NetBSD-5.0.2/sys/fs/union/union_subr.c
/* $NetBSD: union_subr.c,v 1.33 2008/03/21 21:55:00 ad Exp $ */
/*
* Copyright (c) 1994
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Jan-Simon Pendry.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)union_subr.c 8.20 (Berkeley) 5/20/95
*/
/*
* Copyright (c) 1994 Jan-Simon Pendry
*
* This code is derived from software contributed to Berkeley by
* Jan-Simon Pendry.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)union_subr.c 8.20 (Berkeley) 5/20/95
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: union_subr.c,v 1.33 2008/03/21 21:55:00 ad Exp $");
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/proc.h>
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/vnode.h>
#include <sys/namei.h>
#include <sys/malloc.h>
#include <sys/file.h>
#include <sys/filedesc.h>
#include <sys/queue.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <sys/kauth.h>
#include <uvm/uvm_extern.h>
#include <fs/union/union.h>
/* must be power of two, otherwise change UNION_HASH() */
#define NHASH 32
/* unsigned int ... */
#define UNION_HASH(u, l) \
(((((unsigned long) (u)) + ((unsigned long) l)) >> 8) & (NHASH-1))
static LIST_HEAD(unhead, union_node) unhead[NHASH];
static int unvplock[NHASH];
static int union_list_lock(int);
static void union_list_unlock(int);
void union_updatevp(struct union_node *, struct vnode *, struct vnode *);
static int union_relookup(struct union_mount *, struct vnode *,
struct vnode **, struct componentname *,
struct componentname *, const char *, int);
int union_vn_close(struct vnode *, int, kauth_cred_t, struct lwp *);
static void union_dircache_r(struct vnode *, struct vnode ***, int *);
struct vnode *union_dircache(struct vnode *, struct lwp *);
void
union_init(void)
{
int i;
for (i = 0; i < NHASH; i++)
LIST_INIT(&unhead[i]);
memset(unvplock, 0, sizeof(unvplock));
}
/*
* Free global unionfs resources.
*/
void
union_done(void)
{
/* Make sure to unset the readdir hook. */
vn_union_readdir_hook = NULL;
}
static int
union_list_lock(int ix)
{
if (unvplock[ix] & UN_LOCKED) {
unvplock[ix] |= UN_WANTED;
(void) tsleep(&unvplock[ix], PINOD, "unionlk", 0);
return (1);
}
unvplock[ix] |= UN_LOCKED;
return (0);
}
static void
union_list_unlock(int ix)
{
unvplock[ix] &= ~UN_LOCKED;
if (unvplock[ix] & UN_WANTED) {
unvplock[ix] &= ~UN_WANTED;
wakeup(&unvplock[ix]);
}
}
void
union_updatevp(struct union_node *un, struct vnode *uppervp,
struct vnode *lowervp)
{
int ohash = UNION_HASH(un->un_uppervp, un->un_lowervp);
int nhash = UNION_HASH(uppervp, lowervp);
int docache = (lowervp != NULLVP || uppervp != NULLVP);
int lhash, uhash;
/*
* Ensure locking is ordered from lower to higher
* to avoid deadlocks.
*/
if (nhash < ohash) {
lhash = nhash;
uhash = ohash;
} else {
lhash = ohash;
uhash = nhash;
}
if (lhash != uhash)
while (union_list_lock(lhash))
continue;
while (union_list_lock(uhash))
continue;
if (ohash != nhash || !docache) {
if (un->un_flags & UN_CACHED) {
un->un_flags &= ~UN_CACHED;
LIST_REMOVE(un, un_cache);
}
}
if (ohash != nhash)
union_list_unlock(ohash);
if (un->un_lowervp != lowervp) {
if (un->un_lowervp) {
vrele(un->un_lowervp);
if (un->un_path) {
free(un->un_path, M_TEMP);
un->un_path = 0;
}
if (un->un_dirvp) {
vrele(un->un_dirvp);
un->un_dirvp = NULLVP;
}
}
un->un_lowervp = lowervp;
un->un_lowersz = VNOVAL;
}
if (un->un_uppervp != uppervp) {
if (un->un_uppervp)
vrele(un->un_uppervp);
un->un_uppervp = uppervp;
un->un_uppersz = VNOVAL;
}
if (docache && (ohash != nhash)) {
LIST_INSERT_HEAD(&unhead[nhash], un, un_cache);
un->un_flags |= UN_CACHED;
}
union_list_unlock(nhash);
}
void
union_newlower(struct union_node *un, struct vnode *lowervp)
{
union_updatevp(un, un->un_uppervp, lowervp);
}
void
union_newupper(struct union_node *un, struct vnode *uppervp)
{
union_updatevp(un, uppervp, un->un_lowervp);
}
/*
* Keep track of size changes in the underlying vnodes.
* If the size changes, then callback to the vm layer
* giving priority to the upper layer size.
*/
void
union_newsize(struct vnode *vp, off_t uppersz, off_t lowersz)
{
struct union_node *un;
off_t sz;
/* only interested in regular files */
if (vp->v_type != VREG) {
uvm_vnp_setsize(vp, 0);
return;
}
un = VTOUNION(vp);
sz = VNOVAL;
if ((uppersz != VNOVAL) && (un->un_uppersz != uppersz)) {
un->un_uppersz = uppersz;
if (sz == VNOVAL)
sz = un->un_uppersz;
}
if ((lowersz != VNOVAL) && (un->un_lowersz != lowersz)) {
un->un_lowersz = lowersz;
if (sz == VNOVAL)
sz = un->un_lowersz;
}
if (sz != VNOVAL) {
#ifdef UNION_DIAGNOSTIC
printf("union: %s size now %qd\n",
uppersz != VNOVAL ? "upper" : "lower", sz);
#endif
uvm_vnp_setsize(vp, sz);
}
}
/*
* allocate a union_node/vnode pair. the vnode is
* referenced and locked. the new vnode is returned
* via (vpp). (mp) is the mountpoint of the union filesystem,
* (dvp) is the parent directory where the upper layer object
* should exist (but doesn't) and (cnp) is the componentname
* information which is partially copied to allow the upper
* layer object to be created at a later time. (uppervp)
* and (lowervp) reference the upper and lower layer objects
* being mapped. either, but not both, can be nil.
* if supplied, (uppervp) is locked.
* the reference is either maintained in the new union_node
* object which is allocated, or they are vrele'd.
*
* all union_nodes are maintained on a singly-linked
* list. new nodes are only allocated when they cannot
* be found on this list. entries on the list are
* removed when the vfs reclaim entry is called.
*
* a single lock is kept for the entire list. this is
* needed because the getnewvnode() function can block
* waiting for a vnode to become free, in which case there
* may be more than one process trying to get the same
* vnode. this lock is only taken if we are going to
* call getnewvnode, since the kernel itself is single-threaded.
*
* if an entry is found on the list, then call vget() to
* take a reference. this is done because there may be
* zero references to it and so it needs to removed from
* the vnode free list.
*/
int
union_allocvp(
struct vnode **vpp,
struct mount *mp,
struct vnode *undvp, /* parent union vnode */
struct vnode *dvp, /* may be null */
struct componentname *cnp, /* may be null */
struct vnode *uppervp, /* may be null */
struct vnode *lowervp, /* may be null */
int docache)
{
int error;
struct vattr va;
struct union_node *un = NULL;
struct vnode *xlowervp = NULLVP;
struct union_mount *um = MOUNTTOUNIONMOUNT(mp);
voff_t uppersz, lowersz;
int hash = 0;
int vflag, iflag;
int try;
if (uppervp == NULLVP && lowervp == NULLVP)
panic("union: unidentifiable allocation");
if (uppervp && lowervp && (uppervp->v_type != lowervp->v_type)) {
xlowervp = lowervp;
lowervp = NULLVP;
}
/* detect the root vnode (and aliases) */
iflag = VI_LAYER;
vflag = 0;
if ((uppervp == um->um_uppervp) &&
((lowervp == NULLVP) || lowervp == um->um_lowervp)) {
if (lowervp == NULLVP) {
lowervp = um->um_lowervp;
if (lowervp != NULLVP)
VREF(lowervp);
}
iflag = 0;
vflag = VV_ROOT;
}
loop:
if (!docache) {
un = 0;
} else for (try = 0; try < 3; try++) {
switch (try) {
case 0:
if (lowervp == NULLVP)
continue;
hash = UNION_HASH(uppervp, lowervp);
break;
case 1:
if (uppervp == NULLVP)
continue;
hash = UNION_HASH(uppervp, NULLVP);
break;
case 2:
if (lowervp == NULLVP)
continue;
hash = UNION_HASH(NULLVP, lowervp);
break;
}
while (union_list_lock(hash))
continue;
for (un = unhead[hash].lh_first; un != 0;
un = un->un_cache.le_next) {
if ((un->un_lowervp == lowervp ||
un->un_lowervp == NULLVP) &&
(un->un_uppervp == uppervp ||
un->un_uppervp == NULLVP) &&
(UNIONTOV(un)->v_mount == mp)) {
if (vget(UNIONTOV(un), 0)) {
union_list_unlock(hash);
goto loop;
}
break;
}
}
union_list_unlock(hash);
if (un)
break;
}
if (un) {
/*
* Obtain a lock on the union_node.
* uppervp is locked, though un->un_uppervp
* may not be. this doesn't break the locking
* hierarchy since in the case that un->un_uppervp
* is not yet locked it will be vrele'd and replaced
* with uppervp.
*/
if ((dvp != NULLVP) && (uppervp == dvp)) {
/*
* Access ``.'', so (un) will already
* be locked. Since this process has
* the lock on (uppervp) no other
* process can hold the lock on (un).
*/
#ifdef DIAGNOSTIC
if ((un->un_flags & UN_LOCKED) == 0)
panic("union: . not locked");
else if (curproc && un->un_pid != curproc->p_pid &&
un->un_pid > -1 && curproc->p_pid > -1)
panic("union: allocvp not lock owner");
#endif
} else {
if (un->un_flags & UN_LOCKED) {
vrele(UNIONTOV(un));
un->un_flags |= UN_WANTED;
(void) tsleep(&un->un_flags, PINOD,
"unionalloc", 0);
goto loop;
}
un->un_flags |= UN_LOCKED;
#ifdef DIAGNOSTIC
if (curproc)
un->un_pid = curproc->p_pid;
else
un->un_pid = -1;
#endif
}
/*
* At this point, the union_node is locked,
* un->un_uppervp may not be locked, and uppervp
* is locked or nil.
*/
/*
* Save information about the upper layer.
*/
if (uppervp != un->un_uppervp) {
union_newupper(un, uppervp);
} else if (uppervp) {
vrele(uppervp);
}
if (un->un_uppervp) {
un->un_flags |= UN_ULOCK;
un->un_flags &= ~UN_KLOCK;
}
/*
* Save information about the lower layer.
* This needs to keep track of pathname
* and directory information which union_vn_create
* might need.
*/
if (lowervp != un->un_lowervp) {
union_newlower(un, lowervp);
if (cnp && (lowervp != NULLVP)) {
un->un_hash = cnp->cn_hash;
un->un_path = malloc(cnp->cn_namelen+1,
M_TEMP, M_WAITOK);
memcpy(un->un_path, cnp->cn_nameptr,
cnp->cn_namelen);
un->un_path[cnp->cn_namelen] = '\0';
VREF(dvp);
un->un_dirvp = dvp;
}
} else if (lowervp) {
vrele(lowervp);
}
*vpp = UNIONTOV(un);
return (0);
}
uppersz = lowersz = VNOVAL;
if (uppervp != NULLVP)
if (VOP_GETATTR(uppervp, &va, FSCRED) == 0)
uppersz = va.va_size;
if (lowervp != NULLVP)
if (VOP_GETATTR(lowervp, &va, FSCRED) == 0)
lowersz = va.va_size;
if (docache) {
/*
* otherwise lock the vp list while we call getnewvnode
* since that can block.
*/
hash = UNION_HASH(uppervp, lowervp);
if (union_list_lock(hash))
goto loop;
}
error = getnewvnode(VT_UNION, mp, union_vnodeop_p, vpp);
if (error) {
if (uppervp) {
if (dvp == uppervp)
vrele(uppervp);
else
vput(uppervp);
}
if (lowervp)
vrele(lowervp);
goto out;
}
MALLOC((*vpp)->v_data, void *, sizeof(struct union_node),
M_TEMP, M_WAITOK);
(*vpp)->v_vflag |= vflag;
(*vpp)->v_iflag |= iflag;
(*vpp)->v_vnlock = NULL; /* Make upper layers call VOP_LOCK */
if (uppervp)
(*vpp)->v_type = uppervp->v_type;
else
(*vpp)->v_type = lowervp->v_type;
un = VTOUNION(*vpp);
un->un_vnode = *vpp;
un->un_uppervp = uppervp;
un->un_lowervp = lowervp;
un->un_pvp = undvp;
if (undvp != NULLVP)
VREF(undvp);
un->un_dircache = 0;
un->un_openl = 0;
un->un_flags = UN_LOCKED;
un->un_uppersz = VNOVAL;
un->un_lowersz = VNOVAL;
union_newsize(*vpp, uppersz, lowersz);
if (un->un_uppervp)
un->un_flags |= UN_ULOCK;
#ifdef DIAGNOSTIC
if (curproc)
un->un_pid = curproc->p_pid;
else
un->un_pid = -1;
#endif
if (dvp && cnp && (lowervp != NULLVP)) {
un->un_hash = cnp->cn_hash;
un->un_path = malloc(cnp->cn_namelen+1, M_TEMP, M_WAITOK);
memcpy(un->un_path, cnp->cn_nameptr, cnp->cn_namelen);
un->un_path[cnp->cn_namelen] = '\0';
VREF(dvp);
un->un_dirvp = dvp;
} else {
un->un_hash = 0;
un->un_path = 0;
un->un_dirvp = 0;
}
if (docache) {
LIST_INSERT_HEAD(&unhead[hash], un, un_cache);
un->un_flags |= UN_CACHED;
}
if (xlowervp)
vrele(xlowervp);
out:
if (docache)
union_list_unlock(hash);
return (error);
}
int
union_freevp(struct vnode *vp)
{
struct union_node *un = VTOUNION(vp);
if (un->un_flags & UN_CACHED) {
un->un_flags &= ~UN_CACHED;
LIST_REMOVE(un, un_cache);
}
if (un->un_pvp != NULLVP)
vrele(un->un_pvp);
if (un->un_uppervp != NULLVP)
vrele(un->un_uppervp);
if (un->un_lowervp != NULLVP)
vrele(un->un_lowervp);
if (un->un_dirvp != NULLVP)
vrele(un->un_dirvp);
if (un->un_path)
free(un->un_path, M_TEMP);
FREE(vp->v_data, M_TEMP);
vp->v_data = 0;
return (0);
}
/*
* copyfile. copy the vnode (fvp) to the vnode (tvp)
* using a sequence of reads and writes. both (fvp)
* and (tvp) are locked on entry and exit.
*/
int
union_copyfile(struct vnode *fvp, struct vnode *tvp, kauth_cred_t cred,
struct lwp *l)
{
char *tbuf;
struct uio uio;
struct iovec iov;
int error = 0;
/*
* strategy:
* allocate a buffer of size MAXBSIZE.
* loop doing reads and writes, keeping track
* of the current uio offset.
* give up at the first sign of trouble.
*/
uio.uio_offset = 0;
UIO_SETUP_SYSSPACE(&uio);
VOP_UNLOCK(fvp, 0); /* XXX */
vn_lock(fvp, LK_EXCLUSIVE | LK_RETRY); /* XXX */
VOP_UNLOCK(tvp, 0); /* XXX */
vn_lock(tvp, LK_EXCLUSIVE | LK_RETRY); /* XXX */
tbuf = malloc(MAXBSIZE, M_TEMP, M_WAITOK);
/* ugly loop follows... */
do {
off_t offset = uio.uio_offset;
uio.uio_iov = &iov;
uio.uio_iovcnt = 1;
iov.iov_base = tbuf;
iov.iov_len = MAXBSIZE;
uio.uio_resid = iov.iov_len;
uio.uio_rw = UIO_READ;
error = VOP_READ(fvp, &uio, 0, cred);
if (error == 0) {
uio.uio_iov = &iov;
uio.uio_iovcnt = 1;
iov.iov_base = tbuf;
iov.iov_len = MAXBSIZE - uio.uio_resid;
uio.uio_offset = offset;
uio.uio_rw = UIO_WRITE;
uio.uio_resid = iov.iov_len;
if (uio.uio_resid == 0)
break;
do {
error = VOP_WRITE(tvp, &uio, 0, cred);
} while ((uio.uio_resid > 0) && (error == 0));
}
} while (error == 0);
free(tbuf, M_TEMP);
return (error);
}
/*
* (un) is assumed to be locked on entry and remains
* locked on exit.
*/
int
union_copyup(struct union_node *un, int docopy, kauth_cred_t cred,
struct lwp *l)
{
int error;
struct vnode *lvp, *uvp;
struct vattr lvattr, uvattr;
error = union_vn_create(&uvp, un, l);
if (error)
return (error);
/* at this point, uppervp is locked */
union_newupper(un, uvp);
un->un_flags |= UN_ULOCK;
lvp = un->un_lowervp;
if (docopy) {
/*
* XX - should not ignore errors
* from VOP_CLOSE
*/
vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY);
error = VOP_GETATTR(lvp, &lvattr, cred);
if (error == 0)
error = VOP_OPEN(lvp, FREAD, cred);
if (error == 0) {
error = union_copyfile(lvp, uvp, cred, l);
(void) VOP_CLOSE(lvp, FREAD, cred);
}
if (error == 0) {
/* Copy permissions up too */
VATTR_NULL(&uvattr);
uvattr.va_mode = lvattr.va_mode;
uvattr.va_flags = lvattr.va_flags;
error = VOP_SETATTR(uvp, &uvattr, cred);
}
VOP_UNLOCK(lvp, 0);
#ifdef UNION_DIAGNOSTIC
if (error == 0)
uprintf("union: copied up %s\n", un->un_path);
#endif
}
union_vn_close(uvp, FWRITE, cred, l);
/*
* Subsequent IOs will go to the top layer, so
* call close on the lower vnode and open on the
* upper vnode to ensure that the filesystem keeps
* its references counts right. This doesn't do
* the right thing with (cred) and (FREAD) though.
* Ignoring error returns is not right, either.
*/
if (error == 0) {
int i;
vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY);
for (i = 0; i < un->un_openl; i++) {
(void) VOP_CLOSE(lvp, FREAD, cred);
(void) VOP_OPEN(uvp, FREAD, cred);
}
un->un_openl = 0;
VOP_UNLOCK(lvp, 0);
}
return (error);
}
static int
union_relookup(
struct union_mount *um,
struct vnode *dvp,
struct vnode **vpp,
struct componentname *cnp,
struct componentname *cn,
const char *path,
int pathlen)
{
int error;
/*
* A new componentname structure must be faked up because
* there is no way to know where the upper level cnp came
* from or what it is being used for. This must duplicate
* some of the work done by NDINIT, some of the work done
* by namei, some of the work done by lookup and some of
* the work done by VOP_LOOKUP when given a CREATE flag.
* Conclusion: Horrible.
*
* The pathname buffer will be PNBUF_PUT'd by VOP_MKDIR.
*/
cn->cn_namelen = pathlen;
if ((cn->cn_namelen + 1) > MAXPATHLEN)
return (ENAMETOOLONG);
cn->cn_pnbuf = PNBUF_GET();
memcpy(cn->cn_pnbuf, path, cn->cn_namelen);
cn->cn_pnbuf[cn->cn_namelen] = '\0';
cn->cn_nameiop = CREATE;
cn->cn_flags = (LOCKPARENT|HASBUF|SAVENAME|ISLASTCN);
if (um->um_op == UNMNT_ABOVE)
cn->cn_cred = cnp->cn_cred;
else
cn->cn_cred = um->um_cred;
cn->cn_nameptr = cn->cn_pnbuf;
cn->cn_hash = cnp->cn_hash;
cn->cn_consume = cnp->cn_consume;
error = relookup(dvp, vpp, cn);
if (error) {
PNBUF_PUT(cn->cn_pnbuf);
cn->cn_pnbuf = 0;
}
return (error);
}
/*
* Create a shadow directory in the upper layer.
* The new vnode is returned locked.
*
* (um) points to the union mount structure for access to the
* the mounting process's credentials.
* (dvp) is the directory in which to create the shadow directory.
* it is unlocked on entry and exit.
* (cnp) is the componentname to be created.
* (vpp) is the returned newly created shadow directory, which
* is returned locked.
*
* N.B. We still attempt to create shadow directories even if the union
* is mounted read-only, which is a little nonintuitive.
*/
int
union_mkshadow(struct union_mount *um, struct vnode *dvp,
struct componentname *cnp, struct vnode **vpp)
{
int error;
struct vattr va;
struct componentname cn;
vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY);
error = union_relookup(um, dvp, vpp, cnp, &cn,
cnp->cn_nameptr, cnp->cn_namelen);
if (error) {
VOP_UNLOCK(dvp, 0);
return (error);
}
if (*vpp) {
VOP_ABORTOP(dvp, &cn);
if (dvp != *vpp)
VOP_UNLOCK(dvp, 0);
vput(*vpp);
*vpp = NULLVP;
return (EEXIST);
}
/*
* policy: when creating the shadow directory in the
* upper layer, create it owned by the user who did
* the mount, group from parent directory, and mode
* 777 modified by umask (ie mostly identical to the
* mkdir syscall). (jsp, kb)
*/
VATTR_NULL(&va);
va.va_type = VDIR;
va.va_mode = um->um_cmode;
vref(dvp);
error = VOP_MKDIR(dvp, vpp, &cn, &va);
return (error);
}
/*
* Create a whiteout entry in the upper layer.
*
* (um) points to the union mount structure for access to the
* the mounting process's credentials.
* (dvp) is the directory in which to create the whiteout.
* it is locked on entry and exit.
* (cnp) is the componentname to be created.
*/
int
union_mkwhiteout(struct union_mount *um, struct vnode *dvp,
struct componentname *cnp, char *path)
{
int error;
struct vnode *wvp;
struct componentname cn;
VOP_UNLOCK(dvp, 0);
vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY);
error = union_relookup(um, dvp, &wvp, cnp, &cn, path, strlen(path));
if (error)
return (error);
if (wvp) {
VOP_ABORTOP(dvp, &cn);
if (dvp != wvp)
VOP_UNLOCK(dvp, 0);
vput(wvp);
return (EEXIST);
}
error = VOP_WHITEOUT(dvp, &cn, CREATE);
if (error)
VOP_ABORTOP(dvp, &cn);
return (error);
}
/*
* union_vn_create: creates and opens a new shadow file
* on the upper union layer. this function is similar
* in spirit to calling vn_open but it avoids calling namei().
* the problem with calling namei is that a) it locks too many
* things, and b) it doesn't start at the "right" directory,
* whereas relookup is told where to start.
*/
int
union_vn_create(struct vnode **vpp, struct union_node *un, struct lwp *l)
{
struct vnode *vp;
kauth_cred_t cred = l->l_cred;
struct vattr vat;
struct vattr *vap = &vat;
int fmode = FFLAGS(O_WRONLY|O_CREAT|O_TRUNC|O_EXCL);
int error;
int cmode = UN_FILEMODE & ~l->l_proc->p_cwdi->cwdi_cmask;
struct componentname cn;
*vpp = NULLVP;
/*
* Build a new componentname structure (for the same
* reasons outlines in union_mkshadow).
* The difference here is that the file is owned by
* the current user, rather than by the person who
* did the mount, since the current user needs to be
* able to write the file (that's why it is being
* copied in the first place).
*/
cn.cn_namelen = strlen(un->un_path);
if ((cn.cn_namelen + 1) > MAXPATHLEN)
return (ENAMETOOLONG);
cn.cn_pnbuf = PNBUF_GET();
memcpy(cn.cn_pnbuf, un->un_path, cn.cn_namelen+1);
cn.cn_nameiop = CREATE;
cn.cn_flags = (LOCKPARENT|HASBUF|SAVENAME|ISLASTCN);
cn.cn_cred = l->l_cred;
cn.cn_nameptr = cn.cn_pnbuf;
cn.cn_hash = un->un_hash;
cn.cn_consume = 0;
vn_lock(un->un_dirvp, LK_EXCLUSIVE | LK_RETRY);
error = relookup(un->un_dirvp, &vp, &cn);
if (error) {
VOP_UNLOCK(un->un_dirvp, 0);
return (error);
}
if (vp) {
VOP_ABORTOP(un->un_dirvp, &cn);
if (un->un_dirvp != vp)
VOP_UNLOCK(un->un_dirvp, 0);
vput(vp);
return (EEXIST);
}
/*
* Good - there was no race to create the file
* so go ahead and create it. The permissions
* on the file will be 0666 modified by the
* current user's umask. Access to the file, while
* it is unioned, will require access to the top *and*
* bottom files. Access when not unioned will simply
* require access to the top-level file.
* TODO: confirm choice of access permissions.
*/
VATTR_NULL(vap);
vap->va_type = VREG;
vap->va_mode = cmode;
vref(un->un_dirvp);
if ((error = VOP_CREATE(un->un_dirvp, &vp, &cn, vap)) != 0)
return (error);
if ((error = VOP_OPEN(vp, fmode, cred)) != 0) {
vput(vp);
return (error);
}
vp->v_writecount++;
*vpp = vp;
return (0);
}
int
union_vn_close(struct vnode *vp, int fmode, kauth_cred_t cred, struct lwp *l)
{
if (fmode & FWRITE)
--vp->v_writecount;
return (VOP_CLOSE(vp, fmode, cred));
}
void
union_removed_upper(struct union_node *un)
{
#if 1
/*
* We do not set the uppervp to NULLVP here, because lowervp
* may also be NULLVP, so this routine would end up creating
* a bogus union node with no upper or lower VP (that causes
* pain in many places that assume at least one VP exists).
* Since we've removed this node from the cache hash chains,
* it won't be found again. When all current holders
* release it, union_inactive() will vgone() it.
*/
union_diruncache(un);
#else
union_newupper(un, NULLVP);
#endif
if (un->un_flags & UN_CACHED) {
un->un_flags &= ~UN_CACHED;
LIST_REMOVE(un, un_cache);
}
if (un->un_flags & UN_ULOCK) {
un->un_flags &= ~UN_ULOCK;
VOP_UNLOCK(un->un_uppervp, 0);
}
}
#if 0
struct vnode *
union_lowervp(struct vnode *vp)
{
struct union_node *un = VTOUNION(vp);
if ((un->un_lowervp != NULLVP) &&
(vp->v_type == un->un_lowervp->v_type)) {
if (vget(un->un_lowervp, 0) == 0)
return (un->un_lowervp);
}
return (NULLVP);
}
#endif
/*
* determine whether a whiteout is needed
* during a remove/rmdir operation.
*/
int
union_dowhiteout(struct union_node *un, kauth_cred_t cred)
{
struct vattr va;
if (un->un_lowervp != NULLVP)
return (1);
if (VOP_GETATTR(un->un_uppervp, &va, cred) == 0 &&
(va.va_flags & OPAQUE))
return (1);
return (0);
}
static void
union_dircache_r(struct vnode *vp, struct vnode ***vppp, int *cntp)
{
struct union_node *un;
if (vp->v_op != union_vnodeop_p) {
if (vppp) {
VREF(vp);
*(*vppp)++ = vp;
if (--(*cntp) == 0)
panic("union: dircache table too small");
} else {
(*cntp)++;
}
return;
}
un = VTOUNION(vp);
if (un->un_uppervp != NULLVP)
union_dircache_r(un->un_uppervp, vppp, cntp);
if (un->un_lowervp != NULLVP)
union_dircache_r(un->un_lowervp, vppp, cntp);
}
struct vnode *
union_dircache(struct vnode *vp, struct lwp *l)
{
int cnt;
struct vnode *nvp = NULLVP;
struct vnode **vpp;
struct vnode **dircache;
int error;
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
dircache = VTOUNION(vp)->un_dircache;
nvp = NULLVP;
if (dircache == 0) {
cnt = 0;
union_dircache_r(vp, 0, &cnt);
cnt++;
dircache = (struct vnode **)
malloc(cnt * sizeof(struct vnode *),
M_TEMP, M_WAITOK);
vpp = dircache;
union_dircache_r(vp, &vpp, &cnt);
VTOUNION(vp)->un_dircache = dircache;
*vpp = NULLVP;
vpp = dircache + 1;
} else {
vpp = dircache;
do {
if (*vpp++ == VTOUNION(vp)->un_uppervp)
break;
} while (*vpp != NULLVP);
}
if (*vpp == NULLVP)
goto out;
vn_lock(*vpp, LK_EXCLUSIVE | LK_RETRY);
VREF(*vpp);
error = union_allocvp(&nvp, vp->v_mount, NULLVP, NULLVP, 0, *vpp, NULLVP, 0);
if (!error) {
VTOUNION(vp)->un_dircache = 0;
VTOUNION(nvp)->un_dircache = dircache;
}
out:
VOP_UNLOCK(vp, 0);
return (nvp);
}
void
union_diruncache(struct union_node *un)
{
struct vnode **vpp;
if (un->un_dircache != 0) {
for (vpp = un->un_dircache; *vpp != NULLVP; vpp++)
vrele(*vpp);
free(un->un_dircache, M_TEMP);
un->un_dircache = 0;
}
}
/*
* This hook is called from vn_readdir() to switch to lower directory
* entry after the upper directory is read.
*/
int
union_readdirhook(struct vnode **vpp, struct file *fp, struct lwp *l)
{
struct vnode *vp = *vpp, *lvp;
struct vattr va;
int error;
if (vp->v_op != union_vnodeop_p)
return (0);
if ((lvp = union_dircache(vp, l)) == NULLVP)
return (0);
/*
* If the directory is opaque,
* then don't show lower entries
*/
error = VOP_GETATTR(vp, &va, fp->f_cred);
if (error || (va.va_flags & OPAQUE)) {
vput(lvp);
return (error);
}
error = VOP_OPEN(lvp, FREAD, fp->f_cred);
if (error) {
vput(lvp);
return (error);
}
VOP_UNLOCK(lvp, 0);
fp->f_data = lvp;
fp->f_offset = 0;
error = vn_close(vp, FREAD, fp->f_cred);
if (error)
return (error);
*vpp = lvp;
return (0);
}