xref: /freebsd/sys/fs/fuse/fuse_vnops.c (revision 924226fba12cc9a228c73b956e1b7fa24c60b055)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 2007-2009 Google Inc. and Amit Singh
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions are
9  * met:
10  *
11  * * Redistributions of source code must retain the above copyright
12  *   notice, this list of conditions and the following disclaimer.
13  * * Redistributions in binary form must reproduce the above
14  *   copyright notice, this list of conditions and the following disclaimer
15  *   in the documentation and/or other materials provided with the
16  *   distribution.
17  * * Neither the name of Google Inc. nor the names of its
18  *   contributors may be used to endorse or promote products derived from
19  *   this software without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32  *
33  * Copyright (C) 2005 Csaba Henk.
34  * All rights reserved.
35  *
36  * Copyright (c) 2019 The FreeBSD Foundation
37  *
38  * Portions of this software were developed by BFF Storage Systems, LLC under
39  * sponsorship from the FreeBSD Foundation.
40  *
41  * Redistribution and use in source and binary forms, with or without
42  * modification, are permitted provided that the following conditions
43  * are met:
44  * 1. Redistributions of source code must retain the above copyright
45  *    notice, this list of conditions and the following disclaimer.
46  * 2. Redistributions in binary form must reproduce the above copyright
47  *    notice, this list of conditions and the following disclaimer in the
48  *    documentation and/or other materials provided with the distribution.
49  *
50  * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
51  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53  * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
54  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60  * SUCH DAMAGE.
61  */
62 
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD$");
65 
66 #include <sys/param.h>
67 #include <sys/module.h>
68 #include <sys/systm.h>
69 #include <sys/errno.h>
70 #include <sys/kernel.h>
71 #include <sys/conf.h>
72 #include <sys/filio.h>
73 #include <sys/uio.h>
74 #include <sys/malloc.h>
75 #include <sys/queue.h>
76 #include <sys/limits.h>
77 #include <sys/lock.h>
78 #include <sys/rwlock.h>
79 #include <sys/sx.h>
80 #include <sys/proc.h>
81 #include <sys/mount.h>
82 #include <sys/vnode.h>
83 #include <sys/namei.h>
84 #include <sys/extattr.h>
85 #include <sys/stat.h>
86 #include <sys/unistd.h>
87 #include <sys/filedesc.h>
88 #include <sys/file.h>
89 #include <sys/fcntl.h>
90 #include <sys/dirent.h>
91 #include <sys/bio.h>
92 #include <sys/buf.h>
93 #include <sys/sysctl.h>
94 #include <sys/vmmeter.h>
95 
96 #include <vm/vm.h>
97 #include <vm/vm_extern.h>
98 #include <vm/pmap.h>
99 #include <vm/vm_map.h>
100 #include <vm/vm_page.h>
101 #include <vm/vm_param.h>
102 #include <vm/vm_object.h>
103 #include <vm/vm_pager.h>
104 #include <vm/vnode_pager.h>
105 #include <vm/vm_object.h>
106 
107 #include "fuse.h"
108 #include "fuse_file.h"
109 #include "fuse_internal.h"
110 #include "fuse_ipc.h"
111 #include "fuse_node.h"
112 #include "fuse_io.h"
113 
114 #include <sys/priv.h>
115 
116 /* Maximum number of hardlinks to a single FUSE file */
117 #define FUSE_LINK_MAX                      UINT32_MAX
118 
119 SDT_PROVIDER_DECLARE(fusefs);
120 /*
121  * Fuse trace probe:
122  * arg0: verbosity.  Higher numbers give more verbose messages
123  * arg1: Textual message
124  */
125 SDT_PROBE_DEFINE2(fusefs, , vnops, trace, "int", "char*");
126 
127 /* vnode ops */
128 static vop_access_t fuse_vnop_access;
129 static vop_advlock_t fuse_vnop_advlock;
130 static vop_allocate_t fuse_vnop_allocate;
131 static vop_bmap_t fuse_vnop_bmap;
132 static vop_close_t fuse_fifo_close;
133 static vop_close_t fuse_vnop_close;
134 static vop_copy_file_range_t fuse_vnop_copy_file_range;
135 static vop_create_t fuse_vnop_create;
136 static vop_deallocate_t fuse_vnop_deallocate;
137 static vop_deleteextattr_t fuse_vnop_deleteextattr;
138 static vop_fdatasync_t fuse_vnop_fdatasync;
139 static vop_fsync_t fuse_vnop_fsync;
140 static vop_getattr_t fuse_vnop_getattr;
141 static vop_getextattr_t fuse_vnop_getextattr;
142 static vop_inactive_t fuse_vnop_inactive;
143 static vop_ioctl_t fuse_vnop_ioctl;
144 static vop_link_t fuse_vnop_link;
145 static vop_listextattr_t fuse_vnop_listextattr;
146 static vop_lookup_t fuse_vnop_lookup;
147 static vop_mkdir_t fuse_vnop_mkdir;
148 static vop_mknod_t fuse_vnop_mknod;
149 static vop_open_t fuse_vnop_open;
150 static vop_pathconf_t fuse_vnop_pathconf;
151 static vop_read_t fuse_vnop_read;
152 static vop_readdir_t fuse_vnop_readdir;
153 static vop_readlink_t fuse_vnop_readlink;
154 static vop_reclaim_t fuse_vnop_reclaim;
155 static vop_remove_t fuse_vnop_remove;
156 static vop_rename_t fuse_vnop_rename;
157 static vop_rmdir_t fuse_vnop_rmdir;
158 static vop_setattr_t fuse_vnop_setattr;
159 static vop_setextattr_t fuse_vnop_setextattr;
160 static vop_strategy_t fuse_vnop_strategy;
161 static vop_symlink_t fuse_vnop_symlink;
162 static vop_write_t fuse_vnop_write;
163 static vop_getpages_t fuse_vnop_getpages;
164 static vop_print_t fuse_vnop_print;
165 static vop_vptofh_t fuse_vnop_vptofh;
166 
167 struct vop_vector fuse_fifoops = {
168 	.vop_default =		&fifo_specops,
169 	.vop_access =		fuse_vnop_access,
170 	.vop_close =		fuse_fifo_close,
171 	.vop_fsync =		fuse_vnop_fsync,
172 	.vop_getattr =		fuse_vnop_getattr,
173 	.vop_inactive =		fuse_vnop_inactive,
174 	.vop_pathconf =		fuse_vnop_pathconf,
175 	.vop_print =		fuse_vnop_print,
176 	.vop_read =		VOP_PANIC,
177 	.vop_reclaim =		fuse_vnop_reclaim,
178 	.vop_setattr =		fuse_vnop_setattr,
179 	.vop_write =		VOP_PANIC,
180 	.vop_vptofh =		fuse_vnop_vptofh,
181 };
182 VFS_VOP_VECTOR_REGISTER(fuse_fifoops);
183 
184 struct vop_vector fuse_vnops = {
185 	.vop_allocate =	fuse_vnop_allocate,
186 	.vop_default = &default_vnodeops,
187 	.vop_access = fuse_vnop_access,
188 	.vop_advlock = fuse_vnop_advlock,
189 	.vop_bmap = fuse_vnop_bmap,
190 	.vop_close = fuse_vnop_close,
191 	.vop_copy_file_range = fuse_vnop_copy_file_range,
192 	.vop_create = fuse_vnop_create,
193 	.vop_deallocate = fuse_vnop_deallocate,
194 	.vop_deleteextattr = fuse_vnop_deleteextattr,
195 	.vop_fsync = fuse_vnop_fsync,
196 	.vop_fdatasync = fuse_vnop_fdatasync,
197 	.vop_getattr = fuse_vnop_getattr,
198 	.vop_getextattr = fuse_vnop_getextattr,
199 	.vop_inactive = fuse_vnop_inactive,
200 	.vop_ioctl = fuse_vnop_ioctl,
201 	.vop_link = fuse_vnop_link,
202 	.vop_listextattr = fuse_vnop_listextattr,
203 	.vop_lookup = fuse_vnop_lookup,
204 	.vop_mkdir = fuse_vnop_mkdir,
205 	.vop_mknod = fuse_vnop_mknod,
206 	.vop_open = fuse_vnop_open,
207 	.vop_pathconf = fuse_vnop_pathconf,
208 	/*
209 	 * TODO: implement vop_poll after upgrading to protocol 7.21.
210 	 * FUSE_POLL was added in protocol 7.11, but it's kind of broken until
211 	 * 7.21, which adds the ability for the client to choose which poll
212 	 * events it wants, and for a client to deregister a file handle
213 	 */
214 	.vop_read = fuse_vnop_read,
215 	.vop_readdir = fuse_vnop_readdir,
216 	.vop_readlink = fuse_vnop_readlink,
217 	.vop_reclaim = fuse_vnop_reclaim,
218 	.vop_remove = fuse_vnop_remove,
219 	.vop_rename = fuse_vnop_rename,
220 	.vop_rmdir = fuse_vnop_rmdir,
221 	.vop_setattr = fuse_vnop_setattr,
222 	.vop_setextattr = fuse_vnop_setextattr,
223 	.vop_strategy = fuse_vnop_strategy,
224 	.vop_symlink = fuse_vnop_symlink,
225 	.vop_write = fuse_vnop_write,
226 	.vop_getpages = fuse_vnop_getpages,
227 	.vop_print = fuse_vnop_print,
228 	.vop_vptofh = fuse_vnop_vptofh,
229 };
230 VFS_VOP_VECTOR_REGISTER(fuse_vnops);
231 
232 uma_zone_t fuse_pbuf_zone;
233 
234 /* Check permission for extattr operations, much like extattr_check_cred */
235 static int
236 fuse_extattr_check_cred(struct vnode *vp, int ns, struct ucred *cred,
237 	struct thread *td, accmode_t accmode)
238 {
239 	struct mount *mp = vnode_mount(vp);
240 	struct fuse_data *data = fuse_get_mpdata(mp);
241 	int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS;
242 
243 	/*
244 	 * Kernel-invoked always succeeds.
245 	 */
246 	if (cred == NOCRED)
247 		return (0);
248 
249 	/*
250 	 * Do not allow privileged processes in jail to directly manipulate
251 	 * system attributes.
252 	 */
253 	switch (ns) {
254 	case EXTATTR_NAMESPACE_SYSTEM:
255 		if (default_permissions) {
256 			return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM));
257 		}
258 		return (0);
259 	case EXTATTR_NAMESPACE_USER:
260 		if (default_permissions) {
261 			return (fuse_internal_access(vp, accmode, td, cred));
262 		}
263 		return (0);
264 	default:
265 		return (EPERM);
266 	}
267 }
268 
269 /* Get a filehandle for a directory */
270 static int
271 fuse_filehandle_get_dir(struct vnode *vp, struct fuse_filehandle **fufhp,
272 	struct ucred *cred, pid_t pid)
273 {
274 	if (fuse_filehandle_get(vp, FREAD, fufhp, cred, pid) == 0)
275 		return 0;
276 	return fuse_filehandle_get(vp, FEXEC, fufhp, cred, pid);
277 }
278 
279 /* Send FUSE_FLUSH for this vnode */
280 static int
281 fuse_flush(struct vnode *vp, struct ucred *cred, pid_t pid, int fflag)
282 {
283 	struct fuse_flush_in *ffi;
284 	struct fuse_filehandle *fufh;
285 	struct fuse_dispatcher fdi;
286 	struct thread *td = curthread;
287 	struct mount *mp = vnode_mount(vp);
288 	int err;
289 
290 	if (fsess_not_impl(vnode_mount(vp), FUSE_FLUSH))
291 		return 0;
292 
293 	err = fuse_filehandle_getrw(vp, fflag, &fufh, cred, pid);
294 	if (err)
295 		return err;
296 
297 	fdisp_init(&fdi, sizeof(*ffi));
298 	fdisp_make_vp(&fdi, FUSE_FLUSH, vp, td, cred);
299 	ffi = fdi.indata;
300 	ffi->fh = fufh->fh_id;
301 	/*
302 	 * If the file has a POSIX lock then we're supposed to set lock_owner.
303 	 * If not, then lock_owner is undefined.  So we may as well always set
304 	 * it.
305 	 */
306 	ffi->lock_owner = td->td_proc->p_pid;
307 
308 	err = fdisp_wait_answ(&fdi);
309 	if (err == ENOSYS) {
310 		fsess_set_notimpl(mp, FUSE_FLUSH);
311 		err = 0;
312 	}
313 	fdisp_destroy(&fdi);
314 	return err;
315 }
316 
317 /* Close wrapper for fifos.  */
318 static int
319 fuse_fifo_close(struct vop_close_args *ap)
320 {
321 	return (fifo_specops.vop_close(ap));
322 }
323 
324 /* Invalidate a range of cached data, whether dirty of not */
325 static int
326 fuse_inval_buf_range(struct vnode *vp, off_t filesize, off_t start, off_t end)
327 {
328 	struct buf *bp;
329 	daddr_t left_lbn, end_lbn, right_lbn;
330 	off_t new_filesize;
331 	int iosize, left_on, right_on, right_blksize;
332 
333 	iosize = fuse_iosize(vp);
334 	left_lbn = start / iosize;
335 	end_lbn = howmany(end, iosize);
336 	left_on = start & (iosize - 1);
337 	if (left_on != 0) {
338 		bp = getblk(vp, left_lbn, iosize, PCATCH, 0, 0);
339 		if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyend >= left_on) {
340 			/*
341 			 * Flush the dirty buffer, because we don't have a
342 			 * byte-granular way to record which parts of the
343 			 * buffer are valid.
344 			 */
345 			bwrite(bp);
346 			if (bp->b_error)
347 				return (bp->b_error);
348 		} else {
349 			brelse(bp);
350 		}
351 	}
352 	right_on = end & (iosize - 1);
353 	if (right_on != 0) {
354 		right_lbn = end / iosize;
355 		new_filesize = MAX(filesize, end);
356 		right_blksize = MIN(iosize, new_filesize - iosize * right_lbn);
357 		bp = getblk(vp, right_lbn, right_blksize, PCATCH, 0, 0);
358 		if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyoff < right_on) {
359 			/*
360 			 * Flush the dirty buffer, because we don't have a
361 			 * byte-granular way to record which parts of the
362 			 * buffer are valid.
363 			 */
364 			bwrite(bp);
365 			if (bp->b_error)
366 				return (bp->b_error);
367 		} else {
368 			brelse(bp);
369 		}
370 	}
371 
372 	v_inval_buf_range(vp, left_lbn, end_lbn, iosize);
373 	return (0);
374 }
375 
376 
377 /* Send FUSE_LSEEK for this node */
378 static int
379 fuse_vnop_do_lseek(struct vnode *vp, struct thread *td, struct ucred *cred,
380 	pid_t pid, off_t *offp, int whence)
381 {
382 	struct fuse_dispatcher fdi;
383 	struct fuse_filehandle *fufh;
384 	struct fuse_lseek_in *flsi;
385 	struct fuse_lseek_out *flso;
386 	struct mount *mp = vnode_mount(vp);
387 	int err;
388 
389 	ASSERT_VOP_LOCKED(vp, __func__);
390 
391 	err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid);
392 	if (err)
393 		return (err);
394 	fdisp_init(&fdi, sizeof(*flsi));
395 	fdisp_make_vp(&fdi, FUSE_LSEEK, vp, td, cred);
396 	flsi = fdi.indata;
397 	flsi->fh = fufh->fh_id;
398 	flsi->offset = *offp;
399 	flsi->whence = whence;
400 	err = fdisp_wait_answ(&fdi);
401 	if (err == ENOSYS) {
402 		fsess_set_notimpl(mp, FUSE_LSEEK);
403 	} else if (err == 0) {
404 		fsess_set_impl(mp, FUSE_LSEEK);
405 		flso = fdi.answ;
406 		*offp = flso->offset;
407 	}
408 	fdisp_destroy(&fdi);
409 
410 	return (err);
411 }
412 
413 /*
414     struct vnop_access_args {
415 	struct vnode *a_vp;
416 #if VOP_ACCESS_TAKES_ACCMODE_T
417 	accmode_t a_accmode;
418 #else
419 	int a_mode;
420 #endif
421 	struct ucred *a_cred;
422 	struct thread *a_td;
423     };
424 */
425 static int
426 fuse_vnop_access(struct vop_access_args *ap)
427 {
428 	struct vnode *vp = ap->a_vp;
429 	int accmode = ap->a_accmode;
430 	struct ucred *cred = ap->a_cred;
431 
432 	struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp));
433 
434 	int err;
435 
436 	if (fuse_isdeadfs(vp)) {
437 		if (vnode_isvroot(vp)) {
438 			return 0;
439 		}
440 		return ENXIO;
441 	}
442 	if (!(data->dataflags & FSESS_INITED)) {
443 		if (vnode_isvroot(vp)) {
444 			if (priv_check_cred(cred, PRIV_VFS_ADMIN) ||
445 			    (fuse_match_cred(data->daemoncred, cred) == 0)) {
446 				return 0;
447 			}
448 		}
449 		return EBADF;
450 	}
451 	if (vnode_islnk(vp)) {
452 		return 0;
453 	}
454 
455 	err = fuse_internal_access(vp, accmode, ap->a_td, ap->a_cred);
456 	return err;
457 }
458 
459 /*
460  * struct vop_advlock_args {
461  *	struct vop_generic_args a_gen;
462  *	struct vnode *a_vp;
463  *	void *a_id;
464  *	int a_op;
465  *	struct flock *a_fl;
466  *	int a_flags;
467  * }
468  */
469 static int
470 fuse_vnop_advlock(struct vop_advlock_args *ap)
471 {
472 	struct vnode *vp = ap->a_vp;
473 	struct flock *fl = ap->a_fl;
474 	struct thread *td = curthread;
475 	struct ucred *cred = td->td_ucred;
476 	pid_t pid = td->td_proc->p_pid;
477 	struct fuse_filehandle *fufh;
478 	struct fuse_dispatcher fdi;
479 	struct fuse_lk_in *fli;
480 	struct fuse_lk_out *flo;
481 	enum fuse_opcode op;
482 	int dataflags, err;
483 	int flags = ap->a_flags;
484 
485 	dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags;
486 
487 	if (fuse_isdeadfs(vp)) {
488 		return ENXIO;
489 	}
490 
491 	switch(ap->a_op) {
492 	case F_GETLK:
493 		op = FUSE_GETLK;
494 		break;
495 	case F_SETLK:
496 		if (flags & F_WAIT)
497 			op = FUSE_SETLKW;
498 		else
499 			op = FUSE_SETLK;
500 		break;
501 	case F_UNLCK:
502 		op = FUSE_SETLK;
503 		break;
504 	default:
505 		return EINVAL;
506 	}
507 
508 	if (!(dataflags & FSESS_POSIX_LOCKS))
509 		return vop_stdadvlock(ap);
510 	/* FUSE doesn't properly support flock until protocol 7.17 */
511 	if (flags & F_FLOCK)
512 		return vop_stdadvlock(ap);
513 
514 	vn_lock(vp, LK_SHARED | LK_RETRY);
515 
516 	err = fuse_filehandle_get_anyflags(vp, &fufh, cred, pid);
517 	if (err)
518 		goto out;
519 
520 	fdisp_init(&fdi, sizeof(*fli));
521 
522 	fdisp_make_vp(&fdi, op, vp, td, cred);
523 	fli = fdi.indata;
524 	fli->fh = fufh->fh_id;
525 	fli->owner = td->td_proc->p_pid;
526 	fli->lk.start = fl->l_start;
527 	if (fl->l_len != 0)
528 		fli->lk.end = fl->l_start + fl->l_len - 1;
529 	else
530 		fli->lk.end = INT64_MAX;
531 	fli->lk.type = fl->l_type;
532 	fli->lk.pid = td->td_proc->p_pid;
533 
534 	err = fdisp_wait_answ(&fdi);
535 	fdisp_destroy(&fdi);
536 
537 	if (err == 0 && op == FUSE_GETLK) {
538 		flo = fdi.answ;
539 		fl->l_type = flo->lk.type;
540 		fl->l_pid = flo->lk.pid;
541 		if (flo->lk.type != F_UNLCK) {
542 			fl->l_start = flo->lk.start;
543 			if (flo->lk.end == INT64_MAX)
544 				fl->l_len = 0;
545 			else
546 				fl->l_len = flo->lk.end - flo->lk.start + 1;
547 			fl->l_start = flo->lk.start;
548 		}
549 	}
550 
551 out:
552 	VOP_UNLOCK(vp);
553 	return err;
554 }
555 
556 static int
557 fuse_vnop_allocate(struct vop_allocate_args *ap)
558 {
559 	struct vnode *vp = ap->a_vp;
560 	off_t *len = ap->a_len;
561 	off_t *offset = ap->a_offset;
562 	struct ucred *cred = ap->a_cred;
563 	struct fuse_filehandle *fufh;
564 	struct mount *mp = vnode_mount(vp);
565 	struct fuse_dispatcher fdi;
566 	struct fuse_fallocate_in *ffi;
567 	struct uio io;
568 	pid_t pid = curthread->td_proc->p_pid;
569 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
570 	off_t filesize;
571 	int err;
572 
573 	if (fuse_isdeadfs(vp))
574 		return (ENXIO);
575 
576 	switch (vp->v_type) {
577 	case VFIFO:
578 		return (ESPIPE);
579 	case VLNK:
580 	case VREG:
581 		if (vfs_isrdonly(mp))
582 			return (EROFS);
583 		break;
584 	default:
585 		return (ENODEV);
586 	}
587 
588 	if (vfs_isrdonly(mp))
589 		return (EROFS);
590 
591 	if (fsess_not_impl(mp, FUSE_FALLOCATE))
592 		return (EINVAL);
593 
594 	io.uio_offset = *offset;
595 	io.uio_resid = *len;
596 	err = vn_rlimit_fsize(vp, &io, curthread);
597 	if (err)
598 		return (err);
599 
600 	err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid);
601 	if (err)
602 		return (err);
603 
604 	fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE);
605 
606 	err = fuse_vnode_size(vp, &filesize, cred, curthread);
607 	if (err)
608 		return (err);
609 	fuse_inval_buf_range(vp, filesize, *offset, *offset + *len);
610 
611 	fdisp_init(&fdi, sizeof(*ffi));
612 	fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred);
613 	ffi = fdi.indata;
614 	ffi->fh = fufh->fh_id;
615 	ffi->offset = *offset;
616 	ffi->length = *len;
617 	ffi->mode = 0;
618 	err = fdisp_wait_answ(&fdi);
619 
620 	if (err == ENOSYS) {
621 		fsess_set_notimpl(mp, FUSE_FALLOCATE);
622 		err = EINVAL;
623 	} else if (err == EOPNOTSUPP) {
624 		/*
625 		 * The file system server does not support FUSE_FALLOCATE with
626 		 * the supplied mode for this particular file.
627 		 */
628 		err = EINVAL;
629 	} else if (!err) {
630 		*offset += *len;
631 		*len = 0;
632 		fuse_vnode_undirty_cached_timestamps(vp, false);
633 		fuse_internal_clear_suid_on_write(vp, cred, curthread);
634 		if (*offset > fvdat->cached_attrs.va_size) {
635 			fuse_vnode_setsize(vp, *offset, false);
636 			getnanouptime(&fvdat->last_local_modify);
637 		}
638 	}
639 
640 	return (err);
641 }
642 
643 /* {
644 	struct vnode *a_vp;
645 	daddr_t a_bn;
646 	struct bufobj **a_bop;
647 	daddr_t *a_bnp;
648 	int *a_runp;
649 	int *a_runb;
650 } */
651 static int
652 fuse_vnop_bmap(struct vop_bmap_args *ap)
653 {
654 	struct vnode *vp = ap->a_vp;
655 	struct bufobj **bo = ap->a_bop;
656 	struct thread *td = curthread;
657 	struct mount *mp;
658 	struct fuse_dispatcher fdi;
659 	struct fuse_bmap_in *fbi;
660 	struct fuse_bmap_out *fbo;
661 	struct fuse_data *data;
662 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
663 	uint64_t biosize;
664 	off_t fsize;
665 	daddr_t lbn = ap->a_bn;
666 	daddr_t *pbn = ap->a_bnp;
667 	int *runp = ap->a_runp;
668 	int *runb = ap->a_runb;
669 	int error = 0;
670 	int maxrun;
671 
672 	if (fuse_isdeadfs(vp)) {
673 		return ENXIO;
674 	}
675 
676 	mp = vnode_mount(vp);
677 	data = fuse_get_mpdata(mp);
678 	biosize = fuse_iosize(vp);
679 	maxrun = MIN(vp->v_mount->mnt_iosize_max / biosize - 1,
680 		data->max_readahead_blocks);
681 
682 	if (bo != NULL)
683 		*bo = &vp->v_bufobj;
684 
685 	/*
686 	 * The FUSE_BMAP operation does not include the runp and runb
687 	 * variables, so we must guess.  Report nonzero contiguous runs so
688 	 * cluster_read will combine adjacent reads.  It's worthwhile to reduce
689 	 * upcalls even if we don't know the true physical layout of the file.
690 	 *
691 	 * FUSE file systems may opt out of read clustering in two ways:
692 	 * * mounting with -onoclusterr
693 	 * * Setting max_readahead <= maxbcachebuf during FUSE_INIT
694 	 */
695 	if (runb != NULL)
696 		*runb = MIN(lbn, maxrun);
697 	if (runp != NULL && maxrun == 0)
698 		*runp = 0;
699 	else if (runp != NULL) {
700 		/*
701 		 * If the file's size is cached, use that value to calculate
702 		 * runp, even if the cache is expired.  runp is only advisory,
703 		 * and the risk of getting it wrong is not worth the cost of
704 		 * another upcall.
705 		 */
706 		if (fvdat->cached_attrs.va_size != VNOVAL)
707 			fsize = fvdat->cached_attrs.va_size;
708 		else
709 			error = fuse_vnode_size(vp, &fsize, td->td_ucred, td);
710 		if (error == 0)
711 			*runp = MIN(MAX(0, fsize / (off_t)biosize - lbn - 1),
712 				    maxrun);
713 		else
714 			*runp = 0;
715 	}
716 
717 	if (fsess_maybe_impl(mp, FUSE_BMAP)) {
718 		fdisp_init(&fdi, sizeof(*fbi));
719 		fdisp_make_vp(&fdi, FUSE_BMAP, vp, td, td->td_ucred);
720 		fbi = fdi.indata;
721 		fbi->block = lbn;
722 		fbi->blocksize = biosize;
723 		error = fdisp_wait_answ(&fdi);
724 		if (error == ENOSYS) {
725 			fdisp_destroy(&fdi);
726 			fsess_set_notimpl(mp, FUSE_BMAP);
727 			error = 0;
728 		} else {
729 			fbo = fdi.answ;
730 			if (error == 0 && pbn != NULL)
731 				*pbn = fbo->block;
732 			fdisp_destroy(&fdi);
733 			return error;
734 		}
735 	}
736 
737 	/* If the daemon doesn't support BMAP, make up a sensible default */
738 	if (pbn != NULL)
739 		*pbn = lbn * btodb(biosize);
740 	return (error);
741 }
742 
743 /*
744     struct vop_close_args {
745 	struct vnode *a_vp;
746 	int  a_fflag;
747 	struct ucred *a_cred;
748 	struct thread *a_td;
749     };
750 */
751 static int
752 fuse_vnop_close(struct vop_close_args *ap)
753 {
754 	struct vnode *vp = ap->a_vp;
755 	struct ucred *cred = ap->a_cred;
756 	int fflag = ap->a_fflag;
757 	struct thread *td = ap->a_td;
758 	pid_t pid = td->td_proc->p_pid;
759 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
760 	int err = 0;
761 
762 	if (fuse_isdeadfs(vp))
763 		return 0;
764 	if (vnode_isdir(vp))
765 		return 0;
766 	if (fflag & IO_NDELAY)
767 		return 0;
768 
769 	err = fuse_flush(vp, cred, pid, fflag);
770 	if (err == 0 && (fvdat->flag & FN_ATIMECHANGE)) {
771 		struct vattr vap;
772 
773 		VATTR_NULL(&vap);
774 		vap.va_atime = fvdat->cached_attrs.va_atime;
775 		err = fuse_internal_setattr(vp, &vap, td, NULL);
776 	}
777 	/* TODO: close the file handle, if we're sure it's no longer used */
778 	if ((fvdat->flag & FN_SIZECHANGE) != 0) {
779 		fuse_vnode_savesize(vp, cred, td->td_proc->p_pid);
780 	}
781 	return err;
782 }
783 
784 /*
785    struct vop_copy_file_range_args {
786 	struct vop_generic_args a_gen;
787 	struct vnode *a_invp;
788 	off_t *a_inoffp;
789 	struct vnode *a_outvp;
790 	off_t *a_outoffp;
791 	size_t *a_lenp;
792 	unsigned int a_flags;
793 	struct ucred *a_incred;
794 	struct ucred *a_outcred;
795 	struct thread *a_fsizetd;
796 }
797  */
798 static int
799 fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap)
800 {
801 	struct vnode *invp = ap->a_invp;
802 	struct vnode *outvp = ap->a_outvp;
803 	struct mount *mp = vnode_mount(invp);
804 	struct fuse_vnode_data *outfvdat = VTOFUD(outvp);
805 	struct fuse_dispatcher fdi;
806 	struct fuse_filehandle *infufh, *outfufh;
807 	struct fuse_copy_file_range_in *fcfri;
808 	struct ucred *incred = ap->a_incred;
809 	struct ucred *outcred = ap->a_outcred;
810 	struct fuse_write_out *fwo;
811 	struct thread *td;
812 	struct uio io;
813 	off_t outfilesize;
814 	pid_t pid;
815 	int err;
816 
817 	if (mp != vnode_mount(outvp))
818 		goto fallback;
819 
820 	if (incred->cr_uid != outcred->cr_uid)
821 		goto fallback;
822 
823 	if (incred->cr_groups[0] != outcred->cr_groups[0])
824 		goto fallback;
825 
826 	if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE))
827 		goto fallback;
828 
829 	if (ap->a_fsizetd == NULL)
830 		td = curthread;
831 	else
832 		td = ap->a_fsizetd;
833 	pid = td->td_proc->p_pid;
834 
835 	/* Lock both vnodes, avoiding risk of deadlock. */
836 	do {
837 		err = vn_lock(outvp, LK_EXCLUSIVE);
838 		if (invp == outvp)
839 			break;
840 		if (err == 0) {
841 			err = vn_lock(invp, LK_SHARED | LK_NOWAIT);
842 			if (err == 0)
843 				break;
844 			VOP_UNLOCK(outvp);
845 			err = vn_lock(invp, LK_SHARED);
846 			if (err == 0)
847 				VOP_UNLOCK(invp);
848 		}
849 	} while (err == 0);
850 	if (err != 0)
851 		return (err);
852 
853 	err = fuse_filehandle_getrw(invp, FREAD, &infufh, incred, pid);
854 	if (err)
855 		goto unlock;
856 
857 	err = fuse_filehandle_getrw(outvp, FWRITE, &outfufh, outcred, pid);
858 	if (err)
859 		goto unlock;
860 
861 	if (ap->a_fsizetd) {
862 		io.uio_offset = *ap->a_outoffp;
863 		io.uio_resid = *ap->a_lenp;
864 		err = vn_rlimit_fsize(outvp, &io, ap->a_fsizetd);
865 		if (err)
866 			goto unlock;
867 	}
868 
869 	err = fuse_vnode_size(outvp, &outfilesize, outcred, curthread);
870 	if (err)
871 		goto unlock;
872 
873 	err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp,
874 		*ap->a_outoffp + *ap->a_lenp);
875 	if (err)
876 		goto unlock;
877 
878 	fdisp_init(&fdi, sizeof(*fcfri));
879 	fdisp_make_vp(&fdi, FUSE_COPY_FILE_RANGE, invp, td, incred);
880 	fcfri = fdi.indata;
881 	fcfri->fh_in = infufh->fh_id;
882 	fcfri->off_in = *ap->a_inoffp;
883 	fcfri->nodeid_out = VTOI(outvp);
884 	fcfri->fh_out = outfufh->fh_id;
885 	fcfri->off_out = *ap->a_outoffp;
886 	fcfri->len = *ap->a_lenp;
887 	fcfri->flags = 0;
888 
889 	err = fdisp_wait_answ(&fdi);
890 	if (err == 0) {
891 		fwo = fdi.answ;
892 		*ap->a_lenp = fwo->size;
893 		*ap->a_inoffp += fwo->size;
894 		*ap->a_outoffp += fwo->size;
895 		fuse_internal_clear_suid_on_write(outvp, outcred, td);
896 		if (*ap->a_outoffp > outfvdat->cached_attrs.va_size) {
897                         fuse_vnode_setsize(outvp, *ap->a_outoffp, false);
898 			getnanouptime(&outfvdat->last_local_modify);
899 		}
900 		fuse_vnode_update(invp, FN_ATIMECHANGE);
901 		fuse_vnode_update(outvp, FN_MTIMECHANGE | FN_CTIMECHANGE);
902 	}
903 	fdisp_destroy(&fdi);
904 
905 unlock:
906 	if (invp != outvp)
907 		VOP_UNLOCK(invp);
908 	VOP_UNLOCK(outvp);
909 
910 	if (err == ENOSYS) {
911 		fsess_set_notimpl(mp, FUSE_COPY_FILE_RANGE);
912 fallback:
913 		err = vn_generic_copy_file_range(ap->a_invp, ap->a_inoffp,
914 		    ap->a_outvp, ap->a_outoffp, ap->a_lenp, ap->a_flags,
915 		    ap->a_incred, ap->a_outcred, ap->a_fsizetd);
916 	}
917 
918 	return (err);
919 }
920 
921 static void
922 fdisp_make_mknod_for_fallback(
923 	struct fuse_dispatcher *fdip,
924 	struct componentname *cnp,
925 	struct vnode *dvp,
926 	uint64_t parentnid,
927 	struct thread *td,
928 	struct ucred *cred,
929 	mode_t mode,
930 	enum fuse_opcode *op)
931 {
932 	struct fuse_mknod_in *fmni;
933 
934 	fdisp_init(fdip, sizeof(*fmni) + cnp->cn_namelen + 1);
935 	*op = FUSE_MKNOD;
936 	fdisp_make(fdip, *op, vnode_mount(dvp), parentnid, td, cred);
937 	fmni = fdip->indata;
938 	fmni->mode = mode;
939 	fmni->rdev = 0;
940 	memcpy((char *)fdip->indata + sizeof(*fmni), cnp->cn_nameptr,
941 	    cnp->cn_namelen);
942 	((char *)fdip->indata)[sizeof(*fmni) + cnp->cn_namelen] = '\0';
943 }
944 /*
945     struct vnop_create_args {
946 	struct vnode *a_dvp;
947 	struct vnode **a_vpp;
948 	struct componentname *a_cnp;
949 	struct vattr *a_vap;
950     };
951 */
952 static int
953 fuse_vnop_create(struct vop_create_args *ap)
954 {
955 	struct vnode *dvp = ap->a_dvp;
956 	struct vnode **vpp = ap->a_vpp;
957 	struct componentname *cnp = ap->a_cnp;
958 	struct vattr *vap = ap->a_vap;
959 	struct thread *td = curthread;
960 	struct ucred *cred = cnp->cn_cred;
961 
962 	struct fuse_data *data;
963 	struct fuse_create_in *fci;
964 	struct fuse_entry_out *feo;
965 	struct fuse_open_out *foo;
966 	struct fuse_dispatcher fdi, fdi2;
967 	struct fuse_dispatcher *fdip = &fdi;
968 	struct fuse_dispatcher *fdip2 = NULL;
969 
970 	int err;
971 
972 	struct mount *mp = vnode_mount(dvp);
973 	data = fuse_get_mpdata(mp);
974 	uint64_t parentnid = VTOFUD(dvp)->nid;
975 	mode_t mode = MAKEIMODE(vap->va_type, vap->va_mode);
976 	enum fuse_opcode op;
977 	int flags;
978 
979 	if (fuse_isdeadfs(dvp))
980 		return ENXIO;
981 
982 	/* FUSE expects sockets to be created with FUSE_MKNOD */
983 	if (vap->va_type == VSOCK)
984 		return fuse_internal_mknod(dvp, vpp, cnp, vap);
985 
986 	/*
987 	 * VOP_CREATE doesn't tell us the open(2) flags, so we guess.  Only a
988 	 * writable mode makes sense, and we might as well include readability
989 	 * too.
990 	 */
991 	flags = O_RDWR;
992 
993 	bzero(&fdi, sizeof(fdi));
994 
995 	if (vap->va_type != VREG)
996 		return (EINVAL);
997 
998 	if (fsess_not_impl(mp, FUSE_CREATE) || vap->va_type == VSOCK) {
999 		/* Fallback to FUSE_MKNOD/FUSE_OPEN */
1000 		fdisp_make_mknod_for_fallback(fdip, cnp, dvp, parentnid, td,
1001 			cred, mode, &op);
1002 	} else {
1003 		/* Use FUSE_CREATE */
1004 		size_t insize;
1005 
1006 		op = FUSE_CREATE;
1007 		fdisp_init(fdip, sizeof(*fci) + cnp->cn_namelen + 1);
1008 		fdisp_make(fdip, op, vnode_mount(dvp), parentnid, td, cred);
1009 		fci = fdip->indata;
1010 		fci->mode = mode;
1011 		fci->flags = O_CREAT | flags;
1012 		if (fuse_libabi_geq(data, 7, 12)) {
1013 			insize = sizeof(*fci);
1014 			fci->umask = td->td_proc->p_pd->pd_cmask;
1015 		} else {
1016 			insize = sizeof(struct fuse_open_in);
1017 		}
1018 
1019 		memcpy((char *)fdip->indata + insize, cnp->cn_nameptr,
1020 		    cnp->cn_namelen);
1021 		((char *)fdip->indata)[insize + cnp->cn_namelen] = '\0';
1022 	}
1023 
1024 	err = fdisp_wait_answ(fdip);
1025 
1026 	if (err) {
1027 		if (err == ENOSYS && op == FUSE_CREATE) {
1028 			fsess_set_notimpl(mp, FUSE_CREATE);
1029 			fdisp_destroy(fdip);
1030 			fdisp_make_mknod_for_fallback(fdip, cnp, dvp,
1031 				parentnid, td, cred, mode, &op);
1032 			err = fdisp_wait_answ(fdip);
1033 		}
1034 		if (err)
1035 			goto out;
1036 	}
1037 
1038 	feo = fdip->answ;
1039 
1040 	if ((err = fuse_internal_checkentry(feo, vap->va_type))) {
1041 		goto out;
1042 	}
1043 
1044 	if (op == FUSE_CREATE) {
1045 		if (fuse_libabi_geq(data, 7, 9))
1046 			foo = (struct fuse_open_out*)(feo + 1);
1047 		else
1048 			foo = (struct fuse_open_out*)((char*)feo +
1049 				FUSE_COMPAT_ENTRY_OUT_SIZE);
1050 	} else {
1051 		/* Issue a separate FUSE_OPEN */
1052 		struct fuse_open_in *foi;
1053 
1054 		fdip2 = &fdi2;
1055 		fdisp_init(fdip2, sizeof(*foi));
1056 		fdisp_make(fdip2, FUSE_OPEN, vnode_mount(dvp), feo->nodeid, td,
1057 			cred);
1058 		foi = fdip2->indata;
1059 		foi->flags = flags;
1060 		err = fdisp_wait_answ(fdip2);
1061 		if (err)
1062 			goto out;
1063 		foo = fdip2->answ;
1064 	}
1065 	err = fuse_vnode_get(mp, feo, feo->nodeid, dvp, vpp, cnp, vap->va_type);
1066 	if (err) {
1067 		struct fuse_release_in *fri;
1068 		uint64_t nodeid = feo->nodeid;
1069 		uint64_t fh_id = foo->fh;
1070 
1071 		fdisp_init(fdip, sizeof(*fri));
1072 		fdisp_make(fdip, FUSE_RELEASE, mp, nodeid, td, cred);
1073 		fri = fdip->indata;
1074 		fri->fh = fh_id;
1075 		fri->flags = flags;
1076 		fuse_insert_callback(fdip->tick, fuse_internal_forget_callback);
1077 		fuse_insert_message(fdip->tick, false);
1078 		goto out;
1079 	}
1080 	ASSERT_VOP_ELOCKED(*vpp, "fuse_vnop_create");
1081 	fuse_internal_cache_attrs(*vpp, &feo->attr, feo->attr_valid,
1082 		feo->attr_valid_nsec, NULL, true);
1083 
1084 	fuse_filehandle_init(*vpp, FUFH_RDWR, NULL, td, cred, foo);
1085 	fuse_vnode_open(*vpp, foo->open_flags, td);
1086 	/*
1087 	 * Purge the parent's attribute cache because the daemon should've
1088 	 * updated its mtime and ctime
1089 	 */
1090 	fuse_vnode_clear_attr_cache(dvp);
1091 	cache_purge_negative(dvp);
1092 
1093 out:
1094 	if (fdip2)
1095 		fdisp_destroy(fdip2);
1096 	fdisp_destroy(fdip);
1097 	return err;
1098 }
1099 
1100 /*
1101     struct vnop_fdatasync_args {
1102 	struct vop_generic_args a_gen;
1103 	struct vnode * a_vp;
1104 	struct thread * a_td;
1105     };
1106 */
1107 static int
1108 fuse_vnop_fdatasync(struct vop_fdatasync_args *ap)
1109 {
1110 	struct vnode *vp = ap->a_vp;
1111 	struct thread *td = ap->a_td;
1112 	int waitfor = MNT_WAIT;
1113 
1114 	int err = 0;
1115 
1116 	if (fuse_isdeadfs(vp)) {
1117 		return 0;
1118 	}
1119 	if ((err = vop_stdfdatasync_buf(ap)))
1120 		return err;
1121 
1122 	return fuse_internal_fsync(vp, td, waitfor, true);
1123 }
1124 
1125 /*
1126     struct vnop_fsync_args {
1127 	struct vop_generic_args a_gen;
1128 	struct vnode * a_vp;
1129 	int  a_waitfor;
1130 	struct thread * a_td;
1131     };
1132 */
1133 static int
1134 fuse_vnop_fsync(struct vop_fsync_args *ap)
1135 {
1136 	struct vnode *vp = ap->a_vp;
1137 	struct thread *td = ap->a_td;
1138 	int waitfor = ap->a_waitfor;
1139 	int err = 0;
1140 
1141 	if (fuse_isdeadfs(vp)) {
1142 		return 0;
1143 	}
1144 	if ((err = vop_stdfsync(ap)))
1145 		return err;
1146 
1147 	return fuse_internal_fsync(vp, td, waitfor, false);
1148 }
1149 
1150 /*
1151     struct vnop_getattr_args {
1152 	struct vnode *a_vp;
1153 	struct vattr *a_vap;
1154 	struct ucred *a_cred;
1155 	struct thread *a_td;
1156     };
1157 */
1158 static int
1159 fuse_vnop_getattr(struct vop_getattr_args *ap)
1160 {
1161 	struct vnode *vp = ap->a_vp;
1162 	struct vattr *vap = ap->a_vap;
1163 	struct ucred *cred = ap->a_cred;
1164 	struct thread *td = curthread;
1165 
1166 	int err = 0;
1167 	int dataflags;
1168 
1169 	dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags;
1170 
1171 	/* Note that we are not bailing out on a dead file system just yet. */
1172 
1173 	if (!(dataflags & FSESS_INITED)) {
1174 		if (!vnode_isvroot(vp)) {
1175 			fdata_set_dead(fuse_get_mpdata(vnode_mount(vp)));
1176 			err = ENOTCONN;
1177 			return err;
1178 		} else {
1179 			goto fake;
1180 		}
1181 	}
1182 	err = fuse_internal_getattr(vp, vap, cred, td);
1183 	if (err == ENOTCONN && vnode_isvroot(vp)) {
1184 		/* see comment in fuse_vfsop_statfs() */
1185 		goto fake;
1186 	} else {
1187 		return err;
1188 	}
1189 
1190 fake:
1191 	bzero(vap, sizeof(*vap));
1192 	vap->va_type = vnode_vtype(vp);
1193 
1194 	return 0;
1195 }
1196 
1197 /*
1198     struct vnop_inactive_args {
1199 	struct vnode *a_vp;
1200     };
1201 */
1202 static int
1203 fuse_vnop_inactive(struct vop_inactive_args *ap)
1204 {
1205 	struct vnode *vp = ap->a_vp;
1206 	struct thread *td = curthread;
1207 
1208 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
1209 	struct fuse_filehandle *fufh, *fufh_tmp;
1210 
1211 	int need_flush = 1;
1212 
1213 	LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) {
1214 		if (need_flush && vp->v_type == VREG) {
1215 			if ((VTOFUD(vp)->flag & FN_SIZECHANGE) != 0) {
1216 				fuse_vnode_savesize(vp, NULL, 0);
1217 			}
1218 			if ((fvdat->flag & FN_REVOKED) != 0)
1219 				fuse_io_invalbuf(vp, td);
1220 			else
1221 				fuse_io_flushbuf(vp, MNT_WAIT, td);
1222 			need_flush = 0;
1223 		}
1224 		fuse_filehandle_close(vp, fufh, td, NULL);
1225 	}
1226 
1227 	if ((fvdat->flag & FN_REVOKED) != 0)
1228 		vrecycle(vp);
1229 
1230 	return 0;
1231 }
1232 
1233 /*
1234     struct vnop_ioctl_args {
1235 	struct vnode *a_vp;
1236 	u_long a_command;
1237 	caddr_t a_data;
1238 	int a_fflag;
1239 	struct ucred *a_cred;
1240 	struct thread *a_td;
1241     };
1242 */
1243 static int
1244 fuse_vnop_ioctl(struct vop_ioctl_args *ap)
1245 {
1246 	struct vnode *vp = ap->a_vp;
1247 	struct mount *mp = vnode_mount(vp);
1248 	struct ucred *cred = ap->a_cred;
1249 	off_t *offp;
1250 	pid_t pid = ap->a_td->td_proc->p_pid;
1251 	int err;
1252 
1253 	switch (ap->a_command) {
1254 	case FIOSEEKDATA:
1255 	case FIOSEEKHOLE:
1256 		/* Call FUSE_LSEEK, if we can, or fall back to vop_stdioctl */
1257 		if (fsess_maybe_impl(mp, FUSE_LSEEK)) {
1258 			int whence;
1259 
1260 			offp = ap->a_data;
1261 			if (ap->a_command == FIOSEEKDATA)
1262 				whence = SEEK_DATA;
1263 			else
1264 				whence = SEEK_HOLE;
1265 
1266 			vn_lock(vp, LK_SHARED | LK_RETRY);
1267 			err = fuse_vnop_do_lseek(vp, ap->a_td, cred, pid, offp,
1268 			    whence);
1269 			VOP_UNLOCK(vp);
1270 		}
1271 		if (fsess_not_impl(mp, FUSE_LSEEK))
1272 			err = vop_stdioctl(ap);
1273 		break;
1274 	default:
1275 		/* TODO: implement FUSE_IOCTL */
1276 		err = ENOTTY;
1277 		break;
1278 	}
1279 	return (err);
1280 }
1281 
1282 
1283 /*
1284     struct vnop_link_args {
1285 	struct vnode *a_tdvp;
1286 	struct vnode *a_vp;
1287 	struct componentname *a_cnp;
1288     };
1289 */
1290 static int
1291 fuse_vnop_link(struct vop_link_args *ap)
1292 {
1293 	struct vnode *vp = ap->a_vp;
1294 	struct vnode *tdvp = ap->a_tdvp;
1295 	struct componentname *cnp = ap->a_cnp;
1296 
1297 	struct vattr *vap = VTOVA(vp);
1298 
1299 	struct fuse_dispatcher fdi;
1300 	struct fuse_entry_out *feo;
1301 	struct fuse_link_in fli;
1302 
1303 	int err;
1304 
1305 	if (fuse_isdeadfs(vp)) {
1306 		return ENXIO;
1307 	}
1308 	if (vnode_mount(tdvp) != vnode_mount(vp)) {
1309 		return EXDEV;
1310 	}
1311 
1312 	/*
1313 	 * This is a seatbelt check to protect naive userspace filesystems from
1314 	 * themselves and the limitations of the FUSE IPC protocol.  If a
1315 	 * filesystem does not allow attribute caching, assume it is capable of
1316 	 * validating that nlink does not overflow.
1317 	 */
1318 	if (vap != NULL && vap->va_nlink >= FUSE_LINK_MAX)
1319 		return EMLINK;
1320 	fli.oldnodeid = VTOI(vp);
1321 
1322 	fdisp_init(&fdi, 0);
1323 	fuse_internal_newentry_makerequest(vnode_mount(tdvp), VTOI(tdvp), cnp,
1324 	    FUSE_LINK, &fli, sizeof(fli), &fdi);
1325 	if ((err = fdisp_wait_answ(&fdi))) {
1326 		goto out;
1327 	}
1328 	feo = fdi.answ;
1329 
1330 	if (fli.oldnodeid != feo->nodeid) {
1331 		struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp));
1332 		fuse_warn(data, FSESS_WARN_ILLEGAL_INODE,
1333 			"Assigned wrong inode for a hard link.");
1334 		fuse_vnode_clear_attr_cache(vp);
1335 		fuse_vnode_clear_attr_cache(tdvp);
1336 		err = EIO;
1337 		goto out;
1338 	}
1339 
1340 	err = fuse_internal_checkentry(feo, vnode_vtype(vp));
1341 	if (!err) {
1342 		/*
1343 		 * Purge the parent's attribute cache because the daemon
1344 		 * should've updated its mtime and ctime
1345 		 */
1346 		fuse_vnode_clear_attr_cache(tdvp);
1347 		fuse_internal_cache_attrs(vp, &feo->attr, feo->attr_valid,
1348 			feo->attr_valid_nsec, NULL, true);
1349 	}
1350 out:
1351 	fdisp_destroy(&fdi);
1352 	return err;
1353 }
1354 
1355 struct fuse_lookup_alloc_arg {
1356 	struct fuse_entry_out *feo;
1357 	struct componentname *cnp;
1358 	uint64_t nid;
1359 	enum vtype vtyp;
1360 };
1361 
1362 /* Callback for vn_get_ino */
1363 static int
1364 fuse_lookup_alloc(struct mount *mp, void *arg, int lkflags, struct vnode **vpp)
1365 {
1366 	struct fuse_lookup_alloc_arg *flaa = arg;
1367 
1368 	return fuse_vnode_get(mp, flaa->feo, flaa->nid, NULL, vpp, flaa->cnp,
1369 		flaa->vtyp);
1370 }
1371 
1372 SDT_PROBE_DEFINE3(fusefs, , vnops, cache_lookup,
1373 	"int", "struct timespec*", "struct timespec*");
1374 /*
1375     struct vnop_lookup_args {
1376 	struct vnodeop_desc *a_desc;
1377 	struct vnode *a_dvp;
1378 	struct vnode **a_vpp;
1379 	struct componentname *a_cnp;
1380     };
1381 */
1382 int
1383 fuse_vnop_lookup(struct vop_lookup_args *ap)
1384 {
1385 	struct vnode *dvp = ap->a_dvp;
1386 	struct vnode **vpp = ap->a_vpp;
1387 	struct componentname *cnp = ap->a_cnp;
1388 	struct thread *td = curthread;
1389 	struct ucred *cred = cnp->cn_cred;
1390 	struct timespec now;
1391 
1392 	int nameiop = cnp->cn_nameiop;
1393 	int flags = cnp->cn_flags;
1394 	int wantparent = flags & (LOCKPARENT | WANTPARENT);
1395 	int islastcn = flags & ISLASTCN;
1396 	struct mount *mp = vnode_mount(dvp);
1397 	struct fuse_data *data = fuse_get_mpdata(mp);
1398 	int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS;
1399 	bool is_dot;
1400 
1401 	int err = 0;
1402 	int lookup_err = 0;
1403 	struct vnode *vp = NULL;
1404 
1405 	struct fuse_dispatcher fdi;
1406 	bool did_lookup = false;
1407 	struct fuse_entry_out *feo = NULL;
1408 	enum vtype vtyp;	/* vnode type of target */
1409 
1410 	uint64_t nid;
1411 
1412 	if (fuse_isdeadfs(dvp)) {
1413 		*vpp = NULL;
1414 		return ENXIO;
1415 	}
1416 	if (!vnode_isdir(dvp))
1417 		return ENOTDIR;
1418 
1419 	if (islastcn && vfs_isrdonly(mp) && (nameiop != LOOKUP))
1420 		return EROFS;
1421 
1422 	if ((cnp->cn_flags & NOEXECCHECK) != 0)
1423 		cnp->cn_flags &= ~NOEXECCHECK;
1424 	else if ((err = fuse_internal_access(dvp, VEXEC, td, cred)))
1425 		return err;
1426 
1427 	is_dot = cnp->cn_namelen == 1 && *(cnp->cn_nameptr) == '.';
1428 	if ((flags & ISDOTDOT) && !(data->dataflags & FSESS_EXPORT_SUPPORT))
1429 	{
1430 		if (!(VTOFUD(dvp)->flag & FN_PARENT_NID)) {
1431 			/*
1432 			 * Since the file system doesn't support ".." lookups,
1433 			 * we have no way to find this entry.
1434 			 */
1435 			return ESTALE;
1436 		}
1437 		nid = VTOFUD(dvp)->parent_nid;
1438 		if (nid == 0)
1439 			return ENOENT;
1440 		/* .. is obviously a directory */
1441 		vtyp = VDIR;
1442 	} else if (is_dot) {
1443 		nid = VTOI(dvp);
1444 		/* . is obviously a directory */
1445 		vtyp = VDIR;
1446 	} else {
1447 		struct timespec timeout;
1448 		int ncpticks; /* here to accommodate for API contract */
1449 
1450 		err = cache_lookup(dvp, vpp, cnp, &timeout, &ncpticks);
1451 		getnanouptime(&now);
1452 		SDT_PROBE3(fusefs, , vnops, cache_lookup, err, &timeout, &now);
1453 		switch (err) {
1454 		case -1:		/* positive match */
1455 			if (timespeccmp(&timeout, &now, >)) {
1456 				counter_u64_add(fuse_lookup_cache_hits, 1);
1457 			} else {
1458 				/* Cache timeout */
1459 				counter_u64_add(fuse_lookup_cache_misses, 1);
1460 				bintime_clear(
1461 					&VTOFUD(*vpp)->entry_cache_timeout);
1462 				cache_purge(*vpp);
1463 				if (dvp != *vpp)
1464 					vput(*vpp);
1465 				else
1466 					vrele(*vpp);
1467 				*vpp = NULL;
1468 				break;
1469 			}
1470 			return 0;
1471 
1472 		case 0:		/* no match in cache */
1473 			counter_u64_add(fuse_lookup_cache_misses, 1);
1474 			break;
1475 
1476 		case ENOENT:		/* negative match */
1477 			if (timespeccmp(&timeout, &now, <=)) {
1478 				/* Cache timeout */
1479 				cache_purge_negative(dvp);
1480 				break;
1481 			}
1482 			/* fall through */
1483 		default:
1484 			return err;
1485 		}
1486 
1487 		fdisp_init(&fdi, cnp->cn_namelen + 1);
1488 		fdisp_make(&fdi, FUSE_LOOKUP, mp, VTOI(dvp), td, cred);
1489 
1490 		memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen);
1491 		((char *)fdi.indata)[cnp->cn_namelen] = '\0';
1492 		lookup_err = fdisp_wait_answ(&fdi);
1493 		did_lookup = true;
1494 
1495 		if (!lookup_err) {
1496 			/* lookup call succeeded */
1497 			feo = (struct fuse_entry_out *)fdi.answ;
1498 			nid = feo->nodeid;
1499 			if (nid == 0) {
1500 				/* zero nodeid means ENOENT and cache it */
1501 				struct timespec timeout;
1502 
1503 				fdi.answ_stat = ENOENT;
1504 				lookup_err = ENOENT;
1505 				if (cnp->cn_flags & MAKEENTRY) {
1506 					fuse_validity_2_timespec(feo, &timeout);
1507 					/* Use the same entry_time for .. as for
1508 					 * the file itself.  That doesn't honor
1509 					 * exactly what the fuse server tells
1510 					 * us, but to do otherwise would require
1511 					 * another cache lookup at this point.
1512 					 */
1513 					struct timespec *dtsp = NULL;
1514 					cache_enter_time(dvp, *vpp, cnp,
1515 						&timeout, dtsp);
1516 				}
1517 			}
1518 			vtyp = IFTOVT(feo->attr.mode);
1519 		}
1520 		if (lookup_err && (!fdi.answ_stat || lookup_err != ENOENT)) {
1521 			fdisp_destroy(&fdi);
1522 			return lookup_err;
1523 		}
1524 	}
1525 	/* lookup_err, if non-zero, must be ENOENT at this point */
1526 
1527 	if (lookup_err) {
1528 		/* Entry not found */
1529 		if ((nameiop == CREATE || nameiop == RENAME) && islastcn) {
1530 			if (default_permissions)
1531 				err = fuse_internal_access(dvp, VWRITE, td,
1532 				    cred);
1533 			else
1534 				err = 0;
1535 			if (!err) {
1536 				/*
1537 				 * Set the SAVENAME flag to hold onto the
1538 				 * pathname for use later in VOP_CREATE or
1539 				 * VOP_RENAME.
1540 				 */
1541 				cnp->cn_flags |= SAVENAME;
1542 
1543 				err = EJUSTRETURN;
1544 			}
1545 		} else {
1546 			err = ENOENT;
1547 		}
1548 	} else {
1549 		/* Entry was found */
1550 		if (flags & ISDOTDOT) {
1551 			struct fuse_lookup_alloc_arg flaa;
1552 
1553 			flaa.nid = nid;
1554 			flaa.feo = feo;
1555 			flaa.cnp = cnp;
1556 			flaa.vtyp = vtyp;
1557 			err = vn_vget_ino_gen(dvp, fuse_lookup_alloc, &flaa, 0,
1558 				&vp);
1559 			*vpp = vp;
1560 		} else if (nid == VTOI(dvp)) {
1561 			if (is_dot) {
1562 				vref(dvp);
1563 				*vpp = dvp;
1564 			} else {
1565 				fuse_warn(fuse_get_mpdata(mp),
1566 				    FSESS_WARN_ILLEGAL_INODE,
1567 				    "Assigned same inode to both parent and "
1568 				    "child.");
1569 				err = EIO;
1570 			}
1571 
1572 		} else {
1573 			struct fuse_vnode_data *fvdat;
1574 
1575 			err = fuse_vnode_get(vnode_mount(dvp), feo, nid, dvp,
1576 			    &vp, cnp, vtyp);
1577 			if (err)
1578 				goto out;
1579 			*vpp = vp;
1580 			fvdat = VTOFUD(vp);
1581 
1582 			MPASS(feo != NULL);
1583 			if (timespeccmp(&now, &fvdat->last_local_modify, >)) {
1584 				/*
1585 				 * Attributes from the server are definitely
1586 				 * newer than the last attributes we sent to
1587 				 * the server, so cache them.
1588 				 */
1589 				fuse_internal_cache_attrs(*vpp, &feo->attr,
1590 					feo->attr_valid, feo->attr_valid_nsec,
1591 					NULL, true);
1592 			}
1593 			fuse_validity_2_bintime(feo->entry_valid,
1594 				feo->entry_valid_nsec,
1595 				&fvdat->entry_cache_timeout);
1596 
1597 			if ((nameiop == DELETE || nameiop == RENAME) &&
1598 				islastcn && default_permissions)
1599 			{
1600 				struct vattr dvattr;
1601 
1602 				err = fuse_internal_access(dvp, VWRITE, td,
1603 					cred);
1604 				if (err != 0)
1605 					goto out;
1606 				/*
1607 				 * if the parent's sticky bit is set, check
1608 				 * whether we're allowed to remove the file.
1609 				 * Need to figure out the vnode locking to make
1610 				 * this work.
1611 				 */
1612 				fuse_internal_getattr(dvp, &dvattr, cred, td);
1613 				if ((dvattr.va_mode & S_ISTXT) &&
1614 					fuse_internal_access(dvp, VADMIN, td,
1615 						cred) &&
1616 					fuse_internal_access(*vpp, VADMIN, td,
1617 						cred)) {
1618 					err = EPERM;
1619 					goto out;
1620 				}
1621 			}
1622 
1623 			if (islastcn && (
1624 				(nameiop == DELETE) ||
1625 				(nameiop == RENAME && wantparent))) {
1626 				cnp->cn_flags |= SAVENAME;
1627 			}
1628 		}
1629 	}
1630 out:
1631 	if (err) {
1632 		if (vp != NULL && dvp != vp)
1633 			vput(vp);
1634 		else if (vp != NULL)
1635 			vrele(vp);
1636 		*vpp = NULL;
1637 	}
1638 	if (did_lookup)
1639 		fdisp_destroy(&fdi);
1640 
1641 	return err;
1642 }
1643 
1644 /*
1645     struct vnop_mkdir_args {
1646 	struct vnode *a_dvp;
1647 	struct vnode **a_vpp;
1648 	struct componentname *a_cnp;
1649 	struct vattr *a_vap;
1650     };
1651 */
1652 static int
1653 fuse_vnop_mkdir(struct vop_mkdir_args *ap)
1654 {
1655 	struct vnode *dvp = ap->a_dvp;
1656 	struct vnode **vpp = ap->a_vpp;
1657 	struct componentname *cnp = ap->a_cnp;
1658 	struct vattr *vap = ap->a_vap;
1659 
1660 	struct fuse_mkdir_in fmdi;
1661 
1662 	if (fuse_isdeadfs(dvp)) {
1663 		return ENXIO;
1664 	}
1665 	fmdi.mode = MAKEIMODE(vap->va_type, vap->va_mode);
1666 	fmdi.umask = curthread->td_proc->p_pd->pd_cmask;
1667 
1668 	return (fuse_internal_newentry(dvp, vpp, cnp, FUSE_MKDIR, &fmdi,
1669 	    sizeof(fmdi), VDIR));
1670 }
1671 
1672 /*
1673     struct vnop_mknod_args {
1674 	struct vnode *a_dvp;
1675 	struct vnode **a_vpp;
1676 	struct componentname *a_cnp;
1677 	struct vattr *a_vap;
1678     };
1679 */
1680 static int
1681 fuse_vnop_mknod(struct vop_mknod_args *ap)
1682 {
1683 
1684 	struct vnode *dvp = ap->a_dvp;
1685 	struct vnode **vpp = ap->a_vpp;
1686 	struct componentname *cnp = ap->a_cnp;
1687 	struct vattr *vap = ap->a_vap;
1688 
1689 	if (fuse_isdeadfs(dvp))
1690 		return ENXIO;
1691 
1692 	return fuse_internal_mknod(dvp, vpp, cnp, vap);
1693 }
1694 
1695 /*
1696     struct vop_open_args {
1697 	struct vnode *a_vp;
1698 	int  a_mode;
1699 	struct ucred *a_cred;
1700 	struct thread *a_td;
1701 	int a_fdidx; / struct file *a_fp;
1702     };
1703 */
1704 static int
1705 fuse_vnop_open(struct vop_open_args *ap)
1706 {
1707 	struct vnode *vp = ap->a_vp;
1708 	int a_mode = ap->a_mode;
1709 	struct thread *td = ap->a_td;
1710 	struct ucred *cred = ap->a_cred;
1711 	pid_t pid = td->td_proc->p_pid;
1712 
1713 	if (fuse_isdeadfs(vp))
1714 		return ENXIO;
1715 	if (vp->v_type == VCHR || vp->v_type == VBLK || vp->v_type == VFIFO)
1716 		return (EOPNOTSUPP);
1717 	if ((a_mode & (FREAD | FWRITE | FEXEC)) == 0)
1718 		return EINVAL;
1719 
1720 	if (fuse_filehandle_validrw(vp, a_mode, cred, pid)) {
1721 		fuse_vnode_open(vp, 0, td);
1722 		return 0;
1723 	}
1724 
1725 	return fuse_filehandle_open(vp, a_mode, NULL, td, cred);
1726 }
1727 
1728 static int
1729 fuse_vnop_pathconf(struct vop_pathconf_args *ap)
1730 {
1731 	struct vnode *vp = ap->a_vp;
1732 	struct mount *mp;
1733 
1734 	switch (ap->a_name) {
1735 	case _PC_FILESIZEBITS:
1736 		*ap->a_retval = 64;
1737 		return (0);
1738 	case _PC_NAME_MAX:
1739 		*ap->a_retval = NAME_MAX;
1740 		return (0);
1741 	case _PC_LINK_MAX:
1742 		*ap->a_retval = MIN(LONG_MAX, FUSE_LINK_MAX);
1743 		return (0);
1744 	case _PC_SYMLINK_MAX:
1745 		*ap->a_retval = MAXPATHLEN;
1746 		return (0);
1747 	case _PC_NO_TRUNC:
1748 		*ap->a_retval = 1;
1749 		return (0);
1750 	case _PC_MIN_HOLE_SIZE:
1751 		/*
1752 		 * The FUSE protocol provides no mechanism for a server to
1753 		 * report _PC_MIN_HOLE_SIZE.  It's a protocol bug.  Instead,
1754 		 * return EINVAL if the server does not support FUSE_LSEEK, or
1755 		 * 1 if it does.
1756 		 */
1757 		mp = vnode_mount(vp);
1758 		if (!fsess_is_impl(mp, FUSE_LSEEK) &&
1759 		    !fsess_not_impl(mp, FUSE_LSEEK)) {
1760 			off_t offset = 0;
1761 
1762 			/* Issue a FUSE_LSEEK to find out if it's implemented */
1763 			fuse_vnop_do_lseek(vp, curthread, curthread->td_ucred,
1764 			    curthread->td_proc->p_pid, &offset, SEEK_DATA);
1765 		}
1766 
1767 		if (fsess_is_impl(mp, FUSE_LSEEK)) {
1768 			*ap->a_retval = 1;
1769 			return (0);
1770 		} else {
1771 			/*
1772 			 * Probably FUSE_LSEEK is not implemented.  It might
1773 			 * be, if the FUSE_LSEEK above returned an error like
1774 			 * EACCES, but in that case we can't tell, so it's
1775 			 * safest to report EINVAL anyway.
1776 			 */
1777 			return (EINVAL);
1778 		}
1779 	default:
1780 		return (vop_stdpathconf(ap));
1781 	}
1782 }
1783 
1784 SDT_PROBE_DEFINE3(fusefs, , vnops, filehandles_closed, "struct vnode*",
1785     "struct uio*", "struct ucred*");
1786 /*
1787     struct vnop_read_args {
1788 	struct vnode *a_vp;
1789 	struct uio *a_uio;
1790 	int  a_ioflag;
1791 	struct ucred *a_cred;
1792     };
1793 */
1794 static int
1795 fuse_vnop_read(struct vop_read_args *ap)
1796 {
1797 	struct vnode *vp = ap->a_vp;
1798 	struct uio *uio = ap->a_uio;
1799 	int ioflag = ap->a_ioflag;
1800 	struct ucred *cred = ap->a_cred;
1801 	pid_t pid = curthread->td_proc->p_pid;
1802 	struct fuse_filehandle *fufh;
1803 	int err;
1804 	bool closefufh = false, directio;
1805 
1806 	MPASS(vp->v_type == VREG || vp->v_type == VDIR);
1807 
1808 	if (fuse_isdeadfs(vp)) {
1809 		return ENXIO;
1810 	}
1811 
1812 	if (VTOFUD(vp)->flag & FN_DIRECTIO) {
1813 		ioflag |= IO_DIRECT;
1814 	}
1815 
1816 	err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid);
1817 	if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) {
1818 		/*
1819 		 * nfsd will do I/O without first doing VOP_OPEN.  We
1820 		 * must implicitly open the file here
1821 		 */
1822 		err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred);
1823 		closefufh = true;
1824 	}
1825 	if (err) {
1826 		SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred);
1827 		return err;
1828 	}
1829 
1830 	/*
1831          * Ideally, when the daemon asks for direct io at open time, the
1832          * standard file flag should be set according to this, so that would
1833          * just change the default mode, which later on could be changed via
1834          * fcntl(2).
1835          * But this doesn't work, the O_DIRECT flag gets cleared at some point
1836          * (don't know where). So to make any use of the Fuse direct_io option,
1837          * we hardwire it into the file's private data (similarly to Linux,
1838          * btw.).
1839          */
1840 	directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp));
1841 
1842 	fuse_vnode_update(vp, FN_ATIMECHANGE);
1843 	if (directio) {
1844 		SDT_PROBE2(fusefs, , vnops, trace, 1, "direct read of vnode");
1845 		err = fuse_read_directbackend(vp, uio, cred, fufh);
1846 	} else {
1847 		SDT_PROBE2(fusefs, , vnops, trace, 1, "buffered read of vnode");
1848 		err = fuse_read_biobackend(vp, uio, ioflag, cred, fufh, pid);
1849 	}
1850 
1851 	if (closefufh)
1852 		fuse_filehandle_close(vp, fufh, curthread, cred);
1853 
1854 	return (err);
1855 }
1856 
1857 /*
1858     struct vnop_readdir_args {
1859 	struct vnode *a_vp;
1860 	struct uio *a_uio;
1861 	struct ucred *a_cred;
1862 	int *a_eofflag;
1863 	int *a_ncookies;
1864 	uint64_t **a_cookies;
1865     };
1866 */
1867 static int
1868 fuse_vnop_readdir(struct vop_readdir_args *ap)
1869 {
1870 	struct vnode *vp = ap->a_vp;
1871 	struct uio *uio = ap->a_uio;
1872 	struct ucred *cred = ap->a_cred;
1873 	struct fuse_filehandle *fufh = NULL;
1874 	struct mount *mp = vnode_mount(vp);
1875 	struct fuse_iov cookediov;
1876 	int err = 0;
1877 	uint64_t *cookies;
1878 	ssize_t tresid;
1879 	int ncookies;
1880 	bool closefufh = false;
1881 	pid_t pid = curthread->td_proc->p_pid;
1882 
1883 	if (ap->a_eofflag)
1884 		*ap->a_eofflag = 0;
1885 	if (fuse_isdeadfs(vp)) {
1886 		return ENXIO;
1887 	}
1888 	if (				/* XXXIP ((uio_iovcnt(uio) > 1)) || */
1889 	    (uio_resid(uio) < sizeof(struct dirent))) {
1890 		return EINVAL;
1891 	}
1892 
1893 	tresid = uio->uio_resid;
1894 	err = fuse_filehandle_get_dir(vp, &fufh, cred, pid);
1895 	if (err == EBADF && mp->mnt_flag & MNT_EXPORTED) {
1896 		KASSERT(fuse_get_mpdata(mp)->dataflags
1897 				& FSESS_NO_OPENDIR_SUPPORT,
1898 			("FUSE file systems that don't set "
1899 			 "FUSE_NO_OPENDIR_SUPPORT should not be exported"));
1900 		/*
1901 		 * nfsd will do VOP_READDIR without first doing VOP_OPEN.  We
1902 		 * must implicitly open the directory here.
1903 		 */
1904 		err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred);
1905 		closefufh = true;
1906 	}
1907 	if (err)
1908 		return (err);
1909 	if (ap->a_ncookies != NULL) {
1910 		ncookies = uio->uio_resid /
1911 			(offsetof(struct dirent, d_name) + 4) + 1;
1912 		cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK);
1913 		*ap->a_ncookies = ncookies;
1914 		*ap->a_cookies = cookies;
1915 	} else {
1916 		ncookies = 0;
1917 		cookies = NULL;
1918 	}
1919 #define DIRCOOKEDSIZE FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + MAXNAMLEN + 1)
1920 	fiov_init(&cookediov, DIRCOOKEDSIZE);
1921 
1922 	err = fuse_internal_readdir(vp, uio, fufh, &cookediov,
1923 		&ncookies, cookies);
1924 
1925 	fiov_teardown(&cookediov);
1926 	if (closefufh)
1927 		fuse_filehandle_close(vp, fufh, curthread, cred);
1928 
1929 	if (ap->a_ncookies != NULL) {
1930 		if (err == 0) {
1931 			*ap->a_ncookies -= ncookies;
1932 		} else {
1933 			free(*ap->a_cookies, M_TEMP);
1934 			*ap->a_ncookies = 0;
1935 			*ap->a_cookies = NULL;
1936 		}
1937 	}
1938 	if (err == 0 && tresid == uio->uio_resid)
1939 		*ap->a_eofflag = 1;
1940 
1941 	return err;
1942 }
1943 
1944 /*
1945     struct vnop_readlink_args {
1946 	struct vnode *a_vp;
1947 	struct uio *a_uio;
1948 	struct ucred *a_cred;
1949     };
1950 */
1951 static int
1952 fuse_vnop_readlink(struct vop_readlink_args *ap)
1953 {
1954 	struct vnode *vp = ap->a_vp;
1955 	struct uio *uio = ap->a_uio;
1956 	struct ucred *cred = ap->a_cred;
1957 
1958 	struct fuse_dispatcher fdi;
1959 	int err;
1960 
1961 	if (fuse_isdeadfs(vp)) {
1962 		return ENXIO;
1963 	}
1964 	if (!vnode_islnk(vp)) {
1965 		return EINVAL;
1966 	}
1967 	fdisp_init(&fdi, 0);
1968 	err = fdisp_simple_putget_vp(&fdi, FUSE_READLINK, vp, curthread, cred);
1969 	if (err) {
1970 		goto out;
1971 	}
1972 	if (((char *)fdi.answ)[0] == '/' &&
1973 	    fuse_get_mpdata(vnode_mount(vp))->dataflags & FSESS_PUSH_SYMLINKS_IN) {
1974 		char *mpth = vnode_mount(vp)->mnt_stat.f_mntonname;
1975 
1976 		err = uiomove(mpth, strlen(mpth), uio);
1977 	}
1978 	if (!err) {
1979 		err = uiomove(fdi.answ, fdi.iosize, uio);
1980 	}
1981 out:
1982 	fdisp_destroy(&fdi);
1983 	return err;
1984 }
1985 
1986 /*
1987     struct vnop_reclaim_args {
1988 	struct vnode *a_vp;
1989     };
1990 */
1991 static int
1992 fuse_vnop_reclaim(struct vop_reclaim_args *ap)
1993 {
1994 	struct vnode *vp = ap->a_vp;
1995 	struct thread *td = curthread;
1996 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
1997 	struct fuse_filehandle *fufh, *fufh_tmp;
1998 
1999 	if (!fvdat) {
2000 		panic("FUSE: no vnode data during recycling");
2001 	}
2002 	LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) {
2003 		printf("FUSE: vnode being reclaimed with open fufh "
2004 			"(type=%#x)", fufh->fufh_type);
2005 		fuse_filehandle_close(vp, fufh, td, NULL);
2006 	}
2007 
2008 	if (VTOI(vp) == 1) {
2009 		/*
2010 		 * Don't send FUSE_FORGET for the root inode, because
2011 		 * we never send FUSE_LOOKUP for it (see
2012 		 * fuse_vfsop_root) and we don't want the server to see
2013 		 * mismatched lookup counts.
2014 		 */
2015 		struct fuse_data *data;
2016 		struct vnode *vroot;
2017 
2018 		data = fuse_get_mpdata(vnode_mount(vp));
2019 		FUSE_LOCK();
2020 		vroot = data->vroot;
2021 		data->vroot = NULL;
2022 		FUSE_UNLOCK();
2023 		if (vroot)
2024 			vrele(vroot);
2025 	} else if (!fuse_isdeadfs(vp) && fvdat->nlookup > 0) {
2026 		fuse_internal_forget_send(vnode_mount(vp), td, NULL, VTOI(vp),
2027 		    fvdat->nlookup);
2028 	}
2029 	cache_purge(vp);
2030 	vfs_hash_remove(vp);
2031 	fuse_vnode_destroy(vp);
2032 
2033 	return 0;
2034 }
2035 
2036 /*
2037     struct vnop_remove_args {
2038 	struct vnode *a_dvp;
2039 	struct vnode *a_vp;
2040 	struct componentname *a_cnp;
2041     };
2042 */
2043 static int
2044 fuse_vnop_remove(struct vop_remove_args *ap)
2045 {
2046 	struct vnode *dvp = ap->a_dvp;
2047 	struct vnode *vp = ap->a_vp;
2048 	struct componentname *cnp = ap->a_cnp;
2049 
2050 	int err;
2051 
2052 	if (fuse_isdeadfs(vp)) {
2053 		return ENXIO;
2054 	}
2055 	if (vnode_isdir(vp)) {
2056 		return EPERM;
2057 	}
2058 
2059 	err = fuse_internal_remove(dvp, vp, cnp, FUSE_UNLINK);
2060 
2061 	return err;
2062 }
2063 
2064 /*
2065     struct vnop_rename_args {
2066 	struct vnode *a_fdvp;
2067 	struct vnode *a_fvp;
2068 	struct componentname *a_fcnp;
2069 	struct vnode *a_tdvp;
2070 	struct vnode *a_tvp;
2071 	struct componentname *a_tcnp;
2072     };
2073 */
2074 static int
2075 fuse_vnop_rename(struct vop_rename_args *ap)
2076 {
2077 	struct vnode *fdvp = ap->a_fdvp;
2078 	struct vnode *fvp = ap->a_fvp;
2079 	struct componentname *fcnp = ap->a_fcnp;
2080 	struct vnode *tdvp = ap->a_tdvp;
2081 	struct vnode *tvp = ap->a_tvp;
2082 	struct componentname *tcnp = ap->a_tcnp;
2083 	struct fuse_data *data;
2084 	bool newparent = fdvp != tdvp;
2085 	bool isdir = fvp->v_type == VDIR;
2086 	int err = 0;
2087 
2088 	if (fuse_isdeadfs(fdvp)) {
2089 		return ENXIO;
2090 	}
2091 	if (fvp->v_mount != tdvp->v_mount ||
2092 	    (tvp && fvp->v_mount != tvp->v_mount)) {
2093 		SDT_PROBE2(fusefs, , vnops, trace, 1, "cross-device rename");
2094 		err = EXDEV;
2095 		goto out;
2096 	}
2097 	cache_purge(fvp);
2098 
2099 	/*
2100 	 * FUSE library is expected to check if target directory is not
2101 	 * under the source directory in the file system tree.
2102 	 * Linux performs this check at VFS level.
2103 	 */
2104 	/*
2105 	 * If source is a directory, and it will get a new parent, user must
2106 	 * have write permission to it, so ".." can be modified.
2107 	 */
2108 	data = fuse_get_mpdata(vnode_mount(tdvp));
2109 	if (data->dataflags & FSESS_DEFAULT_PERMISSIONS && isdir && newparent) {
2110 		err = fuse_internal_access(fvp, VWRITE,
2111 			curthread, tcnp->cn_cred);
2112 		if (err)
2113 			goto out;
2114 	}
2115 	sx_xlock(&data->rename_lock);
2116 	err = fuse_internal_rename(fdvp, fcnp, tdvp, tcnp);
2117 	if (err == 0) {
2118 		if (tdvp != fdvp)
2119 			fuse_vnode_setparent(fvp, tdvp);
2120 		if (tvp != NULL)
2121 			fuse_vnode_setparent(tvp, NULL);
2122 	}
2123 	sx_unlock(&data->rename_lock);
2124 
2125 	if (tvp != NULL && tvp != fvp) {
2126 		cache_purge(tvp);
2127 	}
2128 	if (vnode_isdir(fvp)) {
2129 		if (((tvp != NULL) && vnode_isdir(tvp)) || vnode_isdir(fvp)) {
2130 			cache_purge(tdvp);
2131 		}
2132 		cache_purge(fdvp);
2133 	}
2134 out:
2135 	if (tdvp == tvp) {
2136 		vrele(tdvp);
2137 	} else {
2138 		vput(tdvp);
2139 	}
2140 	if (tvp != NULL) {
2141 		vput(tvp);
2142 	}
2143 	vrele(fdvp);
2144 	vrele(fvp);
2145 
2146 	return err;
2147 }
2148 
2149 /*
2150     struct vnop_rmdir_args {
2151 	    struct vnode *a_dvp;
2152 	    struct vnode *a_vp;
2153 	    struct componentname *a_cnp;
2154     } *ap;
2155 */
2156 static int
2157 fuse_vnop_rmdir(struct vop_rmdir_args *ap)
2158 {
2159 	struct vnode *dvp = ap->a_dvp;
2160 	struct vnode *vp = ap->a_vp;
2161 
2162 	int err;
2163 
2164 	if (fuse_isdeadfs(vp)) {
2165 		return ENXIO;
2166 	}
2167 	if (VTOFUD(vp) == VTOFUD(dvp)) {
2168 		return EINVAL;
2169 	}
2170 	err = fuse_internal_remove(dvp, vp, ap->a_cnp, FUSE_RMDIR);
2171 
2172 	return err;
2173 }
2174 
2175 /*
2176     struct vnop_setattr_args {
2177 	struct vnode *a_vp;
2178 	struct vattr *a_vap;
2179 	struct ucred *a_cred;
2180 	struct thread *a_td;
2181     };
2182 */
2183 static int
2184 fuse_vnop_setattr(struct vop_setattr_args *ap)
2185 {
2186 	struct vnode *vp = ap->a_vp;
2187 	struct vattr *vap = ap->a_vap;
2188 	struct ucred *cred = ap->a_cred;
2189 	struct thread *td = curthread;
2190 	struct mount *mp;
2191 	struct fuse_data *data;
2192 	struct vattr old_va;
2193 	int dataflags;
2194 	int err = 0, err2;
2195 	accmode_t accmode = 0;
2196 	bool checkperm;
2197 	bool drop_suid = false;
2198 	gid_t cr_gid;
2199 
2200 	mp = vnode_mount(vp);
2201 	data = fuse_get_mpdata(mp);
2202 	dataflags = data->dataflags;
2203 	checkperm = dataflags & FSESS_DEFAULT_PERMISSIONS;
2204 	if (cred->cr_ngroups > 0)
2205 		cr_gid = cred->cr_groups[0];
2206 	else
2207 		cr_gid = 0;
2208 
2209 	if (fuse_isdeadfs(vp)) {
2210 		return ENXIO;
2211 	}
2212 
2213 	if (vap->va_uid != (uid_t)VNOVAL) {
2214 		if (checkperm) {
2215 			/* Only root may change a file's owner */
2216 			err = priv_check_cred(cred, PRIV_VFS_CHOWN);
2217 			if (err) {
2218 				/* As a special case, allow the null chown */
2219 				err2 = fuse_internal_getattr(vp, &old_va, cred,
2220 					td);
2221 				if (err2)
2222 					return (err2);
2223 				if (vap->va_uid != old_va.va_uid)
2224 					return err;
2225 				else
2226 					accmode |= VADMIN;
2227 				drop_suid = true;
2228 			} else
2229 				accmode |= VADMIN;
2230 		} else
2231 			accmode |= VADMIN;
2232 	}
2233 	if (vap->va_gid != (gid_t)VNOVAL) {
2234 		if (checkperm && priv_check_cred(cred, PRIV_VFS_CHOWN))
2235 			drop_suid = true;
2236 		if (checkperm && !groupmember(vap->va_gid, cred))
2237 		{
2238 			/*
2239 			 * Non-root users may only chgrp to one of their own
2240 			 * groups
2241 			 */
2242 			err = priv_check_cred(cred, PRIV_VFS_CHOWN);
2243 			if (err) {
2244 				/* As a special case, allow the null chgrp */
2245 				err2 = fuse_internal_getattr(vp, &old_va, cred,
2246 					td);
2247 				if (err2)
2248 					return (err2);
2249 				if (vap->va_gid != old_va.va_gid)
2250 					return err;
2251 				accmode |= VADMIN;
2252 			} else
2253 				accmode |= VADMIN;
2254 		} else
2255 			accmode |= VADMIN;
2256 	}
2257 	if (vap->va_size != VNOVAL) {
2258 		switch (vp->v_type) {
2259 		case VDIR:
2260 			return (EISDIR);
2261 		case VLNK:
2262 		case VREG:
2263 			if (vfs_isrdonly(mp))
2264 				return (EROFS);
2265 			break;
2266 		default:
2267 			/*
2268 			 * According to POSIX, the result is unspecified
2269 			 * for file types other than regular files,
2270 			 * directories and shared memory objects.  We
2271 			 * don't support shared memory objects in the file
2272 			 * system, and have dubious support for truncating
2273 			 * symlinks.  Just ignore the request in other cases.
2274 			 */
2275 			return (0);
2276 		}
2277 		/* Don't set accmode.  Permission to trunc is checked upstack */
2278 	}
2279 	if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) {
2280 		if (vap->va_vaflags & VA_UTIMES_NULL)
2281 			accmode |= VWRITE;
2282 		else
2283 			accmode |= VADMIN;
2284 	}
2285 	if (drop_suid) {
2286 		if (vap->va_mode != (mode_t)VNOVAL)
2287 			vap->va_mode &= ~(S_ISUID | S_ISGID);
2288 		else {
2289 			err = fuse_internal_getattr(vp, &old_va, cred, td);
2290 			if (err)
2291 				return (err);
2292 			vap->va_mode = old_va.va_mode & ~(S_ISUID | S_ISGID);
2293 		}
2294 	}
2295 	if (vap->va_mode != (mode_t)VNOVAL) {
2296 		/* Only root may set the sticky bit on non-directories */
2297 		if (checkperm && vp->v_type != VDIR && (vap->va_mode & S_ISTXT)
2298 		    && priv_check_cred(cred, PRIV_VFS_STICKYFILE))
2299 			return EFTYPE;
2300 		if (checkperm && (vap->va_mode & S_ISGID)) {
2301 			err = fuse_internal_getattr(vp, &old_va, cred, td);
2302 			if (err)
2303 				return (err);
2304 			if (!groupmember(old_va.va_gid, cred)) {
2305 				err = priv_check_cred(cred, PRIV_VFS_SETGID);
2306 				if (err)
2307 					return (err);
2308 			}
2309 		}
2310 		accmode |= VADMIN;
2311 	}
2312 
2313 	if (vfs_isrdonly(mp))
2314 		return EROFS;
2315 
2316 	if (checkperm) {
2317 		err = fuse_internal_access(vp, accmode, td, cred);
2318 	} else {
2319 		err = 0;
2320 	}
2321 	if (err)
2322 		return err;
2323 	else
2324 		return fuse_internal_setattr(vp, vap, td, cred);
2325 }
2326 
2327 /*
2328     struct vnop_strategy_args {
2329 	struct vnode *a_vp;
2330 	struct buf *a_bp;
2331     };
2332 */
2333 static int
2334 fuse_vnop_strategy(struct vop_strategy_args *ap)
2335 {
2336 	struct vnode *vp = ap->a_vp;
2337 	struct buf *bp = ap->a_bp;
2338 
2339 	if (!vp || fuse_isdeadfs(vp)) {
2340 		bp->b_ioflags |= BIO_ERROR;
2341 		bp->b_error = ENXIO;
2342 		bufdone(bp);
2343 		return 0;
2344 	}
2345 
2346 	/*
2347 	 * VOP_STRATEGY always returns zero and signals error via bp->b_ioflags.
2348 	 * fuse_io_strategy sets bp's error fields
2349 	 */
2350 	(void)fuse_io_strategy(vp, bp);
2351 
2352 	return 0;
2353 }
2354 
2355 /*
2356     struct vnop_symlink_args {
2357 	struct vnode *a_dvp;
2358 	struct vnode **a_vpp;
2359 	struct componentname *a_cnp;
2360 	struct vattr *a_vap;
2361 	char *a_target;
2362     };
2363 */
2364 static int
2365 fuse_vnop_symlink(struct vop_symlink_args *ap)
2366 {
2367 	struct vnode *dvp = ap->a_dvp;
2368 	struct vnode **vpp = ap->a_vpp;
2369 	struct componentname *cnp = ap->a_cnp;
2370 	const char *target = ap->a_target;
2371 
2372 	struct fuse_dispatcher fdi;
2373 
2374 	int err;
2375 	size_t len;
2376 
2377 	if (fuse_isdeadfs(dvp)) {
2378 		return ENXIO;
2379 	}
2380 	/*
2381 	 * Unlike the other creator type calls, here we have to create a message
2382 	 * where the name of the new entry comes first, and the data describing
2383 	 * the entry comes second.
2384 	 * Hence we can't rely on our handy fuse_internal_newentry() routine,
2385 	 * but put together the message manually and just call the core part.
2386 	 */
2387 
2388 	len = strlen(target) + 1;
2389 	fdisp_init(&fdi, len + cnp->cn_namelen + 1);
2390 	fdisp_make_vp(&fdi, FUSE_SYMLINK, dvp, curthread, NULL);
2391 
2392 	memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen);
2393 	((char *)fdi.indata)[cnp->cn_namelen] = '\0';
2394 	memcpy((char *)fdi.indata + cnp->cn_namelen + 1, target, len);
2395 
2396 	err = fuse_internal_newentry_core(dvp, vpp, cnp, VLNK, &fdi);
2397 	fdisp_destroy(&fdi);
2398 	return err;
2399 }
2400 
2401 /*
2402     struct vnop_write_args {
2403 	struct vnode *a_vp;
2404 	struct uio *a_uio;
2405 	int  a_ioflag;
2406 	struct ucred *a_cred;
2407     };
2408 */
2409 static int
2410 fuse_vnop_write(struct vop_write_args *ap)
2411 {
2412 	struct vnode *vp = ap->a_vp;
2413 	struct uio *uio = ap->a_uio;
2414 	int ioflag = ap->a_ioflag;
2415 	struct ucred *cred = ap->a_cred;
2416 	pid_t pid = curthread->td_proc->p_pid;
2417 	struct fuse_filehandle *fufh;
2418 	int err;
2419 	bool closefufh = false, directio;
2420 
2421 	MPASS(vp->v_type == VREG || vp->v_type == VDIR);
2422 
2423 	if (fuse_isdeadfs(vp)) {
2424 		return ENXIO;
2425 	}
2426 
2427 	if (VTOFUD(vp)->flag & FN_DIRECTIO) {
2428 		ioflag |= IO_DIRECT;
2429 	}
2430 
2431 	err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid);
2432 	if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) {
2433 		/*
2434 		 * nfsd will do I/O without first doing VOP_OPEN.  We
2435 		 * must implicitly open the file here
2436 		 */
2437 		err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred);
2438 		closefufh = true;
2439 	}
2440 	if (err) {
2441 		SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred);
2442 		return err;
2443 	}
2444 
2445 	/*
2446          * Ideally, when the daemon asks for direct io at open time, the
2447          * standard file flag should be set according to this, so that would
2448          * just change the default mode, which later on could be changed via
2449          * fcntl(2).
2450          * But this doesn't work, the O_DIRECT flag gets cleared at some point
2451          * (don't know where). So to make any use of the Fuse direct_io option,
2452          * we hardwire it into the file's private data (similarly to Linux,
2453          * btw.).
2454          */
2455 	directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp));
2456 
2457 	fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE);
2458 	if (directio) {
2459 		off_t start, end, filesize;
2460 		bool pages = (ioflag & IO_VMIO) != 0;
2461 
2462 		SDT_PROBE2(fusefs, , vnops, trace, 1, "direct write of vnode");
2463 
2464 		err = fuse_vnode_size(vp, &filesize, cred, curthread);
2465 		if (err)
2466 			goto out;
2467 
2468 		start = uio->uio_offset;
2469 		end = start + uio->uio_resid;
2470 		if (!pages) {
2471 			err = fuse_inval_buf_range(vp, filesize, start,
2472 			    end);
2473 			if (err)
2474 				goto out;
2475 		}
2476 		err = fuse_write_directbackend(vp, uio, cred, fufh,
2477 			filesize, ioflag, pages);
2478 	} else {
2479 		SDT_PROBE2(fusefs, , vnops, trace, 1,
2480 			"buffered write of vnode");
2481 		if (!fsess_opt_writeback(vnode_mount(vp)))
2482 			ioflag |= IO_SYNC;
2483 		err = fuse_write_biobackend(vp, uio, cred, fufh, ioflag, pid);
2484 	}
2485 	fuse_internal_clear_suid_on_write(vp, cred, uio->uio_td);
2486 
2487 out:
2488 	if (closefufh)
2489 		fuse_filehandle_close(vp, fufh, curthread, cred);
2490 
2491 	return (err);
2492 }
2493 
2494 static daddr_t
2495 fuse_gbp_getblkno(struct vnode *vp, vm_ooffset_t off)
2496 {
2497 	const int biosize = fuse_iosize(vp);
2498 
2499 	return (off / biosize);
2500 }
2501 
2502 static int
2503 fuse_gbp_getblksz(struct vnode *vp, daddr_t lbn, long *blksz)
2504 {
2505 	off_t filesize;
2506 	int err;
2507 	const int biosize = fuse_iosize(vp);
2508 
2509 	err = fuse_vnode_size(vp, &filesize, NULL, NULL);
2510 	if (err) {
2511 		/* This will turn into a SIGBUS */
2512 		return (EIO);
2513 	} else if ((off_t)lbn * biosize >= filesize) {
2514 		*blksz = 0;
2515 	} else if ((off_t)(lbn + 1) * biosize > filesize) {
2516 		*blksz = filesize - (off_t)lbn *biosize;
2517 	} else {
2518 		*blksz = biosize;
2519 	}
2520 	return (0);
2521 }
2522 
2523 /*
2524     struct vnop_getpages_args {
2525 	struct vnode *a_vp;
2526 	vm_page_t *a_m;
2527 	int a_count;
2528 	int a_reqpage;
2529     };
2530 */
2531 static int
2532 fuse_vnop_getpages(struct vop_getpages_args *ap)
2533 {
2534 	struct vnode *vp = ap->a_vp;
2535 
2536 	if (!fsess_opt_mmap(vnode_mount(vp))) {
2537 		SDT_PROBE2(fusefs, , vnops, trace, 1,
2538 			"called on non-cacheable vnode??\n");
2539 		return (VM_PAGER_ERROR);
2540 	}
2541 
2542 	return (vfs_bio_getpages(vp, ap->a_m, ap->a_count, ap->a_rbehind,
2543 	    ap->a_rahead, fuse_gbp_getblkno, fuse_gbp_getblksz));
2544 }
2545 
2546 static const char extattr_namespace_separator = '.';
2547 
2548 /*
2549     struct vop_getextattr_args {
2550 	struct vop_generic_args a_gen;
2551 	struct vnode *a_vp;
2552 	int a_attrnamespace;
2553 	const char *a_name;
2554 	struct uio *a_uio;
2555 	size_t *a_size;
2556 	struct ucred *a_cred;
2557 	struct thread *a_td;
2558     };
2559 */
2560 static int
2561 fuse_vnop_getextattr(struct vop_getextattr_args *ap)
2562 {
2563 	struct vnode *vp = ap->a_vp;
2564 	struct uio *uio = ap->a_uio;
2565 	struct fuse_dispatcher fdi;
2566 	struct fuse_getxattr_in *get_xattr_in;
2567 	struct fuse_getxattr_out *get_xattr_out;
2568 	struct mount *mp = vnode_mount(vp);
2569 	struct thread *td = ap->a_td;
2570 	struct ucred *cred = ap->a_cred;
2571 	char *prefix;
2572 	char *attr_str;
2573 	size_t len;
2574 	int err;
2575 
2576 	if (fuse_isdeadfs(vp))
2577 		return (ENXIO);
2578 
2579 	if (fsess_not_impl(mp, FUSE_GETXATTR))
2580 		return EOPNOTSUPP;
2581 
2582 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD);
2583 	if (err)
2584 		return err;
2585 
2586 	/* Default to looking for user attributes. */
2587 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
2588 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
2589 	else
2590 		prefix = EXTATTR_NAMESPACE_USER_STRING;
2591 
2592 	len = strlen(prefix) + sizeof(extattr_namespace_separator) +
2593 	    strlen(ap->a_name) + 1;
2594 
2595 	fdisp_init(&fdi, len + sizeof(*get_xattr_in));
2596 	fdisp_make_vp(&fdi, FUSE_GETXATTR, vp, td, cred);
2597 
2598 	get_xattr_in = fdi.indata;
2599 	/*
2600 	 * Check to see whether we're querying the available size or
2601 	 * issuing the actual request.  If we pass in 0, we get back struct
2602 	 * fuse_getxattr_out.  If we pass in a non-zero size, we get back
2603 	 * that much data, without the struct fuse_getxattr_out header.
2604 	 */
2605 	if (uio == NULL)
2606 		get_xattr_in->size = 0;
2607 	else
2608 		get_xattr_in->size = uio->uio_resid;
2609 
2610 	attr_str = (char *)fdi.indata + sizeof(*get_xattr_in);
2611 	snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator,
2612 	    ap->a_name);
2613 
2614 	err = fdisp_wait_answ(&fdi);
2615 	if (err != 0) {
2616 		if (err == ENOSYS) {
2617 			fsess_set_notimpl(mp, FUSE_GETXATTR);
2618 			err = EOPNOTSUPP;
2619 		}
2620 		goto out;
2621 	}
2622 
2623 	get_xattr_out = fdi.answ;
2624 
2625 	if (ap->a_size != NULL)
2626 		*ap->a_size = get_xattr_out->size;
2627 
2628 	if (uio != NULL)
2629 		err = uiomove(fdi.answ, fdi.iosize, uio);
2630 
2631 out:
2632 	fdisp_destroy(&fdi);
2633 	return (err);
2634 }
2635 
2636 /*
2637     struct vop_setextattr_args {
2638 	struct vop_generic_args a_gen;
2639 	struct vnode *a_vp;
2640 	int a_attrnamespace;
2641 	const char *a_name;
2642 	struct uio *a_uio;
2643 	struct ucred *a_cred;
2644 	struct thread *a_td;
2645     };
2646 */
2647 static int
2648 fuse_vnop_setextattr(struct vop_setextattr_args *ap)
2649 {
2650 	struct vnode *vp = ap->a_vp;
2651 	struct uio *uio = ap->a_uio;
2652 	struct fuse_dispatcher fdi;
2653 	struct fuse_setxattr_in *set_xattr_in;
2654 	struct mount *mp = vnode_mount(vp);
2655 	struct thread *td = ap->a_td;
2656 	struct ucred *cred = ap->a_cred;
2657 	char *prefix;
2658 	size_t len;
2659 	char *attr_str;
2660 	int err;
2661 
2662 	if (fuse_isdeadfs(vp))
2663 		return (ENXIO);
2664 
2665 	if (fsess_not_impl(mp, FUSE_SETXATTR))
2666 		return EOPNOTSUPP;
2667 
2668 	if (vfs_isrdonly(mp))
2669 		return EROFS;
2670 
2671 	/* Deleting xattrs must use VOP_DELETEEXTATTR instead */
2672 	if (ap->a_uio == NULL) {
2673 		/*
2674 		 * If we got here as fallback from VOP_DELETEEXTATTR, then
2675 		 * return EOPNOTSUPP.
2676 		 */
2677 		if (fsess_not_impl(mp, FUSE_REMOVEXATTR))
2678 			return (EOPNOTSUPP);
2679 		else
2680 			return (EINVAL);
2681 	}
2682 
2683 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td,
2684 		VWRITE);
2685 	if (err)
2686 		return err;
2687 
2688 	/* Default to looking for user attributes. */
2689 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
2690 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
2691 	else
2692 		prefix = EXTATTR_NAMESPACE_USER_STRING;
2693 
2694 	len = strlen(prefix) + sizeof(extattr_namespace_separator) +
2695 	    strlen(ap->a_name) + 1;
2696 
2697 	fdisp_init(&fdi, len + sizeof(*set_xattr_in) + uio->uio_resid);
2698 	fdisp_make_vp(&fdi, FUSE_SETXATTR, vp, td, cred);
2699 
2700 	set_xattr_in = fdi.indata;
2701 	set_xattr_in->size = uio->uio_resid;
2702 
2703 	attr_str = (char *)fdi.indata + sizeof(*set_xattr_in);
2704 	snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator,
2705 	    ap->a_name);
2706 
2707 	err = uiomove((char *)fdi.indata + sizeof(*set_xattr_in) + len,
2708 	    uio->uio_resid, uio);
2709 	if (err != 0) {
2710 		goto out;
2711 	}
2712 
2713 	err = fdisp_wait_answ(&fdi);
2714 
2715 	if (err == ENOSYS) {
2716 		fsess_set_notimpl(mp, FUSE_SETXATTR);
2717 		err = EOPNOTSUPP;
2718 	}
2719 	if (err == ERESTART) {
2720 		/* Can't restart after calling uiomove */
2721 		err = EINTR;
2722 	}
2723 
2724 out:
2725 	fdisp_destroy(&fdi);
2726 	return (err);
2727 }
2728 
2729 /*
2730  * The Linux / FUSE extended attribute list is simply a collection of
2731  * NUL-terminated strings.  The FreeBSD extended attribute list is a single
2732  * byte length followed by a non-NUL terminated string.  So, this allows
2733  * conversion of the Linux / FUSE format to the FreeBSD format in place.
2734  * Linux attribute names are reported with the namespace as a prefix (e.g.
2735  * "user.attribute_name"), but in FreeBSD they are reported without the
2736  * namespace prefix (e.g. "attribute_name").  So, we're going from:
2737  *
2738  * user.attr_name1\0user.attr_name2\0
2739  *
2740  * to:
2741  *
2742  * <num>attr_name1<num>attr_name2
2743  *
2744  * Where "<num>" is a single byte number of characters in the attribute name.
2745  *
2746  * Args:
2747  * prefix - exattr namespace prefix string
2748  * list, list_len - input list with namespace prefixes
2749  * bsd_list, bsd_list_len - output list compatible with bsd vfs
2750  */
2751 static int
2752 fuse_xattrlist_convert(char *prefix, const char *list, int list_len,
2753     char *bsd_list, int *bsd_list_len)
2754 {
2755 	int len, pos, dist_to_next, prefix_len;
2756 
2757 	pos = 0;
2758 	*bsd_list_len = 0;
2759 	prefix_len = strlen(prefix);
2760 
2761 	while (pos < list_len && list[pos] != '\0') {
2762 		dist_to_next = strlen(&list[pos]) + 1;
2763 		if (bcmp(&list[pos], prefix, prefix_len) == 0 &&
2764 		    list[pos + prefix_len] == extattr_namespace_separator) {
2765 			len = dist_to_next -
2766 			    (prefix_len + sizeof(extattr_namespace_separator)) - 1;
2767 			if (len >= EXTATTR_MAXNAMELEN)
2768 				return (ENAMETOOLONG);
2769 
2770 			bsd_list[*bsd_list_len] = len;
2771 			memcpy(&bsd_list[*bsd_list_len + 1],
2772 			    &list[pos + prefix_len +
2773 			    sizeof(extattr_namespace_separator)], len);
2774 
2775 			*bsd_list_len += len + 1;
2776 		}
2777 
2778 		pos += dist_to_next;
2779 	}
2780 
2781 	return (0);
2782 }
2783 
2784 /*
2785  * List extended attributes
2786  *
2787  * The FUSE_LISTXATTR operation is based on Linux's listxattr(2) syscall, which
2788  * has a number of differences compared to its FreeBSD equivalent,
2789  * extattr_list_file:
2790  *
2791  * - FUSE_LISTXATTR returns all extended attributes across all namespaces,
2792  *   whereas listxattr(2) only returns attributes for a single namespace
2793  * - FUSE_LISTXATTR prepends each attribute name with "namespace."
2794  * - If the provided buffer is not large enough to hold the result,
2795  *   FUSE_LISTXATTR should return ERANGE, whereas listxattr is expected to
2796  *   return as many results as will fit.
2797  */
2798 /*
2799     struct vop_listextattr_args {
2800 	struct vop_generic_args a_gen;
2801 	struct vnode *a_vp;
2802 	int a_attrnamespace;
2803 	struct uio *a_uio;
2804 	size_t *a_size;
2805 	struct ucred *a_cred;
2806 	struct thread *a_td;
2807     };
2808 */
2809 static int
2810 fuse_vnop_listextattr(struct vop_listextattr_args *ap)
2811 {
2812 	struct vnode *vp = ap->a_vp;
2813 	struct uio *uio = ap->a_uio;
2814 	struct fuse_dispatcher fdi;
2815 	struct fuse_listxattr_in *list_xattr_in;
2816 	struct fuse_listxattr_out *list_xattr_out;
2817 	struct mount *mp = vnode_mount(vp);
2818 	struct thread *td = ap->a_td;
2819 	struct ucred *cred = ap->a_cred;
2820 	char *prefix;
2821 	char *bsd_list = NULL;
2822 	char *linux_list;
2823 	int bsd_list_len;
2824 	int linux_list_len;
2825 	int err;
2826 
2827 	if (fuse_isdeadfs(vp))
2828 		return (ENXIO);
2829 
2830 	if (fsess_not_impl(mp, FUSE_LISTXATTR))
2831 		return EOPNOTSUPP;
2832 
2833 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD);
2834 	if (err)
2835 		return err;
2836 
2837 	/*
2838 	 * Add space for a NUL and the period separator if enabled.
2839 	 * Default to looking for user attributes.
2840 	 */
2841 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
2842 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
2843 	else
2844 		prefix = EXTATTR_NAMESPACE_USER_STRING;
2845 
2846 	fdisp_init(&fdi, sizeof(*list_xattr_in));
2847 	fdisp_make_vp(&fdi, FUSE_LISTXATTR, vp, td, cred);
2848 
2849 	/*
2850 	 * Retrieve Linux / FUSE compatible list size.
2851 	 */
2852 	list_xattr_in = fdi.indata;
2853 	list_xattr_in->size = 0;
2854 
2855 	err = fdisp_wait_answ(&fdi);
2856 	if (err != 0) {
2857 		if (err == ENOSYS) {
2858 			fsess_set_notimpl(mp, FUSE_LISTXATTR);
2859 			err = EOPNOTSUPP;
2860 		}
2861 		goto out;
2862 	}
2863 
2864 	list_xattr_out = fdi.answ;
2865 	linux_list_len = list_xattr_out->size;
2866 	if (linux_list_len == 0) {
2867 		if (ap->a_size != NULL)
2868 			*ap->a_size = linux_list_len;
2869 		goto out;
2870 	}
2871 
2872 	/*
2873 	 * Retrieve Linux / FUSE compatible list values.
2874 	 */
2875 	fdisp_refresh_vp(&fdi, FUSE_LISTXATTR, vp, td, cred);
2876 	list_xattr_in = fdi.indata;
2877 	list_xattr_in->size = linux_list_len;
2878 
2879 	err = fdisp_wait_answ(&fdi);
2880 	if (err == ERANGE) {
2881 		/*
2882 		 * Race detected.  The attribute list must've grown since the
2883 		 * first FUSE_LISTXATTR call.  Start over.  Go all the way back
2884 		 * to userland so we can process signals, if necessary, before
2885 		 * restarting.
2886 		 */
2887 		err = ERESTART;
2888 		goto out;
2889 	} else if (err != 0)
2890 		goto out;
2891 
2892 	linux_list = fdi.answ;
2893 	/* FUSE doesn't allow the server to return more data than requested */
2894 	if (fdi.iosize > linux_list_len) {
2895 		struct fuse_data *data = fuse_get_mpdata(mp);
2896 
2897 		fuse_warn(data, FSESS_WARN_LSEXTATTR_LONG,
2898 			"server returned "
2899 			"more extended attribute data than requested; "
2900 			"should've returned ERANGE instead.");
2901 	} else {
2902 		/* But returning less data is fine */
2903 		linux_list_len = fdi.iosize;
2904 	}
2905 
2906 	/*
2907 	 * Retrieve the BSD compatible list values.
2908 	 * The Linux / FUSE attribute list format isn't the same
2909 	 * as FreeBSD's format. So we need to transform it into
2910 	 * FreeBSD's format before giving it to the user.
2911 	 */
2912 	bsd_list = malloc(linux_list_len, M_TEMP, M_WAITOK);
2913 	err = fuse_xattrlist_convert(prefix, linux_list, linux_list_len,
2914 	    bsd_list, &bsd_list_len);
2915 	if (err != 0)
2916 		goto out;
2917 
2918 	if (ap->a_size != NULL)
2919 		*ap->a_size = bsd_list_len;
2920 
2921 	if (uio != NULL)
2922 		err = uiomove(bsd_list, bsd_list_len, uio);
2923 
2924 out:
2925 	free(bsd_list, M_TEMP);
2926 	fdisp_destroy(&fdi);
2927 	return (err);
2928 }
2929 
2930 /*
2931     struct vop_deallocate_args {
2932 	struct vop_generic_args a_gen;
2933 	struct vnode *a_vp;
2934 	off_t *a_offset;
2935 	off_t *a_len;
2936 	int a_flags;
2937 	int a_ioflag;
2938         struct ucred *a_cred;
2939     };
2940 */
2941 static int
2942 fuse_vnop_deallocate(struct vop_deallocate_args *ap)
2943 {
2944 	struct vnode *vp = ap->a_vp;
2945 	struct mount *mp = vnode_mount(vp);
2946 	struct fuse_filehandle *fufh;
2947 	struct fuse_dispatcher fdi;
2948 	struct fuse_fallocate_in *ffi;
2949 	struct ucred *cred = ap->a_cred;
2950 	pid_t pid = curthread->td_proc->p_pid;
2951 	off_t *len = ap->a_len;
2952 	off_t *offset = ap->a_offset;
2953 	int ioflag = ap->a_ioflag;
2954 	off_t filesize;
2955 	int err;
2956 	bool closefufh = false;
2957 
2958 	if (fuse_isdeadfs(vp))
2959 		return (ENXIO);
2960 
2961 	if (vfs_isrdonly(mp))
2962 		return (EROFS);
2963 
2964 	if (fsess_not_impl(mp, FUSE_FALLOCATE))
2965 		goto fallback;
2966 
2967 	err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid);
2968 	if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) {
2969 		/*
2970 		 * nfsd will do I/O without first doing VOP_OPEN.  We
2971 		 * must implicitly open the file here
2972 		 */
2973 		err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred);
2974 		closefufh = true;
2975 	}
2976 	if (err)
2977 		return (err);
2978 
2979 	fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE);
2980 
2981 	err = fuse_vnode_size(vp, &filesize, cred, curthread);
2982 	if (err)
2983 		goto out;
2984 	fuse_inval_buf_range(vp, filesize, *offset, *offset + *len);
2985 
2986 	fdisp_init(&fdi, sizeof(*ffi));
2987 	fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred);
2988 	ffi = fdi.indata;
2989 	ffi->fh = fufh->fh_id;
2990 	ffi->offset = *offset;
2991 	ffi->length = *len;
2992 	/*
2993 	 * FreeBSD's fspacectl is equivalent to Linux's fallocate with
2994 	 * mode == FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE
2995 	 */
2996 	ffi->mode = FUSE_FALLOC_FL_PUNCH_HOLE | FUSE_FALLOC_FL_KEEP_SIZE;
2997 	err = fdisp_wait_answ(&fdi);
2998 
2999 	if (err == ENOSYS) {
3000 		fsess_set_notimpl(mp, FUSE_FALLOCATE);
3001 		goto fallback;
3002 	} else if (err == EOPNOTSUPP) {
3003 		/*
3004 		 * The file system server does not support FUSE_FALLOCATE with
3005 		 * the supplied mode for this particular file.
3006 		 */
3007 		goto fallback;
3008 	} else if (!err) {
3009 		/*
3010 		 * Clip the returned offset to EoF.  Do it here rather than
3011 		 * before FUSE_FALLOCATE just in case the kernel's cached file
3012 		 * size is out of date.  Unfortunately, FUSE does not return
3013 		 * any information about filesize from that operation.
3014 		 */
3015 		*offset = MIN(*offset + *len, filesize);
3016 		*len = 0;
3017 		fuse_vnode_undirty_cached_timestamps(vp, false);
3018 		fuse_internal_clear_suid_on_write(vp, cred, curthread);
3019 
3020 		if (ioflag & IO_SYNC)
3021 			err = fuse_internal_fsync(vp, curthread, MNT_WAIT,
3022 			    false);
3023 	}
3024 
3025 out:
3026 	if (closefufh)
3027 		fuse_filehandle_close(vp, fufh, curthread, cred);
3028 
3029 	return (err);
3030 
3031 fallback:
3032 	if (closefufh)
3033 		fuse_filehandle_close(vp, fufh, curthread, cred);
3034 
3035 	return (vop_stddeallocate(ap));
3036 }
3037 
3038 /*
3039     struct vop_deleteextattr_args {
3040 	struct vop_generic_args a_gen;
3041 	struct vnode *a_vp;
3042 	int a_attrnamespace;
3043 	const char *a_name;
3044 	struct ucred *a_cred;
3045 	struct thread *a_td;
3046     };
3047 */
3048 static int
3049 fuse_vnop_deleteextattr(struct vop_deleteextattr_args *ap)
3050 {
3051 	struct vnode *vp = ap->a_vp;
3052 	struct fuse_dispatcher fdi;
3053 	struct mount *mp = vnode_mount(vp);
3054 	struct thread *td = ap->a_td;
3055 	struct ucred *cred = ap->a_cred;
3056 	char *prefix;
3057 	size_t len;
3058 	char *attr_str;
3059 	int err;
3060 
3061 	if (fuse_isdeadfs(vp))
3062 		return (ENXIO);
3063 
3064 	if (fsess_not_impl(mp, FUSE_REMOVEXATTR))
3065 		return EOPNOTSUPP;
3066 
3067 	if (vfs_isrdonly(mp))
3068 		return EROFS;
3069 
3070 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td,
3071 		VWRITE);
3072 	if (err)
3073 		return err;
3074 
3075 	/* Default to looking for user attributes. */
3076 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
3077 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
3078 	else
3079 		prefix = EXTATTR_NAMESPACE_USER_STRING;
3080 
3081 	len = strlen(prefix) + sizeof(extattr_namespace_separator) +
3082 	    strlen(ap->a_name) + 1;
3083 
3084 	fdisp_init(&fdi, len);
3085 	fdisp_make_vp(&fdi, FUSE_REMOVEXATTR, vp, td, cred);
3086 
3087 	attr_str = fdi.indata;
3088 	snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator,
3089 	    ap->a_name);
3090 
3091 	err = fdisp_wait_answ(&fdi);
3092 	if (err == ENOSYS) {
3093 		fsess_set_notimpl(mp, FUSE_REMOVEXATTR);
3094 		err = EOPNOTSUPP;
3095 	}
3096 
3097 	fdisp_destroy(&fdi);
3098 	return (err);
3099 }
3100 
3101 /*
3102     struct vnop_print_args {
3103 	struct vnode *a_vp;
3104     };
3105 */
3106 static int
3107 fuse_vnop_print(struct vop_print_args *ap)
3108 {
3109 	struct fuse_vnode_data *fvdat = VTOFUD(ap->a_vp);
3110 
3111 	printf("nodeid: %ju, parent nodeid: %ju, nlookup: %ju, flag: %#x\n",
3112 	    (uintmax_t)VTOILLU(ap->a_vp), (uintmax_t)fvdat->parent_nid,
3113 	    (uintmax_t)fvdat->nlookup,
3114 	    fvdat->flag);
3115 
3116 	return 0;
3117 }
3118 
3119 /*
3120  * Get an NFS filehandle for a FUSE file.
3121  *
3122  * This will only work for FUSE file systems that guarantee the uniqueness of
3123  * nodeid:generation, which most don't.
3124  */
3125 /*
3126 vop_vptofh {
3127 	IN struct vnode *a_vp;
3128 	IN struct fid *a_fhp;
3129 };
3130 */
3131 static int
3132 fuse_vnop_vptofh(struct vop_vptofh_args *ap)
3133 {
3134 	struct vnode *vp = ap->a_vp;
3135 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
3136 	struct fuse_fid *fhp = (struct fuse_fid *)(ap->a_fhp);
3137 	_Static_assert(sizeof(struct fuse_fid) <= sizeof(struct fid),
3138 		"FUSE fid type is too big");
3139 	struct mount *mp = vnode_mount(vp);
3140 	struct fuse_data *data = fuse_get_mpdata(mp);
3141 	struct vattr va;
3142 	int err;
3143 
3144 	if (!(data->dataflags & FSESS_EXPORT_SUPPORT)) {
3145 		/* NFS requires lookups for "." and ".." */
3146 		SDT_PROBE2(fusefs, , vnops, trace, 1,
3147 			"VOP_VPTOFH without FUSE_EXPORT_SUPPORT");
3148 		return EOPNOTSUPP;
3149 	}
3150 	if ((mp->mnt_flag & MNT_EXPORTED) &&
3151 		!(data->dataflags & FSESS_NO_OPENDIR_SUPPORT))
3152 	{
3153 		/*
3154 		 * NFS is stateless, so nfsd must reopen a directory on every
3155 		 * call to VOP_READDIR, passing in the d_off field from the
3156 		 * final dirent of the previous invocation.  But without
3157 		 * FUSE_NO_OPENDIR_SUPPORT, the FUSE protocol does not
3158 		 * guarantee that d_off will be valid after a directory is
3159 		 * closed and reopened.  So prohibit exporting FUSE file
3160 		 * systems that don't set that flag.
3161 		 *
3162 		 * But userspace NFS servers don't have this problem.
3163                  */
3164 		SDT_PROBE2(fusefs, , vnops, trace, 1,
3165 			"VOP_VPTOFH without FUSE_NO_OPENDIR_SUPPORT");
3166 		return EOPNOTSUPP;
3167 	}
3168 
3169 	err = fuse_internal_getattr(vp, &va, curthread->td_ucred, curthread);
3170 	if (err)
3171 		return err;
3172 
3173 	/*ip = VTOI(ap->a_vp);*/
3174 	/*ufhp = (struct ufid *)ap->a_fhp;*/
3175 	fhp->len = sizeof(struct fuse_fid);
3176 	fhp->nid = fvdat->nid;
3177 	if (fvdat->generation <= UINT32_MAX)
3178 		fhp->gen = fvdat->generation;
3179 	else
3180 		return EOVERFLOW;
3181 	return (0);
3182 }
3183