1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 1990, 2010, Oracle and/or its affiliates. All rights reserved.
  23  * Copyright (c) 2011 Bayard G. Bell. All rights reserved.
  24  * Copyright 2013 Joyent, Inc. All rights reserved.
  25  * Copyright (c) 2017 by Delphix. All rights reserved.
  26  */
  27 
  28 /*
  29  * VFS operations for High Sierra filesystem
  30  */
  31 
  32 #include <sys/types.h>
  33 #include <sys/isa_defs.h>
  34 #include <sys/t_lock.h>
  35 #include <sys/param.h>
  36 #include <sys/systm.h>
  37 #include <sys/sysmacros.h>
  38 #include <sys/kmem.h>
  39 #include <sys/signal.h>
  40 #include <sys/user.h>
  41 #include <sys/proc.h>
  42 #include <sys/disp.h>
  43 #include <sys/buf.h>
  44 #include <sys/pathname.h>
  45 #include <sys/vfs.h>
  46 #include <sys/vfs_opreg.h>
  47 #include <sys/vnode.h>
  48 #include <sys/file.h>
  49 #include <sys/uio.h>
  50 #include <sys/conf.h>
  51 #include <sys/policy.h>
  52 
  53 #include <vm/page.h>
  54 
  55 #include <sys/fs/snode.h>
  56 #include <sys/fs/hsfs_spec.h>
  57 #include <sys/fs/hsfs_isospec.h>
  58 #include <sys/fs/hsfs_node.h>
  59 #include <sys/fs/hsfs_impl.h>
  60 #include <sys/fs/hsfs_susp.h>
  61 #include <sys/fs/hsfs_rrip.h>
  62 
  63 #include <sys/statvfs.h>
  64 #include <sys/mount.h>
  65 #include <sys/mntent.h>
  66 #include <sys/swap.h>
  67 #include <sys/errno.h>
  68 #include <sys/debug.h>
  69 #include "fs/fs_subr.h"
  70 #include <sys/cmn_err.h>
  71 #include <sys/bootconf.h>
  72 
  73 #include <sys/sdt.h>
  74 
  75 /*
  76  * These are needed for the CDROMREADOFFSET Code
  77  */
  78 #include <sys/cdio.h>
  79 #include <sys/sunddi.h>
  80 
  81 #define HSFS_CLKSET
  82 
  83 #include <sys/modctl.h>
  84 
  85 /*
  86  * Options for mount.
  87  */
  88 #define HOPT_GLOBAL     MNTOPT_GLOBAL
  89 #define HOPT_NOGLOBAL   MNTOPT_NOGLOBAL
  90 #define HOPT_MAPLCASE   "maplcase"
  91 #define HOPT_NOMAPLCASE "nomaplcase"
  92 #define HOPT_NOTRAILDOT "notraildot"
  93 #define HOPT_TRAILDOT   "traildot"
  94 #define HOPT_NRR        "nrr"
  95 #define HOPT_RR         "rr"
  96 #define HOPT_JOLIET     "joliet"
  97 #define HOPT_NOJOLIET   "nojoliet"
  98 #define HOPT_JOLIETLONG "jolietlong"
  99 #define HOPT_VERS2      "vers2"
 100 #define HOPT_NOVERS2    "novers2"
 101 #define HOPT_RO         MNTOPT_RO
 102 
 103 static char *global_cancel[] = { HOPT_NOGLOBAL, NULL };
 104 static char *noglobal_cancel[] = { HOPT_GLOBAL, NULL };
 105 static char *mapl_cancel[] = { HOPT_NOMAPLCASE, NULL };
 106 static char *nomapl_cancel[] = { HOPT_MAPLCASE, NULL };
 107 static char *ro_cancel[] = { MNTOPT_RW, NULL };
 108 static char *rr_cancel[] = { HOPT_NRR, NULL };
 109 static char *nrr_cancel[] = { HOPT_RR, NULL };
 110 static char *joliet_cancel[] = { HOPT_NOJOLIET, NULL };
 111 static char *nojoliet_cancel[] = { HOPT_JOLIET, NULL };
 112 static char *vers2_cancel[] = { HOPT_NOVERS2, NULL };
 113 static char *novers2_cancel[] = { HOPT_VERS2, NULL };
 114 static char *trail_cancel[] = { HOPT_NOTRAILDOT, NULL };
 115 static char *notrail_cancel[] = { HOPT_TRAILDOT, NULL };
 116 
 117 static mntopt_t hsfs_options[] = {
 118         { HOPT_GLOBAL, global_cancel, NULL, 0, NULL },
 119         { HOPT_NOGLOBAL, noglobal_cancel, NULL, MO_DEFAULT, NULL },
 120         { HOPT_MAPLCASE, mapl_cancel, NULL, MO_DEFAULT, NULL },
 121         { HOPT_NOMAPLCASE, nomapl_cancel, NULL, 0, NULL },
 122         { HOPT_RO, ro_cancel, NULL, MO_DEFAULT, NULL },
 123         { HOPT_RR, rr_cancel, NULL, MO_DEFAULT, NULL },
 124         { HOPT_NRR, nrr_cancel, NULL, 0, NULL },
 125         { HOPT_JOLIET, joliet_cancel, NULL, 0, NULL },
 126         { HOPT_NOJOLIET, nojoliet_cancel, NULL, 0, NULL },
 127         { HOPT_JOLIETLONG, NULL, NULL, 0, NULL },
 128         { HOPT_VERS2, vers2_cancel, NULL, 0, NULL },
 129         { HOPT_NOVERS2, novers2_cancel, NULL, 0, NULL },
 130         { HOPT_TRAILDOT, trail_cancel, NULL, MO_DEFAULT, NULL },
 131         { HOPT_NOTRAILDOT, notrail_cancel, NULL, 0, NULL },
 132         { "sector", NULL, "0", MO_HASVALUE, NULL},
 133 };
 134 
 135 static mntopts_t hsfs_proto_opttbl = {
 136         sizeof (hsfs_options) / sizeof (mntopt_t),
 137         hsfs_options
 138 };
 139 
 140 /*
 141  * Indicates whether to enable the I/O scheduling and readahead logic
 142  * 1 - Enable, 0 - Do not Enable.
 143  * Debugging purposes.
 144  */
 145 int do_schedio = 1;
 146 static int hsfsfstype;
 147 static int hsfsinit(int, char *);
 148 
 149 static vfsdef_t vfw = {
 150         VFSDEF_VERSION,
 151         "hsfs",
 152         hsfsinit,
 153         /* We don't suppport remounting */
 154         VSW_HASPROTO|VSW_STATS|VSW_CANLOFI|VSW_MOUNTDEV,
 155         &hsfs_proto_opttbl
 156 };
 157 
 158 static struct modlfs modlfs = {
 159         &mod_fsops, "filesystem for HSFS", &vfw
 160 };
 161 
 162 static struct modlinkage modlinkage = {
 163         MODREV_1, (void *)&modlfs, NULL
 164 };
 165 
 166 extern void hsched_init_caches(void);
 167 extern void hsched_fini_caches(void);
 168 
 169 
 170 int
 171 _init(void)
 172 {
 173         return (mod_install(&modlinkage));
 174 }
 175 
 176 int
 177 _fini(void)
 178 {
 179         int     error;
 180 
 181         error = mod_remove(&modlinkage);
 182 
 183         DTRACE_PROBE1(mod_remove, int, error);
 184 
 185         if (error)
 186                 return (error);
 187 
 188         mutex_destroy(&hs_mounttab_lock);
 189 
 190         /*
 191          * Tear down the operations vectors
 192          */
 193         (void) vfs_freevfsops_by_type(hsfsfstype);
 194         vn_freevnodeops(hsfs_vnodeops);
 195 
 196         hs_fini_hsnode_cache();
 197         hsched_fini_caches();
 198         return (0);
 199 }
 200 
 201 int
 202 _info(struct modinfo *modinfop)
 203 {
 204         return (mod_info(&modlinkage, modinfop));
 205 }
 206 
 207 #define BDEVFLAG(dev)   ((devopsp[getmajor(dev)])->devo_cb_ops->cb_flag)
 208 
 209 kmutex_t hs_mounttab_lock;
 210 struct hsfs *hs_mounttab = NULL;
 211 
 212 /* default mode, uid, gid */
 213 mode_t hsfs_default_mode = 0555;
 214 uid_t hsfs_default_uid = 0;
 215 gid_t hsfs_default_gid = 3;
 216 
 217 extern void hsched_init(struct hsfs *fsp, int fsid,
 218                                         struct modlinkage *modlinkage);
 219 extern void hsched_fini(struct hsfs_queue *hqueue);
 220 extern void hsfs_init_kstats(struct hsfs *fsp, int fsid);
 221 extern void hsfs_fini_kstats(struct hsfs *fsp);
 222 
 223 static int hsfs_mount(struct vfs *vfsp, struct vnode *mvp,
 224         struct mounta *uap, struct cred *cr);
 225 static int hsfs_unmount(struct vfs *vfsp, int, struct cred *cr);
 226 static int hsfs_root(struct vfs *vfsp, struct vnode **vpp);
 227 static int hsfs_statvfs(struct vfs *vfsp, struct statvfs64 *sbp);
 228 static int hsfs_vget(struct vfs *vfsp, struct vnode **vpp, struct fid *fidp);
 229 static int hsfs_mountroot(struct vfs *, enum whymountroot);
 230 
 231 static int hs_mountfs(struct vfs *vfsp, dev_t dev, char *path,
 232         mode_t mode, int flags, struct cred *cr, int isroot);
 233 static int hs_getrootvp(struct vfs *vfsp, struct hsfs *fsp, size_t pathsize);
 234 static int hs_findhsvol(struct hsfs *fsp, struct vnode *vp,
 235         struct hs_volume *hvp);
 236 static int hs_parsehsvol(struct hsfs *fsp, uchar_t *volp,
 237         struct hs_volume *hvp);
 238 static int hs_findisovol(struct hsfs *fsp, struct vnode *vp,
 239         struct hs_volume *hvp,
 240         struct hs_volume *svp,
 241         struct hs_volume *jvp);
 242 static int hs_joliet_level(uchar_t *volp);
 243 static int hs_parseisovol(struct hsfs *fsp, uchar_t *volp,
 244         struct hs_volume *hvp);
 245 static void hs_copylabel(struct hs_volume *, unsigned char *, int);
 246 static int hs_getmdev(struct vfs *, char *fspec, int flags, dev_t *pdev,
 247         mode_t *mode, cred_t *cr);
 248 static int hs_findvoldesc(dev_t rdev, int desc_sec);
 249 
 250 static int
 251 hsfsinit(int fstype, char *name)
 252 {
 253         static const fs_operation_def_t hsfs_vfsops_template[] = {
 254                 VFSNAME_MOUNT,          { .vfs_mount = hsfs_mount },
 255                 VFSNAME_UNMOUNT,        { .vfs_unmount = hsfs_unmount },
 256                 VFSNAME_ROOT,           { .vfs_root = hsfs_root },
 257                 VFSNAME_STATVFS,        { .vfs_statvfs = hsfs_statvfs },
 258                 VFSNAME_VGET,           { .vfs_vget = hsfs_vget },
 259                 VFSNAME_MOUNTROOT,      { .vfs_mountroot = hsfs_mountroot },
 260                 NULL,                   NULL
 261         };
 262         int error;
 263 
 264         error = vfs_setfsops(fstype, hsfs_vfsops_template, NULL);
 265         if (error != 0) {
 266                 cmn_err(CE_WARN, "hsfsinit: bad vfs ops template");
 267                 return (error);
 268         }
 269 
 270         error = vn_make_ops(name, hsfs_vnodeops_template, &hsfs_vnodeops);
 271         if (error != 0) {
 272                 (void) vfs_freevfsops_by_type(fstype);
 273                 cmn_err(CE_WARN, "hsfsinit: bad vnode ops template");
 274                 return (error);
 275         }
 276 
 277         hsfsfstype = fstype;
 278         mutex_init(&hs_mounttab_lock, NULL, MUTEX_DEFAULT, NULL);
 279         hs_init_hsnode_cache();
 280         hsched_init_caches();
 281         return (0);
 282 }
 283 
 284 /*ARGSUSED*/
 285 static int
 286 hsfs_mount(struct vfs *vfsp, struct vnode *mvp,
 287     struct mounta *uap, struct cred *cr)
 288 {
 289         int             vnode_busy;
 290         dev_t           dev;
 291         struct pathname dpn;
 292         int             error;
 293         mode_t          mode;
 294         int             flags;  /* this will hold the mount specific data */
 295 
 296         if ((error = secpolicy_fs_mount(cr, mvp, vfsp)) != 0)
 297                 return (error);
 298 
 299         if (mvp->v_type != VDIR)
 300                 return (ENOTDIR);
 301 
 302         /* mount option must be read only, else mount will be rejected */
 303         if (!(uap->flags & MS_RDONLY))
 304                 return (EROFS);
 305 
 306         /*
 307          * We already told the framework that we don't support remounting.
 308          */
 309         ASSERT(!(uap->flags & MS_REMOUNT));
 310 
 311         mutex_enter(&mvp->v_lock);
 312         vnode_busy = (mvp->v_count != 1) || (mvp->v_flag & VROOT);
 313         mutex_exit(&mvp->v_lock);
 314 
 315         if ((uap->flags & MS_OVERLAY) == 0 && vnode_busy) {
 316                 return (EBUSY);
 317         }
 318 
 319         /*
 320          * Check for the options that actually affect things
 321          * at our level.
 322          */
 323         flags = 0;
 324         if (vfs_optionisset(vfsp, HOPT_NOMAPLCASE, NULL))
 325                 flags |= HSFSMNT_NOMAPLCASE;
 326         if (vfs_optionisset(vfsp, HOPT_NOTRAILDOT, NULL))
 327                 flags |= HSFSMNT_NOTRAILDOT;
 328         if (vfs_optionisset(vfsp, HOPT_NRR, NULL))
 329                 flags |= HSFSMNT_NORRIP;
 330         if (vfs_optionisset(vfsp, HOPT_NOJOLIET, NULL))
 331                 flags |= HSFSMNT_NOJOLIET;
 332         if (vfs_optionisset(vfsp, HOPT_JOLIETLONG, NULL))
 333                 flags |= HSFSMNT_JOLIETLONG;
 334         if (vfs_optionisset(vfsp, HOPT_NOVERS2, NULL))
 335                 flags |= HSFSMNT_NOVERS2;
 336 
 337         error = pn_get(uap->dir, (uap->flags & MS_SYSSPACE) ?
 338             UIO_SYSSPACE : UIO_USERSPACE, &dpn);
 339         if (error)
 340                 return (error);
 341 
 342         error = hs_getmdev(vfsp, uap->spec, uap->flags, &dev, &mode, cr);
 343         if (error != 0) {
 344                 pn_free(&dpn);
 345                 return (error);
 346         }
 347 
 348         /*
 349          * If the device is a tape, return error
 350          */
 351         if ((BDEVFLAG(dev) & D_TAPE) == D_TAPE)  {
 352                 pn_free(&dpn);
 353                 return (ENOTBLK);
 354         }
 355 
 356         /*
 357          * Mount the filesystem.
 358          */
 359         error = hs_mountfs(vfsp, dev, dpn.pn_path, mode, flags, cr, 0);
 360         pn_free(&dpn);
 361         return (error);
 362 }
 363 
 364 /*ARGSUSED*/
 365 static int
 366 hsfs_unmount(
 367         struct vfs *vfsp,
 368         int flag,
 369         struct cred *cr)
 370 {
 371         struct hsfs **tspp;
 372         struct hsfs *fsp;
 373 
 374         if (secpolicy_fs_unmount(cr, vfsp) != 0)
 375                 return (EPERM);
 376 
 377         /*
 378          * forced unmount is not supported by this file system
 379          * and thus, ENOTSUP is being returned.
 380          */
 381         if (flag & MS_FORCE)
 382                 return (ENOTSUP);
 383 
 384         fsp = VFS_TO_HSFS(vfsp);
 385 
 386         if (fsp->hsfs_rootvp->v_count != 1)
 387                 return (EBUSY);
 388 
 389         /* destroy all old pages and hsnodes for this vfs */
 390         if (hs_synchash(vfsp))
 391                 return (EBUSY);
 392 
 393         mutex_enter(&hs_mounttab_lock);
 394         for (tspp = &hs_mounttab; *tspp != NULL; tspp = &(*tspp)->hsfs_next) {
 395                 if (*tspp == fsp)
 396                         break;
 397         }
 398         if (*tspp == NULL) {
 399                 mutex_exit(&hs_mounttab_lock);
 400                 panic("hsfs_unmount: vfs not mounted?");
 401                 /*NOTREACHED*/
 402         }
 403 
 404         *tspp = fsp->hsfs_next;
 405 
 406         mutex_exit(&hs_mounttab_lock);
 407 
 408         hsfs_fini_kstats(fsp);
 409         (void) VOP_CLOSE(fsp->hsfs_devvp, FREAD, 1, (offset_t)0, cr, NULL);
 410         VN_RELE(fsp->hsfs_devvp);
 411         /* free path table space */
 412         if (fsp->hsfs_ptbl != NULL)
 413                 kmem_free(fsp->hsfs_ptbl, (size_t)fsp->hsfs_vol.ptbl_len);
 414         /* free path table index table */
 415         if (fsp->hsfs_ptbl_idx != NULL)
 416                 kmem_free(fsp->hsfs_ptbl_idx, (size_t)
 417                     (fsp->hsfs_ptbl_idx_size * sizeof (struct ptable_idx)));
 418 
 419         /* free "mounted on" pathame */
 420         if (fsp->hsfs_fsmnt != NULL)
 421                 kmem_free(fsp->hsfs_fsmnt, strlen(fsp->hsfs_fsmnt) + 1);
 422 
 423         hsched_fini(fsp->hqueue);
 424         kmem_free(fsp->hqueue, sizeof (struct hsfs_queue));
 425 
 426         mutex_destroy(&fsp->hsfs_free_lock);
 427         rw_destroy(&fsp->hsfs_hash_lock);
 428 
 429         kmem_free(fsp, sizeof (*fsp));
 430         return (0);
 431 }
 432 
 433 /*ARGSUSED*/
 434 static int
 435 hsfs_root(struct vfs *vfsp, struct vnode **vpp)
 436 {
 437         *vpp = (VFS_TO_HSFS(vfsp))->hsfs_rootvp;
 438         VN_HOLD(*vpp);
 439         return (0);
 440 }
 441 
 442 /*ARGSUSED*/
 443 static int
 444 hsfs_statvfs(struct vfs *vfsp, struct statvfs64 *sbp)
 445 {
 446         struct hsfs *fsp;
 447         dev32_t d32;
 448 
 449         fsp = VFS_TO_HSFS(vfsp);
 450         if (fsp->hsfs_magic != HSFS_MAGIC)
 451                 return (EINVAL);
 452         bzero(sbp, sizeof (*sbp));
 453         sbp->f_bsize = vfsp->vfs_bsize;
 454         sbp->f_frsize = sbp->f_bsize; /* no fragment, same as block size */
 455         sbp->f_blocks = (fsblkcnt64_t)fsp->hsfs_vol.vol_size;
 456 
 457         sbp->f_bfree = (fsblkcnt64_t)0;
 458         sbp->f_bavail = (fsblkcnt64_t)0;
 459         sbp->f_files = (fsfilcnt64_t)-1;
 460         sbp->f_ffree = (fsfilcnt64_t)0;
 461         sbp->f_favail = (fsfilcnt64_t)0;
 462         (void) cmpldev(&d32, vfsp->vfs_dev);
 463         sbp->f_fsid = d32;
 464         (void) strcpy(sbp->f_basetype, vfssw[vfsp->vfs_fstype].vsw_name);
 465         sbp->f_flag = vf_to_stf(vfsp->vfs_flag);
 466         sbp->f_namemax = fsp->hsfs_namemax;
 467         (void) strcpy(sbp->f_fstr, fsp->hsfs_vol.vol_id);
 468 
 469         return (0);
 470 }
 471 
 472 /*
 473  * Previously nodeid was declared as uint32_t. This has been changed
 474  * to conform better with the ISO9660 standard. The standard states that
 475  * a LBN can be a 32 bit number, as the MAKE_NODEID macro shifts this
 476  * LBN 11 places left (LBN_TO_BYTE) and then shifts the result 5 right
 477  * (divide by 32) we are left with the potential of an overflow if
 478  * confined to a 32 bit value.
 479  */
 480 
 481 static int
 482 hsfs_vget(struct vfs *vfsp, struct vnode **vpp, struct fid *fidp)
 483 {
 484         struct hsfid *fid;
 485         struct hsfs *fsp;
 486         ino64_t nodeid;
 487         int error;
 488 
 489         fsp = (struct hsfs *)VFS_TO_HSFS(vfsp);
 490         fid = (struct hsfid *)fidp;
 491 
 492         /*
 493          * Look for vnode on hashlist.
 494          * If found, it's now active and the refcnt was incremented.
 495          */
 496 
 497         rw_enter(&fsp->hsfs_hash_lock, RW_READER);
 498 
 499         nodeid = fid->hf_ino;
 500 
 501         if ((*vpp = hs_findhash(nodeid, fid->hf_dir_lbn,
 502             (uint_t)fid->hf_dir_off, vfsp)) == NULL) {
 503                 /*
 504                  * Not in cache, so we need to remake it.
 505                  * hs_remakenode() will read the directory entry
 506                  * and then check again to see if anyone else has
 507                  * put it in the cache.
 508                  */
 509                 rw_exit(&fsp->hsfs_hash_lock);
 510                 error = hs_remakenode(fid->hf_dir_lbn, (uint_t)fid->hf_dir_off,
 511                     vfsp, vpp);
 512                 return (error);
 513         }
 514         rw_exit(&fsp->hsfs_hash_lock);
 515         return (0);
 516 }
 517 
 518 
 519 #define CHECKSUM_SIZE                           (64 * 1024)
 520 
 521 /*
 522  * Compute a CD-ROM fsid by checksumming the first 64K of data on the CD
 523  * We use the 'fsp' argument to determine the location of the root
 524  * directory entry, and we start reading from there.
 525  */
 526 static int
 527 compute_cdrom_id(struct hsfs *fsp, vnode_t *devvp)
 528 {
 529         uint_t          secno;
 530         struct hs_volume *hsvp = &fsp->hsfs_vol;
 531         struct buf      *bp;
 532         int             error;
 533         int             fsid;
 534 
 535         secno = hsvp->root_dir.ext_lbn >> hsvp->lbn_secshift;
 536         bp = bread(devvp->v_rdev, secno * 4, CHECKSUM_SIZE);
 537         error = geterror(bp);
 538 
 539         /*
 540          * An error on read or a partial read means we asked
 541          * for a nonexistant/corrupted piece of the device
 542          * (including past-the-end of the media). Don't
 543          * try to use the checksumming method then.
 544          */
 545         if (!error && bp->b_bcount == CHECKSUM_SIZE) {
 546                 int *ibuf = (int *)bp->b_un.b_addr;
 547                 int i;
 548 
 549                 fsid = 0;
 550 
 551                 for (i = 0; i < CHECKSUM_SIZE / sizeof (int); i++)
 552                         fsid ^= ibuf[ i ];
 553         } else {
 554                 /*
 555                  * Fallback - use creation date
 556                  */
 557                 fsid = hsvp->cre_date.tv_sec;
 558         }
 559 
 560         brelse(bp);
 561 
 562         return (fsid);
 563 }
 564 
 565 
 566 /*ARGSUSED*/
 567 static int
 568 hs_mountfs(
 569         struct vfs      *vfsp,
 570         dev_t           dev,
 571         char            *path,
 572         mode_t          mode,
 573         int             mount_flags,
 574         struct cred     *cr,
 575         int             isroot)
 576 {
 577         struct vnode    *devvp;
 578         struct hsfs     *tsp;
 579         struct hsfs     *fsp = NULL;
 580         struct vattr    vap;
 581         struct hsnode   *hp;
 582         int             error;
 583         struct timeval  tv;
 584         int             fsid;
 585         int             use_rrip;
 586         int             use_vers2;
 587         int             use_joliet;
 588         int             has_rrip = 0;
 589         int             has_vers2 = 0;
 590         int             has_joliet = 0;
 591         int             force_rrip_off;
 592         int             force_vers2_off;
 593         int             force_joliet_off;
 594         size_t          pathbufsz = strlen(path) + 1;
 595         int             redo_rootvp;
 596 
 597         struct hs_volume *svp = NULL;   /* Supplemental VD for ISO-9660:1999 */
 598         struct hs_volume *jvp = NULL;   /* Joliet VD */
 599 
 600         /*
 601          * The rules for which extension will be used are:
 602          * 1. No specific mount options given:
 603          *      - use rrip if available
 604          *      - use ISO9660:1999 if available
 605          *      - use joliet if available.
 606          * 2. rrip/ISO9660:1999/joliet explicitly disabled via mount option:
 607          *      - use next "lower" extension
 608          * 3. joliet/ISO9660:1999/rrip explicitly requested via mount option:
 609          *      - disable rrip support even if available
 610          *      - disable IOS9660:1999 support even if available
 611          *
 612          * We need to adjust these flags as we discover the extensions
 613          * present. See below. These are just the starting values.
 614          */
 615         use_rrip = (mount_flags & HSFSMNT_NORRIP) == 0;
 616         use_vers2 = (mount_flags & HSFSMNT_NOVERS2) == 0;
 617         use_joliet = (mount_flags & HSFSMNT_NOJOLIET) == 0;
 618 
 619         /*
 620          * Open the device
 621          */
 622         devvp = makespecvp(dev, VBLK);
 623         ASSERT(devvp != 0);
 624 
 625         /*
 626          * Open the target device (file) for read only.
 627          */
 628         if (error = VOP_OPEN(&devvp, FREAD, cr, NULL)) {
 629                 VN_RELE(devvp);
 630                 return (error);
 631         }
 632 
 633         /*
 634          * Refuse to go any further if this
 635          * device is being used for swapping
 636          */
 637         if (IS_SWAPVP(common_specvp(devvp))) {
 638                 error = EBUSY;
 639                 goto cleanup;
 640         }
 641 
 642         vap.va_mask = AT_SIZE;
 643         if ((error = VOP_GETATTR(devvp, &vap, ATTR_COMM, cr, NULL)) != 0) {
 644                 cmn_err(CE_NOTE, "Cannot get attributes of the CD-ROM driver");
 645                 goto cleanup;
 646         }
 647 
 648         /*
 649          * Make sure we have a nonzero size partition.
 650          * The current version of the SD driver will *not* fail the open
 651          * of such a partition so we have to check for it here.
 652          */
 653         if (vap.va_size == 0) {
 654                 error = ENXIO;
 655                 goto cleanup;
 656         }
 657 
 658         /*
 659          * Init a new hsfs structure.
 660          */
 661         fsp = kmem_zalloc(sizeof (*fsp), KM_SLEEP);
 662         svp = kmem_zalloc(sizeof (*svp), KM_SLEEP);
 663         jvp = kmem_zalloc(sizeof (*jvp), KM_SLEEP);
 664 
 665         /* hardwire perms, uid, gid */
 666         fsp->hsfs_vol.vol_uid = hsfs_default_uid;
 667         fsp->hsfs_vol.vol_gid =  hsfs_default_gid;
 668         fsp->hsfs_vol.vol_prot = hsfs_default_mode;
 669         svp->vol_uid = hsfs_default_uid;
 670         svp->vol_gid =  hsfs_default_gid;
 671         svp->vol_prot = hsfs_default_mode;
 672         jvp->vol_uid = hsfs_default_uid;
 673         jvp->vol_gid =  hsfs_default_gid;
 674         jvp->vol_prot = hsfs_default_mode;
 675 
 676         /*
 677          * Look for a Standard File Structure Volume Descriptor,
 678          * of which there must be at least one.
 679          * If found, check for volume size consistency.
 680          *
 681          * If svp->lbn_size is != 0, we did find a ISO-9660:1999 SVD
 682          * If jvp->lbn_size is != 0, we did find a Joliet SVD.
 683          */
 684         fsp->hsfs_namemax = ISO_FILE_NAMELEN;
 685         fsp->hsfs_namelen = ISO_FILE_NAMELEN;
 686         error = hs_findisovol(fsp, devvp, &fsp->hsfs_vol, svp, jvp);
 687         if (error == EINVAL) /* no iso 9660 - try high sierra ... */
 688                 error = hs_findhsvol(fsp, devvp, &fsp->hsfs_vol);
 689 
 690         if (error)
 691                 goto cleanup;
 692 
 693         DTRACE_PROBE4(findvol,
 694             struct hsfs *, fsp,
 695             struct hs_volume *, &fsp->hsfs_vol,
 696             struct hs_volume *, svp,
 697             struct hs_volume *, jvp);
 698 
 699         /*
 700          * Generate a file system ID from the CD-ROM,
 701          * and check it for uniqueness.
 702          *
 703          * What we are aiming for is some chance of integrity
 704          * across disk change.  That is, if a client has an fhandle,
 705          * it will be valid as long as the same disk is mounted.
 706          */
 707         fsid = compute_cdrom_id(fsp, devvp);
 708 
 709         mutex_enter(&hs_mounttab_lock);
 710 
 711         if (fsid == 0 || fsid == -1) {
 712                 uniqtime(&tv);
 713                 fsid = tv.tv_sec;
 714         } else  /* make sure that the fsid is unique */
 715                 for (tsp = hs_mounttab; tsp != NULL; tsp = tsp->hsfs_next) {
 716                         if (fsid == tsp->hsfs_vfs->vfs_fsid.val[0]) {
 717                                 uniqtime(&tv);
 718                                 fsid = tv.tv_sec;
 719                                 break;
 720                         }
 721                 }
 722 
 723         fsp->hsfs_next = hs_mounttab;
 724         hs_mounttab = fsp;
 725 
 726         fsp->hsfs_devvp = devvp;
 727         fsp->hsfs_vfs = vfsp;
 728         fsp->hsfs_fsmnt = kmem_alloc(pathbufsz, KM_SLEEP);
 729         (void) strlcpy(fsp->hsfs_fsmnt, path, pathbufsz);
 730 
 731         mutex_init(&fsp->hsfs_free_lock, NULL, MUTEX_DEFAULT, NULL);
 732         rw_init(&fsp->hsfs_hash_lock, NULL, RW_DEFAULT, NULL);
 733 
 734         vfsp->vfs_data = (caddr_t)fsp;
 735         vfsp->vfs_dev = dev;
 736         vfsp->vfs_fstype = hsfsfstype;
 737         vfsp->vfs_bsize = fsp->hsfs_vol.lbn_size; /* %% */
 738         vfsp->vfs_fsid.val[0] = fsid;
 739         vfsp->vfs_fsid.val[1] =  hsfsfstype;
 740 
 741         if (!hs_getrootvp(vfsp, fsp, pathbufsz)) {
 742                 DTRACE_PROBE1(rootvp__failed, struct hsfs *, fsp);
 743                 error = EINVAL;
 744                 goto cleanup;
 745         }
 746         DTRACE_PROBE1(rootvp, struct hsfs *, fsp);
 747 
 748         /*
 749          * Attempt to discover a RR extension.
 750          */
 751         if (use_rrip) {
 752                 hp = VTOH(fsp->hsfs_rootvp);
 753                 hs_check_root_dirent(fsp->hsfs_rootvp, &(hp->hs_dirent));
 754         }
 755 
 756         has_rrip = IS_RRIP_IMPLEMENTED(fsp);
 757         has_vers2 = (svp->lbn_size != 0);
 758         has_joliet = (jvp->lbn_size != 0);
 759 
 760         DTRACE_PROBE4(voltype__suggested, struct hsfs *, fsp,
 761             int, use_rrip, int, use_vers2, int, use_joliet);
 762 
 763         DTRACE_PROBE4(voltype__actual, struct hsfs *, fsp,
 764             int, has_rrip, int, has_vers2, int, has_joliet);
 765 
 766         DTRACE_PROBE4(findvol,
 767             struct hsfs *, fsp,
 768             struct hs_volume *, &fsp->hsfs_vol,
 769             struct hs_volume *, svp,
 770             struct hs_volume *, jvp);
 771 
 772         force_rrip_off = !use_rrip ||
 773             (vfs_optionisset(vfsp, HOPT_JOLIET, NULL) && has_joliet) ||
 774             (vfs_optionisset(vfsp, HOPT_VERS2, NULL) && has_vers2);
 775 
 776         force_vers2_off = !use_vers2 ||
 777             (vfs_optionisset(vfsp, HOPT_JOLIET, NULL) && has_joliet);
 778 
 779         force_joliet_off = !use_joliet;
 780 
 781         DTRACE_PROBE4(voltype__force_off, struct hsfs *, fsp,
 782             int, force_rrip_off, int, force_vers2_off, int, force_joliet_off);
 783 
 784         /*
 785          * At the moment, we have references of all three possible
 786          * extensions (RR, ISO9660:1999/v2 and Joliet) if present.
 787          *
 788          * The "active" volume descriptor is RRIP (or ISO9660:1988).
 789          * We now switch to the user-requested one.
 790          */
 791         redo_rootvp = 0;
 792 
 793         if (force_rrip_off || !has_rrip) {
 794                 if (has_vers2 && !force_vers2_off) {
 795                         VN_RELE(fsp->hsfs_rootvp);
 796                         bcopy(svp, &fsp->hsfs_vol, sizeof (struct hs_volume));
 797                         fsp->hsfs_vol_type = HS_VOL_TYPE_ISO_V2;
 798                         vfsp->vfs_bsize = fsp->hsfs_vol.lbn_size;
 799                         redo_rootvp = 1;
 800                         has_joliet = 0;
 801                 } else if (has_joliet && !force_joliet_off) {
 802                         VN_RELE(fsp->hsfs_rootvp);
 803                         bcopy(jvp, &fsp->hsfs_vol, sizeof (struct hs_volume));
 804                         fsp->hsfs_vol_type = HS_VOL_TYPE_JOLIET;
 805                         vfsp->vfs_bsize = fsp->hsfs_vol.lbn_size;
 806                         redo_rootvp = 1;
 807                         has_vers2 = 0;
 808                 }
 809         }
 810 
 811         if (redo_rootvp) {
 812                 /*
 813                  * Make sure not to use Rock Ridge.
 814                  */
 815                 UNSET_IMPL_BIT(fsp, RRIP_BIT);
 816                 UNSET_SUSP_BIT(fsp);
 817                 has_rrip = 0;
 818 
 819                 if (!hs_getrootvp(vfsp, fsp, pathbufsz)) {
 820                         DTRACE_PROBE1(rootvp__failed, struct hsfs *, fsp);
 821                         error = EINVAL;
 822                         goto cleanup;
 823                 }
 824                 DTRACE_PROBE1(rootvp, struct hsfs *, fsp);
 825         }
 826         if (IS_RRIP_IMPLEMENTED(fsp)) {
 827                 has_vers2 = 0;
 828                 has_joliet = 0;
 829         }
 830         if (force_vers2_off)
 831                 has_vers2 = 0;
 832         if (force_joliet_off)
 833                 has_joliet = 0;
 834         DTRACE_PROBE4(voltype__taken, struct hsfs *, fsp,
 835             int, has_rrip, int, has_vers2, int, has_joliet);
 836 
 837         /*
 838          * mark root node as VROOT
 839          */
 840         fsp->hsfs_rootvp->v_flag |= VROOT;
 841 
 842         /* Here we take care of some special case stuff for mountroot */
 843         if (isroot) {
 844                 fsp->hsfs_rootvp->v_rdev = devvp->v_rdev;
 845                 rootvp = fsp->hsfs_rootvp;
 846         }
 847 
 848         if (IS_RRIP_IMPLEMENTED(fsp)) {
 849                 /*
 850                  * if RRIP, don't copy NOMAPLCASE or NOTRAILDOT to hsfs_flags
 851                  */
 852                 mount_flags &= ~(HSFSMNT_NOMAPLCASE | HSFSMNT_NOTRAILDOT);
 853 
 854                 fsp->hsfs_namemax = RRIP_FILE_NAMELEN;
 855                 fsp->hsfs_namelen = RRIP_FILE_NAMELEN;
 856 
 857                 ASSERT(vfs_optionisset(vfsp, HOPT_RR, NULL));
 858                 vfs_clearmntopt(vfsp, HOPT_VERS2);
 859                 vfs_clearmntopt(vfsp, HOPT_JOLIET);
 860 
 861         } else switch (fsp->hsfs_vol_type) {
 862 
 863         case HS_VOL_TYPE_HS:
 864         case HS_VOL_TYPE_ISO:
 865         default:
 866                 /*
 867                  * if iso v1, don't allow trailing spaces in iso file names
 868                  */
 869                 mount_flags |= HSFSMNT_NOTRAILSPACE;
 870                 fsp->hsfs_namemax = ISO_NAMELEN_V2_MAX;
 871                 fsp->hsfs_namelen = ISO_FILE_NAMELEN;
 872                 vfs_clearmntopt(vfsp, HOPT_RR);
 873                 vfs_clearmntopt(vfsp, HOPT_VERS2);
 874                 vfs_clearmntopt(vfsp, HOPT_JOLIET);
 875                 break;
 876 
 877         case HS_VOL_TYPE_ISO_V2:
 878                 /*
 879                  * if iso v2, don't copy NOTRAILDOT to hsfs_flags
 880                  */
 881                 mount_flags &= ~HSFSMNT_NOTRAILDOT;
 882                 mount_flags |= HSFSMNT_NOMAPLCASE | HSFSMNT_NOVERSION;
 883                 fsp->hsfs_namemax = ISO_NAMELEN_V2_MAX;
 884                 fsp->hsfs_namelen = ISO_NAMELEN_V2;
 885                 vfs_setmntopt(vfsp, HOPT_VERS2, NULL, 0);
 886                 vfs_clearmntopt(vfsp, HOPT_RR);
 887                 vfs_clearmntopt(vfsp, HOPT_JOLIET);
 888                 break;
 889 
 890         case HS_VOL_TYPE_JOLIET:
 891                 /*
 892                  * if Joliet, don't copy NOMAPLCASE or NOTRAILDOT to hsfs_flags
 893                  */
 894                 mount_flags &= ~(HSFSMNT_NOMAPLCASE | HSFSMNT_NOTRAILDOT);
 895                 mount_flags |= HSFSMNT_NOMAPLCASE;
 896                 if (mount_flags & HSFSMNT_JOLIETLONG)
 897                         fsp->hsfs_namemax = JOLIET_NAMELEN_MAX*3; /* UTF-8 */
 898                 else
 899                         fsp->hsfs_namemax = MAXNAMELEN-1;
 900                 fsp->hsfs_namelen = JOLIET_NAMELEN*2;
 901                 vfs_setmntopt(vfsp, HOPT_JOLIET, NULL, 0);
 902                 vfs_clearmntopt(vfsp, HOPT_RR);
 903                 vfs_clearmntopt(vfsp, HOPT_VERS2);
 904                 break;
 905         }
 906 
 907         /*
 908          * Add the HSFSMNT_INODE pseudo mount flag to the current mount flags.
 909          */
 910         fsp->hsfs_flags = mount_flags | (fsp->hsfs_flags & HSFSMNT_INODE);
 911 
 912         /*
 913          * Setup I/O Scheduling structures
 914          */
 915         if (do_schedio) {
 916                 fsp->hqueue = kmem_alloc(sizeof (struct hsfs_queue), KM_SLEEP);
 917                 hsched_init(fsp, fsid, &modlinkage);
 918         }
 919 
 920         /*
 921          * Setup kstats
 922          */
 923         hsfs_init_kstats(fsp, fsid);
 924 
 925         DTRACE_PROBE1(mount__done, struct hsfs *, fsp);
 926 
 927         /*
 928          * set the magic word
 929          */
 930         fsp->hsfs_magic = HSFS_MAGIC;
 931         mutex_exit(&hs_mounttab_lock);
 932 
 933         kmem_free(svp, sizeof (*svp));
 934         kmem_free(jvp, sizeof (*jvp));
 935 
 936         return (0);
 937 
 938 cleanup:
 939         (void) VOP_CLOSE(devvp, FREAD, 1, (offset_t)0, cr, NULL);
 940         VN_RELE(devvp);
 941         if (fsp)
 942                 kmem_free(fsp, sizeof (*fsp));
 943         if (svp)
 944                 kmem_free(svp, sizeof (*svp));
 945         if (jvp)
 946                 kmem_free(jvp, sizeof (*jvp));
 947         return (error);
 948 }
 949 
 950 /*
 951  * Get the rootvp associated with fsp->hsfs_vol
 952  */
 953 static int
 954 hs_getrootvp(
 955         struct vfs      *vfsp,
 956         struct hsfs     *fsp,
 957         size_t          pathsize)
 958 {
 959         struct hsnode   *hp;
 960 
 961         ASSERT(pathsize == strlen(fsp->hsfs_fsmnt) + 1);
 962 
 963         /*
 964          * If the root directory does not appear to be
 965          * valid, use what it points to as "." instead.
 966          * Some Defense Mapping Agency disks are non-conformant
 967          * in this way.
 968          */
 969         if (!hsfs_valid_dir(&fsp->hsfs_vol.root_dir)) {
 970                 hs_log_bogus_disk_warning(fsp, HSFS_ERR_BAD_ROOT_DIR, 0);
 971                 if (hs_remakenode(fsp->hsfs_vol.root_dir.ext_lbn,
 972                     (uint_t)0, vfsp, &fsp->hsfs_rootvp)) {
 973                         hs_mounttab = hs_mounttab->hsfs_next;
 974                         mutex_destroy(&fsp->hsfs_free_lock);
 975                         rw_destroy(&fsp->hsfs_hash_lock);
 976                         kmem_free(fsp->hsfs_fsmnt, pathsize);
 977                         mutex_exit(&hs_mounttab_lock);
 978                         return (0);
 979                 }
 980         } else {
 981                 fsp->hsfs_rootvp = hs_makenode(&fsp->hsfs_vol.root_dir,
 982                     fsp->hsfs_vol.root_dir.ext_lbn, 0, vfsp);
 983         }
 984 
 985         /* XXX - ignore the path table for now */
 986         fsp->hsfs_ptbl = NULL;
 987         hp = VTOH(fsp->hsfs_rootvp);
 988         hp->hs_ptbl_idx = NULL;
 989 
 990         return (1);
 991 }
 992 
 993 /*
 994  * hs_findhsvol()
 995  *
 996  * Locate the Standard File Structure Volume Descriptor and
 997  * parse it into an hs_volume structure.
 998  *
 999  * XXX - May someday want to look for Coded Character Set FSVD, too.
1000  */
1001 static int
1002 hs_findhsvol(struct hsfs *fsp, struct vnode *vp, struct hs_volume *hvp)
1003 {
1004         struct buf *secbp;
1005         int i;
1006         int n;
1007         uchar_t *volp;
1008         int error;
1009         uint_t secno;
1010 
1011         secno = hs_findvoldesc(vp->v_rdev, HS_VOLDESC_SEC);
1012         secbp = bread(vp->v_rdev, secno * 4, HS_SECTOR_SIZE);
1013         error = geterror(secbp);
1014 
1015         if (error != 0) {
1016                 cmn_err(CE_NOTE, "hs_findhsvol: bread: error=(%d)", error);
1017                 brelse(secbp);
1018                 return (error);
1019         }
1020 
1021         volp = (uchar_t *)secbp->b_un.b_addr;
1022 
1023         /*
1024          * To avoid that we read the whole medium in case that someone prepares
1025          * a malicious "fs image", we read at most 32 blocks.
1026          */
1027         for (n = 0; n < 32 &&
1028             HSV_DESC_TYPE(volp) != VD_EOV; n++) {
1029                 for (i = 0; i < HSV_ID_STRLEN; i++)
1030                         if (HSV_STD_ID(volp)[i] != HSV_ID_STRING[i])
1031                                 goto cantfind;
1032                 if (HSV_STD_VER(volp) != HSV_ID_VER)
1033                         goto cantfind;
1034                 switch (HSV_DESC_TYPE(volp)) {
1035                 case VD_SFS:
1036                         /* Standard File Structure */
1037                         fsp->hsfs_vol_type = HS_VOL_TYPE_HS;
1038                         error = hs_parsehsvol(fsp, volp, hvp);
1039                         brelse(secbp);
1040                         return (error);
1041 
1042                 case VD_CCFS:
1043                         /* Coded Character File Structure */
1044                 case VD_BOOT:
1045                 case VD_UNSPEC:
1046                 case VD_EOV:
1047                         break;
1048                 }
1049                 brelse(secbp);
1050                 ++secno;
1051                 secbp = bread(vp->v_rdev, secno * 4, HS_SECTOR_SIZE);
1052 
1053                 error = geterror(secbp);
1054 
1055                 if (error != 0) {
1056                         cmn_err(CE_NOTE, "hs_findhsvol: bread: error=(%d)",
1057                             error);
1058                         brelse(secbp);
1059                         return (error);
1060                 }
1061 
1062                 volp = (uchar_t *)secbp->b_un.b_addr;
1063         }
1064 cantfind:
1065         brelse(secbp);
1066         return (EINVAL);
1067 }
1068 
1069 /*
1070  * hs_parsehsvol
1071  *
1072  * Parse the Standard File Structure Volume Descriptor into
1073  * an hs_volume structure.  We can't just bcopy it into the
1074  * structure because of byte-ordering problems.
1075  *
1076  */
1077 static int
1078 hs_parsehsvol(struct hsfs *fsp, uchar_t *volp, struct hs_volume *hvp)
1079 {
1080         hvp->vol_size = HSV_VOL_SIZE(volp);
1081         hvp->lbn_size = HSV_BLK_SIZE(volp);
1082         if (hvp->lbn_size == 0) {
1083                 cmn_err(CE_NOTE, "hs_parsehsvol: logical block size in the "
1084                     "SFSVD is zero");
1085                 return (EINVAL);
1086         }
1087         hvp->lbn_shift = ffs((long)hvp->lbn_size) - 1;
1088         hvp->lbn_secshift =
1089             ffs((long)howmany(HS_SECTOR_SIZE, (int)hvp->lbn_size)) - 1;
1090         hvp->lbn_maxoffset = hvp->lbn_size - 1;
1091         hs_parse_longdate(HSV_cre_date(volp), &hvp->cre_date);
1092         hs_parse_longdate(HSV_mod_date(volp), &hvp->mod_date);
1093         hvp->file_struct_ver = HSV_FILE_STRUCT_VER(volp);
1094         hvp->ptbl_len = HSV_PTBL_SIZE(volp);
1095         hvp->vol_set_size = (ushort_t)HSV_SET_SIZE(volp);
1096         hvp->vol_set_seq = (ushort_t)HSV_SET_SEQ(volp);
1097 #if defined(_LITTLE_ENDIAN)
1098         hvp->ptbl_lbn = HSV_PTBL_MAN_LS(volp);
1099 #else
1100         hvp->ptbl_lbn = HSV_PTBL_MAN_MS(volp);
1101 #endif
1102         hs_copylabel(hvp, HSV_VOL_ID(volp), 0);
1103 
1104         /*
1105          * Make sure that lbn_size is a power of two and otherwise valid.
1106          */
1107         if (hvp->lbn_size & ~(1 << hvp->lbn_shift)) {
1108                 cmn_err(CE_NOTE,
1109                     "hsfs: %d-byte logical block size not supported",
1110                     hvp->lbn_size);
1111                 return (EINVAL);
1112         }
1113         return (hs_parsedir(fsp, HSV_ROOT_DIR(volp), &hvp->root_dir,
1114             (char *)NULL, (int *)NULL, HDE_ROOT_DIR_REC_SIZE));
1115 }
1116 
1117 /*
1118  * hs_findisovol()
1119  *
1120  * Locate the Primary Volume Descriptor
1121  * parse it into an hs_volume structure.
1122  *
1123  * XXX - Partition not yet done
1124  *
1125  * Except for fsp->hsfs_vol_type, no fsp member may be modified.
1126  * fsp->hsfs_vol is modified indirectly via the *hvp argument.
1127  */
1128 static int
1129 hs_findisovol(struct hsfs *fsp, struct vnode *vp,
1130     struct hs_volume *hvp,
1131     struct hs_volume *svp,
1132     struct hs_volume *jvp)
1133 {
1134         struct buf *secbp;
1135         int i;
1136         int n;
1137         uchar_t *volp;
1138         int error;
1139         uint_t secno;
1140         int foundpvd = 0;
1141         int foundsvd = 0;
1142         int foundjvd = 0;
1143         int pvd_sum = 0;
1144 
1145         secno = hs_findvoldesc(vp->v_rdev, ISO_VOLDESC_SEC);
1146         secbp = bread(vp->v_rdev, secno * 4, ISO_SECTOR_SIZE);
1147         error = geterror(secbp);
1148 
1149         if (error != 0) {
1150                 cmn_err(CE_NOTE, "hs_findisovol: bread: error=(%d)", error);
1151                 brelse(secbp);
1152                 return (error);
1153         }
1154 
1155         volp = (uchar_t *)secbp->b_un.b_addr;
1156 
1157         /*
1158          * To avoid that we read the whole medium in case that someone prepares
1159          * a malicious "fs image", we read at most 32 blocks.
1160          */
1161         for (n = 0; n < 32 && ISO_DESC_TYPE(volp) != ISO_VD_EOV; n++) {
1162                 for (i = 0; i < ISO_ID_STRLEN; i++)
1163                         if (ISO_STD_ID(volp)[i] != ISO_ID_STRING[i])
1164                                 goto cantfind;
1165                 switch (ISO_DESC_TYPE(volp)) {
1166                 case ISO_VD_PVD:
1167                         /* Standard File Structure */
1168                         if (ISO_STD_VER(volp) != ISO_ID_VER)
1169                                 goto cantfind;
1170                         if (foundpvd != 1) {
1171                                 fsp->hsfs_vol_type = HS_VOL_TYPE_ISO;
1172                                 if (error = hs_parseisovol(fsp, volp, hvp)) {
1173                                         brelse(secbp);
1174                                         return (error);
1175                                 }
1176                                 foundpvd = 1;
1177                                 for (i = 0; i < ISO_SECTOR_SIZE; i++)
1178                                         pvd_sum += volp[i];
1179                         }
1180                         break;
1181                 case ISO_VD_SVD:
1182                         /* Supplementary Volume Descriptor */
1183                         if (ISO_STD_VER(volp) == ISO_ID_VER2 &&
1184                             foundsvd != 1) {
1185                                 fsp->hsfs_vol_type = HS_VOL_TYPE_ISO;
1186                                 if (error = hs_parseisovol(fsp, volp, svp)) {
1187                                         brelse(secbp);
1188                                         return (error);
1189                                 }
1190                                 foundsvd = 1;
1191                         }
1192                         if (hs_joliet_level(volp) >= 1 && foundjvd != 1) {
1193                                 fsp->hsfs_vol_type = HS_VOL_TYPE_ISO;
1194                                 if (error = hs_parseisovol(fsp, volp, jvp)) {
1195                                         brelse(secbp);
1196                                         return (error);
1197                                 }
1198                                 foundjvd = 1;
1199                         }
1200                         break;
1201                 case ISO_VD_BOOT:
1202                         break;
1203                 case ISO_VD_VPD:
1204                         /* currently cannot handle partition */
1205                         break;
1206                 case VD_EOV:
1207                         break;
1208                 }
1209                 brelse(secbp);
1210                 ++secno;
1211                 secbp = bread(vp->v_rdev, secno * 4, HS_SECTOR_SIZE);
1212                 error = geterror(secbp);
1213 
1214                 if (error != 0) {
1215                         cmn_err(CE_NOTE, "hs_findisovol: bread: error=(%d)",
1216                             error);
1217                         brelse(secbp);
1218                         return (error);
1219                 }
1220 
1221                 volp = (uchar_t *)secbp->b_un.b_addr;
1222         }
1223         for (n = 0; n < 16; n++) {
1224                 brelse(secbp);
1225                 ++secno;
1226                 secbp = bread(vp->v_rdev, secno * 4, HS_SECTOR_SIZE);
1227                 error = geterror(secbp);
1228 
1229                 if (error != 0) {
1230                         cmn_err(CE_NOTE, "hs_findisovol: bread: error=(%d)",
1231                             error);
1232                         brelse(secbp);
1233                         return (error);
1234                 }
1235 
1236                 /*
1237                  * Check for the signature from mkisofs that grants that
1238                  * the current filesystem allows to use the extent lbn as
1239                  * inode number even in pure ISO9660 mode.
1240                  */
1241                 volp = (uchar_t *)secbp->b_un.b_addr;
1242                 if (strncmp((char *)volp, "MKI ", 4) == 0) {
1243                         int     sum;
1244 
1245                         sum  = volp[2045];
1246                         sum *= 256;
1247                         sum += volp[2046];
1248                         sum *= 256;
1249                         sum += volp[2047];
1250                         if (sum == pvd_sum)
1251                                 fsp->hsfs_flags |= HSFSMNT_INODE;
1252                         break;
1253                 }
1254         }
1255         if (foundpvd) {
1256                 brelse(secbp);
1257                 return (0);
1258         }
1259 cantfind:
1260         brelse(secbp);
1261         return (EINVAL);
1262 }
1263 
1264 /*
1265  * Return 0 if no Joliet is found
1266  * else return Joliet Level 1..3
1267  */
1268 static int
1269 hs_joliet_level(uchar_t *volp)
1270 {
1271         if (ISO_std_ver(volp)[0] == ISO_ID_VER &&
1272             ISO_svd_esc(volp)[0] == '%' &&
1273             ISO_svd_esc(volp)[1] == '/') {
1274 
1275                 switch (ISO_svd_esc(volp)[2]) {
1276 
1277                 case '@':
1278                         return (1);
1279                 case 'C':
1280                         return (2);
1281                 case 'E':
1282                         return (3);
1283                 }
1284         }
1285         return (0);
1286 }
1287 
1288 /*
1289  * hs_parseisovol
1290  *
1291  * Parse the Primary Volume Descriptor into an hs_volume structure.
1292  *
1293  */
1294 static int
1295 hs_parseisovol(struct hsfs *fsp, uchar_t *volp, struct hs_volume *hvp)
1296 {
1297         hvp->vol_size = ISO_VOL_SIZE(volp);
1298         hvp->lbn_size = ISO_BLK_SIZE(volp);
1299         if (hvp->lbn_size == 0) {
1300                 cmn_err(CE_NOTE, "hs_parseisovol: logical block size in the "
1301                     "PVD is zero");
1302                 return (EINVAL);
1303         }
1304         hvp->lbn_shift = ffs((long)hvp->lbn_size) - 1;
1305         hvp->lbn_secshift =
1306             ffs((long)howmany(ISO_SECTOR_SIZE, (int)hvp->lbn_size)) - 1;
1307         hvp->lbn_maxoffset = hvp->lbn_size - 1;
1308         hs_parse_longdate(ISO_cre_date(volp), &hvp->cre_date);
1309         hs_parse_longdate(ISO_mod_date(volp), &hvp->mod_date);
1310         hvp->file_struct_ver = ISO_FILE_STRUCT_VER(volp);
1311         hvp->ptbl_len = ISO_PTBL_SIZE(volp);
1312         hvp->vol_set_size = (ushort_t)ISO_SET_SIZE(volp);
1313         hvp->vol_set_seq = (ushort_t)ISO_SET_SEQ(volp);
1314 #if defined(_LITTLE_ENDIAN)
1315         hvp->ptbl_lbn = ISO_PTBL_MAN_LS(volp);
1316 #else
1317         hvp->ptbl_lbn = ISO_PTBL_MAN_MS(volp);
1318 #endif
1319         hs_copylabel(hvp, ISO_VOL_ID(volp), hs_joliet_level(volp) >= 1);
1320 
1321         /*
1322          * Make sure that lbn_size is a power of two and otherwise valid.
1323          */
1324         if (hvp->lbn_size & ~(1 << hvp->lbn_shift)) {
1325                 cmn_err(CE_NOTE,
1326                     "hsfs: %d-byte logical block size not supported",
1327                     hvp->lbn_size);
1328                 return (EINVAL);
1329         }
1330         return (hs_parsedir(fsp, ISO_ROOT_DIR(volp), &hvp->root_dir,
1331             (char *)NULL, (int *)NULL, IDE_ROOT_DIR_REC_SIZE));
1332 }
1333 
1334 /*
1335  * Common code for mount and umount.
1336  * Check that the user's argument is a reasonable
1337  * thing on which to mount, and return the device number if so.
1338  */
1339 static int
1340 hs_getmdev(struct vfs *vfsp, char *fspec, int flags, dev_t *pdev, mode_t *mode,
1341     cred_t *cr)
1342 {
1343         int error;
1344         struct vnode *svp = NULL;
1345         struct vnode *lvp = NULL;
1346         struct vnode *bvp;
1347         struct vattr vap;
1348         dev_t dev;
1349         enum uio_seg fromspace = (flags & MS_SYSSPACE) ?
1350             UIO_SYSSPACE : UIO_USERSPACE;
1351 
1352         /*
1353          * Look up the device/file to be mounted.
1354          */
1355         error = lookupname(fspec, fromspace, FOLLOW, NULLVPP, &svp);
1356         if (error) {
1357                 if (error == ENOENT)
1358                         error = ENODEV;
1359                 goto out;
1360         }
1361 
1362         error = vfs_get_lofi(vfsp, &lvp);
1363 
1364         if (error > 0) {
1365                 if (error == ENOENT)
1366                         error = ENODEV;
1367                 goto out;
1368         } else if (error == 0) {
1369                 bvp = lvp;
1370         } else {
1371                 bvp = svp;
1372 
1373                 if (bvp->v_type != VBLK) {
1374                         error = ENOTBLK;
1375                         goto out;
1376                 }
1377 
1378                 if ((error = secpolicy_spec_open(cr, bvp, FREAD)) != 0)
1379                         goto out;
1380         }
1381 
1382         /*
1383          * Can we read from the device/file ?
1384          */
1385         if ((error = VOP_ACCESS(svp, VREAD, 0, cr, NULL)) != 0)
1386                 goto out;
1387 
1388         vap.va_mask = AT_MODE;          /* get protection mode */
1389         (void) VOP_GETATTR(bvp, &vap, 0, CRED(), NULL);
1390         *mode = vap.va_mode;
1391 
1392         dev = *pdev = bvp->v_rdev;
1393 
1394         error = EBUSY;
1395 
1396         /*
1397          * Ensure that this device isn't already mounted,
1398          * unless this is a REMOUNT request or we are told to suppress
1399          * mount checks.
1400          */
1401         if ((flags & MS_NOCHECK) == 0) {
1402                 if (vfs_devmounting(dev, vfsp))
1403                         goto out;
1404                 if (vfs_devismounted(dev) && !(flags & MS_REMOUNT))
1405                         goto out;
1406         }
1407 
1408         if (getmajor(*pdev) >= devcnt) {
1409                 error = ENXIO;
1410                 goto out;
1411         }
1412 
1413         error = 0;
1414 out:
1415         if (svp != NULL)
1416                 VN_RELE(svp);
1417         if (lvp != NULL)
1418                 VN_RELE(lvp);
1419         return (error);
1420 }
1421 
1422 static void
1423 hs_copylabel(struct hs_volume *hvp, unsigned char *label, int isjoliet)
1424 {
1425         char    lbuf[64];       /* hs_joliet_cp() creates 48 bytes at most */
1426 
1427         if (isjoliet) {
1428                 /*
1429                  * hs_joliet_cp() will output 16..48 bytes.
1430                  * We need to clear 'lbuf' to avoid junk chars past byte 15.
1431                  */
1432                 bzero(lbuf, sizeof (lbuf));
1433                 (void) hs_joliet_cp((char *)label, lbuf, 32);
1434                 label = (unsigned char *)lbuf;
1435         }
1436         /* cdrom volid is at most 32 bytes */
1437         bcopy(label, hvp->vol_id, 32);
1438         hvp->vol_id[31] = NULL;
1439 }
1440 
1441 /*
1442  * Mount root file system.
1443  * "why" is ROOT_INIT on initial call, ROOT_REMOUNT if called to
1444  * remount the root file system, and ROOT_UNMOUNT if called to
1445  * unmount the root (e.g., as part of a system shutdown).
1446  *
1447  * XXX - this may be partially machine-dependent; it, along with the VFS_SWAPVP
1448  * operation, goes along with auto-configuration.  A mechanism should be
1449  * provided by which machine-INdependent code in the kernel can say "get me the
1450  * right root file system" and "get me the right initial swap area", and have
1451  * that done in what may well be a machine-dependent fashion.
1452  * Unfortunately, it is also file-system-type dependent (NFS gets it via
1453  * bootparams calls, UFS gets it from various and sundry machine-dependent
1454  * mechanisms, as SPECFS does for swap).
1455  */
1456 static int
1457 hsfs_mountroot(struct vfs *vfsp, enum whymountroot why)
1458 {
1459         int error;
1460         struct hsfs *fsp;
1461         struct hs_volume *fvolp;
1462         static int hsfsrootdone = 0;
1463         dev_t rootdev;
1464         mode_t mode = 0;
1465 
1466         if (why == ROOT_INIT) {
1467                 if (hsfsrootdone++)
1468                         return (EBUSY);
1469                 rootdev = getrootdev();
1470                 if (rootdev == (dev_t)NODEV)
1471                         return (ENODEV);
1472                 vfsp->vfs_dev = rootdev;
1473                 vfsp->vfs_flag |= VFS_RDONLY;
1474         } else if (why == ROOT_REMOUNT) {
1475                 cmn_err(CE_NOTE, "hsfs_mountroot: ROOT_REMOUNT");
1476                 return (0);
1477         } else if (why == ROOT_UNMOUNT) {
1478                 return (0);
1479         }
1480         error = vfs_lock(vfsp);
1481         if (error) {
1482                 cmn_err(CE_NOTE, "hsfs_mountroot: couldn't get vfs_lock");
1483                 return (error);
1484         }
1485 
1486         error = hs_mountfs(vfsp, rootdev, "/", mode, 1, CRED(), 1);
1487         /*
1488          * XXX - assumes root device is not indirect, because we don't set
1489          * rootvp.  Is rootvp used for anything?  If so, make another arg
1490          * to mountfs.
1491          */
1492         if (error) {
1493                 vfs_unlock(vfsp);
1494                 if (rootvp) {
1495                         VN_RELE(rootvp);
1496                         rootvp = (struct vnode *)0;
1497                 }
1498                 return (error);
1499         }
1500         if (why == ROOT_INIT)
1501                 vfs_add((struct vnode *)0, vfsp,
1502                     (vfsp->vfs_flag & VFS_RDONLY) ? MS_RDONLY : 0);
1503         vfs_unlock(vfsp);
1504         fsp = VFS_TO_HSFS(vfsp);
1505         fvolp = &fsp->hsfs_vol;
1506 #ifdef HSFS_CLKSET
1507         if (fvolp->cre_date.tv_sec == 0) {
1508                 cmn_err(CE_NOTE, "hsfs_mountroot: cre_date.tv_sec == 0");
1509                 if (fvolp->mod_date.tv_sec == 0) {
1510                         cmn_err(CE_NOTE,
1511                             "hsfs_mountroot: mod_date.tv_sec == 0");
1512                         cmn_err(CE_NOTE, "hsfs_mountroot: clkset(-1L)");
1513                         clkset(-1L);
1514                 } else {
1515                         clkset(fvolp->mod_date.tv_sec);
1516                 }
1517         } else {
1518                 clkset(fvolp->mod_date.tv_sec);
1519         }
1520 #else   /* HSFS_CLKSET */
1521         clkset(-1L);
1522 #endif  /* HSFS_CLKSET */
1523         return (0);
1524 }
1525 
1526 /*
1527  * hs_findvoldesc()
1528  *
1529  * Return the sector where the volume descriptor lives.  This is
1530  * a fixed value for "normal" cd-rom's, but can change for
1531  * multisession cd's.
1532  *
1533  * desc_sec is the same for high-sierra and iso 9660 formats, why
1534  * there are two different #defines used in the code for this is
1535  * beyond me.  These are standards, cast in concrete, right?
1536  * To be general, however, this function supports passing in different
1537  * values.
1538  */
1539 static int
1540 hs_findvoldesc(dev_t rdev, int desc_sec)
1541 {
1542         int secno;
1543         int error;
1544         int rval;       /* ignored */
1545 
1546 #ifdef CDROMREADOFFSET
1547         /*
1548          * Issue the Read Offset ioctl directly to the
1549          * device. Ignore any errors and set starting
1550          * secno to the default, otherwise add the
1551          * VOLDESC sector number to the offset.
1552          */
1553         error = cdev_ioctl(rdev, CDROMREADOFFSET, (intptr_t)&secno,
1554             FNATIVE|FKIOCTL|FREAD, CRED(), &rval);
1555         if (error) {
1556                 secno = desc_sec;
1557         } else {
1558                 secno += desc_sec;
1559         }
1560 #else
1561         secno = desc_sec;
1562 #endif
1563 
1564         return (secno);
1565 }