Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tree: 3ce188322e
Fetching contributors…

Cannot retrieve contributors at this time

1491 lines (1296 sloc) 35.946 kb
// vim: noexpandtab
/*
* Copyright (c) 2000-2008 Apple Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
* This file contains Original Code and/or Modifications of Original Code
* as defined in and that are subject to the Apple Public Source License
* Version 2.0 (the 'License'). You may not use this file except in
* compliance with the License. The rights granted to you under the License
* may not be used to create, or enable the creation or redistribution of,
* unlawful or unlicensed copies of an Apple operating system, or to
* circumvent, violate, or enable the circumvention or violation of, any
* terms of an Apple operating system software license agreement.
*
* Please obtain a copy of the License at
* http://www.opensource.apple.com/apsl/ and read it before using this file.
*
* The Original Code and all software distributed under the License are
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
* Please see the License for the specific language governing rights and
* limitations under the License.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
/* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
/*
* Copyright (c) 1994 Jan-Simon Pendry
* Copyright (c) 1994
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Jan-Simon Pendry.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)union_subr.c 8.20 (Berkeley) 5/20/95
*/
/*
* NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
* support for mandatory and extensible security protections. This notice
* is included in support of clause 2.2 (b) of the Apple Public License,
* Version 2.0.
*/
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/proc_internal.h>
#include <sys/kauth.h>
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/vnode_internal.h>
#include <sys/namei.h>
#include <sys/malloc.h>
#include <sys/file_internal.h>
#include <sys/filedesc.h>
#include <sys/queue.h>
#include <sys/mount_internal.h>
#include <sys/stat.h>
#include <sys/ubc.h>
#include <sys/uio_internal.h>
#include "union.h"
#include <sys/lock.h>
#include <sys/kdebug.h>
#if CONFIG_MACF
#include <security/mac_framework.h>
#endif
static int union_vn_close(struct vnode *vp, int fmode, vfs_context_t ctx);
/* must be power of two, otherwise change UNION_HASH() */
#define NHASH 32
/* unsigned int ... */
#define UNION_HASH(u, l) \
(((((uintptr_t) (u)) + ((uintptr_t) l)) >> 8) & (NHASH-1))
static LIST_HEAD(unhead, union_node) unhead[NHASH];
static int unvplock[NHASH];
static lck_grp_t * union_lck_grp;
static lck_grp_attr_t * union_lck_grp_attr;
static lck_attr_t * union_lck_attr;
static lck_mtx_t * union_mtxp;
static int union_dircheck(struct vnode **, struct fileproc *, vfs_context_t ctx);
static void union_newlower(struct union_node *, struct vnode *);
static void union_newupper(struct union_node *, struct vnode *);
int
union_init(__unused struct vfsconf *vfsp)
{
int i;
union_lck_grp_attr= lck_grp_attr_alloc_init();
#if DIAGNOSTIC
lck_grp_attr_setstat(union_lck_grp_attr);
#endif
union_lck_grp = lck_grp_alloc_init("union", union_lck_grp_attr);
union_lck_attr = lck_attr_alloc_init();
#if DIAGNOSTIC
lck_attr_setdebug(union_lck_attr);
#endif
union_mtxp = lck_mtx_alloc_init(union_lck_grp, union_lck_attr);
for (i = 0; i < NHASH; i++)
LIST_INIT(&unhead[i]);
bzero((caddr_t) unvplock, sizeof(unvplock));
/* add the hook for getdirentries */
union_dircheckp = union_dircheck;
return (0);
}
void
union_lock()
{
lck_mtx_lock(union_mtxp);
}
void
union_unlock()
{
lck_mtx_unlock(union_mtxp);
}
static int
union_list_lock(int ix)
{
if (unvplock[ix] & UNVP_LOCKED) {
unvplock[ix] |= UNVP_WANT;
msleep((caddr_t) &unvplock[ix], union_mtxp, PINOD, "union_list_lock", NULL);
return (1);
}
unvplock[ix] |= UNVP_LOCKED;
return (0);
}
static void
union_list_unlock(int ix)
{
unvplock[ix] &= ~UNVP_LOCKED;
if (unvplock[ix] & UNVP_WANT) {
unvplock[ix] &= ~UNVP_WANT;
wakeup((caddr_t) &unvplock[ix]);
}
}
/*
* union_updatevp:
*
* The uppervp, if not NULL, must be referenced and not locked by us
* The lowervp, if not NULL, must be referenced.
*
* If uppervp and lowervp match pointers already installed, then
* nothing happens. The passed vp's (when matching) are not adjusted.
*
* This routine may only be called by union_newupper() and
* union_newlower().
*/
/* always called with union lock held */
void
union_updatevp(struct union_node *un, struct vnode *uppervp,
struct vnode *lowervp)
{
int ohash = UNION_HASH(un->un_uppervp, un->un_lowervp);
int nhash = UNION_HASH(uppervp, lowervp);
int docache = (lowervp != NULLVP || uppervp != NULLVP);
int lhash, uhash;
vnode_t freevp;
vnode_t freedirvp;
caddr_t freepath;
/*
* Ensure locking is ordered from lower to higher
* to avoid deadlocks.
*/
if (nhash < ohash) {
lhash = nhash;
uhash = ohash;
} else {
lhash = ohash;
uhash = nhash;
}
if (lhash != uhash) {
while (union_list_lock(lhash))
continue;
}
while (union_list_lock(uhash))
continue;
if (ohash != nhash || !docache) {
if (un->un_flags & UN_CACHED) {
un->un_flags &= ~UN_CACHED;
LIST_REMOVE(un, un_cache);
}
}
if (ohash != nhash)
union_list_unlock(ohash);
if (un->un_lowervp != lowervp) {
freevp = freedirvp = NULLVP;
freepath = (caddr_t)0;
if (un->un_lowervp) {
freevp = un->un_lowervp;
un->un_lowervp = lowervp;
if (un->un_path) {
freepath = un->un_path;
un->un_path = 0;
}
if (un->un_dirvp) {
freedirvp = un->un_dirvp;
un->un_dirvp = NULLVP;
}
union_unlock();
if (freevp)
vnode_put(freevp);
if (freedirvp)
vnode_put(freedirvp);
if (freepath)
_FREE(un->un_path, M_TEMP);
union_lock();
} else
un->un_lowervp = lowervp;
if (lowervp != NULLVP)
un->un_lowervid = vnode_vid(lowervp);
un->un_lowersz = VNOVAL;
}
if (un->un_uppervp != uppervp) {
freevp = NULLVP;
if (un->un_uppervp) {
freevp = un->un_uppervp;
}
un->un_uppervp = uppervp;
if (uppervp != NULLVP)
un->un_uppervid = vnode_vid(uppervp);
un->un_uppersz = VNOVAL;
union_unlock();
if (freevp)
vnode_put(freevp);
union_lock();
}
if (docache && (ohash != nhash)) {
LIST_INSERT_HEAD(&unhead[nhash], un, un_cache);
un->un_flags |= UN_CACHED;
}
union_list_unlock(nhash);
}
/*
* Set a new lowervp. The passed lowervp must be referenced and will be
* stored in the vp in a referenced state.
*/
/* always called with union lock held */
static void
union_newlower(un, lowervp)
struct union_node *un;
struct vnode *lowervp;
{
union_updatevp(un, un->un_uppervp, lowervp);
}
/*
* Set a new uppervp. The passed uppervp must be locked and will be
* stored in the vp in a locked state. The caller should not unlock
* uppervp.
*/
/* always called with union lock held */
static void
union_newupper(un, uppervp)
struct union_node *un;
struct vnode *uppervp;
{
union_updatevp(un, uppervp, un->un_lowervp);
}
/*
* Keep track of size changes in the underlying vnodes.
* If the size changes, then callback to the vm layer
* giving priority to the upper layer size.
*/
/* always called with union lock held */
void
union_newsize(vp, uppersz, lowersz)
struct vnode *vp;
off_t uppersz, lowersz;
{
struct union_node *un;
off_t sz;
/* only interested in regular files */
if (vp->v_type != VREG)
return;
un = VTOUNION(vp);
sz = VNOVAL;
if ((uppersz != VNOVAL) && (un->un_uppersz != uppersz)) {
un->un_uppersz = uppersz;
if (sz == VNOVAL)
sz = un->un_uppersz;
}
if ((lowersz != VNOVAL) && (un->un_lowersz != lowersz)) {
un->un_lowersz = lowersz;
if (sz == VNOVAL)
sz = un->un_lowersz;
}
if (sz != VNOVAL) {
#ifdef UNION_DIAGNOSTIC
printf("union: %s size now %ld\n",
uppersz != VNOVAL ? "upper" : "lower", (long) sz);
#endif
union_unlock();
ubc_setsize(vp, sz);
union_lock();
}
}
/*
* union_allocvp: allocate a union_node and associate it with a
* parent union_node and one or two vnodes.
*
* vpp Holds the returned vnode locked and referenced if no
* error occurs.
*
* mp Holds the mount point. mp may or may not be busied.
* allocvp() makes no changes to mp.
*
* dvp Holds the parent union_node to the one we wish to create.
* XXX may only be used to traverse an uncopied lowervp-based
* tree? XXX
*
* dvp may or may not be locked. allocvp() makes no changes
* to dvp.
*
* upperdvp Holds the parent vnode to uppervp, generally used along
* with path component information to create a shadow of
* lowervp when uppervp does not exist.
*
* upperdvp is referenced but unlocked on entry, and will be
* dereferenced on return.
*
* uppervp Holds the new uppervp vnode to be stored in the
* union_node we are allocating. uppervp is referenced but
* not locked, and will be dereferenced on return.
*
* lowervp Holds the new lowervp vnode to be stored in the
* union_node we are allocating. lowervp is referenced but
* not locked, and will be dereferenced on return.
*
* cnp Holds path component information to be coupled with
* lowervp and upperdvp to allow unionfs to create an uppervp
* later on. Only used if lowervp is valid. The contents
* of cnp is only valid for the duration of the call.
*
* docache Determine whether this node should be entered in the
* cache or whether it should be destroyed as soon as possible.
*
* All union_nodes are maintained on a singly-linked
* list. New nodes are only allocated when they cannot
* be found on this list. Entries on the list are
* removed when the vfs reclaim entry is called.
*
* A single lock is kept for the entire list. This is
* needed because the getnewvnode() function can block
* waiting for a vnode to become free, in which case there
* may be more than one process trying to get the same
* vnode. This lock is only taken if we are going to
* call getnewvnode(), since the kernel itself is single-threaded.
*
* If an entry is found on the list, then call vget() to
* take a reference. This is done because there may be
* zero references to it and so it needs to removed from
* the vnode free list.
*/
/* always called with union lock held */
int
union_allocvp(struct vnode **vpp,
struct mount *mp,
struct vnode *undvp,
struct vnode *dvp,
struct componentname *cnp,
struct vnode *uppervp,
struct vnode *lowervp,
int docache)
{
int error;
struct union_node *un = NULL;
struct union_node *unp;
struct vnode *xlowervp = NULLVP;
struct union_mount *um = MOUNTTOUNIONMOUNT(mp);
int hash = 0; /* protected by docache */
int markroot;
int try;
struct vnode_fsparam vfsp;
enum vtype vtype;
if (uppervp == NULLVP && lowervp == NULLVP)
panic("union: unidentifiable allocation");
/*
* if both upper and lower vp are provided and are off different type
* consider lowervp as NULL
*/
if (uppervp && lowervp && (uppervp->v_type != lowervp->v_type)) {
xlowervp = lowervp;
lowervp = NULLVP;
}
/* detect the root vnode (and aliases) */
markroot = 0;
if ((uppervp == um->um_uppervp) &&
((lowervp == NULLVP) || lowervp == um->um_lowervp)) {
if (lowervp == NULLVP) {
lowervp = um->um_lowervp;
if (lowervp != NULLVP) {
union_unlock();
vnode_get(lowervp);
union_lock();
}
}
markroot = VROOT;
}
loop:
if (!docache) {
un = NULL;
} else for (try = 0; try < 3; try++) {
switch (try) {
case 0:
if (lowervp == NULLVP)
continue;
hash = UNION_HASH(uppervp, lowervp);
break;
case 1:
if (uppervp == NULLVP)
continue;
hash = UNION_HASH(uppervp, NULLVP);
break;
case 2:
if (lowervp == NULLVP)
continue;
/* Not sure how this path gets exercised ? */
hash = UNION_HASH(NULLVP, lowervp);
break;
}
while (union_list_lock(hash))
continue;
for (un = unhead[hash].lh_first; un != 0;
un = un->un_cache.le_next) {
if ((un->un_lowervp == lowervp ||
un->un_lowervp == NULLVP) &&
(un->un_uppervp == uppervp ||
un->un_uppervp == NULLVP) &&
(un->un_mount == mp)) {
break;
}
}
union_list_unlock(hash);
if (un)
break;
}
if (un) {
/*
* Obtain a lock on the union_node.
* uppervp is locked, though un->un_uppervp
* may not be. this doesn't break the locking
* hierarchy since in the case that un->un_uppervp
* is not yet locked it will be vnode_put'd and replaced
* with uppervp.
*/
if (un->un_flags & UN_LOCKED) {
un->un_flags |= UN_WANT;
msleep((caddr_t) &un->un_flags, union_mtxp, PINOD, "union node locked", 0);
goto loop;
}
un->un_flags |= UN_LOCKED;
union_unlock();
if (UNIONTOV(un) == NULLVP)
panic("null vnode in union node\n");
if (vnode_get(UNIONTOV(un))) {
union_lock();
un->un_flags &= ~UN_LOCKED;
if ((un->un_flags & UN_WANT) == UN_WANT) {
un->un_flags &= ~UN_LOCKED;
wakeup(&un->un_flags);
}
goto loop;
}
union_lock();
/*
* At this point, the union_node is locked,
* un->un_uppervp may not be locked, and uppervp
* is locked or nil.
*/
/*
* Save information about the upper layer.
*/
if (uppervp != un->un_uppervp) {
union_newupper(un, uppervp);
} else if (uppervp) {
union_unlock();
vnode_put(uppervp);
union_lock();
}
/*
* Save information about the lower layer.
* This needs to keep track of pathname
* and directory information which union_vn_create
* might need.
*/
if (lowervp != un->un_lowervp) {
union_newlower(un, lowervp);
if (cnp && (lowervp != NULLVP)) {
un->un_hash = cnp->cn_hash;
union_unlock();
MALLOC(un->un_path, caddr_t, cnp->cn_namelen+1,
M_TEMP, M_WAITOK);
bcopy(cnp->cn_nameptr, un->un_path,
cnp->cn_namelen);
vnode_get(dvp);
union_lock();
un->un_path[cnp->cn_namelen] = '\0';
un->un_dirvp = dvp;
}
} else if (lowervp) {
union_unlock();
vnode_put(lowervp);
union_lock();
}
*vpp = UNIONTOV(un);
un->un_flags &= ~UN_LOCKED;
if ((un->un_flags & UN_WANT) == UN_WANT) {
un->un_flags &= ~UN_WANT;
wakeup(&un->un_flags);
}
return (0);
}
if (docache) {
/*
* otherwise lock the vp list while we call getnewvnode
* since that can block.
*/
hash = UNION_HASH(uppervp, lowervp);
if (union_list_lock(hash))
goto loop;
}
union_unlock();
MALLOC(unp, void *, sizeof(struct union_node), M_TEMP, M_WAITOK);
union_lock();
bzero(unp, sizeof(struct union_node));
un = unp;
un->un_uppervp = uppervp;
if (uppervp != NULLVP)
un->un_uppervid = vnode_vid(uppervp);
un->un_uppersz = VNOVAL;
un->un_lowervp = lowervp;
if (lowervp != NULLVP)
un->un_lowervid = vnode_vid(lowervp);
un->un_lowersz = VNOVAL;
un->un_pvp = undvp;
if (undvp != NULLVP)
vnode_get(undvp);
un->un_dircache = 0;
un->un_openl = 0;
un->un_mount = mp;
un->un_flags = UN_LOCKED;
#ifdef FAULTFS
if (UNION_FAULTIN(um))
un->un_flags |= UN_FAULTFS;
#endif
if (docache) {
/* Insert with lock held */
LIST_INSERT_HEAD(&unhead[hash], un, un_cache);
un->un_flags |= UN_CACHED;
union_list_unlock(hash);
}
union_unlock();
if (uppervp)
vtype = uppervp->v_type;
else
vtype = lowervp->v_type;
bzero(&vfsp, sizeof(struct vnode_fsparam));
vfsp.vnfs_mp = mp;
vfsp.vnfs_vtype = vtype;
vfsp.vnfs_str = "unionfs";
vfsp.vnfs_dvp = undvp;
vfsp.vnfs_fsnode = unp;
vfsp.vnfs_cnp = cnp;
vfsp.vnfs_vops = union_vnodeop_p;
vfsp.vnfs_rdev = 0;
vfsp.vnfs_filesize = 0;
vfsp.vnfs_flags = VNFS_NOCACHE | VNFS_CANTCACHE;
vfsp.vnfs_marksystem = 0;
vfsp.vnfs_markroot = markroot;
error = vnode_create(VNCREATE_FLAVOR, VCREATESIZE, &vfsp, vpp);
if (error) {
/* XXXXX Is this right ???? XXXXXXX */
if (uppervp) {
vnode_put(uppervp);
}
if (lowervp)
vnode_put(lowervp);
union_lock();
if (un->un_flags & UN_CACHED) {
un->un_flags &= ~UN_CACHED;
LIST_REMOVE(un, un_cache);
}
if (docache)
union_list_unlock(hash);
FREE(unp, M_TEMP);
return (error);
}
if (cnp && (lowervp != NULLVP)) {
un->un_hash = cnp->cn_hash;
un->un_path = _MALLOC(cnp->cn_namelen+1, M_TEMP, M_WAITOK);
bcopy(cnp->cn_nameptr, un->un_path, cnp->cn_namelen);
un->un_path[cnp->cn_namelen] = '\0';
vnode_get(dvp);
un->un_dirvp = dvp;
} else {
un->un_hash = 0;
un->un_path = 0;
un->un_dirvp = 0;
}
if (xlowervp)
vnode_put(xlowervp);
union_lock();
vnode_settag(*vpp, VT_UNION);
un->un_vnode = *vpp;
if (un->un_vnode->v_type == VDIR) {
if (un->un_uppervp == NULLVP) {
panic("faulting fs and no upper vp for dir?");
}
}
un->un_flags &= ~UN_LOCKED;
if ((un->un_flags & UN_WANT) == UN_WANT) {
un->un_flags &= ~UN_WANT;
wakeup(&un->un_flags);
}
return(error);
}
/* always called with union lock held */
int
union_freevp(struct vnode *vp)
{
struct union_node *un = VTOUNION(vp);
if (un->un_flags & UN_CACHED) {
un->un_flags &= ~UN_CACHED;
LIST_REMOVE(un, un_cache);
}
union_unlock();
if (un->un_pvp != NULLVP)
vnode_put(un->un_pvp);
if (un->un_uppervp != NULLVP)
vnode_put(un->un_uppervp);
if (un->un_lowervp != NULLVP)
vnode_put(un->un_lowervp);
if (un->un_dirvp != NULLVP)
vnode_put(un->un_dirvp);
if (un->un_path)
_FREE(un->un_path, M_TEMP);
FREE(vp->v_data, M_TEMP);
vp->v_data = 0;
union_lock();
return (0);
}
/*
* copyfile. copy the vnode (fvp) to the vnode (tvp)
* using a sequence of reads and writes. both (fvp)
* and (tvp) are locked on entry and exit.
*/
/* called with no union lock held */
int
union_copyfile(struct vnode *fvp, struct vnode *tvp, vfs_context_t context)
{
char *bufp;
struct uio *auio;
char uio_buf [ UIO_SIZEOF(1) ];
int error = 0;
/*
* strategy:
* allocate a buffer of size MAXPHYSIO.
* loop doing reads and writes, keeping track
* of the current uio offset.
* give up at the first sign of trouble.
*/
auio = uio_createwithbuffer(1, 0, UIO_SYSSPACE,
UIO_READ /* will change */, &uio_buf, sizeof(uio_buf));
bufp = _MALLOC(MAXPHYSIO, M_TEMP, M_WAITOK);
if (bufp == NULL) {
return ENOMEM;
}
/* ugly loop follows... */
do {
off_t offset = uio_offset(auio);
uio_reset(auio, offset, UIO_SYSSPACE, UIO_READ);
uio_addiov(auio, (uintptr_t)bufp, MAXPHYSIO);
error = VNOP_READ(fvp, auio, 0, context);
if (error == 0) {
user_ssize_t resid = uio_resid(auio);
uio_reset(auio, offset, UIO_SYSSPACE, UIO_WRITE);
uio_addiov(auio, (uintptr_t)bufp, MAXPHYSIO - resid);
if (uio_resid(auio) == 0)
break;
do {
error = VNOP_WRITE(tvp, auio, 0, context);
} while ((uio_resid(auio) > 0) && (error == 0));
}
} while (error == 0);
_FREE(bufp, M_TEMP);
return (error);
}
/*
* (un) is assumed to be locked on entry and remains
* locked on exit.
*/
/* always called with union lock held */
int
union_copyup(struct union_node *un, int docopy, vfs_context_t context)
{
int error;
struct vnode *lvp, *uvp;
struct vnode_attr vattr;
mode_t cmode = 0;
lvp = un->un_lowervp;
union_unlock();
if (UNNODE_FAULTIN(un)) {
/* Need to inherit exec mode in faulting fs */
VATTR_INIT(&vattr);
VATTR_WANTED(&vattr, va_flags);
if (vnode_getattr(lvp, &vattr, context) == 0 )
cmode = vattr.va_mode;
}
error = union_vn_create(&uvp, un, cmode, context);
if (error) {
union_lock();
if (error == EEXIST) {
if (uvp != NULLVP) {
union_newupper(un, uvp);
error = 0;
}
}
return (error);
}
union_lock();
/* at this point, uppervp is locked */
union_newupper(un, uvp);
union_unlock();
if (docopy) {
/*
* XX - should not ignore errors
* from vnop_close
*/
error = VNOP_OPEN(lvp, FREAD, context);
if (error == 0) {
error = union_copyfile(lvp, uvp, context);
(void) VNOP_CLOSE(lvp, FREAD, context);
}
#ifdef UNION_DIAGNOSTIC
if (error == 0)
uprintf("union: copied up %s\n", un->un_path);
#endif
}
union_vn_close(uvp, FWRITE, context);
/*
* Subsequent IOs will go to the top layer, so
* call close on the lower vnode and open on the
* upper vnode to ensure that the filesystem keeps
* its references counts right. This doesn't do
* the right thing with (cred) and (FREAD) though.
* Ignoring error returns is not right, either.
*/
/* No need to hold the lock as the union node should be locked for this(it is in faultin mode) */
if (error == 0) {
int i;
for (i = 0; i < un->un_openl; i++) {
(void) VNOP_CLOSE(lvp, FREAD, context);
(void) VNOP_OPEN(uvp, FREAD, context);
}
un->un_openl = 0;
}
union_lock();
return (error);
}
int
union_faultin_copyup(struct vnode **vpp, vnode_t udvp, vnode_t lvp, struct componentname * cnp, vfs_context_t context)
{
panic("union_faultin_copyup");
return 0;
}
/*
* union_relookup:
*
* dvp should be locked on entry and will be locked on return. No
* net change in the ref count will occur.
*
* If an error is returned, *vpp will be invalid, otherwise it
* will hold a locked, referenced vnode. If *vpp == dvp then
* remember that only one exclusive lock is held.
*/
/* No union lock held for this call */
static int
union_relookup(
#ifdef XXX_HELP_ME
struct union_mount *um,
#else /* !XXX_HELP_ME */
__unused struct union_mount *um,
#endif /* !XXX_HELP_ME */
struct vnode *dvp,
struct vnode **vpp,
struct componentname *cnp,
struct componentname *cn,
char *path,
int pathlen)
{
int error;
/*
* A new componentname structure must be faked up because
* there is no way to know where the upper level cnp came
* from or what it is being used for. This must duplicate
* some of the work done by NDINIT, some of the work done
* by namei, some of the work done by lookup and some of
* the work done by vnop_lookup when given a CREATE flag.
* Conclusion: Horrible.
*/
cn->cn_namelen = pathlen;
cn->cn_pnbuf = _MALLOC_ZONE(cn->cn_namelen+1, M_NAMEI, M_WAITOK);
cn->cn_pnlen = cn->cn_namelen+1;
bcopy(path, cn->cn_pnbuf, cn->cn_namelen);
cn->cn_pnbuf[cn->cn_namelen] = '\0';
cn->cn_nameiop = CREATE;
cn->cn_flags = (HASBUF|SAVENAME|SAVESTART|ISLASTCN );
#ifdef XXX_HELP_ME
cn->cn_proc = cnp->cn_proc;
if (um->um_op == UNMNT_ABOVE)
cn->cn_cred = cnp->cn_cred;
else
cn->cn_cred = um->um_cred;
#endif
cn->cn_context = cnp->cn_context; /* XXX !UNMNT_ABOVE case ??? */
cn->cn_nameptr = cn->cn_pnbuf;
cn->cn_hash = 0;
cn->cn_consume = cnp->cn_consume;
vnode_get(dvp);
error = relookup(dvp, vpp, cn);
vnode_put(dvp);
return (error);
}
/*
* Create a shadow directory in the upper layer.
* The new vnode is returned locked.
*
* (um) points to the union mount structure for access to the
* the mounting process's credentials.
* (dvp) is the directory in which to create the shadow directory,
* It is locked (but not ref'd) on entry and return.
* (cnp) is the component name to be created.
* (vpp) is the returned newly created shadow directory, which
* is returned locked and ref'd
*/
/* No union lock held for this call */
int
union_mkshadow(um, dvp, cnp, vat, vpp)
struct union_mount *um;
struct vnode *dvp;
struct componentname *cnp;
struct vnode_attr *vat;
struct vnode **vpp;
{
return EPERM;
#if 0
int error;
struct vnode_attr va;
struct componentname cn;
bzero(&cn, sizeof(struct componentname));
error = union_relookup(um, dvp, vpp, cnp, &cn,
cnp->cn_nameptr, cnp->cn_namelen);
if (error)
goto out;
if (*vpp) {
error = EEXIST;
goto out;
}
/*
* Policy: when creating the shadow directory in the
* upper layer, create it owned by the user who did
* the mount, group from parent directory, and mode
* 777 modified by umask (ie mostly identical to the
* mkdir syscall). (jsp, kb)
*/
// screw that, it's better to use the permissions of the original directory
VATTR_INIT(&va);
VATTR_SET(&va, va_type, VDIR);
VATTR_SET(&va, va_mode, vat->va_mode/*um->um_cmode*/);
VATTR_SET(&va, va_uid, vat->va_uid);
VATTR_SET(&va, va_gid, vat->va_gid);
error = vn_create(dvp, vpp, &cn, &va, 0, 0, 0, cnp->cn_context);
out:
if ((cn.cn_flags & HASBUF) == HASBUF) {
FREE_ZONE(cn.cn_pnbuf, cn.cn_pnlen, M_NAMEI);
cn.cn_flags &= ~HASBUF;
}
return (error);
#endif
}
/*
* Create a whiteout entry in the upper layer.
*
* (um) points to the union mount structure for access to the
* the mounting process's credentials.
* (dvp) is the directory in which to create the whiteout.
* it is locked on entry and exit.
* (cnp) is the componentname to be created.
*/
/* No union lock held for this call */
int
union_mkwhiteout(um, dvp, cnp, path)
struct union_mount *um;
struct vnode *dvp;
struct componentname *cnp;
char *path;
{
return ENOENT;
int error;
struct vnode *wvp;
struct componentname cn;
bzero(&cn, sizeof(struct componentname));
error = union_relookup(um, dvp, &wvp, cnp, &cn, path, strlen(path));
if (error) {
goto out;
}
if (wvp) {
error = EEXIST;
goto out;
}
error = VNOP_WHITEOUT(dvp, &cn, CREATE, cnp->cn_context);
out:
if ((cn.cn_flags & HASBUF) == HASBUF) {
FREE_ZONE(cn.cn_pnbuf, cn.cn_pnlen, M_NAMEI);
cn.cn_flags &= ~HASBUF;
}
return (error);
}
/*
* union_vn_create: creates and opens a new shadow file
* on the upper union layer. This function is similar
* in spirit to calling vn_open() but it avoids calling namei().
* The problem with calling namei() is that a) it locks too many
* things, and b) it doesn't start at the "right" directory,
* whereas relookup() is told where to start.
*
* On entry, the vnode associated with un is locked. It remains locked
* on return.
*
* If no error occurs, *vpp contains a locked referenced vnode for your
* use. If an error occurs *vpp iis undefined.
*/
/* called with no union lock held */
int
union_vn_create(struct vnode **vpp, struct union_node *un, mode_t cmode, vfs_context_t context)
{
struct vnode *vp;
struct vnode_attr vat;
struct vnode_attr *vap = &vat;
int fmode = FFLAGS(O_WRONLY|O_CREAT|O_TRUNC|O_EXCL);
int error;
struct proc * p = vfs_context_proc(context);
struct nameidata nd;
*vpp = NULLVP;
/*if (cmode == (mode_t)0)
cmode = UN_FILEMODE & ~p->p_fd->fd_cmask;
else
cmode = cmode & ~p->p_fd->fd_cmask;*/
if(cmode == (mode_t)0)
cmode = UN_FILEMODE & ~022;
/*
* Build a new componentname structure (for the same
* reasons outlines in union_mkshadow()).
* The difference here is that the file is owned by
* the current user, rather than by the person who
* did the mount, since the current user needs to be
* able to write the file (that's why it is being
* copied in the first place).
*/
bzero(&nd, sizeof(nd));
NDINIT(&nd, CREATE, HASBUF|SAVENAME|SAVESTART|ISLASTCN|(UNNODE_FAULTIN(un)?UNIONCREATED:0), UIO_SYSSPACE, 0, context);
nd.ni_cnd.cn_namelen = strlen(un->un_path);
nd.ni_cnd.cn_pnbuf = (caddr_t) _MALLOC_ZONE(nd.ni_cnd.cn_namelen+1,
M_NAMEI, M_WAITOK);
nd.ni_cnd.cn_pnlen = nd.ni_cnd.cn_namelen+1;
bcopy(un->un_path, nd.ni_cnd.cn_pnbuf, nd.ni_cnd.cn_namelen+1);
nd.ni_cnd.cn_nameptr = nd.ni_cnd.cn_pnbuf;
nd.ni_dirp = CAST_USER_ADDR_T(nd.ni_cnd.cn_pnbuf);
nd.ni_cnd.cn_hash = un->un_hash;
nd.ni_cnd.cn_consume = 0;
/*
* Pass dvp unlocked and referenced on call to relookup().
*
* If an error occurs, dvp will be returned unlocked and dereferenced.
*/
vnode_get(un->un_dirvp);
if ((error = relookup(un->un_dirvp, &vp, &nd.ni_cnd)) != 0) {
vnode_put(un->un_dirvp);
goto out;
}
vnode_put(un->un_dirvp);
/*
* If no error occurs, dvp will be returned locked with the reference
* left as before, and vpp will be returned referenced and locked.
*/
if (vp) {
*vpp = vp;
error = EEXIST;
goto out;
}
/*
* Good - there was no race to create the file
* so go ahead and create it. The permissions
* on the file will be 0666 modified by the
* current user's umask. Access to the file, while
* it is unioned, will require access to the top *and*
* bottom files. Access when not unioned will simply
* require access to the top-level file.
*
* TODO: confirm choice of access permissions.
* decide on authorisation behaviour
*/
VATTR_INIT(vap);
VATTR_SET(vap, va_type, VREG);
VATTR_SET(vap, va_mode, cmode);
if ((error = vn_create(un->un_dirvp, &vp, &nd, vap, 0, 0, 0, context)) != 0) {
goto out;
}
if ((error = VNOP_OPEN(vp, fmode, context)) != 0) {
vnode_put(vp);
goto out;
}
vnode_lock(vp);
if (++vp->v_writecount <= 0)
panic("union: v_writecount");
vnode_unlock(vp);
*vpp = vp;
error = 0;
out:
if ((nd.ni_cnd.cn_flags & HASBUF) == HASBUF) {
FREE_ZONE(nd.ni_cnd.cn_pnbuf, nd.ni_cnd.cn_pnlen, M_NAMEI);
nd.ni_cnd.cn_flags &= ~HASBUF;
}
return(error);
}
/* called with no union lock held */
static int
union_vn_close(struct vnode *vp, int fmode, vfs_context_t context)
{
if (fmode & FWRITE) {
vnode_lock(vp);
--vp->v_writecount;
vnode_unlock(vp);
}
return (VNOP_CLOSE(vp, fmode, context));
}
/*
* union_removed_upper:
*
* An upper-only file/directory has been removed; un-cache it so
* that unionfs vnode gets reclaimed and the last uppervp reference
* disappears.
*
* Called with union_node unlocked.
*/
/* always called with union lock held */
void
union_removed_upper(un)
struct union_node *un;
{
union_newupper(un, NULLVP);
if (un->un_flags & UN_CACHED) {
un->un_flags &= ~UN_CACHED;
LIST_REMOVE(un, un_cache);
}
}
#if 0
struct vnode *
union_lowervp(vp)
struct vnode *vp;
{
struct union_node *un = VTOUNION(vp);
if ((un->un_lowervp != NULLVP) &&
(vp->v_type == un->un_lowervp->v_type)) {
if (vnode_get(un->un_lowervp) == 0)
return (un->un_lowervp);
}
return (NULLVP);
}
#endif
/*
* Determine whether a whiteout is needed
* during a remove/rmdir operation.
*/
/* called with no union lock held */
int
union_dowhiteout(struct union_node *un, vfs_context_t ctx)
{
return 0;
struct vnode_attr va;
if (UNNODE_FAULTIN(un))
return(0);
if ((un->un_lowervp != NULLVP) )
return (1);
VATTR_INIT(&va);
VATTR_WANTED(&va, va_flags);
if (vnode_getattr(un->un_uppervp, &va, ctx) == 0 &&
(va.va_flags & OPAQUE))
return (1);
return (0);
}
/* called with no union lock held */
static void
union_dircache_r(struct vnode *vp, struct vnode ***vppp, int *cntp)
{
struct union_node *un;
if (vp->v_op != union_vnodeop_p) {
if (vppp) {
vnode_get(vp);
*(*vppp)++ = vp;
if (--(*cntp) == 0)
panic("union: dircache table too small");
} else {
(*cntp)++;
}
return;
}
un = VTOUNION(vp);
if (un->un_uppervp != NULLVP)
union_dircache_r(un->un_uppervp, vppp, cntp);
if (un->un_lowervp != NULLVP)
union_dircache_r(un->un_lowervp, vppp, cntp);
}
/* called with no union lock held */
struct vnode *
union_dircache(struct vnode *vp, __unused vfs_context_t context)
{
int count;
struct vnode *nvp, *lvp;
struct vnode **vpp;
struct vnode **dircache, **newdircache;
struct union_node *un;
int error;
int alloced = 0;
union_lock();
newdircache = NULL;
nvp = NULLVP;
un = VTOUNION(vp);
dircache = un->un_dircache;
if (dircache == 0) {
union_unlock();
count = 0;
union_dircache_r(vp, 0, &count);
count++;
#if 0
/* too bad; we need Union now! */
#if MAC_XXX
panic("MAC Framework doesn't support unionfs (yet)\n");
#endif /* MAC */
#endif
dircache = (struct vnode **)
_MALLOC(count * sizeof(struct vnode *),
M_TEMP, M_WAITOK);
if (dircache == NULL) {
goto out;
}
newdircache = dircache;
alloced = 1;
vpp = dircache;
union_dircache_r(vp, &vpp, &count);
*vpp = NULLVP;
vpp = dircache + 1;
union_lock();
} else {
vpp = dircache;
do {
if (*vpp++ == un->un_uppervp)
break;
} while (*vpp != NULLVP);
}
lvp = *vpp;
union_unlock();
if (lvp == NULLVP) {
goto out;
}
vnode_get(lvp);
union_lock();
error = union_allocvp(&nvp, vp->v_mount, NULLVP, NULLVP, 0, lvp, NULLVP, 0);
if (error) {
union_unlock();
vnode_put(lvp);
goto out;
}
un->un_dircache = 0;
un = VTOUNION(nvp);
#if 0
if ((alloced != 0) && (un->un_dircache != 0)) {
union_unlock();
for (vpp = newdircache; *vpp != NULLVP; vpp++)
vnode_put(*vpp);
_FREE(newdircache, M_TEMP);
newdircache = NULL;
union_lock();
if (nvp != NULLVP)
union_freevp(nvp);
goto loop;
}
#endif
un->un_dircache = dircache;
un->un_flags |= UN_DIRENVN;
newdircache = NULL;
union_unlock();
return (nvp);
out:
/*
* If we allocated a new dircache and couldn't attach
* it to a new vp, free the resources we allocated.
*/
if (newdircache) {
for (vpp = newdircache; *vpp != NULLVP; vpp++)
vnode_put(*vpp);
_FREE(newdircache, M_TEMP);
}
return (NULLVP);
}
/*
* Module glue to remove #ifdef UNION from vfs_syscalls.c
*/
/* Called with no union lock, the union_dircache takes locks when necessary */
static int
union_dircheck(struct vnode **vpp, struct fileproc *fp, vfs_context_t ctx)
{
int error = 0;
vnode_t vp = *vpp;
if (vp->v_op == union_vnodeop_p) {
struct vnode *lvp;
lvp = union_dircache(vp, ctx);
if (lvp != NULLVP) {
struct vnode_attr va;
/*
* If the directory is opaque,
* then don't show lower entries
*/
VATTR_INIT(&va);
VATTR_WANTED(&va, va_flags);
error = vnode_getattr(vp, &va, ctx);
if (va.va_flags & OPAQUE) {
vnode_put(lvp);
lvp = NULL;
}
}
if (lvp != NULLVP) {
#if CONFIG_MACF
error = mac_vnode_check_open(ctx, lvp, FREAD);
if (error) {
vnode_put(lvp);
return(error);
}
#endif /* MAC */
error = VNOP_OPEN(lvp, FREAD, ctx);
if (error) {
vnode_put(lvp);
return(error);
}
vnode_ref(lvp);
fp->f_fglob->fg_data = (caddr_t) lvp;
fp->f_fglob->fg_offset = 0;
error = VNOP_CLOSE(vp, FREAD, ctx);
vnode_rele(vp);
vnode_put(vp);
if (error)
return(error);
*vpp = lvp;
return -1; /* goto unionread */
}
}
return error;
}
/* called from inactive with union lock held */
void
union_dircache_free(struct union_node *un)
{
struct vnode **vpp;
vpp = un->un_dircache;
un->un_dircache = NULL;
union_unlock();
for (; *vpp != NULLVP; vpp++)
vnode_put(*vpp);
_FREE(un->un_dircache, M_TEMP);
union_lock();
}
Jump to Line
Something went wrong with that request. Please try again.