1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 4. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * Copyright (c) 1999 Michael Smith 35 * All rights reserved. 36 * Copyright (c) 1999 Poul-Henning Kamp 37 * All rights reserved. 38 * 39 * Redistribution and use in source and binary forms, with or without 40 * modification, are permitted provided that the following conditions 41 * are met: 42 * 1. Redistributions of source code must retain the above copyright 43 * notice, this list of conditions and the following disclaimer. 44 * 2. Redistributions in binary form must reproduce the above copyright 45 * notice, this list of conditions and the following disclaimer in the 46 * documentation and/or other materials provided with the distribution. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 */ 60 61 #include <sys/cdefs.h> 62 __FBSDID("$FreeBSD$"); 63 64 #include <sys/param.h> 65 #include <sys/conf.h> 66 #include <sys/cons.h> 67 #include <sys/jail.h> 68 #include <sys/kernel.h> 69 #include <sys/linker.h> 70 #include <sys/mac.h> 71 #include <sys/malloc.h> 72 #include <sys/mount.h> 73 #include <sys/mutex.h> 74 #include <sys/namei.h> 75 #include <sys/proc.h> 76 #include <sys/filedesc.h> 77 #include <sys/reboot.h> 78 #include <sys/sysproto.h> 79 #include <sys/sx.h> 80 #include <sys/sysctl.h> 81 #include <sys/sysent.h> 82 #include <sys/systm.h> 83 #include <sys/vnode.h> 84 85 #include <geom/geom.h> 86 87 #include <machine/stdarg.h> 88 89 #include "opt_rootdevname.h" 90 #include "opt_ddb.h" 91 #include "opt_mac.h" 92 93 #ifdef DDB 94 #include <ddb/ddb.h> 95 #endif 96 97 #define ROOTNAME "root_device" 98 #define VFS_MOUNTARG_SIZE_MAX (1024 * 64) 99 100 static void checkdirs(struct vnode *olddp, struct vnode *newdp); 101 static void gets(char *cp); 102 static int vfs_domount(struct thread *td, const char *fstype, 103 char *fspath, int fsflags, void *fsdata, int compat); 104 static int vfs_mount_alloc(struct vnode *dvp, struct vfsconf *vfsp, 105 const char *fspath, struct thread *td, struct mount **mpp); 106 static int vfs_mountroot_ask(void); 107 static int vfs_mountroot_try(char *mountfrom); 108 109 static int usermount = 0; 110 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, 111 "Unprivileged users may mount and unmount file systems"); 112 113 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 114 115 /* List of mounted filesystems. */ 116 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 117 118 /* For any iteration/modification of mountlist */ 119 struct mtx mountlist_mtx; 120 121 /* 122 * The vnode of the system's root (/ in the filesystem, without chroot 123 * active.) 124 */ 125 struct vnode *rootvnode; 126 127 /* 128 * The root filesystem is detailed in the kernel environment variable 129 * vfs.root.mountfrom, which is expected to be in the general format 130 * 131 * <vfsname>:[<path>] 132 * vfsname := the name of a VFS known to the kernel and capable 133 * of being mounted as root 134 * path := disk device name or other data used by the filesystem 135 * to locate its physical store 136 */ 137 138 /* 139 * The root specifiers we will try if RB_CDROM is specified. 140 */ 141 static char *cdrom_rootdevnames[] = { 142 "cd9660:cd0", 143 "cd9660:acd0", 144 NULL 145 }; 146 147 /* legacy find-root code */ 148 char *rootdevnames[2] = {NULL, NULL}; 149 static int setrootbyname(char *name); 150 struct cdev *rootdev = NULL; 151 152 /* 153 * Has to be dynamic as the value of rootdev can change; however, it can't 154 * change after the root is mounted, so a user process can't access this 155 * sysctl until after the value is unchangeable. 156 */ 157 static int 158 sysctl_rootdev(SYSCTL_HANDLER_ARGS) 159 { 160 int error; 161 162 /* _RD prevents this from happening. */ 163 KASSERT(req->newptr == NULL, ("Attempt to change root device name")); 164 165 if (rootdev != NULL) 166 error = sysctl_handle_string(oidp, rootdev->si_name, 0, req); 167 else 168 error = sysctl_handle_string(oidp, "", 0, req); 169 170 return (error); 171 } 172 173 SYSCTL_PROC(_kern, OID_AUTO, rootdev, CTLTYPE_STRING | CTLFLAG_RD, 174 0, 0, sysctl_rootdev, "A", "Root file system device"); 175 176 /* Remove one mount option. */ 177 static void 178 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 179 { 180 181 TAILQ_REMOVE(opts, opt, link); 182 free(opt->name, M_MOUNT); 183 if (opt->value != NULL) 184 free(opt->value, M_MOUNT); 185 #ifdef INVARIANTS 186 else if (opt->len != 0) 187 panic("%s: mount option with NULL value but length != 0", 188 __func__); 189 #endif 190 free(opt, M_MOUNT); 191 } 192 193 /* Release all resources related to the mount options. */ 194 static void 195 vfs_freeopts(struct vfsoptlist *opts) 196 { 197 struct vfsopt *opt; 198 199 while (!TAILQ_EMPTY(opts)) { 200 opt = TAILQ_FIRST(opts); 201 vfs_freeopt(opts, opt); 202 } 203 free(opts, M_MOUNT); 204 } 205 206 /* 207 * Check if options are equal (with or without the "no" prefix). 208 */ 209 static int 210 vfs_equalopts(const char *opt1, const char *opt2) 211 { 212 213 /* "opt" vs. "opt" or "noopt" vs. "noopt" */ 214 if (strcmp(opt1, opt2) == 0) 215 return (1); 216 /* "noopt" vs. "opt" */ 217 if (strncmp(opt1, "no", 2) == 0 && strcmp(opt1 + 2, opt2) == 0) 218 return (1); 219 /* "opt" vs. "noopt" */ 220 if (strncmp(opt2, "no", 2) == 0 && strcmp(opt1, opt2 + 2) == 0) 221 return (1); 222 return (0); 223 } 224 225 /* 226 * If a mount option is specified several times, 227 * (with or without the "no" prefix) only keep 228 * the last occurence of it. 229 */ 230 static void 231 vfs_sanitizeopts(struct vfsoptlist *opts) 232 { 233 struct vfsopt *opt, *opt2, *tmp; 234 235 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 236 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 237 while (opt2 != NULL) { 238 if (vfs_equalopts(opt->name, opt2->name)) { 239 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 240 vfs_freeopt(opts, opt2); 241 opt2 = tmp; 242 } else { 243 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 244 } 245 } 246 } 247 } 248 249 /* 250 * Build a linked list of mount options from a struct uio. 251 */ 252 static int 253 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 254 { 255 struct vfsoptlist *opts; 256 struct vfsopt *opt; 257 size_t memused; 258 unsigned int i, iovcnt; 259 int error, namelen, optlen; 260 261 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 262 TAILQ_INIT(opts); 263 memused = 0; 264 iovcnt = auio->uio_iovcnt; 265 for (i = 0; i < iovcnt; i += 2) { 266 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 267 namelen = auio->uio_iov[i].iov_len; 268 optlen = auio->uio_iov[i + 1].iov_len; 269 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 270 opt->value = NULL; 271 opt->len = optlen; 272 273 /* 274 * Do this early, so jumps to "bad" will free the current 275 * option. 276 */ 277 TAILQ_INSERT_TAIL(opts, opt, link); 278 memused += sizeof(struct vfsopt) + optlen + namelen; 279 280 /* 281 * Avoid consuming too much memory, and attempts to overflow 282 * memused. 283 */ 284 if (memused > VFS_MOUNTARG_SIZE_MAX || 285 optlen > VFS_MOUNTARG_SIZE_MAX || 286 namelen > VFS_MOUNTARG_SIZE_MAX) { 287 error = EINVAL; 288 goto bad; 289 } 290 291 if (auio->uio_segflg == UIO_SYSSPACE) { 292 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 293 } else { 294 error = copyin(auio->uio_iov[i].iov_base, opt->name, 295 namelen); 296 if (error) 297 goto bad; 298 } 299 /* Ensure names are null-terminated strings. */ 300 if (opt->name[namelen - 1] != '\0') { 301 error = EINVAL; 302 goto bad; 303 } 304 if (optlen != 0) { 305 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 306 if (auio->uio_segflg == UIO_SYSSPACE) { 307 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 308 optlen); 309 } else { 310 error = copyin(auio->uio_iov[i + 1].iov_base, 311 opt->value, optlen); 312 if (error) 313 goto bad; 314 } 315 } 316 } 317 vfs_sanitizeopts(opts); 318 *options = opts; 319 return (0); 320 bad: 321 vfs_freeopts(opts); 322 return (error); 323 } 324 325 /* 326 * Merge the old mount options with the new ones passed 327 * in the MNT_UPDATE case. 328 */ 329 static void 330 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 331 { 332 struct vfsopt *opt, *opt2, *new; 333 334 TAILQ_FOREACH(opt, opts, link) { 335 /* 336 * Check that this option hasn't been redefined 337 * nor cancelled with a "no" mount option. 338 */ 339 opt2 = TAILQ_FIRST(toopts); 340 while (opt2 != NULL) { 341 if (strcmp(opt2->name, opt->name) == 0) 342 goto next; 343 if (strncmp(opt2->name, "no", 2) == 0 && 344 strcmp(opt2->name + 2, opt->name) == 0) { 345 vfs_freeopt(toopts, opt2); 346 goto next; 347 } 348 opt2 = TAILQ_NEXT(opt2, link); 349 } 350 /* We want this option, duplicate it. */ 351 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 352 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 353 strcpy(new->name, opt->name); 354 if (opt->len != 0) { 355 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 356 bcopy(opt->value, new->value, opt->len); 357 } else { 358 new->value = NULL; 359 } 360 new->len = opt->len; 361 TAILQ_INSERT_TAIL(toopts, new, link); 362 next: 363 continue; 364 } 365 } 366 367 /* 368 * New mount API. 369 */ 370 int 371 nmount(td, uap) 372 struct thread *td; 373 struct nmount_args /* { 374 struct iovec *iovp; 375 unsigned int iovcnt; 376 int flags; 377 } */ *uap; 378 { 379 struct uio *auio; 380 struct iovec *iov; 381 unsigned int i; 382 int error; 383 u_int iovcnt; 384 385 iovcnt = uap->iovcnt; 386 /* 387 * Check that we have an even number of iovec's 388 * and that we have at least two options. 389 */ 390 if ((iovcnt & 1) || (iovcnt < 4)) 391 return (EINVAL); 392 error = copyinuio(uap->iovp, iovcnt, &auio); 393 if (error) 394 return (error); 395 iov = auio->uio_iov; 396 for (i = 0; i < iovcnt; i++) { 397 if (iov->iov_len > MMAXOPTIONLEN) { 398 free(auio, M_IOV); 399 return (EINVAL); 400 } 401 iov++; 402 } 403 error = vfs_nmount(td, uap->flags, auio); 404 free(auio, M_IOV); 405 return (error); 406 } 407 408 int 409 kernel_mount(iovp, iovcnt, flags) 410 struct iovec *iovp; 411 unsigned int iovcnt; 412 int flags; 413 { 414 struct uio auio; 415 int error; 416 417 /* 418 * Check that we have an even number of iovec's 419 * and that we have at least two options. 420 */ 421 if ((iovcnt & 1) || (iovcnt < 4)) 422 return (EINVAL); 423 424 auio.uio_iov = iovp; 425 auio.uio_iovcnt = iovcnt; 426 auio.uio_segflg = UIO_SYSSPACE; 427 428 error = vfs_nmount(curthread, flags, &auio); 429 return (error); 430 } 431 432 int 433 kernel_vmount(int flags, ...) 434 { 435 struct iovec *iovp; 436 struct uio auio; 437 va_list ap; 438 unsigned int iovcnt, iovlen, len; 439 const char *cp; 440 char *buf, *pos; 441 size_t n; 442 int error, i; 443 444 len = 0; 445 va_start(ap, flags); 446 for (iovcnt = 0; (cp = va_arg(ap, const char *)) != NULL; iovcnt++) 447 len += strlen(cp) + 1; 448 va_end(ap); 449 450 if (iovcnt < 4 || iovcnt & 1) 451 return (EINVAL); 452 453 iovlen = iovcnt * sizeof (struct iovec); 454 MALLOC(iovp, struct iovec *, iovlen, M_MOUNT, M_WAITOK); 455 MALLOC(buf, char *, len, M_MOUNT, M_WAITOK); 456 pos = buf; 457 va_start(ap, flags); 458 for (i = 0; i < iovcnt; i++) { 459 cp = va_arg(ap, const char *); 460 copystr(cp, pos, len - (pos - buf), &n); 461 iovp[i].iov_base = pos; 462 iovp[i].iov_len = n; 463 pos += n; 464 } 465 va_end(ap); 466 467 auio.uio_iov = iovp; 468 auio.uio_iovcnt = iovcnt; 469 auio.uio_segflg = UIO_SYSSPACE; 470 471 error = vfs_nmount(curthread, flags, &auio); 472 FREE(iovp, M_MOUNT); 473 FREE(buf, M_MOUNT); 474 return (error); 475 } 476 477 /* 478 * Allocate and initialize the mount point struct. 479 */ 480 static int 481 vfs_mount_alloc(struct vnode *vp, struct vfsconf *vfsp, 482 const char *fspath, struct thread *td, struct mount **mpp) 483 { 484 struct mount *mp; 485 486 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 487 TAILQ_INIT(&mp->mnt_nvnodelist); 488 mp->mnt_nvnodelistsize = 0; 489 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF); 490 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 491 vfs_busy(mp, LK_NOWAIT, 0, td); 492 mp->mnt_op = vfsp->vfc_vfsops; 493 mp->mnt_vfc = vfsp; 494 vfsp->vfc_refcount++; 495 mp->mnt_stat.f_type = vfsp->vfc_typenum; 496 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 497 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 498 mp->mnt_vnodecovered = vp; 499 mp->mnt_cred = crdup(td->td_ucred); 500 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 501 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 502 mp->mnt_iosize_max = DFLTPHYS; 503 #ifdef MAC 504 mac_init_mount(mp); 505 mac_create_mount(td->td_ucred, mp); 506 #endif 507 *mpp = mp; 508 return (0); 509 } 510 511 /* 512 * Destroy the mount struct previously allocated by vfs_mount_alloc(). 513 */ 514 void 515 vfs_mount_destroy(struct mount *mp, struct thread *td) 516 { 517 518 mp->mnt_vfc->vfc_refcount--; 519 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) 520 panic("unmount: dangling vnode"); 521 vfs_unbusy(mp,td); 522 lockdestroy(&mp->mnt_lock); 523 mtx_destroy(&mp->mnt_mtx); 524 if (mp->mnt_kern_flag & MNTK_MWAIT) 525 wakeup(mp); 526 #ifdef MAC 527 mac_destroy_mount(mp); 528 #endif 529 if (mp->mnt_opt != NULL) 530 vfs_freeopts(mp->mnt_opt); 531 crfree(mp->mnt_cred); 532 free(mp, M_MOUNT); 533 } 534 535 int 536 vfs_nmount(struct thread *td, int fsflags, struct uio *fsoptions) 537 { 538 struct vfsoptlist *optlist; 539 char *fstype, *fspath; 540 int error, fstypelen, fspathlen; 541 542 error = vfs_buildopts(fsoptions, &optlist); 543 if (error) 544 return (error); 545 546 /* 547 * We need these two options before the others, 548 * and they are mandatory for any filesystem. 549 * Ensure they are NUL terminated as well. 550 */ 551 fstypelen = 0; 552 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 553 if (error || fstype[fstypelen - 1] != '\0') { 554 error = EINVAL; 555 goto bail; 556 } 557 fspathlen = 0; 558 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 559 if (error || fspath[fspathlen - 1] != '\0') { 560 error = EINVAL; 561 goto bail; 562 } 563 564 /* 565 * Be ultra-paranoid about making sure the type and fspath 566 * variables will fit in our mp buffers, including the 567 * terminating NUL. 568 */ 569 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 570 error = ENAMETOOLONG; 571 goto bail; 572 } 573 574 error = vfs_domount(td, fstype, fspath, fsflags, optlist, 0); 575 bail: 576 if (error) 577 vfs_freeopts(optlist); 578 return (error); 579 } 580 581 /* 582 * Old mount API. 583 */ 584 #ifndef _SYS_SYSPROTO_H_ 585 struct mount_args { 586 char *type; 587 char *path; 588 int flags; 589 caddr_t data; 590 }; 591 #endif 592 /* ARGSUSED */ 593 int 594 mount(td, uap) 595 struct thread *td; 596 struct mount_args /* { 597 char *type; 598 char *path; 599 int flags; 600 caddr_t data; 601 } */ *uap; 602 { 603 char *fstype; 604 char *fspath; 605 int error; 606 607 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 608 fspath = malloc(MNAMELEN, M_TEMP, M_WAITOK); 609 610 /* 611 * vfs_mount() actually takes a kernel string for `type' and 612 * `path' now, so extract them. 613 */ 614 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL); 615 if (error == 0) 616 error = copyinstr(uap->path, fspath, MNAMELEN, NULL); 617 if (error == 0) 618 error = vfs_domount(td, fstype, fspath, uap->flags, 619 uap->data, 1); 620 free(fstype, M_TEMP); 621 free(fspath, M_TEMP); 622 return (error); 623 } 624 625 /* 626 * vfs_mount(): actually attempt a filesystem mount. 627 * 628 * This routine is designed to be a "generic" entry point for routines 629 * that wish to mount a filesystem. All parameters except `fsdata' are 630 * pointers into kernel space. `fsdata' is currently still a pointer 631 * into userspace. 632 */ 633 int 634 vfs_mount(td, fstype, fspath, fsflags, fsdata) 635 struct thread *td; 636 const char *fstype; 637 char *fspath; 638 int fsflags; 639 void *fsdata; 640 { 641 642 return (vfs_domount(td, fstype, fspath, fsflags, fsdata, 1)); 643 } 644 645 /* 646 * vfs_domount(): actually attempt a filesystem mount. 647 */ 648 static int 649 vfs_domount( 650 struct thread *td, /* Flags common to all filesystems. */ 651 const char *fstype, /* Filesystem type. */ 652 char *fspath, /* Mount path. */ 653 int fsflags, /* Flags common to all filesystems. */ 654 void *fsdata, /* Options local to the filesystem. */ 655 int compat /* Invocation from compat syscall. */ 656 ) 657 { 658 linker_file_t lf; 659 struct vnode *vp; 660 struct mount *mp; 661 struct vfsconf *vfsp; 662 int error, flag = 0, kern_flag = 0; 663 struct vattr va; 664 struct nameidata nd; 665 666 /* 667 * Be ultra-paranoid about making sure the type and fspath 668 * variables will fit in our mp buffers, including the 669 * terminating NUL. 670 */ 671 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 672 return (ENAMETOOLONG); 673 674 if (jailed(td->td_ucred)) 675 return (EPERM); 676 if (usermount == 0) { 677 if ((error = suser(td)) != 0) 678 return (error); 679 } 680 681 /* 682 * Do not allow NFS export or MNT_SUIDDIR by unprivileged users. 683 */ 684 if (fsflags & (MNT_EXPORTED | MNT_SUIDDIR)) { 685 if ((error = suser(td)) != 0) 686 return (error); 687 } 688 /* 689 * Silently enforce MNT_NODEV, MNT_NOSUID and MNT_USER for 690 * unprivileged users. 691 */ 692 if (suser(td) != 0) 693 fsflags |= MNT_NODEV | MNT_NOSUID | MNT_USER; 694 /* 695 * Get vnode to be covered 696 */ 697 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 698 if ((error = namei(&nd)) != 0) 699 return (error); 700 NDFREE(&nd, NDF_ONLY_PNBUF); 701 vp = nd.ni_vp; 702 if (fsflags & MNT_UPDATE) { 703 if ((vp->v_vflag & VV_ROOT) == 0) { 704 vput(vp); 705 return (EINVAL); 706 } 707 mp = vp->v_mount; 708 flag = mp->mnt_flag; 709 kern_flag = mp->mnt_kern_flag; 710 /* 711 * We only allow the filesystem to be reloaded if it 712 * is currently mounted read-only. 713 */ 714 if ((fsflags & MNT_RELOAD) && 715 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 716 vput(vp); 717 return (EOPNOTSUPP); /* Needs translation */ 718 } 719 /* 720 * Only privileged root, or (if MNT_USER is set) the user that 721 * did the original mount is permitted to update it. 722 */ 723 error = vfs_suser(mp, td); 724 if (error) { 725 vput(vp); 726 return (error); 727 } 728 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 729 vput(vp); 730 return (EBUSY); 731 } 732 VI_LOCK(vp); 733 if ((vp->v_iflag & VI_MOUNT) != 0 || 734 vp->v_mountedhere != NULL) { 735 VI_UNLOCK(vp); 736 vfs_unbusy(mp, td); 737 vput(vp); 738 return (EBUSY); 739 } 740 vp->v_iflag |= VI_MOUNT; 741 VI_UNLOCK(vp); 742 mp->mnt_flag |= fsflags & 743 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 744 VOP_UNLOCK(vp, 0, td); 745 if (compat == 0) { 746 mp->mnt_optnew = fsdata; 747 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 748 } 749 goto update; 750 } 751 /* 752 * If the user is not root, ensure that they own the directory 753 * onto which we are attempting to mount. 754 */ 755 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 756 if (error) { 757 vput(vp); 758 return (error); 759 } 760 if (va.va_uid != td->td_ucred->cr_uid) { 761 if ((error = suser(td)) != 0) { 762 vput(vp); 763 return (error); 764 } 765 } 766 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 767 vput(vp); 768 return (error); 769 } 770 if (vp->v_type != VDIR) { 771 vput(vp); 772 return (ENOTDIR); 773 } 774 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 775 if (strcmp(vfsp->vfc_name, fstype) == 0) 776 break; 777 if (vfsp == NULL) { 778 /* Only load modules for root (very important!). */ 779 if ((error = suser(td)) != 0) { 780 vput(vp); 781 return (error); 782 } 783 error = securelevel_gt(td->td_ucred, 0); 784 if (error) { 785 vput(vp); 786 return (error); 787 } 788 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 789 if (error || lf == NULL) { 790 vput(vp); 791 if (lf == NULL) 792 error = ENODEV; 793 return (error); 794 } 795 lf->userrefs++; 796 /* Look up again to see if the VFS was loaded. */ 797 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 798 if (strcmp(vfsp->vfc_name, fstype) == 0) 799 break; 800 if (vfsp == NULL) { 801 lf->userrefs--; 802 linker_file_unload(lf, LINKER_UNLOAD_FORCE); 803 vput(vp); 804 return (ENODEV); 805 } 806 } 807 VI_LOCK(vp); 808 if ((vp->v_iflag & VI_MOUNT) != 0 || 809 vp->v_mountedhere != NULL) { 810 VI_UNLOCK(vp); 811 vput(vp); 812 return (EBUSY); 813 } 814 vp->v_iflag |= VI_MOUNT; 815 VI_UNLOCK(vp); 816 817 /* 818 * Allocate and initialize the filesystem. 819 */ 820 error = vfs_mount_alloc(vp, vfsp, fspath, td, &mp); 821 if (error) { 822 vput(vp); 823 return (error); 824 } 825 VOP_UNLOCK(vp, 0, td); 826 827 /* XXXMAC: pass to vfs_mount_alloc? */ 828 if (compat == 0) 829 mp->mnt_optnew = fsdata; 830 update: 831 /* 832 * Check if the fs implements the type VFS_[N]MOUNT() 833 * function we are looking for. 834 */ 835 if ((compat == 0) == (mp->mnt_op->vfs_mount != NULL)) { 836 printf("%s doesn't support the %s mount syscall\n", 837 mp->mnt_vfc->vfc_name, compat ? "old" : "new"); 838 VI_LOCK(vp); 839 vp->v_iflag &= ~VI_MOUNT; 840 VI_UNLOCK(vp); 841 if (mp->mnt_flag & MNT_UPDATE) 842 vfs_unbusy(mp, td); 843 else 844 vfs_mount_destroy(mp, td); 845 vrele(vp); 846 return (EOPNOTSUPP); 847 } 848 849 /* 850 * Set the mount level flags. 851 */ 852 if (fsflags & MNT_RDONLY) 853 mp->mnt_flag |= MNT_RDONLY; 854 else if (mp->mnt_flag & MNT_RDONLY) 855 mp->mnt_kern_flag |= MNTK_WANTRDWR; 856 mp->mnt_flag &=~ MNT_UPDATEMASK; 857 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 858 /* 859 * Mount the filesystem. 860 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 861 * get. No freeing of cn_pnbuf. 862 */ 863 error = compat ? VFS_MOUNT(mp, fspath, fsdata, &nd, td) : 864 VFS_NMOUNT(mp, &nd, td); 865 if (!error) { 866 if (mp->mnt_opt != NULL) 867 vfs_freeopts(mp->mnt_opt); 868 mp->mnt_opt = mp->mnt_optnew; 869 } 870 /* 871 * Prevent external consumers of mount options from reading 872 * mnt_optnew. 873 */ 874 mp->mnt_optnew = NULL; 875 if (mp->mnt_flag & MNT_UPDATE) { 876 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 877 mp->mnt_flag &= ~MNT_RDONLY; 878 mp->mnt_flag &= 879 ~(MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 880 mp->mnt_kern_flag &= ~MNTK_WANTRDWR; 881 if (error) { 882 mp->mnt_flag = flag; 883 mp->mnt_kern_flag = kern_flag; 884 } 885 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 886 if (mp->mnt_syncer == NULL) 887 error = vfs_allocate_syncvnode(mp); 888 } else { 889 if (mp->mnt_syncer != NULL) 890 vrele(mp->mnt_syncer); 891 mp->mnt_syncer = NULL; 892 } 893 vfs_unbusy(mp, td); 894 VI_LOCK(vp); 895 vp->v_iflag &= ~VI_MOUNT; 896 VI_UNLOCK(vp); 897 vrele(vp); 898 return (error); 899 } 900 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 901 /* 902 * Put the new filesystem on the mount list after root. 903 */ 904 cache_purge(vp); 905 if (!error) { 906 struct vnode *newdp; 907 908 VI_LOCK(vp); 909 vp->v_iflag &= ~VI_MOUNT; 910 VI_UNLOCK(vp); 911 vp->v_mountedhere = mp; 912 mtx_lock(&mountlist_mtx); 913 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 914 mtx_unlock(&mountlist_mtx); 915 vfs_event_signal(NULL, VQ_MOUNT, 0); 916 if (VFS_ROOT(mp, &newdp, td)) 917 panic("mount: lost mount"); 918 checkdirs(vp, newdp); 919 vput(newdp); 920 VOP_UNLOCK(vp, 0, td); 921 if ((mp->mnt_flag & MNT_RDONLY) == 0) 922 error = vfs_allocate_syncvnode(mp); 923 vfs_unbusy(mp, td); 924 if (error || (error = VFS_START(mp, 0, td)) != 0) 925 vrele(vp); 926 } else { 927 VI_LOCK(vp); 928 vp->v_iflag &= ~VI_MOUNT; 929 VI_UNLOCK(vp); 930 vfs_mount_destroy(mp, td); 931 vput(vp); 932 } 933 return (error); 934 } 935 936 /* 937 * Scan all active processes to see if any of them have a current 938 * or root directory of `olddp'. If so, replace them with the new 939 * mount point. 940 */ 941 static void 942 checkdirs(olddp, newdp) 943 struct vnode *olddp, *newdp; 944 { 945 struct filedesc *fdp; 946 struct proc *p; 947 int nrele; 948 949 if (vrefcnt(olddp) == 1) 950 return; 951 sx_slock(&allproc_lock); 952 LIST_FOREACH(p, &allproc, p_list) { 953 mtx_lock(&fdesc_mtx); 954 fdp = p->p_fd; 955 if (fdp == NULL) { 956 mtx_unlock(&fdesc_mtx); 957 continue; 958 } 959 nrele = 0; 960 FILEDESC_LOCK(fdp); 961 if (fdp->fd_cdir == olddp) { 962 VREF(newdp); 963 fdp->fd_cdir = newdp; 964 nrele++; 965 } 966 if (fdp->fd_rdir == olddp) { 967 VREF(newdp); 968 fdp->fd_rdir = newdp; 969 nrele++; 970 } 971 FILEDESC_UNLOCK(fdp); 972 mtx_unlock(&fdesc_mtx); 973 while (nrele--) 974 vrele(olddp); 975 } 976 sx_sunlock(&allproc_lock); 977 if (rootvnode == olddp) { 978 vrele(rootvnode); 979 VREF(newdp); 980 rootvnode = newdp; 981 } 982 } 983 984 /* 985 * Unmount a filesystem. 986 * 987 * Note: unmount takes a path to the vnode mounted on as argument, 988 * not special file (as before). 989 */ 990 #ifndef _SYS_SYSPROTO_H_ 991 struct unmount_args { 992 char *path; 993 int flags; 994 }; 995 #endif 996 /* ARGSUSED */ 997 int 998 unmount(td, uap) 999 struct thread *td; 1000 register struct unmount_args /* { 1001 char *path; 1002 int flags; 1003 } */ *uap; 1004 { 1005 struct mount *mp; 1006 char *pathbuf; 1007 int error, id0, id1; 1008 1009 if (jailed(td->td_ucred)) 1010 return (EPERM); 1011 if (usermount == 0) { 1012 if ((error = suser(td)) != 0) 1013 return (error); 1014 } 1015 1016 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK); 1017 error = copyinstr(uap->path, pathbuf, MNAMELEN, NULL); 1018 if (error) { 1019 free(pathbuf, M_TEMP); 1020 return (error); 1021 } 1022 if (uap->flags & MNT_BYFSID) { 1023 /* Decode the filesystem ID. */ 1024 if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) { 1025 free(pathbuf, M_TEMP); 1026 return (EINVAL); 1027 } 1028 1029 mtx_lock(&mountlist_mtx); 1030 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) { 1031 if (mp->mnt_stat.f_fsid.val[0] == id0 && 1032 mp->mnt_stat.f_fsid.val[1] == id1) 1033 break; 1034 } 1035 mtx_unlock(&mountlist_mtx); 1036 } else { 1037 mtx_lock(&mountlist_mtx); 1038 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) { 1039 if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0) 1040 break; 1041 } 1042 mtx_unlock(&mountlist_mtx); 1043 } 1044 free(pathbuf, M_TEMP); 1045 if (mp == NULL) { 1046 /* 1047 * Previously we returned ENOENT for a nonexistent path and 1048 * EINVAL for a non-mountpoint. We cannot tell these apart 1049 * now, so in the !MNT_BYFSID case return the more likely 1050 * EINVAL for compatibility. 1051 */ 1052 return ((uap->flags & MNT_BYFSID) ? ENOENT : EINVAL); 1053 } 1054 1055 /* 1056 * Only privileged root, or (if MNT_USER is set) the user that did the 1057 * original mount is permitted to unmount this filesystem. 1058 */ 1059 error = vfs_suser(mp, td); 1060 if (error) 1061 return (error); 1062 1063 /* 1064 * Don't allow unmounting the root filesystem. 1065 */ 1066 if (mp->mnt_flag & MNT_ROOTFS) 1067 return (EINVAL); 1068 return (dounmount(mp, uap->flags, td)); 1069 } 1070 1071 /* 1072 * Do the actual filesystem unmount. 1073 */ 1074 int 1075 dounmount(mp, flags, td) 1076 struct mount *mp; 1077 int flags; 1078 struct thread *td; 1079 { 1080 struct vnode *coveredvp, *fsrootvp; 1081 int error; 1082 int async_flag; 1083 1084 mtx_lock(&mountlist_mtx); 1085 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1086 mtx_unlock(&mountlist_mtx); 1087 return (EBUSY); 1088 } 1089 mp->mnt_kern_flag |= MNTK_UNMOUNT; 1090 /* Allow filesystems to detect that a forced unmount is in progress. */ 1091 if (flags & MNT_FORCE) 1092 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1093 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK | 1094 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), &mountlist_mtx, td); 1095 if (error) { 1096 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1097 if (mp->mnt_kern_flag & MNTK_MWAIT) 1098 wakeup(mp); 1099 return (error); 1100 } 1101 vn_start_write(NULL, &mp, V_WAIT); 1102 1103 if (mp->mnt_flag & MNT_EXPUBLIC) 1104 vfs_setpublicfs(NULL, NULL, NULL); 1105 1106 vfs_msync(mp, MNT_WAIT); 1107 async_flag = mp->mnt_flag & MNT_ASYNC; 1108 mp->mnt_flag &= ~MNT_ASYNC; 1109 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1110 if (mp->mnt_syncer != NULL) 1111 vrele(mp->mnt_syncer); 1112 /* 1113 * For forced unmounts, move process cdir/rdir refs on the fs root 1114 * vnode to the covered vnode. For non-forced unmounts we want 1115 * such references to cause an EBUSY error. 1116 */ 1117 if ((flags & MNT_FORCE) && VFS_ROOT(mp, &fsrootvp, td) == 0) { 1118 if (mp->mnt_vnodecovered != NULL) 1119 checkdirs(fsrootvp, mp->mnt_vnodecovered); 1120 if (fsrootvp == rootvnode) { 1121 vrele(rootvnode); 1122 rootvnode = NULL; 1123 } 1124 vput(fsrootvp); 1125 } 1126 if (((mp->mnt_flag & MNT_RDONLY) || 1127 (error = VFS_SYNC(mp, MNT_WAIT, td->td_ucred, td)) == 0) || 1128 (flags & MNT_FORCE)) { 1129 error = VFS_UNMOUNT(mp, flags, td); 1130 } 1131 vn_finished_write(mp); 1132 if (error) { 1133 /* Undo cdir/rdir and rootvnode changes made above. */ 1134 if ((flags & MNT_FORCE) && VFS_ROOT(mp, &fsrootvp, td) == 0) { 1135 if (mp->mnt_vnodecovered != NULL) 1136 checkdirs(mp->mnt_vnodecovered, fsrootvp); 1137 if (rootvnode == NULL) { 1138 rootvnode = fsrootvp; 1139 vref(rootvnode); 1140 } 1141 vput(fsrootvp); 1142 } 1143 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) 1144 (void) vfs_allocate_syncvnode(mp); 1145 mtx_lock(&mountlist_mtx); 1146 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1147 mp->mnt_flag |= async_flag; 1148 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, 1149 &mountlist_mtx, td); 1150 if (mp->mnt_kern_flag & MNTK_MWAIT) 1151 wakeup(mp); 1152 return (error); 1153 } 1154 mtx_lock(&mountlist_mtx); 1155 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1156 if ((coveredvp = mp->mnt_vnodecovered) != NULL) 1157 coveredvp->v_mountedhere = NULL; 1158 mtx_unlock(&mountlist_mtx); 1159 vfs_event_signal(NULL, VQ_UNMOUNT, 0); 1160 vfs_mount_destroy(mp, td); 1161 if (coveredvp != NULL) 1162 vrele(coveredvp); 1163 return (0); 1164 } 1165 1166 /* 1167 * Lookup a filesystem type, and if found allocate and initialize 1168 * a mount structure for it. 1169 * 1170 * Devname is usually updated by mount(8) after booting. 1171 */ 1172 int 1173 vfs_rootmountalloc(fstypename, devname, mpp) 1174 char *fstypename; 1175 char *devname; 1176 struct mount **mpp; 1177 { 1178 struct thread *td = curthread; /* XXX */ 1179 struct vfsconf *vfsp; 1180 struct mount *mp; 1181 int error; 1182 1183 if (fstypename == NULL) 1184 return (ENODEV); 1185 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1186 if (!strcmp(vfsp->vfc_name, fstypename)) 1187 break; 1188 if (vfsp == NULL) 1189 return (ENODEV); 1190 error = vfs_mount_alloc(NULLVP, vfsp, "/", td, &mp); 1191 if (error) 1192 return (error); 1193 mp->mnt_flag |= MNT_RDONLY | MNT_ROOTFS; 1194 strlcpy(mp->mnt_stat.f_mntfromname, devname, MNAMELEN); 1195 *mpp = mp; 1196 return (0); 1197 } 1198 1199 /* 1200 * Find and mount the root filesystem 1201 */ 1202 void 1203 vfs_mountroot(void) 1204 { 1205 char *cp; 1206 int error, i; 1207 1208 g_waitidle(); 1209 1210 /* 1211 * The root filesystem information is compiled in, and we are 1212 * booted with instructions to use it. 1213 */ 1214 #ifdef ROOTDEVNAME 1215 if ((boothowto & RB_DFLTROOT) && !vfs_mountroot_try(ROOTDEVNAME)) 1216 return; 1217 #endif 1218 /* 1219 * We are booted with instructions to prompt for the root filesystem, 1220 * or to use the compiled-in default when it doesn't exist. 1221 */ 1222 if (boothowto & (RB_DFLTROOT | RB_ASKNAME)) { 1223 if (!vfs_mountroot_ask()) 1224 return; 1225 } 1226 1227 /* 1228 * We've been given the generic "use CDROM as root" flag. This is 1229 * necessary because one media may be used in many different 1230 * devices, so we need to search for them. 1231 */ 1232 if (boothowto & RB_CDROM) { 1233 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1234 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1235 return; 1236 } 1237 } 1238 1239 /* 1240 * Try to use the value read by the loader from /etc/fstab, or 1241 * supplied via some other means. This is the preferred 1242 * mechanism. 1243 */ 1244 if ((cp = getenv("vfs.root.mountfrom")) != NULL) { 1245 error = vfs_mountroot_try(cp); 1246 freeenv(cp); 1247 if (!error) 1248 return; 1249 } 1250 1251 /* 1252 * Try values that may have been computed by the machine-dependant 1253 * legacy code. 1254 */ 1255 if (!vfs_mountroot_try(rootdevnames[0])) 1256 return; 1257 if (!vfs_mountroot_try(rootdevnames[1])) 1258 return; 1259 1260 /* 1261 * If we have a compiled-in default, and haven't already tried it, try 1262 * it now. 1263 */ 1264 #ifdef ROOTDEVNAME 1265 if (!(boothowto & RB_DFLTROOT)) 1266 if (!vfs_mountroot_try(ROOTDEVNAME)) 1267 return; 1268 #endif 1269 1270 /* 1271 * Everything so far has failed, prompt on the console if we haven't 1272 * already tried that. 1273 */ 1274 if (!(boothowto & (RB_DFLTROOT | RB_ASKNAME)) && !vfs_mountroot_ask()) 1275 return; 1276 panic("Root mount failed, startup aborted."); 1277 } 1278 1279 /* 1280 * Mount (mountfrom) as the root filesystem. 1281 */ 1282 static int 1283 vfs_mountroot_try(char *mountfrom) 1284 { 1285 struct mount *mp; 1286 char *vfsname, *path; 1287 const char *devname; 1288 int error; 1289 char patt[32]; 1290 int s; 1291 1292 vfsname = NULL; 1293 path = NULL; 1294 mp = NULL; 1295 error = EINVAL; 1296 1297 if (mountfrom == NULL) 1298 return (error); /* don't complain */ 1299 1300 s = splcam(); /* Overkill, but annoying without it */ 1301 printf("Mounting root from %s\n", mountfrom); 1302 splx(s); 1303 1304 /* parse vfs name and path */ 1305 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1306 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1307 vfsname[0] = path[0] = 0; 1308 sprintf(patt, "%%%d[a-z0-9]:%%%ds", MFSNAMELEN, MNAMELEN); 1309 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1310 goto done; 1311 1312 /* allocate a root mount */ 1313 error = vfs_rootmountalloc(vfsname, path[0] != 0 ? path : ROOTNAME, 1314 &mp); 1315 if (error != 0) { 1316 printf("Can't allocate root mount for filesystem '%s': %d\n", 1317 vfsname, error); 1318 goto done; 1319 } 1320 1321 /* do our best to set rootdev */ 1322 if (path[0] != '\0' && setrootbyname(path)) 1323 printf("setrootbyname failed\n"); 1324 1325 /* If the root device is a type "memory disk", mount RW */ 1326 if (rootdev != NULL && devsw(rootdev) != NULL) { 1327 devname = devtoname(rootdev); 1328 if (devname[0] == 'm' && devname[1] == 'd') 1329 mp->mnt_flag &= ~MNT_RDONLY; 1330 } 1331 1332 error = VFS_MOUNT(mp, NULL, NULL, NULL, curthread); 1333 1334 done: 1335 if (vfsname != NULL) 1336 free(vfsname, M_MOUNT); 1337 if (path != NULL) 1338 free(path, M_MOUNT); 1339 if (error != 0) { 1340 if (mp != NULL) 1341 vfs_mount_destroy(mp, curthread); 1342 printf("Root mount failed: %d\n", error); 1343 } else { 1344 1345 /* register with list of mounted filesystems */ 1346 mtx_lock(&mountlist_mtx); 1347 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1348 mtx_unlock(&mountlist_mtx); 1349 1350 /* sanity check system clock against root fs timestamp */ 1351 inittodr(mp->mnt_time); 1352 vfs_unbusy(mp, curthread); 1353 error = VFS_START(mp, 0, curthread); 1354 } 1355 return (error); 1356 } 1357 1358 /* 1359 * Spin prompting on the console for a suitable root filesystem 1360 */ 1361 static int 1362 vfs_mountroot_ask(void) 1363 { 1364 char name[128]; 1365 1366 for(;;) { 1367 printf("\nManual root filesystem specification:\n"); 1368 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1369 #if defined(__i386__) || defined(__ia64__) 1370 printf(" eg. ufs:da0s1a\n"); 1371 #else 1372 printf(" eg. ufs:/dev/da0a\n"); 1373 #endif 1374 printf(" ? List valid disk boot devices\n"); 1375 printf(" <empty line> Abort manual input\n"); 1376 printf("\nmountroot> "); 1377 gets(name); 1378 if (name[0] == '\0') 1379 return (1); 1380 if (name[0] == '?') { 1381 printf("\nList of GEOM managed disk devices:\n "); 1382 g_dev_print(); 1383 continue; 1384 } 1385 if (!vfs_mountroot_try(name)) 1386 return (0); 1387 } 1388 } 1389 1390 /* 1391 * Local helper function for vfs_mountroot_ask. 1392 */ 1393 static void 1394 gets(char *cp) 1395 { 1396 char *lp; 1397 int c; 1398 1399 lp = cp; 1400 for (;;) { 1401 printf("%c", c = cngetc() & 0177); 1402 switch (c) { 1403 case -1: 1404 case '\n': 1405 case '\r': 1406 *lp++ = '\0'; 1407 return; 1408 case '\b': 1409 case '\177': 1410 if (lp > cp) { 1411 printf(" \b"); 1412 lp--; 1413 } 1414 continue; 1415 case '#': 1416 lp--; 1417 if (lp < cp) 1418 lp = cp; 1419 continue; 1420 case '@': 1421 case 'u' & 037: 1422 lp = cp; 1423 printf("%c", '\n'); 1424 continue; 1425 default: 1426 *lp++ = c; 1427 } 1428 } 1429 } 1430 1431 /* 1432 * Convert a given name to the cdev pointer of the device, which is probably 1433 * but not by definition, a disk. Mount a DEVFS (on nothing), look the name 1434 * up, extract the cdev from the vnode and unmount it again. Unfortunately 1435 * we cannot use the vnode directly (because we unmount the DEVFS again) 1436 * so the filesystems still have to do the bdevvp() stunt. 1437 */ 1438 struct cdev * 1439 getdiskbyname(char *name) 1440 { 1441 char *cp = name; 1442 struct cdev *dev = NULL; 1443 struct thread *td = curthread; 1444 struct vfsconf *vfsp; 1445 struct mount *mp = NULL; 1446 struct vnode *vroot = NULL; 1447 struct nameidata nid; 1448 int error; 1449 1450 if (!bcmp(cp, "/dev/", 5)) 1451 cp += 5; 1452 1453 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1454 if (!strcmp(vfsp->vfc_name, "devfs")) 1455 break; 1456 do { 1457 if (vfsp == NULL) 1458 break; 1459 error = vfs_mount_alloc(NULLVP, vfsp, "/dev", td, &mp); 1460 if (error) 1461 break; 1462 mp->mnt_flag |= MNT_RDONLY; 1463 1464 error = VFS_NMOUNT(mp, NULL, curthread); 1465 if (error) 1466 break; 1467 VFS_START(mp, 0, td); 1468 VFS_ROOT(mp, &vroot, td); 1469 VOP_UNLOCK(vroot, 0, td); 1470 1471 NDINIT(&nid, LOOKUP, NOCACHE|FOLLOW, 1472 UIO_SYSSPACE, cp, curthread); 1473 nid.ni_startdir = vroot; 1474 nid.ni_pathlen = strlen(cp); 1475 nid.ni_cnd.cn_cred = curthread->td_ucred; 1476 nid.ni_cnd.cn_nameptr = cp; 1477 1478 error = lookup(&nid); 1479 if (error) 1480 break; 1481 dev = vn_todev (nid.ni_vp); 1482 NDFREE(&nid, 0); 1483 } while (0); 1484 1485 if (vroot != NULL) 1486 VFS_UNMOUNT(mp, 0, td); 1487 if (mp != NULL) 1488 vfs_mount_destroy(mp, td); 1489 return (dev); 1490 } 1491 1492 /* 1493 * Set rootdev to match (name), given that we expect it to 1494 * refer to a disk-like device. 1495 */ 1496 static int 1497 setrootbyname(char *name) 1498 { 1499 struct cdev *diskdev; 1500 1501 diskdev = getdiskbyname(name); 1502 if (diskdev != NULL) { 1503 rootdev = diskdev; 1504 return (0); 1505 } 1506 1507 return (1); 1508 } 1509 1510 /* Show the struct cdev *for a disk specified by name */ 1511 #ifdef DDB 1512 DB_SHOW_COMMAND(disk, db_getdiskbyname) 1513 { 1514 struct cdev *dev; 1515 1516 if (modif[0] == '\0') { 1517 db_error("usage: show disk/devicename"); 1518 return; 1519 } 1520 dev = getdiskbyname(modif); 1521 if (dev != NULL) 1522 db_printf("struct cdev *= %p\n", dev); 1523 else 1524 db_printf("No disk device matched.\n"); 1525 } 1526 #endif 1527 1528 /* 1529 * Get a mount option by its name. 1530 * 1531 * Return 0 if the option was found, ENOENT otherwise. 1532 * If len is non-NULL it will be filled with the length 1533 * of the option. If buf is non-NULL, it will be filled 1534 * with the address of the option. 1535 */ 1536 int 1537 vfs_getopt(opts, name, buf, len) 1538 struct vfsoptlist *opts; 1539 const char *name; 1540 void **buf; 1541 int *len; 1542 { 1543 struct vfsopt *opt; 1544 1545 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1546 1547 TAILQ_FOREACH(opt, opts, link) { 1548 if (strcmp(name, opt->name) == 0) { 1549 if (len != NULL) 1550 *len = opt->len; 1551 if (buf != NULL) 1552 *buf = opt->value; 1553 return (0); 1554 } 1555 } 1556 return (ENOENT); 1557 } 1558 1559 /* 1560 * Find and copy a mount option. 1561 * 1562 * The size of the buffer has to be specified 1563 * in len, if it is not the same length as the 1564 * mount option, EINVAL is returned. 1565 * Returns ENOENT if the option is not found. 1566 */ 1567 int 1568 vfs_copyopt(opts, name, dest, len) 1569 struct vfsoptlist *opts; 1570 const char *name; 1571 void *dest; 1572 int len; 1573 { 1574 struct vfsopt *opt; 1575 1576 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL")); 1577 1578 TAILQ_FOREACH(opt, opts, link) { 1579 if (strcmp(name, opt->name) == 0) { 1580 if (len != opt->len) 1581 return (EINVAL); 1582 bcopy(opt->value, dest, opt->len); 1583 return (0); 1584 } 1585 } 1586 return (ENOENT); 1587 } 1588 1589 1590 /* 1591 * This is a helper function for filesystems to traverse their 1592 * vnodes. See MNT_VNODE_FOREACH() in sys/mount.h 1593 */ 1594 1595 struct vnode * 1596 __mnt_vnode_next(struct vnode **nvp, struct mount *mp) 1597 { 1598 struct vnode *vp; 1599 1600 mtx_assert(&mp->mnt_mtx, MA_OWNED); 1601 vp = *nvp; 1602 /* Check if we are done */ 1603 if (vp == NULL) 1604 return (NULL); 1605 /* If our next vnode is no longer ours, start over */ 1606 if (vp->v_mount != mp) 1607 vp = TAILQ_FIRST(&mp->mnt_nvnodelist); 1608 /* Save pointer to next vnode in list */ 1609 if (vp != NULL) 1610 *nvp = TAILQ_NEXT(vp, v_nmntvnodes); 1611 else 1612 *nvp = NULL; 1613 return (vp); 1614 } 1615