1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2007-2009 Google Inc. and Amit Singh 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are 9 * met: 10 * 11 * * Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * * Redistributions in binary form must reproduce the above 14 * copyright notice, this list of conditions and the following disclaimer 15 * in the documentation and/or other materials provided with the 16 * distribution. 17 * * Neither the name of Google Inc. nor the names of its 18 * contributors may be used to endorse or promote products derived from 19 * this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 * Copyright (C) 2005 Csaba Henk. 34 * All rights reserved. 35 * 36 * Copyright (c) 2019 The FreeBSD Foundation 37 * 38 * Portions of this software were developed by BFF Storage Systems, LLC under 39 * sponsorship from the FreeBSD Foundation. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 50 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 */ 62 63 #include <sys/param.h> 64 #include <sys/module.h> 65 #include <sys/systm.h> 66 #include <sys/errno.h> 67 #include <sys/kernel.h> 68 #include <sys/conf.h> 69 #include <sys/filio.h> 70 #include <sys/uio.h> 71 #include <sys/malloc.h> 72 #include <sys/queue.h> 73 #include <sys/limits.h> 74 #include <sys/lock.h> 75 #include <sys/rwlock.h> 76 #include <sys/sx.h> 77 #include <sys/proc.h> 78 #include <sys/mount.h> 79 #include <sys/vnode.h> 80 #include <sys/namei.h> 81 #include <sys/extattr.h> 82 #include <sys/stat.h> 83 #include <sys/unistd.h> 84 #include <sys/filedesc.h> 85 #include <sys/file.h> 86 #include <sys/fcntl.h> 87 #include <sys/dirent.h> 88 #include <sys/bio.h> 89 #include <sys/buf.h> 90 #include <sys/sysctl.h> 91 #include <sys/vmmeter.h> 92 93 #include <vm/vm.h> 94 #include <vm/vm_extern.h> 95 #include <vm/pmap.h> 96 #include <vm/vm_map.h> 97 #include <vm/vm_page.h> 98 #include <vm/vm_param.h> 99 #include <vm/vm_object.h> 100 #include <vm/vm_pager.h> 101 #include <vm/vnode_pager.h> 102 #include <vm/vm_object.h> 103 104 #include "fuse.h" 105 #include "fuse_file.h" 106 #include "fuse_internal.h" 107 #include "fuse_ipc.h" 108 #include "fuse_node.h" 109 #include "fuse_io.h" 110 111 #include <sys/priv.h> 112 113 /* Maximum number of hardlinks to a single FUSE file */ 114 #define FUSE_LINK_MAX UINT32_MAX 115 116 SDT_PROVIDER_DECLARE(fusefs); 117 /* 118 * Fuse trace probe: 119 * arg0: verbosity. Higher numbers give more verbose messages 120 * arg1: Textual message 121 */ 122 SDT_PROBE_DEFINE2(fusefs, , vnops, trace, "int", "char*"); 123 124 /* vnode ops */ 125 static vop_access_t fuse_vnop_access; 126 static vop_advlock_t fuse_vnop_advlock; 127 static vop_allocate_t fuse_vnop_allocate; 128 static vop_bmap_t fuse_vnop_bmap; 129 static vop_close_t fuse_fifo_close; 130 static vop_close_t fuse_vnop_close; 131 static vop_copy_file_range_t fuse_vnop_copy_file_range; 132 static vop_create_t fuse_vnop_create; 133 static vop_deallocate_t fuse_vnop_deallocate; 134 static vop_deleteextattr_t fuse_vnop_deleteextattr; 135 static vop_fdatasync_t fuse_vnop_fdatasync; 136 static vop_fsync_t fuse_vnop_fsync; 137 static vop_getattr_t fuse_vnop_getattr; 138 static vop_getextattr_t fuse_vnop_getextattr; 139 static vop_inactive_t fuse_vnop_inactive; 140 static vop_ioctl_t fuse_vnop_ioctl; 141 static vop_link_t fuse_vnop_link; 142 static vop_listextattr_t fuse_vnop_listextattr; 143 static vop_lookup_t fuse_vnop_lookup; 144 static vop_mkdir_t fuse_vnop_mkdir; 145 static vop_mknod_t fuse_vnop_mknod; 146 static vop_open_t fuse_vnop_open; 147 static vop_pathconf_t fuse_vnop_pathconf; 148 static vop_read_t fuse_vnop_read; 149 static vop_readdir_t fuse_vnop_readdir; 150 static vop_readlink_t fuse_vnop_readlink; 151 static vop_reclaim_t fuse_vnop_reclaim; 152 static vop_remove_t fuse_vnop_remove; 153 static vop_rename_t fuse_vnop_rename; 154 static vop_rmdir_t fuse_vnop_rmdir; 155 static vop_setattr_t fuse_vnop_setattr; 156 static vop_setextattr_t fuse_vnop_setextattr; 157 static vop_strategy_t fuse_vnop_strategy; 158 static vop_symlink_t fuse_vnop_symlink; 159 static vop_write_t fuse_vnop_write; 160 static vop_getpages_t fuse_vnop_getpages; 161 static vop_print_t fuse_vnop_print; 162 static vop_vptofh_t fuse_vnop_vptofh; 163 164 struct vop_vector fuse_fifoops = { 165 .vop_default = &fifo_specops, 166 .vop_access = fuse_vnop_access, 167 .vop_close = fuse_fifo_close, 168 .vop_fsync = fuse_vnop_fsync, 169 .vop_getattr = fuse_vnop_getattr, 170 .vop_inactive = fuse_vnop_inactive, 171 .vop_pathconf = fuse_vnop_pathconf, 172 .vop_print = fuse_vnop_print, 173 .vop_read = VOP_PANIC, 174 .vop_reclaim = fuse_vnop_reclaim, 175 .vop_setattr = fuse_vnop_setattr, 176 .vop_write = VOP_PANIC, 177 .vop_vptofh = fuse_vnop_vptofh, 178 }; 179 VFS_VOP_VECTOR_REGISTER(fuse_fifoops); 180 181 struct vop_vector fuse_vnops = { 182 .vop_allocate = fuse_vnop_allocate, 183 .vop_default = &default_vnodeops, 184 .vop_access = fuse_vnop_access, 185 .vop_advlock = fuse_vnop_advlock, 186 .vop_bmap = fuse_vnop_bmap, 187 .vop_close = fuse_vnop_close, 188 .vop_copy_file_range = fuse_vnop_copy_file_range, 189 .vop_create = fuse_vnop_create, 190 .vop_deallocate = fuse_vnop_deallocate, 191 .vop_deleteextattr = fuse_vnop_deleteextattr, 192 .vop_fsync = fuse_vnop_fsync, 193 .vop_fdatasync = fuse_vnop_fdatasync, 194 .vop_getattr = fuse_vnop_getattr, 195 .vop_getextattr = fuse_vnop_getextattr, 196 .vop_inactive = fuse_vnop_inactive, 197 .vop_ioctl = fuse_vnop_ioctl, 198 .vop_link = fuse_vnop_link, 199 .vop_listextattr = fuse_vnop_listextattr, 200 .vop_lookup = fuse_vnop_lookup, 201 .vop_mkdir = fuse_vnop_mkdir, 202 .vop_mknod = fuse_vnop_mknod, 203 .vop_open = fuse_vnop_open, 204 .vop_pathconf = fuse_vnop_pathconf, 205 /* 206 * TODO: implement vop_poll after upgrading to protocol 7.21. 207 * FUSE_POLL was added in protocol 7.11, but it's kind of broken until 208 * 7.21, which adds the ability for the client to choose which poll 209 * events it wants, and for a client to deregister a file handle 210 */ 211 .vop_read = fuse_vnop_read, 212 .vop_readdir = fuse_vnop_readdir, 213 .vop_readlink = fuse_vnop_readlink, 214 .vop_reclaim = fuse_vnop_reclaim, 215 .vop_remove = fuse_vnop_remove, 216 .vop_rename = fuse_vnop_rename, 217 .vop_rmdir = fuse_vnop_rmdir, 218 .vop_setattr = fuse_vnop_setattr, 219 .vop_setextattr = fuse_vnop_setextattr, 220 .vop_strategy = fuse_vnop_strategy, 221 .vop_symlink = fuse_vnop_symlink, 222 .vop_write = fuse_vnop_write, 223 .vop_getpages = fuse_vnop_getpages, 224 .vop_print = fuse_vnop_print, 225 .vop_vptofh = fuse_vnop_vptofh, 226 }; 227 VFS_VOP_VECTOR_REGISTER(fuse_vnops); 228 229 /* Check permission for extattr operations, much like extattr_check_cred */ 230 static int 231 fuse_extattr_check_cred(struct vnode *vp, int ns, struct ucred *cred, 232 struct thread *td, accmode_t accmode) 233 { 234 struct mount *mp = vnode_mount(vp); 235 struct fuse_data *data = fuse_get_mpdata(mp); 236 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 237 238 /* 239 * Kernel-invoked always succeeds. 240 */ 241 if (cred == NOCRED) 242 return (0); 243 244 /* 245 * Do not allow privileged processes in jail to directly manipulate 246 * system attributes. 247 */ 248 switch (ns) { 249 case EXTATTR_NAMESPACE_SYSTEM: 250 if (default_permissions) { 251 return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM)); 252 } 253 return (0); 254 case EXTATTR_NAMESPACE_USER: 255 if (default_permissions) { 256 return (fuse_internal_access(vp, accmode, td, cred)); 257 } 258 return (0); 259 default: 260 return (EPERM); 261 } 262 } 263 264 /* Get a filehandle for a directory */ 265 static int 266 fuse_filehandle_get_dir(struct vnode *vp, struct fuse_filehandle **fufhp, 267 struct ucred *cred, pid_t pid) 268 { 269 if (fuse_filehandle_get(vp, FREAD, fufhp, cred, pid) == 0) 270 return 0; 271 return fuse_filehandle_get(vp, FEXEC, fufhp, cred, pid); 272 } 273 274 /* Send FUSE_FLUSH for this vnode */ 275 static int 276 fuse_flush(struct vnode *vp, struct ucred *cred, pid_t pid, int fflag) 277 { 278 struct fuse_flush_in *ffi; 279 struct fuse_filehandle *fufh; 280 struct fuse_dispatcher fdi; 281 struct thread *td = curthread; 282 struct mount *mp = vnode_mount(vp); 283 int err; 284 285 if (fsess_not_impl(vnode_mount(vp), FUSE_FLUSH)) 286 return 0; 287 288 err = fuse_filehandle_getrw(vp, fflag, &fufh, cred, pid); 289 if (err) 290 return err; 291 292 fdisp_init(&fdi, sizeof(*ffi)); 293 fdisp_make_vp(&fdi, FUSE_FLUSH, vp, td, cred); 294 ffi = fdi.indata; 295 ffi->fh = fufh->fh_id; 296 /* 297 * If the file has a POSIX lock then we're supposed to set lock_owner. 298 * If not, then lock_owner is undefined. So we may as well always set 299 * it. 300 */ 301 ffi->lock_owner = td->td_proc->p_pid; 302 303 err = fdisp_wait_answ(&fdi); 304 if (err == ENOSYS) { 305 fsess_set_notimpl(mp, FUSE_FLUSH); 306 err = 0; 307 } 308 fdisp_destroy(&fdi); 309 return err; 310 } 311 312 /* Close wrapper for fifos. */ 313 static int 314 fuse_fifo_close(struct vop_close_args *ap) 315 { 316 return (fifo_specops.vop_close(ap)); 317 } 318 319 /* Invalidate a range of cached data, whether dirty of not */ 320 static int 321 fuse_inval_buf_range(struct vnode *vp, off_t filesize, off_t start, off_t end) 322 { 323 struct buf *bp; 324 daddr_t left_lbn, end_lbn, right_lbn; 325 off_t new_filesize; 326 int iosize, left_on, right_on, right_blksize; 327 328 iosize = fuse_iosize(vp); 329 left_lbn = start / iosize; 330 end_lbn = howmany(end, iosize); 331 left_on = start & (iosize - 1); 332 if (left_on != 0) { 333 bp = getblk(vp, left_lbn, iosize, PCATCH, 0, 0); 334 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyend >= left_on) { 335 /* 336 * Flush the dirty buffer, because we don't have a 337 * byte-granular way to record which parts of the 338 * buffer are valid. 339 */ 340 bwrite(bp); 341 if (bp->b_error) 342 return (bp->b_error); 343 } else { 344 brelse(bp); 345 } 346 } 347 right_on = end & (iosize - 1); 348 if (right_on != 0) { 349 right_lbn = end / iosize; 350 new_filesize = MAX(filesize, end); 351 right_blksize = MIN(iosize, new_filesize - iosize * right_lbn); 352 bp = getblk(vp, right_lbn, right_blksize, PCATCH, 0, 0); 353 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyoff < right_on) { 354 /* 355 * Flush the dirty buffer, because we don't have a 356 * byte-granular way to record which parts of the 357 * buffer are valid. 358 */ 359 bwrite(bp); 360 if (bp->b_error) 361 return (bp->b_error); 362 } else { 363 brelse(bp); 364 } 365 } 366 367 v_inval_buf_range(vp, left_lbn, end_lbn, iosize); 368 return (0); 369 } 370 371 372 /* Send FUSE_LSEEK for this node */ 373 static int 374 fuse_vnop_do_lseek(struct vnode *vp, struct thread *td, struct ucred *cred, 375 pid_t pid, off_t *offp, int whence) 376 { 377 struct fuse_dispatcher fdi; 378 struct fuse_filehandle *fufh; 379 struct fuse_lseek_in *flsi; 380 struct fuse_lseek_out *flso; 381 struct mount *mp = vnode_mount(vp); 382 int err; 383 384 ASSERT_VOP_LOCKED(vp, __func__); 385 386 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 387 if (err) 388 return (err); 389 fdisp_init(&fdi, sizeof(*flsi)); 390 fdisp_make_vp(&fdi, FUSE_LSEEK, vp, td, cred); 391 flsi = fdi.indata; 392 flsi->fh = fufh->fh_id; 393 flsi->offset = *offp; 394 flsi->whence = whence; 395 err = fdisp_wait_answ(&fdi); 396 if (err == ENOSYS) { 397 fsess_set_notimpl(mp, FUSE_LSEEK); 398 } else if (err == 0) { 399 fsess_set_impl(mp, FUSE_LSEEK); 400 flso = fdi.answ; 401 *offp = flso->offset; 402 } 403 fdisp_destroy(&fdi); 404 405 return (err); 406 } 407 408 /* 409 struct vnop_access_args { 410 struct vnode *a_vp; 411 #if VOP_ACCESS_TAKES_ACCMODE_T 412 accmode_t a_accmode; 413 #else 414 int a_mode; 415 #endif 416 struct ucred *a_cred; 417 struct thread *a_td; 418 }; 419 */ 420 static int 421 fuse_vnop_access(struct vop_access_args *ap) 422 { 423 struct vnode *vp = ap->a_vp; 424 int accmode = ap->a_accmode; 425 struct ucred *cred = ap->a_cred; 426 427 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 428 429 int err; 430 431 if (fuse_isdeadfs(vp)) { 432 if (vnode_isvroot(vp)) { 433 return 0; 434 } 435 return ENXIO; 436 } 437 if (!(data->dataflags & FSESS_INITED)) { 438 if (vnode_isvroot(vp)) { 439 if (priv_check_cred(cred, PRIV_VFS_ADMIN) || 440 (fuse_match_cred(data->daemoncred, cred) == 0)) { 441 return 0; 442 } 443 } 444 return EBADF; 445 } 446 if (vnode_islnk(vp)) { 447 return 0; 448 } 449 450 err = fuse_internal_access(vp, accmode, ap->a_td, ap->a_cred); 451 return err; 452 } 453 454 /* 455 * struct vop_advlock_args { 456 * struct vop_generic_args a_gen; 457 * struct vnode *a_vp; 458 * void *a_id; 459 * int a_op; 460 * struct flock *a_fl; 461 * int a_flags; 462 * } 463 */ 464 static int 465 fuse_vnop_advlock(struct vop_advlock_args *ap) 466 { 467 struct vnode *vp = ap->a_vp; 468 struct flock *fl = ap->a_fl; 469 struct thread *td = curthread; 470 struct ucred *cred = td->td_ucred; 471 pid_t pid = td->td_proc->p_pid; 472 struct fuse_filehandle *fufh; 473 struct fuse_dispatcher fdi; 474 struct fuse_lk_in *fli; 475 struct fuse_lk_out *flo; 476 struct vattr vattr; 477 enum fuse_opcode op; 478 off_t size, start; 479 int dataflags, err; 480 int flags = ap->a_flags; 481 482 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 483 484 if (fuse_isdeadfs(vp)) { 485 return ENXIO; 486 } 487 488 switch(ap->a_op) { 489 case F_GETLK: 490 op = FUSE_GETLK; 491 break; 492 case F_SETLK: 493 if (flags & F_WAIT) 494 op = FUSE_SETLKW; 495 else 496 op = FUSE_SETLK; 497 break; 498 case F_UNLCK: 499 op = FUSE_SETLK; 500 break; 501 default: 502 return EINVAL; 503 } 504 505 if (!(dataflags & FSESS_POSIX_LOCKS)) 506 return vop_stdadvlock(ap); 507 /* FUSE doesn't properly support flock until protocol 7.17 */ 508 if (flags & F_FLOCK) 509 return vop_stdadvlock(ap); 510 511 vn_lock(vp, LK_SHARED | LK_RETRY); 512 513 switch (fl->l_whence) { 514 case SEEK_SET: 515 case SEEK_CUR: 516 /* 517 * Caller is responsible for adding any necessary offset 518 * when SEEK_CUR is used. 519 */ 520 start = fl->l_start; 521 break; 522 523 case SEEK_END: 524 err = fuse_internal_getattr(vp, &vattr, cred, td); 525 if (err) 526 goto out; 527 size = vattr.va_size; 528 if (size > OFF_MAX || 529 (fl->l_start > 0 && size > OFF_MAX - fl->l_start)) { 530 err = EOVERFLOW; 531 goto out; 532 } 533 start = size + fl->l_start; 534 break; 535 536 default: 537 return (EINVAL); 538 } 539 540 err = fuse_filehandle_get_anyflags(vp, &fufh, cred, pid); 541 if (err) 542 goto out; 543 544 fdisp_init(&fdi, sizeof(*fli)); 545 546 fdisp_make_vp(&fdi, op, vp, td, cred); 547 fli = fdi.indata; 548 fli->fh = fufh->fh_id; 549 fli->owner = td->td_proc->p_pid; 550 fli->lk.start = start; 551 if (fl->l_len != 0) 552 fli->lk.end = start + fl->l_len - 1; 553 else 554 fli->lk.end = INT64_MAX; 555 fli->lk.type = fl->l_type; 556 fli->lk.pid = td->td_proc->p_pid; 557 558 err = fdisp_wait_answ(&fdi); 559 fdisp_destroy(&fdi); 560 561 if (err == 0 && op == FUSE_GETLK) { 562 flo = fdi.answ; 563 fl->l_type = flo->lk.type; 564 fl->l_whence = SEEK_SET; 565 if (flo->lk.type != F_UNLCK) { 566 fl->l_pid = flo->lk.pid; 567 fl->l_start = flo->lk.start; 568 if (flo->lk.end == INT64_MAX) 569 fl->l_len = 0; 570 else 571 fl->l_len = flo->lk.end - flo->lk.start + 1; 572 fl->l_start = flo->lk.start; 573 } 574 } 575 576 out: 577 VOP_UNLOCK(vp); 578 return err; 579 } 580 581 static int 582 fuse_vnop_allocate(struct vop_allocate_args *ap) 583 { 584 struct vnode *vp = ap->a_vp; 585 off_t *len = ap->a_len; 586 off_t *offset = ap->a_offset; 587 struct ucred *cred = ap->a_cred; 588 struct fuse_filehandle *fufh; 589 struct mount *mp = vnode_mount(vp); 590 struct fuse_dispatcher fdi; 591 struct fuse_fallocate_in *ffi; 592 struct uio io; 593 pid_t pid = curthread->td_proc->p_pid; 594 struct fuse_vnode_data *fvdat = VTOFUD(vp); 595 off_t filesize; 596 int err; 597 598 if (fuse_isdeadfs(vp)) 599 return (ENXIO); 600 601 switch (vp->v_type) { 602 case VFIFO: 603 return (ESPIPE); 604 case VLNK: 605 case VREG: 606 if (vfs_isrdonly(mp)) 607 return (EROFS); 608 break; 609 default: 610 return (ENODEV); 611 } 612 613 if (vfs_isrdonly(mp)) 614 return (EROFS); 615 616 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 617 return (EINVAL); 618 619 io.uio_offset = *offset; 620 io.uio_resid = *len; 621 err = vn_rlimit_fsize(vp, &io, curthread); 622 if (err) 623 return (err); 624 625 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 626 if (err) 627 return (err); 628 629 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 630 631 err = fuse_vnode_size(vp, &filesize, cred, curthread); 632 if (err) 633 return (err); 634 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 635 636 fdisp_init(&fdi, sizeof(*ffi)); 637 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 638 ffi = fdi.indata; 639 ffi->fh = fufh->fh_id; 640 ffi->offset = *offset; 641 ffi->length = *len; 642 ffi->mode = 0; 643 err = fdisp_wait_answ(&fdi); 644 645 if (err == ENOSYS) { 646 fsess_set_notimpl(mp, FUSE_FALLOCATE); 647 err = EINVAL; 648 } else if (err == EOPNOTSUPP) { 649 /* 650 * The file system server does not support FUSE_FALLOCATE with 651 * the supplied mode for this particular file. 652 */ 653 err = EINVAL; 654 } else if (!err) { 655 *offset += *len; 656 *len = 0; 657 fuse_vnode_undirty_cached_timestamps(vp, false); 658 fuse_internal_clear_suid_on_write(vp, cred, curthread); 659 if (*offset > fvdat->cached_attrs.va_size) { 660 fuse_vnode_setsize(vp, *offset, false); 661 getnanouptime(&fvdat->last_local_modify); 662 } 663 } 664 665 fdisp_destroy(&fdi); 666 return (err); 667 } 668 669 /* { 670 struct vnode *a_vp; 671 daddr_t a_bn; 672 struct bufobj **a_bop; 673 daddr_t *a_bnp; 674 int *a_runp; 675 int *a_runb; 676 } */ 677 static int 678 fuse_vnop_bmap(struct vop_bmap_args *ap) 679 { 680 struct vnode *vp = ap->a_vp; 681 struct bufobj **bo = ap->a_bop; 682 struct thread *td = curthread; 683 struct mount *mp; 684 struct fuse_dispatcher fdi; 685 struct fuse_bmap_in *fbi; 686 struct fuse_bmap_out *fbo; 687 struct fuse_data *data; 688 struct fuse_vnode_data *fvdat = VTOFUD(vp); 689 uint64_t biosize; 690 off_t fsize; 691 daddr_t lbn = ap->a_bn; 692 daddr_t *pbn = ap->a_bnp; 693 int *runp = ap->a_runp; 694 int *runb = ap->a_runb; 695 int error = 0; 696 int maxrun; 697 698 if (fuse_isdeadfs(vp)) { 699 return ENXIO; 700 } 701 702 mp = vnode_mount(vp); 703 data = fuse_get_mpdata(mp); 704 biosize = fuse_iosize(vp); 705 maxrun = MIN(vp->v_mount->mnt_iosize_max / biosize - 1, 706 data->max_readahead_blocks); 707 708 if (bo != NULL) 709 *bo = &vp->v_bufobj; 710 711 /* 712 * The FUSE_BMAP operation does not include the runp and runb 713 * variables, so we must guess. Report nonzero contiguous runs so 714 * cluster_read will combine adjacent reads. It's worthwhile to reduce 715 * upcalls even if we don't know the true physical layout of the file. 716 * 717 * FUSE file systems may opt out of read clustering in two ways: 718 * * mounting with -onoclusterr 719 * * Setting max_readahead <= maxbcachebuf during FUSE_INIT 720 */ 721 if (runb != NULL) 722 *runb = MIN(lbn, maxrun); 723 if (runp != NULL && maxrun == 0) 724 *runp = 0; 725 else if (runp != NULL) { 726 /* 727 * If the file's size is cached, use that value to calculate 728 * runp, even if the cache is expired. runp is only advisory, 729 * and the risk of getting it wrong is not worth the cost of 730 * another upcall. 731 */ 732 if (fvdat->cached_attrs.va_size != VNOVAL) 733 fsize = fvdat->cached_attrs.va_size; 734 else 735 error = fuse_vnode_size(vp, &fsize, td->td_ucred, td); 736 if (error == 0) 737 *runp = MIN(MAX(0, fsize / (off_t)biosize - lbn - 1), 738 maxrun); 739 else 740 *runp = 0; 741 } 742 743 if (fsess_maybe_impl(mp, FUSE_BMAP)) { 744 fdisp_init(&fdi, sizeof(*fbi)); 745 fdisp_make_vp(&fdi, FUSE_BMAP, vp, td, td->td_ucred); 746 fbi = fdi.indata; 747 fbi->block = lbn; 748 fbi->blocksize = biosize; 749 error = fdisp_wait_answ(&fdi); 750 if (error == ENOSYS) { 751 fdisp_destroy(&fdi); 752 fsess_set_notimpl(mp, FUSE_BMAP); 753 error = 0; 754 } else { 755 fbo = fdi.answ; 756 if (error == 0 && pbn != NULL) 757 *pbn = fbo->block; 758 fdisp_destroy(&fdi); 759 return error; 760 } 761 } 762 763 /* If the daemon doesn't support BMAP, make up a sensible default */ 764 if (pbn != NULL) 765 *pbn = lbn * btodb(biosize); 766 return (error); 767 } 768 769 /* 770 struct vop_close_args { 771 struct vnode *a_vp; 772 int a_fflag; 773 struct ucred *a_cred; 774 struct thread *a_td; 775 }; 776 */ 777 static int 778 fuse_vnop_close(struct vop_close_args *ap) 779 { 780 struct vnode *vp = ap->a_vp; 781 struct mount *mp = vnode_mount(vp); 782 struct ucred *cred = ap->a_cred; 783 int fflag = ap->a_fflag; 784 struct thread *td = ap->a_td; 785 pid_t pid = td->td_proc->p_pid; 786 struct fuse_vnode_data *fvdat = VTOFUD(vp); 787 int err = 0; 788 789 if (fuse_isdeadfs(vp)) 790 return 0; 791 if (vnode_isdir(vp)) 792 return 0; 793 if (fflag & IO_NDELAY) 794 return 0; 795 796 err = fuse_flush(vp, cred, pid, fflag); 797 if (err == 0 && (fvdat->flag & FN_ATIMECHANGE) && !vfs_isrdonly(mp)) { 798 struct vattr vap; 799 struct fuse_data *data; 800 int dataflags; 801 int access_e = 0; 802 803 data = fuse_get_mpdata(mp); 804 dataflags = data->dataflags; 805 if (dataflags & FSESS_DEFAULT_PERMISSIONS) { 806 struct vattr va; 807 808 fuse_internal_getattr(vp, &va, cred, td); 809 access_e = vaccess(vp->v_type, va.va_mode, va.va_uid, 810 va.va_gid, VWRITE, cred); 811 } 812 if (access_e == 0) { 813 VATTR_NULL(&vap); 814 vap.va_atime = fvdat->cached_attrs.va_atime; 815 /* 816 * Ignore errors setting when setting atime. That 817 * should not cause close(2) to fail. 818 */ 819 fuse_internal_setattr(vp, &vap, td, NULL); 820 } 821 } 822 /* TODO: close the file handle, if we're sure it's no longer used */ 823 if ((fvdat->flag & FN_SIZECHANGE) != 0) { 824 fuse_vnode_savesize(vp, cred, td->td_proc->p_pid); 825 } 826 return err; 827 } 828 829 /* 830 struct vop_copy_file_range_args { 831 struct vop_generic_args a_gen; 832 struct vnode *a_invp; 833 off_t *a_inoffp; 834 struct vnode *a_outvp; 835 off_t *a_outoffp; 836 size_t *a_lenp; 837 unsigned int a_flags; 838 struct ucred *a_incred; 839 struct ucred *a_outcred; 840 struct thread *a_fsizetd; 841 } 842 */ 843 static int 844 fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) 845 { 846 struct vnode *invp = ap->a_invp; 847 struct vnode *outvp = ap->a_outvp; 848 struct mount *mp = vnode_mount(invp); 849 struct fuse_vnode_data *outfvdat = VTOFUD(outvp); 850 struct fuse_dispatcher fdi; 851 struct fuse_filehandle *infufh, *outfufh; 852 struct fuse_copy_file_range_in *fcfri; 853 struct ucred *incred = ap->a_incred; 854 struct ucred *outcred = ap->a_outcred; 855 struct fuse_write_out *fwo; 856 struct thread *td; 857 struct uio io; 858 off_t outfilesize; 859 ssize_t r = 0; 860 pid_t pid; 861 int err; 862 863 if (mp == NULL || mp != vnode_mount(outvp)) 864 goto fallback; 865 866 if (incred->cr_uid != outcred->cr_uid) 867 goto fallback; 868 869 if (incred->cr_groups[0] != outcred->cr_groups[0]) 870 goto fallback; 871 872 /* Caller busied mp, mnt_data can be safely accessed. */ 873 if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE)) 874 goto fallback; 875 876 if (ap->a_fsizetd == NULL) 877 td = curthread; 878 else 879 td = ap->a_fsizetd; 880 pid = td->td_proc->p_pid; 881 882 vn_lock_pair(invp, false, LK_SHARED, outvp, false, LK_EXCLUSIVE); 883 if (invp->v_data == NULL || outvp->v_data == NULL) { 884 err = EBADF; 885 goto unlock; 886 } 887 888 err = fuse_filehandle_getrw(invp, FREAD, &infufh, incred, pid); 889 if (err) 890 goto unlock; 891 892 err = fuse_filehandle_getrw(outvp, FWRITE, &outfufh, outcred, pid); 893 if (err) 894 goto unlock; 895 896 io.uio_resid = *ap->a_lenp; 897 if (ap->a_fsizetd) { 898 io.uio_offset = *ap->a_outoffp; 899 err = vn_rlimit_fsizex(outvp, &io, 0, &r, ap->a_fsizetd); 900 if (err != 0) 901 goto unlock; 902 } 903 904 err = fuse_vnode_size(outvp, &outfilesize, outcred, curthread); 905 if (err) 906 goto unlock; 907 908 err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp, 909 *ap->a_outoffp + io.uio_resid); 910 if (err) 911 goto unlock; 912 913 fdisp_init(&fdi, sizeof(*fcfri)); 914 fdisp_make_vp(&fdi, FUSE_COPY_FILE_RANGE, invp, td, incred); 915 fcfri = fdi.indata; 916 fcfri->fh_in = infufh->fh_id; 917 fcfri->off_in = *ap->a_inoffp; 918 fcfri->nodeid_out = VTOI(outvp); 919 fcfri->fh_out = outfufh->fh_id; 920 fcfri->off_out = *ap->a_outoffp; 921 fcfri->len = io.uio_resid; 922 fcfri->flags = 0; 923 924 err = fdisp_wait_answ(&fdi); 925 if (err == 0) { 926 fwo = fdi.answ; 927 *ap->a_lenp = fwo->size; 928 *ap->a_inoffp += fwo->size; 929 *ap->a_outoffp += fwo->size; 930 fuse_internal_clear_suid_on_write(outvp, outcred, td); 931 if (*ap->a_outoffp > outfvdat->cached_attrs.va_size) { 932 fuse_vnode_setsize(outvp, *ap->a_outoffp, false); 933 getnanouptime(&outfvdat->last_local_modify); 934 } 935 fuse_vnode_update(invp, FN_ATIMECHANGE); 936 fuse_vnode_update(outvp, FN_MTIMECHANGE | FN_CTIMECHANGE); 937 } 938 fdisp_destroy(&fdi); 939 940 unlock: 941 if (invp != outvp) 942 VOP_UNLOCK(invp); 943 VOP_UNLOCK(outvp); 944 945 if (err == ENOSYS) { 946 fsess_set_notimpl(mp, FUSE_COPY_FILE_RANGE); 947 fallback: 948 err = vn_generic_copy_file_range(ap->a_invp, ap->a_inoffp, 949 ap->a_outvp, ap->a_outoffp, ap->a_lenp, ap->a_flags, 950 ap->a_incred, ap->a_outcred, ap->a_fsizetd); 951 } 952 953 /* 954 * No need to call vn_rlimit_fsizex_res before return, since the uio is 955 * local. 956 */ 957 return (err); 958 } 959 960 static void 961 fdisp_make_mknod_for_fallback( 962 struct fuse_dispatcher *fdip, 963 struct componentname *cnp, 964 struct vnode *dvp, 965 uint64_t parentnid, 966 struct thread *td, 967 struct ucred *cred, 968 mode_t mode, 969 enum fuse_opcode *op) 970 { 971 struct fuse_mknod_in *fmni; 972 973 fdisp_init(fdip, sizeof(*fmni) + cnp->cn_namelen + 1); 974 *op = FUSE_MKNOD; 975 fdisp_make(fdip, *op, vnode_mount(dvp), parentnid, td, cred); 976 fmni = fdip->indata; 977 fmni->mode = mode; 978 fmni->rdev = 0; 979 memcpy((char *)fdip->indata + sizeof(*fmni), cnp->cn_nameptr, 980 cnp->cn_namelen); 981 ((char *)fdip->indata)[sizeof(*fmni) + cnp->cn_namelen] = '\0'; 982 } 983 /* 984 struct vnop_create_args { 985 struct vnode *a_dvp; 986 struct vnode **a_vpp; 987 struct componentname *a_cnp; 988 struct vattr *a_vap; 989 }; 990 */ 991 static int 992 fuse_vnop_create(struct vop_create_args *ap) 993 { 994 struct vnode *dvp = ap->a_dvp; 995 struct vnode **vpp = ap->a_vpp; 996 struct componentname *cnp = ap->a_cnp; 997 struct vattr *vap = ap->a_vap; 998 struct thread *td = curthread; 999 struct ucred *cred = cnp->cn_cred; 1000 1001 struct fuse_data *data; 1002 struct fuse_create_in *fci; 1003 struct fuse_entry_out *feo; 1004 struct fuse_open_out *foo; 1005 struct fuse_dispatcher fdi, fdi2; 1006 struct fuse_dispatcher *fdip = &fdi; 1007 struct fuse_dispatcher *fdip2 = NULL; 1008 1009 int err; 1010 1011 struct mount *mp = vnode_mount(dvp); 1012 data = fuse_get_mpdata(mp); 1013 uint64_t parentnid = VTOFUD(dvp)->nid; 1014 mode_t mode = MAKEIMODE(vap->va_type, vap->va_mode); 1015 enum fuse_opcode op; 1016 int flags; 1017 1018 if (fuse_isdeadfs(dvp)) 1019 return ENXIO; 1020 1021 /* FUSE expects sockets to be created with FUSE_MKNOD */ 1022 if (vap->va_type == VSOCK) 1023 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1024 1025 /* 1026 * VOP_CREATE doesn't tell us the open(2) flags, so we guess. Only a 1027 * writable mode makes sense, and we might as well include readability 1028 * too. 1029 */ 1030 flags = O_RDWR; 1031 1032 bzero(&fdi, sizeof(fdi)); 1033 1034 if (vap->va_type != VREG) 1035 return (EINVAL); 1036 1037 if (fsess_not_impl(mp, FUSE_CREATE) || vap->va_type == VSOCK) { 1038 /* Fallback to FUSE_MKNOD/FUSE_OPEN */ 1039 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, parentnid, td, 1040 cred, mode, &op); 1041 } else { 1042 /* Use FUSE_CREATE */ 1043 size_t insize; 1044 1045 op = FUSE_CREATE; 1046 fdisp_init(fdip, sizeof(*fci) + cnp->cn_namelen + 1); 1047 fdisp_make(fdip, op, vnode_mount(dvp), parentnid, td, cred); 1048 fci = fdip->indata; 1049 fci->mode = mode; 1050 fci->flags = O_CREAT | flags; 1051 if (fuse_libabi_geq(data, 7, 12)) { 1052 insize = sizeof(*fci); 1053 fci->umask = td->td_proc->p_pd->pd_cmask; 1054 } else { 1055 insize = sizeof(struct fuse_open_in); 1056 } 1057 1058 memcpy((char *)fdip->indata + insize, cnp->cn_nameptr, 1059 cnp->cn_namelen); 1060 ((char *)fdip->indata)[insize + cnp->cn_namelen] = '\0'; 1061 } 1062 1063 err = fdisp_wait_answ(fdip); 1064 1065 if (err) { 1066 if (err == ENOSYS && op == FUSE_CREATE) { 1067 fsess_set_notimpl(mp, FUSE_CREATE); 1068 fdisp_destroy(fdip); 1069 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, 1070 parentnid, td, cred, mode, &op); 1071 err = fdisp_wait_answ(fdip); 1072 } 1073 if (err) 1074 goto out; 1075 } 1076 1077 feo = fdip->answ; 1078 1079 if ((err = fuse_internal_checkentry(feo, vap->va_type))) { 1080 goto out; 1081 } 1082 1083 if (op == FUSE_CREATE) { 1084 if (fuse_libabi_geq(data, 7, 9)) 1085 foo = (struct fuse_open_out*)(feo + 1); 1086 else 1087 foo = (struct fuse_open_out*)((char*)feo + 1088 FUSE_COMPAT_ENTRY_OUT_SIZE); 1089 } else { 1090 /* Issue a separate FUSE_OPEN */ 1091 struct fuse_open_in *foi; 1092 1093 fdip2 = &fdi2; 1094 fdisp_init(fdip2, sizeof(*foi)); 1095 fdisp_make(fdip2, FUSE_OPEN, vnode_mount(dvp), feo->nodeid, td, 1096 cred); 1097 foi = fdip2->indata; 1098 foi->flags = flags; 1099 err = fdisp_wait_answ(fdip2); 1100 if (err) 1101 goto out; 1102 foo = fdip2->answ; 1103 } 1104 err = fuse_vnode_get(mp, feo, feo->nodeid, dvp, vpp, cnp, vap->va_type); 1105 if (err) { 1106 struct fuse_release_in *fri; 1107 uint64_t nodeid = feo->nodeid; 1108 uint64_t fh_id = foo->fh; 1109 1110 fdisp_destroy(fdip); 1111 fdisp_init(fdip, sizeof(*fri)); 1112 fdisp_make(fdip, FUSE_RELEASE, mp, nodeid, td, cred); 1113 fri = fdip->indata; 1114 fri->fh = fh_id; 1115 fri->flags = flags; 1116 fuse_insert_callback(fdip->tick, fuse_internal_forget_callback); 1117 fuse_insert_message(fdip->tick, false); 1118 goto out; 1119 } 1120 ASSERT_VOP_ELOCKED(*vpp, "fuse_vnop_create"); 1121 fuse_internal_cache_attrs(*vpp, &feo->attr, feo->attr_valid, 1122 feo->attr_valid_nsec, NULL, true); 1123 1124 fuse_filehandle_init(*vpp, FUFH_RDWR, NULL, td, cred, foo); 1125 fuse_vnode_open(*vpp, foo->open_flags, td); 1126 /* 1127 * Purge the parent's attribute cache because the daemon should've 1128 * updated its mtime and ctime 1129 */ 1130 fuse_vnode_clear_attr_cache(dvp); 1131 cache_purge_negative(dvp); 1132 1133 out: 1134 if (fdip2) 1135 fdisp_destroy(fdip2); 1136 fdisp_destroy(fdip); 1137 return err; 1138 } 1139 1140 /* 1141 struct vnop_fdatasync_args { 1142 struct vop_generic_args a_gen; 1143 struct vnode * a_vp; 1144 struct thread * a_td; 1145 }; 1146 */ 1147 static int 1148 fuse_vnop_fdatasync(struct vop_fdatasync_args *ap) 1149 { 1150 struct vnode *vp = ap->a_vp; 1151 struct thread *td = ap->a_td; 1152 int waitfor = MNT_WAIT; 1153 1154 int err = 0; 1155 1156 if (fuse_isdeadfs(vp)) { 1157 return 0; 1158 } 1159 if ((err = vop_stdfdatasync_buf(ap))) 1160 return err; 1161 1162 return fuse_internal_fsync(vp, td, waitfor, true); 1163 } 1164 1165 /* 1166 struct vnop_fsync_args { 1167 struct vop_generic_args a_gen; 1168 struct vnode * a_vp; 1169 int a_waitfor; 1170 struct thread * a_td; 1171 }; 1172 */ 1173 static int 1174 fuse_vnop_fsync(struct vop_fsync_args *ap) 1175 { 1176 struct vnode *vp = ap->a_vp; 1177 struct thread *td = ap->a_td; 1178 int waitfor = ap->a_waitfor; 1179 int err = 0; 1180 1181 if (fuse_isdeadfs(vp)) { 1182 return 0; 1183 } 1184 if ((err = vop_stdfsync(ap))) 1185 return err; 1186 1187 return fuse_internal_fsync(vp, td, waitfor, false); 1188 } 1189 1190 /* 1191 struct vnop_getattr_args { 1192 struct vnode *a_vp; 1193 struct vattr *a_vap; 1194 struct ucred *a_cred; 1195 struct thread *a_td; 1196 }; 1197 */ 1198 static int 1199 fuse_vnop_getattr(struct vop_getattr_args *ap) 1200 { 1201 struct vnode *vp = ap->a_vp; 1202 struct vattr *vap = ap->a_vap; 1203 struct ucred *cred = ap->a_cred; 1204 struct thread *td = curthread; 1205 1206 int err = 0; 1207 int dataflags; 1208 1209 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 1210 1211 /* Note that we are not bailing out on a dead file system just yet. */ 1212 1213 if (!(dataflags & FSESS_INITED)) { 1214 if (!vnode_isvroot(vp)) { 1215 fdata_set_dead(fuse_get_mpdata(vnode_mount(vp))); 1216 err = ENOTCONN; 1217 return err; 1218 } else { 1219 goto fake; 1220 } 1221 } 1222 err = fuse_internal_getattr(vp, vap, cred, td); 1223 if (err == ENOTCONN && vnode_isvroot(vp)) { 1224 /* see comment in fuse_vfsop_statfs() */ 1225 goto fake; 1226 } else { 1227 return err; 1228 } 1229 1230 fake: 1231 bzero(vap, sizeof(*vap)); 1232 vap->va_type = vnode_vtype(vp); 1233 1234 return 0; 1235 } 1236 1237 /* 1238 struct vnop_inactive_args { 1239 struct vnode *a_vp; 1240 }; 1241 */ 1242 static int 1243 fuse_vnop_inactive(struct vop_inactive_args *ap) 1244 { 1245 struct vnode *vp = ap->a_vp; 1246 struct thread *td = curthread; 1247 1248 struct fuse_vnode_data *fvdat = VTOFUD(vp); 1249 struct fuse_filehandle *fufh, *fufh_tmp; 1250 1251 int need_flush = 1; 1252 1253 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 1254 if (need_flush && vp->v_type == VREG) { 1255 if ((VTOFUD(vp)->flag & FN_SIZECHANGE) != 0) { 1256 fuse_vnode_savesize(vp, NULL, 0); 1257 } 1258 if ((fvdat->flag & FN_REVOKED) != 0) 1259 fuse_io_invalbuf(vp, td); 1260 else 1261 fuse_io_flushbuf(vp, MNT_WAIT, td); 1262 need_flush = 0; 1263 } 1264 fuse_filehandle_close(vp, fufh, td, NULL); 1265 } 1266 1267 if ((fvdat->flag & FN_REVOKED) != 0) 1268 vrecycle(vp); 1269 1270 return 0; 1271 } 1272 1273 /* 1274 struct vnop_ioctl_args { 1275 struct vnode *a_vp; 1276 u_long a_command; 1277 caddr_t a_data; 1278 int a_fflag; 1279 struct ucred *a_cred; 1280 struct thread *a_td; 1281 }; 1282 */ 1283 static int 1284 fuse_vnop_ioctl(struct vop_ioctl_args *ap) 1285 { 1286 struct vnode *vp = ap->a_vp; 1287 struct mount *mp = vnode_mount(vp); 1288 struct ucred *cred = ap->a_cred; 1289 off_t *offp; 1290 pid_t pid = ap->a_td->td_proc->p_pid; 1291 int err; 1292 1293 switch (ap->a_command) { 1294 case FIOSEEKDATA: 1295 case FIOSEEKHOLE: 1296 /* Call FUSE_LSEEK, if we can, or fall back to vop_stdioctl */ 1297 if (fsess_maybe_impl(mp, FUSE_LSEEK)) { 1298 int whence; 1299 1300 offp = ap->a_data; 1301 if (ap->a_command == FIOSEEKDATA) 1302 whence = SEEK_DATA; 1303 else 1304 whence = SEEK_HOLE; 1305 1306 vn_lock(vp, LK_SHARED | LK_RETRY); 1307 err = fuse_vnop_do_lseek(vp, ap->a_td, cred, pid, offp, 1308 whence); 1309 VOP_UNLOCK(vp); 1310 } 1311 if (fsess_not_impl(mp, FUSE_LSEEK)) 1312 err = vop_stdioctl(ap); 1313 break; 1314 default: 1315 /* TODO: implement FUSE_IOCTL */ 1316 err = ENOTTY; 1317 break; 1318 } 1319 return (err); 1320 } 1321 1322 1323 /* 1324 struct vnop_link_args { 1325 struct vnode *a_tdvp; 1326 struct vnode *a_vp; 1327 struct componentname *a_cnp; 1328 }; 1329 */ 1330 static int 1331 fuse_vnop_link(struct vop_link_args *ap) 1332 { 1333 struct vnode *vp = ap->a_vp; 1334 struct vnode *tdvp = ap->a_tdvp; 1335 struct componentname *cnp = ap->a_cnp; 1336 1337 struct vattr *vap = VTOVA(vp); 1338 1339 struct fuse_dispatcher fdi; 1340 struct fuse_entry_out *feo; 1341 struct fuse_link_in fli; 1342 1343 int err; 1344 1345 if (fuse_isdeadfs(vp)) { 1346 return ENXIO; 1347 } 1348 if (vnode_mount(tdvp) != vnode_mount(vp)) { 1349 return EXDEV; 1350 } 1351 1352 /* 1353 * This is a seatbelt check to protect naive userspace filesystems from 1354 * themselves and the limitations of the FUSE IPC protocol. If a 1355 * filesystem does not allow attribute caching, assume it is capable of 1356 * validating that nlink does not overflow. 1357 */ 1358 if (vap != NULL && vap->va_nlink >= FUSE_LINK_MAX) 1359 return EMLINK; 1360 fli.oldnodeid = VTOI(vp); 1361 1362 fdisp_init(&fdi, 0); 1363 fuse_internal_newentry_makerequest(vnode_mount(tdvp), VTOI(tdvp), cnp, 1364 FUSE_LINK, &fli, sizeof(fli), &fdi); 1365 if ((err = fdisp_wait_answ(&fdi))) { 1366 goto out; 1367 } 1368 feo = fdi.answ; 1369 1370 if (fli.oldnodeid != feo->nodeid) { 1371 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 1372 fuse_warn(data, FSESS_WARN_ILLEGAL_INODE, 1373 "Assigned wrong inode for a hard link."); 1374 fuse_vnode_clear_attr_cache(vp); 1375 fuse_vnode_clear_attr_cache(tdvp); 1376 err = EIO; 1377 goto out; 1378 } 1379 1380 err = fuse_internal_checkentry(feo, vnode_vtype(vp)); 1381 if (!err) { 1382 /* 1383 * Purge the parent's attribute cache because the daemon 1384 * should've updated its mtime and ctime 1385 */ 1386 fuse_vnode_clear_attr_cache(tdvp); 1387 fuse_internal_cache_attrs(vp, &feo->attr, feo->attr_valid, 1388 feo->attr_valid_nsec, NULL, true); 1389 } 1390 out: 1391 fdisp_destroy(&fdi); 1392 return err; 1393 } 1394 1395 struct fuse_lookup_alloc_arg { 1396 struct fuse_entry_out *feo; 1397 struct componentname *cnp; 1398 uint64_t nid; 1399 __enum_uint8(vtype) vtyp; 1400 }; 1401 1402 /* Callback for vn_get_ino */ 1403 static int 1404 fuse_lookup_alloc(struct mount *mp, void *arg, int lkflags, struct vnode **vpp) 1405 { 1406 struct fuse_lookup_alloc_arg *flaa = arg; 1407 1408 return fuse_vnode_get(mp, flaa->feo, flaa->nid, NULL, vpp, flaa->cnp, 1409 flaa->vtyp); 1410 } 1411 1412 SDT_PROBE_DEFINE3(fusefs, , vnops, cache_lookup, 1413 "int", "struct timespec*", "struct timespec*"); 1414 /* 1415 struct vnop_lookup_args { 1416 struct vnodeop_desc *a_desc; 1417 struct vnode *a_dvp; 1418 struct vnode **a_vpp; 1419 struct componentname *a_cnp; 1420 }; 1421 */ 1422 int 1423 fuse_vnop_lookup(struct vop_lookup_args *ap) 1424 { 1425 struct vnode *dvp = ap->a_dvp; 1426 struct vnode **vpp = ap->a_vpp; 1427 struct componentname *cnp = ap->a_cnp; 1428 struct thread *td = curthread; 1429 struct ucred *cred = cnp->cn_cred; 1430 struct timespec now; 1431 1432 int nameiop = cnp->cn_nameiop; 1433 int flags = cnp->cn_flags; 1434 int islastcn = flags & ISLASTCN; 1435 struct mount *mp = vnode_mount(dvp); 1436 struct fuse_data *data = fuse_get_mpdata(mp); 1437 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 1438 bool is_dot; 1439 1440 int err = 0; 1441 int lookup_err = 0; 1442 struct vnode *vp = NULL; 1443 1444 struct fuse_dispatcher fdi; 1445 bool did_lookup = false; 1446 struct fuse_entry_out *feo = NULL; 1447 __enum_uint8(vtype) vtyp; /* vnode type of target */ 1448 1449 uint64_t nid; 1450 1451 if (fuse_isdeadfs(dvp)) { 1452 *vpp = NULL; 1453 return ENXIO; 1454 } 1455 if (!vnode_isdir(dvp)) 1456 return ENOTDIR; 1457 1458 if (islastcn && vfs_isrdonly(mp) && (nameiop != LOOKUP)) 1459 return EROFS; 1460 1461 if ((cnp->cn_flags & NOEXECCHECK) != 0) 1462 cnp->cn_flags &= ~NOEXECCHECK; 1463 else if ((err = fuse_internal_access(dvp, VEXEC, td, cred))) 1464 return err; 1465 1466 is_dot = cnp->cn_namelen == 1 && *(cnp->cn_nameptr) == '.'; 1467 if ((flags & ISDOTDOT) && !(data->dataflags & FSESS_EXPORT_SUPPORT)) 1468 { 1469 if (!(VTOFUD(dvp)->flag & FN_PARENT_NID)) { 1470 /* 1471 * Since the file system doesn't support ".." lookups, 1472 * we have no way to find this entry. 1473 */ 1474 return ESTALE; 1475 } 1476 nid = VTOFUD(dvp)->parent_nid; 1477 if (nid == 0) 1478 return ENOENT; 1479 /* .. is obviously a directory */ 1480 vtyp = VDIR; 1481 } else if (is_dot) { 1482 nid = VTOI(dvp); 1483 /* . is obviously a directory */ 1484 vtyp = VDIR; 1485 } else { 1486 struct timespec timeout; 1487 int ncpticks; /* here to accommodate for API contract */ 1488 1489 err = cache_lookup(dvp, vpp, cnp, &timeout, &ncpticks); 1490 getnanouptime(&now); 1491 SDT_PROBE3(fusefs, , vnops, cache_lookup, err, &timeout, &now); 1492 switch (err) { 1493 case -1: /* positive match */ 1494 if (timespeccmp(&timeout, &now, >)) { 1495 counter_u64_add(fuse_lookup_cache_hits, 1); 1496 } else { 1497 /* Cache timeout */ 1498 counter_u64_add(fuse_lookup_cache_misses, 1); 1499 bintime_clear( 1500 &VTOFUD(*vpp)->entry_cache_timeout); 1501 cache_purge(*vpp); 1502 if (dvp != *vpp) 1503 vput(*vpp); 1504 else 1505 vrele(*vpp); 1506 *vpp = NULL; 1507 break; 1508 } 1509 return 0; 1510 1511 case 0: /* no match in cache */ 1512 counter_u64_add(fuse_lookup_cache_misses, 1); 1513 break; 1514 1515 case ENOENT: /* negative match */ 1516 if (timespeccmp(&timeout, &now, <=)) { 1517 /* Cache timeout */ 1518 cache_purge_negative(dvp); 1519 break; 1520 } 1521 /* fall through */ 1522 default: 1523 return err; 1524 } 1525 1526 fdisp_init(&fdi, cnp->cn_namelen + 1); 1527 fdisp_make(&fdi, FUSE_LOOKUP, mp, VTOI(dvp), td, cred); 1528 1529 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 1530 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 1531 lookup_err = fdisp_wait_answ(&fdi); 1532 did_lookup = true; 1533 1534 if (!lookup_err) { 1535 /* lookup call succeeded */ 1536 feo = (struct fuse_entry_out *)fdi.answ; 1537 nid = feo->nodeid; 1538 if (nid == 0) { 1539 /* zero nodeid means ENOENT and cache it */ 1540 struct timespec timeout; 1541 1542 fdi.answ_stat = ENOENT; 1543 lookup_err = ENOENT; 1544 if (cnp->cn_flags & MAKEENTRY) { 1545 fuse_validity_2_timespec(feo, &timeout); 1546 /* Use the same entry_time for .. as for 1547 * the file itself. That doesn't honor 1548 * exactly what the fuse server tells 1549 * us, but to do otherwise would require 1550 * another cache lookup at this point. 1551 */ 1552 struct timespec *dtsp = NULL; 1553 cache_enter_time(dvp, *vpp, cnp, 1554 &timeout, dtsp); 1555 } 1556 } 1557 vtyp = IFTOVT(feo->attr.mode); 1558 } 1559 if (lookup_err && (!fdi.answ_stat || lookup_err != ENOENT)) { 1560 fdisp_destroy(&fdi); 1561 return lookup_err; 1562 } 1563 } 1564 /* lookup_err, if non-zero, must be ENOENT at this point */ 1565 1566 if (lookup_err) { 1567 /* Entry not found */ 1568 if ((nameiop == CREATE || nameiop == RENAME) && islastcn) { 1569 if (default_permissions) 1570 err = fuse_internal_access(dvp, VWRITE, td, 1571 cred); 1572 else 1573 err = 0; 1574 if (!err) { 1575 err = EJUSTRETURN; 1576 } 1577 } else { 1578 err = ENOENT; 1579 } 1580 } else { 1581 /* Entry was found */ 1582 if (flags & ISDOTDOT) { 1583 struct fuse_lookup_alloc_arg flaa; 1584 1585 flaa.nid = nid; 1586 flaa.feo = feo; 1587 flaa.cnp = cnp; 1588 flaa.vtyp = vtyp; 1589 err = vn_vget_ino_gen(dvp, fuse_lookup_alloc, &flaa, 0, 1590 &vp); 1591 *vpp = vp; 1592 } else if (nid == VTOI(dvp)) { 1593 if (is_dot) { 1594 vref(dvp); 1595 *vpp = dvp; 1596 } else { 1597 fuse_warn(fuse_get_mpdata(mp), 1598 FSESS_WARN_ILLEGAL_INODE, 1599 "Assigned same inode to both parent and " 1600 "child."); 1601 err = EIO; 1602 } 1603 1604 } else { 1605 struct fuse_vnode_data *fvdat; 1606 1607 err = fuse_vnode_get(vnode_mount(dvp), feo, nid, dvp, 1608 &vp, cnp, vtyp); 1609 if (err) 1610 goto out; 1611 *vpp = vp; 1612 fvdat = VTOFUD(vp); 1613 1614 MPASS(feo != NULL); 1615 if (timespeccmp(&now, &fvdat->last_local_modify, >)) { 1616 /* 1617 * Attributes from the server are definitely 1618 * newer than the last attributes we sent to 1619 * the server, so cache them. 1620 */ 1621 fuse_internal_cache_attrs(*vpp, &feo->attr, 1622 feo->attr_valid, feo->attr_valid_nsec, 1623 NULL, true); 1624 } 1625 fuse_validity_2_bintime(feo->entry_valid, 1626 feo->entry_valid_nsec, 1627 &fvdat->entry_cache_timeout); 1628 1629 if ((nameiop == DELETE || nameiop == RENAME) && 1630 islastcn && default_permissions) 1631 { 1632 struct vattr dvattr; 1633 1634 err = fuse_internal_access(dvp, VWRITE, td, 1635 cred); 1636 if (err != 0) 1637 goto out; 1638 /* 1639 * if the parent's sticky bit is set, check 1640 * whether we're allowed to remove the file. 1641 * Need to figure out the vnode locking to make 1642 * this work. 1643 */ 1644 fuse_internal_getattr(dvp, &dvattr, cred, td); 1645 if ((dvattr.va_mode & S_ISTXT) && 1646 fuse_internal_access(dvp, VADMIN, td, 1647 cred) && 1648 fuse_internal_access(*vpp, VADMIN, td, 1649 cred)) { 1650 err = EPERM; 1651 goto out; 1652 } 1653 } 1654 } 1655 } 1656 out: 1657 if (err) { 1658 if (vp != NULL && dvp != vp) 1659 vput(vp); 1660 else if (vp != NULL) 1661 vrele(vp); 1662 *vpp = NULL; 1663 } 1664 if (did_lookup) 1665 fdisp_destroy(&fdi); 1666 1667 return err; 1668 } 1669 1670 /* 1671 struct vnop_mkdir_args { 1672 struct vnode *a_dvp; 1673 struct vnode **a_vpp; 1674 struct componentname *a_cnp; 1675 struct vattr *a_vap; 1676 }; 1677 */ 1678 static int 1679 fuse_vnop_mkdir(struct vop_mkdir_args *ap) 1680 { 1681 struct vnode *dvp = ap->a_dvp; 1682 struct vnode **vpp = ap->a_vpp; 1683 struct componentname *cnp = ap->a_cnp; 1684 struct vattr *vap = ap->a_vap; 1685 1686 struct fuse_mkdir_in fmdi; 1687 1688 if (fuse_isdeadfs(dvp)) { 1689 return ENXIO; 1690 } 1691 fmdi.mode = MAKEIMODE(vap->va_type, vap->va_mode); 1692 fmdi.umask = curthread->td_proc->p_pd->pd_cmask; 1693 1694 return (fuse_internal_newentry(dvp, vpp, cnp, FUSE_MKDIR, &fmdi, 1695 sizeof(fmdi), VDIR)); 1696 } 1697 1698 /* 1699 struct vnop_mknod_args { 1700 struct vnode *a_dvp; 1701 struct vnode **a_vpp; 1702 struct componentname *a_cnp; 1703 struct vattr *a_vap; 1704 }; 1705 */ 1706 static int 1707 fuse_vnop_mknod(struct vop_mknod_args *ap) 1708 { 1709 1710 struct vnode *dvp = ap->a_dvp; 1711 struct vnode **vpp = ap->a_vpp; 1712 struct componentname *cnp = ap->a_cnp; 1713 struct vattr *vap = ap->a_vap; 1714 1715 if (fuse_isdeadfs(dvp)) 1716 return ENXIO; 1717 1718 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1719 } 1720 1721 /* 1722 struct vop_open_args { 1723 struct vnode *a_vp; 1724 int a_mode; 1725 struct ucred *a_cred; 1726 struct thread *a_td; 1727 int a_fdidx; / struct file *a_fp; 1728 }; 1729 */ 1730 static int 1731 fuse_vnop_open(struct vop_open_args *ap) 1732 { 1733 struct vnode *vp = ap->a_vp; 1734 int a_mode = ap->a_mode; 1735 struct thread *td = ap->a_td; 1736 struct ucred *cred = ap->a_cred; 1737 pid_t pid = td->td_proc->p_pid; 1738 1739 if (fuse_isdeadfs(vp)) 1740 return ENXIO; 1741 if (vp->v_type == VCHR || vp->v_type == VBLK || vp->v_type == VFIFO) 1742 return (EOPNOTSUPP); 1743 if ((a_mode & (FREAD | FWRITE | FEXEC)) == 0) 1744 return EINVAL; 1745 1746 if (fuse_filehandle_validrw(vp, a_mode, cred, pid)) { 1747 fuse_vnode_open(vp, 0, td); 1748 return 0; 1749 } 1750 1751 return fuse_filehandle_open(vp, a_mode, NULL, td, cred); 1752 } 1753 1754 static int 1755 fuse_vnop_pathconf(struct vop_pathconf_args *ap) 1756 { 1757 struct vnode *vp = ap->a_vp; 1758 struct mount *mp; 1759 1760 switch (ap->a_name) { 1761 case _PC_FILESIZEBITS: 1762 *ap->a_retval = 64; 1763 return (0); 1764 case _PC_NAME_MAX: 1765 *ap->a_retval = NAME_MAX; 1766 return (0); 1767 case _PC_LINK_MAX: 1768 *ap->a_retval = MIN(LONG_MAX, FUSE_LINK_MAX); 1769 return (0); 1770 case _PC_SYMLINK_MAX: 1771 *ap->a_retval = MAXPATHLEN; 1772 return (0); 1773 case _PC_NO_TRUNC: 1774 *ap->a_retval = 1; 1775 return (0); 1776 case _PC_MIN_HOLE_SIZE: 1777 /* 1778 * The FUSE protocol provides no mechanism for a server to 1779 * report _PC_MIN_HOLE_SIZE. It's a protocol bug. Instead, 1780 * return EINVAL if the server does not support FUSE_LSEEK, or 1781 * 1 if it does. 1782 */ 1783 mp = vnode_mount(vp); 1784 if (!fsess_is_impl(mp, FUSE_LSEEK) && 1785 !fsess_not_impl(mp, FUSE_LSEEK)) { 1786 off_t offset = 0; 1787 1788 /* Issue a FUSE_LSEEK to find out if it's implemented */ 1789 fuse_vnop_do_lseek(vp, curthread, curthread->td_ucred, 1790 curthread->td_proc->p_pid, &offset, SEEK_DATA); 1791 } 1792 1793 if (fsess_is_impl(mp, FUSE_LSEEK)) { 1794 *ap->a_retval = 1; 1795 return (0); 1796 } else { 1797 /* 1798 * Probably FUSE_LSEEK is not implemented. It might 1799 * be, if the FUSE_LSEEK above returned an error like 1800 * EACCES, but in that case we can't tell, so it's 1801 * safest to report EINVAL anyway. 1802 */ 1803 return (EINVAL); 1804 } 1805 default: 1806 return (vop_stdpathconf(ap)); 1807 } 1808 } 1809 1810 SDT_PROBE_DEFINE3(fusefs, , vnops, filehandles_closed, "struct vnode*", 1811 "struct uio*", "struct ucred*"); 1812 /* 1813 struct vnop_read_args { 1814 struct vnode *a_vp; 1815 struct uio *a_uio; 1816 int a_ioflag; 1817 struct ucred *a_cred; 1818 }; 1819 */ 1820 static int 1821 fuse_vnop_read(struct vop_read_args *ap) 1822 { 1823 struct vnode *vp = ap->a_vp; 1824 struct uio *uio = ap->a_uio; 1825 int ioflag = ap->a_ioflag; 1826 struct ucred *cred = ap->a_cred; 1827 pid_t pid = curthread->td_proc->p_pid; 1828 struct fuse_filehandle *fufh; 1829 int err; 1830 bool closefufh = false, directio; 1831 1832 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 1833 1834 if (fuse_isdeadfs(vp)) { 1835 return ENXIO; 1836 } 1837 1838 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 1839 ioflag |= IO_DIRECT; 1840 } 1841 1842 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 1843 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 1844 /* 1845 * nfsd will do I/O without first doing VOP_OPEN. We 1846 * must implicitly open the file here 1847 */ 1848 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1849 closefufh = true; 1850 } 1851 if (err) { 1852 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 1853 return err; 1854 } 1855 1856 /* 1857 * Ideally, when the daemon asks for direct io at open time, the 1858 * standard file flag should be set according to this, so that would 1859 * just change the default mode, which later on could be changed via 1860 * fcntl(2). 1861 * But this doesn't work, the O_DIRECT flag gets cleared at some point 1862 * (don't know where). So to make any use of the Fuse direct_io option, 1863 * we hardwire it into the file's private data (similarly to Linux, 1864 * btw.). 1865 */ 1866 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 1867 1868 fuse_vnode_update(vp, FN_ATIMECHANGE); 1869 if (directio) { 1870 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct read of vnode"); 1871 err = fuse_read_directbackend(vp, uio, cred, fufh); 1872 } else { 1873 SDT_PROBE2(fusefs, , vnops, trace, 1, "buffered read of vnode"); 1874 err = fuse_read_biobackend(vp, uio, ioflag, cred, fufh, pid); 1875 } 1876 1877 if (closefufh) 1878 fuse_filehandle_close(vp, fufh, curthread, cred); 1879 1880 return (err); 1881 } 1882 1883 /* 1884 struct vnop_readdir_args { 1885 struct vnode *a_vp; 1886 struct uio *a_uio; 1887 struct ucred *a_cred; 1888 int *a_eofflag; 1889 int *a_ncookies; 1890 uint64_t **a_cookies; 1891 }; 1892 */ 1893 static int 1894 fuse_vnop_readdir(struct vop_readdir_args *ap) 1895 { 1896 struct vnode *vp = ap->a_vp; 1897 struct uio *uio = ap->a_uio; 1898 struct ucred *cred = ap->a_cred; 1899 struct fuse_filehandle *fufh = NULL; 1900 struct mount *mp = vnode_mount(vp); 1901 struct fuse_iov cookediov; 1902 int err = 0; 1903 uint64_t *cookies; 1904 ssize_t tresid; 1905 int ncookies; 1906 bool closefufh = false; 1907 pid_t pid = curthread->td_proc->p_pid; 1908 1909 if (ap->a_eofflag) 1910 *ap->a_eofflag = 0; 1911 if (fuse_isdeadfs(vp)) { 1912 return ENXIO; 1913 } 1914 if ( /* XXXIP ((uio_iovcnt(uio) > 1)) || */ 1915 (uio_resid(uio) < sizeof(struct dirent))) { 1916 return EINVAL; 1917 } 1918 1919 tresid = uio->uio_resid; 1920 err = fuse_filehandle_get_dir(vp, &fufh, cred, pid); 1921 if (err == EBADF && mp->mnt_flag & MNT_EXPORTED) { 1922 KASSERT(fuse_get_mpdata(mp)->dataflags 1923 & FSESS_NO_OPENDIR_SUPPORT, 1924 ("FUSE file systems that don't set " 1925 "FUSE_NO_OPENDIR_SUPPORT should not be exported")); 1926 /* 1927 * nfsd will do VOP_READDIR without first doing VOP_OPEN. We 1928 * must implicitly open the directory here. 1929 */ 1930 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1931 closefufh = true; 1932 } 1933 if (err) 1934 return (err); 1935 if (ap->a_ncookies != NULL) { 1936 ncookies = uio->uio_resid / 1937 (offsetof(struct dirent, d_name) + 4) + 1; 1938 cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK); 1939 *ap->a_ncookies = ncookies; 1940 *ap->a_cookies = cookies; 1941 } else { 1942 ncookies = 0; 1943 cookies = NULL; 1944 } 1945 #define DIRCOOKEDSIZE FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + MAXNAMLEN + 1) 1946 fiov_init(&cookediov, DIRCOOKEDSIZE); 1947 1948 err = fuse_internal_readdir(vp, uio, fufh, &cookediov, 1949 &ncookies, cookies); 1950 1951 fiov_teardown(&cookediov); 1952 if (closefufh) 1953 fuse_filehandle_close(vp, fufh, curthread, cred); 1954 1955 if (ap->a_ncookies != NULL) { 1956 if (err == 0) { 1957 *ap->a_ncookies -= ncookies; 1958 } else { 1959 free(*ap->a_cookies, M_TEMP); 1960 *ap->a_ncookies = 0; 1961 *ap->a_cookies = NULL; 1962 } 1963 } 1964 if (err == 0 && tresid == uio->uio_resid) 1965 *ap->a_eofflag = 1; 1966 1967 return err; 1968 } 1969 1970 /* 1971 struct vnop_readlink_args { 1972 struct vnode *a_vp; 1973 struct uio *a_uio; 1974 struct ucred *a_cred; 1975 }; 1976 */ 1977 static int 1978 fuse_vnop_readlink(struct vop_readlink_args *ap) 1979 { 1980 struct vnode *vp = ap->a_vp; 1981 struct uio *uio = ap->a_uio; 1982 struct ucred *cred = ap->a_cred; 1983 1984 struct fuse_dispatcher fdi; 1985 int err; 1986 1987 if (fuse_isdeadfs(vp)) { 1988 return ENXIO; 1989 } 1990 if (!vnode_islnk(vp)) { 1991 return EINVAL; 1992 } 1993 fdisp_init(&fdi, 0); 1994 err = fdisp_simple_putget_vp(&fdi, FUSE_READLINK, vp, curthread, cred); 1995 if (err) { 1996 goto out; 1997 } 1998 if (strnlen(fdi.answ, fdi.iosize) + 1 < fdi.iosize) { 1999 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 2000 fuse_warn(data, FSESS_WARN_READLINK_EMBEDDED_NUL, 2001 "Returned an embedded NUL from FUSE_READLINK."); 2002 err = EIO; 2003 goto out; 2004 } 2005 if (((char *)fdi.answ)[0] == '/' && 2006 fuse_get_mpdata(vnode_mount(vp))->dataflags & FSESS_PUSH_SYMLINKS_IN) { 2007 char *mpth = vnode_mount(vp)->mnt_stat.f_mntonname; 2008 2009 err = uiomove(mpth, strlen(mpth), uio); 2010 } 2011 if (!err) { 2012 err = uiomove(fdi.answ, fdi.iosize, uio); 2013 } 2014 out: 2015 fdisp_destroy(&fdi); 2016 return err; 2017 } 2018 2019 /* 2020 struct vnop_reclaim_args { 2021 struct vnode *a_vp; 2022 }; 2023 */ 2024 static int 2025 fuse_vnop_reclaim(struct vop_reclaim_args *ap) 2026 { 2027 struct vnode *vp = ap->a_vp; 2028 struct thread *td = curthread; 2029 struct fuse_vnode_data *fvdat = VTOFUD(vp); 2030 struct fuse_filehandle *fufh, *fufh_tmp; 2031 2032 if (!fvdat) { 2033 panic("FUSE: no vnode data during recycling"); 2034 } 2035 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 2036 printf("FUSE: vnode being reclaimed with open fufh " 2037 "(type=%#x)", fufh->fufh_type); 2038 fuse_filehandle_close(vp, fufh, td, NULL); 2039 } 2040 2041 if (VTOI(vp) == 1) { 2042 /* 2043 * Don't send FUSE_FORGET for the root inode, because 2044 * we never send FUSE_LOOKUP for it (see 2045 * fuse_vfsop_root) and we don't want the server to see 2046 * mismatched lookup counts. 2047 */ 2048 struct fuse_data *data; 2049 struct vnode *vroot; 2050 2051 data = fuse_get_mpdata(vnode_mount(vp)); 2052 FUSE_LOCK(); 2053 vroot = data->vroot; 2054 data->vroot = NULL; 2055 FUSE_UNLOCK(); 2056 if (vroot) 2057 vrele(vroot); 2058 } else if (!fuse_isdeadfs(vp) && fvdat->nlookup > 0) { 2059 fuse_internal_forget_send(vnode_mount(vp), td, NULL, VTOI(vp), 2060 fvdat->nlookup); 2061 } 2062 cache_purge(vp); 2063 vfs_hash_remove(vp); 2064 fuse_vnode_destroy(vp); 2065 2066 return 0; 2067 } 2068 2069 /* 2070 struct vnop_remove_args { 2071 struct vnode *a_dvp; 2072 struct vnode *a_vp; 2073 struct componentname *a_cnp; 2074 }; 2075 */ 2076 static int 2077 fuse_vnop_remove(struct vop_remove_args *ap) 2078 { 2079 struct vnode *dvp = ap->a_dvp; 2080 struct vnode *vp = ap->a_vp; 2081 struct componentname *cnp = ap->a_cnp; 2082 2083 int err; 2084 2085 if (fuse_isdeadfs(vp)) { 2086 return ENXIO; 2087 } 2088 if (vnode_isdir(vp)) { 2089 return EPERM; 2090 } 2091 2092 err = fuse_internal_remove(dvp, vp, cnp, FUSE_UNLINK); 2093 2094 return err; 2095 } 2096 2097 /* 2098 struct vnop_rename_args { 2099 struct vnode *a_fdvp; 2100 struct vnode *a_fvp; 2101 struct componentname *a_fcnp; 2102 struct vnode *a_tdvp; 2103 struct vnode *a_tvp; 2104 struct componentname *a_tcnp; 2105 }; 2106 */ 2107 static int 2108 fuse_vnop_rename(struct vop_rename_args *ap) 2109 { 2110 struct vnode *fdvp = ap->a_fdvp; 2111 struct vnode *fvp = ap->a_fvp; 2112 struct componentname *fcnp = ap->a_fcnp; 2113 struct vnode *tdvp = ap->a_tdvp; 2114 struct vnode *tvp = ap->a_tvp; 2115 struct componentname *tcnp = ap->a_tcnp; 2116 struct fuse_data *data; 2117 bool newparent = fdvp != tdvp; 2118 bool isdir = fvp->v_type == VDIR; 2119 int err = 0; 2120 2121 if (fuse_isdeadfs(fdvp)) { 2122 return ENXIO; 2123 } 2124 if (fvp->v_mount != tdvp->v_mount || 2125 (tvp && fvp->v_mount != tvp->v_mount)) { 2126 SDT_PROBE2(fusefs, , vnops, trace, 1, "cross-device rename"); 2127 err = EXDEV; 2128 goto out; 2129 } 2130 cache_purge(fvp); 2131 2132 /* 2133 * FUSE library is expected to check if target directory is not 2134 * under the source directory in the file system tree. 2135 * Linux performs this check at VFS level. 2136 */ 2137 /* 2138 * If source is a directory, and it will get a new parent, user must 2139 * have write permission to it, so ".." can be modified. 2140 */ 2141 data = fuse_get_mpdata(vnode_mount(tdvp)); 2142 if (data->dataflags & FSESS_DEFAULT_PERMISSIONS && isdir && newparent) { 2143 err = fuse_internal_access(fvp, VWRITE, 2144 curthread, tcnp->cn_cred); 2145 if (err) 2146 goto out; 2147 } 2148 sx_xlock(&data->rename_lock); 2149 err = fuse_internal_rename(fdvp, fcnp, tdvp, tcnp); 2150 if (err == 0) { 2151 if (tdvp != fdvp) 2152 fuse_vnode_setparent(fvp, tdvp); 2153 if (tvp != NULL) 2154 fuse_vnode_setparent(tvp, NULL); 2155 } 2156 sx_unlock(&data->rename_lock); 2157 2158 if (tvp != NULL && tvp != fvp) { 2159 cache_purge(tvp); 2160 } 2161 if (vnode_isdir(fvp)) { 2162 if (((tvp != NULL) && vnode_isdir(tvp)) || vnode_isdir(fvp)) { 2163 cache_purge(tdvp); 2164 } 2165 cache_purge(fdvp); 2166 } 2167 out: 2168 if (tdvp == tvp) { 2169 vrele(tdvp); 2170 } else { 2171 vput(tdvp); 2172 } 2173 if (tvp != NULL) { 2174 vput(tvp); 2175 } 2176 vrele(fdvp); 2177 vrele(fvp); 2178 2179 return err; 2180 } 2181 2182 /* 2183 struct vnop_rmdir_args { 2184 struct vnode *a_dvp; 2185 struct vnode *a_vp; 2186 struct componentname *a_cnp; 2187 } *ap; 2188 */ 2189 static int 2190 fuse_vnop_rmdir(struct vop_rmdir_args *ap) 2191 { 2192 struct vnode *dvp = ap->a_dvp; 2193 struct vnode *vp = ap->a_vp; 2194 2195 int err; 2196 2197 if (fuse_isdeadfs(vp)) { 2198 return ENXIO; 2199 } 2200 if (VTOFUD(vp) == VTOFUD(dvp)) { 2201 return EINVAL; 2202 } 2203 err = fuse_internal_remove(dvp, vp, ap->a_cnp, FUSE_RMDIR); 2204 2205 return err; 2206 } 2207 2208 /* 2209 struct vnop_setattr_args { 2210 struct vnode *a_vp; 2211 struct vattr *a_vap; 2212 struct ucred *a_cred; 2213 struct thread *a_td; 2214 }; 2215 */ 2216 static int 2217 fuse_vnop_setattr(struct vop_setattr_args *ap) 2218 { 2219 struct vnode *vp = ap->a_vp; 2220 struct vattr *vap = ap->a_vap; 2221 struct ucred *cred = ap->a_cred; 2222 struct thread *td = curthread; 2223 struct mount *mp; 2224 struct fuse_data *data; 2225 struct vattr old_va; 2226 int dataflags; 2227 int err = 0, err2; 2228 accmode_t accmode = 0; 2229 bool checkperm; 2230 bool drop_suid = false; 2231 2232 mp = vnode_mount(vp); 2233 data = fuse_get_mpdata(mp); 2234 dataflags = data->dataflags; 2235 checkperm = dataflags & FSESS_DEFAULT_PERMISSIONS; 2236 2237 if (fuse_isdeadfs(vp)) { 2238 return ENXIO; 2239 } 2240 2241 if (vap->va_uid != (uid_t)VNOVAL) { 2242 if (checkperm) { 2243 /* Only root may change a file's owner */ 2244 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2245 if (err) { 2246 /* As a special case, allow the null chown */ 2247 err2 = fuse_internal_getattr(vp, &old_va, cred, 2248 td); 2249 if (err2) 2250 return (err2); 2251 if (vap->va_uid != old_va.va_uid) 2252 return err; 2253 else 2254 accmode |= VADMIN; 2255 drop_suid = true; 2256 } else 2257 accmode |= VADMIN; 2258 } else 2259 accmode |= VADMIN; 2260 } 2261 if (vap->va_gid != (gid_t)VNOVAL) { 2262 if (checkperm && priv_check_cred(cred, PRIV_VFS_CHOWN)) 2263 drop_suid = true; 2264 if (checkperm && !groupmember(vap->va_gid, cred)) 2265 { 2266 /* 2267 * Non-root users may only chgrp to one of their own 2268 * groups 2269 */ 2270 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2271 if (err) { 2272 /* As a special case, allow the null chgrp */ 2273 err2 = fuse_internal_getattr(vp, &old_va, cred, 2274 td); 2275 if (err2) 2276 return (err2); 2277 if (vap->va_gid != old_va.va_gid) 2278 return err; 2279 accmode |= VADMIN; 2280 } else 2281 accmode |= VADMIN; 2282 } else 2283 accmode |= VADMIN; 2284 } 2285 if (vap->va_size != VNOVAL) { 2286 switch (vp->v_type) { 2287 case VDIR: 2288 return (EISDIR); 2289 case VLNK: 2290 case VREG: 2291 if (vfs_isrdonly(mp)) 2292 return (EROFS); 2293 err = vn_rlimit_trunc(vap->va_size, td); 2294 if (err) 2295 return (err); 2296 break; 2297 default: 2298 /* 2299 * According to POSIX, the result is unspecified 2300 * for file types other than regular files, 2301 * directories and shared memory objects. We 2302 * don't support shared memory objects in the file 2303 * system, and have dubious support for truncating 2304 * symlinks. Just ignore the request in other cases. 2305 */ 2306 return (0); 2307 } 2308 /* Don't set accmode. Permission to trunc is checked upstack */ 2309 } 2310 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 2311 if (vap->va_vaflags & VA_UTIMES_NULL) 2312 accmode |= VWRITE; 2313 else 2314 accmode |= VADMIN; 2315 } 2316 if (drop_suid) { 2317 if (vap->va_mode != (mode_t)VNOVAL) 2318 vap->va_mode &= ~(S_ISUID | S_ISGID); 2319 else { 2320 err = fuse_internal_getattr(vp, &old_va, cred, td); 2321 if (err) 2322 return (err); 2323 vap->va_mode = old_va.va_mode & ~(S_ISUID | S_ISGID); 2324 } 2325 } 2326 if (vap->va_mode != (mode_t)VNOVAL) { 2327 /* Only root may set the sticky bit on non-directories */ 2328 if (checkperm && vp->v_type != VDIR && (vap->va_mode & S_ISTXT) 2329 && priv_check_cred(cred, PRIV_VFS_STICKYFILE)) 2330 return EFTYPE; 2331 if (checkperm && (vap->va_mode & S_ISGID)) { 2332 err = fuse_internal_getattr(vp, &old_va, cred, td); 2333 if (err) 2334 return (err); 2335 if (!groupmember(old_va.va_gid, cred)) { 2336 err = priv_check_cred(cred, PRIV_VFS_SETGID); 2337 if (err) 2338 return (err); 2339 } 2340 } 2341 accmode |= VADMIN; 2342 } 2343 2344 if (vfs_isrdonly(mp)) 2345 return EROFS; 2346 2347 if (checkperm) { 2348 err = fuse_internal_access(vp, accmode, td, cred); 2349 } else { 2350 err = 0; 2351 } 2352 if (err) 2353 return err; 2354 else 2355 return fuse_internal_setattr(vp, vap, td, cred); 2356 } 2357 2358 /* 2359 struct vnop_strategy_args { 2360 struct vnode *a_vp; 2361 struct buf *a_bp; 2362 }; 2363 */ 2364 static int 2365 fuse_vnop_strategy(struct vop_strategy_args *ap) 2366 { 2367 struct vnode *vp = ap->a_vp; 2368 struct buf *bp = ap->a_bp; 2369 2370 if (!vp || fuse_isdeadfs(vp)) { 2371 bp->b_ioflags |= BIO_ERROR; 2372 bp->b_error = ENXIO; 2373 bufdone(bp); 2374 return 0; 2375 } 2376 2377 /* 2378 * VOP_STRATEGY always returns zero and signals error via bp->b_ioflags. 2379 * fuse_io_strategy sets bp's error fields 2380 */ 2381 (void)fuse_io_strategy(vp, bp); 2382 2383 return 0; 2384 } 2385 2386 /* 2387 struct vnop_symlink_args { 2388 struct vnode *a_dvp; 2389 struct vnode **a_vpp; 2390 struct componentname *a_cnp; 2391 struct vattr *a_vap; 2392 char *a_target; 2393 }; 2394 */ 2395 static int 2396 fuse_vnop_symlink(struct vop_symlink_args *ap) 2397 { 2398 struct vnode *dvp = ap->a_dvp; 2399 struct vnode **vpp = ap->a_vpp; 2400 struct componentname *cnp = ap->a_cnp; 2401 const char *target = ap->a_target; 2402 2403 struct fuse_dispatcher fdi; 2404 2405 int err; 2406 size_t len; 2407 2408 if (fuse_isdeadfs(dvp)) { 2409 return ENXIO; 2410 } 2411 /* 2412 * Unlike the other creator type calls, here we have to create a message 2413 * where the name of the new entry comes first, and the data describing 2414 * the entry comes second. 2415 * Hence we can't rely on our handy fuse_internal_newentry() routine, 2416 * but put together the message manually and just call the core part. 2417 */ 2418 2419 len = strlen(target) + 1; 2420 fdisp_init(&fdi, len + cnp->cn_namelen + 1); 2421 fdisp_make_vp(&fdi, FUSE_SYMLINK, dvp, curthread, NULL); 2422 2423 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 2424 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 2425 memcpy((char *)fdi.indata + cnp->cn_namelen + 1, target, len); 2426 2427 err = fuse_internal_newentry_core(dvp, vpp, cnp, VLNK, &fdi); 2428 fdisp_destroy(&fdi); 2429 return err; 2430 } 2431 2432 /* 2433 struct vnop_write_args { 2434 struct vnode *a_vp; 2435 struct uio *a_uio; 2436 int a_ioflag; 2437 struct ucred *a_cred; 2438 }; 2439 */ 2440 static int 2441 fuse_vnop_write(struct vop_write_args *ap) 2442 { 2443 struct vnode *vp = ap->a_vp; 2444 struct uio *uio = ap->a_uio; 2445 int ioflag = ap->a_ioflag; 2446 struct ucred *cred = ap->a_cred; 2447 pid_t pid = curthread->td_proc->p_pid; 2448 struct fuse_filehandle *fufh; 2449 int err; 2450 bool closefufh = false, directio; 2451 2452 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 2453 2454 if (fuse_isdeadfs(vp)) { 2455 return ENXIO; 2456 } 2457 2458 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 2459 ioflag |= IO_DIRECT; 2460 } 2461 2462 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2463 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 2464 /* 2465 * nfsd will do I/O without first doing VOP_OPEN. We 2466 * must implicitly open the file here 2467 */ 2468 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 2469 closefufh = true; 2470 } 2471 if (err) { 2472 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 2473 return err; 2474 } 2475 2476 /* 2477 * Ideally, when the daemon asks for direct io at open time, the 2478 * standard file flag should be set according to this, so that would 2479 * just change the default mode, which later on could be changed via 2480 * fcntl(2). 2481 * But this doesn't work, the O_DIRECT flag gets cleared at some point 2482 * (don't know where). So to make any use of the Fuse direct_io option, 2483 * we hardwire it into the file's private data (similarly to Linux, 2484 * btw.). 2485 */ 2486 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 2487 2488 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 2489 if (directio) { 2490 off_t start, end, filesize; 2491 bool pages = (ioflag & IO_VMIO) != 0; 2492 2493 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct write of vnode"); 2494 2495 err = fuse_vnode_size(vp, &filesize, cred, curthread); 2496 if (err) 2497 goto out; 2498 2499 start = uio->uio_offset; 2500 end = start + uio->uio_resid; 2501 if (!pages) { 2502 err = fuse_inval_buf_range(vp, filesize, start, 2503 end); 2504 if (err) 2505 goto out; 2506 } 2507 err = fuse_write_directbackend(vp, uio, cred, fufh, 2508 filesize, ioflag, pages); 2509 } else { 2510 SDT_PROBE2(fusefs, , vnops, trace, 1, 2511 "buffered write of vnode"); 2512 if (!fsess_opt_writeback(vnode_mount(vp))) 2513 ioflag |= IO_SYNC; 2514 err = fuse_write_biobackend(vp, uio, cred, fufh, ioflag, pid); 2515 } 2516 fuse_internal_clear_suid_on_write(vp, cred, uio->uio_td); 2517 2518 out: 2519 if (closefufh) 2520 fuse_filehandle_close(vp, fufh, curthread, cred); 2521 2522 return (err); 2523 } 2524 2525 static daddr_t 2526 fuse_gbp_getblkno(struct vnode *vp, vm_ooffset_t off) 2527 { 2528 const int biosize = fuse_iosize(vp); 2529 2530 return (off / biosize); 2531 } 2532 2533 static int 2534 fuse_gbp_getblksz(struct vnode *vp, daddr_t lbn, long *blksz) 2535 { 2536 off_t filesize; 2537 int err; 2538 const int biosize = fuse_iosize(vp); 2539 2540 err = fuse_vnode_size(vp, &filesize, NULL, NULL); 2541 if (err) { 2542 /* This will turn into a SIGBUS */ 2543 return (EIO); 2544 } else if ((off_t)lbn * biosize >= filesize) { 2545 *blksz = 0; 2546 } else if ((off_t)(lbn + 1) * biosize > filesize) { 2547 *blksz = filesize - (off_t)lbn *biosize; 2548 } else { 2549 *blksz = biosize; 2550 } 2551 return (0); 2552 } 2553 2554 /* 2555 struct vnop_getpages_args { 2556 struct vnode *a_vp; 2557 vm_page_t *a_m; 2558 int a_count; 2559 int a_reqpage; 2560 }; 2561 */ 2562 static int 2563 fuse_vnop_getpages(struct vop_getpages_args *ap) 2564 { 2565 struct vnode *vp = ap->a_vp; 2566 2567 if (!fsess_opt_mmap(vnode_mount(vp))) { 2568 SDT_PROBE2(fusefs, , vnops, trace, 1, 2569 "called on non-cacheable vnode??\n"); 2570 return (VM_PAGER_ERROR); 2571 } 2572 2573 return (vfs_bio_getpages(vp, ap->a_m, ap->a_count, ap->a_rbehind, 2574 ap->a_rahead, fuse_gbp_getblkno, fuse_gbp_getblksz)); 2575 } 2576 2577 static const char extattr_namespace_separator = '.'; 2578 2579 /* 2580 struct vop_getextattr_args { 2581 struct vop_generic_args a_gen; 2582 struct vnode *a_vp; 2583 int a_attrnamespace; 2584 const char *a_name; 2585 struct uio *a_uio; 2586 size_t *a_size; 2587 struct ucred *a_cred; 2588 struct thread *a_td; 2589 }; 2590 */ 2591 static int 2592 fuse_vnop_getextattr(struct vop_getextattr_args *ap) 2593 { 2594 struct vnode *vp = ap->a_vp; 2595 struct uio *uio = ap->a_uio; 2596 struct fuse_dispatcher fdi; 2597 struct fuse_getxattr_in *get_xattr_in; 2598 struct fuse_getxattr_out *get_xattr_out; 2599 struct mount *mp = vnode_mount(vp); 2600 struct thread *td = ap->a_td; 2601 struct ucred *cred = ap->a_cred; 2602 char *prefix; 2603 char *attr_str; 2604 size_t len; 2605 int err; 2606 2607 if (fuse_isdeadfs(vp)) 2608 return (ENXIO); 2609 2610 if (fsess_not_impl(mp, FUSE_GETXATTR)) 2611 return EOPNOTSUPP; 2612 2613 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2614 if (err) 2615 return err; 2616 2617 /* Default to looking for user attributes. */ 2618 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2619 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2620 else 2621 prefix = EXTATTR_NAMESPACE_USER_STRING; 2622 2623 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2624 strlen(ap->a_name) + 1; 2625 2626 fdisp_init(&fdi, len + sizeof(*get_xattr_in)); 2627 fdisp_make_vp(&fdi, FUSE_GETXATTR, vp, td, cred); 2628 2629 get_xattr_in = fdi.indata; 2630 /* 2631 * Check to see whether we're querying the available size or 2632 * issuing the actual request. If we pass in 0, we get back struct 2633 * fuse_getxattr_out. If we pass in a non-zero size, we get back 2634 * that much data, without the struct fuse_getxattr_out header. 2635 */ 2636 if (uio == NULL) 2637 get_xattr_in->size = 0; 2638 else 2639 get_xattr_in->size = uio->uio_resid; 2640 2641 attr_str = (char *)fdi.indata + sizeof(*get_xattr_in); 2642 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2643 ap->a_name); 2644 2645 err = fdisp_wait_answ(&fdi); 2646 if (err != 0) { 2647 if (err == ENOSYS) { 2648 fsess_set_notimpl(mp, FUSE_GETXATTR); 2649 err = EOPNOTSUPP; 2650 } 2651 goto out; 2652 } 2653 2654 get_xattr_out = fdi.answ; 2655 2656 if (ap->a_size != NULL) 2657 *ap->a_size = get_xattr_out->size; 2658 2659 if (uio != NULL) 2660 err = uiomove(fdi.answ, fdi.iosize, uio); 2661 2662 out: 2663 fdisp_destroy(&fdi); 2664 return (err); 2665 } 2666 2667 /* 2668 struct vop_setextattr_args { 2669 struct vop_generic_args a_gen; 2670 struct vnode *a_vp; 2671 int a_attrnamespace; 2672 const char *a_name; 2673 struct uio *a_uio; 2674 struct ucred *a_cred; 2675 struct thread *a_td; 2676 }; 2677 */ 2678 static int 2679 fuse_vnop_setextattr(struct vop_setextattr_args *ap) 2680 { 2681 struct vnode *vp = ap->a_vp; 2682 struct uio *uio = ap->a_uio; 2683 struct fuse_dispatcher fdi; 2684 struct fuse_setxattr_in *set_xattr_in; 2685 struct mount *mp = vnode_mount(vp); 2686 struct thread *td = ap->a_td; 2687 struct ucred *cred = ap->a_cred; 2688 char *prefix; 2689 size_t len; 2690 char *attr_str; 2691 int err; 2692 2693 if (fuse_isdeadfs(vp)) 2694 return (ENXIO); 2695 2696 if (fsess_not_impl(mp, FUSE_SETXATTR)) 2697 return EOPNOTSUPP; 2698 2699 if (vfs_isrdonly(mp)) 2700 return EROFS; 2701 2702 /* Deleting xattrs must use VOP_DELETEEXTATTR instead */ 2703 if (ap->a_uio == NULL) { 2704 /* 2705 * If we got here as fallback from VOP_DELETEEXTATTR, then 2706 * return EOPNOTSUPP. 2707 */ 2708 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 2709 return (EOPNOTSUPP); 2710 else 2711 return (EINVAL); 2712 } 2713 2714 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 2715 VWRITE); 2716 if (err) 2717 return err; 2718 2719 /* Default to looking for user attributes. */ 2720 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2721 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2722 else 2723 prefix = EXTATTR_NAMESPACE_USER_STRING; 2724 2725 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2726 strlen(ap->a_name) + 1; 2727 2728 fdisp_init(&fdi, len + sizeof(*set_xattr_in) + uio->uio_resid); 2729 fdisp_make_vp(&fdi, FUSE_SETXATTR, vp, td, cred); 2730 2731 set_xattr_in = fdi.indata; 2732 set_xattr_in->size = uio->uio_resid; 2733 2734 attr_str = (char *)fdi.indata + sizeof(*set_xattr_in); 2735 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2736 ap->a_name); 2737 2738 err = uiomove((char *)fdi.indata + sizeof(*set_xattr_in) + len, 2739 uio->uio_resid, uio); 2740 if (err != 0) { 2741 goto out; 2742 } 2743 2744 err = fdisp_wait_answ(&fdi); 2745 2746 if (err == ENOSYS) { 2747 fsess_set_notimpl(mp, FUSE_SETXATTR); 2748 err = EOPNOTSUPP; 2749 } 2750 if (err == ERESTART) { 2751 /* Can't restart after calling uiomove */ 2752 err = EINTR; 2753 } 2754 2755 out: 2756 fdisp_destroy(&fdi); 2757 return (err); 2758 } 2759 2760 /* 2761 * The Linux / FUSE extended attribute list is simply a collection of 2762 * NUL-terminated strings. The FreeBSD extended attribute list is a single 2763 * byte length followed by a non-NUL terminated string. So, this allows 2764 * conversion of the Linux / FUSE format to the FreeBSD format in place. 2765 * Linux attribute names are reported with the namespace as a prefix (e.g. 2766 * "user.attribute_name"), but in FreeBSD they are reported without the 2767 * namespace prefix (e.g. "attribute_name"). So, we're going from: 2768 * 2769 * user.attr_name1\0user.attr_name2\0 2770 * 2771 * to: 2772 * 2773 * <num>attr_name1<num>attr_name2 2774 * 2775 * Where "<num>" is a single byte number of characters in the attribute name. 2776 * 2777 * Args: 2778 * prefix - exattr namespace prefix string 2779 * list, list_len - input list with namespace prefixes 2780 * bsd_list, bsd_list_len - output list compatible with bsd vfs 2781 */ 2782 static int 2783 fuse_xattrlist_convert(char *prefix, const char *list, int list_len, 2784 char *bsd_list, int *bsd_list_len) 2785 { 2786 int len, pos, dist_to_next, prefix_len; 2787 2788 pos = 0; 2789 *bsd_list_len = 0; 2790 prefix_len = strlen(prefix); 2791 2792 while (pos < list_len && list[pos] != '\0') { 2793 dist_to_next = strlen(&list[pos]) + 1; 2794 if (bcmp(&list[pos], prefix, prefix_len) == 0 && 2795 list[pos + prefix_len] == extattr_namespace_separator) { 2796 len = dist_to_next - 2797 (prefix_len + sizeof(extattr_namespace_separator)) - 1; 2798 if (len >= EXTATTR_MAXNAMELEN) 2799 return (ENAMETOOLONG); 2800 2801 bsd_list[*bsd_list_len] = len; 2802 memcpy(&bsd_list[*bsd_list_len + 1], 2803 &list[pos + prefix_len + 2804 sizeof(extattr_namespace_separator)], len); 2805 2806 *bsd_list_len += len + 1; 2807 } 2808 2809 pos += dist_to_next; 2810 } 2811 2812 return (0); 2813 } 2814 2815 /* 2816 * List extended attributes 2817 * 2818 * The FUSE_LISTXATTR operation is based on Linux's listxattr(2) syscall, which 2819 * has a number of differences compared to its FreeBSD equivalent, 2820 * extattr_list_file: 2821 * 2822 * - FUSE_LISTXATTR returns all extended attributes across all namespaces, 2823 * whereas listxattr(2) only returns attributes for a single namespace 2824 * - FUSE_LISTXATTR prepends each attribute name with "namespace." 2825 * - If the provided buffer is not large enough to hold the result, 2826 * FUSE_LISTXATTR should return ERANGE, whereas listxattr is expected to 2827 * return as many results as will fit. 2828 */ 2829 /* 2830 struct vop_listextattr_args { 2831 struct vop_generic_args a_gen; 2832 struct vnode *a_vp; 2833 int a_attrnamespace; 2834 struct uio *a_uio; 2835 size_t *a_size; 2836 struct ucred *a_cred; 2837 struct thread *a_td; 2838 }; 2839 */ 2840 static int 2841 fuse_vnop_listextattr(struct vop_listextattr_args *ap) 2842 { 2843 struct vnode *vp = ap->a_vp; 2844 struct uio *uio = ap->a_uio; 2845 struct fuse_dispatcher fdi; 2846 struct fuse_listxattr_in *list_xattr_in; 2847 struct fuse_listxattr_out *list_xattr_out; 2848 struct mount *mp = vnode_mount(vp); 2849 struct thread *td = ap->a_td; 2850 struct ucred *cred = ap->a_cred; 2851 char *prefix; 2852 char *bsd_list = NULL; 2853 char *linux_list; 2854 int bsd_list_len; 2855 int linux_list_len; 2856 int err; 2857 2858 if (fuse_isdeadfs(vp)) 2859 return (ENXIO); 2860 2861 if (fsess_not_impl(mp, FUSE_LISTXATTR)) 2862 return EOPNOTSUPP; 2863 2864 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2865 if (err) 2866 return err; 2867 2868 /* 2869 * Add space for a NUL and the period separator if enabled. 2870 * Default to looking for user attributes. 2871 */ 2872 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2873 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2874 else 2875 prefix = EXTATTR_NAMESPACE_USER_STRING; 2876 2877 fdisp_init(&fdi, sizeof(*list_xattr_in)); 2878 fdisp_make_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2879 2880 /* 2881 * Retrieve Linux / FUSE compatible list size. 2882 */ 2883 list_xattr_in = fdi.indata; 2884 list_xattr_in->size = 0; 2885 2886 err = fdisp_wait_answ(&fdi); 2887 if (err != 0) { 2888 if (err == ENOSYS) { 2889 fsess_set_notimpl(mp, FUSE_LISTXATTR); 2890 err = EOPNOTSUPP; 2891 } 2892 goto out; 2893 } 2894 2895 list_xattr_out = fdi.answ; 2896 linux_list_len = list_xattr_out->size; 2897 if (linux_list_len == 0) { 2898 if (ap->a_size != NULL) 2899 *ap->a_size = linux_list_len; 2900 goto out; 2901 } 2902 2903 /* 2904 * Retrieve Linux / FUSE compatible list values. 2905 */ 2906 fdisp_refresh_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2907 list_xattr_in = fdi.indata; 2908 list_xattr_in->size = linux_list_len; 2909 2910 err = fdisp_wait_answ(&fdi); 2911 if (err == ERANGE) { 2912 /* 2913 * Race detected. The attribute list must've grown since the 2914 * first FUSE_LISTXATTR call. Start over. Go all the way back 2915 * to userland so we can process signals, if necessary, before 2916 * restarting. 2917 */ 2918 err = ERESTART; 2919 goto out; 2920 } else if (err != 0) 2921 goto out; 2922 2923 linux_list = fdi.answ; 2924 /* FUSE doesn't allow the server to return more data than requested */ 2925 if (fdi.iosize > linux_list_len) { 2926 struct fuse_data *data = fuse_get_mpdata(mp); 2927 2928 fuse_warn(data, FSESS_WARN_LSEXTATTR_LONG, 2929 "server returned " 2930 "more extended attribute data than requested; " 2931 "should've returned ERANGE instead."); 2932 } else { 2933 /* But returning less data is fine */ 2934 linux_list_len = fdi.iosize; 2935 } 2936 2937 /* 2938 * Retrieve the BSD compatible list values. 2939 * The Linux / FUSE attribute list format isn't the same 2940 * as FreeBSD's format. So we need to transform it into 2941 * FreeBSD's format before giving it to the user. 2942 */ 2943 bsd_list = malloc(linux_list_len, M_TEMP, M_WAITOK); 2944 err = fuse_xattrlist_convert(prefix, linux_list, linux_list_len, 2945 bsd_list, &bsd_list_len); 2946 if (err != 0) 2947 goto out; 2948 2949 if (ap->a_size != NULL) 2950 *ap->a_size = bsd_list_len; 2951 2952 if (uio != NULL) 2953 err = uiomove(bsd_list, bsd_list_len, uio); 2954 2955 out: 2956 free(bsd_list, M_TEMP); 2957 fdisp_destroy(&fdi); 2958 return (err); 2959 } 2960 2961 /* 2962 struct vop_deallocate_args { 2963 struct vop_generic_args a_gen; 2964 struct vnode *a_vp; 2965 off_t *a_offset; 2966 off_t *a_len; 2967 int a_flags; 2968 int a_ioflag; 2969 struct ucred *a_cred; 2970 }; 2971 */ 2972 static int 2973 fuse_vnop_deallocate(struct vop_deallocate_args *ap) 2974 { 2975 struct vnode *vp = ap->a_vp; 2976 struct mount *mp = vnode_mount(vp); 2977 struct fuse_filehandle *fufh; 2978 struct fuse_dispatcher fdi; 2979 struct fuse_fallocate_in *ffi; 2980 struct ucred *cred = ap->a_cred; 2981 pid_t pid = curthread->td_proc->p_pid; 2982 off_t *len = ap->a_len; 2983 off_t *offset = ap->a_offset; 2984 int ioflag = ap->a_ioflag; 2985 off_t filesize; 2986 int err; 2987 bool closefufh = false; 2988 2989 if (fuse_isdeadfs(vp)) 2990 return (ENXIO); 2991 2992 if (vfs_isrdonly(mp)) 2993 return (EROFS); 2994 2995 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 2996 goto fallback; 2997 2998 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2999 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 3000 /* 3001 * nfsd will do I/O without first doing VOP_OPEN. We 3002 * must implicitly open the file here 3003 */ 3004 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 3005 closefufh = true; 3006 } 3007 if (err) 3008 return (err); 3009 3010 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 3011 3012 err = fuse_vnode_size(vp, &filesize, cred, curthread); 3013 if (err) 3014 goto out; 3015 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 3016 3017 fdisp_init(&fdi, sizeof(*ffi)); 3018 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 3019 ffi = fdi.indata; 3020 ffi->fh = fufh->fh_id; 3021 ffi->offset = *offset; 3022 ffi->length = *len; 3023 /* 3024 * FreeBSD's fspacectl is equivalent to Linux's fallocate with 3025 * mode == FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE 3026 */ 3027 ffi->mode = FUSE_FALLOC_FL_PUNCH_HOLE | FUSE_FALLOC_FL_KEEP_SIZE; 3028 err = fdisp_wait_answ(&fdi); 3029 3030 if (err == ENOSYS) { 3031 fdisp_destroy(&fdi); 3032 fsess_set_notimpl(mp, FUSE_FALLOCATE); 3033 goto fallback; 3034 } else if (err == EOPNOTSUPP) { 3035 /* 3036 * The file system server does not support FUSE_FALLOCATE with 3037 * the supplied mode for this particular file. 3038 */ 3039 fdisp_destroy(&fdi); 3040 goto fallback; 3041 } else if (!err) { 3042 /* 3043 * Clip the returned offset to EoF. Do it here rather than 3044 * before FUSE_FALLOCATE just in case the kernel's cached file 3045 * size is out of date. Unfortunately, FUSE does not return 3046 * any information about filesize from that operation. 3047 */ 3048 *offset = MIN(*offset + *len, filesize); 3049 *len = 0; 3050 fuse_vnode_undirty_cached_timestamps(vp, false); 3051 fuse_internal_clear_suid_on_write(vp, cred, curthread); 3052 3053 if (ioflag & IO_SYNC) 3054 err = fuse_internal_fsync(vp, curthread, MNT_WAIT, 3055 false); 3056 } 3057 3058 out: 3059 fdisp_destroy(&fdi); 3060 if (closefufh) 3061 fuse_filehandle_close(vp, fufh, curthread, cred); 3062 3063 return (err); 3064 3065 fallback: 3066 if (closefufh) 3067 fuse_filehandle_close(vp, fufh, curthread, cred); 3068 3069 return (vop_stddeallocate(ap)); 3070 } 3071 3072 /* 3073 struct vop_deleteextattr_args { 3074 struct vop_generic_args a_gen; 3075 struct vnode *a_vp; 3076 int a_attrnamespace; 3077 const char *a_name; 3078 struct ucred *a_cred; 3079 struct thread *a_td; 3080 }; 3081 */ 3082 static int 3083 fuse_vnop_deleteextattr(struct vop_deleteextattr_args *ap) 3084 { 3085 struct vnode *vp = ap->a_vp; 3086 struct fuse_dispatcher fdi; 3087 struct mount *mp = vnode_mount(vp); 3088 struct thread *td = ap->a_td; 3089 struct ucred *cred = ap->a_cred; 3090 char *prefix; 3091 size_t len; 3092 char *attr_str; 3093 int err; 3094 3095 if (fuse_isdeadfs(vp)) 3096 return (ENXIO); 3097 3098 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 3099 return EOPNOTSUPP; 3100 3101 if (vfs_isrdonly(mp)) 3102 return EROFS; 3103 3104 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 3105 VWRITE); 3106 if (err) 3107 return err; 3108 3109 /* Default to looking for user attributes. */ 3110 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 3111 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 3112 else 3113 prefix = EXTATTR_NAMESPACE_USER_STRING; 3114 3115 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 3116 strlen(ap->a_name) + 1; 3117 3118 fdisp_init(&fdi, len); 3119 fdisp_make_vp(&fdi, FUSE_REMOVEXATTR, vp, td, cred); 3120 3121 attr_str = fdi.indata; 3122 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 3123 ap->a_name); 3124 3125 err = fdisp_wait_answ(&fdi); 3126 if (err == ENOSYS) { 3127 fsess_set_notimpl(mp, FUSE_REMOVEXATTR); 3128 err = EOPNOTSUPP; 3129 } 3130 3131 fdisp_destroy(&fdi); 3132 return (err); 3133 } 3134 3135 /* 3136 struct vnop_print_args { 3137 struct vnode *a_vp; 3138 }; 3139 */ 3140 static int 3141 fuse_vnop_print(struct vop_print_args *ap) 3142 { 3143 struct fuse_vnode_data *fvdat = VTOFUD(ap->a_vp); 3144 3145 printf("nodeid: %ju, parent nodeid: %ju, nlookup: %ju, flag: %#x\n", 3146 (uintmax_t)VTOILLU(ap->a_vp), (uintmax_t)fvdat->parent_nid, 3147 (uintmax_t)fvdat->nlookup, 3148 fvdat->flag); 3149 3150 return 0; 3151 } 3152 3153 /* 3154 * Get an NFS filehandle for a FUSE file. 3155 * 3156 * This will only work for FUSE file systems that guarantee the uniqueness of 3157 * nodeid:generation, which most don't. 3158 */ 3159 /* 3160 vop_vptofh { 3161 IN struct vnode *a_vp; 3162 IN struct fid *a_fhp; 3163 }; 3164 */ 3165 static int 3166 fuse_vnop_vptofh(struct vop_vptofh_args *ap) 3167 { 3168 struct vnode *vp = ap->a_vp; 3169 struct fuse_vnode_data *fvdat = VTOFUD(vp); 3170 struct fuse_fid *fhp = (struct fuse_fid *)(ap->a_fhp); 3171 _Static_assert(sizeof(struct fuse_fid) <= sizeof(struct fid), 3172 "FUSE fid type is too big"); 3173 struct mount *mp = vnode_mount(vp); 3174 struct fuse_data *data = fuse_get_mpdata(mp); 3175 struct vattr va; 3176 int err; 3177 3178 if (!(data->dataflags & FSESS_EXPORT_SUPPORT)) { 3179 /* NFS requires lookups for "." and ".." */ 3180 SDT_PROBE2(fusefs, , vnops, trace, 1, 3181 "VOP_VPTOFH without FUSE_EXPORT_SUPPORT"); 3182 return EOPNOTSUPP; 3183 } 3184 if ((mp->mnt_flag & MNT_EXPORTED) && 3185 !(data->dataflags & FSESS_NO_OPENDIR_SUPPORT)) 3186 { 3187 /* 3188 * NFS is stateless, so nfsd must reopen a directory on every 3189 * call to VOP_READDIR, passing in the d_off field from the 3190 * final dirent of the previous invocation. But without 3191 * FUSE_NO_OPENDIR_SUPPORT, the FUSE protocol does not 3192 * guarantee that d_off will be valid after a directory is 3193 * closed and reopened. So prohibit exporting FUSE file 3194 * systems that don't set that flag. 3195 * 3196 * But userspace NFS servers don't have this problem. 3197 */ 3198 SDT_PROBE2(fusefs, , vnops, trace, 1, 3199 "VOP_VPTOFH without FUSE_NO_OPENDIR_SUPPORT"); 3200 return EOPNOTSUPP; 3201 } 3202 3203 err = fuse_internal_getattr(vp, &va, curthread->td_ucred, curthread); 3204 if (err) 3205 return err; 3206 3207 /*ip = VTOI(ap->a_vp);*/ 3208 /*ufhp = (struct ufid *)ap->a_fhp;*/ 3209 fhp->len = sizeof(struct fuse_fid); 3210 fhp->nid = fvdat->nid; 3211 if (fvdat->generation <= UINT32_MAX) 3212 fhp->gen = fvdat->generation; 3213 else 3214 return EOVERFLOW; 3215 return (0); 3216 } 3217