master
1/*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1985, 1989, 1991, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 * @(#)namei.h 8.5 (Berkeley) 1/9/95
32 */
33
34#ifndef _SYS_NAMEI_H_
35#define _SYS_NAMEI_H_
36
37#include <sys/caprights.h>
38#include <sys/filedesc.h>
39#include <sys/queue.h>
40#include <sys/_seqc.h>
41#include <sys/_uio.h>
42
43enum nameiop { LOOKUP, CREATE, DELETE, RENAME };
44
45struct componentname {
46 /*
47 * Arguments to lookup.
48 */
49 u_int64_t cn_flags; /* flags to namei */
50 struct ucred *cn_cred; /* credentials */
51 enum nameiop cn_nameiop; /* namei operation */
52 int cn_lkflags; /* Lock flags LK_EXCLUSIVE or LK_SHARED */
53 /*
54 * Shared between lookup and commit routines.
55 */
56 char *cn_pnbuf; /* pathname buffer */
57 char *cn_nameptr; /* pointer to looked up name */
58 long cn_namelen; /* length of looked up component */
59};
60
61struct nameicap_tracker;
62TAILQ_HEAD(nameicap_tracker_head, nameicap_tracker);
63
64/*
65 * Encapsulation of namei parameters.
66 */
67struct nameidata {
68 /*
69 * Arguments to namei/lookup.
70 */
71 const char *ni_dirp; /* pathname pointer */
72 enum uio_seg ni_segflg; /* location of pathname */
73 cap_rights_t *ni_rightsneeded; /* rights required to look up vnode */
74 /*
75 * Arguments to lookup.
76 */
77 struct vnode *ni_startdir; /* starting directory */
78 struct vnode *ni_rootdir; /* logical root directory */
79 struct vnode *ni_topdir; /* logical top directory */
80 int ni_dirfd; /* starting directory for *at functions */
81 int ni_lcf; /* local call flags */
82 /*
83 * Results: returned from namei
84 */
85 struct filecaps ni_filecaps; /* rights the *at base has */
86 /*
87 * Results: returned from/manipulated by lookup
88 */
89 struct vnode *ni_vp; /* vnode of result */
90 struct vnode *ni_dvp; /* vnode of intermediate directory */
91 /*
92 * Results: flags returned from namei
93 */
94 u_int ni_resflags;
95 /*
96 * Debug for validating API use by the callers.
97 */
98 u_short ni_debugflags;
99 /*
100 * Shared between namei and lookup/commit routines.
101 */
102 u_short ni_loopcnt; /* count of symlinks encountered */
103 size_t ni_pathlen; /* remaining chars in path */
104 char *ni_next; /* next location in pathname */
105 /*
106 * Lookup parameters: this structure describes the subset of
107 * information from the nameidata structure that is passed
108 * through the VOP interface.
109 */
110 struct componentname ni_cnd;
111 struct nameicap_tracker_head ni_cap_tracker;
112 /*
113 * Private helper data for UFS, must be at the end. See
114 * NDINIT_PREFILL().
115 */
116 seqc_t ni_dvp_seqc;
117 seqc_t ni_vp_seqc;
118};
119
120#ifdef _KERNEL
121
122enum cache_fpl_status { CACHE_FPL_STATUS_DESTROYED, CACHE_FPL_STATUS_ABORTED,
123 CACHE_FPL_STATUS_PARTIAL, CACHE_FPL_STATUS_HANDLED, CACHE_FPL_STATUS_UNSET };
124int cache_fplookup(struct nameidata *ndp, enum cache_fpl_status *status,
125 struct pwd **pwdp);
126
127/*
128 * Flags for namei.
129 *
130 * If modifying the list make sure to check whether NDVALIDATE needs updating.
131 */
132
133/*
134 * Debug.
135 */
136#define NAMEI_DBG_INITED 0x0001
137#define NAMEI_DBG_CALLED 0x0002
138#define NAMEI_DBG_HADSTARTDIR 0x0004
139
140/*
141 * namei operational modifier flags, stored in ni_cnd.flags
142 */
143#define NC_NOMAKEENTRY 0x0001 /* name must not be added to cache */
144#define NC_KEEPPOSENTRY 0x0002 /* don't evict a positive entry */
145#define NOCACHE NC_NOMAKEENTRY /* for compatibility with older code */
146#define LOCKLEAF 0x0004 /* lock vnode on return */
147#define LOCKPARENT 0x0008 /* want parent vnode returned locked */
148#define WANTPARENT 0x0010 /* want parent vnode returned unlocked */
149#define FAILIFEXISTS 0x0020 /* return EEXIST if found */
150#define FOLLOW 0x0040 /* follow symbolic links */
151#define EMPTYPATH 0x0080 /* Allow empty path for *at */
152#define LOCKSHARED 0x0100 /* Shared lock leaf */
153#define NOFOLLOW 0x0000 /* do not follow symbolic links (pseudo) */
154#define RBENEATH 0x100000000ULL /* No escape, even tmp, from start dir */
155#define MODMASK 0xf000001ffULL /* mask of operational modifiers */
156
157/*
158 * Namei parameter descriptors.
159 */
160#define RDONLY 0x00000200 /* lookup with read-only semantics */
161#define ISRESTARTED 0x00000400 /* restarted namei */
162/* UNUSED 0x00000800 */
163#define ISWHITEOUT 0x00001000 /* found whiteout */
164#define DOWHITEOUT 0x00002000 /* do whiteouts */
165#define WILLBEDIR 0x00004000 /* new files will be dirs; allow trailing / */
166#define ISOPEN 0x00008000 /* caller is opening; return a real vnode. */
167#define NOCROSSMOUNT 0x00010000 /* do not cross mount points */
168#define NOMACCHECK 0x00020000 /* do not perform MAC checks */
169#define AUDITVNODE1 0x00040000 /* audit the looked up vnode information */
170#define AUDITVNODE2 0x00080000 /* audit the looked up vnode information */
171#define NOCAPCHECK 0x00100000 /* do not perform capability checks */
172#define OPENREAD 0x00200000 /* open for reading */
173#define OPENWRITE 0x00400000 /* open for writing */
174#define WANTIOCTLCAPS 0x00800000 /* leave ioctl caps for the caller */
175/* UNUSED 0x01000000 */
176#define NOEXECCHECK 0x02000000 /* do not perform exec check on dir */
177#define MAKEENTRY 0x04000000 /* entry is to be added to name cache */
178#define ISSYMLINK 0x08000000 /* symlink needs interpretation */
179#define ISLASTCN 0x10000000 /* this is last component of pathname */
180#define ISDOTDOT 0x20000000 /* current component name is .. */
181#define TRAILINGSLASH 0x40000000 /* path ended in a slash */
182#define PARAMASK 0x7ffffe00 /* mask of parameter descriptors */
183
184/*
185 * Flags which must not be passed in by callers.
186 */
187#define NAMEI_INTERNAL_FLAGS \
188 (NOEXECCHECK | MAKEENTRY | ISSYMLINK | ISLASTCN | ISDOTDOT | \
189 TRAILINGSLASH | ISRESTARTED)
190
191/*
192 * Namei results flags
193 */
194#define NIRES_ABS 0x00000001 /* Path was absolute */
195#define NIRES_STRICTREL 0x00000002 /* Restricted lookup result */
196#define NIRES_EMPTYPATH 0x00000004 /* EMPTYPATH used */
197
198/*
199 * Flags in ni_lcf, valid for the duration of the namei call.
200 */
201#define NI_LCF_STRICTREL 0x0001 /* relative lookup only */
202#define NI_LCF_CAP_DOTDOT 0x0002 /* ".." in strictrelative case */
203/* Track capability restrictions seperately for violation ktracing. */
204#define NI_LCF_STRICTREL_KTR 0x0004 /* trace relative lookups */
205#define NI_LCF_CAP_DOTDOT_KTR 0x0008 /* ".." in strictrelative case */
206#define NI_LCF_KTR_FLAGS (NI_LCF_STRICTREL_KTR | NI_LCF_CAP_DOTDOT_KTR)
207
208/*
209 * Initialization of a nameidata structure.
210 */
211#define NDINIT(ndp, op, flags, segflg, namep) \
212 NDINIT_ALL(ndp, op, flags, segflg, namep, AT_FDCWD, NULL, &cap_no_rights)
213#define NDINIT_AT(ndp, op, flags, segflg, namep, dirfd) \
214 NDINIT_ALL(ndp, op, flags, segflg, namep, dirfd, NULL, &cap_no_rights)
215#define NDINIT_ATRIGHTS(ndp, op, flags, segflg, namep, dirfd, rightsp) \
216 NDINIT_ALL(ndp, op, flags, segflg, namep, dirfd, NULL, rightsp)
217#define NDINIT_ATVP(ndp, op, flags, segflg, namep, vp) \
218 NDINIT_ALL(ndp, op, flags, segflg, namep, AT_FDCWD, vp, &cap_no_rights)
219
220/*
221 * Note the constant pattern may *hide* bugs.
222 * Note also that we enable debug checks for non-TIED KLDs
223 * so that they can run on an INVARIANTS kernel without tripping over
224 * assertions on ni_debugflags state.
225 */
226#if defined(INVARIANTS) || (defined(KLD_MODULE) && !defined(KLD_TIED))
227#define NDINIT_PREFILL(arg) memset(arg, 0xff, offsetof(struct nameidata, \
228 ni_dvp_seqc))
229#define NDINIT_DBG(arg) { (arg)->ni_debugflags = NAMEI_DBG_INITED; }
230#define NDREINIT_DBG(arg) { \
231 if (((arg)->ni_debugflags & NAMEI_DBG_INITED) == 0) \
232 panic("namei data not inited"); \
233 if (((arg)->ni_debugflags & NAMEI_DBG_HADSTARTDIR) != 0) \
234 panic("NDREINIT on namei data with NAMEI_DBG_HADSTARTDIR"); \
235 (arg)->ni_debugflags = NAMEI_DBG_INITED; \
236}
237#else
238#define NDINIT_PREFILL(arg) do { } while (0)
239#define NDINIT_DBG(arg) do { } while (0)
240#define NDREINIT_DBG(arg) do { } while (0)
241#endif
242
243#define NDINIT_ALL(ndp, op, flags, segflg, namep, dirfd, startdir, rightsp) \
244do { \
245 struct nameidata *_ndp = (ndp); \
246 cap_rights_t *_rightsp = (rightsp); \
247 MPASS(_rightsp != NULL); \
248 NDINIT_PREFILL(_ndp); \
249 NDINIT_DBG(_ndp); \
250 _ndp->ni_cnd.cn_nameiop = op; \
251 _ndp->ni_cnd.cn_flags = flags; \
252 _ndp->ni_segflg = segflg; \
253 _ndp->ni_dirp = namep; \
254 _ndp->ni_dirfd = dirfd; \
255 _ndp->ni_startdir = startdir; \
256 _ndp->ni_resflags = 0; \
257 filecaps_init(&_ndp->ni_filecaps); \
258 _ndp->ni_rightsneeded = _rightsp; \
259} while (0)
260
261#define NDREINIT(ndp) do { \
262 struct nameidata *_ndp = (ndp); \
263 NDREINIT_DBG(_ndp); \
264 filecaps_free(&_ndp->ni_filecaps); \
265 _ndp->ni_resflags = 0; \
266 _ndp->ni_startdir = NULL; \
267} while (0)
268
269#define NDPREINIT(ndp) do { \
270 (ndp)->ni_dvp_seqc = SEQC_MOD; \
271 (ndp)->ni_vp_seqc = SEQC_MOD; \
272} while (0)
273
274#define NDFREE_IOCTLCAPS(ndp) do { \
275 struct nameidata *_ndp = (ndp); \
276 filecaps_free(&_ndp->ni_filecaps); \
277} while (0)
278
279#define NDFREE_PNBUF(ndp) do { \
280 struct nameidata *_ndp = (ndp); \
281 MPASS(_ndp->ni_cnd.cn_pnbuf != NULL); \
282 uma_zfree(namei_zone, _ndp->ni_cnd.cn_pnbuf); \
283 _ndp->ni_cnd.cn_pnbuf = NULL; \
284} while (0)
285
286int namei(struct nameidata *ndp);
287int vfs_lookup(struct nameidata *ndp);
288int vfs_relookup(struct vnode *dvp, struct vnode **vpp,
289 struct componentname *cnp, bool refstart);
290
291#define namei_setup_rootdir(ndp, cnp, pwd) do { \
292 if (__predict_true((cnp->cn_flags & ISRESTARTED) == 0)) \
293 ndp->ni_rootdir = pwd->pwd_adir; \
294 else \
295 ndp->ni_rootdir = pwd->pwd_rdir; \
296} while (0)
297#endif
298
299/*
300 * Stats on usefulness of namei caches.
301 */
302struct nchstats {
303 long ncs_goodhits; /* hits that we can really use */
304 long ncs_neghits; /* negative hits that we can use */
305 long ncs_badhits; /* hits we must drop */
306 long ncs_falsehits; /* hits with id mismatch */
307 long ncs_miss; /* misses */
308 long ncs_long; /* long names that ignore cache */
309 long ncs_pass2; /* names found with passes == 2 */
310 long ncs_2passes; /* number of times we attempt it */
311};
312
313extern struct nchstats nchstats;
314
315#endif /* !_SYS_NAMEI_H_ */