1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * Copyright (c) 1999 Michael Smith 39 * All rights reserved. 40 * Copyright (c) 1999 Poul-Henning Kamp 41 * All rights reserved. 42 * 43 * Redistribution and use in source and binary forms, with or without 44 * modification, are permitted provided that the following conditions 45 * are met: 46 * 1. Redistributions of source code must retain the above copyright 47 * notice, this list of conditions and the following disclaimer. 48 * 2. Redistributions in binary form must reproduce the above copyright 49 * notice, this list of conditions and the following disclaimer in the 50 * documentation and/or other materials provided with the distribution. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 * 64 * $FreeBSD$ 65 */ 66 67 #include <sys/param.h> 68 #include <sys/conf.h> 69 #include <sys/cons.h> 70 #include <sys/kernel.h> 71 #include <sys/linker.h> 72 #include <sys/mac.h> 73 #include <sys/malloc.h> 74 #include <sys/mount.h> 75 #include <sys/mutex.h> 76 #include <sys/namei.h> 77 #include <sys/proc.h> 78 #include <sys/filedesc.h> 79 #include <sys/reboot.h> 80 #include <sys/sysproto.h> 81 #include <sys/sx.h> 82 #include <sys/sysctl.h> 83 #include <sys/sysent.h> 84 #include <sys/systm.h> 85 #include <sys/vnode.h> 86 87 #include <geom/geom.h> 88 89 #include <machine/stdarg.h> 90 91 #include "opt_rootdevname.h" 92 #include "opt_ddb.h" 93 #include "opt_mac.h" 94 95 #ifdef DDB 96 #include <ddb/ddb.h> 97 #endif 98 99 #define ROOTNAME "root_device" 100 101 static void checkdirs(struct vnode *olddp, struct vnode *newdp); 102 static int vfs_nmount(struct thread *td, int, struct uio *); 103 static int vfs_mountroot_try(char *mountfrom); 104 static int vfs_mountroot_ask(void); 105 static void gets(char *cp); 106 107 static int usermount = 0; /* if 1, non-root can mount fs. */ 108 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, ""); 109 110 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 111 112 /* List of mounted filesystems. */ 113 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 114 115 /* For any iteration/modification of mountlist */ 116 struct mtx mountlist_mtx; 117 118 /* For any iteration/modification of mnt_vnodelist */ 119 struct mtx mntvnode_mtx; 120 121 /* 122 * The vnode of the system's root (/ in the filesystem, without chroot 123 * active.) 124 */ 125 struct vnode *rootvnode; 126 127 /* 128 * The root filesystem is detailed in the kernel environment variable 129 * vfs.root.mountfrom, which is expected to be in the general format 130 * 131 * <vfsname>:[<path>] 132 * vfsname := the name of a VFS known to the kernel and capable 133 * of being mounted as root 134 * path := disk device name or other data used by the filesystem 135 * to locate its physical store 136 */ 137 138 /* 139 * The root specifiers we will try if RB_CDROM is specified. 140 */ 141 static char *cdrom_rootdevnames[] = { 142 "cd9660:cd0a", 143 "cd9660:acd0a", 144 "cd9660:wcd0a", 145 NULL 146 }; 147 148 /* legacy find-root code */ 149 char *rootdevnames[2] = {NULL, NULL}; 150 static int setrootbyname(char *name); 151 dev_t rootdev = NODEV; 152 153 /* 154 * Has to be dynamic as the value of rootdev can change; however, it can't 155 * change after the root is mounted, so a user process can't access this 156 * sysctl until after the value is unchangeable. 157 */ 158 static int 159 sysctl_rootdev(SYSCTL_HANDLER_ARGS) 160 { 161 int error; 162 163 /* _RD prevents this from happening. */ 164 KASSERT(req->newptr == NULL, ("Attempt to change root device name")); 165 166 if (rootdev != NODEV) 167 error = sysctl_handle_string(oidp, rootdev->si_name, 0, req); 168 else 169 error = sysctl_handle_string(oidp, "", 0, req); 170 171 return (error); 172 } 173 174 SYSCTL_PROC(_kern, OID_AUTO, rootdev, CTLTYPE_STRING | CTLFLAG_RD, 175 0, 0, sysctl_rootdev, "A", "Root file system device"); 176 177 /* Remove one mount option. */ 178 static void 179 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 180 { 181 182 TAILQ_REMOVE(opts, opt, link); 183 free(opt->name, M_MOUNT); 184 if (opt->value != NULL) 185 free(opt->value, M_MOUNT); 186 #ifdef INVARIANTS 187 else if (opt->len != 0) 188 panic("%s: mount option with NULL value but length != 0", 189 __func__); 190 #endif 191 free(opt, M_MOUNT); 192 } 193 194 /* Release all resources related to the mount options. */ 195 static void 196 vfs_freeopts(struct vfsoptlist *opts) 197 { 198 struct vfsopt *opt; 199 200 while (!TAILQ_EMPTY(opts)) { 201 opt = TAILQ_FIRST(opts); 202 vfs_freeopt(opts, opt); 203 } 204 free(opts, M_MOUNT); 205 } 206 207 /* 208 * If a mount option is specified several times, 209 * (with or without the "no" prefix) only keep 210 * the last occurence of it. 211 */ 212 static void 213 vfs_sanitizeopts(struct vfsoptlist *opts) 214 { 215 struct vfsopt *opt, *opt2, *tmp; 216 int noopt; 217 218 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 219 if (strncmp(opt->name, "no", 2) == 0) 220 noopt = 1; 221 else 222 noopt = 0; 223 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 224 while (opt2 != NULL) { 225 if (strcmp(opt2->name, opt->name) == 0 || 226 (noopt && strcmp(opt->name + 2, opt2->name) == 0) || 227 (!noopt && strncmp(opt2->name, "no", 2) == 0 && 228 strcmp(opt2->name + 2, opt->name) == 0)) { 229 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 230 vfs_freeopt(opts, opt2); 231 opt2 = tmp; 232 } else { 233 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 234 } 235 } 236 } 237 } 238 239 /* 240 * Build a linked list of mount options from a struct uio. 241 */ 242 static int 243 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 244 { 245 struct vfsoptlist *opts; 246 struct vfsopt *opt; 247 unsigned int i, iovcnt; 248 int error, namelen, optlen; 249 250 iovcnt = auio->uio_iovcnt; 251 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 252 TAILQ_INIT(opts); 253 for (i = 0; i < iovcnt; i += 2) { 254 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 255 namelen = auio->uio_iov[i].iov_len; 256 optlen = auio->uio_iov[i + 1].iov_len; 257 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 258 opt->value = NULL; 259 if (auio->uio_segflg == UIO_SYSSPACE) { 260 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 261 } else { 262 error = copyin(auio->uio_iov[i].iov_base, opt->name, 263 namelen); 264 if (error) 265 goto bad; 266 } 267 opt->len = optlen; 268 if (optlen != 0) { 269 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 270 if (auio->uio_segflg == UIO_SYSSPACE) { 271 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 272 optlen); 273 } else { 274 error = copyin(auio->uio_iov[i + 1].iov_base, 275 opt->value, optlen); 276 if (error) 277 goto bad; 278 } 279 } 280 TAILQ_INSERT_TAIL(opts, opt, link); 281 } 282 vfs_sanitizeopts(opts); 283 *options = opts; 284 return (0); 285 bad: 286 vfs_freeopts(opts); 287 return (error); 288 } 289 290 /* 291 * Merge the old mount options with the new ones passed 292 * in the MNT_UPDATE case. 293 */ 294 static void 295 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 296 { 297 struct vfsopt *opt, *opt2, *new; 298 299 TAILQ_FOREACH(opt, opts, link) { 300 /* 301 * Check that this option hasn't been redefined 302 * nor cancelled with a "no" mount option. 303 */ 304 opt2 = TAILQ_FIRST(toopts); 305 while (opt2 != NULL) { 306 if (strcmp(opt2->name, opt->name) == 0) 307 goto next; 308 if (strncmp(opt2->name, "no", 2) == 0 && 309 strcmp(opt2->name + 2, opt->name) == 0) { 310 vfs_freeopt(toopts, opt2); 311 goto next; 312 } 313 opt2 = TAILQ_NEXT(opt2, link); 314 } 315 /* We want this option, duplicate it. */ 316 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 317 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 318 strcpy(new->name, opt->name); 319 if (opt->len != 0) { 320 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 321 bcopy(opt->value, new->value, opt->len); 322 } else { 323 new->value = NULL; 324 } 325 new->len = opt->len; 326 TAILQ_INSERT_TAIL(toopts, new, link); 327 next: 328 continue; 329 } 330 } 331 332 /* 333 * New mount API. 334 */ 335 int 336 nmount(td, uap) 337 struct thread *td; 338 struct nmount_args /* { 339 struct iovec *iovp; 340 unsigned int iovcnt; 341 int flags; 342 } */ *uap; 343 { 344 struct uio auio; 345 struct iovec *iov, *needfree; 346 struct iovec aiov[UIO_SMALLIOV]; 347 unsigned int i; 348 int error; 349 u_int iovlen, iovcnt; 350 351 iovcnt = uap->iovcnt; 352 iovlen = iovcnt * sizeof (struct iovec); 353 /* 354 * Check that we have an even number of iovec's 355 * and that we have at least two options. 356 */ 357 if ((iovcnt & 1) || (iovcnt < 4) || (iovcnt > UIO_MAXIOV)) 358 return (EINVAL); 359 360 if (iovcnt > UIO_SMALLIOV) { 361 MALLOC(iov, struct iovec *, iovlen, M_IOV, M_WAITOK); 362 needfree = iov; 363 } else { 364 iov = aiov; 365 needfree = NULL; 366 } 367 auio.uio_iov = iov; 368 auio.uio_iovcnt = iovcnt; 369 auio.uio_segflg = UIO_USERSPACE; 370 if ((error = copyin(uap->iovp, iov, iovlen))) 371 goto finish; 372 373 for (i = 0; i < iovcnt; i++) { 374 if (iov->iov_len > MMAXOPTIONLEN) { 375 error = EINVAL; 376 goto finish; 377 } 378 iov++; 379 } 380 error = vfs_nmount(td, uap->flags, &auio); 381 finish: 382 if (needfree != NULL) 383 free(needfree, M_TEMP); 384 return (error); 385 } 386 387 int 388 kernel_mount(iovp, iovcnt, flags) 389 struct iovec *iovp; 390 unsigned int iovcnt; 391 int flags; 392 { 393 struct uio auio; 394 int error; 395 396 /* 397 * Check that we have an even number of iovec's 398 * and that we have at least two options. 399 */ 400 if ((iovcnt & 1) || (iovcnt < 4)) 401 return (EINVAL); 402 403 auio.uio_iov = iovp; 404 auio.uio_iovcnt = iovcnt; 405 auio.uio_segflg = UIO_SYSSPACE; 406 407 error = vfs_nmount(curthread, flags, &auio); 408 return (error); 409 } 410 411 int 412 kernel_vmount(int flags, ...) 413 { 414 struct iovec *iovp; 415 struct uio auio; 416 va_list ap; 417 unsigned int iovcnt, iovlen, len; 418 const char *cp; 419 char *buf, *pos; 420 size_t n; 421 int error, i; 422 423 len = 0; 424 va_start(ap, flags); 425 for (iovcnt = 0; (cp = va_arg(ap, const char *)) != NULL; iovcnt++) 426 len += strlen(cp) + 1; 427 va_end(ap); 428 429 if (iovcnt < 4 || iovcnt & 1) 430 return (EINVAL); 431 432 iovlen = iovcnt * sizeof (struct iovec); 433 MALLOC(iovp, struct iovec *, iovlen, M_MOUNT, M_WAITOK); 434 MALLOC(buf, char *, len, M_MOUNT, M_WAITOK); 435 pos = buf; 436 va_start(ap, flags); 437 for (i = 0; i < iovcnt; i++) { 438 cp = va_arg(ap, const char *); 439 copystr(cp, pos, len - (pos - buf), &n); 440 iovp[i].iov_base = pos; 441 iovp[i].iov_len = n; 442 pos += n; 443 } 444 va_end(ap); 445 446 auio.uio_iov = iovp; 447 auio.uio_iovcnt = iovcnt; 448 auio.uio_segflg = UIO_SYSSPACE; 449 450 error = vfs_nmount(curthread, flags, &auio); 451 FREE(iovp, M_MOUNT); 452 FREE(buf, M_MOUNT); 453 return (error); 454 } 455 456 /* 457 * vfs_nmount(): actually attempt a filesystem mount. 458 */ 459 static int 460 vfs_nmount(td, fsflags, fsoptions) 461 struct thread *td; 462 int fsflags; /* Flags common to all filesystems. */ 463 struct uio *fsoptions; /* Options local to the filesystem. */ 464 { 465 linker_file_t lf; 466 struct vnode *vp; 467 struct mount *mp; 468 struct vfsconf *vfsp; 469 struct vfsoptlist *optlist; 470 char *fstype, *fspath; 471 int error, flag = 0, kern_flag = 0; 472 int fstypelen, fspathlen; 473 struct vattr va; 474 struct nameidata nd; 475 476 error = vfs_buildopts(fsoptions, &optlist); 477 if (error) 478 return (error); 479 480 /* 481 * We need these two options before the others, 482 * and they are mandatory for any filesystem. 483 * Ensure they are NUL terminated as well. 484 */ 485 fstypelen = 0; 486 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 487 if (error || fstype[fstypelen - 1] != '\0') { 488 error = EINVAL; 489 goto bad; 490 } 491 fspathlen = 0; 492 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 493 if (error || fspath[fspathlen - 1] != '\0') { 494 error = EINVAL; 495 goto bad; 496 } 497 498 /* 499 * Be ultra-paranoid about making sure the type and fspath 500 * variables will fit in our mp buffers, including the 501 * terminating NUL. 502 */ 503 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 504 error = ENAMETOOLONG; 505 goto bad; 506 } 507 508 if (usermount == 0) { 509 error = suser(td); 510 if (error) 511 goto bad; 512 } 513 /* 514 * Do not allow NFS export by non-root users. 515 */ 516 if (fsflags & MNT_EXPORTED) { 517 error = suser(td); 518 if (error) 519 goto bad; 520 } 521 /* 522 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 523 */ 524 if (suser(td)) 525 fsflags |= MNT_NOSUID | MNT_NODEV; 526 /* 527 * Get vnode to be covered 528 */ 529 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 530 if ((error = namei(&nd)) != 0) 531 goto bad; 532 NDFREE(&nd, NDF_ONLY_PNBUF); 533 vp = nd.ni_vp; 534 if (fsflags & MNT_UPDATE) { 535 if ((vp->v_vflag & VV_ROOT) == 0) { 536 vput(vp); 537 error = EINVAL; 538 goto bad; 539 } 540 mp = vp->v_mount; 541 flag = mp->mnt_flag; 542 kern_flag = mp->mnt_kern_flag; 543 /* 544 * We only allow the filesystem to be reloaded if it 545 * is currently mounted read-only. 546 */ 547 if ((fsflags & MNT_RELOAD) && 548 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 549 vput(vp); 550 error = EOPNOTSUPP; /* Needs translation */ 551 goto bad; 552 } 553 /* 554 * Only root, or the user that did the original mount is 555 * permitted to update it. 556 */ 557 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 558 error = suser(td); 559 if (error) { 560 vput(vp); 561 goto bad; 562 } 563 } 564 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 565 vput(vp); 566 error = EBUSY; 567 goto bad; 568 } 569 VI_LOCK(vp); 570 if ((vp->v_iflag & VI_MOUNT) != 0 || 571 vp->v_mountedhere != NULL) { 572 VI_UNLOCK(vp); 573 vfs_unbusy(mp, td); 574 vput(vp); 575 error = EBUSY; 576 goto bad; 577 } 578 vp->v_iflag |= VI_MOUNT; 579 VI_UNLOCK(vp); 580 mp->mnt_flag |= fsflags & 581 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 582 VOP_UNLOCK(vp, 0, td); 583 mp->mnt_optnew = optlist; 584 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 585 goto update; 586 } 587 /* 588 * If the user is not root, ensure that they own the directory 589 * onto which we are attempting to mount. 590 */ 591 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 592 if (error) { 593 vput(vp); 594 goto bad; 595 } 596 if (va.va_uid != td->td_ucred->cr_uid) { 597 error = suser(td); 598 if (error) { 599 vput(vp); 600 goto bad; 601 } 602 } 603 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 604 vput(vp); 605 goto bad; 606 } 607 if (vp->v_type != VDIR) { 608 vput(vp); 609 error = ENOTDIR; 610 goto bad; 611 } 612 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 613 if (!strcmp(vfsp->vfc_name, fstype)) 614 break; 615 if (vfsp == NULL) { 616 /* Only load modules for root (very important!). */ 617 error = suser(td); 618 if (error) { 619 vput(vp); 620 goto bad; 621 } 622 error = securelevel_gt(td->td_ucred, 0); 623 if (error) { 624 vput(vp); 625 goto bad; 626 } 627 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 628 if (error || lf == NULL) { 629 vput(vp); 630 if (lf == NULL) 631 error = ENODEV; 632 goto bad; 633 } 634 lf->userrefs++; 635 /* Look up again to see if the VFS was loaded. */ 636 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 637 if (!strcmp(vfsp->vfc_name, fstype)) 638 break; 639 if (vfsp == NULL) { 640 lf->userrefs--; 641 linker_file_unload(lf); 642 vput(vp); 643 error = ENODEV; 644 goto bad; 645 } 646 } 647 VI_LOCK(vp); 648 if ((vp->v_iflag & VI_MOUNT) != 0 || 649 vp->v_mountedhere != NULL) { 650 VI_UNLOCK(vp); 651 vput(vp); 652 error = EBUSY; 653 goto bad; 654 } 655 vp->v_iflag |= VI_MOUNT; 656 VI_UNLOCK(vp); 657 658 /* 659 * Allocate and initialize the filesystem. 660 */ 661 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 662 TAILQ_INIT(&mp->mnt_nvnodelist); 663 TAILQ_INIT(&mp->mnt_reservedvnlist); 664 mp->mnt_nvnodelistsize = 0; 665 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 666 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 667 mp->mnt_op = vfsp->vfc_vfsops; 668 mp->mnt_vfc = vfsp; 669 vfsp->vfc_refcount++; 670 mp->mnt_stat.f_type = vfsp->vfc_typenum; 671 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 672 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 673 mp->mnt_vnodecovered = vp; 674 mp->mnt_cred = crdup(td->td_ucred); 675 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 676 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 677 mp->mnt_iosize_max = DFLTPHYS; 678 #ifdef MAC 679 mac_init_mount(mp); 680 mac_create_mount(td->td_ucred, mp); 681 #endif 682 VOP_UNLOCK(vp, 0, td); 683 mp->mnt_optnew = optlist; /* XXXMAC: should this be above? */ 684 685 update: 686 /* 687 * Check if the fs implements the new VFS_NMOUNT() 688 * function, since the new system call was used. 689 */ 690 if (mp->mnt_op->vfs_mount != NULL) { 691 printf("%s doesn't support the new mount syscall\n", 692 mp->mnt_vfc->vfc_name); 693 VI_LOCK(vp); 694 vp->v_iflag &= ~VI_MOUNT; 695 VI_UNLOCK(vp); 696 if (mp->mnt_flag & MNT_UPDATE) 697 vfs_unbusy(mp, td); 698 else { 699 mp->mnt_vfc->vfc_refcount--; 700 vfs_unbusy(mp, td); 701 #ifdef MAC 702 mac_destroy_mount(mp); 703 #endif 704 free(mp, M_MOUNT); 705 } 706 vrele(vp); 707 error = EOPNOTSUPP; 708 goto bad; 709 } 710 711 /* 712 * Set the mount level flags. 713 */ 714 if (fsflags & MNT_RDONLY) 715 mp->mnt_flag |= MNT_RDONLY; 716 else if (mp->mnt_flag & MNT_RDONLY) 717 mp->mnt_kern_flag |= MNTK_WANTRDWR; 718 mp->mnt_flag &=~ MNT_UPDATEMASK; 719 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 720 /* 721 * Mount the filesystem. 722 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 723 * get. No freeing of cn_pnbuf. 724 */ 725 error = VFS_NMOUNT(mp, &nd, td); 726 if (!error) { 727 if (mp->mnt_opt != NULL) 728 vfs_freeopts(mp->mnt_opt); 729 mp->mnt_opt = mp->mnt_optnew; 730 } 731 /* 732 * Prevent external consumers of mount 733 * options to read mnt_optnew. 734 */ 735 mp->mnt_optnew = NULL; 736 if (mp->mnt_flag & MNT_UPDATE) { 737 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 738 mp->mnt_flag &= ~MNT_RDONLY; 739 mp->mnt_flag &=~ 740 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 741 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 742 if (error) { 743 mp->mnt_flag = flag; 744 mp->mnt_kern_flag = kern_flag; 745 } 746 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 747 if (mp->mnt_syncer == NULL) 748 error = vfs_allocate_syncvnode(mp); 749 } else { 750 if (mp->mnt_syncer != NULL) 751 vrele(mp->mnt_syncer); 752 mp->mnt_syncer = NULL; 753 } 754 vfs_unbusy(mp, td); 755 VI_LOCK(vp); 756 vp->v_iflag &= ~VI_MOUNT; 757 VI_UNLOCK(vp); 758 vrele(vp); 759 return (error); 760 } 761 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 762 /* 763 * Put the new filesystem on the mount list after root. 764 */ 765 cache_purge(vp); 766 if (!error) { 767 struct vnode *newdp; 768 769 VI_LOCK(vp); 770 vp->v_iflag &= ~VI_MOUNT; 771 VI_UNLOCK(vp); 772 vp->v_mountedhere = mp; 773 mtx_lock(&mountlist_mtx); 774 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 775 mtx_unlock(&mountlist_mtx); 776 if (VFS_ROOT(mp, &newdp)) 777 panic("mount: lost mount"); 778 checkdirs(vp, newdp); 779 vput(newdp); 780 VOP_UNLOCK(vp, 0, td); 781 if ((mp->mnt_flag & MNT_RDONLY) == 0) 782 error = vfs_allocate_syncvnode(mp); 783 vfs_unbusy(mp, td); 784 if ((error = VFS_START(mp, 0, td)) != 0) { 785 vrele(vp); 786 goto bad; 787 } 788 } else { 789 VI_LOCK(vp); 790 vp->v_iflag &= ~VI_MOUNT; 791 VI_UNLOCK(vp); 792 mp->mnt_vfc->vfc_refcount--; 793 vfs_unbusy(mp, td); 794 #ifdef MAC 795 mac_destroy_mount(mp); 796 #endif 797 free(mp, M_MOUNT); 798 vput(vp); 799 goto bad; 800 } 801 return (0); 802 bad: 803 vfs_freeopts(optlist); 804 return (error); 805 } 806 807 /* 808 * Old mount API. 809 */ 810 #ifndef _SYS_SYSPROTO_H_ 811 struct mount_args { 812 char *type; 813 char *path; 814 int flags; 815 caddr_t data; 816 }; 817 #endif 818 /* ARGSUSED */ 819 int 820 mount(td, uap) 821 struct thread *td; 822 struct mount_args /* { 823 char *type; 824 char *path; 825 int flags; 826 caddr_t data; 827 } */ *uap; 828 { 829 char *fstype; 830 char *fspath; 831 int error; 832 833 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 834 fspath = malloc(MNAMELEN, M_TEMP, M_WAITOK); 835 836 /* 837 * vfs_mount() actually takes a kernel string for `type' and 838 * `path' now, so extract them. 839 */ 840 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL); 841 if (error == 0) 842 error = copyinstr(uap->path, fspath, MNAMELEN, NULL); 843 if (error == 0) 844 error = vfs_mount(td, fstype, fspath, uap->flags, uap->data); 845 free(fstype, M_TEMP); 846 free(fspath, M_TEMP); 847 return (error); 848 } 849 850 /* 851 * vfs_mount(): actually attempt a filesystem mount. 852 * 853 * This routine is designed to be a "generic" entry point for routines 854 * that wish to mount a filesystem. All parameters except `fsdata' are 855 * pointers into kernel space. `fsdata' is currently still a pointer 856 * into userspace. 857 */ 858 int 859 vfs_mount(td, fstype, fspath, fsflags, fsdata) 860 struct thread *td; 861 const char *fstype; 862 char *fspath; 863 int fsflags; 864 void *fsdata; 865 { 866 linker_file_t lf; 867 struct vnode *vp; 868 struct mount *mp; 869 struct vfsconf *vfsp; 870 int error, flag = 0, kern_flag = 0; 871 struct vattr va; 872 struct nameidata nd; 873 874 /* 875 * Be ultra-paranoid about making sure the type and fspath 876 * variables will fit in our mp buffers, including the 877 * terminating NUL. 878 */ 879 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 880 return (ENAMETOOLONG); 881 882 if (usermount == 0) { 883 error = suser(td); 884 if (error) 885 return (error); 886 } 887 /* 888 * Do not allow NFS export by non-root users. 889 */ 890 if (fsflags & MNT_EXPORTED) { 891 error = suser(td); 892 if (error) 893 return (error); 894 } 895 /* 896 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 897 */ 898 if (suser(td)) 899 fsflags |= MNT_NOSUID | MNT_NODEV; 900 /* 901 * Get vnode to be covered 902 */ 903 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 904 if ((error = namei(&nd)) != 0) 905 return (error); 906 NDFREE(&nd, NDF_ONLY_PNBUF); 907 vp = nd.ni_vp; 908 if (fsflags & MNT_UPDATE) { 909 if ((vp->v_vflag & VV_ROOT) == 0) { 910 vput(vp); 911 return (EINVAL); 912 } 913 mp = vp->v_mount; 914 flag = mp->mnt_flag; 915 kern_flag = mp->mnt_kern_flag; 916 /* 917 * We only allow the filesystem to be reloaded if it 918 * is currently mounted read-only. 919 */ 920 if ((fsflags & MNT_RELOAD) && 921 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 922 vput(vp); 923 return (EOPNOTSUPP); /* Needs translation */ 924 } 925 /* 926 * Only root, or the user that did the original mount is 927 * permitted to update it. 928 */ 929 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 930 error = suser(td); 931 if (error) { 932 vput(vp); 933 return (error); 934 } 935 } 936 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 937 vput(vp); 938 return (EBUSY); 939 } 940 VI_LOCK(vp); 941 if ((vp->v_iflag & VI_MOUNT) != 0 || 942 vp->v_mountedhere != NULL) { 943 VI_UNLOCK(vp); 944 vfs_unbusy(mp, td); 945 vput(vp); 946 return (EBUSY); 947 } 948 vp->v_iflag |= VI_MOUNT; 949 VI_UNLOCK(vp); 950 mp->mnt_flag |= fsflags & 951 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 952 VOP_UNLOCK(vp, 0, td); 953 goto update; 954 } 955 /* 956 * If the user is not root, ensure that they own the directory 957 * onto which we are attempting to mount. 958 */ 959 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 960 if (error) { 961 vput(vp); 962 return (error); 963 } 964 if (va.va_uid != td->td_ucred->cr_uid) { 965 error = suser(td); 966 if (error) { 967 vput(vp); 968 return (error); 969 } 970 } 971 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 972 vput(vp); 973 return (error); 974 } 975 if (vp->v_type != VDIR) { 976 vput(vp); 977 return (ENOTDIR); 978 } 979 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 980 if (!strcmp(vfsp->vfc_name, fstype)) 981 break; 982 if (vfsp == NULL) { 983 /* Only load modules for root (very important!). */ 984 error = suser(td); 985 if (error) { 986 vput(vp); 987 return (error); 988 } 989 error = securelevel_gt(td->td_ucred, 0); 990 if (error) { 991 vput(vp); 992 return (error); 993 } 994 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 995 if (error || lf == NULL) { 996 vput(vp); 997 if (lf == NULL) 998 error = ENODEV; 999 return (error); 1000 } 1001 lf->userrefs++; 1002 /* Look up again to see if the VFS was loaded. */ 1003 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1004 if (!strcmp(vfsp->vfc_name, fstype)) 1005 break; 1006 if (vfsp == NULL) { 1007 lf->userrefs--; 1008 linker_file_unload(lf); 1009 vput(vp); 1010 return (ENODEV); 1011 } 1012 } 1013 VI_LOCK(vp); 1014 if ((vp->v_iflag & VI_MOUNT) != 0 || 1015 vp->v_mountedhere != NULL) { 1016 VI_UNLOCK(vp); 1017 vput(vp); 1018 return (EBUSY); 1019 } 1020 vp->v_iflag |= VI_MOUNT; 1021 VI_UNLOCK(vp); 1022 1023 /* 1024 * Allocate and initialize the filesystem. 1025 */ 1026 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1027 TAILQ_INIT(&mp->mnt_nvnodelist); 1028 TAILQ_INIT(&mp->mnt_reservedvnlist); 1029 mp->mnt_nvnodelistsize = 0; 1030 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1031 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1032 mp->mnt_op = vfsp->vfc_vfsops; 1033 mp->mnt_vfc = vfsp; 1034 vfsp->vfc_refcount++; 1035 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1036 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1037 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 1038 mp->mnt_vnodecovered = vp; 1039 mp->mnt_cred = crdup(td->td_ucred); 1040 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 1041 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 1042 mp->mnt_iosize_max = DFLTPHYS; 1043 #ifdef MAC 1044 mac_init_mount(mp); 1045 mac_create_mount(td->td_ucred, mp); 1046 #endif 1047 VOP_UNLOCK(vp, 0, td); 1048 update: 1049 /* 1050 * Check if the fs implements the old VFS_MOUNT() 1051 * function, since the old system call was used. 1052 */ 1053 if (mp->mnt_op->vfs_mount == NULL) { 1054 printf("%s doesn't support the old mount syscall\n", 1055 mp->mnt_vfc->vfc_name); 1056 VI_LOCK(vp); 1057 vp->v_iflag &= ~VI_MOUNT; 1058 VI_UNLOCK(vp); 1059 if (mp->mnt_flag & MNT_UPDATE) 1060 vfs_unbusy(mp, td); 1061 else { 1062 mp->mnt_vfc->vfc_refcount--; 1063 vfs_unbusy(mp, td); 1064 #ifdef MAC 1065 mac_destroy_mount(mp); 1066 #endif 1067 free(mp, M_MOUNT); 1068 } 1069 vrele(vp); 1070 return (EOPNOTSUPP); 1071 } 1072 1073 /* 1074 * Set the mount level flags. 1075 */ 1076 if (fsflags & MNT_RDONLY) 1077 mp->mnt_flag |= MNT_RDONLY; 1078 else if (mp->mnt_flag & MNT_RDONLY) 1079 mp->mnt_kern_flag |= MNTK_WANTRDWR; 1080 mp->mnt_flag &=~ MNT_UPDATEMASK; 1081 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 1082 /* 1083 * Mount the filesystem. 1084 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 1085 * get. No freeing of cn_pnbuf. 1086 */ 1087 error = VFS_MOUNT(mp, fspath, fsdata, &nd, td); 1088 if (mp->mnt_flag & MNT_UPDATE) { 1089 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 1090 mp->mnt_flag &= ~MNT_RDONLY; 1091 mp->mnt_flag &=~ 1092 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 1093 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 1094 if (error) { 1095 mp->mnt_flag = flag; 1096 mp->mnt_kern_flag = kern_flag; 1097 } 1098 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 1099 if (mp->mnt_syncer == NULL) 1100 error = vfs_allocate_syncvnode(mp); 1101 } else { 1102 if (mp->mnt_syncer != NULL) 1103 vrele(mp->mnt_syncer); 1104 mp->mnt_syncer = NULL; 1105 } 1106 vfs_unbusy(mp, td); 1107 VI_LOCK(vp); 1108 vp->v_iflag &= ~VI_MOUNT; 1109 VI_UNLOCK(vp); 1110 vrele(vp); 1111 return (error); 1112 } 1113 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 1114 /* 1115 * Put the new filesystem on the mount list after root. 1116 */ 1117 cache_purge(vp); 1118 if (!error) { 1119 struct vnode *newdp; 1120 1121 VI_LOCK(vp); 1122 vp->v_iflag &= ~VI_MOUNT; 1123 VI_UNLOCK(vp); 1124 vp->v_mountedhere = mp; 1125 mtx_lock(&mountlist_mtx); 1126 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1127 mtx_unlock(&mountlist_mtx); 1128 if (VFS_ROOT(mp, &newdp)) 1129 panic("mount: lost mount"); 1130 checkdirs(vp, newdp); 1131 vput(newdp); 1132 VOP_UNLOCK(vp, 0, td); 1133 if ((mp->mnt_flag & MNT_RDONLY) == 0) 1134 error = vfs_allocate_syncvnode(mp); 1135 vfs_unbusy(mp, td); 1136 if ((error = VFS_START(mp, 0, td)) != 0) 1137 vrele(vp); 1138 } else { 1139 VI_LOCK(vp); 1140 vp->v_iflag &= ~VI_MOUNT; 1141 VI_UNLOCK(vp); 1142 mp->mnt_vfc->vfc_refcount--; 1143 vfs_unbusy(mp, td); 1144 #ifdef MAC 1145 mac_destroy_mount(mp); 1146 #endif 1147 free(mp, M_MOUNT); 1148 vput(vp); 1149 } 1150 return (error); 1151 } 1152 1153 /* 1154 * Scan all active processes to see if any of them have a current 1155 * or root directory of `olddp'. If so, replace them with the new 1156 * mount point. 1157 */ 1158 static void 1159 checkdirs(olddp, newdp) 1160 struct vnode *olddp, *newdp; 1161 { 1162 struct filedesc *fdp; 1163 struct proc *p; 1164 int nrele; 1165 1166 if (vrefcnt(olddp) == 1) 1167 return; 1168 sx_slock(&allproc_lock); 1169 LIST_FOREACH(p, &allproc, p_list) { 1170 mtx_lock(&fdesc_mtx); 1171 fdp = p->p_fd; 1172 if (fdp == NULL) { 1173 mtx_unlock(&fdesc_mtx); 1174 continue; 1175 } 1176 nrele = 0; 1177 FILEDESC_LOCK(fdp); 1178 if (fdp->fd_cdir == olddp) { 1179 VREF(newdp); 1180 fdp->fd_cdir = newdp; 1181 nrele++; 1182 } 1183 if (fdp->fd_rdir == olddp) { 1184 VREF(newdp); 1185 fdp->fd_rdir = newdp; 1186 nrele++; 1187 } 1188 FILEDESC_UNLOCK(fdp); 1189 mtx_unlock(&fdesc_mtx); 1190 while (nrele--) 1191 vrele(olddp); 1192 } 1193 sx_sunlock(&allproc_lock); 1194 if (rootvnode == olddp) { 1195 vrele(rootvnode); 1196 VREF(newdp); 1197 rootvnode = newdp; 1198 } 1199 } 1200 1201 /* 1202 * Unmount a filesystem. 1203 * 1204 * Note: unmount takes a path to the vnode mounted on as argument, 1205 * not special file (as before). 1206 */ 1207 #ifndef _SYS_SYSPROTO_H_ 1208 struct unmount_args { 1209 char *path; 1210 int flags; 1211 }; 1212 #endif 1213 /* ARGSUSED */ 1214 int 1215 unmount(td, uap) 1216 struct thread *td; 1217 register struct unmount_args /* { 1218 char *path; 1219 int flags; 1220 } */ *uap; 1221 { 1222 register struct vnode *vp; 1223 struct mount *mp; 1224 int error; 1225 struct nameidata nd; 1226 1227 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE, uap->path, td); 1228 if ((error = namei(&nd)) != 0) 1229 return (error); 1230 vp = nd.ni_vp; 1231 NDFREE(&nd, NDF_ONLY_PNBUF); 1232 mp = vp->v_mount; 1233 1234 /* 1235 * Only root, or the user that did the original mount is 1236 * permitted to unmount this filesystem. 1237 */ 1238 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 1239 error = suser(td); 1240 if (error) { 1241 vput(vp); 1242 return (error); 1243 } 1244 } 1245 1246 /* 1247 * Don't allow unmounting the root filesystem. 1248 */ 1249 if (mp->mnt_flag & MNT_ROOTFS) { 1250 vput(vp); 1251 return (EINVAL); 1252 } 1253 1254 /* 1255 * Must be the root of the filesystem 1256 */ 1257 if ((vp->v_vflag & VV_ROOT) == 0) { 1258 vput(vp); 1259 return (EINVAL); 1260 } 1261 vput(vp); 1262 return (dounmount(mp, uap->flags, td)); 1263 } 1264 1265 /* 1266 * Do the actual filesystem unmount. 1267 */ 1268 int 1269 dounmount(mp, flags, td) 1270 struct mount *mp; 1271 int flags; 1272 struct thread *td; 1273 { 1274 struct vnode *coveredvp, *fsrootvp; 1275 int error; 1276 int async_flag; 1277 1278 mtx_lock(&mountlist_mtx); 1279 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1280 mtx_unlock(&mountlist_mtx); 1281 return (EBUSY); 1282 } 1283 mp->mnt_kern_flag |= MNTK_UNMOUNT; 1284 /* Allow filesystems to detect that a forced unmount is in progress. */ 1285 if (flags & MNT_FORCE) 1286 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1287 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK | 1288 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), &mountlist_mtx, td); 1289 if (error) { 1290 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1291 if (mp->mnt_kern_flag & MNTK_MWAIT) 1292 wakeup(mp); 1293 return (error); 1294 } 1295 vn_start_write(NULL, &mp, V_WAIT); 1296 1297 if (mp->mnt_flag & MNT_EXPUBLIC) 1298 vfs_setpublicfs(NULL, NULL, NULL); 1299 1300 vfs_msync(mp, MNT_WAIT); 1301 async_flag = mp->mnt_flag & MNT_ASYNC; 1302 mp->mnt_flag &=~ MNT_ASYNC; 1303 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1304 if (mp->mnt_syncer != NULL) 1305 vrele(mp->mnt_syncer); 1306 /* Move process cdir/rdir refs on fs root to underlying vnode. */ 1307 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1308 if (mp->mnt_vnodecovered != NULL) 1309 checkdirs(fsrootvp, mp->mnt_vnodecovered); 1310 if (fsrootvp == rootvnode) { 1311 vrele(rootvnode); 1312 rootvnode = NULL; 1313 } 1314 vput(fsrootvp); 1315 } 1316 if (((mp->mnt_flag & MNT_RDONLY) || 1317 (error = VFS_SYNC(mp, MNT_WAIT, td->td_ucred, td)) == 0) || 1318 (flags & MNT_FORCE)) { 1319 error = VFS_UNMOUNT(mp, flags, td); 1320 } 1321 vn_finished_write(mp); 1322 if (error) { 1323 /* Undo cdir/rdir and rootvnode changes made above. */ 1324 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1325 if (mp->mnt_vnodecovered != NULL) 1326 checkdirs(mp->mnt_vnodecovered, fsrootvp); 1327 if (rootvnode == NULL) { 1328 rootvnode = fsrootvp; 1329 vref(rootvnode); 1330 } 1331 vput(fsrootvp); 1332 } 1333 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) 1334 (void) vfs_allocate_syncvnode(mp); 1335 mtx_lock(&mountlist_mtx); 1336 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1337 mp->mnt_flag |= async_flag; 1338 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, 1339 &mountlist_mtx, td); 1340 if (mp->mnt_kern_flag & MNTK_MWAIT) 1341 wakeup(mp); 1342 return (error); 1343 } 1344 crfree(mp->mnt_cred); 1345 mtx_lock(&mountlist_mtx); 1346 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1347 if ((coveredvp = mp->mnt_vnodecovered) != NULL) 1348 coveredvp->v_mountedhere = NULL; 1349 mp->mnt_vfc->vfc_refcount--; 1350 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) 1351 panic("unmount: dangling vnode"); 1352 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, &mountlist_mtx, td); 1353 lockdestroy(&mp->mnt_lock); 1354 if (coveredvp != NULL) 1355 vrele(coveredvp); 1356 if (mp->mnt_kern_flag & MNTK_MWAIT) 1357 wakeup(mp); 1358 #ifdef MAC 1359 mac_destroy_mount(mp); 1360 #endif 1361 if (mp->mnt_op->vfs_mount == NULL) 1362 vfs_freeopts(mp->mnt_opt); 1363 free(mp, M_MOUNT); 1364 return (0); 1365 } 1366 1367 /* 1368 * Lookup a filesystem type, and if found allocate and initialize 1369 * a mount structure for it. 1370 * 1371 * Devname is usually updated by mount(8) after booting. 1372 */ 1373 int 1374 vfs_rootmountalloc(fstypename, devname, mpp) 1375 char *fstypename; 1376 char *devname; 1377 struct mount **mpp; 1378 { 1379 struct thread *td = curthread; /* XXX */ 1380 struct vfsconf *vfsp; 1381 struct mount *mp; 1382 1383 if (fstypename == NULL) 1384 return (ENODEV); 1385 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1386 if (!strcmp(vfsp->vfc_name, fstypename)) 1387 break; 1388 if (vfsp == NULL) 1389 return (ENODEV); 1390 mp = malloc((u_long)sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1391 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1392 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1393 TAILQ_INIT(&mp->mnt_nvnodelist); 1394 TAILQ_INIT(&mp->mnt_reservedvnlist); 1395 mp->mnt_nvnodelistsize = 0; 1396 mp->mnt_vfc = vfsp; 1397 mp->mnt_op = vfsp->vfc_vfsops; 1398 mp->mnt_flag = MNT_RDONLY; 1399 mp->mnt_vnodecovered = NULLVP; 1400 mp->mnt_cred = crdup(td->td_ucred); 1401 vfsp->vfc_refcount++; 1402 mp->mnt_iosize_max = DFLTPHYS; 1403 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1404 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1405 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 1406 mp->mnt_stat.f_mntonname[0] = '/'; 1407 mp->mnt_stat.f_mntonname[1] = 0; 1408 strlcpy(mp->mnt_stat.f_mntfromname, devname, MNAMELEN); 1409 #ifdef MAC 1410 mac_init_mount(mp); 1411 mac_create_mount(td->td_ucred, mp); 1412 #endif 1413 *mpp = mp; 1414 return (0); 1415 } 1416 1417 /* 1418 * Find and mount the root filesystem 1419 */ 1420 void 1421 vfs_mountroot(void) 1422 { 1423 char *cp; 1424 int i, error; 1425 1426 g_waitidle(); 1427 1428 /* 1429 * The root filesystem information is compiled in, and we are 1430 * booted with instructions to use it. 1431 */ 1432 #ifdef ROOTDEVNAME 1433 if ((boothowto & RB_DFLTROOT) && 1434 !vfs_mountroot_try(ROOTDEVNAME)) 1435 return; 1436 #endif 1437 /* 1438 * We are booted with instructions to prompt for the root filesystem, 1439 * or to use the compiled-in default when it doesn't exist. 1440 */ 1441 if (boothowto & (RB_DFLTROOT | RB_ASKNAME)) { 1442 if (!vfs_mountroot_ask()) 1443 return; 1444 } 1445 1446 /* 1447 * We've been given the generic "use CDROM as root" flag. This is 1448 * necessary because one media may be used in many different 1449 * devices, so we need to search for them. 1450 */ 1451 if (boothowto & RB_CDROM) { 1452 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1453 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1454 return; 1455 } 1456 } 1457 1458 /* 1459 * Try to use the value read by the loader from /etc/fstab, or 1460 * supplied via some other means. This is the preferred 1461 * mechanism. 1462 */ 1463 if ((cp = getenv("vfs.root.mountfrom")) != NULL) { 1464 error = vfs_mountroot_try(cp); 1465 freeenv(cp); 1466 if (!error) 1467 return; 1468 } 1469 1470 /* 1471 * Try values that may have been computed by the machine-dependant 1472 * legacy code. 1473 */ 1474 if (!vfs_mountroot_try(rootdevnames[0])) 1475 return; 1476 if (!vfs_mountroot_try(rootdevnames[1])) 1477 return; 1478 1479 /* 1480 * If we have a compiled-in default, and haven't already tried it, try 1481 * it now. 1482 */ 1483 #ifdef ROOTDEVNAME 1484 if (!(boothowto & RB_DFLTROOT)) 1485 if (!vfs_mountroot_try(ROOTDEVNAME)) 1486 return; 1487 #endif 1488 1489 /* 1490 * Everything so far has failed, prompt on the console if we haven't 1491 * already tried that. 1492 */ 1493 if (!(boothowto & (RB_DFLTROOT | RB_ASKNAME)) && !vfs_mountroot_ask()) 1494 return; 1495 panic("Root mount failed, startup aborted."); 1496 } 1497 1498 /* 1499 * Mount (mountfrom) as the root filesystem. 1500 */ 1501 static int 1502 vfs_mountroot_try(char *mountfrom) 1503 { 1504 struct mount *mp; 1505 char *vfsname, *path; 1506 const char *devname; 1507 int error; 1508 char patt[32]; 1509 int s; 1510 1511 vfsname = NULL; 1512 path = NULL; 1513 mp = NULL; 1514 error = EINVAL; 1515 1516 if (mountfrom == NULL) 1517 return(error); /* don't complain */ 1518 1519 s = splcam(); /* Overkill, but annoying without it */ 1520 printf("Mounting root from %s\n", mountfrom); 1521 splx(s); 1522 1523 /* parse vfs name and path */ 1524 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1525 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1526 vfsname[0] = path[0] = 0; 1527 sprintf(patt, "%%%d[a-z0-9]:%%%zds", MFSNAMELEN, MNAMELEN); 1528 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1529 goto done; 1530 1531 /* allocate a root mount */ 1532 error = vfs_rootmountalloc(vfsname, path[0] != 0 ? path : ROOTNAME, 1533 &mp); 1534 if (error != 0) { 1535 printf("Can't allocate root mount for filesystem '%s': %d\n", 1536 vfsname, error); 1537 goto done; 1538 } 1539 mp->mnt_flag |= MNT_ROOTFS; 1540 1541 /* do our best to set rootdev */ 1542 if ((path[0] != 0) && setrootbyname(path)) 1543 printf("setrootbyname failed\n"); 1544 1545 /* If the root device is a type "memory disk", mount RW */ 1546 if (rootdev != NODEV && devsw(rootdev) != NULL) { 1547 devname = devtoname(rootdev); 1548 if (devname[0] == 'm' && devname[1] == 'd') 1549 mp->mnt_flag &= ~MNT_RDONLY; 1550 } 1551 1552 /* 1553 * Set the mount path to be something useful, because the 1554 * filesystem code isn't responsible now for initialising 1555 * f_mntonname unless they want to override the default 1556 * (which is `path'.) 1557 */ 1558 strlcpy(mp->mnt_stat.f_mntonname, "/", MNAMELEN); 1559 1560 error = VFS_MOUNT(mp, NULL, NULL, NULL, curthread); 1561 1562 done: 1563 if (vfsname != NULL) 1564 free(vfsname, M_MOUNT); 1565 if (path != NULL) 1566 free(path, M_MOUNT); 1567 if (error != 0) { 1568 if (mp != NULL) { 1569 vfs_unbusy(mp, curthread); 1570 #ifdef MAC 1571 mac_destroy_mount(mp); 1572 #endif 1573 free(mp, M_MOUNT); 1574 } 1575 printf("Root mount failed: %d\n", error); 1576 } else { 1577 1578 /* register with list of mounted filesystems */ 1579 mtx_lock(&mountlist_mtx); 1580 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1581 mtx_unlock(&mountlist_mtx); 1582 1583 /* sanity check system clock against root fs timestamp */ 1584 inittodr(mp->mnt_time); 1585 vfs_unbusy(mp, curthread); 1586 error = VFS_START(mp, 0, curthread); 1587 } 1588 return(error); 1589 } 1590 1591 /* 1592 * Spin prompting on the console for a suitable root filesystem 1593 */ 1594 static int 1595 vfs_mountroot_ask(void) 1596 { 1597 char name[128]; 1598 int i; 1599 dev_t dev; 1600 1601 for(;;) { 1602 printf("\nManual root filesystem specification:\n"); 1603 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1604 #if defined(__i386__) || defined(__ia64__) 1605 printf(" eg. ufs:da0s1a\n"); 1606 #else 1607 printf(" eg. ufs:da0a\n"); 1608 #endif 1609 printf(" ? List valid disk boot devices\n"); 1610 printf(" <empty line> Abort manual input\n"); 1611 printf("\nmountroot> "); 1612 gets(name); 1613 if (name[0] == 0) 1614 return(1); 1615 if (name[0] == '?') { 1616 if (!g_dev_print()) { 1617 printf("Possibly valid devices for 'ufs' root:\n"); 1618 for (i = 0; i < NUMCDEVSW; i++) { 1619 dev = makedev(i, 0); 1620 if (devsw(dev) != NULL) 1621 printf(" \"%s\"", devsw(dev)->d_name); 1622 } 1623 } 1624 printf("\n"); 1625 continue; 1626 } 1627 if (!vfs_mountroot_try(name)) 1628 return(0); 1629 } 1630 } 1631 1632 /* 1633 * Local helper function for vfs_mountroot_ask. 1634 */ 1635 static void 1636 gets(char *cp) 1637 { 1638 char *lp; 1639 int c; 1640 1641 lp = cp; 1642 for (;;) { 1643 printf("%c", c = cngetc() & 0177); 1644 switch (c) { 1645 case -1: 1646 case '\n': 1647 case '\r': 1648 *lp++ = '\0'; 1649 return; 1650 case '\b': 1651 case '\177': 1652 if (lp > cp) { 1653 printf(" \b"); 1654 lp--; 1655 } 1656 continue; 1657 case '#': 1658 lp--; 1659 if (lp < cp) 1660 lp = cp; 1661 continue; 1662 case '@': 1663 case 'u' & 037: 1664 lp = cp; 1665 printf("%c", '\n'); 1666 continue; 1667 default: 1668 *lp++ = c; 1669 } 1670 } 1671 } 1672 1673 /* 1674 * Convert a given name to the dev_t of the disk-like device 1675 * it refers to. 1676 */ 1677 dev_t 1678 getdiskbyname(char *name) { 1679 char *cp; 1680 dev_t dev; 1681 1682 cp = name; 1683 if (!bcmp(cp, "/dev/", 5)) 1684 cp += 5; 1685 1686 dev = NODEV; 1687 EVENTHANDLER_INVOKE(dev_clone, cp, strlen(cp), &dev); 1688 return (dev); 1689 } 1690 1691 /* 1692 * Set rootdev to match (name), given that we expect it to 1693 * refer to a disk-like device. 1694 */ 1695 static int 1696 setrootbyname(char *name) 1697 { 1698 dev_t diskdev; 1699 1700 diskdev = getdiskbyname(name); 1701 if (diskdev != NODEV) { 1702 rootdev = diskdev; 1703 return (0); 1704 } 1705 1706 return (1); 1707 } 1708 1709 /* Show the dev_t for a disk specified by name */ 1710 #ifdef DDB 1711 DB_SHOW_COMMAND(disk, db_getdiskbyname) 1712 { 1713 dev_t dev; 1714 1715 if (modif[0] == '\0') { 1716 db_error("usage: show disk/devicename"); 1717 return; 1718 } 1719 dev = getdiskbyname(modif); 1720 if (dev != NODEV) 1721 db_printf("dev_t = %p\n", dev); 1722 else 1723 db_printf("No disk device matched.\n"); 1724 } 1725 #endif 1726 1727 /* 1728 * Get a mount option by its name. 1729 * 1730 * Return 0 if the option was found, ENOENT otherwise. 1731 * If len is non-NULL it will be filled with the length 1732 * of the option. If buf is non-NULL, it will be filled 1733 * with the address of the option. 1734 */ 1735 int 1736 vfs_getopt(opts, name, buf, len) 1737 struct vfsoptlist *opts; 1738 const char *name; 1739 void **buf; 1740 int *len; 1741 { 1742 struct vfsopt *opt; 1743 1744 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1745 1746 TAILQ_FOREACH(opt, opts, link) { 1747 if (strcmp(name, opt->name) == 0) { 1748 if (len != NULL) 1749 *len = opt->len; 1750 if (buf != NULL) 1751 *buf = opt->value; 1752 return (0); 1753 } 1754 } 1755 return (ENOENT); 1756 } 1757 1758 /* 1759 * Find and copy a mount option. 1760 * 1761 * The size of the buffer has to be specified 1762 * in len, if it is not the same length as the 1763 * mount option, EINVAL is returned. 1764 * Returns ENOENT if the option is not found. 1765 */ 1766 int 1767 vfs_copyopt(opts, name, dest, len) 1768 struct vfsoptlist *opts; 1769 const char *name; 1770 void *dest; 1771 int len; 1772 { 1773 struct vfsopt *opt; 1774 1775 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL")); 1776 1777 TAILQ_FOREACH(opt, opts, link) { 1778 if (strcmp(name, opt->name) == 0) { 1779 if (len != opt->len) 1780 return (EINVAL); 1781 bcopy(opt->value, dest, opt->len); 1782 return (0); 1783 } 1784 } 1785 return (ENOENT); 1786 } 1787