1 /* $NetBSD: ext2fs_readwrite.c,v 1.78 2021/10/20 03:08:19 thorpej Exp $ */ 2 3 /*- 4 * Copyright (c) 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * @(#)ufs_readwrite.c 8.8 (Berkeley) 8/4/94 32 * Modified for ext2fs by Manuel Bouyer. 33 */ 34 35 /*- 36 * Copyright (c) 1997 Manuel Bouyer. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 47 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 48 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 49 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 50 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 51 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 52 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 53 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 54 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 55 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 56 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 57 * 58 * @(#)ufs_readwrite.c 8.8 (Berkeley) 8/4/94 59 * Modified for ext2fs by Manuel Bouyer. 60 */ 61 62 #include <sys/cdefs.h> 63 __KERNEL_RCSID(0, "$NetBSD: ext2fs_readwrite.c,v 1.78 2021/10/20 03:08:19 thorpej Exp $"); 64 65 #include <sys/param.h> 66 #include <sys/systm.h> 67 #include <sys/resourcevar.h> 68 #include <sys/kernel.h> 69 #include <sys/file.h> 70 #include <sys/stat.h> 71 #include <sys/buf.h> 72 #include <sys/proc.h> 73 #include <sys/mount.h> 74 #include <sys/vnode.h> 75 #include <sys/signalvar.h> 76 #include <sys/kauth.h> 77 78 #include <ufs/ufs/inode.h> 79 #include <ufs/ufs/ufsmount.h> 80 #include <ufs/ufs/ufs_extern.h> 81 #include <ufs/ext2fs/ext2fs.h> 82 #include <ufs/ext2fs/ext2fs_extern.h> 83 84 static int ext2fs_post_read_update(struct vnode *, int, int); 85 static int ext2fs_post_write_update(struct vnode *, struct uio *, int, 86 kauth_cred_t, off_t, int, int); 87 88 /* 89 * Vnode op for reading. 90 */ 91 /* ARGSUSED */ 92 int 93 ext2fs_read(void *v) 94 { 95 struct vop_read_args /* { 96 struct vnode *a_vp; 97 struct uio *a_uio; 98 int a_ioflag; 99 kauth_cred_t a_cred; 100 } */ *ap = v; 101 struct vnode *vp; 102 struct inode *ip; 103 struct uio *uio; 104 struct ufsmount *ump; 105 vsize_t bytelen; 106 int advice; 107 int error; 108 109 vp = ap->a_vp; 110 ip = VTOI(vp); 111 ump = ip->i_ump; 112 uio = ap->a_uio; 113 error = 0; 114 115 KASSERT(uio->uio_rw == UIO_READ); 116 KASSERT(vp->v_type == VREG || vp->v_type == VDIR); 117 118 /* XXX Eliminate me by refusing directory reads from userland. */ 119 if (vp->v_type == VDIR) 120 return ext2fs_bufrd(vp, uio, ap->a_ioflag, ap->a_cred); 121 122 if ((uint64_t)uio->uio_offset > ump->um_maxfilesize) 123 return EFBIG; 124 if (uio->uio_resid == 0) 125 return 0; 126 if (uio->uio_offset >= ext2fs_size(ip)) 127 goto out; 128 129 KASSERT(vp->v_type == VREG); 130 advice = IO_ADV_DECODE(ap->a_ioflag); 131 while (uio->uio_resid > 0) { 132 bytelen = MIN(ext2fs_size(ip) - uio->uio_offset, 133 uio->uio_resid); 134 if (bytelen == 0) 135 break; 136 137 error = ubc_uiomove(&vp->v_uobj, uio, bytelen, advice, 138 UBC_READ | UBC_PARTIALOK | UBC_VNODE_FLAGS(vp)); 139 if (error) 140 break; 141 } 142 143 out: 144 error = ext2fs_post_read_update(vp, ap->a_ioflag, error); 145 return error; 146 } 147 148 /* 149 * UFS op for reading via the buffer cache 150 */ 151 int 152 ext2fs_bufrd(struct vnode *vp, struct uio *uio, int ioflag, kauth_cred_t cred) 153 { 154 struct inode *ip; 155 struct ufsmount *ump; 156 struct m_ext2fs *fs; 157 struct buf *bp; 158 off_t bytesinfile; 159 daddr_t lbn, nextlbn; 160 long size, xfersize, blkoffset; 161 int error; 162 163 KASSERT(uio->uio_rw == UIO_READ); 164 KASSERT(VOP_ISLOCKED(vp)); 165 KASSERT(vp->v_type == VDIR || vp->v_type == VLNK); 166 167 ip = VTOI(vp); 168 ump = ip->i_ump; 169 fs = ip->i_e2fs; 170 error = 0; 171 172 KASSERT(vp->v_type != VLNK || 173 ext2fs_size(ip) >= ump->um_maxsymlinklen); 174 KASSERT(vp->v_type != VLNK || ump->um_maxsymlinklen != 0 || 175 ext2fs_nblock(ip) != 0); 176 177 if (uio->uio_offset > ump->um_maxfilesize) 178 return EFBIG; 179 if (uio->uio_resid == 0) 180 return 0; 181 if (uio->uio_offset >= ext2fs_size(ip)) 182 goto out; 183 184 for (error = 0, bp = NULL; uio->uio_resid > 0; bp = NULL) { 185 bytesinfile = ext2fs_size(ip) - uio->uio_offset; 186 if (bytesinfile <= 0) 187 break; 188 lbn = ext2_lblkno(fs, uio->uio_offset); 189 nextlbn = lbn + 1; 190 size = fs->e2fs_bsize; 191 blkoffset = ext2_blkoff(fs, uio->uio_offset); 192 xfersize = fs->e2fs_bsize - blkoffset; 193 if (uio->uio_resid < xfersize) 194 xfersize = uio->uio_resid; 195 if (bytesinfile < xfersize) 196 xfersize = bytesinfile; 197 198 if (ext2_lblktosize(fs, nextlbn) >= ext2fs_size(ip)) 199 error = bread(vp, lbn, size, 0, &bp); 200 else { 201 int nextsize = fs->e2fs_bsize; 202 error = breadn(vp, lbn, 203 size, &nextlbn, &nextsize, 1, 0, &bp); 204 } 205 if (error) 206 break; 207 208 /* 209 * We should only get non-zero b_resid when an I/O error 210 * has occurred, which should cause us to break above. 211 * However, if the short read did not cause an error, 212 * then we want to ensure that we do not uiomove bad 213 * or uninitialized data. 214 */ 215 size -= bp->b_resid; 216 if (size < xfersize) { 217 if (size == 0) 218 break; 219 xfersize = size; 220 } 221 error = uiomove((char *)bp->b_data + blkoffset, xfersize, uio); 222 if (error) 223 break; 224 brelse(bp, 0); 225 } 226 if (bp != NULL) 227 brelse(bp, 0); 228 229 out: 230 error = ext2fs_post_read_update(vp, ioflag, error); 231 return error; 232 } 233 234 static int 235 ext2fs_post_read_update(struct vnode *vp, int ioflag, int oerror) 236 { 237 struct inode *ip = VTOI(vp); 238 int error = oerror; 239 240 if (!(vp->v_mount->mnt_flag & MNT_NOATIME)) { 241 ip->i_flag |= IN_ACCESS; 242 if ((ioflag & IO_SYNC) == IO_SYNC) 243 error = ext2fs_update(vp, NULL, NULL, UPDATE_WAIT); 244 } 245 246 /* Read error overrides any inode update error. */ 247 if (oerror) 248 error = oerror; 249 return error; 250 } 251 252 /* 253 * Vnode op for writing. 254 */ 255 int 256 ext2fs_write(void *v) 257 { 258 struct vop_write_args /* { 259 struct vnode *a_vp; 260 struct uio *a_uio; 261 int a_ioflag; 262 kauth_cred_t a_cred; 263 } */ *ap = v; 264 struct vnode *vp; 265 struct uio *uio; 266 struct inode *ip; 267 struct m_ext2fs *fs; 268 struct ufsmount *ump; 269 off_t osize; 270 int blkoffset, error, ioflag, resid; 271 vsize_t bytelen; 272 off_t oldoff = 0; /* XXX */ 273 bool async; 274 int advice; 275 276 ioflag = ap->a_ioflag; 277 advice = IO_ADV_DECODE(ioflag); 278 uio = ap->a_uio; 279 vp = ap->a_vp; 280 ip = VTOI(vp); 281 ump = ip->i_ump; 282 error = 0; 283 284 KASSERT(uio->uio_rw == UIO_WRITE); 285 KASSERT(vp->v_type == VREG); 286 287 if (ioflag & IO_APPEND) 288 uio->uio_offset = ext2fs_size(ip); 289 if ((ip->i_e2fs_flags & EXT2_APPEND) && 290 uio->uio_offset != ext2fs_size(ip)) 291 return EPERM; 292 293 fs = ip->i_e2fs; 294 if (uio->uio_offset < 0 || 295 (uint64_t)uio->uio_offset + uio->uio_resid > ump->um_maxfilesize) 296 return EFBIG; 297 if (uio->uio_resid == 0) 298 return 0; 299 300 async = vp->v_mount->mnt_flag & MNT_ASYNC; 301 resid = uio->uio_resid; 302 osize = ext2fs_size(ip); 303 304 KASSERT(vp->v_type == VREG); 305 while (uio->uio_resid > 0) { 306 oldoff = uio->uio_offset; 307 blkoffset = ext2_blkoff(fs, uio->uio_offset); 308 bytelen = MIN(fs->e2fs_bsize - blkoffset, uio->uio_resid); 309 310 if (vp->v_size < oldoff + bytelen) { 311 uvm_vnp_setwritesize(vp, oldoff + bytelen); 312 } 313 error = ufs_balloc_range(vp, uio->uio_offset, bytelen, 314 ap->a_cred, 0); 315 if (error) 316 break; 317 error = ubc_uiomove(&vp->v_uobj, uio, bytelen, advice, 318 UBC_WRITE | UBC_VNODE_FLAGS(vp)); 319 if (error) 320 break; 321 322 /* 323 * update UVM's notion of the size now that we've 324 * copied the data into the vnode's pages. 325 */ 326 327 if (vp->v_size < uio->uio_offset) { 328 uvm_vnp_setsize(vp, uio->uio_offset); 329 } 330 331 /* 332 * flush what we just wrote if necessary. 333 * XXXUBC simplistic async flushing. 334 */ 335 336 if (!async && oldoff >> 16 != uio->uio_offset >> 16) { 337 rw_enter(vp->v_uobj.vmobjlock, RW_WRITER); 338 error = VOP_PUTPAGES(vp, (oldoff >> 16) << 16, 339 (uio->uio_offset >> 16) << 16, 340 PGO_CLEANIT | PGO_LAZY); 341 } 342 } 343 if (error == 0 && ioflag & IO_SYNC) { 344 rw_enter(vp->v_uobj.vmobjlock, RW_WRITER); 345 error = VOP_PUTPAGES(vp, trunc_page(oldoff), 346 round_page(ext2_blkroundup(fs, uio->uio_offset)), 347 PGO_CLEANIT | PGO_SYNCIO); 348 } 349 350 error = ext2fs_post_write_update(vp, uio, ioflag, ap->a_cred, osize, 351 resid, error); 352 return error; 353 } 354 355 /* 356 * UFS op for writing via the buffer cache 357 */ 358 int 359 ext2fs_bufwr(struct vnode *vp, struct uio *uio, int ioflag, kauth_cred_t cred) 360 { 361 struct inode *ip; 362 struct ufsmount *ump; 363 struct m_ext2fs *fs; 364 struct buf *bp; 365 int flags; 366 off_t osize; 367 daddr_t lbn; 368 int resid, blkoffset, xfersize; 369 int error; 370 371 KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE); 372 KASSERT(vp->v_type == VDIR || vp->v_type == VLNK); 373 KASSERT(vp->v_type != VDIR || ISSET(ioflag, IO_SYNC)); 374 KASSERT(uio->uio_rw == UIO_WRITE); 375 376 ip = VTOI(vp); 377 ump = ip->i_ump; 378 fs = ip->i_e2fs; 379 error = 0; 380 381 if (uio->uio_offset < 0 || 382 uio->uio_resid > ump->um_maxfilesize || 383 uio->uio_offset > (ump->um_maxfilesize - uio->uio_resid)) 384 return EFBIG; 385 if (uio->uio_resid == 0) 386 return 0; 387 388 flags = ioflag & IO_SYNC ? B_SYNC : 0; 389 resid = uio->uio_resid; 390 osize = ext2fs_size(ip); 391 392 for (error = 0; uio->uio_resid > 0;) { 393 lbn = ext2_lblkno(fs, uio->uio_offset); 394 blkoffset = ext2_blkoff(fs, uio->uio_offset); 395 xfersize = MIN(fs->e2fs_bsize - blkoffset, uio->uio_resid); 396 if (xfersize < fs->e2fs_bsize) 397 flags |= B_CLRBUF; 398 else 399 flags &= ~B_CLRBUF; 400 error = ext2fs_balloc(ip, lbn, blkoffset + xfersize, cred, &bp, 401 flags); 402 if (error) 403 break; 404 if (ext2fs_size(ip) < uio->uio_offset + xfersize) { 405 error = ext2fs_setsize(ip, uio->uio_offset + xfersize); 406 if (error) 407 break; 408 } 409 error = uiomove((char *)bp->b_data + blkoffset, xfersize, uio); 410 411 /* 412 * update UVM's notion of the size now that we've 413 * copied the data into the vnode's pages. 414 */ 415 416 if (vp->v_size < uio->uio_offset) { 417 uvm_vnp_setsize(vp, uio->uio_offset); 418 } 419 420 if (ioflag & IO_SYNC) 421 (void)bwrite(bp); 422 else if (xfersize + blkoffset == fs->e2fs_bsize) 423 bawrite(bp); 424 else 425 bdwrite(bp); 426 if (error || xfersize == 0) 427 break; 428 } 429 430 error = ext2fs_post_write_update(vp, uio, ioflag, cred, osize, resid, 431 error); 432 return error; 433 } 434 435 static int 436 ext2fs_post_write_update(struct vnode *vp, struct uio *uio, int ioflag, 437 kauth_cred_t cred, off_t osize, int resid, int oerror) 438 { 439 struct inode *ip = VTOI(vp); 440 int error = oerror; 441 442 /* Trigger ctime and mtime updates, and atime if MNT_RELATIME. */ 443 ip->i_flag |= IN_CHANGE | IN_UPDATE; 444 if (vp->v_mount->mnt_flag & MNT_RELATIME) 445 ip->i_flag |= IN_ACCESS; 446 447 /* 448 * If we successfully wrote any data and we are not the superuser, 449 * we clear the setuid and setgid bits as a precaution against 450 * tampering. 451 */ 452 if (resid > uio->uio_resid && cred) { 453 if (ip->i_e2fs_mode & ISUID) { 454 if (kauth_authorize_vnode(cred, 455 KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM) != 0) 456 ip->i_e2fs_mode &= ISUID; 457 } 458 459 if (ip->i_e2fs_mode & ISGID) { 460 if (kauth_authorize_vnode(cred, 461 KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM) != 0) 462 ip->i_e2fs_mode &= ~ISGID; 463 } 464 } 465 466 /* 467 * Update the size on disk: truncate back to original size on 468 * error, or reflect the new size on success. 469 */ 470 if (error) { 471 (void) ext2fs_truncate(vp, osize, ioflag & IO_SYNC, cred); 472 uio->uio_offset -= resid - uio->uio_resid; 473 uio->uio_resid = resid; 474 } else if (resid > uio->uio_resid && (ioflag & IO_SYNC) == IO_SYNC) 475 error = ext2fs_update(vp, NULL, NULL, UPDATE_WAIT); 476 477 /* Make sure the vnode uvm size matches the inode file size. */ 478 KASSERT(vp->v_size == ext2fs_size(ip)); 479 480 /* Write error overrides any inode update error. */ 481 if (oerror) 482 error = oerror; 483 return error; 484 } 485