1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * Copyright (c) 1999 Michael Smith 39 * All rights reserved. 40 * Copyright (c) 1999 Poul-Henning Kamp 41 * All rights reserved. 42 * 43 * Redistribution and use in source and binary forms, with or without 44 * modification, are permitted provided that the following conditions 45 * are met: 46 * 1. Redistributions of source code must retain the above copyright 47 * notice, this list of conditions and the following disclaimer. 48 * 2. Redistributions in binary form must reproduce the above copyright 49 * notice, this list of conditions and the following disclaimer in the 50 * documentation and/or other materials provided with the distribution. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 * 64 * $FreeBSD$ 65 */ 66 67 #include <sys/param.h> 68 #include <sys/conf.h> 69 #include <sys/cons.h> 70 #include <sys/kernel.h> 71 #include <sys/linker.h> 72 #include <sys/mac.h> 73 #include <sys/malloc.h> 74 #include <sys/mount.h> 75 #include <sys/mutex.h> 76 #include <sys/namei.h> 77 #include <sys/proc.h> 78 #include <sys/filedesc.h> 79 #include <sys/reboot.h> 80 #include <sys/sysproto.h> 81 #include <sys/sx.h> 82 #include <sys/sysctl.h> 83 #include <sys/sysent.h> 84 #include <sys/systm.h> 85 #include <sys/vnode.h> 86 87 #include <geom/geom.h> 88 89 #include <machine/stdarg.h> 90 91 #include "opt_rootdevname.h" 92 #include "opt_ddb.h" 93 #include "opt_mac.h" 94 95 #ifdef DDB 96 #include <ddb/ddb.h> 97 #endif 98 99 #define ROOTNAME "root_device" 100 101 static void checkdirs(struct vnode *olddp, struct vnode *newdp); 102 static int vfs_nmount(struct thread *td, int, struct uio *); 103 static int vfs_mountroot_try(char *mountfrom); 104 static int vfs_mountroot_ask(void); 105 static void gets(char *cp); 106 107 static int usermount = 0; /* if 1, non-root can mount fs. */ 108 SYSCTL_INT(_vfs, OID_AUTO, usermount, CTLFLAG_RW, &usermount, 0, ""); 109 110 MALLOC_DEFINE(M_MOUNT, "mount", "vfs mount structure"); 111 112 /* List of mounted filesystems. */ 113 struct mntlist mountlist = TAILQ_HEAD_INITIALIZER(mountlist); 114 115 /* For any iteration/modification of mountlist */ 116 struct mtx mountlist_mtx; 117 118 /* For any iteration/modification of mnt_vnodelist */ 119 struct mtx mntvnode_mtx; 120 121 /* 122 * The vnode of the system's root (/ in the filesystem, without chroot 123 * active.) 124 */ 125 struct vnode *rootvnode; 126 127 /* 128 * The root filesystem is detailed in the kernel environment variable 129 * vfs.root.mountfrom, which is expected to be in the general format 130 * 131 * <vfsname>:[<path>] 132 * vfsname := the name of a VFS known to the kernel and capable 133 * of being mounted as root 134 * path := disk device name or other data used by the filesystem 135 * to locate its physical store 136 */ 137 138 /* 139 * The root specifiers we will try if RB_CDROM is specified. 140 */ 141 static char *cdrom_rootdevnames[] = { 142 "cd9660:cd0a", 143 "cd9660:acd0a", 144 "cd9660:wcd0a", 145 NULL 146 }; 147 148 /* legacy find-root code */ 149 char *rootdevnames[2] = {NULL, NULL}; 150 static int setrootbyname(char *name); 151 dev_t rootdev = NODEV; 152 153 /* 154 * Has to be dynamic as the value of rootdev can change; however, it can't 155 * change after the root is mounted, so a user process can't access this 156 * sysctl until after the value is unchangeable. 157 */ 158 static int 159 sysctl_rootdev(SYSCTL_HANDLER_ARGS) 160 { 161 int error; 162 163 /* _RD prevents this from happening. */ 164 KASSERT(req->newptr == NULL, ("Attempt to change root device name")); 165 166 if (rootdev != NODEV) 167 error = sysctl_handle_string(oidp, rootdev->si_name, 0, req); 168 else 169 error = sysctl_handle_string(oidp, "", 0, req); 170 171 return (error); 172 } 173 174 SYSCTL_PROC(_kern, OID_AUTO, rootdev, CTLTYPE_STRING | CTLFLAG_RD, 175 0, 0, sysctl_rootdev, "A", "Root file system device"); 176 177 /* Remove one mount option. */ 178 static void 179 vfs_freeopt(struct vfsoptlist *opts, struct vfsopt *opt) 180 { 181 182 TAILQ_REMOVE(opts, opt, link); 183 free(opt->name, M_MOUNT); 184 if (opt->value != NULL) 185 free(opt->value, M_MOUNT); 186 #ifdef INVARIANTS 187 else if (opt->len != 0) 188 panic("%s: mount option with NULL value but length != 0", 189 __func__); 190 #endif 191 free(opt, M_MOUNT); 192 } 193 194 /* Release all resources related to the mount options. */ 195 static void 196 vfs_freeopts(struct vfsoptlist *opts) 197 { 198 struct vfsopt *opt; 199 200 while (!TAILQ_EMPTY(opts)) { 201 opt = TAILQ_FIRST(opts); 202 vfs_freeopt(opts, opt); 203 } 204 free(opts, M_MOUNT); 205 } 206 207 /* 208 * If a mount option is specified several times, 209 * (with or without the "no" prefix) only keep 210 * the last occurence of it. 211 */ 212 static void 213 vfs_sanitizeopts(struct vfsoptlist *opts) 214 { 215 struct vfsopt *opt, *opt2, *tmp; 216 int noopt; 217 218 TAILQ_FOREACH_REVERSE(opt, opts, vfsoptlist, link) { 219 if (strncmp(opt->name, "no", 2) == 0) 220 noopt = 1; 221 else 222 noopt = 0; 223 opt2 = TAILQ_PREV(opt, vfsoptlist, link); 224 while (opt2 != NULL) { 225 if (strcmp(opt2->name, opt->name) == 0 || 226 (noopt && strcmp(opt->name + 2, opt2->name) == 0) || 227 (!noopt && strncmp(opt2->name, "no", 2) == 0 && 228 strcmp(opt2->name + 2, opt->name) == 0)) { 229 tmp = TAILQ_PREV(opt2, vfsoptlist, link); 230 vfs_freeopt(opts, opt2); 231 opt2 = tmp; 232 } else { 233 opt2 = TAILQ_PREV(opt2, vfsoptlist, link); 234 } 235 } 236 } 237 } 238 239 /* 240 * Build a linked list of mount options from a struct uio. 241 */ 242 static int 243 vfs_buildopts(struct uio *auio, struct vfsoptlist **options) 244 { 245 struct vfsoptlist *opts; 246 struct vfsopt *opt; 247 unsigned int i, iovcnt; 248 int error, namelen, optlen; 249 250 iovcnt = auio->uio_iovcnt; 251 opts = malloc(sizeof(struct vfsoptlist), M_MOUNT, M_WAITOK); 252 TAILQ_INIT(opts); 253 for (i = 0; i < iovcnt; i += 2) { 254 opt = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 255 namelen = auio->uio_iov[i].iov_len; 256 optlen = auio->uio_iov[i + 1].iov_len; 257 opt->name = malloc(namelen, M_MOUNT, M_WAITOK); 258 opt->value = NULL; 259 if (auio->uio_segflg == UIO_SYSSPACE) { 260 bcopy(auio->uio_iov[i].iov_base, opt->name, namelen); 261 } else { 262 error = copyin(auio->uio_iov[i].iov_base, opt->name, 263 namelen); 264 if (error) 265 goto bad; 266 } 267 opt->len = optlen; 268 if (optlen != 0) { 269 opt->value = malloc(optlen, M_MOUNT, M_WAITOK); 270 if (auio->uio_segflg == UIO_SYSSPACE) { 271 bcopy(auio->uio_iov[i + 1].iov_base, opt->value, 272 optlen); 273 } else { 274 error = copyin(auio->uio_iov[i + 1].iov_base, 275 opt->value, optlen); 276 if (error) 277 goto bad; 278 } 279 } 280 TAILQ_INSERT_TAIL(opts, opt, link); 281 } 282 vfs_sanitizeopts(opts); 283 *options = opts; 284 return (0); 285 bad: 286 vfs_freeopts(opts); 287 return (error); 288 } 289 290 /* 291 * Merge the old mount options with the new ones passed 292 * in the MNT_UPDATE case. 293 */ 294 static void 295 vfs_mergeopts(struct vfsoptlist *toopts, struct vfsoptlist *opts) 296 { 297 struct vfsopt *opt, *opt2, *new; 298 299 TAILQ_FOREACH(opt, opts, link) { 300 /* 301 * Check that this option hasn't been redefined 302 * nor cancelled with a "no" mount option. 303 */ 304 opt2 = TAILQ_FIRST(toopts); 305 while (opt2 != NULL) { 306 if (strcmp(opt2->name, opt->name) == 0) 307 goto next; 308 if (strncmp(opt2->name, "no", 2) == 0 && 309 strcmp(opt2->name + 2, opt->name) == 0) { 310 vfs_freeopt(toopts, opt2); 311 goto next; 312 } 313 opt2 = TAILQ_NEXT(opt2, link); 314 } 315 /* We want this option, duplicate it. */ 316 new = malloc(sizeof(struct vfsopt), M_MOUNT, M_WAITOK); 317 new->name = malloc(strlen(opt->name) + 1, M_MOUNT, M_WAITOK); 318 strcpy(new->name, opt->name); 319 if (opt->len != 0) { 320 new->value = malloc(opt->len, M_MOUNT, M_WAITOK); 321 bcopy(opt->value, new->value, opt->len); 322 } else { 323 new->value = NULL; 324 } 325 new->len = opt->len; 326 TAILQ_INSERT_TAIL(toopts, new, link); 327 next: 328 continue; 329 } 330 } 331 332 /* 333 * New mount API. 334 */ 335 int 336 nmount(td, uap) 337 struct thread *td; 338 struct nmount_args /* { 339 struct iovec *iovp; 340 unsigned int iovcnt; 341 int flags; 342 } */ *uap; 343 { 344 struct uio auio; 345 struct iovec *iov, *needfree; 346 struct iovec aiov[UIO_SMALLIOV]; 347 unsigned int i; 348 int error; 349 u_int iovlen, iovcnt; 350 351 iovcnt = uap->iovcnt; 352 iovlen = iovcnt * sizeof (struct iovec); 353 /* 354 * Check that we have an even number of iovec's 355 * and that we have at least two options. 356 */ 357 if ((iovcnt & 1) || (iovcnt < 4) || (iovcnt > UIO_MAXIOV)) 358 return (EINVAL); 359 360 if (iovcnt > UIO_SMALLIOV) { 361 MALLOC(iov, struct iovec *, iovlen, M_IOV, M_WAITOK); 362 needfree = iov; 363 } else { 364 iov = aiov; 365 needfree = NULL; 366 } 367 auio.uio_iov = iov; 368 auio.uio_iovcnt = iovcnt; 369 auio.uio_segflg = UIO_USERSPACE; 370 if ((error = copyin(uap->iovp, iov, iovlen))) 371 goto finish; 372 373 for (i = 0; i < iovcnt; i++) { 374 if (iov->iov_len > MMAXOPTIONLEN) { 375 error = EINVAL; 376 goto finish; 377 } 378 iov++; 379 } 380 error = vfs_nmount(td, uap->flags, &auio); 381 finish: 382 if (needfree != NULL) 383 free(needfree, M_TEMP); 384 return (error); 385 } 386 387 int 388 kernel_mount(iovp, iovcnt, flags) 389 struct iovec *iovp; 390 unsigned int iovcnt; 391 int flags; 392 { 393 struct uio auio; 394 int error; 395 396 /* 397 * Check that we have an even number of iovec's 398 * and that we have at least two options. 399 */ 400 if ((iovcnt & 1) || (iovcnt < 4)) 401 return (EINVAL); 402 403 auio.uio_iov = iovp; 404 auio.uio_iovcnt = iovcnt; 405 auio.uio_segflg = UIO_SYSSPACE; 406 407 error = vfs_nmount(curthread, flags, &auio); 408 return (error); 409 } 410 411 int 412 kernel_vmount(int flags, ...) 413 { 414 struct iovec *iovp; 415 struct uio auio; 416 va_list ap; 417 unsigned int iovcnt, iovlen, len; 418 const char *cp; 419 char *buf, *pos; 420 size_t n; 421 int error, i; 422 423 len = 0; 424 va_start(ap, flags); 425 for (iovcnt = 0; (cp = va_arg(ap, const char *)) != NULL; iovcnt++) 426 len += strlen(cp) + 1; 427 va_end(ap); 428 429 if (iovcnt < 4 || iovcnt & 1) 430 return (EINVAL); 431 432 iovlen = iovcnt * sizeof (struct iovec); 433 MALLOC(iovp, struct iovec *, iovlen, M_MOUNT, M_WAITOK); 434 MALLOC(buf, char *, len, M_MOUNT, M_WAITOK); 435 pos = buf; 436 va_start(ap, flags); 437 for (i = 0; i < iovcnt; i++) { 438 cp = va_arg(ap, const char *); 439 copystr(cp, pos, len - (pos - buf), &n); 440 iovp[i].iov_base = pos; 441 iovp[i].iov_len = n; 442 pos += n; 443 } 444 va_end(ap); 445 446 auio.uio_iov = iovp; 447 auio.uio_iovcnt = iovcnt; 448 auio.uio_segflg = UIO_SYSSPACE; 449 450 error = vfs_nmount(curthread, flags, &auio); 451 FREE(iovp, M_MOUNT); 452 FREE(buf, M_MOUNT); 453 return (error); 454 } 455 456 /* 457 * vfs_nmount(): actually attempt a filesystem mount. 458 */ 459 static int 460 vfs_nmount(td, fsflags, fsoptions) 461 struct thread *td; 462 int fsflags; /* Flags common to all filesystems. */ 463 struct uio *fsoptions; /* Options local to the filesystem. */ 464 { 465 linker_file_t lf; 466 struct vnode *vp; 467 struct mount *mp; 468 struct vfsconf *vfsp; 469 struct vfsoptlist *optlist; 470 char *fstype, *fspath; 471 int error, flag = 0, kern_flag = 0; 472 int fstypelen, fspathlen; 473 struct vattr va; 474 struct nameidata nd; 475 476 error = vfs_buildopts(fsoptions, &optlist); 477 if (error) 478 return (error); 479 480 /* 481 * We need these two options before the others, 482 * and they are mandatory for any filesystem. 483 * Ensure they are NUL terminated as well. 484 */ 485 fstypelen = 0; 486 error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); 487 if (error || fstype[fstypelen - 1] != '\0') { 488 error = EINVAL; 489 goto bad; 490 } 491 fspathlen = 0; 492 error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); 493 if (error || fspath[fspathlen - 1] != '\0') { 494 error = EINVAL; 495 goto bad; 496 } 497 498 /* 499 * Be ultra-paranoid about making sure the type and fspath 500 * variables will fit in our mp buffers, including the 501 * terminating NUL. 502 */ 503 if (fstypelen >= MFSNAMELEN - 1 || fspathlen >= MNAMELEN - 1) { 504 error = ENAMETOOLONG; 505 goto bad; 506 } 507 508 if (usermount == 0) { 509 error = suser(td); 510 if (error) 511 goto bad; 512 } 513 /* 514 * Do not allow NFS export by non-root users. 515 */ 516 if (fsflags & MNT_EXPORTED) { 517 error = suser(td); 518 if (error) 519 goto bad; 520 } 521 /* 522 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 523 */ 524 if (suser(td)) 525 fsflags |= MNT_NOSUID | MNT_NODEV; 526 /* 527 * Get vnode to be covered 528 */ 529 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 530 if ((error = namei(&nd)) != 0) 531 goto bad; 532 NDFREE(&nd, NDF_ONLY_PNBUF); 533 vp = nd.ni_vp; 534 if (fsflags & MNT_UPDATE) { 535 if ((vp->v_vflag & VV_ROOT) == 0) { 536 vput(vp); 537 error = EINVAL; 538 goto bad; 539 } 540 mp = vp->v_mount; 541 flag = mp->mnt_flag; 542 kern_flag = mp->mnt_kern_flag; 543 /* 544 * We only allow the filesystem to be reloaded if it 545 * is currently mounted read-only. 546 */ 547 if ((fsflags & MNT_RELOAD) && 548 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 549 vput(vp); 550 error = EOPNOTSUPP; /* Needs translation */ 551 goto bad; 552 } 553 /* 554 * Only root, or the user that did the original mount is 555 * permitted to update it. 556 */ 557 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 558 error = suser(td); 559 if (error) { 560 vput(vp); 561 goto bad; 562 } 563 } 564 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 565 vput(vp); 566 error = EBUSY; 567 goto bad; 568 } 569 VI_LOCK(vp); 570 if ((vp->v_iflag & VI_MOUNT) != 0 || 571 vp->v_mountedhere != NULL) { 572 VI_UNLOCK(vp); 573 vfs_unbusy(mp, td); 574 vput(vp); 575 error = EBUSY; 576 goto bad; 577 } 578 vp->v_iflag |= VI_MOUNT; 579 VI_UNLOCK(vp); 580 mp->mnt_flag |= fsflags & 581 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 582 VOP_UNLOCK(vp, 0, td); 583 mp->mnt_optnew = optlist; 584 vfs_mergeopts(mp->mnt_optnew, mp->mnt_opt); 585 goto update; 586 } 587 /* 588 * If the user is not root, ensure that they own the directory 589 * onto which we are attempting to mount. 590 */ 591 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 592 if (error) { 593 vput(vp); 594 goto bad; 595 } 596 if (va.va_uid != td->td_ucred->cr_uid) { 597 error = suser(td); 598 if (error) { 599 vput(vp); 600 goto bad; 601 } 602 } 603 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 604 vput(vp); 605 goto bad; 606 } 607 if (vp->v_type != VDIR) { 608 vput(vp); 609 error = ENOTDIR; 610 goto bad; 611 } 612 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 613 if (!strcmp(vfsp->vfc_name, fstype)) 614 break; 615 if (vfsp == NULL) { 616 /* Only load modules for root (very important!). */ 617 error = suser(td); 618 if (error) { 619 vput(vp); 620 goto bad; 621 } 622 error = securelevel_gt(td->td_ucred, 0); 623 if (error) { 624 vput(vp); 625 goto bad; 626 } 627 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 628 if (error || lf == NULL) { 629 vput(vp); 630 if (lf == NULL) 631 error = ENODEV; 632 goto bad; 633 } 634 lf->userrefs++; 635 /* Look up again to see if the VFS was loaded. */ 636 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 637 if (!strcmp(vfsp->vfc_name, fstype)) 638 break; 639 if (vfsp == NULL) { 640 lf->userrefs--; 641 linker_file_unload(lf); 642 vput(vp); 643 error = ENODEV; 644 goto bad; 645 } 646 } 647 VI_LOCK(vp); 648 if ((vp->v_iflag & VI_MOUNT) != 0 || 649 vp->v_mountedhere != NULL) { 650 VI_UNLOCK(vp); 651 vput(vp); 652 error = EBUSY; 653 goto bad; 654 } 655 vp->v_iflag |= VI_MOUNT; 656 VI_UNLOCK(vp); 657 658 /* 659 * Allocate and initialize the filesystem. 660 */ 661 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 662 TAILQ_INIT(&mp->mnt_nvnodelist); 663 TAILQ_INIT(&mp->mnt_reservedvnlist); 664 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 665 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 666 mp->mnt_op = vfsp->vfc_vfsops; 667 mp->mnt_vfc = vfsp; 668 vfsp->vfc_refcount++; 669 mp->mnt_stat.f_type = vfsp->vfc_typenum; 670 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 671 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 672 mp->mnt_vnodecovered = vp; 673 mp->mnt_cred = crdup(td->td_ucred); 674 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 675 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 676 mp->mnt_iosize_max = DFLTPHYS; 677 #ifdef MAC 678 mac_init_mount(mp); 679 mac_create_mount(td->td_ucred, mp); 680 #endif 681 VOP_UNLOCK(vp, 0, td); 682 mp->mnt_optnew = optlist; /* XXXMAC: should this be above? */ 683 684 update: 685 /* 686 * Check if the fs implements the new VFS_NMOUNT() 687 * function, since the new system call was used. 688 */ 689 if (mp->mnt_op->vfs_mount != NULL) { 690 printf("%s doesn't support the new mount syscall\n", 691 mp->mnt_vfc->vfc_name); 692 VI_LOCK(vp); 693 vp->v_iflag &= ~VI_MOUNT; 694 VI_UNLOCK(vp); 695 if (mp->mnt_flag & MNT_UPDATE) 696 vfs_unbusy(mp, td); 697 else { 698 mp->mnt_vfc->vfc_refcount--; 699 vfs_unbusy(mp, td); 700 #ifdef MAC 701 mac_destroy_mount(mp); 702 #endif 703 free(mp, M_MOUNT); 704 } 705 vrele(vp); 706 error = EOPNOTSUPP; 707 goto bad; 708 } 709 710 /* 711 * Set the mount level flags. 712 */ 713 if (fsflags & MNT_RDONLY) 714 mp->mnt_flag |= MNT_RDONLY; 715 else if (mp->mnt_flag & MNT_RDONLY) 716 mp->mnt_kern_flag |= MNTK_WANTRDWR; 717 mp->mnt_flag &=~ MNT_UPDATEMASK; 718 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 719 /* 720 * Mount the filesystem. 721 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 722 * get. No freeing of cn_pnbuf. 723 */ 724 error = VFS_NMOUNT(mp, &nd, td); 725 if (!error) { 726 if (mp->mnt_opt != NULL) 727 vfs_freeopts(mp->mnt_opt); 728 mp->mnt_opt = mp->mnt_optnew; 729 } 730 /* 731 * Prevent external consumers of mount 732 * options to read mnt_optnew. 733 */ 734 mp->mnt_optnew = NULL; 735 if (mp->mnt_flag & MNT_UPDATE) { 736 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 737 mp->mnt_flag &= ~MNT_RDONLY; 738 mp->mnt_flag &=~ 739 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 740 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 741 if (error) { 742 mp->mnt_flag = flag; 743 mp->mnt_kern_flag = kern_flag; 744 } 745 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 746 if (mp->mnt_syncer == NULL) 747 error = vfs_allocate_syncvnode(mp); 748 } else { 749 if (mp->mnt_syncer != NULL) 750 vrele(mp->mnt_syncer); 751 mp->mnt_syncer = NULL; 752 } 753 vfs_unbusy(mp, td); 754 VI_LOCK(vp); 755 vp->v_iflag &= ~VI_MOUNT; 756 VI_UNLOCK(vp); 757 vrele(vp); 758 return (error); 759 } 760 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 761 /* 762 * Put the new filesystem on the mount list after root. 763 */ 764 cache_purge(vp); 765 if (!error) { 766 struct vnode *newdp; 767 768 VI_LOCK(vp); 769 vp->v_iflag &= ~VI_MOUNT; 770 VI_UNLOCK(vp); 771 vp->v_mountedhere = mp; 772 mtx_lock(&mountlist_mtx); 773 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 774 mtx_unlock(&mountlist_mtx); 775 if (VFS_ROOT(mp, &newdp)) 776 panic("mount: lost mount"); 777 checkdirs(vp, newdp); 778 vput(newdp); 779 VOP_UNLOCK(vp, 0, td); 780 if ((mp->mnt_flag & MNT_RDONLY) == 0) 781 error = vfs_allocate_syncvnode(mp); 782 vfs_unbusy(mp, td); 783 if ((error = VFS_START(mp, 0, td)) != 0) { 784 vrele(vp); 785 goto bad; 786 } 787 } else { 788 VI_LOCK(vp); 789 vp->v_iflag &= ~VI_MOUNT; 790 VI_UNLOCK(vp); 791 mp->mnt_vfc->vfc_refcount--; 792 vfs_unbusy(mp, td); 793 #ifdef MAC 794 mac_destroy_mount(mp); 795 #endif 796 free(mp, M_MOUNT); 797 vput(vp); 798 goto bad; 799 } 800 return (0); 801 bad: 802 vfs_freeopts(optlist); 803 return (error); 804 } 805 806 /* 807 * Old mount API. 808 */ 809 #ifndef _SYS_SYSPROTO_H_ 810 struct mount_args { 811 char *type; 812 char *path; 813 int flags; 814 caddr_t data; 815 }; 816 #endif 817 /* ARGSUSED */ 818 int 819 mount(td, uap) 820 struct thread *td; 821 struct mount_args /* { 822 char *type; 823 char *path; 824 int flags; 825 caddr_t data; 826 } */ *uap; 827 { 828 char *fstype; 829 char *fspath; 830 int error; 831 832 fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); 833 fspath = malloc(MNAMELEN, M_TEMP, M_WAITOK); 834 835 /* 836 * vfs_mount() actually takes a kernel string for `type' and 837 * `path' now, so extract them. 838 */ 839 error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL); 840 if (error == 0) 841 error = copyinstr(uap->path, fspath, MNAMELEN, NULL); 842 if (error == 0) 843 error = vfs_mount(td, fstype, fspath, uap->flags, uap->data); 844 free(fstype, M_TEMP); 845 free(fspath, M_TEMP); 846 return (error); 847 } 848 849 /* 850 * vfs_mount(): actually attempt a filesystem mount. 851 * 852 * This routine is designed to be a "generic" entry point for routines 853 * that wish to mount a filesystem. All parameters except `fsdata' are 854 * pointers into kernel space. `fsdata' is currently still a pointer 855 * into userspace. 856 */ 857 int 858 vfs_mount(td, fstype, fspath, fsflags, fsdata) 859 struct thread *td; 860 const char *fstype; 861 char *fspath; 862 int fsflags; 863 void *fsdata; 864 { 865 linker_file_t lf; 866 struct vnode *vp; 867 struct mount *mp; 868 struct vfsconf *vfsp; 869 int error, flag = 0, kern_flag = 0; 870 struct vattr va; 871 struct nameidata nd; 872 873 /* 874 * Be ultra-paranoid about making sure the type and fspath 875 * variables will fit in our mp buffers, including the 876 * terminating NUL. 877 */ 878 if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN) 879 return (ENAMETOOLONG); 880 881 if (usermount == 0) { 882 error = suser(td); 883 if (error) 884 return (error); 885 } 886 /* 887 * Do not allow NFS export by non-root users. 888 */ 889 if (fsflags & MNT_EXPORTED) { 890 error = suser(td); 891 if (error) 892 return (error); 893 } 894 /* 895 * Silently enforce MNT_NOSUID and MNT_NODEV for non-root users. 896 */ 897 if (suser(td)) 898 fsflags |= MNT_NOSUID | MNT_NODEV; 899 /* 900 * Get vnode to be covered 901 */ 902 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); 903 if ((error = namei(&nd)) != 0) 904 return (error); 905 NDFREE(&nd, NDF_ONLY_PNBUF); 906 vp = nd.ni_vp; 907 if (fsflags & MNT_UPDATE) { 908 if ((vp->v_vflag & VV_ROOT) == 0) { 909 vput(vp); 910 return (EINVAL); 911 } 912 mp = vp->v_mount; 913 flag = mp->mnt_flag; 914 kern_flag = mp->mnt_kern_flag; 915 /* 916 * We only allow the filesystem to be reloaded if it 917 * is currently mounted read-only. 918 */ 919 if ((fsflags & MNT_RELOAD) && 920 ((mp->mnt_flag & MNT_RDONLY) == 0)) { 921 vput(vp); 922 return (EOPNOTSUPP); /* Needs translation */ 923 } 924 /* 925 * Only root, or the user that did the original mount is 926 * permitted to update it. 927 */ 928 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 929 error = suser(td); 930 if (error) { 931 vput(vp); 932 return (error); 933 } 934 } 935 if (vfs_busy(mp, LK_NOWAIT, 0, td)) { 936 vput(vp); 937 return (EBUSY); 938 } 939 VI_LOCK(vp); 940 if ((vp->v_iflag & VI_MOUNT) != 0 || 941 vp->v_mountedhere != NULL) { 942 VI_UNLOCK(vp); 943 vfs_unbusy(mp, td); 944 vput(vp); 945 return (EBUSY); 946 } 947 vp->v_iflag |= VI_MOUNT; 948 VI_UNLOCK(vp); 949 mp->mnt_flag |= fsflags & 950 (MNT_RELOAD | MNT_FORCE | MNT_UPDATE | MNT_SNAPSHOT); 951 VOP_UNLOCK(vp, 0, td); 952 goto update; 953 } 954 /* 955 * If the user is not root, ensure that they own the directory 956 * onto which we are attempting to mount. 957 */ 958 error = VOP_GETATTR(vp, &va, td->td_ucred, td); 959 if (error) { 960 vput(vp); 961 return (error); 962 } 963 if (va.va_uid != td->td_ucred->cr_uid) { 964 error = suser(td); 965 if (error) { 966 vput(vp); 967 return (error); 968 } 969 } 970 if ((error = vinvalbuf(vp, V_SAVE, td->td_ucred, td, 0, 0)) != 0) { 971 vput(vp); 972 return (error); 973 } 974 if (vp->v_type != VDIR) { 975 vput(vp); 976 return (ENOTDIR); 977 } 978 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 979 if (!strcmp(vfsp->vfc_name, fstype)) 980 break; 981 if (vfsp == NULL) { 982 /* Only load modules for root (very important!). */ 983 error = suser(td); 984 if (error) { 985 vput(vp); 986 return (error); 987 } 988 error = securelevel_gt(td->td_ucred, 0); 989 if (error) { 990 vput(vp); 991 return (error); 992 } 993 error = linker_load_module(NULL, fstype, NULL, NULL, &lf); 994 if (error || lf == NULL) { 995 vput(vp); 996 if (lf == NULL) 997 error = ENODEV; 998 return (error); 999 } 1000 lf->userrefs++; 1001 /* Look up again to see if the VFS was loaded. */ 1002 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1003 if (!strcmp(vfsp->vfc_name, fstype)) 1004 break; 1005 if (vfsp == NULL) { 1006 lf->userrefs--; 1007 linker_file_unload(lf); 1008 vput(vp); 1009 return (ENODEV); 1010 } 1011 } 1012 VI_LOCK(vp); 1013 if ((vp->v_iflag & VI_MOUNT) != 0 || 1014 vp->v_mountedhere != NULL) { 1015 VI_UNLOCK(vp); 1016 vput(vp); 1017 return (EBUSY); 1018 } 1019 vp->v_iflag |= VI_MOUNT; 1020 VI_UNLOCK(vp); 1021 1022 /* 1023 * Allocate and initialize the filesystem. 1024 */ 1025 mp = malloc(sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1026 TAILQ_INIT(&mp->mnt_nvnodelist); 1027 TAILQ_INIT(&mp->mnt_reservedvnlist); 1028 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1029 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1030 mp->mnt_op = vfsp->vfc_vfsops; 1031 mp->mnt_vfc = vfsp; 1032 vfsp->vfc_refcount++; 1033 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1034 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1035 strlcpy(mp->mnt_stat.f_fstypename, fstype, MFSNAMELEN); 1036 mp->mnt_vnodecovered = vp; 1037 mp->mnt_cred = crdup(td->td_ucred); 1038 mp->mnt_stat.f_owner = td->td_ucred->cr_uid; 1039 strlcpy(mp->mnt_stat.f_mntonname, fspath, MNAMELEN); 1040 mp->mnt_iosize_max = DFLTPHYS; 1041 #ifdef MAC 1042 mac_init_mount(mp); 1043 mac_create_mount(td->td_ucred, mp); 1044 #endif 1045 VOP_UNLOCK(vp, 0, td); 1046 update: 1047 /* 1048 * Check if the fs implements the old VFS_MOUNT() 1049 * function, since the old system call was used. 1050 */ 1051 if (mp->mnt_op->vfs_mount == NULL) { 1052 printf("%s doesn't support the old mount syscall\n", 1053 mp->mnt_vfc->vfc_name); 1054 VI_LOCK(vp); 1055 vp->v_iflag &= ~VI_MOUNT; 1056 VI_UNLOCK(vp); 1057 if (mp->mnt_flag & MNT_UPDATE) 1058 vfs_unbusy(mp, td); 1059 else { 1060 mp->mnt_vfc->vfc_refcount--; 1061 vfs_unbusy(mp, td); 1062 #ifdef MAC 1063 mac_destroy_mount(mp); 1064 #endif 1065 free(mp, M_MOUNT); 1066 } 1067 vrele(vp); 1068 return (EOPNOTSUPP); 1069 } 1070 1071 /* 1072 * Set the mount level flags. 1073 */ 1074 if (fsflags & MNT_RDONLY) 1075 mp->mnt_flag |= MNT_RDONLY; 1076 else if (mp->mnt_flag & MNT_RDONLY) 1077 mp->mnt_kern_flag |= MNTK_WANTRDWR; 1078 mp->mnt_flag &=~ MNT_UPDATEMASK; 1079 mp->mnt_flag |= fsflags & (MNT_UPDATEMASK | MNT_FORCE); 1080 /* 1081 * Mount the filesystem. 1082 * XXX The final recipients of VFS_MOUNT just overwrite the ndp they 1083 * get. No freeing of cn_pnbuf. 1084 */ 1085 error = VFS_MOUNT(mp, fspath, fsdata, &nd, td); 1086 if (mp->mnt_flag & MNT_UPDATE) { 1087 if (mp->mnt_kern_flag & MNTK_WANTRDWR) 1088 mp->mnt_flag &= ~MNT_RDONLY; 1089 mp->mnt_flag &=~ 1090 (MNT_UPDATE | MNT_RELOAD | MNT_FORCE | MNT_SNAPSHOT); 1091 mp->mnt_kern_flag &=~ MNTK_WANTRDWR; 1092 if (error) { 1093 mp->mnt_flag = flag; 1094 mp->mnt_kern_flag = kern_flag; 1095 } 1096 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 1097 if (mp->mnt_syncer == NULL) 1098 error = vfs_allocate_syncvnode(mp); 1099 } else { 1100 if (mp->mnt_syncer != NULL) 1101 vrele(mp->mnt_syncer); 1102 mp->mnt_syncer = NULL; 1103 } 1104 vfs_unbusy(mp, td); 1105 VI_LOCK(vp); 1106 vp->v_iflag &= ~VI_MOUNT; 1107 VI_UNLOCK(vp); 1108 vrele(vp); 1109 return (error); 1110 } 1111 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 1112 /* 1113 * Put the new filesystem on the mount list after root. 1114 */ 1115 cache_purge(vp); 1116 if (!error) { 1117 struct vnode *newdp; 1118 1119 VI_LOCK(vp); 1120 vp->v_iflag &= ~VI_MOUNT; 1121 VI_UNLOCK(vp); 1122 vp->v_mountedhere = mp; 1123 mtx_lock(&mountlist_mtx); 1124 TAILQ_INSERT_TAIL(&mountlist, mp, mnt_list); 1125 mtx_unlock(&mountlist_mtx); 1126 if (VFS_ROOT(mp, &newdp)) 1127 panic("mount: lost mount"); 1128 checkdirs(vp, newdp); 1129 vput(newdp); 1130 VOP_UNLOCK(vp, 0, td); 1131 if ((mp->mnt_flag & MNT_RDONLY) == 0) 1132 error = vfs_allocate_syncvnode(mp); 1133 vfs_unbusy(mp, td); 1134 if ((error = VFS_START(mp, 0, td)) != 0) 1135 vrele(vp); 1136 } else { 1137 VI_LOCK(vp); 1138 vp->v_iflag &= ~VI_MOUNT; 1139 VI_UNLOCK(vp); 1140 mp->mnt_vfc->vfc_refcount--; 1141 vfs_unbusy(mp, td); 1142 #ifdef MAC 1143 mac_destroy_mount(mp); 1144 #endif 1145 free(mp, M_MOUNT); 1146 vput(vp); 1147 } 1148 return (error); 1149 } 1150 1151 /* 1152 * Scan all active processes to see if any of them have a current 1153 * or root directory of `olddp'. If so, replace them with the new 1154 * mount point. 1155 */ 1156 static void 1157 checkdirs(olddp, newdp) 1158 struct vnode *olddp, *newdp; 1159 { 1160 struct filedesc *fdp; 1161 struct proc *p; 1162 int nrele; 1163 1164 if (vrefcnt(olddp) == 1) 1165 return; 1166 sx_slock(&allproc_lock); 1167 LIST_FOREACH(p, &allproc, p_list) { 1168 mtx_lock(&fdesc_mtx); 1169 fdp = p->p_fd; 1170 if (fdp == NULL) { 1171 mtx_unlock(&fdesc_mtx); 1172 continue; 1173 } 1174 nrele = 0; 1175 FILEDESC_LOCK(fdp); 1176 if (fdp->fd_cdir == olddp) { 1177 VREF(newdp); 1178 fdp->fd_cdir = newdp; 1179 nrele++; 1180 } 1181 if (fdp->fd_rdir == olddp) { 1182 VREF(newdp); 1183 fdp->fd_rdir = newdp; 1184 nrele++; 1185 } 1186 FILEDESC_UNLOCK(fdp); 1187 mtx_unlock(&fdesc_mtx); 1188 while (nrele--) 1189 vrele(olddp); 1190 } 1191 sx_sunlock(&allproc_lock); 1192 if (rootvnode == olddp) { 1193 vrele(rootvnode); 1194 VREF(newdp); 1195 rootvnode = newdp; 1196 } 1197 } 1198 1199 /* 1200 * Unmount a filesystem. 1201 * 1202 * Note: unmount takes a path to the vnode mounted on as argument, 1203 * not special file (as before). 1204 */ 1205 #ifndef _SYS_SYSPROTO_H_ 1206 struct unmount_args { 1207 char *path; 1208 int flags; 1209 }; 1210 #endif 1211 /* ARGSUSED */ 1212 int 1213 unmount(td, uap) 1214 struct thread *td; 1215 register struct unmount_args /* { 1216 char *path; 1217 int flags; 1218 } */ *uap; 1219 { 1220 register struct vnode *vp; 1221 struct mount *mp; 1222 int error; 1223 struct nameidata nd; 1224 1225 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE, uap->path, td); 1226 if ((error = namei(&nd)) != 0) 1227 return (error); 1228 vp = nd.ni_vp; 1229 NDFREE(&nd, NDF_ONLY_PNBUF); 1230 mp = vp->v_mount; 1231 1232 /* 1233 * Only root, or the user that did the original mount is 1234 * permitted to unmount this filesystem. 1235 */ 1236 if (mp->mnt_cred->cr_uid != td->td_ucred->cr_uid) { 1237 error = suser(td); 1238 if (error) { 1239 vput(vp); 1240 return (error); 1241 } 1242 } 1243 1244 /* 1245 * Don't allow unmounting the root filesystem. 1246 */ 1247 if (mp->mnt_flag & MNT_ROOTFS) { 1248 vput(vp); 1249 return (EINVAL); 1250 } 1251 1252 /* 1253 * Must be the root of the filesystem 1254 */ 1255 if ((vp->v_vflag & VV_ROOT) == 0) { 1256 vput(vp); 1257 return (EINVAL); 1258 } 1259 vput(vp); 1260 return (dounmount(mp, uap->flags, td)); 1261 } 1262 1263 /* 1264 * Do the actual filesystem unmount. 1265 */ 1266 int 1267 dounmount(mp, flags, td) 1268 struct mount *mp; 1269 int flags; 1270 struct thread *td; 1271 { 1272 struct vnode *coveredvp, *fsrootvp; 1273 int error; 1274 int async_flag; 1275 1276 mtx_lock(&mountlist_mtx); 1277 if (mp->mnt_kern_flag & MNTK_UNMOUNT) { 1278 mtx_unlock(&mountlist_mtx); 1279 return (EBUSY); 1280 } 1281 mp->mnt_kern_flag |= MNTK_UNMOUNT; 1282 /* Allow filesystems to detect that a forced unmount is in progress. */ 1283 if (flags & MNT_FORCE) 1284 mp->mnt_kern_flag |= MNTK_UNMOUNTF; 1285 error = lockmgr(&mp->mnt_lock, LK_DRAIN | LK_INTERLOCK | 1286 ((flags & MNT_FORCE) ? 0 : LK_NOWAIT), &mountlist_mtx, td); 1287 if (error) { 1288 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1289 if (mp->mnt_kern_flag & MNTK_MWAIT) 1290 wakeup(mp); 1291 return (error); 1292 } 1293 vn_start_write(NULL, &mp, V_WAIT); 1294 1295 if (mp->mnt_flag & MNT_EXPUBLIC) 1296 vfs_setpublicfs(NULL, NULL, NULL); 1297 1298 vfs_msync(mp, MNT_WAIT); 1299 async_flag = mp->mnt_flag & MNT_ASYNC; 1300 mp->mnt_flag &=~ MNT_ASYNC; 1301 cache_purgevfs(mp); /* remove cache entries for this file sys */ 1302 if (mp->mnt_syncer != NULL) 1303 vrele(mp->mnt_syncer); 1304 /* Move process cdir/rdir refs on fs root to underlying vnode. */ 1305 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1306 if (mp->mnt_vnodecovered != NULL) 1307 checkdirs(fsrootvp, mp->mnt_vnodecovered); 1308 if (fsrootvp == rootvnode) { 1309 vrele(rootvnode); 1310 rootvnode = NULL; 1311 } 1312 vput(fsrootvp); 1313 } 1314 if (((mp->mnt_flag & MNT_RDONLY) || 1315 (error = VFS_SYNC(mp, MNT_WAIT, td->td_ucred, td)) == 0) || 1316 (flags & MNT_FORCE)) { 1317 error = VFS_UNMOUNT(mp, flags, td); 1318 } 1319 vn_finished_write(mp); 1320 if (error) { 1321 /* Undo cdir/rdir and rootvnode changes made above. */ 1322 if (VFS_ROOT(mp, &fsrootvp) == 0) { 1323 if (mp->mnt_vnodecovered != NULL) 1324 checkdirs(mp->mnt_vnodecovered, fsrootvp); 1325 if (rootvnode == NULL) { 1326 rootvnode = fsrootvp; 1327 vref(rootvnode); 1328 } 1329 vput(fsrootvp); 1330 } 1331 if ((mp->mnt_flag & MNT_RDONLY) == 0 && mp->mnt_syncer == NULL) 1332 (void) vfs_allocate_syncvnode(mp); 1333 mtx_lock(&mountlist_mtx); 1334 mp->mnt_kern_flag &= ~(MNTK_UNMOUNT | MNTK_UNMOUNTF); 1335 mp->mnt_flag |= async_flag; 1336 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, 1337 &mountlist_mtx, td); 1338 if (mp->mnt_kern_flag & MNTK_MWAIT) 1339 wakeup(mp); 1340 return (error); 1341 } 1342 crfree(mp->mnt_cred); 1343 mtx_lock(&mountlist_mtx); 1344 TAILQ_REMOVE(&mountlist, mp, mnt_list); 1345 if ((coveredvp = mp->mnt_vnodecovered) != NULL) 1346 coveredvp->v_mountedhere = NULL; 1347 mp->mnt_vfc->vfc_refcount--; 1348 if (!TAILQ_EMPTY(&mp->mnt_nvnodelist)) 1349 panic("unmount: dangling vnode"); 1350 lockmgr(&mp->mnt_lock, LK_RELEASE | LK_INTERLOCK, &mountlist_mtx, td); 1351 lockdestroy(&mp->mnt_lock); 1352 if (coveredvp != NULL) 1353 vrele(coveredvp); 1354 if (mp->mnt_kern_flag & MNTK_MWAIT) 1355 wakeup(mp); 1356 #ifdef MAC 1357 mac_destroy_mount(mp); 1358 #endif 1359 if (mp->mnt_op->vfs_mount == NULL) 1360 vfs_freeopts(mp->mnt_opt); 1361 free(mp, M_MOUNT); 1362 return (0); 1363 } 1364 1365 /* 1366 * Lookup a filesystem type, and if found allocate and initialize 1367 * a mount structure for it. 1368 * 1369 * Devname is usually updated by mount(8) after booting. 1370 */ 1371 int 1372 vfs_rootmountalloc(fstypename, devname, mpp) 1373 char *fstypename; 1374 char *devname; 1375 struct mount **mpp; 1376 { 1377 struct thread *td = curthread; /* XXX */ 1378 struct vfsconf *vfsp; 1379 struct mount *mp; 1380 1381 if (fstypename == NULL) 1382 return (ENODEV); 1383 for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) 1384 if (!strcmp(vfsp->vfc_name, fstypename)) 1385 break; 1386 if (vfsp == NULL) 1387 return (ENODEV); 1388 mp = malloc((u_long)sizeof(struct mount), M_MOUNT, M_WAITOK | M_ZERO); 1389 lockinit(&mp->mnt_lock, PVFS, "vfslock", 0, LK_NOPAUSE); 1390 (void)vfs_busy(mp, LK_NOWAIT, 0, td); 1391 TAILQ_INIT(&mp->mnt_nvnodelist); 1392 TAILQ_INIT(&mp->mnt_reservedvnlist); 1393 mp->mnt_vfc = vfsp; 1394 mp->mnt_op = vfsp->vfc_vfsops; 1395 mp->mnt_flag = MNT_RDONLY; 1396 mp->mnt_vnodecovered = NULLVP; 1397 mp->mnt_cred = crdup(td->td_ucred); 1398 vfsp->vfc_refcount++; 1399 mp->mnt_iosize_max = DFLTPHYS; 1400 mp->mnt_stat.f_type = vfsp->vfc_typenum; 1401 mp->mnt_flag |= vfsp->vfc_flags & MNT_VISFLAGMASK; 1402 strlcpy(mp->mnt_stat.f_fstypename, vfsp->vfc_name, MFSNAMELEN); 1403 mp->mnt_stat.f_mntonname[0] = '/'; 1404 mp->mnt_stat.f_mntonname[1] = 0; 1405 strlcpy(mp->mnt_stat.f_mntfromname, devname, MNAMELEN); 1406 #ifdef MAC 1407 mac_init_mount(mp); 1408 mac_create_mount(td->td_ucred, mp); 1409 #endif 1410 *mpp = mp; 1411 return (0); 1412 } 1413 1414 /* 1415 * Find and mount the root filesystem 1416 */ 1417 void 1418 vfs_mountroot(void) 1419 { 1420 char *cp; 1421 int i, error; 1422 1423 g_waitidle(); 1424 1425 /* 1426 * The root filesystem information is compiled in, and we are 1427 * booted with instructions to use it. 1428 */ 1429 #ifdef ROOTDEVNAME 1430 if ((boothowto & RB_DFLTROOT) && 1431 !vfs_mountroot_try(ROOTDEVNAME)) 1432 return; 1433 #endif 1434 /* 1435 * We are booted with instructions to prompt for the root filesystem, 1436 * or to use the compiled-in default when it doesn't exist. 1437 */ 1438 if (boothowto & (RB_DFLTROOT | RB_ASKNAME)) { 1439 if (!vfs_mountroot_ask()) 1440 return; 1441 } 1442 1443 /* 1444 * We've been given the generic "use CDROM as root" flag. This is 1445 * necessary because one media may be used in many different 1446 * devices, so we need to search for them. 1447 */ 1448 if (boothowto & RB_CDROM) { 1449 for (i = 0; cdrom_rootdevnames[i] != NULL; i++) { 1450 if (!vfs_mountroot_try(cdrom_rootdevnames[i])) 1451 return; 1452 } 1453 } 1454 1455 /* 1456 * Try to use the value read by the loader from /etc/fstab, or 1457 * supplied via some other means. This is the preferred 1458 * mechanism. 1459 */ 1460 if ((cp = getenv("vfs.root.mountfrom")) != NULL) { 1461 error = vfs_mountroot_try(cp); 1462 freeenv(cp); 1463 if (!error) 1464 return; 1465 } 1466 1467 /* 1468 * Try values that may have been computed by the machine-dependant 1469 * legacy code. 1470 */ 1471 if (!vfs_mountroot_try(rootdevnames[0])) 1472 return; 1473 if (!vfs_mountroot_try(rootdevnames[1])) 1474 return; 1475 1476 /* 1477 * If we have a compiled-in default, and haven't already tried it, try 1478 * it now. 1479 */ 1480 #ifdef ROOTDEVNAME 1481 if (!(boothowto & RB_DFLTROOT)) 1482 if (!vfs_mountroot_try(ROOTDEVNAME)) 1483 return; 1484 #endif 1485 1486 /* 1487 * Everything so far has failed, prompt on the console if we haven't 1488 * already tried that. 1489 */ 1490 if (!(boothowto & (RB_DFLTROOT | RB_ASKNAME)) && !vfs_mountroot_ask()) 1491 return; 1492 panic("Root mount failed, startup aborted."); 1493 } 1494 1495 /* 1496 * Mount (mountfrom) as the root filesystem. 1497 */ 1498 static int 1499 vfs_mountroot_try(char *mountfrom) 1500 { 1501 struct mount *mp; 1502 char *vfsname, *path; 1503 const char *devname; 1504 int error; 1505 char patt[32]; 1506 int s; 1507 1508 vfsname = NULL; 1509 path = NULL; 1510 mp = NULL; 1511 error = EINVAL; 1512 1513 if (mountfrom == NULL) 1514 return(error); /* don't complain */ 1515 1516 s = splcam(); /* Overkill, but annoying without it */ 1517 printf("Mounting root from %s\n", mountfrom); 1518 splx(s); 1519 1520 /* parse vfs name and path */ 1521 vfsname = malloc(MFSNAMELEN, M_MOUNT, M_WAITOK); 1522 path = malloc(MNAMELEN, M_MOUNT, M_WAITOK); 1523 vfsname[0] = path[0] = 0; 1524 sprintf(patt, "%%%d[a-z0-9]:%%%zds", MFSNAMELEN, MNAMELEN); 1525 if (sscanf(mountfrom, patt, vfsname, path) < 1) 1526 goto done; 1527 1528 /* allocate a root mount */ 1529 error = vfs_rootmountalloc(vfsname, path[0] != 0 ? path : ROOTNAME, 1530 &mp); 1531 if (error != 0) { 1532 printf("Can't allocate root mount for filesystem '%s': %d\n", 1533 vfsname, error); 1534 goto done; 1535 } 1536 mp->mnt_flag |= MNT_ROOTFS; 1537 1538 /* do our best to set rootdev */ 1539 if ((path[0] != 0) && setrootbyname(path)) 1540 printf("setrootbyname failed\n"); 1541 1542 /* If the root device is a type "memory disk", mount RW */ 1543 if (rootdev != NODEV && devsw(rootdev) != NULL) { 1544 devname = devtoname(rootdev); 1545 if (devname[0] == 'm' && devname[1] == 'd') 1546 mp->mnt_flag &= ~MNT_RDONLY; 1547 } 1548 1549 /* 1550 * Set the mount path to be something useful, because the 1551 * filesystem code isn't responsible now for initialising 1552 * f_mntonname unless they want to override the default 1553 * (which is `path'.) 1554 */ 1555 strlcpy(mp->mnt_stat.f_mntonname, "/", MNAMELEN); 1556 1557 error = VFS_MOUNT(mp, NULL, NULL, NULL, curthread); 1558 1559 done: 1560 if (vfsname != NULL) 1561 free(vfsname, M_MOUNT); 1562 if (path != NULL) 1563 free(path, M_MOUNT); 1564 if (error != 0) { 1565 if (mp != NULL) { 1566 vfs_unbusy(mp, curthread); 1567 #ifdef MAC 1568 mac_destroy_mount(mp); 1569 #endif 1570 free(mp, M_MOUNT); 1571 } 1572 printf("Root mount failed: %d\n", error); 1573 } else { 1574 1575 /* register with list of mounted filesystems */ 1576 mtx_lock(&mountlist_mtx); 1577 TAILQ_INSERT_HEAD(&mountlist, mp, mnt_list); 1578 mtx_unlock(&mountlist_mtx); 1579 1580 /* sanity check system clock against root fs timestamp */ 1581 inittodr(mp->mnt_time); 1582 vfs_unbusy(mp, curthread); 1583 error = VFS_START(mp, 0, curthread); 1584 } 1585 return(error); 1586 } 1587 1588 /* 1589 * Spin prompting on the console for a suitable root filesystem 1590 */ 1591 static int 1592 vfs_mountroot_ask(void) 1593 { 1594 char name[128]; 1595 int i; 1596 dev_t dev; 1597 1598 for(;;) { 1599 printf("\nManual root filesystem specification:\n"); 1600 printf(" <fstype>:<device> Mount <device> using filesystem <fstype>\n"); 1601 #if defined(__i386__) || defined(__ia64__) 1602 printf(" eg. ufs:da0s1a\n"); 1603 #else 1604 printf(" eg. ufs:da0a\n"); 1605 #endif 1606 printf(" ? List valid disk boot devices\n"); 1607 printf(" <empty line> Abort manual input\n"); 1608 printf("\nmountroot> "); 1609 gets(name); 1610 if (name[0] == 0) 1611 return(1); 1612 if (name[0] == '?') { 1613 if (!g_dev_print()) { 1614 printf("Possibly valid devices for 'ufs' root:\n"); 1615 for (i = 0; i < NUMCDEVSW; i++) { 1616 dev = makedev(i, 0); 1617 if (devsw(dev) != NULL) 1618 printf(" \"%s\"", devsw(dev)->d_name); 1619 } 1620 } 1621 printf("\n"); 1622 continue; 1623 } 1624 if (!vfs_mountroot_try(name)) 1625 return(0); 1626 } 1627 } 1628 1629 /* 1630 * Local helper function for vfs_mountroot_ask. 1631 */ 1632 static void 1633 gets(char *cp) 1634 { 1635 char *lp; 1636 int c; 1637 1638 lp = cp; 1639 for (;;) { 1640 printf("%c", c = cngetc() & 0177); 1641 switch (c) { 1642 case -1: 1643 case '\n': 1644 case '\r': 1645 *lp++ = '\0'; 1646 return; 1647 case '\b': 1648 case '\177': 1649 if (lp > cp) { 1650 printf(" \b"); 1651 lp--; 1652 } 1653 continue; 1654 case '#': 1655 lp--; 1656 if (lp < cp) 1657 lp = cp; 1658 continue; 1659 case '@': 1660 case 'u' & 037: 1661 lp = cp; 1662 printf("%c", '\n'); 1663 continue; 1664 default: 1665 *lp++ = c; 1666 } 1667 } 1668 } 1669 1670 /* 1671 * Convert a given name to the dev_t of the disk-like device 1672 * it refers to. 1673 */ 1674 dev_t 1675 getdiskbyname(char *name) { 1676 char *cp; 1677 dev_t dev; 1678 1679 cp = name; 1680 if (!bcmp(cp, "/dev/", 5)) 1681 cp += 5; 1682 1683 dev = NODEV; 1684 EVENTHANDLER_INVOKE(dev_clone, cp, strlen(cp), &dev); 1685 return (dev); 1686 } 1687 1688 /* 1689 * Set rootdev to match (name), given that we expect it to 1690 * refer to a disk-like device. 1691 */ 1692 static int 1693 setrootbyname(char *name) 1694 { 1695 dev_t diskdev; 1696 1697 diskdev = getdiskbyname(name); 1698 if (diskdev != NODEV) { 1699 rootdev = diskdev; 1700 return (0); 1701 } 1702 1703 return (1); 1704 } 1705 1706 /* Show the dev_t for a disk specified by name */ 1707 #ifdef DDB 1708 DB_SHOW_COMMAND(disk, db_getdiskbyname) 1709 { 1710 dev_t dev; 1711 1712 if (modif[0] == '\0') { 1713 db_error("usage: show disk/devicename"); 1714 return; 1715 } 1716 dev = getdiskbyname(modif); 1717 if (dev != NODEV) 1718 db_printf("dev_t = %p\n", dev); 1719 else 1720 db_printf("No disk device matched.\n"); 1721 } 1722 #endif 1723 1724 /* 1725 * Get a mount option by its name. 1726 * 1727 * Return 0 if the option was found, ENOENT otherwise. 1728 * If len is non-NULL it will be filled with the length 1729 * of the option. If buf is non-NULL, it will be filled 1730 * with the address of the option. 1731 */ 1732 int 1733 vfs_getopt(opts, name, buf, len) 1734 struct vfsoptlist *opts; 1735 const char *name; 1736 void **buf; 1737 int *len; 1738 { 1739 struct vfsopt *opt; 1740 1741 KASSERT(opts != NULL, ("vfs_getopt: caller passed 'opts' as NULL")); 1742 1743 TAILQ_FOREACH(opt, opts, link) { 1744 if (strcmp(name, opt->name) == 0) { 1745 if (len != NULL) 1746 *len = opt->len; 1747 if (buf != NULL) 1748 *buf = opt->value; 1749 return (0); 1750 } 1751 } 1752 return (ENOENT); 1753 } 1754 1755 /* 1756 * Find and copy a mount option. 1757 * 1758 * The size of the buffer has to be specified 1759 * in len, if it is not the same length as the 1760 * mount option, EINVAL is returned. 1761 * Returns ENOENT if the option is not found. 1762 */ 1763 int 1764 vfs_copyopt(opts, name, dest, len) 1765 struct vfsoptlist *opts; 1766 const char *name; 1767 void *dest; 1768 int len; 1769 { 1770 struct vfsopt *opt; 1771 1772 KASSERT(opts != NULL, ("vfs_copyopt: caller passed 'opts' as NULL")); 1773 1774 TAILQ_FOREACH(opt, opts, link) { 1775 if (strcmp(name, opt->name) == 0) { 1776 if (len != opt->len) 1777 return (EINVAL); 1778 bcopy(opt->value, dest, opt->len); 1779 return (0); 1780 } 1781 } 1782 return (ENOENT); 1783 } 1784