vfs_getcwd.c revision 1.4
1 /* $NetBSD: vfs_getcwd.c,v 1.4 1999/04/05 03:33:31 sommerfe Exp $ */ 2 3 /*- 4 * Copyright (c) 1999 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Bill Sommerfeld. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/namei.h> 42 #include <sys/filedesc.h> 43 #include <sys/kernel.h> 44 #include <sys/file.h> 45 #include <sys/stat.h> 46 #include <sys/vnode.h> 47 #include <sys/mount.h> 48 #include <sys/proc.h> 49 #include <sys/uio.h> 50 #include <sys/malloc.h> 51 #include <sys/dirent.h> 52 #include <ufs/ufs/dir.h> /* XXX only for DIRBLKSIZ */ 53 54 #include <sys/syscallargs.h> 55 56 static int 57 getcwd_scandir __P((struct vnode *, struct vnode **, 58 char **, char *, struct proc *)); 59 static int 60 getcwd_getcache __P((struct vnode **, struct vnode **, 61 char **, char *)); 62 static int 63 getcwd_common __P((struct vnode *, struct vnode *, 64 char **, char *, int, int, struct proc *)); 65 66 int vn_isunder __P((struct vnode *, struct vnode *, struct proc *)); 67 68 #define DIRENT_MINSIZE (sizeof(struct dirent) - (MAXNAMLEN+1) + 4) 69 70 /* 71 * XXX Will infinite loop in certain cases if a directory read reliably 72 * returns EINVAL on last block. 73 * XXX is EINVAL the right thing to return if a directory is malformed? 74 */ 75 76 /* 77 * Find parent vnode of cvp, return in *pvpp 78 * Scan it looking for name of directory entry pointing at cvp. 79 * 80 * Place the name in the buffer which starts at bufp, immediately 81 * before *bpp, and move bpp backwards to point at the start of it. 82 */ 83 static int 84 getcwd_scandir(cvp, pvpp, bpp, bufp, p) 85 struct vnode *cvp; 86 struct vnode **pvpp; 87 char **bpp; 88 char *bufp; 89 struct proc *p; 90 { 91 int error = 0; 92 int eofflag; 93 off_t off; 94 int tries; 95 struct uio uio; 96 struct iovec iov; 97 char *dirbuf = NULL; 98 int dirbuflen; 99 ino_t fileno; 100 struct vattr va; 101 struct vnode *pvp = NULL; 102 struct componentname cn; 103 int len, reclen; 104 tries = 0; 105 106 /* 107 * Ok, we have to do it the hard way.. 108 * First, get parent vnode using lookup of .. 109 */ 110 cn.cn_nameiop = LOOKUP; 111 cn.cn_flags = ISLASTCN | ISDOTDOT | RDONLY | LOCKPARENT; 112 cn.cn_proc = p; 113 cn.cn_cred = p->p_ucred; 114 cn.cn_pnbuf = NULL; 115 cn.cn_nameptr = ".."; 116 cn.cn_namelen = 2; 117 cn.cn_hash = 0; 118 cn.cn_consume = 0; 119 120 /* 121 * At this point, cvp is locked, and will be locked 122 * on return in all cases. 123 * On successful return, *pvpp will also be locked 124 */ 125 error = VOP_LOOKUP(cvp, pvpp, &cn); 126 if (error) { 127 *pvpp = NULL; 128 return error; 129 } 130 pvp = *pvpp; 131 132 /* If we don't care about the pathname, we're done */ 133 if (bufp == NULL) 134 return 0; 135 136 error = VOP_GETATTR(cvp, &va, p->p_ucred, p); 137 if (error) 138 return error; 139 fileno = va.va_fileid; 140 141 142 dirbuflen = DIRBLKSIZ; 143 if (dirbuflen < va.va_blocksize) 144 dirbuflen = va.va_blocksize; 145 dirbuf = (char *)malloc(dirbuflen, M_TEMP, M_WAITOK); 146 147 #if 0 148 unionread: 149 #endif 150 off = 0; 151 do { 152 /* call VOP_READDIR of parent */ 153 iov.iov_base = dirbuf; 154 iov.iov_len = dirbuflen; 155 156 uio.uio_iov = &iov; 157 uio.uio_iovcnt = 1; 158 uio.uio_offset = off; 159 uio.uio_resid = dirbuflen; 160 uio.uio_segflg = UIO_SYSSPACE; 161 uio.uio_rw = UIO_READ; 162 uio.uio_procp = p; 163 164 eofflag = 0; 165 166 error = VOP_READDIR(pvp, &uio, p->p_ucred, &eofflag, 0, 0); 167 168 off = uio.uio_offset; 169 170 /* 171 * Try again if NFS tosses its cookies. 172 * XXX this can still loop forever if the directory is busted 173 * such that the second or subsequent page of it always 174 * returns EINVAL 175 */ 176 if ((error == EINVAL) && (tries < 3)) { 177 off = 0; 178 tries++; 179 continue; /* once more, with feeling */ 180 } 181 182 if (!error) { 183 char *cpos; 184 struct dirent *dp; 185 186 cpos = dirbuf; 187 tries = 0; 188 189 /* scan directory page looking for matching vnode */ 190 for (len = (dirbuflen - uio.uio_resid); len > 0; len -= reclen) { 191 dp = (struct dirent *) cpos; 192 reclen = dp->d_reclen; 193 194 /* check for malformed directory.. */ 195 if (reclen < DIRENT_MINSIZE) { 196 error = EINVAL; 197 goto out; 198 } 199 /* 200 * XXX should perhaps do VOP_LOOKUP to 201 * check that we got back to the right place, 202 * but getting the locking games for that 203 * right would be heinous. 204 */ 205 if ((dp->d_type != DT_WHT) && 206 (dp->d_fileno == fileno)) { 207 char *bp = *bpp; 208 bp -= dp->d_namlen; 209 210 if (bp <= bufp) { 211 error = ERANGE; 212 goto out; 213 } 214 memcpy(bp, dp->d_name, dp->d_namlen); 215 error = 0; 216 *bpp = bp; 217 goto out; 218 } 219 cpos += reclen; 220 } 221 } 222 } while (!eofflag); 223 #if 0 224 /* 225 * Deal with mount -o union, which unions only the 226 * root directory of the mount. 227 */ 228 if ((pvp->v_flag & VROOT) && 229 (pvp->v_mount->mnt_flag & MNT_UNION)) { 230 struct vnode *tvp = pvp; 231 pvp = pvp->v_mount->mnt_vnodecovered; 232 vput(tvp); 233 VREF(pvp); 234 *pvpp = pvp; 235 error = vn_lock(pvp, LK_EXCLUSIVE | LK_RETRY); 236 if (error != 0) { 237 vrele(pvp); 238 *pvpp = pvp = NULL; 239 goto out; 240 } 241 goto unionread; 242 } 243 #endif 244 error = ENOENT; 245 246 out: 247 free(dirbuf, M_TEMP); 248 return error; 249 } 250 251 /* 252 * Look in the vnode-to-name reverse cache to see if 253 * we can find things the easy way. 254 * 255 * XXX vn_lock/vget failure paths are untested. 256 */ 257 258 static int 259 getcwd_getcache(vpp, dvpp, bpp, bufp) 260 struct vnode **vpp, **dvpp; 261 char **bpp; 262 char *bufp; 263 { 264 struct vnode *cvp, *pvp = NULL; 265 int error; 266 267 cvp = *vpp; 268 269 error = cache_revlookup(cvp, dvpp, bpp, bufp); 270 if (error) 271 return error; 272 pvp = *dvpp; 273 274 /* 275 * Do a little dance with the locks to avoid deadlocking 276 * someone going the other way. Since we're going up, we have 277 * to release the current lock before we take the parent lock, 278 * and then re-take the current lock. Since either lock can 279 * fail, causing us to abort, this is a little convoluted. 280 */ 281 282 VOP_UNLOCK(cvp, 0); 283 /* cur now unlocked... */ 284 error = vget(pvp, LK_EXCLUSIVE | LK_RETRY); 285 if (error != 0) { 286 vrele(cvp); 287 *vpp = NULL; 288 *dvpp = NULL; 289 return error; 290 } 291 /* parent is now locked */ 292 error = vn_lock(cvp, LK_EXCLUSIVE | LK_RETRY); 293 if (error != 0) { 294 vrele(cvp); 295 *vpp = NULL; 296 return error; 297 } 298 /* ok, cur is now locked again.. */ 299 return 0; 300 } 301 302 /* 303 * common routine shared by sys___getcwd() and vn_isunder() 304 */ 305 306 #define GETCWD_CHECK_ACCESS 0x0001 307 308 static int getcwd_common (dvp, rvp, bpp, bufp, limit, flags, p) 309 struct vnode *dvp; 310 struct vnode *rvp; 311 char **bpp; 312 char *bufp; 313 int limit; 314 int flags; 315 struct proc *p; 316 { 317 struct filedesc *fdp = p->p_fd; 318 struct vnode *pvp = NULL; 319 char *bp = NULL; 320 int error; 321 322 if (rvp == NULL) { 323 rvp = fdp->fd_rdir; 324 if (rvp == NULL) 325 rvp = rootvnode; 326 } 327 328 VREF(rvp); 329 VREF(dvp); 330 331 /* 332 * Error handling invariant: 333 * Before a `goto out': 334 * dvp is either NULL, or locked and held. 335 * pvp is either NULL, or locked and held. 336 */ 337 338 error = vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY); 339 if (error) { 340 vrele(dvp); 341 dvp = NULL; 342 goto out; 343 } 344 if (bufp) 345 bp = *bpp; 346 /* 347 * this loop will terminate when one of the following happens: 348 * - we hit the root 349 * - getdirentries or lookup fails 350 * - we run out of space in the buffer. 351 */ 352 if (dvp == rvp) { 353 if (bufp) 354 *(--(*bpp)) = '/'; 355 goto out; 356 } 357 do { 358 if (dvp->v_type != VDIR) { 359 error = ENOTDIR; 360 goto out; 361 } 362 363 /* 364 * access check here is optional, depending on 365 * whether or not caller cares. 366 */ 367 if (flags & GETCWD_CHECK_ACCESS) { 368 error = VOP_ACCESS(dvp, VEXEC|VREAD, p->p_ucred, p); 369 if (error) 370 goto out; 371 } 372 373 /* 374 * step up if we're a covered vnode.. 375 */ 376 while (dvp->v_flag & VROOT) { 377 struct vnode *tvp; 378 379 if (dvp == rvp) 380 goto out; 381 382 tvp = dvp; 383 dvp = dvp->v_mount->mnt_vnodecovered; 384 vput(tvp); 385 /* 386 * hodie natus est radici frater 387 */ 388 if (dvp == NULL) { 389 error = ENOENT; 390 goto out; 391 } 392 VREF(dvp); 393 error = vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY); 394 if (error != 0) { 395 vrele(dvp); 396 dvp = NULL; 397 goto out; 398 } 399 } 400 /* 401 * Look in the name cache; if that fails, look in the 402 * directory.. 403 */ 404 error = getcwd_getcache(&dvp, &pvp, bpp, bufp); 405 if (error == -1) 406 error = getcwd_scandir(dvp, &pvp, bpp, bufp, p); 407 if (error) 408 goto out; 409 #if DIAGNOSTIC 410 if (dvp == pvp) { 411 panic("getcwd: oops, dvp == pvp"); 412 } 413 if (bufp && (bp <= bufp)) { 414 panic("getcwd: oops, went back too far"); 415 } 416 #endif 417 if (bufp) *(--(*bpp)) = '/'; 418 419 vput(dvp); 420 dvp = pvp; 421 pvp = NULL; 422 limit--; 423 } while ((dvp != rvp) && (limit > 0)); 424 425 out: 426 if (pvp) 427 vput(pvp); 428 if (dvp) 429 vput(dvp); 430 vrele(rvp); 431 return error; 432 } 433 434 /* 435 * Check if one directory can be found inside another in the directory 436 * hierarchy. 437 * 438 * Intended to be used in chroot, chdir, fchdir, etc., to ensure that 439 * chroot() actually means something. 440 */ 441 int vn_isunder(dvp, rvp, p) 442 struct vnode *dvp; 443 struct vnode *rvp; 444 struct proc *p; 445 { 446 int error; 447 448 error = getcwd_common (dvp, rvp, NULL, NULL, MAXPATHLEN/2, 0, p); 449 450 if (!error) 451 return 1; 452 else 453 return 0; 454 } 455 456 /* 457 * Returns true if proc p1's root directory equal to or under p2's 458 * root directory. 459 * 460 * Intended to be used from ptrace/procfs sorts of things. 461 */ 462 463 int proc_isunder (p1, p2) 464 struct proc *p1; 465 struct proc *p2; 466 { 467 struct vnode *r1 = p1->p_fd->fd_rdir; 468 struct vnode *r2 = p2->p_fd->fd_rdir; 469 470 if (r1 == NULL) 471 return (r2 == NULL); 472 else if (r2 == NULL) 473 return 1; 474 else 475 return vn_isunder(r1, r2, p2); 476 } 477 478 479 int sys___getcwd(p, v, retval) 480 struct proc *p; 481 void *v; 482 register_t *retval; 483 { 484 register struct sys___getcwd_args /* { 485 syscallarg(char *) bufp; 486 syscallarg(size_t) length; 487 } */ *uap = v; 488 489 int error; 490 char *path; 491 char *bp, *bend; 492 int len = SCARG(uap, length); 493 int lenused; 494 495 if ((len < 2) || (len > MAXPATHLEN*4)) 496 return ERANGE; 497 498 path = (char *)malloc(len, M_TEMP, M_WAITOK); 499 if (!path) 500 return ENOMEM; 501 502 bp = &path[len]; 503 bend = bp; 504 *(--bp) = '\0'; 505 506 error = getcwd_common (p->p_fd->fd_cdir, NULL, &bp, path, len/2, 507 GETCWD_CHECK_ACCESS, p); 508 509 if (error) 510 goto out; 511 lenused = bend - bp; 512 *retval = lenused; 513 /* put the result into user buffer */ 514 error = copyout(bp, SCARG(uap, bufp), lenused); 515 516 out: 517 free(path, M_TEMP); 518 return error; 519 } 520 521 522 523 /* 524 * Find pathname of process's current directory. 525 * 526 * Use vfs vnode-to-name reverse cache; if that fails, fall back 527 * to reading directory contents. 528 */ 529 530 /* 531 * XXX Untested vs. mount -o union; probably does the wrong thing. 532 * XXX Untested vs chroot 533 * XXX most error paths probably work, but many locking-related ones 534 * aren't tested well. 535 */ 536 #if 0 537 538 int 539 sys___getcwd(p, v, retval) 540 struct proc *p; 541 void *v; 542 register_t *retval; 543 { 544 register struct sys___getcwd_args /* { 545 syscallarg(char *) bufp; 546 syscallarg(size_t) length; 547 } */ *uap = v; 548 549 struct filedesc *fdp = p->p_fd; 550 struct vnode *cvp = NULL, *pvp = NULL, *rootvp = NULL; 551 int error; 552 char *path; 553 char *bp, *bend; 554 int len = SCARG(uap, length); 555 int lenused; 556 557 if ((len < 2) || (len > MAXPATHLEN*4)) 558 return ERANGE; 559 560 path = (char *)malloc(len, M_TEMP, M_WAITOK); 561 if (!path) 562 return ENOMEM; 563 564 bp = &path[len]; 565 bend = bp; 566 *(--bp) = '\0'; 567 568 rootvp = fdp->fd_rdir; 569 if (rootvp == NULL) 570 rootvp = rootvnode; 571 572 cvp = fdp->fd_cdir; 573 574 VREF(rootvp); 575 VREF(cvp); 576 577 /* 578 * Error handling invariant: 579 * Before a `goto out': 580 * cvp is either NULL, or locked and held. 581 * pvp is either NULL, or locked and held. 582 */ 583 584 error = vn_lock(cvp, LK_EXCLUSIVE | LK_RETRY); 585 if (error) { 586 vrele(cvp); 587 cvp = NULL; 588 goto out; 589 } 590 /* 591 * this loop will terminate when one of the following happens: 592 * - we hit the root 593 * - getdirentries or lookup fails 594 * - we run out of space in the buffer. 595 */ 596 if (cvp == rootvp) { 597 *(--bp) = '/'; 598 goto hitroot; 599 } 600 do { 601 /* 602 * so, are we even allowed to look at this directory? 603 */ 604 605 error = VOP_ACCESS(cvp, VEXEC|VREAD, p->p_ucred, p); 606 if (error) 607 goto out; 608 609 /* 610 * step up if we're a covered vnode.. 611 */ 612 while (cvp->v_flag & VROOT) { 613 struct vnode *tvp; 614 615 if (cvp == rootvp) 616 goto hitroot; 617 618 tvp = cvp; 619 cvp = cvp->v_mount->mnt_vnodecovered; 620 vput(tvp); 621 VREF(cvp); 622 error = vn_lock(cvp, LK_EXCLUSIVE | LK_RETRY); 623 if (error != 0) { 624 vrele(cvp); 625 cvp = NULL; 626 goto out; 627 } 628 } 629 /* 630 * Look in the name cache; if that fails, look in the directory.. 631 */ 632 error = getcwd_getcache(&cvp, &pvp, &bp, path); 633 if (error == -1) 634 error = getcwd_scandir(cvp, &pvp, &bp, path, p); 635 636 if (error) 637 goto out; 638 if (bp <= path) { 639 error = ERANGE; 640 goto out; 641 } 642 *(--bp) = '/'; 643 644 vput(cvp); 645 cvp = pvp; 646 pvp = NULL; 647 648 } while (cvp != rootvp); 649 hitroot: 650 651 lenused = bend - bp; 652 *retval = lenused; 653 /* put the result into user buffer */ 654 error = copyout(bp, SCARG(uap, bufp), lenused); 655 656 out: 657 if (pvp) 658 vput(pvp); 659 if (cvp) 660 vput(cvp); 661 vrele(rootvp); 662 free(path, M_TEMP); 663 return error; 664 } 665 #endif 666
Indexes created Mon Sep 22 13:09:51 GMT 2025