1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2007-2009 Google Inc. and Amit Singh 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are 9 * met: 10 * 11 * * Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * * Redistributions in binary form must reproduce the above 14 * copyright notice, this list of conditions and the following disclaimer 15 * in the documentation and/or other materials provided with the 16 * distribution. 17 * * Neither the name of Google Inc. nor the names of its 18 * contributors may be used to endorse or promote products derived from 19 * this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 * Copyright (C) 2005 Csaba Henk. 34 * All rights reserved. 35 * 36 * Copyright (c) 2019 The FreeBSD Foundation 37 * 38 * Portions of this software were developed by BFF Storage Systems, LLC under 39 * sponsorship from the FreeBSD Foundation. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 50 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 */ 62 63 #include <sys/param.h> 64 #include <sys/module.h> 65 #include <sys/systm.h> 66 #include <sys/errno.h> 67 #include <sys/kernel.h> 68 #include <sys/conf.h> 69 #include <sys/filio.h> 70 #include <sys/uio.h> 71 #include <sys/malloc.h> 72 #include <sys/queue.h> 73 #include <sys/limits.h> 74 #include <sys/lock.h> 75 #include <sys/rwlock.h> 76 #include <sys/sx.h> 77 #include <sys/proc.h> 78 #include <sys/mount.h> 79 #include <sys/vnode.h> 80 #include <sys/namei.h> 81 #include <sys/extattr.h> 82 #include <sys/stat.h> 83 #include <sys/unistd.h> 84 #include <sys/filedesc.h> 85 #include <sys/file.h> 86 #include <sys/fcntl.h> 87 #include <sys/dirent.h> 88 #include <sys/bio.h> 89 #include <sys/buf.h> 90 #include <sys/sysctl.h> 91 #include <sys/vmmeter.h> 92 93 #include <vm/vm.h> 94 #include <vm/vm_extern.h> 95 #include <vm/pmap.h> 96 #include <vm/vm_map.h> 97 #include <vm/vm_page.h> 98 #include <vm/vm_param.h> 99 #include <vm/vm_object.h> 100 #include <vm/vm_pager.h> 101 #include <vm/vnode_pager.h> 102 #include <vm/vm_object.h> 103 104 #include "fuse.h" 105 #include "fuse_file.h" 106 #include "fuse_internal.h" 107 #include "fuse_ipc.h" 108 #include "fuse_node.h" 109 #include "fuse_io.h" 110 111 #include <sys/priv.h> 112 113 /* Maximum number of hardlinks to a single FUSE file */ 114 #define FUSE_LINK_MAX UINT32_MAX 115 116 SDT_PROVIDER_DECLARE(fusefs); 117 /* 118 * Fuse trace probe: 119 * arg0: verbosity. Higher numbers give more verbose messages 120 * arg1: Textual message 121 */ 122 SDT_PROBE_DEFINE2(fusefs, , vnops, trace, "int", "char*"); 123 124 /* vnode ops */ 125 static vop_access_t fuse_vnop_access; 126 static vop_advlock_t fuse_vnop_advlock; 127 static vop_allocate_t fuse_vnop_allocate; 128 static vop_bmap_t fuse_vnop_bmap; 129 static vop_close_t fuse_fifo_close; 130 static vop_close_t fuse_vnop_close; 131 static vop_copy_file_range_t fuse_vnop_copy_file_range; 132 static vop_create_t fuse_vnop_create; 133 static vop_deallocate_t fuse_vnop_deallocate; 134 static vop_deleteextattr_t fuse_vnop_deleteextattr; 135 static vop_fdatasync_t fuse_vnop_fdatasync; 136 static vop_fsync_t fuse_vnop_fsync; 137 static vop_getattr_t fuse_vnop_getattr; 138 static vop_getextattr_t fuse_vnop_getextattr; 139 static vop_inactive_t fuse_vnop_inactive; 140 static vop_ioctl_t fuse_vnop_ioctl; 141 static vop_link_t fuse_vnop_link; 142 static vop_listextattr_t fuse_vnop_listextattr; 143 static vop_lookup_t fuse_vnop_lookup; 144 static vop_mkdir_t fuse_vnop_mkdir; 145 static vop_mknod_t fuse_vnop_mknod; 146 static vop_open_t fuse_vnop_open; 147 static vop_pathconf_t fuse_vnop_pathconf; 148 static vop_read_t fuse_vnop_read; 149 static vop_readdir_t fuse_vnop_readdir; 150 static vop_readlink_t fuse_vnop_readlink; 151 static vop_reclaim_t fuse_vnop_reclaim; 152 static vop_remove_t fuse_vnop_remove; 153 static vop_rename_t fuse_vnop_rename; 154 static vop_rmdir_t fuse_vnop_rmdir; 155 static vop_setattr_t fuse_vnop_setattr; 156 static vop_setextattr_t fuse_vnop_setextattr; 157 static vop_strategy_t fuse_vnop_strategy; 158 static vop_symlink_t fuse_vnop_symlink; 159 static vop_write_t fuse_vnop_write; 160 static vop_getpages_t fuse_vnop_getpages; 161 static vop_print_t fuse_vnop_print; 162 static vop_vptofh_t fuse_vnop_vptofh; 163 164 struct vop_vector fuse_fifoops = { 165 .vop_default = &fifo_specops, 166 .vop_access = fuse_vnop_access, 167 .vop_close = fuse_fifo_close, 168 .vop_fsync = fuse_vnop_fsync, 169 .vop_getattr = fuse_vnop_getattr, 170 .vop_inactive = fuse_vnop_inactive, 171 .vop_pathconf = fuse_vnop_pathconf, 172 .vop_print = fuse_vnop_print, 173 .vop_read = VOP_PANIC, 174 .vop_reclaim = fuse_vnop_reclaim, 175 .vop_setattr = fuse_vnop_setattr, 176 .vop_write = VOP_PANIC, 177 .vop_vptofh = fuse_vnop_vptofh, 178 }; 179 VFS_VOP_VECTOR_REGISTER(fuse_fifoops); 180 181 struct vop_vector fuse_vnops = { 182 .vop_allocate = fuse_vnop_allocate, 183 .vop_default = &default_vnodeops, 184 .vop_access = fuse_vnop_access, 185 .vop_advlock = fuse_vnop_advlock, 186 .vop_bmap = fuse_vnop_bmap, 187 .vop_close = fuse_vnop_close, 188 .vop_copy_file_range = fuse_vnop_copy_file_range, 189 .vop_create = fuse_vnop_create, 190 .vop_deallocate = fuse_vnop_deallocate, 191 .vop_deleteextattr = fuse_vnop_deleteextattr, 192 .vop_fsync = fuse_vnop_fsync, 193 .vop_fdatasync = fuse_vnop_fdatasync, 194 .vop_getattr = fuse_vnop_getattr, 195 .vop_getextattr = fuse_vnop_getextattr, 196 .vop_inactive = fuse_vnop_inactive, 197 .vop_ioctl = fuse_vnop_ioctl, 198 .vop_link = fuse_vnop_link, 199 .vop_listextattr = fuse_vnop_listextattr, 200 .vop_lookup = fuse_vnop_lookup, 201 .vop_mkdir = fuse_vnop_mkdir, 202 .vop_mknod = fuse_vnop_mknod, 203 .vop_open = fuse_vnop_open, 204 .vop_pathconf = fuse_vnop_pathconf, 205 /* 206 * TODO: implement vop_poll after upgrading to protocol 7.21. 207 * FUSE_POLL was added in protocol 7.11, but it's kind of broken until 208 * 7.21, which adds the ability for the client to choose which poll 209 * events it wants, and for a client to deregister a file handle 210 */ 211 .vop_read = fuse_vnop_read, 212 .vop_readdir = fuse_vnop_readdir, 213 .vop_readlink = fuse_vnop_readlink, 214 .vop_reclaim = fuse_vnop_reclaim, 215 .vop_remove = fuse_vnop_remove, 216 .vop_rename = fuse_vnop_rename, 217 .vop_rmdir = fuse_vnop_rmdir, 218 .vop_setattr = fuse_vnop_setattr, 219 .vop_setextattr = fuse_vnop_setextattr, 220 .vop_strategy = fuse_vnop_strategy, 221 .vop_symlink = fuse_vnop_symlink, 222 .vop_write = fuse_vnop_write, 223 .vop_getpages = fuse_vnop_getpages, 224 .vop_print = fuse_vnop_print, 225 .vop_vptofh = fuse_vnop_vptofh, 226 }; 227 VFS_VOP_VECTOR_REGISTER(fuse_vnops); 228 229 /* Check permission for extattr operations, much like extattr_check_cred */ 230 static int 231 fuse_extattr_check_cred(struct vnode *vp, int ns, struct ucred *cred, 232 struct thread *td, accmode_t accmode) 233 { 234 struct mount *mp = vnode_mount(vp); 235 struct fuse_data *data = fuse_get_mpdata(mp); 236 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 237 238 /* 239 * Kernel-invoked always succeeds. 240 */ 241 if (cred == NOCRED) 242 return (0); 243 244 /* 245 * Do not allow privileged processes in jail to directly manipulate 246 * system attributes. 247 */ 248 switch (ns) { 249 case EXTATTR_NAMESPACE_SYSTEM: 250 if (default_permissions) { 251 return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM)); 252 } 253 return (0); 254 case EXTATTR_NAMESPACE_USER: 255 if (default_permissions) { 256 return (fuse_internal_access(vp, accmode, td, cred)); 257 } 258 return (0); 259 default: 260 return (EPERM); 261 } 262 } 263 264 /* Get a filehandle for a directory */ 265 static int 266 fuse_filehandle_get_dir(struct vnode *vp, struct fuse_filehandle **fufhp, 267 struct ucred *cred, pid_t pid) 268 { 269 if (fuse_filehandle_get(vp, FREAD, fufhp, cred, pid) == 0) 270 return 0; 271 return fuse_filehandle_get(vp, FEXEC, fufhp, cred, pid); 272 } 273 274 /* Send FUSE_FLUSH for this vnode */ 275 static int 276 fuse_flush(struct vnode *vp, struct ucred *cred, pid_t pid, int fflag) 277 { 278 struct fuse_flush_in *ffi; 279 struct fuse_filehandle *fufh; 280 struct fuse_dispatcher fdi; 281 struct thread *td = curthread; 282 struct mount *mp = vnode_mount(vp); 283 int err; 284 285 if (fsess_not_impl(vnode_mount(vp), FUSE_FLUSH)) 286 return 0; 287 288 err = fuse_filehandle_getrw(vp, fflag, &fufh, cred, pid); 289 if (err) 290 return err; 291 292 fdisp_init(&fdi, sizeof(*ffi)); 293 fdisp_make_vp(&fdi, FUSE_FLUSH, vp, td, cred); 294 ffi = fdi.indata; 295 ffi->fh = fufh->fh_id; 296 /* 297 * If the file has a POSIX lock then we're supposed to set lock_owner. 298 * If not, then lock_owner is undefined. So we may as well always set 299 * it. 300 */ 301 ffi->lock_owner = td->td_proc->p_pid; 302 303 err = fdisp_wait_answ(&fdi); 304 if (err == ENOSYS) { 305 fsess_set_notimpl(mp, FUSE_FLUSH); 306 err = 0; 307 } 308 fdisp_destroy(&fdi); 309 return err; 310 } 311 312 /* Close wrapper for fifos. */ 313 static int 314 fuse_fifo_close(struct vop_close_args *ap) 315 { 316 return (fifo_specops.vop_close(ap)); 317 } 318 319 /* Invalidate a range of cached data, whether dirty of not */ 320 static int 321 fuse_inval_buf_range(struct vnode *vp, off_t filesize, off_t start, off_t end) 322 { 323 struct buf *bp; 324 daddr_t left_lbn, end_lbn, right_lbn; 325 off_t new_filesize; 326 int iosize, left_on, right_on, right_blksize; 327 328 iosize = fuse_iosize(vp); 329 left_lbn = start / iosize; 330 end_lbn = howmany(end, iosize); 331 left_on = start & (iosize - 1); 332 if (left_on != 0) { 333 bp = getblk(vp, left_lbn, iosize, PCATCH, 0, 0); 334 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyend >= left_on) { 335 /* 336 * Flush the dirty buffer, because we don't have a 337 * byte-granular way to record which parts of the 338 * buffer are valid. 339 */ 340 bwrite(bp); 341 if (bp->b_error) 342 return (bp->b_error); 343 } else { 344 brelse(bp); 345 } 346 } 347 right_on = end & (iosize - 1); 348 if (right_on != 0) { 349 right_lbn = end / iosize; 350 new_filesize = MAX(filesize, end); 351 right_blksize = MIN(iosize, new_filesize - iosize * right_lbn); 352 bp = getblk(vp, right_lbn, right_blksize, PCATCH, 0, 0); 353 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyoff < right_on) { 354 /* 355 * Flush the dirty buffer, because we don't have a 356 * byte-granular way to record which parts of the 357 * buffer are valid. 358 */ 359 bwrite(bp); 360 if (bp->b_error) 361 return (bp->b_error); 362 } else { 363 brelse(bp); 364 } 365 } 366 367 v_inval_buf_range(vp, left_lbn, end_lbn, iosize); 368 return (0); 369 } 370 371 372 /* Send FUSE_LSEEK for this node */ 373 static int 374 fuse_vnop_do_lseek(struct vnode *vp, struct thread *td, struct ucred *cred, 375 pid_t pid, off_t *offp, int whence) 376 { 377 struct fuse_dispatcher fdi; 378 struct fuse_filehandle *fufh; 379 struct fuse_lseek_in *flsi; 380 struct fuse_lseek_out *flso; 381 struct mount *mp = vnode_mount(vp); 382 int err; 383 384 ASSERT_VOP_LOCKED(vp, __func__); 385 386 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 387 if (err) 388 return (err); 389 fdisp_init(&fdi, sizeof(*flsi)); 390 fdisp_make_vp(&fdi, FUSE_LSEEK, vp, td, cred); 391 flsi = fdi.indata; 392 flsi->fh = fufh->fh_id; 393 flsi->offset = *offp; 394 flsi->whence = whence; 395 err = fdisp_wait_answ(&fdi); 396 if (err == ENOSYS) { 397 fsess_set_notimpl(mp, FUSE_LSEEK); 398 } else if (err == ENXIO) { 399 /* Note: ENXIO means "no more hole/data regions until EOF" */ 400 fsess_set_impl(mp, FUSE_LSEEK); 401 } else if (err == 0) { 402 fsess_set_impl(mp, FUSE_LSEEK); 403 flso = fdi.answ; 404 *offp = flso->offset; 405 } 406 fdisp_destroy(&fdi); 407 408 return (err); 409 } 410 411 /* 412 struct vnop_access_args { 413 struct vnode *a_vp; 414 #if VOP_ACCESS_TAKES_ACCMODE_T 415 accmode_t a_accmode; 416 #else 417 int a_mode; 418 #endif 419 struct ucred *a_cred; 420 struct thread *a_td; 421 }; 422 */ 423 static int 424 fuse_vnop_access(struct vop_access_args *ap) 425 { 426 struct vnode *vp = ap->a_vp; 427 int accmode = ap->a_accmode; 428 struct ucred *cred = ap->a_cred; 429 430 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 431 432 int err; 433 434 if (fuse_isdeadfs(vp)) { 435 if (vnode_isvroot(vp)) { 436 return 0; 437 } 438 return ENXIO; 439 } 440 if (!(data->dataflags & FSESS_INITED)) { 441 if (vnode_isvroot(vp)) { 442 if (priv_check_cred(cred, PRIV_VFS_ADMIN) || 443 (fuse_match_cred(data->daemoncred, cred) == 0)) { 444 return 0; 445 } 446 } 447 return EBADF; 448 } 449 if (vnode_islnk(vp)) { 450 return 0; 451 } 452 453 err = fuse_internal_access(vp, accmode, ap->a_td, ap->a_cred); 454 return err; 455 } 456 457 /* 458 * struct vop_advlock_args { 459 * struct vop_generic_args a_gen; 460 * struct vnode *a_vp; 461 * void *a_id; 462 * int a_op; 463 * struct flock *a_fl; 464 * int a_flags; 465 * } 466 */ 467 static int 468 fuse_vnop_advlock(struct vop_advlock_args *ap) 469 { 470 struct vnode *vp = ap->a_vp; 471 struct flock *fl = ap->a_fl; 472 struct thread *td = curthread; 473 struct ucred *cred = td->td_ucred; 474 pid_t pid = td->td_proc->p_pid; 475 struct fuse_filehandle *fufh; 476 struct fuse_dispatcher fdi; 477 struct fuse_lk_in *fli; 478 struct fuse_lk_out *flo; 479 struct vattr vattr; 480 enum fuse_opcode op; 481 off_t size, start; 482 int dataflags, err; 483 int flags = ap->a_flags; 484 485 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 486 487 if (fuse_isdeadfs(vp)) { 488 return ENXIO; 489 } 490 491 switch(ap->a_op) { 492 case F_GETLK: 493 op = FUSE_GETLK; 494 break; 495 case F_SETLK: 496 if (flags & F_WAIT) 497 op = FUSE_SETLKW; 498 else 499 op = FUSE_SETLK; 500 break; 501 case F_UNLCK: 502 op = FUSE_SETLK; 503 break; 504 default: 505 return EINVAL; 506 } 507 508 if (!(dataflags & FSESS_POSIX_LOCKS)) 509 return vop_stdadvlock(ap); 510 /* FUSE doesn't properly support flock until protocol 7.17 */ 511 if (flags & F_FLOCK) 512 return vop_stdadvlock(ap); 513 514 vn_lock(vp, LK_SHARED | LK_RETRY); 515 516 switch (fl->l_whence) { 517 case SEEK_SET: 518 case SEEK_CUR: 519 /* 520 * Caller is responsible for adding any necessary offset 521 * when SEEK_CUR is used. 522 */ 523 start = fl->l_start; 524 break; 525 526 case SEEK_END: 527 err = fuse_internal_getattr(vp, &vattr, cred, td); 528 if (err) 529 goto out; 530 size = vattr.va_size; 531 if (size > OFF_MAX || 532 (fl->l_start > 0 && size > OFF_MAX - fl->l_start)) { 533 err = EOVERFLOW; 534 goto out; 535 } 536 start = size + fl->l_start; 537 break; 538 539 default: 540 return (EINVAL); 541 } 542 543 err = fuse_filehandle_get_anyflags(vp, &fufh, cred, pid); 544 if (err) 545 goto out; 546 547 fdisp_init(&fdi, sizeof(*fli)); 548 549 fdisp_make_vp(&fdi, op, vp, td, cred); 550 fli = fdi.indata; 551 fli->fh = fufh->fh_id; 552 fli->owner = td->td_proc->p_pid; 553 fli->lk.start = start; 554 if (fl->l_len != 0) 555 fli->lk.end = start + fl->l_len - 1; 556 else 557 fli->lk.end = INT64_MAX; 558 fli->lk.type = fl->l_type; 559 fli->lk.pid = td->td_proc->p_pid; 560 561 err = fdisp_wait_answ(&fdi); 562 fdisp_destroy(&fdi); 563 564 if (err == 0 && op == FUSE_GETLK) { 565 flo = fdi.answ; 566 fl->l_type = flo->lk.type; 567 fl->l_whence = SEEK_SET; 568 if (flo->lk.type != F_UNLCK) { 569 fl->l_pid = flo->lk.pid; 570 fl->l_start = flo->lk.start; 571 if (flo->lk.end == INT64_MAX) 572 fl->l_len = 0; 573 else 574 fl->l_len = flo->lk.end - flo->lk.start + 1; 575 fl->l_start = flo->lk.start; 576 } 577 } 578 579 out: 580 VOP_UNLOCK(vp); 581 return err; 582 } 583 584 static int 585 fuse_vnop_allocate(struct vop_allocate_args *ap) 586 { 587 struct vnode *vp = ap->a_vp; 588 off_t *len = ap->a_len; 589 off_t *offset = ap->a_offset; 590 struct ucred *cred = ap->a_cred; 591 struct fuse_filehandle *fufh; 592 struct mount *mp = vnode_mount(vp); 593 struct fuse_dispatcher fdi; 594 struct fuse_fallocate_in *ffi; 595 struct uio io; 596 pid_t pid = curthread->td_proc->p_pid; 597 struct fuse_vnode_data *fvdat = VTOFUD(vp); 598 off_t filesize; 599 int err; 600 601 if (fuse_isdeadfs(vp)) 602 return (ENXIO); 603 604 switch (vp->v_type) { 605 case VFIFO: 606 return (ESPIPE); 607 case VLNK: 608 case VREG: 609 if (vfs_isrdonly(mp)) 610 return (EROFS); 611 break; 612 default: 613 return (ENODEV); 614 } 615 616 if (vfs_isrdonly(mp)) 617 return (EROFS); 618 619 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 620 return (EINVAL); 621 622 io.uio_offset = *offset; 623 io.uio_resid = *len; 624 err = vn_rlimit_fsize(vp, &io, curthread); 625 if (err) 626 return (err); 627 628 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 629 if (err) 630 return (err); 631 632 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 633 634 err = fuse_vnode_size(vp, &filesize, cred, curthread); 635 if (err) 636 return (err); 637 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 638 639 fdisp_init(&fdi, sizeof(*ffi)); 640 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 641 ffi = fdi.indata; 642 ffi->fh = fufh->fh_id; 643 ffi->offset = *offset; 644 ffi->length = *len; 645 ffi->mode = 0; 646 err = fdisp_wait_answ(&fdi); 647 648 if (err == ENOSYS) { 649 fsess_set_notimpl(mp, FUSE_FALLOCATE); 650 err = EINVAL; 651 } else if (err == EOPNOTSUPP) { 652 /* 653 * The file system server does not support FUSE_FALLOCATE with 654 * the supplied mode for this particular file. 655 */ 656 err = EINVAL; 657 } else if (!err) { 658 *offset += *len; 659 *len = 0; 660 fuse_vnode_undirty_cached_timestamps(vp, false); 661 fuse_internal_clear_suid_on_write(vp, cred, curthread); 662 if (*offset > fvdat->cached_attrs.va_size) { 663 fuse_vnode_setsize(vp, *offset, false); 664 getnanouptime(&fvdat->last_local_modify); 665 } 666 } 667 668 fdisp_destroy(&fdi); 669 return (err); 670 } 671 672 /* { 673 struct vnode *a_vp; 674 daddr_t a_bn; 675 struct bufobj **a_bop; 676 daddr_t *a_bnp; 677 int *a_runp; 678 int *a_runb; 679 } */ 680 static int 681 fuse_vnop_bmap(struct vop_bmap_args *ap) 682 { 683 struct vnode *vp = ap->a_vp; 684 struct bufobj **bo = ap->a_bop; 685 struct thread *td = curthread; 686 struct mount *mp; 687 struct fuse_dispatcher fdi; 688 struct fuse_bmap_in *fbi; 689 struct fuse_bmap_out *fbo; 690 struct fuse_data *data; 691 struct fuse_vnode_data *fvdat = VTOFUD(vp); 692 uint64_t biosize; 693 off_t fsize; 694 daddr_t lbn = ap->a_bn; 695 daddr_t *pbn = ap->a_bnp; 696 int *runp = ap->a_runp; 697 int *runb = ap->a_runb; 698 int error = 0; 699 int maxrun; 700 701 if (fuse_isdeadfs(vp)) { 702 return ENXIO; 703 } 704 705 mp = vnode_mount(vp); 706 data = fuse_get_mpdata(mp); 707 biosize = fuse_iosize(vp); 708 maxrun = MIN(vp->v_mount->mnt_iosize_max / biosize - 1, 709 data->max_readahead_blocks); 710 711 if (bo != NULL) 712 *bo = &vp->v_bufobj; 713 714 /* 715 * The FUSE_BMAP operation does not include the runp and runb 716 * variables, so we must guess. Report nonzero contiguous runs so 717 * cluster_read will combine adjacent reads. It's worthwhile to reduce 718 * upcalls even if we don't know the true physical layout of the file. 719 * 720 * FUSE file systems may opt out of read clustering in two ways: 721 * * mounting with -onoclusterr 722 * * Setting max_readahead <= maxbcachebuf during FUSE_INIT 723 */ 724 if (runb != NULL) 725 *runb = MIN(lbn, maxrun); 726 if (runp != NULL && maxrun == 0) 727 *runp = 0; 728 else if (runp != NULL) { 729 /* 730 * If the file's size is cached, use that value to calculate 731 * runp, even if the cache is expired. runp is only advisory, 732 * and the risk of getting it wrong is not worth the cost of 733 * another upcall. 734 */ 735 if (fvdat->cached_attrs.va_size != VNOVAL) 736 fsize = fvdat->cached_attrs.va_size; 737 else 738 error = fuse_vnode_size(vp, &fsize, td->td_ucred, td); 739 if (error == 0) 740 *runp = MIN(MAX(0, fsize / (off_t)biosize - lbn - 1), 741 maxrun); 742 else 743 *runp = 0; 744 } 745 746 if (fsess_maybe_impl(mp, FUSE_BMAP)) { 747 fdisp_init(&fdi, sizeof(*fbi)); 748 fdisp_make_vp(&fdi, FUSE_BMAP, vp, td, td->td_ucred); 749 fbi = fdi.indata; 750 fbi->block = lbn; 751 fbi->blocksize = biosize; 752 error = fdisp_wait_answ(&fdi); 753 if (error == ENOSYS) { 754 fdisp_destroy(&fdi); 755 fsess_set_notimpl(mp, FUSE_BMAP); 756 error = 0; 757 } else { 758 fbo = fdi.answ; 759 if (error == 0 && pbn != NULL) 760 *pbn = fbo->block; 761 fdisp_destroy(&fdi); 762 return error; 763 } 764 } 765 766 /* If the daemon doesn't support BMAP, make up a sensible default */ 767 if (pbn != NULL) 768 *pbn = lbn * btodb(biosize); 769 return (error); 770 } 771 772 /* 773 struct vop_close_args { 774 struct vnode *a_vp; 775 int a_fflag; 776 struct ucred *a_cred; 777 struct thread *a_td; 778 }; 779 */ 780 static int 781 fuse_vnop_close(struct vop_close_args *ap) 782 { 783 struct vnode *vp = ap->a_vp; 784 struct mount *mp = vnode_mount(vp); 785 struct ucred *cred = ap->a_cred; 786 int fflag = ap->a_fflag; 787 struct thread *td = ap->a_td; 788 pid_t pid = td->td_proc->p_pid; 789 struct fuse_vnode_data *fvdat = VTOFUD(vp); 790 int err = 0; 791 792 if (fuse_isdeadfs(vp)) 793 return 0; 794 if (vnode_isdir(vp)) 795 return 0; 796 if (fflag & IO_NDELAY) 797 return 0; 798 799 err = fuse_flush(vp, cred, pid, fflag); 800 if (err == 0 && (fvdat->flag & FN_ATIMECHANGE) && !vfs_isrdonly(mp)) { 801 struct vattr vap; 802 struct fuse_data *data; 803 int dataflags; 804 int access_e = 0; 805 806 data = fuse_get_mpdata(mp); 807 dataflags = data->dataflags; 808 if (dataflags & FSESS_DEFAULT_PERMISSIONS) { 809 struct vattr va; 810 811 fuse_internal_getattr(vp, &va, cred, td); 812 access_e = vaccess(vp->v_type, va.va_mode, va.va_uid, 813 va.va_gid, VWRITE, cred); 814 } 815 if (access_e == 0) { 816 VATTR_NULL(&vap); 817 vap.va_atime = fvdat->cached_attrs.va_atime; 818 /* 819 * Ignore errors setting when setting atime. That 820 * should not cause close(2) to fail. 821 */ 822 fuse_internal_setattr(vp, &vap, td, NULL); 823 } 824 } 825 /* TODO: close the file handle, if we're sure it's no longer used */ 826 if ((fvdat->flag & FN_SIZECHANGE) != 0) { 827 fuse_vnode_savesize(vp, cred, td->td_proc->p_pid); 828 } 829 return err; 830 } 831 832 /* 833 struct vop_copy_file_range_args { 834 struct vop_generic_args a_gen; 835 struct vnode *a_invp; 836 off_t *a_inoffp; 837 struct vnode *a_outvp; 838 off_t *a_outoffp; 839 size_t *a_lenp; 840 unsigned int a_flags; 841 struct ucred *a_incred; 842 struct ucred *a_outcred; 843 struct thread *a_fsizetd; 844 } 845 */ 846 static int 847 fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) 848 { 849 struct vnode *invp = ap->a_invp; 850 struct vnode *outvp = ap->a_outvp; 851 struct mount *mp = vnode_mount(invp); 852 struct fuse_vnode_data *outfvdat = VTOFUD(outvp); 853 struct fuse_dispatcher fdi; 854 struct fuse_filehandle *infufh, *outfufh; 855 struct fuse_copy_file_range_in *fcfri; 856 struct ucred *incred = ap->a_incred; 857 struct ucred *outcred = ap->a_outcred; 858 struct fuse_write_out *fwo; 859 struct thread *td; 860 struct uio io; 861 off_t outfilesize; 862 ssize_t r = 0; 863 pid_t pid; 864 int err; 865 866 err = ENOSYS; 867 if (mp == NULL || mp != vnode_mount(outvp)) 868 goto fallback; 869 870 if (incred->cr_uid != outcred->cr_uid) 871 goto fallback; 872 873 if (incred->cr_groups[0] != outcred->cr_groups[0]) 874 goto fallback; 875 876 /* Caller busied mp, mnt_data can be safely accessed. */ 877 if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE)) 878 goto fallback; 879 880 if (ap->a_fsizetd == NULL) 881 td = curthread; 882 else 883 td = ap->a_fsizetd; 884 pid = td->td_proc->p_pid; 885 886 vn_lock_pair(invp, false, LK_SHARED, outvp, false, LK_EXCLUSIVE); 887 if (invp->v_data == NULL || outvp->v_data == NULL) { 888 err = EBADF; 889 goto unlock; 890 } 891 892 err = fuse_filehandle_getrw(invp, FREAD, &infufh, incred, pid); 893 if (err) 894 goto unlock; 895 896 err = fuse_filehandle_getrw(outvp, FWRITE, &outfufh, outcred, pid); 897 if (err) 898 goto unlock; 899 900 io.uio_resid = *ap->a_lenp; 901 if (ap->a_fsizetd) { 902 io.uio_offset = *ap->a_outoffp; 903 err = vn_rlimit_fsizex(outvp, &io, 0, &r, ap->a_fsizetd); 904 if (err != 0) 905 goto unlock; 906 } 907 908 err = fuse_vnode_size(outvp, &outfilesize, outcred, curthread); 909 if (err) 910 goto unlock; 911 912 vnode_pager_clean_sync(invp); 913 err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp, 914 *ap->a_outoffp + io.uio_resid); 915 if (err) 916 goto unlock; 917 918 fdisp_init(&fdi, sizeof(*fcfri)); 919 fdisp_make_vp(&fdi, FUSE_COPY_FILE_RANGE, invp, td, incred); 920 fcfri = fdi.indata; 921 fcfri->fh_in = infufh->fh_id; 922 fcfri->off_in = *ap->a_inoffp; 923 fcfri->nodeid_out = VTOI(outvp); 924 fcfri->fh_out = outfufh->fh_id; 925 fcfri->off_out = *ap->a_outoffp; 926 fcfri->len = io.uio_resid; 927 fcfri->flags = 0; 928 929 err = fdisp_wait_answ(&fdi); 930 if (err == 0) { 931 fwo = fdi.answ; 932 *ap->a_lenp = fwo->size; 933 *ap->a_inoffp += fwo->size; 934 *ap->a_outoffp += fwo->size; 935 fuse_internal_clear_suid_on_write(outvp, outcred, td); 936 if (*ap->a_outoffp > outfvdat->cached_attrs.va_size) { 937 fuse_vnode_setsize(outvp, *ap->a_outoffp, false); 938 getnanouptime(&outfvdat->last_local_modify); 939 } 940 fuse_vnode_update(invp, FN_ATIMECHANGE); 941 fuse_vnode_update(outvp, FN_MTIMECHANGE | FN_CTIMECHANGE); 942 } 943 fdisp_destroy(&fdi); 944 945 unlock: 946 if (invp != outvp) 947 VOP_UNLOCK(invp); 948 VOP_UNLOCK(outvp); 949 950 if (err == ENOSYS) 951 fsess_set_notimpl(mp, FUSE_COPY_FILE_RANGE); 952 fallback: 953 954 /* 955 * No need to call vn_rlimit_fsizex_res before return, since the uio is 956 * local. 957 */ 958 return (err); 959 } 960 961 static void 962 fdisp_make_mknod_for_fallback( 963 struct fuse_dispatcher *fdip, 964 struct componentname *cnp, 965 struct vnode *dvp, 966 uint64_t parentnid, 967 struct thread *td, 968 struct ucred *cred, 969 mode_t mode, 970 enum fuse_opcode *op) 971 { 972 struct fuse_mknod_in *fmni; 973 974 fdisp_init(fdip, sizeof(*fmni) + cnp->cn_namelen + 1); 975 *op = FUSE_MKNOD; 976 fdisp_make(fdip, *op, vnode_mount(dvp), parentnid, td, cred); 977 fmni = fdip->indata; 978 fmni->mode = mode; 979 fmni->rdev = 0; 980 memcpy((char *)fdip->indata + sizeof(*fmni), cnp->cn_nameptr, 981 cnp->cn_namelen); 982 ((char *)fdip->indata)[sizeof(*fmni) + cnp->cn_namelen] = '\0'; 983 } 984 /* 985 struct vnop_create_args { 986 struct vnode *a_dvp; 987 struct vnode **a_vpp; 988 struct componentname *a_cnp; 989 struct vattr *a_vap; 990 }; 991 */ 992 static int 993 fuse_vnop_create(struct vop_create_args *ap) 994 { 995 struct vnode *dvp = ap->a_dvp; 996 struct vnode **vpp = ap->a_vpp; 997 struct componentname *cnp = ap->a_cnp; 998 struct vattr *vap = ap->a_vap; 999 struct thread *td = curthread; 1000 struct ucred *cred = cnp->cn_cred; 1001 1002 struct fuse_data *data; 1003 struct fuse_create_in *fci; 1004 struct fuse_entry_out *feo; 1005 struct fuse_open_out *foo; 1006 struct fuse_dispatcher fdi, fdi2; 1007 struct fuse_dispatcher *fdip = &fdi; 1008 struct fuse_dispatcher *fdip2 = NULL; 1009 1010 int err; 1011 1012 struct mount *mp = vnode_mount(dvp); 1013 data = fuse_get_mpdata(mp); 1014 uint64_t parentnid = VTOFUD(dvp)->nid; 1015 mode_t mode = MAKEIMODE(vap->va_type, vap->va_mode); 1016 enum fuse_opcode op; 1017 int flags; 1018 1019 if (fuse_isdeadfs(dvp)) 1020 return ENXIO; 1021 1022 /* FUSE expects sockets to be created with FUSE_MKNOD */ 1023 if (vap->va_type == VSOCK) 1024 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1025 1026 /* 1027 * VOP_CREATE doesn't tell us the open(2) flags, so we guess. Only a 1028 * writable mode makes sense, and we might as well include readability 1029 * too. 1030 */ 1031 flags = O_RDWR; 1032 1033 bzero(&fdi, sizeof(fdi)); 1034 1035 if (vap->va_type != VREG) 1036 return (EINVAL); 1037 1038 if (fsess_not_impl(mp, FUSE_CREATE) || vap->va_type == VSOCK) { 1039 /* Fallback to FUSE_MKNOD/FUSE_OPEN */ 1040 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, parentnid, td, 1041 cred, mode, &op); 1042 } else { 1043 /* Use FUSE_CREATE */ 1044 size_t insize; 1045 1046 op = FUSE_CREATE; 1047 fdisp_init(fdip, sizeof(*fci) + cnp->cn_namelen + 1); 1048 fdisp_make(fdip, op, vnode_mount(dvp), parentnid, td, cred); 1049 fci = fdip->indata; 1050 fci->mode = mode; 1051 fci->flags = O_CREAT | flags; 1052 if (fuse_libabi_geq(data, 7, 12)) { 1053 insize = sizeof(*fci); 1054 fci->umask = td->td_proc->p_pd->pd_cmask; 1055 } else { 1056 insize = sizeof(struct fuse_open_in); 1057 } 1058 1059 memcpy((char *)fdip->indata + insize, cnp->cn_nameptr, 1060 cnp->cn_namelen); 1061 ((char *)fdip->indata)[insize + cnp->cn_namelen] = '\0'; 1062 } 1063 1064 err = fdisp_wait_answ(fdip); 1065 1066 if (err) { 1067 if (err == ENOSYS && op == FUSE_CREATE) { 1068 fsess_set_notimpl(mp, FUSE_CREATE); 1069 fdisp_destroy(fdip); 1070 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, 1071 parentnid, td, cred, mode, &op); 1072 err = fdisp_wait_answ(fdip); 1073 } 1074 if (err) 1075 goto out; 1076 } 1077 1078 feo = fdip->answ; 1079 1080 if ((err = fuse_internal_checkentry(feo, vap->va_type))) { 1081 goto out; 1082 } 1083 1084 if (op == FUSE_CREATE) { 1085 if (fuse_libabi_geq(data, 7, 9)) 1086 foo = (struct fuse_open_out*)(feo + 1); 1087 else 1088 foo = (struct fuse_open_out*)((char*)feo + 1089 FUSE_COMPAT_ENTRY_OUT_SIZE); 1090 } else { 1091 /* Issue a separate FUSE_OPEN */ 1092 struct fuse_open_in *foi; 1093 1094 fdip2 = &fdi2; 1095 fdisp_init(fdip2, sizeof(*foi)); 1096 fdisp_make(fdip2, FUSE_OPEN, vnode_mount(dvp), feo->nodeid, td, 1097 cred); 1098 foi = fdip2->indata; 1099 foi->flags = flags; 1100 err = fdisp_wait_answ(fdip2); 1101 if (err) 1102 goto out; 1103 foo = fdip2->answ; 1104 } 1105 err = fuse_vnode_get(mp, feo, feo->nodeid, dvp, vpp, cnp, vap->va_type); 1106 if (err) { 1107 struct fuse_release_in *fri; 1108 uint64_t nodeid = feo->nodeid; 1109 uint64_t fh_id = foo->fh; 1110 1111 fdisp_destroy(fdip); 1112 fdisp_init(fdip, sizeof(*fri)); 1113 fdisp_make(fdip, FUSE_RELEASE, mp, nodeid, td, cred); 1114 fri = fdip->indata; 1115 fri->fh = fh_id; 1116 fri->flags = flags; 1117 fuse_insert_callback(fdip->tick, fuse_internal_forget_callback); 1118 fuse_insert_message(fdip->tick, false); 1119 goto out; 1120 } 1121 ASSERT_VOP_ELOCKED(*vpp, "fuse_vnop_create"); 1122 fuse_internal_cache_attrs(*vpp, &feo->attr, feo->attr_valid, 1123 feo->attr_valid_nsec, NULL, true); 1124 1125 fuse_filehandle_init(*vpp, FUFH_RDWR, NULL, td, cred, foo); 1126 fuse_vnode_open(*vpp, foo->open_flags, td); 1127 /* 1128 * Purge the parent's attribute cache because the daemon should've 1129 * updated its mtime and ctime 1130 */ 1131 fuse_vnode_clear_attr_cache(dvp); 1132 cache_purge_negative(dvp); 1133 1134 out: 1135 if (fdip2) 1136 fdisp_destroy(fdip2); 1137 fdisp_destroy(fdip); 1138 return err; 1139 } 1140 1141 /* 1142 struct vnop_fdatasync_args { 1143 struct vop_generic_args a_gen; 1144 struct vnode * a_vp; 1145 struct thread * a_td; 1146 }; 1147 */ 1148 static int 1149 fuse_vnop_fdatasync(struct vop_fdatasync_args *ap) 1150 { 1151 struct vnode *vp = ap->a_vp; 1152 struct thread *td = ap->a_td; 1153 int waitfor = MNT_WAIT; 1154 1155 int err = 0; 1156 1157 if (fuse_isdeadfs(vp)) { 1158 return 0; 1159 } 1160 if ((err = vop_stdfdatasync_buf(ap))) 1161 return err; 1162 1163 return fuse_internal_fsync(vp, td, waitfor, true); 1164 } 1165 1166 /* 1167 struct vnop_fsync_args { 1168 struct vop_generic_args a_gen; 1169 struct vnode * a_vp; 1170 int a_waitfor; 1171 struct thread * a_td; 1172 }; 1173 */ 1174 static int 1175 fuse_vnop_fsync(struct vop_fsync_args *ap) 1176 { 1177 struct vnode *vp = ap->a_vp; 1178 struct thread *td = ap->a_td; 1179 int waitfor = ap->a_waitfor; 1180 int err = 0; 1181 1182 if (fuse_isdeadfs(vp)) { 1183 return 0; 1184 } 1185 if ((err = vop_stdfsync(ap))) 1186 return err; 1187 1188 return fuse_internal_fsync(vp, td, waitfor, false); 1189 } 1190 1191 /* 1192 struct vnop_getattr_args { 1193 struct vnode *a_vp; 1194 struct vattr *a_vap; 1195 struct ucred *a_cred; 1196 struct thread *a_td; 1197 }; 1198 */ 1199 static int 1200 fuse_vnop_getattr(struct vop_getattr_args *ap) 1201 { 1202 struct vnode *vp = ap->a_vp; 1203 struct vattr *vap = ap->a_vap; 1204 struct ucred *cred = ap->a_cred; 1205 struct thread *td = curthread; 1206 1207 int err = 0; 1208 int dataflags; 1209 1210 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 1211 1212 /* Note that we are not bailing out on a dead file system just yet. */ 1213 1214 if (!(dataflags & FSESS_INITED)) { 1215 if (!vnode_isvroot(vp)) { 1216 fdata_set_dead(fuse_get_mpdata(vnode_mount(vp))); 1217 err = ENOTCONN; 1218 return err; 1219 } else { 1220 goto fake; 1221 } 1222 } 1223 err = fuse_internal_getattr(vp, vap, cred, td); 1224 if (err == ENOTCONN && vnode_isvroot(vp)) { 1225 /* see comment in fuse_vfsop_statfs() */ 1226 goto fake; 1227 } else { 1228 return err; 1229 } 1230 1231 fake: 1232 bzero(vap, sizeof(*vap)); 1233 vap->va_type = vnode_vtype(vp); 1234 1235 return 0; 1236 } 1237 1238 /* 1239 struct vnop_inactive_args { 1240 struct vnode *a_vp; 1241 }; 1242 */ 1243 static int 1244 fuse_vnop_inactive(struct vop_inactive_args *ap) 1245 { 1246 struct vnode *vp = ap->a_vp; 1247 struct thread *td = curthread; 1248 1249 struct fuse_vnode_data *fvdat = VTOFUD(vp); 1250 struct fuse_filehandle *fufh, *fufh_tmp; 1251 1252 int need_flush = 1; 1253 1254 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 1255 if (need_flush && vp->v_type == VREG) { 1256 if ((VTOFUD(vp)->flag & FN_SIZECHANGE) != 0) { 1257 fuse_vnode_savesize(vp, NULL, 0); 1258 } 1259 if ((fvdat->flag & FN_REVOKED) != 0) 1260 fuse_io_invalbuf(vp, td); 1261 else 1262 fuse_io_flushbuf(vp, MNT_WAIT, td); 1263 need_flush = 0; 1264 } 1265 fuse_filehandle_close(vp, fufh, td, NULL); 1266 } 1267 1268 if ((fvdat->flag & FN_REVOKED) != 0) 1269 vrecycle(vp); 1270 1271 return 0; 1272 } 1273 1274 /* 1275 struct vnop_ioctl_args { 1276 struct vnode *a_vp; 1277 u_long a_command; 1278 caddr_t a_data; 1279 int a_fflag; 1280 struct ucred *a_cred; 1281 struct thread *a_td; 1282 }; 1283 */ 1284 static int 1285 fuse_vnop_ioctl(struct vop_ioctl_args *ap) 1286 { 1287 struct vnode *vp = ap->a_vp; 1288 struct mount *mp = vnode_mount(vp); 1289 struct ucred *cred = ap->a_cred; 1290 off_t *offp; 1291 pid_t pid = ap->a_td->td_proc->p_pid; 1292 int err; 1293 1294 switch (ap->a_command) { 1295 case FIOSEEKDATA: 1296 case FIOSEEKHOLE: 1297 /* Call FUSE_LSEEK, if we can, or fall back to vop_stdioctl */ 1298 if (fsess_maybe_impl(mp, FUSE_LSEEK)) { 1299 int whence; 1300 1301 offp = ap->a_data; 1302 if (ap->a_command == FIOSEEKDATA) 1303 whence = SEEK_DATA; 1304 else 1305 whence = SEEK_HOLE; 1306 1307 vn_lock(vp, LK_SHARED | LK_RETRY); 1308 err = fuse_vnop_do_lseek(vp, ap->a_td, cred, pid, offp, 1309 whence); 1310 VOP_UNLOCK(vp); 1311 } 1312 if (fsess_not_impl(mp, FUSE_LSEEK)) 1313 err = vop_stdioctl(ap); 1314 break; 1315 default: 1316 /* TODO: implement FUSE_IOCTL */ 1317 err = ENOTTY; 1318 break; 1319 } 1320 return (err); 1321 } 1322 1323 1324 /* 1325 struct vnop_link_args { 1326 struct vnode *a_tdvp; 1327 struct vnode *a_vp; 1328 struct componentname *a_cnp; 1329 }; 1330 */ 1331 static int 1332 fuse_vnop_link(struct vop_link_args *ap) 1333 { 1334 struct vnode *vp = ap->a_vp; 1335 struct vnode *tdvp = ap->a_tdvp; 1336 struct componentname *cnp = ap->a_cnp; 1337 1338 struct vattr *vap = VTOVA(vp); 1339 1340 struct fuse_dispatcher fdi; 1341 struct fuse_entry_out *feo; 1342 struct fuse_link_in fli; 1343 1344 int err; 1345 1346 if (fuse_isdeadfs(vp)) { 1347 return ENXIO; 1348 } 1349 if (vnode_mount(tdvp) != vnode_mount(vp)) { 1350 return EXDEV; 1351 } 1352 1353 /* 1354 * This is a seatbelt check to protect naive userspace filesystems from 1355 * themselves and the limitations of the FUSE IPC protocol. If a 1356 * filesystem does not allow attribute caching, assume it is capable of 1357 * validating that nlink does not overflow. 1358 */ 1359 if (vap != NULL && vap->va_nlink >= FUSE_LINK_MAX) 1360 return EMLINK; 1361 fli.oldnodeid = VTOI(vp); 1362 1363 fdisp_init(&fdi, 0); 1364 fuse_internal_newentry_makerequest(vnode_mount(tdvp), VTOI(tdvp), cnp, 1365 FUSE_LINK, &fli, sizeof(fli), &fdi); 1366 if ((err = fdisp_wait_answ(&fdi))) { 1367 goto out; 1368 } 1369 feo = fdi.answ; 1370 1371 if (fli.oldnodeid != feo->nodeid) { 1372 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 1373 fuse_warn(data, FSESS_WARN_ILLEGAL_INODE, 1374 "Assigned wrong inode for a hard link."); 1375 fuse_vnode_clear_attr_cache(vp); 1376 fuse_vnode_clear_attr_cache(tdvp); 1377 err = EIO; 1378 goto out; 1379 } 1380 1381 err = fuse_internal_checkentry(feo, vnode_vtype(vp)); 1382 if (!err) { 1383 /* 1384 * Purge the parent's attribute cache because the daemon 1385 * should've updated its mtime and ctime 1386 */ 1387 fuse_vnode_clear_attr_cache(tdvp); 1388 fuse_internal_cache_attrs(vp, &feo->attr, feo->attr_valid, 1389 feo->attr_valid_nsec, NULL, true); 1390 } 1391 out: 1392 fdisp_destroy(&fdi); 1393 return err; 1394 } 1395 1396 struct fuse_lookup_alloc_arg { 1397 struct fuse_entry_out *feo; 1398 struct componentname *cnp; 1399 uint64_t nid; 1400 __enum_uint8(vtype) vtyp; 1401 }; 1402 1403 /* Callback for vn_get_ino */ 1404 static int 1405 fuse_lookup_alloc(struct mount *mp, void *arg, int lkflags, struct vnode **vpp) 1406 { 1407 struct fuse_lookup_alloc_arg *flaa = arg; 1408 1409 return fuse_vnode_get(mp, flaa->feo, flaa->nid, NULL, vpp, flaa->cnp, 1410 flaa->vtyp); 1411 } 1412 1413 SDT_PROBE_DEFINE3(fusefs, , vnops, cache_lookup, 1414 "int", "struct timespec*", "struct timespec*"); 1415 /* 1416 struct vnop_lookup_args { 1417 struct vnodeop_desc *a_desc; 1418 struct vnode *a_dvp; 1419 struct vnode **a_vpp; 1420 struct componentname *a_cnp; 1421 }; 1422 */ 1423 int 1424 fuse_vnop_lookup(struct vop_lookup_args *ap) 1425 { 1426 struct vnode *dvp = ap->a_dvp; 1427 struct vnode **vpp = ap->a_vpp; 1428 struct componentname *cnp = ap->a_cnp; 1429 struct thread *td = curthread; 1430 struct ucred *cred = cnp->cn_cred; 1431 struct timespec now; 1432 1433 int nameiop = cnp->cn_nameiop; 1434 bool isdotdot = cnp->cn_flags & ISDOTDOT; 1435 bool islastcn = cnp->cn_flags & ISLASTCN; 1436 struct mount *mp = vnode_mount(dvp); 1437 struct fuse_data *data = fuse_get_mpdata(mp); 1438 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 1439 bool is_dot; 1440 1441 int err = 0; 1442 int lookup_err = 0; 1443 struct vnode *vp = NULL; 1444 1445 struct fuse_dispatcher fdi; 1446 bool did_lookup = false; 1447 struct fuse_entry_out *feo = NULL; 1448 __enum_uint8(vtype) vtyp; /* vnode type of target */ 1449 1450 uint64_t nid; 1451 1452 if (fuse_isdeadfs(dvp)) { 1453 *vpp = NULL; 1454 return ENXIO; 1455 } 1456 if (!vnode_isdir(dvp)) 1457 return ENOTDIR; 1458 1459 if (islastcn && vfs_isrdonly(mp) && (nameiop != LOOKUP)) 1460 return EROFS; 1461 1462 if ((cnp->cn_flags & NOEXECCHECK) != 0) 1463 cnp->cn_flags &= ~NOEXECCHECK; 1464 else if ((err = fuse_internal_access(dvp, VEXEC, td, cred))) 1465 return err; 1466 1467 is_dot = cnp->cn_namelen == 1 && *(cnp->cn_nameptr) == '.'; 1468 if (isdotdot && !(data->dataflags & FSESS_EXPORT_SUPPORT)) { 1469 if (!(VTOFUD(dvp)->flag & FN_PARENT_NID)) { 1470 /* 1471 * Since the file system doesn't support ".." lookups, 1472 * we have no way to find this entry. 1473 */ 1474 return ESTALE; 1475 } 1476 nid = VTOFUD(dvp)->parent_nid; 1477 if (nid == 0) 1478 return ENOENT; 1479 /* .. is obviously a directory */ 1480 vtyp = VDIR; 1481 } else if (is_dot) { 1482 nid = VTOI(dvp); 1483 /* . is obviously a directory */ 1484 vtyp = VDIR; 1485 } else { 1486 struct timespec timeout; 1487 int ncpticks; /* here to accommodate for API contract */ 1488 1489 err = cache_lookup(dvp, vpp, cnp, &timeout, &ncpticks); 1490 getnanouptime(&now); 1491 SDT_PROBE3(fusefs, , vnops, cache_lookup, err, &timeout, &now); 1492 switch (err) { 1493 case -1: /* positive match */ 1494 if (timespeccmp(&timeout, &now, >)) { 1495 counter_u64_add(fuse_lookup_cache_hits, 1); 1496 } else { 1497 /* Cache timeout */ 1498 counter_u64_add(fuse_lookup_cache_misses, 1); 1499 bintime_clear( 1500 &VTOFUD(*vpp)->entry_cache_timeout); 1501 cache_purge(*vpp); 1502 if (dvp != *vpp) 1503 vput(*vpp); 1504 else 1505 vrele(*vpp); 1506 *vpp = NULL; 1507 break; 1508 } 1509 return 0; 1510 1511 case 0: /* no match in cache */ 1512 counter_u64_add(fuse_lookup_cache_misses, 1); 1513 break; 1514 1515 case ENOENT: /* negative match */ 1516 if (timespeccmp(&timeout, &now, <=)) { 1517 /* Cache timeout */ 1518 cache_purge_negative(dvp); 1519 break; 1520 } 1521 /* fall through */ 1522 default: 1523 return err; 1524 } 1525 1526 fdisp_init(&fdi, cnp->cn_namelen + 1); 1527 fdisp_make(&fdi, FUSE_LOOKUP, mp, VTOI(dvp), td, cred); 1528 1529 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 1530 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 1531 lookup_err = fdisp_wait_answ(&fdi); 1532 did_lookup = true; 1533 1534 if (!lookup_err) { 1535 /* lookup call succeeded */ 1536 feo = (struct fuse_entry_out *)fdi.answ; 1537 nid = feo->nodeid; 1538 if (nid == 0) { 1539 /* zero nodeid means ENOENT and cache it */ 1540 struct timespec timeout; 1541 1542 fdi.answ_stat = ENOENT; 1543 lookup_err = ENOENT; 1544 if (cnp->cn_flags & MAKEENTRY) { 1545 fuse_validity_2_timespec(feo, &timeout); 1546 /* Use the same entry_time for .. as for 1547 * the file itself. That doesn't honor 1548 * exactly what the fuse server tells 1549 * us, but to do otherwise would require 1550 * another cache lookup at this point. 1551 */ 1552 struct timespec *dtsp = NULL; 1553 cache_enter_time(dvp, *vpp, cnp, 1554 &timeout, dtsp); 1555 } 1556 } 1557 vtyp = IFTOVT(feo->attr.mode); 1558 } 1559 if (lookup_err && (!fdi.answ_stat || lookup_err != ENOENT)) { 1560 fdisp_destroy(&fdi); 1561 return lookup_err; 1562 } 1563 } 1564 /* lookup_err, if non-zero, must be ENOENT at this point */ 1565 1566 if (lookup_err) { 1567 /* Entry not found */ 1568 if ((nameiop == CREATE || nameiop == RENAME) && islastcn) { 1569 if (default_permissions) 1570 err = fuse_internal_access(dvp, VWRITE, td, 1571 cred); 1572 else 1573 err = 0; 1574 if (!err) { 1575 err = EJUSTRETURN; 1576 } 1577 } else { 1578 err = ENOENT; 1579 } 1580 } else { 1581 /* Entry was found */ 1582 if (isdotdot) { 1583 struct fuse_lookup_alloc_arg flaa; 1584 1585 flaa.nid = nid; 1586 flaa.feo = feo; 1587 flaa.cnp = cnp; 1588 flaa.vtyp = vtyp; 1589 err = vn_vget_ino_gen(dvp, fuse_lookup_alloc, &flaa, 0, 1590 &vp); 1591 *vpp = vp; 1592 } else if (nid == VTOI(dvp)) { 1593 if (is_dot) { 1594 vref(dvp); 1595 *vpp = dvp; 1596 } else { 1597 fuse_warn(fuse_get_mpdata(mp), 1598 FSESS_WARN_ILLEGAL_INODE, 1599 "Assigned same inode to both parent and " 1600 "child."); 1601 err = EIO; 1602 } 1603 1604 } else { 1605 struct fuse_vnode_data *fvdat; 1606 1607 err = fuse_vnode_get(vnode_mount(dvp), feo, nid, dvp, 1608 &vp, cnp, vtyp); 1609 if (err) 1610 goto out; 1611 *vpp = vp; 1612 fvdat = VTOFUD(vp); 1613 1614 MPASS(feo != NULL); 1615 if (timespeccmp(&now, &fvdat->last_local_modify, >)) { 1616 /* 1617 * Attributes from the server are definitely 1618 * newer than the last attributes we sent to 1619 * the server, so cache them. 1620 */ 1621 fuse_internal_cache_attrs(*vpp, &feo->attr, 1622 feo->attr_valid, feo->attr_valid_nsec, 1623 NULL, true); 1624 } 1625 fuse_validity_2_bintime(feo->entry_valid, 1626 feo->entry_valid_nsec, 1627 &fvdat->entry_cache_timeout); 1628 1629 if ((nameiop == DELETE || nameiop == RENAME) && 1630 islastcn && default_permissions) 1631 { 1632 struct vattr dvattr; 1633 1634 err = fuse_internal_access(dvp, VWRITE, td, 1635 cred); 1636 if (err != 0) 1637 goto out; 1638 /* 1639 * if the parent's sticky bit is set, check 1640 * whether we're allowed to remove the file. 1641 * Need to figure out the vnode locking to make 1642 * this work. 1643 */ 1644 fuse_internal_getattr(dvp, &dvattr, cred, td); 1645 if ((dvattr.va_mode & S_ISTXT) && 1646 fuse_internal_access(dvp, VADMIN, td, 1647 cred) && 1648 fuse_internal_access(*vpp, VADMIN, td, 1649 cred)) { 1650 err = EPERM; 1651 goto out; 1652 } 1653 } 1654 } 1655 } 1656 out: 1657 if (err) { 1658 if (vp != NULL && dvp != vp) 1659 vput(vp); 1660 else if (vp != NULL) 1661 vrele(vp); 1662 *vpp = NULL; 1663 } 1664 if (did_lookup) 1665 fdisp_destroy(&fdi); 1666 1667 return err; 1668 } 1669 1670 /* 1671 struct vnop_mkdir_args { 1672 struct vnode *a_dvp; 1673 struct vnode **a_vpp; 1674 struct componentname *a_cnp; 1675 struct vattr *a_vap; 1676 }; 1677 */ 1678 static int 1679 fuse_vnop_mkdir(struct vop_mkdir_args *ap) 1680 { 1681 struct vnode *dvp = ap->a_dvp; 1682 struct vnode **vpp = ap->a_vpp; 1683 struct componentname *cnp = ap->a_cnp; 1684 struct vattr *vap = ap->a_vap; 1685 1686 struct fuse_mkdir_in fmdi; 1687 1688 if (fuse_isdeadfs(dvp)) { 1689 return ENXIO; 1690 } 1691 fmdi.mode = MAKEIMODE(vap->va_type, vap->va_mode); 1692 fmdi.umask = curthread->td_proc->p_pd->pd_cmask; 1693 1694 return (fuse_internal_newentry(dvp, vpp, cnp, FUSE_MKDIR, &fmdi, 1695 sizeof(fmdi), VDIR)); 1696 } 1697 1698 /* 1699 struct vnop_mknod_args { 1700 struct vnode *a_dvp; 1701 struct vnode **a_vpp; 1702 struct componentname *a_cnp; 1703 struct vattr *a_vap; 1704 }; 1705 */ 1706 static int 1707 fuse_vnop_mknod(struct vop_mknod_args *ap) 1708 { 1709 1710 struct vnode *dvp = ap->a_dvp; 1711 struct vnode **vpp = ap->a_vpp; 1712 struct componentname *cnp = ap->a_cnp; 1713 struct vattr *vap = ap->a_vap; 1714 1715 if (fuse_isdeadfs(dvp)) 1716 return ENXIO; 1717 1718 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1719 } 1720 1721 /* 1722 struct vop_open_args { 1723 struct vnode *a_vp; 1724 int a_mode; 1725 struct ucred *a_cred; 1726 struct thread *a_td; 1727 int a_fdidx; / struct file *a_fp; 1728 }; 1729 */ 1730 static int 1731 fuse_vnop_open(struct vop_open_args *ap) 1732 { 1733 struct vnode *vp = ap->a_vp; 1734 int a_mode = ap->a_mode; 1735 struct thread *td = ap->a_td; 1736 struct ucred *cred = ap->a_cred; 1737 pid_t pid = td->td_proc->p_pid; 1738 1739 if (fuse_isdeadfs(vp)) 1740 return ENXIO; 1741 if (vp->v_type == VCHR || vp->v_type == VBLK || vp->v_type == VFIFO) 1742 return (EOPNOTSUPP); 1743 if ((a_mode & (FREAD | FWRITE | FEXEC)) == 0) 1744 return EINVAL; 1745 1746 if (fuse_filehandle_validrw(vp, a_mode, cred, pid)) { 1747 fuse_vnode_open(vp, 0, td); 1748 return 0; 1749 } 1750 1751 return fuse_filehandle_open(vp, a_mode, NULL, td, cred); 1752 } 1753 1754 static int 1755 fuse_vnop_pathconf(struct vop_pathconf_args *ap) 1756 { 1757 struct vnode *vp = ap->a_vp; 1758 struct mount *mp; 1759 struct fuse_filehandle *fufh; 1760 int err; 1761 bool closefufh = false; 1762 1763 switch (ap->a_name) { 1764 case _PC_FILESIZEBITS: 1765 *ap->a_retval = 64; 1766 return (0); 1767 case _PC_NAME_MAX: 1768 *ap->a_retval = NAME_MAX; 1769 return (0); 1770 case _PC_LINK_MAX: 1771 *ap->a_retval = MIN(LONG_MAX, FUSE_LINK_MAX); 1772 return (0); 1773 case _PC_SYMLINK_MAX: 1774 *ap->a_retval = MAXPATHLEN; 1775 return (0); 1776 case _PC_NO_TRUNC: 1777 *ap->a_retval = 1; 1778 return (0); 1779 case _PC_MIN_HOLE_SIZE: 1780 /* 1781 * The FUSE protocol provides no mechanism for a server to 1782 * report _PC_MIN_HOLE_SIZE. It's a protocol bug. Instead, 1783 * return EINVAL if the server does not support FUSE_LSEEK, or 1784 * 1 if it does. 1785 */ 1786 mp = vnode_mount(vp); 1787 if (!fsess_is_impl(mp, FUSE_LSEEK) && 1788 !fsess_not_impl(mp, FUSE_LSEEK)) { 1789 off_t offset = 0; 1790 1791 /* 1792 * Issue a FUSE_LSEEK to find out if it's supported. 1793 * Use SEEK_DATA instead of SEEK_HOLE, because the 1794 * latter generally requires sequential scans of file 1795 * metadata, which can be slow. 1796 */ 1797 err = fuse_vnop_do_lseek(vp, curthread, 1798 curthread->td_ucred, curthread->td_proc->p_pid, 1799 &offset, SEEK_DATA); 1800 if (err == EBADF) { 1801 /* 1802 * pathconf() doesn't necessarily open the 1803 * file. So we may need to do it here. 1804 */ 1805 err = fuse_filehandle_open(vp, FREAD, &fufh, 1806 curthread, curthread->td_ucred); 1807 if (err == 0) { 1808 closefufh = true; 1809 err = fuse_vnop_do_lseek(vp, curthread, 1810 curthread->td_ucred, 1811 curthread->td_proc->p_pid, &offset, 1812 SEEK_DATA); 1813 } 1814 if (closefufh) 1815 fuse_filehandle_close(vp, fufh, 1816 curthread, curthread->td_ucred); 1817 } 1818 1819 } 1820 1821 if (fsess_is_impl(mp, FUSE_LSEEK)) { 1822 *ap->a_retval = 1; 1823 return (0); 1824 } else if (fsess_not_impl(mp, FUSE_LSEEK)) { 1825 /* FUSE_LSEEK is not implemented */ 1826 return (EINVAL); 1827 } else { 1828 return (err); 1829 } 1830 default: 1831 return (vop_stdpathconf(ap)); 1832 } 1833 } 1834 1835 SDT_PROBE_DEFINE3(fusefs, , vnops, filehandles_closed, "struct vnode*", 1836 "struct uio*", "struct ucred*"); 1837 /* 1838 struct vnop_read_args { 1839 struct vnode *a_vp; 1840 struct uio *a_uio; 1841 int a_ioflag; 1842 struct ucred *a_cred; 1843 }; 1844 */ 1845 static int 1846 fuse_vnop_read(struct vop_read_args *ap) 1847 { 1848 struct vnode *vp = ap->a_vp; 1849 struct uio *uio = ap->a_uio; 1850 int ioflag = ap->a_ioflag; 1851 struct ucred *cred = ap->a_cred; 1852 pid_t pid = curthread->td_proc->p_pid; 1853 struct fuse_filehandle *fufh; 1854 int err; 1855 bool closefufh = false, directio; 1856 1857 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 1858 1859 if (fuse_isdeadfs(vp)) { 1860 return ENXIO; 1861 } 1862 1863 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 1864 ioflag |= IO_DIRECT; 1865 } 1866 1867 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 1868 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 1869 /* 1870 * nfsd will do I/O without first doing VOP_OPEN. We 1871 * must implicitly open the file here 1872 */ 1873 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1874 closefufh = true; 1875 } 1876 if (err) { 1877 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 1878 return err; 1879 } 1880 1881 /* 1882 * Ideally, when the daemon asks for direct io at open time, the 1883 * standard file flag should be set according to this, so that would 1884 * just change the default mode, which later on could be changed via 1885 * fcntl(2). 1886 * But this doesn't work, the O_DIRECT flag gets cleared at some point 1887 * (don't know where). So to make any use of the Fuse direct_io option, 1888 * we hardwire it into the file's private data (similarly to Linux, 1889 * btw.). 1890 */ 1891 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 1892 1893 fuse_vnode_update(vp, FN_ATIMECHANGE); 1894 if (directio) { 1895 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct read of vnode"); 1896 err = fuse_read_directbackend(vp, uio, cred, fufh); 1897 } else { 1898 SDT_PROBE2(fusefs, , vnops, trace, 1, "buffered read of vnode"); 1899 err = fuse_read_biobackend(vp, uio, ioflag, cred, fufh, pid); 1900 } 1901 1902 if (closefufh) 1903 fuse_filehandle_close(vp, fufh, curthread, cred); 1904 1905 return (err); 1906 } 1907 1908 /* 1909 struct vnop_readdir_args { 1910 struct vnode *a_vp; 1911 struct uio *a_uio; 1912 struct ucred *a_cred; 1913 int *a_eofflag; 1914 int *a_ncookies; 1915 uint64_t **a_cookies; 1916 }; 1917 */ 1918 static int 1919 fuse_vnop_readdir(struct vop_readdir_args *ap) 1920 { 1921 struct vnode *vp = ap->a_vp; 1922 struct uio *uio = ap->a_uio; 1923 struct ucred *cred = ap->a_cred; 1924 struct fuse_filehandle *fufh = NULL; 1925 struct mount *mp = vnode_mount(vp); 1926 struct fuse_iov cookediov; 1927 int err = 0; 1928 uint64_t *cookies; 1929 ssize_t tresid; 1930 int ncookies; 1931 bool closefufh = false; 1932 pid_t pid = curthread->td_proc->p_pid; 1933 1934 if (ap->a_eofflag) 1935 *ap->a_eofflag = 0; 1936 if (fuse_isdeadfs(vp)) { 1937 return ENXIO; 1938 } 1939 if ( /* XXXIP ((uio_iovcnt(uio) > 1)) || */ 1940 (uio_resid(uio) < sizeof(struct dirent))) { 1941 return EINVAL; 1942 } 1943 1944 tresid = uio->uio_resid; 1945 err = fuse_filehandle_get_dir(vp, &fufh, cred, pid); 1946 if (err == EBADF && mp->mnt_flag & MNT_EXPORTED) { 1947 KASSERT(!fsess_is_impl(mp, FUSE_OPENDIR), 1948 ("FUSE file systems that implement " 1949 "FUSE_OPENDIR should not be exported")); 1950 /* 1951 * nfsd will do VOP_READDIR without first doing VOP_OPEN. We 1952 * must implicitly open the directory here. 1953 */ 1954 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1955 closefufh = true; 1956 } 1957 if (err) 1958 return (err); 1959 if (ap->a_ncookies != NULL) { 1960 ncookies = uio->uio_resid / 1961 (offsetof(struct dirent, d_name) + 4) + 1; 1962 cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK); 1963 *ap->a_ncookies = ncookies; 1964 *ap->a_cookies = cookies; 1965 } else { 1966 ncookies = 0; 1967 cookies = NULL; 1968 } 1969 #define DIRCOOKEDSIZE FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + MAXNAMLEN + 1) 1970 fiov_init(&cookediov, DIRCOOKEDSIZE); 1971 1972 err = fuse_internal_readdir(vp, uio, fufh, &cookediov, 1973 &ncookies, cookies); 1974 1975 fiov_teardown(&cookediov); 1976 if (closefufh) 1977 fuse_filehandle_close(vp, fufh, curthread, cred); 1978 1979 if (ap->a_ncookies != NULL) { 1980 if (err == 0) { 1981 *ap->a_ncookies -= ncookies; 1982 } else { 1983 free(*ap->a_cookies, M_TEMP); 1984 *ap->a_ncookies = 0; 1985 *ap->a_cookies = NULL; 1986 } 1987 } 1988 if (err == 0 && tresid == uio->uio_resid) 1989 *ap->a_eofflag = 1; 1990 1991 return err; 1992 } 1993 1994 /* 1995 struct vnop_readlink_args { 1996 struct vnode *a_vp; 1997 struct uio *a_uio; 1998 struct ucred *a_cred; 1999 }; 2000 */ 2001 static int 2002 fuse_vnop_readlink(struct vop_readlink_args *ap) 2003 { 2004 struct vnode *vp = ap->a_vp; 2005 struct uio *uio = ap->a_uio; 2006 struct ucred *cred = ap->a_cred; 2007 2008 struct fuse_dispatcher fdi; 2009 int err; 2010 2011 if (fuse_isdeadfs(vp)) { 2012 return ENXIO; 2013 } 2014 if (!vnode_islnk(vp)) { 2015 return EINVAL; 2016 } 2017 fdisp_init(&fdi, 0); 2018 err = fdisp_simple_putget_vp(&fdi, FUSE_READLINK, vp, curthread, cred); 2019 if (err) { 2020 goto out; 2021 } 2022 if (strnlen(fdi.answ, fdi.iosize) + 1 < fdi.iosize) { 2023 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 2024 fuse_warn(data, FSESS_WARN_READLINK_EMBEDDED_NUL, 2025 "Returned an embedded NUL from FUSE_READLINK."); 2026 err = EIO; 2027 goto out; 2028 } 2029 if (((char *)fdi.answ)[0] == '/' && 2030 fuse_get_mpdata(vnode_mount(vp))->dataflags & FSESS_PUSH_SYMLINKS_IN) { 2031 char *mpth = vnode_mount(vp)->mnt_stat.f_mntonname; 2032 2033 err = uiomove(mpth, strlen(mpth), uio); 2034 } 2035 if (!err) { 2036 err = uiomove(fdi.answ, fdi.iosize, uio); 2037 } 2038 out: 2039 fdisp_destroy(&fdi); 2040 return err; 2041 } 2042 2043 /* 2044 struct vnop_reclaim_args { 2045 struct vnode *a_vp; 2046 }; 2047 */ 2048 static int 2049 fuse_vnop_reclaim(struct vop_reclaim_args *ap) 2050 { 2051 struct vnode *vp = ap->a_vp; 2052 struct thread *td = curthread; 2053 struct fuse_vnode_data *fvdat = VTOFUD(vp); 2054 struct fuse_filehandle *fufh, *fufh_tmp; 2055 2056 if (!fvdat) { 2057 panic("FUSE: no vnode data during recycling"); 2058 } 2059 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 2060 printf("FUSE: vnode being reclaimed with open fufh " 2061 "(type=%#x)", fufh->fufh_type); 2062 fuse_filehandle_close(vp, fufh, td, NULL); 2063 } 2064 2065 if (VTOI(vp) == 1) { 2066 /* 2067 * Don't send FUSE_FORGET for the root inode, because 2068 * we never send FUSE_LOOKUP for it (see 2069 * fuse_vfsop_root) and we don't want the server to see 2070 * mismatched lookup counts. 2071 */ 2072 struct fuse_data *data; 2073 struct vnode *vroot; 2074 2075 data = fuse_get_mpdata(vnode_mount(vp)); 2076 FUSE_LOCK(); 2077 vroot = data->vroot; 2078 data->vroot = NULL; 2079 FUSE_UNLOCK(); 2080 if (vroot) 2081 vrele(vroot); 2082 } else if (!fuse_isdeadfs(vp) && fvdat->nlookup > 0) { 2083 fuse_internal_forget_send(vnode_mount(vp), td, NULL, VTOI(vp), 2084 fvdat->nlookup); 2085 } 2086 cache_purge(vp); 2087 vfs_hash_remove(vp); 2088 fuse_vnode_destroy(vp); 2089 2090 return 0; 2091 } 2092 2093 /* 2094 struct vnop_remove_args { 2095 struct vnode *a_dvp; 2096 struct vnode *a_vp; 2097 struct componentname *a_cnp; 2098 }; 2099 */ 2100 static int 2101 fuse_vnop_remove(struct vop_remove_args *ap) 2102 { 2103 struct vnode *dvp = ap->a_dvp; 2104 struct vnode *vp = ap->a_vp; 2105 struct componentname *cnp = ap->a_cnp; 2106 2107 int err; 2108 2109 if (fuse_isdeadfs(vp)) { 2110 return ENXIO; 2111 } 2112 if (vnode_isdir(vp)) { 2113 return EPERM; 2114 } 2115 2116 err = fuse_internal_remove(dvp, vp, cnp, FUSE_UNLINK); 2117 2118 return err; 2119 } 2120 2121 /* 2122 struct vnop_rename_args { 2123 struct vnode *a_fdvp; 2124 struct vnode *a_fvp; 2125 struct componentname *a_fcnp; 2126 struct vnode *a_tdvp; 2127 struct vnode *a_tvp; 2128 struct componentname *a_tcnp; 2129 }; 2130 */ 2131 static int 2132 fuse_vnop_rename(struct vop_rename_args *ap) 2133 { 2134 struct vnode *fdvp = ap->a_fdvp; 2135 struct vnode *fvp = ap->a_fvp; 2136 struct componentname *fcnp = ap->a_fcnp; 2137 struct vnode *tdvp = ap->a_tdvp; 2138 struct vnode *tvp = ap->a_tvp; 2139 struct componentname *tcnp = ap->a_tcnp; 2140 struct fuse_data *data; 2141 bool newparent = fdvp != tdvp; 2142 bool isdir = fvp->v_type == VDIR; 2143 int err = 0; 2144 2145 if (fuse_isdeadfs(fdvp)) { 2146 return ENXIO; 2147 } 2148 if (fvp->v_mount != tdvp->v_mount || 2149 (tvp && fvp->v_mount != tvp->v_mount)) { 2150 SDT_PROBE2(fusefs, , vnops, trace, 1, "cross-device rename"); 2151 err = EXDEV; 2152 goto out; 2153 } 2154 cache_purge(fvp); 2155 2156 /* 2157 * FUSE library is expected to check if target directory is not 2158 * under the source directory in the file system tree. 2159 * Linux performs this check at VFS level. 2160 */ 2161 /* 2162 * If source is a directory, and it will get a new parent, user must 2163 * have write permission to it, so ".." can be modified. 2164 */ 2165 data = fuse_get_mpdata(vnode_mount(tdvp)); 2166 if (data->dataflags & FSESS_DEFAULT_PERMISSIONS && isdir && newparent) { 2167 err = fuse_internal_access(fvp, VWRITE, 2168 curthread, tcnp->cn_cred); 2169 if (err) 2170 goto out; 2171 } 2172 sx_xlock(&data->rename_lock); 2173 err = fuse_internal_rename(fdvp, fcnp, tdvp, tcnp); 2174 if (err == 0) { 2175 if (tdvp != fdvp) 2176 fuse_vnode_setparent(fvp, tdvp); 2177 if (tvp != NULL) 2178 fuse_vnode_setparent(tvp, NULL); 2179 } 2180 sx_unlock(&data->rename_lock); 2181 2182 if (tvp != NULL && tvp != fvp) { 2183 cache_purge(tvp); 2184 } 2185 if (vnode_isdir(fvp)) { 2186 if (((tvp != NULL) && vnode_isdir(tvp)) || vnode_isdir(fvp)) { 2187 cache_purge(tdvp); 2188 } 2189 cache_purge(fdvp); 2190 } 2191 out: 2192 if (tdvp == tvp) { 2193 vrele(tdvp); 2194 } else { 2195 vput(tdvp); 2196 } 2197 if (tvp != NULL) { 2198 vput(tvp); 2199 } 2200 vrele(fdvp); 2201 vrele(fvp); 2202 2203 return err; 2204 } 2205 2206 /* 2207 struct vnop_rmdir_args { 2208 struct vnode *a_dvp; 2209 struct vnode *a_vp; 2210 struct componentname *a_cnp; 2211 } *ap; 2212 */ 2213 static int 2214 fuse_vnop_rmdir(struct vop_rmdir_args *ap) 2215 { 2216 struct vnode *dvp = ap->a_dvp; 2217 struct vnode *vp = ap->a_vp; 2218 2219 int err; 2220 2221 if (fuse_isdeadfs(vp)) { 2222 return ENXIO; 2223 } 2224 if (VTOFUD(vp) == VTOFUD(dvp)) { 2225 return EINVAL; 2226 } 2227 err = fuse_internal_remove(dvp, vp, ap->a_cnp, FUSE_RMDIR); 2228 2229 return err; 2230 } 2231 2232 /* 2233 struct vnop_setattr_args { 2234 struct vnode *a_vp; 2235 struct vattr *a_vap; 2236 struct ucred *a_cred; 2237 struct thread *a_td; 2238 }; 2239 */ 2240 static int 2241 fuse_vnop_setattr(struct vop_setattr_args *ap) 2242 { 2243 struct vnode *vp = ap->a_vp; 2244 struct vattr *vap = ap->a_vap; 2245 struct ucred *cred = ap->a_cred; 2246 struct thread *td = curthread; 2247 struct mount *mp; 2248 struct fuse_data *data; 2249 struct vattr old_va; 2250 int dataflags; 2251 int err = 0, err2; 2252 accmode_t accmode = 0; 2253 bool checkperm; 2254 bool drop_suid = false; 2255 2256 mp = vnode_mount(vp); 2257 data = fuse_get_mpdata(mp); 2258 dataflags = data->dataflags; 2259 checkperm = dataflags & FSESS_DEFAULT_PERMISSIONS; 2260 2261 if (fuse_isdeadfs(vp)) { 2262 return ENXIO; 2263 } 2264 2265 if (vap->va_uid != (uid_t)VNOVAL) { 2266 if (checkperm) { 2267 /* Only root may change a file's owner */ 2268 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2269 if (err) { 2270 /* As a special case, allow the null chown */ 2271 err2 = fuse_internal_getattr(vp, &old_va, cred, 2272 td); 2273 if (err2) 2274 return (err2); 2275 if (vap->va_uid != old_va.va_uid) 2276 return err; 2277 drop_suid = true; 2278 } 2279 } 2280 accmode |= VADMIN; 2281 } 2282 if (vap->va_gid != (gid_t)VNOVAL) { 2283 if (checkperm && priv_check_cred(cred, PRIV_VFS_CHOWN)) 2284 drop_suid = true; 2285 if (checkperm && !groupmember(vap->va_gid, cred)) { 2286 /* 2287 * Non-root users may only chgrp to one of their own 2288 * groups 2289 */ 2290 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2291 if (err) { 2292 /* As a special case, allow the null chgrp */ 2293 err2 = fuse_internal_getattr(vp, &old_va, cred, 2294 td); 2295 if (err2) 2296 return (err2); 2297 if (vap->va_gid != old_va.va_gid) 2298 return err; 2299 } 2300 } 2301 accmode |= VADMIN; 2302 } 2303 if (vap->va_size != VNOVAL) { 2304 switch (vp->v_type) { 2305 case VDIR: 2306 return (EISDIR); 2307 case VLNK: 2308 case VREG: 2309 if (vfs_isrdonly(mp)) 2310 return (EROFS); 2311 err = vn_rlimit_trunc(vap->va_size, td); 2312 if (err) 2313 return (err); 2314 break; 2315 default: 2316 /* 2317 * According to POSIX, the result is unspecified 2318 * for file types other than regular files, 2319 * directories and shared memory objects. We 2320 * don't support shared memory objects in the file 2321 * system, and have dubious support for truncating 2322 * symlinks. Just ignore the request in other cases. 2323 */ 2324 return (0); 2325 } 2326 /* Don't set accmode. Permission to trunc is checked upstack */ 2327 } 2328 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 2329 if (vap->va_vaflags & VA_UTIMES_NULL) 2330 accmode |= VWRITE; 2331 else 2332 accmode |= VADMIN; 2333 } 2334 if (drop_suid) { 2335 if (vap->va_mode != (mode_t)VNOVAL) 2336 vap->va_mode &= ~(S_ISUID | S_ISGID); 2337 else { 2338 err = fuse_internal_getattr(vp, &old_va, cred, td); 2339 if (err) 2340 return (err); 2341 vap->va_mode = old_va.va_mode & ~(S_ISUID | S_ISGID); 2342 } 2343 } 2344 if (vap->va_mode != (mode_t)VNOVAL) { 2345 /* Only root may set the sticky bit on non-directories */ 2346 if (checkperm && vp->v_type != VDIR && (vap->va_mode & S_ISTXT) 2347 && priv_check_cred(cred, PRIV_VFS_STICKYFILE)) 2348 return EFTYPE; 2349 if (checkperm && (vap->va_mode & S_ISGID)) { 2350 err = fuse_internal_getattr(vp, &old_va, cred, td); 2351 if (err) 2352 return (err); 2353 if (!groupmember(old_va.va_gid, cred)) { 2354 err = priv_check_cred(cred, PRIV_VFS_SETGID); 2355 if (err) 2356 return (err); 2357 } 2358 } 2359 accmode |= VADMIN; 2360 } 2361 2362 if (vfs_isrdonly(mp)) 2363 return EROFS; 2364 2365 if (checkperm) { 2366 err = fuse_internal_access(vp, accmode, td, cred); 2367 } else { 2368 err = 0; 2369 } 2370 if (err) 2371 return err; 2372 else 2373 return fuse_internal_setattr(vp, vap, td, cred); 2374 } 2375 2376 /* 2377 struct vnop_strategy_args { 2378 struct vnode *a_vp; 2379 struct buf *a_bp; 2380 }; 2381 */ 2382 static int 2383 fuse_vnop_strategy(struct vop_strategy_args *ap) 2384 { 2385 struct vnode *vp = ap->a_vp; 2386 struct buf *bp = ap->a_bp; 2387 2388 if (!vp || fuse_isdeadfs(vp)) { 2389 bp->b_ioflags |= BIO_ERROR; 2390 bp->b_error = ENXIO; 2391 bufdone(bp); 2392 return 0; 2393 } 2394 2395 /* 2396 * VOP_STRATEGY always returns zero and signals error via bp->b_ioflags. 2397 * fuse_io_strategy sets bp's error fields 2398 */ 2399 (void)fuse_io_strategy(vp, bp); 2400 2401 return 0; 2402 } 2403 2404 /* 2405 struct vnop_symlink_args { 2406 struct vnode *a_dvp; 2407 struct vnode **a_vpp; 2408 struct componentname *a_cnp; 2409 struct vattr *a_vap; 2410 char *a_target; 2411 }; 2412 */ 2413 static int 2414 fuse_vnop_symlink(struct vop_symlink_args *ap) 2415 { 2416 struct vnode *dvp = ap->a_dvp; 2417 struct vnode **vpp = ap->a_vpp; 2418 struct componentname *cnp = ap->a_cnp; 2419 const char *target = ap->a_target; 2420 2421 struct fuse_dispatcher fdi; 2422 2423 int err; 2424 size_t len; 2425 2426 if (fuse_isdeadfs(dvp)) { 2427 return ENXIO; 2428 } 2429 /* 2430 * Unlike the other creator type calls, here we have to create a message 2431 * where the name of the new entry comes first, and the data describing 2432 * the entry comes second. 2433 * Hence we can't rely on our handy fuse_internal_newentry() routine, 2434 * but put together the message manually and just call the core part. 2435 */ 2436 2437 len = strlen(target) + 1; 2438 fdisp_init(&fdi, len + cnp->cn_namelen + 1); 2439 fdisp_make_vp(&fdi, FUSE_SYMLINK, dvp, curthread, NULL); 2440 2441 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 2442 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 2443 memcpy((char *)fdi.indata + cnp->cn_namelen + 1, target, len); 2444 2445 err = fuse_internal_newentry_core(dvp, vpp, cnp, VLNK, &fdi); 2446 fdisp_destroy(&fdi); 2447 return err; 2448 } 2449 2450 /* 2451 struct vnop_write_args { 2452 struct vnode *a_vp; 2453 struct uio *a_uio; 2454 int a_ioflag; 2455 struct ucred *a_cred; 2456 }; 2457 */ 2458 static int 2459 fuse_vnop_write(struct vop_write_args *ap) 2460 { 2461 struct vnode *vp = ap->a_vp; 2462 struct uio *uio = ap->a_uio; 2463 int ioflag = ap->a_ioflag; 2464 struct ucred *cred = ap->a_cred; 2465 pid_t pid = curthread->td_proc->p_pid; 2466 struct fuse_filehandle *fufh; 2467 int err; 2468 bool closefufh = false, directio; 2469 2470 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 2471 2472 if (fuse_isdeadfs(vp)) { 2473 return ENXIO; 2474 } 2475 2476 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 2477 ioflag |= IO_DIRECT; 2478 } 2479 2480 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2481 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 2482 /* 2483 * nfsd will do I/O without first doing VOP_OPEN. We 2484 * must implicitly open the file here 2485 */ 2486 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 2487 closefufh = true; 2488 } 2489 if (err) { 2490 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 2491 return err; 2492 } 2493 2494 /* 2495 * Ideally, when the daemon asks for direct io at open time, the 2496 * standard file flag should be set according to this, so that would 2497 * just change the default mode, which later on could be changed via 2498 * fcntl(2). 2499 * But this doesn't work, the O_DIRECT flag gets cleared at some point 2500 * (don't know where). So to make any use of the Fuse direct_io option, 2501 * we hardwire it into the file's private data (similarly to Linux, 2502 * btw.). 2503 */ 2504 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 2505 2506 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 2507 if (directio) { 2508 off_t start, end, filesize; 2509 bool pages = (ioflag & IO_VMIO) != 0; 2510 2511 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct write of vnode"); 2512 2513 err = fuse_vnode_size(vp, &filesize, cred, curthread); 2514 if (err) 2515 goto out; 2516 2517 start = uio->uio_offset; 2518 end = start + uio->uio_resid; 2519 if (!pages) { 2520 err = fuse_inval_buf_range(vp, filesize, start, 2521 end); 2522 if (err) 2523 goto out; 2524 } 2525 err = fuse_write_directbackend(vp, uio, cred, fufh, 2526 filesize, ioflag, pages); 2527 } else { 2528 SDT_PROBE2(fusefs, , vnops, trace, 1, 2529 "buffered write of vnode"); 2530 if (!fsess_opt_writeback(vnode_mount(vp))) 2531 ioflag |= IO_SYNC; 2532 err = fuse_write_biobackend(vp, uio, cred, fufh, ioflag, pid); 2533 } 2534 fuse_internal_clear_suid_on_write(vp, cred, uio->uio_td); 2535 2536 out: 2537 if (closefufh) 2538 fuse_filehandle_close(vp, fufh, curthread, cred); 2539 2540 return (err); 2541 } 2542 2543 static daddr_t 2544 fuse_gbp_getblkno(struct vnode *vp, vm_ooffset_t off) 2545 { 2546 const int biosize = fuse_iosize(vp); 2547 2548 return (off / biosize); 2549 } 2550 2551 static int 2552 fuse_gbp_getblksz(struct vnode *vp, daddr_t lbn, long *blksz) 2553 { 2554 off_t filesize; 2555 int err; 2556 const int biosize = fuse_iosize(vp); 2557 2558 err = fuse_vnode_size(vp, &filesize, NULL, NULL); 2559 if (err) { 2560 /* This will turn into a SIGBUS */ 2561 return (EIO); 2562 } else if ((off_t)lbn * biosize >= filesize) { 2563 *blksz = 0; 2564 } else if ((off_t)(lbn + 1) * biosize > filesize) { 2565 *blksz = filesize - (off_t)lbn *biosize; 2566 } else { 2567 *blksz = biosize; 2568 } 2569 return (0); 2570 } 2571 2572 /* 2573 struct vnop_getpages_args { 2574 struct vnode *a_vp; 2575 vm_page_t *a_m; 2576 int a_count; 2577 int a_reqpage; 2578 }; 2579 */ 2580 static int 2581 fuse_vnop_getpages(struct vop_getpages_args *ap) 2582 { 2583 struct vnode *vp = ap->a_vp; 2584 2585 if (!fsess_opt_mmap(vnode_mount(vp))) { 2586 SDT_PROBE2(fusefs, , vnops, trace, 1, 2587 "called on non-cacheable vnode??\n"); 2588 return (VM_PAGER_ERROR); 2589 } 2590 2591 return (vfs_bio_getpages(vp, ap->a_m, ap->a_count, ap->a_rbehind, 2592 ap->a_rahead, fuse_gbp_getblkno, fuse_gbp_getblksz)); 2593 } 2594 2595 static const char extattr_namespace_separator = '.'; 2596 2597 /* 2598 struct vop_getextattr_args { 2599 struct vop_generic_args a_gen; 2600 struct vnode *a_vp; 2601 int a_attrnamespace; 2602 const char *a_name; 2603 struct uio *a_uio; 2604 size_t *a_size; 2605 struct ucred *a_cred; 2606 struct thread *a_td; 2607 }; 2608 */ 2609 static int 2610 fuse_vnop_getextattr(struct vop_getextattr_args *ap) 2611 { 2612 struct vnode *vp = ap->a_vp; 2613 struct uio *uio = ap->a_uio; 2614 struct fuse_dispatcher fdi; 2615 struct fuse_getxattr_in *get_xattr_in; 2616 struct fuse_getxattr_out *get_xattr_out; 2617 struct mount *mp = vnode_mount(vp); 2618 struct thread *td = ap->a_td; 2619 struct ucred *cred = ap->a_cred; 2620 char *prefix; 2621 char *attr_str; 2622 size_t len; 2623 int err; 2624 2625 if (fuse_isdeadfs(vp)) 2626 return (ENXIO); 2627 2628 if (fsess_not_impl(mp, FUSE_GETXATTR)) 2629 return EOPNOTSUPP; 2630 2631 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2632 if (err) 2633 return err; 2634 2635 /* Default to looking for user attributes. */ 2636 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2637 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2638 else 2639 prefix = EXTATTR_NAMESPACE_USER_STRING; 2640 2641 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2642 strlen(ap->a_name) + 1; 2643 2644 fdisp_init(&fdi, len + sizeof(*get_xattr_in)); 2645 fdisp_make_vp(&fdi, FUSE_GETXATTR, vp, td, cred); 2646 2647 get_xattr_in = fdi.indata; 2648 /* 2649 * Check to see whether we're querying the available size or 2650 * issuing the actual request. If we pass in 0, we get back struct 2651 * fuse_getxattr_out. If we pass in a non-zero size, we get back 2652 * that much data, without the struct fuse_getxattr_out header. 2653 */ 2654 if (uio == NULL) 2655 get_xattr_in->size = 0; 2656 else 2657 get_xattr_in->size = uio->uio_resid; 2658 2659 attr_str = (char *)fdi.indata + sizeof(*get_xattr_in); 2660 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2661 ap->a_name); 2662 2663 err = fdisp_wait_answ(&fdi); 2664 if (err != 0) { 2665 if (err == ENOSYS) { 2666 fsess_set_notimpl(mp, FUSE_GETXATTR); 2667 err = EOPNOTSUPP; 2668 } 2669 goto out; 2670 } 2671 2672 get_xattr_out = fdi.answ; 2673 2674 if (ap->a_size != NULL) 2675 *ap->a_size = get_xattr_out->size; 2676 2677 if (uio != NULL) 2678 err = uiomove(fdi.answ, fdi.iosize, uio); 2679 2680 out: 2681 fdisp_destroy(&fdi); 2682 return (err); 2683 } 2684 2685 /* 2686 struct vop_setextattr_args { 2687 struct vop_generic_args a_gen; 2688 struct vnode *a_vp; 2689 int a_attrnamespace; 2690 const char *a_name; 2691 struct uio *a_uio; 2692 struct ucred *a_cred; 2693 struct thread *a_td; 2694 }; 2695 */ 2696 static int 2697 fuse_vnop_setextattr(struct vop_setextattr_args *ap) 2698 { 2699 struct vnode *vp = ap->a_vp; 2700 struct uio *uio = ap->a_uio; 2701 struct fuse_dispatcher fdi; 2702 struct fuse_setxattr_in *set_xattr_in; 2703 struct mount *mp = vnode_mount(vp); 2704 struct thread *td = ap->a_td; 2705 struct ucred *cred = ap->a_cred; 2706 size_t struct_size = FUSE_COMPAT_SETXATTR_IN_SIZE; 2707 char *prefix; 2708 size_t len; 2709 char *attr_str; 2710 int err; 2711 2712 if (fuse_isdeadfs(vp)) 2713 return (ENXIO); 2714 2715 if (fsess_not_impl(mp, FUSE_SETXATTR)) 2716 return EOPNOTSUPP; 2717 2718 if (vfs_isrdonly(mp)) 2719 return EROFS; 2720 2721 /* Deleting xattrs must use VOP_DELETEEXTATTR instead */ 2722 if (ap->a_uio == NULL) { 2723 /* 2724 * If we got here as fallback from VOP_DELETEEXTATTR, then 2725 * return EOPNOTSUPP. 2726 */ 2727 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 2728 return (EOPNOTSUPP); 2729 else 2730 return (EINVAL); 2731 } 2732 2733 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 2734 VWRITE); 2735 if (err) 2736 return err; 2737 2738 /* Default to looking for user attributes. */ 2739 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2740 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2741 else 2742 prefix = EXTATTR_NAMESPACE_USER_STRING; 2743 2744 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2745 strlen(ap->a_name) + 1; 2746 2747 /* older FUSE servers use a smaller fuse_setxattr_in struct*/ 2748 if (fuse_libabi_geq(fuse_get_mpdata(mp), 7, 33)) 2749 struct_size = sizeof(*set_xattr_in); 2750 2751 fdisp_init(&fdi, len + struct_size + uio->uio_resid); 2752 fdisp_make_vp(&fdi, FUSE_SETXATTR, vp, td, cred); 2753 2754 set_xattr_in = fdi.indata; 2755 set_xattr_in->size = uio->uio_resid; 2756 2757 if (fuse_libabi_geq(fuse_get_mpdata(mp), 7, 33)) { 2758 set_xattr_in->setxattr_flags = 0; 2759 set_xattr_in->padding = 0; 2760 } 2761 2762 attr_str = (char *)fdi.indata + struct_size; 2763 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2764 ap->a_name); 2765 2766 err = uiomove((char *)fdi.indata + struct_size + len, 2767 uio->uio_resid, uio); 2768 if (err != 0) { 2769 goto out; 2770 } 2771 2772 err = fdisp_wait_answ(&fdi); 2773 2774 if (err == ENOSYS) { 2775 fsess_set_notimpl(mp, FUSE_SETXATTR); 2776 err = EOPNOTSUPP; 2777 } 2778 if (err == ERESTART) { 2779 /* Can't restart after calling uiomove */ 2780 err = EINTR; 2781 } 2782 2783 out: 2784 fdisp_destroy(&fdi); 2785 return (err); 2786 } 2787 2788 /* 2789 * The Linux / FUSE extended attribute list is simply a collection of 2790 * NUL-terminated strings. The FreeBSD extended attribute list is a single 2791 * byte length followed by a non-NUL terminated string. So, this allows 2792 * conversion of the Linux / FUSE format to the FreeBSD format in place. 2793 * Linux attribute names are reported with the namespace as a prefix (e.g. 2794 * "user.attribute_name"), but in FreeBSD they are reported without the 2795 * namespace prefix (e.g. "attribute_name"). So, we're going from: 2796 * 2797 * user.attr_name1\0user.attr_name2\0 2798 * 2799 * to: 2800 * 2801 * <num>attr_name1<num>attr_name2 2802 * 2803 * Where "<num>" is a single byte number of characters in the attribute name. 2804 * 2805 * Args: 2806 * prefix - exattr namespace prefix string 2807 * list, list_len - input list with namespace prefixes 2808 * bsd_list, bsd_list_len - output list compatible with bsd vfs 2809 */ 2810 static int 2811 fuse_xattrlist_convert(char *prefix, const char *list, int list_len, 2812 char *bsd_list, int *bsd_list_len) 2813 { 2814 int len, pos, dist_to_next, prefix_len; 2815 2816 pos = 0; 2817 *bsd_list_len = 0; 2818 prefix_len = strlen(prefix); 2819 2820 while (pos < list_len && list[pos] != '\0') { 2821 dist_to_next = strlen(&list[pos]) + 1; 2822 if (bcmp(&list[pos], prefix, prefix_len) == 0 && 2823 list[pos + prefix_len] == extattr_namespace_separator) { 2824 len = dist_to_next - 2825 (prefix_len + sizeof(extattr_namespace_separator)) - 1; 2826 if (len >= EXTATTR_MAXNAMELEN) 2827 return (ENAMETOOLONG); 2828 2829 bsd_list[*bsd_list_len] = len; 2830 memcpy(&bsd_list[*bsd_list_len + 1], 2831 &list[pos + prefix_len + 2832 sizeof(extattr_namespace_separator)], len); 2833 2834 *bsd_list_len += len + 1; 2835 } 2836 2837 pos += dist_to_next; 2838 } 2839 2840 return (0); 2841 } 2842 2843 /* 2844 * List extended attributes 2845 * 2846 * The FUSE_LISTXATTR operation is based on Linux's listxattr(2) syscall, which 2847 * has a number of differences compared to its FreeBSD equivalent, 2848 * extattr_list_file: 2849 * 2850 * - FUSE_LISTXATTR returns all extended attributes across all namespaces, 2851 * whereas listxattr(2) only returns attributes for a single namespace 2852 * - FUSE_LISTXATTR prepends each attribute name with "namespace." 2853 * - If the provided buffer is not large enough to hold the result, 2854 * FUSE_LISTXATTR should return ERANGE, whereas listxattr is expected to 2855 * return as many results as will fit. 2856 */ 2857 /* 2858 struct vop_listextattr_args { 2859 struct vop_generic_args a_gen; 2860 struct vnode *a_vp; 2861 int a_attrnamespace; 2862 struct uio *a_uio; 2863 size_t *a_size; 2864 struct ucred *a_cred; 2865 struct thread *a_td; 2866 }; 2867 */ 2868 static int 2869 fuse_vnop_listextattr(struct vop_listextattr_args *ap) 2870 { 2871 struct vnode *vp = ap->a_vp; 2872 struct uio *uio = ap->a_uio; 2873 struct fuse_dispatcher fdi; 2874 struct fuse_listxattr_in *list_xattr_in; 2875 struct fuse_listxattr_out *list_xattr_out; 2876 struct mount *mp = vnode_mount(vp); 2877 struct thread *td = ap->a_td; 2878 struct ucred *cred = ap->a_cred; 2879 char *prefix; 2880 char *bsd_list = NULL; 2881 char *linux_list; 2882 int bsd_list_len; 2883 int linux_list_len; 2884 int err; 2885 2886 if (fuse_isdeadfs(vp)) 2887 return (ENXIO); 2888 2889 if (fsess_not_impl(mp, FUSE_LISTXATTR)) 2890 return EOPNOTSUPP; 2891 2892 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2893 if (err) 2894 return err; 2895 2896 /* 2897 * Add space for a NUL and the period separator if enabled. 2898 * Default to looking for user attributes. 2899 */ 2900 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2901 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2902 else 2903 prefix = EXTATTR_NAMESPACE_USER_STRING; 2904 2905 fdisp_init(&fdi, sizeof(*list_xattr_in)); 2906 fdisp_make_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2907 2908 /* 2909 * Retrieve Linux / FUSE compatible list size. 2910 */ 2911 list_xattr_in = fdi.indata; 2912 list_xattr_in->size = 0; 2913 2914 err = fdisp_wait_answ(&fdi); 2915 if (err != 0) { 2916 if (err == ENOSYS) { 2917 fsess_set_notimpl(mp, FUSE_LISTXATTR); 2918 err = EOPNOTSUPP; 2919 } 2920 goto out; 2921 } 2922 2923 list_xattr_out = fdi.answ; 2924 linux_list_len = list_xattr_out->size; 2925 if (linux_list_len == 0) { 2926 if (ap->a_size != NULL) 2927 *ap->a_size = linux_list_len; 2928 goto out; 2929 } 2930 2931 /* 2932 * Retrieve Linux / FUSE compatible list values. 2933 */ 2934 fdisp_refresh_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2935 list_xattr_in = fdi.indata; 2936 list_xattr_in->size = linux_list_len; 2937 2938 err = fdisp_wait_answ(&fdi); 2939 if (err == ERANGE) { 2940 /* 2941 * Race detected. The attribute list must've grown since the 2942 * first FUSE_LISTXATTR call. Start over. Go all the way back 2943 * to userland so we can process signals, if necessary, before 2944 * restarting. 2945 */ 2946 err = ERESTART; 2947 goto out; 2948 } else if (err != 0) 2949 goto out; 2950 2951 linux_list = fdi.answ; 2952 /* FUSE doesn't allow the server to return more data than requested */ 2953 if (fdi.iosize > linux_list_len) { 2954 struct fuse_data *data = fuse_get_mpdata(mp); 2955 2956 fuse_warn(data, FSESS_WARN_LSEXTATTR_LONG, 2957 "server returned " 2958 "more extended attribute data than requested; " 2959 "should've returned ERANGE instead."); 2960 } else { 2961 /* But returning less data is fine */ 2962 linux_list_len = fdi.iosize; 2963 } 2964 2965 /* 2966 * Retrieve the BSD compatible list values. 2967 * The Linux / FUSE attribute list format isn't the same 2968 * as FreeBSD's format. So we need to transform it into 2969 * FreeBSD's format before giving it to the user. 2970 */ 2971 bsd_list = malloc(linux_list_len, M_TEMP, M_WAITOK); 2972 err = fuse_xattrlist_convert(prefix, linux_list, linux_list_len, 2973 bsd_list, &bsd_list_len); 2974 if (err != 0) 2975 goto out; 2976 2977 if (ap->a_size != NULL) 2978 *ap->a_size = bsd_list_len; 2979 2980 if (uio != NULL) 2981 err = uiomove(bsd_list, bsd_list_len, uio); 2982 2983 out: 2984 free(bsd_list, M_TEMP); 2985 fdisp_destroy(&fdi); 2986 return (err); 2987 } 2988 2989 /* 2990 struct vop_deallocate_args { 2991 struct vop_generic_args a_gen; 2992 struct vnode *a_vp; 2993 off_t *a_offset; 2994 off_t *a_len; 2995 int a_flags; 2996 int a_ioflag; 2997 struct ucred *a_cred; 2998 }; 2999 */ 3000 static int 3001 fuse_vnop_deallocate(struct vop_deallocate_args *ap) 3002 { 3003 struct vnode *vp = ap->a_vp; 3004 struct mount *mp = vnode_mount(vp); 3005 struct fuse_filehandle *fufh; 3006 struct fuse_dispatcher fdi; 3007 struct fuse_fallocate_in *ffi; 3008 struct ucred *cred = ap->a_cred; 3009 pid_t pid = curthread->td_proc->p_pid; 3010 off_t *len = ap->a_len; 3011 off_t *offset = ap->a_offset; 3012 int ioflag = ap->a_ioflag; 3013 off_t filesize; 3014 int err; 3015 bool closefufh = false; 3016 3017 if (fuse_isdeadfs(vp)) 3018 return (ENXIO); 3019 3020 if (vfs_isrdonly(mp)) 3021 return (EROFS); 3022 3023 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 3024 goto fallback; 3025 3026 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 3027 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 3028 /* 3029 * nfsd will do I/O without first doing VOP_OPEN. We 3030 * must implicitly open the file here 3031 */ 3032 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 3033 closefufh = true; 3034 } 3035 if (err) 3036 return (err); 3037 3038 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 3039 3040 err = fuse_vnode_size(vp, &filesize, cred, curthread); 3041 if (err) 3042 goto out; 3043 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 3044 3045 fdisp_init(&fdi, sizeof(*ffi)); 3046 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 3047 ffi = fdi.indata; 3048 ffi->fh = fufh->fh_id; 3049 ffi->offset = *offset; 3050 ffi->length = *len; 3051 /* 3052 * FreeBSD's fspacectl is equivalent to Linux's fallocate with 3053 * mode == FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE 3054 */ 3055 ffi->mode = FUSE_FALLOC_FL_PUNCH_HOLE | FUSE_FALLOC_FL_KEEP_SIZE; 3056 err = fdisp_wait_answ(&fdi); 3057 3058 if (err == ENOSYS) { 3059 fdisp_destroy(&fdi); 3060 fsess_set_notimpl(mp, FUSE_FALLOCATE); 3061 goto fallback; 3062 } else if (err == EOPNOTSUPP) { 3063 /* 3064 * The file system server does not support FUSE_FALLOCATE with 3065 * the supplied mode for this particular file. 3066 */ 3067 fdisp_destroy(&fdi); 3068 goto fallback; 3069 } else if (!err) { 3070 /* 3071 * Clip the returned offset to EoF. Do it here rather than 3072 * before FUSE_FALLOCATE just in case the kernel's cached file 3073 * size is out of date. Unfortunately, FUSE does not return 3074 * any information about filesize from that operation. 3075 */ 3076 *offset = MIN(*offset + *len, filesize); 3077 *len = 0; 3078 fuse_vnode_undirty_cached_timestamps(vp, false); 3079 fuse_internal_clear_suid_on_write(vp, cred, curthread); 3080 3081 if (ioflag & IO_SYNC) 3082 err = fuse_internal_fsync(vp, curthread, MNT_WAIT, 3083 false); 3084 } 3085 3086 fdisp_destroy(&fdi); 3087 out: 3088 if (closefufh) 3089 fuse_filehandle_close(vp, fufh, curthread, cred); 3090 3091 return (err); 3092 3093 fallback: 3094 if (closefufh) 3095 fuse_filehandle_close(vp, fufh, curthread, cred); 3096 3097 return (vop_stddeallocate(ap)); 3098 } 3099 3100 /* 3101 struct vop_deleteextattr_args { 3102 struct vop_generic_args a_gen; 3103 struct vnode *a_vp; 3104 int a_attrnamespace; 3105 const char *a_name; 3106 struct ucred *a_cred; 3107 struct thread *a_td; 3108 }; 3109 */ 3110 static int 3111 fuse_vnop_deleteextattr(struct vop_deleteextattr_args *ap) 3112 { 3113 struct vnode *vp = ap->a_vp; 3114 struct fuse_dispatcher fdi; 3115 struct mount *mp = vnode_mount(vp); 3116 struct thread *td = ap->a_td; 3117 struct ucred *cred = ap->a_cred; 3118 char *prefix; 3119 size_t len; 3120 char *attr_str; 3121 int err; 3122 3123 if (fuse_isdeadfs(vp)) 3124 return (ENXIO); 3125 3126 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 3127 return EOPNOTSUPP; 3128 3129 if (vfs_isrdonly(mp)) 3130 return EROFS; 3131 3132 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 3133 VWRITE); 3134 if (err) 3135 return err; 3136 3137 /* Default to looking for user attributes. */ 3138 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 3139 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 3140 else 3141 prefix = EXTATTR_NAMESPACE_USER_STRING; 3142 3143 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 3144 strlen(ap->a_name) + 1; 3145 3146 fdisp_init(&fdi, len); 3147 fdisp_make_vp(&fdi, FUSE_REMOVEXATTR, vp, td, cred); 3148 3149 attr_str = fdi.indata; 3150 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 3151 ap->a_name); 3152 3153 err = fdisp_wait_answ(&fdi); 3154 if (err == ENOSYS) { 3155 fsess_set_notimpl(mp, FUSE_REMOVEXATTR); 3156 err = EOPNOTSUPP; 3157 } 3158 3159 fdisp_destroy(&fdi); 3160 return (err); 3161 } 3162 3163 /* 3164 struct vnop_print_args { 3165 struct vnode *a_vp; 3166 }; 3167 */ 3168 static int 3169 fuse_vnop_print(struct vop_print_args *ap) 3170 { 3171 struct fuse_vnode_data *fvdat = VTOFUD(ap->a_vp); 3172 3173 printf("nodeid: %ju, parent nodeid: %ju, nlookup: %ju, flag: %#x\n", 3174 (uintmax_t)VTOILLU(ap->a_vp), (uintmax_t)fvdat->parent_nid, 3175 (uintmax_t)fvdat->nlookup, 3176 fvdat->flag); 3177 3178 return 0; 3179 } 3180 3181 /* 3182 * Get an NFS filehandle for a FUSE file. 3183 * 3184 * This will only work for FUSE file systems that guarantee the uniqueness of 3185 * nodeid:generation, which most don't. 3186 */ 3187 /* 3188 vop_vptofh { 3189 IN struct vnode *a_vp; 3190 IN struct fid *a_fhp; 3191 }; 3192 */ 3193 static int 3194 fuse_vnop_vptofh(struct vop_vptofh_args *ap) 3195 { 3196 struct vnode *vp = ap->a_vp; 3197 struct fuse_vnode_data *fvdat = VTOFUD(vp); 3198 struct fuse_fid *fhp = (struct fuse_fid *)(ap->a_fhp); 3199 _Static_assert(sizeof(struct fuse_fid) <= sizeof(struct fid), 3200 "FUSE fid type is too big"); 3201 struct mount *mp = vnode_mount(vp); 3202 struct fuse_data *data = fuse_get_mpdata(mp); 3203 struct vattr va; 3204 int err; 3205 3206 if (!(data->dataflags & FSESS_EXPORT_SUPPORT)) { 3207 /* NFS requires lookups for "." and ".." */ 3208 SDT_PROBE2(fusefs, , vnops, trace, 1, 3209 "VOP_VPTOFH without FUSE_EXPORT_SUPPORT"); 3210 return EOPNOTSUPP; 3211 } 3212 if ((mp->mnt_flag & MNT_EXPORTED) && 3213 fsess_is_impl(mp, FUSE_OPENDIR)) 3214 { 3215 /* 3216 * NFS is stateless, so nfsd must reopen a directory on every 3217 * call to VOP_READDIR, passing in the d_off field from the 3218 * final dirent of the previous invocation. But if the server 3219 * implements FUSE_OPENDIR, the FUSE protocol does not 3220 * guarantee that d_off will be valid after a directory is 3221 * closed and reopened. So prohibit exporting FUSE file 3222 * systems that implement FUSE_OPENDIR. 3223 * 3224 * But userspace NFS servers don't have this problem. 3225 */ 3226 SDT_PROBE2(fusefs, , vnops, trace, 1, 3227 "VOP_VPTOFH with FUSE_OPENDIR"); 3228 return EOPNOTSUPP; 3229 } 3230 3231 err = fuse_internal_getattr(vp, &va, curthread->td_ucred, curthread); 3232 if (err) 3233 return err; 3234 3235 /*ip = VTOI(ap->a_vp);*/ 3236 /*ufhp = (struct ufid *)ap->a_fhp;*/ 3237 fhp->len = sizeof(struct fuse_fid); 3238 fhp->nid = fvdat->nid; 3239 if (fvdat->generation <= UINT32_MAX) 3240 fhp->gen = fvdat->generation; 3241 else 3242 return EOVERFLOW; 3243 return (0); 3244 } 3245