summaryrefslogtreecommitdiffstats
path: root/sys/kern/vfs_lookup.c
Commit message (Collapse)AuthorAgeFilesLines
* Use correct VFS locking rather than unconditionally grabbing Giant aroundjhb2005-09-211-12/+8
| | | | | | | namei() calls in kern_alternate_path(). Reviewed by: csjp MFC after: 1 week
* Improve the MP safeness associated with the creation of symboliccsjp2005-09-151-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | links and the execution of ELF binaries. Two problems were found: 1) The link path wasn't tagged as being MP safe and thus was not properly protected. 2) The ELF interpreter vnode wasnt being locked in namei(9) and thus was insufficiently protected. This commit makes the following changes: -Sets the MPSAFE flag in NDINIT for symbolic link paths -Sets the MPSAFE flag in NDINIT and introduce a vfslocked variable which will be used to instruct VFS_UNLOCK_GIANT to unlock Giant if it has been picked up. -Drop in an assertion into vfs_lookup which ensures that if the MPSAFE flag is NOT set, that we have picked up giant. If not panic (if WITNESS compiled into the kernel). This should help us find conditions where vnode operations are in-sufficiently protected. This is a RELENG_6 candidate. Discussed with: jeff MFC after: 4 days
* Do not keep parent directory locked while calling VFS_ROOT to traverse mountkan2005-08-141-0/+2
| | | | | | | points in lookup(). The lock can be dropped safely around VFS_ROOT because LOCKPARENT semantics with child and perent vnodes coming from different FSes does not really have any meaningful use. On the other hard, this prevents easily triggered deadlock on systems using automounter daemon.
* - Remove a debugging printf that slipped in.jeff2005-04-131-1/+0
| | | | Spotted by: Peter Wemm
* - Further simplify lookup; Force all filesystems to relock in the DOTDOTjeff2005-04-131-30/+23
| | | | | | | | | | | case. There are bugs in some which didn't unlock in the ISDOTDOT case to begin with that need to be addressed seperately. This simplifies things anyway. - Fix relookup() to prevent it from vrele()'ing the dvp while the vp is locked. Catch up to other lookup changes. Sponsored by: Isilon Systems, Inc. Reported by: Peter Wemm
* - If we vrele() a dvp while the child is locked we can potentially deadlockjeff2005-04-091-51/+60
| | | | | | | | | | | | | | | | | | when vrele() acquires the directory lock in the wrong order. Fix this via the following changes: - Keep the directory locked after VOP_LOOKUP() until we've determined what we're going to do with the child. This allows us to remove the complicated post LOOKUP code which determins whether we should lock or unlock the parent. This means we may have to vput() in the appropriate cases later, rather than doing an unsafe vrele. - in NDFREE() keep two flags to indicate whether we need to unlock vp or dvp. This allows us to vput rather than vrele in the appropriate cases without rechecking the flags. Move the code to handle dvp after we handle vp. - Remove some dead code from namei() that was the result of changes to VFS_LOCK_GIANT(). Sponsored by: Isilon Systems, Inc.
* - Move NDFREE() from vfs_subr to vfs_lookup where namei() is.jeff2005-04-051-0/+38
|
* - Include opt_vfs.h for LOOKUP_SHARED.jeff2005-04-031-8/+16
| | | | | - Control the behavior of shared lookups with the lookup_shared sysctl which has its default behavior set via the LOOKUP_SHARED option.
* - Set cn_lkflags to LK_SHARED in the LOOKUP_SHARED case so that we onlyjeff2005-03-291-5/+29
| | | | | | | | | acquire shared locks on intermediate directories. - For the LASTCN, we may have to LK_UPGRADE the parent directory before we lookup the last component. - Acquire VFS_ROOT and dp locks based on the cn_lkflag. Sponsored by: Isilon Systems, Inc.
* - Remove an unused variable from relookup().jeff2005-03-281-5/+2
| | | | | | | - Assert that REMOVE, CREATE, and RENAME callers have WANTPARENT or LOCKPARENT set. You can't complete any of these operations without at least a reference to the parent. Many filesystems check for this case even though it isn't possible in the current system.
* - Get rid of PDIRUNLOCK, instead, we fixup the lock state immediately afterjeff2005-03-281-13/+51
| | | | | | | | | | | | | calling VOP_LOOKUP(). Rather than having each filesystem check the LOCKPARENT flag, we simply check it once here and unlock as required. The only unusual case is ISDOTDOT, where we require an unlocked vnode on return. Relocking this vnode with the child locked is allowed since the child is actually its parent. - Add a few asserts for some unusual conditions that I do not believe can happen. These will later go away and turn into implementations for these conditions. Sponsored by: Isilon Systems, Inc.
* - Pass LK_EXCLUSIVE to VFS_ROOT() to satisfy the new flags argument. Forjeff2005-03-241-1/+1
| | | | | | now, all calls to VFS_ROOT() should still acquire exclusive locks. Sponsored by: Isilon Systems, Inc.
* - Clear LOCKSHARED if LOOKUP_SHARED is not enabled. This is not strictlyjeff2005-03-241-0/+3
| | | | | | | | necessary since we disable the shared locks in vfs_cache, but it is prefered that the option not leak out into filesystems when it is disabled. Sponsored by: Isilon Systems, Inc.
* - Tweak kern_msgctl() to return a copy of the requested message queue idjhb2005-02-071-0/+113
| | | | | | | | | | | | | | | | | structure in the struct pointed to by the 3rd argument for IPC_STAT and get rid of the 4th argument. The old way returned a pointer into the kernel array that the calling function would then access afterwards without holding the appropriate locks and doing non-lock-safe things like copyout() with the data anyways. This change removes that unsafeness and resulting race conditions as well as simplifying the interface. - Implement kern_foo wrappers for stat(), lstat(), fstat(), statfs(), fstatfs(), and fhstatfs(). Use these wrappers to cut out a lot of code duplication for freebsd4 and netbsd compatability system calls. - Add a new lookup function kern_alternate_path() that looks up a filename under an alternate prefix and determines which filename should be used. This is basically a more general version of linux_emul_convpath() that can be shared by all the ABIs thus allowing for further reduction of code duplication.
* Don't call VOP_CREATEVOBJECT(), it's the responsibility of thephk2005-01-241-10/+0
| | | | filesystem which owns the vnode.
* - Acquire and release Giant as we enter and leave filesystems whichjeff2005-01-241-6/+37
| | | | | | | | | require it. - Track the status of Giant with the nd flag HASGIANT. - Release giant on return of namei() callers are not marked MPSAFE as they already own giant. Sponsored By: Isilon Systems, Inc.
* Ditch vfs_object_create() and make the callers call VOP_CREATEVOBJECT()phk2005-01-131-3/+3
| | | | directly.
* /* -> /*- for copyright notices, minor format tweaks as necessaryimp2005-01-061-1/+1
|
* Make NAMEI_DIAGNOSTIC compile again and add a stragic vprint()phk2004-12-031-8/+9
|
* Assert Giant in namei(). Bugs have been reported in which, followingrwatson2004-08-041-0/+2
| | | | | | | a sleep() call waking up in namei(), a later assertion triggers that Giant is not held. By asserting Giant at the start of namei(), we can know that if that assertion triggers, Giant is lost during the call to namei(), and not before.
* Make VFS_ROOT() and vflush() take a thread argument.alfred2004-07-121-1/+1
| | | | | | This is to allow filesystems to decide based on the passed thread which vnode to return. Several filesystems used curthread, they now use the passed thread.
* Remove advertising clause from University of California Regent's license,imp2004-04-051-4/+0
| | | | | | per letter dated July 22, 1999. Approved by: core
* Use __FBSDID().obrien2003-06-111-1/+3
|
* Back out M_* changes, per decision of the TRB.imp2003-02-191-2/+2
| | | | Approved by: trb
* Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.alfred2003-01-211-2/+2
| | | | Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
* Add a new 'NOMACCHECK' flag to namei() NDINIT flags, which permits therwatson2002-10-191-6/+11
| | | | | | | | | | | | | | | | | | caller to indicate that MAC checks are not required for the lookup. Similar to IO_NOMACCHECK for vn_rdwr(), this indicates that the caller has already performed all required protections and that this is an internally generated operation. This will be used by the NFS server code, as we don't currently enforce MAC protections against requests delivered via NFS. While here, add NOCROSSMOUNT to PARAMASK; apparently this was used at one point for name lookup flag checking, but isn't any longer or it would have triggered from the NFS server code passing it to indicate that mountpoints shouldn't be crossed in lookups. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* - Replace v_flag with v_iflag and v_vflagjeff2002-08-041-2/+2
| | | | | | | | | | | | | | | - v_vflag is protected by the vnode lock and is used when synchronization with VOP calls is needed. - v_iflag is protected by interlock and is used for dealing with vnode management issues. These flags include X/O LOCK, FREE, DOOMED, etc. - All accesses to v_iflag and v_vflag have either been locked or marked with mp_fixme's. - Many ASSERT_VOP_LOCKED calls have been added where the locking was not clear. - Many functions in vfs_subr.c were restructured to provide for stronger locking. Idea stolen from: BSD/OS
* Introduce support for Mandatory Access Control and extensiblerwatson2002-08-011-0/+12
| | | | | | | | | | kernel access control. Authorize vop_readlink() and vop_lookup() activities during recursive path lookup via namei() via calls to appropriate MAC entry points. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
* Under #ifdef DIAGNOSTIC, NULL out componentname pointers if we free therwatson2002-07-241-2/+18
| | | | | | pnbuf to increase the chances of detecting use of a free'd name buffer if SAVENAME or SAVESTART wasn't passed in. Curiously, running with these changes doesn't panic the kernel, and should.
* Catch up to changes in ktrace API.jhb2002-06-071-2/+5
|
* More s/file system/filesystem/gtrhodes2002-05-161-4/+4
|
* Remove references to vm_zone.h and switch over to the new uma API.jeff2002-03-201-12/+12
| | | | | Also, remove maxsockets. If you look carefully you'll notice that the old zone allocator never honored this anyway.
* This is the first part of the new kernel memory allocator. This replacesjeff2002-03-191-2/+3
| | | | | | malloc(9) and vm_zone with a slab like allocator. Reviewed by: arch@
* - Change namei() to use td_ucred instead of p_ucred.jhb2002-02-271-1/+1
| | | | | - Change the hack in access() that uses a temporary credential to set td_ucred to the temp cred instead of p_ucred.
* Include sys/_lock.h and sys/_mutex.h to reduce namespace pollution.alfred2002-01-131-0/+1
| | | | Requested by: jhb
* SMP Lock struct file, filedesc and the global file list.alfred2002-01-131-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Seigo Tanimura (tanimura) posted the initial delta. I've polished it quite a bit reducing the need for locking and adapting it for KSE. Locks: 1 mutex in each filedesc protects all the fields. protects "struct file" initialization, while a struct file is being changed from &badfileops -> &pipeops or something the filedesc should be locked. 1 mutex in each struct file protects the refcount fields. doesn't protect anything else. the flags used for garbage collection have been moved to f_gcflag which was the FILLER short, this doesn't need locking because the garbage collection is a single threaded container. could likely be made to use a pool mutex. 1 sx lock for the global filelist. struct file * fhold(struct file *fp); /* increments reference count on a file */ struct file * fhold_locked(struct file *fp); /* like fhold but expects file to locked */ struct file * ffind_hold(struct thread *, int fd); /* finds the struct file in thread, adds one reference and returns it unlocked */ struct file * ffind_lock(struct thread *, int fd); /* ffind_hold, but returns file locked */ I still have to smp-safe the fget cruft, I'll get to that asap.
* KSE Milestone 2julian2001-09-121-26/+26
| | | | | | | | | | | | | | Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process. Sorry john! (your next MFC will be a doosie!) Reviewed by: peter@freebsd.org, dillon@freebsd.org X-MFC after: ha ha ha ha
* After exhaustive discussions and some meandering and confusion, enoughdillon2001-06-241-0/+6
| | | | | | | | | | | | | | | people are on track with the cause and effect of this, and although fixing this severely degenerate case appears to violate the letter of POSIX.1-200x, Bruce and I (and enough others) agree that it should be comitted. So, this patch generates an ENOENT error for any attempt to do a path lookup through an empty symlink (e.g. open(), stat()). Submitted by: "Andrey A. Chernov" <ache@nagual.pp.ru> Reviewed by: bde Discussed exhaustively on: freebsd-current Previously committed to: NetBSD 4 years ago
* Undo part of the tangle of having sys/lock.h and sys/mutex.h included inmarkm2001-05-011-1/+1
| | | | | | | | | | | other "system" header files. Also help the deprecation of lockmgr.h by making it a sub-include of sys/lock.h and removing sys/lockmgr.h form kernel .c files. Sort sys/*.h includes where possible in affected files. OK'ed by: bde (with reservations)
* Revert consequences of changes to mount.h, part 2.grog2001-04-291-2/+0
| | | | Requested by: bde
* Correct #includes to work with fixed sys/mount.h.grog2001-04-231-0/+2
|
* Untangle vfsinit() a bit. Use seperate sysinit functions rather thanpeter2000-12-061-0/+14
| | | | having a super-function calling bits all over the place.
* This is a fix for a problem described in PR kern/19572. It wasalfred2000-11-301-1/+11
| | | | | | | | | | | recently discussed at -hackers. The problem is a null-pointer dereference that happens in kern/vfs_lookup.c when accessing ".." with a v_mount entry for the current directory vnode of NULL. This happens when a volume is forcibly unmounted, and the vnode for a working directory in the mounted volume is cleared. PR: 23191 Submitted by: Thomas Moestl <tmoestl@gmx.net>
* Add new flag PDIRUNLOCK to the component.cn_flags which should be set bybp2000-09-171-2/+7
| | | | | | | | | | | | | | | | | | filesystem lookup() routine if it unlocks parent directory. This flag should be carefully tracked by filesystems if they want to work properly with nullfs and other stacked filesystems. VFS takes advantage of this flag to perform symantically correct usage of vrele() instead of vput() if parent directory already unlocked. If filesystem fails to track this flag then previous codepath in VFS left unchanged. Convert UFS code to set PDIRUNLOCK flag if necessary. Other filesystmes will be changed after some period of testing. Reviewed in general by: mckusick, dillon, adrian Obtained from: NetBSD
* Unlock current directory when calling VFS_ROOT() because underlyingbp2000-09-131-3/+10
| | | | | | | filesystem may hold the lock. Otherwise unavoidable deadlock will occur. This shouldn't have any side effects as long as we hold vfs lock. Obtained from: NetBSD
* Introduce NDFREE (and remove VOP_ABORTOP)eivind1999-12-151-3/+4
|
* Before we start to mess with the VFS name-cache clean things up a little bit:phk1999-10-031-8/+1
| | | | Isolate the namecache in its own file, and give it a dedicated malloc type.
* Fix a hole in jail(2).phk1999-09-251-1/+6
| | | | Noticed by: Alexander Bezroutchko <abb@zenon.net>
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* Add sysctl and support code to allow directories to be VMIO'd. The defaultalc1999-07-261-3/+3
| | | | | | setting for the sysctl is OFF, which is the historical operation. Submitted by: dillon
OpenPOWER on IntegriCloud