1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * Copyright (c) 1999 Michael Smith 39 * All rights reserved. 40 * Copyright (c) 1999 Poul-Henning Kamp 41 * All rights reserved. 42 * 43 * Redistribution and use in source and binary forms, with or without 44 * modification, are permitted provided that the following conditions 45 * are met: 46 * 1. Redistributions of source code must retain the above copyright 47 * notice, this list of conditions and the following disclaimer. 48 * 2. Redistributions in binary form must reproduce the above copyright 49 * notice, this list of conditions and the following disclaimer in the 50 * documentation and/or other materials provided with the distribution. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 * 64 * $FreeBSD$ 65 */ 66 67 #include <sys/param.h> 68 #include <sys/conf.h> 69 #include <sys/cons.h> 70 #include <sys/kernel.h> 71 #include <sys/linker.h> 72 #include <sys/mac.h> 73 #include <sys/malloc.h> 74 #include <sys/mount.h> 75 #include <sys/mutex.h> 76 #include <sys/namei.h> 77 #include <sys/proc.h> 78 #include <sys/reboot.h> 79 #include <sys/sysproto.h> 80 #include <sys/sx.h> 81 #include <sys/sysctl.h> 82 #include <sys/sysent.h> 83 #include <sys/systm.h> 84 #include <sys/vnode.h> 85 86 #include <machine/stdarg.h> 87 88 #include "opt_rootdevname.h" 89 #include "opt_ddb.h" 90 #include "opt_mac.h" 91 92 #ifdef DDB 93 #include <ddb/ddb.h> 94 #endif 95 96 #define ROOTNAME "root_device" 97 98 static void checkdirs(struct vnode *olddp, struct vnode *newdp); 99 static int vfs_nmount(struct thread *td, int, struct uio *); 100 static int vfs_mountroot_try(char *mountfrom); 101 static int vfs_mountroot_ask(void); 102 static void gets(char *cp); 103 104 static int usermount = 0; /* if 1, non-root can mount fs. */ 105 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, ""); 106 107 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 108 109 /* List of mounted filesystems. */ 110 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 111 112 /* For any iteration/modification of mountlist */ 113 struct mtx mountlist_mtx; 114 115 /* For any iteration/modification of mnt_vnodelist */ 116 struct mtx mntvnode_mtx; 117 118 /* 119 * The vnode of the system's root (/ in the filesystem, without chroot 120 * active.) 121 */ 122 struct vnode *rootvnode; 123 124 /* 125 * The root filesystem is detailed in the kernel environment variable 126 * vfs.root.mountfrom, which is expected to be in the general format 127 * 128 * <vfsname>:[<path>] 129 * vfsname := the name of a VFS known to the kernel and capable 130 * of being mounted as root 131 * path := disk device name or other data used by the filesystem 132 * to locate its physical store 133 */ 134 135 /* 136 * The root specifiers we will try if RB_CDROM is specified. 137 */ 138 static char *cdrom_rootdevnames[] = { 139 "cd9660:cd0a", 140 "cd9660:acd0a", 141 "cd9660:wcd0a", 142 NULL 143 }; 144 145 /* legacy find-root code */ 146 char *rootdevnames[2] = {NULL, NULL}; 147 static int setrootbyname(char *name); 148 dev_t rootdev = NODEV; 149 150 /* Remove one mount option. */ 151 static void 152 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 153 { 154 155 TAILQ_REMOVE(opts, opt, link); 156 free(opt->name, M_MOUNT); 157 if (opt->value != NULL) 158 free(opt->value, M_MOUNT); 159 #ifdef INVARIANTS 160 else if (opt->len != 0) 161 panic("%s: mount option with NULL value but length != 0", 162 __func__); 163 #endif 164 free(opt, M_MOUNT); 165 } 166 167 /* Release all resources related to the mount options. */ 168 static void 169 vfs_freeopts(struct vfsoptlist *opts) 170 { 171 struct vfsopt *opt; 172 173 while (!TAILQ_EMPTY(opts)) { 174 opt = TAILQ_FIRST(opts); 175 vfs_freeopt(opts, opt); 176 } 177 free(opts, M_MOUNT); 178 } 179 180 /* 181 * If a mount option is specified several times, 182 * (with or without the "no" prefix) only keep 183 * the last occurence of it. 184 */ 185 static void 186 vfs_sanitizeopts(struct vfsoptlist *opts) 187 { 188 struct vfsopt *opt, *opt2, *tmp; 189 int noopt; 190 191 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 192 if (strncmp(opt->name, "no", 2) == 0) 193 noopt = 1; 194 else 195 noopt = 0; 196 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 197 while (opt2 != NULL) { 198 if (strcmp(opt2->name, opt->name) == 0 || 199 (noopt && strcmp(opt->name + 2, opt2->name) == 0) || 200 (!noopt && strncmp(opt2->name, "no", 2) == 0 && 201 strcmp(opt2->name + 2, opt->name) == 0)) { 202 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 203 vfs_freeopt(opts, opt2); 204 opt2 = tmp; 205 } else { 206 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 207 } 208 } 209 } 210 } 211 212 /* 213 * Build a linked list of mount options from a struct uio. 214 */ 215 static int 216 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 217 { 218 struct vfsoptlist *opts; 219 struct vfsopt *opt; 220 unsigned int i, iovcnt; 221 int error, namelen, optlen; 222 223 iovcnt = auio->uio_iovcnt; 224 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 225 TAILQ_INIT(opts); 226 for (i = 0; i < iovcnt; i += 2) { 227 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 228 namelen = auio->uio_iov[i].iov_len; 229 optlen = auio->uio_iov[i + 1].iov_len; 230 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 231 opt->value = NULL; 232 if (auio->uio_segflg == UIO_SYSSPACE) { 233 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 234 } else { 235 error = copyin(auio->uio_iov[i].iov_base, opt->name, 236 namelen); 237 if (error) 238 goto bad; 239 } 240 opt->len = optlen; 241 if (optlen != 0) { 242 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 243 if (auio->uio_segflg == UIO_SYSSPACE) { 244 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 245 optlen); 246 } else { 247 error = copyin(auio->uio_iov[i + 1].iov_base, 248 opt->value, optlen); 249 if (error) 250 goto bad; 251 } 252 } 253 TAILQ_INSERT_TAIL(opts, opt, link); 254 } 255 vfs_sanitizeopts(opts); 256 *options = opts; 257 return (0); 258 bad: 259 vfs_freeopts(opts); 260 return (error); 261 } 262 263 /* 264 * Merge the old mount options with the new ones passed 265 * in the MNT_UPDATE case. 266 */ 267 static void 268 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 269 { 270 struct vfsopt *opt, *opt2, *new; 271 272 TAILQ_FOREACH(opt, opts, link) { 273 /* 274 * Check that this option hasn't been redefined 275 * nor cancelled with a "no" mount option. 276 */ 277 opt2 = TAILQ_FIRST(toopts); 278 while (opt2 != NULL) { 279 if (strcmp(opt2->name, opt->name) == 0) 280 goto next; 281 if (strncmp(opt2->name, "no", 2) == 0 && 282 strcmp(opt2->name + 2, opt->name) == 0) { 283 vfs_freeopt(toopts, opt2); 284 goto next; 285 } 286 opt2 = TAILQ_NEXT(opt2, link); 287 } 288 /* We want this option, duplicate it. */ 289 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 290 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 291 strcpy(new->name, opt->name); 292 if (opt->len != 0) { 293 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 294 bcopy(opt->value, new->value, opt->len); 295 } else { 296 new->value = NULL; 297 } 298 new->len = opt->len; 299 TAILQ_INSERT_TAIL(toopts, new, link); 300 next: 301 continue; 302 } 303 } 304 305 /* 306 * New mount API. 307 */ 308 int 309 nmount(td, uap) 310 struct thread *td; 311 struct nmount_args /* { 312 syscallarg(struct iovec *) iovp; 313 syscallarg(unsigned int) iovcnt; 314 syscallarg(int) flags; 315 } */ *uap; 316 { 317 struct uio auio; 318 struct iovec *iov, *needfree; 319 struct iovec aiov[UIO_SMALLIOV]; 320 unsigned int i; 321 int error; 322 u_int iovlen, iovcnt; 323 324 iovcnt = SCARG(uap, iovcnt); 325 iovlen = iovcnt * sizeof (struct iovec); 326 /* 327 * Check that we have an even number of iovec's 328 * and that we have at least two options. 329 */ 330 if ((iovcnt & 1) || (iovcnt < 4) || (iovcnt > UIO_MAXIOV)) 331 return (EINVAL); 332 333 if (iovcnt > UIO_SMALLIOV) { 334 MALLOC(iov, struct iovec *, iovlen, M_IOV, M_WAITOK); 335 needfree = iov; 336 } else { 337 iov = aiov; 338 needfree = NULL; 339 } 340 auio.uio_iov = iov; 341 auio.uio_iovcnt = iovcnt; 342 auio.uio_segflg = UIO_USERSPACE; 343 if ((error = copyin(uap->iovp, iov, iovlen))) 344 goto finish; 345 346 for (i = 0; i < iovcnt; i++) { 347 if (iov->iov_len > MMAXOPTIONLEN) { 348 error = EINVAL; 349 goto finish; 350 } 351 iov++; 352 } 353 error = vfs_nmount(td, SCARG(uap, flags), &auio); 354 finish: 355 if (needfree != NULL) 356 free(needfree, M_TEMP); 357 return (error); 358 } 359 360 int 361 kernel_mount(iovp, iovcnt, flags) 362 struct iovec *iovp; 363 unsigned int iovcnt; 364 int flags; 365 { 366 struct uio auio; 367 int error; 368 369 /* 370 * Check that we have an even number of iovec's 371 * and that we have at least two options. 372 */ 373 if ((iovcnt & 1) || (iovcnt < 4)) 374 return (EINVAL); 375 376 auio.uio_iov = iovp; 377 auio.uio_iovcnt = iovcnt; 378 auio.uio_segflg = UIO_SYSSPACE; 379 380 error = vfs_nmount(curthread, flags, &auio); 381 return (error); 382 } 383 384 int 385 kernel_vmount(int flags, ...) 386 { 387 struct iovec *iovp; 388 struct uio auio; 389 va_list ap; 390 unsigned int iovcnt, iovlen, len; 391 const char *cp; 392 char *buf, *pos; 393 size_t n; 394 int error, i; 395 396 len = 0; 397 va_start(ap, flags); 398 for (iovcnt = 0; (cp = va_arg(ap, const char *)) != NULL; iovcnt++) 399 len += strlen(cp) + 1; 400 va_end(ap); 401 402 if (iovcnt < 4 || iovcnt & 1) 403 return (EINVAL); 404 405 iovlen = iovcnt * sizeof (struct iovec); 406 MALLOC(iovp, struct iovec *, iovlen, M_MOUNT, M_WAITOK); 407 MALLOC(buf, char *, len, M_MOUNT, M_WAITOK); 408 pos = buf; 409 va_start(ap, flags); 410 for (i = 0; i < iovcnt; i++) { 411 cp = va_arg(ap, const char *); 412 copystr(cp, pos, len - (pos - buf), &n); 413 iovp[i].iov_base = pos; 414 iovp[i].iov_len = n; 415 pos += n; 416 } 417 va_end(ap); 418 419 auio.uio_iov = iovp; 420 auio.uio_iovcnt = iovcnt; 421 auio.uio_segflg = UIO_SYSSPACE; 422 423 error = vfs_nmount(curthread, flags, &auio); 424 FREE(iovp, M_MOUNT); 425 FREE(buf, M_MOUNT); 426 return (error); 427 } 428 429 /* 430 * vfs_nmount(): actually attempt a filesystem mount. 431 */ 432 static int 433 vfs_nmount(td, fsflags, fsoptions) 434 struct thread *td; 435 int fsflags; /* Flags common to all filesystems. */ 436 struct uio *fsoptions; /* Options local to the filesystem. */ 437 { 438 linker_file_t lf; 439 struct vnode *vp; 440 struct mount *mp; 441 struct vfsconf *vfsp; 442 struct vfsoptlist *optlist; 443 char *fstype, *fspath; 444 int error, flag = 0, kern_flag = 0; 445 int fstypelen, fspathlen; 446 struct vattr va; 447 struct nameidata nd; 448 449 error = vfs_buildopts(fsoptions, &optlist); 450 if (error) 451 return (error); 452 453 /* 454 * We need these two options before the others, 455 * and they are mandatory for any filesystem. 456 * Ensure they are NUL terminated as well. 457 */ 458 fstypelen = 0; 459 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 460 if (error || fstype[fstypelen - 1] != '\0') { 461 error = EINVAL; 462 goto bad; 463 } 464 fspathlen = 0; 465 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 466 if (error || fspath[fspathlen - 1] != '\0') { 467 error = EINVAL; 468 goto bad; 469 } 470 471 /* 472 * Be ultra-paranoid about making sure the type and fspath 473 * variables will fit in our mp buffers, including the 474 * terminating NUL. 475 */ 476 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 477 error = ENAMETOOLONG; 478 goto bad; 479 } 480 481 if (usermount == 0) { 482 error = suser(td); 483 if (error) 484 goto bad; 485 } 486 /* 487 * Do not allow NFS export by non-root users. 488 */ 489 if (fsflags & MNT_EXPORTED) { 490 error = suser(td); 491 if (error) 492 goto bad; 493 } 494 /* 495 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 496 */ 497 if (suser(td)) 498 fsflags |= MNT_NOSUID | MNT_NODEV; 499 /* 500 * Get vnode to be covered 501 */ 502 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 503 if ((error = namei(&nd)) != 0) 504 goto bad; 505 NDFREE(&nd, NDF_ONLY_PNBUF); 506 vp = nd.ni_vp; 507 if (fsflags & MNT_UPDATE) { 508 if ((vp->v_vflag & VV_ROOT) == 0) { 509 vput(vp); 510 error = EINVAL; 511 goto bad; 512 } 513 mp = vp->v_mount; 514 flag = mp->mnt_flag; 515 kern_flag = mp->mnt_kern_flag; 516 /* 517 * We only allow the filesystem to be reloaded if it 518 * is currently mounted read-only. 519 */ 520 if ((fsflags & MNT_RELOAD) && 521 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 522 vput(vp); 523 error = EOPNOTSUPP; /* Needs translation */ 524 goto bad; 525 } 526 /* 527 * Only root, or the user that did the original mount is 528 * permitted to update it. 529 */ 530 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 531 error = suser(td); 532 if (error) { 533 vput(vp); 534 goto bad; 535 } 536 } 537 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 538 vput(vp); 539 error = EBUSY; 540 goto bad; 541 } 542 VI_LOCK(vp); 543 if ((vp->v_iflag & VI_MOUNT) != 0 || 544 vp->v_mountedhere != NULL) { 545 VI_UNLOCK(vp); 546 vfs_unbusy(mp, td); 547 vput(vp); 548 error = EBUSY; 549 goto bad; 550 } 551 vp->v_iflag |= VI_MOUNT; 552 VI_UNLOCK(vp); 553 mp->mnt_flag |= fsflags & 554 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 555 VOP_UNLOCK(vp, 0, td); 556 mp->mnt_optnew = optlist; 557 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 558 goto update; 559 } 560 /* 561 * If the user is not root, ensure that they own the directory 562 * onto which we are attempting to mount. 563 */ 564 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 565 if (error) { 566 vput(vp); 567 goto bad; 568 } 569 if (va.va_uid != td->td_ucred->cr_uid) { 570 error = suser(td); 571 if (error) { 572 vput(vp); 573 goto bad; 574 } 575 } 576 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 577 vput(vp); 578 goto bad; 579 } 580 if (vp->v_type != VDIR) { 581 vput(vp); 582 error = ENOTDIR; 583 goto bad; 584 } 585 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 586 if (!strcmp(vfsp->vfc_name, fstype)) 587 break; 588 if (vfsp == NULL) { 589 /* Only load modules for root (very important!). */ 590 error = suser(td); 591 if (error) { 592 vput(vp); 593 goto bad; 594 } 595 error = securelevel_gt(td->td_ucred, 0); 596 if (error) { 597 vput(vp); 598 goto bad; 599 } 600 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 601 if (error || lf == NULL) { 602 vput(vp); 603 if (lf == NULL) 604 error = ENODEV; 605 goto bad; 606 } 607 lf->userrefs++; 608 /* Look up again to see if the VFS was loaded. */ 609 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 610 if (!strcmp(vfsp->vfc_name, fstype)) 611 break; 612 if (vfsp == NULL) { 613 lf->userrefs--; 614 linker_file_unload(lf); 615 vput(vp); 616 error = ENODEV; 617 goto bad; 618 } 619 } 620 VI_LOCK(vp); 621 if ((vp->v_iflag & VI_MOUNT) != 0 || 622 vp->v_mountedhere != NULL) { 623 VI_UNLOCK(vp); 624 vput(vp); 625 error = EBUSY; 626 goto bad; 627 } 628 vp->v_iflag |= VI_MOUNT; 629 VI_UNLOCK(vp); 630 631 /* 632 * Allocate and initialize the filesystem. 633 */ 634 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 635 TAILQ_INIT(&mp->mnt_nvnodelist); 636 TAILQ_INIT(&mp->mnt_reservedvnlist); 637 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 638 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 639 mp->mnt_op = vfsp->vfc_vfsops; 640 mp->mnt_vfc = vfsp; 641 vfsp->vfc_refcount++; 642 mp->mnt_stat.f_type = vfsp->vfc_typenum; 643 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 644 strncpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 645 mp->mnt_vnodecovered = vp; 646 mp->mnt_cred = crdup(td->td_ucred); 647 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 648 strncpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 649 mp->mnt_iosize_max = DFLTPHYS; 650 #ifdef MAC 651 mac_init_mount(mp); 652 mac_create_mount(td->td_ucred, mp); 653 #endif 654 VOP_UNLOCK(vp, 0, td); 655 mp->mnt_optnew = optlist; /* XXXMAC: should this be above? */ 656 657 update: 658 /* 659 * Check if the fs implements the new VFS_NMOUNT() 660 * function, since the new system call was used. 661 */ 662 if (mp->mnt_op->vfs_mount != NULL) { 663 printf("%s doesn't support the new mount syscall\n", 664 mp->mnt_vfc->vfc_name); 665 VI_LOCK(vp); 666 vp->v_iflag &= ~VI_MOUNT; 667 VI_UNLOCK(vp); 668 if (mp->mnt_flag & MNT_UPDATE) 669 vfs_unbusy(mp, td); 670 else { 671 mp->mnt_vfc->vfc_refcount--; 672 vfs_unbusy(mp, td); 673 #ifdef MAC 674 mac_destroy_mount(mp); 675 #endif 676 free(mp, M_MOUNT); 677 } 678 vrele(vp); 679 error = EOPNOTSUPP; 680 goto bad; 681 } 682 683 /* 684 * Set the mount level flags. 685 */ 686 if (fsflags & MNT_RDONLY) 687 mp->mnt_flag |= MNT_RDONLY; 688 else if (mp->mnt_flag & MNT_RDONLY) 689 mp->mnt_kern_flag |= MNTK_WANTRDWR; 690 mp->mnt_flag &=~ MNT_UPDATEMASK; 691 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 692 /* 693 * Mount the filesystem. 694 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 695 * get. No freeing of cn_pnbuf. 696 */ 697 error = VFS_NMOUNT(mp, &nd, td); 698 if (!error) { 699 if (mp->mnt_opt != NULL) 700 vfs_freeopts(mp->mnt_opt); 701 mp->mnt_opt = mp->mnt_optnew; 702 } 703 /* 704 * Prevent external consumers of mount 705 * options to read mnt_optnew. 706 */ 707 mp->mnt_optnew = NULL; 708 if (mp->mnt_flag & MNT_UPDATE) { 709 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 710 mp->mnt_flag &= ~MNT_RDONLY; 711 mp->mnt_flag &=~ 712 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 713 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 714 if (error) { 715 mp->mnt_flag = flag; 716 mp->mnt_kern_flag = kern_flag; 717 } 718 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 719 if (mp->mnt_syncer == NULL) 720 error = vfs_allocate_syncvnode(mp); 721 } else { 722 if (mp->mnt_syncer != NULL) 723 vrele(mp->mnt_syncer); 724 mp->mnt_syncer = NULL; 725 } 726 vfs_unbusy(mp, td); 727 VI_LOCK(vp); 728 vp->v_iflag &= ~VI_MOUNT; 729 VI_UNLOCK(vp); 730 vrele(vp); 731 return (error); 732 } 733 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 734 /* 735 * Put the new filesystem on the mount list after root. 736 */ 737 cache_purge(vp); 738 if (!error) { 739 struct vnode *newdp; 740 741 VI_LOCK(vp); 742 vp->v_iflag &= ~VI_MOUNT; 743 vp->v_mountedhere = mp; 744 VI_UNLOCK(vp); 745 mtx_lock(&mountlist_mtx); 746 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 747 mtx_unlock(&mountlist_mtx); 748 if (VFS_ROOT(mp, &newdp)) 749 panic("mount: lost mount"); 750 checkdirs(vp, newdp); 751 vput(newdp); 752 VOP_UNLOCK(vp, 0, td); 753 if ((mp->mnt_flag & MNT_RDONLY) == 0) 754 error = vfs_allocate_syncvnode(mp); 755 vfs_unbusy(mp, td); 756 if ((error = VFS_START(mp, 0, td)) != 0) { 757 vrele(vp); 758 goto bad; 759 } 760 } else { 761 VI_LOCK(vp); 762 vp->v_iflag &= ~VI_MOUNT; 763 VI_UNLOCK(vp); 764 mp->mnt_vfc->vfc_refcount--; 765 vfs_unbusy(mp, td); 766 #ifdef MAC 767 mac_destroy_mount(mp); 768 #endif 769 free(mp, M_MOUNT); 770 vput(vp); 771 goto bad; 772 } 773 return (0); 774 bad: 775 vfs_freeopts(optlist); 776 return (error); 777 } 778 779 /* 780 * Old mount API. 781 */ 782 #ifndef _SYS_SYSPROTO_H_ 783 struct mount_args { 784 char *type; 785 char *path; 786 int flags; 787 caddr_t data; 788 }; 789 #endif 790 /* ARGSUSED */ 791 int 792 mount(td, uap) 793 struct thread *td; 794 struct mount_args /* { 795 syscallarg(char *) type; 796 syscallarg(char *) path; 797 syscallarg(int) flags; 798 syscallarg(caddr_t) data; 799 } */ *uap; 800 { 801 char *fstype; 802 char *fspath; 803 int error; 804 805 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 806 fspath = malloc(MNAMELEN, M_TEMP, M_WAITOK); 807 808 /* 809 * vfs_mount() actually takes a kernel string for `type' and 810 * `path' now, so extract them. 811 */ 812 error = copyinstr(SCARG(uap, type), fstype, MFSNAMELEN, NULL); 813 if (error) 814 goto finish; 815 error = copyinstr(SCARG(uap, path), fspath, MNAMELEN, NULL); 816 if (error) 817 goto finish; 818 error = vfs_mount(td, fstype, fspath, SCARG(uap, flags), 819 SCARG(uap, data)); 820 finish: 821 free(fstype, M_TEMP); 822 free(fspath, M_TEMP); 823 return (error); 824 } 825 826 /* 827 * vfs_mount(): actually attempt a filesystem mount. 828 * 829 * This routine is designed to be a "generic" entry point for routines 830 * that wish to mount a filesystem. All parameters except `fsdata' are 831 * pointers into kernel space. `fsdata' is currently still a pointer 832 * into userspace. 833 */ 834 int 835 vfs_mount(td, fstype, fspath, fsflags, fsdata) 836 struct thread *td; 837 const char *fstype; 838 char *fspath; 839 int fsflags; 840 void *fsdata; 841 { 842 linker_file_t lf; 843 struct vnode *vp; 844 struct mount *mp; 845 struct vfsconf *vfsp; 846 int error, flag = 0, kern_flag = 0; 847 struct vattr va; 848 struct nameidata nd; 849 850 /* 851 * Be ultra-paranoid about making sure the type and fspath 852 * variables will fit in our mp buffers, including the 853 * terminating NUL. 854 */ 855 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 856 return (ENAMETOOLONG); 857 858 if (usermount == 0) { 859 error = suser(td); 860 if (error) 861 return (error); 862 } 863 /* 864 * Do not allow NFS export by non-root users. 865 */ 866 if (fsflags & MNT_EXPORTED) { 867 error = suser(td); 868 if (error) 869 return (error); 870 } 871 /* 872 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 873 */ 874 if (suser(td)) 875 fsflags |= MNT_NOSUID | MNT_NODEV; 876 /* 877 * Get vnode to be covered 878 */ 879 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 880 if ((error = namei(&nd)) != 0) 881 return (error); 882 NDFREE(&nd, NDF_ONLY_PNBUF); 883 vp = nd.ni_vp; 884 if (fsflags & MNT_UPDATE) { 885 if ((vp->v_vflag & VV_ROOT) == 0) { 886 vput(vp); 887 return (EINVAL); 888 } 889 mp = vp->v_mount; 890 flag = mp->mnt_flag; 891 kern_flag = mp->mnt_kern_flag; 892 /* 893 * We only allow the filesystem to be reloaded if it 894 * is currently mounted read-only. 895 */ 896 if ((fsflags & MNT_RELOAD) && 897 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 898 vput(vp); 899 return (EOPNOTSUPP); /* Needs translation */ 900 } 901 /* 902 * Only root, or the user that did the original mount is 903 * permitted to update it. 904 */ 905 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 906 error = suser(td); 907 if (error) { 908 vput(vp); 909 return (error); 910 } 911 } 912 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 913 vput(vp); 914 return (EBUSY); 915 } 916 VI_LOCK(vp); 917 if ((vp->v_iflag & VI_MOUNT) != 0 || 918 vp->v_mountedhere != NULL) { 919 VI_UNLOCK(vp); 920 vfs_unbusy(mp, td); 921 vput(vp); 922 return (EBUSY); 923 } 924 vp->v_iflag |= VI_MOUNT; 925 VI_UNLOCK(vp); 926 mp->mnt_flag |= fsflags & 927 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 928 VOP_UNLOCK(vp, 0, td); 929 goto update; 930 } 931 /* 932 * If the user is not root, ensure that they own the directory 933 * onto which we are attempting to mount. 934 */ 935 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 936 if (error) { 937 vput(vp); 938 return (error); 939 } 940 if (va.va_uid != td->td_ucred->cr_uid) { 941 error = suser(td); 942 if (error) { 943 vput(vp); 944 return (error); 945 } 946 } 947 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 948 vput(vp); 949 return (error); 950 } 951 if (vp->v_type != VDIR) { 952 vput(vp); 953 return (ENOTDIR); 954 } 955 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 956 if (!strcmp(vfsp->vfc_name, fstype)) 957 break; 958 if (vfsp == NULL) { 959 /* Only load modules for root (very important!). */ 960 error = suser(td); 961 if (error) { 962 vput(vp); 963 return (error); 964 } 965 error = securelevel_gt(td->td_ucred, 0); 966 if (error) { 967 vput(vp); 968 return (error); 969 } 970 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 971 if (error || lf == NULL) { 972 vput(vp); 973 if (lf == NULL) 974 error = ENODEV; 975 return (error); 976 } 977 lf->userrefs++; 978 /* Look up again to see if the VFS was loaded. */ 979 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 980 if (!strcmp(vfsp->vfc_name, fstype)) 981 break; 982 if (vfsp == NULL) { 983 lf->userrefs--; 984 linker_file_unload(lf); 985 vput(vp); 986 return (ENODEV); 987 } 988 } 989 VI_LOCK(vp); 990 if ((vp->v_iflag & VI_MOUNT) != 0 || 991 vp->v_mountedhere != NULL) { 992 VI_UNLOCK(vp); 993 vput(vp); 994 return (EBUSY); 995 } 996 vp->v_iflag |= VI_MOUNT; 997 VI_UNLOCK(vp); 998 999 /* 1000 * Allocate and initialize the filesystem. 1001 */ 1002 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1003 TAILQ_INIT(&mp->mnt_nvnodelist); 1004 TAILQ_INIT(&mp->mnt_reservedvnlist); 1005 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1006 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1007 mp->mnt_op = vfsp->vfc_vfsops; 1008 mp->mnt_vfc = vfsp; 1009 vfsp->vfc_refcount++; 1010 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1011 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1012 strncpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 1013 mp->mnt_vnodecovered = vp; 1014 mp->mnt_cred = crdup(td->td_ucred); 1015 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 1016 strncpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 1017 mp->mnt_iosize_max = DFLTPHYS; 1018 #ifdef MAC 1019 mac_init_mount(mp); 1020 mac_create_mount(td->td_ucred, mp); 1021 #endif 1022 VOP_UNLOCK(vp, 0, td); 1023 update: 1024 /* 1025 * Check if the fs implements the old VFS_MOUNT() 1026 * function, since the old system call was used. 1027 */ 1028 if (mp->mnt_op->vfs_mount == NULL) { 1029 printf("%s doesn't support the old mount syscall\n", 1030 mp->mnt_vfc->vfc_name); 1031 VI_LOCK(vp); 1032 vp->v_iflag &= ~VI_MOUNT; 1033 VI_UNLOCK(vp); 1034 if (mp->mnt_flag & MNT_UPDATE) 1035 vfs_unbusy(mp, td); 1036 else { 1037 mp->mnt_vfc->vfc_refcount--; 1038 vfs_unbusy(mp, td); 1039 #ifdef MAC 1040 mac_destroy_mount(mp); 1041 #endif 1042 free(mp, M_MOUNT); 1043 } 1044 vrele(vp); 1045 return (EOPNOTSUPP); 1046 } 1047 1048 /* 1049 * Set the mount level flags. 1050 */ 1051 if (fsflags & MNT_RDONLY) 1052 mp->mnt_flag |= MNT_RDONLY; 1053 else if (mp->mnt_flag & MNT_RDONLY) 1054 mp->mnt_kern_flag |= MNTK_WANTRDWR; 1055 mp->mnt_flag &=~ MNT_UPDATEMASK; 1056 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 1057 /* 1058 * Mount the filesystem. 1059 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 1060 * get. No freeing of cn_pnbuf. 1061 */ 1062 error = VFS_MOUNT(mp, fspath, fsdata, &nd, td); 1063 if (mp->mnt_flag & MNT_UPDATE) { 1064 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 1065 mp->mnt_flag &= ~MNT_RDONLY; 1066 mp->mnt_flag &=~ 1067 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 1068 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 1069 if (error) { 1070 mp->mnt_flag = flag; 1071 mp->mnt_kern_flag = kern_flag; 1072 } 1073 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 1074 if (mp->mnt_syncer == NULL) 1075 error = vfs_allocate_syncvnode(mp); 1076 } else { 1077 if (mp->mnt_syncer != NULL) 1078 vrele(mp->mnt_syncer); 1079 mp->mnt_syncer = NULL; 1080 } 1081 vfs_unbusy(mp, td); 1082 VI_LOCK(vp); 1083 vp->v_iflag &= ~VI_MOUNT; 1084 VI_UNLOCK(vp); 1085 vrele(vp); 1086 return (error); 1087 } 1088 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 1089 /* 1090 * Put the new filesystem on the mount list after root. 1091 */ 1092 cache_purge(vp); 1093 if (!error) { 1094 struct vnode *newdp; 1095 1096 mp_fixme("Does interlock protect mounted here or not?"); 1097 VI_LOCK(vp); 1098 vp->v_iflag &= ~VI_MOUNT; 1099 vp->v_mountedhere = mp; 1100 VI_UNLOCK(vp); 1101 mtx_lock(&mountlist_mtx); 1102 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1103 mtx_unlock(&mountlist_mtx); 1104 if (VFS_ROOT(mp, &newdp)) 1105 panic("mount: lost mount"); 1106 checkdirs(vp, newdp); 1107 vput(newdp); 1108 VOP_UNLOCK(vp, 0, td); 1109 if ((mp->mnt_flag & MNT_RDONLY) == 0) 1110 error = vfs_allocate_syncvnode(mp); 1111 vfs_unbusy(mp, td); 1112 if ((error = VFS_START(mp, 0, td)) != 0) 1113 vrele(vp); 1114 } else { 1115 VI_LOCK(vp); 1116 vp->v_iflag &= ~VI_MOUNT; 1117 VI_UNLOCK(vp); 1118 mp->mnt_vfc->vfc_refcount--; 1119 vfs_unbusy(mp, td); 1120 #ifdef MAC 1121 mac_destroy_mount(mp); 1122 #endif 1123 free(mp, M_MOUNT); 1124 vput(vp); 1125 } 1126 return (error); 1127 } 1128 1129 /* 1130 * Scan all active processes to see if any of them have a current 1131 * or root directory of `olddp'. If so, replace them with the new 1132 * mount point. 1133 */ 1134 static void 1135 checkdirs(olddp, newdp) 1136 struct vnode *olddp, *newdp; 1137 { 1138 struct filedesc *fdp; 1139 struct proc *p; 1140 int nrele; 1141 1142 if (olddp->v_usecount == 1) 1143 return; 1144 sx_slock(&allproc_lock); 1145 LIST_FOREACH(p, &allproc, p_list) { 1146 PROC_LOCK(p); 1147 fdp = p->p_fd; 1148 if (fdp == NULL) { 1149 PROC_UNLOCK(p); 1150 continue; 1151 } 1152 nrele = 0; 1153 FILEDESC_LOCK(fdp); 1154 if (fdp->fd_cdir == olddp) { 1155 VREF(newdp); 1156 fdp->fd_cdir = newdp; 1157 nrele++; 1158 } 1159 if (fdp->fd_rdir == olddp) { 1160 VREF(newdp); 1161 fdp->fd_rdir = newdp; 1162 nrele++; 1163 } 1164 FILEDESC_UNLOCK(fdp); 1165 PROC_UNLOCK(p); 1166 while (nrele--) 1167 vrele(olddp); 1168 } 1169 sx_sunlock(&allproc_lock); 1170 if (rootvnode == olddp) { 1171 vrele(rootvnode); 1172 VREF(newdp); 1173 rootvnode = newdp; 1174 } 1175 } 1176 1177 /* 1178 * Unmount a filesystem. 1179 * 1180 * Note: unmount takes a path to the vnode mounted on as argument, 1181 * not special file (as before). 1182 */ 1183 #ifndef _SYS_SYSPROTO_H_ 1184 struct unmount_args { 1185 char *path; 1186 int flags; 1187 }; 1188 #endif 1189 /* ARGSUSED */ 1190 int 1191 unmount(td, uap) 1192 struct thread *td; 1193 register struct unmount_args /* { 1194 syscallarg(char *) path; 1195 syscallarg(int) flags; 1196 } */ *uap; 1197 { 1198 register struct vnode *vp; 1199 struct mount *mp; 1200 int error; 1201 struct nameidata nd; 1202 1203 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE, 1204 SCARG(uap, path), td); 1205 if ((error = namei(&nd)) != 0) 1206 return (error); 1207 vp = nd.ni_vp; 1208 NDFREE(&nd, NDF_ONLY_PNBUF); 1209 mp = vp->v_mount; 1210 1211 /* 1212 * Only root, or the user that did the original mount is 1213 * permitted to unmount this filesystem. 1214 */ 1215 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 1216 error = suser(td); 1217 if (error) { 1218 vput(vp); 1219 return (error); 1220 } 1221 } 1222 1223 /* 1224 * Don't allow unmounting the root filesystem. 1225 */ 1226 if (mp->mnt_flag & MNT_ROOTFS) { 1227 vput(vp); 1228 return (EINVAL); 1229 } 1230 1231 /* 1232 * Must be the root of the filesystem 1233 */ 1234 if ((vp->v_vflag & VV_ROOT) == 0) { 1235 vput(vp); 1236 return (EINVAL); 1237 } 1238 vput(vp); 1239 return (dounmount(mp, SCARG(uap, flags), td)); 1240 } 1241 1242 /* 1243 * Do the actual filesystem unmount. 1244 */ 1245 int 1246 dounmount(mp, flags, td) 1247 struct mount *mp; 1248 int flags; 1249 struct thread *td; 1250 { 1251 struct vnode *coveredvp, *fsrootvp; 1252 int error; 1253 int async_flag; 1254 1255 mtx_lock(&mountlist_mtx); 1256 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1257 mtx_unlock(&mountlist_mtx); 1258 return (EBUSY); 1259 } 1260 mp->mnt_kern_flag |= MNTK_UNMOUNT; 1261 /* Allow filesystems to detect that a forced unmount is in progress. */ 1262 if (flags & MNT_FORCE) 1263 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1264 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK | 1265 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), &mountlist_mtx, td); 1266 if (error) { 1267 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1268 if (mp->mnt_kern_flag & MNTK_MWAIT) 1269 wakeup(mp); 1270 return (error); 1271 } 1272 vn_start_write(NULL, &mp, V_WAIT); 1273 1274 if (mp->mnt_flag & MNT_EXPUBLIC) 1275 vfs_setpublicfs(NULL, NULL, NULL); 1276 1277 vfs_msync(mp, MNT_WAIT); 1278 async_flag = mp->mnt_flag & MNT_ASYNC; 1279 mp->mnt_flag &=~ MNT_ASYNC; 1280 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1281 if (mp->mnt_syncer != NULL) 1282 vrele(mp->mnt_syncer); 1283 /* Move process cdir/rdir refs on fs root to underlying vnode. */ 1284 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1285 if (mp->mnt_vnodecovered != NULL) 1286 checkdirs(fsrootvp, mp->mnt_vnodecovered); 1287 if (fsrootvp == rootvnode) { 1288 vrele(rootvnode); 1289 rootvnode = NULL; 1290 } 1291 vput(fsrootvp); 1292 } 1293 if (((mp->mnt_flag & MNT_RDONLY) || 1294 (error = VFS_SYNC(mp, MNT_WAIT, td->td_ucred, td)) == 0) || 1295 (flags & MNT_FORCE)) { 1296 error = VFS_UNMOUNT(mp, flags, td); 1297 } 1298 vn_finished_write(mp); 1299 if (error) { 1300 /* Undo cdir/rdir and rootvnode changes made above. */ 1301 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1302 if (mp->mnt_vnodecovered != NULL) 1303 checkdirs(mp->mnt_vnodecovered, fsrootvp); 1304 if (rootvnode == NULL) { 1305 rootvnode = fsrootvp; 1306 vref(rootvnode); 1307 } 1308 vput(fsrootvp); 1309 } 1310 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) 1311 (void) vfs_allocate_syncvnode(mp); 1312 mtx_lock(&mountlist_mtx); 1313 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1314 mp->mnt_flag |= async_flag; 1315 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, 1316 &mountlist_mtx, td); 1317 if (mp->mnt_kern_flag & MNTK_MWAIT) 1318 wakeup(mp); 1319 return (error); 1320 } 1321 crfree(mp->mnt_cred); 1322 mtx_lock(&mountlist_mtx); 1323 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1324 if ((coveredvp = mp->mnt_vnodecovered) != NULL) 1325 coveredvp->v_mountedhere = NULL; 1326 mp->mnt_vfc->vfc_refcount--; 1327 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) 1328 panic("unmount: dangling vnode"); 1329 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, &mountlist_mtx, td); 1330 lockdestroy(&mp->mnt_lock); 1331 if (coveredvp != NULL) 1332 vrele(coveredvp); 1333 if (mp->mnt_kern_flag & MNTK_MWAIT) 1334 wakeup(mp); 1335 #ifdef MAC 1336 mac_destroy_mount(mp); 1337 #endif 1338 if (mp->mnt_op->vfs_mount == NULL) 1339 vfs_freeopts(mp->mnt_opt); 1340 free(mp, M_MOUNT); 1341 return (0); 1342 } 1343 1344 /* 1345 * Lookup a filesystem type, and if found allocate and initialize 1346 * a mount structure for it. 1347 * 1348 * Devname is usually updated by mount(8) after booting. 1349 */ 1350 int 1351 vfs_rootmountalloc(fstypename, devname, mpp) 1352 char *fstypename; 1353 char *devname; 1354 struct mount **mpp; 1355 { 1356 struct thread *td = curthread; /* XXX */ 1357 struct vfsconf *vfsp; 1358 struct mount *mp; 1359 1360 if (fstypename == NULL) 1361 return (ENODEV); 1362 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1363 if (!strcmp(vfsp->vfc_name, fstypename)) 1364 break; 1365 if (vfsp == NULL) 1366 return (ENODEV); 1367 mp = malloc((u_long)sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1368 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1369 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1370 TAILQ_INIT(&mp->mnt_nvnodelist); 1371 TAILQ_INIT(&mp->mnt_reservedvnlist); 1372 mp->mnt_vfc = vfsp; 1373 mp->mnt_op = vfsp->vfc_vfsops; 1374 mp->mnt_flag = MNT_RDONLY; 1375 mp->mnt_vnodecovered = NULLVP; 1376 mp->mnt_cred = crdup(td->td_ucred); 1377 vfsp->vfc_refcount++; 1378 mp->mnt_iosize_max = DFLTPHYS; 1379 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1380 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1381 strncpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 1382 mp->mnt_stat.f_mntonname[0] = '/'; 1383 mp->mnt_stat.f_mntonname[1] = 0; 1384 (void) copystr(devname, mp->mnt_stat.f_mntfromname, MNAMELEN - 1, 0); 1385 #ifdef MAC 1386 mac_init_mount(mp); 1387 mac_create_mount(td->td_ucred, mp); 1388 #endif 1389 *mpp = mp; 1390 return (0); 1391 } 1392 1393 /* 1394 * Find and mount the root filesystem 1395 */ 1396 void 1397 vfs_mountroot(void) 1398 { 1399 char *cp; 1400 int i, error; 1401 1402 /* 1403 * The root filesystem information is compiled in, and we are 1404 * booted with instructions to use it. 1405 */ 1406 #ifdef ROOTDEVNAME 1407 if ((boothowto & RB_DFLTROOT) && 1408 !vfs_mountroot_try(ROOTDEVNAME)) 1409 return; 1410 #endif 1411 /* 1412 * We are booted with instructions to prompt for the root filesystem, 1413 * or to use the compiled-in default when it doesn't exist. 1414 */ 1415 if (boothowto & (RB_DFLTROOT | RB_ASKNAME)) { 1416 if (!vfs_mountroot_ask()) 1417 return; 1418 } 1419 1420 /* 1421 * We've been given the generic "use CDROM as root" flag. This is 1422 * necessary because one media may be used in many different 1423 * devices, so we need to search for them. 1424 */ 1425 if (boothowto & RB_CDROM) { 1426 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1427 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1428 return; 1429 } 1430 } 1431 1432 /* 1433 * Try to use the value read by the loader from /etc/fstab, or 1434 * supplied via some other means. This is the preferred 1435 * mechanism. 1436 */ 1437 if ((cp = getenv("vfs.root.mountfrom")) != NULL) { 1438 error = vfs_mountroot_try(cp); 1439 freeenv(cp); 1440 if (!error) 1441 return; 1442 } 1443 1444 /* 1445 * Try values that may have been computed by the machine-dependant 1446 * legacy code. 1447 */ 1448 if (!vfs_mountroot_try(rootdevnames[0])) 1449 return; 1450 if (!vfs_mountroot_try(rootdevnames[1])) 1451 return; 1452 1453 /* 1454 * If we have a compiled-in default, and haven't already tried it, try 1455 * it now. 1456 */ 1457 #ifdef ROOTDEVNAME 1458 if (!(boothowto & RB_DFLTROOT)) 1459 if (!vfs_mountroot_try(ROOTDEVNAME)) 1460 return; 1461 #endif 1462 1463 /* 1464 * Everything so far has failed, prompt on the console if we haven't 1465 * already tried that. 1466 */ 1467 if (!(boothowto & (RB_DFLTROOT | RB_ASKNAME)) && !vfs_mountroot_ask()) 1468 return; 1469 panic("Root mount failed, startup aborted."); 1470 } 1471 1472 /* 1473 * Mount (mountfrom) as the root filesystem. 1474 */ 1475 static int 1476 vfs_mountroot_try(char *mountfrom) 1477 { 1478 struct mount *mp; 1479 char *vfsname, *path; 1480 int error; 1481 char patt[32]; 1482 int s; 1483 1484 vfsname = NULL; 1485 path = NULL; 1486 mp = NULL; 1487 error = EINVAL; 1488 1489 if (mountfrom == NULL) 1490 return(error); /* don't complain */ 1491 1492 s = splcam(); /* Overkill, but annoying without it */ 1493 printf("Mounting root from %s\n", mountfrom); 1494 splx(s); 1495 1496 /* parse vfs name and path */ 1497 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1498 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1499 vfsname[0] = path[0] = 0; 1500 sprintf(patt, "%%%d[a-z0-9]:%%%ds", MFSNAMELEN, MNAMELEN); 1501 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1502 goto done; 1503 1504 /* allocate a root mount */ 1505 error = vfs_rootmountalloc(vfsname, path[0] != 0 ? path : ROOTNAME, 1506 &mp); 1507 if (error != 0) { 1508 printf("Can't allocate root mount for filesystem '%s': %d\n", 1509 vfsname, error); 1510 goto done; 1511 } 1512 mp->mnt_flag |= MNT_ROOTFS; 1513 1514 /* do our best to set rootdev */ 1515 if ((path[0] != 0) && setrootbyname(path)) 1516 printf("setrootbyname failed\n"); 1517 1518 /* If the root device is a type "memory disk", mount RW */ 1519 if (rootdev != NODEV && devsw(rootdev) && 1520 (devsw(rootdev)->d_flags & D_MEMDISK)) 1521 mp->mnt_flag &= ~MNT_RDONLY; 1522 1523 /* 1524 * Set the mount path to be something useful, because the 1525 * filesystem code isn't responsible now for initialising 1526 * f_mntonname unless they want to override the default 1527 * (which is `path'.) 1528 */ 1529 strncpy(mp->mnt_stat.f_mntonname, "/", MNAMELEN); 1530 1531 error = VFS_MOUNT(mp, NULL, NULL, NULL, curthread); 1532 1533 done: 1534 if (vfsname != NULL) 1535 free(vfsname, M_MOUNT); 1536 if (path != NULL) 1537 free(path, M_MOUNT); 1538 if (error != 0) { 1539 if (mp != NULL) { 1540 vfs_unbusy(mp, curthread); 1541 #ifdef MAC 1542 mac_destroy_mount(mp); 1543 #endif 1544 free(mp, M_MOUNT); 1545 } 1546 printf("Root mount failed: %d\n", error); 1547 } else { 1548 1549 /* register with list of mounted filesystems */ 1550 mtx_lock(&mountlist_mtx); 1551 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1552 mtx_unlock(&mountlist_mtx); 1553 1554 /* sanity check system clock against root fs timestamp */ 1555 inittodr(mp->mnt_time); 1556 vfs_unbusy(mp, curthread); 1557 error = VFS_START(mp, 0, curthread); 1558 } 1559 return(error); 1560 } 1561 1562 /* 1563 * Spin prompting on the console for a suitable root filesystem 1564 */ 1565 static int 1566 vfs_mountroot_ask(void) 1567 { 1568 char name[128]; 1569 int i; 1570 dev_t dev; 1571 1572 for(;;) { 1573 printf("\nManual root filesystem specification:\n"); 1574 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1575 #if defined(__i386__) || defined(__ia64__) 1576 printf(" eg. ufs:da0s1a\n"); 1577 #else 1578 printf(" eg. ufs:da0a\n"); 1579 #endif 1580 printf(" ? List valid disk boot devices\n"); 1581 printf(" <empty line> Abort manual input\n"); 1582 printf("\nmountroot> "); 1583 gets(name); 1584 if (name[0] == 0) 1585 return(1); 1586 if (name[0] == '?') { 1587 printf("Possibly valid devices for 'ufs' root:\n"); 1588 for (i = 0; i < NUMCDEVSW; i++) { 1589 dev = makedev(i, 0); 1590 if (devsw(dev) != NULL) 1591 printf(" \"%s\"", devsw(dev)->d_name); 1592 } 1593 printf("\n"); 1594 continue; 1595 } 1596 if (!vfs_mountroot_try(name)) 1597 return(0); 1598 } 1599 } 1600 1601 /* 1602 * Local helper function for vfs_mountroot_ask. 1603 */ 1604 static void 1605 gets(char *cp) 1606 { 1607 char *lp; 1608 int c; 1609 1610 lp = cp; 1611 for (;;) { 1612 printf("%c", c = cngetc() & 0177); 1613 switch (c) { 1614 case -1: 1615 case '\n': 1616 case '\r': 1617 *lp++ = '\0'; 1618 return; 1619 case '\b': 1620 case '\177': 1621 if (lp > cp) { 1622 printf(" \b"); 1623 lp--; 1624 } 1625 continue; 1626 case '#': 1627 lp--; 1628 if (lp < cp) 1629 lp = cp; 1630 continue; 1631 case '@': 1632 case 'u' & 037: 1633 lp = cp; 1634 printf("%c", '\n'); 1635 continue; 1636 default: 1637 *lp++ = c; 1638 } 1639 } 1640 } 1641 1642 /* 1643 * Convert a given name to the dev_t of the disk-like device 1644 * it refers to. 1645 */ 1646 dev_t 1647 getdiskbyname(char *name) { 1648 char *cp; 1649 dev_t dev; 1650 1651 cp = name; 1652 if (!bcmp(cp, "/dev/", 5)) 1653 cp += 5; 1654 1655 dev = NODEV; 1656 EVENTHANDLER_INVOKE(dev_clone, cp, strlen(cp), &dev); 1657 return (dev); 1658 } 1659 1660 /* 1661 * Set rootdev to match (name), given that we expect it to 1662 * refer to a disk-like device. 1663 */ 1664 static int 1665 setrootbyname(char *name) 1666 { 1667 dev_t diskdev; 1668 1669 diskdev = getdiskbyname(name); 1670 if (diskdev != NODEV) { 1671 rootdev = diskdev; 1672 return (0); 1673 } 1674 1675 return (1); 1676 } 1677 1678 /* Show the dev_t for a disk specified by name */ 1679 #ifdef DDB 1680 DB_SHOW_COMMAND(disk, db_getdiskbyname) 1681 { 1682 dev_t dev; 1683 1684 if (modif[0] == '\0') { 1685 db_error("usage: show disk/devicename"); 1686 return; 1687 } 1688 dev = getdiskbyname(modif); 1689 if (dev != NODEV) 1690 db_printf("dev_t = %p\n", dev); 1691 else 1692 db_printf("No disk device matched.\n"); 1693 } 1694 #endif 1695 1696 /* 1697 * Get a mount option by its name. 1698 * 1699 * Return 0 if the option was found, ENOENT otherwise. 1700 * If len is non-NULL it will be filled with the length 1701 * of the option. If buf is non-NULL, it will be filled 1702 * with the address of the option. 1703 */ 1704 int 1705 vfs_getopt(opts, name, buf, len) 1706 struct vfsoptlist *opts; 1707 const char *name; 1708 void **buf; 1709 int *len; 1710 { 1711 struct vfsopt *opt; 1712 1713 TAILQ_FOREACH(opt, opts, link) { 1714 if (strcmp(name, opt->name) == 0) { 1715 if (len != NULL) 1716 *len = opt->len; 1717 if (buf != NULL) 1718 *buf = opt->value; 1719 return (0); 1720 } 1721 } 1722 return (ENOENT); 1723 } 1724 1725 /* 1726 * Find and copy a mount option. 1727 * 1728 * The size of the buffer has to be specified 1729 * in len, if it is not the same length as the 1730 * mount option, EINVAL is returned. 1731 * Returns ENOENT if the option is not found. 1732 */ 1733 int 1734 vfs_copyopt(opts, name, dest, len) 1735 struct vfsoptlist *opts; 1736 const char *name; 1737 void *dest; 1738 int len; 1739 { 1740 struct vfsopt *opt; 1741 1742 TAILQ_FOREACH(opt, opts, link) { 1743 if (strcmp(name, opt->name) == 0) { 1744 if (len != opt->len) 1745 return (EINVAL); 1746 bcopy(opt->value, dest, opt->len); 1747 return (0); 1748 } 1749 } 1750 return (ENOENT); 1751 } 1752