1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2007-2009 Google Inc. and Amit Singh 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are 9 * met: 10 * 11 * * Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * * Redistributions in binary form must reproduce the above 14 * copyright notice, this list of conditions and the following disclaimer 15 * in the documentation and/or other materials provided with the 16 * distribution. 17 * * Neither the name of Google Inc. nor the names of its 18 * contributors may be used to endorse or promote products derived from 19 * this software without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 * Copyright (C) 2005 Csaba Henk. 34 * All rights reserved. 35 * 36 * Copyright (c) 2019 The FreeBSD Foundation 37 * 38 * Portions of this software were developed by BFF Storage Systems, LLC under 39 * sponsorship from the FreeBSD Foundation. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 50 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 */ 62 63 #include <sys/cdefs.h> 64 __FBSDID("$FreeBSD$"); 65 66 #include <sys/param.h> 67 #include <sys/module.h> 68 #include <sys/systm.h> 69 #include <sys/errno.h> 70 #include <sys/kernel.h> 71 #include <sys/conf.h> 72 #include <sys/filio.h> 73 #include <sys/uio.h> 74 #include <sys/malloc.h> 75 #include <sys/queue.h> 76 #include <sys/limits.h> 77 #include <sys/lock.h> 78 #include <sys/rwlock.h> 79 #include <sys/sx.h> 80 #include <sys/proc.h> 81 #include <sys/mount.h> 82 #include <sys/vnode.h> 83 #include <sys/namei.h> 84 #include <sys/extattr.h> 85 #include <sys/stat.h> 86 #include <sys/unistd.h> 87 #include <sys/filedesc.h> 88 #include <sys/file.h> 89 #include <sys/fcntl.h> 90 #include <sys/dirent.h> 91 #include <sys/bio.h> 92 #include <sys/buf.h> 93 #include <sys/sysctl.h> 94 #include <sys/vmmeter.h> 95 96 #include <vm/vm.h> 97 #include <vm/vm_extern.h> 98 #include <vm/pmap.h> 99 #include <vm/vm_map.h> 100 #include <vm/vm_page.h> 101 #include <vm/vm_param.h> 102 #include <vm/vm_object.h> 103 #include <vm/vm_pager.h> 104 #include <vm/vnode_pager.h> 105 #include <vm/vm_object.h> 106 107 #include "fuse.h" 108 #include "fuse_file.h" 109 #include "fuse_internal.h" 110 #include "fuse_ipc.h" 111 #include "fuse_node.h" 112 #include "fuse_io.h" 113 114 #include <sys/priv.h> 115 116 /* Maximum number of hardlinks to a single FUSE file */ 117 #define FUSE_LINK_MAX UINT32_MAX 118 119 SDT_PROVIDER_DECLARE(fusefs); 120 /* 121 * Fuse trace probe: 122 * arg0: verbosity. Higher numbers give more verbose messages 123 * arg1: Textual message 124 */ 125 SDT_PROBE_DEFINE2(fusefs, , vnops, trace, "int", "char*"); 126 127 /* vnode ops */ 128 static vop_access_t fuse_vnop_access; 129 static vop_advlock_t fuse_vnop_advlock; 130 static vop_allocate_t fuse_vnop_allocate; 131 static vop_bmap_t fuse_vnop_bmap; 132 static vop_close_t fuse_fifo_close; 133 static vop_close_t fuse_vnop_close; 134 static vop_copy_file_range_t fuse_vnop_copy_file_range; 135 static vop_create_t fuse_vnop_create; 136 static vop_deallocate_t fuse_vnop_deallocate; 137 static vop_deleteextattr_t fuse_vnop_deleteextattr; 138 static vop_fdatasync_t fuse_vnop_fdatasync; 139 static vop_fsync_t fuse_vnop_fsync; 140 static vop_getattr_t fuse_vnop_getattr; 141 static vop_getextattr_t fuse_vnop_getextattr; 142 static vop_inactive_t fuse_vnop_inactive; 143 static vop_ioctl_t fuse_vnop_ioctl; 144 static vop_link_t fuse_vnop_link; 145 static vop_listextattr_t fuse_vnop_listextattr; 146 static vop_lookup_t fuse_vnop_lookup; 147 static vop_mkdir_t fuse_vnop_mkdir; 148 static vop_mknod_t fuse_vnop_mknod; 149 static vop_open_t fuse_vnop_open; 150 static vop_pathconf_t fuse_vnop_pathconf; 151 static vop_read_t fuse_vnop_read; 152 static vop_readdir_t fuse_vnop_readdir; 153 static vop_readlink_t fuse_vnop_readlink; 154 static vop_reclaim_t fuse_vnop_reclaim; 155 static vop_remove_t fuse_vnop_remove; 156 static vop_rename_t fuse_vnop_rename; 157 static vop_rmdir_t fuse_vnop_rmdir; 158 static vop_setattr_t fuse_vnop_setattr; 159 static vop_setextattr_t fuse_vnop_setextattr; 160 static vop_strategy_t fuse_vnop_strategy; 161 static vop_symlink_t fuse_vnop_symlink; 162 static vop_write_t fuse_vnop_write; 163 static vop_getpages_t fuse_vnop_getpages; 164 static vop_print_t fuse_vnop_print; 165 static vop_vptofh_t fuse_vnop_vptofh; 166 167 struct vop_vector fuse_fifoops = { 168 .vop_default = &fifo_specops, 169 .vop_access = fuse_vnop_access, 170 .vop_close = fuse_fifo_close, 171 .vop_fsync = fuse_vnop_fsync, 172 .vop_getattr = fuse_vnop_getattr, 173 .vop_inactive = fuse_vnop_inactive, 174 .vop_pathconf = fuse_vnop_pathconf, 175 .vop_print = fuse_vnop_print, 176 .vop_read = VOP_PANIC, 177 .vop_reclaim = fuse_vnop_reclaim, 178 .vop_setattr = fuse_vnop_setattr, 179 .vop_write = VOP_PANIC, 180 .vop_vptofh = fuse_vnop_vptofh, 181 }; 182 VFS_VOP_VECTOR_REGISTER(fuse_fifoops); 183 184 struct vop_vector fuse_vnops = { 185 .vop_allocate = fuse_vnop_allocate, 186 .vop_default = &default_vnodeops, 187 .vop_access = fuse_vnop_access, 188 .vop_advlock = fuse_vnop_advlock, 189 .vop_bmap = fuse_vnop_bmap, 190 .vop_close = fuse_vnop_close, 191 .vop_copy_file_range = fuse_vnop_copy_file_range, 192 .vop_create = fuse_vnop_create, 193 .vop_deallocate = fuse_vnop_deallocate, 194 .vop_deleteextattr = fuse_vnop_deleteextattr, 195 .vop_fsync = fuse_vnop_fsync, 196 .vop_fdatasync = fuse_vnop_fdatasync, 197 .vop_getattr = fuse_vnop_getattr, 198 .vop_getextattr = fuse_vnop_getextattr, 199 .vop_inactive = fuse_vnop_inactive, 200 .vop_ioctl = fuse_vnop_ioctl, 201 .vop_link = fuse_vnop_link, 202 .vop_listextattr = fuse_vnop_listextattr, 203 .vop_lookup = fuse_vnop_lookup, 204 .vop_mkdir = fuse_vnop_mkdir, 205 .vop_mknod = fuse_vnop_mknod, 206 .vop_open = fuse_vnop_open, 207 .vop_pathconf = fuse_vnop_pathconf, 208 /* 209 * TODO: implement vop_poll after upgrading to protocol 7.21. 210 * FUSE_POLL was added in protocol 7.11, but it's kind of broken until 211 * 7.21, which adds the ability for the client to choose which poll 212 * events it wants, and for a client to deregister a file handle 213 */ 214 .vop_read = fuse_vnop_read, 215 .vop_readdir = fuse_vnop_readdir, 216 .vop_readlink = fuse_vnop_readlink, 217 .vop_reclaim = fuse_vnop_reclaim, 218 .vop_remove = fuse_vnop_remove, 219 .vop_rename = fuse_vnop_rename, 220 .vop_rmdir = fuse_vnop_rmdir, 221 .vop_setattr = fuse_vnop_setattr, 222 .vop_setextattr = fuse_vnop_setextattr, 223 .vop_strategy = fuse_vnop_strategy, 224 .vop_symlink = fuse_vnop_symlink, 225 .vop_write = fuse_vnop_write, 226 .vop_getpages = fuse_vnop_getpages, 227 .vop_print = fuse_vnop_print, 228 .vop_vptofh = fuse_vnop_vptofh, 229 }; 230 VFS_VOP_VECTOR_REGISTER(fuse_vnops); 231 232 /* Check permission for extattr operations, much like extattr_check_cred */ 233 static int 234 fuse_extattr_check_cred(struct vnode *vp, int ns, struct ucred *cred, 235 struct thread *td, accmode_t accmode) 236 { 237 struct mount *mp = vnode_mount(vp); 238 struct fuse_data *data = fuse_get_mpdata(mp); 239 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 240 241 /* 242 * Kernel-invoked always succeeds. 243 */ 244 if (cred == NOCRED) 245 return (0); 246 247 /* 248 * Do not allow privileged processes in jail to directly manipulate 249 * system attributes. 250 */ 251 switch (ns) { 252 case EXTATTR_NAMESPACE_SYSTEM: 253 if (default_permissions) { 254 return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM)); 255 } 256 return (0); 257 case EXTATTR_NAMESPACE_USER: 258 if (default_permissions) { 259 return (fuse_internal_access(vp, accmode, td, cred)); 260 } 261 return (0); 262 default: 263 return (EPERM); 264 } 265 } 266 267 /* Get a filehandle for a directory */ 268 static int 269 fuse_filehandle_get_dir(struct vnode *vp, struct fuse_filehandle **fufhp, 270 struct ucred *cred, pid_t pid) 271 { 272 if (fuse_filehandle_get(vp, FREAD, fufhp, cred, pid) == 0) 273 return 0; 274 return fuse_filehandle_get(vp, FEXEC, fufhp, cred, pid); 275 } 276 277 /* Send FUSE_FLUSH for this vnode */ 278 static int 279 fuse_flush(struct vnode *vp, struct ucred *cred, pid_t pid, int fflag) 280 { 281 struct fuse_flush_in *ffi; 282 struct fuse_filehandle *fufh; 283 struct fuse_dispatcher fdi; 284 struct thread *td = curthread; 285 struct mount *mp = vnode_mount(vp); 286 int err; 287 288 if (fsess_not_impl(vnode_mount(vp), FUSE_FLUSH)) 289 return 0; 290 291 err = fuse_filehandle_getrw(vp, fflag, &fufh, cred, pid); 292 if (err) 293 return err; 294 295 fdisp_init(&fdi, sizeof(*ffi)); 296 fdisp_make_vp(&fdi, FUSE_FLUSH, vp, td, cred); 297 ffi = fdi.indata; 298 ffi->fh = fufh->fh_id; 299 /* 300 * If the file has a POSIX lock then we're supposed to set lock_owner. 301 * If not, then lock_owner is undefined. So we may as well always set 302 * it. 303 */ 304 ffi->lock_owner = td->td_proc->p_pid; 305 306 err = fdisp_wait_answ(&fdi); 307 if (err == ENOSYS) { 308 fsess_set_notimpl(mp, FUSE_FLUSH); 309 err = 0; 310 } 311 fdisp_destroy(&fdi); 312 return err; 313 } 314 315 /* Close wrapper for fifos. */ 316 static int 317 fuse_fifo_close(struct vop_close_args *ap) 318 { 319 return (fifo_specops.vop_close(ap)); 320 } 321 322 /* Invalidate a range of cached data, whether dirty of not */ 323 static int 324 fuse_inval_buf_range(struct vnode *vp, off_t filesize, off_t start, off_t end) 325 { 326 struct buf *bp; 327 daddr_t left_lbn, end_lbn, right_lbn; 328 off_t new_filesize; 329 int iosize, left_on, right_on, right_blksize; 330 331 iosize = fuse_iosize(vp); 332 left_lbn = start / iosize; 333 end_lbn = howmany(end, iosize); 334 left_on = start & (iosize - 1); 335 if (left_on != 0) { 336 bp = getblk(vp, left_lbn, iosize, PCATCH, 0, 0); 337 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyend >= left_on) { 338 /* 339 * Flush the dirty buffer, because we don't have a 340 * byte-granular way to record which parts of the 341 * buffer are valid. 342 */ 343 bwrite(bp); 344 if (bp->b_error) 345 return (bp->b_error); 346 } else { 347 brelse(bp); 348 } 349 } 350 right_on = end & (iosize - 1); 351 if (right_on != 0) { 352 right_lbn = end / iosize; 353 new_filesize = MAX(filesize, end); 354 right_blksize = MIN(iosize, new_filesize - iosize * right_lbn); 355 bp = getblk(vp, right_lbn, right_blksize, PCATCH, 0, 0); 356 if ((bp->b_flags & B_CACHE) != 0 && bp->b_dirtyoff < right_on) { 357 /* 358 * Flush the dirty buffer, because we don't have a 359 * byte-granular way to record which parts of the 360 * buffer are valid. 361 */ 362 bwrite(bp); 363 if (bp->b_error) 364 return (bp->b_error); 365 } else { 366 brelse(bp); 367 } 368 } 369 370 v_inval_buf_range(vp, left_lbn, end_lbn, iosize); 371 return (0); 372 } 373 374 375 /* Send FUSE_LSEEK for this node */ 376 static int 377 fuse_vnop_do_lseek(struct vnode *vp, struct thread *td, struct ucred *cred, 378 pid_t pid, off_t *offp, int whence) 379 { 380 struct fuse_dispatcher fdi; 381 struct fuse_filehandle *fufh; 382 struct fuse_lseek_in *flsi; 383 struct fuse_lseek_out *flso; 384 struct mount *mp = vnode_mount(vp); 385 int err; 386 387 ASSERT_VOP_LOCKED(vp, __func__); 388 389 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 390 if (err) 391 return (err); 392 fdisp_init(&fdi, sizeof(*flsi)); 393 fdisp_make_vp(&fdi, FUSE_LSEEK, vp, td, cred); 394 flsi = fdi.indata; 395 flsi->fh = fufh->fh_id; 396 flsi->offset = *offp; 397 flsi->whence = whence; 398 err = fdisp_wait_answ(&fdi); 399 if (err == ENOSYS) { 400 fsess_set_notimpl(mp, FUSE_LSEEK); 401 } else if (err == 0) { 402 fsess_set_impl(mp, FUSE_LSEEK); 403 flso = fdi.answ; 404 *offp = flso->offset; 405 } 406 fdisp_destroy(&fdi); 407 408 return (err); 409 } 410 411 /* 412 struct vnop_access_args { 413 struct vnode *a_vp; 414 #if VOP_ACCESS_TAKES_ACCMODE_T 415 accmode_t a_accmode; 416 #else 417 int a_mode; 418 #endif 419 struct ucred *a_cred; 420 struct thread *a_td; 421 }; 422 */ 423 static int 424 fuse_vnop_access(struct vop_access_args *ap) 425 { 426 struct vnode *vp = ap->a_vp; 427 int accmode = ap->a_accmode; 428 struct ucred *cred = ap->a_cred; 429 430 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 431 432 int err; 433 434 if (fuse_isdeadfs(vp)) { 435 if (vnode_isvroot(vp)) { 436 return 0; 437 } 438 return ENXIO; 439 } 440 if (!(data->dataflags & FSESS_INITED)) { 441 if (vnode_isvroot(vp)) { 442 if (priv_check_cred(cred, PRIV_VFS_ADMIN) || 443 (fuse_match_cred(data->daemoncred, cred) == 0)) { 444 return 0; 445 } 446 } 447 return EBADF; 448 } 449 if (vnode_islnk(vp)) { 450 return 0; 451 } 452 453 err = fuse_internal_access(vp, accmode, ap->a_td, ap->a_cred); 454 return err; 455 } 456 457 /* 458 * struct vop_advlock_args { 459 * struct vop_generic_args a_gen; 460 * struct vnode *a_vp; 461 * void *a_id; 462 * int a_op; 463 * struct flock *a_fl; 464 * int a_flags; 465 * } 466 */ 467 static int 468 fuse_vnop_advlock(struct vop_advlock_args *ap) 469 { 470 struct vnode *vp = ap->a_vp; 471 struct flock *fl = ap->a_fl; 472 struct thread *td = curthread; 473 struct ucred *cred = td->td_ucred; 474 pid_t pid = td->td_proc->p_pid; 475 struct fuse_filehandle *fufh; 476 struct fuse_dispatcher fdi; 477 struct fuse_lk_in *fli; 478 struct fuse_lk_out *flo; 479 struct vattr vattr; 480 enum fuse_opcode op; 481 off_t size, start; 482 int dataflags, err; 483 int flags = ap->a_flags; 484 485 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 486 487 if (fuse_isdeadfs(vp)) { 488 return ENXIO; 489 } 490 491 switch(ap->a_op) { 492 case F_GETLK: 493 op = FUSE_GETLK; 494 break; 495 case F_SETLK: 496 if (flags & F_WAIT) 497 op = FUSE_SETLKW; 498 else 499 op = FUSE_SETLK; 500 break; 501 case F_UNLCK: 502 op = FUSE_SETLK; 503 break; 504 default: 505 return EINVAL; 506 } 507 508 if (!(dataflags & FSESS_POSIX_LOCKS)) 509 return vop_stdadvlock(ap); 510 /* FUSE doesn't properly support flock until protocol 7.17 */ 511 if (flags & F_FLOCK) 512 return vop_stdadvlock(ap); 513 514 vn_lock(vp, LK_SHARED | LK_RETRY); 515 516 switch (fl->l_whence) { 517 case SEEK_SET: 518 case SEEK_CUR: 519 /* 520 * Caller is responsible for adding any necessary offset 521 * when SEEK_CUR is used. 522 */ 523 start = fl->l_start; 524 break; 525 526 case SEEK_END: 527 err = fuse_internal_getattr(vp, &vattr, cred, td); 528 if (err) 529 goto out; 530 size = vattr.va_size; 531 if (size > OFF_MAX || 532 (fl->l_start > 0 && size > OFF_MAX - fl->l_start)) { 533 err = EOVERFLOW; 534 goto out; 535 } 536 start = size + fl->l_start; 537 break; 538 539 default: 540 return (EINVAL); 541 } 542 543 err = fuse_filehandle_get_anyflags(vp, &fufh, cred, pid); 544 if (err) 545 goto out; 546 547 fdisp_init(&fdi, sizeof(*fli)); 548 549 fdisp_make_vp(&fdi, op, vp, td, cred); 550 fli = fdi.indata; 551 fli->fh = fufh->fh_id; 552 fli->owner = td->td_proc->p_pid; 553 fli->lk.start = start; 554 if (fl->l_len != 0) 555 fli->lk.end = start + fl->l_len - 1; 556 else 557 fli->lk.end = INT64_MAX; 558 fli->lk.type = fl->l_type; 559 fli->lk.pid = td->td_proc->p_pid; 560 561 err = fdisp_wait_answ(&fdi); 562 fdisp_destroy(&fdi); 563 564 if (err == 0 && op == FUSE_GETLK) { 565 flo = fdi.answ; 566 fl->l_type = flo->lk.type; 567 fl->l_whence = SEEK_SET; 568 if (flo->lk.type != F_UNLCK) { 569 fl->l_pid = flo->lk.pid; 570 fl->l_start = flo->lk.start; 571 if (flo->lk.end == INT64_MAX) 572 fl->l_len = 0; 573 else 574 fl->l_len = flo->lk.end - flo->lk.start + 1; 575 fl->l_start = flo->lk.start; 576 } 577 } 578 579 out: 580 VOP_UNLOCK(vp); 581 return err; 582 } 583 584 static int 585 fuse_vnop_allocate(struct vop_allocate_args *ap) 586 { 587 struct vnode *vp = ap->a_vp; 588 off_t *len = ap->a_len; 589 off_t *offset = ap->a_offset; 590 struct ucred *cred = ap->a_cred; 591 struct fuse_filehandle *fufh; 592 struct mount *mp = vnode_mount(vp); 593 struct fuse_dispatcher fdi; 594 struct fuse_fallocate_in *ffi; 595 struct uio io; 596 pid_t pid = curthread->td_proc->p_pid; 597 struct fuse_vnode_data *fvdat = VTOFUD(vp); 598 off_t filesize; 599 int err; 600 601 if (fuse_isdeadfs(vp)) 602 return (ENXIO); 603 604 switch (vp->v_type) { 605 case VFIFO: 606 return (ESPIPE); 607 case VLNK: 608 case VREG: 609 if (vfs_isrdonly(mp)) 610 return (EROFS); 611 break; 612 default: 613 return (ENODEV); 614 } 615 616 if (vfs_isrdonly(mp)) 617 return (EROFS); 618 619 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 620 return (EINVAL); 621 622 io.uio_offset = *offset; 623 io.uio_resid = *len; 624 err = vn_rlimit_fsize(vp, &io, curthread); 625 if (err) 626 return (err); 627 628 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 629 if (err) 630 return (err); 631 632 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 633 634 err = fuse_vnode_size(vp, &filesize, cred, curthread); 635 if (err) 636 return (err); 637 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 638 639 fdisp_init(&fdi, sizeof(*ffi)); 640 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 641 ffi = fdi.indata; 642 ffi->fh = fufh->fh_id; 643 ffi->offset = *offset; 644 ffi->length = *len; 645 ffi->mode = 0; 646 err = fdisp_wait_answ(&fdi); 647 648 if (err == ENOSYS) { 649 fsess_set_notimpl(mp, FUSE_FALLOCATE); 650 err = EINVAL; 651 } else if (err == EOPNOTSUPP) { 652 /* 653 * The file system server does not support FUSE_FALLOCATE with 654 * the supplied mode for this particular file. 655 */ 656 err = EINVAL; 657 } else if (!err) { 658 *offset += *len; 659 *len = 0; 660 fuse_vnode_undirty_cached_timestamps(vp, false); 661 fuse_internal_clear_suid_on_write(vp, cred, curthread); 662 if (*offset > fvdat->cached_attrs.va_size) { 663 fuse_vnode_setsize(vp, *offset, false); 664 getnanouptime(&fvdat->last_local_modify); 665 } 666 } 667 668 fdisp_destroy(&fdi); 669 return (err); 670 } 671 672 /* { 673 struct vnode *a_vp; 674 daddr_t a_bn; 675 struct bufobj **a_bop; 676 daddr_t *a_bnp; 677 int *a_runp; 678 int *a_runb; 679 } */ 680 static int 681 fuse_vnop_bmap(struct vop_bmap_args *ap) 682 { 683 struct vnode *vp = ap->a_vp; 684 struct bufobj **bo = ap->a_bop; 685 struct thread *td = curthread; 686 struct mount *mp; 687 struct fuse_dispatcher fdi; 688 struct fuse_bmap_in *fbi; 689 struct fuse_bmap_out *fbo; 690 struct fuse_data *data; 691 struct fuse_vnode_data *fvdat = VTOFUD(vp); 692 uint64_t biosize; 693 off_t fsize; 694 daddr_t lbn = ap->a_bn; 695 daddr_t *pbn = ap->a_bnp; 696 int *runp = ap->a_runp; 697 int *runb = ap->a_runb; 698 int error = 0; 699 int maxrun; 700 701 if (fuse_isdeadfs(vp)) { 702 return ENXIO; 703 } 704 705 mp = vnode_mount(vp); 706 data = fuse_get_mpdata(mp); 707 biosize = fuse_iosize(vp); 708 maxrun = MIN(vp->v_mount->mnt_iosize_max / biosize - 1, 709 data->max_readahead_blocks); 710 711 if (bo != NULL) 712 *bo = &vp->v_bufobj; 713 714 /* 715 * The FUSE_BMAP operation does not include the runp and runb 716 * variables, so we must guess. Report nonzero contiguous runs so 717 * cluster_read will combine adjacent reads. It's worthwhile to reduce 718 * upcalls even if we don't know the true physical layout of the file. 719 * 720 * FUSE file systems may opt out of read clustering in two ways: 721 * * mounting with -onoclusterr 722 * * Setting max_readahead <= maxbcachebuf during FUSE_INIT 723 */ 724 if (runb != NULL) 725 *runb = MIN(lbn, maxrun); 726 if (runp != NULL && maxrun == 0) 727 *runp = 0; 728 else if (runp != NULL) { 729 /* 730 * If the file's size is cached, use that value to calculate 731 * runp, even if the cache is expired. runp is only advisory, 732 * and the risk of getting it wrong is not worth the cost of 733 * another upcall. 734 */ 735 if (fvdat->cached_attrs.va_size != VNOVAL) 736 fsize = fvdat->cached_attrs.va_size; 737 else 738 error = fuse_vnode_size(vp, &fsize, td->td_ucred, td); 739 if (error == 0) 740 *runp = MIN(MAX(0, fsize / (off_t)biosize - lbn - 1), 741 maxrun); 742 else 743 *runp = 0; 744 } 745 746 if (fsess_maybe_impl(mp, FUSE_BMAP)) { 747 fdisp_init(&fdi, sizeof(*fbi)); 748 fdisp_make_vp(&fdi, FUSE_BMAP, vp, td, td->td_ucred); 749 fbi = fdi.indata; 750 fbi->block = lbn; 751 fbi->blocksize = biosize; 752 error = fdisp_wait_answ(&fdi); 753 if (error == ENOSYS) { 754 fdisp_destroy(&fdi); 755 fsess_set_notimpl(mp, FUSE_BMAP); 756 error = 0; 757 } else { 758 fbo = fdi.answ; 759 if (error == 0 && pbn != NULL) 760 *pbn = fbo->block; 761 fdisp_destroy(&fdi); 762 return error; 763 } 764 } 765 766 /* If the daemon doesn't support BMAP, make up a sensible default */ 767 if (pbn != NULL) 768 *pbn = lbn * btodb(biosize); 769 return (error); 770 } 771 772 /* 773 struct vop_close_args { 774 struct vnode *a_vp; 775 int a_fflag; 776 struct ucred *a_cred; 777 struct thread *a_td; 778 }; 779 */ 780 static int 781 fuse_vnop_close(struct vop_close_args *ap) 782 { 783 struct vnode *vp = ap->a_vp; 784 struct ucred *cred = ap->a_cred; 785 int fflag = ap->a_fflag; 786 struct thread *td = ap->a_td; 787 pid_t pid = td->td_proc->p_pid; 788 struct fuse_vnode_data *fvdat = VTOFUD(vp); 789 int err = 0; 790 791 if (fuse_isdeadfs(vp)) 792 return 0; 793 if (vnode_isdir(vp)) 794 return 0; 795 if (fflag & IO_NDELAY) 796 return 0; 797 798 err = fuse_flush(vp, cred, pid, fflag); 799 if (err == 0 && (fvdat->flag & FN_ATIMECHANGE)) { 800 struct vattr vap; 801 802 VATTR_NULL(&vap); 803 vap.va_atime = fvdat->cached_attrs.va_atime; 804 err = fuse_internal_setattr(vp, &vap, td, NULL); 805 } 806 /* TODO: close the file handle, if we're sure it's no longer used */ 807 if ((fvdat->flag & FN_SIZECHANGE) != 0) { 808 fuse_vnode_savesize(vp, cred, td->td_proc->p_pid); 809 } 810 return err; 811 } 812 813 /* 814 struct vop_copy_file_range_args { 815 struct vop_generic_args a_gen; 816 struct vnode *a_invp; 817 off_t *a_inoffp; 818 struct vnode *a_outvp; 819 off_t *a_outoffp; 820 size_t *a_lenp; 821 unsigned int a_flags; 822 struct ucred *a_incred; 823 struct ucred *a_outcred; 824 struct thread *a_fsizetd; 825 } 826 */ 827 static int 828 fuse_vnop_copy_file_range(struct vop_copy_file_range_args *ap) 829 { 830 struct vnode *invp = ap->a_invp; 831 struct vnode *outvp = ap->a_outvp; 832 struct mount *mp = vnode_mount(invp); 833 struct fuse_vnode_data *outfvdat = VTOFUD(outvp); 834 struct fuse_dispatcher fdi; 835 struct fuse_filehandle *infufh, *outfufh; 836 struct fuse_copy_file_range_in *fcfri; 837 struct ucred *incred = ap->a_incred; 838 struct ucred *outcred = ap->a_outcred; 839 struct fuse_write_out *fwo; 840 struct thread *td; 841 struct uio io; 842 off_t outfilesize; 843 ssize_t r = 0; 844 pid_t pid; 845 int err; 846 847 if (mp != vnode_mount(outvp)) 848 goto fallback; 849 850 if (incred->cr_uid != outcred->cr_uid) 851 goto fallback; 852 853 if (incred->cr_groups[0] != outcred->cr_groups[0]) 854 goto fallback; 855 856 if (fsess_not_impl(mp, FUSE_COPY_FILE_RANGE)) 857 goto fallback; 858 859 if (ap->a_fsizetd == NULL) 860 td = curthread; 861 else 862 td = ap->a_fsizetd; 863 pid = td->td_proc->p_pid; 864 865 /* Lock both vnodes, avoiding risk of deadlock. */ 866 do { 867 err = vn_lock(outvp, LK_EXCLUSIVE); 868 if (invp == outvp) 869 break; 870 if (err == 0) { 871 err = vn_lock(invp, LK_SHARED | LK_NOWAIT); 872 if (err == 0) 873 break; 874 VOP_UNLOCK(outvp); 875 err = vn_lock(invp, LK_SHARED); 876 if (err == 0) 877 VOP_UNLOCK(invp); 878 } 879 } while (err == 0); 880 if (err != 0) 881 return (err); 882 883 err = fuse_filehandle_getrw(invp, FREAD, &infufh, incred, pid); 884 if (err) 885 goto unlock; 886 887 err = fuse_filehandle_getrw(outvp, FWRITE, &outfufh, outcred, pid); 888 if (err) 889 goto unlock; 890 891 io.uio_resid = *ap->a_lenp; 892 if (ap->a_fsizetd) { 893 io.uio_offset = *ap->a_outoffp; 894 err = vn_rlimit_fsizex(outvp, &io, 0, &r, ap->a_fsizetd); 895 if (err != 0) 896 goto unlock; 897 } 898 899 err = fuse_vnode_size(outvp, &outfilesize, outcred, curthread); 900 if (err) 901 goto unlock; 902 903 err = fuse_inval_buf_range(outvp, outfilesize, *ap->a_outoffp, 904 *ap->a_outoffp + io.uio_resid); 905 if (err) 906 goto unlock; 907 908 fdisp_init(&fdi, sizeof(*fcfri)); 909 fdisp_make_vp(&fdi, FUSE_COPY_FILE_RANGE, invp, td, incred); 910 fcfri = fdi.indata; 911 fcfri->fh_in = infufh->fh_id; 912 fcfri->off_in = *ap->a_inoffp; 913 fcfri->nodeid_out = VTOI(outvp); 914 fcfri->fh_out = outfufh->fh_id; 915 fcfri->off_out = *ap->a_outoffp; 916 fcfri->len = io.uio_resid; 917 fcfri->flags = 0; 918 919 err = fdisp_wait_answ(&fdi); 920 if (err == 0) { 921 fwo = fdi.answ; 922 *ap->a_lenp = fwo->size; 923 *ap->a_inoffp += fwo->size; 924 *ap->a_outoffp += fwo->size; 925 fuse_internal_clear_suid_on_write(outvp, outcred, td); 926 if (*ap->a_outoffp > outfvdat->cached_attrs.va_size) { 927 fuse_vnode_setsize(outvp, *ap->a_outoffp, false); 928 getnanouptime(&outfvdat->last_local_modify); 929 } 930 fuse_vnode_update(invp, FN_ATIMECHANGE); 931 fuse_vnode_update(outvp, FN_MTIMECHANGE | FN_CTIMECHANGE); 932 } 933 fdisp_destroy(&fdi); 934 935 unlock: 936 if (invp != outvp) 937 VOP_UNLOCK(invp); 938 VOP_UNLOCK(outvp); 939 940 if (err == ENOSYS) { 941 fsess_set_notimpl(mp, FUSE_COPY_FILE_RANGE); 942 fallback: 943 err = vn_generic_copy_file_range(ap->a_invp, ap->a_inoffp, 944 ap->a_outvp, ap->a_outoffp, ap->a_lenp, ap->a_flags, 945 ap->a_incred, ap->a_outcred, ap->a_fsizetd); 946 } 947 948 /* 949 * No need to call vn_rlimit_fsizex_res before return, since the uio is 950 * local. 951 */ 952 return (err); 953 } 954 955 static void 956 fdisp_make_mknod_for_fallback( 957 struct fuse_dispatcher *fdip, 958 struct componentname *cnp, 959 struct vnode *dvp, 960 uint64_t parentnid, 961 struct thread *td, 962 struct ucred *cred, 963 mode_t mode, 964 enum fuse_opcode *op) 965 { 966 struct fuse_mknod_in *fmni; 967 968 fdisp_init(fdip, sizeof(*fmni) + cnp->cn_namelen + 1); 969 *op = FUSE_MKNOD; 970 fdisp_make(fdip, *op, vnode_mount(dvp), parentnid, td, cred); 971 fmni = fdip->indata; 972 fmni->mode = mode; 973 fmni->rdev = 0; 974 memcpy((char *)fdip->indata + sizeof(*fmni), cnp->cn_nameptr, 975 cnp->cn_namelen); 976 ((char *)fdip->indata)[sizeof(*fmni) + cnp->cn_namelen] = '\0'; 977 } 978 /* 979 struct vnop_create_args { 980 struct vnode *a_dvp; 981 struct vnode **a_vpp; 982 struct componentname *a_cnp; 983 struct vattr *a_vap; 984 }; 985 */ 986 static int 987 fuse_vnop_create(struct vop_create_args *ap) 988 { 989 struct vnode *dvp = ap->a_dvp; 990 struct vnode **vpp = ap->a_vpp; 991 struct componentname *cnp = ap->a_cnp; 992 struct vattr *vap = ap->a_vap; 993 struct thread *td = curthread; 994 struct ucred *cred = cnp->cn_cred; 995 996 struct fuse_data *data; 997 struct fuse_create_in *fci; 998 struct fuse_entry_out *feo; 999 struct fuse_open_out *foo; 1000 struct fuse_dispatcher fdi, fdi2; 1001 struct fuse_dispatcher *fdip = &fdi; 1002 struct fuse_dispatcher *fdip2 = NULL; 1003 1004 int err; 1005 1006 struct mount *mp = vnode_mount(dvp); 1007 data = fuse_get_mpdata(mp); 1008 uint64_t parentnid = VTOFUD(dvp)->nid; 1009 mode_t mode = MAKEIMODE(vap->va_type, vap->va_mode); 1010 enum fuse_opcode op; 1011 int flags; 1012 1013 if (fuse_isdeadfs(dvp)) 1014 return ENXIO; 1015 1016 /* FUSE expects sockets to be created with FUSE_MKNOD */ 1017 if (vap->va_type == VSOCK) 1018 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1019 1020 /* 1021 * VOP_CREATE doesn't tell us the open(2) flags, so we guess. Only a 1022 * writable mode makes sense, and we might as well include readability 1023 * too. 1024 */ 1025 flags = O_RDWR; 1026 1027 bzero(&fdi, sizeof(fdi)); 1028 1029 if (vap->va_type != VREG) 1030 return (EINVAL); 1031 1032 if (fsess_not_impl(mp, FUSE_CREATE) || vap->va_type == VSOCK) { 1033 /* Fallback to FUSE_MKNOD/FUSE_OPEN */ 1034 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, parentnid, td, 1035 cred, mode, &op); 1036 } else { 1037 /* Use FUSE_CREATE */ 1038 size_t insize; 1039 1040 op = FUSE_CREATE; 1041 fdisp_init(fdip, sizeof(*fci) + cnp->cn_namelen + 1); 1042 fdisp_make(fdip, op, vnode_mount(dvp), parentnid, td, cred); 1043 fci = fdip->indata; 1044 fci->mode = mode; 1045 fci->flags = O_CREAT | flags; 1046 if (fuse_libabi_geq(data, 7, 12)) { 1047 insize = sizeof(*fci); 1048 fci->umask = td->td_proc->p_pd->pd_cmask; 1049 } else { 1050 insize = sizeof(struct fuse_open_in); 1051 } 1052 1053 memcpy((char *)fdip->indata + insize, cnp->cn_nameptr, 1054 cnp->cn_namelen); 1055 ((char *)fdip->indata)[insize + cnp->cn_namelen] = '\0'; 1056 } 1057 1058 err = fdisp_wait_answ(fdip); 1059 1060 if (err) { 1061 if (err == ENOSYS && op == FUSE_CREATE) { 1062 fsess_set_notimpl(mp, FUSE_CREATE); 1063 fdisp_destroy(fdip); 1064 fdisp_make_mknod_for_fallback(fdip, cnp, dvp, 1065 parentnid, td, cred, mode, &op); 1066 err = fdisp_wait_answ(fdip); 1067 } 1068 if (err) 1069 goto out; 1070 } 1071 1072 feo = fdip->answ; 1073 1074 if ((err = fuse_internal_checkentry(feo, vap->va_type))) { 1075 goto out; 1076 } 1077 1078 if (op == FUSE_CREATE) { 1079 if (fuse_libabi_geq(data, 7, 9)) 1080 foo = (struct fuse_open_out*)(feo + 1); 1081 else 1082 foo = (struct fuse_open_out*)((char*)feo + 1083 FUSE_COMPAT_ENTRY_OUT_SIZE); 1084 } else { 1085 /* Issue a separate FUSE_OPEN */ 1086 struct fuse_open_in *foi; 1087 1088 fdip2 = &fdi2; 1089 fdisp_init(fdip2, sizeof(*foi)); 1090 fdisp_make(fdip2, FUSE_OPEN, vnode_mount(dvp), feo->nodeid, td, 1091 cred); 1092 foi = fdip2->indata; 1093 foi->flags = flags; 1094 err = fdisp_wait_answ(fdip2); 1095 if (err) 1096 goto out; 1097 foo = fdip2->answ; 1098 } 1099 err = fuse_vnode_get(mp, feo, feo->nodeid, dvp, vpp, cnp, vap->va_type); 1100 if (err) { 1101 struct fuse_release_in *fri; 1102 uint64_t nodeid = feo->nodeid; 1103 uint64_t fh_id = foo->fh; 1104 1105 fdisp_destroy(fdip); 1106 fdisp_init(fdip, sizeof(*fri)); 1107 fdisp_make(fdip, FUSE_RELEASE, mp, nodeid, td, cred); 1108 fri = fdip->indata; 1109 fri->fh = fh_id; 1110 fri->flags = flags; 1111 fuse_insert_callback(fdip->tick, fuse_internal_forget_callback); 1112 fuse_insert_message(fdip->tick, false); 1113 goto out; 1114 } 1115 ASSERT_VOP_ELOCKED(*vpp, "fuse_vnop_create"); 1116 fuse_internal_cache_attrs(*vpp, &feo->attr, feo->attr_valid, 1117 feo->attr_valid_nsec, NULL, true); 1118 1119 fuse_filehandle_init(*vpp, FUFH_RDWR, NULL, td, cred, foo); 1120 fuse_vnode_open(*vpp, foo->open_flags, td); 1121 /* 1122 * Purge the parent's attribute cache because the daemon should've 1123 * updated its mtime and ctime 1124 */ 1125 fuse_vnode_clear_attr_cache(dvp); 1126 cache_purge_negative(dvp); 1127 1128 out: 1129 if (fdip2) 1130 fdisp_destroy(fdip2); 1131 fdisp_destroy(fdip); 1132 return err; 1133 } 1134 1135 /* 1136 struct vnop_fdatasync_args { 1137 struct vop_generic_args a_gen; 1138 struct vnode * a_vp; 1139 struct thread * a_td; 1140 }; 1141 */ 1142 static int 1143 fuse_vnop_fdatasync(struct vop_fdatasync_args *ap) 1144 { 1145 struct vnode *vp = ap->a_vp; 1146 struct thread *td = ap->a_td; 1147 int waitfor = MNT_WAIT; 1148 1149 int err = 0; 1150 1151 if (fuse_isdeadfs(vp)) { 1152 return 0; 1153 } 1154 if ((err = vop_stdfdatasync_buf(ap))) 1155 return err; 1156 1157 return fuse_internal_fsync(vp, td, waitfor, true); 1158 } 1159 1160 /* 1161 struct vnop_fsync_args { 1162 struct vop_generic_args a_gen; 1163 struct vnode * a_vp; 1164 int a_waitfor; 1165 struct thread * a_td; 1166 }; 1167 */ 1168 static int 1169 fuse_vnop_fsync(struct vop_fsync_args *ap) 1170 { 1171 struct vnode *vp = ap->a_vp; 1172 struct thread *td = ap->a_td; 1173 int waitfor = ap->a_waitfor; 1174 int err = 0; 1175 1176 if (fuse_isdeadfs(vp)) { 1177 return 0; 1178 } 1179 if ((err = vop_stdfsync(ap))) 1180 return err; 1181 1182 return fuse_internal_fsync(vp, td, waitfor, false); 1183 } 1184 1185 /* 1186 struct vnop_getattr_args { 1187 struct vnode *a_vp; 1188 struct vattr *a_vap; 1189 struct ucred *a_cred; 1190 struct thread *a_td; 1191 }; 1192 */ 1193 static int 1194 fuse_vnop_getattr(struct vop_getattr_args *ap) 1195 { 1196 struct vnode *vp = ap->a_vp; 1197 struct vattr *vap = ap->a_vap; 1198 struct ucred *cred = ap->a_cred; 1199 struct thread *td = curthread; 1200 1201 int err = 0; 1202 int dataflags; 1203 1204 dataflags = fuse_get_mpdata(vnode_mount(vp))->dataflags; 1205 1206 /* Note that we are not bailing out on a dead file system just yet. */ 1207 1208 if (!(dataflags & FSESS_INITED)) { 1209 if (!vnode_isvroot(vp)) { 1210 fdata_set_dead(fuse_get_mpdata(vnode_mount(vp))); 1211 err = ENOTCONN; 1212 return err; 1213 } else { 1214 goto fake; 1215 } 1216 } 1217 err = fuse_internal_getattr(vp, vap, cred, td); 1218 if (err == ENOTCONN && vnode_isvroot(vp)) { 1219 /* see comment in fuse_vfsop_statfs() */ 1220 goto fake; 1221 } else { 1222 return err; 1223 } 1224 1225 fake: 1226 bzero(vap, sizeof(*vap)); 1227 vap->va_type = vnode_vtype(vp); 1228 1229 return 0; 1230 } 1231 1232 /* 1233 struct vnop_inactive_args { 1234 struct vnode *a_vp; 1235 }; 1236 */ 1237 static int 1238 fuse_vnop_inactive(struct vop_inactive_args *ap) 1239 { 1240 struct vnode *vp = ap->a_vp; 1241 struct thread *td = curthread; 1242 1243 struct fuse_vnode_data *fvdat = VTOFUD(vp); 1244 struct fuse_filehandle *fufh, *fufh_tmp; 1245 1246 int need_flush = 1; 1247 1248 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 1249 if (need_flush && vp->v_type == VREG) { 1250 if ((VTOFUD(vp)->flag & FN_SIZECHANGE) != 0) { 1251 fuse_vnode_savesize(vp, NULL, 0); 1252 } 1253 if ((fvdat->flag & FN_REVOKED) != 0) 1254 fuse_io_invalbuf(vp, td); 1255 else 1256 fuse_io_flushbuf(vp, MNT_WAIT, td); 1257 need_flush = 0; 1258 } 1259 fuse_filehandle_close(vp, fufh, td, NULL); 1260 } 1261 1262 if ((fvdat->flag & FN_REVOKED) != 0) 1263 vrecycle(vp); 1264 1265 return 0; 1266 } 1267 1268 /* 1269 struct vnop_ioctl_args { 1270 struct vnode *a_vp; 1271 u_long a_command; 1272 caddr_t a_data; 1273 int a_fflag; 1274 struct ucred *a_cred; 1275 struct thread *a_td; 1276 }; 1277 */ 1278 static int 1279 fuse_vnop_ioctl(struct vop_ioctl_args *ap) 1280 { 1281 struct vnode *vp = ap->a_vp; 1282 struct mount *mp = vnode_mount(vp); 1283 struct ucred *cred = ap->a_cred; 1284 off_t *offp; 1285 pid_t pid = ap->a_td->td_proc->p_pid; 1286 int err; 1287 1288 switch (ap->a_command) { 1289 case FIOSEEKDATA: 1290 case FIOSEEKHOLE: 1291 /* Call FUSE_LSEEK, if we can, or fall back to vop_stdioctl */ 1292 if (fsess_maybe_impl(mp, FUSE_LSEEK)) { 1293 int whence; 1294 1295 offp = ap->a_data; 1296 if (ap->a_command == FIOSEEKDATA) 1297 whence = SEEK_DATA; 1298 else 1299 whence = SEEK_HOLE; 1300 1301 vn_lock(vp, LK_SHARED | LK_RETRY); 1302 err = fuse_vnop_do_lseek(vp, ap->a_td, cred, pid, offp, 1303 whence); 1304 VOP_UNLOCK(vp); 1305 } 1306 if (fsess_not_impl(mp, FUSE_LSEEK)) 1307 err = vop_stdioctl(ap); 1308 break; 1309 default: 1310 /* TODO: implement FUSE_IOCTL */ 1311 err = ENOTTY; 1312 break; 1313 } 1314 return (err); 1315 } 1316 1317 1318 /* 1319 struct vnop_link_args { 1320 struct vnode *a_tdvp; 1321 struct vnode *a_vp; 1322 struct componentname *a_cnp; 1323 }; 1324 */ 1325 static int 1326 fuse_vnop_link(struct vop_link_args *ap) 1327 { 1328 struct vnode *vp = ap->a_vp; 1329 struct vnode *tdvp = ap->a_tdvp; 1330 struct componentname *cnp = ap->a_cnp; 1331 1332 struct vattr *vap = VTOVA(vp); 1333 1334 struct fuse_dispatcher fdi; 1335 struct fuse_entry_out *feo; 1336 struct fuse_link_in fli; 1337 1338 int err; 1339 1340 if (fuse_isdeadfs(vp)) { 1341 return ENXIO; 1342 } 1343 if (vnode_mount(tdvp) != vnode_mount(vp)) { 1344 return EXDEV; 1345 } 1346 1347 /* 1348 * This is a seatbelt check to protect naive userspace filesystems from 1349 * themselves and the limitations of the FUSE IPC protocol. If a 1350 * filesystem does not allow attribute caching, assume it is capable of 1351 * validating that nlink does not overflow. 1352 */ 1353 if (vap != NULL && vap->va_nlink >= FUSE_LINK_MAX) 1354 return EMLINK; 1355 fli.oldnodeid = VTOI(vp); 1356 1357 fdisp_init(&fdi, 0); 1358 fuse_internal_newentry_makerequest(vnode_mount(tdvp), VTOI(tdvp), cnp, 1359 FUSE_LINK, &fli, sizeof(fli), &fdi); 1360 if ((err = fdisp_wait_answ(&fdi))) { 1361 goto out; 1362 } 1363 feo = fdi.answ; 1364 1365 if (fli.oldnodeid != feo->nodeid) { 1366 struct fuse_data *data = fuse_get_mpdata(vnode_mount(vp)); 1367 fuse_warn(data, FSESS_WARN_ILLEGAL_INODE, 1368 "Assigned wrong inode for a hard link."); 1369 fuse_vnode_clear_attr_cache(vp); 1370 fuse_vnode_clear_attr_cache(tdvp); 1371 err = EIO; 1372 goto out; 1373 } 1374 1375 err = fuse_internal_checkentry(feo, vnode_vtype(vp)); 1376 if (!err) { 1377 /* 1378 * Purge the parent's attribute cache because the daemon 1379 * should've updated its mtime and ctime 1380 */ 1381 fuse_vnode_clear_attr_cache(tdvp); 1382 fuse_internal_cache_attrs(vp, &feo->attr, feo->attr_valid, 1383 feo->attr_valid_nsec, NULL, true); 1384 } 1385 out: 1386 fdisp_destroy(&fdi); 1387 return err; 1388 } 1389 1390 struct fuse_lookup_alloc_arg { 1391 struct fuse_entry_out *feo; 1392 struct componentname *cnp; 1393 uint64_t nid; 1394 enum vtype vtyp; 1395 }; 1396 1397 /* Callback for vn_get_ino */ 1398 static int 1399 fuse_lookup_alloc(struct mount *mp, void *arg, int lkflags, struct vnode **vpp) 1400 { 1401 struct fuse_lookup_alloc_arg *flaa = arg; 1402 1403 return fuse_vnode_get(mp, flaa->feo, flaa->nid, NULL, vpp, flaa->cnp, 1404 flaa->vtyp); 1405 } 1406 1407 SDT_PROBE_DEFINE3(fusefs, , vnops, cache_lookup, 1408 "int", "struct timespec*", "struct timespec*"); 1409 /* 1410 struct vnop_lookup_args { 1411 struct vnodeop_desc *a_desc; 1412 struct vnode *a_dvp; 1413 struct vnode **a_vpp; 1414 struct componentname *a_cnp; 1415 }; 1416 */ 1417 int 1418 fuse_vnop_lookup(struct vop_lookup_args *ap) 1419 { 1420 struct vnode *dvp = ap->a_dvp; 1421 struct vnode **vpp = ap->a_vpp; 1422 struct componentname *cnp = ap->a_cnp; 1423 struct thread *td = curthread; 1424 struct ucred *cred = cnp->cn_cred; 1425 struct timespec now; 1426 1427 int nameiop = cnp->cn_nameiop; 1428 int flags = cnp->cn_flags; 1429 int islastcn = flags & ISLASTCN; 1430 struct mount *mp = vnode_mount(dvp); 1431 struct fuse_data *data = fuse_get_mpdata(mp); 1432 int default_permissions = data->dataflags & FSESS_DEFAULT_PERMISSIONS; 1433 bool is_dot; 1434 1435 int err = 0; 1436 int lookup_err = 0; 1437 struct vnode *vp = NULL; 1438 1439 struct fuse_dispatcher fdi; 1440 bool did_lookup = false; 1441 struct fuse_entry_out *feo = NULL; 1442 enum vtype vtyp; /* vnode type of target */ 1443 1444 uint64_t nid; 1445 1446 if (fuse_isdeadfs(dvp)) { 1447 *vpp = NULL; 1448 return ENXIO; 1449 } 1450 if (!vnode_isdir(dvp)) 1451 return ENOTDIR; 1452 1453 if (islastcn && vfs_isrdonly(mp) && (nameiop != LOOKUP)) 1454 return EROFS; 1455 1456 if ((cnp->cn_flags & NOEXECCHECK) != 0) 1457 cnp->cn_flags &= ~NOEXECCHECK; 1458 else if ((err = fuse_internal_access(dvp, VEXEC, td, cred))) 1459 return err; 1460 1461 is_dot = cnp->cn_namelen == 1 && *(cnp->cn_nameptr) == '.'; 1462 if ((flags & ISDOTDOT) && !(data->dataflags & FSESS_EXPORT_SUPPORT)) 1463 { 1464 if (!(VTOFUD(dvp)->flag & FN_PARENT_NID)) { 1465 /* 1466 * Since the file system doesn't support ".." lookups, 1467 * we have no way to find this entry. 1468 */ 1469 return ESTALE; 1470 } 1471 nid = VTOFUD(dvp)->parent_nid; 1472 if (nid == 0) 1473 return ENOENT; 1474 /* .. is obviously a directory */ 1475 vtyp = VDIR; 1476 } else if (is_dot) { 1477 nid = VTOI(dvp); 1478 /* . is obviously a directory */ 1479 vtyp = VDIR; 1480 } else { 1481 struct timespec timeout; 1482 int ncpticks; /* here to accommodate for API contract */ 1483 1484 err = cache_lookup(dvp, vpp, cnp, &timeout, &ncpticks); 1485 getnanouptime(&now); 1486 SDT_PROBE3(fusefs, , vnops, cache_lookup, err, &timeout, &now); 1487 switch (err) { 1488 case -1: /* positive match */ 1489 if (timespeccmp(&timeout, &now, >)) { 1490 counter_u64_add(fuse_lookup_cache_hits, 1); 1491 } else { 1492 /* Cache timeout */ 1493 counter_u64_add(fuse_lookup_cache_misses, 1); 1494 bintime_clear( 1495 &VTOFUD(*vpp)->entry_cache_timeout); 1496 cache_purge(*vpp); 1497 if (dvp != *vpp) 1498 vput(*vpp); 1499 else 1500 vrele(*vpp); 1501 *vpp = NULL; 1502 break; 1503 } 1504 return 0; 1505 1506 case 0: /* no match in cache */ 1507 counter_u64_add(fuse_lookup_cache_misses, 1); 1508 break; 1509 1510 case ENOENT: /* negative match */ 1511 if (timespeccmp(&timeout, &now, <=)) { 1512 /* Cache timeout */ 1513 cache_purge_negative(dvp); 1514 break; 1515 } 1516 /* fall through */ 1517 default: 1518 return err; 1519 } 1520 1521 fdisp_init(&fdi, cnp->cn_namelen + 1); 1522 fdisp_make(&fdi, FUSE_LOOKUP, mp, VTOI(dvp), td, cred); 1523 1524 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 1525 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 1526 lookup_err = fdisp_wait_answ(&fdi); 1527 did_lookup = true; 1528 1529 if (!lookup_err) { 1530 /* lookup call succeeded */ 1531 feo = (struct fuse_entry_out *)fdi.answ; 1532 nid = feo->nodeid; 1533 if (nid == 0) { 1534 /* zero nodeid means ENOENT and cache it */ 1535 struct timespec timeout; 1536 1537 fdi.answ_stat = ENOENT; 1538 lookup_err = ENOENT; 1539 if (cnp->cn_flags & MAKEENTRY) { 1540 fuse_validity_2_timespec(feo, &timeout); 1541 /* Use the same entry_time for .. as for 1542 * the file itself. That doesn't honor 1543 * exactly what the fuse server tells 1544 * us, but to do otherwise would require 1545 * another cache lookup at this point. 1546 */ 1547 struct timespec *dtsp = NULL; 1548 cache_enter_time(dvp, *vpp, cnp, 1549 &timeout, dtsp); 1550 } 1551 } 1552 vtyp = IFTOVT(feo->attr.mode); 1553 } 1554 if (lookup_err && (!fdi.answ_stat || lookup_err != ENOENT)) { 1555 fdisp_destroy(&fdi); 1556 return lookup_err; 1557 } 1558 } 1559 /* lookup_err, if non-zero, must be ENOENT at this point */ 1560 1561 if (lookup_err) { 1562 /* Entry not found */ 1563 if ((nameiop == CREATE || nameiop == RENAME) && islastcn) { 1564 if (default_permissions) 1565 err = fuse_internal_access(dvp, VWRITE, td, 1566 cred); 1567 else 1568 err = 0; 1569 if (!err) { 1570 err = EJUSTRETURN; 1571 } 1572 } else { 1573 err = ENOENT; 1574 } 1575 } else { 1576 /* Entry was found */ 1577 if (flags & ISDOTDOT) { 1578 struct fuse_lookup_alloc_arg flaa; 1579 1580 flaa.nid = nid; 1581 flaa.feo = feo; 1582 flaa.cnp = cnp; 1583 flaa.vtyp = vtyp; 1584 err = vn_vget_ino_gen(dvp, fuse_lookup_alloc, &flaa, 0, 1585 &vp); 1586 *vpp = vp; 1587 } else if (nid == VTOI(dvp)) { 1588 if (is_dot) { 1589 vref(dvp); 1590 *vpp = dvp; 1591 } else { 1592 fuse_warn(fuse_get_mpdata(mp), 1593 FSESS_WARN_ILLEGAL_INODE, 1594 "Assigned same inode to both parent and " 1595 "child."); 1596 err = EIO; 1597 } 1598 1599 } else { 1600 struct fuse_vnode_data *fvdat; 1601 1602 err = fuse_vnode_get(vnode_mount(dvp), feo, nid, dvp, 1603 &vp, cnp, vtyp); 1604 if (err) 1605 goto out; 1606 *vpp = vp; 1607 fvdat = VTOFUD(vp); 1608 1609 MPASS(feo != NULL); 1610 if (timespeccmp(&now, &fvdat->last_local_modify, >)) { 1611 /* 1612 * Attributes from the server are definitely 1613 * newer than the last attributes we sent to 1614 * the server, so cache them. 1615 */ 1616 fuse_internal_cache_attrs(*vpp, &feo->attr, 1617 feo->attr_valid, feo->attr_valid_nsec, 1618 NULL, true); 1619 } 1620 fuse_validity_2_bintime(feo->entry_valid, 1621 feo->entry_valid_nsec, 1622 &fvdat->entry_cache_timeout); 1623 1624 if ((nameiop == DELETE || nameiop == RENAME) && 1625 islastcn && default_permissions) 1626 { 1627 struct vattr dvattr; 1628 1629 err = fuse_internal_access(dvp, VWRITE, td, 1630 cred); 1631 if (err != 0) 1632 goto out; 1633 /* 1634 * if the parent's sticky bit is set, check 1635 * whether we're allowed to remove the file. 1636 * Need to figure out the vnode locking to make 1637 * this work. 1638 */ 1639 fuse_internal_getattr(dvp, &dvattr, cred, td); 1640 if ((dvattr.va_mode & S_ISTXT) && 1641 fuse_internal_access(dvp, VADMIN, td, 1642 cred) && 1643 fuse_internal_access(*vpp, VADMIN, td, 1644 cred)) { 1645 err = EPERM; 1646 goto out; 1647 } 1648 } 1649 } 1650 } 1651 out: 1652 if (err) { 1653 if (vp != NULL && dvp != vp) 1654 vput(vp); 1655 else if (vp != NULL) 1656 vrele(vp); 1657 *vpp = NULL; 1658 } 1659 if (did_lookup) 1660 fdisp_destroy(&fdi); 1661 1662 return err; 1663 } 1664 1665 /* 1666 struct vnop_mkdir_args { 1667 struct vnode *a_dvp; 1668 struct vnode **a_vpp; 1669 struct componentname *a_cnp; 1670 struct vattr *a_vap; 1671 }; 1672 */ 1673 static int 1674 fuse_vnop_mkdir(struct vop_mkdir_args *ap) 1675 { 1676 struct vnode *dvp = ap->a_dvp; 1677 struct vnode **vpp = ap->a_vpp; 1678 struct componentname *cnp = ap->a_cnp; 1679 struct vattr *vap = ap->a_vap; 1680 1681 struct fuse_mkdir_in fmdi; 1682 1683 if (fuse_isdeadfs(dvp)) { 1684 return ENXIO; 1685 } 1686 fmdi.mode = MAKEIMODE(vap->va_type, vap->va_mode); 1687 fmdi.umask = curthread->td_proc->p_pd->pd_cmask; 1688 1689 return (fuse_internal_newentry(dvp, vpp, cnp, FUSE_MKDIR, &fmdi, 1690 sizeof(fmdi), VDIR)); 1691 } 1692 1693 /* 1694 struct vnop_mknod_args { 1695 struct vnode *a_dvp; 1696 struct vnode **a_vpp; 1697 struct componentname *a_cnp; 1698 struct vattr *a_vap; 1699 }; 1700 */ 1701 static int 1702 fuse_vnop_mknod(struct vop_mknod_args *ap) 1703 { 1704 1705 struct vnode *dvp = ap->a_dvp; 1706 struct vnode **vpp = ap->a_vpp; 1707 struct componentname *cnp = ap->a_cnp; 1708 struct vattr *vap = ap->a_vap; 1709 1710 if (fuse_isdeadfs(dvp)) 1711 return ENXIO; 1712 1713 return fuse_internal_mknod(dvp, vpp, cnp, vap); 1714 } 1715 1716 /* 1717 struct vop_open_args { 1718 struct vnode *a_vp; 1719 int a_mode; 1720 struct ucred *a_cred; 1721 struct thread *a_td; 1722 int a_fdidx; / struct file *a_fp; 1723 }; 1724 */ 1725 static int 1726 fuse_vnop_open(struct vop_open_args *ap) 1727 { 1728 struct vnode *vp = ap->a_vp; 1729 int a_mode = ap->a_mode; 1730 struct thread *td = ap->a_td; 1731 struct ucred *cred = ap->a_cred; 1732 pid_t pid = td->td_proc->p_pid; 1733 1734 if (fuse_isdeadfs(vp)) 1735 return ENXIO; 1736 if (vp->v_type == VCHR || vp->v_type == VBLK || vp->v_type == VFIFO) 1737 return (EOPNOTSUPP); 1738 if ((a_mode & (FREAD | FWRITE | FEXEC)) == 0) 1739 return EINVAL; 1740 1741 if (fuse_filehandle_validrw(vp, a_mode, cred, pid)) { 1742 fuse_vnode_open(vp, 0, td); 1743 return 0; 1744 } 1745 1746 return fuse_filehandle_open(vp, a_mode, NULL, td, cred); 1747 } 1748 1749 static int 1750 fuse_vnop_pathconf(struct vop_pathconf_args *ap) 1751 { 1752 struct vnode *vp = ap->a_vp; 1753 struct mount *mp; 1754 1755 switch (ap->a_name) { 1756 case _PC_FILESIZEBITS: 1757 *ap->a_retval = 64; 1758 return (0); 1759 case _PC_NAME_MAX: 1760 *ap->a_retval = NAME_MAX; 1761 return (0); 1762 case _PC_LINK_MAX: 1763 *ap->a_retval = MIN(LONG_MAX, FUSE_LINK_MAX); 1764 return (0); 1765 case _PC_SYMLINK_MAX: 1766 *ap->a_retval = MAXPATHLEN; 1767 return (0); 1768 case _PC_NO_TRUNC: 1769 *ap->a_retval = 1; 1770 return (0); 1771 case _PC_MIN_HOLE_SIZE: 1772 /* 1773 * The FUSE protocol provides no mechanism for a server to 1774 * report _PC_MIN_HOLE_SIZE. It's a protocol bug. Instead, 1775 * return EINVAL if the server does not support FUSE_LSEEK, or 1776 * 1 if it does. 1777 */ 1778 mp = vnode_mount(vp); 1779 if (!fsess_is_impl(mp, FUSE_LSEEK) && 1780 !fsess_not_impl(mp, FUSE_LSEEK)) { 1781 off_t offset = 0; 1782 1783 /* Issue a FUSE_LSEEK to find out if it's implemented */ 1784 fuse_vnop_do_lseek(vp, curthread, curthread->td_ucred, 1785 curthread->td_proc->p_pid, &offset, SEEK_DATA); 1786 } 1787 1788 if (fsess_is_impl(mp, FUSE_LSEEK)) { 1789 *ap->a_retval = 1; 1790 return (0); 1791 } else { 1792 /* 1793 * Probably FUSE_LSEEK is not implemented. It might 1794 * be, if the FUSE_LSEEK above returned an error like 1795 * EACCES, but in that case we can't tell, so it's 1796 * safest to report EINVAL anyway. 1797 */ 1798 return (EINVAL); 1799 } 1800 default: 1801 return (vop_stdpathconf(ap)); 1802 } 1803 } 1804 1805 SDT_PROBE_DEFINE3(fusefs, , vnops, filehandles_closed, "struct vnode*", 1806 "struct uio*", "struct ucred*"); 1807 /* 1808 struct vnop_read_args { 1809 struct vnode *a_vp; 1810 struct uio *a_uio; 1811 int a_ioflag; 1812 struct ucred *a_cred; 1813 }; 1814 */ 1815 static int 1816 fuse_vnop_read(struct vop_read_args *ap) 1817 { 1818 struct vnode *vp = ap->a_vp; 1819 struct uio *uio = ap->a_uio; 1820 int ioflag = ap->a_ioflag; 1821 struct ucred *cred = ap->a_cred; 1822 pid_t pid = curthread->td_proc->p_pid; 1823 struct fuse_filehandle *fufh; 1824 int err; 1825 bool closefufh = false, directio; 1826 1827 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 1828 1829 if (fuse_isdeadfs(vp)) { 1830 return ENXIO; 1831 } 1832 1833 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 1834 ioflag |= IO_DIRECT; 1835 } 1836 1837 err = fuse_filehandle_getrw(vp, FREAD, &fufh, cred, pid); 1838 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 1839 /* 1840 * nfsd will do I/O without first doing VOP_OPEN. We 1841 * must implicitly open the file here 1842 */ 1843 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1844 closefufh = true; 1845 } 1846 if (err) { 1847 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 1848 return err; 1849 } 1850 1851 /* 1852 * Ideally, when the daemon asks for direct io at open time, the 1853 * standard file flag should be set according to this, so that would 1854 * just change the default mode, which later on could be changed via 1855 * fcntl(2). 1856 * But this doesn't work, the O_DIRECT flag gets cleared at some point 1857 * (don't know where). So to make any use of the Fuse direct_io option, 1858 * we hardwire it into the file's private data (similarly to Linux, 1859 * btw.). 1860 */ 1861 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 1862 1863 fuse_vnode_update(vp, FN_ATIMECHANGE); 1864 if (directio) { 1865 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct read of vnode"); 1866 err = fuse_read_directbackend(vp, uio, cred, fufh); 1867 } else { 1868 SDT_PROBE2(fusefs, , vnops, trace, 1, "buffered read of vnode"); 1869 err = fuse_read_biobackend(vp, uio, ioflag, cred, fufh, pid); 1870 } 1871 1872 if (closefufh) 1873 fuse_filehandle_close(vp, fufh, curthread, cred); 1874 1875 return (err); 1876 } 1877 1878 /* 1879 struct vnop_readdir_args { 1880 struct vnode *a_vp; 1881 struct uio *a_uio; 1882 struct ucred *a_cred; 1883 int *a_eofflag; 1884 int *a_ncookies; 1885 uint64_t **a_cookies; 1886 }; 1887 */ 1888 static int 1889 fuse_vnop_readdir(struct vop_readdir_args *ap) 1890 { 1891 struct vnode *vp = ap->a_vp; 1892 struct uio *uio = ap->a_uio; 1893 struct ucred *cred = ap->a_cred; 1894 struct fuse_filehandle *fufh = NULL; 1895 struct mount *mp = vnode_mount(vp); 1896 struct fuse_iov cookediov; 1897 int err = 0; 1898 uint64_t *cookies; 1899 ssize_t tresid; 1900 int ncookies; 1901 bool closefufh = false; 1902 pid_t pid = curthread->td_proc->p_pid; 1903 1904 if (ap->a_eofflag) 1905 *ap->a_eofflag = 0; 1906 if (fuse_isdeadfs(vp)) { 1907 return ENXIO; 1908 } 1909 if ( /* XXXIP ((uio_iovcnt(uio) > 1)) || */ 1910 (uio_resid(uio) < sizeof(struct dirent))) { 1911 return EINVAL; 1912 } 1913 1914 tresid = uio->uio_resid; 1915 err = fuse_filehandle_get_dir(vp, &fufh, cred, pid); 1916 if (err == EBADF && mp->mnt_flag & MNT_EXPORTED) { 1917 KASSERT(fuse_get_mpdata(mp)->dataflags 1918 & FSESS_NO_OPENDIR_SUPPORT, 1919 ("FUSE file systems that don't set " 1920 "FUSE_NO_OPENDIR_SUPPORT should not be exported")); 1921 /* 1922 * nfsd will do VOP_READDIR without first doing VOP_OPEN. We 1923 * must implicitly open the directory here. 1924 */ 1925 err = fuse_filehandle_open(vp, FREAD, &fufh, curthread, cred); 1926 closefufh = true; 1927 } 1928 if (err) 1929 return (err); 1930 if (ap->a_ncookies != NULL) { 1931 ncookies = uio->uio_resid / 1932 (offsetof(struct dirent, d_name) + 4) + 1; 1933 cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK); 1934 *ap->a_ncookies = ncookies; 1935 *ap->a_cookies = cookies; 1936 } else { 1937 ncookies = 0; 1938 cookies = NULL; 1939 } 1940 #define DIRCOOKEDSIZE FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + MAXNAMLEN + 1) 1941 fiov_init(&cookediov, DIRCOOKEDSIZE); 1942 1943 err = fuse_internal_readdir(vp, uio, fufh, &cookediov, 1944 &ncookies, cookies); 1945 1946 fiov_teardown(&cookediov); 1947 if (closefufh) 1948 fuse_filehandle_close(vp, fufh, curthread, cred); 1949 1950 if (ap->a_ncookies != NULL) { 1951 if (err == 0) { 1952 *ap->a_ncookies -= ncookies; 1953 } else { 1954 free(*ap->a_cookies, M_TEMP); 1955 *ap->a_ncookies = 0; 1956 *ap->a_cookies = NULL; 1957 } 1958 } 1959 if (err == 0 && tresid == uio->uio_resid) 1960 *ap->a_eofflag = 1; 1961 1962 return err; 1963 } 1964 1965 /* 1966 struct vnop_readlink_args { 1967 struct vnode *a_vp; 1968 struct uio *a_uio; 1969 struct ucred *a_cred; 1970 }; 1971 */ 1972 static int 1973 fuse_vnop_readlink(struct vop_readlink_args *ap) 1974 { 1975 struct vnode *vp = ap->a_vp; 1976 struct uio *uio = ap->a_uio; 1977 struct ucred *cred = ap->a_cred; 1978 1979 struct fuse_dispatcher fdi; 1980 int err; 1981 1982 if (fuse_isdeadfs(vp)) { 1983 return ENXIO; 1984 } 1985 if (!vnode_islnk(vp)) { 1986 return EINVAL; 1987 } 1988 fdisp_init(&fdi, 0); 1989 err = fdisp_simple_putget_vp(&fdi, FUSE_READLINK, vp, curthread, cred); 1990 if (err) { 1991 goto out; 1992 } 1993 if (((char *)fdi.answ)[0] == '/' && 1994 fuse_get_mpdata(vnode_mount(vp))->dataflags & FSESS_PUSH_SYMLINKS_IN) { 1995 char *mpth = vnode_mount(vp)->mnt_stat.f_mntonname; 1996 1997 err = uiomove(mpth, strlen(mpth), uio); 1998 } 1999 if (!err) { 2000 err = uiomove(fdi.answ, fdi.iosize, uio); 2001 } 2002 out: 2003 fdisp_destroy(&fdi); 2004 return err; 2005 } 2006 2007 /* 2008 struct vnop_reclaim_args { 2009 struct vnode *a_vp; 2010 }; 2011 */ 2012 static int 2013 fuse_vnop_reclaim(struct vop_reclaim_args *ap) 2014 { 2015 struct vnode *vp = ap->a_vp; 2016 struct thread *td = curthread; 2017 struct fuse_vnode_data *fvdat = VTOFUD(vp); 2018 struct fuse_filehandle *fufh, *fufh_tmp; 2019 2020 if (!fvdat) { 2021 panic("FUSE: no vnode data during recycling"); 2022 } 2023 LIST_FOREACH_SAFE(fufh, &fvdat->handles, next, fufh_tmp) { 2024 printf("FUSE: vnode being reclaimed with open fufh " 2025 "(type=%#x)", fufh->fufh_type); 2026 fuse_filehandle_close(vp, fufh, td, NULL); 2027 } 2028 2029 if (VTOI(vp) == 1) { 2030 /* 2031 * Don't send FUSE_FORGET for the root inode, because 2032 * we never send FUSE_LOOKUP for it (see 2033 * fuse_vfsop_root) and we don't want the server to see 2034 * mismatched lookup counts. 2035 */ 2036 struct fuse_data *data; 2037 struct vnode *vroot; 2038 2039 data = fuse_get_mpdata(vnode_mount(vp)); 2040 FUSE_LOCK(); 2041 vroot = data->vroot; 2042 data->vroot = NULL; 2043 FUSE_UNLOCK(); 2044 if (vroot) 2045 vrele(vroot); 2046 } else if (!fuse_isdeadfs(vp) && fvdat->nlookup > 0) { 2047 fuse_internal_forget_send(vnode_mount(vp), td, NULL, VTOI(vp), 2048 fvdat->nlookup); 2049 } 2050 cache_purge(vp); 2051 vfs_hash_remove(vp); 2052 fuse_vnode_destroy(vp); 2053 2054 return 0; 2055 } 2056 2057 /* 2058 struct vnop_remove_args { 2059 struct vnode *a_dvp; 2060 struct vnode *a_vp; 2061 struct componentname *a_cnp; 2062 }; 2063 */ 2064 static int 2065 fuse_vnop_remove(struct vop_remove_args *ap) 2066 { 2067 struct vnode *dvp = ap->a_dvp; 2068 struct vnode *vp = ap->a_vp; 2069 struct componentname *cnp = ap->a_cnp; 2070 2071 int err; 2072 2073 if (fuse_isdeadfs(vp)) { 2074 return ENXIO; 2075 } 2076 if (vnode_isdir(vp)) { 2077 return EPERM; 2078 } 2079 2080 err = fuse_internal_remove(dvp, vp, cnp, FUSE_UNLINK); 2081 2082 return err; 2083 } 2084 2085 /* 2086 struct vnop_rename_args { 2087 struct vnode *a_fdvp; 2088 struct vnode *a_fvp; 2089 struct componentname *a_fcnp; 2090 struct vnode *a_tdvp; 2091 struct vnode *a_tvp; 2092 struct componentname *a_tcnp; 2093 }; 2094 */ 2095 static int 2096 fuse_vnop_rename(struct vop_rename_args *ap) 2097 { 2098 struct vnode *fdvp = ap->a_fdvp; 2099 struct vnode *fvp = ap->a_fvp; 2100 struct componentname *fcnp = ap->a_fcnp; 2101 struct vnode *tdvp = ap->a_tdvp; 2102 struct vnode *tvp = ap->a_tvp; 2103 struct componentname *tcnp = ap->a_tcnp; 2104 struct fuse_data *data; 2105 bool newparent = fdvp != tdvp; 2106 bool isdir = fvp->v_type == VDIR; 2107 int err = 0; 2108 2109 if (fuse_isdeadfs(fdvp)) { 2110 return ENXIO; 2111 } 2112 if (fvp->v_mount != tdvp->v_mount || 2113 (tvp && fvp->v_mount != tvp->v_mount)) { 2114 SDT_PROBE2(fusefs, , vnops, trace, 1, "cross-device rename"); 2115 err = EXDEV; 2116 goto out; 2117 } 2118 cache_purge(fvp); 2119 2120 /* 2121 * FUSE library is expected to check if target directory is not 2122 * under the source directory in the file system tree. 2123 * Linux performs this check at VFS level. 2124 */ 2125 /* 2126 * If source is a directory, and it will get a new parent, user must 2127 * have write permission to it, so ".." can be modified. 2128 */ 2129 data = fuse_get_mpdata(vnode_mount(tdvp)); 2130 if (data->dataflags & FSESS_DEFAULT_PERMISSIONS && isdir && newparent) { 2131 err = fuse_internal_access(fvp, VWRITE, 2132 curthread, tcnp->cn_cred); 2133 if (err) 2134 goto out; 2135 } 2136 sx_xlock(&data->rename_lock); 2137 err = fuse_internal_rename(fdvp, fcnp, tdvp, tcnp); 2138 if (err == 0) { 2139 if (tdvp != fdvp) 2140 fuse_vnode_setparent(fvp, tdvp); 2141 if (tvp != NULL) 2142 fuse_vnode_setparent(tvp, NULL); 2143 } 2144 sx_unlock(&data->rename_lock); 2145 2146 if (tvp != NULL && tvp != fvp) { 2147 cache_purge(tvp); 2148 } 2149 if (vnode_isdir(fvp)) { 2150 if (((tvp != NULL) && vnode_isdir(tvp)) || vnode_isdir(fvp)) { 2151 cache_purge(tdvp); 2152 } 2153 cache_purge(fdvp); 2154 } 2155 out: 2156 if (tdvp == tvp) { 2157 vrele(tdvp); 2158 } else { 2159 vput(tdvp); 2160 } 2161 if (tvp != NULL) { 2162 vput(tvp); 2163 } 2164 vrele(fdvp); 2165 vrele(fvp); 2166 2167 return err; 2168 } 2169 2170 /* 2171 struct vnop_rmdir_args { 2172 struct vnode *a_dvp; 2173 struct vnode *a_vp; 2174 struct componentname *a_cnp; 2175 } *ap; 2176 */ 2177 static int 2178 fuse_vnop_rmdir(struct vop_rmdir_args *ap) 2179 { 2180 struct vnode *dvp = ap->a_dvp; 2181 struct vnode *vp = ap->a_vp; 2182 2183 int err; 2184 2185 if (fuse_isdeadfs(vp)) { 2186 return ENXIO; 2187 } 2188 if (VTOFUD(vp) == VTOFUD(dvp)) { 2189 return EINVAL; 2190 } 2191 err = fuse_internal_remove(dvp, vp, ap->a_cnp, FUSE_RMDIR); 2192 2193 return err; 2194 } 2195 2196 /* 2197 struct vnop_setattr_args { 2198 struct vnode *a_vp; 2199 struct vattr *a_vap; 2200 struct ucred *a_cred; 2201 struct thread *a_td; 2202 }; 2203 */ 2204 static int 2205 fuse_vnop_setattr(struct vop_setattr_args *ap) 2206 { 2207 struct vnode *vp = ap->a_vp; 2208 struct vattr *vap = ap->a_vap; 2209 struct ucred *cred = ap->a_cred; 2210 struct thread *td = curthread; 2211 struct mount *mp; 2212 struct fuse_data *data; 2213 struct vattr old_va; 2214 int dataflags; 2215 int err = 0, err2; 2216 accmode_t accmode = 0; 2217 bool checkperm; 2218 bool drop_suid = false; 2219 2220 mp = vnode_mount(vp); 2221 data = fuse_get_mpdata(mp); 2222 dataflags = data->dataflags; 2223 checkperm = dataflags & FSESS_DEFAULT_PERMISSIONS; 2224 2225 if (fuse_isdeadfs(vp)) { 2226 return ENXIO; 2227 } 2228 2229 if (vap->va_uid != (uid_t)VNOVAL) { 2230 if (checkperm) { 2231 /* Only root may change a file's owner */ 2232 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2233 if (err) { 2234 /* As a special case, allow the null chown */ 2235 err2 = fuse_internal_getattr(vp, &old_va, cred, 2236 td); 2237 if (err2) 2238 return (err2); 2239 if (vap->va_uid != old_va.va_uid) 2240 return err; 2241 else 2242 accmode |= VADMIN; 2243 drop_suid = true; 2244 } else 2245 accmode |= VADMIN; 2246 } else 2247 accmode |= VADMIN; 2248 } 2249 if (vap->va_gid != (gid_t)VNOVAL) { 2250 if (checkperm && priv_check_cred(cred, PRIV_VFS_CHOWN)) 2251 drop_suid = true; 2252 if (checkperm && !groupmember(vap->va_gid, cred)) 2253 { 2254 /* 2255 * Non-root users may only chgrp to one of their own 2256 * groups 2257 */ 2258 err = priv_check_cred(cred, PRIV_VFS_CHOWN); 2259 if (err) { 2260 /* As a special case, allow the null chgrp */ 2261 err2 = fuse_internal_getattr(vp, &old_va, cred, 2262 td); 2263 if (err2) 2264 return (err2); 2265 if (vap->va_gid != old_va.va_gid) 2266 return err; 2267 accmode |= VADMIN; 2268 } else 2269 accmode |= VADMIN; 2270 } else 2271 accmode |= VADMIN; 2272 } 2273 if (vap->va_size != VNOVAL) { 2274 switch (vp->v_type) { 2275 case VDIR: 2276 return (EISDIR); 2277 case VLNK: 2278 case VREG: 2279 if (vfs_isrdonly(mp)) 2280 return (EROFS); 2281 err = vn_rlimit_trunc(vap->va_size, td); 2282 if (err) 2283 return (err); 2284 break; 2285 default: 2286 /* 2287 * According to POSIX, the result is unspecified 2288 * for file types other than regular files, 2289 * directories and shared memory objects. We 2290 * don't support shared memory objects in the file 2291 * system, and have dubious support for truncating 2292 * symlinks. Just ignore the request in other cases. 2293 */ 2294 return (0); 2295 } 2296 /* Don't set accmode. Permission to trunc is checked upstack */ 2297 } 2298 if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL) { 2299 if (vap->va_vaflags & VA_UTIMES_NULL) 2300 accmode |= VWRITE; 2301 else 2302 accmode |= VADMIN; 2303 } 2304 if (drop_suid) { 2305 if (vap->va_mode != (mode_t)VNOVAL) 2306 vap->va_mode &= ~(S_ISUID | S_ISGID); 2307 else { 2308 err = fuse_internal_getattr(vp, &old_va, cred, td); 2309 if (err) 2310 return (err); 2311 vap->va_mode = old_va.va_mode & ~(S_ISUID | S_ISGID); 2312 } 2313 } 2314 if (vap->va_mode != (mode_t)VNOVAL) { 2315 /* Only root may set the sticky bit on non-directories */ 2316 if (checkperm && vp->v_type != VDIR && (vap->va_mode & S_ISTXT) 2317 && priv_check_cred(cred, PRIV_VFS_STICKYFILE)) 2318 return EFTYPE; 2319 if (checkperm && (vap->va_mode & S_ISGID)) { 2320 err = fuse_internal_getattr(vp, &old_va, cred, td); 2321 if (err) 2322 return (err); 2323 if (!groupmember(old_va.va_gid, cred)) { 2324 err = priv_check_cred(cred, PRIV_VFS_SETGID); 2325 if (err) 2326 return (err); 2327 } 2328 } 2329 accmode |= VADMIN; 2330 } 2331 2332 if (vfs_isrdonly(mp)) 2333 return EROFS; 2334 2335 if (checkperm) { 2336 err = fuse_internal_access(vp, accmode, td, cred); 2337 } else { 2338 err = 0; 2339 } 2340 if (err) 2341 return err; 2342 else 2343 return fuse_internal_setattr(vp, vap, td, cred); 2344 } 2345 2346 /* 2347 struct vnop_strategy_args { 2348 struct vnode *a_vp; 2349 struct buf *a_bp; 2350 }; 2351 */ 2352 static int 2353 fuse_vnop_strategy(struct vop_strategy_args *ap) 2354 { 2355 struct vnode *vp = ap->a_vp; 2356 struct buf *bp = ap->a_bp; 2357 2358 if (!vp || fuse_isdeadfs(vp)) { 2359 bp->b_ioflags |= BIO_ERROR; 2360 bp->b_error = ENXIO; 2361 bufdone(bp); 2362 return 0; 2363 } 2364 2365 /* 2366 * VOP_STRATEGY always returns zero and signals error via bp->b_ioflags. 2367 * fuse_io_strategy sets bp's error fields 2368 */ 2369 (void)fuse_io_strategy(vp, bp); 2370 2371 return 0; 2372 } 2373 2374 /* 2375 struct vnop_symlink_args { 2376 struct vnode *a_dvp; 2377 struct vnode **a_vpp; 2378 struct componentname *a_cnp; 2379 struct vattr *a_vap; 2380 char *a_target; 2381 }; 2382 */ 2383 static int 2384 fuse_vnop_symlink(struct vop_symlink_args *ap) 2385 { 2386 struct vnode *dvp = ap->a_dvp; 2387 struct vnode **vpp = ap->a_vpp; 2388 struct componentname *cnp = ap->a_cnp; 2389 const char *target = ap->a_target; 2390 2391 struct fuse_dispatcher fdi; 2392 2393 int err; 2394 size_t len; 2395 2396 if (fuse_isdeadfs(dvp)) { 2397 return ENXIO; 2398 } 2399 /* 2400 * Unlike the other creator type calls, here we have to create a message 2401 * where the name of the new entry comes first, and the data describing 2402 * the entry comes second. 2403 * Hence we can't rely on our handy fuse_internal_newentry() routine, 2404 * but put together the message manually and just call the core part. 2405 */ 2406 2407 len = strlen(target) + 1; 2408 fdisp_init(&fdi, len + cnp->cn_namelen + 1); 2409 fdisp_make_vp(&fdi, FUSE_SYMLINK, dvp, curthread, NULL); 2410 2411 memcpy(fdi.indata, cnp->cn_nameptr, cnp->cn_namelen); 2412 ((char *)fdi.indata)[cnp->cn_namelen] = '\0'; 2413 memcpy((char *)fdi.indata + cnp->cn_namelen + 1, target, len); 2414 2415 err = fuse_internal_newentry_core(dvp, vpp, cnp, VLNK, &fdi); 2416 fdisp_destroy(&fdi); 2417 return err; 2418 } 2419 2420 /* 2421 struct vnop_write_args { 2422 struct vnode *a_vp; 2423 struct uio *a_uio; 2424 int a_ioflag; 2425 struct ucred *a_cred; 2426 }; 2427 */ 2428 static int 2429 fuse_vnop_write(struct vop_write_args *ap) 2430 { 2431 struct vnode *vp = ap->a_vp; 2432 struct uio *uio = ap->a_uio; 2433 int ioflag = ap->a_ioflag; 2434 struct ucred *cred = ap->a_cred; 2435 pid_t pid = curthread->td_proc->p_pid; 2436 struct fuse_filehandle *fufh; 2437 int err; 2438 bool closefufh = false, directio; 2439 2440 MPASS(vp->v_type == VREG || vp->v_type == VDIR); 2441 2442 if (fuse_isdeadfs(vp)) { 2443 return ENXIO; 2444 } 2445 2446 if (VTOFUD(vp)->flag & FN_DIRECTIO) { 2447 ioflag |= IO_DIRECT; 2448 } 2449 2450 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2451 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 2452 /* 2453 * nfsd will do I/O without first doing VOP_OPEN. We 2454 * must implicitly open the file here 2455 */ 2456 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 2457 closefufh = true; 2458 } 2459 if (err) { 2460 SDT_PROBE3(fusefs, , vnops, filehandles_closed, vp, uio, cred); 2461 return err; 2462 } 2463 2464 /* 2465 * Ideally, when the daemon asks for direct io at open time, the 2466 * standard file flag should be set according to this, so that would 2467 * just change the default mode, which later on could be changed via 2468 * fcntl(2). 2469 * But this doesn't work, the O_DIRECT flag gets cleared at some point 2470 * (don't know where). So to make any use of the Fuse direct_io option, 2471 * we hardwire it into the file's private data (similarly to Linux, 2472 * btw.). 2473 */ 2474 directio = (ioflag & IO_DIRECT) || !fsess_opt_datacache(vnode_mount(vp)); 2475 2476 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 2477 if (directio) { 2478 off_t start, end, filesize; 2479 bool pages = (ioflag & IO_VMIO) != 0; 2480 2481 SDT_PROBE2(fusefs, , vnops, trace, 1, "direct write of vnode"); 2482 2483 err = fuse_vnode_size(vp, &filesize, cred, curthread); 2484 if (err) 2485 goto out; 2486 2487 start = uio->uio_offset; 2488 end = start + uio->uio_resid; 2489 if (!pages) { 2490 err = fuse_inval_buf_range(vp, filesize, start, 2491 end); 2492 if (err) 2493 goto out; 2494 } 2495 err = fuse_write_directbackend(vp, uio, cred, fufh, 2496 filesize, ioflag, pages); 2497 } else { 2498 SDT_PROBE2(fusefs, , vnops, trace, 1, 2499 "buffered write of vnode"); 2500 if (!fsess_opt_writeback(vnode_mount(vp))) 2501 ioflag |= IO_SYNC; 2502 err = fuse_write_biobackend(vp, uio, cred, fufh, ioflag, pid); 2503 } 2504 fuse_internal_clear_suid_on_write(vp, cred, uio->uio_td); 2505 2506 out: 2507 if (closefufh) 2508 fuse_filehandle_close(vp, fufh, curthread, cred); 2509 2510 return (err); 2511 } 2512 2513 static daddr_t 2514 fuse_gbp_getblkno(struct vnode *vp, vm_ooffset_t off) 2515 { 2516 const int biosize = fuse_iosize(vp); 2517 2518 return (off / biosize); 2519 } 2520 2521 static int 2522 fuse_gbp_getblksz(struct vnode *vp, daddr_t lbn, long *blksz) 2523 { 2524 off_t filesize; 2525 int err; 2526 const int biosize = fuse_iosize(vp); 2527 2528 err = fuse_vnode_size(vp, &filesize, NULL, NULL); 2529 if (err) { 2530 /* This will turn into a SIGBUS */ 2531 return (EIO); 2532 } else if ((off_t)lbn * biosize >= filesize) { 2533 *blksz = 0; 2534 } else if ((off_t)(lbn + 1) * biosize > filesize) { 2535 *blksz = filesize - (off_t)lbn *biosize; 2536 } else { 2537 *blksz = biosize; 2538 } 2539 return (0); 2540 } 2541 2542 /* 2543 struct vnop_getpages_args { 2544 struct vnode *a_vp; 2545 vm_page_t *a_m; 2546 int a_count; 2547 int a_reqpage; 2548 }; 2549 */ 2550 static int 2551 fuse_vnop_getpages(struct vop_getpages_args *ap) 2552 { 2553 struct vnode *vp = ap->a_vp; 2554 2555 if (!fsess_opt_mmap(vnode_mount(vp))) { 2556 SDT_PROBE2(fusefs, , vnops, trace, 1, 2557 "called on non-cacheable vnode??\n"); 2558 return (VM_PAGER_ERROR); 2559 } 2560 2561 return (vfs_bio_getpages(vp, ap->a_m, ap->a_count, ap->a_rbehind, 2562 ap->a_rahead, fuse_gbp_getblkno, fuse_gbp_getblksz)); 2563 } 2564 2565 static const char extattr_namespace_separator = '.'; 2566 2567 /* 2568 struct vop_getextattr_args { 2569 struct vop_generic_args a_gen; 2570 struct vnode *a_vp; 2571 int a_attrnamespace; 2572 const char *a_name; 2573 struct uio *a_uio; 2574 size_t *a_size; 2575 struct ucred *a_cred; 2576 struct thread *a_td; 2577 }; 2578 */ 2579 static int 2580 fuse_vnop_getextattr(struct vop_getextattr_args *ap) 2581 { 2582 struct vnode *vp = ap->a_vp; 2583 struct uio *uio = ap->a_uio; 2584 struct fuse_dispatcher fdi; 2585 struct fuse_getxattr_in *get_xattr_in; 2586 struct fuse_getxattr_out *get_xattr_out; 2587 struct mount *mp = vnode_mount(vp); 2588 struct thread *td = ap->a_td; 2589 struct ucred *cred = ap->a_cred; 2590 char *prefix; 2591 char *attr_str; 2592 size_t len; 2593 int err; 2594 2595 if (fuse_isdeadfs(vp)) 2596 return (ENXIO); 2597 2598 if (fsess_not_impl(mp, FUSE_GETXATTR)) 2599 return EOPNOTSUPP; 2600 2601 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2602 if (err) 2603 return err; 2604 2605 /* Default to looking for user attributes. */ 2606 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2607 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2608 else 2609 prefix = EXTATTR_NAMESPACE_USER_STRING; 2610 2611 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2612 strlen(ap->a_name) + 1; 2613 2614 fdisp_init(&fdi, len + sizeof(*get_xattr_in)); 2615 fdisp_make_vp(&fdi, FUSE_GETXATTR, vp, td, cred); 2616 2617 get_xattr_in = fdi.indata; 2618 /* 2619 * Check to see whether we're querying the available size or 2620 * issuing the actual request. If we pass in 0, we get back struct 2621 * fuse_getxattr_out. If we pass in a non-zero size, we get back 2622 * that much data, without the struct fuse_getxattr_out header. 2623 */ 2624 if (uio == NULL) 2625 get_xattr_in->size = 0; 2626 else 2627 get_xattr_in->size = uio->uio_resid; 2628 2629 attr_str = (char *)fdi.indata + sizeof(*get_xattr_in); 2630 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2631 ap->a_name); 2632 2633 err = fdisp_wait_answ(&fdi); 2634 if (err != 0) { 2635 if (err == ENOSYS) { 2636 fsess_set_notimpl(mp, FUSE_GETXATTR); 2637 err = EOPNOTSUPP; 2638 } 2639 goto out; 2640 } 2641 2642 get_xattr_out = fdi.answ; 2643 2644 if (ap->a_size != NULL) 2645 *ap->a_size = get_xattr_out->size; 2646 2647 if (uio != NULL) 2648 err = uiomove(fdi.answ, fdi.iosize, uio); 2649 2650 out: 2651 fdisp_destroy(&fdi); 2652 return (err); 2653 } 2654 2655 /* 2656 struct vop_setextattr_args { 2657 struct vop_generic_args a_gen; 2658 struct vnode *a_vp; 2659 int a_attrnamespace; 2660 const char *a_name; 2661 struct uio *a_uio; 2662 struct ucred *a_cred; 2663 struct thread *a_td; 2664 }; 2665 */ 2666 static int 2667 fuse_vnop_setextattr(struct vop_setextattr_args *ap) 2668 { 2669 struct vnode *vp = ap->a_vp; 2670 struct uio *uio = ap->a_uio; 2671 struct fuse_dispatcher fdi; 2672 struct fuse_setxattr_in *set_xattr_in; 2673 struct mount *mp = vnode_mount(vp); 2674 struct thread *td = ap->a_td; 2675 struct ucred *cred = ap->a_cred; 2676 char *prefix; 2677 size_t len; 2678 char *attr_str; 2679 int err; 2680 2681 if (fuse_isdeadfs(vp)) 2682 return (ENXIO); 2683 2684 if (fsess_not_impl(mp, FUSE_SETXATTR)) 2685 return EOPNOTSUPP; 2686 2687 if (vfs_isrdonly(mp)) 2688 return EROFS; 2689 2690 /* Deleting xattrs must use VOP_DELETEEXTATTR instead */ 2691 if (ap->a_uio == NULL) { 2692 /* 2693 * If we got here as fallback from VOP_DELETEEXTATTR, then 2694 * return EOPNOTSUPP. 2695 */ 2696 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 2697 return (EOPNOTSUPP); 2698 else 2699 return (EINVAL); 2700 } 2701 2702 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 2703 VWRITE); 2704 if (err) 2705 return err; 2706 2707 /* Default to looking for user attributes. */ 2708 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2709 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2710 else 2711 prefix = EXTATTR_NAMESPACE_USER_STRING; 2712 2713 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 2714 strlen(ap->a_name) + 1; 2715 2716 fdisp_init(&fdi, len + sizeof(*set_xattr_in) + uio->uio_resid); 2717 fdisp_make_vp(&fdi, FUSE_SETXATTR, vp, td, cred); 2718 2719 set_xattr_in = fdi.indata; 2720 set_xattr_in->size = uio->uio_resid; 2721 2722 attr_str = (char *)fdi.indata + sizeof(*set_xattr_in); 2723 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 2724 ap->a_name); 2725 2726 err = uiomove((char *)fdi.indata + sizeof(*set_xattr_in) + len, 2727 uio->uio_resid, uio); 2728 if (err != 0) { 2729 goto out; 2730 } 2731 2732 err = fdisp_wait_answ(&fdi); 2733 2734 if (err == ENOSYS) { 2735 fsess_set_notimpl(mp, FUSE_SETXATTR); 2736 err = EOPNOTSUPP; 2737 } 2738 if (err == ERESTART) { 2739 /* Can't restart after calling uiomove */ 2740 err = EINTR; 2741 } 2742 2743 out: 2744 fdisp_destroy(&fdi); 2745 return (err); 2746 } 2747 2748 /* 2749 * The Linux / FUSE extended attribute list is simply a collection of 2750 * NUL-terminated strings. The FreeBSD extended attribute list is a single 2751 * byte length followed by a non-NUL terminated string. So, this allows 2752 * conversion of the Linux / FUSE format to the FreeBSD format in place. 2753 * Linux attribute names are reported with the namespace as a prefix (e.g. 2754 * "user.attribute_name"), but in FreeBSD they are reported without the 2755 * namespace prefix (e.g. "attribute_name"). So, we're going from: 2756 * 2757 * user.attr_name1\0user.attr_name2\0 2758 * 2759 * to: 2760 * 2761 * <num>attr_name1<num>attr_name2 2762 * 2763 * Where "<num>" is a single byte number of characters in the attribute name. 2764 * 2765 * Args: 2766 * prefix - exattr namespace prefix string 2767 * list, list_len - input list with namespace prefixes 2768 * bsd_list, bsd_list_len - output list compatible with bsd vfs 2769 */ 2770 static int 2771 fuse_xattrlist_convert(char *prefix, const char *list, int list_len, 2772 char *bsd_list, int *bsd_list_len) 2773 { 2774 int len, pos, dist_to_next, prefix_len; 2775 2776 pos = 0; 2777 *bsd_list_len = 0; 2778 prefix_len = strlen(prefix); 2779 2780 while (pos < list_len && list[pos] != '\0') { 2781 dist_to_next = strlen(&list[pos]) + 1; 2782 if (bcmp(&list[pos], prefix, prefix_len) == 0 && 2783 list[pos + prefix_len] == extattr_namespace_separator) { 2784 len = dist_to_next - 2785 (prefix_len + sizeof(extattr_namespace_separator)) - 1; 2786 if (len >= EXTATTR_MAXNAMELEN) 2787 return (ENAMETOOLONG); 2788 2789 bsd_list[*bsd_list_len] = len; 2790 memcpy(&bsd_list[*bsd_list_len + 1], 2791 &list[pos + prefix_len + 2792 sizeof(extattr_namespace_separator)], len); 2793 2794 *bsd_list_len += len + 1; 2795 } 2796 2797 pos += dist_to_next; 2798 } 2799 2800 return (0); 2801 } 2802 2803 /* 2804 * List extended attributes 2805 * 2806 * The FUSE_LISTXATTR operation is based on Linux's listxattr(2) syscall, which 2807 * has a number of differences compared to its FreeBSD equivalent, 2808 * extattr_list_file: 2809 * 2810 * - FUSE_LISTXATTR returns all extended attributes across all namespaces, 2811 * whereas listxattr(2) only returns attributes for a single namespace 2812 * - FUSE_LISTXATTR prepends each attribute name with "namespace." 2813 * - If the provided buffer is not large enough to hold the result, 2814 * FUSE_LISTXATTR should return ERANGE, whereas listxattr is expected to 2815 * return as many results as will fit. 2816 */ 2817 /* 2818 struct vop_listextattr_args { 2819 struct vop_generic_args a_gen; 2820 struct vnode *a_vp; 2821 int a_attrnamespace; 2822 struct uio *a_uio; 2823 size_t *a_size; 2824 struct ucred *a_cred; 2825 struct thread *a_td; 2826 }; 2827 */ 2828 static int 2829 fuse_vnop_listextattr(struct vop_listextattr_args *ap) 2830 { 2831 struct vnode *vp = ap->a_vp; 2832 struct uio *uio = ap->a_uio; 2833 struct fuse_dispatcher fdi; 2834 struct fuse_listxattr_in *list_xattr_in; 2835 struct fuse_listxattr_out *list_xattr_out; 2836 struct mount *mp = vnode_mount(vp); 2837 struct thread *td = ap->a_td; 2838 struct ucred *cred = ap->a_cred; 2839 char *prefix; 2840 char *bsd_list = NULL; 2841 char *linux_list; 2842 int bsd_list_len; 2843 int linux_list_len; 2844 int err; 2845 2846 if (fuse_isdeadfs(vp)) 2847 return (ENXIO); 2848 2849 if (fsess_not_impl(mp, FUSE_LISTXATTR)) 2850 return EOPNOTSUPP; 2851 2852 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, VREAD); 2853 if (err) 2854 return err; 2855 2856 /* 2857 * Add space for a NUL and the period separator if enabled. 2858 * Default to looking for user attributes. 2859 */ 2860 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 2861 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 2862 else 2863 prefix = EXTATTR_NAMESPACE_USER_STRING; 2864 2865 fdisp_init(&fdi, sizeof(*list_xattr_in)); 2866 fdisp_make_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2867 2868 /* 2869 * Retrieve Linux / FUSE compatible list size. 2870 */ 2871 list_xattr_in = fdi.indata; 2872 list_xattr_in->size = 0; 2873 2874 err = fdisp_wait_answ(&fdi); 2875 if (err != 0) { 2876 if (err == ENOSYS) { 2877 fsess_set_notimpl(mp, FUSE_LISTXATTR); 2878 err = EOPNOTSUPP; 2879 } 2880 goto out; 2881 } 2882 2883 list_xattr_out = fdi.answ; 2884 linux_list_len = list_xattr_out->size; 2885 if (linux_list_len == 0) { 2886 if (ap->a_size != NULL) 2887 *ap->a_size = linux_list_len; 2888 goto out; 2889 } 2890 2891 /* 2892 * Retrieve Linux / FUSE compatible list values. 2893 */ 2894 fdisp_refresh_vp(&fdi, FUSE_LISTXATTR, vp, td, cred); 2895 list_xattr_in = fdi.indata; 2896 list_xattr_in->size = linux_list_len; 2897 2898 err = fdisp_wait_answ(&fdi); 2899 if (err == ERANGE) { 2900 /* 2901 * Race detected. The attribute list must've grown since the 2902 * first FUSE_LISTXATTR call. Start over. Go all the way back 2903 * to userland so we can process signals, if necessary, before 2904 * restarting. 2905 */ 2906 err = ERESTART; 2907 goto out; 2908 } else if (err != 0) 2909 goto out; 2910 2911 linux_list = fdi.answ; 2912 /* FUSE doesn't allow the server to return more data than requested */ 2913 if (fdi.iosize > linux_list_len) { 2914 struct fuse_data *data = fuse_get_mpdata(mp); 2915 2916 fuse_warn(data, FSESS_WARN_LSEXTATTR_LONG, 2917 "server returned " 2918 "more extended attribute data than requested; " 2919 "should've returned ERANGE instead."); 2920 } else { 2921 /* But returning less data is fine */ 2922 linux_list_len = fdi.iosize; 2923 } 2924 2925 /* 2926 * Retrieve the BSD compatible list values. 2927 * The Linux / FUSE attribute list format isn't the same 2928 * as FreeBSD's format. So we need to transform it into 2929 * FreeBSD's format before giving it to the user. 2930 */ 2931 bsd_list = malloc(linux_list_len, M_TEMP, M_WAITOK); 2932 err = fuse_xattrlist_convert(prefix, linux_list, linux_list_len, 2933 bsd_list, &bsd_list_len); 2934 if (err != 0) 2935 goto out; 2936 2937 if (ap->a_size != NULL) 2938 *ap->a_size = bsd_list_len; 2939 2940 if (uio != NULL) 2941 err = uiomove(bsd_list, bsd_list_len, uio); 2942 2943 out: 2944 free(bsd_list, M_TEMP); 2945 fdisp_destroy(&fdi); 2946 return (err); 2947 } 2948 2949 /* 2950 struct vop_deallocate_args { 2951 struct vop_generic_args a_gen; 2952 struct vnode *a_vp; 2953 off_t *a_offset; 2954 off_t *a_len; 2955 int a_flags; 2956 int a_ioflag; 2957 struct ucred *a_cred; 2958 }; 2959 */ 2960 static int 2961 fuse_vnop_deallocate(struct vop_deallocate_args *ap) 2962 { 2963 struct vnode *vp = ap->a_vp; 2964 struct mount *mp = vnode_mount(vp); 2965 struct fuse_filehandle *fufh; 2966 struct fuse_dispatcher fdi; 2967 struct fuse_fallocate_in *ffi; 2968 struct ucred *cred = ap->a_cred; 2969 pid_t pid = curthread->td_proc->p_pid; 2970 off_t *len = ap->a_len; 2971 off_t *offset = ap->a_offset; 2972 int ioflag = ap->a_ioflag; 2973 off_t filesize; 2974 int err; 2975 bool closefufh = false; 2976 2977 if (fuse_isdeadfs(vp)) 2978 return (ENXIO); 2979 2980 if (vfs_isrdonly(mp)) 2981 return (EROFS); 2982 2983 if (fsess_not_impl(mp, FUSE_FALLOCATE)) 2984 goto fallback; 2985 2986 err = fuse_filehandle_getrw(vp, FWRITE, &fufh, cred, pid); 2987 if (err == EBADF && vnode_mount(vp)->mnt_flag & MNT_EXPORTED) { 2988 /* 2989 * nfsd will do I/O without first doing VOP_OPEN. We 2990 * must implicitly open the file here 2991 */ 2992 err = fuse_filehandle_open(vp, FWRITE, &fufh, curthread, cred); 2993 closefufh = true; 2994 } 2995 if (err) 2996 return (err); 2997 2998 fuse_vnode_update(vp, FN_MTIMECHANGE | FN_CTIMECHANGE); 2999 3000 err = fuse_vnode_size(vp, &filesize, cred, curthread); 3001 if (err) 3002 goto out; 3003 fuse_inval_buf_range(vp, filesize, *offset, *offset + *len); 3004 3005 fdisp_init(&fdi, sizeof(*ffi)); 3006 fdisp_make_vp(&fdi, FUSE_FALLOCATE, vp, curthread, cred); 3007 ffi = fdi.indata; 3008 ffi->fh = fufh->fh_id; 3009 ffi->offset = *offset; 3010 ffi->length = *len; 3011 /* 3012 * FreeBSD's fspacectl is equivalent to Linux's fallocate with 3013 * mode == FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE 3014 */ 3015 ffi->mode = FUSE_FALLOC_FL_PUNCH_HOLE | FUSE_FALLOC_FL_KEEP_SIZE; 3016 err = fdisp_wait_answ(&fdi); 3017 3018 if (err == ENOSYS) { 3019 fdisp_destroy(&fdi); 3020 fsess_set_notimpl(mp, FUSE_FALLOCATE); 3021 goto fallback; 3022 } else if (err == EOPNOTSUPP) { 3023 /* 3024 * The file system server does not support FUSE_FALLOCATE with 3025 * the supplied mode for this particular file. 3026 */ 3027 fdisp_destroy(&fdi); 3028 goto fallback; 3029 } else if (!err) { 3030 /* 3031 * Clip the returned offset to EoF. Do it here rather than 3032 * before FUSE_FALLOCATE just in case the kernel's cached file 3033 * size is out of date. Unfortunately, FUSE does not return 3034 * any information about filesize from that operation. 3035 */ 3036 *offset = MIN(*offset + *len, filesize); 3037 *len = 0; 3038 fuse_vnode_undirty_cached_timestamps(vp, false); 3039 fuse_internal_clear_suid_on_write(vp, cred, curthread); 3040 3041 if (ioflag & IO_SYNC) 3042 err = fuse_internal_fsync(vp, curthread, MNT_WAIT, 3043 false); 3044 } 3045 3046 out: 3047 fdisp_destroy(&fdi); 3048 if (closefufh) 3049 fuse_filehandle_close(vp, fufh, curthread, cred); 3050 3051 return (err); 3052 3053 fallback: 3054 if (closefufh) 3055 fuse_filehandle_close(vp, fufh, curthread, cred); 3056 3057 return (vop_stddeallocate(ap)); 3058 } 3059 3060 /* 3061 struct vop_deleteextattr_args { 3062 struct vop_generic_args a_gen; 3063 struct vnode *a_vp; 3064 int a_attrnamespace; 3065 const char *a_name; 3066 struct ucred *a_cred; 3067 struct thread *a_td; 3068 }; 3069 */ 3070 static int 3071 fuse_vnop_deleteextattr(struct vop_deleteextattr_args *ap) 3072 { 3073 struct vnode *vp = ap->a_vp; 3074 struct fuse_dispatcher fdi; 3075 struct mount *mp = vnode_mount(vp); 3076 struct thread *td = ap->a_td; 3077 struct ucred *cred = ap->a_cred; 3078 char *prefix; 3079 size_t len; 3080 char *attr_str; 3081 int err; 3082 3083 if (fuse_isdeadfs(vp)) 3084 return (ENXIO); 3085 3086 if (fsess_not_impl(mp, FUSE_REMOVEXATTR)) 3087 return EOPNOTSUPP; 3088 3089 if (vfs_isrdonly(mp)) 3090 return EROFS; 3091 3092 err = fuse_extattr_check_cred(vp, ap->a_attrnamespace, cred, td, 3093 VWRITE); 3094 if (err) 3095 return err; 3096 3097 /* Default to looking for user attributes. */ 3098 if (ap->a_attrnamespace == EXTATTR_NAMESPACE_SYSTEM) 3099 prefix = EXTATTR_NAMESPACE_SYSTEM_STRING; 3100 else 3101 prefix = EXTATTR_NAMESPACE_USER_STRING; 3102 3103 len = strlen(prefix) + sizeof(extattr_namespace_separator) + 3104 strlen(ap->a_name) + 1; 3105 3106 fdisp_init(&fdi, len); 3107 fdisp_make_vp(&fdi, FUSE_REMOVEXATTR, vp, td, cred); 3108 3109 attr_str = fdi.indata; 3110 snprintf(attr_str, len, "%s%c%s", prefix, extattr_namespace_separator, 3111 ap->a_name); 3112 3113 err = fdisp_wait_answ(&fdi); 3114 if (err == ENOSYS) { 3115 fsess_set_notimpl(mp, FUSE_REMOVEXATTR); 3116 err = EOPNOTSUPP; 3117 } 3118 3119 fdisp_destroy(&fdi); 3120 return (err); 3121 } 3122 3123 /* 3124 struct vnop_print_args { 3125 struct vnode *a_vp; 3126 }; 3127 */ 3128 static int 3129 fuse_vnop_print(struct vop_print_args *ap) 3130 { 3131 struct fuse_vnode_data *fvdat = VTOFUD(ap->a_vp); 3132 3133 printf("nodeid: %ju, parent nodeid: %ju, nlookup: %ju, flag: %#x\n", 3134 (uintmax_t)VTOILLU(ap->a_vp), (uintmax_t)fvdat->parent_nid, 3135 (uintmax_t)fvdat->nlookup, 3136 fvdat->flag); 3137 3138 return 0; 3139 } 3140 3141 /* 3142 * Get an NFS filehandle for a FUSE file. 3143 * 3144 * This will only work for FUSE file systems that guarantee the uniqueness of 3145 * nodeid:generation, which most don't. 3146 */ 3147 /* 3148 vop_vptofh { 3149 IN struct vnode *a_vp; 3150 IN struct fid *a_fhp; 3151 }; 3152 */ 3153 static int 3154 fuse_vnop_vptofh(struct vop_vptofh_args *ap) 3155 { 3156 struct vnode *vp = ap->a_vp; 3157 struct fuse_vnode_data *fvdat = VTOFUD(vp); 3158 struct fuse_fid *fhp = (struct fuse_fid *)(ap->a_fhp); 3159 _Static_assert(sizeof(struct fuse_fid) <= sizeof(struct fid), 3160 "FUSE fid type is too big"); 3161 struct mount *mp = vnode_mount(vp); 3162 struct fuse_data *data = fuse_get_mpdata(mp); 3163 struct vattr va; 3164 int err; 3165 3166 if (!(data->dataflags & FSESS_EXPORT_SUPPORT)) { 3167 /* NFS requires lookups for "." and ".." */ 3168 SDT_PROBE2(fusefs, , vnops, trace, 1, 3169 "VOP_VPTOFH without FUSE_EXPORT_SUPPORT"); 3170 return EOPNOTSUPP; 3171 } 3172 if ((mp->mnt_flag & MNT_EXPORTED) && 3173 !(data->dataflags & FSESS_NO_OPENDIR_SUPPORT)) 3174 { 3175 /* 3176 * NFS is stateless, so nfsd must reopen a directory on every 3177 * call to VOP_READDIR, passing in the d_off field from the 3178 * final dirent of the previous invocation. But without 3179 * FUSE_NO_OPENDIR_SUPPORT, the FUSE protocol does not 3180 * guarantee that d_off will be valid after a directory is 3181 * closed and reopened. So prohibit exporting FUSE file 3182 * systems that don't set that flag. 3183 * 3184 * But userspace NFS servers don't have this problem. 3185 */ 3186 SDT_PROBE2(fusefs, , vnops, trace, 1, 3187 "VOP_VPTOFH without FUSE_NO_OPENDIR_SUPPORT"); 3188 return EOPNOTSUPP; 3189 } 3190 3191 err = fuse_internal_getattr(vp, &va, curthread->td_ucred, curthread); 3192 if (err) 3193 return err; 3194 3195 /*ip = VTOI(ap->a_vp);*/ 3196 /*ufhp = (struct ufid *)ap->a_fhp;*/ 3197 fhp->len = sizeof(struct fuse_fid); 3198 fhp->nid = fvdat->nid; 3199 if (fvdat->generation <= UINT32_MAX) 3200 fhp->gen = fvdat->generation; 3201 else 3202 return EOVERFLOW; 3203 return (0); 3204 } 3205