1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * Copyright (c) 1999 Michael Smith 39 * All rights reserved. 40 * Copyright (c) 1999 Poul-Henning Kamp 41 * All rights reserved. 42 * 43 * Redistribution and use in source and binary forms, with or without 44 * modification, are permitted provided that the following conditions 45 * are met: 46 * 1. Redistributions of source code must retain the above copyright 47 * notice, this list of conditions and the following disclaimer. 48 * 2. Redistributions in binary form must reproduce the above copyright 49 * notice, this list of conditions and the following disclaimer in the 50 * documentation and/or other materials provided with the distribution. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 */ 64 65 #include <sys/cdefs.h> 66 __FBSDID("$FreeBSD$"); 67 68 #include <sys/param.h> 69 #include <sys/conf.h> 70 #include <sys/cons.h> 71 #include <sys/kernel.h> 72 #include <sys/linker.h> 73 #include <sys/mac.h> 74 #include <sys/malloc.h> 75 #include <sys/mount.h> 76 #include <sys/mutex.h> 77 #include <sys/namei.h> 78 #include <sys/proc.h> 79 #include <sys/filedesc.h> 80 #include <sys/reboot.h> 81 #include <sys/sysproto.h> 82 #include <sys/sx.h> 83 #include <sys/sysctl.h> 84 #include <sys/sysent.h> 85 #include <sys/systm.h> 86 #include <sys/vnode.h> 87 88 #include <geom/geom.h> 89 90 #include <machine/stdarg.h> 91 92 #include "opt_rootdevname.h" 93 #include "opt_ddb.h" 94 #include "opt_mac.h" 95 96 #ifdef DDB 97 #include <ddb/ddb.h> 98 #endif 99 100 #define ROOTNAME "root_device" 101 102 static void checkdirs(struct vnode *olddp, struct vnode *newdp); 103 static int vfs_nmount(struct thread *td, int, struct uio *); 104 static int vfs_mountroot_try(char *mountfrom); 105 static int vfs_mountroot_ask(void); 106 static void gets(char *cp); 107 108 static int usermount = 0; /* if 1, non-root can mount fs. */ 109 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, ""); 110 111 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 112 113 /* List of mounted filesystems. */ 114 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 115 116 /* For any iteration/modification of mountlist */ 117 struct mtx mountlist_mtx; 118 119 /* For any iteration/modification of mnt_vnodelist */ 120 struct mtx mntvnode_mtx; 121 122 /* 123 * The vnode of the system's root (/ in the filesystem, without chroot 124 * active.) 125 */ 126 struct vnode *rootvnode; 127 128 /* 129 * The root filesystem is detailed in the kernel environment variable 130 * vfs.root.mountfrom, which is expected to be in the general format 131 * 132 * <vfsname>:[<path>] 133 * vfsname := the name of a VFS known to the kernel and capable 134 * of being mounted as root 135 * path := disk device name or other data used by the filesystem 136 * to locate its physical store 137 */ 138 139 /* 140 * The root specifiers we will try if RB_CDROM is specified. 141 */ 142 static char *cdrom_rootdevnames[] = { 143 "cd9660:cd0a", 144 "cd9660:acd0a", 145 "cd9660:wcd0a", 146 NULL 147 }; 148 149 /* legacy find-root code */ 150 char *rootdevnames[2] = {NULL, NULL}; 151 static int setrootbyname(char *name); 152 dev_t rootdev = NODEV; 153 154 /* 155 * Has to be dynamic as the value of rootdev can change; however, it can't 156 * change after the root is mounted, so a user process can't access this 157 * sysctl until after the value is unchangeable. 158 */ 159 static int 160 sysctl_rootdev(SYSCTL_HANDLER_ARGS) 161 { 162 int error; 163 164 /* _RD prevents this from happening. */ 165 KASSERT(req->newptr == NULL, ("Attempt to change root device name")); 166 167 if (rootdev != NODEV) 168 error = sysctl_handle_string(oidp, rootdev->si_name, 0, req); 169 else 170 error = sysctl_handle_string(oidp, "", 0, req); 171 172 return (error); 173 } 174 175 SYSCTL_PROC(_kern, OID_AUTO, rootdev, CTLTYPE_STRING | CTLFLAG_RD, 176 0, 0, sysctl_rootdev, "A", "Root file system device"); 177 178 /* Remove one mount option. */ 179 static void 180 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 181 { 182 183 TAILQ_REMOVE(opts, opt, link); 184 free(opt->name, M_MOUNT); 185 if (opt->value != NULL) 186 free(opt->value, M_MOUNT); 187 #ifdef INVARIANTS 188 else if (opt->len != 0) 189 panic("%s: mount option with NULL value but length != 0", 190 __func__); 191 #endif 192 free(opt, M_MOUNT); 193 } 194 195 /* Release all resources related to the mount options. */ 196 static void 197 vfs_freeopts(struct vfsoptlist *opts) 198 { 199 struct vfsopt *opt; 200 201 while (!TAILQ_EMPTY(opts)) { 202 opt = TAILQ_FIRST(opts); 203 vfs_freeopt(opts, opt); 204 } 205 free(opts, M_MOUNT); 206 } 207 208 /* 209 * If a mount option is specified several times, 210 * (with or without the "no" prefix) only keep 211 * the last occurence of it. 212 */ 213 static void 214 vfs_sanitizeopts(struct vfsoptlist *opts) 215 { 216 struct vfsopt *opt, *opt2, *tmp; 217 int noopt; 218 219 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 220 if (strncmp(opt->name, "no", 2) == 0) 221 noopt = 1; 222 else 223 noopt = 0; 224 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 225 while (opt2 != NULL) { 226 if (strcmp(opt2->name, opt->name) == 0 || 227 (noopt && strcmp(opt->name + 2, opt2->name) == 0) || 228 (!noopt && strncmp(opt2->name, "no", 2) == 0 && 229 strcmp(opt2->name + 2, opt->name) == 0)) { 230 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 231 vfs_freeopt(opts, opt2); 232 opt2 = tmp; 233 } else { 234 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 235 } 236 } 237 } 238 } 239 240 /* 241 * Build a linked list of mount options from a struct uio. 242 */ 243 static int 244 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 245 { 246 struct vfsoptlist *opts; 247 struct vfsopt *opt; 248 unsigned int i, iovcnt; 249 int error, namelen, optlen; 250 251 iovcnt = auio->uio_iovcnt; 252 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 253 TAILQ_INIT(opts); 254 for (i = 0; i < iovcnt; i += 2) { 255 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 256 namelen = auio->uio_iov[i].iov_len; 257 optlen = auio->uio_iov[i + 1].iov_len; 258 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 259 opt->value = NULL; 260 if (auio->uio_segflg == UIO_SYSSPACE) { 261 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 262 } else { 263 error = copyin(auio->uio_iov[i].iov_base, opt->name, 264 namelen); 265 if (error) 266 goto bad; 267 } 268 opt->len = optlen; 269 if (optlen != 0) { 270 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 271 if (auio->uio_segflg == UIO_SYSSPACE) { 272 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 273 optlen); 274 } else { 275 error = copyin(auio->uio_iov[i + 1].iov_base, 276 opt->value, optlen); 277 if (error) 278 goto bad; 279 } 280 } 281 TAILQ_INSERT_TAIL(opts, opt, link); 282 } 283 vfs_sanitizeopts(opts); 284 *options = opts; 285 return (0); 286 bad: 287 vfs_freeopts(opts); 288 return (error); 289 } 290 291 /* 292 * Merge the old mount options with the new ones passed 293 * in the MNT_UPDATE case. 294 */ 295 static void 296 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 297 { 298 struct vfsopt *opt, *opt2, *new; 299 300 TAILQ_FOREACH(opt, opts, link) { 301 /* 302 * Check that this option hasn't been redefined 303 * nor cancelled with a "no" mount option. 304 */ 305 opt2 = TAILQ_FIRST(toopts); 306 while (opt2 != NULL) { 307 if (strcmp(opt2->name, opt->name) == 0) 308 goto next; 309 if (strncmp(opt2->name, "no", 2) == 0 && 310 strcmp(opt2->name + 2, opt->name) == 0) { 311 vfs_freeopt(toopts, opt2); 312 goto next; 313 } 314 opt2 = TAILQ_NEXT(opt2, link); 315 } 316 /* We want this option, duplicate it. */ 317 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 318 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 319 strcpy(new->name, opt->name); 320 if (opt->len != 0) { 321 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 322 bcopy(opt->value, new->value, opt->len); 323 } else { 324 new->value = NULL; 325 } 326 new->len = opt->len; 327 TAILQ_INSERT_TAIL(toopts, new, link); 328 next: 329 continue; 330 } 331 } 332 333 /* 334 * New mount API. 335 */ 336 int 337 nmount(td, uap) 338 struct thread *td; 339 struct nmount_args /* { 340 struct iovec *iovp; 341 unsigned int iovcnt; 342 int flags; 343 } */ *uap; 344 { 345 struct uio auio; 346 struct iovec *iov, *needfree; 347 struct iovec aiov[UIO_SMALLIOV]; 348 unsigned int i; 349 int error; 350 u_int iovlen, iovcnt; 351 352 iovcnt = uap->iovcnt; 353 iovlen = iovcnt * sizeof (struct iovec); 354 /* 355 * Check that we have an even number of iovec's 356 * and that we have at least two options. 357 */ 358 if ((iovcnt & 1) || (iovcnt < 4) || (iovcnt > UIO_MAXIOV)) 359 return (EINVAL); 360 361 if (iovcnt > UIO_SMALLIOV) { 362 MALLOC(iov, struct iovec *, iovlen, M_IOV, M_WAITOK); 363 needfree = iov; 364 } else { 365 iov = aiov; 366 needfree = NULL; 367 } 368 auio.uio_iov = iov; 369 auio.uio_iovcnt = iovcnt; 370 auio.uio_segflg = UIO_USERSPACE; 371 if ((error = copyin(uap->iovp, iov, iovlen))) 372 goto finish; 373 374 for (i = 0; i < iovcnt; i++) { 375 if (iov->iov_len > MMAXOPTIONLEN) { 376 error = EINVAL; 377 goto finish; 378 } 379 iov++; 380 } 381 error = vfs_nmount(td, uap->flags, &auio); 382 finish: 383 if (needfree != NULL) 384 free(needfree, M_TEMP); 385 return (error); 386 } 387 388 int 389 kernel_mount(iovp, iovcnt, flags) 390 struct iovec *iovp; 391 unsigned int iovcnt; 392 int flags; 393 { 394 struct uio auio; 395 int error; 396 397 /* 398 * Check that we have an even number of iovec's 399 * and that we have at least two options. 400 */ 401 if ((iovcnt & 1) || (iovcnt < 4)) 402 return (EINVAL); 403 404 auio.uio_iov = iovp; 405 auio.uio_iovcnt = iovcnt; 406 auio.uio_segflg = UIO_SYSSPACE; 407 408 error = vfs_nmount(curthread, flags, &auio); 409 return (error); 410 } 411 412 int 413 kernel_vmount(int flags, ...) 414 { 415 struct iovec *iovp; 416 struct uio auio; 417 va_list ap; 418 unsigned int iovcnt, iovlen, len; 419 const char *cp; 420 char *buf, *pos; 421 size_t n; 422 int error, i; 423 424 len = 0; 425 va_start(ap, flags); 426 for (iovcnt = 0; (cp = va_arg(ap, const char *)) != NULL; iovcnt++) 427 len += strlen(cp) + 1; 428 va_end(ap); 429 430 if (iovcnt < 4 || iovcnt & 1) 431 return (EINVAL); 432 433 iovlen = iovcnt * sizeof (struct iovec); 434 MALLOC(iovp, struct iovec *, iovlen, M_MOUNT, M_WAITOK); 435 MALLOC(buf, char *, len, M_MOUNT, M_WAITOK); 436 pos = buf; 437 va_start(ap, flags); 438 for (i = 0; i < iovcnt; i++) { 439 cp = va_arg(ap, const char *); 440 copystr(cp, pos, len - (pos - buf), &n); 441 iovp[i].iov_base = pos; 442 iovp[i].iov_len = n; 443 pos += n; 444 } 445 va_end(ap); 446 447 auio.uio_iov = iovp; 448 auio.uio_iovcnt = iovcnt; 449 auio.uio_segflg = UIO_SYSSPACE; 450 451 error = vfs_nmount(curthread, flags, &auio); 452 FREE(iovp, M_MOUNT); 453 FREE(buf, M_MOUNT); 454 return (error); 455 } 456 457 /* 458 * vfs_nmount(): actually attempt a filesystem mount. 459 */ 460 static int 461 vfs_nmount(td, fsflags, fsoptions) 462 struct thread *td; 463 int fsflags; /* Flags common to all filesystems. */ 464 struct uio *fsoptions; /* Options local to the filesystem. */ 465 { 466 linker_file_t lf; 467 struct vnode *vp; 468 struct mount *mp; 469 struct vfsconf *vfsp; 470 struct vfsoptlist *optlist; 471 char *fstype, *fspath; 472 int error, flag = 0, kern_flag = 0; 473 int fstypelen, fspathlen; 474 struct vattr va; 475 struct nameidata nd; 476 477 error = vfs_buildopts(fsoptions, &optlist); 478 if (error) 479 return (error); 480 481 /* 482 * We need these two options before the others, 483 * and they are mandatory for any filesystem. 484 * Ensure they are NUL terminated as well. 485 */ 486 fstypelen = 0; 487 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 488 if (error || fstype[fstypelen - 1] != '\0') { 489 error = EINVAL; 490 goto bad; 491 } 492 fspathlen = 0; 493 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 494 if (error || fspath[fspathlen - 1] != '\0') { 495 error = EINVAL; 496 goto bad; 497 } 498 499 /* 500 * Be ultra-paranoid about making sure the type and fspath 501 * variables will fit in our mp buffers, including the 502 * terminating NUL. 503 */ 504 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 505 error = ENAMETOOLONG; 506 goto bad; 507 } 508 509 if (usermount == 0) { 510 error = suser(td); 511 if (error) 512 goto bad; 513 } 514 /* 515 * Do not allow NFS export by non-root users. 516 */ 517 if (fsflags & MNT_EXPORTED) { 518 error = suser(td); 519 if (error) 520 goto bad; 521 } 522 /* 523 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 524 */ 525 if (suser(td)) 526 fsflags |= MNT_NOSUID | MNT_NODEV; 527 /* 528 * Get vnode to be covered 529 */ 530 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 531 if ((error = namei(&nd)) != 0) 532 goto bad; 533 NDFREE(&nd, NDF_ONLY_PNBUF); 534 vp = nd.ni_vp; 535 if (fsflags & MNT_UPDATE) { 536 if ((vp->v_vflag & VV_ROOT) == 0) { 537 vput(vp); 538 error = EINVAL; 539 goto bad; 540 } 541 mp = vp->v_mount; 542 flag = mp->mnt_flag; 543 kern_flag = mp->mnt_kern_flag; 544 /* 545 * We only allow the filesystem to be reloaded if it 546 * is currently mounted read-only. 547 */ 548 if ((fsflags & MNT_RELOAD) && 549 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 550 vput(vp); 551 error = EOPNOTSUPP; /* Needs translation */ 552 goto bad; 553 } 554 /* 555 * Only root, or the user that did the original mount is 556 * permitted to update it. 557 */ 558 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 559 error = suser(td); 560 if (error) { 561 vput(vp); 562 goto bad; 563 } 564 } 565 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 566 vput(vp); 567 error = EBUSY; 568 goto bad; 569 } 570 VI_LOCK(vp); 571 if ((vp->v_iflag & VI_MOUNT) != 0 || 572 vp->v_mountedhere != NULL) { 573 VI_UNLOCK(vp); 574 vfs_unbusy(mp, td); 575 vput(vp); 576 error = EBUSY; 577 goto bad; 578 } 579 vp->v_iflag |= VI_MOUNT; 580 VI_UNLOCK(vp); 581 mp->mnt_flag |= fsflags & 582 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 583 VOP_UNLOCK(vp, 0, td); 584 mp->mnt_optnew = optlist; 585 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 586 goto update; 587 } 588 /* 589 * If the user is not root, ensure that they own the directory 590 * onto which we are attempting to mount. 591 */ 592 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 593 if (error) { 594 vput(vp); 595 goto bad; 596 } 597 if (va.va_uid != td->td_ucred->cr_uid) { 598 error = suser(td); 599 if (error) { 600 vput(vp); 601 goto bad; 602 } 603 } 604 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 605 vput(vp); 606 goto bad; 607 } 608 if (vp->v_type != VDIR) { 609 vput(vp); 610 error = ENOTDIR; 611 goto bad; 612 } 613 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 614 if (!strcmp(vfsp->vfc_name, fstype)) 615 break; 616 if (vfsp == NULL) { 617 /* Only load modules for root (very important!). */ 618 error = suser(td); 619 if (error) { 620 vput(vp); 621 goto bad; 622 } 623 error = securelevel_gt(td->td_ucred, 0); 624 if (error) { 625 vput(vp); 626 goto bad; 627 } 628 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 629 if (error || lf == NULL) { 630 vput(vp); 631 if (lf == NULL) 632 error = ENODEV; 633 goto bad; 634 } 635 lf->userrefs++; 636 /* Look up again to see if the VFS was loaded. */ 637 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 638 if (!strcmp(vfsp->vfc_name, fstype)) 639 break; 640 if (vfsp == NULL) { 641 lf->userrefs--; 642 linker_file_unload(lf); 643 vput(vp); 644 error = ENODEV; 645 goto bad; 646 } 647 } 648 VI_LOCK(vp); 649 if ((vp->v_iflag & VI_MOUNT) != 0 || 650 vp->v_mountedhere != NULL) { 651 VI_UNLOCK(vp); 652 vput(vp); 653 error = EBUSY; 654 goto bad; 655 } 656 vp->v_iflag |= VI_MOUNT; 657 VI_UNLOCK(vp); 658 659 /* 660 * Allocate and initialize the filesystem. 661 */ 662 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 663 TAILQ_INIT(&mp->mnt_nvnodelist); 664 TAILQ_INIT(&mp->mnt_reservedvnlist); 665 mp->mnt_nvnodelistsize = 0; 666 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 667 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 668 mp->mnt_op = vfsp->vfc_vfsops; 669 mp->mnt_vfc = vfsp; 670 vfsp->vfc_refcount++; 671 mp->mnt_stat.f_type = vfsp->vfc_typenum; 672 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 673 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 674 mp->mnt_vnodecovered = vp; 675 mp->mnt_cred = crdup(td->td_ucred); 676 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 677 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 678 mp->mnt_iosize_max = DFLTPHYS; 679 #ifdef MAC 680 mac_init_mount(mp); 681 mac_create_mount(td->td_ucred, mp); 682 #endif 683 VOP_UNLOCK(vp, 0, td); 684 mp->mnt_optnew = optlist; /* XXXMAC: should this be above? */ 685 686 update: 687 /* 688 * Check if the fs implements the new VFS_NMOUNT() 689 * function, since the new system call was used. 690 */ 691 if (mp->mnt_op->vfs_mount != NULL) { 692 printf("%s doesn't support the new mount syscall\n", 693 mp->mnt_vfc->vfc_name); 694 VI_LOCK(vp); 695 vp->v_iflag &= ~VI_MOUNT; 696 VI_UNLOCK(vp); 697 if (mp->mnt_flag & MNT_UPDATE) 698 vfs_unbusy(mp, td); 699 else { 700 mp->mnt_vfc->vfc_refcount--; 701 vfs_unbusy(mp, td); 702 #ifdef MAC 703 mac_destroy_mount(mp); 704 #endif 705 crfree(mp->mnt_cred); 706 free(mp, M_MOUNT); 707 } 708 vrele(vp); 709 error = EOPNOTSUPP; 710 goto bad; 711 } 712 713 /* 714 * Set the mount level flags. 715 */ 716 if (fsflags & MNT_RDONLY) 717 mp->mnt_flag |= MNT_RDONLY; 718 else if (mp->mnt_flag & MNT_RDONLY) 719 mp->mnt_kern_flag |= MNTK_WANTRDWR; 720 mp->mnt_flag &=~ MNT_UPDATEMASK; 721 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 722 /* 723 * Mount the filesystem. 724 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 725 * get. No freeing of cn_pnbuf. 726 */ 727 error = VFS_NMOUNT(mp, &nd, td); 728 if (!error) { 729 if (mp->mnt_opt != NULL) 730 vfs_freeopts(mp->mnt_opt); 731 mp->mnt_opt = mp->mnt_optnew; 732 } 733 /* 734 * Prevent external consumers of mount 735 * options to read mnt_optnew. 736 */ 737 mp->mnt_optnew = NULL; 738 if (mp->mnt_flag & MNT_UPDATE) { 739 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 740 mp->mnt_flag &= ~MNT_RDONLY; 741 mp->mnt_flag &=~ 742 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 743 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 744 if (error) { 745 mp->mnt_flag = flag; 746 mp->mnt_kern_flag = kern_flag; 747 } 748 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 749 if (mp->mnt_syncer == NULL) 750 error = vfs_allocate_syncvnode(mp); 751 } else { 752 if (mp->mnt_syncer != NULL) 753 vrele(mp->mnt_syncer); 754 mp->mnt_syncer = NULL; 755 } 756 vfs_unbusy(mp, td); 757 VI_LOCK(vp); 758 vp->v_iflag &= ~VI_MOUNT; 759 VI_UNLOCK(vp); 760 vrele(vp); 761 return (error); 762 } 763 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 764 /* 765 * Put the new filesystem on the mount list after root. 766 */ 767 cache_purge(vp); 768 if (!error) { 769 struct vnode *newdp; 770 771 VI_LOCK(vp); 772 vp->v_iflag &= ~VI_MOUNT; 773 VI_UNLOCK(vp); 774 vp->v_mountedhere = mp; 775 mtx_lock(&mountlist_mtx); 776 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 777 mtx_unlock(&mountlist_mtx); 778 if (VFS_ROOT(mp, &newdp)) 779 panic("mount: lost mount"); 780 checkdirs(vp, newdp); 781 vput(newdp); 782 VOP_UNLOCK(vp, 0, td); 783 if ((mp->mnt_flag & MNT_RDONLY) == 0) 784 error = vfs_allocate_syncvnode(mp); 785 vfs_unbusy(mp, td); 786 if ((error = VFS_START(mp, 0, td)) != 0) { 787 vrele(vp); 788 goto bad; 789 } 790 } else { 791 VI_LOCK(vp); 792 vp->v_iflag &= ~VI_MOUNT; 793 VI_UNLOCK(vp); 794 mp->mnt_vfc->vfc_refcount--; 795 vfs_unbusy(mp, td); 796 #ifdef MAC 797 mac_destroy_mount(mp); 798 #endif 799 crfree(mp->mnt_cred); 800 free(mp, M_MOUNT); 801 vput(vp); 802 goto bad; 803 } 804 return (0); 805 bad: 806 vfs_freeopts(optlist); 807 return (error); 808 } 809 810 /* 811 * Old mount API. 812 */ 813 #ifndef _SYS_SYSPROTO_H_ 814 struct mount_args { 815 char *type; 816 char *path; 817 int flags; 818 caddr_t data; 819 }; 820 #endif 821 /* ARGSUSED */ 822 int 823 mount(td, uap) 824 struct thread *td; 825 struct mount_args /* { 826 char *type; 827 char *path; 828 int flags; 829 caddr_t data; 830 } */ *uap; 831 { 832 char *fstype; 833 char *fspath; 834 int error; 835 836 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 837 fspath = malloc(MNAMELEN, M_TEMP, M_WAITOK); 838 839 /* 840 * vfs_mount() actually takes a kernel string for `type' and 841 * `path' now, so extract them. 842 */ 843 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL); 844 if (error == 0) 845 error = copyinstr(uap->path, fspath, MNAMELEN, NULL); 846 if (error == 0) 847 error = vfs_mount(td, fstype, fspath, uap->flags, uap->data); 848 free(fstype, M_TEMP); 849 free(fspath, M_TEMP); 850 return (error); 851 } 852 853 /* 854 * vfs_mount(): actually attempt a filesystem mount. 855 * 856 * This routine is designed to be a "generic" entry point for routines 857 * that wish to mount a filesystem. All parameters except `fsdata' are 858 * pointers into kernel space. `fsdata' is currently still a pointer 859 * into userspace. 860 */ 861 int 862 vfs_mount(td, fstype, fspath, fsflags, fsdata) 863 struct thread *td; 864 const char *fstype; 865 char *fspath; 866 int fsflags; 867 void *fsdata; 868 { 869 linker_file_t lf; 870 struct vnode *vp; 871 struct mount *mp; 872 struct vfsconf *vfsp; 873 int error, flag = 0, kern_flag = 0; 874 struct vattr va; 875 struct nameidata nd; 876 877 /* 878 * Be ultra-paranoid about making sure the type and fspath 879 * variables will fit in our mp buffers, including the 880 * terminating NUL. 881 */ 882 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 883 return (ENAMETOOLONG); 884 885 if (usermount == 0) { 886 error = suser(td); 887 if (error) 888 return (error); 889 } 890 /* 891 * Do not allow NFS export by non-root users. 892 */ 893 if (fsflags & MNT_EXPORTED) { 894 error = suser(td); 895 if (error) 896 return (error); 897 } 898 /* 899 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 900 */ 901 if (suser(td)) 902 fsflags |= MNT_NOSUID | MNT_NODEV; 903 /* 904 * Get vnode to be covered 905 */ 906 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 907 if ((error = namei(&nd)) != 0) 908 return (error); 909 NDFREE(&nd, NDF_ONLY_PNBUF); 910 vp = nd.ni_vp; 911 if (fsflags & MNT_UPDATE) { 912 if ((vp->v_vflag & VV_ROOT) == 0) { 913 vput(vp); 914 return (EINVAL); 915 } 916 mp = vp->v_mount; 917 flag = mp->mnt_flag; 918 kern_flag = mp->mnt_kern_flag; 919 /* 920 * We only allow the filesystem to be reloaded if it 921 * is currently mounted read-only. 922 */ 923 if ((fsflags & MNT_RELOAD) && 924 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 925 vput(vp); 926 return (EOPNOTSUPP); /* Needs translation */ 927 } 928 /* 929 * Only root, or the user that did the original mount is 930 * permitted to update it. 931 */ 932 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 933 error = suser(td); 934 if (error) { 935 vput(vp); 936 return (error); 937 } 938 } 939 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 940 vput(vp); 941 return (EBUSY); 942 } 943 VI_LOCK(vp); 944 if ((vp->v_iflag & VI_MOUNT) != 0 || 945 vp->v_mountedhere != NULL) { 946 VI_UNLOCK(vp); 947 vfs_unbusy(mp, td); 948 vput(vp); 949 return (EBUSY); 950 } 951 vp->v_iflag |= VI_MOUNT; 952 VI_UNLOCK(vp); 953 mp->mnt_flag |= fsflags & 954 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 955 VOP_UNLOCK(vp, 0, td); 956 goto update; 957 } 958 /* 959 * If the user is not root, ensure that they own the directory 960 * onto which we are attempting to mount. 961 */ 962 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 963 if (error) { 964 vput(vp); 965 return (error); 966 } 967 if (va.va_uid != td->td_ucred->cr_uid) { 968 error = suser(td); 969 if (error) { 970 vput(vp); 971 return (error); 972 } 973 } 974 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 975 vput(vp); 976 return (error); 977 } 978 if (vp->v_type != VDIR) { 979 vput(vp); 980 return (ENOTDIR); 981 } 982 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 983 if (!strcmp(vfsp->vfc_name, fstype)) 984 break; 985 if (vfsp == NULL) { 986 /* Only load modules for root (very important!). */ 987 error = suser(td); 988 if (error) { 989 vput(vp); 990 return (error); 991 } 992 error = securelevel_gt(td->td_ucred, 0); 993 if (error) { 994 vput(vp); 995 return (error); 996 } 997 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 998 if (error || lf == NULL) { 999 vput(vp); 1000 if (lf == NULL) 1001 error = ENODEV; 1002 return (error); 1003 } 1004 lf->userrefs++; 1005 /* Look up again to see if the VFS was loaded. */ 1006 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1007 if (!strcmp(vfsp->vfc_name, fstype)) 1008 break; 1009 if (vfsp == NULL) { 1010 lf->userrefs--; 1011 linker_file_unload(lf); 1012 vput(vp); 1013 return (ENODEV); 1014 } 1015 } 1016 VI_LOCK(vp); 1017 if ((vp->v_iflag & VI_MOUNT) != 0 || 1018 vp->v_mountedhere != NULL) { 1019 VI_UNLOCK(vp); 1020 vput(vp); 1021 return (EBUSY); 1022 } 1023 vp->v_iflag |= VI_MOUNT; 1024 VI_UNLOCK(vp); 1025 1026 /* 1027 * Allocate and initialize the filesystem. 1028 */ 1029 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1030 TAILQ_INIT(&mp->mnt_nvnodelist); 1031 TAILQ_INIT(&mp->mnt_reservedvnlist); 1032 mp->mnt_nvnodelistsize = 0; 1033 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1034 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1035 mp->mnt_op = vfsp->vfc_vfsops; 1036 mp->mnt_vfc = vfsp; 1037 vfsp->vfc_refcount++; 1038 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1039 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1040 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 1041 mp->mnt_vnodecovered = vp; 1042 mp->mnt_cred = crdup(td->td_ucred); 1043 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 1044 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 1045 mp->mnt_iosize_max = DFLTPHYS; 1046 #ifdef MAC 1047 mac_init_mount(mp); 1048 mac_create_mount(td->td_ucred, mp); 1049 #endif 1050 VOP_UNLOCK(vp, 0, td); 1051 update: 1052 /* 1053 * Check if the fs implements the old VFS_MOUNT() 1054 * function, since the old system call was used. 1055 */ 1056 if (mp->mnt_op->vfs_mount == NULL) { 1057 printf("%s doesn't support the old mount syscall\n", 1058 mp->mnt_vfc->vfc_name); 1059 VI_LOCK(vp); 1060 vp->v_iflag &= ~VI_MOUNT; 1061 VI_UNLOCK(vp); 1062 if (mp->mnt_flag & MNT_UPDATE) 1063 vfs_unbusy(mp, td); 1064 else { 1065 mp->mnt_vfc->vfc_refcount--; 1066 vfs_unbusy(mp, td); 1067 #ifdef MAC 1068 mac_destroy_mount(mp); 1069 #endif 1070 crfree(mp->mnt_cred); 1071 free(mp, M_MOUNT); 1072 } 1073 vrele(vp); 1074 return (EOPNOTSUPP); 1075 } 1076 1077 /* 1078 * Set the mount level flags. 1079 */ 1080 if (fsflags & MNT_RDONLY) 1081 mp->mnt_flag |= MNT_RDONLY; 1082 else if (mp->mnt_flag & MNT_RDONLY) 1083 mp->mnt_kern_flag |= MNTK_WANTRDWR; 1084 mp->mnt_flag &=~ MNT_UPDATEMASK; 1085 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 1086 /* 1087 * Mount the filesystem. 1088 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 1089 * get. No freeing of cn_pnbuf. 1090 */ 1091 error = VFS_MOUNT(mp, fspath, fsdata, &nd, td); 1092 if (mp->mnt_flag & MNT_UPDATE) { 1093 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 1094 mp->mnt_flag &= ~MNT_RDONLY; 1095 mp->mnt_flag &=~ 1096 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 1097 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 1098 if (error) { 1099 mp->mnt_flag = flag; 1100 mp->mnt_kern_flag = kern_flag; 1101 } 1102 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 1103 if (mp->mnt_syncer == NULL) 1104 error = vfs_allocate_syncvnode(mp); 1105 } else { 1106 if (mp->mnt_syncer != NULL) 1107 vrele(mp->mnt_syncer); 1108 mp->mnt_syncer = NULL; 1109 } 1110 vfs_unbusy(mp, td); 1111 VI_LOCK(vp); 1112 vp->v_iflag &= ~VI_MOUNT; 1113 VI_UNLOCK(vp); 1114 vrele(vp); 1115 return (error); 1116 } 1117 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 1118 /* 1119 * Put the new filesystem on the mount list after root. 1120 */ 1121 cache_purge(vp); 1122 if (!error) { 1123 struct vnode *newdp; 1124 1125 VI_LOCK(vp); 1126 vp->v_iflag &= ~VI_MOUNT; 1127 VI_UNLOCK(vp); 1128 vp->v_mountedhere = mp; 1129 mtx_lock(&mountlist_mtx); 1130 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1131 mtx_unlock(&mountlist_mtx); 1132 if (VFS_ROOT(mp, &newdp)) 1133 panic("mount: lost mount"); 1134 checkdirs(vp, newdp); 1135 vput(newdp); 1136 VOP_UNLOCK(vp, 0, td); 1137 if ((mp->mnt_flag & MNT_RDONLY) == 0) 1138 error = vfs_allocate_syncvnode(mp); 1139 vfs_unbusy(mp, td); 1140 if ((error = VFS_START(mp, 0, td)) != 0) 1141 vrele(vp); 1142 } else { 1143 VI_LOCK(vp); 1144 vp->v_iflag &= ~VI_MOUNT; 1145 VI_UNLOCK(vp); 1146 mp->mnt_vfc->vfc_refcount--; 1147 vfs_unbusy(mp, td); 1148 #ifdef MAC 1149 mac_destroy_mount(mp); 1150 #endif 1151 crfree(mp->mnt_cred); 1152 free(mp, M_MOUNT); 1153 vput(vp); 1154 } 1155 return (error); 1156 } 1157 1158 /* 1159 * Scan all active processes to see if any of them have a current 1160 * or root directory of `olddp'. If so, replace them with the new 1161 * mount point. 1162 */ 1163 static void 1164 checkdirs(olddp, newdp) 1165 struct vnode *olddp, *newdp; 1166 { 1167 struct filedesc *fdp; 1168 struct proc *p; 1169 int nrele; 1170 1171 if (vrefcnt(olddp) == 1) 1172 return; 1173 sx_slock(&allproc_lock); 1174 LIST_FOREACH(p, &allproc, p_list) { 1175 mtx_lock(&fdesc_mtx); 1176 fdp = p->p_fd; 1177 if (fdp == NULL) { 1178 mtx_unlock(&fdesc_mtx); 1179 continue; 1180 } 1181 nrele = 0; 1182 FILEDESC_LOCK(fdp); 1183 if (fdp->fd_cdir == olddp) { 1184 VREF(newdp); 1185 fdp->fd_cdir = newdp; 1186 nrele++; 1187 } 1188 if (fdp->fd_rdir == olddp) { 1189 VREF(newdp); 1190 fdp->fd_rdir = newdp; 1191 nrele++; 1192 } 1193 FILEDESC_UNLOCK(fdp); 1194 mtx_unlock(&fdesc_mtx); 1195 while (nrele--) 1196 vrele(olddp); 1197 } 1198 sx_sunlock(&allproc_lock); 1199 if (rootvnode == olddp) { 1200 vrele(rootvnode); 1201 VREF(newdp); 1202 rootvnode = newdp; 1203 } 1204 } 1205 1206 /* 1207 * Unmount a filesystem. 1208 * 1209 * Note: unmount takes a path to the vnode mounted on as argument, 1210 * not special file (as before). 1211 */ 1212 #ifndef _SYS_SYSPROTO_H_ 1213 struct unmount_args { 1214 char *path; 1215 int flags; 1216 }; 1217 #endif 1218 /* ARGSUSED */ 1219 int 1220 unmount(td, uap) 1221 struct thread *td; 1222 register struct unmount_args /* { 1223 char *path; 1224 int flags; 1225 } */ *uap; 1226 { 1227 struct mount *mp; 1228 char *pathbuf; 1229 int error, id0, id1; 1230 1231 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK); 1232 error = copyinstr(uap->path, pathbuf, MNAMELEN, NULL); 1233 if (error) { 1234 free(pathbuf, M_TEMP); 1235 return (error); 1236 } 1237 if (uap->flags & MNT_BYFSID) { 1238 /* Decode the filesystem ID. */ 1239 if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) { 1240 free(pathbuf, M_TEMP); 1241 return (EINVAL); 1242 } 1243 1244 mtx_lock(&mountlist_mtx); 1245 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) 1246 if (mp->mnt_stat.f_fsid.val[0] == id0 && 1247 mp->mnt_stat.f_fsid.val[1] == id1) 1248 break; 1249 mtx_unlock(&mountlist_mtx); 1250 } else { 1251 mtx_lock(&mountlist_mtx); 1252 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) 1253 if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0) 1254 break; 1255 mtx_unlock(&mountlist_mtx); 1256 } 1257 free(pathbuf, M_TEMP); 1258 if (mp == NULL) { 1259 /* 1260 * Previously we returned ENOENT for a nonexistent path and 1261 * EINVAL for a non-mountpoint. We cannot tell these apart 1262 * now, so in the !MNT_BYFSID case return the more likely 1263 * EINVAL for compatibility. 1264 */ 1265 return ((uap->flags & MNT_BYFSID) ? ENOENT : EINVAL); 1266 } 1267 1268 /* 1269 * Only root, or the user that did the original mount is 1270 * permitted to unmount this filesystem. 1271 */ 1272 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 1273 error = suser(td); 1274 if (error) 1275 return (error); 1276 } 1277 1278 /* 1279 * Don't allow unmounting the root filesystem. 1280 */ 1281 if (mp->mnt_flag & MNT_ROOTFS) 1282 return (EINVAL); 1283 return (dounmount(mp, uap->flags, td)); 1284 } 1285 1286 /* 1287 * Do the actual filesystem unmount. 1288 */ 1289 int 1290 dounmount(mp, flags, td) 1291 struct mount *mp; 1292 int flags; 1293 struct thread *td; 1294 { 1295 struct vnode *coveredvp, *fsrootvp; 1296 int error; 1297 int async_flag; 1298 1299 mtx_lock(&mountlist_mtx); 1300 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1301 mtx_unlock(&mountlist_mtx); 1302 return (EBUSY); 1303 } 1304 mp->mnt_kern_flag |= MNTK_UNMOUNT; 1305 /* Allow filesystems to detect that a forced unmount is in progress. */ 1306 if (flags & MNT_FORCE) 1307 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1308 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK | 1309 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), &mountlist_mtx, td); 1310 if (error) { 1311 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1312 if (mp->mnt_kern_flag & MNTK_MWAIT) 1313 wakeup(mp); 1314 return (error); 1315 } 1316 vn_start_write(NULL, &mp, V_WAIT); 1317 1318 if (mp->mnt_flag & MNT_EXPUBLIC) 1319 vfs_setpublicfs(NULL, NULL, NULL); 1320 1321 vfs_msync(mp, MNT_WAIT); 1322 async_flag = mp->mnt_flag & MNT_ASYNC; 1323 mp->mnt_flag &=~ MNT_ASYNC; 1324 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1325 if (mp->mnt_syncer != NULL) 1326 vrele(mp->mnt_syncer); 1327 /* Move process cdir/rdir refs on fs root to underlying vnode. */ 1328 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1329 if (mp->mnt_vnodecovered != NULL) 1330 checkdirs(fsrootvp, mp->mnt_vnodecovered); 1331 if (fsrootvp == rootvnode) { 1332 vrele(rootvnode); 1333 rootvnode = NULL; 1334 } 1335 vput(fsrootvp); 1336 } 1337 if (((mp->mnt_flag & MNT_RDONLY) || 1338 (error = VFS_SYNC(mp, MNT_WAIT, td->td_ucred, td)) == 0) || 1339 (flags & MNT_FORCE)) { 1340 error = VFS_UNMOUNT(mp, flags, td); 1341 } 1342 vn_finished_write(mp); 1343 if (error) { 1344 /* Undo cdir/rdir and rootvnode changes made above. */ 1345 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1346 if (mp->mnt_vnodecovered != NULL) 1347 checkdirs(mp->mnt_vnodecovered, fsrootvp); 1348 if (rootvnode == NULL) { 1349 rootvnode = fsrootvp; 1350 vref(rootvnode); 1351 } 1352 vput(fsrootvp); 1353 } 1354 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) 1355 (void) vfs_allocate_syncvnode(mp); 1356 mtx_lock(&mountlist_mtx); 1357 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1358 mp->mnt_flag |= async_flag; 1359 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, 1360 &mountlist_mtx, td); 1361 if (mp->mnt_kern_flag & MNTK_MWAIT) 1362 wakeup(mp); 1363 return (error); 1364 } 1365 crfree(mp->mnt_cred); 1366 mtx_lock(&mountlist_mtx); 1367 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1368 if ((coveredvp = mp->mnt_vnodecovered) != NULL) 1369 coveredvp->v_mountedhere = NULL; 1370 mp->mnt_vfc->vfc_refcount--; 1371 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) 1372 panic("unmount: dangling vnode"); 1373 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, &mountlist_mtx, td); 1374 lockdestroy(&mp->mnt_lock); 1375 if (coveredvp != NULL) 1376 vrele(coveredvp); 1377 if (mp->mnt_kern_flag & MNTK_MWAIT) 1378 wakeup(mp); 1379 #ifdef MAC 1380 mac_destroy_mount(mp); 1381 #endif 1382 if (mp->mnt_op->vfs_mount == NULL) 1383 vfs_freeopts(mp->mnt_opt); 1384 free(mp, M_MOUNT); 1385 return (0); 1386 } 1387 1388 /* 1389 * Lookup a filesystem type, and if found allocate and initialize 1390 * a mount structure for it. 1391 * 1392 * Devname is usually updated by mount(8) after booting. 1393 */ 1394 int 1395 vfs_rootmountalloc(fstypename, devname, mpp) 1396 char *fstypename; 1397 char *devname; 1398 struct mount **mpp; 1399 { 1400 struct thread *td = curthread; /* XXX */ 1401 struct vfsconf *vfsp; 1402 struct mount *mp; 1403 1404 if (fstypename == NULL) 1405 return (ENODEV); 1406 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1407 if (!strcmp(vfsp->vfc_name, fstypename)) 1408 break; 1409 if (vfsp == NULL) 1410 return (ENODEV); 1411 mp = malloc((u_long)sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1412 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1413 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1414 TAILQ_INIT(&mp->mnt_nvnodelist); 1415 TAILQ_INIT(&mp->mnt_reservedvnlist); 1416 mp->mnt_nvnodelistsize = 0; 1417 mp->mnt_vfc = vfsp; 1418 mp->mnt_op = vfsp->vfc_vfsops; 1419 mp->mnt_flag = MNT_RDONLY; 1420 mp->mnt_vnodecovered = NULLVP; 1421 mp->mnt_cred = crdup(td->td_ucred); 1422 vfsp->vfc_refcount++; 1423 mp->mnt_iosize_max = DFLTPHYS; 1424 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1425 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1426 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 1427 mp->mnt_stat.f_mntonname[0] = '/'; 1428 mp->mnt_stat.f_mntonname[1] = 0; 1429 strlcpy(mp->mnt_stat.f_mntfromname, devname, MNAMELEN); 1430 #ifdef MAC 1431 mac_init_mount(mp); 1432 mac_create_mount(td->td_ucred, mp); 1433 #endif 1434 *mpp = mp; 1435 return (0); 1436 } 1437 1438 /* 1439 * Find and mount the root filesystem 1440 */ 1441 void 1442 vfs_mountroot(void) 1443 { 1444 char *cp; 1445 int i, error; 1446 1447 g_waitidle(); 1448 1449 /* 1450 * The root filesystem information is compiled in, and we are 1451 * booted with instructions to use it. 1452 */ 1453 #ifdef ROOTDEVNAME 1454 if ((boothowto & RB_DFLTROOT) && 1455 !vfs_mountroot_try(ROOTDEVNAME)) 1456 return; 1457 #endif 1458 /* 1459 * We are booted with instructions to prompt for the root filesystem, 1460 * or to use the compiled-in default when it doesn't exist. 1461 */ 1462 if (boothowto & (RB_DFLTROOT | RB_ASKNAME)) { 1463 if (!vfs_mountroot_ask()) 1464 return; 1465 } 1466 1467 /* 1468 * We've been given the generic "use CDROM as root" flag. This is 1469 * necessary because one media may be used in many different 1470 * devices, so we need to search for them. 1471 */ 1472 if (boothowto & RB_CDROM) { 1473 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1474 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1475 return; 1476 } 1477 } 1478 1479 /* 1480 * Try to use the value read by the loader from /etc/fstab, or 1481 * supplied via some other means. This is the preferred 1482 * mechanism. 1483 */ 1484 if ((cp = getenv("vfs.root.mountfrom")) != NULL) { 1485 error = vfs_mountroot_try(cp); 1486 freeenv(cp); 1487 if (!error) 1488 return; 1489 } 1490 1491 /* 1492 * Try values that may have been computed by the machine-dependant 1493 * legacy code. 1494 */ 1495 if (!vfs_mountroot_try(rootdevnames[0])) 1496 return; 1497 if (!vfs_mountroot_try(rootdevnames[1])) 1498 return; 1499 1500 /* 1501 * If we have a compiled-in default, and haven't already tried it, try 1502 * it now. 1503 */ 1504 #ifdef ROOTDEVNAME 1505 if (!(boothowto & RB_DFLTROOT)) 1506 if (!vfs_mountroot_try(ROOTDEVNAME)) 1507 return; 1508 #endif 1509 1510 /* 1511 * Everything so far has failed, prompt on the console if we haven't 1512 * already tried that. 1513 */ 1514 if (!(boothowto & (RB_DFLTROOT | RB_ASKNAME)) && !vfs_mountroot_ask()) 1515 return; 1516 panic("Root mount failed, startup aborted."); 1517 } 1518 1519 /* 1520 * Mount (mountfrom) as the root filesystem. 1521 */ 1522 static int 1523 vfs_mountroot_try(char *mountfrom) 1524 { 1525 struct mount *mp; 1526 char *vfsname, *path; 1527 const char *devname; 1528 int error; 1529 char patt[32]; 1530 int s; 1531 1532 vfsname = NULL; 1533 path = NULL; 1534 mp = NULL; 1535 error = EINVAL; 1536 1537 if (mountfrom == NULL) 1538 return(error); /* don't complain */ 1539 1540 s = splcam(); /* Overkill, but annoying without it */ 1541 printf("Mounting root from %s\n", mountfrom); 1542 splx(s); 1543 1544 /* parse vfs name and path */ 1545 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1546 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1547 vfsname[0] = path[0] = 0; 1548 sprintf(patt, "%%%d[a-z0-9]:%%%zds", MFSNAMELEN, MNAMELEN); 1549 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1550 goto done; 1551 1552 /* allocate a root mount */ 1553 error = vfs_rootmountalloc(vfsname, path[0] != 0 ? path : ROOTNAME, 1554 &mp); 1555 if (error != 0) { 1556 printf("Can't allocate root mount for filesystem '%s': %d\n", 1557 vfsname, error); 1558 goto done; 1559 } 1560 mp->mnt_flag |= MNT_ROOTFS; 1561 1562 /* do our best to set rootdev */ 1563 if ((path[0] != 0) && setrootbyname(path)) 1564 printf("setrootbyname failed\n"); 1565 1566 /* If the root device is a type "memory disk", mount RW */ 1567 if (rootdev != NODEV && devsw(rootdev) != NULL) { 1568 devname = devtoname(rootdev); 1569 if (devname[0] == 'm' && devname[1] == 'd') 1570 mp->mnt_flag &= ~MNT_RDONLY; 1571 } 1572 1573 /* 1574 * Set the mount path to be something useful, because the 1575 * filesystem code isn't responsible now for initialising 1576 * f_mntonname unless they want to override the default 1577 * (which is `path'.) 1578 */ 1579 strlcpy(mp->mnt_stat.f_mntonname, "/", MNAMELEN); 1580 1581 error = VFS_MOUNT(mp, NULL, NULL, NULL, curthread); 1582 1583 done: 1584 if (vfsname != NULL) 1585 free(vfsname, M_MOUNT); 1586 if (path != NULL) 1587 free(path, M_MOUNT); 1588 if (error != 0) { 1589 if (mp != NULL) { 1590 vfs_unbusy(mp, curthread); 1591 #ifdef MAC 1592 mac_destroy_mount(mp); 1593 #endif 1594 crfree(mp->mnt_cred); 1595 free(mp, M_MOUNT); 1596 } 1597 printf("Root mount failed: %d\n", error); 1598 } else { 1599 1600 /* register with list of mounted filesystems */ 1601 mtx_lock(&mountlist_mtx); 1602 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1603 mtx_unlock(&mountlist_mtx); 1604 1605 /* sanity check system clock against root fs timestamp */ 1606 inittodr(mp->mnt_time); 1607 vfs_unbusy(mp, curthread); 1608 error = VFS_START(mp, 0, curthread); 1609 } 1610 return(error); 1611 } 1612 1613 /* 1614 * Spin prompting on the console for a suitable root filesystem 1615 */ 1616 static int 1617 vfs_mountroot_ask(void) 1618 { 1619 char name[128]; 1620 1621 for(;;) { 1622 printf("\nManual root filesystem specification:\n"); 1623 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1624 #if defined(__i386__) || defined(__ia64__) 1625 printf(" eg. ufs:da0s1a\n"); 1626 #else 1627 printf(" eg. ufs:/dev/da0a\n"); 1628 #endif 1629 printf(" ? List valid disk boot devices\n"); 1630 printf(" <empty line> Abort manual input\n"); 1631 printf("\nmountroot> "); 1632 gets(name); 1633 if (name[0] == 0) 1634 return(1); 1635 if (name[0] == '?') { 1636 printf("\nList of GEOM managed disk devices:\n "); 1637 g_dev_print(); 1638 continue; 1639 } 1640 if (!vfs_mountroot_try(name)) 1641 return(0); 1642 } 1643 } 1644 1645 /* 1646 * Local helper function for vfs_mountroot_ask. 1647 */ 1648 static void 1649 gets(char *cp) 1650 { 1651 char *lp; 1652 int c; 1653 1654 lp = cp; 1655 for (;;) { 1656 printf("%c", c = cngetc() & 0177); 1657 switch (c) { 1658 case -1: 1659 case '\n': 1660 case '\r': 1661 *lp++ = '\0'; 1662 return; 1663 case '\b': 1664 case '\177': 1665 if (lp > cp) { 1666 printf(" \b"); 1667 lp--; 1668 } 1669 continue; 1670 case '#': 1671 lp--; 1672 if (lp < cp) 1673 lp = cp; 1674 continue; 1675 case '@': 1676 case 'u' & 037: 1677 lp = cp; 1678 printf("%c", '\n'); 1679 continue; 1680 default: 1681 *lp++ = c; 1682 } 1683 } 1684 } 1685 1686 /* 1687 * Convert a given name to the dev_t of the disk-like device 1688 * it refers to. 1689 */ 1690 dev_t 1691 getdiskbyname(char *name) { 1692 char *cp; 1693 dev_t dev; 1694 1695 cp = name; 1696 if (!bcmp(cp, "/dev/", 5)) 1697 cp += 5; 1698 1699 dev = NODEV; 1700 EVENTHANDLER_INVOKE(dev_clone, cp, strlen(cp), &dev); 1701 return (dev); 1702 } 1703 1704 /* 1705 * Set rootdev to match (name), given that we expect it to 1706 * refer to a disk-like device. 1707 */ 1708 static int 1709 setrootbyname(char *name) 1710 { 1711 dev_t diskdev; 1712 1713 diskdev = getdiskbyname(name); 1714 if (diskdev != NODEV) { 1715 rootdev = diskdev; 1716 return (0); 1717 } 1718 1719 return (1); 1720 } 1721 1722 /* Show the dev_t for a disk specified by name */ 1723 #ifdef DDB 1724 DB_SHOW_COMMAND(disk, db_getdiskbyname) 1725 { 1726 dev_t dev; 1727 1728 if (modif[0] == '\0') { 1729 db_error("usage: show disk/devicename"); 1730 return; 1731 } 1732 dev = getdiskbyname(modif); 1733 if (dev != NODEV) 1734 db_printf("dev_t = %p\n", dev); 1735 else 1736 db_printf("No disk device matched.\n"); 1737 } 1738 #endif 1739 1740 /* 1741 * Get a mount option by its name. 1742 * 1743 * Return 0 if the option was found, ENOENT otherwise. 1744 * If len is non-NULL it will be filled with the length 1745 * of the option. If buf is non-NULL, it will be filled 1746 * with the address of the option. 1747 */ 1748 int 1749 vfs_getopt(opts, name, buf, len) 1750 struct vfsoptlist *opts; 1751 const char *name; 1752 void **buf; 1753 int *len; 1754 { 1755 struct vfsopt *opt; 1756 1757 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1758 1759 TAILQ_FOREACH(opt, opts, link) { 1760 if (strcmp(name, opt->name) == 0) { 1761 if (len != NULL) 1762 *len = opt->len; 1763 if (buf != NULL) 1764 *buf = opt->value; 1765 return (0); 1766 } 1767 } 1768 return (ENOENT); 1769 } 1770 1771 /* 1772 * Find and copy a mount option. 1773 * 1774 * The size of the buffer has to be specified 1775 * in len, if it is not the same length as the 1776 * mount option, EINVAL is returned. 1777 * Returns ENOENT if the option is not found. 1778 */ 1779 int 1780 vfs_copyopt(opts, name, dest, len) 1781 struct vfsoptlist *opts; 1782 const char *name; 1783 void *dest; 1784 int len; 1785 { 1786 struct vfsopt *opt; 1787 1788 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL")); 1789 1790 TAILQ_FOREACH(opt, opts, link) { 1791 if (strcmp(name, opt->name) == 0) { 1792 if (len != opt->len) 1793 return (EINVAL); 1794 bcopy(opt->value, dest, opt->len); 1795 return (0); 1796 } 1797 } 1798 return (ENOENT); 1799 } 1800