1 /* $NetBSD: union_vfsops.c,v 1.87 2023/02/13 08:39:40 hannken Exp $ */ 2 3 /* 4 * Copyright (c) 1994 The Regents of the University of California. 5 * All rights reserved. 6 * 7 * This code is derived from software donated to Berkeley by 8 * Jan-Simon Pendry. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * @(#)union_vfsops.c 8.20 (Berkeley) 5/20/95 35 */ 36 37 /* 38 * Copyright (c) 1994 Jan-Simon Pendry. 39 * All rights reserved. 40 * 41 * This code is derived from software donated to Berkeley by 42 * Jan-Simon Pendry. 43 * 44 * Redistribution and use in source and binary forms, with or without 45 * modification, are permitted provided that the following conditions 46 * are met: 47 * 1. Redistributions of source code must retain the above copyright 48 * notice, this list of conditions and the following disclaimer. 49 * 2. Redistributions in binary form must reproduce the above copyright 50 * notice, this list of conditions and the following disclaimer in the 51 * documentation and/or other materials provided with the distribution. 52 * 3. All advertising materials mentioning features or use of this software 53 * must display the following acknowledgement: 54 * This product includes software developed by the University of 55 * California, Berkeley and its contributors. 56 * 4. Neither the name of the University nor the names of its contributors 57 * may be used to endorse or promote products derived from this software 58 * without specific prior written permission. 59 * 60 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 61 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 62 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 63 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 64 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 65 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 66 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 67 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 68 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 69 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 70 * SUCH DAMAGE. 71 * 72 * @(#)union_vfsops.c 8.20 (Berkeley) 5/20/95 73 */ 74 75 /* 76 * Union Layer 77 */ 78 79 #include <sys/cdefs.h> 80 __KERNEL_RCSID(0, "$NetBSD: union_vfsops.c,v 1.87 2023/02/13 08:39:40 hannken Exp $"); 81 82 #include <sys/param.h> 83 #include <sys/systm.h> 84 #include <sys/sysctl.h> 85 #include <sys/time.h> 86 #include <sys/proc.h> 87 #include <sys/vnode.h> 88 #include <sys/mount.h> 89 #include <sys/namei.h> 90 #include <sys/malloc.h> 91 #include <sys/filedesc.h> 92 #include <sys/queue.h> 93 #include <sys/stat.h> 94 #include <sys/kauth.h> 95 #include <sys/module.h> 96 97 #include <miscfs/genfs/genfs.h> 98 #include <fs/union/union.h> 99 100 MODULE(MODULE_CLASS_VFS, union, NULL); 101 102 /* 103 * Mount union filesystem 104 */ 105 int 106 union_mount(struct mount *mp, const char *path, void *data, size_t *data_len) 107 { 108 struct lwp *l = curlwp; 109 int error = 0; 110 struct union_args *args = data; 111 struct vnode *lowerrootvp = NULLVP; 112 struct vnode *upperrootvp = NULLVP; 113 struct union_mount *um = 0; 114 const char *cp; 115 char *xp; 116 int len; 117 size_t size; 118 119 if (args == NULL) 120 return EINVAL; 121 if (*data_len < sizeof *args) 122 return EINVAL; 123 124 #ifdef UNION_DIAGNOSTIC 125 printf("%s(mp = %p)\n", __func__, mp); 126 #endif 127 128 if (mp->mnt_flag & MNT_GETARGS) { 129 um = MOUNTTOUNIONMOUNT(mp); 130 if (um == NULL) 131 return EIO; 132 args->target = NULL; 133 args->mntflags = um->um_op; 134 *data_len = sizeof *args; 135 return 0; 136 } 137 /* 138 * Update is a no-op 139 */ 140 if (mp->mnt_flag & MNT_UPDATE) { 141 /* 142 * Need to provide. 143 * 1. a way to convert between rdonly and rdwr mounts. 144 * 2. support for nfs exports. 145 */ 146 error = EOPNOTSUPP; 147 goto bad; 148 } 149 150 lowerrootvp = mp->mnt_vnodecovered; 151 vref(lowerrootvp); 152 153 /* 154 * Find upper node. 155 */ 156 error = namei_simple_user(args->target, 157 NSM_FOLLOW_NOEMULROOT, &upperrootvp); 158 if (error != 0) 159 goto bad; 160 161 if (upperrootvp->v_type != VDIR) { 162 error = EINVAL; 163 goto bad; 164 } 165 166 um = kmem_zalloc(sizeof(*um), KM_SLEEP); 167 168 /* 169 * Keep a held reference to the target vnodes. 170 * They are vrele'd in union_unmount. 171 * 172 * Depending on the _BELOW flag, the filesystems are 173 * viewed in a different order. In effect, this is the 174 * same as providing a mount under option to the mount syscall. 175 */ 176 177 um->um_op = args->mntflags & UNMNT_OPMASK; 178 switch (um->um_op) { 179 case UNMNT_ABOVE: 180 um->um_lowervp = lowerrootvp; 181 um->um_uppervp = upperrootvp; 182 break; 183 184 case UNMNT_BELOW: 185 um->um_lowervp = upperrootvp; 186 um->um_uppervp = lowerrootvp; 187 break; 188 189 case UNMNT_REPLACE: 190 vrele(lowerrootvp); 191 lowerrootvp = NULLVP; 192 um->um_uppervp = upperrootvp; 193 um->um_lowervp = lowerrootvp; 194 break; 195 196 default: 197 error = EINVAL; 198 goto bad; 199 } 200 201 /* 202 * This mount is mp-safe if both lower mounts are mp-safe. 203 */ 204 205 if (((um->um_lowervp == NULLVP) || 206 (um->um_lowervp->v_mount->mnt_iflag & IMNT_MPSAFE)) && 207 (um->um_uppervp->v_mount->mnt_iflag & IMNT_MPSAFE)) 208 mp->mnt_iflag |= IMNT_MPSAFE; 209 210 /* 211 * Unless the mount is readonly, ensure that the top layer 212 * supports whiteout operations 213 */ 214 if ((mp->mnt_flag & MNT_RDONLY) == 0) { 215 static struct componentname nullcn = { 216 .cn_nameiop = LOOKUP, 217 .cn_cred = NOCRED 218 }; 219 220 vn_lock(um->um_uppervp, LK_EXCLUSIVE | LK_RETRY); 221 error = VOP_WHITEOUT(um->um_uppervp, &nullcn, LOOKUP); 222 VOP_UNLOCK(um->um_uppervp); 223 if (error) 224 goto bad; 225 } 226 227 um->um_cred = l->l_cred; 228 kauth_cred_hold(um->um_cred); 229 um->um_cmode = UN_DIRMODE &~ l->l_proc->p_cwdi->cwdi_cmask; 230 231 /* 232 * Depending on what you think the MNT_LOCAL flag might mean, 233 * you may want the && to be || on the conditional below. 234 * At the moment it has been defined that the filesystem is 235 * only local if it is all local, ie the MNT_LOCAL flag implies 236 * that the entire namespace is local. If you think the MNT_LOCAL 237 * flag implies that some of the files might be stored locally 238 * then you will want to change the conditional. 239 */ 240 if (um->um_op == UNMNT_ABOVE) { 241 if (((um->um_lowervp == NULLVP) || 242 (um->um_lowervp->v_mount->mnt_flag & MNT_LOCAL)) && 243 (um->um_uppervp->v_mount->mnt_flag & MNT_LOCAL)) 244 mp->mnt_flag |= MNT_LOCAL; 245 } 246 247 /* 248 * Copy in the upper layer's RDONLY flag. This is for the benefit 249 * of lookup() which explicitly checks the flag, rather than asking 250 * the filesystem for its own opinion. This means, that an update 251 * mount of the underlying filesystem to go from rdonly to rdwr 252 * will leave the unioned view as read-only. 253 */ 254 mp->mnt_flag |= (um->um_uppervp->v_mount->mnt_flag & MNT_RDONLY); 255 256 mp->mnt_data = um; 257 vfs_getnewfsid(mp); 258 259 error = set_statvfs_info(path, UIO_USERSPACE, NULL, UIO_USERSPACE, 260 mp->mnt_op->vfs_name, mp, l); 261 if (error) 262 goto bad; 263 264 error = vfs_set_lowermount(mp, um->um_uppervp->v_mount); 265 if (error) 266 goto bad; 267 268 switch (um->um_op) { 269 case UNMNT_ABOVE: 270 cp = "<above>:"; 271 break; 272 case UNMNT_BELOW: 273 cp = "<below>:"; 274 break; 275 case UNMNT_REPLACE: 276 cp = ""; 277 break; 278 default: 279 cp = "<invalid>:"; 280 #ifdef DIAGNOSTIC 281 panic("%s: bad um_op", __func__); 282 #endif 283 break; 284 } 285 len = strlen(cp); 286 memcpy(mp->mnt_stat.f_mntfromname, cp, len); 287 288 xp = mp->mnt_stat.f_mntfromname + len; 289 len = MNAMELEN - len; 290 291 (void) copyinstr(args->target, xp, len - 1, &size); 292 memset(xp + size, 0, len - size); 293 294 #ifdef UNION_DIAGNOSTIC 295 printf("%s: from %s, on %s\n", __func__, 296 mp->mnt_stat.f_mntfromname, mp->mnt_stat.f_mntonname); 297 #endif 298 299 /* Setup the readdir hook if it's not set already */ 300 if (!vn_union_readdir_hook) 301 vn_union_readdir_hook = union_readdirhook; 302 303 return 0; 304 305 bad: 306 if (um) { 307 if (um->um_cred) 308 kauth_cred_free(um->um_cred); 309 kmem_free(um, sizeof(*um)); 310 } 311 if (upperrootvp) 312 vrele(upperrootvp); 313 if (lowerrootvp) 314 vrele(lowerrootvp); 315 return error; 316 } 317 318 /* 319 * VFS start. Nothing needed here - the start routine 320 * on the underlying filesystem(s) will have been called 321 * when that filesystem was mounted. 322 */ 323 /*ARGSUSED*/ 324 int 325 union_start(struct mount *mp, int flags) 326 { 327 328 return 0; 329 } 330 331 /* 332 * Free reference to union layer 333 */ 334 static bool 335 union_unmount_selector(void *cl, struct vnode *vp) 336 { 337 int *count = cl; 338 339 KASSERT(mutex_owned(vp->v_interlock)); 340 341 *count += 1; 342 return false; 343 } 344 345 int 346 union_unmount(struct mount *mp, int mntflags) 347 { 348 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 349 int freeing; 350 int error; 351 352 #ifdef UNION_DIAGNOSTIC 353 printf("%s(mp = %p)\n", __func__, mp); 354 #endif 355 356 /* 357 * Keep flushing vnodes from the mount list. 358 * This is needed because of the un_pvp held 359 * reference to the parent vnode. 360 * If more vnodes have been freed on a given pass, 361 * the try again. The loop will iterate at most 362 * (d) times, where (d) is the maximum tree depth 363 * in the filesystem. 364 */ 365 for (freeing = 0; (error = vflush(mp, NULL, 0)) != 0;) { 366 struct vnode_iterator *marker; 367 int n; 368 369 /* count #vnodes held on mount list */ 370 n = 0; 371 vfs_vnode_iterator_init(mp, &marker); 372 vfs_vnode_iterator_next(marker, union_unmount_selector, &n); 373 vfs_vnode_iterator_destroy(marker); 374 375 /* if this is unchanged then stop */ 376 if (n == freeing) 377 break; 378 379 /* otherwise try once more time */ 380 freeing = n; 381 } 382 383 /* 384 * Ok, now that we've tried doing it gently, get out the hammer. 385 */ 386 387 if (mntflags & MNT_FORCE) 388 error = vflush(mp, NULL, FORCECLOSE); 389 390 if (error) 391 return error; 392 393 /* 394 * Discard references to upper and lower target vnodes. 395 */ 396 if (um->um_lowervp) 397 vrele(um->um_lowervp); 398 vrele(um->um_uppervp); 399 kauth_cred_free(um->um_cred); 400 /* 401 * Finally, throw away the union_mount structure 402 */ 403 kmem_free(um, sizeof(*um)); 404 mp->mnt_data = NULL; 405 return 0; 406 } 407 408 int 409 union_root(struct mount *mp, int lktype, struct vnode **vpp) 410 { 411 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 412 int error; 413 414 /* 415 * Return locked reference to root. 416 */ 417 vref(um->um_uppervp); 418 if (um->um_lowervp) 419 vref(um->um_lowervp); 420 error = union_allocvp(vpp, mp, NULL, NULL, NULL, 421 um->um_uppervp, um->um_lowervp, 1); 422 423 if (error) { 424 vrele(um->um_uppervp); 425 if (um->um_lowervp) 426 vrele(um->um_lowervp); 427 return error; 428 } 429 430 vn_lock(*vpp, lktype | LK_RETRY); 431 432 return 0; 433 } 434 435 int 436 union_statvfs(struct mount *mp, struct statvfs *sbp) 437 { 438 int error; 439 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 440 struct statvfs *sbuf = kmem_zalloc(sizeof(*sbuf), KM_SLEEP); 441 unsigned long lbsize; 442 443 #ifdef UNION_DIAGNOSTIC 444 printf("%s(mp = %p, lvp = %p, uvp = %p)\n", __func__, mp, 445 um->um_lowervp, um->um_uppervp); 446 #endif 447 448 if (um->um_lowervp) { 449 error = VFS_STATVFS(um->um_lowervp->v_mount, sbuf); 450 if (error) 451 goto done; 452 } 453 454 /* now copy across the "interesting" information and fake the rest */ 455 lbsize = sbuf->f_bsize; 456 sbp->f_blocks = sbuf->f_blocks - sbuf->f_bfree; 457 sbp->f_files = sbuf->f_files - sbuf->f_ffree; 458 459 error = VFS_STATVFS(um->um_uppervp->v_mount, sbuf); 460 if (error) 461 goto done; 462 463 sbp->f_flag = sbuf->f_flag; 464 sbp->f_bsize = sbuf->f_bsize; 465 sbp->f_frsize = sbuf->f_frsize; 466 sbp->f_iosize = sbuf->f_iosize; 467 468 /* 469 * The "total" fields count total resources in all layers, 470 * the "free" fields count only those resources which are 471 * free in the upper layer (since only the upper layer 472 * is writable). 473 */ 474 475 if (sbuf->f_bsize != lbsize) 476 sbp->f_blocks = sbp->f_blocks * lbsize / sbuf->f_bsize; 477 sbp->f_blocks += sbuf->f_blocks; 478 sbp->f_bfree = sbuf->f_bfree; 479 sbp->f_bavail = sbuf->f_bavail; 480 sbp->f_bresvd = sbuf->f_bresvd; 481 sbp->f_files += sbuf->f_files; 482 sbp->f_ffree = sbuf->f_ffree; 483 sbp->f_favail = sbuf->f_favail; 484 sbp->f_fresvd = sbuf->f_fresvd; 485 486 copy_statvfs_info(sbp, mp); 487 done: 488 kmem_free(sbuf, sizeof(*sbuf)); 489 return error; 490 } 491 492 /*ARGSUSED*/ 493 int 494 union_sync(struct mount *mp, int waitfor, kauth_cred_t cred) 495 { 496 497 /* 498 * XXX - Assumes no data cached at union layer. 499 */ 500 return 0; 501 } 502 503 /*ARGSUSED*/ 504 int 505 union_vget(struct mount *mp, ino_t ino, int lktype, struct vnode **vpp) 506 { 507 508 return EOPNOTSUPP; 509 } 510 511 static int 512 union_renamelock_enter(struct mount *mp) 513 { 514 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 515 516 /* Lock just the upper fs, where the action happens. */ 517 return VFS_RENAMELOCK_ENTER(um->um_uppervp->v_mount); 518 } 519 520 static void 521 union_renamelock_exit(struct mount *mp) 522 { 523 struct union_mount *um = MOUNTTOUNIONMOUNT(mp); 524 525 VFS_RENAMELOCK_EXIT(um->um_uppervp->v_mount); 526 } 527 528 extern const struct vnodeopv_desc union_vnodeop_opv_desc; 529 530 const struct vnodeopv_desc * const union_vnodeopv_descs[] = { 531 &union_vnodeop_opv_desc, 532 NULL, 533 }; 534 535 struct vfsops union_vfsops = { 536 .vfs_name = MOUNT_UNION, 537 .vfs_min_mount_data = sizeof (struct union_args), 538 .vfs_mount = union_mount, 539 .vfs_start = union_start, 540 .vfs_unmount = union_unmount, 541 .vfs_root = union_root, 542 .vfs_quotactl = (void *)eopnotsupp, 543 .vfs_statvfs = union_statvfs, 544 .vfs_sync = union_sync, 545 .vfs_vget = union_vget, 546 .vfs_loadvnode = union_loadvnode, 547 .vfs_fhtovp = (void *)eopnotsupp, 548 .vfs_vptofh = (void *)eopnotsupp, 549 .vfs_init = union_init, 550 .vfs_reinit = union_reinit, 551 .vfs_done = union_done, 552 .vfs_snapshot = (void *)eopnotsupp, 553 .vfs_extattrctl = vfs_stdextattrctl, 554 .vfs_suspendctl = genfs_suspendctl, 555 .vfs_renamelock_enter = union_renamelock_enter, 556 .vfs_renamelock_exit = union_renamelock_exit, 557 .vfs_fsync = (void *)eopnotsupp, 558 .vfs_opv_descs = union_vnodeopv_descs 559 }; 560 561 SYSCTL_SETUP(unionfs_sysctl_setup, "unionfs sysctl") 562 { 563 564 sysctl_createv(clog, 0, NULL, NULL, 565 CTLFLAG_PERMANENT, 566 CTLTYPE_NODE, "union", 567 SYSCTL_DESCR("Union file system"), 568 NULL, 0, NULL, 0, 569 CTL_VFS, 15, CTL_EOL); 570 /* 571 * XXX the "15" above could be dynamic, thereby eliminating 572 * one more instance of the "number to vfs" mapping problem, 573 * but "15" is the order as taken from sys/mount.h 574 */ 575 } 576 577 static int 578 union_modcmd(modcmd_t cmd, void *arg) 579 { 580 581 switch (cmd) { 582 case MODULE_CMD_INIT: 583 return vfs_attach(&union_vfsops); 584 case MODULE_CMD_FINI: 585 return vfs_detach(&union_vfsops); 586 default: 587 return ENOTTY; 588 } 589 } 590