compat/cloudabi/cloudabi_file.c

285307Sed/*-
285307Sed * Copyright (c) 2015 Nuxi, https://nuxi.nl/
285307Sed *
285307Sed * Redistribution and use in source and binary forms, with or without
285307Sed * modification, are permitted provided that the following conditions
285307Sed * are met:
285307Sed * 1. Redistributions of source code must retain the above copyright
285307Sed *    notice, this list of conditions and the following disclaimer.
285307Sed * 2. Redistributions in binary form must reproduce the above copyright
285307Sed *    notice, this list of conditions and the following disclaimer in the
285307Sed *    documentation and/or other materials provided with the distribution.
285307Sed *
285307Sed * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
285307Sed * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
285307Sed * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
285307Sed * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
285307Sed * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
285307Sed * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
285307Sed * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
285307Sed * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
285307Sed * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
285307Sed * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
285307Sed * SUCH DAMAGE.
285307Sed */
285307Sed
285307Sed#include <sys/cdefs.h>
285307Sed__FBSDID("$FreeBSD: head/sys/compat/cloudabi/cloudabi_file.c 297247 2016-03-24 21:47:15Z ed $");
285307Sed
285596Sed#include <sys/param.h>
285930Sed#include <sys/capsicum.h>
285998Sed#include <sys/dirent.h>
285596Sed#include <sys/fcntl.h>
285834Sed#include <sys/kernel.h>
285834Sed#include <sys/malloc.h>
285834Sed#include <sys/namei.h>
285930Sed#include <sys/proc.h>
285930Sed#include <sys/stat.h>
285596Sed#include <sys/syscallsubr.h>
285998Sed#include <sys/uio.h>
285998Sed#include <sys/vnode.h>
285596Sed
297247Sed#include <contrib/cloudabi/cloudabi_types_common.h>
297247Sed
285307Sed#include <compat/cloudabi/cloudabi_proto.h>
285930Sed#include <compat/cloudabi/cloudabi_util.h>
285307Sed
285998Sed#include <security/mac/mac_framework.h>
285998Sed
285834Sedstatic MALLOC_DEFINE(M_CLOUDABI_PATH, "cloudabipath", "CloudABI pathnames");
285834Sed
285834Sed/*
285834Sed * Copying pathnames from userspace to kernelspace.
285834Sed *
285834Sed * Unlike most operating systems, CloudABI doesn't use null-terminated
285834Sed * pathname strings. Processes always pass pathnames to the kernel by
285834Sed * providing a base pointer and a length. This has a couple of reasons:
285834Sed *
285834Sed * - It makes it easier to use CloudABI in combination with programming
285834Sed *   languages other than C, that may use non-null terminated strings.
285834Sed * - It allows for calling system calls on individual components of the
285834Sed *   pathname without modifying the input string.
285834Sed *
285834Sed * The function below copies in pathname strings and null-terminates it.
285834Sed * It also ensure that the string itself does not contain any null
285834Sed * bytes.
285834Sed *
285834Sed * TODO(ed): Add an abstraction to vfs_lookup.c that allows us to pass
285834Sed *           in unterminated pathname strings, so we can do away with
285834Sed *           the copying.
285834Sed */
285834Sed
285834Sedstatic int
285834Sedcopyin_path(const char *uaddr, size_t len, char **result)
285834Sed{
285834Sed	char *buf;
285834Sed	int error;
285834Sed
285834Sed	if (len >= PATH_MAX)
285834Sed		return (ENAMETOOLONG);
285834Sed	buf = malloc(len + 1, M_CLOUDABI_PATH, M_WAITOK);
285834Sed	error = copyin(uaddr, buf, len);
285834Sed	if (error != 0) {
285834Sed		free(buf, M_CLOUDABI_PATH);
285834Sed		return (error);
285834Sed	}
285834Sed	if (memchr(buf, '\0', len) != NULL) {
285834Sed		free(buf, M_CLOUDABI_PATH);
285834Sed		return (EINVAL);
285834Sed	}
285834Sed	buf[len] = '\0';
285834Sed	*result = buf;
285834Sed	return (0);
285834Sed}
285834Sed
285834Sedstatic void
285834Sedcloudabi_freestr(char *buf)
285834Sed{
285834Sed
285834Sed	free(buf, M_CLOUDABI_PATH);
285834Sed}
285834Sed
285307Sedint
285307Sedcloudabi_sys_file_advise(struct thread *td,
285307Sed    struct cloudabi_sys_file_advise_args *uap)
285307Sed{
285596Sed	int advice;
285307Sed
285596Sed	switch (uap->advice) {
285596Sed	case CLOUDABI_ADVICE_DONTNEED:
285596Sed		advice = POSIX_FADV_DONTNEED;
285596Sed		break;
285596Sed	case CLOUDABI_ADVICE_NOREUSE:
285596Sed		advice = POSIX_FADV_NOREUSE;
285596Sed		break;
285596Sed	case CLOUDABI_ADVICE_NORMAL:
285596Sed		advice = POSIX_FADV_NORMAL;
285596Sed		break;
285596Sed	case CLOUDABI_ADVICE_RANDOM:
285596Sed		advice = POSIX_FADV_RANDOM;
285596Sed		break;
285596Sed	case CLOUDABI_ADVICE_SEQUENTIAL:
285596Sed		advice = POSIX_FADV_SEQUENTIAL;
285596Sed		break;
285596Sed	case CLOUDABI_ADVICE_WILLNEED:
285596Sed		advice = POSIX_FADV_WILLNEED;
285596Sed		break;
285596Sed	default:
285596Sed		return (EINVAL);
285596Sed	}
285596Sed
285596Sed	return (kern_posix_fadvise(td, uap->fd, uap->offset, uap->len, advice));
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_allocate(struct thread *td,
285307Sed    struct cloudabi_sys_file_allocate_args *uap)
285307Sed{
285307Sed
285596Sed	return (kern_posix_fallocate(td, uap->fd, uap->offset, uap->len));
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_create(struct thread *td,
285307Sed    struct cloudabi_sys_file_create_args *uap)
285307Sed{
285931Sed	char *path;
285931Sed	int error;
285307Sed
285931Sed	error = copyin_path(uap->path, uap->pathlen, &path);
285931Sed	if (error != 0)
285931Sed		return (error);
285931Sed
285931Sed	/*
285931Sed	 * CloudABI processes cannot interact with UNIX credentials and
285931Sed	 * permissions. Depend on the umask that is set prior to
285931Sed	 * execution to restrict the file permissions.
285931Sed	 */
285931Sed	switch (uap->type) {
285931Sed	case CLOUDABI_FILETYPE_DIRECTORY:
285931Sed		error = kern_mkdirat(td, uap->fd, path, UIO_SYSSPACE, 0777);
285931Sed		break;
285931Sed	case CLOUDABI_FILETYPE_FIFO:
285931Sed		error = kern_mkfifoat(td, uap->fd, path, UIO_SYSSPACE, 0666);
285931Sed		break;
285931Sed	default:
285931Sed		error = EINVAL;
285931Sed		break;
285931Sed	}
285931Sed	cloudabi_freestr(path);
285931Sed	return (error);
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_link(struct thread *td,
285307Sed    struct cloudabi_sys_file_link_args *uap)
285307Sed{
285834Sed	char *path1, *path2;
285834Sed	int error;
285307Sed
285834Sed	error = copyin_path(uap->path1, uap->path1len, &path1);
285834Sed	if (error != 0)
285834Sed		return (error);
285834Sed	error = copyin_path(uap->path2, uap->path2len, &path2);
285834Sed	if (error != 0) {
285834Sed		cloudabi_freestr(path1);
285834Sed		return (error);
285834Sed	}
285834Sed
297247Sed	error = kern_linkat(td, uap->fd1.fd, uap->fd2, path1, path2,
297247Sed	    UIO_SYSSPACE, (uap->fd1.flags & CLOUDABI_LOOKUP_SYMLINK_FOLLOW) ?
285834Sed	    FOLLOW : NOFOLLOW);
285834Sed	cloudabi_freestr(path1);
285834Sed	cloudabi_freestr(path2);
285834Sed	return (error);
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_open(struct thread *td,
285307Sed    struct cloudabi_sys_file_open_args *uap)
285307Sed{
286359Sed	cloudabi_fdstat_t fds;
286359Sed	cap_rights_t rights;
286359Sed	struct filecaps fcaps = {};
286359Sed	struct nameidata nd;
286359Sed	struct file *fp;
286359Sed	struct vnode *vp;
286359Sed	char *path;
286359Sed	int error, fd, fflags;
286359Sed	bool read, write;
285307Sed
286359Sed	error = copyin(uap->fds, &fds, sizeof(fds));
286359Sed	if (error != 0)
286359Sed		return (error);
286359Sed
286359Sed	/* All the requested rights should be set on the descriptor. */
286359Sed	error = cloudabi_convert_rights(
286359Sed	    fds.fs_rights_base | fds.fs_rights_inheriting, &rights);
286359Sed	if (error != 0)
286359Sed		return (error);
286359Sed	cap_rights_set(&rights, CAP_LOOKUP);
286359Sed
286359Sed	/* Convert rights to corresponding access mode. */
286359Sed	read = (fds.fs_rights_base & (CLOUDABI_RIGHT_FD_READ |
286359Sed	    CLOUDABI_RIGHT_FILE_READDIR | CLOUDABI_RIGHT_MEM_MAP_EXEC)) != 0;
286359Sed	write = (fds.fs_rights_base & (CLOUDABI_RIGHT_FD_DATASYNC |
286359Sed	    CLOUDABI_RIGHT_FD_WRITE | CLOUDABI_RIGHT_FILE_ALLOCATE |
286359Sed	    CLOUDABI_RIGHT_FILE_STAT_FPUT_SIZE)) != 0;
286633Sed	fflags = write ? read ? FREAD | FWRITE : FWRITE : FREAD;
286359Sed
286359Sed	/* Convert open flags. */
286359Sed	if ((uap->oflags & CLOUDABI_O_CREAT) != 0) {
286359Sed		fflags |= O_CREAT;
286359Sed		cap_rights_set(&rights, CAP_CREATE);
286359Sed	}
286359Sed	if ((uap->oflags & CLOUDABI_O_DIRECTORY) != 0)
286359Sed		fflags |= O_DIRECTORY;
286359Sed	if ((uap->oflags & CLOUDABI_O_EXCL) != 0)
286359Sed		fflags |= O_EXCL;
286359Sed	if ((uap->oflags & CLOUDABI_O_TRUNC) != 0) {
286359Sed		fflags |= O_TRUNC;
286359Sed		cap_rights_set(&rights, CAP_FTRUNCATE);
286359Sed	}
286359Sed	if ((fds.fs_flags & CLOUDABI_FDFLAG_APPEND) != 0)
286359Sed		fflags |= O_APPEND;
286359Sed	if ((fds.fs_flags & CLOUDABI_FDFLAG_NONBLOCK) != 0)
286359Sed		fflags |= O_NONBLOCK;
286359Sed	if ((fds.fs_flags & (CLOUDABI_FDFLAG_SYNC | CLOUDABI_FDFLAG_DSYNC |
286359Sed	    CLOUDABI_FDFLAG_RSYNC)) != 0) {
286359Sed		fflags |= O_SYNC;
286359Sed		cap_rights_set(&rights, CAP_FSYNC);
286359Sed	}
297247Sed	if ((uap->dirfd.flags & CLOUDABI_LOOKUP_SYMLINK_FOLLOW) == 0)
286359Sed		fflags |= O_NOFOLLOW;
286359Sed	if (write && (fflags & (O_APPEND | O_TRUNC)) == 0)
286359Sed		cap_rights_set(&rights, CAP_SEEK);
286359Sed
286359Sed	/* Allocate new file descriptor. */
286359Sed	error = falloc_noinstall(td, &fp);
286359Sed	if (error != 0)
286359Sed		return (error);
286359Sed	fp->f_flag = fflags & FMASK;
286359Sed
286359Sed	/* Open path. */
286359Sed	error = copyin_path(uap->path, uap->pathlen, &path);
286359Sed	if (error != 0) {
286359Sed		fdrop(fp, td);
286359Sed		return (error);
286359Sed	}
297247Sed	NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, path, uap->dirfd.fd,
286359Sed	    &rights, td);
286359Sed	error = vn_open(&nd, &fflags, 0777 & ~td->td_proc->p_fd->fd_cmask, fp);
286359Sed	cloudabi_freestr(path);
286359Sed	if (error != 0) {
286359Sed		/* Custom operations provided. */
286359Sed		if (error == ENXIO && fp->f_ops != &badfileops)
286359Sed			goto success;
286359Sed
286359Sed		/*
286359Sed		 * POSIX compliance: return ELOOP in case openat() is
286359Sed		 * called on a symbolic link and O_NOFOLLOW is set.
286359Sed		 */
286359Sed		if (error == EMLINK)
286359Sed			error = ELOOP;
286359Sed		fdrop(fp, td);
286359Sed		return (error);
286359Sed	}
286359Sed	NDFREE(&nd, NDF_ONLY_PNBUF);
286359Sed	filecaps_free(&nd.ni_filecaps);
286359Sed	fp->f_vnode = vp = nd.ni_vp;
286359Sed
286359Sed	/* Install vnode operations if no custom operations are provided. */
286359Sed	if (fp->f_ops == &badfileops) {
286359Sed		fp->f_seqcount = 1;
286359Sed		finit(fp, (fflags & FMASK) | (fp->f_flag & FHASLOCK),
286359Sed		    DTYPE_VNODE, vp, &vnops);
286359Sed	}
286359Sed	VOP_UNLOCK(vp, 0);
286359Sed
286359Sed	/* Truncate file. */
286359Sed	if (fflags & O_TRUNC) {
286359Sed		error = fo_truncate(fp, 0, td->td_ucred, td);
286359Sed		if (error != 0) {
286359Sed			fdrop(fp, td);
286359Sed			return (error);
286359Sed		}
286359Sed	}
286359Sed
286359Sedsuccess:
286359Sed	/* Determine which Capsicum rights to set on the file descriptor. */
286359Sed	cloudabi_remove_conflicting_rights(cloudabi_convert_filetype(fp),
286359Sed	    &fds.fs_rights_base, &fds.fs_rights_inheriting);
286359Sed	cloudabi_convert_rights(fds.fs_rights_base | fds.fs_rights_inheriting,
286359Sed	    &fcaps.fc_rights);
286359Sed	if (cap_rights_is_set(&fcaps.fc_rights))
286359Sed		fcaps.fc_fcntls = CAP_FCNTL_SETFL;
286359Sed
286359Sed	error = finstall(td, fp, &fd, fflags, &fcaps);
286359Sed	fdrop(fp, td);
286359Sed	if (error != 0)
286359Sed		return (error);
286359Sed	td->td_retval[0] = fd;
286359Sed	return (0);
285307Sed}
285307Sed
285998Sed/* Converts a FreeBSD directory entry structure and writes it to userspace. */
285998Sedstatic int
285998Sedwrite_dirent(struct dirent *bde, cloudabi_dircookie_t cookie, struct uio *uio)
285998Sed{
285998Sed	cloudabi_dirent_t cde = {
285998Sed		.d_next = cookie,
285998Sed		.d_ino = bde->d_fileno,
285998Sed		.d_namlen = bde->d_namlen,
285998Sed	};
285998Sed	size_t len;
285998Sed	int error;
285998Sed
285998Sed	/* Convert file type. */
285998Sed	switch (bde->d_type) {
285998Sed	case DT_BLK:
285998Sed		cde.d_type = CLOUDABI_FILETYPE_BLOCK_DEVICE;
285998Sed		break;
285998Sed	case DT_CHR:
285998Sed		cde.d_type = CLOUDABI_FILETYPE_CHARACTER_DEVICE;
285998Sed		break;
285998Sed	case DT_DIR:
285998Sed		cde.d_type = CLOUDABI_FILETYPE_DIRECTORY;
285998Sed		break;
285998Sed	case DT_FIFO:
285998Sed		cde.d_type = CLOUDABI_FILETYPE_FIFO;
285998Sed		break;
285998Sed	case DT_LNK:
285998Sed		cde.d_type = CLOUDABI_FILETYPE_SYMBOLIC_LINK;
285998Sed		break;
285998Sed	case DT_REG:
285998Sed		cde.d_type = CLOUDABI_FILETYPE_REGULAR_FILE;
285998Sed		break;
285998Sed	case DT_SOCK:
285998Sed		/* The exact socket type cannot be derived. */
285998Sed		cde.d_type = CLOUDABI_FILETYPE_SOCKET_STREAM;
285998Sed		break;
285998Sed	default:
285998Sed		cde.d_type = CLOUDABI_FILETYPE_UNKNOWN;
285998Sed		break;
285998Sed	}
285998Sed
285998Sed	/* Write directory entry structure. */
285998Sed	len = sizeof(cde) < uio->uio_resid ? sizeof(cde) : uio->uio_resid;
285998Sed	error = uiomove(&cde, len, uio);
285998Sed	if (error != 0)
285998Sed		return (error);
285998Sed
285998Sed	/* Write filename. */
285998Sed	len = bde->d_namlen < uio->uio_resid ? bde->d_namlen : uio->uio_resid;
285998Sed	return (uiomove(bde->d_name, len, uio));
285998Sed}
285998Sed
285307Sedint
285307Sedcloudabi_sys_file_readdir(struct thread *td,
285307Sed    struct cloudabi_sys_file_readdir_args *uap)
285307Sed{
285998Sed	struct iovec iov = {
285998Sed		.iov_base = uap->buf,
285998Sed		.iov_len = uap->nbyte
285998Sed	};
285998Sed	struct uio uio = {
285998Sed		.uio_iov = &iov,
285998Sed		.uio_iovcnt = 1,
285998Sed		.uio_resid = iov.iov_len,
285998Sed		.uio_segflg = UIO_USERSPACE,
285998Sed		.uio_rw = UIO_READ,
285998Sed		.uio_td = td
285998Sed	};
285998Sed	struct file *fp;
285998Sed	struct vnode *vp;
285998Sed	void *readbuf;
285998Sed	cap_rights_t rights;
285998Sed	cloudabi_dircookie_t offset;
285998Sed	int error;
285307Sed
285998Sed	/* Obtain directory vnode. */
285998Sed	error = getvnode(td, uap->fd, cap_rights_init(&rights, CAP_READ), &fp);
285998Sed	if (error != 0) {
285998Sed		if (error == EINVAL)
285998Sed			return (ENOTDIR);
285998Sed		return (error);
285998Sed	}
285998Sed	if ((fp->f_flag & FREAD) == 0) {
285998Sed		fdrop(fp, td);
285998Sed		return (EBADF);
285998Sed	}
285998Sed
285998Sed	/*
285998Sed	 * Call VOP_READDIR() and convert resulting data until the user
285998Sed	 * provided buffer is filled.
285998Sed	 */
285998Sed	readbuf = malloc(MAXBSIZE, M_TEMP, M_WAITOK);
285998Sed	offset = uap->cookie;
285998Sed	vp = fp->f_vnode;
285998Sed	while (uio.uio_resid > 0) {
285998Sed		struct iovec readiov = {
285998Sed			.iov_base = readbuf,
285998Sed			.iov_len = MAXBSIZE
285998Sed		};
285998Sed		struct uio readuio = {
285998Sed			.uio_iov = &readiov,
285998Sed			.uio_iovcnt = 1,
285998Sed			.uio_rw = UIO_READ,
285998Sed			.uio_segflg = UIO_SYSSPACE,
285998Sed			.uio_td = td,
285998Sed			.uio_resid = MAXBSIZE,
285998Sed			.uio_offset = offset
285998Sed		};
285998Sed		struct dirent *bde;
285998Sed		unsigned long *cookies, *cookie;
285998Sed		size_t readbuflen;
285998Sed		int eof, ncookies;
285998Sed
285998Sed		/* Validate file type. */
285998Sed		vn_lock(vp, LK_SHARED | LK_RETRY);
285998Sed		if (vp->v_type != VDIR) {
285998Sed			VOP_UNLOCK(vp, 0);
285998Sed			error = ENOTDIR;
285998Sed			goto done;
285998Sed		}
285998Sed#ifdef MAC
285998Sed		error = mac_vnode_check_readdir(td->td_ucred, vp);
285998Sed		if (error != 0) {
285998Sed			VOP_UNLOCK(vp, 0);
285998Sed			goto done;
285998Sed		}
285998Sed#endif /* MAC */
285998Sed
285998Sed		/* Read new directory entries. */
285998Sed		cookies = NULL;
285998Sed		ncookies = 0;
285998Sed		error = VOP_READDIR(vp, &readuio, fp->f_cred, &eof,
285998Sed		    &ncookies, &cookies);
285998Sed		VOP_UNLOCK(vp, 0);
285998Sed		if (error != 0)
285998Sed			goto done;
285998Sed
285998Sed		/* Convert entries to CloudABI's format. */
285998Sed		readbuflen = MAXBSIZE - readuio.uio_resid;
285998Sed		bde = readbuf;
285998Sed		cookie = cookies;
285998Sed		while (readbuflen >= offsetof(struct dirent, d_name) &&
285998Sed		    uio.uio_resid > 0 && ncookies > 0) {
285998Sed			/* Ensure that the returned offset always increases. */
285998Sed			if (readbuflen >= bde->d_reclen && bde->d_fileno != 0 &&
285998Sed			    *cookie > offset) {
285998Sed				error = write_dirent(bde, *cookie, &uio);
285998Sed				if (error != 0) {
285998Sed					free(cookies, M_TEMP);
285998Sed					goto done;
285998Sed				}
285998Sed			}
285998Sed
285998Sed			if (offset < *cookie)
285998Sed				offset = *cookie;
285998Sed			++cookie;
285998Sed			--ncookies;
285998Sed			readbuflen -= bde->d_reclen;
285998Sed			bde = (struct dirent *)((char *)bde + bde->d_reclen);
285998Sed		}
285998Sed		free(cookies, M_TEMP);
285998Sed		if (eof)
285998Sed			break;
285998Sed	}
285998Sed
285998Seddone:
285998Sed	fdrop(fp, td);
285998Sed	free(readbuf, M_TEMP);
285998Sed	if (error != 0)
285998Sed		return (error);
285998Sed
285998Sed	/* Return number of bytes copied to userspace. */
285998Sed	td->td_retval[0] = uap->nbyte - uio.uio_resid;
285998Sed	return (0);
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_readlink(struct thread *td,
285307Sed    struct cloudabi_sys_file_readlink_args *uap)
285307Sed{
285834Sed	char *path;
285834Sed	int error;
285307Sed
285834Sed	error = copyin_path(uap->path, uap->pathlen, &path);
285834Sed	if (error != 0)
285834Sed		return (error);
285834Sed
285834Sed	error = kern_readlinkat(td, uap->fd, path, UIO_SYSSPACE,
285834Sed	    uap->buf, UIO_USERSPACE, uap->bufsize);
285834Sed	cloudabi_freestr(path);
285834Sed	return (error);
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_rename(struct thread *td,
285307Sed    struct cloudabi_sys_file_rename_args *uap)
285307Sed{
285834Sed	char *old, *new;
285834Sed	int error;
285307Sed
285834Sed	error = copyin_path(uap->old, uap->oldlen, &old);
285834Sed	if (error != 0)
285834Sed		return (error);
285834Sed	error = copyin_path(uap->new, uap->newlen, &new);
285834Sed	if (error != 0) {
285834Sed		cloudabi_freestr(old);
285834Sed		return (error);
285834Sed	}
285834Sed
285834Sed	error = kern_renameat(td, uap->oldfd, old, uap->newfd, new,
285834Sed	    UIO_SYSSPACE);
285834Sed	cloudabi_freestr(old);
285834Sed	cloudabi_freestr(new);
285834Sed	return (error);
285307Sed}
285307Sed
285930Sed/* Converts a FreeBSD stat structure to a CloudABI stat structure. */
285930Sedstatic void
285930Sedconvert_stat(const struct stat *sb, cloudabi_filestat_t *csb)
285930Sed{
285930Sed	cloudabi_filestat_t res = {
285930Sed		.st_dev		= sb->st_dev,
285930Sed		.st_ino		= sb->st_ino,
285930Sed		.st_nlink	= sb->st_nlink,
285930Sed		.st_size	= sb->st_size,
285930Sed	};
285930Sed
285930Sed	cloudabi_convert_timespec(&sb->st_atim, &res.st_atim);
285930Sed	cloudabi_convert_timespec(&sb->st_mtim, &res.st_mtim);
285930Sed	cloudabi_convert_timespec(&sb->st_ctim, &res.st_ctim);
285930Sed	*csb = res;
285930Sed}
285930Sed
285307Sedint
285307Sedcloudabi_sys_file_stat_fget(struct thread *td,
285307Sed    struct cloudabi_sys_file_stat_fget_args *uap)
285307Sed{
285930Sed	struct stat sb;
285930Sed	cloudabi_filestat_t csb;
285930Sed	struct file *fp;
285930Sed	cap_rights_t rights;
285930Sed	cloudabi_filetype_t filetype;
285930Sed	int error;
285307Sed
285930Sed	/* Fetch file descriptor attributes. */
285930Sed	error = fget(td, uap->fd, cap_rights_init(&rights, CAP_FSTAT), &fp);
285930Sed	if (error != 0)
285930Sed		return (error);
285930Sed	error = fo_stat(fp, &sb, td->td_ucred, td);
285930Sed	if (error != 0) {
285930Sed		fdrop(fp, td);
285930Sed		return (error);
285930Sed	}
285930Sed	filetype = cloudabi_convert_filetype(fp);
285930Sed	fdrop(fp, td);
285930Sed
285930Sed	/* Convert attributes to CloudABI's format. */
285930Sed	convert_stat(&sb, &csb);
285930Sed	csb.st_filetype = filetype;
285930Sed	return (copyout(&csb, uap->buf, sizeof(csb)));
285307Sed}
285307Sed
285954Sed/* Converts timestamps to arguments to futimens() and utimensat(). */
285954Sedstatic void
285954Sedconvert_utimens_arguments(const cloudabi_filestat_t *fs,
285954Sed    cloudabi_fsflags_t flags, struct timespec *ts)
285954Sed{
285954Sed
285954Sed	if ((flags & CLOUDABI_FILESTAT_ATIM_NOW) != 0) {
285954Sed		ts[0].tv_nsec = UTIME_NOW;
285954Sed	} else if ((flags & CLOUDABI_FILESTAT_ATIM) != 0) {
285954Sed		ts[0].tv_sec = fs->st_atim / 1000000000;
285954Sed		ts[0].tv_nsec = fs->st_atim % 1000000000;
285954Sed	} else {
285954Sed		ts[0].tv_nsec = UTIME_OMIT;
285954Sed	}
285954Sed
285954Sed	if ((flags & CLOUDABI_FILESTAT_MTIM_NOW) != 0) {
285954Sed		ts[1].tv_nsec = UTIME_NOW;
285954Sed	} else if ((flags & CLOUDABI_FILESTAT_MTIM) != 0) {
285954Sed		ts[1].tv_sec = fs->st_mtim / 1000000000;
285954Sed		ts[1].tv_nsec = fs->st_mtim % 1000000000;
285954Sed	} else {
285954Sed		ts[1].tv_nsec = UTIME_OMIT;
285954Sed	}
285954Sed}
285954Sed
285307Sedint
285307Sedcloudabi_sys_file_stat_fput(struct thread *td,
285307Sed    struct cloudabi_sys_file_stat_fput_args *uap)
285307Sed{
285954Sed	cloudabi_filestat_t fs;
285954Sed	struct timespec ts[2];
285954Sed	int error;
285307Sed
285954Sed	error = copyin(uap->buf, &fs, sizeof(fs));
285954Sed	if (error != 0)
285954Sed		return (error);
285954Sed
285954Sed	/*
285954Sed	 * Only support truncation and timestamp modification separately
285954Sed	 * for now, to prevent unnecessary code duplication.
285954Sed	 */
285954Sed	if ((uap->flags & CLOUDABI_FILESTAT_SIZE) != 0) {
285954Sed		/* Call into kern_ftruncate() for file truncation. */
285954Sed		if ((uap->flags & ~CLOUDABI_FILESTAT_SIZE) != 0)
285954Sed			return (EINVAL);
285954Sed		return (kern_ftruncate(td, uap->fd, fs.st_size));
285954Sed	} else if ((uap->flags & (CLOUDABI_FILESTAT_ATIM |
285954Sed	    CLOUDABI_FILESTAT_ATIM_NOW | CLOUDABI_FILESTAT_MTIM |
285954Sed	    CLOUDABI_FILESTAT_MTIM_NOW)) != 0) {
285954Sed		/* Call into kern_futimens() for timestamp modification. */
285954Sed		if ((uap->flags & ~(CLOUDABI_FILESTAT_ATIM |
285954Sed		    CLOUDABI_FILESTAT_ATIM_NOW | CLOUDABI_FILESTAT_MTIM |
285954Sed		    CLOUDABI_FILESTAT_MTIM_NOW)) != 0)
285954Sed			return (EINVAL);
285954Sed		convert_utimens_arguments(&fs, uap->flags, ts);
285954Sed		return (kern_futimens(td, uap->fd, ts, UIO_SYSSPACE));
285954Sed	}
285954Sed	return (EINVAL);
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_stat_get(struct thread *td,
285307Sed    struct cloudabi_sys_file_stat_get_args *uap)
285307Sed{
285930Sed	struct stat sb;
285930Sed	cloudabi_filestat_t csb;
285930Sed	char *path;
285930Sed	int error;
285307Sed
285930Sed	error = copyin_path(uap->path, uap->pathlen, &path);
285930Sed	if (error != 0)
285930Sed		return (error);
285930Sed
285930Sed	error = kern_statat(td,
297247Sed	    (uap->fd.flags & CLOUDABI_LOOKUP_SYMLINK_FOLLOW) != 0 ? 0 :
297247Sed	    AT_SYMLINK_NOFOLLOW, uap->fd.fd, path, UIO_SYSSPACE, &sb, NULL);
285930Sed	cloudabi_freestr(path);
285930Sed	if (error != 0)
285930Sed		return (error);
285930Sed
285930Sed	/* Convert results and return them. */
285930Sed	convert_stat(&sb, &csb);
285930Sed	if (S_ISBLK(sb.st_mode))
285930Sed		csb.st_filetype = CLOUDABI_FILETYPE_BLOCK_DEVICE;
285930Sed	else if (S_ISCHR(sb.st_mode))
285930Sed		csb.st_filetype = CLOUDABI_FILETYPE_CHARACTER_DEVICE;
285930Sed	else if (S_ISDIR(sb.st_mode))
285930Sed		csb.st_filetype = CLOUDABI_FILETYPE_DIRECTORY;
285930Sed	else if (S_ISFIFO(sb.st_mode))
285930Sed		csb.st_filetype = CLOUDABI_FILETYPE_FIFO;
285930Sed	else if (S_ISREG(sb.st_mode))
285930Sed		csb.st_filetype = CLOUDABI_FILETYPE_REGULAR_FILE;
285930Sed	else if (S_ISSOCK(sb.st_mode)) {
285930Sed		/* Inaccurate, but the best that we can do. */
285930Sed		csb.st_filetype = CLOUDABI_FILETYPE_SOCKET_STREAM;
285930Sed	} else if (S_ISLNK(sb.st_mode))
285930Sed		csb.st_filetype = CLOUDABI_FILETYPE_SYMBOLIC_LINK;
285930Sed	else
285930Sed		csb.st_filetype = CLOUDABI_FILETYPE_UNKNOWN;
285930Sed	return (copyout(&csb, uap->buf, sizeof(csb)));
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_stat_put(struct thread *td,
285307Sed    struct cloudabi_sys_file_stat_put_args *uap)
285307Sed{
285954Sed	cloudabi_filestat_t fs;
285954Sed	struct timespec ts[2];
285954Sed	char *path;
285954Sed	int error;
285307Sed
285954Sed	/*
285954Sed	 * Only support timestamp modification for now, as there is no
285954Sed	 * truncateat().
285954Sed	 */
285954Sed	if ((uap->flags & ~(CLOUDABI_FILESTAT_ATIM |
285954Sed	    CLOUDABI_FILESTAT_ATIM_NOW | CLOUDABI_FILESTAT_MTIM |
285954Sed	    CLOUDABI_FILESTAT_MTIM_NOW)) != 0)
285954Sed		return (EINVAL);
285954Sed
285954Sed	error = copyin(uap->buf, &fs, sizeof(fs));
285954Sed	if (error != 0)
285954Sed		return (error);
285954Sed	error = copyin_path(uap->path, uap->pathlen, &path);
285954Sed	if (error != 0)
285954Sed		return (error);
285954Sed
285954Sed	convert_utimens_arguments(&fs, uap->flags, ts);
297247Sed	error = kern_utimensat(td, uap->fd.fd, path, UIO_SYSSPACE, ts,
297247Sed	    UIO_SYSSPACE, (uap->fd.flags & CLOUDABI_LOOKUP_SYMLINK_FOLLOW) ?
285954Sed	    0 : AT_SYMLINK_NOFOLLOW);
285954Sed	cloudabi_freestr(path);
285954Sed	return (error);
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_symlink(struct thread *td,
285307Sed    struct cloudabi_sys_file_symlink_args *uap)
285307Sed{
285834Sed	char *path1, *path2;
285834Sed	int error;
285307Sed
285834Sed	error = copyin_path(uap->path1, uap->path1len, &path1);
285834Sed	if (error != 0)
285834Sed		return (error);
285834Sed	error = copyin_path(uap->path2, uap->path2len, &path2);
285834Sed	if (error != 0) {
285834Sed		cloudabi_freestr(path1);
285834Sed		return (error);
285834Sed	}
285834Sed
285834Sed	error = kern_symlinkat(td, path1, uap->fd, path2, UIO_SYSSPACE);
285834Sed	cloudabi_freestr(path1);
285834Sed	cloudabi_freestr(path2);
285834Sed	return (error);
285307Sed}
285307Sed
285307Sedint
285307Sedcloudabi_sys_file_unlink(struct thread *td,
285307Sed    struct cloudabi_sys_file_unlink_args *uap)
285307Sed{
285834Sed	char *path;
285834Sed	int error;
285307Sed
285834Sed	error = copyin_path(uap->path, uap->pathlen, &path);
285834Sed	if (error != 0)
285834Sed		return (error);
285834Sed
297247Sed	if (uap->flags & CLOUDABI_UNLINK_REMOVEDIR)
285834Sed		error = kern_rmdirat(td, uap->fd, path, UIO_SYSSPACE);
285834Sed	else
285834Sed		error = kern_unlinkat(td, uap->fd, path, UIO_SYSSPACE, 0);
285834Sed	cloudabi_freestr(path);
285834Sed	return (error);
285307Sed}