1 /*- 2 * Copyright (c) 1999-2004 Poul-Henning Kamp 3 * Copyright (c) 1999 Michael Smith 4 * Copyright (c) 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * (c) UNIX System Laboratories, Inc. 7 * All or some portions of this file are derived from material licensed 8 * to the University of California by American Telephone and Telegraph 9 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 * the permission of UNIX System Laboratories, Inc. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 __FBSDID("$FreeBSD$"); 39 40 #include <sys/param.h> 41 #include <sys/conf.h> 42 #include <sys/jail.h> 43 #include <sys/kernel.h> 44 #include <sys/libkern.h> 45 #include <sys/mac.h> 46 #include <sys/malloc.h> 47 #include <sys/mount.h> 48 #include <sys/mutex.h> 49 #include <sys/namei.h> 50 #include <sys/proc.h> 51 #include <sys/filedesc.h> 52 #include <sys/reboot.h> 53 #include <sys/syscallsubr.h> 54 #include <sys/sysproto.h> 55 #include <sys/sx.h> 56 #include <sys/sysctl.h> 57 #include <sys/sysent.h> 58 #include <sys/systm.h> 59 #include <sys/vnode.h> 60 61 #include <geom/geom.h> 62 63 #include <machine/stdarg.h> 64 65 #include "opt_rootdevname.h" 66 #include "opt_ddb.h" 67 #include "opt_mac.h" 68 69 #ifdef DDB 70 #include <ddb/ddb.h> 71 #endif 72 73 #define ROOTNAME "root_device" 74 #define VFS_MOUNTARG_SIZE_MAX (1024 * 64) 75 76 static int vfs_domount(struct thread *td, const char *fstype, 77 char *fspath, int fsflags, void *fsdata); 78 static struct mount *vfs_mount_alloc(struct vnode *dvp, struct vfsconf *vfsp, 79 const char *fspath, struct thread *td); 80 static int vfs_mountroot_ask(void); 81 static int vfs_mountroot_try(const char *mountfrom); 82 static int vfs_donmount(struct thread *td, int fsflags, 83 struct uio *fsoptions); 84 static void free_mntarg(struct mntarg *ma); 85 static void vfs_mount_destroy(struct mount *, struct thread *); 86 static int vfs_getopt_pos(struct vfsoptlist *opts, const char *name); 87 88 static int usermount = 0; 89 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, 90 "Unprivileged users may mount and unmount file systems"); 91 92 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 93 94 /* List of mounted filesystems. */ 95 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 96 97 /* For any iteration/modification of mountlist */ 98 struct mtx mountlist_mtx; 99 MTX_SYSINIT(mountlist, &mountlist_mtx, "mountlist", MTX_DEF); 100 101 TAILQ_HEAD(vfsoptlist, vfsopt); 102 struct vfsopt { 103 TAILQ_ENTRY(vfsopt) link; 104 char *name; 105 void *value; 106 int len; 107 }; 108 109 /* 110 * The vnode of the system's root (/ in the filesystem, without chroot 111 * active.) 112 */ 113 struct vnode *rootvnode; 114 115 /* 116 * The root filesystem is detailed in the kernel environment variable 117 * vfs.root.mountfrom, which is expected to be in the general format 118 * 119 * <vfsname>:[<path>] 120 * vfsname := the name of a VFS known to the kernel and capable 121 * of being mounted as root 122 * path := disk device name or other data used by the filesystem 123 * to locate its physical store 124 */ 125 126 /* 127 * Global opts, taken by all filesystems 128 */ 129 static const char *global_opts[] = { 130 "errmsg", 131 "fstype", 132 "fspath", 133 "rdonly", 134 "ro", 135 "rw", 136 "suid", 137 "exec", 138 NULL 139 }; 140 141 /* 142 * The root specifiers we will try if RB_CDROM is specified. 143 */ 144 static char *cdrom_rootdevnames[] = { 145 "cd9660:cd0", 146 "cd9660:acd0", 147 NULL 148 }; 149 150 /* legacy find-root code */ 151 char *rootdevnames[2] = {NULL, NULL}; 152 #ifndef ROOTDEVNAME 153 # define ROOTDEVNAME NULL 154 #endif 155 static const char *ctrootdevname = ROOTDEVNAME; 156 157 /* 158 * --------------------------------------------------------------------- 159 * Functions for building and sanitizing the mount options 160 */ 161 162 /* Remove one mount option. */ 163 static void 164 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 165 { 166 167 TAILQ_REMOVE(opts, opt, link); 168 free(opt->name, M_MOUNT); 169 if (opt->value != NULL) 170 free(opt->value, M_MOUNT); 171 #ifdef INVARIANTS 172 else if (opt->len != 0) 173 panic("%s: mount option with NULL value but length != 0", 174 __func__); 175 #endif 176 free(opt, M_MOUNT); 177 } 178 179 /* Release all resources related to the mount options. */ 180 static void 181 vfs_freeopts(struct vfsoptlist *opts) 182 { 183 struct vfsopt *opt; 184 185 while (!TAILQ_EMPTY(opts)) { 186 opt = TAILQ_FIRST(opts); 187 vfs_freeopt(opts, opt); 188 } 189 free(opts, M_MOUNT); 190 } 191 192 /* 193 * Check if options are equal (with or without the "no" prefix). 194 */ 195 static int 196 vfs_equalopts(const char *opt1, const char *opt2) 197 { 198 199 /* "opt" vs. "opt" or "noopt" vs. "noopt" */ 200 if (strcmp(opt1, opt2) == 0) 201 return (1); 202 /* "noopt" vs. "opt" */ 203 if (strncmp(opt1, "no", 2) == 0 && strcmp(opt1 + 2, opt2) == 0) 204 return (1); 205 /* "opt" vs. "noopt" */ 206 if (strncmp(opt2, "no", 2) == 0 && strcmp(opt1, opt2 + 2) == 0) 207 return (1); 208 return (0); 209 } 210 211 /* 212 * If a mount option is specified several times, 213 * (with or without the "no" prefix) only keep 214 * the last occurence of it. 215 */ 216 static void 217 vfs_sanitizeopts(struct vfsoptlist *opts) 218 { 219 struct vfsopt *opt, *opt2, *tmp; 220 221 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 222 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 223 while (opt2 != NULL) { 224 if (vfs_equalopts(opt->name, opt2->name)) { 225 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 226 vfs_freeopt(opts, opt2); 227 opt2 = tmp; 228 } else { 229 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 230 } 231 } 232 } 233 } 234 235 /* 236 * Build a linked list of mount options from a struct uio. 237 */ 238 static int 239 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 240 { 241 struct vfsoptlist *opts; 242 struct vfsopt *opt; 243 size_t memused; 244 unsigned int i, iovcnt; 245 int error, namelen, optlen; 246 247 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 248 TAILQ_INIT(opts); 249 memused = 0; 250 iovcnt = auio->uio_iovcnt; 251 for (i = 0; i < iovcnt; i += 2) { 252 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 253 namelen = auio->uio_iov[i].iov_len; 254 optlen = auio->uio_iov[i + 1].iov_len; 255 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 256 opt->value = NULL; 257 opt->len = 0; 258 259 /* 260 * Do this early, so jumps to "bad" will free the current 261 * option. 262 */ 263 TAILQ_INSERT_TAIL(opts, opt, link); 264 memused += sizeof(struct vfsopt) + optlen + namelen; 265 266 /* 267 * Avoid consuming too much memory, and attempts to overflow 268 * memused. 269 */ 270 if (memused > VFS_MOUNTARG_SIZE_MAX || 271 optlen > VFS_MOUNTARG_SIZE_MAX || 272 namelen > VFS_MOUNTARG_SIZE_MAX) { 273 error = EINVAL; 274 goto bad; 275 } 276 277 if (auio->uio_segflg == UIO_SYSSPACE) { 278 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 279 } else { 280 error = copyin(auio->uio_iov[i].iov_base, opt->name, 281 namelen); 282 if (error) 283 goto bad; 284 } 285 /* Ensure names are null-terminated strings. */ 286 if (opt->name[namelen - 1] != '\0') { 287 error = EINVAL; 288 goto bad; 289 } 290 if (optlen != 0) { 291 opt->len = optlen; 292 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 293 if (auio->uio_segflg == UIO_SYSSPACE) { 294 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 295 optlen); 296 } else { 297 error = copyin(auio->uio_iov[i + 1].iov_base, 298 opt->value, optlen); 299 if (error) 300 goto bad; 301 } 302 } 303 } 304 vfs_sanitizeopts(opts); 305 *options = opts; 306 return (0); 307 bad: 308 vfs_freeopts(opts); 309 return (error); 310 } 311 312 /* 313 * Merge the old mount options with the new ones passed 314 * in the MNT_UPDATE case. 315 */ 316 static void 317 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 318 { 319 struct vfsopt *opt, *opt2, *new; 320 321 TAILQ_FOREACH(opt, opts, link) { 322 /* 323 * Check that this option hasn't been redefined 324 * nor cancelled with a "no" mount option. 325 */ 326 opt2 = TAILQ_FIRST(toopts); 327 while (opt2 != NULL) { 328 if (strcmp(opt2->name, opt->name) == 0) 329 goto next; 330 if (strncmp(opt2->name, "no", 2) == 0 && 331 strcmp(opt2->name + 2, opt->name) == 0) { 332 vfs_freeopt(toopts, opt2); 333 goto next; 334 } 335 opt2 = TAILQ_NEXT(opt2, link); 336 } 337 /* We want this option, duplicate it. */ 338 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 339 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 340 strcpy(new->name, opt->name); 341 if (opt->len != 0) { 342 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 343 bcopy(opt->value, new->value, opt->len); 344 } else { 345 new->value = NULL; 346 } 347 new->len = opt->len; 348 TAILQ_INSERT_TAIL(toopts, new, link); 349 next: 350 continue; 351 } 352 } 353 354 /* 355 * --------------------------------------------------------------------- 356 * Mount a filesystem 357 */ 358 int 359 nmount(td, uap) 360 struct thread *td; 361 struct nmount_args /* { 362 struct iovec *iovp; 363 unsigned int iovcnt; 364 int flags; 365 } */ *uap; 366 { 367 struct uio *auio; 368 struct iovec *iov; 369 unsigned int i; 370 int error; 371 u_int iovcnt; 372 373 /* Kick out MNT_ROOTFS early as it is legal internally */ 374 if (uap->flags & MNT_ROOTFS) 375 return (EINVAL); 376 377 iovcnt = uap->iovcnt; 378 /* 379 * Check that we have an even number of iovec's 380 * and that we have at least two options. 381 */ 382 if ((iovcnt & 1) || (iovcnt < 4)) 383 return (EINVAL); 384 385 error = copyinuio(uap->iovp, iovcnt, &auio); 386 if (error) 387 return (error); 388 iov = auio->uio_iov; 389 for (i = 0; i < iovcnt; i++) { 390 if (iov->iov_len > MMAXOPTIONLEN) { 391 free(auio, M_IOV); 392 return (EINVAL); 393 } 394 iov++; 395 } 396 error = vfs_donmount(td, uap->flags, auio); 397 398 free(auio, M_IOV); 399 return (error); 400 } 401 402 /* 403 * --------------------------------------------------------------------- 404 * Various utility functions 405 */ 406 407 /* 408 * Allocate and initialize the mount point struct. 409 */ 410 static struct mount * 411 vfs_mount_alloc(struct vnode *vp, struct vfsconf *vfsp, 412 const char *fspath, struct thread *td) 413 { 414 struct mount *mp; 415 416 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 417 TAILQ_INIT(&mp->mnt_nvnodelist); 418 mp->mnt_nvnodelistsize = 0; 419 mtx_init(&mp->mnt_mtx, "struct mount mtx", NULL, MTX_DEF); 420 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, 0); 421 vfs_busy(mp, LK_NOWAIT, 0, td); 422 mp->mnt_op = vfsp->vfc_vfsops; 423 mp->mnt_vfc = vfsp; 424 vfsp->vfc_refcount++; 425 mp->mnt_stat.f_type = vfsp->vfc_typenum; 426 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 427 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 428 mp->mnt_vnodecovered = vp; 429 mp->mnt_cred = crdup(td->td_ucred); 430 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 431 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 432 mp->mnt_iosize_max = DFLTPHYS; 433 #ifdef MAC 434 mac_init_mount(mp); 435 mac_create_mount(td->td_ucred, mp); 436 #endif 437 arc4rand(&mp->mnt_hashseed, sizeof mp->mnt_hashseed, 0); 438 return (mp); 439 } 440 441 /* 442 * Destroy the mount struct previously allocated by vfs_mount_alloc(). 443 */ 444 static void 445 vfs_mount_destroy(struct mount *mp, struct thread *td) 446 { 447 448 mp->mnt_vfc->vfc_refcount--; 449 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) 450 panic("unmount: dangling vnode"); 451 vfs_unbusy(mp,td); 452 lockdestroy(&mp->mnt_lock); 453 MNT_ILOCK(mp); 454 if (mp->mnt_kern_flag & MNTK_MWAIT) 455 wakeup(mp); 456 MNT_IUNLOCK(mp); 457 mtx_destroy(&mp->mnt_mtx); 458 #ifdef MAC 459 mac_destroy_mount(mp); 460 #endif 461 if (mp->mnt_opt != NULL) 462 vfs_freeopts(mp->mnt_opt); 463 crfree(mp->mnt_cred); 464 free(mp, M_MOUNT); 465 } 466 467 static int 468 vfs_donmount(struct thread *td, int fsflags, struct uio *fsoptions) 469 { 470 struct vfsoptlist *optlist; 471 char *fstype, *fspath, *errmsg; 472 int error, fstypelen, fspathlen, errmsg_len, errmsg_pos; 473 474 errmsg_len = 0; 475 errmsg_pos = -1; 476 477 error = vfs_buildopts(fsoptions, &optlist); 478 if (error) 479 return (error); 480 481 if (vfs_getopt(optlist, "errmsg", (void **)&errmsg, &errmsg_len) == 0) 482 errmsg_pos = vfs_getopt_pos(optlist, "errmsg"); 483 else 484 errmsg_len = 0; 485 486 /* 487 * We need these two options before the others, 488 * and they are mandatory for any filesystem. 489 * Ensure they are NUL terminated as well. 490 */ 491 fstypelen = 0; 492 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 493 if (error || fstype[fstypelen - 1] != '\0') { 494 error = EINVAL; 495 if (errmsg != NULL) 496 strncpy(errmsg, "Invalid fstype", errmsg_len); 497 goto bail; 498 } 499 fspathlen = 0; 500 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 501 if (error || fspath[fspathlen - 1] != '\0') { 502 error = EINVAL; 503 if (errmsg != NULL) 504 strncpy(errmsg, "Invalid fspath", errmsg_len); 505 goto bail; 506 } 507 508 /* 509 * We need to see if we have the "update" option 510 * before we call vfs_domount(), since vfs_domount() has special 511 * logic based on MNT_UPDATE. This is very important 512 * when we want to update the root filesystem. 513 */ 514 if (vfs_getopt(optlist, "update", NULL, NULL) == 0) 515 fsflags |= MNT_UPDATE; 516 517 if (vfs_getopt(optlist, "async", NULL, NULL) == 0) 518 fsflags |= MNT_ASYNC; 519 520 if (vfs_getopt(optlist, "force", NULL, NULL) == 0) 521 fsflags |= MNT_FORCE; 522 523 if (vfs_getopt(optlist, "multilabel", NULL, NULL) == 0) 524 fsflags |= MNT_MULTILABEL; 525 526 if (vfs_getopt(optlist, "noasync", NULL, NULL) == 0) 527 fsflags &= ~MNT_ASYNC; 528 529 if (vfs_getopt(optlist, "noatime", NULL, NULL) == 0) 530 fsflags |= MNT_NOATIME; 531 532 if (vfs_getopt(optlist, "noclusterr", NULL, NULL) == 0) 533 fsflags |= MNT_NOCLUSTERR; 534 535 if (vfs_getopt(optlist, "noclusterw", NULL, NULL) == 0) 536 fsflags |= MNT_NOCLUSTERW; 537 538 if (vfs_getopt(optlist, "noexec", NULL, NULL) == 0) 539 fsflags |= MNT_NOEXEC; 540 541 if (vfs_getopt(optlist, "nosuid", NULL, NULL) == 0) 542 fsflags |= MNT_NOSUID; 543 544 if (vfs_getopt(optlist, "nosymfollow", NULL, NULL) == 0) 545 fsflags |= MNT_NOSYMFOLLOW; 546 547 if (vfs_getopt(optlist, "noro", NULL, NULL) == 0) 548 fsflags &= ~MNT_RDONLY; 549 550 if (vfs_getopt(optlist, "ro", NULL, NULL) == 0) 551 fsflags |= MNT_RDONLY; 552 553 if (vfs_getopt(optlist, "rdonly", NULL, NULL) == 0) 554 fsflags |= MNT_RDONLY; 555 556 if (vfs_getopt(optlist, "rw", NULL, NULL) == 0) 557 fsflags &= ~MNT_RDONLY; 558 559 if (vfs_getopt(optlist, "snapshot", NULL, NULL) == 0) 560 fsflags |= MNT_SNAPSHOT; 561 562 if (vfs_getopt(optlist, "suiddir", NULL, NULL) == 0) 563 fsflags |= MNT_SUIDDIR; 564 565 if (vfs_getopt(optlist, "sync", NULL, NULL) == 0) 566 fsflags |= MNT_SYNCHRONOUS; 567 568 if (vfs_getopt(optlist, "union", NULL, NULL) == 0) 569 fsflags |= MNT_UNION; 570 571 /* 572 * Be ultra-paranoid about making sure the type and fspath 573 * variables will fit in our mp buffers, including the 574 * terminating NUL. 575 */ 576 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 577 error = ENAMETOOLONG; 578 goto bail; 579 } 580 581 mtx_lock(&Giant); 582 error = vfs_domount(td, fstype, fspath, fsflags, optlist); 583 mtx_unlock(&Giant); 584 bail: 585 /* copyout the errmsg */ 586 if (errmsg_pos != -1 && ((2 * errmsg_pos + 1) < fsoptions->uio_iovcnt) 587 && errmsg_len > 0 && errmsg != NULL) { 588 if (fsoptions->uio_segflg == UIO_SYSSPACE) { 589 strncpy(fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base, 590 errmsg, 591 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len); 592 } else { 593 copystr(errmsg, 594 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_base, 595 fsoptions->uio_iov[2 * errmsg_pos + 1].iov_len, 596 NULL); 597 } 598 } 599 600 if (error != 0) 601 vfs_freeopts(optlist); 602 return (error); 603 } 604 605 /* 606 * --------------------------------------------------------------------- 607 * Old mount API. 608 */ 609 #ifndef _SYS_SYSPROTO_H_ 610 struct mount_args { 611 char *type; 612 char *path; 613 int flags; 614 caddr_t data; 615 }; 616 #endif 617 /* ARGSUSED */ 618 int 619 mount(td, uap) 620 struct thread *td; 621 struct mount_args /* { 622 char *type; 623 char *path; 624 int flags; 625 caddr_t data; 626 } */ *uap; 627 { 628 char *fstype; 629 struct vfsconf *vfsp = NULL; 630 struct mntarg *ma = NULL; 631 int error; 632 633 /* Kick out MNT_ROOTFS early as it is legal internally */ 634 uap->flags &= ~MNT_ROOTFS; 635 636 if (uap->data == NULL) 637 return (EINVAL); 638 639 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 640 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL); 641 if (!error) { 642 mtx_lock(&Giant); /* XXX ? */ 643 vfsp = vfs_byname_kld(fstype, td, &error); 644 mtx_unlock(&Giant); 645 } 646 free(fstype, M_TEMP); 647 if (error) 648 return (error); 649 if (vfsp == NULL) 650 return (ENOENT); 651 if (vfsp->vfc_vfsops->vfs_cmount == NULL) 652 return (EOPNOTSUPP); 653 654 ma = mount_argsu(ma, "fstype", uap->type, MNAMELEN); 655 ma = mount_argsu(ma, "fspath", uap->path, MNAMELEN); 656 ma = mount_argb(ma, uap->flags & MNT_RDONLY, "noro"); 657 ma = mount_argb(ma, !(uap->flags & MNT_NOSUID), "nosuid"); 658 ma = mount_argb(ma, !(uap->flags & MNT_NOEXEC), "noexec"); 659 660 error = vfsp->vfc_vfsops->vfs_cmount(ma, uap->data, uap->flags, td); 661 return (error); 662 } 663 664 665 /* 666 * vfs_domount(): actually attempt a filesystem mount. 667 */ 668 static int 669 vfs_domount( 670 struct thread *td, /* Flags common to all filesystems. */ 671 const char *fstype, /* Filesystem type. */ 672 char *fspath, /* Mount path. */ 673 int fsflags, /* Flags common to all filesystems. */ 674 void *fsdata /* Options local to the filesystem. */ 675 ) 676 { 677 struct vnode *vp; 678 struct mount *mp; 679 struct vfsconf *vfsp; 680 int error, flag = 0, kern_flag = 0; 681 struct vattr va; 682 struct nameidata nd; 683 684 mtx_assert(&Giant, MA_OWNED); 685 686 /* 687 * Be ultra-paranoid about making sure the type and fspath 688 * variables will fit in our mp buffers, including the 689 * terminating NUL. 690 */ 691 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 692 return (ENAMETOOLONG); 693 694 if (jailed(td->td_ucred)) 695 return (EPERM); 696 if (usermount == 0) { 697 if ((error = suser(td)) != 0) 698 return (error); 699 } 700 701 /* 702 * Do not allow NFS export or MNT_SUIDDIR by unprivileged users. 703 */ 704 if (fsflags & (MNT_EXPORTED | MNT_SUIDDIR)) { 705 if ((error = suser(td)) != 0) 706 return (error); 707 } 708 /* 709 * Silently enforce MNT_NOSUID and MNT_USER for 710 * unprivileged users. 711 */ 712 if (suser(td) != 0) 713 fsflags |= MNT_NOSUID | MNT_USER; 714 /* 715 * Get vnode to be covered 716 */ 717 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 718 if ((error = namei(&nd)) != 0) 719 return (error); 720 NDFREE(&nd, NDF_ONLY_PNBUF); 721 vp = nd.ni_vp; 722 if (fsflags & MNT_UPDATE) { 723 if ((vp->v_vflag & VV_ROOT) == 0) { 724 vput(vp); 725 return (EINVAL); 726 } 727 mp = vp->v_mount; 728 flag = mp->mnt_flag; 729 kern_flag = mp->mnt_kern_flag; 730 /* 731 * We only allow the filesystem to be reloaded if it 732 * is currently mounted read-only. 733 */ 734 if ((fsflags & MNT_RELOAD) && 735 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 736 vput(vp); 737 return (EOPNOTSUPP); /* Needs translation */ 738 } 739 /* 740 * Only privileged root, or (if MNT_USER is set) the user that 741 * did the original mount is permitted to update it. 742 */ 743 error = vfs_suser(mp, td); 744 if (error) { 745 vput(vp); 746 return (error); 747 } 748 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 749 vput(vp); 750 return (EBUSY); 751 } 752 VI_LOCK(vp); 753 if ((vp->v_iflag & VI_MOUNT) != 0 || 754 vp->v_mountedhere != NULL) { 755 VI_UNLOCK(vp); 756 vfs_unbusy(mp, td); 757 vput(vp); 758 return (EBUSY); 759 } 760 vp->v_iflag |= VI_MOUNT; 761 VI_UNLOCK(vp); 762 mp->mnt_flag |= fsflags & 763 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT | MNT_ROOTFS); 764 VOP_UNLOCK(vp, 0, td); 765 mp->mnt_optnew = fsdata; 766 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 767 } else { 768 /* 769 * If the user is not root, ensure that they own the directory 770 * onto which we are attempting to mount. 771 */ 772 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 773 if (error) { 774 vput(vp); 775 return (error); 776 } 777 if (va.va_uid != td->td_ucred->cr_uid) { 778 if ((error = suser(td)) != 0) { 779 vput(vp); 780 return (error); 781 } 782 } 783 error = vinvalbuf(vp, V_SAVE, td, 0, 0); 784 if (error != 0) { 785 vput(vp); 786 return (error); 787 } 788 if (vp->v_type != VDIR) { 789 vput(vp); 790 return (ENOTDIR); 791 } 792 vfsp = vfs_byname_kld(fstype, td, &error); 793 if (vfsp == NULL) { 794 vput(vp); 795 return (error); 796 } 797 VI_LOCK(vp); 798 if ((vp->v_iflag & VI_MOUNT) != 0 || 799 vp->v_mountedhere != NULL) { 800 VI_UNLOCK(vp); 801 vput(vp); 802 return (EBUSY); 803 } 804 vp->v_iflag |= VI_MOUNT; 805 VI_UNLOCK(vp); 806 807 /* 808 * Allocate and initialize the filesystem. 809 */ 810 mp = vfs_mount_alloc(vp, vfsp, fspath, td); 811 VOP_UNLOCK(vp, 0, td); 812 813 /* XXXMAC: pass to vfs_mount_alloc? */ 814 mp->mnt_optnew = fsdata; 815 } 816 817 /* 818 * Set the mount level flags. 819 */ 820 if (fsflags & MNT_RDONLY) 821 mp->mnt_flag |= MNT_RDONLY; 822 mp->mnt_flag &=~ MNT_UPDATEMASK; 823 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE | MNT_ROOTFS); 824 /* 825 * Mount the filesystem. 826 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 827 * get. No freeing of cn_pnbuf. 828 */ 829 error = VFS_MOUNT(mp, td); 830 if (!error) { 831 if (mp->mnt_opt != NULL) 832 vfs_freeopts(mp->mnt_opt); 833 mp->mnt_opt = mp->mnt_optnew; 834 VFS_STATFS(mp, &mp->mnt_stat, td); 835 } 836 /* 837 * Prevent external consumers of mount options from reading 838 * mnt_optnew. 839 */ 840 mp->mnt_optnew = NULL; 841 if (mp->mnt_flag & MNT_UPDATE) { 842 mp->mnt_flag &= 843 ~(MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 844 if (error) { 845 mp->mnt_flag = flag; 846 mp->mnt_kern_flag = kern_flag; 847 } 848 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 849 if (mp->mnt_syncer == NULL) 850 error = vfs_allocate_syncvnode(mp); 851 } else { 852 if (mp->mnt_syncer != NULL) 853 vrele(mp->mnt_syncer); 854 mp->mnt_syncer = NULL; 855 } 856 vfs_unbusy(mp, td); 857 VI_LOCK(vp); 858 vp->v_iflag &= ~VI_MOUNT; 859 VI_UNLOCK(vp); 860 vrele(vp); 861 return (error); 862 } 863 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 864 /* 865 * Put the new filesystem on the mount list after root. 866 */ 867 cache_purge(vp); 868 if (!error) { 869 struct vnode *newdp; 870 871 VI_LOCK(vp); 872 vp->v_iflag &= ~VI_MOUNT; 873 VI_UNLOCK(vp); 874 vp->v_mountedhere = mp; 875 mtx_lock(&mountlist_mtx); 876 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 877 mtx_unlock(&mountlist_mtx); 878 vfs_event_signal(NULL, VQ_MOUNT, 0); 879 if (VFS_ROOT(mp, LK_EXCLUSIVE, &newdp, td)) 880 panic("mount: lost mount"); 881 mountcheckdirs(vp, newdp); 882 vput(newdp); 883 VOP_UNLOCK(vp, 0, td); 884 if ((mp->mnt_flag & MNT_RDONLY) == 0) 885 error = vfs_allocate_syncvnode(mp); 886 vfs_unbusy(mp, td); 887 if (error) 888 vrele(vp); 889 } else { 890 VI_LOCK(vp); 891 vp->v_iflag &= ~VI_MOUNT; 892 VI_UNLOCK(vp); 893 vfs_mount_destroy(mp, td); 894 vput(vp); 895 } 896 return (error); 897 } 898 899 /* 900 * --------------------------------------------------------------------- 901 * Unmount a filesystem. 902 * 903 * Note: unmount takes a path to the vnode mounted on as argument, 904 * not special file (as before). 905 */ 906 #ifndef _SYS_SYSPROTO_H_ 907 struct unmount_args { 908 char *path; 909 int flags; 910 }; 911 #endif 912 /* ARGSUSED */ 913 int 914 unmount(td, uap) 915 struct thread *td; 916 register struct unmount_args /* { 917 char *path; 918 int flags; 919 } */ *uap; 920 { 921 struct mount *mp; 922 char *pathbuf; 923 int error, id0, id1; 924 925 if (jailed(td->td_ucred)) 926 return (EPERM); 927 if (usermount == 0) { 928 if ((error = suser(td)) != 0) 929 return (error); 930 } 931 932 pathbuf = malloc(MNAMELEN, M_TEMP, M_WAITOK); 933 error = copyinstr(uap->path, pathbuf, MNAMELEN, NULL); 934 if (error) { 935 free(pathbuf, M_TEMP); 936 return (error); 937 } 938 if (uap->flags & MNT_BYFSID) { 939 /* Decode the filesystem ID. */ 940 if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) { 941 free(pathbuf, M_TEMP); 942 return (EINVAL); 943 } 944 945 mtx_lock(&mountlist_mtx); 946 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) { 947 if (mp->mnt_stat.f_fsid.val[0] == id0 && 948 mp->mnt_stat.f_fsid.val[1] == id1) 949 break; 950 } 951 mtx_unlock(&mountlist_mtx); 952 } else { 953 mtx_lock(&mountlist_mtx); 954 TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) { 955 if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0) 956 break; 957 } 958 mtx_unlock(&mountlist_mtx); 959 } 960 free(pathbuf, M_TEMP); 961 if (mp == NULL) { 962 /* 963 * Previously we returned ENOENT for a nonexistent path and 964 * EINVAL for a non-mountpoint. We cannot tell these apart 965 * now, so in the !MNT_BYFSID case return the more likely 966 * EINVAL for compatibility. 967 */ 968 return ((uap->flags & MNT_BYFSID) ? ENOENT : EINVAL); 969 } 970 971 /* 972 * Only privileged root, or (if MNT_USER is set) the user that did the 973 * original mount is permitted to unmount this filesystem. 974 */ 975 error = vfs_suser(mp, td); 976 if (error) 977 return (error); 978 979 /* 980 * Don't allow unmounting the root filesystem. 981 */ 982 if (mp->mnt_flag & MNT_ROOTFS) 983 return (EINVAL); 984 mtx_lock(&Giant); 985 error = dounmount(mp, uap->flags, td); 986 mtx_unlock(&Giant); 987 return (error); 988 } 989 990 /* 991 * Do the actual filesystem unmount. 992 */ 993 int 994 dounmount(mp, flags, td) 995 struct mount *mp; 996 int flags; 997 struct thread *td; 998 { 999 struct vnode *coveredvp, *fsrootvp; 1000 int error; 1001 int async_flag; 1002 1003 mtx_assert(&Giant, MA_OWNED); 1004 1005 MNT_ILOCK(mp); 1006 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1007 MNT_IUNLOCK(mp); 1008 return (EBUSY); 1009 } 1010 mp->mnt_kern_flag |= MNTK_UNMOUNT; 1011 /* Allow filesystems to detect that a forced unmount is in progress. */ 1012 if (flags & MNT_FORCE) 1013 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1014 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK | 1015 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), MNT_MTX(mp), td); 1016 if (error) { 1017 MNT_ILOCK(mp); 1018 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1019 if (mp->mnt_kern_flag & MNTK_MWAIT) 1020 wakeup(mp); 1021 MNT_IUNLOCK(mp); 1022 return (error); 1023 } 1024 vn_start_write(NULL, &mp, V_WAIT); 1025 1026 if (mp->mnt_flag & MNT_EXPUBLIC) 1027 vfs_setpublicfs(NULL, NULL, NULL); 1028 1029 vfs_msync(mp, MNT_WAIT); 1030 async_flag = mp->mnt_flag & MNT_ASYNC; 1031 mp->mnt_flag &= ~MNT_ASYNC; 1032 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1033 if (mp->mnt_syncer != NULL) 1034 vrele(mp->mnt_syncer); 1035 /* 1036 * For forced unmounts, move process cdir/rdir refs on the fs root 1037 * vnode to the covered vnode. For non-forced unmounts we want 1038 * such references to cause an EBUSY error. 1039 */ 1040 if ((flags & MNT_FORCE) && 1041 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp, td) == 0) { 1042 if (mp->mnt_vnodecovered != NULL) 1043 mountcheckdirs(fsrootvp, mp->mnt_vnodecovered); 1044 if (fsrootvp == rootvnode) { 1045 vrele(rootvnode); 1046 rootvnode = NULL; 1047 } 1048 vput(fsrootvp); 1049 } 1050 if (((mp->mnt_flag & MNT_RDONLY) || 1051 (error = VFS_SYNC(mp, MNT_WAIT, td)) == 0) || 1052 (flags & MNT_FORCE)) { 1053 error = VFS_UNMOUNT(mp, flags, td); 1054 } 1055 vn_finished_write(mp); 1056 if (error) { 1057 /* Undo cdir/rdir and rootvnode changes made above. */ 1058 if ((flags & MNT_FORCE) && 1059 VFS_ROOT(mp, LK_EXCLUSIVE, &fsrootvp, td) == 0) { 1060 if (mp->mnt_vnodecovered != NULL) 1061 mountcheckdirs(mp->mnt_vnodecovered, fsrootvp); 1062 if (rootvnode == NULL) { 1063 rootvnode = fsrootvp; 1064 vref(rootvnode); 1065 } 1066 vput(fsrootvp); 1067 } 1068 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) 1069 (void) vfs_allocate_syncvnode(mp); 1070 MNT_ILOCK(mp); 1071 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1072 mp->mnt_flag |= async_flag; 1073 lockmgr(&mp->mnt_lock, LK_RELEASE, NULL, td); 1074 if (mp->mnt_kern_flag & MNTK_MWAIT) 1075 wakeup(mp); 1076 MNT_IUNLOCK(mp); 1077 return (error); 1078 } 1079 mtx_lock(&mountlist_mtx); 1080 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1081 if ((coveredvp = mp->mnt_vnodecovered) != NULL) 1082 coveredvp->v_mountedhere = NULL; 1083 mtx_unlock(&mountlist_mtx); 1084 vfs_event_signal(NULL, VQ_UNMOUNT, 0); 1085 vfs_mount_destroy(mp, td); 1086 if (coveredvp != NULL) 1087 vrele(coveredvp); 1088 return (0); 1089 } 1090 1091 /* 1092 * --------------------------------------------------------------------- 1093 * Mounting of root filesystem 1094 * 1095 */ 1096 1097 struct root_hold_token { 1098 const char *who; 1099 LIST_ENTRY(root_hold_token) list; 1100 }; 1101 1102 static LIST_HEAD(, root_hold_token) root_holds = 1103 LIST_HEAD_INITIALIZER(&root_holds); 1104 1105 struct root_hold_token * 1106 root_mount_hold(const char *identifier) 1107 { 1108 struct root_hold_token *h; 1109 1110 h = malloc(sizeof *h, M_DEVBUF, M_ZERO | M_WAITOK); 1111 h->who = identifier; 1112 mtx_lock(&mountlist_mtx); 1113 LIST_INSERT_HEAD(&root_holds, h, list); 1114 mtx_unlock(&mountlist_mtx); 1115 return (h); 1116 } 1117 1118 void 1119 root_mount_rel(struct root_hold_token *h) 1120 { 1121 1122 mtx_lock(&mountlist_mtx); 1123 LIST_REMOVE(h, list); 1124 wakeup(&root_holds); 1125 mtx_unlock(&mountlist_mtx); 1126 free(h, M_DEVBUF); 1127 } 1128 1129 static void 1130 root_mount_wait(void) 1131 { 1132 struct root_hold_token *h; 1133 1134 for (;;) { 1135 DROP_GIANT(); 1136 g_waitidle(); 1137 PICKUP_GIANT(); 1138 mtx_lock(&mountlist_mtx); 1139 if (LIST_EMPTY(&root_holds)) { 1140 mtx_unlock(&mountlist_mtx); 1141 break; 1142 } 1143 printf("Root mount waiting for:"); 1144 LIST_FOREACH(h, &root_holds, list) 1145 printf(" %s", h->who); 1146 printf("\n"); 1147 msleep(&root_holds, &mountlist_mtx, PZERO | PDROP, "roothold", 1148 hz); 1149 } 1150 } 1151 1152 static void 1153 set_rootvnode(struct thread *td) 1154 { 1155 struct proc *p; 1156 1157 if (VFS_ROOT(TAILQ_FIRST(&mountlist), LK_EXCLUSIVE, &rootvnode, td)) 1158 panic("Cannot find root vnode"); 1159 1160 p = td->td_proc; 1161 FILEDESC_LOCK(p->p_fd); 1162 1163 if (p->p_fd->fd_cdir != NULL) 1164 vrele(p->p_fd->fd_cdir); 1165 p->p_fd->fd_cdir = rootvnode; 1166 VREF(rootvnode); 1167 1168 if (p->p_fd->fd_rdir != NULL) 1169 vrele(p->p_fd->fd_rdir); 1170 p->p_fd->fd_rdir = rootvnode; 1171 VREF(rootvnode); 1172 1173 FILEDESC_UNLOCK(p->p_fd); 1174 1175 VOP_UNLOCK(rootvnode, 0, td); 1176 } 1177 1178 /* 1179 * Mount /devfs as our root filesystem, but do not put it on the mountlist 1180 * yet. Create a /dev -> / symlink so that absolute pathnames will lookup. 1181 */ 1182 1183 static void 1184 devfs_first(void) 1185 { 1186 struct thread *td = curthread; 1187 struct vfsoptlist *opts; 1188 struct vfsconf *vfsp; 1189 struct mount *mp = NULL; 1190 int error; 1191 1192 vfsp = vfs_byname("devfs"); 1193 KASSERT(vfsp != NULL, ("Could not find devfs by name")); 1194 if (vfsp == NULL) 1195 return; 1196 1197 mp = vfs_mount_alloc(NULLVP, vfsp, "/dev", td); 1198 1199 error = VFS_MOUNT(mp, td); 1200 KASSERT(error == 0, ("VFS_MOUNT(devfs) failed %d", error)); 1201 if (error) 1202 return; 1203 1204 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 1205 TAILQ_INIT(opts); 1206 mp->mnt_opt = opts; 1207 1208 mtx_lock(&mountlist_mtx); 1209 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1210 mtx_unlock(&mountlist_mtx); 1211 1212 set_rootvnode(td); 1213 1214 error = kern_symlink(td, "/", "dev", UIO_SYSSPACE); 1215 if (error) 1216 printf("kern_symlink /dev -> / returns %d\n", error); 1217 } 1218 1219 /* 1220 * Surgically move our devfs to be mounted on /dev. 1221 */ 1222 1223 static void 1224 devfs_fixup(struct thread *td) 1225 { 1226 struct nameidata nd; 1227 int error; 1228 struct vnode *vp, *dvp; 1229 struct mount *mp; 1230 1231 /* Remove our devfs mount from the mountlist and purge the cache */ 1232 mtx_lock(&mountlist_mtx); 1233 mp = TAILQ_FIRST(&mountlist); 1234 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1235 mtx_unlock(&mountlist_mtx); 1236 cache_purgevfs(mp); 1237 1238 VFS_ROOT(mp, LK_EXCLUSIVE, &dvp, td); 1239 VI_LOCK(dvp); 1240 dvp->v_iflag &= ~VI_MOUNT; 1241 dvp->v_mountedhere = NULL; 1242 VI_UNLOCK(dvp); 1243 1244 /* Set up the real rootvnode, and purge the cache */ 1245 TAILQ_FIRST(&mountlist)->mnt_vnodecovered = NULL; 1246 set_rootvnode(td); 1247 cache_purgevfs(rootvnode->v_mount); 1248 1249 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, "/dev", td); 1250 error = namei(&nd); 1251 if (error) { 1252 printf("Lookup of /dev for devfs, error: %d\n", error); 1253 return; 1254 } 1255 NDFREE(&nd, NDF_ONLY_PNBUF); 1256 vp = nd.ni_vp; 1257 if (vp->v_type != VDIR) { 1258 vput(vp); 1259 } 1260 error = vinvalbuf(vp, V_SAVE, td, 0, 0); 1261 if (error) { 1262 vput(vp); 1263 } 1264 cache_purge(vp); 1265 mp->mnt_vnodecovered = vp; 1266 vp->v_mountedhere = mp; 1267 mtx_lock(&mountlist_mtx); 1268 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1269 mtx_unlock(&mountlist_mtx); 1270 VOP_UNLOCK(vp, 0, td); 1271 vfs_unbusy(mp, td); 1272 vput(dvp); 1273 1274 /* Unlink the no longer needed /dev/dev -> / symlink */ 1275 kern_unlink(td, "/dev/dev", UIO_SYSSPACE); 1276 } 1277 1278 /* 1279 * Report errors during filesystem mounting. 1280 */ 1281 void 1282 vfs_mount_error(struct mount *mp, const char *fmt, ...) 1283 { 1284 struct vfsoptlist *moptlist = mp->mnt_optnew; 1285 va_list ap; 1286 int error, len; 1287 char *errmsg; 1288 1289 error = vfs_getopt(moptlist, "errmsg", (void **)&errmsg, &len); 1290 if (error || errmsg == NULL || len <= 0) 1291 return; 1292 1293 va_start(ap, fmt); 1294 vsnprintf(errmsg, (size_t)len, fmt, ap); 1295 va_end(ap); 1296 } 1297 1298 /* 1299 * Find and mount the root filesystem 1300 */ 1301 void 1302 vfs_mountroot(void) 1303 { 1304 char *cp; 1305 int error, i, asked = 0; 1306 1307 root_mount_wait(); 1308 1309 devfs_first(); 1310 1311 /* 1312 * We are booted with instructions to prompt for the root filesystem. 1313 */ 1314 if (boothowto & RB_ASKNAME) { 1315 if (!vfs_mountroot_ask()) 1316 return; 1317 asked = 1; 1318 } 1319 1320 /* 1321 * The root filesystem information is compiled in, and we are 1322 * booted with instructions to use it. 1323 */ 1324 if (ctrootdevname != NULL && (boothowto & RB_DFLTROOT)) { 1325 if (!vfs_mountroot_try(ctrootdevname)) 1326 return; 1327 ctrootdevname = NULL; 1328 } 1329 1330 /* 1331 * We've been given the generic "use CDROM as root" flag. This is 1332 * necessary because one media may be used in many different 1333 * devices, so we need to search for them. 1334 */ 1335 if (boothowto & RB_CDROM) { 1336 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1337 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1338 return; 1339 } 1340 } 1341 1342 /* 1343 * Try to use the value read by the loader from /etc/fstab, or 1344 * supplied via some other means. This is the preferred 1345 * mechanism. 1346 */ 1347 cp = getenv("vfs.root.mountfrom"); 1348 if (cp != NULL) { 1349 error = vfs_mountroot_try(cp); 1350 freeenv(cp); 1351 if (!error) 1352 return; 1353 } 1354 1355 /* 1356 * Try values that may have been computed by code during boot 1357 */ 1358 if (!vfs_mountroot_try(rootdevnames[0])) 1359 return; 1360 if (!vfs_mountroot_try(rootdevnames[1])) 1361 return; 1362 1363 /* 1364 * If we (still) have a compiled-in default, try it. 1365 */ 1366 if (ctrootdevname != NULL) 1367 if (!vfs_mountroot_try(ctrootdevname)) 1368 return; 1369 /* 1370 * Everything so far has failed, prompt on the console if we haven't 1371 * already tried that. 1372 */ 1373 if (!asked) 1374 if (!vfs_mountroot_ask()) 1375 return; 1376 1377 panic("Root mount failed, startup aborted."); 1378 } 1379 1380 /* 1381 * Mount (mountfrom) as the root filesystem. 1382 */ 1383 static int 1384 vfs_mountroot_try(const char *mountfrom) 1385 { 1386 struct mount *mp; 1387 char *vfsname, *path; 1388 time_t timebase; 1389 int error; 1390 char patt[32]; 1391 1392 vfsname = NULL; 1393 path = NULL; 1394 mp = NULL; 1395 error = EINVAL; 1396 1397 if (mountfrom == NULL) 1398 return (error); /* don't complain */ 1399 printf("Trying to mount root from %s\n", mountfrom); 1400 1401 /* parse vfs name and path */ 1402 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1403 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1404 vfsname[0] = path[0] = 0; 1405 sprintf(patt, "%%%d[a-z0-9]:%%%ds", MFSNAMELEN, MNAMELEN); 1406 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1407 goto out; 1408 1409 if (path[0] == '\0') 1410 strcpy(path, ROOTNAME); 1411 1412 error = kernel_vmount( 1413 MNT_RDONLY | MNT_ROOTFS, 1414 "fstype", vfsname, 1415 "fspath", "/", 1416 "from", path, 1417 NULL); 1418 if (error == 0) { 1419 /* 1420 * We mount devfs prior to mounting the / FS, so the first 1421 * entry will typically be devfs. 1422 */ 1423 mp = TAILQ_FIRST(&mountlist); 1424 KASSERT(mp != NULL, ("%s: mountlist is empty", __func__)); 1425 1426 /* 1427 * Iterate over all currently mounted file systems and use 1428 * the time stamp found to check and/or initialize the RTC. 1429 * Typically devfs has no time stamp and the only other FS 1430 * is the actual / FS. 1431 * Call inittodr() only once and pass it the largest of the 1432 * timestamps we encounter. 1433 */ 1434 timebase = 0; 1435 do { 1436 if (mp->mnt_time > timebase) 1437 timebase = mp->mnt_time; 1438 mp = TAILQ_NEXT(mp, mnt_list); 1439 } while (mp != NULL); 1440 inittodr(timebase); 1441 1442 devfs_fixup(curthread); 1443 } 1444 out: 1445 free(path, M_MOUNT); 1446 free(vfsname, M_MOUNT); 1447 return (error); 1448 } 1449 1450 /* 1451 * --------------------------------------------------------------------- 1452 * Interactive root filesystem selection code. 1453 */ 1454 1455 static int 1456 vfs_mountroot_ask(void) 1457 { 1458 char name[128]; 1459 1460 for(;;) { 1461 printf("\nManual root filesystem specification:\n"); 1462 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1463 #if defined(__i386__) || defined(__ia64__) 1464 printf(" eg. ufs:da0s1a\n"); 1465 #else 1466 printf(" eg. ufs:/dev/da0a\n"); 1467 #endif 1468 printf(" ? List valid disk boot devices\n"); 1469 printf(" <empty line> Abort manual input\n"); 1470 printf("\nmountroot> "); 1471 gets(name, sizeof(name), 1); 1472 if (name[0] == '\0') 1473 return (1); 1474 if (name[0] == '?') { 1475 printf("\nList of GEOM managed disk devices:\n "); 1476 g_dev_print(); 1477 continue; 1478 } 1479 if (!vfs_mountroot_try(name)) 1480 return (0); 1481 } 1482 } 1483 1484 /* 1485 * --------------------------------------------------------------------- 1486 * Functions for querying mount options/arguments from filesystems. 1487 */ 1488 1489 /* 1490 * Check that no unknown options are given 1491 */ 1492 int 1493 vfs_filteropt(struct vfsoptlist *opts, const char **legal) 1494 { 1495 struct vfsopt *opt; 1496 const char **t, *p; 1497 1498 1499 TAILQ_FOREACH(opt, opts, link) { 1500 p = opt->name; 1501 if (p[0] == 'n' && p[1] == 'o') 1502 p += 2; 1503 for(t = global_opts; *t != NULL; t++) 1504 if (!strcmp(*t, p)) 1505 break; 1506 if (*t != NULL) 1507 continue; 1508 for(t = legal; *t != NULL; t++) 1509 if (!strcmp(*t, p)) 1510 break; 1511 if (*t != NULL) 1512 continue; 1513 printf("mount option <%s> is unknown\n", p); 1514 return (EINVAL); 1515 } 1516 return (0); 1517 } 1518 1519 /* 1520 * Get a mount option by its name. 1521 * 1522 * Return 0 if the option was found, ENOENT otherwise. 1523 * If len is non-NULL it will be filled with the length 1524 * of the option. If buf is non-NULL, it will be filled 1525 * with the address of the option. 1526 */ 1527 int 1528 vfs_getopt(opts, name, buf, len) 1529 struct vfsoptlist *opts; 1530 const char *name; 1531 void **buf; 1532 int *len; 1533 { 1534 struct vfsopt *opt; 1535 1536 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1537 1538 TAILQ_FOREACH(opt, opts, link) { 1539 if (strcmp(name, opt->name) == 0) { 1540 if (len != NULL) 1541 *len = opt->len; 1542 if (buf != NULL) 1543 *buf = opt->value; 1544 return (0); 1545 } 1546 } 1547 return (ENOENT); 1548 } 1549 1550 static int 1551 vfs_getopt_pos(struct vfsoptlist *opts, const char *name) 1552 { 1553 struct vfsopt *opt; 1554 int i; 1555 1556 if (opts == NULL) 1557 return (-1); 1558 1559 i = 0; 1560 TAILQ_FOREACH(opt, opts, link) { 1561 if (strcmp(name, opt->name) == 0) 1562 return (i); 1563 ++i; 1564 } 1565 return (-1); 1566 } 1567 1568 char * 1569 vfs_getopts(struct vfsoptlist *opts, const char *name, int *error) 1570 { 1571 struct vfsopt *opt; 1572 1573 *error = 0; 1574 TAILQ_FOREACH(opt, opts, link) { 1575 if (strcmp(name, opt->name) != 0) 1576 continue; 1577 if (((char *)opt->value)[opt->len - 1] != '\0') { 1578 *error = EINVAL; 1579 return (NULL); 1580 } 1581 return (opt->value); 1582 } 1583 return (NULL); 1584 } 1585 1586 int 1587 vfs_flagopt(struct vfsoptlist *opts, const char *name, u_int *w, u_int val) 1588 { 1589 struct vfsopt *opt; 1590 1591 TAILQ_FOREACH(opt, opts, link) { 1592 if (strcmp(name, opt->name) == 0) { 1593 if (w != NULL) 1594 *w |= val; 1595 return (1); 1596 } 1597 } 1598 if (w != NULL) 1599 *w &= ~val; 1600 return (0); 1601 } 1602 1603 int 1604 vfs_scanopt(struct vfsoptlist *opts, const char *name, const char *fmt, ...) 1605 { 1606 va_list ap; 1607 struct vfsopt *opt; 1608 int ret; 1609 1610 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1611 1612 TAILQ_FOREACH(opt, opts, link) { 1613 if (strcmp(name, opt->name) != 0) 1614 continue; 1615 if (((char *)opt->value)[opt->len - 1] != '\0') 1616 return (0); 1617 va_start(ap, fmt); 1618 ret = vsscanf(opt->value, fmt, ap); 1619 va_end(ap); 1620 return (ret); 1621 } 1622 return (0); 1623 } 1624 1625 /* 1626 * Find and copy a mount option. 1627 * 1628 * The size of the buffer has to be specified 1629 * in len, if it is not the same length as the 1630 * mount option, EINVAL is returned. 1631 * Returns ENOENT if the option is not found. 1632 */ 1633 int 1634 vfs_copyopt(opts, name, dest, len) 1635 struct vfsoptlist *opts; 1636 const char *name; 1637 void *dest; 1638 int len; 1639 { 1640 struct vfsopt *opt; 1641 1642 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL")); 1643 1644 TAILQ_FOREACH(opt, opts, link) { 1645 if (strcmp(name, opt->name) == 0) { 1646 if (len != opt->len) 1647 return (EINVAL); 1648 bcopy(opt->value, dest, opt->len); 1649 return (0); 1650 } 1651 } 1652 return (ENOENT); 1653 } 1654 1655 /* 1656 * This is a helper function for filesystems to traverse their 1657 * vnodes. See MNT_VNODE_FOREACH() in sys/mount.h 1658 */ 1659 1660 struct vnode * 1661 __mnt_vnode_next(struct vnode **nvp, struct mount *mp) 1662 { 1663 struct vnode *vp; 1664 1665 mtx_assert(&mp->mnt_mtx, MA_OWNED); 1666 1667 vp = *nvp; 1668 /* Check if we are done */ 1669 if (vp == NULL) 1670 return (NULL); 1671 /* If our next vnode is no longer ours, start over */ 1672 if (vp->v_mount != mp) 1673 vp = TAILQ_FIRST(&mp->mnt_nvnodelist); 1674 /* Save pointer to next vnode in list */ 1675 if (vp != NULL) 1676 *nvp = TAILQ_NEXT(vp, v_nmntvnodes); 1677 else 1678 *nvp = NULL; 1679 return (vp); 1680 } 1681 1682 int 1683 __vfs_statfs(struct mount *mp, struct statfs *sbp, struct thread *td) 1684 { 1685 int error; 1686 1687 error = mp->mnt_op->vfs_statfs(mp, &mp->mnt_stat, td); 1688 if (sbp != &mp->mnt_stat) 1689 *sbp = mp->mnt_stat; 1690 return (error); 1691 } 1692 1693 void 1694 vfs_mountedfrom(struct mount *mp, const char *from) 1695 { 1696 1697 bzero(mp->mnt_stat.f_mntfromname, sizeof mp->mnt_stat.f_mntfromname); 1698 strlcpy(mp->mnt_stat.f_mntfromname, from, 1699 sizeof mp->mnt_stat.f_mntfromname); 1700 } 1701 1702 /* 1703 * --------------------------------------------------------------------- 1704 * This is the api for building mount args and mounting filesystems from 1705 * inside the kernel. 1706 * 1707 * The API works by accumulation of individual args. First error is 1708 * latched. 1709 * 1710 * XXX: should be documented in new manpage kernel_mount(9) 1711 */ 1712 1713 /* A memory allocation which must be freed when we are done */ 1714 struct mntaarg { 1715 SLIST_ENTRY(mntaarg) next; 1716 }; 1717 1718 /* The header for the mount arguments */ 1719 struct mntarg { 1720 struct iovec *v; 1721 int len; 1722 int error; 1723 SLIST_HEAD(, mntaarg) list; 1724 }; 1725 1726 /* 1727 * Add a boolean argument. 1728 * 1729 * flag is the boolean value. 1730 * name must start with "no". 1731 */ 1732 struct mntarg * 1733 mount_argb(struct mntarg *ma, int flag, const char *name) 1734 { 1735 1736 KASSERT(name[0] == 'n' && name[1] == 'o', 1737 ("mount_argb(...,%s): name must start with 'no'", name)); 1738 1739 return (mount_arg(ma, name + (flag ? 2 : 0), NULL, 0)); 1740 } 1741 1742 /* 1743 * Add an argument printf style 1744 */ 1745 struct mntarg * 1746 mount_argf(struct mntarg *ma, const char *name, const char *fmt, ...) 1747 { 1748 va_list ap; 1749 struct mntaarg *maa; 1750 struct sbuf *sb; 1751 int len; 1752 1753 if (ma == NULL) { 1754 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO); 1755 SLIST_INIT(&ma->list); 1756 } 1757 if (ma->error) 1758 return (ma); 1759 1760 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2), 1761 M_MOUNT, M_WAITOK); 1762 ma->v[ma->len].iov_base = (void *)(uintptr_t)name; 1763 ma->v[ma->len].iov_len = strlen(name) + 1; 1764 ma->len++; 1765 1766 sb = sbuf_new(NULL, NULL, 0, SBUF_AUTOEXTEND); 1767 va_start(ap, fmt); 1768 sbuf_vprintf(sb, fmt, ap); 1769 va_end(ap); 1770 sbuf_finish(sb); 1771 len = sbuf_len(sb) + 1; 1772 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO); 1773 SLIST_INSERT_HEAD(&ma->list, maa, next); 1774 bcopy(sbuf_data(sb), maa + 1, len); 1775 sbuf_delete(sb); 1776 1777 ma->v[ma->len].iov_base = maa + 1; 1778 ma->v[ma->len].iov_len = len; 1779 ma->len++; 1780 1781 return (ma); 1782 } 1783 1784 /* 1785 * Add an argument which is a userland string. 1786 */ 1787 struct mntarg * 1788 mount_argsu(struct mntarg *ma, const char *name, const void *val, int len) 1789 { 1790 struct mntaarg *maa; 1791 char *tbuf; 1792 1793 if (val == NULL) 1794 return (ma); 1795 if (ma == NULL) { 1796 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO); 1797 SLIST_INIT(&ma->list); 1798 } 1799 if (ma->error) 1800 return (ma); 1801 maa = malloc(sizeof *maa + len, M_MOUNT, M_WAITOK | M_ZERO); 1802 SLIST_INSERT_HEAD(&ma->list, maa, next); 1803 tbuf = (void *)(maa + 1); 1804 ma->error = copyinstr(val, tbuf, len, NULL); 1805 return (mount_arg(ma, name, tbuf, -1)); 1806 } 1807 1808 /* 1809 * Plain argument. 1810 * 1811 * If length is -1, use printf. 1812 */ 1813 struct mntarg * 1814 mount_arg(struct mntarg *ma, const char *name, const void *val, int len) 1815 { 1816 1817 if (ma == NULL) { 1818 ma = malloc(sizeof *ma, M_MOUNT, M_WAITOK | M_ZERO); 1819 SLIST_INIT(&ma->list); 1820 } 1821 if (ma->error) 1822 return (ma); 1823 1824 ma->v = realloc(ma->v, sizeof *ma->v * (ma->len + 2), 1825 M_MOUNT, M_WAITOK); 1826 ma->v[ma->len].iov_base = (void *)(uintptr_t)name; 1827 ma->v[ma->len].iov_len = strlen(name) + 1; 1828 ma->len++; 1829 1830 ma->v[ma->len].iov_base = (void *)(uintptr_t)val; 1831 if (len < 0) 1832 ma->v[ma->len].iov_len = strlen(val) + 1; 1833 else 1834 ma->v[ma->len].iov_len = len; 1835 ma->len++; 1836 return (ma); 1837 } 1838 1839 /* 1840 * Free a mntarg structure 1841 */ 1842 static void 1843 free_mntarg(struct mntarg *ma) 1844 { 1845 struct mntaarg *maa; 1846 1847 while (!SLIST_EMPTY(&ma->list)) { 1848 maa = SLIST_FIRST(&ma->list); 1849 SLIST_REMOVE_HEAD(&ma->list, next); 1850 free(maa, M_MOUNT); 1851 } 1852 free(ma->v, M_MOUNT); 1853 free(ma, M_MOUNT); 1854 } 1855 1856 /* 1857 * Mount a filesystem 1858 */ 1859 int 1860 kernel_mount(struct mntarg *ma, int flags) 1861 { 1862 struct uio auio; 1863 int error; 1864 1865 KASSERT(ma != NULL, ("kernel_mount NULL ma")); 1866 KASSERT(ma->v != NULL, ("kernel_mount NULL ma->v")); 1867 KASSERT(!(ma->len & 1), ("kernel_mount odd ma->len (%d)", ma->len)); 1868 1869 auio.uio_iov = ma->v; 1870 auio.uio_iovcnt = ma->len; 1871 auio.uio_segflg = UIO_SYSSPACE; 1872 1873 error = ma->error; 1874 if (!error) 1875 error = vfs_donmount(curthread, flags, &auio); 1876 free_mntarg(ma); 1877 return (error); 1878 } 1879 1880 /* 1881 * A printflike function to mount a filesystem. 1882 */ 1883 int 1884 kernel_vmount(int flags, ...) 1885 { 1886 struct mntarg *ma = NULL; 1887 va_list ap; 1888 const char *cp; 1889 const void *vp; 1890 int error; 1891 1892 va_start(ap, flags); 1893 for (;;) { 1894 cp = va_arg(ap, const char *); 1895 if (cp == NULL) 1896 break; 1897 vp = va_arg(ap, const void *); 1898 ma = mount_arg(ma, cp, vp, -1); 1899 } 1900 va_end(ap); 1901 1902 error = kernel_mount(ma, flags); 1903 return (error); 1904 } 1905