1 /* $OpenBSD: linux_getcwd.c,v 1.7 2005/06/18 18:09:42 millert Exp $ */
2 /* $NetBSD: vfs_getcwd.c,v 1.3.2.3 1999/07/11 10:24:09 sommerfeld Exp $ */
3
4 /*-
5 * Copyright (c) 1999 The NetBSD Foundation, Inc.
6 * All rights reserved.
7 *
8 * This code is derived from software contributed to The NetBSD Foundation
9 * by Bill Sommerfeld.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. All advertising materials mentioning features or use of this software
20 * must display the following acknowledgement:
21 * This product includes software developed by the NetBSD
22 * Foundation, Inc. and its contributors.
23 * 4. Neither the name of The NetBSD Foundation nor the names of its
24 * contributors may be used to endorse or promote products derived
25 * from this software without specific prior written permission.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
37 * POSSIBILITY OF SUCH DAMAGE.
38 */
39
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/namei.h>
43 #include <sys/filedesc.h>
44 #include <sys/kernel.h>
45 #include <sys/file.h>
46 #include <sys/stat.h>
47 #include <sys/vnode.h>
48 #include <sys/mount.h>
49 #include <sys/proc.h>
50 int proc_isunder(struct proc *, struct proc*); /* missing from proc.h */
51 #include <sys/uio.h>
52 #include <sys/malloc.h>
53 #include <sys/dirent.h>
54 #include <ufs/ufs/dir.h> /* XXX only for DIRBLKSIZ */
55
56 #include <sys/syscallargs.h>
57
58 #include <compat/linux/linux_types.h>
59 #include <compat/linux/linux_signal.h>
60 #include <compat/linux/linux_syscallargs.h>
61 #include <compat/linux/linux_util.h>
62 #include <compat/linux/linux_dirent.h>
63
64 #include <machine/linux_machdep.h>
65
66 static int
67 linux_getcwd_scandir(struct vnode **, struct vnode **,
68 char **, char *, struct proc *);
69 static int
70 linux_getcwd_getcache(struct vnode **, struct vnode **,
71 char **, char *);
72 static int
73 linux_getcwd_common(struct vnode *, struct vnode *,
74 char **, char *, int, int, struct proc *);
75
76 static int
77 linux_vn_isunder(struct vnode *, struct vnode *, struct proc *);
78
79 #define DIRENT_MINSIZE (sizeof(struct dirent) - (LINUX_MAXNAMLEN+1) + 4)
80
81 /*
82 * Vnode variable naming conventions in this file:
83 *
84 * rvp: the current root we're aiming towards.
85 * lvp, *lvpp: the "lower" vnode
86 * uvp, *uvpp: the "upper" vnode.
87 *
88 * Since all the vnodes we're dealing with are directories, and the
89 * lookups are going *up* in the filesystem rather than *down*, the
90 * usual "pvp" (parent) or "dvp" (directory) naming conventions are
91 * too confusing.
92 */
93
94 /*
95 * XXX Will infinite loop in certain cases if a directory read reliably
96 * returns EINVAL on last block.
97 * XXX is EINVAL the right thing to return if a directory is malformed?
98 */
99
100 /*
101 * XXX Untested vs. mount -o union; probably does the wrong thing.
102 */
103
104 /*
105 * Find parent vnode of *lvpp, return in *uvpp
106 *
107 * If we care about the name, scan it looking for name of directory
108 * entry pointing at lvp.
109 *
110 * Place the name in the buffer which starts at bufp, immediately
111 * before *bpp, and move bpp backwards to point at the start of it.
112 *
113 * On entry, *lvpp is a locked vnode reference; on exit, it is vput and NULL'ed
114 * On exit, *uvpp is either NULL or is a locked vnode reference.
115 */
116 static int
linux_getcwd_scandir(lvpp,uvpp,bpp,bufp,p)117 linux_getcwd_scandir(lvpp, uvpp, bpp, bufp, p)
118 struct vnode **lvpp;
119 struct vnode **uvpp;
120 char **bpp;
121 char *bufp;
122 struct proc *p;
123 {
124 int error = 0;
125 int eofflag;
126 off_t off;
127 int tries;
128 struct uio uio;
129 struct iovec iov;
130 char *dirbuf = NULL;
131 int dirbuflen;
132 ino_t fileno;
133 struct vattr va;
134 struct vnode *uvp = NULL;
135 struct vnode *lvp = *lvpp;
136 struct componentname cn;
137 int len, reclen;
138 tries = 0;
139
140 /*
141 * If we want the filename, get some info we need while the
142 * current directory is still locked.
143 */
144 if (bufp != NULL) {
145 error = VOP_GETATTR(lvp, &va, p->p_ucred, p);
146 if (error) {
147 vput(lvp);
148 *lvpp = NULL;
149 *uvpp = NULL;
150 return error;
151 }
152 }
153
154 /*
155 * Ok, we have to do it the hard way..
156 * Next, get parent vnode using lookup of ..
157 */
158 cn.cn_nameiop = LOOKUP;
159 cn.cn_flags = ISLASTCN | ISDOTDOT | RDONLY;
160 cn.cn_proc = p;
161 cn.cn_cred = p->p_ucred;
162 cn.cn_pnbuf = NULL;
163 cn.cn_nameptr = "..";
164 cn.cn_namelen = 2;
165 cn.cn_hash = 0;
166 cn.cn_consume = 0;
167
168 /*
169 * At this point, lvp is locked and will be unlocked by the lookup.
170 * On successful return, *uvpp will be locked
171 */
172 error = VOP_LOOKUP(lvp, uvpp, &cn);
173 if (error) {
174 vput(lvp);
175 *lvpp = NULL;
176 *uvpp = NULL;
177 return error;
178 }
179 uvp = *uvpp;
180
181 /* If we don't care about the pathname, we're done */
182 if (bufp == NULL) {
183 vrele(lvp);
184 *lvpp = NULL;
185 return 0;
186 }
187
188 fileno = va.va_fileid;
189
190 dirbuflen = DIRBLKSIZ;
191 if (dirbuflen < va.va_blocksize)
192 dirbuflen = va.va_blocksize;
193 dirbuf = (char *)malloc(dirbuflen, M_TEMP, M_WAITOK);
194
195 #if 0
196 unionread:
197 #endif
198 off = 0;
199 do {
200 /* call VOP_READDIR of parent */
201 iov.iov_base = dirbuf;
202 iov.iov_len = dirbuflen;
203
204 uio.uio_iov = &iov;
205 uio.uio_iovcnt = 1;
206 uio.uio_offset = off;
207 uio.uio_resid = dirbuflen;
208 uio.uio_segflg = UIO_SYSSPACE;
209 uio.uio_rw = UIO_READ;
210 uio.uio_procp = p;
211
212 eofflag = 0;
213
214 error = VOP_READDIR(uvp, &uio, p->p_ucred, &eofflag, 0, 0);
215
216 off = uio.uio_offset;
217
218 /*
219 * Try again if NFS tosses its cookies.
220 * XXX this can still loop forever if the directory is busted
221 * such that the second or subsequent page of it always
222 * returns EINVAL
223 */
224 if ((error == EINVAL) && (tries < 3)) {
225 off = 0;
226 tries++;
227 continue; /* once more, with feeling */
228 }
229
230 if (!error) {
231 char *cpos;
232 struct dirent *dp;
233
234 cpos = dirbuf;
235 tries = 0;
236
237 /* scan directory page looking for matching vnode */
238 for (len = (dirbuflen - uio.uio_resid); len > 0; len -= reclen) {
239 dp = (struct dirent *) cpos;
240 reclen = dp->d_reclen;
241
242 /* check for malformed directory.. */
243 if (reclen < DIRENT_MINSIZE) {
244 error = EINVAL;
245 goto out;
246 }
247 /*
248 * XXX should perhaps do VOP_LOOKUP to
249 * check that we got back to the right place,
250 * but getting the locking games for that
251 * right would be heinous.
252 */
253 if (dp->d_fileno == fileno) {
254 char *bp = *bpp;
255 bp -= dp->d_namlen;
256
257 if (bp <= bufp) {
258 error = ERANGE;
259 goto out;
260 }
261 bcopy(dp->d_name, bp, dp->d_namlen);
262 error = 0;
263 *bpp = bp;
264 goto out;
265 }
266 cpos += reclen;
267 }
268 }
269 } while (!eofflag);
270
271 error = ENOENT;
272
273 out:
274 vrele(lvp);
275 *lvpp = NULL;
276 free(dirbuf, M_TEMP);
277 return error;
278 }
279
280 /*
281 * Look in the vnode-to-name reverse cache to see if
282 * we can find things the easy way.
283 *
284 * XXX vget failure path is untested.
285 *
286 * On entry, *lvpp is a locked vnode reference.
287 * On exit, one of the following is the case:
288 * 0) Both *lvpp and *uvpp are NULL and failure is returned.
289 * 1) *uvpp is NULL, *lvpp remains locked and -1 is returned (cache miss)
290 * 2) *uvpp is a locked vnode reference, *lvpp is vput and NULL'ed
291 * and 0 is returned (cache hit)
292 */
293
294 static int
linux_getcwd_getcache(lvpp,uvpp,bpp,bufp)295 linux_getcwd_getcache(lvpp, uvpp, bpp, bufp)
296 struct vnode **lvpp, **uvpp;
297 char **bpp;
298 char *bufp;
299 {
300 #ifdef notyet
301 struct vnode *lvp, *uvp = NULL;
302 int error;
303 int vpid;
304
305 lvp = *lvpp;
306
307 /*
308 * This returns 0 on a cache hit, -1 on a clean cache miss,
309 * or an errno on other failure.
310 */
311 error = cache_revlookup(lvp, uvpp, bpp, bufp);
312 if (error) {
313 if (error != -1) {
314 vput(lvp);
315 *lvpp = NULL;
316 *uvpp = NULL;
317 }
318 return error;
319 }
320 uvp = *uvpp;
321 vpid = uvp->v_id;
322
323 /*
324 * Since we're going up, we have to release the current lock
325 * before we take the parent lock.
326 */
327
328 VOP_UNLOCK(lvp, 0);
329
330 error = vget(uvp, LK_EXCLUSIVE | LK_RETRY);
331 if (error != 0)
332 *uvpp = NULL;
333 /*
334 * Verify that vget succeeded, and check that vnode capability
335 * didn't change while we were waiting for the lock.
336 */
337 if (error || (vpid != uvp->v_id)) {
338 /*
339 * Oops, we missed. If the vget failed, or the
340 * capability changed, try to get our lock back; if
341 * that works, tell caller to try things the hard way,
342 * otherwise give up.
343 */
344 if (!error) vput(uvp);
345 *uvpp = NULL;
346
347 error = vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY);
348
349 if (!error)
350 return -1;
351 }
352 vrele(lvp);
353 *lvpp = NULL;
354 return error;
355 #endif /* notyet */
356 return (-1);
357 }
358
359 /*
360 * common routine shared by sys___getcwd() and linux_vn_isunder()
361 */
362
363 #define GETCWD_CHECK_ACCESS 0x0001
364
365 static int
linux_getcwd_common(lvp,rvp,bpp,bufp,limit,flags,p)366 linux_getcwd_common (lvp, rvp, bpp, bufp, limit, flags, p)
367 struct vnode *lvp;
368 struct vnode *rvp;
369 char **bpp;
370 char *bufp;
371 int limit;
372 int flags;
373 struct proc *p;
374 {
375 struct filedesc *fdp = p->p_fd;
376 struct vnode *uvp = NULL;
377 char *bp = NULL;
378 int error;
379 int perms = VEXEC;
380
381 if (rvp == NULL) {
382 rvp = fdp->fd_rdir;
383 if (rvp == NULL)
384 rvp = rootvnode;
385 }
386
387 VREF(rvp);
388 VREF(lvp);
389
390 /*
391 * Error handling invariant:
392 * Before a `goto out':
393 * lvp is either NULL, or locked and held.
394 * uvp is either NULL, or locked and held.
395 */
396
397 error = vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY, p);
398 if (error) {
399 vrele(lvp);
400 lvp = NULL;
401 goto out;
402 }
403 if (bufp)
404 bp = *bpp;
405 /*
406 * this loop will terminate when one of the following happens:
407 * - we hit the root
408 * - getdirentries or lookup fails
409 * - we run out of space in the buffer.
410 */
411 if (lvp == rvp) {
412 if (bp)
413 *(--bp) = '/';
414 goto out;
415 }
416 do {
417 if (lvp->v_type != VDIR) {
418 error = ENOTDIR;
419 goto out;
420 }
421
422 /*
423 * access check here is optional, depending on
424 * whether or not caller cares.
425 */
426 if (flags & GETCWD_CHECK_ACCESS) {
427 error = VOP_ACCESS(lvp, perms, p->p_ucred, p);
428 if (error)
429 goto out;
430 perms = VEXEC|VREAD;
431 }
432
433 /*
434 * step up if we're a covered vnode..
435 */
436 while (lvp->v_flag & VROOT) {
437 struct vnode *tvp;
438
439 if (lvp == rvp)
440 goto out;
441
442 tvp = lvp;
443 lvp = lvp->v_mount->mnt_vnodecovered;
444 vput(tvp);
445 /*
446 * hodie natus est radici frater
447 */
448 if (lvp == NULL) {
449 error = ENOENT;
450 goto out;
451 }
452 VREF(lvp);
453 error = vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY, p);
454 if (error != 0) {
455 vrele(lvp);
456 lvp = NULL;
457 goto out;
458 }
459 }
460 /*
461 * Look in the name cache; if that fails, look in the
462 * directory..
463 */
464 error = linux_getcwd_getcache(&lvp, &uvp, &bp, bufp);
465 if (error == -1)
466 error = linux_getcwd_scandir(&lvp, &uvp, &bp, bufp, p);
467 if (error)
468 goto out;
469 #ifdef DIAGNOSTIC
470 if (lvp != NULL)
471 panic("getcwd: oops, forgot to null lvp");
472 if (bufp && (bp <= bufp)) {
473 panic("getcwd: oops, went back too far");
474 }
475 #endif
476 if (bp)
477 *(--bp) = '/';
478 lvp = uvp;
479 uvp = NULL;
480 limit--;
481 } while ((lvp != rvp) && (limit > 0));
482
483 out:
484 if (bpp)
485 *bpp = bp;
486 if (uvp)
487 vput(uvp);
488 if (lvp)
489 vput(lvp);
490 vrele(rvp);
491 return error;
492 }
493
494 /*
495 * Check if one directory can be found inside another in the directory
496 * hierarchy.
497 *
498 * Intended to be used in chroot, chdir, fchdir, etc., to ensure that
499 * chroot() actually means something.
500 */
501 static int
linux_vn_isunder(lvp,rvp,p)502 linux_vn_isunder(lvp, rvp, p)
503 struct vnode *lvp;
504 struct vnode *rvp;
505 struct proc *p;
506 {
507 int error;
508
509 error = linux_getcwd_common (lvp, rvp, NULL, NULL, MAXPATHLEN/2, 0, p);
510
511 if (!error)
512 return 1;
513 else
514 return 0;
515 }
516
517 /*
518 * Returns true if proc p1's root directory equal to or under p2's
519 * root directory.
520 *
521 * Intended to be used from ptrace/procfs sorts of things.
522 */
523
proc_isunder(p1,p2)524 int proc_isunder (p1, p2)
525 struct proc *p1;
526 struct proc *p2;
527 {
528 struct vnode *r1 = p1->p_fd->fd_rdir;
529 struct vnode *r2 = p2->p_fd->fd_rdir;
530
531 if (r1 == NULL)
532 return (r2 == NULL);
533 else if (r2 == NULL)
534 return 1;
535 else
536 return linux_vn_isunder(r1, r2, p2);
537 }
538
539 /*
540 * Find pathname of process's current directory.
541 *
542 * Use vfs vnode-to-name reverse cache; if that fails, fall back
543 * to reading directory contents.
544 */
545
linux_sys_getcwd(p,v,retval)546 int linux_sys_getcwd(p, v, retval)
547 struct proc *p;
548 void *v;
549 register_t *retval;
550 {
551 register struct linux_sys_getcwd_args /* {
552 syscallarg(char *) bufp;
553 syscallarg(size_t) length;
554 } */ *uap = v;
555
556 int error;
557 char *path;
558 char *bp, *bend;
559 int len = SCARG(uap, length);
560 int lenused;
561
562 if (len > MAXPATHLEN*4)
563 len = MAXPATHLEN*4;
564 else if (len < 2)
565 return ERANGE;
566
567 path = (char *)malloc(len, M_TEMP, M_WAITOK);
568
569 bp = &path[len];
570 bend = bp;
571 *(--bp) = '\0';
572
573 /*
574 * 5th argument here is "max number of vnodes to traverse".
575 * Since each entry takes up at least 2 bytes in the output buffer,
576 * limit it to N/2 vnodes for an N byte buffer.
577 */
578 error = linux_getcwd_common (p->p_fd->fd_cdir, NULL, &bp, path, len/2,
579 GETCWD_CHECK_ACCESS, p);
580
581 if (error)
582 goto out;
583 lenused = bend - bp;
584 *retval = lenused;
585 /* put the result into user buffer */
586 error = copyout(bp, SCARG(uap, bufp), lenused);
587
588 out:
589 free(path, M_TEMP);
590 return error;
591 }
592