| blob | 5833a145880e6fccedc669668794e6baedf22e44 |
1 /*
2 * Copyright (c) 1994 Jan-Simon Pendry
3 * Copyright (c) 1994
4 * The Regents of the University of California. All rights reserved.
5 *
6 * This code is derived from software contributed to Berkeley by
7 * Jan-Simon Pendry.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 * must display the following acknowledgement:
19 * This product includes software developed by the University of
20 * California, Berkeley and its contributors.
21 * 4. Neither the name of the University nor the names of its contributors
22 * may be used to endorse or promote products derived from this software
23 * without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * SUCH DAMAGE.
36 *
37 * @(#)union_subr.c 8.20 (Berkeley) 5/20/95
38 * $FreeBSD: src/sys/miscfs/union/union_subr.c,v 1.43.2.2 2001/12/25 01:44:45 dillon Exp $
39 * $DragonFly: src/sys/vfs/union/union_subr.c,v 1.28 2007/05/06 19:23:35 dillon Exp $
40 */
42 #include <sys/param.h>
43 #include <sys/systm.h>
44 #include <sys/kernel.h>
45 #include <sys/vnode.h>
46 #include <sys/proc.h>
47 #include <sys/namei.h>
48 #include <sys/malloc.h>
49 #include <sys/fcntl.h>
50 #include <sys/file.h>
51 #include <sys/filedesc.h>
52 #include <sys/module.h>
53 #include <sys/mount.h>
54 #include <sys/stat.h>
55 #include <vm/vm.h>
57 #include <vm/vm_zone.h>
63 /* must be power of two, otherwise change UNION_HASH() */
64 #define NHASH 32
66 /* unsigned int ... */
67 #define UNION_HASH(u, l) \
68 (((((uintptr_t) (u)) + ((uintptr_t) l)) >> 8) & (NHASH-1))
93 int
95 {
102 }
104 static int
106 {
111 }
114 }
116 static void
118 {
124 }
125 }
127 /*
128 * union_updatevp:
129 *
130 * The uppervp, if not NULL, must be referenced and not locked by us
131 * The lowervp, if not NULL, must be referenced.
132 *
133 * if uppervp and lowervp match pointers already installed, nothing
134 * happens. The passed vp's (when matching) are not adjusted. This
135 * routine may only be called by union_newupper() and union_newlower().
136 */
138 static void
141 {
147 /*
148 * Ensure locking is ordered from lower to higher
149 * to avoid deadlocks.
150 */
157 }
162 }
171 }
172 }
183 }
184 }
187 }
194 }
199 }
202 }
204 /*
205 * Set a new lowervp. The passed lowervp must be referenced and will be
206 * stored in the vp in a referenced state.
207 */
209 static void
211 {
213 }
215 /*
216 * Set a new uppervp. The passed uppervp must be locked and will be
217 * stored in the vp in a locked state. The caller should not unlock
218 * uppervp.
219 */
221 static void
223 {
225 }
227 /*
228 * Keep track of size changes in the underlying vnodes.
229 * If the size changes, then callback to the vm layer
230 * giving priority to the upper layer size.
231 */
232 void
234 {
236 off_t sz;
238 /* only interested in regular files */
249 }
255 }
261 }
262 }
264 /*
265 * union_allocvp: allocate a union_node and associate it with a
266 * parent union_node and one or two vnodes.
267 *
268 * vpp Holds the returned vnode locked and referenced if no
269 * error occurs.
270 *
271 * mp Holds the mount point. mp may or may not be busied.
272 * allocvp makes no changes to mp.
273 *
274 * dvp Holds the parent union_node to the one we wish to create.
275 * XXX may only be used to traverse an uncopied lowervp-based
276 * tree? XXX
277 *
278 * dvp may or may not be locked. allocvp makes no changes
279 * to dvp.
280 *
281 * upperdvp Holds the parent vnode to uppervp, generally used along
282 * with path component information to create a shadow of
283 * lowervp when uppervp does not exist.
284 *
285 * upperdvp is referenced but unlocked on entry, and will be
286 * dereferenced on return.
287 *
288 * uppervp Holds the new uppervp vnode to be stored in the
289 * union_node we are allocating. uppervp is referenced but
290 * not locked, and will be dereferenced on return.
291 *
292 * lowervp Holds the new lowervp vnode to be stored in the
293 * union_node we are allocating. lowervp is referenced but
294 * not locked, and will be dereferenced on return.
295 *
296 * cnp Holds path component information to be coupled with
297 * lowervp and upperdvp to allow unionfs to create an uppervp
298 * later on. Only used if lowervp is valid. The conents
299 * of cnp is only valid for the duration of the call.
300 *
301 * docache Determine whether this node should be entered in the
302 * cache or whether it should be destroyed as soon as possible.
303 *
304 * all union_nodes are maintained on a singly-linked
305 * list. new nodes are only allocated when they cannot
306 * be found on this list. entries on the list are
307 * removed when the vfs reclaim entry is called.
308 *
309 * a single lock is kept for the entire list. this is
310 * needed because the getnewvnode() function can block
311 * waiting for a vnode to become free, in which case there
312 * may be more than one process trying to get the same
313 * vnode. this lock is only taken if we are going to
314 * call getnewvnode, since the kernel itself is single-threaded.
315 *
316 * if an entry is found on the list, then call vget() to
317 * take a reference. this is done because there may be
318 * zero references to it and so it needs to removed from
319 * the vnode free list.
320 */
322 int
331 {
346 }
348 /* detect the root vnode (and aliases) */
356 }
358 }
360 loop:
382 }
397 }
399 }
400 }
406 }
409 /*
410 * Obtain a lock on the union_node. Everything is unlocked
411 * except for dvp, so check that case. If they match, our
412 * new un is already locked. Otherwise we have to lock our
413 * new un.
414 *
415 * A potential deadlock situation occurs when we are holding
416 * one lock while trying to get another. We must follow
417 * strict ordering rules to avoid it. We try to locate dvp
418 * by scanning up from un_vnode, since the most likely
419 * scenario is un being under dvp.
420 */
429 /*
430 * our new un is above dvp (we never saw dvp
431 * while moving up the tree).
432 */
439 /*
440 * our new un is under dvp
441 */
443 }
445 /*
446 * dvp is NULL, we need to lock un.
447 */
450 /*
451 * dvp == un->un_vnode, we are already locked.
452 */
454 }
459 /*
460 * At this point, the union_node is locked and referenced.
461 *
462 * uppervp is locked and referenced or NULL, lowervp is
463 * referenced or NULL.
464 */
468 uppervp,
470 ));
473 KASSERT(uppervp == NULL || uppervp->v_sysref.refcnt > 0, ("union_allocvp: too few refs %d (at least 1 required) on uppervp", uppervp->v_sysref.refcnt));
476 KASSERT(uppervp->v_sysref.refcnt > 1, ("union_allocvp: too few refs %d (at least 2 required) on uppervp", uppervp->v_sysref.refcnt));
478 }
480 /*
481 * Save information about the lower layer.
482 * This needs to keep track of pathname
483 * and directory information which union_vn_create
484 * might need.
485 */
494 }
497 }
499 /*
500 * and upperdvp
501 */
508 }
512 }
515 /*
516 * otherwise lock the vp list while we call getnewvnode
517 * since that can block.
518 */
523 }
525 /*
526 * Create new node rather then replace old node
527 */
531 /*
532 * If an error occurs clear out vnodes.
533 */
542 }
550 else
575 }
580 }
582 /*
583 * locked refd vpp is returned
584 */
586 out:
591 }
593 int
595 {
602 }
606 }
610 }
614 }
618 }
622 }
625 }
627 /*
628 * copyfile. copy the vnode (fvp) to the vnode (tvp)
629 * using a sequence of reads and writes. both (fvp)
630 * and (tvp) are locked on entry and exit.
631 *
632 * fvp and tvp are both exclusive locked on call, but their refcount's
633 * haven't been bumped at all.
634 */
635 static int
638 {
644 /*
645 * strategy:
646 * allocate a buffer of size MAXBSIZE.
647 * loop doing reads and writes, keeping track
648 * of the current uio offset.
649 * give up at the first sign of trouble.
650 */
660 /* ugly loop follows... */
666 /*
667 * Setup for big read
668 */
679 /*
680 * Get bytes read, handle read eof case and setup for
681 * write loop
682 */
687 /*
688 * Write until an error occurs or our buffer has been
689 * exhausted, then update the offset for the next read.
690 */
703 }
709 }
711 /*
712 *
713 * un's vnode is assumed to be locked on entry and remains locked on exit.
714 */
716 int
719 {
723 /*
724 * If the user does not have read permission, the vnode should not
725 * be copied to upper layer.
726 */
741 /*
742 * XX - should not ignore errors
743 * from VOP_CLOSE
744 */
751 }
755 }
761 /*
762 * Subsequent IOs will go to the top layer, so
763 * call close on the lower vnode and open on the
764 * upper vnode to ensure that the filesystem keeps
765 * its references counts right. This doesn't do
766 * the right thing with (cred) and (FREAD) though.
767 * Ignoring error returns is not right, either.
768 */
775 }
777 }
781 }
783 /*
784 * union_relookup:
785 *
786 * dvp should be locked on entry and will be locked on return. No
787 * net change in the ref count will occur.
788 *
789 * If an error is returned, *vpp will be invalid, otherwise it
790 * will hold a locked, referenced vnode. If *vpp == dvp then
791 * remember that only one exclusive lock is held.
792 */
794 static int
798 {
801 /*
802 * A new componentname structure must be faked up because
803 * there is no way to know where the upper level cnp came
804 * from or what it is being used for. This must duplicate
805 * some of the work done by NDINIT, some of the work done
806 * by namei, some of the work done by lookup and some of
807 * the work done by VOP_LOOKUP when given a CREATE flag.
808 * Conclusion: Horrible.
809 */
820 else
827 /*
828 * Pass dvp unlocked and referenced on call to relookup().
829 *
830 * If an error occurs, dvp will be returned unlocked and dereferenced.
831 */
837 }
840 /*
841 * If no error occurs, dvp will be returned locked with the reference
842 * left as before, and vpp will be returned referenced and locked.
843 *
844 * We want to return with dvp as it was passed to us, so we get
845 * rid of our reference.
846 */
849 }
851 /*
852 * Create a shadow directory in the upper layer.
853 * The new vnode is returned locked.
854 *
855 * (um) points to the union mount structure for access to the
856 * the mounting process's credentials.
857 * (dvp) is the directory in which to create the shadow directory,
858 * it is locked (but not ref'd) on entry and return.
859 * (cnp) is the componentname to be created.
860 * (vpp) is the returned newly created shadow directory, which
861 * is returned locked and ref'd
862 */
863 int
866 {
880 else
884 }
886 /*
887 * policy: when creating the shadow directory in the
888 * upper layer, create it owned by the user who did
889 * the mount, group from parent directory, and mode
890 * 777 modified by umask (ie mostly identical to the
891 * mkdir syscall). (jsp, kb)
892 */
899 /*vput(dvp);*/
901 }
903 /*
904 * Create a whiteout entry in the upper layer.
905 *
906 * (um) points to the union mount structure for access to the
907 * the mounting process's credentials.
908 * (dvp) is the directory in which to create the whiteout.
909 * it is locked on entry and return.
910 * (cnp) is the componentname to be created.
911 */
912 int
915 {
932 else
935 }
939 }
941 /*
942 * union_vn_create: creates and opens a new shadow file
943 * on the upper union layer. this function is similar
944 * in spirit to calling vn_open but it avoids calling namei().
945 * the problem with calling namei is that a) it locks too many
946 * things, and b) it doesn't start at the "right" directory,
947 * whereas relookup is told where to start.
948 *
949 * On entry, the vnode associated with un is locked. It remains locked
950 * on return.
951 *
952 * If no error occurs, *vpp contains a locked referenced vnode for your
953 * use. If an error occurs *vpp iis undefined.
954 */
955 static int
957 {
973 /*
974 * Build a new componentname structure (for the same
975 * reasons outlines in union_mkshadow).
976 * The difference here is that the file is owned by
977 * the current user, rather than by the person who
978 * did the mount, since the current user needs to be
979 * able to write the file (that's why it is being
980 * copied in the first place).
981 */
991 /*
992 * Pass dvp unlocked and referenced on call to relookup().
993 *
994 * If an error occurs, dvp will be returned unlocked and dereferenced.
995 */
1002 /*
1003 * If no error occurs, dvp will be returned locked with the reference
1004 * left as before, and vpp will be returned referenced and locked.
1005 */
1010 else
1013 }
1015 /*
1016 * Good - there was no race to create the file
1017 * so go ahead and create it. The permissions
1018 * on the file will be 0666 modified by the
1019 * current user's umask. Access to the file, while
1020 * it is unioned, will require access to the top *and*
1021 * bottom files. Access when not unioned will simply
1022 * require access to the top-level file.
1023 * TODO: confirm choice of access permissions.
1024 */
1037 }
1040 }
1042 static int
1044 {
1046 }
1048 #if 0
1050 /*
1051 * union_removed_upper:
1052 *
1053 * called with union_node unlocked. XXX
1054 */
1056 void
1058 {
1062 /*
1063 * Do not set the uppervp to NULLVP. If lowervp is NULLVP,
1064 * union node will have neither uppervp nor lowervp. We remove
1065 * the union node from cache, so that it will not be referrenced.
1066 */
1073 }
1078 }
1079 }
1081 #endif
1083 /*
1084 * determine whether a whiteout is needed
1085 * during a remove/rmdir operation.
1086 */
1087 int
1089 {
1100 }
1102 static void
1104 {
1115 }
1118 }
1125 }
1129 {
1145 cnt++;
1158 }
1163 /*vn_lock(*vpp, LK_EXCLUSIVE | LK_RETRY);*/
1175 out:
1178 }
1180 /*
1181 * Guarentee coherency with the VM cache by invalidating any clean VM pages
1182 * associated with this write and updating any dirty VM pages. Since our
1183 * vnode is locked, other processes will not be able to read the pages in
1184 * again until after our write completes.
1185 *
1186 * We also have to be coherent with reads, by flushing any pending dirty
1187 * pages prior to issuing the read.
1188 *
1189 * XXX this is somewhat of a hack at the moment. To support this properly
1190 * we would have to be able to run VOP_READ and VOP_WRITE through the VM
1191 * cache. Then we wouldn't need to worry about coherency.
1192 */
1194 void
1196 {
1197 vm_object_t object;
1198 vm_pindex_t pstart;
1199 vm_pindex_t pend;
1212 }
1214 /*
1215 * Module glue to remove #ifdef UNION from vfs_syscalls.c
1216 */
1217 static int
1219 {
1229 /*
1230 * If the directory is opaque,
1231 * then don't show lower entries
1232 */
1237 }
1238 }
1245 }
1254 }
1255 }
1257 }
1259 static int
1261 {
1271 }
1273 }
1277 union_modevent,
1278 NULL
1279 };