1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * Copyright (c) 1999 Michael Smith 39 * All rights reserved. 40 * Copyright (c) 1999 Poul-Henning Kamp 41 * All rights reserved. 42 * 43 * Redistribution and use in source and binary forms, with or without 44 * modification, are permitted provided that the following conditions 45 * are met: 46 * 1. Redistributions of source code must retain the above copyright 47 * notice, this list of conditions and the following disclaimer. 48 * 2. Redistributions in binary form must reproduce the above copyright 49 * notice, this list of conditions and the following disclaimer in the 50 * documentation and/or other materials provided with the distribution. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 */ 64 65 #include <sys/cdefs.h> 66 __FBSDID("$FreeBSD$"); 67 68 #include <sys/param.h> 69 #include <sys/conf.h> 70 #include <sys/cons.h> 71 #include <sys/kernel.h> 72 #include <sys/linker.h> 73 #include <sys/mac.h> 74 #include <sys/malloc.h> 75 #include <sys/mount.h> 76 #include <sys/mutex.h> 77 #include <sys/namei.h> 78 #include <sys/proc.h> 79 #include <sys/filedesc.h> 80 #include <sys/reboot.h> 81 #include <sys/sysproto.h> 82 #include <sys/sx.h> 83 #include <sys/sysctl.h> 84 #include <sys/sysent.h> 85 #include <sys/systm.h> 86 #include <sys/vnode.h> 87 88 #include <geom/geom.h> 89 90 #include <machine/stdarg.h> 91 92 #include "opt_rootdevname.h" 93 #include "opt_ddb.h" 94 #include "opt_mac.h" 95 96 #ifdef DDB 97 #include <ddb/ddb.h> 98 #endif 99 100 #define ROOTNAME "root_device" 101 102 static void checkdirs(struct vnode *olddp, struct vnode *newdp); 103 static int vfs_nmount(struct thread *td, int, struct uio *); 104 static int vfs_mountroot_try(char *mountfrom); 105 static int vfs_mountroot_ask(void); 106 static void gets(char *cp); 107 108 static int usermount = 0; /* if 1, non-root can mount fs. */ 109 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, ""); 110 111 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 112 113 /* List of mounted filesystems. */ 114 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 115 116 /* For any iteration/modification of mountlist */ 117 struct mtx mountlist_mtx; 118 119 /* 120 * The vnode of the system's root (/ in the filesystem, without chroot 121 * active.) 122 */ 123 struct vnode *rootvnode; 124 125 /* 126 * The root filesystem is detailed in the kernel environment variable 127 * vfs.root.mountfrom, which is expected to be in the general format 128 * 129 * <vfsname>:[<path>] 130 * vfsname := the name of a VFS known to the kernel and capable 131 * of being mounted as root 132 * path := disk device name or other data used by the filesystem 133 * to locate its physical store 134 */ 135 136 /* 137 * The root specifiers we will try if RB_CDROM is specified. 138 */ 139 static char *cdrom_rootdevnames[] = { 140 "cd9660:cd0", 141 "cd9660:acd0", 142 NULL 143 }; 144 145 /* legacy find-root code */ 146 char *rootdevnames[2] = {NULL, NULL}; 147 static int setrootbyname(char *name); 148 dev_t rootdev = NODEV; 149 150 /* 151 * Has to be dynamic as the value of rootdev can change; however, it can't 152 * change after the root is mounted, so a user process can't access this 153 * sysctl until after the value is unchangeable. 154 */ 155 static int 156 sysctl_rootdev(SYSCTL_HANDLER_ARGS) 157 { 158 int error; 159 160 /* _RD prevents this from happening. */ 161 KASSERT(req->newptr == NULL, ("Attempt to change root device name")); 162 163 if (rootdev != NODEV) 164 error = sysctl_handle_string(oidp, rootdev->si_name, 0, req); 165 else 166 error = sysctl_handle_string(oidp, "", 0, req); 167 168 return (error); 169 } 170 171 SYSCTL_PROC(_kern, OID_AUTO, rootdev, CTLTYPE_STRING | CTLFLAG_RD, 172 0, 0, sysctl_rootdev, "A", "Root file system device"); 173 174 /* Remove one mount option. */ 175 static void 176 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 177 { 178 179 TAILQ_REMOVE(opts, opt, link); 180 free(opt->name, M_MOUNT); 181 if (opt->value != NULL) 182 free(opt->value, M_MOUNT); 183 #ifdef INVARIANTS 184 else if (opt->len != 0) 185 panic("%s: mount option with NULL value but length != 0", 186 __func__); 187 #endif 188 free(opt, M_MOUNT); 189 } 190 191 /* Release all resources related to the mount options. */ 192 static void 193 vfs_freeopts(struct vfsoptlist *opts) 194 { 195 struct vfsopt *opt; 196 197 while (!TAILQ_EMPTY(opts)) { 198 opt = TAILQ_FIRST(opts); 199 vfs_freeopt(opts, opt); 200 } 201 free(opts, M_MOUNT); 202 } 203 204 /* 205 * If a mount option is specified several times, 206 * (with or without the "no" prefix) only keep 207 * the last occurence of it. 208 */ 209 static void 210 vfs_sanitizeopts(struct vfsoptlist *opts) 211 { 212 struct vfsopt *opt, *opt2, *tmp; 213 int noopt; 214 215 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 216 if (strncmp(opt->name, "no", 2) == 0) 217 noopt = 1; 218 else 219 noopt = 0; 220 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 221 while (opt2 != NULL) { 222 if (strcmp(opt2->name, opt->name) == 0 || 223 (noopt && strcmp(opt->name + 2, opt2->name) == 0) || 224 (!noopt && strncmp(opt2->name, "no", 2) == 0 && 225 strcmp(opt2->name + 2, opt->name) == 0)) { 226 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 227 vfs_freeopt(opts, opt2); 228 opt2 = tmp; 229 } else { 230 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 231 } 232 } 233 } 234 } 235 236 /* 237 * Build a linked list of mount options from a struct uio. 238 */ 239 static int 240 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 241 { 242 struct vfsoptlist *opts; 243 struct vfsopt *opt; 244 unsigned int i, iovcnt; 245 int error, namelen, optlen; 246 247 iovcnt = auio->uio_iovcnt; 248 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 249 TAILQ_INIT(opts); 250 for (i = 0; i < iovcnt; i += 2) { 251 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 252 namelen = auio->uio_iov[i].iov_len; 253 optlen = auio->uio_iov[i + 1].iov_len; 254 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 255 opt->value = NULL; 256 if (auio->uio_segflg == UIO_SYSSPACE) { 257 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 258 } else { 259 error = copyin(auio->uio_iov[i].iov_base, opt->name, 260 namelen); 261 if (error) 262 goto bad; 263 } 264 opt->len = optlen; 265 if (optlen != 0) { 266 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 267 if (auio->uio_segflg == UIO_SYSSPACE) { 268 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 269 optlen); 270 } else { 271 error = copyin(auio->uio_iov[i + 1].iov_base, 272 opt->value, optlen); 273 if (error) 274 goto bad; 275 } 276 } 277 TAILQ_INSERT_TAIL(opts, opt, link); 278 } 279 vfs_sanitizeopts(opts); 280 *options = opts; 281 return (0); 282 bad: 283 vfs_freeopts(opts); 284 return (error); 285 } 286 287 /* 288 * Merge the old mount options with the new ones passed 289 * in the MNT_UPDATE case. 290 */ 291 static void 292 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 293 { 294 struct vfsopt *opt, *opt2, *new; 295 296 TAILQ_FOREACH(opt, opts, link) { 297 /* 298 * Check that this option hasn't been redefined 299 * nor cancelled with a "no" mount option. 300 */ 301 opt2 = TAILQ_FIRST(toopts); 302 while (opt2 != NULL) { 303 if (strcmp(opt2->name, opt->name) == 0) 304 goto next; 305 if (strncmp(opt2->name, "no", 2) == 0 && 306 strcmp(opt2->name + 2, opt->name) == 0) { 307 vfs_freeopt(toopts, opt2); 308 goto next; 309 } 310 opt2 = TAILQ_NEXT(opt2, link); 311 } 312 /* We want this option, duplicate it. */ 313 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 314 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 315 strcpy(new->name, opt->name); 316 if (opt->len != 0) { 317 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 318 bcopy(opt->value, new->value, opt->len); 319 } else { 320 new->value = NULL; 321 } 322 new->len = opt->len; 323 TAILQ_INSERT_TAIL(toopts, new, link); 324 next: 325 continue; 326 } 327 } 328 329 /* 330 * New mount API. 331 */ 332 int 333 nmount(td, uap) 334 struct thread *td; 335 struct nmount_args /* { 336 struct iovec *iovp; 337 unsigned int iovcnt; 338 int flags; 339 } */ *uap; 340 { 341 struct uio auio; 342 struct iovec *iov, *needfree; 343 struct iovec aiov[UIO_SMALLIOV]; 344 unsigned int i; 345 int error; 346 u_int iovlen, iovcnt; 347 348 iovcnt = uap->iovcnt; 349 iovlen = iovcnt * sizeof (struct iovec); 350 /* 351 * Check that we have an even number of iovec's 352 * and that we have at least two options. 353 */ 354 if ((iovcnt & 1) || (iovcnt < 4) || (iovcnt > UIO_MAXIOV)) 355 return (EINVAL); 356 357 if (iovcnt > UIO_SMALLIOV) { 358 MALLOC(iov, struct iovec *, iovlen, M_IOV, M_WAITOK); 359 needfree = iov; 360 } else { 361 iov = aiov; 362 needfree = NULL; 363 } 364 auio.uio_iov = iov; 365 auio.uio_iovcnt = iovcnt; 366 auio.uio_segflg = UIO_USERSPACE; 367 if ((error = copyin(uap->iovp, iov, iovlen))) 368 goto finish; 369 370 for (i = 0; i < iovcnt; i++) { 371 if (iov->iov_len > MMAXOPTIONLEN) { 372 error = EINVAL; 373 goto finish; 374 } 375 iov++; 376 } 377 error = vfs_nmount(td, uap->flags, &auio); 378 finish: 379 if (needfree != NULL) 380 free(needfree, M_TEMP); 381 return (error); 382 } 383 384 int 385 kernel_mount(iovp, iovcnt, flags) 386 struct iovec *iovp; 387 unsigned int iovcnt; 388 int flags; 389 { 390 struct uio auio; 391 int error; 392 393 /* 394 * Check that we have an even number of iovec's 395 * and that we have at least two options. 396 */ 397 if ((iovcnt & 1) || (iovcnt < 4)) 398 return (EINVAL); 399 400 auio.uio_iov = iovp; 401 auio.uio_iovcnt = iovcnt; 402 auio.uio_segflg = UIO_SYSSPACE; 403 404 error = vfs_nmount(curthread, flags, &auio); 405 return (error); 406 } 407 408 int 409 kernel_vmount(int flags, ...) 410 { 411 struct iovec *iovp; 412 struct uio auio; 413 va_list ap; 414 unsigned int iovcnt, iovlen, len; 415 const char *cp; 416 char *buf, *pos; 417 size_t n; 418 int error, i; 419 420 len = 0; 421 va_start(ap, flags); 422 for (iovcnt = 0; (cp = va_arg(ap, const char *)) != NULL; iovcnt++) 423 len += strlen(cp) + 1; 424 va_end(ap); 425 426 if (iovcnt < 4 || iovcnt & 1) 427 return (EINVAL); 428 429 iovlen = iovcnt * sizeof (struct iovec); 430 MALLOC(iovp, struct iovec *, iovlen, M_MOUNT, M_WAITOK); 431 MALLOC(buf, char *, len, M_MOUNT, M_WAITOK); 432 pos = buf; 433 va_start(ap, flags); 434 for (i = 0; i < iovcnt; i++) { 435 cp = va_arg(ap, const char *); 436 copystr(cp, pos, len - (pos - buf), &n); 437 iovp[i].iov_base = pos; 438 iovp[i].iov_len = n; 439 pos += n; 440 } 441 va_end(ap); 442 443 auio.uio_iov = iovp; 444 auio.uio_iovcnt = iovcnt; 445 auio.uio_segflg = UIO_SYSSPACE; 446 447 error = vfs_nmount(curthread, flags, &auio); 448 FREE(iovp, M_MOUNT); 449 FREE(buf, M_MOUNT); 450 return (error); 451 } 452 453 /* 454 * vfs_nmount(): actually attempt a filesystem mount. 455 */ 456 static int 457 vfs_nmount(td, fsflags, fsoptions) 458 struct thread *td; 459 int fsflags; /* Flags common to all filesystems. */ 460 struct uio *fsoptions; /* Options local to the filesystem. */ 461 { 462 linker_file_t lf; 463 struct vnode *vp; 464 struct mount *mp; 465 struct vfsconf *vfsp; 466 struct vfsoptlist *optlist; 467 char *fstype, *fspath; 468 int error, flag = 0, kern_flag = 0; 469 int fstypelen, fspathlen; 470 struct vattr va; 471 struct nameidata nd; 472 473 error = vfs_buildopts(fsoptions, &optlist); 474 if (error) 475 return (error); 476 477 /* 478 * We need these two options before the others, 479 * and they are mandatory for any filesystem. 480 * Ensure they are NUL terminated as well. 481 */ 482 fstypelen = 0; 483 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 484 if (error || fstype[fstypelen - 1] != '\0') { 485 error = EINVAL; 486 goto bad; 487 } 488 fspathlen = 0; 489 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 490 if (error || fspath[fspathlen - 1] != '\0') { 491 error = EINVAL; 492 goto bad; 493 } 494 495 /* 496 * Be ultra-paranoid about making sure the type and fspath 497 * variables will fit in our mp buffers, including the 498 * terminating NUL. 499 */ 500 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 501 error = ENAMETOOLONG; 502 goto bad; 503 } 504 505 if (usermount == 0) { 506 error = suser(td); 507 if (error) 508 goto bad; 509 } 510 /* 511 * Do not allow NFS export by non-root users. 512 */ 513 if (fsflags & MNT_EXPORTED) { 514 error = suser(td); 515 if (error) 516 goto bad; 517 } 518 /* 519 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 520 */ 521 if (suser(td)) 522 fsflags |= MNT_NOSUID | MNT_NODEV; 523 /* 524 * Get vnode to be covered 525 */ 526 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 527 if ((error = namei(&nd)) != 0) 528 goto bad; 529 NDFREE(&nd, NDF_ONLY_PNBUF); 530 vp = nd.ni_vp; 531 if (fsflags & MNT_UPDATE) { 532 if ((vp->v_vflag & VV_ROOT) == 0) { 533 vput(vp); 534 error = EINVAL; 535 goto bad; 536 } 537 mp = vp->v_mount; 538 flag = mp->mnt_flag; 539 kern_flag = mp->mnt_kern_flag; 540 /* 541 * We only allow the filesystem to be reloaded if it 542 * is currently mounted read-only. 543 */ 544 if ((fsflags & MNT_RELOAD) && 545 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 546 vput(vp); 547 error = EOPNOTSUPP; /* Needs translation */ 548 goto bad; 549 } 550 /* 551 * Only root, or the user that did the original mount is 552 * permitted to update it. 553 */ 554 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 555 error = suser(td); 556 if (error) { 557 vput(vp); 558 goto bad; 559 } 560 } 561 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 562 vput(vp); 563 error = EBUSY; 564 goto bad; 565 } 566 VI_LOCK(vp); 567 if ((vp->v_iflag & VI_MOUNT) != 0 || 568 vp->v_mountedhere != NULL) { 569 VI_UNLOCK(vp); 570 vfs_unbusy(mp, td); 571 vput(vp); 572 error = EBUSY; 573 goto bad; 574 } 575 vp->v_iflag |= VI_MOUNT; 576 VI_UNLOCK(vp); 577 mp->mnt_flag |= fsflags & 578 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 579 VOP_UNLOCK(vp, 0, td); 580 mp->mnt_optnew = optlist; 581 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 582 goto update; 583 } 584 /* 585 * If the user is not root, ensure that they own the directory 586 * onto which we are attempting to mount. 587 */ 588 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 589 if (error) { 590 vput(vp); 591 goto bad; 592 } 593 if (va.va_uid != td->td_ucred->cr_uid) { 594 error = suser(td); 595 if (error) { 596 vput(vp); 597 goto bad; 598 } 599 } 600 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 601 vput(vp); 602 goto bad; 603 } 604 if (vp->v_type != VDIR) { 605 vput(vp); 606 error = ENOTDIR; 607 goto bad; 608 } 609 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 610 if (!strcmp(vfsp->vfc_name, fstype)) 611 break; 612 if (vfsp == NULL) { 613 /* Only load modules for root (very important!). */ 614 error = suser(td); 615 if (error) { 616 vput(vp); 617 goto bad; 618 } 619 error = securelevel_gt(td->td_ucred, 0); 620 if (error) { 621 vput(vp); 622 goto bad; 623 } 624 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 625 if (error || lf == NULL) { 626 vput(vp); 627 if (lf == NULL) 628 error = ENODEV; 629 goto bad; 630 } 631 lf->userrefs++; 632 /* Look up again to see if the VFS was loaded. */ 633 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 634 if (!strcmp(vfsp->vfc_name, fstype)) 635 break; 636 if (vfsp == NULL) { 637 lf->userrefs--; 638 linker_file_unload(lf); 639 vput(vp); 640 error = ENODEV; 641 goto bad; 642 } 643 } 644 VI_LOCK(vp); 645 if ((vp->v_iflag & VI_MOUNT) != 0 || 646 vp->v_mountedhere != NULL) { 647 VI_UNLOCK(vp); 648 vput(vp); 649 error = EBUSY; 650 goto bad; 651 } 652 vp->v_iflag |= VI_MOUNT; 653 VI_UNLOCK(vp); 654 655 /* 656 * Allocate and initialize the filesystem. 657 */ 658 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 659 TAILQ_INIT(&mp->mnt_nvnodelist); 660 TAILQ_INIT(&mp->mnt_reservedvnlist); 661 mp->mnt_nvnodelistsize = 0; 662 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF); 663 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 664 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 665 mp->mnt_op = vfsp->vfc_vfsops; 666 mp->mnt_vfc = vfsp; 667 vfsp->vfc_refcount++; 668 mp->mnt_stat.f_type = vfsp->vfc_typenum; 669 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 670 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 671 mp->mnt_vnodecovered = vp; 672 mp->mnt_cred = crdup(td->td_ucred); 673 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 674 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 675 mp->mnt_iosize_max = DFLTPHYS; 676 #ifdef MAC 677 mac_init_mount(mp); 678 mac_create_mount(td->td_ucred, mp); 679 #endif 680 VOP_UNLOCK(vp, 0, td); 681 mp->mnt_optnew = optlist; /* XXXMAC: should this be above? */ 682 683 update: 684 /* 685 * Check if the fs implements the new VFS_NMOUNT() 686 * function, since the new system call was used. 687 */ 688 if (mp->mnt_op->vfs_mount != NULL) { 689 printf("%s doesn't support the new mount syscall\n", 690 mp->mnt_vfc->vfc_name); 691 VI_LOCK(vp); 692 vp->v_iflag &= ~VI_MOUNT; 693 VI_UNLOCK(vp); 694 if (mp->mnt_flag & MNT_UPDATE) 695 vfs_unbusy(mp, td); 696 else { 697 mp->mnt_vfc->vfc_refcount--; 698 vfs_unbusy(mp, td); 699 #ifdef MAC 700 mac_destroy_mount(mp); 701 #endif 702 crfree(mp->mnt_cred); 703 free(mp, M_MOUNT); 704 } 705 vrele(vp); 706 error = EOPNOTSUPP; 707 goto bad; 708 } 709 710 /* 711 * Set the mount level flags. 712 */ 713 if (fsflags & MNT_RDONLY) 714 mp->mnt_flag |= MNT_RDONLY; 715 else if (mp->mnt_flag & MNT_RDONLY) 716 mp->mnt_kern_flag |= MNTK_WANTRDWR; 717 mp->mnt_flag &=~ MNT_UPDATEMASK; 718 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 719 /* 720 * Mount the filesystem. 721 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 722 * get. No freeing of cn_pnbuf. 723 */ 724 error = VFS_NMOUNT(mp, &nd, td); 725 if (!error) { 726 if (mp->mnt_opt != NULL) 727 vfs_freeopts(mp->mnt_opt); 728 mp->mnt_opt = mp->mnt_optnew; 729 } 730 /* 731 * Prevent external consumers of mount 732 * options to read mnt_optnew. 733 */ 734 mp->mnt_optnew = NULL; 735 if (mp->mnt_flag & MNT_UPDATE) { 736 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 737 mp->mnt_flag &= ~MNT_RDONLY; 738 mp->mnt_flag &=~ 739 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 740 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 741 if (error) { 742 mp->mnt_flag = flag; 743 mp->mnt_kern_flag = kern_flag; 744 } 745 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 746 if (mp->mnt_syncer == NULL) 747 error = vfs_allocate_syncvnode(mp); 748 } else { 749 if (mp->mnt_syncer != NULL) 750 vrele(mp->mnt_syncer); 751 mp->mnt_syncer = NULL; 752 } 753 vfs_unbusy(mp, td); 754 VI_LOCK(vp); 755 vp->v_iflag &= ~VI_MOUNT; 756 VI_UNLOCK(vp); 757 vrele(vp); 758 return (error); 759 } 760 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 761 /* 762 * Put the new filesystem on the mount list after root. 763 */ 764 cache_purge(vp); 765 if (!error) { 766 struct vnode *newdp; 767 768 VI_LOCK(vp); 769 vp->v_iflag &= ~VI_MOUNT; 770 VI_UNLOCK(vp); 771 vp->v_mountedhere = mp; 772 mtx_lock(&mountlist_mtx); 773 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 774 mtx_unlock(&mountlist_mtx); 775 if (VFS_ROOT(mp, &newdp)) 776 panic("mount: lost mount"); 777 checkdirs(vp, newdp); 778 vput(newdp); 779 VOP_UNLOCK(vp, 0, td); 780 if ((mp->mnt_flag & MNT_RDONLY) == 0) 781 error = vfs_allocate_syncvnode(mp); 782 vfs_unbusy(mp, td); 783 if ((error = VFS_START(mp, 0, td)) != 0) { 784 vrele(vp); 785 goto bad; 786 } 787 } else { 788 VI_LOCK(vp); 789 vp->v_iflag &= ~VI_MOUNT; 790 VI_UNLOCK(vp); 791 mp->mnt_vfc->vfc_refcount--; 792 vfs_unbusy(mp, td); 793 #ifdef MAC 794 mac_destroy_mount(mp); 795 #endif 796 crfree(mp->mnt_cred); 797 free(mp, M_MOUNT); 798 vput(vp); 799 goto bad; 800 } 801 return (0); 802 bad: 803 vfs_freeopts(optlist); 804 return (error); 805 } 806 807 /* 808 * Old mount API. 809 */ 810 #ifndef _SYS_SYSPROTO_H_ 811 struct mount_args { 812 char *type; 813 char *path; 814 int flags; 815 caddr_t data; 816 }; 817 #endif 818 /* ARGSUSED */ 819 int 820 mount(td, uap) 821 struct thread *td; 822 struct mount_args /* { 823 char *type; 824 char *path; 825 int flags; 826 caddr_t data; 827 } */ *uap; 828 { 829 char *fstype; 830 char *fspath; 831 int error; 832 833 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 834 fspath = malloc(MNAMELEN, M_TEMP, M_WAITOK); 835 836 /* 837 * vfs_mount() actually takes a kernel string for `type' and 838 * `path' now, so extract them. 839 */ 840 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL); 841 if (error == 0) 842 error = copyinstr(uap->path, fspath, MNAMELEN, NULL); 843 if (error == 0) 844 error = vfs_mount(td, fstype, fspath, uap->flags, uap->data); 845 free(fstype, M_TEMP); 846 free(fspath, M_TEMP); 847 return (error); 848 } 849 850 /* 851 * vfs_mount(): actually attempt a filesystem mount. 852 * 853 * This routine is designed to be a "generic" entry point for routines 854 * that wish to mount a filesystem. All parameters except `fsdata' are 855 * pointers into kernel space. `fsdata' is currently still a pointer 856 * into userspace. 857 */ 858 int 859 vfs_mount(td, fstype, fspath, fsflags, fsdata) 860 struct thread *td; 861 const char *fstype; 862 char *fspath; 863 int fsflags; 864 void *fsdata; 865 { 866 linker_file_t lf; 867 struct vnode *vp; 868 struct mount *mp; 869 struct vfsconf *vfsp; 870 int error, flag = 0, kern_flag = 0; 871 struct vattr va; 872 struct nameidata nd; 873 874 /* 875 * Be ultra-paranoid about making sure the type and fspath 876 * variables will fit in our mp buffers, including the 877 * terminating NUL. 878 */ 879 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 880 return (ENAMETOOLONG); 881 882 if (usermount == 0) { 883 error = suser(td); 884 if (error) 885 return (error); 886 } 887 /* 888 * Do not allow NFS export by non-root users. 889 */ 890 if (fsflags & MNT_EXPORTED) { 891 error = suser(td); 892 if (error) 893 return (error); 894 } 895 /* 896 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 897 */ 898 if (suser(td)) 899 fsflags |= MNT_NOSUID | MNT_NODEV; 900 /* 901 * Get vnode to be covered 902 */ 903 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 904 if ((error = namei(&nd)) != 0) 905 return (error); 906 NDFREE(&nd, NDF_ONLY_PNBUF); 907 vp = nd.ni_vp; 908 if (fsflags & MNT_UPDATE) { 909 if ((vp->v_vflag & VV_ROOT) == 0) { 910 vput(vp); 911 return (EINVAL); 912 } 913 mp = vp->v_mount; 914 flag = mp->mnt_flag; 915 kern_flag = mp->mnt_kern_flag; 916 /* 917 * We only allow the filesystem to be reloaded if it 918 * is currently mounted read-only. 919 */ 920 if ((fsflags & MNT_RELOAD) && 921 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 922 vput(vp); 923 return (EOPNOTSUPP); /* Needs translation */ 924 } 925 /* 926 * Only root, or the user that did the original mount is 927 * permitted to update it. 928 */ 929 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 930 error = suser(td); 931 if (error) { 932 vput(vp); 933 return (error); 934 } 935 } 936 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 937 vput(vp); 938 return (EBUSY); 939 } 940 VI_LOCK(vp); 941 if ((vp->v_iflag & VI_MOUNT) != 0 || 942 vp->v_mountedhere != NULL) { 943 VI_UNLOCK(vp); 944 vfs_unbusy(mp, td); 945 vput(vp); 946 return (EBUSY); 947 } 948 vp->v_iflag |= VI_MOUNT; 949 VI_UNLOCK(vp); 950 mp->mnt_flag |= fsflags & 951 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 952 VOP_UNLOCK(vp, 0, td); 953 goto update; 954 } 955 /* 956 * If the user is not root, ensure that they own the directory 957 * onto which we are attempting to mount. 958 */ 959 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 960 if (error) { 961 vput(vp); 962 return (error); 963 } 964 if (va.va_uid != td->td_ucred->cr_uid) { 965 error = suser(td); 966 if (error) { 967 vput(vp); 968 return (error); 969 } 970 } 971 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 972 vput(vp); 973 return (error); 974 } 975 if (vp->v_type != VDIR) { 976 vput(vp); 977 return (ENOTDIR); 978 } 979 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 980 if (!strcmp(vfsp->vfc_name, fstype)) 981 break; 982 if (vfsp == NULL) { 983 /* Only load modules for root (very important!). */ 984 error = suser(td); 985 if (error) { 986 vput(vp); 987 return (error); 988 } 989 error = securelevel_gt(td->td_ucred, 0); 990 if (error) { 991 vput(vp); 992 return (error); 993 } 994 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 995 if (error || lf == NULL) { 996 vput(vp); 997 if (lf == NULL) 998 error = ENODEV; 999 return (error); 1000 } 1001 lf->userrefs++; 1002 /* Look up again to see if the VFS was loaded. */ 1003 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1004 if (!strcmp(vfsp->vfc_name, fstype)) 1005 break; 1006 if (vfsp == NULL) { 1007 lf->userrefs--; 1008 linker_file_unload(lf); 1009 vput(vp); 1010 return (ENODEV); 1011 } 1012 } 1013 VI_LOCK(vp); 1014 if ((vp->v_iflag & VI_MOUNT) != 0 || 1015 vp->v_mountedhere != NULL) { 1016 VI_UNLOCK(vp); 1017 vput(vp); 1018 return (EBUSY); 1019 } 1020 vp->v_iflag |= VI_MOUNT; 1021 VI_UNLOCK(vp); 1022 1023 /* 1024 * Allocate and initialize the filesystem. 1025 */ 1026 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1027 TAILQ_INIT(&mp->mnt_nvnodelist); 1028 TAILQ_INIT(&mp->mnt_reservedvnlist); 1029 mp->mnt_nvnodelistsize = 0; 1030 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF); 1031 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1032 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1033 mp->mnt_op = vfsp->vfc_vfsops; 1034 mp->mnt_vfc = vfsp; 1035 vfsp->vfc_refcount++; 1036 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1037 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1038 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 1039 mp->mnt_vnodecovered = vp; 1040 mp->mnt_cred = crdup(td->td_ucred); 1041 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 1042 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 1043 mp->mnt_iosize_max = DFLTPHYS; 1044 #ifdef MAC 1045 mac_init_mount(mp); 1046 mac_create_mount(td->td_ucred, mp); 1047 #endif 1048 VOP_UNLOCK(vp, 0, td); 1049 update: 1050 /* 1051 * Check if the fs implements the old VFS_MOUNT() 1052 * function, since the old system call was used. 1053 */ 1054 if (mp->mnt_op->vfs_mount == NULL) { 1055 printf("%s doesn't support the old mount syscall\n", 1056 mp->mnt_vfc->vfc_name); 1057 VI_LOCK(vp); 1058 vp->v_iflag &= ~VI_MOUNT; 1059 VI_UNLOCK(vp); 1060 if (mp->mnt_flag & MNT_UPDATE) 1061 vfs_unbusy(mp, td); 1062 else { 1063 mp->mnt_vfc->vfc_refcount--; 1064 vfs_unbusy(mp, td); 1065 #ifdef MAC 1066 mac_destroy_mount(mp); 1067 #endif 1068 crfree(mp->mnt_cred); 1069 free(mp, M_MOUNT); 1070 } 1071 vrele(vp); 1072 return (EOPNOTSUPP); 1073 } 1074 1075 /* 1076 * Set the mount level flags. 1077 */ 1078 if (fsflags & MNT_RDONLY) 1079 mp->mnt_flag |= MNT_RDONLY; 1080 else if (mp->mnt_flag & MNT_RDONLY) 1081 mp->mnt_kern_flag |= MNTK_WANTRDWR; 1082 mp->mnt_flag &=~ MNT_UPDATEMASK; 1083 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 1084 /* 1085 * Mount the filesystem. 1086 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 1087 * get. No freeing of cn_pnbuf. 1088 */ 1089 error = VFS_MOUNT(mp, fspath, fsdata, &nd, td); 1090 if (mp->mnt_flag & MNT_UPDATE) { 1091 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 1092 mp->mnt_flag &= ~MNT_RDONLY; 1093 mp->mnt_flag &=~ 1094 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 1095 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 1096 if (error) { 1097 mp->mnt_flag = flag; 1098 mp->mnt_kern_flag = kern_flag; 1099 } 1100 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 1101 if (mp->mnt_syncer == NULL) 1102 error = vfs_allocate_syncvnode(mp); 1103 } else { 1104 if (mp->mnt_syncer != NULL) 1105 vrele(mp->mnt_syncer); 1106 mp->mnt_syncer = NULL; 1107 } 1108 vfs_unbusy(mp, td); 1109 VI_LOCK(vp); 1110 vp->v_iflag &= ~VI_MOUNT; 1111 VI_UNLOCK(vp); 1112 vrele(vp); 1113 return (error); 1114 } 1115 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 1116 /* 1117 * Put the new filesystem on the mount list after root. 1118 */ 1119 cache_purge(vp); 1120 if (!error) { 1121 struct vnode *newdp; 1122 1123 VI_LOCK(vp); 1124 vp->v_iflag &= ~VI_MOUNT; 1125 VI_UNLOCK(vp); 1126 vp->v_mountedhere = mp; 1127 mtx_lock(&mountlist_mtx); 1128 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1129 mtx_unlock(&mountlist_mtx); 1130 if (VFS_ROOT(mp, &newdp)) 1131 panic("mount: lost mount"); 1132 checkdirs(vp, newdp); 1133 vput(newdp); 1134 VOP_UNLOCK(vp, 0, td); 1135 if ((mp->mnt_flag & MNT_RDONLY) == 0) 1136 error = vfs_allocate_syncvnode(mp); 1137 vfs_unbusy(mp, td); 1138 if ((error = VFS_START(mp, 0, td)) != 0) 1139 vrele(vp); 1140 } else { 1141 VI_LOCK(vp); 1142 vp->v_iflag &= ~VI_MOUNT; 1143 VI_UNLOCK(vp); 1144 mp->mnt_vfc->vfc_refcount--; 1145 vfs_unbusy(mp, td); 1146 #ifdef MAC 1147 mac_destroy_mount(mp); 1148 #endif 1149 crfree(mp->mnt_cred); 1150 free(mp, M_MOUNT); 1151 vput(vp); 1152 } 1153 return (error); 1154 } 1155 1156 /* 1157 * Scan all active processes to see if any of them have a current 1158 * or root directory of `olddp'. If so, replace them with the new 1159 * mount point. 1160 */ 1161 static void 1162 checkdirs(olddp, newdp) 1163 struct vnode *olddp, *newdp; 1164 { 1165 struct filedesc *fdp; 1166 struct proc *p; 1167 int nrele; 1168 1169 if (vrefcnt(olddp) == 1) 1170 return; 1171 sx_slock(&allproc_lock); 1172 LIST_FOREACH(p, &allproc, p_list) { 1173 mtx_lock(&fdesc_mtx); 1174 fdp = p->p_fd; 1175 if (fdp == NULL) { 1176 mtx_unlock(&fdesc_mtx); 1177 continue; 1178 } 1179 nrele = 0; 1180 FILEDESC_LOCK(fdp); 1181 if (fdp->fd_cdir == olddp) { 1182 VREF(newdp); 1183 fdp->fd_cdir = newdp; 1184 nrele++; 1185 } 1186 if (fdp->fd_rdir == olddp) { 1187 VREF(newdp); 1188 fdp->fd_rdir = newdp; 1189 nrele++; 1190 } 1191 FILEDESC_UNLOCK(fdp); 1192 mtx_unlock(&fdesc_mtx); 1193 while (nrele--) 1194 vrele(olddp); 1195 } 1196 sx_sunlock(&allproc_lock); 1197 if (rootvnode == olddp) { 1198 vrele(rootvnode); 1199 VREF(newdp); 1200 rootvnode = newdp; 1201 } 1202 } 1203 1204 /* 1205 * Unmount a filesystem. 1206 * 1207 * Note: unmount takes a path to the vnode mounted on as argument, 1208 * not special file (as before). 1209 */ 1210 #ifndef _SYS_SYSPROTO_H_ 1211 struct unmount_args { 1212 char *path; 1213 int flags; 1214 }; 1215 #endif 1216 /* ARGSUSED */ 1217 int 1218 unmount(td, uap) 1219 struct thread *td; 1220 register struct unmount_args /* { 1221 char *path; 1222 int flags; 1223 } */ *uap; 1224 { 1225 struct mount *mp; 1226 char *pathbuf; 1227 int error, id0, id1; 1228 1229 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK); 1230 error = copyinstr(uap->path, pathbuf, MNAMELEN, NULL); 1231 if (error) { 1232 free(pathbuf, M_TEMP); 1233 return (error); 1234 } 1235 if (uap->flags & MNT_BYFSID) { 1236 /* Decode the filesystem ID. */ 1237 if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) { 1238 free(pathbuf, M_TEMP); 1239 return (EINVAL); 1240 } 1241 1242 mtx_lock(&mountlist_mtx); 1243 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) 1244 if (mp->mnt_stat.f_fsid.val[0] == id0 && 1245 mp->mnt_stat.f_fsid.val[1] == id1) 1246 break; 1247 mtx_unlock(&mountlist_mtx); 1248 } else { 1249 mtx_lock(&mountlist_mtx); 1250 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) 1251 if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0) 1252 break; 1253 mtx_unlock(&mountlist_mtx); 1254 } 1255 free(pathbuf, M_TEMP); 1256 if (mp == NULL) { 1257 /* 1258 * Previously we returned ENOENT for a nonexistent path and 1259 * EINVAL for a non-mountpoint. We cannot tell these apart 1260 * now, so in the !MNT_BYFSID case return the more likely 1261 * EINVAL for compatibility. 1262 */ 1263 return ((uap->flags & MNT_BYFSID) ? ENOENT : EINVAL); 1264 } 1265 1266 /* 1267 * Only root, or the user that did the original mount is 1268 * permitted to unmount this filesystem. 1269 */ 1270 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 1271 error = suser(td); 1272 if (error) 1273 return (error); 1274 } 1275 1276 /* 1277 * Don't allow unmounting the root filesystem. 1278 */ 1279 if (mp->mnt_flag & MNT_ROOTFS) 1280 return (EINVAL); 1281 return (dounmount(mp, uap->flags, td)); 1282 } 1283 1284 /* 1285 * Do the actual filesystem unmount. 1286 */ 1287 int 1288 dounmount(mp, flags, td) 1289 struct mount *mp; 1290 int flags; 1291 struct thread *td; 1292 { 1293 struct vnode *coveredvp, *fsrootvp; 1294 int error; 1295 int async_flag; 1296 1297 mtx_lock(&mountlist_mtx); 1298 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1299 mtx_unlock(&mountlist_mtx); 1300 return (EBUSY); 1301 } 1302 mp->mnt_kern_flag |= MNTK_UNMOUNT; 1303 /* Allow filesystems to detect that a forced unmount is in progress. */ 1304 if (flags & MNT_FORCE) 1305 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1306 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK | 1307 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), &mountlist_mtx, td); 1308 if (error) { 1309 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1310 if (mp->mnt_kern_flag & MNTK_MWAIT) 1311 wakeup(mp); 1312 return (error); 1313 } 1314 vn_start_write(NULL, &mp, V_WAIT); 1315 1316 if (mp->mnt_flag & MNT_EXPUBLIC) 1317 vfs_setpublicfs(NULL, NULL, NULL); 1318 1319 vfs_msync(mp, MNT_WAIT); 1320 async_flag = mp->mnt_flag & MNT_ASYNC; 1321 mp->mnt_flag &=~ MNT_ASYNC; 1322 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1323 if (mp->mnt_syncer != NULL) 1324 vrele(mp->mnt_syncer); 1325 /* Move process cdir/rdir refs on fs root to underlying vnode. */ 1326 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1327 if (mp->mnt_vnodecovered != NULL) 1328 checkdirs(fsrootvp, mp->mnt_vnodecovered); 1329 if (fsrootvp == rootvnode) { 1330 vrele(rootvnode); 1331 rootvnode = NULL; 1332 } 1333 vput(fsrootvp); 1334 } 1335 if (((mp->mnt_flag & MNT_RDONLY) || 1336 (error = VFS_SYNC(mp, MNT_WAIT, td->td_ucred, td)) == 0) || 1337 (flags & MNT_FORCE)) { 1338 error = VFS_UNMOUNT(mp, flags, td); 1339 } 1340 vn_finished_write(mp); 1341 if (error) { 1342 /* Undo cdir/rdir and rootvnode changes made above. */ 1343 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1344 if (mp->mnt_vnodecovered != NULL) 1345 checkdirs(mp->mnt_vnodecovered, fsrootvp); 1346 if (rootvnode == NULL) { 1347 rootvnode = fsrootvp; 1348 vref(rootvnode); 1349 } 1350 vput(fsrootvp); 1351 } 1352 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) 1353 (void) vfs_allocate_syncvnode(mp); 1354 mtx_lock(&mountlist_mtx); 1355 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1356 mp->mnt_flag |= async_flag; 1357 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, 1358 &mountlist_mtx, td); 1359 if (mp->mnt_kern_flag & MNTK_MWAIT) 1360 wakeup(mp); 1361 return (error); 1362 } 1363 crfree(mp->mnt_cred); 1364 mtx_lock(&mountlist_mtx); 1365 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1366 if ((coveredvp = mp->mnt_vnodecovered) != NULL) 1367 coveredvp->v_mountedhere = NULL; 1368 mp->mnt_vfc->vfc_refcount--; 1369 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) 1370 panic("unmount: dangling vnode"); 1371 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, &mountlist_mtx, td); 1372 lockdestroy(&mp->mnt_lock); 1373 mtx_destroy(&mp->mnt_mtx); 1374 if (coveredvp != NULL) 1375 vrele(coveredvp); 1376 if (mp->mnt_kern_flag & MNTK_MWAIT) 1377 wakeup(mp); 1378 #ifdef MAC 1379 mac_destroy_mount(mp); 1380 #endif 1381 if (mp->mnt_op->vfs_mount == NULL) 1382 vfs_freeopts(mp->mnt_opt); 1383 free(mp, M_MOUNT); 1384 return (0); 1385 } 1386 1387 /* 1388 * Lookup a filesystem type, and if found allocate and initialize 1389 * a mount structure for it. 1390 * 1391 * Devname is usually updated by mount(8) after booting. 1392 */ 1393 int 1394 vfs_rootmountalloc(fstypename, devname, mpp) 1395 char *fstypename; 1396 char *devname; 1397 struct mount **mpp; 1398 { 1399 struct thread *td = curthread; /* XXX */ 1400 struct vfsconf *vfsp; 1401 struct mount *mp; 1402 1403 if (fstypename == NULL) 1404 return (ENODEV); 1405 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1406 if (!strcmp(vfsp->vfc_name, fstypename)) 1407 break; 1408 if (vfsp == NULL) 1409 return (ENODEV); 1410 mp = malloc((u_long)sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1411 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF); 1412 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1413 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1414 TAILQ_INIT(&mp->mnt_nvnodelist); 1415 TAILQ_INIT(&mp->mnt_reservedvnlist); 1416 mp->mnt_nvnodelistsize = 0; 1417 mp->mnt_vfc = vfsp; 1418 mp->mnt_op = vfsp->vfc_vfsops; 1419 mp->mnt_flag = MNT_RDONLY; 1420 mp->mnt_vnodecovered = NULLVP; 1421 mp->mnt_cred = crdup(td->td_ucred); 1422 vfsp->vfc_refcount++; 1423 mp->mnt_iosize_max = DFLTPHYS; 1424 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1425 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1426 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 1427 mp->mnt_stat.f_mntonname[0] = '/'; 1428 mp->mnt_stat.f_mntonname[1] = 0; 1429 strlcpy(mp->mnt_stat.f_mntfromname, devname, MNAMELEN); 1430 #ifdef MAC 1431 mac_init_mount(mp); 1432 mac_create_mount(td->td_ucred, mp); 1433 #endif 1434 *mpp = mp; 1435 return (0); 1436 } 1437 1438 /* 1439 * Find and mount the root filesystem 1440 */ 1441 void 1442 vfs_mountroot(void) 1443 { 1444 char *cp; 1445 int i, error; 1446 1447 g_waitidle(); 1448 1449 /* 1450 * The root filesystem information is compiled in, and we are 1451 * booted with instructions to use it. 1452 */ 1453 #ifdef ROOTDEVNAME 1454 if ((boothowto & RB_DFLTROOT) && 1455 !vfs_mountroot_try(ROOTDEVNAME)) 1456 return; 1457 #endif 1458 /* 1459 * We are booted with instructions to prompt for the root filesystem, 1460 * or to use the compiled-in default when it doesn't exist. 1461 */ 1462 if (boothowto & (RB_DFLTROOT | RB_ASKNAME)) { 1463 if (!vfs_mountroot_ask()) 1464 return; 1465 } 1466 1467 /* 1468 * We've been given the generic "use CDROM as root" flag. This is 1469 * necessary because one media may be used in many different 1470 * devices, so we need to search for them. 1471 */ 1472 if (boothowto & RB_CDROM) { 1473 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1474 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1475 return; 1476 } 1477 } 1478 1479 /* 1480 * Try to use the value read by the loader from /etc/fstab, or 1481 * supplied via some other means. This is the preferred 1482 * mechanism. 1483 */ 1484 if ((cp = getenv("vfs.root.mountfrom")) != NULL) { 1485 error = vfs_mountroot_try(cp); 1486 freeenv(cp); 1487 if (!error) 1488 return; 1489 } 1490 1491 /* 1492 * Try values that may have been computed by the machine-dependant 1493 * legacy code. 1494 */ 1495 if (!vfs_mountroot_try(rootdevnames[0])) 1496 return; 1497 if (!vfs_mountroot_try(rootdevnames[1])) 1498 return; 1499 1500 /* 1501 * If we have a compiled-in default, and haven't already tried it, try 1502 * it now. 1503 */ 1504 #ifdef ROOTDEVNAME 1505 if (!(boothowto & RB_DFLTROOT)) 1506 if (!vfs_mountroot_try(ROOTDEVNAME)) 1507 return; 1508 #endif 1509 1510 /* 1511 * Everything so far has failed, prompt on the console if we haven't 1512 * already tried that. 1513 */ 1514 if (!(boothowto & (RB_DFLTROOT | RB_ASKNAME)) && !vfs_mountroot_ask()) 1515 return; 1516 panic("Root mount failed, startup aborted."); 1517 } 1518 1519 /* 1520 * Mount (mountfrom) as the root filesystem. 1521 */ 1522 static int 1523 vfs_mountroot_try(char *mountfrom) 1524 { 1525 struct mount *mp; 1526 char *vfsname, *path; 1527 const char *devname; 1528 int error; 1529 char patt[32]; 1530 int s; 1531 1532 vfsname = NULL; 1533 path = NULL; 1534 mp = NULL; 1535 error = EINVAL; 1536 1537 if (mountfrom == NULL) 1538 return(error); /* don't complain */ 1539 1540 s = splcam(); /* Overkill, but annoying without it */ 1541 printf("Mounting root from %s\n", mountfrom); 1542 splx(s); 1543 1544 /* parse vfs name and path */ 1545 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1546 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1547 vfsname[0] = path[0] = 0; 1548 sprintf(patt, "%%%d[a-z0-9]:%%%zds", MFSNAMELEN, MNAMELEN); 1549 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1550 goto done; 1551 1552 /* allocate a root mount */ 1553 error = vfs_rootmountalloc(vfsname, path[0] != 0 ? path : ROOTNAME, 1554 &mp); 1555 if (error != 0) { 1556 printf("Can't allocate root mount for filesystem '%s': %d\n", 1557 vfsname, error); 1558 goto done; 1559 } 1560 mp->mnt_flag |= MNT_ROOTFS; 1561 1562 /* do our best to set rootdev */ 1563 if ((path[0] != 0) && setrootbyname(path)) 1564 printf("setrootbyname failed\n"); 1565 1566 /* If the root device is a type "memory disk", mount RW */ 1567 if (rootdev != NODEV && devsw(rootdev) != NULL) { 1568 devname = devtoname(rootdev); 1569 if (devname[0] == 'm' && devname[1] == 'd') 1570 mp->mnt_flag &= ~MNT_RDONLY; 1571 } 1572 1573 /* 1574 * Set the mount path to be something useful, because the 1575 * filesystem code isn't responsible now for initialising 1576 * f_mntonname unless they want to override the default 1577 * (which is `path'.) 1578 */ 1579 strlcpy(mp->mnt_stat.f_mntonname, "/", MNAMELEN); 1580 1581 error = VFS_MOUNT(mp, NULL, NULL, NULL, curthread); 1582 1583 done: 1584 if (vfsname != NULL) 1585 free(vfsname, M_MOUNT); 1586 if (path != NULL) 1587 free(path, M_MOUNT); 1588 if (error != 0) { 1589 if (mp != NULL) { 1590 vfs_unbusy(mp, curthread); 1591 #ifdef MAC 1592 mac_destroy_mount(mp); 1593 #endif 1594 crfree(mp->mnt_cred); 1595 free(mp, M_MOUNT); 1596 } 1597 printf("Root mount failed: %d\n", error); 1598 } else { 1599 1600 /* register with list of mounted filesystems */ 1601 mtx_lock(&mountlist_mtx); 1602 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1603 mtx_unlock(&mountlist_mtx); 1604 1605 /* sanity check system clock against root fs timestamp */ 1606 inittodr(mp->mnt_time); 1607 vfs_unbusy(mp, curthread); 1608 error = VFS_START(mp, 0, curthread); 1609 } 1610 return(error); 1611 } 1612 1613 /* 1614 * Spin prompting on the console for a suitable root filesystem 1615 */ 1616 static int 1617 vfs_mountroot_ask(void) 1618 { 1619 char name[128]; 1620 1621 for(;;) { 1622 printf("\nManual root filesystem specification:\n"); 1623 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1624 #if defined(__i386__) || defined(__ia64__) 1625 printf(" eg. ufs:da0s1a\n"); 1626 #else 1627 printf(" eg. ufs:/dev/da0a\n"); 1628 #endif 1629 printf(" ? List valid disk boot devices\n"); 1630 printf(" <empty line> Abort manual input\n"); 1631 printf("\nmountroot> "); 1632 gets(name); 1633 if (name[0] == 0) 1634 return(1); 1635 if (name[0] == '?') { 1636 printf("\nList of GEOM managed disk devices:\n "); 1637 g_dev_print(); 1638 continue; 1639 } 1640 if (!vfs_mountroot_try(name)) 1641 return(0); 1642 } 1643 } 1644 1645 /* 1646 * Local helper function for vfs_mountroot_ask. 1647 */ 1648 static void 1649 gets(char *cp) 1650 { 1651 char *lp; 1652 int c; 1653 1654 lp = cp; 1655 for (;;) { 1656 printf("%c", c = cngetc() & 0177); 1657 switch (c) { 1658 case -1: 1659 case '\n': 1660 case '\r': 1661 *lp++ = '\0'; 1662 return; 1663 case '\b': 1664 case '\177': 1665 if (lp > cp) { 1666 printf(" \b"); 1667 lp--; 1668 } 1669 continue; 1670 case '#': 1671 lp--; 1672 if (lp < cp) 1673 lp = cp; 1674 continue; 1675 case '@': 1676 case 'u' & 037: 1677 lp = cp; 1678 printf("%c", '\n'); 1679 continue; 1680 default: 1681 *lp++ = c; 1682 } 1683 } 1684 } 1685 1686 /* 1687 * Convert a given name to the dev_t of the disk-like device 1688 * it refers to. 1689 */ 1690 dev_t 1691 getdiskbyname(char *name) { 1692 char *cp; 1693 dev_t dev; 1694 1695 cp = name; 1696 if (!bcmp(cp, "/dev/", 5)) 1697 cp += 5; 1698 1699 dev = NODEV; 1700 EVENTHANDLER_INVOKE(dev_clone, cp, strlen(cp), &dev); 1701 return (dev); 1702 } 1703 1704 /* 1705 * Set rootdev to match (name), given that we expect it to 1706 * refer to a disk-like device. 1707 */ 1708 static int 1709 setrootbyname(char *name) 1710 { 1711 dev_t diskdev; 1712 1713 diskdev = getdiskbyname(name); 1714 if (diskdev != NODEV) { 1715 rootdev = diskdev; 1716 return (0); 1717 } 1718 1719 return (1); 1720 } 1721 1722 /* Show the dev_t for a disk specified by name */ 1723 #ifdef DDB 1724 DB_SHOW_COMMAND(disk, db_getdiskbyname) 1725 { 1726 dev_t dev; 1727 1728 if (modif[0] == '\0') { 1729 db_error("usage: show disk/devicename"); 1730 return; 1731 } 1732 dev = getdiskbyname(modif); 1733 if (dev != NODEV) 1734 db_printf("dev_t = %p\n", dev); 1735 else 1736 db_printf("No disk device matched.\n"); 1737 } 1738 #endif 1739 1740 /* 1741 * Get a mount option by its name. 1742 * 1743 * Return 0 if the option was found, ENOENT otherwise. 1744 * If len is non-NULL it will be filled with the length 1745 * of the option. If buf is non-NULL, it will be filled 1746 * with the address of the option. 1747 */ 1748 int 1749 vfs_getopt(opts, name, buf, len) 1750 struct vfsoptlist *opts; 1751 const char *name; 1752 void **buf; 1753 int *len; 1754 { 1755 struct vfsopt *opt; 1756 1757 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1758 1759 TAILQ_FOREACH(opt, opts, link) { 1760 if (strcmp(name, opt->name) == 0) { 1761 if (len != NULL) 1762 *len = opt->len; 1763 if (buf != NULL) 1764 *buf = opt->value; 1765 return (0); 1766 } 1767 } 1768 return (ENOENT); 1769 } 1770 1771 /* 1772 * Find and copy a mount option. 1773 * 1774 * The size of the buffer has to be specified 1775 * in len, if it is not the same length as the 1776 * mount option, EINVAL is returned. 1777 * Returns ENOENT if the option is not found. 1778 */ 1779 int 1780 vfs_copyopt(opts, name, dest, len) 1781 struct vfsoptlist *opts; 1782 const char *name; 1783 void *dest; 1784 int len; 1785 { 1786 struct vfsopt *opt; 1787 1788 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL")); 1789 1790 TAILQ_FOREACH(opt, opts, link) { 1791 if (strcmp(name, opt->name) == 0) { 1792 if (len != opt->len) 1793 return (EINVAL); 1794 bcopy(opt->value, dest, opt->len); 1795 return (0); 1796 } 1797 } 1798 return (ENOENT); 1799 } 1800