1 /* $NetBSD: union_vfsops.c,v 1.88 2024/05/18 00:04:46 thorpej Exp $ */
2
3 /*
4 * Copyright (c) 1994 The Regents of the University of California.
5 * All rights reserved.
6 *
7 * This code is derived from software donated to Berkeley by
8 * Jan-Simon Pendry.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * @(#)union_vfsops.c 8.20 (Berkeley) 5/20/95
35 */
36
37 /*
38 * Copyright (c) 1994 Jan-Simon Pendry.
39 * All rights reserved.
40 *
41 * This code is derived from software donated to Berkeley by
42 * Jan-Simon Pendry.
43 *
44 * Redistribution and use in source and binary forms, with or without
45 * modification, are permitted provided that the following conditions
46 * are met:
47 * 1. Redistributions of source code must retain the above copyright
48 * notice, this list of conditions and the following disclaimer.
49 * 2. Redistributions in binary form must reproduce the above copyright
50 * notice, this list of conditions and the following disclaimer in the
51 * documentation and/or other materials provided with the distribution.
52 * 3. All advertising materials mentioning features or use of this software
53 * must display the following acknowledgement:
54 * This product includes software developed by the University of
55 * California, Berkeley and its contributors.
56 * 4. Neither the name of the University nor the names of its contributors
57 * may be used to endorse or promote products derived from this software
58 * without specific prior written permission.
59 *
60 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
61 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
62 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
63 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
64 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
65 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
66 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
67 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
68 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
69 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
70 * SUCH DAMAGE.
71 *
72 * @(#)union_vfsops.c 8.20 (Berkeley) 5/20/95
73 */
74
75 /*
76 * Union Layer
77 */
78
79 #include <sys/cdefs.h>
80 __KERNEL_RCSID(0, "$NetBSD: union_vfsops.c,v 1.88 2024/05/18 00:04:46 thorpej Exp $");
81
82 #include <sys/param.h>
83 #include <sys/systm.h>
84 #include <sys/sysctl.h>
85 #include <sys/time.h>
86 #include <sys/proc.h>
87 #include <sys/vnode.h>
88 #include <sys/mount.h>
89 #include <sys/namei.h>
90 #include <sys/filedesc.h>
91 #include <sys/queue.h>
92 #include <sys/stat.h>
93 #include <sys/kauth.h>
94 #include <sys/module.h>
95
96 #include <miscfs/genfs/genfs.h>
97 #include <fs/union/union.h>
98
99 MODULE(MODULE_CLASS_VFS, union, NULL);
100
101 /*
102 * Mount union filesystem
103 */
104 int
union_mount(struct mount * mp,const char * path,void * data,size_t * data_len)105 union_mount(struct mount *mp, const char *path, void *data, size_t *data_len)
106 {
107 struct lwp *l = curlwp;
108 int error = 0;
109 struct union_args *args = data;
110 struct vnode *lowerrootvp = NULLVP;
111 struct vnode *upperrootvp = NULLVP;
112 struct union_mount *um = 0;
113 const char *cp;
114 char *xp;
115 int len;
116 size_t size;
117
118 if (args == NULL)
119 return EINVAL;
120 if (*data_len < sizeof *args)
121 return EINVAL;
122
123 #ifdef UNION_DIAGNOSTIC
124 printf("%s(mp = %p)\n", __func__, mp);
125 #endif
126
127 if (mp->mnt_flag & MNT_GETARGS) {
128 um = MOUNTTOUNIONMOUNT(mp);
129 if (um == NULL)
130 return EIO;
131 args->target = NULL;
132 args->mntflags = um->um_op;
133 *data_len = sizeof *args;
134 return 0;
135 }
136 /*
137 * Update is a no-op
138 */
139 if (mp->mnt_flag & MNT_UPDATE) {
140 /*
141 * Need to provide.
142 * 1. a way to convert between rdonly and rdwr mounts.
143 * 2. support for nfs exports.
144 */
145 error = EOPNOTSUPP;
146 goto bad;
147 }
148
149 lowerrootvp = mp->mnt_vnodecovered;
150 vref(lowerrootvp);
151
152 /*
153 * Find upper node.
154 */
155 error = namei_simple_user(args->target,
156 NSM_FOLLOW_NOEMULROOT, &upperrootvp);
157 if (error != 0)
158 goto bad;
159
160 if (upperrootvp->v_type != VDIR) {
161 error = EINVAL;
162 goto bad;
163 }
164
165 um = kmem_zalloc(sizeof(*um), KM_SLEEP);
166
167 /*
168 * Keep a held reference to the target vnodes.
169 * They are vrele'd in union_unmount.
170 *
171 * Depending on the _BELOW flag, the filesystems are
172 * viewed in a different order. In effect, this is the
173 * same as providing a mount under option to the mount syscall.
174 */
175
176 um->um_op = args->mntflags & UNMNT_OPMASK;
177 switch (um->um_op) {
178 case UNMNT_ABOVE:
179 um->um_lowervp = lowerrootvp;
180 um->um_uppervp = upperrootvp;
181 break;
182
183 case UNMNT_BELOW:
184 um->um_lowervp = upperrootvp;
185 um->um_uppervp = lowerrootvp;
186 break;
187
188 case UNMNT_REPLACE:
189 vrele(lowerrootvp);
190 lowerrootvp = NULLVP;
191 um->um_uppervp = upperrootvp;
192 um->um_lowervp = lowerrootvp;
193 break;
194
195 default:
196 error = EINVAL;
197 goto bad;
198 }
199
200 /*
201 * This mount is mp-safe if both lower mounts are mp-safe.
202 */
203
204 if (((um->um_lowervp == NULLVP) ||
205 (um->um_lowervp->v_mount->mnt_iflag & IMNT_MPSAFE)) &&
206 (um->um_uppervp->v_mount->mnt_iflag & IMNT_MPSAFE))
207 mp->mnt_iflag |= IMNT_MPSAFE;
208
209 /*
210 * Unless the mount is readonly, ensure that the top layer
211 * supports whiteout operations
212 */
213 if ((mp->mnt_flag & MNT_RDONLY) == 0) {
214 static struct componentname nullcn = {
215 .cn_nameiop = LOOKUP,
216 .cn_cred = NOCRED
217 };
218
219 vn_lock(um->um_uppervp, LK_EXCLUSIVE | LK_RETRY);
220 error = VOP_WHITEOUT(um->um_uppervp, &nullcn, LOOKUP);
221 VOP_UNLOCK(um->um_uppervp);
222 if (error)
223 goto bad;
224 }
225
226 um->um_cred = l->l_cred;
227 kauth_cred_hold(um->um_cred);
228 um->um_cmode = UN_DIRMODE &~ l->l_proc->p_cwdi->cwdi_cmask;
229
230 /*
231 * Depending on what you think the MNT_LOCAL flag might mean,
232 * you may want the && to be || on the conditional below.
233 * At the moment it has been defined that the filesystem is
234 * only local if it is all local, ie the MNT_LOCAL flag implies
235 * that the entire namespace is local. If you think the MNT_LOCAL
236 * flag implies that some of the files might be stored locally
237 * then you will want to change the conditional.
238 */
239 if (um->um_op == UNMNT_ABOVE) {
240 if (((um->um_lowervp == NULLVP) ||
241 (um->um_lowervp->v_mount->mnt_flag & MNT_LOCAL)) &&
242 (um->um_uppervp->v_mount->mnt_flag & MNT_LOCAL))
243 mp->mnt_flag |= MNT_LOCAL;
244 }
245
246 /*
247 * Copy in the upper layer's RDONLY flag. This is for the benefit
248 * of lookup() which explicitly checks the flag, rather than asking
249 * the filesystem for its own opinion. This means, that an update
250 * mount of the underlying filesystem to go from rdonly to rdwr
251 * will leave the unioned view as read-only.
252 */
253 mp->mnt_flag |= (um->um_uppervp->v_mount->mnt_flag & MNT_RDONLY);
254
255 mp->mnt_data = um;
256 vfs_getnewfsid(mp);
257
258 error = set_statvfs_info(path, UIO_USERSPACE, NULL, UIO_USERSPACE,
259 mp->mnt_op->vfs_name, mp, l);
260 if (error)
261 goto bad;
262
263 error = vfs_set_lowermount(mp, um->um_uppervp->v_mount);
264 if (error)
265 goto bad;
266
267 switch (um->um_op) {
268 case UNMNT_ABOVE:
269 cp = "<above>:";
270 break;
271 case UNMNT_BELOW:
272 cp = "<below>:";
273 break;
274 case UNMNT_REPLACE:
275 cp = "";
276 break;
277 default:
278 cp = "<invalid>:";
279 #ifdef DIAGNOSTIC
280 panic("%s: bad um_op", __func__);
281 #endif
282 break;
283 }
284 len = strlen(cp);
285 memcpy(mp->mnt_stat.f_mntfromname, cp, len);
286
287 xp = mp->mnt_stat.f_mntfromname + len;
288 len = MNAMELEN - len;
289
290 (void) copyinstr(args->target, xp, len - 1, &size);
291 memset(xp + size, 0, len - size);
292
293 #ifdef UNION_DIAGNOSTIC
294 printf("%s: from %s, on %s\n", __func__,
295 mp->mnt_stat.f_mntfromname, mp->mnt_stat.f_mntonname);
296 #endif
297
298 /* Setup the readdir hook if it's not set already */
299 if (!vn_union_readdir_hook)
300 vn_union_readdir_hook = union_readdirhook;
301
302 return 0;
303
304 bad:
305 if (um) {
306 if (um->um_cred)
307 kauth_cred_free(um->um_cred);
308 kmem_free(um, sizeof(*um));
309 }
310 if (upperrootvp)
311 vrele(upperrootvp);
312 if (lowerrootvp)
313 vrele(lowerrootvp);
314 return error;
315 }
316
317 /*
318 * VFS start. Nothing needed here - the start routine
319 * on the underlying filesystem(s) will have been called
320 * when that filesystem was mounted.
321 */
322 /*ARGSUSED*/
323 int
union_start(struct mount * mp,int flags)324 union_start(struct mount *mp, int flags)
325 {
326
327 return 0;
328 }
329
330 /*
331 * Free reference to union layer
332 */
333 static bool
union_unmount_selector(void * cl,struct vnode * vp)334 union_unmount_selector(void *cl, struct vnode *vp)
335 {
336 int *count = cl;
337
338 KASSERT(mutex_owned(vp->v_interlock));
339
340 *count += 1;
341 return false;
342 }
343
344 int
union_unmount(struct mount * mp,int mntflags)345 union_unmount(struct mount *mp, int mntflags)
346 {
347 struct union_mount *um = MOUNTTOUNIONMOUNT(mp);
348 int freeing;
349 int error;
350
351 #ifdef UNION_DIAGNOSTIC
352 printf("%s(mp = %p)\n", __func__, mp);
353 #endif
354
355 /*
356 * Keep flushing vnodes from the mount list.
357 * This is needed because of the un_pvp held
358 * reference to the parent vnode.
359 * If more vnodes have been freed on a given pass,
360 * the try again. The loop will iterate at most
361 * (d) times, where (d) is the maximum tree depth
362 * in the filesystem.
363 */
364 for (freeing = 0; (error = vflush(mp, NULL, 0)) != 0;) {
365 struct vnode_iterator *marker;
366 int n;
367
368 /* count #vnodes held on mount list */
369 n = 0;
370 vfs_vnode_iterator_init(mp, &marker);
371 vfs_vnode_iterator_next(marker, union_unmount_selector, &n);
372 vfs_vnode_iterator_destroy(marker);
373
374 /* if this is unchanged then stop */
375 if (n == freeing)
376 break;
377
378 /* otherwise try once more time */
379 freeing = n;
380 }
381
382 /*
383 * Ok, now that we've tried doing it gently, get out the hammer.
384 */
385
386 if (mntflags & MNT_FORCE)
387 error = vflush(mp, NULL, FORCECLOSE);
388
389 if (error)
390 return error;
391
392 /*
393 * Discard references to upper and lower target vnodes.
394 */
395 if (um->um_lowervp)
396 vrele(um->um_lowervp);
397 vrele(um->um_uppervp);
398 kauth_cred_free(um->um_cred);
399 /*
400 * Finally, throw away the union_mount structure
401 */
402 kmem_free(um, sizeof(*um));
403 mp->mnt_data = NULL;
404 return 0;
405 }
406
407 int
union_root(struct mount * mp,int lktype,struct vnode ** vpp)408 union_root(struct mount *mp, int lktype, struct vnode **vpp)
409 {
410 struct union_mount *um = MOUNTTOUNIONMOUNT(mp);
411 int error;
412
413 /*
414 * Return locked reference to root.
415 */
416 vref(um->um_uppervp);
417 if (um->um_lowervp)
418 vref(um->um_lowervp);
419 error = union_allocvp(vpp, mp, NULL, NULL, NULL,
420 um->um_uppervp, um->um_lowervp, 1);
421
422 if (error) {
423 vrele(um->um_uppervp);
424 if (um->um_lowervp)
425 vrele(um->um_lowervp);
426 return error;
427 }
428
429 vn_lock(*vpp, lktype | LK_RETRY);
430
431 return 0;
432 }
433
434 int
union_statvfs(struct mount * mp,struct statvfs * sbp)435 union_statvfs(struct mount *mp, struct statvfs *sbp)
436 {
437 int error;
438 struct union_mount *um = MOUNTTOUNIONMOUNT(mp);
439 struct statvfs *sbuf = kmem_zalloc(sizeof(*sbuf), KM_SLEEP);
440 unsigned long lbsize;
441
442 #ifdef UNION_DIAGNOSTIC
443 printf("%s(mp = %p, lvp = %p, uvp = %p)\n", __func__, mp,
444 um->um_lowervp, um->um_uppervp);
445 #endif
446
447 if (um->um_lowervp) {
448 error = VFS_STATVFS(um->um_lowervp->v_mount, sbuf);
449 if (error)
450 goto done;
451 }
452
453 /* now copy across the "interesting" information and fake the rest */
454 lbsize = sbuf->f_bsize;
455 sbp->f_blocks = sbuf->f_blocks - sbuf->f_bfree;
456 sbp->f_files = sbuf->f_files - sbuf->f_ffree;
457
458 error = VFS_STATVFS(um->um_uppervp->v_mount, sbuf);
459 if (error)
460 goto done;
461
462 sbp->f_flag = sbuf->f_flag;
463 sbp->f_bsize = sbuf->f_bsize;
464 sbp->f_frsize = sbuf->f_frsize;
465 sbp->f_iosize = sbuf->f_iosize;
466
467 /*
468 * The "total" fields count total resources in all layers,
469 * the "free" fields count only those resources which are
470 * free in the upper layer (since only the upper layer
471 * is writable).
472 */
473
474 if (sbuf->f_bsize != lbsize)
475 sbp->f_blocks = sbp->f_blocks * lbsize / sbuf->f_bsize;
476 sbp->f_blocks += sbuf->f_blocks;
477 sbp->f_bfree = sbuf->f_bfree;
478 sbp->f_bavail = sbuf->f_bavail;
479 sbp->f_bresvd = sbuf->f_bresvd;
480 sbp->f_files += sbuf->f_files;
481 sbp->f_ffree = sbuf->f_ffree;
482 sbp->f_favail = sbuf->f_favail;
483 sbp->f_fresvd = sbuf->f_fresvd;
484
485 copy_statvfs_info(sbp, mp);
486 done:
487 kmem_free(sbuf, sizeof(*sbuf));
488 return error;
489 }
490
491 /*ARGSUSED*/
492 int
union_sync(struct mount * mp,int waitfor,kauth_cred_t cred)493 union_sync(struct mount *mp, int waitfor, kauth_cred_t cred)
494 {
495
496 /*
497 * XXX - Assumes no data cached at union layer.
498 */
499 return 0;
500 }
501
502 /*ARGSUSED*/
503 int
union_vget(struct mount * mp,ino_t ino,int lktype,struct vnode ** vpp)504 union_vget(struct mount *mp, ino_t ino, int lktype, struct vnode **vpp)
505 {
506
507 return EOPNOTSUPP;
508 }
509
510 static int
union_renamelock_enter(struct mount * mp)511 union_renamelock_enter(struct mount *mp)
512 {
513 struct union_mount *um = MOUNTTOUNIONMOUNT(mp);
514
515 /* Lock just the upper fs, where the action happens. */
516 return VFS_RENAMELOCK_ENTER(um->um_uppervp->v_mount);
517 }
518
519 static void
union_renamelock_exit(struct mount * mp)520 union_renamelock_exit(struct mount *mp)
521 {
522 struct union_mount *um = MOUNTTOUNIONMOUNT(mp);
523
524 VFS_RENAMELOCK_EXIT(um->um_uppervp->v_mount);
525 }
526
527 extern const struct vnodeopv_desc union_vnodeop_opv_desc;
528
529 const struct vnodeopv_desc * const union_vnodeopv_descs[] = {
530 &union_vnodeop_opv_desc,
531 NULL,
532 };
533
534 struct vfsops union_vfsops = {
535 .vfs_name = MOUNT_UNION,
536 .vfs_min_mount_data = sizeof (struct union_args),
537 .vfs_mount = union_mount,
538 .vfs_start = union_start,
539 .vfs_unmount = union_unmount,
540 .vfs_root = union_root,
541 .vfs_quotactl = (void *)eopnotsupp,
542 .vfs_statvfs = union_statvfs,
543 .vfs_sync = union_sync,
544 .vfs_vget = union_vget,
545 .vfs_loadvnode = union_loadvnode,
546 .vfs_fhtovp = (void *)eopnotsupp,
547 .vfs_vptofh = (void *)eopnotsupp,
548 .vfs_init = union_init,
549 .vfs_reinit = union_reinit,
550 .vfs_done = union_done,
551 .vfs_snapshot = (void *)eopnotsupp,
552 .vfs_extattrctl = vfs_stdextattrctl,
553 .vfs_suspendctl = genfs_suspendctl,
554 .vfs_renamelock_enter = union_renamelock_enter,
555 .vfs_renamelock_exit = union_renamelock_exit,
556 .vfs_fsync = (void *)eopnotsupp,
557 .vfs_opv_descs = union_vnodeopv_descs
558 };
559
560 SYSCTL_SETUP(unionfs_sysctl_setup, "unionfs sysctl")
561 {
562
563 sysctl_createv(clog, 0, NULL, NULL,
564 CTLFLAG_PERMANENT,
565 CTLTYPE_NODE, "union",
566 SYSCTL_DESCR("Union file system"),
567 NULL, 0, NULL, 0,
568 CTL_VFS, 15, CTL_EOL);
569 /*
570 * XXX the "15" above could be dynamic, thereby eliminating
571 * one more instance of the "number to vfs" mapping problem,
572 * but "15" is the order as taken from sys/mount.h
573 */
574 }
575
576 static int
union_modcmd(modcmd_t cmd,void * arg)577 union_modcmd(modcmd_t cmd, void *arg)
578 {
579
580 switch (cmd) {
581 case MODULE_CMD_INIT:
582 return vfs_attach(&union_vfsops);
583 case MODULE_CMD_FINI:
584 return vfs_detach(&union_vfsops);
585 default:
586 return ENOTTY;
587 }
588 }
589