1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2007-2009 Google Inc. and Amit Singh 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are 9 * met: 10 * 11 * * Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * * Redistributions in binary form must reproduce the above 14 * copyright notice, this list of conditions and the following disclaimer 15 * in the documentation and/or other materials provided with the 16 * distribution. 17 * * Neither the name of Google Inc. nor the names of its 18 * contributors may be used to endorse or promote products derived from 19 * this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 * Copyright (C) 2005 Csaba Henk. 34 * All rights reserved. 35 * 36 * Copyright (c) 2019 The FreeBSD Foundation 37 * 38 * Portions of this software were developed by BFF Storage Systems, LLC under 39 * sponsorship from the FreeBSD Foundation. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 50 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 */ 62 63 #include <sys/cdefs.h> 64 __FBSDID("$FreeBSD$"); 65 66 #include <sys/param.h> 67 #include <sys/module.h> 68 #include <sys/systm.h> 69 #include <sys/errno.h> 70 #include <sys/kernel.h> 71 #include <sys/conf.h> 72 #include <sys/filio.h> 73 #include <sys/uio.h> 74 #include <sys/malloc.h> 75 #include <sys/queue.h> 76 #include <sys/limits.h> 77 #include <sys/lock.h> 78 #include <sys/rwlock.h> 79 #include <sys/sx.h> 80 #include <sys/proc.h> 81 #include <sys/mount.h> 82 #include <sys/vnode.h> 83 #include <sys/namei.h> 84 #include <sys/extattr.h> 85 #include <sys/stat.h> 86 #include <sys/unistd.h> 87 #include <sys/filedesc.h> 88 #include <sys/file.h> 89 #include <sys/fcntl.h> 90 #include <sys/dirent.h> 91 #include <sys/bio.h> 92 #include <sys/buf.h> 93 #include <sys/sysctl.h> 94 #include <sys/vmmeter.h> 95 96 #include <vm/vm.h> 97 #include <vm/vm_extern.h> 98 #include <vm/pmap.h> 99 #include <vm/vm_map.h> 100 #include <vm/vm_page.h> 101 #include <vm/vm_param.h> 102 #include <vm/vm_object.h> 103 #include <vm/vm_pager.h> 104 #include <vm/vnode_pager.h> 105 #include <vm/vm_object.h> 106 107 #include "fuse.h" 108 #include "fuse_file.h" 109 #include "fuse_internal.h" 110 #include "fuse_ipc.h" 111 #include "fuse_node.h" 112 #include "fuse_io.h" 113 114 #include <sys/priv.h> 115 116 /* Maximum number of hardlinks to a single FUSE file */ 117 #define FUSE_LINK_MAX UINT32_MAX 118 119 SDT_PROVIDER_DECLARE(fusefs); 120 /* 121 * Fuse trace probe: 122 * arg0: verbosity. Higher numbers give more verbose messages 123 * arg1: Textual message 124 */ 125 SDT_PROBE_DEFINE2(fusefs, , vnops, trace, "int", "char*"); 126 127 /* vnode ops */ 128 static vop_access_t fuse_vnop_access; 129 static vop_advlock_t fuse_vnop_advlock; 130 static vop_allocate_t fuse_vnop_allocate; 131 static vop_bmap_t fuse_vnop_bmap; 132 static vop_close_t fuse_fifo_close; 133 static vop_close_t fuse_vnop_close; 134 static vop_copy_file_range_t fuse_vnop_copy_file_range; 135 static vop_create_t fuse_vnop_create; 136 static vop_deallocate_t fuse_vnop_deallocate; 137 static vop_deleteextattr_t fuse_vnop_deleteextattr; 138 static vop_fdatasync_t fuse_vnop_fdatasync; 139 static vop_fsync_t fuse_vnop_fsync; 140 static vop_getattr_t fuse_vnop_getattr; 141 static vop_getextattr_t fuse_vnop_getextattr; 142 static vop_inactive_t fuse_vnop_inactive; 143 static vop_ioctl_t fuse_vnop_ioctl; 144 static vop_link_t fuse_vnop_link; 145 static vop_listextattr_t fuse_vnop_listextattr; 146 static vop_lookup_t fuse_vnop_lookup; 147 static vop_mkdir_t fuse_vnop_mkdir; 148 static vop_mknod_t fuse_vnop_mknod; 149 static vop_open_t fuse_vnop_open; 150 static vop_pathconf_t fuse_vnop_pathconf; 151 static vop_read_t fuse_vnop_read; 152 static vop_readdir_t fuse_vnop_readdir; 153 static vop_readlink_t fuse_vnop_readlink; 154 static vop_reclaim_t fuse_vnop_reclaim; 155 static vop_remove_t fuse_vnop_remove; 156 static vop_rename_t fuse_vnop_rename; 157 static vop_rmdir_t fuse_vnop_rmdir; 158 static vop_setattr_t fuse_vnop_setattr; 159 static vop_setextattr_t fuse_vnop_setextattr; 160 static vop_strategy_t fuse_vnop_strategy; 161 static vop_symlink_t fuse_vnop_symlink; 162 static vop_write_t fuse_vnop_write; 163 static vop_getpages_t fuse_vnop_getpages; 164 static vop_print_t fuse_vnop_print; 165 static vop_vptofh_t fuse_vnop_vptofh; 166 167 struct vop_vector fuse_fifoops = { 168 .vop_default = &fifo_specops, 169 .vop_access = fuse_vnop_access, 170 .vop_close = fuse_fifo_close, 171 .vop_fsync = fuse_vnop_fsync, 172 .vop_getattr = fuse_vnop_getattr, 173 .vop_inactive = fuse_vnop_inactive, 174 .vop_pathconf = fuse_vnop_pathconf, 175 .vop_print = fuse_vnop_print, 176 .vop_read = VOP_PANIC, 177 .vop_reclaim = fuse_vnop_reclaim, 178 .vop_setattr = fuse_vnop_setattr, 179 .vop_write = VOP_PANIC, 180 .vop_vptofh = fuse_vnop_vptofh, 181 }; 182 VFS_VOP_VECTOR_REGISTER(fuse_fifoops); 183 184 struct vop_vector fuse_vnops = { 185 .vop_allocate = fuse_vnop_allocate, 186 .vop_default = &default_vnodeops, 187 .vop_access = fuse_vnop_access, 188 .vop_advlock = fuse_vnop_advlock, 189 .vop_bmap = fuse_vnop_bmap, 190 .vop_close = fuse_vnop_close, 191 .vop_copy_file_range = fuse_vnop_copy_file_range, 192 .vop_create = fuse_vnop_create, 193 .vop_deallocate = fuse_vnop_deallocate, 194 .vop_deleteextattr = fuse_vnop_deleteextattr, 195 .vop_fsync = fuse_vnop_fsync, 196 .vop_fdatasync = fuse_vnop_fdatasync, 197 .vop_getattr = fuse_vnop_getattr, 198 .vop_getextattr = fuse_vnop_getextattr, 199 .vop_inactive = fuse_vnop_inactive, 200 .vop_ioctl = fuse_vnop_ioctl, 201 .vop_link = fuse_vnop_link, 202 .vop_listextattr = fuse_vnop_listextattr, 203 .vop_lookup = fuse_vnop_lookup, 204 .vop_mkdir = fuse_vnop_mkdir, 205 .vop_mknod = fuse_vnop_mknod, 206 .vop_open = fuse_vnop_open, 207 .vop_pathconf = fuse_vnop_pathconf, 208 /* 209 * TODO: implement vop_poll after upgrading to protocol 7.21. 210 * FUSE_POLL was added in protocol 7.11, but it's kind of broken until 211 * 7.21, which adds the ability for the client to choose which poll 212 * events it wants, and for a client to deregister a file handle 213 */ 214 .vop_read = fuse_vnop_read, 215 .vop_readdir = fuse_vnop_readdir, 216 .vop_readlink = fuse_vnop_readlink, 217 .vop_reclaim = fuse_vnop_reclaim, 218 .vop_remove = fuse_vnop_remove, 219 .vop_rename = fuse_vnop_rename, 220 .vop_rmdir = fuse_vnop_rmdir, 221 .vop_setattr = fuse_vnop_setattr, 222 .vop_setextattr = fuse_vnop_setextattr, 223 .vop_strategy = fuse_vnop_strategy, 224 .vop_symlink = fuse_vnop_symlink, 225 .vop_write = fuse_vnop_write, 226 .vop_getpages = fuse_vnop_getpages, 227 .vop_print = fuse_vnop_print, 228 .vop_vptofh = fuse_vnop_vptofh, 229 }; 230 VFS_VOP_VECTOR_REGISTER(fuse_vnops); 231 232 uma_zone_t fuse_pbuf_zone; 233 234 /* Check permission for extattr operations, much like extattr_check_cred */ 235 static int 236 fuse_extattr_check_cred(struct vnode *vp, int ns, struct ucred *cred, 237 struct thread *td, accmode_t accmode) 238 { 239 struct mount *mp = vnode_mount(vp); 240 struct fuse_data *data = fuse_get_mpdata(mp); 241 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 242 243 /* 244 * Kernel-invoked always succeeds. 245 */ 246 if (cred == NOCRED) 247 return (0); 248 249 /* 250 * Do not allow privileged processes in jail to directly manipulate 251 * system attributes. 252 */ 253 switch (ns) { 254 case EXTATTR_NAMESPACE_SYSTEM: 255 if (default_permissions) { 256 return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM)); 257 } 258 return (0); 259 case EXTATTR_NAMESPACE_USER: 260 if (default_permissions) { 261 return (fuse_internal_access(vp, accmode, td, cred)); 262 } 263 return (0); 264 default: 265 return (EPERM); 266 } 267 } 268 269 /* Get a filehandle for a directory */ 270 static int 271 fuse_filehandle_get_dir(struct vnode *vp, struct fuse_filehandle **fufhp, 272 struct ucred *cred, pid_t pid) 273 { 274 if (fuse_filehandle_get(vp, FREAD, fufhp, cred, pid) == 0) 275 return 0; 276 return fuse_filehandle_get(vp, FEXEC, fufhp, cred, pid); 277 } 278 279 /* Send FUSE_FLUSH for this vnode */ 280 static int 281 fuse_flush(struct vnode *vp, struct ucred *cred, pid_t pid, int fflag) 282 { 283 struct fuse_flush_in *ffi; 284 struct fuse_filehandle *fufh; 285 struct fuse_dispatcher fdi; 286 struct thread *td = curthread; 287 struct mount *mp = vnode_mount(vp); 288 int err; 289 290 if (fsess_not_impl(vnode_mount(vp), FUSE_FLUSH)) 291 return 0; 292 293 err = fuse_filehandle_getrw(vp, fflag, &fufh, cred, pid); 294 if (err) 295 return err; 296 297 fdisp_init(&fdi, sizeof(*ffi)); 298 fdisp_make_vp(&fdi, FUSE_FLUSH, vp, td, cred); 299 ffi = fdi.indata; 300 ffi->fh = fufh->fh_id; 301 /* 302 * If the file has a POSIX lock then we're supposed to set lock_owner. 303 * If not, then lock_owner is undefined. So we may as well always set 304 * it. 305 */ 306 ffi->lock_owner = td->td_proc->p_pid; 307 308 err = fdisp_wait_answ(&fdi); 309 if (err == ENOSYS) { 310 fsess_set_notimpl(mp, FUSE_FLUSH); 311 err = 0; 312 } 313 fdisp_destroy(&fdi); 314 return err; 315 } 316 317 /* Close wrapper for fifos. */ 318 static int 319 fuse_fifo_close(struct vop_close_args *ap) 320 { 321 return (fifo_specops.vop_close(ap)); 322 } 323 324 /* Invalidate a range of cached data, whether dirty of not */ 325 static int 326 fuse_inval_buf_range(struct vnode *vp, off_t filesize, off_t start, off_t end) 327 { 328 struct buf *bp; 329 daddr_t left_lbn, end_lbn, right_lbn; 330 off_t new_filesize; 331 int iosize, left_on, right_on, right_blksize; 332 333 iosize = fuse_iosize(vp); 334 left_lbn = start / iosize; 335 end_lbn = howmany(end, iosize); 336 left_on = start & (iosize - 1); 337 if (left_on != 0) { 338 bp = getblk(vp, left_lbn, iosize, PCATCH, 0, 0); 339 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyend >= left_on) { 340 /* 341 * Flush the dirty buffer, because we don't have a 342 * byte-granular way to record which parts of the 343 * buffer are valid. 344 */ 345 bwrite(bp); 346 if (bp->b_error) 347 return (bp->b_error); 348 } else { 349 brelse(bp); 350 } 351 } 352 right_on = end & (iosize - 1); 353 if (right_on != 0) { 354 right_lbn = end / iosize; 355 new_filesize = MAX(filesize, end); 356 right_blksize = MIN(iosize, new_filesize - iosize * right_lbn); 357 bp = getblk(vp, right_lbn, right_blksize, PCATCH, 0, 0); 358 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyoff < right_on) { 359 /* 360 * Flush the dirty buffer, because we don't have a 361 * byte-granular way to record which parts of the 362 * buffer are valid. 363 */ 364 bwrite(bp); 365 if (bp->b_error) 366 return (bp->b_error); 367 } else { 368 brelse(bp); 369 } 370 } 371 372 v_inval_buf_range(vp, left_lbn, end_lbn, iosize); 373 return (0); 374 } 375 376 377 /* Send FUSE_LSEEK for this node */ 378 static int 379 fuse_vnop_do_lseek(struct vnode *vp, struct thread *td, struct ucred *cred, 380 pid_t pid, off_t *offp, int whence) 381 { 382 struct fuse_dispatcher fdi; 383 struct fuse_filehandle *fufh; 384 struct fuse_lseek_in *flsi; 385 struct fuse_lseek_out *flso; 386 struct mount *mp = vnode_mount(vp); 387 int err; 388 389 ASSERT_VOP_LOCKED(vp, __func__); 390 391 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 392 if (err) 393 return (err); 394 fdisp_init(&fdi, sizeof(*flsi)); 395 fdisp_make_vp(&fdi, FUSE_LSEEK, vp, td, cred); 396 flsi = fdi.indata; 397 flsi->fh = fufh->fh_id; 398 flsi->offset = *offp; 399 flsi->whence = whence; 400 err = fdisp_wait_answ(&fdi); 401 if (err == ENOSYS) { 402 fsess_set_notimpl(mp, FUSE_LSEEK); 403 } else if (err == 0) { 404 fsess_set_impl(mp, FUSE_LSEEK); 405 flso = fdi.answ; 406 *offp = flso->offset; 407 } 408 fdisp_destroy(&fdi); 409 410 return (err); 411 } 412 413 /* 414 struct vnop_access_args { 415 struct vnode *a_vp; 416 #if VOP_ACCESS_TAKES_ACCMODE_T 417 accmode_t a_accmode; 418 #else 419 int a_mode; 420 #endif 421 struct ucred *a_cred; 422 struct thread *a_td; 423 }; 424 */ 425 static int 426 fuse_vnop_access(struct vop_access_args *ap) 427 { 428 struct vnode *vp = ap->a_vp; 429 int accmode = ap->a_accmode; 430 struct ucred *cred = ap->a_cred; 431 432 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 433 434 int err; 435 436 if (fuse_isdeadfs(vp)) { 437 if (vnode_isvroot(vp)) { 438 return 0; 439 } 440 return ENXIO; 441 } 442 if (!(data->dataflags & FSESS_INITED)) { 443 if (vnode_isvroot(vp)) { 444 if (priv_check_cred(cred, PRIV_VFS_ADMIN) || 445 (fuse_match_cred(data->daemoncred, cred) == 0)) { 446 return 0; 447 } 448 } 449 return EBADF; 450 } 451 if (vnode_islnk(vp)) { 452 return 0; 453 } 454 455 err = fuse_internal_access(vp, accmode, ap->a_td, ap->a_cred); 456 return err; 457 } 458 459 /* 460 * struct vop_advlock_args { 461 * struct vop_generic_args a_gen; 462 * struct vnode *a_vp; 463 * void *a_id; 464 * int a_op; 465 * struct flock *a_fl; 466 * int a_flags; 467 * } 468 */ 469 static int 470 fuse_vnop_advlock(struct vop_advlock_args *ap) 471 { 472 struct vnode *vp = ap->a_vp; 473 struct flock *fl = ap->a_fl; 474 struct thread *td = curthread; 475 struct ucred *cred = td->td_ucred; 476 pid_t pid = td->td_proc->p_pid; 477 struct fuse_filehandle *fufh; 478 struct fuse_dispatcher fdi; 479 struct fuse_lk_in *fli; 480 struct fuse_lk_out *flo; 481 struct vattr vattr; 482 enum fuse_opcode op; 483 off_t size, start; 484 int dataflags, err; 485 int flags = ap->a_flags; 486 487 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 488 489 if (fuse_isdeadfs(vp)) { 490 return ENXIO; 491 } 492 493 switch(ap->a_op) { 494 case F_GETLK: 495 op = FUSE_GETLK; 496 break; 497 case F_SETLK: 498 if (flags & F_WAIT) 499 op = FUSE_SETLKW; 500 else 501 op = FUSE_SETLK; 502 break; 503 case F_UNLCK: 504 op = FUSE_SETLK; 505 break; 506 default: 507 return EINVAL; 508 } 509 510 if (!(dataflags & FSESS_POSIX_LOCKS)) 511 return vop_stdadvlock(ap); 512 /* FUSE doesn't properly support flock until protocol 7.17 */ 513 if (flags & F_FLOCK) 514 return vop_stdadvlock(ap); 515 516 vn_lock(vp, LK_SHARED | LK_RETRY); 517 518 switch (fl->l_whence) { 519 case SEEK_SET: 520 case SEEK_CUR: 521 /* 522 * Caller is responsible for adding any necessary offset 523 * when SEEK_CUR is used. 524 */ 525 start = fl->l_start; 526 break; 527 528 case SEEK_END: 529 err = fuse_internal_getattr(vp, &vattr, cred, td); 530 if (err) 531 goto out; 532 size = vattr.va_size; 533 if (size > OFF_MAX || 534 (fl->l_start > 0 && size > OFF_MAX - fl->l_start)) { 535 err = EOVERFLOW; 536 goto out; 537 } 538 start = size + fl->l_start; 539 break; 540 541 default: 542 return (EINVAL); 543 } 544 545 err = fuse_filehandle_get_anyflags(vp, &fufh, cred, pid); 546 if (err) 547 goto out; 548 549 fdisp_init(&fdi, sizeof(*fli)); 550 551 fdisp_make_vp(&fdi, op, vp, td, cred); 552 fli = fdi.indata; 553 fli->fh = fufh->fh_id; 554 fli->owner = td->td_proc->p_pid; 555 fli->lk.start = start; 556 if (fl->l_len != 0) 557 fli->lk.end = start + fl->l_len - 1; 558 else 559 fli->lk.end = INT64_MAX; 560 fli->lk.type = fl->l_type; 561 fli->lk.pid = td->td_proc->p_pid; 562 563 err = fdisp_wait_answ(&fdi); 564 fdisp_destroy(&fdi); 565 566 if (err == 0 && op == FUSE_GETLK) { 567 flo = fdi.answ; 568 fl->l_type = flo->lk.type; 569 fl->l_whence = SEEK_SET; 570 if (flo->lk.type != F_UNLCK) { 571 fl->l_pid = flo->lk.pid; 572 fl->l_start = flo->lk.start; 573 if (flo->lk.end == INT64_MAX) 574 fl->l_len = 0; 575 else 576 fl->l_len = flo->lk.end - flo->lk.start + 1; 577 fl->l_start = flo->lk.start; 578 } 579 } 580 581 out: 582 VOP_UNLOCK(vp); 583 return err; 584 } 585 586 static int 587 fuse_vnop_allocate(struct vop_allocate_args *ap) 588 { 589 struct vnode *vp = ap->a_vp; 590 off_t *len = ap->a_len; 591 off_t *offset = ap->a_offset; 592 struct ucred *cred = ap->a_cred; 593 struct fuse_filehandle *fufh; 594 struct mount *mp = vnode_mount(vp); 595 struct fuse_dispatcher fdi; 596 struct fuse_fallocate_in *ffi; 597 struct uio io; 598 pid_t pid = curthread->td_proc->p_pid; 599 struct fuse_vnode_data *fvdat = VTOFUD(vp); 600 off_t filesize; 601 int err; 602 603 if (fuse_isdeadfs(vp)) 604 return (ENXIO); 605 606 switch (vp->v_type) { 607 case VFIFO: 608 return (ESPIPE); 609 case VLNK: 610 case VREG: 611 if (vfs_isrdonly(mp)) 612 return (EROFS); 613 break; 614 default: 615 return (ENODEV); 616 } 617 618 if (vfs_isrdonly(mp)) 619 return (EROFS); 620 621 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 622 return (EINVAL); 623 624 io.uio_offset = *offset; 625 io.uio_resid = *len; 626 err = vn_rlimit_fsize(vp, &io, curthread); 627 if (err) 628 return (err); 629 630 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 631 if (err) 632 return (err); 633 634 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 635 636 err = fuse_vnode_size(vp, &filesize, cred, curthread); 637 if (err) 638 return (err); 639 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 640 641 fdisp_init(&fdi, sizeof(*ffi)); 642 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 643 ffi = fdi.indata; 644 ffi->fh = fufh->fh_id; 645 ffi->offset = *offset; 646 ffi->length = *len; 647 ffi->mode = 0; 648 err = fdisp_wait_answ(&fdi); 649 650 if (err == ENOSYS) { 651 fsess_set_notimpl(mp, FUSE_FALLOCATE); 652 err = EINVAL; 653 } else if (err == EOPNOTSUPP) { 654 /* 655 * The file system server does not support FUSE_FALLOCATE with 656 * the supplied mode for this particular file. 657 */ 658 err = EINVAL; 659 } else if (!err) { 660 *offset += *len; 661 *len = 0; 662 fuse_vnode_undirty_cached_timestamps(vp, false); 663 fuse_internal_clear_suid_on_write(vp, cred, curthread); 664 if (*offset > fvdat->cached_attrs.va_size) { 665 fuse_vnode_setsize(vp, *offset, false); 666 getnanouptime(&fvdat->last_local_modify); 667 } 668 } 669 670 fdisp_destroy(&fdi); 671 return (err); 672 } 673 674 /* { 675 struct vnode *a_vp; 676 daddr_t a_bn; 677 struct bufobj **a_bop; 678 daddr_t *a_bnp; 679 int *a_runp; 680 int *a_runb; 681 } */ 682 static int 683 fuse_vnop_bmap(struct vop_bmap_args *ap) 684 { 685 struct vnode *vp = ap->a_vp; 686 struct bufobj **bo = ap->a_bop; 687 struct thread *td = curthread; 688 struct mount *mp; 689 struct fuse_dispatcher fdi; 690 struct fuse_bmap_in *fbi; 691 struct fuse_bmap_out *fbo; 692 struct fuse_data *data; 693 struct fuse_vnode_data *fvdat = VTOFUD(vp); 694 uint64_t biosize; 695 off_t fsize; 696 daddr_t lbn = ap->a_bn; 697 daddr_t *pbn = ap->a_bnp; 698 int *runp = ap->a_runp; 699 int *runb = ap->a_runb; 700 int error = 0; 701 int maxrun; 702 703 if (fuse_isdeadfs(vp)) { 704 return ENXIO; 705 } 706 707 mp = vnode_mount(vp); 708 data = fuse_get_mpdata(mp); 709 biosize = fuse_iosize(vp); 710 maxrun = MIN(vp->v_mount->mnt_iosize_max / biosize - 1, 711 data->max_readahead_blocks); 712 713 if (bo != NULL) 714 *bo = &vp->v_bufobj; 715 716 /* 717 * The FUSE_BMAP operation does not include the runp and runb 718 * variables, so we must guess. Report nonzero contiguous runs so 719 * cluster_read will combine adjacent reads. It's worthwhile to reduce 720 * upcalls even if we don't know the true physical layout of the file. 721 * 722 * FUSE file systems may opt out of read clustering in two ways: 723 * * mounting with -onoclusterr 724 * * Setting max_readahead <= maxbcachebuf during FUSE_INIT 725 */ 726 if (runb != NULL) 727 *runb = MIN(lbn, maxrun); 728 if (runp != NULL && maxrun == 0) 729 *runp = 0; 730 else if (runp != NULL) { 731 /* 732 * If the file's size is cached, use that value to calculate 733 * runp, even if the cache is expired. runp is only advisory, 734 * and the risk of getting it wrong is not worth the cost of 735 * another upcall. 736 */ 737 if (fvdat->cached_attrs.va_size != VNOVAL) 738 fsize = fvdat->cached_attrs.va_size; 739 else 740 error = fuse_vnode_size(vp, &fsize, td->td_ucred, td); 741 if (error == 0) 742 *runp = MIN(MAX(0, fsize / (off_t)biosize - lbn - 1), 743 maxrun); 744 else 745 *runp = 0; 746 } 747 748 if (fsess_maybe_impl(mp, FUSE_BMAP)) { 749 fdisp_init(&fdi, sizeof(*fbi)); 750 fdisp_make_vp(&fdi, FUSE_BMAP, vp, td, td->td_ucred); 751 fbi = fdi.indata; 752 fbi->block = lbn; 753 fbi->blocksize = biosize; 754 error = fdisp_wait_answ(&fdi); 755 if (error == ENOSYS) { 756 fdisp_destroy(&fdi); 757 fsess_set_notimpl(mp, FUSE_BMAP); 758 error = 0; 759 } else { 760 fbo = fdi.answ; 761 if (error == 0 && pbn != NULL) 762 *pbn = fbo->block; 763 fdisp_destroy(&fdi); 764 return error; 765 } 766 } 767 768 /* If the daemon doesn't support BMAP, make up a sensible default */ 769 if (pbn != NULL) 770 *pbn = lbn * btodb(biosize); 771 return (error); 772 } 773 774 /* 775 struct vop_close_args { 776 struct vnode *a_vp; 777 int a_fflag; 778 struct ucred *a_cred; 779 struct thread *a_td; 780 }; 781 */ 782 static int 783 fuse_vnop_close(struct vop_close_args *ap) 784 { 785 struct vnode *vp = ap->a_vp; 786 struct ucred *cred = ap->a_cred; 787 int fflag = ap->a_fflag; 788 struct thread *td = ap->a_td; 789 pid_t pid = td->td_proc->p_pid; 790 struct fuse_vnode_data *fvdat = VTOFUD(vp); 791 int err = 0; 792 793 if (fuse_isdeadfs(vp)) 794 return 0; 795 if (vnode_isdir(vp)) 796 return 0; 797 if (fflag & IO_NDELAY) 798 return 0; 799 800 err = fuse_flush(vp, cred, pid, fflag); 801 if (err == 0 && (fvdat->flag & FN_ATIMECHANGE)) { 802 struct vattr vap; 803 804 VATTR_NULL(&vap); 805 vap.va_atime = fvdat->cached_attrs.va_atime; 806 err = fuse_internal_setattr(vp, &vap, td, NULL); 807 } 808 /* TODO: close the file handle, if we're sure it's no longer used */ 809 if ((fvdat->flag & FN_SIZECHANGE) != 0) { 810 fuse_vnode_savesize(vp, cred, td->td_proc->p_pid); 811 } 812 return err; 813 } 814 815 /* 816 struct vop_copy_file_range_args { 817 struct vop_generic_args a_gen; 818 struct vnode *a_invp; 819 off_t *a_inoffp; 820 struct vnode *a_outvp; 821 off_t *a_outoffp; 822 size_t *a_lenp; 823 unsigned int a_flags; 824 struct ucred *a_incred; 825 struct ucred *a_outcred; 826 struct thread *a_fsizetd; 827 } 828 */ 829 static int 830 fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) 831 { 832 struct vnode *invp = ap->a_invp; 833 struct vnode *outvp = ap->a_outvp; 834 struct mount *mp = vnode_mount(invp); 835 struct fuse_vnode_data *outfvdat = VTOFUD(outvp); 836 struct fuse_dispatcher fdi; 837 struct fuse_filehandle *infufh, *outfufh; 838 struct fuse_copy_file_range_in *fcfri; 839 struct ucred *incred = ap->a_incred; 840 struct ucred *outcred = ap->a_outcred; 841 struct fuse_write_out *fwo; 842 struct thread *td; 843 struct uio io; 844 off_t outfilesize; 845 ssize_t r = 0; 846 pid_t pid; 847 int err; 848 849 if (mp != vnode_mount(outvp)) 850 goto fallback; 851 852 if (incred->cr_uid != outcred->cr_uid) 853 goto fallback; 854 855 if (incred->cr_groups[0] != outcred->cr_groups[0]) 856 goto fallback; 857 858 if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE)) 859 goto fallback; 860 861 if (ap->a_fsizetd == NULL) 862 td = curthread; 863 else 864 td = ap->a_fsizetd; 865 pid = td->td_proc->p_pid; 866 867 /* Lock both vnodes, avoiding risk of deadlock. */ 868 do { 869 err = vn_lock(outvp, LK_EXCLUSIVE); 870 if (invp == outvp) 871 break; 872 if (err == 0) { 873 err = vn_lock(invp, LK_SHARED | LK_NOWAIT); 874 if (err == 0) 875 break; 876 VOP_UNLOCK(outvp); 877 err = vn_lock(invp, LK_SHARED); 878 if (err == 0) 879 VOP_UNLOCK(invp); 880 } 881 } while (err == 0); 882 if (err != 0) 883 return (err); 884 885 err = fuse_filehandle_getrw(invp, FREAD, &infufh, incred, pid); 886 if (err) 887 goto unlock; 888 889 err = fuse_filehandle_getrw(outvp, FWRITE, &outfufh, outcred, pid); 890 if (err) 891 goto unlock; 892 893 io.uio_resid = *ap->a_lenp; 894 if (ap->a_fsizetd) { 895 io.uio_offset = *ap->a_outoffp; 896 err = vn_rlimit_fsizex(outvp, &io, 0, &r, ap->a_fsizetd); 897 if (err != 0) 898 goto unlock; 899 } 900 901 err = fuse_vnode_size(outvp, &outfilesize, outcred, curthread); 902 if (err) 903 goto unlock; 904 905 err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp, 906 *ap->a_outoffp + io.uio_resid); 907 if (err) 908 goto unlock; 909 910 fdisp_init(&fdi, sizeof(*fcfri)); 911 fdisp_make_vp(&fdi, FUSE_COPY_FILE_RANGE, invp, td, incred); 912 fcfri = fdi.indata; 913 fcfri->fh_in = infufh->fh_id; 914 fcfri->off_in = *ap->a_inoffp; 915 fcfri->nodeid_out = VTOI(outvp); 916 fcfri->fh_out = outfufh->fh_id; 917 fcfri->off_out = *ap->a_outoffp; 918 fcfri->len = io.uio_resid; 919 fcfri->flags = 0; 920 921 err = fdisp_wait_answ(&fdi); 922 if (err == 0) { 923 fwo = fdi.answ; 924 *ap->a_lenp = fwo->size; 925 *ap->a_inoffp += fwo->size; 926 *ap->a_outoffp += fwo->size; 927 fuse_internal_clear_suid_on_write(outvp, outcred, td); 928 if (*ap->a_outoffp > outfvdat->cached_attrs.va_size) { 929 fuse_vnode_setsize(outvp, *ap->a_outoffp, false); 930 getnanouptime(&outfvdat->last_local_modify); 931 } 932 fuse_vnode_update(invp, FN_ATIMECHANGE); 933 fuse_vnode_update(outvp, FN_MTIMECHANGE | FN_CTIMECHANGE); 934 } 935 fdisp_destroy(&fdi); 936 937 unlock: 938 if (invp != outvp) 939 VOP_UNLOCK(invp); 940 VOP_UNLOCK(outvp); 941 942 if (err == ENOSYS) { 943 fsess_set_notimpl(mp, FUSE_COPY_FILE_RANGE); 944 fallback: 945 err = vn_generic_copy_file_range(ap->a_invp, ap->a_inoffp, 946 ap->a_outvp, ap->a_outoffp, ap->a_lenp, ap->a_flags, 947 ap->a_incred, ap->a_outcred, ap->a_fsizetd); 948 } 949 950 /* 951 * No need to call vn_rlimit_fsizex_res before return, since the uio is 952 * local. 953 */ 954 return (err); 955 } 956 957 static void 958 fdisp_make_mknod_for_fallback( 959 struct fuse_dispatcher *fdip, 960 struct componentname *cnp, 961 struct vnode *dvp, 962 uint64_t parentnid, 963 struct thread *td, 964 struct ucred *cred, 965 mode_t mode, 966 enum fuse_opcode *op) 967 { 968 struct fuse_mknod_in *fmni; 969 970 fdisp_init(fdip, sizeof(*fmni) + cnp->cn_namelen + 1); 971 *op = FUSE_MKNOD; 972 fdisp_make(fdip, *op, vnode_mount(dvp), parentnid, td, cred); 973 fmni = fdip->indata; 974 fmni->mode = mode; 975 fmni->rdev = 0; 976 memcpy((char *)fdip->indata + sizeof(*fmni), cnp->cn_nameptr, 977 cnp->cn_namelen); 978 ((char *)fdip->indata)[sizeof(*fmni) + cnp->cn_namelen] = '\0'; 979 } 980 /* 981 struct vnop_create_args { 982 struct vnode *a_dvp; 983 struct vnode **a_vpp; 984 struct componentname *a_cnp; 985 struct vattr *a_vap; 986 }; 987 */ 988 static int 989 fuse_vnop_create(struct vop_create_args *ap) 990 { 991 struct vnode *dvp = ap->a_dvp; 992 struct vnode **vpp = ap->a_vpp; 993 struct componentname *cnp = ap->a_cnp; 994 struct vattr *vap = ap->a_vap; 995 struct thread *td = curthread; 996 struct ucred *cred = cnp->cn_cred; 997 998 struct fuse_data *data; 999 struct fuse_create_in *fci; 1000 struct fuse_entry_out *feo; 1001 struct fuse_open_out *foo; 1002 struct fuse_dispatcher fdi, fdi2; 1003 struct fuse_dispatcher *fdip = &fdi; 1004 struct fuse_dispatcher *fdip2 = NULL; 1005 1006 int err; 1007 1008 struct mount *mp = vnode_mount(dvp); 1009 data = fuse_get_mpdata(mp); 1010 uint64_t parentnid = VTOFUD(dvp)->nid; 1011 mode_t mode = MAKEIMODE(vap->va_type, vap->va_mode); 1012 enum fuse_opcode op; 1013 int flags; 1014 1015 if (fuse_isdeadfs(dvp)) 1016 return ENXIO; 1017 1018 /* FUSE expects sockets to be created with FUSE_MKNOD */ 1019 if (vap->va_type == VSOCK) 1020 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1021 1022 /* 1023 * VOP_CREATE doesn't tell us the open(2) flags, so we guess. Only a 1024 * writable mode makes sense, and we might as well include readability 1025 * too. 1026 */ 1027 flags = O_RDWR; 1028 1029 bzero(&fdi, sizeof(fdi)); 1030 1031 if (vap->va_type != VREG) 1032 return (EINVAL); 1033 1034 if (fsess_not_impl(mp, FUSE_CREATE) || vap->va_type == VSOCK) { 1035 /* Fallback to FUSE_MKNOD/FUSE_OPEN */ 1036 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, parentnid, td, 1037 cred, mode, &op); 1038 } else { 1039 /* Use FUSE_CREATE */ 1040 size_t insize; 1041 1042 op = FUSE_CREATE; 1043 fdisp_init(fdip, sizeof(*fci) + cnp->cn_namelen + 1); 1044 fdisp_make(fdip, op, vnode_mount(dvp), parentnid, td, cred); 1045 fci = fdip->indata; 1046 fci->mode = mode; 1047 fci->flags = O_CREAT | flags; 1048 if (fuse_libabi_geq(data, 7, 12)) { 1049 insize = sizeof(*fci); 1050 fci->umask = td->td_proc->p_pd->pd_cmask; 1051 } else { 1052 insize = sizeof(struct fuse_open_in); 1053 } 1054 1055 memcpy((char *)fdip->indata + insize, cnp->cn_nameptr, 1056 cnp->cn_namelen); 1057 ((char *)fdip->indata)[insize + cnp->cn_namelen] = '\0'; 1058 } 1059 1060 err = fdisp_wait_answ(fdip); 1061 1062 if (err) { 1063 if (err == ENOSYS && op == FUSE_CREATE) { 1064 fsess_set_notimpl(mp, FUSE_CREATE); 1065 fdisp_destroy(fdip); 1066 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, 1067 parentnid, td, cred, mode, &op); 1068 err = fdisp_wait_answ(fdip); 1069 } 1070 if (err) 1071 goto out; 1072 } 1073 1074 feo = fdip->answ; 1075 1076 if ((err = fuse_internal_checkentry(feo, vap->va_type))) { 1077 goto out; 1078 } 1079 1080 if (op == FUSE_CREATE) { 1081 if (fuse_libabi_geq(data, 7, 9)) 1082 foo = (struct fuse_open_out*)(feo + 1); 1083 else 1084 foo = (struct fuse_open_out*)((char*)feo + 1085 FUSE_COMPAT_ENTRY_OUT_SIZE); 1086 } else { 1087 /* Issue a separate FUSE_OPEN */ 1088 struct fuse_open_in *foi; 1089 1090 fdip2 = &fdi2; 1091 fdisp_init(fdip2, sizeof(*foi)); 1092 fdisp_make(fdip2, FUSE_OPEN, vnode_mount(dvp), feo->nodeid, td, 1093 cred); 1094 foi = fdip2->indata; 1095 foi->flags = flags; 1096 err = fdisp_wait_answ(fdip2); 1097 if (err) 1098 goto out; 1099 foo = fdip2->answ; 1100 } 1101 err = fuse_vnode_get(mp, feo, feo->nodeid, dvp, vpp, cnp, vap->va_type); 1102 if (err) { 1103 struct fuse_release_in *fri; 1104 uint64_t nodeid = feo->nodeid; 1105 uint64_t fh_id = foo->fh; 1106 1107 fdisp_destroy(fdip); 1108 fdisp_init(fdip, sizeof(*fri)); 1109 fdisp_make(fdip, FUSE_RELEASE, mp, nodeid, td, cred); 1110 fri = fdip->indata; 1111 fri->fh = fh_id; 1112 fri->flags = flags; 1113 fuse_insert_callback(fdip->tick, fuse_internal_forget_callback); 1114 fuse_insert_message(fdip->tick, false); 1115 goto out; 1116 } 1117 ASSERT_VOP_ELOCKED(*vpp, "fuse_vnop_create"); 1118 fuse_internal_cache_attrs(*vpp, &feo->attr, feo->attr_valid, 1119 feo->attr_valid_nsec, NULL, true); 1120 1121 fuse_filehandle_init(*vpp, FUFH_RDWR, NULL, td, cred, foo); 1122 fuse_vnode_open(*vpp, foo->open_flags, td); 1123 /* 1124 * Purge the parent's attribute cache because the daemon should've 1125 * updated its mtime and ctime 1126 */ 1127 fuse_vnode_clear_attr_cache(dvp); 1128 cache_purge_negative(dvp); 1129 1130 out: 1131 if (fdip2) 1132 fdisp_destroy(fdip2); 1133 fdisp_destroy(fdip); 1134 return err; 1135 } 1136 1137 /* 1138 struct vnop_fdatasync_args { 1139 struct vop_generic_args a_gen; 1140 struct vnode * a_vp; 1141 struct thread * a_td; 1142 }; 1143 */ 1144 static int 1145 fuse_vnop_fdatasync(struct vop_fdatasync_args *ap) 1146 { 1147 struct vnode *vp = ap->a_vp; 1148 struct thread *td = ap->a_td; 1149 int waitfor = MNT_WAIT; 1150 1151 int err = 0; 1152 1153 if (fuse_isdeadfs(vp)) { 1154 return 0; 1155 } 1156 if ((err = vop_stdfdatasync_buf(ap))) 1157 return err; 1158 1159 return fuse_internal_fsync(vp, td, waitfor, true); 1160 } 1161 1162 /* 1163 struct vnop_fsync_args { 1164 struct vop_generic_args a_gen; 1165 struct vnode * a_vp; 1166 int a_waitfor; 1167 struct thread * a_td; 1168 }; 1169 */ 1170 static int 1171 fuse_vnop_fsync(struct vop_fsync_args *ap) 1172 { 1173 struct vnode *vp = ap->a_vp; 1174 struct thread *td = ap->a_td; 1175 int waitfor = ap->a_waitfor; 1176 int err = 0; 1177 1178 if (fuse_isdeadfs(vp)) { 1179 return 0; 1180 } 1181 if ((err = vop_stdfsync(ap))) 1182 return err; 1183 1184 return fuse_internal_fsync(vp, td, waitfor, false); 1185 } 1186 1187 /* 1188 struct vnop_getattr_args { 1189 struct vnode *a_vp; 1190 struct vattr *a_vap; 1191 struct ucred *a_cred; 1192 struct thread *a_td; 1193 }; 1194 */ 1195 static int 1196 fuse_vnop_getattr(struct vop_getattr_args *ap) 1197 { 1198 struct vnode *vp = ap->a_vp; 1199 struct vattr *vap = ap->a_vap; 1200 struct ucred *cred = ap->a_cred; 1201 struct thread *td = curthread; 1202 1203 int err = 0; 1204 int dataflags; 1205 1206 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 1207 1208 /* Note that we are not bailing out on a dead file system just yet. */ 1209 1210 if (!(dataflags & FSESS_INITED)) { 1211 if (!vnode_isvroot(vp)) { 1212 fdata_set_dead(fuse_get_mpdata(vnode_mount(vp))); 1213 err = ENOTCONN; 1214 return err; 1215 } else { 1216 goto fake; 1217 } 1218 } 1219 err = fuse_internal_getattr(vp, vap, cred, td); 1220 if (err == ENOTCONN && vnode_isvroot(vp)) { 1221 /* see comment in fuse_vfsop_statfs() */ 1222 goto fake; 1223 } else { 1224 return err; 1225 } 1226 1227 fake: 1228 bzero(vap, sizeof(*vap)); 1229 vap->va_type = vnode_vtype(vp); 1230 1231 return 0; 1232 } 1233 1234 /* 1235 struct vnop_inactive_args { 1236 struct vnode *a_vp; 1237 }; 1238 */ 1239 static int 1240 fuse_vnop_inactive(struct vop_inactive_args *ap) 1241 { 1242 struct vnode *vp = ap->a_vp; 1243 struct thread *td = curthread; 1244 1245 struct fuse_vnode_data *fvdat = VTOFUD(vp); 1246 struct fuse_filehandle *fufh, *fufh_tmp; 1247 1248 int need_flush = 1; 1249 1250 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 1251 if (need_flush && vp->v_type == VREG) { 1252 if ((VTOFUD(vp)->flag & FN_SIZECHANGE) != 0) { 1253 fuse_vnode_savesize(vp, NULL, 0); 1254 } 1255 if ((fvdat->flag & FN_REVOKED) != 0) 1256 fuse_io_invalbuf(vp, td); 1257 else 1258 fuse_io_flushbuf(vp, MNT_WAIT, td); 1259 need_flush = 0; 1260 } 1261 fuse_filehandle_close(vp, fufh, td, NULL); 1262 } 1263 1264 if ((fvdat->flag & FN_REVOKED) != 0) 1265 vrecycle(vp); 1266 1267 return 0; 1268 } 1269 1270 /* 1271 struct vnop_ioctl_args { 1272 struct vnode *a_vp; 1273 u_long a_command; 1274 caddr_t a_data; 1275 int a_fflag; 1276 struct ucred *a_cred; 1277 struct thread *a_td; 1278 }; 1279 */ 1280 static int 1281 fuse_vnop_ioctl(struct vop_ioctl_args *ap) 1282 { 1283 struct vnode *vp = ap->a_vp; 1284 struct mount *mp = vnode_mount(vp); 1285 struct ucred *cred = ap->a_cred; 1286 off_t *offp; 1287 pid_t pid = ap->a_td->td_proc->p_pid; 1288 int err; 1289 1290 switch (ap->a_command) { 1291 case FIOSEEKDATA: 1292 case FIOSEEKHOLE: 1293 /* Call FUSE_LSEEK, if we can, or fall back to vop_stdioctl */ 1294 if (fsess_maybe_impl(mp, FUSE_LSEEK)) { 1295 int whence; 1296 1297 offp = ap->a_data; 1298 if (ap->a_command == FIOSEEKDATA) 1299 whence = SEEK_DATA; 1300 else 1301 whence = SEEK_HOLE; 1302 1303 vn_lock(vp, LK_SHARED | LK_RETRY); 1304 err = fuse_vnop_do_lseek(vp, ap->a_td, cred, pid, offp, 1305 whence); 1306 VOP_UNLOCK(vp); 1307 } 1308 if (fsess_not_impl(mp, FUSE_LSEEK)) 1309 err = vop_stdioctl(ap); 1310 break; 1311 default: 1312 /* TODO: implement FUSE_IOCTL */ 1313 err = ENOTTY; 1314 break; 1315 } 1316 return (err); 1317 } 1318 1319 1320 /* 1321 struct vnop_link_args { 1322 struct vnode *a_tdvp; 1323 struct vnode *a_vp; 1324 struct componentname *a_cnp; 1325 }; 1326 */ 1327 static int 1328 fuse_vnop_link(struct vop_link_args *ap) 1329 { 1330 struct vnode *vp = ap->a_vp; 1331 struct vnode *tdvp = ap->a_tdvp; 1332 struct componentname *cnp = ap->a_cnp; 1333 1334 struct vattr *vap = VTOVA(vp); 1335 1336 struct fuse_dispatcher fdi; 1337 struct fuse_entry_out *feo; 1338 struct fuse_link_in fli; 1339 1340 int err; 1341 1342 if (fuse_isdeadfs(vp)) { 1343 return ENXIO; 1344 } 1345 if (vnode_mount(tdvp) != vnode_mount(vp)) { 1346 return EXDEV; 1347 } 1348 1349 /* 1350 * This is a seatbelt check to protect naive userspace filesystems from 1351 * themselves and the limitations of the FUSE IPC protocol. If a 1352 * filesystem does not allow attribute caching, assume it is capable of 1353 * validating that nlink does not overflow. 1354 */ 1355 if (vap != NULL && vap->va_nlink >= FUSE_LINK_MAX) 1356 return EMLINK; 1357 fli.oldnodeid = VTOI(vp); 1358 1359 fdisp_init(&fdi, 0); 1360 fuse_internal_newentry_makerequest(vnode_mount(tdvp), VTOI(tdvp), cnp, 1361 FUSE_LINK, &fli, sizeof(fli), &fdi); 1362 if ((err = fdisp_wait_answ(&fdi))) { 1363 goto out; 1364 } 1365 feo = fdi.answ; 1366 1367 if (fli.oldnodeid != feo->nodeid) { 1368 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 1369 fuse_warn(data, FSESS_WARN_ILLEGAL_INODE, 1370 "Assigned wrong inode for a hard link."); 1371 fuse_vnode_clear_attr_cache(vp); 1372 fuse_vnode_clear_attr_cache(tdvp); 1373 err = EIO; 1374 goto out; 1375 } 1376 1377 err = fuse_internal_checkentry(feo, vnode_vtype(vp)); 1378 if (!err) { 1379 /* 1380 * Purge the parent's attribute cache because the daemon 1381 * should've updated its mtime and ctime 1382 */ 1383 fuse_vnode_clear_attr_cache(tdvp); 1384 fuse_internal_cache_attrs(vp, &feo->attr, feo->attr_valid, 1385 feo->attr_valid_nsec, NULL, true); 1386 } 1387 out: 1388 fdisp_destroy(&fdi); 1389 return err; 1390 } 1391 1392 struct fuse_lookup_alloc_arg { 1393 struct fuse_entry_out *feo; 1394 struct componentname *cnp; 1395 uint64_t nid; 1396 enum vtype vtyp; 1397 }; 1398 1399 /* Callback for vn_get_ino */ 1400 static int 1401 fuse_lookup_alloc(struct mount *mp, void *arg, int lkflags, struct vnode **vpp) 1402 { 1403 struct fuse_lookup_alloc_arg *flaa = arg; 1404 1405 return fuse_vnode_get(mp, flaa->feo, flaa->nid, NULL, vpp, flaa->cnp, 1406 flaa->vtyp); 1407 } 1408 1409 SDT_PROBE_DEFINE3(fusefs, , vnops, cache_lookup, 1410 "int", "struct timespec*", "struct timespec*"); 1411 /* 1412 struct vnop_lookup_args { 1413 struct vnodeop_desc *a_desc; 1414 struct vnode *a_dvp; 1415 struct vnode **a_vpp; 1416 struct componentname *a_cnp; 1417 }; 1418 */ 1419 int 1420 fuse_vnop_lookup(struct vop_lookup_args *ap) 1421 { 1422 struct vnode *dvp = ap->a_dvp; 1423 struct vnode **vpp = ap->a_vpp; 1424 struct componentname *cnp = ap->a_cnp; 1425 struct thread *td = curthread; 1426 struct ucred *cred = cnp->cn_cred; 1427 struct timespec now; 1428 1429 int nameiop = cnp->cn_nameiop; 1430 int flags = cnp->cn_flags; 1431 int islastcn = flags & ISLASTCN; 1432 struct mount *mp = vnode_mount(dvp); 1433 struct fuse_data *data = fuse_get_mpdata(mp); 1434 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 1435 bool is_dot; 1436 1437 int err = 0; 1438 int lookup_err = 0; 1439 struct vnode *vp = NULL; 1440 1441 struct fuse_dispatcher fdi; 1442 bool did_lookup = false; 1443 struct fuse_entry_out *feo = NULL; 1444 enum vtype vtyp; /* vnode type of target */ 1445 1446 uint64_t nid; 1447 1448 if (fuse_isdeadfs(dvp)) { 1449 *vpp = NULL; 1450 return ENXIO; 1451 } 1452 if (!vnode_isdir(dvp)) 1453 return ENOTDIR; 1454 1455 if (islastcn && vfs_isrdonly(mp) && (nameiop != LOOKUP)) 1456 return EROFS; 1457 1458 if ((cnp->cn_flags & NOEXECCHECK) != 0) 1459 cnp->cn_flags &= ~NOEXECCHECK; 1460 else if ((err = fuse_internal_access(dvp, VEXEC, td, cred))) 1461 return err; 1462 1463 is_dot = cnp->cn_namelen == 1 && *(cnp->cn_nameptr) == '.'; 1464 if ((flags & ISDOTDOT) && !(data->dataflags & FSESS_EXPORT_SUPPORT)) 1465 { 1466 if (!(VTOFUD(dvp)->flag & FN_PARENT_NID)) { 1467 /* 1468 * Since the file system doesn't support ".." lookups, 1469 * we have no way to find this entry. 1470 */ 1471 return ESTALE; 1472 } 1473 nid = VTOFUD(dvp)->parent_nid; 1474 if (nid == 0) 1475 return ENOENT; 1476 /* .. is obviously a directory */ 1477 vtyp = VDIR; 1478 } else if (is_dot) { 1479 nid = VTOI(dvp); 1480 /* . is obviously a directory */ 1481 vtyp = VDIR; 1482 } else { 1483 struct timespec timeout; 1484 int ncpticks; /* here to accommodate for API contract */ 1485 1486 err = cache_lookup(dvp, vpp, cnp, &timeout, &ncpticks); 1487 getnanouptime(&now); 1488 SDT_PROBE3(fusefs, , vnops, cache_lookup, err, &timeout, &now); 1489 switch (err) { 1490 case -1: /* positive match */ 1491 if (timespeccmp(&timeout, &now, >)) { 1492 counter_u64_add(fuse_lookup_cache_hits, 1); 1493 } else { 1494 /* Cache timeout */ 1495 counter_u64_add(fuse_lookup_cache_misses, 1); 1496 bintime_clear( 1497 &VTOFUD(*vpp)->entry_cache_timeout); 1498 cache_purge(*vpp); 1499 if (dvp != *vpp) 1500 vput(*vpp); 1501 else 1502 vrele(*vpp); 1503 *vpp = NULL; 1504 break; 1505 } 1506 return 0; 1507 1508 case 0: /* no match in cache */ 1509 counter_u64_add(fuse_lookup_cache_misses, 1); 1510 break; 1511 1512 case ENOENT: /* negative match */ 1513 if (timespeccmp(&timeout, &now, <=)) { 1514 /* Cache timeout */ 1515 cache_purge_negative(dvp); 1516 break; 1517 } 1518 /* fall through */ 1519 default: 1520 return err; 1521 } 1522 1523 fdisp_init(&fdi, cnp->cn_namelen + 1); 1524 fdisp_make(&fdi, FUSE_LOOKUP, mp, VTOI(dvp), td, cred); 1525 1526 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 1527 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 1528 lookup_err = fdisp_wait_answ(&fdi); 1529 did_lookup = true; 1530 1531 if (!lookup_err) { 1532 /* lookup call succeeded */ 1533 feo = (struct fuse_entry_out *)fdi.answ; 1534 nid = feo->nodeid; 1535 if (nid == 0) { 1536 /* zero nodeid means ENOENT and cache it */ 1537 struct timespec timeout; 1538 1539 fdi.answ_stat = ENOENT; 1540 lookup_err = ENOENT; 1541 if (cnp->cn_flags & MAKEENTRY) { 1542 fuse_validity_2_timespec(feo, &timeout); 1543 /* Use the same entry_time for .. as for 1544 * the file itself. That doesn't honor 1545 * exactly what the fuse server tells 1546 * us, but to do otherwise would require 1547 * another cache lookup at this point. 1548 */ 1549 struct timespec *dtsp = NULL; 1550 cache_enter_time(dvp, *vpp, cnp, 1551 &timeout, dtsp); 1552 } 1553 } 1554 vtyp = IFTOVT(feo->attr.mode); 1555 } 1556 if (lookup_err && (!fdi.answ_stat || lookup_err != ENOENT)) { 1557 fdisp_destroy(&fdi); 1558 return lookup_err; 1559 } 1560 } 1561 /* lookup_err, if non-zero, must be ENOENT at this point */ 1562 1563 if (lookup_err) { 1564 /* Entry not found */ 1565 if ((nameiop == CREATE || nameiop == RENAME) && islastcn) { 1566 if (default_permissions) 1567 err = fuse_internal_access(dvp, VWRITE, td, 1568 cred); 1569 else 1570 err = 0; 1571 if (!err) { 1572 err = EJUSTRETURN; 1573 } 1574 } else { 1575 err = ENOENT; 1576 } 1577 } else { 1578 /* Entry was found */ 1579 if (flags & ISDOTDOT) { 1580 struct fuse_lookup_alloc_arg flaa; 1581 1582 flaa.nid = nid; 1583 flaa.feo = feo; 1584 flaa.cnp = cnp; 1585 flaa.vtyp = vtyp; 1586 err = vn_vget_ino_gen(dvp, fuse_lookup_alloc, &flaa, 0, 1587 &vp); 1588 *vpp = vp; 1589 } else if (nid == VTOI(dvp)) { 1590 if (is_dot) { 1591 vref(dvp); 1592 *vpp = dvp; 1593 } else { 1594 fuse_warn(fuse_get_mpdata(mp), 1595 FSESS_WARN_ILLEGAL_INODE, 1596 "Assigned same inode to both parent and " 1597 "child."); 1598 err = EIO; 1599 } 1600 1601 } else { 1602 struct fuse_vnode_data *fvdat; 1603 1604 err = fuse_vnode_get(vnode_mount(dvp), feo, nid, dvp, 1605 &vp, cnp, vtyp); 1606 if (err) 1607 goto out; 1608 *vpp = vp; 1609 fvdat = VTOFUD(vp); 1610 1611 MPASS(feo != NULL); 1612 if (timespeccmp(&now, &fvdat->last_local_modify, >)) { 1613 /* 1614 * Attributes from the server are definitely 1615 * newer than the last attributes we sent to 1616 * the server, so cache them. 1617 */ 1618 fuse_internal_cache_attrs(*vpp, &feo->attr, 1619 feo->attr_valid, feo->attr_valid_nsec, 1620 NULL, true); 1621 } 1622 fuse_validity_2_bintime(feo->entry_valid, 1623 feo->entry_valid_nsec, 1624 &fvdat->entry_cache_timeout); 1625 1626 if ((nameiop == DELETE || nameiop == RENAME) && 1627 islastcn && default_permissions) 1628 { 1629 struct vattr dvattr; 1630 1631 err = fuse_internal_access(dvp, VWRITE, td, 1632 cred); 1633 if (err != 0) 1634 goto out; 1635 /* 1636 * if the parent's sticky bit is set, check 1637 * whether we're allowed to remove the file. 1638 * Need to figure out the vnode locking to make 1639 * this work. 1640 */ 1641 fuse_internal_getattr(dvp, &dvattr, cred, td); 1642 if ((dvattr.va_mode & S_ISTXT) && 1643 fuse_internal_access(dvp, VADMIN, td, 1644 cred) && 1645 fuse_internal_access(*vpp, VADMIN, td, 1646 cred)) { 1647 err = EPERM; 1648 goto out; 1649 } 1650 } 1651 } 1652 } 1653 out: 1654 if (err) { 1655 if (vp != NULL && dvp != vp) 1656 vput(vp); 1657 else if (vp != NULL) 1658 vrele(vp); 1659 *vpp = NULL; 1660 } 1661 if (did_lookup) 1662 fdisp_destroy(&fdi); 1663 1664 return err; 1665 } 1666 1667 /* 1668 struct vnop_mkdir_args { 1669 struct vnode *a_dvp; 1670 struct vnode **a_vpp; 1671 struct componentname *a_cnp; 1672 struct vattr *a_vap; 1673 }; 1674 */ 1675 static int 1676 fuse_vnop_mkdir(struct vop_mkdir_args *ap) 1677 { 1678 struct vnode *dvp = ap->a_dvp; 1679 struct vnode **vpp = ap->a_vpp; 1680 struct componentname *cnp = ap->a_cnp; 1681 struct vattr *vap = ap->a_vap; 1682 1683 struct fuse_mkdir_in fmdi; 1684 1685 if (fuse_isdeadfs(dvp)) { 1686 return ENXIO; 1687 } 1688 fmdi.mode = MAKEIMODE(vap->va_type, vap->va_mode); 1689 fmdi.umask = curthread->td_proc->p_pd->pd_cmask; 1690 1691 return (fuse_internal_newentry(dvp, vpp, cnp, FUSE_MKDIR, &fmdi, 1692 sizeof(fmdi), VDIR)); 1693 } 1694 1695 /* 1696 struct vnop_mknod_args { 1697 struct vnode *a_dvp; 1698 struct vnode **a_vpp; 1699 struct componentname *a_cnp; 1700 struct vattr *a_vap; 1701 }; 1702 */ 1703 static int 1704 fuse_vnop_mknod(struct vop_mknod_args *ap) 1705 { 1706 1707 struct vnode *dvp = ap->a_dvp; 1708 struct vnode **vpp = ap->a_vpp; 1709 struct componentname *cnp = ap->a_cnp; 1710 struct vattr *vap = ap->a_vap; 1711 1712 if (fuse_isdeadfs(dvp)) 1713 return ENXIO; 1714 1715 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1716 } 1717 1718 /* 1719 struct vop_open_args { 1720 struct vnode *a_vp; 1721 int a_mode; 1722 struct ucred *a_cred; 1723 struct thread *a_td; 1724 int a_fdidx; / struct file *a_fp; 1725 }; 1726 */ 1727 static int 1728 fuse_vnop_open(struct vop_open_args *ap) 1729 { 1730 struct vnode *vp = ap->a_vp; 1731 int a_mode = ap->a_mode; 1732 struct thread *td = ap->a_td; 1733 struct ucred *cred = ap->a_cred; 1734 pid_t pid = td->td_proc->p_pid; 1735 1736 if (fuse_isdeadfs(vp)) 1737 return ENXIO; 1738 if (vp->v_type == VCHR || vp->v_type == VBLK || vp->v_type == VFIFO) 1739 return (EOPNOTSUPP); 1740 if ((a_mode & (FREAD | FWRITE | FEXEC)) == 0) 1741 return EINVAL; 1742 1743 if (fuse_filehandle_validrw(vp, a_mode, cred, pid)) { 1744 fuse_vnode_open(vp, 0, td); 1745 return 0; 1746 } 1747 1748 return fuse_filehandle_open(vp, a_mode, NULL, td, cred); 1749 } 1750 1751 static int 1752 fuse_vnop_pathconf(struct vop_pathconf_args *ap) 1753 { 1754 struct vnode *vp = ap->a_vp; 1755 struct mount *mp; 1756 1757 switch (ap->a_name) { 1758 case _PC_FILESIZEBITS: 1759 *ap->a_retval = 64; 1760 return (0); 1761 case _PC_NAME_MAX: 1762 *ap->a_retval = NAME_MAX; 1763 return (0); 1764 case _PC_LINK_MAX: 1765 *ap->a_retval = MIN(LONG_MAX, FUSE_LINK_MAX); 1766 return (0); 1767 case _PC_SYMLINK_MAX: 1768 *ap->a_retval = MAXPATHLEN; 1769 return (0); 1770 case _PC_NO_TRUNC: 1771 *ap->a_retval = 1; 1772 return (0); 1773 case _PC_MIN_HOLE_SIZE: 1774 /* 1775 * The FUSE protocol provides no mechanism for a server to 1776 * report _PC_MIN_HOLE_SIZE. It's a protocol bug. Instead, 1777 * return EINVAL if the server does not support FUSE_LSEEK, or 1778 * 1 if it does. 1779 */ 1780 mp = vnode_mount(vp); 1781 if (!fsess_is_impl(mp, FUSE_LSEEK) && 1782 !fsess_not_impl(mp, FUSE_LSEEK)) { 1783 off_t offset = 0; 1784 1785 /* Issue a FUSE_LSEEK to find out if it's implemented */ 1786 fuse_vnop_do_lseek(vp, curthread, curthread->td_ucred, 1787 curthread->td_proc->p_pid, &offset, SEEK_DATA); 1788 } 1789 1790 if (fsess_is_impl(mp, FUSE_LSEEK)) { 1791 *ap->a_retval = 1; 1792 return (0); 1793 } else { 1794 /* 1795 * Probably FUSE_LSEEK is not implemented. It might 1796 * be, if the FUSE_LSEEK above returned an error like 1797 * EACCES, but in that case we can't tell, so it's 1798 * safest to report EINVAL anyway. 1799 */ 1800 return (EINVAL); 1801 } 1802 default: 1803 return (vop_stdpathconf(ap)); 1804 } 1805 } 1806 1807 SDT_PROBE_DEFINE3(fusefs, , vnops, filehandles_closed, "struct vnode*", 1808 "struct uio*", "struct ucred*"); 1809 /* 1810 struct vnop_read_args { 1811 struct vnode *a_vp; 1812 struct uio *a_uio; 1813 int a_ioflag; 1814 struct ucred *a_cred; 1815 }; 1816 */ 1817 static int 1818 fuse_vnop_read(struct vop_read_args *ap) 1819 { 1820 struct vnode *vp = ap->a_vp; 1821 struct uio *uio = ap->a_uio; 1822 int ioflag = ap->a_ioflag; 1823 struct ucred *cred = ap->a_cred; 1824 pid_t pid = curthread->td_proc->p_pid; 1825 struct fuse_filehandle *fufh; 1826 int err; 1827 bool closefufh = false, directio; 1828 1829 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 1830 1831 if (fuse_isdeadfs(vp)) { 1832 return ENXIO; 1833 } 1834 1835 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 1836 ioflag |= IO_DIRECT; 1837 } 1838 1839 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 1840 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 1841 /* 1842 * nfsd will do I/O without first doing VOP_OPEN. We 1843 * must implicitly open the file here 1844 */ 1845 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1846 closefufh = true; 1847 } 1848 if (err) { 1849 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 1850 return err; 1851 } 1852 1853 /* 1854 * Ideally, when the daemon asks for direct io at open time, the 1855 * standard file flag should be set according to this, so that would 1856 * just change the default mode, which later on could be changed via 1857 * fcntl(2). 1858 * But this doesn't work, the O_DIRECT flag gets cleared at some point 1859 * (don't know where). So to make any use of the Fuse direct_io option, 1860 * we hardwire it into the file's private data (similarly to Linux, 1861 * btw.). 1862 */ 1863 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 1864 1865 fuse_vnode_update(vp, FN_ATIMECHANGE); 1866 if (directio) { 1867 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct read of vnode"); 1868 err = fuse_read_directbackend(vp, uio, cred, fufh); 1869 } else { 1870 SDT_PROBE2(fusefs, , vnops, trace, 1, "buffered read of vnode"); 1871 err = fuse_read_biobackend(vp, uio, ioflag, cred, fufh, pid); 1872 } 1873 1874 if (closefufh) 1875 fuse_filehandle_close(vp, fufh, curthread, cred); 1876 1877 return (err); 1878 } 1879 1880 /* 1881 struct vnop_readdir_args { 1882 struct vnode *a_vp; 1883 struct uio *a_uio; 1884 struct ucred *a_cred; 1885 int *a_eofflag; 1886 int *a_ncookies; 1887 uint64_t **a_cookies; 1888 }; 1889 */ 1890 static int 1891 fuse_vnop_readdir(struct vop_readdir_args *ap) 1892 { 1893 struct vnode *vp = ap->a_vp; 1894 struct uio *uio = ap->a_uio; 1895 struct ucred *cred = ap->a_cred; 1896 struct fuse_filehandle *fufh = NULL; 1897 struct mount *mp = vnode_mount(vp); 1898 struct fuse_iov cookediov; 1899 int err = 0; 1900 uint64_t *cookies; 1901 ssize_t tresid; 1902 int ncookies; 1903 bool closefufh = false; 1904 pid_t pid = curthread->td_proc->p_pid; 1905 1906 if (ap->a_eofflag) 1907 *ap->a_eofflag = 0; 1908 if (fuse_isdeadfs(vp)) { 1909 return ENXIO; 1910 } 1911 if ( /* XXXIP ((uio_iovcnt(uio) > 1)) || */ 1912 (uio_resid(uio) < sizeof(struct dirent))) { 1913 return EINVAL; 1914 } 1915 1916 tresid = uio->uio_resid; 1917 err = fuse_filehandle_get_dir(vp, &fufh, cred, pid); 1918 if (err == EBADF && mp->mnt_flag & MNT_EXPORTED) { 1919 KASSERT(fuse_get_mpdata(mp)->dataflags 1920 & FSESS_NO_OPENDIR_SUPPORT, 1921 ("FUSE file systems that don't set " 1922 "FUSE_NO_OPENDIR_SUPPORT should not be exported")); 1923 /* 1924 * nfsd will do VOP_READDIR without first doing VOP_OPEN. We 1925 * must implicitly open the directory here. 1926 */ 1927 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1928 closefufh = true; 1929 } 1930 if (err) 1931 return (err); 1932 if (ap->a_ncookies != NULL) { 1933 ncookies = uio->uio_resid / 1934 (offsetof(struct dirent, d_name) + 4) + 1; 1935 cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK); 1936 *ap->a_ncookies = ncookies; 1937 *ap->a_cookies = cookies; 1938 } else { 1939 ncookies = 0; 1940 cookies = NULL; 1941 } 1942 #define DIRCOOKEDSIZE FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + MAXNAMLEN + 1) 1943 fiov_init(&cookediov, DIRCOOKEDSIZE); 1944 1945 err = fuse_internal_readdir(vp, uio, fufh, &cookediov, 1946 &ncookies, cookies); 1947 1948 fiov_teardown(&cookediov); 1949 if (closefufh) 1950 fuse_filehandle_close(vp, fufh, curthread, cred); 1951 1952 if (ap->a_ncookies != NULL) { 1953 if (err == 0) { 1954 *ap->a_ncookies -= ncookies; 1955 } else { 1956 free(*ap->a_cookies, M_TEMP); 1957 *ap->a_ncookies = 0; 1958 *ap->a_cookies = NULL; 1959 } 1960 } 1961 if (err == 0 && tresid == uio->uio_resid) 1962 *ap->a_eofflag = 1; 1963 1964 return err; 1965 } 1966 1967 /* 1968 struct vnop_readlink_args { 1969 struct vnode *a_vp; 1970 struct uio *a_uio; 1971 struct ucred *a_cred; 1972 }; 1973 */ 1974 static int 1975 fuse_vnop_readlink(struct vop_readlink_args *ap) 1976 { 1977 struct vnode *vp = ap->a_vp; 1978 struct uio *uio = ap->a_uio; 1979 struct ucred *cred = ap->a_cred; 1980 1981 struct fuse_dispatcher fdi; 1982 int err; 1983 1984 if (fuse_isdeadfs(vp)) { 1985 return ENXIO; 1986 } 1987 if (!vnode_islnk(vp)) { 1988 return EINVAL; 1989 } 1990 fdisp_init(&fdi, 0); 1991 err = fdisp_simple_putget_vp(&fdi, FUSE_READLINK, vp, curthread, cred); 1992 if (err) { 1993 goto out; 1994 } 1995 if (((char *)fdi.answ)[0] == '/' && 1996 fuse_get_mpdata(vnode_mount(vp))->dataflags & FSESS_PUSH_SYMLINKS_IN) { 1997 char *mpth = vnode_mount(vp)->mnt_stat.f_mntonname; 1998 1999 err = uiomove(mpth, strlen(mpth), uio); 2000 } 2001 if (!err) { 2002 err = uiomove(fdi.answ, fdi.iosize, uio); 2003 } 2004 out: 2005 fdisp_destroy(&fdi); 2006 return err; 2007 } 2008 2009 /* 2010 struct vnop_reclaim_args { 2011 struct vnode *a_vp; 2012 }; 2013 */ 2014 static int 2015 fuse_vnop_reclaim(struct vop_reclaim_args *ap) 2016 { 2017 struct vnode *vp = ap->a_vp; 2018 struct thread *td = curthread; 2019 struct fuse_vnode_data *fvdat = VTOFUD(vp); 2020 struct fuse_filehandle *fufh, *fufh_tmp; 2021 2022 if (!fvdat) { 2023 panic("FUSE: no vnode data during recycling"); 2024 } 2025 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 2026 printf("FUSE: vnode being reclaimed with open fufh " 2027 "(type=%#x)", fufh->fufh_type); 2028 fuse_filehandle_close(vp, fufh, td, NULL); 2029 } 2030 2031 if (VTOI(vp) == 1) { 2032 /* 2033 * Don't send FUSE_FORGET for the root inode, because 2034 * we never send FUSE_LOOKUP for it (see 2035 * fuse_vfsop_root) and we don't want the server to see 2036 * mismatched lookup counts. 2037 */ 2038 struct fuse_data *data; 2039 struct vnode *vroot; 2040 2041 data = fuse_get_mpdata(vnode_mount(vp)); 2042 FUSE_LOCK(); 2043 vroot = data->vroot; 2044 data->vroot = NULL; 2045 FUSE_UNLOCK(); 2046 if (vroot) 2047 vrele(vroot); 2048 } else if (!fuse_isdeadfs(vp) && fvdat->nlookup > 0) { 2049 fuse_internal_forget_send(vnode_mount(vp), td, NULL, VTOI(vp), 2050 fvdat->nlookup); 2051 } 2052 cache_purge(vp); 2053 vfs_hash_remove(vp); 2054 fuse_vnode_destroy(vp); 2055 2056 return 0; 2057 } 2058 2059 /* 2060 struct vnop_remove_args { 2061 struct vnode *a_dvp; 2062 struct vnode *a_vp; 2063 struct componentname *a_cnp; 2064 }; 2065 */ 2066 static int 2067 fuse_vnop_remove(struct vop_remove_args *ap) 2068 { 2069 struct vnode *dvp = ap->a_dvp; 2070 struct vnode *vp = ap->a_vp; 2071 struct componentname *cnp = ap->a_cnp; 2072 2073 int err; 2074 2075 if (fuse_isdeadfs(vp)) { 2076 return ENXIO; 2077 } 2078 if (vnode_isdir(vp)) { 2079 return EPERM; 2080 } 2081 2082 err = fuse_internal_remove(dvp, vp, cnp, FUSE_UNLINK); 2083 2084 return err; 2085 } 2086 2087 /* 2088 struct vnop_rename_args { 2089 struct vnode *a_fdvp; 2090 struct vnode *a_fvp; 2091 struct componentname *a_fcnp; 2092 struct vnode *a_tdvp; 2093 struct vnode *a_tvp; 2094 struct componentname *a_tcnp; 2095 }; 2096 */ 2097 static int 2098 fuse_vnop_rename(struct vop_rename_args *ap) 2099 { 2100 struct vnode *fdvp = ap->a_fdvp; 2101 struct vnode *fvp = ap->a_fvp; 2102 struct componentname *fcnp = ap->a_fcnp; 2103 struct vnode *tdvp = ap->a_tdvp; 2104 struct vnode *tvp = ap->a_tvp; 2105 struct componentname *tcnp = ap->a_tcnp; 2106 struct fuse_data *data; 2107 bool newparent = fdvp != tdvp; 2108 bool isdir = fvp->v_type == VDIR; 2109 int err = 0; 2110 2111 if (fuse_isdeadfs(fdvp)) { 2112 return ENXIO; 2113 } 2114 if (fvp->v_mount != tdvp->v_mount || 2115 (tvp && fvp->v_mount != tvp->v_mount)) { 2116 SDT_PROBE2(fusefs, , vnops, trace, 1, "cross-device rename"); 2117 err = EXDEV; 2118 goto out; 2119 } 2120 cache_purge(fvp); 2121 2122 /* 2123 * FUSE library is expected to check if target directory is not 2124 * under the source directory in the file system tree. 2125 * Linux performs this check at VFS level. 2126 */ 2127 /* 2128 * If source is a directory, and it will get a new parent, user must 2129 * have write permission to it, so ".." can be modified. 2130 */ 2131 data = fuse_get_mpdata(vnode_mount(tdvp)); 2132 if (data->dataflags & FSESS_DEFAULT_PERMISSIONS && isdir && newparent) { 2133 err = fuse_internal_access(fvp, VWRITE, 2134 curthread, tcnp->cn_cred); 2135 if (err) 2136 goto out; 2137 } 2138 sx_xlock(&data->rename_lock); 2139 err = fuse_internal_rename(fdvp, fcnp, tdvp, tcnp); 2140 if (err == 0) { 2141 if (tdvp != fdvp) 2142 fuse_vnode_setparent(fvp, tdvp); 2143 if (tvp != NULL) 2144 fuse_vnode_setparent(tvp, NULL); 2145 } 2146 sx_unlock(&data->rename_lock); 2147 2148 if (tvp != NULL && tvp != fvp) { 2149 cache_purge(tvp); 2150 } 2151 if (vnode_isdir(fvp)) { 2152 if (((tvp != NULL) && vnode_isdir(tvp)) || vnode_isdir(fvp)) { 2153 cache_purge(tdvp); 2154 } 2155 cache_purge(fdvp); 2156 } 2157 out: 2158 if (tdvp == tvp) { 2159 vrele(tdvp); 2160 } else { 2161 vput(tdvp); 2162 } 2163 if (tvp != NULL) { 2164 vput(tvp); 2165 } 2166 vrele(fdvp); 2167 vrele(fvp); 2168 2169 return err; 2170 } 2171 2172 /* 2173 struct vnop_rmdir_args { 2174 struct vnode *a_dvp; 2175 struct vnode *a_vp; 2176 struct componentname *a_cnp; 2177 } *ap; 2178 */ 2179 static int 2180 fuse_vnop_rmdir(struct vop_rmdir_args *ap) 2181 { 2182 struct vnode *dvp = ap->a_dvp; 2183 struct vnode *vp = ap->a_vp; 2184 2185 int err; 2186 2187 if (fuse_isdeadfs(vp)) { 2188 return ENXIO; 2189 } 2190 if (VTOFUD(vp) == VTOFUD(dvp)) { 2191 return EINVAL; 2192 } 2193 err = fuse_internal_remove(dvp, vp, ap->a_cnp, FUSE_RMDIR); 2194 2195 return err; 2196 } 2197 2198 /* 2199 struct vnop_setattr_args { 2200 struct vnode *a_vp; 2201 struct vattr *a_vap; 2202 struct ucred *a_cred; 2203 struct thread *a_td; 2204 }; 2205 */ 2206 static int 2207 fuse_vnop_setattr(struct vop_setattr_args *ap) 2208 { 2209 struct vnode *vp = ap->a_vp; 2210 struct vattr *vap = ap->a_vap; 2211 struct ucred *cred = ap->a_cred; 2212 struct thread *td = curthread; 2213 struct mount *mp; 2214 struct fuse_data *data; 2215 struct vattr old_va; 2216 int dataflags; 2217 int err = 0, err2; 2218 accmode_t accmode = 0; 2219 bool checkperm; 2220 bool drop_suid = false; 2221 gid_t cr_gid; 2222 2223 mp = vnode_mount(vp); 2224 data = fuse_get_mpdata(mp); 2225 dataflags = data->dataflags; 2226 checkperm = dataflags & FSESS_DEFAULT_PERMISSIONS; 2227 if (cred->cr_ngroups > 0) 2228 cr_gid = cred->cr_groups[0]; 2229 else 2230 cr_gid = 0; 2231 2232 if (fuse_isdeadfs(vp)) { 2233 return ENXIO; 2234 } 2235 2236 if (vap->va_uid != (uid_t)VNOVAL) { 2237 if (checkperm) { 2238 /* Only root may change a file's owner */ 2239 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2240 if (err) { 2241 /* As a special case, allow the null chown */ 2242 err2 = fuse_internal_getattr(vp, &old_va, cred, 2243 td); 2244 if (err2) 2245 return (err2); 2246 if (vap->va_uid != old_va.va_uid) 2247 return err; 2248 else 2249 accmode |= VADMIN; 2250 drop_suid = true; 2251 } else 2252 accmode |= VADMIN; 2253 } else 2254 accmode |= VADMIN; 2255 } 2256 if (vap->va_gid != (gid_t)VNOVAL) { 2257 if (checkperm && priv_check_cred(cred, PRIV_VFS_CHOWN)) 2258 drop_suid = true; 2259 if (checkperm && !groupmember(vap->va_gid, cred)) 2260 { 2261 /* 2262 * Non-root users may only chgrp to one of their own 2263 * groups 2264 */ 2265 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2266 if (err) { 2267 /* As a special case, allow the null chgrp */ 2268 err2 = fuse_internal_getattr(vp, &old_va, cred, 2269 td); 2270 if (err2) 2271 return (err2); 2272 if (vap->va_gid != old_va.va_gid) 2273 return err; 2274 accmode |= VADMIN; 2275 } else 2276 accmode |= VADMIN; 2277 } else 2278 accmode |= VADMIN; 2279 } 2280 if (vap->va_size != VNOVAL) { 2281 switch (vp->v_type) { 2282 case VDIR: 2283 return (EISDIR); 2284 case VLNK: 2285 case VREG: 2286 if (vfs_isrdonly(mp)) 2287 return (EROFS); 2288 err = vn_rlimit_trunc(vap->va_size, td); 2289 if (err) 2290 return (err); 2291 break; 2292 default: 2293 /* 2294 * According to POSIX, the result is unspecified 2295 * for file types other than regular files, 2296 * directories and shared memory objects. We 2297 * don't support shared memory objects in the file 2298 * system, and have dubious support for truncating 2299 * symlinks. Just ignore the request in other cases. 2300 */ 2301 return (0); 2302 } 2303 /* Don't set accmode. Permission to trunc is checked upstack */ 2304 } 2305 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 2306 if (vap->va_vaflags & VA_UTIMES_NULL) 2307 accmode |= VWRITE; 2308 else 2309 accmode |= VADMIN; 2310 } 2311 if (drop_suid) { 2312 if (vap->va_mode != (mode_t)VNOVAL) 2313 vap->va_mode &= ~(S_ISUID | S_ISGID); 2314 else { 2315 err = fuse_internal_getattr(vp, &old_va, cred, td); 2316 if (err) 2317 return (err); 2318 vap->va_mode = old_va.va_mode & ~(S_ISUID | S_ISGID); 2319 } 2320 } 2321 if (vap->va_mode != (mode_t)VNOVAL) { 2322 /* Only root may set the sticky bit on non-directories */ 2323 if (checkperm && vp->v_type != VDIR && (vap->va_mode & S_ISTXT) 2324 && priv_check_cred(cred, PRIV_VFS_STICKYFILE)) 2325 return EFTYPE; 2326 if (checkperm && (vap->va_mode & S_ISGID)) { 2327 err = fuse_internal_getattr(vp, &old_va, cred, td); 2328 if (err) 2329 return (err); 2330 if (!groupmember(old_va.va_gid, cred)) { 2331 err = priv_check_cred(cred, PRIV_VFS_SETGID); 2332 if (err) 2333 return (err); 2334 } 2335 } 2336 accmode |= VADMIN; 2337 } 2338 2339 if (vfs_isrdonly(mp)) 2340 return EROFS; 2341 2342 if (checkperm) { 2343 err = fuse_internal_access(vp, accmode, td, cred); 2344 } else { 2345 err = 0; 2346 } 2347 if (err) 2348 return err; 2349 else 2350 return fuse_internal_setattr(vp, vap, td, cred); 2351 } 2352 2353 /* 2354 struct vnop_strategy_args { 2355 struct vnode *a_vp; 2356 struct buf *a_bp; 2357 }; 2358 */ 2359 static int 2360 fuse_vnop_strategy(struct vop_strategy_args *ap) 2361 { 2362 struct vnode *vp = ap->a_vp; 2363 struct buf *bp = ap->a_bp; 2364 2365 if (!vp || fuse_isdeadfs(vp)) { 2366 bp->b_ioflags |= BIO_ERROR; 2367 bp->b_error = ENXIO; 2368 bufdone(bp); 2369 return 0; 2370 } 2371 2372 /* 2373 * VOP_STRATEGY always returns zero and signals error via bp->b_ioflags. 2374 * fuse_io_strategy sets bp's error fields 2375 */ 2376 (void)fuse_io_strategy(vp, bp); 2377 2378 return 0; 2379 } 2380 2381 /* 2382 struct vnop_symlink_args { 2383 struct vnode *a_dvp; 2384 struct vnode **a_vpp; 2385 struct componentname *a_cnp; 2386 struct vattr *a_vap; 2387 char *a_target; 2388 }; 2389 */ 2390 static int 2391 fuse_vnop_symlink(struct vop_symlink_args *ap) 2392 { 2393 struct vnode *dvp = ap->a_dvp; 2394 struct vnode **vpp = ap->a_vpp; 2395 struct componentname *cnp = ap->a_cnp; 2396 const char *target = ap->a_target; 2397 2398 struct fuse_dispatcher fdi; 2399 2400 int err; 2401 size_t len; 2402 2403 if (fuse_isdeadfs(dvp)) { 2404 return ENXIO; 2405 } 2406 /* 2407 * Unlike the other creator type calls, here we have to create a message 2408 * where the name of the new entry comes first, and the data describing 2409 * the entry comes second. 2410 * Hence we can't rely on our handy fuse_internal_newentry() routine, 2411 * but put together the message manually and just call the core part. 2412 */ 2413 2414 len = strlen(target) + 1; 2415 fdisp_init(&fdi, len + cnp->cn_namelen + 1); 2416 fdisp_make_vp(&fdi, FUSE_SYMLINK, dvp, curthread, NULL); 2417 2418 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 2419 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 2420 memcpy((char *)fdi.indata + cnp->cn_namelen + 1, target, len); 2421 2422 err = fuse_internal_newentry_core(dvp, vpp, cnp, VLNK, &fdi); 2423 fdisp_destroy(&fdi); 2424 return err; 2425 } 2426 2427 /* 2428 struct vnop_write_args { 2429 struct vnode *a_vp; 2430 struct uio *a_uio; 2431 int a_ioflag; 2432 struct ucred *a_cred; 2433 }; 2434 */ 2435 static int 2436 fuse_vnop_write(struct vop_write_args *ap) 2437 { 2438 struct vnode *vp = ap->a_vp; 2439 struct uio *uio = ap->a_uio; 2440 int ioflag = ap->a_ioflag; 2441 struct ucred *cred = ap->a_cred; 2442 pid_t pid = curthread->td_proc->p_pid; 2443 struct fuse_filehandle *fufh; 2444 int err; 2445 bool closefufh = false, directio; 2446 2447 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 2448 2449 if (fuse_isdeadfs(vp)) { 2450 return ENXIO; 2451 } 2452 2453 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 2454 ioflag |= IO_DIRECT; 2455 } 2456 2457 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2458 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 2459 /* 2460 * nfsd will do I/O without first doing VOP_OPEN. We 2461 * must implicitly open the file here 2462 */ 2463 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 2464 closefufh = true; 2465 } 2466 if (err) { 2467 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 2468 return err; 2469 } 2470 2471 /* 2472 * Ideally, when the daemon asks for direct io at open time, the 2473 * standard file flag should be set according to this, so that would 2474 * just change the default mode, which later on could be changed via 2475 * fcntl(2). 2476 * But this doesn't work, the O_DIRECT flag gets cleared at some point 2477 * (don't know where). So to make any use of the Fuse direct_io option, 2478 * we hardwire it into the file's private data (similarly to Linux, 2479 * btw.). 2480 */ 2481 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 2482 2483 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 2484 if (directio) { 2485 off_t start, end, filesize; 2486 bool pages = (ioflag & IO_VMIO) != 0; 2487 2488 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct write of vnode"); 2489 2490 err = fuse_vnode_size(vp, &filesize, cred, curthread); 2491 if (err) 2492 goto out; 2493 2494 start = uio->uio_offset; 2495 end = start + uio->uio_resid; 2496 if (!pages) { 2497 err = fuse_inval_buf_range(vp, filesize, start, 2498 end); 2499 if (err) 2500 goto out; 2501 } 2502 err = fuse_write_directbackend(vp, uio, cred, fufh, 2503 filesize, ioflag, pages); 2504 } else { 2505 SDT_PROBE2(fusefs, , vnops, trace, 1, 2506 "buffered write of vnode"); 2507 if (!fsess_opt_writeback(vnode_mount(vp))) 2508 ioflag |= IO_SYNC; 2509 err = fuse_write_biobackend(vp, uio, cred, fufh, ioflag, pid); 2510 } 2511 fuse_internal_clear_suid_on_write(vp, cred, uio->uio_td); 2512 2513 out: 2514 if (closefufh) 2515 fuse_filehandle_close(vp, fufh, curthread, cred); 2516 2517 return (err); 2518 } 2519 2520 static daddr_t 2521 fuse_gbp_getblkno(struct vnode *vp, vm_ooffset_t off) 2522 { 2523 const int biosize = fuse_iosize(vp); 2524 2525 return (off / biosize); 2526 } 2527 2528 static int 2529 fuse_gbp_getblksz(struct vnode *vp, daddr_t lbn, long *blksz) 2530 { 2531 off_t filesize; 2532 int err; 2533 const int biosize = fuse_iosize(vp); 2534 2535 err = fuse_vnode_size(vp, &filesize, NULL, NULL); 2536 if (err) { 2537 /* This will turn into a SIGBUS */ 2538 return (EIO); 2539 } else if ((off_t)lbn * biosize >= filesize) { 2540 *blksz = 0; 2541 } else if ((off_t)(lbn + 1) * biosize > filesize) { 2542 *blksz = filesize - (off_t)lbn *biosize; 2543 } else { 2544 *blksz = biosize; 2545 } 2546 return (0); 2547 } 2548 2549 /* 2550 struct vnop_getpages_args { 2551 struct vnode *a_vp; 2552 vm_page_t *a_m; 2553 int a_count; 2554 int a_reqpage; 2555 }; 2556 */ 2557 static int 2558 fuse_vnop_getpages(struct vop_getpages_args *ap) 2559 { 2560 struct vnode *vp = ap->a_vp; 2561 2562 if (!fsess_opt_mmap(vnode_mount(vp))) { 2563 SDT_PROBE2(fusefs, , vnops, trace, 1, 2564 "called on non-cacheable vnode??\n"); 2565 return (VM_PAGER_ERROR); 2566 } 2567 2568 return (vfs_bio_getpages(vp, ap->a_m, ap->a_count, ap->a_rbehind, 2569 ap->a_rahead, fuse_gbp_getblkno, fuse_gbp_getblksz)); 2570 } 2571 2572 static const char extattr_namespace_separator = '.'; 2573 2574 /* 2575 struct vop_getextattr_args { 2576 struct vop_generic_args a_gen; 2577 struct vnode *a_vp; 2578 int a_attrnamespace; 2579 const char *a_name; 2580 struct uio *a_uio; 2581 size_t *a_size; 2582 struct ucred *a_cred; 2583 struct thread *a_td; 2584 }; 2585 */ 2586 static int 2587 fuse_vnop_getextattr(struct vop_getextattr_args *ap) 2588 { 2589 struct vnode *vp = ap->a_vp; 2590 struct uio *uio = ap->a_uio; 2591 struct fuse_dispatcher fdi; 2592 struct fuse_getxattr_in *get_xattr_in; 2593 struct fuse_getxattr_out *get_xattr_out; 2594 struct mount *mp = vnode_mount(vp); 2595 struct thread *td = ap->a_td; 2596 struct ucred *cred = ap->a_cred; 2597 char *prefix; 2598 char *attr_str; 2599 size_t len; 2600 int err; 2601 2602 if (fuse_isdeadfs(vp)) 2603 return (ENXIO); 2604 2605 if (fsess_not_impl(mp, FUSE_GETXATTR)) 2606 return EOPNOTSUPP; 2607 2608 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2609 if (err) 2610 return err; 2611 2612 /* Default to looking for user attributes. */ 2613 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2614 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2615 else 2616 prefix = EXTATTR_NAMESPACE_USER_STRING; 2617 2618 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2619 strlen(ap->a_name) + 1; 2620 2621 fdisp_init(&fdi, len + sizeof(*get_xattr_in)); 2622 fdisp_make_vp(&fdi, FUSE_GETXATTR, vp, td, cred); 2623 2624 get_xattr_in = fdi.indata; 2625 /* 2626 * Check to see whether we're querying the available size or 2627 * issuing the actual request. If we pass in 0, we get back struct 2628 * fuse_getxattr_out. If we pass in a non-zero size, we get back 2629 * that much data, without the struct fuse_getxattr_out header. 2630 */ 2631 if (uio == NULL) 2632 get_xattr_in->size = 0; 2633 else 2634 get_xattr_in->size = uio->uio_resid; 2635 2636 attr_str = (char *)fdi.indata + sizeof(*get_xattr_in); 2637 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2638 ap->a_name); 2639 2640 err = fdisp_wait_answ(&fdi); 2641 if (err != 0) { 2642 if (err == ENOSYS) { 2643 fsess_set_notimpl(mp, FUSE_GETXATTR); 2644 err = EOPNOTSUPP; 2645 } 2646 goto out; 2647 } 2648 2649 get_xattr_out = fdi.answ; 2650 2651 if (ap->a_size != NULL) 2652 *ap->a_size = get_xattr_out->size; 2653 2654 if (uio != NULL) 2655 err = uiomove(fdi.answ, fdi.iosize, uio); 2656 2657 out: 2658 fdisp_destroy(&fdi); 2659 return (err); 2660 } 2661 2662 /* 2663 struct vop_setextattr_args { 2664 struct vop_generic_args a_gen; 2665 struct vnode *a_vp; 2666 int a_attrnamespace; 2667 const char *a_name; 2668 struct uio *a_uio; 2669 struct ucred *a_cred; 2670 struct thread *a_td; 2671 }; 2672 */ 2673 static int 2674 fuse_vnop_setextattr(struct vop_setextattr_args *ap) 2675 { 2676 struct vnode *vp = ap->a_vp; 2677 struct uio *uio = ap->a_uio; 2678 struct fuse_dispatcher fdi; 2679 struct fuse_setxattr_in *set_xattr_in; 2680 struct mount *mp = vnode_mount(vp); 2681 struct thread *td = ap->a_td; 2682 struct ucred *cred = ap->a_cred; 2683 char *prefix; 2684 size_t len; 2685 char *attr_str; 2686 int err; 2687 2688 if (fuse_isdeadfs(vp)) 2689 return (ENXIO); 2690 2691 if (fsess_not_impl(mp, FUSE_SETXATTR)) 2692 return EOPNOTSUPP; 2693 2694 if (vfs_isrdonly(mp)) 2695 return EROFS; 2696 2697 /* Deleting xattrs must use VOP_DELETEEXTATTR instead */ 2698 if (ap->a_uio == NULL) { 2699 /* 2700 * If we got here as fallback from VOP_DELETEEXTATTR, then 2701 * return EOPNOTSUPP. 2702 */ 2703 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 2704 return (EOPNOTSUPP); 2705 else 2706 return (EINVAL); 2707 } 2708 2709 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 2710 VWRITE); 2711 if (err) 2712 return err; 2713 2714 /* Default to looking for user attributes. */ 2715 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2716 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2717 else 2718 prefix = EXTATTR_NAMESPACE_USER_STRING; 2719 2720 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2721 strlen(ap->a_name) + 1; 2722 2723 fdisp_init(&fdi, len + sizeof(*set_xattr_in) + uio->uio_resid); 2724 fdisp_make_vp(&fdi, FUSE_SETXATTR, vp, td, cred); 2725 2726 set_xattr_in = fdi.indata; 2727 set_xattr_in->size = uio->uio_resid; 2728 2729 attr_str = (char *)fdi.indata + sizeof(*set_xattr_in); 2730 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2731 ap->a_name); 2732 2733 err = uiomove((char *)fdi.indata + sizeof(*set_xattr_in) + len, 2734 uio->uio_resid, uio); 2735 if (err != 0) { 2736 goto out; 2737 } 2738 2739 err = fdisp_wait_answ(&fdi); 2740 2741 if (err == ENOSYS) { 2742 fsess_set_notimpl(mp, FUSE_SETXATTR); 2743 err = EOPNOTSUPP; 2744 } 2745 if (err == ERESTART) { 2746 /* Can't restart after calling uiomove */ 2747 err = EINTR; 2748 } 2749 2750 out: 2751 fdisp_destroy(&fdi); 2752 return (err); 2753 } 2754 2755 /* 2756 * The Linux / FUSE extended attribute list is simply a collection of 2757 * NUL-terminated strings. The FreeBSD extended attribute list is a single 2758 * byte length followed by a non-NUL terminated string. So, this allows 2759 * conversion of the Linux / FUSE format to the FreeBSD format in place. 2760 * Linux attribute names are reported with the namespace as a prefix (e.g. 2761 * "user.attribute_name"), but in FreeBSD they are reported without the 2762 * namespace prefix (e.g. "attribute_name"). So, we're going from: 2763 * 2764 * user.attr_name1\0user.attr_name2\0 2765 * 2766 * to: 2767 * 2768 * <num>attr_name1<num>attr_name2 2769 * 2770 * Where "<num>" is a single byte number of characters in the attribute name. 2771 * 2772 * Args: 2773 * prefix - exattr namespace prefix string 2774 * list, list_len - input list with namespace prefixes 2775 * bsd_list, bsd_list_len - output list compatible with bsd vfs 2776 */ 2777 static int 2778 fuse_xattrlist_convert(char *prefix, const char *list, int list_len, 2779 char *bsd_list, int *bsd_list_len) 2780 { 2781 int len, pos, dist_to_next, prefix_len; 2782 2783 pos = 0; 2784 *bsd_list_len = 0; 2785 prefix_len = strlen(prefix); 2786 2787 while (pos < list_len && list[pos] != '\0') { 2788 dist_to_next = strlen(&list[pos]) + 1; 2789 if (bcmp(&list[pos], prefix, prefix_len) == 0 && 2790 list[pos + prefix_len] == extattr_namespace_separator) { 2791 len = dist_to_next - 2792 (prefix_len + sizeof(extattr_namespace_separator)) - 1; 2793 if (len >= EXTATTR_MAXNAMELEN) 2794 return (ENAMETOOLONG); 2795 2796 bsd_list[*bsd_list_len] = len; 2797 memcpy(&bsd_list[*bsd_list_len + 1], 2798 &list[pos + prefix_len + 2799 sizeof(extattr_namespace_separator)], len); 2800 2801 *bsd_list_len += len + 1; 2802 } 2803 2804 pos += dist_to_next; 2805 } 2806 2807 return (0); 2808 } 2809 2810 /* 2811 * List extended attributes 2812 * 2813 * The FUSE_LISTXATTR operation is based on Linux's listxattr(2) syscall, which 2814 * has a number of differences compared to its FreeBSD equivalent, 2815 * extattr_list_file: 2816 * 2817 * - FUSE_LISTXATTR returns all extended attributes across all namespaces, 2818 * whereas listxattr(2) only returns attributes for a single namespace 2819 * - FUSE_LISTXATTR prepends each attribute name with "namespace." 2820 * - If the provided buffer is not large enough to hold the result, 2821 * FUSE_LISTXATTR should return ERANGE, whereas listxattr is expected to 2822 * return as many results as will fit. 2823 */ 2824 /* 2825 struct vop_listextattr_args { 2826 struct vop_generic_args a_gen; 2827 struct vnode *a_vp; 2828 int a_attrnamespace; 2829 struct uio *a_uio; 2830 size_t *a_size; 2831 struct ucred *a_cred; 2832 struct thread *a_td; 2833 }; 2834 */ 2835 static int 2836 fuse_vnop_listextattr(struct vop_listextattr_args *ap) 2837 { 2838 struct vnode *vp = ap->a_vp; 2839 struct uio *uio = ap->a_uio; 2840 struct fuse_dispatcher fdi; 2841 struct fuse_listxattr_in *list_xattr_in; 2842 struct fuse_listxattr_out *list_xattr_out; 2843 struct mount *mp = vnode_mount(vp); 2844 struct thread *td = ap->a_td; 2845 struct ucred *cred = ap->a_cred; 2846 char *prefix; 2847 char *bsd_list = NULL; 2848 char *linux_list; 2849 int bsd_list_len; 2850 int linux_list_len; 2851 int err; 2852 2853 if (fuse_isdeadfs(vp)) 2854 return (ENXIO); 2855 2856 if (fsess_not_impl(mp, FUSE_LISTXATTR)) 2857 return EOPNOTSUPP; 2858 2859 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2860 if (err) 2861 return err; 2862 2863 /* 2864 * Add space for a NUL and the period separator if enabled. 2865 * Default to looking for user attributes. 2866 */ 2867 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2868 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2869 else 2870 prefix = EXTATTR_NAMESPACE_USER_STRING; 2871 2872 fdisp_init(&fdi, sizeof(*list_xattr_in)); 2873 fdisp_make_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2874 2875 /* 2876 * Retrieve Linux / FUSE compatible list size. 2877 */ 2878 list_xattr_in = fdi.indata; 2879 list_xattr_in->size = 0; 2880 2881 err = fdisp_wait_answ(&fdi); 2882 if (err != 0) { 2883 if (err == ENOSYS) { 2884 fsess_set_notimpl(mp, FUSE_LISTXATTR); 2885 err = EOPNOTSUPP; 2886 } 2887 goto out; 2888 } 2889 2890 list_xattr_out = fdi.answ; 2891 linux_list_len = list_xattr_out->size; 2892 if (linux_list_len == 0) { 2893 if (ap->a_size != NULL) 2894 *ap->a_size = linux_list_len; 2895 goto out; 2896 } 2897 2898 /* 2899 * Retrieve Linux / FUSE compatible list values. 2900 */ 2901 fdisp_refresh_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2902 list_xattr_in = fdi.indata; 2903 list_xattr_in->size = linux_list_len; 2904 2905 err = fdisp_wait_answ(&fdi); 2906 if (err == ERANGE) { 2907 /* 2908 * Race detected. The attribute list must've grown since the 2909 * first FUSE_LISTXATTR call. Start over. Go all the way back 2910 * to userland so we can process signals, if necessary, before 2911 * restarting. 2912 */ 2913 err = ERESTART; 2914 goto out; 2915 } else if (err != 0) 2916 goto out; 2917 2918 linux_list = fdi.answ; 2919 /* FUSE doesn't allow the server to return more data than requested */ 2920 if (fdi.iosize > linux_list_len) { 2921 struct fuse_data *data = fuse_get_mpdata(mp); 2922 2923 fuse_warn(data, FSESS_WARN_LSEXTATTR_LONG, 2924 "server returned " 2925 "more extended attribute data than requested; " 2926 "should've returned ERANGE instead."); 2927 } else { 2928 /* But returning less data is fine */ 2929 linux_list_len = fdi.iosize; 2930 } 2931 2932 /* 2933 * Retrieve the BSD compatible list values. 2934 * The Linux / FUSE attribute list format isn't the same 2935 * as FreeBSD's format. So we need to transform it into 2936 * FreeBSD's format before giving it to the user. 2937 */ 2938 bsd_list = malloc(linux_list_len, M_TEMP, M_WAITOK); 2939 err = fuse_xattrlist_convert(prefix, linux_list, linux_list_len, 2940 bsd_list, &bsd_list_len); 2941 if (err != 0) 2942 goto out; 2943 2944 if (ap->a_size != NULL) 2945 *ap->a_size = bsd_list_len; 2946 2947 if (uio != NULL) 2948 err = uiomove(bsd_list, bsd_list_len, uio); 2949 2950 out: 2951 free(bsd_list, M_TEMP); 2952 fdisp_destroy(&fdi); 2953 return (err); 2954 } 2955 2956 /* 2957 struct vop_deallocate_args { 2958 struct vop_generic_args a_gen; 2959 struct vnode *a_vp; 2960 off_t *a_offset; 2961 off_t *a_len; 2962 int a_flags; 2963 int a_ioflag; 2964 struct ucred *a_cred; 2965 }; 2966 */ 2967 static int 2968 fuse_vnop_deallocate(struct vop_deallocate_args *ap) 2969 { 2970 struct vnode *vp = ap->a_vp; 2971 struct mount *mp = vnode_mount(vp); 2972 struct fuse_filehandle *fufh; 2973 struct fuse_dispatcher fdi; 2974 struct fuse_fallocate_in *ffi; 2975 struct ucred *cred = ap->a_cred; 2976 pid_t pid = curthread->td_proc->p_pid; 2977 off_t *len = ap->a_len; 2978 off_t *offset = ap->a_offset; 2979 int ioflag = ap->a_ioflag; 2980 off_t filesize; 2981 int err; 2982 bool closefufh = false; 2983 2984 if (fuse_isdeadfs(vp)) 2985 return (ENXIO); 2986 2987 if (vfs_isrdonly(mp)) 2988 return (EROFS); 2989 2990 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 2991 goto fallback; 2992 2993 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2994 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 2995 /* 2996 * nfsd will do I/O without first doing VOP_OPEN. We 2997 * must implicitly open the file here 2998 */ 2999 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 3000 closefufh = true; 3001 } 3002 if (err) 3003 return (err); 3004 3005 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 3006 3007 err = fuse_vnode_size(vp, &filesize, cred, curthread); 3008 if (err) 3009 goto out; 3010 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 3011 3012 fdisp_init(&fdi, sizeof(*ffi)); 3013 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 3014 ffi = fdi.indata; 3015 ffi->fh = fufh->fh_id; 3016 ffi->offset = *offset; 3017 ffi->length = *len; 3018 /* 3019 * FreeBSD's fspacectl is equivalent to Linux's fallocate with 3020 * mode == FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE 3021 */ 3022 ffi->mode = FUSE_FALLOC_FL_PUNCH_HOLE | FUSE_FALLOC_FL_KEEP_SIZE; 3023 err = fdisp_wait_answ(&fdi); 3024 3025 if (err == ENOSYS) { 3026 fdisp_destroy(&fdi); 3027 fsess_set_notimpl(mp, FUSE_FALLOCATE); 3028 goto fallback; 3029 } else if (err == EOPNOTSUPP) { 3030 /* 3031 * The file system server does not support FUSE_FALLOCATE with 3032 * the supplied mode for this particular file. 3033 */ 3034 fdisp_destroy(&fdi); 3035 goto fallback; 3036 } else if (!err) { 3037 /* 3038 * Clip the returned offset to EoF. Do it here rather than 3039 * before FUSE_FALLOCATE just in case the kernel's cached file 3040 * size is out of date. Unfortunately, FUSE does not return 3041 * any information about filesize from that operation. 3042 */ 3043 *offset = MIN(*offset + *len, filesize); 3044 *len = 0; 3045 fuse_vnode_undirty_cached_timestamps(vp, false); 3046 fuse_internal_clear_suid_on_write(vp, cred, curthread); 3047 3048 if (ioflag & IO_SYNC) 3049 err = fuse_internal_fsync(vp, curthread, MNT_WAIT, 3050 false); 3051 } 3052 3053 out: 3054 fdisp_destroy(&fdi); 3055 if (closefufh) 3056 fuse_filehandle_close(vp, fufh, curthread, cred); 3057 3058 return (err); 3059 3060 fallback: 3061 if (closefufh) 3062 fuse_filehandle_close(vp, fufh, curthread, cred); 3063 3064 return (vop_stddeallocate(ap)); 3065 } 3066 3067 /* 3068 struct vop_deleteextattr_args { 3069 struct vop_generic_args a_gen; 3070 struct vnode *a_vp; 3071 int a_attrnamespace; 3072 const char *a_name; 3073 struct ucred *a_cred; 3074 struct thread *a_td; 3075 }; 3076 */ 3077 static int 3078 fuse_vnop_deleteextattr(struct vop_deleteextattr_args *ap) 3079 { 3080 struct vnode *vp = ap->a_vp; 3081 struct fuse_dispatcher fdi; 3082 struct mount *mp = vnode_mount(vp); 3083 struct thread *td = ap->a_td; 3084 struct ucred *cred = ap->a_cred; 3085 char *prefix; 3086 size_t len; 3087 char *attr_str; 3088 int err; 3089 3090 if (fuse_isdeadfs(vp)) 3091 return (ENXIO); 3092 3093 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 3094 return EOPNOTSUPP; 3095 3096 if (vfs_isrdonly(mp)) 3097 return EROFS; 3098 3099 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 3100 VWRITE); 3101 if (err) 3102 return err; 3103 3104 /* Default to looking for user attributes. */ 3105 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 3106 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 3107 else 3108 prefix = EXTATTR_NAMESPACE_USER_STRING; 3109 3110 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 3111 strlen(ap->a_name) + 1; 3112 3113 fdisp_init(&fdi, len); 3114 fdisp_make_vp(&fdi, FUSE_REMOVEXATTR, vp, td, cred); 3115 3116 attr_str = fdi.indata; 3117 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 3118 ap->a_name); 3119 3120 err = fdisp_wait_answ(&fdi); 3121 if (err == ENOSYS) { 3122 fsess_set_notimpl(mp, FUSE_REMOVEXATTR); 3123 err = EOPNOTSUPP; 3124 } 3125 3126 fdisp_destroy(&fdi); 3127 return (err); 3128 } 3129 3130 /* 3131 struct vnop_print_args { 3132 struct vnode *a_vp; 3133 }; 3134 */ 3135 static int 3136 fuse_vnop_print(struct vop_print_args *ap) 3137 { 3138 struct fuse_vnode_data *fvdat = VTOFUD(ap->a_vp); 3139 3140 printf("nodeid: %ju, parent nodeid: %ju, nlookup: %ju, flag: %#x\n", 3141 (uintmax_t)VTOILLU(ap->a_vp), (uintmax_t)fvdat->parent_nid, 3142 (uintmax_t)fvdat->nlookup, 3143 fvdat->flag); 3144 3145 return 0; 3146 } 3147 3148 /* 3149 * Get an NFS filehandle for a FUSE file. 3150 * 3151 * This will only work for FUSE file systems that guarantee the uniqueness of 3152 * nodeid:generation, which most don't. 3153 */ 3154 /* 3155 vop_vptofh { 3156 IN struct vnode *a_vp; 3157 IN struct fid *a_fhp; 3158 }; 3159 */ 3160 static int 3161 fuse_vnop_vptofh(struct vop_vptofh_args *ap) 3162 { 3163 struct vnode *vp = ap->a_vp; 3164 struct fuse_vnode_data *fvdat = VTOFUD(vp); 3165 struct fuse_fid *fhp = (struct fuse_fid *)(ap->a_fhp); 3166 _Static_assert(sizeof(struct fuse_fid) <= sizeof(struct fid), 3167 "FUSE fid type is too big"); 3168 struct mount *mp = vnode_mount(vp); 3169 struct fuse_data *data = fuse_get_mpdata(mp); 3170 struct vattr va; 3171 int err; 3172 3173 if (!(data->dataflags & FSESS_EXPORT_SUPPORT)) { 3174 /* NFS requires lookups for "." and ".." */ 3175 SDT_PROBE2(fusefs, , vnops, trace, 1, 3176 "VOP_VPTOFH without FUSE_EXPORT_SUPPORT"); 3177 return EOPNOTSUPP; 3178 } 3179 if ((mp->mnt_flag & MNT_EXPORTED) && 3180 !(data->dataflags & FSESS_NO_OPENDIR_SUPPORT)) 3181 { 3182 /* 3183 * NFS is stateless, so nfsd must reopen a directory on every 3184 * call to VOP_READDIR, passing in the d_off field from the 3185 * final dirent of the previous invocation. But without 3186 * FUSE_NO_OPENDIR_SUPPORT, the FUSE protocol does not 3187 * guarantee that d_off will be valid after a directory is 3188 * closed and reopened. So prohibit exporting FUSE file 3189 * systems that don't set that flag. 3190 * 3191 * But userspace NFS servers don't have this problem. 3192 */ 3193 SDT_PROBE2(fusefs, , vnops, trace, 1, 3194 "VOP_VPTOFH without FUSE_NO_OPENDIR_SUPPORT"); 3195 return EOPNOTSUPP; 3196 } 3197 3198 err = fuse_internal_getattr(vp, &va, curthread->td_ucred, curthread); 3199 if (err) 3200 return err; 3201 3202 /*ip = VTOI(ap->a_vp);*/ 3203 /*ufhp = (struct ufid *)ap->a_fhp;*/ 3204 fhp->len = sizeof(struct fuse_fid); 3205 fhp->nid = fvdat->nid; 3206 if (fvdat->generation <= UINT32_MAX) 3207 fhp->gen = fvdat->generation; 3208 else 3209 return EOVERFLOW; 3210 return (0); 3211 } 3212