1 /* $NetBSD: vfs_init.c,v 1.53 2021/09/26 21:29:38 thorpej Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Jason R. Thorpe of the Numerical Aerospace Simulation Facility, 9 * NASA Ames Research Center. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1989, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * This code is derived from software contributed 38 * to Berkeley by John Heidemann of the UCLA Ficus project. 39 * 40 * Source: * @(#)i405_init.c 2.10 92/04/27 UCLA Ficus project 41 * 42 * Redistribution and use in source and binary forms, with or without 43 * modification, are permitted provided that the following conditions 44 * are met: 45 * 1. Redistributions of source code must retain the above copyright 46 * notice, this list of conditions and the following disclaimer. 47 * 2. Redistributions in binary form must reproduce the above copyright 48 * notice, this list of conditions and the following disclaimer in the 49 * documentation and/or other materials provided with the distribution. 50 * 3. Neither the name of the University nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 64 * SUCH DAMAGE. 65 * 66 * @(#)vfs_init.c 8.5 (Berkeley) 5/11/95 67 */ 68 69 #include <sys/cdefs.h> 70 __KERNEL_RCSID(0, "$NetBSD: vfs_init.c,v 1.53 2021/09/26 21:29:38 thorpej Exp $"); 71 72 #include <sys/param.h> 73 #include <sys/mount.h> 74 #include <sys/time.h> 75 #include <sys/vnode.h> 76 #include <sys/stat.h> 77 #include <sys/namei.h> 78 #include <sys/ucred.h> 79 #include <sys/buf.h> 80 #include <sys/errno.h> 81 #include <sys/kmem.h> 82 #include <sys/systm.h> 83 #include <sys/module.h> 84 #include <sys/dirhash.h> 85 #include <sys/sysctl.h> 86 #include <sys/kauth.h> 87 88 /* 89 * Sigh, such primitive tools are these... 90 */ 91 #if 0 92 #define DODEBUG(A) A 93 #else 94 #define DODEBUG(A) 95 #endif 96 97 pool_cache_t pnbuf_cache; 98 99 /* 100 * The global list of vnode operations. 101 */ 102 extern const struct vnodeop_desc * const vfs_op_descs[]; 103 104 /* 105 * These vnodeopv_descs are listed here because they are not 106 * associated with any particular file system, and thus cannot 107 * be initialized by vfs_attach(). 108 */ 109 extern const struct vnodeopv_desc dead_vnodeop_opv_desc; 110 extern const struct vnodeopv_desc fifo_vnodeop_opv_desc; 111 extern const struct vnodeopv_desc spec_vnodeop_opv_desc; 112 113 const struct vnodeopv_desc * const vfs_special_vnodeopv_descs[] = { 114 &dead_vnodeop_opv_desc, 115 &fifo_vnodeop_opv_desc, 116 &spec_vnodeop_opv_desc, 117 NULL, 118 }; 119 120 struct vfs_list_head vfs_list = /* vfs list */ 121 LIST_HEAD_INITIALIZER(vfs_list); 122 123 static kauth_listener_t mount_listener; 124 125 /* 126 * This code doesn't work if the defn is **vnodop_defns with cc. 127 * The problem is because of the compiler sometimes putting in an 128 * extra level of indirection for arrays. It's an interesting 129 * "feature" of C. 130 */ 131 typedef int (*PFI)(void *); 132 133 /* 134 * A miscellaneous routine. 135 * A generic "default" routine that just returns an error. 136 */ 137 /*ARGSUSED*/ 138 int 139 vn_default_error(void *v) 140 { 141 142 return (EOPNOTSUPP); 143 } 144 145 static struct sysctllog *vfs_sysctllog; 146 147 /* 148 * Top level filesystem related information gathering. 149 */ 150 static void 151 sysctl_vfs_setup(void) 152 { 153 extern int vfs_magiclinks; 154 extern int vfs_timestamp_precision; 155 156 sysctl_createv(&vfs_sysctllog, 0, NULL, NULL, 157 CTLFLAG_PERMANENT, 158 CTLTYPE_NODE, "generic", 159 SYSCTL_DESCR("Non-specific vfs related information"), 160 NULL, 0, NULL, 0, 161 CTL_VFS, VFS_GENERIC, CTL_EOL); 162 sysctl_createv(&vfs_sysctllog, 0, NULL, NULL, 163 CTLFLAG_PERMANENT, 164 CTLTYPE_STRING, "fstypes", 165 SYSCTL_DESCR("List of file systems present"), 166 sysctl_vfs_generic_fstypes, 0, NULL, 0, 167 CTL_VFS, VFS_GENERIC, CTL_CREATE, CTL_EOL); 168 sysctl_createv(&vfs_sysctllog, 0, NULL, NULL, 169 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 170 CTLTYPE_INT, "magiclinks", 171 SYSCTL_DESCR("Whether \"magic\" symlinks are expanded"), 172 NULL, 0, &vfs_magiclinks, 0, 173 CTL_VFS, VFS_GENERIC, VFS_MAGICLINKS, CTL_EOL); 174 sysctl_createv(&vfs_sysctllog, 0, NULL, NULL, 175 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 176 CTLTYPE_INT, "timestamp_precision", 177 SYSCTL_DESCR("File timestamp precision"), 178 NULL, 0, &vfs_timestamp_precision, 0, 179 CTL_VFS, VFS_GENERIC, VFS_TIMESTAMP_PRECISION, 180 CTL_EOL); 181 } 182 183 184 /* 185 * vfs_init.c 186 * 187 * Allocate and fill in operations vectors. 188 * 189 * An undocumented feature of this approach to defining operations is that 190 * there can be multiple entries in vfs_opv_descs for the same operations 191 * vector. This allows third parties to extend the set of operations 192 * supported by another layer in a binary compatibile way. For example, 193 * assume that NFS needed to be modified to support Ficus. NFS has an entry 194 * (probably nfs_vnopdeop_decls) declaring all the operations NFS supports by 195 * default. Ficus could add another entry (ficus_nfs_vnodeop_decl_entensions) 196 * listing those new operations Ficus adds to NFS, all without modifying the 197 * NFS code. (Of couse, the OTW NFS protocol still needs to be munged, but 198 * that is a(whole)nother story.) This is a feature. 199 */ 200 201 /* 202 * Init the vector, if it needs it. 203 * Also handle backwards compatibility. 204 */ 205 static void 206 vfs_opv_init_explicit(const struct vnodeopv_desc *vfs_opv_desc) 207 { 208 int (**opv_desc_vector)(void *); 209 const struct vnodeopv_entry_desc *opve_descp; 210 211 opv_desc_vector = *(vfs_opv_desc->opv_desc_vector_p); 212 213 for (opve_descp = vfs_opv_desc->opv_desc_ops; 214 opve_descp->opve_op; 215 opve_descp++) { 216 /* 217 * Sanity check: is this operation listed 218 * in the list of operations? We check this 219 * by seeing if its offset is zero. Since 220 * the default routine should always be listed 221 * first, it should be the only one with a zero 222 * offset. Any other operation with a zero 223 * offset is probably not listed in 224 * vfs_op_descs, and so is probably an error. 225 * 226 * A panic here means the layer programmer 227 * has committed the all-too common bug 228 * of adding a new operation to the layer's 229 * list of vnode operations but 230 * not adding the operation to the system-wide 231 * list of supported operations. 232 */ 233 if (opve_descp->opve_op->vdesc_offset == 0 && 234 opve_descp->opve_op->vdesc_offset != VOFFSET(vop_default)) { 235 printf("operation %s not listed in %s.\n", 236 opve_descp->opve_op->vdesc_name, "vfs_op_descs"); 237 panic ("vfs_opv_init: bad operation"); 238 } 239 240 /* 241 * Fill in this entry. 242 */ 243 opv_desc_vector[opve_descp->opve_op->vdesc_offset] = 244 opve_descp->opve_impl; 245 } 246 } 247 248 static void 249 vfs_opv_init_default(const struct vnodeopv_desc *vfs_opv_desc) 250 { 251 int j; 252 int (**opv_desc_vector)(void *); 253 254 opv_desc_vector = *(vfs_opv_desc->opv_desc_vector_p); 255 256 /* 257 * Force every operations vector to have a default routine. 258 */ 259 if (opv_desc_vector[VOFFSET(vop_default)] == NULL) 260 panic("vfs_opv_init: operation vector without default routine."); 261 262 for (j = 0; j < VNODE_OPS_COUNT; j++) 263 if (opv_desc_vector[j] == NULL) 264 opv_desc_vector[j] = 265 opv_desc_vector[VOFFSET(vop_default)]; 266 } 267 268 void 269 vfs_opv_init(const struct vnodeopv_desc * const *vopvdpp) 270 { 271 int (**opv_desc_vector)(void *); 272 int i; 273 274 /* 275 * Allocate the vectors. 276 */ 277 for (i = 0; vopvdpp[i] != NULL; i++) { 278 opv_desc_vector = 279 kmem_alloc(VNODE_OPS_COUNT * sizeof(PFI), KM_SLEEP); 280 memset(opv_desc_vector, 0, VNODE_OPS_COUNT * sizeof(PFI)); 281 *(vopvdpp[i]->opv_desc_vector_p) = opv_desc_vector; 282 DODEBUG(printf("vector at %p allocated\n", 283 opv_desc_vector_p)); 284 } 285 286 /* 287 * ...and fill them in. 288 */ 289 for (i = 0; vopvdpp[i] != NULL; i++) 290 vfs_opv_init_explicit(vopvdpp[i]); 291 292 /* 293 * Finally, go back and replace unfilled routines 294 * with their default. 295 */ 296 for (i = 0; vopvdpp[i] != NULL; i++) 297 vfs_opv_init_default(vopvdpp[i]); 298 } 299 300 void 301 vfs_opv_free(const struct vnodeopv_desc * const *vopvdpp) 302 { 303 int i; 304 305 /* 306 * Free the vectors allocated in vfs_opv_init(). 307 */ 308 for (i = 0; vopvdpp[i] != NULL; i++) { 309 kmem_free(*(vopvdpp[i]->opv_desc_vector_p), 310 VNODE_OPS_COUNT * sizeof(PFI)); 311 *(vopvdpp[i]->opv_desc_vector_p) = NULL; 312 } 313 } 314 315 #ifdef DEBUG 316 static void 317 vfs_op_check(void) 318 { 319 int i; 320 321 DODEBUG(printf("Vnode_interface_init.\n")); 322 323 /* 324 * Check offset of each op. 325 */ 326 for (i = 0; vfs_op_descs[i]; i++) { 327 if (vfs_op_descs[i]->vdesc_offset != i) 328 panic("vfs_op_check: vfs_op_desc[] offset mismatch"); 329 } 330 331 if (i != VNODE_OPS_COUNT) { 332 panic("vfs_op_check: vnode ops count mismatch (%d != %d)", 333 i, VNODE_OPS_COUNT); 334 } 335 336 DODEBUG(printf ("vfs_opv_numops=%d\n", VNODE_OPS_COUNT)); 337 } 338 #endif /* DEBUG */ 339 340 /* 341 * Common routine to check if an unprivileged mount is allowed. 342 * 343 * We export just this part (i.e., without the access control) so that if a 344 * secmodel wants to implement finer grained user mounts it can do so without 345 * copying too much code. More elaborate policies (i.e., specific users allowed 346 * to also create devices and/or introduce set-id binaries, or export 347 * file-systems) will require a different implementation. 348 * 349 * This routine is intended to be called from listener context, and as such 350 * does not take credentials as an argument. 351 */ 352 int 353 usermount_common_policy(struct mount *mp, u_long flags) 354 { 355 356 /* No exporting if unprivileged. */ 357 if (flags & MNT_EXPORTED) 358 return EPERM; 359 360 /* Must have 'nosuid' and 'nodev'. */ 361 if ((flags & MNT_NODEV) == 0 || (flags & MNT_NOSUID) == 0) 362 return EPERM; 363 364 /* Retain 'noexec'. */ 365 if ((mp->mnt_flag & MNT_NOEXEC) && (flags & MNT_NOEXEC) == 0) 366 return EPERM; 367 368 return 0; 369 } 370 371 static int 372 mount_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, 373 void *arg0, void *arg1, void *arg2, void *arg3) 374 { 375 int result; 376 enum kauth_system_req req; 377 378 result = KAUTH_RESULT_DEFER; 379 req = (enum kauth_system_req)(uintptr_t)(uintptr_t)arg0; 380 381 if (action != KAUTH_SYSTEM_MOUNT) 382 return result; 383 384 if (req == KAUTH_REQ_SYSTEM_MOUNT_GET) 385 result = KAUTH_RESULT_ALLOW; 386 else if (req == KAUTH_REQ_SYSTEM_MOUNT_DEVICE) { 387 vnode_t *devvp = arg2; 388 accmode_t accmode = (accmode_t)(unsigned long)arg3; 389 int error; 390 391 error = VOP_ACCESS(devvp, accmode, cred); 392 if (!error) 393 result = KAUTH_RESULT_ALLOW; 394 } 395 396 return result; 397 } 398 399 /* 400 * Initialize the vnode structures and initialize each file system type. 401 */ 402 void 403 vfsinit(void) 404 { 405 406 /* 407 * Attach sysctl nodes 408 */ 409 sysctl_vfs_setup(); 410 411 /* 412 * Initialize the namei pathname buffer pool and cache. 413 */ 414 pnbuf_cache = pool_cache_init(MAXPATHLEN, 0, 0, 0, "pnbufpl", 415 NULL, IPL_NONE, NULL, NULL, NULL); 416 KASSERT(pnbuf_cache != NULL); 417 418 /* 419 * Initialize the vnode table 420 */ 421 vntblinit(); 422 423 /* 424 * Initialize the vnode name cache 425 */ 426 nchinit(); 427 428 #ifdef DEBUG 429 /* 430 * Check the list of vnode operations. 431 */ 432 vfs_op_check(); 433 #endif 434 435 /* 436 * Initialize the special vnode operations. 437 */ 438 vfs_opv_init(vfs_special_vnodeopv_descs); 439 440 /* 441 * Initialise generic dirhash. 442 */ 443 dirhash_init(); 444 445 /* 446 * Initialise VFS hooks. 447 */ 448 vfs_hooks_init(); 449 450 mount_listener = kauth_listen_scope(KAUTH_SCOPE_SYSTEM, 451 mount_listener_cb, NULL); 452 453 /* 454 * Establish each file system which was statically 455 * included in the kernel. 456 */ 457 module_init_class(MODULE_CLASS_VFS); 458 459 extern kmutex_t fs_klist_lock; 460 mutex_init(&fs_klist_lock, MUTEX_DEFAULT, IPL_NONE); 461 } 462 463 /* 464 * Drop a reference to a file system type. 465 */ 466 void 467 vfs_delref(struct vfsops *vfs) 468 { 469 470 mutex_enter(&vfs_list_lock); 471 vfs->vfs_refcount--; 472 mutex_exit(&vfs_list_lock); 473 } 474 475 /* 476 * Establish a file system and initialize it. 477 */ 478 int 479 vfs_attach(struct vfsops *vfs) 480 { 481 struct vfsops *v; 482 int error = 0; 483 484 mutex_enter(&vfs_list_lock); 485 486 /* 487 * Make sure this file system doesn't already exist. 488 */ 489 LIST_FOREACH(v, &vfs_list, vfs_list) { 490 if (strcmp(vfs->vfs_name, v->vfs_name) == 0) { 491 error = EEXIST; 492 goto out; 493 } 494 } 495 496 /* 497 * Initialize the vnode operations for this file system. 498 */ 499 vfs_opv_init(vfs->vfs_opv_descs); 500 501 /* 502 * Now initialize the file system itself. 503 */ 504 (*vfs->vfs_init)(); 505 506 /* 507 * ...and link it into the kernel's list. 508 */ 509 LIST_INSERT_HEAD(&vfs_list, vfs, vfs_list); 510 511 /* 512 * Sanity: make sure the reference count is 0. 513 */ 514 vfs->vfs_refcount = 0; 515 out: 516 mutex_exit(&vfs_list_lock); 517 return (error); 518 } 519 520 /* 521 * Remove a file system from the kernel. 522 */ 523 int 524 vfs_detach(struct vfsops *vfs) 525 { 526 struct vfsops *v; 527 int error = 0; 528 529 mutex_enter(&vfs_list_lock); 530 531 /* 532 * Make sure no one is using the filesystem. 533 */ 534 if (vfs->vfs_refcount != 0) { 535 error = EBUSY; 536 goto out; 537 } 538 539 /* 540 * ...and remove it from the kernel's list. 541 */ 542 LIST_FOREACH(v, &vfs_list, vfs_list) { 543 if (v == vfs) { 544 LIST_REMOVE(v, vfs_list); 545 break; 546 } 547 } 548 549 if (v == NULL) { 550 error = ESRCH; 551 goto out; 552 } 553 554 /* 555 * Now run the file system-specific cleanups. 556 */ 557 (*vfs->vfs_done)(); 558 559 /* 560 * Free the vnode operations vector. 561 */ 562 vfs_opv_free(vfs->vfs_opv_descs); 563 out: 564 mutex_exit(&vfs_list_lock); 565 return (error); 566 } 567 568 void 569 vfs_reinit(void) 570 { 571 struct vfsops *vfs; 572 573 mutex_enter(&vfs_list_lock); 574 LIST_FOREACH(vfs, &vfs_list, vfs_list) { 575 if (vfs->vfs_reinit) { 576 vfs->vfs_refcount++; 577 mutex_exit(&vfs_list_lock); 578 (*vfs->vfs_reinit)(); 579 mutex_enter(&vfs_list_lock); 580 vfs->vfs_refcount--; 581 } 582 } 583 mutex_exit(&vfs_list_lock); 584 } 585