xref: /freebsd/sys/sys/namei.h (revision 2f60984053e5a91e2cfb45e424129297859fb11d)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1985, 1989, 1991, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. Neither the name of the University nor the names of its contributors
16  *    may be used to endorse or promote products derived from this software
17  *    without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  */
31 
32 #ifndef _SYS_NAMEI_H_
33 #define	_SYS_NAMEI_H_
34 
35 #include <sys/caprights.h>
36 #include <sys/filedesc.h>
37 #include <sys/queue.h>
38 #include <sys/_seqc.h>
39 #include <sys/_uio.h>
40 
41 #include <vm/uma.h>
42 
43 enum nameiop { LOOKUP, CREATE, DELETE, RENAME };
44 
45 struct componentname {
46 	/*
47 	 * Arguments to lookup.
48 	 */
49 	u_int64_t cn_flags;	/* flags to namei */
50 	struct	ucred *cn_cred;	/* credentials */
51 	enum nameiop cn_nameiop;	/* namei operation */
52 	int	cn_lkflags;	/* Lock flags LK_EXCLUSIVE or LK_SHARED */
53 	/*
54 	 * Shared between lookup and commit routines.
55 	 */
56 	char	*cn_pnbuf;	/* pathname buffer */
57 	char	*cn_nameptr;	/* pointer to looked up name */
58 	long	cn_namelen;	/* length of looked up component */
59 };
60 
61 struct nameicap_tracker;
62 TAILQ_HEAD(nameicap_tracker_head, nameicap_tracker);
63 
64 /*
65  * Encapsulation of namei parameters.
66  */
67 struct nameidata {
68 	/*
69 	 * Arguments to namei/lookup.
70 	 */
71 	const	char *ni_dirp;		/* pathname pointer */
72 	enum	uio_seg ni_segflg;	/* location of pathname */
73 	const cap_rights_t *ni_rightsneeded; /* rights needed to look up vnode */
74 	/*
75 	 * Arguments to lookup.
76 	 */
77 	struct  vnode *ni_startdir;	/* starting directory */
78 	struct	vnode *ni_rootdir;	/* logical root directory */
79 	struct	vnode *ni_topdir;	/* logical top directory */
80 	int	ni_dirfd;		/* starting directory for *at functions */
81 	int	ni_lcf;			/* local call flags */
82 	/*
83 	 * Results: returned from namei
84 	 */
85 	struct filecaps ni_filecaps;	/* rights the *at base has */
86 	/*
87 	 * Results: returned from/manipulated by lookup
88 	 */
89 	struct	vnode *ni_vp;		/* vnode of result */
90 	struct	vnode *ni_dvp;		/* vnode of intermediate directory */
91 	/*
92 	 * Results: flags returned from namei
93 	 */
94 	u_int	ni_resflags;
95 	/*
96 	 * Debug for validating API use by the callers.
97 	 */
98 	u_short	ni_debugflags;
99 	/*
100 	 * Shared between namei and lookup/commit routines.
101 	 */
102 	u_short	ni_loopcnt;		/* count of symlinks encountered */
103 	size_t	ni_pathlen;		/* remaining chars in path */
104 	char	*ni_next;		/* next location in pathname */
105 	/*
106 	 * Lookup parameters: this structure describes the subset of
107 	 * information from the nameidata structure that is passed
108 	 * through the VOP interface.
109 	 */
110 	struct componentname ni_cnd;
111 
112 	/* Serving RBENEATH. */
113 	struct nameicap_tracker_head ni_cap_tracker;
114 	struct vnode *ni_rbeneath_dpp;
115 	struct mount *ni_nctrack_mnt;
116 
117 	/*
118 	 * Private helper data for UFS, must be at the end.  See
119 	 * NDINIT_PREFILL().
120 	 */
121 	seqc_t	ni_dvp_seqc;
122 	seqc_t	ni_vp_seqc;
123 };
124 
125 #ifdef _KERNEL
126 
127 enum cache_fpl_status { CACHE_FPL_STATUS_DESTROYED, CACHE_FPL_STATUS_ABORTED,
128     CACHE_FPL_STATUS_PARTIAL, CACHE_FPL_STATUS_HANDLED, CACHE_FPL_STATUS_UNSET };
129 int	cache_fplookup(struct nameidata *ndp, enum cache_fpl_status *status,
130     struct pwd **pwdp);
131 
132 /*
133  * Flags for namei.
134  *
135  * If modifying the list make sure to check whether NDVALIDATE needs updating.
136  */
137 
138 /*
139  * Debug.
140  */
141 #define	NAMEI_DBG_INITED	0x0001
142 #define	NAMEI_DBG_CALLED	0x0002
143 #define	NAMEI_DBG_HADSTARTDIR	0x0004
144 
145 /*
146  * namei operational modifier flags, stored in ni_cnd.flags
147  */
148 #define	NC_NOMAKEENTRY	0x0001	/* name must not be added to cache */
149 #define	NC_KEEPPOSENTRY	0x0002	/* don't evict a positive entry */
150 #define	NOCACHE		NC_NOMAKEENTRY	/* for compatibility with older code */
151 #define	LOCKLEAF	0x0004	/* lock vnode on return */
152 #define	LOCKPARENT	0x0008	/* want parent vnode returned locked */
153 #define	WANTPARENT	0x0010	/* want parent vnode returned unlocked */
154 #define	FAILIFEXISTS	0x0020	/* return EEXIST if found */
155 #define	FOLLOW		0x0040	/* follow symbolic links */
156 #define	EMPTYPATH	0x0080	/* Allow empty path for *at */
157 #define	LOCKSHARED	0x0100	/* Shared lock leaf */
158 #define	NOFOLLOW	0x0000	/* do not follow symbolic links (pseudo) */
159 #define	RBENEATH	0x100000000ULL /* No escape, even tmp, from start dir */
160 #define	NAMEILOOKUP	0x200000000ULL /* cnp is embedded in nameidata */
161 #define	MODMASK		0xf000001ffULL	/* mask of operational modifiers */
162 
163 /*
164  * Namei parameter descriptors.
165  */
166 #define	RDONLY		0x00000200 /* lookup with read-only semantics */
167 #define	ISRESTARTED	0x00000400 /* restarted namei */
168 #define	IGNOREWHITEOUT	0x00000800 /* ignore whiteouts, e.g. when checking if a dir is empty */
169 #define	ISWHITEOUT	0x00001000 /* found whiteout */
170 #define	DOWHITEOUT	0x00002000 /* do whiteouts */
171 #define	WILLBEDIR	0x00004000 /* new files will be dirs; allow trailing / */
172 #define	ISOPEN		0x00008000 /* caller is opening; return a real vnode. */
173 #define	NOCROSSMOUNT	0x00010000 /* do not cross mount points */
174 #define	NOMACCHECK	0x00020000 /* do not perform MAC checks */
175 #define	AUDITVNODE1	0x00040000 /* audit the looked up vnode information */
176 #define	AUDITVNODE2	0x00080000 /* audit the looked up vnode information */
177 #define	NOCAPCHECK	0x00100000 /* do not perform capability checks */
178 #define	OPENREAD	0x00200000 /* open for reading */
179 #define	OPENWRITE	0x00400000 /* open for writing */
180 #define	WANTIOCTLCAPS	0x00800000 /* leave ioctl caps for the caller */
181 #define	OPENNAMED	0x01000000 /* opening a named attribute (dir) */
182 #define	NOEXECCHECK	0x02000000 /* do not perform exec check on dir */
183 #define	MAKEENTRY	0x04000000 /* entry is to be added to name cache */
184 #define	ISSYMLINK	0x08000000 /* symlink needs interpretation */
185 #define	ISLASTCN	0x10000000 /* this is last component of pathname */
186 #define	ISDOTDOT	0x20000000 /* current component name is .. */
187 #define	TRAILINGSLASH	0x40000000 /* path ended in a slash */
188 #define	CREATENAMED	0x80000000 /* create a named attribute dir */
189 #define	PARAMASK	0xfffffe00 /* mask of parameter descriptors */
190 
191 /*
192  * Flags which must not be passed in by callers.
193  */
194 #define NAMEI_INTERNAL_FLAGS	\
195 	(NOEXECCHECK | MAKEENTRY | ISSYMLINK | ISLASTCN | ISDOTDOT | \
196 	 TRAILINGSLASH | ISRESTARTED)
197 
198 /*
199  * Namei results flags
200  */
201 #define	NIRES_ABS	0x00000001 /* Path was absolute */
202 #define	NIRES_STRICTREL	0x00000002 /* Restricted lookup result */
203 #define	NIRES_EMPTYPATH	0x00000004 /* EMPTYPATH used */
204 #define	NIRES_BENEATH	0x00000008 /* O_RESOLVE_BENEATH is to be inherited */
205 
206 /*
207  * Flags in ni_lcf, valid for the duration of the namei call.
208  */
209 #define	NI_LCF_STRICTREL	0x0001	/* relative lookup only */
210 #define	NI_LCF_CAP_DOTDOT	0x0002	/* ".." in strictrelative case */
211 /* Track capability restrictions seperately for violation ktracing. */
212 #define	NI_LCF_STRICTREL_KTR	0x0004	/* trace relative lookups */
213 #define	NI_LCF_CAP_DOTDOT_KTR	0x0008	/* ".." in strictrelative case */
214 #define	NI_LCF_KTR_FLAGS	(NI_LCF_STRICTREL_KTR | NI_LCF_CAP_DOTDOT_KTR)
215 
216 /*
217  * Initialization of a nameidata structure.
218  */
219 #define	NDINIT(ndp, op, flags, segflg, namep)				\
220 	NDINIT_ALL(ndp, op, flags, segflg, namep, AT_FDCWD, NULL, &cap_no_rights)
221 #define	NDINIT_AT(ndp, op, flags, segflg, namep, dirfd)			\
222 	NDINIT_ALL(ndp, op, flags, segflg, namep, dirfd, NULL, &cap_no_rights)
223 #define	NDINIT_ATRIGHTS(ndp, op, flags, segflg, namep, dirfd, rightsp) 	\
224 	NDINIT_ALL(ndp, op, flags, segflg, namep, dirfd, NULL, rightsp)
225 #define	NDINIT_ATVP(ndp, op, flags, segflg, namep, vp)			\
226 	NDINIT_ALL(ndp, op, flags, segflg, namep, AT_FDCWD, vp, &cap_no_rights)
227 
228 /*
229  * Note the constant pattern may *hide* bugs.
230  * Note also that we enable debug checks for non-TIED KLDs
231  * so that they can run on an INVARIANTS kernel without tripping over
232  * assertions on ni_debugflags state.
233  */
234 #if defined(INVARIANTS) || (defined(KLD_MODULE) && !defined(KLD_TIED))
235 #define NDINIT_PREFILL(arg)	memset(arg, 0xff, offsetof(struct nameidata,	\
236     ni_dvp_seqc))
237 #define NDINIT_DBG(arg)		{ (arg)->ni_debugflags = NAMEI_DBG_INITED; }
238 #define NDREINIT_DBG(arg)	{						\
239 	if (((arg)->ni_debugflags & NAMEI_DBG_INITED) == 0)			\
240 		panic("namei data not inited");					\
241 	if (((arg)->ni_debugflags & NAMEI_DBG_HADSTARTDIR) != 0)		\
242 		panic("NDREINIT on namei data with NAMEI_DBG_HADSTARTDIR");	\
243 	if ((arg)->ni_nctrack_mnt != NULL)			\
244 		panic("NDREINIT on namei data with leaked ni_nctrack_mnt");	\
245 	if (!TAILQ_EMPTY(&(arg)->ni_cap_tracker))				\
246 		panic("NDREINIT on namei data with leaked ni_cap_tracker");	\
247 	(arg)->ni_debugflags = NAMEI_DBG_INITED;				\
248 }
249 #else
250 #define NDINIT_PREFILL(arg)	do { } while (0)
251 #define NDINIT_DBG(arg)		do { } while (0)
252 #define NDREINIT_DBG(arg)	do { } while (0)
253 #endif
254 
255 #define NDINIT_ALL(ndp, op, flags, segflg, namep, dirfd, startdir, rightsp)	\
256 do {										\
257 	struct nameidata *_ndp = (ndp);						\
258 	const cap_rights_t *_rightsp = (rightsp);					\
259 	MPASS(_rightsp != NULL);						\
260 	NDINIT_PREFILL(_ndp);							\
261 	NDINIT_DBG(_ndp);							\
262 	_ndp->ni_cnd.cn_nameiop = op;						\
263 	_ndp->ni_cnd.cn_flags = (flags) | NAMEILOOKUP;				\
264 	_ndp->ni_segflg = segflg;						\
265 	_ndp->ni_dirp = namep;							\
266 	_ndp->ni_dirfd = dirfd;							\
267 	_ndp->ni_startdir = startdir;						\
268 	_ndp->ni_resflags = 0;							\
269 	filecaps_init(&_ndp->ni_filecaps);					\
270 	_ndp->ni_rightsneeded = _rightsp;					\
271 	_ndp->ni_rbeneath_dpp = NULL;						\
272 	_ndp->ni_nctrack_mnt = NULL;						\
273 	TAILQ_INIT(&_ndp->ni_cap_tracker);					\
274 } while (0)
275 
276 #define NDREINIT(ndp)	do {							\
277 	struct nameidata *_ndp = (ndp);						\
278 	NDREINIT_DBG(_ndp);							\
279 	filecaps_free(&_ndp->ni_filecaps);					\
280 	_ndp->ni_resflags = 0;							\
281 	_ndp->ni_startdir = NULL;						\
282 	_ndp->ni_cnd.cn_flags &= ~NAMEI_INTERNAL_FLAGS;				\
283 } while (0)
284 
285 #define	NDPREINIT(ndp) do {							\
286 	(ndp)->ni_dvp_seqc = SEQC_MOD;						\
287 	(ndp)->ni_vp_seqc = SEQC_MOD;						\
288 } while (0)
289 
290 #define NDFREE_IOCTLCAPS(ndp) do {						\
291 	struct nameidata *_ndp = (ndp);						\
292 	filecaps_free(&_ndp->ni_filecaps);					\
293 } while (0)
294 
295 #define	NDFREE_PNBUF(ndp) do {							\
296 	struct nameidata *_ndp = (ndp);						\
297 	MPASS(_ndp->ni_cnd.cn_pnbuf != NULL);					\
298 	uma_zfree(namei_zone, _ndp->ni_cnd.cn_pnbuf);				\
299 	_ndp->ni_cnd.cn_pnbuf = NULL;						\
300 } while (0)
301 
302 int	namei(struct nameidata *ndp);
303 int	vfs_lookup(struct nameidata *ndp);
304 bool	vfs_lookup_isroot(struct nameidata *ndp, struct vnode *dvp);
305 struct nameidata *vfs_lookup_nameidata(struct componentname *cnp);
306 int	vfs_relookup(struct vnode *dvp, struct vnode **vpp,
307 	    struct componentname *cnp, bool refstart);
308 
309 #define namei_setup_rootdir(ndp, cnp, pwd) do {					\
310 	if (__predict_true((cnp->cn_flags & ISRESTARTED) == 0))			\
311 		ndp->ni_rootdir = pwd->pwd_adir;				\
312 	else									\
313 		ndp->ni_rootdir = pwd->pwd_rdir;				\
314 } while (0)
315 #endif
316 
317 /*
318  * Stats on usefulness of namei caches.
319  */
320 struct nchstats {
321 	long	ncs_goodhits;		/* hits that we can really use */
322 	long	ncs_neghits;		/* negative hits that we can use */
323 	long	ncs_badhits;		/* hits we must drop */
324 	long	ncs_falsehits;		/* hits with id mismatch */
325 	long	ncs_miss;		/* misses */
326 	long	ncs_long;		/* long names that ignore cache */
327 	long	ncs_pass2;		/* names found with passes == 2 */
328 	long	ncs_2passes;		/* number of times we attempt it */
329 };
330 
331 extern struct nchstats nchstats;
332 
333 #endif /* !_SYS_NAMEI_H_ */
334