1 // SPDX-License-Identifier: CDDL-1.0
2 /*
3 * CDDL HEADER START
4 *
5 * The contents of this file are subject to the terms of the
6 * Common Development and Distribution License (the "License").
7 * You may not use this file except in compliance with the License.
8 *
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or https://opensource.org/licenses/CDDL-1.0.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
13 *
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
19 *
20 * CDDL HEADER END
21 */
22
23 /*
24 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
25 * Copyright (c) 2012, 2015 by Delphix. All rights reserved.
26 * Copyright (c) 2014 Integros [integros.com]
27 * Copyright 2017 Nexenta Systems, Inc.
28 * Copyright (c) 2025, Klara, Inc.
29 */
30
31 /* Portions Copyright 2007 Jeremy Teo */
32 /* Portions Copyright 2010 Robert Milkowski */
33
34 #include <sys/param.h>
35 #include <sys/time.h>
36 #include <sys/systm.h>
37 #include <sys/sysmacros.h>
38 #include <sys/resource.h>
39 #include <security/mac/mac_framework.h>
40 #include <sys/vfs.h>
41 #include <sys/endian.h>
42 #include <sys/vm.h>
43 #include <sys/vnode.h>
44 #include <sys/smr.h>
45 #include <sys/dirent.h>
46 #include <sys/file.h>
47 #include <sys/stat.h>
48 #include <sys/kmem.h>
49 #include <sys/taskq.h>
50 #include <sys/uio.h>
51 #include <sys/atomic.h>
52 #include <sys/namei.h>
53 #include <sys/mman.h>
54 #include <sys/cmn_err.h>
55 #include <sys/kdb.h>
56 #include <sys/sysproto.h>
57 #include <sys/errno.h>
58 #include <sys/unistd.h>
59 #include <sys/zfs_dir.h>
60 #include <sys/zfs_ioctl.h>
61 #include <sys/fs/zfs.h>
62 #include <sys/dmu.h>
63 #include <sys/dmu_objset.h>
64 #include <sys/dsl_dataset.h>
65 #include <sys/spa.h>
66 #include <sys/txg.h>
67 #include <sys/dbuf.h>
68 #include <sys/zap.h>
69 #include <sys/sa.h>
70 #include <sys/policy.h>
71 #include <sys/sunddi.h>
72 #include <sys/filio.h>
73 #include <sys/sid.h>
74 #include <sys/zfs_ctldir.h>
75 #include <sys/zfs_fuid.h>
76 #include <sys/zfs_quota.h>
77 #include <sys/zfs_sa.h>
78 #include <sys/zfs_rlock.h>
79 #include <sys/zfs_project.h>
80 #include <sys/bio.h>
81 #include <sys/buf.h>
82 #include <sys/sched.h>
83 #include <sys/acl.h>
84 #include <sys/vmmeter.h>
85 #include <vm/vm_param.h>
86 #include <sys/zil.h>
87 #include <sys/zfs_vnops.h>
88 #include <sys/module.h>
89 #include <sys/sysent.h>
90 #include <sys/dmu_impl.h>
91 #include <sys/brt.h>
92 #include <sys/zfeature.h>
93
94 #include <vm/vm_object.h>
95
96 #include <sys/extattr.h>
97 #include <sys/priv.h>
98
99 #ifndef VN_OPEN_INVFS
100 #define VN_OPEN_INVFS 0x0
101 #endif
102
103 VFS_SMR_DECLARE;
104
105 #ifdef DEBUG_VFS_LOCKS
106 #define VNCHECKREF(vp) \
107 VNASSERT((vp)->v_holdcnt > 0 && (vp)->v_usecount > 0, vp, \
108 ("%s: wrong ref counts", __func__));
109 #else
110 #define VNCHECKREF(vp)
111 #endif
112
113 #if __FreeBSD_version >= 1400045
114 typedef uint64_t cookie_t;
115 #else
116 typedef ulong_t cookie_t;
117 #endif
118
119 static int zfs_check_attrname(const char *name);
120
121 /*
122 * Programming rules.
123 *
124 * Each vnode op performs some logical unit of work. To do this, the ZPL must
125 * properly lock its in-core state, create a DMU transaction, do the work,
126 * record this work in the intent log (ZIL), commit the DMU transaction,
127 * and wait for the intent log to commit if it is a synchronous operation.
128 * Moreover, the vnode ops must work in both normal and log replay context.
129 * The ordering of events is important to avoid deadlocks and references
130 * to freed memory. The example below illustrates the following Big Rules:
131 *
132 * (1) A check must be made in each zfs thread for a mounted file system.
133 * This is done avoiding races using zfs_enter(zfsvfs).
134 * A zfs_exit(zfsvfs) is needed before all returns. Any znodes
135 * must be checked with zfs_verify_zp(zp). Both of these macros
136 * can return EIO from the calling function.
137 *
138 * (2) VN_RELE() should always be the last thing except for zil_commit()
139 * (if necessary) and zfs_exit(). This is for 3 reasons:
140 * First, if it's the last reference, the vnode/znode
141 * can be freed, so the zp may point to freed memory. Second, the last
142 * reference will call zfs_zinactive(), which may induce a lot of work --
143 * pushing cached pages (which acquires range locks) and syncing out
144 * cached atime changes. Third, zfs_zinactive() may require a new tx,
145 * which could deadlock the system if you were already holding one.
146 * If you must call VN_RELE() within a tx then use VN_RELE_ASYNC().
147 *
148 * (3) All range locks must be grabbed before calling dmu_tx_assign(),
149 * as they can span dmu_tx_assign() calls.
150 *
151 * (4) If ZPL locks are held, pass DMU_TX_NOWAIT as the second argument to
152 * dmu_tx_assign(). This is critical because we don't want to block
153 * while holding locks.
154 *
155 * If no ZPL locks are held (aside from zfs_enter()), use DMU_TX_WAIT.
156 * This reduces lock contention and CPU usage when we must wait (note
157 * that if throughput is constrained by the storage, nearly every
158 * transaction must wait).
159 *
160 * Note, in particular, that if a lock is sometimes acquired before
161 * the tx assigns, and sometimes after (e.g. z_lock), then failing
162 * to use a non-blocking assign can deadlock the system. The scenario:
163 *
164 * Thread A has grabbed a lock before calling dmu_tx_assign().
165 * Thread B is in an already-assigned tx, and blocks for this lock.
166 * Thread A calls dmu_tx_assign(DMU_TX_WAIT) and blocks in
167 * txg_wait_open() forever, because the previous txg can't quiesce
168 * until B's tx commits.
169 *
170 * If dmu_tx_assign() returns ERESTART and zfsvfs->z_assign is
171 * DMU_TX_NOWAIT, then drop all locks, call dmu_tx_wait(), and try
172 * again. On subsequent calls to dmu_tx_assign(), pass
173 * DMU_TX_NOTHROTTLE in addition to DMU_TX_NOWAIT, to indicate that
174 * this operation has already called dmu_tx_wait(). This will ensure
175 * that we don't retry forever, waiting a short bit each time.
176 *
177 * (5) If the operation succeeded, generate the intent log entry for it
178 * before dropping locks. This ensures that the ordering of events
179 * in the intent log matches the order in which they actually occurred.
180 * During ZIL replay the zfs_log_* functions will update the sequence
181 * number to indicate the zil transaction has replayed.
182 *
183 * (6) At the end of each vnode op, the DMU tx must always commit,
184 * regardless of whether there were any errors.
185 *
186 * (7) After dropping all locks, invoke zil_commit(zilog, foid)
187 * to ensure that synchronous semantics are provided when necessary.
188 *
189 * In general, this is how things should be ordered in each vnode op:
190 *
191 * zfs_enter(zfsvfs); // exit if unmounted
192 * top:
193 * zfs_dirent_lookup(&dl, ...) // lock directory entry (may VN_HOLD())
194 * rw_enter(...); // grab any other locks you need
195 * tx = dmu_tx_create(...); // get DMU tx
196 * dmu_tx_hold_*(); // hold each object you might modify
197 * error = dmu_tx_assign(tx,
198 * (waited ? DMU_TX_NOTHROTTLE : 0) | DMU_TX_NOWAIT);
199 * if (error) {
200 * rw_exit(...); // drop locks
201 * zfs_dirent_unlock(dl); // unlock directory entry
202 * VN_RELE(...); // release held vnodes
203 * if (error == ERESTART) {
204 * waited = B_TRUE;
205 * dmu_tx_wait(tx);
206 * dmu_tx_abort(tx);
207 * goto top;
208 * }
209 * dmu_tx_abort(tx); // abort DMU tx
210 * zfs_exit(zfsvfs); // finished in zfs
211 * return (error); // really out of space
212 * }
213 * error = do_real_work(); // do whatever this VOP does
214 * if (error == 0)
215 * zfs_log_*(...); // on success, make ZIL entry
216 * dmu_tx_commit(tx); // commit DMU tx -- error or not
217 * rw_exit(...); // drop locks
218 * zfs_dirent_unlock(dl); // unlock directory entry
219 * VN_RELE(...); // release held vnodes
220 * zil_commit(zilog, foid); // synchronous when necessary
221 * zfs_exit(zfsvfs); // finished in zfs
222 * return (error); // done, report error
223 */
224 static int
zfs_open(vnode_t ** vpp,int flag,cred_t * cr)225 zfs_open(vnode_t **vpp, int flag, cred_t *cr)
226 {
227 (void) cr;
228 znode_t *zp = VTOZ(*vpp);
229 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
230 int error;
231
232 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
233 return (error);
234
235 if ((flag & FWRITE) && (zp->z_pflags & ZFS_APPENDONLY) &&
236 ((flag & FAPPEND) == 0)) {
237 zfs_exit(zfsvfs, FTAG);
238 return (SET_ERROR(EPERM));
239 }
240
241 /*
242 * Keep a count of the synchronous opens in the znode. On first
243 * synchronous open we must convert all previous async transactions
244 * into sync to keep correct ordering.
245 */
246 if (flag & O_SYNC) {
247 if (atomic_inc_32_nv(&zp->z_sync_cnt) == 1)
248 zil_async_to_sync(zfsvfs->z_log, zp->z_id);
249 }
250
251 zfs_exit(zfsvfs, FTAG);
252 return (0);
253 }
254
255 static int
zfs_close(vnode_t * vp,int flag,int count,offset_t offset,cred_t * cr)256 zfs_close(vnode_t *vp, int flag, int count, offset_t offset, cred_t *cr)
257 {
258 (void) offset, (void) cr;
259 znode_t *zp = VTOZ(vp);
260 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
261 int error;
262
263 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
264 return (error);
265
266 /* Decrement the synchronous opens in the znode */
267 if ((flag & O_SYNC) && (count == 1))
268 atomic_dec_32(&zp->z_sync_cnt);
269
270 zfs_exit(zfsvfs, FTAG);
271 return (0);
272 }
273
274 static int
zfs_ioctl_getxattr(vnode_t * vp,zfsxattr_t * fsx)275 zfs_ioctl_getxattr(vnode_t *vp, zfsxattr_t *fsx)
276 {
277 znode_t *zp = VTOZ(vp);
278
279 memset(fsx, 0, sizeof (*fsx));
280 fsx->fsx_xflags = (zp->z_pflags & ZFS_PROJINHERIT) ?
281 FS_PROJINHERIT_FL : 0;
282 fsx->fsx_projid = zp->z_projid;
283
284 return (0);
285 }
286
287 static int
zfs_ioctl_setflags(vnode_t * vp,uint32_t ioctl_flags,xvattr_t * xva)288 zfs_ioctl_setflags(vnode_t *vp, uint32_t ioctl_flags, xvattr_t *xva)
289 {
290 uint64_t zfs_flags = VTOZ(vp)->z_pflags;
291 xoptattr_t *xoap;
292
293 if (ioctl_flags & ~(FS_PROJINHERIT_FL))
294 return (SET_ERROR(EOPNOTSUPP));
295
296 xva_init(xva);
297 xoap = xva_getxoptattr(xva);
298
299 #define FLAG_CHANGE(iflag, zflag, xflag, xfield) do { \
300 if (((ioctl_flags & (iflag)) && !(zfs_flags & (zflag))) || \
301 ((zfs_flags & (zflag)) && !(ioctl_flags & (iflag)))) { \
302 XVA_SET_REQ(xva, (xflag)); \
303 (xfield) = ((ioctl_flags & (iflag)) != 0); \
304 } \
305 } while (0)
306
307 FLAG_CHANGE(FS_PROJINHERIT_FL, ZFS_PROJINHERIT, XAT_PROJINHERIT,
308 xoap->xoa_projinherit);
309
310 #undef FLAG_CHANGE
311
312 return (0);
313 }
314
315 static int
zfs_ioctl_setxattr(vnode_t * vp,zfsxattr_t * fsx,cred_t * cr)316 zfs_ioctl_setxattr(vnode_t *vp, zfsxattr_t *fsx, cred_t *cr)
317 {
318 znode_t *zp = VTOZ(vp);
319 xvattr_t xva;
320 xoptattr_t *xoap;
321 int err;
322
323 if (!zpl_is_valid_projid(fsx->fsx_projid))
324 return (SET_ERROR(EINVAL));
325
326 err = zfs_ioctl_setflags(vp, fsx->fsx_xflags, &xva);
327 if (err)
328 return (err);
329
330 xoap = xva_getxoptattr(&xva);
331 XVA_SET_REQ(&xva, XAT_PROJID);
332 xoap->xoa_projid = fsx->fsx_projid;
333
334 err = zfs_setattr(zp, (vattr_t *)&xva, 0, cr, NULL);
335
336 return (err);
337 }
338
339 static int
zfs_ioctl(vnode_t * vp,ulong_t com,intptr_t data,int flag,cred_t * cred,int * rvalp)340 zfs_ioctl(vnode_t *vp, ulong_t com, intptr_t data, int flag, cred_t *cred,
341 int *rvalp)
342 {
343 (void) flag, (void) cred, (void) rvalp;
344 loff_t off;
345 int error;
346
347 switch (com) {
348 case _FIOFFS:
349 {
350 return (0);
351
352 /*
353 * The following two ioctls are used by bfu. Faking out,
354 * necessary to avoid bfu errors.
355 */
356 }
357 case _FIOGDIO:
358 case _FIOSDIO:
359 {
360 return (0);
361 }
362
363 case F_SEEK_DATA:
364 case F_SEEK_HOLE:
365 {
366 off = *(offset_t *)data;
367 error = vn_lock(vp, LK_SHARED);
368 if (error)
369 return (error);
370 /* offset parameter is in/out */
371 error = zfs_holey(VTOZ(vp), com, &off);
372 VOP_UNLOCK(vp);
373 if (error)
374 return (error);
375 *(offset_t *)data = off;
376 return (0);
377 }
378 case ZFS_IOC_FSGETXATTR: {
379 zfsxattr_t *fsx = (zfsxattr_t *)data;
380 error = vn_lock(vp, LK_SHARED);
381 if (error)
382 return (error);
383 error = zfs_ioctl_getxattr(vp, fsx);
384 VOP_UNLOCK(vp);
385 return (error);
386 }
387 case ZFS_IOC_FSSETXATTR: {
388 zfsxattr_t *fsx = (zfsxattr_t *)data;
389 error = vn_lock(vp, LK_EXCLUSIVE);
390 if (error)
391 return (error);
392 vn_seqc_write_begin(vp);
393 error = zfs_ioctl_setxattr(vp, fsx, cred);
394 vn_seqc_write_end(vp);
395 VOP_UNLOCK(vp);
396 return (error);
397 }
398 case ZFS_IOC_REWRITE: {
399 zfs_rewrite_args_t *args = (zfs_rewrite_args_t *)data;
400 if ((flag & FWRITE) == 0)
401 return (SET_ERROR(EBADF));
402 error = vn_lock(vp, LK_SHARED);
403 if (error)
404 return (error);
405 error = zfs_rewrite(VTOZ(vp), args->off, args->len,
406 args->flags, args->arg);
407 VOP_UNLOCK(vp);
408 return (error);
409 }
410 }
411 return (SET_ERROR(ENOTTY));
412 }
413
414 static vm_page_t
page_busy(vnode_t * vp,int64_t start,int64_t off,int64_t nbytes)415 page_busy(vnode_t *vp, int64_t start, int64_t off, int64_t nbytes)
416 {
417 vm_object_t obj;
418 vm_page_t pp;
419 int64_t end;
420
421 /*
422 * At present vm_page_clear_dirty extends the cleared range to DEV_BSIZE
423 * aligned boundaries, if the range is not aligned. As a result a
424 * DEV_BSIZE subrange with partially dirty data may get marked as clean.
425 * It may happen that all DEV_BSIZE subranges are marked clean and thus
426 * the whole page would be considered clean despite have some
427 * dirty data.
428 * For this reason we should shrink the range to DEV_BSIZE aligned
429 * boundaries before calling vm_page_clear_dirty.
430 */
431 end = rounddown2(off + nbytes, DEV_BSIZE);
432 off = roundup2(off, DEV_BSIZE);
433 nbytes = end - off;
434
435 obj = vp->v_object;
436 vm_page_grab_valid_unlocked(&pp, obj, OFF_TO_IDX(start),
437 VM_ALLOC_NOCREAT | VM_ALLOC_SBUSY | VM_ALLOC_NORMAL |
438 VM_ALLOC_IGN_SBUSY);
439 if (pp != NULL) {
440 ASSERT3U(pp->valid, ==, VM_PAGE_BITS_ALL);
441 vm_object_pip_add(obj, 1);
442 pmap_remove_write(pp);
443 if (nbytes != 0)
444 vm_page_clear_dirty(pp, off, nbytes);
445 }
446 return (pp);
447 }
448
449 static void
page_unbusy(vm_page_t pp)450 page_unbusy(vm_page_t pp)
451 {
452
453 vm_page_sunbusy(pp);
454 vm_object_pip_wakeup(pp->object);
455 }
456
457 static vm_page_t
page_hold(vnode_t * vp,int64_t start)458 page_hold(vnode_t *vp, int64_t start)
459 {
460 vm_object_t obj;
461 vm_page_t m;
462
463 obj = vp->v_object;
464 vm_page_grab_valid_unlocked(&m, obj, OFF_TO_IDX(start),
465 VM_ALLOC_NOCREAT | VM_ALLOC_WIRED | VM_ALLOC_IGN_SBUSY |
466 VM_ALLOC_NOBUSY);
467 return (m);
468 }
469
470 static void
page_unhold(vm_page_t pp)471 page_unhold(vm_page_t pp)
472 {
473 vm_page_unwire(pp, PQ_ACTIVE);
474 }
475
476 /*
477 * When a file is memory mapped, we must keep the IO data synchronized
478 * between the DMU cache and the memory mapped pages. What this means:
479 *
480 * On Write: If we find a memory mapped page, we write to *both*
481 * the page and the dmu buffer.
482 */
483 void
update_pages(znode_t * zp,int64_t start,int len,objset_t * os)484 update_pages(znode_t *zp, int64_t start, int len, objset_t *os)
485 {
486 vm_object_t obj;
487 struct sf_buf *sf;
488 vnode_t *vp = ZTOV(zp);
489 caddr_t va;
490 int off;
491
492 ASSERT3P(vp->v_mount, !=, NULL);
493 obj = vp->v_object;
494 ASSERT3P(obj, !=, NULL);
495
496 off = start & PAGEOFFSET;
497 vm_object_pip_add(obj, 1);
498 for (start &= PAGEMASK; len > 0; start += PAGESIZE) {
499 vm_page_t pp;
500 int nbytes = imin(PAGESIZE - off, len);
501
502 if ((pp = page_busy(vp, start, off, nbytes)) != NULL) {
503 va = zfs_map_page(pp, &sf);
504 (void) dmu_read(os, zp->z_id, start + off, nbytes,
505 va + off, DMU_READ_PREFETCH);
506 zfs_unmap_page(sf);
507 page_unbusy(pp);
508 }
509 len -= nbytes;
510 off = 0;
511 }
512 vm_object_pip_wakeup(obj);
513 }
514
515 /*
516 * Read with UIO_NOCOPY flag means that sendfile(2) requests
517 * ZFS to populate a range of page cache pages with data.
518 *
519 * NOTE: this function could be optimized to pre-allocate
520 * all pages in advance, drain exclusive busy on all of them,
521 * map them into contiguous KVA region and populate them
522 * in one single dmu_read() call.
523 */
524 int
mappedread_sf(znode_t * zp,int nbytes,zfs_uio_t * uio)525 mappedread_sf(znode_t *zp, int nbytes, zfs_uio_t *uio)
526 {
527 vnode_t *vp = ZTOV(zp);
528 objset_t *os = zp->z_zfsvfs->z_os;
529 struct sf_buf *sf;
530 vm_object_t obj;
531 vm_page_t pp;
532 int64_t start;
533 caddr_t va;
534 int len = nbytes;
535 int error = 0;
536
537 ASSERT3U(zfs_uio_segflg(uio), ==, UIO_NOCOPY);
538 ASSERT3P(vp->v_mount, !=, NULL);
539 obj = vp->v_object;
540 ASSERT3P(obj, !=, NULL);
541 ASSERT0(zfs_uio_offset(uio) & PAGEOFFSET);
542
543 for (start = zfs_uio_offset(uio); len > 0; start += PAGESIZE) {
544 int bytes = MIN(PAGESIZE, len);
545
546 pp = vm_page_grab_unlocked(obj, OFF_TO_IDX(start),
547 VM_ALLOC_SBUSY | VM_ALLOC_NORMAL | VM_ALLOC_IGN_SBUSY);
548 if (vm_page_none_valid(pp)) {
549 va = zfs_map_page(pp, &sf);
550 error = dmu_read(os, zp->z_id, start, bytes, va,
551 DMU_READ_PREFETCH);
552 if (bytes != PAGESIZE && error == 0)
553 memset(va + bytes, 0, PAGESIZE - bytes);
554 zfs_unmap_page(sf);
555 if (error == 0) {
556 vm_page_valid(pp);
557 vm_page_activate(pp);
558 vm_page_sunbusy(pp);
559 } else {
560 zfs_vmobject_wlock(obj);
561 if (!vm_page_wired(pp) && pp->valid == 0 &&
562 vm_page_busy_tryupgrade(pp))
563 vm_page_free(pp);
564 else {
565 vm_page_deactivate_noreuse(pp);
566 vm_page_sunbusy(pp);
567 }
568 zfs_vmobject_wunlock(obj);
569 }
570 } else {
571 ASSERT3U(pp->valid, ==, VM_PAGE_BITS_ALL);
572 vm_page_sunbusy(pp);
573 }
574 if (error)
575 break;
576 zfs_uio_advance(uio, bytes);
577 len -= bytes;
578 }
579 return (error);
580 }
581
582 /*
583 * When a file is memory mapped, we must keep the IO data synchronized
584 * between the DMU cache and the memory mapped pages. What this means:
585 *
586 * On Read: We "read" preferentially from memory mapped pages,
587 * else we default from the dmu buffer.
588 *
589 * NOTE: We will always "break up" the IO into PAGESIZE uiomoves when
590 * the file is memory mapped.
591 */
592 int
mappedread(znode_t * zp,int nbytes,zfs_uio_t * uio)593 mappedread(znode_t *zp, int nbytes, zfs_uio_t *uio)
594 {
595 vnode_t *vp = ZTOV(zp);
596 vm_object_t obj;
597 int64_t start;
598 int len = nbytes;
599 int off;
600 int error = 0;
601
602 ASSERT3P(vp->v_mount, !=, NULL);
603 obj = vp->v_object;
604 ASSERT3P(obj, !=, NULL);
605
606 start = zfs_uio_offset(uio);
607 off = start & PAGEOFFSET;
608 for (start &= PAGEMASK; len > 0; start += PAGESIZE) {
609 vm_page_t pp;
610 uint64_t bytes = MIN(PAGESIZE - off, len);
611
612 if ((pp = page_hold(vp, start))) {
613 struct sf_buf *sf;
614 caddr_t va;
615
616 va = zfs_map_page(pp, &sf);
617 error = vn_io_fault_uiomove(va + off, bytes,
618 GET_UIO_STRUCT(uio));
619 zfs_unmap_page(sf);
620 page_unhold(pp);
621 } else {
622 error = dmu_read_uio_dbuf(sa_get_db(zp->z_sa_hdl),
623 uio, bytes, DMU_READ_PREFETCH);
624 }
625 len -= bytes;
626 off = 0;
627 if (error)
628 break;
629 }
630 return (error);
631 }
632
633 int
zfs_write_simple(znode_t * zp,const void * data,size_t len,loff_t pos,size_t * presid)634 zfs_write_simple(znode_t *zp, const void *data, size_t len,
635 loff_t pos, size_t *presid)
636 {
637 int error = 0;
638 ssize_t resid;
639
640 error = vn_rdwr(UIO_WRITE, ZTOV(zp), __DECONST(void *, data), len, pos,
641 UIO_SYSSPACE, IO_SYNC, kcred, NOCRED, &resid, curthread);
642
643 if (error) {
644 return (SET_ERROR(error));
645 } else if (presid == NULL) {
646 if (resid != 0) {
647 error = SET_ERROR(EIO);
648 }
649 } else {
650 *presid = resid;
651 }
652 return (error);
653 }
654
655 void
zfs_zrele_async(znode_t * zp)656 zfs_zrele_async(znode_t *zp)
657 {
658 vnode_t *vp = ZTOV(zp);
659 objset_t *os = ITOZSB(vp)->z_os;
660
661 VN_RELE_ASYNC(vp, dsl_pool_zrele_taskq(dmu_objset_pool(os)));
662 }
663
664 static int
zfs_dd_callback(struct mount * mp,void * arg,int lkflags,struct vnode ** vpp)665 zfs_dd_callback(struct mount *mp, void *arg, int lkflags, struct vnode **vpp)
666 {
667 int error;
668
669 *vpp = arg;
670 error = vn_lock(*vpp, lkflags);
671 if (error != 0)
672 vrele(*vpp);
673 return (error);
674 }
675
676 static int
zfs_lookup_lock(vnode_t * dvp,vnode_t * vp,const char * name,int lkflags)677 zfs_lookup_lock(vnode_t *dvp, vnode_t *vp, const char *name, int lkflags)
678 {
679 znode_t *zdp = VTOZ(dvp);
680 zfsvfs_t *zfsvfs __unused = zdp->z_zfsvfs;
681 int error;
682 int ltype;
683
684 if (zfsvfs->z_replay == B_FALSE)
685 ASSERT_VOP_LOCKED(dvp, __func__);
686
687 if (name[0] == 0 || (name[0] == '.' && name[1] == 0)) {
688 ASSERT3P(dvp, ==, vp);
689 vref(dvp);
690 ltype = lkflags & LK_TYPE_MASK;
691 if (ltype != VOP_ISLOCKED(dvp)) {
692 if (ltype == LK_EXCLUSIVE)
693 vn_lock(dvp, LK_UPGRADE | LK_RETRY);
694 else /* if (ltype == LK_SHARED) */
695 vn_lock(dvp, LK_DOWNGRADE | LK_RETRY);
696
697 /*
698 * Relock for the "." case could leave us with
699 * reclaimed vnode.
700 */
701 if (VN_IS_DOOMED(dvp)) {
702 vrele(dvp);
703 return (SET_ERROR(ENOENT));
704 }
705 }
706 return (0);
707 } else if (name[0] == '.' && name[1] == '.' && name[2] == 0) {
708 /*
709 * Note that in this case, dvp is the child vnode, and we
710 * are looking up the parent vnode - exactly reverse from
711 * normal operation. Unlocking dvp requires some rather
712 * tricky unlock/relock dance to prevent mp from being freed;
713 * use vn_vget_ino_gen() which takes care of all that.
714 *
715 * XXX Note that there is a time window when both vnodes are
716 * unlocked. It is possible, although highly unlikely, that
717 * during that window the parent-child relationship between
718 * the vnodes may change, for example, get reversed.
719 * In that case we would have a wrong lock order for the vnodes.
720 * All other filesystems seem to ignore this problem, so we
721 * do the same here.
722 * A potential solution could be implemented as follows:
723 * - using LK_NOWAIT when locking the second vnode and retrying
724 * if necessary
725 * - checking that the parent-child relationship still holds
726 * after locking both vnodes and retrying if it doesn't
727 */
728 error = vn_vget_ino_gen(dvp, zfs_dd_callback, vp, lkflags, &vp);
729 return (error);
730 } else {
731 error = vn_lock(vp, lkflags);
732 if (error != 0)
733 vrele(vp);
734 return (error);
735 }
736 }
737
738 /*
739 * Lookup an entry in a directory, or an extended attribute directory.
740 * If it exists, return a held vnode reference for it.
741 *
742 * IN: dvp - vnode of directory to search.
743 * nm - name of entry to lookup.
744 * pnp - full pathname to lookup [UNUSED].
745 * flags - LOOKUP_XATTR set if looking for an attribute.
746 * rdir - root directory vnode [UNUSED].
747 * cr - credentials of caller.
748 * ct - caller context
749 *
750 * OUT: vpp - vnode of located entry, NULL if not found.
751 *
752 * RETURN: 0 on success, error code on failure.
753 *
754 * Timestamps:
755 * NA
756 */
757 static int
zfs_lookup(vnode_t * dvp,const char * nm,vnode_t ** vpp,struct componentname * cnp,int nameiop,cred_t * cr,int flags,boolean_t cached)758 zfs_lookup(vnode_t *dvp, const char *nm, vnode_t **vpp,
759 struct componentname *cnp, int nameiop, cred_t *cr, int flags,
760 boolean_t cached)
761 {
762 znode_t *zdp = VTOZ(dvp);
763 znode_t *zp;
764 zfsvfs_t *zfsvfs = zdp->z_zfsvfs;
765 seqc_t dvp_seqc;
766 int error = 0;
767
768 /*
769 * Fast path lookup, however we must skip DNLC lookup
770 * for case folding or normalizing lookups because the
771 * DNLC code only stores the passed in name. This means
772 * creating 'a' and removing 'A' on a case insensitive
773 * file system would work, but DNLC still thinks 'a'
774 * exists and won't let you create it again on the next
775 * pass through fast path.
776 */
777 if (!(flags & LOOKUP_XATTR)) {
778 if (dvp->v_type != VDIR) {
779 return (SET_ERROR(ENOTDIR));
780 } else if (zdp->z_sa_hdl == NULL) {
781 return (SET_ERROR(EIO));
782 }
783 }
784
785 DTRACE_PROBE2(zfs__fastpath__lookup__miss, vnode_t *, dvp,
786 const char *, nm);
787
788 if ((error = zfs_enter_verify_zp(zfsvfs, zdp, FTAG)) != 0)
789 return (error);
790
791 dvp_seqc = vn_seqc_read_notmodify(dvp);
792
793 *vpp = NULL;
794
795 if (flags & LOOKUP_XATTR) {
796 /*
797 * If the xattr property is off, refuse the lookup request.
798 */
799 if (!(zfsvfs->z_flags & ZSB_XATTR)) {
800 zfs_exit(zfsvfs, FTAG);
801 return (SET_ERROR(EOPNOTSUPP));
802 }
803
804 /*
805 * We don't allow recursive attributes..
806 * Maybe someday we will.
807 */
808 if (zdp->z_pflags & ZFS_XATTR) {
809 zfs_exit(zfsvfs, FTAG);
810 return (SET_ERROR(EINVAL));
811 }
812
813 if ((error = zfs_get_xattrdir(VTOZ(dvp), &zp, cr, flags))) {
814 zfs_exit(zfsvfs, FTAG);
815 return (error);
816 }
817 *vpp = ZTOV(zp);
818
819 /*
820 * Do we have permission to get into attribute directory?
821 */
822 if (flags & LOOKUP_NAMED_ATTR)
823 error = zfs_zaccess(zp, ACE_EXECUTE, V_NAMEDATTR,
824 B_FALSE, cr, NULL);
825 else
826 error = zfs_zaccess(zp, ACE_EXECUTE, 0, B_FALSE, cr,
827 NULL);
828 if (error) {
829 vrele(ZTOV(zp));
830 }
831
832 zfs_exit(zfsvfs, FTAG);
833 return (error);
834 }
835
836 /*
837 * Check accessibility of directory if we're not coming in via
838 * VOP_CACHEDLOOKUP.
839 */
840 if (!cached) {
841 #ifdef NOEXECCHECK
842 if ((cnp->cn_flags & NOEXECCHECK) != 0) {
843 cnp->cn_flags &= ~NOEXECCHECK;
844 } else
845 #endif
846 if ((error = zfs_zaccess(zdp, ACE_EXECUTE, 0, B_FALSE, cr,
847 NULL))) {
848 zfs_exit(zfsvfs, FTAG);
849 return (error);
850 }
851 }
852
853 if (zfsvfs->z_utf8 && u8_validate(nm, strlen(nm),
854 NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
855 zfs_exit(zfsvfs, FTAG);
856 return (SET_ERROR(EILSEQ));
857 }
858
859
860 /*
861 * First handle the special cases.
862 */
863 if ((cnp->cn_flags & ISDOTDOT) != 0) {
864 /*
865 * If we are a snapshot mounted under .zfs, return
866 * the vp for the snapshot directory.
867 */
868 if (zdp->z_id == zfsvfs->z_root && zfsvfs->z_parent != zfsvfs) {
869 struct componentname cn;
870 vnode_t *zfsctl_vp;
871 int ltype;
872
873 zfs_exit(zfsvfs, FTAG);
874 ltype = VOP_ISLOCKED(dvp);
875 VOP_UNLOCK(dvp);
876 error = zfsctl_root(zfsvfs->z_parent, LK_SHARED,
877 &zfsctl_vp);
878 if (error == 0) {
879 cn.cn_nameptr = "snapshot";
880 cn.cn_namelen = strlen(cn.cn_nameptr);
881 cn.cn_nameiop = cnp->cn_nameiop;
882 cn.cn_flags = cnp->cn_flags & ~ISDOTDOT;
883 cn.cn_lkflags = cnp->cn_lkflags;
884 error = VOP_LOOKUP(zfsctl_vp, vpp, &cn);
885 vput(zfsctl_vp);
886 }
887 vn_lock(dvp, ltype | LK_RETRY);
888 return (error);
889 }
890 }
891 if (zfs_has_ctldir(zdp) && strcmp(nm, ZFS_CTLDIR_NAME) == 0) {
892 zfs_exit(zfsvfs, FTAG);
893 if (zfsvfs->z_show_ctldir == ZFS_SNAPDIR_DISABLED)
894 return (SET_ERROR(ENOENT));
895 if ((cnp->cn_flags & ISLASTCN) != 0 && nameiop != LOOKUP)
896 return (SET_ERROR(ENOTSUP));
897 error = zfsctl_root(zfsvfs, cnp->cn_lkflags, vpp);
898 return (error);
899 }
900
901 /*
902 * The loop is retry the lookup if the parent-child relationship
903 * changes during the dot-dot locking complexities.
904 */
905 for (;;) {
906 uint64_t parent;
907
908 error = zfs_dirlook(zdp, nm, &zp);
909 if (error == 0)
910 *vpp = ZTOV(zp);
911
912 zfs_exit(zfsvfs, FTAG);
913 if (error != 0)
914 break;
915
916 error = zfs_lookup_lock(dvp, *vpp, nm, cnp->cn_lkflags);
917 if (error != 0) {
918 /*
919 * If we've got a locking error, then the vnode
920 * got reclaimed because of a force unmount.
921 * We never enter doomed vnodes into the name cache.
922 */
923 *vpp = NULL;
924 return (error);
925 }
926
927 if ((cnp->cn_flags & ISDOTDOT) == 0)
928 break;
929
930 if ((error = zfs_enter(zfsvfs, FTAG)) != 0) {
931 vput(ZTOV(zp));
932 *vpp = NULL;
933 return (error);
934 }
935 if (zdp->z_sa_hdl == NULL) {
936 error = SET_ERROR(EIO);
937 } else {
938 error = sa_lookup(zdp->z_sa_hdl, SA_ZPL_PARENT(zfsvfs),
939 &parent, sizeof (parent));
940 }
941 if (error != 0) {
942 zfs_exit(zfsvfs, FTAG);
943 vput(ZTOV(zp));
944 break;
945 }
946 if (zp->z_id == parent) {
947 zfs_exit(zfsvfs, FTAG);
948 break;
949 }
950 vput(ZTOV(zp));
951 }
952
953 if (error != 0)
954 *vpp = NULL;
955
956 /* Translate errors and add SAVENAME when needed. */
957 if (cnp->cn_flags & ISLASTCN) {
958 switch (nameiop) {
959 case CREATE:
960 case RENAME:
961 if (error == ENOENT) {
962 error = EJUSTRETURN;
963 #if __FreeBSD_version < 1400068
964 cnp->cn_flags |= SAVENAME;
965 #endif
966 break;
967 }
968 zfs_fallthrough;
969 case DELETE:
970 #if __FreeBSD_version < 1400068
971 if (error == 0)
972 cnp->cn_flags |= SAVENAME;
973 #endif
974 break;
975 }
976 }
977
978 if ((cnp->cn_flags & ISDOTDOT) != 0) {
979 /*
980 * FIXME: zfs_lookup_lock relocks vnodes and does nothing to
981 * handle races. In particular different callers may end up
982 * with different vnodes and will try to add conflicting
983 * entries to the namecache.
984 *
985 * While finding different result may be acceptable in face
986 * of concurrent modification, adding conflicting entries
987 * trips over an assert in the namecache.
988 *
989 * Ultimately let an entry through once everything settles.
990 */
991 if (!vn_seqc_consistent(dvp, dvp_seqc)) {
992 cnp->cn_flags &= ~MAKEENTRY;
993 }
994 }
995
996 /* Insert name into cache (as non-existent) if appropriate. */
997 if (zfsvfs->z_use_namecache && !zfsvfs->z_replay &&
998 error == ENOENT && (cnp->cn_flags & MAKEENTRY) != 0)
999 cache_enter(dvp, NULL, cnp);
1000
1001 /* Insert name into cache if appropriate. */
1002 if (zfsvfs->z_use_namecache && !zfsvfs->z_replay &&
1003 error == 0 && (cnp->cn_flags & MAKEENTRY)) {
1004 if (!(cnp->cn_flags & ISLASTCN) ||
1005 (nameiop != DELETE && nameiop != RENAME)) {
1006 cache_enter(dvp, *vpp, cnp);
1007 }
1008 }
1009
1010 return (error);
1011 }
1012
1013 static inline bool
is_nametoolong(zfsvfs_t * zfsvfs,const char * name)1014 is_nametoolong(zfsvfs_t *zfsvfs, const char *name)
1015 {
1016 size_t dlen = strlen(name);
1017 return ((!zfsvfs->z_longname && dlen >= ZAP_MAXNAMELEN) ||
1018 dlen >= ZAP_MAXNAMELEN_NEW);
1019 }
1020
1021 /*
1022 * Attempt to create a new entry in a directory. If the entry
1023 * already exists, truncate the file if permissible, else return
1024 * an error. Return the vp of the created or trunc'd file.
1025 *
1026 * IN: dvp - vnode of directory to put new file entry in.
1027 * name - name of new file entry.
1028 * vap - attributes of new file.
1029 * excl - flag indicating exclusive or non-exclusive mode.
1030 * mode - mode to open file with.
1031 * cr - credentials of caller.
1032 * flag - large file flag [UNUSED].
1033 * ct - caller context
1034 * vsecp - ACL to be set
1035 * mnt_ns - Unused on FreeBSD
1036 *
1037 * OUT: vpp - vnode of created or trunc'd entry.
1038 *
1039 * RETURN: 0 on success, error code on failure.
1040 *
1041 * Timestamps:
1042 * dvp - ctime|mtime updated if new entry created
1043 * vp - ctime|mtime always, atime if new
1044 */
1045 int
zfs_create(znode_t * dzp,const char * name,vattr_t * vap,int excl,int mode,znode_t ** zpp,cred_t * cr,int flag,vsecattr_t * vsecp,zidmap_t * mnt_ns)1046 zfs_create(znode_t *dzp, const char *name, vattr_t *vap, int excl, int mode,
1047 znode_t **zpp, cred_t *cr, int flag, vsecattr_t *vsecp, zidmap_t *mnt_ns)
1048 {
1049 (void) excl, (void) mode, (void) flag;
1050 znode_t *zp;
1051 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
1052 zilog_t *zilog;
1053 objset_t *os;
1054 dmu_tx_t *tx;
1055 int error;
1056 uid_t uid = crgetuid(cr);
1057 gid_t gid = crgetgid(cr);
1058 uint64_t projid = ZFS_DEFAULT_PROJID;
1059 zfs_acl_ids_t acl_ids;
1060 boolean_t fuid_dirtied;
1061 uint64_t txtype;
1062 #ifdef DEBUG_VFS_LOCKS
1063 vnode_t *dvp = ZTOV(dzp);
1064 #endif
1065
1066 if (is_nametoolong(zfsvfs, name))
1067 return (SET_ERROR(ENAMETOOLONG));
1068
1069 /*
1070 * If we have an ephemeral id, ACL, or XVATTR then
1071 * make sure file system is at proper version
1072 */
1073 if (zfsvfs->z_use_fuids == B_FALSE &&
1074 (vsecp || (vap->va_mask & AT_XVATTR) ||
1075 IS_EPHEMERAL(uid) || IS_EPHEMERAL(gid)))
1076 return (SET_ERROR(EINVAL));
1077
1078 if ((error = zfs_enter_verify_zp(zfsvfs, dzp, FTAG)) != 0)
1079 return (error);
1080 os = zfsvfs->z_os;
1081 zilog = zfsvfs->z_log;
1082
1083 if (zfsvfs->z_utf8 && u8_validate(name, strlen(name),
1084 NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
1085 zfs_exit(zfsvfs, FTAG);
1086 return (SET_ERROR(EILSEQ));
1087 }
1088
1089 if (vap->va_mask & AT_XVATTR) {
1090 if ((error = secpolicy_xvattr(ZTOV(dzp), (xvattr_t *)vap,
1091 crgetuid(cr), cr, vap->va_type)) != 0) {
1092 zfs_exit(zfsvfs, FTAG);
1093 return (error);
1094 }
1095 }
1096
1097 *zpp = NULL;
1098
1099 if ((vap->va_mode & S_ISVTX) && secpolicy_vnode_stky_modify(cr))
1100 vap->va_mode &= ~S_ISVTX;
1101
1102 error = zfs_dirent_lookup(dzp, name, &zp, ZNEW);
1103 if (error) {
1104 zfs_exit(zfsvfs, FTAG);
1105 return (error);
1106 }
1107 ASSERT0P(zp);
1108
1109 /*
1110 * Create a new file object and update the directory
1111 * to reference it.
1112 */
1113 if ((error = zfs_zaccess(dzp, ACE_ADD_FILE, 0, B_FALSE, cr, mnt_ns))) {
1114 goto out;
1115 }
1116
1117 /*
1118 * We only support the creation of regular files in
1119 * extended attribute directories.
1120 */
1121
1122 if ((dzp->z_pflags & ZFS_XATTR) &&
1123 (vap->va_type != VREG)) {
1124 error = SET_ERROR(EINVAL);
1125 goto out;
1126 }
1127
1128 if ((error = zfs_acl_ids_create(dzp, 0, vap,
1129 cr, vsecp, &acl_ids, NULL)) != 0)
1130 goto out;
1131
1132 if (S_ISREG(vap->va_mode) || S_ISDIR(vap->va_mode))
1133 projid = zfs_inherit_projid(dzp);
1134 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, projid)) {
1135 zfs_acl_ids_free(&acl_ids);
1136 error = SET_ERROR(EDQUOT);
1137 goto out;
1138 }
1139
1140 getnewvnode_reserve();
1141
1142 tx = dmu_tx_create(os);
1143
1144 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
1145 ZFS_SA_BASE_ATTR_SIZE);
1146
1147 fuid_dirtied = zfsvfs->z_fuid_dirty;
1148 if (fuid_dirtied)
1149 zfs_fuid_txhold(zfsvfs, tx);
1150 dmu_tx_hold_zap(tx, dzp->z_id, TRUE, name);
1151 dmu_tx_hold_sa(tx, dzp->z_sa_hdl, B_FALSE);
1152 if (!zfsvfs->z_use_sa &&
1153 acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
1154 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
1155 0, acl_ids.z_aclp->z_acl_bytes);
1156 }
1157 error = dmu_tx_assign(tx, DMU_TX_WAIT);
1158 if (error) {
1159 zfs_acl_ids_free(&acl_ids);
1160 dmu_tx_abort(tx);
1161 getnewvnode_drop_reserve();
1162 zfs_exit(zfsvfs, FTAG);
1163 return (error);
1164 }
1165 zfs_mknode(dzp, vap, tx, cr, 0, &zp, &acl_ids);
1166
1167 error = zfs_link_create(dzp, name, zp, tx, ZNEW);
1168 if (error != 0) {
1169 /*
1170 * Since, we failed to add the directory entry for it,
1171 * delete the newly created dnode.
1172 */
1173 zfs_znode_delete(zp, tx);
1174 VOP_UNLOCK(ZTOV(zp));
1175 zrele(zp);
1176 zfs_acl_ids_free(&acl_ids);
1177 dmu_tx_commit(tx);
1178 getnewvnode_drop_reserve();
1179 goto out;
1180 }
1181
1182 if (fuid_dirtied)
1183 zfs_fuid_sync(zfsvfs, tx);
1184
1185 txtype = zfs_log_create_txtype(Z_FILE, vsecp, vap);
1186 zfs_log_create(zilog, tx, txtype, dzp, zp, name,
1187 vsecp, acl_ids.z_fuidp, vap);
1188 zfs_acl_ids_free(&acl_ids);
1189 dmu_tx_commit(tx);
1190
1191 getnewvnode_drop_reserve();
1192
1193 out:
1194 VNCHECKREF(dvp);
1195 if (error == 0) {
1196 *zpp = zp;
1197 }
1198
1199 if (error == 0 && zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
1200 error = zil_commit(zilog, 0);
1201
1202 zfs_exit(zfsvfs, FTAG);
1203 return (error);
1204 }
1205
1206 /*
1207 * Remove an entry from a directory.
1208 *
1209 * IN: dvp - vnode of directory to remove entry from.
1210 * name - name of entry to remove.
1211 * cr - credentials of caller.
1212 * ct - caller context
1213 * flags - case flags
1214 *
1215 * RETURN: 0 on success, error code on failure.
1216 *
1217 * Timestamps:
1218 * dvp - ctime|mtime
1219 * vp - ctime (if nlink > 0)
1220 */
1221 static int
zfs_remove_(vnode_t * dvp,vnode_t * vp,const char * name,cred_t * cr)1222 zfs_remove_(vnode_t *dvp, vnode_t *vp, const char *name, cred_t *cr)
1223 {
1224 znode_t *dzp = VTOZ(dvp);
1225 znode_t *zp;
1226 znode_t *xzp;
1227 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
1228 zilog_t *zilog;
1229 uint64_t xattr_obj;
1230 uint64_t obj = 0;
1231 dmu_tx_t *tx;
1232 boolean_t unlinked;
1233 uint64_t txtype;
1234 int error;
1235
1236
1237 if ((error = zfs_enter_verify_zp(zfsvfs, dzp, FTAG)) != 0)
1238 return (error);
1239 zp = VTOZ(vp);
1240 if ((error = zfs_verify_zp(zp)) != 0) {
1241 zfs_exit(zfsvfs, FTAG);
1242 return (error);
1243 }
1244 zilog = zfsvfs->z_log;
1245
1246 xattr_obj = 0;
1247 xzp = NULL;
1248
1249 if ((error = zfs_zaccess_delete(dzp, zp, cr, NULL))) {
1250 goto out;
1251 }
1252
1253 /*
1254 * Need to use rmdir for removing directories.
1255 */
1256 if (vp->v_type == VDIR) {
1257 error = SET_ERROR(EPERM);
1258 goto out;
1259 }
1260
1261 vnevent_remove(vp, dvp, name, ct);
1262
1263 obj = zp->z_id;
1264
1265 /* are there any extended attributes? */
1266 error = sa_lookup(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs),
1267 &xattr_obj, sizeof (xattr_obj));
1268 if (error == 0 && xattr_obj) {
1269 error = zfs_zget(zfsvfs, xattr_obj, &xzp);
1270 ASSERT0(error);
1271 }
1272
1273 /*
1274 * We may delete the znode now, or we may put it in the unlinked set;
1275 * it depends on whether we're the last link, and on whether there are
1276 * other holds on the vnode. So we dmu_tx_hold() the right things to
1277 * allow for either case.
1278 */
1279 tx = dmu_tx_create(zfsvfs->z_os);
1280 dmu_tx_hold_zap(tx, dzp->z_id, FALSE, name);
1281 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
1282 zfs_sa_upgrade_txholds(tx, zp);
1283 zfs_sa_upgrade_txholds(tx, dzp);
1284
1285 if (xzp) {
1286 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
1287 dmu_tx_hold_sa(tx, xzp->z_sa_hdl, B_FALSE);
1288 }
1289
1290 /* charge as an update -- would be nice not to charge at all */
1291 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
1292
1293 /*
1294 * Mark this transaction as typically resulting in a net free of space
1295 */
1296 dmu_tx_mark_netfree(tx);
1297
1298 error = dmu_tx_assign(tx, DMU_TX_WAIT);
1299 if (error) {
1300 dmu_tx_abort(tx);
1301 zfs_exit(zfsvfs, FTAG);
1302 return (error);
1303 }
1304
1305 /*
1306 * Remove the directory entry.
1307 */
1308 error = zfs_link_destroy(dzp, name, zp, tx, ZEXISTS, &unlinked);
1309
1310 if (error) {
1311 dmu_tx_commit(tx);
1312 goto out;
1313 }
1314
1315 if (unlinked) {
1316 zfs_unlinked_add(zp, tx);
1317 vp->v_vflag |= VV_NOSYNC;
1318 }
1319 /* XXX check changes to linux vnops */
1320 txtype = TX_REMOVE;
1321 zfs_log_remove(zilog, tx, txtype, dzp, name, obj, unlinked);
1322
1323 dmu_tx_commit(tx);
1324 out:
1325
1326 if (xzp)
1327 vrele(ZTOV(xzp));
1328
1329 if (error == 0 && zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
1330 error = zil_commit(zilog, 0);
1331
1332 zfs_exit(zfsvfs, FTAG);
1333 return (error);
1334 }
1335
1336
1337 static int
zfs_lookup_internal(znode_t * dzp,const char * name,vnode_t ** vpp,struct componentname * cnp,int nameiop)1338 zfs_lookup_internal(znode_t *dzp, const char *name, vnode_t **vpp,
1339 struct componentname *cnp, int nameiop)
1340 {
1341 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
1342 int error;
1343
1344 cnp->cn_nameptr = __DECONST(char *, name);
1345 cnp->cn_namelen = strlen(name);
1346 cnp->cn_nameiop = nameiop;
1347 cnp->cn_flags = ISLASTCN;
1348 #if __FreeBSD_version < 1400068
1349 cnp->cn_flags |= SAVENAME;
1350 #endif
1351 cnp->cn_lkflags = LK_EXCLUSIVE | LK_RETRY;
1352 cnp->cn_cred = kcred;
1353 #if __FreeBSD_version < 1400037
1354 cnp->cn_thread = curthread;
1355 #endif
1356
1357 if (zfsvfs->z_use_namecache && !zfsvfs->z_replay) {
1358 struct vop_lookup_args a;
1359
1360 a.a_gen.a_desc = &vop_lookup_desc;
1361 a.a_dvp = ZTOV(dzp);
1362 a.a_vpp = vpp;
1363 a.a_cnp = cnp;
1364 error = vfs_cache_lookup(&a);
1365 } else {
1366 error = zfs_lookup(ZTOV(dzp), name, vpp, cnp, nameiop, kcred, 0,
1367 B_FALSE);
1368 }
1369 #ifdef ZFS_DEBUG
1370 if (error) {
1371 printf("got error %d on name %s on op %d\n", error, name,
1372 nameiop);
1373 kdb_backtrace();
1374 }
1375 #endif
1376 return (error);
1377 }
1378
1379 int
zfs_remove(znode_t * dzp,const char * name,cred_t * cr,int flags)1380 zfs_remove(znode_t *dzp, const char *name, cred_t *cr, int flags)
1381 {
1382 vnode_t *vp;
1383 int error;
1384 struct componentname cn;
1385
1386 if ((error = zfs_lookup_internal(dzp, name, &vp, &cn, DELETE)))
1387 return (error);
1388
1389 error = zfs_remove_(ZTOV(dzp), vp, name, cr);
1390 vput(vp);
1391 return (error);
1392 }
1393 /*
1394 * Create a new directory and insert it into dvp using the name
1395 * provided. Return a pointer to the inserted directory.
1396 *
1397 * IN: dvp - vnode of directory to add subdir to.
1398 * dirname - name of new directory.
1399 * vap - attributes of new directory.
1400 * cr - credentials of caller.
1401 * ct - caller context
1402 * flags - case flags
1403 * vsecp - ACL to be set
1404 * mnt_ns - Unused on FreeBSD
1405 *
1406 * OUT: vpp - vnode of created directory.
1407 *
1408 * RETURN: 0 on success, error code on failure.
1409 *
1410 * Timestamps:
1411 * dvp - ctime|mtime updated
1412 * vp - ctime|mtime|atime updated
1413 */
1414 int
zfs_mkdir(znode_t * dzp,const char * dirname,vattr_t * vap,znode_t ** zpp,cred_t * cr,int flags,vsecattr_t * vsecp,zidmap_t * mnt_ns)1415 zfs_mkdir(znode_t *dzp, const char *dirname, vattr_t *vap, znode_t **zpp,
1416 cred_t *cr, int flags, vsecattr_t *vsecp, zidmap_t *mnt_ns)
1417 {
1418 (void) flags, (void) vsecp;
1419 znode_t *zp;
1420 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
1421 zilog_t *zilog;
1422 uint64_t txtype;
1423 dmu_tx_t *tx;
1424 int error;
1425 uid_t uid = crgetuid(cr);
1426 gid_t gid = crgetgid(cr);
1427 zfs_acl_ids_t acl_ids;
1428 boolean_t fuid_dirtied;
1429
1430 ASSERT3U(vap->va_type, ==, VDIR);
1431
1432 if (is_nametoolong(zfsvfs, dirname))
1433 return (SET_ERROR(ENAMETOOLONG));
1434
1435 /*
1436 * If we have an ephemeral id, ACL, or XVATTR then
1437 * make sure file system is at proper version
1438 */
1439 if (zfsvfs->z_use_fuids == B_FALSE &&
1440 ((vap->va_mask & AT_XVATTR) ||
1441 IS_EPHEMERAL(uid) || IS_EPHEMERAL(gid)))
1442 return (SET_ERROR(EINVAL));
1443
1444 if ((error = zfs_enter_verify_zp(zfsvfs, dzp, FTAG)) != 0)
1445 return (error);
1446 zilog = zfsvfs->z_log;
1447
1448 if (dzp->z_pflags & ZFS_XATTR) {
1449 zfs_exit(zfsvfs, FTAG);
1450 return (SET_ERROR(EINVAL));
1451 }
1452
1453 if (zfsvfs->z_utf8 && u8_validate(dirname,
1454 strlen(dirname), NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
1455 zfs_exit(zfsvfs, FTAG);
1456 return (SET_ERROR(EILSEQ));
1457 }
1458
1459 if (vap->va_mask & AT_XVATTR) {
1460 if ((error = secpolicy_xvattr(ZTOV(dzp), (xvattr_t *)vap,
1461 crgetuid(cr), cr, vap->va_type)) != 0) {
1462 zfs_exit(zfsvfs, FTAG);
1463 return (error);
1464 }
1465 }
1466
1467 if ((error = zfs_acl_ids_create(dzp, 0, vap, cr,
1468 NULL, &acl_ids, NULL)) != 0) {
1469 zfs_exit(zfsvfs, FTAG);
1470 return (error);
1471 }
1472
1473 /*
1474 * First make sure the new directory doesn't exist.
1475 *
1476 * Existence is checked first to make sure we don't return
1477 * EACCES instead of EEXIST which can cause some applications
1478 * to fail.
1479 */
1480 *zpp = NULL;
1481
1482 if ((error = zfs_dirent_lookup(dzp, dirname, &zp, ZNEW))) {
1483 zfs_acl_ids_free(&acl_ids);
1484 zfs_exit(zfsvfs, FTAG);
1485 return (error);
1486 }
1487 ASSERT0P(zp);
1488
1489 if ((error = zfs_zaccess(dzp, ACE_ADD_SUBDIRECTORY, 0, B_FALSE, cr,
1490 mnt_ns))) {
1491 zfs_acl_ids_free(&acl_ids);
1492 zfs_exit(zfsvfs, FTAG);
1493 return (error);
1494 }
1495
1496 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, zfs_inherit_projid(dzp))) {
1497 zfs_acl_ids_free(&acl_ids);
1498 zfs_exit(zfsvfs, FTAG);
1499 return (SET_ERROR(EDQUOT));
1500 }
1501
1502 /*
1503 * Add a new entry to the directory.
1504 */
1505 getnewvnode_reserve();
1506 tx = dmu_tx_create(zfsvfs->z_os);
1507 dmu_tx_hold_zap(tx, dzp->z_id, TRUE, dirname);
1508 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
1509 fuid_dirtied = zfsvfs->z_fuid_dirty;
1510 if (fuid_dirtied)
1511 zfs_fuid_txhold(zfsvfs, tx);
1512 if (!zfsvfs->z_use_sa && acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
1513 dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0,
1514 acl_ids.z_aclp->z_acl_bytes);
1515 }
1516
1517 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
1518 ZFS_SA_BASE_ATTR_SIZE);
1519
1520 error = dmu_tx_assign(tx, DMU_TX_WAIT);
1521 if (error) {
1522 zfs_acl_ids_free(&acl_ids);
1523 dmu_tx_abort(tx);
1524 getnewvnode_drop_reserve();
1525 zfs_exit(zfsvfs, FTAG);
1526 return (error);
1527 }
1528
1529 /*
1530 * Create new node.
1531 */
1532 zfs_mknode(dzp, vap, tx, cr, 0, &zp, &acl_ids);
1533
1534 /*
1535 * Now put new name in parent dir.
1536 */
1537 error = zfs_link_create(dzp, dirname, zp, tx, ZNEW);
1538 if (error != 0) {
1539 zfs_znode_delete(zp, tx);
1540 VOP_UNLOCK(ZTOV(zp));
1541 zrele(zp);
1542 goto out;
1543 }
1544
1545 if (fuid_dirtied)
1546 zfs_fuid_sync(zfsvfs, tx);
1547
1548 *zpp = zp;
1549
1550 txtype = zfs_log_create_txtype(Z_DIR, NULL, vap);
1551 zfs_log_create(zilog, tx, txtype, dzp, zp, dirname, NULL,
1552 acl_ids.z_fuidp, vap);
1553
1554 out:
1555 zfs_acl_ids_free(&acl_ids);
1556
1557 dmu_tx_commit(tx);
1558
1559 getnewvnode_drop_reserve();
1560
1561 if (error == 0 && zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
1562 error = zil_commit(zilog, 0);
1563
1564 zfs_exit(zfsvfs, FTAG);
1565 return (error);
1566 }
1567
1568 /*
1569 * Remove a directory subdir entry. If the current working
1570 * directory is the same as the subdir to be removed, the
1571 * remove will fail.
1572 *
1573 * IN: dvp - vnode of directory to remove from.
1574 * name - name of directory to be removed.
1575 * cwd - vnode of current working directory.
1576 * cr - credentials of caller.
1577 * ct - caller context
1578 * flags - case flags
1579 *
1580 * RETURN: 0 on success, error code on failure.
1581 *
1582 * Timestamps:
1583 * dvp - ctime|mtime updated
1584 */
1585 static int
zfs_rmdir_(vnode_t * dvp,vnode_t * vp,const char * name,cred_t * cr)1586 zfs_rmdir_(vnode_t *dvp, vnode_t *vp, const char *name, cred_t *cr)
1587 {
1588 znode_t *dzp = VTOZ(dvp);
1589 znode_t *zp = VTOZ(vp);
1590 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
1591 zilog_t *zilog;
1592 dmu_tx_t *tx;
1593 int error;
1594
1595 if ((error = zfs_enter_verify_zp(zfsvfs, dzp, FTAG)) != 0)
1596 return (error);
1597 if ((error = zfs_verify_zp(zp)) != 0) {
1598 zfs_exit(zfsvfs, FTAG);
1599 return (error);
1600 }
1601 zilog = zfsvfs->z_log;
1602
1603
1604 if ((error = zfs_zaccess_delete(dzp, zp, cr, NULL))) {
1605 goto out;
1606 }
1607
1608 if (vp->v_type != VDIR) {
1609 error = SET_ERROR(ENOTDIR);
1610 goto out;
1611 }
1612
1613 vnevent_rmdir(vp, dvp, name, ct);
1614
1615 tx = dmu_tx_create(zfsvfs->z_os);
1616 dmu_tx_hold_zap(tx, dzp->z_id, FALSE, name);
1617 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
1618 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
1619 zfs_sa_upgrade_txholds(tx, zp);
1620 zfs_sa_upgrade_txholds(tx, dzp);
1621 dmu_tx_mark_netfree(tx);
1622 error = dmu_tx_assign(tx, DMU_TX_WAIT);
1623 if (error) {
1624 dmu_tx_abort(tx);
1625 zfs_exit(zfsvfs, FTAG);
1626 return (error);
1627 }
1628
1629 error = zfs_link_destroy(dzp, name, zp, tx, ZEXISTS, NULL);
1630
1631 if (error == 0) {
1632 uint64_t txtype = TX_RMDIR;
1633 zfs_log_remove(zilog, tx, txtype, dzp, name,
1634 ZFS_NO_OBJECT, B_FALSE);
1635 }
1636
1637 dmu_tx_commit(tx);
1638
1639 if (zfsvfs->z_use_namecache)
1640 cache_vop_rmdir(dvp, vp);
1641 out:
1642 if (error == 0 && zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
1643 error = zil_commit(zilog, 0);
1644
1645 zfs_exit(zfsvfs, FTAG);
1646 return (error);
1647 }
1648
1649 int
zfs_rmdir(znode_t * dzp,const char * name,znode_t * cwd,cred_t * cr,int flags)1650 zfs_rmdir(znode_t *dzp, const char *name, znode_t *cwd, cred_t *cr, int flags)
1651 {
1652 struct componentname cn;
1653 vnode_t *vp;
1654 int error;
1655
1656 if ((error = zfs_lookup_internal(dzp, name, &vp, &cn, DELETE)))
1657 return (error);
1658
1659 error = zfs_rmdir_(ZTOV(dzp), vp, name, cr);
1660 vput(vp);
1661 return (error);
1662 }
1663
1664 /*
1665 * Read as many directory entries as will fit into the provided
1666 * buffer from the given directory cursor position (specified in
1667 * the uio structure).
1668 *
1669 * IN: vp - vnode of directory to read.
1670 * uio - structure supplying read location, range info,
1671 * and return buffer.
1672 * cr - credentials of caller.
1673 * ct - caller context
1674 *
1675 * OUT: uio - updated offset and range, buffer filled.
1676 * eofp - set to true if end-of-file detected.
1677 * ncookies- number of entries in cookies
1678 * cookies - offsets to directory entries
1679 *
1680 * RETURN: 0 on success, error code on failure.
1681 *
1682 * Timestamps:
1683 * vp - atime updated
1684 *
1685 * Note that the low 4 bits of the cookie returned by zap is always zero.
1686 * This allows us to use the low range for "special" directory entries:
1687 * We use 0 for '.', and 1 for '..'. If this is the root of the filesystem,
1688 * we use the offset 2 for the '.zfs' directory.
1689 */
1690 static int
zfs_readdir(vnode_t * vp,zfs_uio_t * uio,cred_t * cr,int * eofp,int * ncookies,cookie_t ** cookies)1691 zfs_readdir(vnode_t *vp, zfs_uio_t *uio, cred_t *cr, int *eofp,
1692 int *ncookies, cookie_t **cookies)
1693 {
1694 znode_t *zp = VTOZ(vp);
1695 iovec_t *iovp;
1696 dirent64_t *odp;
1697 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
1698 objset_t *os;
1699 caddr_t outbuf;
1700 size_t bufsize;
1701 zap_cursor_t zc;
1702 zap_attribute_t *zap;
1703 uint_t bytes_wanted;
1704 uint64_t offset; /* must be unsigned; checks for < 1 */
1705 uint64_t parent;
1706 int local_eof;
1707 int outcount;
1708 int error;
1709 uint8_t prefetch;
1710 uint8_t type;
1711 int ncooks;
1712 cookie_t *cooks = NULL;
1713
1714 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
1715 return (error);
1716
1717 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_PARENT(zfsvfs),
1718 &parent, sizeof (parent))) != 0) {
1719 zfs_exit(zfsvfs, FTAG);
1720 return (error);
1721 }
1722
1723 /*
1724 * If we are not given an eof variable,
1725 * use a local one.
1726 */
1727 if (eofp == NULL)
1728 eofp = &local_eof;
1729
1730 /*
1731 * Check for valid iov_len.
1732 */
1733 if (GET_UIO_STRUCT(uio)->uio_iov->iov_len <= 0) {
1734 zfs_exit(zfsvfs, FTAG);
1735 return (SET_ERROR(EINVAL));
1736 }
1737
1738 /*
1739 * Quit if directory has been removed (posix)
1740 */
1741 if ((*eofp = (zp->z_unlinked != 0)) != 0) {
1742 zfs_exit(zfsvfs, FTAG);
1743 return (0);
1744 }
1745
1746 error = 0;
1747 os = zfsvfs->z_os;
1748 offset = zfs_uio_offset(uio);
1749 prefetch = zp->z_zn_prefetch;
1750 zap = zap_attribute_long_alloc();
1751
1752 /*
1753 * Initialize the iterator cursor.
1754 */
1755 if (offset <= 3) {
1756 /*
1757 * Start iteration from the beginning of the directory.
1758 */
1759 zap_cursor_init(&zc, os, zp->z_id);
1760 } else {
1761 /*
1762 * The offset is a serialized cursor.
1763 */
1764 zap_cursor_init_serialized(&zc, os, zp->z_id, offset);
1765 }
1766
1767 /*
1768 * Get space to change directory entries into fs independent format.
1769 */
1770 iovp = GET_UIO_STRUCT(uio)->uio_iov;
1771 bytes_wanted = iovp->iov_len;
1772 if (zfs_uio_segflg(uio) != UIO_SYSSPACE || zfs_uio_iovcnt(uio) != 1) {
1773 bufsize = bytes_wanted;
1774 outbuf = kmem_alloc(bufsize, KM_SLEEP);
1775 odp = (struct dirent64 *)outbuf;
1776 } else {
1777 bufsize = bytes_wanted;
1778 outbuf = NULL;
1779 odp = (struct dirent64 *)iovp->iov_base;
1780 }
1781
1782 if (ncookies != NULL) {
1783 /*
1784 * Minimum entry size is dirent size and 1 byte for a file name.
1785 */
1786 ncooks = zfs_uio_resid(uio) / (sizeof (struct dirent) -
1787 sizeof (((struct dirent *)NULL)->d_name) + 1);
1788 cooks = malloc(ncooks * sizeof (*cooks), M_TEMP, M_WAITOK);
1789 *cookies = cooks;
1790 *ncookies = ncooks;
1791 }
1792
1793 /*
1794 * Transform to file-system independent format
1795 */
1796 outcount = 0;
1797 while (outcount < bytes_wanted) {
1798 ino64_t objnum;
1799 ushort_t reclen;
1800 off64_t *next = NULL;
1801
1802 /*
1803 * Special case `.', `..', and `.zfs'.
1804 */
1805 if (offset == 0) {
1806 (void) strcpy(zap->za_name, ".");
1807 zap->za_normalization_conflict = 0;
1808 objnum = zp->z_id;
1809 type = DT_DIR;
1810 } else if (offset == 1) {
1811 (void) strcpy(zap->za_name, "..");
1812 zap->za_normalization_conflict = 0;
1813 objnum = parent;
1814 type = DT_DIR;
1815 } else if (offset == 2 && zfs_show_ctldir(zp)) {
1816 (void) strcpy(zap->za_name, ZFS_CTLDIR_NAME);
1817 zap->za_normalization_conflict = 0;
1818 objnum = ZFSCTL_INO_ROOT;
1819 type = DT_DIR;
1820 } else {
1821 /*
1822 * Grab next entry.
1823 */
1824 if ((error = zap_cursor_retrieve(&zc, zap))) {
1825 if ((*eofp = (error == ENOENT)) != 0)
1826 break;
1827 else
1828 goto update;
1829 }
1830
1831 if (zap->za_integer_length != 8 ||
1832 zap->za_num_integers != 1) {
1833 cmn_err(CE_WARN, "zap_readdir: bad directory "
1834 "entry, obj = %lld, offset = %lld\n",
1835 (u_longlong_t)zp->z_id,
1836 (u_longlong_t)offset);
1837 error = SET_ERROR(ENXIO);
1838 goto update;
1839 }
1840
1841 objnum = ZFS_DIRENT_OBJ(zap->za_first_integer);
1842 /*
1843 * MacOS X can extract the object type here such as:
1844 * uint8_t type = ZFS_DIRENT_TYPE(zap.za_first_integer);
1845 */
1846 type = ZFS_DIRENT_TYPE(zap->za_first_integer);
1847 }
1848
1849 reclen = DIRENT64_RECLEN(strlen(zap->za_name));
1850
1851 /*
1852 * Will this entry fit in the buffer?
1853 */
1854 if (outcount + reclen > bufsize) {
1855 /*
1856 * Did we manage to fit anything in the buffer?
1857 */
1858 if (!outcount) {
1859 error = SET_ERROR(EINVAL);
1860 goto update;
1861 }
1862 break;
1863 }
1864 /*
1865 * Add normal entry:
1866 */
1867 odp->d_ino = objnum;
1868 odp->d_reclen = reclen;
1869 odp->d_namlen = strlen(zap->za_name);
1870 /* NOTE: d_off is the offset for the *next* entry. */
1871 next = &odp->d_off;
1872 strlcpy(odp->d_name, zap->za_name, odp->d_namlen + 1);
1873 odp->d_type = type;
1874 dirent_terminate(odp);
1875 odp = (dirent64_t *)((intptr_t)odp + reclen);
1876
1877 outcount += reclen;
1878
1879 ASSERT3S(outcount, <=, bufsize);
1880
1881 if (prefetch)
1882 dmu_prefetch_dnode(os, objnum, ZIO_PRIORITY_SYNC_READ);
1883
1884 /*
1885 * Move to the next entry, fill in the previous offset.
1886 */
1887 if (offset > 2 || (offset == 2 && !zfs_show_ctldir(zp))) {
1888 zap_cursor_advance(&zc);
1889 offset = zap_cursor_serialize(&zc);
1890 } else {
1891 offset += 1;
1892 }
1893
1894 /* Fill the offset right after advancing the cursor. */
1895 if (next != NULL)
1896 *next = offset;
1897 if (cooks != NULL) {
1898 *cooks++ = offset;
1899 ncooks--;
1900 KASSERT(ncooks >= 0, ("ncookies=%d", ncooks));
1901 }
1902 }
1903 zp->z_zn_prefetch = B_FALSE; /* a lookup will re-enable pre-fetching */
1904
1905 /* Subtract unused cookies */
1906 if (ncookies != NULL)
1907 *ncookies -= ncooks;
1908
1909 if (zfs_uio_segflg(uio) == UIO_SYSSPACE && zfs_uio_iovcnt(uio) == 1) {
1910 iovp->iov_base += outcount;
1911 iovp->iov_len -= outcount;
1912 zfs_uio_resid(uio) -= outcount;
1913 } else if ((error =
1914 zfs_uiomove(outbuf, (long)outcount, UIO_READ, uio))) {
1915 /*
1916 * Reset the pointer.
1917 */
1918 offset = zfs_uio_offset(uio);
1919 }
1920
1921 update:
1922 zap_cursor_fini(&zc);
1923 zap_attribute_free(zap);
1924 if (zfs_uio_segflg(uio) != UIO_SYSSPACE || zfs_uio_iovcnt(uio) != 1)
1925 kmem_free(outbuf, bufsize);
1926
1927 if (error == ENOENT)
1928 error = 0;
1929
1930 ZFS_ACCESSTIME_STAMP(zfsvfs, zp);
1931
1932 zfs_uio_setoffset(uio, offset);
1933 zfs_exit(zfsvfs, FTAG);
1934 if (error != 0 && cookies != NULL) {
1935 free(*cookies, M_TEMP);
1936 *cookies = NULL;
1937 *ncookies = 0;
1938 }
1939 return (error);
1940 }
1941
1942 /*
1943 * Get the requested file attributes and place them in the provided
1944 * vattr structure.
1945 *
1946 * IN: vp - vnode of file.
1947 * vap - va_mask identifies requested attributes.
1948 * If AT_XVATTR set, then optional attrs are requested
1949 * flags - ATTR_NOACLCHECK (CIFS server context)
1950 * cr - credentials of caller.
1951 *
1952 * OUT: vap - attribute values.
1953 *
1954 * RETURN: 0 (always succeeds).
1955 */
1956 static int
zfs_getattr(vnode_t * vp,vattr_t * vap,int flags,cred_t * cr)1957 zfs_getattr(vnode_t *vp, vattr_t *vap, int flags, cred_t *cr)
1958 {
1959 znode_t *zp = VTOZ(vp);
1960 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
1961 int error = 0;
1962 uint32_t blksize;
1963 u_longlong_t nblocks;
1964 uint64_t mtime[2], ctime[2], crtime[2], rdev;
1965 xvattr_t *xvap = (xvattr_t *)vap; /* vap may be an xvattr_t * */
1966 xoptattr_t *xoap = NULL;
1967 boolean_t skipaclchk = (flags & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE;
1968 sa_bulk_attr_t bulk[4];
1969 int count = 0;
1970
1971 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
1972 return (error);
1973
1974 zfs_fuid_map_ids(zp, cr, &vap->va_uid, &vap->va_gid);
1975
1976 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16);
1977 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16);
1978 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CRTIME(zfsvfs), NULL, &crtime, 16);
1979 if (vp->v_type == VBLK || vp->v_type == VCHR)
1980 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_RDEV(zfsvfs), NULL,
1981 &rdev, 8);
1982
1983 if ((error = sa_bulk_lookup(zp->z_sa_hdl, bulk, count)) != 0) {
1984 zfs_exit(zfsvfs, FTAG);
1985 return (error);
1986 }
1987
1988 /*
1989 * If ACL is trivial don't bother looking for ACE_READ_ATTRIBUTES.
1990 * Also, if we are the owner don't bother, since owner should
1991 * always be allowed to read basic attributes of file.
1992 */
1993 if (!(zp->z_pflags & ZFS_ACL_TRIVIAL) &&
1994 (vap->va_uid != crgetuid(cr))) {
1995 if ((error = zfs_zaccess(zp, ACE_READ_ATTRIBUTES, 0,
1996 skipaclchk, cr, NULL))) {
1997 zfs_exit(zfsvfs, FTAG);
1998 return (error);
1999 }
2000 }
2001
2002 /*
2003 * Return all attributes. It's cheaper to provide the answer
2004 * than to determine whether we were asked the question.
2005 */
2006
2007 vap->va_type = IFTOVT(zp->z_mode);
2008 vap->va_mode = zp->z_mode & ~S_IFMT;
2009 vn_fsid(vp, vap);
2010 vap->va_nodeid = zp->z_id;
2011 vap->va_nlink = zp->z_links;
2012 if ((vp->v_flag & VROOT) && zfs_show_ctldir(zp) &&
2013 zp->z_links < ZFS_LINK_MAX)
2014 vap->va_nlink++;
2015 vap->va_size = zp->z_size;
2016 if (vp->v_type == VBLK || vp->v_type == VCHR)
2017 vap->va_rdev = zfs_cmpldev(rdev);
2018 else
2019 vap->va_rdev = NODEV;
2020 vap->va_gen = zp->z_gen;
2021 vap->va_flags = 0; /* FreeBSD: Reset chflags(2) flags. */
2022 vap->va_filerev = zp->z_seq;
2023
2024 /*
2025 * Add in any requested optional attributes and the create time.
2026 * Also set the corresponding bits in the returned attribute bitmap.
2027 */
2028 if ((xoap = xva_getxoptattr(xvap)) != NULL && zfsvfs->z_use_fuids) {
2029 if (XVA_ISSET_REQ(xvap, XAT_ARCHIVE)) {
2030 xoap->xoa_archive =
2031 ((zp->z_pflags & ZFS_ARCHIVE) != 0);
2032 XVA_SET_RTN(xvap, XAT_ARCHIVE);
2033 }
2034
2035 if (XVA_ISSET_REQ(xvap, XAT_READONLY)) {
2036 xoap->xoa_readonly =
2037 ((zp->z_pflags & ZFS_READONLY) != 0);
2038 XVA_SET_RTN(xvap, XAT_READONLY);
2039 }
2040
2041 if (XVA_ISSET_REQ(xvap, XAT_SYSTEM)) {
2042 xoap->xoa_system =
2043 ((zp->z_pflags & ZFS_SYSTEM) != 0);
2044 XVA_SET_RTN(xvap, XAT_SYSTEM);
2045 }
2046
2047 if (XVA_ISSET_REQ(xvap, XAT_HIDDEN)) {
2048 xoap->xoa_hidden =
2049 ((zp->z_pflags & ZFS_HIDDEN) != 0);
2050 XVA_SET_RTN(xvap, XAT_HIDDEN);
2051 }
2052
2053 if (XVA_ISSET_REQ(xvap, XAT_NOUNLINK)) {
2054 xoap->xoa_nounlink =
2055 ((zp->z_pflags & ZFS_NOUNLINK) != 0);
2056 XVA_SET_RTN(xvap, XAT_NOUNLINK);
2057 }
2058
2059 if (XVA_ISSET_REQ(xvap, XAT_IMMUTABLE)) {
2060 xoap->xoa_immutable =
2061 ((zp->z_pflags & ZFS_IMMUTABLE) != 0);
2062 XVA_SET_RTN(xvap, XAT_IMMUTABLE);
2063 }
2064
2065 if (XVA_ISSET_REQ(xvap, XAT_APPENDONLY)) {
2066 xoap->xoa_appendonly =
2067 ((zp->z_pflags & ZFS_APPENDONLY) != 0);
2068 XVA_SET_RTN(xvap, XAT_APPENDONLY);
2069 }
2070
2071 if (XVA_ISSET_REQ(xvap, XAT_NODUMP)) {
2072 xoap->xoa_nodump =
2073 ((zp->z_pflags & ZFS_NODUMP) != 0);
2074 XVA_SET_RTN(xvap, XAT_NODUMP);
2075 }
2076
2077 if (XVA_ISSET_REQ(xvap, XAT_OPAQUE)) {
2078 xoap->xoa_opaque =
2079 ((zp->z_pflags & ZFS_OPAQUE) != 0);
2080 XVA_SET_RTN(xvap, XAT_OPAQUE);
2081 }
2082
2083 if (XVA_ISSET_REQ(xvap, XAT_AV_QUARANTINED)) {
2084 xoap->xoa_av_quarantined =
2085 ((zp->z_pflags & ZFS_AV_QUARANTINED) != 0);
2086 XVA_SET_RTN(xvap, XAT_AV_QUARANTINED);
2087 }
2088
2089 if (XVA_ISSET_REQ(xvap, XAT_AV_MODIFIED)) {
2090 xoap->xoa_av_modified =
2091 ((zp->z_pflags & ZFS_AV_MODIFIED) != 0);
2092 XVA_SET_RTN(xvap, XAT_AV_MODIFIED);
2093 }
2094
2095 if (XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP) &&
2096 vp->v_type == VREG) {
2097 zfs_sa_get_scanstamp(zp, xvap);
2098 }
2099
2100 if (XVA_ISSET_REQ(xvap, XAT_REPARSE)) {
2101 xoap->xoa_reparse = ((zp->z_pflags & ZFS_REPARSE) != 0);
2102 XVA_SET_RTN(xvap, XAT_REPARSE);
2103 }
2104 if (XVA_ISSET_REQ(xvap, XAT_GEN)) {
2105 xoap->xoa_generation = zp->z_gen;
2106 XVA_SET_RTN(xvap, XAT_GEN);
2107 }
2108
2109 if (XVA_ISSET_REQ(xvap, XAT_OFFLINE)) {
2110 xoap->xoa_offline =
2111 ((zp->z_pflags & ZFS_OFFLINE) != 0);
2112 XVA_SET_RTN(xvap, XAT_OFFLINE);
2113 }
2114
2115 if (XVA_ISSET_REQ(xvap, XAT_SPARSE)) {
2116 xoap->xoa_sparse =
2117 ((zp->z_pflags & ZFS_SPARSE) != 0);
2118 XVA_SET_RTN(xvap, XAT_SPARSE);
2119 }
2120
2121 if (XVA_ISSET_REQ(xvap, XAT_PROJINHERIT)) {
2122 xoap->xoa_projinherit =
2123 ((zp->z_pflags & ZFS_PROJINHERIT) != 0);
2124 XVA_SET_RTN(xvap, XAT_PROJINHERIT);
2125 }
2126
2127 if (XVA_ISSET_REQ(xvap, XAT_PROJID)) {
2128 xoap->xoa_projid = zp->z_projid;
2129 XVA_SET_RTN(xvap, XAT_PROJID);
2130 }
2131 }
2132
2133 ZFS_TIME_DECODE(&vap->va_atime, zp->z_atime);
2134 ZFS_TIME_DECODE(&vap->va_mtime, mtime);
2135 ZFS_TIME_DECODE(&vap->va_ctime, ctime);
2136 ZFS_TIME_DECODE(&vap->va_birthtime, crtime);
2137
2138
2139 sa_object_size(zp->z_sa_hdl, &blksize, &nblocks);
2140 vap->va_blksize = blksize;
2141 vap->va_bytes = nblocks << 9; /* nblocks * 512 */
2142
2143 if (zp->z_blksz == 0) {
2144 /*
2145 * Block size hasn't been set; suggest maximal I/O transfers.
2146 */
2147 vap->va_blksize = zfsvfs->z_max_blksz;
2148 }
2149
2150 zfs_exit(zfsvfs, FTAG);
2151 return (0);
2152 }
2153
2154 /*
2155 * For the operation of changing file's user/group/project, we need to
2156 * handle not only the main object that is assigned to the file directly,
2157 * but also the ones that are used by the file via hidden xattr directory.
2158 *
2159 * Because the xattr directory may contains many EA entries, as to it may
2160 * be impossible to change all of them via the transaction of changing the
2161 * main object's user/group/project attributes. Then we have to change them
2162 * via other multiple independent transactions one by one. It may be not good
2163 * solution, but we have no better idea yet.
2164 */
2165 static int
zfs_setattr_dir(znode_t * dzp)2166 zfs_setattr_dir(znode_t *dzp)
2167 {
2168 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
2169 objset_t *os = zfsvfs->z_os;
2170 zap_cursor_t zc;
2171 zap_attribute_t *zap;
2172 znode_t *zp = NULL;
2173 dmu_tx_t *tx = NULL;
2174 uint64_t uid, gid;
2175 sa_bulk_attr_t bulk[4];
2176 int count;
2177 int err;
2178
2179 zap = zap_attribute_alloc();
2180 zap_cursor_init(&zc, os, dzp->z_id);
2181 while ((err = zap_cursor_retrieve(&zc, zap)) == 0) {
2182 count = 0;
2183 if (zap->za_integer_length != 8 || zap->za_num_integers != 1) {
2184 err = ENXIO;
2185 break;
2186 }
2187
2188 err = zfs_dirent_lookup(dzp, zap->za_name, &zp, ZEXISTS);
2189 if (err == ENOENT)
2190 goto next;
2191 if (err)
2192 break;
2193
2194 if (zp->z_uid == dzp->z_uid &&
2195 zp->z_gid == dzp->z_gid &&
2196 zp->z_projid == dzp->z_projid)
2197 goto next;
2198
2199 tx = dmu_tx_create(os);
2200 if (!(zp->z_pflags & ZFS_PROJID))
2201 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
2202 else
2203 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
2204
2205 err = dmu_tx_assign(tx, DMU_TX_WAIT);
2206 if (err)
2207 break;
2208
2209 vn_seqc_write_begin(ZTOV(zp));
2210 mutex_enter(&dzp->z_lock);
2211
2212 if (zp->z_uid != dzp->z_uid) {
2213 uid = dzp->z_uid;
2214 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zfsvfs), NULL,
2215 &uid, sizeof (uid));
2216 zp->z_uid = uid;
2217 }
2218
2219 if (zp->z_gid != dzp->z_gid) {
2220 gid = dzp->z_gid;
2221 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zfsvfs), NULL,
2222 &gid, sizeof (gid));
2223 zp->z_gid = gid;
2224 }
2225
2226 uint64_t projid = dzp->z_projid;
2227 if (zp->z_projid != projid) {
2228 if (!(zp->z_pflags & ZFS_PROJID)) {
2229 err = sa_add_projid(zp->z_sa_hdl, tx, projid);
2230 if (unlikely(err == EEXIST)) {
2231 err = 0;
2232 } else if (err != 0) {
2233 goto sa_add_projid_err;
2234 } else {
2235 projid = ZFS_INVALID_PROJID;
2236 }
2237 }
2238
2239 if (projid != ZFS_INVALID_PROJID) {
2240 zp->z_projid = projid;
2241 SA_ADD_BULK_ATTR(bulk, count,
2242 SA_ZPL_PROJID(zfsvfs), NULL, &zp->z_projid,
2243 sizeof (zp->z_projid));
2244 }
2245 }
2246
2247 sa_add_projid_err:
2248 mutex_exit(&dzp->z_lock);
2249
2250 if (likely(count > 0)) {
2251 err = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
2252 dmu_tx_commit(tx);
2253 } else if (projid == ZFS_INVALID_PROJID) {
2254 dmu_tx_commit(tx);
2255 } else {
2256 dmu_tx_abort(tx);
2257 }
2258 tx = NULL;
2259 vn_seqc_write_end(ZTOV(zp));
2260 if (err != 0 && err != ENOENT)
2261 break;
2262
2263 next:
2264 if (zp) {
2265 zrele(zp);
2266 zp = NULL;
2267 }
2268 zap_cursor_advance(&zc);
2269 }
2270
2271 if (tx)
2272 dmu_tx_abort(tx);
2273 if (zp) {
2274 zrele(zp);
2275 }
2276 zap_cursor_fini(&zc);
2277 zap_attribute_free(zap);
2278
2279 return (err == ENOENT ? 0 : err);
2280 }
2281
2282 /*
2283 * Set the file attributes to the values contained in the
2284 * vattr structure.
2285 *
2286 * IN: zp - znode of file to be modified.
2287 * vap - new attribute values.
2288 * If AT_XVATTR set, then optional attrs are being set
2289 * flags - ATTR_UTIME set if non-default time values provided.
2290 * - ATTR_NOACLCHECK (CIFS context only).
2291 * cr - credentials of caller.
2292 * mnt_ns - Unused on FreeBSD
2293 *
2294 * RETURN: 0 on success, error code on failure.
2295 *
2296 * Timestamps:
2297 * vp - ctime updated, mtime updated if size changed.
2298 */
2299 int
zfs_setattr(znode_t * zp,vattr_t * vap,int flags,cred_t * cr,zidmap_t * mnt_ns)2300 zfs_setattr(znode_t *zp, vattr_t *vap, int flags, cred_t *cr, zidmap_t *mnt_ns)
2301 {
2302 vnode_t *vp = ZTOV(zp);
2303 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
2304 objset_t *os;
2305 zilog_t *zilog;
2306 dmu_tx_t *tx;
2307 vattr_t oldva;
2308 xvattr_t tmpxvattr;
2309 uint_t mask = vap->va_mask;
2310 uint_t saved_mask = 0;
2311 uint64_t saved_mode;
2312 int trim_mask = 0;
2313 uint64_t new_mode;
2314 uint64_t new_uid, new_gid;
2315 uint64_t xattr_obj;
2316 uint64_t mtime[2], ctime[2];
2317 uint64_t projid = ZFS_INVALID_PROJID;
2318 znode_t *attrzp;
2319 int need_policy = FALSE;
2320 int err, err2;
2321 zfs_fuid_info_t *fuidp = NULL;
2322 xvattr_t *xvap = (xvattr_t *)vap; /* vap may be an xvattr_t * */
2323 xoptattr_t *xoap;
2324 zfs_acl_t *aclp;
2325 boolean_t skipaclchk = (flags & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE;
2326 boolean_t fuid_dirtied = B_FALSE;
2327 boolean_t handle_eadir = B_FALSE;
2328 sa_bulk_attr_t bulk[7], xattr_bulk[7];
2329 int count = 0, xattr_count = 0;
2330
2331 if (mask == 0)
2332 return (0);
2333
2334 if (mask & AT_NOSET)
2335 return (SET_ERROR(EINVAL));
2336
2337 if ((err = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
2338 return (err);
2339
2340 os = zfsvfs->z_os;
2341 zilog = zfsvfs->z_log;
2342
2343 /*
2344 * Make sure that if we have ephemeral uid/gid or xvattr specified
2345 * that file system is at proper version level
2346 */
2347
2348 if (zfsvfs->z_use_fuids == B_FALSE &&
2349 (((mask & AT_UID) && IS_EPHEMERAL(vap->va_uid)) ||
2350 ((mask & AT_GID) && IS_EPHEMERAL(vap->va_gid)) ||
2351 (mask & AT_XVATTR))) {
2352 zfs_exit(zfsvfs, FTAG);
2353 return (SET_ERROR(EINVAL));
2354 }
2355
2356 if (mask & AT_SIZE && vp->v_type == VDIR) {
2357 zfs_exit(zfsvfs, FTAG);
2358 return (SET_ERROR(EISDIR));
2359 }
2360
2361 if (mask & AT_SIZE && vp->v_type != VREG && vp->v_type != VFIFO) {
2362 zfs_exit(zfsvfs, FTAG);
2363 return (SET_ERROR(EINVAL));
2364 }
2365
2366 /*
2367 * If this is an xvattr_t, then get a pointer to the structure of
2368 * optional attributes. If this is NULL, then we have a vattr_t.
2369 */
2370 xoap = xva_getxoptattr(xvap);
2371
2372 xva_init(&tmpxvattr);
2373
2374 /*
2375 * Immutable files can only alter immutable bit and atime
2376 */
2377 if ((zp->z_pflags & ZFS_IMMUTABLE) &&
2378 ((mask & (AT_SIZE|AT_UID|AT_GID|AT_MTIME|AT_MODE)) ||
2379 ((mask & AT_XVATTR) && XVA_ISSET_REQ(xvap, XAT_CREATETIME)))) {
2380 zfs_exit(zfsvfs, FTAG);
2381 return (SET_ERROR(EPERM));
2382 }
2383
2384 /*
2385 * Note: ZFS_READONLY is handled in zfs_zaccess_common.
2386 */
2387
2388 /*
2389 * Verify timestamps doesn't overflow 32 bits.
2390 * ZFS can handle large timestamps, but 32bit syscalls can't
2391 * handle times greater than 2039. This check should be removed
2392 * once large timestamps are fully supported.
2393 */
2394 if (mask & (AT_ATIME | AT_MTIME)) {
2395 if (((mask & AT_ATIME) && TIMESPEC_OVERFLOW(&vap->va_atime)) ||
2396 ((mask & AT_MTIME) && TIMESPEC_OVERFLOW(&vap->va_mtime))) {
2397 zfs_exit(zfsvfs, FTAG);
2398 return (SET_ERROR(EOVERFLOW));
2399 }
2400 }
2401 if (xoap != NULL && (mask & AT_XVATTR)) {
2402 if (XVA_ISSET_REQ(xvap, XAT_CREATETIME) &&
2403 TIMESPEC_OVERFLOW(&vap->va_birthtime)) {
2404 zfs_exit(zfsvfs, FTAG);
2405 return (SET_ERROR(EOVERFLOW));
2406 }
2407
2408 if (XVA_ISSET_REQ(xvap, XAT_PROJID)) {
2409 if (!dmu_objset_projectquota_enabled(os) ||
2410 (!S_ISREG(zp->z_mode) && !S_ISDIR(zp->z_mode))) {
2411 zfs_exit(zfsvfs, FTAG);
2412 return (SET_ERROR(EOPNOTSUPP));
2413 }
2414
2415 projid = xoap->xoa_projid;
2416 if (unlikely(projid == ZFS_INVALID_PROJID)) {
2417 zfs_exit(zfsvfs, FTAG);
2418 return (SET_ERROR(EINVAL));
2419 }
2420
2421 if (projid == zp->z_projid && zp->z_pflags & ZFS_PROJID)
2422 projid = ZFS_INVALID_PROJID;
2423 else
2424 need_policy = TRUE;
2425 }
2426
2427 if (XVA_ISSET_REQ(xvap, XAT_PROJINHERIT) &&
2428 (xoap->xoa_projinherit !=
2429 ((zp->z_pflags & ZFS_PROJINHERIT) != 0)) &&
2430 (!dmu_objset_projectquota_enabled(os) ||
2431 (!S_ISREG(zp->z_mode) && !S_ISDIR(zp->z_mode)))) {
2432 zfs_exit(zfsvfs, FTAG);
2433 return (SET_ERROR(EOPNOTSUPP));
2434 }
2435 }
2436
2437 attrzp = NULL;
2438 aclp = NULL;
2439
2440 if (zfsvfs->z_vfs->vfs_flag & VFS_RDONLY) {
2441 zfs_exit(zfsvfs, FTAG);
2442 return (SET_ERROR(EROFS));
2443 }
2444
2445 /*
2446 * First validate permissions
2447 */
2448
2449 if (mask & AT_SIZE) {
2450 /*
2451 * XXX - Note, we are not providing any open
2452 * mode flags here (like FNDELAY), so we may
2453 * block if there are locks present... this
2454 * should be addressed in openat().
2455 */
2456 /* XXX - would it be OK to generate a log record here? */
2457 err = zfs_freesp(zp, vap->va_size, 0, 0, FALSE);
2458 if (err) {
2459 zfs_exit(zfsvfs, FTAG);
2460 return (err);
2461 }
2462 }
2463
2464 if (mask & (AT_ATIME|AT_MTIME) ||
2465 ((mask & AT_XVATTR) && (XVA_ISSET_REQ(xvap, XAT_HIDDEN) ||
2466 XVA_ISSET_REQ(xvap, XAT_READONLY) ||
2467 XVA_ISSET_REQ(xvap, XAT_ARCHIVE) ||
2468 XVA_ISSET_REQ(xvap, XAT_OFFLINE) ||
2469 XVA_ISSET_REQ(xvap, XAT_SPARSE) ||
2470 XVA_ISSET_REQ(xvap, XAT_CREATETIME) ||
2471 XVA_ISSET_REQ(xvap, XAT_SYSTEM)))) {
2472 need_policy = zfs_zaccess(zp, ACE_WRITE_ATTRIBUTES, 0,
2473 skipaclchk, cr, mnt_ns);
2474 }
2475
2476 if (mask & (AT_UID|AT_GID)) {
2477 int idmask = (mask & (AT_UID|AT_GID));
2478 int take_owner;
2479 int take_group;
2480
2481 /*
2482 * NOTE: even if a new mode is being set,
2483 * we may clear S_ISUID/S_ISGID bits.
2484 */
2485
2486 if (!(mask & AT_MODE))
2487 vap->va_mode = zp->z_mode;
2488
2489 /*
2490 * Take ownership or chgrp to group we are a member of
2491 */
2492
2493 take_owner = (mask & AT_UID) && (vap->va_uid == crgetuid(cr));
2494 take_group = (mask & AT_GID) &&
2495 zfs_groupmember(zfsvfs, vap->va_gid, cr);
2496
2497 /*
2498 * If both AT_UID and AT_GID are set then take_owner and
2499 * take_group must both be set in order to allow taking
2500 * ownership.
2501 *
2502 * Otherwise, send the check through secpolicy_vnode_setattr()
2503 *
2504 */
2505
2506 if (((idmask == (AT_UID|AT_GID)) && take_owner && take_group) ||
2507 ((idmask == AT_UID) && take_owner) ||
2508 ((idmask == AT_GID) && take_group)) {
2509 if (zfs_zaccess(zp, ACE_WRITE_OWNER, 0,
2510 skipaclchk, cr, mnt_ns) == 0) {
2511 /*
2512 * Remove setuid/setgid for non-privileged users
2513 */
2514 secpolicy_setid_clear(vap, vp, cr);
2515 trim_mask = (mask & (AT_UID|AT_GID));
2516 } else {
2517 need_policy = TRUE;
2518 }
2519 } else {
2520 need_policy = TRUE;
2521 }
2522 }
2523
2524 oldva.va_mode = zp->z_mode;
2525 zfs_fuid_map_ids(zp, cr, &oldva.va_uid, &oldva.va_gid);
2526 if (mask & AT_XVATTR) {
2527 /*
2528 * Update xvattr mask to include only those attributes
2529 * that are actually changing.
2530 *
2531 * the bits will be restored prior to actually setting
2532 * the attributes so the caller thinks they were set.
2533 */
2534 if (XVA_ISSET_REQ(xvap, XAT_APPENDONLY)) {
2535 if (xoap->xoa_appendonly !=
2536 ((zp->z_pflags & ZFS_APPENDONLY) != 0)) {
2537 need_policy = TRUE;
2538 } else {
2539 XVA_CLR_REQ(xvap, XAT_APPENDONLY);
2540 XVA_SET_REQ(&tmpxvattr, XAT_APPENDONLY);
2541 }
2542 }
2543
2544 if (XVA_ISSET_REQ(xvap, XAT_PROJINHERIT)) {
2545 if (xoap->xoa_projinherit !=
2546 ((zp->z_pflags & ZFS_PROJINHERIT) != 0)) {
2547 need_policy = TRUE;
2548 } else {
2549 XVA_CLR_REQ(xvap, XAT_PROJINHERIT);
2550 XVA_SET_REQ(&tmpxvattr, XAT_PROJINHERIT);
2551 }
2552 }
2553
2554 if (XVA_ISSET_REQ(xvap, XAT_NOUNLINK)) {
2555 if (xoap->xoa_nounlink !=
2556 ((zp->z_pflags & ZFS_NOUNLINK) != 0)) {
2557 need_policy = TRUE;
2558 } else {
2559 XVA_CLR_REQ(xvap, XAT_NOUNLINK);
2560 XVA_SET_REQ(&tmpxvattr, XAT_NOUNLINK);
2561 }
2562 }
2563
2564 if (XVA_ISSET_REQ(xvap, XAT_IMMUTABLE)) {
2565 if (xoap->xoa_immutable !=
2566 ((zp->z_pflags & ZFS_IMMUTABLE) != 0)) {
2567 need_policy = TRUE;
2568 } else {
2569 XVA_CLR_REQ(xvap, XAT_IMMUTABLE);
2570 XVA_SET_REQ(&tmpxvattr, XAT_IMMUTABLE);
2571 }
2572 }
2573
2574 if (XVA_ISSET_REQ(xvap, XAT_NODUMP)) {
2575 if (xoap->xoa_nodump !=
2576 ((zp->z_pflags & ZFS_NODUMP) != 0)) {
2577 need_policy = TRUE;
2578 } else {
2579 XVA_CLR_REQ(xvap, XAT_NODUMP);
2580 XVA_SET_REQ(&tmpxvattr, XAT_NODUMP);
2581 }
2582 }
2583
2584 if (XVA_ISSET_REQ(xvap, XAT_AV_MODIFIED)) {
2585 if (xoap->xoa_av_modified !=
2586 ((zp->z_pflags & ZFS_AV_MODIFIED) != 0)) {
2587 need_policy = TRUE;
2588 } else {
2589 XVA_CLR_REQ(xvap, XAT_AV_MODIFIED);
2590 XVA_SET_REQ(&tmpxvattr, XAT_AV_MODIFIED);
2591 }
2592 }
2593
2594 if (XVA_ISSET_REQ(xvap, XAT_AV_QUARANTINED)) {
2595 if ((vp->v_type != VREG &&
2596 xoap->xoa_av_quarantined) ||
2597 xoap->xoa_av_quarantined !=
2598 ((zp->z_pflags & ZFS_AV_QUARANTINED) != 0)) {
2599 need_policy = TRUE;
2600 } else {
2601 XVA_CLR_REQ(xvap, XAT_AV_QUARANTINED);
2602 XVA_SET_REQ(&tmpxvattr, XAT_AV_QUARANTINED);
2603 }
2604 }
2605
2606 if (XVA_ISSET_REQ(xvap, XAT_REPARSE)) {
2607 zfs_exit(zfsvfs, FTAG);
2608 return (SET_ERROR(EPERM));
2609 }
2610
2611 if (need_policy == FALSE &&
2612 (XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP) ||
2613 XVA_ISSET_REQ(xvap, XAT_OPAQUE))) {
2614 need_policy = TRUE;
2615 }
2616 }
2617
2618 if (mask & AT_MODE) {
2619 if (zfs_zaccess(zp, ACE_WRITE_ACL, 0, skipaclchk, cr,
2620 mnt_ns) == 0) {
2621 err = secpolicy_setid_setsticky_clear(vp, vap,
2622 &oldva, cr);
2623 if (err) {
2624 zfs_exit(zfsvfs, FTAG);
2625 return (err);
2626 }
2627 trim_mask |= AT_MODE;
2628 } else {
2629 need_policy = TRUE;
2630 }
2631 }
2632
2633 if (need_policy) {
2634 /*
2635 * If trim_mask is set then take ownership
2636 * has been granted or write_acl is present and user
2637 * has the ability to modify mode. In that case remove
2638 * UID|GID and or MODE from mask so that
2639 * secpolicy_vnode_setattr() doesn't revoke it.
2640 */
2641
2642 if (trim_mask) {
2643 saved_mask = vap->va_mask;
2644 vap->va_mask &= ~trim_mask;
2645 if (trim_mask & AT_MODE) {
2646 /*
2647 * Save the mode, as secpolicy_vnode_setattr()
2648 * will overwrite it with ova.va_mode.
2649 */
2650 saved_mode = vap->va_mode;
2651 }
2652 }
2653 err = secpolicy_vnode_setattr(cr, vp, vap, &oldva, flags,
2654 (int (*)(void *, int, cred_t *))zfs_zaccess_unix, zp);
2655 if (err) {
2656 zfs_exit(zfsvfs, FTAG);
2657 return (err);
2658 }
2659
2660 if (trim_mask) {
2661 vap->va_mask |= saved_mask;
2662 if (trim_mask & AT_MODE) {
2663 /*
2664 * Recover the mode after
2665 * secpolicy_vnode_setattr().
2666 */
2667 vap->va_mode = saved_mode;
2668 }
2669 }
2670 }
2671
2672 /*
2673 * secpolicy_vnode_setattr, or take ownership may have
2674 * changed va_mask
2675 */
2676 mask = vap->va_mask;
2677
2678 if ((mask & (AT_UID | AT_GID)) || projid != ZFS_INVALID_PROJID) {
2679 handle_eadir = B_TRUE;
2680 err = sa_lookup(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs),
2681 &xattr_obj, sizeof (xattr_obj));
2682
2683 if (err == 0 && xattr_obj) {
2684 err = zfs_zget(zp->z_zfsvfs, xattr_obj, &attrzp);
2685 if (err == 0) {
2686 err = vn_lock(ZTOV(attrzp), LK_EXCLUSIVE);
2687 if (err != 0)
2688 vrele(ZTOV(attrzp));
2689 }
2690 if (err)
2691 goto out2;
2692 }
2693 if (mask & AT_UID) {
2694 new_uid = zfs_fuid_create(zfsvfs,
2695 (uint64_t)vap->va_uid, cr, ZFS_OWNER, &fuidp);
2696 if (new_uid != zp->z_uid &&
2697 zfs_id_overquota(zfsvfs, DMU_USERUSED_OBJECT,
2698 new_uid)) {
2699 if (attrzp)
2700 vput(ZTOV(attrzp));
2701 err = SET_ERROR(EDQUOT);
2702 goto out2;
2703 }
2704 }
2705
2706 if (mask & AT_GID) {
2707 new_gid = zfs_fuid_create(zfsvfs, (uint64_t)vap->va_gid,
2708 cr, ZFS_GROUP, &fuidp);
2709 if (new_gid != zp->z_gid &&
2710 zfs_id_overquota(zfsvfs, DMU_GROUPUSED_OBJECT,
2711 new_gid)) {
2712 if (attrzp)
2713 vput(ZTOV(attrzp));
2714 err = SET_ERROR(EDQUOT);
2715 goto out2;
2716 }
2717 }
2718
2719 if (projid != ZFS_INVALID_PROJID &&
2720 zfs_id_overquota(zfsvfs, DMU_PROJECTUSED_OBJECT, projid)) {
2721 if (attrzp)
2722 vput(ZTOV(attrzp));
2723 err = SET_ERROR(EDQUOT);
2724 goto out2;
2725 }
2726 }
2727 tx = dmu_tx_create(os);
2728
2729 if (mask & AT_MODE) {
2730 uint64_t pmode = zp->z_mode;
2731 uint64_t acl_obj;
2732 new_mode = (pmode & S_IFMT) | (vap->va_mode & ~S_IFMT);
2733
2734 if (zp->z_zfsvfs->z_acl_mode == ZFS_ACL_RESTRICTED &&
2735 !(zp->z_pflags & ZFS_ACL_TRIVIAL)) {
2736 err = SET_ERROR(EPERM);
2737 goto out;
2738 }
2739
2740 if ((err = zfs_acl_chmod_setattr(zp, &aclp, new_mode)))
2741 goto out;
2742
2743 if (!zp->z_is_sa && ((acl_obj = zfs_external_acl(zp)) != 0)) {
2744 /*
2745 * Are we upgrading ACL from old V0 format
2746 * to V1 format?
2747 */
2748 if (zfsvfs->z_version >= ZPL_VERSION_FUID &&
2749 zfs_znode_acl_version(zp) ==
2750 ZFS_ACL_VERSION_INITIAL) {
2751 dmu_tx_hold_free(tx, acl_obj, 0,
2752 DMU_OBJECT_END);
2753 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
2754 0, aclp->z_acl_bytes);
2755 } else {
2756 dmu_tx_hold_write(tx, acl_obj, 0,
2757 aclp->z_acl_bytes);
2758 }
2759 } else if (!zp->z_is_sa && aclp->z_acl_bytes > ZFS_ACE_SPACE) {
2760 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
2761 0, aclp->z_acl_bytes);
2762 }
2763 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
2764 } else {
2765 if (((mask & AT_XVATTR) &&
2766 XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP)) ||
2767 (projid != ZFS_INVALID_PROJID &&
2768 !(zp->z_pflags & ZFS_PROJID)))
2769 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
2770 else
2771 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
2772 }
2773
2774 if (attrzp) {
2775 dmu_tx_hold_sa(tx, attrzp->z_sa_hdl, B_FALSE);
2776 }
2777
2778 fuid_dirtied = zfsvfs->z_fuid_dirty;
2779 if (fuid_dirtied)
2780 zfs_fuid_txhold(zfsvfs, tx);
2781
2782 zfs_sa_upgrade_txholds(tx, zp);
2783
2784 err = dmu_tx_assign(tx, DMU_TX_WAIT);
2785 if (err)
2786 goto out;
2787
2788 count = 0;
2789 /*
2790 * Set each attribute requested.
2791 * We group settings according to the locks they need to acquire.
2792 *
2793 * Note: you cannot set ctime directly, although it will be
2794 * updated as a side-effect of calling this function.
2795 */
2796
2797 if (projid != ZFS_INVALID_PROJID && !(zp->z_pflags & ZFS_PROJID)) {
2798 /*
2799 * For the existed object that is upgraded from old system,
2800 * its on-disk layout has no slot for the project ID attribute.
2801 * But quota accounting logic needs to access related slots by
2802 * offset directly. So we need to adjust old objects' layout
2803 * to make the project ID to some unified and fixed offset.
2804 */
2805 if (attrzp)
2806 err = sa_add_projid(attrzp->z_sa_hdl, tx, projid);
2807 if (err == 0)
2808 err = sa_add_projid(zp->z_sa_hdl, tx, projid);
2809
2810 if (unlikely(err == EEXIST))
2811 err = 0;
2812 else if (err != 0)
2813 goto out;
2814 else
2815 projid = ZFS_INVALID_PROJID;
2816 }
2817
2818 if (mask & (AT_UID|AT_GID|AT_MODE))
2819 mutex_enter(&zp->z_acl_lock);
2820
2821 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), NULL,
2822 &zp->z_pflags, sizeof (zp->z_pflags));
2823
2824 if (attrzp) {
2825 if (mask & (AT_UID|AT_GID|AT_MODE))
2826 mutex_enter(&attrzp->z_acl_lock);
2827 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2828 SA_ZPL_FLAGS(zfsvfs), NULL, &attrzp->z_pflags,
2829 sizeof (attrzp->z_pflags));
2830 if (projid != ZFS_INVALID_PROJID) {
2831 attrzp->z_projid = projid;
2832 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2833 SA_ZPL_PROJID(zfsvfs), NULL, &attrzp->z_projid,
2834 sizeof (attrzp->z_projid));
2835 }
2836 }
2837
2838 if (mask & (AT_UID|AT_GID)) {
2839
2840 if (mask & AT_UID) {
2841 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zfsvfs), NULL,
2842 &new_uid, sizeof (new_uid));
2843 zp->z_uid = new_uid;
2844 if (attrzp) {
2845 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2846 SA_ZPL_UID(zfsvfs), NULL, &new_uid,
2847 sizeof (new_uid));
2848 attrzp->z_uid = new_uid;
2849 }
2850 }
2851
2852 if (mask & AT_GID) {
2853 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zfsvfs),
2854 NULL, &new_gid, sizeof (new_gid));
2855 zp->z_gid = new_gid;
2856 if (attrzp) {
2857 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2858 SA_ZPL_GID(zfsvfs), NULL, &new_gid,
2859 sizeof (new_gid));
2860 attrzp->z_gid = new_gid;
2861 }
2862 }
2863 if (!(mask & AT_MODE)) {
2864 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MODE(zfsvfs),
2865 NULL, &new_mode, sizeof (new_mode));
2866 new_mode = zp->z_mode;
2867 }
2868 err = zfs_acl_chown_setattr(zp);
2869 ASSERT0(err);
2870 if (attrzp) {
2871 vn_seqc_write_begin(ZTOV(attrzp));
2872 err = zfs_acl_chown_setattr(attrzp);
2873 vn_seqc_write_end(ZTOV(attrzp));
2874 ASSERT0(err);
2875 }
2876 }
2877
2878 if (mask & AT_MODE) {
2879 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MODE(zfsvfs), NULL,
2880 &new_mode, sizeof (new_mode));
2881 zp->z_mode = new_mode;
2882 ASSERT3P(aclp, !=, NULL);
2883 err = zfs_aclset_common(zp, aclp, cr, tx);
2884 ASSERT0(err);
2885 if (zp->z_acl_cached)
2886 zfs_acl_free(zp->z_acl_cached);
2887 zp->z_acl_cached = aclp;
2888 aclp = NULL;
2889 }
2890
2891
2892 if (mask & AT_ATIME) {
2893 ZFS_TIME_ENCODE(&vap->va_atime, zp->z_atime);
2894 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_ATIME(zfsvfs), NULL,
2895 &zp->z_atime, sizeof (zp->z_atime));
2896 }
2897
2898 if (mask & AT_MTIME) {
2899 ZFS_TIME_ENCODE(&vap->va_mtime, mtime);
2900 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL,
2901 mtime, sizeof (mtime));
2902 }
2903
2904 if (projid != ZFS_INVALID_PROJID) {
2905 zp->z_projid = projid;
2906 SA_ADD_BULK_ATTR(bulk, count,
2907 SA_ZPL_PROJID(zfsvfs), NULL, &zp->z_projid,
2908 sizeof (zp->z_projid));
2909 }
2910
2911 /* XXX - shouldn't this be done *before* the ATIME/MTIME checks? */
2912 if (mask & AT_SIZE && !(mask & AT_MTIME)) {
2913 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs),
2914 NULL, mtime, sizeof (mtime));
2915 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL,
2916 &ctime, sizeof (ctime));
2917 zfs_tstamp_update_setup(zp, CONTENT_MODIFIED, mtime, ctime);
2918 } else if (mask != 0) {
2919 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL,
2920 &ctime, sizeof (ctime));
2921 zfs_tstamp_update_setup(zp, STATE_CHANGED, mtime, ctime);
2922 if (attrzp) {
2923 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2924 SA_ZPL_CTIME(zfsvfs), NULL,
2925 &ctime, sizeof (ctime));
2926 zfs_tstamp_update_setup(attrzp, STATE_CHANGED,
2927 mtime, ctime);
2928 }
2929 }
2930
2931 /*
2932 * Do this after setting timestamps to prevent timestamp
2933 * update from toggling bit
2934 */
2935
2936 if (xoap && (mask & AT_XVATTR)) {
2937
2938 if (XVA_ISSET_REQ(xvap, XAT_CREATETIME))
2939 xoap->xoa_createtime = vap->va_birthtime;
2940 /*
2941 * restore trimmed off masks
2942 * so that return masks can be set for caller.
2943 */
2944
2945 if (XVA_ISSET_REQ(&tmpxvattr, XAT_APPENDONLY)) {
2946 XVA_SET_REQ(xvap, XAT_APPENDONLY);
2947 }
2948 if (XVA_ISSET_REQ(&tmpxvattr, XAT_NOUNLINK)) {
2949 XVA_SET_REQ(xvap, XAT_NOUNLINK);
2950 }
2951 if (XVA_ISSET_REQ(&tmpxvattr, XAT_IMMUTABLE)) {
2952 XVA_SET_REQ(xvap, XAT_IMMUTABLE);
2953 }
2954 if (XVA_ISSET_REQ(&tmpxvattr, XAT_NODUMP)) {
2955 XVA_SET_REQ(xvap, XAT_NODUMP);
2956 }
2957 if (XVA_ISSET_REQ(&tmpxvattr, XAT_AV_MODIFIED)) {
2958 XVA_SET_REQ(xvap, XAT_AV_MODIFIED);
2959 }
2960 if (XVA_ISSET_REQ(&tmpxvattr, XAT_AV_QUARANTINED)) {
2961 XVA_SET_REQ(xvap, XAT_AV_QUARANTINED);
2962 }
2963 if (XVA_ISSET_REQ(&tmpxvattr, XAT_PROJINHERIT)) {
2964 XVA_SET_REQ(xvap, XAT_PROJINHERIT);
2965 }
2966
2967 if (XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP))
2968 ASSERT3S(vp->v_type, ==, VREG);
2969
2970 zfs_xvattr_set(zp, xvap, tx);
2971 }
2972
2973 if (fuid_dirtied)
2974 zfs_fuid_sync(zfsvfs, tx);
2975
2976 if (mask != 0)
2977 zfs_log_setattr(zilog, tx, TX_SETATTR, zp, vap, mask, fuidp);
2978
2979 if (mask & (AT_UID|AT_GID|AT_MODE))
2980 mutex_exit(&zp->z_acl_lock);
2981
2982 if (attrzp) {
2983 if (mask & (AT_UID|AT_GID|AT_MODE))
2984 mutex_exit(&attrzp->z_acl_lock);
2985 }
2986 out:
2987 if (err == 0 && attrzp) {
2988 err2 = sa_bulk_update(attrzp->z_sa_hdl, xattr_bulk,
2989 xattr_count, tx);
2990 ASSERT0(err2);
2991 }
2992
2993 if (attrzp)
2994 vput(ZTOV(attrzp));
2995
2996 if (aclp)
2997 zfs_acl_free(aclp);
2998
2999 if (fuidp) {
3000 zfs_fuid_info_free(fuidp);
3001 fuidp = NULL;
3002 }
3003
3004 if (err) {
3005 dmu_tx_abort(tx);
3006 } else {
3007 err2 = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
3008 dmu_tx_commit(tx);
3009 if (attrzp) {
3010 if (err2 == 0 && handle_eadir)
3011 err = zfs_setattr_dir(attrzp);
3012 }
3013 }
3014
3015 out2:
3016 if (err == 0 && os->os_sync == ZFS_SYNC_ALWAYS)
3017 err = zil_commit(zilog, 0);
3018
3019 zfs_exit(zfsvfs, FTAG);
3020 return (err);
3021 }
3022
3023 /*
3024 * Look up the directory entries corresponding to the source and target
3025 * directory/name pairs.
3026 */
3027 static int
zfs_rename_relock_lookup(znode_t * sdzp,const struct componentname * scnp,znode_t ** szpp,znode_t * tdzp,const struct componentname * tcnp,znode_t ** tzpp)3028 zfs_rename_relock_lookup(znode_t *sdzp, const struct componentname *scnp,
3029 znode_t **szpp, znode_t *tdzp, const struct componentname *tcnp,
3030 znode_t **tzpp)
3031 {
3032 zfsvfs_t *zfsvfs;
3033 znode_t *szp, *tzp;
3034 int error;
3035
3036 /*
3037 * Before using sdzp and tdzp we must ensure that they are live.
3038 * As a porting legacy from illumos we have two things to worry
3039 * about. One is typical for FreeBSD and it is that the vnode is
3040 * not reclaimed (doomed). The other is that the znode is live.
3041 * The current code can invalidate the znode without acquiring the
3042 * corresponding vnode lock if the object represented by the znode
3043 * and vnode is no longer valid after a rollback or receive operation.
3044 * z_teardown_lock hidden behind zfs_enter and zfs_exit is the lock
3045 * that protects the znodes from the invalidation.
3046 */
3047 zfsvfs = sdzp->z_zfsvfs;
3048 ASSERT3P(zfsvfs, ==, tdzp->z_zfsvfs);
3049 if ((error = zfs_enter_verify_zp(zfsvfs, sdzp, FTAG)) != 0)
3050 return (error);
3051 if ((error = zfs_verify_zp(tdzp)) != 0) {
3052 zfs_exit(zfsvfs, FTAG);
3053 return (error);
3054 }
3055
3056 /*
3057 * Re-resolve svp to be certain it still exists and fetch the
3058 * correct vnode.
3059 */
3060 error = zfs_dirent_lookup(sdzp, scnp->cn_nameptr, &szp, ZEXISTS);
3061 if (error != 0) {
3062 /* Source entry invalid or not there. */
3063 if ((scnp->cn_flags & ISDOTDOT) != 0 ||
3064 (scnp->cn_namelen == 1 && scnp->cn_nameptr[0] == '.'))
3065 error = SET_ERROR(EINVAL);
3066 goto out;
3067 }
3068 *szpp = szp;
3069
3070 /*
3071 * Re-resolve tvp, if it disappeared we just carry on.
3072 */
3073 error = zfs_dirent_lookup(tdzp, tcnp->cn_nameptr, &tzp, 0);
3074 if (error != 0) {
3075 vrele(ZTOV(szp));
3076 if ((tcnp->cn_flags & ISDOTDOT) != 0)
3077 error = SET_ERROR(EINVAL);
3078 goto out;
3079 }
3080 *tzpp = tzp;
3081 out:
3082 zfs_exit(zfsvfs, FTAG);
3083 return (error);
3084 }
3085
3086 /*
3087 * We acquire all but fdvp locks using non-blocking acquisitions. If we
3088 * fail to acquire any lock in the path we will drop all held locks,
3089 * acquire the new lock in a blocking fashion, and then release it and
3090 * restart the rename. This acquire/release step ensures that we do not
3091 * spin on a lock waiting for release. On error release all vnode locks
3092 * and decrement references the way tmpfs_rename() would do.
3093 */
3094 static int
zfs_rename_relock(struct vnode * sdvp,struct vnode ** svpp,struct vnode * tdvp,struct vnode ** tvpp,const struct componentname * scnp,const struct componentname * tcnp)3095 zfs_rename_relock(struct vnode *sdvp, struct vnode **svpp,
3096 struct vnode *tdvp, struct vnode **tvpp,
3097 const struct componentname *scnp, const struct componentname *tcnp)
3098 {
3099 struct vnode *nvp, *svp, *tvp;
3100 znode_t *sdzp, *tdzp, *szp, *tzp;
3101 int error;
3102
3103 VOP_UNLOCK(tdvp);
3104 if (*tvpp != NULL && *tvpp != tdvp)
3105 VOP_UNLOCK(*tvpp);
3106
3107 relock:
3108 error = vn_lock(sdvp, LK_EXCLUSIVE);
3109 if (error)
3110 goto out;
3111 error = vn_lock(tdvp, LK_EXCLUSIVE | LK_NOWAIT);
3112 if (error != 0) {
3113 VOP_UNLOCK(sdvp);
3114 if (error != EBUSY)
3115 goto out;
3116 error = vn_lock(tdvp, LK_EXCLUSIVE);
3117 if (error)
3118 goto out;
3119 VOP_UNLOCK(tdvp);
3120 goto relock;
3121 }
3122 tdzp = VTOZ(tdvp);
3123 sdzp = VTOZ(sdvp);
3124
3125 error = zfs_rename_relock_lookup(sdzp, scnp, &szp, tdzp, tcnp, &tzp);
3126 if (error != 0) {
3127 VOP_UNLOCK(sdvp);
3128 VOP_UNLOCK(tdvp);
3129 goto out;
3130 }
3131 svp = ZTOV(szp);
3132 tvp = tzp != NULL ? ZTOV(tzp) : NULL;
3133
3134 /*
3135 * Now try acquire locks on svp and tvp.
3136 */
3137 nvp = svp;
3138 error = vn_lock(nvp, LK_EXCLUSIVE | LK_NOWAIT);
3139 if (error != 0) {
3140 VOP_UNLOCK(sdvp);
3141 VOP_UNLOCK(tdvp);
3142 if (tvp != NULL)
3143 vrele(tvp);
3144 if (error != EBUSY) {
3145 vrele(nvp);
3146 goto out;
3147 }
3148 error = vn_lock(nvp, LK_EXCLUSIVE);
3149 if (error != 0) {
3150 vrele(nvp);
3151 goto out;
3152 }
3153 VOP_UNLOCK(nvp);
3154 /*
3155 * Concurrent rename race.
3156 * XXX ?
3157 */
3158 if (nvp == tdvp) {
3159 vrele(nvp);
3160 error = SET_ERROR(EINVAL);
3161 goto out;
3162 }
3163 vrele(*svpp);
3164 *svpp = nvp;
3165 goto relock;
3166 }
3167 vrele(*svpp);
3168 *svpp = nvp;
3169
3170 if (*tvpp != NULL)
3171 vrele(*tvpp);
3172 *tvpp = NULL;
3173 if (tvp != NULL) {
3174 nvp = tvp;
3175 error = vn_lock(nvp, LK_EXCLUSIVE | LK_NOWAIT);
3176 if (error != 0) {
3177 VOP_UNLOCK(sdvp);
3178 VOP_UNLOCK(tdvp);
3179 VOP_UNLOCK(*svpp);
3180 if (error != EBUSY) {
3181 vrele(nvp);
3182 goto out;
3183 }
3184 error = vn_lock(nvp, LK_EXCLUSIVE);
3185 if (error != 0) {
3186 vrele(nvp);
3187 goto out;
3188 }
3189 vput(nvp);
3190 goto relock;
3191 }
3192 *tvpp = nvp;
3193 }
3194
3195 return (0);
3196
3197 out:
3198 return (error);
3199 }
3200
3201 /*
3202 * Note that we must use VRELE_ASYNC in this function as it walks
3203 * up the directory tree and vrele may need to acquire an exclusive
3204 * lock if a last reference to a vnode is dropped.
3205 */
3206 static int
zfs_rename_check(znode_t * szp,znode_t * sdzp,znode_t * tdzp)3207 zfs_rename_check(znode_t *szp, znode_t *sdzp, znode_t *tdzp)
3208 {
3209 zfsvfs_t *zfsvfs;
3210 znode_t *zp, *zp1;
3211 uint64_t parent;
3212 int error;
3213
3214 zfsvfs = tdzp->z_zfsvfs;
3215 if (tdzp == szp)
3216 return (SET_ERROR(EINVAL));
3217 if (tdzp == sdzp)
3218 return (0);
3219 if (tdzp->z_id == zfsvfs->z_root)
3220 return (0);
3221 zp = tdzp;
3222 for (;;) {
3223 ASSERT(!zp->z_unlinked);
3224 if ((error = sa_lookup(zp->z_sa_hdl,
3225 SA_ZPL_PARENT(zfsvfs), &parent, sizeof (parent))) != 0)
3226 break;
3227
3228 if (parent == szp->z_id) {
3229 error = SET_ERROR(EINVAL);
3230 break;
3231 }
3232 if (parent == zfsvfs->z_root)
3233 break;
3234 if (parent == sdzp->z_id)
3235 break;
3236
3237 error = zfs_zget(zfsvfs, parent, &zp1);
3238 if (error != 0)
3239 break;
3240
3241 if (zp != tdzp)
3242 VN_RELE_ASYNC(ZTOV(zp),
3243 dsl_pool_zrele_taskq(
3244 dmu_objset_pool(zfsvfs->z_os)));
3245 zp = zp1;
3246 }
3247
3248 if (error == ENOTDIR)
3249 panic("checkpath: .. not a directory\n");
3250 if (zp != tdzp)
3251 VN_RELE_ASYNC(ZTOV(zp),
3252 dsl_pool_zrele_taskq(dmu_objset_pool(zfsvfs->z_os)));
3253 return (error);
3254 }
3255
3256 static int
3257 zfs_do_rename_impl(vnode_t *sdvp, vnode_t **svpp, struct componentname *scnp,
3258 vnode_t *tdvp, vnode_t **tvpp, struct componentname *tcnp,
3259 cred_t *cr);
3260
3261 /*
3262 * Move an entry from the provided source directory to the target
3263 * directory. Change the entry name as indicated.
3264 *
3265 * IN: sdvp - Source directory containing the "old entry".
3266 * scnp - Old entry name.
3267 * tdvp - Target directory to contain the "new entry".
3268 * tcnp - New entry name.
3269 * cr - credentials of caller.
3270 * INOUT: svpp - Source file
3271 * tvpp - Target file, may point to NULL initially
3272 *
3273 * RETURN: 0 on success, error code on failure.
3274 *
3275 * Timestamps:
3276 * sdvp,tdvp - ctime|mtime updated
3277 */
3278 static int
zfs_do_rename(vnode_t * sdvp,vnode_t ** svpp,struct componentname * scnp,vnode_t * tdvp,vnode_t ** tvpp,struct componentname * tcnp,cred_t * cr)3279 zfs_do_rename(vnode_t *sdvp, vnode_t **svpp, struct componentname *scnp,
3280 vnode_t *tdvp, vnode_t **tvpp, struct componentname *tcnp,
3281 cred_t *cr)
3282 {
3283 int error;
3284
3285 ASSERT_VOP_ELOCKED(tdvp, __func__);
3286 if (*tvpp != NULL)
3287 ASSERT_VOP_ELOCKED(*tvpp, __func__);
3288
3289 /* Reject renames across filesystems. */
3290 if ((*svpp)->v_mount != tdvp->v_mount ||
3291 ((*tvpp) != NULL && (*svpp)->v_mount != (*tvpp)->v_mount)) {
3292 error = SET_ERROR(EXDEV);
3293 goto out;
3294 }
3295
3296 if (zfsctl_is_node(tdvp)) {
3297 error = SET_ERROR(EXDEV);
3298 goto out;
3299 }
3300
3301 /*
3302 * Lock all four vnodes to ensure safety and semantics of renaming.
3303 */
3304 error = zfs_rename_relock(sdvp, svpp, tdvp, tvpp, scnp, tcnp);
3305 if (error != 0) {
3306 /* no vnodes are locked in the case of error here */
3307 return (error);
3308 }
3309
3310 error = zfs_do_rename_impl(sdvp, svpp, scnp, tdvp, tvpp, tcnp, cr);
3311 VOP_UNLOCK(sdvp);
3312 VOP_UNLOCK(*svpp);
3313 out:
3314 if (*tvpp != NULL)
3315 VOP_UNLOCK(*tvpp);
3316 if (tdvp != *tvpp)
3317 VOP_UNLOCK(tdvp);
3318
3319 return (error);
3320 }
3321
3322 static int
zfs_do_rename_impl(vnode_t * sdvp,vnode_t ** svpp,struct componentname * scnp,vnode_t * tdvp,vnode_t ** tvpp,struct componentname * tcnp,cred_t * cr)3323 zfs_do_rename_impl(vnode_t *sdvp, vnode_t **svpp, struct componentname *scnp,
3324 vnode_t *tdvp, vnode_t **tvpp, struct componentname *tcnp,
3325 cred_t *cr)
3326 {
3327 dmu_tx_t *tx;
3328 zfsvfs_t *zfsvfs;
3329 zilog_t *zilog;
3330 znode_t *tdzp, *sdzp, *tzp, *szp;
3331 const char *snm = scnp->cn_nameptr;
3332 const char *tnm = tcnp->cn_nameptr;
3333 int error;
3334
3335 tdzp = VTOZ(tdvp);
3336 sdzp = VTOZ(sdvp);
3337 zfsvfs = tdzp->z_zfsvfs;
3338
3339 if ((error = zfs_enter_verify_zp(zfsvfs, tdzp, FTAG)) != 0)
3340 return (error);
3341 if ((error = zfs_verify_zp(sdzp)) != 0) {
3342 zfs_exit(zfsvfs, FTAG);
3343 return (error);
3344 }
3345 zilog = zfsvfs->z_log;
3346
3347 if (zfsvfs->z_utf8 && u8_validate(tnm,
3348 strlen(tnm), NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
3349 error = SET_ERROR(EILSEQ);
3350 goto out;
3351 }
3352
3353 /* If source and target are the same file, there is nothing to do. */
3354 if ((*svpp) == (*tvpp)) {
3355 error = 0;
3356 goto out;
3357 }
3358
3359 if (((*svpp)->v_type == VDIR && (*svpp)->v_mountedhere != NULL) ||
3360 ((*tvpp) != NULL && (*tvpp)->v_type == VDIR &&
3361 (*tvpp)->v_mountedhere != NULL)) {
3362 error = SET_ERROR(EXDEV);
3363 goto out;
3364 }
3365
3366 szp = VTOZ(*svpp);
3367 if ((error = zfs_verify_zp(szp)) != 0) {
3368 zfs_exit(zfsvfs, FTAG);
3369 return (error);
3370 }
3371 tzp = *tvpp == NULL ? NULL : VTOZ(*tvpp);
3372 if (tzp != NULL) {
3373 if ((error = zfs_verify_zp(tzp)) != 0) {
3374 zfs_exit(zfsvfs, FTAG);
3375 return (error);
3376 }
3377 }
3378
3379 /*
3380 * This is to prevent the creation of links into attribute space
3381 * by renaming a linked file into/outof an attribute directory.
3382 * See the comment in zfs_link() for why this is considered bad.
3383 */
3384 if ((tdzp->z_pflags & ZFS_XATTR) != (sdzp->z_pflags & ZFS_XATTR)) {
3385 error = SET_ERROR(EINVAL);
3386 goto out;
3387 }
3388
3389 /*
3390 * If we are using project inheritance, means if the directory has
3391 * ZFS_PROJINHERIT set, then its descendant directories will inherit
3392 * not only the project ID, but also the ZFS_PROJINHERIT flag. Under
3393 * such case, we only allow renames into our tree when the project
3394 * IDs are the same.
3395 */
3396 if (tdzp->z_pflags & ZFS_PROJINHERIT &&
3397 tdzp->z_projid != szp->z_projid) {
3398 error = SET_ERROR(EXDEV);
3399 goto out;
3400 }
3401
3402 /*
3403 * Must have write access at the source to remove the old entry
3404 * and write access at the target to create the new entry.
3405 * Note that if target and source are the same, this can be
3406 * done in a single check.
3407 */
3408 if ((error = zfs_zaccess_rename(sdzp, szp, tdzp, tzp, cr, NULL)))
3409 goto out;
3410
3411 if ((*svpp)->v_type == VDIR) {
3412 /*
3413 * Avoid ".", "..", and aliases of "." for obvious reasons.
3414 */
3415 if ((scnp->cn_namelen == 1 && scnp->cn_nameptr[0] == '.') ||
3416 sdzp == szp ||
3417 (scnp->cn_flags | tcnp->cn_flags) & ISDOTDOT) {
3418 error = EINVAL;
3419 goto out;
3420 }
3421
3422 /*
3423 * Check to make sure rename is valid.
3424 * Can't do a move like this: /usr/a/b to /usr/a/b/c/d
3425 */
3426 if ((error = zfs_rename_check(szp, sdzp, tdzp)))
3427 goto out;
3428 }
3429
3430 /*
3431 * Does target exist?
3432 */
3433 if (tzp) {
3434 /*
3435 * Source and target must be the same type.
3436 */
3437 if ((*svpp)->v_type == VDIR) {
3438 if ((*tvpp)->v_type != VDIR) {
3439 error = SET_ERROR(ENOTDIR);
3440 goto out;
3441 } else {
3442 cache_purge(tdvp);
3443 if (sdvp != tdvp)
3444 cache_purge(sdvp);
3445 }
3446 } else {
3447 if ((*tvpp)->v_type == VDIR) {
3448 error = SET_ERROR(EISDIR);
3449 goto out;
3450 }
3451 }
3452 }
3453
3454 vn_seqc_write_begin(*svpp);
3455 vn_seqc_write_begin(sdvp);
3456 if (*tvpp != NULL)
3457 vn_seqc_write_begin(*tvpp);
3458 if (tdvp != *tvpp)
3459 vn_seqc_write_begin(tdvp);
3460
3461 vnevent_rename_src(*svpp, sdvp, scnp->cn_nameptr, ct);
3462 if (tzp)
3463 vnevent_rename_dest(*tvpp, tdvp, tnm, ct);
3464
3465 /*
3466 * notify the target directory if it is not the same
3467 * as source directory.
3468 */
3469 if (tdvp != sdvp) {
3470 vnevent_rename_dest_dir(tdvp, ct);
3471 }
3472
3473 tx = dmu_tx_create(zfsvfs->z_os);
3474 dmu_tx_hold_sa(tx, szp->z_sa_hdl, B_FALSE);
3475 dmu_tx_hold_sa(tx, sdzp->z_sa_hdl, B_FALSE);
3476 dmu_tx_hold_zap(tx, sdzp->z_id, FALSE, snm);
3477 dmu_tx_hold_zap(tx, tdzp->z_id, TRUE, tnm);
3478 if (sdzp != tdzp) {
3479 dmu_tx_hold_sa(tx, tdzp->z_sa_hdl, B_FALSE);
3480 zfs_sa_upgrade_txholds(tx, tdzp);
3481 }
3482 if (tzp) {
3483 dmu_tx_hold_sa(tx, tzp->z_sa_hdl, B_FALSE);
3484 zfs_sa_upgrade_txholds(tx, tzp);
3485 }
3486
3487 zfs_sa_upgrade_txholds(tx, szp);
3488 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
3489 error = dmu_tx_assign(tx, DMU_TX_WAIT);
3490 if (error) {
3491 dmu_tx_abort(tx);
3492 goto out_seq;
3493 }
3494
3495 if (tzp) /* Attempt to remove the existing target */
3496 error = zfs_link_destroy(tdzp, tnm, tzp, tx, 0, NULL);
3497
3498 if (error == 0) {
3499 error = zfs_link_create(tdzp, tnm, szp, tx, ZRENAMING);
3500 if (error == 0) {
3501 szp->z_pflags |= ZFS_AV_MODIFIED;
3502
3503 error = sa_update(szp->z_sa_hdl, SA_ZPL_FLAGS(zfsvfs),
3504 (void *)&szp->z_pflags, sizeof (uint64_t), tx);
3505 ASSERT0(error);
3506
3507 error = zfs_link_destroy(sdzp, snm, szp, tx, ZRENAMING,
3508 NULL);
3509 if (error == 0) {
3510 zfs_log_rename(zilog, tx, TX_RENAME, sdzp,
3511 snm, tdzp, tnm, szp);
3512 } else {
3513 /*
3514 * At this point, we have successfully created
3515 * the target name, but have failed to remove
3516 * the source name. Since the create was done
3517 * with the ZRENAMING flag, there are
3518 * complications; for one, the link count is
3519 * wrong. The easiest way to deal with this
3520 * is to remove the newly created target, and
3521 * return the original error. This must
3522 * succeed; fortunately, it is very unlikely to
3523 * fail, since we just created it.
3524 */
3525 VERIFY0(zfs_link_destroy(tdzp, tnm, szp, tx,
3526 ZRENAMING, NULL));
3527 }
3528 }
3529 if (error == 0) {
3530 cache_vop_rename(sdvp, *svpp, tdvp, *tvpp, scnp, tcnp);
3531 }
3532 }
3533
3534 dmu_tx_commit(tx);
3535
3536 out_seq:
3537 vn_seqc_write_end(*svpp);
3538 vn_seqc_write_end(sdvp);
3539 if (*tvpp != NULL)
3540 vn_seqc_write_end(*tvpp);
3541 if (tdvp != *tvpp)
3542 vn_seqc_write_end(tdvp);
3543
3544 out:
3545 if (error == 0 && zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
3546 error = zil_commit(zilog, 0);
3547 zfs_exit(zfsvfs, FTAG);
3548
3549 return (error);
3550 }
3551
3552 int
zfs_rename(znode_t * sdzp,const char * sname,znode_t * tdzp,const char * tname,cred_t * cr,int flags,uint64_t rflags,vattr_t * wo_vap,zidmap_t * mnt_ns)3553 zfs_rename(znode_t *sdzp, const char *sname, znode_t *tdzp, const char *tname,
3554 cred_t *cr, int flags, uint64_t rflags, vattr_t *wo_vap, zidmap_t *mnt_ns)
3555 {
3556 struct componentname scn, tcn;
3557 vnode_t *sdvp, *tdvp;
3558 vnode_t *svp, *tvp;
3559 int error;
3560 svp = tvp = NULL;
3561
3562 if (is_nametoolong(tdzp->z_zfsvfs, tname))
3563 return (SET_ERROR(ENAMETOOLONG));
3564
3565 if (rflags != 0 || wo_vap != NULL)
3566 return (SET_ERROR(EINVAL));
3567
3568 sdvp = ZTOV(sdzp);
3569 tdvp = ZTOV(tdzp);
3570 error = zfs_lookup_internal(sdzp, sname, &svp, &scn, DELETE);
3571 if (sdzp->z_zfsvfs->z_replay == B_FALSE)
3572 VOP_UNLOCK(sdvp);
3573 if (error != 0)
3574 goto fail;
3575 VOP_UNLOCK(svp);
3576
3577 vn_lock(tdvp, LK_EXCLUSIVE | LK_RETRY);
3578 error = zfs_lookup_internal(tdzp, tname, &tvp, &tcn, RENAME);
3579 if (error == EJUSTRETURN)
3580 tvp = NULL;
3581 else if (error != 0) {
3582 VOP_UNLOCK(tdvp);
3583 goto fail;
3584 }
3585
3586 error = zfs_do_rename(sdvp, &svp, &scn, tdvp, &tvp, &tcn, cr);
3587 fail:
3588 if (svp != NULL)
3589 vrele(svp);
3590 if (tvp != NULL)
3591 vrele(tvp);
3592
3593 return (error);
3594 }
3595
3596 /*
3597 * Insert the indicated symbolic reference entry into the directory.
3598 *
3599 * IN: dvp - Directory to contain new symbolic link.
3600 * link - Name for new symlink entry.
3601 * vap - Attributes of new entry.
3602 * cr - credentials of caller.
3603 * ct - caller context
3604 * flags - case flags
3605 * mnt_ns - Unused on FreeBSD
3606 *
3607 * RETURN: 0 on success, error code on failure.
3608 *
3609 * Timestamps:
3610 * dvp - ctime|mtime updated
3611 */
3612 int
zfs_symlink(znode_t * dzp,const char * name,vattr_t * vap,const char * link,znode_t ** zpp,cred_t * cr,int flags,zidmap_t * mnt_ns)3613 zfs_symlink(znode_t *dzp, const char *name, vattr_t *vap,
3614 const char *link, znode_t **zpp, cred_t *cr, int flags, zidmap_t *mnt_ns)
3615 {
3616 (void) flags;
3617 znode_t *zp;
3618 dmu_tx_t *tx;
3619 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
3620 zilog_t *zilog;
3621 uint64_t len = strlen(link);
3622 int error;
3623 zfs_acl_ids_t acl_ids;
3624 boolean_t fuid_dirtied;
3625 uint64_t txtype = TX_SYMLINK;
3626
3627 ASSERT3S(vap->va_type, ==, VLNK);
3628
3629 if (is_nametoolong(zfsvfs, name))
3630 return (SET_ERROR(ENAMETOOLONG));
3631
3632 if ((error = zfs_enter_verify_zp(zfsvfs, dzp, FTAG)) != 0)
3633 return (error);
3634 zilog = zfsvfs->z_log;
3635
3636 if (zfsvfs->z_utf8 && u8_validate(name, strlen(name),
3637 NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
3638 zfs_exit(zfsvfs, FTAG);
3639 return (SET_ERROR(EILSEQ));
3640 }
3641
3642 if (len > MAXPATHLEN) {
3643 zfs_exit(zfsvfs, FTAG);
3644 return (SET_ERROR(ENAMETOOLONG));
3645 }
3646
3647 if ((error = zfs_acl_ids_create(dzp, 0,
3648 vap, cr, NULL, &acl_ids, NULL)) != 0) {
3649 zfs_exit(zfsvfs, FTAG);
3650 return (error);
3651 }
3652
3653 /*
3654 * Attempt to lock directory; fail if entry already exists.
3655 */
3656 error = zfs_dirent_lookup(dzp, name, &zp, ZNEW);
3657 if (error) {
3658 zfs_acl_ids_free(&acl_ids);
3659 zfs_exit(zfsvfs, FTAG);
3660 return (error);
3661 }
3662
3663 if ((error = zfs_zaccess(dzp, ACE_ADD_FILE, 0, B_FALSE, cr, mnt_ns))) {
3664 zfs_acl_ids_free(&acl_ids);
3665 zfs_exit(zfsvfs, FTAG);
3666 return (error);
3667 }
3668
3669 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, ZFS_DEFAULT_PROJID)) {
3670 zfs_acl_ids_free(&acl_ids);
3671 zfs_exit(zfsvfs, FTAG);
3672 return (SET_ERROR(EDQUOT));
3673 }
3674
3675 getnewvnode_reserve();
3676 tx = dmu_tx_create(zfsvfs->z_os);
3677 fuid_dirtied = zfsvfs->z_fuid_dirty;
3678 dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0, MAX(1, len));
3679 dmu_tx_hold_zap(tx, dzp->z_id, TRUE, name);
3680 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
3681 ZFS_SA_BASE_ATTR_SIZE + len);
3682 dmu_tx_hold_sa(tx, dzp->z_sa_hdl, B_FALSE);
3683 if (!zfsvfs->z_use_sa && acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
3684 dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0,
3685 acl_ids.z_aclp->z_acl_bytes);
3686 }
3687 if (fuid_dirtied)
3688 zfs_fuid_txhold(zfsvfs, tx);
3689 error = dmu_tx_assign(tx, DMU_TX_WAIT);
3690 if (error) {
3691 zfs_acl_ids_free(&acl_ids);
3692 dmu_tx_abort(tx);
3693 getnewvnode_drop_reserve();
3694 zfs_exit(zfsvfs, FTAG);
3695 return (error);
3696 }
3697
3698 /*
3699 * Create a new object for the symlink.
3700 * for version 4 ZPL datasets the symlink will be an SA attribute
3701 */
3702 zfs_mknode(dzp, vap, tx, cr, 0, &zp, &acl_ids);
3703
3704 if (fuid_dirtied)
3705 zfs_fuid_sync(zfsvfs, tx);
3706
3707 if (zp->z_is_sa)
3708 error = sa_update(zp->z_sa_hdl, SA_ZPL_SYMLINK(zfsvfs),
3709 __DECONST(void *, link), len, tx);
3710 else
3711 zfs_sa_symlink(zp, __DECONST(char *, link), len, tx);
3712
3713 zp->z_size = len;
3714 (void) sa_update(zp->z_sa_hdl, SA_ZPL_SIZE(zfsvfs),
3715 &zp->z_size, sizeof (zp->z_size), tx);
3716 /*
3717 * Insert the new object into the directory.
3718 */
3719 error = zfs_link_create(dzp, name, zp, tx, ZNEW);
3720 if (error != 0) {
3721 zfs_znode_delete(zp, tx);
3722 VOP_UNLOCK(ZTOV(zp));
3723 zrele(zp);
3724 } else {
3725 zfs_log_symlink(zilog, tx, txtype, dzp, zp, name, link);
3726 }
3727
3728 zfs_acl_ids_free(&acl_ids);
3729
3730 dmu_tx_commit(tx);
3731
3732 getnewvnode_drop_reserve();
3733
3734 if (error == 0) {
3735 *zpp = zp;
3736
3737 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
3738 error = zil_commit(zilog, 0);
3739 }
3740
3741 zfs_exit(zfsvfs, FTAG);
3742 return (error);
3743 }
3744
3745 /*
3746 * Return, in the buffer contained in the provided uio structure,
3747 * the symbolic path referred to by vp.
3748 *
3749 * IN: vp - vnode of symbolic link.
3750 * uio - structure to contain the link path.
3751 * cr - credentials of caller.
3752 * ct - caller context
3753 *
3754 * OUT: uio - structure containing the link path.
3755 *
3756 * RETURN: 0 on success, error code on failure.
3757 *
3758 * Timestamps:
3759 * vp - atime updated
3760 */
3761 static int
zfs_readlink(vnode_t * vp,zfs_uio_t * uio,cred_t * cr,caller_context_t * ct)3762 zfs_readlink(vnode_t *vp, zfs_uio_t *uio, cred_t *cr, caller_context_t *ct)
3763 {
3764 (void) cr, (void) ct;
3765 znode_t *zp = VTOZ(vp);
3766 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
3767 int error;
3768
3769 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
3770 return (error);
3771
3772 if (zp->z_is_sa)
3773 error = sa_lookup_uio(zp->z_sa_hdl,
3774 SA_ZPL_SYMLINK(zfsvfs), uio);
3775 else
3776 error = zfs_sa_readlink(zp, uio);
3777
3778 ZFS_ACCESSTIME_STAMP(zfsvfs, zp);
3779
3780 zfs_exit(zfsvfs, FTAG);
3781 return (error);
3782 }
3783
3784 /*
3785 * Insert a new entry into directory tdvp referencing svp.
3786 *
3787 * IN: tdvp - Directory to contain new entry.
3788 * svp - vnode of new entry.
3789 * name - name of new entry.
3790 * cr - credentials of caller.
3791 *
3792 * RETURN: 0 on success, error code on failure.
3793 *
3794 * Timestamps:
3795 * tdvp - ctime|mtime updated
3796 * svp - ctime updated
3797 */
3798 int
zfs_link(znode_t * tdzp,znode_t * szp,const char * name,cred_t * cr,int flags)3799 zfs_link(znode_t *tdzp, znode_t *szp, const char *name, cred_t *cr,
3800 int flags)
3801 {
3802 (void) flags;
3803 znode_t *tzp;
3804 zfsvfs_t *zfsvfs = tdzp->z_zfsvfs;
3805 zilog_t *zilog;
3806 dmu_tx_t *tx;
3807 int error;
3808 uint64_t parent;
3809 uid_t owner;
3810
3811 ASSERT3S(ZTOV(tdzp)->v_type, ==, VDIR);
3812
3813 if (is_nametoolong(zfsvfs, name))
3814 return (SET_ERROR(ENAMETOOLONG));
3815
3816 if ((error = zfs_enter_verify_zp(zfsvfs, tdzp, FTAG)) != 0)
3817 return (error);
3818 zilog = zfsvfs->z_log;
3819
3820 /*
3821 * POSIX dictates that we return EPERM here.
3822 * Better choices include ENOTSUP or EISDIR.
3823 */
3824 if (ZTOV(szp)->v_type == VDIR) {
3825 zfs_exit(zfsvfs, FTAG);
3826 return (SET_ERROR(EPERM));
3827 }
3828
3829 if ((error = zfs_verify_zp(szp)) != 0) {
3830 zfs_exit(zfsvfs, FTAG);
3831 return (error);
3832 }
3833
3834 /*
3835 * If we are using project inheritance, means if the directory has
3836 * ZFS_PROJINHERIT set, then its descendant directories will inherit
3837 * not only the project ID, but also the ZFS_PROJINHERIT flag. Under
3838 * such case, we only allow hard link creation in our tree when the
3839 * project IDs are the same.
3840 */
3841 if (tdzp->z_pflags & ZFS_PROJINHERIT &&
3842 tdzp->z_projid != szp->z_projid) {
3843 zfs_exit(zfsvfs, FTAG);
3844 return (SET_ERROR(EXDEV));
3845 }
3846
3847 if (szp->z_pflags & (ZFS_APPENDONLY |
3848 ZFS_IMMUTABLE | ZFS_READONLY)) {
3849 zfs_exit(zfsvfs, FTAG);
3850 return (SET_ERROR(EPERM));
3851 }
3852
3853 /* Prevent links to .zfs/shares files */
3854
3855 if ((error = sa_lookup(szp->z_sa_hdl, SA_ZPL_PARENT(zfsvfs),
3856 &parent, sizeof (uint64_t))) != 0) {
3857 zfs_exit(zfsvfs, FTAG);
3858 return (error);
3859 }
3860 if (parent == zfsvfs->z_shares_dir) {
3861 zfs_exit(zfsvfs, FTAG);
3862 return (SET_ERROR(EPERM));
3863 }
3864
3865 if (zfsvfs->z_utf8 && u8_validate(name,
3866 strlen(name), NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
3867 zfs_exit(zfsvfs, FTAG);
3868 return (SET_ERROR(EILSEQ));
3869 }
3870
3871 /*
3872 * We do not support links between attributes and non-attributes
3873 * because of the potential security risk of creating links
3874 * into "normal" file space in order to circumvent restrictions
3875 * imposed in attribute space.
3876 */
3877 if ((szp->z_pflags & ZFS_XATTR) != (tdzp->z_pflags & ZFS_XATTR)) {
3878 zfs_exit(zfsvfs, FTAG);
3879 return (SET_ERROR(EINVAL));
3880 }
3881
3882
3883 owner = zfs_fuid_map_id(zfsvfs, szp->z_uid, cr, ZFS_OWNER);
3884 if (owner != crgetuid(cr) && secpolicy_basic_link(ZTOV(szp), cr) != 0) {
3885 zfs_exit(zfsvfs, FTAG);
3886 return (SET_ERROR(EPERM));
3887 }
3888
3889 if ((error = zfs_zaccess(tdzp, ACE_ADD_FILE, 0, B_FALSE, cr, NULL))) {
3890 zfs_exit(zfsvfs, FTAG);
3891 return (error);
3892 }
3893
3894 /*
3895 * Attempt to lock directory; fail if entry already exists.
3896 */
3897 error = zfs_dirent_lookup(tdzp, name, &tzp, ZNEW);
3898 if (error) {
3899 zfs_exit(zfsvfs, FTAG);
3900 return (error);
3901 }
3902
3903 tx = dmu_tx_create(zfsvfs->z_os);
3904 dmu_tx_hold_sa(tx, szp->z_sa_hdl, B_FALSE);
3905 dmu_tx_hold_zap(tx, tdzp->z_id, TRUE, name);
3906 zfs_sa_upgrade_txholds(tx, szp);
3907 zfs_sa_upgrade_txholds(tx, tdzp);
3908 error = dmu_tx_assign(tx, DMU_TX_WAIT);
3909 if (error) {
3910 dmu_tx_abort(tx);
3911 zfs_exit(zfsvfs, FTAG);
3912 return (error);
3913 }
3914
3915 error = zfs_link_create(tdzp, name, szp, tx, 0);
3916
3917 if (error == 0) {
3918 uint64_t txtype = TX_LINK;
3919 zfs_log_link(zilog, tx, txtype, tdzp, szp, name);
3920 }
3921
3922 dmu_tx_commit(tx);
3923
3924 if (error == 0) {
3925 vnevent_link(ZTOV(szp), ct);
3926 }
3927
3928 if (error == 0 && zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
3929 error = zil_commit(zilog, 0);
3930
3931 zfs_exit(zfsvfs, FTAG);
3932 return (error);
3933 }
3934
3935 /*
3936 * Free or allocate space in a file. Currently, this function only
3937 * supports the `F_FREESP' command. However, this command is somewhat
3938 * misnamed, as its functionality includes the ability to allocate as
3939 * well as free space.
3940 *
3941 * IN: ip - inode of file to free data in.
3942 * cmd - action to take (only F_FREESP supported).
3943 * bfp - section of file to free/alloc.
3944 * flag - current file open mode flags.
3945 * offset - current file offset.
3946 * cr - credentials of caller.
3947 *
3948 * RETURN: 0 on success, error code on failure.
3949 *
3950 * Timestamps:
3951 * ip - ctime|mtime updated
3952 */
3953 int
zfs_space(znode_t * zp,int cmd,flock64_t * bfp,int flag,offset_t offset,cred_t * cr)3954 zfs_space(znode_t *zp, int cmd, flock64_t *bfp, int flag,
3955 offset_t offset, cred_t *cr)
3956 {
3957 (void) offset;
3958 zfsvfs_t *zfsvfs = ZTOZSB(zp);
3959 uint64_t off, len;
3960 int error;
3961
3962 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
3963 return (error);
3964
3965 if (cmd != F_FREESP) {
3966 zfs_exit(zfsvfs, FTAG);
3967 return (SET_ERROR(EINVAL));
3968 }
3969
3970 /*
3971 * Callers might not be able to detect properly that we are read-only,
3972 * so check it explicitly here.
3973 */
3974 if (zfs_is_readonly(zfsvfs)) {
3975 zfs_exit(zfsvfs, FTAG);
3976 return (SET_ERROR(EROFS));
3977 }
3978
3979 if (bfp->l_len < 0) {
3980 zfs_exit(zfsvfs, FTAG);
3981 return (SET_ERROR(EINVAL));
3982 }
3983
3984 /*
3985 * Permissions aren't checked on Solaris because on this OS
3986 * zfs_space() can only be called with an opened file handle.
3987 * On Linux we can get here through truncate_range() which
3988 * operates directly on inodes, so we need to check access rights.
3989 */
3990 if ((error = zfs_zaccess(zp, ACE_WRITE_DATA, 0, B_FALSE, cr, NULL))) {
3991 zfs_exit(zfsvfs, FTAG);
3992 return (error);
3993 }
3994
3995 off = bfp->l_start;
3996 len = bfp->l_len; /* 0 means from off to end of file */
3997
3998 error = zfs_freesp(zp, off, len, flag, TRUE);
3999
4000 zfs_exit(zfsvfs, FTAG);
4001 return (error);
4002 }
4003
4004 static void
zfs_inactive(vnode_t * vp,cred_t * cr,caller_context_t * ct)4005 zfs_inactive(vnode_t *vp, cred_t *cr, caller_context_t *ct)
4006 {
4007 (void) cr, (void) ct;
4008 znode_t *zp = VTOZ(vp);
4009 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
4010 int error;
4011
4012 ZFS_TEARDOWN_INACTIVE_ENTER_READ(zfsvfs);
4013 if (zp->z_sa_hdl == NULL) {
4014 /*
4015 * The fs has been unmounted, or we did a
4016 * suspend/resume and this file no longer exists.
4017 */
4018 ZFS_TEARDOWN_INACTIVE_EXIT_READ(zfsvfs);
4019 vrecycle(vp);
4020 return;
4021 }
4022
4023 if (zp->z_unlinked) {
4024 /*
4025 * Fast path to recycle a vnode of a removed file.
4026 */
4027 ZFS_TEARDOWN_INACTIVE_EXIT_READ(zfsvfs);
4028 vrecycle(vp);
4029 return;
4030 }
4031
4032 if (zp->z_atime_dirty && zp->z_unlinked == 0) {
4033 dmu_tx_t *tx = dmu_tx_create(zfsvfs->z_os);
4034
4035 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
4036 zfs_sa_upgrade_txholds(tx, zp);
4037 error = dmu_tx_assign(tx, DMU_TX_WAIT);
4038 if (error) {
4039 dmu_tx_abort(tx);
4040 } else {
4041 (void) sa_update(zp->z_sa_hdl, SA_ZPL_ATIME(zfsvfs),
4042 (void *)&zp->z_atime, sizeof (zp->z_atime), tx);
4043 zp->z_atime_dirty = 0;
4044 dmu_tx_commit(tx);
4045 }
4046 }
4047 ZFS_TEARDOWN_INACTIVE_EXIT_READ(zfsvfs);
4048 }
4049
4050
4051 _Static_assert(sizeof (struct zfid_short) <= sizeof (struct fid),
4052 "struct zfid_short bigger than struct fid");
4053 _Static_assert(sizeof (struct zfid_long) <= sizeof (struct fid),
4054 "struct zfid_long bigger than struct fid");
4055
4056 static int
zfs_fid(vnode_t * vp,fid_t * fidp,caller_context_t * ct)4057 zfs_fid(vnode_t *vp, fid_t *fidp, caller_context_t *ct)
4058 {
4059 (void) ct;
4060 znode_t *zp = VTOZ(vp);
4061 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
4062 uint32_t gen;
4063 uint64_t gen64;
4064 uint64_t object = zp->z_id;
4065 zfid_short_t *zfid;
4066 int size, i, error;
4067
4068 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
4069 return (error);
4070
4071 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_GEN(zfsvfs),
4072 &gen64, sizeof (uint64_t))) != 0) {
4073 zfs_exit(zfsvfs, FTAG);
4074 return (error);
4075 }
4076
4077 gen = (uint32_t)gen64;
4078
4079 size = (zfsvfs->z_parent != zfsvfs) ? LONG_FID_LEN : SHORT_FID_LEN;
4080 fidp->fid_len = size;
4081
4082 zfid = (zfid_short_t *)fidp;
4083
4084 zfid->zf_len = size;
4085
4086 for (i = 0; i < sizeof (zfid->zf_object); i++)
4087 zfid->zf_object[i] = (uint8_t)(object >> (8 * i));
4088
4089 /* Must have a non-zero generation number to distinguish from .zfs */
4090 if (gen == 0)
4091 gen = 1;
4092 for (i = 0; i < sizeof (zfid->zf_gen); i++)
4093 zfid->zf_gen[i] = (uint8_t)(gen >> (8 * i));
4094
4095 if (size == LONG_FID_LEN) {
4096 uint64_t objsetid = dmu_objset_id(zfsvfs->z_os);
4097 zfid_long_t *zlfid;
4098
4099 zlfid = (zfid_long_t *)fidp;
4100
4101 for (i = 0; i < sizeof (zlfid->zf_setid); i++)
4102 zlfid->zf_setid[i] = (uint8_t)(objsetid >> (8 * i));
4103
4104 /* XXX - this should be the generation number for the objset */
4105 for (i = 0; i < sizeof (zlfid->zf_setgen); i++)
4106 zlfid->zf_setgen[i] = 0;
4107 }
4108
4109 zfs_exit(zfsvfs, FTAG);
4110 return (0);
4111 }
4112
4113 static int
zfs_pathconf(vnode_t * vp,int cmd,ulong_t * valp,cred_t * cr,caller_context_t * ct)4114 zfs_pathconf(vnode_t *vp, int cmd, ulong_t *valp, cred_t *cr,
4115 caller_context_t *ct)
4116 {
4117 znode_t *zp;
4118 zfsvfs_t *zfsvfs;
4119 uint_t blksize, iosize;
4120 int error;
4121
4122 switch (cmd) {
4123 case _PC_LINK_MAX:
4124 *valp = MIN(LONG_MAX, ZFS_LINK_MAX);
4125 return (0);
4126
4127 case _PC_FILESIZEBITS:
4128 *valp = 64;
4129 return (0);
4130 case _PC_MIN_HOLE_SIZE:
4131 iosize = vp->v_mount->mnt_stat.f_iosize;
4132 if (vp->v_type == VREG) {
4133 zp = VTOZ(vp);
4134 blksize = zp->z_blksz;
4135 if (zp->z_size <= blksize)
4136 blksize = MAX(blksize, iosize);
4137 *valp = (int)blksize;
4138 return (0);
4139 }
4140 if (vp->v_type == VDIR) {
4141 *valp = (int)iosize;
4142 return (0);
4143 }
4144 return (EINVAL);
4145 case _PC_ACL_EXTENDED:
4146 #if 0 /* POSIX ACLs are not implemented for ZFS on FreeBSD yet. */
4147 zp = VTOZ(vp);
4148 zfsvfs = zp->z_zfsvfs;
4149 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
4150 return (error);
4151 *valp = zfsvfs->z_acl_type == ZFSACLTYPE_POSIX ? 1 : 0;
4152 zfs_exit(zfsvfs, FTAG);
4153 #else
4154 *valp = 0;
4155 #endif
4156 return (0);
4157
4158 case _PC_ACL_NFS4:
4159 zp = VTOZ(vp);
4160 zfsvfs = zp->z_zfsvfs;
4161 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
4162 return (error);
4163 *valp = zfsvfs->z_acl_type == ZFS_ACLTYPE_NFSV4 ? 1 : 0;
4164 zfs_exit(zfsvfs, FTAG);
4165 return (0);
4166
4167 case _PC_ACL_PATH_MAX:
4168 *valp = ACL_MAX_ENTRIES;
4169 return (0);
4170
4171 default:
4172 return (EOPNOTSUPP);
4173 }
4174 }
4175
4176 static int
zfs_getpages(struct vnode * vp,vm_page_t * ma,int count,int * rbehind,int * rahead)4177 zfs_getpages(struct vnode *vp, vm_page_t *ma, int count, int *rbehind,
4178 int *rahead)
4179 {
4180 znode_t *zp = VTOZ(vp);
4181 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
4182 zfs_locked_range_t *lr;
4183 vm_object_t object;
4184 off_t start, end, obj_size;
4185 uint_t blksz;
4186 int pgsin_b, pgsin_a;
4187 int error;
4188
4189 if (zfs_enter_verify_zp(zfsvfs, zp, FTAG) != 0)
4190 return (zfs_vm_pagerret_error);
4191
4192 object = ma[0]->object;
4193 start = IDX_TO_OFF(ma[0]->pindex);
4194 end = IDX_TO_OFF(ma[count - 1]->pindex + 1);
4195
4196 /*
4197 * Lock a range covering all required and optional pages.
4198 * Note that we need to handle the case of the block size growing.
4199 */
4200 for (;;) {
4201 uint64_t len;
4202
4203 blksz = zp->z_blksz;
4204 len = roundup(end, blksz) - rounddown(start, blksz);
4205
4206 lr = zfs_rangelock_tryenter(&zp->z_rangelock,
4207 rounddown(start, blksz), len, RL_READER);
4208 if (lr == NULL) {
4209 /*
4210 * Avoid a deadlock with update_pages(). We need to
4211 * hold the range lock when copying from the DMU, so
4212 * give up the busy lock to allow update_pages() to
4213 * proceed. We might need to allocate new pages, which
4214 * isn't quite right since this allocation isn't subject
4215 * to the page fault handler's OOM logic, but this is
4216 * the best we can do for now.
4217 */
4218 for (int i = 0; i < count; i++)
4219 vm_page_xunbusy(ma[i]);
4220
4221 lr = zfs_rangelock_enter(&zp->z_rangelock,
4222 rounddown(start, blksz), len, RL_READER);
4223
4224 zfs_vmobject_wlock(object);
4225 (void) vm_page_grab_pages(object, OFF_TO_IDX(start),
4226 VM_ALLOC_NORMAL | VM_ALLOC_WAITOK,
4227 ma, count);
4228 if (!vm_page_all_valid(ma[count - 1])) {
4229 /*
4230 * Later in this function, we copy DMU data to
4231 * invalid pages only. The last page may not be
4232 * entirely filled though, if the file does not
4233 * end on a page boundary. Therefore, we zero
4234 * that last page here to make sure it does not
4235 * contain garbage after the end of file.
4236 */
4237 ASSERT(vm_page_none_valid(ma[count - 1]));
4238 vm_page_zero_invalid(ma[count - 1], FALSE);
4239 }
4240 zfs_vmobject_wunlock(object);
4241 }
4242 if (blksz == zp->z_blksz)
4243 break;
4244 zfs_rangelock_exit(lr);
4245 }
4246
4247 zfs_vmobject_wlock(object);
4248 obj_size = object->un_pager.vnp.vnp_size;
4249 zfs_vmobject_wunlock(object);
4250 if (IDX_TO_OFF(ma[count - 1]->pindex) >= obj_size) {
4251 zfs_rangelock_exit(lr);
4252 zfs_exit(zfsvfs, FTAG);
4253 return (zfs_vm_pagerret_bad);
4254 }
4255
4256 pgsin_b = 0;
4257 if (rbehind != NULL) {
4258 pgsin_b = OFF_TO_IDX(start - rounddown(start, blksz));
4259 pgsin_b = MIN(*rbehind, pgsin_b);
4260 }
4261
4262 pgsin_a = 0;
4263 if (rahead != NULL) {
4264 pgsin_a = OFF_TO_IDX(roundup(end, blksz) - end);
4265 if (end + IDX_TO_OFF(pgsin_a) >= obj_size)
4266 pgsin_a = OFF_TO_IDX(round_page(obj_size) - end);
4267 pgsin_a = MIN(*rahead, pgsin_a);
4268 }
4269
4270 /*
4271 * NB: we need to pass the exact byte size of the data that we expect
4272 * to read after accounting for the file size. This is required because
4273 * ZFS will panic if we request DMU to read beyond the end of the last
4274 * allocated block.
4275 */
4276 for (int i = 0; i < count; i++) {
4277 int dummypgsin, count1, j, last_size;
4278
4279 if (vm_page_any_valid(ma[i])) {
4280 ASSERT(vm_page_all_valid(ma[i]));
4281 continue;
4282 }
4283 for (j = i + 1; j < count; j++) {
4284 if (vm_page_any_valid(ma[j])) {
4285 ASSERT(vm_page_all_valid(ma[j]));
4286 break;
4287 }
4288 }
4289 count1 = j - i;
4290 dummypgsin = 0;
4291 last_size = j == count ?
4292 MIN(end, obj_size) - (end - PAGE_SIZE) : PAGE_SIZE;
4293 error = dmu_read_pages(zfsvfs->z_os, zp->z_id, &ma[i], count1,
4294 i == 0 ? &pgsin_b : &dummypgsin,
4295 j == count ? &pgsin_a : &dummypgsin,
4296 last_size);
4297 if (error != 0)
4298 break;
4299 i += count1 - 1;
4300 }
4301
4302 zfs_rangelock_exit(lr);
4303 ZFS_ACCESSTIME_STAMP(zfsvfs, zp);
4304
4305 dataset_kstats_update_read_kstats(&zfsvfs->z_kstat, count*PAGE_SIZE);
4306
4307 zfs_exit(zfsvfs, FTAG);
4308
4309 if (error != 0)
4310 return (zfs_vm_pagerret_error);
4311
4312 VM_CNT_INC(v_vnodein);
4313 VM_CNT_ADD(v_vnodepgsin, count + pgsin_b + pgsin_a);
4314 if (rbehind != NULL)
4315 *rbehind = pgsin_b;
4316 if (rahead != NULL)
4317 *rahead = pgsin_a;
4318 return (zfs_vm_pagerret_ok);
4319 }
4320
4321 #ifndef _SYS_SYSPROTO_H_
4322 struct vop_getpages_args {
4323 struct vnode *a_vp;
4324 vm_page_t *a_m;
4325 int a_count;
4326 int *a_rbehind;
4327 int *a_rahead;
4328 };
4329 #endif
4330
4331 static int
zfs_freebsd_getpages(struct vop_getpages_args * ap)4332 zfs_freebsd_getpages(struct vop_getpages_args *ap)
4333 {
4334
4335 return (zfs_getpages(ap->a_vp, ap->a_m, ap->a_count, ap->a_rbehind,
4336 ap->a_rahead));
4337 }
4338
4339 typedef struct {
4340 uint_t pca_npages;
4341 vm_page_t pca_pages[];
4342 } putpage_commit_arg_t;
4343
4344 static void
zfs_putpage_commit_cb(void * arg,int err)4345 zfs_putpage_commit_cb(void *arg, int err)
4346 {
4347 putpage_commit_arg_t *pca = arg;
4348 vm_object_t object = pca->pca_pages[0]->object;
4349
4350 zfs_vmobject_wlock(object);
4351
4352 for (uint_t i = 0; i < pca->pca_npages; i++) {
4353 vm_page_t pp = pca->pca_pages[i];
4354
4355 if (err == 0) {
4356 /*
4357 * Writeback succeeded, so undirty the page. If it
4358 * fails, we leave it in the same state it was. That's
4359 * most likely dirty, so it will get tried again some
4360 * other time.
4361 */
4362 vm_page_undirty(pp);
4363 }
4364
4365 vm_page_sunbusy(pp);
4366 }
4367
4368 vm_object_pip_wakeupn(object, pca->pca_npages);
4369
4370 zfs_vmobject_wunlock(object);
4371
4372 kmem_free(pca,
4373 offsetof(putpage_commit_arg_t, pca_pages[pca->pca_npages]));
4374 }
4375
4376 static int
zfs_putpages(struct vnode * vp,vm_page_t * ma,size_t len,int flags,int * rtvals)4377 zfs_putpages(struct vnode *vp, vm_page_t *ma, size_t len, int flags,
4378 int *rtvals)
4379 {
4380 znode_t *zp = VTOZ(vp);
4381 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
4382 zfs_locked_range_t *lr;
4383 dmu_tx_t *tx;
4384 struct sf_buf *sf;
4385 vm_object_t object;
4386 vm_page_t m;
4387 caddr_t va;
4388 size_t tocopy;
4389 size_t lo_len;
4390 vm_ooffset_t lo_off;
4391 vm_ooffset_t off;
4392 uint_t blksz;
4393 int ncount;
4394 int pcount;
4395 int err;
4396 int i;
4397
4398 object = vp->v_object;
4399 KASSERT(ma[0]->object == object, ("mismatching object"));
4400 KASSERT(len > 0 && (len & PAGE_MASK) == 0, ("unexpected length"));
4401
4402 pcount = btoc(len);
4403 ncount = pcount;
4404 for (i = 0; i < pcount; i++)
4405 rtvals[i] = zfs_vm_pagerret_error;
4406
4407 if (zfs_enter_verify_zp(zfsvfs, zp, FTAG) != 0)
4408 return (zfs_vm_pagerret_error);
4409
4410 off = IDX_TO_OFF(ma[0]->pindex);
4411 blksz = zp->z_blksz;
4412 lo_off = rounddown(off, blksz);
4413 lo_len = roundup(len + (off - lo_off), blksz);
4414 lr = zfs_rangelock_enter(&zp->z_rangelock, lo_off, lo_len, RL_WRITER);
4415
4416 zfs_vmobject_wlock(object);
4417 if (len + off > object->un_pager.vnp.vnp_size) {
4418 if (object->un_pager.vnp.vnp_size > off) {
4419 int pgoff;
4420
4421 len = object->un_pager.vnp.vnp_size - off;
4422 ncount = btoc(len);
4423 if ((pgoff = (int)len & PAGE_MASK) != 0) {
4424 /*
4425 * If the object is locked and the following
4426 * conditions hold, then the page's dirty
4427 * field cannot be concurrently changed by a
4428 * pmap operation.
4429 */
4430 m = ma[ncount - 1];
4431 vm_page_assert_sbusied(m);
4432 KASSERT(!pmap_page_is_write_mapped(m),
4433 ("zfs_putpages: page %p is not read-only",
4434 m));
4435 vm_page_clear_dirty(m, pgoff, PAGE_SIZE -
4436 pgoff);
4437 }
4438 } else {
4439 len = 0;
4440 ncount = 0;
4441 }
4442 if (ncount < pcount) {
4443 for (i = ncount; i < pcount; i++) {
4444 rtvals[i] = zfs_vm_pagerret_bad;
4445 }
4446 }
4447 }
4448 zfs_vmobject_wunlock(object);
4449
4450 boolean_t commit = (flags & (zfs_vm_pagerput_sync |
4451 zfs_vm_pagerput_inval)) != 0 ||
4452 zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS;
4453
4454 if (ncount == 0)
4455 goto out;
4456
4457 if (zfs_id_overblockquota(zfsvfs, DMU_USERUSED_OBJECT, zp->z_uid) ||
4458 zfs_id_overblockquota(zfsvfs, DMU_GROUPUSED_OBJECT, zp->z_gid) ||
4459 (zp->z_projid != ZFS_DEFAULT_PROJID &&
4460 zfs_id_overblockquota(zfsvfs, DMU_PROJECTUSED_OBJECT,
4461 zp->z_projid))) {
4462 goto out;
4463 }
4464
4465 tx = dmu_tx_create(zfsvfs->z_os);
4466 dmu_tx_hold_write(tx, zp->z_id, off, len);
4467
4468 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
4469 zfs_sa_upgrade_txholds(tx, zp);
4470 err = dmu_tx_assign(tx, DMU_TX_WAIT);
4471 if (err != 0) {
4472 dmu_tx_abort(tx);
4473 goto out;
4474 }
4475
4476 if (zp->z_blksz < PAGE_SIZE) {
4477 vm_ooffset_t woff = off;
4478 size_t wlen = len;
4479 for (i = 0; wlen > 0; woff += tocopy, wlen -= tocopy, i++) {
4480 tocopy = MIN(PAGE_SIZE, wlen);
4481 va = zfs_map_page(ma[i], &sf);
4482 dmu_write(zfsvfs->z_os, zp->z_id, woff, tocopy, va, tx,
4483 DMU_READ_PREFETCH);
4484 zfs_unmap_page(sf);
4485 }
4486 } else {
4487 err = dmu_write_pages(zfsvfs->z_os, zp->z_id, off, len, ma, tx);
4488 }
4489
4490 if (err == 0) {
4491 uint64_t mtime[2], ctime[2];
4492 sa_bulk_attr_t bulk[3];
4493 int count = 0;
4494
4495 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL,
4496 &mtime, 16);
4497 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL,
4498 &ctime, 16);
4499 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), NULL,
4500 &zp->z_pflags, 8);
4501 zfs_tstamp_update_setup(zp, CONTENT_MODIFIED, mtime, ctime);
4502 err = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
4503 ASSERT0(err);
4504
4505 if (commit) {
4506 /*
4507 * Caller requested that we commit immediately. We set
4508 * a callback on the log entry, to be called once its
4509 * on disk after the call to zil_commit() below. The
4510 * pages will be undirtied and unbusied there.
4511 */
4512 putpage_commit_arg_t *pca = kmem_alloc(
4513 offsetof(putpage_commit_arg_t, pca_pages[ncount]),
4514 KM_SLEEP);
4515 pca->pca_npages = ncount;
4516 memcpy(pca->pca_pages, ma, sizeof (vm_page_t) * ncount);
4517
4518 zfs_log_write(zfsvfs->z_log, tx, TX_WRITE, zp, off, len,
4519 B_TRUE, B_FALSE, zfs_putpage_commit_cb, pca);
4520
4521 for (i = 0; i < ncount; i++)
4522 rtvals[i] = zfs_vm_pagerret_pend;
4523 } else {
4524 /*
4525 * Caller just wants the page written back somewhere,
4526 * but doesn't need it committed yet. We've already
4527 * written it back to the DMU, so we just need to put
4528 * it on the async log, then undirty the page and
4529 * return.
4530 *
4531 * We cannot use a callback here, because it would keep
4532 * the page busy (locked) until it is eventually
4533 * written down at txg sync.
4534 */
4535 zfs_log_write(zfsvfs->z_log, tx, TX_WRITE, zp, off, len,
4536 B_FALSE, B_FALSE, NULL, NULL);
4537
4538 zfs_vmobject_wlock(object);
4539 for (i = 0; i < ncount; i++) {
4540 rtvals[i] = zfs_vm_pagerret_ok;
4541 vm_page_undirty(ma[i]);
4542 }
4543 zfs_vmobject_wunlock(object);
4544 }
4545
4546 VM_CNT_INC(v_vnodeout);
4547 VM_CNT_ADD(v_vnodepgsout, ncount);
4548 }
4549 dmu_tx_commit(tx);
4550
4551 out:
4552 zfs_rangelock_exit(lr);
4553 if (commit) {
4554 err = zil_commit(zfsvfs->z_log, zp->z_id);
4555 if (err != 0) {
4556 zfs_exit(zfsvfs, FTAG);
4557 return (err);
4558 }
4559 }
4560
4561 dataset_kstats_update_write_kstats(&zfsvfs->z_kstat, len);
4562
4563 zfs_exit(zfsvfs, FTAG);
4564 return (rtvals[0]);
4565 }
4566
4567 #ifndef _SYS_SYSPROTO_H_
4568 struct vop_putpages_args {
4569 struct vnode *a_vp;
4570 vm_page_t *a_m;
4571 int a_count;
4572 int a_sync;
4573 int *a_rtvals;
4574 };
4575 #endif
4576
4577 static int
zfs_freebsd_putpages(struct vop_putpages_args * ap)4578 zfs_freebsd_putpages(struct vop_putpages_args *ap)
4579 {
4580
4581 return (zfs_putpages(ap->a_vp, ap->a_m, ap->a_count, ap->a_sync,
4582 ap->a_rtvals));
4583 }
4584
4585 #ifndef _SYS_SYSPROTO_H_
4586 struct vop_bmap_args {
4587 struct vnode *a_vp;
4588 daddr_t a_bn;
4589 struct bufobj **a_bop;
4590 daddr_t *a_bnp;
4591 int *a_runp;
4592 int *a_runb;
4593 };
4594 #endif
4595
4596 static int
zfs_freebsd_bmap(struct vop_bmap_args * ap)4597 zfs_freebsd_bmap(struct vop_bmap_args *ap)
4598 {
4599
4600 if (ap->a_bop != NULL)
4601 *ap->a_bop = &ap->a_vp->v_bufobj;
4602 if (ap->a_bnp != NULL)
4603 *ap->a_bnp = ap->a_bn;
4604 if (ap->a_runp != NULL)
4605 *ap->a_runp = 0;
4606 if (ap->a_runb != NULL)
4607 *ap->a_runb = 0;
4608
4609 return (0);
4610 }
4611
4612 #ifndef _SYS_SYSPROTO_H_
4613 struct vop_open_args {
4614 struct vnode *a_vp;
4615 int a_mode;
4616 struct ucred *a_cred;
4617 struct thread *a_td;
4618 };
4619 #endif
4620
4621 static int
zfs_freebsd_open(struct vop_open_args * ap)4622 zfs_freebsd_open(struct vop_open_args *ap)
4623 {
4624 vnode_t *vp = ap->a_vp;
4625 znode_t *zp = VTOZ(vp);
4626 int error;
4627
4628 error = zfs_open(&vp, ap->a_mode, ap->a_cred);
4629 if (error == 0)
4630 vnode_create_vobject(vp, zp->z_size, ap->a_td);
4631 return (error);
4632 }
4633
4634 #ifndef _SYS_SYSPROTO_H_
4635 struct vop_close_args {
4636 struct vnode *a_vp;
4637 int a_fflag;
4638 struct ucred *a_cred;
4639 struct thread *a_td;
4640 };
4641 #endif
4642
4643 static int
zfs_freebsd_close(struct vop_close_args * ap)4644 zfs_freebsd_close(struct vop_close_args *ap)
4645 {
4646
4647 return (zfs_close(ap->a_vp, ap->a_fflag, 1, 0, ap->a_cred));
4648 }
4649
4650 #ifndef _SYS_SYSPROTO_H_
4651 struct vop_ioctl_args {
4652 struct vnode *a_vp;
4653 ulong_t a_command;
4654 caddr_t a_data;
4655 int a_fflag;
4656 struct ucred *cred;
4657 struct thread *td;
4658 };
4659 #endif
4660
4661 static int
zfs_freebsd_ioctl(struct vop_ioctl_args * ap)4662 zfs_freebsd_ioctl(struct vop_ioctl_args *ap)
4663 {
4664
4665 return (zfs_ioctl(ap->a_vp, ap->a_command, (intptr_t)ap->a_data,
4666 ap->a_fflag, ap->a_cred, NULL));
4667 }
4668
4669 static int
ioflags(int ioflags)4670 ioflags(int ioflags)
4671 {
4672 int flags = 0;
4673
4674 if (ioflags & IO_APPEND)
4675 flags |= O_APPEND;
4676 if (ioflags & IO_NDELAY)
4677 flags |= O_NONBLOCK;
4678 if (ioflags & IO_DIRECT)
4679 flags |= O_DIRECT;
4680 if (ioflags & IO_SYNC)
4681 flags |= O_SYNC;
4682
4683 return (flags);
4684 }
4685
4686 #ifndef _SYS_SYSPROTO_H_
4687 struct vop_read_args {
4688 struct vnode *a_vp;
4689 struct uio *a_uio;
4690 int a_ioflag;
4691 struct ucred *a_cred;
4692 };
4693 #endif
4694
4695 static int
zfs_freebsd_read(struct vop_read_args * ap)4696 zfs_freebsd_read(struct vop_read_args *ap)
4697 {
4698 zfs_uio_t uio;
4699 int error = 0;
4700 zfs_uio_init(&uio, ap->a_uio);
4701 error = zfs_read(VTOZ(ap->a_vp), &uio, ioflags(ap->a_ioflag),
4702 ap->a_cred);
4703 /*
4704 * XXX We occasionally get an EFAULT for Direct I/O reads on
4705 * FreeBSD 13. This still needs to be resolved. The EFAULT comes
4706 * from:
4707 * zfs_uio_get__dio_pages_alloc() ->
4708 * zfs_uio_get_dio_pages_impl() ->
4709 * zfs_uio_iov_step() ->
4710 * zfs_uio_get_user_pages().
4711 * We return EFAULT from zfs_uio_iov_step(). When a Direct I/O
4712 * read fails to map in the user pages (returning EFAULT) the
4713 * Direct I/O request is broken up into two separate IO requests
4714 * and issued separately using Direct I/O.
4715 */
4716 #ifdef ZFS_DEBUG
4717 if (error == EFAULT && uio.uio_extflg & UIO_DIRECT) {
4718 #if 0
4719 printf("%s(%d): Direct I/O read returning EFAULT "
4720 "uio = %p, zfs_uio_offset(uio) = %lu "
4721 "zfs_uio_resid(uio) = %lu\n",
4722 __FUNCTION__, __LINE__, &uio, zfs_uio_offset(&uio),
4723 zfs_uio_resid(&uio));
4724 #endif
4725 }
4726
4727 #endif
4728 return (error);
4729 }
4730
4731 #ifndef _SYS_SYSPROTO_H_
4732 struct vop_write_args {
4733 struct vnode *a_vp;
4734 struct uio *a_uio;
4735 int a_ioflag;
4736 struct ucred *a_cred;
4737 };
4738 #endif
4739
4740 static int
zfs_freebsd_write(struct vop_write_args * ap)4741 zfs_freebsd_write(struct vop_write_args *ap)
4742 {
4743 zfs_uio_t uio;
4744 zfs_uio_init(&uio, ap->a_uio);
4745 return (zfs_write(VTOZ(ap->a_vp), &uio, ioflags(ap->a_ioflag),
4746 ap->a_cred));
4747 }
4748
4749 /*
4750 * VOP_FPLOOKUP_VEXEC routines are subject to special circumstances, see
4751 * the comment above cache_fplookup for details.
4752 */
4753 static int
zfs_freebsd_fplookup_vexec(struct vop_fplookup_vexec_args * v)4754 zfs_freebsd_fplookup_vexec(struct vop_fplookup_vexec_args *v)
4755 {
4756 vnode_t *vp;
4757 znode_t *zp;
4758 uint64_t pflags;
4759
4760 vp = v->a_vp;
4761 zp = VTOZ_SMR(vp);
4762 if (__predict_false(zp == NULL))
4763 return (EAGAIN);
4764 pflags = atomic_load_64(&zp->z_pflags);
4765 if (pflags & ZFS_AV_QUARANTINED)
4766 return (EAGAIN);
4767 if (pflags & ZFS_XATTR)
4768 return (EAGAIN);
4769 if ((pflags & ZFS_NO_EXECS_DENIED) == 0)
4770 return (EAGAIN);
4771 return (0);
4772 }
4773
4774 static int
zfs_freebsd_fplookup_symlink(struct vop_fplookup_symlink_args * v)4775 zfs_freebsd_fplookup_symlink(struct vop_fplookup_symlink_args *v)
4776 {
4777 vnode_t *vp;
4778 znode_t *zp;
4779 char *target;
4780
4781 vp = v->a_vp;
4782 zp = VTOZ_SMR(vp);
4783 if (__predict_false(zp == NULL)) {
4784 return (EAGAIN);
4785 }
4786
4787 target = atomic_load_consume_ptr(&zp->z_cached_symlink);
4788 if (target == NULL) {
4789 return (EAGAIN);
4790 }
4791 return (cache_symlink_resolve(v->a_fpl, target, strlen(target)));
4792 }
4793
4794 #ifndef _SYS_SYSPROTO_H_
4795 struct vop_access_args {
4796 struct vnode *a_vp;
4797 accmode_t a_accmode;
4798 struct ucred *a_cred;
4799 struct thread *a_td;
4800 };
4801 #endif
4802
4803 static int
zfs_freebsd_access(struct vop_access_args * ap)4804 zfs_freebsd_access(struct vop_access_args *ap)
4805 {
4806 vnode_t *vp = ap->a_vp;
4807 znode_t *zp = VTOZ(vp);
4808 accmode_t accmode;
4809 int error = 0;
4810
4811
4812 if (ap->a_accmode == VEXEC) {
4813 if (zfs_fastaccesschk_execute(zp, ap->a_cred) == 0)
4814 return (0);
4815 }
4816
4817 /*
4818 * ZFS itself only knowns about VREAD, VWRITE, VEXEC and VAPPEND,
4819 */
4820 accmode = ap->a_accmode & (VREAD|VWRITE|VEXEC|VAPPEND);
4821 if (accmode != 0) {
4822 #if __FreeBSD_version >= 1500040
4823 /* For named attributes, do the checks. */
4824 if ((vn_irflag_read(vp) & VIRF_NAMEDATTR) != 0)
4825 error = zfs_access(zp, accmode, V_NAMEDATTR,
4826 ap->a_cred);
4827 else
4828 #endif
4829 error = zfs_access(zp, accmode, 0, ap->a_cred);
4830 }
4831
4832 /*
4833 * VADMIN has to be handled by vaccess().
4834 */
4835 if (error == 0) {
4836 accmode = ap->a_accmode & ~(VREAD|VWRITE|VEXEC|VAPPEND);
4837 if (accmode != 0) {
4838 error = vaccess(vp->v_type, zp->z_mode, zp->z_uid,
4839 zp->z_gid, accmode, ap->a_cred);
4840 }
4841 }
4842
4843 /*
4844 * For VEXEC, ensure that at least one execute bit is set for
4845 * non-directories.
4846 */
4847 if (error == 0 && (ap->a_accmode & VEXEC) != 0 && vp->v_type != VDIR &&
4848 (zp->z_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) == 0) {
4849 error = EACCES;
4850 }
4851
4852 return (error);
4853 }
4854
4855 #ifndef _SYS_SYSPROTO_H_
4856 struct vop_lookup_args {
4857 struct vnode *a_dvp;
4858 struct vnode **a_vpp;
4859 struct componentname *a_cnp;
4860 };
4861 #endif
4862
4863 #if __FreeBSD_version >= 1500040
4864 static int
zfs_lookup_nameddir(struct vnode * dvp,struct componentname * cnp,struct vnode ** vpp)4865 zfs_lookup_nameddir(struct vnode *dvp, struct componentname *cnp,
4866 struct vnode **vpp)
4867 {
4868 struct vnode *xvp;
4869 int error, flags;
4870
4871 *vpp = NULL;
4872 flags = LOOKUP_XATTR | LOOKUP_NAMED_ATTR;
4873 if ((cnp->cn_flags & CREATENAMED) != 0)
4874 flags |= CREATE_XATTR_DIR;
4875 error = zfs_lookup(dvp, NULL, &xvp, NULL, 0, cnp->cn_cred, flags,
4876 B_FALSE);
4877 if (error == 0) {
4878 if ((cnp->cn_flags & LOCKLEAF) != 0)
4879 error = vn_lock(xvp, cnp->cn_lkflags);
4880 if (error == 0) {
4881 vn_irflag_set_cond(xvp, VIRF_NAMEDDIR);
4882 *vpp = xvp;
4883 } else {
4884 vrele(xvp);
4885 }
4886 }
4887 return (error);
4888 }
4889
4890 static ssize_t
zfs_readdir_named(struct vnode * vp,char * buf,ssize_t blen,off_t * offp,int * eofflagp,struct ucred * cred,struct thread * td)4891 zfs_readdir_named(struct vnode *vp, char *buf, ssize_t blen, off_t *offp,
4892 int *eofflagp, struct ucred *cred, struct thread *td)
4893 {
4894 struct uio io;
4895 struct iovec iv;
4896 zfs_uio_t uio;
4897 int error;
4898
4899 io.uio_offset = *offp;
4900 io.uio_segflg = UIO_SYSSPACE;
4901 io.uio_rw = UIO_READ;
4902 io.uio_td = td;
4903 iv.iov_base = buf;
4904 iv.iov_len = blen;
4905 io.uio_iov = &iv;
4906 io.uio_iovcnt = 1;
4907 io.uio_resid = blen;
4908 zfs_uio_init(&uio, &io);
4909 error = zfs_readdir(vp, &uio, cred, eofflagp, NULL, NULL);
4910 if (error != 0)
4911 return (-1);
4912 *offp = io.uio_offset;
4913 return (blen - io.uio_resid);
4914 }
4915
4916 static bool
zfs_has_namedattr(struct vnode * vp,struct ucred * cred)4917 zfs_has_namedattr(struct vnode *vp, struct ucred *cred)
4918 {
4919 struct componentname cn;
4920 struct vnode *xvp;
4921 struct dirent *dp;
4922 off_t offs;
4923 ssize_t rsize;
4924 char *buf, *cp, *endcp;
4925 int eofflag, error;
4926 bool ret;
4927
4928 MNT_ILOCK(vp->v_mount);
4929 if ((vp->v_mount->mnt_flag & MNT_NAMEDATTR) == 0) {
4930 MNT_IUNLOCK(vp->v_mount);
4931 return (false);
4932 }
4933 MNT_IUNLOCK(vp->v_mount);
4934
4935 /* Now see if a named attribute directory exists. */
4936 cn.cn_flags = LOCKLEAF;
4937 cn.cn_lkflags = LK_SHARED;
4938 cn.cn_cred = cred;
4939 error = zfs_lookup_nameddir(vp, &cn, &xvp);
4940 if (error != 0)
4941 return (false);
4942
4943 /* It exists, so see if there is any entry other than "." and "..". */
4944 buf = malloc(DEV_BSIZE, M_TEMP, M_WAITOK);
4945 ret = false;
4946 offs = 0;
4947 do {
4948 rsize = zfs_readdir_named(xvp, buf, DEV_BSIZE, &offs, &eofflag,
4949 cred, curthread);
4950 if (rsize <= 0)
4951 break;
4952 cp = buf;
4953 endcp = &buf[rsize];
4954 while (cp < endcp) {
4955 dp = (struct dirent *)cp;
4956 if (dp->d_fileno != 0 && (dp->d_type == DT_REG ||
4957 dp->d_type == DT_UNKNOWN) &&
4958 !ZFS_XA_NS_PREFIX_FORBIDDEN(dp->d_name) &&
4959 ((dp->d_namlen == 1 && dp->d_name[0] != '.') ||
4960 (dp->d_namlen == 2 && (dp->d_name[0] != '.' ||
4961 dp->d_name[1] != '.')) || dp->d_namlen > 2)) {
4962 ret = true;
4963 break;
4964 }
4965 cp += dp->d_reclen;
4966 }
4967 } while (!ret && rsize > 0 && eofflag == 0);
4968 vput(xvp);
4969 free(buf, M_TEMP);
4970 return (ret);
4971 }
4972
4973 static int
zfs_freebsd_lookup(struct vop_lookup_args * ap,boolean_t cached)4974 zfs_freebsd_lookup(struct vop_lookup_args *ap, boolean_t cached)
4975 {
4976 struct componentname *cnp = ap->a_cnp;
4977 char nm[NAME_MAX + 1];
4978 int error;
4979 struct vnode **vpp = ap->a_vpp, *dvp = ap->a_dvp, *xvp;
4980 bool is_nameddir, needs_nameddir, opennamed = false;
4981
4982 /*
4983 * These variables are used to handle the named attribute cases:
4984 * opennamed - Is true when this is a call from open with O_NAMEDATTR
4985 * specified and it is the last component.
4986 * is_nameddir - Is true when the directory is a named attribute dir.
4987 * needs_nameddir - Is set when the lookup needs to look for/create
4988 * a named attribute directory. It is only set when is_nameddir
4989 * is_nameddir is false and opennamed is true.
4990 * xvp - Is the directory that the lookup needs to be done in.
4991 * Usually dvp, unless needs_nameddir is true where it is the
4992 * result of the first non-named directory lookup.
4993 * Note that name caching must be disabled for named attribute
4994 * handling.
4995 */
4996 needs_nameddir = false;
4997 xvp = dvp;
4998 opennamed = (cnp->cn_flags & (OPENNAMED | ISLASTCN)) ==
4999 (OPENNAMED | ISLASTCN);
5000 is_nameddir = (vn_irflag_read(dvp) & VIRF_NAMEDDIR) != 0;
5001 if (is_nameddir && (cnp->cn_flags & ISLASTCN) == 0)
5002 return (ENOATTR);
5003 if (opennamed && !is_nameddir && (cnp->cn_flags & ISDOTDOT) != 0)
5004 return (ENOATTR);
5005 if (opennamed || is_nameddir)
5006 cnp->cn_flags &= ~MAKEENTRY;
5007 if (opennamed && !is_nameddir)
5008 needs_nameddir = true;
5009 ASSERT3U(cnp->cn_namelen, <, sizeof (nm));
5010 error = 0;
5011 *vpp = NULL;
5012 if (needs_nameddir) {
5013 if (VOP_ISLOCKED(dvp) != LK_EXCLUSIVE)
5014 vn_lock(dvp, LK_UPGRADE | LK_RETRY);
5015 error = zfs_lookup_nameddir(dvp, cnp, &xvp);
5016 if (error == 0)
5017 is_nameddir = true;
5018 }
5019 if (error == 0) {
5020 if (!needs_nameddir || cnp->cn_namelen != 1 ||
5021 *cnp->cn_nameptr != '.') {
5022 strlcpy(nm, cnp->cn_nameptr, MIN(cnp->cn_namelen + 1,
5023 sizeof (nm)));
5024 error = zfs_lookup(xvp, nm, vpp, cnp, cnp->cn_nameiop,
5025 cnp->cn_cred, 0, cached);
5026 if (is_nameddir && error == 0 &&
5027 (cnp->cn_namelen != 1 || *cnp->cn_nameptr != '.') &&
5028 (cnp->cn_flags & ISDOTDOT) == 0) {
5029 if ((*vpp)->v_type == VDIR)
5030 vn_irflag_set_cond(*vpp, VIRF_NAMEDDIR);
5031 else
5032 vn_irflag_set_cond(*vpp,
5033 VIRF_NAMEDATTR);
5034 }
5035 if (needs_nameddir && xvp != *vpp)
5036 vput(xvp);
5037 } else {
5038 /*
5039 * Lookup of "." when a named attribute dir is needed.
5040 */
5041 *vpp = xvp;
5042 }
5043 }
5044 return (error);
5045 }
5046 #else
5047 static int
zfs_freebsd_lookup(struct vop_lookup_args * ap,boolean_t cached)5048 zfs_freebsd_lookup(struct vop_lookup_args *ap, boolean_t cached)
5049 {
5050 struct componentname *cnp = ap->a_cnp;
5051 char nm[NAME_MAX + 1];
5052
5053 ASSERT3U(cnp->cn_namelen, <, sizeof (nm));
5054 strlcpy(nm, cnp->cn_nameptr, MIN(cnp->cn_namelen + 1, sizeof (nm)));
5055
5056 return (zfs_lookup(ap->a_dvp, nm, ap->a_vpp, cnp, cnp->cn_nameiop,
5057 cnp->cn_cred, 0, cached));
5058 }
5059 #endif
5060
5061 static int
zfs_freebsd_cachedlookup(struct vop_cachedlookup_args * ap)5062 zfs_freebsd_cachedlookup(struct vop_cachedlookup_args *ap)
5063 {
5064
5065 return (zfs_freebsd_lookup((struct vop_lookup_args *)ap, B_TRUE));
5066 }
5067
5068 #ifndef _SYS_SYSPROTO_H_
5069 struct vop_lookup_args {
5070 struct vnode *a_dvp;
5071 struct vnode **a_vpp;
5072 struct componentname *a_cnp;
5073 };
5074 #endif
5075
5076 static int
zfs_cache_lookup(struct vop_lookup_args * ap)5077 zfs_cache_lookup(struct vop_lookup_args *ap)
5078 {
5079 zfsvfs_t *zfsvfs;
5080
5081 zfsvfs = ap->a_dvp->v_mount->mnt_data;
5082 #if __FreeBSD_version >= 1500040
5083 if (zfsvfs->z_use_namecache && (ap->a_cnp->cn_flags & OPENNAMED) == 0)
5084 #else
5085 if (zfsvfs->z_use_namecache)
5086 #endif
5087 return (vfs_cache_lookup(ap));
5088 else
5089 return (zfs_freebsd_lookup(ap, B_FALSE));
5090 }
5091
5092 #ifndef _SYS_SYSPROTO_H_
5093 struct vop_create_args {
5094 struct vnode *a_dvp;
5095 struct vnode **a_vpp;
5096 struct componentname *a_cnp;
5097 struct vattr *a_vap;
5098 };
5099 #endif
5100
5101 static int
zfs_freebsd_create(struct vop_create_args * ap)5102 zfs_freebsd_create(struct vop_create_args *ap)
5103 {
5104 zfsvfs_t *zfsvfs;
5105 struct componentname *cnp = ap->a_cnp;
5106 vattr_t *vap = ap->a_vap;
5107 znode_t *zp = NULL;
5108 int rc, mode;
5109 struct vnode *dvp = ap->a_dvp;
5110 #if __FreeBSD_version >= 1500040
5111 struct vnode *xvp;
5112 bool is_nameddir;
5113 #endif
5114
5115 #if __FreeBSD_version < 1400068
5116 ASSERT(cnp->cn_flags & SAVENAME);
5117 #endif
5118
5119 vattr_init_mask(vap);
5120 mode = vap->va_mode & ALLPERMS;
5121 zfsvfs = ap->a_dvp->v_mount->mnt_data;
5122 *ap->a_vpp = NULL;
5123
5124 rc = 0;
5125 #if __FreeBSD_version >= 1500040
5126 xvp = NULL;
5127 is_nameddir = (vn_irflag_read(dvp) & VIRF_NAMEDDIR) != 0;
5128 if (!is_nameddir && (cnp->cn_flags & OPENNAMED) != 0) {
5129 /* Needs a named attribute directory. */
5130 rc = zfs_lookup_nameddir(dvp, cnp, &xvp);
5131 if (rc == 0) {
5132 dvp = xvp;
5133 is_nameddir = true;
5134 }
5135 }
5136 if (is_nameddir && rc == 0)
5137 rc = zfs_check_attrname(cnp->cn_nameptr);
5138 #endif
5139
5140 if (rc == 0)
5141 rc = zfs_create(VTOZ(dvp), cnp->cn_nameptr, vap, 0, mode,
5142 &zp, cnp->cn_cred, 0 /* flag */, NULL /* vsecattr */, NULL);
5143 #if __FreeBSD_version >= 1500040
5144 if (xvp != NULL)
5145 vput(xvp);
5146 #endif
5147 if (rc == 0) {
5148 *ap->a_vpp = ZTOV(zp);
5149 #if __FreeBSD_version >= 1500040
5150 if (is_nameddir)
5151 vn_irflag_set_cond(*ap->a_vpp, VIRF_NAMEDATTR);
5152 #endif
5153 }
5154 if (zfsvfs->z_use_namecache &&
5155 rc == 0 && (cnp->cn_flags & MAKEENTRY) != 0)
5156 cache_enter(ap->a_dvp, *ap->a_vpp, cnp);
5157
5158 return (rc);
5159 }
5160
5161 #ifndef _SYS_SYSPROTO_H_
5162 struct vop_remove_args {
5163 struct vnode *a_dvp;
5164 struct vnode *a_vp;
5165 struct componentname *a_cnp;
5166 };
5167 #endif
5168
5169 static int
zfs_freebsd_remove(struct vop_remove_args * ap)5170 zfs_freebsd_remove(struct vop_remove_args *ap)
5171 {
5172 int error = 0;
5173
5174 #if __FreeBSD_version < 1400068
5175 ASSERT(ap->a_cnp->cn_flags & SAVENAME);
5176 #endif
5177
5178 #if __FreeBSD_version >= 1500040
5179 if ((vn_irflag_read(ap->a_dvp) & VIRF_NAMEDDIR) != 0)
5180 error = zfs_check_attrname(ap->a_cnp->cn_nameptr);
5181 #endif
5182
5183 if (error == 0)
5184 error = zfs_remove_(ap->a_dvp, ap->a_vp, ap->a_cnp->cn_nameptr,
5185 ap->a_cnp->cn_cred);
5186 return (error);
5187 }
5188
5189 #ifndef _SYS_SYSPROTO_H_
5190 struct vop_mkdir_args {
5191 struct vnode *a_dvp;
5192 struct vnode **a_vpp;
5193 struct componentname *a_cnp;
5194 struct vattr *a_vap;
5195 };
5196 #endif
5197
5198 static int
zfs_freebsd_mkdir(struct vop_mkdir_args * ap)5199 zfs_freebsd_mkdir(struct vop_mkdir_args *ap)
5200 {
5201 vattr_t *vap = ap->a_vap;
5202 znode_t *zp = NULL;
5203 int rc;
5204
5205 #if __FreeBSD_version < 1400068
5206 ASSERT(ap->a_cnp->cn_flags & SAVENAME);
5207 #endif
5208
5209 vattr_init_mask(vap);
5210 *ap->a_vpp = NULL;
5211
5212 rc = zfs_mkdir(VTOZ(ap->a_dvp), ap->a_cnp->cn_nameptr, vap, &zp,
5213 ap->a_cnp->cn_cred, 0, NULL, NULL);
5214
5215 if (rc == 0)
5216 *ap->a_vpp = ZTOV(zp);
5217 return (rc);
5218 }
5219
5220 #ifndef _SYS_SYSPROTO_H_
5221 struct vop_rmdir_args {
5222 struct vnode *a_dvp;
5223 struct vnode *a_vp;
5224 struct componentname *a_cnp;
5225 };
5226 #endif
5227
5228 static int
zfs_freebsd_rmdir(struct vop_rmdir_args * ap)5229 zfs_freebsd_rmdir(struct vop_rmdir_args *ap)
5230 {
5231 struct componentname *cnp = ap->a_cnp;
5232
5233 #if __FreeBSD_version < 1400068
5234 ASSERT(cnp->cn_flags & SAVENAME);
5235 #endif
5236
5237 return (zfs_rmdir_(ap->a_dvp, ap->a_vp, cnp->cn_nameptr, cnp->cn_cred));
5238 }
5239
5240 #ifndef _SYS_SYSPROTO_H_
5241 struct vop_readdir_args {
5242 struct vnode *a_vp;
5243 struct uio *a_uio;
5244 struct ucred *a_cred;
5245 int *a_eofflag;
5246 int *a_ncookies;
5247 cookie_t **a_cookies;
5248 };
5249 #endif
5250
5251 static int
zfs_freebsd_readdir(struct vop_readdir_args * ap)5252 zfs_freebsd_readdir(struct vop_readdir_args *ap)
5253 {
5254 zfs_uio_t uio;
5255 zfs_uio_init(&uio, ap->a_uio);
5256 return (zfs_readdir(ap->a_vp, &uio, ap->a_cred, ap->a_eofflag,
5257 ap->a_ncookies, ap->a_cookies));
5258 }
5259
5260 #ifndef _SYS_SYSPROTO_H_
5261 struct vop_fsync_args {
5262 struct vnode *a_vp;
5263 int a_waitfor;
5264 struct thread *a_td;
5265 };
5266 #endif
5267
5268 static int
zfs_freebsd_fsync(struct vop_fsync_args * ap)5269 zfs_freebsd_fsync(struct vop_fsync_args *ap)
5270 {
5271 vnode_t *vp = ap->a_vp;
5272 int err = 0;
5273
5274 /*
5275 * Push any dirty mmap()'d data out to the DMU and ZIL, ready for
5276 * zil_commit() to be called in zfs_fsync().
5277 */
5278 if (vm_object_mightbedirty(vp->v_object)) {
5279 zfs_vmobject_wlock(vp->v_object);
5280 if (!vm_object_page_clean(vp->v_object, 0, 0, 0))
5281 err = SET_ERROR(EIO);
5282 zfs_vmobject_wunlock(vp->v_object);
5283 if (err) {
5284 /*
5285 * Unclear what state things are in. zfs_putpages()
5286 * will ensure the pages remain dirty if they haven't
5287 * been written down to the DMU, but because there may
5288 * be nothing logged, we can't assume that zfs_sync()
5289 * -> zil_commit() will give us a useful error. It's
5290 * safest if we just error out here.
5291 */
5292 return (err);
5293 }
5294 }
5295
5296 return (zfs_fsync(VTOZ(vp), 0, ap->a_td->td_ucred));
5297 }
5298
5299 #ifndef _SYS_SYSPROTO_H_
5300 struct vop_getattr_args {
5301 struct vnode *a_vp;
5302 struct vattr *a_vap;
5303 struct ucred *a_cred;
5304 };
5305 #endif
5306
5307 static int
zfs_freebsd_getattr(struct vop_getattr_args * ap)5308 zfs_freebsd_getattr(struct vop_getattr_args *ap)
5309 {
5310 vattr_t *vap = ap->a_vap;
5311 xvattr_t xvap;
5312 ulong_t fflags = 0;
5313 int error;
5314
5315 xva_init(&xvap);
5316 xvap.xva_vattr = *vap;
5317 xvap.xva_vattr.va_mask |= AT_XVATTR;
5318
5319 /* Convert chflags into ZFS-type flags. */
5320 /* XXX: what about SF_SETTABLE?. */
5321 XVA_SET_REQ(&xvap, XAT_IMMUTABLE);
5322 XVA_SET_REQ(&xvap, XAT_APPENDONLY);
5323 XVA_SET_REQ(&xvap, XAT_NOUNLINK);
5324 XVA_SET_REQ(&xvap, XAT_NODUMP);
5325 XVA_SET_REQ(&xvap, XAT_READONLY);
5326 XVA_SET_REQ(&xvap, XAT_ARCHIVE);
5327 XVA_SET_REQ(&xvap, XAT_SYSTEM);
5328 XVA_SET_REQ(&xvap, XAT_HIDDEN);
5329 XVA_SET_REQ(&xvap, XAT_REPARSE);
5330 XVA_SET_REQ(&xvap, XAT_OFFLINE);
5331 XVA_SET_REQ(&xvap, XAT_SPARSE);
5332
5333 error = zfs_getattr(ap->a_vp, (vattr_t *)&xvap, 0, ap->a_cred);
5334 if (error != 0)
5335 return (error);
5336
5337 /* Convert ZFS xattr into chflags. */
5338 #define FLAG_CHECK(fflag, xflag, xfield) do { \
5339 if (XVA_ISSET_RTN(&xvap, (xflag)) && (xfield) != 0) \
5340 fflags |= (fflag); \
5341 } while (0)
5342 FLAG_CHECK(SF_IMMUTABLE, XAT_IMMUTABLE,
5343 xvap.xva_xoptattrs.xoa_immutable);
5344 FLAG_CHECK(SF_APPEND, XAT_APPENDONLY,
5345 xvap.xva_xoptattrs.xoa_appendonly);
5346 FLAG_CHECK(SF_NOUNLINK, XAT_NOUNLINK,
5347 xvap.xva_xoptattrs.xoa_nounlink);
5348 FLAG_CHECK(UF_ARCHIVE, XAT_ARCHIVE,
5349 xvap.xva_xoptattrs.xoa_archive);
5350 FLAG_CHECK(UF_NODUMP, XAT_NODUMP,
5351 xvap.xva_xoptattrs.xoa_nodump);
5352 FLAG_CHECK(UF_READONLY, XAT_READONLY,
5353 xvap.xva_xoptattrs.xoa_readonly);
5354 FLAG_CHECK(UF_SYSTEM, XAT_SYSTEM,
5355 xvap.xva_xoptattrs.xoa_system);
5356 FLAG_CHECK(UF_HIDDEN, XAT_HIDDEN,
5357 xvap.xva_xoptattrs.xoa_hidden);
5358 FLAG_CHECK(UF_REPARSE, XAT_REPARSE,
5359 xvap.xva_xoptattrs.xoa_reparse);
5360 FLAG_CHECK(UF_OFFLINE, XAT_OFFLINE,
5361 xvap.xva_xoptattrs.xoa_offline);
5362 FLAG_CHECK(UF_SPARSE, XAT_SPARSE,
5363 xvap.xva_xoptattrs.xoa_sparse);
5364
5365 #undef FLAG_CHECK
5366 *vap = xvap.xva_vattr;
5367 vap->va_flags = fflags;
5368
5369 #if __FreeBSD_version >= 1500040
5370 if ((vn_irflag_read(ap->a_vp) & (VIRF_NAMEDDIR | VIRF_NAMEDATTR)) != 0)
5371 vap->va_bsdflags |= SFBSD_NAMEDATTR;
5372 #endif
5373 return (0);
5374 }
5375
5376 #ifndef _SYS_SYSPROTO_H_
5377 struct vop_setattr_args {
5378 struct vnode *a_vp;
5379 struct vattr *a_vap;
5380 struct ucred *a_cred;
5381 };
5382 #endif
5383
5384 static int
zfs_freebsd_setattr(struct vop_setattr_args * ap)5385 zfs_freebsd_setattr(struct vop_setattr_args *ap)
5386 {
5387 vnode_t *vp = ap->a_vp;
5388 vattr_t *vap = ap->a_vap;
5389 cred_t *cred = ap->a_cred;
5390 xvattr_t xvap;
5391 ulong_t fflags;
5392 uint64_t zflags;
5393
5394 vattr_init_mask(vap);
5395 vap->va_mask &= ~AT_NOSET;
5396
5397 xva_init(&xvap);
5398 xvap.xva_vattr = *vap;
5399
5400 zflags = VTOZ(vp)->z_pflags;
5401
5402 if (vap->va_flags != VNOVAL) {
5403 zfsvfs_t *zfsvfs = VTOZ(vp)->z_zfsvfs;
5404 int error;
5405
5406 if (zfsvfs->z_use_fuids == B_FALSE)
5407 return (EOPNOTSUPP);
5408
5409 fflags = vap->va_flags;
5410 /*
5411 * XXX KDM
5412 * We need to figure out whether it makes sense to allow
5413 * UF_REPARSE through, since we don't really have other
5414 * facilities to handle reparse points and zfs_setattr()
5415 * doesn't currently allow setting that attribute anyway.
5416 */
5417 if ((fflags & ~(SF_IMMUTABLE|SF_APPEND|SF_NOUNLINK|UF_ARCHIVE|
5418 UF_NODUMP|UF_SYSTEM|UF_HIDDEN|UF_READONLY|UF_REPARSE|
5419 UF_OFFLINE|UF_SPARSE)) != 0)
5420 return (EOPNOTSUPP);
5421 /*
5422 * Unprivileged processes are not permitted to unset system
5423 * flags, or modify flags if any system flags are set.
5424 * Privileged non-jail processes may not modify system flags
5425 * if securelevel > 0 and any existing system flags are set.
5426 * Privileged jail processes behave like privileged non-jail
5427 * processes if the PR_ALLOW_CHFLAGS permission bit is set;
5428 * otherwise, they behave like unprivileged processes.
5429 */
5430 if (secpolicy_fs_owner(vp->v_mount, cred) == 0 ||
5431 priv_check_cred(cred, PRIV_VFS_SYSFLAGS) == 0) {
5432 if (zflags &
5433 (ZFS_IMMUTABLE | ZFS_APPENDONLY | ZFS_NOUNLINK)) {
5434 error = securelevel_gt(cred, 0);
5435 if (error != 0)
5436 return (error);
5437 }
5438 } else {
5439 /*
5440 * Callers may only modify the file flags on
5441 * objects they have VADMIN rights for.
5442 */
5443 if ((error = VOP_ACCESS(vp, VADMIN, cred,
5444 curthread)) != 0)
5445 return (error);
5446 if (zflags &
5447 (ZFS_IMMUTABLE | ZFS_APPENDONLY |
5448 ZFS_NOUNLINK)) {
5449 return (EPERM);
5450 }
5451 if (fflags &
5452 (SF_IMMUTABLE | SF_APPEND | SF_NOUNLINK)) {
5453 return (EPERM);
5454 }
5455 }
5456
5457 #define FLAG_CHANGE(fflag, zflag, xflag, xfield) do { \
5458 if (((fflags & (fflag)) && !(zflags & (zflag))) || \
5459 ((zflags & (zflag)) && !(fflags & (fflag)))) { \
5460 XVA_SET_REQ(&xvap, (xflag)); \
5461 (xfield) = ((fflags & (fflag)) != 0); \
5462 } \
5463 } while (0)
5464 /* Convert chflags into ZFS-type flags. */
5465 /* XXX: what about SF_SETTABLE?. */
5466 FLAG_CHANGE(SF_IMMUTABLE, ZFS_IMMUTABLE, XAT_IMMUTABLE,
5467 xvap.xva_xoptattrs.xoa_immutable);
5468 FLAG_CHANGE(SF_APPEND, ZFS_APPENDONLY, XAT_APPENDONLY,
5469 xvap.xva_xoptattrs.xoa_appendonly);
5470 FLAG_CHANGE(SF_NOUNLINK, ZFS_NOUNLINK, XAT_NOUNLINK,
5471 xvap.xva_xoptattrs.xoa_nounlink);
5472 FLAG_CHANGE(UF_ARCHIVE, ZFS_ARCHIVE, XAT_ARCHIVE,
5473 xvap.xva_xoptattrs.xoa_archive);
5474 FLAG_CHANGE(UF_NODUMP, ZFS_NODUMP, XAT_NODUMP,
5475 xvap.xva_xoptattrs.xoa_nodump);
5476 FLAG_CHANGE(UF_READONLY, ZFS_READONLY, XAT_READONLY,
5477 xvap.xva_xoptattrs.xoa_readonly);
5478 FLAG_CHANGE(UF_SYSTEM, ZFS_SYSTEM, XAT_SYSTEM,
5479 xvap.xva_xoptattrs.xoa_system);
5480 FLAG_CHANGE(UF_HIDDEN, ZFS_HIDDEN, XAT_HIDDEN,
5481 xvap.xva_xoptattrs.xoa_hidden);
5482 FLAG_CHANGE(UF_REPARSE, ZFS_REPARSE, XAT_REPARSE,
5483 xvap.xva_xoptattrs.xoa_reparse);
5484 FLAG_CHANGE(UF_OFFLINE, ZFS_OFFLINE, XAT_OFFLINE,
5485 xvap.xva_xoptattrs.xoa_offline);
5486 FLAG_CHANGE(UF_SPARSE, ZFS_SPARSE, XAT_SPARSE,
5487 xvap.xva_xoptattrs.xoa_sparse);
5488 #undef FLAG_CHANGE
5489 }
5490 if (vap->va_birthtime.tv_sec != VNOVAL) {
5491 xvap.xva_vattr.va_mask |= AT_XVATTR;
5492 XVA_SET_REQ(&xvap, XAT_CREATETIME);
5493 }
5494 return (zfs_setattr(VTOZ(vp), (vattr_t *)&xvap, 0, cred, NULL));
5495 }
5496
5497 #ifndef _SYS_SYSPROTO_H_
5498 struct vop_rename_args {
5499 struct vnode *a_fdvp;
5500 struct vnode *a_fvp;
5501 struct componentname *a_fcnp;
5502 struct vnode *a_tdvp;
5503 struct vnode *a_tvp;
5504 struct componentname *a_tcnp;
5505 };
5506 #endif
5507
5508 static int
zfs_freebsd_rename(struct vop_rename_args * ap)5509 zfs_freebsd_rename(struct vop_rename_args *ap)
5510 {
5511 vnode_t *fdvp = ap->a_fdvp;
5512 vnode_t *fvp = ap->a_fvp;
5513 vnode_t *tdvp = ap->a_tdvp;
5514 vnode_t *tvp = ap->a_tvp;
5515 int error = 0;
5516
5517 #if __FreeBSD_version < 1400068
5518 ASSERT(ap->a_fcnp->cn_flags & (SAVENAME|SAVESTART));
5519 ASSERT(ap->a_tcnp->cn_flags & (SAVENAME|SAVESTART));
5520 #endif
5521
5522 #if __FreeBSD_version >= 1500040
5523 if ((vn_irflag_read(fdvp) & VIRF_NAMEDDIR) != 0) {
5524 error = zfs_check_attrname(ap->a_fcnp->cn_nameptr);
5525 if (error == 0)
5526 error = zfs_check_attrname(ap->a_tcnp->cn_nameptr);
5527 }
5528 #endif
5529
5530 if (error == 0)
5531 error = zfs_do_rename(fdvp, &fvp, ap->a_fcnp, tdvp, &tvp,
5532 ap->a_tcnp, ap->a_fcnp->cn_cred);
5533
5534 vrele(fdvp);
5535 vrele(fvp);
5536 vrele(tdvp);
5537 if (tvp != NULL)
5538 vrele(tvp);
5539
5540 return (error);
5541 }
5542
5543 #ifndef _SYS_SYSPROTO_H_
5544 struct vop_symlink_args {
5545 struct vnode *a_dvp;
5546 struct vnode **a_vpp;
5547 struct componentname *a_cnp;
5548 struct vattr *a_vap;
5549 char *a_target;
5550 };
5551 #endif
5552
5553 static int
zfs_freebsd_symlink(struct vop_symlink_args * ap)5554 zfs_freebsd_symlink(struct vop_symlink_args *ap)
5555 {
5556 struct componentname *cnp = ap->a_cnp;
5557 vattr_t *vap = ap->a_vap;
5558 znode_t *zp = NULL;
5559 char *symlink;
5560 size_t symlink_len;
5561 int rc;
5562
5563 #if __FreeBSD_version < 1400068
5564 ASSERT(cnp->cn_flags & SAVENAME);
5565 #endif
5566
5567 vap->va_type = VLNK; /* FreeBSD: Syscall only sets va_mode. */
5568 vattr_init_mask(vap);
5569 *ap->a_vpp = NULL;
5570
5571 rc = zfs_symlink(VTOZ(ap->a_dvp), cnp->cn_nameptr, vap,
5572 ap->a_target, &zp, cnp->cn_cred, 0 /* flags */, NULL);
5573 if (rc == 0) {
5574 *ap->a_vpp = ZTOV(zp);
5575 ASSERT_VOP_ELOCKED(ZTOV(zp), __func__);
5576 MPASS(zp->z_cached_symlink == NULL);
5577 symlink_len = strlen(ap->a_target);
5578 symlink = cache_symlink_alloc(symlink_len + 1, M_WAITOK);
5579 if (symlink != NULL) {
5580 memcpy(symlink, ap->a_target, symlink_len);
5581 symlink[symlink_len] = '\0';
5582 atomic_store_rel_ptr((uintptr_t *)&zp->z_cached_symlink,
5583 (uintptr_t)symlink);
5584 }
5585 }
5586 return (rc);
5587 }
5588
5589 #ifndef _SYS_SYSPROTO_H_
5590 struct vop_readlink_args {
5591 struct vnode *a_vp;
5592 struct uio *a_uio;
5593 struct ucred *a_cred;
5594 };
5595 #endif
5596
5597 static int
zfs_freebsd_readlink(struct vop_readlink_args * ap)5598 zfs_freebsd_readlink(struct vop_readlink_args *ap)
5599 {
5600 zfs_uio_t uio;
5601 int error;
5602 znode_t *zp = VTOZ(ap->a_vp);
5603 char *symlink, *base;
5604 size_t symlink_len;
5605 bool trycache;
5606
5607 zfs_uio_init(&uio, ap->a_uio);
5608 trycache = false;
5609 if (zfs_uio_segflg(&uio) == UIO_SYSSPACE &&
5610 zfs_uio_iovcnt(&uio) == 1) {
5611 base = zfs_uio_iovbase(&uio, 0);
5612 symlink_len = zfs_uio_iovlen(&uio, 0);
5613 trycache = true;
5614 }
5615 error = zfs_readlink(ap->a_vp, &uio, ap->a_cred, NULL);
5616 if (atomic_load_ptr(&zp->z_cached_symlink) != NULL ||
5617 error != 0 || !trycache) {
5618 return (error);
5619 }
5620 symlink_len -= zfs_uio_resid(&uio);
5621 symlink = cache_symlink_alloc(symlink_len + 1, M_WAITOK);
5622 if (symlink != NULL) {
5623 memcpy(symlink, base, symlink_len);
5624 symlink[symlink_len] = '\0';
5625 if (!atomic_cmpset_rel_ptr((uintptr_t *)&zp->z_cached_symlink,
5626 (uintptr_t)NULL, (uintptr_t)symlink)) {
5627 cache_symlink_free(symlink, symlink_len + 1);
5628 }
5629 }
5630 return (error);
5631 }
5632
5633 #ifndef _SYS_SYSPROTO_H_
5634 struct vop_link_args {
5635 struct vnode *a_tdvp;
5636 struct vnode *a_vp;
5637 struct componentname *a_cnp;
5638 };
5639 #endif
5640
5641 static int
zfs_freebsd_link(struct vop_link_args * ap)5642 zfs_freebsd_link(struct vop_link_args *ap)
5643 {
5644 struct componentname *cnp = ap->a_cnp;
5645 vnode_t *vp = ap->a_vp;
5646 vnode_t *tdvp = ap->a_tdvp;
5647
5648 if (tdvp->v_mount != vp->v_mount)
5649 return (EXDEV);
5650
5651 #if __FreeBSD_version < 1400068
5652 ASSERT(cnp->cn_flags & SAVENAME);
5653 #endif
5654
5655 return (zfs_link(VTOZ(tdvp), VTOZ(vp),
5656 cnp->cn_nameptr, cnp->cn_cred, 0));
5657 }
5658
5659 #ifndef _SYS_SYSPROTO_H_
5660 struct vop_inactive_args {
5661 struct vnode *a_vp;
5662 struct thread *a_td;
5663 };
5664 #endif
5665
5666 static int
zfs_freebsd_inactive(struct vop_inactive_args * ap)5667 zfs_freebsd_inactive(struct vop_inactive_args *ap)
5668 {
5669 vnode_t *vp = ap->a_vp;
5670
5671 zfs_inactive(vp, curthread->td_ucred, NULL);
5672 return (0);
5673 }
5674
5675 #ifndef _SYS_SYSPROTO_H_
5676 struct vop_need_inactive_args {
5677 struct vnode *a_vp;
5678 struct thread *a_td;
5679 };
5680 #endif
5681
5682 static int
zfs_freebsd_need_inactive(struct vop_need_inactive_args * ap)5683 zfs_freebsd_need_inactive(struct vop_need_inactive_args *ap)
5684 {
5685 vnode_t *vp = ap->a_vp;
5686 znode_t *zp = VTOZ(vp);
5687 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
5688 int need;
5689
5690 if (vn_need_pageq_flush(vp))
5691 return (1);
5692
5693 if (!ZFS_TEARDOWN_INACTIVE_TRY_ENTER_READ(zfsvfs))
5694 return (1);
5695 need = (zp->z_sa_hdl == NULL || zp->z_unlinked || zp->z_atime_dirty);
5696 ZFS_TEARDOWN_INACTIVE_EXIT_READ(zfsvfs);
5697
5698 return (need);
5699 }
5700
5701 #ifndef _SYS_SYSPROTO_H_
5702 struct vop_reclaim_args {
5703 struct vnode *a_vp;
5704 struct thread *a_td;
5705 };
5706 #endif
5707
5708 static int
zfs_freebsd_reclaim(struct vop_reclaim_args * ap)5709 zfs_freebsd_reclaim(struct vop_reclaim_args *ap)
5710 {
5711 vnode_t *vp = ap->a_vp;
5712 znode_t *zp = VTOZ(vp);
5713 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
5714
5715 ASSERT3P(zp, !=, NULL);
5716
5717 /*
5718 * z_teardown_inactive_lock protects from a race with
5719 * zfs_znode_dmu_fini in zfsvfs_teardown during
5720 * force unmount.
5721 */
5722 ZFS_TEARDOWN_INACTIVE_ENTER_READ(zfsvfs);
5723 if (zp->z_sa_hdl == NULL)
5724 zfs_znode_free(zp);
5725 else
5726 zfs_zinactive(zp);
5727 ZFS_TEARDOWN_INACTIVE_EXIT_READ(zfsvfs);
5728
5729 vp->v_data = NULL;
5730 return (0);
5731 }
5732
5733 #ifndef _SYS_SYSPROTO_H_
5734 struct vop_fid_args {
5735 struct vnode *a_vp;
5736 struct fid *a_fid;
5737 };
5738 #endif
5739
5740 static int
zfs_freebsd_fid(struct vop_fid_args * ap)5741 zfs_freebsd_fid(struct vop_fid_args *ap)
5742 {
5743
5744 return (zfs_fid(ap->a_vp, (void *)ap->a_fid, NULL));
5745 }
5746
5747
5748 #ifndef _SYS_SYSPROTO_H_
5749 struct vop_pathconf_args {
5750 struct vnode *a_vp;
5751 int a_name;
5752 register_t *a_retval;
5753 } *ap;
5754 #endif
5755
5756 static int
zfs_freebsd_pathconf(struct vop_pathconf_args * ap)5757 zfs_freebsd_pathconf(struct vop_pathconf_args *ap)
5758 {
5759 ulong_t val;
5760 int error;
5761 #if defined(_PC_CLONE_BLKSIZE) || defined(_PC_CASE_INSENSITIVE)
5762 zfsvfs_t *zfsvfs;
5763 #endif
5764
5765 error = zfs_pathconf(ap->a_vp, ap->a_name, &val,
5766 curthread->td_ucred, NULL);
5767 if (error == 0) {
5768 *ap->a_retval = val;
5769 return (error);
5770 }
5771 if (error != EOPNOTSUPP)
5772 return (error);
5773
5774 switch (ap->a_name) {
5775 case _PC_NAME_MAX:
5776 *ap->a_retval = NAME_MAX;
5777 return (0);
5778 #if __FreeBSD_version >= 1400032
5779 case _PC_DEALLOC_PRESENT:
5780 *ap->a_retval = 1;
5781 return (0);
5782 #endif
5783 case _PC_PIPE_BUF:
5784 if (ap->a_vp->v_type == VDIR || ap->a_vp->v_type == VFIFO) {
5785 *ap->a_retval = PIPE_BUF;
5786 return (0);
5787 }
5788 return (EINVAL);
5789 #if __FreeBSD_version >= 1500040
5790 case _PC_NAMEDATTR_ENABLED:
5791 MNT_ILOCK(ap->a_vp->v_mount);
5792 if ((ap->a_vp->v_mount->mnt_flag & MNT_NAMEDATTR) != 0)
5793 *ap->a_retval = 1;
5794 else
5795 *ap->a_retval = 0;
5796 MNT_IUNLOCK(ap->a_vp->v_mount);
5797 return (0);
5798 case _PC_HAS_NAMEDATTR:
5799 if (zfs_has_namedattr(ap->a_vp, curthread->td_ucred))
5800 *ap->a_retval = 1;
5801 else
5802 *ap->a_retval = 0;
5803 return (0);
5804 #endif
5805 #ifdef _PC_HAS_HIDDENSYSTEM
5806 case _PC_HAS_HIDDENSYSTEM:
5807 *ap->a_retval = 1;
5808 return (0);
5809 #endif
5810 #ifdef _PC_CLONE_BLKSIZE
5811 case _PC_CLONE_BLKSIZE:
5812 zfsvfs = (zfsvfs_t *)ap->a_vp->v_mount->mnt_data;
5813 if (zfs_bclone_enabled &&
5814 spa_feature_is_enabled(dmu_objset_spa(zfsvfs->z_os),
5815 SPA_FEATURE_BLOCK_CLONING))
5816 *ap->a_retval = dsl_dataset_feature_is_active(
5817 zfsvfs->z_os->os_dsl_dataset,
5818 SPA_FEATURE_LARGE_BLOCKS) ?
5819 SPA_MAXBLOCKSIZE :
5820 SPA_OLD_MAXBLOCKSIZE;
5821 else
5822 *ap->a_retval = 0;
5823 return (0);
5824 #endif
5825 #ifdef _PC_CASE_INSENSITIVE
5826 case _PC_CASE_INSENSITIVE:
5827 zfsvfs = (zfsvfs_t *)ap->a_vp->v_mount->mnt_data;
5828 if (zfsvfs->z_case == ZFS_CASE_INSENSITIVE)
5829 *ap->a_retval = 1;
5830 else
5831 *ap->a_retval = 0;
5832 return (0);
5833 #endif
5834 default:
5835 return (vop_stdpathconf(ap));
5836 }
5837 }
5838
5839 int zfs_xattr_compat = 1;
5840
5841 static int
zfs_check_attrname(const char * name)5842 zfs_check_attrname(const char *name)
5843 {
5844 /* We don't allow '/' character in attribute name. */
5845 if (strchr(name, '/') != NULL)
5846 return (SET_ERROR(EINVAL));
5847 /* We don't allow attribute names that start with a namespace prefix. */
5848 if (ZFS_XA_NS_PREFIX_FORBIDDEN(name))
5849 return (SET_ERROR(EINVAL));
5850 return (0);
5851 }
5852
5853 /*
5854 * FreeBSD's extended attributes namespace defines file name prefix for ZFS'
5855 * extended attribute name:
5856 *
5857 * NAMESPACE XATTR_COMPAT PREFIX
5858 * system * freebsd:system:
5859 * user 1 (none, can be used to access ZFS
5860 * fsattr(5) attributes created on Solaris)
5861 * user 0 user.
5862 */
5863 static int
zfs_create_attrname(int attrnamespace,const char * name,char * attrname,size_t size,boolean_t compat)5864 zfs_create_attrname(int attrnamespace, const char *name, char *attrname,
5865 size_t size, boolean_t compat)
5866 {
5867 const char *namespace, *prefix, *suffix;
5868
5869 memset(attrname, 0, size);
5870
5871 switch (attrnamespace) {
5872 case EXTATTR_NAMESPACE_USER:
5873 if (compat) {
5874 /*
5875 * This is the default namespace by which we can access
5876 * all attributes created on Solaris.
5877 */
5878 prefix = namespace = suffix = "";
5879 } else {
5880 /*
5881 * This is compatible with the user namespace encoding
5882 * on Linux prior to xattr_compat, but nothing
5883 * else.
5884 */
5885 prefix = "";
5886 namespace = "user";
5887 suffix = ".";
5888 }
5889 break;
5890 case EXTATTR_NAMESPACE_SYSTEM:
5891 prefix = "freebsd:";
5892 namespace = EXTATTR_NAMESPACE_SYSTEM_STRING;
5893 suffix = ":";
5894 break;
5895 case EXTATTR_NAMESPACE_EMPTY:
5896 default:
5897 return (SET_ERROR(EINVAL));
5898 }
5899 if (snprintf(attrname, size, "%s%s%s%s", prefix, namespace, suffix,
5900 name) >= size) {
5901 return (SET_ERROR(ENAMETOOLONG));
5902 }
5903 return (0);
5904 }
5905
5906 static int
zfs_ensure_xattr_cached(znode_t * zp)5907 zfs_ensure_xattr_cached(znode_t *zp)
5908 {
5909 int error = 0;
5910
5911 ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock));
5912
5913 if (zp->z_xattr_cached != NULL)
5914 return (0);
5915
5916 if (rw_write_held(&zp->z_xattr_lock))
5917 return (zfs_sa_get_xattr(zp));
5918
5919 if (!rw_tryupgrade(&zp->z_xattr_lock)) {
5920 rw_exit(&zp->z_xattr_lock);
5921 rw_enter(&zp->z_xattr_lock, RW_WRITER);
5922 }
5923 if (zp->z_xattr_cached == NULL)
5924 error = zfs_sa_get_xattr(zp);
5925 rw_downgrade(&zp->z_xattr_lock);
5926 return (error);
5927 }
5928
5929 #ifndef _SYS_SYSPROTO_H_
5930 struct vop_getextattr {
5931 IN struct vnode *a_vp;
5932 IN int a_attrnamespace;
5933 IN const char *a_name;
5934 INOUT struct uio *a_uio;
5935 OUT size_t *a_size;
5936 IN struct ucred *a_cred;
5937 IN struct thread *a_td;
5938 };
5939 #endif
5940
5941 static int
zfs_getextattr_dir(struct vop_getextattr_args * ap,const char * attrname)5942 zfs_getextattr_dir(struct vop_getextattr_args *ap, const char *attrname)
5943 {
5944 struct thread *td = ap->a_td;
5945 struct nameidata nd;
5946 struct vattr va;
5947 vnode_t *xvp = NULL, *vp;
5948 int error, flags;
5949
5950 error = zfs_lookup(ap->a_vp, NULL, &xvp, NULL, 0, ap->a_cred,
5951 LOOKUP_XATTR, B_FALSE);
5952 if (error != 0)
5953 return (error);
5954
5955 flags = FREAD;
5956 #if __FreeBSD_version < 1400043
5957 NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, attrname,
5958 xvp, td);
5959 #else
5960 NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, attrname, xvp);
5961 #endif
5962 error = vn_open_cred(&nd, &flags, 0, VN_OPEN_INVFS, ap->a_cred, NULL);
5963 if (error != 0)
5964 return (SET_ERROR(error));
5965 vp = nd.ni_vp;
5966 NDFREE_PNBUF(&nd);
5967
5968 if (ap->a_size != NULL) {
5969 error = VOP_GETATTR(vp, &va, ap->a_cred);
5970 if (error == 0)
5971 *ap->a_size = (size_t)va.va_size;
5972 } else if (ap->a_uio != NULL)
5973 error = VOP_READ(vp, ap->a_uio, IO_UNIT, ap->a_cred);
5974
5975 VOP_UNLOCK(vp);
5976 vn_close(vp, flags, ap->a_cred, td);
5977 return (error);
5978 }
5979
5980 static int
zfs_getextattr_sa(struct vop_getextattr_args * ap,const char * attrname)5981 zfs_getextattr_sa(struct vop_getextattr_args *ap, const char *attrname)
5982 {
5983 znode_t *zp = VTOZ(ap->a_vp);
5984 uchar_t *nv_value;
5985 uint_t nv_size;
5986 int error;
5987
5988 error = zfs_ensure_xattr_cached(zp);
5989 if (error != 0)
5990 return (error);
5991
5992 ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock));
5993 ASSERT3P(zp->z_xattr_cached, !=, NULL);
5994
5995 error = nvlist_lookup_byte_array(zp->z_xattr_cached, attrname,
5996 &nv_value, &nv_size);
5997 if (error != 0)
5998 return (SET_ERROR(error));
5999
6000 if (ap->a_size != NULL)
6001 *ap->a_size = nv_size;
6002 else if (ap->a_uio != NULL)
6003 error = uiomove(nv_value, nv_size, ap->a_uio);
6004 if (error != 0)
6005 return (SET_ERROR(error));
6006
6007 return (0);
6008 }
6009
6010 static int
zfs_getextattr_impl(struct vop_getextattr_args * ap,boolean_t compat)6011 zfs_getextattr_impl(struct vop_getextattr_args *ap, boolean_t compat)
6012 {
6013 znode_t *zp = VTOZ(ap->a_vp);
6014 zfsvfs_t *zfsvfs = ZTOZSB(zp);
6015 char attrname[EXTATTR_MAXNAMELEN+1];
6016 int error;
6017
6018 error = zfs_create_attrname(ap->a_attrnamespace, ap->a_name, attrname,
6019 sizeof (attrname), compat);
6020 if (error != 0)
6021 return (error);
6022
6023 error = ENOENT;
6024 if (zfsvfs->z_use_sa && zp->z_is_sa)
6025 error = zfs_getextattr_sa(ap, attrname);
6026 if (error == ENOENT)
6027 error = zfs_getextattr_dir(ap, attrname);
6028 return (error);
6029 }
6030
6031 /*
6032 * Vnode operation to retrieve a named extended attribute.
6033 */
6034 static int
zfs_getextattr(struct vop_getextattr_args * ap)6035 zfs_getextattr(struct vop_getextattr_args *ap)
6036 {
6037 znode_t *zp = VTOZ(ap->a_vp);
6038 zfsvfs_t *zfsvfs = ZTOZSB(zp);
6039 int error;
6040
6041 /*
6042 * If the xattr property is off, refuse the request.
6043 */
6044 if (!(zfsvfs->z_flags & ZSB_XATTR))
6045 return (SET_ERROR(EOPNOTSUPP));
6046
6047 error = extattr_check_cred(ap->a_vp, ap->a_attrnamespace,
6048 ap->a_cred, ap->a_td, VREAD);
6049 if (error != 0)
6050 return (SET_ERROR(error));
6051
6052 error = zfs_check_attrname(ap->a_name);
6053 if (error != 0)
6054 return (error);
6055
6056 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
6057 return (error);
6058 error = ENOENT;
6059 rw_enter(&zp->z_xattr_lock, RW_READER);
6060
6061 error = zfs_getextattr_impl(ap, zfs_xattr_compat);
6062 if ((error == ENOENT || error == ENOATTR) &&
6063 ap->a_attrnamespace == EXTATTR_NAMESPACE_USER) {
6064 /*
6065 * Fall back to the alternate namespace format if we failed to
6066 * find a user xattr.
6067 */
6068 error = zfs_getextattr_impl(ap, !zfs_xattr_compat);
6069 }
6070
6071 rw_exit(&zp->z_xattr_lock);
6072 zfs_exit(zfsvfs, FTAG);
6073 if (error == ENOENT)
6074 error = SET_ERROR(ENOATTR);
6075 return (error);
6076 }
6077
6078 #ifndef _SYS_SYSPROTO_H_
6079 struct vop_deleteextattr {
6080 IN struct vnode *a_vp;
6081 IN int a_attrnamespace;
6082 IN const char *a_name;
6083 IN struct ucred *a_cred;
6084 IN struct thread *a_td;
6085 };
6086 #endif
6087
6088 static int
zfs_deleteextattr_dir(struct vop_deleteextattr_args * ap,const char * attrname)6089 zfs_deleteextattr_dir(struct vop_deleteextattr_args *ap, const char *attrname)
6090 {
6091 struct nameidata nd;
6092 vnode_t *xvp = NULL, *vp;
6093 int error;
6094
6095 error = zfs_lookup(ap->a_vp, NULL, &xvp, NULL, 0, ap->a_cred,
6096 LOOKUP_XATTR, B_FALSE);
6097 if (error != 0)
6098 return (error);
6099
6100 #if __FreeBSD_version < 1400043
6101 NDINIT_ATVP(&nd, DELETE, NOFOLLOW | LOCKPARENT | LOCKLEAF,
6102 UIO_SYSSPACE, attrname, xvp, ap->a_td);
6103 #else
6104 NDINIT_ATVP(&nd, DELETE, NOFOLLOW | LOCKPARENT | LOCKLEAF,
6105 UIO_SYSSPACE, attrname, xvp);
6106 #endif
6107 error = namei(&nd);
6108 if (error != 0)
6109 return (SET_ERROR(error));
6110
6111 vp = nd.ni_vp;
6112 error = VOP_REMOVE(nd.ni_dvp, vp, &nd.ni_cnd);
6113 NDFREE_PNBUF(&nd);
6114
6115 vput(nd.ni_dvp);
6116 if (vp == nd.ni_dvp)
6117 vrele(vp);
6118 else
6119 vput(vp);
6120
6121 return (error);
6122 }
6123
6124 static int
zfs_deleteextattr_sa(struct vop_deleteextattr_args * ap,const char * attrname)6125 zfs_deleteextattr_sa(struct vop_deleteextattr_args *ap, const char *attrname)
6126 {
6127 znode_t *zp = VTOZ(ap->a_vp);
6128 nvlist_t *nvl;
6129 int error;
6130
6131 error = zfs_ensure_xattr_cached(zp);
6132 if (error != 0)
6133 return (error);
6134
6135 ASSERT(RW_WRITE_HELD(&zp->z_xattr_lock));
6136 ASSERT3P(zp->z_xattr_cached, !=, NULL);
6137
6138 nvl = zp->z_xattr_cached;
6139 error = nvlist_remove(nvl, attrname, DATA_TYPE_BYTE_ARRAY);
6140 if (error != 0)
6141 error = SET_ERROR(error);
6142 else
6143 error = zfs_sa_set_xattr(zp, attrname, NULL, 0);
6144 if (error != 0) {
6145 zp->z_xattr_cached = NULL;
6146 nvlist_free(nvl);
6147 }
6148 return (error);
6149 }
6150
6151 static int
zfs_deleteextattr_impl(struct vop_deleteextattr_args * ap,boolean_t compat)6152 zfs_deleteextattr_impl(struct vop_deleteextattr_args *ap, boolean_t compat)
6153 {
6154 znode_t *zp = VTOZ(ap->a_vp);
6155 zfsvfs_t *zfsvfs = ZTOZSB(zp);
6156 char attrname[EXTATTR_MAXNAMELEN+1];
6157 int error;
6158
6159 error = zfs_create_attrname(ap->a_attrnamespace, ap->a_name, attrname,
6160 sizeof (attrname), compat);
6161 if (error != 0)
6162 return (error);
6163
6164 error = ENOENT;
6165 if (zfsvfs->z_use_sa && zp->z_is_sa)
6166 error = zfs_deleteextattr_sa(ap, attrname);
6167 if (error == ENOENT)
6168 error = zfs_deleteextattr_dir(ap, attrname);
6169 return (error);
6170 }
6171
6172 /*
6173 * Vnode operation to remove a named attribute.
6174 */
6175 static int
zfs_deleteextattr(struct vop_deleteextattr_args * ap)6176 zfs_deleteextattr(struct vop_deleteextattr_args *ap)
6177 {
6178 znode_t *zp = VTOZ(ap->a_vp);
6179 zfsvfs_t *zfsvfs = ZTOZSB(zp);
6180 int error;
6181
6182 /*
6183 * If the xattr property is off, refuse the request.
6184 */
6185 if (!(zfsvfs->z_flags & ZSB_XATTR))
6186 return (SET_ERROR(EOPNOTSUPP));
6187
6188 error = extattr_check_cred(ap->a_vp, ap->a_attrnamespace,
6189 ap->a_cred, ap->a_td, VWRITE);
6190 if (error != 0)
6191 return (SET_ERROR(error));
6192
6193 error = zfs_check_attrname(ap->a_name);
6194 if (error != 0)
6195 return (error);
6196
6197 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
6198 return (error);
6199 rw_enter(&zp->z_xattr_lock, RW_WRITER);
6200
6201 error = zfs_deleteextattr_impl(ap, zfs_xattr_compat);
6202 if ((error == ENOENT || error == ENOATTR) &&
6203 ap->a_attrnamespace == EXTATTR_NAMESPACE_USER) {
6204 /*
6205 * Fall back to the alternate namespace format if we failed to
6206 * find a user xattr.
6207 */
6208 error = zfs_deleteextattr_impl(ap, !zfs_xattr_compat);
6209 }
6210
6211 rw_exit(&zp->z_xattr_lock);
6212 zfs_exit(zfsvfs, FTAG);
6213 if (error == ENOENT)
6214 error = SET_ERROR(ENOATTR);
6215 return (error);
6216 }
6217
6218 #ifndef _SYS_SYSPROTO_H_
6219 struct vop_setextattr {
6220 IN struct vnode *a_vp;
6221 IN int a_attrnamespace;
6222 IN const char *a_name;
6223 INOUT struct uio *a_uio;
6224 IN struct ucred *a_cred;
6225 IN struct thread *a_td;
6226 };
6227 #endif
6228
6229 static int
zfs_setextattr_dir(struct vop_setextattr_args * ap,const char * attrname)6230 zfs_setextattr_dir(struct vop_setextattr_args *ap, const char *attrname)
6231 {
6232 struct thread *td = ap->a_td;
6233 struct nameidata nd;
6234 struct vattr va;
6235 vnode_t *xvp = NULL, *vp;
6236 int error, flags;
6237
6238 error = zfs_lookup(ap->a_vp, NULL, &xvp, NULL, 0, ap->a_cred,
6239 LOOKUP_XATTR | CREATE_XATTR_DIR, B_FALSE);
6240 if (error != 0)
6241 return (error);
6242
6243 flags = FFLAGS(O_WRONLY | O_CREAT);
6244 #if __FreeBSD_version < 1400043
6245 NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, attrname, xvp, td);
6246 #else
6247 NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, attrname, xvp);
6248 #endif
6249 error = vn_open_cred(&nd, &flags, 0600, VN_OPEN_INVFS, ap->a_cred,
6250 NULL);
6251 if (error != 0)
6252 return (SET_ERROR(error));
6253 vp = nd.ni_vp;
6254 NDFREE_PNBUF(&nd);
6255
6256 VATTR_NULL(&va);
6257 va.va_size = 0;
6258 error = VOP_SETATTR(vp, &va, ap->a_cred);
6259 if (error == 0)
6260 VOP_WRITE(vp, ap->a_uio, IO_UNIT, ap->a_cred);
6261
6262 VOP_UNLOCK(vp);
6263 vn_close(vp, flags, ap->a_cred, td);
6264 return (error);
6265 }
6266
6267 static int
zfs_setextattr_sa(struct vop_setextattr_args * ap,const char * attrname)6268 zfs_setextattr_sa(struct vop_setextattr_args *ap, const char *attrname)
6269 {
6270 znode_t *zp = VTOZ(ap->a_vp);
6271 nvlist_t *nvl;
6272 size_t sa_size;
6273 int error;
6274
6275 error = zfs_ensure_xattr_cached(zp);
6276 if (error != 0)
6277 return (error);
6278
6279 ASSERT(RW_WRITE_HELD(&zp->z_xattr_lock));
6280 ASSERT3P(zp->z_xattr_cached, !=, NULL);
6281
6282 nvl = zp->z_xattr_cached;
6283 size_t entry_size = ap->a_uio->uio_resid;
6284 if (entry_size > DXATTR_MAX_ENTRY_SIZE)
6285 return (SET_ERROR(EFBIG));
6286 error = nvlist_size(nvl, &sa_size, NV_ENCODE_XDR);
6287 if (error != 0)
6288 return (SET_ERROR(error));
6289 if (sa_size > DXATTR_MAX_SA_SIZE)
6290 return (SET_ERROR(EFBIG));
6291 uchar_t *buf = kmem_alloc(entry_size, KM_SLEEP);
6292 error = uiomove(buf, entry_size, ap->a_uio);
6293 if (error != 0) {
6294 error = SET_ERROR(error);
6295 } else {
6296 error = nvlist_add_byte_array(nvl, attrname, buf, entry_size);
6297 if (error != 0)
6298 error = SET_ERROR(error);
6299 }
6300 if (error == 0)
6301 error = zfs_sa_set_xattr(zp, attrname, buf, entry_size);
6302 kmem_free(buf, entry_size);
6303 if (error != 0) {
6304 zp->z_xattr_cached = NULL;
6305 nvlist_free(nvl);
6306 }
6307 return (error);
6308 }
6309
6310 static int
zfs_setextattr_impl(struct vop_setextattr_args * ap,boolean_t compat)6311 zfs_setextattr_impl(struct vop_setextattr_args *ap, boolean_t compat)
6312 {
6313 znode_t *zp = VTOZ(ap->a_vp);
6314 zfsvfs_t *zfsvfs = ZTOZSB(zp);
6315 char attrname[EXTATTR_MAXNAMELEN+1];
6316 int error;
6317
6318 error = zfs_create_attrname(ap->a_attrnamespace, ap->a_name, attrname,
6319 sizeof (attrname), compat);
6320 if (error != 0)
6321 return (error);
6322
6323 struct vop_deleteextattr_args vda = {
6324 .a_vp = ap->a_vp,
6325 .a_attrnamespace = ap->a_attrnamespace,
6326 .a_name = ap->a_name,
6327 .a_cred = ap->a_cred,
6328 .a_td = ap->a_td,
6329 };
6330 error = ENOENT;
6331 if (zfsvfs->z_use_sa && zp->z_is_sa && zfsvfs->z_xattr_sa) {
6332 error = zfs_setextattr_sa(ap, attrname);
6333 if (error == 0) {
6334 /*
6335 * Successfully put into SA, we need to clear the one
6336 * in dir if present.
6337 */
6338 zfs_deleteextattr_dir(&vda, attrname);
6339 }
6340 }
6341 if (error != 0) {
6342 error = zfs_setextattr_dir(ap, attrname);
6343 if (error == 0 && zp->z_is_sa) {
6344 /*
6345 * Successfully put into dir, we need to clear the one
6346 * in SA if present.
6347 */
6348 zfs_deleteextattr_sa(&vda, attrname);
6349 }
6350 }
6351 if (error == 0 && ap->a_attrnamespace == EXTATTR_NAMESPACE_USER) {
6352 /*
6353 * Also clear all versions of the alternate compat name.
6354 */
6355 zfs_deleteextattr_impl(&vda, !compat);
6356 }
6357 return (error);
6358 }
6359
6360 /*
6361 * Vnode operation to set a named attribute.
6362 */
6363 static int
zfs_setextattr(struct vop_setextattr_args * ap)6364 zfs_setextattr(struct vop_setextattr_args *ap)
6365 {
6366 znode_t *zp = VTOZ(ap->a_vp);
6367 zfsvfs_t *zfsvfs = ZTOZSB(zp);
6368 int error;
6369
6370 /*
6371 * If the xattr property is off, refuse the request.
6372 */
6373 if (!(zfsvfs->z_flags & ZSB_XATTR))
6374 return (SET_ERROR(EOPNOTSUPP));
6375
6376 error = extattr_check_cred(ap->a_vp, ap->a_attrnamespace,
6377 ap->a_cred, ap->a_td, VWRITE);
6378 if (error != 0)
6379 return (SET_ERROR(error));
6380
6381 error = zfs_check_attrname(ap->a_name);
6382 if (error != 0)
6383 return (error);
6384
6385 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
6386 return (error);
6387 rw_enter(&zp->z_xattr_lock, RW_WRITER);
6388
6389 error = zfs_setextattr_impl(ap, zfs_xattr_compat);
6390
6391 rw_exit(&zp->z_xattr_lock);
6392 zfs_exit(zfsvfs, FTAG);
6393 return (error);
6394 }
6395
6396 #ifndef _SYS_SYSPROTO_H_
6397 struct vop_listextattr {
6398 IN struct vnode *a_vp;
6399 IN int a_attrnamespace;
6400 INOUT struct uio *a_uio;
6401 OUT size_t *a_size;
6402 IN struct ucred *a_cred;
6403 IN struct thread *a_td;
6404 };
6405 #endif
6406
6407 static int
zfs_listextattr_dir(struct vop_listextattr_args * ap,const char * attrprefix)6408 zfs_listextattr_dir(struct vop_listextattr_args *ap, const char *attrprefix)
6409 {
6410 struct thread *td = ap->a_td;
6411 struct nameidata nd;
6412 uint8_t dirbuf[sizeof (struct dirent)];
6413 struct iovec aiov;
6414 struct uio auio;
6415 vnode_t *xvp = NULL, *vp;
6416 int error, eof;
6417
6418 error = zfs_lookup(ap->a_vp, NULL, &xvp, NULL, 0, ap->a_cred,
6419 LOOKUP_XATTR, B_FALSE);
6420 if (error != 0) {
6421 /*
6422 * ENOATTR means that the EA directory does not yet exist,
6423 * i.e. there are no extended attributes there.
6424 */
6425 if (error == ENOATTR)
6426 error = 0;
6427 return (error);
6428 }
6429
6430 #if __FreeBSD_version < 1400043
6431 NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | LOCKSHARED,
6432 UIO_SYSSPACE, ".", xvp, td);
6433 #else
6434 NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | LOCKSHARED,
6435 UIO_SYSSPACE, ".", xvp);
6436 #endif
6437 error = namei(&nd);
6438 if (error != 0)
6439 return (SET_ERROR(error));
6440 vp = nd.ni_vp;
6441 NDFREE_PNBUF(&nd);
6442
6443 auio.uio_iov = &aiov;
6444 auio.uio_iovcnt = 1;
6445 auio.uio_segflg = UIO_SYSSPACE;
6446 auio.uio_td = td;
6447 auio.uio_rw = UIO_READ;
6448 auio.uio_offset = 0;
6449
6450 size_t plen = strlen(attrprefix);
6451
6452 do {
6453 aiov.iov_base = (void *)dirbuf;
6454 aiov.iov_len = sizeof (dirbuf);
6455 auio.uio_resid = sizeof (dirbuf);
6456 error = VOP_READDIR(vp, &auio, ap->a_cred, &eof, NULL, NULL);
6457 if (error != 0)
6458 break;
6459 int done = sizeof (dirbuf) - auio.uio_resid;
6460 for (int pos = 0; pos < done; ) {
6461 struct dirent *dp = (struct dirent *)(dirbuf + pos);
6462 pos += dp->d_reclen;
6463 /*
6464 * XXX: Temporarily we also accept DT_UNKNOWN, as this
6465 * is what we get when attribute was created on Solaris.
6466 */
6467 if (dp->d_type != DT_REG && dp->d_type != DT_UNKNOWN)
6468 continue;
6469 else if (plen == 0 &&
6470 ZFS_XA_NS_PREFIX_FORBIDDEN(dp->d_name))
6471 continue;
6472 else if (strncmp(dp->d_name, attrprefix, plen) != 0)
6473 continue;
6474 uint8_t nlen = dp->d_namlen - plen;
6475 if (ap->a_size != NULL) {
6476 *ap->a_size += 1 + nlen;
6477 } else if (ap->a_uio != NULL) {
6478 /*
6479 * Format of extattr name entry is one byte for
6480 * length and the rest for name.
6481 */
6482 error = uiomove(&nlen, 1, ap->a_uio);
6483 if (error == 0) {
6484 char *namep = dp->d_name + plen;
6485 error = uiomove(namep, nlen, ap->a_uio);
6486 }
6487 if (error != 0) {
6488 error = SET_ERROR(error);
6489 break;
6490 }
6491 }
6492 }
6493 } while (!eof && error == 0);
6494
6495 vput(vp);
6496 return (error);
6497 }
6498
6499 static int
zfs_listextattr_sa(struct vop_listextattr_args * ap,const char * attrprefix)6500 zfs_listextattr_sa(struct vop_listextattr_args *ap, const char *attrprefix)
6501 {
6502 znode_t *zp = VTOZ(ap->a_vp);
6503 int error;
6504
6505 error = zfs_ensure_xattr_cached(zp);
6506 if (error != 0)
6507 return (error);
6508
6509 ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock));
6510 ASSERT3P(zp->z_xattr_cached, !=, NULL);
6511
6512 size_t plen = strlen(attrprefix);
6513 nvpair_t *nvp = NULL;
6514 while ((nvp = nvlist_next_nvpair(zp->z_xattr_cached, nvp)) != NULL) {
6515 ASSERT3U(nvpair_type(nvp), ==, DATA_TYPE_BYTE_ARRAY);
6516
6517 const char *name = nvpair_name(nvp);
6518 if (plen == 0 && ZFS_XA_NS_PREFIX_FORBIDDEN(name))
6519 continue;
6520 else if (strncmp(name, attrprefix, plen) != 0)
6521 continue;
6522 uint8_t nlen = strlen(name) - plen;
6523 if (ap->a_size != NULL) {
6524 *ap->a_size += 1 + nlen;
6525 } else if (ap->a_uio != NULL) {
6526 /*
6527 * Format of extattr name entry is one byte for
6528 * length and the rest for name.
6529 */
6530 error = uiomove(&nlen, 1, ap->a_uio);
6531 if (error == 0) {
6532 char *namep = __DECONST(char *, name) + plen;
6533 error = uiomove(namep, nlen, ap->a_uio);
6534 }
6535 if (error != 0) {
6536 error = SET_ERROR(error);
6537 break;
6538 }
6539 }
6540 }
6541
6542 return (error);
6543 }
6544
6545 static int
zfs_listextattr_impl(struct vop_listextattr_args * ap,boolean_t compat)6546 zfs_listextattr_impl(struct vop_listextattr_args *ap, boolean_t compat)
6547 {
6548 znode_t *zp = VTOZ(ap->a_vp);
6549 zfsvfs_t *zfsvfs = ZTOZSB(zp);
6550 char attrprefix[16];
6551 int error;
6552
6553 error = zfs_create_attrname(ap->a_attrnamespace, "", attrprefix,
6554 sizeof (attrprefix), compat);
6555 if (error != 0)
6556 return (error);
6557
6558 if (zfsvfs->z_use_sa && zp->z_is_sa)
6559 error = zfs_listextattr_sa(ap, attrprefix);
6560 if (error == 0)
6561 error = zfs_listextattr_dir(ap, attrprefix);
6562 return (error);
6563 }
6564
6565 /*
6566 * Vnode operation to retrieve extended attributes on a vnode.
6567 */
6568 static int
zfs_listextattr(struct vop_listextattr_args * ap)6569 zfs_listextattr(struct vop_listextattr_args *ap)
6570 {
6571 znode_t *zp = VTOZ(ap->a_vp);
6572 zfsvfs_t *zfsvfs = ZTOZSB(zp);
6573 int error;
6574
6575 if (ap->a_size != NULL)
6576 *ap->a_size = 0;
6577
6578 /*
6579 * If the xattr property is off, refuse the request.
6580 */
6581 if (!(zfsvfs->z_flags & ZSB_XATTR))
6582 return (SET_ERROR(EOPNOTSUPP));
6583
6584 error = extattr_check_cred(ap->a_vp, ap->a_attrnamespace,
6585 ap->a_cred, ap->a_td, VREAD);
6586 if (error != 0)
6587 return (SET_ERROR(error));
6588
6589 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
6590 return (error);
6591 rw_enter(&zp->z_xattr_lock, RW_READER);
6592
6593 error = zfs_listextattr_impl(ap, zfs_xattr_compat);
6594 if (error == 0 && ap->a_attrnamespace == EXTATTR_NAMESPACE_USER) {
6595 /* Also list user xattrs with the alternate format. */
6596 error = zfs_listextattr_impl(ap, !zfs_xattr_compat);
6597 }
6598
6599 rw_exit(&zp->z_xattr_lock);
6600 zfs_exit(zfsvfs, FTAG);
6601 return (error);
6602 }
6603
6604 #ifndef _SYS_SYSPROTO_H_
6605 struct vop_getacl_args {
6606 struct vnode *vp;
6607 acl_type_t type;
6608 struct acl *aclp;
6609 struct ucred *cred;
6610 struct thread *td;
6611 };
6612 #endif
6613
6614 static int
zfs_freebsd_getacl(struct vop_getacl_args * ap)6615 zfs_freebsd_getacl(struct vop_getacl_args *ap)
6616 {
6617 int error;
6618 vsecattr_t vsecattr;
6619
6620 if (ap->a_type != ACL_TYPE_NFS4)
6621 return (EINVAL);
6622
6623 vsecattr.vsa_mask = VSA_ACE | VSA_ACECNT;
6624 if ((error = zfs_getsecattr(VTOZ(ap->a_vp),
6625 &vsecattr, 0, ap->a_cred)))
6626 return (error);
6627
6628 error = acl_from_aces(ap->a_aclp, vsecattr.vsa_aclentp,
6629 vsecattr.vsa_aclcnt);
6630 if (vsecattr.vsa_aclentp != NULL)
6631 kmem_free(vsecattr.vsa_aclentp, vsecattr.vsa_aclentsz);
6632
6633 return (error);
6634 }
6635
6636 #ifndef _SYS_SYSPROTO_H_
6637 struct vop_setacl_args {
6638 struct vnode *vp;
6639 acl_type_t type;
6640 struct acl *aclp;
6641 struct ucred *cred;
6642 struct thread *td;
6643 };
6644 #endif
6645
6646 static int
zfs_freebsd_setacl(struct vop_setacl_args * ap)6647 zfs_freebsd_setacl(struct vop_setacl_args *ap)
6648 {
6649 int error;
6650 vsecattr_t vsecattr;
6651 int aclbsize; /* size of acl list in bytes */
6652 aclent_t *aaclp;
6653
6654 if (ap->a_type != ACL_TYPE_NFS4)
6655 return (EINVAL);
6656
6657 if (ap->a_aclp == NULL)
6658 return (EINVAL);
6659
6660 if (ap->a_aclp->acl_cnt < 1 || ap->a_aclp->acl_cnt > MAX_ACL_ENTRIES)
6661 return (EINVAL);
6662
6663 /*
6664 * With NFSv4 ACLs, chmod(2) may need to add additional entries,
6665 * splitting every entry into two and appending "canonical six"
6666 * entries at the end. Don't allow for setting an ACL that would
6667 * cause chmod(2) to run out of ACL entries.
6668 */
6669 if (ap->a_aclp->acl_cnt * 2 + 6 > ACL_MAX_ENTRIES)
6670 return (ENOSPC);
6671
6672 error = acl_nfs4_check(ap->a_aclp, ap->a_vp->v_type == VDIR);
6673 if (error != 0)
6674 return (error);
6675
6676 vsecattr.vsa_mask = VSA_ACE;
6677 aclbsize = ap->a_aclp->acl_cnt * sizeof (ace_t);
6678 vsecattr.vsa_aclentp = kmem_alloc(aclbsize, KM_SLEEP);
6679 aaclp = vsecattr.vsa_aclentp;
6680 vsecattr.vsa_aclentsz = aclbsize;
6681
6682 aces_from_acl(vsecattr.vsa_aclentp, &vsecattr.vsa_aclcnt, ap->a_aclp);
6683 error = zfs_setsecattr(VTOZ(ap->a_vp), &vsecattr, 0, ap->a_cred);
6684 kmem_free(aaclp, aclbsize);
6685
6686 return (error);
6687 }
6688
6689 #ifndef _SYS_SYSPROTO_H_
6690 struct vop_aclcheck_args {
6691 struct vnode *vp;
6692 acl_type_t type;
6693 struct acl *aclp;
6694 struct ucred *cred;
6695 struct thread *td;
6696 };
6697 #endif
6698
6699 static int
zfs_freebsd_aclcheck(struct vop_aclcheck_args * ap)6700 zfs_freebsd_aclcheck(struct vop_aclcheck_args *ap)
6701 {
6702
6703 return (EOPNOTSUPP);
6704 }
6705
6706 #ifndef _SYS_SYSPROTO_H_
6707 struct vop_advise_args {
6708 struct vnode *a_vp;
6709 off_t a_start;
6710 off_t a_end;
6711 int a_advice;
6712 };
6713 #endif
6714
6715 static int
zfs_freebsd_advise(struct vop_advise_args * ap)6716 zfs_freebsd_advise(struct vop_advise_args *ap)
6717 {
6718 vnode_t *vp = ap->a_vp;
6719 off_t start = ap->a_start;
6720 off_t end = ap->a_end;
6721 int advice = ap->a_advice;
6722 off_t len;
6723 znode_t *zp;
6724 zfsvfs_t *zfsvfs;
6725 objset_t *os;
6726 int error = 0;
6727
6728 if (end < start)
6729 return (EINVAL);
6730
6731 error = vn_lock(vp, LK_SHARED);
6732 if (error)
6733 return (error);
6734
6735 zp = VTOZ(vp);
6736 zfsvfs = zp->z_zfsvfs;
6737 os = zp->z_zfsvfs->z_os;
6738
6739 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
6740 goto out_unlock;
6741
6742 /* kern_posix_fadvise points to the last byte, we want one past */
6743 if (end != OFF_MAX)
6744 end += 1;
6745 len = end - start;
6746
6747 switch (advice) {
6748 case POSIX_FADV_WILLNEED:
6749 /*
6750 * Pass on the caller's size directly, but note that
6751 * dmu_prefetch_max will effectively cap it. If there really
6752 * is a larger sequential access pattern, perhaps dmu_zfetch
6753 * will detect it.
6754 */
6755 dmu_prefetch(os, zp->z_id, 0, start, len,
6756 ZIO_PRIORITY_ASYNC_READ);
6757 break;
6758 case POSIX_FADV_NORMAL:
6759 case POSIX_FADV_RANDOM:
6760 case POSIX_FADV_SEQUENTIAL:
6761 case POSIX_FADV_DONTNEED:
6762 case POSIX_FADV_NOREUSE:
6763 /* ignored for now */
6764 break;
6765 default:
6766 error = EINVAL;
6767 break;
6768 }
6769
6770 zfs_exit(zfsvfs, FTAG);
6771
6772 out_unlock:
6773 VOP_UNLOCK(vp);
6774
6775 return (error);
6776 }
6777
6778 static int
zfs_vptocnp(struct vop_vptocnp_args * ap)6779 zfs_vptocnp(struct vop_vptocnp_args *ap)
6780 {
6781 vnode_t *covered_vp;
6782 vnode_t *vp = ap->a_vp;
6783 zfsvfs_t *zfsvfs = vp->v_vfsp->vfs_data;
6784 znode_t *zp = VTOZ(vp);
6785 int ltype;
6786 int error;
6787
6788 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
6789 return (error);
6790
6791 /*
6792 * If we are a snapshot mounted under .zfs, run the operation
6793 * on the covered vnode.
6794 */
6795 if (zp->z_id != zfsvfs->z_root || zfsvfs->z_parent == zfsvfs) {
6796 char name[MAXNAMLEN + 1];
6797 znode_t *dzp;
6798 size_t len;
6799
6800 error = zfs_znode_parent_and_name(zp, &dzp, name,
6801 sizeof (name));
6802 if (error == 0) {
6803 len = strlen(name);
6804 if (*ap->a_buflen < len)
6805 error = SET_ERROR(ENOMEM);
6806 }
6807 if (error == 0) {
6808 *ap->a_buflen -= len;
6809 memcpy(ap->a_buf + *ap->a_buflen, name, len);
6810 *ap->a_vpp = ZTOV(dzp);
6811 }
6812 zfs_exit(zfsvfs, FTAG);
6813 return (error);
6814 }
6815 zfs_exit(zfsvfs, FTAG);
6816
6817 covered_vp = vp->v_mount->mnt_vnodecovered;
6818 enum vgetstate vs = vget_prep(covered_vp);
6819 ltype = VOP_ISLOCKED(vp);
6820 VOP_UNLOCK(vp);
6821 error = vget_finish(covered_vp, LK_SHARED, vs);
6822 if (error == 0) {
6823 error = VOP_VPTOCNP(covered_vp, ap->a_vpp, ap->a_buf,
6824 ap->a_buflen);
6825 vput(covered_vp);
6826 }
6827 vn_lock(vp, ltype | LK_RETRY);
6828 if (VN_IS_DOOMED(vp))
6829 error = SET_ERROR(ENOENT);
6830 return (error);
6831 }
6832
6833 #if __FreeBSD_version >= 1400032
6834 static int
zfs_deallocate(struct vop_deallocate_args * ap)6835 zfs_deallocate(struct vop_deallocate_args *ap)
6836 {
6837 znode_t *zp = VTOZ(ap->a_vp);
6838 zfsvfs_t *zfsvfs = zp->z_zfsvfs;
6839 zilog_t *zilog;
6840 off_t off, len, file_sz;
6841 int error;
6842
6843 if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
6844 return (error);
6845
6846 /*
6847 * Callers might not be able to detect properly that we are read-only,
6848 * so check it explicitly here.
6849 */
6850 if (zfs_is_readonly(zfsvfs)) {
6851 zfs_exit(zfsvfs, FTAG);
6852 return (SET_ERROR(EROFS));
6853 }
6854
6855 zilog = zfsvfs->z_log;
6856 off = *ap->a_offset;
6857 len = *ap->a_len;
6858 file_sz = zp->z_size;
6859 if (off + len > file_sz)
6860 len = file_sz - off;
6861 /* Fast path for out-of-range request. */
6862 if (len <= 0) {
6863 *ap->a_len = 0;
6864 zfs_exit(zfsvfs, FTAG);
6865 return (0);
6866 }
6867
6868 error = zfs_freesp(zp, off, len, O_RDWR, TRUE);
6869 if (error == 0) {
6870 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS ||
6871 (ap->a_ioflag & IO_SYNC) != 0)
6872 error = zil_commit(zilog, zp->z_id);
6873 if (error == 0) {
6874 *ap->a_offset = off + len;
6875 *ap->a_len = 0;
6876 }
6877 }
6878
6879 zfs_exit(zfsvfs, FTAG);
6880 return (error);
6881 }
6882 #endif
6883
6884 #ifndef _SYS_SYSPROTO_H_
6885 struct vop_copy_file_range_args {
6886 struct vnode *a_invp;
6887 off_t *a_inoffp;
6888 struct vnode *a_outvp;
6889 off_t *a_outoffp;
6890 size_t *a_lenp;
6891 unsigned int a_flags;
6892 struct ucred *a_incred;
6893 struct ucred *a_outcred;
6894 struct thread *a_fsizetd;
6895 }
6896 #endif
6897 /*
6898 * TODO: FreeBSD will only call file system-specific copy_file_range() if both
6899 * files resides under the same mountpoint. In case of ZFS we want to be called
6900 * even is files are in different datasets (but on the same pools, but we need
6901 * to check that ourselves).
6902 */
6903 static int
zfs_freebsd_copy_file_range(struct vop_copy_file_range_args * ap)6904 zfs_freebsd_copy_file_range(struct vop_copy_file_range_args *ap)
6905 {
6906 zfsvfs_t *outzfsvfs;
6907 struct vnode *invp = ap->a_invp;
6908 struct vnode *outvp = ap->a_outvp;
6909 struct mount *mp;
6910 int error;
6911 uint64_t len = *ap->a_lenp;
6912
6913 if (!zfs_bclone_enabled) {
6914 mp = NULL;
6915 goto bad_write_fallback;
6916 }
6917
6918 /*
6919 * TODO: If offset/length is not aligned to recordsize, use
6920 * vn_generic_copy_file_range() on this fragment.
6921 * It would be better to do this after we lock the vnodes, but then we
6922 * need something else than vn_generic_copy_file_range().
6923 */
6924
6925 vn_start_write(outvp, &mp, V_WAIT);
6926 if (__predict_true(mp == outvp->v_mount)) {
6927 outzfsvfs = (zfsvfs_t *)mp->mnt_data;
6928 if (!spa_feature_is_enabled(dmu_objset_spa(outzfsvfs->z_os),
6929 SPA_FEATURE_BLOCK_CLONING)) {
6930 goto bad_write_fallback;
6931 }
6932 }
6933 if (invp == outvp) {
6934 if (vn_lock(outvp, LK_EXCLUSIVE) != 0) {
6935 goto bad_write_fallback;
6936 }
6937 } else {
6938 #if (__FreeBSD_version >= 1302506 && __FreeBSD_version < 1400000) || \
6939 __FreeBSD_version >= 1400086
6940 vn_lock_pair(invp, false, LK_SHARED, outvp, false,
6941 LK_EXCLUSIVE);
6942 #else
6943 vn_lock_pair(invp, false, outvp, false);
6944 #endif
6945 if (VN_IS_DOOMED(invp) || VN_IS_DOOMED(outvp)) {
6946 goto bad_locked_fallback;
6947 }
6948 }
6949
6950 #ifdef MAC
6951 error = mac_vnode_check_write(curthread->td_ucred, ap->a_outcred,
6952 outvp);
6953 if (error != 0)
6954 goto out_locked;
6955 #endif
6956
6957 error = zfs_clone_range(VTOZ(invp), ap->a_inoffp, VTOZ(outvp),
6958 ap->a_outoffp, &len, ap->a_outcred);
6959 if (error == EXDEV || error == EAGAIN || error == EINVAL ||
6960 error == EOPNOTSUPP)
6961 goto bad_locked_fallback;
6962 *ap->a_lenp = (size_t)len;
6963 #ifdef MAC
6964 out_locked:
6965 #endif
6966 if (invp != outvp)
6967 VOP_UNLOCK(invp);
6968 VOP_UNLOCK(outvp);
6969 if (mp != NULL)
6970 vn_finished_write(mp);
6971 return (error);
6972
6973 bad_locked_fallback:
6974 if (invp != outvp)
6975 VOP_UNLOCK(invp);
6976 VOP_UNLOCK(outvp);
6977 bad_write_fallback:
6978 if (mp != NULL)
6979 vn_finished_write(mp);
6980 error = ENOSYS;
6981 return (error);
6982 }
6983
6984 struct vop_vector zfs_vnodeops;
6985 struct vop_vector zfs_fifoops;
6986 struct vop_vector zfs_shareops;
6987
6988 struct vop_vector zfs_vnodeops = {
6989 .vop_default = &default_vnodeops,
6990 .vop_inactive = zfs_freebsd_inactive,
6991 .vop_need_inactive = zfs_freebsd_need_inactive,
6992 .vop_reclaim = zfs_freebsd_reclaim,
6993 .vop_fplookup_vexec = zfs_freebsd_fplookup_vexec,
6994 .vop_fplookup_symlink = zfs_freebsd_fplookup_symlink,
6995 .vop_access = zfs_freebsd_access,
6996 .vop_allocate = VOP_EOPNOTSUPP,
6997 #if __FreeBSD_version >= 1400032
6998 .vop_deallocate = zfs_deallocate,
6999 #endif
7000 .vop_lookup = zfs_cache_lookup,
7001 .vop_cachedlookup = zfs_freebsd_cachedlookup,
7002 .vop_getattr = zfs_freebsd_getattr,
7003 .vop_setattr = zfs_freebsd_setattr,
7004 .vop_create = zfs_freebsd_create,
7005 .vop_mknod = (vop_mknod_t *)zfs_freebsd_create,
7006 .vop_mkdir = zfs_freebsd_mkdir,
7007 .vop_readdir = zfs_freebsd_readdir,
7008 .vop_fsync = zfs_freebsd_fsync,
7009 .vop_open = zfs_freebsd_open,
7010 .vop_close = zfs_freebsd_close,
7011 .vop_rmdir = zfs_freebsd_rmdir,
7012 .vop_ioctl = zfs_freebsd_ioctl,
7013 .vop_link = zfs_freebsd_link,
7014 .vop_symlink = zfs_freebsd_symlink,
7015 .vop_readlink = zfs_freebsd_readlink,
7016 .vop_advise = zfs_freebsd_advise,
7017 .vop_read = zfs_freebsd_read,
7018 .vop_write = zfs_freebsd_write,
7019 .vop_remove = zfs_freebsd_remove,
7020 .vop_rename = zfs_freebsd_rename,
7021 .vop_pathconf = zfs_freebsd_pathconf,
7022 .vop_bmap = zfs_freebsd_bmap,
7023 .vop_fid = zfs_freebsd_fid,
7024 .vop_getextattr = zfs_getextattr,
7025 .vop_deleteextattr = zfs_deleteextattr,
7026 .vop_setextattr = zfs_setextattr,
7027 .vop_listextattr = zfs_listextattr,
7028 .vop_getacl = zfs_freebsd_getacl,
7029 .vop_setacl = zfs_freebsd_setacl,
7030 .vop_aclcheck = zfs_freebsd_aclcheck,
7031 .vop_getpages = zfs_freebsd_getpages,
7032 .vop_putpages = zfs_freebsd_putpages,
7033 .vop_vptocnp = zfs_vptocnp,
7034 .vop_lock1 = vop_lock,
7035 .vop_unlock = vop_unlock,
7036 .vop_islocked = vop_islocked,
7037 #if __FreeBSD_version >= 1400043
7038 .vop_add_writecount = vop_stdadd_writecount_nomsync,
7039 #endif
7040 .vop_copy_file_range = zfs_freebsd_copy_file_range,
7041 };
7042 VFS_VOP_VECTOR_REGISTER(zfs_vnodeops);
7043
7044 struct vop_vector zfs_fifoops = {
7045 .vop_default = &fifo_specops,
7046 .vop_fsync = zfs_freebsd_fsync,
7047 .vop_fplookup_vexec = zfs_freebsd_fplookup_vexec,
7048 .vop_fplookup_symlink = zfs_freebsd_fplookup_symlink,
7049 .vop_access = zfs_freebsd_access,
7050 .vop_getattr = zfs_freebsd_getattr,
7051 .vop_inactive = zfs_freebsd_inactive,
7052 .vop_read = VOP_PANIC,
7053 .vop_reclaim = zfs_freebsd_reclaim,
7054 .vop_setattr = zfs_freebsd_setattr,
7055 .vop_write = VOP_PANIC,
7056 .vop_pathconf = zfs_freebsd_pathconf,
7057 .vop_fid = zfs_freebsd_fid,
7058 .vop_getacl = zfs_freebsd_getacl,
7059 .vop_setacl = zfs_freebsd_setacl,
7060 .vop_aclcheck = zfs_freebsd_aclcheck,
7061 #if __FreeBSD_version >= 1400043
7062 .vop_add_writecount = vop_stdadd_writecount_nomsync,
7063 #endif
7064 };
7065 VFS_VOP_VECTOR_REGISTER(zfs_fifoops);
7066
7067 /*
7068 * special share hidden files vnode operations template
7069 */
7070 struct vop_vector zfs_shareops = {
7071 .vop_default = &default_vnodeops,
7072 .vop_fplookup_vexec = VOP_EAGAIN,
7073 .vop_fplookup_symlink = VOP_EAGAIN,
7074 .vop_access = zfs_freebsd_access,
7075 .vop_inactive = zfs_freebsd_inactive,
7076 .vop_reclaim = zfs_freebsd_reclaim,
7077 .vop_fid = zfs_freebsd_fid,
7078 .vop_pathconf = zfs_freebsd_pathconf,
7079 #if __FreeBSD_version >= 1400043
7080 .vop_add_writecount = vop_stdadd_writecount_nomsync,
7081 #endif
7082 };
7083 VFS_VOP_VECTOR_REGISTER(zfs_shareops);
7084
7085 ZFS_MODULE_PARAM(zfs, zfs_, xattr_compat, INT, ZMOD_RW,
7086 "Use legacy ZFS xattr naming for writing new user namespace xattrs");
7087