xref: /freebsd/sys/fs/fuse/fuse_vnops.c (revision e6bfd18d21b225af6a0ed67ceeaf1293b7b9eba5)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 2007-2009 Google Inc. and Amit Singh
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions are
9  * met:
10  *
11  * * Redistributions of source code must retain the above copyright
12  *   notice, this list of conditions and the following disclaimer.
13  * * Redistributions in binary form must reproduce the above
14  *   copyright notice, this list of conditions and the following disclaimer
15  *   in the documentation and/or other materials provided with the
16  *   distribution.
17  * * Neither the name of Google Inc. nor the names of its
18  *   contributors may be used to endorse or promote products derived from
19  *   this software without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32  *
33  * Copyright (C) 2005 Csaba Henk.
34  * All rights reserved.
35  *
36  * Copyright (c) 2019 The FreeBSD Foundation
37  *
38  * Portions of this software were developed by BFF Storage Systems, LLC under
39  * sponsorship from the FreeBSD Foundation.
40  *
41  * Redistribution and use in source and binary forms, with or without
42  * modification, are permitted provided that the following conditions
43  * are met:
44  * 1. Redistributions of source code must retain the above copyright
45  *    notice, this list of conditions and the following disclaimer.
46  * 2. Redistributions in binary form must reproduce the above copyright
47  *    notice, this list of conditions and the following disclaimer in the
48  *    documentation and/or other materials provided with the distribution.
49  *
50  * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
51  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53  * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
54  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60  * SUCH DAMAGE.
61  */
62 
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD$");
65 
66 #include <sys/param.h>
67 #include <sys/module.h>
68 #include <sys/systm.h>
69 #include <sys/errno.h>
70 #include <sys/kernel.h>
71 #include <sys/conf.h>
72 #include <sys/filio.h>
73 #include <sys/uio.h>
74 #include <sys/malloc.h>
75 #include <sys/queue.h>
76 #include <sys/limits.h>
77 #include <sys/lock.h>
78 #include <sys/rwlock.h>
79 #include <sys/sx.h>
80 #include <sys/proc.h>
81 #include <sys/mount.h>
82 #include <sys/vnode.h>
83 #include <sys/namei.h>
84 #include <sys/extattr.h>
85 #include <sys/stat.h>
86 #include <sys/unistd.h>
87 #include <sys/filedesc.h>
88 #include <sys/file.h>
89 #include <sys/fcntl.h>
90 #include <sys/dirent.h>
91 #include <sys/bio.h>
92 #include <sys/buf.h>
93 #include <sys/sysctl.h>
94 #include <sys/vmmeter.h>
95 
96 #include <vm/vm.h>
97 #include <vm/vm_extern.h>
98 #include <vm/pmap.h>
99 #include <vm/vm_map.h>
100 #include <vm/vm_page.h>
101 #include <vm/vm_param.h>
102 #include <vm/vm_object.h>
103 #include <vm/vm_pager.h>
104 #include <vm/vnode_pager.h>
105 #include <vm/vm_object.h>
106 
107 #include "fuse.h"
108 #include "fuse_file.h"
109 #include "fuse_internal.h"
110 #include "fuse_ipc.h"
111 #include "fuse_node.h"
112 #include "fuse_io.h"
113 
114 #include <sys/priv.h>
115 
116 /* Maximum number of hardlinks to a single FUSE file */
117 #define FUSE_LINK_MAX                      UINT32_MAX
118 
119 SDT_PROVIDER_DECLARE(fusefs);
120 /*
121  * Fuse trace probe:
122  * arg0: verbosity.  Higher numbers give more verbose messages
123  * arg1: Textual message
124  */
125 SDT_PROBE_DEFINE2(fusefs, , vnops, trace, "int", "char*");
126 
127 /* vnode ops */
128 static vop_access_t fuse_vnop_access;
129 static vop_advlock_t fuse_vnop_advlock;
130 static vop_allocate_t fuse_vnop_allocate;
131 static vop_bmap_t fuse_vnop_bmap;
132 static vop_close_t fuse_fifo_close;
133 static vop_close_t fuse_vnop_close;
134 static vop_copy_file_range_t fuse_vnop_copy_file_range;
135 static vop_create_t fuse_vnop_create;
136 static vop_deallocate_t fuse_vnop_deallocate;
137 static vop_deleteextattr_t fuse_vnop_deleteextattr;
138 static vop_fdatasync_t fuse_vnop_fdatasync;
139 static vop_fsync_t fuse_vnop_fsync;
140 static vop_getattr_t fuse_vnop_getattr;
141 static vop_getextattr_t fuse_vnop_getextattr;
142 static vop_inactive_t fuse_vnop_inactive;
143 static vop_ioctl_t fuse_vnop_ioctl;
144 static vop_link_t fuse_vnop_link;
145 static vop_listextattr_t fuse_vnop_listextattr;
146 static vop_lookup_t fuse_vnop_lookup;
147 static vop_mkdir_t fuse_vnop_mkdir;
148 static vop_mknod_t fuse_vnop_mknod;
149 static vop_open_t fuse_vnop_open;
150 static vop_pathconf_t fuse_vnop_pathconf;
151 static vop_read_t fuse_vnop_read;
152 static vop_readdir_t fuse_vnop_readdir;
153 static vop_readlink_t fuse_vnop_readlink;
154 static vop_reclaim_t fuse_vnop_reclaim;
155 static vop_remove_t fuse_vnop_remove;
156 static vop_rename_t fuse_vnop_rename;
157 static vop_rmdir_t fuse_vnop_rmdir;
158 static vop_setattr_t fuse_vnop_setattr;
159 static vop_setextattr_t fuse_vnop_setextattr;
160 static vop_strategy_t fuse_vnop_strategy;
161 static vop_symlink_t fuse_vnop_symlink;
162 static vop_write_t fuse_vnop_write;
163 static vop_getpages_t fuse_vnop_getpages;
164 static vop_print_t fuse_vnop_print;
165 static vop_vptofh_t fuse_vnop_vptofh;
166 
167 struct vop_vector fuse_fifoops = {
168 	.vop_default =		&fifo_specops,
169 	.vop_access =		fuse_vnop_access,
170 	.vop_close =		fuse_fifo_close,
171 	.vop_fsync =		fuse_vnop_fsync,
172 	.vop_getattr =		fuse_vnop_getattr,
173 	.vop_inactive =		fuse_vnop_inactive,
174 	.vop_pathconf =		fuse_vnop_pathconf,
175 	.vop_print =		fuse_vnop_print,
176 	.vop_read =		VOP_PANIC,
177 	.vop_reclaim =		fuse_vnop_reclaim,
178 	.vop_setattr =		fuse_vnop_setattr,
179 	.vop_write =		VOP_PANIC,
180 	.vop_vptofh =		fuse_vnop_vptofh,
181 };
182 VFS_VOP_VECTOR_REGISTER(fuse_fifoops);
183 
184 struct vop_vector fuse_vnops = {
185 	.vop_allocate =	fuse_vnop_allocate,
186 	.vop_default = &default_vnodeops,
187 	.vop_access = fuse_vnop_access,
188 	.vop_advlock = fuse_vnop_advlock,
189 	.vop_bmap = fuse_vnop_bmap,
190 	.vop_close = fuse_vnop_close,
191 	.vop_copy_file_range = fuse_vnop_copy_file_range,
192 	.vop_create = fuse_vnop_create,
193 	.vop_deallocate = fuse_vnop_deallocate,
194 	.vop_deleteextattr = fuse_vnop_deleteextattr,
195 	.vop_fsync = fuse_vnop_fsync,
196 	.vop_fdatasync = fuse_vnop_fdatasync,
197 	.vop_getattr = fuse_vnop_getattr,
198 	.vop_getextattr = fuse_vnop_getextattr,
199 	.vop_inactive = fuse_vnop_inactive,
200 	.vop_ioctl = fuse_vnop_ioctl,
201 	.vop_link = fuse_vnop_link,
202 	.vop_listextattr = fuse_vnop_listextattr,
203 	.vop_lookup = fuse_vnop_lookup,
204 	.vop_mkdir = fuse_vnop_mkdir,
205 	.vop_mknod = fuse_vnop_mknod,
206 	.vop_open = fuse_vnop_open,
207 	.vop_pathconf = fuse_vnop_pathconf,
208 	/*
209 	 * TODO: implement vop_poll after upgrading to protocol 7.21.
210 	 * FUSE_POLL was added in protocol 7.11, but it's kind of broken until
211 	 * 7.21, which adds the ability for the client to choose which poll
212 	 * events it wants, and for a client to deregister a file handle
213 	 */
214 	.vop_read = fuse_vnop_read,
215 	.vop_readdir = fuse_vnop_readdir,
216 	.vop_readlink = fuse_vnop_readlink,
217 	.vop_reclaim = fuse_vnop_reclaim,
218 	.vop_remove = fuse_vnop_remove,
219 	.vop_rename = fuse_vnop_rename,
220 	.vop_rmdir = fuse_vnop_rmdir,
221 	.vop_setattr = fuse_vnop_setattr,
222 	.vop_setextattr = fuse_vnop_setextattr,
223 	.vop_strategy = fuse_vnop_strategy,
224 	.vop_symlink = fuse_vnop_symlink,
225 	.vop_write = fuse_vnop_write,
226 	.vop_getpages = fuse_vnop_getpages,
227 	.vop_print = fuse_vnop_print,
228 	.vop_vptofh = fuse_vnop_vptofh,
229 };
230 VFS_VOP_VECTOR_REGISTER(fuse_vnops);
231 
232 /* Check permission for extattr operations, much like extattr_check_cred */
233 static int
234 fuse_extattr_check_cred(struct vnode *vp, int ns, struct ucred *cred,
235 	struct thread *td, accmode_t accmode)
236 {
237 	struct mount *mp = vnode_mount(vp);
238 	struct fuse_data *data = fuse_get_mpdata(mp);
239 	int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS;
240 
241 	/*
242 	 * Kernel-invoked always succeeds.
243 	 */
244 	if (cred == NOCRED)
245 		return (0);
246 
247 	/*
248 	 * Do not allow privileged processes in jail to directly manipulate
249 	 * system attributes.
250 	 */
251 	switch (ns) {
252 	case EXTATTR_NAMESPACE_SYSTEM:
253 		if (default_permissions) {
254 			return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM));
255 		}
256 		return (0);
257 	case EXTATTR_NAMESPACE_USER:
258 		if (default_permissions) {
259 			return (fuse_internal_access(vp, accmode, td, cred));
260 		}
261 		return (0);
262 	default:
263 		return (EPERM);
264 	}
265 }
266 
267 /* Get a filehandle for a directory */
268 static int
269 fuse_filehandle_get_dir(struct vnode *vp, struct fuse_filehandle **fufhp,
270 	struct ucred *cred, pid_t pid)
271 {
272 	if (fuse_filehandle_get(vp, FREAD, fufhp, cred, pid) == 0)
273 		return 0;
274 	return fuse_filehandle_get(vp, FEXEC, fufhp, cred, pid);
275 }
276 
277 /* Send FUSE_FLUSH for this vnode */
278 static int
279 fuse_flush(struct vnode *vp, struct ucred *cred, pid_t pid, int fflag)
280 {
281 	struct fuse_flush_in *ffi;
282 	struct fuse_filehandle *fufh;
283 	struct fuse_dispatcher fdi;
284 	struct thread *td = curthread;
285 	struct mount *mp = vnode_mount(vp);
286 	int err;
287 
288 	if (fsess_not_impl(vnode_mount(vp), FUSE_FLUSH))
289 		return 0;
290 
291 	err = fuse_filehandle_getrw(vp, fflag, &fufh, cred, pid);
292 	if (err)
293 		return err;
294 
295 	fdisp_init(&fdi, sizeof(*ffi));
296 	fdisp_make_vp(&fdi, FUSE_FLUSH, vp, td, cred);
297 	ffi = fdi.indata;
298 	ffi->fh = fufh->fh_id;
299 	/*
300 	 * If the file has a POSIX lock then we're supposed to set lock_owner.
301 	 * If not, then lock_owner is undefined.  So we may as well always set
302 	 * it.
303 	 */
304 	ffi->lock_owner = td->td_proc->p_pid;
305 
306 	err = fdisp_wait_answ(&fdi);
307 	if (err == ENOSYS) {
308 		fsess_set_notimpl(mp, FUSE_FLUSH);
309 		err = 0;
310 	}
311 	fdisp_destroy(&fdi);
312 	return err;
313 }
314 
315 /* Close wrapper for fifos.  */
316 static int
317 fuse_fifo_close(struct vop_close_args *ap)
318 {
319 	return (fifo_specops.vop_close(ap));
320 }
321 
322 /* Invalidate a range of cached data, whether dirty of not */
323 static int
324 fuse_inval_buf_range(struct vnode *vp, off_t filesize, off_t start, off_t end)
325 {
326 	struct buf *bp;
327 	daddr_t left_lbn, end_lbn, right_lbn;
328 	off_t new_filesize;
329 	int iosize, left_on, right_on, right_blksize;
330 
331 	iosize = fuse_iosize(vp);
332 	left_lbn = start / iosize;
333 	end_lbn = howmany(end, iosize);
334 	left_on = start & (iosize - 1);
335 	if (left_on != 0) {
336 		bp = getblk(vp, left_lbn, iosize, PCATCH, 0, 0);
337 		if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyend >= left_on) {
338 			/*
339 			 * Flush the dirty buffer, because we don't have a
340 			 * byte-granular way to record which parts of the
341 			 * buffer are valid.
342 			 */
343 			bwrite(bp);
344 			if (bp->b_error)
345 				return (bp->b_error);
346 		} else {
347 			brelse(bp);
348 		}
349 	}
350 	right_on = end & (iosize - 1);
351 	if (right_on != 0) {
352 		right_lbn = end / iosize;
353 		new_filesize = MAX(filesize, end);
354 		right_blksize = MIN(iosize, new_filesize - iosize * right_lbn);
355 		bp = getblk(vp, right_lbn, right_blksize, PCATCH, 0, 0);
356 		if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyoff < right_on) {
357 			/*
358 			 * Flush the dirty buffer, because we don't have a
359 			 * byte-granular way to record which parts of the
360 			 * buffer are valid.
361 			 */
362 			bwrite(bp);
363 			if (bp->b_error)
364 				return (bp->b_error);
365 		} else {
366 			brelse(bp);
367 		}
368 	}
369 
370 	v_inval_buf_range(vp, left_lbn, end_lbn, iosize);
371 	return (0);
372 }
373 
374 
375 /* Send FUSE_LSEEK for this node */
376 static int
377 fuse_vnop_do_lseek(struct vnode *vp, struct thread *td, struct ucred *cred,
378 	pid_t pid, off_t *offp, int whence)
379 {
380 	struct fuse_dispatcher fdi;
381 	struct fuse_filehandle *fufh;
382 	struct fuse_lseek_in *flsi;
383 	struct fuse_lseek_out *flso;
384 	struct mount *mp = vnode_mount(vp);
385 	int err;
386 
387 	ASSERT_VOP_LOCKED(vp, __func__);
388 
389 	err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid);
390 	if (err)
391 		return (err);
392 	fdisp_init(&fdi, sizeof(*flsi));
393 	fdisp_make_vp(&fdi, FUSE_LSEEK, vp, td, cred);
394 	flsi = fdi.indata;
395 	flsi->fh = fufh->fh_id;
396 	flsi->offset = *offp;
397 	flsi->whence = whence;
398 	err = fdisp_wait_answ(&fdi);
399 	if (err == ENOSYS) {
400 		fsess_set_notimpl(mp, FUSE_LSEEK);
401 	} else if (err == 0) {
402 		fsess_set_impl(mp, FUSE_LSEEK);
403 		flso = fdi.answ;
404 		*offp = flso->offset;
405 	}
406 	fdisp_destroy(&fdi);
407 
408 	return (err);
409 }
410 
411 /*
412     struct vnop_access_args {
413 	struct vnode *a_vp;
414 #if VOP_ACCESS_TAKES_ACCMODE_T
415 	accmode_t a_accmode;
416 #else
417 	int a_mode;
418 #endif
419 	struct ucred *a_cred;
420 	struct thread *a_td;
421     };
422 */
423 static int
424 fuse_vnop_access(struct vop_access_args *ap)
425 {
426 	struct vnode *vp = ap->a_vp;
427 	int accmode = ap->a_accmode;
428 	struct ucred *cred = ap->a_cred;
429 
430 	struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp));
431 
432 	int err;
433 
434 	if (fuse_isdeadfs(vp)) {
435 		if (vnode_isvroot(vp)) {
436 			return 0;
437 		}
438 		return ENXIO;
439 	}
440 	if (!(data->dataflags & FSESS_INITED)) {
441 		if (vnode_isvroot(vp)) {
442 			if (priv_check_cred(cred, PRIV_VFS_ADMIN) ||
443 			    (fuse_match_cred(data->daemoncred, cred) == 0)) {
444 				return 0;
445 			}
446 		}
447 		return EBADF;
448 	}
449 	if (vnode_islnk(vp)) {
450 		return 0;
451 	}
452 
453 	err = fuse_internal_access(vp, accmode, ap->a_td, ap->a_cred);
454 	return err;
455 }
456 
457 /*
458  * struct vop_advlock_args {
459  *	struct vop_generic_args a_gen;
460  *	struct vnode *a_vp;
461  *	void *a_id;
462  *	int a_op;
463  *	struct flock *a_fl;
464  *	int a_flags;
465  * }
466  */
467 static int
468 fuse_vnop_advlock(struct vop_advlock_args *ap)
469 {
470 	struct vnode *vp = ap->a_vp;
471 	struct flock *fl = ap->a_fl;
472 	struct thread *td = curthread;
473 	struct ucred *cred = td->td_ucred;
474 	pid_t pid = td->td_proc->p_pid;
475 	struct fuse_filehandle *fufh;
476 	struct fuse_dispatcher fdi;
477 	struct fuse_lk_in *fli;
478 	struct fuse_lk_out *flo;
479 	struct vattr vattr;
480 	enum fuse_opcode op;
481 	off_t size, start;
482 	int dataflags, err;
483 	int flags = ap->a_flags;
484 
485 	dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags;
486 
487 	if (fuse_isdeadfs(vp)) {
488 		return ENXIO;
489 	}
490 
491 	switch(ap->a_op) {
492 	case F_GETLK:
493 		op = FUSE_GETLK;
494 		break;
495 	case F_SETLK:
496 		if (flags & F_WAIT)
497 			op = FUSE_SETLKW;
498 		else
499 			op = FUSE_SETLK;
500 		break;
501 	case F_UNLCK:
502 		op = FUSE_SETLK;
503 		break;
504 	default:
505 		return EINVAL;
506 	}
507 
508 	if (!(dataflags & FSESS_POSIX_LOCKS))
509 		return vop_stdadvlock(ap);
510 	/* FUSE doesn't properly support flock until protocol 7.17 */
511 	if (flags & F_FLOCK)
512 		return vop_stdadvlock(ap);
513 
514 	vn_lock(vp, LK_SHARED | LK_RETRY);
515 
516 	switch (fl->l_whence) {
517 	case SEEK_SET:
518 	case SEEK_CUR:
519 		/*
520 		 * Caller is responsible for adding any necessary offset
521 		 * when SEEK_CUR is used.
522 		 */
523 		start = fl->l_start;
524 		break;
525 
526 	case SEEK_END:
527 		err = fuse_internal_getattr(vp, &vattr, cred, td);
528 		if (err)
529 			goto out;
530 		size = vattr.va_size;
531 		if (size > OFF_MAX ||
532 		    (fl->l_start > 0 && size > OFF_MAX - fl->l_start)) {
533 			err = EOVERFLOW;
534 			goto out;
535 		}
536 		start = size + fl->l_start;
537 		break;
538 
539 	default:
540 		return (EINVAL);
541 	}
542 
543 	err = fuse_filehandle_get_anyflags(vp, &fufh, cred, pid);
544 	if (err)
545 		goto out;
546 
547 	fdisp_init(&fdi, sizeof(*fli));
548 
549 	fdisp_make_vp(&fdi, op, vp, td, cred);
550 	fli = fdi.indata;
551 	fli->fh = fufh->fh_id;
552 	fli->owner = td->td_proc->p_pid;
553 	fli->lk.start = start;
554 	if (fl->l_len != 0)
555 		fli->lk.end = start + fl->l_len - 1;
556 	else
557 		fli->lk.end = INT64_MAX;
558 	fli->lk.type = fl->l_type;
559 	fli->lk.pid = td->td_proc->p_pid;
560 
561 	err = fdisp_wait_answ(&fdi);
562 	fdisp_destroy(&fdi);
563 
564 	if (err == 0 && op == FUSE_GETLK) {
565 		flo = fdi.answ;
566 		fl->l_type = flo->lk.type;
567 		fl->l_whence = SEEK_SET;
568 		if (flo->lk.type != F_UNLCK) {
569 			fl->l_pid = flo->lk.pid;
570 			fl->l_start = flo->lk.start;
571 			if (flo->lk.end == INT64_MAX)
572 				fl->l_len = 0;
573 			else
574 				fl->l_len = flo->lk.end - flo->lk.start + 1;
575 			fl->l_start = flo->lk.start;
576 		}
577 	}
578 
579 out:
580 	VOP_UNLOCK(vp);
581 	return err;
582 }
583 
584 static int
585 fuse_vnop_allocate(struct vop_allocate_args *ap)
586 {
587 	struct vnode *vp = ap->a_vp;
588 	off_t *len = ap->a_len;
589 	off_t *offset = ap->a_offset;
590 	struct ucred *cred = ap->a_cred;
591 	struct fuse_filehandle *fufh;
592 	struct mount *mp = vnode_mount(vp);
593 	struct fuse_dispatcher fdi;
594 	struct fuse_fallocate_in *ffi;
595 	struct uio io;
596 	pid_t pid = curthread->td_proc->p_pid;
597 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
598 	off_t filesize;
599 	int err;
600 
601 	if (fuse_isdeadfs(vp))
602 		return (ENXIO);
603 
604 	switch (vp->v_type) {
605 	case VFIFO:
606 		return (ESPIPE);
607 	case VLNK:
608 	case VREG:
609 		if (vfs_isrdonly(mp))
610 			return (EROFS);
611 		break;
612 	default:
613 		return (ENODEV);
614 	}
615 
616 	if (vfs_isrdonly(mp))
617 		return (EROFS);
618 
619 	if (fsess_not_impl(mp, FUSE_FALLOCATE))
620 		return (EINVAL);
621 
622 	io.uio_offset = *offset;
623 	io.uio_resid = *len;
624 	err = vn_rlimit_fsize(vp, &io, curthread);
625 	if (err)
626 		return (err);
627 
628 	err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid);
629 	if (err)
630 		return (err);
631 
632 	fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE);
633 
634 	err = fuse_vnode_size(vp, &filesize, cred, curthread);
635 	if (err)
636 		return (err);
637 	fuse_inval_buf_range(vp, filesize, *offset, *offset + *len);
638 
639 	fdisp_init(&fdi, sizeof(*ffi));
640 	fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred);
641 	ffi = fdi.indata;
642 	ffi->fh = fufh->fh_id;
643 	ffi->offset = *offset;
644 	ffi->length = *len;
645 	ffi->mode = 0;
646 	err = fdisp_wait_answ(&fdi);
647 
648 	if (err == ENOSYS) {
649 		fsess_set_notimpl(mp, FUSE_FALLOCATE);
650 		err = EINVAL;
651 	} else if (err == EOPNOTSUPP) {
652 		/*
653 		 * The file system server does not support FUSE_FALLOCATE with
654 		 * the supplied mode for this particular file.
655 		 */
656 		err = EINVAL;
657 	} else if (!err) {
658 		*offset += *len;
659 		*len = 0;
660 		fuse_vnode_undirty_cached_timestamps(vp, false);
661 		fuse_internal_clear_suid_on_write(vp, cred, curthread);
662 		if (*offset > fvdat->cached_attrs.va_size) {
663 			fuse_vnode_setsize(vp, *offset, false);
664 			getnanouptime(&fvdat->last_local_modify);
665 		}
666 	}
667 
668 	fdisp_destroy(&fdi);
669 	return (err);
670 }
671 
672 /* {
673 	struct vnode *a_vp;
674 	daddr_t a_bn;
675 	struct bufobj **a_bop;
676 	daddr_t *a_bnp;
677 	int *a_runp;
678 	int *a_runb;
679 } */
680 static int
681 fuse_vnop_bmap(struct vop_bmap_args *ap)
682 {
683 	struct vnode *vp = ap->a_vp;
684 	struct bufobj **bo = ap->a_bop;
685 	struct thread *td = curthread;
686 	struct mount *mp;
687 	struct fuse_dispatcher fdi;
688 	struct fuse_bmap_in *fbi;
689 	struct fuse_bmap_out *fbo;
690 	struct fuse_data *data;
691 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
692 	uint64_t biosize;
693 	off_t fsize;
694 	daddr_t lbn = ap->a_bn;
695 	daddr_t *pbn = ap->a_bnp;
696 	int *runp = ap->a_runp;
697 	int *runb = ap->a_runb;
698 	int error = 0;
699 	int maxrun;
700 
701 	if (fuse_isdeadfs(vp)) {
702 		return ENXIO;
703 	}
704 
705 	mp = vnode_mount(vp);
706 	data = fuse_get_mpdata(mp);
707 	biosize = fuse_iosize(vp);
708 	maxrun = MIN(vp->v_mount->mnt_iosize_max / biosize - 1,
709 		data->max_readahead_blocks);
710 
711 	if (bo != NULL)
712 		*bo = &vp->v_bufobj;
713 
714 	/*
715 	 * The FUSE_BMAP operation does not include the runp and runb
716 	 * variables, so we must guess.  Report nonzero contiguous runs so
717 	 * cluster_read will combine adjacent reads.  It's worthwhile to reduce
718 	 * upcalls even if we don't know the true physical layout of the file.
719 	 *
720 	 * FUSE file systems may opt out of read clustering in two ways:
721 	 * * mounting with -onoclusterr
722 	 * * Setting max_readahead <= maxbcachebuf during FUSE_INIT
723 	 */
724 	if (runb != NULL)
725 		*runb = MIN(lbn, maxrun);
726 	if (runp != NULL && maxrun == 0)
727 		*runp = 0;
728 	else if (runp != NULL) {
729 		/*
730 		 * If the file's size is cached, use that value to calculate
731 		 * runp, even if the cache is expired.  runp is only advisory,
732 		 * and the risk of getting it wrong is not worth the cost of
733 		 * another upcall.
734 		 */
735 		if (fvdat->cached_attrs.va_size != VNOVAL)
736 			fsize = fvdat->cached_attrs.va_size;
737 		else
738 			error = fuse_vnode_size(vp, &fsize, td->td_ucred, td);
739 		if (error == 0)
740 			*runp = MIN(MAX(0, fsize / (off_t)biosize - lbn - 1),
741 				    maxrun);
742 		else
743 			*runp = 0;
744 	}
745 
746 	if (fsess_maybe_impl(mp, FUSE_BMAP)) {
747 		fdisp_init(&fdi, sizeof(*fbi));
748 		fdisp_make_vp(&fdi, FUSE_BMAP, vp, td, td->td_ucred);
749 		fbi = fdi.indata;
750 		fbi->block = lbn;
751 		fbi->blocksize = biosize;
752 		error = fdisp_wait_answ(&fdi);
753 		if (error == ENOSYS) {
754 			fdisp_destroy(&fdi);
755 			fsess_set_notimpl(mp, FUSE_BMAP);
756 			error = 0;
757 		} else {
758 			fbo = fdi.answ;
759 			if (error == 0 && pbn != NULL)
760 				*pbn = fbo->block;
761 			fdisp_destroy(&fdi);
762 			return error;
763 		}
764 	}
765 
766 	/* If the daemon doesn't support BMAP, make up a sensible default */
767 	if (pbn != NULL)
768 		*pbn = lbn * btodb(biosize);
769 	return (error);
770 }
771 
772 /*
773     struct vop_close_args {
774 	struct vnode *a_vp;
775 	int  a_fflag;
776 	struct ucred *a_cred;
777 	struct thread *a_td;
778     };
779 */
780 static int
781 fuse_vnop_close(struct vop_close_args *ap)
782 {
783 	struct vnode *vp = ap->a_vp;
784 	struct ucred *cred = ap->a_cred;
785 	int fflag = ap->a_fflag;
786 	struct thread *td = ap->a_td;
787 	pid_t pid = td->td_proc->p_pid;
788 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
789 	int err = 0;
790 
791 	if (fuse_isdeadfs(vp))
792 		return 0;
793 	if (vnode_isdir(vp))
794 		return 0;
795 	if (fflag & IO_NDELAY)
796 		return 0;
797 
798 	err = fuse_flush(vp, cred, pid, fflag);
799 	if (err == 0 && (fvdat->flag & FN_ATIMECHANGE)) {
800 		struct vattr vap;
801 
802 		VATTR_NULL(&vap);
803 		vap.va_atime = fvdat->cached_attrs.va_atime;
804 		err = fuse_internal_setattr(vp, &vap, td, NULL);
805 	}
806 	/* TODO: close the file handle, if we're sure it's no longer used */
807 	if ((fvdat->flag & FN_SIZECHANGE) != 0) {
808 		fuse_vnode_savesize(vp, cred, td->td_proc->p_pid);
809 	}
810 	return err;
811 }
812 
813 /*
814    struct vop_copy_file_range_args {
815 	struct vop_generic_args a_gen;
816 	struct vnode *a_invp;
817 	off_t *a_inoffp;
818 	struct vnode *a_outvp;
819 	off_t *a_outoffp;
820 	size_t *a_lenp;
821 	unsigned int a_flags;
822 	struct ucred *a_incred;
823 	struct ucred *a_outcred;
824 	struct thread *a_fsizetd;
825 }
826  */
827 static int
828 fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap)
829 {
830 	struct vnode *invp = ap->a_invp;
831 	struct vnode *outvp = ap->a_outvp;
832 	struct mount *mp = vnode_mount(invp);
833 	struct fuse_vnode_data *outfvdat = VTOFUD(outvp);
834 	struct fuse_dispatcher fdi;
835 	struct fuse_filehandle *infufh, *outfufh;
836 	struct fuse_copy_file_range_in *fcfri;
837 	struct ucred *incred = ap->a_incred;
838 	struct ucred *outcred = ap->a_outcred;
839 	struct fuse_write_out *fwo;
840 	struct thread *td;
841 	struct uio io;
842 	off_t outfilesize;
843 	ssize_t r = 0;
844 	pid_t pid;
845 	int err;
846 
847 	if (mp != vnode_mount(outvp))
848 		goto fallback;
849 
850 	if (incred->cr_uid != outcred->cr_uid)
851 		goto fallback;
852 
853 	if (incred->cr_groups[0] != outcred->cr_groups[0])
854 		goto fallback;
855 
856 	if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE))
857 		goto fallback;
858 
859 	if (ap->a_fsizetd == NULL)
860 		td = curthread;
861 	else
862 		td = ap->a_fsizetd;
863 	pid = td->td_proc->p_pid;
864 
865 	/* Lock both vnodes, avoiding risk of deadlock. */
866 	do {
867 		err = vn_lock(outvp, LK_EXCLUSIVE);
868 		if (invp == outvp)
869 			break;
870 		if (err == 0) {
871 			err = vn_lock(invp, LK_SHARED | LK_NOWAIT);
872 			if (err == 0)
873 				break;
874 			VOP_UNLOCK(outvp);
875 			err = vn_lock(invp, LK_SHARED);
876 			if (err == 0)
877 				VOP_UNLOCK(invp);
878 		}
879 	} while (err == 0);
880 	if (err != 0)
881 		return (err);
882 
883 	err = fuse_filehandle_getrw(invp, FREAD, &infufh, incred, pid);
884 	if (err)
885 		goto unlock;
886 
887 	err = fuse_filehandle_getrw(outvp, FWRITE, &outfufh, outcred, pid);
888 	if (err)
889 		goto unlock;
890 
891 	io.uio_resid = *ap->a_lenp;
892 	if (ap->a_fsizetd) {
893 		io.uio_offset = *ap->a_outoffp;
894 		err = vn_rlimit_fsizex(outvp, &io, 0, &r, ap->a_fsizetd);
895 		if (err != 0)
896 			goto unlock;
897 	}
898 
899 	err = fuse_vnode_size(outvp, &outfilesize, outcred, curthread);
900 	if (err)
901 		goto unlock;
902 
903 	err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp,
904 		*ap->a_outoffp + io.uio_resid);
905 	if (err)
906 		goto unlock;
907 
908 	fdisp_init(&fdi, sizeof(*fcfri));
909 	fdisp_make_vp(&fdi, FUSE_COPY_FILE_RANGE, invp, td, incred);
910 	fcfri = fdi.indata;
911 	fcfri->fh_in = infufh->fh_id;
912 	fcfri->off_in = *ap->a_inoffp;
913 	fcfri->nodeid_out = VTOI(outvp);
914 	fcfri->fh_out = outfufh->fh_id;
915 	fcfri->off_out = *ap->a_outoffp;
916 	fcfri->len = io.uio_resid;
917 	fcfri->flags = 0;
918 
919 	err = fdisp_wait_answ(&fdi);
920 	if (err == 0) {
921 		fwo = fdi.answ;
922 		*ap->a_lenp = fwo->size;
923 		*ap->a_inoffp += fwo->size;
924 		*ap->a_outoffp += fwo->size;
925 		fuse_internal_clear_suid_on_write(outvp, outcred, td);
926 		if (*ap->a_outoffp > outfvdat->cached_attrs.va_size) {
927                         fuse_vnode_setsize(outvp, *ap->a_outoffp, false);
928 			getnanouptime(&outfvdat->last_local_modify);
929 		}
930 		fuse_vnode_update(invp, FN_ATIMECHANGE);
931 		fuse_vnode_update(outvp, FN_MTIMECHANGE | FN_CTIMECHANGE);
932 	}
933 	fdisp_destroy(&fdi);
934 
935 unlock:
936 	if (invp != outvp)
937 		VOP_UNLOCK(invp);
938 	VOP_UNLOCK(outvp);
939 
940 	if (err == ENOSYS) {
941 		fsess_set_notimpl(mp, FUSE_COPY_FILE_RANGE);
942 fallback:
943 		err = vn_generic_copy_file_range(ap->a_invp, ap->a_inoffp,
944 		    ap->a_outvp, ap->a_outoffp, ap->a_lenp, ap->a_flags,
945 		    ap->a_incred, ap->a_outcred, ap->a_fsizetd);
946 	}
947 
948 	/*
949 	 * No need to call vn_rlimit_fsizex_res before return, since the uio is
950 	 * local.
951 	 */
952 	return (err);
953 }
954 
955 static void
956 fdisp_make_mknod_for_fallback(
957 	struct fuse_dispatcher *fdip,
958 	struct componentname *cnp,
959 	struct vnode *dvp,
960 	uint64_t parentnid,
961 	struct thread *td,
962 	struct ucred *cred,
963 	mode_t mode,
964 	enum fuse_opcode *op)
965 {
966 	struct fuse_mknod_in *fmni;
967 
968 	fdisp_init(fdip, sizeof(*fmni) + cnp->cn_namelen + 1);
969 	*op = FUSE_MKNOD;
970 	fdisp_make(fdip, *op, vnode_mount(dvp), parentnid, td, cred);
971 	fmni = fdip->indata;
972 	fmni->mode = mode;
973 	fmni->rdev = 0;
974 	memcpy((char *)fdip->indata + sizeof(*fmni), cnp->cn_nameptr,
975 	    cnp->cn_namelen);
976 	((char *)fdip->indata)[sizeof(*fmni) + cnp->cn_namelen] = '\0';
977 }
978 /*
979     struct vnop_create_args {
980 	struct vnode *a_dvp;
981 	struct vnode **a_vpp;
982 	struct componentname *a_cnp;
983 	struct vattr *a_vap;
984     };
985 */
986 static int
987 fuse_vnop_create(struct vop_create_args *ap)
988 {
989 	struct vnode *dvp = ap->a_dvp;
990 	struct vnode **vpp = ap->a_vpp;
991 	struct componentname *cnp = ap->a_cnp;
992 	struct vattr *vap = ap->a_vap;
993 	struct thread *td = curthread;
994 	struct ucred *cred = cnp->cn_cred;
995 
996 	struct fuse_data *data;
997 	struct fuse_create_in *fci;
998 	struct fuse_entry_out *feo;
999 	struct fuse_open_out *foo;
1000 	struct fuse_dispatcher fdi, fdi2;
1001 	struct fuse_dispatcher *fdip = &fdi;
1002 	struct fuse_dispatcher *fdip2 = NULL;
1003 
1004 	int err;
1005 
1006 	struct mount *mp = vnode_mount(dvp);
1007 	data = fuse_get_mpdata(mp);
1008 	uint64_t parentnid = VTOFUD(dvp)->nid;
1009 	mode_t mode = MAKEIMODE(vap->va_type, vap->va_mode);
1010 	enum fuse_opcode op;
1011 	int flags;
1012 
1013 	if (fuse_isdeadfs(dvp))
1014 		return ENXIO;
1015 
1016 	/* FUSE expects sockets to be created with FUSE_MKNOD */
1017 	if (vap->va_type == VSOCK)
1018 		return fuse_internal_mknod(dvp, vpp, cnp, vap);
1019 
1020 	/*
1021 	 * VOP_CREATE doesn't tell us the open(2) flags, so we guess.  Only a
1022 	 * writable mode makes sense, and we might as well include readability
1023 	 * too.
1024 	 */
1025 	flags = O_RDWR;
1026 
1027 	bzero(&fdi, sizeof(fdi));
1028 
1029 	if (vap->va_type != VREG)
1030 		return (EINVAL);
1031 
1032 	if (fsess_not_impl(mp, FUSE_CREATE) || vap->va_type == VSOCK) {
1033 		/* Fallback to FUSE_MKNOD/FUSE_OPEN */
1034 		fdisp_make_mknod_for_fallback(fdip, cnp, dvp, parentnid, td,
1035 			cred, mode, &op);
1036 	} else {
1037 		/* Use FUSE_CREATE */
1038 		size_t insize;
1039 
1040 		op = FUSE_CREATE;
1041 		fdisp_init(fdip, sizeof(*fci) + cnp->cn_namelen + 1);
1042 		fdisp_make(fdip, op, vnode_mount(dvp), parentnid, td, cred);
1043 		fci = fdip->indata;
1044 		fci->mode = mode;
1045 		fci->flags = O_CREAT | flags;
1046 		if (fuse_libabi_geq(data, 7, 12)) {
1047 			insize = sizeof(*fci);
1048 			fci->umask = td->td_proc->p_pd->pd_cmask;
1049 		} else {
1050 			insize = sizeof(struct fuse_open_in);
1051 		}
1052 
1053 		memcpy((char *)fdip->indata + insize, cnp->cn_nameptr,
1054 		    cnp->cn_namelen);
1055 		((char *)fdip->indata)[insize + cnp->cn_namelen] = '\0';
1056 	}
1057 
1058 	err = fdisp_wait_answ(fdip);
1059 
1060 	if (err) {
1061 		if (err == ENOSYS && op == FUSE_CREATE) {
1062 			fsess_set_notimpl(mp, FUSE_CREATE);
1063 			fdisp_destroy(fdip);
1064 			fdisp_make_mknod_for_fallback(fdip, cnp, dvp,
1065 				parentnid, td, cred, mode, &op);
1066 			err = fdisp_wait_answ(fdip);
1067 		}
1068 		if (err)
1069 			goto out;
1070 	}
1071 
1072 	feo = fdip->answ;
1073 
1074 	if ((err = fuse_internal_checkentry(feo, vap->va_type))) {
1075 		goto out;
1076 	}
1077 
1078 	if (op == FUSE_CREATE) {
1079 		if (fuse_libabi_geq(data, 7, 9))
1080 			foo = (struct fuse_open_out*)(feo + 1);
1081 		else
1082 			foo = (struct fuse_open_out*)((char*)feo +
1083 				FUSE_COMPAT_ENTRY_OUT_SIZE);
1084 	} else {
1085 		/* Issue a separate FUSE_OPEN */
1086 		struct fuse_open_in *foi;
1087 
1088 		fdip2 = &fdi2;
1089 		fdisp_init(fdip2, sizeof(*foi));
1090 		fdisp_make(fdip2, FUSE_OPEN, vnode_mount(dvp), feo->nodeid, td,
1091 			cred);
1092 		foi = fdip2->indata;
1093 		foi->flags = flags;
1094 		err = fdisp_wait_answ(fdip2);
1095 		if (err)
1096 			goto out;
1097 		foo = fdip2->answ;
1098 	}
1099 	err = fuse_vnode_get(mp, feo, feo->nodeid, dvp, vpp, cnp, vap->va_type);
1100 	if (err) {
1101 		struct fuse_release_in *fri;
1102 		uint64_t nodeid = feo->nodeid;
1103 		uint64_t fh_id = foo->fh;
1104 
1105 		fdisp_destroy(fdip);
1106 		fdisp_init(fdip, sizeof(*fri));
1107 		fdisp_make(fdip, FUSE_RELEASE, mp, nodeid, td, cred);
1108 		fri = fdip->indata;
1109 		fri->fh = fh_id;
1110 		fri->flags = flags;
1111 		fuse_insert_callback(fdip->tick, fuse_internal_forget_callback);
1112 		fuse_insert_message(fdip->tick, false);
1113 		goto out;
1114 	}
1115 	ASSERT_VOP_ELOCKED(*vpp, "fuse_vnop_create");
1116 	fuse_internal_cache_attrs(*vpp, &feo->attr, feo->attr_valid,
1117 		feo->attr_valid_nsec, NULL, true);
1118 
1119 	fuse_filehandle_init(*vpp, FUFH_RDWR, NULL, td, cred, foo);
1120 	fuse_vnode_open(*vpp, foo->open_flags, td);
1121 	/*
1122 	 * Purge the parent's attribute cache because the daemon should've
1123 	 * updated its mtime and ctime
1124 	 */
1125 	fuse_vnode_clear_attr_cache(dvp);
1126 	cache_purge_negative(dvp);
1127 
1128 out:
1129 	if (fdip2)
1130 		fdisp_destroy(fdip2);
1131 	fdisp_destroy(fdip);
1132 	return err;
1133 }
1134 
1135 /*
1136     struct vnop_fdatasync_args {
1137 	struct vop_generic_args a_gen;
1138 	struct vnode * a_vp;
1139 	struct thread * a_td;
1140     };
1141 */
1142 static int
1143 fuse_vnop_fdatasync(struct vop_fdatasync_args *ap)
1144 {
1145 	struct vnode *vp = ap->a_vp;
1146 	struct thread *td = ap->a_td;
1147 	int waitfor = MNT_WAIT;
1148 
1149 	int err = 0;
1150 
1151 	if (fuse_isdeadfs(vp)) {
1152 		return 0;
1153 	}
1154 	if ((err = vop_stdfdatasync_buf(ap)))
1155 		return err;
1156 
1157 	return fuse_internal_fsync(vp, td, waitfor, true);
1158 }
1159 
1160 /*
1161     struct vnop_fsync_args {
1162 	struct vop_generic_args a_gen;
1163 	struct vnode * a_vp;
1164 	int  a_waitfor;
1165 	struct thread * a_td;
1166     };
1167 */
1168 static int
1169 fuse_vnop_fsync(struct vop_fsync_args *ap)
1170 {
1171 	struct vnode *vp = ap->a_vp;
1172 	struct thread *td = ap->a_td;
1173 	int waitfor = ap->a_waitfor;
1174 	int err = 0;
1175 
1176 	if (fuse_isdeadfs(vp)) {
1177 		return 0;
1178 	}
1179 	if ((err = vop_stdfsync(ap)))
1180 		return err;
1181 
1182 	return fuse_internal_fsync(vp, td, waitfor, false);
1183 }
1184 
1185 /*
1186     struct vnop_getattr_args {
1187 	struct vnode *a_vp;
1188 	struct vattr *a_vap;
1189 	struct ucred *a_cred;
1190 	struct thread *a_td;
1191     };
1192 */
1193 static int
1194 fuse_vnop_getattr(struct vop_getattr_args *ap)
1195 {
1196 	struct vnode *vp = ap->a_vp;
1197 	struct vattr *vap = ap->a_vap;
1198 	struct ucred *cred = ap->a_cred;
1199 	struct thread *td = curthread;
1200 
1201 	int err = 0;
1202 	int dataflags;
1203 
1204 	dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags;
1205 
1206 	/* Note that we are not bailing out on a dead file system just yet. */
1207 
1208 	if (!(dataflags & FSESS_INITED)) {
1209 		if (!vnode_isvroot(vp)) {
1210 			fdata_set_dead(fuse_get_mpdata(vnode_mount(vp)));
1211 			err = ENOTCONN;
1212 			return err;
1213 		} else {
1214 			goto fake;
1215 		}
1216 	}
1217 	err = fuse_internal_getattr(vp, vap, cred, td);
1218 	if (err == ENOTCONN && vnode_isvroot(vp)) {
1219 		/* see comment in fuse_vfsop_statfs() */
1220 		goto fake;
1221 	} else {
1222 		return err;
1223 	}
1224 
1225 fake:
1226 	bzero(vap, sizeof(*vap));
1227 	vap->va_type = vnode_vtype(vp);
1228 
1229 	return 0;
1230 }
1231 
1232 /*
1233     struct vnop_inactive_args {
1234 	struct vnode *a_vp;
1235     };
1236 */
1237 static int
1238 fuse_vnop_inactive(struct vop_inactive_args *ap)
1239 {
1240 	struct vnode *vp = ap->a_vp;
1241 	struct thread *td = curthread;
1242 
1243 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
1244 	struct fuse_filehandle *fufh, *fufh_tmp;
1245 
1246 	int need_flush = 1;
1247 
1248 	LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) {
1249 		if (need_flush && vp->v_type == VREG) {
1250 			if ((VTOFUD(vp)->flag & FN_SIZECHANGE) != 0) {
1251 				fuse_vnode_savesize(vp, NULL, 0);
1252 			}
1253 			if ((fvdat->flag & FN_REVOKED) != 0)
1254 				fuse_io_invalbuf(vp, td);
1255 			else
1256 				fuse_io_flushbuf(vp, MNT_WAIT, td);
1257 			need_flush = 0;
1258 		}
1259 		fuse_filehandle_close(vp, fufh, td, NULL);
1260 	}
1261 
1262 	if ((fvdat->flag & FN_REVOKED) != 0)
1263 		vrecycle(vp);
1264 
1265 	return 0;
1266 }
1267 
1268 /*
1269     struct vnop_ioctl_args {
1270 	struct vnode *a_vp;
1271 	u_long a_command;
1272 	caddr_t a_data;
1273 	int a_fflag;
1274 	struct ucred *a_cred;
1275 	struct thread *a_td;
1276     };
1277 */
1278 static int
1279 fuse_vnop_ioctl(struct vop_ioctl_args *ap)
1280 {
1281 	struct vnode *vp = ap->a_vp;
1282 	struct mount *mp = vnode_mount(vp);
1283 	struct ucred *cred = ap->a_cred;
1284 	off_t *offp;
1285 	pid_t pid = ap->a_td->td_proc->p_pid;
1286 	int err;
1287 
1288 	switch (ap->a_command) {
1289 	case FIOSEEKDATA:
1290 	case FIOSEEKHOLE:
1291 		/* Call FUSE_LSEEK, if we can, or fall back to vop_stdioctl */
1292 		if (fsess_maybe_impl(mp, FUSE_LSEEK)) {
1293 			int whence;
1294 
1295 			offp = ap->a_data;
1296 			if (ap->a_command == FIOSEEKDATA)
1297 				whence = SEEK_DATA;
1298 			else
1299 				whence = SEEK_HOLE;
1300 
1301 			vn_lock(vp, LK_SHARED | LK_RETRY);
1302 			err = fuse_vnop_do_lseek(vp, ap->a_td, cred, pid, offp,
1303 			    whence);
1304 			VOP_UNLOCK(vp);
1305 		}
1306 		if (fsess_not_impl(mp, FUSE_LSEEK))
1307 			err = vop_stdioctl(ap);
1308 		break;
1309 	default:
1310 		/* TODO: implement FUSE_IOCTL */
1311 		err = ENOTTY;
1312 		break;
1313 	}
1314 	return (err);
1315 }
1316 
1317 
1318 /*
1319     struct vnop_link_args {
1320 	struct vnode *a_tdvp;
1321 	struct vnode *a_vp;
1322 	struct componentname *a_cnp;
1323     };
1324 */
1325 static int
1326 fuse_vnop_link(struct vop_link_args *ap)
1327 {
1328 	struct vnode *vp = ap->a_vp;
1329 	struct vnode *tdvp = ap->a_tdvp;
1330 	struct componentname *cnp = ap->a_cnp;
1331 
1332 	struct vattr *vap = VTOVA(vp);
1333 
1334 	struct fuse_dispatcher fdi;
1335 	struct fuse_entry_out *feo;
1336 	struct fuse_link_in fli;
1337 
1338 	int err;
1339 
1340 	if (fuse_isdeadfs(vp)) {
1341 		return ENXIO;
1342 	}
1343 	if (vnode_mount(tdvp) != vnode_mount(vp)) {
1344 		return EXDEV;
1345 	}
1346 
1347 	/*
1348 	 * This is a seatbelt check to protect naive userspace filesystems from
1349 	 * themselves and the limitations of the FUSE IPC protocol.  If a
1350 	 * filesystem does not allow attribute caching, assume it is capable of
1351 	 * validating that nlink does not overflow.
1352 	 */
1353 	if (vap != NULL && vap->va_nlink >= FUSE_LINK_MAX)
1354 		return EMLINK;
1355 	fli.oldnodeid = VTOI(vp);
1356 
1357 	fdisp_init(&fdi, 0);
1358 	fuse_internal_newentry_makerequest(vnode_mount(tdvp), VTOI(tdvp), cnp,
1359 	    FUSE_LINK, &fli, sizeof(fli), &fdi);
1360 	if ((err = fdisp_wait_answ(&fdi))) {
1361 		goto out;
1362 	}
1363 	feo = fdi.answ;
1364 
1365 	if (fli.oldnodeid != feo->nodeid) {
1366 		struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp));
1367 		fuse_warn(data, FSESS_WARN_ILLEGAL_INODE,
1368 			"Assigned wrong inode for a hard link.");
1369 		fuse_vnode_clear_attr_cache(vp);
1370 		fuse_vnode_clear_attr_cache(tdvp);
1371 		err = EIO;
1372 		goto out;
1373 	}
1374 
1375 	err = fuse_internal_checkentry(feo, vnode_vtype(vp));
1376 	if (!err) {
1377 		/*
1378 		 * Purge the parent's attribute cache because the daemon
1379 		 * should've updated its mtime and ctime
1380 		 */
1381 		fuse_vnode_clear_attr_cache(tdvp);
1382 		fuse_internal_cache_attrs(vp, &feo->attr, feo->attr_valid,
1383 			feo->attr_valid_nsec, NULL, true);
1384 	}
1385 out:
1386 	fdisp_destroy(&fdi);
1387 	return err;
1388 }
1389 
1390 struct fuse_lookup_alloc_arg {
1391 	struct fuse_entry_out *feo;
1392 	struct componentname *cnp;
1393 	uint64_t nid;
1394 	enum vtype vtyp;
1395 };
1396 
1397 /* Callback for vn_get_ino */
1398 static int
1399 fuse_lookup_alloc(struct mount *mp, void *arg, int lkflags, struct vnode **vpp)
1400 {
1401 	struct fuse_lookup_alloc_arg *flaa = arg;
1402 
1403 	return fuse_vnode_get(mp, flaa->feo, flaa->nid, NULL, vpp, flaa->cnp,
1404 		flaa->vtyp);
1405 }
1406 
1407 SDT_PROBE_DEFINE3(fusefs, , vnops, cache_lookup,
1408 	"int", "struct timespec*", "struct timespec*");
1409 /*
1410     struct vnop_lookup_args {
1411 	struct vnodeop_desc *a_desc;
1412 	struct vnode *a_dvp;
1413 	struct vnode **a_vpp;
1414 	struct componentname *a_cnp;
1415     };
1416 */
1417 int
1418 fuse_vnop_lookup(struct vop_lookup_args *ap)
1419 {
1420 	struct vnode *dvp = ap->a_dvp;
1421 	struct vnode **vpp = ap->a_vpp;
1422 	struct componentname *cnp = ap->a_cnp;
1423 	struct thread *td = curthread;
1424 	struct ucred *cred = cnp->cn_cred;
1425 	struct timespec now;
1426 
1427 	int nameiop = cnp->cn_nameiop;
1428 	int flags = cnp->cn_flags;
1429 	int islastcn = flags & ISLASTCN;
1430 	struct mount *mp = vnode_mount(dvp);
1431 	struct fuse_data *data = fuse_get_mpdata(mp);
1432 	int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS;
1433 	bool is_dot;
1434 
1435 	int err = 0;
1436 	int lookup_err = 0;
1437 	struct vnode *vp = NULL;
1438 
1439 	struct fuse_dispatcher fdi;
1440 	bool did_lookup = false;
1441 	struct fuse_entry_out *feo = NULL;
1442 	enum vtype vtyp;	/* vnode type of target */
1443 
1444 	uint64_t nid;
1445 
1446 	if (fuse_isdeadfs(dvp)) {
1447 		*vpp = NULL;
1448 		return ENXIO;
1449 	}
1450 	if (!vnode_isdir(dvp))
1451 		return ENOTDIR;
1452 
1453 	if (islastcn && vfs_isrdonly(mp) && (nameiop != LOOKUP))
1454 		return EROFS;
1455 
1456 	if ((cnp->cn_flags & NOEXECCHECK) != 0)
1457 		cnp->cn_flags &= ~NOEXECCHECK;
1458 	else if ((err = fuse_internal_access(dvp, VEXEC, td, cred)))
1459 		return err;
1460 
1461 	is_dot = cnp->cn_namelen == 1 && *(cnp->cn_nameptr) == '.';
1462 	if ((flags & ISDOTDOT) && !(data->dataflags & FSESS_EXPORT_SUPPORT))
1463 	{
1464 		if (!(VTOFUD(dvp)->flag & FN_PARENT_NID)) {
1465 			/*
1466 			 * Since the file system doesn't support ".." lookups,
1467 			 * we have no way to find this entry.
1468 			 */
1469 			return ESTALE;
1470 		}
1471 		nid = VTOFUD(dvp)->parent_nid;
1472 		if (nid == 0)
1473 			return ENOENT;
1474 		/* .. is obviously a directory */
1475 		vtyp = VDIR;
1476 	} else if (is_dot) {
1477 		nid = VTOI(dvp);
1478 		/* . is obviously a directory */
1479 		vtyp = VDIR;
1480 	} else {
1481 		struct timespec timeout;
1482 		int ncpticks; /* here to accommodate for API contract */
1483 
1484 		err = cache_lookup(dvp, vpp, cnp, &timeout, &ncpticks);
1485 		getnanouptime(&now);
1486 		SDT_PROBE3(fusefs, , vnops, cache_lookup, err, &timeout, &now);
1487 		switch (err) {
1488 		case -1:		/* positive match */
1489 			if (timespeccmp(&timeout, &now, >)) {
1490 				counter_u64_add(fuse_lookup_cache_hits, 1);
1491 			} else {
1492 				/* Cache timeout */
1493 				counter_u64_add(fuse_lookup_cache_misses, 1);
1494 				bintime_clear(
1495 					&VTOFUD(*vpp)->entry_cache_timeout);
1496 				cache_purge(*vpp);
1497 				if (dvp != *vpp)
1498 					vput(*vpp);
1499 				else
1500 					vrele(*vpp);
1501 				*vpp = NULL;
1502 				break;
1503 			}
1504 			return 0;
1505 
1506 		case 0:		/* no match in cache */
1507 			counter_u64_add(fuse_lookup_cache_misses, 1);
1508 			break;
1509 
1510 		case ENOENT:		/* negative match */
1511 			if (timespeccmp(&timeout, &now, <=)) {
1512 				/* Cache timeout */
1513 				cache_purge_negative(dvp);
1514 				break;
1515 			}
1516 			/* fall through */
1517 		default:
1518 			return err;
1519 		}
1520 
1521 		fdisp_init(&fdi, cnp->cn_namelen + 1);
1522 		fdisp_make(&fdi, FUSE_LOOKUP, mp, VTOI(dvp), td, cred);
1523 
1524 		memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen);
1525 		((char *)fdi.indata)[cnp->cn_namelen] = '\0';
1526 		lookup_err = fdisp_wait_answ(&fdi);
1527 		did_lookup = true;
1528 
1529 		if (!lookup_err) {
1530 			/* lookup call succeeded */
1531 			feo = (struct fuse_entry_out *)fdi.answ;
1532 			nid = feo->nodeid;
1533 			if (nid == 0) {
1534 				/* zero nodeid means ENOENT and cache it */
1535 				struct timespec timeout;
1536 
1537 				fdi.answ_stat = ENOENT;
1538 				lookup_err = ENOENT;
1539 				if (cnp->cn_flags & MAKEENTRY) {
1540 					fuse_validity_2_timespec(feo, &timeout);
1541 					/* Use the same entry_time for .. as for
1542 					 * the file itself.  That doesn't honor
1543 					 * exactly what the fuse server tells
1544 					 * us, but to do otherwise would require
1545 					 * another cache lookup at this point.
1546 					 */
1547 					struct timespec *dtsp = NULL;
1548 					cache_enter_time(dvp, *vpp, cnp,
1549 						&timeout, dtsp);
1550 				}
1551 			}
1552 			vtyp = IFTOVT(feo->attr.mode);
1553 		}
1554 		if (lookup_err && (!fdi.answ_stat || lookup_err != ENOENT)) {
1555 			fdisp_destroy(&fdi);
1556 			return lookup_err;
1557 		}
1558 	}
1559 	/* lookup_err, if non-zero, must be ENOENT at this point */
1560 
1561 	if (lookup_err) {
1562 		/* Entry not found */
1563 		if ((nameiop == CREATE || nameiop == RENAME) && islastcn) {
1564 			if (default_permissions)
1565 				err = fuse_internal_access(dvp, VWRITE, td,
1566 				    cred);
1567 			else
1568 				err = 0;
1569 			if (!err) {
1570 				err = EJUSTRETURN;
1571 			}
1572 		} else {
1573 			err = ENOENT;
1574 		}
1575 	} else {
1576 		/* Entry was found */
1577 		if (flags & ISDOTDOT) {
1578 			struct fuse_lookup_alloc_arg flaa;
1579 
1580 			flaa.nid = nid;
1581 			flaa.feo = feo;
1582 			flaa.cnp = cnp;
1583 			flaa.vtyp = vtyp;
1584 			err = vn_vget_ino_gen(dvp, fuse_lookup_alloc, &flaa, 0,
1585 				&vp);
1586 			*vpp = vp;
1587 		} else if (nid == VTOI(dvp)) {
1588 			if (is_dot) {
1589 				vref(dvp);
1590 				*vpp = dvp;
1591 			} else {
1592 				fuse_warn(fuse_get_mpdata(mp),
1593 				    FSESS_WARN_ILLEGAL_INODE,
1594 				    "Assigned same inode to both parent and "
1595 				    "child.");
1596 				err = EIO;
1597 			}
1598 
1599 		} else {
1600 			struct fuse_vnode_data *fvdat;
1601 
1602 			err = fuse_vnode_get(vnode_mount(dvp), feo, nid, dvp,
1603 			    &vp, cnp, vtyp);
1604 			if (err)
1605 				goto out;
1606 			*vpp = vp;
1607 			fvdat = VTOFUD(vp);
1608 
1609 			MPASS(feo != NULL);
1610 			if (timespeccmp(&now, &fvdat->last_local_modify, >)) {
1611 				/*
1612 				 * Attributes from the server are definitely
1613 				 * newer than the last attributes we sent to
1614 				 * the server, so cache them.
1615 				 */
1616 				fuse_internal_cache_attrs(*vpp, &feo->attr,
1617 					feo->attr_valid, feo->attr_valid_nsec,
1618 					NULL, true);
1619 			}
1620 			fuse_validity_2_bintime(feo->entry_valid,
1621 				feo->entry_valid_nsec,
1622 				&fvdat->entry_cache_timeout);
1623 
1624 			if ((nameiop == DELETE || nameiop == RENAME) &&
1625 				islastcn && default_permissions)
1626 			{
1627 				struct vattr dvattr;
1628 
1629 				err = fuse_internal_access(dvp, VWRITE, td,
1630 					cred);
1631 				if (err != 0)
1632 					goto out;
1633 				/*
1634 				 * if the parent's sticky bit is set, check
1635 				 * whether we're allowed to remove the file.
1636 				 * Need to figure out the vnode locking to make
1637 				 * this work.
1638 				 */
1639 				fuse_internal_getattr(dvp, &dvattr, cred, td);
1640 				if ((dvattr.va_mode & S_ISTXT) &&
1641 					fuse_internal_access(dvp, VADMIN, td,
1642 						cred) &&
1643 					fuse_internal_access(*vpp, VADMIN, td,
1644 						cred)) {
1645 					err = EPERM;
1646 					goto out;
1647 				}
1648 			}
1649 		}
1650 	}
1651 out:
1652 	if (err) {
1653 		if (vp != NULL && dvp != vp)
1654 			vput(vp);
1655 		else if (vp != NULL)
1656 			vrele(vp);
1657 		*vpp = NULL;
1658 	}
1659 	if (did_lookup)
1660 		fdisp_destroy(&fdi);
1661 
1662 	return err;
1663 }
1664 
1665 /*
1666     struct vnop_mkdir_args {
1667 	struct vnode *a_dvp;
1668 	struct vnode **a_vpp;
1669 	struct componentname *a_cnp;
1670 	struct vattr *a_vap;
1671     };
1672 */
1673 static int
1674 fuse_vnop_mkdir(struct vop_mkdir_args *ap)
1675 {
1676 	struct vnode *dvp = ap->a_dvp;
1677 	struct vnode **vpp = ap->a_vpp;
1678 	struct componentname *cnp = ap->a_cnp;
1679 	struct vattr *vap = ap->a_vap;
1680 
1681 	struct fuse_mkdir_in fmdi;
1682 
1683 	if (fuse_isdeadfs(dvp)) {
1684 		return ENXIO;
1685 	}
1686 	fmdi.mode = MAKEIMODE(vap->va_type, vap->va_mode);
1687 	fmdi.umask = curthread->td_proc->p_pd->pd_cmask;
1688 
1689 	return (fuse_internal_newentry(dvp, vpp, cnp, FUSE_MKDIR, &fmdi,
1690 	    sizeof(fmdi), VDIR));
1691 }
1692 
1693 /*
1694     struct vnop_mknod_args {
1695 	struct vnode *a_dvp;
1696 	struct vnode **a_vpp;
1697 	struct componentname *a_cnp;
1698 	struct vattr *a_vap;
1699     };
1700 */
1701 static int
1702 fuse_vnop_mknod(struct vop_mknod_args *ap)
1703 {
1704 
1705 	struct vnode *dvp = ap->a_dvp;
1706 	struct vnode **vpp = ap->a_vpp;
1707 	struct componentname *cnp = ap->a_cnp;
1708 	struct vattr *vap = ap->a_vap;
1709 
1710 	if (fuse_isdeadfs(dvp))
1711 		return ENXIO;
1712 
1713 	return fuse_internal_mknod(dvp, vpp, cnp, vap);
1714 }
1715 
1716 /*
1717     struct vop_open_args {
1718 	struct vnode *a_vp;
1719 	int  a_mode;
1720 	struct ucred *a_cred;
1721 	struct thread *a_td;
1722 	int a_fdidx; / struct file *a_fp;
1723     };
1724 */
1725 static int
1726 fuse_vnop_open(struct vop_open_args *ap)
1727 {
1728 	struct vnode *vp = ap->a_vp;
1729 	int a_mode = ap->a_mode;
1730 	struct thread *td = ap->a_td;
1731 	struct ucred *cred = ap->a_cred;
1732 	pid_t pid = td->td_proc->p_pid;
1733 
1734 	if (fuse_isdeadfs(vp))
1735 		return ENXIO;
1736 	if (vp->v_type == VCHR || vp->v_type == VBLK || vp->v_type == VFIFO)
1737 		return (EOPNOTSUPP);
1738 	if ((a_mode & (FREAD | FWRITE | FEXEC)) == 0)
1739 		return EINVAL;
1740 
1741 	if (fuse_filehandle_validrw(vp, a_mode, cred, pid)) {
1742 		fuse_vnode_open(vp, 0, td);
1743 		return 0;
1744 	}
1745 
1746 	return fuse_filehandle_open(vp, a_mode, NULL, td, cred);
1747 }
1748 
1749 static int
1750 fuse_vnop_pathconf(struct vop_pathconf_args *ap)
1751 {
1752 	struct vnode *vp = ap->a_vp;
1753 	struct mount *mp;
1754 
1755 	switch (ap->a_name) {
1756 	case _PC_FILESIZEBITS:
1757 		*ap->a_retval = 64;
1758 		return (0);
1759 	case _PC_NAME_MAX:
1760 		*ap->a_retval = NAME_MAX;
1761 		return (0);
1762 	case _PC_LINK_MAX:
1763 		*ap->a_retval = MIN(LONG_MAX, FUSE_LINK_MAX);
1764 		return (0);
1765 	case _PC_SYMLINK_MAX:
1766 		*ap->a_retval = MAXPATHLEN;
1767 		return (0);
1768 	case _PC_NO_TRUNC:
1769 		*ap->a_retval = 1;
1770 		return (0);
1771 	case _PC_MIN_HOLE_SIZE:
1772 		/*
1773 		 * The FUSE protocol provides no mechanism for a server to
1774 		 * report _PC_MIN_HOLE_SIZE.  It's a protocol bug.  Instead,
1775 		 * return EINVAL if the server does not support FUSE_LSEEK, or
1776 		 * 1 if it does.
1777 		 */
1778 		mp = vnode_mount(vp);
1779 		if (!fsess_is_impl(mp, FUSE_LSEEK) &&
1780 		    !fsess_not_impl(mp, FUSE_LSEEK)) {
1781 			off_t offset = 0;
1782 
1783 			/* Issue a FUSE_LSEEK to find out if it's implemented */
1784 			fuse_vnop_do_lseek(vp, curthread, curthread->td_ucred,
1785 			    curthread->td_proc->p_pid, &offset, SEEK_DATA);
1786 		}
1787 
1788 		if (fsess_is_impl(mp, FUSE_LSEEK)) {
1789 			*ap->a_retval = 1;
1790 			return (0);
1791 		} else {
1792 			/*
1793 			 * Probably FUSE_LSEEK is not implemented.  It might
1794 			 * be, if the FUSE_LSEEK above returned an error like
1795 			 * EACCES, but in that case we can't tell, so it's
1796 			 * safest to report EINVAL anyway.
1797 			 */
1798 			return (EINVAL);
1799 		}
1800 	default:
1801 		return (vop_stdpathconf(ap));
1802 	}
1803 }
1804 
1805 SDT_PROBE_DEFINE3(fusefs, , vnops, filehandles_closed, "struct vnode*",
1806     "struct uio*", "struct ucred*");
1807 /*
1808     struct vnop_read_args {
1809 	struct vnode *a_vp;
1810 	struct uio *a_uio;
1811 	int  a_ioflag;
1812 	struct ucred *a_cred;
1813     };
1814 */
1815 static int
1816 fuse_vnop_read(struct vop_read_args *ap)
1817 {
1818 	struct vnode *vp = ap->a_vp;
1819 	struct uio *uio = ap->a_uio;
1820 	int ioflag = ap->a_ioflag;
1821 	struct ucred *cred = ap->a_cred;
1822 	pid_t pid = curthread->td_proc->p_pid;
1823 	struct fuse_filehandle *fufh;
1824 	int err;
1825 	bool closefufh = false, directio;
1826 
1827 	MPASS(vp->v_type == VREG || vp->v_type == VDIR);
1828 
1829 	if (fuse_isdeadfs(vp)) {
1830 		return ENXIO;
1831 	}
1832 
1833 	if (VTOFUD(vp)->flag & FN_DIRECTIO) {
1834 		ioflag |= IO_DIRECT;
1835 	}
1836 
1837 	err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid);
1838 	if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) {
1839 		/*
1840 		 * nfsd will do I/O without first doing VOP_OPEN.  We
1841 		 * must implicitly open the file here
1842 		 */
1843 		err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred);
1844 		closefufh = true;
1845 	}
1846 	if (err) {
1847 		SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred);
1848 		return err;
1849 	}
1850 
1851 	/*
1852          * Ideally, when the daemon asks for direct io at open time, the
1853          * standard file flag should be set according to this, so that would
1854          * just change the default mode, which later on could be changed via
1855          * fcntl(2).
1856          * But this doesn't work, the O_DIRECT flag gets cleared at some point
1857          * (don't know where). So to make any use of the Fuse direct_io option,
1858          * we hardwire it into the file's private data (similarly to Linux,
1859          * btw.).
1860          */
1861 	directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp));
1862 
1863 	fuse_vnode_update(vp, FN_ATIMECHANGE);
1864 	if (directio) {
1865 		SDT_PROBE2(fusefs, , vnops, trace, 1, "direct read of vnode");
1866 		err = fuse_read_directbackend(vp, uio, cred, fufh);
1867 	} else {
1868 		SDT_PROBE2(fusefs, , vnops, trace, 1, "buffered read of vnode");
1869 		err = fuse_read_biobackend(vp, uio, ioflag, cred, fufh, pid);
1870 	}
1871 
1872 	if (closefufh)
1873 		fuse_filehandle_close(vp, fufh, curthread, cred);
1874 
1875 	return (err);
1876 }
1877 
1878 /*
1879     struct vnop_readdir_args {
1880 	struct vnode *a_vp;
1881 	struct uio *a_uio;
1882 	struct ucred *a_cred;
1883 	int *a_eofflag;
1884 	int *a_ncookies;
1885 	uint64_t **a_cookies;
1886     };
1887 */
1888 static int
1889 fuse_vnop_readdir(struct vop_readdir_args *ap)
1890 {
1891 	struct vnode *vp = ap->a_vp;
1892 	struct uio *uio = ap->a_uio;
1893 	struct ucred *cred = ap->a_cred;
1894 	struct fuse_filehandle *fufh = NULL;
1895 	struct mount *mp = vnode_mount(vp);
1896 	struct fuse_iov cookediov;
1897 	int err = 0;
1898 	uint64_t *cookies;
1899 	ssize_t tresid;
1900 	int ncookies;
1901 	bool closefufh = false;
1902 	pid_t pid = curthread->td_proc->p_pid;
1903 
1904 	if (ap->a_eofflag)
1905 		*ap->a_eofflag = 0;
1906 	if (fuse_isdeadfs(vp)) {
1907 		return ENXIO;
1908 	}
1909 	if (				/* XXXIP ((uio_iovcnt(uio) > 1)) || */
1910 	    (uio_resid(uio) < sizeof(struct dirent))) {
1911 		return EINVAL;
1912 	}
1913 
1914 	tresid = uio->uio_resid;
1915 	err = fuse_filehandle_get_dir(vp, &fufh, cred, pid);
1916 	if (err == EBADF && mp->mnt_flag & MNT_EXPORTED) {
1917 		KASSERT(fuse_get_mpdata(mp)->dataflags
1918 				& FSESS_NO_OPENDIR_SUPPORT,
1919 			("FUSE file systems that don't set "
1920 			 "FUSE_NO_OPENDIR_SUPPORT should not be exported"));
1921 		/*
1922 		 * nfsd will do VOP_READDIR without first doing VOP_OPEN.  We
1923 		 * must implicitly open the directory here.
1924 		 */
1925 		err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred);
1926 		closefufh = true;
1927 	}
1928 	if (err)
1929 		return (err);
1930 	if (ap->a_ncookies != NULL) {
1931 		ncookies = uio->uio_resid /
1932 			(offsetof(struct dirent, d_name) + 4) + 1;
1933 		cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK);
1934 		*ap->a_ncookies = ncookies;
1935 		*ap->a_cookies = cookies;
1936 	} else {
1937 		ncookies = 0;
1938 		cookies = NULL;
1939 	}
1940 #define DIRCOOKEDSIZE FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + MAXNAMLEN + 1)
1941 	fiov_init(&cookediov, DIRCOOKEDSIZE);
1942 
1943 	err = fuse_internal_readdir(vp, uio, fufh, &cookediov,
1944 		&ncookies, cookies);
1945 
1946 	fiov_teardown(&cookediov);
1947 	if (closefufh)
1948 		fuse_filehandle_close(vp, fufh, curthread, cred);
1949 
1950 	if (ap->a_ncookies != NULL) {
1951 		if (err == 0) {
1952 			*ap->a_ncookies -= ncookies;
1953 		} else {
1954 			free(*ap->a_cookies, M_TEMP);
1955 			*ap->a_ncookies = 0;
1956 			*ap->a_cookies = NULL;
1957 		}
1958 	}
1959 	if (err == 0 && tresid == uio->uio_resid)
1960 		*ap->a_eofflag = 1;
1961 
1962 	return err;
1963 }
1964 
1965 /*
1966     struct vnop_readlink_args {
1967 	struct vnode *a_vp;
1968 	struct uio *a_uio;
1969 	struct ucred *a_cred;
1970     };
1971 */
1972 static int
1973 fuse_vnop_readlink(struct vop_readlink_args *ap)
1974 {
1975 	struct vnode *vp = ap->a_vp;
1976 	struct uio *uio = ap->a_uio;
1977 	struct ucred *cred = ap->a_cred;
1978 
1979 	struct fuse_dispatcher fdi;
1980 	int err;
1981 
1982 	if (fuse_isdeadfs(vp)) {
1983 		return ENXIO;
1984 	}
1985 	if (!vnode_islnk(vp)) {
1986 		return EINVAL;
1987 	}
1988 	fdisp_init(&fdi, 0);
1989 	err = fdisp_simple_putget_vp(&fdi, FUSE_READLINK, vp, curthread, cred);
1990 	if (err) {
1991 		goto out;
1992 	}
1993 	if (((char *)fdi.answ)[0] == '/' &&
1994 	    fuse_get_mpdata(vnode_mount(vp))->dataflags & FSESS_PUSH_SYMLINKS_IN) {
1995 		char *mpth = vnode_mount(vp)->mnt_stat.f_mntonname;
1996 
1997 		err = uiomove(mpth, strlen(mpth), uio);
1998 	}
1999 	if (!err) {
2000 		err = uiomove(fdi.answ, fdi.iosize, uio);
2001 	}
2002 out:
2003 	fdisp_destroy(&fdi);
2004 	return err;
2005 }
2006 
2007 /*
2008     struct vnop_reclaim_args {
2009 	struct vnode *a_vp;
2010     };
2011 */
2012 static int
2013 fuse_vnop_reclaim(struct vop_reclaim_args *ap)
2014 {
2015 	struct vnode *vp = ap->a_vp;
2016 	struct thread *td = curthread;
2017 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
2018 	struct fuse_filehandle *fufh, *fufh_tmp;
2019 
2020 	if (!fvdat) {
2021 		panic("FUSE: no vnode data during recycling");
2022 	}
2023 	LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) {
2024 		printf("FUSE: vnode being reclaimed with open fufh "
2025 			"(type=%#x)", fufh->fufh_type);
2026 		fuse_filehandle_close(vp, fufh, td, NULL);
2027 	}
2028 
2029 	if (VTOI(vp) == 1) {
2030 		/*
2031 		 * Don't send FUSE_FORGET for the root inode, because
2032 		 * we never send FUSE_LOOKUP for it (see
2033 		 * fuse_vfsop_root) and we don't want the server to see
2034 		 * mismatched lookup counts.
2035 		 */
2036 		struct fuse_data *data;
2037 		struct vnode *vroot;
2038 
2039 		data = fuse_get_mpdata(vnode_mount(vp));
2040 		FUSE_LOCK();
2041 		vroot = data->vroot;
2042 		data->vroot = NULL;
2043 		FUSE_UNLOCK();
2044 		if (vroot)
2045 			vrele(vroot);
2046 	} else if (!fuse_isdeadfs(vp) && fvdat->nlookup > 0) {
2047 		fuse_internal_forget_send(vnode_mount(vp), td, NULL, VTOI(vp),
2048 		    fvdat->nlookup);
2049 	}
2050 	cache_purge(vp);
2051 	vfs_hash_remove(vp);
2052 	fuse_vnode_destroy(vp);
2053 
2054 	return 0;
2055 }
2056 
2057 /*
2058     struct vnop_remove_args {
2059 	struct vnode *a_dvp;
2060 	struct vnode *a_vp;
2061 	struct componentname *a_cnp;
2062     };
2063 */
2064 static int
2065 fuse_vnop_remove(struct vop_remove_args *ap)
2066 {
2067 	struct vnode *dvp = ap->a_dvp;
2068 	struct vnode *vp = ap->a_vp;
2069 	struct componentname *cnp = ap->a_cnp;
2070 
2071 	int err;
2072 
2073 	if (fuse_isdeadfs(vp)) {
2074 		return ENXIO;
2075 	}
2076 	if (vnode_isdir(vp)) {
2077 		return EPERM;
2078 	}
2079 
2080 	err = fuse_internal_remove(dvp, vp, cnp, FUSE_UNLINK);
2081 
2082 	return err;
2083 }
2084 
2085 /*
2086     struct vnop_rename_args {
2087 	struct vnode *a_fdvp;
2088 	struct vnode *a_fvp;
2089 	struct componentname *a_fcnp;
2090 	struct vnode *a_tdvp;
2091 	struct vnode *a_tvp;
2092 	struct componentname *a_tcnp;
2093     };
2094 */
2095 static int
2096 fuse_vnop_rename(struct vop_rename_args *ap)
2097 {
2098 	struct vnode *fdvp = ap->a_fdvp;
2099 	struct vnode *fvp = ap->a_fvp;
2100 	struct componentname *fcnp = ap->a_fcnp;
2101 	struct vnode *tdvp = ap->a_tdvp;
2102 	struct vnode *tvp = ap->a_tvp;
2103 	struct componentname *tcnp = ap->a_tcnp;
2104 	struct fuse_data *data;
2105 	bool newparent = fdvp != tdvp;
2106 	bool isdir = fvp->v_type == VDIR;
2107 	int err = 0;
2108 
2109 	if (fuse_isdeadfs(fdvp)) {
2110 		return ENXIO;
2111 	}
2112 	if (fvp->v_mount != tdvp->v_mount ||
2113 	    (tvp && fvp->v_mount != tvp->v_mount)) {
2114 		SDT_PROBE2(fusefs, , vnops, trace, 1, "cross-device rename");
2115 		err = EXDEV;
2116 		goto out;
2117 	}
2118 	cache_purge(fvp);
2119 
2120 	/*
2121 	 * FUSE library is expected to check if target directory is not
2122 	 * under the source directory in the file system tree.
2123 	 * Linux performs this check at VFS level.
2124 	 */
2125 	/*
2126 	 * If source is a directory, and it will get a new parent, user must
2127 	 * have write permission to it, so ".." can be modified.
2128 	 */
2129 	data = fuse_get_mpdata(vnode_mount(tdvp));
2130 	if (data->dataflags & FSESS_DEFAULT_PERMISSIONS && isdir && newparent) {
2131 		err = fuse_internal_access(fvp, VWRITE,
2132 			curthread, tcnp->cn_cred);
2133 		if (err)
2134 			goto out;
2135 	}
2136 	sx_xlock(&data->rename_lock);
2137 	err = fuse_internal_rename(fdvp, fcnp, tdvp, tcnp);
2138 	if (err == 0) {
2139 		if (tdvp != fdvp)
2140 			fuse_vnode_setparent(fvp, tdvp);
2141 		if (tvp != NULL)
2142 			fuse_vnode_setparent(tvp, NULL);
2143 	}
2144 	sx_unlock(&data->rename_lock);
2145 
2146 	if (tvp != NULL && tvp != fvp) {
2147 		cache_purge(tvp);
2148 	}
2149 	if (vnode_isdir(fvp)) {
2150 		if (((tvp != NULL) && vnode_isdir(tvp)) || vnode_isdir(fvp)) {
2151 			cache_purge(tdvp);
2152 		}
2153 		cache_purge(fdvp);
2154 	}
2155 out:
2156 	if (tdvp == tvp) {
2157 		vrele(tdvp);
2158 	} else {
2159 		vput(tdvp);
2160 	}
2161 	if (tvp != NULL) {
2162 		vput(tvp);
2163 	}
2164 	vrele(fdvp);
2165 	vrele(fvp);
2166 
2167 	return err;
2168 }
2169 
2170 /*
2171     struct vnop_rmdir_args {
2172 	    struct vnode *a_dvp;
2173 	    struct vnode *a_vp;
2174 	    struct componentname *a_cnp;
2175     } *ap;
2176 */
2177 static int
2178 fuse_vnop_rmdir(struct vop_rmdir_args *ap)
2179 {
2180 	struct vnode *dvp = ap->a_dvp;
2181 	struct vnode *vp = ap->a_vp;
2182 
2183 	int err;
2184 
2185 	if (fuse_isdeadfs(vp)) {
2186 		return ENXIO;
2187 	}
2188 	if (VTOFUD(vp) == VTOFUD(dvp)) {
2189 		return EINVAL;
2190 	}
2191 	err = fuse_internal_remove(dvp, vp, ap->a_cnp, FUSE_RMDIR);
2192 
2193 	return err;
2194 }
2195 
2196 /*
2197     struct vnop_setattr_args {
2198 	struct vnode *a_vp;
2199 	struct vattr *a_vap;
2200 	struct ucred *a_cred;
2201 	struct thread *a_td;
2202     };
2203 */
2204 static int
2205 fuse_vnop_setattr(struct vop_setattr_args *ap)
2206 {
2207 	struct vnode *vp = ap->a_vp;
2208 	struct vattr *vap = ap->a_vap;
2209 	struct ucred *cred = ap->a_cred;
2210 	struct thread *td = curthread;
2211 	struct mount *mp;
2212 	struct fuse_data *data;
2213 	struct vattr old_va;
2214 	int dataflags;
2215 	int err = 0, err2;
2216 	accmode_t accmode = 0;
2217 	bool checkperm;
2218 	bool drop_suid = false;
2219 
2220 	mp = vnode_mount(vp);
2221 	data = fuse_get_mpdata(mp);
2222 	dataflags = data->dataflags;
2223 	checkperm = dataflags & FSESS_DEFAULT_PERMISSIONS;
2224 
2225 	if (fuse_isdeadfs(vp)) {
2226 		return ENXIO;
2227 	}
2228 
2229 	if (vap->va_uid != (uid_t)VNOVAL) {
2230 		if (checkperm) {
2231 			/* Only root may change a file's owner */
2232 			err = priv_check_cred(cred, PRIV_VFS_CHOWN);
2233 			if (err) {
2234 				/* As a special case, allow the null chown */
2235 				err2 = fuse_internal_getattr(vp, &old_va, cred,
2236 					td);
2237 				if (err2)
2238 					return (err2);
2239 				if (vap->va_uid != old_va.va_uid)
2240 					return err;
2241 				else
2242 					accmode |= VADMIN;
2243 				drop_suid = true;
2244 			} else
2245 				accmode |= VADMIN;
2246 		} else
2247 			accmode |= VADMIN;
2248 	}
2249 	if (vap->va_gid != (gid_t)VNOVAL) {
2250 		if (checkperm && priv_check_cred(cred, PRIV_VFS_CHOWN))
2251 			drop_suid = true;
2252 		if (checkperm && !groupmember(vap->va_gid, cred))
2253 		{
2254 			/*
2255 			 * Non-root users may only chgrp to one of their own
2256 			 * groups
2257 			 */
2258 			err = priv_check_cred(cred, PRIV_VFS_CHOWN);
2259 			if (err) {
2260 				/* As a special case, allow the null chgrp */
2261 				err2 = fuse_internal_getattr(vp, &old_va, cred,
2262 					td);
2263 				if (err2)
2264 					return (err2);
2265 				if (vap->va_gid != old_va.va_gid)
2266 					return err;
2267 				accmode |= VADMIN;
2268 			} else
2269 				accmode |= VADMIN;
2270 		} else
2271 			accmode |= VADMIN;
2272 	}
2273 	if (vap->va_size != VNOVAL) {
2274 		switch (vp->v_type) {
2275 		case VDIR:
2276 			return (EISDIR);
2277 		case VLNK:
2278 		case VREG:
2279 			if (vfs_isrdonly(mp))
2280 				return (EROFS);
2281 			err = vn_rlimit_trunc(vap->va_size, td);
2282 			if (err)
2283 				return (err);
2284 			break;
2285 		default:
2286 			/*
2287 			 * According to POSIX, the result is unspecified
2288 			 * for file types other than regular files,
2289 			 * directories and shared memory objects.  We
2290 			 * don't support shared memory objects in the file
2291 			 * system, and have dubious support for truncating
2292 			 * symlinks.  Just ignore the request in other cases.
2293 			 */
2294 			return (0);
2295 		}
2296 		/* Don't set accmode.  Permission to trunc is checked upstack */
2297 	}
2298 	if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) {
2299 		if (vap->va_vaflags & VA_UTIMES_NULL)
2300 			accmode |= VWRITE;
2301 		else
2302 			accmode |= VADMIN;
2303 	}
2304 	if (drop_suid) {
2305 		if (vap->va_mode != (mode_t)VNOVAL)
2306 			vap->va_mode &= ~(S_ISUID | S_ISGID);
2307 		else {
2308 			err = fuse_internal_getattr(vp, &old_va, cred, td);
2309 			if (err)
2310 				return (err);
2311 			vap->va_mode = old_va.va_mode & ~(S_ISUID | S_ISGID);
2312 		}
2313 	}
2314 	if (vap->va_mode != (mode_t)VNOVAL) {
2315 		/* Only root may set the sticky bit on non-directories */
2316 		if (checkperm && vp->v_type != VDIR && (vap->va_mode & S_ISTXT)
2317 		    && priv_check_cred(cred, PRIV_VFS_STICKYFILE))
2318 			return EFTYPE;
2319 		if (checkperm && (vap->va_mode & S_ISGID)) {
2320 			err = fuse_internal_getattr(vp, &old_va, cred, td);
2321 			if (err)
2322 				return (err);
2323 			if (!groupmember(old_va.va_gid, cred)) {
2324 				err = priv_check_cred(cred, PRIV_VFS_SETGID);
2325 				if (err)
2326 					return (err);
2327 			}
2328 		}
2329 		accmode |= VADMIN;
2330 	}
2331 
2332 	if (vfs_isrdonly(mp))
2333 		return EROFS;
2334 
2335 	if (checkperm) {
2336 		err = fuse_internal_access(vp, accmode, td, cred);
2337 	} else {
2338 		err = 0;
2339 	}
2340 	if (err)
2341 		return err;
2342 	else
2343 		return fuse_internal_setattr(vp, vap, td, cred);
2344 }
2345 
2346 /*
2347     struct vnop_strategy_args {
2348 	struct vnode *a_vp;
2349 	struct buf *a_bp;
2350     };
2351 */
2352 static int
2353 fuse_vnop_strategy(struct vop_strategy_args *ap)
2354 {
2355 	struct vnode *vp = ap->a_vp;
2356 	struct buf *bp = ap->a_bp;
2357 
2358 	if (!vp || fuse_isdeadfs(vp)) {
2359 		bp->b_ioflags |= BIO_ERROR;
2360 		bp->b_error = ENXIO;
2361 		bufdone(bp);
2362 		return 0;
2363 	}
2364 
2365 	/*
2366 	 * VOP_STRATEGY always returns zero and signals error via bp->b_ioflags.
2367 	 * fuse_io_strategy sets bp's error fields
2368 	 */
2369 	(void)fuse_io_strategy(vp, bp);
2370 
2371 	return 0;
2372 }
2373 
2374 /*
2375     struct vnop_symlink_args {
2376 	struct vnode *a_dvp;
2377 	struct vnode **a_vpp;
2378 	struct componentname *a_cnp;
2379 	struct vattr *a_vap;
2380 	char *a_target;
2381     };
2382 */
2383 static int
2384 fuse_vnop_symlink(struct vop_symlink_args *ap)
2385 {
2386 	struct vnode *dvp = ap->a_dvp;
2387 	struct vnode **vpp = ap->a_vpp;
2388 	struct componentname *cnp = ap->a_cnp;
2389 	const char *target = ap->a_target;
2390 
2391 	struct fuse_dispatcher fdi;
2392 
2393 	int err;
2394 	size_t len;
2395 
2396 	if (fuse_isdeadfs(dvp)) {
2397 		return ENXIO;
2398 	}
2399 	/*
2400 	 * Unlike the other creator type calls, here we have to create a message
2401 	 * where the name of the new entry comes first, and the data describing
2402 	 * the entry comes second.
2403 	 * Hence we can't rely on our handy fuse_internal_newentry() routine,
2404 	 * but put together the message manually and just call the core part.
2405 	 */
2406 
2407 	len = strlen(target) + 1;
2408 	fdisp_init(&fdi, len + cnp->cn_namelen + 1);
2409 	fdisp_make_vp(&fdi, FUSE_SYMLINK, dvp, curthread, NULL);
2410 
2411 	memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen);
2412 	((char *)fdi.indata)[cnp->cn_namelen] = '\0';
2413 	memcpy((char *)fdi.indata + cnp->cn_namelen + 1, target, len);
2414 
2415 	err = fuse_internal_newentry_core(dvp, vpp, cnp, VLNK, &fdi);
2416 	fdisp_destroy(&fdi);
2417 	return err;
2418 }
2419 
2420 /*
2421     struct vnop_write_args {
2422 	struct vnode *a_vp;
2423 	struct uio *a_uio;
2424 	int  a_ioflag;
2425 	struct ucred *a_cred;
2426     };
2427 */
2428 static int
2429 fuse_vnop_write(struct vop_write_args *ap)
2430 {
2431 	struct vnode *vp = ap->a_vp;
2432 	struct uio *uio = ap->a_uio;
2433 	int ioflag = ap->a_ioflag;
2434 	struct ucred *cred = ap->a_cred;
2435 	pid_t pid = curthread->td_proc->p_pid;
2436 	struct fuse_filehandle *fufh;
2437 	int err;
2438 	bool closefufh = false, directio;
2439 
2440 	MPASS(vp->v_type == VREG || vp->v_type == VDIR);
2441 
2442 	if (fuse_isdeadfs(vp)) {
2443 		return ENXIO;
2444 	}
2445 
2446 	if (VTOFUD(vp)->flag & FN_DIRECTIO) {
2447 		ioflag |= IO_DIRECT;
2448 	}
2449 
2450 	err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid);
2451 	if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) {
2452 		/*
2453 		 * nfsd will do I/O without first doing VOP_OPEN.  We
2454 		 * must implicitly open the file here
2455 		 */
2456 		err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred);
2457 		closefufh = true;
2458 	}
2459 	if (err) {
2460 		SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred);
2461 		return err;
2462 	}
2463 
2464 	/*
2465          * Ideally, when the daemon asks for direct io at open time, the
2466          * standard file flag should be set according to this, so that would
2467          * just change the default mode, which later on could be changed via
2468          * fcntl(2).
2469          * But this doesn't work, the O_DIRECT flag gets cleared at some point
2470          * (don't know where). So to make any use of the Fuse direct_io option,
2471          * we hardwire it into the file's private data (similarly to Linux,
2472          * btw.).
2473          */
2474 	directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp));
2475 
2476 	fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE);
2477 	if (directio) {
2478 		off_t start, end, filesize;
2479 		bool pages = (ioflag & IO_VMIO) != 0;
2480 
2481 		SDT_PROBE2(fusefs, , vnops, trace, 1, "direct write of vnode");
2482 
2483 		err = fuse_vnode_size(vp, &filesize, cred, curthread);
2484 		if (err)
2485 			goto out;
2486 
2487 		start = uio->uio_offset;
2488 		end = start + uio->uio_resid;
2489 		if (!pages) {
2490 			err = fuse_inval_buf_range(vp, filesize, start,
2491 			    end);
2492 			if (err)
2493 				goto out;
2494 		}
2495 		err = fuse_write_directbackend(vp, uio, cred, fufh,
2496 			filesize, ioflag, pages);
2497 	} else {
2498 		SDT_PROBE2(fusefs, , vnops, trace, 1,
2499 			"buffered write of vnode");
2500 		if (!fsess_opt_writeback(vnode_mount(vp)))
2501 			ioflag |= IO_SYNC;
2502 		err = fuse_write_biobackend(vp, uio, cred, fufh, ioflag, pid);
2503 	}
2504 	fuse_internal_clear_suid_on_write(vp, cred, uio->uio_td);
2505 
2506 out:
2507 	if (closefufh)
2508 		fuse_filehandle_close(vp, fufh, curthread, cred);
2509 
2510 	return (err);
2511 }
2512 
2513 static daddr_t
2514 fuse_gbp_getblkno(struct vnode *vp, vm_ooffset_t off)
2515 {
2516 	const int biosize = fuse_iosize(vp);
2517 
2518 	return (off / biosize);
2519 }
2520 
2521 static int
2522 fuse_gbp_getblksz(struct vnode *vp, daddr_t lbn, long *blksz)
2523 {
2524 	off_t filesize;
2525 	int err;
2526 	const int biosize = fuse_iosize(vp);
2527 
2528 	err = fuse_vnode_size(vp, &filesize, NULL, NULL);
2529 	if (err) {
2530 		/* This will turn into a SIGBUS */
2531 		return (EIO);
2532 	} else if ((off_t)lbn * biosize >= filesize) {
2533 		*blksz = 0;
2534 	} else if ((off_t)(lbn + 1) * biosize > filesize) {
2535 		*blksz = filesize - (off_t)lbn *biosize;
2536 	} else {
2537 		*blksz = biosize;
2538 	}
2539 	return (0);
2540 }
2541 
2542 /*
2543     struct vnop_getpages_args {
2544 	struct vnode *a_vp;
2545 	vm_page_t *a_m;
2546 	int a_count;
2547 	int a_reqpage;
2548     };
2549 */
2550 static int
2551 fuse_vnop_getpages(struct vop_getpages_args *ap)
2552 {
2553 	struct vnode *vp = ap->a_vp;
2554 
2555 	if (!fsess_opt_mmap(vnode_mount(vp))) {
2556 		SDT_PROBE2(fusefs, , vnops, trace, 1,
2557 			"called on non-cacheable vnode??\n");
2558 		return (VM_PAGER_ERROR);
2559 	}
2560 
2561 	return (vfs_bio_getpages(vp, ap->a_m, ap->a_count, ap->a_rbehind,
2562 	    ap->a_rahead, fuse_gbp_getblkno, fuse_gbp_getblksz));
2563 }
2564 
2565 static const char extattr_namespace_separator = '.';
2566 
2567 /*
2568     struct vop_getextattr_args {
2569 	struct vop_generic_args a_gen;
2570 	struct vnode *a_vp;
2571 	int a_attrnamespace;
2572 	const char *a_name;
2573 	struct uio *a_uio;
2574 	size_t *a_size;
2575 	struct ucred *a_cred;
2576 	struct thread *a_td;
2577     };
2578 */
2579 static int
2580 fuse_vnop_getextattr(struct vop_getextattr_args *ap)
2581 {
2582 	struct vnode *vp = ap->a_vp;
2583 	struct uio *uio = ap->a_uio;
2584 	struct fuse_dispatcher fdi;
2585 	struct fuse_getxattr_in *get_xattr_in;
2586 	struct fuse_getxattr_out *get_xattr_out;
2587 	struct mount *mp = vnode_mount(vp);
2588 	struct thread *td = ap->a_td;
2589 	struct ucred *cred = ap->a_cred;
2590 	char *prefix;
2591 	char *attr_str;
2592 	size_t len;
2593 	int err;
2594 
2595 	if (fuse_isdeadfs(vp))
2596 		return (ENXIO);
2597 
2598 	if (fsess_not_impl(mp, FUSE_GETXATTR))
2599 		return EOPNOTSUPP;
2600 
2601 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD);
2602 	if (err)
2603 		return err;
2604 
2605 	/* Default to looking for user attributes. */
2606 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
2607 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
2608 	else
2609 		prefix = EXTATTR_NAMESPACE_USER_STRING;
2610 
2611 	len = strlen(prefix) + sizeof(extattr_namespace_separator) +
2612 	    strlen(ap->a_name) + 1;
2613 
2614 	fdisp_init(&fdi, len + sizeof(*get_xattr_in));
2615 	fdisp_make_vp(&fdi, FUSE_GETXATTR, vp, td, cred);
2616 
2617 	get_xattr_in = fdi.indata;
2618 	/*
2619 	 * Check to see whether we're querying the available size or
2620 	 * issuing the actual request.  If we pass in 0, we get back struct
2621 	 * fuse_getxattr_out.  If we pass in a non-zero size, we get back
2622 	 * that much data, without the struct fuse_getxattr_out header.
2623 	 */
2624 	if (uio == NULL)
2625 		get_xattr_in->size = 0;
2626 	else
2627 		get_xattr_in->size = uio->uio_resid;
2628 
2629 	attr_str = (char *)fdi.indata + sizeof(*get_xattr_in);
2630 	snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator,
2631 	    ap->a_name);
2632 
2633 	err = fdisp_wait_answ(&fdi);
2634 	if (err != 0) {
2635 		if (err == ENOSYS) {
2636 			fsess_set_notimpl(mp, FUSE_GETXATTR);
2637 			err = EOPNOTSUPP;
2638 		}
2639 		goto out;
2640 	}
2641 
2642 	get_xattr_out = fdi.answ;
2643 
2644 	if (ap->a_size != NULL)
2645 		*ap->a_size = get_xattr_out->size;
2646 
2647 	if (uio != NULL)
2648 		err = uiomove(fdi.answ, fdi.iosize, uio);
2649 
2650 out:
2651 	fdisp_destroy(&fdi);
2652 	return (err);
2653 }
2654 
2655 /*
2656     struct vop_setextattr_args {
2657 	struct vop_generic_args a_gen;
2658 	struct vnode *a_vp;
2659 	int a_attrnamespace;
2660 	const char *a_name;
2661 	struct uio *a_uio;
2662 	struct ucred *a_cred;
2663 	struct thread *a_td;
2664     };
2665 */
2666 static int
2667 fuse_vnop_setextattr(struct vop_setextattr_args *ap)
2668 {
2669 	struct vnode *vp = ap->a_vp;
2670 	struct uio *uio = ap->a_uio;
2671 	struct fuse_dispatcher fdi;
2672 	struct fuse_setxattr_in *set_xattr_in;
2673 	struct mount *mp = vnode_mount(vp);
2674 	struct thread *td = ap->a_td;
2675 	struct ucred *cred = ap->a_cred;
2676 	char *prefix;
2677 	size_t len;
2678 	char *attr_str;
2679 	int err;
2680 
2681 	if (fuse_isdeadfs(vp))
2682 		return (ENXIO);
2683 
2684 	if (fsess_not_impl(mp, FUSE_SETXATTR))
2685 		return EOPNOTSUPP;
2686 
2687 	if (vfs_isrdonly(mp))
2688 		return EROFS;
2689 
2690 	/* Deleting xattrs must use VOP_DELETEEXTATTR instead */
2691 	if (ap->a_uio == NULL) {
2692 		/*
2693 		 * If we got here as fallback from VOP_DELETEEXTATTR, then
2694 		 * return EOPNOTSUPP.
2695 		 */
2696 		if (fsess_not_impl(mp, FUSE_REMOVEXATTR))
2697 			return (EOPNOTSUPP);
2698 		else
2699 			return (EINVAL);
2700 	}
2701 
2702 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td,
2703 		VWRITE);
2704 	if (err)
2705 		return err;
2706 
2707 	/* Default to looking for user attributes. */
2708 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
2709 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
2710 	else
2711 		prefix = EXTATTR_NAMESPACE_USER_STRING;
2712 
2713 	len = strlen(prefix) + sizeof(extattr_namespace_separator) +
2714 	    strlen(ap->a_name) + 1;
2715 
2716 	fdisp_init(&fdi, len + sizeof(*set_xattr_in) + uio->uio_resid);
2717 	fdisp_make_vp(&fdi, FUSE_SETXATTR, vp, td, cred);
2718 
2719 	set_xattr_in = fdi.indata;
2720 	set_xattr_in->size = uio->uio_resid;
2721 
2722 	attr_str = (char *)fdi.indata + sizeof(*set_xattr_in);
2723 	snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator,
2724 	    ap->a_name);
2725 
2726 	err = uiomove((char *)fdi.indata + sizeof(*set_xattr_in) + len,
2727 	    uio->uio_resid, uio);
2728 	if (err != 0) {
2729 		goto out;
2730 	}
2731 
2732 	err = fdisp_wait_answ(&fdi);
2733 
2734 	if (err == ENOSYS) {
2735 		fsess_set_notimpl(mp, FUSE_SETXATTR);
2736 		err = EOPNOTSUPP;
2737 	}
2738 	if (err == ERESTART) {
2739 		/* Can't restart after calling uiomove */
2740 		err = EINTR;
2741 	}
2742 
2743 out:
2744 	fdisp_destroy(&fdi);
2745 	return (err);
2746 }
2747 
2748 /*
2749  * The Linux / FUSE extended attribute list is simply a collection of
2750  * NUL-terminated strings.  The FreeBSD extended attribute list is a single
2751  * byte length followed by a non-NUL terminated string.  So, this allows
2752  * conversion of the Linux / FUSE format to the FreeBSD format in place.
2753  * Linux attribute names are reported with the namespace as a prefix (e.g.
2754  * "user.attribute_name"), but in FreeBSD they are reported without the
2755  * namespace prefix (e.g. "attribute_name").  So, we're going from:
2756  *
2757  * user.attr_name1\0user.attr_name2\0
2758  *
2759  * to:
2760  *
2761  * <num>attr_name1<num>attr_name2
2762  *
2763  * Where "<num>" is a single byte number of characters in the attribute name.
2764  *
2765  * Args:
2766  * prefix - exattr namespace prefix string
2767  * list, list_len - input list with namespace prefixes
2768  * bsd_list, bsd_list_len - output list compatible with bsd vfs
2769  */
2770 static int
2771 fuse_xattrlist_convert(char *prefix, const char *list, int list_len,
2772     char *bsd_list, int *bsd_list_len)
2773 {
2774 	int len, pos, dist_to_next, prefix_len;
2775 
2776 	pos = 0;
2777 	*bsd_list_len = 0;
2778 	prefix_len = strlen(prefix);
2779 
2780 	while (pos < list_len && list[pos] != '\0') {
2781 		dist_to_next = strlen(&list[pos]) + 1;
2782 		if (bcmp(&list[pos], prefix, prefix_len) == 0 &&
2783 		    list[pos + prefix_len] == extattr_namespace_separator) {
2784 			len = dist_to_next -
2785 			    (prefix_len + sizeof(extattr_namespace_separator)) - 1;
2786 			if (len >= EXTATTR_MAXNAMELEN)
2787 				return (ENAMETOOLONG);
2788 
2789 			bsd_list[*bsd_list_len] = len;
2790 			memcpy(&bsd_list[*bsd_list_len + 1],
2791 			    &list[pos + prefix_len +
2792 			    sizeof(extattr_namespace_separator)], len);
2793 
2794 			*bsd_list_len += len + 1;
2795 		}
2796 
2797 		pos += dist_to_next;
2798 	}
2799 
2800 	return (0);
2801 }
2802 
2803 /*
2804  * List extended attributes
2805  *
2806  * The FUSE_LISTXATTR operation is based on Linux's listxattr(2) syscall, which
2807  * has a number of differences compared to its FreeBSD equivalent,
2808  * extattr_list_file:
2809  *
2810  * - FUSE_LISTXATTR returns all extended attributes across all namespaces,
2811  *   whereas listxattr(2) only returns attributes for a single namespace
2812  * - FUSE_LISTXATTR prepends each attribute name with "namespace."
2813  * - If the provided buffer is not large enough to hold the result,
2814  *   FUSE_LISTXATTR should return ERANGE, whereas listxattr is expected to
2815  *   return as many results as will fit.
2816  */
2817 /*
2818     struct vop_listextattr_args {
2819 	struct vop_generic_args a_gen;
2820 	struct vnode *a_vp;
2821 	int a_attrnamespace;
2822 	struct uio *a_uio;
2823 	size_t *a_size;
2824 	struct ucred *a_cred;
2825 	struct thread *a_td;
2826     };
2827 */
2828 static int
2829 fuse_vnop_listextattr(struct vop_listextattr_args *ap)
2830 {
2831 	struct vnode *vp = ap->a_vp;
2832 	struct uio *uio = ap->a_uio;
2833 	struct fuse_dispatcher fdi;
2834 	struct fuse_listxattr_in *list_xattr_in;
2835 	struct fuse_listxattr_out *list_xattr_out;
2836 	struct mount *mp = vnode_mount(vp);
2837 	struct thread *td = ap->a_td;
2838 	struct ucred *cred = ap->a_cred;
2839 	char *prefix;
2840 	char *bsd_list = NULL;
2841 	char *linux_list;
2842 	int bsd_list_len;
2843 	int linux_list_len;
2844 	int err;
2845 
2846 	if (fuse_isdeadfs(vp))
2847 		return (ENXIO);
2848 
2849 	if (fsess_not_impl(mp, FUSE_LISTXATTR))
2850 		return EOPNOTSUPP;
2851 
2852 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD);
2853 	if (err)
2854 		return err;
2855 
2856 	/*
2857 	 * Add space for a NUL and the period separator if enabled.
2858 	 * Default to looking for user attributes.
2859 	 */
2860 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
2861 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
2862 	else
2863 		prefix = EXTATTR_NAMESPACE_USER_STRING;
2864 
2865 	fdisp_init(&fdi, sizeof(*list_xattr_in));
2866 	fdisp_make_vp(&fdi, FUSE_LISTXATTR, vp, td, cred);
2867 
2868 	/*
2869 	 * Retrieve Linux / FUSE compatible list size.
2870 	 */
2871 	list_xattr_in = fdi.indata;
2872 	list_xattr_in->size = 0;
2873 
2874 	err = fdisp_wait_answ(&fdi);
2875 	if (err != 0) {
2876 		if (err == ENOSYS) {
2877 			fsess_set_notimpl(mp, FUSE_LISTXATTR);
2878 			err = EOPNOTSUPP;
2879 		}
2880 		goto out;
2881 	}
2882 
2883 	list_xattr_out = fdi.answ;
2884 	linux_list_len = list_xattr_out->size;
2885 	if (linux_list_len == 0) {
2886 		if (ap->a_size != NULL)
2887 			*ap->a_size = linux_list_len;
2888 		goto out;
2889 	}
2890 
2891 	/*
2892 	 * Retrieve Linux / FUSE compatible list values.
2893 	 */
2894 	fdisp_refresh_vp(&fdi, FUSE_LISTXATTR, vp, td, cred);
2895 	list_xattr_in = fdi.indata;
2896 	list_xattr_in->size = linux_list_len;
2897 
2898 	err = fdisp_wait_answ(&fdi);
2899 	if (err == ERANGE) {
2900 		/*
2901 		 * Race detected.  The attribute list must've grown since the
2902 		 * first FUSE_LISTXATTR call.  Start over.  Go all the way back
2903 		 * to userland so we can process signals, if necessary, before
2904 		 * restarting.
2905 		 */
2906 		err = ERESTART;
2907 		goto out;
2908 	} else if (err != 0)
2909 		goto out;
2910 
2911 	linux_list = fdi.answ;
2912 	/* FUSE doesn't allow the server to return more data than requested */
2913 	if (fdi.iosize > linux_list_len) {
2914 		struct fuse_data *data = fuse_get_mpdata(mp);
2915 
2916 		fuse_warn(data, FSESS_WARN_LSEXTATTR_LONG,
2917 			"server returned "
2918 			"more extended attribute data than requested; "
2919 			"should've returned ERANGE instead.");
2920 	} else {
2921 		/* But returning less data is fine */
2922 		linux_list_len = fdi.iosize;
2923 	}
2924 
2925 	/*
2926 	 * Retrieve the BSD compatible list values.
2927 	 * The Linux / FUSE attribute list format isn't the same
2928 	 * as FreeBSD's format. So we need to transform it into
2929 	 * FreeBSD's format before giving it to the user.
2930 	 */
2931 	bsd_list = malloc(linux_list_len, M_TEMP, M_WAITOK);
2932 	err = fuse_xattrlist_convert(prefix, linux_list, linux_list_len,
2933 	    bsd_list, &bsd_list_len);
2934 	if (err != 0)
2935 		goto out;
2936 
2937 	if (ap->a_size != NULL)
2938 		*ap->a_size = bsd_list_len;
2939 
2940 	if (uio != NULL)
2941 		err = uiomove(bsd_list, bsd_list_len, uio);
2942 
2943 out:
2944 	free(bsd_list, M_TEMP);
2945 	fdisp_destroy(&fdi);
2946 	return (err);
2947 }
2948 
2949 /*
2950     struct vop_deallocate_args {
2951 	struct vop_generic_args a_gen;
2952 	struct vnode *a_vp;
2953 	off_t *a_offset;
2954 	off_t *a_len;
2955 	int a_flags;
2956 	int a_ioflag;
2957         struct ucred *a_cred;
2958     };
2959 */
2960 static int
2961 fuse_vnop_deallocate(struct vop_deallocate_args *ap)
2962 {
2963 	struct vnode *vp = ap->a_vp;
2964 	struct mount *mp = vnode_mount(vp);
2965 	struct fuse_filehandle *fufh;
2966 	struct fuse_dispatcher fdi;
2967 	struct fuse_fallocate_in *ffi;
2968 	struct ucred *cred = ap->a_cred;
2969 	pid_t pid = curthread->td_proc->p_pid;
2970 	off_t *len = ap->a_len;
2971 	off_t *offset = ap->a_offset;
2972 	int ioflag = ap->a_ioflag;
2973 	off_t filesize;
2974 	int err;
2975 	bool closefufh = false;
2976 
2977 	if (fuse_isdeadfs(vp))
2978 		return (ENXIO);
2979 
2980 	if (vfs_isrdonly(mp))
2981 		return (EROFS);
2982 
2983 	if (fsess_not_impl(mp, FUSE_FALLOCATE))
2984 		goto fallback;
2985 
2986 	err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid);
2987 	if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) {
2988 		/*
2989 		 * nfsd will do I/O without first doing VOP_OPEN.  We
2990 		 * must implicitly open the file here
2991 		 */
2992 		err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred);
2993 		closefufh = true;
2994 	}
2995 	if (err)
2996 		return (err);
2997 
2998 	fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE);
2999 
3000 	err = fuse_vnode_size(vp, &filesize, cred, curthread);
3001 	if (err)
3002 		goto out;
3003 	fuse_inval_buf_range(vp, filesize, *offset, *offset + *len);
3004 
3005 	fdisp_init(&fdi, sizeof(*ffi));
3006 	fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred);
3007 	ffi = fdi.indata;
3008 	ffi->fh = fufh->fh_id;
3009 	ffi->offset = *offset;
3010 	ffi->length = *len;
3011 	/*
3012 	 * FreeBSD's fspacectl is equivalent to Linux's fallocate with
3013 	 * mode == FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE
3014 	 */
3015 	ffi->mode = FUSE_FALLOC_FL_PUNCH_HOLE | FUSE_FALLOC_FL_KEEP_SIZE;
3016 	err = fdisp_wait_answ(&fdi);
3017 
3018 	if (err == ENOSYS) {
3019 		fdisp_destroy(&fdi);
3020 		fsess_set_notimpl(mp, FUSE_FALLOCATE);
3021 		goto fallback;
3022 	} else if (err == EOPNOTSUPP) {
3023 		/*
3024 		 * The file system server does not support FUSE_FALLOCATE with
3025 		 * the supplied mode for this particular file.
3026 		 */
3027 		fdisp_destroy(&fdi);
3028 		goto fallback;
3029 	} else if (!err) {
3030 		/*
3031 		 * Clip the returned offset to EoF.  Do it here rather than
3032 		 * before FUSE_FALLOCATE just in case the kernel's cached file
3033 		 * size is out of date.  Unfortunately, FUSE does not return
3034 		 * any information about filesize from that operation.
3035 		 */
3036 		*offset = MIN(*offset + *len, filesize);
3037 		*len = 0;
3038 		fuse_vnode_undirty_cached_timestamps(vp, false);
3039 		fuse_internal_clear_suid_on_write(vp, cred, curthread);
3040 
3041 		if (ioflag & IO_SYNC)
3042 			err = fuse_internal_fsync(vp, curthread, MNT_WAIT,
3043 			    false);
3044 	}
3045 
3046 out:
3047 	fdisp_destroy(&fdi);
3048 	if (closefufh)
3049 		fuse_filehandle_close(vp, fufh, curthread, cred);
3050 
3051 	return (err);
3052 
3053 fallback:
3054 	if (closefufh)
3055 		fuse_filehandle_close(vp, fufh, curthread, cred);
3056 
3057 	return (vop_stddeallocate(ap));
3058 }
3059 
3060 /*
3061     struct vop_deleteextattr_args {
3062 	struct vop_generic_args a_gen;
3063 	struct vnode *a_vp;
3064 	int a_attrnamespace;
3065 	const char *a_name;
3066 	struct ucred *a_cred;
3067 	struct thread *a_td;
3068     };
3069 */
3070 static int
3071 fuse_vnop_deleteextattr(struct vop_deleteextattr_args *ap)
3072 {
3073 	struct vnode *vp = ap->a_vp;
3074 	struct fuse_dispatcher fdi;
3075 	struct mount *mp = vnode_mount(vp);
3076 	struct thread *td = ap->a_td;
3077 	struct ucred *cred = ap->a_cred;
3078 	char *prefix;
3079 	size_t len;
3080 	char *attr_str;
3081 	int err;
3082 
3083 	if (fuse_isdeadfs(vp))
3084 		return (ENXIO);
3085 
3086 	if (fsess_not_impl(mp, FUSE_REMOVEXATTR))
3087 		return EOPNOTSUPP;
3088 
3089 	if (vfs_isrdonly(mp))
3090 		return EROFS;
3091 
3092 	err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td,
3093 		VWRITE);
3094 	if (err)
3095 		return err;
3096 
3097 	/* Default to looking for user attributes. */
3098 	if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM)
3099 		prefix = EXTATTR_NAMESPACE_SYSTEM_STRING;
3100 	else
3101 		prefix = EXTATTR_NAMESPACE_USER_STRING;
3102 
3103 	len = strlen(prefix) + sizeof(extattr_namespace_separator) +
3104 	    strlen(ap->a_name) + 1;
3105 
3106 	fdisp_init(&fdi, len);
3107 	fdisp_make_vp(&fdi, FUSE_REMOVEXATTR, vp, td, cred);
3108 
3109 	attr_str = fdi.indata;
3110 	snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator,
3111 	    ap->a_name);
3112 
3113 	err = fdisp_wait_answ(&fdi);
3114 	if (err == ENOSYS) {
3115 		fsess_set_notimpl(mp, FUSE_REMOVEXATTR);
3116 		err = EOPNOTSUPP;
3117 	}
3118 
3119 	fdisp_destroy(&fdi);
3120 	return (err);
3121 }
3122 
3123 /*
3124     struct vnop_print_args {
3125 	struct vnode *a_vp;
3126     };
3127 */
3128 static int
3129 fuse_vnop_print(struct vop_print_args *ap)
3130 {
3131 	struct fuse_vnode_data *fvdat = VTOFUD(ap->a_vp);
3132 
3133 	printf("nodeid: %ju, parent nodeid: %ju, nlookup: %ju, flag: %#x\n",
3134 	    (uintmax_t)VTOILLU(ap->a_vp), (uintmax_t)fvdat->parent_nid,
3135 	    (uintmax_t)fvdat->nlookup,
3136 	    fvdat->flag);
3137 
3138 	return 0;
3139 }
3140 
3141 /*
3142  * Get an NFS filehandle for a FUSE file.
3143  *
3144  * This will only work for FUSE file systems that guarantee the uniqueness of
3145  * nodeid:generation, which most don't.
3146  */
3147 /*
3148 vop_vptofh {
3149 	IN struct vnode *a_vp;
3150 	IN struct fid *a_fhp;
3151 };
3152 */
3153 static int
3154 fuse_vnop_vptofh(struct vop_vptofh_args *ap)
3155 {
3156 	struct vnode *vp = ap->a_vp;
3157 	struct fuse_vnode_data *fvdat = VTOFUD(vp);
3158 	struct fuse_fid *fhp = (struct fuse_fid *)(ap->a_fhp);
3159 	_Static_assert(sizeof(struct fuse_fid) <= sizeof(struct fid),
3160 		"FUSE fid type is too big");
3161 	struct mount *mp = vnode_mount(vp);
3162 	struct fuse_data *data = fuse_get_mpdata(mp);
3163 	struct vattr va;
3164 	int err;
3165 
3166 	if (!(data->dataflags & FSESS_EXPORT_SUPPORT)) {
3167 		/* NFS requires lookups for "." and ".." */
3168 		SDT_PROBE2(fusefs, , vnops, trace, 1,
3169 			"VOP_VPTOFH without FUSE_EXPORT_SUPPORT");
3170 		return EOPNOTSUPP;
3171 	}
3172 	if ((mp->mnt_flag & MNT_EXPORTED) &&
3173 		!(data->dataflags & FSESS_NO_OPENDIR_SUPPORT))
3174 	{
3175 		/*
3176 		 * NFS is stateless, so nfsd must reopen a directory on every
3177 		 * call to VOP_READDIR, passing in the d_off field from the
3178 		 * final dirent of the previous invocation.  But without
3179 		 * FUSE_NO_OPENDIR_SUPPORT, the FUSE protocol does not
3180 		 * guarantee that d_off will be valid after a directory is
3181 		 * closed and reopened.  So prohibit exporting FUSE file
3182 		 * systems that don't set that flag.
3183 		 *
3184 		 * But userspace NFS servers don't have this problem.
3185                  */
3186 		SDT_PROBE2(fusefs, , vnops, trace, 1,
3187 			"VOP_VPTOFH without FUSE_NO_OPENDIR_SUPPORT");
3188 		return EOPNOTSUPP;
3189 	}
3190 
3191 	err = fuse_internal_getattr(vp, &va, curthread->td_ucred, curthread);
3192 	if (err)
3193 		return err;
3194 
3195 	/*ip = VTOI(ap->a_vp);*/
3196 	/*ufhp = (struct ufid *)ap->a_fhp;*/
3197 	fhp->len = sizeof(struct fuse_fid);
3198 	fhp->nid = fvdat->nid;
3199 	if (fvdat->generation <= UINT32_MAX)
3200 		fhp->gen = fvdat->generation;
3201 	else
3202 		return EOVERFLOW;
3203 	return (0);
3204 }
3205