1 /*- 2 * Copyright (c) 1994, 1995 The Regents of the University of California. 3 * Copyright (c) 1994, 1995 Jan-Simon Pendry. 4 * All rights reserved. 5 * 6 * This code is derived from software donated to Berkeley by 7 * Jan-Simon Pendry. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)union_vfsops.c 8.20 (Berkeley) 5/20/95 34 * $FreeBSD$ 35 */ 36 37 /* 38 * Union Layer 39 */ 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/lock.h> 45 #include <sys/mutex.h> 46 #include <sys/proc.h> 47 #include <sys/vnode.h> 48 #include <sys/mount.h> 49 #include <sys/namei.h> 50 #include <sys/malloc.h> 51 #include <sys/filedesc.h> 52 #include <fs/unionfs/union.h> 53 54 static MALLOC_DEFINE(M_UNIONFSMNT, "UNION mount", "UNION mount structure"); 55 56 extern vfs_init_t union_init; 57 static vfs_root_t union_root; 58 static vfs_mount_t union_mount; 59 static vfs_statfs_t union_statfs; 60 static vfs_unmount_t union_unmount; 61 62 /* 63 * Mount union filesystem. 64 */ 65 static int 66 union_mount(mp, td) 67 struct mount *mp; 68 struct thread *td; 69 { 70 int error = 0; 71 struct vfsoptlist *opts; 72 struct vnode *lowerrootvp = NULLVP; 73 struct vnode *upperrootvp = NULLVP; 74 struct union_mount *um = 0; 75 struct vattr va; 76 struct ucred *cred = 0; 77 char *cp = 0, *target; 78 int op; 79 int len; 80 size_t size; 81 struct componentname fakecn; 82 struct nameidata nd, *ndp = &nd; 83 84 UDEBUG(("union_mount(mp = %p)\n", (void *)mp)); 85 86 opts = mp->mnt_optnew; 87 /* 88 * Disable clustered write, otherwise system becomes unstable. 89 */ 90 mp->mnt_flag |= MNT_NOCLUSTERW; 91 92 if (mp->mnt_flag & MNT_ROOTFS) 93 return (EOPNOTSUPP); 94 /* 95 * Update is a no-op 96 */ 97 if (mp->mnt_flag & MNT_UPDATE) 98 /* 99 * Need to provide: 100 * 1. a way to convert between rdonly and rdwr mounts. 101 * 2. support for nfs exports. 102 */ 103 return (EOPNOTSUPP); 104 105 /* 106 * Get arguments. 107 */ 108 error = vfs_getopt(opts, "target", (void **)&target, &len); 109 if (error || target[len - 1] != '\0') 110 return (EINVAL); 111 112 op = 0; 113 if (vfs_getopt(opts, "below", NULL, NULL) == 0) 114 op = UNMNT_BELOW; 115 if (vfs_getopt(opts, "replace", NULL, NULL) == 0) { 116 /* These options are mutually exclusive. */ 117 if (op) 118 return (EINVAL); 119 op = UNMNT_REPLACE; 120 } 121 /* 122 * UNMNT_ABOVE is the default. 123 */ 124 if (op == 0) 125 op = UNMNT_ABOVE; 126 127 /* 128 * Obtain lower vnode. Vnode is stored in mp->mnt_vnodecovered. 129 * We need to reference it but not lock it. 130 */ 131 132 lowerrootvp = mp->mnt_vnodecovered; 133 VREF(lowerrootvp); 134 135 #if 0 136 /* 137 * Unlock lower node to avoid deadlock. 138 */ 139 if (lowerrootvp->v_op == union_vnodeop_p) 140 VOP_UNLOCK(lowerrootvp, 0, td); 141 #endif 142 143 /* 144 * Obtain upper vnode by calling namei() on the path. The 145 * upperrootvp will be turned referenced but not locked. 146 */ 147 NDINIT(ndp, LOOKUP, FOLLOW|WANTPARENT, UIO_SYSSPACE, target, td); 148 149 error = namei(ndp); 150 151 #if 0 152 if (lowerrootvp->v_op == union_vnodeop_p) 153 vn_lock(lowerrootvp, LK_EXCLUSIVE | LK_RETRY, td); 154 #endif 155 if (error) 156 goto bad; 157 158 NDFREE(ndp, NDF_ONLY_PNBUF); 159 upperrootvp = ndp->ni_vp; 160 vrele(ndp->ni_dvp); 161 ndp->ni_dvp = NULL; 162 163 UDEBUG(("mount_root UPPERVP %p locked = %d\n", upperrootvp, 164 VOP_ISLOCKED(upperrootvp, NULL))); 165 166 /* 167 * Check multi union mount to avoid `lock myself again' panic. 168 * Also require that it be a directory. 169 */ 170 if (upperrootvp == VTOUNION(lowerrootvp)->un_uppervp) { 171 #ifdef DIAGNOSTIC 172 printf("union_mount: multi union mount?\n"); 173 #endif 174 error = EDEADLK; 175 goto bad; 176 } 177 178 if (upperrootvp->v_type != VDIR) { 179 error = EINVAL; 180 goto bad; 181 } 182 183 /* 184 * Allocate our union_mount structure and populate the fields. 185 * The vnode references are stored in the union_mount as held, 186 * unlocked references. Depending on the _BELOW flag, the 187 * filesystems are viewed in a different order. In effect this 188 * is the same as providing a mount-under option to the mount 189 * syscall. 190 */ 191 192 um = (struct union_mount *) malloc(sizeof(struct union_mount), 193 M_UNIONFSMNT, M_WAITOK | M_ZERO); 194 195 um->um_op = op; 196 197 error = VOP_GETATTR(upperrootvp, &va, td->td_ucred, td); 198 if (error) 199 goto bad; 200 201 um->um_upperdev = va.va_fsid; 202 203 switch (um->um_op) { 204 case UNMNT_ABOVE: 205 um->um_lowervp = lowerrootvp; 206 um->um_uppervp = upperrootvp; 207 upperrootvp = NULL; 208 lowerrootvp = NULL; 209 break; 210 211 case UNMNT_BELOW: 212 um->um_lowervp = upperrootvp; 213 um->um_uppervp = lowerrootvp; 214 upperrootvp = NULL; 215 lowerrootvp = NULL; 216 break; 217 218 case UNMNT_REPLACE: 219 vrele(lowerrootvp); 220 lowerrootvp = NULL; 221 um->um_uppervp = upperrootvp; 222 um->um_lowervp = lowerrootvp; 223 upperrootvp = NULL; 224 break; 225 226 default: 227 error = EINVAL; 228 goto bad; 229 } 230 231 /* 232 * Unless the mount is readonly, ensure that the top layer 233 * supports whiteout operations. 234 */ 235 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 236 /* 237 * XXX Fake up a struct componentname with only cn_nameiop 238 * and cn_thread valid; union_whiteout() needs to use the 239 * thread pointer to lock the vnode. 240 */ 241 bzero(&fakecn, sizeof(fakecn)); 242 fakecn.cn_nameiop = LOOKUP; 243 fakecn.cn_thread = td; 244 error = VOP_WHITEOUT(um->um_uppervp, &fakecn, LOOKUP); 245 if (error) 246 goto bad; 247 } 248 249 um->um_cred = crhold(td->td_ucred); 250 FILEDESC_LOCK_FAST(td->td_proc->p_fd); 251 um->um_cmode = UN_DIRMODE &~ td->td_proc->p_fd->fd_cmask; 252 FILEDESC_UNLOCK_FAST(td->td_proc->p_fd); 253 254 /* 255 * Depending on what you think the MNT_LOCAL flag might mean, 256 * you may want the && to be || on the conditional below. 257 * At the moment it has been defined that the filesystem is 258 * only local if it is all local, ie the MNT_LOCAL flag implies 259 * that the entire namespace is local. If you think the MNT_LOCAL 260 * flag implies that some of the files might be stored locally 261 * then you will want to change the conditional. 262 */ 263 if (um->um_op == UNMNT_ABOVE) { 264 if (((um->um_lowervp == NULLVP) || 265 (um->um_lowervp->v_mount->mnt_flag & MNT_LOCAL)) && 266 (um->um_uppervp->v_mount->mnt_flag & MNT_LOCAL)) 267 mp->mnt_flag |= MNT_LOCAL; 268 } 269 270 /* 271 * Copy in the upper layer's RDONLY flag. This is for the benefit 272 * of lookup() which explicitly checks the flag, rather than asking 273 * the filesystem for its own opinion. This means, that an update 274 * mount of the underlying filesystem to go from rdonly to rdwr 275 * will leave the unioned view as read-only. 276 */ 277 mp->mnt_flag |= (um->um_uppervp->v_mount->mnt_flag & MNT_RDONLY); 278 279 mp->mnt_data = (qaddr_t) um; 280 vfs_getnewfsid(mp); 281 282 switch (um->um_op) { 283 case UNMNT_ABOVE: 284 cp = "<above>:"; 285 break; 286 case UNMNT_BELOW: 287 cp = "<below>:"; 288 break; 289 case UNMNT_REPLACE: 290 cp = ""; 291 break; 292 } 293 len = strlen(cp); 294 bcopy(cp, mp->mnt_stat.f_mntfromname, len); 295 296 cp = mp->mnt_stat.f_mntfromname + len; 297 len = MNAMELEN - len; 298 299 (void) copystr(target, cp, len - 1, &size); 300 bzero(cp + size, len - size); 301 302 UDEBUG(("union_mount: from %s, on %s\n", 303 mp->mnt_stat.f_mntfromname, mp->mnt_stat.f_mntonname)); 304 return (0); 305 306 bad: 307 if (um) { 308 if (um->um_uppervp) 309 vrele(um->um_uppervp); 310 if (um->um_lowervp) 311 vrele(um->um_lowervp); 312 /* XXX other fields */ 313 free(um, M_UNIONFSMNT); 314 } 315 if (cred) 316 crfree(cred); 317 if (upperrootvp) 318 vrele(upperrootvp); 319 if (lowerrootvp) 320 vrele(lowerrootvp); 321 return (error); 322 } 323 324 /* 325 * Free reference to union layer. 326 */ 327 static int 328 union_unmount(mp, mntflags, td) 329 struct mount *mp; 330 int mntflags; 331 struct thread *td; 332 { 333 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 334 int error; 335 int freeing; 336 int flags = 0; 337 338 UDEBUG(("union_unmount(mp = %p)\n", (void *)mp)); 339 340 if (mntflags & MNT_FORCE) 341 flags |= FORCECLOSE; 342 343 /* 344 * Keep flushing vnodes from the mount list. 345 * This is needed because of the un_pvp held 346 * reference to the parent vnode. 347 * If more vnodes have been freed on a given pass, 348 * the try again. The loop will iterate at most 349 * (d) times, where (d) is the maximum tree depth 350 * in the filesystem. 351 */ 352 for (freeing = 0; (error = vflush(mp, 0, flags, td)) != 0;) { 353 int n; 354 355 /* count #vnodes held on mount list */ 356 n = mp->mnt_nvnodelistsize; 357 358 /* if this is unchanged then stop */ 359 if (n == freeing) 360 break; 361 362 /* otherwise try once more time */ 363 freeing = n; 364 } 365 366 /* 367 * If the most recent vflush failed, the filesystem is still busy. 368 */ 369 if (error) 370 return (error); 371 372 /* 373 * Discard references to upper and lower target vnodes. 374 */ 375 if (um->um_lowervp) 376 vrele(um->um_lowervp); 377 vrele(um->um_uppervp); 378 crfree(um->um_cred); 379 /* 380 * Finally, throw away the union_mount structure. 381 */ 382 free(mp->mnt_data, M_UNIONFSMNT); /* XXX */ 383 mp->mnt_data = 0; 384 return (0); 385 } 386 387 static int 388 union_root(mp, vpp, td) 389 struct mount *mp; 390 struct vnode **vpp; 391 struct thread *td; 392 { 393 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 394 int error; 395 396 /* 397 * Supply an unlocked reference to um_uppervp and to um_lowervp. It 398 * is possible for um_uppervp to be locked without the associated 399 * root union_node being locked. We let union_allocvp() deal with 400 * it. 401 */ 402 UDEBUG(("union_root UPPERVP %p locked = %d\n", um->um_uppervp, 403 VOP_ISLOCKED(um->um_uppervp, NULL))); 404 405 VREF(um->um_uppervp); 406 if (um->um_lowervp) 407 VREF(um->um_lowervp); 408 409 error = union_allocvp(vpp, mp, NULLVP, NULLVP, NULL, 410 um->um_uppervp, um->um_lowervp, 1); 411 UDEBUG(("error %d\n", error)); 412 UDEBUG(("union_root2 UPPERVP %p locked = %d\n", um->um_uppervp, 413 VOP_ISLOCKED(um->um_uppervp, NULL))); 414 415 return (error); 416 } 417 418 static int 419 union_statfs(mp, sbp, td) 420 struct mount *mp; 421 struct statfs *sbp; 422 struct thread *td; 423 { 424 int error; 425 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 426 struct statfs mstat; 427 int lbsize; 428 429 UDEBUG(("union_statfs(mp = %p, lvp = %p, uvp = %p)\n", 430 (void *)mp, (void *)um->um_lowervp, (void *)um->um_uppervp)); 431 432 bzero(&mstat, sizeof(mstat)); 433 434 if (um->um_lowervp) { 435 error = VFS_STATFS(um->um_lowervp->v_mount, &mstat, td); 436 if (error) 437 return (error); 438 } 439 440 /* 441 * Now copy across the "interesting" information and fake the rest. 442 */ 443 #if 0 444 sbp->f_type = mstat.f_type; 445 sbp->f_flags = mstat.f_flags; 446 sbp->f_bsize = mstat.f_bsize; 447 sbp->f_iosize = mstat.f_iosize; 448 #endif 449 lbsize = mstat.f_bsize; 450 sbp->f_blocks = mstat.f_blocks; 451 sbp->f_bfree = mstat.f_bfree; 452 sbp->f_bavail = mstat.f_bavail; 453 sbp->f_files = mstat.f_files; 454 sbp->f_ffree = mstat.f_ffree; 455 456 error = VFS_STATFS(um->um_uppervp->v_mount, &mstat, td); 457 if (error) 458 return (error); 459 460 sbp->f_flags = mstat.f_flags; 461 sbp->f_bsize = mstat.f_bsize; 462 sbp->f_iosize = mstat.f_iosize; 463 464 /* 465 * If the lower and upper blocksizes differ, then frig the 466 * block counts so that the sizes reported by df make some 467 * kind of sense. None of this makes sense though. 468 */ 469 470 if (mstat.f_bsize != lbsize) 471 sbp->f_blocks = ((off_t) sbp->f_blocks * lbsize) / mstat.f_bsize; 472 473 /* 474 * The "total" fields count total resources in all layers, 475 * the "free" fields count only those resources which are 476 * free in the upper layer (since only the upper layer 477 * is writeable). 478 */ 479 sbp->f_blocks += mstat.f_blocks; 480 sbp->f_bfree = mstat.f_bfree; 481 sbp->f_bavail = mstat.f_bavail; 482 sbp->f_files += mstat.f_files; 483 sbp->f_ffree = mstat.f_ffree; 484 return (0); 485 } 486 487 static struct vfsops union_vfsops = { 488 .vfs_init = union_init, 489 .vfs_mount = union_mount, 490 .vfs_root = union_root, 491 .vfs_statfs = union_statfs, 492 .vfs_unmount = union_unmount, 493 }; 494 495 VFS_SET(union_vfsops, unionfs, VFCF_LOOPBACK); 496