1 /*-
2 * modified for Lites 1.1
3 *
4 * Aug 1995, Godmar Back (gback@cs.utah.edu)
5 * University of Utah, Department of Computer Science
6 */
7 /*-
8 * Copyright (c) 1989, 1993
9 * The Regents of the University of California. All rights reserved.
10 * (c) UNIX System Laboratories, Inc.
11 * All or some portions of this file are derived from material licensed
12 * to the University of California by American Telephone and Telegraph
13 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
14 * the permission of UNIX System Laboratories, Inc.
15 *
16 * Redistribution and use in source and binary forms, with or without
17 * modification, are permitted provided that the following conditions
18 * are met:
19 * 1. Redistributions of source code must retain the above copyright
20 * notice, this list of conditions and the following disclaimer.
21 * 2. Redistributions in binary form must reproduce the above copyright
22 * notice, this list of conditions and the following disclaimer in the
23 * documentation and/or other materials provided with the distribution.
24 * 4. Neither the name of the University nor the names of its contributors
25 * may be used to endorse or promote products derived from this software
26 * without specific prior written permission.
27 *
28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 * SUCH DAMAGE.
39 *
40 * @(#)ufs_lookup.c 8.6 (Berkeley) 4/1/94
41 * $FreeBSD: releng/9.0/sys/fs/ext2fs/ext2_lookup.c 221867 2011-05-14 01:10:57Z jhb $
42 */
43
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/namei.h>
47 #include <sys/bio.h>
48 #include <sys/buf.h>
49 #include <sys/endian.h>
50 #include <sys/mount.h>
51 #include <sys/vnode.h>
52 #include <sys/malloc.h>
53 #include <sys/dirent.h>
54 #include <sys/sysctl.h>
55
56 #include <ufs/ufs/dir.h>
57
58 #include <fs/ext2fs/inode.h>
59 #include <fs/ext2fs/ext2_mount.h>
60 #include <fs/ext2fs/ext2fs.h>
61 #include <fs/ext2fs/ext2_dinode.h>
62 #include <fs/ext2fs/ext2_dir.h>
63 #include <fs/ext2fs/ext2_extern.h>
64
65 #ifdef DIAGNOSTIC
66 static int dirchk = 1;
67 #else
68 static int dirchk = 0;
69 #endif
70
71 static SYSCTL_NODE(_vfs, OID_AUTO, e2fs, CTLFLAG_RD, 0, "EXT2FS filesystem");
72 SYSCTL_INT(_vfs_e2fs, OID_AUTO, dircheck, CTLFLAG_RW, &dirchk, 0, "");
73
74 /*
75 DIRBLKSIZE in ffs is DEV_BSIZE (in most cases 512)
76 while it is the native blocksize in ext2fs - thus, a #define
77 is no longer appropriate
78 */
79 #undef DIRBLKSIZ
80
81 static u_char ext2_ft_to_dt[] = {
82 DT_UNKNOWN, /* EXT2_FT_UNKNOWN */
83 DT_REG, /* EXT2_FT_REG_FILE */
84 DT_DIR, /* EXT2_FT_DIR */
85 DT_CHR, /* EXT2_FT_CHRDEV */
86 DT_BLK, /* EXT2_FT_BLKDEV */
87 DT_FIFO, /* EXT2_FT_FIFO */
88 DT_SOCK, /* EXT2_FT_SOCK */
89 DT_LNK, /* EXT2_FT_SYMLINK */
90 };
91 #define FTTODT(ft) \
92 ((ft) > sizeof(ext2_ft_to_dt) / sizeof(ext2_ft_to_dt[0]) ? \
93 DT_UNKNOWN : ext2_ft_to_dt[(ft)])
94
95 static u_char dt_to_ext2_ft[] = {
96 EXT2_FT_UNKNOWN, /* DT_UNKNOWN */
97 EXT2_FT_FIFO, /* DT_FIFO */
98 EXT2_FT_CHRDEV, /* DT_CHR */
99 EXT2_FT_UNKNOWN, /* unused */
100 EXT2_FT_DIR, /* DT_DIR */
101 EXT2_FT_UNKNOWN, /* unused */
102 EXT2_FT_BLKDEV, /* DT_BLK */
103 EXT2_FT_UNKNOWN, /* unused */
104 EXT2_FT_REG_FILE, /* DT_REG */
105 EXT2_FT_UNKNOWN, /* unused */
106 EXT2_FT_SYMLINK, /* DT_LNK */
107 EXT2_FT_UNKNOWN, /* unused */
108 EXT2_FT_SOCK, /* DT_SOCK */
109 EXT2_FT_UNKNOWN, /* unused */
110 EXT2_FT_UNKNOWN, /* DT_WHT */
111 };
112 #define DTTOFT(dt) \
113 ((dt) > sizeof(dt_to_ext2_ft) / sizeof(dt_to_ext2_ft[0]) ? \
114 EXT2_FT_UNKNOWN : dt_to_ext2_ft[(dt)])
115
116 static int ext2_dirbadentry(struct vnode *dp, struct ext2fs_direct_2 *de,
117 int entryoffsetinblock);
118
119 /*
120 * Vnode op for reading directories.
121 *
122 * This function has to convert directory entries from the on-disk
123 * format to the format defined by <sys/dirent.h>. Unfortunately, the
124 * conversion will blow up some entries by four bytes, so it can't be
125 * done in place. Instead, the conversion is done entry by entry and
126 * the converted entry is sent via uiomove.
127 *
128 * XXX allocate a buffer, convert as many entries as possible, then send
129 * the whole buffer to uiomove
130 */
131 int
132 ext2_readdir(ap)
133 struct vop_readdir_args /* {
134 struct vnode *a_vp;
135 struct uio *a_uio;
136 struct ucred *a_cred;
137 } */ *ap;
138 {
139 struct uio *uio = ap->a_uio;
140 int count, error;
141
142 struct ext2fs_direct_2 *edp, *dp;
143 int ncookies;
144 struct dirent dstdp;
145 struct uio auio;
146 struct iovec aiov;
147 caddr_t dirbuf;
148 int DIRBLKSIZ = VTOI(ap->a_vp)->i_e2fs->e2fs_bsize;
149 int readcnt;
150 off_t startoffset = uio->uio_offset;
151
152 count = uio->uio_resid;
153 /*
154 * Avoid complications for partial directory entries by adjusting
155 * the i/o to end at a block boundary. Don't give up (like ufs
156 * does) if the initial adjustment gives a negative count, since
157 * many callers don't supply a large enough buffer. The correct
158 * size is a little larger than DIRBLKSIZ to allow for expansion
159 * of directory entries, but some callers just use 512.
160 */
161 count -= (uio->uio_offset + count) & (DIRBLKSIZ -1);
162 if (count <= 0)
163 count += DIRBLKSIZ;
164 auio = *uio;
165 auio.uio_iov = &aiov;
166 auio.uio_iovcnt = 1;
167 auio.uio_resid = count;
168 auio.uio_segflg = UIO_SYSSPACE;
169 aiov.iov_len = count;
170 dirbuf = malloc(count, M_TEMP, M_WAITOK);
171 aiov.iov_base = dirbuf;
172 error = VOP_READ(ap->a_vp, &auio, 0, ap->a_cred);
173 if (error == 0) {
174 readcnt = count - auio.uio_resid;
175 edp = (struct ext2fs_direct_2 *)&dirbuf[readcnt];
176 ncookies = 0;
177 bzero(&dstdp, offsetof(struct dirent, d_name));
178 for (dp = (struct ext2fs_direct_2 *)dirbuf;
179 !error && uio->uio_resid > 0 && dp < edp; ) {
180 /*-
181 * "New" ext2fs directory entries differ in 3 ways
182 * from ufs on-disk ones:
183 * - the name is not necessarily NUL-terminated.
184 * - the file type field always exists and always
185 * follows the name length field.
186 * - the file type is encoded in a different way.
187 *
188 * "Old" ext2fs directory entries need no special
189 * conversions, since they are binary compatible
190 * with "new" entries having a file type of 0 (i.e.,
191 * EXT2_FT_UNKNOWN). Splitting the old name length
192 * field didn't make a mess like it did in ufs,
193 * because ext2fs uses a machine-independent disk
194 * layout.
195 */
196 dstdp.d_fileno = dp->e2d_ino;
197 dstdp.d_type = FTTODT(dp->e2d_type);
198 dstdp.d_namlen = dp->e2d_namlen;
199 dstdp.d_reclen = GENERIC_DIRSIZ(&dstdp);
200 bcopy(dp->e2d_name, dstdp.d_name, dstdp.d_namlen);
201 bzero(dstdp.d_name + dstdp.d_namlen,
202 dstdp.d_reclen - offsetof(struct dirent, d_name) -
203 dstdp.d_namlen);
204
205 if (dp->e2d_reclen > 0) {
206 if(dstdp.d_reclen <= uio->uio_resid) {
207 /* advance dp */
208 dp = (struct ext2fs_direct_2 *)
209 ((char *)dp + dp->e2d_reclen);
210 error =
211 uiomove(&dstdp, dstdp.d_reclen, uio);
212 if (!error)
213 ncookies++;
214 } else
215 break;
216 } else {
217 error = EIO;
218 break;
219 }
220 }
221 /* we need to correct uio_offset */
222 uio->uio_offset = startoffset + (caddr_t)dp - dirbuf;
223
224 if (!error && ap->a_ncookies != NULL) {
225 u_long *cookiep, *cookies, *ecookies;
226 off_t off;
227
228 if (uio->uio_segflg != UIO_SYSSPACE || uio->uio_iovcnt != 1)
229 panic("ext2_readdir: unexpected uio from NFS server");
230 cookies = malloc(ncookies * sizeof(u_long), M_TEMP,
231 M_WAITOK);
232 off = startoffset;
233 for (dp = (struct ext2fs_direct_2 *)dirbuf,
234 cookiep = cookies, ecookies = cookies + ncookies;
235 cookiep < ecookies;
236 dp = (struct ext2fs_direct_2 *)((caddr_t) dp + dp->e2d_reclen)) {
237 off += dp->e2d_reclen;
238 *cookiep++ = (u_long) off;
239 }
240 *ap->a_ncookies = ncookies;
241 *ap->a_cookies = cookies;
242 }
243 }
244 free(dirbuf, M_TEMP);
245 if (ap->a_eofflag)
246 *ap->a_eofflag = VTOI(ap->a_vp)->i_size <= uio->uio_offset;
247 return (error);
248 }
249
250 /*
251 * Convert a component of a pathname into a pointer to a locked inode.
252 * This is a very central and rather complicated routine.
253 * If the file system is not maintained in a strict tree hierarchy,
254 * this can result in a deadlock situation (see comments in code below).
255 *
256 * The cnp->cn_nameiop argument is LOOKUP, CREATE, RENAME, or DELETE depending
257 * on whether the name is to be looked up, created, renamed, or deleted.
258 * When CREATE, RENAME, or DELETE is specified, information usable in
259 * creating, renaming, or deleting a directory entry may be calculated.
260 * If flag has LOCKPARENT or'ed into it and the target of the pathname
261 * exists, lookup returns both the target and its parent directory locked.
262 * When creating or renaming and LOCKPARENT is specified, the target may
263 * not be ".". When deleting and LOCKPARENT is specified, the target may
264 * be "."., but the caller must check to ensure it does an vrele and vput
265 * instead of two vputs.
266 *
267 * Overall outline of ext2_lookup:
268 *
269 * search for name in directory, to found or notfound
270 * notfound:
271 * if creating, return locked directory, leaving info on available slots
272 * else return error
273 * found:
274 * if at end of path and deleting, return information to allow delete
275 * if at end of path and rewriting (RENAME and LOCKPARENT), lock target
276 * inode and return info to allow rewrite
277 * if not at end, add name to cache; if at end and neither creating
278 * nor deleting, add name to cache
279 */
280 int
281 ext2_lookup(ap)
282 struct vop_cachedlookup_args /* {
283 struct vnode *a_dvp;
284 struct vnode **a_vpp;
285 struct componentname *a_cnp;
286 } */ *ap;
287 {
288 struct vnode *vdp; /* vnode for directory being searched */
289 struct inode *dp; /* inode for directory being searched */
290 struct buf *bp; /* a buffer of directory entries */
291 struct ext2fs_direct_2 *ep; /* the current directory entry */
292 int entryoffsetinblock; /* offset of ep in bp's buffer */
293 enum {NONE, COMPACT, FOUND} slotstatus;
294 doff_t slotoffset; /* offset of area with free space */
295 int slotsize; /* size of area at slotoffset */
296 doff_t i_diroff; /* cached i_diroff value */
297 doff_t i_offset; /* cached i_offset value */
298 int slotfreespace; /* amount of space free in slot */
299 int slotneeded; /* size of the entry we're seeking */
300 int numdirpasses; /* strategy for directory search */
301 doff_t endsearch; /* offset to end directory search */
302 doff_t prevoff; /* prev entry dp->i_offset */
303 struct vnode *pdp; /* saved dp during symlink work */
304 struct vnode *tdp; /* returned by VFS_VGET */
305 doff_t enduseful; /* pointer past last used dir slot */
306 u_long bmask; /* block offset mask */
307 int namlen, error;
308 struct vnode **vpp = ap->a_vpp;
309 struct componentname *cnp = ap->a_cnp;
310 struct ucred *cred = cnp->cn_cred;
311 int flags = cnp->cn_flags;
312 int nameiop = cnp->cn_nameiop;
313 ino_t ino;
314 int ltype;
315
316 int DIRBLKSIZ = VTOI(ap->a_dvp)->i_e2fs->e2fs_bsize;
317
318 bp = NULL;
319 slotoffset = -1;
320 *vpp = NULL;
321 vdp = ap->a_dvp;
322 dp = VTOI(vdp);
323 bmask = VFSTOEXT2(vdp->v_mount)->um_mountp->mnt_stat.f_iosize - 1;
324
325 /*
326 * We now have a segment name to search for, and a directory to search.
327 */
328
329 /*
330 * Suppress search for slots unless creating
331 * file and at end of pathname, in which case
332 * we watch for a place to put the new file in
333 * case it doesn't already exist.
334 */
335 ino = 0;
336 i_diroff = dp->i_diroff;
337 slotstatus = FOUND;
338 slotfreespace = slotsize = slotneeded = 0;
339 if ((nameiop == CREATE || nameiop == RENAME) &&
340 (flags & ISLASTCN)) {
341 slotstatus = NONE;
342 slotneeded = EXT2_DIR_REC_LEN(cnp->cn_namelen);
343 /* was
344 slotneeded = (sizeof(struct direct) - MAXNAMLEN +
345 cnp->cn_namelen + 3) &~ 3; */
346 }
347
348 /*
349 * If there is cached information on a previous search of
350 * this directory, pick up where we last left off.
351 * We cache only lookups as these are the most common
352 * and have the greatest payoff. Caching CREATE has little
353 * benefit as it usually must search the entire directory
354 * to determine that the entry does not exist. Caching the
355 * location of the last DELETE or RENAME has not reduced
356 * profiling time and hence has been removed in the interest
357 * of simplicity.
358 */
359 if (nameiop != LOOKUP || i_diroff == 0 ||
360 i_diroff > dp->i_size) {
361 entryoffsetinblock = 0;
362 i_offset = 0;
363 numdirpasses = 1;
364 } else {
365 i_offset = i_diroff;
366 if ((entryoffsetinblock = i_offset & bmask) &&
367 (error = ext2_blkatoff(vdp, (off_t)i_offset, NULL,
368 &bp)))
369 return (error);
370 numdirpasses = 2;
371 nchstats.ncs_2passes++;
372 }
373 prevoff = i_offset;
374 endsearch = roundup2(dp->i_size, DIRBLKSIZ);
375 enduseful = 0;
376
377 searchloop:
378 while (i_offset < endsearch) {
379 /*
380 * If necessary, get the next directory block.
381 */
382 if ((i_offset & bmask) == 0) {
383 if (bp != NULL)
384 brelse(bp);
385 if ((error =
386 ext2_blkatoff(vdp, (off_t)i_offset, NULL,
387 &bp)) != 0)
388 return (error);
389 entryoffsetinblock = 0;
390 }
391 /*
392 * If still looking for a slot, and at a DIRBLKSIZE
393 * boundary, have to start looking for free space again.
394 */
395 if (slotstatus == NONE &&
396 (entryoffsetinblock & (DIRBLKSIZ - 1)) == 0) {
397 slotoffset = -1;
398 slotfreespace = 0;
399 }
400 /*
401 * Get pointer to next entry.
402 * Full validation checks are slow, so we only check
403 * enough to insure forward progress through the
404 * directory. Complete checks can be run by setting
405 * "vfs.e2fs.dirchk" to be true.
406 */
407 ep = (struct ext2fs_direct_2 *)
408 ((char *)bp->b_data + entryoffsetinblock);
409 if (ep->e2d_reclen == 0 ||
410 (dirchk && ext2_dirbadentry(vdp, ep, entryoffsetinblock))) {
411 int i;
412 ext2_dirbad(dp, i_offset, "mangled entry");
413 i = DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1));
414 i_offset += i;
415 entryoffsetinblock += i;
416 continue;
417 }
418
419 /*
420 * If an appropriate sized slot has not yet been found,
421 * check to see if one is available. Also accumulate space
422 * in the current block so that we can determine if
423 * compaction is viable.
424 */
425 if (slotstatus != FOUND) {
426 int size = ep->e2d_reclen;
427
428 if (ep->e2d_ino != 0)
429 size -= EXT2_DIR_REC_LEN(ep->e2d_namlen);
430 if (size > 0) {
431 if (size >= slotneeded) {
432 slotstatus = FOUND;
433 slotoffset = i_offset;
434 slotsize = ep->e2d_reclen;
435 } else if (slotstatus == NONE) {
436 slotfreespace += size;
437 if (slotoffset == -1)
438 slotoffset = i_offset;
439 if (slotfreespace >= slotneeded) {
440 slotstatus = COMPACT;
441 slotsize = i_offset +
442 ep->e2d_reclen - slotoffset;
443 }
444 }
445 }
446 }
447
448 /*
449 * Check for a name match.
450 */
451 if (ep->e2d_ino) {
452 namlen = ep->e2d_namlen;
453 if (namlen == cnp->cn_namelen &&
454 !bcmp(cnp->cn_nameptr, ep->e2d_name,
455 (unsigned)namlen)) {
456 /*
457 * Save directory entry's inode number and
458 * reclen in ndp->ni_ufs area, and release
459 * directory buffer.
460 */
461 ino = ep->e2d_ino;
462 goto found;
463 }
464 }
465 prevoff = i_offset;
466 i_offset += ep->e2d_reclen;
467 entryoffsetinblock += ep->e2d_reclen;
468 if (ep->e2d_ino)
469 enduseful = i_offset;
470 }
471 /* notfound: */
472 /*
473 * If we started in the middle of the directory and failed
474 * to find our target, we must check the beginning as well.
475 */
476 if (numdirpasses == 2) {
477 numdirpasses--;
478 i_offset = 0;
479 endsearch = i_diroff;
480 goto searchloop;
481 }
482 dp->i_offset = i_offset;
483 if (bp != NULL)
484 brelse(bp);
485 /*
486 * If creating, and at end of pathname and current
487 * directory has not been removed, then can consider
488 * allowing file to be created.
489 */
490 if ((nameiop == CREATE || nameiop == RENAME) &&
491 (flags & ISLASTCN) && dp->i_nlink != 0) {
492 /*
493 * Access for write is interpreted as allowing
494 * creation of files in the directory.
495 */
496 if ((error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_thread)) != 0)
497 return (error);
498 /*
499 * Return an indication of where the new directory
500 * entry should be put. If we didn't find a slot,
501 * then set dp->i_count to 0 indicating
502 * that the new slot belongs at the end of the
503 * directory. If we found a slot, then the new entry
504 * can be put in the range from dp->i_offset to
505 * dp->i_offset + dp->i_count.
506 */
507 if (slotstatus == NONE) {
508 dp->i_offset = roundup2(dp->i_size, DIRBLKSIZ);
509 dp->i_count = 0;
510 enduseful = dp->i_offset;
511 } else {
512 dp->i_offset = slotoffset;
513 dp->i_count = slotsize;
514 if (enduseful < slotoffset + slotsize)
515 enduseful = slotoffset + slotsize;
516 }
517 dp->i_endoff = roundup2(enduseful, DIRBLKSIZ);
518 dp->i_flag |= IN_CHANGE | IN_UPDATE;
519 /*
520 * We return with the directory locked, so that
521 * the parameters we set up above will still be
522 * valid if we actually decide to do a direnter().
523 * We return ni_vp == NULL to indicate that the entry
524 * does not currently exist; we leave a pointer to
525 * the (locked) directory inode in ndp->ni_dvp.
526 * The pathname buffer is saved so that the name
527 * can be obtained later.
528 *
529 * NB - if the directory is unlocked, then this
530 * information cannot be used.
531 */
532 cnp->cn_flags |= SAVENAME;
533 return (EJUSTRETURN);
534 }
535 /*
536 * Insert name into cache (as non-existent) if appropriate.
537 */
538 if ((cnp->cn_flags & MAKEENTRY) && nameiop != CREATE)
539 cache_enter(vdp, *vpp, cnp);
540 return (ENOENT);
541
542 found:
543 if (numdirpasses == 2)
544 nchstats.ncs_pass2++;
545 /*
546 * Check that directory length properly reflects presence
547 * of this entry.
548 */
549 if (entryoffsetinblock + EXT2_DIR_REC_LEN(ep->e2d_namlen)
550 > dp->i_size) {
551 ext2_dirbad(dp, i_offset, "i_size too small");
552 dp->i_size = entryoffsetinblock+EXT2_DIR_REC_LEN(ep->e2d_namlen);
553 dp->i_flag |= IN_CHANGE | IN_UPDATE;
554 }
555 brelse(bp);
556
557 /*
558 * Found component in pathname.
559 * If the final component of path name, save information
560 * in the cache as to where the entry was found.
561 */
562 if ((flags & ISLASTCN) && nameiop == LOOKUP)
563 dp->i_diroff = i_offset &~ (DIRBLKSIZ - 1);
564 dp->i_offset = i_offset;
565 /*
566 * If deleting, and at end of pathname, return
567 * parameters which can be used to remove file.
568 */
569 if (nameiop == DELETE && (flags & ISLASTCN)) {
570 /*
571 * Write access to directory required to delete files.
572 */
573 if ((error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_thread)) != 0)
574 return (error);
575 /*
576 * Return pointer to current entry in dp->i_offset,
577 * and distance past previous entry (if there
578 * is a previous entry in this block) in dp->i_count.
579 * Save directory inode pointer in ndp->ni_dvp for dirremove().
580 */
581 if ((dp->i_offset & (DIRBLKSIZ - 1)) == 0)
582 dp->i_count = 0;
583 else
584 dp->i_count = dp->i_offset - prevoff;
585 if (dp->i_number == ino) {
586 VREF(vdp);
587 *vpp = vdp;
588 return (0);
589 }
590 if ((error = VFS_VGET(vdp->v_mount, ino, LK_EXCLUSIVE,
591 &tdp)) != 0)
592 return (error);
593 /*
594 * If directory is "sticky", then user must own
595 * the directory, or the file in it, else she
596 * may not delete it (unless she's root). This
597 * implements append-only directories.
598 */
599 if ((dp->i_mode & ISVTX) &&
600 cred->cr_uid != 0 &&
601 cred->cr_uid != dp->i_uid &&
602 VTOI(tdp)->i_uid != cred->cr_uid) {
603 vput(tdp);
604 return (EPERM);
605 }
606 *vpp = tdp;
607 return (0);
608 }
609
610 /*
611 * If rewriting (RENAME), return the inode and the
612 * information required to rewrite the present directory
613 * Must get inode of directory entry to verify it's a
614 * regular file, or empty directory.
615 */
616 if (nameiop == RENAME && (flags & ISLASTCN)) {
617 if ((error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_thread)) != 0)
618 return (error);
619 /*
620 * Careful about locking second inode.
621 * This can only occur if the target is ".".
622 */
623 if (dp->i_number == ino)
624 return (EISDIR);
625 if ((error = VFS_VGET(vdp->v_mount, ino, LK_EXCLUSIVE,
626 &tdp)) != 0)
627 return (error);
628 *vpp = tdp;
629 cnp->cn_flags |= SAVENAME;
630 return (0);
631 }
632
633 /*
634 * Step through the translation in the name. We do not `vput' the
635 * directory because we may need it again if a symbolic link
636 * is relative to the current directory. Instead we save it
637 * unlocked as "pdp". We must get the target inode before unlocking
638 * the directory to insure that the inode will not be removed
639 * before we get it. We prevent deadlock by always fetching
640 * inodes from the root, moving down the directory tree. Thus
641 * when following backward pointers ".." we must unlock the
642 * parent directory before getting the requested directory.
643 * There is a potential race condition here if both the current
644 * and parent directories are removed before the VFS_VGET for the
645 * inode associated with ".." returns. We hope that this occurs
646 * infrequently since we cannot avoid this race condition without
647 * implementing a sophisticated deadlock detection algorithm.
648 * Note also that this simple deadlock detection scheme will not
649 * work if the file system has any hard links other than ".."
650 * that point backwards in the directory structure.
651 */
652 pdp = vdp;
653 if (flags & ISDOTDOT) {
654 ltype = VOP_ISLOCKED(pdp);
655 VOP_UNLOCK(pdp, 0); /* race to get the inode */
656 error = VFS_VGET(vdp->v_mount, ino, cnp->cn_lkflags, &tdp);
657 vn_lock(pdp, ltype | LK_RETRY);
658 if (error != 0)
659 return (error);
660 *vpp = tdp;
661 } else if (dp->i_number == ino) {
662 VREF(vdp); /* we want ourself, ie "." */
663 /*
664 * When we lookup "." we still can be asked to lock it
665 * differently.
666 */
667 ltype = cnp->cn_lkflags & LK_TYPE_MASK;
668 if (ltype != VOP_ISLOCKED(vdp)) {
669 if (ltype == LK_EXCLUSIVE)
670 vn_lock(vdp, LK_UPGRADE | LK_RETRY);
671 else /* if (ltype == LK_SHARED) */
672 vn_lock(vdp, LK_DOWNGRADE | LK_RETRY);
673 }
674 *vpp = vdp;
675 } else {
676 if ((error = VFS_VGET(vdp->v_mount, ino, cnp->cn_lkflags,
677 &tdp)) != 0)
678 return (error);
679 *vpp = tdp;
680 }
681
682 /*
683 * Insert name into cache if appropriate.
684 */
685 if (cnp->cn_flags & MAKEENTRY)
686 cache_enter(vdp, *vpp, cnp);
687 return (0);
688 }
689
690 void
691 ext2_dirbad(ip, offset, how)
692 struct inode *ip;
693 doff_t offset;
694 char *how;
695 {
696 struct mount *mp;
697
698 mp = ITOV(ip)->v_mount;
699 if ((mp->mnt_flag & MNT_RDONLY) == 0)
700 panic("ext2_dirbad: %s: bad dir ino %lu at offset %ld: %s\n",
701 mp->mnt_stat.f_mntonname, (u_long)ip->i_number,(long)offset, how);
702 else
703 (void)printf("%s: bad dir ino %lu at offset %ld: %s\n",
704 mp->mnt_stat.f_mntonname, (u_long)ip->i_number, (long)offset, how);
705
706 }
707
708 /*
709 * Do consistency checking on a directory entry:
710 * record length must be multiple of 4
711 * entry must fit in rest of its DIRBLKSIZ block
712 * record must be large enough to contain entry
713 * name is not longer than MAXNAMLEN
714 * name must be as long as advertised, and null terminated
715 */
716 /*
717 * changed so that it confirms to ext2_check_dir_entry
718 */
719 static int
720 ext2_dirbadentry(dp, de, entryoffsetinblock)
721 struct vnode *dp;
722 struct ext2fs_direct_2 *de;
723 int entryoffsetinblock;
724 {
725 int DIRBLKSIZ = VTOI(dp)->i_e2fs->e2fs_bsize;
726
727 char * error_msg = NULL;
728
729 if (de->e2d_reclen < EXT2_DIR_REC_LEN(1))
730 error_msg = "rec_len is smaller than minimal";
731 else if (de->e2d_reclen % 4 != 0)
732 error_msg = "rec_len % 4 != 0";
733 else if (de->e2d_reclen < EXT2_DIR_REC_LEN(de->e2d_namlen))
734 error_msg = "reclen is too small for name_len";
735 else if (entryoffsetinblock + de->e2d_reclen > DIRBLKSIZ)
736 error_msg = "directory entry across blocks";
737 /* else LATER
738 if (de->inode > dir->i_sb->u.ext2_sb.s_es->s_inodes_count)
739 error_msg = "inode out of bounds";
740 */
741
742 if (error_msg != NULL) {
743 printf("bad directory entry: %s\n", error_msg);
744 printf("offset=%d, inode=%lu, rec_len=%u, name_len=%u\n",
745 entryoffsetinblock, (unsigned long)de->e2d_ino,
746 de->e2d_reclen, de->e2d_namlen);
747 }
748 return error_msg == NULL ? 0 : 1;
749 }
750
751 /*
752 * Write a directory entry after a call to namei, using the parameters
753 * that it left in nameidata. The argument ip is the inode which the new
754 * directory entry will refer to. Dvp is a pointer to the directory to
755 * be written, which was left locked by namei. Remaining parameters
756 * (dp->i_offset, dp->i_count) indicate how the space for the new
757 * entry is to be obtained.
758 */
759 int
760 ext2_direnter(ip, dvp, cnp)
761 struct inode *ip;
762 struct vnode *dvp;
763 struct componentname *cnp;
764 {
765 struct ext2fs_direct_2 *ep, *nep;
766 struct inode *dp;
767 struct buf *bp;
768 struct ext2fs_direct_2 newdir;
769 struct iovec aiov;
770 struct uio auio;
771 u_int dsize;
772 int error, loc, newentrysize, spacefree;
773 char *dirbuf;
774 int DIRBLKSIZ = ip->i_e2fs->e2fs_bsize;
775
776
777 #ifdef DIAGNOSTIC
778 if ((cnp->cn_flags & SAVENAME) == 0)
779 panic("direnter: missing name");
780 #endif
781 dp = VTOI(dvp);
782 newdir.e2d_ino = ip->i_number;
783 newdir.e2d_namlen = cnp->cn_namelen;
784 if (EXT2_HAS_INCOMPAT_FEATURE(ip->i_e2fs,
785 EXT2F_INCOMPAT_FTYPE))
786 newdir.e2d_type = DTTOFT(IFTODT(ip->i_mode));
787 else
788 newdir.e2d_type = EXT2_FT_UNKNOWN;
789 bcopy(cnp->cn_nameptr, newdir.e2d_name, (unsigned)cnp->cn_namelen + 1);
790 newentrysize = EXT2_DIR_REC_LEN(newdir.e2d_namlen);
791 if (dp->i_count == 0) {
792 /*
793 * If dp->i_count is 0, then namei could find no
794 * space in the directory. Here, dp->i_offset will
795 * be on a directory block boundary and we will write the
796 * new entry into a fresh block.
797 */
798 if (dp->i_offset & (DIRBLKSIZ - 1))
799 panic("ext2_direnter: newblk");
800 auio.uio_offset = dp->i_offset;
801 newdir.e2d_reclen = DIRBLKSIZ;
802 auio.uio_resid = newentrysize;
803 aiov.iov_len = newentrysize;
804 aiov.iov_base = (caddr_t)&newdir;
805 auio.uio_iov = &aiov;
806 auio.uio_iovcnt = 1;
807 auio.uio_rw = UIO_WRITE;
808 auio.uio_segflg = UIO_SYSSPACE;
809 auio.uio_td = (struct thread *)0;
810 error = VOP_WRITE(dvp, &auio, IO_SYNC, cnp->cn_cred);
811 if (DIRBLKSIZ >
812 VFSTOEXT2(dvp->v_mount)->um_mountp->mnt_stat.f_bsize)
813 /* XXX should grow with balloc() */
814 panic("ext2_direnter: frag size");
815 else if (!error) {
816 dp->i_size = roundup2(dp->i_size, DIRBLKSIZ);
817 dp->i_flag |= IN_CHANGE;
818 }
819 return (error);
820 }
821
822 /*
823 * If dp->i_count is non-zero, then namei found space
824 * for the new entry in the range dp->i_offset to
825 * dp->i_offset + dp->i_count in the directory.
826 * To use this space, we may have to compact the entries located
827 * there, by copying them together towards the beginning of the
828 * block, leaving the free space in one usable chunk at the end.
829 */
830
831 /*
832 * Increase size of directory if entry eats into new space.
833 * This should never push the size past a new multiple of
834 * DIRBLKSIZE.
835 *
836 * N.B. - THIS IS AN ARTIFACT OF 4.2 AND SHOULD NEVER HAPPEN.
837 */
838 if (dp->i_offset + dp->i_count > dp->i_size)
839 dp->i_size = dp->i_offset + dp->i_count;
840 /*
841 * Get the block containing the space for the new directory entry.
842 */
843 if ((error = ext2_blkatoff(dvp, (off_t)dp->i_offset, &dirbuf,
844 &bp)) != 0)
845 return (error);
846 /*
847 * Find space for the new entry. In the simple case, the entry at
848 * offset base will have the space. If it does not, then namei
849 * arranged that compacting the region dp->i_offset to
850 * dp->i_offset + dp->i_count would yield the
851 * space.
852 */
853 ep = (struct ext2fs_direct_2 *)dirbuf;
854 dsize = EXT2_DIR_REC_LEN(ep->e2d_namlen);
855 spacefree = ep->e2d_reclen - dsize;
856 for (loc = ep->e2d_reclen; loc < dp->i_count; ) {
857 nep = (struct ext2fs_direct_2 *)(dirbuf + loc);
858 if (ep->e2d_ino) {
859 /* trim the existing slot */
860 ep->e2d_reclen = dsize;
861 ep = (struct ext2fs_direct_2 *)((char *)ep + dsize);
862 } else {
863 /* overwrite; nothing there; header is ours */
864 spacefree += dsize;
865 }
866 dsize = EXT2_DIR_REC_LEN(nep->e2d_namlen);
867 spacefree += nep->e2d_reclen - dsize;
868 loc += nep->e2d_reclen;
869 bcopy((caddr_t)nep, (caddr_t)ep, dsize);
870 }
871 /*
872 * Update the pointer fields in the previous entry (if any),
873 * copy in the new entry, and write out the block.
874 */
875 if (ep->e2d_ino == 0) {
876 if (spacefree + dsize < newentrysize)
877 panic("ext2_direnter: compact1");
878 newdir.e2d_reclen = spacefree + dsize;
879 } else {
880 if (spacefree < newentrysize)
881 panic("ext2_direnter: compact2");
882 newdir.e2d_reclen = spacefree;
883 ep->e2d_reclen = dsize;
884 ep = (struct ext2fs_direct_2 *)((char *)ep + dsize);
885 }
886 bcopy((caddr_t)&newdir, (caddr_t)ep, (u_int)newentrysize);
887 if (DOINGASYNC(dvp)) {
888 bdwrite(bp);
889 error = 0;
890 } else {
891 error = bwrite(bp);
892 }
893 dp->i_flag |= IN_CHANGE | IN_UPDATE;
894 if (!error && dp->i_endoff && dp->i_endoff < dp->i_size)
895 error = ext2_truncate(dvp, (off_t)dp->i_endoff, IO_SYNC,
896 cnp->cn_cred, cnp->cn_thread);
897 return (error);
898 }
899
900 /*
901 * Remove a directory entry after a call to namei, using
902 * the parameters which it left in nameidata. The entry
903 * dp->i_offset contains the offset into the directory of the
904 * entry to be eliminated. The dp->i_count field contains the
905 * size of the previous record in the directory. If this
906 * is 0, the first entry is being deleted, so we need only
907 * zero the inode number to mark the entry as free. If the
908 * entry is not the first in the directory, we must reclaim
909 * the space of the now empty record by adding the record size
910 * to the size of the previous entry.
911 */
912 int
913 ext2_dirremove(dvp, cnp)
914 struct vnode *dvp;
915 struct componentname *cnp;
916 {
917 struct inode *dp;
918 struct ext2fs_direct_2 *ep, *rep;
919 struct buf *bp;
920 int error;
921
922 dp = VTOI(dvp);
923 if (dp->i_count == 0) {
924 /*
925 * First entry in block: set d_ino to zero.
926 */
927 if ((error =
928 ext2_blkatoff(dvp, (off_t)dp->i_offset, (char **)&ep,
929 &bp)) != 0)
930 return (error);
931 ep->e2d_ino = 0;
932 error = bwrite(bp);
933 dp->i_flag |= IN_CHANGE | IN_UPDATE;
934 return (error);
935 }
936 /*
937 * Collapse new free space into previous entry.
938 */
939 if ((error = ext2_blkatoff(dvp, (off_t)(dp->i_offset - dp->i_count),
940 (char **)&ep, &bp)) != 0)
941 return (error);
942
943 /* Set 'rep' to the entry being removed. */
944 if (dp->i_count == 0)
945 rep = ep;
946 else
947 rep = (struct ext2fs_direct_2 *)((char *)ep + ep->e2d_reclen);
948 ep->e2d_reclen += rep->e2d_reclen;
949 if (DOINGASYNC(dvp) && dp->i_count != 0)
950 bdwrite(bp);
951 else
952 error = bwrite(bp);
953 dp->i_flag |= IN_CHANGE | IN_UPDATE;
954 return (error);
955 }
956
957 /*
958 * Rewrite an existing directory entry to point at the inode
959 * supplied. The parameters describing the directory entry are
960 * set up by a call to namei.
961 */
962 int
963 ext2_dirrewrite(dp, ip, cnp)
964 struct inode *dp, *ip;
965 struct componentname *cnp;
966 {
967 struct buf *bp;
968 struct ext2fs_direct_2 *ep;
969 struct vnode *vdp = ITOV(dp);
970 int error;
971
972 if ((error = ext2_blkatoff(vdp, (off_t)dp->i_offset, (char **)&ep,
973 &bp)) != 0)
974 return (error);
975 ep->e2d_ino = ip->i_number;
976 if (EXT2_HAS_INCOMPAT_FEATURE(ip->i_e2fs,
977 EXT2F_INCOMPAT_FTYPE))
978 ep->e2d_type = DTTOFT(IFTODT(ip->i_mode));
979 else
980 ep->e2d_type = EXT2_FT_UNKNOWN;
981 error = bwrite(bp);
982 dp->i_flag |= IN_CHANGE | IN_UPDATE;
983 return (error);
984 }
985
986 /*
987 * Check if a directory is empty or not.
988 * Inode supplied must be locked.
989 *
990 * Using a struct dirtemplate here is not precisely
991 * what we want, but better than using a struct direct.
992 *
993 * NB: does not handle corrupted directories.
994 */
995 int
996 ext2_dirempty(ip, parentino, cred)
997 struct inode *ip;
998 ino_t parentino;
999 struct ucred *cred;
1000 {
1001 off_t off;
1002 struct dirtemplate dbuf;
1003 struct ext2fs_direct_2 *dp = (struct ext2fs_direct_2 *)&dbuf;
1004 int error, count, namlen;
1005 #define MINDIRSIZ (sizeof (struct dirtemplate) / 2)
1006
1007 for (off = 0; off < ip->i_size; off += dp->e2d_reclen) {
1008 error = vn_rdwr(UIO_READ, ITOV(ip), (caddr_t)dp, MINDIRSIZ,
1009 off, UIO_SYSSPACE, IO_NODELOCKED | IO_NOMACCHECK, cred,
1010 NOCRED, &count, (struct thread *)0);
1011 /*
1012 * Since we read MINDIRSIZ, residual must
1013 * be 0 unless we're at end of file.
1014 */
1015 if (error || count != 0)
1016 return (0);
1017 /* avoid infinite loops */
1018 if (dp->e2d_reclen == 0)
1019 return (0);
1020 /* skip empty entries */
1021 if (dp->e2d_ino == 0)
1022 continue;
1023 /* accept only "." and ".." */
1024 namlen = dp->e2d_namlen;
1025 if (namlen > 2)
1026 return (0);
1027 if (dp->e2d_name[0] != '.')
1028 return (0);
1029 /*
1030 * At this point namlen must be 1 or 2.
1031 * 1 implies ".", 2 implies ".." if second
1032 * char is also "."
1033 */
1034 if (namlen == 1)
1035 continue;
1036 if (dp->e2d_name[1] == '.' && dp->e2d_ino == parentino)
1037 continue;
1038 return (0);
1039 }
1040 return (1);
1041 }
1042
1043 /*
1044 * Check if source directory is in the path of the target directory.
1045 * Target is supplied locked, source is unlocked.
1046 * The target is always vput before returning.
1047 */
1048 int
1049 ext2_checkpath(source, target, cred)
1050 struct inode *source, *target;
1051 struct ucred *cred;
1052 {
1053 struct vnode *vp;
1054 int error, rootino, namlen;
1055 struct dirtemplate dirbuf;
1056
1057 vp = ITOV(target);
1058 if (target->i_number == source->i_number) {
1059 error = EEXIST;
1060 goto out;
1061 }
1062 rootino = EXT2_ROOTINO;
1063 error = 0;
1064 if (target->i_number == rootino)
1065 goto out;
1066
1067 for (;;) {
1068 if (vp->v_type != VDIR) {
1069 error = ENOTDIR;
1070 break;
1071 }
1072 error = vn_rdwr(UIO_READ, vp, (caddr_t)&dirbuf,
1073 sizeof (struct dirtemplate), (off_t)0, UIO_SYSSPACE,
1074 IO_NODELOCKED | IO_NOMACCHECK, cred, NOCRED, NULL,
1075 NULL);
1076 if (error != 0)
1077 break;
1078 namlen = dirbuf.dotdot_type; /* like ufs little-endian */
1079 if (namlen != 2 ||
1080 dirbuf.dotdot_name[0] != '.' ||
1081 dirbuf.dotdot_name[1] != '.') {
1082 error = ENOTDIR;
1083 break;
1084 }
1085 if (dirbuf.dotdot_ino == source->i_number) {
1086 error = EINVAL;
1087 break;
1088 }
1089 if (dirbuf.dotdot_ino == rootino)
1090 break;
1091 vput(vp);
1092 if ((error = VFS_VGET(vp->v_mount, dirbuf.dotdot_ino,
1093 LK_EXCLUSIVE, &vp)) != 0) {
1094 vp = NULL;
1095 break;
1096 }
1097 }
1098
1099 out:
1100 if (error == ENOTDIR)
1101 printf("checkpath: .. not a directory\n");
1102 if (vp != NULL)
1103 vput(vp);
1104 return (error);
1105 }
Cache object: ae3c68163d589187c4503cf3c533cae5
|