1 /*- 2 * Copyright (c) 1999-2004 Poul-Henning Kamp 3 * Copyright (c) 1999 Michael Smith 4 * Copyright (c) 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * (c) UNIX System Laboratories, Inc. 7 * All or some portions of this file are derived from material licensed 8 * to the University of California by American Telephone and Telegraph 9 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 * the permission of UNIX System Laboratories, Inc. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 __FBSDID("$FreeBSD$"); 39 40 #include <sys/param.h> 41 #include <sys/conf.h> 42 #include <sys/jail.h> 43 #include <sys/kernel.h> 44 #include <sys/libkern.h> 45 #include <sys/mac.h> 46 #include <sys/malloc.h> 47 #include <sys/mount.h> 48 #include <sys/mutex.h> 49 #include <sys/namei.h> 50 #include <sys/proc.h> 51 #include <sys/filedesc.h> 52 #include <sys/reboot.h> 53 #include <sys/syscallsubr.h> 54 #include <sys/sysproto.h> 55 #include <sys/sx.h> 56 #include <sys/sysctl.h> 57 #include <sys/sysent.h> 58 #include <sys/systm.h> 59 #include <sys/vnode.h> 60 61 #include <geom/geom.h> 62 63 #include <machine/stdarg.h> 64 65 #include "opt_rootdevname.h" 66 #include "opt_ddb.h" 67 #include "opt_mac.h" 68 69 #ifdef DDB 70 #include <ddb/ddb.h> 71 #endif 72 73 #define ROOTNAME "root_device" 74 #define VFS_MOUNTARG_SIZE_MAX (1024 * 64) 75 76 static int vfs_domount(struct thread *td, const char *fstype, 77 char *fspath, int fsflags, void *fsdata); 78 static int vfs_mount_alloc(struct vnode *dvp, struct vfsconf *vfsp, 79 const char *fspath, struct thread *td, struct mount **mpp); 80 static int vfs_mountroot_ask(void); 81 static int vfs_mountroot_try(const char *mountfrom); 82 static int vfs_donmount(struct thread *td, int fsflags, 83 struct uio *fsoptions); 84 static void free_mntarg(struct mntarg *ma); 85 static void vfs_mount_destroy(struct mount *, struct thread *); 86 static int vfs_getopt_pos(struct vfsoptlist *opts, const char *name); 87 88 static int usermount = 0; 89 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, 90 "Unprivileged users may mount and unmount file systems"); 91 92 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 93 94 /* List of mounted filesystems. */ 95 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 96 97 /* For any iteration/modification of mountlist */ 98 struct mtx mountlist_mtx; 99 MTX_SYSINIT(mountlist, &mountlist_mtx, "mountlist", MTX_DEF); 100 101 TAILQ_HEAD(vfsoptlist, vfsopt); 102 struct vfsopt { 103 TAILQ_ENTRY(vfsopt) link; 104 char *name; 105 void *value; 106 int len; 107 }; 108 109 /* 110 * The vnode of the system's root (/ in the filesystem, without chroot 111 * active.) 112 */ 113 struct vnode *rootvnode; 114 115 /* 116 * The root filesystem is detailed in the kernel environment variable 117 * vfs.root.mountfrom, which is expected to be in the general format 118 * 119 * <vfsname>:[<path>] 120 * vfsname := the name of a VFS known to the kernel and capable 121 * of being mounted as root 122 * path := disk device name or other data used by the filesystem 123 * to locate its physical store 124 */ 125 126 /* 127 * Global opts, taken by all filesystems 128 */ 129 static const char *global_opts[] = { 130 "errmsg", 131 "fstype", 132 "fspath", 133 "rdonly", 134 "ro", 135 "rw", 136 "suid", 137 "exec", 138 NULL 139 }; 140 141 /* 142 * The root specifiers we will try if RB_CDROM is specified. 143 */ 144 static char *cdrom_rootdevnames[] = { 145 "cd9660:cd0", 146 "cd9660:acd0", 147 NULL 148 }; 149 150 /* legacy find-root code */ 151 char *rootdevnames[2] = {NULL, NULL}; 152 #ifndef ROOTDEVNAME 153 # define ROOTDEVNAME NULL 154 #endif 155 static const char *ctrootdevname = ROOTDEVNAME; 156 157 /* 158 * --------------------------------------------------------------------- 159 * Functions for building and sanitizing the mount options 160 */ 161 162 /* Remove one mount option. */ 163 static void 164 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 165 { 166 167 TAILQ_REMOVE(opts, opt, link); 168 free(opt->name, M_MOUNT); 169 if (opt->value != NULL) 170 free(opt->value, M_MOUNT); 171 #ifdef INVARIANTS 172 else if (opt->len != 0) 173 panic("%s: mount option with NULL value but length != 0", 174 __func__); 175 #endif 176 free(opt, M_MOUNT); 177 } 178 179 /* Release all resources related to the mount options. */ 180 static void 181 vfs_freeopts(struct vfsoptlist *opts) 182 { 183 struct vfsopt *opt; 184 185 while (!TAILQ_EMPTY(opts)) { 186 opt = TAILQ_FIRST(opts); 187 vfs_freeopt(opts, opt); 188 } 189 free(opts, M_MOUNT); 190 } 191 192 /* 193 * Check if options are equal (with or without the "no" prefix). 194 */ 195 static int 196 vfs_equalopts(const char *opt1, const char *opt2) 197 { 198 199 /* "opt" vs. "opt" or "noopt" vs. "noopt" */ 200 if (strcmp(opt1, opt2) == 0) 201 return (1); 202 /* "noopt" vs. "opt" */ 203 if (strncmp(opt1, "no", 2) == 0 && strcmp(opt1 + 2, opt2) == 0) 204 return (1); 205 /* "opt" vs. "noopt" */ 206 if (strncmp(opt2, "no", 2) == 0 && strcmp(opt1, opt2 + 2) == 0) 207 return (1); 208 return (0); 209 } 210 211 /* 212 * If a mount option is specified several times, 213 * (with or without the "no" prefix) only keep 214 * the last occurence of it. 215 */ 216 static void 217 vfs_sanitizeopts(struct vfsoptlist *opts) 218 { 219 struct vfsopt *opt, *opt2, *tmp; 220 221 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 222 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 223 while (opt2 != NULL) { 224 if (vfs_equalopts(opt->name, opt2->name)) { 225 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 226 vfs_freeopt(opts, opt2); 227 opt2 = tmp; 228 } else { 229 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 230 } 231 } 232 } 233 } 234 235 /* 236 * Build a linked list of mount options from a struct uio. 237 */ 238 static int 239 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 240 { 241 struct vfsoptlist *opts; 242 struct vfsopt *opt; 243 size_t memused; 244 unsigned int i, iovcnt; 245 int error, namelen, optlen; 246 247 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 248 TAILQ_INIT(opts); 249 memused = 0; 250 iovcnt = auio->uio_iovcnt; 251 for (i = 0; i < iovcnt; i += 2) { 252 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 253 namelen = auio->uio_iov[i].iov_len; 254 optlen = auio->uio_iov[i + 1].iov_len; 255 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 256 opt->value = NULL; 257 opt->len = 0; 258 259 /* 260 * Do this early, so jumps to "bad" will free the current 261 * option. 262 */ 263 TAILQ_INSERT_TAIL(opts, opt, link); 264 memused += sizeof(struct vfsopt) + optlen + namelen; 265 266 /* 267 * Avoid consuming too much memory, and attempts to overflow 268 * memused. 269 */ 270 if (memused > VFS_MOUNTARG_SIZE_MAX || 271 optlen > VFS_MOUNTARG_SIZE_MAX || 272 namelen > VFS_MOUNTARG_SIZE_MAX) { 273 error = EINVAL; 274 goto bad; 275 } 276 277 if (auio->uio_segflg == UIO_SYSSPACE) { 278 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 279 } else { 280 error = copyin(auio->uio_iov[i].iov_base, opt->name, 281 namelen); 282 if (error) 283 goto bad; 284 } 285 /* Ensure names are null-terminated strings. */ 286 if (opt->name[namelen - 1] != '\0') { 287 error = EINVAL; 288 goto bad; 289 } 290 if (optlen != 0) { 291 opt->len = optlen; 292 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 293 if (auio->uio_segflg == UIO_SYSSPACE) { 294 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 295 optlen); 296 } else { 297 error = copyin(auio->uio_iov[i + 1].iov_base, 298 opt->value, optlen); 299 if (error) 300 goto bad; 301 } 302 } 303 } 304 vfs_sanitizeopts(opts); 305 *options = opts; 306 return (0); 307 bad: 308 vfs_freeopts(opts); 309 return (error); 310 } 311 312 /* 313 * Merge the old mount options with the new ones passed 314 * in the MNT_UPDATE case. 315 */ 316 static void 317 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 318 { 319 struct vfsopt *opt, *opt2, *new; 320 321 TAILQ_FOREACH(opt, opts, link) { 322 /* 323 * Check that this option hasn't been redefined 324 * nor cancelled with a "no" mount option. 325 */ 326 opt2 = TAILQ_FIRST(toopts); 327 while (opt2 != NULL) { 328 if (strcmp(opt2->name, opt->name) == 0) 329 goto next; 330 if (strncmp(opt2->name, "no", 2) == 0 && 331 strcmp(opt2->name + 2, opt->name) == 0) { 332 vfs_freeopt(toopts, opt2); 333 goto next; 334 } 335 opt2 = TAILQ_NEXT(opt2, link); 336 } 337 /* We want this option, duplicate it. */ 338 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 339 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 340 strcpy(new->name, opt->name); 341 if (opt->len != 0) { 342 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 343 bcopy(opt->value, new->value, opt->len); 344 } else { 345 new->value = NULL; 346 } 347 new->len = opt->len; 348 TAILQ_INSERT_TAIL(toopts, new, link); 349 next: 350 continue; 351 } 352 } 353 354 /* 355 * --------------------------------------------------------------------- 356 * Mount a filesystem 357 */ 358 int 359 nmount(td, uap) 360 struct thread *td; 361 struct nmount_args /* { 362 struct iovec *iovp; 363 unsigned int iovcnt; 364 int flags; 365 } */ *uap; 366 { 367 struct uio *auio; 368 struct iovec *iov; 369 unsigned int i; 370 int error; 371 u_int iovcnt; 372 373 /* Kick out MNT_ROOTFS early as it is legal internally */ 374 if (uap->flags & MNT_ROOTFS) 375 return (EINVAL); 376 377 iovcnt = uap->iovcnt; 378 /* 379 * Check that we have an even number of iovec's 380 * and that we have at least two options. 381 */ 382 if ((iovcnt & 1) || (iovcnt < 4)) 383 return (EINVAL); 384 385 error = copyinuio(uap->iovp, iovcnt, &auio); 386 if (error) 387 return (error); 388 iov = auio->uio_iov; 389 for (i = 0; i < iovcnt; i++) { 390 if (iov->iov_len > MMAXOPTIONLEN) { 391 free(auio, M_IOV); 392 return (EINVAL); 393 } 394 iov++; 395 } 396 error = vfs_donmount(td, uap->flags, auio); 397 398 free(auio, M_IOV); 399 return (error); 400 } 401 402 /* 403 * --------------------------------------------------------------------- 404 * Various utility functions 405 */ 406 407 /* 408 * Allocate and initialize the mount point struct. 409 */ 410 static int 411 vfs_mount_alloc(struct vnode *vp, struct vfsconf *vfsp, 412 const char *fspath, struct thread *td, struct mount **mpp) 413 { 414 struct mount *mp; 415 416 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 417 TAILQ_INIT(&mp->mnt_nvnodelist); 418 mp->mnt_nvnodelistsize = 0; 419 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF); 420 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, 0); 421 vfs_busy(mp, LK_NOWAIT, 0, td); 422 mp->mnt_op = vfsp->vfc_vfsops; 423 mp->mnt_vfc = vfsp; 424 vfsp->vfc_refcount++; 425 mp->mnt_stat.f_type = vfsp->vfc_typenum; 426 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 427 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 428 mp->mnt_vnodecovered = vp; 429 mp->mnt_cred = crdup(td->td_ucred); 430 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 431 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 432 mp->mnt_iosize_max = DFLTPHYS; 433 #ifdef MAC 434 mac_init_mount(mp); 435 mac_create_mount(td->td_ucred, mp); 436 #endif 437 arc4rand(&mp->mnt_hashseed, sizeof mp->mnt_hashseed, 0); 438 *mpp = mp; 439 return (0); 440 } 441 442 /* 443 * Destroy the mount struct previously allocated by vfs_mount_alloc(). 444 */ 445 static void 446 vfs_mount_destroy(struct mount *mp, struct thread *td) 447 { 448 449 mp->mnt_vfc->vfc_refcount--; 450 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) 451 panic("unmount: dangling vnode"); 452 vfs_unbusy(mp,td); 453 lockdestroy(&mp->mnt_lock); 454 MNT_ILOCK(mp); 455 if (mp->mnt_kern_flag & MNTK_MWAIT) 456 wakeup(mp); 457 MNT_IUNLOCK(mp); 458 mtx_destroy(&mp->mnt_mtx); 459 #ifdef MAC 460 mac_destroy_mount(mp); 461 #endif 462 if (mp->mnt_opt != NULL) 463 vfs_freeopts(mp->mnt_opt); 464 crfree(mp->mnt_cred); 465 free(mp, M_MOUNT); 466 } 467 468 static int 469 vfs_donmount(struct thread *td, int fsflags, struct uio *fsoptions) 470 { 471 struct vfsoptlist *optlist; 472 char *fstype, *fspath, *errmsg; 473 int error, fstypelen, fspathlen, errmsg_len, errmsg_pos; 474 475 errmsg_len = 0; 476 errmsg_pos = -1; 477 478 error = vfs_buildopts(fsoptions, &optlist); 479 if (error) 480 return (error); 481 482 if (vfs_getopt(optlist, "errmsg", (void **)&errmsg, &errmsg_len) == 0) 483 errmsg_pos = vfs_getopt_pos(optlist, "errmsg"); 484 else 485 errmsg_len = 0; 486 487 /* 488 * We need these two options before the others, 489 * and they are mandatory for any filesystem. 490 * Ensure they are NUL terminated as well. 491 */ 492 fstypelen = 0; 493 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 494 if (error || fstype[fstypelen - 1] != '\0') { 495 error = EINVAL; 496 if (errmsg != NULL) 497 strncpy(errmsg, "Invalid fstype", errmsg_len); 498 goto bail; 499 } 500 fspathlen = 0; 501 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 502 if (error || fspath[fspathlen - 1] != '\0') { 503 error = EINVAL; 504 if (errmsg != NULL) 505 strncpy(errmsg, "Invalid fspath", errmsg_len); 506 goto bail; 507 } 508 509 /* 510 * We need to see if we have the "update" option 511 * before we call vfs_domount(), since vfs_domount() has special 512 * logic based on MNT_UPDATE. This is very important 513 * when we want to update the root filesystem. 514 */ 515 if (vfs_getopt(optlist, "update", NULL, NULL) == 0) 516 fsflags |= MNT_UPDATE; 517 518 if (vfs_getopt(optlist, "async", NULL, NULL) == 0) 519 fsflags |= MNT_ASYNC; 520 521 if (vfs_getopt(optlist, "force", NULL, NULL) == 0) 522 fsflags |= MNT_FORCE; 523 524 if (vfs_getopt(optlist, "multilabel", NULL, NULL) == 0) 525 fsflags |= MNT_MULTILABEL; 526 527 if (vfs_getopt(optlist, "noasync", NULL, NULL) == 0) 528 fsflags &= ~MNT_ASYNC; 529 530 if (vfs_getopt(optlist, "noatime", NULL, NULL) == 0) 531 fsflags |= MNT_NOATIME; 532 533 if (vfs_getopt(optlist, "noclusterr", NULL, NULL) == 0) 534 fsflags |= MNT_NOCLUSTERR; 535 536 if (vfs_getopt(optlist, "noclusterw", NULL, NULL) == 0) 537 fsflags |= MNT_NOCLUSTERW; 538 539 if (vfs_getopt(optlist, "noexec", NULL, NULL) == 0) 540 fsflags |= MNT_NOEXEC; 541 542 if (vfs_getopt(optlist, "nosuid", NULL, NULL) == 0) 543 fsflags |= MNT_NOSUID; 544 545 if (vfs_getopt(optlist, "nosymfollow", NULL, NULL) == 0) 546 fsflags |= MNT_NOSYMFOLLOW; 547 548 if (vfs_getopt(optlist, "noro", NULL, NULL) == 0) 549 fsflags &= ~MNT_RDONLY; 550 551 if (vfs_getopt(optlist, "ro", NULL, NULL) == 0) 552 fsflags |= MNT_RDONLY; 553 554 if (vfs_getopt(optlist, "rdonly", NULL, NULL) == 0) 555 fsflags |= MNT_RDONLY; 556 557 if (vfs_getopt(optlist, "rw", NULL, NULL) == 0) 558 fsflags &= ~MNT_RDONLY; 559 560 if (vfs_getopt(optlist, "snapshot", NULL, NULL) == 0) 561 fsflags |= MNT_SNAPSHOT; 562 563 if (vfs_getopt(optlist, "suiddir", NULL, NULL) == 0) 564 fsflags |= MNT_SUIDDIR; 565 566 if (vfs_getopt(optlist, "sync", NULL, NULL) == 0) 567 fsflags |= MNT_SYNCHRONOUS; 568 569 if (vfs_getopt(optlist, "union", NULL, NULL) == 0) 570 fsflags |= MNT_UNION; 571 572 /* 573 * Be ultra-paranoid about making sure the type and fspath 574 * variables will fit in our mp buffers, including the 575 * terminating NUL. 576 */ 577 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 578 error = ENAMETOOLONG; 579 goto bail; 580 } 581 582 mtx_lock(&Giant); 583 error = vfs_domount(td, fstype, fspath, fsflags, optlist); 584 mtx_unlock(&Giant); 585 bail: 586 /* copyout the errmsg */ 587 if (errmsg_pos != -1 && ((2 * errmsg_pos + 1) < fsoptions->uio_iovcnt) 588 && errmsg_len > 0 && errmsg != NULL) { 589 if (fsoptions->uio_segflg == UIO_SYSSPACE) { 590 strncpy(fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base, 591 errmsg, 592 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len); 593 } else { 594 copystr(errmsg, 595 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base, 596 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len, 597 NULL); 598 } 599 } 600 601 if (error != 0) 602 vfs_freeopts(optlist); 603 return (error); 604 } 605 606 /* 607 * --------------------------------------------------------------------- 608 * Old mount API. 609 */ 610 #ifndef _SYS_SYSPROTO_H_ 611 struct mount_args { 612 char *type; 613 char *path; 614 int flags; 615 caddr_t data; 616 }; 617 #endif 618 /* ARGSUSED */ 619 int 620 mount(td, uap) 621 struct thread *td; 622 struct mount_args /* { 623 char *type; 624 char *path; 625 int flags; 626 caddr_t data; 627 } */ *uap; 628 { 629 char *fstype; 630 struct vfsconf *vfsp = NULL; 631 struct mntarg *ma = NULL; 632 int error; 633 634 /* Kick out MNT_ROOTFS early as it is legal internally */ 635 uap->flags &= ~MNT_ROOTFS; 636 637 if (uap->data == NULL) 638 return (EINVAL); 639 640 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 641 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL); 642 if (!error) { 643 mtx_lock(&Giant); /* XXX ? */ 644 vfsp = vfs_byname_kld(fstype, td, &error); 645 mtx_unlock(&Giant); 646 } 647 free(fstype, M_TEMP); 648 if (error) 649 return (error); 650 if (vfsp == NULL) 651 return (ENOENT); 652 if (vfsp->vfc_vfsops->vfs_cmount == NULL) 653 return (EOPNOTSUPP); 654 655 ma = mount_argsu(ma, "fstype", uap->type, MNAMELEN); 656 ma = mount_argsu(ma, "fspath", uap->path, MNAMELEN); 657 ma = mount_argb(ma, uap->flags & MNT_RDONLY, "noro"); 658 ma = mount_argb(ma, !(uap->flags & MNT_NOSUID), "nosuid"); 659 ma = mount_argb(ma, !(uap->flags & MNT_NOEXEC), "noexec"); 660 661 error = vfsp->vfc_vfsops->vfs_cmount(ma, uap->data, uap->flags, td); 662 return (error); 663 } 664 665 666 /* 667 * vfs_domount(): actually attempt a filesystem mount. 668 */ 669 static int 670 vfs_domount( 671 struct thread *td, /* Flags common to all filesystems. */ 672 const char *fstype, /* Filesystem type. */ 673 char *fspath, /* Mount path. */ 674 int fsflags, /* Flags common to all filesystems. */ 675 void *fsdata /* Options local to the filesystem. */ 676 ) 677 { 678 struct vnode *vp; 679 struct mount *mp; 680 struct vfsconf *vfsp; 681 int error, flag = 0, kern_flag = 0; 682 struct vattr va; 683 struct nameidata nd; 684 685 mtx_assert(&Giant, MA_OWNED); 686 687 /* 688 * Be ultra-paranoid about making sure the type and fspath 689 * variables will fit in our mp buffers, including the 690 * terminating NUL. 691 */ 692 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 693 return (ENAMETOOLONG); 694 695 if (jailed(td->td_ucred)) 696 return (EPERM); 697 if (usermount == 0) { 698 if ((error = suser(td)) != 0) 699 return (error); 700 } 701 702 /* 703 * Do not allow NFS export or MNT_SUIDDIR by unprivileged users. 704 */ 705 if (fsflags & (MNT_EXPORTED | MNT_SUIDDIR)) { 706 if ((error = suser(td)) != 0) 707 return (error); 708 } 709 /* 710 * Silently enforce MNT_NOSUID and MNT_USER for 711 * unprivileged users. 712 */ 713 if (suser(td) != 0) 714 fsflags |= MNT_NOSUID | MNT_USER; 715 /* 716 * Get vnode to be covered 717 */ 718 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 719 if ((error = namei(&nd)) != 0) 720 return (error); 721 NDFREE(&nd, NDF_ONLY_PNBUF); 722 vp = nd.ni_vp; 723 if (fsflags & MNT_UPDATE) { 724 if ((vp->v_vflag & VV_ROOT) == 0) { 725 vput(vp); 726 return (EINVAL); 727 } 728 mp = vp->v_mount; 729 flag = mp->mnt_flag; 730 kern_flag = mp->mnt_kern_flag; 731 /* 732 * We only allow the filesystem to be reloaded if it 733 * is currently mounted read-only. 734 */ 735 if ((fsflags & MNT_RELOAD) && 736 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 737 vput(vp); 738 return (EOPNOTSUPP); /* Needs translation */ 739 } 740 /* 741 * Only privileged root, or (if MNT_USER is set) the user that 742 * did the original mount is permitted to update it. 743 */ 744 error = vfs_suser(mp, td); 745 if (error) { 746 vput(vp); 747 return (error); 748 } 749 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 750 vput(vp); 751 return (EBUSY); 752 } 753 VI_LOCK(vp); 754 if ((vp->v_iflag & VI_MOUNT) != 0 || 755 vp->v_mountedhere != NULL) { 756 VI_UNLOCK(vp); 757 vfs_unbusy(mp, td); 758 vput(vp); 759 return (EBUSY); 760 } 761 vp->v_iflag |= VI_MOUNT; 762 VI_UNLOCK(vp); 763 mp->mnt_flag |= fsflags & 764 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT | MNT_ROOTFS); 765 VOP_UNLOCK(vp, 0, td); 766 mp->mnt_optnew = fsdata; 767 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 768 } else { 769 /* 770 * If the user is not root, ensure that they own the directory 771 * onto which we are attempting to mount. 772 */ 773 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 774 if (error) { 775 vput(vp); 776 return (error); 777 } 778 if (va.va_uid != td->td_ucred->cr_uid) { 779 if ((error = suser(td)) != 0) { 780 vput(vp); 781 return (error); 782 } 783 } 784 error = vinvalbuf(vp, V_SAVE, td, 0, 0); 785 if (error != 0) { 786 vput(vp); 787 return (error); 788 } 789 if (vp->v_type != VDIR) { 790 vput(vp); 791 return (ENOTDIR); 792 } 793 vfsp = vfs_byname_kld(fstype, td, &error); 794 if (vfsp == NULL) { 795 vput(vp); 796 return (error); 797 } 798 VI_LOCK(vp); 799 if ((vp->v_iflag & VI_MOUNT) != 0 || 800 vp->v_mountedhere != NULL) { 801 VI_UNLOCK(vp); 802 vput(vp); 803 return (EBUSY); 804 } 805 vp->v_iflag |= VI_MOUNT; 806 VI_UNLOCK(vp); 807 808 /* 809 * Allocate and initialize the filesystem. 810 */ 811 error = vfs_mount_alloc(vp, vfsp, fspath, td, &mp); 812 if (error) { 813 vput(vp); 814 return (error); 815 } 816 VOP_UNLOCK(vp, 0, td); 817 818 /* XXXMAC: pass to vfs_mount_alloc? */ 819 mp->mnt_optnew = fsdata; 820 } 821 822 /* 823 * Set the mount level flags. 824 */ 825 if (fsflags & MNT_RDONLY) 826 mp->mnt_flag |= MNT_RDONLY; 827 mp->mnt_flag &=~ MNT_UPDATEMASK; 828 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE | MNT_ROOTFS); 829 /* 830 * Mount the filesystem. 831 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 832 * get. No freeing of cn_pnbuf. 833 */ 834 error = VFS_MOUNT(mp, td); 835 if (!error) { 836 if (mp->mnt_opt != NULL) 837 vfs_freeopts(mp->mnt_opt); 838 mp->mnt_opt = mp->mnt_optnew; 839 VFS_STATFS(mp, &mp->mnt_stat, td); 840 } 841 /* 842 * Prevent external consumers of mount options from reading 843 * mnt_optnew. 844 */ 845 mp->mnt_optnew = NULL; 846 if (mp->mnt_flag & MNT_UPDATE) { 847 mp->mnt_flag &= 848 ~(MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 849 if (error) { 850 mp->mnt_flag = flag; 851 mp->mnt_kern_flag = kern_flag; 852 } 853 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 854 if (mp->mnt_syncer == NULL) 855 error = vfs_allocate_syncvnode(mp); 856 } else { 857 if (mp->mnt_syncer != NULL) 858 vrele(mp->mnt_syncer); 859 mp->mnt_syncer = NULL; 860 } 861 vfs_unbusy(mp, td); 862 VI_LOCK(vp); 863 vp->v_iflag &= ~VI_MOUNT; 864 VI_UNLOCK(vp); 865 vrele(vp); 866 return (error); 867 } 868 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 869 /* 870 * Put the new filesystem on the mount list after root. 871 */ 872 cache_purge(vp); 873 if (!error) { 874 struct vnode *newdp; 875 876 VI_LOCK(vp); 877 vp->v_iflag &= ~VI_MOUNT; 878 VI_UNLOCK(vp); 879 vp->v_mountedhere = mp; 880 mtx_lock(&mountlist_mtx); 881 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 882 mtx_unlock(&mountlist_mtx); 883 vfs_event_signal(NULL, VQ_MOUNT, 0); 884 if (VFS_ROOT(mp, LK_EXCLUSIVE, &newdp, td)) 885 panic("mount: lost mount"); 886 mountcheckdirs(vp, newdp); 887 vput(newdp); 888 VOP_UNLOCK(vp, 0, td); 889 if ((mp->mnt_flag & MNT_RDONLY) == 0) 890 error = vfs_allocate_syncvnode(mp); 891 vfs_unbusy(mp, td); 892 if (error) 893 vrele(vp); 894 } else { 895 VI_LOCK(vp); 896 vp->v_iflag &= ~VI_MOUNT; 897 VI_UNLOCK(vp); 898 vfs_mount_destroy(mp, td); 899 vput(vp); 900 } 901 return (error); 902 } 903 904 /* 905 * --------------------------------------------------------------------- 906 * Unmount a filesystem. 907 * 908 * Note: unmount takes a path to the vnode mounted on as argument, 909 * not special file (as before). 910 */ 911 #ifndef _SYS_SYSPROTO_H_ 912 struct unmount_args { 913 char *path; 914 int flags; 915 }; 916 #endif 917 /* ARGSUSED */ 918 int 919 unmount(td, uap) 920 struct thread *td; 921 register struct unmount_args /* { 922 char *path; 923 int flags; 924 } */ *uap; 925 { 926 struct mount *mp; 927 char *pathbuf; 928 int error, id0, id1; 929 930 if (jailed(td->td_ucred)) 931 return (EPERM); 932 if (usermount == 0) { 933 if ((error = suser(td)) != 0) 934 return (error); 935 } 936 937 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK); 938 error = copyinstr(uap->path, pathbuf, MNAMELEN, NULL); 939 if (error) { 940 free(pathbuf, M_TEMP); 941 return (error); 942 } 943 if (uap->flags & MNT_BYFSID) { 944 /* Decode the filesystem ID. */ 945 if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) { 946 free(pathbuf, M_TEMP); 947 return (EINVAL); 948 } 949 950 mtx_lock(&mountlist_mtx); 951 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) { 952 if (mp->mnt_stat.f_fsid.val[0] == id0 && 953 mp->mnt_stat.f_fsid.val[1] == id1) 954 break; 955 } 956 mtx_unlock(&mountlist_mtx); 957 } else { 958 mtx_lock(&mountlist_mtx); 959 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) { 960 if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0) 961 break; 962 } 963 mtx_unlock(&mountlist_mtx); 964 } 965 free(pathbuf, M_TEMP); 966 if (mp == NULL) { 967 /* 968 * Previously we returned ENOENT for a nonexistent path and 969 * EINVAL for a non-mountpoint. We cannot tell these apart 970 * now, so in the !MNT_BYFSID case return the more likely 971 * EINVAL for compatibility. 972 */ 973 return ((uap->flags & MNT_BYFSID) ? ENOENT : EINVAL); 974 } 975 976 /* 977 * Only privileged root, or (if MNT_USER is set) the user that did the 978 * original mount is permitted to unmount this filesystem. 979 */ 980 error = vfs_suser(mp, td); 981 if (error) 982 return (error); 983 984 /* 985 * Don't allow unmounting the root filesystem. 986 */ 987 if (mp->mnt_flag & MNT_ROOTFS) 988 return (EINVAL); 989 mtx_lock(&Giant); 990 error = dounmount(mp, uap->flags, td); 991 mtx_unlock(&Giant); 992 return (error); 993 } 994 995 /* 996 * Do the actual filesystem unmount. 997 */ 998 int 999 dounmount(mp, flags, td) 1000 struct mount *mp; 1001 int flags; 1002 struct thread *td; 1003 { 1004 struct vnode *coveredvp, *fsrootvp; 1005 int error; 1006 int async_flag; 1007 1008 mtx_assert(&Giant, MA_OWNED); 1009 1010 MNT_ILOCK(mp); 1011 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1012 MNT_IUNLOCK(mp); 1013 return (EBUSY); 1014 } 1015 mp->mnt_kern_flag |= MNTK_UNMOUNT; 1016 /* Allow filesystems to detect that a forced unmount is in progress. */ 1017 if (flags & MNT_FORCE) 1018 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1019 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK | 1020 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), MNT_MTX(mp), td); 1021 if (error) { 1022 MNT_ILOCK(mp); 1023 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1024 if (mp->mnt_kern_flag & MNTK_MWAIT) 1025 wakeup(mp); 1026 MNT_IUNLOCK(mp); 1027 return (error); 1028 } 1029 vn_start_write(NULL, &mp, V_WAIT); 1030 1031 if (mp->mnt_flag & MNT_EXPUBLIC) 1032 vfs_setpublicfs(NULL, NULL, NULL); 1033 1034 vfs_msync(mp, MNT_WAIT); 1035 async_flag = mp->mnt_flag & MNT_ASYNC; 1036 mp->mnt_flag &= ~MNT_ASYNC; 1037 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1038 if (mp->mnt_syncer != NULL) 1039 vrele(mp->mnt_syncer); 1040 /* 1041 * For forced unmounts, move process cdir/rdir refs on the fs root 1042 * vnode to the covered vnode. For non-forced unmounts we want 1043 * such references to cause an EBUSY error. 1044 */ 1045 if ((flags & MNT_FORCE) && 1046 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp, td) == 0) { 1047 if (mp->mnt_vnodecovered != NULL) 1048 mountcheckdirs(fsrootvp, mp->mnt_vnodecovered); 1049 if (fsrootvp == rootvnode) { 1050 vrele(rootvnode); 1051 rootvnode = NULL; 1052 } 1053 vput(fsrootvp); 1054 } 1055 if (((mp->mnt_flag & MNT_RDONLY) || 1056 (error = VFS_SYNC(mp, MNT_WAIT, td)) == 0) || 1057 (flags & MNT_FORCE)) { 1058 error = VFS_UNMOUNT(mp, flags, td); 1059 } 1060 vn_finished_write(mp); 1061 if (error) { 1062 /* Undo cdir/rdir and rootvnode changes made above. */ 1063 if ((flags & MNT_FORCE) && 1064 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp, td) == 0) { 1065 if (mp->mnt_vnodecovered != NULL) 1066 mountcheckdirs(mp->mnt_vnodecovered, fsrootvp); 1067 if (rootvnode == NULL) { 1068 rootvnode = fsrootvp; 1069 vref(rootvnode); 1070 } 1071 vput(fsrootvp); 1072 } 1073 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) 1074 (void) vfs_allocate_syncvnode(mp); 1075 MNT_ILOCK(mp); 1076 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1077 mp->mnt_flag |= async_flag; 1078 lockmgr(&mp->mnt_lock, LK_RELEASE, NULL, td); 1079 if (mp->mnt_kern_flag & MNTK_MWAIT) 1080 wakeup(mp); 1081 MNT_IUNLOCK(mp); 1082 return (error); 1083 } 1084 mtx_lock(&mountlist_mtx); 1085 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1086 if ((coveredvp = mp->mnt_vnodecovered) != NULL) 1087 coveredvp->v_mountedhere = NULL; 1088 mtx_unlock(&mountlist_mtx); 1089 vfs_event_signal(NULL, VQ_UNMOUNT, 0); 1090 vfs_mount_destroy(mp, td); 1091 if (coveredvp != NULL) 1092 vrele(coveredvp); 1093 return (0); 1094 } 1095 1096 /* 1097 * --------------------------------------------------------------------- 1098 * Mounting of root filesystem 1099 * 1100 */ 1101 1102 struct root_hold_token { 1103 const char *who; 1104 LIST_ENTRY(root_hold_token) list; 1105 }; 1106 1107 static LIST_HEAD(, root_hold_token) root_holds = 1108 LIST_HEAD_INITIALIZER(&root_holds); 1109 1110 struct root_hold_token * 1111 root_mount_hold(const char *identifier) 1112 { 1113 struct root_hold_token *h; 1114 1115 h = malloc(sizeof *h, M_DEVBUF, M_ZERO | M_WAITOK); 1116 h->who = identifier; 1117 mtx_lock(&mountlist_mtx); 1118 LIST_INSERT_HEAD(&root_holds, h, list); 1119 mtx_unlock(&mountlist_mtx); 1120 return (h); 1121 } 1122 1123 void 1124 root_mount_rel(struct root_hold_token *h) 1125 { 1126 1127 mtx_lock(&mountlist_mtx); 1128 LIST_REMOVE(h, list); 1129 wakeup(&root_holds); 1130 mtx_unlock(&mountlist_mtx); 1131 free(h, M_DEVBUF); 1132 } 1133 1134 static void 1135 root_mount_wait(void) 1136 { 1137 struct root_hold_token *h; 1138 1139 for (;;) { 1140 DROP_GIANT(); 1141 g_waitidle(); 1142 PICKUP_GIANT(); 1143 mtx_lock(&mountlist_mtx); 1144 if (LIST_EMPTY(&root_holds)) { 1145 mtx_unlock(&mountlist_mtx); 1146 break; 1147 } 1148 printf("Root mount waiting for:"); 1149 LIST_FOREACH(h, &root_holds, list) 1150 printf(" %s", h->who); 1151 printf("\n"); 1152 msleep(&root_holds, &mountlist_mtx, PZERO | PDROP, "roothold", 1153 hz); 1154 } 1155 } 1156 1157 static void 1158 set_rootvnode(struct thread *td) 1159 { 1160 struct proc *p; 1161 1162 if (VFS_ROOT(TAILQ_FIRST(&mountlist), LK_EXCLUSIVE, &rootvnode, td)) 1163 panic("Cannot find root vnode"); 1164 1165 p = td->td_proc; 1166 FILEDESC_LOCK(p->p_fd); 1167 1168 if (p->p_fd->fd_cdir != NULL) 1169 vrele(p->p_fd->fd_cdir); 1170 p->p_fd->fd_cdir = rootvnode; 1171 VREF(rootvnode); 1172 1173 if (p->p_fd->fd_rdir != NULL) 1174 vrele(p->p_fd->fd_rdir); 1175 p->p_fd->fd_rdir = rootvnode; 1176 VREF(rootvnode); 1177 1178 FILEDESC_UNLOCK(p->p_fd); 1179 1180 VOP_UNLOCK(rootvnode, 0, td); 1181 } 1182 1183 /* 1184 * Mount /devfs as our root filesystem, but do not put it on the mountlist 1185 * yet. Create a /dev -> / symlink so that absolute pathnames will lookup. 1186 */ 1187 1188 static void 1189 devfs_first(void) 1190 { 1191 struct thread *td = curthread; 1192 struct vfsoptlist *opts; 1193 struct vfsconf *vfsp; 1194 struct mount *mp = NULL; 1195 int error; 1196 1197 vfsp = vfs_byname("devfs"); 1198 KASSERT(vfsp != NULL, ("Could not find devfs by name")); 1199 if (vfsp == NULL) 1200 return; 1201 1202 error = vfs_mount_alloc(NULLVP, vfsp, "/dev", td, &mp); 1203 KASSERT(error == 0, ("vfs_mount_alloc failed %d", error)); 1204 if (error) 1205 return; 1206 1207 error = VFS_MOUNT(mp, curthread); 1208 KASSERT(error == 0, ("VFS_MOUNT(devfs) failed %d", error)); 1209 if (error) 1210 return; 1211 1212 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 1213 TAILQ_INIT(opts); 1214 mp->mnt_opt = opts; 1215 1216 mtx_lock(&mountlist_mtx); 1217 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1218 mtx_unlock(&mountlist_mtx); 1219 1220 set_rootvnode(td); 1221 1222 error = kern_symlink(td, "/", "dev", UIO_SYSSPACE); 1223 if (error) 1224 printf("kern_symlink /dev -> / returns %d\n", error); 1225 } 1226 1227 /* 1228 * Surgically move our devfs to be mounted on /dev. 1229 */ 1230 1231 static void 1232 devfs_fixup(struct thread *td) 1233 { 1234 struct nameidata nd; 1235 int error; 1236 struct vnode *vp, *dvp; 1237 struct mount *mp; 1238 1239 /* Remove our devfs mount from the mountlist and purge the cache */ 1240 mtx_lock(&mountlist_mtx); 1241 mp = TAILQ_FIRST(&mountlist); 1242 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1243 mtx_unlock(&mountlist_mtx); 1244 cache_purgevfs(mp); 1245 1246 VFS_ROOT(mp, LK_EXCLUSIVE, &dvp, td); 1247 VI_LOCK(dvp); 1248 dvp->v_iflag &= ~VI_MOUNT; 1249 dvp->v_mountedhere = NULL; 1250 VI_UNLOCK(dvp); 1251 1252 /* Set up the real rootvnode, and purge the cache */ 1253 TAILQ_FIRST(&mountlist)->mnt_vnodecovered = NULL; 1254 set_rootvnode(td); 1255 cache_purgevfs(rootvnode->v_mount); 1256 1257 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, "/dev", td); 1258 error = namei(&nd); 1259 if (error) { 1260 printf("Lookup of /dev for devfs, error: %d\n", error); 1261 return; 1262 } 1263 NDFREE(&nd, NDF_ONLY_PNBUF); 1264 vp = nd.ni_vp; 1265 if (vp->v_type != VDIR) { 1266 vput(vp); 1267 } 1268 error = vinvalbuf(vp, V_SAVE, td, 0, 0); 1269 if (error) { 1270 vput(vp); 1271 } 1272 cache_purge(vp); 1273 mp->mnt_vnodecovered = vp; 1274 vp->v_mountedhere = mp; 1275 mtx_lock(&mountlist_mtx); 1276 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1277 mtx_unlock(&mountlist_mtx); 1278 VOP_UNLOCK(vp, 0, td); 1279 vfs_unbusy(mp, td); 1280 vput(dvp); 1281 1282 /* Unlink the no longer needed /dev/dev -> / symlink */ 1283 kern_unlink(td, "/dev/dev", UIO_SYSSPACE); 1284 } 1285 1286 /* 1287 * Report errors during filesystem mounting. 1288 */ 1289 void 1290 vfs_mount_error(struct mount *mp, const char *fmt, ...) 1291 { 1292 struct vfsoptlist *moptlist = mp->mnt_optnew; 1293 va_list ap; 1294 int error, len; 1295 char *errmsg; 1296 1297 error = vfs_getopt(moptlist, "errmsg", (void **)&errmsg, &len); 1298 if (error || errmsg == NULL || len <= 0) 1299 return; 1300 1301 va_start(ap, fmt); 1302 vsnprintf(errmsg, (size_t)len, fmt, ap); 1303 va_end(ap); 1304 } 1305 1306 /* 1307 * Find and mount the root filesystem 1308 */ 1309 void 1310 vfs_mountroot(void) 1311 { 1312 char *cp; 1313 int error, i, asked = 0; 1314 1315 root_mount_wait(); 1316 1317 devfs_first(); 1318 1319 /* 1320 * We are booted with instructions to prompt for the root filesystem. 1321 */ 1322 if (boothowto & RB_ASKNAME) { 1323 if (!vfs_mountroot_ask()) 1324 return; 1325 asked = 1; 1326 } 1327 1328 /* 1329 * The root filesystem information is compiled in, and we are 1330 * booted with instructions to use it. 1331 */ 1332 if (ctrootdevname != NULL && (boothowto & RB_DFLTROOT)) { 1333 if (!vfs_mountroot_try(ctrootdevname)) 1334 return; 1335 ctrootdevname = NULL; 1336 } 1337 1338 /* 1339 * We've been given the generic "use CDROM as root" flag. This is 1340 * necessary because one media may be used in many different 1341 * devices, so we need to search for them. 1342 */ 1343 if (boothowto & RB_CDROM) { 1344 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1345 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1346 return; 1347 } 1348 } 1349 1350 /* 1351 * Try to use the value read by the loader from /etc/fstab, or 1352 * supplied via some other means. This is the preferred 1353 * mechanism. 1354 */ 1355 cp = getenv("vfs.root.mountfrom"); 1356 if (cp != NULL) { 1357 error = vfs_mountroot_try(cp); 1358 freeenv(cp); 1359 if (!error) 1360 return; 1361 } 1362 1363 /* 1364 * Try values that may have been computed by code during boot 1365 */ 1366 if (!vfs_mountroot_try(rootdevnames[0])) 1367 return; 1368 if (!vfs_mountroot_try(rootdevnames[1])) 1369 return; 1370 1371 /* 1372 * If we (still) have a compiled-in default, try it. 1373 */ 1374 if (ctrootdevname != NULL) 1375 if (!vfs_mountroot_try(ctrootdevname)) 1376 return; 1377 /* 1378 * Everything so far has failed, prompt on the console if we haven't 1379 * already tried that. 1380 */ 1381 if (!asked) 1382 if (!vfs_mountroot_ask()) 1383 return; 1384 1385 panic("Root mount failed, startup aborted."); 1386 } 1387 1388 /* 1389 * Mount (mountfrom) as the root filesystem. 1390 */ 1391 static int 1392 vfs_mountroot_try(const char *mountfrom) 1393 { 1394 struct mount *mp; 1395 char *vfsname, *path; 1396 time_t timebase; 1397 int error; 1398 char patt[32]; 1399 1400 vfsname = NULL; 1401 path = NULL; 1402 mp = NULL; 1403 error = EINVAL; 1404 1405 if (mountfrom == NULL) 1406 return (error); /* don't complain */ 1407 printf("Trying to mount root from %s\n", mountfrom); 1408 1409 /* parse vfs name and path */ 1410 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1411 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1412 vfsname[0] = path[0] = 0; 1413 sprintf(patt, "%%%d[a-z0-9]:%%%ds", MFSNAMELEN, MNAMELEN); 1414 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1415 goto out; 1416 1417 if (path[0] == '\0') 1418 strcpy(path, ROOTNAME); 1419 1420 error = kernel_vmount( 1421 MNT_RDONLY | MNT_ROOTFS, 1422 "fstype", vfsname, 1423 "fspath", "/", 1424 "from", path, 1425 NULL); 1426 if (error == 0) { 1427 /* 1428 * We mount devfs prior to mounting the / FS, so the first 1429 * entry will typically be devfs. 1430 */ 1431 mp = TAILQ_FIRST(&mountlist); 1432 KASSERT(mp != NULL, ("%s: mountlist is empty", __func__)); 1433 1434 /* 1435 * Iterate over all currently mounted file systems and use 1436 * the time stamp found to check and/or initialize the RTC. 1437 * Typically devfs has no time stamp and the only other FS 1438 * is the actual / FS. 1439 * Call inittodr() only once and pass it the largest of the 1440 * timestamps we encounter. 1441 */ 1442 timebase = 0; 1443 do { 1444 if (mp->mnt_time > timebase) 1445 timebase = mp->mnt_time; 1446 mp = TAILQ_NEXT(mp, mnt_list); 1447 } while (mp != NULL); 1448 inittodr(timebase); 1449 1450 devfs_fixup(curthread); 1451 } 1452 out: 1453 free(path, M_MOUNT); 1454 free(vfsname, M_MOUNT); 1455 return (error); 1456 } 1457 1458 /* 1459 * --------------------------------------------------------------------- 1460 * Interactive root filesystem selection code. 1461 */ 1462 1463 static int 1464 vfs_mountroot_ask(void) 1465 { 1466 char name[128]; 1467 1468 for(;;) { 1469 printf("\nManual root filesystem specification:\n"); 1470 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1471 #if defined(__i386__) || defined(__ia64__) 1472 printf(" eg. ufs:da0s1a\n"); 1473 #else 1474 printf(" eg. ufs:/dev/da0a\n"); 1475 #endif 1476 printf(" ? List valid disk boot devices\n"); 1477 printf(" <empty line> Abort manual input\n"); 1478 printf("\nmountroot> "); 1479 gets(name, sizeof(name), 1); 1480 if (name[0] == '\0') 1481 return (1); 1482 if (name[0] == '?') { 1483 printf("\nList of GEOM managed disk devices:\n "); 1484 g_dev_print(); 1485 continue; 1486 } 1487 if (!vfs_mountroot_try(name)) 1488 return (0); 1489 } 1490 } 1491 1492 /* 1493 * --------------------------------------------------------------------- 1494 * Functions for querying mount options/arguments from filesystems. 1495 */ 1496 1497 /* 1498 * Check that no unknown options are given 1499 */ 1500 int 1501 vfs_filteropt(struct vfsoptlist *opts, const char **legal) 1502 { 1503 struct vfsopt *opt; 1504 const char **t, *p; 1505 1506 1507 TAILQ_FOREACH(opt, opts, link) { 1508 p = opt->name; 1509 if (p[0] == 'n' && p[1] == 'o') 1510 p += 2; 1511 for(t = global_opts; *t != NULL; t++) 1512 if (!strcmp(*t, p)) 1513 break; 1514 if (*t != NULL) 1515 continue; 1516 for(t = legal; *t != NULL; t++) 1517 if (!strcmp(*t, p)) 1518 break; 1519 if (*t != NULL) 1520 continue; 1521 printf("mount option <%s> is unknown\n", p); 1522 return (EINVAL); 1523 } 1524 return (0); 1525 } 1526 1527 /* 1528 * Get a mount option by its name. 1529 * 1530 * Return 0 if the option was found, ENOENT otherwise. 1531 * If len is non-NULL it will be filled with the length 1532 * of the option. If buf is non-NULL, it will be filled 1533 * with the address of the option. 1534 */ 1535 int 1536 vfs_getopt(opts, name, buf, len) 1537 struct vfsoptlist *opts; 1538 const char *name; 1539 void **buf; 1540 int *len; 1541 { 1542 struct vfsopt *opt; 1543 1544 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1545 1546 TAILQ_FOREACH(opt, opts, link) { 1547 if (strcmp(name, opt->name) == 0) { 1548 if (len != NULL) 1549 *len = opt->len; 1550 if (buf != NULL) 1551 *buf = opt->value; 1552 return (0); 1553 } 1554 } 1555 return (ENOENT); 1556 } 1557 1558 static int 1559 vfs_getopt_pos(struct vfsoptlist *opts, const char *name) 1560 { 1561 struct vfsopt *opt; 1562 int i; 1563 1564 if (opts == NULL) 1565 return (-1); 1566 1567 i = 0; 1568 TAILQ_FOREACH(opt, opts, link) { 1569 if (strcmp(name, opt->name) == 0) 1570 return (i); 1571 ++i; 1572 } 1573 return (-1); 1574 } 1575 1576 char * 1577 vfs_getopts(struct vfsoptlist *opts, const char *name, int *error) 1578 { 1579 struct vfsopt *opt; 1580 1581 *error = 0; 1582 TAILQ_FOREACH(opt, opts, link) { 1583 if (strcmp(name, opt->name) != 0) 1584 continue; 1585 if (((char *)opt->value)[opt->len - 1] != '\0') { 1586 *error = EINVAL; 1587 return (NULL); 1588 } 1589 return (opt->value); 1590 } 1591 return (NULL); 1592 } 1593 1594 int 1595 vfs_flagopt(struct vfsoptlist *opts, const char *name, u_int *w, u_int val) 1596 { 1597 struct vfsopt *opt; 1598 1599 TAILQ_FOREACH(opt, opts, link) { 1600 if (strcmp(name, opt->name) == 0) { 1601 if (w != NULL) 1602 *w |= val; 1603 return (1); 1604 } 1605 } 1606 if (w != NULL) 1607 *w &= ~val; 1608 return (0); 1609 } 1610 1611 int 1612 vfs_scanopt(struct vfsoptlist *opts, const char *name, const char *fmt, ...) 1613 { 1614 va_list ap; 1615 struct vfsopt *opt; 1616 int ret; 1617 1618 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1619 1620 TAILQ_FOREACH(opt, opts, link) { 1621 if (strcmp(name, opt->name) != 0) 1622 continue; 1623 if (((char *)opt->value)[opt->len - 1] != '\0') 1624 return (0); 1625 va_start(ap, fmt); 1626 ret = vsscanf(opt->value, fmt, ap); 1627 va_end(ap); 1628 return (ret); 1629 } 1630 return (0); 1631 } 1632 1633 /* 1634 * Find and copy a mount option. 1635 * 1636 * The size of the buffer has to be specified 1637 * in len, if it is not the same length as the 1638 * mount option, EINVAL is returned. 1639 * Returns ENOENT if the option is not found. 1640 */ 1641 int 1642 vfs_copyopt(opts, name, dest, len) 1643 struct vfsoptlist *opts; 1644 const char *name; 1645 void *dest; 1646 int len; 1647 { 1648 struct vfsopt *opt; 1649 1650 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL")); 1651 1652 TAILQ_FOREACH(opt, opts, link) { 1653 if (strcmp(name, opt->name) == 0) { 1654 if (len != opt->len) 1655 return (EINVAL); 1656 bcopy(opt->value, dest, opt->len); 1657 return (0); 1658 } 1659 } 1660 return (ENOENT); 1661 } 1662 1663 /* 1664 * This is a helper function for filesystems to traverse their 1665 * vnodes. See MNT_VNODE_FOREACH() in sys/mount.h 1666 */ 1667 1668 struct vnode * 1669 __mnt_vnode_next(struct vnode **nvp, struct mount *mp) 1670 { 1671 struct vnode *vp; 1672 1673 mtx_assert(&mp->mnt_mtx, MA_OWNED); 1674 1675 vp = *nvp; 1676 /* Check if we are done */ 1677 if (vp == NULL) 1678 return (NULL); 1679 /* If our next vnode is no longer ours, start over */ 1680 if (vp->v_mount != mp) 1681 vp = TAILQ_FIRST(&mp->mnt_nvnodelist); 1682 /* Save pointer to next vnode in list */ 1683 if (vp != NULL) 1684 *nvp = TAILQ_NEXT(vp, v_nmntvnodes); 1685 else 1686 *nvp = NULL; 1687 return (vp); 1688 } 1689 1690 int 1691 __vfs_statfs(struct mount *mp, struct statfs *sbp, struct thread *td) 1692 { 1693 int error; 1694 1695 error = mp->mnt_op->vfs_statfs(mp, &mp->mnt_stat, td); 1696 if (sbp != &mp->mnt_stat) 1697 *sbp = mp->mnt_stat; 1698 return (error); 1699 } 1700 1701 void 1702 vfs_mountedfrom(struct mount *mp, const char *from) 1703 { 1704 1705 bzero(mp->mnt_stat.f_mntfromname, sizeof mp->mnt_stat.f_mntfromname); 1706 strlcpy(mp->mnt_stat.f_mntfromname, from, 1707 sizeof mp->mnt_stat.f_mntfromname); 1708 } 1709 1710 /* 1711 * --------------------------------------------------------------------- 1712 * This is the api for building mount args and mounting filesystems from 1713 * inside the kernel. 1714 * 1715 * The API works by accumulation of individual args. First error is 1716 * latched. 1717 * 1718 * XXX: should be documented in new manpage kernel_mount(9) 1719 */ 1720 1721 /* A memory allocation which must be freed when we are done */ 1722 struct mntaarg { 1723 SLIST_ENTRY(mntaarg) next; 1724 }; 1725 1726 /* The header for the mount arguments */ 1727 struct mntarg { 1728 struct iovec *v; 1729 int len; 1730 int error; 1731 SLIST_HEAD(, mntaarg) list; 1732 }; 1733 1734 /* 1735 * Add a boolean argument. 1736 * 1737 * flag is the boolean value. 1738 * name must start with "no". 1739 */ 1740 struct mntarg * 1741 mount_argb(struct mntarg *ma, int flag, const char *name) 1742 { 1743 1744 KASSERT(name[0] == 'n' && name[1] == 'o', 1745 ("mount_argb(...,%s): name must start with 'no'", name)); 1746 1747 return (mount_arg(ma, name + (flag ? 2 : 0), NULL, 0)); 1748 } 1749 1750 /* 1751 * Add an argument printf style 1752 */ 1753 struct mntarg * 1754 mount_argf(struct mntarg *ma, const char *name, const char *fmt, ...) 1755 { 1756 va_list ap; 1757 struct mntaarg *maa; 1758 struct sbuf *sb; 1759 int len; 1760 1761 if (ma == NULL) { 1762 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO); 1763 SLIST_INIT(&ma->list); 1764 } 1765 if (ma->error) 1766 return (ma); 1767 1768 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2), 1769 M_MOUNT, M_WAITOK); 1770 ma->v[ma->len].iov_base = (void *)(uintptr_t)name; 1771 ma->v[ma->len].iov_len = strlen(name) + 1; 1772 ma->len++; 1773 1774 sb = sbuf_new(NULL, NULL, 0, SBUF_AUTOEXTEND); 1775 va_start(ap, fmt); 1776 sbuf_vprintf(sb, fmt, ap); 1777 va_end(ap); 1778 sbuf_finish(sb); 1779 len = sbuf_len(sb) + 1; 1780 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO); 1781 SLIST_INSERT_HEAD(&ma->list, maa, next); 1782 bcopy(sbuf_data(sb), maa + 1, len); 1783 sbuf_delete(sb); 1784 1785 ma->v[ma->len].iov_base = maa + 1; 1786 ma->v[ma->len].iov_len = len; 1787 ma->len++; 1788 1789 return (ma); 1790 } 1791 1792 /* 1793 * Add an argument which is a userland string. 1794 */ 1795 struct mntarg * 1796 mount_argsu(struct mntarg *ma, const char *name, const void *val, int len) 1797 { 1798 struct mntaarg *maa; 1799 char *tbuf; 1800 1801 if (val == NULL) 1802 return (ma); 1803 if (ma == NULL) { 1804 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO); 1805 SLIST_INIT(&ma->list); 1806 } 1807 if (ma->error) 1808 return (ma); 1809 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO); 1810 SLIST_INSERT_HEAD(&ma->list, maa, next); 1811 tbuf = (void *)(maa + 1); 1812 ma->error = copyinstr(val, tbuf, len, NULL); 1813 return (mount_arg(ma, name, tbuf, -1)); 1814 } 1815 1816 /* 1817 * Plain argument. 1818 * 1819 * If length is -1, use printf. 1820 */ 1821 struct mntarg * 1822 mount_arg(struct mntarg *ma, const char *name, const void *val, int len) 1823 { 1824 1825 if (ma == NULL) { 1826 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO); 1827 SLIST_INIT(&ma->list); 1828 } 1829 if (ma->error) 1830 return (ma); 1831 1832 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2), 1833 M_MOUNT, M_WAITOK); 1834 ma->v[ma->len].iov_base = (void *)(uintptr_t)name; 1835 ma->v[ma->len].iov_len = strlen(name) + 1; 1836 ma->len++; 1837 1838 ma->v[ma->len].iov_base = (void *)(uintptr_t)val; 1839 if (len < 0) 1840 ma->v[ma->len].iov_len = strlen(val) + 1; 1841 else 1842 ma->v[ma->len].iov_len = len; 1843 ma->len++; 1844 return (ma); 1845 } 1846 1847 /* 1848 * Free a mntarg structure 1849 */ 1850 static void 1851 free_mntarg(struct mntarg *ma) 1852 { 1853 struct mntaarg *maa; 1854 1855 while (!SLIST_EMPTY(&ma->list)) { 1856 maa = SLIST_FIRST(&ma->list); 1857 SLIST_REMOVE_HEAD(&ma->list, next); 1858 free(maa, M_MOUNT); 1859 } 1860 free(ma->v, M_MOUNT); 1861 free(ma, M_MOUNT); 1862 } 1863 1864 /* 1865 * Mount a filesystem 1866 */ 1867 int 1868 kernel_mount(struct mntarg *ma, int flags) 1869 { 1870 struct uio auio; 1871 int error; 1872 1873 KASSERT(ma != NULL, ("kernel_mount NULL ma")); 1874 KASSERT(ma->v != NULL, ("kernel_mount NULL ma->v")); 1875 KASSERT(!(ma->len & 1), ("kernel_mount odd ma->len (%d)", ma->len)); 1876 1877 auio.uio_iov = ma->v; 1878 auio.uio_iovcnt = ma->len; 1879 auio.uio_segflg = UIO_SYSSPACE; 1880 1881 error = ma->error; 1882 if (!error) 1883 error = vfs_donmount(curthread, flags, &auio); 1884 free_mntarg(ma); 1885 return (error); 1886 } 1887 1888 /* 1889 * A printflike function to mount a filesystem. 1890 */ 1891 int 1892 kernel_vmount(int flags, ...) 1893 { 1894 struct mntarg *ma = NULL; 1895 va_list ap; 1896 const char *cp; 1897 const void *vp; 1898 int error; 1899 1900 va_start(ap, flags); 1901 for (;;) { 1902 cp = va_arg(ap, const char *); 1903 if (cp == NULL) 1904 break; 1905 vp = va_arg(ap, const void *); 1906 ma = mount_arg(ma, cp, vp, -1); 1907 } 1908 va_end(ap); 1909 1910 error = kernel_mount(ma, flags); 1911 return (error); 1912 } 1913