xref: /freebsd/sys/fs/tmpfs/tmpfs_subr.c (revision c7046f76c2c027b00c0e6ba57cfd28f1a78f5e23)
1 /*	$NetBSD: tmpfs_subr.c,v 1.35 2007/07/09 21:10:50 ad Exp $	*/
2 
3 /*-
4  * SPDX-License-Identifier: BSD-2-Clause-NetBSD
5  *
6  * Copyright (c) 2005 The NetBSD Foundation, Inc.
7  * All rights reserved.
8  *
9  * This code is derived from software contributed to The NetBSD Foundation
10  * by Julio M. Merino Vidal, developed as part of Google's Summer of Code
11  * 2005 program.
12  *
13  * Redistribution and use in source and binary forms, with or without
14  * modification, are permitted provided that the following conditions
15  * are met:
16  * 1. Redistributions of source code must retain the above copyright
17  *    notice, this list of conditions and the following disclaimer.
18  * 2. Redistributions in binary form must reproduce the above copyright
19  *    notice, this list of conditions and the following disclaimer in the
20  *    documentation and/or other materials provided with the distribution.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
23  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
24  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
25  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
26  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
27  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32  * POSSIBILITY OF SUCH DAMAGE.
33  */
34 
35 /*
36  * Efficient memory file system supporting functions.
37  */
38 #include <sys/cdefs.h>
39 __FBSDID("$FreeBSD$");
40 
41 #include <sys/param.h>
42 #include <sys/systm.h>
43 #include <sys/dirent.h>
44 #include <sys/fnv_hash.h>
45 #include <sys/lock.h>
46 #include <sys/limits.h>
47 #include <sys/mount.h>
48 #include <sys/namei.h>
49 #include <sys/priv.h>
50 #include <sys/proc.h>
51 #include <sys/random.h>
52 #include <sys/refcount.h>
53 #include <sys/rwlock.h>
54 #include <sys/smr.h>
55 #include <sys/stat.h>
56 #include <sys/sysctl.h>
57 #include <sys/user.h>
58 #include <sys/vnode.h>
59 #include <sys/vmmeter.h>
60 
61 #include <vm/vm.h>
62 #include <vm/vm_param.h>
63 #include <vm/vm_object.h>
64 #include <vm/vm_page.h>
65 #include <vm/vm_pageout.h>
66 #include <vm/vm_pager.h>
67 #include <vm/vm_extern.h>
68 #include <vm/swap_pager.h>
69 
70 #include <fs/tmpfs/tmpfs.h>
71 #include <fs/tmpfs/tmpfs_fifoops.h>
72 #include <fs/tmpfs/tmpfs_vnops.h>
73 
74 SYSCTL_NODE(_vfs, OID_AUTO, tmpfs, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
75     "tmpfs file system");
76 
77 static long tmpfs_pages_reserved = TMPFS_PAGES_MINRESERVED;
78 
79 MALLOC_DEFINE(M_TMPFSDIR, "tmpfs dir", "tmpfs dirent structure");
80 static uma_zone_t tmpfs_node_pool;
81 VFS_SMR_DECLARE;
82 
83 int tmpfs_pager_type = -1;
84 
85 static vm_object_t
86 tmpfs_pager_alloc(void *handle, vm_ooffset_t size, vm_prot_t prot,
87     vm_ooffset_t offset, struct ucred *cred)
88 {
89 	vm_object_t object;
90 
91 	MPASS(handle == NULL);
92 	MPASS(offset == 0);
93 	object = vm_object_allocate_dyn(tmpfs_pager_type, size,
94 	    OBJ_COLORED | OBJ_SWAP);
95 	if (!swap_pager_init_object(object, NULL, NULL, size, 0)) {
96 		vm_object_deallocate(object);
97 		object = NULL;
98 	}
99 	return (object);
100 }
101 
102 /*
103  * Make sure tmpfs vnodes with writable mappings can be found on the lazy list.
104  *
105  * This allows for periodic mtime updates while only scanning vnodes which are
106  * plausibly dirty, see tmpfs_update_mtime_lazy.
107  */
108 static void
109 tmpfs_pager_writecount_recalc(vm_object_t object, vm_offset_t old,
110     vm_offset_t new)
111 {
112 	struct vnode *vp;
113 
114 	VM_OBJECT_ASSERT_WLOCKED(object);
115 
116 	vp = object->un_pager.swp.swp_tmpfs;
117 
118 	/*
119 	 * Forced unmount?
120 	 */
121 	if (vp == NULL) {
122 		KASSERT((object->flags & OBJ_TMPFS_VREF) == 0,
123 		    ("object %p with OBJ_TMPFS_VREF but without vnode", object));
124 		VM_OBJECT_WUNLOCK(object);
125 		return;
126 	}
127 
128 	if (old == 0) {
129 		VNASSERT((object->flags & OBJ_TMPFS_VREF) == 0, vp,
130 		    ("object without writable mappings has a reference"));
131 		VNPASS(vp->v_usecount > 0, vp);
132 	} else {
133 		VNASSERT((object->flags & OBJ_TMPFS_VREF) != 0, vp,
134 		    ("object with writable mappings does not have a reference"));
135 	}
136 
137 	if (old == new) {
138 		VM_OBJECT_WUNLOCK(object);
139 		return;
140 	}
141 
142 	if (new == 0) {
143 		vm_object_clear_flag(object, OBJ_TMPFS_VREF);
144 		VM_OBJECT_WUNLOCK(object);
145 		vrele(vp);
146 	} else {
147 		if ((object->flags & OBJ_TMPFS_VREF) == 0) {
148 			vref(vp);
149 			vlazy(vp);
150 			vm_object_set_flag(object, OBJ_TMPFS_VREF);
151 		}
152 		VM_OBJECT_WUNLOCK(object);
153 	}
154 }
155 
156 static void
157 tmpfs_pager_update_writecount(vm_object_t object, vm_offset_t start,
158     vm_offset_t end)
159 {
160 	vm_offset_t new, old;
161 
162 	VM_OBJECT_WLOCK(object);
163 	KASSERT((object->flags & OBJ_ANON) == 0,
164 	    ("%s: object %p with OBJ_ANON", __func__, object));
165 	old = object->un_pager.swp.writemappings;
166 	object->un_pager.swp.writemappings += (vm_ooffset_t)end - start;
167 	new = object->un_pager.swp.writemappings;
168 	tmpfs_pager_writecount_recalc(object, old, new);
169 	VM_OBJECT_ASSERT_UNLOCKED(object);
170 }
171 
172 static void
173 tmpfs_pager_release_writecount(vm_object_t object, vm_offset_t start,
174     vm_offset_t end)
175 {
176 	vm_offset_t new, old;
177 
178 	VM_OBJECT_WLOCK(object);
179 	KASSERT((object->flags & OBJ_ANON) == 0,
180 	    ("%s: object %p with OBJ_ANON", __func__, object));
181 	old = object->un_pager.swp.writemappings;
182 	object->un_pager.swp.writemappings -= (vm_ooffset_t)end - start;
183 	new = object->un_pager.swp.writemappings;
184 	tmpfs_pager_writecount_recalc(object, old, new);
185 	VM_OBJECT_ASSERT_UNLOCKED(object);
186 }
187 
188 static void
189 tmpfs_pager_getvp(vm_object_t object, struct vnode **vpp, bool *vp_heldp)
190 {
191 	struct vnode *vp;
192 
193 	/*
194 	 * Tmpfs VREG node, which was reclaimed, has tmpfs_pager_type
195 	 * type, but not OBJ_TMPFS flag.  In this case there is no
196 	 * v_writecount to adjust.
197 	 */
198 	if (vp_heldp != NULL)
199 		VM_OBJECT_RLOCK(object);
200 	else
201 		VM_OBJECT_ASSERT_LOCKED(object);
202 	if ((object->flags & OBJ_TMPFS) != 0) {
203 		vp = object->un_pager.swp.swp_tmpfs;
204 		if (vp != NULL) {
205 			*vpp = vp;
206 			if (vp_heldp != NULL) {
207 				vhold(vp);
208 				*vp_heldp = true;
209 			}
210 		}
211 	}
212 	if (vp_heldp != NULL)
213 		VM_OBJECT_RUNLOCK(object);
214 }
215 
216 struct pagerops tmpfs_pager_ops = {
217 	.pgo_kvme_type = KVME_TYPE_VNODE,
218 	.pgo_alloc = tmpfs_pager_alloc,
219 	.pgo_set_writeable_dirty = vm_object_set_writeable_dirty_,
220 	.pgo_update_writecount = tmpfs_pager_update_writecount,
221 	.pgo_release_writecount = tmpfs_pager_release_writecount,
222 	.pgo_mightbedirty = vm_object_mightbedirty_,
223 	.pgo_getvp = tmpfs_pager_getvp,
224 };
225 
226 static int
227 tmpfs_node_ctor(void *mem, int size, void *arg, int flags)
228 {
229 	struct tmpfs_node *node;
230 
231 	node = mem;
232 	node->tn_gen++;
233 	node->tn_size = 0;
234 	node->tn_status = 0;
235 	node->tn_accessed = false;
236 	node->tn_flags = 0;
237 	node->tn_links = 0;
238 	node->tn_vnode = NULL;
239 	node->tn_vpstate = 0;
240 	return (0);
241 }
242 
243 static void
244 tmpfs_node_dtor(void *mem, int size, void *arg)
245 {
246 	struct tmpfs_node *node;
247 
248 	node = mem;
249 	node->tn_type = VNON;
250 }
251 
252 static int
253 tmpfs_node_init(void *mem, int size, int flags)
254 {
255 	struct tmpfs_node *node;
256 
257 	node = mem;
258 	node->tn_id = 0;
259 	mtx_init(&node->tn_interlock, "tmpfsni", NULL, MTX_DEF);
260 	node->tn_gen = arc4random();
261 	return (0);
262 }
263 
264 static void
265 tmpfs_node_fini(void *mem, int size)
266 {
267 	struct tmpfs_node *node;
268 
269 	node = mem;
270 	mtx_destroy(&node->tn_interlock);
271 }
272 
273 int
274 tmpfs_subr_init(void)
275 {
276 	tmpfs_pager_type = vm_pager_alloc_dyn_type(&tmpfs_pager_ops,
277 	    OBJT_SWAP);
278 	if (tmpfs_pager_type == -1)
279 		return (EINVAL);
280 	tmpfs_node_pool = uma_zcreate("TMPFS node",
281 	    sizeof(struct tmpfs_node), tmpfs_node_ctor, tmpfs_node_dtor,
282 	    tmpfs_node_init, tmpfs_node_fini, UMA_ALIGN_PTR, 0);
283 	VFS_SMR_ZONE_SET(tmpfs_node_pool);
284 	return (0);
285 }
286 
287 void
288 tmpfs_subr_uninit(void)
289 {
290 	if (tmpfs_pager_type != -1)
291 		vm_pager_free_dyn_type(tmpfs_pager_type);
292 	tmpfs_pager_type = -1;
293 	uma_zdestroy(tmpfs_node_pool);
294 }
295 
296 static int
297 sysctl_mem_reserved(SYSCTL_HANDLER_ARGS)
298 {
299 	int error;
300 	long pages, bytes;
301 
302 	pages = *(long *)arg1;
303 	bytes = pages * PAGE_SIZE;
304 
305 	error = sysctl_handle_long(oidp, &bytes, 0, req);
306 	if (error || !req->newptr)
307 		return (error);
308 
309 	pages = bytes / PAGE_SIZE;
310 	if (pages < TMPFS_PAGES_MINRESERVED)
311 		return (EINVAL);
312 
313 	*(long *)arg1 = pages;
314 	return (0);
315 }
316 
317 SYSCTL_PROC(_vfs_tmpfs, OID_AUTO, memory_reserved,
318     CTLTYPE_LONG|CTLFLAG_MPSAFE|CTLFLAG_RW, &tmpfs_pages_reserved, 0,
319     sysctl_mem_reserved, "L",
320     "Amount of available memory and swap below which tmpfs growth stops");
321 
322 static __inline int tmpfs_dirtree_cmp(struct tmpfs_dirent *a,
323     struct tmpfs_dirent *b);
324 RB_PROTOTYPE_STATIC(tmpfs_dir, tmpfs_dirent, uh.td_entries, tmpfs_dirtree_cmp);
325 
326 size_t
327 tmpfs_mem_avail(void)
328 {
329 	size_t avail;
330 	long reserved;
331 
332 	avail = swap_pager_avail + vm_free_count();
333 	reserved = atomic_load_long(&tmpfs_pages_reserved);
334 	if (__predict_false(avail < reserved))
335 		return (0);
336 	return (avail - reserved);
337 }
338 
339 size_t
340 tmpfs_pages_used(struct tmpfs_mount *tmp)
341 {
342 	const size_t node_size = sizeof(struct tmpfs_node) +
343 	    sizeof(struct tmpfs_dirent);
344 	size_t meta_pages;
345 
346 	meta_pages = howmany((uintmax_t)tmp->tm_nodes_inuse * node_size,
347 	    PAGE_SIZE);
348 	return (meta_pages + tmp->tm_pages_used);
349 }
350 
351 static size_t
352 tmpfs_pages_check_avail(struct tmpfs_mount *tmp, size_t req_pages)
353 {
354 	if (tmpfs_mem_avail() < req_pages)
355 		return (0);
356 
357 	if (tmp->tm_pages_max != ULONG_MAX &&
358 	    tmp->tm_pages_max < req_pages + tmpfs_pages_used(tmp))
359 			return (0);
360 
361 	return (1);
362 }
363 
364 static int
365 tmpfs_partial_page_invalidate(vm_object_t object, vm_pindex_t idx, int base,
366     int end, boolean_t ignerr)
367 {
368 	vm_page_t m;
369 	int rv, error;
370 
371 	VM_OBJECT_ASSERT_WLOCKED(object);
372 	KASSERT(base >= 0, ("%s: base %d", __func__, base));
373 	KASSERT(end - base <= PAGE_SIZE, ("%s: base %d end %d", __func__, base,
374 	    end));
375 	error = 0;
376 
377 retry:
378 	m = vm_page_grab(object, idx, VM_ALLOC_NOCREAT);
379 	if (m != NULL) {
380 		MPASS(vm_page_all_valid(m));
381 	} else if (vm_pager_has_page(object, idx, NULL, NULL)) {
382 		m = vm_page_alloc(object, idx, VM_ALLOC_NORMAL |
383 		    VM_ALLOC_WAITFAIL);
384 		if (m == NULL)
385 			goto retry;
386 		vm_object_pip_add(object, 1);
387 		VM_OBJECT_WUNLOCK(object);
388 		rv = vm_pager_get_pages(object, &m, 1, NULL, NULL);
389 		VM_OBJECT_WLOCK(object);
390 		vm_object_pip_wakeup(object);
391 		if (rv == VM_PAGER_OK) {
392 			/*
393 			 * Since the page was not resident, and therefore not
394 			 * recently accessed, immediately enqueue it for
395 			 * asynchronous laundering.  The current operation is
396 			 * not regarded as an access.
397 			 */
398 			vm_page_launder(m);
399 		} else {
400 			vm_page_free(m);
401 			m = NULL;
402 			if (!ignerr)
403 				error = EIO;
404 		}
405 	}
406 	if (m != NULL) {
407 		pmap_zero_page_area(m, base, end - base);
408 		vm_page_set_dirty(m);
409 		vm_page_xunbusy(m);
410 	}
411 
412 	return (error);
413 }
414 
415 void
416 tmpfs_ref_node(struct tmpfs_node *node)
417 {
418 #ifdef INVARIANTS
419 	u_int old;
420 
421 	old =
422 #endif
423 	refcount_acquire(&node->tn_refcount);
424 #ifdef INVARIANTS
425 	KASSERT(old > 0, ("node %p zero refcount", node));
426 #endif
427 }
428 
429 /*
430  * Allocates a new node of type 'type' inside the 'tmp' mount point, with
431  * its owner set to 'uid', its group to 'gid' and its mode set to 'mode',
432  * using the credentials of the process 'p'.
433  *
434  * If the node type is set to 'VDIR', then the parent parameter must point
435  * to the parent directory of the node being created.  It may only be NULL
436  * while allocating the root node.
437  *
438  * If the node type is set to 'VBLK' or 'VCHR', then the rdev parameter
439  * specifies the device the node represents.
440  *
441  * If the node type is set to 'VLNK', then the parameter target specifies
442  * the file name of the target file for the symbolic link that is being
443  * created.
444  *
445  * Note that new nodes are retrieved from the available list if it has
446  * items or, if it is empty, from the node pool as long as there is enough
447  * space to create them.
448  *
449  * Returns zero on success or an appropriate error code on failure.
450  */
451 int
452 tmpfs_alloc_node(struct mount *mp, struct tmpfs_mount *tmp, enum vtype type,
453     uid_t uid, gid_t gid, mode_t mode, struct tmpfs_node *parent,
454     const char *target, dev_t rdev, struct tmpfs_node **node)
455 {
456 	struct tmpfs_node *nnode;
457 	char *symlink;
458 	char symlink_smr;
459 
460 	/* If the root directory of the 'tmp' file system is not yet
461 	 * allocated, this must be the request to do it. */
462 	MPASS(IMPLIES(tmp->tm_root == NULL, parent == NULL && type == VDIR));
463 
464 	MPASS(IFF(type == VLNK, target != NULL));
465 	MPASS(IFF(type == VBLK || type == VCHR, rdev != VNOVAL));
466 
467 	if (tmp->tm_nodes_inuse >= tmp->tm_nodes_max)
468 		return (ENOSPC);
469 	if (tmpfs_pages_check_avail(tmp, 1) == 0)
470 		return (ENOSPC);
471 
472 	if ((mp->mnt_kern_flag & MNTK_UNMOUNT) != 0) {
473 		/*
474 		 * When a new tmpfs node is created for fully
475 		 * constructed mount point, there must be a parent
476 		 * node, which vnode is locked exclusively.  As
477 		 * consequence, if the unmount is executing in
478 		 * parallel, vflush() cannot reclaim the parent vnode.
479 		 * Due to this, the check for MNTK_UNMOUNT flag is not
480 		 * racy: if we did not see MNTK_UNMOUNT flag, then tmp
481 		 * cannot be destroyed until node construction is
482 		 * finished and the parent vnode unlocked.
483 		 *
484 		 * Tmpfs does not need to instantiate new nodes during
485 		 * unmount.
486 		 */
487 		return (EBUSY);
488 	}
489 	if ((mp->mnt_kern_flag & MNT_RDONLY) != 0)
490 		return (EROFS);
491 
492 	nnode = uma_zalloc_smr(tmpfs_node_pool, M_WAITOK);
493 
494 	/* Generic initialization. */
495 	nnode->tn_type = type;
496 	vfs_timestamp(&nnode->tn_atime);
497 	nnode->tn_birthtime = nnode->tn_ctime = nnode->tn_mtime =
498 	    nnode->tn_atime;
499 	nnode->tn_uid = uid;
500 	nnode->tn_gid = gid;
501 	nnode->tn_mode = mode;
502 	nnode->tn_id = alloc_unr64(&tmp->tm_ino_unr);
503 	nnode->tn_refcount = 1;
504 
505 	/* Type-specific initialization. */
506 	switch (nnode->tn_type) {
507 	case VBLK:
508 	case VCHR:
509 		nnode->tn_rdev = rdev;
510 		break;
511 
512 	case VDIR:
513 		RB_INIT(&nnode->tn_dir.tn_dirhead);
514 		LIST_INIT(&nnode->tn_dir.tn_dupindex);
515 		MPASS(parent != nnode);
516 		MPASS(IMPLIES(parent == NULL, tmp->tm_root == NULL));
517 		nnode->tn_dir.tn_parent = (parent == NULL) ? nnode : parent;
518 		nnode->tn_dir.tn_readdir_lastn = 0;
519 		nnode->tn_dir.tn_readdir_lastp = NULL;
520 		nnode->tn_links++;
521 		TMPFS_NODE_LOCK(nnode->tn_dir.tn_parent);
522 		nnode->tn_dir.tn_parent->tn_links++;
523 		TMPFS_NODE_UNLOCK(nnode->tn_dir.tn_parent);
524 		break;
525 
526 	case VFIFO:
527 		/* FALLTHROUGH */
528 	case VSOCK:
529 		break;
530 
531 	case VLNK:
532 		MPASS(strlen(target) < MAXPATHLEN);
533 		nnode->tn_size = strlen(target);
534 
535 		symlink = NULL;
536 		if (!tmp->tm_nonc) {
537 			symlink = cache_symlink_alloc(nnode->tn_size + 1, M_WAITOK);
538 			symlink_smr = true;
539 		}
540 		if (symlink == NULL) {
541 			symlink = malloc(nnode->tn_size + 1, M_TMPFSNAME, M_WAITOK);
542 			symlink_smr = false;
543 		}
544 		memcpy(symlink, target, nnode->tn_size + 1);
545 
546 		/*
547 		 * Allow safe symlink resolving for lockless lookup.
548 		 * tmpfs_fplookup_symlink references this comment.
549 		 *
550 		 * 1. nnode is not yet visible to the world
551 		 * 2. both tn_link_target and tn_link_smr get populated
552 		 * 3. release fence publishes their content
553 		 * 4. tn_link_target content is immutable until node destruction,
554 		 *    where the pointer gets set to NULL
555 		 * 5. tn_link_smr is never changed once set
556 		 *
557 		 * As a result it is sufficient to issue load consume on the node
558 		 * pointer to also get the above content in a stable manner.
559 		 * Worst case tn_link_smr flag may be set to true despite being stale,
560 		 * while the target buffer is already cleared out.
561 		 */
562 		atomic_store_ptr(&nnode->tn_link_target, symlink);
563 		atomic_store_char((char *)&nnode->tn_link_smr, symlink_smr);
564 		atomic_thread_fence_rel();
565 		break;
566 
567 	case VREG:
568 		nnode->tn_reg.tn_aobj =
569 		    vm_pager_allocate(tmpfs_pager_type, NULL, 0,
570 			VM_PROT_DEFAULT, 0,
571 			NULL /* XXXKIB - tmpfs needs swap reservation */);
572 		/* OBJ_TMPFS is set together with the setting of vp->v_object */
573 		nnode->tn_reg.tn_tmp = tmp;
574 		break;
575 
576 	default:
577 		panic("tmpfs_alloc_node: type %p %d", nnode,
578 		    (int)nnode->tn_type);
579 	}
580 
581 	TMPFS_LOCK(tmp);
582 	LIST_INSERT_HEAD(&tmp->tm_nodes_used, nnode, tn_entries);
583 	nnode->tn_attached = true;
584 	tmp->tm_nodes_inuse++;
585 	tmp->tm_refcount++;
586 	TMPFS_UNLOCK(tmp);
587 
588 	*node = nnode;
589 	return (0);
590 }
591 
592 /*
593  * Destroys the node pointed to by node from the file system 'tmp'.
594  * If the node references a directory, no entries are allowed.
595  */
596 void
597 tmpfs_free_node(struct tmpfs_mount *tmp, struct tmpfs_node *node)
598 {
599 	if (refcount_release_if_not_last(&node->tn_refcount))
600 		return;
601 
602 	TMPFS_LOCK(tmp);
603 	TMPFS_NODE_LOCK(node);
604 	if (!tmpfs_free_node_locked(tmp, node, false)) {
605 		TMPFS_NODE_UNLOCK(node);
606 		TMPFS_UNLOCK(tmp);
607 	}
608 }
609 
610 bool
611 tmpfs_free_node_locked(struct tmpfs_mount *tmp, struct tmpfs_node *node,
612     bool detach)
613 {
614 	vm_object_t uobj;
615 	char *symlink;
616 	bool last;
617 
618 	TMPFS_MP_ASSERT_LOCKED(tmp);
619 	TMPFS_NODE_ASSERT_LOCKED(node);
620 
621 	last = refcount_release(&node->tn_refcount);
622 	if (node->tn_attached && (detach || last)) {
623 		MPASS(tmp->tm_nodes_inuse > 0);
624 		tmp->tm_nodes_inuse--;
625 		LIST_REMOVE(node, tn_entries);
626 		node->tn_attached = false;
627 	}
628 	if (!last)
629 		return (false);
630 
631 	TMPFS_NODE_UNLOCK(node);
632 
633 #ifdef INVARIANTS
634 	MPASS(node->tn_vnode == NULL);
635 	MPASS((node->tn_vpstate & TMPFS_VNODE_ALLOCATING) == 0);
636 
637 	/*
638 	 * Make sure this is a node type we can deal with. Everything is explicitly
639 	 * enumerated without the 'default' clause so the compiler can throw an
640 	 * error in case a new type is added.
641 	 */
642 	switch (node->tn_type) {
643 	case VBLK:
644 	case VCHR:
645 	case VDIR:
646 	case VFIFO:
647 	case VSOCK:
648 	case VLNK:
649 	case VREG:
650 		break;
651 	case VNON:
652 	case VBAD:
653 	case VMARKER:
654 		panic("%s: bad type %d for node %p", __func__, (int)node->tn_type, node);
655 	}
656 #endif
657 
658 	switch (node->tn_type) {
659 	case VREG:
660 		uobj = node->tn_reg.tn_aobj;
661 		if (uobj != NULL) {
662 			if (uobj->size != 0)
663 				atomic_subtract_long(&tmp->tm_pages_used, uobj->size);
664 		}
665 
666 		tmpfs_free_tmp(tmp);
667 
668 		if (uobj != NULL) {
669 			KASSERT((uobj->flags & OBJ_TMPFS) == 0,
670 			    ("leaked OBJ_TMPFS node %p vm_obj %p", node, uobj));
671 			vm_object_deallocate(uobj);
672 		}
673 		break;
674 	case VLNK:
675 		tmpfs_free_tmp(tmp);
676 
677 		symlink = node->tn_link_target;
678 		atomic_store_ptr(&node->tn_link_target, NULL);
679 		if (atomic_load_char(&node->tn_link_smr)) {
680 			cache_symlink_free(symlink, node->tn_size + 1);
681 		} else {
682 			free(symlink, M_TMPFSNAME);
683 		}
684 		break;
685 	default:
686 		tmpfs_free_tmp(tmp);
687 		break;
688 	}
689 
690 	uma_zfree_smr(tmpfs_node_pool, node);
691 	return (true);
692 }
693 
694 static __inline uint32_t
695 tmpfs_dirent_hash(const char *name, u_int len)
696 {
697 	uint32_t hash;
698 
699 	hash = fnv_32_buf(name, len, FNV1_32_INIT + len) & TMPFS_DIRCOOKIE_MASK;
700 #ifdef TMPFS_DEBUG_DIRCOOKIE_DUP
701 	hash &= 0xf;
702 #endif
703 	if (hash < TMPFS_DIRCOOKIE_MIN)
704 		hash += TMPFS_DIRCOOKIE_MIN;
705 
706 	return (hash);
707 }
708 
709 static __inline off_t
710 tmpfs_dirent_cookie(struct tmpfs_dirent *de)
711 {
712 	if (de == NULL)
713 		return (TMPFS_DIRCOOKIE_EOF);
714 
715 	MPASS(de->td_cookie >= TMPFS_DIRCOOKIE_MIN);
716 
717 	return (de->td_cookie);
718 }
719 
720 static __inline boolean_t
721 tmpfs_dirent_dup(struct tmpfs_dirent *de)
722 {
723 	return ((de->td_cookie & TMPFS_DIRCOOKIE_DUP) != 0);
724 }
725 
726 static __inline boolean_t
727 tmpfs_dirent_duphead(struct tmpfs_dirent *de)
728 {
729 	return ((de->td_cookie & TMPFS_DIRCOOKIE_DUPHEAD) != 0);
730 }
731 
732 void
733 tmpfs_dirent_init(struct tmpfs_dirent *de, const char *name, u_int namelen)
734 {
735 	de->td_hash = de->td_cookie = tmpfs_dirent_hash(name, namelen);
736 	memcpy(de->ud.td_name, name, namelen);
737 	de->td_namelen = namelen;
738 }
739 
740 /*
741  * Allocates a new directory entry for the node node with a name of name.
742  * The new directory entry is returned in *de.
743  *
744  * The link count of node is increased by one to reflect the new object
745  * referencing it.
746  *
747  * Returns zero on success or an appropriate error code on failure.
748  */
749 int
750 tmpfs_alloc_dirent(struct tmpfs_mount *tmp, struct tmpfs_node *node,
751     const char *name, u_int len, struct tmpfs_dirent **de)
752 {
753 	struct tmpfs_dirent *nde;
754 
755 	nde = malloc(sizeof(*nde), M_TMPFSDIR, M_WAITOK);
756 	nde->td_node = node;
757 	if (name != NULL) {
758 		nde->ud.td_name = malloc(len, M_TMPFSNAME, M_WAITOK);
759 		tmpfs_dirent_init(nde, name, len);
760 	} else
761 		nde->td_namelen = 0;
762 	if (node != NULL)
763 		node->tn_links++;
764 
765 	*de = nde;
766 
767 	return (0);
768 }
769 
770 /*
771  * Frees a directory entry.  It is the caller's responsibility to destroy
772  * the node referenced by it if needed.
773  *
774  * The link count of node is decreased by one to reflect the removal of an
775  * object that referenced it.  This only happens if 'node_exists' is true;
776  * otherwise the function will not access the node referred to by the
777  * directory entry, as it may already have been released from the outside.
778  */
779 void
780 tmpfs_free_dirent(struct tmpfs_mount *tmp, struct tmpfs_dirent *de)
781 {
782 	struct tmpfs_node *node;
783 
784 	node = de->td_node;
785 	if (node != NULL) {
786 		MPASS(node->tn_links > 0);
787 		node->tn_links--;
788 	}
789 	if (!tmpfs_dirent_duphead(de) && de->ud.td_name != NULL)
790 		free(de->ud.td_name, M_TMPFSNAME);
791 	free(de, M_TMPFSDIR);
792 }
793 
794 void
795 tmpfs_destroy_vobject(struct vnode *vp, vm_object_t obj)
796 {
797 	bool want_vrele;
798 
799 	ASSERT_VOP_ELOCKED(vp, "tmpfs_destroy_vobject");
800 	if (vp->v_type != VREG || obj == NULL)
801 		return;
802 
803 	VM_OBJECT_WLOCK(obj);
804 	VI_LOCK(vp);
805 	/*
806 	 * May be going through forced unmount.
807 	 */
808 	want_vrele = false;
809 	if ((obj->flags & OBJ_TMPFS_VREF) != 0) {
810 		vm_object_clear_flag(obj, OBJ_TMPFS_VREF);
811 		want_vrele = true;
812 	}
813 
814 	vm_object_clear_flag(obj, OBJ_TMPFS);
815 	obj->un_pager.swp.swp_tmpfs = NULL;
816 	if (vp->v_writecount < 0)
817 		vp->v_writecount = 0;
818 	VI_UNLOCK(vp);
819 	VM_OBJECT_WUNLOCK(obj);
820 	if (want_vrele) {
821 		vrele(vp);
822 	}
823 }
824 
825 /*
826  * Allocates a new vnode for the node node or returns a new reference to
827  * an existing one if the node had already a vnode referencing it.  The
828  * resulting locked vnode is returned in *vpp.
829  *
830  * Returns zero on success or an appropriate error code on failure.
831  */
832 int
833 tmpfs_alloc_vp(struct mount *mp, struct tmpfs_node *node, int lkflag,
834     struct vnode **vpp)
835 {
836 	struct vnode *vp;
837 	enum vgetstate vs;
838 	struct tmpfs_mount *tm;
839 	vm_object_t object;
840 	int error;
841 
842 	error = 0;
843 	tm = VFS_TO_TMPFS(mp);
844 	TMPFS_NODE_LOCK(node);
845 	tmpfs_ref_node(node);
846 loop:
847 	TMPFS_NODE_ASSERT_LOCKED(node);
848 	if ((vp = node->tn_vnode) != NULL) {
849 		MPASS((node->tn_vpstate & TMPFS_VNODE_DOOMED) == 0);
850 		if ((node->tn_type == VDIR && node->tn_dir.tn_parent == NULL) ||
851 		    (VN_IS_DOOMED(vp) &&
852 		     (lkflag & LK_NOWAIT) != 0)) {
853 			TMPFS_NODE_UNLOCK(node);
854 			error = ENOENT;
855 			vp = NULL;
856 			goto out;
857 		}
858 		if (VN_IS_DOOMED(vp)) {
859 			node->tn_vpstate |= TMPFS_VNODE_WRECLAIM;
860 			while ((node->tn_vpstate & TMPFS_VNODE_WRECLAIM) != 0) {
861 				msleep(&node->tn_vnode, TMPFS_NODE_MTX(node),
862 				    0, "tmpfsE", 0);
863 			}
864 			goto loop;
865 		}
866 		vs = vget_prep(vp);
867 		TMPFS_NODE_UNLOCK(node);
868 		error = vget_finish(vp, lkflag, vs);
869 		if (error == ENOENT) {
870 			TMPFS_NODE_LOCK(node);
871 			goto loop;
872 		}
873 		if (error != 0) {
874 			vp = NULL;
875 			goto out;
876 		}
877 
878 		/*
879 		 * Make sure the vnode is still there after
880 		 * getting the interlock to avoid racing a free.
881 		 */
882 		if (node->tn_vnode != vp) {
883 			vput(vp);
884 			TMPFS_NODE_LOCK(node);
885 			goto loop;
886 		}
887 
888 		goto out;
889 	}
890 
891 	if ((node->tn_vpstate & TMPFS_VNODE_DOOMED) ||
892 	    (node->tn_type == VDIR && node->tn_dir.tn_parent == NULL)) {
893 		TMPFS_NODE_UNLOCK(node);
894 		error = ENOENT;
895 		vp = NULL;
896 		goto out;
897 	}
898 
899 	/*
900 	 * otherwise lock the vp list while we call getnewvnode
901 	 * since that can block.
902 	 */
903 	if (node->tn_vpstate & TMPFS_VNODE_ALLOCATING) {
904 		node->tn_vpstate |= TMPFS_VNODE_WANT;
905 		error = msleep((caddr_t) &node->tn_vpstate,
906 		    TMPFS_NODE_MTX(node), 0, "tmpfs_alloc_vp", 0);
907 		if (error != 0)
908 			goto out;
909 		goto loop;
910 	} else
911 		node->tn_vpstate |= TMPFS_VNODE_ALLOCATING;
912 
913 	TMPFS_NODE_UNLOCK(node);
914 
915 	/* Get a new vnode and associate it with our node. */
916 	error = getnewvnode("tmpfs", mp, VFS_TO_TMPFS(mp)->tm_nonc ?
917 	    &tmpfs_vnodeop_nonc_entries : &tmpfs_vnodeop_entries, &vp);
918 	if (error != 0)
919 		goto unlock;
920 	MPASS(vp != NULL);
921 
922 	/* lkflag is ignored, the lock is exclusive */
923 	(void) vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
924 
925 	vp->v_data = node;
926 	vp->v_type = node->tn_type;
927 
928 	/* Type-specific initialization. */
929 	switch (node->tn_type) {
930 	case VBLK:
931 		/* FALLTHROUGH */
932 	case VCHR:
933 		/* FALLTHROUGH */
934 	case VLNK:
935 		/* FALLTHROUGH */
936 	case VSOCK:
937 		break;
938 	case VFIFO:
939 		vp->v_op = &tmpfs_fifoop_entries;
940 		break;
941 	case VREG:
942 		object = node->tn_reg.tn_aobj;
943 		VM_OBJECT_WLOCK(object);
944 		KASSERT((object->flags & OBJ_TMPFS_VREF) == 0,
945 		    ("%s: object %p with OBJ_TMPFS_VREF but without vnode",
946 		    __func__, object));
947 		KASSERT(object->un_pager.swp.writemappings == 0,
948 		    ("%s: object %p has writemappings",
949 		    __func__, object));
950 		VI_LOCK(vp);
951 		KASSERT(vp->v_object == NULL, ("Not NULL v_object in tmpfs"));
952 		vp->v_object = object;
953 		object->un_pager.swp.swp_tmpfs = vp;
954 		vm_object_set_flag(object, OBJ_TMPFS);
955 		vn_irflag_set_locked(vp, VIRF_PGREAD | VIRF_TEXT_REF);
956 		VI_UNLOCK(vp);
957 		VM_OBJECT_WUNLOCK(object);
958 		break;
959 	case VDIR:
960 		MPASS(node->tn_dir.tn_parent != NULL);
961 		if (node->tn_dir.tn_parent == node)
962 			vp->v_vflag |= VV_ROOT;
963 		break;
964 
965 	default:
966 		panic("tmpfs_alloc_vp: type %p %d", node, (int)node->tn_type);
967 	}
968 	if (vp->v_type != VFIFO)
969 		VN_LOCK_ASHARE(vp);
970 
971 	error = insmntque1(vp, mp);
972 	if (error != 0) {
973 		/* Need to clear v_object for insmntque failure. */
974 		tmpfs_destroy_vobject(vp, vp->v_object);
975 		vp->v_object = NULL;
976 		vp->v_data = NULL;
977 		vp->v_op = &dead_vnodeops;
978 		vgone(vp);
979 		vput(vp);
980 		vp = NULL;
981 	}
982 
983 unlock:
984 	TMPFS_NODE_LOCK(node);
985 
986 	MPASS(node->tn_vpstate & TMPFS_VNODE_ALLOCATING);
987 	node->tn_vpstate &= ~TMPFS_VNODE_ALLOCATING;
988 	node->tn_vnode = vp;
989 
990 	if (node->tn_vpstate & TMPFS_VNODE_WANT) {
991 		node->tn_vpstate &= ~TMPFS_VNODE_WANT;
992 		TMPFS_NODE_UNLOCK(node);
993 		wakeup((caddr_t) &node->tn_vpstate);
994 	} else
995 		TMPFS_NODE_UNLOCK(node);
996 
997 out:
998 	if (error == 0) {
999 		*vpp = vp;
1000 
1001 #ifdef INVARIANTS
1002 		MPASS(*vpp != NULL && VOP_ISLOCKED(*vpp));
1003 		TMPFS_NODE_LOCK(node);
1004 		MPASS(*vpp == node->tn_vnode);
1005 		TMPFS_NODE_UNLOCK(node);
1006 #endif
1007 	}
1008 	tmpfs_free_node(tm, node);
1009 
1010 	return (error);
1011 }
1012 
1013 /*
1014  * Destroys the association between the vnode vp and the node it
1015  * references.
1016  */
1017 void
1018 tmpfs_free_vp(struct vnode *vp)
1019 {
1020 	struct tmpfs_node *node;
1021 
1022 	node = VP_TO_TMPFS_NODE(vp);
1023 
1024 	TMPFS_NODE_ASSERT_LOCKED(node);
1025 	node->tn_vnode = NULL;
1026 	if ((node->tn_vpstate & TMPFS_VNODE_WRECLAIM) != 0)
1027 		wakeup(&node->tn_vnode);
1028 	node->tn_vpstate &= ~TMPFS_VNODE_WRECLAIM;
1029 	vp->v_data = NULL;
1030 }
1031 
1032 /*
1033  * Allocates a new file of type 'type' and adds it to the parent directory
1034  * 'dvp'; this addition is done using the component name given in 'cnp'.
1035  * The ownership of the new file is automatically assigned based on the
1036  * credentials of the caller (through 'cnp'), the group is set based on
1037  * the parent directory and the mode is determined from the 'vap' argument.
1038  * If successful, *vpp holds a vnode to the newly created file and zero
1039  * is returned.  Otherwise *vpp is NULL and the function returns an
1040  * appropriate error code.
1041  */
1042 int
1043 tmpfs_alloc_file(struct vnode *dvp, struct vnode **vpp, struct vattr *vap,
1044     struct componentname *cnp, const char *target)
1045 {
1046 	int error;
1047 	struct tmpfs_dirent *de;
1048 	struct tmpfs_mount *tmp;
1049 	struct tmpfs_node *dnode;
1050 	struct tmpfs_node *node;
1051 	struct tmpfs_node *parent;
1052 
1053 	ASSERT_VOP_ELOCKED(dvp, "tmpfs_alloc_file");
1054 
1055 	tmp = VFS_TO_TMPFS(dvp->v_mount);
1056 	dnode = VP_TO_TMPFS_DIR(dvp);
1057 	*vpp = NULL;
1058 
1059 	/* If the entry we are creating is a directory, we cannot overflow
1060 	 * the number of links of its parent, because it will get a new
1061 	 * link. */
1062 	if (vap->va_type == VDIR) {
1063 		/* Ensure that we do not overflow the maximum number of links
1064 		 * imposed by the system. */
1065 		MPASS(dnode->tn_links <= TMPFS_LINK_MAX);
1066 		if (dnode->tn_links == TMPFS_LINK_MAX) {
1067 			return (EMLINK);
1068 		}
1069 
1070 		parent = dnode;
1071 		MPASS(parent != NULL);
1072 	} else
1073 		parent = NULL;
1074 
1075 	/* Allocate a node that represents the new file. */
1076 	error = tmpfs_alloc_node(dvp->v_mount, tmp, vap->va_type,
1077 	    cnp->cn_cred->cr_uid, dnode->tn_gid, vap->va_mode, parent,
1078 	    target, vap->va_rdev, &node);
1079 	if (error != 0)
1080 		return (error);
1081 
1082 	/* Allocate a directory entry that points to the new file. */
1083 	error = tmpfs_alloc_dirent(tmp, node, cnp->cn_nameptr, cnp->cn_namelen,
1084 	    &de);
1085 	if (error != 0) {
1086 		tmpfs_free_node(tmp, node);
1087 		return (error);
1088 	}
1089 
1090 	/* Allocate a vnode for the new file. */
1091 	error = tmpfs_alloc_vp(dvp->v_mount, node, LK_EXCLUSIVE, vpp);
1092 	if (error != 0) {
1093 		tmpfs_free_dirent(tmp, de);
1094 		tmpfs_free_node(tmp, node);
1095 		return (error);
1096 	}
1097 
1098 	/* Now that all required items are allocated, we can proceed to
1099 	 * insert the new node into the directory, an operation that
1100 	 * cannot fail. */
1101 	if (cnp->cn_flags & ISWHITEOUT)
1102 		tmpfs_dir_whiteout_remove(dvp, cnp);
1103 	tmpfs_dir_attach(dvp, de);
1104 	return (0);
1105 }
1106 
1107 struct tmpfs_dirent *
1108 tmpfs_dir_first(struct tmpfs_node *dnode, struct tmpfs_dir_cursor *dc)
1109 {
1110 	struct tmpfs_dirent *de;
1111 
1112 	de = RB_MIN(tmpfs_dir, &dnode->tn_dir.tn_dirhead);
1113 	dc->tdc_tree = de;
1114 	if (de != NULL && tmpfs_dirent_duphead(de))
1115 		de = LIST_FIRST(&de->ud.td_duphead);
1116 	dc->tdc_current = de;
1117 
1118 	return (dc->tdc_current);
1119 }
1120 
1121 struct tmpfs_dirent *
1122 tmpfs_dir_next(struct tmpfs_node *dnode, struct tmpfs_dir_cursor *dc)
1123 {
1124 	struct tmpfs_dirent *de;
1125 
1126 	MPASS(dc->tdc_tree != NULL);
1127 	if (tmpfs_dirent_dup(dc->tdc_current)) {
1128 		dc->tdc_current = LIST_NEXT(dc->tdc_current, uh.td_dup.entries);
1129 		if (dc->tdc_current != NULL)
1130 			return (dc->tdc_current);
1131 	}
1132 	dc->tdc_tree = dc->tdc_current = RB_NEXT(tmpfs_dir,
1133 	    &dnode->tn_dir.tn_dirhead, dc->tdc_tree);
1134 	if ((de = dc->tdc_current) != NULL && tmpfs_dirent_duphead(de)) {
1135 		dc->tdc_current = LIST_FIRST(&de->ud.td_duphead);
1136 		MPASS(dc->tdc_current != NULL);
1137 	}
1138 
1139 	return (dc->tdc_current);
1140 }
1141 
1142 /* Lookup directory entry in RB-Tree. Function may return duphead entry. */
1143 static struct tmpfs_dirent *
1144 tmpfs_dir_xlookup_hash(struct tmpfs_node *dnode, uint32_t hash)
1145 {
1146 	struct tmpfs_dirent *de, dekey;
1147 
1148 	dekey.td_hash = hash;
1149 	de = RB_FIND(tmpfs_dir, &dnode->tn_dir.tn_dirhead, &dekey);
1150 	return (de);
1151 }
1152 
1153 /* Lookup directory entry by cookie, initialize directory cursor accordingly. */
1154 static struct tmpfs_dirent *
1155 tmpfs_dir_lookup_cookie(struct tmpfs_node *node, off_t cookie,
1156     struct tmpfs_dir_cursor *dc)
1157 {
1158 	struct tmpfs_dir *dirhead = &node->tn_dir.tn_dirhead;
1159 	struct tmpfs_dirent *de, dekey;
1160 
1161 	MPASS(cookie >= TMPFS_DIRCOOKIE_MIN);
1162 
1163 	if (cookie == node->tn_dir.tn_readdir_lastn &&
1164 	    (de = node->tn_dir.tn_readdir_lastp) != NULL) {
1165 		/* Protect against possible race, tn_readdir_last[pn]
1166 		 * may be updated with only shared vnode lock held. */
1167 		if (cookie == tmpfs_dirent_cookie(de))
1168 			goto out;
1169 	}
1170 
1171 	if ((cookie & TMPFS_DIRCOOKIE_DUP) != 0) {
1172 		LIST_FOREACH(de, &node->tn_dir.tn_dupindex,
1173 		    uh.td_dup.index_entries) {
1174 			MPASS(tmpfs_dirent_dup(de));
1175 			if (de->td_cookie == cookie)
1176 				goto out;
1177 			/* dupindex list is sorted. */
1178 			if (de->td_cookie < cookie) {
1179 				de = NULL;
1180 				goto out;
1181 			}
1182 		}
1183 		MPASS(de == NULL);
1184 		goto out;
1185 	}
1186 
1187 	if ((cookie & TMPFS_DIRCOOKIE_MASK) != cookie) {
1188 		de = NULL;
1189 	} else {
1190 		dekey.td_hash = cookie;
1191 		/* Recover if direntry for cookie was removed */
1192 		de = RB_NFIND(tmpfs_dir, dirhead, &dekey);
1193 	}
1194 	dc->tdc_tree = de;
1195 	dc->tdc_current = de;
1196 	if (de != NULL && tmpfs_dirent_duphead(de)) {
1197 		dc->tdc_current = LIST_FIRST(&de->ud.td_duphead);
1198 		MPASS(dc->tdc_current != NULL);
1199 	}
1200 	return (dc->tdc_current);
1201 
1202 out:
1203 	dc->tdc_tree = de;
1204 	dc->tdc_current = de;
1205 	if (de != NULL && tmpfs_dirent_dup(de))
1206 		dc->tdc_tree = tmpfs_dir_xlookup_hash(node,
1207 		    de->td_hash);
1208 	return (dc->tdc_current);
1209 }
1210 
1211 /*
1212  * Looks for a directory entry in the directory represented by node.
1213  * 'cnp' describes the name of the entry to look for.  Note that the .
1214  * and .. components are not allowed as they do not physically exist
1215  * within directories.
1216  *
1217  * Returns a pointer to the entry when found, otherwise NULL.
1218  */
1219 struct tmpfs_dirent *
1220 tmpfs_dir_lookup(struct tmpfs_node *node, struct tmpfs_node *f,
1221     struct componentname *cnp)
1222 {
1223 	struct tmpfs_dir_duphead *duphead;
1224 	struct tmpfs_dirent *de;
1225 	uint32_t hash;
1226 
1227 	MPASS(IMPLIES(cnp->cn_namelen == 1, cnp->cn_nameptr[0] != '.'));
1228 	MPASS(IMPLIES(cnp->cn_namelen == 2, !(cnp->cn_nameptr[0] == '.' &&
1229 	    cnp->cn_nameptr[1] == '.')));
1230 	TMPFS_VALIDATE_DIR(node);
1231 
1232 	hash = tmpfs_dirent_hash(cnp->cn_nameptr, cnp->cn_namelen);
1233 	de = tmpfs_dir_xlookup_hash(node, hash);
1234 	if (de != NULL && tmpfs_dirent_duphead(de)) {
1235 		duphead = &de->ud.td_duphead;
1236 		LIST_FOREACH(de, duphead, uh.td_dup.entries) {
1237 			if (TMPFS_DIRENT_MATCHES(de, cnp->cn_nameptr,
1238 			    cnp->cn_namelen))
1239 				break;
1240 		}
1241 	} else if (de != NULL) {
1242 		if (!TMPFS_DIRENT_MATCHES(de, cnp->cn_nameptr,
1243 		    cnp->cn_namelen))
1244 			de = NULL;
1245 	}
1246 	if (de != NULL && f != NULL && de->td_node != f)
1247 		de = NULL;
1248 
1249 	return (de);
1250 }
1251 
1252 /*
1253  * Attach duplicate-cookie directory entry nde to dnode and insert to dupindex
1254  * list, allocate new cookie value.
1255  */
1256 static void
1257 tmpfs_dir_attach_dup(struct tmpfs_node *dnode,
1258     struct tmpfs_dir_duphead *duphead, struct tmpfs_dirent *nde)
1259 {
1260 	struct tmpfs_dir_duphead *dupindex;
1261 	struct tmpfs_dirent *de, *pde;
1262 
1263 	dupindex = &dnode->tn_dir.tn_dupindex;
1264 	de = LIST_FIRST(dupindex);
1265 	if (de == NULL || de->td_cookie < TMPFS_DIRCOOKIE_DUP_MAX) {
1266 		if (de == NULL)
1267 			nde->td_cookie = TMPFS_DIRCOOKIE_DUP_MIN;
1268 		else
1269 			nde->td_cookie = de->td_cookie + 1;
1270 		MPASS(tmpfs_dirent_dup(nde));
1271 		LIST_INSERT_HEAD(dupindex, nde, uh.td_dup.index_entries);
1272 		LIST_INSERT_HEAD(duphead, nde, uh.td_dup.entries);
1273 		return;
1274 	}
1275 
1276 	/*
1277 	 * Cookie numbers are near exhaustion. Scan dupindex list for unused
1278 	 * numbers. dupindex list is sorted in descending order. Keep it so
1279 	 * after inserting nde.
1280 	 */
1281 	while (1) {
1282 		pde = de;
1283 		de = LIST_NEXT(de, uh.td_dup.index_entries);
1284 		if (de == NULL && pde->td_cookie != TMPFS_DIRCOOKIE_DUP_MIN) {
1285 			/*
1286 			 * Last element of the index doesn't have minimal cookie
1287 			 * value, use it.
1288 			 */
1289 			nde->td_cookie = TMPFS_DIRCOOKIE_DUP_MIN;
1290 			LIST_INSERT_AFTER(pde, nde, uh.td_dup.index_entries);
1291 			LIST_INSERT_HEAD(duphead, nde, uh.td_dup.entries);
1292 			return;
1293 		} else if (de == NULL) {
1294 			/*
1295 			 * We are so lucky have 2^30 hash duplicates in single
1296 			 * directory :) Return largest possible cookie value.
1297 			 * It should be fine except possible issues with
1298 			 * VOP_READDIR restart.
1299 			 */
1300 			nde->td_cookie = TMPFS_DIRCOOKIE_DUP_MAX;
1301 			LIST_INSERT_HEAD(dupindex, nde,
1302 			    uh.td_dup.index_entries);
1303 			LIST_INSERT_HEAD(duphead, nde, uh.td_dup.entries);
1304 			return;
1305 		}
1306 		if (de->td_cookie + 1 == pde->td_cookie ||
1307 		    de->td_cookie >= TMPFS_DIRCOOKIE_DUP_MAX)
1308 			continue;	/* No hole or invalid cookie. */
1309 		nde->td_cookie = de->td_cookie + 1;
1310 		MPASS(tmpfs_dirent_dup(nde));
1311 		MPASS(pde->td_cookie > nde->td_cookie);
1312 		MPASS(nde->td_cookie > de->td_cookie);
1313 		LIST_INSERT_BEFORE(de, nde, uh.td_dup.index_entries);
1314 		LIST_INSERT_HEAD(duphead, nde, uh.td_dup.entries);
1315 		return;
1316 	}
1317 }
1318 
1319 /*
1320  * Attaches the directory entry de to the directory represented by vp.
1321  * Note that this does not change the link count of the node pointed by
1322  * the directory entry, as this is done by tmpfs_alloc_dirent.
1323  */
1324 void
1325 tmpfs_dir_attach(struct vnode *vp, struct tmpfs_dirent *de)
1326 {
1327 	struct tmpfs_node *dnode;
1328 	struct tmpfs_dirent *xde, *nde;
1329 
1330 	ASSERT_VOP_ELOCKED(vp, __func__);
1331 	MPASS(de->td_namelen > 0);
1332 	MPASS(de->td_hash >= TMPFS_DIRCOOKIE_MIN);
1333 	MPASS(de->td_cookie == de->td_hash);
1334 
1335 	dnode = VP_TO_TMPFS_DIR(vp);
1336 	dnode->tn_dir.tn_readdir_lastn = 0;
1337 	dnode->tn_dir.tn_readdir_lastp = NULL;
1338 
1339 	MPASS(!tmpfs_dirent_dup(de));
1340 	xde = RB_INSERT(tmpfs_dir, &dnode->tn_dir.tn_dirhead, de);
1341 	if (xde != NULL && tmpfs_dirent_duphead(xde))
1342 		tmpfs_dir_attach_dup(dnode, &xde->ud.td_duphead, de);
1343 	else if (xde != NULL) {
1344 		/*
1345 		 * Allocate new duphead. Swap xde with duphead to avoid
1346 		 * adding/removing elements with the same hash.
1347 		 */
1348 		MPASS(!tmpfs_dirent_dup(xde));
1349 		tmpfs_alloc_dirent(VFS_TO_TMPFS(vp->v_mount), NULL, NULL, 0,
1350 		    &nde);
1351 		/* *nde = *xde; XXX gcc 4.2.1 may generate invalid code. */
1352 		memcpy(nde, xde, sizeof(*xde));
1353 		xde->td_cookie |= TMPFS_DIRCOOKIE_DUPHEAD;
1354 		LIST_INIT(&xde->ud.td_duphead);
1355 		xde->td_namelen = 0;
1356 		xde->td_node = NULL;
1357 		tmpfs_dir_attach_dup(dnode, &xde->ud.td_duphead, nde);
1358 		tmpfs_dir_attach_dup(dnode, &xde->ud.td_duphead, de);
1359 	}
1360 	dnode->tn_size += sizeof(struct tmpfs_dirent);
1361 	dnode->tn_status |= TMPFS_NODE_CHANGED | TMPFS_NODE_MODIFIED;
1362 	dnode->tn_accessed = true;
1363 	tmpfs_update(vp);
1364 }
1365 
1366 /*
1367  * Detaches the directory entry de from the directory represented by vp.
1368  * Note that this does not change the link count of the node pointed by
1369  * the directory entry, as this is done by tmpfs_free_dirent.
1370  */
1371 void
1372 tmpfs_dir_detach(struct vnode *vp, struct tmpfs_dirent *de)
1373 {
1374 	struct tmpfs_mount *tmp;
1375 	struct tmpfs_dir *head;
1376 	struct tmpfs_node *dnode;
1377 	struct tmpfs_dirent *xde;
1378 
1379 	ASSERT_VOP_ELOCKED(vp, __func__);
1380 
1381 	dnode = VP_TO_TMPFS_DIR(vp);
1382 	head = &dnode->tn_dir.tn_dirhead;
1383 	dnode->tn_dir.tn_readdir_lastn = 0;
1384 	dnode->tn_dir.tn_readdir_lastp = NULL;
1385 
1386 	if (tmpfs_dirent_dup(de)) {
1387 		/* Remove duphead if de was last entry. */
1388 		if (LIST_NEXT(de, uh.td_dup.entries) == NULL) {
1389 			xde = tmpfs_dir_xlookup_hash(dnode, de->td_hash);
1390 			MPASS(tmpfs_dirent_duphead(xde));
1391 		} else
1392 			xde = NULL;
1393 		LIST_REMOVE(de, uh.td_dup.entries);
1394 		LIST_REMOVE(de, uh.td_dup.index_entries);
1395 		if (xde != NULL) {
1396 			if (LIST_EMPTY(&xde->ud.td_duphead)) {
1397 				RB_REMOVE(tmpfs_dir, head, xde);
1398 				tmp = VFS_TO_TMPFS(vp->v_mount);
1399 				MPASS(xde->td_node == NULL);
1400 				tmpfs_free_dirent(tmp, xde);
1401 			}
1402 		}
1403 		de->td_cookie = de->td_hash;
1404 	} else
1405 		RB_REMOVE(tmpfs_dir, head, de);
1406 
1407 	dnode->tn_size -= sizeof(struct tmpfs_dirent);
1408 	dnode->tn_status |= TMPFS_NODE_CHANGED | TMPFS_NODE_MODIFIED;
1409 	dnode->tn_accessed = true;
1410 	tmpfs_update(vp);
1411 }
1412 
1413 void
1414 tmpfs_dir_destroy(struct tmpfs_mount *tmp, struct tmpfs_node *dnode)
1415 {
1416 	struct tmpfs_dirent *de, *dde, *nde;
1417 
1418 	RB_FOREACH_SAFE(de, tmpfs_dir, &dnode->tn_dir.tn_dirhead, nde) {
1419 		RB_REMOVE(tmpfs_dir, &dnode->tn_dir.tn_dirhead, de);
1420 		/* Node may already be destroyed. */
1421 		de->td_node = NULL;
1422 		if (tmpfs_dirent_duphead(de)) {
1423 			while ((dde = LIST_FIRST(&de->ud.td_duphead)) != NULL) {
1424 				LIST_REMOVE(dde, uh.td_dup.entries);
1425 				dde->td_node = NULL;
1426 				tmpfs_free_dirent(tmp, dde);
1427 			}
1428 		}
1429 		tmpfs_free_dirent(tmp, de);
1430 	}
1431 }
1432 
1433 /*
1434  * Helper function for tmpfs_readdir.  Creates a '.' entry for the given
1435  * directory and returns it in the uio space.  The function returns 0
1436  * on success, -1 if there was not enough space in the uio structure to
1437  * hold the directory entry or an appropriate error code if another
1438  * error happens.
1439  */
1440 static int
1441 tmpfs_dir_getdotdent(struct tmpfs_mount *tm, struct tmpfs_node *node,
1442     struct uio *uio)
1443 {
1444 	int error;
1445 	struct dirent dent;
1446 
1447 	TMPFS_VALIDATE_DIR(node);
1448 	MPASS(uio->uio_offset == TMPFS_DIRCOOKIE_DOT);
1449 
1450 	dent.d_fileno = node->tn_id;
1451 	dent.d_off = TMPFS_DIRCOOKIE_DOTDOT;
1452 	dent.d_type = DT_DIR;
1453 	dent.d_namlen = 1;
1454 	dent.d_name[0] = '.';
1455 	dent.d_reclen = GENERIC_DIRSIZ(&dent);
1456 	dirent_terminate(&dent);
1457 
1458 	if (dent.d_reclen > uio->uio_resid)
1459 		error = EJUSTRETURN;
1460 	else
1461 		error = uiomove(&dent, dent.d_reclen, uio);
1462 
1463 	tmpfs_set_accessed(tm, node);
1464 
1465 	return (error);
1466 }
1467 
1468 /*
1469  * Helper function for tmpfs_readdir.  Creates a '..' entry for the given
1470  * directory and returns it in the uio space.  The function returns 0
1471  * on success, -1 if there was not enough space in the uio structure to
1472  * hold the directory entry or an appropriate error code if another
1473  * error happens.
1474  */
1475 static int
1476 tmpfs_dir_getdotdotdent(struct tmpfs_mount *tm, struct tmpfs_node *node,
1477     struct uio *uio, off_t next)
1478 {
1479 	struct tmpfs_node *parent;
1480 	struct dirent dent;
1481 	int error;
1482 
1483 	TMPFS_VALIDATE_DIR(node);
1484 	MPASS(uio->uio_offset == TMPFS_DIRCOOKIE_DOTDOT);
1485 
1486 	/*
1487 	 * Return ENOENT if the current node is already removed.
1488 	 */
1489 	TMPFS_ASSERT_LOCKED(node);
1490 	parent = node->tn_dir.tn_parent;
1491 	if (parent == NULL)
1492 		return (ENOENT);
1493 
1494 	dent.d_fileno = parent->tn_id;
1495 	dent.d_off = next;
1496 	dent.d_type = DT_DIR;
1497 	dent.d_namlen = 2;
1498 	dent.d_name[0] = '.';
1499 	dent.d_name[1] = '.';
1500 	dent.d_reclen = GENERIC_DIRSIZ(&dent);
1501 	dirent_terminate(&dent);
1502 
1503 	if (dent.d_reclen > uio->uio_resid)
1504 		error = EJUSTRETURN;
1505 	else
1506 		error = uiomove(&dent, dent.d_reclen, uio);
1507 
1508 	tmpfs_set_accessed(tm, node);
1509 
1510 	return (error);
1511 }
1512 
1513 /*
1514  * Helper function for tmpfs_readdir.  Returns as much directory entries
1515  * as can fit in the uio space.  The read starts at uio->uio_offset.
1516  * The function returns 0 on success, -1 if there was not enough space
1517  * in the uio structure to hold the directory entry or an appropriate
1518  * error code if another error happens.
1519  */
1520 int
1521 tmpfs_dir_getdents(struct tmpfs_mount *tm, struct tmpfs_node *node,
1522     struct uio *uio, int maxcookies, uint64_t *cookies, int *ncookies)
1523 {
1524 	struct tmpfs_dir_cursor dc;
1525 	struct tmpfs_dirent *de, *nde;
1526 	off_t off;
1527 	int error;
1528 
1529 	TMPFS_VALIDATE_DIR(node);
1530 
1531 	off = 0;
1532 
1533 	/*
1534 	 * Lookup the node from the current offset.  The starting offset of
1535 	 * 0 will lookup both '.' and '..', and then the first real entry,
1536 	 * or EOF if there are none.  Then find all entries for the dir that
1537 	 * fit into the buffer.  Once no more entries are found (de == NULL),
1538 	 * the offset is set to TMPFS_DIRCOOKIE_EOF, which will cause the next
1539 	 * call to return 0.
1540 	 */
1541 	switch (uio->uio_offset) {
1542 	case TMPFS_DIRCOOKIE_DOT:
1543 		error = tmpfs_dir_getdotdent(tm, node, uio);
1544 		if (error != 0)
1545 			return (error);
1546 		uio->uio_offset = off = TMPFS_DIRCOOKIE_DOTDOT;
1547 		if (cookies != NULL)
1548 			cookies[(*ncookies)++] = off;
1549 		/* FALLTHROUGH */
1550 	case TMPFS_DIRCOOKIE_DOTDOT:
1551 		de = tmpfs_dir_first(node, &dc);
1552 		off = tmpfs_dirent_cookie(de);
1553 		error = tmpfs_dir_getdotdotdent(tm, node, uio, off);
1554 		if (error != 0)
1555 			return (error);
1556 		uio->uio_offset = off;
1557 		if (cookies != NULL)
1558 			cookies[(*ncookies)++] = off;
1559 		/* EOF. */
1560 		if (de == NULL)
1561 			return (0);
1562 		break;
1563 	case TMPFS_DIRCOOKIE_EOF:
1564 		return (0);
1565 	default:
1566 		de = tmpfs_dir_lookup_cookie(node, uio->uio_offset, &dc);
1567 		if (de == NULL)
1568 			return (EINVAL);
1569 		if (cookies != NULL)
1570 			off = tmpfs_dirent_cookie(de);
1571 	}
1572 
1573 	/*
1574 	 * Read as much entries as possible; i.e., until we reach the end of the
1575 	 * directory or we exhaust uio space.
1576 	 */
1577 	do {
1578 		struct dirent d;
1579 
1580 		/*
1581 		 * Create a dirent structure representing the current tmpfs_node
1582 		 * and fill it.
1583 		 */
1584 		if (de->td_node == NULL) {
1585 			d.d_fileno = 1;
1586 			d.d_type = DT_WHT;
1587 		} else {
1588 			d.d_fileno = de->td_node->tn_id;
1589 			switch (de->td_node->tn_type) {
1590 			case VBLK:
1591 				d.d_type = DT_BLK;
1592 				break;
1593 
1594 			case VCHR:
1595 				d.d_type = DT_CHR;
1596 				break;
1597 
1598 			case VDIR:
1599 				d.d_type = DT_DIR;
1600 				break;
1601 
1602 			case VFIFO:
1603 				d.d_type = DT_FIFO;
1604 				break;
1605 
1606 			case VLNK:
1607 				d.d_type = DT_LNK;
1608 				break;
1609 
1610 			case VREG:
1611 				d.d_type = DT_REG;
1612 				break;
1613 
1614 			case VSOCK:
1615 				d.d_type = DT_SOCK;
1616 				break;
1617 
1618 			default:
1619 				panic("tmpfs_dir_getdents: type %p %d",
1620 				    de->td_node, (int)de->td_node->tn_type);
1621 			}
1622 		}
1623 		d.d_namlen = de->td_namelen;
1624 		MPASS(de->td_namelen < sizeof(d.d_name));
1625 		(void)memcpy(d.d_name, de->ud.td_name, de->td_namelen);
1626 		d.d_reclen = GENERIC_DIRSIZ(&d);
1627 
1628 		/*
1629 		 * Stop reading if the directory entry we are treating is bigger
1630 		 * than the amount of data that can be returned.
1631 		 */
1632 		if (d.d_reclen > uio->uio_resid) {
1633 			error = EJUSTRETURN;
1634 			break;
1635 		}
1636 
1637 		nde = tmpfs_dir_next(node, &dc);
1638 		d.d_off = tmpfs_dirent_cookie(nde);
1639 		dirent_terminate(&d);
1640 
1641 		/*
1642 		 * Copy the new dirent structure into the output buffer and
1643 		 * advance pointers.
1644 		 */
1645 		error = uiomove(&d, d.d_reclen, uio);
1646 		if (error == 0) {
1647 			de = nde;
1648 			if (cookies != NULL) {
1649 				off = tmpfs_dirent_cookie(de);
1650 				MPASS(*ncookies < maxcookies);
1651 				cookies[(*ncookies)++] = off;
1652 			}
1653 		}
1654 	} while (error == 0 && uio->uio_resid > 0 && de != NULL);
1655 
1656 	/* Skip setting off when using cookies as it is already done above. */
1657 	if (cookies == NULL)
1658 		off = tmpfs_dirent_cookie(de);
1659 
1660 	/* Update the offset and cache. */
1661 	uio->uio_offset = off;
1662 	node->tn_dir.tn_readdir_lastn = off;
1663 	node->tn_dir.tn_readdir_lastp = de;
1664 
1665 	tmpfs_set_accessed(tm, node);
1666 	return (error);
1667 }
1668 
1669 int
1670 tmpfs_dir_whiteout_add(struct vnode *dvp, struct componentname *cnp)
1671 {
1672 	struct tmpfs_dirent *de;
1673 	int error;
1674 
1675 	error = tmpfs_alloc_dirent(VFS_TO_TMPFS(dvp->v_mount), NULL,
1676 	    cnp->cn_nameptr, cnp->cn_namelen, &de);
1677 	if (error != 0)
1678 		return (error);
1679 	tmpfs_dir_attach(dvp, de);
1680 	return (0);
1681 }
1682 
1683 void
1684 tmpfs_dir_whiteout_remove(struct vnode *dvp, struct componentname *cnp)
1685 {
1686 	struct tmpfs_dirent *de;
1687 
1688 	de = tmpfs_dir_lookup(VP_TO_TMPFS_DIR(dvp), NULL, cnp);
1689 	MPASS(de != NULL && de->td_node == NULL);
1690 	tmpfs_dir_detach(dvp, de);
1691 	tmpfs_free_dirent(VFS_TO_TMPFS(dvp->v_mount), de);
1692 }
1693 
1694 /*
1695  * Resizes the aobj associated with the regular file pointed to by 'vp' to the
1696  * size 'newsize'.  'vp' must point to a vnode that represents a regular file.
1697  * 'newsize' must be positive.
1698  *
1699  * Returns zero on success or an appropriate error code on failure.
1700  */
1701 int
1702 tmpfs_reg_resize(struct vnode *vp, off_t newsize, boolean_t ignerr)
1703 {
1704 	struct tmpfs_mount *tmp;
1705 	struct tmpfs_node *node;
1706 	vm_object_t uobj;
1707 	vm_pindex_t idx, newpages, oldpages;
1708 	off_t oldsize;
1709 	int base, error;
1710 
1711 	MPASS(vp->v_type == VREG);
1712 	MPASS(newsize >= 0);
1713 
1714 	node = VP_TO_TMPFS_NODE(vp);
1715 	uobj = node->tn_reg.tn_aobj;
1716 	tmp = VFS_TO_TMPFS(vp->v_mount);
1717 
1718 	/*
1719 	 * Convert the old and new sizes to the number of pages needed to
1720 	 * store them.  It may happen that we do not need to do anything
1721 	 * because the last allocated page can accommodate the change on
1722 	 * its own.
1723 	 */
1724 	oldsize = node->tn_size;
1725 	oldpages = OFF_TO_IDX(oldsize + PAGE_MASK);
1726 	MPASS(oldpages == uobj->size);
1727 	newpages = OFF_TO_IDX(newsize + PAGE_MASK);
1728 
1729 	if (__predict_true(newpages == oldpages && newsize >= oldsize)) {
1730 		node->tn_size = newsize;
1731 		return (0);
1732 	}
1733 
1734 	if (newpages > oldpages &&
1735 	    tmpfs_pages_check_avail(tmp, newpages - oldpages) == 0)
1736 		return (ENOSPC);
1737 
1738 	VM_OBJECT_WLOCK(uobj);
1739 	if (newsize < oldsize) {
1740 		/*
1741 		 * Zero the truncated part of the last page.
1742 		 */
1743 		base = newsize & PAGE_MASK;
1744 		if (base != 0) {
1745 			idx = OFF_TO_IDX(newsize);
1746 			error = tmpfs_partial_page_invalidate(uobj, idx, base,
1747 			    PAGE_SIZE, ignerr);
1748 			if (error != 0) {
1749 				VM_OBJECT_WUNLOCK(uobj);
1750 				return (error);
1751 			}
1752 		}
1753 
1754 		/*
1755 		 * Release any swap space and free any whole pages.
1756 		 */
1757 		if (newpages < oldpages)
1758 			vm_object_page_remove(uobj, newpages, 0, 0);
1759 	}
1760 	uobj->size = newpages;
1761 	VM_OBJECT_WUNLOCK(uobj);
1762 
1763 	atomic_add_long(&tmp->tm_pages_used, newpages - oldpages);
1764 
1765 	node->tn_size = newsize;
1766 	return (0);
1767 }
1768 
1769 /*
1770  * Punch hole in the aobj associated with the regular file pointed to by 'vp'.
1771  * Requests completely beyond the end-of-file are converted to no-op.
1772  *
1773  * Returns 0 on success or error code from tmpfs_partial_page_invalidate() on
1774  * failure.
1775  */
1776 int
1777 tmpfs_reg_punch_hole(struct vnode *vp, off_t *offset, off_t *length)
1778 {
1779 	struct tmpfs_node *node;
1780 	vm_object_t object;
1781 	vm_pindex_t pistart, pi, piend;
1782 	int startofs, endofs, end;
1783 	off_t off, len;
1784 	int error;
1785 
1786 	KASSERT(*length <= OFF_MAX - *offset, ("%s: offset + length overflows",
1787 	    __func__));
1788 	node = VP_TO_TMPFS_NODE(vp);
1789 	KASSERT(node->tn_type == VREG, ("%s: node is not regular file",
1790 	    __func__));
1791 	object = node->tn_reg.tn_aobj;
1792 	off = *offset;
1793 	len = omin(node->tn_size - off, *length);
1794 	startofs = off & PAGE_MASK;
1795 	endofs = (off + len) & PAGE_MASK;
1796 	pistart = OFF_TO_IDX(off);
1797 	piend = OFF_TO_IDX(off + len);
1798 	pi = OFF_TO_IDX((vm_ooffset_t)off + PAGE_MASK);
1799 	error = 0;
1800 
1801 	/* Handle the case when offset is on or beyond file size. */
1802 	if (len <= 0) {
1803 		*length = 0;
1804 		return (0);
1805 	}
1806 
1807 	VM_OBJECT_WLOCK(object);
1808 
1809 	/*
1810 	 * If there is a partial page at the beginning of the hole-punching
1811 	 * request, fill the partial page with zeroes.
1812 	 */
1813 	if (startofs != 0) {
1814 		end = pistart != piend ? PAGE_SIZE : endofs;
1815 		error = tmpfs_partial_page_invalidate(object, pistart, startofs,
1816 		    end, FALSE);
1817 		if (error != 0)
1818 			goto out;
1819 		off += end - startofs;
1820 		len -= end - startofs;
1821 	}
1822 
1823 	/*
1824 	 * Toss away the full pages in the affected area.
1825 	 */
1826 	if (pi < piend) {
1827 		vm_object_page_remove(object, pi, piend, 0);
1828 		off += IDX_TO_OFF(piend - pi);
1829 		len -= IDX_TO_OFF(piend - pi);
1830 	}
1831 
1832 	/*
1833 	 * If there is a partial page at the end of the hole-punching request,
1834 	 * fill the partial page with zeroes.
1835 	 */
1836 	if (endofs != 0 && pistart != piend) {
1837 		error = tmpfs_partial_page_invalidate(object, piend, 0, endofs,
1838 		    FALSE);
1839 		if (error != 0)
1840 			goto out;
1841 		off += endofs;
1842 		len -= endofs;
1843 	}
1844 
1845 out:
1846 	VM_OBJECT_WUNLOCK(object);
1847 	*offset = off;
1848 	*length = len;
1849 	return (error);
1850 }
1851 
1852 void
1853 tmpfs_check_mtime(struct vnode *vp)
1854 {
1855 	struct tmpfs_node *node;
1856 	struct vm_object *obj;
1857 
1858 	ASSERT_VOP_ELOCKED(vp, "check_mtime");
1859 	if (vp->v_type != VREG)
1860 		return;
1861 	obj = vp->v_object;
1862 	KASSERT(obj->type == tmpfs_pager_type &&
1863 	    (obj->flags & (OBJ_SWAP | OBJ_TMPFS)) ==
1864 	    (OBJ_SWAP | OBJ_TMPFS), ("non-tmpfs obj"));
1865 	/* unlocked read */
1866 	if (obj->generation != obj->cleangeneration) {
1867 		VM_OBJECT_WLOCK(obj);
1868 		if (obj->generation != obj->cleangeneration) {
1869 			obj->cleangeneration = obj->generation;
1870 			node = VP_TO_TMPFS_NODE(vp);
1871 			node->tn_status |= TMPFS_NODE_MODIFIED |
1872 			    TMPFS_NODE_CHANGED;
1873 		}
1874 		VM_OBJECT_WUNLOCK(obj);
1875 	}
1876 }
1877 
1878 /*
1879  * Change flags of the given vnode.
1880  * Caller should execute tmpfs_update on vp after a successful execution.
1881  * The vnode must be locked on entry and remain locked on exit.
1882  */
1883 int
1884 tmpfs_chflags(struct vnode *vp, u_long flags, struct ucred *cred,
1885     struct thread *p)
1886 {
1887 	int error;
1888 	struct tmpfs_node *node;
1889 
1890 	ASSERT_VOP_ELOCKED(vp, "chflags");
1891 
1892 	node = VP_TO_TMPFS_NODE(vp);
1893 
1894 	if ((flags & ~(SF_APPEND | SF_ARCHIVED | SF_IMMUTABLE | SF_NOUNLINK |
1895 	    UF_APPEND | UF_ARCHIVE | UF_HIDDEN | UF_IMMUTABLE | UF_NODUMP |
1896 	    UF_NOUNLINK | UF_OFFLINE | UF_OPAQUE | UF_READONLY | UF_REPARSE |
1897 	    UF_SPARSE | UF_SYSTEM)) != 0)
1898 		return (EOPNOTSUPP);
1899 
1900 	/* Disallow this operation if the file system is mounted read-only. */
1901 	if (vp->v_mount->mnt_flag & MNT_RDONLY)
1902 		return (EROFS);
1903 
1904 	/*
1905 	 * Callers may only modify the file flags on objects they
1906 	 * have VADMIN rights for.
1907 	 */
1908 	if ((error = VOP_ACCESS(vp, VADMIN, cred, p)))
1909 		return (error);
1910 	/*
1911 	 * Unprivileged processes are not permitted to unset system
1912 	 * flags, or modify flags if any system flags are set.
1913 	 */
1914 	if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS)) {
1915 		if (node->tn_flags &
1916 		    (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) {
1917 			error = securelevel_gt(cred, 0);
1918 			if (error)
1919 				return (error);
1920 		}
1921 	} else {
1922 		if (node->tn_flags &
1923 		    (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) ||
1924 		    ((flags ^ node->tn_flags) & SF_SETTABLE))
1925 			return (EPERM);
1926 	}
1927 	node->tn_flags = flags;
1928 	node->tn_status |= TMPFS_NODE_CHANGED;
1929 
1930 	ASSERT_VOP_ELOCKED(vp, "chflags2");
1931 
1932 	return (0);
1933 }
1934 
1935 /*
1936  * Change access mode on the given vnode.
1937  * Caller should execute tmpfs_update on vp after a successful execution.
1938  * The vnode must be locked on entry and remain locked on exit.
1939  */
1940 int
1941 tmpfs_chmod(struct vnode *vp, mode_t mode, struct ucred *cred, struct thread *p)
1942 {
1943 	int error;
1944 	struct tmpfs_node *node;
1945 	mode_t newmode;
1946 
1947 	ASSERT_VOP_ELOCKED(vp, "chmod");
1948 	ASSERT_VOP_IN_SEQC(vp);
1949 
1950 	node = VP_TO_TMPFS_NODE(vp);
1951 
1952 	/* Disallow this operation if the file system is mounted read-only. */
1953 	if (vp->v_mount->mnt_flag & MNT_RDONLY)
1954 		return (EROFS);
1955 
1956 	/* Immutable or append-only files cannot be modified, either. */
1957 	if (node->tn_flags & (IMMUTABLE | APPEND))
1958 		return (EPERM);
1959 
1960 	/*
1961 	 * To modify the permissions on a file, must possess VADMIN
1962 	 * for that file.
1963 	 */
1964 	if ((error = VOP_ACCESS(vp, VADMIN, cred, p)))
1965 		return (error);
1966 
1967 	/*
1968 	 * Privileged processes may set the sticky bit on non-directories,
1969 	 * as well as set the setgid bit on a file with a group that the
1970 	 * process is not a member of.
1971 	 */
1972 	if (vp->v_type != VDIR && (mode & S_ISTXT)) {
1973 		if (priv_check_cred(cred, PRIV_VFS_STICKYFILE))
1974 			return (EFTYPE);
1975 	}
1976 	if (!groupmember(node->tn_gid, cred) && (mode & S_ISGID)) {
1977 		error = priv_check_cred(cred, PRIV_VFS_SETGID);
1978 		if (error)
1979 			return (error);
1980 	}
1981 
1982 	newmode = node->tn_mode & ~ALLPERMS;
1983 	newmode |= mode & ALLPERMS;
1984 	atomic_store_short(&node->tn_mode, newmode);
1985 
1986 	node->tn_status |= TMPFS_NODE_CHANGED;
1987 
1988 	ASSERT_VOP_ELOCKED(vp, "chmod2");
1989 
1990 	return (0);
1991 }
1992 
1993 /*
1994  * Change ownership of the given vnode.  At least one of uid or gid must
1995  * be different than VNOVAL.  If one is set to that value, the attribute
1996  * is unchanged.
1997  * Caller should execute tmpfs_update on vp after a successful execution.
1998  * The vnode must be locked on entry and remain locked on exit.
1999  */
2000 int
2001 tmpfs_chown(struct vnode *vp, uid_t uid, gid_t gid, struct ucred *cred,
2002     struct thread *p)
2003 {
2004 	int error;
2005 	struct tmpfs_node *node;
2006 	uid_t ouid;
2007 	gid_t ogid;
2008 	mode_t newmode;
2009 
2010 	ASSERT_VOP_ELOCKED(vp, "chown");
2011 	ASSERT_VOP_IN_SEQC(vp);
2012 
2013 	node = VP_TO_TMPFS_NODE(vp);
2014 
2015 	/* Assign default values if they are unknown. */
2016 	MPASS(uid != VNOVAL || gid != VNOVAL);
2017 	if (uid == VNOVAL)
2018 		uid = node->tn_uid;
2019 	if (gid == VNOVAL)
2020 		gid = node->tn_gid;
2021 	MPASS(uid != VNOVAL && gid != VNOVAL);
2022 
2023 	/* Disallow this operation if the file system is mounted read-only. */
2024 	if (vp->v_mount->mnt_flag & MNT_RDONLY)
2025 		return (EROFS);
2026 
2027 	/* Immutable or append-only files cannot be modified, either. */
2028 	if (node->tn_flags & (IMMUTABLE | APPEND))
2029 		return (EPERM);
2030 
2031 	/*
2032 	 * To modify the ownership of a file, must possess VADMIN for that
2033 	 * file.
2034 	 */
2035 	if ((error = VOP_ACCESS(vp, VADMIN, cred, p)))
2036 		return (error);
2037 
2038 	/*
2039 	 * To change the owner of a file, or change the group of a file to a
2040 	 * group of which we are not a member, the caller must have
2041 	 * privilege.
2042 	 */
2043 	if ((uid != node->tn_uid ||
2044 	    (gid != node->tn_gid && !groupmember(gid, cred))) &&
2045 	    (error = priv_check_cred(cred, PRIV_VFS_CHOWN)))
2046 		return (error);
2047 
2048 	ogid = node->tn_gid;
2049 	ouid = node->tn_uid;
2050 
2051 	node->tn_uid = uid;
2052 	node->tn_gid = gid;
2053 
2054 	node->tn_status |= TMPFS_NODE_CHANGED;
2055 
2056 	if ((node->tn_mode & (S_ISUID | S_ISGID)) && (ouid != uid || ogid != gid)) {
2057 		if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID)) {
2058 			newmode = node->tn_mode & ~(S_ISUID | S_ISGID);
2059 			atomic_store_short(&node->tn_mode, newmode);
2060 		}
2061 	}
2062 
2063 	ASSERT_VOP_ELOCKED(vp, "chown2");
2064 
2065 	return (0);
2066 }
2067 
2068 /*
2069  * Change size of the given vnode.
2070  * Caller should execute tmpfs_update on vp after a successful execution.
2071  * The vnode must be locked on entry and remain locked on exit.
2072  */
2073 int
2074 tmpfs_chsize(struct vnode *vp, u_quad_t size, struct ucred *cred,
2075     struct thread *p)
2076 {
2077 	int error;
2078 	struct tmpfs_node *node;
2079 
2080 	ASSERT_VOP_ELOCKED(vp, "chsize");
2081 
2082 	node = VP_TO_TMPFS_NODE(vp);
2083 
2084 	/* Decide whether this is a valid operation based on the file type. */
2085 	error = 0;
2086 	switch (vp->v_type) {
2087 	case VDIR:
2088 		return (EISDIR);
2089 
2090 	case VREG:
2091 		if (vp->v_mount->mnt_flag & MNT_RDONLY)
2092 			return (EROFS);
2093 		break;
2094 
2095 	case VBLK:
2096 		/* FALLTHROUGH */
2097 	case VCHR:
2098 		/* FALLTHROUGH */
2099 	case VFIFO:
2100 		/*
2101 		 * Allow modifications of special files even if in the file
2102 		 * system is mounted read-only (we are not modifying the
2103 		 * files themselves, but the objects they represent).
2104 		 */
2105 		return (0);
2106 
2107 	default:
2108 		/* Anything else is unsupported. */
2109 		return (EOPNOTSUPP);
2110 	}
2111 
2112 	/* Immutable or append-only files cannot be modified, either. */
2113 	if (node->tn_flags & (IMMUTABLE | APPEND))
2114 		return (EPERM);
2115 
2116 	error = tmpfs_truncate(vp, size);
2117 	/*
2118 	 * tmpfs_truncate will raise the NOTE_EXTEND and NOTE_ATTRIB kevents
2119 	 * for us, as will update tn_status; no need to do that here.
2120 	 */
2121 
2122 	ASSERT_VOP_ELOCKED(vp, "chsize2");
2123 
2124 	return (error);
2125 }
2126 
2127 /*
2128  * Change access and modification times of the given vnode.
2129  * Caller should execute tmpfs_update on vp after a successful execution.
2130  * The vnode must be locked on entry and remain locked on exit.
2131  */
2132 int
2133 tmpfs_chtimes(struct vnode *vp, struct vattr *vap,
2134     struct ucred *cred, struct thread *l)
2135 {
2136 	int error;
2137 	struct tmpfs_node *node;
2138 
2139 	ASSERT_VOP_ELOCKED(vp, "chtimes");
2140 
2141 	node = VP_TO_TMPFS_NODE(vp);
2142 
2143 	/* Disallow this operation if the file system is mounted read-only. */
2144 	if (vp->v_mount->mnt_flag & MNT_RDONLY)
2145 		return (EROFS);
2146 
2147 	/* Immutable or append-only files cannot be modified, either. */
2148 	if (node->tn_flags & (IMMUTABLE | APPEND))
2149 		return (EPERM);
2150 
2151 	error = vn_utimes_perm(vp, vap, cred, l);
2152 	if (error != 0)
2153 		return (error);
2154 
2155 	if (vap->va_atime.tv_sec != VNOVAL)
2156 		node->tn_accessed = true;
2157 
2158 	if (vap->va_mtime.tv_sec != VNOVAL)
2159 		node->tn_status |= TMPFS_NODE_MODIFIED;
2160 
2161 	if (vap->va_birthtime.tv_sec != VNOVAL)
2162 		node->tn_status |= TMPFS_NODE_MODIFIED;
2163 
2164 	tmpfs_itimes(vp, &vap->va_atime, &vap->va_mtime);
2165 
2166 	if (vap->va_birthtime.tv_sec != VNOVAL)
2167 		node->tn_birthtime = vap->va_birthtime;
2168 	ASSERT_VOP_ELOCKED(vp, "chtimes2");
2169 
2170 	return (0);
2171 }
2172 
2173 void
2174 tmpfs_set_status(struct tmpfs_mount *tm, struct tmpfs_node *node, int status)
2175 {
2176 
2177 	if ((node->tn_status & status) == status || tm->tm_ronly)
2178 		return;
2179 	TMPFS_NODE_LOCK(node);
2180 	node->tn_status |= status;
2181 	TMPFS_NODE_UNLOCK(node);
2182 }
2183 
2184 void
2185 tmpfs_set_accessed(struct tmpfs_mount *tm, struct tmpfs_node *node)
2186 {
2187 	if (node->tn_accessed || tm->tm_ronly)
2188 		return;
2189 	atomic_store_8(&node->tn_accessed, true);
2190 }
2191 
2192 /* Sync timestamps */
2193 void
2194 tmpfs_itimes(struct vnode *vp, const struct timespec *acc,
2195     const struct timespec *mod)
2196 {
2197 	struct tmpfs_node *node;
2198 	struct timespec now;
2199 
2200 	ASSERT_VOP_LOCKED(vp, "tmpfs_itimes");
2201 	node = VP_TO_TMPFS_NODE(vp);
2202 
2203 	if (!node->tn_accessed &&
2204 	    (node->tn_status & (TMPFS_NODE_MODIFIED | TMPFS_NODE_CHANGED)) == 0)
2205 		return;
2206 
2207 	vfs_timestamp(&now);
2208 	TMPFS_NODE_LOCK(node);
2209 	if (node->tn_accessed) {
2210 		if (acc == NULL)
2211 			 acc = &now;
2212 		node->tn_atime = *acc;
2213 	}
2214 	if (node->tn_status & TMPFS_NODE_MODIFIED) {
2215 		if (mod == NULL)
2216 			mod = &now;
2217 		node->tn_mtime = *mod;
2218 	}
2219 	if (node->tn_status & TMPFS_NODE_CHANGED)
2220 		node->tn_ctime = now;
2221 	node->tn_status &= ~(TMPFS_NODE_MODIFIED | TMPFS_NODE_CHANGED);
2222 	node->tn_accessed = false;
2223 	TMPFS_NODE_UNLOCK(node);
2224 
2225 	/* XXX: FIX? The entropy here is desirable, but the harvesting may be expensive */
2226 	random_harvest_queue(node, sizeof(*node), RANDOM_FS_ATIME);
2227 }
2228 
2229 int
2230 tmpfs_truncate(struct vnode *vp, off_t length)
2231 {
2232 	int error;
2233 	struct tmpfs_node *node;
2234 
2235 	node = VP_TO_TMPFS_NODE(vp);
2236 
2237 	if (length < 0) {
2238 		error = EINVAL;
2239 		goto out;
2240 	}
2241 
2242 	if (node->tn_size == length) {
2243 		error = 0;
2244 		goto out;
2245 	}
2246 
2247 	if (length > VFS_TO_TMPFS(vp->v_mount)->tm_maxfilesize)
2248 		return (EFBIG);
2249 
2250 	error = tmpfs_reg_resize(vp, length, FALSE);
2251 	if (error == 0)
2252 		node->tn_status |= TMPFS_NODE_CHANGED | TMPFS_NODE_MODIFIED;
2253 
2254 out:
2255 	tmpfs_update(vp);
2256 
2257 	return (error);
2258 }
2259 
2260 static __inline int
2261 tmpfs_dirtree_cmp(struct tmpfs_dirent *a, struct tmpfs_dirent *b)
2262 {
2263 	if (a->td_hash > b->td_hash)
2264 		return (1);
2265 	else if (a->td_hash < b->td_hash)
2266 		return (-1);
2267 	return (0);
2268 }
2269 
2270 RB_GENERATE_STATIC(tmpfs_dir, tmpfs_dirent, uh.td_entries, tmpfs_dirtree_cmp);
2271