union_subr.c revision 37653
1/*
2 * Copyright (c) 1994 Jan-Simon Pendry
3 * Copyright (c) 1994
4 *	The Regents of the University of California.  All rights reserved.
5 *
6 * This code is derived from software contributed to Berkeley by
7 * Jan-Simon Pendry.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 *    notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 *    notice, this list of conditions and the following disclaimer in the
16 *    documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 *    must display the following acknowledgement:
19 *	This product includes software developed by the University of
20 *	California, Berkeley and its contributors.
21 * 4. Neither the name of the University nor the names of its contributors
22 *    may be used to endorse or promote products derived from this software
23 *    without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * SUCH DAMAGE.
36 *
37 *	@(#)union_subr.c	8.20 (Berkeley) 5/20/95
38 * $Id: union_subr.c,v 1.30 1998/05/07 04:58:36 msmith Exp $
39 */
40
41#include <sys/param.h>
42#include <sys/systm.h>
43#include <sys/vnode.h>
44#include <sys/namei.h>
45#include <sys/malloc.h>
46#include <sys/fcntl.h>
47#include <sys/filedesc.h>
48#include <sys/mount.h>
49#include <sys/stat.h>
50#include <vm/vm.h>
51#include <vm/vm_extern.h>	/* for vnode_pager_setsize */
52#include <vm/vm_zone.h>
53#include <miscfs/union/union.h>
54
55#include <sys/proc.h>
56
57extern int	union_init __P((void));
58
59/* must be power of two, otherwise change UNION_HASH() */
60#define NHASH 32
61
62/* unsigned int ... */
63#define UNION_HASH(u, l) \
64	(((((uintptr_t) (u)) + ((uintptr_t) l)) >> 8) & (NHASH-1))
65
66static LIST_HEAD(unhead, union_node) unhead[NHASH];
67static int unvplock[NHASH];
68
69static void	union_dircache_r __P((struct vnode *vp, struct vnode ***vppp,
70				      int *cntp));
71static int	union_list_lock __P((int ix));
72static void	union_list_unlock __P((int ix));
73static int	union_relookup __P((struct union_mount *um, struct vnode *dvp,
74				    struct vnode **vpp,
75				    struct componentname *cnp,
76				    struct componentname *cn, char *path,
77				    int pathlen));
78static void	union_updatevp __P((struct union_node *un,
79				    struct vnode *uppervp,
80				    struct vnode *lowervp));
81static void union_newlower __P((struct union_node *, struct vnode *));
82static void union_newupper __P((struct union_node *, struct vnode *));
83static int union_copyfile __P((struct vnode *, struct vnode *,
84					struct ucred *, struct proc *));
85static int union_vn_create __P((struct vnode **, struct union_node *,
86				struct proc *));
87static int union_vn_close __P((struct vnode *, int, struct ucred *,
88				struct proc *));
89
90int
91union_init()
92{
93	int i;
94
95	for (i = 0; i < NHASH; i++)
96		LIST_INIT(&unhead[i]);
97	bzero((caddr_t) unvplock, sizeof(unvplock));
98	return (0);
99}
100
101static int
102union_list_lock(ix)
103	int ix;
104{
105
106	if (unvplock[ix] & UN_LOCKED) {
107		unvplock[ix] |= UN_WANT;
108		(void) tsleep((caddr_t) &unvplock[ix], PINOD, "unllck", 0);
109		return (1);
110	}
111
112	unvplock[ix] |= UN_LOCKED;
113
114	return (0);
115}
116
117static void
118union_list_unlock(ix)
119	int ix;
120{
121
122	unvplock[ix] &= ~UN_LOCKED;
123
124	if (unvplock[ix] & UN_WANT) {
125		unvplock[ix] &= ~UN_WANT;
126		wakeup((caddr_t) &unvplock[ix]);
127	}
128}
129
130static void
131union_updatevp(un, uppervp, lowervp)
132	struct union_node *un;
133	struct vnode *uppervp;
134	struct vnode *lowervp;
135{
136	int ohash = UNION_HASH(un->un_uppervp, un->un_lowervp);
137	int nhash = UNION_HASH(uppervp, lowervp);
138	int docache = (lowervp != NULLVP || uppervp != NULLVP);
139	int lhash, uhash;
140
141	/*
142	 * Ensure locking is ordered from lower to higher
143	 * to avoid deadlocks.
144	 */
145	if (nhash < ohash) {
146		lhash = nhash;
147		uhash = ohash;
148	} else {
149		lhash = ohash;
150		uhash = nhash;
151	}
152
153	if (lhash != uhash)
154		while (union_list_lock(lhash))
155			continue;
156
157	while (union_list_lock(uhash))
158		continue;
159
160	if (ohash != nhash || !docache) {
161		if (un->un_flags & UN_CACHED) {
162			un->un_flags &= ~UN_CACHED;
163			LIST_REMOVE(un, un_cache);
164		}
165	}
166
167	if (ohash != nhash)
168		union_list_unlock(ohash);
169
170	if (un->un_lowervp != lowervp) {
171		if (un->un_lowervp) {
172			vrele(un->un_lowervp);
173			if (un->un_path) {
174				free(un->un_path, M_TEMP);
175				un->un_path = 0;
176			}
177			if (un->un_dirvp) {
178				vrele(un->un_dirvp);
179				un->un_dirvp = NULLVP;
180			}
181		}
182		un->un_lowervp = lowervp;
183		un->un_lowersz = VNOVAL;
184	}
185
186	if (un->un_uppervp != uppervp) {
187		if (un->un_uppervp)
188			vrele(un->un_uppervp);
189
190		un->un_uppervp = uppervp;
191		un->un_uppersz = VNOVAL;
192	}
193
194	if (docache && (ohash != nhash)) {
195		LIST_INSERT_HEAD(&unhead[nhash], un, un_cache);
196		un->un_flags |= UN_CACHED;
197	}
198
199	union_list_unlock(nhash);
200}
201
202static void
203union_newlower(un, lowervp)
204	struct union_node *un;
205	struct vnode *lowervp;
206{
207
208	union_updatevp(un, un->un_uppervp, lowervp);
209}
210
211static void
212union_newupper(un, uppervp)
213	struct union_node *un;
214	struct vnode *uppervp;
215{
216
217	union_updatevp(un, uppervp, un->un_lowervp);
218}
219
220/*
221 * Keep track of size changes in the underlying vnodes.
222 * If the size changes, then callback to the vm layer
223 * giving priority to the upper layer size.
224 */
225void
226union_newsize(vp, uppersz, lowersz)
227	struct vnode *vp;
228	off_t uppersz, lowersz;
229{
230	struct union_node *un;
231	off_t sz;
232
233	/* only interested in regular files */
234	if (vp->v_type != VREG)
235		return;
236
237	un = VTOUNION(vp);
238	sz = VNOVAL;
239
240	if ((uppersz != VNOVAL) && (un->un_uppersz != uppersz)) {
241		un->un_uppersz = uppersz;
242		if (sz == VNOVAL)
243			sz = un->un_uppersz;
244	}
245
246	if ((lowersz != VNOVAL) && (un->un_lowersz != lowersz)) {
247		un->un_lowersz = lowersz;
248		if (sz == VNOVAL)
249			sz = un->un_lowersz;
250	}
251
252	if (sz != VNOVAL) {
253#ifdef UNION_DIAGNOSTIC
254		printf("union: %s size now %ld\n",
255			uppersz != VNOVAL ? "upper" : "lower", (long) sz);
256#endif
257		vnode_pager_setsize(vp, sz);
258	}
259}
260
261/*
262 * allocate a union_node/vnode pair.  the vnode is
263 * referenced and locked.  the new vnode is returned
264 * via (vpp).  (mp) is the mountpoint of the union filesystem,
265 * (dvp) is the parent directory where the upper layer object
266 * should exist (but doesn't) and (cnp) is the componentname
267 * information which is partially copied to allow the upper
268 * layer object to be created at a later time.  (uppervp)
269 * and (lowervp) reference the upper and lower layer objects
270 * being mapped.  either, but not both, can be nil.
271 * if supplied, (uppervp) is locked.
272 * the reference is either maintained in the new union_node
273 * object which is allocated, or they are vrele'd.
274 *
275 * all union_nodes are maintained on a singly-linked
276 * list.  new nodes are only allocated when they cannot
277 * be found on this list.  entries on the list are
278 * removed when the vfs reclaim entry is called.
279 *
280 * a single lock is kept for the entire list.  this is
281 * needed because the getnewvnode() function can block
282 * waiting for a vnode to become free, in which case there
283 * may be more than one process trying to get the same
284 * vnode.  this lock is only taken if we are going to
285 * call getnewvnode, since the kernel itself is single-threaded.
286 *
287 * if an entry is found on the list, then call vget() to
288 * take a reference.  this is done because there may be
289 * zero references to it and so it needs to removed from
290 * the vnode free list.
291 */
292int
293union_allocvp(vpp, mp, undvp, dvp, cnp, uppervp, lowervp, docache)
294	struct vnode **vpp;
295	struct mount *mp;
296	struct vnode *undvp;		/* parent union vnode */
297	struct vnode *dvp;		/* may be null */
298	struct componentname *cnp;	/* may be null */
299	struct vnode *uppervp;		/* may be null */
300	struct vnode *lowervp;		/* may be null */
301	int docache;
302{
303	int error;
304	struct union_node *un = 0;
305	struct vnode *xlowervp = NULLVP;
306	struct union_mount *um = MOUNTTOUNIONMOUNT(mp);
307	int hash;
308	int vflag;
309	int try;
310	int	klocked;
311
312	if (uppervp == NULLVP && lowervp == NULLVP)
313		panic("union: unidentifiable allocation");
314
315	if (uppervp && lowervp && (uppervp->v_type != lowervp->v_type)) {
316		xlowervp = lowervp;
317		lowervp = NULLVP;
318	}
319
320	/* detect the root vnode (and aliases) */
321	vflag = 0;
322	if ((uppervp == um->um_uppervp) &&
323	    ((lowervp == NULLVP) || lowervp == um->um_lowervp)) {
324		if (lowervp == NULLVP) {
325			lowervp = um->um_lowervp;
326			if (lowervp != NULLVP)
327				VREF(lowervp);
328		}
329		vflag = VROOT;
330	}
331
332loop:
333	if (!docache) {
334		un = 0;
335	} else for (try = 0; try < 3; try++) {
336		switch (try) {
337		case 0:
338			if (lowervp == NULLVP)
339				continue;
340			hash = UNION_HASH(uppervp, lowervp);
341			break;
342
343		case 1:
344			if (uppervp == NULLVP)
345				continue;
346			hash = UNION_HASH(uppervp, NULLVP);
347			break;
348
349		case 2:
350			if (lowervp == NULLVP)
351				continue;
352			hash = UNION_HASH(NULLVP, lowervp);
353			break;
354		}
355
356		while (union_list_lock(hash))
357			continue;
358
359		for (un = unhead[hash].lh_first; un != 0;
360					un = un->un_cache.le_next) {
361			if ((un->un_lowervp == lowervp ||
362			     un->un_lowervp == NULLVP) &&
363			    (un->un_uppervp == uppervp ||
364			     un->un_uppervp == NULLVP) &&
365			    (UNIONTOV(un)->v_mount == mp)) {
366				if (vget(UNIONTOV(un), 0,
367				    cnp ? cnp->cn_proc : NULL)) {
368					union_list_unlock(hash);
369					goto loop;
370				}
371				break;
372			}
373		}
374
375		union_list_unlock(hash);
376
377		if (un)
378			break;
379	}
380
381	if (un) {
382		/*
383		 * Obtain a lock on the union_node.
384		 * uppervp is locked, though un->un_uppervp
385		 * may not be.  this doesn't break the locking
386		 * hierarchy since in the case that un->un_uppervp
387		 * is not yet locked it will be vrele'd and replaced
388		 * with uppervp.
389		 */
390
391		if ((dvp != NULLVP) && (uppervp == dvp)) {
392			/*
393			 * Access ``.'', so (un) will already
394			 * be locked.  Since this process has
395			 * the lock on (uppervp) no other
396			 * process can hold the lock on (un).
397			 */
398#ifdef DIAGNOSTIC
399			if ((un->un_flags & UN_LOCKED) == 0)
400				panic("union: . not locked");
401			else if (curproc && un->un_pid != curproc->p_pid &&
402				    un->un_pid > -1 && curproc->p_pid > -1)
403				panic("union: allocvp not lock owner");
404#endif
405		} else {
406			if (un->un_flags & UN_LOCKED) {
407				vrele(UNIONTOV(un));
408				un->un_flags |= UN_WANT;
409				(void) tsleep((caddr_t) &un->un_flags, PINOD, "unalvp", 0);
410				goto loop;
411			}
412			un->un_flags |= UN_LOCKED;
413
414#ifdef DIAGNOSTIC
415			if (curproc)
416				un->un_pid = curproc->p_pid;
417			else
418				un->un_pid = -1;
419#endif
420		}
421
422		/*
423		 * At this point, the union_node is locked,
424		 * un->un_uppervp may not be locked, and uppervp
425		 * is locked or nil.
426		 */
427
428		/*
429		 * Save information about the upper layer.
430		 */
431		if (uppervp != un->un_uppervp) {
432			union_newupper(un, uppervp);
433		} else if (uppervp) {
434			vrele(uppervp);
435		}
436
437		if (un->un_uppervp) {
438			un->un_flags |= UN_ULOCK;
439			un->un_flags &= ~UN_KLOCK;
440		}
441
442		/*
443		 * Save information about the lower layer.
444		 * This needs to keep track of pathname
445		 * and directory information which union_vn_create
446		 * might need.
447		 */
448		if (lowervp != un->un_lowervp) {
449			union_newlower(un, lowervp);
450			if (cnp && (lowervp != NULLVP)) {
451				un->un_hash = cnp->cn_hash;
452				un->un_path = malloc(cnp->cn_namelen+1,
453						M_TEMP, M_WAITOK);
454				bcopy(cnp->cn_nameptr, un->un_path,
455						cnp->cn_namelen);
456				un->un_path[cnp->cn_namelen] = '\0';
457				VREF(dvp);
458				un->un_dirvp = dvp;
459			}
460		} else if (lowervp) {
461			vrele(lowervp);
462		}
463		*vpp = UNIONTOV(un);
464		return (0);
465	}
466
467	if (docache) {
468		/*
469		 * otherwise lock the vp list while we call getnewvnode
470		 * since that can block.
471		 */
472		hash = UNION_HASH(uppervp, lowervp);
473
474		if (union_list_lock(hash))
475			goto loop;
476	}
477
478	error = getnewvnode(VT_UNION, mp, union_vnodeop_p, vpp);
479	if (error) {
480		if (uppervp) {
481			if (dvp == uppervp)
482				vrele(uppervp);
483			else
484				vput(uppervp);
485		}
486		if (lowervp)
487			vrele(lowervp);
488
489		goto out;
490	}
491
492	MALLOC((*vpp)->v_data, void *, sizeof(struct union_node),
493		M_TEMP, M_WAITOK);
494
495	(*vpp)->v_flag |= vflag;
496	if (uppervp)
497		(*vpp)->v_type = uppervp->v_type;
498	else
499		(*vpp)->v_type = lowervp->v_type;
500	un = VTOUNION(*vpp);
501	un->un_vnode = *vpp;
502	un->un_uppervp = uppervp;
503	un->un_uppersz = VNOVAL;
504	un->un_lowervp = lowervp;
505	un->un_lowersz = VNOVAL;
506	un->un_pvp = undvp;
507	if (undvp != NULLVP)
508		VREF(undvp);
509	un->un_dircache = 0;
510	un->un_openl = 0;
511	un->un_flags = UN_LOCKED;
512	if (un->un_uppervp)
513		un->un_flags |= UN_ULOCK;
514#ifdef DIAGNOSTIC
515	if (curproc)
516		un->un_pid = curproc->p_pid;
517	else
518		un->un_pid = -1;
519#endif
520	if (cnp && (lowervp != NULLVP)) {
521		un->un_hash = cnp->cn_hash;
522		un->un_path = malloc(cnp->cn_namelen+1, M_TEMP, M_WAITOK);
523		bcopy(cnp->cn_nameptr, un->un_path, cnp->cn_namelen);
524		un->un_path[cnp->cn_namelen] = '\0';
525		VREF(dvp);
526		un->un_dirvp = dvp;
527	} else {
528		un->un_hash = 0;
529		un->un_path = 0;
530		un->un_dirvp = 0;
531	}
532
533	if (docache) {
534		LIST_INSERT_HEAD(&unhead[hash], un, un_cache);
535		un->un_flags |= UN_CACHED;
536	}
537
538	if (xlowervp)
539		vrele(xlowervp);
540
541out:
542	if (docache)
543		union_list_unlock(hash);
544
545	return (error);
546}
547
548int
549union_freevp(vp)
550	struct vnode *vp;
551{
552	struct union_node *un = VTOUNION(vp);
553
554	if (un->un_flags & UN_CACHED) {
555		un->un_flags &= ~UN_CACHED;
556		LIST_REMOVE(un, un_cache);
557	}
558
559	if (un->un_pvp != NULLVP)
560		vrele(un->un_pvp);
561	if (un->un_uppervp != NULLVP)
562		vrele(un->un_uppervp);
563	if (un->un_lowervp != NULLVP)
564		vrele(un->un_lowervp);
565	if (un->un_dirvp != NULLVP)
566		vrele(un->un_dirvp);
567	if (un->un_path)
568		free(un->un_path, M_TEMP);
569
570	FREE(vp->v_data, M_TEMP);
571	vp->v_data = 0;
572
573	return (0);
574}
575
576/*
577 * copyfile.  copy the vnode (fvp) to the vnode (tvp)
578 * using a sequence of reads and writes.  both (fvp)
579 * and (tvp) are locked on entry and exit.
580 */
581static int
582union_copyfile(fvp, tvp, cred, p)
583	struct vnode *fvp;
584	struct vnode *tvp;
585	struct ucred *cred;
586	struct proc *p;
587{
588	char *buf;
589	struct uio uio;
590	struct iovec iov;
591	int error = 0;
592
593	/*
594	 * strategy:
595	 * allocate a buffer of size MAXBSIZE.
596	 * loop doing reads and writes, keeping track
597	 * of the current uio offset.
598	 * give up at the first sign of trouble.
599	 */
600
601	uio.uio_procp = p;
602	uio.uio_segflg = UIO_SYSSPACE;
603	uio.uio_offset = 0;
604
605	VOP_UNLOCK(fvp, 0, p);				/* XXX */
606	VOP_LEASE(fvp, p, cred, LEASE_READ);
607	vn_lock(fvp, LK_EXCLUSIVE | LK_RETRY, p);	/* XXX */
608	VOP_UNLOCK(tvp, 0, p);				/* XXX */
609	VOP_LEASE(tvp, p, cred, LEASE_WRITE);
610	vn_lock(tvp, LK_EXCLUSIVE | LK_RETRY, p);	/* XXX */
611
612	buf = malloc(MAXBSIZE, M_TEMP, M_WAITOK);
613
614	/* ugly loop follows... */
615	do {
616		off_t offset = uio.uio_offset;
617
618		uio.uio_iov = &iov;
619		uio.uio_iovcnt = 1;
620		iov.iov_base = buf;
621		iov.iov_len = MAXBSIZE;
622		uio.uio_resid = iov.iov_len;
623		uio.uio_rw = UIO_READ;
624		error = VOP_READ(fvp, &uio, 0, cred);
625
626		if (error == 0) {
627			uio.uio_iov = &iov;
628			uio.uio_iovcnt = 1;
629			iov.iov_base = buf;
630			iov.iov_len = MAXBSIZE - uio.uio_resid;
631			uio.uio_offset = offset;
632			uio.uio_rw = UIO_WRITE;
633			uio.uio_resid = iov.iov_len;
634
635			if (uio.uio_resid == 0)
636				break;
637
638			do {
639				error = VOP_WRITE(tvp, &uio, 0, cred);
640			} while ((uio.uio_resid > 0) && (error == 0));
641		}
642
643	} while (error == 0);
644
645	free(buf, M_TEMP);
646	return (error);
647}
648
649/*
650 * (un) is assumed to be locked on entry and remains
651 * locked on exit.
652 */
653int
654union_copyup(un, docopy, cred, p)
655	struct union_node *un;
656	int docopy;
657	struct ucred *cred;
658	struct proc *p;
659{
660	int error;
661	struct vnode *lvp, *uvp;
662
663	/*
664	 * If the user does not have read permission, the vnode should not
665	 * be copied to upper layer.
666	 */
667	vn_lock(un->un_lowervp, LK_EXCLUSIVE | LK_RETRY, p);
668	error = VOP_ACCESS(un->un_lowervp, VREAD, cred, p);
669	VOP_UNLOCK(un->un_lowervp, 0, p);
670	if (error)
671		return (error);
672
673	error = union_vn_create(&uvp, un, p);
674	if (error)
675		return (error);
676
677	/* at this point, uppervp is locked */
678	union_newupper(un, uvp);
679	un->un_flags |= UN_ULOCK;
680
681	lvp = un->un_lowervp;
682
683	if (docopy) {
684		/*
685		 * XX - should not ignore errors
686		 * from VOP_CLOSE
687		 */
688		vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY, p);
689		error = VOP_OPEN(lvp, FREAD, cred, p);
690		if (error == 0) {
691			error = union_copyfile(lvp, uvp, cred, p);
692			VOP_UNLOCK(lvp, 0, p);
693			(void) VOP_CLOSE(lvp, FREAD, cred, p);
694		}
695#ifdef UNION_DIAGNOSTIC
696		if (error == 0)
697			uprintf("union: copied up %s\n", un->un_path);
698#endif
699
700	}
701	un->un_flags &= ~UN_ULOCK;
702	VOP_UNLOCK(uvp, 0, p);
703	union_vn_close(uvp, FWRITE, cred, p);
704	vn_lock(uvp, LK_EXCLUSIVE | LK_RETRY, p);
705	un->un_flags |= UN_ULOCK;
706
707	/*
708	 * Subsequent IOs will go to the top layer, so
709	 * call close on the lower vnode and open on the
710	 * upper vnode to ensure that the filesystem keeps
711	 * its references counts right.  This doesn't do
712	 * the right thing with (cred) and (FREAD) though.
713	 * Ignoring error returns is not right, either.
714	 */
715	if (error == 0) {
716		int i;
717
718		for (i = 0; i < un->un_openl; i++) {
719			(void) VOP_CLOSE(lvp, FREAD, cred, p);
720			(void) VOP_OPEN(uvp, FREAD, cred, p);
721		}
722		un->un_openl = 0;
723	}
724
725	return (error);
726
727}
728
729static int
730union_relookup(um, dvp, vpp, cnp, cn, path, pathlen)
731	struct union_mount *um;
732	struct vnode *dvp;
733	struct vnode **vpp;
734	struct componentname *cnp;
735	struct componentname *cn;
736	char *path;
737	int pathlen;
738{
739	int error;
740
741	/*
742	 * A new componentname structure must be faked up because
743	 * there is no way to know where the upper level cnp came
744	 * from or what it is being used for.  This must duplicate
745	 * some of the work done by NDINIT, some of the work done
746	 * by namei, some of the work done by lookup and some of
747	 * the work done by VOP_LOOKUP when given a CREATE flag.
748	 * Conclusion: Horrible.
749	 *
750	 * The pathname buffer will be FREEed by VOP_MKDIR.
751	 */
752	cn->cn_namelen = pathlen;
753	cn->cn_pnbuf = zalloc(namei_zone);
754	bcopy(path, cn->cn_pnbuf, cn->cn_namelen);
755	cn->cn_pnbuf[cn->cn_namelen] = '\0';
756
757	cn->cn_nameiop = CREATE;
758	cn->cn_flags = (LOCKPARENT|HASBUF|SAVENAME|SAVESTART|ISLASTCN);
759	cn->cn_proc = cnp->cn_proc;
760	if (um->um_op == UNMNT_ABOVE)
761		cn->cn_cred = cnp->cn_cred;
762	else
763		cn->cn_cred = um->um_cred;
764	cn->cn_nameptr = cn->cn_pnbuf;
765	cn->cn_hash = cnp->cn_hash;
766	cn->cn_consume = cnp->cn_consume;
767
768	VREF(dvp);
769	error = relookup(dvp, vpp, cn);
770	if (!error)
771		vrele(dvp);
772	else {
773		zfree(namei_zone, cn->cn_pnbuf);
774		cn->cn_pnbuf = '\0';
775	}
776
777	return (error);
778}
779
780/*
781 * Create a shadow directory in the upper layer.
782 * The new vnode is returned locked.
783 *
784 * (um) points to the union mount structure for access to the
785 * the mounting process's credentials.
786 * (dvp) is the directory in which to create the shadow directory.
787 * it is unlocked on entry and exit.
788 * (cnp) is the componentname to be created.
789 * (vpp) is the returned newly created shadow directory, which
790 * is returned locked.
791 */
792int
793union_mkshadow(um, dvp, cnp, vpp)
794	struct union_mount *um;
795	struct vnode *dvp;
796	struct componentname *cnp;
797	struct vnode **vpp;
798{
799	int error;
800	struct vattr va;
801	struct proc *p = cnp->cn_proc;
802	struct componentname cn;
803
804	error = union_relookup(um, dvp, vpp, cnp, &cn,
805			cnp->cn_nameptr, cnp->cn_namelen);
806	if (error)
807		return (error);
808
809	if (*vpp) {
810		VOP_ABORTOP(dvp, &cn);
811		VOP_UNLOCK(dvp, 0, p);
812		vrele(*vpp);
813		*vpp = NULLVP;
814		return (EEXIST);
815	}
816
817	/*
818	 * policy: when creating the shadow directory in the
819	 * upper layer, create it owned by the user who did
820	 * the mount, group from parent directory, and mode
821	 * 777 modified by umask (ie mostly identical to the
822	 * mkdir syscall).  (jsp, kb)
823	 */
824
825	VATTR_NULL(&va);
826	va.va_type = VDIR;
827	va.va_mode = um->um_cmode;
828
829	/* VOP_LEASE: dvp is locked */
830	VOP_LEASE(dvp, p, cn.cn_cred, LEASE_WRITE);
831
832	error = VOP_MKDIR(dvp, vpp, &cn, &va);
833	vput(dvp);
834	return (error);
835}
836
837/*
838 * Create a whiteout entry in the upper layer.
839 *
840 * (um) points to the union mount structure for access to the
841 * the mounting process's credentials.
842 * (dvp) is the directory in which to create the whiteout.
843 * it is locked on entry and exit.
844 * (cnp) is the componentname to be created.
845 */
846int
847union_mkwhiteout(um, dvp, cnp, path)
848	struct union_mount *um;
849	struct vnode *dvp;
850	struct componentname *cnp;
851	char *path;
852{
853	int error;
854	struct proc *p = cnp->cn_proc;
855	struct vnode *wvp;
856	struct componentname cn;
857
858	VOP_UNLOCK(dvp, 0, p);
859	error = union_relookup(um, dvp, &wvp, cnp, &cn, path, strlen(path));
860	if (error) {
861		vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY, p);
862		return (error);
863	}
864
865	if (wvp) {
866		VOP_ABORTOP(dvp, &cn);
867		vrele(dvp);
868		vrele(wvp);
869		return (EEXIST);
870	}
871
872	/* VOP_LEASE: dvp is locked */
873	VOP_LEASE(dvp, p, p->p_ucred, LEASE_WRITE);
874
875	error = VOP_WHITEOUT(dvp, &cn, CREATE);
876	if (error)
877		VOP_ABORTOP(dvp, &cn);
878
879	vrele(dvp);
880
881	return (error);
882}
883
884/*
885 * union_vn_create: creates and opens a new shadow file
886 * on the upper union layer.  this function is similar
887 * in spirit to calling vn_open but it avoids calling namei().
888 * the problem with calling namei is that a) it locks too many
889 * things, and b) it doesn't start at the "right" directory,
890 * whereas relookup is told where to start.
891 */
892static int
893union_vn_create(vpp, un, p)
894	struct vnode **vpp;
895	struct union_node *un;
896	struct proc *p;
897{
898	struct vnode *vp;
899	struct ucred *cred = p->p_ucred;
900	struct vattr vat;
901	struct vattr *vap = &vat;
902	int fmode = FFLAGS(O_WRONLY|O_CREAT|O_TRUNC|O_EXCL);
903	int error;
904	int cmode = UN_FILEMODE & ~p->p_fd->fd_cmask;
905	struct componentname cn;
906
907	*vpp = NULLVP;
908
909	/*
910	 * Build a new componentname structure (for the same
911	 * reasons outlines in union_mkshadow).
912	 * The difference here is that the file is owned by
913	 * the current user, rather than by the person who
914	 * did the mount, since the current user needs to be
915	 * able to write the file (that's why it is being
916	 * copied in the first place).
917	 */
918	cn.cn_namelen = strlen(un->un_path);
919	cn.cn_pnbuf = zalloc(namei_zone);
920	bcopy(un->un_path, cn.cn_pnbuf, cn.cn_namelen+1);
921	cn.cn_nameiop = CREATE;
922	cn.cn_flags = (LOCKPARENT|HASBUF|SAVENAME|SAVESTART|ISLASTCN);
923	cn.cn_proc = p;
924	cn.cn_cred = p->p_ucred;
925	cn.cn_nameptr = cn.cn_pnbuf;
926	cn.cn_hash = un->un_hash;
927	cn.cn_consume = 0;
928
929	VREF(un->un_dirvp);
930	error = relookup(un->un_dirvp, &vp, &cn);
931	if (error)
932		return (error);
933	vrele(un->un_dirvp);
934
935	if (vp) {
936		VOP_ABORTOP(un->un_dirvp, &cn);
937		if (un->un_dirvp == vp)
938			vrele(un->un_dirvp);
939		else
940			vput(un->un_dirvp);
941		vrele(vp);
942		return (EEXIST);
943	}
944
945	/*
946	 * Good - there was no race to create the file
947	 * so go ahead and create it.  The permissions
948	 * on the file will be 0666 modified by the
949	 * current user's umask.  Access to the file, while
950	 * it is unioned, will require access to the top *and*
951	 * bottom files.  Access when not unioned will simply
952	 * require access to the top-level file.
953	 * TODO: confirm choice of access permissions.
954	 */
955	VATTR_NULL(vap);
956	vap->va_type = VREG;
957	vap->va_mode = cmode;
958	VOP_LEASE(un->un_dirvp, p, cred, LEASE_WRITE);
959	error = VOP_CREATE(un->un_dirvp, &vp, &cn, vap);
960	vput(un->un_dirvp);
961	if (error)
962		return (error);
963
964	error = VOP_OPEN(vp, fmode, cred, p);
965	if (error) {
966		vput(vp);
967		return (error);
968	}
969
970	vp->v_writecount++;
971	*vpp = vp;
972	return (0);
973}
974
975static int
976union_vn_close(vp, fmode, cred, p)
977	struct vnode *vp;
978	int fmode;
979	struct ucred *cred;
980	struct proc *p;
981{
982
983	if (fmode & FWRITE)
984		--vp->v_writecount;
985	return (VOP_CLOSE(vp, fmode, cred, p));
986}
987
988void
989union_removed_upper(un)
990	struct union_node *un;
991{
992	struct proc *p = curproc;	/* XXX */
993	struct vnode **vpp;
994
995	/*
996	 * Do not set the uppervp to NULLVP.  If lowervp is NULLVP,
997	 * union node will have neither uppervp nor lowervp.  We remove
998	 * the union node from cache, so that it will not be referrenced.
999	 */
1000#if 0
1001	union_newupper(un, NULLVP);
1002#endif
1003	if (un->un_dircache != 0) {
1004		for (vpp = un->un_dircache; *vpp != NULLVP; vpp++)
1005			vrele(*vpp);
1006		free(un->un_dircache, M_TEMP);
1007		un->un_dircache = 0;
1008	}
1009
1010	if (un->un_flags & UN_CACHED) {
1011		un->un_flags &= ~UN_CACHED;
1012		LIST_REMOVE(un, un_cache);
1013	}
1014
1015	if (un->un_flags & UN_ULOCK) {
1016		un->un_flags &= ~UN_ULOCK;
1017		VOP_UNLOCK(un->un_uppervp, 0, p);
1018	}
1019}
1020
1021#if 0
1022struct vnode *
1023union_lowervp(vp)
1024	struct vnode *vp;
1025{
1026	struct union_node *un = VTOUNION(vp);
1027
1028	if ((un->un_lowervp != NULLVP) &&
1029	    (vp->v_type == un->un_lowervp->v_type)) {
1030		if (vget(un->un_lowervp, 0) == 0)
1031			return (un->un_lowervp);
1032	}
1033
1034	return (NULLVP);
1035}
1036#endif
1037
1038/*
1039 * determine whether a whiteout is needed
1040 * during a remove/rmdir operation.
1041 */
1042int
1043union_dowhiteout(un, cred, p)
1044	struct union_node *un;
1045	struct ucred *cred;
1046	struct proc *p;
1047{
1048	struct vattr va;
1049
1050	if (un->un_lowervp != NULLVP)
1051		return (1);
1052
1053	if (VOP_GETATTR(un->un_uppervp, &va, cred, p) == 0 &&
1054	    (va.va_flags & OPAQUE))
1055		return (1);
1056
1057	return (0);
1058}
1059
1060static void
1061union_dircache_r(vp, vppp, cntp)
1062	struct vnode *vp;
1063	struct vnode ***vppp;
1064	int *cntp;
1065{
1066	struct union_node *un;
1067
1068	if (vp->v_op != union_vnodeop_p) {
1069		if (vppp) {
1070			VREF(vp);
1071			*(*vppp)++ = vp;
1072			if (--(*cntp) == 0)
1073				panic("union: dircache table too small");
1074		} else {
1075			(*cntp)++;
1076		}
1077
1078		return;
1079	}
1080
1081	un = VTOUNION(vp);
1082	if (un->un_uppervp != NULLVP)
1083		union_dircache_r(un->un_uppervp, vppp, cntp);
1084	if (un->un_lowervp != NULLVP)
1085		union_dircache_r(un->un_lowervp, vppp, cntp);
1086}
1087
1088struct vnode *
1089union_dircache(vp, p)
1090	struct vnode *vp;
1091	struct proc *p;
1092{
1093	int cnt;
1094	struct vnode *nvp;
1095	struct vnode **vpp;
1096	struct vnode **dircache;
1097	struct union_node *un;
1098	int error;
1099
1100	vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, p);
1101	dircache = VTOUNION(vp)->un_dircache;
1102
1103	nvp = NULLVP;
1104
1105	if (dircache == 0) {
1106		cnt = 0;
1107		union_dircache_r(vp, 0, &cnt);
1108		cnt++;
1109		dircache = (struct vnode **)
1110				malloc(cnt * sizeof(struct vnode *),
1111					M_TEMP, M_WAITOK);
1112		vpp = dircache;
1113		union_dircache_r(vp, &vpp, &cnt);
1114		*vpp = NULLVP;
1115		vpp = dircache + 1;
1116	} else {
1117		vpp = dircache;
1118		do {
1119			if (*vpp++ == VTOUNION(vp)->un_uppervp)
1120				break;
1121		} while (*vpp != NULLVP);
1122	}
1123
1124	if (*vpp == NULLVP)
1125		goto out;
1126
1127	vn_lock(*vpp, LK_EXCLUSIVE | LK_RETRY, p);
1128	VREF(*vpp);
1129	error = union_allocvp(&nvp, vp->v_mount, NULLVP, NULLVP, 0, *vpp, NULLVP, 0);
1130	if (error)
1131		goto out;
1132
1133	VTOUNION(vp)->un_dircache = 0;
1134	un = VTOUNION(nvp);
1135	un->un_dircache = dircache;
1136
1137out:
1138	VOP_UNLOCK(vp, 0, p);
1139	return (nvp);
1140}
1141