1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2007-2009 Google Inc. and Amit Singh 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are 9 * met: 10 * 11 * * Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * * Redistributions in binary form must reproduce the above 14 * copyright notice, this list of conditions and the following disclaimer 15 * in the documentation and/or other materials provided with the 16 * distribution. 17 * * Neither the name of Google Inc. nor the names of its 18 * contributors may be used to endorse or promote products derived from 19 * this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 * Copyright (C) 2005 Csaba Henk. 34 * All rights reserved. 35 * 36 * Copyright (c) 2019 The FreeBSD Foundation 37 * 38 * Portions of this software were developed by BFF Storage Systems, LLC under 39 * sponsorship from the FreeBSD Foundation. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 50 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 */ 62 63 #include <sys/cdefs.h> 64 __FBSDID("$FreeBSD$"); 65 66 #include <sys/param.h> 67 #include <sys/module.h> 68 #include <sys/systm.h> 69 #include <sys/errno.h> 70 #include <sys/kernel.h> 71 #include <sys/conf.h> 72 #include <sys/filio.h> 73 #include <sys/uio.h> 74 #include <sys/malloc.h> 75 #include <sys/queue.h> 76 #include <sys/limits.h> 77 #include <sys/lock.h> 78 #include <sys/rwlock.h> 79 #include <sys/sx.h> 80 #include <sys/proc.h> 81 #include <sys/mount.h> 82 #include <sys/vnode.h> 83 #include <sys/namei.h> 84 #include <sys/extattr.h> 85 #include <sys/stat.h> 86 #include <sys/unistd.h> 87 #include <sys/filedesc.h> 88 #include <sys/file.h> 89 #include <sys/fcntl.h> 90 #include <sys/dirent.h> 91 #include <sys/bio.h> 92 #include <sys/buf.h> 93 #include <sys/sysctl.h> 94 #include <sys/vmmeter.h> 95 96 #include <vm/vm.h> 97 #include <vm/vm_extern.h> 98 #include <vm/pmap.h> 99 #include <vm/vm_map.h> 100 #include <vm/vm_page.h> 101 #include <vm/vm_param.h> 102 #include <vm/vm_object.h> 103 #include <vm/vm_pager.h> 104 #include <vm/vnode_pager.h> 105 #include <vm/vm_object.h> 106 107 #include "fuse.h" 108 #include "fuse_file.h" 109 #include "fuse_internal.h" 110 #include "fuse_ipc.h" 111 #include "fuse_node.h" 112 #include "fuse_io.h" 113 114 #include <sys/priv.h> 115 116 /* Maximum number of hardlinks to a single FUSE file */ 117 #define FUSE_LINK_MAX UINT32_MAX 118 119 SDT_PROVIDER_DECLARE(fusefs); 120 /* 121 * Fuse trace probe: 122 * arg0: verbosity. Higher numbers give more verbose messages 123 * arg1: Textual message 124 */ 125 SDT_PROBE_DEFINE2(fusefs, , vnops, trace, "int", "char*"); 126 127 /* vnode ops */ 128 static vop_access_t fuse_vnop_access; 129 static vop_advlock_t fuse_vnop_advlock; 130 static vop_allocate_t fuse_vnop_allocate; 131 static vop_bmap_t fuse_vnop_bmap; 132 static vop_close_t fuse_fifo_close; 133 static vop_close_t fuse_vnop_close; 134 static vop_copy_file_range_t fuse_vnop_copy_file_range; 135 static vop_create_t fuse_vnop_create; 136 static vop_deallocate_t fuse_vnop_deallocate; 137 static vop_deleteextattr_t fuse_vnop_deleteextattr; 138 static vop_fdatasync_t fuse_vnop_fdatasync; 139 static vop_fsync_t fuse_vnop_fsync; 140 static vop_getattr_t fuse_vnop_getattr; 141 static vop_getextattr_t fuse_vnop_getextattr; 142 static vop_inactive_t fuse_vnop_inactive; 143 static vop_ioctl_t fuse_vnop_ioctl; 144 static vop_link_t fuse_vnop_link; 145 static vop_listextattr_t fuse_vnop_listextattr; 146 static vop_lookup_t fuse_vnop_lookup; 147 static vop_mkdir_t fuse_vnop_mkdir; 148 static vop_mknod_t fuse_vnop_mknod; 149 static vop_open_t fuse_vnop_open; 150 static vop_pathconf_t fuse_vnop_pathconf; 151 static vop_read_t fuse_vnop_read; 152 static vop_readdir_t fuse_vnop_readdir; 153 static vop_readlink_t fuse_vnop_readlink; 154 static vop_reclaim_t fuse_vnop_reclaim; 155 static vop_remove_t fuse_vnop_remove; 156 static vop_rename_t fuse_vnop_rename; 157 static vop_rmdir_t fuse_vnop_rmdir; 158 static vop_setattr_t fuse_vnop_setattr; 159 static vop_setextattr_t fuse_vnop_setextattr; 160 static vop_strategy_t fuse_vnop_strategy; 161 static vop_symlink_t fuse_vnop_symlink; 162 static vop_write_t fuse_vnop_write; 163 static vop_getpages_t fuse_vnop_getpages; 164 static vop_print_t fuse_vnop_print; 165 static vop_vptofh_t fuse_vnop_vptofh; 166 167 struct vop_vector fuse_fifoops = { 168 .vop_default = &fifo_specops, 169 .vop_access = fuse_vnop_access, 170 .vop_close = fuse_fifo_close, 171 .vop_fsync = fuse_vnop_fsync, 172 .vop_getattr = fuse_vnop_getattr, 173 .vop_inactive = fuse_vnop_inactive, 174 .vop_pathconf = fuse_vnop_pathconf, 175 .vop_print = fuse_vnop_print, 176 .vop_read = VOP_PANIC, 177 .vop_reclaim = fuse_vnop_reclaim, 178 .vop_setattr = fuse_vnop_setattr, 179 .vop_write = VOP_PANIC, 180 .vop_vptofh = fuse_vnop_vptofh, 181 }; 182 VFS_VOP_VECTOR_REGISTER(fuse_fifoops); 183 184 struct vop_vector fuse_vnops = { 185 .vop_allocate = fuse_vnop_allocate, 186 .vop_default = &default_vnodeops, 187 .vop_access = fuse_vnop_access, 188 .vop_advlock = fuse_vnop_advlock, 189 .vop_bmap = fuse_vnop_bmap, 190 .vop_close = fuse_vnop_close, 191 .vop_copy_file_range = fuse_vnop_copy_file_range, 192 .vop_create = fuse_vnop_create, 193 .vop_deallocate = fuse_vnop_deallocate, 194 .vop_deleteextattr = fuse_vnop_deleteextattr, 195 .vop_fsync = fuse_vnop_fsync, 196 .vop_fdatasync = fuse_vnop_fdatasync, 197 .vop_getattr = fuse_vnop_getattr, 198 .vop_getextattr = fuse_vnop_getextattr, 199 .vop_inactive = fuse_vnop_inactive, 200 .vop_ioctl = fuse_vnop_ioctl, 201 .vop_link = fuse_vnop_link, 202 .vop_listextattr = fuse_vnop_listextattr, 203 .vop_lookup = fuse_vnop_lookup, 204 .vop_mkdir = fuse_vnop_mkdir, 205 .vop_mknod = fuse_vnop_mknod, 206 .vop_open = fuse_vnop_open, 207 .vop_pathconf = fuse_vnop_pathconf, 208 /* 209 * TODO: implement vop_poll after upgrading to protocol 7.21. 210 * FUSE_POLL was added in protocol 7.11, but it's kind of broken until 211 * 7.21, which adds the ability for the client to choose which poll 212 * events it wants, and for a client to deregister a file handle 213 */ 214 .vop_read = fuse_vnop_read, 215 .vop_readdir = fuse_vnop_readdir, 216 .vop_readlink = fuse_vnop_readlink, 217 .vop_reclaim = fuse_vnop_reclaim, 218 .vop_remove = fuse_vnop_remove, 219 .vop_rename = fuse_vnop_rename, 220 .vop_rmdir = fuse_vnop_rmdir, 221 .vop_setattr = fuse_vnop_setattr, 222 .vop_setextattr = fuse_vnop_setextattr, 223 .vop_strategy = fuse_vnop_strategy, 224 .vop_symlink = fuse_vnop_symlink, 225 .vop_write = fuse_vnop_write, 226 .vop_getpages = fuse_vnop_getpages, 227 .vop_print = fuse_vnop_print, 228 .vop_vptofh = fuse_vnop_vptofh, 229 }; 230 VFS_VOP_VECTOR_REGISTER(fuse_vnops); 231 232 uma_zone_t fuse_pbuf_zone; 233 234 /* Check permission for extattr operations, much like extattr_check_cred */ 235 static int 236 fuse_extattr_check_cred(struct vnode *vp, int ns, struct ucred *cred, 237 struct thread *td, accmode_t accmode) 238 { 239 struct mount *mp = vnode_mount(vp); 240 struct fuse_data *data = fuse_get_mpdata(mp); 241 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 242 243 /* 244 * Kernel-invoked always succeeds. 245 */ 246 if (cred == NOCRED) 247 return (0); 248 249 /* 250 * Do not allow privileged processes in jail to directly manipulate 251 * system attributes. 252 */ 253 switch (ns) { 254 case EXTATTR_NAMESPACE_SYSTEM: 255 if (default_permissions) { 256 return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM)); 257 } 258 return (0); 259 case EXTATTR_NAMESPACE_USER: 260 if (default_permissions) { 261 return (fuse_internal_access(vp, accmode, td, cred)); 262 } 263 return (0); 264 default: 265 return (EPERM); 266 } 267 } 268 269 /* Get a filehandle for a directory */ 270 static int 271 fuse_filehandle_get_dir(struct vnode *vp, struct fuse_filehandle **fufhp, 272 struct ucred *cred, pid_t pid) 273 { 274 if (fuse_filehandle_get(vp, FREAD, fufhp, cred, pid) == 0) 275 return 0; 276 return fuse_filehandle_get(vp, FEXEC, fufhp, cred, pid); 277 } 278 279 /* Send FUSE_FLUSH for this vnode */ 280 static int 281 fuse_flush(struct vnode *vp, struct ucred *cred, pid_t pid, int fflag) 282 { 283 struct fuse_flush_in *ffi; 284 struct fuse_filehandle *fufh; 285 struct fuse_dispatcher fdi; 286 struct thread *td = curthread; 287 struct mount *mp = vnode_mount(vp); 288 int err; 289 290 if (fsess_not_impl(vnode_mount(vp), FUSE_FLUSH)) 291 return 0; 292 293 err = fuse_filehandle_getrw(vp, fflag, &fufh, cred, pid); 294 if (err) 295 return err; 296 297 fdisp_init(&fdi, sizeof(*ffi)); 298 fdisp_make_vp(&fdi, FUSE_FLUSH, vp, td, cred); 299 ffi = fdi.indata; 300 ffi->fh = fufh->fh_id; 301 /* 302 * If the file has a POSIX lock then we're supposed to set lock_owner. 303 * If not, then lock_owner is undefined. So we may as well always set 304 * it. 305 */ 306 ffi->lock_owner = td->td_proc->p_pid; 307 308 err = fdisp_wait_answ(&fdi); 309 if (err == ENOSYS) { 310 fsess_set_notimpl(mp, FUSE_FLUSH); 311 err = 0; 312 } 313 fdisp_destroy(&fdi); 314 return err; 315 } 316 317 /* Close wrapper for fifos. */ 318 static int 319 fuse_fifo_close(struct vop_close_args *ap) 320 { 321 return (fifo_specops.vop_close(ap)); 322 } 323 324 /* Invalidate a range of cached data, whether dirty of not */ 325 static int 326 fuse_inval_buf_range(struct vnode *vp, off_t filesize, off_t start, off_t end) 327 { 328 struct buf *bp; 329 daddr_t left_lbn, end_lbn, right_lbn; 330 off_t new_filesize; 331 int iosize, left_on, right_on, right_blksize; 332 333 iosize = fuse_iosize(vp); 334 left_lbn = start / iosize; 335 end_lbn = howmany(end, iosize); 336 left_on = start & (iosize - 1); 337 if (left_on != 0) { 338 bp = getblk(vp, left_lbn, iosize, PCATCH, 0, 0); 339 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyend >= left_on) { 340 /* 341 * Flush the dirty buffer, because we don't have a 342 * byte-granular way to record which parts of the 343 * buffer are valid. 344 */ 345 bwrite(bp); 346 if (bp->b_error) 347 return (bp->b_error); 348 } else { 349 brelse(bp); 350 } 351 } 352 right_on = end & (iosize - 1); 353 if (right_on != 0) { 354 right_lbn = end / iosize; 355 new_filesize = MAX(filesize, end); 356 right_blksize = MIN(iosize, new_filesize - iosize * right_lbn); 357 bp = getblk(vp, right_lbn, right_blksize, PCATCH, 0, 0); 358 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyoff < right_on) { 359 /* 360 * Flush the dirty buffer, because we don't have a 361 * byte-granular way to record which parts of the 362 * buffer are valid. 363 */ 364 bwrite(bp); 365 if (bp->b_error) 366 return (bp->b_error); 367 } else { 368 brelse(bp); 369 } 370 } 371 372 v_inval_buf_range(vp, left_lbn, end_lbn, iosize); 373 return (0); 374 } 375 376 377 /* Send FUSE_LSEEK for this node */ 378 static int 379 fuse_vnop_do_lseek(struct vnode *vp, struct thread *td, struct ucred *cred, 380 pid_t pid, off_t *offp, int whence) 381 { 382 struct fuse_dispatcher fdi; 383 struct fuse_filehandle *fufh; 384 struct fuse_lseek_in *flsi; 385 struct fuse_lseek_out *flso; 386 struct mount *mp = vnode_mount(vp); 387 int err; 388 389 ASSERT_VOP_LOCKED(vp, __func__); 390 391 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 392 if (err) 393 return (err); 394 fdisp_init(&fdi, sizeof(*flsi)); 395 fdisp_make_vp(&fdi, FUSE_LSEEK, vp, td, cred); 396 flsi = fdi.indata; 397 flsi->fh = fufh->fh_id; 398 flsi->offset = *offp; 399 flsi->whence = whence; 400 err = fdisp_wait_answ(&fdi); 401 if (err == ENOSYS) { 402 fsess_set_notimpl(mp, FUSE_LSEEK); 403 } else if (err == 0) { 404 fsess_set_impl(mp, FUSE_LSEEK); 405 flso = fdi.answ; 406 *offp = flso->offset; 407 } 408 fdisp_destroy(&fdi); 409 410 return (err); 411 } 412 413 /* 414 struct vnop_access_args { 415 struct vnode *a_vp; 416 #if VOP_ACCESS_TAKES_ACCMODE_T 417 accmode_t a_accmode; 418 #else 419 int a_mode; 420 #endif 421 struct ucred *a_cred; 422 struct thread *a_td; 423 }; 424 */ 425 static int 426 fuse_vnop_access(struct vop_access_args *ap) 427 { 428 struct vnode *vp = ap->a_vp; 429 int accmode = ap->a_accmode; 430 struct ucred *cred = ap->a_cred; 431 432 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 433 434 int err; 435 436 if (fuse_isdeadfs(vp)) { 437 if (vnode_isvroot(vp)) { 438 return 0; 439 } 440 return ENXIO; 441 } 442 if (!(data->dataflags & FSESS_INITED)) { 443 if (vnode_isvroot(vp)) { 444 if (priv_check_cred(cred, PRIV_VFS_ADMIN) || 445 (fuse_match_cred(data->daemoncred, cred) == 0)) { 446 return 0; 447 } 448 } 449 return EBADF; 450 } 451 if (vnode_islnk(vp)) { 452 return 0; 453 } 454 455 err = fuse_internal_access(vp, accmode, ap->a_td, ap->a_cred); 456 return err; 457 } 458 459 /* 460 * struct vop_advlock_args { 461 * struct vop_generic_args a_gen; 462 * struct vnode *a_vp; 463 * void *a_id; 464 * int a_op; 465 * struct flock *a_fl; 466 * int a_flags; 467 * } 468 */ 469 static int 470 fuse_vnop_advlock(struct vop_advlock_args *ap) 471 { 472 struct vnode *vp = ap->a_vp; 473 struct flock *fl = ap->a_fl; 474 struct thread *td = curthread; 475 struct ucred *cred = td->td_ucred; 476 pid_t pid = td->td_proc->p_pid; 477 struct fuse_filehandle *fufh; 478 struct fuse_dispatcher fdi; 479 struct fuse_lk_in *fli; 480 struct fuse_lk_out *flo; 481 enum fuse_opcode op; 482 int dataflags, err; 483 int flags = ap->a_flags; 484 485 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 486 487 if (fuse_isdeadfs(vp)) { 488 return ENXIO; 489 } 490 491 switch(ap->a_op) { 492 case F_GETLK: 493 op = FUSE_GETLK; 494 break; 495 case F_SETLK: 496 if (flags & F_WAIT) 497 op = FUSE_SETLKW; 498 else 499 op = FUSE_SETLK; 500 break; 501 case F_UNLCK: 502 op = FUSE_SETLK; 503 break; 504 default: 505 return EINVAL; 506 } 507 508 if (!(dataflags & FSESS_POSIX_LOCKS)) 509 return vop_stdadvlock(ap); 510 /* FUSE doesn't properly support flock until protocol 7.17 */ 511 if (flags & F_FLOCK) 512 return vop_stdadvlock(ap); 513 514 vn_lock(vp, LK_SHARED | LK_RETRY); 515 516 err = fuse_filehandle_get_anyflags(vp, &fufh, cred, pid); 517 if (err) 518 goto out; 519 520 fdisp_init(&fdi, sizeof(*fli)); 521 522 fdisp_make_vp(&fdi, op, vp, td, cred); 523 fli = fdi.indata; 524 fli->fh = fufh->fh_id; 525 fli->owner = td->td_proc->p_pid; 526 fli->lk.start = fl->l_start; 527 if (fl->l_len != 0) 528 fli->lk.end = fl->l_start + fl->l_len - 1; 529 else 530 fli->lk.end = INT64_MAX; 531 fli->lk.type = fl->l_type; 532 fli->lk.pid = td->td_proc->p_pid; 533 534 err = fdisp_wait_answ(&fdi); 535 fdisp_destroy(&fdi); 536 537 if (err == 0 && op == FUSE_GETLK) { 538 flo = fdi.answ; 539 fl->l_type = flo->lk.type; 540 fl->l_pid = flo->lk.pid; 541 if (flo->lk.type != F_UNLCK) { 542 fl->l_start = flo->lk.start; 543 if (flo->lk.end == INT64_MAX) 544 fl->l_len = 0; 545 else 546 fl->l_len = flo->lk.end - flo->lk.start + 1; 547 fl->l_start = flo->lk.start; 548 } 549 } 550 551 out: 552 VOP_UNLOCK(vp); 553 return err; 554 } 555 556 static int 557 fuse_vnop_allocate(struct vop_allocate_args *ap) 558 { 559 struct vnode *vp = ap->a_vp; 560 off_t *len = ap->a_len; 561 off_t *offset = ap->a_offset; 562 struct ucred *cred = ap->a_cred; 563 struct fuse_filehandle *fufh; 564 struct mount *mp = vnode_mount(vp); 565 struct fuse_dispatcher fdi; 566 struct fuse_fallocate_in *ffi; 567 struct uio io; 568 pid_t pid = curthread->td_proc->p_pid; 569 struct fuse_vnode_data *fvdat = VTOFUD(vp); 570 off_t filesize; 571 int err; 572 573 if (fuse_isdeadfs(vp)) 574 return (ENXIO); 575 576 switch (vp->v_type) { 577 case VFIFO: 578 return (ESPIPE); 579 case VLNK: 580 case VREG: 581 if (vfs_isrdonly(mp)) 582 return (EROFS); 583 break; 584 default: 585 return (ENODEV); 586 } 587 588 if (vfs_isrdonly(mp)) 589 return (EROFS); 590 591 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 592 return (EINVAL); 593 594 io.uio_offset = *offset; 595 io.uio_resid = *len; 596 err = vn_rlimit_fsize(vp, &io, curthread); 597 if (err) 598 return (err); 599 600 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 601 if (err) 602 return (err); 603 604 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 605 606 err = fuse_vnode_size(vp, &filesize, cred, curthread); 607 if (err) 608 return (err); 609 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 610 611 fdisp_init(&fdi, sizeof(*ffi)); 612 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 613 ffi = fdi.indata; 614 ffi->fh = fufh->fh_id; 615 ffi->offset = *offset; 616 ffi->length = *len; 617 ffi->mode = 0; 618 err = fdisp_wait_answ(&fdi); 619 620 if (err == ENOSYS) { 621 fsess_set_notimpl(mp, FUSE_FALLOCATE); 622 err = EINVAL; 623 } else if (err == EOPNOTSUPP) { 624 /* 625 * The file system server does not support FUSE_FALLOCATE with 626 * the supplied mode for this particular file. 627 */ 628 err = EINVAL; 629 } else if (!err) { 630 *offset += *len; 631 *len = 0; 632 fuse_vnode_undirty_cached_timestamps(vp, false); 633 fuse_internal_clear_suid_on_write(vp, cred, curthread); 634 if (*offset > fvdat->cached_attrs.va_size) { 635 fuse_vnode_setsize(vp, *offset, false); 636 getnanouptime(&fvdat->last_local_modify); 637 } 638 } 639 640 return (err); 641 } 642 643 /* { 644 struct vnode *a_vp; 645 daddr_t a_bn; 646 struct bufobj **a_bop; 647 daddr_t *a_bnp; 648 int *a_runp; 649 int *a_runb; 650 } */ 651 static int 652 fuse_vnop_bmap(struct vop_bmap_args *ap) 653 { 654 struct vnode *vp = ap->a_vp; 655 struct bufobj **bo = ap->a_bop; 656 struct thread *td = curthread; 657 struct mount *mp; 658 struct fuse_dispatcher fdi; 659 struct fuse_bmap_in *fbi; 660 struct fuse_bmap_out *fbo; 661 struct fuse_data *data; 662 struct fuse_vnode_data *fvdat = VTOFUD(vp); 663 uint64_t biosize; 664 off_t fsize; 665 daddr_t lbn = ap->a_bn; 666 daddr_t *pbn = ap->a_bnp; 667 int *runp = ap->a_runp; 668 int *runb = ap->a_runb; 669 int error = 0; 670 int maxrun; 671 672 if (fuse_isdeadfs(vp)) { 673 return ENXIO; 674 } 675 676 mp = vnode_mount(vp); 677 data = fuse_get_mpdata(mp); 678 biosize = fuse_iosize(vp); 679 maxrun = MIN(vp->v_mount->mnt_iosize_max / biosize - 1, 680 data->max_readahead_blocks); 681 682 if (bo != NULL) 683 *bo = &vp->v_bufobj; 684 685 /* 686 * The FUSE_BMAP operation does not include the runp and runb 687 * variables, so we must guess. Report nonzero contiguous runs so 688 * cluster_read will combine adjacent reads. It's worthwhile to reduce 689 * upcalls even if we don't know the true physical layout of the file. 690 * 691 * FUSE file systems may opt out of read clustering in two ways: 692 * * mounting with -onoclusterr 693 * * Setting max_readahead <= maxbcachebuf during FUSE_INIT 694 */ 695 if (runb != NULL) 696 *runb = MIN(lbn, maxrun); 697 if (runp != NULL && maxrun == 0) 698 *runp = 0; 699 else if (runp != NULL) { 700 /* 701 * If the file's size is cached, use that value to calculate 702 * runp, even if the cache is expired. runp is only advisory, 703 * and the risk of getting it wrong is not worth the cost of 704 * another upcall. 705 */ 706 if (fvdat->cached_attrs.va_size != VNOVAL) 707 fsize = fvdat->cached_attrs.va_size; 708 else 709 error = fuse_vnode_size(vp, &fsize, td->td_ucred, td); 710 if (error == 0) 711 *runp = MIN(MAX(0, fsize / (off_t)biosize - lbn - 1), 712 maxrun); 713 else 714 *runp = 0; 715 } 716 717 if (fsess_maybe_impl(mp, FUSE_BMAP)) { 718 fdisp_init(&fdi, sizeof(*fbi)); 719 fdisp_make_vp(&fdi, FUSE_BMAP, vp, td, td->td_ucred); 720 fbi = fdi.indata; 721 fbi->block = lbn; 722 fbi->blocksize = biosize; 723 error = fdisp_wait_answ(&fdi); 724 if (error == ENOSYS) { 725 fdisp_destroy(&fdi); 726 fsess_set_notimpl(mp, FUSE_BMAP); 727 error = 0; 728 } else { 729 fbo = fdi.answ; 730 if (error == 0 && pbn != NULL) 731 *pbn = fbo->block; 732 fdisp_destroy(&fdi); 733 return error; 734 } 735 } 736 737 /* If the daemon doesn't support BMAP, make up a sensible default */ 738 if (pbn != NULL) 739 *pbn = lbn * btodb(biosize); 740 return (error); 741 } 742 743 /* 744 struct vop_close_args { 745 struct vnode *a_vp; 746 int a_fflag; 747 struct ucred *a_cred; 748 struct thread *a_td; 749 }; 750 */ 751 static int 752 fuse_vnop_close(struct vop_close_args *ap) 753 { 754 struct vnode *vp = ap->a_vp; 755 struct ucred *cred = ap->a_cred; 756 int fflag = ap->a_fflag; 757 struct thread *td = ap->a_td; 758 pid_t pid = td->td_proc->p_pid; 759 struct fuse_vnode_data *fvdat = VTOFUD(vp); 760 int err = 0; 761 762 if (fuse_isdeadfs(vp)) 763 return 0; 764 if (vnode_isdir(vp)) 765 return 0; 766 if (fflag & IO_NDELAY) 767 return 0; 768 769 err = fuse_flush(vp, cred, pid, fflag); 770 if (err == 0 && (fvdat->flag & FN_ATIMECHANGE)) { 771 struct vattr vap; 772 773 VATTR_NULL(&vap); 774 vap.va_atime = fvdat->cached_attrs.va_atime; 775 err = fuse_internal_setattr(vp, &vap, td, NULL); 776 } 777 /* TODO: close the file handle, if we're sure it's no longer used */ 778 if ((fvdat->flag & FN_SIZECHANGE) != 0) { 779 fuse_vnode_savesize(vp, cred, td->td_proc->p_pid); 780 } 781 return err; 782 } 783 784 /* 785 struct vop_copy_file_range_args { 786 struct vop_generic_args a_gen; 787 struct vnode *a_invp; 788 off_t *a_inoffp; 789 struct vnode *a_outvp; 790 off_t *a_outoffp; 791 size_t *a_lenp; 792 unsigned int a_flags; 793 struct ucred *a_incred; 794 struct ucred *a_outcred; 795 struct thread *a_fsizetd; 796 } 797 */ 798 static int 799 fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) 800 { 801 struct vnode *invp = ap->a_invp; 802 struct vnode *outvp = ap->a_outvp; 803 struct mount *mp = vnode_mount(invp); 804 struct fuse_vnode_data *outfvdat = VTOFUD(outvp); 805 struct fuse_dispatcher fdi; 806 struct fuse_filehandle *infufh, *outfufh; 807 struct fuse_copy_file_range_in *fcfri; 808 struct ucred *incred = ap->a_incred; 809 struct ucred *outcred = ap->a_outcred; 810 struct fuse_write_out *fwo; 811 struct thread *td; 812 struct uio io; 813 off_t outfilesize; 814 pid_t pid; 815 int err; 816 817 if (mp != vnode_mount(outvp)) 818 goto fallback; 819 820 if (incred->cr_uid != outcred->cr_uid) 821 goto fallback; 822 823 if (incred->cr_groups[0] != outcred->cr_groups[0]) 824 goto fallback; 825 826 if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE)) 827 goto fallback; 828 829 if (ap->a_fsizetd == NULL) 830 td = curthread; 831 else 832 td = ap->a_fsizetd; 833 pid = td->td_proc->p_pid; 834 835 /* Lock both vnodes, avoiding risk of deadlock. */ 836 do { 837 err = vn_lock(outvp, LK_EXCLUSIVE); 838 if (invp == outvp) 839 break; 840 if (err == 0) { 841 err = vn_lock(invp, LK_SHARED | LK_NOWAIT); 842 if (err == 0) 843 break; 844 VOP_UNLOCK(outvp); 845 err = vn_lock(invp, LK_SHARED); 846 if (err == 0) 847 VOP_UNLOCK(invp); 848 } 849 } while (err == 0); 850 if (err != 0) 851 return (err); 852 853 err = fuse_filehandle_getrw(invp, FREAD, &infufh, incred, pid); 854 if (err) 855 goto unlock; 856 857 err = fuse_filehandle_getrw(outvp, FWRITE, &outfufh, outcred, pid); 858 if (err) 859 goto unlock; 860 861 if (ap->a_fsizetd) { 862 io.uio_offset = *ap->a_outoffp; 863 io.uio_resid = *ap->a_lenp; 864 err = vn_rlimit_fsize(outvp, &io, ap->a_fsizetd); 865 if (err) 866 goto unlock; 867 } 868 869 err = fuse_vnode_size(outvp, &outfilesize, outcred, curthread); 870 if (err) 871 goto unlock; 872 873 err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp, 874 *ap->a_outoffp + *ap->a_lenp); 875 if (err) 876 goto unlock; 877 878 fdisp_init(&fdi, sizeof(*fcfri)); 879 fdisp_make_vp(&fdi, FUSE_COPY_FILE_RANGE, invp, td, incred); 880 fcfri = fdi.indata; 881 fcfri->fh_in = infufh->fh_id; 882 fcfri->off_in = *ap->a_inoffp; 883 fcfri->nodeid_out = VTOI(outvp); 884 fcfri->fh_out = outfufh->fh_id; 885 fcfri->off_out = *ap->a_outoffp; 886 fcfri->len = *ap->a_lenp; 887 fcfri->flags = 0; 888 889 err = fdisp_wait_answ(&fdi); 890 if (err == 0) { 891 fwo = fdi.answ; 892 *ap->a_lenp = fwo->size; 893 *ap->a_inoffp += fwo->size; 894 *ap->a_outoffp += fwo->size; 895 fuse_internal_clear_suid_on_write(outvp, outcred, td); 896 if (*ap->a_outoffp > outfvdat->cached_attrs.va_size) { 897 fuse_vnode_setsize(outvp, *ap->a_outoffp, false); 898 getnanouptime(&outfvdat->last_local_modify); 899 } 900 fuse_vnode_update(invp, FN_ATIMECHANGE); 901 fuse_vnode_update(outvp, FN_MTIMECHANGE | FN_CTIMECHANGE); 902 } 903 fdisp_destroy(&fdi); 904 905 unlock: 906 if (invp != outvp) 907 VOP_UNLOCK(invp); 908 VOP_UNLOCK(outvp); 909 910 if (err == ENOSYS) { 911 fsess_set_notimpl(mp, FUSE_COPY_FILE_RANGE); 912 fallback: 913 err = vn_generic_copy_file_range(ap->a_invp, ap->a_inoffp, 914 ap->a_outvp, ap->a_outoffp, ap->a_lenp, ap->a_flags, 915 ap->a_incred, ap->a_outcred, ap->a_fsizetd); 916 } 917 918 return (err); 919 } 920 921 static void 922 fdisp_make_mknod_for_fallback( 923 struct fuse_dispatcher *fdip, 924 struct componentname *cnp, 925 struct vnode *dvp, 926 uint64_t parentnid, 927 struct thread *td, 928 struct ucred *cred, 929 mode_t mode, 930 enum fuse_opcode *op) 931 { 932 struct fuse_mknod_in *fmni; 933 934 fdisp_init(fdip, sizeof(*fmni) + cnp->cn_namelen + 1); 935 *op = FUSE_MKNOD; 936 fdisp_make(fdip, *op, vnode_mount(dvp), parentnid, td, cred); 937 fmni = fdip->indata; 938 fmni->mode = mode; 939 fmni->rdev = 0; 940 memcpy((char *)fdip->indata + sizeof(*fmni), cnp->cn_nameptr, 941 cnp->cn_namelen); 942 ((char *)fdip->indata)[sizeof(*fmni) + cnp->cn_namelen] = '\0'; 943 } 944 /* 945 struct vnop_create_args { 946 struct vnode *a_dvp; 947 struct vnode **a_vpp; 948 struct componentname *a_cnp; 949 struct vattr *a_vap; 950 }; 951 */ 952 static int 953 fuse_vnop_create(struct vop_create_args *ap) 954 { 955 struct vnode *dvp = ap->a_dvp; 956 struct vnode **vpp = ap->a_vpp; 957 struct componentname *cnp = ap->a_cnp; 958 struct vattr *vap = ap->a_vap; 959 struct thread *td = curthread; 960 struct ucred *cred = cnp->cn_cred; 961 962 struct fuse_data *data; 963 struct fuse_create_in *fci; 964 struct fuse_entry_out *feo; 965 struct fuse_open_out *foo; 966 struct fuse_dispatcher fdi, fdi2; 967 struct fuse_dispatcher *fdip = &fdi; 968 struct fuse_dispatcher *fdip2 = NULL; 969 970 int err; 971 972 struct mount *mp = vnode_mount(dvp); 973 data = fuse_get_mpdata(mp); 974 uint64_t parentnid = VTOFUD(dvp)->nid; 975 mode_t mode = MAKEIMODE(vap->va_type, vap->va_mode); 976 enum fuse_opcode op; 977 int flags; 978 979 if (fuse_isdeadfs(dvp)) 980 return ENXIO; 981 982 /* FUSE expects sockets to be created with FUSE_MKNOD */ 983 if (vap->va_type == VSOCK) 984 return fuse_internal_mknod(dvp, vpp, cnp, vap); 985 986 /* 987 * VOP_CREATE doesn't tell us the open(2) flags, so we guess. Only a 988 * writable mode makes sense, and we might as well include readability 989 * too. 990 */ 991 flags = O_RDWR; 992 993 bzero(&fdi, sizeof(fdi)); 994 995 if (vap->va_type != VREG) 996 return (EINVAL); 997 998 if (fsess_not_impl(mp, FUSE_CREATE) || vap->va_type == VSOCK) { 999 /* Fallback to FUSE_MKNOD/FUSE_OPEN */ 1000 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, parentnid, td, 1001 cred, mode, &op); 1002 } else { 1003 /* Use FUSE_CREATE */ 1004 size_t insize; 1005 1006 op = FUSE_CREATE; 1007 fdisp_init(fdip, sizeof(*fci) + cnp->cn_namelen + 1); 1008 fdisp_make(fdip, op, vnode_mount(dvp), parentnid, td, cred); 1009 fci = fdip->indata; 1010 fci->mode = mode; 1011 fci->flags = O_CREAT | flags; 1012 if (fuse_libabi_geq(data, 7, 12)) { 1013 insize = sizeof(*fci); 1014 fci->umask = td->td_proc->p_pd->pd_cmask; 1015 } else { 1016 insize = sizeof(struct fuse_open_in); 1017 } 1018 1019 memcpy((char *)fdip->indata + insize, cnp->cn_nameptr, 1020 cnp->cn_namelen); 1021 ((char *)fdip->indata)[insize + cnp->cn_namelen] = '\0'; 1022 } 1023 1024 err = fdisp_wait_answ(fdip); 1025 1026 if (err) { 1027 if (err == ENOSYS && op == FUSE_CREATE) { 1028 fsess_set_notimpl(mp, FUSE_CREATE); 1029 fdisp_destroy(fdip); 1030 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, 1031 parentnid, td, cred, mode, &op); 1032 err = fdisp_wait_answ(fdip); 1033 } 1034 if (err) 1035 goto out; 1036 } 1037 1038 feo = fdip->answ; 1039 1040 if ((err = fuse_internal_checkentry(feo, vap->va_type))) { 1041 goto out; 1042 } 1043 1044 if (op == FUSE_CREATE) { 1045 if (fuse_libabi_geq(data, 7, 9)) 1046 foo = (struct fuse_open_out*)(feo + 1); 1047 else 1048 foo = (struct fuse_open_out*)((char*)feo + 1049 FUSE_COMPAT_ENTRY_OUT_SIZE); 1050 } else { 1051 /* Issue a separate FUSE_OPEN */ 1052 struct fuse_open_in *foi; 1053 1054 fdip2 = &fdi2; 1055 fdisp_init(fdip2, sizeof(*foi)); 1056 fdisp_make(fdip2, FUSE_OPEN, vnode_mount(dvp), feo->nodeid, td, 1057 cred); 1058 foi = fdip2->indata; 1059 foi->flags = flags; 1060 err = fdisp_wait_answ(fdip2); 1061 if (err) 1062 goto out; 1063 foo = fdip2->answ; 1064 } 1065 err = fuse_vnode_get(mp, feo, feo->nodeid, dvp, vpp, cnp, vap->va_type); 1066 if (err) { 1067 struct fuse_release_in *fri; 1068 uint64_t nodeid = feo->nodeid; 1069 uint64_t fh_id = foo->fh; 1070 1071 fdisp_init(fdip, sizeof(*fri)); 1072 fdisp_make(fdip, FUSE_RELEASE, mp, nodeid, td, cred); 1073 fri = fdip->indata; 1074 fri->fh = fh_id; 1075 fri->flags = flags; 1076 fuse_insert_callback(fdip->tick, fuse_internal_forget_callback); 1077 fuse_insert_message(fdip->tick, false); 1078 goto out; 1079 } 1080 ASSERT_VOP_ELOCKED(*vpp, "fuse_vnop_create"); 1081 fuse_internal_cache_attrs(*vpp, &feo->attr, feo->attr_valid, 1082 feo->attr_valid_nsec, NULL, true); 1083 1084 fuse_filehandle_init(*vpp, FUFH_RDWR, NULL, td, cred, foo); 1085 fuse_vnode_open(*vpp, foo->open_flags, td); 1086 /* 1087 * Purge the parent's attribute cache because the daemon should've 1088 * updated its mtime and ctime 1089 */ 1090 fuse_vnode_clear_attr_cache(dvp); 1091 cache_purge_negative(dvp); 1092 1093 out: 1094 if (fdip2) 1095 fdisp_destroy(fdip2); 1096 fdisp_destroy(fdip); 1097 return err; 1098 } 1099 1100 /* 1101 struct vnop_fdatasync_args { 1102 struct vop_generic_args a_gen; 1103 struct vnode * a_vp; 1104 struct thread * a_td; 1105 }; 1106 */ 1107 static int 1108 fuse_vnop_fdatasync(struct vop_fdatasync_args *ap) 1109 { 1110 struct vnode *vp = ap->a_vp; 1111 struct thread *td = ap->a_td; 1112 int waitfor = MNT_WAIT; 1113 1114 int err = 0; 1115 1116 if (fuse_isdeadfs(vp)) { 1117 return 0; 1118 } 1119 if ((err = vop_stdfdatasync_buf(ap))) 1120 return err; 1121 1122 return fuse_internal_fsync(vp, td, waitfor, true); 1123 } 1124 1125 /* 1126 struct vnop_fsync_args { 1127 struct vop_generic_args a_gen; 1128 struct vnode * a_vp; 1129 int a_waitfor; 1130 struct thread * a_td; 1131 }; 1132 */ 1133 static int 1134 fuse_vnop_fsync(struct vop_fsync_args *ap) 1135 { 1136 struct vnode *vp = ap->a_vp; 1137 struct thread *td = ap->a_td; 1138 int waitfor = ap->a_waitfor; 1139 int err = 0; 1140 1141 if (fuse_isdeadfs(vp)) { 1142 return 0; 1143 } 1144 if ((err = vop_stdfsync(ap))) 1145 return err; 1146 1147 return fuse_internal_fsync(vp, td, waitfor, false); 1148 } 1149 1150 /* 1151 struct vnop_getattr_args { 1152 struct vnode *a_vp; 1153 struct vattr *a_vap; 1154 struct ucred *a_cred; 1155 struct thread *a_td; 1156 }; 1157 */ 1158 static int 1159 fuse_vnop_getattr(struct vop_getattr_args *ap) 1160 { 1161 struct vnode *vp = ap->a_vp; 1162 struct vattr *vap = ap->a_vap; 1163 struct ucred *cred = ap->a_cred; 1164 struct thread *td = curthread; 1165 1166 int err = 0; 1167 int dataflags; 1168 1169 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 1170 1171 /* Note that we are not bailing out on a dead file system just yet. */ 1172 1173 if (!(dataflags & FSESS_INITED)) { 1174 if (!vnode_isvroot(vp)) { 1175 fdata_set_dead(fuse_get_mpdata(vnode_mount(vp))); 1176 err = ENOTCONN; 1177 return err; 1178 } else { 1179 goto fake; 1180 } 1181 } 1182 err = fuse_internal_getattr(vp, vap, cred, td); 1183 if (err == ENOTCONN && vnode_isvroot(vp)) { 1184 /* see comment in fuse_vfsop_statfs() */ 1185 goto fake; 1186 } else { 1187 return err; 1188 } 1189 1190 fake: 1191 bzero(vap, sizeof(*vap)); 1192 vap->va_type = vnode_vtype(vp); 1193 1194 return 0; 1195 } 1196 1197 /* 1198 struct vnop_inactive_args { 1199 struct vnode *a_vp; 1200 }; 1201 */ 1202 static int 1203 fuse_vnop_inactive(struct vop_inactive_args *ap) 1204 { 1205 struct vnode *vp = ap->a_vp; 1206 struct thread *td = curthread; 1207 1208 struct fuse_vnode_data *fvdat = VTOFUD(vp); 1209 struct fuse_filehandle *fufh, *fufh_tmp; 1210 1211 int need_flush = 1; 1212 1213 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 1214 if (need_flush && vp->v_type == VREG) { 1215 if ((VTOFUD(vp)->flag & FN_SIZECHANGE) != 0) { 1216 fuse_vnode_savesize(vp, NULL, 0); 1217 } 1218 if ((fvdat->flag & FN_REVOKED) != 0) 1219 fuse_io_invalbuf(vp, td); 1220 else 1221 fuse_io_flushbuf(vp, MNT_WAIT, td); 1222 need_flush = 0; 1223 } 1224 fuse_filehandle_close(vp, fufh, td, NULL); 1225 } 1226 1227 if ((fvdat->flag & FN_REVOKED) != 0) 1228 vrecycle(vp); 1229 1230 return 0; 1231 } 1232 1233 /* 1234 struct vnop_ioctl_args { 1235 struct vnode *a_vp; 1236 u_long a_command; 1237 caddr_t a_data; 1238 int a_fflag; 1239 struct ucred *a_cred; 1240 struct thread *a_td; 1241 }; 1242 */ 1243 static int 1244 fuse_vnop_ioctl(struct vop_ioctl_args *ap) 1245 { 1246 struct vnode *vp = ap->a_vp; 1247 struct mount *mp = vnode_mount(vp); 1248 struct ucred *cred = ap->a_cred; 1249 off_t *offp; 1250 pid_t pid = ap->a_td->td_proc->p_pid; 1251 int err; 1252 1253 switch (ap->a_command) { 1254 case FIOSEEKDATA: 1255 case FIOSEEKHOLE: 1256 /* Call FUSE_LSEEK, if we can, or fall back to vop_stdioctl */ 1257 if (fsess_maybe_impl(mp, FUSE_LSEEK)) { 1258 int whence; 1259 1260 offp = ap->a_data; 1261 if (ap->a_command == FIOSEEKDATA) 1262 whence = SEEK_DATA; 1263 else 1264 whence = SEEK_HOLE; 1265 1266 vn_lock(vp, LK_SHARED | LK_RETRY); 1267 err = fuse_vnop_do_lseek(vp, ap->a_td, cred, pid, offp, 1268 whence); 1269 VOP_UNLOCK(vp); 1270 } 1271 if (fsess_not_impl(mp, FUSE_LSEEK)) 1272 err = vop_stdioctl(ap); 1273 break; 1274 default: 1275 /* TODO: implement FUSE_IOCTL */ 1276 err = ENOTTY; 1277 break; 1278 } 1279 return (err); 1280 } 1281 1282 1283 /* 1284 struct vnop_link_args { 1285 struct vnode *a_tdvp; 1286 struct vnode *a_vp; 1287 struct componentname *a_cnp; 1288 }; 1289 */ 1290 static int 1291 fuse_vnop_link(struct vop_link_args *ap) 1292 { 1293 struct vnode *vp = ap->a_vp; 1294 struct vnode *tdvp = ap->a_tdvp; 1295 struct componentname *cnp = ap->a_cnp; 1296 1297 struct vattr *vap = VTOVA(vp); 1298 1299 struct fuse_dispatcher fdi; 1300 struct fuse_entry_out *feo; 1301 struct fuse_link_in fli; 1302 1303 int err; 1304 1305 if (fuse_isdeadfs(vp)) { 1306 return ENXIO; 1307 } 1308 if (vnode_mount(tdvp) != vnode_mount(vp)) { 1309 return EXDEV; 1310 } 1311 1312 /* 1313 * This is a seatbelt check to protect naive userspace filesystems from 1314 * themselves and the limitations of the FUSE IPC protocol. If a 1315 * filesystem does not allow attribute caching, assume it is capable of 1316 * validating that nlink does not overflow. 1317 */ 1318 if (vap != NULL && vap->va_nlink >= FUSE_LINK_MAX) 1319 return EMLINK; 1320 fli.oldnodeid = VTOI(vp); 1321 1322 fdisp_init(&fdi, 0); 1323 fuse_internal_newentry_makerequest(vnode_mount(tdvp), VTOI(tdvp), cnp, 1324 FUSE_LINK, &fli, sizeof(fli), &fdi); 1325 if ((err = fdisp_wait_answ(&fdi))) { 1326 goto out; 1327 } 1328 feo = fdi.answ; 1329 1330 if (fli.oldnodeid != feo->nodeid) { 1331 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 1332 fuse_warn(data, FSESS_WARN_ILLEGAL_INODE, 1333 "Assigned wrong inode for a hard link."); 1334 fuse_vnode_clear_attr_cache(vp); 1335 fuse_vnode_clear_attr_cache(tdvp); 1336 err = EIO; 1337 goto out; 1338 } 1339 1340 err = fuse_internal_checkentry(feo, vnode_vtype(vp)); 1341 if (!err) { 1342 /* 1343 * Purge the parent's attribute cache because the daemon 1344 * should've updated its mtime and ctime 1345 */ 1346 fuse_vnode_clear_attr_cache(tdvp); 1347 fuse_internal_cache_attrs(vp, &feo->attr, feo->attr_valid, 1348 feo->attr_valid_nsec, NULL, true); 1349 } 1350 out: 1351 fdisp_destroy(&fdi); 1352 return err; 1353 } 1354 1355 struct fuse_lookup_alloc_arg { 1356 struct fuse_entry_out *feo; 1357 struct componentname *cnp; 1358 uint64_t nid; 1359 enum vtype vtyp; 1360 }; 1361 1362 /* Callback for vn_get_ino */ 1363 static int 1364 fuse_lookup_alloc(struct mount *mp, void *arg, int lkflags, struct vnode **vpp) 1365 { 1366 struct fuse_lookup_alloc_arg *flaa = arg; 1367 1368 return fuse_vnode_get(mp, flaa->feo, flaa->nid, NULL, vpp, flaa->cnp, 1369 flaa->vtyp); 1370 } 1371 1372 SDT_PROBE_DEFINE3(fusefs, , vnops, cache_lookup, 1373 "int", "struct timespec*", "struct timespec*"); 1374 /* 1375 struct vnop_lookup_args { 1376 struct vnodeop_desc *a_desc; 1377 struct vnode *a_dvp; 1378 struct vnode **a_vpp; 1379 struct componentname *a_cnp; 1380 }; 1381 */ 1382 int 1383 fuse_vnop_lookup(struct vop_lookup_args *ap) 1384 { 1385 struct vnode *dvp = ap->a_dvp; 1386 struct vnode **vpp = ap->a_vpp; 1387 struct componentname *cnp = ap->a_cnp; 1388 struct thread *td = curthread; 1389 struct ucred *cred = cnp->cn_cred; 1390 struct timespec now; 1391 1392 int nameiop = cnp->cn_nameiop; 1393 int flags = cnp->cn_flags; 1394 int wantparent = flags & (LOCKPARENT | WANTPARENT); 1395 int islastcn = flags & ISLASTCN; 1396 struct mount *mp = vnode_mount(dvp); 1397 struct fuse_data *data = fuse_get_mpdata(mp); 1398 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 1399 bool is_dot; 1400 1401 int err = 0; 1402 int lookup_err = 0; 1403 struct vnode *vp = NULL; 1404 1405 struct fuse_dispatcher fdi; 1406 bool did_lookup = false; 1407 struct fuse_entry_out *feo = NULL; 1408 enum vtype vtyp; /* vnode type of target */ 1409 1410 uint64_t nid; 1411 1412 if (fuse_isdeadfs(dvp)) { 1413 *vpp = NULL; 1414 return ENXIO; 1415 } 1416 if (!vnode_isdir(dvp)) 1417 return ENOTDIR; 1418 1419 if (islastcn && vfs_isrdonly(mp) && (nameiop != LOOKUP)) 1420 return EROFS; 1421 1422 if ((cnp->cn_flags & NOEXECCHECK) != 0) 1423 cnp->cn_flags &= ~NOEXECCHECK; 1424 else if ((err = fuse_internal_access(dvp, VEXEC, td, cred))) 1425 return err; 1426 1427 is_dot = cnp->cn_namelen == 1 && *(cnp->cn_nameptr) == '.'; 1428 if ((flags & ISDOTDOT) && !(data->dataflags & FSESS_EXPORT_SUPPORT)) 1429 { 1430 if (!(VTOFUD(dvp)->flag & FN_PARENT_NID)) { 1431 /* 1432 * Since the file system doesn't support ".." lookups, 1433 * we have no way to find this entry. 1434 */ 1435 return ESTALE; 1436 } 1437 nid = VTOFUD(dvp)->parent_nid; 1438 if (nid == 0) 1439 return ENOENT; 1440 /* .. is obviously a directory */ 1441 vtyp = VDIR; 1442 } else if (is_dot) { 1443 nid = VTOI(dvp); 1444 /* . is obviously a directory */ 1445 vtyp = VDIR; 1446 } else { 1447 struct timespec timeout; 1448 int ncpticks; /* here to accommodate for API contract */ 1449 1450 err = cache_lookup(dvp, vpp, cnp, &timeout, &ncpticks); 1451 getnanouptime(&now); 1452 SDT_PROBE3(fusefs, , vnops, cache_lookup, err, &timeout, &now); 1453 switch (err) { 1454 case -1: /* positive match */ 1455 if (timespeccmp(&timeout, &now, >)) { 1456 counter_u64_add(fuse_lookup_cache_hits, 1); 1457 } else { 1458 /* Cache timeout */ 1459 counter_u64_add(fuse_lookup_cache_misses, 1); 1460 bintime_clear( 1461 &VTOFUD(*vpp)->entry_cache_timeout); 1462 cache_purge(*vpp); 1463 if (dvp != *vpp) 1464 vput(*vpp); 1465 else 1466 vrele(*vpp); 1467 *vpp = NULL; 1468 break; 1469 } 1470 return 0; 1471 1472 case 0: /* no match in cache */ 1473 counter_u64_add(fuse_lookup_cache_misses, 1); 1474 break; 1475 1476 case ENOENT: /* negative match */ 1477 if (timespeccmp(&timeout, &now, <=)) { 1478 /* Cache timeout */ 1479 cache_purge_negative(dvp); 1480 break; 1481 } 1482 /* fall through */ 1483 default: 1484 return err; 1485 } 1486 1487 fdisp_init(&fdi, cnp->cn_namelen + 1); 1488 fdisp_make(&fdi, FUSE_LOOKUP, mp, VTOI(dvp), td, cred); 1489 1490 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 1491 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 1492 lookup_err = fdisp_wait_answ(&fdi); 1493 did_lookup = true; 1494 1495 if (!lookup_err) { 1496 /* lookup call succeeded */ 1497 feo = (struct fuse_entry_out *)fdi.answ; 1498 nid = feo->nodeid; 1499 if (nid == 0) { 1500 /* zero nodeid means ENOENT and cache it */ 1501 struct timespec timeout; 1502 1503 fdi.answ_stat = ENOENT; 1504 lookup_err = ENOENT; 1505 if (cnp->cn_flags & MAKEENTRY) { 1506 fuse_validity_2_timespec(feo, &timeout); 1507 /* Use the same entry_time for .. as for 1508 * the file itself. That doesn't honor 1509 * exactly what the fuse server tells 1510 * us, but to do otherwise would require 1511 * another cache lookup at this point. 1512 */ 1513 struct timespec *dtsp = NULL; 1514 cache_enter_time(dvp, *vpp, cnp, 1515 &timeout, dtsp); 1516 } 1517 } 1518 vtyp = IFTOVT(feo->attr.mode); 1519 } 1520 if (lookup_err && (!fdi.answ_stat || lookup_err != ENOENT)) { 1521 fdisp_destroy(&fdi); 1522 return lookup_err; 1523 } 1524 } 1525 /* lookup_err, if non-zero, must be ENOENT at this point */ 1526 1527 if (lookup_err) { 1528 /* Entry not found */ 1529 if ((nameiop == CREATE || nameiop == RENAME) && islastcn) { 1530 if (default_permissions) 1531 err = fuse_internal_access(dvp, VWRITE, td, 1532 cred); 1533 else 1534 err = 0; 1535 if (!err) { 1536 /* 1537 * Set the SAVENAME flag to hold onto the 1538 * pathname for use later in VOP_CREATE or 1539 * VOP_RENAME. 1540 */ 1541 cnp->cn_flags |= SAVENAME; 1542 1543 err = EJUSTRETURN; 1544 } 1545 } else { 1546 err = ENOENT; 1547 } 1548 } else { 1549 /* Entry was found */ 1550 if (flags & ISDOTDOT) { 1551 struct fuse_lookup_alloc_arg flaa; 1552 1553 flaa.nid = nid; 1554 flaa.feo = feo; 1555 flaa.cnp = cnp; 1556 flaa.vtyp = vtyp; 1557 err = vn_vget_ino_gen(dvp, fuse_lookup_alloc, &flaa, 0, 1558 &vp); 1559 *vpp = vp; 1560 } else if (nid == VTOI(dvp)) { 1561 if (is_dot) { 1562 vref(dvp); 1563 *vpp = dvp; 1564 } else { 1565 fuse_warn(fuse_get_mpdata(mp), 1566 FSESS_WARN_ILLEGAL_INODE, 1567 "Assigned same inode to both parent and " 1568 "child."); 1569 err = EIO; 1570 } 1571 1572 } else { 1573 struct fuse_vnode_data *fvdat; 1574 1575 err = fuse_vnode_get(vnode_mount(dvp), feo, nid, dvp, 1576 &vp, cnp, vtyp); 1577 if (err) 1578 goto out; 1579 *vpp = vp; 1580 fvdat = VTOFUD(vp); 1581 1582 MPASS(feo != NULL); 1583 if (timespeccmp(&now, &fvdat->last_local_modify, >)) { 1584 /* 1585 * Attributes from the server are definitely 1586 * newer than the last attributes we sent to 1587 * the server, so cache them. 1588 */ 1589 fuse_internal_cache_attrs(*vpp, &feo->attr, 1590 feo->attr_valid, feo->attr_valid_nsec, 1591 NULL, true); 1592 } 1593 fuse_validity_2_bintime(feo->entry_valid, 1594 feo->entry_valid_nsec, 1595 &fvdat->entry_cache_timeout); 1596 1597 if ((nameiop == DELETE || nameiop == RENAME) && 1598 islastcn && default_permissions) 1599 { 1600 struct vattr dvattr; 1601 1602 err = fuse_internal_access(dvp, VWRITE, td, 1603 cred); 1604 if (err != 0) 1605 goto out; 1606 /* 1607 * if the parent's sticky bit is set, check 1608 * whether we're allowed to remove the file. 1609 * Need to figure out the vnode locking to make 1610 * this work. 1611 */ 1612 fuse_internal_getattr(dvp, &dvattr, cred, td); 1613 if ((dvattr.va_mode & S_ISTXT) && 1614 fuse_internal_access(dvp, VADMIN, td, 1615 cred) && 1616 fuse_internal_access(*vpp, VADMIN, td, 1617 cred)) { 1618 err = EPERM; 1619 goto out; 1620 } 1621 } 1622 1623 if (islastcn && ( 1624 (nameiop == DELETE) || 1625 (nameiop == RENAME && wantparent))) { 1626 cnp->cn_flags |= SAVENAME; 1627 } 1628 } 1629 } 1630 out: 1631 if (err) { 1632 if (vp != NULL && dvp != vp) 1633 vput(vp); 1634 else if (vp != NULL) 1635 vrele(vp); 1636 *vpp = NULL; 1637 } 1638 if (did_lookup) 1639 fdisp_destroy(&fdi); 1640 1641 return err; 1642 } 1643 1644 /* 1645 struct vnop_mkdir_args { 1646 struct vnode *a_dvp; 1647 struct vnode **a_vpp; 1648 struct componentname *a_cnp; 1649 struct vattr *a_vap; 1650 }; 1651 */ 1652 static int 1653 fuse_vnop_mkdir(struct vop_mkdir_args *ap) 1654 { 1655 struct vnode *dvp = ap->a_dvp; 1656 struct vnode **vpp = ap->a_vpp; 1657 struct componentname *cnp = ap->a_cnp; 1658 struct vattr *vap = ap->a_vap; 1659 1660 struct fuse_mkdir_in fmdi; 1661 1662 if (fuse_isdeadfs(dvp)) { 1663 return ENXIO; 1664 } 1665 fmdi.mode = MAKEIMODE(vap->va_type, vap->va_mode); 1666 fmdi.umask = curthread->td_proc->p_pd->pd_cmask; 1667 1668 return (fuse_internal_newentry(dvp, vpp, cnp, FUSE_MKDIR, &fmdi, 1669 sizeof(fmdi), VDIR)); 1670 } 1671 1672 /* 1673 struct vnop_mknod_args { 1674 struct vnode *a_dvp; 1675 struct vnode **a_vpp; 1676 struct componentname *a_cnp; 1677 struct vattr *a_vap; 1678 }; 1679 */ 1680 static int 1681 fuse_vnop_mknod(struct vop_mknod_args *ap) 1682 { 1683 1684 struct vnode *dvp = ap->a_dvp; 1685 struct vnode **vpp = ap->a_vpp; 1686 struct componentname *cnp = ap->a_cnp; 1687 struct vattr *vap = ap->a_vap; 1688 1689 if (fuse_isdeadfs(dvp)) 1690 return ENXIO; 1691 1692 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1693 } 1694 1695 /* 1696 struct vop_open_args { 1697 struct vnode *a_vp; 1698 int a_mode; 1699 struct ucred *a_cred; 1700 struct thread *a_td; 1701 int a_fdidx; / struct file *a_fp; 1702 }; 1703 */ 1704 static int 1705 fuse_vnop_open(struct vop_open_args *ap) 1706 { 1707 struct vnode *vp = ap->a_vp; 1708 int a_mode = ap->a_mode; 1709 struct thread *td = ap->a_td; 1710 struct ucred *cred = ap->a_cred; 1711 pid_t pid = td->td_proc->p_pid; 1712 1713 if (fuse_isdeadfs(vp)) 1714 return ENXIO; 1715 if (vp->v_type == VCHR || vp->v_type == VBLK || vp->v_type == VFIFO) 1716 return (EOPNOTSUPP); 1717 if ((a_mode & (FREAD | FWRITE | FEXEC)) == 0) 1718 return EINVAL; 1719 1720 if (fuse_filehandle_validrw(vp, a_mode, cred, pid)) { 1721 fuse_vnode_open(vp, 0, td); 1722 return 0; 1723 } 1724 1725 return fuse_filehandle_open(vp, a_mode, NULL, td, cred); 1726 } 1727 1728 static int 1729 fuse_vnop_pathconf(struct vop_pathconf_args *ap) 1730 { 1731 struct vnode *vp = ap->a_vp; 1732 struct mount *mp; 1733 1734 switch (ap->a_name) { 1735 case _PC_FILESIZEBITS: 1736 *ap->a_retval = 64; 1737 return (0); 1738 case _PC_NAME_MAX: 1739 *ap->a_retval = NAME_MAX; 1740 return (0); 1741 case _PC_LINK_MAX: 1742 *ap->a_retval = MIN(LONG_MAX, FUSE_LINK_MAX); 1743 return (0); 1744 case _PC_SYMLINK_MAX: 1745 *ap->a_retval = MAXPATHLEN; 1746 return (0); 1747 case _PC_NO_TRUNC: 1748 *ap->a_retval = 1; 1749 return (0); 1750 case _PC_MIN_HOLE_SIZE: 1751 /* 1752 * The FUSE protocol provides no mechanism for a server to 1753 * report _PC_MIN_HOLE_SIZE. It's a protocol bug. Instead, 1754 * return EINVAL if the server does not support FUSE_LSEEK, or 1755 * 1 if it does. 1756 */ 1757 mp = vnode_mount(vp); 1758 if (!fsess_is_impl(mp, FUSE_LSEEK) && 1759 !fsess_not_impl(mp, FUSE_LSEEK)) { 1760 off_t offset = 0; 1761 1762 /* Issue a FUSE_LSEEK to find out if it's implemented */ 1763 fuse_vnop_do_lseek(vp, curthread, curthread->td_ucred, 1764 curthread->td_proc->p_pid, &offset, SEEK_DATA); 1765 } 1766 1767 if (fsess_is_impl(mp, FUSE_LSEEK)) { 1768 *ap->a_retval = 1; 1769 return (0); 1770 } else { 1771 /* 1772 * Probably FUSE_LSEEK is not implemented. It might 1773 * be, if the FUSE_LSEEK above returned an error like 1774 * EACCES, but in that case we can't tell, so it's 1775 * safest to report EINVAL anyway. 1776 */ 1777 return (EINVAL); 1778 } 1779 default: 1780 return (vop_stdpathconf(ap)); 1781 } 1782 } 1783 1784 SDT_PROBE_DEFINE3(fusefs, , vnops, filehandles_closed, "struct vnode*", 1785 "struct uio*", "struct ucred*"); 1786 /* 1787 struct vnop_read_args { 1788 struct vnode *a_vp; 1789 struct uio *a_uio; 1790 int a_ioflag; 1791 struct ucred *a_cred; 1792 }; 1793 */ 1794 static int 1795 fuse_vnop_read(struct vop_read_args *ap) 1796 { 1797 struct vnode *vp = ap->a_vp; 1798 struct uio *uio = ap->a_uio; 1799 int ioflag = ap->a_ioflag; 1800 struct ucred *cred = ap->a_cred; 1801 pid_t pid = curthread->td_proc->p_pid; 1802 struct fuse_filehandle *fufh; 1803 int err; 1804 bool closefufh = false, directio; 1805 1806 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 1807 1808 if (fuse_isdeadfs(vp)) { 1809 return ENXIO; 1810 } 1811 1812 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 1813 ioflag |= IO_DIRECT; 1814 } 1815 1816 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 1817 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 1818 /* 1819 * nfsd will do I/O without first doing VOP_OPEN. We 1820 * must implicitly open the file here 1821 */ 1822 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1823 closefufh = true; 1824 } 1825 if (err) { 1826 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 1827 return err; 1828 } 1829 1830 /* 1831 * Ideally, when the daemon asks for direct io at open time, the 1832 * standard file flag should be set according to this, so that would 1833 * just change the default mode, which later on could be changed via 1834 * fcntl(2). 1835 * But this doesn't work, the O_DIRECT flag gets cleared at some point 1836 * (don't know where). So to make any use of the Fuse direct_io option, 1837 * we hardwire it into the file's private data (similarly to Linux, 1838 * btw.). 1839 */ 1840 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 1841 1842 fuse_vnode_update(vp, FN_ATIMECHANGE); 1843 if (directio) { 1844 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct read of vnode"); 1845 err = fuse_read_directbackend(vp, uio, cred, fufh); 1846 } else { 1847 SDT_PROBE2(fusefs, , vnops, trace, 1, "buffered read of vnode"); 1848 err = fuse_read_biobackend(vp, uio, ioflag, cred, fufh, pid); 1849 } 1850 1851 if (closefufh) 1852 fuse_filehandle_close(vp, fufh, curthread, cred); 1853 1854 return (err); 1855 } 1856 1857 /* 1858 struct vnop_readdir_args { 1859 struct vnode *a_vp; 1860 struct uio *a_uio; 1861 struct ucred *a_cred; 1862 int *a_eofflag; 1863 int *a_ncookies; 1864 uint64_t **a_cookies; 1865 }; 1866 */ 1867 static int 1868 fuse_vnop_readdir(struct vop_readdir_args *ap) 1869 { 1870 struct vnode *vp = ap->a_vp; 1871 struct uio *uio = ap->a_uio; 1872 struct ucred *cred = ap->a_cred; 1873 struct fuse_filehandle *fufh = NULL; 1874 struct mount *mp = vnode_mount(vp); 1875 struct fuse_iov cookediov; 1876 int err = 0; 1877 uint64_t *cookies; 1878 ssize_t tresid; 1879 int ncookies; 1880 bool closefufh = false; 1881 pid_t pid = curthread->td_proc->p_pid; 1882 1883 if (ap->a_eofflag) 1884 *ap->a_eofflag = 0; 1885 if (fuse_isdeadfs(vp)) { 1886 return ENXIO; 1887 } 1888 if ( /* XXXIP ((uio_iovcnt(uio) > 1)) || */ 1889 (uio_resid(uio) < sizeof(struct dirent))) { 1890 return EINVAL; 1891 } 1892 1893 tresid = uio->uio_resid; 1894 err = fuse_filehandle_get_dir(vp, &fufh, cred, pid); 1895 if (err == EBADF && mp->mnt_flag & MNT_EXPORTED) { 1896 KASSERT(fuse_get_mpdata(mp)->dataflags 1897 & FSESS_NO_OPENDIR_SUPPORT, 1898 ("FUSE file systems that don't set " 1899 "FUSE_NO_OPENDIR_SUPPORT should not be exported")); 1900 /* 1901 * nfsd will do VOP_READDIR without first doing VOP_OPEN. We 1902 * must implicitly open the directory here. 1903 */ 1904 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1905 closefufh = true; 1906 } 1907 if (err) 1908 return (err); 1909 if (ap->a_ncookies != NULL) { 1910 ncookies = uio->uio_resid / 1911 (offsetof(struct dirent, d_name) + 4) + 1; 1912 cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK); 1913 *ap->a_ncookies = ncookies; 1914 *ap->a_cookies = cookies; 1915 } else { 1916 ncookies = 0; 1917 cookies = NULL; 1918 } 1919 #define DIRCOOKEDSIZE FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + MAXNAMLEN + 1) 1920 fiov_init(&cookediov, DIRCOOKEDSIZE); 1921 1922 err = fuse_internal_readdir(vp, uio, fufh, &cookediov, 1923 &ncookies, cookies); 1924 1925 fiov_teardown(&cookediov); 1926 if (closefufh) 1927 fuse_filehandle_close(vp, fufh, curthread, cred); 1928 1929 if (ap->a_ncookies != NULL) { 1930 if (err == 0) { 1931 *ap->a_ncookies -= ncookies; 1932 } else { 1933 free(*ap->a_cookies, M_TEMP); 1934 *ap->a_ncookies = 0; 1935 *ap->a_cookies = NULL; 1936 } 1937 } 1938 if (err == 0 && tresid == uio->uio_resid) 1939 *ap->a_eofflag = 1; 1940 1941 return err; 1942 } 1943 1944 /* 1945 struct vnop_readlink_args { 1946 struct vnode *a_vp; 1947 struct uio *a_uio; 1948 struct ucred *a_cred; 1949 }; 1950 */ 1951 static int 1952 fuse_vnop_readlink(struct vop_readlink_args *ap) 1953 { 1954 struct vnode *vp = ap->a_vp; 1955 struct uio *uio = ap->a_uio; 1956 struct ucred *cred = ap->a_cred; 1957 1958 struct fuse_dispatcher fdi; 1959 int err; 1960 1961 if (fuse_isdeadfs(vp)) { 1962 return ENXIO; 1963 } 1964 if (!vnode_islnk(vp)) { 1965 return EINVAL; 1966 } 1967 fdisp_init(&fdi, 0); 1968 err = fdisp_simple_putget_vp(&fdi, FUSE_READLINK, vp, curthread, cred); 1969 if (err) { 1970 goto out; 1971 } 1972 if (((char *)fdi.answ)[0] == '/' && 1973 fuse_get_mpdata(vnode_mount(vp))->dataflags & FSESS_PUSH_SYMLINKS_IN) { 1974 char *mpth = vnode_mount(vp)->mnt_stat.f_mntonname; 1975 1976 err = uiomove(mpth, strlen(mpth), uio); 1977 } 1978 if (!err) { 1979 err = uiomove(fdi.answ, fdi.iosize, uio); 1980 } 1981 out: 1982 fdisp_destroy(&fdi); 1983 return err; 1984 } 1985 1986 /* 1987 struct vnop_reclaim_args { 1988 struct vnode *a_vp; 1989 }; 1990 */ 1991 static int 1992 fuse_vnop_reclaim(struct vop_reclaim_args *ap) 1993 { 1994 struct vnode *vp = ap->a_vp; 1995 struct thread *td = curthread; 1996 struct fuse_vnode_data *fvdat = VTOFUD(vp); 1997 struct fuse_filehandle *fufh, *fufh_tmp; 1998 1999 if (!fvdat) { 2000 panic("FUSE: no vnode data during recycling"); 2001 } 2002 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 2003 printf("FUSE: vnode being reclaimed with open fufh " 2004 "(type=%#x)", fufh->fufh_type); 2005 fuse_filehandle_close(vp, fufh, td, NULL); 2006 } 2007 2008 if (VTOI(vp) == 1) { 2009 /* 2010 * Don't send FUSE_FORGET for the root inode, because 2011 * we never send FUSE_LOOKUP for it (see 2012 * fuse_vfsop_root) and we don't want the server to see 2013 * mismatched lookup counts. 2014 */ 2015 struct fuse_data *data; 2016 struct vnode *vroot; 2017 2018 data = fuse_get_mpdata(vnode_mount(vp)); 2019 FUSE_LOCK(); 2020 vroot = data->vroot; 2021 data->vroot = NULL; 2022 FUSE_UNLOCK(); 2023 if (vroot) 2024 vrele(vroot); 2025 } else if (!fuse_isdeadfs(vp) && fvdat->nlookup > 0) { 2026 fuse_internal_forget_send(vnode_mount(vp), td, NULL, VTOI(vp), 2027 fvdat->nlookup); 2028 } 2029 cache_purge(vp); 2030 vfs_hash_remove(vp); 2031 fuse_vnode_destroy(vp); 2032 2033 return 0; 2034 } 2035 2036 /* 2037 struct vnop_remove_args { 2038 struct vnode *a_dvp; 2039 struct vnode *a_vp; 2040 struct componentname *a_cnp; 2041 }; 2042 */ 2043 static int 2044 fuse_vnop_remove(struct vop_remove_args *ap) 2045 { 2046 struct vnode *dvp = ap->a_dvp; 2047 struct vnode *vp = ap->a_vp; 2048 struct componentname *cnp = ap->a_cnp; 2049 2050 int err; 2051 2052 if (fuse_isdeadfs(vp)) { 2053 return ENXIO; 2054 } 2055 if (vnode_isdir(vp)) { 2056 return EPERM; 2057 } 2058 2059 err = fuse_internal_remove(dvp, vp, cnp, FUSE_UNLINK); 2060 2061 return err; 2062 } 2063 2064 /* 2065 struct vnop_rename_args { 2066 struct vnode *a_fdvp; 2067 struct vnode *a_fvp; 2068 struct componentname *a_fcnp; 2069 struct vnode *a_tdvp; 2070 struct vnode *a_tvp; 2071 struct componentname *a_tcnp; 2072 }; 2073 */ 2074 static int 2075 fuse_vnop_rename(struct vop_rename_args *ap) 2076 { 2077 struct vnode *fdvp = ap->a_fdvp; 2078 struct vnode *fvp = ap->a_fvp; 2079 struct componentname *fcnp = ap->a_fcnp; 2080 struct vnode *tdvp = ap->a_tdvp; 2081 struct vnode *tvp = ap->a_tvp; 2082 struct componentname *tcnp = ap->a_tcnp; 2083 struct fuse_data *data; 2084 bool newparent = fdvp != tdvp; 2085 bool isdir = fvp->v_type == VDIR; 2086 int err = 0; 2087 2088 if (fuse_isdeadfs(fdvp)) { 2089 return ENXIO; 2090 } 2091 if (fvp->v_mount != tdvp->v_mount || 2092 (tvp && fvp->v_mount != tvp->v_mount)) { 2093 SDT_PROBE2(fusefs, , vnops, trace, 1, "cross-device rename"); 2094 err = EXDEV; 2095 goto out; 2096 } 2097 cache_purge(fvp); 2098 2099 /* 2100 * FUSE library is expected to check if target directory is not 2101 * under the source directory in the file system tree. 2102 * Linux performs this check at VFS level. 2103 */ 2104 /* 2105 * If source is a directory, and it will get a new parent, user must 2106 * have write permission to it, so ".." can be modified. 2107 */ 2108 data = fuse_get_mpdata(vnode_mount(tdvp)); 2109 if (data->dataflags & FSESS_DEFAULT_PERMISSIONS && isdir && newparent) { 2110 err = fuse_internal_access(fvp, VWRITE, 2111 curthread, tcnp->cn_cred); 2112 if (err) 2113 goto out; 2114 } 2115 sx_xlock(&data->rename_lock); 2116 err = fuse_internal_rename(fdvp, fcnp, tdvp, tcnp); 2117 if (err == 0) { 2118 if (tdvp != fdvp) 2119 fuse_vnode_setparent(fvp, tdvp); 2120 if (tvp != NULL) 2121 fuse_vnode_setparent(tvp, NULL); 2122 } 2123 sx_unlock(&data->rename_lock); 2124 2125 if (tvp != NULL && tvp != fvp) { 2126 cache_purge(tvp); 2127 } 2128 if (vnode_isdir(fvp)) { 2129 if (((tvp != NULL) && vnode_isdir(tvp)) || vnode_isdir(fvp)) { 2130 cache_purge(tdvp); 2131 } 2132 cache_purge(fdvp); 2133 } 2134 out: 2135 if (tdvp == tvp) { 2136 vrele(tdvp); 2137 } else { 2138 vput(tdvp); 2139 } 2140 if (tvp != NULL) { 2141 vput(tvp); 2142 } 2143 vrele(fdvp); 2144 vrele(fvp); 2145 2146 return err; 2147 } 2148 2149 /* 2150 struct vnop_rmdir_args { 2151 struct vnode *a_dvp; 2152 struct vnode *a_vp; 2153 struct componentname *a_cnp; 2154 } *ap; 2155 */ 2156 static int 2157 fuse_vnop_rmdir(struct vop_rmdir_args *ap) 2158 { 2159 struct vnode *dvp = ap->a_dvp; 2160 struct vnode *vp = ap->a_vp; 2161 2162 int err; 2163 2164 if (fuse_isdeadfs(vp)) { 2165 return ENXIO; 2166 } 2167 if (VTOFUD(vp) == VTOFUD(dvp)) { 2168 return EINVAL; 2169 } 2170 err = fuse_internal_remove(dvp, vp, ap->a_cnp, FUSE_RMDIR); 2171 2172 return err; 2173 } 2174 2175 /* 2176 struct vnop_setattr_args { 2177 struct vnode *a_vp; 2178 struct vattr *a_vap; 2179 struct ucred *a_cred; 2180 struct thread *a_td; 2181 }; 2182 */ 2183 static int 2184 fuse_vnop_setattr(struct vop_setattr_args *ap) 2185 { 2186 struct vnode *vp = ap->a_vp; 2187 struct vattr *vap = ap->a_vap; 2188 struct ucred *cred = ap->a_cred; 2189 struct thread *td = curthread; 2190 struct mount *mp; 2191 struct fuse_data *data; 2192 struct vattr old_va; 2193 int dataflags; 2194 int err = 0, err2; 2195 accmode_t accmode = 0; 2196 bool checkperm; 2197 bool drop_suid = false; 2198 gid_t cr_gid; 2199 2200 mp = vnode_mount(vp); 2201 data = fuse_get_mpdata(mp); 2202 dataflags = data->dataflags; 2203 checkperm = dataflags & FSESS_DEFAULT_PERMISSIONS; 2204 if (cred->cr_ngroups > 0) 2205 cr_gid = cred->cr_groups[0]; 2206 else 2207 cr_gid = 0; 2208 2209 if (fuse_isdeadfs(vp)) { 2210 return ENXIO; 2211 } 2212 2213 if (vap->va_uid != (uid_t)VNOVAL) { 2214 if (checkperm) { 2215 /* Only root may change a file's owner */ 2216 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2217 if (err) { 2218 /* As a special case, allow the null chown */ 2219 err2 = fuse_internal_getattr(vp, &old_va, cred, 2220 td); 2221 if (err2) 2222 return (err2); 2223 if (vap->va_uid != old_va.va_uid) 2224 return err; 2225 else 2226 accmode |= VADMIN; 2227 drop_suid = true; 2228 } else 2229 accmode |= VADMIN; 2230 } else 2231 accmode |= VADMIN; 2232 } 2233 if (vap->va_gid != (gid_t)VNOVAL) { 2234 if (checkperm && priv_check_cred(cred, PRIV_VFS_CHOWN)) 2235 drop_suid = true; 2236 if (checkperm && !groupmember(vap->va_gid, cred)) 2237 { 2238 /* 2239 * Non-root users may only chgrp to one of their own 2240 * groups 2241 */ 2242 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2243 if (err) { 2244 /* As a special case, allow the null chgrp */ 2245 err2 = fuse_internal_getattr(vp, &old_va, cred, 2246 td); 2247 if (err2) 2248 return (err2); 2249 if (vap->va_gid != old_va.va_gid) 2250 return err; 2251 accmode |= VADMIN; 2252 } else 2253 accmode |= VADMIN; 2254 } else 2255 accmode |= VADMIN; 2256 } 2257 if (vap->va_size != VNOVAL) { 2258 switch (vp->v_type) { 2259 case VDIR: 2260 return (EISDIR); 2261 case VLNK: 2262 case VREG: 2263 if (vfs_isrdonly(mp)) 2264 return (EROFS); 2265 break; 2266 default: 2267 /* 2268 * According to POSIX, the result is unspecified 2269 * for file types other than regular files, 2270 * directories and shared memory objects. We 2271 * don't support shared memory objects in the file 2272 * system, and have dubious support for truncating 2273 * symlinks. Just ignore the request in other cases. 2274 */ 2275 return (0); 2276 } 2277 /* Don't set accmode. Permission to trunc is checked upstack */ 2278 } 2279 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 2280 if (vap->va_vaflags & VA_UTIMES_NULL) 2281 accmode |= VWRITE; 2282 else 2283 accmode |= VADMIN; 2284 } 2285 if (drop_suid) { 2286 if (vap->va_mode != (mode_t)VNOVAL) 2287 vap->va_mode &= ~(S_ISUID | S_ISGID); 2288 else { 2289 err = fuse_internal_getattr(vp, &old_va, cred, td); 2290 if (err) 2291 return (err); 2292 vap->va_mode = old_va.va_mode & ~(S_ISUID | S_ISGID); 2293 } 2294 } 2295 if (vap->va_mode != (mode_t)VNOVAL) { 2296 /* Only root may set the sticky bit on non-directories */ 2297 if (checkperm && vp->v_type != VDIR && (vap->va_mode & S_ISTXT) 2298 && priv_check_cred(cred, PRIV_VFS_STICKYFILE)) 2299 return EFTYPE; 2300 if (checkperm && (vap->va_mode & S_ISGID)) { 2301 err = fuse_internal_getattr(vp, &old_va, cred, td); 2302 if (err) 2303 return (err); 2304 if (!groupmember(old_va.va_gid, cred)) { 2305 err = priv_check_cred(cred, PRIV_VFS_SETGID); 2306 if (err) 2307 return (err); 2308 } 2309 } 2310 accmode |= VADMIN; 2311 } 2312 2313 if (vfs_isrdonly(mp)) 2314 return EROFS; 2315 2316 if (checkperm) { 2317 err = fuse_internal_access(vp, accmode, td, cred); 2318 } else { 2319 err = 0; 2320 } 2321 if (err) 2322 return err; 2323 else 2324 return fuse_internal_setattr(vp, vap, td, cred); 2325 } 2326 2327 /* 2328 struct vnop_strategy_args { 2329 struct vnode *a_vp; 2330 struct buf *a_bp; 2331 }; 2332 */ 2333 static int 2334 fuse_vnop_strategy(struct vop_strategy_args *ap) 2335 { 2336 struct vnode *vp = ap->a_vp; 2337 struct buf *bp = ap->a_bp; 2338 2339 if (!vp || fuse_isdeadfs(vp)) { 2340 bp->b_ioflags |= BIO_ERROR; 2341 bp->b_error = ENXIO; 2342 bufdone(bp); 2343 return 0; 2344 } 2345 2346 /* 2347 * VOP_STRATEGY always returns zero and signals error via bp->b_ioflags. 2348 * fuse_io_strategy sets bp's error fields 2349 */ 2350 (void)fuse_io_strategy(vp, bp); 2351 2352 return 0; 2353 } 2354 2355 /* 2356 struct vnop_symlink_args { 2357 struct vnode *a_dvp; 2358 struct vnode **a_vpp; 2359 struct componentname *a_cnp; 2360 struct vattr *a_vap; 2361 char *a_target; 2362 }; 2363 */ 2364 static int 2365 fuse_vnop_symlink(struct vop_symlink_args *ap) 2366 { 2367 struct vnode *dvp = ap->a_dvp; 2368 struct vnode **vpp = ap->a_vpp; 2369 struct componentname *cnp = ap->a_cnp; 2370 const char *target = ap->a_target; 2371 2372 struct fuse_dispatcher fdi; 2373 2374 int err; 2375 size_t len; 2376 2377 if (fuse_isdeadfs(dvp)) { 2378 return ENXIO; 2379 } 2380 /* 2381 * Unlike the other creator type calls, here we have to create a message 2382 * where the name of the new entry comes first, and the data describing 2383 * the entry comes second. 2384 * Hence we can't rely on our handy fuse_internal_newentry() routine, 2385 * but put together the message manually and just call the core part. 2386 */ 2387 2388 len = strlen(target) + 1; 2389 fdisp_init(&fdi, len + cnp->cn_namelen + 1); 2390 fdisp_make_vp(&fdi, FUSE_SYMLINK, dvp, curthread, NULL); 2391 2392 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 2393 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 2394 memcpy((char *)fdi.indata + cnp->cn_namelen + 1, target, len); 2395 2396 err = fuse_internal_newentry_core(dvp, vpp, cnp, VLNK, &fdi); 2397 fdisp_destroy(&fdi); 2398 return err; 2399 } 2400 2401 /* 2402 struct vnop_write_args { 2403 struct vnode *a_vp; 2404 struct uio *a_uio; 2405 int a_ioflag; 2406 struct ucred *a_cred; 2407 }; 2408 */ 2409 static int 2410 fuse_vnop_write(struct vop_write_args *ap) 2411 { 2412 struct vnode *vp = ap->a_vp; 2413 struct uio *uio = ap->a_uio; 2414 int ioflag = ap->a_ioflag; 2415 struct ucred *cred = ap->a_cred; 2416 pid_t pid = curthread->td_proc->p_pid; 2417 struct fuse_filehandle *fufh; 2418 int err; 2419 bool closefufh = false, directio; 2420 2421 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 2422 2423 if (fuse_isdeadfs(vp)) { 2424 return ENXIO; 2425 } 2426 2427 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 2428 ioflag |= IO_DIRECT; 2429 } 2430 2431 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2432 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 2433 /* 2434 * nfsd will do I/O without first doing VOP_OPEN. We 2435 * must implicitly open the file here 2436 */ 2437 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 2438 closefufh = true; 2439 } 2440 if (err) { 2441 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 2442 return err; 2443 } 2444 2445 /* 2446 * Ideally, when the daemon asks for direct io at open time, the 2447 * standard file flag should be set according to this, so that would 2448 * just change the default mode, which later on could be changed via 2449 * fcntl(2). 2450 * But this doesn't work, the O_DIRECT flag gets cleared at some point 2451 * (don't know where). So to make any use of the Fuse direct_io option, 2452 * we hardwire it into the file's private data (similarly to Linux, 2453 * btw.). 2454 */ 2455 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 2456 2457 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 2458 if (directio) { 2459 off_t start, end, filesize; 2460 bool pages = (ioflag & IO_VMIO) != 0; 2461 2462 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct write of vnode"); 2463 2464 err = fuse_vnode_size(vp, &filesize, cred, curthread); 2465 if (err) 2466 goto out; 2467 2468 start = uio->uio_offset; 2469 end = start + uio->uio_resid; 2470 if (!pages) { 2471 err = fuse_inval_buf_range(vp, filesize, start, 2472 end); 2473 if (err) 2474 goto out; 2475 } 2476 err = fuse_write_directbackend(vp, uio, cred, fufh, 2477 filesize, ioflag, pages); 2478 } else { 2479 SDT_PROBE2(fusefs, , vnops, trace, 1, 2480 "buffered write of vnode"); 2481 if (!fsess_opt_writeback(vnode_mount(vp))) 2482 ioflag |= IO_SYNC; 2483 err = fuse_write_biobackend(vp, uio, cred, fufh, ioflag, pid); 2484 } 2485 fuse_internal_clear_suid_on_write(vp, cred, uio->uio_td); 2486 2487 out: 2488 if (closefufh) 2489 fuse_filehandle_close(vp, fufh, curthread, cred); 2490 2491 return (err); 2492 } 2493 2494 static daddr_t 2495 fuse_gbp_getblkno(struct vnode *vp, vm_ooffset_t off) 2496 { 2497 const int biosize = fuse_iosize(vp); 2498 2499 return (off / biosize); 2500 } 2501 2502 static int 2503 fuse_gbp_getblksz(struct vnode *vp, daddr_t lbn, long *blksz) 2504 { 2505 off_t filesize; 2506 int err; 2507 const int biosize = fuse_iosize(vp); 2508 2509 err = fuse_vnode_size(vp, &filesize, NULL, NULL); 2510 if (err) { 2511 /* This will turn into a SIGBUS */ 2512 return (EIO); 2513 } else if ((off_t)lbn * biosize >= filesize) { 2514 *blksz = 0; 2515 } else if ((off_t)(lbn + 1) * biosize > filesize) { 2516 *blksz = filesize - (off_t)lbn *biosize; 2517 } else { 2518 *blksz = biosize; 2519 } 2520 return (0); 2521 } 2522 2523 /* 2524 struct vnop_getpages_args { 2525 struct vnode *a_vp; 2526 vm_page_t *a_m; 2527 int a_count; 2528 int a_reqpage; 2529 }; 2530 */ 2531 static int 2532 fuse_vnop_getpages(struct vop_getpages_args *ap) 2533 { 2534 struct vnode *vp = ap->a_vp; 2535 2536 if (!fsess_opt_mmap(vnode_mount(vp))) { 2537 SDT_PROBE2(fusefs, , vnops, trace, 1, 2538 "called on non-cacheable vnode??\n"); 2539 return (VM_PAGER_ERROR); 2540 } 2541 2542 return (vfs_bio_getpages(vp, ap->a_m, ap->a_count, ap->a_rbehind, 2543 ap->a_rahead, fuse_gbp_getblkno, fuse_gbp_getblksz)); 2544 } 2545 2546 static const char extattr_namespace_separator = '.'; 2547 2548 /* 2549 struct vop_getextattr_args { 2550 struct vop_generic_args a_gen; 2551 struct vnode *a_vp; 2552 int a_attrnamespace; 2553 const char *a_name; 2554 struct uio *a_uio; 2555 size_t *a_size; 2556 struct ucred *a_cred; 2557 struct thread *a_td; 2558 }; 2559 */ 2560 static int 2561 fuse_vnop_getextattr(struct vop_getextattr_args *ap) 2562 { 2563 struct vnode *vp = ap->a_vp; 2564 struct uio *uio = ap->a_uio; 2565 struct fuse_dispatcher fdi; 2566 struct fuse_getxattr_in *get_xattr_in; 2567 struct fuse_getxattr_out *get_xattr_out; 2568 struct mount *mp = vnode_mount(vp); 2569 struct thread *td = ap->a_td; 2570 struct ucred *cred = ap->a_cred; 2571 char *prefix; 2572 char *attr_str; 2573 size_t len; 2574 int err; 2575 2576 if (fuse_isdeadfs(vp)) 2577 return (ENXIO); 2578 2579 if (fsess_not_impl(mp, FUSE_GETXATTR)) 2580 return EOPNOTSUPP; 2581 2582 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2583 if (err) 2584 return err; 2585 2586 /* Default to looking for user attributes. */ 2587 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2588 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2589 else 2590 prefix = EXTATTR_NAMESPACE_USER_STRING; 2591 2592 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2593 strlen(ap->a_name) + 1; 2594 2595 fdisp_init(&fdi, len + sizeof(*get_xattr_in)); 2596 fdisp_make_vp(&fdi, FUSE_GETXATTR, vp, td, cred); 2597 2598 get_xattr_in = fdi.indata; 2599 /* 2600 * Check to see whether we're querying the available size or 2601 * issuing the actual request. If we pass in 0, we get back struct 2602 * fuse_getxattr_out. If we pass in a non-zero size, we get back 2603 * that much data, without the struct fuse_getxattr_out header. 2604 */ 2605 if (uio == NULL) 2606 get_xattr_in->size = 0; 2607 else 2608 get_xattr_in->size = uio->uio_resid; 2609 2610 attr_str = (char *)fdi.indata + sizeof(*get_xattr_in); 2611 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2612 ap->a_name); 2613 2614 err = fdisp_wait_answ(&fdi); 2615 if (err != 0) { 2616 if (err == ENOSYS) { 2617 fsess_set_notimpl(mp, FUSE_GETXATTR); 2618 err = EOPNOTSUPP; 2619 } 2620 goto out; 2621 } 2622 2623 get_xattr_out = fdi.answ; 2624 2625 if (ap->a_size != NULL) 2626 *ap->a_size = get_xattr_out->size; 2627 2628 if (uio != NULL) 2629 err = uiomove(fdi.answ, fdi.iosize, uio); 2630 2631 out: 2632 fdisp_destroy(&fdi); 2633 return (err); 2634 } 2635 2636 /* 2637 struct vop_setextattr_args { 2638 struct vop_generic_args a_gen; 2639 struct vnode *a_vp; 2640 int a_attrnamespace; 2641 const char *a_name; 2642 struct uio *a_uio; 2643 struct ucred *a_cred; 2644 struct thread *a_td; 2645 }; 2646 */ 2647 static int 2648 fuse_vnop_setextattr(struct vop_setextattr_args *ap) 2649 { 2650 struct vnode *vp = ap->a_vp; 2651 struct uio *uio = ap->a_uio; 2652 struct fuse_dispatcher fdi; 2653 struct fuse_setxattr_in *set_xattr_in; 2654 struct mount *mp = vnode_mount(vp); 2655 struct thread *td = ap->a_td; 2656 struct ucred *cred = ap->a_cred; 2657 char *prefix; 2658 size_t len; 2659 char *attr_str; 2660 int err; 2661 2662 if (fuse_isdeadfs(vp)) 2663 return (ENXIO); 2664 2665 if (fsess_not_impl(mp, FUSE_SETXATTR)) 2666 return EOPNOTSUPP; 2667 2668 if (vfs_isrdonly(mp)) 2669 return EROFS; 2670 2671 /* Deleting xattrs must use VOP_DELETEEXTATTR instead */ 2672 if (ap->a_uio == NULL) { 2673 /* 2674 * If we got here as fallback from VOP_DELETEEXTATTR, then 2675 * return EOPNOTSUPP. 2676 */ 2677 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 2678 return (EOPNOTSUPP); 2679 else 2680 return (EINVAL); 2681 } 2682 2683 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 2684 VWRITE); 2685 if (err) 2686 return err; 2687 2688 /* Default to looking for user attributes. */ 2689 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2690 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2691 else 2692 prefix = EXTATTR_NAMESPACE_USER_STRING; 2693 2694 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2695 strlen(ap->a_name) + 1; 2696 2697 fdisp_init(&fdi, len + sizeof(*set_xattr_in) + uio->uio_resid); 2698 fdisp_make_vp(&fdi, FUSE_SETXATTR, vp, td, cred); 2699 2700 set_xattr_in = fdi.indata; 2701 set_xattr_in->size = uio->uio_resid; 2702 2703 attr_str = (char *)fdi.indata + sizeof(*set_xattr_in); 2704 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2705 ap->a_name); 2706 2707 err = uiomove((char *)fdi.indata + sizeof(*set_xattr_in) + len, 2708 uio->uio_resid, uio); 2709 if (err != 0) { 2710 goto out; 2711 } 2712 2713 err = fdisp_wait_answ(&fdi); 2714 2715 if (err == ENOSYS) { 2716 fsess_set_notimpl(mp, FUSE_SETXATTR); 2717 err = EOPNOTSUPP; 2718 } 2719 if (err == ERESTART) { 2720 /* Can't restart after calling uiomove */ 2721 err = EINTR; 2722 } 2723 2724 out: 2725 fdisp_destroy(&fdi); 2726 return (err); 2727 } 2728 2729 /* 2730 * The Linux / FUSE extended attribute list is simply a collection of 2731 * NUL-terminated strings. The FreeBSD extended attribute list is a single 2732 * byte length followed by a non-NUL terminated string. So, this allows 2733 * conversion of the Linux / FUSE format to the FreeBSD format in place. 2734 * Linux attribute names are reported with the namespace as a prefix (e.g. 2735 * "user.attribute_name"), but in FreeBSD they are reported without the 2736 * namespace prefix (e.g. "attribute_name"). So, we're going from: 2737 * 2738 * user.attr_name1\0user.attr_name2\0 2739 * 2740 * to: 2741 * 2742 * <num>attr_name1<num>attr_name2 2743 * 2744 * Where "<num>" is a single byte number of characters in the attribute name. 2745 * 2746 * Args: 2747 * prefix - exattr namespace prefix string 2748 * list, list_len - input list with namespace prefixes 2749 * bsd_list, bsd_list_len - output list compatible with bsd vfs 2750 */ 2751 static int 2752 fuse_xattrlist_convert(char *prefix, const char *list, int list_len, 2753 char *bsd_list, int *bsd_list_len) 2754 { 2755 int len, pos, dist_to_next, prefix_len; 2756 2757 pos = 0; 2758 *bsd_list_len = 0; 2759 prefix_len = strlen(prefix); 2760 2761 while (pos < list_len && list[pos] != '\0') { 2762 dist_to_next = strlen(&list[pos]) + 1; 2763 if (bcmp(&list[pos], prefix, prefix_len) == 0 && 2764 list[pos + prefix_len] == extattr_namespace_separator) { 2765 len = dist_to_next - 2766 (prefix_len + sizeof(extattr_namespace_separator)) - 1; 2767 if (len >= EXTATTR_MAXNAMELEN) 2768 return (ENAMETOOLONG); 2769 2770 bsd_list[*bsd_list_len] = len; 2771 memcpy(&bsd_list[*bsd_list_len + 1], 2772 &list[pos + prefix_len + 2773 sizeof(extattr_namespace_separator)], len); 2774 2775 *bsd_list_len += len + 1; 2776 } 2777 2778 pos += dist_to_next; 2779 } 2780 2781 return (0); 2782 } 2783 2784 /* 2785 * List extended attributes 2786 * 2787 * The FUSE_LISTXATTR operation is based on Linux's listxattr(2) syscall, which 2788 * has a number of differences compared to its FreeBSD equivalent, 2789 * extattr_list_file: 2790 * 2791 * - FUSE_LISTXATTR returns all extended attributes across all namespaces, 2792 * whereas listxattr(2) only returns attributes for a single namespace 2793 * - FUSE_LISTXATTR prepends each attribute name with "namespace." 2794 * - If the provided buffer is not large enough to hold the result, 2795 * FUSE_LISTXATTR should return ERANGE, whereas listxattr is expected to 2796 * return as many results as will fit. 2797 */ 2798 /* 2799 struct vop_listextattr_args { 2800 struct vop_generic_args a_gen; 2801 struct vnode *a_vp; 2802 int a_attrnamespace; 2803 struct uio *a_uio; 2804 size_t *a_size; 2805 struct ucred *a_cred; 2806 struct thread *a_td; 2807 }; 2808 */ 2809 static int 2810 fuse_vnop_listextattr(struct vop_listextattr_args *ap) 2811 { 2812 struct vnode *vp = ap->a_vp; 2813 struct uio *uio = ap->a_uio; 2814 struct fuse_dispatcher fdi; 2815 struct fuse_listxattr_in *list_xattr_in; 2816 struct fuse_listxattr_out *list_xattr_out; 2817 struct mount *mp = vnode_mount(vp); 2818 struct thread *td = ap->a_td; 2819 struct ucred *cred = ap->a_cred; 2820 char *prefix; 2821 char *bsd_list = NULL; 2822 char *linux_list; 2823 int bsd_list_len; 2824 int linux_list_len; 2825 int err; 2826 2827 if (fuse_isdeadfs(vp)) 2828 return (ENXIO); 2829 2830 if (fsess_not_impl(mp, FUSE_LISTXATTR)) 2831 return EOPNOTSUPP; 2832 2833 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2834 if (err) 2835 return err; 2836 2837 /* 2838 * Add space for a NUL and the period separator if enabled. 2839 * Default to looking for user attributes. 2840 */ 2841 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2842 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2843 else 2844 prefix = EXTATTR_NAMESPACE_USER_STRING; 2845 2846 fdisp_init(&fdi, sizeof(*list_xattr_in)); 2847 fdisp_make_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2848 2849 /* 2850 * Retrieve Linux / FUSE compatible list size. 2851 */ 2852 list_xattr_in = fdi.indata; 2853 list_xattr_in->size = 0; 2854 2855 err = fdisp_wait_answ(&fdi); 2856 if (err != 0) { 2857 if (err == ENOSYS) { 2858 fsess_set_notimpl(mp, FUSE_LISTXATTR); 2859 err = EOPNOTSUPP; 2860 } 2861 goto out; 2862 } 2863 2864 list_xattr_out = fdi.answ; 2865 linux_list_len = list_xattr_out->size; 2866 if (linux_list_len == 0) { 2867 if (ap->a_size != NULL) 2868 *ap->a_size = linux_list_len; 2869 goto out; 2870 } 2871 2872 /* 2873 * Retrieve Linux / FUSE compatible list values. 2874 */ 2875 fdisp_refresh_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2876 list_xattr_in = fdi.indata; 2877 list_xattr_in->size = linux_list_len; 2878 2879 err = fdisp_wait_answ(&fdi); 2880 if (err == ERANGE) { 2881 /* 2882 * Race detected. The attribute list must've grown since the 2883 * first FUSE_LISTXATTR call. Start over. Go all the way back 2884 * to userland so we can process signals, if necessary, before 2885 * restarting. 2886 */ 2887 err = ERESTART; 2888 goto out; 2889 } else if (err != 0) 2890 goto out; 2891 2892 linux_list = fdi.answ; 2893 /* FUSE doesn't allow the server to return more data than requested */ 2894 if (fdi.iosize > linux_list_len) { 2895 struct fuse_data *data = fuse_get_mpdata(mp); 2896 2897 fuse_warn(data, FSESS_WARN_LSEXTATTR_LONG, 2898 "server returned " 2899 "more extended attribute data than requested; " 2900 "should've returned ERANGE instead."); 2901 } else { 2902 /* But returning less data is fine */ 2903 linux_list_len = fdi.iosize; 2904 } 2905 2906 /* 2907 * Retrieve the BSD compatible list values. 2908 * The Linux / FUSE attribute list format isn't the same 2909 * as FreeBSD's format. So we need to transform it into 2910 * FreeBSD's format before giving it to the user. 2911 */ 2912 bsd_list = malloc(linux_list_len, M_TEMP, M_WAITOK); 2913 err = fuse_xattrlist_convert(prefix, linux_list, linux_list_len, 2914 bsd_list, &bsd_list_len); 2915 if (err != 0) 2916 goto out; 2917 2918 if (ap->a_size != NULL) 2919 *ap->a_size = bsd_list_len; 2920 2921 if (uio != NULL) 2922 err = uiomove(bsd_list, bsd_list_len, uio); 2923 2924 out: 2925 free(bsd_list, M_TEMP); 2926 fdisp_destroy(&fdi); 2927 return (err); 2928 } 2929 2930 /* 2931 struct vop_deallocate_args { 2932 struct vop_generic_args a_gen; 2933 struct vnode *a_vp; 2934 off_t *a_offset; 2935 off_t *a_len; 2936 int a_flags; 2937 int a_ioflag; 2938 struct ucred *a_cred; 2939 }; 2940 */ 2941 static int 2942 fuse_vnop_deallocate(struct vop_deallocate_args *ap) 2943 { 2944 struct vnode *vp = ap->a_vp; 2945 struct mount *mp = vnode_mount(vp); 2946 struct fuse_filehandle *fufh; 2947 struct fuse_dispatcher fdi; 2948 struct fuse_fallocate_in *ffi; 2949 struct ucred *cred = ap->a_cred; 2950 pid_t pid = curthread->td_proc->p_pid; 2951 off_t *len = ap->a_len; 2952 off_t *offset = ap->a_offset; 2953 int ioflag = ap->a_ioflag; 2954 off_t filesize; 2955 int err; 2956 bool closefufh = false; 2957 2958 if (fuse_isdeadfs(vp)) 2959 return (ENXIO); 2960 2961 if (vfs_isrdonly(mp)) 2962 return (EROFS); 2963 2964 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 2965 goto fallback; 2966 2967 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2968 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 2969 /* 2970 * nfsd will do I/O without first doing VOP_OPEN. We 2971 * must implicitly open the file here 2972 */ 2973 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 2974 closefufh = true; 2975 } 2976 if (err) 2977 return (err); 2978 2979 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 2980 2981 err = fuse_vnode_size(vp, &filesize, cred, curthread); 2982 if (err) 2983 goto out; 2984 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 2985 2986 fdisp_init(&fdi, sizeof(*ffi)); 2987 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 2988 ffi = fdi.indata; 2989 ffi->fh = fufh->fh_id; 2990 ffi->offset = *offset; 2991 ffi->length = *len; 2992 /* 2993 * FreeBSD's fspacectl is equivalent to Linux's fallocate with 2994 * mode == FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE 2995 */ 2996 ffi->mode = FUSE_FALLOC_FL_PUNCH_HOLE | FUSE_FALLOC_FL_KEEP_SIZE; 2997 err = fdisp_wait_answ(&fdi); 2998 2999 if (err == ENOSYS) { 3000 fsess_set_notimpl(mp, FUSE_FALLOCATE); 3001 goto fallback; 3002 } else if (err == EOPNOTSUPP) { 3003 /* 3004 * The file system server does not support FUSE_FALLOCATE with 3005 * the supplied mode for this particular file. 3006 */ 3007 goto fallback; 3008 } else if (!err) { 3009 /* 3010 * Clip the returned offset to EoF. Do it here rather than 3011 * before FUSE_FALLOCATE just in case the kernel's cached file 3012 * size is out of date. Unfortunately, FUSE does not return 3013 * any information about filesize from that operation. 3014 */ 3015 *offset = MIN(*offset + *len, filesize); 3016 *len = 0; 3017 fuse_vnode_undirty_cached_timestamps(vp, false); 3018 fuse_internal_clear_suid_on_write(vp, cred, curthread); 3019 3020 if (ioflag & IO_SYNC) 3021 err = fuse_internal_fsync(vp, curthread, MNT_WAIT, 3022 false); 3023 } 3024 3025 out: 3026 if (closefufh) 3027 fuse_filehandle_close(vp, fufh, curthread, cred); 3028 3029 return (err); 3030 3031 fallback: 3032 if (closefufh) 3033 fuse_filehandle_close(vp, fufh, curthread, cred); 3034 3035 return (vop_stddeallocate(ap)); 3036 } 3037 3038 /* 3039 struct vop_deleteextattr_args { 3040 struct vop_generic_args a_gen; 3041 struct vnode *a_vp; 3042 int a_attrnamespace; 3043 const char *a_name; 3044 struct ucred *a_cred; 3045 struct thread *a_td; 3046 }; 3047 */ 3048 static int 3049 fuse_vnop_deleteextattr(struct vop_deleteextattr_args *ap) 3050 { 3051 struct vnode *vp = ap->a_vp; 3052 struct fuse_dispatcher fdi; 3053 struct mount *mp = vnode_mount(vp); 3054 struct thread *td = ap->a_td; 3055 struct ucred *cred = ap->a_cred; 3056 char *prefix; 3057 size_t len; 3058 char *attr_str; 3059 int err; 3060 3061 if (fuse_isdeadfs(vp)) 3062 return (ENXIO); 3063 3064 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 3065 return EOPNOTSUPP; 3066 3067 if (vfs_isrdonly(mp)) 3068 return EROFS; 3069 3070 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 3071 VWRITE); 3072 if (err) 3073 return err; 3074 3075 /* Default to looking for user attributes. */ 3076 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 3077 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 3078 else 3079 prefix = EXTATTR_NAMESPACE_USER_STRING; 3080 3081 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 3082 strlen(ap->a_name) + 1; 3083 3084 fdisp_init(&fdi, len); 3085 fdisp_make_vp(&fdi, FUSE_REMOVEXATTR, vp, td, cred); 3086 3087 attr_str = fdi.indata; 3088 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 3089 ap->a_name); 3090 3091 err = fdisp_wait_answ(&fdi); 3092 if (err == ENOSYS) { 3093 fsess_set_notimpl(mp, FUSE_REMOVEXATTR); 3094 err = EOPNOTSUPP; 3095 } 3096 3097 fdisp_destroy(&fdi); 3098 return (err); 3099 } 3100 3101 /* 3102 struct vnop_print_args { 3103 struct vnode *a_vp; 3104 }; 3105 */ 3106 static int 3107 fuse_vnop_print(struct vop_print_args *ap) 3108 { 3109 struct fuse_vnode_data *fvdat = VTOFUD(ap->a_vp); 3110 3111 printf("nodeid: %ju, parent nodeid: %ju, nlookup: %ju, flag: %#x\n", 3112 (uintmax_t)VTOILLU(ap->a_vp), (uintmax_t)fvdat->parent_nid, 3113 (uintmax_t)fvdat->nlookup, 3114 fvdat->flag); 3115 3116 return 0; 3117 } 3118 3119 /* 3120 * Get an NFS filehandle for a FUSE file. 3121 * 3122 * This will only work for FUSE file systems that guarantee the uniqueness of 3123 * nodeid:generation, which most don't. 3124 */ 3125 /* 3126 vop_vptofh { 3127 IN struct vnode *a_vp; 3128 IN struct fid *a_fhp; 3129 }; 3130 */ 3131 static int 3132 fuse_vnop_vptofh(struct vop_vptofh_args *ap) 3133 { 3134 struct vnode *vp = ap->a_vp; 3135 struct fuse_vnode_data *fvdat = VTOFUD(vp); 3136 struct fuse_fid *fhp = (struct fuse_fid *)(ap->a_fhp); 3137 _Static_assert(sizeof(struct fuse_fid) <= sizeof(struct fid), 3138 "FUSE fid type is too big"); 3139 struct mount *mp = vnode_mount(vp); 3140 struct fuse_data *data = fuse_get_mpdata(mp); 3141 struct vattr va; 3142 int err; 3143 3144 if (!(data->dataflags & FSESS_EXPORT_SUPPORT)) { 3145 /* NFS requires lookups for "." and ".." */ 3146 SDT_PROBE2(fusefs, , vnops, trace, 1, 3147 "VOP_VPTOFH without FUSE_EXPORT_SUPPORT"); 3148 return EOPNOTSUPP; 3149 } 3150 if ((mp->mnt_flag & MNT_EXPORTED) && 3151 !(data->dataflags & FSESS_NO_OPENDIR_SUPPORT)) 3152 { 3153 /* 3154 * NFS is stateless, so nfsd must reopen a directory on every 3155 * call to VOP_READDIR, passing in the d_off field from the 3156 * final dirent of the previous invocation. But without 3157 * FUSE_NO_OPENDIR_SUPPORT, the FUSE protocol does not 3158 * guarantee that d_off will be valid after a directory is 3159 * closed and reopened. So prohibit exporting FUSE file 3160 * systems that don't set that flag. 3161 * 3162 * But userspace NFS servers don't have this problem. 3163 */ 3164 SDT_PROBE2(fusefs, , vnops, trace, 1, 3165 "VOP_VPTOFH without FUSE_NO_OPENDIR_SUPPORT"); 3166 return EOPNOTSUPP; 3167 } 3168 3169 err = fuse_internal_getattr(vp, &va, curthread->td_ucred, curthread); 3170 if (err) 3171 return err; 3172 3173 /*ip = VTOI(ap->a_vp);*/ 3174 /*ufhp = (struct ufid *)ap->a_fhp;*/ 3175 fhp->len = sizeof(struct fuse_fid); 3176 fhp->nid = fvdat->nid; 3177 if (fvdat->generation <= UINT32_MAX) 3178 fhp->gen = fvdat->generation; 3179 else 3180 return EOVERFLOW; 3181 return (0); 3182 } 3183