The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/ufs/ufs/ufs_vnops.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 1982, 1986, 1989, 1993, 1995
    3  *      The Regents of the University of California.  All rights reserved.
    4  * (c) UNIX System Laboratories, Inc.
    5  * All or some portions of this file are derived from material licensed
    6  * to the University of California by American Telephone and Telegraph
    7  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
    8  * the permission of UNIX System Laboratories, Inc.
    9  *
   10  * Redistribution and use in source and binary forms, with or without
   11  * modification, are permitted provided that the following conditions
   12  * are met:
   13  * 1. Redistributions of source code must retain the above copyright
   14  *    notice, this list of conditions and the following disclaimer.
   15  * 2. Redistributions in binary form must reproduce the above copyright
   16  *    notice, this list of conditions and the following disclaimer in the
   17  *    documentation and/or other materials provided with the distribution.
   18  * 4. Neither the name of the University nor the names of its contributors
   19  *    may be used to endorse or promote products derived from this software
   20  *    without specific prior written permission.
   21  *
   22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
   23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
   26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   32  * SUCH DAMAGE.
   33  *
   34  *      @(#)ufs_vnops.c 8.27 (Berkeley) 5/27/95
   35  */
   36 
   37 #include <sys/cdefs.h>
   38 __FBSDID("$FreeBSD: releng/6.2/sys/ufs/ufs/ufs_vnops.c 164062 2006-11-07 16:56:11Z kib $");
   39 
   40 #include "opt_mac.h"
   41 #include "opt_quota.h"
   42 #include "opt_suiddir.h"
   43 #include "opt_ufs.h"
   44 #include "opt_ffs.h"
   45 
   46 #include <sys/param.h>
   47 #include <sys/systm.h>
   48 #include <sys/malloc.h>
   49 #include <sys/namei.h>
   50 #include <sys/kernel.h>
   51 #include <sys/fcntl.h>
   52 #include <sys/stat.h>
   53 #include <sys/bio.h>
   54 #include <sys/buf.h>
   55 #include <sys/mount.h>
   56 #include <sys/unistd.h>
   57 #include <sys/vnode.h>
   58 #include <sys/dirent.h>
   59 #include <sys/lockf.h>
   60 #include <sys/conf.h>
   61 #include <sys/acl.h>
   62 #include <sys/mac.h>
   63 #include <sys/jail.h>
   64 
   65 #include <machine/mutex.h>
   66 
   67 #include <sys/file.h>           /* XXX */
   68 
   69 #include <vm/vm.h>
   70 #include <vm/vm_extern.h>
   71 
   72 #include <fs/fifofs/fifo.h>
   73 
   74 #include <ufs/ufs/acl.h>
   75 #include <ufs/ufs/extattr.h>
   76 #include <ufs/ufs/quota.h>
   77 #include <ufs/ufs/inode.h>
   78 #include <ufs/ufs/dir.h>
   79 #include <ufs/ufs/ufsmount.h>
   80 #include <ufs/ufs/ufs_extern.h>
   81 #ifdef UFS_DIRHASH
   82 #include <ufs/ufs/dirhash.h>
   83 #endif
   84 
   85 #include <ufs/ffs/ffs_extern.h>
   86 
   87 static vop_access_t     ufs_access;
   88 static vop_advlock_t    ufs_advlock;
   89 static int ufs_chmod(struct vnode *, int, struct ucred *, struct thread *);
   90 static int ufs_chown(struct vnode *, uid_t, gid_t, struct ucred *, struct thread *);
   91 static vop_close_t      ufs_close;
   92 static vop_create_t     ufs_create;
   93 static vop_getattr_t    ufs_getattr;
   94 static vop_link_t       ufs_link;
   95 static int ufs_makeinode(int mode, struct vnode *, struct vnode **, struct componentname *);
   96 static vop_mkdir_t      ufs_mkdir;
   97 static vop_mknod_t      ufs_mknod;
   98 static vop_open_t       ufs_open;
   99 static vop_pathconf_t   ufs_pathconf;
  100 static vop_print_t      ufs_print;
  101 static vop_readlink_t   ufs_readlink;
  102 static vop_remove_t     ufs_remove;
  103 static vop_rename_t     ufs_rename;
  104 static vop_rmdir_t      ufs_rmdir;
  105 static vop_setattr_t    ufs_setattr;
  106 static vop_strategy_t   ufs_strategy;
  107 static vop_symlink_t    ufs_symlink;
  108 static vop_whiteout_t   ufs_whiteout;
  109 static vop_close_t      ufsfifo_close;
  110 static vop_kqfilter_t   ufsfifo_kqfilter;
  111 
  112 /*
  113  * A virgin directory (no blushing please).
  114  */
  115 static struct dirtemplate mastertemplate = {
  116         0, 12, DT_DIR, 1, ".",
  117         0, DIRBLKSIZ - 12, DT_DIR, 2, ".."
  118 };
  119 static struct odirtemplate omastertemplate = {
  120         0, 12, 1, ".",
  121         0, DIRBLKSIZ - 12, 2, ".."
  122 };
  123 
  124 void
  125 ufs_itimes(vp)
  126         struct vnode *vp;
  127 {
  128         struct inode *ip;
  129         struct timespec ts;
  130         int mnt_locked;
  131 
  132         ip = VTOI(vp);
  133         mnt_locked = 0;
  134         if ((vp->v_mount->mnt_flag & MNT_RDONLY) != 0) {
  135                 VI_LOCK(vp);
  136                 goto out;
  137         }
  138         MNT_ILOCK(vp->v_mount);         /* For reading of mnt_kern_flags. */
  139         mnt_locked = 1;
  140         VI_LOCK(vp);
  141         if ((ip->i_flag & (IN_ACCESS | IN_CHANGE | IN_UPDATE)) == 0)
  142                 goto out_unl;
  143 
  144         if ((vp->v_type == VBLK || vp->v_type == VCHR) && !DOINGSOFTDEP(vp))
  145                 ip->i_flag |= IN_LAZYMOD;
  146         else if (((vp->v_mount->mnt_kern_flag &
  147                     (MNTK_SUSPENDED | MNTK_SUSPEND)) == 0) ||
  148                     (ip->i_flag & (IN_CHANGE | IN_UPDATE)))
  149                 ip->i_flag |= IN_MODIFIED;
  150         else if (ip->i_flag & IN_ACCESS)
  151                 ip->i_flag |= IN_LAZYACCESS;
  152         vfs_timestamp(&ts);
  153         if (ip->i_flag & IN_ACCESS) {
  154                 DIP_SET(ip, i_atime, ts.tv_sec);
  155                 DIP_SET(ip, i_atimensec, ts.tv_nsec);
  156         }
  157         if (ip->i_flag & IN_UPDATE) {
  158                 DIP_SET(ip, i_mtime, ts.tv_sec);
  159                 DIP_SET(ip, i_mtimensec, ts.tv_nsec);
  160                 ip->i_modrev++;
  161         }
  162         if (ip->i_flag & IN_CHANGE) {
  163                 DIP_SET(ip, i_ctime, ts.tv_sec);
  164                 DIP_SET(ip, i_ctimensec, ts.tv_nsec);
  165         }
  166 
  167  out:
  168         ip->i_flag &= ~(IN_ACCESS | IN_CHANGE | IN_UPDATE);
  169  out_unl:
  170         VI_UNLOCK(vp);
  171         if (mnt_locked)
  172                 MNT_IUNLOCK(vp->v_mount);
  173 }
  174 
  175 /*
  176  * Create a regular file
  177  */
  178 static int
  179 ufs_create(ap)
  180         struct vop_create_args /* {
  181                 struct vnode *a_dvp;
  182                 struct vnode **a_vpp;
  183                 struct componentname *a_cnp;
  184                 struct vattr *a_vap;
  185         } */ *ap;
  186 {
  187         int error;
  188 
  189         error =
  190             ufs_makeinode(MAKEIMODE(ap->a_vap->va_type, ap->a_vap->va_mode),
  191             ap->a_dvp, ap->a_vpp, ap->a_cnp);
  192         if (error)
  193                 return (error);
  194         return (0);
  195 }
  196 
  197 /*
  198  * Mknod vnode call
  199  */
  200 /* ARGSUSED */
  201 static int
  202 ufs_mknod(ap)
  203         struct vop_mknod_args /* {
  204                 struct vnode *a_dvp;
  205                 struct vnode **a_vpp;
  206                 struct componentname *a_cnp;
  207                 struct vattr *a_vap;
  208         } */ *ap;
  209 {
  210         struct vattr *vap = ap->a_vap;
  211         struct vnode **vpp = ap->a_vpp;
  212         struct inode *ip;
  213         ino_t ino;
  214         int error;
  215 
  216         error = ufs_makeinode(MAKEIMODE(vap->va_type, vap->va_mode),
  217             ap->a_dvp, vpp, ap->a_cnp);
  218         if (error)
  219                 return (error);
  220         ip = VTOI(*vpp);
  221         ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
  222         if (vap->va_rdev != VNOVAL) {
  223                 /*
  224                  * Want to be able to use this to make badblock
  225                  * inodes, so don't truncate the dev number.
  226                  */
  227                 DIP_SET(ip, i_rdev, vap->va_rdev);
  228         }
  229         /*
  230          * Remove inode, then reload it through VFS_VGET so it is
  231          * checked to see if it is an alias of an existing entry in
  232          * the inode cache.  XXX I don't believe this is necessary now.
  233          */
  234         (*vpp)->v_type = VNON;
  235         ino = ip->i_number;     /* Save this before vgone() invalidates ip. */
  236         vgone(*vpp);
  237         vput(*vpp);
  238         error = VFS_VGET(ap->a_dvp->v_mount, ino, LK_EXCLUSIVE, vpp);
  239         if (error) {
  240                 *vpp = NULL;
  241                 return (error);
  242         }
  243         return (0);
  244 }
  245 
  246 /*
  247  * Open called.
  248  */
  249 /* ARGSUSED */
  250 static int
  251 ufs_open(struct vop_open_args *ap)
  252 {
  253         struct vnode *vp = ap->a_vp;
  254         struct inode *ip;
  255 
  256         if (vp->v_type == VCHR || vp->v_type == VBLK)
  257                 return (EOPNOTSUPP);
  258 
  259         ip = VTOI(vp);
  260         /*
  261          * Files marked append-only must be opened for appending.
  262          */
  263         if ((ip->i_flags & APPEND) &&
  264             (ap->a_mode & (FWRITE | O_APPEND)) == FWRITE)
  265                 return (EPERM);
  266         vnode_create_vobject_off(vp, DIP(ip, i_size), ap->a_td);
  267         return (0);
  268 }
  269 
  270 /*
  271  * Close called.
  272  *
  273  * Update the times on the inode.
  274  */
  275 /* ARGSUSED */
  276 static int
  277 ufs_close(ap)
  278         struct vop_close_args /* {
  279                 struct vnode *a_vp;
  280                 int  a_fflag;
  281                 struct ucred *a_cred;
  282                 struct thread *a_td;
  283         } */ *ap;
  284 {
  285         struct vnode *vp = ap->a_vp;
  286         int usecount;
  287 
  288         VI_LOCK(vp);
  289         usecount = vp->v_usecount;
  290         VI_UNLOCK(vp);
  291         if (usecount > 1)
  292                 ufs_itimes(vp);
  293         return (0);
  294 }
  295 
  296 static int
  297 ufs_access(ap)
  298         struct vop_access_args /* {
  299                 struct vnode *a_vp;
  300                 int  a_mode;
  301                 struct ucred *a_cred;
  302                 struct thread *a_td;
  303         } */ *ap;
  304 {
  305         struct vnode *vp = ap->a_vp;
  306         struct inode *ip = VTOI(vp);
  307         mode_t mode = ap->a_mode;
  308         int error;
  309 #ifdef UFS_ACL
  310         struct acl *acl;
  311 #endif
  312 
  313         /*
  314          * Disallow write attempts on read-only filesystems;
  315          * unless the file is a socket, fifo, or a block or
  316          * character device resident on the filesystem.
  317          */
  318         if (mode & VWRITE) {
  319                 switch (vp->v_type) {
  320                 case VDIR:
  321                 case VLNK:
  322                 case VREG:
  323                         if (vp->v_mount->mnt_flag & MNT_RDONLY)
  324                                 return (EROFS);
  325 #ifdef QUOTA
  326                         if ((error = getinoquota(ip)) != 0)
  327                                 return (error);
  328 #endif
  329                         break;
  330                 default:
  331                         break;
  332                 }
  333         }
  334 
  335         /* If immutable bit set, nobody gets to write it. */
  336         if ((mode & VWRITE) && (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT)))
  337                 return (EPERM);
  338 
  339 #ifdef UFS_ACL
  340         if ((vp->v_mount->mnt_flag & MNT_ACLS) != 0) {
  341                 acl = uma_zalloc(acl_zone, M_WAITOK);
  342                 error = VOP_GETACL(vp, ACL_TYPE_ACCESS, acl, ap->a_cred,
  343                     ap->a_td);
  344                 switch (error) {
  345                 case EOPNOTSUPP:
  346                         error = vaccess(vp->v_type, ip->i_mode, ip->i_uid,
  347                             ip->i_gid, ap->a_mode, ap->a_cred, NULL);
  348                         break;
  349                 case 0:
  350                         error = vaccess_acl_posix1e(vp->v_type, ip->i_uid,
  351                             ip->i_gid, acl, ap->a_mode, ap->a_cred, NULL);
  352                         break;
  353                 default:
  354                         printf(
  355 "ufs_access(): Error retrieving ACL on object (%d).\n",
  356                             error);
  357                         /*
  358                          * XXX: Fall back until debugged.  Should
  359                          * eventually possibly log an error, and return
  360                          * EPERM for safety.
  361                          */
  362                         error = vaccess(vp->v_type, ip->i_mode, ip->i_uid,
  363                             ip->i_gid, ap->a_mode, ap->a_cred, NULL);
  364                 }
  365                 uma_zfree(acl_zone, acl);
  366         } else
  367 #endif /* !UFS_ACL */
  368                 error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, ip->i_gid,
  369                     ap->a_mode, ap->a_cred, NULL);
  370         return (error);
  371 }
  372 
  373 /* ARGSUSED */
  374 static int
  375 ufs_getattr(ap)
  376         struct vop_getattr_args /* {
  377                 struct vnode *a_vp;
  378                 struct vattr *a_vap;
  379                 struct ucred *a_cred;
  380                 struct thread *a_td;
  381         } */ *ap;
  382 {
  383         struct vnode *vp = ap->a_vp;
  384         struct inode *ip = VTOI(vp);
  385         struct vattr *vap = ap->a_vap;
  386 
  387         ufs_itimes(vp);
  388         /*
  389          * Copy from inode table
  390          */
  391         vap->va_fsid = dev2udev(ip->i_dev);
  392         vap->va_fileid = ip->i_number;
  393         vap->va_mode = ip->i_mode & ~IFMT;
  394         vap->va_nlink = ip->i_effnlink;
  395         vap->va_uid = ip->i_uid;
  396         vap->va_gid = ip->i_gid;
  397         if (ip->i_ump->um_fstype == UFS1) {
  398                 vap->va_rdev = ip->i_din1->di_rdev;
  399                 vap->va_size = ip->i_din1->di_size;
  400                 VI_LOCK(vp);
  401                 vap->va_atime.tv_sec = ip->i_din1->di_atime;
  402                 vap->va_atime.tv_nsec = ip->i_din1->di_atimensec;
  403                 VI_UNLOCK(vp);
  404                 vap->va_mtime.tv_sec = ip->i_din1->di_mtime;
  405                 vap->va_mtime.tv_nsec = ip->i_din1->di_mtimensec;
  406                 vap->va_ctime.tv_sec = ip->i_din1->di_ctime;
  407                 vap->va_ctime.tv_nsec = ip->i_din1->di_ctimensec;
  408                 vap->va_birthtime.tv_sec = 0;
  409                 vap->va_birthtime.tv_nsec = 0;
  410                 vap->va_bytes = dbtob((u_quad_t)ip->i_din1->di_blocks);
  411         } else {
  412                 vap->va_rdev = ip->i_din2->di_rdev;
  413                 vap->va_size = ip->i_din2->di_size;
  414                 VI_LOCK(vp);
  415                 vap->va_atime.tv_sec = ip->i_din2->di_atime;
  416                 vap->va_atime.tv_nsec = ip->i_din2->di_atimensec;
  417                 VI_UNLOCK(vp);
  418                 vap->va_mtime.tv_sec = ip->i_din2->di_mtime;
  419                 vap->va_mtime.tv_nsec = ip->i_din2->di_mtimensec;
  420                 vap->va_ctime.tv_sec = ip->i_din2->di_ctime;
  421                 vap->va_ctime.tv_nsec = ip->i_din2->di_ctimensec;
  422                 vap->va_birthtime.tv_sec = ip->i_din2->di_birthtime;
  423                 vap->va_birthtime.tv_nsec = ip->i_din2->di_birthnsec;
  424                 vap->va_bytes = dbtob((u_quad_t)ip->i_din2->di_blocks);
  425         }
  426         vap->va_flags = ip->i_flags;
  427         vap->va_gen = ip->i_gen;
  428         vap->va_blocksize = vp->v_mount->mnt_stat.f_iosize;
  429         vap->va_type = IFTOVT(ip->i_mode);
  430         vap->va_filerev = ip->i_modrev;
  431         return (0);
  432 }
  433 
  434 /*
  435  * Set attribute vnode op. called from several syscalls
  436  */
  437 static int
  438 ufs_setattr(ap)
  439         struct vop_setattr_args /* {
  440                 struct vnode *a_vp;
  441                 struct vattr *a_vap;
  442                 struct ucred *a_cred;
  443                 struct thread *a_td;
  444         } */ *ap;
  445 {
  446         struct vattr *vap = ap->a_vap;
  447         struct vnode *vp = ap->a_vp;
  448         struct inode *ip = VTOI(vp);
  449         struct ucred *cred = ap->a_cred;
  450         struct thread *td = ap->a_td;
  451         int error;
  452 
  453         /*
  454          * Check for unsettable attributes.
  455          */
  456         if ((vap->va_type != VNON) || (vap->va_nlink != VNOVAL) ||
  457             (vap->va_fsid != VNOVAL) || (vap->va_fileid != VNOVAL) ||
  458             (vap->va_blocksize != VNOVAL) || (vap->va_rdev != VNOVAL) ||
  459             ((int)vap->va_bytes != VNOVAL) || (vap->va_gen != VNOVAL)) {
  460                 return (EINVAL);
  461         }
  462         /*
  463          * Mark for update the file's access time for vfs_mark_atime().
  464          * We are doing this here to avoid some of the checks done
  465          * below -- this operation is done by request of the kernel and
  466          * should bypass some security checks.  Things like read-only
  467          * checks get handled by other levels (e.g., ffs_update()).
  468          */
  469         if (vap->va_vaflags & VA_MARK_ATIME) {
  470                 ip->i_flag |= IN_ACCESS;
  471                 return (0);
  472         }
  473         if (vap->va_flags != VNOVAL) {
  474                 if (vp->v_mount->mnt_flag & MNT_RDONLY)
  475                         return (EROFS);
  476                 /*
  477                  * Callers may only modify the file flags on objects they
  478                  * have VADMIN rights for.
  479                  */
  480                 if ((error = VOP_ACCESS(vp, VADMIN, cred, td)))
  481                         return (error);
  482                 /*
  483                  * Unprivileged processes are not permitted to unset system
  484                  * flags, or modify flags if any system flags are set.
  485                  * Privileged non-jail processes may not modify system flags
  486                  * if securelevel > 0 and any existing system flags are set.
  487                  * Privileged jail processes behave like privileged non-jail
  488                  * processes if the security.jail.chflags_allowed sysctl is
  489                  * is non-zero; otherwise, they behave like unprivileged
  490                  * processes.
  491                  */
  492                 if (!suser_cred(cred,
  493                     jail_chflags_allowed ? SUSER_ALLOWJAIL : 0)) {
  494                         if (ip->i_flags
  495                             & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) {
  496                                 error = securelevel_gt(cred, 0);
  497                                 if (error)
  498                                         return (error);
  499                         }
  500                         /* Snapshot flag cannot be set or cleared */
  501                         if (((vap->va_flags & SF_SNAPSHOT) != 0 &&
  502                              (ip->i_flags & SF_SNAPSHOT) == 0) ||
  503                             ((vap->va_flags & SF_SNAPSHOT) == 0 &&
  504                              (ip->i_flags & SF_SNAPSHOT) != 0))
  505                                 return (EPERM);
  506                         ip->i_flags = vap->va_flags;
  507                         DIP_SET(ip, i_flags, vap->va_flags);
  508                 } else {
  509                         if (ip->i_flags
  510                             & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) ||
  511                             (vap->va_flags & UF_SETTABLE) != vap->va_flags)
  512                                 return (EPERM);
  513                         ip->i_flags &= SF_SETTABLE;
  514                         ip->i_flags |= (vap->va_flags & UF_SETTABLE);
  515                         DIP_SET(ip, i_flags, ip->i_flags);
  516                 }
  517                 ip->i_flag |= IN_CHANGE;
  518                 if (vap->va_flags & (IMMUTABLE | APPEND))
  519                         return (0);
  520         }
  521         if (ip->i_flags & (IMMUTABLE | APPEND))
  522                 return (EPERM);
  523         /*
  524          * Go through the fields and update iff not VNOVAL.
  525          */
  526         if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) {
  527                 if (vp->v_mount->mnt_flag & MNT_RDONLY)
  528                         return (EROFS);
  529                 if ((error = ufs_chown(vp, vap->va_uid, vap->va_gid, cred,
  530                     td)) != 0)
  531                         return (error);
  532         }
  533         if (vap->va_size != VNOVAL) {
  534                 /*
  535                  * XXX most of the following special cases should be in
  536                  * callers instead of in N filesystems.  The VDIR check
  537                  * mostly already is.
  538                  */
  539                 switch (vp->v_type) {
  540                 case VDIR:
  541                         return (EISDIR);
  542                 case VLNK:
  543                 case VREG:
  544                         /*
  545                          * Truncation should have an effect in these cases.
  546                          * Disallow it if the filesystem is read-only or
  547                          * the file is being snapshotted.
  548                          */
  549                         if (vp->v_mount->mnt_flag & MNT_RDONLY)
  550                                 return (EROFS);
  551                         if ((ip->i_flags & SF_SNAPSHOT) != 0)
  552                                 return (EPERM);
  553                         break;
  554                 default:
  555                         /*
  556                          * According to POSIX, the result is unspecified
  557                          * for file types other than regular files,
  558                          * directories and shared memory objects.  We
  559                          * don't support shared memory objects in the file
  560                          * system, and have dubious support for truncating
  561                          * symlinks.  Just ignore the request in other cases.
  562                          */
  563                         return (0);
  564                 }
  565                 if ((error = UFS_TRUNCATE(vp, vap->va_size, IO_NORMAL,
  566                     cred, td)) != 0)
  567                         return (error);
  568         }
  569         if (vap->va_atime.tv_sec != VNOVAL ||
  570             vap->va_mtime.tv_sec != VNOVAL ||
  571             vap->va_birthtime.tv_sec != VNOVAL) {
  572                 if (vp->v_mount->mnt_flag & MNT_RDONLY)
  573                         return (EROFS);
  574                 if ((ip->i_flags & SF_SNAPSHOT) != 0)
  575                         return (EPERM);
  576                 /*
  577                  * From utimes(2):
  578                  * If times is NULL, ... The caller must be the owner of
  579                  * the file, have permission to write the file, or be the
  580                  * super-user.
  581                  * If times is non-NULL, ... The caller must be the owner of
  582                  * the file or be the super-user.
  583                  */
  584                 if ((error = VOP_ACCESS(vp, VADMIN, cred, td)) &&
  585                     ((vap->va_vaflags & VA_UTIMES_NULL) == 0 ||
  586                     (error = VOP_ACCESS(vp, VWRITE, cred, td))))
  587                         return (error);
  588                 if (vap->va_atime.tv_sec != VNOVAL)
  589                         ip->i_flag |= IN_ACCESS;
  590                 if (vap->va_mtime.tv_sec != VNOVAL)
  591                         ip->i_flag |= IN_CHANGE | IN_UPDATE;
  592                 if (vap->va_birthtime.tv_sec != VNOVAL &&
  593                     ip->i_ump->um_fstype == UFS2)
  594                         ip->i_flag |= IN_MODIFIED;
  595                 ufs_itimes(vp);
  596                 if (vap->va_atime.tv_sec != VNOVAL) {
  597                         DIP_SET(ip, i_atime, vap->va_atime.tv_sec);
  598                         DIP_SET(ip, i_atimensec, vap->va_atime.tv_nsec);
  599                 }
  600                 if (vap->va_mtime.tv_sec != VNOVAL) {
  601                         DIP_SET(ip, i_mtime, vap->va_mtime.tv_sec);
  602                         DIP_SET(ip, i_mtimensec, vap->va_mtime.tv_nsec);
  603                 }
  604                 if (vap->va_birthtime.tv_sec != VNOVAL &&
  605                     ip->i_ump->um_fstype == UFS2) {
  606                         ip->i_din2->di_birthtime = vap->va_birthtime.tv_sec;
  607                         ip->i_din2->di_birthnsec = vap->va_birthtime.tv_nsec;
  608                 }
  609                 error = UFS_UPDATE(vp, 0);
  610                 if (error)
  611                         return (error);
  612         }
  613         error = 0;
  614         if (vap->va_mode != (mode_t)VNOVAL) {
  615                 if (vp->v_mount->mnt_flag & MNT_RDONLY)
  616                         return (EROFS);
  617                 if ((ip->i_flags & SF_SNAPSHOT) != 0 && (vap->va_mode &
  618                    (S_IXUSR | S_IWUSR | S_IXGRP | S_IWGRP | S_IXOTH | S_IWOTH)))
  619                         return (EPERM);
  620                 error = ufs_chmod(vp, (int)vap->va_mode, cred, td);
  621         }
  622         return (error);
  623 }
  624 
  625 /*
  626  * Change the mode on a file.
  627  * Inode must be locked before calling.
  628  */
  629 static int
  630 ufs_chmod(vp, mode, cred, td)
  631         struct vnode *vp;
  632         int mode;
  633         struct ucred *cred;
  634         struct thread *td;
  635 {
  636         struct inode *ip = VTOI(vp);
  637         int error;
  638 
  639         /*
  640          * To modify the permissions on a file, must possess VADMIN
  641          * for that file.
  642          */
  643         if ((error = VOP_ACCESS(vp, VADMIN, cred, td)))
  644                 return (error);
  645         /*
  646          * Privileged processes may set the sticky bit on non-directories,
  647          * as well as set the setgid bit on a file with a group that the
  648          * process is not a member of.  Both of these are allowed in
  649          * jail(8).
  650          */
  651         if (vp->v_type != VDIR && (mode & S_ISTXT)) {
  652                 if (suser_cred(cred, SUSER_ALLOWJAIL))
  653                         return (EFTYPE);
  654         }
  655         if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) {
  656                 error = suser_cred(cred, SUSER_ALLOWJAIL);
  657                 if (error)
  658                         return (error);
  659         }
  660         ip->i_mode &= ~ALLPERMS;
  661         ip->i_mode |= (mode & ALLPERMS);
  662         DIP_SET(ip, i_mode, ip->i_mode);
  663         ip->i_flag |= IN_CHANGE;
  664         return (0);
  665 }
  666 
  667 /*
  668  * Perform chown operation on inode ip;
  669  * inode must be locked prior to call.
  670  */
  671 static int
  672 ufs_chown(vp, uid, gid, cred, td)
  673         struct vnode *vp;
  674         uid_t uid;
  675         gid_t gid;
  676         struct ucred *cred;
  677         struct thread *td;
  678 {
  679         struct inode *ip = VTOI(vp);
  680         uid_t ouid;
  681         gid_t ogid;
  682         int error = 0;
  683 #ifdef QUOTA
  684         int i;
  685         ufs2_daddr_t change;
  686 #endif
  687 
  688         if (uid == (uid_t)VNOVAL)
  689                 uid = ip->i_uid;
  690         if (gid == (gid_t)VNOVAL)
  691                 gid = ip->i_gid;
  692         /*
  693          * To modify the ownership of a file, must possess VADMIN
  694          * for that file.
  695          */
  696         if ((error = VOP_ACCESS(vp, VADMIN, cred, td)))
  697                 return (error);
  698         /*
  699          * To change the owner of a file, or change the group of a file
  700          * to a group of which we are not a member, the caller must
  701          * have privilege.
  702          */
  703         if ((uid != ip->i_uid || 
  704             (gid != ip->i_gid && !groupmember(gid, cred))) &&
  705             (error = suser_cred(cred, SUSER_ALLOWJAIL)))
  706                 return (error);
  707         ogid = ip->i_gid;
  708         ouid = ip->i_uid;
  709 #ifdef QUOTA
  710         if ((error = getinoquota(ip)) != 0)
  711                 return (error);
  712         if (ouid == uid) {
  713                 dqrele(vp, ip->i_dquot[USRQUOTA]);
  714                 ip->i_dquot[USRQUOTA] = NODQUOT;
  715         }
  716         if (ogid == gid) {
  717                 dqrele(vp, ip->i_dquot[GRPQUOTA]);
  718                 ip->i_dquot[GRPQUOTA] = NODQUOT;
  719         }
  720         change = DIP(ip, i_blocks);
  721         (void) chkdq(ip, -change, cred, CHOWN);
  722         (void) chkiq(ip, -1, cred, CHOWN);
  723         for (i = 0; i < MAXQUOTAS; i++) {
  724                 dqrele(vp, ip->i_dquot[i]);
  725                 ip->i_dquot[i] = NODQUOT;
  726         }
  727 #endif
  728         ip->i_gid = gid;
  729         DIP_SET(ip, i_gid, gid);
  730         ip->i_uid = uid;
  731         DIP_SET(ip, i_uid, uid);
  732 #ifdef QUOTA
  733         if ((error = getinoquota(ip)) == 0) {
  734                 if (ouid == uid) {
  735                         dqrele(vp, ip->i_dquot[USRQUOTA]);
  736                         ip->i_dquot[USRQUOTA] = NODQUOT;
  737                 }
  738                 if (ogid == gid) {
  739                         dqrele(vp, ip->i_dquot[GRPQUOTA]);
  740                         ip->i_dquot[GRPQUOTA] = NODQUOT;
  741                 }
  742                 if ((error = chkdq(ip, change, cred, CHOWN)) == 0) {
  743                         if ((error = chkiq(ip, 1, cred, CHOWN)) == 0)
  744                                 goto good;
  745                         else
  746                                 (void) chkdq(ip, -change, cred, CHOWN|FORCE);
  747                 }
  748                 for (i = 0; i < MAXQUOTAS; i++) {
  749                         dqrele(vp, ip->i_dquot[i]);
  750                         ip->i_dquot[i] = NODQUOT;
  751                 }
  752         }
  753         ip->i_gid = ogid;
  754         DIP_SET(ip, i_gid, ogid);
  755         ip->i_uid = ouid;
  756         DIP_SET(ip, i_uid, ouid);
  757         if (getinoquota(ip) == 0) {
  758                 if (ouid == uid) {
  759                         dqrele(vp, ip->i_dquot[USRQUOTA]);
  760                         ip->i_dquot[USRQUOTA] = NODQUOT;
  761                 }
  762                 if (ogid == gid) {
  763                         dqrele(vp, ip->i_dquot[GRPQUOTA]);
  764                         ip->i_dquot[GRPQUOTA] = NODQUOT;
  765                 }
  766                 (void) chkdq(ip, change, cred, FORCE|CHOWN);
  767                 (void) chkiq(ip, 1, cred, FORCE|CHOWN);
  768                 (void) getinoquota(ip);
  769         }
  770         return (error);
  771 good:
  772         if (getinoquota(ip))
  773                 panic("ufs_chown: lost quota");
  774 #endif /* QUOTA */
  775         ip->i_flag |= IN_CHANGE;
  776         if (suser_cred(cred, SUSER_ALLOWJAIL) && (ouid != uid || ogid != gid)) {
  777                 ip->i_mode &= ~(ISUID | ISGID);
  778                 DIP_SET(ip, i_mode, ip->i_mode);
  779         }
  780         return (0);
  781 }
  782 
  783 static int
  784 ufs_remove(ap)
  785         struct vop_remove_args /* {
  786                 struct vnode *a_dvp;
  787                 struct vnode *a_vp;
  788                 struct componentname *a_cnp;
  789         } */ *ap;
  790 {
  791         struct inode *ip;
  792         struct vnode *vp = ap->a_vp;
  793         struct vnode *dvp = ap->a_dvp;
  794         int error;
  795         struct thread *td;
  796 
  797         td = curthread;
  798         ip = VTOI(vp);
  799         if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) ||
  800             (VTOI(dvp)->i_flags & APPEND)) {
  801                 error = EPERM;
  802                 goto out;
  803         }
  804         error = ufs_dirremove(dvp, ip, ap->a_cnp->cn_flags, 0);
  805         if (ip->i_nlink <= 0)
  806                 vp->v_vflag |= VV_NOSYNC;
  807         if ((ip->i_flags & SF_SNAPSHOT) != 0) {
  808                 /*
  809                  * Avoid deadlock where another thread is trying to
  810                  * update the inodeblock for dvp and is waiting on
  811                  * snaplk.  Temporary unlock the vnode lock for the
  812                  * unlinked file and sync the directory.  This should
  813                  * allow vput() of the directory to not block later on
  814                  * while holding the snapshot vnode locked, assuming
  815                  * that the directory hasn't been unlinked too.
  816                  */
  817                 VOP_UNLOCK(vp, 0, td);
  818                 (void) VOP_FSYNC(dvp, MNT_WAIT, td);
  819                 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
  820         }
  821 out:
  822         return (error);
  823 }
  824 
  825 /*
  826  * link vnode call
  827  */
  828 static int
  829 ufs_link(ap)
  830         struct vop_link_args /* {
  831                 struct vnode *a_tdvp;
  832                 struct vnode *a_vp;
  833                 struct componentname *a_cnp;
  834         } */ *ap;
  835 {
  836         struct vnode *vp = ap->a_vp;
  837         struct vnode *tdvp = ap->a_tdvp;
  838         struct componentname *cnp = ap->a_cnp;
  839         struct inode *ip;
  840         struct direct newdir;
  841         int error;
  842 
  843 #ifdef DIAGNOSTIC
  844         if ((cnp->cn_flags & HASBUF) == 0)
  845                 panic("ufs_link: no name");
  846 #endif
  847         if (tdvp->v_mount != vp->v_mount) {
  848                 error = EXDEV;
  849                 goto out;
  850         }
  851         ip = VTOI(vp);
  852         if ((nlink_t)ip->i_nlink >= LINK_MAX) {
  853                 error = EMLINK;
  854                 goto out;
  855         }
  856         if (ip->i_flags & (IMMUTABLE | APPEND)) {
  857                 error = EPERM;
  858                 goto out;
  859         }
  860         ip->i_effnlink++;
  861         ip->i_nlink++;
  862         DIP_SET(ip, i_nlink, ip->i_nlink);
  863         ip->i_flag |= IN_CHANGE;
  864         if (DOINGSOFTDEP(vp))
  865                 softdep_change_linkcnt(ip);
  866         error = UFS_UPDATE(vp, !(DOINGSOFTDEP(vp) | DOINGASYNC(vp)));
  867         if (!error) {
  868                 ufs_makedirentry(ip, cnp, &newdir);
  869                 error = ufs_direnter(tdvp, vp, &newdir, cnp, NULL);
  870         }
  871 
  872         if (error) {
  873                 ip->i_effnlink--;
  874                 ip->i_nlink--;
  875                 DIP_SET(ip, i_nlink, ip->i_nlink);
  876                 ip->i_flag |= IN_CHANGE;
  877                 if (DOINGSOFTDEP(vp))
  878                         softdep_change_linkcnt(ip);
  879         }
  880 out:
  881         return (error);
  882 }
  883 
  884 /*
  885  * whiteout vnode call
  886  */
  887 static int
  888 ufs_whiteout(ap)
  889         struct vop_whiteout_args /* {
  890                 struct vnode *a_dvp;
  891                 struct componentname *a_cnp;
  892                 int a_flags;
  893         } */ *ap;
  894 {
  895         struct vnode *dvp = ap->a_dvp;
  896         struct componentname *cnp = ap->a_cnp;
  897         struct direct newdir;
  898         int error = 0;
  899 
  900         switch (ap->a_flags) {
  901         case LOOKUP:
  902                 /* 4.4 format directories support whiteout operations */
  903                 if (dvp->v_mount->mnt_maxsymlinklen > 0)
  904                         return (0);
  905                 return (EOPNOTSUPP);
  906 
  907         case CREATE:
  908                 /* create a new directory whiteout */
  909 #ifdef DIAGNOSTIC
  910                 if ((cnp->cn_flags & SAVENAME) == 0)
  911                         panic("ufs_whiteout: missing name");
  912                 if (dvp->v_mount->mnt_maxsymlinklen <= 0)
  913                         panic("ufs_whiteout: old format filesystem");
  914 #endif
  915 
  916                 newdir.d_ino = WINO;
  917                 newdir.d_namlen = cnp->cn_namelen;
  918                 bcopy(cnp->cn_nameptr, newdir.d_name, (unsigned)cnp->cn_namelen + 1);
  919                 newdir.d_type = DT_WHT;
  920                 error = ufs_direnter(dvp, NULL, &newdir, cnp, NULL);
  921                 break;
  922 
  923         case DELETE:
  924                 /* remove an existing directory whiteout */
  925 #ifdef DIAGNOSTIC
  926                 if (dvp->v_mount->mnt_maxsymlinklen <= 0)
  927                         panic("ufs_whiteout: old format filesystem");
  928 #endif
  929 
  930                 cnp->cn_flags &= ~DOWHITEOUT;
  931                 error = ufs_dirremove(dvp, NULL, cnp->cn_flags, 0);
  932                 break;
  933         default:
  934                 panic("ufs_whiteout: unknown op");
  935         }
  936         return (error);
  937 }
  938 
  939 /*
  940  * Rename system call.
  941  *      rename("foo", "bar");
  942  * is essentially
  943  *      unlink("bar");
  944  *      link("foo", "bar");
  945  *      unlink("foo");
  946  * but ``atomically''.  Can't do full commit without saving state in the
  947  * inode on disk which isn't feasible at this time.  Best we can do is
  948  * always guarantee the target exists.
  949  *
  950  * Basic algorithm is:
  951  *
  952  * 1) Bump link count on source while we're linking it to the
  953  *    target.  This also ensure the inode won't be deleted out
  954  *    from underneath us while we work (it may be truncated by
  955  *    a concurrent `trunc' or `open' for creation).
  956  * 2) Link source to destination.  If destination already exists,
  957  *    delete it first.
  958  * 3) Unlink source reference to inode if still around. If a
  959  *    directory was moved and the parent of the destination
  960  *    is different from the source, patch the ".." entry in the
  961  *    directory.
  962  */
  963 static int
  964 ufs_rename(ap)
  965         struct vop_rename_args  /* {
  966                 struct vnode *a_fdvp;
  967                 struct vnode *a_fvp;
  968                 struct componentname *a_fcnp;
  969                 struct vnode *a_tdvp;
  970                 struct vnode *a_tvp;
  971                 struct componentname *a_tcnp;
  972         } */ *ap;
  973 {
  974         struct vnode *tvp = ap->a_tvp;
  975         struct vnode *tdvp = ap->a_tdvp;
  976         struct vnode *fvp = ap->a_fvp;
  977         struct vnode *fdvp = ap->a_fdvp;
  978         struct componentname *tcnp = ap->a_tcnp;
  979         struct componentname *fcnp = ap->a_fcnp;
  980         struct thread *td = fcnp->cn_thread;
  981         struct inode *ip, *xp, *dp;
  982         struct direct newdir;
  983         int doingdirectory = 0, oldparent = 0, newparent = 0;
  984         int error = 0, ioflag;
  985 
  986 #ifdef DIAGNOSTIC
  987         if ((tcnp->cn_flags & HASBUF) == 0 ||
  988             (fcnp->cn_flags & HASBUF) == 0)
  989                 panic("ufs_rename: no name");
  990 #endif
  991         /*
  992          * Check for cross-device rename.
  993          */
  994         if ((fvp->v_mount != tdvp->v_mount) ||
  995             (tvp && (fvp->v_mount != tvp->v_mount))) {
  996                 error = EXDEV;
  997 abortit:
  998                 if (tdvp == tvp)
  999                         vrele(tdvp);
 1000                 else
 1001                         vput(tdvp);
 1002                 if (tvp)
 1003                         vput(tvp);
 1004                 vrele(fdvp);
 1005                 vrele(fvp);
 1006                 return (error);
 1007         }
 1008 
 1009         if (tvp && ((VTOI(tvp)->i_flags & (NOUNLINK | IMMUTABLE | APPEND)) ||
 1010             (VTOI(tdvp)->i_flags & APPEND))) {
 1011                 error = EPERM;
 1012                 goto abortit;
 1013         }
 1014 
 1015         /*
 1016          * Renaming a file to itself has no effect.  The upper layers should
 1017          * not call us in that case.  Temporarily just warn if they do.
 1018          */
 1019         if (fvp == tvp) {
 1020                 printf("ufs_rename: fvp == tvp (can't happen)\n");
 1021                 error = 0;
 1022                 goto abortit;
 1023         }
 1024 
 1025         if ((error = vn_lock(fvp, LK_EXCLUSIVE, td)) != 0)
 1026                 goto abortit;
 1027         dp = VTOI(fdvp);
 1028         ip = VTOI(fvp);
 1029         if (ip->i_nlink >= LINK_MAX) {
 1030                 VOP_UNLOCK(fvp, 0, td);
 1031                 error = EMLINK;
 1032                 goto abortit;
 1033         }
 1034         if ((ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))
 1035             || (dp->i_flags & APPEND)) {
 1036                 VOP_UNLOCK(fvp, 0, td);
 1037                 error = EPERM;
 1038                 goto abortit;
 1039         }
 1040         if ((ip->i_mode & IFMT) == IFDIR) {
 1041                 /*
 1042                  * Avoid ".", "..", and aliases of "." for obvious reasons.
 1043                  */
 1044                 if ((fcnp->cn_namelen == 1 && fcnp->cn_nameptr[0] == '.') ||
 1045                     dp == ip || (fcnp->cn_flags | tcnp->cn_flags) & ISDOTDOT ||
 1046                     (ip->i_flag & IN_RENAME)) {
 1047                         VOP_UNLOCK(fvp, 0, td);
 1048                         error = EINVAL;
 1049                         goto abortit;
 1050                 }
 1051                 ip->i_flag |= IN_RENAME;
 1052                 oldparent = dp->i_number;
 1053                 doingdirectory = 1;
 1054         }
 1055         vrele(fdvp);
 1056 
 1057         /*
 1058          * When the target exists, both the directory
 1059          * and target vnodes are returned locked.
 1060          */
 1061         dp = VTOI(tdvp);
 1062         xp = NULL;
 1063         if (tvp)
 1064                 xp = VTOI(tvp);
 1065 
 1066         /*
 1067          * 1) Bump link count while we're moving stuff
 1068          *    around.  If we crash somewhere before
 1069          *    completing our work, the link count
 1070          *    may be wrong, but correctable.
 1071          */
 1072         ip->i_effnlink++;
 1073         ip->i_nlink++;
 1074         DIP_SET(ip, i_nlink, ip->i_nlink);
 1075         ip->i_flag |= IN_CHANGE;
 1076         if (DOINGSOFTDEP(fvp))
 1077                 softdep_change_linkcnt(ip);
 1078         if ((error = UFS_UPDATE(fvp, !(DOINGSOFTDEP(fvp) |
 1079                                        DOINGASYNC(fvp)))) != 0) {
 1080                 VOP_UNLOCK(fvp, 0, td);
 1081                 goto bad;
 1082         }
 1083 
 1084         /*
 1085          * If ".." must be changed (ie the directory gets a new
 1086          * parent) then the source directory must not be in the
 1087          * directory heirarchy above the target, as this would
 1088          * orphan everything below the source directory. Also
 1089          * the user must have write permission in the source so
 1090          * as to be able to change "..". We must repeat the call
 1091          * to namei, as the parent directory is unlocked by the
 1092          * call to checkpath().
 1093          */
 1094         error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred, tcnp->cn_thread);
 1095         VOP_UNLOCK(fvp, 0, td);
 1096         if (oldparent != dp->i_number)
 1097                 newparent = dp->i_number;
 1098         if (doingdirectory && newparent) {
 1099                 if (error)      /* write access check above */
 1100                         goto bad;
 1101                 if (xp != NULL)
 1102                         vput(tvp);
 1103                 error = ufs_checkpath(ip, dp, tcnp->cn_cred);
 1104                 if (error)
 1105                         goto out;
 1106                 if ((tcnp->cn_flags & SAVESTART) == 0)
 1107                         panic("ufs_rename: lost to startdir");
 1108                 VREF(tdvp);
 1109                 error = relookup(tdvp, &tvp, tcnp);
 1110                 if (error)
 1111                         goto out;
 1112                 vrele(tdvp);
 1113                 dp = VTOI(tdvp);
 1114                 xp = NULL;
 1115                 if (tvp)
 1116                         xp = VTOI(tvp);
 1117         }
 1118         /*
 1119          * 2) If target doesn't exist, link the target
 1120          *    to the source and unlink the source.
 1121          *    Otherwise, rewrite the target directory
 1122          *    entry to reference the source inode and
 1123          *    expunge the original entry's existence.
 1124          */
 1125         if (xp == NULL) {
 1126                 if (dp->i_dev != ip->i_dev)
 1127                         panic("ufs_rename: EXDEV");
 1128                 /*
 1129                  * Account for ".." in new directory.
 1130                  * When source and destination have the same
 1131                  * parent we don't fool with the link count.
 1132                  */
 1133                 if (doingdirectory && newparent) {
 1134                         if ((nlink_t)dp->i_nlink >= LINK_MAX) {
 1135                                 error = EMLINK;
 1136                                 goto bad;
 1137                         }
 1138                         dp->i_effnlink++;
 1139                         dp->i_nlink++;
 1140                         DIP_SET(dp, i_nlink, dp->i_nlink);
 1141                         dp->i_flag |= IN_CHANGE;
 1142                         if (DOINGSOFTDEP(tdvp))
 1143                                 softdep_change_linkcnt(dp);
 1144                         error = UFS_UPDATE(tdvp, !(DOINGSOFTDEP(tdvp) |
 1145                                                    DOINGASYNC(tdvp)));
 1146                         if (error)
 1147                                 goto bad;
 1148                 }
 1149                 ufs_makedirentry(ip, tcnp, &newdir);
 1150                 error = ufs_direnter(tdvp, NULL, &newdir, tcnp, NULL);
 1151                 if (error) {
 1152                         if (doingdirectory && newparent) {
 1153                                 dp->i_effnlink--;
 1154                                 dp->i_nlink--;
 1155                                 DIP_SET(dp, i_nlink, dp->i_nlink);
 1156                                 dp->i_flag |= IN_CHANGE;
 1157                                 if (DOINGSOFTDEP(tdvp))
 1158                                         softdep_change_linkcnt(dp);
 1159                                 (void)UFS_UPDATE(tdvp, 1);
 1160                         }
 1161                         goto bad;
 1162                 }
 1163                 vput(tdvp);
 1164         } else {
 1165                 if (xp->i_dev != dp->i_dev || xp->i_dev != ip->i_dev)
 1166                         panic("ufs_rename: EXDEV");
 1167                 /*
 1168                  * Short circuit rename(foo, foo).
 1169                  */
 1170                 if (xp->i_number == ip->i_number)
 1171                         panic("ufs_rename: same file");
 1172                 /*
 1173                  * If the parent directory is "sticky", then the caller
 1174                  * must possess VADMIN for the parent directory, or the
 1175                  * destination of the rename.  This implements append-only
 1176                  * directories.
 1177                  */
 1178                 if ((dp->i_mode & S_ISTXT) &&
 1179                     VOP_ACCESS(tdvp, VADMIN, tcnp->cn_cred, td) &&
 1180                     VOP_ACCESS(tvp, VADMIN, tcnp->cn_cred, td)) {
 1181                         error = EPERM;
 1182                         goto bad;
 1183                 }
 1184                 /*
 1185                  * Target must be empty if a directory and have no links
 1186                  * to it. Also, ensure source and target are compatible
 1187                  * (both directories, or both not directories).
 1188                  */
 1189                 if ((xp->i_mode&IFMT) == IFDIR) {
 1190                         if ((xp->i_effnlink > 2) ||
 1191                             !ufs_dirempty(xp, dp->i_number, tcnp->cn_cred)) {
 1192                                 error = ENOTEMPTY;
 1193                                 goto bad;
 1194                         }
 1195                         if (!doingdirectory) {
 1196                                 error = ENOTDIR;
 1197                                 goto bad;
 1198                         }
 1199                         cache_purge(tdvp);
 1200                 } else if (doingdirectory) {
 1201                         error = EISDIR;
 1202                         goto bad;
 1203                 }
 1204                 error = ufs_dirrewrite(dp, xp, ip->i_number,
 1205                     IFTODT(ip->i_mode),
 1206                     (doingdirectory && newparent) ? newparent : doingdirectory);
 1207                 if (error)
 1208                         goto bad;
 1209                 if (doingdirectory) {
 1210                         if (!newparent) {
 1211                                 dp->i_effnlink--;
 1212                                 if (DOINGSOFTDEP(tdvp))
 1213                                         softdep_change_linkcnt(dp);
 1214                         }
 1215                         xp->i_effnlink--;
 1216                         if (DOINGSOFTDEP(tvp))
 1217                                 softdep_change_linkcnt(xp);
 1218                 }
 1219                 if (doingdirectory && !DOINGSOFTDEP(tvp)) {
 1220                         /*
 1221                          * Truncate inode. The only stuff left in the directory
 1222                          * is "." and "..". The "." reference is inconsequential
 1223                          * since we are quashing it. We have removed the "."
 1224                          * reference and the reference in the parent directory,
 1225                          * but there may be other hard links. The soft
 1226                          * dependency code will arrange to do these operations
 1227                          * after the parent directory entry has been deleted on
 1228                          * disk, so when running with that code we avoid doing
 1229                          * them now.
 1230                          */
 1231                         if (!newparent) {
 1232                                 dp->i_nlink--;
 1233                                 DIP_SET(dp, i_nlink, dp->i_nlink);
 1234                                 dp->i_flag |= IN_CHANGE;
 1235                         }
 1236                         xp->i_nlink--;
 1237                         DIP_SET(xp, i_nlink, xp->i_nlink);
 1238                         xp->i_flag |= IN_CHANGE;
 1239                         ioflag = IO_NORMAL;
 1240                         if (!DOINGASYNC(tvp))
 1241                                 ioflag |= IO_SYNC;
 1242                         if ((error = UFS_TRUNCATE(tvp, (off_t)0, ioflag,
 1243                             tcnp->cn_cred, tcnp->cn_thread)) != 0)
 1244                                 goto bad;
 1245                 }
 1246                 vput(tdvp);
 1247                 vput(tvp);
 1248                 xp = NULL;
 1249         }
 1250 
 1251         /*
 1252          * 3) Unlink the source.
 1253          */
 1254         fcnp->cn_flags &= ~MODMASK;
 1255         fcnp->cn_flags |= LOCKPARENT | LOCKLEAF;
 1256         if ((fcnp->cn_flags & SAVESTART) == 0)
 1257                 panic("ufs_rename: lost from startdir");
 1258         VREF(fdvp);
 1259         error = relookup(fdvp, &fvp, fcnp);
 1260         if (error == 0)
 1261                 vrele(fdvp);
 1262         if (fvp != NULL) {
 1263                 xp = VTOI(fvp);
 1264                 dp = VTOI(fdvp);
 1265         } else {
 1266                 /*
 1267                  * From name has disappeared.  IN_RENAME is not sufficient
 1268                  * to protect against directory races due to timing windows,
 1269                  * so we have to remove the panic.  XXX the only real way
 1270                  * to solve this issue is at a much higher level.  By the
 1271                  * time we hit ufs_rename() it's too late.
 1272                  */
 1273 #if 0
 1274                 if (doingdirectory)
 1275                         panic("ufs_rename: lost dir entry");
 1276 #endif
 1277                 vrele(ap->a_fvp);
 1278                 return (0);
 1279         }
 1280         /*
 1281          * Ensure that the directory entry still exists and has not
 1282          * changed while the new name has been entered. If the source is
 1283          * a file then the entry may have been unlinked or renamed. In
 1284          * either case there is no further work to be done. If the source
 1285          * is a directory then it cannot have been rmdir'ed; the IN_RENAME
 1286          * flag ensures that it cannot be moved by another rename or removed
 1287          * by a rmdir.
 1288          */
 1289         if (xp != ip) {
 1290                 /*
 1291                  * From name resolves to a different inode.  IN_RENAME is
 1292                  * not sufficient protection against timing window races
 1293                  * so we can't panic here.  XXX the only real way
 1294                  * to solve this issue is at a much higher level.  By the
 1295                  * time we hit ufs_rename() it's too late.
 1296                  */
 1297 #if 0
 1298                 if (doingdirectory)
 1299                         panic("ufs_rename: lost dir entry");
 1300 #endif
 1301         } else {
 1302                 /*
 1303                  * If the source is a directory with a
 1304                  * new parent, the link count of the old
 1305                  * parent directory must be decremented
 1306                  * and ".." set to point to the new parent.
 1307                  */
 1308                 if (doingdirectory && newparent) {
 1309                         xp->i_offset = mastertemplate.dot_reclen;
 1310                         ufs_dirrewrite(xp, dp, newparent, DT_DIR, 0);
 1311                         cache_purge(fdvp);
 1312                 }
 1313                 error = ufs_dirremove(fdvp, xp, fcnp->cn_flags, 0);
 1314                 xp->i_flag &= ~IN_RENAME;
 1315         }
 1316         if (dp)
 1317                 vput(fdvp);
 1318         if (xp)
 1319                 vput(fvp);
 1320         vrele(ap->a_fvp);
 1321         return (error);
 1322 
 1323 bad:
 1324         if (xp)
 1325                 vput(ITOV(xp));
 1326         vput(ITOV(dp));
 1327 out:
 1328         if (doingdirectory)
 1329                 ip->i_flag &= ~IN_RENAME;
 1330         if (vn_lock(fvp, LK_EXCLUSIVE, td) == 0) {
 1331                 ip->i_effnlink--;
 1332                 ip->i_nlink--;
 1333                 DIP_SET(ip, i_nlink, ip->i_nlink);
 1334                 ip->i_flag |= IN_CHANGE;
 1335                 ip->i_flag &= ~IN_RENAME;
 1336                 if (DOINGSOFTDEP(fvp))
 1337                         softdep_change_linkcnt(ip);
 1338                 vput(fvp);
 1339         } else
 1340                 vrele(fvp);
 1341         return (error);
 1342 }
 1343 
 1344 /*
 1345  * Mkdir system call
 1346  */
 1347 static int
 1348 ufs_mkdir(ap)
 1349         struct vop_mkdir_args /* {
 1350                 struct vnode *a_dvp;
 1351                 struct vnode **a_vpp;
 1352                 struct componentname *a_cnp;
 1353                 struct vattr *a_vap;
 1354         } */ *ap;
 1355 {
 1356         struct vnode *dvp = ap->a_dvp;
 1357         struct vattr *vap = ap->a_vap;
 1358         struct componentname *cnp = ap->a_cnp;
 1359         struct inode *ip, *dp;
 1360         struct vnode *tvp;
 1361         struct buf *bp;
 1362         struct dirtemplate dirtemplate, *dtp;
 1363         struct direct newdir;
 1364 #ifdef UFS_ACL
 1365         struct acl *acl, *dacl;
 1366 #endif
 1367         int error, dmode;
 1368         long blkoff;
 1369 
 1370 #ifdef DIAGNOSTIC
 1371         if ((cnp->cn_flags & HASBUF) == 0)
 1372                 panic("ufs_mkdir: no name");
 1373 #endif
 1374         dp = VTOI(dvp);
 1375         if ((nlink_t)dp->i_nlink >= LINK_MAX) {
 1376                 error = EMLINK;
 1377                 goto out;
 1378         }
 1379         dmode = vap->va_mode & 0777;
 1380         dmode |= IFDIR;
 1381         /*
 1382          * Must simulate part of ufs_makeinode here to acquire the inode,
 1383          * but not have it entered in the parent directory. The entry is
 1384          * made later after writing "." and ".." entries.
 1385          */
 1386         error = UFS_VALLOC(dvp, dmode, cnp->cn_cred, &tvp);
 1387         if (error)
 1388                 goto out;
 1389         ip = VTOI(tvp);
 1390         ip->i_gid = dp->i_gid;
 1391         DIP_SET(ip, i_gid, dp->i_gid);
 1392 #ifdef SUIDDIR
 1393         {
 1394 #ifdef QUOTA
 1395                 struct ucred ucred, *ucp;
 1396                 ucp = cnp->cn_cred;
 1397 #endif
 1398                 /*
 1399                  * If we are hacking owners here, (only do this where told to)
 1400                  * and we are not giving it TO root, (would subvert quotas)
 1401                  * then go ahead and give it to the other user.
 1402                  * The new directory also inherits the SUID bit.
 1403                  * If user's UID and dir UID are the same,
 1404                  * 'give it away' so that the SUID is still forced on.
 1405                  */
 1406                 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) &&
 1407                     (dp->i_mode & ISUID) && dp->i_uid) {
 1408                         dmode |= ISUID;
 1409                         ip->i_uid = dp->i_uid;
 1410                         DIP_SET(ip, i_uid, dp->i_uid);
 1411 #ifdef QUOTA
 1412                         if (dp->i_uid != cnp->cn_cred->cr_uid) {
 1413                                 /*
 1414                                  * Make sure the correct user gets charged
 1415                                  * for the space.
 1416                                  * Make a dummy credential for the victim.
 1417                                  * XXX This seems to never be accessed out of
 1418                                  * our context so a stack variable is ok.
 1419                                  */
 1420                                 ucred.cr_ref = 1;
 1421                                 ucred.cr_uid = ip->i_uid;
 1422                                 ucred.cr_ngroups = 1;
 1423                                 ucred.cr_groups[0] = dp->i_gid;
 1424                                 ucp = &ucred;
 1425                         }
 1426 #endif
 1427                 } else {
 1428                         ip->i_uid = cnp->cn_cred->cr_uid;
 1429                         DIP_SET(ip, i_uid, ip->i_uid);
 1430                 }
 1431 #ifdef QUOTA
 1432                 if ((error = getinoquota(ip)) ||
 1433                     (error = chkiq(ip, 1, ucp, 0))) {
 1434                         UFS_VFREE(tvp, ip->i_number, dmode);
 1435                         vput(tvp);
 1436                         return (error);
 1437                 }
 1438 #endif
 1439         }
 1440 #else   /* !SUIDDIR */
 1441         ip->i_uid = cnp->cn_cred->cr_uid;
 1442         DIP_SET(ip, i_uid, ip->i_uid);
 1443 #ifdef QUOTA
 1444         if ((error = getinoquota(ip)) ||
 1445             (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
 1446                 UFS_VFREE(tvp, ip->i_number, dmode);
 1447                 vput(tvp);
 1448                 return (error);
 1449         }
 1450 #endif
 1451 #endif  /* !SUIDDIR */
 1452         ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
 1453 #ifdef UFS_ACL
 1454         acl = dacl = NULL;
 1455         if ((dvp->v_mount->mnt_flag & MNT_ACLS) != 0) {
 1456                 acl = uma_zalloc(acl_zone, M_WAITOK);
 1457                 dacl = uma_zalloc(acl_zone, M_WAITOK);
 1458 
 1459                 /*
 1460                  * Retrieve default ACL from parent, if any.
 1461                  */
 1462                 error = VOP_GETACL(dvp, ACL_TYPE_DEFAULT, acl, cnp->cn_cred,
 1463                     cnp->cn_thread);
 1464                 switch (error) {
 1465                 case 0:
 1466                         /*
 1467                          * Retrieved a default ACL, so merge mode and ACL if
 1468                          * necessary.  If the ACL is empty, fall through to
 1469                          * the "not defined or available" case.
 1470                          */
 1471                         if (acl->acl_cnt != 0) {
 1472                                 dmode = acl_posix1e_newfilemode(dmode, acl);
 1473                                 ip->i_mode = dmode;
 1474                                 DIP_SET(ip, i_mode, dmode);
 1475                                 *dacl = *acl;
 1476                                 ufs_sync_acl_from_inode(ip, acl);
 1477                                 break;
 1478                         }
 1479                         /* FALLTHROUGH */
 1480         
 1481                 case EOPNOTSUPP:
 1482                         /*
 1483                          * Just use the mode as-is.
 1484                          */
 1485                         ip->i_mode = dmode;
 1486                         DIP_SET(ip, i_mode, dmode);
 1487                         uma_zfree(acl_zone, acl);
 1488                         uma_zfree(acl_zone, dacl);
 1489                         dacl = acl = NULL;
 1490                         break;
 1491                 
 1492                 default:
 1493                         UFS_VFREE(tvp, ip->i_number, dmode);
 1494                         vput(tvp);
 1495                         uma_zfree(acl_zone, acl);
 1496                         uma_zfree(acl_zone, dacl);
 1497                         return (error);
 1498                 }
 1499         } else {
 1500 #endif /* !UFS_ACL */
 1501                 ip->i_mode = dmode;
 1502                 DIP_SET(ip, i_mode, dmode);
 1503 #ifdef UFS_ACL
 1504         }
 1505 #endif
 1506         tvp->v_type = VDIR;     /* Rest init'd in getnewvnode(). */
 1507         ip->i_effnlink = 2;
 1508         ip->i_nlink = 2;
 1509         DIP_SET(ip, i_nlink, 2);
 1510         if (DOINGSOFTDEP(tvp))
 1511                 softdep_change_linkcnt(ip);
 1512         if (cnp->cn_flags & ISWHITEOUT) {
 1513                 ip->i_flags |= UF_OPAQUE;
 1514                 DIP_SET(ip, i_flags, ip->i_flags);
 1515         }
 1516 
 1517         /*
 1518          * Bump link count in parent directory to reflect work done below.
 1519          * Should be done before reference is created so cleanup is
 1520          * possible if we crash.
 1521          */
 1522         dp->i_effnlink++;
 1523         dp->i_nlink++;
 1524         DIP_SET(dp, i_nlink, dp->i_nlink);
 1525         dp->i_flag |= IN_CHANGE;
 1526         if (DOINGSOFTDEP(dvp))
 1527                 softdep_change_linkcnt(dp);
 1528         error = UFS_UPDATE(tvp, !(DOINGSOFTDEP(dvp) | DOINGASYNC(dvp)));
 1529         if (error)
 1530                 goto bad;
 1531 #ifdef MAC
 1532         if (dvp->v_mount->mnt_flag & MNT_MULTILABEL) {
 1533                 error = mac_create_vnode_extattr(cnp->cn_cred, dvp->v_mount,
 1534                     dvp, tvp, cnp);
 1535                 if (error)
 1536                         goto bad;
 1537         }
 1538 #endif
 1539 #ifdef UFS_ACL
 1540         if (acl != NULL) {
 1541                 /*
 1542                  * XXX: If we abort now, will Soft Updates notify the extattr
 1543                  * code that the EAs for the file need to be released?
 1544                  */
 1545                 error = VOP_SETACL(tvp, ACL_TYPE_ACCESS, acl, cnp->cn_cred,
 1546                     cnp->cn_thread);
 1547                 if (error == 0)
 1548                         error = VOP_SETACL(tvp, ACL_TYPE_DEFAULT, dacl,
 1549                             cnp->cn_cred, cnp->cn_thread);
 1550                 switch (error) {
 1551                 case 0:
 1552                         break;
 1553 
 1554                 case EOPNOTSUPP:
 1555                         /*
 1556                          * XXX: This should not happen, as EOPNOTSUPP above
 1557                          * was supposed to free acl.
 1558                          */
 1559                         printf("ufs_mkdir: VOP_GETACL() but no VOP_SETACL()\n");
 1560                         /*
 1561                         panic("ufs_mkdir: VOP_GETACL() but no VOP_SETACL()");
 1562                          */
 1563                         break;
 1564 
 1565                 default:
 1566                         uma_zfree(acl_zone, acl);
 1567                         uma_zfree(acl_zone, dacl);
 1568                         dacl = acl = NULL;
 1569                         goto bad;
 1570                 }
 1571                 uma_zfree(acl_zone, acl);
 1572                 uma_zfree(acl_zone, dacl);
 1573                 dacl = acl = NULL;
 1574         }
 1575 #endif /* !UFS_ACL */
 1576 
 1577         /*
 1578          * Initialize directory with "." and ".." from static template.
 1579          */
 1580         if (dvp->v_mount->mnt_maxsymlinklen > 0)
 1581                 dtp = &mastertemplate;
 1582         else
 1583                 dtp = (struct dirtemplate *)&omastertemplate;
 1584         dirtemplate = *dtp;
 1585         dirtemplate.dot_ino = ip->i_number;
 1586         dirtemplate.dotdot_ino = dp->i_number;
 1587         if ((error = UFS_BALLOC(tvp, (off_t)0, DIRBLKSIZ, cnp->cn_cred,
 1588             BA_CLRBUF, &bp)) != 0)
 1589                 goto bad;
 1590         ip->i_size = DIRBLKSIZ;
 1591         DIP_SET(ip, i_size, DIRBLKSIZ);
 1592         ip->i_flag |= IN_CHANGE | IN_UPDATE;
 1593         vnode_pager_setsize(tvp, (u_long)ip->i_size);
 1594         bcopy((caddr_t)&dirtemplate, (caddr_t)bp->b_data, sizeof dirtemplate);
 1595         if (DOINGSOFTDEP(tvp)) {
 1596                 /*
 1597                  * Ensure that the entire newly allocated block is a
 1598                  * valid directory so that future growth within the
 1599                  * block does not have to ensure that the block is
 1600                  * written before the inode.
 1601                  */
 1602                 blkoff = DIRBLKSIZ;
 1603                 while (blkoff < bp->b_bcount) {
 1604                         ((struct direct *)
 1605                            (bp->b_data + blkoff))->d_reclen = DIRBLKSIZ;
 1606                         blkoff += DIRBLKSIZ;
 1607                 }
 1608         }
 1609         if ((error = UFS_UPDATE(tvp, !(DOINGSOFTDEP(tvp) |
 1610                                        DOINGASYNC(tvp)))) != 0) {
 1611                 (void)bwrite(bp);
 1612                 goto bad;
 1613         }
 1614         /*
 1615          * Directory set up, now install its entry in the parent directory.
 1616          *
 1617          * If we are not doing soft dependencies, then we must write out the
 1618          * buffer containing the new directory body before entering the new 
 1619          * name in the parent. If we are doing soft dependencies, then the
 1620          * buffer containing the new directory body will be passed to and
 1621          * released in the soft dependency code after the code has attached
 1622          * an appropriate ordering dependency to the buffer which ensures that
 1623          * the buffer is written before the new name is written in the parent.
 1624          */
 1625         if (DOINGASYNC(dvp))
 1626                 bdwrite(bp);
 1627         else if (!DOINGSOFTDEP(dvp) && ((error = bwrite(bp))))
 1628                 goto bad;
 1629         ufs_makedirentry(ip, cnp, &newdir);
 1630         error = ufs_direnter(dvp, tvp, &newdir, cnp, bp);
 1631         
 1632 bad:
 1633         if (error == 0) {
 1634                 *ap->a_vpp = tvp;
 1635         } else {
 1636 #ifdef UFS_ACL
 1637                 if (acl != NULL)
 1638                         uma_zfree(acl_zone, acl);
 1639                 if (dacl != NULL)
 1640                         uma_zfree(acl_zone, dacl);
 1641 #endif
 1642                 dp->i_effnlink--;
 1643                 dp->i_nlink--;
 1644                 DIP_SET(dp, i_nlink, dp->i_nlink);
 1645                 dp->i_flag |= IN_CHANGE;
 1646                 if (DOINGSOFTDEP(dvp))
 1647                         softdep_change_linkcnt(dp);
 1648                 /*
 1649                  * No need to do an explicit VOP_TRUNCATE here, vrele will
 1650                  * do this for us because we set the link count to 0.
 1651                  */
 1652                 ip->i_effnlink = 0;
 1653                 ip->i_nlink = 0;
 1654                 DIP_SET(ip, i_nlink, 0);
 1655                 ip->i_flag |= IN_CHANGE;
 1656                 if (DOINGSOFTDEP(tvp))
 1657                         softdep_change_linkcnt(ip);
 1658                 vput(tvp);
 1659         }
 1660 out:
 1661         return (error);
 1662 }
 1663 
 1664 /*
 1665  * Rmdir system call.
 1666  */
 1667 static int
 1668 ufs_rmdir(ap)
 1669         struct vop_rmdir_args /* {
 1670                 struct vnode *a_dvp;
 1671                 struct vnode *a_vp;
 1672                 struct componentname *a_cnp;
 1673         } */ *ap;
 1674 {
 1675         struct vnode *vp = ap->a_vp;
 1676         struct vnode *dvp = ap->a_dvp;
 1677         struct componentname *cnp = ap->a_cnp;
 1678         struct inode *ip, *dp;
 1679         int error, ioflag;
 1680 
 1681         ip = VTOI(vp);
 1682         dp = VTOI(dvp);
 1683 
 1684         /*
 1685          * Do not remove a directory that is in the process of being renamed.
 1686          * Verify the directory is empty (and valid). Rmdir ".." will not be
 1687          * valid since ".." will contain a reference to the current directory
 1688          * and thus be non-empty. Do not allow the removal of mounted on
 1689          * directories (this can happen when an NFS exported filesystem
 1690          * tries to remove a locally mounted on directory).
 1691          */
 1692         error = 0;
 1693         if ((ip->i_flag & IN_RENAME) || ip->i_effnlink < 2) {
 1694                 error = EINVAL;
 1695                 goto out;
 1696         }
 1697         if (!ufs_dirempty(ip, dp->i_number, cnp->cn_cred)) {
 1698                 error = ENOTEMPTY;
 1699                 goto out;
 1700         }
 1701         if ((dp->i_flags & APPEND)
 1702             || (ip->i_flags & (NOUNLINK | IMMUTABLE | APPEND))) {
 1703                 error = EPERM;
 1704                 goto out;
 1705         }
 1706         if (vp->v_mountedhere != 0) {
 1707                 error = EINVAL;
 1708                 goto out;
 1709         }
 1710         /*
 1711          * Delete reference to directory before purging
 1712          * inode.  If we crash in between, the directory
 1713          * will be reattached to lost+found,
 1714          */
 1715         dp->i_effnlink--;
 1716         ip->i_effnlink--;
 1717         if (DOINGSOFTDEP(vp)) {
 1718                 softdep_change_linkcnt(dp);
 1719                 softdep_change_linkcnt(ip);
 1720         }
 1721         error = ufs_dirremove(dvp, ip, cnp->cn_flags, 1);
 1722         if (error) {
 1723                 dp->i_effnlink++;
 1724                 ip->i_effnlink++;
 1725                 if (DOINGSOFTDEP(vp)) {
 1726                         softdep_change_linkcnt(dp);
 1727                         softdep_change_linkcnt(ip);
 1728                 }
 1729                 goto out;
 1730         }
 1731         cache_purge(dvp);
 1732         /*
 1733          * Truncate inode. The only stuff left in the directory is "." and
 1734          * "..". The "." reference is inconsequential since we are quashing
 1735          * it. The soft dependency code will arrange to do these operations
 1736          * after the parent directory entry has been deleted on disk, so
 1737          * when running with that code we avoid doing them now.
 1738          */
 1739         if (!DOINGSOFTDEP(vp)) {
 1740                 dp->i_nlink--;
 1741                 DIP_SET(dp, i_nlink, dp->i_nlink);
 1742                 dp->i_flag |= IN_CHANGE;
 1743                 ip->i_nlink--;
 1744                 DIP_SET(ip, i_nlink, ip->i_nlink);
 1745                 ip->i_flag |= IN_CHANGE;
 1746                 ioflag = IO_NORMAL;
 1747                 if (!DOINGASYNC(vp))
 1748                         ioflag |= IO_SYNC;
 1749                 error = UFS_TRUNCATE(vp, (off_t)0, ioflag, cnp->cn_cred,
 1750                     cnp->cn_thread);
 1751         }
 1752         cache_purge(vp);
 1753 #ifdef UFS_DIRHASH
 1754         /* Kill any active hash; i_effnlink == 0, so it will not come back. */
 1755         if (ip->i_dirhash != NULL)
 1756                 ufsdirhash_free(ip);
 1757 #endif
 1758 out:
 1759         return (error);
 1760 }
 1761 
 1762 /*
 1763  * symlink -- make a symbolic link
 1764  */
 1765 static int
 1766 ufs_symlink(ap)
 1767         struct vop_symlink_args /* {
 1768                 struct vnode *a_dvp;
 1769                 struct vnode **a_vpp;
 1770                 struct componentname *a_cnp;
 1771                 struct vattr *a_vap;
 1772                 char *a_target;
 1773         } */ *ap;
 1774 {
 1775         struct vnode *vp, **vpp = ap->a_vpp;
 1776         struct inode *ip;
 1777         int len, error;
 1778 
 1779         error = ufs_makeinode(IFLNK | ap->a_vap->va_mode, ap->a_dvp,
 1780             vpp, ap->a_cnp);
 1781         if (error)
 1782                 return (error);
 1783         vp = *vpp;
 1784         len = strlen(ap->a_target);
 1785         if (len < vp->v_mount->mnt_maxsymlinklen) {
 1786                 ip = VTOI(vp);
 1787                 bcopy(ap->a_target, SHORTLINK(ip), len);
 1788                 ip->i_size = len;
 1789                 DIP_SET(ip, i_size, len);
 1790                 ip->i_flag |= IN_CHANGE | IN_UPDATE;
 1791         } else
 1792                 error = vn_rdwr(UIO_WRITE, vp, ap->a_target, len, (off_t)0,
 1793                     UIO_SYSSPACE, IO_NODELOCKED | IO_NOMACCHECK,
 1794                     ap->a_cnp->cn_cred, NOCRED, (int *)0, (struct thread *)0);
 1795         if (error)
 1796                 vput(vp);
 1797         return (error);
 1798 }
 1799 
 1800 /*
 1801  * Vnode op for reading directories.
 1802  *
 1803  * The routine below assumes that the on-disk format of a directory
 1804  * is the same as that defined by <sys/dirent.h>. If the on-disk
 1805  * format changes, then it will be necessary to do a conversion
 1806  * from the on-disk format that read returns to the format defined
 1807  * by <sys/dirent.h>.
 1808  */
 1809 int
 1810 ufs_readdir(ap)
 1811         struct vop_readdir_args /* {
 1812                 struct vnode *a_vp;
 1813                 struct uio *a_uio;
 1814                 struct ucred *a_cred;
 1815                 int *a_eofflag;
 1816                 int *ncookies;
 1817                 u_long **a_cookies;
 1818         } */ *ap;
 1819 {
 1820         struct uio *uio = ap->a_uio;
 1821         int error;
 1822         size_t count, lost;
 1823         off_t off;
 1824 
 1825         if (ap->a_ncookies != NULL)
 1826                 /*
 1827                  * Ensure that the block is aligned.  The caller can use
 1828                  * the cookies to determine where in the block to start.
 1829                  */
 1830                 uio->uio_offset &= ~(DIRBLKSIZ - 1);
 1831         off = uio->uio_offset;
 1832         count = uio->uio_resid;
 1833         /* Make sure we don't return partial entries. */
 1834         if (count <= ((uio->uio_offset + count) & (DIRBLKSIZ -1)))
 1835                 return (EINVAL);
 1836         count -= (uio->uio_offset + count) & (DIRBLKSIZ -1);
 1837         lost = uio->uio_resid - count;
 1838         uio->uio_resid = count;
 1839         uio->uio_iov->iov_len = count;
 1840 #       if (BYTE_ORDER == LITTLE_ENDIAN)
 1841                 if (ap->a_vp->v_mount->mnt_maxsymlinklen > 0) {
 1842                         error = VOP_READ(ap->a_vp, uio, 0, ap->a_cred);
 1843                 } else {
 1844                         struct dirent *dp, *edp;
 1845                         struct uio auio;
 1846                         struct iovec aiov;
 1847                         caddr_t dirbuf;
 1848                         int readcnt;
 1849                         u_char tmp;
 1850 
 1851                         auio = *uio;
 1852                         auio.uio_iov = &aiov;
 1853                         auio.uio_iovcnt = 1;
 1854                         auio.uio_segflg = UIO_SYSSPACE;
 1855                         aiov.iov_len = count;
 1856                         MALLOC(dirbuf, caddr_t, count, M_TEMP, M_WAITOK);
 1857                         aiov.iov_base = dirbuf;
 1858                         error = VOP_READ(ap->a_vp, &auio, 0, ap->a_cred);
 1859                         if (error == 0) {
 1860                                 readcnt = count - auio.uio_resid;
 1861                                 edp = (struct dirent *)&dirbuf[readcnt];
 1862                                 for (dp = (struct dirent *)dirbuf; dp < edp; ) {
 1863                                         tmp = dp->d_namlen;
 1864                                         dp->d_namlen = dp->d_type;
 1865                                         dp->d_type = tmp;
 1866                                         if (dp->d_reclen > 0) {
 1867                                                 dp = (struct dirent *)
 1868                                                     ((char *)dp + dp->d_reclen);
 1869                                         } else {
 1870                                                 error = EIO;
 1871                                                 break;
 1872                                         }
 1873                                 }
 1874                                 if (dp >= edp)
 1875                                         error = uiomove(dirbuf, readcnt, uio);
 1876                         }
 1877                         FREE(dirbuf, M_TEMP);
 1878                 }
 1879 #       else
 1880                 error = VOP_READ(ap->a_vp, uio, 0, ap->a_cred);
 1881 #       endif
 1882         if (!error && ap->a_ncookies != NULL) {
 1883                 struct dirent* dpStart;
 1884                 struct dirent* dpEnd;
 1885                 struct dirent* dp;
 1886                 int ncookies;
 1887                 u_long *cookies;
 1888                 u_long *cookiep;
 1889 
 1890                 if (uio->uio_segflg != UIO_SYSSPACE || uio->uio_iovcnt != 1)
 1891                         panic("ufs_readdir: unexpected uio from NFS server");
 1892                 dpStart = (struct dirent *)
 1893                     ((char *)uio->uio_iov->iov_base - (uio->uio_offset - off));
 1894                 dpEnd = (struct dirent *) uio->uio_iov->iov_base;
 1895                 for (dp = dpStart, ncookies = 0;
 1896                      dp < dpEnd;
 1897                      dp = (struct dirent *)((caddr_t) dp + dp->d_reclen))
 1898                         ncookies++;
 1899                 MALLOC(cookies, u_long *, ncookies * sizeof(u_long), M_TEMP,
 1900                     M_WAITOK);
 1901                 for (dp = dpStart, cookiep = cookies;
 1902                      dp < dpEnd;
 1903                      dp = (struct dirent *)((caddr_t) dp + dp->d_reclen)) {
 1904                         off += dp->d_reclen;
 1905                         *cookiep++ = (u_long) off;
 1906                 }
 1907                 *ap->a_ncookies = ncookies;
 1908                 *ap->a_cookies = cookies;
 1909         }
 1910         uio->uio_resid += lost;
 1911         if (ap->a_eofflag)
 1912             *ap->a_eofflag = VTOI(ap->a_vp)->i_size <= uio->uio_offset;
 1913         return (error);
 1914 }
 1915 
 1916 /*
 1917  * Return target name of a symbolic link
 1918  */
 1919 static int
 1920 ufs_readlink(ap)
 1921         struct vop_readlink_args /* {
 1922                 struct vnode *a_vp;
 1923                 struct uio *a_uio;
 1924                 struct ucred *a_cred;
 1925         } */ *ap;
 1926 {
 1927         struct vnode *vp = ap->a_vp;
 1928         struct inode *ip = VTOI(vp);
 1929         doff_t isize;
 1930 
 1931         isize = ip->i_size;
 1932         if ((isize < vp->v_mount->mnt_maxsymlinklen) ||
 1933             DIP(ip, i_blocks) == 0) { /* XXX - for old fastlink support */
 1934                 return (uiomove(SHORTLINK(ip), isize, ap->a_uio));
 1935         }
 1936         return (VOP_READ(vp, ap->a_uio, 0, ap->a_cred));
 1937 }
 1938 
 1939 /*
 1940  * Calculate the logical to physical mapping if not done already,
 1941  * then call the device strategy routine.
 1942  *
 1943  * In order to be able to swap to a file, the ufs_bmaparray() operation may not
 1944  * deadlock on memory.  See ufs_bmap() for details.
 1945  */
 1946 static int
 1947 ufs_strategy(ap)
 1948         struct vop_strategy_args /* {
 1949                 struct vnode *a_vp;
 1950                 struct buf *a_bp;
 1951         } */ *ap;
 1952 {
 1953         struct buf *bp = ap->a_bp;
 1954         struct vnode *vp = ap->a_vp;
 1955         struct bufobj *bo;
 1956         struct inode *ip;
 1957         ufs2_daddr_t blkno;
 1958         int error;
 1959 
 1960         ip = VTOI(vp);
 1961         if (bp->b_blkno == bp->b_lblkno) {
 1962                 error = ufs_bmaparray(vp, bp->b_lblkno, &blkno, bp, NULL, NULL);
 1963                 bp->b_blkno = blkno;
 1964                 if (error) {
 1965                         bp->b_error = error;
 1966                         bp->b_ioflags |= BIO_ERROR;
 1967                         bufdone(bp);
 1968                         return (error);
 1969                 }
 1970                 if ((long)bp->b_blkno == -1)
 1971                         vfs_bio_clrbuf(bp);
 1972         }
 1973         if ((long)bp->b_blkno == -1) {
 1974                 bufdone(bp);
 1975                 return (0);
 1976         }
 1977         bp->b_iooffset = dbtob(bp->b_blkno);
 1978         bo = ip->i_umbufobj;
 1979         BO_STRATEGY(bo, bp);
 1980         return (0);
 1981 }
 1982 
 1983 /*
 1984  * Print out the contents of an inode.
 1985  */
 1986 static int
 1987 ufs_print(ap)
 1988         struct vop_print_args /* {
 1989                 struct vnode *a_vp;
 1990         } */ *ap;
 1991 {
 1992         struct vnode *vp = ap->a_vp;
 1993         struct inode *ip = VTOI(vp);
 1994 
 1995         printf("\tino %lu, on dev %s", (u_long)ip->i_number,
 1996             devtoname(ip->i_dev));
 1997         if (vp->v_type == VFIFO)
 1998                 fifo_printinfo(vp);
 1999         printf("\n");
 2000         return (0);
 2001 }
 2002 
 2003 /*
 2004  * Close wrapper for fifos.
 2005  *
 2006  * Update the times on the inode then do device close.
 2007  */
 2008 static int
 2009 ufsfifo_close(ap)
 2010         struct vop_close_args /* {
 2011                 struct vnode *a_vp;
 2012                 int  a_fflag;
 2013                 struct ucred *a_cred;
 2014                 struct thread *a_td;
 2015         } */ *ap;
 2016 {
 2017         struct vnode *vp = ap->a_vp;
 2018         int usecount;
 2019 
 2020         VI_LOCK(vp);
 2021         usecount = vp->v_usecount;
 2022         VI_UNLOCK(vp);
 2023         if (usecount > 1)
 2024                 ufs_itimes(vp);
 2025         return (fifo_specops.vop_close(ap));
 2026 }
 2027 
 2028 /*
 2029  * Kqfilter wrapper for fifos.
 2030  *
 2031  * Fall through to ufs kqfilter routines if needed 
 2032  */
 2033 static int
 2034 ufsfifo_kqfilter(ap)
 2035         struct vop_kqfilter_args *ap;
 2036 {
 2037         int error;
 2038 
 2039         error = fifo_specops.vop_kqfilter(ap);
 2040         if (error)
 2041                 error = vfs_kqfilter(ap);
 2042         return (error);
 2043 }
 2044 
 2045 /*
 2046  * Return POSIX pathconf information applicable to ufs filesystems.
 2047  */
 2048 static int
 2049 ufs_pathconf(ap)
 2050         struct vop_pathconf_args /* {
 2051                 struct vnode *a_vp;
 2052                 int a_name;
 2053                 int *a_retval;
 2054         } */ *ap;
 2055 {
 2056         int error;
 2057 
 2058         error = 0;
 2059         switch (ap->a_name) {
 2060         case _PC_LINK_MAX:
 2061                 *ap->a_retval = LINK_MAX;
 2062                 break;
 2063         case _PC_NAME_MAX:
 2064                 *ap->a_retval = NAME_MAX;
 2065                 break;
 2066         case _PC_PATH_MAX:
 2067                 *ap->a_retval = PATH_MAX;
 2068                 break;
 2069         case _PC_PIPE_BUF:
 2070                 *ap->a_retval = PIPE_BUF;
 2071                 break;
 2072         case _PC_CHOWN_RESTRICTED:
 2073                 *ap->a_retval = 1;
 2074                 break;
 2075         case _PC_NO_TRUNC:
 2076                 *ap->a_retval = 1;
 2077                 break;
 2078         case _PC_ACL_EXTENDED:
 2079 #ifdef UFS_ACL
 2080                 if (ap->a_vp->v_mount->mnt_flag & MNT_ACLS)
 2081                         *ap->a_retval = 1;
 2082                 else
 2083                         *ap->a_retval = 0;
 2084 #else
 2085                 *ap->a_retval = 0;
 2086 #endif
 2087                 break;
 2088         case _PC_ACL_PATH_MAX:
 2089 #ifdef UFS_ACL
 2090                 if (ap->a_vp->v_mount->mnt_flag & MNT_ACLS)
 2091                         *ap->a_retval = ACL_MAX_ENTRIES;
 2092                 else
 2093                         *ap->a_retval = 3;
 2094 #else
 2095                 *ap->a_retval = 3;
 2096 #endif
 2097                 break;
 2098         case _PC_MAC_PRESENT:
 2099 #ifdef MAC
 2100                 if (ap->a_vp->v_mount->mnt_flag & MNT_MULTILABEL)
 2101                         *ap->a_retval = 1;
 2102                 else
 2103                         *ap->a_retval = 0;
 2104 #else
 2105                 *ap->a_retval = 0;
 2106 #endif
 2107                 break;
 2108         case _PC_ASYNC_IO:
 2109                 /* _PC_ASYNC_IO should have been handled by upper layers. */
 2110                 KASSERT(0, ("_PC_ASYNC_IO should not get here"));
 2111                 error = EINVAL;
 2112                 break;
 2113         case _PC_PRIO_IO:
 2114                 *ap->a_retval = 0;
 2115                 break;
 2116         case _PC_SYNC_IO:
 2117                 *ap->a_retval = 0;
 2118                 break;
 2119         case _PC_ALLOC_SIZE_MIN:
 2120                 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_bsize;
 2121                 break;
 2122         case _PC_FILESIZEBITS:
 2123                 *ap->a_retval = 64;
 2124                 break;
 2125         case _PC_REC_INCR_XFER_SIZE:
 2126                 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize;
 2127                 break;
 2128         case _PC_REC_MAX_XFER_SIZE:
 2129                 *ap->a_retval = -1; /* means ``unlimited'' */
 2130                 break;
 2131         case _PC_REC_MIN_XFER_SIZE:
 2132                 *ap->a_retval = ap->a_vp->v_mount->mnt_stat.f_iosize;
 2133                 break;
 2134         case _PC_REC_XFER_ALIGN:
 2135                 *ap->a_retval = PAGE_SIZE;
 2136                 break;
 2137         case _PC_SYMLINK_MAX:
 2138                 *ap->a_retval = MAXPATHLEN;
 2139                 break;
 2140 
 2141         default:
 2142                 error = EINVAL;
 2143                 break;
 2144         }
 2145         return (error);
 2146 }
 2147 
 2148 /*
 2149  * Advisory record locking support
 2150  */
 2151 static int
 2152 ufs_advlock(ap)
 2153         struct vop_advlock_args /* {
 2154                 struct vnode *a_vp;
 2155                 caddr_t  a_id;
 2156                 int  a_op;
 2157                 struct flock *a_fl;
 2158                 int  a_flags;
 2159         } */ *ap;
 2160 {
 2161         struct inode *ip = VTOI(ap->a_vp);
 2162 
 2163         return (lf_advlock(ap, &(ip->i_lockf), ip->i_size));
 2164 }
 2165 
 2166 /*
 2167  * Initialize the vnode associated with a new inode, handle aliased
 2168  * vnodes.
 2169  */
 2170 int
 2171 ufs_vinit(mntp, fifoops, vpp)
 2172         struct mount *mntp;
 2173         struct vop_vector *fifoops;
 2174         struct vnode **vpp;
 2175 {
 2176         struct inode *ip;
 2177         struct vnode *vp;
 2178 
 2179         vp = *vpp;
 2180         ip = VTOI(vp);
 2181         vp->v_type = IFTOVT(ip->i_mode);
 2182         if (vp->v_type == VFIFO)
 2183                 vp->v_op = fifoops;
 2184         ASSERT_VOP_LOCKED(vp, "ufs_vinit");
 2185         if (ip->i_number == ROOTINO)
 2186                 vp->v_vflag |= VV_ROOT;
 2187         ip->i_modrev = init_va_filerev();
 2188         *vpp = vp;
 2189         return (0);
 2190 }
 2191 
 2192 /*
 2193  * Allocate a new inode.
 2194  * Vnode dvp must be locked.
 2195  */
 2196 static int
 2197 ufs_makeinode(mode, dvp, vpp, cnp)
 2198         int mode;
 2199         struct vnode *dvp;
 2200         struct vnode **vpp;
 2201         struct componentname *cnp;
 2202 {
 2203         struct inode *ip, *pdir;
 2204         struct direct newdir;
 2205         struct vnode *tvp;
 2206 #ifdef UFS_ACL
 2207         struct acl *acl;
 2208 #endif
 2209         int error;
 2210 
 2211         pdir = VTOI(dvp);
 2212 #ifdef DIAGNOSTIC
 2213         if ((cnp->cn_flags & HASBUF) == 0)
 2214                 panic("ufs_makeinode: no name");
 2215 #endif
 2216         *vpp = NULL;
 2217         if ((mode & IFMT) == 0)
 2218                 mode |= IFREG;
 2219 
 2220         error = UFS_VALLOC(dvp, mode, cnp->cn_cred, &tvp);
 2221         if (error)
 2222                 return (error);
 2223         ip = VTOI(tvp);
 2224         ip->i_gid = pdir->i_gid;
 2225         DIP_SET(ip, i_gid, pdir->i_gid);
 2226 #ifdef SUIDDIR
 2227         {
 2228 #ifdef QUOTA
 2229                 struct ucred ucred, *ucp;
 2230                 ucp = cnp->cn_cred;
 2231 #endif
 2232                 /*
 2233                  * If we are not the owner of the directory,
 2234                  * and we are hacking owners here, (only do this where told to)
 2235                  * and we are not giving it TO root, (would subvert quotas)
 2236                  * then go ahead and give it to the other user.
 2237                  * Note that this drops off the execute bits for security.
 2238                  */
 2239                 if ((dvp->v_mount->mnt_flag & MNT_SUIDDIR) &&
 2240                     (pdir->i_mode & ISUID) &&
 2241                     (pdir->i_uid != cnp->cn_cred->cr_uid) && pdir->i_uid) {
 2242                         ip->i_uid = pdir->i_uid;
 2243                         DIP_SET(ip, i_uid, ip->i_uid);
 2244                         mode &= ~07111;
 2245 #ifdef QUOTA
 2246                         /*
 2247                          * Make sure the correct user gets charged
 2248                          * for the space.
 2249                          * Quickly knock up a dummy credential for the victim.
 2250                          * XXX This seems to never be accessed out of our
 2251                          * context so a stack variable is ok.
 2252                          */
 2253                         ucred.cr_ref = 1;
 2254                         ucred.cr_uid = ip->i_uid;
 2255                         ucred.cr_ngroups = 1;
 2256                         ucred.cr_groups[0] = pdir->i_gid;
 2257                         ucp = &ucred;
 2258 #endif
 2259                 } else {
 2260                         ip->i_uid = cnp->cn_cred->cr_uid;
 2261                         DIP_SET(ip, i_uid, ip->i_uid);
 2262                 }
 2263 
 2264 #ifdef QUOTA
 2265                 if ((error = getinoquota(ip)) ||
 2266                     (error = chkiq(ip, 1, ucp, 0))) {
 2267                         UFS_VFREE(tvp, ip->i_number, mode);
 2268                         vput(tvp);
 2269                         return (error);
 2270                 }
 2271 #endif
 2272         }
 2273 #else   /* !SUIDDIR */
 2274         ip->i_uid = cnp->cn_cred->cr_uid;
 2275         DIP_SET(ip, i_uid, ip->i_uid);
 2276 #ifdef QUOTA
 2277         if ((error = getinoquota(ip)) ||
 2278             (error = chkiq(ip, 1, cnp->cn_cred, 0))) {
 2279                 UFS_VFREE(tvp, ip->i_number, mode);
 2280                 vput(tvp);
 2281                 return (error);
 2282         }
 2283 #endif
 2284 #endif  /* !SUIDDIR */
 2285         ip->i_flag |= IN_ACCESS | IN_CHANGE | IN_UPDATE;
 2286 #ifdef UFS_ACL
 2287         acl = NULL;
 2288         if ((dvp->v_mount->mnt_flag & MNT_ACLS) != 0) {
 2289                 acl = uma_zalloc(acl_zone, M_WAITOK);
 2290 
 2291                 /*
 2292                  * Retrieve default ACL for parent, if any.
 2293                  */
 2294                 error = VOP_GETACL(dvp, ACL_TYPE_DEFAULT, acl, cnp->cn_cred,
 2295                     cnp->cn_thread);
 2296                 switch (error) {
 2297                 case 0:
 2298                         /*
 2299                          * Retrieved a default ACL, so merge mode and ACL if
 2300                          * necessary.
 2301                          */
 2302                         if (acl->acl_cnt != 0) {
 2303                                 /*
 2304                                  * Two possible ways for default ACL to not
 2305                                  * be present.  First, the EA can be
 2306                                  * undefined, or second, the default ACL can
 2307                                  * be blank.  If it's blank, fall through to
 2308                                  * the it's not defined case.
 2309                                  */
 2310                                 mode = acl_posix1e_newfilemode(mode, acl);
 2311                                 ip->i_mode = mode;
 2312                                 DIP_SET(ip, i_mode, mode);
 2313                                 ufs_sync_acl_from_inode(ip, acl);
 2314                                 break;
 2315                         }
 2316                         /* FALLTHROUGH */
 2317         
 2318                 case EOPNOTSUPP:
 2319                         /*
 2320                          * Just use the mode as-is.
 2321                          */
 2322                         ip->i_mode = mode;
 2323                         DIP_SET(ip, i_mode, mode);
 2324                         uma_zfree(acl_zone, acl);
 2325                         acl = NULL;
 2326                         break;
 2327         
 2328                 default:
 2329                         UFS_VFREE(tvp, ip->i_number, mode);
 2330                         vput(tvp);
 2331                         uma_zfree(acl_zone, acl);
 2332                         acl = NULL;
 2333                         return (error);
 2334                 }
 2335         } else {
 2336 #endif
 2337                 ip->i_mode = mode;
 2338                 DIP_SET(ip, i_mode, mode);
 2339 #ifdef UFS_ACL
 2340         }
 2341 #endif
 2342         tvp->v_type = IFTOVT(mode);     /* Rest init'd in getnewvnode(). */
 2343         ip->i_effnlink = 1;
 2344         ip->i_nlink = 1;
 2345         DIP_SET(ip, i_nlink, 1);
 2346         if (DOINGSOFTDEP(tvp))
 2347                 softdep_change_linkcnt(ip);
 2348         if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) &&
 2349             suser_cred(cnp->cn_cred, SUSER_ALLOWJAIL)) {
 2350                 ip->i_mode &= ~ISGID;
 2351                 DIP_SET(ip, i_mode, ip->i_mode);
 2352         }
 2353 
 2354         if (cnp->cn_flags & ISWHITEOUT) {
 2355                 ip->i_flags |= UF_OPAQUE;
 2356                 DIP_SET(ip, i_flags, ip->i_flags);
 2357         }
 2358 
 2359         /*
 2360          * Make sure inode goes to disk before directory entry.
 2361          */
 2362         error = UFS_UPDATE(tvp, !(DOINGSOFTDEP(tvp) | DOINGASYNC(tvp)));
 2363         if (error)
 2364                 goto bad;
 2365 #ifdef MAC
 2366         if (dvp->v_mount->mnt_flag & MNT_MULTILABEL) {
 2367                 error = mac_create_vnode_extattr(cnp->cn_cred, dvp->v_mount,
 2368                     dvp, tvp, cnp);
 2369                 if (error)
 2370                         goto bad;
 2371         }
 2372 #endif
 2373 #ifdef UFS_ACL
 2374         if (acl != NULL) {
 2375                 /*
 2376                  * XXX: If we abort now, will Soft Updates notify the extattr
 2377                  * code that the EAs for the file need to be released?
 2378                  */
 2379                 error = VOP_SETACL(tvp, ACL_TYPE_ACCESS, acl, cnp->cn_cred,
 2380                     cnp->cn_thread);
 2381                 switch (error) {
 2382                 case 0:
 2383                         break;
 2384 
 2385                 case EOPNOTSUPP:
 2386                         /*
 2387                          * XXX: This should not happen, as EOPNOTSUPP above was
 2388                          * supposed to free acl.
 2389                          */
 2390                         printf("ufs_makeinode: VOP_GETACL() but no "
 2391                             "VOP_SETACL()\n");
 2392                         /* panic("ufs_makeinode: VOP_GETACL() but no "
 2393                             "VOP_SETACL()"); */
 2394                         break;
 2395 
 2396                 default:
 2397                         uma_zfree(acl_zone, acl);
 2398                         goto bad;
 2399                 }
 2400                 uma_zfree(acl_zone, acl);
 2401         }
 2402 #endif /* !UFS_ACL */
 2403         ufs_makedirentry(ip, cnp, &newdir);
 2404         error = ufs_direnter(dvp, tvp, &newdir, cnp, NULL);
 2405         if (error)
 2406                 goto bad;
 2407         *vpp = tvp;
 2408         return (0);
 2409 
 2410 bad:
 2411         /*
 2412          * Write error occurred trying to update the inode
 2413          * or the directory so must deallocate the inode.
 2414          */
 2415         ip->i_effnlink = 0;
 2416         ip->i_nlink = 0;
 2417         DIP_SET(ip, i_nlink, 0);
 2418         ip->i_flag |= IN_CHANGE;
 2419         if (DOINGSOFTDEP(tvp))
 2420                 softdep_change_linkcnt(ip);
 2421         vput(tvp);
 2422         return (error);
 2423 }
 2424 
 2425 /* Global vfs data structures for ufs. */
 2426 struct vop_vector ufs_vnodeops = {
 2427         .vop_default =          &default_vnodeops,
 2428         .vop_fsync =            VOP_PANIC,
 2429         .vop_read =             VOP_PANIC,
 2430         .vop_reallocblks =      VOP_PANIC,
 2431         .vop_write =            VOP_PANIC,
 2432         .vop_access =           ufs_access,
 2433         .vop_advlock =          ufs_advlock,
 2434         .vop_bmap =             ufs_bmap,
 2435         .vop_cachedlookup =     ufs_lookup,
 2436         .vop_close =            ufs_close,
 2437         .vop_create =           ufs_create,
 2438         .vop_getattr =          ufs_getattr,
 2439         .vop_inactive =         ufs_inactive,
 2440         .vop_link =             ufs_link,
 2441         .vop_lookup =           vfs_cache_lookup,
 2442         .vop_mkdir =            ufs_mkdir,
 2443         .vop_mknod =            ufs_mknod,
 2444         .vop_open =             ufs_open,
 2445         .vop_pathconf =         ufs_pathconf,
 2446         .vop_poll =             vop_stdpoll,
 2447         .vop_print =            ufs_print,
 2448         .vop_readdir =          ufs_readdir,
 2449         .vop_readlink =         ufs_readlink,
 2450         .vop_reclaim =          ufs_reclaim,
 2451         .vop_remove =           ufs_remove,
 2452         .vop_rename =           ufs_rename,
 2453         .vop_rmdir =            ufs_rmdir,
 2454         .vop_setattr =          ufs_setattr,
 2455 #ifdef MAC
 2456         .vop_setlabel =         vop_stdsetlabel_ea,
 2457 #endif
 2458         .vop_strategy =         ufs_strategy,
 2459         .vop_symlink =          ufs_symlink,
 2460         .vop_whiteout =         ufs_whiteout,
 2461 #ifdef UFS_EXTATTR
 2462         .vop_getextattr =       ufs_getextattr,
 2463         .vop_deleteextattr =    ufs_deleteextattr,
 2464         .vop_setextattr =       ufs_setextattr,
 2465 #endif
 2466 #ifdef UFS_ACL
 2467         .vop_getacl =           ufs_getacl,
 2468         .vop_setacl =           ufs_setacl,
 2469         .vop_aclcheck =         ufs_aclcheck,
 2470 #endif
 2471 };
 2472 
 2473 struct vop_vector ufs_fifoops = {
 2474         .vop_default =          &fifo_specops,
 2475         .vop_fsync =            VOP_PANIC,
 2476         .vop_access =           ufs_access,
 2477         .vop_close =            ufsfifo_close,
 2478         .vop_getattr =          ufs_getattr,
 2479         .vop_inactive =         ufs_inactive,
 2480         .vop_kqfilter =         ufsfifo_kqfilter,
 2481         .vop_print =            ufs_print,
 2482         .vop_read =             VOP_PANIC,
 2483         .vop_reclaim =          ufs_reclaim,
 2484         .vop_setattr =          ufs_setattr,
 2485 #ifdef MAC
 2486         .vop_setlabel =         vop_stdsetlabel_ea,
 2487 #endif
 2488         .vop_write =            VOP_PANIC,
 2489 #ifdef UFS_EXTATTR
 2490         .vop_getextattr =       ufs_getextattr,
 2491         .vop_deleteextattr =    ufs_deleteextattr,
 2492         .vop_setextattr =       ufs_setextattr,
 2493 #endif
 2494 #ifdef UFS_ACL
 2495         .vop_getacl =           ufs_getacl,
 2496         .vop_setacl =           ufs_setacl,
 2497         .vop_aclcheck =         ufs_aclcheck,
 2498 #endif
 2499 };

Cache object: c3db4bd78944bc6ca6c7bc33c50f39f2


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.