vfs_getcwd.c revision 1.10
1 /* $NetBSD: vfs_getcwd.c,v 1.10 1999/07/11 09:27:23 sommerfeld Exp $ */ 2 3 /*- 4 * Copyright (c) 1999 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Bill Sommerfeld. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/namei.h> 42 #include <sys/filedesc.h> 43 #include <sys/kernel.h> 44 #include <sys/file.h> 45 #include <sys/stat.h> 46 #include <sys/vnode.h> 47 #include <sys/mount.h> 48 #include <sys/proc.h> 49 #include <sys/uio.h> 50 #include <sys/malloc.h> 51 #include <sys/dirent.h> 52 #include <ufs/ufs/dir.h> /* XXX only for DIRBLKSIZ */ 53 54 #include <sys/syscallargs.h> 55 56 static int 57 getcwd_scandir __P((struct vnode **, struct vnode **, 58 char **, char *, struct proc *)); 59 static int 60 getcwd_getcache __P((struct vnode **, struct vnode **, 61 char **, char *)); 62 static int 63 getcwd_common __P((struct vnode *, struct vnode *, 64 char **, char *, int, int, struct proc *)); 65 66 int vn_isunder __P((struct vnode *, struct vnode *, struct proc *)); 67 68 #define DIRENT_MINSIZE (sizeof(struct dirent) - (MAXNAMLEN+1) + 4) 69 70 /* 71 * Vnode variable naming conventions in this file: 72 * 73 * rvp: the current root we're aiming towards. 74 * lvp, *lvpp: the "lower" vnode 75 * uvp, *uvpp: the "upper" vnode. 76 * 77 * Since all the vnodes we're dealing with are directories, and the 78 * lookups are going *up* in the filesystem rather than *down*, the 79 * usual "pvp" (parent) or "dvp" (directory) naming conventions are 80 * too confusing. 81 */ 82 83 /* 84 * XXX Will infinite loop in certain cases if a directory read reliably 85 * returns EINVAL on last block. 86 * XXX is EINVAL the right thing to return if a directory is malformed? 87 */ 88 89 /* 90 * XXX Untested vs. mount -o union; probably does the wrong thing. 91 */ 92 93 /* 94 * Find parent vnode of *lvpp, return in *uvpp 95 * 96 * If we care about the name, scan it looking for name of directory 97 * entry pointing at lvp. 98 * 99 * Place the name in the buffer which starts at bufp, immediately 100 * before *bpp, and move bpp backwards to point at the start of it. 101 * 102 * On entry, *lvpp is a locked vnode reference; on exit, it is vput and NULL'ed 103 * On exit, *uvpp is either NULL or is a locked vnode reference. 104 */ 105 static int 106 getcwd_scandir(lvpp, uvpp, bpp, bufp, p) 107 struct vnode **lvpp; 108 struct vnode **uvpp; 109 char **bpp; 110 char *bufp; 111 struct proc *p; 112 { 113 int error = 0; 114 int eofflag; 115 off_t off; 116 int tries; 117 struct uio uio; 118 struct iovec iov; 119 char *dirbuf = NULL; 120 int dirbuflen; 121 ino_t fileno; 122 struct vattr va; 123 struct vnode *uvp = NULL; 124 struct vnode *lvp = *lvpp; 125 struct componentname cn; 126 int len, reclen; 127 tries = 0; 128 129 /* 130 * If we want the filename, get some info we need while the 131 * current directory is still locked. 132 */ 133 if (bufp != NULL) { 134 error = VOP_GETATTR(lvp, &va, p->p_ucred, p); 135 if (error) { 136 vput(lvp); 137 *lvpp = NULL; 138 *uvpp = NULL; 139 return error; 140 } 141 } 142 143 /* 144 * Ok, we have to do it the hard way.. 145 * Next, get parent vnode using lookup of .. 146 */ 147 cn.cn_nameiop = LOOKUP; 148 cn.cn_flags = ISLASTCN | ISDOTDOT | RDONLY; 149 cn.cn_proc = p; 150 cn.cn_cred = p->p_ucred; 151 cn.cn_pnbuf = NULL; 152 cn.cn_nameptr = ".."; 153 cn.cn_namelen = 2; 154 cn.cn_hash = 0; 155 cn.cn_consume = 0; 156 157 /* 158 * At this point, lvp is locked and will be unlocked by the lookup. 159 * On successful return, *uvpp will be locked 160 */ 161 error = VOP_LOOKUP(lvp, uvpp, &cn); 162 if (error) { 163 vput(lvp); 164 *lvpp = NULL; 165 *uvpp = NULL; 166 return error; 167 } 168 uvp = *uvpp; 169 170 /* If we don't care about the pathname, we're done */ 171 if (bufp == NULL) { 172 vrele(lvp); 173 *lvpp = NULL; 174 return 0; 175 } 176 177 fileno = va.va_fileid; 178 179 dirbuflen = DIRBLKSIZ; 180 if (dirbuflen < va.va_blocksize) 181 dirbuflen = va.va_blocksize; 182 dirbuf = (char *)malloc(dirbuflen, M_TEMP, M_WAITOK); 183 184 #if 0 185 unionread: 186 #endif 187 off = 0; 188 do { 189 /* call VOP_READDIR of parent */ 190 iov.iov_base = dirbuf; 191 iov.iov_len = dirbuflen; 192 193 uio.uio_iov = &iov; 194 uio.uio_iovcnt = 1; 195 uio.uio_offset = off; 196 uio.uio_resid = dirbuflen; 197 uio.uio_segflg = UIO_SYSSPACE; 198 uio.uio_rw = UIO_READ; 199 uio.uio_procp = p; 200 201 eofflag = 0; 202 203 error = VOP_READDIR(uvp, &uio, p->p_ucred, &eofflag, 0, 0); 204 205 off = uio.uio_offset; 206 207 /* 208 * Try again if NFS tosses its cookies. 209 * XXX this can still loop forever if the directory is busted 210 * such that the second or subsequent page of it always 211 * returns EINVAL 212 */ 213 if ((error == EINVAL) && (tries < 3)) { 214 off = 0; 215 tries++; 216 continue; /* once more, with feeling */ 217 } 218 219 if (!error) { 220 char *cpos; 221 struct dirent *dp; 222 223 cpos = dirbuf; 224 tries = 0; 225 226 /* scan directory page looking for matching vnode */ 227 for (len = (dirbuflen - uio.uio_resid); len > 0; len -= reclen) { 228 dp = (struct dirent *) cpos; 229 reclen = dp->d_reclen; 230 231 /* check for malformed directory.. */ 232 if (reclen < DIRENT_MINSIZE) { 233 error = EINVAL; 234 goto out; 235 } 236 /* 237 * XXX should perhaps do VOP_LOOKUP to 238 * check that we got back to the right place, 239 * but getting the locking games for that 240 * right would be heinous. 241 */ 242 if ((dp->d_type != DT_WHT) && 243 (dp->d_fileno == fileno)) { 244 char *bp = *bpp; 245 bp -= dp->d_namlen; 246 247 if (bp <= bufp) { 248 error = ERANGE; 249 goto out; 250 } 251 memcpy(bp, dp->d_name, dp->d_namlen); 252 error = 0; 253 *bpp = bp; 254 goto out; 255 } 256 cpos += reclen; 257 } 258 } 259 } while (!eofflag); 260 #if 0 261 /* 262 * Deal with mount -o union, which unions only the 263 * root directory of the mount. 264 */ 265 if ((uvp->v_flag & VROOT) && 266 (uvp->v_mount->mnt_flag & MNT_UNION)) { 267 struct vnode *tvp = uvp; 268 uvp = uvp->v_mount->mnt_vnodecovered; 269 vput(tvp); 270 VREF(uvp); 271 *uvpp = uvp; 272 error = vn_lock(uvp, LK_EXCLUSIVE | LK_RETRY); 273 if (error != 0) { 274 vrele(uvp); 275 *uvpp = uvp = NULL; 276 goto out; 277 } 278 goto unionread; 279 } 280 #endif 281 error = ENOENT; 282 283 out: 284 vrele(lvp); 285 *lvpp = NULL; 286 free(dirbuf, M_TEMP); 287 return error; 288 } 289 290 /* 291 * Look in the vnode-to-name reverse cache to see if 292 * we can find things the easy way. 293 * 294 * XXX vget failure path is untested. 295 * 296 * On entry, *lvpp is a locked vnode reference. 297 * On exit, one of the following is the case: 298 * 0) Both *lvpp and *uvpp are NULL and failure is returned. 299 * 1) *uvpp is NULL, *lvpp remains locked and -1 is returned (cache miss) 300 * 2) *uvpp is a locked vnode reference, *lvpp is vput and NULL'ed 301 * and 0 is returned (cache hit) 302 */ 303 304 static int 305 getcwd_getcache(lvpp, uvpp, bpp, bufp) 306 struct vnode **lvpp, **uvpp; 307 char **bpp; 308 char *bufp; 309 { 310 struct vnode *lvp, *uvp = NULL; 311 int error; 312 int vpid; 313 314 lvp = *lvpp; 315 316 /* 317 * This returns 0 on a cache hit, -1 on a clean cache miss, 318 * or an errno on other failure. 319 */ 320 error = cache_revlookup(lvp, uvpp, bpp, bufp); 321 if (error) { 322 if (error != -1) { 323 vput(lvp); 324 *lvpp = NULL; 325 *uvpp = NULL; 326 } 327 return error; 328 } 329 uvp = *uvpp; 330 vpid = uvp->v_id; 331 332 /* 333 * Since we're going up, we have to release the current lock 334 * before we take the parent lock. 335 */ 336 337 VOP_UNLOCK(lvp, 0); 338 339 error = vget(uvp, LK_EXCLUSIVE | LK_RETRY); 340 if (error != 0) 341 *uvpp = NULL; 342 /* 343 * Verify that vget succeeded, and check that vnode capability 344 * didn't change while we were waiting for the lock. 345 */ 346 if (error || (vpid != uvp->v_id)) { 347 /* 348 * Oops, we missed. If the vget failed, or the 349 * capability changed, try to get our lock back; if 350 * that works, tell caller to try things the hard way, 351 * otherwise give up. 352 */ 353 if (!error) vput(uvp); 354 *uvpp = NULL; 355 356 error = vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY); 357 358 if (!error) 359 return -1; 360 } 361 vrele(lvp); 362 *lvpp = NULL; 363 364 return error; 365 } 366 367 /* 368 * common routine shared by sys___getcwd() and vn_isunder() 369 */ 370 371 #define GETCWD_CHECK_ACCESS 0x0001 372 373 static int getcwd_common (lvp, rvp, bpp, bufp, limit, flags, p) 374 struct vnode *lvp; 375 struct vnode *rvp; 376 char **bpp; 377 char *bufp; 378 int limit; 379 int flags; 380 struct proc *p; 381 { 382 struct cwdinfo *cwdi = p->p_cwdi; 383 struct vnode *uvp = NULL; 384 char *bp = NULL; 385 int error; 386 int perms = VEXEC; 387 388 if (rvp == NULL) { 389 rvp = cwdi->cwdi_rdir; 390 if (rvp == NULL) 391 rvp = rootvnode; 392 } 393 394 VREF(rvp); 395 VREF(lvp); 396 397 /* 398 * Error handling invariant: 399 * Before a `goto out': 400 * lvp is either NULL, or locked and held. 401 * uvp is either NULL, or locked and held. 402 */ 403 404 error = vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY); 405 if (error) { 406 vrele(lvp); 407 lvp = NULL; 408 goto out; 409 } 410 if (bufp) 411 bp = *bpp; 412 /* 413 * this loop will terminate when one of the following happens: 414 * - we hit the root 415 * - getdirentries or lookup fails 416 * - we run out of space in the buffer. 417 */ 418 if (lvp == rvp) { 419 if (bp) 420 *(--bp) = '/'; 421 goto out; 422 } 423 do { 424 if (lvp->v_type != VDIR) { 425 error = ENOTDIR; 426 goto out; 427 } 428 429 /* 430 * access check here is optional, depending on 431 * whether or not caller cares. 432 */ 433 if (flags & GETCWD_CHECK_ACCESS) { 434 error = VOP_ACCESS(lvp, perms, p->p_ucred, p); 435 if (error) 436 goto out; 437 perms = VEXEC|VREAD; 438 } 439 440 /* 441 * step up if we're a covered vnode.. 442 */ 443 while (lvp->v_flag & VROOT) { 444 struct vnode *tvp; 445 446 if (lvp == rvp) 447 goto out; 448 449 tvp = lvp; 450 lvp = lvp->v_mount->mnt_vnodecovered; 451 vput(tvp); 452 /* 453 * hodie natus est radici frater 454 */ 455 if (lvp == NULL) { 456 error = ENOENT; 457 goto out; 458 } 459 VREF(lvp); 460 error = vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY); 461 if (error != 0) { 462 vrele(lvp); 463 lvp = NULL; 464 goto out; 465 } 466 } 467 /* 468 * Look in the name cache; if that fails, look in the 469 * directory.. 470 */ 471 error = getcwd_getcache(&lvp, &uvp, &bp, bufp); 472 if (error == -1) 473 error = getcwd_scandir(&lvp, &uvp, &bp, bufp, p); 474 if (error) 475 goto out; 476 #if DIAGNOSTIC 477 if (lvp != NULL) 478 panic("getcwd: oops, forgot to null lvp"); 479 if (bufp && (bp <= bufp)) { 480 panic("getcwd: oops, went back too far"); 481 } 482 #endif 483 if (bp) 484 *(--bp) = '/'; 485 lvp = uvp; 486 uvp = NULL; 487 limit--; 488 } while ((lvp != rvp) && (limit > 0)); 489 490 out: 491 if (bpp) 492 *bpp = bp; 493 if (uvp) 494 vput(uvp); 495 if (lvp) 496 vput(lvp); 497 vrele(rvp); 498 return error; 499 } 500 501 /* 502 * Check if one directory can be found inside another in the directory 503 * hierarchy. 504 * 505 * Intended to be used in chroot, chdir, fchdir, etc., to ensure that 506 * chroot() actually means something. 507 */ 508 int vn_isunder(lvp, rvp, p) 509 struct vnode *lvp; 510 struct vnode *rvp; 511 struct proc *p; 512 { 513 int error; 514 515 error = getcwd_common (lvp, rvp, NULL, NULL, MAXPATHLEN/2, 0, p); 516 517 if (!error) 518 return 1; 519 else 520 return 0; 521 } 522 523 /* 524 * Returns true if proc p1's root directory equal to or under p2's 525 * root directory. 526 * 527 * Intended to be used from ptrace/procfs sorts of things. 528 */ 529 530 int proc_isunder (p1, p2) 531 struct proc *p1; 532 struct proc *p2; 533 { 534 struct vnode *r1 = p1->p_cwdi->cwdi_rdir; 535 struct vnode *r2 = p2->p_cwdi->cwdi_rdir; 536 537 if (r1 == NULL) 538 return (r2 == NULL); 539 else if (r2 == NULL) 540 return 1; 541 else 542 return vn_isunder(r1, r2, p2); 543 } 544 545 /* 546 * Find pathname of process's current directory. 547 * 548 * Use vfs vnode-to-name reverse cache; if that fails, fall back 549 * to reading directory contents. 550 */ 551 552 int sys___getcwd(p, v, retval) 553 struct proc *p; 554 void *v; 555 register_t *retval; 556 { 557 register struct sys___getcwd_args /* { 558 syscallarg(char *) bufp; 559 syscallarg(size_t) length; 560 } */ *uap = v; 561 562 int error; 563 char *path; 564 char *bp, *bend; 565 int len = SCARG(uap, length); 566 int lenused; 567 568 if (len > MAXPATHLEN*4) 569 len = MAXPATHLEN*4; 570 else if (len < 2) 571 return ERANGE; 572 573 path = (char *)malloc(len, M_TEMP, M_WAITOK); 574 if (!path) 575 return ENOMEM; 576 577 bp = &path[len]; 578 bend = bp; 579 *(--bp) = '\0'; 580 581 /* 582 * 5th argument here is "max number of vnodes to traverse". 583 * Since each entry takes up at least 2 bytes in the output buffer, 584 * limit it to N/2 vnodes for an N byte buffer. 585 */ 586 error = getcwd_common (p->p_cwdi->cwdi_cdir, NULL, &bp, path, len/2, 587 GETCWD_CHECK_ACCESS, p); 588 589 if (error) 590 goto out; 591 lenused = bend - bp; 592 *retval = lenused; 593 /* put the result into user buffer */ 594 error = copyout(bp, SCARG(uap, bufp), lenused); 595 596 out: 597 free(path, M_TEMP); 598 return error; 599 } 600 601 602 603
Indexes created Sun Sep 21 20:09:37 GMT 2025