vfs_getcwd.c revision 1.5
1 /* $NetBSD: vfs_getcwd.c,v 1.5 1999/04/26 20:33:18 is Exp $ */ 2 3 /*- 4 * Copyright (c) 1999 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Bill Sommerfeld. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/namei.h> 42 #include <sys/filedesc.h> 43 #include <sys/kernel.h> 44 #include <sys/file.h> 45 #include <sys/stat.h> 46 #include <sys/vnode.h> 47 #include <sys/mount.h> 48 #include <sys/proc.h> 49 #include <sys/uio.h> 50 #include <sys/malloc.h> 51 #include <sys/dirent.h> 52 #include <ufs/ufs/dir.h> /* XXX only for DIRBLKSIZ */ 53 54 #include <sys/syscallargs.h> 55 56 static int 57 getcwd_scandir __P((struct vnode *, struct vnode **, 58 char **, char *, struct proc *)); 59 static int 60 getcwd_getcache __P((struct vnode **, struct vnode **, 61 char **, char *)); 62 static int 63 getcwd_common __P((struct vnode *, struct vnode *, 64 char **, char *, int, int, struct proc *)); 65 66 int vn_isunder __P((struct vnode *, struct vnode *, struct proc *)); 67 68 #define DIRENT_MINSIZE (sizeof(struct dirent) - (MAXNAMLEN+1) + 4) 69 70 /* 71 * XXX Will infinite loop in certain cases if a directory read reliably 72 * returns EINVAL on last block. 73 * XXX is EINVAL the right thing to return if a directory is malformed? 74 */ 75 76 /* 77 * Find parent vnode of cvp, return in *pvpp 78 * Scan it looking for name of directory entry pointing at cvp. 79 * 80 * Place the name in the buffer which starts at bufp, immediately 81 * before *bpp, and move bpp backwards to point at the start of it. 82 */ 83 static int 84 getcwd_scandir(cvp, pvpp, bpp, bufp, p) 85 struct vnode *cvp; 86 struct vnode **pvpp; 87 char **bpp; 88 char *bufp; 89 struct proc *p; 90 { 91 int error = 0; 92 int eofflag; 93 off_t off; 94 int tries; 95 struct uio uio; 96 struct iovec iov; 97 char *dirbuf = NULL; 98 int dirbuflen; 99 ino_t fileno; 100 struct vattr va; 101 struct vnode *pvp = NULL; 102 struct componentname cn; 103 int len, reclen; 104 tries = 0; 105 106 /* 107 * Ok, we have to do it the hard way.. 108 * First, get parent vnode using lookup of .. 109 */ 110 cn.cn_nameiop = LOOKUP; 111 cn.cn_flags = ISLASTCN | ISDOTDOT | RDONLY | LOCKPARENT; 112 cn.cn_proc = p; 113 cn.cn_cred = p->p_ucred; 114 cn.cn_pnbuf = NULL; 115 cn.cn_nameptr = ".."; 116 cn.cn_namelen = 2; 117 cn.cn_hash = 0; 118 cn.cn_consume = 0; 119 120 /* 121 * At this point, cvp is locked, and will be locked 122 * on return in all cases. 123 * On successful return, *pvpp will also be locked 124 */ 125 error = VOP_LOOKUP(cvp, pvpp, &cn); 126 if (error) { 127 *pvpp = NULL; 128 return error; 129 } 130 pvp = *pvpp; 131 132 /* If we don't care about the pathname, we're done */ 133 if (bufp == NULL) 134 return 0; 135 136 error = VOP_GETATTR(cvp, &va, p->p_ucred, p); 137 if (error) 138 return error; 139 fileno = va.va_fileid; 140 141 142 dirbuflen = DIRBLKSIZ; 143 if (dirbuflen < va.va_blocksize) 144 dirbuflen = va.va_blocksize; 145 dirbuf = (char *)malloc(dirbuflen, M_TEMP, M_WAITOK); 146 147 #if 0 148 unionread: 149 #endif 150 off = 0; 151 do { 152 /* call VOP_READDIR of parent */ 153 iov.iov_base = dirbuf; 154 iov.iov_len = dirbuflen; 155 156 uio.uio_iov = &iov; 157 uio.uio_iovcnt = 1; 158 uio.uio_offset = off; 159 uio.uio_resid = dirbuflen; 160 uio.uio_segflg = UIO_SYSSPACE; 161 uio.uio_rw = UIO_READ; 162 uio.uio_procp = p; 163 164 eofflag = 0; 165 166 /* XXX un-break adosfs */ 167 VOP_UNLOCK(cvp, 0); 168 169 error = VOP_READDIR(pvp, &uio, p->p_ucred, &eofflag, 0, 0); 170 171 /* XXX not handling lock failures here.. */ 172 (void) vn_lock(cvp, LK_EXCLUSIVE | LK_RETRY); 173 174 off = uio.uio_offset; 175 176 /* 177 * Try again if NFS tosses its cookies. 178 * XXX this can still loop forever if the directory is busted 179 * such that the second or subsequent page of it always 180 * returns EINVAL 181 */ 182 if ((error == EINVAL) && (tries < 3)) { 183 off = 0; 184 tries++; 185 continue; /* once more, with feeling */ 186 } 187 188 if (!error) { 189 char *cpos; 190 struct dirent *dp; 191 192 cpos = dirbuf; 193 tries = 0; 194 195 /* scan directory page looking for matching vnode */ 196 for (len = (dirbuflen - uio.uio_resid); len > 0; len -= reclen) { 197 dp = (struct dirent *) cpos; 198 reclen = dp->d_reclen; 199 200 /* check for malformed directory.. */ 201 if (reclen < DIRENT_MINSIZE) { 202 error = EINVAL; 203 goto out; 204 } 205 /* 206 * XXX should perhaps do VOP_LOOKUP to 207 * check that we got back to the right place, 208 * but getting the locking games for that 209 * right would be heinous. 210 */ 211 if ((dp->d_type != DT_WHT) && 212 (dp->d_fileno == fileno)) { 213 char *bp = *bpp; 214 bp -= dp->d_namlen; 215 216 if (bp <= bufp) { 217 error = ERANGE; 218 goto out; 219 } 220 memcpy(bp, dp->d_name, dp->d_namlen); 221 error = 0; 222 *bpp = bp; 223 goto out; 224 } 225 cpos += reclen; 226 } 227 } 228 } while (!eofflag); 229 #if 0 230 /* 231 * Deal with mount -o union, which unions only the 232 * root directory of the mount. 233 */ 234 if ((pvp->v_flag & VROOT) && 235 (pvp->v_mount->mnt_flag & MNT_UNION)) { 236 struct vnode *tvp = pvp; 237 pvp = pvp->v_mount->mnt_vnodecovered; 238 vput(tvp); 239 VREF(pvp); 240 *pvpp = pvp; 241 error = vn_lock(pvp, LK_EXCLUSIVE | LK_RETRY); 242 if (error != 0) { 243 vrele(pvp); 244 *pvpp = pvp = NULL; 245 goto out; 246 } 247 goto unionread; 248 } 249 #endif 250 error = ENOENT; 251 252 out: 253 free(dirbuf, M_TEMP); 254 return error; 255 } 256 257 /* 258 * Look in the vnode-to-name reverse cache to see if 259 * we can find things the easy way. 260 * 261 * XXX vn_lock/vget failure paths are untested. 262 */ 263 264 static int 265 getcwd_getcache(vpp, dvpp, bpp, bufp) 266 struct vnode **vpp, **dvpp; 267 char **bpp; 268 char *bufp; 269 { 270 struct vnode *cvp, *pvp = NULL; 271 int error; 272 273 cvp = *vpp; 274 275 error = cache_revlookup(cvp, dvpp, bpp, bufp); 276 if (error) 277 return error; 278 pvp = *dvpp; 279 280 /* 281 * Do a little dance with the locks to avoid deadlocking 282 * someone going the other way. Since we're going up, we have 283 * to release the current lock before we take the parent lock, 284 * and then re-take the current lock. Since either lock can 285 * fail, causing us to abort, this is a little convoluted. 286 */ 287 288 VOP_UNLOCK(cvp, 0); 289 /* cur now unlocked... */ 290 error = vget(pvp, LK_EXCLUSIVE | LK_RETRY); 291 if (error != 0) { 292 vrele(cvp); 293 *vpp = NULL; 294 *dvpp = NULL; 295 return error; 296 } 297 /* parent is now locked */ 298 error = vn_lock(cvp, LK_EXCLUSIVE | LK_RETRY); 299 if (error != 0) { 300 vrele(cvp); 301 *vpp = NULL; 302 return error; 303 } 304 /* ok, cur is now locked again.. */ 305 return 0; 306 } 307 308 /* 309 * common routine shared by sys___getcwd() and vn_isunder() 310 */ 311 312 #define GETCWD_CHECK_ACCESS 0x0001 313 314 static int getcwd_common (dvp, rvp, bpp, bufp, limit, flags, p) 315 struct vnode *dvp; 316 struct vnode *rvp; 317 char **bpp; 318 char *bufp; 319 int limit; 320 int flags; 321 struct proc *p; 322 { 323 struct filedesc *fdp = p->p_fd; 324 struct vnode *pvp = NULL; 325 char *bp = NULL; 326 int error; 327 328 if (rvp == NULL) { 329 rvp = fdp->fd_rdir; 330 if (rvp == NULL) 331 rvp = rootvnode; 332 } 333 334 VREF(rvp); 335 VREF(dvp); 336 337 /* 338 * Error handling invariant: 339 * Before a `goto out': 340 * dvp is either NULL, or locked and held. 341 * pvp is either NULL, or locked and held. 342 */ 343 344 error = vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY); 345 if (error) { 346 vrele(dvp); 347 dvp = NULL; 348 goto out; 349 } 350 if (bufp) 351 bp = *bpp; 352 /* 353 * this loop will terminate when one of the following happens: 354 * - we hit the root 355 * - getdirentries or lookup fails 356 * - we run out of space in the buffer. 357 */ 358 if (dvp == rvp) { 359 if (bufp) 360 *(--(*bpp)) = '/'; 361 goto out; 362 } 363 do { 364 if (dvp->v_type != VDIR) { 365 error = ENOTDIR; 366 goto out; 367 } 368 369 /* 370 * access check here is optional, depending on 371 * whether or not caller cares. 372 */ 373 if (flags & GETCWD_CHECK_ACCESS) { 374 error = VOP_ACCESS(dvp, VEXEC|VREAD, p->p_ucred, p); 375 if (error) 376 goto out; 377 } 378 379 /* 380 * step up if we're a covered vnode.. 381 */ 382 while (dvp->v_flag & VROOT) { 383 struct vnode *tvp; 384 385 if (dvp == rvp) 386 goto out; 387 388 tvp = dvp; 389 dvp = dvp->v_mount->mnt_vnodecovered; 390 vput(tvp); 391 /* 392 * hodie natus est radici frater 393 */ 394 if (dvp == NULL) { 395 error = ENOENT; 396 goto out; 397 } 398 VREF(dvp); 399 error = vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY); 400 if (error != 0) { 401 vrele(dvp); 402 dvp = NULL; 403 goto out; 404 } 405 } 406 /* 407 * Look in the name cache; if that fails, look in the 408 * directory.. 409 */ 410 error = getcwd_getcache(&dvp, &pvp, bpp, bufp); 411 if (error == -1) 412 error = getcwd_scandir(dvp, &pvp, bpp, bufp, p); 413 if (error) 414 goto out; 415 #if DIAGNOSTIC 416 if (dvp == pvp) { 417 panic("getcwd: oops, dvp == pvp"); 418 } 419 if (bufp && (bp <= bufp)) { 420 panic("getcwd: oops, went back too far"); 421 } 422 #endif 423 if (bufp) *(--(*bpp)) = '/'; 424 425 vput(dvp); 426 dvp = pvp; 427 pvp = NULL; 428 limit--; 429 } while ((dvp != rvp) && (limit > 0)); 430 431 out: 432 if (pvp) 433 vput(pvp); 434 if (dvp) 435 vput(dvp); 436 vrele(rvp); 437 return error; 438 } 439 440 /* 441 * Check if one directory can be found inside another in the directory 442 * hierarchy. 443 * 444 * Intended to be used in chroot, chdir, fchdir, etc., to ensure that 445 * chroot() actually means something. 446 */ 447 int vn_isunder(dvp, rvp, p) 448 struct vnode *dvp; 449 struct vnode *rvp; 450 struct proc *p; 451 { 452 int error; 453 454 error = getcwd_common (dvp, rvp, NULL, NULL, MAXPATHLEN/2, 0, p); 455 456 if (!error) 457 return 1; 458 else 459 return 0; 460 } 461 462 /* 463 * Returns true if proc p1's root directory equal to or under p2's 464 * root directory. 465 * 466 * Intended to be used from ptrace/procfs sorts of things. 467 */ 468 469 int proc_isunder (p1, p2) 470 struct proc *p1; 471 struct proc *p2; 472 { 473 struct vnode *r1 = p1->p_fd->fd_rdir; 474 struct vnode *r2 = p2->p_fd->fd_rdir; 475 476 if (r1 == NULL) 477 return (r2 == NULL); 478 else if (r2 == NULL) 479 return 1; 480 else 481 return vn_isunder(r1, r2, p2); 482 } 483 484 485 int sys___getcwd(p, v, retval) 486 struct proc *p; 487 void *v; 488 register_t *retval; 489 { 490 register struct sys___getcwd_args /* { 491 syscallarg(char *) bufp; 492 syscallarg(size_t) length; 493 } */ *uap = v; 494 495 int error; 496 char *path; 497 char *bp, *bend; 498 int len = SCARG(uap, length); 499 int lenused; 500 501 if ((len < 2) || (len > MAXPATHLEN*4)) 502 return ERANGE; 503 504 path = (char *)malloc(len, M_TEMP, M_WAITOK); 505 if (!path) 506 return ENOMEM; 507 508 bp = &path[len]; 509 bend = bp; 510 *(--bp) = '\0'; 511 512 error = getcwd_common (p->p_fd->fd_cdir, NULL, &bp, path, len/2, 513 GETCWD_CHECK_ACCESS, p); 514 515 if (error) 516 goto out; 517 lenused = bend - bp; 518 *retval = lenused; 519 /* put the result into user buffer */ 520 error = copyout(bp, SCARG(uap, bufp), lenused); 521 522 out: 523 free(path, M_TEMP); 524 return error; 525 } 526 527 528 529 /* 530 * Find pathname of process's current directory. 531 * 532 * Use vfs vnode-to-name reverse cache; if that fails, fall back 533 * to reading directory contents. 534 */ 535 536 /* 537 * XXX Untested vs. mount -o union; probably does the wrong thing. 538 * XXX Untested vs chroot 539 * XXX most error paths probably work, but many locking-related ones 540 * aren't tested well. 541 */ 542 #if 0 543 544 int 545 sys___getcwd(p, v, retval) 546 struct proc *p; 547 void *v; 548 register_t *retval; 549 { 550 register struct sys___getcwd_args /* { 551 syscallarg(char *) bufp; 552 syscallarg(size_t) length; 553 } */ *uap = v; 554 555 struct filedesc *fdp = p->p_fd; 556 struct vnode *cvp = NULL, *pvp = NULL, *rootvp = NULL; 557 int error; 558 char *path; 559 char *bp, *bend; 560 int len = SCARG(uap, length); 561 int lenused; 562 563 if ((len < 2) || (len > MAXPATHLEN*4)) 564 return ERANGE; 565 566 path = (char *)malloc(len, M_TEMP, M_WAITOK); 567 if (!path) 568 return ENOMEM; 569 570 bp = &path[len]; 571 bend = bp; 572 *(--bp) = '\0'; 573 574 rootvp = fdp->fd_rdir; 575 if (rootvp == NULL) 576 rootvp = rootvnode; 577 578 cvp = fdp->fd_cdir; 579 580 VREF(rootvp); 581 VREF(cvp); 582 583 /* 584 * Error handling invariant: 585 * Before a `goto out': 586 * cvp is either NULL, or locked and held. 587 * pvp is either NULL, or locked and held. 588 */ 589 590 error = vn_lock(cvp, LK_EXCLUSIVE | LK_RETRY); 591 if (error) { 592 vrele(cvp); 593 cvp = NULL; 594 goto out; 595 } 596 /* 597 * this loop will terminate when one of the following happens: 598 * - we hit the root 599 * - getdirentries or lookup fails 600 * - we run out of space in the buffer. 601 */ 602 if (cvp == rootvp) { 603 *(--bp) = '/'; 604 goto hitroot; 605 } 606 do { 607 /* 608 * so, are we even allowed to look at this directory? 609 */ 610 611 error = VOP_ACCESS(cvp, VEXEC|VREAD, p->p_ucred, p); 612 if (error) 613 goto out; 614 615 /* 616 * step up if we're a covered vnode.. 617 */ 618 while (cvp->v_flag & VROOT) { 619 struct vnode *tvp; 620 621 if (cvp == rootvp) 622 goto hitroot; 623 624 tvp = cvp; 625 cvp = cvp->v_mount->mnt_vnodecovered; 626 vput(tvp); 627 VREF(cvp); 628 error = vn_lock(cvp, LK_EXCLUSIVE | LK_RETRY); 629 if (error != 0) { 630 vrele(cvp); 631 cvp = NULL; 632 goto out; 633 } 634 } 635 /* 636 * Look in the name cache; if that fails, look in the directory.. 637 */ 638 error = getcwd_getcache(&cvp, &pvp, &bp, path); 639 if (error == -1) 640 error = getcwd_scandir(cvp, &pvp, &bp, path, p); 641 642 if (error) 643 goto out; 644 if (bp <= path) { 645 error = ERANGE; 646 goto out; 647 } 648 *(--bp) = '/'; 649 650 vput(cvp); 651 cvp = pvp; 652 pvp = NULL; 653 654 } while (cvp != rootvp); 655 hitroot: 656 657 lenused = bend - bp; 658 *retval = lenused; 659 /* put the result into user buffer */ 660 error = copyout(bp, SCARG(uap, bufp), lenused); 661 662 out: 663 if (pvp) 664 vput(pvp); 665 if (cvp) 666 vput(cvp); 667 vrele(rootvp); 668 free(path, M_TEMP); 669 return error; 670 } 671 #endif 672
Indexes created Tue Sep 23 07:09:52 GMT 2025