1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2007-2009 Google Inc. and Amit Singh 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are 9 * met: 10 * 11 * * Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * * Redistributions in binary form must reproduce the above 14 * copyright notice, this list of conditions and the following disclaimer 15 * in the documentation and/or other materials provided with the 16 * distribution. 17 * * Neither the name of Google Inc. nor the names of its 18 * contributors may be used to endorse or promote products derived from 19 * this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 * Copyright (C) 2005 Csaba Henk. 34 * All rights reserved. 35 * 36 * Copyright (c) 2019 The FreeBSD Foundation 37 * 38 * Portions of this software were developed by BFF Storage Systems, LLC under 39 * sponsorship from the FreeBSD Foundation. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 50 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 */ 62 63 #include <sys/cdefs.h> 64 #include <sys/param.h> 65 #include <sys/module.h> 66 #include <sys/systm.h> 67 #include <sys/errno.h> 68 #include <sys/kernel.h> 69 #include <sys/conf.h> 70 #include <sys/filio.h> 71 #include <sys/uio.h> 72 #include <sys/malloc.h> 73 #include <sys/queue.h> 74 #include <sys/limits.h> 75 #include <sys/lock.h> 76 #include <sys/rwlock.h> 77 #include <sys/sx.h> 78 #include <sys/proc.h> 79 #include <sys/mount.h> 80 #include <sys/vnode.h> 81 #include <sys/namei.h> 82 #include <sys/extattr.h> 83 #include <sys/stat.h> 84 #include <sys/unistd.h> 85 #include <sys/filedesc.h> 86 #include <sys/file.h> 87 #include <sys/fcntl.h> 88 #include <sys/dirent.h> 89 #include <sys/bio.h> 90 #include <sys/buf.h> 91 #include <sys/sysctl.h> 92 #include <sys/vmmeter.h> 93 94 #include <vm/vm.h> 95 #include <vm/vm_extern.h> 96 #include <vm/pmap.h> 97 #include <vm/vm_map.h> 98 #include <vm/vm_page.h> 99 #include <vm/vm_param.h> 100 #include <vm/vm_object.h> 101 #include <vm/vm_pager.h> 102 #include <vm/vnode_pager.h> 103 #include <vm/vm_object.h> 104 105 #include "fuse.h" 106 #include "fuse_file.h" 107 #include "fuse_internal.h" 108 #include "fuse_ipc.h" 109 #include "fuse_node.h" 110 #include "fuse_io.h" 111 112 #include <sys/priv.h> 113 114 /* Maximum number of hardlinks to a single FUSE file */ 115 #define FUSE_LINK_MAX UINT32_MAX 116 117 SDT_PROVIDER_DECLARE(fusefs); 118 /* 119 * Fuse trace probe: 120 * arg0: verbosity. Higher numbers give more verbose messages 121 * arg1: Textual message 122 */ 123 SDT_PROBE_DEFINE2(fusefs, , vnops, trace, "int", "char*"); 124 125 /* vnode ops */ 126 static vop_access_t fuse_vnop_access; 127 static vop_advlock_t fuse_vnop_advlock; 128 static vop_allocate_t fuse_vnop_allocate; 129 static vop_bmap_t fuse_vnop_bmap; 130 static vop_close_t fuse_fifo_close; 131 static vop_close_t fuse_vnop_close; 132 static vop_copy_file_range_t fuse_vnop_copy_file_range; 133 static vop_create_t fuse_vnop_create; 134 static vop_deallocate_t fuse_vnop_deallocate; 135 static vop_deleteextattr_t fuse_vnop_deleteextattr; 136 static vop_fdatasync_t fuse_vnop_fdatasync; 137 static vop_fsync_t fuse_vnop_fsync; 138 static vop_getattr_t fuse_vnop_getattr; 139 static vop_getextattr_t fuse_vnop_getextattr; 140 static vop_inactive_t fuse_vnop_inactive; 141 static vop_ioctl_t fuse_vnop_ioctl; 142 static vop_link_t fuse_vnop_link; 143 static vop_listextattr_t fuse_vnop_listextattr; 144 static vop_lookup_t fuse_vnop_lookup; 145 static vop_mkdir_t fuse_vnop_mkdir; 146 static vop_mknod_t fuse_vnop_mknod; 147 static vop_open_t fuse_vnop_open; 148 static vop_pathconf_t fuse_vnop_pathconf; 149 static vop_read_t fuse_vnop_read; 150 static vop_readdir_t fuse_vnop_readdir; 151 static vop_readlink_t fuse_vnop_readlink; 152 static vop_reclaim_t fuse_vnop_reclaim; 153 static vop_remove_t fuse_vnop_remove; 154 static vop_rename_t fuse_vnop_rename; 155 static vop_rmdir_t fuse_vnop_rmdir; 156 static vop_setattr_t fuse_vnop_setattr; 157 static vop_setextattr_t fuse_vnop_setextattr; 158 static vop_strategy_t fuse_vnop_strategy; 159 static vop_symlink_t fuse_vnop_symlink; 160 static vop_write_t fuse_vnop_write; 161 static vop_getpages_t fuse_vnop_getpages; 162 static vop_print_t fuse_vnop_print; 163 static vop_vptofh_t fuse_vnop_vptofh; 164 165 struct vop_vector fuse_fifoops = { 166 .vop_default = &fifo_specops, 167 .vop_access = fuse_vnop_access, 168 .vop_close = fuse_fifo_close, 169 .vop_fsync = fuse_vnop_fsync, 170 .vop_getattr = fuse_vnop_getattr, 171 .vop_inactive = fuse_vnop_inactive, 172 .vop_pathconf = fuse_vnop_pathconf, 173 .vop_print = fuse_vnop_print, 174 .vop_read = VOP_PANIC, 175 .vop_reclaim = fuse_vnop_reclaim, 176 .vop_setattr = fuse_vnop_setattr, 177 .vop_write = VOP_PANIC, 178 .vop_vptofh = fuse_vnop_vptofh, 179 }; 180 VFS_VOP_VECTOR_REGISTER(fuse_fifoops); 181 182 struct vop_vector fuse_vnops = { 183 .vop_allocate = fuse_vnop_allocate, 184 .vop_default = &default_vnodeops, 185 .vop_access = fuse_vnop_access, 186 .vop_advlock = fuse_vnop_advlock, 187 .vop_bmap = fuse_vnop_bmap, 188 .vop_close = fuse_vnop_close, 189 .vop_copy_file_range = fuse_vnop_copy_file_range, 190 .vop_create = fuse_vnop_create, 191 .vop_deallocate = fuse_vnop_deallocate, 192 .vop_deleteextattr = fuse_vnop_deleteextattr, 193 .vop_fsync = fuse_vnop_fsync, 194 .vop_fdatasync = fuse_vnop_fdatasync, 195 .vop_getattr = fuse_vnop_getattr, 196 .vop_getextattr = fuse_vnop_getextattr, 197 .vop_inactive = fuse_vnop_inactive, 198 .vop_ioctl = fuse_vnop_ioctl, 199 .vop_link = fuse_vnop_link, 200 .vop_listextattr = fuse_vnop_listextattr, 201 .vop_lookup = fuse_vnop_lookup, 202 .vop_mkdir = fuse_vnop_mkdir, 203 .vop_mknod = fuse_vnop_mknod, 204 .vop_open = fuse_vnop_open, 205 .vop_pathconf = fuse_vnop_pathconf, 206 /* 207 * TODO: implement vop_poll after upgrading to protocol 7.21. 208 * FUSE_POLL was added in protocol 7.11, but it's kind of broken until 209 * 7.21, which adds the ability for the client to choose which poll 210 * events it wants, and for a client to deregister a file handle 211 */ 212 .vop_read = fuse_vnop_read, 213 .vop_readdir = fuse_vnop_readdir, 214 .vop_readlink = fuse_vnop_readlink, 215 .vop_reclaim = fuse_vnop_reclaim, 216 .vop_remove = fuse_vnop_remove, 217 .vop_rename = fuse_vnop_rename, 218 .vop_rmdir = fuse_vnop_rmdir, 219 .vop_setattr = fuse_vnop_setattr, 220 .vop_setextattr = fuse_vnop_setextattr, 221 .vop_strategy = fuse_vnop_strategy, 222 .vop_symlink = fuse_vnop_symlink, 223 .vop_write = fuse_vnop_write, 224 .vop_getpages = fuse_vnop_getpages, 225 .vop_print = fuse_vnop_print, 226 .vop_vptofh = fuse_vnop_vptofh, 227 }; 228 VFS_VOP_VECTOR_REGISTER(fuse_vnops); 229 230 /* Check permission for extattr operations, much like extattr_check_cred */ 231 static int 232 fuse_extattr_check_cred(struct vnode *vp, int ns, struct ucred *cred, 233 struct thread *td, accmode_t accmode) 234 { 235 struct mount *mp = vnode_mount(vp); 236 struct fuse_data *data = fuse_get_mpdata(mp); 237 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 238 239 /* 240 * Kernel-invoked always succeeds. 241 */ 242 if (cred == NOCRED) 243 return (0); 244 245 /* 246 * Do not allow privileged processes in jail to directly manipulate 247 * system attributes. 248 */ 249 switch (ns) { 250 case EXTATTR_NAMESPACE_SYSTEM: 251 if (default_permissions) { 252 return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM)); 253 } 254 return (0); 255 case EXTATTR_NAMESPACE_USER: 256 if (default_permissions) { 257 return (fuse_internal_access(vp, accmode, td, cred)); 258 } 259 return (0); 260 default: 261 return (EPERM); 262 } 263 } 264 265 /* Get a filehandle for a directory */ 266 static int 267 fuse_filehandle_get_dir(struct vnode *vp, struct fuse_filehandle **fufhp, 268 struct ucred *cred, pid_t pid) 269 { 270 if (fuse_filehandle_get(vp, FREAD, fufhp, cred, pid) == 0) 271 return 0; 272 return fuse_filehandle_get(vp, FEXEC, fufhp, cred, pid); 273 } 274 275 /* Send FUSE_FLUSH for this vnode */ 276 static int 277 fuse_flush(struct vnode *vp, struct ucred *cred, pid_t pid, int fflag) 278 { 279 struct fuse_flush_in *ffi; 280 struct fuse_filehandle *fufh; 281 struct fuse_dispatcher fdi; 282 struct thread *td = curthread; 283 struct mount *mp = vnode_mount(vp); 284 int err; 285 286 if (fsess_not_impl(vnode_mount(vp), FUSE_FLUSH)) 287 return 0; 288 289 err = fuse_filehandle_getrw(vp, fflag, &fufh, cred, pid); 290 if (err) 291 return err; 292 293 fdisp_init(&fdi, sizeof(*ffi)); 294 fdisp_make_vp(&fdi, FUSE_FLUSH, vp, td, cred); 295 ffi = fdi.indata; 296 ffi->fh = fufh->fh_id; 297 /* 298 * If the file has a POSIX lock then we're supposed to set lock_owner. 299 * If not, then lock_owner is undefined. So we may as well always set 300 * it. 301 */ 302 ffi->lock_owner = td->td_proc->p_pid; 303 304 err = fdisp_wait_answ(&fdi); 305 if (err == ENOSYS) { 306 fsess_set_notimpl(mp, FUSE_FLUSH); 307 err = 0; 308 } 309 fdisp_destroy(&fdi); 310 return err; 311 } 312 313 /* Close wrapper for fifos. */ 314 static int 315 fuse_fifo_close(struct vop_close_args *ap) 316 { 317 return (fifo_specops.vop_close(ap)); 318 } 319 320 /* Invalidate a range of cached data, whether dirty of not */ 321 static int 322 fuse_inval_buf_range(struct vnode *vp, off_t filesize, off_t start, off_t end) 323 { 324 struct buf *bp; 325 daddr_t left_lbn, end_lbn, right_lbn; 326 off_t new_filesize; 327 int iosize, left_on, right_on, right_blksize; 328 329 iosize = fuse_iosize(vp); 330 left_lbn = start / iosize; 331 end_lbn = howmany(end, iosize); 332 left_on = start & (iosize - 1); 333 if (left_on != 0) { 334 bp = getblk(vp, left_lbn, iosize, PCATCH, 0, 0); 335 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyend >= left_on) { 336 /* 337 * Flush the dirty buffer, because we don't have a 338 * byte-granular way to record which parts of the 339 * buffer are valid. 340 */ 341 bwrite(bp); 342 if (bp->b_error) 343 return (bp->b_error); 344 } else { 345 brelse(bp); 346 } 347 } 348 right_on = end & (iosize - 1); 349 if (right_on != 0) { 350 right_lbn = end / iosize; 351 new_filesize = MAX(filesize, end); 352 right_blksize = MIN(iosize, new_filesize - iosize * right_lbn); 353 bp = getblk(vp, right_lbn, right_blksize, PCATCH, 0, 0); 354 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyoff < right_on) { 355 /* 356 * Flush the dirty buffer, because we don't have a 357 * byte-granular way to record which parts of the 358 * buffer are valid. 359 */ 360 bwrite(bp); 361 if (bp->b_error) 362 return (bp->b_error); 363 } else { 364 brelse(bp); 365 } 366 } 367 368 v_inval_buf_range(vp, left_lbn, end_lbn, iosize); 369 return (0); 370 } 371 372 373 /* Send FUSE_LSEEK for this node */ 374 static int 375 fuse_vnop_do_lseek(struct vnode *vp, struct thread *td, struct ucred *cred, 376 pid_t pid, off_t *offp, int whence) 377 { 378 struct fuse_dispatcher fdi; 379 struct fuse_filehandle *fufh; 380 struct fuse_lseek_in *flsi; 381 struct fuse_lseek_out *flso; 382 struct mount *mp = vnode_mount(vp); 383 int err; 384 385 ASSERT_VOP_LOCKED(vp, __func__); 386 387 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 388 if (err) 389 return (err); 390 fdisp_init(&fdi, sizeof(*flsi)); 391 fdisp_make_vp(&fdi, FUSE_LSEEK, vp, td, cred); 392 flsi = fdi.indata; 393 flsi->fh = fufh->fh_id; 394 flsi->offset = *offp; 395 flsi->whence = whence; 396 err = fdisp_wait_answ(&fdi); 397 if (err == ENOSYS) { 398 fsess_set_notimpl(mp, FUSE_LSEEK); 399 } else if (err == 0) { 400 fsess_set_impl(mp, FUSE_LSEEK); 401 flso = fdi.answ; 402 *offp = flso->offset; 403 } 404 fdisp_destroy(&fdi); 405 406 return (err); 407 } 408 409 /* 410 struct vnop_access_args { 411 struct vnode *a_vp; 412 #if VOP_ACCESS_TAKES_ACCMODE_T 413 accmode_t a_accmode; 414 #else 415 int a_mode; 416 #endif 417 struct ucred *a_cred; 418 struct thread *a_td; 419 }; 420 */ 421 static int 422 fuse_vnop_access(struct vop_access_args *ap) 423 { 424 struct vnode *vp = ap->a_vp; 425 int accmode = ap->a_accmode; 426 struct ucred *cred = ap->a_cred; 427 428 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 429 430 int err; 431 432 if (fuse_isdeadfs(vp)) { 433 if (vnode_isvroot(vp)) { 434 return 0; 435 } 436 return ENXIO; 437 } 438 if (!(data->dataflags & FSESS_INITED)) { 439 if (vnode_isvroot(vp)) { 440 if (priv_check_cred(cred, PRIV_VFS_ADMIN) || 441 (fuse_match_cred(data->daemoncred, cred) == 0)) { 442 return 0; 443 } 444 } 445 return EBADF; 446 } 447 if (vnode_islnk(vp)) { 448 return 0; 449 } 450 451 err = fuse_internal_access(vp, accmode, ap->a_td, ap->a_cred); 452 return err; 453 } 454 455 /* 456 * struct vop_advlock_args { 457 * struct vop_generic_args a_gen; 458 * struct vnode *a_vp; 459 * void *a_id; 460 * int a_op; 461 * struct flock *a_fl; 462 * int a_flags; 463 * } 464 */ 465 static int 466 fuse_vnop_advlock(struct vop_advlock_args *ap) 467 { 468 struct vnode *vp = ap->a_vp; 469 struct flock *fl = ap->a_fl; 470 struct thread *td = curthread; 471 struct ucred *cred = td->td_ucred; 472 pid_t pid = td->td_proc->p_pid; 473 struct fuse_filehandle *fufh; 474 struct fuse_dispatcher fdi; 475 struct fuse_lk_in *fli; 476 struct fuse_lk_out *flo; 477 struct vattr vattr; 478 enum fuse_opcode op; 479 off_t size, start; 480 int dataflags, err; 481 int flags = ap->a_flags; 482 483 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 484 485 if (fuse_isdeadfs(vp)) { 486 return ENXIO; 487 } 488 489 switch(ap->a_op) { 490 case F_GETLK: 491 op = FUSE_GETLK; 492 break; 493 case F_SETLK: 494 if (flags & F_WAIT) 495 op = FUSE_SETLKW; 496 else 497 op = FUSE_SETLK; 498 break; 499 case F_UNLCK: 500 op = FUSE_SETLK; 501 break; 502 default: 503 return EINVAL; 504 } 505 506 if (!(dataflags & FSESS_POSIX_LOCKS)) 507 return vop_stdadvlock(ap); 508 /* FUSE doesn't properly support flock until protocol 7.17 */ 509 if (flags & F_FLOCK) 510 return vop_stdadvlock(ap); 511 512 vn_lock(vp, LK_SHARED | LK_RETRY); 513 514 switch (fl->l_whence) { 515 case SEEK_SET: 516 case SEEK_CUR: 517 /* 518 * Caller is responsible for adding any necessary offset 519 * when SEEK_CUR is used. 520 */ 521 start = fl->l_start; 522 break; 523 524 case SEEK_END: 525 err = fuse_internal_getattr(vp, &vattr, cred, td); 526 if (err) 527 goto out; 528 size = vattr.va_size; 529 if (size > OFF_MAX || 530 (fl->l_start > 0 && size > OFF_MAX - fl->l_start)) { 531 err = EOVERFLOW; 532 goto out; 533 } 534 start = size + fl->l_start; 535 break; 536 537 default: 538 return (EINVAL); 539 } 540 541 err = fuse_filehandle_get_anyflags(vp, &fufh, cred, pid); 542 if (err) 543 goto out; 544 545 fdisp_init(&fdi, sizeof(*fli)); 546 547 fdisp_make_vp(&fdi, op, vp, td, cred); 548 fli = fdi.indata; 549 fli->fh = fufh->fh_id; 550 fli->owner = td->td_proc->p_pid; 551 fli->lk.start = start; 552 if (fl->l_len != 0) 553 fli->lk.end = start + fl->l_len - 1; 554 else 555 fli->lk.end = INT64_MAX; 556 fli->lk.type = fl->l_type; 557 fli->lk.pid = td->td_proc->p_pid; 558 559 err = fdisp_wait_answ(&fdi); 560 fdisp_destroy(&fdi); 561 562 if (err == 0 && op == FUSE_GETLK) { 563 flo = fdi.answ; 564 fl->l_type = flo->lk.type; 565 fl->l_whence = SEEK_SET; 566 if (flo->lk.type != F_UNLCK) { 567 fl->l_pid = flo->lk.pid; 568 fl->l_start = flo->lk.start; 569 if (flo->lk.end == INT64_MAX) 570 fl->l_len = 0; 571 else 572 fl->l_len = flo->lk.end - flo->lk.start + 1; 573 fl->l_start = flo->lk.start; 574 } 575 } 576 577 out: 578 VOP_UNLOCK(vp); 579 return err; 580 } 581 582 static int 583 fuse_vnop_allocate(struct vop_allocate_args *ap) 584 { 585 struct vnode *vp = ap->a_vp; 586 off_t *len = ap->a_len; 587 off_t *offset = ap->a_offset; 588 struct ucred *cred = ap->a_cred; 589 struct fuse_filehandle *fufh; 590 struct mount *mp = vnode_mount(vp); 591 struct fuse_dispatcher fdi; 592 struct fuse_fallocate_in *ffi; 593 struct uio io; 594 pid_t pid = curthread->td_proc->p_pid; 595 struct fuse_vnode_data *fvdat = VTOFUD(vp); 596 off_t filesize; 597 int err; 598 599 if (fuse_isdeadfs(vp)) 600 return (ENXIO); 601 602 switch (vp->v_type) { 603 case VFIFO: 604 return (ESPIPE); 605 case VLNK: 606 case VREG: 607 if (vfs_isrdonly(mp)) 608 return (EROFS); 609 break; 610 default: 611 return (ENODEV); 612 } 613 614 if (vfs_isrdonly(mp)) 615 return (EROFS); 616 617 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 618 return (EINVAL); 619 620 io.uio_offset = *offset; 621 io.uio_resid = *len; 622 err = vn_rlimit_fsize(vp, &io, curthread); 623 if (err) 624 return (err); 625 626 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 627 if (err) 628 return (err); 629 630 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 631 632 err = fuse_vnode_size(vp, &filesize, cred, curthread); 633 if (err) 634 return (err); 635 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 636 637 fdisp_init(&fdi, sizeof(*ffi)); 638 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 639 ffi = fdi.indata; 640 ffi->fh = fufh->fh_id; 641 ffi->offset = *offset; 642 ffi->length = *len; 643 ffi->mode = 0; 644 err = fdisp_wait_answ(&fdi); 645 646 if (err == ENOSYS) { 647 fsess_set_notimpl(mp, FUSE_FALLOCATE); 648 err = EINVAL; 649 } else if (err == EOPNOTSUPP) { 650 /* 651 * The file system server does not support FUSE_FALLOCATE with 652 * the supplied mode for this particular file. 653 */ 654 err = EINVAL; 655 } else if (!err) { 656 *offset += *len; 657 *len = 0; 658 fuse_vnode_undirty_cached_timestamps(vp, false); 659 fuse_internal_clear_suid_on_write(vp, cred, curthread); 660 if (*offset > fvdat->cached_attrs.va_size) { 661 fuse_vnode_setsize(vp, *offset, false); 662 getnanouptime(&fvdat->last_local_modify); 663 } 664 } 665 666 fdisp_destroy(&fdi); 667 return (err); 668 } 669 670 /* { 671 struct vnode *a_vp; 672 daddr_t a_bn; 673 struct bufobj **a_bop; 674 daddr_t *a_bnp; 675 int *a_runp; 676 int *a_runb; 677 } */ 678 static int 679 fuse_vnop_bmap(struct vop_bmap_args *ap) 680 { 681 struct vnode *vp = ap->a_vp; 682 struct bufobj **bo = ap->a_bop; 683 struct thread *td = curthread; 684 struct mount *mp; 685 struct fuse_dispatcher fdi; 686 struct fuse_bmap_in *fbi; 687 struct fuse_bmap_out *fbo; 688 struct fuse_data *data; 689 struct fuse_vnode_data *fvdat = VTOFUD(vp); 690 uint64_t biosize; 691 off_t fsize; 692 daddr_t lbn = ap->a_bn; 693 daddr_t *pbn = ap->a_bnp; 694 int *runp = ap->a_runp; 695 int *runb = ap->a_runb; 696 int error = 0; 697 int maxrun; 698 699 if (fuse_isdeadfs(vp)) { 700 return ENXIO; 701 } 702 703 mp = vnode_mount(vp); 704 data = fuse_get_mpdata(mp); 705 biosize = fuse_iosize(vp); 706 maxrun = MIN(vp->v_mount->mnt_iosize_max / biosize - 1, 707 data->max_readahead_blocks); 708 709 if (bo != NULL) 710 *bo = &vp->v_bufobj; 711 712 /* 713 * The FUSE_BMAP operation does not include the runp and runb 714 * variables, so we must guess. Report nonzero contiguous runs so 715 * cluster_read will combine adjacent reads. It's worthwhile to reduce 716 * upcalls even if we don't know the true physical layout of the file. 717 * 718 * FUSE file systems may opt out of read clustering in two ways: 719 * * mounting with -onoclusterr 720 * * Setting max_readahead <= maxbcachebuf during FUSE_INIT 721 */ 722 if (runb != NULL) 723 *runb = MIN(lbn, maxrun); 724 if (runp != NULL && maxrun == 0) 725 *runp = 0; 726 else if (runp != NULL) { 727 /* 728 * If the file's size is cached, use that value to calculate 729 * runp, even if the cache is expired. runp is only advisory, 730 * and the risk of getting it wrong is not worth the cost of 731 * another upcall. 732 */ 733 if (fvdat->cached_attrs.va_size != VNOVAL) 734 fsize = fvdat->cached_attrs.va_size; 735 else 736 error = fuse_vnode_size(vp, &fsize, td->td_ucred, td); 737 if (error == 0) 738 *runp = MIN(MAX(0, fsize / (off_t)biosize - lbn - 1), 739 maxrun); 740 else 741 *runp = 0; 742 } 743 744 if (fsess_maybe_impl(mp, FUSE_BMAP)) { 745 fdisp_init(&fdi, sizeof(*fbi)); 746 fdisp_make_vp(&fdi, FUSE_BMAP, vp, td, td->td_ucred); 747 fbi = fdi.indata; 748 fbi->block = lbn; 749 fbi->blocksize = biosize; 750 error = fdisp_wait_answ(&fdi); 751 if (error == ENOSYS) { 752 fdisp_destroy(&fdi); 753 fsess_set_notimpl(mp, FUSE_BMAP); 754 error = 0; 755 } else { 756 fbo = fdi.answ; 757 if (error == 0 && pbn != NULL) 758 *pbn = fbo->block; 759 fdisp_destroy(&fdi); 760 return error; 761 } 762 } 763 764 /* If the daemon doesn't support BMAP, make up a sensible default */ 765 if (pbn != NULL) 766 *pbn = lbn * btodb(biosize); 767 return (error); 768 } 769 770 /* 771 struct vop_close_args { 772 struct vnode *a_vp; 773 int a_fflag; 774 struct ucred *a_cred; 775 struct thread *a_td; 776 }; 777 */ 778 static int 779 fuse_vnop_close(struct vop_close_args *ap) 780 { 781 struct vnode *vp = ap->a_vp; 782 struct mount *mp = vnode_mount(vp); 783 struct ucred *cred = ap->a_cred; 784 int fflag = ap->a_fflag; 785 struct thread *td = ap->a_td; 786 pid_t pid = td->td_proc->p_pid; 787 struct fuse_vnode_data *fvdat = VTOFUD(vp); 788 int err = 0; 789 790 if (fuse_isdeadfs(vp)) 791 return 0; 792 if (vnode_isdir(vp)) 793 return 0; 794 if (fflag & IO_NDELAY) 795 return 0; 796 797 err = fuse_flush(vp, cred, pid, fflag); 798 if (err == 0 && (fvdat->flag & FN_ATIMECHANGE) && !vfs_isrdonly(mp)) { 799 struct vattr vap; 800 struct fuse_data *data; 801 int dataflags; 802 int access_e = 0; 803 804 data = fuse_get_mpdata(mp); 805 dataflags = data->dataflags; 806 if (dataflags & FSESS_DEFAULT_PERMISSIONS) { 807 struct vattr va; 808 809 fuse_internal_getattr(vp, &va, cred, td); 810 access_e = vaccess(vp->v_type, va.va_mode, va.va_uid, 811 va.va_gid, VWRITE, cred); 812 } 813 if (access_e == 0) { 814 VATTR_NULL(&vap); 815 vap.va_atime = fvdat->cached_attrs.va_atime; 816 /* 817 * Ignore errors setting when setting atime. That 818 * should not cause close(2) to fail. 819 */ 820 fuse_internal_setattr(vp, &vap, td, NULL); 821 } 822 } 823 /* TODO: close the file handle, if we're sure it's no longer used */ 824 if ((fvdat->flag & FN_SIZECHANGE) != 0) { 825 fuse_vnode_savesize(vp, cred, td->td_proc->p_pid); 826 } 827 return err; 828 } 829 830 /* 831 struct vop_copy_file_range_args { 832 struct vop_generic_args a_gen; 833 struct vnode *a_invp; 834 off_t *a_inoffp; 835 struct vnode *a_outvp; 836 off_t *a_outoffp; 837 size_t *a_lenp; 838 unsigned int a_flags; 839 struct ucred *a_incred; 840 struct ucred *a_outcred; 841 struct thread *a_fsizetd; 842 } 843 */ 844 static int 845 fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) 846 { 847 struct vnode *invp = ap->a_invp; 848 struct vnode *outvp = ap->a_outvp; 849 struct mount *mp = vnode_mount(invp); 850 struct fuse_vnode_data *outfvdat = VTOFUD(outvp); 851 struct fuse_dispatcher fdi; 852 struct fuse_filehandle *infufh, *outfufh; 853 struct fuse_copy_file_range_in *fcfri; 854 struct ucred *incred = ap->a_incred; 855 struct ucred *outcred = ap->a_outcred; 856 struct fuse_write_out *fwo; 857 struct thread *td; 858 struct uio io; 859 off_t outfilesize; 860 ssize_t r = 0; 861 pid_t pid; 862 int err; 863 864 if (mp != vnode_mount(outvp)) 865 goto fallback; 866 867 if (incred->cr_uid != outcred->cr_uid) 868 goto fallback; 869 870 if (incred->cr_groups[0] != outcred->cr_groups[0]) 871 goto fallback; 872 873 if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE)) 874 goto fallback; 875 876 if (ap->a_fsizetd == NULL) 877 td = curthread; 878 else 879 td = ap->a_fsizetd; 880 pid = td->td_proc->p_pid; 881 882 /* Lock both vnodes, avoiding risk of deadlock. */ 883 do { 884 err = vn_lock(outvp, LK_EXCLUSIVE); 885 if (invp == outvp) 886 break; 887 if (err == 0) { 888 err = vn_lock(invp, LK_SHARED | LK_NOWAIT); 889 if (err == 0) 890 break; 891 VOP_UNLOCK(outvp); 892 err = vn_lock(invp, LK_SHARED); 893 if (err == 0) 894 VOP_UNLOCK(invp); 895 } 896 } while (err == 0); 897 if (err != 0) 898 return (err); 899 900 err = fuse_filehandle_getrw(invp, FREAD, &infufh, incred, pid); 901 if (err) 902 goto unlock; 903 904 err = fuse_filehandle_getrw(outvp, FWRITE, &outfufh, outcred, pid); 905 if (err) 906 goto unlock; 907 908 io.uio_resid = *ap->a_lenp; 909 if (ap->a_fsizetd) { 910 io.uio_offset = *ap->a_outoffp; 911 err = vn_rlimit_fsizex(outvp, &io, 0, &r, ap->a_fsizetd); 912 if (err != 0) 913 goto unlock; 914 } 915 916 err = fuse_vnode_size(outvp, &outfilesize, outcred, curthread); 917 if (err) 918 goto unlock; 919 920 err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp, 921 *ap->a_outoffp + io.uio_resid); 922 if (err) 923 goto unlock; 924 925 fdisp_init(&fdi, sizeof(*fcfri)); 926 fdisp_make_vp(&fdi, FUSE_COPY_FILE_RANGE, invp, td, incred); 927 fcfri = fdi.indata; 928 fcfri->fh_in = infufh->fh_id; 929 fcfri->off_in = *ap->a_inoffp; 930 fcfri->nodeid_out = VTOI(outvp); 931 fcfri->fh_out = outfufh->fh_id; 932 fcfri->off_out = *ap->a_outoffp; 933 fcfri->len = io.uio_resid; 934 fcfri->flags = 0; 935 936 err = fdisp_wait_answ(&fdi); 937 if (err == 0) { 938 fwo = fdi.answ; 939 *ap->a_lenp = fwo->size; 940 *ap->a_inoffp += fwo->size; 941 *ap->a_outoffp += fwo->size; 942 fuse_internal_clear_suid_on_write(outvp, outcred, td); 943 if (*ap->a_outoffp > outfvdat->cached_attrs.va_size) { 944 fuse_vnode_setsize(outvp, *ap->a_outoffp, false); 945 getnanouptime(&outfvdat->last_local_modify); 946 } 947 fuse_vnode_update(invp, FN_ATIMECHANGE); 948 fuse_vnode_update(outvp, FN_MTIMECHANGE | FN_CTIMECHANGE); 949 } 950 fdisp_destroy(&fdi); 951 952 unlock: 953 if (invp != outvp) 954 VOP_UNLOCK(invp); 955 VOP_UNLOCK(outvp); 956 957 if (err == ENOSYS) { 958 fsess_set_notimpl(mp, FUSE_COPY_FILE_RANGE); 959 fallback: 960 err = vn_generic_copy_file_range(ap->a_invp, ap->a_inoffp, 961 ap->a_outvp, ap->a_outoffp, ap->a_lenp, ap->a_flags, 962 ap->a_incred, ap->a_outcred, ap->a_fsizetd); 963 } 964 965 /* 966 * No need to call vn_rlimit_fsizex_res before return, since the uio is 967 * local. 968 */ 969 return (err); 970 } 971 972 static void 973 fdisp_make_mknod_for_fallback( 974 struct fuse_dispatcher *fdip, 975 struct componentname *cnp, 976 struct vnode *dvp, 977 uint64_t parentnid, 978 struct thread *td, 979 struct ucred *cred, 980 mode_t mode, 981 enum fuse_opcode *op) 982 { 983 struct fuse_mknod_in *fmni; 984 985 fdisp_init(fdip, sizeof(*fmni) + cnp->cn_namelen + 1); 986 *op = FUSE_MKNOD; 987 fdisp_make(fdip, *op, vnode_mount(dvp), parentnid, td, cred); 988 fmni = fdip->indata; 989 fmni->mode = mode; 990 fmni->rdev = 0; 991 memcpy((char *)fdip->indata + sizeof(*fmni), cnp->cn_nameptr, 992 cnp->cn_namelen); 993 ((char *)fdip->indata)[sizeof(*fmni) + cnp->cn_namelen] = '\0'; 994 } 995 /* 996 struct vnop_create_args { 997 struct vnode *a_dvp; 998 struct vnode **a_vpp; 999 struct componentname *a_cnp; 1000 struct vattr *a_vap; 1001 }; 1002 */ 1003 static int 1004 fuse_vnop_create(struct vop_create_args *ap) 1005 { 1006 struct vnode *dvp = ap->a_dvp; 1007 struct vnode **vpp = ap->a_vpp; 1008 struct componentname *cnp = ap->a_cnp; 1009 struct vattr *vap = ap->a_vap; 1010 struct thread *td = curthread; 1011 struct ucred *cred = cnp->cn_cred; 1012 1013 struct fuse_data *data; 1014 struct fuse_create_in *fci; 1015 struct fuse_entry_out *feo; 1016 struct fuse_open_out *foo; 1017 struct fuse_dispatcher fdi, fdi2; 1018 struct fuse_dispatcher *fdip = &fdi; 1019 struct fuse_dispatcher *fdip2 = NULL; 1020 1021 int err; 1022 1023 struct mount *mp = vnode_mount(dvp); 1024 data = fuse_get_mpdata(mp); 1025 uint64_t parentnid = VTOFUD(dvp)->nid; 1026 mode_t mode = MAKEIMODE(vap->va_type, vap->va_mode); 1027 enum fuse_opcode op; 1028 int flags; 1029 1030 if (fuse_isdeadfs(dvp)) 1031 return ENXIO; 1032 1033 /* FUSE expects sockets to be created with FUSE_MKNOD */ 1034 if (vap->va_type == VSOCK) 1035 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1036 1037 /* 1038 * VOP_CREATE doesn't tell us the open(2) flags, so we guess. Only a 1039 * writable mode makes sense, and we might as well include readability 1040 * too. 1041 */ 1042 flags = O_RDWR; 1043 1044 bzero(&fdi, sizeof(fdi)); 1045 1046 if (vap->va_type != VREG) 1047 return (EINVAL); 1048 1049 if (fsess_not_impl(mp, FUSE_CREATE) || vap->va_type == VSOCK) { 1050 /* Fallback to FUSE_MKNOD/FUSE_OPEN */ 1051 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, parentnid, td, 1052 cred, mode, &op); 1053 } else { 1054 /* Use FUSE_CREATE */ 1055 size_t insize; 1056 1057 op = FUSE_CREATE; 1058 fdisp_init(fdip, sizeof(*fci) + cnp->cn_namelen + 1); 1059 fdisp_make(fdip, op, vnode_mount(dvp), parentnid, td, cred); 1060 fci = fdip->indata; 1061 fci->mode = mode; 1062 fci->flags = O_CREAT | flags; 1063 if (fuse_libabi_geq(data, 7, 12)) { 1064 insize = sizeof(*fci); 1065 fci->umask = td->td_proc->p_pd->pd_cmask; 1066 } else { 1067 insize = sizeof(struct fuse_open_in); 1068 } 1069 1070 memcpy((char *)fdip->indata + insize, cnp->cn_nameptr, 1071 cnp->cn_namelen); 1072 ((char *)fdip->indata)[insize + cnp->cn_namelen] = '\0'; 1073 } 1074 1075 err = fdisp_wait_answ(fdip); 1076 1077 if (err) { 1078 if (err == ENOSYS && op == FUSE_CREATE) { 1079 fsess_set_notimpl(mp, FUSE_CREATE); 1080 fdisp_destroy(fdip); 1081 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, 1082 parentnid, td, cred, mode, &op); 1083 err = fdisp_wait_answ(fdip); 1084 } 1085 if (err) 1086 goto out; 1087 } 1088 1089 feo = fdip->answ; 1090 1091 if ((err = fuse_internal_checkentry(feo, vap->va_type))) { 1092 goto out; 1093 } 1094 1095 if (op == FUSE_CREATE) { 1096 if (fuse_libabi_geq(data, 7, 9)) 1097 foo = (struct fuse_open_out*)(feo + 1); 1098 else 1099 foo = (struct fuse_open_out*)((char*)feo + 1100 FUSE_COMPAT_ENTRY_OUT_SIZE); 1101 } else { 1102 /* Issue a separate FUSE_OPEN */ 1103 struct fuse_open_in *foi; 1104 1105 fdip2 = &fdi2; 1106 fdisp_init(fdip2, sizeof(*foi)); 1107 fdisp_make(fdip2, FUSE_OPEN, vnode_mount(dvp), feo->nodeid, td, 1108 cred); 1109 foi = fdip2->indata; 1110 foi->flags = flags; 1111 err = fdisp_wait_answ(fdip2); 1112 if (err) 1113 goto out; 1114 foo = fdip2->answ; 1115 } 1116 err = fuse_vnode_get(mp, feo, feo->nodeid, dvp, vpp, cnp, vap->va_type); 1117 if (err) { 1118 struct fuse_release_in *fri; 1119 uint64_t nodeid = feo->nodeid; 1120 uint64_t fh_id = foo->fh; 1121 1122 fdisp_destroy(fdip); 1123 fdisp_init(fdip, sizeof(*fri)); 1124 fdisp_make(fdip, FUSE_RELEASE, mp, nodeid, td, cred); 1125 fri = fdip->indata; 1126 fri->fh = fh_id; 1127 fri->flags = flags; 1128 fuse_insert_callback(fdip->tick, fuse_internal_forget_callback); 1129 fuse_insert_message(fdip->tick, false); 1130 goto out; 1131 } 1132 ASSERT_VOP_ELOCKED(*vpp, "fuse_vnop_create"); 1133 fuse_internal_cache_attrs(*vpp, &feo->attr, feo->attr_valid, 1134 feo->attr_valid_nsec, NULL, true); 1135 1136 fuse_filehandle_init(*vpp, FUFH_RDWR, NULL, td, cred, foo); 1137 fuse_vnode_open(*vpp, foo->open_flags, td); 1138 /* 1139 * Purge the parent's attribute cache because the daemon should've 1140 * updated its mtime and ctime 1141 */ 1142 fuse_vnode_clear_attr_cache(dvp); 1143 cache_purge_negative(dvp); 1144 1145 out: 1146 if (fdip2) 1147 fdisp_destroy(fdip2); 1148 fdisp_destroy(fdip); 1149 return err; 1150 } 1151 1152 /* 1153 struct vnop_fdatasync_args { 1154 struct vop_generic_args a_gen; 1155 struct vnode * a_vp; 1156 struct thread * a_td; 1157 }; 1158 */ 1159 static int 1160 fuse_vnop_fdatasync(struct vop_fdatasync_args *ap) 1161 { 1162 struct vnode *vp = ap->a_vp; 1163 struct thread *td = ap->a_td; 1164 int waitfor = MNT_WAIT; 1165 1166 int err = 0; 1167 1168 if (fuse_isdeadfs(vp)) { 1169 return 0; 1170 } 1171 if ((err = vop_stdfdatasync_buf(ap))) 1172 return err; 1173 1174 return fuse_internal_fsync(vp, td, waitfor, true); 1175 } 1176 1177 /* 1178 struct vnop_fsync_args { 1179 struct vop_generic_args a_gen; 1180 struct vnode * a_vp; 1181 int a_waitfor; 1182 struct thread * a_td; 1183 }; 1184 */ 1185 static int 1186 fuse_vnop_fsync(struct vop_fsync_args *ap) 1187 { 1188 struct vnode *vp = ap->a_vp; 1189 struct thread *td = ap->a_td; 1190 int waitfor = ap->a_waitfor; 1191 int err = 0; 1192 1193 if (fuse_isdeadfs(vp)) { 1194 return 0; 1195 } 1196 if ((err = vop_stdfsync(ap))) 1197 return err; 1198 1199 return fuse_internal_fsync(vp, td, waitfor, false); 1200 } 1201 1202 /* 1203 struct vnop_getattr_args { 1204 struct vnode *a_vp; 1205 struct vattr *a_vap; 1206 struct ucred *a_cred; 1207 struct thread *a_td; 1208 }; 1209 */ 1210 static int 1211 fuse_vnop_getattr(struct vop_getattr_args *ap) 1212 { 1213 struct vnode *vp = ap->a_vp; 1214 struct vattr *vap = ap->a_vap; 1215 struct ucred *cred = ap->a_cred; 1216 struct thread *td = curthread; 1217 1218 int err = 0; 1219 int dataflags; 1220 1221 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 1222 1223 /* Note that we are not bailing out on a dead file system just yet. */ 1224 1225 if (!(dataflags & FSESS_INITED)) { 1226 if (!vnode_isvroot(vp)) { 1227 fdata_set_dead(fuse_get_mpdata(vnode_mount(vp))); 1228 err = ENOTCONN; 1229 return err; 1230 } else { 1231 goto fake; 1232 } 1233 } 1234 err = fuse_internal_getattr(vp, vap, cred, td); 1235 if (err == ENOTCONN && vnode_isvroot(vp)) { 1236 /* see comment in fuse_vfsop_statfs() */ 1237 goto fake; 1238 } else { 1239 return err; 1240 } 1241 1242 fake: 1243 bzero(vap, sizeof(*vap)); 1244 vap->va_type = vnode_vtype(vp); 1245 1246 return 0; 1247 } 1248 1249 /* 1250 struct vnop_inactive_args { 1251 struct vnode *a_vp; 1252 }; 1253 */ 1254 static int 1255 fuse_vnop_inactive(struct vop_inactive_args *ap) 1256 { 1257 struct vnode *vp = ap->a_vp; 1258 struct thread *td = curthread; 1259 1260 struct fuse_vnode_data *fvdat = VTOFUD(vp); 1261 struct fuse_filehandle *fufh, *fufh_tmp; 1262 1263 int need_flush = 1; 1264 1265 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 1266 if (need_flush && vp->v_type == VREG) { 1267 if ((VTOFUD(vp)->flag & FN_SIZECHANGE) != 0) { 1268 fuse_vnode_savesize(vp, NULL, 0); 1269 } 1270 if ((fvdat->flag & FN_REVOKED) != 0) 1271 fuse_io_invalbuf(vp, td); 1272 else 1273 fuse_io_flushbuf(vp, MNT_WAIT, td); 1274 need_flush = 0; 1275 } 1276 fuse_filehandle_close(vp, fufh, td, NULL); 1277 } 1278 1279 if ((fvdat->flag & FN_REVOKED) != 0) 1280 vrecycle(vp); 1281 1282 return 0; 1283 } 1284 1285 /* 1286 struct vnop_ioctl_args { 1287 struct vnode *a_vp; 1288 u_long a_command; 1289 caddr_t a_data; 1290 int a_fflag; 1291 struct ucred *a_cred; 1292 struct thread *a_td; 1293 }; 1294 */ 1295 static int 1296 fuse_vnop_ioctl(struct vop_ioctl_args *ap) 1297 { 1298 struct vnode *vp = ap->a_vp; 1299 struct mount *mp = vnode_mount(vp); 1300 struct ucred *cred = ap->a_cred; 1301 off_t *offp; 1302 pid_t pid = ap->a_td->td_proc->p_pid; 1303 int err; 1304 1305 switch (ap->a_command) { 1306 case FIOSEEKDATA: 1307 case FIOSEEKHOLE: 1308 /* Call FUSE_LSEEK, if we can, or fall back to vop_stdioctl */ 1309 if (fsess_maybe_impl(mp, FUSE_LSEEK)) { 1310 int whence; 1311 1312 offp = ap->a_data; 1313 if (ap->a_command == FIOSEEKDATA) 1314 whence = SEEK_DATA; 1315 else 1316 whence = SEEK_HOLE; 1317 1318 vn_lock(vp, LK_SHARED | LK_RETRY); 1319 err = fuse_vnop_do_lseek(vp, ap->a_td, cred, pid, offp, 1320 whence); 1321 VOP_UNLOCK(vp); 1322 } 1323 if (fsess_not_impl(mp, FUSE_LSEEK)) 1324 err = vop_stdioctl(ap); 1325 break; 1326 default: 1327 /* TODO: implement FUSE_IOCTL */ 1328 err = ENOTTY; 1329 break; 1330 } 1331 return (err); 1332 } 1333 1334 1335 /* 1336 struct vnop_link_args { 1337 struct vnode *a_tdvp; 1338 struct vnode *a_vp; 1339 struct componentname *a_cnp; 1340 }; 1341 */ 1342 static int 1343 fuse_vnop_link(struct vop_link_args *ap) 1344 { 1345 struct vnode *vp = ap->a_vp; 1346 struct vnode *tdvp = ap->a_tdvp; 1347 struct componentname *cnp = ap->a_cnp; 1348 1349 struct vattr *vap = VTOVA(vp); 1350 1351 struct fuse_dispatcher fdi; 1352 struct fuse_entry_out *feo; 1353 struct fuse_link_in fli; 1354 1355 int err; 1356 1357 if (fuse_isdeadfs(vp)) { 1358 return ENXIO; 1359 } 1360 if (vnode_mount(tdvp) != vnode_mount(vp)) { 1361 return EXDEV; 1362 } 1363 1364 /* 1365 * This is a seatbelt check to protect naive userspace filesystems from 1366 * themselves and the limitations of the FUSE IPC protocol. If a 1367 * filesystem does not allow attribute caching, assume it is capable of 1368 * validating that nlink does not overflow. 1369 */ 1370 if (vap != NULL && vap->va_nlink >= FUSE_LINK_MAX) 1371 return EMLINK; 1372 fli.oldnodeid = VTOI(vp); 1373 1374 fdisp_init(&fdi, 0); 1375 fuse_internal_newentry_makerequest(vnode_mount(tdvp), VTOI(tdvp), cnp, 1376 FUSE_LINK, &fli, sizeof(fli), &fdi); 1377 if ((err = fdisp_wait_answ(&fdi))) { 1378 goto out; 1379 } 1380 feo = fdi.answ; 1381 1382 if (fli.oldnodeid != feo->nodeid) { 1383 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 1384 fuse_warn(data, FSESS_WARN_ILLEGAL_INODE, 1385 "Assigned wrong inode for a hard link."); 1386 fuse_vnode_clear_attr_cache(vp); 1387 fuse_vnode_clear_attr_cache(tdvp); 1388 err = EIO; 1389 goto out; 1390 } 1391 1392 err = fuse_internal_checkentry(feo, vnode_vtype(vp)); 1393 if (!err) { 1394 /* 1395 * Purge the parent's attribute cache because the daemon 1396 * should've updated its mtime and ctime 1397 */ 1398 fuse_vnode_clear_attr_cache(tdvp); 1399 fuse_internal_cache_attrs(vp, &feo->attr, feo->attr_valid, 1400 feo->attr_valid_nsec, NULL, true); 1401 } 1402 out: 1403 fdisp_destroy(&fdi); 1404 return err; 1405 } 1406 1407 struct fuse_lookup_alloc_arg { 1408 struct fuse_entry_out *feo; 1409 struct componentname *cnp; 1410 uint64_t nid; 1411 __enum_uint8(vtype) vtyp; 1412 }; 1413 1414 /* Callback for vn_get_ino */ 1415 static int 1416 fuse_lookup_alloc(struct mount *mp, void *arg, int lkflags, struct vnode **vpp) 1417 { 1418 struct fuse_lookup_alloc_arg *flaa = arg; 1419 1420 return fuse_vnode_get(mp, flaa->feo, flaa->nid, NULL, vpp, flaa->cnp, 1421 flaa->vtyp); 1422 } 1423 1424 SDT_PROBE_DEFINE3(fusefs, , vnops, cache_lookup, 1425 "int", "struct timespec*", "struct timespec*"); 1426 /* 1427 struct vnop_lookup_args { 1428 struct vnodeop_desc *a_desc; 1429 struct vnode *a_dvp; 1430 struct vnode **a_vpp; 1431 struct componentname *a_cnp; 1432 }; 1433 */ 1434 int 1435 fuse_vnop_lookup(struct vop_lookup_args *ap) 1436 { 1437 struct vnode *dvp = ap->a_dvp; 1438 struct vnode **vpp = ap->a_vpp; 1439 struct componentname *cnp = ap->a_cnp; 1440 struct thread *td = curthread; 1441 struct ucred *cred = cnp->cn_cred; 1442 struct timespec now; 1443 1444 int nameiop = cnp->cn_nameiop; 1445 int flags = cnp->cn_flags; 1446 int islastcn = flags & ISLASTCN; 1447 struct mount *mp = vnode_mount(dvp); 1448 struct fuse_data *data = fuse_get_mpdata(mp); 1449 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 1450 bool is_dot; 1451 1452 int err = 0; 1453 int lookup_err = 0; 1454 struct vnode *vp = NULL; 1455 1456 struct fuse_dispatcher fdi; 1457 bool did_lookup = false; 1458 struct fuse_entry_out *feo = NULL; 1459 __enum_uint8(vtype) vtyp; /* vnode type of target */ 1460 1461 uint64_t nid; 1462 1463 if (fuse_isdeadfs(dvp)) { 1464 *vpp = NULL; 1465 return ENXIO; 1466 } 1467 if (!vnode_isdir(dvp)) 1468 return ENOTDIR; 1469 1470 if (islastcn && vfs_isrdonly(mp) && (nameiop != LOOKUP)) 1471 return EROFS; 1472 1473 if ((cnp->cn_flags & NOEXECCHECK) != 0) 1474 cnp->cn_flags &= ~NOEXECCHECK; 1475 else if ((err = fuse_internal_access(dvp, VEXEC, td, cred))) 1476 return err; 1477 1478 is_dot = cnp->cn_namelen == 1 && *(cnp->cn_nameptr) == '.'; 1479 if ((flags & ISDOTDOT) && !(data->dataflags & FSESS_EXPORT_SUPPORT)) 1480 { 1481 if (!(VTOFUD(dvp)->flag & FN_PARENT_NID)) { 1482 /* 1483 * Since the file system doesn't support ".." lookups, 1484 * we have no way to find this entry. 1485 */ 1486 return ESTALE; 1487 } 1488 nid = VTOFUD(dvp)->parent_nid; 1489 if (nid == 0) 1490 return ENOENT; 1491 /* .. is obviously a directory */ 1492 vtyp = VDIR; 1493 } else if (is_dot) { 1494 nid = VTOI(dvp); 1495 /* . is obviously a directory */ 1496 vtyp = VDIR; 1497 } else { 1498 struct timespec timeout; 1499 int ncpticks; /* here to accommodate for API contract */ 1500 1501 err = cache_lookup(dvp, vpp, cnp, &timeout, &ncpticks); 1502 getnanouptime(&now); 1503 SDT_PROBE3(fusefs, , vnops, cache_lookup, err, &timeout, &now); 1504 switch (err) { 1505 case -1: /* positive match */ 1506 if (timespeccmp(&timeout, &now, >)) { 1507 counter_u64_add(fuse_lookup_cache_hits, 1); 1508 } else { 1509 /* Cache timeout */ 1510 counter_u64_add(fuse_lookup_cache_misses, 1); 1511 bintime_clear( 1512 &VTOFUD(*vpp)->entry_cache_timeout); 1513 cache_purge(*vpp); 1514 if (dvp != *vpp) 1515 vput(*vpp); 1516 else 1517 vrele(*vpp); 1518 *vpp = NULL; 1519 break; 1520 } 1521 return 0; 1522 1523 case 0: /* no match in cache */ 1524 counter_u64_add(fuse_lookup_cache_misses, 1); 1525 break; 1526 1527 case ENOENT: /* negative match */ 1528 if (timespeccmp(&timeout, &now, <=)) { 1529 /* Cache timeout */ 1530 cache_purge_negative(dvp); 1531 break; 1532 } 1533 /* fall through */ 1534 default: 1535 return err; 1536 } 1537 1538 fdisp_init(&fdi, cnp->cn_namelen + 1); 1539 fdisp_make(&fdi, FUSE_LOOKUP, mp, VTOI(dvp), td, cred); 1540 1541 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 1542 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 1543 lookup_err = fdisp_wait_answ(&fdi); 1544 did_lookup = true; 1545 1546 if (!lookup_err) { 1547 /* lookup call succeeded */ 1548 feo = (struct fuse_entry_out *)fdi.answ; 1549 nid = feo->nodeid; 1550 if (nid == 0) { 1551 /* zero nodeid means ENOENT and cache it */ 1552 struct timespec timeout; 1553 1554 fdi.answ_stat = ENOENT; 1555 lookup_err = ENOENT; 1556 if (cnp->cn_flags & MAKEENTRY) { 1557 fuse_validity_2_timespec(feo, &timeout); 1558 /* Use the same entry_time for .. as for 1559 * the file itself. That doesn't honor 1560 * exactly what the fuse server tells 1561 * us, but to do otherwise would require 1562 * another cache lookup at this point. 1563 */ 1564 struct timespec *dtsp = NULL; 1565 cache_enter_time(dvp, *vpp, cnp, 1566 &timeout, dtsp); 1567 } 1568 } 1569 vtyp = IFTOVT(feo->attr.mode); 1570 } 1571 if (lookup_err && (!fdi.answ_stat || lookup_err != ENOENT)) { 1572 fdisp_destroy(&fdi); 1573 return lookup_err; 1574 } 1575 } 1576 /* lookup_err, if non-zero, must be ENOENT at this point */ 1577 1578 if (lookup_err) { 1579 /* Entry not found */ 1580 if ((nameiop == CREATE || nameiop == RENAME) && islastcn) { 1581 if (default_permissions) 1582 err = fuse_internal_access(dvp, VWRITE, td, 1583 cred); 1584 else 1585 err = 0; 1586 if (!err) { 1587 err = EJUSTRETURN; 1588 } 1589 } else { 1590 err = ENOENT; 1591 } 1592 } else { 1593 /* Entry was found */ 1594 if (flags & ISDOTDOT) { 1595 struct fuse_lookup_alloc_arg flaa; 1596 1597 flaa.nid = nid; 1598 flaa.feo = feo; 1599 flaa.cnp = cnp; 1600 flaa.vtyp = vtyp; 1601 err = vn_vget_ino_gen(dvp, fuse_lookup_alloc, &flaa, 0, 1602 &vp); 1603 *vpp = vp; 1604 } else if (nid == VTOI(dvp)) { 1605 if (is_dot) { 1606 vref(dvp); 1607 *vpp = dvp; 1608 } else { 1609 fuse_warn(fuse_get_mpdata(mp), 1610 FSESS_WARN_ILLEGAL_INODE, 1611 "Assigned same inode to both parent and " 1612 "child."); 1613 err = EIO; 1614 } 1615 1616 } else { 1617 struct fuse_vnode_data *fvdat; 1618 1619 err = fuse_vnode_get(vnode_mount(dvp), feo, nid, dvp, 1620 &vp, cnp, vtyp); 1621 if (err) 1622 goto out; 1623 *vpp = vp; 1624 fvdat = VTOFUD(vp); 1625 1626 MPASS(feo != NULL); 1627 if (timespeccmp(&now, &fvdat->last_local_modify, >)) { 1628 /* 1629 * Attributes from the server are definitely 1630 * newer than the last attributes we sent to 1631 * the server, so cache them. 1632 */ 1633 fuse_internal_cache_attrs(*vpp, &feo->attr, 1634 feo->attr_valid, feo->attr_valid_nsec, 1635 NULL, true); 1636 } 1637 fuse_validity_2_bintime(feo->entry_valid, 1638 feo->entry_valid_nsec, 1639 &fvdat->entry_cache_timeout); 1640 1641 if ((nameiop == DELETE || nameiop == RENAME) && 1642 islastcn && default_permissions) 1643 { 1644 struct vattr dvattr; 1645 1646 err = fuse_internal_access(dvp, VWRITE, td, 1647 cred); 1648 if (err != 0) 1649 goto out; 1650 /* 1651 * if the parent's sticky bit is set, check 1652 * whether we're allowed to remove the file. 1653 * Need to figure out the vnode locking to make 1654 * this work. 1655 */ 1656 fuse_internal_getattr(dvp, &dvattr, cred, td); 1657 if ((dvattr.va_mode & S_ISTXT) && 1658 fuse_internal_access(dvp, VADMIN, td, 1659 cred) && 1660 fuse_internal_access(*vpp, VADMIN, td, 1661 cred)) { 1662 err = EPERM; 1663 goto out; 1664 } 1665 } 1666 } 1667 } 1668 out: 1669 if (err) { 1670 if (vp != NULL && dvp != vp) 1671 vput(vp); 1672 else if (vp != NULL) 1673 vrele(vp); 1674 *vpp = NULL; 1675 } 1676 if (did_lookup) 1677 fdisp_destroy(&fdi); 1678 1679 return err; 1680 } 1681 1682 /* 1683 struct vnop_mkdir_args { 1684 struct vnode *a_dvp; 1685 struct vnode **a_vpp; 1686 struct componentname *a_cnp; 1687 struct vattr *a_vap; 1688 }; 1689 */ 1690 static int 1691 fuse_vnop_mkdir(struct vop_mkdir_args *ap) 1692 { 1693 struct vnode *dvp = ap->a_dvp; 1694 struct vnode **vpp = ap->a_vpp; 1695 struct componentname *cnp = ap->a_cnp; 1696 struct vattr *vap = ap->a_vap; 1697 1698 struct fuse_mkdir_in fmdi; 1699 1700 if (fuse_isdeadfs(dvp)) { 1701 return ENXIO; 1702 } 1703 fmdi.mode = MAKEIMODE(vap->va_type, vap->va_mode); 1704 fmdi.umask = curthread->td_proc->p_pd->pd_cmask; 1705 1706 return (fuse_internal_newentry(dvp, vpp, cnp, FUSE_MKDIR, &fmdi, 1707 sizeof(fmdi), VDIR)); 1708 } 1709 1710 /* 1711 struct vnop_mknod_args { 1712 struct vnode *a_dvp; 1713 struct vnode **a_vpp; 1714 struct componentname *a_cnp; 1715 struct vattr *a_vap; 1716 }; 1717 */ 1718 static int 1719 fuse_vnop_mknod(struct vop_mknod_args *ap) 1720 { 1721 1722 struct vnode *dvp = ap->a_dvp; 1723 struct vnode **vpp = ap->a_vpp; 1724 struct componentname *cnp = ap->a_cnp; 1725 struct vattr *vap = ap->a_vap; 1726 1727 if (fuse_isdeadfs(dvp)) 1728 return ENXIO; 1729 1730 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1731 } 1732 1733 /* 1734 struct vop_open_args { 1735 struct vnode *a_vp; 1736 int a_mode; 1737 struct ucred *a_cred; 1738 struct thread *a_td; 1739 int a_fdidx; / struct file *a_fp; 1740 }; 1741 */ 1742 static int 1743 fuse_vnop_open(struct vop_open_args *ap) 1744 { 1745 struct vnode *vp = ap->a_vp; 1746 int a_mode = ap->a_mode; 1747 struct thread *td = ap->a_td; 1748 struct ucred *cred = ap->a_cred; 1749 pid_t pid = td->td_proc->p_pid; 1750 1751 if (fuse_isdeadfs(vp)) 1752 return ENXIO; 1753 if (vp->v_type == VCHR || vp->v_type == VBLK || vp->v_type == VFIFO) 1754 return (EOPNOTSUPP); 1755 if ((a_mode & (FREAD | FWRITE | FEXEC)) == 0) 1756 return EINVAL; 1757 1758 if (fuse_filehandle_validrw(vp, a_mode, cred, pid)) { 1759 fuse_vnode_open(vp, 0, td); 1760 return 0; 1761 } 1762 1763 return fuse_filehandle_open(vp, a_mode, NULL, td, cred); 1764 } 1765 1766 static int 1767 fuse_vnop_pathconf(struct vop_pathconf_args *ap) 1768 { 1769 struct vnode *vp = ap->a_vp; 1770 struct mount *mp; 1771 1772 switch (ap->a_name) { 1773 case _PC_FILESIZEBITS: 1774 *ap->a_retval = 64; 1775 return (0); 1776 case _PC_NAME_MAX: 1777 *ap->a_retval = NAME_MAX; 1778 return (0); 1779 case _PC_LINK_MAX: 1780 *ap->a_retval = MIN(LONG_MAX, FUSE_LINK_MAX); 1781 return (0); 1782 case _PC_SYMLINK_MAX: 1783 *ap->a_retval = MAXPATHLEN; 1784 return (0); 1785 case _PC_NO_TRUNC: 1786 *ap->a_retval = 1; 1787 return (0); 1788 case _PC_MIN_HOLE_SIZE: 1789 /* 1790 * The FUSE protocol provides no mechanism for a server to 1791 * report _PC_MIN_HOLE_SIZE. It's a protocol bug. Instead, 1792 * return EINVAL if the server does not support FUSE_LSEEK, or 1793 * 1 if it does. 1794 */ 1795 mp = vnode_mount(vp); 1796 if (!fsess_is_impl(mp, FUSE_LSEEK) && 1797 !fsess_not_impl(mp, FUSE_LSEEK)) { 1798 off_t offset = 0; 1799 1800 /* Issue a FUSE_LSEEK to find out if it's implemented */ 1801 fuse_vnop_do_lseek(vp, curthread, curthread->td_ucred, 1802 curthread->td_proc->p_pid, &offset, SEEK_DATA); 1803 } 1804 1805 if (fsess_is_impl(mp, FUSE_LSEEK)) { 1806 *ap->a_retval = 1; 1807 return (0); 1808 } else { 1809 /* 1810 * Probably FUSE_LSEEK is not implemented. It might 1811 * be, if the FUSE_LSEEK above returned an error like 1812 * EACCES, but in that case we can't tell, so it's 1813 * safest to report EINVAL anyway. 1814 */ 1815 return (EINVAL); 1816 } 1817 default: 1818 return (vop_stdpathconf(ap)); 1819 } 1820 } 1821 1822 SDT_PROBE_DEFINE3(fusefs, , vnops, filehandles_closed, "struct vnode*", 1823 "struct uio*", "struct ucred*"); 1824 /* 1825 struct vnop_read_args { 1826 struct vnode *a_vp; 1827 struct uio *a_uio; 1828 int a_ioflag; 1829 struct ucred *a_cred; 1830 }; 1831 */ 1832 static int 1833 fuse_vnop_read(struct vop_read_args *ap) 1834 { 1835 struct vnode *vp = ap->a_vp; 1836 struct uio *uio = ap->a_uio; 1837 int ioflag = ap->a_ioflag; 1838 struct ucred *cred = ap->a_cred; 1839 pid_t pid = curthread->td_proc->p_pid; 1840 struct fuse_filehandle *fufh; 1841 int err; 1842 bool closefufh = false, directio; 1843 1844 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 1845 1846 if (fuse_isdeadfs(vp)) { 1847 return ENXIO; 1848 } 1849 1850 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 1851 ioflag |= IO_DIRECT; 1852 } 1853 1854 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 1855 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 1856 /* 1857 * nfsd will do I/O without first doing VOP_OPEN. We 1858 * must implicitly open the file here 1859 */ 1860 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1861 closefufh = true; 1862 } 1863 if (err) { 1864 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 1865 return err; 1866 } 1867 1868 /* 1869 * Ideally, when the daemon asks for direct io at open time, the 1870 * standard file flag should be set according to this, so that would 1871 * just change the default mode, which later on could be changed via 1872 * fcntl(2). 1873 * But this doesn't work, the O_DIRECT flag gets cleared at some point 1874 * (don't know where). So to make any use of the Fuse direct_io option, 1875 * we hardwire it into the file's private data (similarly to Linux, 1876 * btw.). 1877 */ 1878 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 1879 1880 fuse_vnode_update(vp, FN_ATIMECHANGE); 1881 if (directio) { 1882 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct read of vnode"); 1883 err = fuse_read_directbackend(vp, uio, cred, fufh); 1884 } else { 1885 SDT_PROBE2(fusefs, , vnops, trace, 1, "buffered read of vnode"); 1886 err = fuse_read_biobackend(vp, uio, ioflag, cred, fufh, pid); 1887 } 1888 1889 if (closefufh) 1890 fuse_filehandle_close(vp, fufh, curthread, cred); 1891 1892 return (err); 1893 } 1894 1895 /* 1896 struct vnop_readdir_args { 1897 struct vnode *a_vp; 1898 struct uio *a_uio; 1899 struct ucred *a_cred; 1900 int *a_eofflag; 1901 int *a_ncookies; 1902 uint64_t **a_cookies; 1903 }; 1904 */ 1905 static int 1906 fuse_vnop_readdir(struct vop_readdir_args *ap) 1907 { 1908 struct vnode *vp = ap->a_vp; 1909 struct uio *uio = ap->a_uio; 1910 struct ucred *cred = ap->a_cred; 1911 struct fuse_filehandle *fufh = NULL; 1912 struct mount *mp = vnode_mount(vp); 1913 struct fuse_iov cookediov; 1914 int err = 0; 1915 uint64_t *cookies; 1916 ssize_t tresid; 1917 int ncookies; 1918 bool closefufh = false; 1919 pid_t pid = curthread->td_proc->p_pid; 1920 1921 if (ap->a_eofflag) 1922 *ap->a_eofflag = 0; 1923 if (fuse_isdeadfs(vp)) { 1924 return ENXIO; 1925 } 1926 if ( /* XXXIP ((uio_iovcnt(uio) > 1)) || */ 1927 (uio_resid(uio) < sizeof(struct dirent))) { 1928 return EINVAL; 1929 } 1930 1931 tresid = uio->uio_resid; 1932 err = fuse_filehandle_get_dir(vp, &fufh, cred, pid); 1933 if (err == EBADF && mp->mnt_flag & MNT_EXPORTED) { 1934 KASSERT(fuse_get_mpdata(mp)->dataflags 1935 & FSESS_NO_OPENDIR_SUPPORT, 1936 ("FUSE file systems that don't set " 1937 "FUSE_NO_OPENDIR_SUPPORT should not be exported")); 1938 /* 1939 * nfsd will do VOP_READDIR without first doing VOP_OPEN. We 1940 * must implicitly open the directory here. 1941 */ 1942 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1943 closefufh = true; 1944 } 1945 if (err) 1946 return (err); 1947 if (ap->a_ncookies != NULL) { 1948 ncookies = uio->uio_resid / 1949 (offsetof(struct dirent, d_name) + 4) + 1; 1950 cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK); 1951 *ap->a_ncookies = ncookies; 1952 *ap->a_cookies = cookies; 1953 } else { 1954 ncookies = 0; 1955 cookies = NULL; 1956 } 1957 #define DIRCOOKEDSIZE FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + MAXNAMLEN + 1) 1958 fiov_init(&cookediov, DIRCOOKEDSIZE); 1959 1960 err = fuse_internal_readdir(vp, uio, fufh, &cookediov, 1961 &ncookies, cookies); 1962 1963 fiov_teardown(&cookediov); 1964 if (closefufh) 1965 fuse_filehandle_close(vp, fufh, curthread, cred); 1966 1967 if (ap->a_ncookies != NULL) { 1968 if (err == 0) { 1969 *ap->a_ncookies -= ncookies; 1970 } else { 1971 free(*ap->a_cookies, M_TEMP); 1972 *ap->a_ncookies = 0; 1973 *ap->a_cookies = NULL; 1974 } 1975 } 1976 if (err == 0 && tresid == uio->uio_resid) 1977 *ap->a_eofflag = 1; 1978 1979 return err; 1980 } 1981 1982 /* 1983 struct vnop_readlink_args { 1984 struct vnode *a_vp; 1985 struct uio *a_uio; 1986 struct ucred *a_cred; 1987 }; 1988 */ 1989 static int 1990 fuse_vnop_readlink(struct vop_readlink_args *ap) 1991 { 1992 struct vnode *vp = ap->a_vp; 1993 struct uio *uio = ap->a_uio; 1994 struct ucred *cred = ap->a_cred; 1995 1996 struct fuse_dispatcher fdi; 1997 int err; 1998 1999 if (fuse_isdeadfs(vp)) { 2000 return ENXIO; 2001 } 2002 if (!vnode_islnk(vp)) { 2003 return EINVAL; 2004 } 2005 fdisp_init(&fdi, 0); 2006 err = fdisp_simple_putget_vp(&fdi, FUSE_READLINK, vp, curthread, cred); 2007 if (err) { 2008 goto out; 2009 } 2010 if (strnlen(fdi.answ, fdi.iosize) + 1 < fdi.iosize) { 2011 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 2012 fuse_warn(data, FSESS_WARN_READLINK_EMBEDDED_NUL, 2013 "Returned an embedded NUL from FUSE_READLINK."); 2014 err = EIO; 2015 goto out; 2016 } 2017 if (((char *)fdi.answ)[0] == '/' && 2018 fuse_get_mpdata(vnode_mount(vp))->dataflags & FSESS_PUSH_SYMLINKS_IN) { 2019 char *mpth = vnode_mount(vp)->mnt_stat.f_mntonname; 2020 2021 err = uiomove(mpth, strlen(mpth), uio); 2022 } 2023 if (!err) { 2024 err = uiomove(fdi.answ, fdi.iosize, uio); 2025 } 2026 out: 2027 fdisp_destroy(&fdi); 2028 return err; 2029 } 2030 2031 /* 2032 struct vnop_reclaim_args { 2033 struct vnode *a_vp; 2034 }; 2035 */ 2036 static int 2037 fuse_vnop_reclaim(struct vop_reclaim_args *ap) 2038 { 2039 struct vnode *vp = ap->a_vp; 2040 struct thread *td = curthread; 2041 struct fuse_vnode_data *fvdat = VTOFUD(vp); 2042 struct fuse_filehandle *fufh, *fufh_tmp; 2043 2044 if (!fvdat) { 2045 panic("FUSE: no vnode data during recycling"); 2046 } 2047 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 2048 printf("FUSE: vnode being reclaimed with open fufh " 2049 "(type=%#x)", fufh->fufh_type); 2050 fuse_filehandle_close(vp, fufh, td, NULL); 2051 } 2052 2053 if (VTOI(vp) == 1) { 2054 /* 2055 * Don't send FUSE_FORGET for the root inode, because 2056 * we never send FUSE_LOOKUP for it (see 2057 * fuse_vfsop_root) and we don't want the server to see 2058 * mismatched lookup counts. 2059 */ 2060 struct fuse_data *data; 2061 struct vnode *vroot; 2062 2063 data = fuse_get_mpdata(vnode_mount(vp)); 2064 FUSE_LOCK(); 2065 vroot = data->vroot; 2066 data->vroot = NULL; 2067 FUSE_UNLOCK(); 2068 if (vroot) 2069 vrele(vroot); 2070 } else if (!fuse_isdeadfs(vp) && fvdat->nlookup > 0) { 2071 fuse_internal_forget_send(vnode_mount(vp), td, NULL, VTOI(vp), 2072 fvdat->nlookup); 2073 } 2074 cache_purge(vp); 2075 vfs_hash_remove(vp); 2076 fuse_vnode_destroy(vp); 2077 2078 return 0; 2079 } 2080 2081 /* 2082 struct vnop_remove_args { 2083 struct vnode *a_dvp; 2084 struct vnode *a_vp; 2085 struct componentname *a_cnp; 2086 }; 2087 */ 2088 static int 2089 fuse_vnop_remove(struct vop_remove_args *ap) 2090 { 2091 struct vnode *dvp = ap->a_dvp; 2092 struct vnode *vp = ap->a_vp; 2093 struct componentname *cnp = ap->a_cnp; 2094 2095 int err; 2096 2097 if (fuse_isdeadfs(vp)) { 2098 return ENXIO; 2099 } 2100 if (vnode_isdir(vp)) { 2101 return EPERM; 2102 } 2103 2104 err = fuse_internal_remove(dvp, vp, cnp, FUSE_UNLINK); 2105 2106 return err; 2107 } 2108 2109 /* 2110 struct vnop_rename_args { 2111 struct vnode *a_fdvp; 2112 struct vnode *a_fvp; 2113 struct componentname *a_fcnp; 2114 struct vnode *a_tdvp; 2115 struct vnode *a_tvp; 2116 struct componentname *a_tcnp; 2117 }; 2118 */ 2119 static int 2120 fuse_vnop_rename(struct vop_rename_args *ap) 2121 { 2122 struct vnode *fdvp = ap->a_fdvp; 2123 struct vnode *fvp = ap->a_fvp; 2124 struct componentname *fcnp = ap->a_fcnp; 2125 struct vnode *tdvp = ap->a_tdvp; 2126 struct vnode *tvp = ap->a_tvp; 2127 struct componentname *tcnp = ap->a_tcnp; 2128 struct fuse_data *data; 2129 bool newparent = fdvp != tdvp; 2130 bool isdir = fvp->v_type == VDIR; 2131 int err = 0; 2132 2133 if (fuse_isdeadfs(fdvp)) { 2134 return ENXIO; 2135 } 2136 if (fvp->v_mount != tdvp->v_mount || 2137 (tvp && fvp->v_mount != tvp->v_mount)) { 2138 SDT_PROBE2(fusefs, , vnops, trace, 1, "cross-device rename"); 2139 err = EXDEV; 2140 goto out; 2141 } 2142 cache_purge(fvp); 2143 2144 /* 2145 * FUSE library is expected to check if target directory is not 2146 * under the source directory in the file system tree. 2147 * Linux performs this check at VFS level. 2148 */ 2149 /* 2150 * If source is a directory, and it will get a new parent, user must 2151 * have write permission to it, so ".." can be modified. 2152 */ 2153 data = fuse_get_mpdata(vnode_mount(tdvp)); 2154 if (data->dataflags & FSESS_DEFAULT_PERMISSIONS && isdir && newparent) { 2155 err = fuse_internal_access(fvp, VWRITE, 2156 curthread, tcnp->cn_cred); 2157 if (err) 2158 goto out; 2159 } 2160 sx_xlock(&data->rename_lock); 2161 err = fuse_internal_rename(fdvp, fcnp, tdvp, tcnp); 2162 if (err == 0) { 2163 if (tdvp != fdvp) 2164 fuse_vnode_setparent(fvp, tdvp); 2165 if (tvp != NULL) 2166 fuse_vnode_setparent(tvp, NULL); 2167 } 2168 sx_unlock(&data->rename_lock); 2169 2170 if (tvp != NULL && tvp != fvp) { 2171 cache_purge(tvp); 2172 } 2173 if (vnode_isdir(fvp)) { 2174 if (((tvp != NULL) && vnode_isdir(tvp)) || vnode_isdir(fvp)) { 2175 cache_purge(tdvp); 2176 } 2177 cache_purge(fdvp); 2178 } 2179 out: 2180 if (tdvp == tvp) { 2181 vrele(tdvp); 2182 } else { 2183 vput(tdvp); 2184 } 2185 if (tvp != NULL) { 2186 vput(tvp); 2187 } 2188 vrele(fdvp); 2189 vrele(fvp); 2190 2191 return err; 2192 } 2193 2194 /* 2195 struct vnop_rmdir_args { 2196 struct vnode *a_dvp; 2197 struct vnode *a_vp; 2198 struct componentname *a_cnp; 2199 } *ap; 2200 */ 2201 static int 2202 fuse_vnop_rmdir(struct vop_rmdir_args *ap) 2203 { 2204 struct vnode *dvp = ap->a_dvp; 2205 struct vnode *vp = ap->a_vp; 2206 2207 int err; 2208 2209 if (fuse_isdeadfs(vp)) { 2210 return ENXIO; 2211 } 2212 if (VTOFUD(vp) == VTOFUD(dvp)) { 2213 return EINVAL; 2214 } 2215 err = fuse_internal_remove(dvp, vp, ap->a_cnp, FUSE_RMDIR); 2216 2217 return err; 2218 } 2219 2220 /* 2221 struct vnop_setattr_args { 2222 struct vnode *a_vp; 2223 struct vattr *a_vap; 2224 struct ucred *a_cred; 2225 struct thread *a_td; 2226 }; 2227 */ 2228 static int 2229 fuse_vnop_setattr(struct vop_setattr_args *ap) 2230 { 2231 struct vnode *vp = ap->a_vp; 2232 struct vattr *vap = ap->a_vap; 2233 struct ucred *cred = ap->a_cred; 2234 struct thread *td = curthread; 2235 struct mount *mp; 2236 struct fuse_data *data; 2237 struct vattr old_va; 2238 int dataflags; 2239 int err = 0, err2; 2240 accmode_t accmode = 0; 2241 bool checkperm; 2242 bool drop_suid = false; 2243 2244 mp = vnode_mount(vp); 2245 data = fuse_get_mpdata(mp); 2246 dataflags = data->dataflags; 2247 checkperm = dataflags & FSESS_DEFAULT_PERMISSIONS; 2248 2249 if (fuse_isdeadfs(vp)) { 2250 return ENXIO; 2251 } 2252 2253 if (vap->va_uid != (uid_t)VNOVAL) { 2254 if (checkperm) { 2255 /* Only root may change a file's owner */ 2256 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2257 if (err) { 2258 /* As a special case, allow the null chown */ 2259 err2 = fuse_internal_getattr(vp, &old_va, cred, 2260 td); 2261 if (err2) 2262 return (err2); 2263 if (vap->va_uid != old_va.va_uid) 2264 return err; 2265 else 2266 accmode |= VADMIN; 2267 drop_suid = true; 2268 } else 2269 accmode |= VADMIN; 2270 } else 2271 accmode |= VADMIN; 2272 } 2273 if (vap->va_gid != (gid_t)VNOVAL) { 2274 if (checkperm && priv_check_cred(cred, PRIV_VFS_CHOWN)) 2275 drop_suid = true; 2276 if (checkperm && !groupmember(vap->va_gid, cred)) 2277 { 2278 /* 2279 * Non-root users may only chgrp to one of their own 2280 * groups 2281 */ 2282 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2283 if (err) { 2284 /* As a special case, allow the null chgrp */ 2285 err2 = fuse_internal_getattr(vp, &old_va, cred, 2286 td); 2287 if (err2) 2288 return (err2); 2289 if (vap->va_gid != old_va.va_gid) 2290 return err; 2291 accmode |= VADMIN; 2292 } else 2293 accmode |= VADMIN; 2294 } else 2295 accmode |= VADMIN; 2296 } 2297 if (vap->va_size != VNOVAL) { 2298 switch (vp->v_type) { 2299 case VDIR: 2300 return (EISDIR); 2301 case VLNK: 2302 case VREG: 2303 if (vfs_isrdonly(mp)) 2304 return (EROFS); 2305 err = vn_rlimit_trunc(vap->va_size, td); 2306 if (err) 2307 return (err); 2308 break; 2309 default: 2310 /* 2311 * According to POSIX, the result is unspecified 2312 * for file types other than regular files, 2313 * directories and shared memory objects. We 2314 * don't support shared memory objects in the file 2315 * system, and have dubious support for truncating 2316 * symlinks. Just ignore the request in other cases. 2317 */ 2318 return (0); 2319 } 2320 /* Don't set accmode. Permission to trunc is checked upstack */ 2321 } 2322 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 2323 if (vap->va_vaflags & VA_UTIMES_NULL) 2324 accmode |= VWRITE; 2325 else 2326 accmode |= VADMIN; 2327 } 2328 if (drop_suid) { 2329 if (vap->va_mode != (mode_t)VNOVAL) 2330 vap->va_mode &= ~(S_ISUID | S_ISGID); 2331 else { 2332 err = fuse_internal_getattr(vp, &old_va, cred, td); 2333 if (err) 2334 return (err); 2335 vap->va_mode = old_va.va_mode & ~(S_ISUID | S_ISGID); 2336 } 2337 } 2338 if (vap->va_mode != (mode_t)VNOVAL) { 2339 /* Only root may set the sticky bit on non-directories */ 2340 if (checkperm && vp->v_type != VDIR && (vap->va_mode & S_ISTXT) 2341 && priv_check_cred(cred, PRIV_VFS_STICKYFILE)) 2342 return EFTYPE; 2343 if (checkperm && (vap->va_mode & S_ISGID)) { 2344 err = fuse_internal_getattr(vp, &old_va, cred, td); 2345 if (err) 2346 return (err); 2347 if (!groupmember(old_va.va_gid, cred)) { 2348 err = priv_check_cred(cred, PRIV_VFS_SETGID); 2349 if (err) 2350 return (err); 2351 } 2352 } 2353 accmode |= VADMIN; 2354 } 2355 2356 if (vfs_isrdonly(mp)) 2357 return EROFS; 2358 2359 if (checkperm) { 2360 err = fuse_internal_access(vp, accmode, td, cred); 2361 } else { 2362 err = 0; 2363 } 2364 if (err) 2365 return err; 2366 else 2367 return fuse_internal_setattr(vp, vap, td, cred); 2368 } 2369 2370 /* 2371 struct vnop_strategy_args { 2372 struct vnode *a_vp; 2373 struct buf *a_bp; 2374 }; 2375 */ 2376 static int 2377 fuse_vnop_strategy(struct vop_strategy_args *ap) 2378 { 2379 struct vnode *vp = ap->a_vp; 2380 struct buf *bp = ap->a_bp; 2381 2382 if (!vp || fuse_isdeadfs(vp)) { 2383 bp->b_ioflags |= BIO_ERROR; 2384 bp->b_error = ENXIO; 2385 bufdone(bp); 2386 return 0; 2387 } 2388 2389 /* 2390 * VOP_STRATEGY always returns zero and signals error via bp->b_ioflags. 2391 * fuse_io_strategy sets bp's error fields 2392 */ 2393 (void)fuse_io_strategy(vp, bp); 2394 2395 return 0; 2396 } 2397 2398 /* 2399 struct vnop_symlink_args { 2400 struct vnode *a_dvp; 2401 struct vnode **a_vpp; 2402 struct componentname *a_cnp; 2403 struct vattr *a_vap; 2404 char *a_target; 2405 }; 2406 */ 2407 static int 2408 fuse_vnop_symlink(struct vop_symlink_args *ap) 2409 { 2410 struct vnode *dvp = ap->a_dvp; 2411 struct vnode **vpp = ap->a_vpp; 2412 struct componentname *cnp = ap->a_cnp; 2413 const char *target = ap->a_target; 2414 2415 struct fuse_dispatcher fdi; 2416 2417 int err; 2418 size_t len; 2419 2420 if (fuse_isdeadfs(dvp)) { 2421 return ENXIO; 2422 } 2423 /* 2424 * Unlike the other creator type calls, here we have to create a message 2425 * where the name of the new entry comes first, and the data describing 2426 * the entry comes second. 2427 * Hence we can't rely on our handy fuse_internal_newentry() routine, 2428 * but put together the message manually and just call the core part. 2429 */ 2430 2431 len = strlen(target) + 1; 2432 fdisp_init(&fdi, len + cnp->cn_namelen + 1); 2433 fdisp_make_vp(&fdi, FUSE_SYMLINK, dvp, curthread, NULL); 2434 2435 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 2436 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 2437 memcpy((char *)fdi.indata + cnp->cn_namelen + 1, target, len); 2438 2439 err = fuse_internal_newentry_core(dvp, vpp, cnp, VLNK, &fdi); 2440 fdisp_destroy(&fdi); 2441 return err; 2442 } 2443 2444 /* 2445 struct vnop_write_args { 2446 struct vnode *a_vp; 2447 struct uio *a_uio; 2448 int a_ioflag; 2449 struct ucred *a_cred; 2450 }; 2451 */ 2452 static int 2453 fuse_vnop_write(struct vop_write_args *ap) 2454 { 2455 struct vnode *vp = ap->a_vp; 2456 struct uio *uio = ap->a_uio; 2457 int ioflag = ap->a_ioflag; 2458 struct ucred *cred = ap->a_cred; 2459 pid_t pid = curthread->td_proc->p_pid; 2460 struct fuse_filehandle *fufh; 2461 int err; 2462 bool closefufh = false, directio; 2463 2464 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 2465 2466 if (fuse_isdeadfs(vp)) { 2467 return ENXIO; 2468 } 2469 2470 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 2471 ioflag |= IO_DIRECT; 2472 } 2473 2474 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2475 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 2476 /* 2477 * nfsd will do I/O without first doing VOP_OPEN. We 2478 * must implicitly open the file here 2479 */ 2480 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 2481 closefufh = true; 2482 } 2483 if (err) { 2484 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 2485 return err; 2486 } 2487 2488 /* 2489 * Ideally, when the daemon asks for direct io at open time, the 2490 * standard file flag should be set according to this, so that would 2491 * just change the default mode, which later on could be changed via 2492 * fcntl(2). 2493 * But this doesn't work, the O_DIRECT flag gets cleared at some point 2494 * (don't know where). So to make any use of the Fuse direct_io option, 2495 * we hardwire it into the file's private data (similarly to Linux, 2496 * btw.). 2497 */ 2498 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 2499 2500 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 2501 if (directio) { 2502 off_t start, end, filesize; 2503 bool pages = (ioflag & IO_VMIO) != 0; 2504 2505 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct write of vnode"); 2506 2507 err = fuse_vnode_size(vp, &filesize, cred, curthread); 2508 if (err) 2509 goto out; 2510 2511 start = uio->uio_offset; 2512 end = start + uio->uio_resid; 2513 if (!pages) { 2514 err = fuse_inval_buf_range(vp, filesize, start, 2515 end); 2516 if (err) 2517 goto out; 2518 } 2519 err = fuse_write_directbackend(vp, uio, cred, fufh, 2520 filesize, ioflag, pages); 2521 } else { 2522 SDT_PROBE2(fusefs, , vnops, trace, 1, 2523 "buffered write of vnode"); 2524 if (!fsess_opt_writeback(vnode_mount(vp))) 2525 ioflag |= IO_SYNC; 2526 err = fuse_write_biobackend(vp, uio, cred, fufh, ioflag, pid); 2527 } 2528 fuse_internal_clear_suid_on_write(vp, cred, uio->uio_td); 2529 2530 out: 2531 if (closefufh) 2532 fuse_filehandle_close(vp, fufh, curthread, cred); 2533 2534 return (err); 2535 } 2536 2537 static daddr_t 2538 fuse_gbp_getblkno(struct vnode *vp, vm_ooffset_t off) 2539 { 2540 const int biosize = fuse_iosize(vp); 2541 2542 return (off / biosize); 2543 } 2544 2545 static int 2546 fuse_gbp_getblksz(struct vnode *vp, daddr_t lbn, long *blksz) 2547 { 2548 off_t filesize; 2549 int err; 2550 const int biosize = fuse_iosize(vp); 2551 2552 err = fuse_vnode_size(vp, &filesize, NULL, NULL); 2553 if (err) { 2554 /* This will turn into a SIGBUS */ 2555 return (EIO); 2556 } else if ((off_t)lbn * biosize >= filesize) { 2557 *blksz = 0; 2558 } else if ((off_t)(lbn + 1) * biosize > filesize) { 2559 *blksz = filesize - (off_t)lbn *biosize; 2560 } else { 2561 *blksz = biosize; 2562 } 2563 return (0); 2564 } 2565 2566 /* 2567 struct vnop_getpages_args { 2568 struct vnode *a_vp; 2569 vm_page_t *a_m; 2570 int a_count; 2571 int a_reqpage; 2572 }; 2573 */ 2574 static int 2575 fuse_vnop_getpages(struct vop_getpages_args *ap) 2576 { 2577 struct vnode *vp = ap->a_vp; 2578 2579 if (!fsess_opt_mmap(vnode_mount(vp))) { 2580 SDT_PROBE2(fusefs, , vnops, trace, 1, 2581 "called on non-cacheable vnode??\n"); 2582 return (VM_PAGER_ERROR); 2583 } 2584 2585 return (vfs_bio_getpages(vp, ap->a_m, ap->a_count, ap->a_rbehind, 2586 ap->a_rahead, fuse_gbp_getblkno, fuse_gbp_getblksz)); 2587 } 2588 2589 static const char extattr_namespace_separator = '.'; 2590 2591 /* 2592 struct vop_getextattr_args { 2593 struct vop_generic_args a_gen; 2594 struct vnode *a_vp; 2595 int a_attrnamespace; 2596 const char *a_name; 2597 struct uio *a_uio; 2598 size_t *a_size; 2599 struct ucred *a_cred; 2600 struct thread *a_td; 2601 }; 2602 */ 2603 static int 2604 fuse_vnop_getextattr(struct vop_getextattr_args *ap) 2605 { 2606 struct vnode *vp = ap->a_vp; 2607 struct uio *uio = ap->a_uio; 2608 struct fuse_dispatcher fdi; 2609 struct fuse_getxattr_in *get_xattr_in; 2610 struct fuse_getxattr_out *get_xattr_out; 2611 struct mount *mp = vnode_mount(vp); 2612 struct thread *td = ap->a_td; 2613 struct ucred *cred = ap->a_cred; 2614 char *prefix; 2615 char *attr_str; 2616 size_t len; 2617 int err; 2618 2619 if (fuse_isdeadfs(vp)) 2620 return (ENXIO); 2621 2622 if (fsess_not_impl(mp, FUSE_GETXATTR)) 2623 return EOPNOTSUPP; 2624 2625 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2626 if (err) 2627 return err; 2628 2629 /* Default to looking for user attributes. */ 2630 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2631 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2632 else 2633 prefix = EXTATTR_NAMESPACE_USER_STRING; 2634 2635 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2636 strlen(ap->a_name) + 1; 2637 2638 fdisp_init(&fdi, len + sizeof(*get_xattr_in)); 2639 fdisp_make_vp(&fdi, FUSE_GETXATTR, vp, td, cred); 2640 2641 get_xattr_in = fdi.indata; 2642 /* 2643 * Check to see whether we're querying the available size or 2644 * issuing the actual request. If we pass in 0, we get back struct 2645 * fuse_getxattr_out. If we pass in a non-zero size, we get back 2646 * that much data, without the struct fuse_getxattr_out header. 2647 */ 2648 if (uio == NULL) 2649 get_xattr_in->size = 0; 2650 else 2651 get_xattr_in->size = uio->uio_resid; 2652 2653 attr_str = (char *)fdi.indata + sizeof(*get_xattr_in); 2654 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2655 ap->a_name); 2656 2657 err = fdisp_wait_answ(&fdi); 2658 if (err != 0) { 2659 if (err == ENOSYS) { 2660 fsess_set_notimpl(mp, FUSE_GETXATTR); 2661 err = EOPNOTSUPP; 2662 } 2663 goto out; 2664 } 2665 2666 get_xattr_out = fdi.answ; 2667 2668 if (ap->a_size != NULL) 2669 *ap->a_size = get_xattr_out->size; 2670 2671 if (uio != NULL) 2672 err = uiomove(fdi.answ, fdi.iosize, uio); 2673 2674 out: 2675 fdisp_destroy(&fdi); 2676 return (err); 2677 } 2678 2679 /* 2680 struct vop_setextattr_args { 2681 struct vop_generic_args a_gen; 2682 struct vnode *a_vp; 2683 int a_attrnamespace; 2684 const char *a_name; 2685 struct uio *a_uio; 2686 struct ucred *a_cred; 2687 struct thread *a_td; 2688 }; 2689 */ 2690 static int 2691 fuse_vnop_setextattr(struct vop_setextattr_args *ap) 2692 { 2693 struct vnode *vp = ap->a_vp; 2694 struct uio *uio = ap->a_uio; 2695 struct fuse_dispatcher fdi; 2696 struct fuse_setxattr_in *set_xattr_in; 2697 struct mount *mp = vnode_mount(vp); 2698 struct thread *td = ap->a_td; 2699 struct ucred *cred = ap->a_cred; 2700 char *prefix; 2701 size_t len; 2702 char *attr_str; 2703 int err; 2704 2705 if (fuse_isdeadfs(vp)) 2706 return (ENXIO); 2707 2708 if (fsess_not_impl(mp, FUSE_SETXATTR)) 2709 return EOPNOTSUPP; 2710 2711 if (vfs_isrdonly(mp)) 2712 return EROFS; 2713 2714 /* Deleting xattrs must use VOP_DELETEEXTATTR instead */ 2715 if (ap->a_uio == NULL) { 2716 /* 2717 * If we got here as fallback from VOP_DELETEEXTATTR, then 2718 * return EOPNOTSUPP. 2719 */ 2720 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 2721 return (EOPNOTSUPP); 2722 else 2723 return (EINVAL); 2724 } 2725 2726 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 2727 VWRITE); 2728 if (err) 2729 return err; 2730 2731 /* Default to looking for user attributes. */ 2732 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2733 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2734 else 2735 prefix = EXTATTR_NAMESPACE_USER_STRING; 2736 2737 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2738 strlen(ap->a_name) + 1; 2739 2740 fdisp_init(&fdi, len + sizeof(*set_xattr_in) + uio->uio_resid); 2741 fdisp_make_vp(&fdi, FUSE_SETXATTR, vp, td, cred); 2742 2743 set_xattr_in = fdi.indata; 2744 set_xattr_in->size = uio->uio_resid; 2745 2746 attr_str = (char *)fdi.indata + sizeof(*set_xattr_in); 2747 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2748 ap->a_name); 2749 2750 err = uiomove((char *)fdi.indata + sizeof(*set_xattr_in) + len, 2751 uio->uio_resid, uio); 2752 if (err != 0) { 2753 goto out; 2754 } 2755 2756 err = fdisp_wait_answ(&fdi); 2757 2758 if (err == ENOSYS) { 2759 fsess_set_notimpl(mp, FUSE_SETXATTR); 2760 err = EOPNOTSUPP; 2761 } 2762 if (err == ERESTART) { 2763 /* Can't restart after calling uiomove */ 2764 err = EINTR; 2765 } 2766 2767 out: 2768 fdisp_destroy(&fdi); 2769 return (err); 2770 } 2771 2772 /* 2773 * The Linux / FUSE extended attribute list is simply a collection of 2774 * NUL-terminated strings. The FreeBSD extended attribute list is a single 2775 * byte length followed by a non-NUL terminated string. So, this allows 2776 * conversion of the Linux / FUSE format to the FreeBSD format in place. 2777 * Linux attribute names are reported with the namespace as a prefix (e.g. 2778 * "user.attribute_name"), but in FreeBSD they are reported without the 2779 * namespace prefix (e.g. "attribute_name"). So, we're going from: 2780 * 2781 * user.attr_name1\0user.attr_name2\0 2782 * 2783 * to: 2784 * 2785 * <num>attr_name1<num>attr_name2 2786 * 2787 * Where "<num>" is a single byte number of characters in the attribute name. 2788 * 2789 * Args: 2790 * prefix - exattr namespace prefix string 2791 * list, list_len - input list with namespace prefixes 2792 * bsd_list, bsd_list_len - output list compatible with bsd vfs 2793 */ 2794 static int 2795 fuse_xattrlist_convert(char *prefix, const char *list, int list_len, 2796 char *bsd_list, int *bsd_list_len) 2797 { 2798 int len, pos, dist_to_next, prefix_len; 2799 2800 pos = 0; 2801 *bsd_list_len = 0; 2802 prefix_len = strlen(prefix); 2803 2804 while (pos < list_len && list[pos] != '\0') { 2805 dist_to_next = strlen(&list[pos]) + 1; 2806 if (bcmp(&list[pos], prefix, prefix_len) == 0 && 2807 list[pos + prefix_len] == extattr_namespace_separator) { 2808 len = dist_to_next - 2809 (prefix_len + sizeof(extattr_namespace_separator)) - 1; 2810 if (len >= EXTATTR_MAXNAMELEN) 2811 return (ENAMETOOLONG); 2812 2813 bsd_list[*bsd_list_len] = len; 2814 memcpy(&bsd_list[*bsd_list_len + 1], 2815 &list[pos + prefix_len + 2816 sizeof(extattr_namespace_separator)], len); 2817 2818 *bsd_list_len += len + 1; 2819 } 2820 2821 pos += dist_to_next; 2822 } 2823 2824 return (0); 2825 } 2826 2827 /* 2828 * List extended attributes 2829 * 2830 * The FUSE_LISTXATTR operation is based on Linux's listxattr(2) syscall, which 2831 * has a number of differences compared to its FreeBSD equivalent, 2832 * extattr_list_file: 2833 * 2834 * - FUSE_LISTXATTR returns all extended attributes across all namespaces, 2835 * whereas listxattr(2) only returns attributes for a single namespace 2836 * - FUSE_LISTXATTR prepends each attribute name with "namespace." 2837 * - If the provided buffer is not large enough to hold the result, 2838 * FUSE_LISTXATTR should return ERANGE, whereas listxattr is expected to 2839 * return as many results as will fit. 2840 */ 2841 /* 2842 struct vop_listextattr_args { 2843 struct vop_generic_args a_gen; 2844 struct vnode *a_vp; 2845 int a_attrnamespace; 2846 struct uio *a_uio; 2847 size_t *a_size; 2848 struct ucred *a_cred; 2849 struct thread *a_td; 2850 }; 2851 */ 2852 static int 2853 fuse_vnop_listextattr(struct vop_listextattr_args *ap) 2854 { 2855 struct vnode *vp = ap->a_vp; 2856 struct uio *uio = ap->a_uio; 2857 struct fuse_dispatcher fdi; 2858 struct fuse_listxattr_in *list_xattr_in; 2859 struct fuse_listxattr_out *list_xattr_out; 2860 struct mount *mp = vnode_mount(vp); 2861 struct thread *td = ap->a_td; 2862 struct ucred *cred = ap->a_cred; 2863 char *prefix; 2864 char *bsd_list = NULL; 2865 char *linux_list; 2866 int bsd_list_len; 2867 int linux_list_len; 2868 int err; 2869 2870 if (fuse_isdeadfs(vp)) 2871 return (ENXIO); 2872 2873 if (fsess_not_impl(mp, FUSE_LISTXATTR)) 2874 return EOPNOTSUPP; 2875 2876 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2877 if (err) 2878 return err; 2879 2880 /* 2881 * Add space for a NUL and the period separator if enabled. 2882 * Default to looking for user attributes. 2883 */ 2884 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2885 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2886 else 2887 prefix = EXTATTR_NAMESPACE_USER_STRING; 2888 2889 fdisp_init(&fdi, sizeof(*list_xattr_in)); 2890 fdisp_make_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2891 2892 /* 2893 * Retrieve Linux / FUSE compatible list size. 2894 */ 2895 list_xattr_in = fdi.indata; 2896 list_xattr_in->size = 0; 2897 2898 err = fdisp_wait_answ(&fdi); 2899 if (err != 0) { 2900 if (err == ENOSYS) { 2901 fsess_set_notimpl(mp, FUSE_LISTXATTR); 2902 err = EOPNOTSUPP; 2903 } 2904 goto out; 2905 } 2906 2907 list_xattr_out = fdi.answ; 2908 linux_list_len = list_xattr_out->size; 2909 if (linux_list_len == 0) { 2910 if (ap->a_size != NULL) 2911 *ap->a_size = linux_list_len; 2912 goto out; 2913 } 2914 2915 /* 2916 * Retrieve Linux / FUSE compatible list values. 2917 */ 2918 fdisp_refresh_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2919 list_xattr_in = fdi.indata; 2920 list_xattr_in->size = linux_list_len; 2921 2922 err = fdisp_wait_answ(&fdi); 2923 if (err == ERANGE) { 2924 /* 2925 * Race detected. The attribute list must've grown since the 2926 * first FUSE_LISTXATTR call. Start over. Go all the way back 2927 * to userland so we can process signals, if necessary, before 2928 * restarting. 2929 */ 2930 err = ERESTART; 2931 goto out; 2932 } else if (err != 0) 2933 goto out; 2934 2935 linux_list = fdi.answ; 2936 /* FUSE doesn't allow the server to return more data than requested */ 2937 if (fdi.iosize > linux_list_len) { 2938 struct fuse_data *data = fuse_get_mpdata(mp); 2939 2940 fuse_warn(data, FSESS_WARN_LSEXTATTR_LONG, 2941 "server returned " 2942 "more extended attribute data than requested; " 2943 "should've returned ERANGE instead."); 2944 } else { 2945 /* But returning less data is fine */ 2946 linux_list_len = fdi.iosize; 2947 } 2948 2949 /* 2950 * Retrieve the BSD compatible list values. 2951 * The Linux / FUSE attribute list format isn't the same 2952 * as FreeBSD's format. So we need to transform it into 2953 * FreeBSD's format before giving it to the user. 2954 */ 2955 bsd_list = malloc(linux_list_len, M_TEMP, M_WAITOK); 2956 err = fuse_xattrlist_convert(prefix, linux_list, linux_list_len, 2957 bsd_list, &bsd_list_len); 2958 if (err != 0) 2959 goto out; 2960 2961 if (ap->a_size != NULL) 2962 *ap->a_size = bsd_list_len; 2963 2964 if (uio != NULL) 2965 err = uiomove(bsd_list, bsd_list_len, uio); 2966 2967 out: 2968 free(bsd_list, M_TEMP); 2969 fdisp_destroy(&fdi); 2970 return (err); 2971 } 2972 2973 /* 2974 struct vop_deallocate_args { 2975 struct vop_generic_args a_gen; 2976 struct vnode *a_vp; 2977 off_t *a_offset; 2978 off_t *a_len; 2979 int a_flags; 2980 int a_ioflag; 2981 struct ucred *a_cred; 2982 }; 2983 */ 2984 static int 2985 fuse_vnop_deallocate(struct vop_deallocate_args *ap) 2986 { 2987 struct vnode *vp = ap->a_vp; 2988 struct mount *mp = vnode_mount(vp); 2989 struct fuse_filehandle *fufh; 2990 struct fuse_dispatcher fdi; 2991 struct fuse_fallocate_in *ffi; 2992 struct ucred *cred = ap->a_cred; 2993 pid_t pid = curthread->td_proc->p_pid; 2994 off_t *len = ap->a_len; 2995 off_t *offset = ap->a_offset; 2996 int ioflag = ap->a_ioflag; 2997 off_t filesize; 2998 int err; 2999 bool closefufh = false; 3000 3001 if (fuse_isdeadfs(vp)) 3002 return (ENXIO); 3003 3004 if (vfs_isrdonly(mp)) 3005 return (EROFS); 3006 3007 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 3008 goto fallback; 3009 3010 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 3011 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 3012 /* 3013 * nfsd will do I/O without first doing VOP_OPEN. We 3014 * must implicitly open the file here 3015 */ 3016 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 3017 closefufh = true; 3018 } 3019 if (err) 3020 return (err); 3021 3022 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 3023 3024 err = fuse_vnode_size(vp, &filesize, cred, curthread); 3025 if (err) 3026 goto out; 3027 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 3028 3029 fdisp_init(&fdi, sizeof(*ffi)); 3030 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 3031 ffi = fdi.indata; 3032 ffi->fh = fufh->fh_id; 3033 ffi->offset = *offset; 3034 ffi->length = *len; 3035 /* 3036 * FreeBSD's fspacectl is equivalent to Linux's fallocate with 3037 * mode == FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE 3038 */ 3039 ffi->mode = FUSE_FALLOC_FL_PUNCH_HOLE | FUSE_FALLOC_FL_KEEP_SIZE; 3040 err = fdisp_wait_answ(&fdi); 3041 3042 if (err == ENOSYS) { 3043 fdisp_destroy(&fdi); 3044 fsess_set_notimpl(mp, FUSE_FALLOCATE); 3045 goto fallback; 3046 } else if (err == EOPNOTSUPP) { 3047 /* 3048 * The file system server does not support FUSE_FALLOCATE with 3049 * the supplied mode for this particular file. 3050 */ 3051 fdisp_destroy(&fdi); 3052 goto fallback; 3053 } else if (!err) { 3054 /* 3055 * Clip the returned offset to EoF. Do it here rather than 3056 * before FUSE_FALLOCATE just in case the kernel's cached file 3057 * size is out of date. Unfortunately, FUSE does not return 3058 * any information about filesize from that operation. 3059 */ 3060 *offset = MIN(*offset + *len, filesize); 3061 *len = 0; 3062 fuse_vnode_undirty_cached_timestamps(vp, false); 3063 fuse_internal_clear_suid_on_write(vp, cred, curthread); 3064 3065 if (ioflag & IO_SYNC) 3066 err = fuse_internal_fsync(vp, curthread, MNT_WAIT, 3067 false); 3068 } 3069 3070 out: 3071 fdisp_destroy(&fdi); 3072 if (closefufh) 3073 fuse_filehandle_close(vp, fufh, curthread, cred); 3074 3075 return (err); 3076 3077 fallback: 3078 if (closefufh) 3079 fuse_filehandle_close(vp, fufh, curthread, cred); 3080 3081 return (vop_stddeallocate(ap)); 3082 } 3083 3084 /* 3085 struct vop_deleteextattr_args { 3086 struct vop_generic_args a_gen; 3087 struct vnode *a_vp; 3088 int a_attrnamespace; 3089 const char *a_name; 3090 struct ucred *a_cred; 3091 struct thread *a_td; 3092 }; 3093 */ 3094 static int 3095 fuse_vnop_deleteextattr(struct vop_deleteextattr_args *ap) 3096 { 3097 struct vnode *vp = ap->a_vp; 3098 struct fuse_dispatcher fdi; 3099 struct mount *mp = vnode_mount(vp); 3100 struct thread *td = ap->a_td; 3101 struct ucred *cred = ap->a_cred; 3102 char *prefix; 3103 size_t len; 3104 char *attr_str; 3105 int err; 3106 3107 if (fuse_isdeadfs(vp)) 3108 return (ENXIO); 3109 3110 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 3111 return EOPNOTSUPP; 3112 3113 if (vfs_isrdonly(mp)) 3114 return EROFS; 3115 3116 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 3117 VWRITE); 3118 if (err) 3119 return err; 3120 3121 /* Default to looking for user attributes. */ 3122 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 3123 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 3124 else 3125 prefix = EXTATTR_NAMESPACE_USER_STRING; 3126 3127 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 3128 strlen(ap->a_name) + 1; 3129 3130 fdisp_init(&fdi, len); 3131 fdisp_make_vp(&fdi, FUSE_REMOVEXATTR, vp, td, cred); 3132 3133 attr_str = fdi.indata; 3134 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 3135 ap->a_name); 3136 3137 err = fdisp_wait_answ(&fdi); 3138 if (err == ENOSYS) { 3139 fsess_set_notimpl(mp, FUSE_REMOVEXATTR); 3140 err = EOPNOTSUPP; 3141 } 3142 3143 fdisp_destroy(&fdi); 3144 return (err); 3145 } 3146 3147 /* 3148 struct vnop_print_args { 3149 struct vnode *a_vp; 3150 }; 3151 */ 3152 static int 3153 fuse_vnop_print(struct vop_print_args *ap) 3154 { 3155 struct fuse_vnode_data *fvdat = VTOFUD(ap->a_vp); 3156 3157 printf("nodeid: %ju, parent nodeid: %ju, nlookup: %ju, flag: %#x\n", 3158 (uintmax_t)VTOILLU(ap->a_vp), (uintmax_t)fvdat->parent_nid, 3159 (uintmax_t)fvdat->nlookup, 3160 fvdat->flag); 3161 3162 return 0; 3163 } 3164 3165 /* 3166 * Get an NFS filehandle for a FUSE file. 3167 * 3168 * This will only work for FUSE file systems that guarantee the uniqueness of 3169 * nodeid:generation, which most don't. 3170 */ 3171 /* 3172 vop_vptofh { 3173 IN struct vnode *a_vp; 3174 IN struct fid *a_fhp; 3175 }; 3176 */ 3177 static int 3178 fuse_vnop_vptofh(struct vop_vptofh_args *ap) 3179 { 3180 struct vnode *vp = ap->a_vp; 3181 struct fuse_vnode_data *fvdat = VTOFUD(vp); 3182 struct fuse_fid *fhp = (struct fuse_fid *)(ap->a_fhp); 3183 _Static_assert(sizeof(struct fuse_fid) <= sizeof(struct fid), 3184 "FUSE fid type is too big"); 3185 struct mount *mp = vnode_mount(vp); 3186 struct fuse_data *data = fuse_get_mpdata(mp); 3187 struct vattr va; 3188 int err; 3189 3190 if (!(data->dataflags & FSESS_EXPORT_SUPPORT)) { 3191 /* NFS requires lookups for "." and ".." */ 3192 SDT_PROBE2(fusefs, , vnops, trace, 1, 3193 "VOP_VPTOFH without FUSE_EXPORT_SUPPORT"); 3194 return EOPNOTSUPP; 3195 } 3196 if ((mp->mnt_flag & MNT_EXPORTED) && 3197 !(data->dataflags & FSESS_NO_OPENDIR_SUPPORT)) 3198 { 3199 /* 3200 * NFS is stateless, so nfsd must reopen a directory on every 3201 * call to VOP_READDIR, passing in the d_off field from the 3202 * final dirent of the previous invocation. But without 3203 * FUSE_NO_OPENDIR_SUPPORT, the FUSE protocol does not 3204 * guarantee that d_off will be valid after a directory is 3205 * closed and reopened. So prohibit exporting FUSE file 3206 * systems that don't set that flag. 3207 * 3208 * But userspace NFS servers don't have this problem. 3209 */ 3210 SDT_PROBE2(fusefs, , vnops, trace, 1, 3211 "VOP_VPTOFH without FUSE_NO_OPENDIR_SUPPORT"); 3212 return EOPNOTSUPP; 3213 } 3214 3215 err = fuse_internal_getattr(vp, &va, curthread->td_ucred, curthread); 3216 if (err) 3217 return err; 3218 3219 /*ip = VTOI(ap->a_vp);*/ 3220 /*ufhp = (struct ufid *)ap->a_fhp;*/ 3221 fhp->len = sizeof(struct fuse_fid); 3222 fhp->nid = fvdat->nid; 3223 if (fvdat->generation <= UINT32_MAX) 3224 fhp->gen = fvdat->generation; 3225 else 3226 return EOVERFLOW; 3227 return (0); 3228 } 3229