_UNLOCK(fvp, 0, td); 985 error = EMLINK; 986 goto abortit; 987 } 988 if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) 989 || (dp->i_flags & APPEND)) { 990 VOP_UNLOCK(fvp, 0, td); 991 error = EPERM; 992 goto abortit; 993 } 994 if ((ip->i_mode & IFMT) == IFDIR) { 995 /* 996 * Avoid ".", "..", and aliases of "." for obvious reasons. 997 */ 998 if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') || 999 dp == ip || (fcnp->cn_flags | tcnp->cn_flags) & ISDOTDOT || 1000 (ip->i_flag & IN_RENAME)) { 1001 VOP_UNLOCK(fvp, 0, td); 1002 error = EINVAL; 1003 goto abortit; 1004 } 1005 ip->i_flag |= IN_RENAME; 1006 oldparent = dp->i_number; 1007 doingdirectory++; 1008 } 1009 vrele(fdvp); 1010 1011 /* 1012 * When the target exists, both the directory 1013 * and target vnodes are returned locked. 1014 */ 1015 dp = VTOI(tdvp); 1016 xp = NULL; 1017 if (tvp) 1018 xp = VTOI(tvp); 1019 1020 /* 1021 * 1) Bump link count while we're moving stuff 1022 * around. If we crash somewhere before 1023 * completing our work, the link count 1024 * may be wrong, but correctable. 1025 */ 1026 ip->i_nlink++; 1027 ip->i_flag |= IN_CHANGE; 1028 if ((error = ext2_update(fvp, 1)) != 0) { 1029 VOP_UNLOCK(fvp, 0, td); 1030 goto bad; 1031 } 1032 1033 /* 1034 * If ".." must be changed (ie the directory gets a new 1035 * parent) then the source directory must not be in the 1036 * directory heirarchy above the target, as this would 1037 * orphan everything below the source directory. Also 1038 * the user must have write permission in the source so 1039 * as to be able to change "..". We must repeat the call 1040 * to namei, as the parent directory is unlocked by the 1041 * call to checkpath(). 1042 */ 1043 error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred, tcnp->cn_thread); 1044 VOP_UNLOCK(fvp, 0, td); 1045 if (oldparent != dp->i_number) 1046 newparent = dp->i_number; 1047 if (doingdirectory && newparent) { 1048 if (error) /* write access check above */ 1049 goto bad; 1050 if (xp != NULL) 1051 vput(tvp); 1052 error = ext2_checkpath(ip, dp, tcnp->cn_cred); 1053 if (error) 1054 goto out; 1055 VREF(tdvp); 1056 error = relookup(tdvp, &tvp, tcnp); 1057 if (error) 1058 goto out; 1059 vrele(tdvp); 1060 dp = VTOI(tdvp); 1061 xp = NULL; 1062 if (tvp) 1063 xp = VTOI(tvp); 1064 } 1065 /* 1066 * 2) If target doesn't exist, link the target 1067 * to the source and unlink the source. 1068 * Otherwise, rewrite the target directory 1069 * entry to reference the source inode and 1070 * expunge the original entry's existence. 1071 */ 1072 if (xp == NULL) { 1073 if (dp->i_dev != ip->i_dev) 1074 panic("ext2_rename: EXDEV"); 1075 /* 1076 * Account for ".." in new directory. 1077 * When source and destination have the same 1078 * parent we don't fool with the link count. 1079 */ 1080 if (doingdirectory && newparent) { 1081 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1082 error = EMLINK; 1083 goto bad; 1084 } 1085 dp->i_nlink++; 1086 dp->i_flag |= IN_CHANGE; 1087 error = ext2_update(tdvp, 1); 1088 if (error) 1089 goto bad; 1090 } 1091 error = ext2_direnter(ip, tdvp, tcnp); 1092 if (error) { 1093 if (doingdirectory && newparent) { 1094 dp->i_nlink--; 1095 dp->i_flag |= IN_CHANGE; 1096 (void)ext2_update(tdvp, 1); 1097 } 1098 goto bad; 1099 } 1100 vput(tdvp); 1101 } else { 1102 if (xp->i_dev != dp->i_dev || xp->i_dev != ip->i_dev) 1103 panic("ext2_rename: EXDEV"); 1104 /* 1105 * Short circuit rename(foo, foo). 1106 */ 1107 if (xp->i_number == ip->i_number) 1108 panic("ext2_rename: same file"); 1109 /* 1110 * If the parent directory is "sticky", then the user must 1111 * own the parent directory, or the destination of the rename, 1112 * otherwise the destination may not be changed (except by 1113 * root). This implements append-only directories. 1114 */ 1115 if ((dp->i_mode & S_ISTXT) && tcnp->cn_cred->cr_uid != 0 && 1116 tcnp->cn_cred->cr_uid != dp->i_uid && 1117 xp->i_uid != tcnp->cn_cred->cr_uid) { 1118 error = EPERM; 1119 goto bad; 1120 } 1121 /* 1122 * Target must be empty if a directory and have no links 1123 * to it. Also, ensure source and target are compatible 1124 * (both directories, or both not directories). 1125 */ 1126 if ((xp->i_mode&IFMT) == IFDIR) { 1127 if (! ext2_dirempty(xp, dp->i_number, tcnp->cn_cred) || 1128 xp->i_nlink > 2) { 1129 error = ENOTEMPTY; 1130 goto bad; 1131 } 1132 if (!doingdirectory) { 1133 error = ENOTDIR; 1134 goto bad; 1135 } 1136 cache_purge(tdvp); 1137 } else if (doingdirectory) { 1138 error = EISDIR; 1139 goto bad; 1140 } 1141 error = ext2_dirrewrite(dp, ip, tcnp); 1142 if (error) 1143 goto bad; 1144 /* 1145 * If the target directory is in the same 1146 * directory as the source directory, 1147 * decrement the link count on the parent 1148 * of the target directory. 1149 */ 1150 if (doingdirectory && !newparent) { 1151 dp->i_nlink--; 1152 dp->i_flag |= IN_CHANGE; 1153 } 1154 vput(tdvp); 1155 /* 1156 * Adjust the link count of the target to 1157 * reflect the dirrewrite above. If this is 1158 * a directory it is empty and there are 1159 * no links to it, so we can squash the inode and 1160 * any space associated with it. We disallowed 1161 * renaming over top of a directory with links to 1162 * it above, as the remaining link would point to 1163 * a directory without "." or ".." entries. 1164 */ 1165 xp->i_nlink--; 1166 if (doingdirectory) { 1167 if (--xp->i_nlink != 0) 1168 panic("ext2_rename: linked directory"); 1169 error = ext2_truncate(tvp, (off_t)0, IO_SYNC, 1170 tcnp->cn_cred, tcnp->cn_thread); 1171 } 1172 xp->i_flag |= IN_CHANGE; 1173 vput(tvp); 1174 xp = NULL; 1175 } 1176 1177 /* 1178 * 3) Unlink the source. 1179 */ 1180 fcnp->cn_flags &= ~MODMASK; 1181 fcnp->cn_flags |= LOCKPARENT | LOCKLEAF; 1182 VREF(fdvp); 1183 error = relookup(fdvp, &fvp, fcnp); 1184 if (error == 0) 1185 vrele(fdvp); 1186 if (fvp != NULL) { 1187 xp = VTOI(fvp); 1188 dp = VTOI(fdvp); 1189 } else { 1190 /* 1191 * From name has disappeared. 1192 */ 1193 if (doingdirectory) 1194 panic("ext2_rename: lost dir entry"); 1195 vrele(ap->a_fvp); 1196 return (0); 1197 } 1198 /* 1199 * Ensure that the directory entry still exists and has not 1200 * changed while the new name has been entered. If the source is 1201 * a file then the entry may have been unlinked or renamed. In 1202 * either case there is no further work to be done. If the source 1203 * is a directory then it cannot have been rmdir'ed; its link 1204 * count of three would cause a rmdir to fail with ENOTEMPTY. 1205 * The IN_RENAME flag ensures that it cannot be moved by another 1206 * rename. 1207 */ 1208 if (xp != ip) { 1209 if (doingdirectory) 1210 panic("ext2_rename: lost dir entry"); 1211 } else { 1212 /* 1213 * If the source is a directory with a 1214 * new parent, the link count of the old 1215 * parent directory must be decremented 1216 * and ".." set to point to the new parent. 1217 */ 1218 if (doingdirectory && newparent) { 1219 dp->i_nlink--; 1220 dp->i_flag |= IN_CHANGE; 1221 error = vn_rdwr(UIO_READ, fvp, (caddr_t)&dirbuf, 1222 sizeof (struct dirtemplate), (off_t)0, 1223 UIO_SYSSPACE, IO_NODELOCKED, 1224 tcnp->cn_cred, (int *)0, (struct thread *)0); 1225 if (error == 0) { 1226 /* Like ufs little-endian: */ 1227 namlen = dirbuf.dotdot_type; 1228 if (namlen != 2 || 1229 dirbuf.dotdot_name[0] != '.' || 1230 dirbuf.dotdot_name[1] != '.') { 1231 ext2_dirbad(xp, (doff_t)12, 1232 "rename: mangled dir"); 1233 } else { 1234 dirbuf.dotdot_ino = newparent; 1235 (void) vn_rdwr(UIO_WRITE, fvp, 1236 (caddr_t)&dirbuf, 1237 sizeof (struct dirtemplate), 1238 (off_t)0, UIO_SYSSPACE, 1239 IO_NODELOCKED|IO_SYNC, 1240 tcnp->cn_cred, (int *)0, 1241 (struct thread *)0); 1242 cache_purge(fdvp); 1243 } 1244 } 1245 } 1246 error = ext2_dirremove(fdvp, fcnp); 1247 if (!error) { 1248 xp->i_nlink--; 1249 xp->i_flag |= IN_CHANGE; 1250 } 1251 xp->i_flag &= ~IN_RENAME; 1252 } 1253 if (dp) 1254 vput(fdvp); 1255 if (xp) 1256 vput(fvp); 1257 vrele(ap->a_fvp); 1258 return (error); 1259 1260bad: 1261 if (xp) 1262 vput(ITOV(xp)); 1263 vput(ITOV(dp)); 1264out: 1265 if (doingdirectory) 1266 ip->i_flag &= ~IN_RENAME; 1267 if (vn_lock(fvp, LK_EXCLUSIVE, td) == 0) { 1268 ip->i_nlink--; 1269 ip->i_flag |= IN_CHANGE; 1270 ip->i_flag &= ~IN_RENAME; 1271 vput(fvp); 1272 } else 1273 vrele(fvp); 1274 return (error); 1275} 1276 1277/* 1278 * Mkdir system call 1279 */ 1280static int 1281ext2_mkdir(ap) 1282 struct vop_mkdir_args /* { 1283 struct vnode *a_dvp; 1284 struct vnode **a_vpp; 1285 struct componentname *a_cnp; 1286 struct vattr *a_vap; 1287 } */ *ap; 1288{ 1289 struct vnode *dvp = ap->a_dvp; 1290 struct vattr *vap = ap->a_vap; 1291 struct componentname *cnp = ap->a_cnp; 1292 struct inode *ip, *dp; 1293 struct vnode *tvp; 1294 struct dirtemplate dirtemplate, *dtp; 1295 int error, dmode; 1296 1297#ifdef DIAGNOSTIC 1298 if ((cnp->cn_flags & HASBUF) == 0) 1299 panic("ext2_mkdir: no name"); 1300#endif 1301 dp = VTOI(dvp); 1302 if ((nlink_t)dp->i_nlink >= LINK_MAX) { 1303 error = EMLINK; 1304 goto out; 1305 } 1306 dmode = vap->va_mode & 0777; 1307 dmode |= IFDIR; 1308 /* 1309 * Must simulate part of ext2_makeinode here to acquire the inode, 1310 * but not have it entered in the parent directory. The entry is 1311 * made later after writing "." and ".." entries. 1312 */ 1313 error = ext2_valloc(dvp, dmode, cnp->cn_cred, &tvp); 1314 if (error) 1315 goto out; 1316 ip = VTOI(tvp); 1317 ip->i_gid = dp->i_gid; 1318#ifdef SUIDDIR 1319 { 1320 /* 1321 * if we are hacking owners here, (only do this where told to) 1322 * and we are not giving it TOO root, (would subvert quotas) 1323 * then go ahead and give it to the other user. 1324 * The new directory also inherits the SUID bit. 1325 * If user's UID and dir UID are the same, 1326 * 'give it away' so that the SUID is still forced on. 1327 */ 1328 if ( (dvp->v_mount->mnt_flag & MNT_SUIDDIR) && 1329 (dp->i_mode & ISUID) && dp->i_uid) { 1330 dmode |= ISUID; 1331 ip->i_uid = dp->i_uid; 1332 } else { 1333 ip->i_uid = cnp->cn_cred->cr_uid; 1334 } 1335 } 1336#else 1337 ip->i_uid = cnp->cn_cred->cr_uid; 1338#endif 1339 ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE; 1340 ip->i_mode = dmode; 1341 tvp->v_type = VDIR; /* Rest init'd in getnewvnode(). */ 1342 ip->i_nlink = 2; 1343 if (cnp->cn_flags & ISWHITEOUT) 1344 ip->i_flags |= UF_OPAQUE; 1345 error = ext2_update(tvp, 1); 1346 1347 /* 1348 * Bump link count in parent directory 1349 * to reflect work done below. Should 1350 * be done before reference is created 1351 * so reparation is possible if we crash. 1352 */ 1353 dp->i_nlink++; 1354 dp->i_flag |= IN_CHANGE; 1355 error = ext2_update(dvp, 1); 1356 if (error) 1357 goto bad; 1358 1359 /* Initialize directory with "." and ".." from static template. */ 1360 if (EXT2_HAS_INCOMPAT_FEATURE(ip->i_e2fs->s_es, 1361 EXT2_FEATURE_INCOMPAT_FILETYPE)) 1362 dtp = &mastertemplate; 1363 else 1364 dtp = &omastertemplate; 1365 dirtemplate = *dtp; 1366 dirtemplate.dot_ino = ip->i_number; 1367 dirtemplate.dotdot_ino = dp->i_number; 1368 /* note that in ext2 DIRBLKSIZ == blocksize, not DEV_BSIZE 1369 * so let's just redefine it - for this function only 1370 */ 1371#undef DIRBLKSIZ 1372#define DIRBLKSIZ VTOI(dvp)->i_e2fs->s_blocksize 1373 dirtemplate.dotdot_reclen = DIRBLKSIZ - 12; 1374 error = vn_rdwr(UIO_WRITE, tvp, (caddr_t)&dirtemplate, 1375 sizeof (dirtemplate), (off_t)0, UIO_SYSSPACE, 1376 IO_NODELOCKED|IO_SYNC, cnp->cn_cred, (int *)0, (struct thread *)0); 1377 if (error) { 1378 dp->i_nlink--; 1379 dp->i_flag |= IN_CHANGE; 1380 goto bad; 1381 } 1382 if (DIRBLKSIZ > VFSTOEXT2(dvp->v_mount)->um_mountp->mnt_stat.f_bsize) 1383 /* XXX should grow with balloc() */ 1384 panic("ext2_mkdir: blksize"); 1385 else { 1386 ip->i_size = DIRBLKSIZ; 1387 ip->i_flag |= IN_CHANGE; 1388 } 1389 1390 /* Directory set up, now install its entry in the parent directory. */ 1391 error = ext2_direnter(ip, dvp, cnp); 1392 if (error) { 1393 dp->i_nlink--; 1394 dp->i_flag |= IN_CHANGE; 1395 } 1396bad: 1397 /* 1398 * No need to do an explicit VOP_TRUNCATE here, vrele will do this 1399 * for us because we set the link count to 0. 1400 */ 1401 if (error) { 1402 ip->i_nlink = 0; 1403 ip->i_flag |= IN_CHANGE; 1404 vput(tvp); 1405 } else 1406 *ap->a_vpp = tvp; 1407out: 1408 return (error); 1409#undef DIRBLKSIZ 1410#define DIRBLKSIZ DEV_BSIZE 1411} 1412 1413/* 1414 * Rmdir system call. 1415 */ 1416static int 1417ext2_rmdir(ap) 1418 struct vop_rmdir_args /* { 1419 struct vnode *a_dvp; 1420 struct vnode *a_vp; 1421 struct componentname *a_cnp; 1422 } */ *ap; 1423{ 1424 struct vnode *vp = ap->a_vp; 1425 struct vnode *dvp = ap->a_dvp; 1426 struct componentname *cnp = ap->a_cnp; 1427 struct thread *td = cnp->cn_thread; 1428 struct inode *ip, *dp; 1429 int error; 1430 1431 ip = VTOI(vp); 1432 dp = VTOI(dvp); 1433 1434 /* 1435 * Verify the directory is empty (and valid). 1436 * (Rmdir ".." won't be valid since 1437 * ".." will contain a reference to 1438 * the current directory and thus be 1439 * non-empty.) 1440 */ 1441 error = 0; 1442 if (ip->i_nlink != 2 || !ext2_dirempty(ip, dp->i_number, cnp->cn_cred)) { 1443 error = ENOTEMPTY; 1444 goto out; 1445 } 1446 if ((dp->i_flags & APPEND) 1447 || (ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))) { 1448 error = EPERM; 1449 goto out; 1450 } 1451 /* 1452 * Delete reference to directory before purging 1453 * inode. If we crash in between, the directory 1454 * will be reattached to lost+found, 1455 */ 1456 error = ext2_dirremove(dvp, cnp); 1457 if (error) 1458 goto out; 1459 dp->i_nlink--; 1460 dp->i_flag |= IN_CHANGE; 1461 cache_purge(dvp); 1462 VOP_UNLOCK(dvp, 0, td); 1463 /* 1464 * Truncate inode. The only stuff left 1465 * in the directory is "." and "..". The 1466 * "." reference is inconsequential since 1467 * we're quashing it. The ".." reference 1468 * has already been adjusted above. We've 1469 * removed the "." reference and the reference 1470 * in the parent directory, but there may be 1471 * other hard links so decrement by 2 and 1472 * worry about them later. 1473 */ 1474 ip->i_nlink -= 2; 1475 error = ext2_truncate(vp, (off_t)0, IO_SYNC, cnp->cn_cred, td); 1476 cache_purge(ITOV(ip)); 1477 vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY, td); 1478out: 1479 return (error); 1480} 1481 1482/* 1483 * symlink -- make a symbolic link 1484 */ 1485static int 1486ext2_symlink(ap) 1487 struct vop_symlink_args /* { 1488 struct vnode *a_dvp; 1489 struct vnode **a_vpp; 1490 struct componentname *a_cnp; 1491 struct vattr *a_vap; 1492 char *a_target; 1493 } */ *ap; 1494{ 1495 struct vnode *vp, **vpp = ap->a_vpp; 1496 struct inode *ip; 1497 int len, error; 1498 1499 error = ext2_makeinode(IFLNK | ap->a_vap->va_mode, ap->a_dvp, 1500 vpp, ap->a_cnp); 1501 if (error) 1502 return (error); 1503 vp = *vpp; 1504 len = strlen(ap->a_target); 1505 if (len < vp->v_mount->mnt_maxsymlinklen) { 1506 ip = VTOI(vp); 1507 bcopy(ap->a_target, (char *)ip->i_shortlink, len); 1508 ip->i_size = len; 1509 ip->i_flag |= IN_CHANGE | IN_UPDATE; 1510 } else 1511 error = vn_rdwr(UIO_WRITE, vp, ap->a_target, len, (off_t)0, 1512 UIO_SYSSPACE, IO_NODELOCKED, ap->a_cnp->cn_cred, (int *)0, 1513 (struct thread *)0); 1514 if (error) 1515 vput(vp); 1516 return (error); 1517} 1518 1519/* 1520 * Return target name of a symbolic link 1521 */ 1522static int 1523ext2_readlink(ap) 1524 struct vop_readlink_args /* { 1525 struct vnode *a_vp; 1526 struct uio *a_uio; 1527 struct ucred *a_cred; 1528 } */ *ap; 1529{ 1530 struct vnode *vp = ap->a_vp; 1531 struct inode *ip = VTOI(vp); 1532 int isize; 1533 1534 isize = ip->i_size; 1535 if (isize < vp->v_mount->mnt_maxsymlinklen) { 1536 uiomove((char *)ip->i_shortlink, isize, ap->a_uio); 1537 return (0); 1538 } 1539 return (VOP_READ(vp, ap->a_uio, 0, ap->a_cred)); 1540} 1541 1542/* 1543 * Calculate the logical to physical mapping if not done already, 1544 * then call the device strategy routine. 1545 * 1546 * In order to be able to swap to a file, the ext2_bmaparray() operation may not 1547 * deadlock on memory. See ext2_bmap() for details. 1548 */ 1549int 1550ext2_strategy(ap) 1551 struct vop_strategy_args /* { 1552 struct vnode *a_vp; 1553 struct buf *a_bp; 1554 } */ *ap; 1555{ 1556 struct buf *bp = ap->a_bp; 1557 struct vnode *vp = ap->a_vp; 1558 struct inode *ip;
|