1 /*- 2 * Copyright (c) 1999-2004 Poul-Henning Kamp 3 * Copyright (c) 1999 Michael Smith 4 * Copyright (c) 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * (c) UNIX System Laboratories, Inc. 7 * All or some portions of this file are derived from material licensed 8 * to the University of California by American Telephone and Telegraph 9 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 * the permission of UNIX System Laboratories, Inc. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 __FBSDID("$FreeBSD$"); 39 40 #include <sys/param.h> 41 #include <sys/conf.h> 42 #include <sys/fcntl.h> 43 #include <sys/jail.h> 44 #include <sys/kernel.h> 45 #include <sys/libkern.h> 46 #include <sys/malloc.h> 47 #include <sys/mount.h> 48 #include <sys/mutex.h> 49 #include <sys/namei.h> 50 #include <sys/priv.h> 51 #include <sys/proc.h> 52 #include <sys/filedesc.h> 53 #include <sys/reboot.h> 54 #include <sys/syscallsubr.h> 55 #include <sys/sysproto.h> 56 #include <sys/sx.h> 57 #include <sys/sysctl.h> 58 #include <sys/sysent.h> 59 #include <sys/systm.h> 60 #include <sys/vnode.h> 61 #include <vm/uma.h> 62 63 #include <geom/geom.h> 64 65 #include <machine/stdarg.h> 66 67 #include <security/audit/audit.h> 68 #include <security/mac/mac_framework.h> 69 70 #include "opt_rootdevname.h" 71 #include "opt_mac.h" 72 73 #define ROOTNAME "root_device" 74 #define VFS_MOUNTARG_SIZE_MAX (1024 * 64) 75 76 static int vfs_domount(struct thread *td, const char *fstype, 77 char *fspath, int fsflags, void *fsdata); 78 static int vfs_mountroot_ask(void); 79 static int vfs_mountroot_try(const char *mountfrom); 80 static void free_mntarg(struct mntarg *ma); 81 static int vfs_getopt_pos(struct vfsoptlist *opts, const char *name); 82 83 static int usermount = 0; 84 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, 85 "Unprivileged users may mount and unmount file systems"); 86 87 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 88 MALLOC_DEFINE(M_VNODE_MARKER, "vnodemarker", "vnode marker"); 89 static uma_zone_t mount_zone; 90 91 /* List of mounted filesystems. */ 92 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 93 94 /* For any iteration/modification of mountlist */ 95 struct mtx mountlist_mtx; 96 MTX_SYSINIT(mountlist, &mountlist_mtx, "mountlist", MTX_DEF); 97 98 TAILQ_HEAD(vfsoptlist, vfsopt); 99 struct vfsopt { 100 TAILQ_ENTRY(vfsopt) link; 101 char *name; 102 void *value; 103 int len; 104 }; 105 106 /* 107 * The vnode of the system's root (/ in the filesystem, without chroot 108 * active.) 109 */ 110 struct vnode *rootvnode; 111 112 /* 113 * The root filesystem is detailed in the kernel environment variable 114 * vfs.root.mountfrom, which is expected to be in the general format 115 * 116 * <vfsname>:[<path>] 117 * vfsname := the name of a VFS known to the kernel and capable 118 * of being mounted as root 119 * path := disk device name or other data used by the filesystem 120 * to locate its physical store 121 */ 122 123 /* 124 * Global opts, taken by all filesystems 125 */ 126 static const char *global_opts[] = { 127 "errmsg", 128 "fstype", 129 "fspath", 130 "ro", 131 "rw", 132 "nosuid", 133 "noexec", 134 NULL 135 }; 136 137 /* 138 * The root specifiers we will try if RB_CDROM is specified. 139 */ 140 static char *cdrom_rootdevnames[] = { 141 "cd9660:cd0", 142 "cd9660:acd0", 143 NULL 144 }; 145 146 /* legacy find-root code */ 147 char *rootdevnames[2] = {NULL, NULL}; 148 #ifndef ROOTDEVNAME 149 # define ROOTDEVNAME NULL 150 #endif 151 static const char *ctrootdevname = ROOTDEVNAME; 152 153 /* 154 * --------------------------------------------------------------------- 155 * Functions for building and sanitizing the mount options 156 */ 157 158 /* Remove one mount option. */ 159 static void 160 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 161 { 162 163 TAILQ_REMOVE(opts, opt, link); 164 free(opt->name, M_MOUNT); 165 if (opt->value != NULL) 166 free(opt->value, M_MOUNT); 167 #ifdef INVARIANTS 168 else if (opt->len != 0) 169 panic("%s: mount option with NULL value but length != 0", 170 __func__); 171 #endif 172 free(opt, M_MOUNT); 173 } 174 175 /* Release all resources related to the mount options. */ 176 void 177 vfs_freeopts(struct vfsoptlist *opts) 178 { 179 struct vfsopt *opt; 180 181 while (!TAILQ_EMPTY(opts)) { 182 opt = TAILQ_FIRST(opts); 183 vfs_freeopt(opts, opt); 184 } 185 free(opts, M_MOUNT); 186 } 187 188 void 189 vfs_deleteopt(struct vfsoptlist *opts, const char *name) 190 { 191 struct vfsopt *opt, *temp; 192 193 if (opts == NULL) 194 return; 195 TAILQ_FOREACH_SAFE(opt, opts, link, temp) { 196 if (strcmp(opt->name, name) == 0) 197 vfs_freeopt(opts, opt); 198 } 199 } 200 201 /* 202 * Check if options are equal (with or without the "no" prefix). 203 */ 204 static int 205 vfs_equalopts(const char *opt1, const char *opt2) 206 { 207 208 /* "opt" vs. "opt" or "noopt" vs. "noopt" */ 209 if (strcmp(opt1, opt2) == 0) 210 return (1); 211 /* "noopt" vs. "opt" */ 212 if (strncmp(opt1, "no", 2) == 0 && strcmp(opt1 + 2, opt2) == 0) 213 return (1); 214 /* "opt" vs. "noopt" */ 215 if (strncmp(opt2, "no", 2) == 0 && strcmp(opt1, opt2 + 2) == 0) 216 return (1); 217 return (0); 218 } 219 220 /* 221 * If a mount option is specified several times, 222 * (with or without the "no" prefix) only keep 223 * the last occurence of it. 224 */ 225 static void 226 vfs_sanitizeopts(struct vfsoptlist *opts) 227 { 228 struct vfsopt *opt, *opt2, *tmp; 229 230 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 231 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 232 while (opt2 != NULL) { 233 if (vfs_equalopts(opt->name, opt2->name)) { 234 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 235 vfs_freeopt(opts, opt2); 236 opt2 = tmp; 237 } else { 238 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 239 } 240 } 241 } 242 } 243 244 /* 245 * Build a linked list of mount options from a struct uio. 246 */ 247 static int 248 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 249 { 250 struct vfsoptlist *opts; 251 struct vfsopt *opt; 252 size_t memused; 253 unsigned int i, iovcnt; 254 int error, namelen, optlen; 255 256 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 257 TAILQ_INIT(opts); 258 memused = 0; 259 iovcnt = auio->uio_iovcnt; 260 for (i = 0; i < iovcnt; i += 2) { 261 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 262 namelen = auio->uio_iov[i].iov_len; 263 optlen = auio->uio_iov[i + 1].iov_len; 264 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 265 opt->value = NULL; 266 opt->len = 0; 267 268 /* 269 * Do this early, so jumps to "bad" will free the current 270 * option. 271 */ 272 TAILQ_INSERT_TAIL(opts, opt, link); 273 memused += sizeof(struct vfsopt) + optlen + namelen; 274 275 /* 276 * Avoid consuming too much memory, and attempts to overflow 277 * memused. 278 */ 279 if (memused > VFS_MOUNTARG_SIZE_MAX || 280 optlen > VFS_MOUNTARG_SIZE_MAX || 281 namelen > VFS_MOUNTARG_SIZE_MAX) { 282 error = EINVAL; 283 goto bad; 284 } 285 286 if (auio->uio_segflg == UIO_SYSSPACE) { 287 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 288 } else { 289 error = copyin(auio->uio_iov[i].iov_base, opt->name, 290 namelen); 291 if (error) 292 goto bad; 293 } 294 /* Ensure names are null-terminated strings. */ 295 if (opt->name[namelen - 1] != '\0') { 296 error = EINVAL; 297 goto bad; 298 } 299 if (optlen != 0) { 300 opt->len = optlen; 301 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 302 if (auio->uio_segflg == UIO_SYSSPACE) { 303 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 304 optlen); 305 } else { 306 error = copyin(auio->uio_iov[i + 1].iov_base, 307 opt->value, optlen); 308 if (error) 309 goto bad; 310 } 311 } 312 } 313 vfs_sanitizeopts(opts); 314 *options = opts; 315 return (0); 316 bad: 317 vfs_freeopts(opts); 318 return (error); 319 } 320 321 /* 322 * Merge the old mount options with the new ones passed 323 * in the MNT_UPDATE case. 324 * 325 * XXX This function will keep a "nofoo" option in the 326 * new options if there is no matching "foo" option 327 * to be cancelled in the old options. This is a bug 328 * if the option's canonical name is "foo". E.g., "noro" 329 * shouldn't end up in the mount point's active options, 330 * but it can. 331 */ 332 static void 333 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 334 { 335 struct vfsopt *opt, *opt2, *new; 336 337 TAILQ_FOREACH(opt, opts, link) { 338 /* 339 * Check that this option hasn't been redefined 340 * nor cancelled with a "no" mount option. 341 */ 342 opt2 = TAILQ_FIRST(toopts); 343 while (opt2 != NULL) { 344 if (strcmp(opt2->name, opt->name) == 0) 345 goto next; 346 if (strncmp(opt2->name, "no", 2) == 0 && 347 strcmp(opt2->name + 2, opt->name) == 0) { 348 vfs_freeopt(toopts, opt2); 349 goto next; 350 } 351 opt2 = TAILQ_NEXT(opt2, link); 352 } 353 /* We want this option, duplicate it. */ 354 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 355 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 356 strcpy(new->name, opt->name); 357 if (opt->len != 0) { 358 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 359 bcopy(opt->value, new->value, opt->len); 360 } else { 361 new->value = NULL; 362 } 363 new->len = opt->len; 364 TAILQ_INSERT_TAIL(toopts, new, link); 365 next: 366 continue; 367 } 368 } 369 370 /* 371 * Mount a filesystem. 372 */ 373 int 374 nmount(td, uap) 375 struct thread *td; 376 struct nmount_args /* { 377 struct iovec *iovp; 378 unsigned int iovcnt; 379 int flags; 380 } */ *uap; 381 { 382 struct uio *auio; 383 struct iovec *iov; 384 unsigned int i; 385 int error; 386 u_int iovcnt; 387 388 AUDIT_ARG(fflags, uap->flags); 389 CTR4(KTR_VFS, "%s: iovp %p with iovcnt %d and flags %d", __func__, 390 uap->iovp, uap->iovcnt, uap->flags); 391 392 /* 393 * Filter out MNT_ROOTFS. We do not want clients of nmount() in 394 * userspace to set this flag, but we must filter it out if we want 395 * MNT_UPDATE on the root file system to work. 396 * MNT_ROOTFS should only be set in the kernel in vfs_mountroot_try(). 397 */ 398 uap->flags &= ~MNT_ROOTFS; 399 400 iovcnt = uap->iovcnt; 401 /* 402 * Check that we have an even number of iovec's 403 * and that we have at least two options. 404 */ 405 if ((iovcnt & 1) || (iovcnt < 4)) { 406 CTR2(KTR_VFS, "%s: failed for invalid iovcnt %d", __func__, 407 uap->iovcnt); 408 return (EINVAL); 409 } 410 411 error = copyinuio(uap->iovp, iovcnt, &auio); 412 if (error) { 413 CTR2(KTR_VFS, "%s: failed for invalid uio op with %d errno", 414 __func__, error); 415 return (error); 416 } 417 iov = auio->uio_iov; 418 for (i = 0; i < iovcnt; i++) { 419 if (iov->iov_len > MMAXOPTIONLEN) { 420 free(auio, M_IOV); 421 CTR1(KTR_VFS, "%s: failed for invalid new auio", 422 __func__); 423 return (EINVAL); 424 } 425 iov++; 426 } 427 error = vfs_donmount(td, uap->flags, auio); 428 429 free(auio, M_IOV); 430 return (error); 431 } 432 433 /* 434 * --------------------------------------------------------------------- 435 * Various utility functions 436 */ 437 438 void 439 vfs_ref(struct mount *mp) 440 { 441 442 CTR2(KTR_VFS, "%s: mp %p", __func__, mp); 443 MNT_ILOCK(mp); 444 MNT_REF(mp); 445 MNT_IUNLOCK(mp); 446 } 447 448 void 449 vfs_rel(struct mount *mp) 450 { 451 452 CTR2(KTR_VFS, "%s: mp %p", __func__, mp); 453 MNT_ILOCK(mp); 454 MNT_REL(mp); 455 MNT_IUNLOCK(mp); 456 } 457 458 static int 459 mount_init(void *mem, int size, int flags) 460 { 461 struct mount *mp; 462 463 mp = (struct mount *)mem; 464 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF); 465 lockinit(&mp->mnt_explock, PVFS, "explock", 0, 0); 466 return (0); 467 } 468 469 static void 470 mount_fini(void *mem, int size) 471 { 472 struct mount *mp; 473 474 mp = (struct mount *)mem; 475 lockdestroy(&mp->mnt_explock); 476 mtx_destroy(&mp->mnt_mtx); 477 } 478 479 /* 480 * Allocate and initialize the mount point struct. 481 */ 482 struct mount * 483 vfs_mount_alloc(struct vnode *vp, struct vfsconf *vfsp, const char *fspath, 484 struct ucred *cred) 485 { 486 struct mount *mp; 487 488 mp = uma_zalloc(mount_zone, M_WAITOK); 489 bzero(&mp->mnt_startzero, 490 __rangeof(struct mount, mnt_startzero, mnt_endzero)); 491 TAILQ_INIT(&mp->mnt_nvnodelist); 492 mp->mnt_nvnodelistsize = 0; 493 mp->mnt_ref = 0; 494 (void) vfs_busy(mp, MBF_NOWAIT); 495 mp->mnt_op = vfsp->vfc_vfsops; 496 mp->mnt_vfc = vfsp; 497 vfsp->vfc_refcount++; /* XXX Unlocked */ 498 mp->mnt_stat.f_type = vfsp->vfc_typenum; 499 mp->mnt_gen++; 500 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 501 mp->mnt_vnodecovered = vp; 502 mp->mnt_cred = crdup(cred); 503 mp->mnt_stat.f_owner = cred->cr_uid; 504 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 505 mp->mnt_iosize_max = DFLTPHYS; 506 #ifdef MAC 507 mac_mount_init(mp); 508 mac_mount_create(cred, mp); 509 #endif 510 arc4rand(&mp->mnt_hashseed, sizeof mp->mnt_hashseed, 0); 511 return (mp); 512 } 513 514 /* 515 * Destroy the mount struct previously allocated by vfs_mount_alloc(). 516 */ 517 void 518 vfs_mount_destroy(struct mount *mp) 519 { 520 521 MNT_ILOCK(mp); 522 mp->mnt_kern_flag |= MNTK_REFEXPIRE; 523 if (mp->mnt_kern_flag & MNTK_MWAIT) { 524 mp->mnt_kern_flag &= ~MNTK_MWAIT; 525 wakeup(mp); 526 } 527 while (mp->mnt_ref) 528 msleep(mp, MNT_MTX(mp), PVFS, "mntref", 0); 529 KASSERT(mp->mnt_ref == 0, 530 ("%s: invalid refcount in the drain path @ %s:%d", __func__, 531 __FILE__, __LINE__)); 532 if (mp->mnt_writeopcount != 0) 533 panic("vfs_mount_destroy: nonzero writeopcount"); 534 if (mp->mnt_secondary_writes != 0) 535 panic("vfs_mount_destroy: nonzero secondary_writes"); 536 mp->mnt_vfc->vfc_refcount--; 537 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) { 538 struct vnode *vp; 539 540 TAILQ_FOREACH(vp, &mp->mnt_nvnodelist, v_nmntvnodes) 541 vprint("", vp); 542 panic("unmount: dangling vnode"); 543 } 544 if (mp->mnt_nvnodelistsize != 0) 545 panic("vfs_mount_destroy: nonzero nvnodelistsize"); 546 if (mp->mnt_lockref != 0) 547 panic("vfs_mount_destroy: nonzero lock refcount"); 548 MNT_IUNLOCK(mp); 549 #ifdef MAC 550 mac_mount_destroy(mp); 551 #endif 552 if (mp->mnt_opt != NULL) 553 vfs_freeopts(mp->mnt_opt); 554 crfree(mp->mnt_cred); 555 uma_zfree(mount_zone, mp); 556 } 557 558 int 559 vfs_donmount(struct thread *td, int fsflags, struct uio *fsoptions) 560 { 561 struct vfsoptlist *optlist; 562 struct vfsopt *opt, *noro_opt, *tmp_opt; 563 char *fstype, *fspath, *errmsg; 564 int error, fstypelen, fspathlen, errmsg_len, errmsg_pos; 565 int has_rw, has_noro; 566 567 errmsg = fspath = NULL; 568 errmsg_len = has_noro = has_rw = fspathlen = 0; 569 errmsg_pos = -1; 570 571 error = vfs_buildopts(fsoptions, &optlist); 572 if (error) 573 return (error); 574 575 if (vfs_getopt(optlist, "errmsg", (void **)&errmsg, &errmsg_len) == 0) 576 errmsg_pos = vfs_getopt_pos(optlist, "errmsg"); 577 578 /* 579 * We need these two options before the others, 580 * and they are mandatory for any filesystem. 581 * Ensure they are NUL terminated as well. 582 */ 583 fstypelen = 0; 584 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 585 if (error || fstype[fstypelen - 1] != '\0') { 586 error = EINVAL; 587 if (errmsg != NULL) 588 strncpy(errmsg, "Invalid fstype", errmsg_len); 589 goto bail; 590 } 591 fspathlen = 0; 592 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 593 if (error || fspath[fspathlen - 1] != '\0') { 594 error = EINVAL; 595 if (errmsg != NULL) 596 strncpy(errmsg, "Invalid fspath", errmsg_len); 597 goto bail; 598 } 599 600 /* 601 * We need to see if we have the "update" option 602 * before we call vfs_domount(), since vfs_domount() has special 603 * logic based on MNT_UPDATE. This is very important 604 * when we want to update the root filesystem. 605 */ 606 TAILQ_FOREACH_SAFE(opt, optlist, link, tmp_opt) { 607 if (strcmp(opt->name, "update") == 0) { 608 fsflags |= MNT_UPDATE; 609 vfs_freeopt(optlist, opt); 610 } 611 else if (strcmp(opt->name, "async") == 0) 612 fsflags |= MNT_ASYNC; 613 else if (strcmp(opt->name, "force") == 0) { 614 fsflags |= MNT_FORCE; 615 vfs_freeopt(optlist, opt); 616 } 617 else if (strcmp(opt->name, "reload") == 0) { 618 fsflags |= MNT_RELOAD; 619 vfs_freeopt(optlist, opt); 620 } 621 else if (strcmp(opt->name, "multilabel") == 0) 622 fsflags |= MNT_MULTILABEL; 623 else if (strcmp(opt->name, "noasync") == 0) 624 fsflags &= ~MNT_ASYNC; 625 else if (strcmp(opt->name, "noatime") == 0) 626 fsflags |= MNT_NOATIME; 627 else if (strcmp(opt->name, "atime") == 0) { 628 free(opt->name, M_MOUNT); 629 opt->name = strdup("nonoatime", M_MOUNT); 630 } 631 else if (strcmp(opt->name, "noclusterr") == 0) 632 fsflags |= MNT_NOCLUSTERR; 633 else if (strcmp(opt->name, "clusterr") == 0) { 634 free(opt->name, M_MOUNT); 635 opt->name = strdup("nonoclusterr", M_MOUNT); 636 } 637 else if (strcmp(opt->name, "noclusterw") == 0) 638 fsflags |= MNT_NOCLUSTERW; 639 else if (strcmp(opt->name, "clusterw") == 0) { 640 free(opt->name, M_MOUNT); 641 opt->name = strdup("nonoclusterw", M_MOUNT); 642 } 643 else if (strcmp(opt->name, "noexec") == 0) 644 fsflags |= MNT_NOEXEC; 645 else if (strcmp(opt->name, "exec") == 0) { 646 free(opt->name, M_MOUNT); 647 opt->name = strdup("nonoexec", M_MOUNT); 648 } 649 else if (strcmp(opt->name, "nosuid") == 0) 650 fsflags |= MNT_NOSUID; 651 else if (strcmp(opt->name, "suid") == 0) { 652 free(opt->name, M_MOUNT); 653 opt->name = strdup("nonosuid", M_MOUNT); 654 } 655 else if (strcmp(opt->name, "nosymfollow") == 0) 656 fsflags |= MNT_NOSYMFOLLOW; 657 else if (strcmp(opt->name, "symfollow") == 0) { 658 free(opt->name, M_MOUNT); 659 opt->name = strdup("nonosymfollow", M_MOUNT); 660 } 661 else if (strcmp(opt->name, "noro") == 0) { 662 fsflags &= ~MNT_RDONLY; 663 has_noro = 1; 664 } 665 else if (strcmp(opt->name, "rw") == 0) { 666 fsflags &= ~MNT_RDONLY; 667 has_rw = 1; 668 } 669 else if (strcmp(opt->name, "ro") == 0) 670 fsflags |= MNT_RDONLY; 671 else if (strcmp(opt->name, "rdonly") == 0) { 672 free(opt->name, M_MOUNT); 673 opt->name = strdup("ro", M_MOUNT); 674 fsflags |= MNT_RDONLY; 675 } 676 else if (strcmp(opt->name, "suiddir") == 0) 677 fsflags |= MNT_SUIDDIR; 678 else if (strcmp(opt->name, "sync") == 0) 679 fsflags |= MNT_SYNCHRONOUS; 680 else if (strcmp(opt->name, "union") == 0) 681 fsflags |= MNT_UNION; 682 } 683 684 /* 685 * If "rw" was specified as a mount option, and we 686 * are trying to update a mount-point from "ro" to "rw", 687 * we need a mount option "noro", since in vfs_mergeopts(), 688 * "noro" will cancel "ro", but "rw" will not do anything. 689 */ 690 if (has_rw && !has_noro) { 691 noro_opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 692 noro_opt->name = strdup("noro", M_MOUNT); 693 noro_opt->value = NULL; 694 noro_opt->len = 0; 695 TAILQ_INSERT_TAIL(optlist, noro_opt, link); 696 } 697 698 /* 699 * Be ultra-paranoid about making sure the type and fspath 700 * variables will fit in our mp buffers, including the 701 * terminating NUL. 702 */ 703 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 704 error = ENAMETOOLONG; 705 goto bail; 706 } 707 708 mtx_lock(&Giant); 709 error = vfs_domount(td, fstype, fspath, fsflags, optlist); 710 mtx_unlock(&Giant); 711 bail: 712 /* copyout the errmsg */ 713 if (errmsg_pos != -1 && ((2 * errmsg_pos + 1) < fsoptions->uio_iovcnt) 714 && errmsg_len > 0 && errmsg != NULL) { 715 if (fsoptions->uio_segflg == UIO_SYSSPACE) { 716 bcopy(errmsg, 717 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base, 718 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len); 719 } else { 720 copyout(errmsg, 721 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base, 722 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len); 723 } 724 } 725 726 if (error != 0) 727 vfs_freeopts(optlist); 728 return (error); 729 } 730 731 /* 732 * Old mount API. 733 */ 734 #ifndef _SYS_SYSPROTO_H_ 735 struct mount_args { 736 char *type; 737 char *path; 738 int flags; 739 caddr_t data; 740 }; 741 #endif 742 /* ARGSUSED */ 743 int 744 mount(td, uap) 745 struct thread *td; 746 struct mount_args /* { 747 char *type; 748 char *path; 749 int flags; 750 caddr_t data; 751 } */ *uap; 752 { 753 char *fstype; 754 struct vfsconf *vfsp = NULL; 755 struct mntarg *ma = NULL; 756 int error; 757 758 AUDIT_ARG(fflags, uap->flags); 759 760 /* 761 * Filter out MNT_ROOTFS. We do not want clients of mount() in 762 * userspace to set this flag, but we must filter it out if we want 763 * MNT_UPDATE on the root file system to work. 764 * MNT_ROOTFS should only be set in the kernel in vfs_mountroot_try(). 765 */ 766 uap->flags &= ~MNT_ROOTFS; 767 768 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 769 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL); 770 if (error) { 771 free(fstype, M_TEMP); 772 return (error); 773 } 774 775 AUDIT_ARG(text, fstype); 776 mtx_lock(&Giant); 777 vfsp = vfs_byname_kld(fstype, td, &error); 778 free(fstype, M_TEMP); 779 if (vfsp == NULL) { 780 mtx_unlock(&Giant); 781 return (ENOENT); 782 } 783 if (vfsp->vfc_vfsops->vfs_cmount == NULL) { 784 mtx_unlock(&Giant); 785 return (EOPNOTSUPP); 786 } 787 788 ma = mount_argsu(ma, "fstype", uap->type, MNAMELEN); 789 ma = mount_argsu(ma, "fspath", uap->path, MNAMELEN); 790 ma = mount_argb(ma, uap->flags & MNT_RDONLY, "noro"); 791 ma = mount_argb(ma, !(uap->flags & MNT_NOSUID), "nosuid"); 792 ma = mount_argb(ma, !(uap->flags & MNT_NOEXEC), "noexec"); 793 794 error = vfsp->vfc_vfsops->vfs_cmount(ma, uap->data, uap->flags, td); 795 mtx_unlock(&Giant); 796 return (error); 797 } 798 799 800 /* 801 * vfs_domount(): actually attempt a filesystem mount. 802 */ 803 static int 804 vfs_domount( 805 struct thread *td, /* Calling thread. */ 806 const char *fstype, /* Filesystem type. */ 807 char *fspath, /* Mount path. */ 808 int fsflags, /* Flags common to all filesystems. */ 809 void *fsdata /* Options local to the filesystem. */ 810 ) 811 { 812 struct vnode *vp; 813 struct mount *mp; 814 struct vfsconf *vfsp; 815 struct oexport_args oexport; 816 struct export_args export; 817 int error, flag = 0; 818 struct vattr va; 819 struct nameidata nd; 820 821 mtx_assert(&Giant, MA_OWNED); 822 /* 823 * Be ultra-paranoid about making sure the type and fspath 824 * variables will fit in our mp buffers, including the 825 * terminating NUL. 826 */ 827 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 828 return (ENAMETOOLONG); 829 830 if (jailed(td->td_ucred) || usermount == 0) { 831 if ((error = priv_check(td, PRIV_VFS_MOUNT)) != 0) 832 return (error); 833 } 834 835 /* 836 * Do not allow NFS export or MNT_SUIDDIR by unprivileged users. 837 */ 838 if (fsflags & MNT_EXPORTED) { 839 error = priv_check(td, PRIV_VFS_MOUNT_EXPORTED); 840 if (error) 841 return (error); 842 } 843 if (fsflags & MNT_SUIDDIR) { 844 error = priv_check(td, PRIV_VFS_MOUNT_SUIDDIR); 845 if (error) 846 return (error); 847 } 848 /* 849 * Silently enforce MNT_NOSUID and MNT_USER for unprivileged users. 850 */ 851 if ((fsflags & (MNT_NOSUID | MNT_USER)) != (MNT_NOSUID | MNT_USER)) { 852 if (priv_check(td, PRIV_VFS_MOUNT_NONUSER) != 0) 853 fsflags |= MNT_NOSUID | MNT_USER; 854 } 855 856 /* Load KLDs before we lock the covered vnode to avoid reversals. */ 857 vfsp = NULL; 858 if ((fsflags & MNT_UPDATE) == 0) { 859 /* Don't try to load KLDs if we're mounting the root. */ 860 if (fsflags & MNT_ROOTFS) 861 vfsp = vfs_byname(fstype); 862 else 863 vfsp = vfs_byname_kld(fstype, td, &error); 864 if (vfsp == NULL) 865 return (ENODEV); 866 if (jailed(td->td_ucred) && !(vfsp->vfc_flags & VFCF_JAIL)) 867 return (EPERM); 868 } 869 /* 870 * Get vnode to be covered 871 */ 872 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_SYSSPACE, 873 fspath, td); 874 if ((error = namei(&nd)) != 0) 875 return (error); 876 NDFREE(&nd, NDF_ONLY_PNBUF); 877 vp = nd.ni_vp; 878 if (fsflags & MNT_UPDATE) { 879 if ((vp->v_vflag & VV_ROOT) == 0) { 880 vput(vp); 881 return (EINVAL); 882 } 883 mp = vp->v_mount; 884 MNT_ILOCK(mp); 885 flag = mp->mnt_flag; 886 /* 887 * We only allow the filesystem to be reloaded if it 888 * is currently mounted read-only. 889 */ 890 if ((fsflags & MNT_RELOAD) && 891 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 892 MNT_IUNLOCK(mp); 893 vput(vp); 894 return (EOPNOTSUPP); /* Needs translation */ 895 } 896 MNT_IUNLOCK(mp); 897 /* 898 * Only privileged root, or (if MNT_USER is set) the user that 899 * did the original mount is permitted to update it. 900 */ 901 error = vfs_suser(mp, td); 902 if (error) { 903 vput(vp); 904 return (error); 905 } 906 if (vfs_busy(mp, MBF_NOWAIT)) { 907 vput(vp); 908 return (EBUSY); 909 } 910 VI_LOCK(vp); 911 if ((vp->v_iflag & VI_MOUNT) != 0 || 912 vp->v_mountedhere != NULL) { 913 VI_UNLOCK(vp); 914 vfs_unbusy(mp); 915 vput(vp); 916 return (EBUSY); 917 } 918 vp->v_iflag |= VI_MOUNT; 919 VI_UNLOCK(vp); 920 MNT_ILOCK(mp); 921 mp->mnt_flag |= fsflags & 922 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT | MNT_ROOTFS); 923 MNT_IUNLOCK(mp); 924 VOP_UNLOCK(vp, 0); 925 mp->mnt_optnew = fsdata; 926 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 927 } else { 928 /* 929 * If the user is not root, ensure that they own the directory 930 * onto which we are attempting to mount. 931 */ 932 error = VOP_GETATTR(vp, &va, td->td_ucred); 933 if (error) { 934 vput(vp); 935 return (error); 936 } 937 if (va.va_uid != td->td_ucred->cr_uid) { 938 error = priv_check_cred(td->td_ucred, PRIV_VFS_ADMIN, 939 0); 940 if (error) { 941 vput(vp); 942 return (error); 943 } 944 } 945 error = vinvalbuf(vp, V_SAVE, 0, 0); 946 if (error != 0) { 947 vput(vp); 948 return (error); 949 } 950 if (vp->v_type != VDIR) { 951 vput(vp); 952 return (ENOTDIR); 953 } 954 VI_LOCK(vp); 955 if ((vp->v_iflag & VI_MOUNT) != 0 || 956 vp->v_mountedhere != NULL) { 957 VI_UNLOCK(vp); 958 vput(vp); 959 return (EBUSY); 960 } 961 vp->v_iflag |= VI_MOUNT; 962 VI_UNLOCK(vp); 963 964 /* 965 * Allocate and initialize the filesystem. 966 */ 967 mp = vfs_mount_alloc(vp, vfsp, fspath, td->td_ucred); 968 VOP_UNLOCK(vp, 0); 969 970 /* XXXMAC: pass to vfs_mount_alloc? */ 971 mp->mnt_optnew = fsdata; 972 } 973 974 /* 975 * Set the mount level flags. 976 */ 977 MNT_ILOCK(mp); 978 mp->mnt_flag = (mp->mnt_flag & ~MNT_UPDATEMASK) | 979 (fsflags & (MNT_UPDATEMASK | MNT_FORCE | MNT_ROOTFS | 980 MNT_RDONLY)); 981 if ((mp->mnt_flag & MNT_ASYNC) == 0) 982 mp->mnt_kern_flag &= ~MNTK_ASYNC; 983 MNT_IUNLOCK(mp); 984 /* 985 * Mount the filesystem. 986 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 987 * get. No freeing of cn_pnbuf. 988 */ 989 error = VFS_MOUNT(mp, td); 990 991 /* 992 * Process the export option only if we are 993 * updating mount options. 994 */ 995 if (!error && (fsflags & MNT_UPDATE)) { 996 if (vfs_copyopt(mp->mnt_optnew, "export", &export, 997 sizeof(export)) == 0) 998 error = vfs_export(mp, &export); 999 else if (vfs_copyopt(mp->mnt_optnew, "export", &oexport, 1000 sizeof(oexport)) == 0) { 1001 export.ex_flags = oexport.ex_flags; 1002 export.ex_root = oexport.ex_root; 1003 export.ex_anon = oexport.ex_anon; 1004 export.ex_addr = oexport.ex_addr; 1005 export.ex_addrlen = oexport.ex_addrlen; 1006 export.ex_mask = oexport.ex_mask; 1007 export.ex_masklen = oexport.ex_masklen; 1008 export.ex_indexfile = oexport.ex_indexfile; 1009 export.ex_numsecflavors = 0; 1010 error = vfs_export(mp, &export); 1011 } 1012 } 1013 1014 if (!error) { 1015 if (mp->mnt_opt != NULL) 1016 vfs_freeopts(mp->mnt_opt); 1017 mp->mnt_opt = mp->mnt_optnew; 1018 (void)VFS_STATFS(mp, &mp->mnt_stat, td); 1019 } 1020 /* 1021 * Prevent external consumers of mount options from reading 1022 * mnt_optnew. 1023 */ 1024 mp->mnt_optnew = NULL; 1025 if (mp->mnt_flag & MNT_UPDATE) { 1026 MNT_ILOCK(mp); 1027 if (error) 1028 mp->mnt_flag = (mp->mnt_flag & MNT_QUOTA) | 1029 (flag & ~MNT_QUOTA); 1030 else 1031 mp->mnt_flag &= ~(MNT_UPDATE | MNT_RELOAD | 1032 MNT_FORCE | MNT_SNAPSHOT); 1033 if ((mp->mnt_flag & MNT_ASYNC) != 0 && mp->mnt_noasync == 0) 1034 mp->mnt_kern_flag |= MNTK_ASYNC; 1035 else 1036 mp->mnt_kern_flag &= ~MNTK_ASYNC; 1037 MNT_IUNLOCK(mp); 1038 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 1039 if (mp->mnt_syncer == NULL) 1040 error = vfs_allocate_syncvnode(mp); 1041 } else { 1042 if (mp->mnt_syncer != NULL) 1043 vrele(mp->mnt_syncer); 1044 mp->mnt_syncer = NULL; 1045 } 1046 vfs_unbusy(mp); 1047 VI_LOCK(vp); 1048 vp->v_iflag &= ~VI_MOUNT; 1049 VI_UNLOCK(vp); 1050 vrele(vp); 1051 return (error); 1052 } 1053 MNT_ILOCK(mp); 1054 if ((mp->mnt_flag & MNT_ASYNC) != 0 && mp->mnt_noasync == 0) 1055 mp->mnt_kern_flag |= MNTK_ASYNC; 1056 else 1057 mp->mnt_kern_flag &= ~MNTK_ASYNC; 1058 MNT_IUNLOCK(mp); 1059 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); 1060 /* 1061 * Put the new filesystem on the mount list after root. 1062 */ 1063 cache_purge(vp); 1064 if (!error) { 1065 struct vnode *newdp; 1066 1067 VI_LOCK(vp); 1068 vp->v_iflag &= ~VI_MOUNT; 1069 VI_UNLOCK(vp); 1070 vp->v_mountedhere = mp; 1071 mtx_lock(&mountlist_mtx); 1072 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1073 mtx_unlock(&mountlist_mtx); 1074 vfs_event_signal(NULL, VQ_MOUNT, 0); 1075 if (VFS_ROOT(mp, LK_EXCLUSIVE, &newdp, td)) 1076 panic("mount: lost mount"); 1077 mountcheckdirs(vp, newdp); 1078 vput(newdp); 1079 VOP_UNLOCK(vp, 0); 1080 if ((mp->mnt_flag & MNT_RDONLY) == 0) 1081 error = vfs_allocate_syncvnode(mp); 1082 vfs_unbusy(mp); 1083 if (error) 1084 vrele(vp); 1085 } else { 1086 VI_LOCK(vp); 1087 vp->v_iflag &= ~VI_MOUNT; 1088 VI_UNLOCK(vp); 1089 vfs_unbusy(mp); 1090 vfs_mount_destroy(mp); 1091 vput(vp); 1092 } 1093 return (error); 1094 } 1095 1096 /* 1097 * Unmount a filesystem. 1098 * 1099 * Note: unmount takes a path to the vnode mounted on as argument, not 1100 * special file (as before). 1101 */ 1102 #ifndef _SYS_SYSPROTO_H_ 1103 struct unmount_args { 1104 char *path; 1105 int flags; 1106 }; 1107 #endif 1108 /* ARGSUSED */ 1109 int 1110 unmount(td, uap) 1111 struct thread *td; 1112 register struct unmount_args /* { 1113 char *path; 1114 int flags; 1115 } */ *uap; 1116 { 1117 struct mount *mp; 1118 char *pathbuf; 1119 int error, id0, id1; 1120 1121 if (jailed(td->td_ucred) || usermount == 0) { 1122 error = priv_check(td, PRIV_VFS_UNMOUNT); 1123 if (error) 1124 return (error); 1125 } 1126 1127 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK); 1128 error = copyinstr(uap->path, pathbuf, MNAMELEN, NULL); 1129 if (error) { 1130 free(pathbuf, M_TEMP); 1131 return (error); 1132 } 1133 AUDIT_ARG(upath, td, pathbuf, ARG_UPATH1); 1134 mtx_lock(&Giant); 1135 if (uap->flags & MNT_BYFSID) { 1136 /* Decode the filesystem ID. */ 1137 if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) { 1138 mtx_unlock(&Giant); 1139 free(pathbuf, M_TEMP); 1140 return (EINVAL); 1141 } 1142 1143 mtx_lock(&mountlist_mtx); 1144 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) { 1145 if (mp->mnt_stat.f_fsid.val[0] == id0 && 1146 mp->mnt_stat.f_fsid.val[1] == id1) 1147 break; 1148 } 1149 mtx_unlock(&mountlist_mtx); 1150 } else { 1151 mtx_lock(&mountlist_mtx); 1152 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) { 1153 if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0) 1154 break; 1155 } 1156 mtx_unlock(&mountlist_mtx); 1157 } 1158 free(pathbuf, M_TEMP); 1159 if (mp == NULL) { 1160 /* 1161 * Previously we returned ENOENT for a nonexistent path and 1162 * EINVAL for a non-mountpoint. We cannot tell these apart 1163 * now, so in the !MNT_BYFSID case return the more likely 1164 * EINVAL for compatibility. 1165 */ 1166 mtx_unlock(&Giant); 1167 return ((uap->flags & MNT_BYFSID) ? ENOENT : EINVAL); 1168 } 1169 1170 /* 1171 * Don't allow unmounting the root filesystem. 1172 */ 1173 if (mp->mnt_flag & MNT_ROOTFS) { 1174 mtx_unlock(&Giant); 1175 return (EINVAL); 1176 } 1177 error = dounmount(mp, uap->flags, td); 1178 mtx_unlock(&Giant); 1179 return (error); 1180 } 1181 1182 /* 1183 * Do the actual filesystem unmount. 1184 */ 1185 int 1186 dounmount(mp, flags, td) 1187 struct mount *mp; 1188 int flags; 1189 struct thread *td; 1190 { 1191 struct vnode *coveredvp, *fsrootvp; 1192 int error; 1193 int async_flag; 1194 int mnt_gen_r; 1195 1196 mtx_assert(&Giant, MA_OWNED); 1197 1198 if ((coveredvp = mp->mnt_vnodecovered) != NULL) { 1199 mnt_gen_r = mp->mnt_gen; 1200 VI_LOCK(coveredvp); 1201 vholdl(coveredvp); 1202 vn_lock(coveredvp, LK_EXCLUSIVE | LK_INTERLOCK | LK_RETRY); 1203 vdrop(coveredvp); 1204 /* 1205 * Check for mp being unmounted while waiting for the 1206 * covered vnode lock. 1207 */ 1208 if (coveredvp->v_mountedhere != mp || 1209 coveredvp->v_mountedhere->mnt_gen != mnt_gen_r) { 1210 VOP_UNLOCK(coveredvp, 0); 1211 return (EBUSY); 1212 } 1213 } 1214 /* 1215 * Only privileged root, or (if MNT_USER is set) the user that did the 1216 * original mount is permitted to unmount this filesystem. 1217 */ 1218 error = vfs_suser(mp, td); 1219 if (error) { 1220 if (coveredvp) 1221 VOP_UNLOCK(coveredvp, 0); 1222 return (error); 1223 } 1224 1225 MNT_ILOCK(mp); 1226 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1227 MNT_IUNLOCK(mp); 1228 if (coveredvp) 1229 VOP_UNLOCK(coveredvp, 0); 1230 return (EBUSY); 1231 } 1232 mp->mnt_kern_flag |= MNTK_UNMOUNT | MNTK_NOINSMNTQ; 1233 /* Allow filesystems to detect that a forced unmount is in progress. */ 1234 if (flags & MNT_FORCE) 1235 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1236 error = 0; 1237 if (mp->mnt_lockref) { 1238 if ((flags & MNT_FORCE) == 0) { 1239 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_NOINSMNTQ | 1240 MNTK_UNMOUNTF); 1241 if (mp->mnt_kern_flag & MNTK_MWAIT) { 1242 mp->mnt_kern_flag &= ~MNTK_MWAIT; 1243 wakeup(mp); 1244 } 1245 MNT_IUNLOCK(mp); 1246 if (coveredvp) 1247 VOP_UNLOCK(coveredvp, 0); 1248 return (EBUSY); 1249 } 1250 mp->mnt_kern_flag |= MNTK_DRAINING; 1251 error = msleep(&mp->mnt_lockref, MNT_MTX(mp), PVFS, 1252 "mount drain", 0); 1253 } 1254 MNT_IUNLOCK(mp); 1255 KASSERT(mp->mnt_lockref == 0, 1256 ("%s: invalid lock refcount in the drain path @ %s:%d", 1257 __func__, __FILE__, __LINE__)); 1258 KASSERT(error == 0, 1259 ("%s: invalid return value for msleep in the drain path @ %s:%d", 1260 __func__, __FILE__, __LINE__)); 1261 vn_start_write(NULL, &mp, V_WAIT); 1262 1263 if (mp->mnt_flag & MNT_EXPUBLIC) 1264 vfs_setpublicfs(NULL, NULL, NULL); 1265 1266 vfs_msync(mp, MNT_WAIT); 1267 MNT_ILOCK(mp); 1268 async_flag = mp->mnt_flag & MNT_ASYNC; 1269 mp->mnt_flag &= ~MNT_ASYNC; 1270 mp->mnt_kern_flag &= ~MNTK_ASYNC; 1271 MNT_IUNLOCK(mp); 1272 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1273 if (mp->mnt_syncer != NULL) 1274 vrele(mp->mnt_syncer); 1275 /* 1276 * For forced unmounts, move process cdir/rdir refs on the fs root 1277 * vnode to the covered vnode. For non-forced unmounts we want 1278 * such references to cause an EBUSY error. 1279 */ 1280 if ((flags & MNT_FORCE) && 1281 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp, td) == 0) { 1282 if (mp->mnt_vnodecovered != NULL) 1283 mountcheckdirs(fsrootvp, mp->mnt_vnodecovered); 1284 if (fsrootvp == rootvnode) { 1285 vrele(rootvnode); 1286 rootvnode = NULL; 1287 } 1288 vput(fsrootvp); 1289 } 1290 if (((mp->mnt_flag & MNT_RDONLY) || 1291 (error = VFS_SYNC(mp, MNT_WAIT, td)) == 0) || 1292 (flags & MNT_FORCE)) { 1293 error = VFS_UNMOUNT(mp, flags, td); 1294 } 1295 vn_finished_write(mp); 1296 /* 1297 * If we failed to flush the dirty blocks for this mount point, 1298 * undo all the cdir/rdir and rootvnode changes we made above. 1299 * Unless we failed to do so because the device is reporting that 1300 * it doesn't exist anymore. 1301 */ 1302 if (error && error != ENXIO) { 1303 if ((flags & MNT_FORCE) && 1304 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp, td) == 0) { 1305 if (mp->mnt_vnodecovered != NULL) 1306 mountcheckdirs(mp->mnt_vnodecovered, fsrootvp); 1307 if (rootvnode == NULL) { 1308 rootvnode = fsrootvp; 1309 vref(rootvnode); 1310 } 1311 vput(fsrootvp); 1312 } 1313 MNT_ILOCK(mp); 1314 mp->mnt_kern_flag &= ~MNTK_NOINSMNTQ; 1315 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) { 1316 MNT_IUNLOCK(mp); 1317 (void) vfs_allocate_syncvnode(mp); 1318 MNT_ILOCK(mp); 1319 } 1320 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1321 mp->mnt_flag |= async_flag; 1322 if ((mp->mnt_flag & MNT_ASYNC) != 0 && mp->mnt_noasync == 0) 1323 mp->mnt_kern_flag |= MNTK_ASYNC; 1324 if (mp->mnt_kern_flag & MNTK_MWAIT) { 1325 mp->mnt_kern_flag &= ~MNTK_MWAIT; 1326 wakeup(mp); 1327 } 1328 MNT_IUNLOCK(mp); 1329 if (coveredvp) 1330 VOP_UNLOCK(coveredvp, 0); 1331 return (error); 1332 } 1333 mtx_lock(&mountlist_mtx); 1334 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1335 mtx_unlock(&mountlist_mtx); 1336 if (coveredvp != NULL) { 1337 coveredvp->v_mountedhere = NULL; 1338 vput(coveredvp); 1339 } 1340 vfs_event_signal(NULL, VQ_UNMOUNT, 0); 1341 vfs_mount_destroy(mp); 1342 return (0); 1343 } 1344 1345 /* 1346 * --------------------------------------------------------------------- 1347 * Mounting of root filesystem 1348 * 1349 */ 1350 1351 struct root_hold_token { 1352 const char *who; 1353 LIST_ENTRY(root_hold_token) list; 1354 }; 1355 1356 static LIST_HEAD(, root_hold_token) root_holds = 1357 LIST_HEAD_INITIALIZER(&root_holds); 1358 1359 static int root_mount_complete; 1360 1361 /* 1362 * Hold root mount. 1363 */ 1364 struct root_hold_token * 1365 root_mount_hold(const char *identifier) 1366 { 1367 struct root_hold_token *h; 1368 1369 h = malloc(sizeof *h, M_DEVBUF, M_ZERO | M_WAITOK); 1370 h->who = identifier; 1371 mtx_lock(&mountlist_mtx); 1372 LIST_INSERT_HEAD(&root_holds, h, list); 1373 mtx_unlock(&mountlist_mtx); 1374 return (h); 1375 } 1376 1377 /* 1378 * Release root mount. 1379 */ 1380 void 1381 root_mount_rel(struct root_hold_token *h) 1382 { 1383 1384 mtx_lock(&mountlist_mtx); 1385 LIST_REMOVE(h, list); 1386 wakeup(&root_holds); 1387 mtx_unlock(&mountlist_mtx); 1388 free(h, M_DEVBUF); 1389 } 1390 1391 /* 1392 * Wait for all subsystems to release root mount. 1393 */ 1394 static void 1395 root_mount_prepare(void) 1396 { 1397 struct root_hold_token *h; 1398 1399 for (;;) { 1400 DROP_GIANT(); 1401 g_waitidle(); 1402 PICKUP_GIANT(); 1403 mtx_lock(&mountlist_mtx); 1404 if (LIST_EMPTY(&root_holds)) { 1405 mtx_unlock(&mountlist_mtx); 1406 break; 1407 } 1408 printf("Root mount waiting for:"); 1409 LIST_FOREACH(h, &root_holds, list) 1410 printf(" %s", h->who); 1411 printf("\n"); 1412 msleep(&root_holds, &mountlist_mtx, PZERO | PDROP, "roothold", 1413 hz); 1414 } 1415 } 1416 1417 /* 1418 * Root was mounted, share the good news. 1419 */ 1420 static void 1421 root_mount_done(void) 1422 { 1423 1424 /* 1425 * Use a mutex to prevent the wakeup being missed and waiting for 1426 * an extra 1 second sleep. 1427 */ 1428 mtx_lock(&mountlist_mtx); 1429 root_mount_complete = 1; 1430 wakeup(&root_mount_complete); 1431 mtx_unlock(&mountlist_mtx); 1432 } 1433 1434 /* 1435 * Return true if root is already mounted. 1436 */ 1437 int 1438 root_mounted(void) 1439 { 1440 1441 /* No mutex is acquired here because int stores are atomic. */ 1442 return (root_mount_complete); 1443 } 1444 1445 /* 1446 * Wait until root is mounted. 1447 */ 1448 void 1449 root_mount_wait(void) 1450 { 1451 1452 /* 1453 * Panic on an obvious deadlock - the function can't be called from 1454 * a thread which is doing the whole SYSINIT stuff. 1455 */ 1456 KASSERT(curthread->td_proc->p_pid != 0, 1457 ("root_mount_wait: cannot be called from the swapper thread")); 1458 mtx_lock(&mountlist_mtx); 1459 while (!root_mount_complete) { 1460 msleep(&root_mount_complete, &mountlist_mtx, PZERO, "rootwait", 1461 hz); 1462 } 1463 mtx_unlock(&mountlist_mtx); 1464 } 1465 1466 static void 1467 set_rootvnode(struct thread *td) 1468 { 1469 struct proc *p; 1470 1471 if (VFS_ROOT(TAILQ_FIRST(&mountlist), LK_EXCLUSIVE, &rootvnode, td)) 1472 panic("Cannot find root vnode"); 1473 1474 p = td->td_proc; 1475 FILEDESC_XLOCK(p->p_fd); 1476 1477 if (p->p_fd->fd_cdir != NULL) 1478 vrele(p->p_fd->fd_cdir); 1479 p->p_fd->fd_cdir = rootvnode; 1480 VREF(rootvnode); 1481 1482 if (p->p_fd->fd_rdir != NULL) 1483 vrele(p->p_fd->fd_rdir); 1484 p->p_fd->fd_rdir = rootvnode; 1485 VREF(rootvnode); 1486 1487 FILEDESC_XUNLOCK(p->p_fd); 1488 1489 VOP_UNLOCK(rootvnode, 0); 1490 1491 EVENTHANDLER_INVOKE(mountroot); 1492 } 1493 1494 /* 1495 * Mount /devfs as our root filesystem, but do not put it on the mountlist 1496 * yet. Create a /dev -> / symlink so that absolute pathnames will lookup. 1497 */ 1498 1499 static void 1500 devfs_first(void) 1501 { 1502 struct thread *td = curthread; 1503 struct vfsoptlist *opts; 1504 struct vfsconf *vfsp; 1505 struct mount *mp = NULL; 1506 int error; 1507 1508 vfsp = vfs_byname("devfs"); 1509 KASSERT(vfsp != NULL, ("Could not find devfs by name")); 1510 if (vfsp == NULL) 1511 return; 1512 1513 mp = vfs_mount_alloc(NULLVP, vfsp, "/dev", td->td_ucred); 1514 1515 error = VFS_MOUNT(mp, td); 1516 KASSERT(error == 0, ("VFS_MOUNT(devfs) failed %d", error)); 1517 if (error) 1518 return; 1519 1520 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 1521 TAILQ_INIT(opts); 1522 mp->mnt_opt = opts; 1523 1524 mtx_lock(&mountlist_mtx); 1525 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1526 mtx_unlock(&mountlist_mtx); 1527 1528 set_rootvnode(td); 1529 1530 error = kern_symlink(td, "/", "dev", UIO_SYSSPACE); 1531 if (error) 1532 printf("kern_symlink /dev -> / returns %d\n", error); 1533 } 1534 1535 /* 1536 * Surgically move our devfs to be mounted on /dev. 1537 */ 1538 1539 static void 1540 devfs_fixup(struct thread *td) 1541 { 1542 struct nameidata nd; 1543 int error; 1544 struct vnode *vp, *dvp; 1545 struct mount *mp; 1546 1547 /* Remove our devfs mount from the mountlist and purge the cache */ 1548 mtx_lock(&mountlist_mtx); 1549 mp = TAILQ_FIRST(&mountlist); 1550 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1551 mtx_unlock(&mountlist_mtx); 1552 cache_purgevfs(mp); 1553 1554 VFS_ROOT(mp, LK_EXCLUSIVE, &dvp, td); 1555 VI_LOCK(dvp); 1556 dvp->v_iflag &= ~VI_MOUNT; 1557 VI_UNLOCK(dvp); 1558 dvp->v_mountedhere = NULL; 1559 1560 /* Set up the real rootvnode, and purge the cache */ 1561 TAILQ_FIRST(&mountlist)->mnt_vnodecovered = NULL; 1562 set_rootvnode(td); 1563 cache_purgevfs(rootvnode->v_mount); 1564 1565 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, "/dev", td); 1566 error = namei(&nd); 1567 if (error) { 1568 printf("Lookup of /dev for devfs, error: %d\n", error); 1569 return; 1570 } 1571 NDFREE(&nd, NDF_ONLY_PNBUF); 1572 vp = nd.ni_vp; 1573 if (vp->v_type != VDIR) { 1574 vput(vp); 1575 } 1576 error = vinvalbuf(vp, V_SAVE, 0, 0); 1577 if (error) { 1578 vput(vp); 1579 } 1580 cache_purge(vp); 1581 mp->mnt_vnodecovered = vp; 1582 vp->v_mountedhere = mp; 1583 mtx_lock(&mountlist_mtx); 1584 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1585 mtx_unlock(&mountlist_mtx); 1586 VOP_UNLOCK(vp, 0); 1587 vput(dvp); 1588 vfs_unbusy(mp); 1589 1590 /* Unlink the no longer needed /dev/dev -> / symlink */ 1591 kern_unlink(td, "/dev/dev", UIO_SYSSPACE); 1592 } 1593 1594 /* 1595 * Report errors during filesystem mounting. 1596 */ 1597 void 1598 vfs_mount_error(struct mount *mp, const char *fmt, ...) 1599 { 1600 struct vfsoptlist *moptlist = mp->mnt_optnew; 1601 va_list ap; 1602 int error, len; 1603 char *errmsg; 1604 1605 error = vfs_getopt(moptlist, "errmsg", (void **)&errmsg, &len); 1606 if (error || errmsg == NULL || len <= 0) 1607 return; 1608 1609 va_start(ap, fmt); 1610 vsnprintf(errmsg, (size_t)len, fmt, ap); 1611 va_end(ap); 1612 } 1613 1614 /* 1615 * Find and mount the root filesystem 1616 */ 1617 void 1618 vfs_mountroot(void) 1619 { 1620 char *cp; 1621 int error, i, asked = 0; 1622 1623 root_mount_prepare(); 1624 1625 mount_zone = uma_zcreate("Mountpoints", sizeof(struct mount), 1626 NULL, NULL, mount_init, mount_fini, 1627 UMA_ALIGN_PTR, UMA_ZONE_NOFREE); 1628 devfs_first(); 1629 1630 /* 1631 * We are booted with instructions to prompt for the root filesystem. 1632 */ 1633 if (boothowto & RB_ASKNAME) { 1634 if (!vfs_mountroot_ask()) 1635 goto mounted; 1636 asked = 1; 1637 } 1638 1639 /* 1640 * The root filesystem information is compiled in, and we are 1641 * booted with instructions to use it. 1642 */ 1643 if (ctrootdevname != NULL && (boothowto & RB_DFLTROOT)) { 1644 if (!vfs_mountroot_try(ctrootdevname)) 1645 goto mounted; 1646 ctrootdevname = NULL; 1647 } 1648 1649 /* 1650 * We've been given the generic "use CDROM as root" flag. This is 1651 * necessary because one media may be used in many different 1652 * devices, so we need to search for them. 1653 */ 1654 if (boothowto & RB_CDROM) { 1655 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1656 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1657 goto mounted; 1658 } 1659 } 1660 1661 /* 1662 * Try to use the value read by the loader from /etc/fstab, or 1663 * supplied via some other means. This is the preferred 1664 * mechanism. 1665 */ 1666 cp = getenv("vfs.root.mountfrom"); 1667 if (cp != NULL) { 1668 error = vfs_mountroot_try(cp); 1669 freeenv(cp); 1670 if (!error) 1671 goto mounted; 1672 } 1673 1674 /* 1675 * Try values that may have been computed by code during boot 1676 */ 1677 if (!vfs_mountroot_try(rootdevnames[0])) 1678 goto mounted; 1679 if (!vfs_mountroot_try(rootdevnames[1])) 1680 goto mounted; 1681 1682 /* 1683 * If we (still) have a compiled-in default, try it. 1684 */ 1685 if (ctrootdevname != NULL) 1686 if (!vfs_mountroot_try(ctrootdevname)) 1687 goto mounted; 1688 /* 1689 * Everything so far has failed, prompt on the console if we haven't 1690 * already tried that. 1691 */ 1692 if (!asked) 1693 if (!vfs_mountroot_ask()) 1694 goto mounted; 1695 1696 panic("Root mount failed, startup aborted."); 1697 1698 mounted: 1699 root_mount_done(); 1700 } 1701 1702 /* 1703 * Mount (mountfrom) as the root filesystem. 1704 */ 1705 static int 1706 vfs_mountroot_try(const char *mountfrom) 1707 { 1708 struct mount *mp; 1709 char *vfsname, *path; 1710 time_t timebase; 1711 int error; 1712 char patt[32]; 1713 1714 vfsname = NULL; 1715 path = NULL; 1716 mp = NULL; 1717 error = EINVAL; 1718 1719 if (mountfrom == NULL) 1720 return (error); /* don't complain */ 1721 printf("Trying to mount root from %s\n", mountfrom); 1722 1723 /* parse vfs name and path */ 1724 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1725 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1726 vfsname[0] = path[0] = 0; 1727 sprintf(patt, "%%%d[a-z0-9]:%%%ds", MFSNAMELEN, MNAMELEN); 1728 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1729 goto out; 1730 1731 if (path[0] == '\0') 1732 strcpy(path, ROOTNAME); 1733 1734 error = kernel_vmount( 1735 MNT_RDONLY | MNT_ROOTFS, 1736 "fstype", vfsname, 1737 "fspath", "/", 1738 "from", path, 1739 NULL); 1740 if (error == 0) { 1741 /* 1742 * We mount devfs prior to mounting the / FS, so the first 1743 * entry will typically be devfs. 1744 */ 1745 mp = TAILQ_FIRST(&mountlist); 1746 KASSERT(mp != NULL, ("%s: mountlist is empty", __func__)); 1747 1748 /* 1749 * Iterate over all currently mounted file systems and use 1750 * the time stamp found to check and/or initialize the RTC. 1751 * Typically devfs has no time stamp and the only other FS 1752 * is the actual / FS. 1753 * Call inittodr() only once and pass it the largest of the 1754 * timestamps we encounter. 1755 */ 1756 timebase = 0; 1757 do { 1758 if (mp->mnt_time > timebase) 1759 timebase = mp->mnt_time; 1760 mp = TAILQ_NEXT(mp, mnt_list); 1761 } while (mp != NULL); 1762 inittodr(timebase); 1763 1764 devfs_fixup(curthread); 1765 } 1766 out: 1767 free(path, M_MOUNT); 1768 free(vfsname, M_MOUNT); 1769 return (error); 1770 } 1771 1772 /* 1773 * --------------------------------------------------------------------- 1774 * Interactive root filesystem selection code. 1775 */ 1776 1777 static int 1778 vfs_mountroot_ask(void) 1779 { 1780 char name[128]; 1781 1782 for(;;) { 1783 printf("\nManual root filesystem specification:\n"); 1784 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1785 #if defined(__amd64__) || defined(__i386__) || defined(__ia64__) 1786 printf(" eg. ufs:da0s1a\n"); 1787 #else 1788 printf(" eg. ufs:/dev/da0a\n"); 1789 #endif 1790 printf(" ? List valid disk boot devices\n"); 1791 printf(" <empty line> Abort manual input\n"); 1792 printf("\nmountroot> "); 1793 gets(name, sizeof(name), 1); 1794 if (name[0] == '\0') 1795 return (1); 1796 if (name[0] == '?') { 1797 printf("\nList of GEOM managed disk devices:\n "); 1798 g_dev_print(); 1799 continue; 1800 } 1801 if (!vfs_mountroot_try(name)) 1802 return (0); 1803 } 1804 } 1805 1806 /* 1807 * --------------------------------------------------------------------- 1808 * Functions for querying mount options/arguments from filesystems. 1809 */ 1810 1811 /* 1812 * Check that no unknown options are given 1813 */ 1814 int 1815 vfs_filteropt(struct vfsoptlist *opts, const char **legal) 1816 { 1817 struct vfsopt *opt; 1818 char errmsg[255]; 1819 const char **t, *p, *q; 1820 int ret = 0; 1821 1822 TAILQ_FOREACH(opt, opts, link) { 1823 p = opt->name; 1824 q = NULL; 1825 if (p[0] == 'n' && p[1] == 'o') 1826 q = p + 2; 1827 for(t = global_opts; *t != NULL; t++) { 1828 if (strcmp(*t, p) == 0) 1829 break; 1830 if (q != NULL) { 1831 if (strcmp(*t, q) == 0) 1832 break; 1833 } 1834 } 1835 if (*t != NULL) 1836 continue; 1837 for(t = legal; *t != NULL; t++) { 1838 if (strcmp(*t, p) == 0) 1839 break; 1840 if (q != NULL) { 1841 if (strcmp(*t, q) == 0) 1842 break; 1843 } 1844 } 1845 if (*t != NULL) 1846 continue; 1847 snprintf(errmsg, sizeof(errmsg), 1848 "mount option <%s> is unknown", p); 1849 printf("%s\n", errmsg); 1850 ret = EINVAL; 1851 } 1852 if (ret != 0) { 1853 TAILQ_FOREACH(opt, opts, link) { 1854 if (strcmp(opt->name, "errmsg") == 0) { 1855 strncpy((char *)opt->value, errmsg, opt->len); 1856 } 1857 } 1858 } 1859 return (ret); 1860 } 1861 1862 /* 1863 * Get a mount option by its name. 1864 * 1865 * Return 0 if the option was found, ENOENT otherwise. 1866 * If len is non-NULL it will be filled with the length 1867 * of the option. If buf is non-NULL, it will be filled 1868 * with the address of the option. 1869 */ 1870 int 1871 vfs_getopt(opts, name, buf, len) 1872 struct vfsoptlist *opts; 1873 const char *name; 1874 void **buf; 1875 int *len; 1876 { 1877 struct vfsopt *opt; 1878 1879 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1880 1881 TAILQ_FOREACH(opt, opts, link) { 1882 if (strcmp(name, opt->name) == 0) { 1883 if (len != NULL) 1884 *len = opt->len; 1885 if (buf != NULL) 1886 *buf = opt->value; 1887 return (0); 1888 } 1889 } 1890 return (ENOENT); 1891 } 1892 1893 static int 1894 vfs_getopt_pos(struct vfsoptlist *opts, const char *name) 1895 { 1896 struct vfsopt *opt; 1897 int i; 1898 1899 if (opts == NULL) 1900 return (-1); 1901 1902 i = 0; 1903 TAILQ_FOREACH(opt, opts, link) { 1904 if (strcmp(name, opt->name) == 0) 1905 return (i); 1906 ++i; 1907 } 1908 return (-1); 1909 } 1910 1911 char * 1912 vfs_getopts(struct vfsoptlist *opts, const char *name, int *error) 1913 { 1914 struct vfsopt *opt; 1915 1916 *error = 0; 1917 TAILQ_FOREACH(opt, opts, link) { 1918 if (strcmp(name, opt->name) != 0) 1919 continue; 1920 if (((char *)opt->value)[opt->len - 1] != '\0') { 1921 *error = EINVAL; 1922 return (NULL); 1923 } 1924 return (opt->value); 1925 } 1926 *error = ENOENT; 1927 return (NULL); 1928 } 1929 1930 int 1931 vfs_flagopt(struct vfsoptlist *opts, const char *name, u_int *w, u_int val) 1932 { 1933 struct vfsopt *opt; 1934 1935 TAILQ_FOREACH(opt, opts, link) { 1936 if (strcmp(name, opt->name) == 0) { 1937 if (w != NULL) 1938 *w |= val; 1939 return (1); 1940 } 1941 } 1942 if (w != NULL) 1943 *w &= ~val; 1944 return (0); 1945 } 1946 1947 int 1948 vfs_scanopt(struct vfsoptlist *opts, const char *name, const char *fmt, ...) 1949 { 1950 va_list ap; 1951 struct vfsopt *opt; 1952 int ret; 1953 1954 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1955 1956 TAILQ_FOREACH(opt, opts, link) { 1957 if (strcmp(name, opt->name) != 0) 1958 continue; 1959 if (opt->len == 0 || opt->value == NULL) 1960 return (0); 1961 if (((char *)opt->value)[opt->len - 1] != '\0') 1962 return (0); 1963 va_start(ap, fmt); 1964 ret = vsscanf(opt->value, fmt, ap); 1965 va_end(ap); 1966 return (ret); 1967 } 1968 return (0); 1969 } 1970 1971 /* 1972 * Find and copy a mount option. 1973 * 1974 * The size of the buffer has to be specified 1975 * in len, if it is not the same length as the 1976 * mount option, EINVAL is returned. 1977 * Returns ENOENT if the option is not found. 1978 */ 1979 int 1980 vfs_copyopt(opts, name, dest, len) 1981 struct vfsoptlist *opts; 1982 const char *name; 1983 void *dest; 1984 int len; 1985 { 1986 struct vfsopt *opt; 1987 1988 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL")); 1989 1990 TAILQ_FOREACH(opt, opts, link) { 1991 if (strcmp(name, opt->name) == 0) { 1992 if (len != opt->len) 1993 return (EINVAL); 1994 bcopy(opt->value, dest, opt->len); 1995 return (0); 1996 } 1997 } 1998 return (ENOENT); 1999 } 2000 2001 /* 2002 * This is a helper function for filesystems to traverse their 2003 * vnodes. See MNT_VNODE_FOREACH() in sys/mount.h 2004 */ 2005 2006 struct vnode * 2007 __mnt_vnode_next(struct vnode **mvp, struct mount *mp) 2008 { 2009 struct vnode *vp; 2010 2011 mtx_assert(MNT_MTX(mp), MA_OWNED); 2012 2013 KASSERT((*mvp)->v_mount == mp, ("marker vnode mount list mismatch")); 2014 if ((*mvp)->v_yield++ == 500) { 2015 MNT_IUNLOCK(mp); 2016 (*mvp)->v_yield = 0; 2017 uio_yield(); 2018 MNT_ILOCK(mp); 2019 } 2020 vp = TAILQ_NEXT(*mvp, v_nmntvnodes); 2021 while (vp != NULL && vp->v_type == VMARKER) 2022 vp = TAILQ_NEXT(vp, v_nmntvnodes); 2023 2024 /* Check if we are done */ 2025 if (vp == NULL) { 2026 __mnt_vnode_markerfree(mvp, mp); 2027 return (NULL); 2028 } 2029 TAILQ_REMOVE(&mp->mnt_nvnodelist, *mvp, v_nmntvnodes); 2030 TAILQ_INSERT_AFTER(&mp->mnt_nvnodelist, vp, *mvp, v_nmntvnodes); 2031 return (vp); 2032 } 2033 2034 struct vnode * 2035 __mnt_vnode_first(struct vnode **mvp, struct mount *mp) 2036 { 2037 struct vnode *vp; 2038 2039 mtx_assert(MNT_MTX(mp), MA_OWNED); 2040 2041 vp = TAILQ_FIRST(&mp->mnt_nvnodelist); 2042 while (vp != NULL && vp->v_type == VMARKER) 2043 vp = TAILQ_NEXT(vp, v_nmntvnodes); 2044 2045 /* Check if we are done */ 2046 if (vp == NULL) { 2047 *mvp = NULL; 2048 return (NULL); 2049 } 2050 MNT_REF(mp); 2051 MNT_IUNLOCK(mp); 2052 *mvp = (struct vnode *) malloc(sizeof(struct vnode), 2053 M_VNODE_MARKER, 2054 M_WAITOK | M_ZERO); 2055 MNT_ILOCK(mp); 2056 (*mvp)->v_type = VMARKER; 2057 2058 vp = TAILQ_FIRST(&mp->mnt_nvnodelist); 2059 while (vp != NULL && vp->v_type == VMARKER) 2060 vp = TAILQ_NEXT(vp, v_nmntvnodes); 2061 2062 /* Check if we are done */ 2063 if (vp == NULL) { 2064 MNT_IUNLOCK(mp); 2065 free(*mvp, M_VNODE_MARKER); 2066 MNT_ILOCK(mp); 2067 *mvp = NULL; 2068 MNT_REL(mp); 2069 return (NULL); 2070 } 2071 (*mvp)->v_mount = mp; 2072 TAILQ_INSERT_AFTER(&mp->mnt_nvnodelist, vp, *mvp, v_nmntvnodes); 2073 return (vp); 2074 } 2075 2076 2077 void 2078 __mnt_vnode_markerfree(struct vnode **mvp, struct mount *mp) 2079 { 2080 2081 if (*mvp == NULL) 2082 return; 2083 2084 mtx_assert(MNT_MTX(mp), MA_OWNED); 2085 2086 KASSERT((*mvp)->v_mount == mp, ("marker vnode mount list mismatch")); 2087 TAILQ_REMOVE(&mp->mnt_nvnodelist, *mvp, v_nmntvnodes); 2088 MNT_IUNLOCK(mp); 2089 free(*mvp, M_VNODE_MARKER); 2090 MNT_ILOCK(mp); 2091 *mvp = NULL; 2092 MNT_REL(mp); 2093 } 2094 2095 2096 int 2097 __vfs_statfs(struct mount *mp, struct statfs *sbp, struct thread *td) 2098 { 2099 int error; 2100 2101 error = mp->mnt_op->vfs_statfs(mp, &mp->mnt_stat, td); 2102 if (sbp != &mp->mnt_stat) 2103 *sbp = mp->mnt_stat; 2104 return (error); 2105 } 2106 2107 void 2108 vfs_mountedfrom(struct mount *mp, const char *from) 2109 { 2110 2111 bzero(mp->mnt_stat.f_mntfromname, sizeof mp->mnt_stat.f_mntfromname); 2112 strlcpy(mp->mnt_stat.f_mntfromname, from, 2113 sizeof mp->mnt_stat.f_mntfromname); 2114 } 2115 2116 /* 2117 * --------------------------------------------------------------------- 2118 * This is the api for building mount args and mounting filesystems from 2119 * inside the kernel. 2120 * 2121 * The API works by accumulation of individual args. First error is 2122 * latched. 2123 * 2124 * XXX: should be documented in new manpage kernel_mount(9) 2125 */ 2126 2127 /* A memory allocation which must be freed when we are done */ 2128 struct mntaarg { 2129 SLIST_ENTRY(mntaarg) next; 2130 }; 2131 2132 /* The header for the mount arguments */ 2133 struct mntarg { 2134 struct iovec *v; 2135 int len; 2136 int error; 2137 SLIST_HEAD(, mntaarg) list; 2138 }; 2139 2140 /* 2141 * Add a boolean argument. 2142 * 2143 * flag is the boolean value. 2144 * name must start with "no". 2145 */ 2146 struct mntarg * 2147 mount_argb(struct mntarg *ma, int flag, const char *name) 2148 { 2149 2150 KASSERT(name[0] == 'n' && name[1] == 'o', 2151 ("mount_argb(...,%s): name must start with 'no'", name)); 2152 2153 return (mount_arg(ma, name + (flag ? 2 : 0), NULL, 0)); 2154 } 2155 2156 /* 2157 * Add an argument printf style 2158 */ 2159 struct mntarg * 2160 mount_argf(struct mntarg *ma, const char *name, const char *fmt, ...) 2161 { 2162 va_list ap; 2163 struct mntaarg *maa; 2164 struct sbuf *sb; 2165 int len; 2166 2167 if (ma == NULL) { 2168 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO); 2169 SLIST_INIT(&ma->list); 2170 } 2171 if (ma->error) 2172 return (ma); 2173 2174 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2), 2175 M_MOUNT, M_WAITOK); 2176 ma->v[ma->len].iov_base = (void *)(uintptr_t)name; 2177 ma->v[ma->len].iov_len = strlen(name) + 1; 2178 ma->len++; 2179 2180 sb = sbuf_new_auto(); 2181 va_start(ap, fmt); 2182 sbuf_vprintf(sb, fmt, ap); 2183 va_end(ap); 2184 sbuf_finish(sb); 2185 len = sbuf_len(sb) + 1; 2186 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO); 2187 SLIST_INSERT_HEAD(&ma->list, maa, next); 2188 bcopy(sbuf_data(sb), maa + 1, len); 2189 sbuf_delete(sb); 2190 2191 ma->v[ma->len].iov_base = maa + 1; 2192 ma->v[ma->len].iov_len = len; 2193 ma->len++; 2194 2195 return (ma); 2196 } 2197 2198 /* 2199 * Add an argument which is a userland string. 2200 */ 2201 struct mntarg * 2202 mount_argsu(struct mntarg *ma, const char *name, const void *val, int len) 2203 { 2204 struct mntaarg *maa; 2205 char *tbuf; 2206 2207 if (val == NULL) 2208 return (ma); 2209 if (ma == NULL) { 2210 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO); 2211 SLIST_INIT(&ma->list); 2212 } 2213 if (ma->error) 2214 return (ma); 2215 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO); 2216 SLIST_INSERT_HEAD(&ma->list, maa, next); 2217 tbuf = (void *)(maa + 1); 2218 ma->error = copyinstr(val, tbuf, len, NULL); 2219 return (mount_arg(ma, name, tbuf, -1)); 2220 } 2221 2222 /* 2223 * Plain argument. 2224 * 2225 * If length is -1, treat value as a C string. 2226 */ 2227 struct mntarg * 2228 mount_arg(struct mntarg *ma, const char *name, const void *val, int len) 2229 { 2230 2231 if (ma == NULL) { 2232 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO); 2233 SLIST_INIT(&ma->list); 2234 } 2235 if (ma->error) 2236 return (ma); 2237 2238 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2), 2239 M_MOUNT, M_WAITOK); 2240 ma->v[ma->len].iov_base = (void *)(uintptr_t)name; 2241 ma->v[ma->len].iov_len = strlen(name) + 1; 2242 ma->len++; 2243 2244 ma->v[ma->len].iov_base = (void *)(uintptr_t)val; 2245 if (len < 0) 2246 ma->v[ma->len].iov_len = strlen(val) + 1; 2247 else 2248 ma->v[ma->len].iov_len = len; 2249 ma->len++; 2250 return (ma); 2251 } 2252 2253 /* 2254 * Free a mntarg structure 2255 */ 2256 static void 2257 free_mntarg(struct mntarg *ma) 2258 { 2259 struct mntaarg *maa; 2260 2261 while (!SLIST_EMPTY(&ma->list)) { 2262 maa = SLIST_FIRST(&ma->list); 2263 SLIST_REMOVE_HEAD(&ma->list, next); 2264 free(maa, M_MOUNT); 2265 } 2266 free(ma->v, M_MOUNT); 2267 free(ma, M_MOUNT); 2268 } 2269 2270 /* 2271 * Mount a filesystem 2272 */ 2273 int 2274 kernel_mount(struct mntarg *ma, int flags) 2275 { 2276 struct uio auio; 2277 int error; 2278 2279 KASSERT(ma != NULL, ("kernel_mount NULL ma")); 2280 KASSERT(ma->v != NULL, ("kernel_mount NULL ma->v")); 2281 KASSERT(!(ma->len & 1), ("kernel_mount odd ma->len (%d)", ma->len)); 2282 2283 auio.uio_iov = ma->v; 2284 auio.uio_iovcnt = ma->len; 2285 auio.uio_segflg = UIO_SYSSPACE; 2286 2287 error = ma->error; 2288 if (!error) 2289 error = vfs_donmount(curthread, flags, &auio); 2290 free_mntarg(ma); 2291 return (error); 2292 } 2293 2294 /* 2295 * A printflike function to mount a filesystem. 2296 */ 2297 int 2298 kernel_vmount(int flags, ...) 2299 { 2300 struct mntarg *ma = NULL; 2301 va_list ap; 2302 const char *cp; 2303 const void *vp; 2304 int error; 2305 2306 va_start(ap, flags); 2307 for (;;) { 2308 cp = va_arg(ap, const char *); 2309 if (cp == NULL) 2310 break; 2311 vp = va_arg(ap, const void *); 2312 ma = mount_arg(ma, cp, vp, (vp != NULL ? -1 : 0)); 2313 } 2314 va_end(ap); 2315 2316 error = kernel_mount(ma, flags); 2317 return (error); 2318 } 2319