1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * Copyright (c) 1999 Michael Smith 39 * All rights reserved. 40 * Copyright (c) 1999 Poul-Henning Kamp 41 * All rights reserved. 42 * 43 * Redistribution and use in source and binary forms, with or without 44 * modification, are permitted provided that the following conditions 45 * are met: 46 * 1. Redistributions of source code must retain the above copyright 47 * notice, this list of conditions and the following disclaimer. 48 * 2. Redistributions in binary form must reproduce the above copyright 49 * notice, this list of conditions and the following disclaimer in the 50 * documentation and/or other materials provided with the distribution. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 * 64 * $FreeBSD$ 65 */ 66 67 #include <sys/param.h> 68 #include <sys/conf.h> 69 #include <sys/cons.h> 70 #include <sys/kernel.h> 71 #include <sys/linker.h> 72 #include <sys/mac.h> 73 #include <sys/malloc.h> 74 #include <sys/mount.h> 75 #include <sys/mutex.h> 76 #include <sys/namei.h> 77 #include <sys/proc.h> 78 #include <sys/reboot.h> 79 #include <sys/sysproto.h> 80 #include <sys/sx.h> 81 #include <sys/sysctl.h> 82 #include <sys/sysent.h> 83 #include <sys/systm.h> 84 #include <sys/vnode.h> 85 86 #include <machine/stdarg.h> 87 88 #include "opt_rootdevname.h" 89 #include "opt_ddb.h" 90 #include "opt_mac.h" 91 92 #ifdef DDB 93 #include <ddb/ddb.h> 94 #endif 95 96 #define ROOTNAME "root_device" 97 98 static void checkdirs(struct vnode *olddp, struct vnode *newdp); 99 static int vfs_nmount(struct thread *td, int, struct uio *); 100 static int vfs_mountroot_try(char *mountfrom); 101 static int vfs_mountroot_ask(void); 102 static void gets(char *cp); 103 104 static int usermount = 0; /* if 1, non-root can mount fs. */ 105 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, ""); 106 107 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 108 109 /* List of mounted filesystems. */ 110 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 111 112 /* For any iteration/modification of mountlist */ 113 struct mtx mountlist_mtx; 114 115 /* For any iteration/modification of mnt_vnodelist */ 116 struct mtx mntvnode_mtx; 117 118 /* 119 * The vnode of the system's root (/ in the filesystem, without chroot 120 * active.) 121 */ 122 struct vnode *rootvnode; 123 124 /* 125 * The root filesystem is detailed in the kernel environment variable 126 * vfs.root.mountfrom, which is expected to be in the general format 127 * 128 * <vfsname>:[<path>] 129 * vfsname := the name of a VFS known to the kernel and capable 130 * of being mounted as root 131 * path := disk device name or other data used by the filesystem 132 * to locate its physical store 133 */ 134 135 /* 136 * The root specifiers we will try if RB_CDROM is specified. 137 */ 138 static char *cdrom_rootdevnames[] = { 139 "cd9660:cd0a", 140 "cd9660:acd0a", 141 "cd9660:wcd0a", 142 NULL 143 }; 144 145 /* legacy find-root code */ 146 char *rootdevnames[2] = {NULL, NULL}; 147 static int setrootbyname(char *name); 148 dev_t rootdev = NODEV; 149 150 /* Remove one mount option. */ 151 static void 152 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 153 { 154 155 TAILQ_REMOVE(opts, opt, link); 156 free(opt->name, M_MOUNT); 157 if (opt->value != NULL) 158 free(opt->value, M_MOUNT); 159 #ifdef INVARIANTS 160 else if (opt->len != 0) 161 panic("%s: mount option with NULL value but length != 0", 162 __func__); 163 #endif 164 free(opt, M_MOUNT); 165 } 166 167 /* Release all resources related to the mount options. */ 168 static void 169 vfs_freeopts(struct vfsoptlist *opts) 170 { 171 struct vfsopt *opt; 172 173 while (!TAILQ_EMPTY(opts)) { 174 opt = TAILQ_FIRST(opts); 175 vfs_freeopt(opts, opt); 176 } 177 free(opts, M_MOUNT); 178 } 179 180 /* 181 * If a mount option is specified several times, 182 * (with or without the "no" prefix) only keep 183 * the last occurence of it. 184 */ 185 static void 186 vfs_sanitizeopts(struct vfsoptlist *opts) 187 { 188 struct vfsopt *opt, *opt2, *tmp; 189 int noopt; 190 191 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 192 if (strncmp(opt->name, "no", 2) == 0) 193 noopt = 1; 194 else 195 noopt = 0; 196 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 197 while (opt2 != NULL) { 198 if (strcmp(opt2->name, opt->name) == 0 || 199 (noopt && strcmp(opt->name + 2, opt2->name) == 0) || 200 (!noopt && strncmp(opt2->name, "no", 2) == 0 && 201 strcmp(opt2->name + 2, opt->name) == 0)) { 202 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 203 vfs_freeopt(opts, opt2); 204 opt2 = tmp; 205 } else { 206 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 207 } 208 } 209 } 210 } 211 212 /* 213 * Build a linked list of mount options from a struct uio. 214 */ 215 static int 216 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 217 { 218 struct vfsoptlist *opts; 219 struct vfsopt *opt; 220 unsigned int i, iovcnt; 221 int error, namelen, optlen; 222 223 iovcnt = auio->uio_iovcnt; 224 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 225 TAILQ_INIT(opts); 226 for (i = 0; i < iovcnt; i += 2) { 227 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 228 namelen = auio->uio_iov[i].iov_len; 229 optlen = auio->uio_iov[i + 1].iov_len; 230 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 231 opt->value = NULL; 232 if (auio->uio_segflg == UIO_SYSSPACE) { 233 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 234 } else { 235 error = copyin(auio->uio_iov[i].iov_base, opt->name, 236 namelen); 237 if (error) 238 goto bad; 239 } 240 opt->len = optlen; 241 if (optlen != 0) { 242 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 243 if (auio->uio_segflg == UIO_SYSSPACE) { 244 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 245 optlen); 246 } else { 247 error = copyin(auio->uio_iov[i + 1].iov_base, 248 opt->value, optlen); 249 if (error) 250 goto bad; 251 } 252 } 253 TAILQ_INSERT_TAIL(opts, opt, link); 254 } 255 vfs_sanitizeopts(opts); 256 *options = opts; 257 return (0); 258 bad: 259 vfs_freeopts(opts); 260 return (error); 261 } 262 263 /* 264 * Merge the old mount options with the new ones passed 265 * in the MNT_UPDATE case. 266 */ 267 static void 268 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 269 { 270 struct vfsopt *opt, *opt2, *new; 271 272 TAILQ_FOREACH(opt, opts, link) { 273 /* 274 * Check that this option hasn't been redefined 275 * nor cancelled with a "no" mount option. 276 */ 277 opt2 = TAILQ_FIRST(toopts); 278 while (opt2 != NULL) { 279 if (strcmp(opt2->name, opt->name) == 0) 280 goto next; 281 if (strncmp(opt2->name, "no", 2) == 0 && 282 strcmp(opt2->name + 2, opt->name) == 0) { 283 vfs_freeopt(toopts, opt2); 284 goto next; 285 } 286 opt2 = TAILQ_NEXT(opt2, link); 287 } 288 /* We want this option, duplicate it. */ 289 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 290 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 291 strcpy(new->name, opt->name); 292 if (opt->len != 0) { 293 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 294 bcopy(opt->value, new->value, opt->len); 295 } else { 296 new->value = NULL; 297 } 298 new->len = opt->len; 299 TAILQ_INSERT_TAIL(toopts, new, link); 300 next: 301 continue; 302 } 303 } 304 305 /* 306 * New mount API. 307 */ 308 int 309 nmount(td, uap) 310 struct thread *td; 311 struct nmount_args /* { 312 syscallarg(struct iovec *) iovp; 313 syscallarg(unsigned int) iovcnt; 314 syscallarg(int) flags; 315 } */ *uap; 316 { 317 struct uio auio; 318 struct iovec *iov, *needfree; 319 struct iovec aiov[UIO_SMALLIOV]; 320 unsigned int i; 321 int error; 322 u_int iovlen, iovcnt; 323 324 iovcnt = SCARG(uap, iovcnt); 325 iovlen = iovcnt * sizeof (struct iovec); 326 /* 327 * Check that we have an even number of iovec's 328 * and that we have at least two options. 329 */ 330 if ((iovcnt & 1) || (iovcnt < 4) || (iovcnt > UIO_MAXIOV)) 331 return (EINVAL); 332 333 if (iovcnt > UIO_SMALLIOV) { 334 MALLOC(iov, struct iovec *, iovlen, M_IOV, M_WAITOK); 335 needfree = iov; 336 } else { 337 iov = aiov; 338 needfree = NULL; 339 } 340 auio.uio_iov = iov; 341 auio.uio_iovcnt = iovcnt; 342 auio.uio_segflg = UIO_USERSPACE; 343 if ((error = copyin(uap->iovp, iov, iovlen))) 344 goto finish; 345 346 for (i = 0; i < iovcnt; i++) { 347 if (iov->iov_len > MMAXOPTIONLEN) { 348 error = EINVAL; 349 goto finish; 350 } 351 iov++; 352 } 353 error = vfs_nmount(td, SCARG(uap, flags), &auio); 354 finish: 355 if (needfree != NULL) 356 free(needfree, M_TEMP); 357 return (error); 358 } 359 360 int 361 kernel_mount(iovp, iovcnt, flags) 362 struct iovec *iovp; 363 unsigned int iovcnt; 364 int flags; 365 { 366 struct uio auio; 367 int error; 368 369 /* 370 * Check that we have an even number of iovec's 371 * and that we have at least two options. 372 */ 373 if ((iovcnt & 1) || (iovcnt < 4)) 374 return (EINVAL); 375 376 auio.uio_iov = iovp; 377 auio.uio_iovcnt = iovcnt; 378 auio.uio_segflg = UIO_SYSSPACE; 379 380 error = vfs_nmount(curthread, flags, &auio); 381 return (error); 382 } 383 384 int 385 kernel_vmount(int flags, ...) 386 { 387 struct iovec *iovp; 388 struct uio auio; 389 va_list ap; 390 unsigned int iovcnt, iovlen, len; 391 const char *cp; 392 char *buf, *pos; 393 size_t n; 394 int error, i; 395 396 len = 0; 397 va_start(ap, flags); 398 for (iovcnt = 0; (cp = va_arg(ap, const char *)) != NULL; iovcnt++) 399 len += strlen(cp) + 1; 400 va_end(ap); 401 402 if (iovcnt < 4 || iovcnt & 1) 403 return (EINVAL); 404 405 iovlen = iovcnt * sizeof (struct iovec); 406 MALLOC(iovp, struct iovec *, iovlen, M_MOUNT, M_WAITOK); 407 MALLOC(buf, char *, len, M_MOUNT, M_WAITOK); 408 pos = buf; 409 va_start(ap, flags); 410 for (i = 0; i < iovcnt; i++) { 411 cp = va_arg(ap, const char *); 412 copystr(cp, pos, len - (pos - buf), &n); 413 iovp[i].iov_base = pos; 414 iovp[i].iov_len = n; 415 pos += n; 416 } 417 va_end(ap); 418 419 auio.uio_iov = iovp; 420 auio.uio_iovcnt = iovcnt; 421 auio.uio_segflg = UIO_SYSSPACE; 422 423 error = vfs_nmount(curthread, flags, &auio); 424 FREE(iovp, M_MOUNT); 425 FREE(buf, M_MOUNT); 426 return (error); 427 } 428 429 /* 430 * vfs_nmount(): actually attempt a filesystem mount. 431 */ 432 static int 433 vfs_nmount(td, fsflags, fsoptions) 434 struct thread *td; 435 int fsflags; /* Flags common to all filesystems. */ 436 struct uio *fsoptions; /* Options local to the filesystem. */ 437 { 438 linker_file_t lf; 439 struct vnode *vp; 440 struct mount *mp; 441 struct vfsconf *vfsp; 442 struct vfsoptlist *optlist; 443 char *fstype, *fspath; 444 int error, flag = 0, kern_flag = 0; 445 int fstypelen, fspathlen; 446 struct vattr va; 447 struct nameidata nd; 448 449 error = vfs_buildopts(fsoptions, &optlist); 450 if (error) 451 return (error); 452 453 /* 454 * We need these two options before the others, 455 * and they are mandatory for any filesystem. 456 * Ensure they are NUL terminated as well. 457 */ 458 fstypelen = 0; 459 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 460 if (error || fstype[fstypelen - 1] != '\0') { 461 error = EINVAL; 462 goto bad; 463 } 464 fspathlen = 0; 465 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 466 if (error || fspath[fspathlen - 1] != '\0') { 467 error = EINVAL; 468 goto bad; 469 } 470 471 /* 472 * Be ultra-paranoid about making sure the type and fspath 473 * variables will fit in our mp buffers, including the 474 * terminating NUL. 475 */ 476 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 477 error = ENAMETOOLONG; 478 goto bad; 479 } 480 481 if (usermount == 0) { 482 error = suser(td); 483 if (error) 484 goto bad; 485 } 486 /* 487 * Do not allow NFS export by non-root users. 488 */ 489 if (fsflags & MNT_EXPORTED) { 490 error = suser(td); 491 if (error) 492 goto bad; 493 } 494 /* 495 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 496 */ 497 if (suser(td)) 498 fsflags |= MNT_NOSUID | MNT_NODEV; 499 /* 500 * Get vnode to be covered 501 */ 502 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 503 if ((error = namei(&nd)) != 0) 504 goto bad; 505 NDFREE(&nd, NDF_ONLY_PNBUF); 506 vp = nd.ni_vp; 507 if (fsflags & MNT_UPDATE) { 508 if ((vp->v_vflag & VV_ROOT) == 0) { 509 vput(vp); 510 error = EINVAL; 511 goto bad; 512 } 513 mp = vp->v_mount; 514 flag = mp->mnt_flag; 515 kern_flag = mp->mnt_kern_flag; 516 /* 517 * We only allow the filesystem to be reloaded if it 518 * is currently mounted read-only. 519 */ 520 if ((fsflags & MNT_RELOAD) && 521 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 522 vput(vp); 523 error = EOPNOTSUPP; /* Needs translation */ 524 goto bad; 525 } 526 /* 527 * Only root, or the user that did the original mount is 528 * permitted to update it. 529 */ 530 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 531 error = suser(td); 532 if (error) { 533 vput(vp); 534 goto bad; 535 } 536 } 537 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 538 vput(vp); 539 error = EBUSY; 540 goto bad; 541 } 542 VI_LOCK(vp); 543 if ((vp->v_iflag & VI_MOUNT) != 0 || 544 vp->v_mountedhere != NULL) { 545 VI_UNLOCK(vp); 546 vfs_unbusy(mp, td); 547 vput(vp); 548 error = EBUSY; 549 goto bad; 550 } 551 vp->v_iflag |= VI_MOUNT; 552 VI_UNLOCK(vp); 553 mp->mnt_flag |= fsflags & 554 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 555 VOP_UNLOCK(vp, 0, td); 556 mp->mnt_optnew = optlist; 557 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 558 goto update; 559 } 560 /* 561 * If the user is not root, ensure that they own the directory 562 * onto which we are attempting to mount. 563 */ 564 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 565 if (error) { 566 vput(vp); 567 goto bad; 568 } 569 if (va.va_uid != td->td_ucred->cr_uid) { 570 error = suser(td); 571 if (error) { 572 vput(vp); 573 goto bad; 574 } 575 } 576 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 577 vput(vp); 578 goto bad; 579 } 580 if (vp->v_type != VDIR) { 581 vput(vp); 582 error = ENOTDIR; 583 goto bad; 584 } 585 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 586 if (!strcmp(vfsp->vfc_name, fstype)) 587 break; 588 if (vfsp == NULL) { 589 /* Only load modules for root (very important!). */ 590 error = suser(td); 591 if (error) { 592 vput(vp); 593 goto bad; 594 } 595 error = securelevel_gt(td->td_ucred, 0); 596 if (error) { 597 vput(vp); 598 goto bad; 599 } 600 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 601 if (error || lf == NULL) { 602 vput(vp); 603 if (lf == NULL) 604 error = ENODEV; 605 goto bad; 606 } 607 lf->userrefs++; 608 /* Look up again to see if the VFS was loaded. */ 609 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 610 if (!strcmp(vfsp->vfc_name, fstype)) 611 break; 612 if (vfsp == NULL) { 613 lf->userrefs--; 614 linker_file_unload(lf); 615 vput(vp); 616 error = ENODEV; 617 goto bad; 618 } 619 } 620 VI_LOCK(vp); 621 if ((vp->v_iflag & VI_MOUNT) != 0 || 622 vp->v_mountedhere != NULL) { 623 VI_UNLOCK(vp); 624 vput(vp); 625 error = EBUSY; 626 goto bad; 627 } 628 vp->v_iflag |= VI_MOUNT; 629 VI_UNLOCK(vp); 630 631 /* 632 * Allocate and initialize the filesystem. 633 */ 634 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 635 TAILQ_INIT(&mp->mnt_nvnodelist); 636 TAILQ_INIT(&mp->mnt_reservedvnlist); 637 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 638 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 639 mp->mnt_op = vfsp->vfc_vfsops; 640 mp->mnt_vfc = vfsp; 641 vfsp->vfc_refcount++; 642 mp->mnt_stat.f_type = vfsp->vfc_typenum; 643 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 644 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 645 mp->mnt_vnodecovered = vp; 646 mp->mnt_cred = crdup(td->td_ucred); 647 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 648 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 649 mp->mnt_iosize_max = DFLTPHYS; 650 #ifdef MAC 651 mac_init_mount(mp); 652 mac_create_mount(td->td_ucred, mp); 653 #endif 654 VOP_UNLOCK(vp, 0, td); 655 mp->mnt_optnew = optlist; /* XXXMAC: should this be above? */ 656 657 update: 658 /* 659 * Check if the fs implements the new VFS_NMOUNT() 660 * function, since the new system call was used. 661 */ 662 if (mp->mnt_op->vfs_mount != NULL) { 663 printf("%s doesn't support the new mount syscall\n", 664 mp->mnt_vfc->vfc_name); 665 VI_LOCK(vp); 666 vp->v_iflag &= ~VI_MOUNT; 667 VI_UNLOCK(vp); 668 if (mp->mnt_flag & MNT_UPDATE) 669 vfs_unbusy(mp, td); 670 else { 671 mp->mnt_vfc->vfc_refcount--; 672 vfs_unbusy(mp, td); 673 #ifdef MAC 674 mac_destroy_mount(mp); 675 #endif 676 free(mp, M_MOUNT); 677 } 678 vrele(vp); 679 error = EOPNOTSUPP; 680 goto bad; 681 } 682 683 /* 684 * Set the mount level flags. 685 */ 686 if (fsflags & MNT_RDONLY) 687 mp->mnt_flag |= MNT_RDONLY; 688 else if (mp->mnt_flag & MNT_RDONLY) 689 mp->mnt_kern_flag |= MNTK_WANTRDWR; 690 mp->mnt_flag &=~ MNT_UPDATEMASK; 691 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 692 /* 693 * Mount the filesystem. 694 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 695 * get. No freeing of cn_pnbuf. 696 */ 697 error = VFS_NMOUNT(mp, &nd, td); 698 if (!error) { 699 if (mp->mnt_opt != NULL) 700 vfs_freeopts(mp->mnt_opt); 701 mp->mnt_opt = mp->mnt_optnew; 702 } 703 /* 704 * Prevent external consumers of mount 705 * options to read mnt_optnew. 706 */ 707 mp->mnt_optnew = NULL; 708 if (mp->mnt_flag & MNT_UPDATE) { 709 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 710 mp->mnt_flag &= ~MNT_RDONLY; 711 mp->mnt_flag &=~ 712 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 713 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 714 if (error) { 715 mp->mnt_flag = flag; 716 mp->mnt_kern_flag = kern_flag; 717 } 718 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 719 if (mp->mnt_syncer == NULL) 720 error = vfs_allocate_syncvnode(mp); 721 } else { 722 if (mp->mnt_syncer != NULL) 723 vrele(mp->mnt_syncer); 724 mp->mnt_syncer = NULL; 725 } 726 vfs_unbusy(mp, td); 727 VI_LOCK(vp); 728 vp->v_iflag &= ~VI_MOUNT; 729 VI_UNLOCK(vp); 730 vrele(vp); 731 return (error); 732 } 733 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 734 /* 735 * Put the new filesystem on the mount list after root. 736 */ 737 cache_purge(vp); 738 if (!error) { 739 struct vnode *newdp; 740 741 VI_LOCK(vp); 742 vp->v_iflag &= ~VI_MOUNT; 743 VI_UNLOCK(vp); 744 vp->v_mountedhere = mp; 745 mtx_lock(&mountlist_mtx); 746 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 747 mtx_unlock(&mountlist_mtx); 748 if (VFS_ROOT(mp, &newdp)) 749 panic("mount: lost mount"); 750 checkdirs(vp, newdp); 751 vput(newdp); 752 VOP_UNLOCK(vp, 0, td); 753 if ((mp->mnt_flag & MNT_RDONLY) == 0) 754 error = vfs_allocate_syncvnode(mp); 755 vfs_unbusy(mp, td); 756 if ((error = VFS_START(mp, 0, td)) != 0) { 757 vrele(vp); 758 goto bad; 759 } 760 } else { 761 VI_LOCK(vp); 762 vp->v_iflag &= ~VI_MOUNT; 763 VI_UNLOCK(vp); 764 mp->mnt_vfc->vfc_refcount--; 765 vfs_unbusy(mp, td); 766 #ifdef MAC 767 mac_destroy_mount(mp); 768 #endif 769 free(mp, M_MOUNT); 770 vput(vp); 771 goto bad; 772 } 773 return (0); 774 bad: 775 vfs_freeopts(optlist); 776 return (error); 777 } 778 779 /* 780 * Old mount API. 781 */ 782 #ifndef _SYS_SYSPROTO_H_ 783 struct mount_args { 784 char *type; 785 char *path; 786 int flags; 787 caddr_t data; 788 }; 789 #endif 790 /* ARGSUSED */ 791 int 792 mount(td, uap) 793 struct thread *td; 794 struct mount_args /* { 795 syscallarg(char *) type; 796 syscallarg(char *) path; 797 syscallarg(int) flags; 798 syscallarg(caddr_t) data; 799 } */ *uap; 800 { 801 char *fstype; 802 char *fspath; 803 int error; 804 805 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 806 fspath = malloc(MNAMELEN, M_TEMP, M_WAITOK); 807 808 /* 809 * vfs_mount() actually takes a kernel string for `type' and 810 * `path' now, so extract them. 811 */ 812 error = copyinstr(SCARG(uap, type), fstype, MFSNAMELEN, NULL); 813 if (error == 0) 814 error = copyinstr(SCARG(uap, path), fspath, MNAMELEN, NULL); 815 if (error == 0) 816 error = vfs_mount(td, fstype, fspath, SCARG(uap, flags), 817 SCARG(uap, data)); 818 free(fstype, M_TEMP); 819 free(fspath, M_TEMP); 820 return (error); 821 } 822 823 /* 824 * vfs_mount(): actually attempt a filesystem mount. 825 * 826 * This routine is designed to be a "generic" entry point for routines 827 * that wish to mount a filesystem. All parameters except `fsdata' are 828 * pointers into kernel space. `fsdata' is currently still a pointer 829 * into userspace. 830 */ 831 int 832 vfs_mount(td, fstype, fspath, fsflags, fsdata) 833 struct thread *td; 834 const char *fstype; 835 char *fspath; 836 int fsflags; 837 void *fsdata; 838 { 839 linker_file_t lf; 840 struct vnode *vp; 841 struct mount *mp; 842 struct vfsconf *vfsp; 843 int error, flag = 0, kern_flag = 0; 844 struct vattr va; 845 struct nameidata nd; 846 847 /* 848 * Be ultra-paranoid about making sure the type and fspath 849 * variables will fit in our mp buffers, including the 850 * terminating NUL. 851 */ 852 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 853 return (ENAMETOOLONG); 854 855 if (usermount == 0) { 856 error = suser(td); 857 if (error) 858 return (error); 859 } 860 /* 861 * Do not allow NFS export by non-root users. 862 */ 863 if (fsflags & MNT_EXPORTED) { 864 error = suser(td); 865 if (error) 866 return (error); 867 } 868 /* 869 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 870 */ 871 if (suser(td)) 872 fsflags |= MNT_NOSUID | MNT_NODEV; 873 /* 874 * Get vnode to be covered 875 */ 876 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 877 if ((error = namei(&nd)) != 0) 878 return (error); 879 NDFREE(&nd, NDF_ONLY_PNBUF); 880 vp = nd.ni_vp; 881 if (fsflags & MNT_UPDATE) { 882 if ((vp->v_vflag & VV_ROOT) == 0) { 883 vput(vp); 884 return (EINVAL); 885 } 886 mp = vp->v_mount; 887 flag = mp->mnt_flag; 888 kern_flag = mp->mnt_kern_flag; 889 /* 890 * We only allow the filesystem to be reloaded if it 891 * is currently mounted read-only. 892 */ 893 if ((fsflags & MNT_RELOAD) && 894 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 895 vput(vp); 896 return (EOPNOTSUPP); /* Needs translation */ 897 } 898 /* 899 * Only root, or the user that did the original mount is 900 * permitted to update it. 901 */ 902 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 903 error = suser(td); 904 if (error) { 905 vput(vp); 906 return (error); 907 } 908 } 909 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 910 vput(vp); 911 return (EBUSY); 912 } 913 VI_LOCK(vp); 914 if ((vp->v_iflag & VI_MOUNT) != 0 || 915 vp->v_mountedhere != NULL) { 916 VI_UNLOCK(vp); 917 vfs_unbusy(mp, td); 918 vput(vp); 919 return (EBUSY); 920 } 921 vp->v_iflag |= VI_MOUNT; 922 VI_UNLOCK(vp); 923 mp->mnt_flag |= fsflags & 924 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 925 VOP_UNLOCK(vp, 0, td); 926 goto update; 927 } 928 /* 929 * If the user is not root, ensure that they own the directory 930 * onto which we are attempting to mount. 931 */ 932 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 933 if (error) { 934 vput(vp); 935 return (error); 936 } 937 if (va.va_uid != td->td_ucred->cr_uid) { 938 error = suser(td); 939 if (error) { 940 vput(vp); 941 return (error); 942 } 943 } 944 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 945 vput(vp); 946 return (error); 947 } 948 if (vp->v_type != VDIR) { 949 vput(vp); 950 return (ENOTDIR); 951 } 952 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 953 if (!strcmp(vfsp->vfc_name, fstype)) 954 break; 955 if (vfsp == NULL) { 956 /* Only load modules for root (very important!). */ 957 error = suser(td); 958 if (error) { 959 vput(vp); 960 return (error); 961 } 962 error = securelevel_gt(td->td_ucred, 0); 963 if (error) { 964 vput(vp); 965 return (error); 966 } 967 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 968 if (error || lf == NULL) { 969 vput(vp); 970 if (lf == NULL) 971 error = ENODEV; 972 return (error); 973 } 974 lf->userrefs++; 975 /* Look up again to see if the VFS was loaded. */ 976 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 977 if (!strcmp(vfsp->vfc_name, fstype)) 978 break; 979 if (vfsp == NULL) { 980 lf->userrefs--; 981 linker_file_unload(lf); 982 vput(vp); 983 return (ENODEV); 984 } 985 } 986 VI_LOCK(vp); 987 if ((vp->v_iflag & VI_MOUNT) != 0 || 988 vp->v_mountedhere != NULL) { 989 VI_UNLOCK(vp); 990 vput(vp); 991 return (EBUSY); 992 } 993 vp->v_iflag |= VI_MOUNT; 994 VI_UNLOCK(vp); 995 996 /* 997 * Allocate and initialize the filesystem. 998 */ 999 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1000 TAILQ_INIT(&mp->mnt_nvnodelist); 1001 TAILQ_INIT(&mp->mnt_reservedvnlist); 1002 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1003 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1004 mp->mnt_op = vfsp->vfc_vfsops; 1005 mp->mnt_vfc = vfsp; 1006 vfsp->vfc_refcount++; 1007 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1008 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1009 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 1010 mp->mnt_vnodecovered = vp; 1011 mp->mnt_cred = crdup(td->td_ucred); 1012 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 1013 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 1014 mp->mnt_iosize_max = DFLTPHYS; 1015 #ifdef MAC 1016 mac_init_mount(mp); 1017 mac_create_mount(td->td_ucred, mp); 1018 #endif 1019 VOP_UNLOCK(vp, 0, td); 1020 update: 1021 /* 1022 * Check if the fs implements the old VFS_MOUNT() 1023 * function, since the old system call was used. 1024 */ 1025 if (mp->mnt_op->vfs_mount == NULL) { 1026 printf("%s doesn't support the old mount syscall\n", 1027 mp->mnt_vfc->vfc_name); 1028 VI_LOCK(vp); 1029 vp->v_iflag &= ~VI_MOUNT; 1030 VI_UNLOCK(vp); 1031 if (mp->mnt_flag & MNT_UPDATE) 1032 vfs_unbusy(mp, td); 1033 else { 1034 mp->mnt_vfc->vfc_refcount--; 1035 vfs_unbusy(mp, td); 1036 #ifdef MAC 1037 mac_destroy_mount(mp); 1038 #endif 1039 free(mp, M_MOUNT); 1040 } 1041 vrele(vp); 1042 return (EOPNOTSUPP); 1043 } 1044 1045 /* 1046 * Set the mount level flags. 1047 */ 1048 if (fsflags & MNT_RDONLY) 1049 mp->mnt_flag |= MNT_RDONLY; 1050 else if (mp->mnt_flag & MNT_RDONLY) 1051 mp->mnt_kern_flag |= MNTK_WANTRDWR; 1052 mp->mnt_flag &=~ MNT_UPDATEMASK; 1053 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 1054 /* 1055 * Mount the filesystem. 1056 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 1057 * get. No freeing of cn_pnbuf. 1058 */ 1059 error = VFS_MOUNT(mp, fspath, fsdata, &nd, td); 1060 if (mp->mnt_flag & MNT_UPDATE) { 1061 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 1062 mp->mnt_flag &= ~MNT_RDONLY; 1063 mp->mnt_flag &=~ 1064 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 1065 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 1066 if (error) { 1067 mp->mnt_flag = flag; 1068 mp->mnt_kern_flag = kern_flag; 1069 } 1070 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 1071 if (mp->mnt_syncer == NULL) 1072 error = vfs_allocate_syncvnode(mp); 1073 } else { 1074 if (mp->mnt_syncer != NULL) 1075 vrele(mp->mnt_syncer); 1076 mp->mnt_syncer = NULL; 1077 } 1078 vfs_unbusy(mp, td); 1079 VI_LOCK(vp); 1080 vp->v_iflag &= ~VI_MOUNT; 1081 VI_UNLOCK(vp); 1082 vrele(vp); 1083 return (error); 1084 } 1085 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 1086 /* 1087 * Put the new filesystem on the mount list after root. 1088 */ 1089 cache_purge(vp); 1090 if (!error) { 1091 struct vnode *newdp; 1092 1093 VI_LOCK(vp); 1094 vp->v_iflag &= ~VI_MOUNT; 1095 VI_UNLOCK(vp); 1096 vp->v_mountedhere = mp; 1097 mtx_lock(&mountlist_mtx); 1098 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1099 mtx_unlock(&mountlist_mtx); 1100 if (VFS_ROOT(mp, &newdp)) 1101 panic("mount: lost mount"); 1102 checkdirs(vp, newdp); 1103 vput(newdp); 1104 VOP_UNLOCK(vp, 0, td); 1105 if ((mp->mnt_flag & MNT_RDONLY) == 0) 1106 error = vfs_allocate_syncvnode(mp); 1107 vfs_unbusy(mp, td); 1108 if ((error = VFS_START(mp, 0, td)) != 0) 1109 vrele(vp); 1110 } else { 1111 VI_LOCK(vp); 1112 vp->v_iflag &= ~VI_MOUNT; 1113 VI_UNLOCK(vp); 1114 mp->mnt_vfc->vfc_refcount--; 1115 vfs_unbusy(mp, td); 1116 #ifdef MAC 1117 mac_destroy_mount(mp); 1118 #endif 1119 free(mp, M_MOUNT); 1120 vput(vp); 1121 } 1122 return (error); 1123 } 1124 1125 /* 1126 * Scan all active processes to see if any of them have a current 1127 * or root directory of `olddp'. If so, replace them with the new 1128 * mount point. 1129 */ 1130 static void 1131 checkdirs(olddp, newdp) 1132 struct vnode *olddp, *newdp; 1133 { 1134 struct filedesc *fdp; 1135 struct proc *p; 1136 int nrele; 1137 1138 if (vrefcnt(olddp) == 1) 1139 return; 1140 sx_slock(&allproc_lock); 1141 LIST_FOREACH(p, &allproc, p_list) { 1142 PROC_LOCK(p); 1143 fdp = p->p_fd; 1144 if (fdp == NULL) { 1145 PROC_UNLOCK(p); 1146 continue; 1147 } 1148 nrele = 0; 1149 FILEDESC_LOCK(fdp); 1150 if (fdp->fd_cdir == olddp) { 1151 VREF(newdp); 1152 fdp->fd_cdir = newdp; 1153 nrele++; 1154 } 1155 if (fdp->fd_rdir == olddp) { 1156 VREF(newdp); 1157 fdp->fd_rdir = newdp; 1158 nrele++; 1159 } 1160 FILEDESC_UNLOCK(fdp); 1161 PROC_UNLOCK(p); 1162 while (nrele--) 1163 vrele(olddp); 1164 } 1165 sx_sunlock(&allproc_lock); 1166 if (rootvnode == olddp) { 1167 vrele(rootvnode); 1168 VREF(newdp); 1169 rootvnode = newdp; 1170 } 1171 } 1172 1173 /* 1174 * Unmount a filesystem. 1175 * 1176 * Note: unmount takes a path to the vnode mounted on as argument, 1177 * not special file (as before). 1178 */ 1179 #ifndef _SYS_SYSPROTO_H_ 1180 struct unmount_args { 1181 char *path; 1182 int flags; 1183 }; 1184 #endif 1185 /* ARGSUSED */ 1186 int 1187 unmount(td, uap) 1188 struct thread *td; 1189 register struct unmount_args /* { 1190 syscallarg(char *) path; 1191 syscallarg(int) flags; 1192 } */ *uap; 1193 { 1194 register struct vnode *vp; 1195 struct mount *mp; 1196 int error; 1197 struct nameidata nd; 1198 1199 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE, 1200 SCARG(uap, path), td); 1201 if ((error = namei(&nd)) != 0) 1202 return (error); 1203 vp = nd.ni_vp; 1204 NDFREE(&nd, NDF_ONLY_PNBUF); 1205 mp = vp->v_mount; 1206 1207 /* 1208 * Only root, or the user that did the original mount is 1209 * permitted to unmount this filesystem. 1210 */ 1211 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 1212 error = suser(td); 1213 if (error) { 1214 vput(vp); 1215 return (error); 1216 } 1217 } 1218 1219 /* 1220 * Don't allow unmounting the root filesystem. 1221 */ 1222 if (mp->mnt_flag & MNT_ROOTFS) { 1223 vput(vp); 1224 return (EINVAL); 1225 } 1226 1227 /* 1228 * Must be the root of the filesystem 1229 */ 1230 if ((vp->v_vflag & VV_ROOT) == 0) { 1231 vput(vp); 1232 return (EINVAL); 1233 } 1234 vput(vp); 1235 return (dounmount(mp, SCARG(uap, flags), td)); 1236 } 1237 1238 /* 1239 * Do the actual filesystem unmount. 1240 */ 1241 int 1242 dounmount(mp, flags, td) 1243 struct mount *mp; 1244 int flags; 1245 struct thread *td; 1246 { 1247 struct vnode *coveredvp, *fsrootvp; 1248 int error; 1249 int async_flag; 1250 1251 mtx_lock(&mountlist_mtx); 1252 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1253 mtx_unlock(&mountlist_mtx); 1254 return (EBUSY); 1255 } 1256 mp->mnt_kern_flag |= MNTK_UNMOUNT; 1257 /* Allow filesystems to detect that a forced unmount is in progress. */ 1258 if (flags & MNT_FORCE) 1259 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1260 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK | 1261 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), &mountlist_mtx, td); 1262 if (error) { 1263 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1264 if (mp->mnt_kern_flag & MNTK_MWAIT) 1265 wakeup(mp); 1266 return (error); 1267 } 1268 vn_start_write(NULL, &mp, V_WAIT); 1269 1270 if (mp->mnt_flag & MNT_EXPUBLIC) 1271 vfs_setpublicfs(NULL, NULL, NULL); 1272 1273 vfs_msync(mp, MNT_WAIT); 1274 async_flag = mp->mnt_flag & MNT_ASYNC; 1275 mp->mnt_flag &=~ MNT_ASYNC; 1276 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1277 if (mp->mnt_syncer != NULL) 1278 vrele(mp->mnt_syncer); 1279 /* Move process cdir/rdir refs on fs root to underlying vnode. */ 1280 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1281 if (mp->mnt_vnodecovered != NULL) 1282 checkdirs(fsrootvp, mp->mnt_vnodecovered); 1283 if (fsrootvp == rootvnode) { 1284 vrele(rootvnode); 1285 rootvnode = NULL; 1286 } 1287 vput(fsrootvp); 1288 } 1289 if (((mp->mnt_flag & MNT_RDONLY) || 1290 (error = VFS_SYNC(mp, MNT_WAIT, td->td_ucred, td)) == 0) || 1291 (flags & MNT_FORCE)) { 1292 error = VFS_UNMOUNT(mp, flags, td); 1293 } 1294 vn_finished_write(mp); 1295 if (error) { 1296 /* Undo cdir/rdir and rootvnode changes made above. */ 1297 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1298 if (mp->mnt_vnodecovered != NULL) 1299 checkdirs(mp->mnt_vnodecovered, fsrootvp); 1300 if (rootvnode == NULL) { 1301 rootvnode = fsrootvp; 1302 vref(rootvnode); 1303 } 1304 vput(fsrootvp); 1305 } 1306 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) 1307 (void) vfs_allocate_syncvnode(mp); 1308 mtx_lock(&mountlist_mtx); 1309 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1310 mp->mnt_flag |= async_flag; 1311 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, 1312 &mountlist_mtx, td); 1313 if (mp->mnt_kern_flag & MNTK_MWAIT) 1314 wakeup(mp); 1315 return (error); 1316 } 1317 crfree(mp->mnt_cred); 1318 mtx_lock(&mountlist_mtx); 1319 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1320 if ((coveredvp = mp->mnt_vnodecovered) != NULL) 1321 coveredvp->v_mountedhere = NULL; 1322 mp->mnt_vfc->vfc_refcount--; 1323 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) 1324 panic("unmount: dangling vnode"); 1325 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, &mountlist_mtx, td); 1326 lockdestroy(&mp->mnt_lock); 1327 if (coveredvp != NULL) 1328 vrele(coveredvp); 1329 if (mp->mnt_kern_flag & MNTK_MWAIT) 1330 wakeup(mp); 1331 #ifdef MAC 1332 mac_destroy_mount(mp); 1333 #endif 1334 if (mp->mnt_op->vfs_mount == NULL) 1335 vfs_freeopts(mp->mnt_opt); 1336 free(mp, M_MOUNT); 1337 return (0); 1338 } 1339 1340 /* 1341 * Lookup a filesystem type, and if found allocate and initialize 1342 * a mount structure for it. 1343 * 1344 * Devname is usually updated by mount(8) after booting. 1345 */ 1346 int 1347 vfs_rootmountalloc(fstypename, devname, mpp) 1348 char *fstypename; 1349 char *devname; 1350 struct mount **mpp; 1351 { 1352 struct thread *td = curthread; /* XXX */ 1353 struct vfsconf *vfsp; 1354 struct mount *mp; 1355 1356 if (fstypename == NULL) 1357 return (ENODEV); 1358 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1359 if (!strcmp(vfsp->vfc_name, fstypename)) 1360 break; 1361 if (vfsp == NULL) 1362 return (ENODEV); 1363 mp = malloc((u_long)sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1364 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1365 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1366 TAILQ_INIT(&mp->mnt_nvnodelist); 1367 TAILQ_INIT(&mp->mnt_reservedvnlist); 1368 mp->mnt_vfc = vfsp; 1369 mp->mnt_op = vfsp->vfc_vfsops; 1370 mp->mnt_flag = MNT_RDONLY; 1371 mp->mnt_vnodecovered = NULLVP; 1372 mp->mnt_cred = crdup(td->td_ucred); 1373 vfsp->vfc_refcount++; 1374 mp->mnt_iosize_max = DFLTPHYS; 1375 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1376 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1377 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 1378 mp->mnt_stat.f_mntonname[0] = '/'; 1379 mp->mnt_stat.f_mntonname[1] = 0; 1380 strlcpy(mp->mnt_stat.f_mntfromname, devname, MNAMELEN); 1381 #ifdef MAC 1382 mac_init_mount(mp); 1383 mac_create_mount(td->td_ucred, mp); 1384 #endif 1385 *mpp = mp; 1386 return (0); 1387 } 1388 1389 /* 1390 * Find and mount the root filesystem 1391 */ 1392 void 1393 vfs_mountroot(void) 1394 { 1395 char *cp; 1396 int i, error; 1397 1398 /* 1399 * The root filesystem information is compiled in, and we are 1400 * booted with instructions to use it. 1401 */ 1402 #ifdef ROOTDEVNAME 1403 if ((boothowto & RB_DFLTROOT) && 1404 !vfs_mountroot_try(ROOTDEVNAME)) 1405 return; 1406 #endif 1407 /* 1408 * We are booted with instructions to prompt for the root filesystem, 1409 * or to use the compiled-in default when it doesn't exist. 1410 */ 1411 if (boothowto & (RB_DFLTROOT | RB_ASKNAME)) { 1412 if (!vfs_mountroot_ask()) 1413 return; 1414 } 1415 1416 /* 1417 * We've been given the generic "use CDROM as root" flag. This is 1418 * necessary because one media may be used in many different 1419 * devices, so we need to search for them. 1420 */ 1421 if (boothowto & RB_CDROM) { 1422 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1423 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1424 return; 1425 } 1426 } 1427 1428 /* 1429 * Try to use the value read by the loader from /etc/fstab, or 1430 * supplied via some other means. This is the preferred 1431 * mechanism. 1432 */ 1433 if ((cp = getenv("vfs.root.mountfrom")) != NULL) { 1434 error = vfs_mountroot_try(cp); 1435 freeenv(cp); 1436 if (!error) 1437 return; 1438 } 1439 1440 /* 1441 * Try values that may have been computed by the machine-dependant 1442 * legacy code. 1443 */ 1444 if (!vfs_mountroot_try(rootdevnames[0])) 1445 return; 1446 if (!vfs_mountroot_try(rootdevnames[1])) 1447 return; 1448 1449 /* 1450 * If we have a compiled-in default, and haven't already tried it, try 1451 * it now. 1452 */ 1453 #ifdef ROOTDEVNAME 1454 if (!(boothowto & RB_DFLTROOT)) 1455 if (!vfs_mountroot_try(ROOTDEVNAME)) 1456 return; 1457 #endif 1458 1459 /* 1460 * Everything so far has failed, prompt on the console if we haven't 1461 * already tried that. 1462 */ 1463 if (!(boothowto & (RB_DFLTROOT | RB_ASKNAME)) && !vfs_mountroot_ask()) 1464 return; 1465 panic("Root mount failed, startup aborted."); 1466 } 1467 1468 void g_waitidle(void); 1469 1470 /* 1471 * Mount (mountfrom) as the root filesystem. 1472 */ 1473 static int 1474 vfs_mountroot_try(char *mountfrom) 1475 { 1476 struct mount *mp; 1477 char *vfsname, *path; 1478 const char *devname; 1479 int error; 1480 char patt[32]; 1481 int s; 1482 1483 vfsname = NULL; 1484 path = NULL; 1485 mp = NULL; 1486 error = EINVAL; 1487 1488 g_waitidle(); 1489 1490 if (mountfrom == NULL) 1491 return(error); /* don't complain */ 1492 1493 s = splcam(); /* Overkill, but annoying without it */ 1494 printf("Mounting root from %s\n", mountfrom); 1495 splx(s); 1496 1497 /* parse vfs name and path */ 1498 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1499 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1500 vfsname[0] = path[0] = 0; 1501 sprintf(patt, "%%%d[a-z0-9]:%%%ds", MFSNAMELEN, MNAMELEN); 1502 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1503 goto done; 1504 1505 /* allocate a root mount */ 1506 error = vfs_rootmountalloc(vfsname, path[0] != 0 ? path : ROOTNAME, 1507 &mp); 1508 if (error != 0) { 1509 printf("Can't allocate root mount for filesystem '%s': %d\n", 1510 vfsname, error); 1511 goto done; 1512 } 1513 mp->mnt_flag |= MNT_ROOTFS; 1514 1515 /* do our best to set rootdev */ 1516 if ((path[0] != 0) && setrootbyname(path)) 1517 printf("setrootbyname failed\n"); 1518 1519 /* If the root device is a type "memory disk", mount RW */ 1520 if (rootdev != NODEV && devsw(rootdev) != NULL) { 1521 devname = devtoname(rootdev); 1522 if (devname[0] == 'm' && devname[1] == 'd') 1523 mp->mnt_flag &= ~MNT_RDONLY; 1524 } 1525 1526 /* 1527 * Set the mount path to be something useful, because the 1528 * filesystem code isn't responsible now for initialising 1529 * f_mntonname unless they want to override the default 1530 * (which is `path'.) 1531 */ 1532 strlcpy(mp->mnt_stat.f_mntonname, "/", MNAMELEN); 1533 1534 error = VFS_MOUNT(mp, NULL, NULL, NULL, curthread); 1535 1536 done: 1537 if (vfsname != NULL) 1538 free(vfsname, M_MOUNT); 1539 if (path != NULL) 1540 free(path, M_MOUNT); 1541 if (error != 0) { 1542 if (mp != NULL) { 1543 vfs_unbusy(mp, curthread); 1544 #ifdef MAC 1545 mac_destroy_mount(mp); 1546 #endif 1547 free(mp, M_MOUNT); 1548 } 1549 printf("Root mount failed: %d\n", error); 1550 } else { 1551 1552 /* register with list of mounted filesystems */ 1553 mtx_lock(&mountlist_mtx); 1554 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1555 mtx_unlock(&mountlist_mtx); 1556 1557 /* sanity check system clock against root fs timestamp */ 1558 inittodr(mp->mnt_time); 1559 vfs_unbusy(mp, curthread); 1560 error = VFS_START(mp, 0, curthread); 1561 } 1562 return(error); 1563 } 1564 1565 /* 1566 * Spin prompting on the console for a suitable root filesystem 1567 */ 1568 static int 1569 vfs_mountroot_ask(void) 1570 { 1571 char name[128]; 1572 int i; 1573 dev_t dev; 1574 1575 for(;;) { 1576 printf("\nManual root filesystem specification:\n"); 1577 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1578 #if defined(__i386__) || defined(__ia64__) 1579 printf(" eg. ufs:da0s1a\n"); 1580 #else 1581 printf(" eg. ufs:da0a\n"); 1582 #endif 1583 printf(" ? List valid disk boot devices\n"); 1584 printf(" <empty line> Abort manual input\n"); 1585 printf("\nmountroot> "); 1586 gets(name); 1587 if (name[0] == 0) 1588 return(1); 1589 if (name[0] == '?') { 1590 printf("Possibly valid devices for 'ufs' root:\n"); 1591 for (i = 0; i < NUMCDEVSW; i++) { 1592 dev = makedev(i, 0); 1593 if (devsw(dev) != NULL) 1594 printf(" \"%s\"", devsw(dev)->d_name); 1595 } 1596 printf("\n"); 1597 continue; 1598 } 1599 if (!vfs_mountroot_try(name)) 1600 return(0); 1601 } 1602 } 1603 1604 /* 1605 * Local helper function for vfs_mountroot_ask. 1606 */ 1607 static void 1608 gets(char *cp) 1609 { 1610 char *lp; 1611 int c; 1612 1613 lp = cp; 1614 for (;;) { 1615 printf("%c", c = cngetc() & 0177); 1616 switch (c) { 1617 case -1: 1618 case '\n': 1619 case '\r': 1620 *lp++ = '\0'; 1621 return; 1622 case '\b': 1623 case '\177': 1624 if (lp > cp) { 1625 printf(" \b"); 1626 lp--; 1627 } 1628 continue; 1629 case '#': 1630 lp--; 1631 if (lp < cp) 1632 lp = cp; 1633 continue; 1634 case '@': 1635 case 'u' & 037: 1636 lp = cp; 1637 printf("%c", '\n'); 1638 continue; 1639 default: 1640 *lp++ = c; 1641 } 1642 } 1643 } 1644 1645 /* 1646 * Convert a given name to the dev_t of the disk-like device 1647 * it refers to. 1648 */ 1649 dev_t 1650 getdiskbyname(char *name) { 1651 char *cp; 1652 dev_t dev; 1653 1654 cp = name; 1655 if (!bcmp(cp, "/dev/", 5)) 1656 cp += 5; 1657 1658 dev = NODEV; 1659 EVENTHANDLER_INVOKE(dev_clone, cp, strlen(cp), &dev); 1660 return (dev); 1661 } 1662 1663 /* 1664 * Set rootdev to match (name), given that we expect it to 1665 * refer to a disk-like device. 1666 */ 1667 static int 1668 setrootbyname(char *name) 1669 { 1670 dev_t diskdev; 1671 1672 diskdev = getdiskbyname(name); 1673 if (diskdev != NODEV) { 1674 rootdev = diskdev; 1675 return (0); 1676 } 1677 1678 return (1); 1679 } 1680 1681 /* Show the dev_t for a disk specified by name */ 1682 #ifdef DDB 1683 DB_SHOW_COMMAND(disk, db_getdiskbyname) 1684 { 1685 dev_t dev; 1686 1687 if (modif[0] == '\0') { 1688 db_error("usage: show disk/devicename"); 1689 return; 1690 } 1691 dev = getdiskbyname(modif); 1692 if (dev != NODEV) 1693 db_printf("dev_t = %p\n", dev); 1694 else 1695 db_printf("No disk device matched.\n"); 1696 } 1697 #endif 1698 1699 /* 1700 * Get a mount option by its name. 1701 * 1702 * Return 0 if the option was found, ENOENT otherwise. 1703 * If len is non-NULL it will be filled with the length 1704 * of the option. If buf is non-NULL, it will be filled 1705 * with the address of the option. 1706 */ 1707 int 1708 vfs_getopt(opts, name, buf, len) 1709 struct vfsoptlist *opts; 1710 const char *name; 1711 void **buf; 1712 int *len; 1713 { 1714 struct vfsopt *opt; 1715 1716 TAILQ_FOREACH(opt, opts, link) { 1717 if (strcmp(name, opt->name) == 0) { 1718 if (len != NULL) 1719 *len = opt->len; 1720 if (buf != NULL) 1721 *buf = opt->value; 1722 return (0); 1723 } 1724 } 1725 return (ENOENT); 1726 } 1727 1728 /* 1729 * Find and copy a mount option. 1730 * 1731 * The size of the buffer has to be specified 1732 * in len, if it is not the same length as the 1733 * mount option, EINVAL is returned. 1734 * Returns ENOENT if the option is not found. 1735 */ 1736 int 1737 vfs_copyopt(opts, name, dest, len) 1738 struct vfsoptlist *opts; 1739 const char *name; 1740 void *dest; 1741 int len; 1742 { 1743 struct vfsopt *opt; 1744 1745 TAILQ_FOREACH(opt, opts, link) { 1746 if (strcmp(name, opt->name) == 0) { 1747 if (len != opt->len) 1748 return (EINVAL); 1749 bcopy(opt->value, dest, opt->len); 1750 return (0); 1751 } 1752 } 1753 return (ENOENT); 1754 } 1755