xref: /titanic_52/usr/src/uts/common/fs/ufs/ufs_vnops.c (revision fa94a07fd0519b8abfd871ad8fe60e6bebe1e2bb)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*	Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T	*/
27 /*	  All Rights Reserved  	*/
28 
29 /*
30  * Portions of this source code were derived from Berkeley 4.3 BSD
31  * under license from the Regents of the University of California.
32  */
33 
34 #pragma ident	"%Z%%M%	%I%	%E% SMI"
35 
36 #include <sys/types.h>
37 #include <sys/t_lock.h>
38 #include <sys/ksynch.h>
39 #include <sys/param.h>
40 #include <sys/time.h>
41 #include <sys/systm.h>
42 #include <sys/sysmacros.h>
43 #include <sys/resource.h>
44 #include <sys/signal.h>
45 #include <sys/cred.h>
46 #include <sys/user.h>
47 #include <sys/buf.h>
48 #include <sys/vfs.h>
49 #include <sys/vfs_opreg.h>
50 #include <sys/vnode.h>
51 #include <sys/proc.h>
52 #include <sys/disp.h>
53 #include <sys/file.h>
54 #include <sys/fcntl.h>
55 #include <sys/flock.h>
56 #include <sys/atomic.h>
57 #include <sys/kmem.h>
58 #include <sys/uio.h>
59 #include <sys/dnlc.h>
60 #include <sys/conf.h>
61 #include <sys/mman.h>
62 #include <sys/pathname.h>
63 #include <sys/debug.h>
64 #include <sys/vmsystm.h>
65 #include <sys/cmn_err.h>
66 #include <sys/filio.h>
67 #include <sys/policy.h>
68 
69 #include <sys/fs/ufs_fs.h>
70 #include <sys/fs/ufs_lockfs.h>
71 #include <sys/fs/ufs_filio.h>
72 #include <sys/fs/ufs_inode.h>
73 #include <sys/fs/ufs_fsdir.h>
74 #include <sys/fs/ufs_quota.h>
75 #include <sys/fs/ufs_log.h>
76 #include <sys/fs/ufs_snap.h>
77 #include <sys/fs/ufs_trans.h>
78 #include <sys/fs/ufs_panic.h>
79 #include <sys/fs/ufs_bio.h>
80 #include <sys/dirent.h>		/* must be AFTER <sys/fs/fsdir.h>! */
81 #include <sys/errno.h>
82 #include <sys/fssnap_if.h>
83 #include <sys/unistd.h>
84 #include <sys/sunddi.h>
85 
86 #include <sys/filio.h>		/* _FIOIO */
87 
88 #include <vm/hat.h>
89 #include <vm/page.h>
90 #include <vm/pvn.h>
91 #include <vm/as.h>
92 #include <vm/seg.h>
93 #include <vm/seg_map.h>
94 #include <vm/seg_vn.h>
95 #include <vm/seg_kmem.h>
96 #include <vm/rm.h>
97 #include <sys/swap.h>
98 
99 #include <fs/fs_subr.h>
100 
101 static struct instats ins;
102 
103 static 	int ufs_getpage_ra(struct vnode *, u_offset_t, struct seg *, caddr_t);
104 static	int ufs_getpage_miss(struct vnode *, u_offset_t, size_t, struct seg *,
105 		caddr_t, struct page **, size_t, enum seg_rw, int);
106 static	int ufs_open(struct vnode **, int, struct cred *, caller_context_t *);
107 static	int ufs_close(struct vnode *, int, int, offset_t, struct cred *,
108 		caller_context_t *);
109 static	int ufs_read(struct vnode *, struct uio *, int, struct cred *,
110 		struct caller_context *);
111 static	int ufs_write(struct vnode *, struct uio *, int, struct cred *,
112 		struct caller_context *);
113 static	int ufs_ioctl(struct vnode *, int, intptr_t, int, struct cred *,
114 		int *, caller_context_t *);
115 static	int ufs_getattr(struct vnode *, struct vattr *, int, struct cred *,
116 		caller_context_t *);
117 static	int ufs_setattr(struct vnode *, struct vattr *, int, struct cred *,
118 		caller_context_t *);
119 static	int ufs_access(struct vnode *, int, int, struct cred *,
120 		caller_context_t *);
121 static	int ufs_lookup(struct vnode *, char *, struct vnode **,
122 		struct pathname *, int, struct vnode *, struct cred *,
123 		caller_context_t *, int *, pathname_t *);
124 static	int ufs_create(struct vnode *, char *, struct vattr *, enum vcexcl,
125 		int, struct vnode **, struct cred *, int,
126 		caller_context_t *, vsecattr_t  *);
127 static	int ufs_remove(struct vnode *, char *, struct cred *,
128 		caller_context_t *, int);
129 static	int ufs_link(struct vnode *, struct vnode *, char *, struct cred *,
130 		caller_context_t *, int);
131 static	int ufs_rename(struct vnode *, char *, struct vnode *, char *,
132 		struct cred *, caller_context_t *, int);
133 static	int ufs_mkdir(struct vnode *, char *, struct vattr *, struct vnode **,
134 		struct cred *, caller_context_t *, int, vsecattr_t *);
135 static	int ufs_rmdir(struct vnode *, char *, struct vnode *, struct cred *,
136 		caller_context_t *, int);
137 static	int ufs_readdir(struct vnode *, struct uio *, struct cred *, int *,
138 		caller_context_t *, int);
139 static	int ufs_symlink(struct vnode *, char *, struct vattr *, char *,
140 		struct cred *, caller_context_t *, int);
141 static	int ufs_readlink(struct vnode *, struct uio *, struct cred *,
142 		caller_context_t *);
143 static	int ufs_fsync(struct vnode *, int, struct cred *, caller_context_t *);
144 static	void ufs_inactive(struct vnode *, struct cred *, caller_context_t *);
145 static	int ufs_fid(struct vnode *, struct fid *, caller_context_t *);
146 static	int ufs_rwlock(struct vnode *, int, caller_context_t *);
147 static	void ufs_rwunlock(struct vnode *, int, caller_context_t *);
148 static	int ufs_seek(struct vnode *, offset_t, offset_t *, caller_context_t *);
149 static	int ufs_frlock(struct vnode *, int, struct flock64 *, int, offset_t,
150 		struct flk_callback *, struct cred *,
151 		caller_context_t *);
152 static  int ufs_space(struct vnode *, int, struct flock64 *, int, offset_t,
153 		cred_t *, caller_context_t *);
154 static	int ufs_getpage(struct vnode *, offset_t, size_t, uint_t *,
155 		struct page **, size_t, struct seg *, caddr_t,
156 		enum seg_rw, struct cred *, caller_context_t *);
157 static	int ufs_putpage(struct vnode *, offset_t, size_t, int, struct cred *,
158 		caller_context_t *);
159 static	int ufs_putpages(struct vnode *, offset_t, size_t, int, struct cred *);
160 static	int ufs_map(struct vnode *, offset_t, struct as *, caddr_t *, size_t,
161 		uchar_t, uchar_t, uint_t, struct cred *, caller_context_t *);
162 static	int ufs_addmap(struct vnode *, offset_t, struct as *, caddr_t,  size_t,
163 		uchar_t, uchar_t, uint_t, struct cred *, caller_context_t *);
164 static	int ufs_delmap(struct vnode *, offset_t, struct as *, caddr_t,  size_t,
165 		uint_t, uint_t, uint_t, struct cred *, caller_context_t *);
166 static	int ufs_poll(vnode_t *, short, int, short *, struct pollhead **,
167 		caller_context_t *);
168 static	int ufs_dump(vnode_t *, caddr_t, int, int, caller_context_t *);
169 static	int ufs_l_pathconf(struct vnode *, int, ulong_t *, struct cred *,
170 		caller_context_t *);
171 static	int ufs_pageio(struct vnode *, struct page *, u_offset_t, size_t, int,
172 		struct cred *, caller_context_t *);
173 static	int ufs_dumpctl(vnode_t *, int, int *, caller_context_t *);
174 static	daddr32_t *save_dblks(struct inode *, struct ufsvfs *, daddr32_t *,
175 		daddr32_t *, int, int);
176 static	int ufs_getsecattr(struct vnode *, vsecattr_t *, int, struct cred *,
177 		caller_context_t *);
178 static	int ufs_setsecattr(struct vnode *, vsecattr_t *, int, struct cred *,
179 		caller_context_t *);
180 
181 extern int as_map_locked(struct as *, caddr_t, size_t, int ((*)()), void *);
182 
183 /*
184  * For lockfs: ulockfs begin/end is now inlined in the ufs_xxx functions.
185  *
186  * XXX - ULOCKFS in fs_pathconf and ufs_ioctl is not inlined yet.
187  */
188 struct vnodeops *ufs_vnodeops;
189 
190 /* NOTE: "not blkd" below  means that the operation isn't blocked by lockfs */
191 const fs_operation_def_t ufs_vnodeops_template[] = {
192 	VOPNAME_OPEN,		{ .vop_open = ufs_open },	/* not blkd */
193 	VOPNAME_CLOSE,		{ .vop_close = ufs_close },	/* not blkd */
194 	VOPNAME_READ,		{ .vop_read = ufs_read },
195 	VOPNAME_WRITE,		{ .vop_write = ufs_write },
196 	VOPNAME_IOCTL,		{ .vop_ioctl = ufs_ioctl },
197 	VOPNAME_GETATTR,	{ .vop_getattr = ufs_getattr },
198 	VOPNAME_SETATTR,	{ .vop_setattr = ufs_setattr },
199 	VOPNAME_ACCESS,		{ .vop_access = ufs_access },
200 	VOPNAME_LOOKUP,		{ .vop_lookup = ufs_lookup },
201 	VOPNAME_CREATE,		{ .vop_create = ufs_create },
202 	VOPNAME_REMOVE,		{ .vop_remove = ufs_remove },
203 	VOPNAME_LINK,		{ .vop_link = ufs_link },
204 	VOPNAME_RENAME,		{ .vop_rename = ufs_rename },
205 	VOPNAME_MKDIR,		{ .vop_mkdir = ufs_mkdir },
206 	VOPNAME_RMDIR,		{ .vop_rmdir = ufs_rmdir },
207 	VOPNAME_READDIR,	{ .vop_readdir = ufs_readdir },
208 	VOPNAME_SYMLINK,	{ .vop_symlink = ufs_symlink },
209 	VOPNAME_READLINK,	{ .vop_readlink = ufs_readlink },
210 	VOPNAME_FSYNC,		{ .vop_fsync = ufs_fsync },
211 	VOPNAME_INACTIVE,	{ .vop_inactive = ufs_inactive }, /* not blkd */
212 	VOPNAME_FID,		{ .vop_fid = ufs_fid },
213 	VOPNAME_RWLOCK,		{ .vop_rwlock = ufs_rwlock },	/* not blkd */
214 	VOPNAME_RWUNLOCK,	{ .vop_rwunlock = ufs_rwunlock }, /* not blkd */
215 	VOPNAME_SEEK,		{ .vop_seek = ufs_seek },
216 	VOPNAME_FRLOCK,		{ .vop_frlock = ufs_frlock },
217 	VOPNAME_SPACE,		{ .vop_space = ufs_space },
218 	VOPNAME_GETPAGE,	{ .vop_getpage = ufs_getpage },
219 	VOPNAME_PUTPAGE,	{ .vop_putpage = ufs_putpage },
220 	VOPNAME_MAP,		{ .vop_map = ufs_map },
221 	VOPNAME_ADDMAP,		{ .vop_addmap = ufs_addmap },	/* not blkd */
222 	VOPNAME_DELMAP,		{ .vop_delmap = ufs_delmap },	/* not blkd */
223 	VOPNAME_POLL,		{ .vop_poll = ufs_poll },	/* not blkd */
224 	VOPNAME_DUMP,		{ .vop_dump = ufs_dump },
225 	VOPNAME_PATHCONF,	{ .vop_pathconf = ufs_l_pathconf },
226 	VOPNAME_PAGEIO,		{ .vop_pageio = ufs_pageio },
227 	VOPNAME_DUMPCTL,	{ .vop_dumpctl = ufs_dumpctl },
228 	VOPNAME_GETSECATTR,	{ .vop_getsecattr = ufs_getsecattr },
229 	VOPNAME_SETSECATTR,	{ .vop_setsecattr = ufs_setsecattr },
230 	VOPNAME_VNEVENT,	{ .vop_vnevent = fs_vnevent_support },
231 	NULL,			NULL
232 };
233 
234 #define	MAX_BACKFILE_COUNT	9999
235 
236 /*
237  * Created by ufs_dumpctl() to store a file's disk block info into memory.
238  * Used by ufs_dump() to dump data to disk directly.
239  */
240 struct dump {
241 	struct inode	*ip;		/* the file we contain */
242 	daddr_t		fsbs;		/* number of blocks stored */
243 	struct timeval32 time;		/* time stamp for the struct */
244 	daddr32_t 	dblk[1];	/* place holder for block info */
245 };
246 
247 static struct dump *dump_info = NULL;
248 
249 /*
250  * Previously there was no special action required for ordinary files.
251  * (Devices are handled through the device file system.)
252  * Now we support Large Files and Large File API requires open to
253  * fail if file is large.
254  * We could take care to prevent data corruption
255  * by doing an atomic check of size and truncate if file is opened with
256  * FTRUNC flag set but traditionally this is being done by the vfs/vnode
257  * layers. So taking care of truncation here is a change in the existing
258  * semantics of VOP_OPEN and therefore we chose not to implement any thing
259  * here. The check for the size of the file > 2GB is being done at the
260  * vfs layer in routine vn_open().
261  */
262 
263 /* ARGSUSED */
264 static int
265 ufs_open(struct vnode **vpp, int flag, struct cred *cr, caller_context_t *ct)
266 {
267 	return (0);
268 }
269 
270 /*ARGSUSED*/
271 static int
272 ufs_close(struct vnode *vp, int flag, int count, offset_t offset,
273 	struct cred *cr, caller_context_t *ct)
274 {
275 	cleanlocks(vp, ttoproc(curthread)->p_pid, 0);
276 	cleanshares(vp, ttoproc(curthread)->p_pid);
277 
278 	/*
279 	 * Push partially filled cluster at last close.
280 	 * ``last close'' is approximated because the dnlc
281 	 * may have a hold on the vnode.
282 	 * Checking for VBAD here will also act as a forced umount check.
283 	 */
284 	if (vp->v_count <= 2 && vp->v_type != VBAD) {
285 		struct inode *ip = VTOI(vp);
286 		if (ip->i_delaylen) {
287 			ins.in_poc.value.ul++;
288 			(void) ufs_putpages(vp, ip->i_delayoff, ip->i_delaylen,
289 			    B_ASYNC | B_FREE, cr);
290 			ip->i_delaylen = 0;
291 		}
292 	}
293 
294 	return (0);
295 }
296 
297 /*ARGSUSED*/
298 static int
299 ufs_read(struct vnode *vp, struct uio *uiop, int ioflag, struct cred *cr,
300 	struct caller_context *ct)
301 {
302 	struct inode *ip = VTOI(vp);
303 	struct ufsvfs *ufsvfsp;
304 	struct ulockfs *ulp = NULL;
305 	int error = 0;
306 	int intrans = 0;
307 
308 	ASSERT(RW_READ_HELD(&ip->i_rwlock));
309 
310 	/*
311 	 * Mandatory locking needs to be done before ufs_lockfs_begin()
312 	 * and TRANS_BEGIN_SYNC() calls since mandatory locks can sleep.
313 	 */
314 	if (MANDLOCK(vp, ip->i_mode)) {
315 		/*
316 		 * ufs_getattr ends up being called by chklock
317 		 */
318 		error = chklock(vp, FREAD, uiop->uio_loffset,
319 		    uiop->uio_resid, uiop->uio_fmode, ct);
320 		if (error)
321 			goto out;
322 	}
323 
324 	ufsvfsp = ip->i_ufsvfs;
325 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_READ_MASK);
326 	if (error)
327 		goto out;
328 
329 	/*
330 	 * In the case that a directory is opened for reading as a file
331 	 * (eg "cat .") with the  O_RSYNC, O_SYNC and O_DSYNC flags set.
332 	 * The locking order had to be changed to avoid a deadlock with
333 	 * an update taking place on that directory at the same time.
334 	 */
335 	if ((ip->i_mode & IFMT) == IFDIR) {
336 
337 		rw_enter(&ip->i_contents, RW_READER);
338 		error = rdip(ip, uiop, ioflag, cr);
339 		rw_exit(&ip->i_contents);
340 
341 		if (error) {
342 			if (ulp)
343 				ufs_lockfs_end(ulp);
344 			goto out;
345 		}
346 
347 		if (ulp && (ioflag & FRSYNC) && (ioflag & (FSYNC | FDSYNC)) &&
348 		    TRANS_ISTRANS(ufsvfsp)) {
349 			rw_exit(&ip->i_rwlock);
350 			TRANS_BEGIN_SYNC(ufsvfsp, TOP_READ_SYNC, TOP_READ_SIZE,
351 			    error);
352 			ASSERT(!error);
353 			TRANS_END_SYNC(ufsvfsp, error, TOP_READ_SYNC,
354 			    TOP_READ_SIZE);
355 			rw_enter(&ip->i_rwlock, RW_READER);
356 		}
357 	} else {
358 		/*
359 		 * Only transact reads to files opened for sync-read and
360 		 * sync-write on a file system that is not write locked.
361 		 *
362 		 * The ``not write locked'' check prevents problems with
363 		 * enabling/disabling logging on a busy file system.  E.g.,
364 		 * logging exists at the beginning of the read but does not
365 		 * at the end.
366 		 *
367 		 */
368 		if (ulp && (ioflag & FRSYNC) && (ioflag & (FSYNC | FDSYNC)) &&
369 		    TRANS_ISTRANS(ufsvfsp)) {
370 			TRANS_BEGIN_SYNC(ufsvfsp, TOP_READ_SYNC, TOP_READ_SIZE,
371 			    error);
372 			ASSERT(!error);
373 			intrans = 1;
374 		}
375 
376 		rw_enter(&ip->i_contents, RW_READER);
377 		error = rdip(ip, uiop, ioflag, cr);
378 		rw_exit(&ip->i_contents);
379 
380 		if (intrans) {
381 			TRANS_END_SYNC(ufsvfsp, error, TOP_READ_SYNC,
382 			    TOP_READ_SIZE);
383 		}
384 	}
385 
386 	if (ulp) {
387 		ufs_lockfs_end(ulp);
388 	}
389 out:
390 
391 	return (error);
392 }
393 
394 extern	int	ufs_HW;		/* high water mark */
395 extern	int	ufs_LW;		/* low water mark */
396 int	ufs_WRITES = 1;		/* XXX - enable/disable */
397 int	ufs_throttles = 0;	/* throttling count */
398 int	ufs_allow_shared_writes = 1;	/* directio shared writes */
399 
400 static int
401 ufs_check_rewrite(struct inode *ip, struct uio *uiop, int ioflag)
402 {
403 	int	shared_write;
404 
405 	/*
406 	 * If the FDSYNC flag is set then ignore the global
407 	 * ufs_allow_shared_writes in this case.
408 	 */
409 	shared_write = (ioflag & FDSYNC) | ufs_allow_shared_writes;
410 
411 	/*
412 	 * Filter to determine if this request is suitable as a
413 	 * concurrent rewrite. This write must not allocate blocks
414 	 * by extending the file or filling in holes. No use trying
415 	 * through FSYNC descriptors as the inode will be synchronously
416 	 * updated after the write. The uio structure has not yet been
417 	 * checked for sanity, so assume nothing.
418 	 */
419 	return (((ip->i_mode & IFMT) == IFREG) && !(ioflag & FAPPEND) &&
420 	    (uiop->uio_loffset >= (offset_t)0) &&
421 	    (uiop->uio_loffset < ip->i_size) && (uiop->uio_resid > 0) &&
422 	    ((ip->i_size - uiop->uio_loffset) >= uiop->uio_resid) &&
423 	    !(ioflag & FSYNC) && !bmap_has_holes(ip) &&
424 	    shared_write);
425 }
426 
427 /*ARGSUSED*/
428 static int
429 ufs_write(struct vnode *vp, struct uio *uiop, int ioflag, cred_t *cr,
430 	caller_context_t *ct)
431 {
432 	struct inode *ip = VTOI(vp);
433 	struct ufsvfs *ufsvfsp;
434 	struct ulockfs *ulp;
435 	int retry = 1;
436 	int error, resv, resid = 0;
437 	int directio_status;
438 	int exclusive;
439 	int rewriteflg;
440 	long start_resid = uiop->uio_resid;
441 
442 	ASSERT(RW_LOCK_HELD(&ip->i_rwlock));
443 
444 retry_mandlock:
445 	/*
446 	 * Mandatory locking needs to be done before ufs_lockfs_begin()
447 	 * and TRANS_BEGIN_[A]SYNC() calls since mandatory locks can sleep.
448 	 * Check for forced unmounts normally done in ufs_lockfs_begin().
449 	 */
450 	if ((ufsvfsp = ip->i_ufsvfs) == NULL) {
451 		error = EIO;
452 		goto out;
453 	}
454 	if (MANDLOCK(vp, ip->i_mode)) {
455 
456 		ASSERT(RW_WRITE_HELD(&ip->i_rwlock));
457 
458 		/*
459 		 * ufs_getattr ends up being called by chklock
460 		 */
461 		error = chklock(vp, FWRITE, uiop->uio_loffset,
462 		    uiop->uio_resid, uiop->uio_fmode, ct);
463 		if (error)
464 			goto out;
465 	}
466 
467 	/* i_rwlock can change in chklock */
468 	exclusive = rw_write_held(&ip->i_rwlock);
469 	rewriteflg = ufs_check_rewrite(ip, uiop, ioflag);
470 
471 	/*
472 	 * Check for fast-path special case of directio re-writes.
473 	 */
474 	if ((ip->i_flag & IDIRECTIO || ufsvfsp->vfs_forcedirectio) &&
475 	    !exclusive && rewriteflg) {
476 
477 		error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_WRITE_MASK);
478 		if (error)
479 			goto out;
480 
481 		rw_enter(&ip->i_contents, RW_READER);
482 		error = ufs_directio_write(ip, uiop, ioflag, 1, cr,
483 		    &directio_status);
484 		if (directio_status == DIRECTIO_SUCCESS) {
485 			uint_t i_flag_save;
486 
487 			if (start_resid != uiop->uio_resid)
488 				error = 0;
489 			/*
490 			 * Special treatment of access times for re-writes.
491 			 * If IMOD is not already set, then convert it
492 			 * to IMODACC for this operation. This defers
493 			 * entering a delta into the log until the inode
494 			 * is flushed. This mimics what is done for read
495 			 * operations and inode access time.
496 			 */
497 			mutex_enter(&ip->i_tlock);
498 			i_flag_save = ip->i_flag;
499 			ip->i_flag |= IUPD | ICHG;
500 			ip->i_seq++;
501 			ITIMES_NOLOCK(ip);
502 			if ((i_flag_save & IMOD) == 0) {
503 				ip->i_flag &= ~IMOD;
504 				ip->i_flag |= IMODACC;
505 			}
506 			mutex_exit(&ip->i_tlock);
507 			rw_exit(&ip->i_contents);
508 			if (ulp)
509 				ufs_lockfs_end(ulp);
510 			goto out;
511 		}
512 		rw_exit(&ip->i_contents);
513 		if (ulp)
514 			ufs_lockfs_end(ulp);
515 	}
516 
517 	if (!exclusive && !rw_tryupgrade(&ip->i_rwlock)) {
518 		rw_exit(&ip->i_rwlock);
519 		rw_enter(&ip->i_rwlock, RW_WRITER);
520 		/*
521 		 * Mandatory locking could have been enabled
522 		 * after dropping the i_rwlock.
523 		 */
524 		if (MANDLOCK(vp, ip->i_mode))
525 			goto retry_mandlock;
526 	}
527 
528 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_WRITE_MASK);
529 	if (error)
530 		goto out;
531 
532 	/*
533 	 * Amount of log space needed for this write
534 	 */
535 	if (!rewriteflg || !(ioflag & FDSYNC))
536 		TRANS_WRITE_RESV(ip, uiop, ulp, &resv, &resid);
537 
538 	/*
539 	 * Throttle writes.
540 	 */
541 	if (ufs_WRITES && (ip->i_writes > ufs_HW)) {
542 		mutex_enter(&ip->i_tlock);
543 		while (ip->i_writes > ufs_HW) {
544 			ufs_throttles++;
545 			cv_wait(&ip->i_wrcv, &ip->i_tlock);
546 		}
547 		mutex_exit(&ip->i_tlock);
548 	}
549 
550 	/*
551 	 * Enter Transaction
552 	 *
553 	 * If the write is a rewrite there is no need to open a transaction
554 	 * if the FDSYNC flag is set and not the FSYNC.  In this case just
555 	 * set the IMODACC flag to modify do the update at a later time
556 	 * thus avoiding the overhead of the logging transaction that is
557 	 * not required.
558 	 */
559 	if (ioflag & (FSYNC|FDSYNC)) {
560 		if (ulp) {
561 			if (rewriteflg) {
562 				uint_t i_flag_save;
563 
564 				rw_enter(&ip->i_contents, RW_READER);
565 				mutex_enter(&ip->i_tlock);
566 				i_flag_save = ip->i_flag;
567 				ip->i_flag |= IUPD | ICHG;
568 				ip->i_seq++;
569 				ITIMES_NOLOCK(ip);
570 				if ((i_flag_save & IMOD) == 0) {
571 					ip->i_flag &= ~IMOD;
572 					ip->i_flag |= IMODACC;
573 				}
574 				mutex_exit(&ip->i_tlock);
575 				rw_exit(&ip->i_contents);
576 			} else {
577 				int terr = 0;
578 				TRANS_BEGIN_SYNC(ufsvfsp, TOP_WRITE_SYNC, resv,
579 				    terr);
580 				ASSERT(!terr);
581 			}
582 		}
583 	} else {
584 		if (ulp)
585 			TRANS_BEGIN_ASYNC(ufsvfsp, TOP_WRITE, resv);
586 	}
587 
588 	/*
589 	 * Write the file
590 	 */
591 	rw_enter(&ufsvfsp->vfs_dqrwlock, RW_READER);
592 	rw_enter(&ip->i_contents, RW_WRITER);
593 	if ((ioflag & FAPPEND) != 0 && (ip->i_mode & IFMT) == IFREG) {
594 		/*
595 		 * In append mode start at end of file.
596 		 */
597 		uiop->uio_loffset = ip->i_size;
598 	}
599 
600 	/*
601 	 * Mild optimisation, don't call ufs_trans_write() unless we have to
602 	 * Also, suppress file system full messages if we will retry.
603 	 */
604 	if (retry)
605 		ip->i_flag |= IQUIET;
606 	if (resid) {
607 		TRANS_WRITE(ip, uiop, ioflag, error, ulp, cr, resv, resid);
608 	} else {
609 		error = wrip(ip, uiop, ioflag, cr);
610 	}
611 	ip->i_flag &= ~IQUIET;
612 
613 	rw_exit(&ip->i_contents);
614 	rw_exit(&ufsvfsp->vfs_dqrwlock);
615 
616 	/*
617 	 * Leave Transaction
618 	 */
619 	if (ulp) {
620 		if (ioflag & (FSYNC|FDSYNC)) {
621 			if (!rewriteflg) {
622 				int terr = 0;
623 
624 				TRANS_END_SYNC(ufsvfsp, terr, TOP_WRITE_SYNC,
625 				    resv);
626 				if (error == 0)
627 					error = terr;
628 			}
629 		} else {
630 			TRANS_END_ASYNC(ufsvfsp, TOP_WRITE, resv);
631 		}
632 		ufs_lockfs_end(ulp);
633 	}
634 out:
635 	if ((error == ENOSPC) && retry && TRANS_ISTRANS(ufsvfsp)) {
636 		/*
637 		 * Any blocks tied up in pending deletes?
638 		 */
639 		ufs_delete_drain_wait(ufsvfsp, 1);
640 		retry = 0;
641 		goto retry_mandlock;
642 	}
643 
644 	if (error == ENOSPC && (start_resid != uiop->uio_resid))
645 		error = 0;
646 
647 	return (error);
648 }
649 
650 /*
651  * Don't cache write blocks to files with the sticky bit set.
652  * Used to keep swap files from blowing the page cache on a server.
653  */
654 int stickyhack = 1;
655 
656 /*
657  * Free behind hacks.  The pager is busted.
658  * XXX - need to pass the information down to writedone() in a flag like B_SEQ
659  * or B_FREE_IF_TIGHT_ON_MEMORY.
660  */
661 int	freebehind = 1;
662 int	smallfile = 0;
663 u_offset_t smallfile64 = 32 * 1024;
664 
665 /*
666  * While we should, in most cases, cache the pages for write, we
667  * may also want to cache the pages for read as long as they are
668  * frequently re-usable.
669  *
670  * If cache_read_ahead = 1, the pages for read will go to the tail
671  * of the cache list when they are released, otherwise go to the head.
672  */
673 int	cache_read_ahead = 0;
674 
675 /*
676  * Freebehind exists  so that as we read  large files  sequentially we
677  * don't consume most of memory with pages  from a few files. It takes
678  * longer to re-read from disk multiple small files as it does reading
679  * one large one sequentially.  As system  memory grows customers need
680  * to retain bigger chunks   of files in  memory.   The advent of  the
681  * cachelist opens up of the possibility freeing pages  to the head or
682  * tail of the list.
683  *
684  * Not freeing a page is a bet that the page will be read again before
685  * it's segmap slot is needed for something else. If we loose the bet,
686  * it means some  other thread is  burdened with the  page free we did
687  * not do. If we win we save a free and reclaim.
688  *
689  * Freeing it at the tail  vs the head of cachelist  is a bet that the
690  * page will survive until the next  read.  It's also saying that this
691  * page is more likely to  be re-used than a  page freed some time ago
692  * and never reclaimed.
693  *
694  * Freebehind maintains a  range of  file offset [smallfile1; smallfile2]
695  *
696  *            0 < offset < smallfile1 : pages are not freed.
697  *   smallfile1 < offset < smallfile2 : pages freed to tail of cachelist.
698  *   smallfile2 < offset              : pages freed to head of cachelist.
699  *
700  * The range  is  computed  at most  once  per second  and  depends on
701  * freemem  and  ncpus_online.  Both parameters  are   bounded to be
702  * >= smallfile && >= smallfile64.
703  *
704  * smallfile1 = (free memory / ncpu) / 1000
705  * smallfile2 = (free memory / ncpu) / 10
706  *
707  * A few examples values:
708  *
709  *       Free Mem (in Bytes) [smallfile1; smallfile2]  [smallfile1; smallfile2]
710  *                                 ncpus_online = 4          ncpus_online = 64
711  *       ------------------  -----------------------   -----------------------
712  *             1G                   [256K;  25M]               [32K; 1.5M]
713  *            10G                   [2.5M; 250M]              [156K; 15M]
714  *           100G                    [25M; 2.5G]              [1.5M; 150M]
715  *
716  */
717 
718 #define	SMALLFILE1_D 1000
719 #define	SMALLFILE2_D 10
720 static u_offset_t smallfile1 = 32 * 1024;
721 static u_offset_t smallfile2 = 32 * 1024;
722 static clock_t smallfile_update = 0; /* lbolt value of when to recompute */
723 uint_t smallfile1_d = SMALLFILE1_D;
724 uint_t smallfile2_d = SMALLFILE2_D;
725 
726 /*
727  * wrip does the real work of write requests for ufs.
728  */
729 int
730 wrip(struct inode *ip, struct uio *uio, int ioflag, struct cred *cr)
731 {
732 	rlim64_t limit = uio->uio_llimit;
733 	u_offset_t off;
734 	u_offset_t old_i_size;
735 	struct fs *fs;
736 	struct vnode *vp;
737 	struct ufsvfs *ufsvfsp;
738 	caddr_t base;
739 	long start_resid = uio->uio_resid;	/* save starting resid */
740 	long premove_resid;			/* resid before uiomove() */
741 	uint_t flags;
742 	int newpage;
743 	int iupdat_flag, directio_status;
744 	int n, on, mapon;
745 	int error, pagecreate;
746 	int do_dqrwlock;		/* drop/reacquire vfs_dqrwlock */
747 	int32_t	iblocks;
748 	int	new_iblocks;
749 
750 	/*
751 	 * ip->i_size is incremented before the uiomove
752 	 * is done on a write.  If the move fails (bad user
753 	 * address) reset ip->i_size.
754 	 * The better way would be to increment ip->i_size
755 	 * only if the uiomove succeeds.
756 	 */
757 	int i_size_changed = 0;
758 	o_mode_t type;
759 	int i_seq_needed = 0;
760 
761 	vp = ITOV(ip);
762 
763 	/*
764 	 * check for forced unmount - should not happen as
765 	 * the request passed the lockfs checks.
766 	 */
767 	if ((ufsvfsp = ip->i_ufsvfs) == NULL)
768 		return (EIO);
769 
770 	fs = ip->i_fs;
771 
772 	ASSERT(RW_WRITE_HELD(&ip->i_contents));
773 
774 	/* check for valid filetype */
775 	type = ip->i_mode & IFMT;
776 	if ((type != IFREG) && (type != IFDIR) && (type != IFATTRDIR) &&
777 	    (type != IFLNK) && (type != IFSHAD)) {
778 		return (EIO);
779 	}
780 
781 	/*
782 	 * the actual limit of UFS file size
783 	 * is UFS_MAXOFFSET_T
784 	 */
785 	if (limit == RLIM64_INFINITY || limit > MAXOFFSET_T)
786 		limit = MAXOFFSET_T;
787 
788 	if (uio->uio_loffset >= limit) {
789 		proc_t *p = ttoproc(curthread);
790 
791 		mutex_enter(&p->p_lock);
792 		(void) rctl_action(rctlproc_legacy[RLIMIT_FSIZE], p->p_rctls,
793 		    p, RCA_UNSAFE_SIGINFO);
794 		mutex_exit(&p->p_lock);
795 		return (EFBIG);
796 	}
797 
798 	/*
799 	 * if largefiles are disallowed, the limit is
800 	 * the pre-largefiles value of 2GB
801 	 */
802 	if (ufsvfsp->vfs_lfflags & UFS_LARGEFILES)
803 		limit = MIN(UFS_MAXOFFSET_T, limit);
804 	else
805 		limit = MIN(MAXOFF32_T, limit);
806 
807 	if (uio->uio_loffset < (offset_t)0) {
808 		return (EINVAL);
809 	}
810 	if (uio->uio_resid == 0) {
811 		return (0);
812 	}
813 
814 	if (uio->uio_loffset >= limit)
815 		return (EFBIG);
816 
817 	ip->i_flag |= INOACC;	/* don't update ref time in getpage */
818 
819 	if (ioflag & (FSYNC|FDSYNC)) {
820 		ip->i_flag |= ISYNC;
821 		iupdat_flag = 1;
822 	}
823 	/*
824 	 * Try to go direct
825 	 */
826 	if (ip->i_flag & IDIRECTIO || ufsvfsp->vfs_forcedirectio) {
827 		uio->uio_llimit = limit;
828 		error = ufs_directio_write(ip, uio, ioflag, 0, cr,
829 		    &directio_status);
830 		/*
831 		 * If ufs_directio wrote to the file or set the flags,
832 		 * we need to update i_seq, but it may be deferred.
833 		 */
834 		if (start_resid != uio->uio_resid ||
835 		    (ip->i_flag & (ICHG|IUPD))) {
836 			i_seq_needed = 1;
837 			ip->i_flag |= ISEQ;
838 		}
839 		if (directio_status == DIRECTIO_SUCCESS)
840 			goto out;
841 	}
842 
843 	/*
844 	 * Behavior with respect to dropping/reacquiring vfs_dqrwlock:
845 	 *
846 	 * o shadow inodes: vfs_dqrwlock is not held at all
847 	 * o quota updates: vfs_dqrwlock is read or write held
848 	 * o other updates: vfs_dqrwlock is read held
849 	 *
850 	 * The first case is the only one where we do not hold
851 	 * vfs_dqrwlock at all while entering wrip().
852 	 * We must make sure not to downgrade/drop vfs_dqrwlock if we
853 	 * have it as writer, i.e. if we are updating the quota inode.
854 	 * There is no potential deadlock scenario in this case as
855 	 * ufs_getpage() takes care of this and avoids reacquiring
856 	 * vfs_dqrwlock in that case.
857 	 *
858 	 * This check is done here since the above conditions do not change
859 	 * and we possibly loop below, so save a few cycles.
860 	 */
861 	if ((type == IFSHAD) ||
862 	    (rw_owner(&ufsvfsp->vfs_dqrwlock) == curthread)) {
863 			do_dqrwlock = 0;
864 	} else {
865 		do_dqrwlock = 1;
866 	}
867 
868 	/*
869 	 * Large Files: We cast MAXBMASK to offset_t
870 	 * inorder to mask out the higher bits. Since offset_t
871 	 * is a signed value, the high order bit set in MAXBMASK
872 	 * value makes it do the right thing by having all bits 1
873 	 * in the higher word. May be removed for _SOLARIS64_.
874 	 */
875 
876 	fs = ip->i_fs;
877 	do {
878 		u_offset_t uoff = uio->uio_loffset;
879 		off = uoff & (offset_t)MAXBMASK;
880 		mapon = (int)(uoff & (offset_t)MAXBOFFSET);
881 		on = (int)blkoff(fs, uoff);
882 		n = (int)MIN(fs->fs_bsize - on, uio->uio_resid);
883 		new_iblocks = 1;
884 
885 		if (type == IFREG && uoff + n >= limit) {
886 			if (uoff >= limit) {
887 				error = EFBIG;
888 				goto out;
889 			}
890 			/*
891 			 * since uoff + n >= limit,
892 			 * therefore n >= limit - uoff, and n is an int
893 			 * so it is safe to cast it to an int
894 			 */
895 			n = (int)(limit - (rlim64_t)uoff);
896 		}
897 		if (uoff + n > ip->i_size) {
898 			/*
899 			 * We are extending the length of the file.
900 			 * bmap is used so that we are sure that
901 			 * if we need to allocate new blocks, that it
902 			 * is done here before we up the file size.
903 			 */
904 			error = bmap_write(ip, uoff, (int)(on + n),
905 			    mapon == 0, NULL, cr);
906 			/*
907 			 * bmap_write never drops i_contents so if
908 			 * the flags are set it changed the file.
909 			 */
910 			if (ip->i_flag & (ICHG|IUPD)) {
911 				i_seq_needed = 1;
912 				ip->i_flag |= ISEQ;
913 			}
914 			if (error)
915 				break;
916 			/*
917 			 * There is a window of vulnerability here.
918 			 * The sequence of operations: allocate file
919 			 * system blocks, uiomove the data into pages,
920 			 * and then update the size of the file in the
921 			 * inode, must happen atomically.  However, due
922 			 * to current locking constraints, this can not
923 			 * be done.
924 			 */
925 			ASSERT(ip->i_writer == NULL);
926 			ip->i_writer = curthread;
927 			i_size_changed = 1;
928 			/*
929 			 * If we are writing from the beginning of
930 			 * the mapping, we can just create the
931 			 * pages without having to read them.
932 			 */
933 			pagecreate = (mapon == 0);
934 		} else if (n == MAXBSIZE) {
935 			/*
936 			 * Going to do a whole mappings worth,
937 			 * so we can just create the pages w/o
938 			 * having to read them in.  But before
939 			 * we do that, we need to make sure any
940 			 * needed blocks are allocated first.
941 			 */
942 			iblocks = ip->i_blocks;
943 			error = bmap_write(ip, uoff, (int)(on + n),
944 			    BI_ALLOC_ONLY, NULL, cr);
945 			/*
946 			 * bmap_write never drops i_contents so if
947 			 * the flags are set it changed the file.
948 			 */
949 			if (ip->i_flag & (ICHG|IUPD)) {
950 				i_seq_needed = 1;
951 				ip->i_flag |= ISEQ;
952 			}
953 			if (error)
954 				break;
955 			pagecreate = 1;
956 			/*
957 			 * check if the new created page needed the
958 			 * allocation of new disk blocks.
959 			 */
960 			if (iblocks == ip->i_blocks)
961 				new_iblocks = 0; /* no new blocks allocated */
962 		} else {
963 			pagecreate = 0;
964 			/*
965 			 * In sync mode flush the indirect blocks which
966 			 * may have been allocated and not written on
967 			 * disk. In above cases bmap_write will allocate
968 			 * in sync mode.
969 			 */
970 			if (ioflag & (FSYNC|FDSYNC)) {
971 				error = ufs_indirblk_sync(ip, uoff);
972 				if (error)
973 					break;
974 			}
975 		}
976 
977 		/*
978 		 * At this point we can enter ufs_getpage() in one
979 		 * of two ways:
980 		 * 1) segmap_getmapflt() calls ufs_getpage() when the
981 		 *    forcefault parameter is true (pagecreate == 0)
982 		 * 2) uiomove() causes a page fault.
983 		 *
984 		 * We have to drop the contents lock to prevent the VM
985 		 * system from trying to reacquire it in ufs_getpage()
986 		 * should the uiomove cause a pagefault.
987 		 *
988 		 * We have to drop the reader vfs_dqrwlock here as well.
989 		 */
990 		rw_exit(&ip->i_contents);
991 		if (do_dqrwlock) {
992 			ASSERT(RW_LOCK_HELD(&ufsvfsp->vfs_dqrwlock));
993 			ASSERT(!(RW_WRITE_HELD(&ufsvfsp->vfs_dqrwlock)));
994 			rw_exit(&ufsvfsp->vfs_dqrwlock);
995 		}
996 
997 		newpage = 0;
998 		premove_resid = uio->uio_resid;
999 		if (vpm_enable) {
1000 			/*
1001 			 * Copy data. If new pages are created, part of
1002 			 * the page that is not written will be initizliazed
1003 			 * with zeros.
1004 			 */
1005 			error = vpm_data_copy(vp, (off + mapon), (uint_t)n,
1006 			    uio, !pagecreate, &newpage, 0, S_WRITE);
1007 		} else {
1008 
1009 			base = segmap_getmapflt(segkmap, vp, (off + mapon),
1010 			    (uint_t)n, !pagecreate, S_WRITE);
1011 
1012 			/*
1013 			 * segmap_pagecreate() returns 1 if it calls
1014 			 * page_create_va() to allocate any pages.
1015 			 */
1016 
1017 			if (pagecreate)
1018 				newpage = segmap_pagecreate(segkmap, base,
1019 				    (size_t)n, 0);
1020 
1021 			error = uiomove(base + mapon, (long)n, UIO_WRITE, uio);
1022 		}
1023 
1024 		/*
1025 		 * If "newpage" is set, then a new page was created and it
1026 		 * does not contain valid data, so it needs to be initialized
1027 		 * at this point.
1028 		 * Otherwise the page contains old data, which was overwritten
1029 		 * partially or as a whole in uiomove.
1030 		 * If there is only one iovec structure within uio, then
1031 		 * on error uiomove will not be able to update uio->uio_loffset
1032 		 * and we would zero the whole page here!
1033 		 *
1034 		 * If uiomove fails because of an error, the old valid data
1035 		 * is kept instead of filling the rest of the page with zero's.
1036 		 */
1037 		if (!vpm_enable && newpage &&
1038 		    uio->uio_loffset < roundup(off + mapon + n, PAGESIZE)) {
1039 			/*
1040 			 * We created pages w/o initializing them completely,
1041 			 * thus we need to zero the part that wasn't set up.
1042 			 * This happens on most EOF write cases and if
1043 			 * we had some sort of error during the uiomove.
1044 			 */
1045 			int nzero, nmoved;
1046 
1047 			nmoved = (int)(uio->uio_loffset - (off + mapon));
1048 			ASSERT(nmoved >= 0 && nmoved <= n);
1049 			nzero = roundup(on + n, PAGESIZE) - nmoved;
1050 			ASSERT(nzero > 0 && mapon + nmoved + nzero <= MAXBSIZE);
1051 			(void) kzero(base + mapon + nmoved, (uint_t)nzero);
1052 		}
1053 
1054 		/*
1055 		 * Unlock the pages allocated by page_create_va()
1056 		 * in segmap_pagecreate()
1057 		 */
1058 		if (!vpm_enable && newpage)
1059 			segmap_pageunlock(segkmap, base, (size_t)n, S_WRITE);
1060 
1061 		/*
1062 		 * If the size of the file changed, then update the
1063 		 * size field in the inode now.  This can't be done
1064 		 * before the call to segmap_pageunlock or there is
1065 		 * a potential deadlock with callers to ufs_putpage().
1066 		 * They will be holding i_contents and trying to lock
1067 		 * a page, while this thread is holding a page locked
1068 		 * and trying to acquire i_contents.
1069 		 */
1070 		if (i_size_changed) {
1071 			rw_enter(&ip->i_contents, RW_WRITER);
1072 			old_i_size = ip->i_size;
1073 			UFS_SET_ISIZE(uoff + n, ip);
1074 			TRANS_INODE(ufsvfsp, ip);
1075 			/*
1076 			 * file has grown larger than 2GB. Set flag
1077 			 * in superblock to indicate this, if it
1078 			 * is not already set.
1079 			 */
1080 			if ((ip->i_size > MAXOFF32_T) &&
1081 			    !(fs->fs_flags & FSLARGEFILES)) {
1082 				ASSERT(ufsvfsp->vfs_lfflags & UFS_LARGEFILES);
1083 				mutex_enter(&ufsvfsp->vfs_lock);
1084 				fs->fs_flags |= FSLARGEFILES;
1085 				ufs_sbwrite(ufsvfsp);
1086 				mutex_exit(&ufsvfsp->vfs_lock);
1087 			}
1088 			mutex_enter(&ip->i_tlock);
1089 			ip->i_writer = NULL;
1090 			cv_broadcast(&ip->i_wrcv);
1091 			mutex_exit(&ip->i_tlock);
1092 			rw_exit(&ip->i_contents);
1093 		}
1094 
1095 		if (error) {
1096 			/*
1097 			 * If we failed on a write, we may have already
1098 			 * allocated file blocks as well as pages.  It's
1099 			 * hard to undo the block allocation, but we must
1100 			 * be sure to invalidate any pages that may have
1101 			 * been allocated.
1102 			 *
1103 			 * If the page was created without initialization
1104 			 * then we must check if it should be possible
1105 			 * to destroy the new page and to keep the old data
1106 			 * on the disk.
1107 			 *
1108 			 * It is possible to destroy the page without
1109 			 * having to write back its contents only when
1110 			 * - the size of the file keeps unchanged
1111 			 * - bmap_write() did not allocate new disk blocks
1112 			 *   it is possible to create big files using "seek" and
1113 			 *   write to the end of the file. A "write" to a
1114 			 *   position before the end of the file would not
1115 			 *   change the size of the file but it would allocate
1116 			 *   new disk blocks.
1117 			 * - uiomove intended to overwrite the whole page.
1118 			 * - a new page was created (newpage == 1).
1119 			 */
1120 
1121 			if (i_size_changed == 0 && new_iblocks == 0 &&
1122 			    newpage) {
1123 
1124 				/* unwind what uiomove eventually last did */
1125 				uio->uio_resid = premove_resid;
1126 
1127 				/*
1128 				 * destroy the page, do not write ambiguous
1129 				 * data to the disk.
1130 				 */
1131 				flags = SM_DESTROY;
1132 			} else {
1133 				/*
1134 				 * write the page back to the disk, if dirty,
1135 				 * and remove the page from the cache.
1136 				 */
1137 				flags = SM_INVAL;
1138 			}
1139 
1140 			if (vpm_enable) {
1141 				/*
1142 				 *  Flush pages.
1143 				 */
1144 				(void) vpm_sync_pages(vp, off, n, flags);
1145 			} else {
1146 				(void) segmap_release(segkmap, base, flags);
1147 			}
1148 		} else {
1149 			flags = 0;
1150 			/*
1151 			 * Force write back for synchronous write cases.
1152 			 */
1153 			if ((ioflag & (FSYNC|FDSYNC)) || type == IFDIR) {
1154 				/*
1155 				 * If the sticky bit is set but the
1156 				 * execute bit is not set, we do a
1157 				 * synchronous write back and free
1158 				 * the page when done.  We set up swap
1159 				 * files to be handled this way to
1160 				 * prevent servers from keeping around
1161 				 * the client's swap pages too long.
1162 				 * XXX - there ought to be a better way.
1163 				 */
1164 				if (IS_SWAPVP(vp)) {
1165 					flags = SM_WRITE | SM_FREE |
1166 					    SM_DONTNEED;
1167 					iupdat_flag = 0;
1168 				} else {
1169 					flags = SM_WRITE;
1170 				}
1171 			} else if (n + on == MAXBSIZE || IS_SWAPVP(vp)) {
1172 				/*
1173 				 * Have written a whole block.
1174 				 * Start an asynchronous write and
1175 				 * mark the buffer to indicate that
1176 				 * it won't be needed again soon.
1177 				 */
1178 				flags = SM_WRITE | SM_ASYNC | SM_DONTNEED;
1179 			}
1180 			if (vpm_enable) {
1181 				/*
1182 				 * Flush pages.
1183 				 */
1184 				error = vpm_sync_pages(vp, off, n, flags);
1185 			} else {
1186 				error = segmap_release(segkmap, base, flags);
1187 			}
1188 			/*
1189 			 * If the operation failed and is synchronous,
1190 			 * then we need to unwind what uiomove() last
1191 			 * did so we can potentially return an error to
1192 			 * the caller.  If this write operation was
1193 			 * done in two pieces and the first succeeded,
1194 			 * then we won't return an error for the second
1195 			 * piece that failed.  However, we only want to
1196 			 * return a resid value that reflects what was
1197 			 * really done.
1198 			 *
1199 			 * Failures for non-synchronous operations can
1200 			 * be ignored since the page subsystem will
1201 			 * retry the operation until it succeeds or the
1202 			 * file system is unmounted.
1203 			 */
1204 			if (error) {
1205 				if ((ioflag & (FSYNC | FDSYNC)) ||
1206 				    type == IFDIR) {
1207 					uio->uio_resid = premove_resid;
1208 				} else {
1209 					error = 0;
1210 				}
1211 			}
1212 		}
1213 
1214 		/*
1215 		 * Re-acquire contents lock.
1216 		 * If it was dropped, reacquire reader vfs_dqrwlock as well.
1217 		 */
1218 		if (do_dqrwlock)
1219 			rw_enter(&ufsvfsp->vfs_dqrwlock, RW_READER);
1220 		rw_enter(&ip->i_contents, RW_WRITER);
1221 
1222 		/*
1223 		 * If the uiomove() failed or if a synchronous
1224 		 * page push failed, fix up i_size.
1225 		 */
1226 		if (error) {
1227 			if (i_size_changed) {
1228 				/*
1229 				 * The uiomove failed, and we
1230 				 * allocated blocks,so get rid
1231 				 * of them.
1232 				 */
1233 				(void) ufs_itrunc(ip, old_i_size, 0, cr);
1234 			}
1235 		} else {
1236 			/*
1237 			 * XXX - Can this be out of the loop?
1238 			 */
1239 			ip->i_flag |= IUPD | ICHG;
1240 			/*
1241 			 * Only do one increase of i_seq for multiple
1242 			 * pieces.  Because we drop locks, record
1243 			 * the fact that we changed the timestamp and
1244 			 * are deferring the increase in case another thread
1245 			 * pushes our timestamp update.
1246 			 */
1247 			i_seq_needed = 1;
1248 			ip->i_flag |= ISEQ;
1249 			if (i_size_changed)
1250 				ip->i_flag |= IATTCHG;
1251 			if ((ip->i_mode & (IEXEC | (IEXEC >> 3) |
1252 			    (IEXEC >> 6))) != 0 &&
1253 			    (ip->i_mode & (ISUID | ISGID)) != 0 &&
1254 			    secpolicy_vnode_setid_retain(cr,
1255 			    (ip->i_mode & ISUID) != 0 && ip->i_uid == 0) != 0) {
1256 				/*
1257 				 * Clear Set-UID & Set-GID bits on
1258 				 * successful write if not privileged
1259 				 * and at least one of the execute bits
1260 				 * is set.  If we always clear Set-GID,
1261 				 * mandatory file and record locking is
1262 				 * unuseable.
1263 				 */
1264 				ip->i_mode &= ~(ISUID | ISGID);
1265 			}
1266 		}
1267 		/*
1268 		 * In the case the FDSYNC flag is set and this is a
1269 		 * "rewrite" we won't log a delta.
1270 		 * The FSYNC flag overrides all cases.
1271 		 */
1272 		if (!ufs_check_rewrite(ip, uio, ioflag) || !(ioflag & FDSYNC)) {
1273 			TRANS_INODE(ufsvfsp, ip);
1274 		}
1275 	} while (error == 0 && uio->uio_resid > 0 && n != 0);
1276 
1277 out:
1278 	/*
1279 	 * Make sure i_seq is increased at least once per write
1280 	 */
1281 	if (i_seq_needed) {
1282 		ip->i_seq++;
1283 		ip->i_flag &= ~ISEQ;	/* no longer deferred */
1284 	}
1285 
1286 	/*
1287 	 * Inode is updated according to this table -
1288 	 *
1289 	 *   FSYNC	  FDSYNC(posix.4)
1290 	 *   --------------------------
1291 	 *   always@	  IATTCHG|IBDWRITE
1292 	 *
1293 	 * @ - 	If we are doing synchronous write the only time we should
1294 	 *	not be sync'ing the ip here is if we have the stickyhack
1295 	 *	activated, the file is marked with the sticky bit and
1296 	 *	no exec bit, the file length has not been changed and
1297 	 *	no new blocks have been allocated during this write.
1298 	 */
1299 
1300 	if ((ip->i_flag & ISYNC) != 0) {
1301 		/*
1302 		 * we have eliminated nosync
1303 		 */
1304 		if ((ip->i_flag & (IATTCHG|IBDWRITE)) ||
1305 		    ((ioflag & FSYNC) && iupdat_flag)) {
1306 			ufs_iupdat(ip, 1);
1307 		}
1308 	}
1309 
1310 	/*
1311 	 * If we've already done a partial-write, terminate
1312 	 * the write but return no error unless the error is ENOSPC
1313 	 * because the caller can detect this and free resources and
1314 	 * try again.
1315 	 */
1316 	if ((start_resid != uio->uio_resid) && (error != ENOSPC))
1317 		error = 0;
1318 
1319 	ip->i_flag &= ~(INOACC | ISYNC);
1320 	ITIMES_NOLOCK(ip);
1321 	return (error);
1322 }
1323 
1324 /*
1325  * rdip does the real work of read requests for ufs.
1326  */
1327 int
1328 rdip(struct inode *ip, struct uio *uio, int ioflag, cred_t *cr)
1329 {
1330 	u_offset_t off;
1331 	caddr_t base;
1332 	struct fs *fs;
1333 	struct ufsvfs *ufsvfsp;
1334 	struct vnode *vp;
1335 	long oresid = uio->uio_resid;
1336 	u_offset_t n, on, mapon;
1337 	int error = 0;
1338 	int doupdate = 1;
1339 	uint_t flags;
1340 	int dofree, directio_status;
1341 	krw_t rwtype;
1342 	o_mode_t type;
1343 
1344 	vp = ITOV(ip);
1345 
1346 	ASSERT(RW_LOCK_HELD(&ip->i_contents));
1347 
1348 	ufsvfsp = ip->i_ufsvfs;
1349 
1350 	if (ufsvfsp == NULL)
1351 		return (EIO);
1352 
1353 	fs = ufsvfsp->vfs_fs;
1354 
1355 	/* check for valid filetype */
1356 	type = ip->i_mode & IFMT;
1357 	if ((type != IFREG) && (type != IFDIR) && (type != IFATTRDIR) &&
1358 	    (type != IFLNK) && (type != IFSHAD)) {
1359 		return (EIO);
1360 	}
1361 
1362 	if (uio->uio_loffset > UFS_MAXOFFSET_T) {
1363 		error = 0;
1364 		goto out;
1365 	}
1366 	if (uio->uio_loffset < (offset_t)0) {
1367 		return (EINVAL);
1368 	}
1369 	if (uio->uio_resid == 0) {
1370 		return (0);
1371 	}
1372 
1373 	if (!ULOCKFS_IS_NOIACC(ITOUL(ip)) && (fs->fs_ronly == 0) &&
1374 	    (!ufsvfsp->vfs_noatime)) {
1375 		mutex_enter(&ip->i_tlock);
1376 		ip->i_flag |= IACC;
1377 		mutex_exit(&ip->i_tlock);
1378 	}
1379 	/*
1380 	 * Try to go direct
1381 	 */
1382 	if (ip->i_flag & IDIRECTIO || ufsvfsp->vfs_forcedirectio) {
1383 		error = ufs_directio_read(ip, uio, cr, &directio_status);
1384 		if (directio_status == DIRECTIO_SUCCESS)
1385 			goto out;
1386 	}
1387 
1388 	rwtype = (rw_write_held(&ip->i_contents)?RW_WRITER:RW_READER);
1389 
1390 	do {
1391 		offset_t diff;
1392 		u_offset_t uoff = uio->uio_loffset;
1393 		off = uoff & (offset_t)MAXBMASK;
1394 		mapon = (u_offset_t)(uoff & (offset_t)MAXBOFFSET);
1395 		on = (u_offset_t)blkoff(fs, uoff);
1396 		n = MIN((u_offset_t)fs->fs_bsize - on,
1397 		    (u_offset_t)uio->uio_resid);
1398 
1399 		diff = ip->i_size - uoff;
1400 
1401 		if (diff <= (offset_t)0) {
1402 			error = 0;
1403 			goto out;
1404 		}
1405 		if (diff < (offset_t)n)
1406 			n = (int)diff;
1407 
1408 		/*
1409 		 * We update smallfile2 and smallfile1 at most every second.
1410 		 */
1411 		if (lbolt >= smallfile_update) {
1412 			uint64_t percpufreeb;
1413 			if (smallfile1_d == 0) smallfile1_d = SMALLFILE1_D;
1414 			if (smallfile2_d == 0) smallfile2_d = SMALLFILE2_D;
1415 			percpufreeb = ptob((uint64_t)freemem) / ncpus_online;
1416 			smallfile1 = percpufreeb / smallfile1_d;
1417 			smallfile2 = percpufreeb / smallfile2_d;
1418 			smallfile1 = MAX(smallfile1, smallfile);
1419 			smallfile1 = MAX(smallfile1, smallfile64);
1420 			smallfile2 = MAX(smallfile1, smallfile2);
1421 			smallfile_update = lbolt + hz;
1422 		}
1423 
1424 		dofree = freebehind &&
1425 		    ip->i_nextr == (off & PAGEMASK) && off > smallfile1;
1426 
1427 		/*
1428 		 * At this point we can enter ufs_getpage() in one of two
1429 		 * ways:
1430 		 * 1) segmap_getmapflt() calls ufs_getpage() when the
1431 		 *    forcefault parameter is true (value of 1 is passed)
1432 		 * 2) uiomove() causes a page fault.
1433 		 *
1434 		 * We cannot hold onto an i_contents reader lock without
1435 		 * risking deadlock in ufs_getpage() so drop a reader lock.
1436 		 * The ufs_getpage() dolock logic already allows for a
1437 		 * thread holding i_contents as writer to work properly
1438 		 * so we keep a writer lock.
1439 		 */
1440 		if (rwtype == RW_READER)
1441 			rw_exit(&ip->i_contents);
1442 
1443 		if (vpm_enable) {
1444 			/*
1445 			 * Copy data.
1446 			 */
1447 			error = vpm_data_copy(vp, (off + mapon), (uint_t)n,
1448 			    uio, 1, NULL, 0, S_READ);
1449 		} else {
1450 			base = segmap_getmapflt(segkmap, vp, (off + mapon),
1451 			    (uint_t)n, 1, S_READ);
1452 			error = uiomove(base + mapon, (long)n, UIO_READ, uio);
1453 		}
1454 
1455 		flags = 0;
1456 		if (!error) {
1457 			/*
1458 			 * If  reading sequential  we won't need  this
1459 			 * buffer again  soon.  For  offsets in  range
1460 			 * [smallfile1,  smallfile2] release the pages
1461 			 * at   the  tail  of the   cache list, larger
1462 			 * offsets are released at the head.
1463 			 */
1464 			if (dofree) {
1465 				flags = SM_FREE | SM_ASYNC;
1466 				if ((cache_read_ahead == 0) &&
1467 				    (off > smallfile2))
1468 					flags |=  SM_DONTNEED;
1469 			}
1470 			/*
1471 			 * In POSIX SYNC (FSYNC and FDSYNC) read mode,
1472 			 * we want to make sure that the page which has
1473 			 * been read, is written on disk if it is dirty.
1474 			 * And corresponding indirect blocks should also
1475 			 * be flushed out.
1476 			 */
1477 			if ((ioflag & FRSYNC) && (ioflag & (FSYNC|FDSYNC))) {
1478 				flags &= ~SM_ASYNC;
1479 				flags |= SM_WRITE;
1480 			}
1481 			if (vpm_enable) {
1482 				error = vpm_sync_pages(vp, off, n, flags);
1483 			} else {
1484 				error = segmap_release(segkmap, base, flags);
1485 			}
1486 		} else {
1487 			if (vpm_enable) {
1488 				(void) vpm_sync_pages(vp, off, n, flags);
1489 			} else {
1490 				(void) segmap_release(segkmap, base, flags);
1491 			}
1492 		}
1493 
1494 		if (rwtype == RW_READER)
1495 			rw_enter(&ip->i_contents, rwtype);
1496 	} while (error == 0 && uio->uio_resid > 0 && n != 0);
1497 out:
1498 	/*
1499 	 * Inode is updated according to this table if FRSYNC is set.
1500 	 *
1501 	 *   FSYNC	  FDSYNC(posix.4)
1502 	 *   --------------------------
1503 	 *   always	  IATTCHG|IBDWRITE
1504 	 */
1505 	/*
1506 	 * The inode is not updated if we're logging and the inode is a
1507 	 * directory with FRSYNC, FSYNC and FDSYNC flags set.
1508 	 */
1509 	if (ioflag & FRSYNC) {
1510 		if (TRANS_ISTRANS(ufsvfsp) && ((ip->i_mode & IFMT) == IFDIR)) {
1511 				doupdate = 0;
1512 		}
1513 		if (doupdate) {
1514 			if ((ioflag & FSYNC) ||
1515 			    ((ioflag & FDSYNC) &&
1516 			    (ip->i_flag & (IATTCHG|IBDWRITE)))) {
1517 				ufs_iupdat(ip, 1);
1518 			}
1519 		}
1520 	}
1521 	/*
1522 	 * If we've already done a partial read, terminate
1523 	 * the read but return no error.
1524 	 */
1525 	if (oresid != uio->uio_resid)
1526 		error = 0;
1527 	ITIMES(ip);
1528 
1529 	return (error);
1530 }
1531 
1532 /* ARGSUSED */
1533 static int
1534 ufs_ioctl(
1535 	struct vnode	*vp,
1536 	int		cmd,
1537 	intptr_t	arg,
1538 	int		flag,
1539 	struct cred	*cr,
1540 	int		*rvalp,
1541 	caller_context_t *ct)
1542 {
1543 	struct lockfs	lockfs, lockfs_out;
1544 	struct ufsvfs	*ufsvfsp = VTOI(vp)->i_ufsvfs;
1545 	char		*comment, *original_comment;
1546 	struct fs	*fs;
1547 	struct ulockfs	*ulp;
1548 	offset_t	off;
1549 	extern int	maxphys;
1550 	int		error;
1551 	int		issync;
1552 	int		trans_size;
1553 
1554 
1555 	/*
1556 	 * forcibly unmounted
1557 	 */
1558 	if (ufsvfsp == NULL) {
1559 		return (EIO);
1560 	}
1561 
1562 	fs = ufsvfsp->vfs_fs;
1563 
1564 	if (cmd == Q_QUOTACTL) {
1565 		error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_QUOTA_MASK);
1566 		if (error)
1567 			return (error);
1568 
1569 		if (ulp) {
1570 			TRANS_BEGIN_ASYNC(ufsvfsp, TOP_QUOTA,
1571 			    TOP_SETQUOTA_SIZE(fs));
1572 		}
1573 
1574 		error = quotactl(vp, arg, flag, cr);
1575 
1576 		if (ulp) {
1577 			TRANS_END_ASYNC(ufsvfsp, TOP_QUOTA,
1578 			    TOP_SETQUOTA_SIZE(fs));
1579 			ufs_lockfs_end(ulp);
1580 		}
1581 		return (error);
1582 	}
1583 
1584 	switch (cmd) {
1585 		case _FIOLFS:
1586 			/*
1587 			 * file system locking
1588 			 */
1589 			if (secpolicy_fs_config(cr, ufsvfsp->vfs_vfs) != 0)
1590 				return (EPERM);
1591 
1592 			if ((flag & DATAMODEL_MASK) == DATAMODEL_NATIVE) {
1593 				if (copyin((caddr_t)arg, &lockfs,
1594 				    sizeof (struct lockfs)))
1595 					return (EFAULT);
1596 			}
1597 #ifdef _SYSCALL32_IMPL
1598 			else {
1599 				struct lockfs32	lockfs32;
1600 				/* Translate ILP32 lockfs to LP64 lockfs */
1601 				if (copyin((caddr_t)arg, &lockfs32,
1602 				    sizeof (struct lockfs32)))
1603 					return (EFAULT);
1604 				lockfs.lf_lock = (ulong_t)lockfs32.lf_lock;
1605 				lockfs.lf_flags = (ulong_t)lockfs32.lf_flags;
1606 				lockfs.lf_key = (ulong_t)lockfs32.lf_key;
1607 				lockfs.lf_comlen = (ulong_t)lockfs32.lf_comlen;
1608 				lockfs.lf_comment =
1609 				    (caddr_t)(uintptr_t)lockfs32.lf_comment;
1610 			}
1611 #endif /* _SYSCALL32_IMPL */
1612 
1613 			if (lockfs.lf_comlen) {
1614 				if (lockfs.lf_comlen > LOCKFS_MAXCOMMENTLEN)
1615 					return (ENAMETOOLONG);
1616 				comment =
1617 				    kmem_alloc(lockfs.lf_comlen, KM_SLEEP);
1618 				if (copyin(lockfs.lf_comment, comment,
1619 				    lockfs.lf_comlen)) {
1620 					kmem_free(comment, lockfs.lf_comlen);
1621 					return (EFAULT);
1622 				}
1623 				original_comment = lockfs.lf_comment;
1624 				lockfs.lf_comment = comment;
1625 			}
1626 			if ((error = ufs_fiolfs(vp, &lockfs, 0)) == 0) {
1627 				lockfs.lf_comment = original_comment;
1628 
1629 				if ((flag & DATAMODEL_MASK) ==
1630 				    DATAMODEL_NATIVE) {
1631 					(void) copyout(&lockfs, (caddr_t)arg,
1632 					    sizeof (struct lockfs));
1633 				}
1634 #ifdef _SYSCALL32_IMPL
1635 				else {
1636 					struct lockfs32	lockfs32;
1637 					/* Translate LP64 to ILP32 lockfs */
1638 					lockfs32.lf_lock =
1639 					    (uint32_t)lockfs.lf_lock;
1640 					lockfs32.lf_flags =
1641 					    (uint32_t)lockfs.lf_flags;
1642 					lockfs32.lf_key =
1643 					    (uint32_t)lockfs.lf_key;
1644 					lockfs32.lf_comlen =
1645 					    (uint32_t)lockfs.lf_comlen;
1646 					lockfs32.lf_comment =
1647 					    (uint32_t)(uintptr_t)
1648 					    lockfs.lf_comment;
1649 					(void) copyout(&lockfs32, (caddr_t)arg,
1650 					    sizeof (struct lockfs32));
1651 				}
1652 #endif /* _SYSCALL32_IMPL */
1653 
1654 			} else {
1655 				if (lockfs.lf_comlen)
1656 					kmem_free(comment, lockfs.lf_comlen);
1657 			}
1658 			return (error);
1659 
1660 		case _FIOLFSS:
1661 			/*
1662 			 * get file system locking status
1663 			 */
1664 
1665 			if ((flag & DATAMODEL_MASK) == DATAMODEL_NATIVE) {
1666 				if (copyin((caddr_t)arg, &lockfs,
1667 				    sizeof (struct lockfs)))
1668 					return (EFAULT);
1669 			}
1670 #ifdef _SYSCALL32_IMPL
1671 			else {
1672 				struct lockfs32	lockfs32;
1673 				/* Translate ILP32 lockfs to LP64 lockfs */
1674 				if (copyin((caddr_t)arg, &lockfs32,
1675 				    sizeof (struct lockfs32)))
1676 					return (EFAULT);
1677 				lockfs.lf_lock = (ulong_t)lockfs32.lf_lock;
1678 				lockfs.lf_flags = (ulong_t)lockfs32.lf_flags;
1679 				lockfs.lf_key = (ulong_t)lockfs32.lf_key;
1680 				lockfs.lf_comlen = (ulong_t)lockfs32.lf_comlen;
1681 				lockfs.lf_comment =
1682 				    (caddr_t)(uintptr_t)lockfs32.lf_comment;
1683 			}
1684 #endif /* _SYSCALL32_IMPL */
1685 
1686 			if (error =  ufs_fiolfss(vp, &lockfs_out))
1687 				return (error);
1688 			lockfs.lf_lock = lockfs_out.lf_lock;
1689 			lockfs.lf_key = lockfs_out.lf_key;
1690 			lockfs.lf_flags = lockfs_out.lf_flags;
1691 			lockfs.lf_comlen = MIN(lockfs.lf_comlen,
1692 			    lockfs_out.lf_comlen);
1693 
1694 			if ((flag & DATAMODEL_MASK) == DATAMODEL_NATIVE) {
1695 				if (copyout(&lockfs, (caddr_t)arg,
1696 				    sizeof (struct lockfs)))
1697 					return (EFAULT);
1698 			}
1699 #ifdef _SYSCALL32_IMPL
1700 			else {
1701 				/* Translate LP64 to ILP32 lockfs */
1702 				struct lockfs32	lockfs32;
1703 				lockfs32.lf_lock = (uint32_t)lockfs.lf_lock;
1704 				lockfs32.lf_flags = (uint32_t)lockfs.lf_flags;
1705 				lockfs32.lf_key = (uint32_t)lockfs.lf_key;
1706 				lockfs32.lf_comlen = (uint32_t)lockfs.lf_comlen;
1707 				lockfs32.lf_comment =
1708 				    (uint32_t)(uintptr_t)lockfs.lf_comment;
1709 				if (copyout(&lockfs32, (caddr_t)arg,
1710 				    sizeof (struct lockfs32)))
1711 					return (EFAULT);
1712 			}
1713 #endif /* _SYSCALL32_IMPL */
1714 
1715 			if (lockfs.lf_comlen &&
1716 			    lockfs.lf_comment && lockfs_out.lf_comment)
1717 				if (copyout(lockfs_out.lf_comment,
1718 				    lockfs.lf_comment, lockfs.lf_comlen))
1719 					return (EFAULT);
1720 			return (0);
1721 
1722 		case _FIOSATIME:
1723 			/*
1724 			 * set access time
1725 			 */
1726 
1727 			/*
1728 			 * if mounted w/o atime, return quietly.
1729 			 * I briefly thought about returning ENOSYS, but
1730 			 * figured that most apps would consider this fatal
1731 			 * but the idea is to make this as seamless as poss.
1732 			 */
1733 			if (ufsvfsp->vfs_noatime)
1734 				return (0);
1735 
1736 			error = ufs_lockfs_begin(ufsvfsp, &ulp,
1737 			    ULOCKFS_SETATTR_MASK);
1738 			if (error)
1739 				return (error);
1740 
1741 			if (ulp) {
1742 				trans_size = (int)TOP_SETATTR_SIZE(VTOI(vp));
1743 				TRANS_BEGIN_CSYNC(ufsvfsp, issync,
1744 				    TOP_SETATTR, trans_size);
1745 			}
1746 
1747 			error = ufs_fiosatime(vp, (struct timeval *)arg,
1748 			    flag, cr);
1749 
1750 			if (ulp) {
1751 				TRANS_END_CSYNC(ufsvfsp, error, issync,
1752 				    TOP_SETATTR, trans_size);
1753 				ufs_lockfs_end(ulp);
1754 			}
1755 			return (error);
1756 
1757 		case _FIOSDIO:
1758 			/*
1759 			 * set delayed-io
1760 			 */
1761 			return (ufs_fiosdio(vp, (uint_t *)arg, flag, cr));
1762 
1763 		case _FIOGDIO:
1764 			/*
1765 			 * get delayed-io
1766 			 */
1767 			return (ufs_fiogdio(vp, (uint_t *)arg, flag, cr));
1768 
1769 		case _FIOIO:
1770 			/*
1771 			 * inode open
1772 			 */
1773 			error = ufs_lockfs_begin(ufsvfsp, &ulp,
1774 			    ULOCKFS_VGET_MASK);
1775 			if (error)
1776 				return (error);
1777 
1778 			error = ufs_fioio(vp, (struct fioio *)arg, flag, cr);
1779 
1780 			if (ulp) {
1781 				ufs_lockfs_end(ulp);
1782 			}
1783 			return (error);
1784 
1785 		case _FIOFFS:
1786 			/*
1787 			 * file system flush (push w/invalidate)
1788 			 */
1789 			if ((caddr_t)arg != NULL)
1790 				return (EINVAL);
1791 			return (ufs_fioffs(vp, NULL, cr));
1792 
1793 		case _FIOISBUSY:
1794 			/*
1795 			 * Contract-private interface for Legato
1796 			 * Purge this vnode from the DNLC and decide
1797 			 * if this vnode is busy (*arg == 1) or not
1798 			 * (*arg == 0)
1799 			 */
1800 			if (secpolicy_fs_config(cr, ufsvfsp->vfs_vfs) != 0)
1801 				return (EPERM);
1802 			error = ufs_fioisbusy(vp, (int *)arg, cr);
1803 			return (error);
1804 
1805 		case _FIODIRECTIO:
1806 			return (ufs_fiodirectio(vp, (int)arg, cr));
1807 
1808 		case _FIOTUNE:
1809 			/*
1810 			 * Tune the file system (aka setting fs attributes)
1811 			 */
1812 			error = ufs_lockfs_begin(ufsvfsp, &ulp,
1813 			    ULOCKFS_SETATTR_MASK);
1814 			if (error)
1815 				return (error);
1816 
1817 			error = ufs_fiotune(vp, (struct fiotune *)arg, cr);
1818 
1819 			if (ulp)
1820 				ufs_lockfs_end(ulp);
1821 			return (error);
1822 
1823 		case _FIOLOGENABLE:
1824 			if (secpolicy_fs_config(cr, ufsvfsp->vfs_vfs) != 0)
1825 				return (EPERM);
1826 			return (ufs_fiologenable(vp, (void *)arg, cr, flag));
1827 
1828 		case _FIOLOGDISABLE:
1829 			if (secpolicy_fs_config(cr, ufsvfsp->vfs_vfs) != 0)
1830 				return (EPERM);
1831 			return (ufs_fiologdisable(vp, (void *)arg, cr, flag));
1832 
1833 		case _FIOISLOG:
1834 			return (ufs_fioislog(vp, (void *)arg, cr, flag));
1835 
1836 		case _FIOSNAPSHOTCREATE_MULTI:
1837 		{
1838 			struct fiosnapcreate_multi	fc, *fcp;
1839 			size_t	fcm_size;
1840 
1841 			if (copyin((void *)arg, &fc, sizeof (fc)))
1842 				return (EFAULT);
1843 			if (fc.backfilecount > MAX_BACKFILE_COUNT)
1844 				return (EINVAL);
1845 			fcm_size = sizeof (struct fiosnapcreate_multi) +
1846 			    (fc.backfilecount - 1) * sizeof (int);
1847 			fcp = (struct fiosnapcreate_multi *)
1848 			    kmem_alloc(fcm_size, KM_SLEEP);
1849 			if (copyin((void *)arg, fcp, fcm_size)) {
1850 				kmem_free(fcp, fcm_size);
1851 				return (EFAULT);
1852 			}
1853 			error = ufs_snap_create(vp, fcp, cr);
1854 			/*
1855 			 * Do copyout even if there is an error because
1856 			 * the details of error is stored in fcp.
1857 			 */
1858 			if (copyout(fcp, (void *)arg, fcm_size))
1859 				error = EFAULT;
1860 			kmem_free(fcp, fcm_size);
1861 			return (error);
1862 		}
1863 
1864 		case _FIOSNAPSHOTDELETE:
1865 		{
1866 			struct fiosnapdelete	fc;
1867 
1868 			if (copyin((void *)arg, &fc, sizeof (fc)))
1869 				return (EFAULT);
1870 			error = ufs_snap_delete(vp, &fc, cr);
1871 			if (!error && copyout(&fc, (void *)arg, sizeof (fc)))
1872 				error = EFAULT;
1873 			return (error);
1874 		}
1875 
1876 		case _FIOGETSUPERBLOCK:
1877 			if (copyout(fs, (void *)arg, SBSIZE))
1878 				return (EFAULT);
1879 			return (0);
1880 
1881 		case _FIOGETMAXPHYS:
1882 			if (copyout(&maxphys, (void *)arg, sizeof (maxphys)))
1883 				return (EFAULT);
1884 			return (0);
1885 
1886 		/*
1887 		 * The following 3 ioctls are for TSufs support
1888 		 * although could potentially be used elsewhere
1889 		 */
1890 		case _FIO_SET_LUFS_DEBUG:
1891 			if (secpolicy_fs_config(cr, ufsvfsp->vfs_vfs) != 0)
1892 				return (EPERM);
1893 			lufs_debug = (uint32_t)arg;
1894 			return (0);
1895 
1896 		case _FIO_SET_LUFS_ERROR:
1897 			if (secpolicy_fs_config(cr, ufsvfsp->vfs_vfs) != 0)
1898 				return (EPERM);
1899 			TRANS_SETERROR(ufsvfsp);
1900 			return (0);
1901 
1902 		case _FIO_GET_TOP_STATS:
1903 		{
1904 			fio_lufs_stats_t *ls;
1905 			ml_unit_t *ul = ufsvfsp->vfs_log;
1906 
1907 			ls = kmem_zalloc(sizeof (*ls), KM_SLEEP);
1908 			ls->ls_debug = ul->un_debug; /* return debug value */
1909 			/* Copy stucture if statistics are being kept */
1910 			if (ul->un_logmap->mtm_tops) {
1911 				ls->ls_topstats = *(ul->un_logmap->mtm_tops);
1912 			}
1913 			error = 0;
1914 			if (copyout(ls, (void *)arg, sizeof (*ls)))
1915 				error = EFAULT;
1916 			kmem_free(ls, sizeof (*ls));
1917 			return (error);
1918 		}
1919 
1920 		case _FIO_SEEK_DATA:
1921 		case _FIO_SEEK_HOLE:
1922 			if (ddi_copyin((void *)arg, &off, sizeof (off), flag))
1923 				return (EFAULT);
1924 			/* offset paramater is in/out */
1925 			error = ufs_fio_holey(vp, cmd, &off);
1926 			if (error)
1927 				return (error);
1928 			if (ddi_copyout(&off, (void *)arg, sizeof (off), flag))
1929 				return (EFAULT);
1930 			return (0);
1931 
1932 		default:
1933 			return (ENOTTY);
1934 	}
1935 }
1936 
1937 /* ARGSUSED */
1938 static int
1939 ufs_getattr(struct vnode *vp, struct vattr *vap, int flags,
1940 	struct cred *cr, caller_context_t *ct)
1941 {
1942 	struct inode *ip = VTOI(vp);
1943 	struct ufsvfs *ufsvfsp;
1944 	int err;
1945 
1946 	if (vap->va_mask == AT_SIZE) {
1947 		/*
1948 		 * for performance, if only the size is requested don't bother
1949 		 * with anything else.
1950 		 */
1951 		UFS_GET_ISIZE(&vap->va_size, ip);
1952 		return (0);
1953 	}
1954 
1955 	/*
1956 	 * inlined lockfs checks
1957 	 */
1958 	ufsvfsp = ip->i_ufsvfs;
1959 	if ((ufsvfsp == NULL) || ULOCKFS_IS_HLOCK(&ufsvfsp->vfs_ulockfs)) {
1960 		err = EIO;
1961 		goto out;
1962 	}
1963 
1964 	rw_enter(&ip->i_contents, RW_READER);
1965 	/*
1966 	 * Return all the attributes.  This should be refined so
1967 	 * that it only returns what's asked for.
1968 	 */
1969 
1970 	/*
1971 	 * Copy from inode table.
1972 	 */
1973 	vap->va_type = vp->v_type;
1974 	vap->va_mode = ip->i_mode & MODEMASK;
1975 	/*
1976 	 * If there is an ACL and there is a mask entry, then do the
1977 	 * extra work that completes the equivalent of an acltomode(3)
1978 	 * call.  According to POSIX P1003.1e, the acl mask should be
1979 	 * returned in the group permissions field.
1980 	 *
1981 	 * - start with the original permission and mode bits (from above)
1982 	 * - clear the group owner bits
1983 	 * - add in the mask bits.
1984 	 */
1985 	if (ip->i_ufs_acl && ip->i_ufs_acl->aclass.acl_ismask) {
1986 		vap->va_mode &= ~((VREAD | VWRITE | VEXEC) >> 3);
1987 		vap->va_mode |=
1988 		    (ip->i_ufs_acl->aclass.acl_maskbits & PERMMASK) << 3;
1989 	}
1990 	vap->va_uid = ip->i_uid;
1991 	vap->va_gid = ip->i_gid;
1992 	vap->va_fsid = ip->i_dev;
1993 	vap->va_nodeid = (ino64_t)ip->i_number;
1994 	vap->va_nlink = ip->i_nlink;
1995 	vap->va_size = ip->i_size;
1996 	if (vp->v_type == VCHR || vp->v_type == VBLK)
1997 		vap->va_rdev = ip->i_rdev;
1998 	else
1999 		vap->va_rdev = 0;	/* not a b/c spec. */
2000 	mutex_enter(&ip->i_tlock);
2001 	ITIMES_NOLOCK(ip);	/* mark correct time in inode */
2002 	vap->va_seq = ip->i_seq;
2003 	vap->va_atime.tv_sec = (time_t)ip->i_atime.tv_sec;
2004 	vap->va_atime.tv_nsec = ip->i_atime.tv_usec*1000;
2005 	vap->va_mtime.tv_sec = (time_t)ip->i_mtime.tv_sec;
2006 	vap->va_mtime.tv_nsec = ip->i_mtime.tv_usec*1000;
2007 	vap->va_ctime.tv_sec = (time_t)ip->i_ctime.tv_sec;
2008 	vap->va_ctime.tv_nsec = ip->i_ctime.tv_usec*1000;
2009 	mutex_exit(&ip->i_tlock);
2010 
2011 	switch (ip->i_mode & IFMT) {
2012 
2013 	case IFBLK:
2014 		vap->va_blksize = MAXBSIZE;		/* was BLKDEV_IOSIZE */
2015 		break;
2016 
2017 	case IFCHR:
2018 		vap->va_blksize = MAXBSIZE;
2019 		break;
2020 
2021 	default:
2022 		vap->va_blksize = ip->i_fs->fs_bsize;
2023 		break;
2024 	}
2025 	vap->va_nblocks = (fsblkcnt64_t)ip->i_blocks;
2026 	rw_exit(&ip->i_contents);
2027 	err = 0;
2028 
2029 out:
2030 	return (err);
2031 }
2032 
2033 /*ARGSUSED4*/
2034 static int
2035 ufs_setattr(
2036 	struct vnode *vp,
2037 	struct vattr *vap,
2038 	int flags,
2039 	struct cred *cr,
2040 	caller_context_t *ct)
2041 {
2042 	struct inode *ip = VTOI(vp);
2043 	struct ufsvfs *ufsvfsp = ip->i_ufsvfs;
2044 	struct fs *fs;
2045 	struct ulockfs *ulp;
2046 	char *errmsg1;
2047 	char *errmsg2;
2048 	long blocks;
2049 	long int mask = vap->va_mask;
2050 	size_t len1, len2;
2051 	int issync;
2052 	int trans_size;
2053 	int dotrans;
2054 	int dorwlock;
2055 	int error;
2056 	int owner_change;
2057 	int dodqlock;
2058 	timestruc_t now;
2059 	vattr_t oldva;
2060 	int retry = 1;
2061 	int indeadlock;
2062 
2063 	/*
2064 	 * Cannot set these attributes.
2065 	 */
2066 	if ((mask & AT_NOSET) || (mask & AT_XVATTR))
2067 		return (EINVAL);
2068 
2069 	/*
2070 	 * check for forced unmount
2071 	 */
2072 	if (ufsvfsp == NULL)
2073 		return (EIO);
2074 
2075 	fs = ufsvfsp->vfs_fs;
2076 	if (fs->fs_ronly != 0)
2077 		return (EROFS);
2078 
2079 again:
2080 	errmsg1 = NULL;
2081 	errmsg2 = NULL;
2082 	dotrans = 0;
2083 	dorwlock = 0;
2084 	dodqlock = 0;
2085 
2086 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_SETATTR_MASK);
2087 	if (error)
2088 		goto out;
2089 
2090 	/*
2091 	 * Acquire i_rwlock before TRANS_BEGIN_CSYNC() if this is a file.
2092 	 * This follows the protocol for read()/write().
2093 	 */
2094 	if (vp->v_type != VDIR) {
2095 		/*
2096 		 * ufs_tryirwlock uses rw_tryenter and checks for SLOCK to
2097 		 * avoid i_rwlock, ufs_lockfs_begin deadlock. If deadlock
2098 		 * possible, retries the operation.
2099 		 */
2100 		ufs_tryirwlock(&ip->i_rwlock, RW_WRITER, retry_file);
2101 		if (indeadlock) {
2102 			if (ulp)
2103 				ufs_lockfs_end(ulp);
2104 			goto again;
2105 		}
2106 		dorwlock = 1;
2107 	}
2108 
2109 	/*
2110 	 * Truncate file.  Must have write permission and not be a directory.
2111 	 */
2112 	if (mask & AT_SIZE) {
2113 		rw_enter(&ip->i_contents, RW_WRITER);
2114 		if (vp->v_type == VDIR) {
2115 			error = EISDIR;
2116 			goto update_inode;
2117 		}
2118 		if (error = ufs_iaccess(ip, IWRITE, cr))
2119 			goto update_inode;
2120 
2121 		rw_exit(&ip->i_contents);
2122 		error = TRANS_ITRUNC(ip, vap->va_size, 0, cr);
2123 		if (error) {
2124 			rw_enter(&ip->i_contents, RW_WRITER);
2125 			goto update_inode;
2126 		}
2127 	}
2128 
2129 	if (ulp) {
2130 		trans_size = (int)TOP_SETATTR_SIZE(ip);
2131 		TRANS_BEGIN_CSYNC(ufsvfsp, issync, TOP_SETATTR, trans_size);
2132 		++dotrans;
2133 	}
2134 
2135 	/*
2136 	 * Acquire i_rwlock after TRANS_BEGIN_CSYNC() if this is a directory.
2137 	 * This follows the protocol established by
2138 	 * ufs_link/create/remove/rename/mkdir/rmdir/symlink.
2139 	 */
2140 	if (vp->v_type == VDIR) {
2141 		ufs_tryirwlock_trans(&ip->i_rwlock, RW_WRITER, TOP_SETATTR,
2142 		    retry_dir);
2143 		if (indeadlock)
2144 			goto again;
2145 		dorwlock = 1;
2146 	}
2147 
2148 	/*
2149 	 * Grab quota lock if we are changing the file's owner.
2150 	 */
2151 	if (mask & AT_UID) {
2152 		rw_enter(&ufsvfsp->vfs_dqrwlock, RW_READER);
2153 		dodqlock = 1;
2154 	}
2155 	rw_enter(&ip->i_contents, RW_WRITER);
2156 
2157 	oldva.va_mode = ip->i_mode;
2158 	oldva.va_uid = ip->i_uid;
2159 	oldva.va_gid = ip->i_gid;
2160 
2161 	vap->va_mask &= ~AT_SIZE;
2162 	/*
2163 	 * ufs_iaccess is "close enough"; that's because it doesn't
2164 	 * map the defines.
2165 	 */
2166 	error = secpolicy_vnode_setattr(cr, vp, vap, &oldva, flags,
2167 	    ufs_iaccess, ip);
2168 	if (error)
2169 		goto update_inode;
2170 
2171 	mask = vap->va_mask;
2172 
2173 	/*
2174 	 * Change file access modes.
2175 	 */
2176 	if (mask & AT_MODE) {
2177 		ip->i_mode = (ip->i_mode & IFMT) | (vap->va_mode & ~IFMT);
2178 		TRANS_INODE(ufsvfsp, ip);
2179 		ip->i_flag |= ICHG;
2180 		if (stickyhack) {
2181 			mutex_enter(&vp->v_lock);
2182 			if ((ip->i_mode & (ISVTX | IEXEC | IFDIR)) == ISVTX)
2183 				vp->v_flag |= VSWAPLIKE;
2184 			else
2185 				vp->v_flag &= ~VSWAPLIKE;
2186 			mutex_exit(&vp->v_lock);
2187 		}
2188 	}
2189 	if (mask & (AT_UID|AT_GID)) {
2190 		if (mask & AT_UID) {
2191 			/*
2192 			 * Don't change ownership of the quota inode.
2193 			 */
2194 			if (ufsvfsp->vfs_qinod == ip) {
2195 				ASSERT(ufsvfsp->vfs_qflags & MQ_ENABLED);
2196 				error = EINVAL;
2197 				goto update_inode;
2198 			}
2199 
2200 			/*
2201 			 * No real ownership change.
2202 			 */
2203 			if (ip->i_uid == vap->va_uid) {
2204 				blocks = 0;
2205 				owner_change = 0;
2206 			}
2207 			/*
2208 			 * Remove the blocks and the file, from the old user's
2209 			 * quota.
2210 			 */
2211 			else {
2212 				blocks = ip->i_blocks;
2213 				owner_change = 1;
2214 
2215 				(void) chkdq(ip, -blocks, /* force */ 1, cr,
2216 				    (char **)NULL, (size_t *)NULL);
2217 				(void) chkiq(ufsvfsp, /* change */ -1, ip,
2218 				    (uid_t)ip->i_uid, /* force */ 1, cr,
2219 				    (char **)NULL, (size_t *)NULL);
2220 				dqrele(ip->i_dquot);
2221 			}
2222 
2223 			ip->i_uid = vap->va_uid;
2224 
2225 			/*
2226 			 * There is a real ownership change.
2227 			 */
2228 			if (owner_change) {
2229 				/*
2230 				 * Add the blocks and the file to the new
2231 				 * user's quota.
2232 				 */
2233 				ip->i_dquot = getinoquota(ip);
2234 				(void) chkdq(ip, blocks, /* force */ 1, cr,
2235 				    &errmsg1, &len1);
2236 				(void) chkiq(ufsvfsp, /* change */ 1,
2237 				    (struct inode *)NULL, (uid_t)ip->i_uid,
2238 				    /* force */ 1, cr, &errmsg2, &len2);
2239 			}
2240 		}
2241 		if (mask & AT_GID) {
2242 			ip->i_gid = vap->va_gid;
2243 		}
2244 		TRANS_INODE(ufsvfsp, ip);
2245 		ip->i_flag |= ICHG;
2246 	}
2247 	/*
2248 	 * Change file access or modified times.
2249 	 */
2250 	if (mask & (AT_ATIME|AT_MTIME)) {
2251 		/* Check that the time value is within ufs range */
2252 		if (((mask & AT_ATIME) && TIMESPEC_OVERFLOW(&vap->va_atime)) ||
2253 		    ((mask & AT_MTIME) && TIMESPEC_OVERFLOW(&vap->va_mtime))) {
2254 			error = EOVERFLOW;
2255 			goto update_inode;
2256 		}
2257 
2258 		/*
2259 		 * if the "noaccess" mount option is set and only atime
2260 		 * update is requested, do nothing. No error is returned.
2261 		 */
2262 		if ((ufsvfsp->vfs_noatime) &&
2263 		    ((mask & (AT_ATIME|AT_MTIME)) == AT_ATIME))
2264 			goto skip_atime;
2265 
2266 		if (mask & AT_ATIME) {
2267 			ip->i_atime.tv_sec = vap->va_atime.tv_sec;
2268 			ip->i_atime.tv_usec = vap->va_atime.tv_nsec / 1000;
2269 			ip->i_flag &= ~IACC;
2270 		}
2271 		if (mask & AT_MTIME) {
2272 			ip->i_mtime.tv_sec = vap->va_mtime.tv_sec;
2273 			ip->i_mtime.tv_usec = vap->va_mtime.tv_nsec / 1000;
2274 			gethrestime(&now);
2275 			if (now.tv_sec > TIME32_MAX) {
2276 				/*
2277 				 * In 2038, ctime sticks forever..
2278 				 */
2279 				ip->i_ctime.tv_sec = TIME32_MAX;
2280 				ip->i_ctime.tv_usec = 0;
2281 			} else {
2282 				ip->i_ctime.tv_sec = now.tv_sec;
2283 				ip->i_ctime.tv_usec = now.tv_nsec / 1000;
2284 			}
2285 			ip->i_flag &= ~(IUPD|ICHG);
2286 			ip->i_flag |= IMODTIME;
2287 		}
2288 		TRANS_INODE(ufsvfsp, ip);
2289 		ip->i_flag |= IMOD;
2290 	}
2291 
2292 skip_atime:
2293 	/*
2294 	 * The presence of a shadow inode may indicate an ACL, but does
2295 	 * not imply an ACL.  Future FSD types should be handled here too
2296 	 * and check for the presence of the attribute-specific data
2297 	 * before referencing it.
2298 	 */
2299 	if (ip->i_shadow) {
2300 		/*
2301 		 * XXX if ufs_iupdat is changed to sandbagged write fix
2302 		 * ufs_acl_setattr to push ip to keep acls consistent
2303 		 *
2304 		 * Suppress out of inodes messages if we will retry.
2305 		 */
2306 		if (retry)
2307 			ip->i_flag |= IQUIET;
2308 		error = ufs_acl_setattr(ip, vap, cr);
2309 		ip->i_flag &= ~IQUIET;
2310 	}
2311 
2312 update_inode:
2313 	/*
2314 	 * Setattr always increases the sequence number
2315 	 */
2316 	ip->i_seq++;
2317 
2318 	/*
2319 	 * if nfsd and not logging; push synchronously
2320 	 */
2321 	if ((curthread->t_flag & T_DONTPEND) && !TRANS_ISTRANS(ufsvfsp)) {
2322 		ufs_iupdat(ip, 1);
2323 	} else {
2324 		ITIMES_NOLOCK(ip);
2325 	}
2326 
2327 	rw_exit(&ip->i_contents);
2328 	if (dodqlock) {
2329 		rw_exit(&ufsvfsp->vfs_dqrwlock);
2330 	}
2331 	if (dorwlock)
2332 		rw_exit(&ip->i_rwlock);
2333 
2334 	if (ulp) {
2335 		if (dotrans) {
2336 			int terr = 0;
2337 			TRANS_END_CSYNC(ufsvfsp, terr, issync, TOP_SETATTR,
2338 			    trans_size);
2339 			if (error == 0)
2340 				error = terr;
2341 		}
2342 		ufs_lockfs_end(ulp);
2343 	}
2344 out:
2345 	/*
2346 	 * If out of inodes or blocks, see if we can free something
2347 	 * up from the delete queue.
2348 	 */
2349 	if ((error == ENOSPC) && retry && TRANS_ISTRANS(ufsvfsp)) {
2350 		ufs_delete_drain_wait(ufsvfsp, 1);
2351 		retry = 0;
2352 		if (errmsg1 != NULL)
2353 			kmem_free(errmsg1, len1);
2354 		if (errmsg2 != NULL)
2355 			kmem_free(errmsg2, len2);
2356 		goto again;
2357 	}
2358 	if (errmsg1 != NULL) {
2359 		uprintf(errmsg1);
2360 		kmem_free(errmsg1, len1);
2361 	}
2362 	if (errmsg2 != NULL) {
2363 		uprintf(errmsg2);
2364 		kmem_free(errmsg2, len2);
2365 	}
2366 	return (error);
2367 }
2368 
2369 /*ARGSUSED*/
2370 static int
2371 ufs_access(struct vnode *vp, int mode, int flags, struct cred *cr,
2372 	caller_context_t *ct)
2373 {
2374 	struct inode *ip = VTOI(vp);
2375 	int error;
2376 
2377 	if (ip->i_ufsvfs == NULL)
2378 		return (EIO);
2379 
2380 	rw_enter(&ip->i_contents, RW_READER);
2381 
2382 	/*
2383 	 * The ufs_iaccess function wants to be called with
2384 	 * mode bits expressed as "ufs specific" bits.
2385 	 * I.e., VWRITE|VREAD|VEXEC do not make sense to
2386 	 * ufs_iaccess() but IWRITE|IREAD|IEXEC do.
2387 	 * But since they're the same we just pass the vnode mode
2388 	 * bit but just verify that assumption at compile time.
2389 	 */
2390 #if IWRITE != VWRITE || IREAD != VREAD || IEXEC != VEXEC
2391 #error "ufs_access needs to map Vmodes to Imodes"
2392 #endif
2393 	error = ufs_iaccess(ip, mode, cr);
2394 
2395 	rw_exit(&ip->i_contents);
2396 
2397 	return (error);
2398 }
2399 
2400 /* ARGSUSED */
2401 static int
2402 ufs_readlink(struct vnode *vp, struct uio *uiop, struct cred *cr,
2403 	caller_context_t *ct)
2404 {
2405 	struct inode *ip = VTOI(vp);
2406 	struct ufsvfs *ufsvfsp;
2407 	struct ulockfs *ulp;
2408 	int error;
2409 	int fastsymlink;
2410 
2411 	if (vp->v_type != VLNK) {
2412 		error = EINVAL;
2413 		goto nolockout;
2414 	}
2415 
2416 	/*
2417 	 * If the symbolic link is empty there is nothing to read.
2418 	 * Fast-track these empty symbolic links
2419 	 */
2420 	if (ip->i_size == 0) {
2421 		error = 0;
2422 		goto nolockout;
2423 	}
2424 
2425 	ufsvfsp = ip->i_ufsvfs;
2426 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_READLINK_MASK);
2427 	if (error)
2428 		goto nolockout;
2429 	/*
2430 	 * The ip->i_rwlock protects the data blocks used for FASTSYMLINK
2431 	 */
2432 again:
2433 	fastsymlink = 0;
2434 	if (ip->i_flag & IFASTSYMLNK) {
2435 		rw_enter(&ip->i_rwlock, RW_READER);
2436 		rw_enter(&ip->i_contents, RW_READER);
2437 		if (ip->i_flag & IFASTSYMLNK) {
2438 			if (!ULOCKFS_IS_NOIACC(ITOUL(ip)) &&
2439 			    (ip->i_fs->fs_ronly == 0) &&
2440 			    (!ufsvfsp->vfs_noatime)) {
2441 				mutex_enter(&ip->i_tlock);
2442 				ip->i_flag |= IACC;
2443 				mutex_exit(&ip->i_tlock);
2444 			}
2445 			error = uiomove((caddr_t)&ip->i_db[1],
2446 			    MIN(ip->i_size, uiop->uio_resid),
2447 			    UIO_READ, uiop);
2448 			ITIMES(ip);
2449 			++fastsymlink;
2450 		}
2451 		rw_exit(&ip->i_contents);
2452 		rw_exit(&ip->i_rwlock);
2453 	}
2454 	if (!fastsymlink) {
2455 		ssize_t size;	/* number of bytes read  */
2456 		caddr_t basep;	/* pointer to input data */
2457 		ino_t ino;
2458 		long  igen;
2459 		struct uio tuio;	/* temp uio struct */
2460 		struct uio *tuiop;
2461 		iovec_t tiov;		/* temp iovec struct */
2462 		char kbuf[FSL_SIZE];	/* buffer to hold fast symlink */
2463 		int tflag = 0;		/* flag to indicate temp vars used */
2464 
2465 		ino = ip->i_number;
2466 		igen = ip->i_gen;
2467 		size = uiop->uio_resid;
2468 		basep = uiop->uio_iov->iov_base;
2469 		tuiop = uiop;
2470 
2471 		rw_enter(&ip->i_rwlock, RW_WRITER);
2472 		rw_enter(&ip->i_contents, RW_WRITER);
2473 		if (ip->i_flag & IFASTSYMLNK) {
2474 			rw_exit(&ip->i_contents);
2475 			rw_exit(&ip->i_rwlock);
2476 			goto again;
2477 		}
2478 
2479 		/* can this be a fast symlink and is it a user buffer? */
2480 		if (ip->i_size <= FSL_SIZE &&
2481 		    (uiop->uio_segflg == UIO_USERSPACE ||
2482 		    uiop->uio_segflg == UIO_USERISPACE)) {
2483 
2484 			bzero(&tuio, sizeof (struct uio));
2485 			/*
2486 			 * setup a kernel buffer to read link into.  this
2487 			 * is to fix a race condition where the user buffer
2488 			 * got corrupted before copying it into the inode.
2489 			 */
2490 			size = ip->i_size;
2491 			tiov.iov_len = size;
2492 			tiov.iov_base = kbuf;
2493 			tuio.uio_iov = &tiov;
2494 			tuio.uio_iovcnt = 1;
2495 			tuio.uio_offset = uiop->uio_offset;
2496 			tuio.uio_segflg = UIO_SYSSPACE;
2497 			tuio.uio_fmode = uiop->uio_fmode;
2498 			tuio.uio_extflg = uiop->uio_extflg;
2499 			tuio.uio_limit = uiop->uio_limit;
2500 			tuio.uio_resid = size;
2501 
2502 			basep = tuio.uio_iov->iov_base;
2503 			tuiop = &tuio;
2504 			tflag = 1;
2505 		}
2506 
2507 		error = rdip(ip, tuiop, 0, cr);
2508 		if (!(error == 0 && ip->i_number == ino && ip->i_gen == igen)) {
2509 			rw_exit(&ip->i_contents);
2510 			rw_exit(&ip->i_rwlock);
2511 			goto out;
2512 		}
2513 
2514 		if (tflag == 0)
2515 			size -= uiop->uio_resid;
2516 
2517 		if ((tflag == 0 && ip->i_size <= FSL_SIZE &&
2518 		    ip->i_size == size) || (tflag == 1 &&
2519 		    tuio.uio_resid == 0)) {
2520 			error = kcopy(basep, &ip->i_db[1], ip->i_size);
2521 			if (error == 0) {
2522 				ip->i_flag |= IFASTSYMLNK;
2523 				/*
2524 				 * free page
2525 				 */
2526 				(void) VOP_PUTPAGE(ITOV(ip),
2527 				    (offset_t)0, PAGESIZE,
2528 				    (B_DONTNEED | B_FREE | B_FORCE | B_ASYNC),
2529 				    cr, ct);
2530 			} else {
2531 				int i;
2532 				/* error, clear garbage left behind */
2533 				for (i = 1; i < NDADDR; i++)
2534 					ip->i_db[i] = 0;
2535 				for (i = 0; i < NIADDR; i++)
2536 					ip->i_ib[i] = 0;
2537 			}
2538 		}
2539 		if (tflag == 1) {
2540 			/* now, copy it into the user buffer */
2541 			error = uiomove((caddr_t)kbuf,
2542 			    MIN(size, uiop->uio_resid),
2543 			    UIO_READ, uiop);
2544 		}
2545 		rw_exit(&ip->i_contents);
2546 		rw_exit(&ip->i_rwlock);
2547 	}
2548 out:
2549 	if (ulp) {
2550 		ufs_lockfs_end(ulp);
2551 	}
2552 nolockout:
2553 	return (error);
2554 }
2555 
2556 /* ARGSUSED */
2557 static int
2558 ufs_fsync(struct vnode *vp, int syncflag, struct cred *cr,
2559 	caller_context_t *ct)
2560 {
2561 	struct inode *ip = VTOI(vp);
2562 	struct ufsvfs *ufsvfsp = ip->i_ufsvfs;
2563 	struct ulockfs *ulp;
2564 	int error;
2565 
2566 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_FSYNC_MASK);
2567 	if (error)
2568 		return (error);
2569 
2570 	if (TRANS_ISTRANS(ufsvfsp)) {
2571 		/*
2572 		 * First push out any data pages
2573 		 */
2574 		if (vn_has_cached_data(vp) && !(syncflag & FNODSYNC) &&
2575 		    (vp->v_type != VCHR) && !(IS_SWAPVP(vp))) {
2576 			error = VOP_PUTPAGE(vp, (offset_t)0, (size_t)0,
2577 			    0, CRED(), ct);
2578 			if (error)
2579 				goto out;
2580 		}
2581 
2582 		/*
2583 		 * Delta any delayed inode times updates
2584 		 * and push inode to log.
2585 		 * All other inode deltas will have already been delta'd
2586 		 * and will be pushed during the commit.
2587 		 */
2588 		if (!(syncflag & FDSYNC) &&
2589 		    ((ip->i_flag & (IMOD|IMODACC)) == IMODACC)) {
2590 			if (ulp) {
2591 				TRANS_BEGIN_ASYNC(ufsvfsp, TOP_FSYNC,
2592 				    TOP_SYNCIP_SIZE);
2593 			}
2594 			rw_enter(&ip->i_contents, RW_READER);
2595 			mutex_enter(&ip->i_tlock);
2596 			ip->i_flag &= ~IMODTIME;
2597 			mutex_exit(&ip->i_tlock);
2598 			ufs_iupdat(ip, I_SYNC);
2599 			rw_exit(&ip->i_contents);
2600 			if (ulp) {
2601 				TRANS_END_ASYNC(ufsvfsp, TOP_FSYNC,
2602 				    TOP_SYNCIP_SIZE);
2603 			}
2604 		}
2605 
2606 		/*
2607 		 * Commit the Moby transaction
2608 		 *
2609 		 * Deltas have already been made so we just need to
2610 		 * commit them with a synchronous transaction.
2611 		 * TRANS_BEGIN_SYNC() will return an error
2612 		 * if there are no deltas to commit, for an
2613 		 * empty transaction.
2614 		 */
2615 		if (ulp) {
2616 			TRANS_BEGIN_SYNC(ufsvfsp, TOP_FSYNC, TOP_COMMIT_SIZE,
2617 			    error);
2618 			if (error) {
2619 				error = 0; /* commit wasn't needed */
2620 				goto out;
2621 			}
2622 			TRANS_END_SYNC(ufsvfsp, error, TOP_FSYNC,
2623 			    TOP_COMMIT_SIZE);
2624 		}
2625 	} else {	/* not logging */
2626 		if (!(IS_SWAPVP(vp)))
2627 			if (syncflag & FNODSYNC) {
2628 				/* Just update the inode only */
2629 				TRANS_IUPDAT(ip, 1);
2630 				error = 0;
2631 			} else if (syncflag & FDSYNC)
2632 				/* Do data-synchronous writes */
2633 				error = TRANS_SYNCIP(ip, 0, I_DSYNC, TOP_FSYNC);
2634 			else
2635 				/* Do synchronous writes */
2636 				error = TRANS_SYNCIP(ip, 0, I_SYNC, TOP_FSYNC);
2637 
2638 		rw_enter(&ip->i_contents, RW_WRITER);
2639 		if (!error)
2640 			error = ufs_sync_indir(ip);
2641 		rw_exit(&ip->i_contents);
2642 	}
2643 out:
2644 	if (ulp) {
2645 		ufs_lockfs_end(ulp);
2646 	}
2647 	return (error);
2648 }
2649 
2650 /*ARGSUSED*/
2651 static void
2652 ufs_inactive(struct vnode *vp, struct cred *cr, caller_context_t *ct)
2653 {
2654 	ufs_iinactive(VTOI(vp));
2655 }
2656 
2657 /*
2658  * Unix file system operations having to do with directory manipulation.
2659  */
2660 int ufs_lookup_idle_count = 2;	/* Number of inodes to idle each time */
2661 /* ARGSUSED */
2662 static int
2663 ufs_lookup(struct vnode *dvp, char *nm, struct vnode **vpp,
2664 	struct pathname *pnp, int flags, struct vnode *rdir, struct cred *cr,
2665 	caller_context_t *ct, int *direntflags, pathname_t *realpnp)
2666 {
2667 	struct inode *ip;
2668 	struct inode *sip;
2669 	struct inode *xip;
2670 	struct ufsvfs *ufsvfsp;
2671 	struct ulockfs *ulp;
2672 	struct vnode *vp;
2673 	int error;
2674 
2675 	/*
2676 	 * Check flags for type of lookup (regular file or attribute file)
2677 	 */
2678 
2679 	ip = VTOI(dvp);
2680 
2681 	if (flags & LOOKUP_XATTR) {
2682 
2683 		/*
2684 		 * If not mounted with XATTR support then return EINVAL
2685 		 */
2686 
2687 		if (!(ip->i_ufsvfs->vfs_vfs->vfs_flag & VFS_XATTR))
2688 			return (EINVAL);
2689 		/*
2690 		 * We don't allow recursive attributes...
2691 		 * Maybe someday we will.
2692 		 */
2693 		if ((ip->i_cflags & IXATTR)) {
2694 			return (EINVAL);
2695 		}
2696 
2697 		if ((vp = dnlc_lookup(dvp, XATTR_DIR_NAME)) == NULL) {
2698 			error = ufs_xattr_getattrdir(dvp, &sip, flags, cr);
2699 			if (error) {
2700 				*vpp = NULL;
2701 				goto out;
2702 			}
2703 
2704 			vp = ITOV(sip);
2705 			dnlc_update(dvp, XATTR_DIR_NAME, vp);
2706 		}
2707 
2708 		/*
2709 		 * Check accessibility of directory.
2710 		 */
2711 		if (vp == DNLC_NO_VNODE) {
2712 			VN_RELE(vp);
2713 			error = ENOENT;
2714 			goto out;
2715 		}
2716 		if ((error = ufs_iaccess(VTOI(vp), IEXEC, cr)) != 0) {
2717 			VN_RELE(vp);
2718 			goto out;
2719 		}
2720 
2721 		*vpp = vp;
2722 		return (0);
2723 	}
2724 
2725 	/*
2726 	 * Check for a null component, which we should treat as
2727 	 * looking at dvp from within it's parent, so we don't
2728 	 * need a call to ufs_iaccess(), as it has already been
2729 	 * done.
2730 	 */
2731 	if (nm[0] == 0) {
2732 		VN_HOLD(dvp);
2733 		error = 0;
2734 		*vpp = dvp;
2735 		goto out;
2736 	}
2737 
2738 	/*
2739 	 * Check for "." ie itself. this is a quick check and
2740 	 * avoids adding "." into the dnlc (which have been seen
2741 	 * to occupy >10% of the cache).
2742 	 */
2743 	if ((nm[0] == '.') && (nm[1] == 0)) {
2744 		/*
2745 		 * Don't return without checking accessibility
2746 		 * of the directory. We only need the lock if
2747 		 * we are going to return it.
2748 		 */
2749 		if ((error = ufs_iaccess(ip, IEXEC, cr)) == 0) {
2750 			VN_HOLD(dvp);
2751 			*vpp = dvp;
2752 		}
2753 		goto out;
2754 	}
2755 
2756 	/*
2757 	 * Fast path: Check the directory name lookup cache.
2758 	 */
2759 	if (vp = dnlc_lookup(dvp, nm)) {
2760 		/*
2761 		 * Check accessibility of directory.
2762 		 */
2763 		if ((error = ufs_iaccess(ip, IEXEC, cr)) != 0) {
2764 			VN_RELE(vp);
2765 			goto out;
2766 		}
2767 		if (vp == DNLC_NO_VNODE) {
2768 			VN_RELE(vp);
2769 			error = ENOENT;
2770 			goto out;
2771 		}
2772 		xip = VTOI(vp);
2773 		ulp = NULL;
2774 		goto fastpath;
2775 	}
2776 
2777 	/*
2778 	 * Keep the idle queue from getting too long by
2779 	 * idling two inodes before attempting to allocate another.
2780 	 *    This operation must be performed before entering
2781 	 *    lockfs or a transaction.
2782 	 */
2783 	if (ufs_idle_q.uq_ne > ufs_idle_q.uq_hiwat)
2784 		if ((curthread->t_flag & T_DONTBLOCK) == 0) {
2785 			ins.in_lidles.value.ul += ufs_lookup_idle_count;
2786 			ufs_idle_some(ufs_lookup_idle_count);
2787 		}
2788 
2789 retry_lookup:
2790 	ufsvfsp = ip->i_ufsvfs;
2791 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_LOOKUP_MASK);
2792 	if (error)
2793 		goto out;
2794 
2795 	error = ufs_dirlook(ip, nm, &xip, cr, 1);
2796 
2797 fastpath:
2798 	if (error == 0) {
2799 		ip = xip;
2800 		*vpp = ITOV(ip);
2801 
2802 		/*
2803 		 * If vnode is a device return special vnode instead.
2804 		 */
2805 		if (IS_DEVVP(*vpp)) {
2806 			struct vnode *newvp;
2807 
2808 			newvp = specvp(*vpp, (*vpp)->v_rdev, (*vpp)->v_type,
2809 			    cr);
2810 			VN_RELE(*vpp);
2811 			if (newvp == NULL)
2812 				error = ENOSYS;
2813 			else
2814 				*vpp = newvp;
2815 		}
2816 	}
2817 	if (ulp) {
2818 		ufs_lockfs_end(ulp);
2819 	}
2820 
2821 	if (error == EAGAIN)
2822 		goto retry_lookup;
2823 
2824 out:
2825 	return (error);
2826 }
2827 
2828 /*ARGSUSED*/
2829 static int
2830 ufs_create(struct vnode *dvp, char *name, struct vattr *vap, enum vcexcl excl,
2831 	int mode, struct vnode **vpp, struct cred *cr, int flag,
2832 	caller_context_t *ct, vsecattr_t *vsecp)
2833 {
2834 	struct inode *ip;
2835 	struct inode *xip;
2836 	struct inode *dip;
2837 	struct vnode *xvp;
2838 	struct ufsvfs *ufsvfsp;
2839 	struct ulockfs *ulp;
2840 	int error;
2841 	int issync;
2842 	int truncflag;
2843 	int trans_size;
2844 	int noentry;
2845 	int defer_dip_seq_update = 0;	/* need to defer update of dip->i_seq */
2846 	int retry = 1;
2847 	int indeadlock;
2848 
2849 again:
2850 	ip = VTOI(dvp);
2851 	ufsvfsp = ip->i_ufsvfs;
2852 	truncflag = 0;
2853 
2854 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_CREATE_MASK);
2855 	if (error)
2856 		goto out;
2857 
2858 	if (ulp) {
2859 		trans_size = (int)TOP_CREATE_SIZE(ip);
2860 		TRANS_BEGIN_CSYNC(ufsvfsp, issync, TOP_CREATE, trans_size);
2861 	}
2862 
2863 	if ((vap->va_mode & VSVTX) && secpolicy_vnode_stky_modify(cr) != 0)
2864 		vap->va_mode &= ~VSVTX;
2865 
2866 	if (*name == '\0') {
2867 		/*
2868 		 * Null component name refers to the directory itself.
2869 		 */
2870 		VN_HOLD(dvp);
2871 		/*
2872 		 * Even though this is an error case, we need to grab the
2873 		 * quota lock since the error handling code below is common.
2874 		 */
2875 		rw_enter(&ufsvfsp->vfs_dqrwlock, RW_READER);
2876 		rw_enter(&ip->i_contents, RW_WRITER);
2877 		error = EEXIST;
2878 	} else {
2879 		xip = NULL;
2880 		noentry = 0;
2881 		/*
2882 		 * ufs_tryirwlock_trans uses rw_tryenter and checks for SLOCK
2883 		 * to avoid i_rwlock, ufs_lockfs_begin deadlock. If deadlock
2884 		 * possible, retries the operation.
2885 		 */
2886 		ufs_tryirwlock_trans(&ip->i_rwlock, RW_WRITER, TOP_CREATE,
2887 		    retry_dir);
2888 		if (indeadlock)
2889 			goto again;
2890 
2891 		xvp = dnlc_lookup(dvp, name);
2892 		if (xvp == DNLC_NO_VNODE) {
2893 			noentry = 1;
2894 			VN_RELE(xvp);
2895 			xvp = NULL;
2896 		}
2897 		if (xvp) {
2898 			rw_exit(&ip->i_rwlock);
2899 			if (error = ufs_iaccess(ip, IEXEC, cr)) {
2900 				VN_RELE(xvp);
2901 			} else {
2902 				error = EEXIST;
2903 				xip = VTOI(xvp);
2904 			}
2905 		} else {
2906 			/*
2907 			 * Suppress file system full message if we will retry
2908 			 */
2909 			error = ufs_direnter_cm(ip, name, DE_CREATE,
2910 			    vap, &xip, cr, (noentry | (retry ? IQUIET : 0)));
2911 			if (error == EAGAIN) {
2912 				if (ulp) {
2913 					TRANS_END_CSYNC(ufsvfsp, error, issync,
2914 					    TOP_CREATE, trans_size);
2915 					ufs_lockfs_end(ulp);
2916 				}
2917 				goto again;
2918 			}
2919 			rw_exit(&ip->i_rwlock);
2920 		}
2921 		ip = xip;
2922 		if (ip != NULL) {
2923 			rw_enter(&ufsvfsp->vfs_dqrwlock, RW_READER);
2924 			rw_enter(&ip->i_contents, RW_WRITER);
2925 		}
2926 	}
2927 
2928 	/*
2929 	 * If the file already exists and this is a non-exclusive create,
2930 	 * check permissions and allow access for non-directories.
2931 	 * Read-only create of an existing directory is also allowed.
2932 	 * We fail an exclusive create of anything which already exists.
2933 	 */
2934 	if (error == EEXIST) {
2935 		dip = VTOI(dvp);
2936 		if (excl == NONEXCL) {
2937 			if ((((ip->i_mode & IFMT) == IFDIR) ||
2938 			    ((ip->i_mode & IFMT) == IFATTRDIR)) &&
2939 			    (mode & IWRITE))
2940 				error = EISDIR;
2941 			else if (mode)
2942 				error = ufs_iaccess(ip, mode, cr);
2943 			else
2944 				error = 0;
2945 		}
2946 		if (error) {
2947 			rw_exit(&ip->i_contents);
2948 			rw_exit(&ufsvfsp->vfs_dqrwlock);
2949 			VN_RELE(ITOV(ip));
2950 			goto unlock;
2951 		}
2952 		/*
2953 		 * If the error EEXIST was set, then i_seq can not
2954 		 * have been updated. The sequence number interface
2955 		 * is defined such that a non-error VOP_CREATE must
2956 		 * increase the dir va_seq it by at least one. If we
2957 		 * have cleared the error, increase i_seq. Note that
2958 		 * we are increasing the dir i_seq and in rare cases
2959 		 * ip may actually be from the dvp, so we already have
2960 		 * the locks and it will not be subject to truncation.
2961 		 * In case we have to update i_seq of the parent
2962 		 * directory dip, we have to defer it till we have
2963 		 * released our locks on ip due to lock ordering requirements.
2964 		 */
2965 		if (ip != dip)
2966 			defer_dip_seq_update = 1;
2967 		else
2968 			ip->i_seq++;
2969 
2970 		if (((ip->i_mode & IFMT) == IFREG) &&
2971 		    (vap->va_mask & AT_SIZE) && vap->va_size == 0) {
2972 			/*
2973 			 * Truncate regular files, if requested by caller.
2974 			 * Grab i_rwlock to make sure no one else is
2975 			 * currently writing to the file (we promised
2976 			 * bmap we would do this).
2977 			 * Must get the locks in the correct order.
2978 			 */
2979 			if (ip->i_size == 0) {
2980 				ip->i_flag |= ICHG | IUPD;
2981 				ip->i_seq++;
2982 				TRANS_INODE(ufsvfsp, ip);
2983 			} else {
2984 				/*
2985 				 * Large Files: Why this check here?
2986 				 * Though we do it in vn_create() we really
2987 				 * want to guarantee that we do not destroy
2988 				 * Large file data by atomically checking
2989 				 * the size while holding the contents
2990 				 * lock.
2991 				 */
2992 				if (flag && !(flag & FOFFMAX) &&
2993 				    ((ip->i_mode & IFMT) == IFREG) &&
2994 				    (ip->i_size > (offset_t)MAXOFF32_T)) {
2995 					rw_exit(&ip->i_contents);
2996 					rw_exit(&ufsvfsp->vfs_dqrwlock);
2997 					error = EOVERFLOW;
2998 					goto unlock;
2999 				}
3000 				if (TRANS_ISTRANS(ufsvfsp))
3001 					truncflag++;
3002 				else {
3003 					rw_exit(&ip->i_contents);
3004 					rw_exit(&ufsvfsp->vfs_dqrwlock);
3005 					ufs_tryirwlock_trans(&ip->i_rwlock,
3006 					    RW_WRITER, TOP_CREATE,
3007 					    retry_file);
3008 					if (indeadlock) {
3009 						VN_RELE(ITOV(ip));
3010 						goto again;
3011 					}
3012 					rw_enter(&ufsvfsp->vfs_dqrwlock,
3013 					    RW_READER);
3014 					rw_enter(&ip->i_contents, RW_WRITER);
3015 					(void) ufs_itrunc(ip, (u_offset_t)0, 0,
3016 					    cr);
3017 					rw_exit(&ip->i_rwlock);
3018 				}
3019 
3020 			}
3021 			if (error == 0) {
3022 				vnevent_create(ITOV(ip), ct);
3023 			}
3024 		}
3025 	}
3026 
3027 	if (error) {
3028 		if (ip != NULL) {
3029 			rw_exit(&ufsvfsp->vfs_dqrwlock);
3030 			rw_exit(&ip->i_contents);
3031 		}
3032 		goto unlock;
3033 	}
3034 
3035 	*vpp = ITOV(ip);
3036 	ITIMES(ip);
3037 	rw_exit(&ip->i_contents);
3038 	rw_exit(&ufsvfsp->vfs_dqrwlock);
3039 
3040 	/*
3041 	 * If vnode is a device return special vnode instead.
3042 	 */
3043 	if (!error && IS_DEVVP(*vpp)) {
3044 		struct vnode *newvp;
3045 
3046 		newvp = specvp(*vpp, (*vpp)->v_rdev, (*vpp)->v_type, cr);
3047 		VN_RELE(*vpp);
3048 		if (newvp == NULL) {
3049 			error = ENOSYS;
3050 			goto unlock;
3051 		}
3052 		truncflag = 0;
3053 		*vpp = newvp;
3054 	}
3055 unlock:
3056 
3057 	/*
3058 	 * Do the deferred update of the parent directory's sequence
3059 	 * number now.
3060 	 */
3061 	if (defer_dip_seq_update == 1) {
3062 		rw_enter(&dip->i_contents, RW_READER);
3063 		mutex_enter(&dip->i_tlock);
3064 		dip->i_seq++;
3065 		mutex_exit(&dip->i_tlock);
3066 		rw_exit(&dip->i_contents);
3067 	}
3068 
3069 	if (ulp) {
3070 		int terr = 0;
3071 
3072 		TRANS_END_CSYNC(ufsvfsp, terr, issync, TOP_CREATE,
3073 		    trans_size);
3074 
3075 		/*
3076 		 * If we haven't had a more interesting failure
3077 		 * already, then anything that might've happened
3078 		 * here should be reported.
3079 		 */
3080 		if (error == 0)
3081 			error = terr;
3082 	}
3083 
3084 	if (!error && truncflag) {
3085 		ufs_tryirwlock(&ip->i_rwlock, RW_WRITER, retry_trunc);
3086 		if (indeadlock) {
3087 			if (ulp)
3088 				ufs_lockfs_end(ulp);
3089 			VN_RELE(ITOV(ip));
3090 			goto again;
3091 		}
3092 		(void) TRANS_ITRUNC(ip, (u_offset_t)0, 0, cr);
3093 		rw_exit(&ip->i_rwlock);
3094 	}
3095 
3096 	if (ulp)
3097 		ufs_lockfs_end(ulp);
3098 
3099 	/*
3100 	 * If no inodes available, try to free one up out of the
3101 	 * pending delete queue.
3102 	 */
3103 	if ((error == ENOSPC) && retry && TRANS_ISTRANS(ufsvfsp)) {
3104 		ufs_delete_drain_wait(ufsvfsp, 1);
3105 		retry = 0;
3106 		goto again;
3107 	}
3108 
3109 out:
3110 	return (error);
3111 }
3112 
3113 extern int ufs_idle_max;
3114 /*ARGSUSED*/
3115 static int
3116 ufs_remove(struct vnode *vp, char *nm, struct cred *cr,
3117 	caller_context_t *ct, int flags)
3118 {
3119 	struct inode *ip = VTOI(vp);
3120 	struct ufsvfs *ufsvfsp	= ip->i_ufsvfs;
3121 	struct ulockfs *ulp;
3122 	vnode_t *rmvp = NULL;	/* Vnode corresponding to name being removed */
3123 	int indeadlock;
3124 	int error;
3125 	int issync;
3126 	int trans_size;
3127 
3128 	/*
3129 	 * don't let the delete queue get too long
3130 	 */
3131 	if (ufsvfsp == NULL) {
3132 		error = EIO;
3133 		goto out;
3134 	}
3135 	if (ufsvfsp->vfs_delete.uq_ne > ufs_idle_max)
3136 		ufs_delete_drain(vp->v_vfsp, 1, 1);
3137 
3138 retry_remove:
3139 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_REMOVE_MASK);
3140 	if (error)
3141 		goto out;
3142 
3143 	if (ulp)
3144 		TRANS_BEGIN_CSYNC(ufsvfsp, issync, TOP_REMOVE,
3145 		    trans_size = (int)TOP_REMOVE_SIZE(VTOI(vp)));
3146 
3147 	/*
3148 	 * ufs_tryirwlock_trans uses rw_tryenter and checks for SLOCK
3149 	 * to avoid i_rwlock, ufs_lockfs_begin deadlock. If deadlock
3150 	 * possible, retries the operation.
3151 	 */
3152 	ufs_tryirwlock_trans(&ip->i_rwlock, RW_WRITER, TOP_REMOVE, retry);
3153 	if (indeadlock)
3154 		goto retry_remove;
3155 	error = ufs_dirremove(ip, nm, (struct inode *)0, (struct vnode *)0,
3156 	    DR_REMOVE, cr, &rmvp);
3157 	rw_exit(&ip->i_rwlock);
3158 
3159 	if (ulp) {
3160 		TRANS_END_CSYNC(ufsvfsp, error, issync, TOP_REMOVE, trans_size);
3161 		ufs_lockfs_end(ulp);
3162 	}
3163 
3164 	/*
3165 	 * This must be called after the remove transaction is closed.
3166 	 */
3167 	if (rmvp != NULL) {
3168 		/* Only send the event if there were no errors */
3169 		if (error == 0)
3170 			vnevent_remove(rmvp, vp, nm, ct);
3171 		VN_RELE(rmvp);
3172 	}
3173 out:
3174 	return (error);
3175 }
3176 
3177 /*
3178  * Link a file or a directory.  Only privileged processes are allowed to
3179  * make links to directories.
3180  */
3181 /*ARGSUSED*/
3182 static int
3183 ufs_link(struct vnode *tdvp, struct vnode *svp, char *tnm, struct cred *cr,
3184 	caller_context_t *ct, int flags)
3185 {
3186 	struct inode *sip;
3187 	struct inode *tdp = VTOI(tdvp);
3188 	struct ufsvfs *ufsvfsp = tdp->i_ufsvfs;
3189 	struct ulockfs *ulp;
3190 	struct vnode *realvp;
3191 	int error;
3192 	int issync;
3193 	int trans_size;
3194 	int isdev;
3195 	int indeadlock;
3196 
3197 retry_link:
3198 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_LINK_MASK);
3199 	if (error)
3200 		goto out;
3201 
3202 	if (ulp)
3203 		TRANS_BEGIN_CSYNC(ufsvfsp, issync, TOP_LINK,
3204 		    trans_size = (int)TOP_LINK_SIZE(VTOI(tdvp)));
3205 
3206 	if (VOP_REALVP(svp, &realvp, ct) == 0)
3207 		svp = realvp;
3208 
3209 	/*
3210 	 * Make sure link for extended attributes is valid
3211 	 * We only support hard linking of attr in ATTRDIR to ATTRDIR
3212 	 *
3213 	 * Make certain we don't attempt to look at a device node as
3214 	 * a ufs inode.
3215 	 */
3216 
3217 	isdev = IS_DEVVP(svp);
3218 	if (((isdev == 0) && ((VTOI(svp)->i_cflags & IXATTR) == 0) &&
3219 	    ((tdp->i_mode & IFMT) == IFATTRDIR)) ||
3220 	    ((isdev == 0) && (VTOI(svp)->i_cflags & IXATTR) &&
3221 	    ((tdp->i_mode & IFMT) == IFDIR))) {
3222 		error = EINVAL;
3223 		goto unlock;
3224 	}
3225 
3226 	sip = VTOI(svp);
3227 	if ((svp->v_type == VDIR &&
3228 	    secpolicy_fs_linkdir(cr, ufsvfsp->vfs_vfs) != 0) ||
3229 	    (sip->i_uid != crgetuid(cr) && secpolicy_basic_link(cr) != 0)) {
3230 		error = EPERM;
3231 		goto unlock;
3232 	}
3233 
3234 	/*
3235 	 * ufs_tryirwlock_trans uses rw_tryenter and checks for SLOCK
3236 	 * to avoid i_rwlock, ufs_lockfs_begin deadlock. If deadlock
3237 	 * possible, retries the operation.
3238 	 */
3239 	ufs_tryirwlock_trans(&tdp->i_rwlock, RW_WRITER, TOP_LINK, retry);
3240 	if (indeadlock)
3241 		goto retry_link;
3242 	error = ufs_direnter_lr(tdp, tnm, DE_LINK, (struct inode *)0,
3243 	    sip, cr, NULL);
3244 	rw_exit(&tdp->i_rwlock);
3245 
3246 unlock:
3247 	if (ulp) {
3248 		TRANS_END_CSYNC(ufsvfsp, error, issync, TOP_LINK, trans_size);
3249 		ufs_lockfs_end(ulp);
3250 	}
3251 
3252 	if (!error) {
3253 		vnevent_link(svp, ct);
3254 	}
3255 out:
3256 	return (error);
3257 }
3258 
3259 uint64_t ufs_rename_retry_cnt;
3260 uint64_t ufs_rename_upgrade_retry_cnt;
3261 uint64_t ufs_rename_dircheck_retry_cnt;
3262 clock_t	 ufs_rename_backoff_delay = 1;
3263 
3264 /*
3265  * Rename a file or directory.
3266  * We are given the vnode and entry string of the source and the
3267  * vnode and entry string of the place we want to move the source
3268  * to (the target). The essential operation is:
3269  *	unlink(target);
3270  *	link(source, target);
3271  *	unlink(source);
3272  * but "atomically".  Can't do full commit without saving state in
3273  * the inode on disk, which isn't feasible at this time.  Best we
3274  * can do is always guarantee that the TARGET exists.
3275  */
3276 
3277 /*ARGSUSED*/
3278 static int
3279 ufs_rename(
3280 	struct vnode *sdvp,		/* old (source) parent vnode */
3281 	char *snm,			/* old (source) entry name */
3282 	struct vnode *tdvp,		/* new (target) parent vnode */
3283 	char *tnm,			/* new (target) entry name */
3284 	struct cred *cr,
3285 	caller_context_t *ct,
3286 	int flags)
3287 {
3288 	struct inode *sip = NULL;	/* source inode */
3289 	struct inode *ip = NULL;	/* check inode */
3290 	struct inode *sdp;		/* old (source) parent inode */
3291 	struct inode *tdp;		/* new (target) parent inode */
3292 	struct vnode *tvp = NULL;	/* target vnode, if it exists */
3293 	struct vnode *realvp;
3294 	struct ufsvfs *ufsvfsp;
3295 	struct ulockfs *ulp;
3296 	struct ufs_slot slot;
3297 	timestruc_t now;
3298 	int error;
3299 	int issync;
3300 	int trans_size;
3301 	krwlock_t *first_lock;
3302 	krwlock_t *second_lock;
3303 	krwlock_t *reverse_lock;
3304 
3305 	sdp = VTOI(sdvp);
3306 	slot.fbp = NULL;
3307 	ufsvfsp = sdp->i_ufsvfs;
3308 retry_rename:
3309 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_RENAME_MASK);
3310 	if (error)
3311 		goto out;
3312 
3313 	if (ulp)
3314 		TRANS_BEGIN_CSYNC(ufsvfsp, issync, TOP_RENAME,
3315 		    trans_size = (int)TOP_RENAME_SIZE(sdp));
3316 
3317 	if (VOP_REALVP(tdvp, &realvp, ct) == 0)
3318 		tdvp = realvp;
3319 
3320 	tdp = VTOI(tdvp);
3321 
3322 
3323 	/*
3324 	 * We only allow renaming of attributes from ATTRDIR to ATTRDIR.
3325 	 */
3326 	if ((tdp->i_mode & IFMT) != (sdp->i_mode & IFMT)) {
3327 		error = EINVAL;
3328 		goto unlock;
3329 	}
3330 
3331 	/*
3332 	 * Look up inode of file we're supposed to rename.
3333 	 */
3334 	gethrestime(&now);
3335 	if (error = ufs_dirlook(sdp, snm, &sip, cr, 0)) {
3336 		if (error == EAGAIN) {
3337 			if (ulp) {
3338 				TRANS_END_CSYNC(ufsvfsp, error, issync,
3339 				    TOP_RENAME, trans_size);
3340 				ufs_lockfs_end(ulp);
3341 			}
3342 			goto retry_rename;
3343 		}
3344 
3345 		goto unlock;
3346 	}
3347 
3348 	/*
3349 	 * Lock both the source and target directories (they may be
3350 	 * the same) to provide the atomicity semantics that was
3351 	 * previously provided by the per file system vfs_rename_lock
3352 	 *
3353 	 * with vfs_rename_lock removed to allow simultaneous renames
3354 	 * within a file system, ufs_dircheckpath can deadlock while
3355 	 * traversing back to ensure that source is not a parent directory
3356 	 * of target parent directory. This is because we get into
3357 	 * ufs_dircheckpath with the sdp and tdp locks held as RW_WRITER.
3358 	 * If the tdp and sdp of the simultaneous renames happen to be
3359 	 * in the path of each other, it can lead to a deadlock. This
3360 	 * can be avoided by getting the locks as RW_READER here and then
3361 	 * upgrading to RW_WRITER after completing the ufs_dircheckpath.
3362 	 *
3363 	 * We hold the target directory's i_rwlock after calling
3364 	 * ufs_lockfs_begin but in many other operations (like ufs_readdir)
3365 	 * VOP_RWLOCK is explicitly called by the filesystem independent code
3366 	 * before calling the file system operation. In these cases the order
3367 	 * is reversed (i.e i_rwlock is taken first and then ufs_lockfs_begin
3368 	 * is called). This is fine as long as ufs_lockfs_begin acts as a VOP
3369 	 * counter but with ufs_quiesce setting the SLOCK bit this becomes a
3370 	 * synchronizing object which might lead to a deadlock. So we use
3371 	 * rw_tryenter instead of rw_enter. If we fail to get this lock and
3372 	 * find that SLOCK bit is set, we call ufs_lockfs_end and restart the
3373 	 * operation.
3374 	 */
3375 retry:
3376 	first_lock = &tdp->i_rwlock;
3377 	second_lock = &sdp->i_rwlock;
3378 retry_firstlock:
3379 	if (!rw_tryenter(first_lock, RW_READER)) {
3380 		/*
3381 		 * We didn't get the lock. Check if the SLOCK is set in the
3382 		 * ufsvfs. If yes, we might be in a deadlock. Safer to give up
3383 		 * and wait for SLOCK to be cleared.
3384 		 */
3385 
3386 		if (ulp && ULOCKFS_IS_SLOCK(ulp)) {
3387 			TRANS_END_CSYNC(ufsvfsp, error, issync, TOP_RENAME,
3388 			    trans_size);
3389 			ufs_lockfs_end(ulp);
3390 			goto retry_rename;
3391 
3392 		} else {
3393 			/*
3394 			 * SLOCK isn't set so this is a genuine synchronization
3395 			 * case. Let's try again after giving them a breather.
3396 			 */
3397 			delay(RETRY_LOCK_DELAY);
3398 			goto  retry_firstlock;
3399 		}
3400 	}
3401 	/*
3402 	 * Need to check if the tdp and sdp are same !!!
3403 	 */
3404 	if ((tdp != sdp) && (!rw_tryenter(second_lock, RW_READER))) {
3405 		/*
3406 		 * We didn't get the lock. Check if the SLOCK is set in the
3407 		 * ufsvfs. If yes, we might be in a deadlock. Safer to give up
3408 		 * and wait for SLOCK to be cleared.
3409 		 */
3410 
3411 		rw_exit(first_lock);
3412 		if (ulp && ULOCKFS_IS_SLOCK(ulp)) {
3413 			TRANS_END_CSYNC(ufsvfsp, error, issync, TOP_RENAME,
3414 			    trans_size);
3415 			ufs_lockfs_end(ulp);
3416 			goto retry_rename;
3417 
3418 		} else {
3419 			/*
3420 			 * So we couldn't get the second level peer lock *and*
3421 			 * the SLOCK bit isn't set. Too bad we can be
3422 			 * contentding with someone wanting these locks otherway
3423 			 * round. Reverse the locks in case there is a heavy
3424 			 * contention for the second level lock.
3425 			 */
3426 			reverse_lock = first_lock;
3427 			first_lock = second_lock;
3428 			second_lock = reverse_lock;
3429 			ufs_rename_retry_cnt++;
3430 			goto  retry_firstlock;
3431 		}
3432 	}
3433 
3434 	if (sip == tdp) {
3435 		error = EINVAL;
3436 		goto errout;
3437 	}
3438 	/*
3439 	 * Make sure we can delete the source entry.  This requires
3440 	 * write permission on the containing directory.
3441 	 * Check for sticky directories.
3442 	 */
3443 	rw_enter(&sdp->i_contents, RW_READER);
3444 	rw_enter(&sip->i_contents, RW_READER);
3445 	if ((error = ufs_iaccess(sdp, IWRITE, cr)) != 0 ||
3446 	    (error = ufs_sticky_remove_access(sdp, sip, cr)) != 0) {
3447 		rw_exit(&sip->i_contents);
3448 		rw_exit(&sdp->i_contents);
3449 		goto errout;
3450 	}
3451 
3452 	/*
3453 	 * If this is a rename of a directory and the parent is
3454 	 * different (".." must be changed), then the source
3455 	 * directory must not be in the directory hierarchy
3456 	 * above the target, as this would orphan everything
3457 	 * below the source directory.  Also the user must have
3458 	 * write permission in the source so as to be able to
3459 	 * change "..".
3460 	 */
3461 	if ((((sip->i_mode & IFMT) == IFDIR) ||
3462 	    ((sip->i_mode & IFMT) == IFATTRDIR)) && sdp != tdp) {
3463 		ino_t	inum;
3464 
3465 		if ((error = ufs_iaccess(sip, IWRITE, cr))) {
3466 			rw_exit(&sip->i_contents);
3467 			rw_exit(&sdp->i_contents);
3468 			goto errout;
3469 		}
3470 		inum = sip->i_number;
3471 		rw_exit(&sip->i_contents);
3472 		rw_exit(&sdp->i_contents);
3473 		if ((error = ufs_dircheckpath(inum, tdp, sdp, cr))) {
3474 			/*
3475 			 * If we got EAGAIN ufs_dircheckpath detected a
3476 			 * potential deadlock and backed out. We need
3477 			 * to retry the operation since sdp and tdp have
3478 			 * to be released to avoid the deadlock.
3479 			 */
3480 			if (error == EAGAIN) {
3481 				rw_exit(&tdp->i_rwlock);
3482 				if (tdp != sdp)
3483 					rw_exit(&sdp->i_rwlock);
3484 				delay(ufs_rename_backoff_delay);
3485 				ufs_rename_dircheck_retry_cnt++;
3486 				goto retry;
3487 			}
3488 			goto errout;
3489 		}
3490 	} else {
3491 		rw_exit(&sip->i_contents);
3492 		rw_exit(&sdp->i_contents);
3493 	}
3494 
3495 
3496 	/*
3497 	 * Check for renaming '.' or '..' or alias of '.'
3498 	 */
3499 	if (strcmp(snm, ".") == 0 || strcmp(snm, "..") == 0 || sdp == sip) {
3500 		error = EINVAL;
3501 		goto errout;
3502 	}
3503 
3504 	/*
3505 	 * Simultaneous renames can deadlock in ufs_dircheckpath since it
3506 	 * tries to traverse back the file tree with both tdp and sdp held
3507 	 * as RW_WRITER. To avoid that we have to hold the tdp and sdp locks
3508 	 * as RW_READERS  till ufs_dircheckpath is done.
3509 	 * Now that ufs_dircheckpath is done with, we can upgrade the locks
3510 	 * to RW_WRITER.
3511 	 */
3512 	if (!rw_tryupgrade(&tdp->i_rwlock)) {
3513 		/*
3514 		 * The upgrade failed. We got to give away the lock
3515 		 * as to avoid deadlocking with someone else who is
3516 		 * waiting for writer lock. With the lock gone, we
3517 		 * cannot be sure the checks done above will hold
3518 		 * good when we eventually get them back as writer.
3519 		 * So if we can't upgrade we drop the locks and retry
3520 		 * everything again.
3521 		 */
3522 		rw_exit(&tdp->i_rwlock);
3523 		if (tdp != sdp)
3524 			rw_exit(&sdp->i_rwlock);
3525 		delay(ufs_rename_backoff_delay);
3526 		ufs_rename_upgrade_retry_cnt++;
3527 		goto retry;
3528 	}
3529 	if (tdp != sdp) {
3530 		if (!rw_tryupgrade(&sdp->i_rwlock)) {
3531 			/*
3532 			 * The upgrade failed. We got to give away the lock
3533 			 * as to avoid deadlocking with someone else who is
3534 			 * waiting for writer lock. With the lock gone, we
3535 			 * cannot be sure the checks done above will hold
3536 			 * good when we eventually get them back as writer.
3537 			 * So if we can't upgrade we drop the locks and retry
3538 			 * everything again.
3539 			 */
3540 			rw_exit(&tdp->i_rwlock);
3541 			rw_exit(&sdp->i_rwlock);
3542 			delay(ufs_rename_backoff_delay);
3543 			ufs_rename_upgrade_retry_cnt++;
3544 			goto retry;
3545 		}
3546 	}
3547 
3548 	/*
3549 	 * Now that all the locks are held check to make sure another thread
3550 	 * didn't slip in and take out the sip.
3551 	 */
3552 	slot.status = NONE;
3553 	if ((sip->i_ctime.tv_usec * 1000) > now.tv_nsec ||
3554 	    sip->i_ctime.tv_sec > now.tv_sec) {
3555 		rw_enter(&sdp->i_ufsvfs->vfs_dqrwlock, RW_READER);
3556 		rw_enter(&sdp->i_contents, RW_WRITER);
3557 		error = ufs_dircheckforname(sdp, snm, strlen(snm), &slot,
3558 		    &ip, cr, 0);
3559 		rw_exit(&sdp->i_contents);
3560 		rw_exit(&sdp->i_ufsvfs->vfs_dqrwlock);
3561 		if (error) {
3562 			goto errout;
3563 		}
3564 		if (ip == NULL) {
3565 			error = ENOENT;
3566 			goto errout;
3567 		} else {
3568 			/*
3569 			 * If the inode was found need to drop the v_count
3570 			 * so as not to keep the filesystem from being
3571 			 * unmounted at a later time.
3572 			 */
3573 			VN_RELE(ITOV(ip));
3574 		}
3575 
3576 		/*
3577 		 * Release the slot.fbp that has the page mapped and
3578 		 * locked SE_SHARED, and could be used in in
3579 		 * ufs_direnter_lr() which needs to get the SE_EXCL lock
3580 		 * on said page.
3581 		 */
3582 		if (slot.fbp) {
3583 			fbrelse(slot.fbp, S_OTHER);
3584 			slot.fbp = NULL;
3585 		}
3586 	}
3587 
3588 	/*
3589 	 * Link source to the target.  If a target exists, return its
3590 	 * vnode pointer in tvp.  We'll release it after sending the
3591 	 * vnevent.
3592 	 */
3593 	if (error = ufs_direnter_lr(tdp, tnm, DE_RENAME, sdp, sip, cr, &tvp)) {
3594 		/*
3595 		 * ESAME isn't really an error; it indicates that the
3596 		 * operation should not be done because the source and target
3597 		 * are the same file, but that no error should be reported.
3598 		 */
3599 		if (error == ESAME)
3600 			error = 0;
3601 		goto errout;
3602 	}
3603 
3604 	/*
3605 	 * Unlink the source.
3606 	 * Remove the source entry.  ufs_dirremove() checks that the entry
3607 	 * still reflects sip, and returns an error if it doesn't.
3608 	 * If the entry has changed just forget about it.  Release
3609 	 * the source inode.
3610 	 */
3611 	if ((error = ufs_dirremove(sdp, snm, sip, (struct vnode *)0,
3612 	    DR_RENAME, cr, NULL)) == ENOENT)
3613 		error = 0;
3614 
3615 errout:
3616 	if (slot.fbp)
3617 		fbrelse(slot.fbp, S_OTHER);
3618 
3619 	rw_exit(&tdp->i_rwlock);
3620 	if (sdp != tdp) {
3621 		rw_exit(&sdp->i_rwlock);
3622 	}
3623 
3624 unlock:
3625 	if (ulp) {
3626 		TRANS_END_CSYNC(ufsvfsp, error, issync, TOP_RENAME, trans_size);
3627 		ufs_lockfs_end(ulp);
3628 	}
3629 
3630 	/*
3631 	 * If no errors, send the appropriate events on the source
3632 	 * and destination (a.k.a, target) vnodes, if they exist.
3633 	 * This has to be done after the rename transaction has closed.
3634 	 */
3635 	if (error == 0) {
3636 		if (tvp != NULL)
3637 			vnevent_rename_dest(tvp, tdvp, tnm, ct);
3638 
3639 		/*
3640 		 * Notify the target directory of the rename event
3641 		 * if source and target directories are not same.
3642 		 */
3643 		if (sdvp != tdvp)
3644 			vnevent_rename_dest_dir(tdvp, ct);
3645 
3646 		/*
3647 		 * Note that if ufs_direnter_lr() returned ESAME then
3648 		 * this event will still be sent.  This isn't expected
3649 		 * to be a problem for anticipated usage by consumers.
3650 		 */
3651 		if (sip != NULL)
3652 			vnevent_rename_src(ITOV(sip), sdvp, snm, ct);
3653 	}
3654 
3655 	if (tvp != NULL)
3656 		VN_RELE(tvp);
3657 
3658 	if (sip != NULL)
3659 		VN_RELE(ITOV(sip));
3660 
3661 out:
3662 	return (error);
3663 }
3664 
3665 /*ARGSUSED*/
3666 static int
3667 ufs_mkdir(struct vnode *dvp, char *dirname, struct vattr *vap,
3668 	struct vnode **vpp, struct cred *cr, caller_context_t *ct, int flags,
3669 	vsecattr_t *vsecp)
3670 {
3671 	struct inode *ip;
3672 	struct inode *xip;
3673 	struct ufsvfs *ufsvfsp;
3674 	struct ulockfs *ulp;
3675 	int error;
3676 	int issync;
3677 	int trans_size;
3678 	int indeadlock;
3679 	int retry = 1;
3680 
3681 	ASSERT((vap->va_mask & (AT_TYPE|AT_MODE)) == (AT_TYPE|AT_MODE));
3682 
3683 	/*
3684 	 * Can't make directory in attr hidden dir
3685 	 */
3686 	if ((VTOI(dvp)->i_mode & IFMT) == IFATTRDIR)
3687 		return (EINVAL);
3688 
3689 again:
3690 	ip = VTOI(dvp);
3691 	ufsvfsp = ip->i_ufsvfs;
3692 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_MKDIR_MASK);
3693 	if (error)
3694 		goto out;
3695 	if (ulp)
3696 		TRANS_BEGIN_CSYNC(ufsvfsp, issync, TOP_MKDIR,
3697 		    trans_size = (int)TOP_MKDIR_SIZE(ip));
3698 
3699 	/*
3700 	 * ufs_tryirwlock_trans uses rw_tryenter and checks for SLOCK
3701 	 * to avoid i_rwlock, ufs_lockfs_begin deadlock. If deadlock
3702 	 * possible, retries the operation.
3703 	 */
3704 	ufs_tryirwlock_trans(&ip->i_rwlock, RW_WRITER, TOP_MKDIR, retry);
3705 	if (indeadlock)
3706 		goto again;
3707 
3708 	error = ufs_direnter_cm(ip, dirname, DE_MKDIR, vap, &xip, cr,
3709 	    (retry ? IQUIET : 0));
3710 	if (error == EAGAIN) {
3711 		if (ulp) {
3712 			TRANS_END_CSYNC(ufsvfsp, error, issync, TOP_MKDIR,
3713 			    trans_size);
3714 			ufs_lockfs_end(ulp);
3715 		}
3716 		goto again;
3717 	}
3718 
3719 	rw_exit(&ip->i_rwlock);
3720 	if (error == 0) {
3721 		ip = xip;
3722 		*vpp = ITOV(ip);
3723 	} else if (error == EEXIST)
3724 		VN_RELE(ITOV(xip));
3725 
3726 	if (ulp) {
3727 		int terr = 0;
3728 		TRANS_END_CSYNC(ufsvfsp, terr, issync, TOP_MKDIR, trans_size);
3729 		ufs_lockfs_end(ulp);
3730 		if (error == 0)
3731 			error = terr;
3732 	}
3733 out:
3734 	if ((error == ENOSPC) && retry && TRANS_ISTRANS(ufsvfsp)) {
3735 		ufs_delete_drain_wait(ufsvfsp, 1);
3736 		retry = 0;
3737 		goto again;
3738 	}
3739 
3740 	return (error);
3741 }
3742 
3743 /*ARGSUSED*/
3744 static int
3745 ufs_rmdir(struct vnode *vp, char *nm, struct vnode *cdir, struct cred *cr,
3746 	caller_context_t *ct, int flags)
3747 {
3748 	struct inode *ip = VTOI(vp);
3749 	struct ufsvfs *ufsvfsp = ip->i_ufsvfs;
3750 	struct ulockfs *ulp;
3751 	vnode_t *rmvp = NULL;	/* Vnode of removed directory */
3752 	int error;
3753 	int issync;
3754 	int trans_size;
3755 	int indeadlock;
3756 
3757 	/*
3758 	 * don't let the delete queue get too long
3759 	 */
3760 	if (ufsvfsp == NULL) {
3761 		error = EIO;
3762 		goto out;
3763 	}
3764 	if (ufsvfsp->vfs_delete.uq_ne > ufs_idle_max)
3765 		ufs_delete_drain(vp->v_vfsp, 1, 1);
3766 
3767 retry_rmdir:
3768 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_RMDIR_MASK);
3769 	if (error)
3770 		goto out;
3771 
3772 	if (ulp)
3773 		TRANS_BEGIN_CSYNC(ufsvfsp, issync, TOP_RMDIR,
3774 		    trans_size = TOP_RMDIR_SIZE);
3775 
3776 	/*
3777 	 * ufs_tryirwlock_trans uses rw_tryenter and checks for SLOCK
3778 	 * to avoid i_rwlock, ufs_lockfs_begin deadlock. If deadlock
3779 	 * possible, retries the operation.
3780 	 */
3781 	ufs_tryirwlock_trans(&ip->i_rwlock, RW_WRITER, TOP_RMDIR, retry);
3782 	if (indeadlock)
3783 		goto retry_rmdir;
3784 	error = ufs_dirremove(ip, nm, (struct inode *)0, cdir, DR_RMDIR, cr,
3785 	    &rmvp);
3786 	rw_exit(&ip->i_rwlock);
3787 
3788 	if (ulp) {
3789 		TRANS_END_CSYNC(ufsvfsp, error, issync, TOP_RMDIR,
3790 		    trans_size);
3791 		ufs_lockfs_end(ulp);
3792 	}
3793 
3794 	/*
3795 	 * This must be done AFTER the rmdir transaction has closed.
3796 	 */
3797 	if (rmvp != NULL) {
3798 		/* Only send the event if there were no errors */
3799 		if (error == 0)
3800 			vnevent_rmdir(rmvp, vp, nm, ct);
3801 		VN_RELE(rmvp);
3802 	}
3803 out:
3804 	return (error);
3805 }
3806 
3807 /* ARGSUSED */
3808 static int
3809 ufs_readdir(
3810 	struct vnode *vp,
3811 	struct uio *uiop,
3812 	struct cred *cr,
3813 	int *eofp,
3814 	caller_context_t *ct,
3815 	int flags)
3816 {
3817 	struct iovec *iovp;
3818 	struct inode *ip;
3819 	struct direct *idp;
3820 	struct dirent64 *odp;
3821 	struct fbuf *fbp;
3822 	struct ufsvfs *ufsvfsp;
3823 	struct ulockfs *ulp;
3824 	caddr_t outbuf;
3825 	size_t bufsize;
3826 	uint_t offset;
3827 	uint_t bytes_wanted, total_bytes_wanted;
3828 	int incount = 0;
3829 	int outcount = 0;
3830 	int error;
3831 
3832 	ip = VTOI(vp);
3833 	ASSERT(RW_READ_HELD(&ip->i_rwlock));
3834 
3835 	if (uiop->uio_loffset >= MAXOFF32_T) {
3836 		if (eofp)
3837 			*eofp = 1;
3838 		return (0);
3839 	}
3840 
3841 	/*
3842 	 * Check if we have been called with a valid iov_len
3843 	 * and bail out if not, otherwise we may potentially loop
3844 	 * forever further down.
3845 	 */
3846 	if (uiop->uio_iov->iov_len <= 0) {
3847 		error = EINVAL;
3848 		goto out;
3849 	}
3850 
3851 	/*
3852 	 * Large Files: When we come here we are guaranteed that
3853 	 * uio_offset can be used safely. The high word is zero.
3854 	 */
3855 
3856 	ufsvfsp = ip->i_ufsvfs;
3857 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_READDIR_MASK);
3858 	if (error)
3859 		goto out;
3860 
3861 	iovp = uiop->uio_iov;
3862 	total_bytes_wanted = iovp->iov_len;
3863 
3864 	/* Large Files: directory files should not be "large" */
3865 
3866 	ASSERT(ip->i_size <= MAXOFF32_T);
3867 
3868 	/* Force offset to be valid (to guard against bogus lseek() values) */
3869 	offset = (uint_t)uiop->uio_offset & ~(DIRBLKSIZ - 1);
3870 
3871 	/* Quit if at end of file or link count of zero (posix) */
3872 	if (offset >= (uint_t)ip->i_size || ip->i_nlink <= 0) {
3873 		if (eofp)
3874 			*eofp = 1;
3875 		error = 0;
3876 		goto unlock;
3877 	}
3878 
3879 	/*
3880 	 * Get space to change directory entries into fs independent format.
3881 	 * Do fast alloc for the most commonly used-request size (filesystem
3882 	 * block size).
3883 	 */
3884 	if (uiop->uio_segflg != UIO_SYSSPACE || uiop->uio_iovcnt != 1) {
3885 		bufsize = total_bytes_wanted;
3886 		outbuf = kmem_alloc(bufsize, KM_SLEEP);
3887 		odp = (struct dirent64 *)outbuf;
3888 	} else {
3889 		bufsize = total_bytes_wanted;
3890 		odp = (struct dirent64 *)iovp->iov_base;
3891 	}
3892 
3893 nextblk:
3894 	bytes_wanted = total_bytes_wanted;
3895 
3896 	/* Truncate request to file size */
3897 	if (offset + bytes_wanted > (int)ip->i_size)
3898 		bytes_wanted = (int)(ip->i_size - offset);
3899 
3900 	/* Comply with MAXBSIZE boundary restrictions of fbread() */
3901 	if ((offset & MAXBOFFSET) + bytes_wanted > MAXBSIZE)
3902 		bytes_wanted = MAXBSIZE - (offset & MAXBOFFSET);
3903 
3904 	/*
3905 	 * Read in the next chunk.
3906 	 * We are still holding the i_rwlock.
3907 	 */
3908 	error = fbread(vp, (offset_t)offset, bytes_wanted, S_OTHER, &fbp);
3909 
3910 	if (error)
3911 		goto update_inode;
3912 	if (!ULOCKFS_IS_NOIACC(ITOUL(ip)) && (ip->i_fs->fs_ronly == 0) &&
3913 	    (!ufsvfsp->vfs_noatime)) {
3914 		ip->i_flag |= IACC;
3915 	}
3916 	incount = 0;
3917 	idp = (struct direct *)fbp->fb_addr;
3918 	if (idp->d_ino == 0 && idp->d_reclen == 0 && idp->d_namlen == 0) {
3919 		cmn_err(CE_WARN, "ufs_readdir: bad dir, inumber = %llu, "
3920 		    "fs = %s\n",
3921 		    (u_longlong_t)ip->i_number, ufsvfsp->vfs_fs->fs_fsmnt);
3922 		fbrelse(fbp, S_OTHER);
3923 		error = ENXIO;
3924 		goto update_inode;
3925 	}
3926 	/* Transform to file-system independent format */
3927 	while (incount < bytes_wanted) {
3928 		/*
3929 		 * If the current directory entry is mangled, then skip
3930 		 * to the next block.  It would be nice to set the FSBAD
3931 		 * flag in the super-block so that a fsck is forced on
3932 		 * next reboot, but locking is a problem.
3933 		 */
3934 		if (idp->d_reclen & 0x3) {
3935 			offset = (offset + DIRBLKSIZ) & ~(DIRBLKSIZ-1);
3936 			break;
3937 		}
3938 
3939 		/* Skip to requested offset and skip empty entries */
3940 		if (idp->d_ino != 0 && offset >= (uint_t)uiop->uio_offset) {
3941 			ushort_t this_reclen =
3942 			    DIRENT64_RECLEN(idp->d_namlen);
3943 			/* Buffer too small for any entries */
3944 			if (!outcount && this_reclen > bufsize) {
3945 				fbrelse(fbp, S_OTHER);
3946 				error = EINVAL;
3947 				goto update_inode;
3948 			}
3949 			/* If would overrun the buffer, quit */
3950 			if (outcount + this_reclen > bufsize) {
3951 				break;
3952 			}
3953 			/* Take this entry */
3954 			odp->d_ino = (ino64_t)idp->d_ino;
3955 			odp->d_reclen = (ushort_t)this_reclen;
3956 			odp->d_off = (offset_t)(offset + idp->d_reclen);
3957 
3958 			/* use strncpy(9f) to zero out uninitialized bytes */
3959 
3960 			ASSERT(strlen(idp->d_name) + 1 <=
3961 			    DIRENT64_NAMELEN(this_reclen));
3962 			(void) strncpy(odp->d_name, idp->d_name,
3963 			    DIRENT64_NAMELEN(this_reclen));
3964 			outcount += odp->d_reclen;
3965 			odp = (struct dirent64 *)
3966 			    ((intptr_t)odp + odp->d_reclen);
3967 			ASSERT(outcount <= bufsize);
3968 		}
3969 		if (idp->d_reclen) {
3970 			incount += idp->d_reclen;
3971 			offset += idp->d_reclen;
3972 			idp = (struct direct *)((intptr_t)idp + idp->d_reclen);
3973 		} else {
3974 			offset = (offset + DIRBLKSIZ) & ~(DIRBLKSIZ-1);
3975 			break;
3976 		}
3977 	}
3978 	/* Release the chunk */
3979 	fbrelse(fbp, S_OTHER);
3980 
3981 	/* Read whole block, but got no entries, read another if not eof */
3982 
3983 	/*
3984 	 * Large Files: casting i_size to int here is not a problem
3985 	 * because directory sizes are always less than MAXOFF32_T.
3986 	 * See assertion above.
3987 	 */
3988 
3989 	if (offset < (int)ip->i_size && !outcount)
3990 		goto nextblk;
3991 
3992 	/* Copy out the entry data */
3993 	if (uiop->uio_segflg == UIO_SYSSPACE && uiop->uio_iovcnt == 1) {
3994 		iovp->iov_base += outcount;
3995 		iovp->iov_len -= outcount;
3996 		uiop->uio_resid -= outcount;
3997 		uiop->uio_offset = offset;
3998 	} else if ((error = uiomove(outbuf, (long)outcount, UIO_READ,
3999 	    uiop)) == 0)
4000 		uiop->uio_offset = offset;
4001 update_inode:
4002 	ITIMES(ip);
4003 	if (uiop->uio_segflg != UIO_SYSSPACE || uiop->uio_iovcnt != 1)
4004 		kmem_free(outbuf, bufsize);
4005 
4006 	if (eofp && error == 0)
4007 		*eofp = (uiop->uio_offset >= (int)ip->i_size);
4008 unlock:
4009 	if (ulp) {
4010 		ufs_lockfs_end(ulp);
4011 	}
4012 out:
4013 	return (error);
4014 }
4015 
4016 /*ARGSUSED*/
4017 static int
4018 ufs_symlink(
4019 	struct vnode *dvp,		/* ptr to parent dir vnode */
4020 	char *linkname,			/* name of symbolic link */
4021 	struct vattr *vap,		/* attributes */
4022 	char *target,			/* target path */
4023 	struct cred *cr,		/* user credentials */
4024 	caller_context_t *ct,
4025 	int flags)
4026 {
4027 	struct inode *ip, *dip = VTOI(dvp);
4028 	struct ufsvfs *ufsvfsp = dip->i_ufsvfs;
4029 	struct ulockfs *ulp;
4030 	int error;
4031 	int issync;
4032 	int trans_size;
4033 	int residual;
4034 	int ioflag;
4035 	int retry = 1;
4036 
4037 	/*
4038 	 * No symlinks in attrdirs at this time
4039 	 */
4040 	if ((VTOI(dvp)->i_mode & IFMT) == IFATTRDIR)
4041 		return (EINVAL);
4042 
4043 again:
4044 	ip = (struct inode *)NULL;
4045 	vap->va_type = VLNK;
4046 	vap->va_rdev = 0;
4047 
4048 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_SYMLINK_MASK);
4049 	if (error)
4050 		goto out;
4051 
4052 	if (ulp)
4053 		TRANS_BEGIN_CSYNC(ufsvfsp, issync, TOP_SYMLINK,
4054 		    trans_size = (int)TOP_SYMLINK_SIZE(dip));
4055 
4056 	/*
4057 	 * We must create the inode before the directory entry, to avoid
4058 	 * racing with readlink().  ufs_dirmakeinode requires that we
4059 	 * hold the quota lock as reader, and directory locks as writer.
4060 	 */
4061 
4062 	rw_enter(&dip->i_rwlock, RW_WRITER);
4063 	rw_enter(&ufsvfsp->vfs_dqrwlock, RW_READER);
4064 	rw_enter(&dip->i_contents, RW_WRITER);
4065 
4066 	/*
4067 	 * Suppress any out of inodes messages if we will retry on
4068 	 * ENOSP
4069 	 */
4070 	if (retry)
4071 		dip->i_flag |= IQUIET;
4072 
4073 	error = ufs_dirmakeinode(dip, &ip, vap, DE_SYMLINK, cr);
4074 
4075 	dip->i_flag &= ~IQUIET;
4076 
4077 	rw_exit(&dip->i_contents);
4078 	rw_exit(&ufsvfsp->vfs_dqrwlock);
4079 	rw_exit(&dip->i_rwlock);
4080 
4081 	if (error)
4082 		goto unlock;
4083 
4084 	/*
4085 	 * OK.  The inode has been created.  Write out the data of the
4086 	 * symbolic link.  Since symbolic links are metadata, and should
4087 	 * remain consistent across a system crash, we need to force the
4088 	 * data out synchronously.
4089 	 *
4090 	 * (This is a change from the semantics in earlier releases, which
4091 	 * only created symbolic links synchronously if the semi-documented
4092 	 * 'syncdir' option was set, or if we were being invoked by the NFS
4093 	 * server, which requires symbolic links to be created synchronously.)
4094 	 *
4095 	 * We need to pass in a pointer for the residual length; otherwise
4096 	 * ufs_rdwri() will always return EIO if it can't write the data,
4097 	 * even if the error was really ENOSPC or EDQUOT.
4098 	 */
4099 
4100 	ioflag = FWRITE | FDSYNC;
4101 	residual = 0;
4102 
4103 	rw_enter(&ufsvfsp->vfs_dqrwlock, RW_READER);
4104 	rw_enter(&ip->i_contents, RW_WRITER);
4105 
4106 	/*
4107 	 * Suppress file system full messages if we will retry
4108 	 */
4109 	if (retry)
4110 		ip->i_flag |= IQUIET;
4111 
4112 	error = ufs_rdwri(UIO_WRITE, ioflag, ip, target, strlen(target),
4113 	    (offset_t)0, UIO_SYSSPACE, &residual, cr);
4114 
4115 	ip->i_flag &= ~IQUIET;
4116 
4117 	if (error) {
4118 		rw_exit(&ip->i_contents);
4119 		rw_exit(&ufsvfsp->vfs_dqrwlock);
4120 		goto remove;
4121 	}
4122 
4123 	/*
4124 	 * If the link's data is small enough, we can cache it in the inode.
4125 	 * This is a "fast symbolic link".  We don't use the first direct
4126 	 * block because that's actually used to point at the symbolic link's
4127 	 * contents on disk; but we know that none of the other direct or
4128 	 * indirect blocks can be used because symbolic links are restricted
4129 	 * to be smaller than a file system block.
4130 	 */
4131 
4132 	ASSERT(MAXPATHLEN <= VBSIZE(ITOV(ip)));
4133 
4134 	if (ip->i_size > 0 && ip->i_size <= FSL_SIZE) {
4135 		if (kcopy(target, &ip->i_db[1], ip->i_size) == 0) {
4136 			ip->i_flag |= IFASTSYMLNK;
4137 		} else {
4138 			int i;
4139 			/* error, clear garbage left behind */
4140 			for (i = 1; i < NDADDR; i++)
4141 				ip->i_db[i] = 0;
4142 			for (i = 0; i < NIADDR; i++)
4143 				ip->i_ib[i] = 0;
4144 		}
4145 	}
4146 
4147 	rw_exit(&ip->i_contents);
4148 	rw_exit(&ufsvfsp->vfs_dqrwlock);
4149 
4150 	/*
4151 	 * OK.  We've successfully created the symbolic link.  All that
4152 	 * remains is to insert it into the appropriate directory.
4153 	 */
4154 
4155 	rw_enter(&dip->i_rwlock, RW_WRITER);
4156 	error = ufs_direnter_lr(dip, linkname, DE_SYMLINK, NULL, ip, cr, NULL);
4157 	rw_exit(&dip->i_rwlock);
4158 
4159 	/*
4160 	 * Fall through into remove-on-error code.  We're either done, or we
4161 	 * need to remove the inode (if we couldn't insert it).
4162 	 */
4163 
4164 remove:
4165 	if (error && (ip != NULL)) {
4166 		rw_enter(&ip->i_contents, RW_WRITER);
4167 		ip->i_nlink--;
4168 		ip->i_flag |= ICHG;
4169 		ip->i_seq++;
4170 		ufs_setreclaim(ip);
4171 		rw_exit(&ip->i_contents);
4172 	}
4173 
4174 unlock:
4175 	if (ip != NULL)
4176 		VN_RELE(ITOV(ip));
4177 
4178 	if (ulp) {
4179 		int terr = 0;
4180 
4181 		TRANS_END_CSYNC(ufsvfsp, terr, issync, TOP_SYMLINK,
4182 		    trans_size);
4183 		ufs_lockfs_end(ulp);
4184 		if (error == 0)
4185 			error = terr;
4186 	}
4187 
4188 	/*
4189 	 * We may have failed due to lack of an inode or of a block to
4190 	 * store the target in.  Try flushing the delete queue to free
4191 	 * logically-available things up and try again.
4192 	 */
4193 	if ((error == ENOSPC) && retry && TRANS_ISTRANS(ufsvfsp)) {
4194 		ufs_delete_drain_wait(ufsvfsp, 1);
4195 		retry = 0;
4196 		goto again;
4197 	}
4198 
4199 out:
4200 	return (error);
4201 }
4202 
4203 /*
4204  * Ufs specific routine used to do ufs io.
4205  */
4206 int
4207 ufs_rdwri(enum uio_rw rw, int ioflag, struct inode *ip, caddr_t base,
4208 	ssize_t len, offset_t offset, enum uio_seg seg, int *aresid,
4209 	struct cred *cr)
4210 {
4211 	struct uio auio;
4212 	struct iovec aiov;
4213 	int error;
4214 
4215 	ASSERT(RW_LOCK_HELD(&ip->i_contents));
4216 
4217 	bzero((caddr_t)&auio, sizeof (uio_t));
4218 	bzero((caddr_t)&aiov, sizeof (iovec_t));
4219 
4220 	aiov.iov_base = base;
4221 	aiov.iov_len = len;
4222 	auio.uio_iov = &aiov;
4223 	auio.uio_iovcnt = 1;
4224 	auio.uio_loffset = offset;
4225 	auio.uio_segflg = (short)seg;
4226 	auio.uio_resid = len;
4227 
4228 	if (rw == UIO_WRITE) {
4229 		auio.uio_fmode = FWRITE;
4230 		auio.uio_extflg = UIO_COPY_DEFAULT;
4231 		auio.uio_llimit = curproc->p_fsz_ctl;
4232 		error = wrip(ip, &auio, ioflag, cr);
4233 	} else {
4234 		auio.uio_fmode = FREAD;
4235 		auio.uio_extflg = UIO_COPY_CACHED;
4236 		auio.uio_llimit = MAXOFFSET_T;
4237 		error = rdip(ip, &auio, ioflag, cr);
4238 	}
4239 
4240 	if (aresid) {
4241 		*aresid = auio.uio_resid;
4242 	} else if (auio.uio_resid) {
4243 		error = EIO;
4244 	}
4245 	return (error);
4246 }
4247 
4248 /*ARGSUSED*/
4249 static int
4250 ufs_fid(struct vnode *vp, struct fid *fidp, caller_context_t *ct)
4251 {
4252 	struct ufid *ufid;
4253 	struct inode *ip = VTOI(vp);
4254 
4255 	if (ip->i_ufsvfs == NULL)
4256 		return (EIO);
4257 
4258 	if (fidp->fid_len < (sizeof (struct ufid) - sizeof (ushort_t))) {
4259 		fidp->fid_len = sizeof (struct ufid) - sizeof (ushort_t);
4260 		return (ENOSPC);
4261 	}
4262 
4263 	ufid = (struct ufid *)fidp;
4264 	bzero((char *)ufid, sizeof (struct ufid));
4265 	ufid->ufid_len = sizeof (struct ufid) - sizeof (ushort_t);
4266 	ufid->ufid_ino = ip->i_number;
4267 	ufid->ufid_gen = ip->i_gen;
4268 
4269 	return (0);
4270 }
4271 
4272 /* ARGSUSED2 */
4273 static int
4274 ufs_rwlock(struct vnode *vp, int write_lock, caller_context_t *ctp)
4275 {
4276 	struct inode	*ip = VTOI(vp);
4277 	struct ufsvfs	*ufsvfsp;
4278 	int		forcedirectio;
4279 
4280 	/*
4281 	 * Read case is easy.
4282 	 */
4283 	if (!write_lock) {
4284 		rw_enter(&ip->i_rwlock, RW_READER);
4285 		return (V_WRITELOCK_FALSE);
4286 	}
4287 
4288 	/*
4289 	 * Caller has requested a writer lock, but that inhibits any
4290 	 * concurrency in the VOPs that follow. Acquire the lock shared
4291 	 * and defer exclusive access until it is known to be needed in
4292 	 * other VOP handlers. Some cases can be determined here.
4293 	 */
4294 
4295 	/*
4296 	 * If directio is not set, there is no chance of concurrency,
4297 	 * so just acquire the lock exclusive. Beware of a forced
4298 	 * unmount before looking at the mount option.
4299 	 */
4300 	ufsvfsp = ip->i_ufsvfs;
4301 	forcedirectio = ufsvfsp ? ufsvfsp->vfs_forcedirectio : 0;
4302 	if (!(ip->i_flag & IDIRECTIO || forcedirectio) ||
4303 	    !ufs_allow_shared_writes) {
4304 		rw_enter(&ip->i_rwlock, RW_WRITER);
4305 		return (V_WRITELOCK_TRUE);
4306 	}
4307 
4308 	/*
4309 	 * Mandatory locking forces acquiring i_rwlock exclusive.
4310 	 */
4311 	if (MANDLOCK(vp, ip->i_mode)) {
4312 		rw_enter(&ip->i_rwlock, RW_WRITER);
4313 		return (V_WRITELOCK_TRUE);
4314 	}
4315 
4316 	/*
4317 	 * Acquire the lock shared in case a concurrent write follows.
4318 	 * Mandatory locking could have become enabled before the lock
4319 	 * was acquired. Re-check and upgrade if needed.
4320 	 */
4321 	rw_enter(&ip->i_rwlock, RW_READER);
4322 	if (MANDLOCK(vp, ip->i_mode)) {
4323 		rw_exit(&ip->i_rwlock);
4324 		rw_enter(&ip->i_rwlock, RW_WRITER);
4325 		return (V_WRITELOCK_TRUE);
4326 	}
4327 	return (V_WRITELOCK_FALSE);
4328 }
4329 
4330 /*ARGSUSED*/
4331 static void
4332 ufs_rwunlock(struct vnode *vp, int write_lock, caller_context_t *ctp)
4333 {
4334 	struct inode	*ip = VTOI(vp);
4335 
4336 	rw_exit(&ip->i_rwlock);
4337 }
4338 
4339 /* ARGSUSED */
4340 static int
4341 ufs_seek(struct vnode *vp, offset_t ooff, offset_t *noffp,
4342 	caller_context_t *ct)
4343 {
4344 	return ((*noffp < 0 || *noffp > MAXOFFSET_T) ? EINVAL : 0);
4345 }
4346 
4347 /* ARGSUSED */
4348 static int
4349 ufs_frlock(struct vnode *vp, int cmd, struct flock64 *bfp, int flag,
4350 	offset_t offset, struct flk_callback *flk_cbp, struct cred *cr,
4351 	caller_context_t *ct)
4352 {
4353 	struct inode *ip = VTOI(vp);
4354 
4355 	if (ip->i_ufsvfs == NULL)
4356 		return (EIO);
4357 
4358 	/*
4359 	 * If file is being mapped, disallow frlock.
4360 	 * XXX I am not holding tlock while checking i_mapcnt because the
4361 	 * current locking strategy drops all locks before calling fs_frlock.
4362 	 * So, mapcnt could change before we enter fs_frlock making is
4363 	 * meaningless to have held tlock in the first place.
4364 	 */
4365 	if (ip->i_mapcnt > 0 && MANDLOCK(vp, ip->i_mode))
4366 		return (EAGAIN);
4367 	return (fs_frlock(vp, cmd, bfp, flag, offset, flk_cbp, cr, ct));
4368 }
4369 
4370 /* ARGSUSED */
4371 static int
4372 ufs_space(struct vnode *vp, int cmd, struct flock64 *bfp, int flag,
4373 	offset_t offset, cred_t *cr, caller_context_t *ct)
4374 {
4375 	struct ufsvfs *ufsvfsp = VTOI(vp)->i_ufsvfs;
4376 	struct ulockfs *ulp;
4377 	int error;
4378 
4379 	if ((error = convoff(vp, bfp, 0, offset)) == 0) {
4380 		if (cmd == F_FREESP) {
4381 			error = ufs_lockfs_begin(ufsvfsp, &ulp,
4382 			    ULOCKFS_SPACE_MASK);
4383 			if (error)
4384 				return (error);
4385 			error = ufs_freesp(vp, bfp, flag, cr);
4386 		} else if (cmd == F_ALLOCSP) {
4387 			error = ufs_lockfs_begin(ufsvfsp, &ulp,
4388 			    ULOCKFS_FALLOCATE_MASK);
4389 			if (error)
4390 				return (error);
4391 			error = ufs_allocsp(vp, bfp, cr);
4392 		} else
4393 			return (EINVAL); /* Command not handled here */
4394 
4395 		if (ulp)
4396 			ufs_lockfs_end(ulp);
4397 
4398 	}
4399 	return (error);
4400 }
4401 
4402 /*
4403  * Used to determine if read ahead should be done. Also used to
4404  * to determine when write back occurs.
4405  */
4406 #define	CLUSTSZ(ip)		((ip)->i_ufsvfs->vfs_ioclustsz)
4407 
4408 /*
4409  * A faster version of ufs_getpage.
4410  *
4411  * We optimize by inlining the pvn_getpages iterator, eliminating
4412  * calls to bmap_read if file doesn't have UFS holes, and avoiding
4413  * the overhead of page_exists().
4414  *
4415  * When files has UFS_HOLES and ufs_getpage is called with S_READ,
4416  * we set *protp to PROT_READ to avoid calling bmap_read. This approach
4417  * victimizes performance when a file with UFS holes is faulted
4418  * first in the S_READ mode, and then in the S_WRITE mode. We will get
4419  * two MMU faults in this case.
4420  *
4421  * XXX - the inode fields which control the sequential mode are not
4422  *	 protected by any mutex. The read ahead will act wild if
4423  *	 multiple processes will access the file concurrently and
4424  *	 some of them in sequential mode. One particulary bad case
4425  *	 is if another thread will change the value of i_nextrio between
4426  *	 the time this thread tests the i_nextrio value and then reads it
4427  *	 again to use it as the offset for the read ahead.
4428  */
4429 /*ARGSUSED*/
4430 static int
4431 ufs_getpage(struct vnode *vp, offset_t off, size_t len, uint_t *protp,
4432 	page_t *plarr[], size_t plsz, struct seg *seg, caddr_t addr,
4433 	enum seg_rw rw, struct cred *cr, caller_context_t *ct)
4434 {
4435 	u_offset_t	uoff = (u_offset_t)off; /* type conversion */
4436 	u_offset_t	pgoff;
4437 	u_offset_t	eoff;
4438 	struct inode 	*ip = VTOI(vp);
4439 	struct ufsvfs	*ufsvfsp = ip->i_ufsvfs;
4440 	struct fs 	*fs;
4441 	struct ulockfs	*ulp;
4442 	page_t		**pl;
4443 	caddr_t		pgaddr;
4444 	krw_t		rwtype;
4445 	int 		err;
4446 	int		has_holes;
4447 	int		beyond_eof;
4448 	int		seqmode;
4449 	int		pgsize = PAGESIZE;
4450 	int		dolock;
4451 	int		do_qlock;
4452 	int		trans_size;
4453 
4454 	ASSERT((uoff & PAGEOFFSET) == 0);
4455 
4456 	if (protp)
4457 		*protp = PROT_ALL;
4458 
4459 	/*
4460 	 * Obey the lockfs protocol
4461 	 */
4462 	err = ufs_lockfs_begin_getpage(ufsvfsp, &ulp, seg,
4463 	    rw == S_READ || rw == S_EXEC, protp);
4464 	if (err)
4465 		goto out;
4466 
4467 	fs = ufsvfsp->vfs_fs;
4468 
4469 	if (ulp && (rw == S_CREATE || rw == S_WRITE) &&
4470 	    !(vp->v_flag & VISSWAP)) {
4471 		/*
4472 		 * Try to start a transaction, will return if blocking is
4473 		 * expected to occur and the address space is not the
4474 		 * kernel address space.
4475 		 */
4476 		trans_size = TOP_GETPAGE_SIZE(ip);
4477 		if (seg->s_as != &kas) {
4478 			TRANS_TRY_BEGIN_ASYNC(ufsvfsp, TOP_GETPAGE,
4479 			    trans_size, err)
4480 			if (err == EWOULDBLOCK) {
4481 				/*
4482 				 * Use EDEADLK here because the VM code
4483 				 * can normally never see this error.
4484 				 */
4485 				err = EDEADLK;
4486 				ufs_lockfs_end(ulp);
4487 				goto out;
4488 			}
4489 		} else {
4490 			TRANS_BEGIN_ASYNC(ufsvfsp, TOP_GETPAGE, trans_size);
4491 		}
4492 	}
4493 
4494 	if (vp->v_flag & VNOMAP) {
4495 		err = ENOSYS;
4496 		goto unlock;
4497 	}
4498 
4499 	seqmode = ip->i_nextr == uoff && rw != S_CREATE;
4500 
4501 	rwtype = RW_READER;		/* start as a reader */
4502 	dolock = (rw_owner(&ip->i_contents) != curthread);
4503 	/*
4504 	 * If this thread owns the lock, i.e., this thread grabbed it
4505 	 * as writer somewhere above, then we don't need to grab the
4506 	 * lock as reader in this routine.
4507 	 */
4508 	do_qlock = (rw_owner(&ufsvfsp->vfs_dqrwlock) != curthread);
4509 
4510 retrylock:
4511 	if (dolock) {
4512 		/*
4513 		 * Grab the quota lock if we need to call
4514 		 * bmap_write() below (with i_contents as writer).
4515 		 */
4516 		if (do_qlock && rwtype == RW_WRITER)
4517 			rw_enter(&ufsvfsp->vfs_dqrwlock, RW_READER);
4518 		rw_enter(&ip->i_contents, rwtype);
4519 	}
4520 
4521 	/*
4522 	 * We may be getting called as a side effect of a bmap using
4523 	 * fbread() when the blocks might be being allocated and the
4524 	 * size has not yet been up'ed.  In this case we want to be
4525 	 * able to return zero pages if we get back UFS_HOLE from
4526 	 * calling bmap for a non write case here.  We also might have
4527 	 * to read some frags from the disk into a page if we are
4528 	 * extending the number of frags for a given lbn in bmap().
4529 	 * Large Files: The read of i_size here is atomic because
4530 	 * i_contents is held here. If dolock is zero, the lock
4531 	 * is held in bmap routines.
4532 	 */
4533 	beyond_eof = uoff + len > ip->i_size + PAGEOFFSET;
4534 	if (beyond_eof && seg != segkmap) {
4535 		if (dolock) {
4536 			rw_exit(&ip->i_contents);
4537 			if (do_qlock && rwtype == RW_WRITER)
4538 				rw_exit(&ufsvfsp->vfs_dqrwlock);
4539 		}
4540 		err = EFAULT;
4541 		goto unlock;
4542 	}
4543 
4544 	/*
4545 	 * Must hold i_contents lock throughout the call to pvn_getpages
4546 	 * since locked pages are returned from each call to ufs_getapage.
4547 	 * Must *not* return locked pages and then try for contents lock
4548 	 * due to lock ordering requirements (inode > page)
4549 	 */
4550 
4551 	has_holes = bmap_has_holes(ip);
4552 
4553 	if ((rw == S_WRITE || rw == S_CREATE) && has_holes && !beyond_eof) {
4554 		int	blk_size;
4555 		u_offset_t offset;
4556 
4557 		/*
4558 		 * We must acquire the RW_WRITER lock in order to
4559 		 * call bmap_write().
4560 		 */
4561 		if (dolock && rwtype == RW_READER) {
4562 			rwtype = RW_WRITER;
4563 
4564 			/*
4565 			 * Grab the quota lock before
4566 			 * upgrading i_contents, but if we can't grab it
4567 			 * don't wait here due to lock order:
4568 			 * vfs_dqrwlock > i_contents.
4569 			 */
4570 			if (do_qlock &&
4571 			    rw_tryenter(&ufsvfsp->vfs_dqrwlock, RW_READER)
4572 			    == 0) {
4573 				rw_exit(&ip->i_contents);
4574 				goto retrylock;
4575 			}
4576 			if (!rw_tryupgrade(&ip->i_contents)) {
4577 				rw_exit(&ip->i_contents);
4578 				if (do_qlock)
4579 					rw_exit(&ufsvfsp->vfs_dqrwlock);
4580 				goto retrylock;
4581 			}
4582 		}
4583 
4584 		/*
4585 		 * May be allocating disk blocks for holes here as
4586 		 * a result of mmap faults. write(2) does the bmap_write
4587 		 * in rdip/wrip, not here. We are not dealing with frags
4588 		 * in this case.
4589 		 */
4590 		/*
4591 		 * Large Files: We cast fs_bmask field to offset_t
4592 		 * just as we do for MAXBMASK because uoff is a 64-bit
4593 		 * data type. fs_bmask will still be a 32-bit type
4594 		 * as we cannot change any ondisk data structures.
4595 		 */
4596 
4597 		offset = uoff & (offset_t)fs->fs_bmask;
4598 		while (offset < uoff + len) {
4599 			blk_size = (int)blksize(fs, ip, lblkno(fs, offset));
4600 			err = bmap_write(ip, offset, blk_size,
4601 			    BI_NORMAL, NULL, cr);
4602 			if (ip->i_flag & (ICHG|IUPD))
4603 				ip->i_seq++;
4604 			if (err)
4605 				goto update_inode;
4606 			offset += blk_size; /* XXX - make this contig */
4607 		}
4608 	}
4609 
4610 	/*
4611 	 * Can be a reader from now on.
4612 	 */
4613 	if (dolock && rwtype == RW_WRITER) {
4614 		rw_downgrade(&ip->i_contents);
4615 		/*
4616 		 * We can release vfs_dqrwlock early so do it, but make
4617 		 * sure we don't try to release it again at the bottom.
4618 		 */
4619 		if (do_qlock) {
4620 			rw_exit(&ufsvfsp->vfs_dqrwlock);
4621 			do_qlock = 0;
4622 		}
4623 	}
4624 
4625 	/*
4626 	 * We remove PROT_WRITE in cases when the file has UFS holes
4627 	 * because we don't  want to call bmap_read() to check each
4628 	 * page if it is backed with a disk block.
4629 	 */
4630 	if (protp && has_holes && rw != S_WRITE && rw != S_CREATE)
4631 		*protp &= ~PROT_WRITE;
4632 
4633 	err = 0;
4634 
4635 	/*
4636 	 * The loop looks up pages in the range [off, off + len).
4637 	 * For each page, we first check if we should initiate an asynchronous
4638 	 * read ahead before we call page_lookup (we may sleep in page_lookup
4639 	 * for a previously initiated disk read).
4640 	 */
4641 	eoff = (uoff + len);
4642 	for (pgoff = uoff, pgaddr = addr, pl = plarr;
4643 	    pgoff < eoff; /* empty */) {
4644 		page_t	*pp;
4645 		u_offset_t	nextrio;
4646 		se_t	se;
4647 		int retval;
4648 
4649 		se = ((rw == S_CREATE || rw == S_OTHER) ? SE_EXCL : SE_SHARED);
4650 
4651 		/* Handle async getpage (faultahead) */
4652 		if (plarr == NULL) {
4653 			ip->i_nextrio = pgoff;
4654 			(void) ufs_getpage_ra(vp, pgoff, seg, pgaddr);
4655 			pgoff += pgsize;
4656 			pgaddr += pgsize;
4657 			continue;
4658 		}
4659 		/*
4660 		 * Check if we should initiate read ahead of next cluster.
4661 		 * We call page_exists only when we need to confirm that
4662 		 * we have the current page before we initiate the read ahead.
4663 		 */
4664 		nextrio = ip->i_nextrio;
4665 		if (seqmode &&
4666 		    pgoff + CLUSTSZ(ip) >= nextrio && pgoff <= nextrio &&
4667 		    nextrio < ip->i_size && page_exists(vp, pgoff)) {
4668 			retval = ufs_getpage_ra(vp, pgoff, seg, pgaddr);
4669 			/*
4670 			 * We always read ahead the next cluster of data
4671 			 * starting from i_nextrio. If the page (vp,nextrio)
4672 			 * is actually in core at this point, the routine
4673 			 * ufs_getpage_ra() will stop pre-fetching data
4674 			 * until we read that page in a synchronized manner
4675 			 * through ufs_getpage_miss(). So, we should increase
4676 			 * i_nextrio if the page (vp, nextrio) exists.
4677 			 */
4678 			if ((retval == 0) && page_exists(vp, nextrio)) {
4679 				ip->i_nextrio = nextrio + pgsize;
4680 			}
4681 		}
4682 
4683 		if ((pp = page_lookup(vp, pgoff, se)) != NULL) {
4684 			/*
4685 			 * We found the page in the page cache.
4686 			 */
4687 			*pl++ = pp;
4688 			pgoff += pgsize;
4689 			pgaddr += pgsize;
4690 			len -= pgsize;
4691 			plsz -= pgsize;
4692 		} else  {
4693 			/*
4694 			 * We have to create the page, or read it from disk.
4695 			 */
4696 			if (err = ufs_getpage_miss(vp, pgoff, len, seg, pgaddr,
4697 			    pl, plsz, rw, seqmode))
4698 				goto error;
4699 
4700 			while (*pl != NULL) {
4701 				pl++;
4702 				pgoff += pgsize;
4703 				pgaddr += pgsize;
4704 				len -= pgsize;
4705 				plsz -= pgsize;
4706 			}
4707 		}
4708 	}
4709 
4710 	/*
4711 	 * Return pages up to plsz if they are in the page cache.
4712 	 * We cannot return pages if there is a chance that they are
4713 	 * backed with a UFS hole and rw is S_WRITE or S_CREATE.
4714 	 */
4715 	if (plarr && !(has_holes && (rw == S_WRITE || rw == S_CREATE))) {
4716 
4717 		ASSERT((protp == NULL) ||
4718 		    !(has_holes && (*protp & PROT_WRITE)));
4719 
4720 		eoff = pgoff + plsz;
4721 		while (pgoff < eoff) {
4722 			page_t		*pp;
4723 
4724 			if ((pp = page_lookup_nowait(vp, pgoff,
4725 			    SE_SHARED)) == NULL)
4726 				break;
4727 
4728 			*pl++ = pp;
4729 			pgoff += pgsize;
4730 			plsz -= pgsize;
4731 		}
4732 	}
4733 
4734 	if (plarr)
4735 		*pl = NULL;			/* Terminate page list */
4736 	ip->i_nextr = pgoff;
4737 
4738 error:
4739 	if (err && plarr) {
4740 		/*
4741 		 * Release any pages we have locked.
4742 		 */
4743 		while (pl > &plarr[0])
4744 			page_unlock(*--pl);
4745 
4746 		plarr[0] = NULL;
4747 	}
4748 
4749 update_inode:
4750 	/*
4751 	 * If the inode is not already marked for IACC (in rdip() for read)
4752 	 * and the inode is not marked for no access time update (in wrip()
4753 	 * for write) then update the inode access time and mod time now.
4754 	 */
4755 	if ((ip->i_flag & (IACC | INOACC)) == 0) {
4756 		if ((rw != S_OTHER) && (ip->i_mode & IFMT) != IFDIR) {
4757 			if (!ULOCKFS_IS_NOIACC(ITOUL(ip)) &&
4758 			    (fs->fs_ronly == 0) &&
4759 			    (!ufsvfsp->vfs_noatime)) {
4760 				mutex_enter(&ip->i_tlock);
4761 				ip->i_flag |= IACC;
4762 				ITIMES_NOLOCK(ip);
4763 				mutex_exit(&ip->i_tlock);
4764 			}
4765 		}
4766 	}
4767 
4768 	if (dolock) {
4769 		rw_exit(&ip->i_contents);
4770 		if (do_qlock && rwtype == RW_WRITER)
4771 			rw_exit(&ufsvfsp->vfs_dqrwlock);
4772 	}
4773 
4774 unlock:
4775 	if (ulp) {
4776 		if ((rw == S_CREATE || rw == S_WRITE) &&
4777 		    !(vp->v_flag & VISSWAP)) {
4778 			TRANS_END_ASYNC(ufsvfsp, TOP_GETPAGE, trans_size);
4779 		}
4780 		ufs_lockfs_end(ulp);
4781 	}
4782 out:
4783 	return (err);
4784 }
4785 
4786 /*
4787  * ufs_getpage_miss is called when ufs_getpage missed the page in the page
4788  * cache. The page is either read from the disk, or it's created.
4789  * A page is created (without disk read) if rw == S_CREATE, or if
4790  * the page is not backed with a real disk block (UFS hole).
4791  */
4792 /* ARGSUSED */
4793 static int
4794 ufs_getpage_miss(struct vnode *vp, u_offset_t off, size_t len, struct seg *seg,
4795 	caddr_t addr, page_t *pl[], size_t plsz, enum seg_rw rw, int seq)
4796 {
4797 	struct inode	*ip = VTOI(vp);
4798 	page_t		*pp;
4799 	daddr_t		bn;
4800 	size_t		io_len;
4801 	int		crpage = 0;
4802 	int		err;
4803 	int		contig;
4804 	int		bsize = ip->i_fs->fs_bsize;
4805 
4806 	/*
4807 	 * Figure out whether the page can be created, or must be
4808 	 * must be read from the disk.
4809 	 */
4810 	if (rw == S_CREATE)
4811 		crpage = 1;
4812 	else {
4813 		contig = 0;
4814 		if (err = bmap_read(ip, off, &bn, &contig))
4815 			return (err);
4816 
4817 		crpage = (bn == UFS_HOLE);
4818 
4819 		/*
4820 		 * If its also a fallocated block that hasn't been written to
4821 		 * yet, we will treat it just like a UFS_HOLE and create
4822 		 * a zero page for it
4823 		 */
4824 		if (ISFALLOCBLK(ip, bn))
4825 			crpage = 1;
4826 	}
4827 
4828 	if (crpage) {
4829 		if ((pp = page_create_va(vp, off, PAGESIZE, PG_WAIT, seg,
4830 		    addr)) == NULL) {
4831 			return (ufs_fault(vp,
4832 			    "ufs_getpage_miss: page_create == NULL"));
4833 		}
4834 
4835 		if (rw != S_CREATE)
4836 			pagezero(pp, 0, PAGESIZE);
4837 
4838 		io_len = PAGESIZE;
4839 	} else {
4840 		u_offset_t	io_off;
4841 		uint_t	xlen;
4842 		struct buf	*bp;
4843 		ufsvfs_t	*ufsvfsp = ip->i_ufsvfs;
4844 
4845 		/*
4846 		 * If access is not in sequential order, we read from disk
4847 		 * in bsize units.
4848 		 *
4849 		 * We limit the size of the transfer to bsize if we are reading
4850 		 * from the beginning of the file. Note in this situation we
4851 		 * will hedge our bets and initiate an async read ahead of
4852 		 * the second block.
4853 		 */
4854 		if (!seq || off == 0)
4855 			contig = MIN(contig, bsize);
4856 
4857 		pp = pvn_read_kluster(vp, off, seg, addr, &io_off,
4858 		    &io_len, off, contig, 0);
4859 
4860 		/*
4861 		 * Some other thread has entered the page.
4862 		 * ufs_getpage will retry page_lookup.
4863 		 */
4864 		if (pp == NULL) {
4865 			pl[0] = NULL;
4866 			return (0);
4867 		}
4868 
4869 		/*
4870 		 * Zero part of the page which we are not
4871 		 * going to read from the disk.
4872 		 */
4873 		xlen = io_len & PAGEOFFSET;
4874 		if (xlen != 0)
4875 			pagezero(pp->p_prev, xlen, PAGESIZE - xlen);
4876 
4877 		bp = pageio_setup(pp, io_len, ip->i_devvp, B_READ);
4878 		bp->b_edev = ip->i_dev;
4879 		bp->b_dev = cmpdev(ip->i_dev);
4880 		bp->b_blkno = bn;
4881 		bp->b_un.b_addr = (caddr_t)0;
4882 		bp->b_file = ip->i_vnode;
4883 		bp->b_offset = off;
4884 
4885 		if (ufsvfsp->vfs_log) {
4886 			lufs_read_strategy(ufsvfsp->vfs_log, bp);
4887 		} else if (ufsvfsp->vfs_snapshot) {
4888 			fssnap_strategy(&ufsvfsp->vfs_snapshot, bp);
4889 		} else {
4890 			ufsvfsp->vfs_iotstamp = lbolt;
4891 			ub.ub_getpages.value.ul++;
4892 			(void) bdev_strategy(bp);
4893 			lwp_stat_update(LWP_STAT_INBLK, 1);
4894 		}
4895 
4896 		ip->i_nextrio = off + ((io_len + PAGESIZE - 1) & PAGEMASK);
4897 
4898 		/*
4899 		 * If the file access is sequential, initiate read ahead
4900 		 * of the next cluster.
4901 		 */
4902 		if (seq && ip->i_nextrio < ip->i_size)
4903 			(void) ufs_getpage_ra(vp, off, seg, addr);
4904 		err = biowait(bp);
4905 		pageio_done(bp);
4906 
4907 		if (err) {
4908 			pvn_read_done(pp, B_ERROR);
4909 			return (err);
4910 		}
4911 	}
4912 
4913 	pvn_plist_init(pp, pl, plsz, off, io_len, rw);
4914 	return (0);
4915 }
4916 
4917 /*
4918  * Read ahead a cluster from the disk. Returns the length in bytes.
4919  */
4920 static int
4921 ufs_getpage_ra(struct vnode *vp, u_offset_t off, struct seg *seg, caddr_t addr)
4922 {
4923 	struct inode	*ip = VTOI(vp);
4924 	page_t		*pp;
4925 	u_offset_t	io_off = ip->i_nextrio;
4926 	ufsvfs_t	*ufsvfsp;
4927 	caddr_t		addr2 = addr + (io_off - off);
4928 	struct buf	*bp;
4929 	daddr_t		bn;
4930 	size_t		io_len;
4931 	int		err;
4932 	int		contig;
4933 	int		xlen;
4934 	int		bsize = ip->i_fs->fs_bsize;
4935 
4936 	/*
4937 	 * If the directio advisory is in effect on this file,
4938 	 * then do not do buffered read ahead. Read ahead makes
4939 	 * it more difficult on threads using directio as they
4940 	 * will be forced to flush the pages from this vnode.
4941 	 */
4942 	if ((ufsvfsp = ip->i_ufsvfs) == NULL)
4943 		return (0);
4944 	if (ip->i_flag & IDIRECTIO || ufsvfsp->vfs_forcedirectio)
4945 		return (0);
4946 
4947 	/*
4948 	 * Is this test needed?
4949 	 */
4950 	if (addr2 >= seg->s_base + seg->s_size)
4951 		return (0);
4952 
4953 	contig = 0;
4954 	err = bmap_read(ip, io_off, &bn, &contig);
4955 	/*
4956 	 * If its a UFS_HOLE or a fallocated block, do not perform
4957 	 * any read ahead's since there probably is nothing to read ahead
4958 	 */
4959 	if (err || bn == UFS_HOLE || ISFALLOCBLK(ip, bn))
4960 		return (0);
4961 
4962 	/*
4963 	 * Limit the transfer size to bsize if this is the 2nd block.
4964 	 */
4965 	if (io_off == (u_offset_t)bsize)
4966 		contig = MIN(contig, bsize);
4967 
4968 	if ((pp = pvn_read_kluster(vp, io_off, seg, addr2, &io_off,
4969 	    &io_len, io_off, contig, 1)) == NULL)
4970 		return (0);
4971 
4972 	/*
4973 	 * Zero part of page which we are not going to read from disk
4974 	 */
4975 	if ((xlen = (io_len & PAGEOFFSET)) > 0)
4976 		pagezero(pp->p_prev, xlen, PAGESIZE - xlen);
4977 
4978 	ip->i_nextrio = (io_off + io_len + PAGESIZE - 1) & PAGEMASK;
4979 
4980 	bp = pageio_setup(pp, io_len, ip->i_devvp, B_READ | B_ASYNC);
4981 	bp->b_edev = ip->i_dev;
4982 	bp->b_dev = cmpdev(ip->i_dev);
4983 	bp->b_blkno = bn;
4984 	bp->b_un.b_addr = (caddr_t)0;
4985 	bp->b_file = ip->i_vnode;
4986 	bp->b_offset = off;
4987 
4988 	if (ufsvfsp->vfs_log) {
4989 		lufs_read_strategy(ufsvfsp->vfs_log, bp);
4990 	} else if (ufsvfsp->vfs_snapshot) {
4991 		fssnap_strategy(&ufsvfsp->vfs_snapshot, bp);
4992 	} else {
4993 		ufsvfsp->vfs_iotstamp = lbolt;
4994 		ub.ub_getras.value.ul++;
4995 		(void) bdev_strategy(bp);
4996 		lwp_stat_update(LWP_STAT_INBLK, 1);
4997 	}
4998 
4999 	return (io_len);
5000 }
5001 
5002 int	ufs_delay = 1;
5003 /*
5004  * Flags are composed of {B_INVAL, B_FREE, B_DONTNEED, B_FORCE, B_ASYNC}
5005  *
5006  * LMXXX - the inode really ought to contain a pointer to one of these
5007  * async args.  Stuff gunk in there and just hand the whole mess off.
5008  * This would replace i_delaylen, i_delayoff.
5009  */
5010 /*ARGSUSED*/
5011 static int
5012 ufs_putpage(struct vnode *vp, offset_t off, size_t len, int flags,
5013 	struct cred *cr, caller_context_t *ct)
5014 {
5015 	struct inode *ip = VTOI(vp);
5016 	int err = 0;
5017 
5018 	if (vp->v_count == 0) {
5019 		return (ufs_fault(vp, "ufs_putpage: bad v_count == 0"));
5020 	}
5021 
5022 	/*
5023 	 * XXX - Why should this check be made here?
5024 	 */
5025 	if (vp->v_flag & VNOMAP) {
5026 		err = ENOSYS;
5027 		goto errout;
5028 	}
5029 
5030 	if (ip->i_ufsvfs == NULL) {
5031 		err = EIO;
5032 		goto errout;
5033 	}
5034 
5035 	if (flags & B_ASYNC) {
5036 		if (ufs_delay && len &&
5037 		    (flags & ~(B_ASYNC|B_DONTNEED|B_FREE)) == 0) {
5038 			mutex_enter(&ip->i_tlock);
5039 			/*
5040 			 * If nobody stalled, start a new cluster.
5041 			 */
5042 			if (ip->i_delaylen == 0) {
5043 				ip->i_delayoff = off;
5044 				ip->i_delaylen = len;
5045 				mutex_exit(&ip->i_tlock);
5046 				goto errout;
5047 			}
5048 			/*
5049 			 * If we have a full cluster or they are not contig,
5050 			 * then push last cluster and start over.
5051 			 */
5052 			if (ip->i_delaylen >= CLUSTSZ(ip) ||
5053 			    ip->i_delayoff + ip->i_delaylen != off) {
5054 				u_offset_t doff;
5055 				size_t dlen;
5056 
5057 				doff = ip->i_delayoff;
5058 				dlen = ip->i_delaylen;
5059 				ip->i_delayoff = off;
5060 				ip->i_delaylen = len;
5061 				mutex_exit(&ip->i_tlock);
5062 				err = ufs_putpages(vp, doff, dlen,
5063 				    flags, cr);
5064 				/* LMXXX - flags are new val, not old */
5065 				goto errout;
5066 			}
5067 			/*
5068 			 * There is something there, it's not full, and
5069 			 * it is contig.
5070 			 */
5071 			ip->i_delaylen += len;
5072 			mutex_exit(&ip->i_tlock);
5073 			goto errout;
5074 		}
5075 		/*
5076 		 * Must have weird flags or we are not clustering.
5077 		 */
5078 	}
5079 
5080 	err = ufs_putpages(vp, off, len, flags, cr);
5081 
5082 errout:
5083 	return (err);
5084 }
5085 
5086 /*
5087  * If len == 0, do from off to EOF.
5088  *
5089  * The normal cases should be len == 0 & off == 0 (entire vp list),
5090  * len == MAXBSIZE (from segmap_release actions), and len == PAGESIZE
5091  * (from pageout).
5092  */
5093 /*ARGSUSED*/
5094 static int
5095 ufs_putpages(
5096 	struct vnode *vp,
5097 	offset_t off,
5098 	size_t len,
5099 	int flags,
5100 	struct cred *cr)
5101 {
5102 	u_offset_t io_off;
5103 	u_offset_t eoff;
5104 	struct inode *ip = VTOI(vp);
5105 	page_t *pp;
5106 	size_t io_len;
5107 	int err = 0;
5108 	int dolock;
5109 
5110 	if (vp->v_count == 0)
5111 		return (ufs_fault(vp, "ufs_putpages: v_count == 0"));
5112 	/*
5113 	 * Acquire the readers/write inode lock before locking
5114 	 * any pages in this inode.
5115 	 * The inode lock is held during i/o.
5116 	 */
5117 	if (len == 0) {
5118 		mutex_enter(&ip->i_tlock);
5119 		ip->i_delayoff = ip->i_delaylen = 0;
5120 		mutex_exit(&ip->i_tlock);
5121 	}
5122 	dolock = (rw_owner(&ip->i_contents) != curthread);
5123 	if (dolock) {
5124 		/*
5125 		 * Must synchronize this thread and any possible thread
5126 		 * operating in the window of vulnerability in wrip().
5127 		 * It is dangerous to allow both a thread doing a putpage
5128 		 * and a thread writing, so serialize them.  The exception
5129 		 * is when the thread in wrip() does something which causes
5130 		 * a putpage operation.  Then, the thread must be allowed
5131 		 * to continue.  It may encounter a bmap_read problem in
5132 		 * ufs_putapage, but that is handled in ufs_putapage.
5133 		 * Allow async writers to proceed, we don't want to block
5134 		 * the pageout daemon.
5135 		 */
5136 		if (ip->i_writer == curthread)
5137 			rw_enter(&ip->i_contents, RW_READER);
5138 		else {
5139 			for (;;) {
5140 				rw_enter(&ip->i_contents, RW_READER);
5141 				mutex_enter(&ip->i_tlock);
5142 				/*
5143 				 * If there is no thread in the critical
5144 				 * section of wrip(), then proceed.
5145 				 * Otherwise, wait until there isn't one.
5146 				 */
5147 				if (ip->i_writer == NULL) {
5148 					mutex_exit(&ip->i_tlock);
5149 					break;
5150 				}
5151 				rw_exit(&ip->i_contents);
5152 				/*
5153 				 * Bounce async writers when we have a writer
5154 				 * working on this file so we don't deadlock
5155 				 * the pageout daemon.
5156 				 */
5157 				if (flags & B_ASYNC) {
5158 					mutex_exit(&ip->i_tlock);
5159 					return (0);
5160 				}
5161 				cv_wait(&ip->i_wrcv, &ip->i_tlock);
5162 				mutex_exit(&ip->i_tlock);
5163 			}
5164 		}
5165 	}
5166 
5167 	if (!vn_has_cached_data(vp)) {
5168 		if (dolock)
5169 			rw_exit(&ip->i_contents);
5170 		return (0);
5171 	}
5172 
5173 	if (len == 0) {
5174 		/*
5175 		 * Search the entire vp list for pages >= off.
5176 		 */
5177 		err = pvn_vplist_dirty(vp, (u_offset_t)off, ufs_putapage,
5178 		    flags, cr);
5179 	} else {
5180 		/*
5181 		 * Loop over all offsets in the range looking for
5182 		 * pages to deal with.
5183 		 */
5184 		if ((eoff = blkroundup(ip->i_fs, ip->i_size)) != 0)
5185 			eoff = MIN(off + len, eoff);
5186 		else
5187 			eoff = off + len;
5188 
5189 		for (io_off = off; io_off < eoff; io_off += io_len) {
5190 			/*
5191 			 * If we are not invalidating, synchronously
5192 			 * freeing or writing pages, use the routine
5193 			 * page_lookup_nowait() to prevent reclaiming
5194 			 * them from the free list.
5195 			 */
5196 			if ((flags & B_INVAL) || ((flags & B_ASYNC) == 0)) {
5197 				pp = page_lookup(vp, io_off,
5198 				    (flags & (B_INVAL | B_FREE)) ?
5199 				    SE_EXCL : SE_SHARED);
5200 			} else {
5201 				pp = page_lookup_nowait(vp, io_off,
5202 				    (flags & B_FREE) ? SE_EXCL : SE_SHARED);
5203 			}
5204 
5205 			if (pp == NULL || pvn_getdirty(pp, flags) == 0)
5206 				io_len = PAGESIZE;
5207 			else {
5208 				u_offset_t *io_offp = &io_off;
5209 
5210 				err = ufs_putapage(vp, pp, io_offp, &io_len,
5211 				    flags, cr);
5212 				if (err != 0)
5213 					break;
5214 				/*
5215 				 * "io_off" and "io_len" are returned as
5216 				 * the range of pages we actually wrote.
5217 				 * This allows us to skip ahead more quickly
5218 				 * since several pages may've been dealt
5219 				 * with by this iteration of the loop.
5220 				 */
5221 			}
5222 		}
5223 	}
5224 	if (err == 0 && off == 0 && (len == 0 || len >= ip->i_size)) {
5225 		/*
5226 		 * We have just sync'ed back all the pages on
5227 		 * the inode, turn off the IMODTIME flag.
5228 		 */
5229 		mutex_enter(&ip->i_tlock);
5230 		ip->i_flag &= ~IMODTIME;
5231 		mutex_exit(&ip->i_tlock);
5232 	}
5233 	if (dolock)
5234 		rw_exit(&ip->i_contents);
5235 	return (err);
5236 }
5237 
5238 static void
5239 ufs_iodone(buf_t *bp)
5240 {
5241 	struct inode *ip;
5242 
5243 	ASSERT((bp->b_pages->p_vnode != NULL) && !(bp->b_flags & B_READ));
5244 
5245 	bp->b_iodone = NULL;
5246 
5247 	ip = VTOI(bp->b_pages->p_vnode);
5248 
5249 	mutex_enter(&ip->i_tlock);
5250 	if (ip->i_writes >= ufs_LW) {
5251 		if ((ip->i_writes -= bp->b_bcount) <= ufs_LW)
5252 			if (ufs_WRITES)
5253 				cv_broadcast(&ip->i_wrcv); /* wake all up */
5254 	} else {
5255 		ip->i_writes -= bp->b_bcount;
5256 	}
5257 
5258 	mutex_exit(&ip->i_tlock);
5259 	iodone(bp);
5260 }
5261 
5262 /*
5263  * Write out a single page, possibly klustering adjacent
5264  * dirty pages.  The inode lock must be held.
5265  *
5266  * LMXXX - bsize < pagesize not done.
5267  */
5268 /*ARGSUSED*/
5269 int
5270 ufs_putapage(
5271 	struct vnode *vp,
5272 	page_t *pp,
5273 	u_offset_t *offp,
5274 	size_t *lenp,		/* return values */
5275 	int flags,
5276 	struct cred *cr)
5277 {
5278 	u_offset_t io_off;
5279 	u_offset_t off;
5280 	struct inode *ip = VTOI(vp);
5281 	struct ufsvfs *ufsvfsp = ip->i_ufsvfs;
5282 	struct fs *fs;
5283 	struct buf *bp;
5284 	size_t io_len;
5285 	daddr_t bn;
5286 	int err;
5287 	int contig;
5288 
5289 	ASSERT(RW_LOCK_HELD(&ip->i_contents));
5290 
5291 	if (ufsvfsp == NULL) {
5292 		err = EIO;
5293 		goto out_trace;
5294 	}
5295 
5296 	fs = ip->i_fs;
5297 	ASSERT(fs->fs_ronly == 0);
5298 
5299 	/*
5300 	 * If the modified time on the inode has not already been
5301 	 * set elsewhere (e.g. for write/setattr) we set the time now.
5302 	 * This gives us approximate modified times for mmap'ed files
5303 	 * which are modified via stores in the user address space.
5304 	 */
5305 	if ((ip->i_flag & IMODTIME) == 0) {
5306 		mutex_enter(&ip->i_tlock);
5307 		ip->i_flag |= IUPD;
5308 		ip->i_seq++;
5309 		ITIMES_NOLOCK(ip);
5310 		mutex_exit(&ip->i_tlock);
5311 	}
5312 
5313 	/*
5314 	 * Align the request to a block boundry (for old file systems),
5315 	 * and go ask bmap() how contiguous things are for this file.
5316 	 */
5317 	off = pp->p_offset & (offset_t)fs->fs_bmask;	/* block align it */
5318 	contig = 0;
5319 	err = bmap_read(ip, off, &bn, &contig);
5320 	if (err)
5321 		goto out;
5322 	if (bn == UFS_HOLE) {			/* putpage never allocates */
5323 		/*
5324 		 * logging device is in error mode; simply return EIO
5325 		 */
5326 		if (TRANS_ISERROR(ufsvfsp)) {
5327 			err = EIO;
5328 			goto out;
5329 		}
5330 		/*
5331 		 * Oops, the thread in the window in wrip() did some
5332 		 * sort of operation which caused a putpage in the bad
5333 		 * range.  In this case, just return an error which will
5334 		 * cause the software modified bit on the page to set
5335 		 * and the page will get written out again later.
5336 		 */
5337 		if (ip->i_writer == curthread) {
5338 			err = EIO;
5339 			goto out;
5340 		}
5341 		/*
5342 		 * If the pager is trying to push a page in the bad range
5343 		 * just tell him to try again later when things are better.
5344 		 */
5345 		if (flags & B_ASYNC) {
5346 			err = EAGAIN;
5347 			goto out;
5348 		}
5349 		err = ufs_fault(ITOV(ip), "ufs_putapage: bn == UFS_HOLE");
5350 		goto out;
5351 	}
5352 
5353 	/*
5354 	 * If it is an fallocate'd block, reverse the negativity since
5355 	 * we are now writing to it
5356 	 */
5357 	if (ISFALLOCBLK(ip, bn)) {
5358 		err = bmap_set_bn(vp, off, dbtofsb(fs, -bn));
5359 		if (err)
5360 			goto out;
5361 
5362 		bn = -bn;
5363 	}
5364 
5365 	/*
5366 	 * Take the length (of contiguous bytes) passed back from bmap()
5367 	 * and _try_ and get a set of pages covering that extent.
5368 	 */
5369 	pp = pvn_write_kluster(vp, pp, &io_off, &io_len, off, contig, flags);
5370 
5371 	/*
5372 	 * May have run out of memory and not clustered backwards.
5373 	 * off		p_offset
5374 	 * [  pp - 1  ][   pp   ]
5375 	 * [	block		]
5376 	 * We told bmap off, so we have to adjust the bn accordingly.
5377 	 */
5378 	if (io_off > off) {
5379 		bn += btod(io_off - off);
5380 		contig -= (io_off - off);
5381 	}
5382 
5383 	/*
5384 	 * bmap was carefull to tell us the right size so use that.
5385 	 * There might be unallocated frags at the end.
5386 	 * LMXXX - bzero the end of the page?  We must be writing after EOF.
5387 	 */
5388 	if (io_len > contig) {
5389 		ASSERT(io_len - contig < fs->fs_bsize);
5390 		io_len -= (io_len - contig);
5391 	}
5392 
5393 	/*
5394 	 * Handle the case where we are writing the last page after EOF.
5395 	 *
5396 	 * XXX - just a patch for i-mt3.
5397 	 */
5398 	if (io_len == 0) {
5399 		ASSERT(pp->p_offset >=
5400 		    (u_offset_t)(roundup(ip->i_size, PAGESIZE)));
5401 		io_len = PAGESIZE;
5402 	}
5403 
5404 	bp = pageio_setup(pp, io_len, ip->i_devvp, B_WRITE | flags);
5405 
5406 	ULOCKFS_SET_MOD(ITOUL(ip));
5407 
5408 	bp->b_edev = ip->i_dev;
5409 	bp->b_dev = cmpdev(ip->i_dev);
5410 	bp->b_blkno = bn;
5411 	bp->b_un.b_addr = (caddr_t)0;
5412 	bp->b_file = ip->i_vnode;
5413 
5414 	if (TRANS_ISTRANS(ufsvfsp)) {
5415 		if ((ip->i_mode & IFMT) == IFSHAD) {
5416 			TRANS_BUF(ufsvfsp, 0, io_len, bp, DT_SHAD);
5417 		} else if (ufsvfsp->vfs_qinod == ip) {
5418 			TRANS_DELTA(ufsvfsp, ldbtob(bn), bp->b_bcount, DT_QR,
5419 			    0, 0);
5420 		}
5421 	}
5422 
5423 	/* write throttle */
5424 
5425 	ASSERT(bp->b_iodone == NULL);
5426 	bp->b_iodone = (int (*)())ufs_iodone;
5427 	mutex_enter(&ip->i_tlock);
5428 	ip->i_writes += bp->b_bcount;
5429 	mutex_exit(&ip->i_tlock);
5430 
5431 	if (bp->b_flags & B_ASYNC) {
5432 		if (ufsvfsp->vfs_log) {
5433 			lufs_write_strategy(ufsvfsp->vfs_log, bp);
5434 		} else if (ufsvfsp->vfs_snapshot) {
5435 			fssnap_strategy(&ufsvfsp->vfs_snapshot, bp);
5436 		} else {
5437 			ufsvfsp->vfs_iotstamp = lbolt;
5438 			ub.ub_putasyncs.value.ul++;
5439 			(void) bdev_strategy(bp);
5440 			lwp_stat_update(LWP_STAT_OUBLK, 1);
5441 		}
5442 	} else {
5443 		if (ufsvfsp->vfs_log) {
5444 			lufs_write_strategy(ufsvfsp->vfs_log, bp);
5445 		} else if (ufsvfsp->vfs_snapshot) {
5446 			fssnap_strategy(&ufsvfsp->vfs_snapshot, bp);
5447 		} else {
5448 			ufsvfsp->vfs_iotstamp = lbolt;
5449 			ub.ub_putsyncs.value.ul++;
5450 			(void) bdev_strategy(bp);
5451 			lwp_stat_update(LWP_STAT_OUBLK, 1);
5452 		}
5453 		err = biowait(bp);
5454 		pageio_done(bp);
5455 		pvn_write_done(pp, ((err) ? B_ERROR : 0) | B_WRITE | flags);
5456 	}
5457 
5458 	pp = NULL;
5459 
5460 out:
5461 	if (err != 0 && pp != NULL)
5462 		pvn_write_done(pp, B_ERROR | B_WRITE | flags);
5463 
5464 	if (offp)
5465 		*offp = io_off;
5466 	if (lenp)
5467 		*lenp = io_len;
5468 out_trace:
5469 	return (err);
5470 }
5471 
5472 /* ARGSUSED */
5473 static int
5474 ufs_map(struct vnode *vp,
5475 	offset_t off,
5476 	struct as *as,
5477 	caddr_t *addrp,
5478 	size_t len,
5479 	uchar_t prot,
5480 	uchar_t maxprot,
5481 	uint_t flags,
5482 	struct cred *cr,
5483 	caller_context_t *ct)
5484 {
5485 	struct segvn_crargs vn_a;
5486 	struct ufsvfs *ufsvfsp = VTOI(vp)->i_ufsvfs;
5487 	struct ulockfs *ulp;
5488 	int error;
5489 
5490 retry_map:
5491 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_MAP_MASK);
5492 	if (error)
5493 		goto out;
5494 
5495 	if (vp->v_flag & VNOMAP) {
5496 		error = ENOSYS;
5497 		goto unlock;
5498 	}
5499 
5500 	if (off < (offset_t)0 || (offset_t)(off + len) < (offset_t)0) {
5501 		error = ENXIO;
5502 		goto unlock;
5503 	}
5504 
5505 	if (vp->v_type != VREG) {
5506 		error = ENODEV;
5507 		goto unlock;
5508 	}
5509 
5510 	/*
5511 	 * If file is being locked, disallow mapping.
5512 	 */
5513 	if (vn_has_mandatory_locks(vp, VTOI(vp)->i_mode)) {
5514 		error = EAGAIN;
5515 		goto unlock;
5516 	}
5517 
5518 	as_rangelock(as);
5519 	if ((flags & MAP_FIXED) == 0) {
5520 		map_addr(addrp, len, off, 1, flags);
5521 		if (*addrp == NULL) {
5522 			as_rangeunlock(as);
5523 			error = ENOMEM;
5524 			goto unlock;
5525 		}
5526 	} else {
5527 		/*
5528 		 * User specified address - blow away any previous mappings
5529 		 */
5530 		(void) as_unmap(as, *addrp, len);
5531 	}
5532 
5533 	vn_a.vp = vp;
5534 	vn_a.offset = (u_offset_t)off;
5535 	vn_a.type = flags & MAP_TYPE;
5536 	vn_a.prot = prot;
5537 	vn_a.maxprot = maxprot;
5538 	vn_a.cred = cr;
5539 	vn_a.amp = NULL;
5540 	vn_a.flags = flags & ~MAP_TYPE;
5541 	vn_a.szc = 0;
5542 	vn_a.lgrp_mem_policy_flags = 0;
5543 
5544 retry_lock:
5545 	if (!AS_LOCK_TRYENTER(ias, &as->a_lock, RW_WRITER)) {
5546 		/*
5547 		 * We didn't get the lock. Check if the SLOCK is set in the
5548 		 * ufsvfs. If yes, we might be in a deadlock. Safer to give up
5549 		 * and wait for SLOCK to be cleared.
5550 		 */
5551 
5552 		if (ulp && ULOCKFS_IS_SLOCK(ulp)) {
5553 			as_rangeunlock(as);
5554 			ufs_lockfs_end(ulp);
5555 			goto retry_map;
5556 		} else {
5557 			/*
5558 			 * SLOCK isn't set so this is a genuine synchronization
5559 			 * case. Let's try again after giving them a breather.
5560 			 */
5561 			delay(RETRY_LOCK_DELAY);
5562 			goto  retry_lock;
5563 		}
5564 	}
5565 	error = as_map_locked(as, *addrp, len, segvn_create, &vn_a);
5566 	as_rangeunlock(as);
5567 
5568 unlock:
5569 	if (ulp) {
5570 		ufs_lockfs_end(ulp);
5571 	}
5572 out:
5573 	return (error);
5574 }
5575 
5576 /* ARGSUSED */
5577 static int
5578 ufs_addmap(struct vnode *vp,
5579 	offset_t off,
5580 	struct as *as,
5581 	caddr_t addr,
5582 	size_t	len,
5583 	uchar_t  prot,
5584 	uchar_t  maxprot,
5585 	uint_t    flags,
5586 	struct cred *cr,
5587 	caller_context_t *ct)
5588 {
5589 	struct inode *ip = VTOI(vp);
5590 
5591 	if (vp->v_flag & VNOMAP) {
5592 		return (ENOSYS);
5593 	}
5594 
5595 	mutex_enter(&ip->i_tlock);
5596 	ip->i_mapcnt += btopr(len);
5597 	mutex_exit(&ip->i_tlock);
5598 	return (0);
5599 }
5600 
5601 /*ARGSUSED*/
5602 static int
5603 ufs_delmap(struct vnode *vp, offset_t off, struct as *as, caddr_t addr,
5604 	size_t len, uint_t prot,  uint_t maxprot,  uint_t flags,
5605 	struct cred *cr, caller_context_t *ct)
5606 {
5607 	struct inode *ip = VTOI(vp);
5608 
5609 	if (vp->v_flag & VNOMAP) {
5610 		return (ENOSYS);
5611 	}
5612 
5613 	mutex_enter(&ip->i_tlock);
5614 	ip->i_mapcnt -= btopr(len); 	/* Count released mappings */
5615 	ASSERT(ip->i_mapcnt >= 0);
5616 	mutex_exit(&ip->i_tlock);
5617 	return (0);
5618 }
5619 /*
5620  * Return the answer requested to poll() for non-device files
5621  */
5622 struct pollhead ufs_pollhd;
5623 
5624 /* ARGSUSED */
5625 int
5626 ufs_poll(vnode_t *vp, short ev, int any, short *revp, struct pollhead **phpp,
5627 	caller_context_t *ct)
5628 {
5629 	struct ufsvfs	*ufsvfsp;
5630 
5631 	*revp = 0;
5632 	ufsvfsp = VTOI(vp)->i_ufsvfs;
5633 
5634 	if (!ufsvfsp) {
5635 		*revp = POLLHUP;
5636 		goto out;
5637 	}
5638 
5639 	if (ULOCKFS_IS_HLOCK(&ufsvfsp->vfs_ulockfs) ||
5640 	    ULOCKFS_IS_ELOCK(&ufsvfsp->vfs_ulockfs)) {
5641 		*revp |= POLLERR;
5642 
5643 	} else {
5644 		if ((ev & POLLOUT) && !ufsvfsp->vfs_fs->fs_ronly &&
5645 		    !ULOCKFS_IS_WLOCK(&ufsvfsp->vfs_ulockfs))
5646 			*revp |= POLLOUT;
5647 
5648 		if ((ev & POLLWRBAND) && !ufsvfsp->vfs_fs->fs_ronly &&
5649 		    !ULOCKFS_IS_WLOCK(&ufsvfsp->vfs_ulockfs))
5650 			*revp |= POLLWRBAND;
5651 
5652 		if (ev & POLLIN)
5653 			*revp |= POLLIN;
5654 
5655 		if (ev & POLLRDNORM)
5656 			*revp |= POLLRDNORM;
5657 
5658 		if (ev & POLLRDBAND)
5659 			*revp |= POLLRDBAND;
5660 	}
5661 
5662 	if ((ev & POLLPRI) && (*revp & (POLLERR|POLLHUP)))
5663 		*revp |= POLLPRI;
5664 out:
5665 	*phpp = !any && !*revp ? &ufs_pollhd : (struct pollhead *)NULL;
5666 
5667 	return (0);
5668 }
5669 
5670 /* ARGSUSED */
5671 static int
5672 ufs_l_pathconf(struct vnode *vp, int cmd, ulong_t *valp, struct cred *cr,
5673 	caller_context_t *ct)
5674 {
5675 	struct ufsvfs	*ufsvfsp = VTOI(vp)->i_ufsvfs;
5676 	struct ulockfs	*ulp = NULL;
5677 	struct inode 	*sip = NULL;
5678 	int		error;
5679 	struct inode 	*ip = VTOI(vp);
5680 	int		issync;
5681 
5682 	error = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_PATHCONF_MASK);
5683 	if (error)
5684 		return (error);
5685 
5686 	switch (cmd) {
5687 		/*
5688 		 * Have to handle _PC_NAME_MAX here, because the normal way
5689 		 * [fs_pathconf() -> VOP_STATVFS() -> ufs_statvfs()]
5690 		 * results in a lock ordering reversal between
5691 		 * ufs_lockfs_{begin,end}() and
5692 		 * ufs_thread_{suspend,continue}().
5693 		 *
5694 		 * Keep in sync with ufs_statvfs().
5695 		 */
5696 	case _PC_NAME_MAX:
5697 		*valp = MAXNAMLEN;
5698 		break;
5699 
5700 	case _PC_FILESIZEBITS:
5701 		if (ufsvfsp->vfs_lfflags & UFS_LARGEFILES)
5702 			*valp = UFS_FILESIZE_BITS;
5703 		else
5704 			*valp = 32;
5705 		break;
5706 
5707 	case _PC_XATTR_EXISTS:
5708 		if (vp->v_vfsp->vfs_flag & VFS_XATTR) {
5709 
5710 			error =
5711 			    ufs_xattr_getattrdir(vp, &sip, LOOKUP_XATTR, cr);
5712 			if (error ==  0 && sip != NULL) {
5713 				/* Start transaction */
5714 				if (ulp) {
5715 					TRANS_BEGIN_CSYNC(ufsvfsp, issync,
5716 					    TOP_RMDIR, TOP_RMDIR_SIZE);
5717 				}
5718 				/*
5719 				 * Is directory empty
5720 				 */
5721 				rw_enter(&sip->i_rwlock, RW_WRITER);
5722 				rw_enter(&sip->i_contents, RW_WRITER);
5723 				if (ufs_xattrdirempty(sip,
5724 				    sip->i_number, CRED())) {
5725 					rw_enter(&ip->i_contents, RW_WRITER);
5726 					ufs_unhook_shadow(ip, sip);
5727 					rw_exit(&ip->i_contents);
5728 
5729 					*valp = 0;
5730 
5731 				} else
5732 					*valp = 1;
5733 				rw_exit(&sip->i_contents);
5734 				rw_exit(&sip->i_rwlock);
5735 				if (ulp) {
5736 					TRANS_END_CSYNC(ufsvfsp, error, issync,
5737 					    TOP_RMDIR, TOP_RMDIR_SIZE);
5738 				}
5739 				VN_RELE(ITOV(sip));
5740 			} else if (error == ENOENT) {
5741 				*valp = 0;
5742 				error = 0;
5743 			}
5744 		} else {
5745 			error = fs_pathconf(vp, cmd, valp, cr, ct);
5746 		}
5747 		break;
5748 
5749 	case _PC_ACL_ENABLED:
5750 		*valp = _ACL_ACLENT_ENABLED;
5751 		break;
5752 
5753 	case _PC_MIN_HOLE_SIZE:
5754 		*valp = (ulong_t)ip->i_fs->fs_bsize;
5755 		break;
5756 
5757 	case _PC_SATTR_ENABLED:
5758 	case _PC_SATTR_EXISTS:
5759 		*valp = vfs_has_feature(vp->v_vfsp, VFSFT_XVATTR) &&
5760 		    (vp->v_type == VREG || vp->v_type == VDIR);
5761 		break;
5762 
5763 	default:
5764 		error = fs_pathconf(vp, cmd, valp, cr, ct);
5765 	}
5766 
5767 	if (ulp != NULL) {
5768 		ufs_lockfs_end(ulp);
5769 	}
5770 	return (error);
5771 }
5772 
5773 int ufs_pageio_writes, ufs_pageio_reads;
5774 
5775 /*ARGSUSED*/
5776 static int
5777 ufs_pageio(struct vnode *vp, page_t *pp, u_offset_t io_off, size_t io_len,
5778 	int flags, struct cred *cr, caller_context_t *ct)
5779 {
5780 	struct inode *ip = VTOI(vp);
5781 	struct ufsvfs *ufsvfsp;
5782 	page_t *npp = NULL, *opp = NULL, *cpp = pp;
5783 	struct buf *bp;
5784 	daddr_t bn;
5785 	size_t done_len = 0, cur_len = 0;
5786 	int err = 0;
5787 	int contig = 0;
5788 	int dolock;
5789 	int vmpss = 0;
5790 	struct ulockfs *ulp;
5791 
5792 	if ((flags & B_READ) && pp != NULL && pp->p_vnode == vp &&
5793 	    vp->v_mpssdata != NULL) {
5794 		vmpss = 1;
5795 	}
5796 
5797 	dolock = (rw_owner(&ip->i_contents) != curthread);
5798 	/*
5799 	 * We need a better check.  Ideally, we would use another
5800 	 * vnodeops so that hlocked and forcibly unmounted file
5801 	 * systems would return EIO where appropriate and w/o the
5802 	 * need for these checks.
5803 	 */
5804 	if ((ufsvfsp = ip->i_ufsvfs) == NULL)
5805 		return (EIO);
5806 
5807 	/*
5808 	 * For vmpss (pp can be NULL) case respect the quiesce protocol.
5809 	 * ul_lock must be taken before locking pages so we can't use it here
5810 	 * if pp is non NULL because segvn already locked pages
5811 	 * SE_EXCL. Instead we rely on the fact that a forced umount or
5812 	 * applying a filesystem lock via ufs_fiolfs() will block in the
5813 	 * implicit call to ufs_flush() until we unlock the pages after the
5814 	 * return to segvn. Other ufs_quiesce() callers keep ufs_quiesce_pend
5815 	 * above 0 until they are done. We have to be careful not to increment
5816 	 * ul_vnops_cnt here after forceful unmount hlocks the file system.
5817 	 *
5818 	 * If pp is NULL use ul_lock to make sure we don't increment
5819 	 * ul_vnops_cnt after forceful unmount hlocks the file system.
5820 	 */
5821 	if (vmpss || pp == NULL) {
5822 		ulp = &ufsvfsp->vfs_ulockfs;
5823 		if (pp == NULL)
5824 			mutex_enter(&ulp->ul_lock);
5825 		if (ulp->ul_fs_lock & ULOCKFS_GETREAD_MASK) {
5826 			if (pp == NULL) {
5827 				mutex_exit(&ulp->ul_lock);
5828 			}
5829 			return (vmpss ? EIO : EINVAL);
5830 		}
5831 		atomic_add_long(&ulp->ul_vnops_cnt, 1);
5832 		if (pp == NULL)
5833 			mutex_exit(&ulp->ul_lock);
5834 		if (ufs_quiesce_pend) {
5835 			if (!atomic_add_long_nv(&ulp->ul_vnops_cnt, -1))
5836 				cv_broadcast(&ulp->ul_cv);
5837 			return (vmpss ? EIO : EINVAL);
5838 		}
5839 	}
5840 
5841 	if (dolock) {
5842 		/*
5843 		 * segvn may call VOP_PAGEIO() instead of VOP_GETPAGE() to
5844 		 * handle a fault against a segment that maps vnode pages with
5845 		 * large mappings.  Segvn creates pages and holds them locked
5846 		 * SE_EXCL during VOP_PAGEIO() call. In this case we have to
5847 		 * use rw_tryenter() to avoid a potential deadlock since in
5848 		 * lock order i_contents needs to be taken first.
5849 		 * Segvn will retry via VOP_GETPAGE() if VOP_PAGEIO() fails.
5850 		 */
5851 		if (!vmpss) {
5852 			rw_enter(&ip->i_contents, RW_READER);
5853 		} else if (!rw_tryenter(&ip->i_contents, RW_READER)) {
5854 			if (!atomic_add_long_nv(&ulp->ul_vnops_cnt, -1))
5855 				cv_broadcast(&ulp->ul_cv);
5856 			return (EDEADLK);
5857 		}
5858 	}
5859 
5860 	/*
5861 	 * Return an error to segvn because the pagefault request is beyond
5862 	 * PAGESIZE rounded EOF.
5863 	 */
5864 	if (vmpss && btopr(io_off + io_len) > btopr(ip->i_size)) {
5865 		if (dolock)
5866 			rw_exit(&ip->i_contents);
5867 		if (!atomic_add_long_nv(&ulp->ul_vnops_cnt, -1))
5868 			cv_broadcast(&ulp->ul_cv);
5869 		return (EFAULT);
5870 	}
5871 
5872 	if (pp == NULL) {
5873 		if (bmap_has_holes(ip)) {
5874 			err = ENOSYS;
5875 		} else {
5876 			err = EINVAL;
5877 		}
5878 		if (dolock)
5879 			rw_exit(&ip->i_contents);
5880 		if (!atomic_add_long_nv(&ulp->ul_vnops_cnt, -1))
5881 			cv_broadcast(&ulp->ul_cv);
5882 		return (err);
5883 	}
5884 
5885 	/*
5886 	 * Break the io request into chunks, one for each contiguous
5887 	 * stretch of disk blocks in the target file.
5888 	 */
5889 	while (done_len < io_len) {
5890 		ASSERT(cpp);
5891 		contig = 0;
5892 		if (err = bmap_read(ip, (u_offset_t)(io_off + done_len),
5893 		    &bn, &contig))
5894 			break;
5895 
5896 		if (bn == UFS_HOLE) {	/* No holey swapfiles */
5897 			if (vmpss) {
5898 				err = EFAULT;
5899 				break;
5900 			}
5901 			err = ufs_fault(ITOV(ip), "ufs_pageio: bn == UFS_HOLE");
5902 			break;
5903 		}
5904 
5905 		cur_len = MIN(io_len - done_len, contig);
5906 		/*
5907 		 * Zero out a page beyond EOF, when the last block of
5908 		 * a file is a UFS fragment so that ufs_pageio() can be used
5909 		 * instead of ufs_getpage() to handle faults against
5910 		 * segvn segments that use large pages.
5911 		 */
5912 		page_list_break(&cpp, &npp, btopr(cur_len));
5913 		if ((flags & B_READ) && (cur_len & PAGEOFFSET)) {
5914 			size_t xlen = cur_len & PAGEOFFSET;
5915 			pagezero(cpp->p_prev, xlen, PAGESIZE - xlen);
5916 		}
5917 
5918 		bp = pageio_setup(cpp, cur_len, ip->i_devvp, flags);
5919 		ASSERT(bp != NULL);
5920 
5921 		bp->b_edev = ip->i_dev;
5922 		bp->b_dev = cmpdev(ip->i_dev);
5923 		bp->b_blkno = bn;
5924 		bp->b_un.b_addr = (caddr_t)0;
5925 		bp->b_file = ip->i_vnode;
5926 
5927 		ufsvfsp->vfs_iotstamp = lbolt;
5928 		ub.ub_pageios.value.ul++;
5929 		if (ufsvfsp->vfs_snapshot)
5930 			fssnap_strategy(&(ufsvfsp->vfs_snapshot), bp);
5931 		else
5932 			(void) bdev_strategy(bp);
5933 
5934 		if (flags & B_READ)
5935 			ufs_pageio_reads++;
5936 		else
5937 			ufs_pageio_writes++;
5938 		if (flags & B_READ)
5939 			lwp_stat_update(LWP_STAT_INBLK, 1);
5940 		else
5941 			lwp_stat_update(LWP_STAT_OUBLK, 1);
5942 		/*
5943 		 * If the request is not B_ASYNC, wait for i/o to complete
5944 		 * and re-assemble the page list to return to the caller.
5945 		 * If it is B_ASYNC we leave the page list in pieces and
5946 		 * cleanup() will dispose of them.
5947 		 */
5948 		if ((flags & B_ASYNC) == 0) {
5949 			err = biowait(bp);
5950 			pageio_done(bp);
5951 			if (err)
5952 				break;
5953 			page_list_concat(&opp, &cpp);
5954 		}
5955 		cpp = npp;
5956 		npp = NULL;
5957 		if (flags & B_READ)
5958 			cur_len = P2ROUNDUP_TYPED(cur_len, PAGESIZE, size_t);
5959 		done_len += cur_len;
5960 	}
5961 	ASSERT(err || (cpp == NULL && npp == NULL && done_len == io_len));
5962 	if (err) {
5963 		if (flags & B_ASYNC) {
5964 			/* Cleanup unprocessed parts of list */
5965 			page_list_concat(&cpp, &npp);
5966 			if (flags & B_READ)
5967 				pvn_read_done(cpp, B_ERROR);
5968 			else
5969 				pvn_write_done(cpp, B_ERROR);
5970 		} else {
5971 			/* Re-assemble list and let caller clean up */
5972 			page_list_concat(&opp, &cpp);
5973 			page_list_concat(&opp, &npp);
5974 		}
5975 	}
5976 
5977 	if (vmpss && !(ip->i_flag & IACC) && !ULOCKFS_IS_NOIACC(ulp) &&
5978 	    ufsvfsp->vfs_fs->fs_ronly == 0 && !ufsvfsp->vfs_noatime) {
5979 		mutex_enter(&ip->i_tlock);
5980 		ip->i_flag |= IACC;
5981 		ITIMES_NOLOCK(ip);
5982 		mutex_exit(&ip->i_tlock);
5983 	}
5984 
5985 	if (dolock)
5986 		rw_exit(&ip->i_contents);
5987 	if (vmpss && !atomic_add_long_nv(&ulp->ul_vnops_cnt, -1))
5988 		cv_broadcast(&ulp->ul_cv);
5989 	return (err);
5990 }
5991 
5992 /*
5993  * Called when the kernel is in a frozen state to dump data
5994  * directly to the device. It uses a private dump data structure,
5995  * set up by dump_ctl, to locate the correct disk block to which to dump.
5996  */
5997 /*ARGSUSED*/
5998 static int
5999 ufs_dump(vnode_t *vp, caddr_t addr, int ldbn, int dblks, caller_context_t *ct)
6000 {
6001 	u_offset_t	file_size;
6002 	struct inode    *ip = VTOI(vp);
6003 	struct fs	*fs = ip->i_fs;
6004 	daddr_t		dbn, lfsbn;
6005 	int		disk_blks = fs->fs_bsize >> DEV_BSHIFT;
6006 	int		error = 0;
6007 	int		ndbs, nfsbs;
6008 
6009 	/*
6010 	 * forced unmount case
6011 	 */
6012 	if (ip->i_ufsvfs == NULL)
6013 		return (EIO);
6014 	/*
6015 	 * Validate the inode that it has not been modified since
6016 	 * the dump structure is allocated.
6017 	 */
6018 	mutex_enter(&ip->i_tlock);
6019 	if ((dump_info == NULL) ||
6020 	    (dump_info->ip != ip) ||
6021 	    (dump_info->time.tv_sec != ip->i_mtime.tv_sec) ||
6022 	    (dump_info->time.tv_usec != ip->i_mtime.tv_usec)) {
6023 		mutex_exit(&ip->i_tlock);
6024 		return (-1);
6025 	}
6026 	mutex_exit(&ip->i_tlock);
6027 
6028 	/*
6029 	 * See that the file has room for this write
6030 	 */
6031 	UFS_GET_ISIZE(&file_size, ip);
6032 
6033 	if (ldbtob((offset_t)(ldbn + dblks)) > file_size)
6034 		return (ENOSPC);
6035 
6036 	/*
6037 	 * Find the physical disk block numbers from the dump
6038 	 * private data structure directly and write out the data
6039 	 * in contiguous block lumps
6040 	 */
6041 	while (dblks > 0 && !error) {
6042 		lfsbn = (daddr_t)lblkno(fs, ldbtob((offset_t)ldbn));
6043 		dbn = fsbtodb(fs, dump_info->dblk[lfsbn]) + ldbn % disk_blks;
6044 		nfsbs = 1;
6045 		ndbs = disk_blks - ldbn % disk_blks;
6046 		while (ndbs < dblks && fsbtodb(fs, dump_info->dblk[lfsbn +
6047 		    nfsbs]) == dbn + ndbs) {
6048 			nfsbs++;
6049 			ndbs += disk_blks;
6050 		}
6051 		if (ndbs > dblks)
6052 			ndbs = dblks;
6053 		error = bdev_dump(ip->i_dev, addr, dbn, ndbs);
6054 		addr += ldbtob((offset_t)ndbs);
6055 		dblks -= ndbs;
6056 		ldbn += ndbs;
6057 	}
6058 	return (error);
6059 
6060 }
6061 
6062 /*
6063  * Prepare the file system before and after the dump operation.
6064  *
6065  * action = DUMP_ALLOC:
6066  * Preparation before dump, allocate dump private data structure
6067  * to hold all the direct and indirect block info for dump.
6068  *
6069  * action = DUMP_FREE:
6070  * Clean up after dump, deallocate the dump private data structure.
6071  *
6072  * action = DUMP_SCAN:
6073  * Scan dump_info for *blkp DEV_BSIZE blocks of contig fs space;
6074  * if found, the starting file-relative DEV_BSIZE lbn is written
6075  * to *bklp; that lbn is intended for use with VOP_DUMP()
6076  */
6077 /*ARGSUSED*/
6078 static int
6079 ufs_dumpctl(vnode_t *vp, int action, int *blkp, caller_context_t *ct)
6080 {
6081 	struct inode	*ip = VTOI(vp);
6082 	ufsvfs_t	*ufsvfsp = ip->i_ufsvfs;
6083 	struct fs	*fs;
6084 	daddr32_t	*dblk, *storeblk;
6085 	daddr32_t	*nextblk, *endblk;
6086 	struct buf	*bp;
6087 	int		i, entry, entries;
6088 	int		n, ncontig;
6089 
6090 	/*
6091 	 * check for forced unmount
6092 	 */
6093 	if (ufsvfsp == NULL)
6094 		return (EIO);
6095 
6096 	if (action == DUMP_ALLOC) {
6097 		/*
6098 		 * alloc and record dump_info
6099 		 */
6100 		if (dump_info != NULL)
6101 			return (EINVAL);
6102 
6103 		ASSERT(vp->v_type == VREG);
6104 		fs = ufsvfsp->vfs_fs;
6105 
6106 		rw_enter(&ip->i_contents, RW_READER);
6107 
6108 		if (bmap_has_holes(ip)) {
6109 			rw_exit(&ip->i_contents);
6110 			return (EFAULT);
6111 		}
6112 
6113 		/*
6114 		 * calculate and allocate space needed according to i_size
6115 		 */
6116 		entries = (int)lblkno(fs, blkroundup(fs, ip->i_size));
6117 		dump_info = kmem_alloc(sizeof (struct dump) +
6118 		    (entries - 1) * sizeof (daddr32_t), KM_NOSLEEP);
6119 		if (dump_info == NULL) {
6120 			rw_exit(&ip->i_contents);
6121 			return (ENOMEM);
6122 		}
6123 
6124 		/* Start saving the info */
6125 		dump_info->fsbs = entries;
6126 		dump_info->ip = ip;
6127 		storeblk = &dump_info->dblk[0];
6128 
6129 		/* Direct Blocks */
6130 		for (entry = 0; entry < NDADDR && entry < entries; entry++)
6131 			*storeblk++ = ip->i_db[entry];
6132 
6133 		/* Indirect Blocks */
6134 		for (i = 0; i < NIADDR; i++) {
6135 			int error = 0;
6136 
6137 			bp = UFS_BREAD(ufsvfsp,
6138 			    ip->i_dev, fsbtodb(fs, ip->i_ib[i]), fs->fs_bsize);
6139 			if (bp->b_flags & B_ERROR)
6140 				error = EIO;
6141 			else {
6142 				dblk = bp->b_un.b_daddr;
6143 				if ((storeblk = save_dblks(ip, ufsvfsp,
6144 				    storeblk, dblk, i, entries)) == NULL)
6145 					error = EIO;
6146 			}
6147 
6148 			brelse(bp);
6149 
6150 			if (error != 0) {
6151 				kmem_free(dump_info, sizeof (struct dump) +
6152 				    (entries - 1) * sizeof (daddr32_t));
6153 				rw_exit(&ip->i_contents);
6154 				dump_info = NULL;
6155 				return (error);
6156 			}
6157 		}
6158 		/* and time stamp the information */
6159 		mutex_enter(&ip->i_tlock);
6160 		dump_info->time = ip->i_mtime;
6161 		mutex_exit(&ip->i_tlock);
6162 
6163 		rw_exit(&ip->i_contents);
6164 	} else if (action == DUMP_FREE) {
6165 		/*
6166 		 * free dump_info
6167 		 */
6168 		if (dump_info == NULL)
6169 			return (EINVAL);
6170 		entries = dump_info->fsbs - 1;
6171 		kmem_free(dump_info, sizeof (struct dump) +
6172 		    entries * sizeof (daddr32_t));
6173 		dump_info = NULL;
6174 	} else if (action == DUMP_SCAN) {
6175 		/*
6176 		 * scan dump_info
6177 		 */
6178 		if (dump_info == NULL)
6179 			return (EINVAL);
6180 
6181 		dblk = dump_info->dblk;
6182 		nextblk = dblk + 1;
6183 		endblk = dblk + dump_info->fsbs - 1;
6184 		fs = ufsvfsp->vfs_fs;
6185 		ncontig = *blkp >> (fs->fs_bshift - DEV_BSHIFT);
6186 
6187 		/*
6188 		 * scan dblk[] entries; contig fs space is found when:
6189 		 * ((current blkno + frags per block) == next blkno)
6190 		 */
6191 		n = 0;
6192 		while (n < ncontig && dblk < endblk) {
6193 			if ((*dblk + fs->fs_frag) == *nextblk)
6194 				n++;
6195 			else
6196 				n = 0;
6197 			dblk++;
6198 			nextblk++;
6199 		}
6200 
6201 		/*
6202 		 * index is where size bytes of contig space begins;
6203 		 * conversion from index to the file's DEV_BSIZE lbn
6204 		 * is equivalent to:  (index * fs_bsize) / DEV_BSIZE
6205 		 */
6206 		if (n == ncontig) {
6207 			i = (dblk - dump_info->dblk) - ncontig;
6208 			*blkp = i << (fs->fs_bshift - DEV_BSHIFT);
6209 		} else
6210 			return (EFAULT);
6211 	}
6212 	return (0);
6213 }
6214 
6215 /*
6216  * Recursive helper function for ufs_dumpctl().  It follows the indirect file
6217  * system  blocks until it reaches the the disk block addresses, which are
6218  * then stored into the given buffer, storeblk.
6219  */
6220 static daddr32_t *
6221 save_dblks(struct inode *ip, struct ufsvfs *ufsvfsp,  daddr32_t *storeblk,
6222     daddr32_t *dblk, int level, int entries)
6223 {
6224 	struct fs	*fs = ufsvfsp->vfs_fs;
6225 	struct buf	*bp;
6226 	int		i;
6227 
6228 	if (level == 0) {
6229 		for (i = 0; i < NINDIR(fs); i++) {
6230 			if (storeblk - dump_info->dblk >= entries)
6231 				break;
6232 			*storeblk++ = dblk[i];
6233 		}
6234 		return (storeblk);
6235 	}
6236 	for (i = 0; i < NINDIR(fs); i++) {
6237 		if (storeblk - dump_info->dblk >= entries)
6238 			break;
6239 		bp = UFS_BREAD(ufsvfsp,
6240 		    ip->i_dev, fsbtodb(fs, dblk[i]), fs->fs_bsize);
6241 		if (bp->b_flags & B_ERROR) {
6242 			brelse(bp);
6243 			return (NULL);
6244 		}
6245 		storeblk = save_dblks(ip, ufsvfsp, storeblk, bp->b_un.b_daddr,
6246 		    level - 1, entries);
6247 		brelse(bp);
6248 
6249 		if (storeblk == NULL)
6250 			return (NULL);
6251 	}
6252 	return (storeblk);
6253 }
6254 
6255 /* ARGSUSED */
6256 static int
6257 ufs_getsecattr(struct vnode *vp, vsecattr_t *vsap, int flag,
6258 	struct cred *cr, caller_context_t *ct)
6259 {
6260 	struct inode	*ip = VTOI(vp);
6261 	struct ulockfs	*ulp;
6262 	struct ufsvfs	*ufsvfsp = ip->i_ufsvfs;
6263 	ulong_t		vsa_mask = vsap->vsa_mask;
6264 	int		err = EINVAL;
6265 
6266 	vsa_mask &= (VSA_ACL | VSA_ACLCNT | VSA_DFACL | VSA_DFACLCNT);
6267 
6268 	/*
6269 	 * Only grab locks if needed - they're not needed to check vsa_mask
6270 	 * or if the mask contains no acl flags.
6271 	 */
6272 	if (vsa_mask != 0) {
6273 		if (err = ufs_lockfs_begin(ufsvfsp, &ulp,
6274 		    ULOCKFS_GETATTR_MASK))
6275 			return (err);
6276 
6277 		rw_enter(&ip->i_contents, RW_READER);
6278 		err = ufs_acl_get(ip, vsap, flag, cr);
6279 		rw_exit(&ip->i_contents);
6280 
6281 		if (ulp)
6282 			ufs_lockfs_end(ulp);
6283 	}
6284 	return (err);
6285 }
6286 
6287 /* ARGSUSED */
6288 static int
6289 ufs_setsecattr(struct vnode *vp, vsecattr_t *vsap, int flag, struct cred *cr,
6290 	caller_context_t *ct)
6291 {
6292 	struct inode	*ip = VTOI(vp);
6293 	struct ulockfs	*ulp = NULL;
6294 	struct ufsvfs	*ufsvfsp = VTOI(vp)->i_ufsvfs;
6295 	ulong_t		vsa_mask = vsap->vsa_mask;
6296 	int		err;
6297 	int		haverwlock = 1;
6298 	int		trans_size;
6299 	int		donetrans = 0;
6300 	int		retry = 1;
6301 
6302 	ASSERT(RW_LOCK_HELD(&ip->i_rwlock));
6303 
6304 	/* Abort now if the request is either empty or invalid. */
6305 	vsa_mask &= (VSA_ACL | VSA_ACLCNT | VSA_DFACL | VSA_DFACLCNT);
6306 	if ((vsa_mask == 0) ||
6307 	    ((vsap->vsa_aclentp == NULL) &&
6308 	    (vsap->vsa_dfaclentp == NULL))) {
6309 		err = EINVAL;
6310 		goto out;
6311 	}
6312 
6313 	/*
6314 	 * Following convention, if this is a directory then we acquire the
6315 	 * inode's i_rwlock after starting a UFS logging transaction;
6316 	 * otherwise, we acquire it beforehand. Since we were called (and
6317 	 * must therefore return) with the lock held, we will have to drop it,
6318 	 * and later reacquire it, if operating on a directory.
6319 	 */
6320 	if (vp->v_type == VDIR) {
6321 		rw_exit(&ip->i_rwlock);
6322 		haverwlock = 0;
6323 	} else {
6324 		/* Upgrade the lock if required. */
6325 		if (!rw_write_held(&ip->i_rwlock)) {
6326 			rw_exit(&ip->i_rwlock);
6327 			rw_enter(&ip->i_rwlock, RW_WRITER);
6328 		}
6329 	}
6330 
6331 again:
6332 	ASSERT(!(vp->v_type == VDIR && haverwlock));
6333 	if (err = ufs_lockfs_begin(ufsvfsp, &ulp, ULOCKFS_SETATTR_MASK)) {
6334 		ulp = NULL;
6335 		retry = 0;
6336 		goto out;
6337 	}
6338 
6339 	/*
6340 	 * Check that the file system supports this operation. Note that
6341 	 * ufs_lockfs_begin() will have checked that the file system had
6342 	 * not been forcibly unmounted.
6343 	 */
6344 	if (ufsvfsp->vfs_fs->fs_ronly) {
6345 		err = EROFS;
6346 		goto out;
6347 	}
6348 	if (ufsvfsp->vfs_nosetsec) {
6349 		err = ENOSYS;
6350 		goto out;
6351 	}
6352 
6353 	if (ulp) {
6354 		TRANS_BEGIN_ASYNC(ufsvfsp, TOP_SETSECATTR,
6355 		    trans_size = TOP_SETSECATTR_SIZE(VTOI(vp)));
6356 		donetrans = 1;
6357 	}
6358 
6359 	if (vp->v_type == VDIR) {
6360 		rw_enter(&ip->i_rwlock, RW_WRITER);
6361 		haverwlock = 1;
6362 	}
6363 
6364 	ASSERT(haverwlock);
6365 
6366 	/* Do the actual work. */
6367 	rw_enter(&ip->i_contents, RW_WRITER);
6368 	/*
6369 	 * Suppress out of inodes messages if we will retry.
6370 	 */
6371 	if (retry)
6372 		ip->i_flag |= IQUIET;
6373 	err = ufs_acl_set(ip, vsap, flag, cr);
6374 	ip->i_flag &= ~IQUIET;
6375 	rw_exit(&ip->i_contents);
6376 
6377 out:
6378 	if (ulp) {
6379 		if (donetrans) {
6380 			/*
6381 			 * top_end_async() can eventually call
6382 			 * top_end_sync(), which can block. We must
6383 			 * therefore observe the lock-ordering protocol
6384 			 * here as well.
6385 			 */
6386 			if (vp->v_type == VDIR) {
6387 				rw_exit(&ip->i_rwlock);
6388 				haverwlock = 0;
6389 			}
6390 			TRANS_END_ASYNC(ufsvfsp, TOP_SETSECATTR, trans_size);
6391 		}
6392 		ufs_lockfs_end(ulp);
6393 	}
6394 	/*
6395 	 * If no inodes available, try scaring a logically-
6396 	 * free one out of the delete queue to someplace
6397 	 * that we can find it.
6398 	 */
6399 	if ((err == ENOSPC) && retry && TRANS_ISTRANS(ufsvfsp)) {
6400 		ufs_delete_drain_wait(ufsvfsp, 1);
6401 		retry = 0;
6402 		if (vp->v_type == VDIR && haverwlock) {
6403 			rw_exit(&ip->i_rwlock);
6404 			haverwlock = 0;
6405 		}
6406 		goto again;
6407 	}
6408 	/*
6409 	 * If we need to reacquire the lock then it is safe to do so
6410 	 * as a reader. This is because ufs_rwunlock(), which will be
6411 	 * called by our caller after we return, does not differentiate
6412 	 * between shared and exclusive locks.
6413 	 */
6414 	if (!haverwlock) {
6415 		ASSERT(vp->v_type == VDIR);
6416 		rw_enter(&ip->i_rwlock, RW_READER);
6417 	}
6418 
6419 	return (err);
6420 }
6421