From: Philip Homburg Date: Tue, 7 Aug 2007 12:38:35 +0000 (+0000) Subject: Added new interface to VFS. X-Git-Tag: v3.1.4~343 X-Git-Url: http://zhaoyanbai.com/repos//%22http:/%22%29?a=commitdiff_plain;h=2ca2b86a3a746b3ca1b75ce9624546fe78bffcf0;p=minix.git Added new interface to VFS. --- diff --git a/servers/mfs/Makefile b/servers/mfs/Makefile index 1f97664ed..73c85e3a8 100644 --- a/servers/mfs/Makefile +++ b/servers/mfs/Makefile @@ -16,7 +16,7 @@ LIBS = -lsysutil -lsys -ltimers OBJ = cache.o device.o link.o \ mount.o misc.o open.o pipe.o protect.o read.o \ stadir.o table.o time.o utility.o \ - write.o inode.o main.o path.o super.o + write.o inode.o main.o path.o super.o stacktrace.o # build local binary all build: $(SERVER) diff --git a/servers/mfs/const.h b/servers/mfs/const.h index d8616ddcc..b8414fb2b 100644 --- a/servers/mfs/const.h +++ b/servers/mfs/const.h @@ -65,7 +65,6 @@ #define LAST_DIR PATH_PENULTIMATE #define LAST_DIR_NOTDOT PATH_PENULTIMATE | PATH_STRIPDOT #define LAST_DIR_EATSYM PATH_NONSYMBOLIC -#define SYMLOOP 16 #define CLEAN 0 /* disk and memory copies identical */ #define DIRTY 1 /* disk and memory copies differ */ diff --git a/servers/mfs/device.c b/servers/mfs/device.c index 03dbb3f92..d9dd389ee 100644 --- a/servers/mfs/device.c +++ b/servers/mfs/device.c @@ -23,6 +23,9 @@ FORWARD _PROTOTYPE( int safe_io_conversion, (endpoint_t, void **, int *, vir_bytes)); FORWARD _PROTOTYPE( void safe_io_cleanup, (cp_grant_id_t, cp_grant_id_t *, int)); +FORWARD _PROTOTYPE( int gen_opcl, (endpoint_t driver_e, int op, + Dev_t dev, int proc_e, int flags) ); +FORWARD _PROTOTYPE( int gen_io, (int task_nr, message *mess_ptr) ); /*===========================================================================* * fs_clone_opcl * @@ -276,10 +279,107 @@ int flags; /* special flags, like O_NONBLOCK */ return(m.REP_STATUS); } +/*===========================================================================* + * dev_open * + *===========================================================================*/ +PUBLIC int dev_open(driver_e, dev, proc, flags) +endpoint_t driver_e; +dev_t dev; /* device to open */ +int proc; /* process to open for */ +int flags; /* mode bits and flags */ +{ + int major, r; + + /* Determine the major device number call the device class specific + * open/close routine. (This is the only routine that must check the + * device number for being in range. All others can trust this check.) + */ + major = (dev >> MAJOR) & BYTE; + if (major >= NR_DEVICES) major = 0; + r = gen_opcl(driver_e, DEV_OPEN, dev, proc, flags); + if (r == SUSPEND) panic(__FILE__,"suspend on open from", NO_NUM); + return(r); +} +/*===========================================================================* + * dev_close * + *===========================================================================*/ +PUBLIC void dev_close(driver_e, dev) +endpoint_t driver_e; +dev_t dev; /* device to close */ +{ + (void) gen_opcl(driver_e, DEV_CLOSE, dev, 0, 0); +} +/*===========================================================================* + * gen_opcl * + *===========================================================================*/ +PRIVATE int gen_opcl(driver_e, op, dev, proc_e, flags) +endpoint_t driver_e; +int op; /* operation, DEV_OPEN or DEV_CLOSE */ +dev_t dev; /* device to open or close */ +int proc_e; /* process to open/close for */ +int flags; /* mode bits and flags */ +{ +/* Called from the dmap struct in table.c on opens & closes of special files.*/ + message dev_mess; + dev_mess.m_type = op; + dev_mess.DEVICE = (dev >> MINOR) & BYTE; + dev_mess.IO_ENDPT = proc_e; + dev_mess.COUNT = flags; + /* Call the task. */ + gen_io(driver_e, &dev_mess); + + return(dev_mess.REP_STATUS); +} + + +/*===========================================================================* + * gen_io * + *===========================================================================*/ +PRIVATE int gen_io(task_nr, mess_ptr) +int task_nr; /* which task to call */ +message *mess_ptr; /* pointer to message for task */ +{ +/* All file system I/O ultimately comes down to I/O on major/minor device + * pairs. These lead to calls on the following routines via the dmap table. + */ + + int r, proc_e; + + proc_e = mess_ptr->IO_ENDPT; + + r = sendrec(task_nr, mess_ptr); + if (r != OK) { + if (r == EDEADSRCDST || r == EDSTDIED || r == ESRCDIED) { + printf("fs: dead driver %d\n", task_nr); + panic(__FILE__, "should handle crashed drivers", + NO_NUM); + /* dmap_unmap_by_endpt(task_nr); */ + return r; + } + if (r == ELOCKED) { + printf("fs: ELOCKED talking to %d\n", task_nr); + return r; + } + panic(__FILE__,"call_task: can't send/receive", r); + } + + /* Did the process we did the sendrec() for get a result? */ + if (mess_ptr->REP_ENDPT != proc_e) { + printf( + "fs: strange device reply from %d, type = %d, proc = %d (not %d) (2) ignored\n", + mess_ptr->m_source, + mess_ptr->m_type, + proc_e, + mess_ptr->REP_ENDPT); + return EIO; + } + + return OK; +} diff --git a/servers/mfs/glo.h b/servers/mfs/glo.h index 01686272c..e5595a852 100644 --- a/servers/mfs/glo.h +++ b/servers/mfs/glo.h @@ -26,6 +26,8 @@ EXTERN uid_t caller_uid; EXTERN gid_t caller_gid; EXTERN time_t boottime; /* time in seconds at system boot */ +EXTERN int use_getuptime2; /* Should be removed togetherwith boottime */ + EXTERN int req_nr; EXTERN int SELF_E; @@ -35,9 +37,11 @@ EXTERN struct inode *chroot_dir; EXTERN short path_processed; /* number of characters processed */ EXTERN char user_path[PATH_MAX+1]; /* pathname to be processed */ EXTERN char *vfs_slink_storage; -EXTERN int symloop; - -EXTERN dev_t fs_dev; /* the device that is handled by this FS proc */ - +EXTERN int Xsymloop; +EXTERN dev_t fs_dev; /* The device that is handled by this FS proc. + */ +EXTERN char fs_dev_label[16]; /* Name of the device driver that is handled + * by this FS proc. + */ diff --git a/servers/mfs/inode.c b/servers/mfs/inode.c index a18ffbe74..1601bf2f2 100644 --- a/servers/mfs/inode.c +++ b/servers/mfs/inode.c @@ -208,6 +208,7 @@ int numb; /* inode number (ANSI: may not be unshort) */ rip->i_pipe = I_PIPE; else rip->i_pipe = NO_PIPE; + rip->i_mountpoint= FALSE; /* Add to hash */ addhash_inode(rip); @@ -264,7 +265,7 @@ register struct inode *rip; /* pointer to inode to be released */ else { if (rip->i_pipe == I_PIPE) truncate_inode(rip, 0); } - rip->i_mount = NO_MOUNT; + rip->i_mountpoint = FALSE; if (rip->i_dirt == DIRTY) rw_inode(rip, WRITING); if (rip->i_nlinks == 0) { @@ -310,7 +311,7 @@ int count; if (rip->i_pipe == I_PIPE) truncate_inode(rip, 0); } - rip->i_mount = NO_MOUNT; + rip->i_mountpoint = FALSE; if (rip->i_dirt == DIRTY) rw_inode(rip, WRITING); if (rip->i_nlinks == 0) { diff --git a/servers/mfs/inode.h b/servers/mfs/inode.h index 77effb0b2..10e78271a 100644 --- a/servers/mfs/inode.h +++ b/servers/mfs/inode.h @@ -31,8 +31,7 @@ EXTERN struct inode { char i_dirt; /* CLEAN or DIRTY */ char i_pipe; /* set to I_PIPE if pipe */ - char i_mount; /* this bit is set if file mounted on */ - short i_vmnt_ind; /* index of the vmnt mounted on */ + char i_mountpoint; /* true if mounted on */ char i_seek; /* set on LSEEK, cleared on READ/WRITE */ char i_update; /* the ATIME, CTIME, and MTIME bits are here */ @@ -56,7 +55,5 @@ EXTERN unsigned int inode_cache_miss; /* Field values. Note that CLEAN and DIRTY are defined in "const.h" */ #define NO_PIPE 0 /* i_pipe is NO_PIPE if inode is not a pipe */ #define I_PIPE 1 /* i_pipe is I_PIPE if inode is a pipe */ -#define NO_MOUNT 0 /* i_mount is NO_MOUNT if file not mounted on*/ -#define I_MOUNT 1 /* i_mount is I_MOUNT if file mounted on */ #define NO_SEEK 0 /* i_seek = NO_SEEK if last op was not SEEK */ #define ISEEK 1 /* i_seek = ISEEK if last op was SEEK */ diff --git a/servers/mfs/link.c b/servers/mfs/link.c index 13db3af03..82c159d1a 100644 --- a/servers/mfs/link.c +++ b/servers/mfs/link.c @@ -14,10 +14,14 @@ #define SAME 1000 -FORWARD _PROTOTYPE( int remove_dir, (struct inode *rldirp, struct inode *rip, +FORWARD _PROTOTYPE( int remove_dir_o, (struct inode *rldirp, struct inode *rip, char dir_name[NAME_MAX]) ); -FORWARD _PROTOTYPE( int unlink_file, (struct inode *dirp, struct inode *rip, +FORWARD _PROTOTYPE( int remove_dir_nocheck, (struct inode *rldirp, + struct inode *rip, char dir_name[NAME_MAX]) ); +FORWARD _PROTOTYPE( int unlink_file_o, (struct inode *dirp, struct inode *rip, char file_name[NAME_MAX]) ); +FORWARD _PROTOTYPE( int unlink_file_nocheck, (struct inode *dirp, + struct inode *rip, char file_name[NAME_MAX]) ); FORWARD _PROTOTYPE( off_t nextblock, (off_t pos, int zonesize) ); FORWARD _PROTOTYPE( void zeroblock_half, (struct inode *i, off_t p, int l)); FORWARD _PROTOTYPE( void zeroblock_range, (struct inode *i, off_t p, off_t h)); @@ -28,9 +32,9 @@ FORWARD _PROTOTYPE( void zeroblock_range, (struct inode *i, off_t p, off_t h)); /*===========================================================================* - * fs_link * + * fs_link_o * *===========================================================================*/ -PUBLIC int fs_link() +PUBLIC int fs_link_o() { /* Perform the link(name1, name2) system call. */ @@ -80,7 +84,7 @@ printf("MFS(%d) get_inode by fs_link() failed\n", SELF_E); /* If 'name2' exists in full (even if no space) set 'r' to error. */ if (r == OK) { - if ( (new_ip = advance(&ip, string)) == NIL_INODE) { + if ( (new_ip = advance_o(&ip, string)) == NIL_INODE) { r = err_code; if (r == ENOENT) r = OK; } else { @@ -108,9 +112,91 @@ printf("MFS(%d) get_inode by fs_link() failed\n", SELF_E); /*===========================================================================* - * fs_unlink * + * fs_link_s * *===========================================================================*/ -PUBLIC int fs_unlink() +PUBLIC int fs_link_s() +{ +/* Perform the link(name1, name2) system call. */ + + struct inode *ip, *rip; + register int r; + char string[NAME_MAX]; + struct inode *new_ip; + phys_bytes len; + +#if 0 + caller_uid = fs_m_in.REQ_UID; + caller_gid = fs_m_in.REQ_GID; +#endif + + len = MFS_MIN(fs_m_in.REQ_PATH_LEN, sizeof(string)); + /* Copy the link name's last component */ + r = sys_safecopyfrom(FS_PROC_NR, fs_m_in.REQ_GRANT, 0, + (vir_bytes) string, (phys_bytes) len, D); + if (r != OK) return r; + MFS_NUL(string, len, sizeof(string)); + + /* Temporarily open the file. */ + if ( (rip = get_inode(fs_dev, fs_m_in.REQ_LINKED_FILE)) == NIL_INODE) { +printf("MFS(%d) get_inode by fs_link() failed\n", SELF_E); + return(EINVAL); + } + + /* Check to see if the file has maximum number of links already. */ + r = OK; + if (rip->i_nlinks >= (rip->i_sp->s_version == V1 ? CHAR_MAX : SHRT_MAX)) + r = EMLINK; + + /* Only super_user may link to directories. */ + if (r == OK) + if ( (rip->i_mode & I_TYPE) == I_DIRECTORY && caller_uid != SU_UID) + r = EPERM; + + /* If error with 'name', return the inode. */ + if (r != OK) { + put_inode(rip); + return(r); + } + + /* Temporarily open the last dir */ + if ( (ip = get_inode(fs_dev, fs_m_in.REQ_LINK_PARENT)) == NIL_INODE) { +printf("MFS(%d) get_inode by fs_link() failed\n", SELF_E); + return(EINVAL); + } + + /* If 'name2' exists in full (even if no space) set 'r' to error. */ + if (r == OK) { + if ( (new_ip = advance_nocheck(&ip, string)) == NIL_INODE) { + r = err_code; + if (r == ENOENT) r = OK; + } else { + put_inode(new_ip); + r = EEXIST; + } + } + + /* Try to link. */ + if (r == OK) + r = search_dir_nocheck(ip, string, &rip->i_num, ENTER); + + /* If success, register the linking. */ + if (r == OK) { + rip->i_nlinks++; + rip->i_update |= CTIME; + rip->i_dirt = DIRTY; + } + + /* Done. Release both inodes. */ + put_inode(rip); + put_inode(ip); + return(r); +} + + +/*===========================================================================* + * fs_unlink_o * + *===========================================================================*/ +PUBLIC int fs_unlink_o() { /* Perform the unlink(name) or rmdir(name) system call. The code for these two * is almost the same. They differ only in some condition testing. Unlink() @@ -139,10 +225,11 @@ PUBLIC int fs_unlink() /* The last directory exists. Does the file also exist? */ r = OK; - if ( (rip = advance(&rldirp, string)) == NIL_INODE) r = err_code; + if ( (rip = advance_o(&rldirp, string)) == NIL_INODE) r = err_code; /* If error, return inode. */ if (r != OK) { + printf("fs_unlink_o: advance_o failed: %d\n", r); /* Mount point? */ if (r == EENTERMOUNT || r == ELEAVEMOUNT) r = EBUSY; @@ -151,7 +238,7 @@ PUBLIC int fs_unlink() } /* Now test if the call is allowed, separately for unlink() and rmdir(). */ - if (fs_m_in.m_type == REQ_UNLINK) { + if (fs_m_in.m_type == REQ_UNLINK_O) { /* Only the su may unlink directories, but the su can unlink any dir.*/ if ( (rip->i_mode & I_TYPE) == I_DIRECTORY && caller_uid != SU_UID) r = EPERM; @@ -160,11 +247,71 @@ PUBLIC int fs_unlink() if (rip->i_num == ROOT_INODE) r = EBUSY; /* Actually try to unlink the file; fails if parent is mode 0 etc. */ - if (r == OK) r = unlink_file(rldirp, rip, string); + if (r == OK) r = unlink_file_o(rldirp, rip, string); } else { - r = remove_dir(rldirp, rip, string); /* call is RMDIR */ + r = remove_dir_o(rldirp, rip, string); /* call is RMDIR */ + } + + /* If unlink was possible, it has been done, otherwise it has not. */ + put_inode(rip); + put_inode(rldirp); + if (r != OK) printf("fs_unlink_o: returning %d\n", r); + return(r); +} + + +/*===========================================================================* + * fs_unlink_s * + *===========================================================================*/ +PUBLIC int fs_unlink_s() +{ +/* Perform the unlink(name) or rmdir(name) system call. The code for these two + * is almost the same. They differ only in some condition testing. Unlink() + * may be used by the superuser to do dangerous things; rmdir() may not. + */ + register struct inode *rip; + struct inode *rldirp; + int r; + char string[NAME_MAX]; + phys_bytes len; + + /* Copy the last component */ + len = MFS_MIN(fs_m_in.REQ_PATH_LEN, sizeof(string)); + r = sys_safecopyfrom(FS_PROC_NR, fs_m_in.REQ_GRANT, 0, + (vir_bytes) string, (phys_bytes) len, D); + if (r != OK) return r; + MFS_NUL(string, len, sizeof(string)); + + /* Temporarily open the dir. */ + if ( (rldirp = get_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { + return(EINVAL); + } + + /* The last directory exists. Does the file also exist? */ + r = OK; + if ( (rip = advance_nocheck(&rldirp, string)) == NIL_INODE) r = err_code; + + /* If error, return inode. */ + if (r != OK) { + /* Mount point? */ + if (r == EENTERMOUNT || r == ELEAVEMOUNT) + r = EBUSY; + put_inode(rldirp); + return(r); + } + + /* Now test if the call is allowed, separately for unlink() and rmdir(). */ + if (fs_m_in.m_type == REQ_UNLINK_S) { + /* Only the su may unlink directories, but the su can unlink any dir.*/ + if ( (rip->i_mode & I_TYPE) == I_DIRECTORY) r = EPERM; + + /* Actually try to unlink the file; fails if parent is mode 0 etc. */ + if (r == OK) r = unlink_file_nocheck(rldirp, rip, string); + } + else { + r = remove_dir_nocheck(rldirp, rip, string); /* call is RMDIR */ } /* If unlink was possible, it has been done, otherwise it has not. */ @@ -176,9 +323,9 @@ PUBLIC int fs_unlink() /*===========================================================================* - * fs_rdlink * + * fs_rdlink_o * *===========================================================================*/ -PUBLIC int fs_rdlink() +PUBLIC int fs_rdlink_o() { block_t b; /* block containing link text */ struct buf *bp; /* buffer containing link text */ @@ -217,9 +364,51 @@ PUBLIC int fs_rdlink() /*===========================================================================* - * remove_dir * + * fs_rdlink_s * + *===========================================================================*/ +PUBLIC int fs_rdlink_s() +{ + block_t b; /* block containing link text */ + struct buf *bp; /* buffer containing link text */ + register struct inode *rip; /* target inode */ + register int r; /* return value */ + int copylen; + + copylen = fs_m_in.REQ_SLENGTH; + if (copylen <= 0) return(EINVAL); + + /* Temporarily open the file. */ + if ( (rip = get_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { + return(EINVAL); + } + + + if (!S_ISLNK(rip->i_mode)) + r = EACCES; + else if (copylen < rip->i_size) + r = ERANGE; + else if ((b = read_map(rip, (off_t) 0)) == NO_BLOCK) + r = EIO; + else { + /* Passed all checks */ + copylen = rip->i_size; + bp = get_block(rip->i_dev, b, NORMAL); + r = sys_safecopyto(FS_PROC_NR, fs_m_in.REQ_GRANT, 0, + (vir_bytes) bp->b_data, (vir_bytes) copylen, D); + + put_block(bp, DIRECTORY_BLOCK); + if (r == OK) r = copylen; + } + + put_inode(rip); + return(r); +} + + +/*===========================================================================* + * remove_dir_o * *===========================================================================*/ -PRIVATE int remove_dir(rldirp, rip, dir_name) +PRIVATE int remove_dir_o(rldirp, rip, dir_name) struct inode *rldirp; /* parent directory */ struct inode *rip; /* directory to be removed */ char dir_name[NAME_MAX]; /* name of directory to be removed */ @@ -240,21 +429,56 @@ char dir_name[NAME_MAX]; /* name of directory to be removed */ if (rip->i_num == ROOT_INODE) return(EBUSY); /* can't remove 'root' */ /* Actually try to unlink the file; fails if parent is mode 0 etc. */ - if ((r = unlink_file(rldirp, rip, dir_name)) != OK) return r; + if ((r = unlink_file_o(rldirp, rip, dir_name)) != OK) return r; + + /* Unlink . and .. from the dir. The super user can link and unlink any dir, + * so don't make too many assumptions about them. + */ + (void) unlink_file_o(rip, NIL_INODE, dot1); + (void) unlink_file_o(rip, NIL_INODE, dot2); + return(OK); +} + + +/*===========================================================================* + * remove_dir_nocheck * + *===========================================================================*/ +PRIVATE int remove_dir_nocheck(rldirp, rip, dir_name) +struct inode *rldirp; /* parent directory */ +struct inode *rip; /* directory to be removed */ +char dir_name[NAME_MAX]; /* name of directory to be removed */ +{ + /* A directory file has to be removed. Five conditions have to met: + * - The file must be a directory + * - The directory must be empty (except for . and ..) + * - The final component of the path must not be . or .. + * - The directory must not be the root of a mounted file system (VFS) + * - The directory must not be anybody's root/working directory (VFS) + */ + int r; + + /* search_dir checks that rip is a directory too. */ + if ((r = search_dir_nocheck(rip, "", (ino_t *) 0, IS_EMPTY)) != OK) return r; + + if (strcmp(dir_name, ".") == 0 || strcmp(dir_name, "..") == 0)return(EINVAL); + if (rip->i_num == ROOT_INODE) return(EBUSY); /* can't remove 'root' */ + + /* Actually try to unlink the file; fails if parent is mode 0 etc. */ + if ((r = unlink_file_nocheck(rldirp, rip, dir_name)) != OK) return r; /* Unlink . and .. from the dir. The super user can link and unlink any dir, * so don't make too many assumptions about them. */ - (void) unlink_file(rip, NIL_INODE, dot1); - (void) unlink_file(rip, NIL_INODE, dot2); + (void) unlink_file_nocheck(rip, NIL_INODE, dot1); + (void) unlink_file_nocheck(rip, NIL_INODE, dot2); return(OK); } /*===========================================================================* - * unlink_file * + * unlink_file_o * *===========================================================================*/ -PRIVATE int unlink_file(dirp, rip, file_name) +PRIVATE int unlink_file_o(dirp, rip, file_name) struct inode *dirp; /* parent directory of file */ struct inode *rip; /* inode of file, may be NIL_INODE too. */ char file_name[NAME_MAX]; /* name of file to be removed */ @@ -288,9 +512,45 @@ char file_name[NAME_MAX]; /* name of file to be removed */ /*===========================================================================* - * fs_rename * + * unlink_file_nocheck * *===========================================================================*/ -PUBLIC int fs_rename() +PRIVATE int unlink_file_nocheck(dirp, rip, file_name) +struct inode *dirp; /* parent directory of file */ +struct inode *rip; /* inode of file, may be NIL_INODE too. */ +char file_name[NAME_MAX]; /* name of file to be removed */ +{ +/* Unlink 'file_name'; rip must be the inode of 'file_name' or NIL_INODE. */ + + ino_t numb; /* inode number */ + int r; + + /* If rip is not NIL_INODE, it is used to get faster access to the inode. */ + if (rip == NIL_INODE) { + /* Search for file in directory and try to get its inode. */ + err_code = search_dir_nocheck(dirp, file_name, &numb, LOOK_UP); + if (err_code == OK) rip = get_inode(dirp->i_dev, (int) numb); + if (err_code != OK || rip == NIL_INODE) return(err_code); + } else { + dup_inode(rip); /* inode will be returned with put_inode */ + } + + r = search_dir_nocheck(dirp, file_name, (ino_t *) 0, DELETE); + + if (r == OK) { + rip->i_nlinks--; /* entry deleted from parent's dir */ + rip->i_update |= CTIME; + rip->i_dirt = DIRTY; + } + + put_inode(rip); + return(r); +} + + +/*===========================================================================* + * fs_rename_o * + *===========================================================================*/ +PUBLIC int fs_rename_o() { /* Perform the rename(name1, name2) system call. */ struct inode *old_dirp, *old_ip; /* ptrs to old dir, file inodes */ @@ -325,12 +585,12 @@ PUBLIC int fs_rename() if ( (old_dirp = get_inode(fs_dev, fs_m_in.REQ_OLD_DIR)) == NIL_INODE) return(err_code); - if ( (old_ip = advance(&old_dirp, old_name)) == NIL_INODE) r = err_code; + if ( (old_ip = advance_o(&old_dirp, old_name)) == NIL_INODE) r = err_code; /* Get new dir inode */ if ( (new_dirp = get_inode(fs_dev, fs_m_in.REQ_NEW_DIR)) == NIL_INODE) r = err_code; - new_ip = advance(&new_dirp, new_name); /* not required to exist */ + new_ip = advance_o(&new_dirp, new_name); /* not required to exist */ if (old_ip != NIL_INODE) odir = ((old_ip->i_mode & I_TYPE) == I_DIRECTORY); /* TRUE iff dir */ @@ -348,7 +608,7 @@ PUBLIC int fs_rename() r = EINVAL; break; } - next_new_superdirp = advance(&new_superdirp, dot2); + next_new_superdirp = advance_o(&new_superdirp, dot2); put_inode(new_superdirp); /* if (next_new_superdirp == new_superdirp) { @@ -433,9 +693,9 @@ PUBLIC int fs_rename() if (new_ip != NIL_INODE) { /* There is already an entry for 'new'. Try to remove it. */ if (odir) - r = remove_dir(new_dirp, new_ip, new_name); + r = remove_dir_o(new_dirp, new_ip, new_name); else - r = unlink_file(new_dirp, new_ip, new_name); + r = unlink_file_o(new_dirp, new_ip, new_name); } /* if r is OK, the rename will succeed, while there is now an * unused entry in the new parent directory. @@ -467,7 +727,7 @@ PUBLIC int fs_rename() if (r == OK && odir && !same_pdir) { /* Update the .. entry in the directory (still points to old_dirp). */ numb = new_dirp->i_num; - (void) unlink_file(old_ip, NIL_INODE, dot2); + (void) unlink_file_o(old_ip, NIL_INODE, dot2); if (search_dir(old_ip, dot2, &numb, ENTER) == OK) { /* New link created. */ new_dirp->i_nlinks++; @@ -484,6 +744,215 @@ PUBLIC int fs_rename() } +/*===========================================================================* + * fs_rename_s * + *===========================================================================*/ +PUBLIC int fs_rename_s() +{ +/* Perform the rename(name1, name2) system call. */ + struct inode *old_dirp, *old_ip; /* ptrs to old dir, file inodes */ + struct inode *new_dirp, *new_ip; /* ptrs to new dir, file inodes */ + struct inode *new_superdirp, *next_new_superdirp; + int r = OK; /* error flag; initially no error */ + int odir, ndir; /* TRUE iff {old|new} file is dir */ + int same_pdir; /* TRUE iff parent dirs are the same */ + char old_name[NAME_MAX], new_name[NAME_MAX]; + ino_t numb; + phys_bytes len; + int r1; + + /* Copy the last component of the old name */ + len = MFS_MIN(fs_m_in.REQ_REN_LEN_OLD, sizeof(old_name)); + r = sys_safecopyfrom(FS_PROC_NR, fs_m_in.REQ_REN_GRANT_OLD, 0, + (vir_bytes) old_name, (phys_bytes) len, D); + if (r != OK) return r; + MFS_NUL(old_name, len, sizeof(old_name)); + + /* Copy the last component of the new name */ + len = MFS_MIN(fs_m_in.REQ_REN_LEN_NEW, sizeof(new_name)); + r = sys_safecopyfrom(FS_PROC_NR, fs_m_in.REQ_REN_GRANT_NEW, 0, + (vir_bytes) new_name, (phys_bytes) len, D); + if (r != OK) return r; + MFS_NUL(new_name, len, sizeof(new_name)); + + /* Get old dir inode */ + if ( (old_dirp = get_inode(fs_dev, fs_m_in.REQ_REN_OLD_DIR)) == NIL_INODE) + return(err_code); + + if ( (old_ip = advance_nocheck(&old_dirp, old_name)) == NIL_INODE) + r = err_code; + + /* Get new dir inode */ + if ( (new_dirp = get_inode(fs_dev, fs_m_in.REQ_REN_NEW_DIR)) == NIL_INODE) + r = err_code; + new_ip = advance_nocheck(&new_dirp, new_name); /* not required to exist */ + + if (old_ip != NIL_INODE) + odir = ((old_ip->i_mode & I_TYPE) == I_DIRECTORY); /* TRUE iff dir */ + + /* If it is ok, check for a variety of possible errors. */ + if (r == OK) { + same_pdir = (old_dirp == new_dirp); + + /* The old inode must not be a superdirectory of the new last dir. */ + if (odir && !same_pdir) { + dup_inode(new_superdirp = new_dirp); + while (TRUE) { /* may hang in a file system loop */ + if (new_superdirp == old_ip) { + put_inode(new_superdirp); + r = EINVAL; + break; + } +printf("fs_rename_s: new_superdirp: %d on 0x%x\n", + new_superdirp->i_num, new_superdirp->i_dev); + + next_new_superdirp = advance_nocheck(&new_superdirp, + dot2); + +printf("fs_rename_s: next_new_superdirp: %d on 0x%x\n", + next_new_superdirp->i_num, next_new_superdirp->i_dev); + + put_inode(new_superdirp); + if (next_new_superdirp == new_superdirp) { + put_inode(new_superdirp); + break; + } + if (err_code == ELEAVEMOUNT) { + /* imitate that we are back at the root, + * cross device checked already on VFS */ + /*next_new_superdirp = new_superdirp;*/ + err_code = OK; + break; + } + new_superdirp = next_new_superdirp; + if (new_superdirp == NIL_INODE) { + /* Missing ".." entry. Assume the worst. */ + r = EINVAL; + break; + } + { static int count= 0; + if (++count > 20) + panic(__FILE__, "too deep", NO_NUM); + } + } + /*put_inode(new_superdirp);*/ + } + + /* The old or new name must not be . or .. */ + if (strcmp(old_name, ".")==0 || strcmp(old_name, "..")==0 || + strcmp(new_name, ".")==0 || strcmp(new_name, "..")==0) { + r = EINVAL; + } + /* Both parent directories must be on the same device. + if (old_dirp->i_dev != new_dirp->i_dev) r = EXDEV; */ + +#if 0 + /* Parent dirs must be writable, searchable and on a writable device */ + if ((r1 = forbidden(old_dirp, W_BIT | X_BIT)) != OK || + (r1 = forbidden(new_dirp, W_BIT | X_BIT)) != OK) { + r = r1; + } +#endif + + /* Some tests apply only if the new path exists. */ + if (new_ip == NIL_INODE) { + /* don't rename a file with a file system mounted on it. + if (old_ip->i_dev != old_dirp->i_dev) r = EXDEV;*/ + if (odir && new_dirp->i_nlinks >= + (new_dirp->i_sp->s_version == V1 ? CHAR_MAX : SHRT_MAX) && + !same_pdir && r == OK) { + r = EMLINK; + } + } + else { + if (old_ip == new_ip) { + r = SAME; /* old=new */ + } + + /* has the old file or new file a file system mounted on it? + if (old_ip->i_dev != new_ip->i_dev) r = EXDEV; + */ + + ndir = ((new_ip->i_mode & I_TYPE) == I_DIRECTORY); /* dir ? */ + if (odir == TRUE && ndir == FALSE) { + r = ENOTDIR; + } + if (odir == FALSE && ndir == TRUE) { + r = EISDIR; + } + } + } + + /* If a process has another root directory than the system root, we might + * "accidently" be moving it's working directory to a place where it's + * root directory isn't a super directory of it anymore. This can make + * the function chroot useless. If chroot will be used often we should + * probably check for it here. + */ + + /* The rename will probably work. Only two things can go wrong now: + * 1. being unable to remove the new file. (when new file already exists) + * 2. being unable to make the new directory entry. (new file doesn't exists) + * [directory has to grow by one block and cannot because the disk + * is completely full]. + */ + if (r == OK) { + if (new_ip != NIL_INODE) { + /* There is already an entry for 'new'. Try to remove it. */ + if (odir) + r = remove_dir_nocheck(new_dirp, new_ip, new_name); + else + r = unlink_file_nocheck(new_dirp, new_ip, new_name); + } + /* if r is OK, the rename will succeed, while there is now an + * unused entry in the new parent directory. + */ + } + + if (r == OK) { + /* If the new name will be in the same parent directory as the old one, + * first remove the old name to free an entry for the new name, + * otherwise first try to create the new name entry to make sure + * the rename will succeed. + */ + numb = old_ip->i_num; /* inode number of old file */ + + if (same_pdir) { + r = search_dir_nocheck(old_dirp, old_name, (ino_t *) 0, DELETE); + /* shouldn't go wrong. */ + if (r==OK) (void) search_dir_nocheck(old_dirp, new_name, + &numb, ENTER); + } else { + r = search_dir_nocheck(new_dirp, new_name, &numb, ENTER); + if (r == OK) + (void) search_dir_nocheck(old_dirp, old_name, + (ino_t *) 0, DELETE); + } + } + /* If r is OK, the ctime and mtime of old_dirp and new_dirp have been marked + * for update in search_dir. + */ + + if (r == OK && odir && !same_pdir) { + /* Update the .. entry in the directory (still points to old_dirp). */ + numb = new_dirp->i_num; + (void) unlink_file_nocheck(old_ip, NIL_INODE, dot2); + if (search_dir_nocheck(old_ip, dot2, &numb, ENTER) == OK) { + /* New link created. */ + new_dirp->i_nlinks++; + new_dirp->i_dirt = DIRTY; + } + } + + /* Release the inodes. */ + put_inode(old_dirp); + put_inode(old_ip); + put_inode(new_dirp); + put_inode(new_ip); + return(r == SAME ? OK : r); +} + + /*===========================================================================* * fs_trunc * *===========================================================================*/ diff --git a/servers/mfs/main.c b/servers/mfs/main.c index 7fdcab630..32f7cc41b 100644 --- a/servers/mfs/main.c +++ b/servers/mfs/main.c @@ -27,7 +27,7 @@ PUBLIC int main(void) * sending the reply. The loop never terminates, unless a panic occurs. */ int who_e; /* caller */ - int error; + int error, ind; message m; /* Initialize the server, then go to work. */ @@ -35,20 +35,25 @@ PUBLIC int main(void) fs_m_in.m_type = FS_READY; - if (sendrec(FS_PROC_NR, &fs_m_in) != OK) { + if (send(FS_PROC_NR, &fs_m_in) != OK) { printf("MFS(%d): Error sending login to VFS\n", SELF_E); return -1; } - if (fs_m_in.m_type != REQ_READSUPER) { +#if 0 + if (fs_m_in.m_type != REQ_READSUPER_O && fs_m_in.m_type != REQ_READSUPER_S) { printf("MFS(%d): Invalid login reply\n", SELF_E); return -1; } else { - fs_m_out.m_type = fs_readsuper(); + if (fs_m_in.m_type == REQ_READSUPER_S) + fs_m_out.m_type = fs_readsuper_s(); + else + fs_m_out.m_type = fs_readsuper_o(); reply(FS_PROC_NR, &fs_m_out); if (fs_m_out.m_type != OK) return -1; } +#endif for (;;) { @@ -56,6 +61,9 @@ PUBLIC int main(void) get_work(&fs_m_in); error = OK; + caller_uid = -1; /* To trap errors */ + caller_gid = -1; + who_e = fs_m_in.m_source; if (who_e != FS_PROC_NR) { if (who_e == 0) { @@ -71,11 +79,20 @@ PUBLIC int main(void) req_nr = fs_m_in.m_type; - if (req_nr < 0 || req_nr >= NREQS) { + if (req_nr < VFS_BASE) + { + fs_m_in.m_type += VFS_BASE; + req_nr = fs_m_in.m_type; + } + ind= req_nr-VFS_BASE; + + if (ind < 0 || ind >= NREQS) { + printf("mfs: bad request %d\n", req_nr); + printf("ind = %d\n", ind); error = EINVAL; } else { - error = (*fs_call_vec[req_nr])(); + error = (*fs_call_vec[ind])(); /*cch_check();*/ } @@ -151,7 +168,7 @@ PRIVATE void init_server(void) } /*===========================================================================* - * get_work * + * get_work * *===========================================================================*/ PRIVATE void get_work(m_in) message *m_in; /* pointer to message */ @@ -179,12 +196,12 @@ PRIVATE void cch_check(void) for (i = 0; i < NR_INODES; ++i) { if (inode[i].i_count != cch[i] && - req_nr != REQ_OPEN && req_nr != REQ_GETNODE && + req_nr != REQ_GETNODE && req_nr != REQ_PUTNODE && - req_nr != REQ_CLONE_OPCL && req_nr != REQ_READSUPER && - req_nr != REQ_MOUNTPOINT && req_nr != REQ_UNMOUNT && + req_nr != REQ_CLONE_OPCL && req_nr != REQ_READSUPER_S && + req_nr != REQ_MOUNTPOINT_S && req_nr != REQ_UNMOUNT && req_nr != REQ_PIPE && req_nr != REQ_SYNC && - req_nr != REQ_LOOKUP) + req_nr != REQ_LOOKUP_S) printf("MFS(%d) inode(%d) cc: %d req_nr: %d\n", SELF_E, inode[i].i_num, inode[i].i_count - cch[i], req_nr); diff --git a/servers/mfs/mount.c b/servers/mfs/mount.c index 604af3ce9..8893307ea 100644 --- a/servers/mfs/mount.c +++ b/servers/mfs/mount.c @@ -9,16 +9,118 @@ #include "inode.h" #include "super.h" #include "drivers.h" +#include #include +/*===========================================================================* + * fs_readsuper_s * + *===========================================================================*/ +PUBLIC int fs_readsuper_s() +{ +/* This function reads the superblock of the partition, gets the root inode + * and sends back the details of them. Note, that the FS process does not + * know the index of the vmnt object which refers to it, whenever the pathname + * lookup leaves a partition an ELEAVEMOUNT error is transferred back + * so that the VFS knows that it has to find the vnode on which this FS + * process' partition is mounted on. + */ + struct super_block *xp, *sp; + struct inode *root_ip; + cp_grant_id_t label_gid; + size_t label_len; + int r = OK; + unsigned long tasknr; + endpoint_t driver_e; + + fs_dev = fs_m_in.REQ_DEV; + + label_gid= fs_m_in.REQ_GRANT2; + label_len= fs_m_in.REQ_PATH_LEN; + + if (label_len > sizeof(fs_dev_label)) + { + printf("mfs:fs_readsuper: label too long\n"); + return EINVAL; + } + + r= sys_safecopyfrom(fs_m_in.m_source, label_gid, 0, (vir_bytes)fs_dev_label, + label_len, D); + if (r != OK) + { + printf("mfs:fs_readsuper: safecopyfrom failed: %d\n", r); + return EINVAL; + } + + r= ds_retrieve_u32(fs_dev_label, &tasknr); + if (r != OK) + { + printf("mfs:fs_readsuper: ds_retrieve_u32 failed for '%s': %d\n", + fs_dev_label, r); + return EINVAL; + } +#if 0 + printf("mfs:fs_readsuper: got tasknr %d for label '%s'\n", + tasknr, fs_dev_label); +#endif + + driver_e= tasknr; + + /* Map the driver endpoint for this major */ + driver_endpoints[(fs_dev >> MAJOR) & BYTE].driver_e = driver_e; + use_getuptime2= TRUE; /* Should be removed with old + * getuptime call. + */ + vfs_slink_storage = (char *)0xdeadbeef; /* Should be removed together + * with old lookup code. + */; + + sp = &super_block[0]; + + /* Open the device the file system lives on. */ + if (dev_open(driver_e, fs_dev, driver_e, + fs_m_in.REQ_READONLY ? R_BIT : (R_BIT|W_BIT)) != OK) { + return(EINVAL); + } + + /* Fill in the super block. */ + sp->s_dev = fs_dev; /* read_super() needs to know which dev */ + r = read_super(sp); + + /* Is it recognized as a Minix filesystem? */ + if (r != OK) { + sp->s_dev = NO_DEV; + return(r); + } + + /* Get the root inode of the mounted file system. */ + if ( (root_ip = get_inode(fs_dev, ROOT_INODE)) == NIL_INODE) + return err_code; + + if (root_ip != NIL_INODE && root_ip->i_mode == 0) { + put_inode(root_ip); + return EINVAL; + } + + sp->s_rd_only = fs_m_in.REQ_READONLY; + sp->s_is_root = fs_m_in.REQ_ISROOT; + + /* Root inode properties */ + fs_m_out.RES_INODE_NR = root_ip->i_num; + fs_m_out.RES_MODE = root_ip->i_mode; + fs_m_out.RES_FILE_SIZE = root_ip->i_size; + fs_m_out.RES_UID = root_ip->i_uid; + fs_m_out.RES_GID = root_ip->i_gid; + + return r; +} /*===========================================================================* - * fs_readsuper * + * fs_readsuper_o * *===========================================================================*/ -PUBLIC int fs_readsuper() +PUBLIC int fs_readsuper_o() { /* This function reads the superblock of the partition, gets the root inode * and sends back the details of them. Note, that the FS process does not @@ -80,9 +182,9 @@ PUBLIC int fs_readsuper() /*===========================================================================* - * fs_mountpoint * + * fs_mountpoint_o * *===========================================================================*/ -PUBLIC int fs_mountpoint() +PUBLIC int fs_mountpoint_o() { /* This function looks up the mount point, it checks the condition whether * the partition can be mounted on the inode or not. If ok, it gets the @@ -105,7 +207,11 @@ printf("MFS(%d) get_inode by fs_mountpoint() failed\n", SELF_E); } /* It may not be busy. */ - if (rip->i_count > 1) r = EBUSY; + if (rip->i_count > 2) + { + printf("mfs:fs_mountpoint: i_count = %d\n", rip->i_count); + r = EBUSY; + } /* It may not be special. */ bits = rip->i_mode & I_TYPE; @@ -118,8 +224,7 @@ printf("MFS(%d) get_inode by fs_mountpoint() failed\n", SELF_E); return r; } - rip->i_mount = I_MOUNT; - rip->i_vmnt_ind = fs_m_in.REQ_VMNT_IND; + rip->i_mountpoint = TRUE; fs_m_out.m_source = rip->i_dev;/* Filled with the FS endp by the system */ fs_m_out.RES_INODE_NR = rip->i_num; @@ -130,6 +235,39 @@ printf("MFS(%d) get_inode by fs_mountpoint() failed\n", SELF_E); } +/*===========================================================================* + * fs_mountpoint_s * + *===========================================================================*/ +PUBLIC int fs_mountpoint_s() +{ +/* This function looks up the mount point, it checks the condition whether + * the partition can be mounted on the inode or not. + */ + register struct inode *rip; + int r = OK; + mode_t bits; + + /* Temporarily open the file. */ + if ( (rip = get_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { +printf("MFS(%d) get_inode by fs_mountpoint() failed\n", SELF_E); + return(EINVAL); + } + + if (rip->i_mountpoint) + r= EBUSY; + + /* It may not be special. */ + bits = rip->i_mode & I_TYPE; + if (bits == I_BLOCK_SPECIAL || bits == I_CHAR_SPECIAL) r = ENOTDIR; + + put_inode(rip); + + if (r == OK) + rip->i_mountpoint = TRUE; + return r; +} + + /*===========================================================================* * fs_unmount * *===========================================================================*/ @@ -140,6 +278,9 @@ PUBLIC int fs_unmount() int count; register struct inode *rip; + /* Close the device the file system lives on. */ + dev_close(driver_endpoints[(fs_dev >> MAJOR) & BYTE].driver_e, fs_dev); + /* !!!!!!!!!!!!! REMOVE THIS LATER !!!!!!!!!!!!!!!!!!!!!!! */ /* Find the super block. */ sp = NIL_SUPER; diff --git a/servers/mfs/open.c b/servers/mfs/open.c index eb5245b9c..5e8d1fb4d 100644 --- a/servers/mfs/open.c +++ b/servers/mfs/open.c @@ -14,10 +14,12 @@ #include PRIVATE char mode_map[] = {R_BIT, W_BIT, R_BIT|W_BIT, 0}; -FORWARD _PROTOTYPE( struct inode *new_node, (struct inode *ldirp, +FORWARD _PROTOTYPE( struct inode *new_node_o, (struct inode *ldirp, + char *string, mode_t bits, zone_t z0)); +FORWARD _PROTOTYPE( struct inode *new_node_s, (struct inode *ldirp, char *string, mode_t bits, zone_t z0)); - +#if 0 /*===========================================================================* * fs_open * *===========================================================================*/ @@ -147,11 +149,13 @@ printf("MFS(%d) get_inode by open() failed\n", SELF_E); return OK; } +#endif + /*===========================================================================* - * fs_create * + * fs_create_o * *===========================================================================*/ -PUBLIC int fs_create() +PUBLIC int fs_create_o() { phys_bytes len; int r, b; @@ -182,7 +186,70 @@ printf("MFS(%d) get_inode for parent dir by creat() failed\n", SELF_E); } /* Create a new inode by calling new_node(). */ - rip = new_node(ldirp, lastc, omode, NO_ZONE); + rip = new_node_o(ldirp, lastc, omode, NO_ZONE); + r = err_code; + + /* If error, release inode. */ + if (r != OK) { + put_inode(ldirp); + put_inode(rip); + return(r); + } + + /* Reply message */ + fs_m_out.m_source = rip->i_dev; /* filled with FS endpoint by the system */ + fs_m_out.RES_INODE_NR = rip->i_num; + fs_m_out.RES_MODE = rip->i_mode; + fs_m_out.RES_FILE_SIZE = rip->i_size; + fs_m_out.RES_INODE_INDEX = (rip - &inode[0]) / sizeof(struct inode); + + /* This values are needed for the execution */ + fs_m_out.RES_UID = rip->i_uid; + fs_m_out.RES_GID = rip->i_gid; + if ((rip->i_mode & I_TYPE) == I_REGULAR) fs_m_out.RES_CTIME = rip->i_ctime; + + /* Drop parent dir */ + put_inode(ldirp); + + return OK; +} + + +/*===========================================================================* + * fs_create_s * + *===========================================================================*/ +PUBLIC int fs_create_s() +{ + phys_bytes len; + int r, b; + struct inode *ldirp; + struct inode *rip; + mode_t omode; + char lastc[NAME_MAX]; + + /* Read request message */ + omode = fs_m_in.REQ_MODE; + + caller_uid = fs_m_in.REQ_UID; + caller_gid = fs_m_in.REQ_GID; + + /* Try to make the file. */ + + /* Copy the last component */ + len = MFS_MIN(fs_m_in.REQ_PATH_LEN, sizeof(lastc)); + err_code = sys_safecopyfrom(FS_PROC_NR, fs_m_in.REQ_GRANT, 0, + (vir_bytes) lastc, (phys_bytes) len, D); + if (err_code != OK) return err_code; + MFS_NUL(lastc, len, sizeof(lastc)); + + /* Get last directory inode */ + if ((ldirp = get_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { +printf("MFS(%d) get_inode for parent dir by creat() failed\n", SELF_E); + return ENOENT; + } + + /* Create a new inode by calling new_node(). */ + rip = new_node_s(ldirp, lastc, omode, NO_ZONE); r = err_code; /* If error, release inode. */ @@ -210,10 +277,11 @@ printf("MFS(%d) get_inode for parent dir by creat() failed\n", SELF_E); return OK; } + /*===========================================================================* - * fs_mknod * + * fs_mknod_o * *===========================================================================*/ -PUBLIC int fs_mknod() +PUBLIC int fs_mknod_o() { struct inode *ip, *ldirp; char lastc[NAME_MAX]; @@ -236,7 +304,7 @@ printf("MFS(%d) get_inode for parent dir by mknod() failed\n", SELF_E); } /* Try to create the new node */ - ip = new_node(ldirp, lastc, fs_m_in.REQ_MODE, (zone_t) fs_m_in.REQ_DEV); + ip = new_node_o(ldirp, lastc, fs_m_in.REQ_MODE, (zone_t) fs_m_in.REQ_DEV); put_inode(ip); put_inode(ldirp); @@ -245,9 +313,43 @@ printf("MFS(%d) get_inode for parent dir by mknod() failed\n", SELF_E); /*===========================================================================* - * fs_mkdir * + * fs_mknod_s * *===========================================================================*/ -PUBLIC int fs_mkdir() +PUBLIC int fs_mknod_s() +{ + struct inode *ip, *ldirp; + char lastc[NAME_MAX]; + phys_bytes len; + + /* Copy the last component and set up caller's user and group id */ + len = MFS_MIN(fs_m_in.REQ_PATH_LEN, sizeof(lastc)); + err_code = sys_safecopyfrom(FS_PROC_NR, fs_m_in.REQ_GRANT, 0, + (vir_bytes) lastc, (phys_bytes) len, D); + if (err_code != OK) return err_code; + MFS_NUL(lastc, len, sizeof(lastc)); + + caller_uid = fs_m_in.REQ_UID; + caller_gid = fs_m_in.REQ_GID; + + /* Get last directory inode */ + if ((ldirp = get_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { +printf("MFS(%d) get_inode for parent dir by mknod() failed\n", SELF_E); + return ENOENT; + } + + /* Try to create the new node */ + ip = new_node_s(ldirp, lastc, fs_m_in.REQ_MODE, (zone_t) fs_m_in.REQ_DEVx); + + put_inode(ip); + put_inode(ldirp); + return(err_code); +} + + +/*===========================================================================* + * fs_mkdir_o * + *===========================================================================*/ +PUBLIC int fs_mkdir_o() { int r1, r2; /* status codes */ ino_t dot, dotdot; /* inode numbers for . and .. */ @@ -272,7 +374,7 @@ printf("MFS(%d) get_inode for parent dir by mkdir() failed\n", SELF_E); } /* Next make the inode. If that fails, return error code. */ - rip = new_node(ldirp, lastc, fs_m_in.REQ_MODE, (zone_t) 0); + rip = new_node_o(ldirp, lastc, fs_m_in.REQ_MODE, (zone_t) 0); if (rip == NIL_INODE || err_code == EEXIST) { put_inode(rip); /* can't make dir: it already exists */ @@ -311,10 +413,80 @@ printf("MFS(%d) get_inode for parent dir by mkdir() failed\n", SELF_E); return(err_code); /* new_node() always sets 'err_code' */ } + /*===========================================================================* - * fs_slink * + * fs_mkdir_s * *===========================================================================*/ -PUBLIC int fs_slink() +PUBLIC int fs_mkdir_s() +{ + int r1, r2; /* status codes */ + ino_t dot, dotdot; /* inode numbers for . and .. */ + struct inode *rip, *ldirp; + char lastc[NAME_MAX]; /* last component */ + phys_bytes len; + + /* Copy the last component and set up caller's user and group id */ + len = MFS_MIN(fs_m_in.REQ_PATH_LEN, sizeof(lastc)); + err_code = sys_safecopyfrom(FS_PROC_NR, fs_m_in.REQ_GRANT, 0, + (vir_bytes) lastc, (phys_bytes) len, D); + if (err_code != OK) return err_code; + MFS_NUL(lastc, len, sizeof(lastc)); + + caller_uid = fs_m_in.REQ_UID; + caller_gid = fs_m_in.REQ_GID; + + /* Get last directory inode */ + if ((ldirp = get_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { +printf("MFS(%d) get_inode for parent dir by mkdir() failed\n", SELF_E); + return ENOENT; + } + + /* Next make the inode. If that fails, return error code. */ + rip = new_node_s(ldirp, lastc, fs_m_in.REQ_MODE, (zone_t) 0); + + if (rip == NIL_INODE || err_code == EEXIST) { + put_inode(rip); /* can't make dir: it already exists */ + put_inode(ldirp); + return(err_code); + } + + /* Get the inode numbers for . and .. to enter in the directory. */ + dotdot = ldirp->i_num; /* parent's inode number */ + dot = rip->i_num; /* inode number of the new dir itself */ + + /* Now make dir entries for . and .. unless the disk is completely full. */ + /* Use dot1 and dot2, so the mode of the directory isn't important. */ + rip->i_mode = fs_m_in.REQ_MODE; /* set mode */ + r1 = search_dir_nocheck(rip, dot1, &dot, ENTER); /* enter . in the new dir */ + r2 = search_dir_nocheck(rip, dot2, &dotdot, ENTER); /* enter .. in the new + dir */ + + /* If both . and .. were successfully entered, increment the link counts. */ + if (r1 == OK && r2 == OK) { + /* Normal case. It was possible to enter . and .. in the new dir. */ + rip->i_nlinks++; /* this accounts for . */ + ldirp->i_nlinks++; /* this accounts for .. */ + ldirp->i_dirt = DIRTY; /* mark parent's inode as dirty */ + } else { + /* It was not possible to enter . or .. probably disk was full - + * links counts haven't been touched. + */ + if(search_dir_nocheck(ldirp, lastc, (ino_t *) 0, DELETE) != OK) + panic(__FILE__, "Dir disappeared ", rip->i_num); + rip->i_nlinks--; /* undo the increment done in new_node() */ + } + rip->i_dirt = DIRTY; /* either way, i_nlinks has changed */ + + put_inode(ldirp); /* return the inode of the parent dir */ + put_inode(rip); /* return the inode of the newly made dir */ + return(err_code); /* new_node() always sets 'err_code' */ +} + + +/*===========================================================================* + * fs_slink_o * + *===========================================================================*/ +PUBLIC int fs_slink_o() { phys_bytes len; struct inode *sip; /* inode containing symbolic link */ @@ -339,7 +511,7 @@ PUBLIC int fs_slink() MFS_NUL(string, len, sizeof(string)); /* Create the inode for the symlink. */ - sip = new_node(ldirp, string, (mode_t) (I_SYMBOLIC_LINK | RWX_MODES), + sip = new_node_o(ldirp, string, (mode_t) (I_SYMBOLIC_LINK | RWX_MODES), (zone_t) 0); /* Allocate a disk block for the contents of the symlink. @@ -387,9 +559,131 @@ PUBLIC int fs_slink() /*===========================================================================* - * new_node * + * fs_slink_s * *===========================================================================*/ -PRIVATE struct inode *new_node(struct inode *ldirp, +PUBLIC int fs_slink_s() +{ + phys_bytes len; + struct inode *sip; /* inode containing symbolic link */ + struct inode *ldirp; /* directory containing link */ + register int r; /* error code */ + char string[NAME_MAX]; /* last component of the new dir's path name */ + struct buf *bp; /* disk buffer for link */ + + caller_uid = fs_m_in.REQ_UID; + caller_gid = fs_m_in.REQ_GID; + + printf("mfs:fs_slink_s: creating link in dir inode %d dev 0x%x\n", + fs_m_in.REQ_INODE_NR, fs_dev); + + /* Temporarily open the dir. */ + if ( (ldirp = get_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { + return(EINVAL); + } + + /* Copy the link name's last component */ + len = MFS_MIN(fs_m_in.REQ_PATH_LEN, sizeof(string)); + r = sys_safecopyfrom(FS_PROC_NR, fs_m_in.REQ_GRANT, 0, + (vir_bytes) string, (phys_bytes) len, D); + if (r != OK) return r; + MFS_NUL(string, len, sizeof(string)); + + /* Create the inode for the symlink. */ + sip = new_node_s(ldirp, string, (mode_t) (I_SYMBOLIC_LINK | RWX_MODES), + (zone_t) 0); + + /* Allocate a disk block for the contents of the symlink. + * Copy contents of symlink (the name pointed to) into first disk block. + */ + if ((r = err_code) == OK) { + r = (bp = new_block(sip, (off_t) 0)) == NIL_BUF ? err_code : + sys_safecopyfrom(FS_PROC_NR, fs_m_in.REQ_GRANT2, 0, + (vir_bytes) bp->b_data, (vir_bytes) fs_m_in.REQ_SLENGTH, D); + + if(r == OK) { + bp->b_data[_MIN_BLOCK_SIZE-1] = '\0'; + sip->i_size = strlen(bp->b_data); + if(sip->i_size != fs_m_in.REQ_SLENGTH) { + /* This can happen if the user provides a buffer + * with a \0 in it. This can cause a lot of trouble + * when the symlink is used later. We could just use + * the strlen() value, but we want to let the user + * know he did something wrong. ENAMETOOLONG doesn't + * exactly describe the error, but there is no + * ENAMETOOWRONG. + */ + r = ENAMETOOLONG; + } + } + + put_block(bp, DIRECTORY_BLOCK); /* put_block() accepts NIL_BUF. */ + + if (r != OK) { + sip->i_nlinks = 0; + if (search_dir_nocheck(ldirp, string, (ino_t *) 0, DELETE) != OK) + panic(__FILE__, "Symbolic link vanished", NO_NUM); + } + } + + /* put_inode() accepts NIL_INODE as a noop, so the below are safe. */ + put_inode(sip); + put_inode(ldirp); + + return(r); +} + + +/*===========================================================================* + * fs_newnode * + *===========================================================================*/ +PUBLIC int fs_newnode() +{ + register int r; + mode_t bits; + struct inode *rip; + + caller_uid = fs_m_in.REQ_UID; + caller_gid = fs_m_in.REQ_GID; + + bits= fs_m_in.REQ_MODE; + + /* Try to allocate the inode */ + if ( (rip = alloc_inode(fs_dev, bits) ) == NIL_INODE) { + return err_code; + } + + switch (bits & S_IFMT) + { + case S_IFBLK: + case S_IFCHR: + rip->i_zone[0] = fs_m_in.REQ_DEVx; /* major/minor device numbers */ + break; + case S_IFIFO: + rip->i_pipe = I_PIPE; + break; + } + + rw_inode(rip, WRITING); /* mark inode as allocated */ + rip->i_update = ATIME | CTIME | MTIME; + + /* Fill in the fields of the response message */ + fs_m_out.RES_INODE_NR = rip->i_num; + fs_m_out.RES_MODE = rip->i_mode; + fs_m_out.RES_INODE_INDEX = (rip - &inode[0]); + fs_m_out.RES_FILE_SIZE = rip->i_size; + fs_m_out.RES_UID = rip->i_uid; + fs_m_out.RES_GID = rip->i_gid; + fs_m_out.RES_DEV = (dev_t) rip->i_zone[0]; + + return OK; +} + + + +/*===========================================================================* + * new_node_o * + *===========================================================================*/ +PRIVATE struct inode *new_node_o(struct inode *ldirp, char *string, mode_t bits, zone_t z0) { /* New_node() is called by fs_open(), fs_mknod(), and fs_mkdir(). @@ -407,7 +701,7 @@ PRIVATE struct inode *new_node(struct inode *ldirp, register int r; /* Get final component of the path. */ - rip = advance(&ldirp, string); + rip = advance_o(&ldirp, string); if (S_ISDIR(bits) && (ldirp)->i_nlinks >= ((ldirp)->i_sp->s_version == V1 ? @@ -457,8 +751,75 @@ PRIVATE struct inode *new_node(struct inode *ldirp, } +/*===========================================================================* + * new_node_s * + *===========================================================================*/ +PRIVATE struct inode *new_node_s(struct inode *ldirp, + char *string, mode_t bits, zone_t z0) +{ +/* New_node() is called by fs_open(), fs_mknod(), and fs_mkdir(). + * In all cases it allocates a new inode, makes a directory entry for it in + * the ldirp directory with string name, and initializes it. + * It returns a pointer to the inode if it can do this; + * otherwise it returns NIL_INODE. It always sets 'err_code' + * to an appropriate value (OK or an error code). + * + * The parsed path rest is returned in 'parsed' if parsed is nonzero. It + * has to hold at least NAME_MAX bytes. + */ + register struct inode *rip; + register int r; + /* Get final component of the path. */ + rip = advance_nocheck(&ldirp, string); + + if (S_ISDIR(bits) && + (ldirp)->i_nlinks >= ((ldirp)->i_sp->s_version == V1 ? + CHAR_MAX : SHRT_MAX)) { + /* New entry is a directory, alas we can't give it a ".." */ + put_inode(rip); + err_code = EMLINK; + return(NIL_INODE); + } + + if ( rip == NIL_INODE && err_code == ENOENT) { + /* Last path component does not exist. Make new directory entry. */ + if ( (rip = alloc_inode((ldirp)->i_dev, bits)) == NIL_INODE) { + /* Can't creat new inode: out of inodes. */ + return(NIL_INODE); + } + + /* Force inode to the disk before making directory entry to make + * the system more robust in the face of a crash: an inode with + * no directory entry is much better than the opposite. + */ + rip->i_nlinks++; + rip->i_zone[0] = z0; /* major/minor device numbers */ + rw_inode(rip, WRITING); /* force inode to disk now */ + + /* New inode acquired. Try to make directory entry. */ + if ((r = search_dir_nocheck(ldirp, string, &rip->i_num, ENTER)) != OK) { + rip->i_nlinks--; /* pity, have to free disk inode */ + rip->i_dirt = DIRTY; /* dirty inodes are written out */ + put_inode(rip); /* this call frees the inode */ + err_code = r; + return(NIL_INODE); + } + + } else { + /* Either last component exists, or there is some problem. */ + if (rip != NIL_INODE || err_code == EENTERMOUNT || + err_code == ELEAVEMOUNT) + r = EEXIST; + else + r = err_code; + } + + /* The caller has to return the directory inode (*ldirp). */ + err_code = r; + return(rip); +} /*===========================================================================* diff --git a/servers/mfs/path.c b/servers/mfs/path.c index 7264c3dd7..9a33284cc 100644 --- a/servers/mfs/path.c +++ b/servers/mfs/path.c @@ -25,14 +25,21 @@ PUBLIC char dot1[2] = "."; /* used for search_dir to bypass the access */ PUBLIC char dot2[3] = ".."; /* permissions for . and .. */ FORWARD _PROTOTYPE( char *get_name, (char *old_name, char string [NAME_MAX]) ); +FORWARD _PROTOTYPE( char *get_name_s, (char *name, char string[NAME_MAX+1]) ); FORWARD _PROTOTYPE( int ltraverse, (struct inode *rip, char *path, char *suffix, int pathlen) ); +FORWARD _PROTOTYPE( int ltraverse_s, (struct inode *rip, char *suffix) ); +FORWARD _PROTOTYPE( int advance_s1, (struct inode *dirp, + char string[NAME_MAX], struct inode **resp) ); +FORWARD _PROTOTYPE( int parse_path_s, (ino_t dir_ino, ino_t root_ino, + int flags, struct inode **res_inop, + size_t *offsetp, int *symlinkp) ); /*===========================================================================* - * lookup * + * lookup_o * *===========================================================================*/ -PUBLIC int lookup() +PUBLIC int lookup_o() { char string[PATH_MAX]; struct inode *rip; @@ -68,7 +75,7 @@ PUBLIC int lookup() fs_m_out.RES_OFFSET= 0; /* Lookup inode */ - rip = parse_path(user_path, string, flags); + rip = parse_path_o(user_path, string, flags); /* Copy back the last name if it is required */ if (err_code != OK || (flags & PATH_PENULTIMATE)) { @@ -93,7 +100,6 @@ PUBLIC int lookup() fs_m_out.RES_MODE = rip->i_mode; fs_m_out.RES_FILE_SIZE = rip->i_size; - /* If 'path' is a block special file, return dev number. */ if ( (rip->i_mode & I_TYPE) == I_BLOCK_SPECIAL) { fs_m_out.RES_DEV = (dev_t) rip->i_zone[0]; } @@ -106,9 +112,118 @@ PUBLIC int lookup() /*===========================================================================* - * parse_path * + * fs_lookup_s * *===========================================================================*/ -PUBLIC struct inode *parse_path(path, string, action) +PUBLIC int fs_lookup_s() +{ + cp_grant_id_t grant; + int r, r1, len, flags, symlinks; + size_t offset, size; + ino_t dir_ino, root_ino; + struct inode *rip; + + grant= fs_m_in.REQ_L_GRANT; + size= fs_m_in.REQ_L_PATH_SIZE; /* Size of the buffer */ + len = fs_m_in.REQ_L_PATH_LEN; /* including terminating nul */ + offset= fs_m_in.REQ_L_PATH_OFF; /* offset in buffer */ + dir_ino= fs_m_in.REQ_L_DIR_INO; + root_ino= fs_m_in.REQ_L_ROOT_INO; + flags = fs_m_in.REQ_L_FLAGS; + caller_uid = fs_m_in.REQ_L_UID; + caller_gid = fs_m_in.REQ_L_GID; + + /* Check length. */ + if(len > sizeof(user_path)) return E2BIG; /* too big for buffer */ + if(len < 1) + { + printf("mfs:fs_lookup_s: string too small.\n"); + return EINVAL; /* too small */ + } + + /* Copy the pathname and set up caller's user and group id */ + r = sys_safecopyfrom(FS_PROC_NR, grant, offset, + (vir_bytes) user_path, (phys_bytes) len, D); + if (r != OK) { + printf("mfs:fs_lookup_s: sys_safecopyfrom failed: %d\n", r); + return r; + } + + /* Verify this is a null-terminated path. */ + if(user_path[len-1] != '\0') { + printf("mfs:fs_lookup_s: didn't get null-terminated string.\n"); + return EINVAL; + } + +#if 0 + printf("mfs:fs_lookup_s: string '%s', ino %d, root %d\n", + user_path, dir_ino, root_ino); +#endif + + /* Lookup inode */ + rip= NULL; + r = parse_path_s(dir_ino, root_ino, flags, &rip, &offset, &symlinks); + + if (symlinks != 0 && (r == ELEAVEMOUNT || r == EENTERMOUNT || r == ESYMLINK)) + { + len= strlen(user_path)+1; + if (len > size) + return ENAMETOOLONG; + r1 = sys_safecopyto(FS_PROC_NR, grant, 0, + (vir_bytes) user_path, (phys_bytes) len, D); + if (r1 != OK) { + printf("mfs:fs_lookup_s: sys_safecopyto failed: %d\n", r1); + return r1; + } +#if 0 + printf("mfs:fs_lookup_s: copied back path '%s', offset %d\n", + user_path, offset); +#endif + } + + if (r == ELEAVEMOUNT || r == ESYMLINK) + { + /* Report offset and the error */ + fs_m_out.RES_OFFSET = offset; + fs_m_out.RES_SYMLOOP = symlinks; +#if 0 + printf("mfs:fs_lookup_s: returning %d, offset %d\n", r, offset); +#endif + if (rip) panic(__FILE__, "fs_lookup_s: rip should be clear", + (unsigned)rip); + return r; + } + + if (r != OK && r != EENTERMOUNT) + { + if (rip) panic(__FILE__, "fs_lookup_s: rip should be clear", + (unsigned)rip); + return r; + } + + fs_m_out.RES_INODE_NR = rip->i_num; + fs_m_out.RES_MODE = rip->i_mode; + fs_m_out.RES_FILE_SIZE = rip->i_size; + fs_m_out.RES_OFFSET = offset; + fs_m_out.RES_SYMLOOP2 = symlinks; + fs_m_out.RES_UID = rip->i_uid; + fs_m_out.RES_GID = rip->i_gid; + + /* This is only valid for block and character specials. But it doesn't + * cause any harm to set RES_DEV always. + */ + fs_m_out.RES_DEV = (dev_t) rip->i_zone[0]; + + if (r == EENTERMOUNT) + put_inode(rip); /* Only return a reference to the final object */ + + return r; +} + + +/*===========================================================================* + * parse_path_o * + *===========================================================================*/ +PUBLIC struct inode *parse_path_o(path, string, action) char *path; /* the path name to be parsed */ char string[NAME_MAX]; /* the final component is returned here */ int action; /* action on last part of path */ @@ -128,10 +243,9 @@ int action; /* action on last part of path */ /* Find starting inode inode according to the request message */ if ((rip = find_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { - printf("FS: couldn't find starting inode req_nr: %d %s\n", req_nr, - user_path); + printf("mfs:parse_path: couldn't find starting inode %d for %s\n", + fs_m_in.REQ_INODE_NR, user_path); err_code = ENOENT; -printf("%s, %d\n", __FILE__, __LINE__); return NIL_INODE; } @@ -141,7 +255,6 @@ printf("%s, %d\n", __FILE__, __LINE__); == NIL_INODE) { printf("FS: couldn't find chroot inode\n"); err_code = ENOENT; -printf("%s, %d\n", __FILE__, __LINE__); return NIL_INODE; } } @@ -155,13 +268,12 @@ printf("%s, %d\n", __FILE__, __LINE__); path_processed = 0; /* Current number of symlinks encountered */ - symloop = fs_m_in.REQ_SYMLOOP; + Xsymloop = fs_m_in.REQ_SYMLOOP; /* If dir has been removed return ENOENT. */ /* Note: empty (start) path is checked in the VFS process */ if (rip->i_nlinks == 0/* || *path == '\0'*/) { err_code = ENOENT; -printf("%s, %d\n", __FILE__, __LINE__); return(NIL_INODE); } @@ -172,12 +284,11 @@ printf("%s, %d\n", __FILE__, __LINE__); * point, but the last ".." component was processed in the 'previous' * FS process. Let's do that first. */ - if (rip->i_mount == I_MOUNT && rip->i_num != ROOT_INODE) { + if (rip->i_mountpoint && rip->i_num != ROOT_INODE) { dir_ip = rip; - rip = advance(&dir_ip, ".."); + rip = advance_o(&dir_ip, ".."); if (rip == NIL_INODE) { -printf("%s, %d\n", __FILE__, __LINE__); return NIL_INODE; } put_inode(rip); /* advance() increased the counter */ @@ -220,7 +331,7 @@ printf("%s, %d\n", __FILE__, __LINE__); /* There is more path. Keep parsing. */ dir_ip = rip; - rip = advance(&dir_ip, string); + rip = advance_o(&dir_ip, string); /* Mount point encountered? */ if (rip == NIL_INODE && (err_code == EENTERMOUNT || @@ -259,7 +370,7 @@ printf("%s, %d\n", __FILE__, __LINE__); } /* Symloop limit reached? */ - if (++symloop > SYMLOOP) { + if (++Xsymloop > SYMLOOP_MAX) { put_inode(dir_ip); err_code = ELOOP; return NIL_INODE; @@ -274,7 +385,7 @@ printf("%s, %d\n", __FILE__, __LINE__); put_inode(dir_ip); err_code = ESYMLINK; fs_m_out.RES_OFFSET = path_processed; - fs_m_out.RES_SYMLOOP = symloop; + fs_m_out.RES_SYMLOOP = Xsymloop; return NIL_INODE; } /* Path is relative */ @@ -302,6 +413,181 @@ printf("%s, %d\n", __FILE__, __LINE__); } } + +/*===========================================================================* + * parse_path_s * + *===========================================================================*/ +PRIVATE int parse_path_s(dir_ino, root_ino, flags, res_inop, offsetp, symlinkp) +ino_t dir_ino; +ino_t root_ino; +int flags; +struct inode **res_inop; +size_t *offsetp; +int *symlinkp; +{ + /* Parse the path in user_path, starting at dir_ino. If the path is the empty + * string, just return dir_ino. It is upto the caller to treat an empty + * path in a special way. Otherwise, if the path consists of just one or + * more slash ('/') characters, the path is replaced with ".". Otherwise, + * just look up the first (or only) component in path after skipping any + * leading slashes. + */ + int r; + struct inode *rip, *dir_ip; + char *cp, *ncp; + char string[NAME_MAX+1]; +#if 0 + struct inode *ver_rip; + char *new_name; +#endif + + /* Find starting inode inode according to the request message */ + if ((rip = find_inode(fs_dev, dir_ino)) == NIL_INODE) { + printf("mfs:parse_path_s: couldn't find starting inode\n"); + return ENOENT; + } + dup_inode(rip); + + /* No characters were processed yet */ + cp= user_path; + + /* No symlinks encountered yet */ + *symlinkp = 0; + + /* If dir has been removed return ENOENT. */ + if (rip->i_nlinks == 0) { + put_inode(rip); + return ENOENT; + } + + /* Scan the path component by component. */ + while (TRUE) { + if (cp[0] == '\0') + { + /* Empty path */ + *res_inop= rip; + *offsetp += cp-user_path; + + /* Return EENTERMOUNT if we are at a mount point */ + if (rip->i_mountpoint) + { + return EENTERMOUNT; + } + return OK; + } + + if (cp[0] == '/') + { + /* Special case code. If the remaining path consists of just + * slashes, we need to look up '.' + */ + while(cp[0] == '/') + cp++; + if (cp[0] == '\0') + { + strcpy(string, "."); + ncp= cp; + } + else + ncp= get_name_s(cp, string); + } + else + { + /* Just get the first component */ + ncp= get_name_s(cp, string); + } + + /* Special code for '..'. A process is not allowed to leave a chrooted + * environment. A lookup of '..' at the root of a mounted filesystem + * has to return ELEAVEMOUNT. + */ + if (strcmp(string, "..") == 0) + { + if (rip->i_num == root_ino) + { + cp= ncp; + continue; /* Just ignore the '..' at a process' + * root. + */ + } + if (rip->i_num == ROOT_INODE && !rip->i_sp->s_is_root) { + /* Climbing up mountpoint */ + put_inode(rip); + *res_inop= NULL; + *offsetp += cp-user_path; + return ELEAVEMOUNT; + } + } + else + { + /* Only check for a mount point if we are not looking for '..'. + */ + if (rip->i_mountpoint) + { + *res_inop= rip; + *offsetp += cp-user_path; + return EENTERMOUNT; + } + } + + /* There is more path. Keep parsing. */ + dir_ip = rip; + r = advance_s1(dir_ip, string, &rip); + + if (r != OK) + { + put_inode(dir_ip); + return r; + } + + /* The call to advance() succeeded. Fetch next component. */ + if (S_ISLNK(rip->i_mode)) { + + if (ncp[0] == '\0' && (flags & PATH_RET_SYMLINK)) + { + put_inode(dir_ip); + *res_inop= rip; + *offsetp += ncp-user_path; + + return OK; + } + + /* Extract path name from the symlink file */ + r= ltraverse_s(rip, ncp); + ncp= user_path; + + /* Symloop limit reached? */ + if (++(*symlinkp) > SYMLOOP_MAX) + r= ELOOP; + + /* Extract path name from the symlink file */ + if (r != OK) + { + put_inode(dir_ip); + put_inode(rip); + return r; + } + + if (ncp[0] == '/') + { + put_inode(dir_ip); + put_inode(rip); + *res_inop= NULL; + *offsetp= 0; + return ESYMLINK; + } + + put_inode(rip); + dup_inode(dir_ip); + rip= dir_ip; + + } + + put_inode(dir_ip); + cp= ncp; + } +} + /*===========================================================================* * ltraverse * *===========================================================================*/ @@ -364,12 +650,76 @@ int pathlen; } +/*===========================================================================* + * ltraverse_s * + *===========================================================================*/ +PRIVATE int ltraverse_s(rip, suffix) +register struct inode *rip; /* symbolic link */ +char *suffix; /* current remaining path. Has to point in the + * user_path buffer + */ +{ +/* Traverse a symbolic link. Copy the link text from the inode and insert + * the text into the path. Return error code or report success. Base + * directory has to be determined according to the first character of the + * new pathname. + */ + + block_t b; /* block containing link text */ + size_t sl; /* length of link */ + size_t tl; /* length of suffix */ + struct buf *bp; /* buffer containing link text */ + char *sp; /* start of link text */ +#if 0 + int r = OK; +#endif + + bp = NIL_BUF; + + if ((b = read_map(rip, (off_t) 0)) == NO_BLOCK) + return EIO; + + bp = get_block(rip->i_dev, b, NORMAL); + sl = rip->i_size; + sp = bp->b_data; + + tl = strlen(suffix); + if (tl > 0) + { + /* For simplicity we require that suffix starts with a slash */ + if (suffix[0] != '/') + { + panic(__FILE__, + "ltraverse_s: suffix does not start with a slash", + NO_NUM); + } + + /* Move suffix to the right place */ + if (sl + tl + 1 > sizeof(user_path)) + return ENAMETOOLONG; + if (suffix-user_path != sl) + memmove(&user_path[sl], suffix, tl+1); + } + else + { + /* Set terminating nul */ + user_path[sl]= '\0'; + } + memmove(user_path, sp, sl); + +#if 0 + printf("mfs:ltraverse_s: new path '%s'\n", user_path); +#endif + + put_block(bp, DIRECTORY_BLOCK); + return OK; +} /*===========================================================================* - * advance * + * advance_nocheck * *===========================================================================*/ -PUBLIC struct inode *advance(pdirp, string) +PUBLIC struct inode *advance_nocheck(pdirp, string) struct inode **pdirp; /* inode for directory to be searched */ char string[NAME_MAX]; /* component name to look for */ { @@ -393,7 +743,7 @@ char string[NAME_MAX]; /* component name to look for */ if (dirp == NIL_INODE) { return(NIL_INODE); } /* If 'string' is not present in the directory, signal error. */ - if ( (r = search_dir(dirp, string, &numb, LOOK_UP)) != OK) { + if ( (r = search_dir_nocheck(dirp, string, &numb, LOOK_UP)) != OK) { err_code = r; return(NIL_INODE); } @@ -427,14 +777,14 @@ char string[NAME_MAX]; /* component name to look for */ sp = rip->i_sp; if (!sp->s_is_root) { /*printf("FSadvance: ELEAVEMOUNT callnr: %d, cp: %d, restp: %s\n", - call_nr, path_processed, user_path + path_processed);*/ + call_nr, Xpath_processed, user_path + Xpath_processed);*/ /* Climbing up mountpoint */ err_code = ELEAVEMOUNT; /* This will be the FS process endoint */ fs_m_out.m_source = rip->i_dev; fs_m_out.RES_OFFSET = path_processed; - fs_m_out.RES_SYMLOOP = symloop; + fs_m_out.RES_SYMLOOP = Xsymloop; put_inode(rip); /*put_inode(dirp);*/ rip = NIL_INODE; @@ -448,15 +798,13 @@ char string[NAME_MAX]; /* component name to look for */ * mounted file system. The super_block provides the linkage between the * inode mounted on and the root directory of the mounted file system. */ - if (rip != NIL_INODE && rip->i_mount == I_MOUNT) { -/*printf("FSadvance: EENTERMOUNT callnr: %d, cp: %d, vmnti: %d, restp: %s\n", - call_nr, path_processed, rip->i_vmnt_ind, user_path + path_processed);*/ + if (rip != NIL_INODE && rip->i_mountpoint) { /* Mountpoint encountered, report it */ err_code = EENTERMOUNT; fs_m_out.RES_INODE_NR = rip->i_num; fs_m_out.RES_OFFSET = path_processed; - fs_m_out.RES_SYMLOOP = symloop; + fs_m_out.RES_SYMLOOP = Xsymloop; put_inode(rip); rip = NIL_INODE; } @@ -464,6 +812,137 @@ char string[NAME_MAX]; /* component name to look for */ } +/*===========================================================================* + * advance_o * + *===========================================================================*/ +PUBLIC struct inode *advance_o(pdirp, string) +struct inode **pdirp; /* inode for directory to be searched */ +char string[NAME_MAX]; /* component name to look for */ +{ +/* Given a directory and a component of a path, look up the component in + * the directory, find the inode, open it, and return a pointer to its inode + * slot. If it can't be done, return NIL_INODE. + */ + + register struct inode *rip, *dirp; + register struct super_block *sp; + int r, inumb; + dev_t mnt_dev; + ino_t numb; + + dirp = *pdirp; + + /* If 'string' is empty, yield same inode straight away. */ + if (string[0] == '\0') { return(get_inode(dirp->i_dev, (int) dirp->i_num)); } + + /* Check for NIL_INODE. */ + if (dirp == NIL_INODE) { return(NIL_INODE); } + + /* If 'string' is not present in the directory, signal error. */ + if ( (r = search_dir(dirp, string, &numb, LOOK_UP)) != OK) { + err_code = r; + return(NIL_INODE); + } + + /* Don't go beyond the current root directory, unless the string is dot2. + * Note: it has to be checked only if this FS process owns the chroot + * directory of the process */ + if (chroot_dir != NIL_INODE) { + if (dirp == chroot_dir && strcmp(string, "..") == 0 && string != dot2) + return(get_inode(dirp->i_dev, (int) dirp->i_num)); + } + + /* The component has been found in the directory. Get inode. */ + if ( (rip = get_inode(dirp->i_dev, (int) numb)) == NIL_INODE) { + return(NIL_INODE); + } + + /* The following test is for "mountpoint/.." where mountpoint is a + * mountpoint. ".." will refer to the root of the mounted filesystem, + * but has to become a reference to the parent of the 'mountpoint' + * directory. + * + * This case is recognized by the looked up name pointing to a + * root inode, and the directory in which it is held being a + * root inode, _and_ the name[1] being '.'. (This is a test for '..' + * and excludes '.'.) + */ + if (rip->i_num == ROOT_INODE) { + if (dirp->i_num == ROOT_INODE) { + if (string[1] == '.') { + sp = rip->i_sp; + if (!sp->s_is_root) { + + /* Climbing up mountpoint */ + err_code = ELEAVEMOUNT; + /* This will be the FS process endoint */ + fs_m_out.m_source = rip->i_dev; + fs_m_out.RES_OFFSET = path_processed; + fs_m_out.RES_SYMLOOP = Xsymloop; + put_inode(rip); + /*put_inode(dirp);*/ + rip = NIL_INODE; + } + } + } + } + if (rip == NIL_INODE) return(NIL_INODE); + + /* See if the inode is mounted on. If so, switch to root directory of the + * mounted file system. The super_block provides the linkage between the + * inode mounted on and the root directory of the mounted file system. + */ + if (rip != NIL_INODE && rip->i_mountpoint) { + + /* Mountpoint encountered, report it */ + err_code = EENTERMOUNT; + fs_m_out.RES_INODE_NR = rip->i_num; + fs_m_out.RES_OFFSET = path_processed; + fs_m_out.RES_SYMLOOP = Xsymloop; + put_inode(rip); + rip = NIL_INODE; + } + return(rip); /* return pointer to inode's component */ +} + + +/*===========================================================================* + * advance_s1 * + *===========================================================================*/ +PRIVATE int advance_s1(dirp, string, resp) +struct inode *dirp; /* inode for directory to be searched */ +char string[NAME_MAX]; /* component name to look for */ +struct inode **resp; /* resulting inode */ +{ +/* Given a directory and a component of a path, look up the component in + * the directory, find the inode, open it, and return a pointer to its inode + * slot. + */ + int r; + ino_t numb; + struct inode *rip; + + /* If 'string' is empty, return an error. */ + if (string[0] == '\0') return ENOENT; + + /* Check for NIL_INODE. */ + if (dirp == NIL_INODE) panic(__FILE__, "advance_s: nil dirp", NO_NUM); + + /* If 'string' is not present in the directory, signal error. */ + if ( (r = search_dir(dirp, string, &numb, LOOK_UP)) != OK) { + return(r); + } + + /* The component has been found in the directory. Get inode. */ + if ( (rip = get_inode(dirp->i_dev, (int) numb)) == NIL_INODE) { + return(err_code); + } + + *resp= rip; + return OK; +} + + /*===========================================================================* * get_name * *===========================================================================*/ @@ -509,6 +988,58 @@ char string[NAME_MAX]; /* component extracted from 'old_name' */ return(rnp); } + +/*===========================================================================* + * get_name_s * + *===========================================================================*/ +PRIVATE char *get_name_s(path_name, string) +char *path_name; /* path name to parse */ +char string[NAME_MAX+1]; /* component extracted from 'old_name' */ +{ +/* Given a pointer to a path name in fs space, 'path_name', copy the first + * component to 'string' (truncated if necessary, always nul terminated). + * A pointer to the string after the first component of the name as yet + * unparsed is returned. Roughly speaking, + * 'get_name_s' = 'path_name' - 'string'. + * + * This routine follows the standard convention that /usr/ast, /usr//ast, + * //usr///ast and /usr/ast/ are all equivalent. + */ + size_t len; + char *cp, *ep; + + cp= path_name; + + /* Skip leading slashes */ + while (cp[0] == '/') + cp++; + + /* Find the end of the first component */ + ep= cp; + while(ep[0] != '\0' && ep[0] != '/') + ep++; + + len= ep-cp; + + /* Truncate the amount to be copied if it exceeds NAME_MAX */ + if (len > NAME_MAX) + len= NAME_MAX; + + /* Special case of the string at cp is empty */ + if (len == 0) + { + /* Return "." */ + strcpy(string, "."); + } + else + { + memcpy(string, cp, len); + string[len]= '\0'; + } + + return ep; +} + /*===========================================================================* * search_dir * *===========================================================================*/ @@ -660,22 +1191,171 @@ int flag; /* LOOK_UP, ENTER, DELETE or IS_EMPTY */ /*===========================================================================* - * eat_path * + * search_dir_nocheck * + *===========================================================================*/ +PUBLIC int search_dir_nocheck(ldir_ptr, string, numb, flag) +register struct inode *ldir_ptr; /* ptr to inode for dir to search */ +char string[NAME_MAX]; /* component to search for */ +ino_t *numb; /* pointer to inode number */ +int flag; /* LOOK_UP, ENTER, DELETE or IS_EMPTY */ +{ +/* This function searches the directory whose inode is pointed to by 'ldip': + * if (flag == ENTER) enter 'string' in the directory with inode # '*numb'; + * if (flag == DELETE) delete 'string' from the directory; + * if (flag == LOOK_UP) search for 'string' and return inode # in 'numb'; + * if (flag == IS_EMPTY) return OK if only . and .. in dir else ENOTEMPTY; + * + * if 'string' is dot1 or dot2, no access permissions are checked. + */ + + register struct direct *dp = NULL; + register struct buf *bp = NULL; + int i, r, e_hit, t, match; + mode_t bits; + off_t pos; + unsigned new_slots, old_slots; + block_t b; + struct super_block *sp; + int extended = 0; + + /* If 'ldir_ptr' is not a pointer to a dir inode, error. */ + if ( (ldir_ptr->i_mode & I_TYPE) != I_DIRECTORY) { + return(ENOTDIR); + } + + r = OK; + + if (flag != IS_EMPTY) { + bits = (flag == LOOK_UP ? X_BIT : W_BIT | X_BIT); + + if (string == dot1 || string == dot2) { + if (flag != LOOK_UP) r = read_only(ldir_ptr); + /* only a writable device is required. */ + } + } + if (r != OK) return(r); + + /* Step through the directory one block at a time. */ + old_slots = (unsigned) (ldir_ptr->i_size/DIR_ENTRY_SIZE); + new_slots = 0; + e_hit = FALSE; + match = 0; /* set when a string match occurs */ + + for (pos = 0; pos < ldir_ptr->i_size; pos += ldir_ptr->i_sp->s_block_size) { + b = read_map(ldir_ptr, pos); /* get block number */ + + /* Since directories don't have holes, 'b' cannot be NO_BLOCK. */ + bp = get_block(ldir_ptr->i_dev, b, NORMAL); /* get a dir block */ + + if (bp == NO_BLOCK) + panic(__FILE__,"get_block returned NO_BLOCK", NO_NUM); + + /* Search a directory block. */ + for (dp = &bp->b_dir[0]; + dp < &bp->b_dir[NR_DIR_ENTRIES(ldir_ptr->i_sp->s_block_size)]; + dp++) { + if (++new_slots > old_slots) { /* not found, but room left */ + if (flag == ENTER) e_hit = TRUE; + break; + } + + /* Match occurs if string found. */ + if (flag != ENTER && dp->d_ino != 0) { + if (flag == IS_EMPTY) { + /* If this test succeeds, dir is not empty. */ + if (strcmp(dp->d_name, "." ) != 0 && + strcmp(dp->d_name, "..") != 0) match = 1; + } else { + if (strncmp(dp->d_name, string, NAME_MAX) == 0){ + match = 1; + } + } + } + + if (match) { + /* LOOK_UP or DELETE found what it wanted. */ + r = OK; + if (flag == IS_EMPTY) r = ENOTEMPTY; + else if (flag == DELETE) { + /* Save d_ino for recovery. */ + t = NAME_MAX - sizeof(ino_t); + *((ino_t *) &dp->d_name[t]) = dp->d_ino; + dp->d_ino = 0; /* erase entry */ + bp->b_dirt = DIRTY; + ldir_ptr->i_update |= CTIME | MTIME; + ldir_ptr->i_dirt = DIRTY; + } else { + sp = ldir_ptr->i_sp; /* 'flag' is LOOK_UP */ + *numb = conv4(sp->s_native, (int) dp->d_ino); + } + put_block(bp, DIRECTORY_BLOCK); + return(r); + } + + /* Check for free slot for the benefit of ENTER. */ + if (flag == ENTER && dp->d_ino == 0) { + e_hit = TRUE; /* we found a free slot */ + break; + } + } + + /* The whole block has been searched or ENTER has a free slot. */ + if (e_hit) break; /* e_hit set if ENTER can be performed now */ + put_block(bp, DIRECTORY_BLOCK); /* otherwise, continue searching dir */ + } + + /* The whole directory has now been searched. */ + if (flag != ENTER) { + return(flag == IS_EMPTY ? OK : ENOENT); + } + + /* This call is for ENTER. If no free slot has been found so far, try to + * extend directory. + */ + if (e_hit == FALSE) { /* directory is full and no room left in last block */ + new_slots++; /* increase directory size by 1 entry */ + if (new_slots == 0) return(EFBIG); /* dir size limited by slot count */ + if ( (bp = new_block(ldir_ptr, ldir_ptr->i_size)) == NIL_BUF) + return(err_code); + dp = &bp->b_dir[0]; + extended = 1; + } + + /* 'bp' now points to a directory block with space. 'dp' points to slot. */ + (void) memset(dp->d_name, 0, (size_t) NAME_MAX); /* clear entry */ + for (i = 0; i < NAME_MAX && string[i]; i++) dp->d_name[i] = string[i]; + sp = ldir_ptr->i_sp; + dp->d_ino = conv4(sp->s_native, (int) *numb); + bp->b_dirt = DIRTY; + put_block(bp, DIRECTORY_BLOCK); + ldir_ptr->i_update |= CTIME | MTIME; /* mark mtime for update later */ + ldir_ptr->i_dirt = DIRTY; + if (new_slots > old_slots) { + ldir_ptr->i_size = (off_t) new_slots * DIR_ENTRY_SIZE; + /* Send the change to disk if the directory is extended. */ + if (extended) rw_inode(ldir_ptr, WRITING); + } + return(OK); +} + + +/*===========================================================================* + * eat_path_o * *===========================================================================*/ -PUBLIC struct inode *eat_path(path) +PUBLIC struct inode *eat_path_o(path) char *path; /* the path name to be parsed */ { /* Parse the path 'path' and put its inode in the inode table. If not possible, * return NIL_INODE as function value and an error code in 'err_code'. */ - return parse_path(path, (char *) 0, EAT_PATH); + return parse_path_o(path, (char *) 0, EAT_PATH); } /*===========================================================================* - * last_dir * + * last_dir_o * *===========================================================================*/ -PUBLIC struct inode *last_dir(path, string) +PUBLIC struct inode *last_dir_o(path, string) char *path; /* the path name to be parsed */ char string[NAME_MAX]; /* the final component is returned here */ { @@ -687,6 +1367,6 @@ char string[NAME_MAX]; /* the final component is returned here */ * the reason for failure in 'err_code'. */ - return parse_path(path, string, LAST_DIR); + return parse_path_o(path, string, LAST_DIR); } diff --git a/servers/mfs/pipe.c b/servers/mfs/pipe.c index 188cf27ed..1d9e4c26d 100644 --- a/servers/mfs/pipe.c +++ b/servers/mfs/pipe.c @@ -30,18 +30,12 @@ PUBLIC int fs_pipe(void) return err_code; } - /* !!! already checked in alloc_inode - if (read_only(rip) != OK) - panic(__FILE__,"pipe device is read only", NO_NUM); - */ - /* Fill in the fields of the inode */ rip->i_pipe = I_PIPE; rip->i_mode &= ~I_REGULAR; rip->i_mode |= I_NAMED_PIPE; /* pipes and FIFOs have this bit set */ /* We'll need it twice, nothing can go wrong here */ - dup_inode(rip); rw_inode(rip, WRITING); /* mark inode as allocated */ rip->i_update = ATIME | CTIME | MTIME; @@ -50,6 +44,9 @@ PUBLIC int fs_pipe(void) fs_m_out.RES_INODE_NR = rip->i_num; fs_m_out.RES_MODE = rip->i_mode; fs_m_out.RES_INODE_INDEX = (rip - &inode[0]) / sizeof(struct inode); + fs_m_out.RES_FILE_SIZE = rip->i_size; + fs_m_out.RES_UID = rip->i_uid; + fs_m_out.RES_GID = rip->i_gid; return OK; } diff --git a/servers/mfs/protect.c b/servers/mfs/protect.c index ecf80c246..a0fba3028 100644 --- a/servers/mfs/protect.c +++ b/servers/mfs/protect.c @@ -20,33 +20,14 @@ PUBLIC int fs_chmod() register struct inode *rip; register int r; - caller_uid = fs_m_in.REQ_UID; - caller_gid = fs_m_in.REQ_GID; - /* Temporarily open the file. */ if ( (rip = get_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { printf("MFS(%d) get_inode by fs_chmod() failed\n", SELF_E); return(EINVAL); } - /* Only the owner or the super_user may change the mode of a file. - * No one may change the mode of a file on a read-only file system. - */ - if (rip->i_uid != caller_uid && caller_uid != SU_UID) - r = EPERM; - else - r = read_only(rip); - - /* If error, return inode. */ - if (r != OK) { - put_inode(rip); - return(r); - } - /* Now make the change. Clear setgid bit if file is not in caller's grp */ rip->i_mode = (rip->i_mode & ~ALL_MODES) | (fs_m_in.REQ_MODE & ALL_MODES); - if (caller_uid != SU_UID && rip->i_gid != caller_gid) - rip->i_mode &= ~I_SET_GID_BIT; rip->i_update |= CTIME; rip->i_dirt = DIRTY; @@ -78,19 +59,7 @@ printf("MFS(%d) get_inode by fs_chown() failed\n", SELF_E); /* Not permitted to change the owner of a file on a read-only file sys. */ r = read_only(rip); if (r == OK) { - /* FS is R/W. Whether call is allowed depends on ownership, etc. */ - if (caller_uid == SU_UID) { - /* The super user can do anything. */ - rip->i_uid = fs_m_in.REQ_NEW_UID; /* others later */ - } else { - /* Regular users can only change groups of their own files. */ - if (rip->i_uid != caller_uid) r = EPERM; - if (rip->i_uid != fs_m_in.REQ_NEW_UID) - r = EPERM; /* no giving away */ - if (caller_gid != fs_m_in.REQ_NEW_GID) r = EPERM; - } - } - if (r == OK) { + rip->i_uid = fs_m_in.REQ_NEW_UID; rip->i_gid = fs_m_in.REQ_NEW_GID; rip->i_mode &= ~(I_SET_UID_BIT | I_SET_GID_BIT); rip->i_update |= CTIME; @@ -106,9 +75,9 @@ printf("MFS(%d) get_inode by fs_chown() failed\n", SELF_E); } /*===========================================================================* - * fs_access * + * fs_access_o * *===========================================================================*/ -PUBLIC int fs_access() +PUBLIC int fs_access_o() { struct inode *rip; register int r; @@ -145,6 +114,13 @@ PUBLIC int forbidden(register struct inode *rip, mode_t access_desired) register mode_t bits, perm_bits; int r, shift, type; + if (caller_uid == (uid_t)-1 && caller_gid == (uid_t)-1) + { + printf( + "forbidden: warning caller_uid and caller_gid not initialized\n"); + stacktrace(); + } + /* if (rip->i_mount == I_MOUNT) for (sp = &super_block[1]; sp < &super_block[NR_SUPERS]; sp++) @@ -185,9 +161,14 @@ PUBLIC int forbidden(register struct inode *rip, mode_t access_desired) if (access_desired & W_BIT) r = read_only(rip); +#if 0 + if (r != OK) printf( + "forbidden: caller uid/gid %d/%d object uid/gid %d/%d, returning %d\n", + caller_uid, caller_gid, rip->i_uid, rip->i_gid, r); +#endif + if (rip != old_rip) put_inode(rip); -/*printf("FSforbidden: %s %s\n", user_path, (r == OK ? "OK" : "notOK")); */ return(r); } diff --git a/servers/mfs/proto.h b/servers/mfs/proto.h index 8b3bbca80..cea152dd3 100644 --- a/servers/mfs/proto.h +++ b/servers/mfs/proto.h @@ -9,41 +9,24 @@ struct inode; struct super_block; -int fs_open(void); int fs_putnode(void); int fs_getnode(void); int fs_pipe(void); -int fs_readwrite(void); int fs_clone_opcl(void); int fs_new_driver(void); int fs_ftrunc(void); int fs_chown(void); int fs_chmod(void); -int fs_access(void); -int fs_mknod(void); -int fs_mkdir(void); int fs_inhibread(void); int fs_stat(void); -int fs_create(void); -int fs_unlink(void); int fs_utime(void); int fs_fstatfs(void); -int fs_link(void); -int fs_lookup_rn_old(void); -int fs_lookup_rn_new(void); -int fs_rename(void); -int fs_mountpoint(void); -int fs_readsuper(void); int fs_unmount(void); int fs_trunc(void); int fs_sync(void); int fs_stime(void); -int lookup(void); -int fs_slink(void); -int fs_rdlink(void); -int fs_breadwrite(void); int fs_getdents(void); int fs_flush(void); @@ -70,6 +53,9 @@ _PROTOTYPE( void invalidate2, (Dev_t device) ); /* device.c */ _PROTOTYPE( int block_dev_io, (int op, Dev_t dev, int proc, void *buf, u64_t pos, int bytes, int flags) ); +_PROTOTYPE( int dev_open, (endpoint_t driver_e, Dev_t dev, int proc, + int flags) ); +_PROTOTYPE( void dev_close, (endpoint_t driver_e, Dev_t dev) ); /* inode.c */ @@ -85,6 +71,14 @@ _PROTOTYPE( void rw_inode, (struct inode *rip, int rw_flag) ); _PROTOTYPE( void wipe_inode, (struct inode *rip) ); /* link.c */ +int fs_link_o(void); +int fs_link_s(void); +int fs_rdlink_o(void); +int fs_rdlink_s(void); +int fs_rename_o(void); +int fs_rename_s(void); +int fs_unlink_o(void); +int fs_unlink_s(void); _PROTOTYPE( int truncate_inode, (struct inode *rip, off_t len) ); _PROTOTYPE( int freesp_inode, (struct inode *rip, off_t st, off_t end) ); @@ -111,11 +105,24 @@ _PROTOTYPE( int do_svrctl, (void) ); _PROTOTYPE( int do_getsysinfo, (void) ); /* mount.c */ +int fs_mountpoint_o(void); +int fs_mountpoint_s(void); +int fs_readsuper_o(void); +int fs_readsuper_s(void); _PROTOTYPE( int do_mount, (void) ); _PROTOTYPE( int do_umount, (void) ); _PROTOTYPE( int unmount, (Dev_t dev) ); /* open.c */ +int fs_create_o(void); +int fs_create_s(void); +int fs_mkdir_o(void); +int fs_mkdir_s(void); +int fs_mknod_o(void); +int fs_mknod_s(void); +int fs_slink_o(void); +int fs_slink_s(void); +int fs_newnode(void); _PROTOTYPE( int do_close, (void) ); _PROTOTYPE( int do_creat, (void) ); _PROTOTYPE( int do_lseek, (void) ); @@ -125,16 +132,24 @@ _PROTOTYPE( int do_open, (void) ); _PROTOTYPE( int do_slink, (void) ); /* path.c */ -_PROTOTYPE( struct inode *advance,(struct inode **dirp, char string[NAME_MAX])); +int lookup_o(void); +int fs_lookup_s(void); +_PROTOTYPE( struct inode *advance_o,(struct inode **dirp, + char string[NAME_MAX]) ); +_PROTOTYPE( struct inode *advance_nocheck,(struct inode **dirp, + char string[NAME_MAX]) ); _PROTOTYPE( int search_dir, (struct inode *ldir_ptr, char string [NAME_MAX], ino_t *numb, int flag) ); -_PROTOTYPE( struct inode *eat_path, (char *path) ); -_PROTOTYPE( struct inode *last_dir, (char *path, char string [NAME_MAX])); -_PROTOTYPE( struct inode *parse_path, (char *path, char string[NAME_MAX], - int action) ); +_PROTOTYPE( int search_dir_nocheck, (struct inode *ldir_ptr, + char string [NAME_MAX], ino_t *numb, int flag) ); +_PROTOTYPE( struct inode *eat_path_o, (char *path) ); +_PROTOTYPE( struct inode *last_dir_o, (char *path, char string [NAME_MAX])); +_PROTOTYPE( struct inode *parse_path_o, (char *path, + char string[NAME_MAX], int action) ); /* protect.c */ +int fs_access_o(void); _PROTOTYPE( int do_access, (void) ); _PROTOTYPE( int do_chmod, (void) ); _PROTOTYPE( int do_chown, (void) ); @@ -143,6 +158,10 @@ _PROTOTYPE( int forbidden, (struct inode *rip, mode_t access_desired) ); _PROTOTYPE( int read_only, (struct inode *ip) ); /* read.c */ +int fs_breadwrite_o(void); +int fs_breadwrite_s(void); +int fs_readwrite_o(void); +int fs_readwrite_s(void); _PROTOTYPE( int do_read, (void) ); _PROTOTYPE( struct buf *rahead, (struct inode *rip, block_t baseblock, u64_t position, unsigned bytes_ahead) ); diff --git a/servers/mfs/read.c b/servers/mfs/read.c index 453a226ef..6c789bdc8 100644 --- a/servers/mfs/read.c +++ b/servers/mfs/read.c @@ -18,12 +18,15 @@ FORWARD _PROTOTYPE( int rw_chunk, (struct inode *rip, u64_t position, unsigned off, int chunk, unsigned left, int rw_flag, char *buff, int seg, int usr, int block_size, int *completed)); +FORWARD _PROTOTYPE( int rw_chunk_s, (struct inode *rip, u64_t position, + unsigned off, int chunk, unsigned left, int rw_flag, + cp_grant_id_t gid, unsigned buf_off, int block_size, int *completed)); /*===========================================================================* - * fs_readwrite * + * fs_readwrite_o * *===========================================================================*/ -PUBLIC int fs_readwrite(void) +PUBLIC int fs_readwrite_o(void) { int r, usr, seg, rw_flag, chunk, block_size, block_spec; int partial_cnt, regular, partial_pipe, nrbytes; @@ -64,7 +67,7 @@ PUBLIC int fs_readwrite(void) f_size = (block_spec ? ULONG_MAX : rip->i_size); /* Get the values from the request message */ - rw_flag = (fs_m_in.m_type == REQ_READ ? READING : WRITING); + rw_flag = (fs_m_in.m_type == REQ_READ_O ? READING : WRITING); usr = fs_m_in.REQ_FD_WHO_E; seg = fs_m_in.REQ_FD_SEG; position = fs_m_in.REQ_FD_POS; @@ -161,9 +164,150 @@ PUBLIC int fs_readwrite(void) /*===========================================================================* - * fs_breadwrite * + * fs_readwrite_s * + *===========================================================================*/ +PUBLIC int fs_readwrite_s(void) +{ + int r, rw_flag, chunk, block_size, block_spec; + int partial_cnt, regular, partial_pipe, nrbytes; + cp_grant_id_t gid; + off_t position, f_size, bytes_left; + unsigned int off, cum_io; + mode_t mode_word; + int completed, r2 = OK; + struct inode *rip; + + partial_pipe = 0; + r = OK; + + /* Try to get inode according to its index */ + if (fs_m_in.REQ_FD_INODE_INDEX >= 0 && + fs_m_in.REQ_FD_INODE_INDEX < NR_INODES && + inode[fs_m_in.REQ_FD_INODE_INDEX].i_num == fs_m_in.REQ_FD_INODE_NR) { + rip = &inode[fs_m_in.REQ_FD_INODE_INDEX]; + } + else { + /* Find the inode referred */ + rip = find_inode(fs_dev, fs_m_in.REQ_FD_INODE_NR); + if (!rip) { + printf("FS: unavaliable inode by fs_readwrite(), nr: %d\n", + fs_m_in.REQ_FD_INODE_NR); + return EINVAL; + } + } + + mode_word = rip->i_mode & I_TYPE; + regular = (mode_word == I_REGULAR || mode_word == I_NAMED_PIPE); + block_spec = (mode_word == I_BLOCK_SPECIAL ? 1 : 0); + + /* Determine blocksize */ + block_size = (block_spec ? get_block_size(rip->i_zone[0]) + : rip->i_sp->s_block_size); + + f_size = (block_spec ? ULONG_MAX : rip->i_size); + + /* Get the values from the request message */ + rw_flag = (fs_m_in.m_type == REQ_READ_S ? READING : WRITING); + gid = fs_m_in.REQ_FD_GID; + position = fs_m_in.REQ_FD_POS; + nrbytes = (unsigned) fs_m_in.REQ_FD_NBYTES; + /*partial_cnt = fs_m_in.REQ_FD_PARTIAL;*/ + + /*if (partial_cnt > 0) partial_pipe = 1;*/ + + rdwt_err = OK; /* set to EIO if disk error occurs */ + + if (rw_flag == WRITING && block_spec == 0) { + /* Check in advance to see if file will grow too big. */ + if (position > rip->i_sp->s_max_size - nrbytes) + return(EFBIG); + + /* Clear the zone containing present EOF if hole about + * to be created. This is necessary because all unwritten + * blocks prior to the EOF must read as zeros. + */ + if (position > f_size) clear_zone(rip, f_size, 0); + } + + cum_io = 0; + /* Split the transfer into chunks that don't span two blocks. */ + while (nrbytes != 0) { + off = (unsigned int) (position % block_size);/* offset in blk*/ + + chunk = MIN(nrbytes, block_size - off); + if (chunk < 0) chunk = block_size - off; + + if (rw_flag == READING) { + bytes_left = f_size - position; + if (position >= f_size) break; /* we are beyond EOF */ + if (chunk > bytes_left) chunk = (int) bytes_left; + } + + /* Read or write 'chunk' bytes. */ + r = rw_chunk_s(rip, cvul64(position), off, chunk, (unsigned) nrbytes, + rw_flag, gid, cum_io, block_size, &completed); + + if (r != OK) break; /* EOF reached */ + if (rdwt_err < 0) break; + + /* Update counters and pointers. */ + nrbytes -= chunk; /* bytes yet to be read */ + cum_io += chunk; /* bytes read so far */ + position += chunk; /* position within the file */ + } + + fs_m_out.RES_FD_POS = position; /* It might change later and the VFS has + to know this value */ + + /* On write, update file size and access time. */ + if (rw_flag == WRITING) { + if (regular || mode_word == I_DIRECTORY) { + if (position > f_size) rip->i_size = position; + } + } + else { + if (rip->i_pipe == I_PIPE) { + if ( position >= rip->i_size) { + /* Reset pipe pointers. */ + rip->i_size = 0; /* no data left */ + position = 0; /* reset reader(s) */ + } + } + } + + /* Check to see if read-ahead is called for, and if so, set it up. */ + if (rw_flag == READING && rip->i_seek == NO_SEEK && position % block_size == 0 + && (regular || mode_word == I_DIRECTORY)) { + rdahed_inode = rip; + rdahedpos = position; + } + rip->i_seek = NO_SEEK; + + if (rdwt_err != OK) r = rdwt_err; /* check for disk error */ + if (rdwt_err == END_OF_FILE) r = OK; + + /* if user-space copying failed, read/write failed. */ + if (r == OK && r2 != OK) { + r = r2; + } + + if (r == OK) { + if (rw_flag == READING) rip->i_update |= ATIME; + if (rw_flag == WRITING) rip->i_update |= CTIME | MTIME; + rip->i_dirt = DIRTY; /* inode is thus now dirty */ + } + + fs_m_out.RES_FD_CUM_IO = cum_io; + fs_m_out.RES_FD_SIZE = rip->i_size; + + return(r); +} + + +/*===========================================================================* + * fs_breadwrite_o * *===========================================================================*/ -PUBLIC int fs_breadwrite(void) +PUBLIC int fs_breadwrite_o(void) { int r, usr, rw_flag, chunk, block_size; int nrbytes; @@ -179,7 +323,7 @@ PUBLIC int fs_breadwrite(void) r = OK; /* Get the values from the request message */ - rw_flag = (fs_m_in.m_type == REQ_BREAD ? READING : WRITING); + rw_flag = (fs_m_in.m_type == REQ_BREAD_O ? READING : WRITING); usr = fs_m_in.REQ_XFD_WHO_E; position = make64(fs_m_in.REQ_XFD_POS_LO, fs_m_in.REQ_XFD_POS_HI); nrbytes = (unsigned) fs_m_in.REQ_XFD_NBYTES; @@ -227,6 +371,71 @@ PUBLIC int fs_breadwrite(void) } +/*===========================================================================* + * fs_breadwrite_s * + *===========================================================================*/ +PUBLIC int fs_breadwrite_s(void) +{ + int r, rw_flag, chunk, block_size; + cp_grant_id_t gid; + int nrbytes; + u64_t position; + unsigned int off, cum_io; + mode_t mode_word; + int completed, r2 = OK; + + /* Pseudo inode for rw_chunk */ + struct inode rip; + + r = OK; + + /* Get the values from the request message */ + rw_flag = (fs_m_in.m_type == REQ_BREAD_S ? READING : WRITING); + gid = fs_m_in.REQ_XFD_GID; + position = make64(fs_m_in.REQ_XFD_POS_LO, fs_m_in.REQ_XFD_POS_HI); + nrbytes = (unsigned) fs_m_in.REQ_XFD_NBYTES; + + block_size = get_block_size(fs_m_in.REQ_XFD_BDEV); + + rip.i_zone[0] = fs_m_in.REQ_XFD_BDEV; + rip.i_mode = I_BLOCK_SPECIAL; + rip.i_size = 0; + + rdwt_err = OK; /* set to EIO if disk error occurs */ + + cum_io = 0; + /* Split the transfer into chunks that don't span two blocks. */ + while (nrbytes != 0) { + off = rem64u(position, block_size); /* offset in blk*/ + + chunk = MIN(nrbytes, block_size - off); + if (chunk < 0) chunk = block_size - off; + + /* Read or write 'chunk' bytes. */ + r = rw_chunk_s(&rip, position, off, chunk, (unsigned) nrbytes, + rw_flag, gid, cum_io, block_size, &completed); + + if (r != OK) break; /* EOF reached */ + if (rdwt_err < 0) break; + + /* Update counters and pointers. */ + nrbytes -= chunk; /* bytes yet to be read */ + cum_io += chunk; /* bytes read so far */ + position= add64ul(position, chunk); /* position within the file */ + } + + fs_m_out.RES_XFD_POS_LO = ex64lo(position); + fs_m_out.RES_XFD_POS_HI = ex64hi(position); + + if (rdwt_err != OK) r = rdwt_err; /* check for disk error */ + if (rdwt_err == END_OF_FILE) r = OK; + + fs_m_out.RES_XFD_CUM_IO = cum_io; + + return(r); +} + + /*===========================================================================* * rw_chunk * *===========================================================================*/ @@ -324,6 +533,104 @@ int *completed; /* number of bytes copied */ } +/*===========================================================================* + * rw_chunk_s * + *===========================================================================*/ +PRIVATE int rw_chunk_s(rip, position, off, chunk, left, rw_flag, gid, + buf_off, block_size, completed) +register struct inode *rip; /* pointer to inode for file to be rd/wr */ +u64_t position; /* position within file to read or write */ +unsigned off; /* off within the current block */ +int chunk; /* number of bytes to read or write */ +unsigned left; /* max number of bytes wanted after position */ +int rw_flag; /* READING or WRITING */ +cp_grant_id_t gid; /* grant */ +unsigned buf_off; /* offset in grant */ +int block_size; /* block size of FS operating on */ +int *completed; /* number of bytes copied */ +{ +/* Read or write (part of) a block. */ + + register struct buf *bp; + register int r = OK; + int n, block_spec; + block_t b; + dev_t dev; + + *completed = 0; + + block_spec = (rip->i_mode & I_TYPE) == I_BLOCK_SPECIAL; + + if (block_spec) { + b = div64u(position, block_size); + dev = (dev_t) rip->i_zone[0]; + } + else { + if (ex64hi(position) != 0) + panic(__FILE__, "rw_chunk: position too high", NO_NUM); + b = read_map(rip, ex64lo(position)); + dev = rip->i_dev; + } + + if (!block_spec && b == NO_BLOCK) { + if (rw_flag == READING) { + /* Reading from a nonexistent block. Must read as all zeros.*/ + bp = get_block(NO_DEV, NO_BLOCK, NORMAL); /* get a buffer */ + zero_block(bp); + } + else { + /* Writing to a nonexistent block. Create and enter in inode.*/ + if ((bp= new_block(rip, ex64lo(position))) == NIL_BUF) + return(err_code); + } + } + else if (rw_flag == READING) { + /* Read and read ahead if convenient. */ + bp = rahead(rip, b, position, left); + } + else { + /* Normally an existing block to be partially overwritten is first read + * in. However, a full block need not be read in. If it is already in + * the cache, acquire it, otherwise just acquire a free buffer. + */ + n = (chunk == block_size ? NO_READ : NORMAL); + if (!block_spec && off == 0 && ex64lo(position) >= rip->i_size) + n = NO_READ; + bp = get_block(dev, b, n); + } + + /* In all cases, bp now points to a valid buffer. */ + if (bp == NIL_BUF) { + panic(__FILE__,"bp not valid in rw_chunk, this can't happen", NO_NUM); + } + + if (rw_flag == WRITING && chunk != block_size && !block_spec && + ex64lo(position) >= rip->i_size && off == 0) { + zero_block(bp); + } + + if (rw_flag == READING) { + /* Copy a chunk from the block buffer to user space. */ +#if 0 + printf("sys_safecopyto: proc %d, gid %d, off %d, size %d\n", + FS_PROC_NR, gid, buf_off, chunk); +#endif + r = sys_safecopyto(FS_PROC_NR, gid, buf_off, + (vir_bytes) (bp->b_data+off), (phys_bytes) chunk, D); + } + else { + /* Copy a chunk from user space to the block buffer. */ + r = sys_safecopyfrom(FS_PROC_NR, gid, buf_off, + (vir_bytes) (bp->b_data+off), (phys_bytes) chunk, D); + bp->b_dirt = DIRTY; + } + n = (off + chunk == block_size ? FULL_DATA_BLOCK : PARTIAL_DATA_BLOCK); + put_block(bp, n); + + return(r); +} + + /*===========================================================================* * read_map * *===========================================================================*/ diff --git a/servers/mfs/table.c b/servers/mfs/table.c index 9a5a8f243..0b2c0e00e 100644 --- a/servers/mfs/table.c +++ b/servers/mfs/table.c @@ -17,47 +17,55 @@ PUBLIC _PROTOTYPE (int (*fs_call_vec[]), (void) ) = { no_sys, /* 0 not used */ fs_getnode, /* 1 */ fs_putnode, /* 2 */ - fs_open, /* 3 */ + fs_slink_s, /* 3 */ fs_pipe, /* 4 */ - fs_readwrite, /* 5 */ /* read() */ - fs_readwrite, /* 6 */ /* write() */ + fs_readwrite_o, /* 5 */ /* read() */ + fs_readwrite_o, /* 6 */ /* write() */ fs_clone_opcl, /* 7 */ fs_ftrunc, /* 8 */ - fs_chown, /* 9 */ fs_chmod, /* 10 */ - fs_access, /* 11 */ - fs_mknod, /* 12 */ - fs_mkdir, /* 13 */ + fs_access_o, /* 11 */ + fs_mknod_o, /* 12 */ + fs_mkdir_o, /* 13 */ fs_inhibread, /* 14 */ /* for lseek() */ fs_stat, /* 15 */ - fs_create, /* 16 */ - fs_unlink, /* 17 */ /* unlink() */ - fs_unlink, /* 18 */ /* rmdir() */ + fs_create_o, /* 16 */ + fs_unlink_o, /* 17 */ /* unlink() */ + fs_unlink_o, /* 18 */ /* rmdir() */ fs_utime, /* 19 */ - no_sys, /* 20 */ + fs_rdlink_s, /* 20 */ fs_fstatfs, /* 21 */ - no_sys, /* 22 */ - no_sys, /* 23 */ - no_sys, /* 24 */ - fs_link, /* 25 */ - - fs_slink, /* 26 */ - fs_rdlink, /* 27 */ - - fs_rename, /* 28 */ - no_sys, /* 29 */ - fs_mountpoint, /* 30 */ - fs_readsuper, /* 31 */ + fs_breadwrite_s, /* 22 */ + fs_breadwrite_s, /* 23 */ + fs_unlink_s, /* 24 */ /* unlink() */ + fs_link_o, /* 25 */ + fs_slink_o, /* 26 */ + fs_rdlink_o, /* 27 */ + fs_rename_o, /* 28 */ + fs_unlink_s, /* 29 */ /* rmdir() */ + fs_mountpoint_o, /* 30 */ + fs_readsuper_o, /* 31 */ fs_unmount, /* 32 */ fs_trunc, /* 33 */ fs_sync, /* 34 */ - lookup, /* 35 */ + lookup_o, /* 35 */ fs_stime, /* 36 */ fs_new_driver, /* 37 */ - fs_breadwrite, /* 38 */ - fs_breadwrite, /* 39 */ - fs_getdents, /* 40 */ - fs_flush, /* 41 */ + fs_breadwrite_o, /* 38 */ + fs_breadwrite_o, /* 39 */ + fs_getdents, /* 40 */ + fs_flush, /* 41 */ + fs_readwrite_s, /* 42 */ + fs_readwrite_s, /* 43 */ + fs_mknod_s, /* 44 */ + fs_mkdir_s, /* 45 */ + fs_create_s, /* 46 */ + fs_link_s, /* 47 */ + fs_rename_s, /* 48 */ + fs_lookup_s, /* 49 */ + fs_mountpoint_s, /* 50 */ + fs_readsuper_s, /* 51 */ + fs_newnode, /* 52 */ }; diff --git a/servers/mfs/time.c b/servers/mfs/time.c index 9a4f30ee6..adb4c6bb0 100644 --- a/servers/mfs/time.c +++ b/servers/mfs/time.c @@ -17,9 +17,6 @@ PUBLIC int fs_utime() register struct inode *rip; register int r; - caller_uid = fs_m_in.REQ_UID; - caller_gid = fs_m_in.REQ_GID; - /* Temporarily open the file. */ if ( (rip = get_inode(fs_dev, fs_m_in.REQ_INODE_NR)) == NIL_INODE) { printf("MFS(%d) get_inode by fs_utime() failed\n", SELF_E); @@ -28,17 +25,11 @@ printf("MFS(%d) get_inode by fs_utime() failed\n", SELF_E); /* Only the owner of a file or the super_user can change its time. */ r = OK; - if (rip->i_uid != caller_uid && caller_uid != SU_UID) r = EPERM; - if (fs_m_in.REQ_ACTIME == 0 && r != OK) r = forbidden(rip, W_BIT); if (read_only(rip) != OK) r = EROFS; /* not even su can touch if R/O */ if (r == OK) { - if (fs_m_in.REQ_ACTIME == 0) { - rip->i_atime = fs_m_in.REQ_MODTIME; - rip->i_mtime = rip->i_atime; - } else { - rip->i_atime = fs_m_in.REQ_ACTIME; - rip->i_mtime = fs_m_in.REQ_MODTIME; - } + rip->i_atime = fs_m_in.REQ_ACTIME; + rip->i_mtime = fs_m_in.REQ_MODTIME; + rip->i_update = CTIME; /* discard any stale ATIME and MTIME flags */ rip->i_dirt = DIRTY; } diff --git a/servers/mfs/utility.c b/servers/mfs/utility.c index 79de888f8..0eda1994f 100644 --- a/servers/mfs/utility.c +++ b/servers/mfs/utility.c @@ -19,6 +19,7 @@ static int panicking; PUBLIC int no_sys() { /* Somebody has used an illegal system call number */ + printf("no_sys: invalid call %d\n", req_nr); return(EINVAL); } @@ -86,7 +87,16 @@ PUBLIC time_t clock_time() register int k; clock_t uptime; - if ( (k=getuptime(&uptime)) != OK) panic(__FILE__,"clock_time err", k); + if (use_getuptime2) + { + if ( (k=getuptime2(&uptime,&boottime)) != OK) + panic(__FILE__,"clock_time: getuptme2 failed", k); + } + else + { + if ( (k=getuptime(&uptime)) != OK) + panic(__FILE__,"clock_time err", k); + } return( (time_t) (boottime + (uptime/HZ))); }