xref: /freebsd/sys/fs/fuse/fuse_vnops.c (revision 608da65de9552d5678c1000776ed69da04a45983)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 2007-2009 Google Inc. and Amit Singh
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions are
9  * met:
10  *
11  * * Redistributions of source code must retain the above copyright
12  *   notice, this list of conditions and the following disclaimer.
13  * * Redistributions in binary form must reproduce the above
14  *   copyright notice, this list of conditions and the following disclaimer
15  *   in the documentation and/or other materials provided with the
16  *   distribution.
17  * * Neither the name of Google Inc. nor the names of its
18  *   contributors may be used to endorse or promote products derived from
19  *   this software without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32  *
33  * Copyright (C) 2005 Csaba Henk.
34  * All rights reserved.
35  *
36  * Copyright (c) 2019 The FreeBSD Foundation
37  *
38  * Portions of this software were developed by BFF Storage Systems, LLC under
39  * sponsorship from the FreeBSD Foundation.
40  *
41  * Redistribution and use in source and binary forms, with or without
42  * modification, are permitted provided that the following conditions
43  * are met:
44  * 1. Redistributions of source code must retain the above copyright
45  *    notice, this list of conditions and the following disclaimer.
46  * 2. Redistributions in binary form must reproduce the above copyright
47  *    notice, this list of conditions and the following disclaimer in the
48  *    documentation and/or other materials provided with the distribution.
49  *
50  * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
51  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53  * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
54  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60  * SUCH DAMAGE.
61  */
62 
63 #include <sys/cdefs.h>
64 #include <sys/param.h>
65 #include <sys/module.h>
66 #include <sys/systm.h>
67 #include <sys/errno.h>
68 #include <sys/kernel.h>
69 #include <sys/conf.h>
70 #include <sys/filio.h>
71 #include <sys/uio.h>
72 #include <sys/malloc.h>
73 #include <sys/queue.h>
74 #include <sys/limits.h>
75 #include <sys/lock.h>
76 #include <sys/rwlock.h>
77 #include <sys/sx.h>
78 #include <sys/proc.h>
79 #include <sys/mount.h>
80 #include <sys/vnode.h>
81 #include <sys/namei.h>
82 #include <sys/extattr.h>
83 #include <sys/stat.h>
84 #include <sys/unistd.h>
85 #include <sys/filedesc.h>
86 #include <sys/file.h>
87 #include <sys/fcntl.h>
88 #include <sys/dirent.h>
89 #include <sys/bio.h>
90 #include <sys/buf.h>
91 #include <sys/sysctl.h>
92 #include <sys/vmmeter.h>
93 
94 #include <vm/vm.h>
95 #include <vm/vm_extern.h>
96 #include <vm/pmap.h>
97 #include <vm/vm_map.h>
98 #include <vm/vm_page.h>
99 #include <vm/vm_param.h>
100 #include <vm/vm_object.h>
101 #include <vm/vm_pager.h>
102 #include <vm/vnode_pager.h>
103 #include <vm/vm_object.h>
104 
105 #include "fuse.h"
106 #include "fuse_file.h"
107 #include "fuse_internal.h"
108 #include "fuse_ipc.h"
109 #include "fuse_node.h"
110 #include "fuse_io.h"
111 
112 #include <sys/priv.h>
113 
114 /* Maximum number of hardlinks to a single FUSE file */
115 #define FUSE_LINK_MAX                      UINT32_MAX
116 
117 SDT_PROVIDER_DECLARE(fusefs);
118 /*
119  * Fuse trace probe:
120  * arg0: verbosity.  Higher numbers give more verbose messages
121  * arg1: Textual message
122  */
123 SDT_PROBE_DEFINE2(fusefs, , vnops, trace, "int", "char*");
124 
125 /* vnode ops */
126 static vop_access_t fuse_vnop_access;
127 static vop_advlock_t fuse_vnop_advlock;
128 static vop_allocate_t fuse_vnop_allocate;
129 static vop_bmap_t fuse_vnop_bmap;
130 static vop_close_t fuse_fifo_close;
131 static vop_close_t fuse_vnop_close;
132 static vop_copy_file_range_t fuse_vnop_copy_file_range;
133 static vop_create_t fuse_vnop_create;
134 static vop_deallocate_t fuse_vnop_deallocate;
135 static vop_deleteextattr_t fuse_vnop_deleteextattr;
136 static vop_fdatasync_t fuse_vnop_fdatasync;
137 static vop_fsync_t fuse_vnop_fsync;
138 static vop_getattr_t fuse_vnop_getattr;
139 static vop_getextattr_t fuse_vnop_getextattr;
140 static vop_inactive_t fuse_vnop_inactive;
141 static vop_ioctl_t fuse_vnop_ioctl;
142 static vop_link_t fuse_vnop_link;
143 static vop_listextattr_t fuse_vnop_listextattr;
144 static vop_lookup_t fuse_vnop_lookup;
145 static vop_mkdir_t fuse_vnop_mkdir;
146 static vop_mknod_t fuse_vnop_mknod;
147 static vop_open_t fuse_vnop_open;
148 static vop_pathconf_t fuse_vnop_pathconf;
149 static vop_read_t fuse_vnop_read;
150 static vop_readdir_t fuse_vnop_readdir;
151 static vop_readlink_t fuse_vnop_readlink;
152 static vop_reclaim_t fuse_vnop_reclaim;
153 static vop_remove_t fuse_vnop_remove;
154 static vop_rename_t fuse_vnop_rename;
155 static vop_rmdir_t fuse_vnop_rmdir;
156 static vop_setattr_t fuse_vnop_setattr;
157 static vop_setextattr_t fuse_vnop_setextattr;
158 static vop_strategy_t fuse_vnop_strategy;
159 static vop_symlink_t fuse_vnop_symlink;
160 static vop_write_t fuse_vnop_write;
161 static vop_getpages_t fuse_vnop_getpages;
162 static vop_print_t fuse_vnop_print;
163 static vop_vptofh_t fuse_vnop_vptofh;
164 
165 struct vop_vector fuse_fifoops = {
166 	.vop_default =		&fifo_specops,
167 	.vop_access =		fuse_vnop_access,
168 	.vop_close =		fuse_fifo_close,
169 	.vop_fsync =		fuse_vnop_fsync,
170 	.vop_getattr =		fuse_vnop_getattr,
171 	.vop_inactive =		fuse_vnop_inactive,
172 	.vop_pathconf =		fuse_vnop_pathconf,
173 	.vop_print =		fuse_vnop_print,
174 	.vop_read =		VOP_PANIC,
175 	.vop_reclaim =		fuse_vnop_reclaim,
176 	.vop_setattr =		fuse_vnop_setattr,
177 	.vop_write =		VOP_PANIC,
178 	.vop_vptofh =		fuse_vnop_vptofh,
179 };
180 VFS_VOP_VECTOR_REGISTER(fuse_fifoops);
181 
182 struct vop_vector fuse_vnops = {
183 	.vop_allocate =	fuse_vnop_allocate,
184 	.vop_default = &default_vnodeops,
185 	.vop_access = fuse_vnop_access,
186 	.vop_advlock = fuse_vnop_advlock,
187 	.vop_bmap = fuse_vnop_bmap,
188 	.vop_close = fuse_vnop_close,
189 	.vop_copy_file_range = fuse_vnop_copy_file_range,
190 	.vop_create = fuse_vnop_create,
191 	.vop_deallocate = fuse_vnop_deallocate,
192 	.vop_deleteextattr = fuse_vnop_deleteextattr,
193 	.vop_fsync = fuse_vnop_fsync,
194 	.vop_fdatasync = fuse_vnop_fdatasync,
195 	.vop_getattr = fuse_vnop_getattr,
196 	.vop_getextattr = fuse_vnop_getextattr,
197 	.vop_inactive = fuse_vnop_inactive,
198 	.vop_ioctl = fuse_vnop_ioctl,
199 	.vop_link = fuse_vnop_link,
200 	.vop_listextattr = fuse_vnop_listextattr,
201 	.vop_lookup = fuse_vnop_lookup,
202 	.vop_mkdir = fuse_vnop_mkdir,
203 	.vop_mknod = fuse_vnop_mknod,
204 	.vop_open = fuse_vnop_open,
205 	.vop_pathconf = fuse_vnop_pathconf,
206 	/*
207 	 * TODO: implement vop_poll after upgrading to protocol 7.21.
208 	 * FUSE_POLL was added in protocol 7.11, but it's kind of broken until
209 	 * 7.21, which adds the ability for the client to choose which poll
210 	 * events it wants, and for a client to deregister a file handle
211 	 */
212 	.vop_read = fuse_vnop_read,
213 	.vop_readdir = fuse_vnop_readdir,
214 	.vop_readlink = fuse_vnop_readlink,
215 	.vop_reclaim = fuse_vnop_reclaim,
216 	.vop_remove = fuse_vnop_remove,
217 	.vop_rename = fuse_vnop_rename,
218 	.vop_rmdir = fuse_vnop_rmdir,
219 	.vop_setattr = fuse_vnop_setattr,
220 	.vop_setextattr = fuse_vnop_setextattr,
221 	.vop_strategy = fuse_vnop_strategy,
222 	.vop_symlink = fuse_vnop_symlink,
223 	.vop_write = fuse_vnop_write,
224 	.vop_getpages = fuse_vnop_getpages,
225 	.vop_print = fuse_vnop_print,
226 	.vop_vptofh = fuse_vnop_vptofh,
227 };
228 VFS_VOP_VECTOR_REGISTER(fuse_vnops);
229 
230 /* Check permission for extattr operations, much like extattr_check_cred */
231 static int
232 fuse_extattr_check_cred(struct vnode *vp, int ns, struct ucred *cred,
233 	struct thread *td, accmode_t accmode)
234 {
235 	struct mount *mp = vnode_mount(vp);
236 	struct fuse_data *data = fuse_get_mpdata(mp);
237 	int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS;
238 
239 	/*
240 	 * Kernel-invoked always succeeds.
241 	 */
242 	if (cred == NOCRED)
243 		return (0);
244 
245 	/*
246 	 * Do not allow privileged processes in jail to directly manipulate
247 	 * system attributes.
248 	 */
249 	switch (ns) {
250 	case EXTATTR_NAMESPACE_SYSTEM:
251 		if (default_permissions) {
252 			return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM));
253 		}
254 		return (0);
255 	case EXTATTR_NAMESPACE_USER:
256 		if (default_permissions) {
257 			return (fuse_internal_access(vp, accmode, td, cred));
258 		}
259 		return (0);
260 	default:
261 		return (EPERM);
262 	}
263 }
264 
265 /* Get a filehandle for a directory */
266 static int
267 fuse_filehandle_get_dir(struct vnode *vp, struct fuse_filehandle **fufhp,
268 	struct ucred *cred, pid_t pid)
269 {
270 	if (fuse_filehandle_get(vp, FREAD, fufhp, cred, pid) == 0)
271 		return 0;
272 	return fuse_filehandle_get(vp, FEXEC, fufhp, cred, pid);
273 }
274 
275 /* Send FUSE_FLUSH for this vnode */
276 static int
277 fuse_flush(struct vnode *vp, struct ucred *cred, pid_t pid, int fflag)
278 {
279 	struct fuse_flush_in *ffi;
280 	struct fuse_filehandle *fufh;
281 	struct fuse_dispatcher fdi;
282 	struct thread *td = curthread;
283 	struct mount *mp = vnode_mount(vp);
284 	int err;
285 
286 	if (fsess_not_impl(vnode_mount(vp), FUSE_FLUSH))
287 		return 0;
288 
289 	err = fuse_filehandle_getrw(vp, fflag, &fufh, cred, pid);
290 	if (err)
291 		return err;
292 
293 	fdisp_init(&fdi, sizeof(*ffi));
294 	fdisp_make_vp(&fdi, FUSE_FLUSH, vp, td, cred);
295 	ffi = fdi.indata;
296 	ffi->fh = fufh->fh_id;
297 	/*
298 	 * If the file has a POSIX lock then we're supposed to set lock_owner.
299 	 * If not, then lock_owner is undefined.  So we may as well always set
300 	 * it.
301 	 */
302 	ffi->lock_owner = td->td_proc->p_pid;
303 
304 	err = fdisp_wait_answ(&fdi);
305 	if (err == ENOSYS) {
306 		fsess_set_notimpl(mp, FUSE_FLUSH);
307 		err = 0;
308 	}
309 	fdisp_destroy(&fdi);
310 	return err;
311 }
312 
313 /* Close wrapper for fifos.  */
314 static int
315 fuse_fifo_close(struct vop_close_args *ap)
316 {
317 	return (fifo_specops.vop_close(ap));
318 }
319 
320 /* Invalidate a range of cached data, whether dirty of not */
321 static int
322 fuse_inval_buf_range(struct vnode *vp, off_t filesize, off_t start, off_t end)
323 {
324 	struct buf *bp;
325 	daddr_t left_lbn, end_lbn, right_lbn;
326 	off_t new_filesize;
327 	int iosize, left_on, right_on, right_blksize;
328 
329 	iosize = fuse_iosize(vp);
330 	left_lbn = start / iosize;
331 	end_lbn = howmany(end, iosize);
332 	left_on = start & (iosize - 1);
333 	if (left_on != 0) {
334 		bp = getblk(vp, left_lbn, iosize, PCATCH, 0, 0);
335 		if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyend >= left_on) {
336 			/*
337 			 * Flush the dirty buffer, because we don't have a
338 			 * byte-granular way to record which parts of the
339 			 * buffer are valid.
340 			 */
341 			bwrite(bp);
342 			if (bp->b_error)
343 				return (bp->b_error);
344 		} else {
345 			brelse(bp);
346 		}
347 	}
348 	right_on = end & (iosize - 1);
349 	if (right_on != 0) {
350 		right_lbn = end / iosize;
351 		new_filesize = MAX(filesize, end);
352 		right_blksize = MIN(iosize, new_filesize - iosize * right_lbn);
353 		bp = getblk(vp, right_lbn, right_blksize, PCATCH, 0, 0);
354 		if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyoff < right_on) {
355 			/*
356 			 * Flush the dirty buffer, because we don't have a
357 			 * byte-granular way to record which parts of the
358 			 * buffer are valid.
359 			 */
360 			bwrite(bp);
361 			if (bp->b_error)
362 				return (bp->b_error);
363 		} else {
364 			brelse(bp);
365 		}
366 	}
367 
368 	v_inval_buf_range(vp, left_lbn, end_lbn, iosize);
369 	return (0);
370 }
371 
372 
373 /* Send FUSE_LSEEK for this node */
374 static int
375 fuse_vnop_do_lseek(struct vnode *vp, struct thread *td, struct ucred *cred,
376 	pid_t pid, off_t *offp, int whence)
377 {
378 	struct fuse_dispatcher fdi;
379 	struct fuse_filehandle *fufh;
380 	struct fuse_lseek_in *flsi;
381 	struct fuse_lseek_out *flso;
382 	struct mount *mp = vnode_mount(vp);
383 	int err;
384 
385 	ASSERT_VOP_LOCKED(vp, __func__);
386 
387 	err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid);
388 	if (err)
389 		return (err);
390 	fdisp_init(&fdi, sizeof(*flsi));
391 	fdisp_make_vp(&fdi, FUSE_LSEEK, vp, td, cred);
392 	flsi = fdi.indata;
393 	flsi->fh = fufh->fh_id;
394 	flsi->offset = *offp;
395 	flsi->whence = whence;
396 	err = fdisp_wait_answ(&fdi);
397 	if (err == ENOSYS) {
398 		fsess_set_notimpl(mp, FUSE_LSEEK);
399 	} else if (err == 0) {
400 		fsess_set_impl(mp, FUSE_LSEEK);
401 		flso = fdi.answ;
402 		*offp = flso->offset;
403 	}
404 	fdisp_destroy(&fdi);
405 
406 	return (err);
407 }
408 
409 /*
410     struct vnop_access_args {
411 	struct vnode *a_vp;
412 #if VOP_ACCESS_TAKES_ACCMODE_T
413 	accmode_t a_accmode;
414 #else
415 	int a_mode;
416 #endif
417 	struct ucred *a_cred;
418 	struct thread *a_td;
419     };
420 */
421 static int
422 fuse_vnop_access(struct vop_access_args *ap)
423 {
424 	struct vnode *vp = ap->a_vp;
425 	int accmode = ap->a_accmode;
426 	struct ucred *cred = ap->a_cred;
427 
428 	struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp));
429 
430 	int err;
431 
432 	if (fuse_isdeadfs(vp)) {
433 		if (vnode_isvroot(vp)) {
434 			return 0;
435 		}
436 		return ENXIO;
437 	}
438 	if (!(data->dataflags & FSESS_INITED)) {
439 		if (vnode_isvroot(vp)) {
440 			if (priv_check_cred(cred, PRIV_VFS_ADMIN) ||
441 			    (fuse_match_cred(data->daemoncred, cred) == 0)) {
442 				return 0;
443 			}
444 		}
445 		return EBADF;
446 	}
447 	if (vnode_islnk(vp)) {
448 		return 0;
449 	}
450 
451 	err = fuse_internal_access(vp, accmode, ap->a_td, ap->a_cred);
452 	return err;
453 }
454 
455 /*
456  * struct vop_advlock_args {
457  *	struct vop_generic_args a_gen;
458  *	struct vnode *a_vp;
459  *	void *a_id;
460  *	int a_op;
461  *	struct flock *a_fl;
462  *	int a_flags;
463  * }
464  */
465 static int
466 fuse_vnop_advlock(struct vop_advlock_args *ap)
467 {
468 	struct vnode *vp = ap->a_vp;
469 	struct flock *fl = ap->a_fl;
470 	struct thread *td = curthread;
471 	struct ucred *cred = td->td_ucred;
472 	pid_t pid = td->td_proc->p_pid;
473 	struct fuse_filehandle *fufh;
474 	struct fuse_dispatcher fdi;
475 	struct fuse_lk_in *fli;
476 	struct fuse_lk_out *flo;
477 	struct vattr vattr;
478 	enum fuse_opcode op;
479 	off_t size, start;
480 	int dataflags, err;
481 	int flags = ap->a_flags;
482 
483 	dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags;
484 
485 	if (fuse_isdeadfs(vp)) {
486 		return ENXIO;
487 	}
488 
489 	switch(ap->a_op) {
490 	case F_GETLK:
491 		op = FUSE_GETLK;
492 		break;
493 	case F_SETLK:
494 		if (flags & F_WAIT)
495 			op = FUSE_SETLKW;
496 		else
497 			op = FUSE_SETLK;
498 		break;
499 	case F_UNLCK:
500 		op = FUSE_SETLK;
501 		break;
502 	default:
503 		return EINVAL;
504 	}
505 
506 	if (!(dataflags & FSESS_POSIX_LOCKS))
507 		return vop_stdadvlock(ap);
508 	/* FUSE doesn't properly support flock until protocol 7.17 */
509 	if (flags & F_FLOCK)
510 		return vop_stdadvlock(ap);
511 
512 	vn_lock(vp, LK_SHARED | LK_RETRY);
513 
514 	switch (fl->l_whence) {
515 	case SEEK_SET:
516 	case SEEK_CUR:
517 		/*
518 		 * Caller is responsible for adding any necessary offset
519 		 * when SEEK_CUR is used.
520 		 */
521 		start = fl->l_start;
522 		break;
523 
524 	case SEEK_END:
525 		err = fuse_internal_getattr(vp, &vattr, cred, td);
526 		if (err)
527 			goto out;
528 		size = vattr.va_size;
529 		if (size > OFF_MAX ||
530 		    (fl->l_start > 0 && size > OFF_MAX - fl->l_start)) {
531 			err = EOVERFLOW;
532 			goto out;
533 		}
534 		start = size + fl->l_start;
535 		break;
536 
537 	default:
538 		return (EINVAL);
539 	}
540 
541 	err = fuse_filehandle_get_anyflags(vp, &fufh, cred, pid);
542 	if (err)
543 		goto out;
544 
545 	fdisp_init(&fdi, sizeof(*fli));
546 
547 	fdisp_make_vp(&fdi, op, vp, td, cred);
548 	fli = fdi.indata;
549 	fli->fh = fufh->fh_id;
550 	fli->owner = td->td_proc->p_pid;
551 	fli->lk.start = start;
552 	if (fl->l_len != 0)
553 		fli->lk.end = start + fl->l_len - 1;
554 	else
555 		fli->lk.end = INT64_MAX;
556 	fli->lk.type = fl->l_type;
557 	fli->lk.pid = td->td_proc->p_pid;
558 
559 	err = fdisp_wait_answ(&fdi);
560 	fdisp_destroy(&fdi);
561 
562 	if (err == 0 && op == FUSE_GETLK) {
563 		flo = fdi.answ;
564 		fl->l_type = flo->lk.type;
565 		fl->l_whence = SEEK_SET;
566 		if (flo->lk.type != F_UNLCK) {
567 			fl->l_pid = flo->lk.pid;
568 			fl->l_start = flo->lk.start;
569 			if (flo->lk.end == INT64_MAX)
570 				fl->l_len = 0;
571 			else
572 				fl->l_len = flo->lk.end - flo->lk.start + 1;
573 			fl->l_start = flo->lk.start;
574 		}
575 	}
576 
577 out:
578 	VOP_UNLOCK(vp);
579 	return err;
580 }
581 
582 static int
583 fuse_vnop_allocate(struct vop_allocate_args *ap)
584 {
585 	struct vnode *vp = ap->a_vp;
586 	off_t *len = ap->a_len;
587 	off_t *offset = ap->a_offset;
588 	struct ucred *cred = ap->a_cred;
589 	struct fuse_filehandle *fufh;
590 	struct mount *mp = vnode_mount(vp);
591 	struct fuse_dispatcher fdi;
592 	struct fuse_fallocate_in *ffi;
593 	struct uio io;
594 	pid_t pid = curthread->td_proc->p_pid;
595 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
596 	off_t filesize;
597 	int err;
598 
599 	if (fuse_isdeadfs(vp))
600 		return (ENXIO);
601 
602 	switch (vp->v_type) {
603 	case VFIFO:
604 		return (ESPIPE);
605 	case VLNK:
606 	case VREG:
607 		if (vfs_isrdonly(mp))
608 			return (EROFS);
609 		break;
610 	default:
611 		return (ENODEV);
612 	}
613 
614 	if (vfs_isrdonly(mp))
615 		return (EROFS);
616 
617 	if (fsess_not_impl(mp, FUSE_FALLOCATE))
618 		return (EINVAL);
619 
620 	io.uio_offset = *offset;
621 	io.uio_resid = *len;
622 	err = vn_rlimit_fsize(vp, &io, curthread);
623 	if (err)
624 		return (err);
625 
626 	err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid);
627 	if (err)
628 		return (err);
629 
630 	fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE);
631 
632 	err = fuse_vnode_size(vp, &filesize, cred, curthread);
633 	if (err)
634 		return (err);
635 	fuse_inval_buf_range(vp, filesize, *offset, *offset + *len);
636 
637 	fdisp_init(&fdi, sizeof(*ffi));
638 	fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred);
639 	ffi = fdi.indata;
640 	ffi->fh = fufh->fh_id;
641 	ffi->offset = *offset;
642 	ffi->length = *len;
643 	ffi->mode = 0;
644 	err = fdisp_wait_answ(&fdi);
645 
646 	if (err == ENOSYS) {
647 		fsess_set_notimpl(mp, FUSE_FALLOCATE);
648 		err = EINVAL;
649 	} else if (err == EOPNOTSUPP) {
650 		/*
651 		 * The file system server does not support FUSE_FALLOCATE with
652 		 * the supplied mode for this particular file.
653 		 */
654 		err = EINVAL;
655 	} else if (!err) {
656 		*offset += *len;
657 		*len = 0;
658 		fuse_vnode_undirty_cached_timestamps(vp, false);
659 		fuse_internal_clear_suid_on_write(vp, cred, curthread);
660 		if (*offset > fvdat->cached_attrs.va_size) {
661 			fuse_vnode_setsize(vp, *offset, false);
662 			getnanouptime(&fvdat->last_local_modify);
663 		}
664 	}
665 
666 	fdisp_destroy(&fdi);
667 	return (err);
668 }
669 
670 /* {
671 	struct vnode *a_vp;
672 	daddr_t a_bn;
673 	struct bufobj **a_bop;
674 	daddr_t *a_bnp;
675 	int *a_runp;
676 	int *a_runb;
677 } */
678 static int
679 fuse_vnop_bmap(struct vop_bmap_args *ap)
680 {
681 	struct vnode *vp = ap->a_vp;
682 	struct bufobj **bo = ap->a_bop;
683 	struct thread *td = curthread;
684 	struct mount *mp;
685 	struct fuse_dispatcher fdi;
686 	struct fuse_bmap_in *fbi;
687 	struct fuse_bmap_out *fbo;
688 	struct fuse_data *data;
689 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
690 	uint64_t biosize;
691 	off_t fsize;
692 	daddr_t lbn = ap->a_bn;
693 	daddr_t *pbn = ap->a_bnp;
694 	int *runp = ap->a_runp;
695 	int *runb = ap->a_runb;
696 	int error = 0;
697 	int maxrun;
698 
699 	if (fuse_isdeadfs(vp)) {
700 		return ENXIO;
701 	}
702 
703 	mp = vnode_mount(vp);
704 	data = fuse_get_mpdata(mp);
705 	biosize = fuse_iosize(vp);
706 	maxrun = MIN(vp->v_mount->mnt_iosize_max / biosize - 1,
707 		data->max_readahead_blocks);
708 
709 	if (bo != NULL)
710 		*bo = &vp->v_bufobj;
711 
712 	/*
713 	 * The FUSE_BMAP operation does not include the runp and runb
714 	 * variables, so we must guess.  Report nonzero contiguous runs so
715 	 * cluster_read will combine adjacent reads.  It's worthwhile to reduce
716 	 * upcalls even if we don't know the true physical layout of the file.
717 	 *
718 	 * FUSE file systems may opt out of read clustering in two ways:
719 	 * * mounting with -onoclusterr
720 	 * * Setting max_readahead <= maxbcachebuf during FUSE_INIT
721 	 */
722 	if (runb != NULL)
723 		*runb = MIN(lbn, maxrun);
724 	if (runp != NULL && maxrun == 0)
725 		*runp = 0;
726 	else if (runp != NULL) {
727 		/*
728 		 * If the file's size is cached, use that value to calculate
729 		 * runp, even if the cache is expired.  runp is only advisory,
730 		 * and the risk of getting it wrong is not worth the cost of
731 		 * another upcall.
732 		 */
733 		if (fvdat->cached_attrs.va_size != VNOVAL)
734 			fsize = fvdat->cached_attrs.va_size;
735 		else
736 			error = fuse_vnode_size(vp, &fsize, td->td_ucred, td);
737 		if (error == 0)
738 			*runp = MIN(MAX(0, fsize / (off_t)biosize - lbn - 1),
739 				    maxrun);
740 		else
741 			*runp = 0;
742 	}
743 
744 	if (fsess_maybe_impl(mp, FUSE_BMAP)) {
745 		fdisp_init(&fdi, sizeof(*fbi));
746 		fdisp_make_vp(&fdi, FUSE_BMAP, vp, td, td->td_ucred);
747 		fbi = fdi.indata;
748 		fbi->block = lbn;
749 		fbi->blocksize = biosize;
750 		error = fdisp_wait_answ(&fdi);
751 		if (error == ENOSYS) {
752 			fdisp_destroy(&fdi);
753 			fsess_set_notimpl(mp, FUSE_BMAP);
754 			error = 0;
755 		} else {
756 			fbo = fdi.answ;
757 			if (error == 0 && pbn != NULL)
758 				*pbn = fbo->block;
759 			fdisp_destroy(&fdi);
760 			return error;
761 		}
762 	}
763 
764 	/* If the daemon doesn't support BMAP, make up a sensible default */
765 	if (pbn != NULL)
766 		*pbn = lbn * btodb(biosize);
767 	return (error);
768 }
769 
770 /*
771     struct vop_close_args {
772 	struct vnode *a_vp;
773 	int  a_fflag;
774 	struct ucred *a_cred;
775 	struct thread *a_td;
776     };
777 */
778 static int
779 fuse_vnop_close(struct vop_close_args *ap)
780 {
781 	struct vnode *vp = ap->a_vp;
782 	struct mount *mp = vnode_mount(vp);
783 	struct ucred *cred = ap->a_cred;
784 	int fflag = ap->a_fflag;
785 	struct thread *td = ap->a_td;
786 	pid_t pid = td->td_proc->p_pid;
787 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
788 	int err = 0;
789 
790 	if (fuse_isdeadfs(vp))
791 		return 0;
792 	if (vnode_isdir(vp))
793 		return 0;
794 	if (fflag & IO_NDELAY)
795 		return 0;
796 
797 	err = fuse_flush(vp, cred, pid, fflag);
798 	if (err == 0 && (fvdat->flag & FN_ATIMECHANGE) && !vfs_isrdonly(mp)) {
799 		struct vattr vap;
800 		struct fuse_data *data;
801 		int dataflags;
802 		int access_e = 0;
803 
804 		data = fuse_get_mpdata(mp);
805 		dataflags = data->dataflags;
806 		if (dataflags & FSESS_DEFAULT_PERMISSIONS) {
807 			struct vattr va;
808 
809 			fuse_internal_getattr(vp, &va, cred, td);
810 			access_e = vaccess(vp->v_type, va.va_mode, va.va_uid,
811 			    va.va_gid, VWRITE, cred);
812 		}
813 		if (access_e == 0) {
814 			VATTR_NULL(&vap);
815 			vap.va_atime = fvdat->cached_attrs.va_atime;
816 			/*
817 			 * Ignore errors setting when setting atime.  That
818 			 * should not cause close(2) to fail.
819 			 */
820 			fuse_internal_setattr(vp, &vap, td, NULL);
821 		}
822 	}
823 	/* TODO: close the file handle, if we're sure it's no longer used */
824 	if ((fvdat->flag & FN_SIZECHANGE) != 0) {
825 		fuse_vnode_savesize(vp, cred, td->td_proc->p_pid);
826 	}
827 	return err;
828 }
829 
830 /*
831    struct vop_copy_file_range_args {
832 	struct vop_generic_args a_gen;
833 	struct vnode *a_invp;
834 	off_t *a_inoffp;
835 	struct vnode *a_outvp;
836 	off_t *a_outoffp;
837 	size_t *a_lenp;
838 	unsigned int a_flags;
839 	struct ucred *a_incred;
840 	struct ucred *a_outcred;
841 	struct thread *a_fsizetd;
842 }
843  */
844 static int
845 fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap)
846 {
847 	struct vnode *invp = ap->a_invp;
848 	struct vnode *outvp = ap->a_outvp;
849 	struct mount *mp = vnode_mount(invp);
850 	struct fuse_vnode_data *outfvdat = VTOFUD(outvp);
851 	struct fuse_dispatcher fdi;
852 	struct fuse_filehandle *infufh, *outfufh;
853 	struct fuse_copy_file_range_in *fcfri;
854 	struct ucred *incred = ap->a_incred;
855 	struct ucred *outcred = ap->a_outcred;
856 	struct fuse_write_out *fwo;
857 	struct thread *td;
858 	struct uio io;
859 	off_t outfilesize;
860 	ssize_t r = 0;
861 	pid_t pid;
862 	int err;
863 
864 	if (mp != vnode_mount(outvp))
865 		goto fallback;
866 
867 	if (incred->cr_uid != outcred->cr_uid)
868 		goto fallback;
869 
870 	if (incred->cr_groups[0] != outcred->cr_groups[0])
871 		goto fallback;
872 
873 	if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE))
874 		goto fallback;
875 
876 	if (ap->a_fsizetd == NULL)
877 		td = curthread;
878 	else
879 		td = ap->a_fsizetd;
880 	pid = td->td_proc->p_pid;
881 
882 	/* Lock both vnodes, avoiding risk of deadlock. */
883 	do {
884 		err = vn_lock(outvp, LK_EXCLUSIVE);
885 		if (invp == outvp)
886 			break;
887 		if (err == 0) {
888 			err = vn_lock(invp, LK_SHARED | LK_NOWAIT);
889 			if (err == 0)
890 				break;
891 			VOP_UNLOCK(outvp);
892 			err = vn_lock(invp, LK_SHARED);
893 			if (err == 0)
894 				VOP_UNLOCK(invp);
895 		}
896 	} while (err == 0);
897 	if (err != 0)
898 		return (err);
899 
900 	err = fuse_filehandle_getrw(invp, FREAD, &infufh, incred, pid);
901 	if (err)
902 		goto unlock;
903 
904 	err = fuse_filehandle_getrw(outvp, FWRITE, &outfufh, outcred, pid);
905 	if (err)
906 		goto unlock;
907 
908 	io.uio_resid = *ap->a_lenp;
909 	if (ap->a_fsizetd) {
910 		io.uio_offset = *ap->a_outoffp;
911 		err = vn_rlimit_fsizex(outvp, &io, 0, &r, ap->a_fsizetd);
912 		if (err != 0)
913 			goto unlock;
914 	}
915 
916 	err = fuse_vnode_size(outvp, &outfilesize, outcred, curthread);
917 	if (err)
918 		goto unlock;
919 
920 	err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp,
921 		*ap->a_outoffp + io.uio_resid);
922 	if (err)
923 		goto unlock;
924 
925 	fdisp_init(&fdi, sizeof(*fcfri));
926 	fdisp_make_vp(&fdi, FUSE_COPY_FILE_RANGE, invp, td, incred);
927 	fcfri = fdi.indata;
928 	fcfri->fh_in = infufh->fh_id;
929 	fcfri->off_in = *ap->a_inoffp;
930 	fcfri->nodeid_out = VTOI(outvp);
931 	fcfri->fh_out = outfufh->fh_id;
932 	fcfri->off_out = *ap->a_outoffp;
933 	fcfri->len = io.uio_resid;
934 	fcfri->flags = 0;
935 
936 	err = fdisp_wait_answ(&fdi);
937 	if (err == 0) {
938 		fwo = fdi.answ;
939 		*ap->a_lenp = fwo->size;
940 		*ap->a_inoffp += fwo->size;
941 		*ap->a_outoffp += fwo->size;
942 		fuse_internal_clear_suid_on_write(outvp, outcred, td);
943 		if (*ap->a_outoffp > outfvdat->cached_attrs.va_size) {
944                         fuse_vnode_setsize(outvp, *ap->a_outoffp, false);
945 			getnanouptime(&outfvdat->last_local_modify);
946 		}
947 		fuse_vnode_update(invp, FN_ATIMECHANGE);
948 		fuse_vnode_update(outvp, FN_MTIMECHANGE | FN_CTIMECHANGE);
949 	}
950 	fdisp_destroy(&fdi);
951 
952 unlock:
953 	if (invp != outvp)
954 		VOP_UNLOCK(invp);
955 	VOP_UNLOCK(outvp);
956 
957 	if (err == ENOSYS) {
958 		fsess_set_notimpl(mp, FUSE_COPY_FILE_RANGE);
959 fallback:
960 		err = vn_generic_copy_file_range(ap->a_invp, ap->a_inoffp,
961 		    ap->a_outvp, ap->a_outoffp, ap->a_lenp, ap->a_flags,
962 		    ap->a_incred, ap->a_outcred, ap->a_fsizetd);
963 	}
964 
965 	/*
966 	 * No need to call vn_rlimit_fsizex_res before return, since the uio is
967 	 * local.
968 	 */
969 	return (err);
970 }
971 
972 static void
973 fdisp_make_mknod_for_fallback(
974 	struct fuse_dispatcher *fdip,
975 	struct componentname *cnp,
976 	struct vnode *dvp,
977 	uint64_t parentnid,
978 	struct thread *td,
979 	struct ucred *cred,
980 	mode_t mode,
981 	enum fuse_opcode *op)
982 {
983 	struct fuse_mknod_in *fmni;
984 
985 	fdisp_init(fdip, sizeof(*fmni) + cnp->cn_namelen + 1);
986 	*op = FUSE_MKNOD;
987 	fdisp_make(fdip, *op, vnode_mount(dvp), parentnid, td, cred);
988 	fmni = fdip->indata;
989 	fmni->mode = mode;
990 	fmni->rdev = 0;
991 	memcpy((char *)fdip->indata + sizeof(*fmni), cnp->cn_nameptr,
992 	    cnp->cn_namelen);
993 	((char *)fdip->indata)[sizeof(*fmni) + cnp->cn_namelen] = '\0';
994 }
995 /*
996     struct vnop_create_args {
997 	struct vnode *a_dvp;
998 	struct vnode **a_vpp;
999 	struct componentname *a_cnp;
1000 	struct vattr *a_vap;
1001     };
1002 */
1003 static int
1004 fuse_vnop_create(struct vop_create_args *ap)
1005 {
1006 	struct vnode *dvp = ap->a_dvp;
1007 	struct vnode **vpp = ap->a_vpp;
1008 	struct componentname *cnp = ap->a_cnp;
1009 	struct vattr *vap = ap->a_vap;
1010 	struct thread *td = curthread;
1011 	struct ucred *cred = cnp->cn_cred;
1012 
1013 	struct fuse_data *data;
1014 	struct fuse_create_in *fci;
1015 	struct fuse_entry_out *feo;
1016 	struct fuse_open_out *foo;
1017 	struct fuse_dispatcher fdi, fdi2;
1018 	struct fuse_dispatcher *fdip = &fdi;
1019 	struct fuse_dispatcher *fdip2 = NULL;
1020 
1021 	int err;
1022 
1023 	struct mount *mp = vnode_mount(dvp);
1024 	data = fuse_get_mpdata(mp);
1025 	uint64_t parentnid = VTOFUD(dvp)->nid;
1026 	mode_t mode = MAKEIMODE(vap->va_type, vap->va_mode);
1027 	enum fuse_opcode op;
1028 	int flags;
1029 
1030 	if (fuse_isdeadfs(dvp))
1031 		return ENXIO;
1032 
1033 	/* FUSE expects sockets to be created with FUSE_MKNOD */
1034 	if (vap->va_type == VSOCK)
1035 		return fuse_internal_mknod(dvp, vpp, cnp, vap);
1036 
1037 	/*
1038 	 * VOP_CREATE doesn't tell us the open(2) flags, so we guess.  Only a
1039 	 * writable mode makes sense, and we might as well include readability
1040 	 * too.
1041 	 */
1042 	flags = O_RDWR;
1043 
1044 	bzero(&fdi, sizeof(fdi));
1045 
1046 	if (vap->va_type != VREG)
1047 		return (EINVAL);
1048 
1049 	if (fsess_not_impl(mp, FUSE_CREATE) || vap->va_type == VSOCK) {
1050 		/* Fallback to FUSE_MKNOD/FUSE_OPEN */
1051 		fdisp_make_mknod_for_fallback(fdip, cnp, dvp, parentnid, td,
1052 			cred, mode, &op);
1053 	} else {
1054 		/* Use FUSE_CREATE */
1055 		size_t insize;
1056 
1057 		op = FUSE_CREATE;
1058 		fdisp_init(fdip, sizeof(*fci) + cnp->cn_namelen + 1);
1059 		fdisp_make(fdip, op, vnode_mount(dvp), parentnid, td, cred);
1060 		fci = fdip->indata;
1061 		fci->mode = mode;
1062 		fci->flags = O_CREAT | flags;
1063 		if (fuse_libabi_geq(data, 7, 12)) {
1064 			insize = sizeof(*fci);
1065 			fci->umask = td->td_proc->p_pd->pd_cmask;
1066 		} else {
1067 			insize = sizeof(struct fuse_open_in);
1068 		}
1069 
1070 		memcpy((char *)fdip->indata + insize, cnp->cn_nameptr,
1071 		    cnp->cn_namelen);
1072 		((char *)fdip->indata)[insize + cnp->cn_namelen] = '\0';
1073 	}
1074 
1075 	err = fdisp_wait_answ(fdip);
1076 
1077 	if (err) {
1078 		if (err == ENOSYS && op == FUSE_CREATE) {
1079 			fsess_set_notimpl(mp, FUSE_CREATE);
1080 			fdisp_destroy(fdip);
1081 			fdisp_make_mknod_for_fallback(fdip, cnp, dvp,
1082 				parentnid, td, cred, mode, &op);
1083 			err = fdisp_wait_answ(fdip);
1084 		}
1085 		if (err)
1086 			goto out;
1087 	}
1088 
1089 	feo = fdip->answ;
1090 
1091 	if ((err = fuse_internal_checkentry(feo, vap->va_type))) {
1092 		goto out;
1093 	}
1094 
1095 	if (op == FUSE_CREATE) {
1096 		if (fuse_libabi_geq(data, 7, 9))
1097 			foo = (struct fuse_open_out*)(feo + 1);
1098 		else
1099 			foo = (struct fuse_open_out*)((char*)feo +
1100 				FUSE_COMPAT_ENTRY_OUT_SIZE);
1101 	} else {
1102 		/* Issue a separate FUSE_OPEN */
1103 		struct fuse_open_in *foi;
1104 
1105 		fdip2 = &fdi2;
1106 		fdisp_init(fdip2, sizeof(*foi));
1107 		fdisp_make(fdip2, FUSE_OPEN, vnode_mount(dvp), feo->nodeid, td,
1108 			cred);
1109 		foi = fdip2->indata;
1110 		foi->flags = flags;
1111 		err = fdisp_wait_answ(fdip2);
1112 		if (err)
1113 			goto out;
1114 		foo = fdip2->answ;
1115 	}
1116 	err = fuse_vnode_get(mp, feo, feo->nodeid, dvp, vpp, cnp, vap->va_type);
1117 	if (err) {
1118 		struct fuse_release_in *fri;
1119 		uint64_t nodeid = feo->nodeid;
1120 		uint64_t fh_id = foo->fh;
1121 
1122 		fdisp_destroy(fdip);
1123 		fdisp_init(fdip, sizeof(*fri));
1124 		fdisp_make(fdip, FUSE_RELEASE, mp, nodeid, td, cred);
1125 		fri = fdip->indata;
1126 		fri->fh = fh_id;
1127 		fri->flags = flags;
1128 		fuse_insert_callback(fdip->tick, fuse_internal_forget_callback);
1129 		fuse_insert_message(fdip->tick, false);
1130 		goto out;
1131 	}
1132 	ASSERT_VOP_ELOCKED(*vpp, "fuse_vnop_create");
1133 	fuse_internal_cache_attrs(*vpp, &feo->attr, feo->attr_valid,
1134 		feo->attr_valid_nsec, NULL, true);
1135 
1136 	fuse_filehandle_init(*vpp, FUFH_RDWR, NULL, td, cred, foo);
1137 	fuse_vnode_open(*vpp, foo->open_flags, td);
1138 	/*
1139 	 * Purge the parent's attribute cache because the daemon should've
1140 	 * updated its mtime and ctime
1141 	 */
1142 	fuse_vnode_clear_attr_cache(dvp);
1143 	cache_purge_negative(dvp);
1144 
1145 out:
1146 	if (fdip2)
1147 		fdisp_destroy(fdip2);
1148 	fdisp_destroy(fdip);
1149 	return err;
1150 }
1151 
1152 /*
1153     struct vnop_fdatasync_args {
1154 	struct vop_generic_args a_gen;
1155 	struct vnode * a_vp;
1156 	struct thread * a_td;
1157     };
1158 */
1159 static int
1160 fuse_vnop_fdatasync(struct vop_fdatasync_args *ap)
1161 {
1162 	struct vnode *vp = ap->a_vp;
1163 	struct thread *td = ap->a_td;
1164 	int waitfor = MNT_WAIT;
1165 
1166 	int err = 0;
1167 
1168 	if (fuse_isdeadfs(vp)) {
1169 		return 0;
1170 	}
1171 	if ((err = vop_stdfdatasync_buf(ap)))
1172 		return err;
1173 
1174 	return fuse_internal_fsync(vp, td, waitfor, true);
1175 }
1176 
1177 /*
1178     struct vnop_fsync_args {
1179 	struct vop_generic_args a_gen;
1180 	struct vnode * a_vp;
1181 	int  a_waitfor;
1182 	struct thread * a_td;
1183     };
1184 */
1185 static int
1186 fuse_vnop_fsync(struct vop_fsync_args *ap)
1187 {
1188 	struct vnode *vp = ap->a_vp;
1189 	struct thread *td = ap->a_td;
1190 	int waitfor = ap->a_waitfor;
1191 	int err = 0;
1192 
1193 	if (fuse_isdeadfs(vp)) {
1194 		return 0;
1195 	}
1196 	if ((err = vop_stdfsync(ap)))
1197 		return err;
1198 
1199 	return fuse_internal_fsync(vp, td, waitfor, false);
1200 }
1201 
1202 /*
1203     struct vnop_getattr_args {
1204 	struct vnode *a_vp;
1205 	struct vattr *a_vap;
1206 	struct ucred *a_cred;
1207 	struct thread *a_td;
1208     };
1209 */
1210 static int
1211 fuse_vnop_getattr(struct vop_getattr_args *ap)
1212 {
1213 	struct vnode *vp = ap->a_vp;
1214 	struct vattr *vap = ap->a_vap;
1215 	struct ucred *cred = ap->a_cred;
1216 	struct thread *td = curthread;
1217 
1218 	int err = 0;
1219 	int dataflags;
1220 
1221 	dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags;
1222 
1223 	/* Note that we are not bailing out on a dead file system just yet. */
1224 
1225 	if (!(dataflags & FSESS_INITED)) {
1226 		if (!vnode_isvroot(vp)) {
1227 			fdata_set_dead(fuse_get_mpdata(vnode_mount(vp)));
1228 			err = ENOTCONN;
1229 			return err;
1230 		} else {
1231 			goto fake;
1232 		}
1233 	}
1234 	err = fuse_internal_getattr(vp, vap, cred, td);
1235 	if (err == ENOTCONN && vnode_isvroot(vp)) {
1236 		/* see comment in fuse_vfsop_statfs() */
1237 		goto fake;
1238 	} else {
1239 		return err;
1240 	}
1241 
1242 fake:
1243 	bzero(vap, sizeof(*vap));
1244 	vap->va_type = vnode_vtype(vp);
1245 
1246 	return 0;
1247 }
1248 
1249 /*
1250     struct vnop_inactive_args {
1251 	struct vnode *a_vp;
1252     };
1253 */
1254 static int
1255 fuse_vnop_inactive(struct vop_inactive_args *ap)
1256 {
1257 	struct vnode *vp = ap->a_vp;
1258 	struct thread *td = curthread;
1259 
1260 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
1261 	struct fuse_filehandle *fufh, *fufh_tmp;
1262 
1263 	int need_flush = 1;
1264 
1265 	LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) {
1266 		if (need_flush && vp->v_type == VREG) {
1267 			if ((VTOFUD(vp)->flag & FN_SIZECHANGE) != 0) {
1268 				fuse_vnode_savesize(vp, NULL, 0);
1269 			}
1270 			if ((fvdat->flag & FN_REVOKED) != 0)
1271 				fuse_io_invalbuf(vp, td);
1272 			else
1273 				fuse_io_flushbuf(vp, MNT_WAIT, td);
1274 			need_flush = 0;
1275 		}
1276 		fuse_filehandle_close(vp, fufh, td, NULL);
1277 	}
1278 
1279 	if ((fvdat->flag & FN_REVOKED) != 0)
1280 		vrecycle(vp);
1281 
1282 	return 0;
1283 }
1284 
1285 /*
1286     struct vnop_ioctl_args {
1287 	struct vnode *a_vp;
1288 	u_long a_command;
1289 	caddr_t a_data;
1290 	int a_fflag;
1291 	struct ucred *a_cred;
1292 	struct thread *a_td;
1293     };
1294 */
1295 static int
1296 fuse_vnop_ioctl(struct vop_ioctl_args *ap)
1297 {
1298 	struct vnode *vp = ap->a_vp;
1299 	struct mount *mp = vnode_mount(vp);
1300 	struct ucred *cred = ap->a_cred;
1301 	off_t *offp;
1302 	pid_t pid = ap->a_td->td_proc->p_pid;
1303 	int err;
1304 
1305 	switch (ap->a_command) {
1306 	case FIOSEEKDATA:
1307 	case FIOSEEKHOLE:
1308 		/* Call FUSE_LSEEK, if we can, or fall back to vop_stdioctl */
1309 		if (fsess_maybe_impl(mp, FUSE_LSEEK)) {
1310 			int whence;
1311 
1312 			offp = ap->a_data;
1313 			if (ap->a_command == FIOSEEKDATA)
1314 				whence = SEEK_DATA;
1315 			else
1316 				whence = SEEK_HOLE;
1317 
1318 			vn_lock(vp, LK_SHARED | LK_RETRY);
1319 			err = fuse_vnop_do_lseek(vp, ap->a_td, cred, pid, offp,
1320 			    whence);
1321 			VOP_UNLOCK(vp);
1322 		}
1323 		if (fsess_not_impl(mp, FUSE_LSEEK))
1324 			err = vop_stdioctl(ap);
1325 		break;
1326 	default:
1327 		/* TODO: implement FUSE_IOCTL */
1328 		err = ENOTTY;
1329 		break;
1330 	}
1331 	return (err);
1332 }
1333 
1334 
1335 /*
1336     struct vnop_link_args {
1337 	struct vnode *a_tdvp;
1338 	struct vnode *a_vp;
1339 	struct componentname *a_cnp;
1340     };
1341 */
1342 static int
1343 fuse_vnop_link(struct vop_link_args *ap)
1344 {
1345 	struct vnode *vp = ap->a_vp;
1346 	struct vnode *tdvp = ap->a_tdvp;
1347 	struct componentname *cnp = ap->a_cnp;
1348 
1349 	struct vattr *vap = VTOVA(vp);
1350 
1351 	struct fuse_dispatcher fdi;
1352 	struct fuse_entry_out *feo;
1353 	struct fuse_link_in fli;
1354 
1355 	int err;
1356 
1357 	if (fuse_isdeadfs(vp)) {
1358 		return ENXIO;
1359 	}
1360 	if (vnode_mount(tdvp) != vnode_mount(vp)) {
1361 		return EXDEV;
1362 	}
1363 
1364 	/*
1365 	 * This is a seatbelt check to protect naive userspace filesystems from
1366 	 * themselves and the limitations of the FUSE IPC protocol.  If a
1367 	 * filesystem does not allow attribute caching, assume it is capable of
1368 	 * validating that nlink does not overflow.
1369 	 */
1370 	if (vap != NULL && vap->va_nlink >= FUSE_LINK_MAX)
1371 		return EMLINK;
1372 	fli.oldnodeid = VTOI(vp);
1373 
1374 	fdisp_init(&fdi, 0);
1375 	fuse_internal_newentry_makerequest(vnode_mount(tdvp), VTOI(tdvp), cnp,
1376 	    FUSE_LINK, &fli, sizeof(fli), &fdi);
1377 	if ((err = fdisp_wait_answ(&fdi))) {
1378 		goto out;
1379 	}
1380 	feo = fdi.answ;
1381 
1382 	if (fli.oldnodeid != feo->nodeid) {
1383 		struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp));
1384 		fuse_warn(data, FSESS_WARN_ILLEGAL_INODE,
1385 			"Assigned wrong inode for a hard link.");
1386 		fuse_vnode_clear_attr_cache(vp);
1387 		fuse_vnode_clear_attr_cache(tdvp);
1388 		err = EIO;
1389 		goto out;
1390 	}
1391 
1392 	err = fuse_internal_checkentry(feo, vnode_vtype(vp));
1393 	if (!err) {
1394 		/*
1395 		 * Purge the parent's attribute cache because the daemon
1396 		 * should've updated its mtime and ctime
1397 		 */
1398 		fuse_vnode_clear_attr_cache(tdvp);
1399 		fuse_internal_cache_attrs(vp, &feo->attr, feo->attr_valid,
1400 			feo->attr_valid_nsec, NULL, true);
1401 	}
1402 out:
1403 	fdisp_destroy(&fdi);
1404 	return err;
1405 }
1406 
1407 struct fuse_lookup_alloc_arg {
1408 	struct fuse_entry_out *feo;
1409 	struct componentname *cnp;
1410 	uint64_t nid;
1411 	__enum_uint8(vtype) vtyp;
1412 };
1413 
1414 /* Callback for vn_get_ino */
1415 static int
1416 fuse_lookup_alloc(struct mount *mp, void *arg, int lkflags, struct vnode **vpp)
1417 {
1418 	struct fuse_lookup_alloc_arg *flaa = arg;
1419 
1420 	return fuse_vnode_get(mp, flaa->feo, flaa->nid, NULL, vpp, flaa->cnp,
1421 		flaa->vtyp);
1422 }
1423 
1424 SDT_PROBE_DEFINE3(fusefs, , vnops, cache_lookup,
1425 	"int", "struct timespec*", "struct timespec*");
1426 /*
1427     struct vnop_lookup_args {
1428 	struct vnodeop_desc *a_desc;
1429 	struct vnode *a_dvp;
1430 	struct vnode **a_vpp;
1431 	struct componentname *a_cnp;
1432     };
1433 */
1434 int
1435 fuse_vnop_lookup(struct vop_lookup_args *ap)
1436 {
1437 	struct vnode *dvp = ap->a_dvp;
1438 	struct vnode **vpp = ap->a_vpp;
1439 	struct componentname *cnp = ap->a_cnp;
1440 	struct thread *td = curthread;
1441 	struct ucred *cred = cnp->cn_cred;
1442 	struct timespec now;
1443 
1444 	int nameiop = cnp->cn_nameiop;
1445 	int flags = cnp->cn_flags;
1446 	int islastcn = flags & ISLASTCN;
1447 	struct mount *mp = vnode_mount(dvp);
1448 	struct fuse_data *data = fuse_get_mpdata(mp);
1449 	int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS;
1450 	bool is_dot;
1451 
1452 	int err = 0;
1453 	int lookup_err = 0;
1454 	struct vnode *vp = NULL;
1455 
1456 	struct fuse_dispatcher fdi;
1457 	bool did_lookup = false;
1458 	struct fuse_entry_out *feo = NULL;
1459 	__enum_uint8(vtype) vtyp;	/* vnode type of target */
1460 
1461 	uint64_t nid;
1462 
1463 	if (fuse_isdeadfs(dvp)) {
1464 		*vpp = NULL;
1465 		return ENXIO;
1466 	}
1467 	if (!vnode_isdir(dvp))
1468 		return ENOTDIR;
1469 
1470 	if (islastcn && vfs_isrdonly(mp) && (nameiop != LOOKUP))
1471 		return EROFS;
1472 
1473 	if ((cnp->cn_flags & NOEXECCHECK) != 0)
1474 		cnp->cn_flags &= ~NOEXECCHECK;
1475 	else if ((err = fuse_internal_access(dvp, VEXEC, td, cred)))
1476 		return err;
1477 
1478 	is_dot = cnp->cn_namelen == 1 && *(cnp->cn_nameptr) == '.';
1479 	if ((flags & ISDOTDOT) && !(data->dataflags & FSESS_EXPORT_SUPPORT))
1480 	{
1481 		if (!(VTOFUD(dvp)->flag & FN_PARENT_NID)) {
1482 			/*
1483 			 * Since the file system doesn't support ".." lookups,
1484 			 * we have no way to find this entry.
1485 			 */
1486 			return ESTALE;
1487 		}
1488 		nid = VTOFUD(dvp)->parent_nid;
1489 		if (nid == 0)
1490 			return ENOENT;
1491 		/* .. is obviously a directory */
1492 		vtyp = VDIR;
1493 	} else if (is_dot) {
1494 		nid = VTOI(dvp);
1495 		/* . is obviously a directory */
1496 		vtyp = VDIR;
1497 	} else {
1498 		struct timespec timeout;
1499 		int ncpticks; /* here to accommodate for API contract */
1500 
1501 		err = cache_lookup(dvp, vpp, cnp, &timeout, &ncpticks);
1502 		getnanouptime(&now);
1503 		SDT_PROBE3(fusefs, , vnops, cache_lookup, err, &timeout, &now);
1504 		switch (err) {
1505 		case -1:		/* positive match */
1506 			if (timespeccmp(&timeout, &now, >)) {
1507 				counter_u64_add(fuse_lookup_cache_hits, 1);
1508 			} else {
1509 				/* Cache timeout */
1510 				counter_u64_add(fuse_lookup_cache_misses, 1);
1511 				bintime_clear(
1512 					&VTOFUD(*vpp)->entry_cache_timeout);
1513 				cache_purge(*vpp);
1514 				if (dvp != *vpp)
1515 					vput(*vpp);
1516 				else
1517 					vrele(*vpp);
1518 				*vpp = NULL;
1519 				break;
1520 			}
1521 			return 0;
1522 
1523 		case 0:		/* no match in cache */
1524 			counter_u64_add(fuse_lookup_cache_misses, 1);
1525 			break;
1526 
1527 		case ENOENT:		/* negative match */
1528 			if (timespeccmp(&timeout, &now, <=)) {
1529 				/* Cache timeout */
1530 				cache_purge_negative(dvp);
1531 				break;
1532 			}
1533 			/* fall through */
1534 		default:
1535 			return err;
1536 		}
1537 
1538 		fdisp_init(&fdi, cnp->cn_namelen + 1);
1539 		fdisp_make(&fdi, FUSE_LOOKUP, mp, VTOI(dvp), td, cred);
1540 
1541 		memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen);
1542 		((char *)fdi.indata)[cnp->cn_namelen] = '\0';
1543 		lookup_err = fdisp_wait_answ(&fdi);
1544 		did_lookup = true;
1545 
1546 		if (!lookup_err) {
1547 			/* lookup call succeeded */
1548 			feo = (struct fuse_entry_out *)fdi.answ;
1549 			nid = feo->nodeid;
1550 			if (nid == 0) {
1551 				/* zero nodeid means ENOENT and cache it */
1552 				struct timespec timeout;
1553 
1554 				fdi.answ_stat = ENOENT;
1555 				lookup_err = ENOENT;
1556 				if (cnp->cn_flags & MAKEENTRY) {
1557 					fuse_validity_2_timespec(feo, &timeout);
1558 					/* Use the same entry_time for .. as for
1559 					 * the file itself.  That doesn't honor
1560 					 * exactly what the fuse server tells
1561 					 * us, but to do otherwise would require
1562 					 * another cache lookup at this point.
1563 					 */
1564 					struct timespec *dtsp = NULL;
1565 					cache_enter_time(dvp, *vpp, cnp,
1566 						&timeout, dtsp);
1567 				}
1568 			}
1569 			vtyp = IFTOVT(feo->attr.mode);
1570 		}
1571 		if (lookup_err && (!fdi.answ_stat || lookup_err != ENOENT)) {
1572 			fdisp_destroy(&fdi);
1573 			return lookup_err;
1574 		}
1575 	}
1576 	/* lookup_err, if non-zero, must be ENOENT at this point */
1577 
1578 	if (lookup_err) {
1579 		/* Entry not found */
1580 		if ((nameiop == CREATE || nameiop == RENAME) && islastcn) {
1581 			if (default_permissions)
1582 				err = fuse_internal_access(dvp, VWRITE, td,
1583 				    cred);
1584 			else
1585 				err = 0;
1586 			if (!err) {
1587 				err = EJUSTRETURN;
1588 			}
1589 		} else {
1590 			err = ENOENT;
1591 		}
1592 	} else {
1593 		/* Entry was found */
1594 		if (flags & ISDOTDOT) {
1595 			struct fuse_lookup_alloc_arg flaa;
1596 
1597 			flaa.nid = nid;
1598 			flaa.feo = feo;
1599 			flaa.cnp = cnp;
1600 			flaa.vtyp = vtyp;
1601 			err = vn_vget_ino_gen(dvp, fuse_lookup_alloc, &flaa, 0,
1602 				&vp);
1603 			*vpp = vp;
1604 		} else if (nid == VTOI(dvp)) {
1605 			if (is_dot) {
1606 				vref(dvp);
1607 				*vpp = dvp;
1608 			} else {
1609 				fuse_warn(fuse_get_mpdata(mp),
1610 				    FSESS_WARN_ILLEGAL_INODE,
1611 				    "Assigned same inode to both parent and "
1612 				    "child.");
1613 				err = EIO;
1614 			}
1615 
1616 		} else {
1617 			struct fuse_vnode_data *fvdat;
1618 
1619 			err = fuse_vnode_get(vnode_mount(dvp), feo, nid, dvp,
1620 			    &vp, cnp, vtyp);
1621 			if (err)
1622 				goto out;
1623 			*vpp = vp;
1624 			fvdat = VTOFUD(vp);
1625 
1626 			MPASS(feo != NULL);
1627 			if (timespeccmp(&now, &fvdat->last_local_modify, >)) {
1628 				/*
1629 				 * Attributes from the server are definitely
1630 				 * newer than the last attributes we sent to
1631 				 * the server, so cache them.
1632 				 */
1633 				fuse_internal_cache_attrs(*vpp, &feo->attr,
1634 					feo->attr_valid, feo->attr_valid_nsec,
1635 					NULL, true);
1636 			}
1637 			fuse_validity_2_bintime(feo->entry_valid,
1638 				feo->entry_valid_nsec,
1639 				&fvdat->entry_cache_timeout);
1640 
1641 			if ((nameiop == DELETE || nameiop == RENAME) &&
1642 				islastcn && default_permissions)
1643 			{
1644 				struct vattr dvattr;
1645 
1646 				err = fuse_internal_access(dvp, VWRITE, td,
1647 					cred);
1648 				if (err != 0)
1649 					goto out;
1650 				/*
1651 				 * if the parent's sticky bit is set, check
1652 				 * whether we're allowed to remove the file.
1653 				 * Need to figure out the vnode locking to make
1654 				 * this work.
1655 				 */
1656 				fuse_internal_getattr(dvp, &dvattr, cred, td);
1657 				if ((dvattr.va_mode & S_ISTXT) &&
1658 					fuse_internal_access(dvp, VADMIN, td,
1659 						cred) &&
1660 					fuse_internal_access(*vpp, VADMIN, td,
1661 						cred)) {
1662 					err = EPERM;
1663 					goto out;
1664 				}
1665 			}
1666 		}
1667 	}
1668 out:
1669 	if (err) {
1670 		if (vp != NULL && dvp != vp)
1671 			vput(vp);
1672 		else if (vp != NULL)
1673 			vrele(vp);
1674 		*vpp = NULL;
1675 	}
1676 	if (did_lookup)
1677 		fdisp_destroy(&fdi);
1678 
1679 	return err;
1680 }
1681 
1682 /*
1683     struct vnop_mkdir_args {
1684 	struct vnode *a_dvp;
1685 	struct vnode **a_vpp;
1686 	struct componentname *a_cnp;
1687 	struct vattr *a_vap;
1688     };
1689 */
1690 static int
1691 fuse_vnop_mkdir(struct vop_mkdir_args *ap)
1692 {
1693 	struct vnode *dvp = ap->a_dvp;
1694 	struct vnode **vpp = ap->a_vpp;
1695 	struct componentname *cnp = ap->a_cnp;
1696 	struct vattr *vap = ap->a_vap;
1697 
1698 	struct fuse_mkdir_in fmdi;
1699 
1700 	if (fuse_isdeadfs(dvp)) {
1701 		return ENXIO;
1702 	}
1703 	fmdi.mode = MAKEIMODE(vap->va_type, vap->va_mode);
1704 	fmdi.umask = curthread->td_proc->p_pd->pd_cmask;
1705 
1706 	return (fuse_internal_newentry(dvp, vpp, cnp, FUSE_MKDIR, &fmdi,
1707 	    sizeof(fmdi), VDIR));
1708 }
1709 
1710 /*
1711     struct vnop_mknod_args {
1712 	struct vnode *a_dvp;
1713 	struct vnode **a_vpp;
1714 	struct componentname *a_cnp;
1715 	struct vattr *a_vap;
1716     };
1717 */
1718 static int
1719 fuse_vnop_mknod(struct vop_mknod_args *ap)
1720 {
1721 
1722 	struct vnode *dvp = ap->a_dvp;
1723 	struct vnode **vpp = ap->a_vpp;
1724 	struct componentname *cnp = ap->a_cnp;
1725 	struct vattr *vap = ap->a_vap;
1726 
1727 	if (fuse_isdeadfs(dvp))
1728 		return ENXIO;
1729 
1730 	return fuse_internal_mknod(dvp, vpp, cnp, vap);
1731 }
1732 
1733 /*
1734     struct vop_open_args {
1735 	struct vnode *a_vp;
1736 	int  a_mode;
1737 	struct ucred *a_cred;
1738 	struct thread *a_td;
1739 	int a_fdidx; / struct file *a_fp;
1740     };
1741 */
1742 static int
1743 fuse_vnop_open(struct vop_open_args *ap)
1744 {
1745 	struct vnode *vp = ap->a_vp;
1746 	int a_mode = ap->a_mode;
1747 	struct thread *td = ap->a_td;
1748 	struct ucred *cred = ap->a_cred;
1749 	pid_t pid = td->td_proc->p_pid;
1750 
1751 	if (fuse_isdeadfs(vp))
1752 		return ENXIO;
1753 	if (vp->v_type == VCHR || vp->v_type == VBLK || vp->v_type == VFIFO)
1754 		return (EOPNOTSUPP);
1755 	if ((a_mode & (FREAD | FWRITE | FEXEC)) == 0)
1756 		return EINVAL;
1757 
1758 	if (fuse_filehandle_validrw(vp, a_mode, cred, pid)) {
1759 		fuse_vnode_open(vp, 0, td);
1760 		return 0;
1761 	}
1762 
1763 	return fuse_filehandle_open(vp, a_mode, NULL, td, cred);
1764 }
1765 
1766 static int
1767 fuse_vnop_pathconf(struct vop_pathconf_args *ap)
1768 {
1769 	struct vnode *vp = ap->a_vp;
1770 	struct mount *mp;
1771 
1772 	switch (ap->a_name) {
1773 	case _PC_FILESIZEBITS:
1774 		*ap->a_retval = 64;
1775 		return (0);
1776 	case _PC_NAME_MAX:
1777 		*ap->a_retval = NAME_MAX;
1778 		return (0);
1779 	case _PC_LINK_MAX:
1780 		*ap->a_retval = MIN(LONG_MAX, FUSE_LINK_MAX);
1781 		return (0);
1782 	case _PC_SYMLINK_MAX:
1783 		*ap->a_retval = MAXPATHLEN;
1784 		return (0);
1785 	case _PC_NO_TRUNC:
1786 		*ap->a_retval = 1;
1787 		return (0);
1788 	case _PC_MIN_HOLE_SIZE:
1789 		/*
1790 		 * The FUSE protocol provides no mechanism for a server to
1791 		 * report _PC_MIN_HOLE_SIZE.  It's a protocol bug.  Instead,
1792 		 * return EINVAL if the server does not support FUSE_LSEEK, or
1793 		 * 1 if it does.
1794 		 */
1795 		mp = vnode_mount(vp);
1796 		if (!fsess_is_impl(mp, FUSE_LSEEK) &&
1797 		    !fsess_not_impl(mp, FUSE_LSEEK)) {
1798 			off_t offset = 0;
1799 
1800 			/* Issue a FUSE_LSEEK to find out if it's implemented */
1801 			fuse_vnop_do_lseek(vp, curthread, curthread->td_ucred,
1802 			    curthread->td_proc->p_pid, &offset, SEEK_DATA);
1803 		}
1804 
1805 		if (fsess_is_impl(mp, FUSE_LSEEK)) {
1806 			*ap->a_retval = 1;
1807 			return (0);
1808 		} else {
1809 			/*
1810 			 * Probably FUSE_LSEEK is not implemented.  It might
1811 			 * be, if the FUSE_LSEEK above returned an error like
1812 			 * EACCES, but in that case we can't tell, so it's
1813 			 * safest to report EINVAL anyway.
1814 			 */
1815 			return (EINVAL);
1816 		}
1817 	default:
1818 		return (vop_stdpathconf(ap));
1819 	}
1820 }
1821 
1822 SDT_PROBE_DEFINE3(fusefs, , vnops, filehandles_closed, "struct vnode*",
1823     "struct uio*", "struct ucred*");
1824 /*
1825     struct vnop_read_args {
1826 	struct vnode *a_vp;
1827 	struct uio *a_uio;
1828 	int  a_ioflag;
1829 	struct ucred *a_cred;
1830     };
1831 */
1832 static int
1833 fuse_vnop_read(struct vop_read_args *ap)
1834 {
1835 	struct vnode *vp = ap->a_vp;
1836 	struct uio *uio = ap->a_uio;
1837 	int ioflag = ap->a_ioflag;
1838 	struct ucred *cred = ap->a_cred;
1839 	pid_t pid = curthread->td_proc->p_pid;
1840 	struct fuse_filehandle *fufh;
1841 	int err;
1842 	bool closefufh = false, directio;
1843 
1844 	MPASS(vp->v_type == VREG || vp->v_type == VDIR);
1845 
1846 	if (fuse_isdeadfs(vp)) {
1847 		return ENXIO;
1848 	}
1849 
1850 	if (VTOFUD(vp)->flag & FN_DIRECTIO) {
1851 		ioflag |= IO_DIRECT;
1852 	}
1853 
1854 	err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid);
1855 	if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) {
1856 		/*
1857 		 * nfsd will do I/O without first doing VOP_OPEN.  We
1858 		 * must implicitly open the file here
1859 		 */
1860 		err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred);
1861 		closefufh = true;
1862 	}
1863 	if (err) {
1864 		SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred);
1865 		return err;
1866 	}
1867 
1868 	/*
1869          * Ideally, when the daemon asks for direct io at open time, the
1870          * standard file flag should be set according to this, so that would
1871          * just change the default mode, which later on could be changed via
1872          * fcntl(2).
1873          * But this doesn't work, the O_DIRECT flag gets cleared at some point
1874          * (don't know where). So to make any use of the Fuse direct_io option,
1875          * we hardwire it into the file's private data (similarly to Linux,
1876          * btw.).
1877          */
1878 	directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp));
1879 
1880 	fuse_vnode_update(vp, FN_ATIMECHANGE);
1881 	if (directio) {
1882 		SDT_PROBE2(fusefs, , vnops, trace, 1, "direct read of vnode");
1883 		err = fuse_read_directbackend(vp, uio, cred, fufh);
1884 	} else {
1885 		SDT_PROBE2(fusefs, , vnops, trace, 1, "buffered read of vnode");
1886 		err = fuse_read_biobackend(vp, uio, ioflag, cred, fufh, pid);
1887 	}
1888 
1889 	if (closefufh)
1890 		fuse_filehandle_close(vp, fufh, curthread, cred);
1891 
1892 	return (err);
1893 }
1894 
1895 /*
1896     struct vnop_readdir_args {
1897 	struct vnode *a_vp;
1898 	struct uio *a_uio;
1899 	struct ucred *a_cred;
1900 	int *a_eofflag;
1901 	int *a_ncookies;
1902 	uint64_t **a_cookies;
1903     };
1904 */
1905 static int
1906 fuse_vnop_readdir(struct vop_readdir_args *ap)
1907 {
1908 	struct vnode *vp = ap->a_vp;
1909 	struct uio *uio = ap->a_uio;
1910 	struct ucred *cred = ap->a_cred;
1911 	struct fuse_filehandle *fufh = NULL;
1912 	struct mount *mp = vnode_mount(vp);
1913 	struct fuse_iov cookediov;
1914 	int err = 0;
1915 	uint64_t *cookies;
1916 	ssize_t tresid;
1917 	int ncookies;
1918 	bool closefufh = false;
1919 	pid_t pid = curthread->td_proc->p_pid;
1920 
1921 	if (ap->a_eofflag)
1922 		*ap->a_eofflag = 0;
1923 	if (fuse_isdeadfs(vp)) {
1924 		return ENXIO;
1925 	}
1926 	if (				/* XXXIP ((uio_iovcnt(uio) > 1)) || */
1927 	    (uio_resid(uio) < sizeof(struct dirent))) {
1928 		return EINVAL;
1929 	}
1930 
1931 	tresid = uio->uio_resid;
1932 	err = fuse_filehandle_get_dir(vp, &fufh, cred, pid);
1933 	if (err == EBADF && mp->mnt_flag & MNT_EXPORTED) {
1934 		KASSERT(fuse_get_mpdata(mp)->dataflags
1935 				& FSESS_NO_OPENDIR_SUPPORT,
1936 			("FUSE file systems that don't set "
1937 			 "FUSE_NO_OPENDIR_SUPPORT should not be exported"));
1938 		/*
1939 		 * nfsd will do VOP_READDIR without first doing VOP_OPEN.  We
1940 		 * must implicitly open the directory here.
1941 		 */
1942 		err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred);
1943 		closefufh = true;
1944 	}
1945 	if (err)
1946 		return (err);
1947 	if (ap->a_ncookies != NULL) {
1948 		ncookies = uio->uio_resid /
1949 			(offsetof(struct dirent, d_name) + 4) + 1;
1950 		cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK);
1951 		*ap->a_ncookies = ncookies;
1952 		*ap->a_cookies = cookies;
1953 	} else {
1954 		ncookies = 0;
1955 		cookies = NULL;
1956 	}
1957 #define DIRCOOKEDSIZE FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + MAXNAMLEN + 1)
1958 	fiov_init(&cookediov, DIRCOOKEDSIZE);
1959 
1960 	err = fuse_internal_readdir(vp, uio, fufh, &cookediov,
1961 		&ncookies, cookies);
1962 
1963 	fiov_teardown(&cookediov);
1964 	if (closefufh)
1965 		fuse_filehandle_close(vp, fufh, curthread, cred);
1966 
1967 	if (ap->a_ncookies != NULL) {
1968 		if (err == 0) {
1969 			*ap->a_ncookies -= ncookies;
1970 		} else {
1971 			free(*ap->a_cookies, M_TEMP);
1972 			*ap->a_ncookies = 0;
1973 			*ap->a_cookies = NULL;
1974 		}
1975 	}
1976 	if (err == 0 && tresid == uio->uio_resid)
1977 		*ap->a_eofflag = 1;
1978 
1979 	return err;
1980 }
1981 
1982 /*
1983     struct vnop_readlink_args {
1984 	struct vnode *a_vp;
1985 	struct uio *a_uio;
1986 	struct ucred *a_cred;
1987     };
1988 */
1989 static int
1990 fuse_vnop_readlink(struct vop_readlink_args *ap)
1991 {
1992 	struct vnode *vp = ap->a_vp;
1993 	struct uio *uio = ap->a_uio;
1994 	struct ucred *cred = ap->a_cred;
1995 
1996 	struct fuse_dispatcher fdi;
1997 	int err;
1998 
1999 	if (fuse_isdeadfs(vp)) {
2000 		return ENXIO;
2001 	}
2002 	if (!vnode_islnk(vp)) {
2003 		return EINVAL;
2004 	}
2005 	fdisp_init(&fdi, 0);
2006 	err = fdisp_simple_putget_vp(&fdi, FUSE_READLINK, vp, curthread, cred);
2007 	if (err) {
2008 		goto out;
2009 	}
2010 	if (strnlen(fdi.answ, fdi.iosize) + 1 < fdi.iosize) {
2011 		struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp));
2012 		fuse_warn(data, FSESS_WARN_READLINK_EMBEDDED_NUL,
2013 				"Returned an embedded NUL from FUSE_READLINK.");
2014 		err = EIO;
2015 		goto out;
2016 	}
2017 	if (((char *)fdi.answ)[0] == '/' &&
2018 	    fuse_get_mpdata(vnode_mount(vp))->dataflags & FSESS_PUSH_SYMLINKS_IN) {
2019 		char *mpth = vnode_mount(vp)->mnt_stat.f_mntonname;
2020 
2021 		err = uiomove(mpth, strlen(mpth), uio);
2022 	}
2023 	if (!err) {
2024 		err = uiomove(fdi.answ, fdi.iosize, uio);
2025 	}
2026 out:
2027 	fdisp_destroy(&fdi);
2028 	return err;
2029 }
2030 
2031 /*
2032     struct vnop_reclaim_args {
2033 	struct vnode *a_vp;
2034     };
2035 */
2036 static int
2037 fuse_vnop_reclaim(struct vop_reclaim_args *ap)
2038 {
2039 	struct vnode *vp = ap->a_vp;
2040 	struct thread *td = curthread;
2041 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
2042 	struct fuse_filehandle *fufh, *fufh_tmp;
2043 
2044 	if (!fvdat) {
2045 		panic("FUSE: no vnode data during recycling");
2046 	}
2047 	LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) {
2048 		printf("FUSE: vnode being reclaimed with open fufh "
2049 			"(type=%#x)", fufh->fufh_type);
2050 		fuse_filehandle_close(vp, fufh, td, NULL);
2051 	}
2052 
2053 	if (VTOI(vp) == 1) {
2054 		/*
2055 		 * Don't send FUSE_FORGET for the root inode, because
2056 		 * we never send FUSE_LOOKUP for it (see
2057 		 * fuse_vfsop_root) and we don't want the server to see
2058 		 * mismatched lookup counts.
2059 		 */
2060 		struct fuse_data *data;
2061 		struct vnode *vroot;
2062 
2063 		data = fuse_get_mpdata(vnode_mount(vp));
2064 		FUSE_LOCK();
2065 		vroot = data->vroot;
2066 		data->vroot = NULL;
2067 		FUSE_UNLOCK();
2068 		if (vroot)
2069 			vrele(vroot);
2070 	} else if (!fuse_isdeadfs(vp) && fvdat->nlookup > 0) {
2071 		fuse_internal_forget_send(vnode_mount(vp), td, NULL, VTOI(vp),
2072 		    fvdat->nlookup);
2073 	}
2074 	cache_purge(vp);
2075 	vfs_hash_remove(vp);
2076 	fuse_vnode_destroy(vp);
2077 
2078 	return 0;
2079 }
2080 
2081 /*
2082     struct vnop_remove_args {
2083 	struct vnode *a_dvp;
2084 	struct vnode *a_vp;
2085 	struct componentname *a_cnp;
2086     };
2087 */
2088 static int
2089 fuse_vnop_remove(struct vop_remove_args *ap)
2090 {
2091 	struct vnode *dvp = ap->a_dvp;
2092 	struct vnode *vp = ap->a_vp;
2093 	struct componentname *cnp = ap->a_cnp;
2094 
2095 	int err;
2096 
2097 	if (fuse_isdeadfs(vp)) {
2098 		return ENXIO;
2099 	}
2100 	if (vnode_isdir(vp)) {
2101 		return EPERM;
2102 	}
2103 
2104 	err = fuse_internal_remove(dvp, vp, cnp, FUSE_UNLINK);
2105 
2106 	return err;
2107 }
2108 
2109 /*
2110     struct vnop_rename_args {
2111 	struct vnode *a_fdvp;
2112 	struct vnode *a_fvp;
2113 	struct componentname *a_fcnp;
2114 	struct vnode *a_tdvp;
2115 	struct vnode *a_tvp;
2116 	struct componentname *a_tcnp;
2117     };
2118 */
2119 static int
2120 fuse_vnop_rename(struct vop_rename_args *ap)
2121 {
2122 	struct vnode *fdvp = ap->a_fdvp;
2123 	struct vnode *fvp = ap->a_fvp;
2124 	struct componentname *fcnp = ap->a_fcnp;
2125 	struct vnode *tdvp = ap->a_tdvp;
2126 	struct vnode *tvp = ap->a_tvp;
2127 	struct componentname *tcnp = ap->a_tcnp;
2128 	struct fuse_data *data;
2129 	bool newparent = fdvp != tdvp;
2130 	bool isdir = fvp->v_type == VDIR;
2131 	int err = 0;
2132 
2133 	if (fuse_isdeadfs(fdvp)) {
2134 		return ENXIO;
2135 	}
2136 	if (fvp->v_mount != tdvp->v_mount ||
2137 	    (tvp && fvp->v_mount != tvp->v_mount)) {
2138 		SDT_PROBE2(fusefs, , vnops, trace, 1, "cross-device rename");
2139 		err = EXDEV;
2140 		goto out;
2141 	}
2142 	cache_purge(fvp);
2143 
2144 	/*
2145 	 * FUSE library is expected to check if target directory is not
2146 	 * under the source directory in the file system tree.
2147 	 * Linux performs this check at VFS level.
2148 	 */
2149 	/*
2150 	 * If source is a directory, and it will get a new parent, user must
2151 	 * have write permission to it, so ".." can be modified.
2152 	 */
2153 	data = fuse_get_mpdata(vnode_mount(tdvp));
2154 	if (data->dataflags & FSESS_DEFAULT_PERMISSIONS && isdir && newparent) {
2155 		err = fuse_internal_access(fvp, VWRITE,
2156 			curthread, tcnp->cn_cred);
2157 		if (err)
2158 			goto out;
2159 	}
2160 	sx_xlock(&data->rename_lock);
2161 	err = fuse_internal_rename(fdvp, fcnp, tdvp, tcnp);
2162 	if (err == 0) {
2163 		if (tdvp != fdvp)
2164 			fuse_vnode_setparent(fvp, tdvp);
2165 		if (tvp != NULL)
2166 			fuse_vnode_setparent(tvp, NULL);
2167 	}
2168 	sx_unlock(&data->rename_lock);
2169 
2170 	if (tvp != NULL && tvp != fvp) {
2171 		cache_purge(tvp);
2172 	}
2173 	if (vnode_isdir(fvp)) {
2174 		if (((tvp != NULL) && vnode_isdir(tvp)) || vnode_isdir(fvp)) {
2175 			cache_purge(tdvp);
2176 		}
2177 		cache_purge(fdvp);
2178 	}
2179 out:
2180 	if (tdvp == tvp) {
2181 		vrele(tdvp);
2182 	} else {
2183 		vput(tdvp);
2184 	}
2185 	if (tvp != NULL) {
2186 		vput(tvp);
2187 	}
2188 	vrele(fdvp);
2189 	vrele(fvp);
2190 
2191 	return err;
2192 }
2193 
2194 /*
2195     struct vnop_rmdir_args {
2196 	    struct vnode *a_dvp;
2197 	    struct vnode *a_vp;
2198 	    struct componentname *a_cnp;
2199     } *ap;
2200 */
2201 static int
2202 fuse_vnop_rmdir(struct vop_rmdir_args *ap)
2203 {
2204 	struct vnode *dvp = ap->a_dvp;
2205 	struct vnode *vp = ap->a_vp;
2206 
2207 	int err;
2208 
2209 	if (fuse_isdeadfs(vp)) {
2210 		return ENXIO;
2211 	}
2212 	if (VTOFUD(vp) == VTOFUD(dvp)) {
2213 		return EINVAL;
2214 	}
2215 	err = fuse_internal_remove(dvp, vp, ap->a_cnp, FUSE_RMDIR);
2216 
2217 	return err;
2218 }
2219 
2220 /*
2221     struct vnop_setattr_args {
2222 	struct vnode *a_vp;
2223 	struct vattr *a_vap;
2224 	struct ucred *a_cred;
2225 	struct thread *a_td;
2226     };
2227 */
2228 static int
2229 fuse_vnop_setattr(struct vop_setattr_args *ap)
2230 {
2231 	struct vnode *vp = ap->a_vp;
2232 	struct vattr *vap = ap->a_vap;
2233 	struct ucred *cred = ap->a_cred;
2234 	struct thread *td = curthread;
2235 	struct mount *mp;
2236 	struct fuse_data *data;
2237 	struct vattr old_va;
2238 	int dataflags;
2239 	int err = 0, err2;
2240 	accmode_t accmode = 0;
2241 	bool checkperm;
2242 	bool drop_suid = false;
2243 
2244 	mp = vnode_mount(vp);
2245 	data = fuse_get_mpdata(mp);
2246 	dataflags = data->dataflags;
2247 	checkperm = dataflags & FSESS_DEFAULT_PERMISSIONS;
2248 
2249 	if (fuse_isdeadfs(vp)) {
2250 		return ENXIO;
2251 	}
2252 
2253 	if (vap->va_uid != (uid_t)VNOVAL) {
2254 		if (checkperm) {
2255 			/* Only root may change a file's owner */
2256 			err = priv_check_cred(cred, PRIV_VFS_CHOWN);
2257 			if (err) {
2258 				/* As a special case, allow the null chown */
2259 				err2 = fuse_internal_getattr(vp, &old_va, cred,
2260 					td);
2261 				if (err2)
2262 					return (err2);
2263 				if (vap->va_uid != old_va.va_uid)
2264 					return err;
2265 				else
2266 					accmode |= VADMIN;
2267 				drop_suid = true;
2268 			} else
2269 				accmode |= VADMIN;
2270 		} else
2271 			accmode |= VADMIN;
2272 	}
2273 	if (vap->va_gid != (gid_t)VNOVAL) {
2274 		if (checkperm && priv_check_cred(cred, PRIV_VFS_CHOWN))
2275 			drop_suid = true;
2276 		if (checkperm && !groupmember(vap->va_gid, cred))
2277 		{
2278 			/*
2279 			 * Non-root users may only chgrp to one of their own
2280 			 * groups
2281 			 */
2282 			err = priv_check_cred(cred, PRIV_VFS_CHOWN);
2283 			if (err) {
2284 				/* As a special case, allow the null chgrp */
2285 				err2 = fuse_internal_getattr(vp, &old_va, cred,
2286 					td);
2287 				if (err2)
2288 					return (err2);
2289 				if (vap->va_gid != old_va.va_gid)
2290 					return err;
2291 				accmode |= VADMIN;
2292 			} else
2293 				accmode |= VADMIN;
2294 		} else
2295 			accmode |= VADMIN;
2296 	}
2297 	if (vap->va_size != VNOVAL) {
2298 		switch (vp->v_type) {
2299 		case VDIR:
2300 			return (EISDIR);
2301 		case VLNK:
2302 		case VREG:
2303 			if (vfs_isrdonly(mp))
2304 				return (EROFS);
2305 			err = vn_rlimit_trunc(vap->va_size, td);
2306 			if (err)
2307 				return (err);
2308 			break;
2309 		default:
2310 			/*
2311 			 * According to POSIX, the result is unspecified
2312 			 * for file types other than regular files,
2313 			 * directories and shared memory objects.  We
2314 			 * don't support shared memory objects in the file
2315 			 * system, and have dubious support for truncating
2316 			 * symlinks.  Just ignore the request in other cases.
2317 			 */
2318 			return (0);
2319 		}
2320 		/* Don't set accmode.  Permission to trunc is checked upstack */
2321 	}
2322 	if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) {
2323 		if (vap->va_vaflags & VA_UTIMES_NULL)
2324 			accmode |= VWRITE;
2325 		else
2326 			accmode |= VADMIN;
2327 	}
2328 	if (drop_suid) {
2329 		if (vap->va_mode != (mode_t)VNOVAL)
2330 			vap->va_mode &= ~(S_ISUID | S_ISGID);
2331 		else {
2332 			err = fuse_internal_getattr(vp, &old_va, cred, td);
2333 			if (err)
2334 				return (err);
2335 			vap->va_mode = old_va.va_mode & ~(S_ISUID | S_ISGID);
2336 		}
2337 	}
2338 	if (vap->va_mode != (mode_t)VNOVAL) {
2339 		/* Only root may set the sticky bit on non-directories */
2340 		if (checkperm && vp->v_type != VDIR && (vap->va_mode & S_ISTXT)
2341 		    && priv_check_cred(cred, PRIV_VFS_STICKYFILE))
2342 			return EFTYPE;
2343 		if (checkperm && (vap->va_mode & S_ISGID)) {
2344 			err = fuse_internal_getattr(vp, &old_va, cred, td);
2345 			if (err)
2346 				return (err);
2347 			if (!groupmember(old_va.va_gid, cred)) {
2348 				err = priv_check_cred(cred, PRIV_VFS_SETGID);
2349 				if (err)
2350 					return (err);
2351 			}
2352 		}
2353 		accmode |= VADMIN;
2354 	}
2355 
2356 	if (vfs_isrdonly(mp))
2357 		return EROFS;
2358 
2359 	if (checkperm) {
2360 		err = fuse_internal_access(vp, accmode, td, cred);
2361 	} else {
2362 		err = 0;
2363 	}
2364 	if (err)
2365 		return err;
2366 	else
2367 		return fuse_internal_setattr(vp, vap, td, cred);
2368 }
2369 
2370 /*
2371     struct vnop_strategy_args {
2372 	struct vnode *a_vp;
2373 	struct buf *a_bp;
2374     };
2375 */
2376 static int
2377 fuse_vnop_strategy(struct vop_strategy_args *ap)
2378 {
2379 	struct vnode *vp = ap->a_vp;
2380 	struct buf *bp = ap->a_bp;
2381 
2382 	if (!vp || fuse_isdeadfs(vp)) {
2383 		bp->b_ioflags |= BIO_ERROR;
2384 		bp->b_error = ENXIO;
2385 		bufdone(bp);
2386 		return 0;
2387 	}
2388 
2389 	/*
2390 	 * VOP_STRATEGY always returns zero and signals error via bp->b_ioflags.
2391 	 * fuse_io_strategy sets bp's error fields
2392 	 */
2393 	(void)fuse_io_strategy(vp, bp);
2394 
2395 	return 0;
2396 }
2397 
2398 /*
2399     struct vnop_symlink_args {
2400 	struct vnode *a_dvp;
2401 	struct vnode **a_vpp;
2402 	struct componentname *a_cnp;
2403 	struct vattr *a_vap;
2404 	char *a_target;
2405     };
2406 */
2407 static int
2408 fuse_vnop_symlink(struct vop_symlink_args *ap)
2409 {
2410 	struct vnode *dvp = ap->a_dvp;
2411 	struct vnode **vpp = ap->a_vpp;
2412 	struct componentname *cnp = ap->a_cnp;
2413 	const char *target = ap->a_target;
2414 
2415 	struct fuse_dispatcher fdi;
2416 
2417 	int err;
2418 	size_t len;
2419 
2420 	if (fuse_isdeadfs(dvp)) {
2421 		return ENXIO;
2422 	}
2423 	/*
2424 	 * Unlike the other creator type calls, here we have to create a message
2425 	 * where the name of the new entry comes first, and the data describing
2426 	 * the entry comes second.
2427 	 * Hence we can't rely on our handy fuse_internal_newentry() routine,
2428 	 * but put together the message manually and just call the core part.
2429 	 */
2430 
2431 	len = strlen(target) + 1;
2432 	fdisp_init(&fdi, len + cnp->cn_namelen + 1);
2433 	fdisp_make_vp(&fdi, FUSE_SYMLINK, dvp, curthread, NULL);
2434 
2435 	memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen);
2436 	((char *)fdi.indata)[cnp->cn_namelen] = '\0';
2437 	memcpy((char *)fdi.indata + cnp->cn_namelen + 1, target, len);
2438 
2439 	err = fuse_internal_newentry_core(dvp, vpp, cnp, VLNK, &fdi);
2440 	fdisp_destroy(&fdi);
2441 	return err;
2442 }
2443 
2444 /*
2445     struct vnop_write_args {
2446 	struct vnode *a_vp;
2447 	struct uio *a_uio;
2448 	int  a_ioflag;
2449 	struct ucred *a_cred;
2450     };
2451 */
2452 static int
2453 fuse_vnop_write(struct vop_write_args *ap)
2454 {
2455 	struct vnode *vp = ap->a_vp;
2456 	struct uio *uio = ap->a_uio;
2457 	int ioflag = ap->a_ioflag;
2458 	struct ucred *cred = ap->a_cred;
2459 	pid_t pid = curthread->td_proc->p_pid;
2460 	struct fuse_filehandle *fufh;
2461 	int err;
2462 	bool closefufh = false, directio;
2463 
2464 	MPASS(vp->v_type == VREG || vp->v_type == VDIR);
2465 
2466 	if (fuse_isdeadfs(vp)) {
2467 		return ENXIO;
2468 	}
2469 
2470 	if (VTOFUD(vp)->flag & FN_DIRECTIO) {
2471 		ioflag |= IO_DIRECT;
2472 	}
2473 
2474 	err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid);
2475 	if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) {
2476 		/*
2477 		 * nfsd will do I/O without first doing VOP_OPEN.  We
2478 		 * must implicitly open the file here
2479 		 */
2480 		err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred);
2481 		closefufh = true;
2482 	}
2483 	if (err) {
2484 		SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred);
2485 		return err;
2486 	}
2487 
2488 	/*
2489          * Ideally, when the daemon asks for direct io at open time, the
2490          * standard file flag should be set according to this, so that would
2491          * just change the default mode, which later on could be changed via
2492          * fcntl(2).
2493          * But this doesn't work, the O_DIRECT flag gets cleared at some point
2494          * (don't know where). So to make any use of the Fuse direct_io option,
2495          * we hardwire it into the file's private data (similarly to Linux,
2496          * btw.).
2497          */
2498 	directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp));
2499 
2500 	fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE);
2501 	if (directio) {
2502 		off_t start, end, filesize;
2503 		bool pages = (ioflag & IO_VMIO) != 0;
2504 
2505 		SDT_PROBE2(fusefs, , vnops, trace, 1, "direct write of vnode");
2506 
2507 		err = fuse_vnode_size(vp, &filesize, cred, curthread);
2508 		if (err)
2509 			goto out;
2510 
2511 		start = uio->uio_offset;
2512 		end = start + uio->uio_resid;
2513 		if (!pages) {
2514 			err = fuse_inval_buf_range(vp, filesize, start,
2515 			    end);
2516 			if (err)
2517 				goto out;
2518 		}
2519 		err = fuse_write_directbackend(vp, uio, cred, fufh,
2520 			filesize, ioflag, pages);
2521 	} else {
2522 		SDT_PROBE2(fusefs, , vnops, trace, 1,
2523 			"buffered write of vnode");
2524 		if (!fsess_opt_writeback(vnode_mount(vp)))
2525 			ioflag |= IO_SYNC;
2526 		err = fuse_write_biobackend(vp, uio, cred, fufh, ioflag, pid);
2527 	}
2528 	fuse_internal_clear_suid_on_write(vp, cred, uio->uio_td);
2529 
2530 out:
2531 	if (closefufh)
2532 		fuse_filehandle_close(vp, fufh, curthread, cred);
2533 
2534 	return (err);
2535 }
2536 
2537 static daddr_t
2538 fuse_gbp_getblkno(struct vnode *vp, vm_ooffset_t off)
2539 {
2540 	const int biosize = fuse_iosize(vp);
2541 
2542 	return (off / biosize);
2543 }
2544 
2545 static int
2546 fuse_gbp_getblksz(struct vnode *vp, daddr_t lbn, long *blksz)
2547 {
2548 	off_t filesize;
2549 	int err;
2550 	const int biosize = fuse_iosize(vp);
2551 
2552 	err = fuse_vnode_size(vp, &filesize, NULL, NULL);
2553 	if (err) {
2554 		/* This will turn into a SIGBUS */
2555 		return (EIO);
2556 	} else if ((off_t)lbn * biosize >= filesize) {
2557 		*blksz = 0;
2558 	} else if ((off_t)(lbn + 1) * biosize > filesize) {
2559 		*blksz = filesize - (off_t)lbn *biosize;
2560 	} else {
2561 		*blksz = biosize;
2562 	}
2563 	return (0);
2564 }
2565 
2566 /*
2567     struct vnop_getpages_args {
2568 	struct vnode *a_vp;
2569 	vm_page_t *a_m;
2570 	int a_count;
2571 	int a_reqpage;
2572     };
2573 */
2574 static int
2575 fuse_vnop_getpages(struct vop_getpages_args *ap)
2576 {
2577 	struct vnode *vp = ap->a_vp;
2578 
2579 	if (!fsess_opt_mmap(vnode_mount(vp))) {
2580 		SDT_PROBE2(fusefs, , vnops, trace, 1,
2581 			"called on non-cacheable vnode??\n");
2582 		return (VM_PAGER_ERROR);
2583 	}
2584 
2585 	return (vfs_bio_getpages(vp, ap->a_m, ap->a_count, ap->a_rbehind,
2586 	    ap->a_rahead, fuse_gbp_getblkno, fuse_gbp_getblksz));
2587 }
2588 
2589 static const char extattr_namespace_separator = '.';
2590 
2591 /*
2592     struct vop_getextattr_args {
2593 	struct vop_generic_args a_gen;
2594 	struct vnode *a_vp;
2595 	int a_attrnamespace;
2596 	const char *a_name;
2597 	struct uio *a_uio;
2598 	size_t *a_size;
2599 	struct ucred *a_cred;
2600 	struct thread *a_td;
2601     };
2602 */
2603 static int
2604 fuse_vnop_getextattr(struct vop_getextattr_args *ap)
2605 {
2606 	struct vnode *vp = ap->a_vp;
2607 	struct uio *uio = ap->a_uio;
2608 	struct fuse_dispatcher fdi;
2609 	struct fuse_getxattr_in *get_xattr_in;
2610 	struct fuse_getxattr_out *get_xattr_out;
2611 	struct mount *mp = vnode_mount(vp);
2612 	struct thread *td = ap->a_td;
2613 	struct ucred *cred = ap->a_cred;
2614 	char *prefix;
2615 	char *attr_str;
2616 	size_t len;
2617 	int err;
2618 
2619 	if (fuse_isdeadfs(vp))
2620 		return (ENXIO);
2621 
2622 	if (fsess_not_impl(mp, FUSE_GETXATTR))
2623 		return EOPNOTSUPP;
2624 
2625 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD);
2626 	if (err)
2627 		return err;
2628 
2629 	/* Default to looking for user attributes. */
2630 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
2631 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
2632 	else
2633 		prefix = EXTATTR_NAMESPACE_USER_STRING;
2634 
2635 	len = strlen(prefix) + sizeof(extattr_namespace_separator) +
2636 	    strlen(ap->a_name) + 1;
2637 
2638 	fdisp_init(&fdi, len + sizeof(*get_xattr_in));
2639 	fdisp_make_vp(&fdi, FUSE_GETXATTR, vp, td, cred);
2640 
2641 	get_xattr_in = fdi.indata;
2642 	/*
2643 	 * Check to see whether we're querying the available size or
2644 	 * issuing the actual request.  If we pass in 0, we get back struct
2645 	 * fuse_getxattr_out.  If we pass in a non-zero size, we get back
2646 	 * that much data, without the struct fuse_getxattr_out header.
2647 	 */
2648 	if (uio == NULL)
2649 		get_xattr_in->size = 0;
2650 	else
2651 		get_xattr_in->size = uio->uio_resid;
2652 
2653 	attr_str = (char *)fdi.indata + sizeof(*get_xattr_in);
2654 	snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator,
2655 	    ap->a_name);
2656 
2657 	err = fdisp_wait_answ(&fdi);
2658 	if (err != 0) {
2659 		if (err == ENOSYS) {
2660 			fsess_set_notimpl(mp, FUSE_GETXATTR);
2661 			err = EOPNOTSUPP;
2662 		}
2663 		goto out;
2664 	}
2665 
2666 	get_xattr_out = fdi.answ;
2667 
2668 	if (ap->a_size != NULL)
2669 		*ap->a_size = get_xattr_out->size;
2670 
2671 	if (uio != NULL)
2672 		err = uiomove(fdi.answ, fdi.iosize, uio);
2673 
2674 out:
2675 	fdisp_destroy(&fdi);
2676 	return (err);
2677 }
2678 
2679 /*
2680     struct vop_setextattr_args {
2681 	struct vop_generic_args a_gen;
2682 	struct vnode *a_vp;
2683 	int a_attrnamespace;
2684 	const char *a_name;
2685 	struct uio *a_uio;
2686 	struct ucred *a_cred;
2687 	struct thread *a_td;
2688     };
2689 */
2690 static int
2691 fuse_vnop_setextattr(struct vop_setextattr_args *ap)
2692 {
2693 	struct vnode *vp = ap->a_vp;
2694 	struct uio *uio = ap->a_uio;
2695 	struct fuse_dispatcher fdi;
2696 	struct fuse_setxattr_in *set_xattr_in;
2697 	struct mount *mp = vnode_mount(vp);
2698 	struct thread *td = ap->a_td;
2699 	struct ucred *cred = ap->a_cred;
2700 	char *prefix;
2701 	size_t len;
2702 	char *attr_str;
2703 	int err;
2704 
2705 	if (fuse_isdeadfs(vp))
2706 		return (ENXIO);
2707 
2708 	if (fsess_not_impl(mp, FUSE_SETXATTR))
2709 		return EOPNOTSUPP;
2710 
2711 	if (vfs_isrdonly(mp))
2712 		return EROFS;
2713 
2714 	/* Deleting xattrs must use VOP_DELETEEXTATTR instead */
2715 	if (ap->a_uio == NULL) {
2716 		/*
2717 		 * If we got here as fallback from VOP_DELETEEXTATTR, then
2718 		 * return EOPNOTSUPP.
2719 		 */
2720 		if (fsess_not_impl(mp, FUSE_REMOVEXATTR))
2721 			return (EOPNOTSUPP);
2722 		else
2723 			return (EINVAL);
2724 	}
2725 
2726 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td,
2727 		VWRITE);
2728 	if (err)
2729 		return err;
2730 
2731 	/* Default to looking for user attributes. */
2732 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
2733 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
2734 	else
2735 		prefix = EXTATTR_NAMESPACE_USER_STRING;
2736 
2737 	len = strlen(prefix) + sizeof(extattr_namespace_separator) +
2738 	    strlen(ap->a_name) + 1;
2739 
2740 	fdisp_init(&fdi, len + sizeof(*set_xattr_in) + uio->uio_resid);
2741 	fdisp_make_vp(&fdi, FUSE_SETXATTR, vp, td, cred);
2742 
2743 	set_xattr_in = fdi.indata;
2744 	set_xattr_in->size = uio->uio_resid;
2745 
2746 	attr_str = (char *)fdi.indata + sizeof(*set_xattr_in);
2747 	snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator,
2748 	    ap->a_name);
2749 
2750 	err = uiomove((char *)fdi.indata + sizeof(*set_xattr_in) + len,
2751 	    uio->uio_resid, uio);
2752 	if (err != 0) {
2753 		goto out;
2754 	}
2755 
2756 	err = fdisp_wait_answ(&fdi);
2757 
2758 	if (err == ENOSYS) {
2759 		fsess_set_notimpl(mp, FUSE_SETXATTR);
2760 		err = EOPNOTSUPP;
2761 	}
2762 	if (err == ERESTART) {
2763 		/* Can't restart after calling uiomove */
2764 		err = EINTR;
2765 	}
2766 
2767 out:
2768 	fdisp_destroy(&fdi);
2769 	return (err);
2770 }
2771 
2772 /*
2773  * The Linux / FUSE extended attribute list is simply a collection of
2774  * NUL-terminated strings.  The FreeBSD extended attribute list is a single
2775  * byte length followed by a non-NUL terminated string.  So, this allows
2776  * conversion of the Linux / FUSE format to the FreeBSD format in place.
2777  * Linux attribute names are reported with the namespace as a prefix (e.g.
2778  * "user.attribute_name"), but in FreeBSD they are reported without the
2779  * namespace prefix (e.g. "attribute_name").  So, we're going from:
2780  *
2781  * user.attr_name1\0user.attr_name2\0
2782  *
2783  * to:
2784  *
2785  * <num>attr_name1<num>attr_name2
2786  *
2787  * Where "<num>" is a single byte number of characters in the attribute name.
2788  *
2789  * Args:
2790  * prefix - exattr namespace prefix string
2791  * list, list_len - input list with namespace prefixes
2792  * bsd_list, bsd_list_len - output list compatible with bsd vfs
2793  */
2794 static int
2795 fuse_xattrlist_convert(char *prefix, const char *list, int list_len,
2796     char *bsd_list, int *bsd_list_len)
2797 {
2798 	int len, pos, dist_to_next, prefix_len;
2799 
2800 	pos = 0;
2801 	*bsd_list_len = 0;
2802 	prefix_len = strlen(prefix);
2803 
2804 	while (pos < list_len && list[pos] != '\0') {
2805 		dist_to_next = strlen(&list[pos]) + 1;
2806 		if (bcmp(&list[pos], prefix, prefix_len) == 0 &&
2807 		    list[pos + prefix_len] == extattr_namespace_separator) {
2808 			len = dist_to_next -
2809 			    (prefix_len + sizeof(extattr_namespace_separator)) - 1;
2810 			if (len >= EXTATTR_MAXNAMELEN)
2811 				return (ENAMETOOLONG);
2812 
2813 			bsd_list[*bsd_list_len] = len;
2814 			memcpy(&bsd_list[*bsd_list_len + 1],
2815 			    &list[pos + prefix_len +
2816 			    sizeof(extattr_namespace_separator)], len);
2817 
2818 			*bsd_list_len += len + 1;
2819 		}
2820 
2821 		pos += dist_to_next;
2822 	}
2823 
2824 	return (0);
2825 }
2826 
2827 /*
2828  * List extended attributes
2829  *
2830  * The FUSE_LISTXATTR operation is based on Linux's listxattr(2) syscall, which
2831  * has a number of differences compared to its FreeBSD equivalent,
2832  * extattr_list_file:
2833  *
2834  * - FUSE_LISTXATTR returns all extended attributes across all namespaces,
2835  *   whereas listxattr(2) only returns attributes for a single namespace
2836  * - FUSE_LISTXATTR prepends each attribute name with "namespace."
2837  * - If the provided buffer is not large enough to hold the result,
2838  *   FUSE_LISTXATTR should return ERANGE, whereas listxattr is expected to
2839  *   return as many results as will fit.
2840  */
2841 /*
2842     struct vop_listextattr_args {
2843 	struct vop_generic_args a_gen;
2844 	struct vnode *a_vp;
2845 	int a_attrnamespace;
2846 	struct uio *a_uio;
2847 	size_t *a_size;
2848 	struct ucred *a_cred;
2849 	struct thread *a_td;
2850     };
2851 */
2852 static int
2853 fuse_vnop_listextattr(struct vop_listextattr_args *ap)
2854 {
2855 	struct vnode *vp = ap->a_vp;
2856 	struct uio *uio = ap->a_uio;
2857 	struct fuse_dispatcher fdi;
2858 	struct fuse_listxattr_in *list_xattr_in;
2859 	struct fuse_listxattr_out *list_xattr_out;
2860 	struct mount *mp = vnode_mount(vp);
2861 	struct thread *td = ap->a_td;
2862 	struct ucred *cred = ap->a_cred;
2863 	char *prefix;
2864 	char *bsd_list = NULL;
2865 	char *linux_list;
2866 	int bsd_list_len;
2867 	int linux_list_len;
2868 	int err;
2869 
2870 	if (fuse_isdeadfs(vp))
2871 		return (ENXIO);
2872 
2873 	if (fsess_not_impl(mp, FUSE_LISTXATTR))
2874 		return EOPNOTSUPP;
2875 
2876 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD);
2877 	if (err)
2878 		return err;
2879 
2880 	/*
2881 	 * Add space for a NUL and the period separator if enabled.
2882 	 * Default to looking for user attributes.
2883 	 */
2884 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
2885 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
2886 	else
2887 		prefix = EXTATTR_NAMESPACE_USER_STRING;
2888 
2889 	fdisp_init(&fdi, sizeof(*list_xattr_in));
2890 	fdisp_make_vp(&fdi, FUSE_LISTXATTR, vp, td, cred);
2891 
2892 	/*
2893 	 * Retrieve Linux / FUSE compatible list size.
2894 	 */
2895 	list_xattr_in = fdi.indata;
2896 	list_xattr_in->size = 0;
2897 
2898 	err = fdisp_wait_answ(&fdi);
2899 	if (err != 0) {
2900 		if (err == ENOSYS) {
2901 			fsess_set_notimpl(mp, FUSE_LISTXATTR);
2902 			err = EOPNOTSUPP;
2903 		}
2904 		goto out;
2905 	}
2906 
2907 	list_xattr_out = fdi.answ;
2908 	linux_list_len = list_xattr_out->size;
2909 	if (linux_list_len == 0) {
2910 		if (ap->a_size != NULL)
2911 			*ap->a_size = linux_list_len;
2912 		goto out;
2913 	}
2914 
2915 	/*
2916 	 * Retrieve Linux / FUSE compatible list values.
2917 	 */
2918 	fdisp_refresh_vp(&fdi, FUSE_LISTXATTR, vp, td, cred);
2919 	list_xattr_in = fdi.indata;
2920 	list_xattr_in->size = linux_list_len;
2921 
2922 	err = fdisp_wait_answ(&fdi);
2923 	if (err == ERANGE) {
2924 		/*
2925 		 * Race detected.  The attribute list must've grown since the
2926 		 * first FUSE_LISTXATTR call.  Start over.  Go all the way back
2927 		 * to userland so we can process signals, if necessary, before
2928 		 * restarting.
2929 		 */
2930 		err = ERESTART;
2931 		goto out;
2932 	} else if (err != 0)
2933 		goto out;
2934 
2935 	linux_list = fdi.answ;
2936 	/* FUSE doesn't allow the server to return more data than requested */
2937 	if (fdi.iosize > linux_list_len) {
2938 		struct fuse_data *data = fuse_get_mpdata(mp);
2939 
2940 		fuse_warn(data, FSESS_WARN_LSEXTATTR_LONG,
2941 			"server returned "
2942 			"more extended attribute data than requested; "
2943 			"should've returned ERANGE instead.");
2944 	} else {
2945 		/* But returning less data is fine */
2946 		linux_list_len = fdi.iosize;
2947 	}
2948 
2949 	/*
2950 	 * Retrieve the BSD compatible list values.
2951 	 * The Linux / FUSE attribute list format isn't the same
2952 	 * as FreeBSD's format. So we need to transform it into
2953 	 * FreeBSD's format before giving it to the user.
2954 	 */
2955 	bsd_list = malloc(linux_list_len, M_TEMP, M_WAITOK);
2956 	err = fuse_xattrlist_convert(prefix, linux_list, linux_list_len,
2957 	    bsd_list, &bsd_list_len);
2958 	if (err != 0)
2959 		goto out;
2960 
2961 	if (ap->a_size != NULL)
2962 		*ap->a_size = bsd_list_len;
2963 
2964 	if (uio != NULL)
2965 		err = uiomove(bsd_list, bsd_list_len, uio);
2966 
2967 out:
2968 	free(bsd_list, M_TEMP);
2969 	fdisp_destroy(&fdi);
2970 	return (err);
2971 }
2972 
2973 /*
2974     struct vop_deallocate_args {
2975 	struct vop_generic_args a_gen;
2976 	struct vnode *a_vp;
2977 	off_t *a_offset;
2978 	off_t *a_len;
2979 	int a_flags;
2980 	int a_ioflag;
2981         struct ucred *a_cred;
2982     };
2983 */
2984 static int
2985 fuse_vnop_deallocate(struct vop_deallocate_args *ap)
2986 {
2987 	struct vnode *vp = ap->a_vp;
2988 	struct mount *mp = vnode_mount(vp);
2989 	struct fuse_filehandle *fufh;
2990 	struct fuse_dispatcher fdi;
2991 	struct fuse_fallocate_in *ffi;
2992 	struct ucred *cred = ap->a_cred;
2993 	pid_t pid = curthread->td_proc->p_pid;
2994 	off_t *len = ap->a_len;
2995 	off_t *offset = ap->a_offset;
2996 	int ioflag = ap->a_ioflag;
2997 	off_t filesize;
2998 	int err;
2999 	bool closefufh = false;
3000 
3001 	if (fuse_isdeadfs(vp))
3002 		return (ENXIO);
3003 
3004 	if (vfs_isrdonly(mp))
3005 		return (EROFS);
3006 
3007 	if (fsess_not_impl(mp, FUSE_FALLOCATE))
3008 		goto fallback;
3009 
3010 	err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid);
3011 	if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) {
3012 		/*
3013 		 * nfsd will do I/O without first doing VOP_OPEN.  We
3014 		 * must implicitly open the file here
3015 		 */
3016 		err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred);
3017 		closefufh = true;
3018 	}
3019 	if (err)
3020 		return (err);
3021 
3022 	fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE);
3023 
3024 	err = fuse_vnode_size(vp, &filesize, cred, curthread);
3025 	if (err)
3026 		goto out;
3027 	fuse_inval_buf_range(vp, filesize, *offset, *offset + *len);
3028 
3029 	fdisp_init(&fdi, sizeof(*ffi));
3030 	fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred);
3031 	ffi = fdi.indata;
3032 	ffi->fh = fufh->fh_id;
3033 	ffi->offset = *offset;
3034 	ffi->length = *len;
3035 	/*
3036 	 * FreeBSD's fspacectl is equivalent to Linux's fallocate with
3037 	 * mode == FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE
3038 	 */
3039 	ffi->mode = FUSE_FALLOC_FL_PUNCH_HOLE | FUSE_FALLOC_FL_KEEP_SIZE;
3040 	err = fdisp_wait_answ(&fdi);
3041 
3042 	if (err == ENOSYS) {
3043 		fdisp_destroy(&fdi);
3044 		fsess_set_notimpl(mp, FUSE_FALLOCATE);
3045 		goto fallback;
3046 	} else if (err == EOPNOTSUPP) {
3047 		/*
3048 		 * The file system server does not support FUSE_FALLOCATE with
3049 		 * the supplied mode for this particular file.
3050 		 */
3051 		fdisp_destroy(&fdi);
3052 		goto fallback;
3053 	} else if (!err) {
3054 		/*
3055 		 * Clip the returned offset to EoF.  Do it here rather than
3056 		 * before FUSE_FALLOCATE just in case the kernel's cached file
3057 		 * size is out of date.  Unfortunately, FUSE does not return
3058 		 * any information about filesize from that operation.
3059 		 */
3060 		*offset = MIN(*offset + *len, filesize);
3061 		*len = 0;
3062 		fuse_vnode_undirty_cached_timestamps(vp, false);
3063 		fuse_internal_clear_suid_on_write(vp, cred, curthread);
3064 
3065 		if (ioflag & IO_SYNC)
3066 			err = fuse_internal_fsync(vp, curthread, MNT_WAIT,
3067 			    false);
3068 	}
3069 
3070 out:
3071 	fdisp_destroy(&fdi);
3072 	if (closefufh)
3073 		fuse_filehandle_close(vp, fufh, curthread, cred);
3074 
3075 	return (err);
3076 
3077 fallback:
3078 	if (closefufh)
3079 		fuse_filehandle_close(vp, fufh, curthread, cred);
3080 
3081 	return (vop_stddeallocate(ap));
3082 }
3083 
3084 /*
3085     struct vop_deleteextattr_args {
3086 	struct vop_generic_args a_gen;
3087 	struct vnode *a_vp;
3088 	int a_attrnamespace;
3089 	const char *a_name;
3090 	struct ucred *a_cred;
3091 	struct thread *a_td;
3092     };
3093 */
3094 static int
3095 fuse_vnop_deleteextattr(struct vop_deleteextattr_args *ap)
3096 {
3097 	struct vnode *vp = ap->a_vp;
3098 	struct fuse_dispatcher fdi;
3099 	struct mount *mp = vnode_mount(vp);
3100 	struct thread *td = ap->a_td;
3101 	struct ucred *cred = ap->a_cred;
3102 	char *prefix;
3103 	size_t len;
3104 	char *attr_str;
3105 	int err;
3106 
3107 	if (fuse_isdeadfs(vp))
3108 		return (ENXIO);
3109 
3110 	if (fsess_not_impl(mp, FUSE_REMOVEXATTR))
3111 		return EOPNOTSUPP;
3112 
3113 	if (vfs_isrdonly(mp))
3114 		return EROFS;
3115 
3116 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td,
3117 		VWRITE);
3118 	if (err)
3119 		return err;
3120 
3121 	/* Default to looking for user attributes. */
3122 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
3123 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
3124 	else
3125 		prefix = EXTATTR_NAMESPACE_USER_STRING;
3126 
3127 	len = strlen(prefix) + sizeof(extattr_namespace_separator) +
3128 	    strlen(ap->a_name) + 1;
3129 
3130 	fdisp_init(&fdi, len);
3131 	fdisp_make_vp(&fdi, FUSE_REMOVEXATTR, vp, td, cred);
3132 
3133 	attr_str = fdi.indata;
3134 	snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator,
3135 	    ap->a_name);
3136 
3137 	err = fdisp_wait_answ(&fdi);
3138 	if (err == ENOSYS) {
3139 		fsess_set_notimpl(mp, FUSE_REMOVEXATTR);
3140 		err = EOPNOTSUPP;
3141 	}
3142 
3143 	fdisp_destroy(&fdi);
3144 	return (err);
3145 }
3146 
3147 /*
3148     struct vnop_print_args {
3149 	struct vnode *a_vp;
3150     };
3151 */
3152 static int
3153 fuse_vnop_print(struct vop_print_args *ap)
3154 {
3155 	struct fuse_vnode_data *fvdat = VTOFUD(ap->a_vp);
3156 
3157 	printf("nodeid: %ju, parent nodeid: %ju, nlookup: %ju, flag: %#x\n",
3158 	    (uintmax_t)VTOILLU(ap->a_vp), (uintmax_t)fvdat->parent_nid,
3159 	    (uintmax_t)fvdat->nlookup,
3160 	    fvdat->flag);
3161 
3162 	return 0;
3163 }
3164 
3165 /*
3166  * Get an NFS filehandle for a FUSE file.
3167  *
3168  * This will only work for FUSE file systems that guarantee the uniqueness of
3169  * nodeid:generation, which most don't.
3170  */
3171 /*
3172 vop_vptofh {
3173 	IN struct vnode *a_vp;
3174 	IN struct fid *a_fhp;
3175 };
3176 */
3177 static int
3178 fuse_vnop_vptofh(struct vop_vptofh_args *ap)
3179 {
3180 	struct vnode *vp = ap->a_vp;
3181 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
3182 	struct fuse_fid *fhp = (struct fuse_fid *)(ap->a_fhp);
3183 	_Static_assert(sizeof(struct fuse_fid) <= sizeof(struct fid),
3184 		"FUSE fid type is too big");
3185 	struct mount *mp = vnode_mount(vp);
3186 	struct fuse_data *data = fuse_get_mpdata(mp);
3187 	struct vattr va;
3188 	int err;
3189 
3190 	if (!(data->dataflags & FSESS_EXPORT_SUPPORT)) {
3191 		/* NFS requires lookups for "." and ".." */
3192 		SDT_PROBE2(fusefs, , vnops, trace, 1,
3193 			"VOP_VPTOFH without FUSE_EXPORT_SUPPORT");
3194 		return EOPNOTSUPP;
3195 	}
3196 	if ((mp->mnt_flag & MNT_EXPORTED) &&
3197 		!(data->dataflags & FSESS_NO_OPENDIR_SUPPORT))
3198 	{
3199 		/*
3200 		 * NFS is stateless, so nfsd must reopen a directory on every
3201 		 * call to VOP_READDIR, passing in the d_off field from the
3202 		 * final dirent of the previous invocation.  But without
3203 		 * FUSE_NO_OPENDIR_SUPPORT, the FUSE protocol does not
3204 		 * guarantee that d_off will be valid after a directory is
3205 		 * closed and reopened.  So prohibit exporting FUSE file
3206 		 * systems that don't set that flag.
3207 		 *
3208 		 * But userspace NFS servers don't have this problem.
3209                  */
3210 		SDT_PROBE2(fusefs, , vnops, trace, 1,
3211 			"VOP_VPTOFH without FUSE_NO_OPENDIR_SUPPORT");
3212 		return EOPNOTSUPP;
3213 	}
3214 
3215 	err = fuse_internal_getattr(vp, &va, curthread->td_ucred, curthread);
3216 	if (err)
3217 		return err;
3218 
3219 	/*ip = VTOI(ap->a_vp);*/
3220 	/*ufhp = (struct ufid *)ap->a_fhp;*/
3221 	fhp->len = sizeof(struct fuse_fid);
3222 	fhp->nid = fvdat->nid;
3223 	if (fvdat->generation <= UINT32_MAX)
3224 		fhp->gen = fvdat->generation;
3225 	else
3226 		return EOVERFLOW;
3227 	return (0);
3228 }
3229