umap_vnops.c revision 1.40
1 1.40 elad /* $NetBSD: umap_vnops.c,v 1.40 2006/09/08 20:58:57 elad Exp $ */ 2 1.2 cgd 3 1.1 mycroft /* 4 1.1 mycroft * Copyright (c) 1992, 1993 5 1.1 mycroft * The Regents of the University of California. All rights reserved. 6 1.1 mycroft * 7 1.1 mycroft * This code is derived from software donated to Berkeley by 8 1.1 mycroft * the UCLA Ficus project. 9 1.1 mycroft * 10 1.1 mycroft * Redistribution and use in source and binary forms, with or without 11 1.1 mycroft * modification, are permitted provided that the following conditions 12 1.1 mycroft * are met: 13 1.1 mycroft * 1. Redistributions of source code must retain the above copyright 14 1.1 mycroft * notice, this list of conditions and the following disclaimer. 15 1.1 mycroft * 2. Redistributions in binary form must reproduce the above copyright 16 1.1 mycroft * notice, this list of conditions and the following disclaimer in the 17 1.1 mycroft * documentation and/or other materials provided with the distribution. 18 1.23 agc * 3. Neither the name of the University nor the names of its contributors 19 1.1 mycroft * may be used to endorse or promote products derived from this software 20 1.1 mycroft * without specific prior written permission. 21 1.1 mycroft * 22 1.1 mycroft * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 1.1 mycroft * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 1.1 mycroft * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 1.1 mycroft * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 1.1 mycroft * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 1.1 mycroft * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 1.1 mycroft * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 1.1 mycroft * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 1.1 mycroft * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 1.1 mycroft * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 1.1 mycroft * SUCH DAMAGE. 33 1.1 mycroft * 34 1.10 fvdl * @(#)umap_vnops.c 8.6 (Berkeley) 5/22/95 35 1.1 mycroft */ 36 1.1 mycroft 37 1.1 mycroft /* 38 1.1 mycroft * Umap Layer 39 1.1 mycroft */ 40 1.19 lukem 41 1.19 lukem #include <sys/cdefs.h> 42 1.40 elad __KERNEL_RCSID(0, "$NetBSD: umap_vnops.c,v 1.40 2006/09/08 20:58:57 elad Exp $"); 43 1.1 mycroft 44 1.1 mycroft #include <sys/param.h> 45 1.1 mycroft #include <sys/systm.h> 46 1.1 mycroft #include <sys/time.h> 47 1.1 mycroft #include <sys/vnode.h> 48 1.1 mycroft #include <sys/mount.h> 49 1.1 mycroft #include <sys/namei.h> 50 1.1 mycroft #include <sys/malloc.h> 51 1.1 mycroft #include <sys/buf.h> 52 1.39 elad #include <sys/kauth.h> 53 1.39 elad 54 1.1 mycroft #include <miscfs/umapfs/umap.h> 55 1.10 fvdl #include <miscfs/genfs/genfs.h> 56 1.15 wrstuden #include <miscfs/genfs/layer_extern.h> 57 1.1 mycroft 58 1.34 xtraeme int umap_lookup(void *); 59 1.34 xtraeme int umap_getattr(void *); 60 1.34 xtraeme int umap_print(void *); 61 1.34 xtraeme int umap_rename(void *); 62 1.10 fvdl 63 1.5 christos /* 64 1.5 christos * Global vfs data structures 65 1.5 christos */ 66 1.5 christos /* 67 1.5 christos * XXX - strategy, bwrite are hand coded currently. They should 68 1.5 christos * go away with a merged buffer/block cache. 69 1.5 christos * 70 1.5 christos */ 71 1.34 xtraeme int (**umap_vnodeop_p)(void *); 72 1.18 jdolecek const struct vnodeopv_entry_desc umap_vnodeop_entries[] = { 73 1.15 wrstuden { &vop_default_desc, umap_bypass }, 74 1.5 christos 75 1.15 wrstuden { &vop_lookup_desc, umap_lookup }, 76 1.15 wrstuden { &vop_getattr_desc, umap_getattr }, 77 1.15 wrstuden { &vop_print_desc, umap_print }, 78 1.15 wrstuden { &vop_rename_desc, umap_rename }, 79 1.15 wrstuden 80 1.15 wrstuden { &vop_lock_desc, layer_lock }, 81 1.15 wrstuden { &vop_unlock_desc, layer_unlock }, 82 1.15 wrstuden { &vop_islocked_desc, layer_islocked }, 83 1.15 wrstuden { &vop_fsync_desc, layer_fsync }, 84 1.15 wrstuden { &vop_inactive_desc, layer_inactive }, 85 1.15 wrstuden { &vop_reclaim_desc, layer_reclaim }, 86 1.15 wrstuden { &vop_open_desc, layer_open }, 87 1.15 wrstuden { &vop_setattr_desc, layer_setattr }, 88 1.15 wrstuden { &vop_access_desc, layer_access }, 89 1.26 wrstuden { &vop_remove_desc, layer_remove }, 90 1.32 hannken { &vop_rmdir_desc, layer_rmdir }, 91 1.15 wrstuden 92 1.15 wrstuden { &vop_bwrite_desc, layer_bwrite }, 93 1.15 wrstuden { &vop_bmap_desc, layer_bmap }, 94 1.22 chs { &vop_getpages_desc, layer_getpages }, 95 1.21 chs { &vop_putpages_desc, layer_putpages }, 96 1.5 christos 97 1.21 chs { NULL, NULL } 98 1.5 christos }; 99 1.18 jdolecek const struct vnodeopv_desc umapfs_vnodeop_opv_desc = 100 1.5 christos { &umap_vnodeop_p, umap_vnodeop_entries }; 101 1.5 christos 102 1.1 mycroft /* 103 1.15 wrstuden * This is the 08-June-1999 bypass routine. 104 1.15 wrstuden * See layer_vnops.c:layer_bypass for more details. 105 1.33 perry */ 106 1.1 mycroft int 107 1.5 christos umap_bypass(v) 108 1.5 christos void *v; 109 1.5 christos { 110 1.1 mycroft struct vop_generic_args /* { 111 1.1 mycroft struct vnodeop_desc *a_desc; 112 1.1 mycroft <other random data follows, presumably> 113 1.5 christos } */ *ap = v; 114 1.34 xtraeme int (**our_vnodeop_p)(void *); 115 1.39 elad kauth_cred_t *credpp = NULL, credp = 0; 116 1.39 elad kauth_cred_t savecredp = 0, savecompcredp = 0; 117 1.39 elad kauth_cred_t compcredp = 0; 118 1.1 mycroft struct vnode **this_vp_p; 119 1.15 wrstuden int error, error1; 120 1.15 wrstuden struct vnode *old_vps[VDESC_MAX_VPS], *vp0; 121 1.1 mycroft struct vnode **vps_p[VDESC_MAX_VPS]; 122 1.1 mycroft struct vnode ***vppp; 123 1.1 mycroft struct vnodeop_desc *descp = ap->a_desc; 124 1.15 wrstuden int reles, i, flags; 125 1.1 mycroft struct componentname **compnamepp = 0; 126 1.1 mycroft 127 1.1 mycroft #ifdef SAFETY 128 1.1 mycroft /* 129 1.1 mycroft * We require at least one vp. 130 1.1 mycroft */ 131 1.1 mycroft if (descp->vdesc_vp_offsets == NULL || 132 1.1 mycroft descp->vdesc_vp_offsets[0] == VDESC_NO_OFFSET) 133 1.30 yamt panic("%s: no vp's in map.\n", __func__); 134 1.1 mycroft #endif 135 1.30 yamt 136 1.30 yamt vps_p[0] = 137 1.30 yamt VOPARG_OFFSETTO(struct vnode**, descp->vdesc_vp_offsets[0], ap); 138 1.15 wrstuden vp0 = *vps_p[0]; 139 1.15 wrstuden flags = MOUNTTOUMAPMOUNT(vp0->v_mount)->umapm_flags; 140 1.15 wrstuden our_vnodeop_p = vp0->v_op; 141 1.15 wrstuden 142 1.15 wrstuden if (flags & LAYERFS_MBYPASSDEBUG) 143 1.30 yamt printf("%s: %s\n", __func__, descp->vdesc_name); 144 1.1 mycroft 145 1.1 mycroft /* 146 1.1 mycroft * Map the vnodes going in. 147 1.1 mycroft * Later, we'll invoke the operation based on 148 1.1 mycroft * the first mapped vnode's operation vector. 149 1.1 mycroft */ 150 1.1 mycroft reles = descp->vdesc_flags; 151 1.1 mycroft for (i = 0; i < VDESC_MAX_VPS; reles >>= 1, i++) { 152 1.1 mycroft if (descp->vdesc_vp_offsets[i] == VDESC_NO_OFFSET) 153 1.1 mycroft break; /* bail out at end of list */ 154 1.33 perry vps_p[i] = this_vp_p = 155 1.30 yamt VOPARG_OFFSETTO(struct vnode**, descp->vdesc_vp_offsets[i], 156 1.30 yamt ap); 157 1.1 mycroft /* 158 1.1 mycroft * We're not guaranteed that any but the first vnode 159 1.1 mycroft * are of our type. Check for and don't map any 160 1.30 yamt * that aren't. (We must always map first vp or vclean fails.) 161 1.1 mycroft */ 162 1.30 yamt if (i && (*this_vp_p == NULL || 163 1.15 wrstuden (*this_vp_p)->v_op != our_vnodeop_p)) { 164 1.1 mycroft old_vps[i] = NULL; 165 1.1 mycroft } else { 166 1.1 mycroft old_vps[i] = *this_vp_p; 167 1.1 mycroft *(vps_p[i]) = UMAPVPTOLOWERVP(*this_vp_p); 168 1.30 yamt /* 169 1.30 yamt * XXX - Several operations have the side effect 170 1.30 yamt * of vrele'ing their vp's. We must account for 171 1.30 yamt * that. (This should go away in the future.) 172 1.30 yamt */ 173 1.30 yamt if (reles & VDESC_VP0_WILLRELE) 174 1.1 mycroft VREF(*this_vp_p); 175 1.1 mycroft } 176 1.33 perry 177 1.1 mycroft } 178 1.1 mycroft 179 1.1 mycroft /* 180 1.1 mycroft * Fix the credentials. (That's the purpose of this layer.) 181 1.1 mycroft */ 182 1.1 mycroft 183 1.1 mycroft if (descp->vdesc_cred_offset != VDESC_NO_OFFSET) { 184 1.1 mycroft 185 1.39 elad credpp = VOPARG_OFFSETTO(kauth_cred_t*, 186 1.1 mycroft descp->vdesc_cred_offset, ap); 187 1.1 mycroft 188 1.1 mycroft /* Save old values */ 189 1.1 mycroft 190 1.1 mycroft savecredp = *credpp; 191 1.1 mycroft if (savecredp != NOCRED) 192 1.39 elad *credpp = kauth_cred_dup(savecredp); 193 1.1 mycroft credp = *credpp; 194 1.1 mycroft 195 1.39 elad if ((flags & LAYERFS_MBYPASSDEBUG) && 196 1.40 elad kauth_authorize_generic(credp, KAUTH_GENERIC_ISSUSER, 197 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 198 1.33 perry printf("umap_bypass: user was %d, group %d\n", 199 1.39 elad kauth_cred_geteuid(credp), kauth_cred_getegid(credp)); 200 1.1 mycroft 201 1.1 mycroft /* Map all ids in the credential structure. */ 202 1.1 mycroft 203 1.15 wrstuden umap_mapids(vp0->v_mount, credp); 204 1.1 mycroft 205 1.39 elad if ((flags & LAYERFS_MBYPASSDEBUG) && 206 1.40 elad kauth_authorize_generic(credp, KAUTH_GENERIC_ISSUSER, 207 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 208 1.33 perry printf("umap_bypass: user now %d, group %d\n", 209 1.39 elad kauth_cred_geteuid(credp), kauth_cred_getegid(credp)); 210 1.1 mycroft } 211 1.1 mycroft 212 1.1 mycroft /* BSD often keeps a credential in the componentname structure 213 1.33 perry * for speed. If there is one, it better get mapped, too. 214 1.1 mycroft */ 215 1.1 mycroft 216 1.1 mycroft if (descp->vdesc_componentname_offset != VDESC_NO_OFFSET) { 217 1.1 mycroft 218 1.33 perry compnamepp = VOPARG_OFFSETTO(struct componentname**, 219 1.1 mycroft descp->vdesc_componentname_offset, ap); 220 1.1 mycroft 221 1.1 mycroft savecompcredp = (*compnamepp)->cn_cred; 222 1.1 mycroft if (savecompcredp != NOCRED) 223 1.39 elad (*compnamepp)->cn_cred = kauth_cred_dup(savecompcredp); 224 1.1 mycroft compcredp = (*compnamepp)->cn_cred; 225 1.1 mycroft 226 1.39 elad if ((flags & LAYERFS_MBYPASSDEBUG) && 227 1.40 elad kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, 228 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 229 1.33 perry printf("umap_bypass: component credit user was %d, group %d\n", 230 1.39 elad kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); 231 1.1 mycroft 232 1.1 mycroft /* Map all ids in the credential structure. */ 233 1.1 mycroft 234 1.15 wrstuden umap_mapids(vp0->v_mount, compcredp); 235 1.1 mycroft 236 1.39 elad if ((flags & LAYERFS_MBYPASSDEBUG) && 237 1.40 elad kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, 238 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 239 1.33 perry printf("umap_bypass: component credit user now %d, group %d\n", 240 1.39 elad kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); 241 1.1 mycroft } 242 1.1 mycroft 243 1.1 mycroft /* 244 1.1 mycroft * Call the operation on the lower layer 245 1.1 mycroft * with the modified argument structure. 246 1.1 mycroft */ 247 1.30 yamt error = VCALL(*vps_p[0], descp->vdesc_offset, ap); 248 1.1 mycroft 249 1.1 mycroft /* 250 1.1 mycroft * Maintain the illusion of call-by-value 251 1.1 mycroft * by restoring vnodes in the argument structure 252 1.1 mycroft * to their original value. 253 1.1 mycroft */ 254 1.1 mycroft reles = descp->vdesc_flags; 255 1.1 mycroft for (i = 0; i < VDESC_MAX_VPS; reles >>= 1, i++) { 256 1.1 mycroft if (descp->vdesc_vp_offsets[i] == VDESC_NO_OFFSET) 257 1.1 mycroft break; /* bail out at end of list */ 258 1.1 mycroft if (old_vps[i]) { 259 1.1 mycroft *(vps_p[i]) = old_vps[i]; 260 1.15 wrstuden if (reles & VDESC_VP0_WILLUNLOCK) 261 1.15 wrstuden LAYERFS_UPPERUNLOCK(*(vps_p[i]), 0, error1); 262 1.15 wrstuden if (reles & VDESC_VP0_WILLRELE) 263 1.1 mycroft vrele(*(vps_p[i])); 264 1.30 yamt } 265 1.30 yamt } 266 1.1 mycroft 267 1.1 mycroft /* 268 1.1 mycroft * Map the possible out-going vpp 269 1.1 mycroft * (Assumes that the lower layer always returns 270 1.1 mycroft * a VREF'ed vpp unless it gets an error.) 271 1.1 mycroft */ 272 1.1 mycroft if (descp->vdesc_vpp_offset != VDESC_NO_OFFSET && 273 1.1 mycroft !(descp->vdesc_flags & VDESC_NOMAP_VPP) && 274 1.1 mycroft !error) { 275 1.30 yamt /* 276 1.30 yamt * XXX - even though some ops have vpp returned vp's, 277 1.30 yamt * several ops actually vrele this before returning. 278 1.30 yamt * We must avoid these ops. 279 1.30 yamt * (This should go away when these ops are regularized.) 280 1.30 yamt */ 281 1.1 mycroft if (descp->vdesc_flags & VDESC_VPP_WILLRELE) 282 1.1 mycroft goto out; 283 1.1 mycroft vppp = VOPARG_OFFSETTO(struct vnode***, 284 1.1 mycroft descp->vdesc_vpp_offset, ap); 285 1.30 yamt /* 286 1.30 yamt * Only vop_lookup, vop_create, vop_makedir, vop_bmap, 287 1.30 yamt * vop_mknod, and vop_symlink return vpp's. vop_bmap 288 1.30 yamt * doesn't call bypass as the lower vpp is fine (we're just 289 1.30 yamt * going to do i/o on it). vop_lookup doesn't call bypass 290 1.30 yamt * as a lookup on "." would generate a locking error. 291 1.30 yamt * So all the calls which get us here have a locked vpp. :-) 292 1.30 yamt */ 293 1.15 wrstuden error = layer_node_create(old_vps[0]->v_mount, **vppp, *vppp); 294 1.29 yamt if (error) { 295 1.29 yamt vput(**vppp); 296 1.29 yamt **vppp = NULL; 297 1.29 yamt } 298 1.29 yamt } 299 1.1 mycroft 300 1.1 mycroft out: 301 1.33 perry /* 302 1.1 mycroft * Free duplicate cred structure and restore old one. 303 1.1 mycroft */ 304 1.1 mycroft if (descp->vdesc_cred_offset != VDESC_NO_OFFSET) { 305 1.15 wrstuden if ((flags & LAYERFS_MBYPASSDEBUG) && credp && 306 1.39 elad kauth_cred_geteuid(credp) != 0) 307 1.8 christos printf("umap_bypass: returning-user was %d\n", 308 1.39 elad kauth_cred_geteuid(credp)); 309 1.1 mycroft 310 1.36 christos if (savecredp != NOCRED && credpp) { 311 1.39 elad kauth_cred_free(credp); 312 1.1 mycroft *credpp = savecredp; 313 1.15 wrstuden if ((flags & LAYERFS_MBYPASSDEBUG) && credpp && 314 1.40 elad kauth_authorize_generic(*credpp, 315 1.40 elad KAUTH_GENERIC_ISSUSER,NULL) != KAUTH_RESULT_ALLOW) 316 1.33 perry printf("umap_bypass: returning-user now %d\n\n", 317 1.39 elad kauth_cred_geteuid(savecredp)); 318 1.1 mycroft } 319 1.1 mycroft } 320 1.1 mycroft 321 1.1 mycroft if (descp->vdesc_componentname_offset != VDESC_NO_OFFSET) { 322 1.15 wrstuden if ((flags & LAYERFS_MBYPASSDEBUG) && compcredp && 323 1.40 elad kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, 324 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 325 1.33 perry printf("umap_bypass: returning-component-user was %d\n", 326 1.39 elad kauth_cred_geteuid(compcredp)); 327 1.1 mycroft 328 1.1 mycroft if (savecompcredp != NOCRED) { 329 1.39 elad kauth_cred_free(compcredp); 330 1.1 mycroft (*compnamepp)->cn_cred = savecompcredp; 331 1.15 wrstuden if ((flags & LAYERFS_MBYPASSDEBUG) && savecompcredp && 332 1.40 elad kauth_authorize_generic(savecompcredp, 333 1.40 elad KAUTH_GENERIC_ISSUSER, NULL) != KAUTH_RESULT_ALLOW) 334 1.33 perry printf("umap_bypass: returning-component-user now %d\n", 335 1.39 elad kauth_cred_geteuid(savecompcredp)); 336 1.1 mycroft } 337 1.1 mycroft } 338 1.1 mycroft 339 1.1 mycroft return (error); 340 1.1 mycroft } 341 1.1 mycroft 342 1.10 fvdl /* 343 1.15 wrstuden * This is based on the 08-June-1999 bypass routine. 344 1.15 wrstuden * See layer_vnops.c:layer_bypass for more details. 345 1.33 perry */ 346 1.10 fvdl int 347 1.15 wrstuden umap_lookup(v) 348 1.10 fvdl void *v; 349 1.10 fvdl { 350 1.15 wrstuden struct vop_lookup_args /* { 351 1.15 wrstuden struct vnodeop_desc *a_desc; 352 1.15 wrstuden struct vnode * a_dvp; 353 1.15 wrstuden struct vnode ** a_vpp; 354 1.15 wrstuden struct componentname * a_cnp; 355 1.15 wrstuden } */ *ap = v; 356 1.15 wrstuden struct componentname *cnp = ap->a_cnp; 357 1.39 elad kauth_cred_t savecompcredp = NULL; 358 1.39 elad kauth_cred_t compcredp = NULL; 359 1.15 wrstuden struct vnode *dvp, *vp, *ldvp; 360 1.15 wrstuden struct mount *mp; 361 1.15 wrstuden int error; 362 1.15 wrstuden int i, flags, cnf = cnp->cn_flags; 363 1.15 wrstuden 364 1.15 wrstuden dvp = ap->a_dvp; 365 1.15 wrstuden mp = dvp->v_mount; 366 1.15 wrstuden 367 1.15 wrstuden if ((cnf & ISLASTCN) && (dvp->v_mount->mnt_flag & MNT_RDONLY) && 368 1.15 wrstuden (cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME)) 369 1.15 wrstuden return (EROFS); 370 1.15 wrstuden 371 1.15 wrstuden flags = MOUNTTOUMAPMOUNT(mp)->umapm_flags; 372 1.15 wrstuden ldvp = UMAPVPTOLOWERVP(dvp); 373 1.15 wrstuden 374 1.15 wrstuden if (flags & LAYERFS_MBYPASSDEBUG) 375 1.15 wrstuden printf("umap_lookup\n"); 376 1.15 wrstuden 377 1.15 wrstuden /* 378 1.15 wrstuden * Fix the credentials. (That's the purpose of this layer.) 379 1.15 wrstuden * 380 1.15 wrstuden * BSD often keeps a credential in the componentname structure 381 1.33 perry * for speed. If there is one, it better get mapped, too. 382 1.15 wrstuden */ 383 1.15 wrstuden 384 1.15 wrstuden if ((savecompcredp = cnp->cn_cred)) { 385 1.39 elad compcredp = kauth_cred_dup(savecompcredp); 386 1.15 wrstuden cnp->cn_cred = compcredp; 387 1.15 wrstuden 388 1.40 elad if ((flags & LAYERFS_MBYPASSDEBUG) && 389 1.40 elad kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, 390 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 391 1.33 perry printf("umap_lookup: component credit user was %d, group %d\n", 392 1.39 elad kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); 393 1.10 fvdl 394 1.15 wrstuden /* Map all ids in the credential structure. */ 395 1.15 wrstuden umap_mapids(mp, compcredp); 396 1.15 wrstuden } 397 1.10 fvdl 398 1.40 elad if ((flags & LAYERFS_MBYPASSDEBUG) && compcredp && 399 1.40 elad kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, 400 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 401 1.33 perry printf("umap_lookup: component credit user now %d, group %d\n", 402 1.39 elad kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); 403 1.10 fvdl 404 1.15 wrstuden ap->a_dvp = ldvp; 405 1.15 wrstuden error = VCALL(ldvp, ap->a_desc->vdesc_offset, ap); 406 1.16 wrstuden vp = *ap->a_vpp; 407 1.28 yamt *ap->a_vpp = NULL; 408 1.12 sommerfe 409 1.15 wrstuden if (error == EJUSTRETURN && (cnf & ISLASTCN) && 410 1.15 wrstuden (dvp->v_mount->mnt_flag & MNT_RDONLY) && 411 1.15 wrstuden (cnp->cn_nameiop == CREATE || cnp->cn_nameiop == RENAME)) 412 1.15 wrstuden error = EROFS; 413 1.15 wrstuden 414 1.15 wrstuden /* Do locking fixup as appropriate. See layer_lookup() for info */ 415 1.15 wrstuden if ((cnp->cn_flags & PDIRUNLOCK)) { 416 1.15 wrstuden LAYERFS_UPPERUNLOCK(dvp, 0, i); 417 1.15 wrstuden } 418 1.15 wrstuden if (ldvp == vp) { 419 1.15 wrstuden *ap->a_vpp = dvp; 420 1.15 wrstuden VREF(dvp); 421 1.15 wrstuden vrele(vp); 422 1.15 wrstuden } else if (vp != NULL) { 423 1.15 wrstuden error = layer_node_create(mp, vp, ap->a_vpp); 424 1.29 yamt if (error) { 425 1.29 yamt vput(vp); 426 1.29 yamt if (cnp->cn_flags & PDIRUNLOCK) { 427 1.31 wrstuden if (vn_lock(dvp, LK_EXCLUSIVE | LK_RETRY) == 0) 428 1.31 wrstuden cnp->cn_flags &= ~PDIRUNLOCK; 429 1.29 yamt } 430 1.29 yamt } 431 1.15 wrstuden } 432 1.12 sommerfe 433 1.33 perry /* 434 1.15 wrstuden * Free duplicate cred structure and restore old one. 435 1.15 wrstuden */ 436 1.15 wrstuden if ((flags & LAYERFS_MBYPASSDEBUG) && compcredp && 437 1.40 elad kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, 438 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 439 1.33 perry printf("umap_lookup: returning-component-user was %d\n", 440 1.39 elad kauth_cred_geteuid(compcredp)); 441 1.12 sommerfe 442 1.15 wrstuden if (savecompcredp != NOCRED) { 443 1.38 christos if (compcredp) 444 1.39 elad kauth_cred_free(compcredp); 445 1.15 wrstuden cnp->cn_cred = savecompcredp; 446 1.15 wrstuden if ((flags & LAYERFS_MBYPASSDEBUG) && savecompcredp && 447 1.40 elad kauth_authorize_generic(savecompcredp, 448 1.40 elad KAUTH_GENERIC_ISSUSER, NULL) != KAUTH_RESULT_ALLOW) 449 1.33 perry printf("umap_lookup: returning-component-user now %d\n", 450 1.39 elad kauth_cred_geteuid(savecompcredp)); 451 1.15 wrstuden } 452 1.12 sommerfe 453 1.15 wrstuden return (error); 454 1.10 fvdl } 455 1.1 mycroft 456 1.1 mycroft /* 457 1.1 mycroft * We handle getattr to change the fsid. 458 1.1 mycroft */ 459 1.1 mycroft int 460 1.5 christos umap_getattr(v) 461 1.5 christos void *v; 462 1.5 christos { 463 1.1 mycroft struct vop_getattr_args /* { 464 1.1 mycroft struct vnode *a_vp; 465 1.1 mycroft struct vattr *a_vap; 466 1.39 elad kauth_cred_t a_cred; 467 1.35 christos struct lwp *a_l; 468 1.5 christos } */ *ap = v; 469 1.1 mycroft uid_t uid; 470 1.1 mycroft gid_t gid; 471 1.15 wrstuden int error, tmpid, nentries, gnentries, flags; 472 1.4 cgd u_long (*mapdata)[2]; 473 1.4 cgd u_long (*gmapdata)[2]; 474 1.1 mycroft struct vnode **vp1p; 475 1.17 jdolecek const struct vnodeop_desc *descp = ap->a_desc; 476 1.1 mycroft 477 1.5 christos if ((error = umap_bypass(ap)) != 0) 478 1.1 mycroft return (error); 479 1.1 mycroft /* Requires that arguments be restored. */ 480 1.25 christos ap->a_vap->va_fsid = ap->a_vp->v_mount->mnt_stat.f_fsidx.__fsid_val[0]; 481 1.1 mycroft 482 1.15 wrstuden flags = MOUNTTOUMAPMOUNT(ap->a_vp->v_mount)->umapm_flags; 483 1.1 mycroft /* 484 1.1 mycroft * Umap needs to map the uid and gid returned by a stat 485 1.1 mycroft * into the proper values for this site. This involves 486 1.1 mycroft * finding the returned uid in the mapping information, 487 1.1 mycroft * translating it into the uid on the other end, 488 1.1 mycroft * and filling in the proper field in the vattr 489 1.1 mycroft * structure pointed to by ap->a_vap. The group 490 1.1 mycroft * is easier, since currently all groups will be 491 1.1 mycroft * translate to the NULLGROUP. 492 1.1 mycroft */ 493 1.1 mycroft 494 1.1 mycroft /* Find entry in map */ 495 1.1 mycroft 496 1.1 mycroft uid = ap->a_vap->va_uid; 497 1.1 mycroft gid = ap->a_vap->va_gid; 498 1.15 wrstuden if ((flags & LAYERFS_MBYPASSDEBUG)) 499 1.33 perry printf("umap_getattr: mapped uid = %d, mapped gid = %d\n", uid, 500 1.1 mycroft gid); 501 1.1 mycroft 502 1.1 mycroft vp1p = VOPARG_OFFSETTO(struct vnode**, descp->vdesc_vp_offsets[0], ap); 503 1.1 mycroft nentries = MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_nentries; 504 1.1 mycroft mapdata = (MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_mapdata); 505 1.1 mycroft gnentries = MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_gnentries; 506 1.1 mycroft gmapdata = (MOUNTTOUMAPMOUNT((*vp1p)->v_mount)->info_gmapdata); 507 1.1 mycroft 508 1.1 mycroft /* Reverse map the uid for the vnode. Since it's a reverse 509 1.1 mycroft map, we can't use umap_mapids() to do it. */ 510 1.1 mycroft 511 1.1 mycroft tmpid = umap_reverse_findid(uid, mapdata, nentries); 512 1.1 mycroft 513 1.1 mycroft if (tmpid != -1) { 514 1.1 mycroft ap->a_vap->va_uid = (uid_t) tmpid; 515 1.15 wrstuden if ((flags & LAYERFS_MBYPASSDEBUG)) 516 1.8 christos printf("umap_getattr: original uid = %d\n", uid); 517 1.33 perry } else 518 1.1 mycroft ap->a_vap->va_uid = (uid_t) NOBODY; 519 1.1 mycroft 520 1.1 mycroft /* Reverse map the gid for the vnode. */ 521 1.1 mycroft 522 1.1 mycroft tmpid = umap_reverse_findid(gid, gmapdata, gnentries); 523 1.1 mycroft 524 1.1 mycroft if (tmpid != -1) { 525 1.1 mycroft ap->a_vap->va_gid = (gid_t) tmpid; 526 1.15 wrstuden if ((flags & LAYERFS_MBYPASSDEBUG)) 527 1.8 christos printf("umap_getattr: original gid = %d\n", gid); 528 1.1 mycroft } else 529 1.1 mycroft ap->a_vap->va_gid = (gid_t) NULLGROUP; 530 1.33 perry 531 1.1 mycroft return (0); 532 1.13 bouyer } 533 1.13 bouyer 534 1.1 mycroft int 535 1.5 christos umap_print(v) 536 1.5 christos void *v; 537 1.5 christos { 538 1.1 mycroft struct vop_print_args /* { 539 1.1 mycroft struct vnode *a_vp; 540 1.5 christos } */ *ap = v; 541 1.1 mycroft struct vnode *vp = ap->a_vp; 542 1.8 christos printf("\ttag VT_UMAPFS, vp=%p, lowervp=%p\n", vp, 543 1.6 cgd UMAPVPTOLOWERVP(vp)); 544 1.1 mycroft return (0); 545 1.1 mycroft } 546 1.1 mycroft 547 1.1 mycroft int 548 1.5 christos umap_rename(v) 549 1.5 christos void *v; 550 1.5 christos { 551 1.1 mycroft struct vop_rename_args /* { 552 1.1 mycroft struct vnode *a_fdvp; 553 1.1 mycroft struct vnode *a_fvp; 554 1.1 mycroft struct componentname *a_fcnp; 555 1.1 mycroft struct vnode *a_tdvp; 556 1.1 mycroft struct vnode *a_tvp; 557 1.1 mycroft struct componentname *a_tcnp; 558 1.5 christos } */ *ap = v; 559 1.15 wrstuden int error, flags; 560 1.1 mycroft struct componentname *compnamep; 561 1.39 elad kauth_cred_t compcredp, savecompcredp; 562 1.1 mycroft struct vnode *vp; 563 1.27 yamt struct vnode *tvp; 564 1.1 mycroft 565 1.1 mycroft /* 566 1.1 mycroft * Rename is irregular, having two componentname structures. 567 1.1 mycroft * We need to map the cre in the second structure, 568 1.1 mycroft * and then bypass takes care of the rest. 569 1.1 mycroft */ 570 1.1 mycroft 571 1.1 mycroft vp = ap->a_fdvp; 572 1.15 wrstuden flags = MOUNTTOUMAPMOUNT(vp->v_mount)->umapm_flags; 573 1.1 mycroft compnamep = ap->a_tcnp; 574 1.1 mycroft compcredp = compnamep->cn_cred; 575 1.1 mycroft 576 1.1 mycroft savecompcredp = compcredp; 577 1.39 elad compcredp = compnamep->cn_cred = kauth_cred_dup(savecompcredp); 578 1.1 mycroft 579 1.39 elad if ((flags & LAYERFS_MBYPASSDEBUG) && 580 1.40 elad kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, 581 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 582 1.33 perry printf("umap_rename: rename component credit user was %d, group %d\n", 583 1.39 elad kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); 584 1.1 mycroft 585 1.1 mycroft /* Map all ids in the credential structure. */ 586 1.1 mycroft 587 1.1 mycroft umap_mapids(vp->v_mount, compcredp); 588 1.1 mycroft 589 1.39 elad if ((flags & LAYERFS_MBYPASSDEBUG) && 590 1.40 elad kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER, 591 1.40 elad NULL) != KAUTH_RESULT_ALLOW) 592 1.33 perry printf("umap_rename: rename component credit user now %d, group %d\n", 593 1.39 elad kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp)); 594 1.1 mycroft 595 1.27 yamt tvp = ap->a_tvp; 596 1.27 yamt if (tvp) { 597 1.27 yamt if (tvp->v_mount != vp->v_mount) 598 1.27 yamt tvp = NULL; 599 1.27 yamt else 600 1.27 yamt vref(tvp); 601 1.27 yamt } 602 1.1 mycroft error = umap_bypass(ap); 603 1.27 yamt if (tvp) { 604 1.27 yamt if (error == 0) 605 1.27 yamt VTOLAYER(tvp)->layer_flags |= LAYERFS_REMOVED; 606 1.27 yamt vrele(tvp); 607 1.27 yamt } 608 1.33 perry 609 1.1 mycroft /* Restore the additional mapped componentname cred structure. */ 610 1.1 mycroft 611 1.39 elad kauth_cred_free(compcredp); 612 1.1 mycroft compnamep->cn_cred = savecompcredp; 613 1.1 mycroft 614 1.1 mycroft return error; 615 1.1 mycroft } 616
Indexes created Mon Sep 22 13:09:51 GMT 2025