| version 1.2.2.1, 2012/05/10 07:57:02 |
version 1.2.2.2, 2012/05/23 10:08:20 |
|
|
| |
/* $NetBSD$ */ |
| |
|
| |
/*- |
| |
* Copyright (c) 2012 The NetBSD Foundation, Inc. |
| |
* All rights reserved. |
| |
* |
| |
* This code is derived from software contributed to The NetBSD Foundation |
| |
* by Taylor R Campbell. |
| |
* |
| |
* Redistribution and use in source and binary forms, with or without |
| |
* modification, are permitted provided that the following conditions |
| |
* are met: |
| |
* 1. Redistributions of source code must retain the above copyright |
| |
* notice, this list of conditions and the following disclaimer. |
| |
* 2. Redistributions in binary form must reproduce the above copyright |
| |
* notice, this list of conditions and the following disclaimer in the |
| |
* documentation and/or other materials provided with the distribution. |
| |
* |
| |
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS |
| |
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED |
| |
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
| |
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS |
| |
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
| |
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
| |
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
| |
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
| |
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| |
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| |
* POSSIBILITY OF SUCH DAMAGE. |
| |
*/ |
| |
|
| |
/* |
| |
* UFS Rename |
| |
*/ |
| |
|
| |
#include <sys/cdefs.h> |
| |
__KERNEL_RCSID(0, "$NetBSD$"); |
| |
|
| |
#include <sys/param.h> |
| |
#include <sys/buf.h> |
| |
#include <sys/errno.h> |
| |
#include <sys/fstrans.h> |
| |
#include <sys/kauth.h> |
| |
#include <sys/mount.h> |
| |
#include <sys/namei.h> |
| |
#include <sys/pool.h> |
| |
#include <sys/vnode.h> |
| |
#include <sys/vnode_if.h> |
| |
#include <sys/wapbl.h> |
| |
|
| |
#include <miscfs/genfs/genfs.h> |
| |
|
| |
#include <ufs/ufs/dir.h> |
| |
#include <ufs/ufs/inode.h> |
| |
#include <ufs/ufs/ufs_bswap.h> |
| |
#include <ufs/ufs/ufs_extern.h> |
| |
#include <ufs/ufs/ufs_wapbl.h> |
| |
#include <ufs/ufs/ufsmount.h> |
| |
|
| |
/* |
| |
* Forward declarations |
| |
*/ |
| |
|
| |
static int ufs_sane_rename(struct vnode *, struct componentname *, |
| |
struct vnode *, struct componentname *, |
| |
kauth_cred_t, bool); |
| |
static bool ufs_rename_ulr_overlap_p(const struct ufs_lookup_results *, |
| |
const struct ufs_lookup_results *); |
| |
static int ufs_rename_recalculate_fulr(struct vnode *, |
| |
struct ufs_lookup_results *, const struct ufs_lookup_results *, |
| |
const struct componentname *); |
| |
static int ufs_direct_namlen(const struct direct *, const struct vnode *); |
| |
static int ufs_read_dotdot(struct vnode *, kauth_cred_t, ino_t *); |
| |
static int ufs_dirbuf_dotdot_namlen(const struct dirtemplate *, |
| |
const struct vnode *); |
| |
|
| |
static const struct genfs_rename_ops ufs_genfs_rename_ops; |
| |
|
| |
/* |
| |
* ufs_sane_rename: The hairiest vop, with the saner API. |
| |
* |
| |
* Arguments: |
| |
* |
| |
* . fdvp (from directory vnode), |
| |
* . fcnp (from component name), |
| |
* . tdvp (to directory vnode), |
| |
* . tcnp (to component name), |
| |
* . cred (credentials structure), and |
| |
* . posixly_correct (flag for behaviour if target & source link same file). |
| |
* |
| |
* fdvp and tdvp may be the same, and must be referenced and unlocked. |
| |
*/ |
| |
static int |
| |
ufs_sane_rename( |
| |
struct vnode *fdvp, struct componentname *fcnp, |
| |
struct vnode *tdvp, struct componentname *tcnp, |
| |
kauth_cred_t cred, bool posixly_correct) |
| |
{ |
| |
struct ufs_lookup_results fulr, tulr; |
| |
|
| |
return genfs_sane_rename(&ufs_genfs_rename_ops, |
| |
fdvp, fcnp, &fulr, tdvp, tcnp, &tulr, |
| |
cred, posixly_correct); |
| |
} |
| |
|
| |
/* |
| |
* ufs_rename: The hairiest vop, with the insanest API. Defer to |
| |
* genfs_insane_rename immediately. |
| |
*/ |
| |
int |
| |
ufs_rename(void *v) |
| |
{ |
| |
|
| |
return genfs_insane_rename(v, &ufs_sane_rename); |
| |
} |
| |
|
| |
/* |
| |
* ufs_gro_directory_empty_p: Return true if the directory vp is |
| |
* empty. dvp is its parent. |
| |
* |
| |
* vp and dvp must be locked and referenced. |
| |
*/ |
| |
bool |
| |
ufs_gro_directory_empty_p(struct mount *mp, kauth_cred_t cred, |
| |
struct vnode *vp, struct vnode *dvp) |
| |
{ |
| |
|
| |
(void)mp; |
| |
KASSERT(mp != NULL); |
| |
KASSERT(vp != NULL); |
| |
KASSERT(dvp != NULL); |
| |
KASSERT(vp != dvp); |
| |
KASSERT(vp->v_mount == mp); |
| |
KASSERT(dvp->v_mount == mp); |
| |
KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(dvp) == LK_EXCLUSIVE); |
| |
|
| |
return ufs_dirempty(VTOI(vp), VTOI(dvp)->i_number, cred); |
| |
} |
| |
|
| |
/* |
| |
* ufs_gro_rename_check_possible: Check whether a rename is possible |
| |
* independent of credentials. |
| |
*/ |
| |
int |
| |
ufs_gro_rename_check_possible(struct mount *mp, |
| |
struct vnode *fdvp, struct vnode *fvp, |
| |
struct vnode *tdvp, struct vnode *tvp) |
| |
{ |
| |
|
| |
(void)mp; |
| |
KASSERT(mp != NULL); |
| |
KASSERT(fdvp != NULL); |
| |
KASSERT(fvp != NULL); |
| |
KASSERT(tdvp != NULL); |
| |
KASSERT(fdvp != fvp); |
| |
KASSERT(fdvp != tvp); |
| |
KASSERT(tdvp != fvp); |
| |
KASSERT(tdvp != tvp); |
| |
KASSERT(fvp != tvp); |
| |
KASSERT(fdvp->v_type == VDIR); |
| |
KASSERT(tdvp->v_type == VDIR); |
| |
KASSERT(fdvp->v_mount == mp); |
| |
KASSERT(fvp->v_mount == mp); |
| |
KASSERT(tdvp->v_mount == mp); |
| |
KASSERT((tvp == NULL) || (tvp->v_mount == mp)); |
| |
KASSERT(VOP_ISLOCKED(fdvp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(fvp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(tdvp) == LK_EXCLUSIVE); |
| |
KASSERT((tvp == NULL) || (VOP_ISLOCKED(tvp) == LK_EXCLUSIVE)); |
| |
|
| |
return genfs_ufslike_rename_check_possible( |
| |
VTOI(fdvp)->i_flags, VTOI(fvp)->i_flags, |
| |
VTOI(tdvp)->i_flags, (tvp? VTOI(tvp)->i_flags : 0), |
| |
(tvp != NULL), |
| |
IMMUTABLE, APPEND); |
| |
} |
| |
|
| |
/* |
| |
* ufs_gro_rename_check_permitted: Check whether a rename is permitted |
| |
* given our credentials. |
| |
*/ |
| |
int |
| |
ufs_gro_rename_check_permitted(struct mount *mp, kauth_cred_t cred, |
| |
struct vnode *fdvp, struct vnode *fvp, |
| |
struct vnode *tdvp, struct vnode *tvp) |
| |
{ |
| |
|
| |
(void)mp; |
| |
KASSERT(mp != NULL); |
| |
KASSERT(fdvp != NULL); |
| |
KASSERT(fvp != NULL); |
| |
KASSERT(tdvp != NULL); |
| |
KASSERT(fdvp != fvp); |
| |
KASSERT(fdvp != tvp); |
| |
KASSERT(tdvp != fvp); |
| |
KASSERT(tdvp != tvp); |
| |
KASSERT(fvp != tvp); |
| |
KASSERT(fdvp->v_type == VDIR); |
| |
KASSERT(tdvp->v_type == VDIR); |
| |
KASSERT(fdvp->v_mount == mp); |
| |
KASSERT(fvp->v_mount == mp); |
| |
KASSERT(tdvp->v_mount == mp); |
| |
KASSERT((tvp == NULL) || (tvp->v_mount == mp)); |
| |
KASSERT(VOP_ISLOCKED(fdvp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(fvp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(tdvp) == LK_EXCLUSIVE); |
| |
KASSERT((tvp == NULL) || (VOP_ISLOCKED(tvp) == LK_EXCLUSIVE)); |
| |
|
| |
return genfs_ufslike_rename_check_permitted(cred, |
| |
fdvp, VTOI(fdvp)->i_mode, VTOI(fdvp)->i_uid, |
| |
fvp, VTOI(fvp)->i_uid, |
| |
tdvp, VTOI(tdvp)->i_mode, VTOI(tdvp)->i_uid, |
| |
tvp, (tvp? VTOI(tvp)->i_uid : 0)); |
| |
} |
| |
|
| |
/* |
| |
* ufs_gro_remove_check_possible: Check whether a remove is possible |
| |
* independent of credentials. |
| |
*/ |
| |
int |
| |
ufs_gro_remove_check_possible(struct mount *mp, |
| |
struct vnode *dvp, struct vnode *vp) |
| |
{ |
| |
|
| |
(void)mp; |
| |
KASSERT(mp != NULL); |
| |
KASSERT(dvp != NULL); |
| |
KASSERT(vp != NULL); |
| |
KASSERT(dvp != vp); |
| |
KASSERT(dvp->v_type == VDIR); |
| |
KASSERT(vp->v_type != VDIR); |
| |
KASSERT(dvp->v_mount == mp); |
| |
KASSERT(vp->v_mount == mp); |
| |
KASSERT(VOP_ISLOCKED(dvp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE); |
| |
|
| |
return genfs_ufslike_remove_check_possible( |
| |
VTOI(dvp)->i_flags, VTOI(vp)->i_flags, |
| |
IMMUTABLE, APPEND); |
| |
} |
| |
|
| |
/* |
| |
* ufs_gro_remove_check_permitted: Check whether a remove is permitted |
| |
* given our credentials. |
| |
*/ |
| |
int |
| |
ufs_gro_remove_check_permitted(struct mount *mp, kauth_cred_t cred, |
| |
struct vnode *dvp, struct vnode *vp) |
| |
{ |
| |
|
| |
(void)mp; |
| |
KASSERT(mp != NULL); |
| |
KASSERT(dvp != NULL); |
| |
KASSERT(vp != NULL); |
| |
KASSERT(dvp != vp); |
| |
KASSERT(dvp->v_type == VDIR); |
| |
KASSERT(vp->v_type != VDIR); |
| |
KASSERT(dvp->v_mount == mp); |
| |
KASSERT(vp->v_mount == mp); |
| |
KASSERT(VOP_ISLOCKED(dvp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE); |
| |
|
| |
return genfs_ufslike_remove_check_permitted(cred, |
| |
dvp, VTOI(dvp)->i_mode, VTOI(dvp)->i_uid, vp, VTOI(vp)->i_uid); |
| |
} |
| |
|
| |
/* |
| |
* A virgin directory (no blushing please). |
| |
* |
| |
* XXX Copypasta from ufs_vnops.c. Kill! |
| |
*/ |
| |
static const struct dirtemplate mastertemplate = { |
| |
0, 12, DT_DIR, 1, ".", |
| |
0, DIRBLKSIZ - 12, DT_DIR, 2, ".." |
| |
}; |
| |
|
| |
/* |
| |
* ufs_gro_rename: Actually perform the rename operation. |
| |
*/ |
| |
int |
| |
ufs_gro_rename(struct mount *mp, kauth_cred_t cred, |
| |
struct vnode *fdvp, struct componentname *fcnp, |
| |
void *fde, struct vnode *fvp, |
| |
struct vnode *tdvp, struct componentname *tcnp, |
| |
void *tde, struct vnode *tvp) |
| |
{ |
| |
struct ufs_lookup_results *fulr = fde; |
| |
struct ufs_lookup_results *tulr = tde; |
| |
bool directory_p, reparent_p; |
| |
struct direct *newdir; |
| |
int error; |
| |
|
| |
KASSERT(mp != NULL); |
| |
KASSERT(fdvp != NULL); |
| |
KASSERT(fcnp != NULL); |
| |
KASSERT(fulr != NULL); |
| |
KASSERT(fvp != NULL); |
| |
KASSERT(tdvp != NULL); |
| |
KASSERT(tcnp != NULL); |
| |
KASSERT(tulr != NULL); |
| |
KASSERT(fulr != tulr); |
| |
KASSERT(fdvp != fvp); |
| |
KASSERT(fdvp != tvp); |
| |
KASSERT(tdvp != fvp); |
| |
KASSERT(tdvp != tvp); |
| |
KASSERT(fvp != tvp); |
| |
KASSERT(fdvp->v_mount == mp); |
| |
KASSERT(fvp->v_mount == mp); |
| |
KASSERT(tdvp->v_mount == mp); |
| |
KASSERT((tvp == NULL) || (tvp->v_mount == mp)); |
| |
KASSERT(VOP_ISLOCKED(fdvp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(fvp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(tdvp) == LK_EXCLUSIVE); |
| |
KASSERT((tvp == NULL) || (VOP_ISLOCKED(tvp) == LK_EXCLUSIVE)); |
| |
|
| |
/* |
| |
* We shall need to temporarily bump the link count, so make |
| |
* sure there is room to do so. |
| |
*/ |
| |
if ((nlink_t)VTOI(fvp)->i_nlink >= LINK_MAX) |
| |
return EMLINK; |
| |
|
| |
/* |
| |
* XXX There is a pile of logic here to handle a voodoo flag |
| |
* IN_RENAME. I think this is a vestige of days when the file |
| |
* system hackers didn't understand concurrency or race |
| |
* conditions; I believe it serves no useful function |
| |
* whatsoever. |
| |
*/ |
| |
|
| |
directory_p = (fvp->v_type == VDIR); |
| |
KASSERT(directory_p == ((VTOI(fvp)->i_mode & IFMT) == IFDIR)); |
| |
KASSERT((tvp == NULL) || (directory_p == (tvp->v_type == VDIR))); |
| |
KASSERT((tvp == NULL) || (directory_p == |
| |
((VTOI(tvp)->i_mode & IFMT) == IFDIR))); |
| |
if (directory_p) { |
| |
if (VTOI(fvp)->i_flag & IN_RENAME) |
| |
return EINVAL; |
| |
VTOI(fvp)->i_flag |= IN_RENAME; |
| |
} |
| |
|
| |
reparent_p = (fdvp != tdvp); |
| |
KASSERT(reparent_p == (VTOI(fdvp)->i_number != VTOI(tdvp)->i_number)); |
| |
|
| |
/* |
| |
* Commence hacking of the data on disk. |
| |
*/ |
| |
|
| |
fstrans_start(mp, FSTRANS_SHARED); |
| |
error = UFS_WAPBL_BEGIN(mp); |
| |
if (error) |
| |
goto ihateyou; |
| |
|
| |
/* |
| |
* 1) Bump link count while we're moving stuff |
| |
* around. If we crash somewhere before |
| |
* completing our work, the link count |
| |
* may be wrong, but correctable. |
| |
*/ |
| |
|
| |
KASSERT((nlink_t)VTOI(fvp)->i_nlink < LINK_MAX); |
| |
VTOI(fvp)->i_nlink++; |
| |
DIP_ASSIGN(VTOI(fvp), nlink, VTOI(fvp)->i_nlink); |
| |
VTOI(fvp)->i_flag |= IN_CHANGE; |
| |
error = UFS_UPDATE(fvp, NULL, NULL, UPDATE_DIROP); |
| |
if (error) |
| |
goto whymustithurtsomuch; |
| |
|
| |
/* |
| |
* 2) If target doesn't exist, link the target |
| |
* to the source and unlink the source. |
| |
* Otherwise, rewrite the target directory |
| |
* entry to reference the source inode and |
| |
* expunge the original entry's existence. |
| |
*/ |
| |
|
| |
if (tvp == NULL) { |
| |
/* |
| |
* Account for ".." in new directory. |
| |
* When source and destination have the same |
| |
* parent we don't fool with the link count. |
| |
*/ |
| |
if (directory_p && reparent_p) { |
| |
if ((nlink_t)VTOI(tdvp)->i_nlink >= LINK_MAX) { |
| |
error = EMLINK; |
| |
goto whymustithurtsomuch; |
| |
} |
| |
KASSERT((nlink_t)VTOI(tdvp)->i_nlink < LINK_MAX); |
| |
VTOI(tdvp)->i_nlink++; |
| |
DIP_ASSIGN(VTOI(tdvp), nlink, VTOI(tdvp)->i_nlink); |
| |
VTOI(tdvp)->i_flag |= IN_CHANGE; |
| |
error = UFS_UPDATE(tdvp, NULL, NULL, UPDATE_DIROP); |
| |
if (error) { |
| |
/* |
| |
* Link count update didn't take -- |
| |
* back out the in-memory link count. |
| |
*/ |
| |
KASSERT(0 < VTOI(tdvp)->i_nlink); |
| |
VTOI(tdvp)->i_nlink--; |
| |
DIP_ASSIGN(VTOI(tdvp), nlink, |
| |
VTOI(tdvp)->i_nlink); |
| |
VTOI(tdvp)->i_flag |= IN_CHANGE; |
| |
goto whymustithurtsomuch; |
| |
} |
| |
} |
| |
|
| |
newdir = pool_cache_get(ufs_direct_cache, PR_WAITOK); |
| |
ufs_makedirentry(VTOI(fvp), tcnp, newdir); |
| |
error = ufs_direnter(tdvp, tulr, NULL, newdir, tcnp, NULL); |
| |
pool_cache_put(ufs_direct_cache, newdir); |
| |
if (error) { |
| |
if (directory_p && reparent_p) { |
| |
/* |
| |
* Directory update didn't take, but |
| |
* the link count update did -- back |
| |
* out the in-memory link count and the |
| |
* on-disk link count. |
| |
*/ |
| |
KASSERT(0 < VTOI(tdvp)->i_nlink); |
| |
VTOI(tdvp)->i_nlink--; |
| |
DIP_ASSIGN(VTOI(tdvp), nlink, |
| |
VTOI(tdvp)->i_nlink); |
| |
VTOI(tdvp)->i_flag |= IN_CHANGE; |
| |
(void)UFS_UPDATE(tdvp, NULL, NULL, |
| |
UPDATE_WAIT | UPDATE_DIROP); |
| |
} |
| |
goto whymustithurtsomuch; |
| |
} |
| |
} else { |
| |
if (directory_p) |
| |
/* XXX WTF? Why purge here? Why not purge others? */ |
| |
cache_purge(tdvp); |
| |
|
| |
/* |
| |
* Make the target directory's entry for tcnp point at |
| |
* the source node. |
| |
* |
| |
* XXX ufs_dirrewrite decrements tvp's link count, but |
| |
* doesn't touch the link count of the new inode. Go |
| |
* figure. |
| |
*/ |
| |
error = ufs_dirrewrite(VTOI(tdvp), tulr->ulr_offset, |
| |
VTOI(tvp), VTOI(fvp)->i_number, IFTODT(VTOI(fvp)->i_mode), |
| |
((directory_p && reparent_p) ? reparent_p : directory_p), |
| |
IN_CHANGE | IN_UPDATE); |
| |
if (error) |
| |
goto whymustithurtsomuch; |
| |
|
| |
/* |
| |
* If the source and target are directories, and the |
| |
* target is in the same directory as the source, |
| |
* decrement the link count of the common parent |
| |
* directory, since we are removing the target from |
| |
* that directory. |
| |
*/ |
| |
if (directory_p && !reparent_p) { |
| |
KASSERT(fdvp == tdvp); |
| |
/* XXX check, don't kassert */ |
| |
KASSERT(0 < VTOI(tdvp)->i_nlink); |
| |
VTOI(tdvp)->i_nlink--; |
| |
DIP_ASSIGN(VTOI(tdvp), nlink, VTOI(tdvp)->i_nlink); |
| |
VTOI(tdvp)->i_flag |= IN_CHANGE; |
| |
UFS_WAPBL_UPDATE(tdvp, NULL, NULL, 0); |
| |
} |
| |
|
| |
if (directory_p) { |
| |
/* |
| |
* XXX I don't understand the following comment |
| |
* from ufs_rename -- in particular, the part |
| |
* about `there may be other hard links'. |
| |
* |
| |
* Truncate inode. The only stuff left in the directory |
| |
* is "." and "..". The "." reference is inconsequential |
| |
* since we are quashing it. We have removed the "." |
| |
* reference and the reference in the parent directory, |
| |
* but there may be other hard links. |
| |
* |
| |
* XXX The ufs_dirempty call earlier does |
| |
* not guarantee anything about nlink. |
| |
*/ |
| |
if (VTOI(tvp)->i_nlink != 1) |
| |
ufs_dirbad(VTOI(tvp), (doff_t)0, |
| |
"hard-linked directory"); |
| |
VTOI(tvp)->i_nlink = 0; |
| |
DIP_ASSIGN(VTOI(tvp), nlink, 0); |
| |
error = UFS_TRUNCATE(tvp, (off_t)0, IO_SYNC, cred); |
| |
if (error) |
| |
goto whymustithurtsomuch; |
| |
} |
| |
} |
| |
|
| |
/* |
| |
* If the source is a directory with a new parent, the link |
| |
* count of the old parent directory must be decremented and |
| |
* ".." set to point to the new parent. |
| |
* |
| |
* XXX ufs_dirrewrite updates the link count of fdvp, but not |
| |
* the link count of fvp or the link count of tdvp. Go figure. |
| |
*/ |
| |
if (directory_p && reparent_p) { |
| |
error = ufs_dirrewrite(VTOI(fvp), mastertemplate.dot_reclen, |
| |
VTOI(fdvp), VTOI(tdvp)->i_number, DT_DIR, 0, IN_CHANGE); |
| |
#if 0 /* XXX This branch was not in ufs_rename! */ |
| |
if (error) |
| |
goto whymustithurtsomuch; |
| |
#endif |
| |
|
| |
/* XXX WTF? Why purge here? Why not purge others? */ |
| |
cache_purge(fdvp); |
| |
} |
| |
|
| |
/* |
| |
* 3) Unlink the source. |
| |
*/ |
| |
|
| |
/* |
| |
* ufs_direnter may compact the directory in the process of |
| |
* inserting a new entry. That may invalidate fulr, which we |
| |
* need in order to remove the old entry. In that case, we |
| |
* need to recalculate what fulr should be. |
| |
* |
| |
* XXX I believe this is necessary only if tvp == NULL as well. |
| |
*/ |
| |
if (!reparent_p && ufs_rename_ulr_overlap_p(fulr, tulr)) { |
| |
error = ufs_rename_recalculate_fulr(fdvp, fulr, tulr, fcnp); |
| |
#if 0 /* XXX */ |
| |
if (error) /* XXX Try to back out changes? */ |
| |
goto whymustithurtsomuch; |
| |
#endif |
| |
} |
| |
|
| |
/* |
| |
* XXX 0 means !isrmdir. But can't this be an rmdir? |
| |
* XXX Well, turns out that argument to ufs_dirremove is ignored... |
| |
* XXX And it turns out ufs_dirremove updates the link count of fvp. |
| |
* XXX But it doesn't update the link count of fdvp. Go figure. |
| |
* XXX fdvp's link count is updated in ufs_dirrewrite instead. |
| |
* XXX Actually, sometimes it doesn't update fvp's link count. |
| |
* XXX I hate the world. |
| |
*/ |
| |
error = ufs_dirremove(fdvp, fulr, VTOI(fvp), fcnp->cn_flags, 0); |
| |
if (error) |
| |
#if 0 /* XXX */ |
| |
goto whymustithurtsomuch; |
| |
#endif |
| |
goto arghmybrainhurts; |
| |
|
| |
/* |
| |
* XXX Perhaps this should go at the top, in case the file |
| |
* system is modified but incompletely so because of an |
| |
* intermediate error. |
| |
*/ |
| |
genfs_rename_knote(fdvp, fvp, tdvp, tvp, |
| |
((tvp != NULL) && (VTOI(tvp)->i_nlink == 0))); |
| |
#if 0 /* XXX */ |
| |
genfs_rename_cache_purge(fdvp, fvp, tdvp, tvp); |
| |
#endif |
| |
goto arghmybrainhurts; |
| |
|
| |
whymustithurtsomuch: |
| |
KASSERT(0 < VTOI(fvp)->i_nlink); |
| |
VTOI(fvp)->i_nlink--; |
| |
DIP_ASSIGN(VTOI(fvp), nlink, VTOI(fvp)->i_nlink); |
| |
VTOI(fvp)->i_flag |= IN_CHANGE; |
| |
if (directory_p) |
| |
VTOI(fvp)->i_flag &=~ IN_RENAME; |
| |
UFS_WAPBL_UPDATE(fvp, NULL, NULL, 0); |
| |
|
| |
arghmybrainhurts: |
| |
UFS_WAPBL_END(mp); |
| |
|
| |
ihateyou: |
| |
fstrans_done(mp); |
| |
/* XXX UFS kludge -- get rid of me with IN_RENAME! */ |
| |
if (directory_p) |
| |
VTOI(fvp)->i_flag &=~ IN_RENAME; |
| |
return error; |
| |
} |
| |
|
| |
/* |
| |
* ufs_rename_ulr_overlap_p: True iff tulr overlaps with fulr so that |
| |
* entering a directory entry at tulr may move fulr. |
| |
*/ |
| |
static bool |
| |
ufs_rename_ulr_overlap_p(const struct ufs_lookup_results *fulr, |
| |
const struct ufs_lookup_results *tulr) |
| |
{ |
| |
doff_t from_prev_start, from_prev_end, to_start, to_end; |
| |
|
| |
KASSERT(fulr != NULL); |
| |
KASSERT(tulr != NULL); |
| |
KASSERT(fulr != tulr); |
| |
|
| |
/* |
| |
* fulr is from a DELETE lookup, so fulr->ulr_count is the size |
| |
* of the preceding entry (d_reclen). |
| |
*/ |
| |
from_prev_end = fulr->ulr_offset; |
| |
KASSERT(fulr->ulr_count <= from_prev_end); |
| |
from_prev_start = (from_prev_end - fulr->ulr_count); |
| |
|
| |
/* |
| |
* tulr is from a RENAME lookup, so tulr->ulr_count is the size |
| |
* of the free space for an entry that we are about to fill. |
| |
*/ |
| |
to_start = tulr->ulr_offset; |
| |
KASSERT(tulr->ulr_count < (MAXDIRSIZE - to_start)); |
| |
to_end = (to_start + tulr->ulr_count); |
| |
|
| |
return |
| |
(((to_start <= from_prev_start) && (from_prev_start < to_end)) || |
| |
((to_start <= from_prev_end) && (from_prev_end < to_end))); |
| |
} |
| |
|
| |
/* |
| |
* ufs_rename_recalculate_fulr: If we have just entered a directory into |
| |
* dvp at tulr, and we were about to remove one at fulr for an entry |
| |
* named fcnp, fulr may be invalid. So, if necessary, recalculate it. |
| |
*/ |
| |
static int |
| |
ufs_rename_recalculate_fulr(struct vnode *dvp, |
| |
struct ufs_lookup_results *fulr, const struct ufs_lookup_results *tulr, |
| |
const struct componentname *fcnp) |
| |
{ |
| |
struct mount *mp; |
| |
struct ufsmount *ump; |
| |
int needswap; |
| |
/* XXX int is a silly type for this; blame ufsmount::um_dirblksiz. */ |
| |
int directory_block_mask; |
| |
unsigned long io_block_mask; |
| |
doff_t offset; /* Offset of entry we're examining. */ |
| |
doff_t search_end; /* Limit to our search. */ |
| |
struct buf *bp; /* I/O block we're examining. */ |
| |
char *dirbuf; /* Pointer into bp's data. */ |
| |
doff_t dirbuf_offset; /* Offset of dirbuf from directory start. */ |
| |
struct direct *ep; /* Pointer to the entry we're examining. */ |
| |
/* XXX direct::d_reclen is 16-bit; |
| |
* ufs_lookup_results::ulr_reclen is 32-bit. Blah. */ |
| |
uint32_t reclen; /* Length of the entry we're examining. */ |
| |
uint32_t prev_reclen; /* Length of the preceding entry. */ |
| |
int error; |
| |
|
| |
KASSERT(dvp != NULL); |
| |
KASSERT(dvp->v_mount != NULL); |
| |
KASSERT(VTOI(dvp) != NULL); |
| |
KASSERT(fulr != NULL); |
| |
KASSERT(tulr != NULL); |
| |
KASSERT(fulr != tulr); |
| |
KASSERT(ufs_rename_ulr_overlap_p(fulr, tulr)); |
| |
|
| |
mp = dvp->v_mount; |
| |
ump = VFSTOUFS(mp); |
| |
KASSERT(ump != NULL); |
| |
KASSERT(ump == VTOI(dvp)->i_ump); |
| |
|
| |
needswap = UFS_MPNEEDSWAP(ump); |
| |
|
| |
KASSERT(0 < ump->um_dirblksiz); |
| |
KASSERT((ump->um_dirblksiz & (ump->um_dirblksiz - 1)) == 0); |
| |
directory_block_mask = (ump->um_dirblksiz - 1); |
| |
|
| |
KASSERT(0 < mp->mnt_stat.f_iosize); |
| |
KASSERT((mp->mnt_stat.f_iosize & (mp->mnt_stat.f_iosize - 1)) == 0); |
| |
io_block_mask = (mp->mnt_stat.f_iosize - 1); |
| |
|
| |
offset = tulr->ulr_offset; |
| |
KASSERT(fulr->ulr_reclen < (MAXDIRSIZE - fulr->ulr_offset)); |
| |
search_end = (fulr->ulr_offset + fulr->ulr_reclen); |
| |
|
| |
dirbuf = NULL; |
| |
bp = NULL; |
| |
dirbuf_offset = offset; |
| |
error = ufs_blkatoff(dvp, (off_t)dirbuf_offset, &dirbuf, &bp, false); |
| |
if (error) |
| |
return error; |
| |
KASSERT(dirbuf != NULL); |
| |
KASSERT(bp != NULL); |
| |
|
| |
prev_reclen = fulr->ulr_count; |
| |
|
| |
/* |
| |
* Search from offset to search_end for the entry matching |
| |
* fcnp, which must be there because we found it before and it |
| |
* should only at most have moved earlier. |
| |
*/ |
| |
for (;;) { |
| |
KASSERT(offset < search_end); |
| |
|
| |
/* |
| |
* If we are at an I/O block boundary, fetch the next block. |
| |
*/ |
| |
if ((offset & io_block_mask) == 0) { |
| |
#if 0 /* XXX */ |
| |
printf("%s: directory block of inode 0x%llx" |
| |
" extends across I/O block boundary," |
| |
" which shouldn't happen!\n", |
| |
mp->mnt_stat.f_mntonname, |
| |
(unsigned long long)VTOI(dvp)->i_number); |
| |
#endif |
| |
brelse(bp, 0); |
| |
dirbuf = NULL; |
| |
bp = NULL; |
| |
dirbuf_offset = offset; |
| |
error = ufs_blkatoff(dvp, (off_t)dirbuf_offset, |
| |
&dirbuf, &bp, false); |
| |
if (error) |
| |
return error; |
| |
KASSERT(dirbuf != NULL); |
| |
KASSERT(bp != NULL); |
| |
} |
| |
|
| |
/* |
| |
* Examine the directory entry at offset. |
| |
*/ |
| |
KASSERT(dirbuf_offset <= offset); |
| |
ep = (struct direct *)(dirbuf + (offset - dirbuf_offset)); |
| |
reclen = ufs_rw16(ep->d_reclen, needswap); |
| |
|
| |
if (ep->d_ino == 0) |
| |
goto next; /* Entry is unused. */ |
| |
|
| |
if (ufs_rw32(ep->d_ino, needswap) == WINO) |
| |
goto next; /* Entry is whiteout. */ |
| |
|
| |
if (fcnp->cn_namelen != ufs_direct_namlen(ep, dvp)) |
| |
goto next; /* Wrong name length. */ |
| |
|
| |
if (memcmp(ep->d_name, fcnp->cn_nameptr, fcnp->cn_namelen)) |
| |
goto next; /* Wrong name. */ |
| |
|
| |
/* Got it! */ |
| |
break; |
| |
|
| |
next: |
| |
if (! ((reclen < search_end) && |
| |
(offset < (search_end - reclen)))) { |
| |
brelse(bp, 0); |
| |
return EIO; /* XXX Panic? What? */ |
| |
} |
| |
|
| |
KASSERT(reclen < search_end); |
| |
KASSERT(offset < (search_end - reclen)); |
| |
prev_reclen = reclen; |
| |
offset += reclen; |
| |
} |
| |
|
| |
/* |
| |
* Found the entry. Record where. |
| |
*/ |
| |
fulr->ulr_offset = offset; |
| |
fulr->ulr_reclen = reclen; |
| |
|
| |
/* |
| |
* Record the preceding record length, but not if we're at the |
| |
* start of a directory block. |
| |
*/ |
| |
fulr->ulr_count = ((offset & directory_block_mask)? prev_reclen : 0); |
| |
|
| |
brelse(bp, 0); |
| |
return 0; |
| |
} |
| |
|
| |
/* |
| |
* ufs_direct_namlen: Return the namlen of the directory entry ep from |
| |
* the directory vp. |
| |
*/ |
| |
static int /* XXX int? uint8_t? */ |
| |
ufs_direct_namlen(const struct direct *ep, const struct vnode *vp) |
| |
{ |
| |
bool swap; |
| |
|
| |
KASSERT(ep != NULL); |
| |
KASSERT(vp != NULL); |
| |
KASSERT(VTOI(vp) != NULL); |
| |
KASSERT(VTOI(vp)->i_ump != NULL); |
| |
|
| |
#if (BYTE_ORDER == LITTLE_ENDIAN) |
| |
swap = (UFS_MPNEEDSWAP(VTOI(vp)->i_ump) == 0); |
| |
#else |
| |
swap = (UFS_MPNEEDSWAP(VTOI(vp)->i_ump) != 0); |
| |
#endif |
| |
|
| |
return ((FSFMT(vp) && swap)? ep->d_type : ep->d_namlen); |
| |
} |
| |
|
| |
/* |
| |
* ufs_gro_remove: Rename an object over another link to itself, |
| |
* effectively removing just the original link. |
| |
*/ |
| |
int |
| |
ufs_gro_remove(struct mount *mp, kauth_cred_t cred, |
| |
struct vnode *dvp, struct componentname *cnp, void *de, struct vnode *vp) |
| |
{ |
| |
struct ufs_lookup_results *ulr = de; |
| |
int error; |
| |
|
| |
KASSERT(mp != NULL); |
| |
KASSERT(dvp != NULL); |
| |
KASSERT(cnp != NULL); |
| |
KASSERT(ulr != NULL); |
| |
KASSERT(vp != NULL); |
| |
KASSERT(dvp != vp); |
| |
KASSERT(dvp->v_mount == mp); |
| |
KASSERT(vp->v_mount == mp); |
| |
KASSERT(dvp->v_type == VDIR); |
| |
KASSERT(vp->v_type != VDIR); |
| |
KASSERT(VOP_ISLOCKED(dvp) == LK_EXCLUSIVE); |
| |
KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE); |
| |
KASSERT(cnp->cn_nameiop == DELETE); |
| |
|
| |
fstrans_start(mp, FSTRANS_SHARED); |
| |
error = UFS_WAPBL_BEGIN(mp); |
| |
if (error) |
| |
goto out0; |
| |
|
| |
/* XXX ufs_dirremove decrements vp's link count for us. */ |
| |
error = ufs_dirremove(dvp, ulr, VTOI(vp), cnp->cn_flags, 0); |
| |
if (error) |
| |
goto out1; |
| |
|
| |
VN_KNOTE(dvp, NOTE_WRITE); |
| |
VN_KNOTE(vp, (VTOI(vp)->i_nlink? NOTE_LINK : NOTE_DELETE)); |
| |
|
| |
out1: UFS_WAPBL_END(mp); |
| |
out0: fstrans_done(mp); |
| |
return error; |
| |
} |
| |
|
| |
/* |
| |
* ufs_gro_lookup: Look up and save the lookup results. |
| |
*/ |
| |
int |
| |
ufs_gro_lookup(struct mount *mp, struct vnode *dvp, |
| |
struct componentname *cnp, void *de_ret, struct vnode **vp_ret) |
| |
{ |
| |
struct ufs_lookup_results *ulr_ret = de_ret; |
| |
struct vnode *vp = NULL; |
| |
int error; |
| |
|
| |
(void)mp; |
| |
KASSERT(mp != NULL); |
| |
KASSERT(dvp != NULL); |
| |
KASSERT(cnp != NULL); |
| |
KASSERT(ulr_ret != NULL); |
| |
KASSERT(vp_ret != NULL); |
| |
KASSERT(VOP_ISLOCKED(dvp) == LK_EXCLUSIVE); |
| |
|
| |
/* Kludge cargo-culted from dholland's ufs_rename. */ |
| |
cnp->cn_flags &=~ MODMASK; |
| |
cnp->cn_flags |= (LOCKPARENT | LOCKLEAF); |
| |
|
| |
error = relookup(dvp, &vp, cnp, 0 /* dummy */); |
| |
if ((error == 0) && (vp == NULL)) { |
| |
error = ENOENT; |
| |
goto out; |
| |
} else if (error) { |
| |
return error; |
| |
} |
| |
|
| |
/* |
| |
* Thanks to VFS insanity, relookup locks vp, which screws us |
| |
* in various ways. |
| |
*/ |
| |
KASSERT(vp != NULL); |
| |
VOP_UNLOCK(vp); |
| |
|
| |
out: *ulr_ret = VTOI(dvp)->i_crap; |
| |
*vp_ret = vp; |
| |
return error; |
| |
} |
| |
|
| |
/* |
| |
* ufs_rmdired_p: Check whether the directory vp has been rmdired. |
| |
* |
| |
* vp must be locked and referenced. |
| |
*/ |
| |
static bool |
| |
ufs_rmdired_p(struct vnode *vp) |
| |
{ |
| |
|
| |
KASSERT(vp != NULL); |
| |
KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE); |
| |
KASSERT(vp->v_type == VDIR); |
| |
|
| |
/* XXX Is this correct? */ |
| |
return (VTOI(vp)->i_size == 0); |
| |
} |
| |
|
| |
/* |
| |
* ufs_read_dotdot: Store in *ino_ret the inode number of the parent |
| |
* of the directory vp. |
| |
*/ |
| |
static int |
| |
ufs_read_dotdot(struct vnode *vp, kauth_cred_t cred, ino_t *ino_ret) |
| |
{ |
| |
struct dirtemplate dirbuf; |
| |
int error; |
| |
|
| |
KASSERT(vp != NULL); |
| |
KASSERT(ino_ret != NULL); |
| |
KASSERT(vp->v_type == VDIR); |
| |
|
| |
error = vn_rdwr(UIO_READ, vp, &dirbuf, sizeof dirbuf, (off_t)0, |
| |
UIO_SYSSPACE, IO_NODELOCKED, cred, NULL, NULL); |
| |
if (error) |
| |
return error; |
| |
|
| |
if (ufs_dirbuf_dotdot_namlen(&dirbuf, vp) != 2 || |
| |
dirbuf.dotdot_name[0] != '.' || |
| |
dirbuf.dotdot_name[1] != '.') |
| |
/* XXX Panic? Print warning? */ |
| |
return ENOTDIR; |
| |
|
| |
*ino_ret = ufs_rw32(dirbuf.dotdot_ino, |
| |
UFS_MPNEEDSWAP(VTOI(vp)->i_ump)); |
| |
return 0; |
| |
} |
| |
|
| |
/* |
| |
* ufs_dirbuf_dotdot_namlen: Return the namlen of the directory buffer |
| |
* dirbuf that came from the directory vp. Swap byte order if |
| |
* necessary. |
| |
*/ |
| |
static int /* XXX int? uint8_t? */ |
| |
ufs_dirbuf_dotdot_namlen(const struct dirtemplate *dirbuf, |
| |
const struct vnode *vp) |
| |
{ |
| |
bool swap; |
| |
|
| |
KASSERT(dirbuf != NULL); |
| |
KASSERT(vp != NULL); |
| |
KASSERT(VTOI(vp) != NULL); |
| |
KASSERT(VTOI(vp)->i_ump != NULL); |
| |
|
| |
#if (BYTE_ORDER == LITTLE_ENDIAN) |
| |
swap = (UFS_MPNEEDSWAP(VTOI(vp)->i_ump) == 0); |
| |
#else |
| |
swap = (UFS_MPNEEDSWAP(VTOI(vp)->i_ump) != 0); |
| |
#endif |
| |
|
| |
return ((FSFMT(vp) && swap)? |
| |
dirbuf->dotdot_type : dirbuf->dotdot_namlen); |
| |
} |
| |
|
| |
/* |
| |
* ufs_gro_genealogy: Analyze the genealogy of the source and target |
| |
* directories. |
| |
*/ |
| |
int |
| |
ufs_gro_genealogy(struct mount *mp, kauth_cred_t cred, |
| |
struct vnode *fdvp, struct vnode *tdvp, |
| |
struct vnode **intermediate_node_ret) |
| |
{ |
| |
struct vnode *vp, *dvp; |
| |
ino_t dotdot_ino; |
| |
int error; |
| |
|
| |
KASSERT(mp != NULL); |
| |
KASSERT(fdvp != NULL); |
| |
KASSERT(tdvp != NULL); |
| |
KASSERT(fdvp != tdvp); |
| |
KASSERT(intermediate_node_ret != NULL); |
| |
KASSERT(fdvp->v_mount == mp); |
| |
KASSERT(tdvp->v_mount == mp); |
| |
KASSERT(fdvp->v_type == VDIR); |
| |
KASSERT(tdvp->v_type == VDIR); |
| |
|
| |
/* |
| |
* We need to provisionally lock tdvp to keep rmdir from |
| |
* deleting it -- or any ancestor -- at an inopportune moment. |
| |
*/ |
| |
error = ufs_gro_lock_directory(mp, tdvp); |
| |
if (error) |
| |
return error; |
| |
|
| |
vp = tdvp; |
| |
vref(vp); |
| |
|
| |
for (;;) { |
| |
KASSERT(vp != NULL); |
| |
KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE); |
| |
KASSERT(vp->v_mount == mp); |
| |
KASSERT(vp->v_type == VDIR); |
| |
KASSERT(!ufs_rmdired_p(vp)); |
| |
|
| |
/* Did we hit the root without finding fdvp? */ |
| |
if (VTOI(vp)->i_number == ROOTINO) { |
| |
vput(vp); |
| |
*intermediate_node_ret = NULL; |
| |
return 0; |
| |
} |
| |
|
| |
error = ufs_read_dotdot(vp, cred, &dotdot_ino); |
| |
if (error) { |
| |
vput(vp); |
| |
return error; |
| |
} |
| |
|
| |
/* Did we find that fdvp is an ancestor of tdvp? */ |
| |
if (VTOI(fdvp)->i_number == dotdot_ino) { |
| |
/* Unlock vp, but keep it referenced. */ |
| |
VOP_UNLOCK(vp); |
| |
*intermediate_node_ret = vp; |
| |
return 0; |
| |
} |
| |
|
| |
/* Neither -- keep ascending the family tree. */ |
| |
|
| |
/* |
| |
* Unlock vp so that we can lock the parent, but keep |
| |
* vp referenced until after we have found the parent, |
| |
* so that dotdot_ino will not be recycled. |
| |
* |
| |
* XXX This guarantees that vp's inode number will not |
| |
* be recycled, but why can't dotdot_ino be recycled? |
| |
*/ |
| |
VOP_UNLOCK(vp); |
| |
error = VFS_VGET(mp, dotdot_ino, &dvp); |
| |
vrele(vp); |
| |
if (error) |
| |
return error; |
| |
|
| |
KASSERT(dvp != NULL); |
| |
KASSERT(VOP_ISLOCKED(dvp) == LK_EXCLUSIVE); |
| |
vp = dvp; |
| |
|
| |
if (vp->v_type != VDIR) { |
| |
/* |
| |
* XXX Panic? Print a warning? Can this |
| |
* happen if we lose the race I suspect to |
| |
* exist above, and the `..' inode number has |
| |
* been recycled? |
| |
*/ |
| |
vput(vp); |
| |
return ENOTDIR; |
| |
} |
| |
|
| |
if (ufs_rmdired_p(vp)) { |
| |
vput(vp); |
| |
return ENOENT; |
| |
} |
| |
} |
| |
} |
| |
|
| |
/* |
| |
* ufs_gro_lock_directory: Lock the directory vp, but fail if it has |
| |
* been rmdir'd. |
| |
*/ |
| |
int |
| |
ufs_gro_lock_directory(struct mount *mp, struct vnode *vp) |
| |
{ |
| |
|
| |
(void)mp; |
| |
KASSERT(mp != NULL); |
| |
KASSERT(vp != NULL); |
| |
KASSERT(vp->v_mount == mp); |
| |
|
| |
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); |
| |
|
| |
if (ufs_rmdired_p(vp)) { |
| |
VOP_UNLOCK(vp); |
| |
return ENOENT; |
| |
} |
| |
|
| |
return 0; |
| |
} |
| |
|
| |
static const struct genfs_rename_ops ufs_genfs_rename_ops = { |
| |
.gro_directory_empty_p = ufs_gro_directory_empty_p, |
| |
.gro_rename_check_possible = ufs_gro_rename_check_possible, |
| |
.gro_rename_check_permitted = ufs_gro_rename_check_permitted, |
| |
.gro_remove_check_possible = ufs_gro_remove_check_possible, |
| |
.gro_remove_check_permitted = ufs_gro_remove_check_permitted, |
| |
.gro_rename = ufs_gro_rename, |
| |
.gro_remove = ufs_gro_remove, |
| |
.gro_lookup = ufs_gro_lookup, |
| |
.gro_genealogy = ufs_gro_genealogy, |
| |
.gro_lock_directory = ufs_gro_lock_directory, |
| |
}; |
![[BACK]](/icons/back.gif){kind=icon}
Return to ufs_rename.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / ufs / ufs