1/* $NetBSD: union_vfsops.c,v 1.88 2024/05/18 00:04:46 thorpej Exp $ */ 2 3/* 4 * Copyright (c) 1994 The Regents of the University of California. 5 * All rights reserved. 6 * 7 * This code is derived from software donated to Berkeley by 8 * Jan-Simon Pendry. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * @(#)union_vfsops.c 8.20 (Berkeley) 5/20/95 35 */ 36 37/* 38 * Copyright (c) 1994 Jan-Simon Pendry. 39 * All rights reserved. 40 * 41 * This code is derived from software donated to Berkeley by 42 * Jan-Simon Pendry. 43 * 44 * Redistribution and use in source and binary forms, with or without 45 * modification, are permitted provided that the following conditions 46 * are met: 47 * 1. Redistributions of source code must retain the above copyright 48 * notice, this list of conditions and the following disclaimer. 49 * 2. Redistributions in binary form must reproduce the above copyright 50 * notice, this list of conditions and the following disclaimer in the 51 * documentation and/or other materials provided with the distribution. 52 * 3. All advertising materials mentioning features or use of this software 53 * must display the following acknowledgement: 54 * This product includes software developed by the University of 55 * California, Berkeley and its contributors. 56 * 4. Neither the name of the University nor the names of its contributors 57 * may be used to endorse or promote products derived from this software 58 * without specific prior written permission. 59 * 60 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 61 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 62 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 63 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 64 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 65 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 66 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 67 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 68 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 69 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 70 * SUCH DAMAGE. 71 * 72 * @(#)union_vfsops.c 8.20 (Berkeley) 5/20/95 73 */ 74 75/* 76 * Union Layer 77 */ 78 79#include <sys/cdefs.h> 80__KERNEL_RCSID(0, "$NetBSD: union_vfsops.c,v 1.88 2024/05/18 00:04:46 thorpej Exp $"); 81 82#include <sys/param.h> 83#include <sys/systm.h> 84#include <sys/sysctl.h> 85#include <sys/time.h> 86#include <sys/proc.h> 87#include <sys/vnode.h> 88#include <sys/mount.h> 89#include <sys/namei.h> 90#include <sys/filedesc.h> 91#include <sys/queue.h> 92#include <sys/stat.h> 93#include <sys/kauth.h> 94#include <sys/module.h> 95 96#include <miscfs/genfs/genfs.h> 97#include <fs/union/union.h> 98 99MODULE(MODULE_CLASS_VFS, union, NULL); 100 101/* 102 * Mount union filesystem 103 */ 104int 105union_mount(struct mount *mp, const char *path, void *data, size_t *data_len) 106{ 107 struct lwp *l = curlwp; 108 int error = 0; 109 struct union_args *args = data; 110 struct vnode *lowerrootvp = NULLVP; 111 struct vnode *upperrootvp = NULLVP; 112 struct union_mount *um = 0; 113 const char *cp; 114 char *xp; 115 int len; 116 size_t size; 117 118 if (args == NULL) 119 return EINVAL; 120 if (*data_len < sizeof *args) 121 return EINVAL; 122 123#ifdef UNION_DIAGNOSTIC 124 printf("%s(mp = %p)\n", __func__, mp); 125#endif 126 127 if (mp->mnt_flag & MNT_GETARGS) { 128 um = MOUNTTOUNIONMOUNT(mp); 129 if (um == NULL) 130 return EIO; 131 args->target = NULL; 132 args->mntflags = um->um_op; 133 *data_len = sizeof *args; 134 return 0; 135 } 136 /* 137 * Update is a no-op 138 */ 139 if (mp->mnt_flag & MNT_UPDATE) { 140 /* 141 * Need to provide. 142 * 1. a way to convert between rdonly and rdwr mounts. 143 * 2. support for nfs exports. 144 */ 145 error = EOPNOTSUPP; 146 goto bad; 147 } 148 149 lowerrootvp = mp->mnt_vnodecovered; 150 vref(lowerrootvp); 151 152 /* 153 * Find upper node. 154 */ 155 error = namei_simple_user(args->target, 156 NSM_FOLLOW_NOEMULROOT, &upperrootvp); 157 if (error != 0) 158 goto bad; 159 160 if (upperrootvp->v_type != VDIR) { 161 error = EINVAL; 162 goto bad; 163 } 164 165 um = kmem_zalloc(sizeof(*um), KM_SLEEP); 166 167 /* 168 * Keep a held reference to the target vnodes. 169 * They are vrele'd in union_unmount. 170 * 171 * Depending on the _BELOW flag, the filesystems are 172 * viewed in a different order. In effect, this is the 173 * same as providing a mount under option to the mount syscall. 174 */ 175 176 um->um_op = args->mntflags & UNMNT_OPMASK; 177 switch (um->um_op) { 178 case UNMNT_ABOVE: 179 um->um_lowervp = lowerrootvp; 180 um->um_uppervp = upperrootvp; 181 break; 182 183 case UNMNT_BELOW: 184 um->um_lowervp = upperrootvp; 185 um->um_uppervp = lowerrootvp; 186 break; 187 188 case UNMNT_REPLACE: 189 vrele(lowerrootvp); 190 lowerrootvp = NULLVP; 191 um->um_uppervp = upperrootvp; 192 um->um_lowervp = lowerrootvp; 193 break; 194 195 default: 196 error = EINVAL; 197 goto bad; 198 } 199 200 /* 201 * This mount is mp-safe if both lower mounts are mp-safe. 202 */ 203 204 if (((um->um_lowervp == NULLVP) || 205 (um->um_lowervp->v_mount->mnt_iflag & IMNT_MPSAFE)) && 206 (um->um_uppervp->v_mount->mnt_iflag & IMNT_MPSAFE)) 207 mp->mnt_iflag |= IMNT_MPSAFE; 208 209 /* 210 * Unless the mount is readonly, ensure that the top layer 211 * supports whiteout operations 212 */ 213 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 214 static struct componentname nullcn = { 215 .cn_nameiop = LOOKUP, 216 .cn_cred = NOCRED 217 }; 218 219 vn_lock(um->um_uppervp, LK_EXCLUSIVE | LK_RETRY); 220 error = VOP_WHITEOUT(um->um_uppervp, &nullcn, LOOKUP); 221 VOP_UNLOCK(um->um_uppervp); 222 if (error) 223 goto bad; 224 } 225 226 um->um_cred = l->l_cred; 227 kauth_cred_hold(um->um_cred); 228 um->um_cmode = UN_DIRMODE &~ l->l_proc->p_cwdi->cwdi_cmask; 229 230 /* 231 * Depending on what you think the MNT_LOCAL flag might mean, 232 * you may want the && to be || on the conditional below. 233 * At the moment it has been defined that the filesystem is 234 * only local if it is all local, ie the MNT_LOCAL flag implies 235 * that the entire namespace is local. If you think the MNT_LOCAL 236 * flag implies that some of the files might be stored locally 237 * then you will want to change the conditional. 238 */ 239 if (um->um_op == UNMNT_ABOVE) { 240 if (((um->um_lowervp == NULLVP) || 241 (um->um_lowervp->v_mount->mnt_flag & MNT_LOCAL)) && 242 (um->um_uppervp->v_mount->mnt_flag & MNT_LOCAL)) 243 mp->mnt_flag |= MNT_LOCAL; 244 } 245 246 /* 247 * Copy in the upper layer's RDONLY flag. This is for the benefit 248 * of lookup() which explicitly checks the flag, rather than asking 249 * the filesystem for its own opinion. This means, that an update 250 * mount of the underlying filesystem to go from rdonly to rdwr 251 * will leave the unioned view as read-only. 252 */ 253 mp->mnt_flag |= (um->um_uppervp->v_mount->mnt_flag & MNT_RDONLY); 254 255 mp->mnt_data = um; 256 vfs_getnewfsid(mp); 257 258 error = set_statvfs_info(path, UIO_USERSPACE, NULL, UIO_USERSPACE, 259 mp->mnt_op->vfs_name, mp, l); 260 if (error) 261 goto bad; 262 263 error = vfs_set_lowermount(mp, um->um_uppervp->v_mount); 264 if (error) 265 goto bad; 266 267 switch (um->um_op) { 268 case UNMNT_ABOVE: 269 cp = "<above>:"; 270 break; 271 case UNMNT_BELOW: 272 cp = "<below>:"; 273 break; 274 case UNMNT_REPLACE: 275 cp = ""; 276 break; 277 default: 278 cp = "<invalid>:"; 279#ifdef DIAGNOSTIC 280 panic("%s: bad um_op", __func__); 281#endif 282 break; 283 } 284 len = strlen(cp); 285 memcpy(mp->mnt_stat.f_mntfromname, cp, len); 286 287 xp = mp->mnt_stat.f_mntfromname + len; 288 len = MNAMELEN - len; 289 290 (void) copyinstr(args->target, xp, len - 1, &size); 291 memset(xp + size, 0, len - size); 292 293#ifdef UNION_DIAGNOSTIC 294 printf("%s: from %s, on %s\n", __func__, 295 mp->mnt_stat.f_mntfromname, mp->mnt_stat.f_mntonname); 296#endif 297 298 /* Setup the readdir hook if it's not set already */ 299 if (!vn_union_readdir_hook) 300 vn_union_readdir_hook = union_readdirhook; 301 302 return 0; 303 304bad: 305 if (um) { 306 if (um->um_cred) 307 kauth_cred_free(um->um_cred); 308 kmem_free(um, sizeof(*um)); 309 } 310 if (upperrootvp) 311 vrele(upperrootvp); 312 if (lowerrootvp) 313 vrele(lowerrootvp); 314 return error; 315} 316 317/* 318 * VFS start. Nothing needed here - the start routine 319 * on the underlying filesystem(s) will have been called 320 * when that filesystem was mounted. 321 */ 322 /*ARGSUSED*/ 323int 324union_start(struct mount *mp, int flags) 325{ 326 327 return 0; 328} 329 330/* 331 * Free reference to union layer 332 */ 333static bool 334union_unmount_selector(void *cl, struct vnode *vp) 335{ 336 int *count = cl; 337 338 KASSERT(mutex_owned(vp->v_interlock)); 339 340 *count += 1; 341 return false; 342} 343 344int 345union_unmount(struct mount *mp, int mntflags) 346{ 347 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 348 int freeing; 349 int error; 350 351#ifdef UNION_DIAGNOSTIC 352 printf("%s(mp = %p)\n", __func__, mp); 353#endif 354 355 /* 356 * Keep flushing vnodes from the mount list. 357 * This is needed because of the un_pvp held 358 * reference to the parent vnode. 359 * If more vnodes have been freed on a given pass, 360 * the try again. The loop will iterate at most 361 * (d) times, where (d) is the maximum tree depth 362 * in the filesystem. 363 */ 364 for (freeing = 0; (error = vflush(mp, NULL, 0)) != 0;) { 365 struct vnode_iterator *marker; 366 int n; 367 368 /* count #vnodes held on mount list */ 369 n = 0; 370 vfs_vnode_iterator_init(mp, &marker); 371 vfs_vnode_iterator_next(marker, union_unmount_selector, &n); 372 vfs_vnode_iterator_destroy(marker); 373 374 /* if this is unchanged then stop */ 375 if (n == freeing) 376 break; 377 378 /* otherwise try once more time */ 379 freeing = n; 380 } 381 382 /* 383 * Ok, now that we've tried doing it gently, get out the hammer. 384 */ 385 386 if (mntflags & MNT_FORCE) 387 error = vflush(mp, NULL, FORCECLOSE); 388 389 if (error) 390 return error; 391 392 /* 393 * Discard references to upper and lower target vnodes. 394 */ 395 if (um->um_lowervp) 396 vrele(um->um_lowervp); 397 vrele(um->um_uppervp); 398 kauth_cred_free(um->um_cred); 399 /* 400 * Finally, throw away the union_mount structure 401 */ 402 kmem_free(um, sizeof(*um)); 403 mp->mnt_data = NULL; 404 return 0; 405} 406 407int 408union_root(struct mount *mp, int lktype, struct vnode **vpp) 409{ 410 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 411 int error; 412 413 /* 414 * Return locked reference to root. 415 */ 416 vref(um->um_uppervp); 417 if (um->um_lowervp) 418 vref(um->um_lowervp); 419 error = union_allocvp(vpp, mp, NULL, NULL, NULL, 420 um->um_uppervp, um->um_lowervp, 1); 421 422 if (error) { 423 vrele(um->um_uppervp); 424 if (um->um_lowervp) 425 vrele(um->um_lowervp); 426 return error; 427 } 428 429 vn_lock(*vpp, lktype | LK_RETRY); 430 431 return 0; 432} 433 434int 435union_statvfs(struct mount *mp, struct statvfs *sbp) 436{ 437 int error; 438 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 439 struct statvfs *sbuf = kmem_zalloc(sizeof(*sbuf), KM_SLEEP); 440 unsigned long lbsize; 441 442#ifdef UNION_DIAGNOSTIC 443 printf("%s(mp = %p, lvp = %p, uvp = %p)\n", __func__, mp, 444 um->um_lowervp, um->um_uppervp); 445#endif 446 447 if (um->um_lowervp) { 448 error = VFS_STATVFS(um->um_lowervp->v_mount, sbuf); 449 if (error) 450 goto done; 451 } 452 453 /* now copy across the "interesting" information and fake the rest */ 454 lbsize = sbuf->f_bsize; 455 sbp->f_blocks = sbuf->f_blocks - sbuf->f_bfree; 456 sbp->f_files = sbuf->f_files - sbuf->f_ffree; 457 458 error = VFS_STATVFS(um->um_uppervp->v_mount, sbuf); 459 if (error) 460 goto done; 461 462 sbp->f_flag = sbuf->f_flag; 463 sbp->f_bsize = sbuf->f_bsize; 464 sbp->f_frsize = sbuf->f_frsize; 465 sbp->f_iosize = sbuf->f_iosize; 466 467 /* 468 * The "total" fields count total resources in all layers, 469 * the "free" fields count only those resources which are 470 * free in the upper layer (since only the upper layer 471 * is writable). 472 */ 473 474 if (sbuf->f_bsize != lbsize) 475 sbp->f_blocks = sbp->f_blocks * lbsize / sbuf->f_bsize; 476 sbp->f_blocks += sbuf->f_blocks; 477 sbp->f_bfree = sbuf->f_bfree; 478 sbp->f_bavail = sbuf->f_bavail; 479 sbp->f_bresvd = sbuf->f_bresvd; 480 sbp->f_files += sbuf->f_files; 481 sbp->f_ffree = sbuf->f_ffree; 482 sbp->f_favail = sbuf->f_favail; 483 sbp->f_fresvd = sbuf->f_fresvd; 484 485 copy_statvfs_info(sbp, mp); 486done: 487 kmem_free(sbuf, sizeof(*sbuf)); 488 return error; 489} 490 491/*ARGSUSED*/ 492int 493union_sync(struct mount *mp, int waitfor, kauth_cred_t cred) 494{ 495 496 /* 497 * XXX - Assumes no data cached at union layer. 498 */ 499 return 0; 500} 501 502/*ARGSUSED*/ 503int 504union_vget(struct mount *mp, ino_t ino, int lktype, struct vnode **vpp) 505{ 506 507 return EOPNOTSUPP; 508} 509 510static int 511union_renamelock_enter(struct mount *mp) 512{ 513 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 514 515 /* Lock just the upper fs, where the action happens. */ 516 return VFS_RENAMELOCK_ENTER(um->um_uppervp->v_mount); 517} 518 519static void 520union_renamelock_exit(struct mount *mp) 521{ 522 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 523 524 VFS_RENAMELOCK_EXIT(um->um_uppervp->v_mount); 525} 526 527extern const struct vnodeopv_desc union_vnodeop_opv_desc; 528 529const struct vnodeopv_desc * const union_vnodeopv_descs[] = { 530 &union_vnodeop_opv_desc, 531 NULL, 532}; 533 534struct vfsops union_vfsops = { 535 .vfs_name = MOUNT_UNION, 536 .vfs_min_mount_data = sizeof (struct union_args), 537 .vfs_mount = union_mount, 538 .vfs_start = union_start, 539 .vfs_unmount = union_unmount, 540 .vfs_root = union_root, 541 .vfs_quotactl = (void *)eopnotsupp, 542 .vfs_statvfs = union_statvfs, 543 .vfs_sync = union_sync, 544 .vfs_vget = union_vget, 545 .vfs_loadvnode = union_loadvnode, 546 .vfs_fhtovp = (void *)eopnotsupp, 547 .vfs_vptofh = (void *)eopnotsupp, 548 .vfs_init = union_init, 549 .vfs_reinit = union_reinit, 550 .vfs_done = union_done, 551 .vfs_snapshot = (void *)eopnotsupp, 552 .vfs_extattrctl = vfs_stdextattrctl, 553 .vfs_suspendctl = genfs_suspendctl, 554 .vfs_renamelock_enter = union_renamelock_enter, 555 .vfs_renamelock_exit = union_renamelock_exit, 556 .vfs_fsync = (void *)eopnotsupp, 557 .vfs_opv_descs = union_vnodeopv_descs 558}; 559 560SYSCTL_SETUP(unionfs_sysctl_setup, "unionfs sysctl") 561{ 562 563 sysctl_createv(clog, 0, NULL, NULL, 564 CTLFLAG_PERMANENT, 565 CTLTYPE_NODE, "union", 566 SYSCTL_DESCR("Union file system"), 567 NULL, 0, NULL, 0, 568 CTL_VFS, 15, CTL_EOL); 569 /* 570 * XXX the "15" above could be dynamic, thereby eliminating 571 * one more instance of the "number to vfs" mapping problem, 572 * but "15" is the order as taken from sys/mount.h 573 */ 574} 575 576static int 577union_modcmd(modcmd_t cmd, void *arg) 578{ 579 580 switch (cmd) { 581 case MODULE_CMD_INIT: 582 return vfs_attach(&union_vfsops); 583 case MODULE_CMD_FINI: 584 return vfs_detach(&union_vfsops); 585 default: 586 return ENOTTY; 587 } 588} 589