Print this page
6879933 Let SMBFS support extensible attributes per. PSARC 2007/315
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/smbclnt/smbfs/smbfs_vfsops.c
+++ new/usr/src/uts/common/fs/smbclnt/smbfs/smbfs_vfsops.c
1 1 /*
2 2 * Copyright (c) 2000-2001, Boris Popov
3 3 * All rights reserved.
4 4 *
5 5 * Redistribution and use in source and binary forms, with or without
6 6 * modification, are permitted provided that the following conditions
7 7 * are met:
8 8 * 1. Redistributions of source code must retain the above copyright
9 9 * notice, this list of conditions and the following disclaimer.
10 10 * 2. Redistributions in binary form must reproduce the above copyright
11 11 * notice, this list of conditions and the following disclaimer in the
12 12 * documentation and/or other materials provided with the distribution.
13 13 * 3. All advertising materials mentioning features or use of this software
14 14 * must display the following acknowledgement:
15 15 * This product includes software developed by Boris Popov.
16 16 * 4. Neither the name of the author nor the names of any co-contributors
17 17 * may be used to endorse or promote products derived from this software
18 18 * without specific prior written permission.
19 19 *
20 20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
21 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
24 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 30 * SUCH DAMAGE.
31 31 *
32 32 * $Id: smbfs_vfsops.c,v 1.73.64.1 2005/05/27 02:35:28 lindak Exp $
33 33 */
34 34
35 35 /*
36 36 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
37 37 */
38 38
39 39 #include <sys/systm.h>
40 40 #include <sys/cred.h>
41 41 #include <sys/time.h>
42 42 #include <sys/vfs.h>
43 43 #include <sys/vnode.h>
44 44 #include <fs/fs_subr.h>
45 45 #include <sys/sysmacros.h>
46 46 #include <sys/kmem.h>
47 47 #include <sys/mkdev.h>
48 48 #include <sys/mount.h>
49 49 #include <sys/statvfs.h>
50 50 #include <sys/errno.h>
51 51 #include <sys/debug.h>
52 52 #include <sys/cmn_err.h>
53 53 #include <sys/modctl.h>
54 54 #include <sys/policy.h>
55 55 #include <sys/atomic.h>
56 56 #include <sys/zone.h>
57 57 #include <sys/vfs_opreg.h>
58 58 #include <sys/mntent.h>
59 59 #include <sys/priv.h>
60 60 #include <sys/tsol/label.h>
61 61 #include <sys/tsol/tndb.h>
62 62 #include <inet/ip.h>
63 63
64 64 #include <netsmb/smb_osdep.h>
65 65 #include <netsmb/smb.h>
66 66 #include <netsmb/smb_conn.h>
67 67 #include <netsmb/smb_subr.h>
68 68 #include <netsmb/smb_dev.h>
69 69
70 70 #include <smbfs/smbfs.h>
71 71 #include <smbfs/smbfs_node.h>
72 72 #include <smbfs/smbfs_subr.h>
73 73
74 74 /*
75 75 * Local functions definitions.
76 76 */
77 77 int smbfsinit(int fstyp, char *name);
78 78 void smbfsfini();
79 79 static int smbfs_mount_label_policy(vfs_t *, void *, int, cred_t *);
80 80
81 81 /*
82 82 * SMBFS Mount options table for MS_OPTIONSTR
83 83 * Note: These are not all the options.
84 84 * Some options come in via MS_DATA.
85 85 * Others are generic (see vfs.c)
86 86 */
87 87 static char *intr_cancel[] = { MNTOPT_NOINTR, NULL };
88 88 static char *nointr_cancel[] = { MNTOPT_INTR, NULL };
89 89 static char *acl_cancel[] = { MNTOPT_NOACL, NULL };
90 90 static char *noacl_cancel[] = { MNTOPT_ACL, NULL };
91 91 static char *xattr_cancel[] = { MNTOPT_NOXATTR, NULL };
92 92 static char *noxattr_cancel[] = { MNTOPT_XATTR, NULL };
93 93
94 94 static mntopt_t mntopts[] = {
95 95 /*
96 96 * option name cancel option default arg flags
97 97 * ufs arg flag
98 98 */
99 99 { MNTOPT_INTR, intr_cancel, NULL, MO_DEFAULT, 0 },
100 100 { MNTOPT_NOINTR, nointr_cancel, NULL, 0, 0 },
101 101 { MNTOPT_ACL, acl_cancel, NULL, MO_DEFAULT, 0 },
102 102 { MNTOPT_NOACL, noacl_cancel, NULL, 0, 0 },
103 103 { MNTOPT_XATTR, xattr_cancel, NULL, MO_DEFAULT, 0 },
104 104 { MNTOPT_NOXATTR, noxattr_cancel, NULL, 0, 0 }
105 105 };
106 106
107 107 static mntopts_t smbfs_mntopts = {
108 108 sizeof (mntopts) / sizeof (mntopt_t),
109 109 mntopts
110 110 };
111 111
112 112 static const char fs_type_name[FSTYPSZ] = "smbfs";
113 113
114 114 static vfsdef_t vfw = {
115 115 VFSDEF_VERSION,
116 116 (char *)fs_type_name,
117 117 smbfsinit, /* init routine */
118 118 VSW_HASPROTO|VSW_NOTZONESAFE|VSW_ZMOUNT, /* flags */
119 119 &smbfs_mntopts /* mount options table prototype */
120 120 };
121 121
122 122 static struct modlfs modlfs = {
123 123 &mod_fsops,
124 124 "SMBFS filesystem",
125 125 &vfw
126 126 };
127 127
128 128 static struct modlinkage modlinkage = {
129 129 MODREV_1, (void *)&modlfs, NULL
130 130 };
131 131
132 132 /*
133 133 * Mutex to protect the following variables:
134 134 * smbfs_major
135 135 * smbfs_minor
136 136 */
137 137 extern kmutex_t smbfs_minor_lock;
138 138 extern int smbfs_major;
139 139 extern int smbfs_minor;
140 140
141 141 /*
142 142 * Prevent unloads while we have mounts
143 143 */
144 144 uint32_t smbfs_mountcount;
145 145
146 146 /*
147 147 * smbfs vfs operations.
148 148 */
149 149 static int smbfs_mount(vfs_t *, vnode_t *, struct mounta *, cred_t *);
150 150 static int smbfs_unmount(vfs_t *, int, cred_t *);
151 151 static int smbfs_root(vfs_t *, vnode_t **);
152 152 static int smbfs_statvfs(vfs_t *, statvfs64_t *);
153 153 static int smbfs_sync(vfs_t *, short, cred_t *);
154 154 static void smbfs_freevfs(vfs_t *);
155 155
156 156 /*
157 157 * Module loading
158 158 */
159 159
160 160 /*
161 161 * This routine is invoked automatically when the kernel module
162 162 * containing this routine is loaded. This allows module specific
163 163 * initialization to be done when the module is loaded.
164 164 */
165 165 int
166 166 _init(void)
167 167 {
168 168 int error;
169 169
170 170 /*
171 171 * Check compiled-in version of "nsmb"
172 172 * that we're linked with. (paranoid)
173 173 */
174 174 if (nsmb_version != NSMB_VERSION) {
175 175 cmn_err(CE_WARN, "_init: nsmb version mismatch");
176 176 return (ENOTTY);
177 177 }
178 178
179 179 smbfs_mountcount = 0;
180 180
181 181 /*
182 182 * NFS calls these two in _clntinit
183 183 * Easier to follow this way.
184 184 */
185 185 if ((error = smbfs_subrinit()) != 0) {
186 186 cmn_err(CE_WARN, "_init: smbfs_subrinit failed");
187 187 return (error);
188 188 }
189 189
190 190 if ((error = smbfs_vfsinit()) != 0) {
191 191 cmn_err(CE_WARN, "_init: smbfs_vfsinit failed");
192 192 smbfs_subrfini();
193 193 return (error);
194 194 }
195 195
196 196 if ((error = smbfs_clntinit()) != 0) {
197 197 cmn_err(CE_WARN, "_init: smbfs_clntinit failed");
198 198 smbfs_vfsfini();
199 199 smbfs_subrfini();
200 200 return (error);
201 201 }
202 202
203 203 error = mod_install((struct modlinkage *)&modlinkage);
204 204 return (error);
205 205 }
206 206
207 207 /*
208 208 * Free kernel module resources that were allocated in _init
209 209 * and remove the linkage information into the kernel
210 210 */
211 211 int
212 212 _fini(void)
213 213 {
214 214 int error;
215 215
216 216 /*
217 217 * If a forcedly unmounted instance is still hanging around,
218 218 * we cannot allow the module to be unloaded because that would
219 219 * cause panics once the VFS framework decides it's time to call
220 220 * into VFS_FREEVFS().
221 221 */
222 222 if (smbfs_mountcount)
223 223 return (EBUSY);
224 224
225 225 error = mod_remove(&modlinkage);
226 226 if (error)
227 227 return (error);
228 228
229 229 /*
230 230 * Free the allocated smbnodes, etc.
231 231 */
232 232 smbfs_clntfini();
233 233
234 234 /* NFS calls these two in _clntfini */
235 235 smbfs_vfsfini();
236 236 smbfs_subrfini();
237 237
238 238 /*
239 239 * Free the ops vectors
240 240 */
241 241 smbfsfini();
242 242 return (0);
243 243 }
244 244
245 245 /*
246 246 * Return information about the module
247 247 */
248 248 int
249 249 _info(struct modinfo *modinfop)
250 250 {
251 251 return (mod_info((struct modlinkage *)&modlinkage, modinfop));
252 252 }
253 253
254 254 /*
255 255 * Initialize the vfs structure
256 256 */
257 257
258 258 int smbfsfstyp;
259 259 vfsops_t *smbfs_vfsops = NULL;
260 260
261 261 static const fs_operation_def_t smbfs_vfsops_template[] = {
262 262 { VFSNAME_MOUNT, { .vfs_mount = smbfs_mount } },
263 263 { VFSNAME_UNMOUNT, { .vfs_unmount = smbfs_unmount } },
264 264 { VFSNAME_ROOT, { .vfs_root = smbfs_root } },
265 265 { VFSNAME_STATVFS, { .vfs_statvfs = smbfs_statvfs } },
266 266 { VFSNAME_SYNC, { .vfs_sync = smbfs_sync } },
267 267 { VFSNAME_VGET, { .error = fs_nosys } },
268 268 { VFSNAME_MOUNTROOT, { .error = fs_nosys } },
269 269 { VFSNAME_FREEVFS, { .vfs_freevfs = smbfs_freevfs } },
270 270 { NULL, NULL }
271 271 };
272 272
273 273 int
274 274 smbfsinit(int fstyp, char *name)
275 275 {
276 276 int error;
277 277
278 278 error = vfs_setfsops(fstyp, smbfs_vfsops_template, &smbfs_vfsops);
279 279 if (error != 0) {
280 280 zcmn_err(GLOBAL_ZONEID, CE_WARN,
281 281 "smbfsinit: bad vfs ops template");
282 282 return (error);
283 283 }
284 284
285 285 error = vn_make_ops(name, smbfs_vnodeops_template, &smbfs_vnodeops);
286 286 if (error != 0) {
287 287 (void) vfs_freevfsops_by_type(fstyp);
288 288 zcmn_err(GLOBAL_ZONEID, CE_WARN,
289 289 "smbfsinit: bad vnode ops template");
290 290 return (error);
291 291 }
292 292
293 293 smbfsfstyp = fstyp;
294 294
295 295 return (0);
296 296 }
297 297
298 298 void
299 299 smbfsfini()
300 300 {
301 301 if (smbfs_vfsops) {
302 302 (void) vfs_freevfsops_by_type(smbfsfstyp);
303 303 smbfs_vfsops = NULL;
304 304 }
305 305 if (smbfs_vnodeops) {
306 306 vn_freevnodeops(smbfs_vnodeops);
307 307 smbfs_vnodeops = NULL;
308 308 }
309 309 }
310 310
311 311 void
312 312 smbfs_free_smi(smbmntinfo_t *smi)
313 313 {
314 314 if (smi == NULL)
315 315 return;
316 316
317 317 if (smi->smi_zone_ref.zref_zone != NULL)
318 318 zone_rele_ref(&smi->smi_zone_ref, ZONE_REF_SMBFS);
319 319
320 320 if (smi->smi_share != NULL)
321 321 smb_share_rele(smi->smi_share);
322 322
323 323 avl_destroy(&smi->smi_hash_avl);
324 324 rw_destroy(&smi->smi_hash_lk);
325 325 cv_destroy(&smi->smi_statvfs_cv);
326 326 mutex_destroy(&smi->smi_lock);
327 327
328 328 kmem_free(smi, sizeof (smbmntinfo_t));
329 329 }
330 330
331 331 /*
332 332 * smbfs mount vfsop
333 333 * Set up mount info record and attach it to vfs struct.
334 334 */
335 335 static int
336 336 smbfs_mount(vfs_t *vfsp, vnode_t *mvp, struct mounta *uap, cred_t *cr)
337 337 {
338 338 char *data = uap->dataptr;
339 339 int error;
340 340 smbnode_t *rtnp = NULL; /* root of this fs */
341 341 smbmntinfo_t *smi = NULL;
342 342 dev_t smbfs_dev;
343 343 int version;
344 344 int devfd;
345 345 zone_t *zone = curproc->p_zone;
346 346 zone_t *mntzone = NULL;
347 347 smb_share_t *ssp = NULL;
348 348 smb_cred_t scred;
349 349 int flags, sec;
350 350
351 351 STRUCT_DECL(smbfs_args, args); /* smbfs mount arguments */
352 352
353 353 if ((error = secpolicy_fs_mount(cr, mvp, vfsp)) != 0)
354 354 return (error);
355 355
356 356 if (mvp->v_type != VDIR)
357 357 return (ENOTDIR);
358 358
359 359 /*
360 360 * get arguments
361 361 *
362 362 * uap->datalen might be different from sizeof (args)
363 363 * in a compatible situation.
364 364 */
365 365 STRUCT_INIT(args, get_udatamodel());
366 366 bzero(STRUCT_BUF(args), SIZEOF_STRUCT(smbfs_args, DATAMODEL_NATIVE));
367 367 if (copyin(data, STRUCT_BUF(args), MIN(uap->datalen,
368 368 SIZEOF_STRUCT(smbfs_args, DATAMODEL_NATIVE))))
369 369 return (EFAULT);
370 370
371 371 /*
372 372 * Check mount program version
373 373 */
374 374 version = STRUCT_FGET(args, version);
375 375 if (version != SMBFS_VERSION) {
376 376 cmn_err(CE_WARN, "mount version mismatch:"
377 377 " kernel=%d, mount=%d\n",
378 378 SMBFS_VERSION, version);
379 379 return (EINVAL);
380 380 }
381 381
382 382 /*
383 383 * Deal with re-mount requests.
384 384 */
385 385 if (uap->flags & MS_REMOUNT) {
386 386 cmn_err(CE_WARN, "MS_REMOUNT not implemented");
387 387 return (ENOTSUP);
388 388 }
389 389
390 390 /*
391 391 * Check for busy
392 392 */
393 393 mutex_enter(&mvp->v_lock);
394 394 if (!(uap->flags & MS_OVERLAY) &&
395 395 (mvp->v_count != 1 || (mvp->v_flag & VROOT))) {
396 396 mutex_exit(&mvp->v_lock);
397 397 return (EBUSY);
398 398 }
399 399 mutex_exit(&mvp->v_lock);
400 400
401 401 /*
402 402 * Get the "share" from the netsmb driver (ssp).
403 403 * It is returned with a "ref" (hold) for us.
404 404 * Release this hold: at errout below, or in
405 405 * smbfs_freevfs().
406 406 */
407 407 devfd = STRUCT_FGET(args, devfd);
408 408 error = smb_dev2share(devfd, &ssp);
409 409 if (error) {
410 410 cmn_err(CE_WARN, "invalid device handle %d (%d)\n",
411 411 devfd, error);
412 412 return (error);
413 413 }
414 414
415 415 /*
416 416 * Use "goto errout" from here on.
417 417 * See: ssp, smi, rtnp, mntzone
418 418 */
419 419
420 420 /*
421 421 * Determine the zone we're being mounted into.
422 422 */
423 423 zone_hold(mntzone = zone); /* start with this assumption */
424 424 if (getzoneid() == GLOBAL_ZONEID) {
425 425 zone_rele(mntzone);
426 426 mntzone = zone_find_by_path(refstr_value(vfsp->vfs_mntpt));
427 427 ASSERT(mntzone != NULL);
428 428 if (mntzone != zone) {
429 429 error = EBUSY;
430 430 goto errout;
431 431 }
432 432 }
433 433
434 434 /*
435 435 * Stop the mount from going any further if the zone is going away.
436 436 */
437 437 if (zone_status_get(mntzone) >= ZONE_IS_SHUTTING_DOWN) {
438 438 error = EBUSY;
439 439 goto errout;
440 440 }
441 441
442 442 /*
443 443 * On a Trusted Extensions client, we may have to force read-only
444 444 * for read-down mounts.
445 445 */
446 446 if (is_system_labeled()) {
447 447 void *addr;
448 448 int ipvers = 0;
449 449 struct smb_vc *vcp;
450 450
451 451 vcp = SSTOVC(ssp);
452 452 addr = smb_vc_getipaddr(vcp, &ipvers);
453 453 error = smbfs_mount_label_policy(vfsp, addr, ipvers, cr);
454 454
455 455 if (error > 0)
456 456 goto errout;
457 457
458 458 if (error == -1) {
459 459 /* change mount to read-only to prevent write-down */
460 460 vfs_setmntopt(vfsp, MNTOPT_RO, NULL, 0);
461 461 }
462 462 }
463 463
464 464 /* Prevent unload. */
465 465 atomic_inc_32(&smbfs_mountcount);
466 466
467 467 /*
468 468 * Create a mount record and link it to the vfs struct.
469 469 * No more possiblities for errors from here on.
470 470 * Tear-down of this stuff is in smbfs_free_smi()
471 471 *
472 472 * Compare with NFS: nfsrootvp()
473 473 */
474 474 smi = kmem_zalloc(sizeof (*smi), KM_SLEEP);
475 475
476 476 mutex_init(&smi->smi_lock, NULL, MUTEX_DEFAULT, NULL);
477 477 cv_init(&smi->smi_statvfs_cv, NULL, CV_DEFAULT, NULL);
478 478
479 479 rw_init(&smi->smi_hash_lk, NULL, RW_DEFAULT, NULL);
480 480 smbfs_init_hash_avl(&smi->smi_hash_avl);
481 481
482 482 smi->smi_share = ssp;
483 483 ssp = NULL;
484 484
485 485 /*
486 486 * Convert the anonymous zone hold acquired via zone_hold() above
487 487 * into a zone reference.
488 488 */
489 489 zone_init_ref(&smi->smi_zone_ref);
490 490 zone_hold_ref(mntzone, &smi->smi_zone_ref, ZONE_REF_SMBFS);
491 491 zone_rele(mntzone);
492 492 mntzone = NULL;
493 493
494 494 /*
495 495 * Initialize option defaults
496 496 */
497 497 smi->smi_flags = SMI_LLOCK;
498 498 smi->smi_acregmin = SEC2HR(SMBFS_ACREGMIN);
499 499 smi->smi_acregmax = SEC2HR(SMBFS_ACREGMAX);
500 500 smi->smi_acdirmin = SEC2HR(SMBFS_ACDIRMIN);
501 501 smi->smi_acdirmax = SEC2HR(SMBFS_ACDIRMAX);
502 502
503 503 /*
504 504 * All "generic" mount options have already been
505 505 * handled in vfs.c:domount() - see mntopts stuff.
506 506 * Query generic options using vfs_optionisset().
507 507 */
508 508 if (vfs_optionisset(vfsp, MNTOPT_INTR, NULL))
509 509 smi->smi_flags |= SMI_INT;
510 510 if (vfs_optionisset(vfsp, MNTOPT_ACL, NULL))
511 511 smi->smi_flags |= SMI_ACL;
512 512
513 513 /*
514 514 * Get the mount options that come in as smbfs_args,
515 515 * starting with args.flags (SMBFS_MF_xxx)
516 516 */
517 517 flags = STRUCT_FGET(args, flags);
518 518 smi->smi_uid = STRUCT_FGET(args, uid);
519 519 smi->smi_gid = STRUCT_FGET(args, gid);
520 520 smi->smi_fmode = STRUCT_FGET(args, file_mode) & 0777;
521 521 smi->smi_dmode = STRUCT_FGET(args, dir_mode) & 0777;
522 522
523 523 /*
524 524 * Hande the SMBFS_MF_xxx flags.
525 525 */
526 526 if (flags & SMBFS_MF_NOAC)
527 527 smi->smi_flags |= SMI_NOAC;
528 528 if (flags & SMBFS_MF_ACREGMIN) {
529 529 sec = STRUCT_FGET(args, acregmin);
530 530 if (sec < 0 || sec > SMBFS_ACMINMAX)
531 531 sec = SMBFS_ACMINMAX;
532 532 smi->smi_acregmin = SEC2HR(sec);
533 533 }
534 534 if (flags & SMBFS_MF_ACREGMAX) {
535 535 sec = STRUCT_FGET(args, acregmax);
536 536 if (sec < 0 || sec > SMBFS_ACMAXMAX)
537 537 sec = SMBFS_ACMAXMAX;
538 538 smi->smi_acregmax = SEC2HR(sec);
539 539 }
540 540 if (flags & SMBFS_MF_ACDIRMIN) {
541 541 sec = STRUCT_FGET(args, acdirmin);
542 542 if (sec < 0 || sec > SMBFS_ACMINMAX)
543 543 sec = SMBFS_ACMINMAX;
544 544 smi->smi_acdirmin = SEC2HR(sec);
545 545 }
546 546 if (flags & SMBFS_MF_ACDIRMAX) {
547 547 sec = STRUCT_FGET(args, acdirmax);
548 548 if (sec < 0 || sec > SMBFS_ACMAXMAX)
549 549 sec = SMBFS_ACMAXMAX;
550 550 smi->smi_acdirmax = SEC2HR(sec);
551 551 }
552 552
553 553 /*
554 554 * Get attributes of the remote file system,
555 555 * i.e. ACL support, named streams, etc.
556 556 */
557 557 smb_credinit(&scred, cr);
558 558 error = smbfs_smb_qfsattr(smi->smi_share, &smi->smi_fsa, &scred);
559 559 smb_credrele(&scred);
560 560 if (error) {
561 561 SMBVDEBUG("smbfs_smb_qfsattr error %d\n", error);
562 562 }
563 563
564 564 /*
565 565 * We enable XATTR by default (via smbfs_mntopts)
566 566 * but if the share does not support named streams,
567 567 * force the NOXATTR option (also clears XATTR).
568 568 * Caller will set or clear VFS_XATTR after this.
569 569 */
570 570 if ((smi->smi_fsattr & FILE_NAMED_STREAMS) == 0)
571 571 vfs_setmntopt(vfsp, MNTOPT_NOXATTR, NULL, 0);
572 572
573 573 /*
574 574 * Ditto ACLs (disable if not supported on this share)
575 575 */
576 576 if ((smi->smi_fsattr & FILE_PERSISTENT_ACLS) == 0) {
577 577 vfs_setmntopt(vfsp, MNTOPT_NOACL, NULL, 0);
578 578 smi->smi_flags &= ~SMI_ACL;
579 579 }
580 580
581 581 /*
582 582 * Assign a unique device id to the mount
583 583 */
584 584 mutex_enter(&smbfs_minor_lock);
585 585 do {
586 586 smbfs_minor = (smbfs_minor + 1) & MAXMIN32;
587 587 smbfs_dev = makedevice(smbfs_major, smbfs_minor);
588 588 } while (vfs_devismounted(smbfs_dev));
589 589 mutex_exit(&smbfs_minor_lock);
590 590
|
↓ open down ↓ |
590 lines elided |
↑ open up ↑ |
591 591 vfsp->vfs_dev = smbfs_dev;
592 592 vfs_make_fsid(&vfsp->vfs_fsid, smbfs_dev, smbfsfstyp);
593 593 vfsp->vfs_data = (caddr_t)smi;
594 594 vfsp->vfs_fstype = smbfsfstyp;
595 595 vfsp->vfs_bsize = MAXBSIZE;
596 596 vfsp->vfs_bcount = 0;
597 597
598 598 smi->smi_vfsp = vfsp;
599 599 smbfs_zonelist_add(smi); /* undo in smbfs_freevfs */
600 600
601 + /* PSARC 2007/227 VFS Feature Registration */
602 + vfs_set_feature(vfsp, VFSFT_XVATTR);
603 + vfs_set_feature(vfsp, VFSFT_SYSATTR_VIEWS);
604 +
601 605 /*
602 606 * Create the root vnode, which we need in unmount
603 607 * for the call to smbfs_check_table(), etc.
604 608 * Release this hold in smbfs_unmount.
605 609 */
606 610 rtnp = smbfs_node_findcreate(smi, "\\", 1, NULL, 0, 0,
607 611 &smbfs_fattr0);
608 612 ASSERT(rtnp != NULL);
609 613 rtnp->r_vnode->v_type = VDIR;
610 614 rtnp->r_vnode->v_flag |= VROOT;
611 615 smi->smi_root = rtnp;
612 616
613 617 /*
614 618 * NFS does other stuff here too:
615 619 * async worker threads
616 620 * init kstats
617 621 *
618 622 * End of code from NFS nfsrootvp()
619 623 */
620 624 return (0);
621 625
622 626 errout:
623 627 vfsp->vfs_data = NULL;
624 628 if (smi != NULL)
625 629 smbfs_free_smi(smi);
626 630
627 631 if (mntzone != NULL)
628 632 zone_rele(mntzone);
629 633
630 634 if (ssp != NULL)
631 635 smb_share_rele(ssp);
632 636
633 637 return (error);
634 638 }
635 639
636 640 /*
637 641 * vfs operations
638 642 */
639 643 static int
640 644 smbfs_unmount(vfs_t *vfsp, int flag, cred_t *cr)
641 645 {
642 646 smbmntinfo_t *smi;
643 647 smbnode_t *rtnp;
644 648
645 649 smi = VFTOSMI(vfsp);
646 650
647 651 if (secpolicy_fs_unmount(cr, vfsp) != 0)
648 652 return (EPERM);
649 653
650 654 if ((flag & MS_FORCE) == 0) {
651 655 smbfs_rflush(vfsp, cr);
652 656
653 657 /*
654 658 * If there are any active vnodes on this file system,
655 659 * (other than the root vnode) then the file system is
656 660 * busy and can't be umounted.
657 661 */
658 662 if (smbfs_check_table(vfsp, smi->smi_root))
659 663 return (EBUSY);
660 664
661 665 /*
662 666 * We normally hold a ref to the root vnode, so
663 667 * check for references beyond the one we expect:
664 668 * smbmntinfo_t -> smi_root
665 669 * Note that NFS does not hold the root vnode.
666 670 */
667 671 if (smi->smi_root &&
668 672 smi->smi_root->r_vnode->v_count > 1)
669 673 return (EBUSY);
670 674 }
671 675
672 676 /*
673 677 * common code for both forced and non-forced
674 678 *
675 679 * Setting VFS_UNMOUNTED prevents new operations.
676 680 * Operations already underway may continue,
677 681 * but not for long.
678 682 */
679 683 vfsp->vfs_flag |= VFS_UNMOUNTED;
680 684
681 685 /*
682 686 * Shutdown any outstanding I/O requests on this share,
683 687 * and force a tree disconnect. The share object will
684 688 * continue to hang around until smb_share_rele().
685 689 * This should also cause most active nodes to be
686 690 * released as their operations fail with EIO.
687 691 */
688 692 smb_share_kill(smi->smi_share);
689 693
690 694 /*
691 695 * If we hold the root VP (and we normally do)
692 696 * then it's safe to release it now.
693 697 */
694 698 if (smi->smi_root) {
695 699 rtnp = smi->smi_root;
696 700 smi->smi_root = NULL;
697 701 VN_RELE(rtnp->r_vnode); /* release root vnode */
698 702 }
699 703
700 704 /*
701 705 * Remove all nodes from the node hash tables.
702 706 * This (indirectly) calls: smbfs_addfree, smbinactive,
703 707 * which will try to flush dirty pages, etc. so
704 708 * don't destroy the underlying share just yet.
705 709 *
706 710 * Also, with a forced unmount, some nodes may
707 711 * remain active, and those will get cleaned up
708 712 * after their last vn_rele.
709 713 */
710 714 smbfs_destroy_table(vfsp);
711 715
712 716 /*
713 717 * Delete our kstats...
714 718 *
715 719 * Doing it here, rather than waiting until
716 720 * smbfs_freevfs so these are not visible
717 721 * after the unmount.
718 722 */
719 723 if (smi->smi_io_kstats) {
720 724 kstat_delete(smi->smi_io_kstats);
721 725 smi->smi_io_kstats = NULL;
722 726 }
723 727 if (smi->smi_ro_kstats) {
724 728 kstat_delete(smi->smi_ro_kstats);
725 729 smi->smi_ro_kstats = NULL;
726 730 }
727 731
728 732 /*
729 733 * The rest happens in smbfs_freevfs()
730 734 */
731 735 return (0);
732 736 }
733 737
734 738
735 739 /*
736 740 * find root of smbfs
737 741 */
738 742 static int
739 743 smbfs_root(vfs_t *vfsp, vnode_t **vpp)
740 744 {
741 745 smbmntinfo_t *smi;
742 746 vnode_t *vp;
743 747
744 748 smi = VFTOSMI(vfsp);
745 749
746 750 if (curproc->p_zone != smi->smi_zone_ref.zref_zone)
747 751 return (EPERM);
748 752
749 753 if (smi->smi_flags & SMI_DEAD || vfsp->vfs_flag & VFS_UNMOUNTED)
750 754 return (EIO);
751 755
752 756 /*
753 757 * The root vp is created in mount and held
754 758 * until unmount, so this is paranoia.
755 759 */
756 760 if (smi->smi_root == NULL)
757 761 return (EIO);
758 762
759 763 /* Just take a reference and return it. */
760 764 vp = SMBTOV(smi->smi_root);
761 765 VN_HOLD(vp);
762 766 *vpp = vp;
763 767
764 768 return (0);
765 769 }
766 770
767 771 /*
768 772 * Get file system statistics.
769 773 */
770 774 static int
771 775 smbfs_statvfs(vfs_t *vfsp, statvfs64_t *sbp)
772 776 {
773 777 int error;
774 778 smbmntinfo_t *smi = VFTOSMI(vfsp);
775 779 smb_share_t *ssp = smi->smi_share;
776 780 statvfs64_t stvfs;
777 781 hrtime_t now;
778 782 smb_cred_t scred;
779 783
780 784 if (curproc->p_zone != smi->smi_zone_ref.zref_zone)
781 785 return (EPERM);
782 786
783 787 if (smi->smi_flags & SMI_DEAD || vfsp->vfs_flag & VFS_UNMOUNTED)
784 788 return (EIO);
785 789
786 790 mutex_enter(&smi->smi_lock);
787 791
788 792 /*
789 793 * Use cached result if still valid.
790 794 */
791 795 recheck:
792 796 now = gethrtime();
793 797 if (now < smi->smi_statfstime) {
794 798 error = 0;
795 799 goto cache_hit;
796 800 }
797 801
798 802 /*
799 803 * FS attributes are stale, so someone
800 804 * needs to do an OTW call to get them.
801 805 * Serialize here so only one thread
802 806 * does the OTW call.
803 807 */
804 808 if (smi->smi_status & SM_STATUS_STATFS_BUSY) {
805 809 smi->smi_status |= SM_STATUS_STATFS_WANT;
806 810 if (!cv_wait_sig(&smi->smi_statvfs_cv, &smi->smi_lock)) {
807 811 mutex_exit(&smi->smi_lock);
808 812 return (EINTR);
809 813 }
810 814 /* Hope status is valid now. */
811 815 goto recheck;
812 816 }
813 817 smi->smi_status |= SM_STATUS_STATFS_BUSY;
814 818 mutex_exit(&smi->smi_lock);
815 819
816 820 /*
817 821 * Do the OTW call. Note: lock NOT held.
818 822 */
819 823 smb_credinit(&scred, NULL);
820 824 bzero(&stvfs, sizeof (stvfs));
821 825 error = smbfs_smb_statfs(ssp, &stvfs, &scred);
822 826 smb_credrele(&scred);
823 827 if (error) {
824 828 SMBVDEBUG("statfs error=%d\n", error);
825 829 } else {
826 830
827 831 /*
828 832 * Set a few things the OTW call didn't get.
829 833 */
830 834 stvfs.f_frsize = stvfs.f_bsize;
831 835 stvfs.f_favail = stvfs.f_ffree;
832 836 stvfs.f_fsid = (unsigned long)vfsp->vfs_fsid.val[0];
833 837 bcopy(fs_type_name, stvfs.f_basetype, FSTYPSZ);
834 838 stvfs.f_flag = vf_to_stf(vfsp->vfs_flag);
835 839 stvfs.f_namemax = smi->smi_fsa.fsa_maxname;
836 840
837 841 /*
838 842 * Save the result, update lifetime
839 843 */
840 844 now = gethrtime();
841 845 smi->smi_statfstime = now +
842 846 (SM_MAX_STATFSTIME * (hrtime_t)NANOSEC);
843 847 smi->smi_statvfsbuf = stvfs; /* struct assign! */
844 848 }
845 849
846 850 mutex_enter(&smi->smi_lock);
847 851 if (smi->smi_status & SM_STATUS_STATFS_WANT)
848 852 cv_broadcast(&smi->smi_statvfs_cv);
849 853 smi->smi_status &= ~(SM_STATUS_STATFS_BUSY | SM_STATUS_STATFS_WANT);
850 854
851 855 /*
852 856 * Copy the statvfs data to caller's buf.
853 857 * Note: struct assignment
854 858 */
855 859 cache_hit:
856 860 if (error == 0)
857 861 *sbp = smi->smi_statvfsbuf;
858 862 mutex_exit(&smi->smi_lock);
859 863 return (error);
860 864 }
861 865
862 866 static kmutex_t smbfs_syncbusy;
863 867
864 868 /*
865 869 * Flush dirty smbfs files for file system vfsp.
866 870 * If vfsp == NULL, all smbfs files are flushed.
867 871 */
868 872 /*ARGSUSED*/
869 873 static int
870 874 smbfs_sync(vfs_t *vfsp, short flag, cred_t *cr)
871 875 {
872 876 /*
873 877 * Cross-zone calls are OK here, since this translates to a
874 878 * VOP_PUTPAGE(B_ASYNC), which gets picked up by the right zone.
875 879 */
876 880 if (!(flag & SYNC_ATTR) && mutex_tryenter(&smbfs_syncbusy) != 0) {
877 881 smbfs_rflush(vfsp, cr);
878 882 mutex_exit(&smbfs_syncbusy);
879 883 }
880 884
881 885 return (0);
882 886 }
883 887
884 888 /*
885 889 * Initialization routine for VFS routines. Should only be called once
886 890 */
887 891 int
888 892 smbfs_vfsinit(void)
889 893 {
890 894 mutex_init(&smbfs_syncbusy, NULL, MUTEX_DEFAULT, NULL);
891 895 return (0);
892 896 }
893 897
894 898 /*
895 899 * Shutdown routine for VFS routines. Should only be called once
896 900 */
897 901 void
898 902 smbfs_vfsfini(void)
899 903 {
900 904 mutex_destroy(&smbfs_syncbusy);
901 905 }
902 906
903 907 void
904 908 smbfs_freevfs(vfs_t *vfsp)
905 909 {
906 910 smbmntinfo_t *smi;
907 911
908 912 /* free up the resources */
909 913 smi = VFTOSMI(vfsp);
910 914
911 915 /*
912 916 * By this time we should have already deleted the
913 917 * smi kstats in the unmount code. If they are still around
914 918 * something is wrong
915 919 */
916 920 ASSERT(smi->smi_io_kstats == NULL);
917 921
918 922 smbfs_zonelist_remove(smi);
919 923
920 924 smbfs_free_smi(smi);
921 925
922 926 /*
923 927 * Allow _fini() to succeed now, if so desired.
924 928 */
925 929 atomic_dec_32(&smbfs_mountcount);
926 930 }
927 931
928 932 /*
929 933 * smbfs_mount_label_policy:
930 934 * Determine whether the mount is allowed according to MAC check,
931 935 * by comparing (where appropriate) label of the remote server
932 936 * against the label of the zone being mounted into.
933 937 *
934 938 * Returns:
935 939 * 0 : access allowed
936 940 * -1 : read-only access allowed (i.e., read-down)
937 941 * >0 : error code, such as EACCES
938 942 *
939 943 * NB:
940 944 * NFS supports Cipso labels by parsing the vfs_resource
941 945 * to see what the Solaris server global zone has shared.
942 946 * We can't support that for CIFS since resource names
943 947 * contain share names, not paths.
944 948 */
945 949 static int
946 950 smbfs_mount_label_policy(vfs_t *vfsp, void *ipaddr, int addr_type, cred_t *cr)
947 951 {
948 952 bslabel_t *server_sl, *mntlabel;
949 953 zone_t *mntzone = NULL;
950 954 ts_label_t *zlabel;
951 955 tsol_tpc_t *tp;
952 956 ts_label_t *tsl = NULL;
953 957 int retv;
954 958
955 959 /*
956 960 * Get the zone's label. Each zone on a labeled system has a label.
957 961 */
958 962 mntzone = zone_find_by_any_path(refstr_value(vfsp->vfs_mntpt), B_FALSE);
959 963 zlabel = mntzone->zone_slabel;
960 964 ASSERT(zlabel != NULL);
961 965 label_hold(zlabel);
962 966
963 967 retv = EACCES; /* assume the worst */
964 968
965 969 /*
966 970 * Next, get the assigned label of the remote server.
967 971 */
968 972 tp = find_tpc(ipaddr, addr_type, B_FALSE);
969 973 if (tp == NULL)
970 974 goto out; /* error getting host entry */
971 975
972 976 if (tp->tpc_tp.tp_doi != zlabel->tsl_doi)
973 977 goto rel_tpc; /* invalid domain */
974 978 if ((tp->tpc_tp.host_type != UNLABELED))
975 979 goto rel_tpc; /* invalid hosttype */
976 980
977 981 server_sl = &tp->tpc_tp.tp_def_label;
978 982 mntlabel = label2bslabel(zlabel);
979 983
980 984 /*
981 985 * Now compare labels to complete the MAC check. If the labels
982 986 * are equal or if the requestor is in the global zone and has
983 987 * NET_MAC_AWARE, then allow read-write access. (Except for
984 988 * mounts into the global zone itself; restrict these to
985 989 * read-only.)
986 990 *
987 991 * If the requestor is in some other zone, but his label
988 992 * dominates the server, then allow read-down.
989 993 *
990 994 * Otherwise, access is denied.
991 995 */
992 996 if (blequal(mntlabel, server_sl) ||
993 997 (crgetzoneid(cr) == GLOBAL_ZONEID &&
994 998 getpflags(NET_MAC_AWARE, cr) != 0)) {
995 999 if ((mntzone == global_zone) ||
996 1000 !blequal(mntlabel, server_sl))
997 1001 retv = -1; /* read-only */
998 1002 else
999 1003 retv = 0; /* access OK */
1000 1004 } else if (bldominates(mntlabel, server_sl)) {
1001 1005 retv = -1; /* read-only */
1002 1006 } else {
1003 1007 retv = EACCES;
1004 1008 }
1005 1009
1006 1010 if (tsl != NULL)
1007 1011 label_rele(tsl);
1008 1012
1009 1013 rel_tpc:
1010 1014 /*LINTED*/
1011 1015 TPC_RELE(tp);
1012 1016 out:
1013 1017 if (mntzone)
1014 1018 zone_rele(mntzone);
1015 1019 label_rele(zlabel);
1016 1020 return (retv);
1017 1021 }
|
↓ open down ↓ |
407 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX