4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 1988, 2010, Oracle and/or its affiliates. All rights reserved.
26 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
27 /* All Rights Reserved */
30 * University Copyright- Copyright (c) 1982, 1986, 1988
31 * The Regents of the University of California
34 * University Acknowledgment- Portions of this document are derived from
35 * software developed by the University of California, Berkeley, and its
39 #include <sys/types.h>
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/cpuvar.h>
43 #include <sys/errno.h>
48 #include <sys/vnode.h>
49 #include <sys/pathname.h>
51 #include <sys/vtrace.h>
52 #include <sys/sysmacros.h>
53 #include <sys/debug.h>
54 #include <sys/dirent.h>
58 #include <sys/fs/snode.h>
60 /* Controls whether paths are stored with vnodes. */
61 int vfs_vnode_path
= 1;
71 return (lookupnameatcred(fnamep
, seg
, followlink
, dirvpp
, compvpp
, NULL
,
76 * Lookup the user file name,
77 * Handle allocation and freeing of pathname buffer, return error.
81 char *fnamep
, /* user pathname */
82 enum uio_seg seg
, /* addr space that name is in */
83 int followlink
, /* follow sym links */
84 vnode_t
**dirvpp
, /* ret for ptr to parent dir vnode */
85 vnode_t
**compvpp
, /* ret for ptr to component vnode */
86 vnode_t
*startvp
, /* start path search from vp */
87 cred_t
*cr
) /* credential */
89 char namebuf
[TYPICALMAXPATHLEN
];
90 struct pathname lookpn
;
93 error
= pn_get_buf(fnamep
, seg
, &lookpn
, namebuf
, sizeof (namebuf
));
95 error
= lookuppnatcred(&lookpn
, NULL
, followlink
,
96 dirvpp
, compvpp
, startvp
, cr
);
98 if (error
== ENAMETOOLONG
) {
100 * This thread used a pathname > TYPICALMAXPATHLEN bytes long.
102 if (error
= pn_get(fnamep
, seg
, &lookpn
))
104 error
= lookuppnatcred(&lookpn
, NULL
, followlink
,
105 dirvpp
, compvpp
, startvp
, cr
);
113 lookupnameat(char *fnamep
, enum uio_seg seg
, int followlink
,
114 vnode_t
**dirvpp
, vnode_t
**compvpp
, vnode_t
*startvp
)
116 return (lookupnameatcred(fnamep
, seg
, followlink
, dirvpp
, compvpp
,
122 struct pathname
*pnp
,
123 struct pathname
*rpnp
,
128 return (lookuppnatcred(pnp
, rpnp
, followlink
, dirvpp
, compvpp
, NULL
,
133 * Lookup the user file name from a given vp, using a specific credential.
137 struct pathname
*pnp
, /* pathname to lookup */
138 struct pathname
*rpnp
, /* if non-NULL, return resolved path */
139 int followlink
, /* (don't) follow sym links */
140 vnode_t
**dirvpp
, /* ptr for parent vnode */
141 vnode_t
**compvpp
, /* ptr for entry vnode */
142 vnode_t
*startvp
, /* start search from this vp */
143 cred_t
*cr
) /* user credential */
145 vnode_t
*vp
; /* current directory vp */
149 if (pnp
->pn_pathlen
== 0)
152 mutex_enter(&p
->p_lock
); /* for u_rdir and u_cdir */
153 if ((rootvp
= PTOU(p
)->u_rdir
) == NULL
)
155 else if (rootvp
!= rootdir
) /* no need to VN_HOLD rootdir */
158 if (pnp
->pn_path
[0] == '/') {
161 vp
= (startvp
== NULL
) ? PTOU(p
)->u_cdir
: startvp
;
164 mutex_exit(&p
->p_lock
);
167 * Skip over leading slashes
169 if (pnp
->pn_path
[0] == '/') {
173 } while (pnp
->pn_path
[0] == '/');
176 return (lookuppnvp(pnp
, rpnp
, followlink
, dirvpp
,
177 compvpp
, rootvp
, vp
, cr
));
181 lookuppnat(struct pathname
*pnp
, struct pathname
*rpnp
,
182 int followlink
, vnode_t
**dirvpp
, vnode_t
**compvpp
,
185 return (lookuppnatcred(pnp
, rpnp
, followlink
, dirvpp
, compvpp
, startvp
,
189 /* Private flag to do our getcwd() dirty work */
190 #define LOOKUP_CHECKREAD 0x10
191 #define LOOKUP_MASK (~LOOKUP_CHECKREAD)
194 * Starting at current directory, translate pathname pnp to end.
195 * Leave pathname of final component in pnp, return the vnode
196 * for the final component in *compvpp, and return the vnode
197 * for the parent of the final component in dirvpp.
199 * This is the central routine in pathname translation and handles
200 * multiple components in pathnames, separating them at /'s. It also
201 * implements mounted file systems and processes symbolic links.
203 * vp is the vnode where the directory search should start.
205 * Reference counts: vp must be held prior to calling this function. rootvp
206 * should only be held if rootvp != rootdir.
210 struct pathname
*pnp
, /* pathname to lookup */
211 struct pathname
*rpnp
, /* if non-NULL, return resolved path */
212 int flags
, /* follow symlinks */
213 vnode_t
**dirvpp
, /* ptr for parent vnode */
214 vnode_t
**compvpp
, /* ptr for entry vnode */
215 vnode_t
*rootvp
, /* rootvp */
216 vnode_t
*vp
, /* directory to start search at */
217 cred_t
*cr
) /* user's credential */
219 vnode_t
*cvp
; /* current component vp */
220 vnode_t
*tvp
; /* addressable temp ptr */
221 char component
[MAXNAMELEN
]; /* buffer for component (incl null) */
225 struct pathname presrvd
; /* case preserved name */
226 struct pathname
*pp
= NULL
;
228 vnode_t
*zonevp
= curproc
->p_zone
->zone_rootvp
; /* zone root */
229 int must_be_directory
= 0;
230 boolean_t retry_with_kcred
;
231 uint32_t auditing
= AU_AUDITING();
233 CPU_STATS_ADDQ(CPU
, sys
, namei
, 1);
237 rpnp
->pn_pathlen
= 0;
239 lookup_flags
= dirvpp
? LOOKUP_DIR
: 0;
240 if (flags
& FIGNORECASE
) {
241 lookup_flags
|= FIGNORECASE
;
247 audit_anchorpath(pnp
, vp
== rootvp
);
250 * Eliminate any trailing slashes in the pathname.
251 * If there are any, we must follow all symlinks.
252 * Also, we must guarantee that the last component is a directory.
254 if (pn_fixslash(pnp
)) {
256 must_be_directory
= 1;
261 retry_with_kcred
= B_FALSE
;
264 * Make sure we have a directory.
266 if (vp
->v_type
!= VDIR
) {
271 if (rpnp
&& VN_CMP(vp
, rootvp
))
272 (void) pn_set(rpnp
, "/");
275 * Process the next component of the pathname.
277 if (error
= pn_getcomponent(pnp
, component
)) {
282 * Handle "..": two special cases.
283 * 1. If we're at the root directory (e.g. after chroot or
284 * zone_enter) then change ".." to "." so we can't get
285 * out of this subtree.
286 * 2. If this vnode is the root of a mounted file system,
287 * then replace it with the vnode that was mounted on
288 * so that we take the ".." in the other file system.
290 if (component
[0] == '.' && component
[1] == '.' && component
[2] == 0) {
292 if (VN_CMP(vp
, rootvp
) || VN_CMP(vp
, zonevp
)) {
294 } else if (vp
->v_flag
& VROOT
) {
299 * While we deal with the vfs pointer from the vnode
300 * the filesystem could have been forcefully unmounted
301 * and the vnode's v_vfsp could have been invalidated
302 * by VFS_UNMOUNT. Hence, we cache v_vfsp and use it
303 * with vfs_rlock_wait/vfs_unlock.
304 * It is safe to use the v_vfsp even it is freed by
305 * VFS_UNMOUNT because vfs_rlock_wait/vfs_unlock
306 * do not dereference v_vfsp. It is just used as a
308 * One more corner case here is the memory getting
309 * reused for another vfs structure. In this case
310 * lookuppnvp's vfs_rlock_wait will succeed, domount's
311 * vfs_lock will fail and domount will bail out with an
317 * This lock is used to synchronize
318 * mounts/unmounts and lookups.
319 * Threads doing mounts/unmounts hold the
320 * writers version vfs_lock_wait().
323 vfs_rlock_wait(vfsp
);
326 * If this vnode is on a file system that
327 * has been forcibly unmounted,
328 * we can't proceed. Cancel this operation
331 * vfs_vnodecovered is NULL if unmounted.
332 * Currently, nfs uses VFS_UNMOUNTED to
333 * check if it's a forced-umount. Keep the
334 * same checking here as well even though it
337 if (((vp
= cvp
->v_vfsp
->vfs_vnodecovered
) == NULL
) ||
338 (cvp
->v_vfsp
->vfs_flag
& VFS_UNMOUNTED
)) {
350 * Crossing mount points. For eg: We are doing
351 * a lookup of ".." for file systems root vnode
352 * mounted here, and VOP_LOOKUP() (with covered vnode)
353 * will be on underlying file systems mount point
354 * vnode. Set retry_with_kcred flag as we might end
355 * up doing VOP_LOOKUP() with kcred if required.
357 retry_with_kcred
= B_TRUE
;
363 * LOOKUP_CHECKREAD is a private flag used by vnodetopath() to indicate
364 * that we need to have read permission on every directory in the entire
365 * path. This is used to ensure that a forward-lookup of a cached value
366 * has the same effect as a reverse-lookup when the cached value cannot
369 if ((flags
& LOOKUP_CHECKREAD
) &&
370 (error
= VOP_ACCESS(vp
, VREAD
, 0, cr
, NULL
)) != 0)
374 * Perform a lookup in the current directory.
376 error
= VOP_LOOKUP(vp
, component
, &tvp
, pnp
, lookup_flags
,
377 rootvp
, cr
, NULL
, NULL
, pp
);
380 * Retry with kcred - If crossing mount points & error is EACCES.
382 * If we are crossing mount points here and doing ".." lookup,
383 * VOP_LOOKUP() might fail if the underlying file systems
384 * mount point has no execute permission. In cases like these,
385 * we retry VOP_LOOKUP() by giving as much privilage as possible
386 * by passing kcred credentials.
388 * In case of hierarchical file systems, passing kcred still may
390 * For eg: UFS FS --> Mount NFS FS --> Again mount UFS on some
391 * directory inside NFS FS.
393 if ((error
== EACCES
) && retry_with_kcred
)
394 error
= VOP_LOOKUP(vp
, component
, &tvp
, pnp
, lookup_flags
,
395 rootvp
, zone_kcred(), NULL
, NULL
, pp
);
401 * On error, return hard error if
402 * (a) we're not at the end of the pathname yet, or
403 * (b) the caller didn't want the parent directory, or
404 * (c) we failed for some reason other than a missing entry.
406 if (pn_pathleft(pnp
) || dirvpp
== NULL
|| error
!= ENOENT
)
408 if (auditing
) { /* directory access */
409 if (error
= audit_savepath(pnp
, vp
, vp
, error
, cr
))
415 * We inform the caller that the desired entry must be
416 * a directory by adding a '/' to the component name.
418 if (must_be_directory
&& (error
= pn_addslash(pnp
)) != 0)
423 if (rootvp
!= rootdir
)
431 * Traverse mount points.
432 * XXX why don't we need to hold a read lock here (call vn_vfsrlock)?
433 * What prevents a concurrent update to v_vfsmountedhere?
434 * Possible answer: if mounting, we might not see the mount
435 * if it is concurrently coming into existence, but that's
436 * really not much different from the thread running a bit slower.
437 * If unmounting, we may get into traverse() when we shouldn't,
438 * but traverse() will catch this case for us.
439 * (For this to work, fetching v_vfsmountedhere had better
442 if (vn_mountedvfs(cvp
) != NULL
) {
444 if ((error
= traverse(&tvp
)) != 0) {
446 * It is required to assign cvp here, because
447 * traverse() will return a held vnode which
448 * may different than the vnode that was passed
449 * in (even in the error case). If traverse()
450 * changes the vnode it releases the original,
451 * and holds the new one.
460 * If we hit a symbolic link and there is more path to be
461 * translated or this operation does not wish to apply
462 * to a link, then place the contents of the link at the
463 * front of the remaining pathname.
465 if (cvp
->v_type
== VLNK
&& ((flags
& FOLLOW
) || pn_pathleft(pnp
))) {
466 struct pathname linkpath
;
468 if (++nlink
> MAXSYMLINKS
) {
473 if (error
= pn_getsymlink(cvp
, &linkpath
, cr
)) {
479 audit_symlink(pnp
, &linkpath
);
481 if (pn_pathleft(&linkpath
) == 0)
482 (void) pn_set(&linkpath
, ".");
483 error
= pn_insert(pnp
, &linkpath
, strlen(component
));
489 if (pnp
->pn_pathlen
== 0) {
493 if (pnp
->pn_path
[0] == '/') {
497 } while (pnp
->pn_path
[0] == '/');
503 audit_anchorpath(pnp
, vp
== rootvp
);
504 if (pn_fixslash(pnp
)) {
506 must_be_directory
= 1;
512 * If rpnp is non-NULL, remember the resolved path name therein.
513 * Do not include "." components. Collapse occurrences of
514 * "previous/..", so long as "previous" is not itself "..".
515 * Exhausting rpnp results in error ENAMETOOLONG.
517 if (rpnp
&& strcmp(component
, ".") != 0) {
520 if (strcmp(component
, "..") == 0 &&
521 rpnp
->pn_pathlen
!= 0 &&
522 !((rpnp
->pn_pathlen
> 2 &&
523 strncmp(rpnp
->pn_path
+rpnp
->pn_pathlen
-3, "/..", 3) == 0) ||
524 (rpnp
->pn_pathlen
== 2 &&
525 strncmp(rpnp
->pn_path
, "..", 2) == 0))) {
526 while (rpnp
->pn_pathlen
&&
527 rpnp
->pn_path
[rpnp
->pn_pathlen
-1] != '/')
529 if (rpnp
->pn_pathlen
> 1)
531 rpnp
->pn_path
[rpnp
->pn_pathlen
] = '\0';
533 if (rpnp
->pn_pathlen
!= 0 &&
534 rpnp
->pn_path
[rpnp
->pn_pathlen
-1] != '/')
535 rpnp
->pn_path
[rpnp
->pn_pathlen
++] = '/';
536 if (flags
& FIGNORECASE
) {
538 * Return the case-preserved name
539 * within the resolved path.
541 error
= copystr(pp
->pn_buf
,
542 rpnp
->pn_path
+ rpnp
->pn_pathlen
,
543 rpnp
->pn_bufsize
- rpnp
->pn_pathlen
, &len
);
545 error
= copystr(component
,
546 rpnp
->pn_path
+ rpnp
->pn_pathlen
,
547 rpnp
->pn_bufsize
- rpnp
->pn_pathlen
, &len
);
549 if (error
) /* copystr() returns ENAMETOOLONG */
551 rpnp
->pn_pathlen
+= (len
- 1);
552 ASSERT(rpnp
->pn_bufsize
> rpnp
->pn_pathlen
);
557 * If no more components, return last directory (if wanted) and
558 * last component (if wanted).
560 if (pn_pathleft(pnp
) == 0) {
562 * If there was a trailing slash in the pathname,
563 * make sure the last component is a directory.
565 if (must_be_directory
&& cvp
->v_type
!= VDIR
) {
569 if (dirvpp
!= NULL
) {
571 * Check that we have the real parent and not
572 * an alias of the last component.
574 if (vn_compare(vp
, cvp
)) {
576 (void) audit_savepath(pnp
, cvp
, vp
,
581 if (rootvp
!= rootdir
)
591 (void) audit_savepath(pnp
, cvp
, vp
, 0, cr
);
592 if (pnp
->pn_path
== pnp
->pn_buf
)
593 (void) pn_set(pnp
, ".");
597 if (VN_CMP(cvp
, rootvp
))
598 (void) pn_set(rpnp
, "/");
599 else if (rpnp
->pn_pathlen
== 0)
600 (void) pn_set(rpnp
, ".");
607 if (rootvp
!= rootdir
)
615 * Skip over slashes from end of last component.
617 while (pnp
->pn_path
[0] == '/') {
623 * Searched through another level of directory:
624 * release previous directory handle and save new (result
625 * of lookup) as current directory.
633 if (auditing
) /* reached end of path */
634 (void) audit_savepath(pnp
, cvp
, vp
, error
, cr
);
637 * Error. Release vnodes and return.
642 * If the error was ESTALE and the current directory to look in
643 * was the root for this lookup, the root for a mounted file
644 * system, or the starting directory for lookups, then
645 * return ENOENT instead of ESTALE. In this case, no recovery
646 * is possible by the higher level. If ESTALE was returned for
647 * some intermediate directory along the path, then recovery
648 * is potentially possible and retrying from the higher level
649 * will either correct the situation by purging stale cache
650 * entries or eventually get back to the point where no recovery
653 if (error
== ESTALE
&&
654 (VN_CMP(vp
, rootvp
) || (vp
->v_flag
& VROOT
) || vp
== startvp
))
657 if (rootvp
!= rootdir
)
665 * Traverse a mount point. Routine accepts a vnode pointer as a reference
666 * parameter and performs the indirection, releasing the original vnode.
669 traverse(vnode_t
**cvpp
)
679 * If this vnode is mounted on, then we transparently indirect
680 * to the vnode which is the root of the mounted file system.
681 * Before we do this we must check that an unmount is not in
682 * progress on this vnode.
687 * Try to read lock the vnode. If this fails because
688 * the vnode is already write locked, then check to
689 * see whether it is the current thread which locked
690 * the vnode. If it is not, then read lock the vnode
691 * by waiting to acquire the lock.
693 * The code path in domount() is an example of support
694 * which needs to look up two pathnames and locks one
695 * of them in between the two lookups.
697 error
= vn_vfsrlock(cvp
);
699 if (!vn_vfswlock_held(cvp
))
700 error
= vn_vfsrlock_wait(cvp
);
703 * lookuppn() expects a held vnode to be
704 * returned because it promptly calls
705 * VN_RELE after the error return
713 * Reached the end of the mount chain?
715 vfsp
= vn_mountedvfs(cvp
);
722 * The read lock must be held across the call to VFS_ROOT() to
723 * prevent a concurrent unmount from destroying the vfs.
725 error
= VFS_ROOT(vfsp
, &tvp
);
741 * Return the lowermost vnode if this is a mountpoint.
744 vn_under(vnode_t
*vp
)
749 while (vp
->v_flag
& VROOT
) {
752 vfs_rlock_wait(vfsp
);
753 if ((uvp
= vfsp
->vfs_vnodecovered
) == NULL
||
754 (vfsp
->vfs_flag
& VFS_UNMOUNTED
)) {
768 vnode_match(vnode_t
*v1
, vnode_t
*v2
, cred_t
*cr
)
770 vattr_t v1attr
, v2attr
;
773 * If we have a device file, check to see if is a cloned open of the
774 * same device. For self-cloning devices, the major numbers will match.
775 * For devices cloned through the 'clone' driver, the minor number of
776 * the source device will be the same as the major number of the cloned
779 if ((v1
->v_type
== VCHR
|| v1
->v_type
== VBLK
) &&
780 v1
->v_type
== v2
->v_type
) {
781 if ((spec_is_selfclone(v1
) || spec_is_selfclone(v2
)) &&
782 getmajor(v1
->v_rdev
) == getmajor(v2
->v_rdev
))
785 if (spec_is_clone(v1
) &&
786 getmajor(v1
->v_rdev
) == getminor(v2
->v_rdev
))
789 if (spec_is_clone(v2
) &&
790 getmajor(v2
->v_rdev
) == getminor(v1
->v_rdev
))
794 v1attr
.va_mask
= v2attr
.va_mask
= AT_TYPE
;
797 * This check for symbolic links handles the pseudo-symlinks in procfs.
798 * These particular links have v_type of VDIR, but the attributes have a
799 * type of VLNK. We need to avoid these links because otherwise if we
800 * are currently in '/proc/self/fd', then '/proc/self/cwd' will compare
803 if (VOP_GETATTR(v1
, &v1attr
, 0, cr
, NULL
) != 0 ||
804 VOP_GETATTR(v2
, &v2attr
, 0, cr
, NULL
) != 0 ||
805 v1attr
.va_type
== VLNK
|| v2attr
.va_type
== VLNK
)
808 v1attr
.va_mask
= v2attr
.va_mask
= AT_TYPE
| AT_FSID
| AT_NODEID
;
810 if (VOP_GETATTR(v1
, &v1attr
, ATTR_REAL
, cr
, NULL
) != 0 ||
811 VOP_GETATTR(v2
, &v2attr
, ATTR_REAL
, cr
, NULL
) != 0)
814 return (v1attr
.va_fsid
== v2attr
.va_fsid
&&
815 v1attr
.va_nodeid
== v2attr
.va_nodeid
);
820 * Find the entry in the directory corresponding to the target vnode.
823 dirfindvp(vnode_t
*vrootp
, vnode_t
*dvp
, vnode_t
*tvp
, cred_t
*cr
, char *dbuf
,
824 size_t dlen
, dirent64_t
**rdp
)
835 ASSERT(dvp
->v_type
== VDIR
);
838 * This is necessary because of the strange semantics of VOP_LOOKUP().
840 bzero(&pnp
, sizeof (pnp
));
846 uio
.uio_segflg
= UIO_SYSSPACE
;
848 uio
.uio_extflg
= UIO_COPY_CACHED
;
851 if ((error
= VOP_ACCESS(dvp
, VREAD
, 0, cr
, NULL
)) != 0)
855 uio
.uio_resid
= dlen
;
859 (void) VOP_RWLOCK(dvp
, V_WRITELOCK_FALSE
, NULL
);
860 error
= VOP_READDIR(dvp
, &uio
, cr
, &eof
, NULL
, 0);
861 VOP_RWUNLOCK(dvp
, V_WRITELOCK_FALSE
, NULL
);
863 dbuflen
= dlen
- uio
.uio_resid
;
865 if (error
|| dbuflen
== 0)
868 dp
= (dirent64_t
*)dbuf
;
869 while ((intptr_t)dp
< (intptr_t)dbuf
+ dbuflen
) {
871 * Ignore '.' and '..' entries
873 if (strcmp(dp
->d_name
, ".") == 0 ||
874 strcmp(dp
->d_name
, "..") == 0) {
875 dp
= (dirent64_t
*)((intptr_t)dp
+
880 error
= VOP_LOOKUP(dvp
, dp
->d_name
, &cmpvp
, &pnp
, 0,
881 vrootp
, cr
, NULL
, NULL
, NULL
);
884 * We only want to bail out if there was an error other
885 * than ENOENT. Otherwise, it could be that someone
886 * just removed an entry since the readdir() call, and
887 * the entry we want is further on in the directory.
890 if (vnode_match(tvp
, cmpvp
, cr
)) {
897 } else if (error
!= ENOENT
) {
901 dp
= (dirent64_t
*)((intptr_t)dp
+ dp
->d_reclen
);
906 * Something strange has happened, this directory does not contain the
907 * specified vnode. This should never happen in the normal case, since
908 * we ensured that dvp is the parent of vp. This is possible in some
909 * rare conditions (races and the special .zfs directory).
912 error
= VOP_LOOKUP(dvp
, ".zfs", &cmpvp
, &pnp
, 0, vrootp
, cr
,
915 if (vnode_match(tvp
, cmpvp
, cr
)) {
916 (void) strcpy(dp
->d_name
, ".zfs");
917 dp
->d_reclen
= strlen(".zfs");
932 * Given a global path (from rootdir), and a vnode that is the current root,
933 * return the portion of the path that is beneath the current root or NULL on
934 * failure. The path MUST be a resolved path (no '..' entries or symlinks),
935 * otherwise this function will fail.
938 localpath(char *path
, struct vnode
*vrootp
, cred_t
*cr
)
942 char component
[MAXNAMELEN
];
947 * We use vn_compare() instead of VN_CMP() in order to detect lofs
948 * mounts and stacked vnodes.
950 if (vn_compare(vrootp
, rootdir
))
953 if (pn_get(path
, UIO_SYSSPACE
, &pn
) != 0)
959 if (vn_ismntpt(vp
) && traverse(&vp
) != 0) {
965 while (pn_pathleft(&pn
)) {
968 if (pn_getcomponent(&pn
, component
) != 0)
971 if (VOP_LOOKUP(vp
, component
, &cvp
, &pn
, 0, rootdir
, cr
,
972 NULL
, NULL
, NULL
) != 0)
977 if (vn_ismntpt(vp
) && traverse(&vp
) != 0)
980 if (vn_compare(vp
, vrootp
)) {
981 ret
= path
+ (pn
.pn_path
- pn
.pn_buf
);
993 * Given a directory, return the full, resolved path. This looks up "..",
994 * searches for the given vnode in the parent, appends the component, etc. It
995 * is used to implement vnodetopath() and getcwd() when the cached path fails.
998 dirtopath(vnode_t
*vrootp
, vnode_t
*vp
, char *buf
, size_t buflen
, int flags
,
1001 pathname_t pn
, rpn
, emptypn
;
1002 vnode_t
*cmpvp
, *pvp
= NULL
;
1003 vnode_t
*startvp
= vp
;
1004 int err
= 0, vprivs
;
1009 size_t dlen
= DIRENT64_RECLEN(MAXPATHLEN
);
1012 /* Operation only allowed on directories */
1013 ASSERT(vp
->v_type
== VDIR
);
1015 /* We must have at least enough space for "/" */
1017 return (ENAMETOOLONG
);
1019 /* Start at end of string with terminating null */
1020 bufloc
= &buf
[buflen
- 1];
1025 dbuf
= kmem_alloc(dlen
, KM_SLEEP
);
1026 bzero(&emptypn
, sizeof (emptypn
));
1029 * Begin with an additional reference on vp. This will be decremented
1036 * Return if we've reached the root. If the buffer is empty,
1037 * return '/'. We explicitly don't use vn_compare(), since it
1038 * compares the real vnodes. A lofs mount of '/' would produce
1039 * incorrect results otherwise.
1041 if (VN_CMP(vrootp
, vp
)) {
1042 if (*bufloc
== '\0')
1048 * If we've reached the VFS root, something has gone wrong. We
1049 * should have reached the root in the above check. The only
1050 * explantation is that 'vp' is not contained withing the given
1051 * root, in which case we return EPERM.
1053 if (VN_CMP(rootdir
, vp
)) {
1059 * Shortcut: see if this vnode is a mountpoint. If so,
1060 * grab the path information from the vfs_t.
1062 if (vp
->v_flag
& VROOT
) {
1064 mntpt
= vfs_getmntpoint(vp
->v_vfsp
);
1065 if ((err
= pn_set(&pn
, (char *)refstr_value(mntpt
)))
1068 rpn
.pn_path
= rpn
.pn_buf
;
1071 * Ensure the mountpoint still exists.
1074 if (vrootp
!= rootdir
)
1076 if (lookuppnvp(&pn
, &rpn
, flags
, NULL
,
1077 &cmpvp
, vrootp
, vrootp
, cr
) == 0) {
1079 if (VN_CMP(vp
, cmpvp
)) {
1082 complen
= strlen(rpn
.pn_path
);
1088 bcopy(rpn
.pn_path
, bufloc
,
1101 * Shortcut: see if this vnode has correct v_path. If so,
1102 * we have the work done.
1104 mutex_enter(&vp
->v_lock
);
1105 if (vp
->v_path
!= NULL
) {
1107 if ((err
= pn_set(&pn
, vp
->v_path
)) == 0) {
1108 mutex_exit(&vp
->v_lock
);
1109 rpn
.pn_path
= rpn
.pn_buf
;
1112 * Ensure the v_path pointing to correct vnode
1115 if (vrootp
!= rootdir
)
1117 if (lookuppnvp(&pn
, &rpn
, flags
, NULL
,
1118 &cmpvp
, vrootp
, vrootp
, cr
) == 0) {
1120 if (VN_CMP(vp
, cmpvp
)) {
1123 complen
= strlen(rpn
.pn_path
);
1129 bcopy(rpn
.pn_path
, bufloc
,
1137 mutex_exit(&vp
->v_lock
);
1140 mutex_exit(&vp
->v_lock
);
1144 * Shortcuts failed, search for this vnode in its parent. If
1145 * this is a mountpoint, then get the vnode underneath.
1147 if (vp
->v_flag
& VROOT
)
1149 if ((err
= VOP_LOOKUP(vp
, "..", &pvp
, &emptypn
, 0, vrootp
, cr
,
1150 NULL
, NULL
, NULL
)) != 0)
1154 * With extended attributes, it's possible for a directory to
1155 * have a parent that is a regular file. Check for that here.
1157 if (pvp
->v_type
!= VDIR
) {
1163 * If this is true, something strange has happened. This is
1164 * only true if we are the root of a filesystem, which should
1165 * have been caught by the check above.
1167 if (VN_CMP(pvp
, vp
)) {
1173 * Check if we have read and search privilege so, that
1174 * we can lookup the path in the directory
1176 vprivs
= (flags
& LOOKUP_CHECKREAD
) ? VREAD
| VEXEC
: VEXEC
;
1177 if ((err
= VOP_ACCESS(pvp
, vprivs
, 0, cr
, NULL
)) != 0) {
1182 * Try to obtain the path component from dnlc cache
1183 * before searching through the directory.
1185 if ((cmpvp
= dnlc_reverse_lookup(vp
, dbuf
, dlen
)) != NULL
) {
1187 * If we got parent vnode as a result,
1188 * then the answered path is correct.
1190 if (VN_CMP(cmpvp
, pvp
)) {
1192 complen
= strlen(dbuf
);
1194 if (bufloc
<= buf
) {
1198 bcopy(dbuf
, bufloc
, complen
);
1200 /* Prepend a slash to the current path */
1203 /* And continue with the next component */
1214 * Search the parent directory for the entry corresponding to
1217 if ((err
= dirfindvp(vrootp
, pvp
, vp
, cr
, dbuf
, dlen
, &dp
))
1220 complen
= strlen(dp
->d_name
);
1222 if (bufloc
<= buf
) {
1226 bcopy(dp
->d_name
, bufloc
, complen
);
1228 /* Prepend a slash to the current path. */
1231 /* And continue with the next component */
1238 * Place the path at the beginning of the buffer.
1241 ovbcopy(bufloc
, buf
, buflen
- (bufloc
- buf
));
1245 * If the error was ESTALE and the current directory to look in
1246 * was the root for this lookup, the root for a mounted file
1247 * system, or the starting directory for lookups, then
1248 * return ENOENT instead of ESTALE. In this case, no recovery
1249 * is possible by the higher level. If ESTALE was returned for
1250 * some intermediate directory along the path, then recovery
1251 * is potentially possible and retrying from the higher level
1252 * will either correct the situation by purging stale cache
1253 * entries or eventually get back to the point where no recovery
1256 if (err
== ESTALE
&&
1257 (VN_CMP(vp
, vrootp
) || (vp
->v_flag
& VROOT
) || vp
== startvp
))
1260 kmem_free(dbuf
, dlen
);
1271 * The additional flag, LOOKUP_CHECKREAD, is used to enforce artificial
1272 * constraints in order to be standards compliant. For example, if we have
1273 * the cached path of '/foo/bar', and '/foo' has permissions 100 (execute
1274 * only), then we can legitimately look up the path to the current working
1275 * directory without needing read permission. Existing standards tests,
1276 * however, assume that we are determining the path by repeatedly looking up
1277 * "..". We need to keep this behavior in order to maintain backwards
1281 vnodetopath_common(vnode_t
*vrootp
, vnode_t
*vp
, char *buf
, size_t buflen
,
1282 cred_t
*cr
, int flags
)
1286 vnode_t
*compvp
, *pvp
, *realvp
;
1287 proc_t
*p
= curproc
;
1288 char path
[MAXNAMELEN
];
1292 * If vrootp is NULL, get the root for curproc. Callers with any other
1293 * requirements should pass in a different vrootp.
1295 if (vrootp
== NULL
) {
1296 mutex_enter(&p
->p_lock
);
1297 if ((vrootp
= PTOU(p
)->u_rdir
) == NULL
)
1300 mutex_exit(&p
->p_lock
);
1306 * This is to get around an annoying artifact of the /proc filesystem,
1307 * which is the behavior of {cwd/root}. Trying to resolve this path
1308 * will result in /proc/pid/cwd instead of whatever the real working
1309 * directory is. We can't rely on VOP_REALVP(), since that will break
1310 * lofs. The only difference between procfs and lofs is that opening
1311 * the file will return the underling vnode in the case of procfs.
1313 if (vp
->v_type
== VDIR
&& VOP_REALVP(vp
, &realvp
, NULL
) == 0 &&
1316 if (VOP_OPEN(&vp
, FREAD
, cr
, NULL
) == 0)
1325 * Check to see if we have a cached path in the vnode.
1327 mutex_enter(&vp
->v_lock
);
1328 if (vp
->v_path
!= NULL
) {
1329 (void) pn_set(&pn
, vp
->v_path
);
1330 mutex_exit(&vp
->v_lock
);
1334 /* We should only cache absolute paths */
1335 ASSERT(pn
.pn_buf
[0] == '/');
1338 * If we are in a zone or a chroot environment, then we have to
1339 * take additional steps, since the path to the root might not
1340 * be readable with the current credentials, even though the
1341 * process can legitmately access the file. In this case, we
1344 * lookuppnvp() with all privileges to get the resolved path.
1345 * call localpath() to get the local portion of the path, and
1346 * continue as normal.
1348 * If the the conversion to a local path fails, then we continue
1349 * as normal. This is a heuristic to make process object file
1350 * paths available from within a zone. Because lofs doesn't
1351 * support page operations, the vnode stored in the seg_t is
1352 * actually the underlying real vnode, not the lofs node itself.
1353 * Most of the time, the lofs path is the same as the underlying
1354 * vnode (for example, /usr/lib/libc.so.1).
1356 if (vrootp
!= rootdir
) {
1359 if (lookuppnvp(&pn
, &rpn
, FOLLOW
,
1360 NULL
, &compvp
, rootdir
, rootdir
, kcred
) == 0) {
1361 local
= localpath(rpn
.pn_path
, vrootp
,
1367 * The original pn was changed through lookuppnvp().
1368 * Set it to local for next validation attempt.
1371 (void) pn_set(&pn
, local
);
1378 * We should have a local path at this point, so start the
1379 * search from the root of the current process.
1382 if (vrootp
!= rootdir
)
1384 ret
= lookuppnvp(&pn
, &rpn
, FOLLOW
| flags
, NULL
,
1385 &compvp
, vrootp
, vrootp
, cr
);
1388 * Check to see if the returned vnode is the same as
1389 * the one we expect. If not, give up.
1391 if (!vn_compare(vp
, compvp
) &&
1392 !vnode_match(vp
, compvp
, cr
)) {
1400 * Return the result.
1402 if (buflen
<= rpn
.pn_pathlen
)
1405 bcopy(rpn
.pn_path
, buf
, rpn
.pn_pathlen
+ 1);
1410 (void) VOP_CLOSE(vp
, FREAD
, 1, 0, cr
, NULL
);
1419 mutex_exit(&vp
->v_lock
);
1424 if (vp
->v_type
!= VDIR
) {
1426 * If we don't have a directory, try to find it in the dnlc via
1427 * reverse lookup. Once this is found, we can use the regular
1428 * directory search to find the full path.
1430 if ((pvp
= dnlc_reverse_lookup(vp
, path
, MAXNAMELEN
)) != NULL
) {
1432 * Check if we have read privilege so, that
1433 * we can lookup the path in the directory
1436 if ((flags
& LOOKUP_CHECKREAD
)) {
1437 ret
= VOP_ACCESS(pvp
, VREAD
, 0, cr
, NULL
);
1440 ret
= dirtopath(vrootp
, pvp
, buf
, buflen
,
1445 if (len
+ strlen(path
) + 1 >= buflen
) {
1448 if (buf
[len
- 1] != '/')
1450 bcopy(path
, buf
+ len
,
1459 ret
= dirtopath(vrootp
, vp
, buf
, buflen
, flags
, cr
);
1463 (void) VOP_CLOSE(vp
, FREAD
, 1, 0, cr
, NULL
);
1471 vnodetopath(vnode_t
*vrootp
, vnode_t
*vp
, char *buf
, size_t buflen
, cred_t
*cr
)
1473 return (vnodetopath_common(vrootp
, vp
, buf
, buflen
, cr
, 0));
1477 dogetcwd(char *buf
, size_t buflen
)
1482 refstr_t
*cwd
, *oldcwd
;
1484 pathname_t rpnp
, pnp
;
1485 proc_t
*p
= curproc
;
1488 * Check to see if there is a cached version of the cwd. If so, lookup
1489 * the cached value and make sure it is the same vnode.
1491 mutex_enter(&p
->p_lock
);
1492 if ((cwd
= PTOU(p
)->u_cwd
) != NULL
)
1494 vp
= PTOU(p
)->u_cdir
;
1496 mutex_exit(&p
->p_lock
);
1499 * Make sure we have permission to access the current directory.
1501 if ((ret
= VOP_ACCESS(vp
, VEXEC
, 0, CRED(), NULL
)) != 0) {
1509 value
= refstr_value(cwd
);
1510 if ((ret
= pn_get((char *)value
, UIO_SYSSPACE
, &pnp
)) != 0) {
1518 if (lookuppn(&pnp
, &rpnp
, NO_FOLLOW
, NULL
, &compvp
) == 0) {
1520 if (VN_CMP(vp
, compvp
) &&
1521 strcmp(value
, rpnp
.pn_path
) == 0) {
1526 if (strlen(value
) + 1 > buflen
) {
1528 return (ENAMETOOLONG
);
1530 bcopy(value
, buf
, strlen(value
) + 1);
1544 ret
= vnodetopath_common(NULL
, vp
, buf
, buflen
, CRED(),
1550 * Store the new cwd and replace the existing cached copy.
1553 cwd
= refstr_alloc(buf
);
1557 mutex_enter(&p
->p_lock
);
1558 oldcwd
= PTOU(p
)->u_cwd
;
1559 PTOU(p
)->u_cwd
= cwd
;
1560 mutex_exit(&p
->p_lock
);
1563 refstr_rele(oldcwd
);