1 /*
2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the University of
21 * California, Berkeley and its contributors.
22 * 4. Neither the name of the University nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
38 * @(#)ufs_lookup.c 8.15 (Berkeley) 6/16/95
39 * $FreeBSD: releng/5.0/sys/ufs/ufs/ufs_lookup.c 104302 2002-10-01 15:48:31Z phk $
40 */
41
42 #include "opt_ffs_broken_fixme.h"
43 #include "opt_ufs.h"
44
45 #include <sys/param.h>
46 #include <sys/systm.h>
47 #include <sys/kernel.h>
48 #include <sys/namei.h>
49 #include <sys/bio.h>
50 #include <sys/buf.h>
51 #include <sys/proc.h>
52 #include <sys/stat.h>
53 #include <sys/mount.h>
54 #include <sys/vnode.h>
55 #include <sys/sysctl.h>
56
57 #include <vm/vm.h>
58 #include <vm/vm_extern.h>
59
60 #include <ufs/ufs/extattr.h>
61 #include <ufs/ufs/quota.h>
62 #include <ufs/ufs/inode.h>
63 #include <ufs/ufs/dir.h>
64 #ifdef UFS_DIRHASH
65 #include <ufs/ufs/dirhash.h>
66 #endif
67 #include <ufs/ufs/ufsmount.h>
68 #include <ufs/ufs/ufs_extern.h>
69
70 #ifdef DIAGNOSTIC
71 int dirchk = 1;
72 #else
73 int dirchk = 0;
74 #endif
75
76 SYSCTL_INT(_debug, OID_AUTO, dircheck, CTLFLAG_RW, &dirchk, 0, "");
77
78 /* true if old FS format...*/
79 #define OFSFMT(vp) ((vp)->v_mount->mnt_maxsymlinklen <= 0)
80
81 /*
82 * Convert a component of a pathname into a pointer to a locked inode.
83 * This is a very central and rather complicated routine.
84 * If the filesystem is not maintained in a strict tree hierarchy,
85 * this can result in a deadlock situation (see comments in code below).
86 *
87 * The cnp->cn_nameiop argument is LOOKUP, CREATE, RENAME, or DELETE depending
88 * on whether the name is to be looked up, created, renamed, or deleted.
89 * When CREATE, RENAME, or DELETE is specified, information usable in
90 * creating, renaming, or deleting a directory entry may be calculated.
91 * If flag has LOCKPARENT or'ed into it and the target of the pathname
92 * exists, lookup returns both the target and its parent directory locked.
93 * When creating or renaming and LOCKPARENT is specified, the target may
94 * not be ".". When deleting and LOCKPARENT is specified, the target may
95 * be "."., but the caller must check to ensure it does an vrele and vput
96 * instead of two vputs.
97 *
98 * This routine is actually used as VOP_CACHEDLOOKUP method, and the
99 * filesystem employs the generic vfs_cache_lookup() as VOP_LOOKUP
100 * method.
101 *
102 * vfs_cache_lookup() performs the following for us:
103 * check that it is a directory
104 * check accessibility of directory
105 * check for modification attempts on read-only mounts
106 * if name found in cache
107 * if at end of path and deleting or creating
108 * drop it
109 * else
110 * return name.
111 * return VOP_CACHEDLOOKUP()
112 *
113 * Overall outline of ufs_lookup:
114 *
115 * search for name in directory, to found or notfound
116 * notfound:
117 * if creating, return locked directory, leaving info on available slots
118 * else return error
119 * found:
120 * if at end of path and deleting, return information to allow delete
121 * if at end of path and rewriting (RENAME and LOCKPARENT), lock target
122 * inode and return info to allow rewrite
123 * if not at end, add name to cache; if at end and neither creating
124 * nor deleting, add name to cache
125 */
126 int
127 ufs_lookup(ap)
128 struct vop_cachedlookup_args /* {
129 struct vnode *a_dvp;
130 struct vnode **a_vpp;
131 struct componentname *a_cnp;
132 } */ *ap;
133 {
134 struct vnode *vdp; /* vnode for directory being searched */
135 struct inode *dp; /* inode for directory being searched */
136 struct buf *bp; /* a buffer of directory entries */
137 struct direct *ep; /* the current directory entry */
138 int entryoffsetinblock; /* offset of ep in bp's buffer */
139 enum {NONE, COMPACT, FOUND} slotstatus;
140 doff_t slotoffset; /* offset of area with free space */
141 int slotsize; /* size of area at slotoffset */
142 int slotfreespace; /* amount of space free in slot */
143 int slotneeded; /* size of the entry we're seeking */
144 int numdirpasses; /* strategy for directory search */
145 doff_t endsearch; /* offset to end directory search */
146 doff_t prevoff; /* prev entry dp->i_offset */
147 struct vnode *pdp; /* saved dp during symlink work */
148 struct vnode *tdp; /* returned by VFS_VGET */
149 doff_t enduseful; /* pointer past last used dir slot */
150 u_long bmask; /* block offset mask */
151 int lockparent; /* 1 => lockparent flag is set */
152 int wantparent; /* 1 => wantparent or lockparent flag */
153 int namlen, error;
154 struct vnode **vpp = ap->a_vpp;
155 struct componentname *cnp = ap->a_cnp;
156 struct ucred *cred = cnp->cn_cred;
157 int flags = cnp->cn_flags;
158 int nameiop = cnp->cn_nameiop;
159 struct thread *td = cnp->cn_thread;
160
161 bp = NULL;
162 slotoffset = -1;
163 cnp->cn_flags &= ~PDIRUNLOCK;
164 /*
165 * XXX there was a soft-update diff about this I couldn't merge.
166 * I think this was the equiv.
167 */
168 *vpp = NULL;
169
170 vdp = ap->a_dvp;
171 dp = VTOI(vdp);
172 lockparent = flags & LOCKPARENT;
173 wantparent = flags & (LOCKPARENT|WANTPARENT);
174
175 /*
176 * We now have a segment name to search for, and a directory to search.
177 *
178 * Suppress search for slots unless creating
179 * file and at end of pathname, in which case
180 * we watch for a place to put the new file in
181 * case it doesn't already exist.
182 */
183 slotstatus = FOUND;
184 slotfreespace = slotsize = slotneeded = 0;
185 if ((nameiop == CREATE || nameiop == RENAME) &&
186 (flags & ISLASTCN)) {
187 slotstatus = NONE;
188 slotneeded = DIRECTSIZ(cnp->cn_namelen);
189 }
190 bmask = VFSTOUFS(vdp->v_mount)->um_mountp->mnt_stat.f_iosize - 1;
191
192 #ifdef UFS_DIRHASH
193 /*
194 * Use dirhash for fast operations on large directories. The logic
195 * to determine whether to hash the directory is contained within
196 * ufsdirhash_build(); a zero return means that it decided to hash
197 * this directory and it successfully built up the hash table.
198 */
199 if (ufsdirhash_build(dp) == 0) {
200 /* Look for a free slot if needed. */
201 enduseful = dp->i_size;
202 if (slotstatus != FOUND) {
203 slotoffset = ufsdirhash_findfree(dp, slotneeded,
204 &slotsize);
205 if (slotoffset >= 0) {
206 slotstatus = COMPACT;
207 enduseful = ufsdirhash_enduseful(dp);
208 if (enduseful < 0)
209 enduseful = dp->i_size;
210 }
211 }
212 /* Look up the component. */
213 numdirpasses = 1;
214 entryoffsetinblock = 0; /* silence compiler warning */
215 switch (ufsdirhash_lookup(dp, cnp->cn_nameptr, cnp->cn_namelen,
216 &dp->i_offset, &bp, nameiop == DELETE ? &prevoff : NULL)) {
217 case 0:
218 ep = (struct direct *)((char *)bp->b_data +
219 (dp->i_offset & bmask));
220 goto foundentry;
221 case ENOENT:
222 dp->i_offset = roundup2(dp->i_size, DIRBLKSIZ);
223 goto notfound;
224 default:
225 /* Something failed; just do a linear search. */
226 break;
227 }
228 }
229 #endif /* UFS_DIRHASH */
230 /*
231 * If there is cached information on a previous search of
232 * this directory, pick up where we last left off.
233 * We cache only lookups as these are the most common
234 * and have the greatest payoff. Caching CREATE has little
235 * benefit as it usually must search the entire directory
236 * to determine that the entry does not exist. Caching the
237 * location of the last DELETE or RENAME has not reduced
238 * profiling time and hence has been removed in the interest
239 * of simplicity.
240 */
241 if (nameiop != LOOKUP || dp->i_diroff == 0 ||
242 dp->i_diroff >= dp->i_size) {
243 entryoffsetinblock = 0;
244 dp->i_offset = 0;
245 numdirpasses = 1;
246 } else {
247 dp->i_offset = dp->i_diroff;
248 if ((entryoffsetinblock = dp->i_offset & bmask) &&
249 (error = UFS_BLKATOFF(vdp, (off_t)dp->i_offset, NULL, &bp)))
250 return (error);
251 numdirpasses = 2;
252 nchstats.ncs_2passes++;
253 }
254 prevoff = dp->i_offset;
255 endsearch = roundup2(dp->i_size, DIRBLKSIZ);
256 enduseful = 0;
257
258 searchloop:
259 while (dp->i_offset < endsearch) {
260 /*
261 * If necessary, get the next directory block.
262 */
263 if ((dp->i_offset & bmask) == 0) {
264 if (bp != NULL)
265 brelse(bp);
266 error =
267 UFS_BLKATOFF(vdp, (off_t)dp->i_offset, NULL, &bp);
268 if (error)
269 return (error);
270 entryoffsetinblock = 0;
271 }
272 /*
273 * If still looking for a slot, and at a DIRBLKSIZE
274 * boundary, have to start looking for free space again.
275 */
276 if (slotstatus == NONE &&
277 (entryoffsetinblock & (DIRBLKSIZ - 1)) == 0) {
278 slotoffset = -1;
279 slotfreespace = 0;
280 }
281 /*
282 * Get pointer to next entry.
283 * Full validation checks are slow, so we only check
284 * enough to insure forward progress through the
285 * directory. Complete checks can be run by patching
286 * "dirchk" to be true.
287 */
288 ep = (struct direct *)((char *)bp->b_data + entryoffsetinblock);
289 if (ep->d_reclen == 0 || ep->d_reclen >
290 DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1)) ||
291 (dirchk && ufs_dirbadentry(vdp, ep, entryoffsetinblock))) {
292 int i;
293
294 ufs_dirbad(dp, dp->i_offset, "mangled entry");
295 i = DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1));
296 dp->i_offset += i;
297 entryoffsetinblock += i;
298 continue;
299 }
300
301 /*
302 * If an appropriate sized slot has not yet been found,
303 * check to see if one is available. Also accumulate space
304 * in the current block so that we can determine if
305 * compaction is viable.
306 */
307 if (slotstatus != FOUND) {
308 int size = ep->d_reclen;
309
310 if (ep->d_ino != 0)
311 size -= DIRSIZ(OFSFMT(vdp), ep);
312 if (size > 0) {
313 if (size >= slotneeded) {
314 slotstatus = FOUND;
315 slotoffset = dp->i_offset;
316 slotsize = ep->d_reclen;
317 } else if (slotstatus == NONE) {
318 slotfreespace += size;
319 if (slotoffset == -1)
320 slotoffset = dp->i_offset;
321 if (slotfreespace >= slotneeded) {
322 slotstatus = COMPACT;
323 slotsize = dp->i_offset +
324 ep->d_reclen - slotoffset;
325 }
326 }
327 }
328 }
329
330 /*
331 * Check for a name match.
332 */
333 if (ep->d_ino) {
334 # if (BYTE_ORDER == LITTLE_ENDIAN)
335 if (OFSFMT(vdp))
336 namlen = ep->d_type;
337 else
338 namlen = ep->d_namlen;
339 # else
340 namlen = ep->d_namlen;
341 # endif
342 if (namlen == cnp->cn_namelen &&
343 (cnp->cn_nameptr[0] == ep->d_name[0]) &&
344 !bcmp(cnp->cn_nameptr, ep->d_name,
345 (unsigned)namlen)) {
346 #ifdef UFS_DIRHASH
347 foundentry:
348 #endif
349 /*
350 * Save directory entry's inode number and
351 * reclen in ndp->ni_ufs area, and release
352 * directory buffer.
353 */
354 if (vdp->v_mount->mnt_maxsymlinklen > 0 &&
355 ep->d_type == DT_WHT) {
356 slotstatus = FOUND;
357 slotoffset = dp->i_offset;
358 slotsize = ep->d_reclen;
359 dp->i_reclen = slotsize;
360 enduseful = dp->i_size;
361 ap->a_cnp->cn_flags |= ISWHITEOUT;
362 numdirpasses--;
363 goto notfound;
364 }
365 dp->i_ino = ep->d_ino;
366 dp->i_reclen = ep->d_reclen;
367 goto found;
368 }
369 }
370 prevoff = dp->i_offset;
371 dp->i_offset += ep->d_reclen;
372 entryoffsetinblock += ep->d_reclen;
373 if (ep->d_ino)
374 enduseful = dp->i_offset;
375 }
376 notfound:
377 /*
378 * If we started in the middle of the directory and failed
379 * to find our target, we must check the beginning as well.
380 */
381 if (numdirpasses == 2) {
382 numdirpasses--;
383 dp->i_offset = 0;
384 endsearch = dp->i_diroff;
385 goto searchloop;
386 }
387 if (bp != NULL)
388 brelse(bp);
389 /*
390 * If creating, and at end of pathname and current
391 * directory has not been removed, then can consider
392 * allowing file to be created.
393 */
394 if ((nameiop == CREATE || nameiop == RENAME ||
395 (nameiop == DELETE &&
396 (ap->a_cnp->cn_flags & DOWHITEOUT) &&
397 (ap->a_cnp->cn_flags & ISWHITEOUT))) &&
398 (flags & ISLASTCN) && dp->i_effnlink != 0) {
399 /*
400 * Access for write is interpreted as allowing
401 * creation of files in the directory.
402 */
403 error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_thread);
404 if (error)
405 return (error);
406 /*
407 * Return an indication of where the new directory
408 * entry should be put. If we didn't find a slot,
409 * then set dp->i_count to 0 indicating
410 * that the new slot belongs at the end of the
411 * directory. If we found a slot, then the new entry
412 * can be put in the range from dp->i_offset to
413 * dp->i_offset + dp->i_count.
414 */
415 if (slotstatus == NONE) {
416 dp->i_offset = roundup2(dp->i_size, DIRBLKSIZ);
417 dp->i_count = 0;
418 enduseful = dp->i_offset;
419 } else if (nameiop == DELETE) {
420 dp->i_offset = slotoffset;
421 if ((dp->i_offset & (DIRBLKSIZ - 1)) == 0)
422 dp->i_count = 0;
423 else
424 dp->i_count = dp->i_offset - prevoff;
425 } else {
426 dp->i_offset = slotoffset;
427 dp->i_count = slotsize;
428 if (enduseful < slotoffset + slotsize)
429 enduseful = slotoffset + slotsize;
430 }
431 dp->i_endoff = roundup2(enduseful, DIRBLKSIZ);
432 dp->i_flag |= IN_CHANGE | IN_UPDATE;
433 /*
434 * We return with the directory locked, so that
435 * the parameters we set up above will still be
436 * valid if we actually decide to do a direnter().
437 * We return ni_vp == NULL to indicate that the entry
438 * does not currently exist; we leave a pointer to
439 * the (locked) directory inode in ndp->ni_dvp.
440 * The pathname buffer is saved so that the name
441 * can be obtained later.
442 *
443 * NB - if the directory is unlocked, then this
444 * information cannot be used.
445 */
446 cnp->cn_flags |= SAVENAME;
447 if (!lockparent) {
448 VOP_UNLOCK(vdp, 0, td);
449 cnp->cn_flags |= PDIRUNLOCK;
450 }
451 return (EJUSTRETURN);
452 }
453 /*
454 * Insert name into cache (as non-existent) if appropriate.
455 */
456 if ((cnp->cn_flags & MAKEENTRY) && nameiop != CREATE)
457 cache_enter(vdp, *vpp, cnp);
458 return (ENOENT);
459
460 found:
461 if (numdirpasses == 2)
462 nchstats.ncs_pass2++;
463 /*
464 * Check that directory length properly reflects presence
465 * of this entry.
466 */
467 if (dp->i_offset + DIRSIZ(OFSFMT(vdp), ep) > dp->i_size) {
468 ufs_dirbad(dp, dp->i_offset, "i_size too small");
469 dp->i_size = dp->i_offset + DIRSIZ(OFSFMT(vdp), ep);
470 DIP(dp, i_size) = dp->i_size;
471 dp->i_flag |= IN_CHANGE | IN_UPDATE;
472 }
473 brelse(bp);
474
475 /*
476 * Found component in pathname.
477 * If the final component of path name, save information
478 * in the cache as to where the entry was found.
479 */
480 if ((flags & ISLASTCN) && nameiop == LOOKUP)
481 dp->i_diroff = dp->i_offset &~ (DIRBLKSIZ - 1);
482
483 /*
484 * If deleting, and at end of pathname, return
485 * parameters which can be used to remove file.
486 * If the wantparent flag isn't set, we return only
487 * the directory (in ndp->ni_dvp), otherwise we go
488 * on and lock the inode, being careful with ".".
489 */
490 if (nameiop == DELETE && (flags & ISLASTCN)) {
491 /*
492 * Write access to directory required to delete files.
493 */
494 error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_thread);
495 if (error)
496 return (error);
497 /*
498 * Return pointer to current entry in dp->i_offset,
499 * and distance past previous entry (if there
500 * is a previous entry in this block) in dp->i_count.
501 * Save directory inode pointer in ndp->ni_dvp for dirremove().
502 */
503 if ((dp->i_offset & (DIRBLKSIZ - 1)) == 0)
504 dp->i_count = 0;
505 else
506 dp->i_count = dp->i_offset - prevoff;
507 if (dp->i_number == dp->i_ino) {
508 VREF(vdp);
509 *vpp = vdp;
510 return (0);
511 }
512 if ((error = VFS_VGET(vdp->v_mount, dp->i_ino,
513 LK_EXCLUSIVE, &tdp)) != 0)
514 return (error);
515 /*
516 * If directory is "sticky", then user must own
517 * the directory, or the file in it, else she
518 * may not delete it (unless she's root). This
519 * implements append-only directories.
520 */
521 if ((dp->i_mode & ISVTX) &&
522 VOP_ACCESS(vdp, VADMIN, cred, cnp->cn_thread) &&
523 VOP_ACCESS(tdp, VADMIN, cred, cnp->cn_thread)) {
524 vput(tdp);
525 return (EPERM);
526 }
527 *vpp = tdp;
528 if (!lockparent) {
529 VOP_UNLOCK(vdp, 0, td);
530 cnp->cn_flags |= PDIRUNLOCK;
531 }
532 return (0);
533 }
534
535 /*
536 * If rewriting (RENAME), return the inode and the
537 * information required to rewrite the present directory
538 * Must get inode of directory entry to verify it's a
539 * regular file, or empty directory.
540 */
541 if (nameiop == RENAME && wantparent && (flags & ISLASTCN)) {
542 if ((error = VOP_ACCESS(vdp, VWRITE, cred, cnp->cn_thread)))
543 return (error);
544 /*
545 * Careful about locking second inode.
546 * This can only occur if the target is ".".
547 */
548 if (dp->i_number == dp->i_ino)
549 return (EISDIR);
550 if ((error = VFS_VGET(vdp->v_mount, dp->i_ino,
551 LK_EXCLUSIVE, &tdp)) != 0)
552 return (error);
553 *vpp = tdp;
554 cnp->cn_flags |= SAVENAME;
555 if (!lockparent) {
556 VOP_UNLOCK(vdp, 0, td);
557 cnp->cn_flags |= PDIRUNLOCK;
558 }
559 return (0);
560 }
561
562 /*
563 * Step through the translation in the name. We do not `vput' the
564 * directory because we may need it again if a symbolic link
565 * is relative to the current directory. Instead we save it
566 * unlocked as "pdp". We must get the target inode before unlocking
567 * the directory to insure that the inode will not be removed
568 * before we get it. We prevent deadlock by always fetching
569 * inodes from the root, moving down the directory tree. Thus
570 * when following backward pointers ".." we must unlock the
571 * parent directory before getting the requested directory.
572 * There is a potential race condition here if both the current
573 * and parent directories are removed before the VFS_VGET for the
574 * inode associated with ".." returns. We hope that this occurs
575 * infrequently since we cannot avoid this race condition without
576 * implementing a sophisticated deadlock detection algorithm.
577 * Note also that this simple deadlock detection scheme will not
578 * work if the filesystem has any hard links other than ".."
579 * that point backwards in the directory structure.
580 */
581 pdp = vdp;
582 if (flags & ISDOTDOT) {
583 if ((VFS_VGET(pdp->v_mount, dp->i_ino, LK_NOWAIT | LK_EXCLUSIVE,
584 &tdp)) != 0) {
585 VOP_UNLOCK(pdp, 0, td); /* race to get the inode */
586 error = VFS_VGET(pdp->v_mount, dp->i_ino,
587 LK_EXCLUSIVE, &tdp);
588 vn_lock(pdp, LK_EXCLUSIVE | LK_RETRY, td);
589 if (error)
590 return (error);
591 }
592 if (!lockparent || !(flags & ISLASTCN)) {
593 VOP_UNLOCK(pdp, 0, td);
594 cnp->cn_flags |= PDIRUNLOCK;
595 }
596 *vpp = tdp;
597 } else if (dp->i_number == dp->i_ino) {
598 VREF(vdp); /* we want ourself, ie "." */
599 *vpp = vdp;
600 } else {
601 error = VFS_VGET(pdp->v_mount, dp->i_ino, LK_EXCLUSIVE, &tdp);
602 if (error)
603 return (error);
604 if (!lockparent || !(flags & ISLASTCN)) {
605 VOP_UNLOCK(pdp, 0, td);
606 cnp->cn_flags |= PDIRUNLOCK;
607 }
608 *vpp = tdp;
609 }
610
611 /*
612 * Insert name into cache if appropriate.
613 */
614 if (cnp->cn_flags & MAKEENTRY)
615 cache_enter(vdp, *vpp, cnp);
616 return (0);
617 }
618
619 void
620 ufs_dirbad(ip, offset, how)
621 struct inode *ip;
622 doff_t offset;
623 char *how;
624 {
625 struct mount *mp;
626
627 mp = ITOV(ip)->v_mount;
628 (void)printf("%s: bad dir ino %lu at offset %ld: %s\n",
629 mp->mnt_stat.f_mntonname, (u_long)ip->i_number, (long)offset, how);
630 if ((mp->mnt_flag & MNT_RDONLY) == 0)
631 panic("ufs_dirbad: bad dir");
632 }
633
634 /*
635 * Do consistency checking on a directory entry:
636 * record length must be multiple of 4
637 * entry must fit in rest of its DIRBLKSIZ block
638 * record must be large enough to contain entry
639 * name is not longer than MAXNAMLEN
640 * name must be as long as advertised, and null terminated
641 */
642 int
643 ufs_dirbadentry(dp, ep, entryoffsetinblock)
644 struct vnode *dp;
645 struct direct *ep;
646 int entryoffsetinblock;
647 {
648 int i, namlen;
649
650 # if (BYTE_ORDER == LITTLE_ENDIAN)
651 if (OFSFMT(dp))
652 namlen = ep->d_type;
653 else
654 namlen = ep->d_namlen;
655 # else
656 namlen = ep->d_namlen;
657 # endif
658 if ((ep->d_reclen & 0x3) != 0 ||
659 ep->d_reclen > DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1)) ||
660 ep->d_reclen < DIRSIZ(OFSFMT(dp), ep) || namlen > MAXNAMLEN) {
661 /*return (1); */
662 printf("First bad\n");
663 goto bad;
664 }
665 if (ep->d_ino == 0)
666 return (0);
667 for (i = 0; i < namlen; i++)
668 if (ep->d_name[i] == '\0') {
669 /*return (1); */
670 printf("Second bad\n");
671 goto bad;
672 }
673 if (ep->d_name[i])
674 goto bad;
675 return (0);
676 bad:
677 return (1);
678 }
679
680 /*
681 * Construct a new directory entry after a call to namei, using the
682 * parameters that it left in the componentname argument cnp. The
683 * argument ip is the inode to which the new directory entry will refer.
684 */
685 void
686 ufs_makedirentry(ip, cnp, newdirp)
687 struct inode *ip;
688 struct componentname *cnp;
689 struct direct *newdirp;
690 {
691
692 #ifdef DIAGNOSTIC
693 if ((cnp->cn_flags & SAVENAME) == 0)
694 panic("ufs_makedirentry: missing name");
695 #endif
696 newdirp->d_ino = ip->i_number;
697 newdirp->d_namlen = cnp->cn_namelen;
698 bcopy(cnp->cn_nameptr, newdirp->d_name, (unsigned)cnp->cn_namelen + 1);
699 if (ITOV(ip)->v_mount->mnt_maxsymlinklen > 0)
700 newdirp->d_type = IFTODT(ip->i_mode);
701 else {
702 newdirp->d_type = 0;
703 # if (BYTE_ORDER == LITTLE_ENDIAN)
704 { u_char tmp = newdirp->d_namlen;
705 newdirp->d_namlen = newdirp->d_type;
706 newdirp->d_type = tmp; }
707 # endif
708 }
709 }
710
711 /*
712 * Write a directory entry after a call to namei, using the parameters
713 * that it left in nameidata. The argument dirp is the new directory
714 * entry contents. Dvp is a pointer to the directory to be written,
715 * which was left locked by namei. Remaining parameters (dp->i_offset,
716 * dp->i_count) indicate how the space for the new entry is to be obtained.
717 * Non-null bp indicates that a directory is being created (for the
718 * soft dependency code).
719 */
720 int
721 ufs_direnter(dvp, tvp, dirp, cnp, newdirbp)
722 struct vnode *dvp;
723 struct vnode *tvp;
724 struct direct *dirp;
725 struct componentname *cnp;
726 struct buf *newdirbp;
727 {
728 struct ucred *cr;
729 struct thread *td;
730 int newentrysize;
731 struct inode *dp;
732 struct buf *bp;
733 u_int dsize;
734 struct direct *ep, *nep;
735 int error, ret, blkoff, loc, spacefree, flags;
736 char *dirbuf;
737
738 td = curthread; /* XXX */
739 cr = td->td_ucred;
740
741 dp = VTOI(dvp);
742 newentrysize = DIRSIZ(OFSFMT(dvp), dirp);
743
744 if (dp->i_count == 0) {
745 /*
746 * If dp->i_count is 0, then namei could find no
747 * space in the directory. Here, dp->i_offset will
748 * be on a directory block boundary and we will write the
749 * new entry into a fresh block.
750 */
751 if (dp->i_offset & (DIRBLKSIZ - 1))
752 panic("ufs_direnter: newblk");
753 flags = BA_CLRBUF;
754 if (!DOINGSOFTDEP(dvp) && !DOINGASYNC(dvp))
755 flags |= IO_SYNC;
756 if ((error = UFS_BALLOC(dvp, (off_t)dp->i_offset, DIRBLKSIZ,
757 cr, flags, &bp)) != 0) {
758 if (DOINGSOFTDEP(dvp) && newdirbp != NULL)
759 bdwrite(newdirbp);
760 return (error);
761 }
762 dp->i_size = dp->i_offset + DIRBLKSIZ;
763 DIP(dp, i_size) = dp->i_size;
764 dp->i_flag |= IN_CHANGE | IN_UPDATE;
765 vnode_pager_setsize(dvp, (u_long)dp->i_size);
766 dirp->d_reclen = DIRBLKSIZ;
767 blkoff = dp->i_offset &
768 (VFSTOUFS(dvp->v_mount)->um_mountp->mnt_stat.f_iosize - 1);
769 bcopy((caddr_t)dirp, (caddr_t)bp->b_data + blkoff,newentrysize);
770 #ifdef UFS_DIRHASH
771 if (dp->i_dirhash != NULL) {
772 ufsdirhash_newblk(dp, dp->i_offset);
773 ufsdirhash_add(dp, dirp, dp->i_offset);
774 ufsdirhash_checkblock(dp, (char *)bp->b_data + blkoff,
775 dp->i_offset);
776 }
777 #endif
778 if (DOINGSOFTDEP(dvp)) {
779 /*
780 * Ensure that the entire newly allocated block is a
781 * valid directory so that future growth within the
782 * block does not have to ensure that the block is
783 * written before the inode.
784 */
785 blkoff += DIRBLKSIZ;
786 while (blkoff < bp->b_bcount) {
787 ((struct direct *)
788 (bp->b_data + blkoff))->d_reclen = DIRBLKSIZ;
789 blkoff += DIRBLKSIZ;
790 }
791 if (softdep_setup_directory_add(bp, dp, dp->i_offset,
792 dirp->d_ino, newdirbp, 1) == 0) {
793 bdwrite(bp);
794 return (UFS_UPDATE(dvp, 0));
795 }
796 /* We have just allocated a directory block in an
797 * indirect block. Rather than tracking when it gets
798 * claimed by the inode, we simply do a VOP_FSYNC
799 * now to ensure that it is there (in case the user
800 * does a future fsync). Note that we have to unlock
801 * the inode for the entry that we just entered, as
802 * the VOP_FSYNC may need to lock other inodes which
803 * can lead to deadlock if we also hold a lock on
804 * the newly entered node.
805 */
806 if ((error = BUF_WRITE(bp)))
807 return (error);
808 if (tvp != NULL)
809 VOP_UNLOCK(tvp, 0, td);
810 error = VOP_FSYNC(dvp, td->td_ucred, MNT_WAIT, td);
811 if (tvp != NULL)
812 vn_lock(tvp, LK_EXCLUSIVE | LK_RETRY, td);
813 return (error);
814 }
815 if (DOINGASYNC(dvp)) {
816 bdwrite(bp);
817 return (UFS_UPDATE(dvp, 0));
818 }
819 error = BUF_WRITE(bp);
820 ret = UFS_UPDATE(dvp, 1);
821 if (error == 0)
822 return (ret);
823 return (error);
824 }
825
826 /*
827 * If dp->i_count is non-zero, then namei found space for the new
828 * entry in the range dp->i_offset to dp->i_offset + dp->i_count
829 * in the directory. To use this space, we may have to compact
830 * the entries located there, by copying them together towards the
831 * beginning of the block, leaving the free space in one usable
832 * chunk at the end.
833 */
834
835 /*
836 * Increase size of directory if entry eats into new space.
837 * This should never push the size past a new multiple of
838 * DIRBLKSIZE.
839 *
840 * N.B. - THIS IS AN ARTIFACT OF 4.2 AND SHOULD NEVER HAPPEN.
841 */
842 if (dp->i_offset + dp->i_count > dp->i_size) {
843 dp->i_size = dp->i_offset + dp->i_count;
844 DIP(dp, i_size) = dp->i_size;
845 }
846 /*
847 * Get the block containing the space for the new directory entry.
848 */
849 error = UFS_BLKATOFF(dvp, (off_t)dp->i_offset, &dirbuf, &bp);
850 if (error) {
851 if (DOINGSOFTDEP(dvp) && newdirbp != NULL)
852 bdwrite(newdirbp);
853 return (error);
854 }
855 /*
856 * Find space for the new entry. In the simple case, the entry at
857 * offset base will have the space. If it does not, then namei
858 * arranged that compacting the region dp->i_offset to
859 * dp->i_offset + dp->i_count would yield the space.
860 */
861 ep = (struct direct *)dirbuf;
862 dsize = ep->d_ino ? DIRSIZ(OFSFMT(dvp), ep) : 0;
863 spacefree = ep->d_reclen - dsize;
864 for (loc = ep->d_reclen; loc < dp->i_count; ) {
865 nep = (struct direct *)(dirbuf + loc);
866
867 /* Trim the existing slot (NB: dsize may be zero). */
868 ep->d_reclen = dsize;
869 ep = (struct direct *)((char *)ep + dsize);
870
871 /* Read nep->d_reclen now as the bcopy() may clobber it. */
872 loc += nep->d_reclen;
873 if (nep->d_ino == 0) {
874 /*
875 * A mid-block unused entry. Such entries are
876 * never created by the kernel, but fsck_ffs
877 * can create them (and it doesn't fix them).
878 *
879 * Add up the free space, and initialise the
880 * relocated entry since we don't bcopy it.
881 */
882 spacefree += nep->d_reclen;
883 ep->d_ino = 0;
884 dsize = 0;
885 continue;
886 }
887 dsize = DIRSIZ(OFSFMT(dvp), nep);
888 spacefree += nep->d_reclen - dsize;
889 #ifdef UFS_DIRHASH
890 if (dp->i_dirhash != NULL)
891 ufsdirhash_move(dp, nep,
892 dp->i_offset + ((char *)nep - dirbuf),
893 dp->i_offset + ((char *)ep - dirbuf));
894 #endif
895 if (DOINGSOFTDEP(dvp))
896 softdep_change_directoryentry_offset(dp, dirbuf,
897 (caddr_t)nep, (caddr_t)ep, dsize);
898 else
899 bcopy((caddr_t)nep, (caddr_t)ep, dsize);
900 }
901 /*
902 * Here, `ep' points to a directory entry containing `dsize' in-use
903 * bytes followed by `spacefree' unused bytes. If ep->d_ino == 0,
904 * then the entry is completely unused (dsize == 0). The value
905 * of ep->d_reclen is always indeterminate.
906 *
907 * Update the pointer fields in the previous entry (if any),
908 * copy in the new entry, and write out the block.
909 */
910 if (ep->d_ino == 0 ||
911 (ep->d_ino == WINO &&
912 bcmp(ep->d_name, dirp->d_name, dirp->d_namlen) == 0)) {
913 if (spacefree + dsize < newentrysize)
914 panic("ufs_direnter: compact1");
915 dirp->d_reclen = spacefree + dsize;
916 } else {
917 if (spacefree < newentrysize)
918 panic("ufs_direnter: compact2");
919 dirp->d_reclen = spacefree;
920 ep->d_reclen = dsize;
921 ep = (struct direct *)((char *)ep + dsize);
922 }
923 #ifdef UFS_DIRHASH
924 if (dp->i_dirhash != NULL && (ep->d_ino == 0 ||
925 dirp->d_reclen == spacefree))
926 ufsdirhash_add(dp, dirp, dp->i_offset + ((char *)ep - dirbuf));
927 #endif
928 bcopy((caddr_t)dirp, (caddr_t)ep, (u_int)newentrysize);
929 #ifdef UFS_DIRHASH
930 if (dp->i_dirhash != NULL)
931 ufsdirhash_checkblock(dp, dirbuf -
932 (dp->i_offset & (DIRBLKSIZ - 1)),
933 dp->i_offset & ~(DIRBLKSIZ - 1));
934 #endif
935
936 if (DOINGSOFTDEP(dvp)) {
937 (void) softdep_setup_directory_add(bp, dp,
938 dp->i_offset + (caddr_t)ep - dirbuf,
939 dirp->d_ino, newdirbp, 0);
940 bdwrite(bp);
941 } else {
942 if (DOINGASYNC(dvp)) {
943 bdwrite(bp);
944 error = 0;
945 } else {
946 error = BUF_WRITE(bp);
947 }
948 }
949 dp->i_flag |= IN_CHANGE | IN_UPDATE;
950 /*
951 * If all went well, and the directory can be shortened, proceed
952 * with the truncation. Note that we have to unlock the inode for
953 * the entry that we just entered, as the truncation may need to
954 * lock other inodes which can lead to deadlock if we also hold a
955 * lock on the newly entered node.
956 */
957 if (error == 0 && dp->i_endoff && dp->i_endoff < dp->i_size) {
958 if (tvp != NULL)
959 VOP_UNLOCK(tvp, 0, td);
960 #ifdef UFS_DIRHASH
961 if (dp->i_dirhash != NULL)
962 ufsdirhash_dirtrunc(dp, dp->i_endoff);
963 #endif
964 (void) UFS_TRUNCATE(dvp, (off_t)dp->i_endoff,
965 IO_NORMAL | IO_SYNC, cr, td);
966 if (tvp != NULL)
967 vn_lock(tvp, LK_EXCLUSIVE | LK_RETRY, td);
968 }
969 return (error);
970 }
971
972 /*
973 * Remove a directory entry after a call to namei, using
974 * the parameters which it left in nameidata. The entry
975 * dp->i_offset contains the offset into the directory of the
976 * entry to be eliminated. The dp->i_count field contains the
977 * size of the previous record in the directory. If this
978 * is 0, the first entry is being deleted, so we need only
979 * zero the inode number to mark the entry as free. If the
980 * entry is not the first in the directory, we must reclaim
981 * the space of the now empty record by adding the record size
982 * to the size of the previous entry.
983 */
984 int
985 ufs_dirremove(dvp, ip, flags, isrmdir)
986 struct vnode *dvp;
987 struct inode *ip;
988 int flags;
989 int isrmdir;
990 {
991 struct inode *dp;
992 struct direct *ep;
993 struct buf *bp;
994 int error;
995
996 dp = VTOI(dvp);
997
998 if (flags & DOWHITEOUT) {
999 /*
1000 * Whiteout entry: set d_ino to WINO.
1001 */
1002 if ((error =
1003 UFS_BLKATOFF(dvp, (off_t)dp->i_offset, (char **)&ep, &bp)) != 0)
1004 return (error);
1005 ep->d_ino = WINO;
1006 ep->d_type = DT_WHT;
1007 goto out;
1008 }
1009
1010 if ((error = UFS_BLKATOFF(dvp,
1011 (off_t)(dp->i_offset - dp->i_count), (char **)&ep, &bp)) != 0)
1012 return (error);
1013 #ifdef UFS_DIRHASH
1014 /*
1015 * Remove the dirhash entry. This is complicated by the fact
1016 * that `ep' is the previous entry when dp->i_count != 0.
1017 */
1018 if (dp->i_dirhash != NULL)
1019 ufsdirhash_remove(dp, (dp->i_count == 0) ? ep :
1020 (struct direct *)((char *)ep + ep->d_reclen), dp->i_offset);
1021 #endif
1022 if (dp->i_count == 0) {
1023 /*
1024 * First entry in block: set d_ino to zero.
1025 */
1026 ep->d_ino = 0;
1027 } else {
1028 /*
1029 * Collapse new free space into previous entry.
1030 */
1031 ep->d_reclen += dp->i_reclen;
1032 }
1033 #ifdef UFS_DIRHASH
1034 if (dp->i_dirhash != NULL)
1035 ufsdirhash_checkblock(dp, (char *)ep -
1036 ((dp->i_offset - dp->i_count) & (DIRBLKSIZ - 1)),
1037 dp->i_offset & ~(DIRBLKSIZ - 1));
1038 #endif
1039 out:
1040 if (DOINGSOFTDEP(dvp)) {
1041 if (ip) {
1042 ip->i_effnlink--;
1043 softdep_change_linkcnt(ip);
1044 softdep_setup_remove(bp, dp, ip, isrmdir);
1045 }
1046 if (softdep_slowdown(dvp)) {
1047 error = BUF_WRITE(bp);
1048 } else {
1049 bdwrite(bp);
1050 error = 0;
1051 }
1052 } else {
1053 if (ip) {
1054 ip->i_effnlink--;
1055 ip->i_nlink--;
1056 DIP(ip, i_nlink) = ip->i_nlink;
1057 ip->i_flag |= IN_CHANGE;
1058 }
1059 if (flags & DOWHITEOUT)
1060 error = BUF_WRITE(bp);
1061 else if (DOINGASYNC(dvp) && dp->i_count != 0) {
1062 bdwrite(bp);
1063 error = 0;
1064 } else
1065 error = BUF_WRITE(bp);
1066 }
1067 dp->i_flag |= IN_CHANGE | IN_UPDATE;
1068 /*
1069 * If the last named reference to a snapshot goes away,
1070 * drop its snapshot reference so that it will be reclaimed
1071 * when last open reference goes away.
1072 */
1073 #if defined(FFS) || defined(IFS)
1074 if (ip != 0 && (ip->i_flags & SF_SNAPSHOT) != 0 && ip->i_effnlink == 0)
1075 ffs_snapgone(ip);
1076 #endif
1077 return (error);
1078 }
1079
1080 /*
1081 * Rewrite an existing directory entry to point at the inode
1082 * supplied. The parameters describing the directory entry are
1083 * set up by a call to namei.
1084 */
1085 int
1086 ufs_dirrewrite(dp, oip, newinum, newtype, isrmdir)
1087 struct inode *dp, *oip;
1088 ino_t newinum;
1089 int newtype;
1090 int isrmdir;
1091 {
1092 struct buf *bp;
1093 struct direct *ep;
1094 struct vnode *vdp = ITOV(dp);
1095 int error;
1096
1097 error = UFS_BLKATOFF(vdp, (off_t)dp->i_offset, (char **)&ep, &bp);
1098 if (error)
1099 return (error);
1100 ep->d_ino = newinum;
1101 if (!OFSFMT(vdp))
1102 ep->d_type = newtype;
1103 oip->i_effnlink--;
1104 if (DOINGSOFTDEP(vdp)) {
1105 softdep_change_linkcnt(oip);
1106 softdep_setup_directory_change(bp, dp, oip, newinum, isrmdir);
1107 bdwrite(bp);
1108 } else {
1109 oip->i_nlink--;
1110 DIP(oip, i_nlink) = oip->i_nlink;
1111 oip->i_flag |= IN_CHANGE;
1112 if (DOINGASYNC(vdp)) {
1113 bdwrite(bp);
1114 error = 0;
1115 } else {
1116 error = BUF_WRITE(bp);
1117 }
1118 }
1119 dp->i_flag |= IN_CHANGE | IN_UPDATE;
1120 /*
1121 * If the last named reference to a snapshot goes away,
1122 * drop its snapshot reference so that it will be reclaimed
1123 * when last open reference goes away.
1124 */
1125 #if defined(FFS) || defined(IFS)
1126 if ((oip->i_flags & SF_SNAPSHOT) != 0 && oip->i_effnlink == 0)
1127 ffs_snapgone(oip);
1128 #endif
1129 return (error);
1130 }
1131
1132 /*
1133 * Check if a directory is empty or not.
1134 * Inode supplied must be locked.
1135 *
1136 * Using a struct dirtemplate here is not precisely
1137 * what we want, but better than using a struct direct.
1138 *
1139 * NB: does not handle corrupted directories.
1140 */
1141 int
1142 ufs_dirempty(ip, parentino, cred)
1143 struct inode *ip;
1144 ino_t parentino;
1145 struct ucred *cred;
1146 {
1147 doff_t off;
1148 struct dirtemplate dbuf;
1149 struct direct *dp = (struct direct *)&dbuf;
1150 int error, count, namlen;
1151 #define MINDIRSIZ (sizeof (struct dirtemplate) / 2)
1152
1153 for (off = 0; off < ip->i_size; off += dp->d_reclen) {
1154 error = vn_rdwr(UIO_READ, ITOV(ip), (caddr_t)dp, MINDIRSIZ,
1155 off, UIO_SYSSPACE, IO_NODELOCKED | IO_NOMACCHECK, cred,
1156 NOCRED, &count, (struct thread *)0);
1157 /*
1158 * Since we read MINDIRSIZ, residual must
1159 * be 0 unless we're at end of file.
1160 */
1161 if (error || count != 0)
1162 return (0);
1163 /* avoid infinite loops */
1164 if (dp->d_reclen == 0)
1165 return (0);
1166 /* skip empty entries */
1167 if (dp->d_ino == 0 || dp->d_ino == WINO)
1168 continue;
1169 /* accept only "." and ".." */
1170 # if (BYTE_ORDER == LITTLE_ENDIAN)
1171 if (OFSFMT(ITOV(ip)))
1172 namlen = dp->d_type;
1173 else
1174 namlen = dp->d_namlen;
1175 # else
1176 namlen = dp->d_namlen;
1177 # endif
1178 if (namlen > 2)
1179 return (0);
1180 if (dp->d_name[0] != '.')
1181 return (0);
1182 /*
1183 * At this point namlen must be 1 or 2.
1184 * 1 implies ".", 2 implies ".." if second
1185 * char is also "."
1186 */
1187 if (namlen == 1 && dp->d_ino == ip->i_number)
1188 continue;
1189 if (dp->d_name[1] == '.' && dp->d_ino == parentino)
1190 continue;
1191 return (0);
1192 }
1193 return (1);
1194 }
1195
1196 /*
1197 * Check if source directory is in the path of the target directory.
1198 * Target is supplied locked, source is unlocked.
1199 * The target is always vput before returning.
1200 */
1201 int
1202 ufs_checkpath(source, target, cred)
1203 struct inode *source, *target;
1204 struct ucred *cred;
1205 {
1206 struct vnode *vp;
1207 int error, namlen;
1208 ino_t rootino;
1209 struct dirtemplate dirbuf;
1210
1211 vp = ITOV(target);
1212 if (target->i_number == source->i_number) {
1213 error = EEXIST;
1214 goto out;
1215 }
1216 rootino = ROOTINO;
1217 error = 0;
1218 if (target->i_number == rootino)
1219 goto out;
1220
1221 for (;;) {
1222 if (vp->v_type != VDIR) {
1223 error = ENOTDIR;
1224 break;
1225 }
1226 error = vn_rdwr(UIO_READ, vp, (caddr_t)&dirbuf,
1227 sizeof (struct dirtemplate), (off_t)0, UIO_SYSSPACE,
1228 IO_NODELOCKED | IO_NOMACCHECK, cred, NOCRED, (int *)0,
1229 (struct thread *)0);
1230 if (error != 0)
1231 break;
1232 # if (BYTE_ORDER == LITTLE_ENDIAN)
1233 if (OFSFMT(vp))
1234 namlen = dirbuf.dotdot_type;
1235 else
1236 namlen = dirbuf.dotdot_namlen;
1237 # else
1238 namlen = dirbuf.dotdot_namlen;
1239 # endif
1240 if (namlen != 2 ||
1241 dirbuf.dotdot_name[0] != '.' ||
1242 dirbuf.dotdot_name[1] != '.') {
1243 error = ENOTDIR;
1244 break;
1245 }
1246 if (dirbuf.dotdot_ino == source->i_number) {
1247 error = EINVAL;
1248 break;
1249 }
1250 if (dirbuf.dotdot_ino == rootino)
1251 break;
1252 vput(vp);
1253 error = VFS_VGET(vp->v_mount, dirbuf.dotdot_ino,
1254 LK_EXCLUSIVE, &vp);
1255 if (error) {
1256 vp = NULL;
1257 break;
1258 }
1259 }
1260
1261 out:
1262 if (error == ENOTDIR)
1263 printf("checkpath: .. not a directory\n");
1264 if (vp != NULL)
1265 vput(vp);
1266 return (error);
1267 }
Cache object: d018dba02f996b81936e326621702716
|