xref: /freebsd/sys/fs/msdosfs/msdosfs_vfsops.c (revision 7e1d3eefd410ca0fbae5a217422821244c3eeee4)
1 /* $FreeBSD$ */
2 /*	$NetBSD: msdosfs_vfsops.c,v 1.51 1997/11/17 15:36:58 ws Exp $	*/
3 
4 /*-
5  * SPDX-License-Identifier: BSD-4-Clause
6  *
7  * Copyright (C) 1994, 1995, 1997 Wolfgang Solfrank.
8  * Copyright (C) 1994, 1995, 1997 TooLs GmbH.
9  * All rights reserved.
10  * Original code by Paul Popelka (paulp@uts.amdahl.com) (see below).
11  *
12  * Redistribution and use in source and binary forms, with or without
13  * modification, are permitted provided that the following conditions
14  * are met:
15  * 1. Redistributions of source code must retain the above copyright
16  *    notice, this list of conditions and the following disclaimer.
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  * 3. All advertising materials mentioning features or use of this software
21  *    must display the following acknowledgement:
22  *	This product includes software developed by TooLs GmbH.
23  * 4. The name of TooLs GmbH may not be used to endorse or promote products
24  *    derived from this software without specific prior written permission.
25  *
26  * THIS SOFTWARE IS PROVIDED BY TOOLS GMBH ``AS IS'' AND ANY EXPRESS OR
27  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
28  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
29  * IN NO EVENT SHALL TOOLS GMBH BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
31  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
32  * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
33  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
34  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
35  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36  */
37 /*-
38  * Written by Paul Popelka (paulp@uts.amdahl.com)
39  *
40  * You can do anything you want with this software, just don't say you wrote
41  * it, and don't remove this notice.
42  *
43  * This software is provided "as is".
44  *
45  * The author supplies this software to be publicly redistributed on the
46  * understanding that the author is not responsible for the correct
47  * functioning of this software in any circumstances and is not liable for
48  * any damages caused by this software.
49  *
50  * October 1992
51  */
52 
53 #include <sys/param.h>
54 #include <sys/systm.h>
55 #include <sys/buf.h>
56 #include <sys/conf.h>
57 #include <sys/fcntl.h>
58 #include <sys/iconv.h>
59 #include <sys/kernel.h>
60 #include <sys/lock.h>
61 #include <sys/malloc.h>
62 #include <sys/mount.h>
63 #include <sys/mutex.h>
64 #include <sys/namei.h>
65 #include <sys/priv.h>
66 #include <sys/proc.h>
67 #include <sys/stat.h>
68 #include <sys/vnode.h>
69 
70 #include <geom/geom.h>
71 #include <geom/geom_vfs.h>
72 
73 #include <fs/msdosfs/bootsect.h>
74 #include <fs/msdosfs/bpb.h>
75 #include <fs/msdosfs/direntry.h>
76 #include <fs/msdosfs/denode.h>
77 #include <fs/msdosfs/fat.h>
78 #include <fs/msdosfs/msdosfsmount.h>
79 
80 #ifdef MSDOSFS_DEBUG
81 #include <sys/rwlock.h>
82 #endif
83 
84 static const char msdosfs_lock_msg[] = "fatlk";
85 
86 /* Mount options that we support. */
87 static const char *msdosfs_opts[] = {
88 	"async", "noatime", "noclusterr", "noclusterw",
89 	"export", "force", "from", "sync",
90 	"cs_dos", "cs_local", "cs_win", "dirmask",
91 	"gid", "kiconv", "longname",
92 	"longnames", "mask", "shortname", "shortnames",
93 	"uid", "win95", "nowin95",
94 	NULL
95 };
96 
97 #if 1 /*def PC98*/
98 /*
99  * XXX - The boot signature formatted by NEC PC-98 DOS looks like a
100  *       garbage or a random value :-{
101  *       If you want to use that broken-signatured media, define the
102  *       following symbol even though PC/AT.
103  *       (ex. mount PC-98 DOS formatted FD on PC/AT)
104  */
105 #define	MSDOSFS_NOCHECKSIG
106 #endif
107 
108 MALLOC_DEFINE(M_MSDOSFSMNT, "msdosfs_mount", "MSDOSFS mount structure");
109 static MALLOC_DEFINE(M_MSDOSFSFAT, "msdosfs_fat", "MSDOSFS file allocation table");
110 
111 struct iconv_functions *msdosfs_iconv;
112 
113 static int	update_mp(struct mount *mp, struct thread *td);
114 static int	mountmsdosfs(struct vnode *devvp, struct mount *mp);
115 static vfs_fhtovp_t	msdosfs_fhtovp;
116 static vfs_mount_t	msdosfs_mount;
117 static vfs_root_t	msdosfs_root;
118 static vfs_statfs_t	msdosfs_statfs;
119 static vfs_sync_t	msdosfs_sync;
120 static vfs_unmount_t	msdosfs_unmount;
121 
122 /* Maximum length of a character set name (arbitrary). */
123 #define	MAXCSLEN	64
124 
125 static int
126 update_mp(struct mount *mp, struct thread *td)
127 {
128 	struct msdosfsmount *pmp = VFSTOMSDOSFS(mp);
129 	void *dos, *win, *local;
130 	int error, v;
131 
132 	if (!vfs_getopt(mp->mnt_optnew, "kiconv", NULL, NULL)) {
133 		if (msdosfs_iconv != NULL) {
134 			error = vfs_getopt(mp->mnt_optnew,
135 			    "cs_win", &win, NULL);
136 			if (!error)
137 				error = vfs_getopt(mp->mnt_optnew,
138 				    "cs_local", &local, NULL);
139 			if (!error)
140 				error = vfs_getopt(mp->mnt_optnew,
141 				    "cs_dos", &dos, NULL);
142 			if (!error) {
143 				msdosfs_iconv->open(win, local, &pmp->pm_u2w);
144 				msdosfs_iconv->open(local, win, &pmp->pm_w2u);
145 				msdosfs_iconv->open(dos, local, &pmp->pm_u2d);
146 				msdosfs_iconv->open(local, dos, &pmp->pm_d2u);
147 			}
148 			if (error != 0)
149 				return (error);
150 		} else {
151 			pmp->pm_w2u = NULL;
152 			pmp->pm_u2w = NULL;
153 			pmp->pm_d2u = NULL;
154 			pmp->pm_u2d = NULL;
155 		}
156 	}
157 
158 	if (vfs_scanopt(mp->mnt_optnew, "gid", "%d", &v) == 1)
159 		pmp->pm_gid = v;
160 	if (vfs_scanopt(mp->mnt_optnew, "uid", "%d", &v) == 1)
161 		pmp->pm_uid = v;
162 	if (vfs_scanopt(mp->mnt_optnew, "mask", "%d", &v) == 1)
163 		pmp->pm_mask = v & ALLPERMS;
164 	if (vfs_scanopt(mp->mnt_optnew, "dirmask", "%d", &v) == 1)
165 		pmp->pm_dirmask = v & ALLPERMS;
166 	vfs_flagopt(mp->mnt_optnew, "shortname",
167 	    &pmp->pm_flags, MSDOSFSMNT_SHORTNAME);
168 	vfs_flagopt(mp->mnt_optnew, "shortnames",
169 	    &pmp->pm_flags, MSDOSFSMNT_SHORTNAME);
170 	vfs_flagopt(mp->mnt_optnew, "longname",
171 	    &pmp->pm_flags, MSDOSFSMNT_LONGNAME);
172 	vfs_flagopt(mp->mnt_optnew, "longnames",
173 	    &pmp->pm_flags, MSDOSFSMNT_LONGNAME);
174 	vfs_flagopt(mp->mnt_optnew, "kiconv",
175 	    &pmp->pm_flags, MSDOSFSMNT_KICONV);
176 
177 	if (vfs_getopt(mp->mnt_optnew, "nowin95", NULL, NULL) == 0)
178 		pmp->pm_flags |= MSDOSFSMNT_NOWIN95;
179 	else
180 		pmp->pm_flags &= ~MSDOSFSMNT_NOWIN95;
181 
182 	if (pmp->pm_flags & MSDOSFSMNT_NOWIN95)
183 		pmp->pm_flags |= MSDOSFSMNT_SHORTNAME;
184 	else
185 		pmp->pm_flags |= MSDOSFSMNT_LONGNAME;
186 	return 0;
187 }
188 
189 static int
190 msdosfs_cmount(struct mntarg *ma, void *data, uint64_t flags)
191 {
192 	struct msdosfs_args args;
193 	int error;
194 
195 	if (data == NULL)
196 		return (EINVAL);
197 	error = copyin(data, &args, sizeof args);
198 	if (error)
199 		return (error);
200 
201 	ma = mount_argsu(ma, "from", args.fspec, MAXPATHLEN);
202 	ma = mount_arg(ma, "export", &args.export, sizeof(args.export));
203 	ma = mount_argf(ma, "uid", "%d", args.uid);
204 	ma = mount_argf(ma, "gid", "%d", args.gid);
205 	ma = mount_argf(ma, "mask", "%d", args.mask);
206 	ma = mount_argf(ma, "dirmask", "%d", args.dirmask);
207 
208 	ma = mount_argb(ma, args.flags & MSDOSFSMNT_SHORTNAME, "noshortname");
209 	ma = mount_argb(ma, args.flags & MSDOSFSMNT_LONGNAME, "nolongname");
210 	ma = mount_argb(ma, !(args.flags & MSDOSFSMNT_NOWIN95), "nowin95");
211 	ma = mount_argb(ma, args.flags & MSDOSFSMNT_KICONV, "nokiconv");
212 
213 	ma = mount_argsu(ma, "cs_win", args.cs_win, MAXCSLEN);
214 	ma = mount_argsu(ma, "cs_dos", args.cs_dos, MAXCSLEN);
215 	ma = mount_argsu(ma, "cs_local", args.cs_local, MAXCSLEN);
216 
217 	error = kernel_mount(ma, flags);
218 
219 	return (error);
220 }
221 
222 /*
223  * mp - path - addr in user space of mount point (ie /usr or whatever)
224  * data - addr in user space of mount params including the name of the block
225  * special file to treat as a filesystem.
226  */
227 static int
228 msdosfs_mount(struct mount *mp)
229 {
230 	struct vnode *devvp;	  /* vnode for blk device to mount */
231 	struct thread *td;
232 	/* msdosfs specific mount control block */
233 	struct msdosfsmount *pmp = NULL;
234 	struct nameidata ndp;
235 	int error, flags;
236 	accmode_t accmode;
237 	char *from;
238 
239 	td = curthread;
240 	if (vfs_filteropt(mp->mnt_optnew, msdosfs_opts))
241 		return (EINVAL);
242 
243 	/*
244 	 * If updating, check whether changing from read-only to
245 	 * read/write; if there is no device name, that's all we do.
246 	 */
247 	if (mp->mnt_flag & MNT_UPDATE) {
248 		pmp = VFSTOMSDOSFS(mp);
249 		if (!(pmp->pm_flags & MSDOSFSMNT_RONLY) &&
250 		    vfs_flagopt(mp->mnt_optnew, "ro", NULL, 0)) {
251 			if ((error = vn_start_write(NULL, &mp, V_WAIT)) != 0)
252 				return (error);
253 			error = vfs_write_suspend_umnt(mp);
254 			if (error != 0)
255 				return (error);
256 
257 			flags = WRITECLOSE;
258 			if (mp->mnt_flag & MNT_FORCE)
259 				flags |= FORCECLOSE;
260 			error = vflush(mp, 0, flags, td);
261 			if (error != 0) {
262 				vfs_write_resume(mp, 0);
263 				return (error);
264 			}
265 
266 			/*
267 			 * Now the volume is clean.  Mark it so while the
268 			 * device is still rw.
269 			 */
270 			error = markvoldirty(pmp, 0);
271 			if (error != 0) {
272 				vfs_write_resume(mp, 0);
273 				(void)markvoldirty(pmp, 1);
274 				return (error);
275 			}
276 
277 			/* Downgrade the device from rw to ro. */
278 			g_topology_lock();
279 			error = g_access(pmp->pm_cp, 0, -1, 0);
280 			g_topology_unlock();
281 			if (error) {
282 				vfs_write_resume(mp, 0);
283 				(void)markvoldirty(pmp, 1);
284 				return (error);
285 			}
286 
287 			/*
288 			 * Backing out after an error was painful in the
289 			 * above.  Now we are committed to succeeding.
290 			 */
291 			pmp->pm_fmod = 0;
292 			pmp->pm_flags |= MSDOSFSMNT_RONLY;
293 			MNT_ILOCK(mp);
294 			mp->mnt_flag |= MNT_RDONLY;
295 			MNT_IUNLOCK(mp);
296 			vfs_write_resume(mp, 0);
297 		} else if ((pmp->pm_flags & MSDOSFSMNT_RONLY) &&
298 		    !vfs_flagopt(mp->mnt_optnew, "ro", NULL, 0)) {
299 			/*
300 			 * If upgrade to read-write by non-root, then verify
301 			 * that user has necessary permissions on the device.
302 			 */
303 			devvp = pmp->pm_devvp;
304 			vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY);
305 			error = VOP_ACCESS(devvp, VREAD | VWRITE,
306 			    td->td_ucred, td);
307 			if (error)
308 				error = priv_check(td, PRIV_VFS_MOUNT_PERM);
309 			if (error) {
310 				VOP_UNLOCK(devvp);
311 				return (error);
312 			}
313 			VOP_UNLOCK(devvp);
314 			g_topology_lock();
315 			error = g_access(pmp->pm_cp, 0, 1, 0);
316 			g_topology_unlock();
317 			if (error)
318 				return (error);
319 
320 			/* Now that the volume is modifiable, mark it dirty. */
321 			error = markvoldirty_upgrade(pmp, true, true);
322 			if (error) {
323 				/*
324 				 * If dirtying the superblock failed, drop GEOM
325 				 * 'w' refs (we're still RO).
326 				 */
327 				g_topology_lock();
328 				(void)g_access(pmp->pm_cp, 0, -1, 0);
329 				g_topology_unlock();
330 
331 				return (error);
332 			}
333 
334 			pmp->pm_fmod = 1;
335 			pmp->pm_flags &= ~MSDOSFSMNT_RONLY;
336 			MNT_ILOCK(mp);
337 			mp->mnt_flag &= ~MNT_RDONLY;
338 			MNT_IUNLOCK(mp);
339 		}
340 	}
341 	/*
342 	 * Not an update, or updating the name: look up the name
343 	 * and verify that it refers to a sensible disk device.
344 	 */
345 	if (vfs_getopt(mp->mnt_optnew, "from", (void **)&from, NULL))
346 		return (EINVAL);
347 	NDINIT(&ndp, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, from);
348 	error = namei(&ndp);
349 	if (error)
350 		return (error);
351 	devvp = ndp.ni_vp;
352 	NDFREE(&ndp, NDF_ONLY_PNBUF);
353 
354 	if (!vn_isdisk_error(devvp, &error)) {
355 		vput(devvp);
356 		return (error);
357 	}
358 	/*
359 	 * If mount by non-root, then verify that user has necessary
360 	 * permissions on the device.
361 	 */
362 	accmode = VREAD;
363 	if ((mp->mnt_flag & MNT_RDONLY) == 0)
364 		accmode |= VWRITE;
365 	error = VOP_ACCESS(devvp, accmode, td->td_ucred, td);
366 	if (error)
367 		error = priv_check(td, PRIV_VFS_MOUNT_PERM);
368 	if (error) {
369 		vput(devvp);
370 		return (error);
371 	}
372 	if ((mp->mnt_flag & MNT_UPDATE) == 0) {
373 		error = mountmsdosfs(devvp, mp);
374 #ifdef MSDOSFS_DEBUG		/* only needed for the printf below */
375 		pmp = VFSTOMSDOSFS(mp);
376 #endif
377 	} else {
378 		vput(devvp);
379 		if (devvp != pmp->pm_devvp)
380 			return (EINVAL);	/* XXX needs translation */
381 	}
382 	if (error) {
383 		vrele(devvp);
384 		return (error);
385 	}
386 
387 	error = update_mp(mp, td);
388 	if (error) {
389 		if ((mp->mnt_flag & MNT_UPDATE) == 0)
390 			msdosfs_unmount(mp, MNT_FORCE);
391 		return error;
392 	}
393 
394 	vfs_mountedfrom(mp, from);
395 #ifdef MSDOSFS_DEBUG
396 	printf("msdosfs_mount(): mp %p, pmp %p, inusemap %p\n", mp, pmp, pmp->pm_inusemap);
397 #endif
398 	return (0);
399 }
400 
401 static int
402 mountmsdosfs(struct vnode *devvp, struct mount *mp)
403 {
404 	struct msdosfsmount *pmp;
405 	struct buf *bp;
406 	struct cdev *dev;
407 	union bootsector *bsp;
408 	struct byte_bpb33 *b33;
409 	struct byte_bpb50 *b50;
410 	struct byte_bpb710 *b710;
411 	uint8_t SecPerClust;
412 	u_long clusters;
413 	int ronly, error;
414 	struct g_consumer *cp;
415 	struct bufobj *bo;
416 
417 	bp = NULL;		/* This and pmp both used in error_exit. */
418 	pmp = NULL;
419 	ronly = (mp->mnt_flag & MNT_RDONLY) != 0;
420 
421 	dev = devvp->v_rdev;
422 	if (atomic_cmpset_acq_ptr((uintptr_t *)&dev->si_mountpt, 0,
423 	    (uintptr_t)mp) == 0) {
424 		VOP_UNLOCK(devvp);
425 		return (EBUSY);
426 	}
427 	g_topology_lock();
428 	error = g_vfs_open(devvp, &cp, "msdosfs", ronly ? 0 : 1);
429 	g_topology_unlock();
430 	if (error != 0) {
431 		atomic_store_rel_ptr((uintptr_t *)&dev->si_mountpt, 0);
432 		VOP_UNLOCK(devvp);
433 		return (error);
434 	}
435 	dev_ref(dev);
436 	bo = &devvp->v_bufobj;
437 	VOP_UNLOCK(devvp);
438 	if (dev->si_iosize_max != 0)
439 		mp->mnt_iosize_max = dev->si_iosize_max;
440 	if (mp->mnt_iosize_max > maxphys)
441 		mp->mnt_iosize_max = maxphys;
442 
443 	/*
444 	 * Read the boot sector of the filesystem, and then check the
445 	 * boot signature.  If not a dos boot sector then error out.
446 	 *
447 	 * NOTE: 8192 is a magic size that works for ffs.
448 	 */
449 	error = bread(devvp, 0, 8192, NOCRED, &bp);
450 	if (error)
451 		goto error_exit;
452 	bp->b_flags |= B_AGE;
453 	bsp = (union bootsector *)bp->b_data;
454 	b33 = (struct byte_bpb33 *)bsp->bs33.bsBPB;
455 	b50 = (struct byte_bpb50 *)bsp->bs50.bsBPB;
456 	b710 = (struct byte_bpb710 *)bsp->bs710.bsBPB;
457 
458 #ifndef MSDOSFS_NOCHECKSIG
459 	if (bsp->bs50.bsBootSectSig0 != BOOTSIG0
460 	    || bsp->bs50.bsBootSectSig1 != BOOTSIG1) {
461 		error = EINVAL;
462 		goto error_exit;
463 	}
464 #endif
465 
466 	pmp = malloc(sizeof *pmp, M_MSDOSFSMNT, M_WAITOK | M_ZERO);
467 	pmp->pm_mountp = mp;
468 	pmp->pm_cp = cp;
469 	pmp->pm_bo = bo;
470 
471 	lockinit(&pmp->pm_fatlock, 0, msdosfs_lock_msg, 0, 0);
472 	lockinit(&pmp->pm_checkpath_lock, 0, "msdoscp", 0, 0);
473 
474 	/*
475 	 * Initialize ownerships and permissions, since nothing else will
476 	 * initialize them iff we are mounting root.
477 	 */
478 	pmp->pm_uid = UID_ROOT;
479 	pmp->pm_gid = GID_WHEEL;
480 	pmp->pm_mask = pmp->pm_dirmask = S_IXUSR | S_IXGRP | S_IXOTH |
481 	    S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR;
482 
483 	/*
484 	 * Compute several useful quantities from the bpb in the
485 	 * bootsector.  Copy in the dos 5 variant of the bpb then fix up
486 	 * the fields that are different between dos 5 and dos 3.3.
487 	 */
488 	SecPerClust = b50->bpbSecPerClust;
489 	pmp->pm_BytesPerSec = getushort(b50->bpbBytesPerSec);
490 	if (pmp->pm_BytesPerSec < DEV_BSIZE) {
491 		error = EINVAL;
492 		goto error_exit;
493 	}
494 	pmp->pm_ResSectors = getushort(b50->bpbResSectors);
495 	pmp->pm_FATs = b50->bpbFATs;
496 	pmp->pm_RootDirEnts = getushort(b50->bpbRootDirEnts);
497 	pmp->pm_Sectors = getushort(b50->bpbSectors);
498 	pmp->pm_FATsecs = getushort(b50->bpbFATsecs);
499 	pmp->pm_SecPerTrack = getushort(b50->bpbSecPerTrack);
500 	pmp->pm_Heads = getushort(b50->bpbHeads);
501 	pmp->pm_Media = b50->bpbMedia;
502 
503 	/* calculate the ratio of sector size to DEV_BSIZE */
504 	pmp->pm_BlkPerSec = pmp->pm_BytesPerSec / DEV_BSIZE;
505 
506 	/*
507 	 * We don't check pm_Heads nor pm_SecPerTrack, because
508 	 * these may not be set for EFI file systems. We don't
509 	 * use these anyway, so we're unaffected if they are
510 	 * invalid.
511 	 */
512 	if (!pmp->pm_BytesPerSec || !SecPerClust) {
513 		error = EINVAL;
514 		goto error_exit;
515 	}
516 
517 	if (pmp->pm_Sectors == 0) {
518 		pmp->pm_HiddenSects = getulong(b50->bpbHiddenSecs);
519 		pmp->pm_HugeSectors = getulong(b50->bpbHugeSectors);
520 	} else {
521 		pmp->pm_HiddenSects = getushort(b33->bpbHiddenSecs);
522 		pmp->pm_HugeSectors = pmp->pm_Sectors;
523 	}
524 
525 	if (pmp->pm_RootDirEnts == 0) {
526 		if (pmp->pm_FATsecs
527 		    || getushort(b710->bpbFSVers)) {
528 			error = EINVAL;
529 #ifdef MSDOSFS_DEBUG
530 			printf("mountmsdosfs(): bad FAT32 filesystem\n");
531 #endif
532 			goto error_exit;
533 		}
534 		pmp->pm_fatmask = FAT32_MASK;
535 		pmp->pm_fatmult = 4;
536 		pmp->pm_fatdiv = 1;
537 		pmp->pm_FATsecs = getulong(b710->bpbBigFATsecs);
538 		if (getushort(b710->bpbExtFlags) & FATMIRROR)
539 			pmp->pm_curfat = getushort(b710->bpbExtFlags) & FATNUM;
540 		else
541 			pmp->pm_flags |= MSDOSFS_FATMIRROR;
542 	} else
543 		pmp->pm_flags |= MSDOSFS_FATMIRROR;
544 
545 	/*
546 	 * Check a few values (could do some more):
547 	 * - logical sector size: power of 2, >= block size
548 	 * - sectors per cluster: power of 2, >= 1
549 	 * - number of sectors:   >= 1, <= size of partition
550 	 * - number of FAT sectors: >= 1
551 	 */
552 	if ( (SecPerClust == 0)
553 	  || (SecPerClust & (SecPerClust - 1))
554 	  || (pmp->pm_BytesPerSec < DEV_BSIZE)
555 	  || (pmp->pm_BytesPerSec & (pmp->pm_BytesPerSec - 1))
556 	  || (pmp->pm_HugeSectors == 0)
557 	  || (pmp->pm_FATsecs == 0)
558 	  || (SecPerClust * pmp->pm_BlkPerSec > MAXBSIZE / DEV_BSIZE)
559 	) {
560 		error = EINVAL;
561 		goto error_exit;
562 	}
563 
564 	pmp->pm_HugeSectors *= pmp->pm_BlkPerSec;
565 	pmp->pm_HiddenSects *= pmp->pm_BlkPerSec;	/* XXX not used? */
566 	pmp->pm_FATsecs     *= pmp->pm_BlkPerSec;
567 	SecPerClust         *= pmp->pm_BlkPerSec;
568 
569 	pmp->pm_fatblk = pmp->pm_ResSectors * pmp->pm_BlkPerSec;
570 
571 	if (FAT32(pmp)) {
572 		pmp->pm_rootdirblk = getulong(b710->bpbRootClust);
573 		pmp->pm_firstcluster = pmp->pm_fatblk
574 			+ (pmp->pm_FATs * pmp->pm_FATsecs);
575 		pmp->pm_fsinfo = getushort(b710->bpbFSInfo) * pmp->pm_BlkPerSec;
576 	} else {
577 		pmp->pm_rootdirblk = pmp->pm_fatblk +
578 			(pmp->pm_FATs * pmp->pm_FATsecs);
579 		pmp->pm_rootdirsize = howmany(pmp->pm_RootDirEnts *
580 			sizeof(struct direntry), DEV_BSIZE); /* in blocks */
581 		pmp->pm_firstcluster = pmp->pm_rootdirblk + pmp->pm_rootdirsize;
582 	}
583 
584 	pmp->pm_maxcluster = (pmp->pm_HugeSectors - pmp->pm_firstcluster) /
585 	    SecPerClust + 1;
586 	pmp->pm_fatsize = pmp->pm_FATsecs * DEV_BSIZE;	/* XXX not used? */
587 
588 	if (pmp->pm_fatmask == 0) {
589 		if (pmp->pm_maxcluster
590 		    <= ((CLUST_RSRVD - CLUST_FIRST) & FAT12_MASK)) {
591 			/*
592 			 * This will usually be a floppy disk. This size makes
593 			 * sure that one FAT entry will not be split across
594 			 * multiple blocks.
595 			 */
596 			pmp->pm_fatmask = FAT12_MASK;
597 			pmp->pm_fatmult = 3;
598 			pmp->pm_fatdiv = 2;
599 		} else {
600 			pmp->pm_fatmask = FAT16_MASK;
601 			pmp->pm_fatmult = 2;
602 			pmp->pm_fatdiv = 1;
603 		}
604 	}
605 
606 	clusters = (pmp->pm_fatsize / pmp->pm_fatmult) * pmp->pm_fatdiv;
607 	if (pmp->pm_maxcluster >= clusters) {
608 #ifdef MSDOSFS_DEBUG
609 		printf("Warning: number of clusters (%ld) exceeds FAT "
610 		    "capacity (%ld)\n", pmp->pm_maxcluster + 1, clusters);
611 #endif
612 		pmp->pm_maxcluster = clusters - 1;
613 	}
614 
615 	if (FAT12(pmp))
616 		pmp->pm_fatblocksize = 3 * 512;
617 	else
618 		pmp->pm_fatblocksize = PAGE_SIZE;
619 	pmp->pm_fatblocksize = roundup(pmp->pm_fatblocksize,
620 	    pmp->pm_BytesPerSec);
621 	pmp->pm_fatblocksec = pmp->pm_fatblocksize / DEV_BSIZE;
622 	pmp->pm_bnshift = ffs(DEV_BSIZE) - 1;
623 
624 	/*
625 	 * Compute mask and shift value for isolating cluster relative byte
626 	 * offsets and cluster numbers from a file offset.
627 	 */
628 	pmp->pm_bpcluster = SecPerClust * DEV_BSIZE;
629 	pmp->pm_crbomask = pmp->pm_bpcluster - 1;
630 	pmp->pm_cnshift = ffs(pmp->pm_bpcluster) - 1;
631 
632 	/*
633 	 * Check for valid cluster size
634 	 * must be a power of 2
635 	 */
636 	if (pmp->pm_bpcluster ^ (1 << pmp->pm_cnshift)) {
637 		error = EINVAL;
638 		goto error_exit;
639 	}
640 
641 	/*
642 	 * Release the bootsector buffer.
643 	 */
644 	brelse(bp);
645 	bp = NULL;
646 
647 	/*
648 	 * Check the fsinfo sector if we have one.  Silently fix up our
649 	 * in-core copy of fp->fsinxtfree if it is unknown (0xffffffff)
650 	 * or too large.  Ignore fp->fsinfree for now, since we need to
651 	 * read the entire FAT anyway to fill the inuse map.
652 	 */
653 	if (pmp->pm_fsinfo) {
654 		struct fsinfo *fp;
655 
656 		if ((error = bread(devvp, pmp->pm_fsinfo, pmp->pm_BytesPerSec,
657 		    NOCRED, &bp)) != 0)
658 			goto error_exit;
659 		fp = (struct fsinfo *)bp->b_data;
660 		if (!bcmp(fp->fsisig1, "RRaA", 4)
661 		    && !bcmp(fp->fsisig2, "rrAa", 4)
662 		    && !bcmp(fp->fsisig3, "\0\0\125\252", 4)) {
663 			pmp->pm_nxtfree = getulong(fp->fsinxtfree);
664 			if (pmp->pm_nxtfree > pmp->pm_maxcluster)
665 				pmp->pm_nxtfree = CLUST_FIRST;
666 		} else
667 			pmp->pm_fsinfo = 0;
668 		brelse(bp);
669 		bp = NULL;
670 	}
671 
672 	/*
673 	 * Finish initializing pmp->pm_nxtfree (just in case the first few
674 	 * sectors aren't properly reserved in the FAT).  This completes
675 	 * the fixup for fp->fsinxtfree, and fixes up the zero-initialized
676 	 * value if there is no fsinfo.  We will use pmp->pm_nxtfree
677 	 * internally even if there is no fsinfo.
678 	 */
679 	if (pmp->pm_nxtfree < CLUST_FIRST)
680 		pmp->pm_nxtfree = CLUST_FIRST;
681 
682 	/*
683 	 * Allocate memory for the bitmap of allocated clusters, and then
684 	 * fill it in.
685 	 */
686 	pmp->pm_inusemap = malloc(howmany(pmp->pm_maxcluster + 1, N_INUSEBITS)
687 				  * sizeof(*pmp->pm_inusemap),
688 				  M_MSDOSFSFAT, M_WAITOK);
689 
690 	/*
691 	 * fillinusemap() needs pm_devvp.
692 	 */
693 	pmp->pm_devvp = devvp;
694 	pmp->pm_dev = dev;
695 
696 	/*
697 	 * Have the inuse map filled in.
698 	 */
699 	MSDOSFS_LOCK_MP(pmp);
700 	error = fillinusemap(pmp);
701 	MSDOSFS_UNLOCK_MP(pmp);
702 	if (error != 0)
703 		goto error_exit;
704 
705 	/*
706 	 * If they want FAT updates to be synchronous then let them suffer
707 	 * the performance degradation in exchange for the on disk copy of
708 	 * the FAT being correct just about all the time.  I suppose this
709 	 * would be a good thing to turn on if the kernel is still flakey.
710 	 */
711 	if (mp->mnt_flag & MNT_SYNCHRONOUS)
712 		pmp->pm_flags |= MSDOSFSMNT_WAITONFAT;
713 
714 	/*
715 	 * Finish up.
716 	 */
717 	if (ronly)
718 		pmp->pm_flags |= MSDOSFSMNT_RONLY;
719 	else {
720 		if ((error = markvoldirty(pmp, 1)) != 0)
721 			goto error_exit;
722 		pmp->pm_fmod = 1;
723 	}
724 	mp->mnt_data =  pmp;
725 	mp->mnt_stat.f_fsid.val[0] = dev2udev(dev);
726 	mp->mnt_stat.f_fsid.val[1] = mp->mnt_vfc->vfc_typenum;
727 	MNT_ILOCK(mp);
728 	mp->mnt_flag |= MNT_LOCAL;
729 	mp->mnt_kern_flag |= MNTK_USES_BCACHE | MNTK_NO_IOPF;
730 	MNT_IUNLOCK(mp);
731 
732 	return (0);
733 
734 error_exit:
735 	if (bp)
736 		brelse(bp);
737 	if (cp != NULL) {
738 		g_topology_lock();
739 		g_vfs_close(cp);
740 		g_topology_unlock();
741 	}
742 	if (pmp) {
743 		lockdestroy(&pmp->pm_fatlock);
744 		lockdestroy(&pmp->pm_checkpath_lock);
745 		free(pmp->pm_inusemap, M_MSDOSFSFAT);
746 		free(pmp, M_MSDOSFSMNT);
747 		mp->mnt_data = NULL;
748 	}
749 	atomic_store_rel_ptr((uintptr_t *)&dev->si_mountpt, 0);
750 	dev_rel(dev);
751 	return (error);
752 }
753 
754 /*
755  * Unmount the filesystem described by mp.
756  */
757 static int
758 msdosfs_unmount(struct mount *mp, int mntflags)
759 {
760 	struct msdosfsmount *pmp;
761 	int error, flags;
762 	bool susp;
763 
764 	error = flags = 0;
765 	pmp = VFSTOMSDOSFS(mp);
766 	susp = (pmp->pm_flags & MSDOSFSMNT_RONLY) == 0;
767 
768 	if (susp) {
769 		error = vfs_write_suspend_umnt(mp);
770 		if (error != 0)
771 			return (error);
772 	}
773 
774 	if ((mntflags & MNT_FORCE) != 0)
775 		flags |= FORCECLOSE;
776 	error = vflush(mp, 0, flags, curthread);
777 	if (error != 0 && error != ENXIO) {
778 		if (susp)
779 			vfs_write_resume(mp, VR_START_WRITE);
780 		return (error);
781 	}
782 	if (susp) {
783 		error = markvoldirty(pmp, 0);
784 		if (error != 0 && error != ENXIO) {
785 			if (susp)
786 				vfs_write_resume(mp, VR_START_WRITE);
787 			(void)markvoldirty(pmp, 1);
788 			return (error);
789 		}
790 	}
791 	if (pmp->pm_flags & MSDOSFSMNT_KICONV && msdosfs_iconv) {
792 		if (pmp->pm_w2u)
793 			msdosfs_iconv->close(pmp->pm_w2u);
794 		if (pmp->pm_u2w)
795 			msdosfs_iconv->close(pmp->pm_u2w);
796 		if (pmp->pm_d2u)
797 			msdosfs_iconv->close(pmp->pm_d2u);
798 		if (pmp->pm_u2d)
799 			msdosfs_iconv->close(pmp->pm_u2d);
800 	}
801 
802 #ifdef MSDOSFS_DEBUG
803 	{
804 		struct vnode *vp = pmp->pm_devvp;
805 		struct bufobj *bo;
806 
807 		bo = &vp->v_bufobj;
808 		BO_LOCK(bo);
809 		VI_LOCK(vp);
810 		vn_printf(vp,
811 		    "msdosfs_umount(): just before calling VOP_CLOSE()\n");
812 		printf("freef %p, freeb %p, mount %p\n",
813 		    TAILQ_NEXT(vp, v_vnodelist), vp->v_vnodelist.tqe_prev,
814 		    vp->v_mount);
815 		printf("cleanblkhd %p, dirtyblkhd %p, numoutput %d, type %d\n",
816 		    TAILQ_FIRST(&vp->v_bufobj.bo_clean.bv_hd),
817 		    TAILQ_FIRST(&vp->v_bufobj.bo_dirty.bv_hd),
818 		    vp->v_bufobj.bo_numoutput, vp->v_type);
819 		VI_UNLOCK(vp);
820 		BO_UNLOCK(bo);
821 	}
822 #endif
823 	if (susp)
824 		vfs_write_resume(mp, VR_START_WRITE);
825 
826 	g_topology_lock();
827 	g_vfs_close(pmp->pm_cp);
828 	g_topology_unlock();
829 	atomic_store_rel_ptr((uintptr_t *)&pmp->pm_dev->si_mountpt, 0);
830 	vrele(pmp->pm_devvp);
831 	dev_rel(pmp->pm_dev);
832 	free(pmp->pm_inusemap, M_MSDOSFSFAT);
833 	lockdestroy(&pmp->pm_fatlock);
834 	lockdestroy(&pmp->pm_checkpath_lock);
835 	free(pmp, M_MSDOSFSMNT);
836 	mp->mnt_data = NULL;
837 	MNT_ILOCK(mp);
838 	mp->mnt_flag &= ~MNT_LOCAL;
839 	MNT_IUNLOCK(mp);
840 	return (error);
841 }
842 
843 static int
844 msdosfs_root(struct mount *mp, int flags, struct vnode **vpp)
845 {
846 	struct msdosfsmount *pmp = VFSTOMSDOSFS(mp);
847 	struct denode *ndep;
848 	int error;
849 
850 #ifdef MSDOSFS_DEBUG
851 	printf("msdosfs_root(); mp %p, pmp %p\n", mp, pmp);
852 #endif
853 	error = deget(pmp, MSDOSFSROOT, MSDOSFSROOT_OFS, LK_EXCLUSIVE, &ndep);
854 	if (error)
855 		return (error);
856 	*vpp = DETOV(ndep);
857 	return (0);
858 }
859 
860 static int
861 msdosfs_statfs(struct mount *mp, struct statfs *sbp)
862 {
863 	struct msdosfsmount *pmp;
864 
865 	pmp = VFSTOMSDOSFS(mp);
866 	sbp->f_bsize = pmp->pm_bpcluster;
867 	sbp->f_iosize = pmp->pm_bpcluster;
868 	sbp->f_blocks = pmp->pm_maxcluster + 1;
869 	sbp->f_bfree = pmp->pm_freeclustercount;
870 	sbp->f_bavail = pmp->pm_freeclustercount;
871 	sbp->f_files = pmp->pm_RootDirEnts;	/* XXX */
872 	sbp->f_ffree = 0;	/* what to put in here? */
873 	return (0);
874 }
875 
876 /*
877  * If we have an FSInfo block, update it.
878  */
879 static int
880 msdosfs_fsiflush(struct msdosfsmount *pmp, int waitfor)
881 {
882 	struct fsinfo *fp;
883 	struct buf *bp;
884 	int error;
885 
886 	MSDOSFS_LOCK_MP(pmp);
887 	if (pmp->pm_fsinfo == 0 || (pmp->pm_flags & MSDOSFS_FSIMOD) == 0) {
888 		error = 0;
889 		goto unlock;
890 	}
891 	error = bread(pmp->pm_devvp, pmp->pm_fsinfo, pmp->pm_BytesPerSec,
892 	    NOCRED, &bp);
893 	if (error != 0) {
894 		goto unlock;
895 	}
896 	fp = (struct fsinfo *)bp->b_data;
897 	putulong(fp->fsinfree, pmp->pm_freeclustercount);
898 	putulong(fp->fsinxtfree, pmp->pm_nxtfree);
899 	pmp->pm_flags &= ~MSDOSFS_FSIMOD;
900 	if (waitfor == MNT_WAIT)
901 		error = bwrite(bp);
902 	else
903 		bawrite(bp);
904 unlock:
905 	MSDOSFS_UNLOCK_MP(pmp);
906 	return (error);
907 }
908 
909 static int
910 msdosfs_sync(struct mount *mp, int waitfor)
911 {
912 	struct vnode *vp, *nvp;
913 	struct thread *td;
914 	struct denode *dep;
915 	struct msdosfsmount *pmp = VFSTOMSDOSFS(mp);
916 	int error, allerror = 0;
917 
918 	td = curthread;
919 
920 	/*
921 	 * If we ever switch to not updating all of the FATs all the time,
922 	 * this would be the place to update them from the first one.
923 	 */
924 	if (pmp->pm_fmod != 0) {
925 		if (pmp->pm_flags & MSDOSFSMNT_RONLY)
926 			panic("msdosfs_sync: rofs mod");
927 		else {
928 			/* update FATs here */
929 		}
930 	}
931 	/*
932 	 * Write back each (modified) denode.
933 	 */
934 loop:
935 	MNT_VNODE_FOREACH_ALL(vp, mp, nvp) {
936 		if (vp->v_type == VNON) {
937 			VI_UNLOCK(vp);
938 			continue;
939 		}
940 		dep = VTODE(vp);
941 		if ((dep->de_flag &
942 		    (DE_ACCESS | DE_CREATE | DE_UPDATE | DE_MODIFIED)) == 0 &&
943 		    (vp->v_bufobj.bo_dirty.bv_cnt == 0 ||
944 		    waitfor == MNT_LAZY)) {
945 			VI_UNLOCK(vp);
946 			continue;
947 		}
948 		error = vget(vp, LK_EXCLUSIVE | LK_NOWAIT | LK_INTERLOCK);
949 		if (error) {
950 			if (error == ENOENT) {
951 				MNT_VNODE_FOREACH_ALL_ABORT(mp, nvp);
952 				goto loop;
953 			}
954 			continue;
955 		}
956 		error = VOP_FSYNC(vp, waitfor, td);
957 		if (error)
958 			allerror = error;
959 		VOP_UNLOCK(vp);
960 		vrele(vp);
961 	}
962 
963 	/*
964 	 * Flush filesystem control info.
965 	 */
966 	if (waitfor != MNT_LAZY) {
967 		vn_lock(pmp->pm_devvp, LK_EXCLUSIVE | LK_RETRY);
968 		error = VOP_FSYNC(pmp->pm_devvp, waitfor, td);
969 		if (error)
970 			allerror = error;
971 		VOP_UNLOCK(pmp->pm_devvp);
972 	}
973 
974 	error = msdosfs_fsiflush(pmp, waitfor);
975 	if (error != 0)
976 		allerror = error;
977 
978 	if (allerror == 0 && waitfor == MNT_SUSPEND) {
979 		MNT_ILOCK(mp);
980 		mp->mnt_kern_flag |= MNTK_SUSPEND2 | MNTK_SUSPENDED;
981 		MNT_IUNLOCK(mp);
982 	}
983 	return (allerror);
984 }
985 
986 static int
987 msdosfs_fhtovp(struct mount *mp, struct fid *fhp, int flags, struct vnode **vpp)
988 {
989 	struct msdosfsmount *pmp = VFSTOMSDOSFS(mp);
990 	struct defid *defhp = (struct defid *) fhp;
991 	struct denode *dep;
992 	int error;
993 
994 	error = deget(pmp, defhp->defid_dirclust, defhp->defid_dirofs,
995 	    LK_EXCLUSIVE, &dep);
996 	if (error) {
997 		*vpp = NULLVP;
998 		return (error);
999 	}
1000 	*vpp = DETOV(dep);
1001 	vnode_create_vobject(*vpp, dep->de_FileSize, curthread);
1002 	return (0);
1003 }
1004 
1005 static struct vfsops msdosfs_vfsops = {
1006 	.vfs_fhtovp =		msdosfs_fhtovp,
1007 	.vfs_mount =		msdosfs_mount,
1008 	.vfs_cmount =		msdosfs_cmount,
1009 	.vfs_root =		msdosfs_root,
1010 	.vfs_statfs =		msdosfs_statfs,
1011 	.vfs_sync =		msdosfs_sync,
1012 	.vfs_unmount =		msdosfs_unmount,
1013 };
1014 
1015 VFS_SET(msdosfs_vfsops, msdosfs, 0);
1016 MODULE_VERSION(msdosfs, 1);
1017