1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
23 * Copyright (c) 1988, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2019, Joyent, Inc.
25 * Copyright 2016 Toomas Soome <tsoome@me.com>
26 * Copyright (c) 2016, 2017 by Delphix. All rights reserved.
27 * Copyright 2016 Nexenta Systems, Inc.
28 * Copyright 2017 RackTop Systems.
29 */
30
31/*	Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T	*/
32/*	  All Rights Reserved	*/
33
34/*
35 * University Copyright- Copyright (c) 1982, 1986, 1988
36 * The Regents of the University of California
37 * All Rights Reserved
38 *
39 * University Acknowledgment- Portions of this document are derived from
40 * software developed by the University of California, Berkeley, and its
41 * contributors.
42 */
43
44#include <sys/types.h>
45#include <sys/t_lock.h>
46#include <sys/param.h>
47#include <sys/errno.h>
48#include <sys/user.h>
49#include <sys/fstyp.h>
50#include <sys/kmem.h>
51#include <sys/systm.h>
52#include <sys/proc.h>
53#include <sys/mount.h>
54#include <sys/vfs.h>
55#include <sys/vfs_opreg.h>
56#include <sys/fem.h>
57#include <sys/mntent.h>
58#include <sys/stat.h>
59#include <sys/statvfs.h>
60#include <sys/statfs.h>
61#include <sys/cred.h>
62#include <sys/vnode.h>
63#include <sys/rwstlock.h>
64#include <sys/dnlc.h>
65#include <sys/file.h>
66#include <sys/time.h>
67#include <sys/atomic.h>
68#include <sys/cmn_err.h>
69#include <sys/buf.h>
70#include <sys/swap.h>
71#include <sys/debug.h>
72#include <sys/vnode.h>
73#include <sys/modctl.h>
74#include <sys/ddi.h>
75#include <sys/pathname.h>
76#include <sys/bootconf.h>
77#include <sys/dumphdr.h>
78#include <sys/dc_ki.h>
79#include <sys/poll.h>
80#include <sys/sunddi.h>
81#include <sys/sysmacros.h>
82#include <sys/zone.h>
83#include <sys/policy.h>
84#include <sys/ctfs.h>
85#include <sys/objfs.h>
86#include <sys/console.h>
87#include <sys/reboot.h>
88#include <sys/attr.h>
89#include <sys/zio.h>
90#include <sys/spa.h>
91#include <sys/lofi.h>
92#include <sys/bootprops.h>
93
94#include <vm/page.h>
95
96#include <fs/fs_subr.h>
97/* Private interfaces to create vopstats-related data structures */
98extern void		initialize_vopstats(vopstats_t *);
99extern vopstats_t	*get_fstype_vopstats(struct vfs *, struct vfssw *);
100extern vsk_anchor_t	*get_vskstat_anchor(struct vfs *);
101
102static void vfs_clearmntopt_nolock(mntopts_t *, const char *, int);
103static void vfs_setmntopt_nolock(mntopts_t *, const char *,
104    const char *, int, int);
105static int  vfs_optionisset_nolock(const mntopts_t *, const char *, char **);
106static void vfs_freemnttab(struct vfs *);
107static void vfs_freeopt(mntopt_t *);
108static void vfs_swapopttbl_nolock(mntopts_t *, mntopts_t *);
109static void vfs_swapopttbl(mntopts_t *, mntopts_t *);
110static void vfs_copyopttbl_extend(const mntopts_t *, mntopts_t *, int);
111static void vfs_createopttbl_extend(mntopts_t *, const char *,
112    const mntopts_t *);
113static char **vfs_copycancelopt_extend(char **const, int);
114static void vfs_freecancelopt(char **);
115static void getrootfs(char **, char **);
116static int getmacpath(dev_info_t *, void *);
117static void vfs_mnttabvp_setup(void);
118
119struct ipmnt {
120	struct ipmnt	*mip_next;
121	dev_t		mip_dev;
122	struct vfs	*mip_vfsp;
123};
124
125static kmutex_t		vfs_miplist_mutex;
126static struct ipmnt	*vfs_miplist = NULL;
127static struct ipmnt	*vfs_miplist_end = NULL;
128
129static kmem_cache_t *vfs_cache;	/* Pointer to VFS kmem cache */
130
131/*
132 * VFS global data.
133 */
134vnode_t *rootdir;		/* pointer to root inode vnode. */
135vnode_t *devicesdir;		/* pointer to inode of devices root */
136vnode_t	*devdir;		/* pointer to inode of dev root */
137
138char *server_rootpath;		/* root path for diskless clients */
139char *server_hostname;		/* hostname of diskless server */
140
141static struct vfs root;
142static struct vfs devices;
143static struct vfs dev;
144struct vfs *rootvfs = &root;	/* pointer to root vfs; head of VFS list. */
145rvfs_t *rvfs_list;		/* array of vfs ptrs for vfs hash list */
146int vfshsz = 512;		/* # of heads/locks in vfs hash arrays */
147				/* must be power of 2!	*/
148timespec_t vfs_mnttab_ctime;	/* mnttab created time */
149timespec_t vfs_mnttab_mtime;	/* mnttab last modified time */
150char *vfs_dummyfstype = "\0";
151struct pollhead vfs_pollhd;	/* for mnttab pollers */
152struct vnode *vfs_mntdummyvp;	/* to fake mnttab read/write for file events */
153int	mntfstype;		/* will be set once mnt fs is mounted */
154
155/*
156 * Table for generic options recognized in the VFS layer and acted
157 * on at this level before parsing file system specific options.
158 * The nosuid option is stronger than any of the devices and setuid
159 * options, so those are canceled when nosuid is seen.
160 *
161 * All options which are added here need to be added to the
162 * list of standard options in usr/src/cmd/fs.d/fslib.c as well.
163 */
164/*
165 * VFS Mount options table
166 */
167static char *ro_cancel[] = { MNTOPT_RW, NULL };
168static char *rw_cancel[] = { MNTOPT_RO, NULL };
169static char *suid_cancel[] = { MNTOPT_NOSUID, NULL };
170static char *nosuid_cancel[] = { MNTOPT_SUID, MNTOPT_DEVICES, MNTOPT_NODEVICES,
171    MNTOPT_NOSETUID, MNTOPT_SETUID, NULL };
172static char *devices_cancel[] = { MNTOPT_NODEVICES, NULL };
173static char *nodevices_cancel[] = { MNTOPT_DEVICES, NULL };
174static char *setuid_cancel[] = { MNTOPT_NOSETUID, NULL };
175static char *nosetuid_cancel[] = { MNTOPT_SETUID, NULL };
176static char *nbmand_cancel[] = { MNTOPT_NONBMAND, NULL };
177static char *nonbmand_cancel[] = { MNTOPT_NBMAND, NULL };
178static char *exec_cancel[] = { MNTOPT_NOEXEC, NULL };
179static char *noexec_cancel[] = { MNTOPT_EXEC, NULL };
180
181static const mntopt_t mntopts[] = {
182/*
183 *	option name		cancel options		default arg	flags
184 */
185	{ MNTOPT_REMOUNT,	NULL,			NULL,
186		MO_NODISPLAY, (void *)0 },
187	{ MNTOPT_RO,		ro_cancel,		NULL,		0,
188		(void *)0 },
189	{ MNTOPT_RW,		rw_cancel,		NULL,		0,
190		(void *)0 },
191	{ MNTOPT_SUID,		suid_cancel,		NULL,		0,
192		(void *)0 },
193	{ MNTOPT_NOSUID,	nosuid_cancel,		NULL,		0,
194		(void *)0 },
195	{ MNTOPT_DEVICES,	devices_cancel,		NULL,		0,
196		(void *)0 },
197	{ MNTOPT_NODEVICES,	nodevices_cancel,	NULL,		0,
198		(void *)0 },
199	{ MNTOPT_SETUID,	setuid_cancel,		NULL,		0,
200		(void *)0 },
201	{ MNTOPT_NOSETUID,	nosetuid_cancel,	NULL,		0,
202		(void *)0 },
203	{ MNTOPT_NBMAND,	nbmand_cancel,		NULL,		0,
204		(void *)0 },
205	{ MNTOPT_NONBMAND,	nonbmand_cancel,	NULL,		0,
206		(void *)0 },
207	{ MNTOPT_EXEC,		exec_cancel,		NULL,		0,
208		(void *)0 },
209	{ MNTOPT_NOEXEC,	noexec_cancel,		NULL,		0,
210		(void *)0 },
211};
212
213const mntopts_t vfs_mntopts = {
214	sizeof (mntopts) / sizeof (mntopt_t),
215	(mntopt_t *)&mntopts[0]
216};
217
218/*
219 * File system operation dispatch functions.
220 */
221
222int
223fsop_mount(vfs_t *vfsp, vnode_t *mvp, struct mounta *uap, cred_t *cr)
224{
225	return (*(vfsp)->vfs_op->vfs_mount)(vfsp, mvp, uap, cr);
226}
227
228int
229fsop_unmount(vfs_t *vfsp, int flag, cred_t *cr)
230{
231	return (*(vfsp)->vfs_op->vfs_unmount)(vfsp, flag, cr);
232}
233
234int
235fsop_root(vfs_t *vfsp, vnode_t **vpp)
236{
237	refstr_t *mntpt;
238	int ret = (*(vfsp)->vfs_op->vfs_root)(vfsp, vpp);
239	/*
240	 * Make sure this root has a path.  With lofs, it is possible to have
241	 * a NULL mountpoint.
242	 */
243	if (ret == 0 && vfsp->vfs_mntpt != NULL &&
244	    (*vpp)->v_path == vn_vpath_empty) {
245		const char *path;
246
247		mntpt = vfs_getmntpoint(vfsp);
248		path = refstr_value(mntpt);
249		vn_setpath_str(*vpp, path, strlen(path));
250		refstr_rele(mntpt);
251	}
252
253	return (ret);
254}
255
256int
257fsop_statfs(vfs_t *vfsp, statvfs64_t *sp)
258{
259	return (*(vfsp)->vfs_op->vfs_statvfs)(vfsp, sp);
260}
261
262int
263fsop_sync(vfs_t *vfsp, short flag, cred_t *cr)
264{
265	return (*(vfsp)->vfs_op->vfs_sync)(vfsp, flag, cr);
266}
267
268int
269fsop_vget(vfs_t *vfsp, vnode_t **vpp, fid_t *fidp)
270{
271	/*
272	 * In order to handle system attribute fids in a manner
273	 * transparent to the underlying fs, we embed the fid for
274	 * the sysattr parent object in the sysattr fid and tack on
275	 * some extra bytes that only the sysattr layer knows about.
276	 *
277	 * This guarantees that sysattr fids are larger than other fids
278	 * for this vfs. If the vfs supports the sysattr view interface
279	 * (as indicated by VFSFT_SYSATTR_VIEWS), we cannot have a size
280	 * collision with XATTR_FIDSZ.
281	 */
282	if (vfs_has_feature(vfsp, VFSFT_SYSATTR_VIEWS) &&
283	    fidp->fid_len == XATTR_FIDSZ)
284		return (xattr_dir_vget(vfsp, vpp, fidp));
285
286	return (*(vfsp)->vfs_op->vfs_vget)(vfsp, vpp, fidp);
287}
288
289int
290fsop_mountroot(vfs_t *vfsp, enum whymountroot reason)
291{
292	return (*(vfsp)->vfs_op->vfs_mountroot)(vfsp, reason);
293}
294
295void
296fsop_freefs(vfs_t *vfsp)
297{
298	(*(vfsp)->vfs_op->vfs_freevfs)(vfsp);
299}
300
301int
302fsop_vnstate(vfs_t *vfsp, vnode_t *vp, vntrans_t nstate)
303{
304	return ((*(vfsp)->vfs_op->vfs_vnstate)(vfsp, vp, nstate));
305}
306
307int
308fsop_sync_by_kind(int fstype, short flag, cred_t *cr)
309{
310	ASSERT((fstype >= 0) && (fstype < nfstype));
311
312	if (ALLOCATED_VFSSW(&vfssw[fstype]) && VFS_INSTALLED(&vfssw[fstype]))
313		return (*vfssw[fstype].vsw_vfsops.vfs_sync) (NULL, flag, cr);
314	else
315		return (ENOTSUP);
316}
317
318/*
319 * File system initialization.  vfs_setfsops() must be called from a file
320 * system's init routine.
321 */
322
323static int
324fs_copyfsops(const fs_operation_def_t *template, vfsops_t *actual,
325    int *unused_ops)
326{
327	static const fs_operation_trans_def_t vfs_ops_table[] = {
328		VFSNAME_MOUNT, offsetof(vfsops_t, vfs_mount),
329			fs_nosys, fs_nosys,
330
331		VFSNAME_UNMOUNT, offsetof(vfsops_t, vfs_unmount),
332			fs_nosys, fs_nosys,
333
334		VFSNAME_ROOT, offsetof(vfsops_t, vfs_root),
335			fs_nosys, fs_nosys,
336
337		VFSNAME_STATVFS, offsetof(vfsops_t, vfs_statvfs),
338			fs_nosys, fs_nosys,
339
340		VFSNAME_SYNC, offsetof(vfsops_t, vfs_sync),
341			(fs_generic_func_p) fs_sync,
342			(fs_generic_func_p) fs_sync,	/* No errors allowed */
343
344		VFSNAME_VGET, offsetof(vfsops_t, vfs_vget),
345			fs_nosys, fs_nosys,
346
347		VFSNAME_MOUNTROOT, offsetof(vfsops_t, vfs_mountroot),
348			fs_nosys, fs_nosys,
349
350		VFSNAME_FREEVFS, offsetof(vfsops_t, vfs_freevfs),
351			(fs_generic_func_p)(uintptr_t)fs_freevfs,
352			/* Shouldn't fail */
353			(fs_generic_func_p)(uintptr_t)fs_freevfs,
354
355		VFSNAME_VNSTATE, offsetof(vfsops_t, vfs_vnstate),
356			(fs_generic_func_p)fs_nosys,
357			(fs_generic_func_p)fs_nosys,
358
359		NULL, 0, NULL, NULL
360	};
361
362	return (fs_build_vector(actual, unused_ops, vfs_ops_table, template));
363}
364
365void
366zfs_boot_init(void)
367{
368	if (strcmp(rootfs.bo_fstype, MNTTYPE_ZFS) == 0)
369		spa_boot_init();
370}
371
372int
373vfs_setfsops(int fstype, const fs_operation_def_t *template, vfsops_t **actual)
374{
375	int error;
376	int unused_ops;
377
378	/*
379	 * Verify that fstype refers to a valid fs.  Note that
380	 * 0 is valid since it's used to set "stray" ops.
381	 */
382	if ((fstype < 0) || (fstype >= nfstype))
383		return (EINVAL);
384
385	if (!ALLOCATED_VFSSW(&vfssw[fstype]))
386		return (EINVAL);
387
388	/* Set up the operations vector. */
389
390	error = fs_copyfsops(template, &vfssw[fstype].vsw_vfsops, &unused_ops);
391
392	if (error != 0)
393		return (error);
394
395	vfssw[fstype].vsw_flag |= VSW_INSTALLED;
396
397	if (actual != NULL)
398		*actual = &vfssw[fstype].vsw_vfsops;
399
400#if DEBUG
401	if (unused_ops != 0)
402		cmn_err(CE_WARN, "vfs_setfsops: %s: %d operations supplied "
403		    "but not used", vfssw[fstype].vsw_name, unused_ops);
404#endif
405
406	return (0);
407}
408
409int
410vfs_makefsops(const fs_operation_def_t *template, vfsops_t **actual)
411{
412	int error;
413	int unused_ops;
414
415	*actual = (vfsops_t *)kmem_alloc(sizeof (vfsops_t), KM_SLEEP);
416
417	error = fs_copyfsops(template, *actual, &unused_ops);
418	if (error != 0) {
419		kmem_free(*actual, sizeof (vfsops_t));
420		*actual = NULL;
421		return (error);
422	}
423
424	return (0);
425}
426
427/*
428 * Free a vfsops structure created as a result of vfs_makefsops().
429 * NOTE: For a vfsops structure initialized by vfs_setfsops(), use
430 * vfs_freevfsops_by_type().
431 */
432void
433vfs_freevfsops(vfsops_t *vfsops)
434{
435	kmem_free(vfsops, sizeof (vfsops_t));
436}
437
438/*
439 * Since the vfsops structure is part of the vfssw table and wasn't
440 * really allocated, we're not really freeing anything.  We keep
441 * the name for consistency with vfs_freevfsops().  We do, however,
442 * need to take care of a little bookkeeping.
443 * NOTE: For a vfsops structure created by vfs_setfsops(), use
444 * vfs_freevfsops_by_type().
445 */
446int
447vfs_freevfsops_by_type(int fstype)
448{
449
450	/* Verify that fstype refers to a loaded fs (and not fsid 0). */
451	if ((fstype <= 0) || (fstype >= nfstype))
452		return (EINVAL);
453
454	WLOCK_VFSSW();
455	if ((vfssw[fstype].vsw_flag & VSW_INSTALLED) == 0) {
456		WUNLOCK_VFSSW();
457		return (EINVAL);
458	}
459
460	vfssw[fstype].vsw_flag &= ~VSW_INSTALLED;
461	WUNLOCK_VFSSW();
462
463	return (0);
464}
465
466/* Support routines used to reference vfs_op */
467
468/* Set the operations vector for a vfs */
469void
470vfs_setops(vfs_t *vfsp, vfsops_t *vfsops)
471{
472	vfsops_t	*op;
473
474	ASSERT(vfsp != NULL);
475	ASSERT(vfsops != NULL);
476
477	op = vfsp->vfs_op;
478	membar_consumer();
479	if (vfsp->vfs_femhead == NULL &&
480	    atomic_cas_ptr(&vfsp->vfs_op, op, vfsops) == op) {
481		return;
482	}
483	fsem_setvfsops(vfsp, vfsops);
484}
485
486/* Retrieve the operations vector for a vfs */
487vfsops_t *
488vfs_getops(vfs_t *vfsp)
489{
490	vfsops_t	*op;
491
492	ASSERT(vfsp != NULL);
493
494	op = vfsp->vfs_op;
495	membar_consumer();
496	if (vfsp->vfs_femhead == NULL && op == vfsp->vfs_op) {
497		return (op);
498	} else {
499		return (fsem_getvfsops(vfsp));
500	}
501}
502
503/*
504 * Returns non-zero (1) if the vfsops matches that of the vfs.
505 * Returns zero (0) if not.
506 */
507int
508vfs_matchops(vfs_t *vfsp, vfsops_t *vfsops)
509{
510	return (vfs_getops(vfsp) == vfsops);
511}
512
513/*
514 * Returns non-zero (1) if the file system has installed a non-default,
515 * non-error vfs_sync routine.  Returns zero (0) otherwise.
516 */
517int
518vfs_can_sync(vfs_t *vfsp)
519{
520	/* vfs_sync() routine is not the default/error function */
521	return (vfs_getops(vfsp)->vfs_sync != fs_sync);
522}
523
524/*
525 * Initialize a vfs structure.
526 */
527void
528vfs_init(vfs_t *vfsp, vfsops_t *op, void *data)
529{
530	/* Other initialization has been moved to vfs_alloc() */
531	vfsp->vfs_count = 0;
532	vfsp->vfs_next = vfsp;
533	vfsp->vfs_prev = vfsp;
534	vfsp->vfs_zone_next = vfsp;
535	vfsp->vfs_zone_prev = vfsp;
536	vfsp->vfs_lofi_id = 0;
537	sema_init(&vfsp->vfs_reflock, 1, NULL, SEMA_DEFAULT, NULL);
538	vfsimpl_setup(vfsp);
539	vfsp->vfs_data = (data);
540	vfs_setops((vfsp), (op));
541}
542
543/*
544 * Allocate and initialize the vfs implementation private data
545 * structure, vfs_impl_t.
546 */
547void
548vfsimpl_setup(vfs_t *vfsp)
549{
550	int i;
551
552	if (vfsp->vfs_implp != NULL) {
553		return;
554	}
555
556	vfsp->vfs_implp = kmem_alloc(sizeof (vfs_impl_t), KM_SLEEP);
557	/* Note that these are #define'd in vfs.h */
558	vfsp->vfs_vskap = NULL;
559	vfsp->vfs_fstypevsp = NULL;
560
561	/* Set size of counted array, then zero the array */
562	vfsp->vfs_featureset[0] = VFS_FEATURE_MAXSZ - 1;
563	for (i = 1; i <  VFS_FEATURE_MAXSZ; i++) {
564		vfsp->vfs_featureset[i] = 0;
565	}
566}
567
568/*
569 * Release the vfs_impl_t structure, if it exists. Some unbundled
570 * filesystems may not use the newer version of vfs and thus
571 * would not contain this implementation private data structure.
572 */
573void
574vfsimpl_teardown(vfs_t *vfsp)
575{
576	vfs_impl_t	*vip = vfsp->vfs_implp;
577
578	if (vip == NULL)
579		return;
580
581	kmem_free(vfsp->vfs_implp, sizeof (vfs_impl_t));
582	vfsp->vfs_implp = NULL;
583}
584
585/*
586 * VFS system calls: mount, umount, syssync, statfs, fstatfs, statvfs,
587 * fstatvfs, and sysfs moved to common/syscall.
588 */
589
590/*
591 * Update every mounted file system.  We call the vfs_sync operation of
592 * each file system type, passing it a NULL vfsp to indicate that all
593 * mounted file systems of that type should be updated.
594 */
595void
596vfs_sync(int flag)
597{
598	struct vfssw *vswp;
599	RLOCK_VFSSW();
600	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++) {
601		if (ALLOCATED_VFSSW(vswp) && VFS_INSTALLED(vswp)) {
602			vfs_refvfssw(vswp);
603			RUNLOCK_VFSSW();
604			(void) (*vswp->vsw_vfsops.vfs_sync)(NULL, flag,
605			    CRED());
606			vfs_unrefvfssw(vswp);
607			RLOCK_VFSSW();
608		}
609	}
610	RUNLOCK_VFSSW();
611}
612
613void
614sync(void)
615{
616	vfs_sync(0);
617}
618
619/*
620 * External routines.
621 */
622
623krwlock_t vfssw_lock;	/* lock accesses to vfssw */
624
625/*
626 * Lock for accessing the vfs linked list.  Initialized in vfs_mountroot(),
627 * but otherwise should be accessed only via vfs_list_lock() and
628 * vfs_list_unlock().  Also used to protect the timestamp for mods to the list.
629 */
630static krwlock_t vfslist;
631
632/*
633 * Mount devfs on /devices. This is done right after root is mounted
634 * to provide device access support for the system
635 */
636static void
637vfs_mountdevices(void)
638{
639	struct vfssw *vsw;
640	struct vnode *mvp;
641	struct mounta mounta = {	/* fake mounta for devfs_mount() */
642		NULL,
643		NULL,
644		MS_SYSSPACE,
645		NULL,
646		NULL,
647		0,
648		NULL,
649		0
650	};
651
652	/*
653	 * _init devfs module to fill in the vfssw
654	 */
655	if (modload("fs", "devfs") == -1)
656		panic("Cannot _init devfs module");
657
658	/*
659	 * Hold vfs
660	 */
661	RLOCK_VFSSW();
662	vsw = vfs_getvfsswbyname("devfs");
663	VFS_INIT(&devices, &vsw->vsw_vfsops, NULL);
664	VFS_HOLD(&devices);
665
666	/*
667	 * Locate mount point
668	 */
669	if (lookupname("/devices", UIO_SYSSPACE, FOLLOW, NULLVPP, &mvp))
670		panic("Cannot find /devices");
671
672	/*
673	 * Perform the mount of /devices
674	 */
675	if (VFS_MOUNT(&devices, mvp, &mounta, CRED()))
676		panic("Cannot mount /devices");
677
678	RUNLOCK_VFSSW();
679
680	/*
681	 * Set appropriate members and add to vfs list for mnttab display
682	 */
683	vfs_setresource(&devices, "/devices", 0);
684	vfs_setmntpoint(&devices, "/devices", 0);
685
686	/*
687	 * Hold the root of /devices so it won't go away
688	 */
689	if (VFS_ROOT(&devices, &devicesdir))
690		panic("vfs_mountdevices: not devices root");
691
692	if (vfs_lock(&devices) != 0) {
693		VN_RELE(devicesdir);
694		cmn_err(CE_NOTE, "Cannot acquire vfs_lock of /devices");
695		return;
696	}
697
698	if (vn_vfswlock(mvp) != 0) {
699		vfs_unlock(&devices);
700		VN_RELE(devicesdir);
701		cmn_err(CE_NOTE, "Cannot acquire vfswlock of /devices");
702		return;
703	}
704
705	vfs_add(mvp, &devices, 0);
706	vn_vfsunlock(mvp);
707	vfs_unlock(&devices);
708	VN_RELE(devicesdir);
709}
710
711/*
712 * mount the first instance of /dev  to root and remain mounted
713 */
714static void
715vfs_mountdev1(void)
716{
717	struct vfssw *vsw;
718	struct vnode *mvp;
719	struct mounta mounta = {	/* fake mounta for sdev_mount() */
720		NULL,
721		NULL,
722		MS_SYSSPACE | MS_OVERLAY,
723		NULL,
724		NULL,
725		0,
726		NULL,
727		0
728	};
729
730	/*
731	 * _init dev module to fill in the vfssw
732	 */
733	if (modload("fs", "dev") == -1)
734		cmn_err(CE_PANIC, "Cannot _init dev module\n");
735
736	/*
737	 * Hold vfs
738	 */
739	RLOCK_VFSSW();
740	vsw = vfs_getvfsswbyname("dev");
741	VFS_INIT(&dev, &vsw->vsw_vfsops, NULL);
742	VFS_HOLD(&dev);
743
744	/*
745	 * Locate mount point
746	 */
747	if (lookupname("/dev", UIO_SYSSPACE, FOLLOW, NULLVPP, &mvp))
748		cmn_err(CE_PANIC, "Cannot find /dev\n");
749
750	/*
751	 * Perform the mount of /dev
752	 */
753	if (VFS_MOUNT(&dev, mvp, &mounta, CRED()))
754		cmn_err(CE_PANIC, "Cannot mount /dev 1\n");
755
756	RUNLOCK_VFSSW();
757
758	/*
759	 * Set appropriate members and add to vfs list for mnttab display
760	 */
761	vfs_setresource(&dev, "/dev", 0);
762	vfs_setmntpoint(&dev, "/dev", 0);
763
764	/*
765	 * Hold the root of /dev so it won't go away
766	 */
767	if (VFS_ROOT(&dev, &devdir))
768		cmn_err(CE_PANIC, "vfs_mountdev1: not dev root");
769
770	if (vfs_lock(&dev) != 0) {
771		VN_RELE(devdir);
772		cmn_err(CE_NOTE, "Cannot acquire vfs_lock of /dev");
773		return;
774	}
775
776	if (vn_vfswlock(mvp) != 0) {
777		vfs_unlock(&dev);
778		VN_RELE(devdir);
779		cmn_err(CE_NOTE, "Cannot acquire vfswlock of /dev");
780		return;
781	}
782
783	vfs_add(mvp, &dev, 0);
784	vn_vfsunlock(mvp);
785	vfs_unlock(&dev);
786	VN_RELE(devdir);
787}
788
789/*
790 * Mount required filesystem. This is done right after root is mounted.
791 */
792static void
793vfs_mountfs(char *module, char *spec, char *path)
794{
795	struct vnode *mvp;
796	struct mounta mounta;
797	vfs_t *vfsp;
798
799	bzero(&mounta, sizeof (mounta));
800	mounta.flags = MS_SYSSPACE | MS_DATA;
801	mounta.fstype = module;
802	mounta.spec = spec;
803	mounta.dir = path;
804	if (lookupname(path, UIO_SYSSPACE, FOLLOW, NULLVPP, &mvp)) {
805		cmn_err(CE_WARN, "Cannot find %s", path);
806		return;
807	}
808	if (domount(NULL, &mounta, mvp, CRED(), &vfsp))
809		cmn_err(CE_WARN, "Cannot mount %s", path);
810	else
811		VFS_RELE(vfsp);
812	VN_RELE(mvp);
813}
814
815/*
816 * vfs_mountroot is called by main() to mount the root filesystem.
817 */
818void
819vfs_mountroot(void)
820{
821	struct vnode	*rvp = NULL;
822	char		*path;
823	size_t		plen;
824	struct vfssw	*vswp;
825	proc_t		*p;
826
827	rw_init(&vfssw_lock, NULL, RW_DEFAULT, NULL);
828	rw_init(&vfslist, NULL, RW_DEFAULT, NULL);
829
830	/*
831	 * Alloc the vfs hash bucket array and locks
832	 */
833	rvfs_list = kmem_zalloc(vfshsz * sizeof (rvfs_t), KM_SLEEP);
834
835	/*
836	 * Call machine-dependent routine "rootconf" to choose a root
837	 * file system type.
838	 */
839	if (rootconf())
840		panic("vfs_mountroot: cannot mount root");
841	/*
842	 * Get vnode for '/'.  Set up rootdir, u.u_rdir and u.u_cdir
843	 * to point to it.  These are used by lookuppn() so that it
844	 * knows where to start from ('/' or '.').
845	 */
846	vfs_setmntpoint(rootvfs, "/", 0);
847	if (VFS_ROOT(rootvfs, &rootdir))
848		panic("vfs_mountroot: no root vnode");
849
850	/*
851	 * At this point, the process tree consists of p0 and possibly some
852	 * direct children of p0.  (i.e. there are no grandchildren)
853	 *
854	 * Walk through them all, setting their current directory.
855	 */
856	mutex_enter(&pidlock);
857	for (p = practive; p != NULL; p = p->p_next) {
858		ASSERT(p == &p0 || p->p_parent == &p0);
859
860		PTOU(p)->u_cdir = rootdir;
861		VN_HOLD(PTOU(p)->u_cdir);
862		PTOU(p)->u_rdir = NULL;
863	}
864	mutex_exit(&pidlock);
865
866	/*
867	 * Setup the global zone's rootvp, now that it exists.
868	 */
869	global_zone->zone_rootvp = rootdir;
870	VN_HOLD(global_zone->zone_rootvp);
871
872	/*
873	 * Notify the module code that it can begin using the
874	 * root filesystem instead of the boot program's services.
875	 */
876	modrootloaded = 1;
877
878	/*
879	 * Special handling for a ZFS root file system.
880	 */
881	zfs_boot_init();
882
883	/*
884	 * Set up mnttab information for root
885	 */
886	vfs_setresource(rootvfs, rootfs.bo_name, 0);
887
888	/*
889	 * Notify cluster software that the root filesystem is available.
890	 */
891	clboot_mountroot();
892
893	/* Now that we're all done with the root FS, set up its vopstats */
894	if ((vswp = vfs_getvfsswbyvfsops(vfs_getops(rootvfs))) != NULL) {
895		/* Set flag for statistics collection */
896		if (vswp->vsw_flag & VSW_STATS) {
897			initialize_vopstats(&rootvfs->vfs_vopstats);
898			rootvfs->vfs_flag |= VFS_STATS;
899			rootvfs->vfs_fstypevsp =
900			    get_fstype_vopstats(rootvfs, vswp);
901			rootvfs->vfs_vskap = get_vskstat_anchor(rootvfs);
902		}
903		vfs_unrefvfssw(vswp);
904	}
905
906	/*
907	 * Mount /devices, /dev instance 1, /system/contract, /etc/mnttab,
908	 * /etc/svc/volatile, /etc/dfs/sharetab, /system/object, and /proc.
909	 */
910	vfs_mountdevices();
911	vfs_mountdev1();
912
913	vfs_mountfs("ctfs", "ctfs", CTFS_ROOT);
914	vfs_mountfs("proc", "/proc", "/proc");
915	vfs_mountfs("mntfs", "/etc/mnttab", "/etc/mnttab");
916	vfs_mountfs("tmpfs", "/etc/svc/volatile", "/etc/svc/volatile");
917	vfs_mountfs("objfs", "objfs", OBJFS_ROOT);
918	vfs_mountfs("bootfs", "bootfs", "/system/boot");
919
920	if (getzoneid() == GLOBAL_ZONEID) {
921		vfs_mountfs("sharefs", "sharefs", "/etc/dfs/sharetab");
922	}
923
924	if (strcmp(rootfs.bo_fstype, "zfs") != 0) {
925		/*
926		 * Look up the root device via devfs so that a dv_node is
927		 * created for it. The vnode is never VN_RELE()ed.
928		 * We allocate more than MAXPATHLEN so that the
929		 * buffer passed to i_ddi_prompath_to_devfspath() is
930		 * exactly MAXPATHLEN (the function expects a buffer
931		 * of that length).
932		 */
933		plen = strlen("/devices");
934		path = kmem_alloc(plen + MAXPATHLEN, KM_SLEEP);
935		(void) strcpy(path, "/devices");
936
937		if (i_ddi_prompath_to_devfspath(rootfs.bo_name, path + plen)
938		    != DDI_SUCCESS ||
939		    lookupname(path, UIO_SYSSPACE, FOLLOW, NULLVPP, &rvp)) {
940
941			/* NUL terminate in case "path" has garbage */
942			path[plen + MAXPATHLEN - 1] = '\0';
943#ifdef	DEBUG
944			cmn_err(CE_WARN, "!Cannot lookup root device: %s",
945			    path);
946#endif
947		}
948		kmem_free(path, plen + MAXPATHLEN);
949	}
950
951	vfs_mnttabvp_setup();
952}
953
954/*
955 * Check to see if our "block device" is actually a file.  If so,
956 * automatically add a lofi device, and keep track of this fact.
957 */
958static int
959lofi_add(const char *fsname, struct vfs *vfsp,
960    mntopts_t *mntopts, struct mounta *uap)
961{
962	int fromspace = (uap->flags & MS_SYSSPACE) ?
963	    UIO_SYSSPACE : UIO_USERSPACE;
964	struct lofi_ioctl *li = NULL;
965	struct vnode *vp = NULL;
966	struct pathname	pn = { NULL };
967	ldi_ident_t ldi_id;
968	ldi_handle_t ldi_hdl;
969	vfssw_t *vfssw;
970	int id;
971	int err = 0;
972
973	if ((vfssw = vfs_getvfssw(fsname)) == NULL)
974		return (0);
975
976	if (!(vfssw->vsw_flag & VSW_CANLOFI)) {
977		vfs_unrefvfssw(vfssw);
978		return (0);
979	}
980
981	vfs_unrefvfssw(vfssw);
982	vfssw = NULL;
983
984	if (pn_get(uap->spec, fromspace, &pn) != 0)
985		return (0);
986
987	if (lookupname(uap->spec, fromspace, FOLLOW, NULL, &vp) != 0)
988		goto out;
989
990	if (vp->v_type != VREG)
991		goto out;
992
993	/* OK, this is a lofi mount. */
994
995	if ((uap->flags & (MS_REMOUNT|MS_GLOBAL)) ||
996	    vfs_optionisset_nolock(mntopts, MNTOPT_SUID, NULL) ||
997	    vfs_optionisset_nolock(mntopts, MNTOPT_SETUID, NULL) ||
998	    vfs_optionisset_nolock(mntopts, MNTOPT_DEVICES, NULL)) {
999		err = EINVAL;
1000		goto out;
1001	}
1002
1003	ldi_id = ldi_ident_from_anon();
1004	li = kmem_zalloc(sizeof (*li), KM_SLEEP);
1005	(void) strlcpy(li->li_filename, pn.pn_path, MAXPATHLEN);
1006
1007	err = ldi_open_by_name("/dev/lofictl", FREAD | FWRITE, kcred,
1008	    &ldi_hdl, ldi_id);
1009
1010	if (err)
1011		goto out2;
1012
1013	err = ldi_ioctl(ldi_hdl, LOFI_MAP_FILE, (intptr_t)li,
1014	    FREAD | FWRITE | FKIOCTL, kcred, &id);
1015
1016	(void) ldi_close(ldi_hdl, FREAD | FWRITE, kcred);
1017
1018	if (!err)
1019		vfsp->vfs_lofi_id = id;
1020
1021out2:
1022	ldi_ident_release(ldi_id);
1023out:
1024	if (li != NULL)
1025		kmem_free(li, sizeof (*li));
1026	if (vp != NULL)
1027		VN_RELE(vp);
1028	pn_free(&pn);
1029	return (err);
1030}
1031
1032static void
1033lofi_remove(struct vfs *vfsp)
1034{
1035	struct lofi_ioctl *li;
1036	ldi_ident_t ldi_id;
1037	ldi_handle_t ldi_hdl;
1038	int err;
1039
1040	if (vfsp->vfs_lofi_id == 0)
1041		return;
1042
1043	ldi_id = ldi_ident_from_anon();
1044
1045	li = kmem_zalloc(sizeof (*li), KM_SLEEP);
1046	li->li_id = vfsp->vfs_lofi_id;
1047	li->li_cleanup = B_TRUE;
1048
1049	err = ldi_open_by_name("/dev/lofictl", FREAD | FWRITE, kcred,
1050	    &ldi_hdl, ldi_id);
1051
1052	if (err)
1053		goto out;
1054
1055	err = ldi_ioctl(ldi_hdl, LOFI_UNMAP_FILE_MINOR, (intptr_t)li,
1056	    FREAD | FWRITE | FKIOCTL, kcred, NULL);
1057
1058	(void) ldi_close(ldi_hdl, FREAD | FWRITE, kcred);
1059
1060	if (!err)
1061		vfsp->vfs_lofi_id = 0;
1062
1063out:
1064	ldi_ident_release(ldi_id);
1065	kmem_free(li, sizeof (*li));
1066}
1067
1068/*
1069 * Common mount code.  Called from the system call entry point, from autofs,
1070 * nfsv4 trigger mounts, and from pxfs.
1071 *
1072 * Takes the effective file system type, mount arguments, the mount point
1073 * vnode, flags specifying whether the mount is a remount and whether it
1074 * should be entered into the vfs list, and credentials.  Fills in its vfspp
1075 * parameter with the mounted file system instance's vfs.
1076 *
1077 * Note that the effective file system type is specified as a string.  It may
1078 * be null, in which case it's determined from the mount arguments, and may
1079 * differ from the type specified in the mount arguments; this is a hook to
1080 * allow interposition when instantiating file system instances.
1081 *
1082 * The caller is responsible for releasing its own hold on the mount point
1083 * vp (this routine does its own hold when necessary).
1084 * Also note that for remounts, the mount point vp should be the vnode for
1085 * the root of the file system rather than the vnode that the file system
1086 * is mounted on top of.
1087 */
1088int
1089domount(char *fsname, struct mounta *uap, vnode_t *vp, struct cred *credp,
1090    struct vfs **vfspp)
1091{
1092	struct vfssw	*vswp;
1093	vfsops_t	*vfsops;
1094	struct vfs	*vfsp;
1095	struct vnode	*bvp;
1096	dev_t		bdev = 0;
1097	mntopts_t	mnt_mntopts;
1098	int		error = 0;
1099	int		copyout_error = 0;
1100	int		ovflags = 0;
1101	char		*opts = uap->optptr;
1102	char		*inargs = opts;
1103	int		optlen = uap->optlen;
1104	int		remount;
1105	int		rdonly;
1106	int		nbmand = 0;
1107	int		delmip = 0;
1108	int		addmip = 0;
1109	int		splice = ((uap->flags & MS_NOSPLICE) == 0);
1110	int		fromspace = (uap->flags & MS_SYSSPACE) ?
1111	    UIO_SYSSPACE : UIO_USERSPACE;
1112	char		*resource = NULL, *mountpt = NULL;
1113	refstr_t	*oldresource, *oldmntpt;
1114	struct pathname	pn, rpn;
1115	vsk_anchor_t	*vskap;
1116	char fstname[FSTYPSZ];
1117	zone_t		*zone;
1118
1119	/*
1120	 * The v_flag value for the mount point vp is permanently set
1121	 * to VVFSLOCK so that no one bypasses the vn_vfs*locks routine
1122	 * for mount point locking.
1123	 */
1124	mutex_enter(&vp->v_lock);
1125	vp->v_flag |= VVFSLOCK;
1126	mutex_exit(&vp->v_lock);
1127
1128	mnt_mntopts.mo_count = 0;
1129	/*
1130	 * Find the ops vector to use to invoke the file system-specific mount
1131	 * method.  If the fsname argument is non-NULL, use it directly.
1132	 * Otherwise, dig the file system type information out of the mount
1133	 * arguments.
1134	 *
1135	 * A side effect is to hold the vfssw entry.
1136	 *
1137	 * Mount arguments can be specified in several ways, which are
1138	 * distinguished by flag bit settings.  The preferred way is to set
1139	 * MS_OPTIONSTR, indicating an 8 argument mount with the file system
1140	 * type supplied as a character string and the last two arguments
1141	 * being a pointer to a character buffer and the size of the buffer.
1142	 * On entry, the buffer holds a null terminated list of options; on
1143	 * return, the string is the list of options the file system
1144	 * recognized. If MS_DATA is set arguments five and six point to a
1145	 * block of binary data which the file system interprets.
1146	 * A further wrinkle is that some callers don't set MS_FSS and MS_DATA
1147	 * consistently with these conventions.  To handle them, we check to
1148	 * see whether the pointer to the file system name has a numeric value
1149	 * less than 256.  If so, we treat it as an index.
1150	 */
1151	if (fsname != NULL) {
1152		if ((vswp = vfs_getvfssw(fsname)) == NULL) {
1153			return (EINVAL);
1154		}
1155	} else if (uap->flags & (MS_OPTIONSTR | MS_DATA | MS_FSS)) {
1156		size_t n;
1157		uint_t fstype;
1158
1159		fsname = fstname;
1160
1161		if ((fstype = (uintptr_t)uap->fstype) < 256) {
1162			RLOCK_VFSSW();
1163			if (fstype == 0 || fstype >= nfstype ||
1164			    !ALLOCATED_VFSSW(&vfssw[fstype])) {
1165				RUNLOCK_VFSSW();
1166				return (EINVAL);
1167			}
1168			(void) strcpy(fsname, vfssw[fstype].vsw_name);
1169			RUNLOCK_VFSSW();
1170			if ((vswp = vfs_getvfssw(fsname)) == NULL)
1171				return (EINVAL);
1172		} else {
1173			/*
1174			 * Handle either kernel or user address space.
1175			 */
1176			if (uap->flags & MS_SYSSPACE) {
1177				error = copystr(uap->fstype, fsname,
1178				    FSTYPSZ, &n);
1179			} else {
1180				error = copyinstr(uap->fstype, fsname,
1181				    FSTYPSZ, &n);
1182			}
1183			if (error) {
1184				if (error == ENAMETOOLONG)
1185					return (EINVAL);
1186				return (error);
1187			}
1188			if ((vswp = vfs_getvfssw(fsname)) == NULL)
1189				return (EINVAL);
1190		}
1191	} else {
1192		if ((vswp = vfs_getvfsswbyvfsops(vfs_getops(rootvfs))) == NULL)
1193			return (EINVAL);
1194		fsname = vswp->vsw_name;
1195	}
1196	if (!VFS_INSTALLED(vswp))
1197		return (EINVAL);
1198
1199	if ((error = secpolicy_fs_allowed_mount(fsname)) != 0)  {
1200		vfs_unrefvfssw(vswp);
1201		return (error);
1202	}
1203
1204	vfsops = &vswp->vsw_vfsops;
1205
1206	vfs_copyopttbl(&vswp->vsw_optproto, &mnt_mntopts);
1207	/*
1208	 * Fetch mount options and parse them for generic vfs options
1209	 */
1210	if (uap->flags & MS_OPTIONSTR) {
1211		/*
1212		 * Limit the buffer size
1213		 */
1214		if (optlen < 0 || optlen > MAX_MNTOPT_STR) {
1215			error = EINVAL;
1216			goto errout;
1217		}
1218		if ((uap->flags & MS_SYSSPACE) == 0) {
1219			inargs = kmem_alloc(MAX_MNTOPT_STR, KM_SLEEP);
1220			inargs[0] = '\0';
1221			if (optlen) {
1222				error = copyinstr(opts, inargs, (size_t)optlen,
1223				    NULL);
1224				if (error) {
1225					goto errout;
1226				}
1227			}
1228		}
1229		vfs_parsemntopts(&mnt_mntopts, inargs, 0);
1230	}
1231	/*
1232	 * Flag bits override the options string.
1233	 */
1234	if (uap->flags & MS_REMOUNT)
1235		vfs_setmntopt_nolock(&mnt_mntopts, MNTOPT_REMOUNT, NULL, 0, 0);
1236	if (uap->flags & MS_RDONLY)
1237		vfs_setmntopt_nolock(&mnt_mntopts, MNTOPT_RO, NULL, 0, 0);
1238	if (uap->flags & MS_NOSUID)
1239		vfs_setmntopt_nolock(&mnt_mntopts, MNTOPT_NOSUID, NULL, 0, 0);
1240
1241	/*
1242	 * Check if this is a remount; must be set in the option string and
1243	 * the file system must support a remount option.
1244	 */
1245	if (remount = vfs_optionisset_nolock(&mnt_mntopts,
1246	    MNTOPT_REMOUNT, NULL)) {
1247		if (!(vswp->vsw_flag & VSW_CANREMOUNT)) {
1248			error = ENOTSUP;
1249			goto errout;
1250		}
1251		uap->flags |= MS_REMOUNT;
1252	}
1253
1254	/*
1255	 * uap->flags and vfs_optionisset() should agree.
1256	 */
1257	if (rdonly = vfs_optionisset_nolock(&mnt_mntopts, MNTOPT_RO, NULL)) {
1258		uap->flags |= MS_RDONLY;
1259	}
1260	if (vfs_optionisset_nolock(&mnt_mntopts, MNTOPT_NOSUID, NULL)) {
1261		uap->flags |= MS_NOSUID;
1262	}
1263	nbmand = vfs_optionisset_nolock(&mnt_mntopts, MNTOPT_NBMAND, NULL);
1264	ASSERT(splice || !remount);
1265	/*
1266	 * If we are splicing the fs into the namespace,
1267	 * perform mount point checks.
1268	 *
1269	 * We want to resolve the path for the mount point to eliminate
1270	 * '.' and ".." and symlinks in mount points; we can't do the
1271	 * same for the resource string, since it would turn
1272	 * "/dev/dsk/c0t0d0s0" into "/devices/pci@...".  We need to do
1273	 * this before grabbing vn_vfswlock(), because otherwise we
1274	 * would deadlock with lookuppn().
1275	 */
1276	if (splice) {
1277		ASSERT(vp->v_count > 0);
1278
1279		/*
1280		 * Pick up mount point and device from appropriate space.
1281		 */
1282		if (pn_get(uap->spec, fromspace, &pn) == 0) {
1283			resource = kmem_alloc(pn.pn_pathlen + 1,
1284			    KM_SLEEP);
1285			(void) strcpy(resource, pn.pn_path);
1286			pn_free(&pn);
1287		}
1288		/*
1289		 * Do a lookupname prior to taking the
1290		 * writelock. Mark this as completed if
1291		 * successful for later cleanup and addition to
1292		 * the mount in progress table.
1293		 */
1294		if ((vswp->vsw_flag & VSW_MOUNTDEV) &&
1295		    (uap->flags & MS_GLOBAL) == 0 &&
1296		    lookupname(uap->spec, fromspace,
1297		    FOLLOW, NULL, &bvp) == 0) {
1298			addmip = 1;
1299		}
1300
1301		if ((error = pn_get(uap->dir, fromspace, &pn)) == 0) {
1302			pathname_t *pnp;
1303
1304			if (*pn.pn_path != '/') {
1305				error = EINVAL;
1306				pn_free(&pn);
1307				goto errout;
1308			}
1309			pn_alloc(&rpn);
1310			/*
1311			 * Kludge to prevent autofs from deadlocking with
1312			 * itself when it calls domount().
1313			 *
1314			 * If autofs is calling, it is because it is doing
1315			 * (autofs) mounts in the process of an NFS mount.  A
1316			 * lookuppn() here would cause us to block waiting for
1317			 * said NFS mount to complete, which can't since this
1318			 * is the thread that was supposed to doing it.
1319			 */
1320			if (fromspace == UIO_USERSPACE) {
1321				if ((error = lookuppn(&pn, &rpn, FOLLOW, NULL,
1322				    NULL)) == 0) {
1323					pnp = &rpn;
1324				} else {
1325					/*
1326					 * The file disappeared or otherwise
1327					 * became inaccessible since we opened
1328					 * it; might as well fail the mount
1329					 * since the mount point is no longer
1330					 * accessible.
1331					 */
1332					pn_free(&rpn);
1333					pn_free(&pn);
1334					goto errout;
1335				}
1336			} else {
1337				pnp = &pn;
1338			}
1339			mountpt = kmem_alloc(pnp->pn_pathlen + 1, KM_SLEEP);
1340			(void) strcpy(mountpt, pnp->pn_path);
1341
1342			/*
1343			 * If the addition of the zone's rootpath
1344			 * would push us over a total path length
1345			 * of MAXPATHLEN, we fail the mount with
1346			 * ENAMETOOLONG, which is what we would have
1347			 * gotten if we were trying to perform the same
1348			 * mount in the global zone.
1349			 *
1350			 * strlen() doesn't count the trailing
1351			 * '\0', but zone_rootpathlen counts both a
1352			 * trailing '/' and the terminating '\0'.
1353			 */
1354			if ((curproc->p_zone->zone_rootpathlen - 1 +
1355			    strlen(mountpt)) > MAXPATHLEN ||
1356			    (resource != NULL &&
1357			    (curproc->p_zone->zone_rootpathlen - 1 +
1358			    strlen(resource)) > MAXPATHLEN)) {
1359				error = ENAMETOOLONG;
1360			}
1361
1362			pn_free(&rpn);
1363			pn_free(&pn);
1364		}
1365
1366		if (error)
1367			goto errout;
1368
1369		/*
1370		 * Prevent path name resolution from proceeding past
1371		 * the mount point.
1372		 */
1373		if (vn_vfswlock(vp) != 0) {
1374			error = EBUSY;
1375			goto errout;
1376		}
1377
1378		/*
1379		 * Verify that it's legitimate to establish a mount on
1380		 * the prospective mount point.
1381		 */
1382		if (vn_mountedvfs(vp) != NULL) {
1383			/*
1384			 * The mount point lock was obtained after some
1385			 * other thread raced through and established a mount.
1386			 */
1387			vn_vfsunlock(vp);
1388			error = EBUSY;
1389			goto errout;
1390		}
1391		if (vp->v_flag & VNOMOUNT) {
1392			vn_vfsunlock(vp);
1393			error = EINVAL;
1394			goto errout;
1395		}
1396	}
1397	if ((uap->flags & (MS_DATA | MS_OPTIONSTR)) == 0) {
1398		uap->dataptr = NULL;
1399		uap->datalen = 0;
1400	}
1401
1402	/*
1403	 * If this is a remount, we don't want to create a new VFS.
1404	 * Instead, we pass the existing one with a remount flag.
1405	 */
1406	if (remount) {
1407		/*
1408		 * Confirm that the mount point is the root vnode of the
1409		 * file system that is being remounted.
1410		 * This can happen if the user specifies a different
1411		 * mount point directory pathname in the (re)mount command.
1412		 *
1413		 * Code below can only be reached if splice is true, so it's
1414		 * safe to do vn_vfsunlock() here.
1415		 */
1416		if ((vp->v_flag & VROOT) == 0) {
1417			vn_vfsunlock(vp);
1418			error = ENOENT;
1419			goto errout;
1420		}
1421		/*
1422		 * Disallow making file systems read-only unless file system
1423		 * explicitly allows it in its vfssw.  Ignore other flags.
1424		 */
1425		if (rdonly && vn_is_readonly(vp) == 0 &&
1426		    (vswp->vsw_flag & VSW_CANRWRO) == 0) {
1427			vn_vfsunlock(vp);
1428			error = EINVAL;
1429			goto errout;
1430		}
1431		/*
1432		 * Disallow changing the NBMAND disposition of the file
1433		 * system on remounts.
1434		 */
1435		if ((nbmand && ((vp->v_vfsp->vfs_flag & VFS_NBMAND) == 0)) ||
1436		    (!nbmand && (vp->v_vfsp->vfs_flag & VFS_NBMAND))) {
1437			vn_vfsunlock(vp);
1438			error = EINVAL;
1439			goto errout;
1440		}
1441		vfsp = vp->v_vfsp;
1442		ovflags = vfsp->vfs_flag;
1443		vfsp->vfs_flag |= VFS_REMOUNT;
1444		vfsp->vfs_flag &= ~VFS_RDONLY;
1445	} else {
1446		vfsp = vfs_alloc(KM_SLEEP);
1447		VFS_INIT(vfsp, vfsops, NULL);
1448	}
1449
1450	VFS_HOLD(vfsp);
1451
1452	if ((error = lofi_add(fsname, vfsp, &mnt_mntopts, uap)) != 0) {
1453		if (!remount) {
1454			if (splice)
1455				vn_vfsunlock(vp);
1456			vfs_free(vfsp);
1457		} else {
1458			vn_vfsunlock(vp);
1459			VFS_RELE(vfsp);
1460		}
1461		goto errout;
1462	}
1463
1464	/*
1465	 * PRIV_SYS_MOUNT doesn't mean you can become root.
1466	 */
1467	if (vfsp->vfs_lofi_id != 0) {
1468		uap->flags |= MS_NOSUID;
1469		vfs_setmntopt_nolock(&mnt_mntopts, MNTOPT_NOSUID, NULL, 0, 0);
1470	}
1471
1472	/*
1473	 * The vfs_reflock is not used anymore the code below explicitly
1474	 * holds it preventing others accesing it directly.
1475	 */
1476	if ((sema_tryp(&vfsp->vfs_reflock) == 0) &&
1477	    !(vfsp->vfs_flag & VFS_REMOUNT))
1478		cmn_err(CE_WARN,
1479		    "mount type %s couldn't get vfs_reflock", vswp->vsw_name);
1480
1481	/*
1482	 * Lock the vfs. If this is a remount we want to avoid spurious umount
1483	 * failures that happen as a side-effect of fsflush() and other mount
1484	 * and unmount operations that might be going on simultaneously and
1485	 * may have locked the vfs currently. To not return EBUSY immediately
1486	 * here we use vfs_lock_wait() instead vfs_lock() for the remount case.
1487	 */
1488	if (!remount) {
1489		if (error = vfs_lock(vfsp)) {
1490			lofi_remove(vfsp);
1491
1492			if (splice)
1493				vn_vfsunlock(vp);
1494			vfs_free(vfsp);
1495			goto errout;
1496		}
1497	} else {
1498		vfs_lock_wait(vfsp);
1499	}
1500
1501	/*
1502	 * Add device to mount in progress table, global mounts require special
1503	 * handling. It is possible that we have already done the lookupname
1504	 * on a spliced, non-global fs. If so, we don't want to do it again
1505	 * since we cannot do a lookupname after taking the
1506	 * wlock above. This case is for a non-spliced, non-global filesystem.
1507	 */
1508	if (!addmip) {
1509		if ((vswp->vsw_flag & VSW_MOUNTDEV) &&
1510		    (uap->flags & MS_GLOBAL) == 0 &&
1511		    lookupname(uap->spec, fromspace, FOLLOW, NULL, &bvp) == 0) {
1512			addmip = 1;
1513		}
1514	}
1515
1516	if (addmip) {
1517		vnode_t *lvp = NULL;
1518
1519		error = vfs_get_lofi(vfsp, &lvp);
1520		if (error > 0) {
1521			lofi_remove(vfsp);
1522
1523			if (splice)
1524				vn_vfsunlock(vp);
1525			vfs_unlock(vfsp);
1526
1527			if (remount) {
1528				VFS_RELE(vfsp);
1529			} else {
1530				vfs_free(vfsp);
1531			}
1532
1533			goto errout;
1534		} else if (error == -1) {
1535			bdev = bvp->v_rdev;
1536			VN_RELE(bvp);
1537		} else {
1538			bdev = lvp->v_rdev;
1539			VN_RELE(lvp);
1540			VN_RELE(bvp);
1541		}
1542
1543		vfs_addmip(bdev, vfsp);
1544		addmip = 0;
1545		delmip = 1;
1546	}
1547	/*
1548	 * Invalidate cached entry for the mount point.
1549	 */
1550	if (splice)
1551		dnlc_purge_vp(vp);
1552
1553	/*
1554	 * If have an option string but the filesystem doesn't supply a
1555	 * prototype options table, create a table with the global
1556	 * options and sufficient room to accept all the options in the
1557	 * string.  Then parse the passed in option string
1558	 * accepting all the options in the string.  This gives us an
1559	 * option table with all the proper cancel properties for the
1560	 * global options.
1561	 *
1562	 * Filesystems that supply a prototype options table are handled
1563	 * earlier in this function.
1564	 */
1565	if (uap->flags & MS_OPTIONSTR) {
1566		if (!(vswp->vsw_flag & VSW_HASPROTO)) {
1567			mntopts_t tmp_mntopts;
1568
1569			tmp_mntopts.mo_count = 0;
1570			vfs_createopttbl_extend(&tmp_mntopts, inargs,
1571			    &mnt_mntopts);
1572			vfs_parsemntopts(&tmp_mntopts, inargs, 1);
1573			vfs_swapopttbl_nolock(&mnt_mntopts, &tmp_mntopts);
1574			vfs_freeopttbl(&tmp_mntopts);
1575		}
1576	}
1577
1578	/*
1579	 * Serialize with zone state transitions.
1580	 * See vfs_list_add; zone mounted into is:
1581	 *	zone_find_by_path(refstr_value(vfsp->vfs_mntpt))
1582	 * not the zone doing the mount (curproc->p_zone), but if we're already
1583	 * inside a NGZ, then we know what zone we are.
1584	 */
1585	if (INGLOBALZONE(curproc)) {
1586		zone = zone_find_by_path(mountpt);
1587		ASSERT(zone != NULL);
1588	} else {
1589		zone = curproc->p_zone;
1590		/*
1591		 * zone_find_by_path does a hold, so do one here too so that
1592		 * we can do a zone_rele after mount_completed.
1593		 */
1594		zone_hold(zone);
1595	}
1596	mount_in_progress(zone);
1597	/*
1598	 * Instantiate (or reinstantiate) the file system.  If appropriate,
1599	 * splice it into the file system name space.
1600	 *
1601	 * We want VFS_MOUNT() to be able to override the vfs_resource
1602	 * string if necessary (ie, mntfs), and also for a remount to
1603	 * change the same (necessary when remounting '/' during boot).
1604	 * So we set up vfs_mntpt and vfs_resource to what we think they
1605	 * should be, then hand off control to VFS_MOUNT() which can
1606	 * override this.
1607	 *
1608	 * For safety's sake, when changing vfs_resource or vfs_mntpt of
1609	 * a vfs which is on the vfs list (i.e. during a remount), we must
1610	 * never set those fields to NULL. Several bits of code make
1611	 * assumptions that the fields are always valid.
1612	 */
1613	vfs_swapopttbl(&mnt_mntopts, &vfsp->vfs_mntopts);
1614	if (remount) {
1615		if ((oldresource = vfsp->vfs_resource) != NULL)
1616			refstr_hold(oldresource);
1617		if ((oldmntpt = vfsp->vfs_mntpt) != NULL)
1618			refstr_hold(oldmntpt);
1619	}
1620	vfs_setresource(vfsp, resource, 0);
1621	vfs_setmntpoint(vfsp, mountpt, 0);
1622
1623	/*
1624	 * going to mount on this vnode, so notify.
1625	 */
1626	vnevent_mountedover(vp, NULL);
1627	error = VFS_MOUNT(vfsp, vp, uap, credp);
1628
1629	if (uap->flags & MS_RDONLY)
1630		vfs_setmntopt(vfsp, MNTOPT_RO, NULL, 0);
1631	if (uap->flags & MS_NOSUID)
1632		vfs_setmntopt(vfsp, MNTOPT_NOSUID, NULL, 0);
1633	if (uap->flags & MS_GLOBAL)
1634		vfs_setmntopt(vfsp, MNTOPT_GLOBAL, NULL, 0);
1635
1636	if (error) {
1637		lofi_remove(vfsp);
1638
1639		if (remount) {
1640			/* put back pre-remount options */
1641			vfs_swapopttbl(&mnt_mntopts, &vfsp->vfs_mntopts);
1642			vfs_setmntpoint(vfsp, refstr_value(oldmntpt),
1643			    VFSSP_VERBATIM);
1644			if (oldmntpt)
1645				refstr_rele(oldmntpt);
1646			vfs_setresource(vfsp, refstr_value(oldresource),
1647			    VFSSP_VERBATIM);
1648			if (oldresource)
1649				refstr_rele(oldresource);
1650			vfsp->vfs_flag = ovflags;
1651			vfs_unlock(vfsp);
1652			VFS_RELE(vfsp);
1653		} else {
1654			vfs_unlock(vfsp);
1655			vfs_freemnttab(vfsp);
1656			vfs_free(vfsp);
1657		}
1658	} else {
1659		/*
1660		 * Set the mount time to now
1661		 */
1662		vfsp->vfs_mtime = ddi_get_time();
1663		if (remount) {
1664			vfsp->vfs_flag &= ~VFS_REMOUNT;
1665			if (oldresource)
1666				refstr_rele(oldresource);
1667			if (oldmntpt)
1668				refstr_rele(oldmntpt);
1669		} else if (splice) {
1670			/*
1671			 * Link vfsp into the name space at the mount
1672			 * point. Vfs_add() is responsible for
1673			 * holding the mount point which will be
1674			 * released when vfs_remove() is called.
1675			 */
1676			vfs_add(vp, vfsp, uap->flags);
1677		} else {
1678			/*
1679			 * Hold the reference to file system which is
1680			 * not linked into the name space.
1681			 */
1682			vfsp->vfs_zone = NULL;
1683			VFS_HOLD(vfsp);
1684			vfsp->vfs_vnodecovered = NULL;
1685		}
1686		/*
1687		 * Set flags for global options encountered
1688		 */
1689		if (vfs_optionisset(vfsp, MNTOPT_RO, NULL))
1690			vfsp->vfs_flag |= VFS_RDONLY;
1691		else
1692			vfsp->vfs_flag &= ~VFS_RDONLY;
1693		if (vfs_optionisset(vfsp, MNTOPT_NOSUID, NULL)) {
1694			vfsp->vfs_flag |= (VFS_NOSETUID|VFS_NODEVICES);
1695		} else {
1696			if (vfs_optionisset(vfsp, MNTOPT_NODEVICES, NULL))
1697				vfsp->vfs_flag |= VFS_NODEVICES;
1698			else
1699				vfsp->vfs_flag &= ~VFS_NODEVICES;
1700			if (vfs_optionisset(vfsp, MNTOPT_NOSETUID, NULL))
1701				vfsp->vfs_flag |= VFS_NOSETUID;
1702			else
1703				vfsp->vfs_flag &= ~VFS_NOSETUID;
1704		}
1705		if (vfs_optionisset(vfsp, MNTOPT_NBMAND, NULL))
1706			vfsp->vfs_flag |= VFS_NBMAND;
1707		else
1708			vfsp->vfs_flag &= ~VFS_NBMAND;
1709
1710		if (vfs_optionisset(vfsp, MNTOPT_XATTR, NULL))
1711			vfsp->vfs_flag |= VFS_XATTR;
1712		else
1713			vfsp->vfs_flag &= ~VFS_XATTR;
1714
1715		if (vfs_optionisset(vfsp, MNTOPT_NOEXEC, NULL))
1716			vfsp->vfs_flag |= VFS_NOEXEC;
1717		else
1718			vfsp->vfs_flag &= ~VFS_NOEXEC;
1719
1720		/*
1721		 * Now construct the output option string of options
1722		 * we recognized.
1723		 */
1724		if (uap->flags & MS_OPTIONSTR) {
1725			vfs_list_read_lock();
1726			copyout_error = vfs_buildoptionstr(
1727			    &vfsp->vfs_mntopts, inargs, optlen);
1728			vfs_list_unlock();
1729			if (copyout_error == 0 &&
1730			    (uap->flags & MS_SYSSPACE) == 0) {
1731				copyout_error = copyoutstr(inargs, opts,
1732				    optlen, NULL);
1733			}
1734		}
1735
1736		/*
1737		 * If this isn't a remount, set up the vopstats before
1738		 * anyone can touch this. We only allow spliced file
1739		 * systems (file systems which are in the namespace) to
1740		 * have the VFS_STATS flag set.
1741		 * NOTE: PxFS mounts the underlying file system with
1742		 * MS_NOSPLICE set and copies those vfs_flags to its private
1743		 * vfs structure. As a result, PxFS should never have
1744		 * the VFS_STATS flag or else we might access the vfs
1745		 * statistics-related fields prior to them being
1746		 * properly initialized.
1747		 */
1748		if (!remount && (vswp->vsw_flag & VSW_STATS) && splice) {
1749			initialize_vopstats(&vfsp->vfs_vopstats);
1750			/*
1751			 * We need to set vfs_vskap to NULL because there's
1752			 * a chance it won't be set below.  This is checked
1753			 * in teardown_vopstats() so we can't have garbage.
1754			 */
1755			vfsp->vfs_vskap = NULL;
1756			vfsp->vfs_flag |= VFS_STATS;
1757			vfsp->vfs_fstypevsp = get_fstype_vopstats(vfsp, vswp);
1758		}
1759
1760		if (vswp->vsw_flag & VSW_XID)
1761			vfsp->vfs_flag |= VFS_XID;
1762
1763		vfs_unlock(vfsp);
1764	}
1765	mount_completed(zone);
1766	zone_rele(zone);
1767	if (splice)
1768		vn_vfsunlock(vp);
1769
1770	if ((error == 0) && (copyout_error == 0)) {
1771		if (!remount) {
1772			/*
1773			 * Don't call get_vskstat_anchor() while holding
1774			 * locks since it allocates memory and calls
1775			 * VFS_STATVFS().  For NFS, the latter can generate
1776			 * an over-the-wire call.
1777			 */
1778			vskap = get_vskstat_anchor(vfsp);
1779			/* Only take the lock if we have something to do */
1780			if (vskap != NULL) {
1781				vfs_lock_wait(vfsp);
1782				if (vfsp->vfs_flag & VFS_STATS) {
1783					vfsp->vfs_vskap = vskap;
1784				}
1785				vfs_unlock(vfsp);
1786			}
1787		}
1788		/* Return vfsp to caller. */
1789		*vfspp = vfsp;
1790	}
1791errout:
1792	vfs_freeopttbl(&mnt_mntopts);
1793	if (resource != NULL)
1794		kmem_free(resource, strlen(resource) + 1);
1795	if (mountpt != NULL)
1796		kmem_free(mountpt, strlen(mountpt) + 1);
1797	/*
1798	 * It is possible we errored prior to adding to mount in progress
1799	 * table. Must free vnode we acquired with successful lookupname.
1800	 */
1801	if (addmip)
1802		VN_RELE(bvp);
1803	if (delmip)
1804		vfs_delmip(vfsp);
1805	ASSERT(vswp != NULL);
1806	vfs_unrefvfssw(vswp);
1807	if (inargs != opts)
1808		kmem_free(inargs, MAX_MNTOPT_STR);
1809	if (copyout_error) {
1810		lofi_remove(vfsp);
1811		VFS_RELE(vfsp);
1812		error = copyout_error;
1813	}
1814	return (error);
1815}
1816
1817static void
1818vfs_setpath(
1819    struct vfs *vfsp,		/* vfs being updated */
1820    refstr_t **refp,		/* Ref-count string to contain the new path */
1821    const char *newpath,	/* Path to add to refp (above) */
1822    uint32_t flag)		/* flag */
1823{
1824	size_t len;
1825	refstr_t *ref;
1826	zone_t *zone = curproc->p_zone;
1827	char *sp;
1828	int have_list_lock = 0;
1829
1830	ASSERT(!VFS_ON_LIST(vfsp) || vfs_lock_held(vfsp));
1831
1832	/*
1833	 * New path must be less than MAXPATHLEN because mntfs
1834	 * will only display up to MAXPATHLEN bytes. This is currently
1835	 * safe, because domount() uses pn_get(), and other callers
1836	 * similarly cap the size to fewer than MAXPATHLEN bytes.
1837	 */
1838
1839	ASSERT(strlen(newpath) < MAXPATHLEN);
1840
1841	/* mntfs requires consistency while vfs list lock is held */
1842
1843	if (VFS_ON_LIST(vfsp)) {
1844		have_list_lock = 1;
1845		vfs_list_lock();
1846	}
1847
1848	if (*refp != NULL)
1849		refstr_rele(*refp);
1850
1851	/*
1852	 * If we are in a non-global zone then we prefix the supplied path,
1853	 * newpath, with the zone's root path, with two exceptions. The first
1854	 * is where we have been explicitly directed to avoid doing so; this
1855	 * will be the case following a failed remount, where the path supplied
1856	 * will be a saved version which must now be restored. The second
1857	 * exception is where newpath is not a pathname but a descriptive name,
1858	 * e.g. "procfs".
1859	 */
1860	if (zone == global_zone || (flag & VFSSP_VERBATIM) || *newpath != '/') {
1861		ref = refstr_alloc(newpath);
1862		goto out;
1863	}
1864
1865	/*
1866	 * Truncate the trailing '/' in the zoneroot, and merge
1867	 * in the zone's rootpath with the "newpath" (resource
1868	 * or mountpoint) passed in.
1869	 *
1870	 * The size of the required buffer is thus the size of
1871	 * the buffer required for the passed-in newpath
1872	 * (strlen(newpath) + 1), plus the size of the buffer
1873	 * required to hold zone_rootpath (zone_rootpathlen)
1874	 * minus one for one of the now-superfluous NUL
1875	 * terminations, minus one for the trailing '/'.
1876	 *
1877	 * That gives us:
1878	 *
1879	 * (strlen(newpath) + 1) + zone_rootpathlen - 1 - 1
1880	 *
1881	 * Which is what we have below.
1882	 */
1883
1884	len = strlen(newpath) + zone->zone_rootpathlen - 1;
1885	sp = kmem_alloc(len, KM_SLEEP);
1886
1887	/*
1888	 * Copy everything including the trailing slash, which
1889	 * we then overwrite with the NUL character.
1890	 */
1891
1892	(void) strcpy(sp, zone->zone_rootpath);
1893	sp[zone->zone_rootpathlen - 2] = '\0';
1894	(void) strcat(sp, newpath);
1895
1896	ref = refstr_alloc(sp);
1897	kmem_free(sp, len);
1898out:
1899	*refp = ref;
1900
1901	if (have_list_lock) {
1902		vfs_mnttab_modtimeupd();
1903		vfs_list_unlock();
1904	}
1905}
1906
1907/*
1908 * Record a mounted resource name in a vfs structure.
1909 * If vfsp is already mounted, caller must hold the vfs lock.
1910 */
1911void
1912vfs_setresource(struct vfs *vfsp, const char *resource, uint32_t flag)
1913{
1914	if (resource == NULL || resource[0] == '\0')
1915		resource = VFS_NORESOURCE;
1916	vfs_setpath(vfsp, &vfsp->vfs_resource, resource, flag);
1917}
1918
1919/*
1920 * Record a mount point name in a vfs structure.
1921 * If vfsp is already mounted, caller must hold the vfs lock.
1922 */
1923void
1924vfs_setmntpoint(struct vfs *vfsp, const char *mntpt, uint32_t flag)
1925{
1926	if (mntpt == NULL || mntpt[0] == '\0')
1927		mntpt = VFS_NOMNTPT;
1928	vfs_setpath(vfsp, &vfsp->vfs_mntpt, mntpt, flag);
1929}
1930
1931/* Returns the vfs_resource. Caller must call refstr_rele() when finished. */
1932
1933refstr_t *
1934vfs_getresource(const struct vfs *vfsp)
1935{
1936	refstr_t *resource;
1937
1938	vfs_list_read_lock();
1939	resource = vfsp->vfs_resource;
1940	refstr_hold(resource);
1941	vfs_list_unlock();
1942
1943	return (resource);
1944}
1945
1946/* Returns the vfs_mntpt. Caller must call refstr_rele() when finished. */
1947
1948refstr_t *
1949vfs_getmntpoint(const struct vfs *vfsp)
1950{
1951	refstr_t *mntpt;
1952
1953	vfs_list_read_lock();
1954	mntpt = vfsp->vfs_mntpt;
1955	refstr_hold(mntpt);
1956	vfs_list_unlock();
1957
1958	return (mntpt);
1959}
1960
1961/*
1962 * Create an empty options table with enough empty slots to hold all
1963 * The options in the options string passed as an argument.
1964 * Potentially prepend another options table.
1965 *
1966 * Note: caller is responsible for locking the vfs list, if needed,
1967 *       to protect mops.
1968 */
1969static void
1970vfs_createopttbl_extend(mntopts_t *mops, const char *opts,
1971    const mntopts_t *mtmpl)
1972{
1973	const char *s = opts;
1974	uint_t count;
1975
1976	if (opts == NULL || *opts == '\0') {
1977		count = 0;
1978	} else {
1979		count = 1;
1980
1981		/*
1982		 * Count number of options in the string
1983		 */
1984		for (s = strchr(s, ','); s != NULL; s = strchr(s, ',')) {
1985			count++;
1986			s++;
1987		}
1988	}
1989	vfs_copyopttbl_extend(mtmpl, mops, count);
1990}
1991
1992/*
1993 * Create an empty options table with enough empty slots to hold all
1994 * The options in the options string passed as an argument.
1995 *
1996 * This function is *not* for general use by filesystems.
1997 *
1998 * Note: caller is responsible for locking the vfs list, if needed,
1999 *       to protect mops.
2000 */
2001void
2002vfs_createopttbl(mntopts_t *mops, const char *opts)
2003{
2004	vfs_createopttbl_extend(mops, opts, NULL);
2005}
2006
2007
2008/*
2009 * Swap two mount options tables
2010 */
2011static void
2012vfs_swapopttbl_nolock(mntopts_t *optbl1, mntopts_t *optbl2)
2013{
2014	uint_t tmpcnt;
2015	mntopt_t *tmplist;
2016
2017	tmpcnt = optbl2->mo_count;
2018	tmplist = optbl2->mo_list;
2019	optbl2->mo_count = optbl1->mo_count;
2020	optbl2->mo_list = optbl1->mo_list;
2021	optbl1->mo_count = tmpcnt;
2022	optbl1->mo_list = tmplist;
2023}
2024
2025static void
2026vfs_swapopttbl(mntopts_t *optbl1, mntopts_t *optbl2)
2027{
2028	vfs_list_lock();
2029	vfs_swapopttbl_nolock(optbl1, optbl2);
2030	vfs_mnttab_modtimeupd();
2031	vfs_list_unlock();
2032}
2033
2034static char **
2035vfs_copycancelopt_extend(char **const moc, int extend)
2036{
2037	int i = 0;
2038	int j;
2039	char **result;
2040
2041	if (moc != NULL) {
2042		for (; moc[i] != NULL; i++)
2043			/* count number of options to cancel */;
2044	}
2045
2046	if (i + extend == 0)
2047		return (NULL);
2048
2049	result = kmem_alloc((i + extend + 1) * sizeof (char *), KM_SLEEP);
2050
2051	for (j = 0; j < i; j++) {
2052		result[j] = kmem_alloc(strlen(moc[j]) + 1, KM_SLEEP);
2053		(void) strcpy(result[j], moc[j]);
2054	}
2055	for (; j <= i + extend; j++)
2056		result[j] = NULL;
2057
2058	return (result);
2059}
2060
2061static void
2062vfs_copyopt(const mntopt_t *s, mntopt_t *d)
2063{
2064	char *sp, *dp;
2065
2066	d->mo_flags = s->mo_flags;
2067	d->mo_data = s->mo_data;
2068	sp = s->mo_name;
2069	if (sp != NULL) {
2070		dp = kmem_alloc(strlen(sp) + 1, KM_SLEEP);
2071		(void) strcpy(dp, sp);
2072		d->mo_name = dp;
2073	} else {
2074		d->mo_name = NULL; /* should never happen */
2075	}
2076
2077	d->mo_cancel = vfs_copycancelopt_extend(s->mo_cancel, 0);
2078
2079	sp = s->mo_arg;
2080	if (sp != NULL) {
2081		dp = kmem_alloc(strlen(sp) + 1, KM_SLEEP);
2082		(void) strcpy(dp, sp);
2083		d->mo_arg = dp;
2084	} else {
2085		d->mo_arg = NULL;
2086	}
2087}
2088
2089/*
2090 * Copy a mount options table, possibly allocating some spare
2091 * slots at the end.  It is permissible to copy_extend the NULL table.
2092 */
2093static void
2094vfs_copyopttbl_extend(const mntopts_t *smo, mntopts_t *dmo, int extra)
2095{
2096	uint_t i, count;
2097	mntopt_t *motbl;
2098
2099	/*
2100	 * Clear out any existing stuff in the options table being initialized
2101	 */
2102	vfs_freeopttbl(dmo);
2103	count = (smo == NULL) ? 0 : smo->mo_count;
2104	if ((count + extra) == 0)	/* nothing to do */
2105		return;
2106	dmo->mo_count = count + extra;
2107	motbl = kmem_zalloc((count + extra) * sizeof (mntopt_t), KM_SLEEP);
2108	dmo->mo_list = motbl;
2109	for (i = 0; i < count; i++) {
2110		vfs_copyopt(&smo->mo_list[i], &motbl[i]);
2111	}
2112	for (i = count; i < count + extra; i++) {
2113		motbl[i].mo_flags = MO_EMPTY;
2114	}
2115}
2116
2117/*
2118 * Copy a mount options table.
2119 *
2120 * This function is *not* for general use by filesystems.
2121 *
2122 * Note: caller is responsible for locking the vfs list, if needed,
2123 *       to protect smo and dmo.
2124 */
2125void
2126vfs_copyopttbl(const mntopts_t *smo, mntopts_t *dmo)
2127{
2128	vfs_copyopttbl_extend(smo, dmo, 0);
2129}
2130
2131static char **
2132vfs_mergecancelopts(const mntopt_t *mop1, const mntopt_t *mop2)
2133{
2134	int c1 = 0;
2135	int c2 = 0;
2136	char **result;
2137	char **sp1, **sp2, **dp;
2138
2139	/*
2140	 * First we count both lists of cancel options.
2141	 * If either is NULL or has no elements, we return a copy of
2142	 * the other.
2143	 */
2144	if (mop1->mo_cancel != NULL) {
2145		for (; mop1->mo_cancel[c1] != NULL; c1++)
2146			/* count cancel options in mop1 */;
2147	}
2148
2149	if (c1 == 0)
2150		return (vfs_copycancelopt_extend(mop2->mo_cancel, 0));
2151
2152	if (mop2->mo_cancel != NULL) {
2153		for (; mop2->mo_cancel[c2] != NULL; c2++)
2154			/* count cancel options in mop2 */;
2155	}
2156
2157	result = vfs_copycancelopt_extend(mop1->mo_cancel, c2);
2158
2159	if (c2 == 0)
2160		return (result);
2161
2162	/*
2163	 * When we get here, we've got two sets of cancel options;
2164	 * we need to merge the two sets.  We know that the result
2165	 * array has "c1+c2+1" entries and in the end we might shrink
2166	 * it.
2167	 * Result now has a copy of the c1 entries from mop1; we'll
2168	 * now lookup all the entries of mop2 in mop1 and copy it if
2169	 * it is unique.
2170	 * This operation is O(n^2) but it's only called once per
2171	 * filesystem per duplicate option.  This is a situation
2172	 * which doesn't arise with the filesystems in ON and
2173	 * n is generally 1.
2174	 */
2175
2176	dp = &result[c1];
2177	for (sp2 = mop2->mo_cancel; *sp2 != NULL; sp2++) {
2178		for (sp1 = mop1->mo_cancel; *sp1 != NULL; sp1++) {
2179			if (strcmp(*sp1, *sp2) == 0)
2180				break;
2181		}
2182		if (*sp1 == NULL) {
2183			/*
2184			 * Option *sp2 not found in mop1, so copy it.
2185			 * The calls to vfs_copycancelopt_extend()
2186			 * guarantee that there's enough room.
2187			 */
2188			*dp = kmem_alloc(strlen(*sp2) + 1, KM_SLEEP);
2189			(void) strcpy(*dp++, *sp2);
2190		}
2191	}
2192	if (dp != &result[c1+c2]) {
2193		size_t bytes = (dp - result + 1) * sizeof (char *);
2194		char **nres = kmem_alloc(bytes, KM_SLEEP);
2195
2196		bcopy(result, nres, bytes);
2197		kmem_free(result, (c1 + c2 + 1) * sizeof (char *));
2198		result = nres;
2199	}
2200	return (result);
2201}
2202
2203/*
2204 * Merge two mount option tables (outer and inner) into one.  This is very
2205 * similar to "merging" global variables and automatic variables in C.
2206 *
2207 * This isn't (and doesn't have to be) fast.
2208 *
2209 * This function is *not* for general use by filesystems.
2210 *
2211 * Note: caller is responsible for locking the vfs list, if needed,
2212 *       to protect omo, imo & dmo.
2213 */
2214void
2215vfs_mergeopttbl(const mntopts_t *omo, const mntopts_t *imo, mntopts_t *dmo)
2216{
2217	uint_t i, count;
2218	mntopt_t *mop, *motbl;
2219	uint_t freeidx;
2220
2221	/*
2222	 * First determine how much space we need to allocate.
2223	 */
2224	count = omo->mo_count;
2225	for (i = 0; i < imo->mo_count; i++) {
2226		if (imo->mo_list[i].mo_flags & MO_EMPTY)
2227			continue;
2228		if (vfs_hasopt(omo, imo->mo_list[i].mo_name) == NULL)
2229			count++;
2230	}
2231	ASSERT(count >= omo->mo_count &&
2232	    count <= omo->mo_count + imo->mo_count);
2233	motbl = kmem_alloc(count * sizeof (mntopt_t), KM_SLEEP);
2234	for (i = 0; i < omo->mo_count; i++)
2235		vfs_copyopt(&omo->mo_list[i], &motbl[i]);
2236	freeidx = omo->mo_count;
2237	for (i = 0; i < imo->mo_count; i++) {
2238		if (imo->mo_list[i].mo_flags & MO_EMPTY)
2239			continue;
2240		if ((mop = vfs_hasopt(omo, imo->mo_list[i].mo_name)) != NULL) {
2241			char **newcanp;
2242			uint_t index = mop - omo->mo_list;
2243
2244			newcanp = vfs_mergecancelopts(mop, &motbl[index]);
2245
2246			vfs_freeopt(&motbl[index]);
2247			vfs_copyopt(&imo->mo_list[i], &motbl[index]);
2248
2249			vfs_freecancelopt(motbl[index].mo_cancel);
2250			motbl[index].mo_cancel = newcanp;
2251		} else {
2252			/*
2253			 * If it's a new option, just copy it over to the first
2254			 * free location.
2255			 */
2256			vfs_copyopt(&imo->mo_list[i], &motbl[freeidx++]);
2257		}
2258	}
2259	dmo->mo_count = count;
2260	dmo->mo_list = motbl;
2261}
2262
2263/*
2264 * Functions to set and clear mount options in a mount options table.
2265 */
2266
2267/*
2268 * Clear a mount option, if it exists.
2269 *
2270 * The update_mnttab arg indicates whether mops is part of a vfs that is on
2271 * the vfs list.
2272 */
2273static void
2274vfs_clearmntopt_nolock(mntopts_t *mops, const char *opt, int update_mnttab)
2275{
2276	struct mntopt *mop;
2277	uint_t i, count;
2278
2279	ASSERT(!update_mnttab || RW_WRITE_HELD(&vfslist));
2280
2281	count = mops->mo_count;
2282	for (i = 0; i < count; i++) {
2283		mop = &mops->mo_list[i];
2284
2285		if (mop->mo_flags & MO_EMPTY)
2286			continue;
2287		if (strcmp(opt, mop->mo_name))
2288			continue;
2289		mop->mo_flags &= ~MO_SET;
2290		if (mop->mo_arg != NULL) {
2291			kmem_free(mop->mo_arg, strlen(mop->mo_arg) + 1);
2292		}
2293		mop->mo_arg = NULL;
2294		if (update_mnttab)
2295			vfs_mnttab_modtimeupd();
2296		break;
2297	}
2298}
2299
2300void
2301vfs_clearmntopt(struct vfs *vfsp, const char *opt)
2302{
2303	int gotlock = 0;
2304
2305	if (VFS_ON_LIST(vfsp)) {
2306		gotlock = 1;
2307		vfs_list_lock();
2308	}
2309	vfs_clearmntopt_nolock(&vfsp->vfs_mntopts, opt, gotlock);
2310	if (gotlock)
2311		vfs_list_unlock();
2312}
2313
2314
2315/*
2316 * Set a mount option on.  If it's not found in the table, it's silently
2317 * ignored.  If the option has MO_IGNORE set, it is still set unless the
2318 * VFS_NOFORCEOPT bit is set in the flags.  Also, VFS_DISPLAY/VFS_NODISPLAY flag
2319 * bits can be used to toggle the MO_NODISPLAY bit for the option.
2320 * If the VFS_CREATEOPT flag bit is set then the first option slot with
2321 * MO_EMPTY set is created as the option passed in.
2322 *
2323 * The update_mnttab arg indicates whether mops is part of a vfs that is on
2324 * the vfs list.
2325 */
2326static void
2327vfs_setmntopt_nolock(mntopts_t *mops, const char *opt,
2328    const char *arg, int flags, int update_mnttab)
2329{
2330	mntopt_t *mop;
2331	uint_t i, count;
2332	char *sp;
2333
2334	ASSERT(!update_mnttab || RW_WRITE_HELD(&vfslist));
2335
2336	if (flags & VFS_CREATEOPT) {
2337		if (vfs_hasopt(mops, opt) != NULL) {
2338			flags &= ~VFS_CREATEOPT;
2339		}
2340	}
2341	count = mops->mo_count;
2342	for (i = 0; i < count; i++) {
2343		mop = &mops->mo_list[i];
2344
2345		if (mop->mo_flags & MO_EMPTY) {
2346			if ((flags & VFS_CREATEOPT) == 0)
2347				continue;
2348			sp = kmem_alloc(strlen(opt) + 1, KM_SLEEP);
2349			(void) strcpy(sp, opt);
2350			mop->mo_name = sp;
2351			if (arg != NULL)
2352				mop->mo_flags = MO_HASVALUE;
2353			else
2354				mop->mo_flags = 0;
2355		} else if (strcmp(opt, mop->mo_name)) {
2356			continue;
2357		}
2358		if ((mop->mo_flags & MO_IGNORE) && (flags & VFS_NOFORCEOPT))
2359			break;
2360		if (arg != NULL && (mop->mo_flags & MO_HASVALUE) != 0) {
2361			sp = kmem_alloc(strlen(arg) + 1, KM_SLEEP);
2362			(void) strcpy(sp, arg);
2363		} else {
2364			sp = NULL;
2365		}
2366		if (mop->mo_arg != NULL)
2367			kmem_free(mop->mo_arg, strlen(mop->mo_arg) + 1);
2368		mop->mo_arg = sp;
2369		if (flags & VFS_DISPLAY)
2370			mop->mo_flags &= ~MO_NODISPLAY;
2371		if (flags & VFS_NODISPLAY)
2372			mop->mo_flags |= MO_NODISPLAY;
2373		mop->mo_flags |= MO_SET;
2374		if (mop->mo_cancel != NULL) {
2375			char **cp;
2376
2377			for (cp = mop->mo_cancel; *cp != NULL; cp++)
2378				vfs_clearmntopt_nolock(mops, *cp, 0);
2379		}
2380		if (update_mnttab)
2381			vfs_mnttab_modtimeupd();
2382		break;
2383	}
2384}
2385
2386void
2387vfs_setmntopt(struct vfs *vfsp, const char *opt, const char *arg, int flags)
2388{
2389	int gotlock = 0;
2390
2391	if (VFS_ON_LIST(vfsp)) {
2392		gotlock = 1;
2393		vfs_list_lock();
2394	}
2395	vfs_setmntopt_nolock(&vfsp->vfs_mntopts, opt, arg, flags, gotlock);
2396	if (gotlock)
2397		vfs_list_unlock();
2398}
2399
2400
2401/*
2402 * Add a "tag" option to a mounted file system's options list.
2403 *
2404 * Note: caller is responsible for locking the vfs list, if needed,
2405 *       to protect mops.
2406 */
2407static mntopt_t *
2408vfs_addtag(mntopts_t *mops, const char *tag)
2409{
2410	uint_t count;
2411	mntopt_t *mop, *motbl;
2412
2413	count = mops->mo_count + 1;
2414	motbl = kmem_zalloc(count * sizeof (mntopt_t), KM_SLEEP);
2415	if (mops->mo_count) {
2416		size_t len = (count - 1) * sizeof (mntopt_t);
2417
2418		bcopy(mops->mo_list, motbl, len);
2419		kmem_free(mops->mo_list, len);
2420	}
2421	mops->mo_count = count;
2422	mops->mo_list = motbl;
2423	mop = &motbl[count - 1];
2424	mop->mo_flags = MO_TAG;
2425	mop->mo_name = kmem_alloc(strlen(tag) + 1, KM_SLEEP);
2426	(void) strcpy(mop->mo_name, tag);
2427	return (mop);
2428}
2429
2430/*
2431 * Allow users to set arbitrary "tags" in a vfs's mount options.
2432 * Broader use within the kernel is discouraged.
2433 */
2434int
2435vfs_settag(uint_t major, uint_t minor, const char *mntpt, const char *tag,
2436    cred_t *cr)
2437{
2438	vfs_t *vfsp;
2439	mntopts_t *mops;
2440	mntopt_t *mop;
2441	int found = 0;
2442	dev_t dev = makedevice(major, minor);
2443	int err = 0;
2444	char *buf = kmem_alloc(MAX_MNTOPT_STR, KM_SLEEP);
2445
2446	/*
2447	 * Find the desired mounted file system
2448	 */
2449	vfs_list_lock();
2450	vfsp = rootvfs;
2451	do {
2452		if (vfsp->vfs_dev == dev &&
2453		    strcmp(mntpt, refstr_value(vfsp->vfs_mntpt)) == 0) {
2454			found = 1;
2455			break;
2456		}
2457		vfsp = vfsp->vfs_next;
2458	} while (vfsp != rootvfs);
2459
2460	if (!found) {
2461		err = EINVAL;
2462		goto out;
2463	}
2464	err = secpolicy_fs_config(cr, vfsp);
2465	if (err != 0)
2466		goto out;
2467
2468	mops = &vfsp->vfs_mntopts;
2469	/*
2470	 * Add tag if it doesn't already exist
2471	 */
2472	if ((mop = vfs_hasopt(mops, tag)) == NULL) {
2473		int len;
2474
2475		(void) vfs_buildoptionstr(mops, buf, MAX_MNTOPT_STR);
2476		len = strlen(buf);
2477		if (len + strlen(tag) + 2 > MAX_MNTOPT_STR) {
2478			err = ENAMETOOLONG;
2479			goto out;
2480		}
2481		mop = vfs_addtag(mops, tag);
2482	}
2483	if ((mop->mo_flags & MO_TAG) == 0) {
2484		err = EINVAL;
2485		goto out;
2486	}
2487	vfs_setmntopt_nolock(mops, tag, NULL, 0, 1);
2488out:
2489	vfs_list_unlock();
2490	kmem_free(buf, MAX_MNTOPT_STR);
2491	return (err);
2492}
2493
2494/*
2495 * Allow users to remove arbitrary "tags" in a vfs's mount options.
2496 * Broader use within the kernel is discouraged.
2497 */
2498int
2499vfs_clrtag(uint_t major, uint_t minor, const char *mntpt, const char *tag,
2500    cred_t *cr)
2501{
2502	vfs_t *vfsp;
2503	mntopt_t *mop;
2504	int found = 0;
2505	dev_t dev = makedevice(major, minor);
2506	int err = 0;
2507
2508	/*
2509	 * Find the desired mounted file system
2510	 */
2511	vfs_list_lock();
2512	vfsp = rootvfs;
2513	do {
2514		if (vfsp->vfs_dev == dev &&
2515		    strcmp(mntpt, refstr_value(vfsp->vfs_mntpt)) == 0) {
2516			found = 1;
2517			break;
2518		}
2519		vfsp = vfsp->vfs_next;
2520	} while (vfsp != rootvfs);
2521
2522	if (!found) {
2523		err = EINVAL;
2524		goto out;
2525	}
2526	err = secpolicy_fs_config(cr, vfsp);
2527	if (err != 0)
2528		goto out;
2529
2530	if ((mop = vfs_hasopt(&vfsp->vfs_mntopts, tag)) == NULL) {
2531		err = EINVAL;
2532		goto out;
2533	}
2534	if ((mop->mo_flags & MO_TAG) == 0) {
2535		err = EINVAL;
2536		goto out;
2537	}
2538	vfs_clearmntopt_nolock(&vfsp->vfs_mntopts, tag, 1);
2539out:
2540	vfs_list_unlock();
2541	return (err);
2542}
2543
2544/*
2545 * Function to parse an option string and fill in a mount options table.
2546 * Unknown options are silently ignored.  The input option string is modified
2547 * by replacing separators with nulls.  If the create flag is set, options
2548 * not found in the table are just added on the fly.  The table must have
2549 * an option slot marked MO_EMPTY to add an option on the fly.
2550 *
2551 * This function is *not* for general use by filesystems.
2552 *
2553 * Note: caller is responsible for locking the vfs list, if needed,
2554 *       to protect mops..
2555 */
2556void
2557vfs_parsemntopts(mntopts_t *mops, char *osp, int create)
2558{
2559	char *s = osp, *p, *nextop, *valp, *cp, *ep;
2560	int setflg = VFS_NOFORCEOPT;
2561
2562	if (osp == NULL)
2563		return;
2564	while (*s != '\0') {
2565		p = strchr(s, ',');	/* find next option */
2566		if (p == NULL) {
2567			cp = NULL;
2568			p = s + strlen(s);
2569		} else {
2570			cp = p;		/* save location of comma */
2571			*p++ = '\0';	/* mark end and point to next option */
2572		}
2573		nextop = p;
2574		p = strchr(s, '=');	/* look for value */
2575		if (p == NULL) {
2576			valp = NULL;	/* no value supplied */
2577		} else {
2578			ep = p;		/* save location of equals */
2579			*p++ = '\0';	/* end option and point to value */
2580			valp = p;
2581		}
2582		/*
2583		 * set option into options table
2584		 */
2585		if (create)
2586			setflg |= VFS_CREATEOPT;
2587		vfs_setmntopt_nolock(mops, s, valp, setflg, 0);
2588		if (cp != NULL)
2589			*cp = ',';	/* restore the comma */
2590		if (valp != NULL)
2591			*ep = '=';	/* restore the equals */
2592		s = nextop;
2593	}
2594}
2595
2596/*
2597 * Function to inquire if an option exists in a mount options table.
2598 * Returns a pointer to the option if it exists, else NULL.
2599 *
2600 * This function is *not* for general use by filesystems.
2601 *
2602 * Note: caller is responsible for locking the vfs list, if needed,
2603 *       to protect mops.
2604 */
2605struct mntopt *
2606vfs_hasopt(const mntopts_t *mops, const char *opt)
2607{
2608	struct mntopt *mop;
2609	uint_t i, count;
2610
2611	count = mops->mo_count;
2612	for (i = 0; i < count; i++) {
2613		mop = &mops->mo_list[i];
2614
2615		if (mop->mo_flags & MO_EMPTY)
2616			continue;
2617		if (strcmp(opt, mop->mo_name) == 0)
2618			return (mop);
2619	}
2620	return (NULL);
2621}
2622
2623/*
2624 * Function to inquire if an option is set in a mount options table.
2625 * Returns non-zero if set and fills in the arg pointer with a pointer to
2626 * the argument string or NULL if there is no argument string.
2627 */
2628static int
2629vfs_optionisset_nolock(const mntopts_t *mops, const char *opt, char **argp)
2630{
2631	struct mntopt *mop;
2632	uint_t i, count;
2633
2634	count = mops->mo_count;
2635	for (i = 0; i < count; i++) {
2636		mop = &mops->mo_list[i];
2637
2638		if (mop->mo_flags & MO_EMPTY)
2639			continue;
2640		if (strcmp(opt, mop->mo_name))
2641			continue;
2642		if ((mop->mo_flags & MO_SET) == 0)
2643			return (0);
2644		if (argp != NULL && (mop->mo_flags & MO_HASVALUE) != 0)
2645			*argp = mop->mo_arg;
2646		return (1);
2647	}
2648	return (0);
2649}
2650
2651
2652int
2653vfs_optionisset(const struct vfs *vfsp, const char *opt, char **argp)
2654{
2655	int ret;
2656
2657	vfs_list_read_lock();
2658	ret = vfs_optionisset_nolock(&vfsp->vfs_mntopts, opt, argp);
2659	vfs_list_unlock();
2660	return (ret);
2661}
2662
2663
2664/*
2665 * Construct a comma separated string of the options set in the given
2666 * mount table, return the string in the given buffer.  Return non-zero if
2667 * the buffer would overflow.
2668 *
2669 * This function is *not* for general use by filesystems.
2670 *
2671 * Note: caller is responsible for locking the vfs list, if needed,
2672 *       to protect mp.
2673 */
2674int
2675vfs_buildoptionstr(const mntopts_t *mp, char *buf, int len)
2676{
2677	char *cp;
2678	uint_t i;
2679
2680	buf[0] = '\0';
2681	cp = buf;
2682	for (i = 0; i < mp->mo_count; i++) {
2683		struct mntopt *mop;
2684
2685		mop = &mp->mo_list[i];
2686		if (mop->mo_flags & MO_SET) {
2687			int optlen, comma = 0;
2688
2689			if (buf[0] != '\0')
2690				comma = 1;
2691			optlen = strlen(mop->mo_name);
2692			if (strlen(buf) + comma + optlen + 1 > len)
2693				goto err;
2694			if (comma)
2695				*cp++ = ',';
2696			(void) strcpy(cp, mop->mo_name);
2697			cp += optlen;
2698			/*
2699			 * Append option value if there is one
2700			 */
2701			if (mop->mo_arg != NULL) {
2702				int arglen;
2703
2704				arglen = strlen(mop->mo_arg);
2705				if (strlen(buf) + arglen + 2 > len)
2706					goto err;
2707				*cp++ = '=';
2708				(void) strcpy(cp, mop->mo_arg);
2709				cp += arglen;
2710			}
2711		}
2712	}
2713	return (0);
2714err:
2715	return (EOVERFLOW);
2716}
2717
2718static void
2719vfs_freecancelopt(char **moc)
2720{
2721	if (moc != NULL) {
2722		int ccnt = 0;
2723		char **cp;
2724
2725		for (cp = moc; *cp != NULL; cp++) {
2726			kmem_free(*cp, strlen(*cp) + 1);
2727			ccnt++;
2728		}
2729		kmem_free(moc, (ccnt + 1) * sizeof (char *));
2730	}
2731}
2732
2733static void
2734vfs_freeopt(mntopt_t *mop)
2735{
2736	if (mop->mo_name != NULL)
2737		kmem_free(mop->mo_name, strlen(mop->mo_name) + 1);
2738
2739	vfs_freecancelopt(mop->mo_cancel);
2740
2741	if (mop->mo_arg != NULL)
2742		kmem_free(mop->mo_arg, strlen(mop->mo_arg) + 1);
2743}
2744
2745/*
2746 * Free a mount options table
2747 *
2748 * This function is *not* for general use by filesystems.
2749 *
2750 * Note: caller is responsible for locking the vfs list, if needed,
2751 *       to protect mp.
2752 */
2753void
2754vfs_freeopttbl(mntopts_t *mp)
2755{
2756	uint_t i, count;
2757
2758	count = mp->mo_count;
2759	for (i = 0; i < count; i++) {
2760		vfs_freeopt(&mp->mo_list[i]);
2761	}
2762	if (count) {
2763		kmem_free(mp->mo_list, sizeof (mntopt_t) * count);
2764		mp->mo_count = 0;
2765		mp->mo_list = NULL;
2766	}
2767}
2768
2769
2770/* ARGSUSED */
2771static int
2772vfs_mntdummyread(vnode_t *vp, uio_t *uio, int ioflag, cred_t *cred,
2773    caller_context_t *ct)
2774{
2775	return (0);
2776}
2777
2778/* ARGSUSED */
2779static int
2780vfs_mntdummywrite(vnode_t *vp, uio_t *uio, int ioflag, cred_t *cred,
2781    caller_context_t *ct)
2782{
2783	return (0);
2784}
2785
2786/*
2787 * The dummy vnode is currently used only by file events notification
2788 * module which is just interested in the timestamps.
2789 */
2790/* ARGSUSED */
2791static int
2792vfs_mntdummygetattr(vnode_t *vp, vattr_t *vap, int flags, cred_t *cr,
2793    caller_context_t *ct)
2794{
2795	bzero(vap, sizeof (vattr_t));
2796	vap->va_type = VREG;
2797	vap->va_nlink = 1;
2798	vap->va_ctime = vfs_mnttab_ctime;
2799	/*
2800	 * it is ok to just copy mtime as the time will be monotonically
2801	 * increasing.
2802	 */
2803	vap->va_mtime = vfs_mnttab_mtime;
2804	vap->va_atime = vap->va_mtime;
2805	return (0);
2806}
2807
2808static void
2809vfs_mnttabvp_setup(void)
2810{
2811	vnode_t *tvp;
2812	vnodeops_t *vfs_mntdummyvnops;
2813	const fs_operation_def_t mnt_dummyvnodeops_template[] = {
2814		VOPNAME_READ,		{ .vop_read = vfs_mntdummyread },
2815		VOPNAME_WRITE,		{ .vop_write = vfs_mntdummywrite },
2816		VOPNAME_GETATTR,	{ .vop_getattr = vfs_mntdummygetattr },
2817		VOPNAME_VNEVENT,	{ .vop_vnevent = fs_vnevent_support },
2818		NULL,			NULL
2819	};
2820
2821	if (vn_make_ops("mnttab", mnt_dummyvnodeops_template,
2822	    &vfs_mntdummyvnops) != 0) {
2823		cmn_err(CE_WARN, "vfs_mnttabvp_setup: vn_make_ops failed");
2824		/* Shouldn't happen, but not bad enough to panic */
2825		return;
2826	}
2827
2828	/*
2829	 * A global dummy vnode is allocated to represent mntfs files.
2830	 * The mntfs file (/etc/mnttab) can be monitored for file events
2831	 * and receive an event when mnttab changes. Dummy VOP calls
2832	 * will be made on this vnode. The file events notification module
2833	 * intercepts this vnode and delivers relevant events.
2834	 */
2835	tvp = vn_alloc(KM_SLEEP);
2836	tvp->v_flag = VNOMOUNT|VNOMAP|VNOSWAP|VNOCACHE;
2837	vn_setops(tvp, vfs_mntdummyvnops);
2838	tvp->v_type = VREG;
2839	/*
2840	 * The mnt dummy ops do not reference v_data.
2841	 * No other module intercepting this vnode should either.
2842	 * Just set it to point to itself.
2843	 */
2844	tvp->v_data = (caddr_t)tvp;
2845	tvp->v_vfsp = rootvfs;
2846	vfs_mntdummyvp = tvp;
2847}
2848
2849/*
2850 * performs fake read/write ops
2851 */
2852static void
2853vfs_mnttab_rwop(int rw)
2854{
2855	struct uio	uio;
2856	struct iovec	iov;
2857	char	buf[1];
2858
2859	if (vfs_mntdummyvp == NULL)
2860		return;
2861
2862	bzero(&uio, sizeof (uio));
2863	bzero(&iov, sizeof (iov));
2864	iov.iov_base = buf;
2865	iov.iov_len = 0;
2866	uio.uio_iov = &iov;
2867	uio.uio_iovcnt = 1;
2868	uio.uio_loffset = 0;
2869	uio.uio_segflg = UIO_SYSSPACE;
2870	uio.uio_resid = 0;
2871	if (rw) {
2872		(void) VOP_WRITE(vfs_mntdummyvp, &uio, 0, kcred, NULL);
2873	} else {
2874		(void) VOP_READ(vfs_mntdummyvp, &uio, 0, kcred, NULL);
2875	}
2876}
2877
2878/*
2879 * Generate a write operation.
2880 */
2881void
2882vfs_mnttab_writeop(void)
2883{
2884	vfs_mnttab_rwop(1);
2885}
2886
2887/*
2888 * Generate a read operation.
2889 */
2890void
2891vfs_mnttab_readop(void)
2892{
2893	vfs_mnttab_rwop(0);
2894}
2895
2896/*
2897 * Free any mnttab information recorded in the vfs struct.
2898 * The vfs must not be on the vfs list.
2899 */
2900static void
2901vfs_freemnttab(struct vfs *vfsp)
2902{
2903	ASSERT(!VFS_ON_LIST(vfsp));
2904
2905	/*
2906	 * Free device and mount point information
2907	 */
2908	if (vfsp->vfs_mntpt != NULL) {
2909		refstr_rele(vfsp->vfs_mntpt);
2910		vfsp->vfs_mntpt = NULL;
2911	}
2912	if (vfsp->vfs_resource != NULL) {
2913		refstr_rele(vfsp->vfs_resource);
2914		vfsp->vfs_resource = NULL;
2915	}
2916	/*
2917	 * Now free mount options information
2918	 */
2919	vfs_freeopttbl(&vfsp->vfs_mntopts);
2920}
2921
2922/*
2923 * Return the last mnttab modification time
2924 */
2925void
2926vfs_mnttab_modtime(timespec_t *ts)
2927{
2928	ASSERT(RW_LOCK_HELD(&vfslist));
2929	*ts = vfs_mnttab_mtime;
2930}
2931
2932/*
2933 * See if mnttab is changed
2934 */
2935void
2936vfs_mnttab_poll(timespec_t *old, struct pollhead **phpp)
2937{
2938	int changed;
2939
2940	*phpp = (struct pollhead *)NULL;
2941
2942	/*
2943	 * Note: don't grab vfs list lock before accessing vfs_mnttab_mtime.
2944	 * Can lead to deadlock against vfs_mnttab_modtimeupd(). It is safe
2945	 * to not grab the vfs list lock because tv_sec is monotonically
2946	 * increasing.
2947	 */
2948
2949	changed = (old->tv_nsec != vfs_mnttab_mtime.tv_nsec) ||
2950	    (old->tv_sec != vfs_mnttab_mtime.tv_sec);
2951	if (!changed) {
2952		*phpp = &vfs_pollhd;
2953	}
2954}
2955
2956/* Provide a unique and monotonically-increasing timestamp. */
2957void
2958vfs_mono_time(timespec_t *ts)
2959{
2960	static volatile hrtime_t hrt;		/* The saved time. */
2961	hrtime_t	newhrt, oldhrt;		/* For effecting the CAS. */
2962	timespec_t	newts;
2963
2964	/*
2965	 * Try gethrestime() first, but be prepared to fabricate a sensible
2966	 * answer at the first sign of any trouble.
2967	 */
2968	gethrestime(&newts);
2969	newhrt = ts2hrt(&newts);
2970	for (;;) {
2971		oldhrt = hrt;
2972		if (newhrt <= hrt)
2973			newhrt = hrt + 1;
2974		if (atomic_cas_64((uint64_t *)&hrt, oldhrt, newhrt) == oldhrt)
2975			break;
2976	}
2977	hrt2ts(newhrt, ts);
2978}
2979
2980/*
2981 * Update the mnttab modification time and wake up any waiters for
2982 * mnttab changes
2983 */
2984void
2985vfs_mnttab_modtimeupd()
2986{
2987	hrtime_t oldhrt, newhrt;
2988
2989	ASSERT(RW_WRITE_HELD(&vfslist));
2990	oldhrt = ts2hrt(&vfs_mnttab_mtime);
2991	gethrestime(&vfs_mnttab_mtime);
2992	newhrt = ts2hrt(&vfs_mnttab_mtime);
2993	if (oldhrt == (hrtime_t)0)
2994		vfs_mnttab_ctime = vfs_mnttab_mtime;
2995	/*
2996	 * Attempt to provide unique mtime (like uniqtime but not).
2997	 */
2998	if (newhrt == oldhrt) {
2999		newhrt++;
3000		hrt2ts(newhrt, &vfs_mnttab_mtime);
3001	}
3002	pollwakeup(&vfs_pollhd, (short)POLLRDBAND);
3003	vfs_mnttab_writeop();
3004}
3005
3006int
3007dounmount(struct vfs *vfsp, int flag, cred_t *cr)
3008{
3009	vnode_t *coveredvp;
3010	int error;
3011	extern void teardown_vopstats(vfs_t *);
3012
3013	/*
3014	 * Get covered vnode. This will be NULL if the vfs is not linked
3015	 * into the file system name space (i.e., domount() with MNT_NOSPICE).
3016	 */
3017	coveredvp = vfsp->vfs_vnodecovered;
3018	ASSERT(coveredvp == NULL || vn_vfswlock_held(coveredvp));
3019
3020	/*
3021	 * Purge all dnlc entries for this vfs.
3022	 */
3023	(void) dnlc_purge_vfsp(vfsp, 0);
3024
3025	/* For forcible umount, skip VFS_SYNC() since it may hang */
3026	if ((flag & MS_FORCE) == 0)
3027		(void) VFS_SYNC(vfsp, 0, cr);
3028
3029	/*
3030	 * Lock the vfs to maintain fs status quo during unmount.  This
3031	 * has to be done after the sync because ufs_update tries to acquire
3032	 * the vfs_reflock.
3033	 */
3034	vfs_lock_wait(vfsp);
3035
3036	if (error = VFS_UNMOUNT(vfsp, flag, cr)) {
3037		vfs_unlock(vfsp);
3038		if (coveredvp != NULL)
3039			vn_vfsunlock(coveredvp);
3040	} else if (coveredvp != NULL) {
3041		teardown_vopstats(vfsp);
3042		/*
3043		 * vfs_remove() will do a VN_RELE(vfsp->vfs_vnodecovered)
3044		 * when it frees vfsp so we do a VN_HOLD() so we can
3045		 * continue to use coveredvp afterwards.
3046		 */
3047		VN_HOLD(coveredvp);
3048		vfs_remove(vfsp);
3049		vn_vfsunlock(coveredvp);
3050		VN_RELE(coveredvp);
3051	} else {
3052		teardown_vopstats(vfsp);
3053		/*
3054		 * Release the reference to vfs that is not linked
3055		 * into the name space.
3056		 */
3057		vfs_unlock(vfsp);
3058		VFS_RELE(vfsp);
3059	}
3060	return (error);
3061}
3062
3063
3064/*
3065 * Vfs_unmountall() is called by uadmin() to unmount all
3066 * mounted file systems (except the root file system) during shutdown.
3067 * It follows the existing locking protocol when traversing the vfs list
3068 * to sync and unmount vfses. Even though there should be no
3069 * other thread running while the system is shutting down, it is prudent
3070 * to still follow the locking protocol.
3071 */
3072void
3073vfs_unmountall(void)
3074{
3075	struct vfs *vfsp;
3076	struct vfs *prev_vfsp = NULL;
3077	int error;
3078
3079	/*
3080	 * Toss all dnlc entries now so that the per-vfs sync
3081	 * and unmount operations don't have to slog through
3082	 * a bunch of uninteresting vnodes over and over again.
3083	 */
3084	dnlc_purge();
3085
3086	vfs_list_lock();
3087	for (vfsp = rootvfs->vfs_prev; vfsp != rootvfs; vfsp = prev_vfsp) {
3088		prev_vfsp = vfsp->vfs_prev;
3089
3090		if (vfs_lock(vfsp) != 0)
3091			continue;
3092		error = vn_vfswlock(vfsp->vfs_vnodecovered);
3093		vfs_unlock(vfsp);
3094		if (error)
3095			continue;
3096
3097		vfs_list_unlock();
3098
3099		(void) VFS_SYNC(vfsp, SYNC_CLOSE, CRED());
3100		(void) dounmount(vfsp, 0, CRED());
3101
3102		/*
3103		 * Since we dropped the vfslist lock above we must
3104		 * verify that next_vfsp still exists, else start over.
3105		 */
3106		vfs_list_lock();
3107		for (vfsp = rootvfs->vfs_prev;
3108		    vfsp != rootvfs; vfsp = vfsp->vfs_prev)
3109			if (vfsp == prev_vfsp)
3110				break;
3111		if (vfsp == rootvfs && prev_vfsp != rootvfs)
3112			prev_vfsp = rootvfs->vfs_prev;
3113	}
3114	vfs_list_unlock();
3115}
3116
3117/*
3118 * Called to add an entry to the end of the vfs mount in progress list
3119 */
3120void
3121vfs_addmip(dev_t dev, struct vfs *vfsp)
3122{
3123	struct ipmnt *mipp;
3124
3125	mipp = (struct ipmnt *)kmem_alloc(sizeof (struct ipmnt), KM_SLEEP);
3126	mipp->mip_next = NULL;
3127	mipp->mip_dev = dev;
3128	mipp->mip_vfsp = vfsp;
3129	mutex_enter(&vfs_miplist_mutex);
3130	if (vfs_miplist_end != NULL)
3131		vfs_miplist_end->mip_next = mipp;
3132	else
3133		vfs_miplist = mipp;
3134	vfs_miplist_end = mipp;
3135	mutex_exit(&vfs_miplist_mutex);
3136}
3137
3138/*
3139 * Called to remove an entry from the mount in progress list
3140 * Either because the mount completed or it failed.
3141 */
3142void
3143vfs_delmip(struct vfs *vfsp)
3144{
3145	struct ipmnt *mipp, *mipprev;
3146
3147	mutex_enter(&vfs_miplist_mutex);
3148	mipprev = NULL;
3149	for (mipp = vfs_miplist;
3150	    mipp && mipp->mip_vfsp != vfsp; mipp = mipp->mip_next) {
3151		mipprev = mipp;
3152	}
3153	if (mipp == NULL)
3154		return; /* shouldn't happen */
3155	if (mipp == vfs_miplist_end)
3156		vfs_miplist_end = mipprev;
3157	if (mipprev == NULL)
3158		vfs_miplist = mipp->mip_next;
3159	else
3160		mipprev->mip_next = mipp->mip_next;
3161	mutex_exit(&vfs_miplist_mutex);
3162	kmem_free(mipp, sizeof (struct ipmnt));
3163}
3164
3165/*
3166 * vfs_add is called by a specific filesystem's mount routine to add
3167 * the new vfs into the vfs list/hash and to cover the mounted-on vnode.
3168 * The vfs should already have been locked by the caller.
3169 *
3170 * coveredvp is NULL if this is the root.
3171 */
3172void
3173vfs_add(vnode_t *coveredvp, struct vfs *vfsp, int mflag)
3174{
3175	int newflag;
3176
3177	ASSERT(vfs_lock_held(vfsp));
3178	VFS_HOLD(vfsp);
3179	newflag = vfsp->vfs_flag;
3180	if (mflag & MS_RDONLY)
3181		newflag |= VFS_RDONLY;
3182	else
3183		newflag &= ~VFS_RDONLY;
3184	if (mflag & MS_NOSUID)
3185		newflag |= (VFS_NOSETUID|VFS_NODEVICES);
3186	else
3187		newflag &= ~(VFS_NOSETUID|VFS_NODEVICES);
3188	if (mflag & MS_NOMNTTAB)
3189		newflag |= VFS_NOMNTTAB;
3190	else
3191		newflag &= ~VFS_NOMNTTAB;
3192
3193	if (coveredvp != NULL) {
3194		ASSERT(vn_vfswlock_held(coveredvp));
3195		coveredvp->v_vfsmountedhere = vfsp;
3196		VN_HOLD(coveredvp);
3197	}
3198	vfsp->vfs_vnodecovered = coveredvp;
3199	vfsp->vfs_flag = newflag;
3200
3201	vfs_list_add(vfsp);
3202}
3203
3204/*
3205 * Remove a vfs from the vfs list, null out the pointer from the
3206 * covered vnode to the vfs (v_vfsmountedhere), and null out the pointer
3207 * from the vfs to the covered vnode (vfs_vnodecovered). Release the
3208 * reference to the vfs and to the covered vnode.
3209 *
3210 * Called from dounmount after it's confirmed with the file system
3211 * that the unmount is legal.
3212 */
3213void
3214vfs_remove(struct vfs *vfsp)
3215{
3216	vnode_t *vp;
3217
3218	ASSERT(vfs_lock_held(vfsp));
3219
3220	/*
3221	 * Can't unmount root.  Should never happen because fs will
3222	 * be busy.
3223	 */
3224	if (vfsp == rootvfs)
3225		panic("vfs_remove: unmounting root");
3226
3227	vfs_list_remove(vfsp);
3228
3229	/*
3230	 * Unhook from the file system name space.
3231	 */
3232	vp = vfsp->vfs_vnodecovered;
3233	ASSERT(vn_vfswlock_held(vp));
3234	vp->v_vfsmountedhere = NULL;
3235	vfsp->vfs_vnodecovered = NULL;
3236	VN_RELE(vp);
3237
3238	/*
3239	 * Release lock and wakeup anybody waiting.
3240	 */
3241	vfs_unlock(vfsp);
3242	VFS_RELE(vfsp);
3243}
3244
3245/*
3246 * Lock a filesystem to prevent access to it while mounting,
3247 * unmounting and syncing.  Return EBUSY immediately if lock
3248 * can't be acquired.
3249 */
3250int
3251vfs_lock(vfs_t *vfsp)
3252{
3253	vn_vfslocks_entry_t *vpvfsentry;
3254
3255	vpvfsentry = vn_vfslocks_getlock(vfsp);
3256	if (rwst_tryenter(&vpvfsentry->ve_lock, RW_WRITER))
3257		return (0);
3258
3259	vn_vfslocks_rele(vpvfsentry);
3260	return (EBUSY);
3261}
3262
3263int
3264vfs_rlock(vfs_t *vfsp)
3265{
3266	vn_vfslocks_entry_t *vpvfsentry;
3267
3268	vpvfsentry = vn_vfslocks_getlock(vfsp);
3269
3270	if (rwst_tryenter(&vpvfsentry->ve_lock, RW_READER))
3271		return (0);
3272
3273	vn_vfslocks_rele(vpvfsentry);
3274	return (EBUSY);
3275}
3276
3277void
3278vfs_lock_wait(vfs_t *vfsp)
3279{
3280	vn_vfslocks_entry_t *vpvfsentry;
3281
3282	vpvfsentry = vn_vfslocks_getlock(vfsp);
3283	rwst_enter(&vpvfsentry->ve_lock, RW_WRITER);
3284}
3285
3286void
3287vfs_rlock_wait(vfs_t *vfsp)
3288{
3289	vn_vfslocks_entry_t *vpvfsentry;
3290
3291	vpvfsentry = vn_vfslocks_getlock(vfsp);
3292	rwst_enter(&vpvfsentry->ve_lock, RW_READER);
3293}
3294
3295/*
3296 * Unlock a locked filesystem.
3297 */
3298void
3299vfs_unlock(vfs_t *vfsp)
3300{
3301	vn_vfslocks_entry_t *vpvfsentry;
3302
3303	/*
3304	 * vfs_unlock will mimic sema_v behaviour to fix 4748018.
3305	 * And these changes should remain for the patch changes as it is.
3306	 */
3307	if (panicstr)
3308		return;
3309
3310	/*
3311	 * ve_refcount needs to be dropped twice here.
3312	 * 1. To release refernce after a call to vfs_locks_getlock()
3313	 * 2. To release the reference from the locking routines like
3314	 *    vfs_rlock_wait/vfs_wlock_wait/vfs_wlock etc,.
3315	 */
3316
3317	vpvfsentry = vn_vfslocks_getlock(vfsp);
3318	vn_vfslocks_rele(vpvfsentry);
3319
3320	rwst_exit(&vpvfsentry->ve_lock);
3321	vn_vfslocks_rele(vpvfsentry);
3322}
3323
3324/*
3325 * Utility routine that allows a filesystem to construct its
3326 * fsid in "the usual way" - by munging some underlying dev_t and
3327 * the filesystem type number into the 64-bit fsid.  Note that
3328 * this implicitly relies on dev_t persistence to make filesystem
3329 * id's persistent.
3330 *
3331 * There's nothing to prevent an individual fs from constructing its
3332 * fsid in a different way, and indeed they should.
3333 *
3334 * Since we want fsids to be 32-bit quantities (so that they can be
3335 * exported identically by either 32-bit or 64-bit APIs, as well as
3336 * the fact that fsid's are "known" to NFS), we compress the device
3337 * number given down to 32-bits, and panic if that isn't possible.
3338 */
3339void
3340vfs_make_fsid(fsid_t *fsi, dev_t dev, int val)
3341{
3342	if (!cmpldev((dev32_t *)&fsi->val[0], dev))
3343		panic("device number too big for fsid!");
3344	fsi->val[1] = val;
3345}
3346
3347int
3348vfs_lock_held(vfs_t *vfsp)
3349{
3350	int held;
3351	vn_vfslocks_entry_t *vpvfsentry;
3352
3353	/*
3354	 * vfs_lock_held will mimic sema_held behaviour
3355	 * if panicstr is set. And these changes should remain
3356	 * for the patch changes as it is.
3357	 */
3358	if (panicstr)
3359		return (1);
3360
3361	vpvfsentry = vn_vfslocks_getlock(vfsp);
3362	held = rwst_lock_held(&vpvfsentry->ve_lock, RW_WRITER);
3363
3364	vn_vfslocks_rele(vpvfsentry);
3365	return (held);
3366}
3367
3368struct _kthread *
3369vfs_lock_owner(vfs_t *vfsp)
3370{
3371	struct _kthread *owner;
3372	vn_vfslocks_entry_t *vpvfsentry;
3373
3374	/*
3375	 * vfs_wlock_held will mimic sema_held behaviour
3376	 * if panicstr is set. And these changes should remain
3377	 * for the patch changes as it is.
3378	 */
3379	if (panicstr)
3380		return (NULL);
3381
3382	vpvfsentry = vn_vfslocks_getlock(vfsp);
3383	owner = rwst_owner(&vpvfsentry->ve_lock);
3384
3385	vn_vfslocks_rele(vpvfsentry);
3386	return (owner);
3387}
3388
3389/*
3390 * vfs list locking.
3391 *
3392 * Rather than manipulate the vfslist lock directly, we abstract into lock
3393 * and unlock routines to allow the locking implementation to be changed for
3394 * clustering.
3395 *
3396 * Whenever the vfs list is modified through its hash links, the overall list
3397 * lock must be obtained before locking the relevant hash bucket.  But to see
3398 * whether a given vfs is on the list, it suffices to obtain the lock for the
3399 * hash bucket without getting the overall list lock.  (See getvfs() below.)
3400 */
3401
3402void
3403vfs_list_lock()
3404{
3405	rw_enter(&vfslist, RW_WRITER);
3406}
3407
3408void
3409vfs_list_read_lock()
3410{
3411	rw_enter(&vfslist, RW_READER);
3412}
3413
3414void
3415vfs_list_unlock()
3416{
3417	rw_exit(&vfslist);
3418}
3419
3420/*
3421 * Low level worker routines for adding entries to and removing entries from
3422 * the vfs list.
3423 */
3424
3425static void
3426vfs_hash_add(struct vfs *vfsp, int insert_at_head)
3427{
3428	int vhno;
3429	struct vfs **hp;
3430	dev_t dev;
3431
3432	ASSERT(RW_WRITE_HELD(&vfslist));
3433
3434	dev = expldev(vfsp->vfs_fsid.val[0]);
3435	vhno = VFSHASH(getmajor(dev), getminor(dev));
3436
3437	mutex_enter(&rvfs_list[vhno].rvfs_lock);
3438
3439	/*
3440	 * Link into the hash table, inserting it at the end, so that LOFS
3441	 * with the same fsid as UFS (or other) file systems will not hide the
3442	 * UFS.
3443	 */
3444	if (insert_at_head) {
3445		vfsp->vfs_hash = rvfs_list[vhno].rvfs_head;
3446		rvfs_list[vhno].rvfs_head = vfsp;
3447	} else {
3448		for (hp = &rvfs_list[vhno].rvfs_head; *hp != NULL;
3449		    hp = &(*hp)->vfs_hash)
3450			continue;
3451		/*
3452		 * hp now contains the address of the pointer to update
3453		 * to effect the insertion.
3454		 */
3455		vfsp->vfs_hash = NULL;
3456		*hp = vfsp;
3457	}
3458
3459	rvfs_list[vhno].rvfs_len++;
3460	mutex_exit(&rvfs_list[vhno].rvfs_lock);
3461}
3462
3463
3464static void
3465vfs_hash_remove(struct vfs *vfsp)
3466{
3467	int vhno;
3468	struct vfs *tvfsp;
3469	dev_t dev;
3470
3471	ASSERT(RW_WRITE_HELD(&vfslist));
3472
3473	dev = expldev(vfsp->vfs_fsid.val[0]);
3474	vhno = VFSHASH(getmajor(dev), getminor(dev));
3475
3476	mutex_enter(&rvfs_list[vhno].rvfs_lock);
3477
3478	/*
3479	 * Remove from hash.
3480	 */
3481	if (rvfs_list[vhno].rvfs_head == vfsp) {
3482		rvfs_list[vhno].rvfs_head = vfsp->vfs_hash;
3483		rvfs_list[vhno].rvfs_len--;
3484		goto foundit;
3485	}
3486	for (tvfsp = rvfs_list[vhno].rvfs_head; tvfsp != NULL;
3487	    tvfsp = tvfsp->vfs_hash) {
3488		if (tvfsp->vfs_hash == vfsp) {
3489			tvfsp->vfs_hash = vfsp->vfs_hash;
3490			rvfs_list[vhno].rvfs_len--;
3491			goto foundit;
3492		}
3493	}
3494	cmn_err(CE_WARN, "vfs_list_remove: vfs not found in hash");
3495
3496foundit:
3497
3498	mutex_exit(&rvfs_list[vhno].rvfs_lock);
3499}
3500
3501
3502void
3503vfs_list_add(struct vfs *vfsp)
3504{
3505	zone_t *zone;
3506
3507	/*
3508	 * Typically, the vfs_t will have been created on behalf of the file
3509	 * system in vfs_init, where it will have been provided with a
3510	 * vfs_impl_t. This, however, might be lacking if the vfs_t was created
3511	 * by an unbundled file system. We therefore check for such an example
3512	 * before stamping the vfs_t with its creation time for the benefit of
3513	 * mntfs.
3514	 */
3515	if (vfsp->vfs_implp == NULL)
3516		vfsimpl_setup(vfsp);
3517	vfs_mono_time(&vfsp->vfs_hrctime);
3518
3519	/*
3520	 * The zone that owns the mount is the one that performed the mount.
3521	 * Note that this isn't necessarily the same as the zone mounted into.
3522	 * The corresponding zone_rele_ref() will be done when the vfs_t
3523	 * is being free'd.
3524	 */
3525	vfsp->vfs_zone = curproc->p_zone;
3526	zone_init_ref(&vfsp->vfs_implp->vi_zone_ref);
3527	zone_hold_ref(vfsp->vfs_zone, &vfsp->vfs_implp->vi_zone_ref,
3528	    ZONE_REF_VFS);
3529
3530	/*
3531	 * Find the zone mounted into, and put this mount on its vfs list.
3532	 */
3533	zone = zone_find_by_path(refstr_value(vfsp->vfs_mntpt));
3534	ASSERT(zone != NULL);
3535	/*
3536	 * Special casing for the root vfs.  This structure is allocated
3537	 * statically and hooked onto rootvfs at link time.  During the
3538	 * vfs_mountroot call at system startup time, the root file system's
3539	 * VFS_MOUNTROOT routine will call vfs_add with this root vfs struct
3540	 * as argument.  The code below must detect and handle this special
3541	 * case.  The only apparent justification for this special casing is
3542	 * to ensure that the root file system appears at the head of the
3543	 * list.
3544	 *
3545	 * XXX:	I'm assuming that it's ok to do normal list locking when
3546	 *	adding the entry for the root file system (this used to be
3547	 *	done with no locks held).
3548	 */
3549	vfs_list_lock();
3550	/*
3551	 * Link into the vfs list proper.
3552	 */
3553	if (vfsp == &root) {
3554		/*
3555		 * Assert: This vfs is already on the list as its first entry.
3556		 * Thus, there's nothing to do.
3557		 */
3558		ASSERT(rootvfs == vfsp);
3559		/*
3560		 * Add it to the head of the global zone's vfslist.
3561		 */
3562		ASSERT(zone == global_zone);
3563		ASSERT(zone->zone_vfslist == NULL);
3564		zone->zone_vfslist = vfsp;
3565	} else {
3566		/*
3567		 * Link to end of list using vfs_prev (as rootvfs is now a
3568		 * doubly linked circular list) so list is in mount order for
3569		 * mnttab use.
3570		 */
3571		rootvfs->vfs_prev->vfs_next = vfsp;
3572		vfsp->vfs_prev = rootvfs->vfs_prev;
3573		rootvfs->vfs_prev = vfsp;
3574		vfsp->vfs_next = rootvfs;
3575
3576		/*
3577		 * Do it again for the zone-private list (which may be NULL).
3578		 */
3579		if (zone->zone_vfslist == NULL) {
3580			ASSERT(zone != global_zone);
3581			zone->zone_vfslist = vfsp;
3582		} else {
3583			zone->zone_vfslist->vfs_zone_prev->vfs_zone_next = vfsp;
3584			vfsp->vfs_zone_prev = zone->zone_vfslist->vfs_zone_prev;
3585			zone->zone_vfslist->vfs_zone_prev = vfsp;
3586			vfsp->vfs_zone_next = zone->zone_vfslist;
3587		}
3588	}
3589
3590	/*
3591	 * Link into the hash table, inserting it at the end, so that LOFS
3592	 * with the same fsid as UFS (or other) file systems will not hide
3593	 * the UFS.
3594	 */
3595	vfs_hash_add(vfsp, 0);
3596
3597	/*
3598	 * update the mnttab modification time
3599	 */
3600	vfs_mnttab_modtimeupd();
3601	vfs_list_unlock();
3602	zone_rele(zone);
3603}
3604
3605void
3606vfs_list_remove(struct vfs *vfsp)
3607{
3608	zone_t *zone;
3609
3610	zone = zone_find_by_path(refstr_value(vfsp->vfs_mntpt));
3611	ASSERT(zone != NULL);
3612	/*
3613	 * Callers are responsible for preventing attempts to unmount the
3614	 * root.
3615	 */
3616	ASSERT(vfsp != rootvfs);
3617
3618	vfs_list_lock();
3619
3620	/*
3621	 * Remove from hash.
3622	 */
3623	vfs_hash_remove(vfsp);
3624
3625	/*
3626	 * Remove from vfs list.
3627	 */
3628	vfsp->vfs_prev->vfs_next = vfsp->vfs_next;
3629	vfsp->vfs_next->vfs_prev = vfsp->vfs_prev;
3630	vfsp->vfs_next = vfsp->vfs_prev = NULL;
3631
3632	/*
3633	 * Remove from zone-specific vfs list.
3634	 */
3635	if (zone->zone_vfslist == vfsp)
3636		zone->zone_vfslist = vfsp->vfs_zone_next;
3637
3638	if (vfsp->vfs_zone_next == vfsp) {
3639		ASSERT(vfsp->vfs_zone_prev == vfsp);
3640		ASSERT(zone->zone_vfslist == vfsp);
3641		zone->zone_vfslist = NULL;
3642	}
3643
3644	vfsp->vfs_zone_prev->vfs_zone_next = vfsp->vfs_zone_next;
3645	vfsp->vfs_zone_next->vfs_zone_prev = vfsp->vfs_zone_prev;
3646	vfsp->vfs_zone_next = vfsp->vfs_zone_prev = NULL;
3647
3648	/*
3649	 * update the mnttab modification time
3650	 */
3651	vfs_mnttab_modtimeupd();
3652	vfs_list_unlock();
3653	zone_rele(zone);
3654}
3655
3656struct vfs *
3657getvfs(fsid_t *fsid)
3658{
3659	struct vfs *vfsp;
3660	int val0 = fsid->val[0];
3661	int val1 = fsid->val[1];
3662	dev_t dev = expldev(val0);
3663	int vhno = VFSHASH(getmajor(dev), getminor(dev));
3664	kmutex_t *hmp = &rvfs_list[vhno].rvfs_lock;
3665
3666	mutex_enter(hmp);
3667	for (vfsp = rvfs_list[vhno].rvfs_head; vfsp; vfsp = vfsp->vfs_hash) {
3668		if (vfsp->vfs_fsid.val[0] == val0 &&
3669		    vfsp->vfs_fsid.val[1] == val1) {
3670			VFS_HOLD(vfsp);
3671			mutex_exit(hmp);
3672			return (vfsp);
3673		}
3674	}
3675	mutex_exit(hmp);
3676	return (NULL);
3677}
3678
3679/*
3680 * Search the vfs mount in progress list for a specified device/vfs entry.
3681 * Returns 0 if the first entry in the list that the device matches has the
3682 * given vfs pointer as well.  If the device matches but a different vfs
3683 * pointer is encountered in the list before the given vfs pointer then
3684 * a 1 is returned.
3685 */
3686
3687int
3688vfs_devmounting(dev_t dev, struct vfs *vfsp)
3689{
3690	int retval = 0;
3691	struct ipmnt *mipp;
3692
3693	mutex_enter(&vfs_miplist_mutex);
3694	for (mipp = vfs_miplist; mipp != NULL; mipp = mipp->mip_next) {
3695		if (mipp->mip_dev == dev) {
3696			if (mipp->mip_vfsp != vfsp)
3697				retval = 1;
3698			break;
3699		}
3700	}
3701	mutex_exit(&vfs_miplist_mutex);
3702	return (retval);
3703}
3704
3705/*
3706 * Search the vfs list for a specified device.  Returns 1, if entry is found
3707 * or 0 if no suitable entry is found.
3708 */
3709
3710int
3711vfs_devismounted(dev_t dev)
3712{
3713	struct vfs *vfsp;
3714	int found;
3715
3716	vfs_list_read_lock();
3717	vfsp = rootvfs;
3718	found = 0;
3719	do {
3720		if (vfsp->vfs_dev == dev) {
3721			found = 1;
3722			break;
3723		}
3724		vfsp = vfsp->vfs_next;
3725	} while (vfsp != rootvfs);
3726
3727	vfs_list_unlock();
3728	return (found);
3729}
3730
3731/*
3732 * Search the vfs list for a specified device.  Returns a pointer to it
3733 * or NULL if no suitable entry is found. The caller of this routine
3734 * is responsible for releasing the returned vfs pointer.
3735 */
3736struct vfs *
3737vfs_dev2vfsp(dev_t dev)
3738{
3739	struct vfs *vfsp;
3740	int found;
3741
3742	vfs_list_read_lock();
3743	vfsp = rootvfs;
3744	found = 0;
3745	do {
3746		/*
3747		 * The following could be made more efficient by making
3748		 * the entire loop use vfs_zone_next if the call is from
3749		 * a zone.  The only callers, however, ustat(2) and
3750		 * umount2(2), don't seem to justify the added
3751		 * complexity at present.
3752		 */
3753		if (vfsp->vfs_dev == dev &&
3754		    ZONE_PATH_VISIBLE(refstr_value(vfsp->vfs_mntpt),
3755		    curproc->p_zone)) {
3756			VFS_HOLD(vfsp);
3757			found = 1;
3758			break;
3759		}
3760		vfsp = vfsp->vfs_next;
3761	} while (vfsp != rootvfs);
3762	vfs_list_unlock();
3763	return (found ? vfsp: NULL);
3764}
3765
3766/*
3767 * Search the vfs list for a specified mntpoint.  Returns a pointer to it
3768 * or NULL if no suitable entry is found. The caller of this routine
3769 * is responsible for releasing the returned vfs pointer.
3770 *
3771 * Note that if multiple mntpoints match, the last one matching is
3772 * returned in an attempt to return the "top" mount when overlay
3773 * mounts are covering the same mount point.  This is accomplished by starting
3774 * at the end of the list and working our way backwards, stopping at the first
3775 * matching mount.
3776 */
3777struct vfs *
3778vfs_mntpoint2vfsp(const char *mp)
3779{
3780	struct vfs *vfsp;
3781	struct vfs *retvfsp = NULL;
3782	zone_t *zone = curproc->p_zone;
3783	struct vfs *list;
3784
3785	vfs_list_read_lock();
3786	if (getzoneid() == GLOBAL_ZONEID) {
3787		/*
3788		 * The global zone may see filesystems in any zone.
3789		 */
3790		vfsp = rootvfs->vfs_prev;
3791		do {
3792			if (strcmp(refstr_value(vfsp->vfs_mntpt), mp) == 0) {
3793				retvfsp = vfsp;
3794				break;
3795			}
3796			vfsp = vfsp->vfs_prev;
3797		} while (vfsp != rootvfs->vfs_prev);
3798	} else if ((list = zone->zone_vfslist) != NULL) {
3799		const char *mntpt;
3800
3801		vfsp = list->vfs_zone_prev;
3802		do {
3803			mntpt = refstr_value(vfsp->vfs_mntpt);
3804			mntpt = ZONE_PATH_TRANSLATE(mntpt, zone);
3805			if (strcmp(mntpt, mp) == 0) {
3806				retvfsp = vfsp;
3807				break;
3808			}
3809			vfsp = vfsp->vfs_zone_prev;
3810		} while (vfsp != list->vfs_zone_prev);
3811	}
3812	if (retvfsp)
3813		VFS_HOLD(retvfsp);
3814	vfs_list_unlock();
3815	return (retvfsp);
3816}
3817
3818/*
3819 * Search the vfs list for a specified vfsops.
3820 * if vfs entry is found then return 1, else 0.
3821 */
3822int
3823vfs_opsinuse(vfsops_t *ops)
3824{
3825	struct vfs *vfsp;
3826	int found;
3827
3828	vfs_list_read_lock();
3829	vfsp = rootvfs;
3830	found = 0;
3831	do {
3832		if (vfs_getops(vfsp) == ops) {
3833			found = 1;
3834			break;
3835		}
3836		vfsp = vfsp->vfs_next;
3837	} while (vfsp != rootvfs);
3838	vfs_list_unlock();
3839	return (found);
3840}
3841
3842/*
3843 * Allocate an entry in vfssw for a file system type
3844 */
3845struct vfssw *
3846allocate_vfssw(const char *type)
3847{
3848	struct vfssw *vswp;
3849
3850	if (type[0] == '\0' || strlen(type) + 1 > _ST_FSTYPSZ) {
3851		/*
3852		 * The vfssw table uses the empty string to identify an
3853		 * available entry; we cannot add any type which has
3854		 * a leading NUL. The string length is limited to
3855		 * the size of the st_fstype array in struct stat.
3856		 */
3857		return (NULL);
3858	}
3859
3860	ASSERT(VFSSW_WRITE_LOCKED());
3861	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++)
3862		if (!ALLOCATED_VFSSW(vswp)) {
3863			vswp->vsw_name = kmem_alloc(strlen(type) + 1, KM_SLEEP);
3864			(void) strcpy(vswp->vsw_name, type);
3865			ASSERT(vswp->vsw_count == 0);
3866			vswp->vsw_count = 1;
3867			mutex_init(&vswp->vsw_lock, NULL, MUTEX_DEFAULT, NULL);
3868			return (vswp);
3869		}
3870	return (NULL);
3871}
3872
3873/*
3874 * Impose additional layer of translation between vfstype names
3875 * and module names in the filesystem.
3876 */
3877static const char *
3878vfs_to_modname(const char *vfstype)
3879{
3880	if (strcmp(vfstype, "proc") == 0) {
3881		vfstype = "procfs";
3882	} else if (strcmp(vfstype, "fd") == 0) {
3883		vfstype = "fdfs";
3884	} else if (strncmp(vfstype, "nfs", 3) == 0) {
3885		vfstype = "nfs";
3886	}
3887
3888	return (vfstype);
3889}
3890
3891/*
3892 * Find a vfssw entry given a file system type name.
3893 * Try to autoload the filesystem if it's not found.
3894 * If it's installed, return the vfssw locked to prevent unloading.
3895 */
3896struct vfssw *
3897vfs_getvfssw(const char *type)
3898{
3899	struct vfssw *vswp;
3900	const char *modname;
3901
3902	RLOCK_VFSSW();
3903	vswp = vfs_getvfsswbyname(type);
3904	modname = vfs_to_modname(type);
3905
3906	if (rootdir == NULL) {
3907		/*
3908		 * If we haven't yet loaded the root file system, then our
3909		 * _init won't be called until later. Allocate vfssw entry,
3910		 * because mod_installfs won't be called.
3911		 */
3912		if (vswp == NULL) {
3913			RUNLOCK_VFSSW();
3914			WLOCK_VFSSW();
3915			if ((vswp = vfs_getvfsswbyname(type)) == NULL) {
3916				if ((vswp = allocate_vfssw(type)) == NULL) {
3917					WUNLOCK_VFSSW();
3918					return (NULL);
3919				}
3920			}
3921			WUNLOCK_VFSSW();
3922			RLOCK_VFSSW();
3923		}
3924		if (!VFS_INSTALLED(vswp)) {
3925			RUNLOCK_VFSSW();
3926			(void) modloadonly("fs", modname);
3927		} else
3928			RUNLOCK_VFSSW();
3929		return (vswp);
3930	}
3931
3932	/*
3933	 * Try to load the filesystem.  Before calling modload(), we drop
3934	 * our lock on the VFS switch table, and pick it up after the
3935	 * module is loaded.  However, there is a potential race:  the
3936	 * module could be unloaded after the call to modload() completes
3937	 * but before we pick up the lock and drive on.  Therefore,
3938	 * we keep reloading the module until we've loaded the module
3939	 * _and_ we have the lock on the VFS switch table.
3940	 */
3941	while (vswp == NULL || !VFS_INSTALLED(vswp)) {
3942		RUNLOCK_VFSSW();
3943		if (modload("fs", modname) == -1)
3944			return (NULL);
3945		RLOCK_VFSSW();
3946		if (vswp == NULL)
3947			if ((vswp = vfs_getvfsswbyname(type)) == NULL)
3948				break;
3949	}
3950	RUNLOCK_VFSSW();
3951
3952	return (vswp);
3953}
3954
3955/*
3956 * Find a vfssw entry given a file system type name.
3957 */
3958struct vfssw *
3959vfs_getvfsswbyname(const char *type)
3960{
3961	struct vfssw *vswp;
3962
3963	ASSERT(VFSSW_LOCKED());
3964	if (type == NULL || *type == '\0')
3965		return (NULL);
3966
3967	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++) {
3968		if (strcmp(type, vswp->vsw_name) == 0) {
3969			vfs_refvfssw(vswp);
3970			return (vswp);
3971		}
3972	}
3973
3974	return (NULL);
3975}
3976
3977/*
3978 * Find a vfssw entry given a set of vfsops.
3979 */
3980struct vfssw *
3981vfs_getvfsswbyvfsops(vfsops_t *vfsops)
3982{
3983	struct vfssw *vswp;
3984
3985	RLOCK_VFSSW();
3986	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++) {
3987		if (ALLOCATED_VFSSW(vswp) && &vswp->vsw_vfsops == vfsops) {
3988			vfs_refvfssw(vswp);
3989			RUNLOCK_VFSSW();
3990			return (vswp);
3991		}
3992	}
3993	RUNLOCK_VFSSW();
3994
3995	return (NULL);
3996}
3997
3998/*
3999 * Reference a vfssw entry.
4000 */
4001void
4002vfs_refvfssw(struct vfssw *vswp)
4003{
4004
4005	mutex_enter(&vswp->vsw_lock);
4006	vswp->vsw_count++;
4007	mutex_exit(&vswp->vsw_lock);
4008}
4009
4010/*
4011 * Unreference a vfssw entry.
4012 */
4013void
4014vfs_unrefvfssw(struct vfssw *vswp)
4015{
4016
4017	mutex_enter(&vswp->vsw_lock);
4018	vswp->vsw_count--;
4019	mutex_exit(&vswp->vsw_lock);
4020}
4021
4022static int sync_retries = 20;	/* number of retries when not making progress */
4023static int sync_triesleft;	/* portion of sync_retries remaining */
4024
4025static pgcnt_t old_pgcnt, new_pgcnt;
4026static int new_bufcnt, old_bufcnt;
4027
4028/*
4029 * Sync all of the mounted filesystems, and then wait for the actual i/o to
4030 * complete.  We wait by counting the number of dirty pages and buffers,
4031 * pushing them out using bio_busy() and page_busy(), and then counting again.
4032 * This routine is used during the uadmin A_SHUTDOWN code.  It should only
4033 * be used after some higher-level mechanism has quiesced the system so that
4034 * new writes are not being initiated while we are waiting for completion.
4035 *
4036 * To ensure finite running time, our algorithm uses sync_triesleft (a progress
4037 * counter used by the vfs_syncall() loop below). It is declared above so
4038 * it can be found easily in the debugger.
4039 *
4040 * The sync_triesleft counter is updated by vfs_syncall() itself.  If we make
4041 * sync_retries consecutive calls to bio_busy() and page_busy() without
4042 * decreasing either the number of dirty buffers or dirty pages below the
4043 * lowest count we have seen so far, we give up and return from vfs_syncall().
4044 *
4045 * Each loop iteration ends with a call to delay() one second to allow time for
4046 * i/o completion and to permit the user time to read our progress messages.
4047 */
4048void
4049vfs_syncall(void)
4050{
4051	if (rootdir == NULL && !modrootloaded)
4052		return; /* no filesystems have been loaded yet */
4053
4054	printf("syncing file systems...");
4055	sync();
4056
4057	sync_triesleft = sync_retries;
4058
4059	old_bufcnt = new_bufcnt = INT_MAX;
4060	old_pgcnt = new_pgcnt = ULONG_MAX;
4061
4062	while (sync_triesleft > 0) {
4063		old_bufcnt = MIN(old_bufcnt, new_bufcnt);
4064		old_pgcnt = MIN(old_pgcnt, new_pgcnt);
4065
4066		new_bufcnt = bio_busy(B_TRUE);
4067		new_pgcnt = page_busy(B_TRUE);
4068
4069		if (new_bufcnt == 0 && new_pgcnt == 0)
4070			break;
4071
4072		if (new_bufcnt < old_bufcnt || new_pgcnt < old_pgcnt)
4073			sync_triesleft = sync_retries;
4074		else
4075			sync_triesleft--;
4076
4077		if (new_bufcnt)
4078			printf(" [%d]", new_bufcnt);
4079		if (new_pgcnt)
4080			printf(" %lu", new_pgcnt);
4081
4082		delay(hz);
4083	}
4084
4085	if (new_bufcnt != 0 || new_pgcnt != 0)
4086		printf(" done (not all i/o completed)\n");
4087	else
4088		printf(" done\n");
4089
4090	delay(hz);
4091}
4092
4093/*
4094 * Map VFS flags to statvfs flags.  These shouldn't really be separate
4095 * flags at all.
4096 */
4097uint_t
4098vf_to_stf(uint_t vf)
4099{
4100	uint_t stf = 0;
4101
4102	if (vf & VFS_RDONLY)
4103		stf |= ST_RDONLY;
4104	if (vf & VFS_NOSETUID)
4105		stf |= ST_NOSUID;
4106	if (vf & VFS_NOTRUNC)
4107		stf |= ST_NOTRUNC;
4108
4109	return (stf);
4110}
4111
4112/*
4113 * Entries for (illegal) fstype 0.
4114 */
4115/* ARGSUSED */
4116int
4117vfsstray_sync(struct vfs *vfsp, short arg, struct cred *cr)
4118{
4119	cmn_err(CE_PANIC, "stray vfs operation");
4120	return (0);
4121}
4122
4123/*
4124 * Entries for (illegal) fstype 0.
4125 */
4126int
4127vfsstray(void)
4128{
4129	cmn_err(CE_PANIC, "stray vfs operation");
4130	return (0);
4131}
4132
4133/*
4134 * Support for dealing with forced UFS unmount and its interaction with
4135 * LOFS. Could be used by any filesystem.
4136 * See bug 1203132.
4137 */
4138int
4139vfs_EIO(void)
4140{
4141	return (EIO);
4142}
4143
4144/*
4145 * We've gotta define the op for sync separately, since the compiler gets
4146 * confused if we mix and match ANSI and normal style prototypes when
4147 * a "short" argument is present and spits out a warning.
4148 */
4149/*ARGSUSED*/
4150int
4151vfs_EIO_sync(struct vfs *vfsp, short arg, struct cred *cr)
4152{
4153	return (EIO);
4154}
4155
4156vfs_t EIO_vfs;
4157vfsops_t *EIO_vfsops;
4158
4159/*
4160 * Called from startup() to initialize all loaded vfs's
4161 */
4162void
4163vfsinit(void)
4164{
4165	struct vfssw *vswp;
4166	int error;
4167	extern int vopstats_enabled;
4168	extern void vopstats_startup();
4169
4170	static const fs_operation_def_t EIO_vfsops_template[] = {
4171		VFSNAME_MOUNT,		{ .error = vfs_EIO },
4172		VFSNAME_UNMOUNT,	{ .error = vfs_EIO },
4173		VFSNAME_ROOT,		{ .error = vfs_EIO },
4174		VFSNAME_STATVFS,	{ .error = vfs_EIO },
4175		VFSNAME_SYNC,		{ .vfs_sync = vfs_EIO_sync },
4176		VFSNAME_VGET,		{ .error = vfs_EIO },
4177		VFSNAME_MOUNTROOT,	{ .error = vfs_EIO },
4178		VFSNAME_FREEVFS,	{ .error = vfs_EIO },
4179		VFSNAME_VNSTATE,	{ .error = vfs_EIO },
4180		NULL, NULL
4181	};
4182
4183	static const fs_operation_def_t stray_vfsops_template[] = {
4184		VFSNAME_MOUNT,		{ .error = vfsstray },
4185		VFSNAME_UNMOUNT,	{ .error = vfsstray },
4186		VFSNAME_ROOT,		{ .error = vfsstray },
4187		VFSNAME_STATVFS,	{ .error = vfsstray },
4188		VFSNAME_SYNC,		{ .vfs_sync = vfsstray_sync },
4189		VFSNAME_VGET,		{ .error = vfsstray },
4190		VFSNAME_MOUNTROOT,	{ .error = vfsstray },
4191		VFSNAME_FREEVFS,	{ .error = vfsstray },
4192		VFSNAME_VNSTATE,	{ .error = vfsstray },
4193		NULL, NULL
4194	};
4195
4196	/* Create vfs cache */
4197	vfs_cache = kmem_cache_create("vfs_cache", sizeof (struct vfs),
4198	    sizeof (uintptr_t), NULL, NULL, NULL, NULL, NULL, 0);
4199
4200	/* Initialize the vnode cache (file systems may use it during init). */
4201	vn_create_cache();
4202
4203	/* Setup event monitor framework */
4204	fem_init();
4205
4206	/* Initialize the dummy stray file system type. */
4207	error = vfs_setfsops(0, stray_vfsops_template, NULL);
4208
4209	/* Initialize the dummy EIO file system. */
4210	error = vfs_makefsops(EIO_vfsops_template, &EIO_vfsops);
4211	if (error != 0) {
4212		cmn_err(CE_WARN, "vfsinit: bad EIO vfs ops template");
4213		/* Shouldn't happen, but not bad enough to panic */
4214	}
4215
4216	VFS_INIT(&EIO_vfs, EIO_vfsops, (caddr_t)NULL);
4217
4218	/*
4219	 * Default EIO_vfs.vfs_flag to VFS_UNMOUNTED so a lookup
4220	 * on this vfs can immediately notice it's invalid.
4221	 */
4222	EIO_vfs.vfs_flag |= VFS_UNMOUNTED;
4223
4224	/*
4225	 * Call the init routines of non-loadable filesystems only.
4226	 * Filesystems which are loaded as separate modules will be
4227	 * initialized by the module loading code instead.
4228	 */
4229
4230	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++) {
4231		RLOCK_VFSSW();
4232		if (vswp->vsw_init != NULL)
4233			(void) (*vswp->vsw_init)(vswp - vfssw, vswp->vsw_name);
4234		RUNLOCK_VFSSW();
4235	}
4236
4237	vopstats_startup();
4238
4239	if (vopstats_enabled) {
4240		/* EIO_vfs can collect stats, but we don't retrieve them */
4241		initialize_vopstats(&EIO_vfs.vfs_vopstats);
4242		EIO_vfs.vfs_fstypevsp = NULL;
4243		EIO_vfs.vfs_vskap = NULL;
4244		EIO_vfs.vfs_flag |= VFS_STATS;
4245	}
4246
4247	xattr_init();
4248
4249	reparse_point_init();
4250}
4251
4252vfs_t *
4253vfs_alloc(int kmflag)
4254{
4255	vfs_t *vfsp;
4256
4257	vfsp = kmem_cache_alloc(vfs_cache, kmflag);
4258
4259	/*
4260	 * Do the simplest initialization here.
4261	 * Everything else gets done in vfs_init()
4262	 */
4263	bzero(vfsp, sizeof (vfs_t));
4264	return (vfsp);
4265}
4266
4267void
4268vfs_free(vfs_t *vfsp)
4269{
4270	/*
4271	 * One would be tempted to assert that "vfsp->vfs_count == 0".
4272	 * The problem is that this gets called out of domount() with
4273	 * a partially initialized vfs and a vfs_count of 1.  This is
4274	 * also called from vfs_rele() with a vfs_count of 0.  We can't
4275	 * call VFS_RELE() from domount() if VFS_MOUNT() hasn't successfully
4276	 * returned.  This is because VFS_MOUNT() fully initializes the
4277	 * vfs structure and its associated data.  VFS_RELE() will call
4278	 * VFS_FREEVFS() which may panic the system if the data structures
4279	 * aren't fully initialized from a successful VFS_MOUNT()).
4280	 */
4281
4282	/* If FEM was in use, make sure everything gets cleaned up */
4283	if (vfsp->vfs_femhead) {
4284		ASSERT(vfsp->vfs_femhead->femh_list == NULL);
4285		mutex_destroy(&vfsp->vfs_femhead->femh_lock);
4286		kmem_free(vfsp->vfs_femhead, sizeof (*(vfsp->vfs_femhead)));
4287		vfsp->vfs_femhead = NULL;
4288	}
4289
4290	if (vfsp->vfs_implp)
4291		vfsimpl_teardown(vfsp);
4292	sema_destroy(&vfsp->vfs_reflock);
4293	kmem_cache_free(vfs_cache, vfsp);
4294}
4295
4296/*
4297 * Increments the vfs reference count by one atomically.
4298 */
4299void
4300vfs_hold(vfs_t *vfsp)
4301{
4302	atomic_inc_32(&vfsp->vfs_count);
4303	ASSERT(vfsp->vfs_count != 0);
4304}
4305
4306/*
4307 * Decrements the vfs reference count by one atomically. When
4308 * vfs reference count becomes zero, it calls the file system
4309 * specific vfs_freevfs() to free up the resources.
4310 */
4311void
4312vfs_rele(vfs_t *vfsp)
4313{
4314	ASSERT(vfsp->vfs_count != 0);
4315	if (atomic_dec_32_nv(&vfsp->vfs_count) == 0) {
4316		VFS_FREEVFS(vfsp);
4317		lofi_remove(vfsp);
4318		if (vfsp->vfs_zone)
4319			zone_rele_ref(&vfsp->vfs_implp->vi_zone_ref,
4320			    ZONE_REF_VFS);
4321		vfs_freemnttab(vfsp);
4322		vfs_free(vfsp);
4323	}
4324}
4325
4326/*
4327 * Generic operations vector support.
4328 *
4329 * This is used to build operations vectors for both the vfs and vnode.
4330 * It's normally called only when a file system is loaded.
4331 *
4332 * There are many possible algorithms for this, including the following:
4333 *
4334 *   (1) scan the list of known operations; for each, see if the file system
4335 *       includes an entry for it, and fill it in as appropriate.
4336 *
4337 *   (2) set up defaults for all known operations.  scan the list of ops
4338 *       supplied by the file system; for each which is both supplied and
4339 *       known, fill it in.
4340 *
4341 *   (3) sort the lists of known ops & supplied ops; scan the list, filling
4342 *       in entries as we go.
4343 *
4344 * we choose (1) for simplicity, and because performance isn't critical here.
4345 * note that (2) could be sped up using a precomputed hash table on known ops.
4346 * (3) could be faster than either, but only if the lists were very large or
4347 * supplied in sorted order.
4348 *
4349 */
4350
4351int
4352fs_build_vector(void *vector, int *unused_ops,
4353    const fs_operation_trans_def_t *translation,
4354    const fs_operation_def_t *operations)
4355{
4356	int i, num_trans, num_ops, used;
4357
4358	/*
4359	 * Count the number of translations and the number of supplied
4360	 * operations.
4361	 */
4362
4363	{
4364		const fs_operation_trans_def_t *p;
4365
4366		for (num_trans = 0, p = translation;
4367		    p->name != NULL;
4368		    num_trans++, p++)
4369			;
4370	}
4371
4372	{
4373		const fs_operation_def_t *p;
4374
4375		for (num_ops = 0, p = operations;
4376		    p->name != NULL;
4377		    num_ops++, p++)
4378			;
4379	}
4380
4381	/* Walk through each operation known to our caller.  There will be */
4382	/* one entry in the supplied "translation table" for each. */
4383
4384	used = 0;
4385
4386	for (i = 0; i < num_trans; i++) {
4387		int j, found;
4388		char *curname;
4389		fs_generic_func_p result;
4390		fs_generic_func_p *location;
4391
4392		curname = translation[i].name;
4393
4394		/* Look for a matching operation in the list supplied by the */
4395		/* file system. */
4396
4397		found = 0;
4398
4399		for (j = 0; j < num_ops; j++) {
4400			if (strcmp(operations[j].name, curname) == 0) {
4401				used++;
4402				found = 1;
4403				break;
4404			}
4405		}
4406
4407		/*
4408		 * If the file system is using a "placeholder" for default
4409		 * or error functions, grab the appropriate function out of
4410		 * the translation table.  If the file system didn't supply
4411		 * this operation at all, use the default function.
4412		 */
4413
4414		if (found) {
4415			result = operations[j].func.fs_generic;
4416			if (result == fs_default) {
4417				result = translation[i].defaultFunc;
4418			} else if (result == fs_error) {
4419				result = translation[i].errorFunc;
4420			} else if (result == NULL) {
4421				/* Null values are PROHIBITED */
4422				return (EINVAL);
4423			}
4424		} else {
4425			result = translation[i].defaultFunc;
4426		}
4427
4428		/* Now store the function into the operations vector. */
4429
4430		location = (fs_generic_func_p *)
4431		    (((char *)vector) + translation[i].offset);
4432
4433		*location = result;
4434	}
4435
4436	*unused_ops = num_ops - used;
4437
4438	return (0);
4439}
4440
4441/* Placeholder functions, should never be called. */
4442
4443int
4444fs_error(void)
4445{
4446	cmn_err(CE_PANIC, "fs_error called");
4447	return (0);
4448}
4449
4450int
4451fs_default(void)
4452{
4453	cmn_err(CE_PANIC, "fs_default called");
4454	return (0);
4455}
4456
4457#ifdef __sparc
4458
4459/*
4460 * Part of the implementation of booting off a mirrored root
4461 * involves a change of dev_t for the root device.  To
4462 * accomplish this, first remove the existing hash table
4463 * entry for the root device, convert to the new dev_t,
4464 * then re-insert in the hash table at the head of the list.
4465 */
4466void
4467vfs_root_redev(vfs_t *vfsp, dev_t ndev, int fstype)
4468{
4469	vfs_list_lock();
4470
4471	vfs_hash_remove(vfsp);
4472
4473	vfsp->vfs_dev = ndev;
4474	vfs_make_fsid(&vfsp->vfs_fsid, ndev, fstype);
4475
4476	vfs_hash_add(vfsp, 1);
4477
4478	vfs_list_unlock();
4479}
4480
4481#else /* x86 NEWBOOT */
4482
4483#if defined(__x86)
4484extern int hvmboot_rootconf();
4485#endif /* __x86 */
4486
4487extern ib_boot_prop_t *iscsiboot_prop;
4488
4489int
4490rootconf()
4491{
4492	int error;
4493	struct vfssw *vsw;
4494	extern void pm_init();
4495	char *fstyp, *fsmod;
4496	int ret = -1;
4497
4498	getrootfs(&fstyp, &fsmod);
4499
4500#if defined(__x86)
4501	/*
4502	 * hvmboot_rootconf() is defined in the hvm_bootstrap misc module,
4503	 * which lives in /platform/i86hvm, and hence is only available when
4504	 * booted in an x86 hvm environment.  If the hvm_bootstrap misc module
4505	 * is not available then the modstub for this function will return 0.
4506	 * If the hvm_bootstrap misc module is available it will be loaded
4507	 * and hvmboot_rootconf() will be invoked.
4508	 */
4509	if (error = hvmboot_rootconf())
4510		return (error);
4511#endif /* __x86 */
4512
4513	if (error = clboot_rootconf())
4514		return (error);
4515
4516	if (modload("fs", fsmod) == -1)
4517		panic("Cannot _init %s module", fsmod);
4518
4519	RLOCK_VFSSW();
4520	vsw = vfs_getvfsswbyname(fstyp);
4521	RUNLOCK_VFSSW();
4522	if (vsw == NULL) {
4523		cmn_err(CE_CONT, "Cannot find %s filesystem\n", fstyp);
4524		return (ENXIO);
4525	}
4526	VFS_INIT(rootvfs, &vsw->vsw_vfsops, 0);
4527	VFS_HOLD(rootvfs);
4528
4529	/* always mount readonly first */
4530	rootvfs->vfs_flag |= VFS_RDONLY;
4531
4532	pm_init();
4533
4534	if (netboot && iscsiboot_prop) {
4535		cmn_err(CE_WARN, "NFS boot and iSCSI boot"
4536		    " shouldn't happen in the same time");
4537		return (EINVAL);
4538	}
4539
4540	if (netboot || iscsiboot_prop) {
4541		ret = strplumb();
4542		if (ret != 0) {
4543			cmn_err(CE_WARN, "Cannot plumb network device %d", ret);
4544			return (EFAULT);
4545		}
4546	}
4547
4548	if ((ret == 0) && iscsiboot_prop) {
4549		ret = modload("drv", "iscsi");
4550		/* -1 indicates fail */
4551		if (ret == -1) {
4552			cmn_err(CE_WARN, "Failed to load iscsi module");
4553			iscsi_boot_prop_free();
4554			return (EINVAL);
4555		} else {
4556			if (!i_ddi_attach_pseudo_node("iscsi")) {
4557				cmn_err(CE_WARN,
4558				    "Failed to attach iscsi driver");
4559				iscsi_boot_prop_free();
4560				return (ENODEV);
4561			}
4562		}
4563	}
4564
4565	error = VFS_MOUNTROOT(rootvfs, ROOT_INIT);
4566	vfs_unrefvfssw(vsw);
4567	rootdev = rootvfs->vfs_dev;
4568
4569	if (error)
4570		cmn_err(CE_CONT, "Cannot mount root on %s fstype %s\n",
4571		    rootfs.bo_name, fstyp);
4572	else
4573		cmn_err(CE_CONT, "?root on %s fstype %s\n",
4574		    rootfs.bo_name, fstyp);
4575	return (error);
4576}
4577
4578/*
4579 * XXX this is called by nfs only and should probably be removed
4580 * If booted with ASKNAME, prompt on the console for a filesystem
4581 * name and return it.
4582 */
4583void
4584getfsname(char *askfor, char *name, size_t namelen)
4585{
4586	if (boothowto & RB_ASKNAME) {
4587		printf("%s name: ", askfor);
4588		console_gets(name, namelen);
4589	}
4590}
4591
4592/*
4593 * Init the root filesystem type (rootfs.bo_fstype) from the "fstype"
4594 * property.
4595 *
4596 * Filesystem types starting with the prefix "nfs" are diskless clients;
4597 * init the root filename name (rootfs.bo_name), too.
4598 *
4599 * If we are booting via NFS we currently have these options:
4600 *	nfs -	dynamically choose NFS V2, V3, or V4 (default)
4601 *	nfs2 -	force NFS V2
4602 *	nfs3 -	force NFS V3
4603 *	nfs4 -	force NFS V4
4604 * Because we need to maintain backward compatibility with the naming
4605 * convention that the NFS V2 filesystem name is "nfs" (see vfs_conf.c)
4606 * we need to map "nfs" => "nfsdyn" and "nfs2" => "nfs".  The dynamic
4607 * nfs module will map the type back to either "nfs", "nfs3", or "nfs4".
4608 * This is only for root filesystems, all other uses will expect
4609 * that "nfs" == NFS V2.
4610 */
4611static void
4612getrootfs(char **fstypp, char **fsmodp)
4613{
4614	char *propstr = NULL;
4615
4616	/*
4617	 * Check fstype property; for diskless it should be one of "nfs",
4618	 * "nfs2", "nfs3" or "nfs4".
4619	 */
4620	if (ddi_prop_lookup_string(DDI_DEV_T_ANY, ddi_root_node(),
4621	    DDI_PROP_DONTPASS, "fstype", &propstr)
4622	    == DDI_SUCCESS) {
4623		(void) strncpy(rootfs.bo_fstype, propstr, BO_MAXFSNAME);
4624		ddi_prop_free(propstr);
4625
4626	/*
4627	 * if the boot property 'fstype' is not set, but 'zfs-bootfs' is set,
4628	 * assume the type of this root filesystem is 'zfs'.
4629	 */
4630	} else if (ddi_prop_lookup_string(DDI_DEV_T_ANY, ddi_root_node(),
4631	    DDI_PROP_DONTPASS, "zfs-bootfs", &propstr)
4632	    == DDI_SUCCESS) {
4633		(void) strncpy(rootfs.bo_fstype, "zfs", BO_MAXFSNAME);
4634		ddi_prop_free(propstr);
4635	}
4636
4637	if (strncmp(rootfs.bo_fstype, "nfs", 3) != 0) {
4638		*fstypp = *fsmodp = rootfs.bo_fstype;
4639		return;
4640	}
4641
4642	++netboot;
4643
4644	if (strcmp(rootfs.bo_fstype, "nfs2") == 0)
4645		(void) strcpy(rootfs.bo_fstype, "nfs");
4646	else if (strcmp(rootfs.bo_fstype, "nfs") == 0)
4647		(void) strcpy(rootfs.bo_fstype, "nfsdyn");
4648
4649	/*
4650	 * check if path to network interface is specified in bootpath
4651	 * or by a hypervisor domain configuration file.
4652	 * XXPV - enable strlumb_get_netdev_path()
4653	 */
4654	if (ddi_prop_exists(DDI_DEV_T_ANY, ddi_root_node(), DDI_PROP_DONTPASS,
4655	    "xpv-nfsroot")) {
4656		(void) strcpy(rootfs.bo_name, "/xpvd/xnf@0");
4657	} else if (ddi_prop_lookup_string(DDI_DEV_T_ANY, ddi_root_node(),
4658	    DDI_PROP_DONTPASS, "bootpath", &propstr)
4659	    == DDI_SUCCESS) {
4660		(void) strncpy(rootfs.bo_name, propstr, BO_MAXOBJNAME);
4661		ddi_prop_free(propstr);
4662	} else {
4663		rootfs.bo_name[0] = '\0';
4664	}
4665	*fstypp = rootfs.bo_fstype;
4666	*fsmodp = "nfs";
4667}
4668#endif
4669
4670/*
4671 * VFS feature routines
4672 */
4673
4674#define	VFTINDEX(feature)	(((feature) >> 32) & 0xFFFFFFFF)
4675#define	VFTBITS(feature)	((feature) & 0xFFFFFFFFLL)
4676
4677/* Register a feature in the vfs */
4678void
4679vfs_set_feature(vfs_t *vfsp, vfs_feature_t feature)
4680{
4681	/* Note that vfs_featureset[] is found in *vfsp->vfs_implp */
4682	if (vfsp->vfs_implp == NULL)
4683		return;
4684
4685	vfsp->vfs_featureset[VFTINDEX(feature)] |= VFTBITS(feature);
4686}
4687
4688void
4689vfs_clear_feature(vfs_t *vfsp, vfs_feature_t feature)
4690{
4691	/* Note that vfs_featureset[] is found in *vfsp->vfs_implp */
4692	if (vfsp->vfs_implp == NULL)
4693		return;
4694	vfsp->vfs_featureset[VFTINDEX(feature)] &= VFTBITS(~feature);
4695}
4696
4697/*
4698 * Query a vfs for a feature.
4699 * Returns 1 if feature is present, 0 if not
4700 */
4701int
4702vfs_has_feature(vfs_t *vfsp, vfs_feature_t feature)
4703{
4704	int	ret = 0;
4705
4706	/* Note that vfs_featureset[] is found in *vfsp->vfs_implp */
4707	if (vfsp->vfs_implp == NULL)
4708		return (ret);
4709
4710	if (vfsp->vfs_featureset[VFTINDEX(feature)] & VFTBITS(feature))
4711		ret = 1;
4712
4713	return (ret);
4714}
4715
4716/*
4717 * Propagate feature set from one vfs to another
4718 */
4719void
4720vfs_propagate_features(vfs_t *from, vfs_t *to)
4721{
4722	int i;
4723
4724	if (to->vfs_implp == NULL || from->vfs_implp == NULL)
4725		return;
4726
4727	for (i = 1; i <= to->vfs_featureset[0]; i++) {
4728		to->vfs_featureset[i] = from->vfs_featureset[i];
4729	}
4730}
4731
4732#define	LOFINODE_PATH "/dev/lofi/%d"
4733
4734/*
4735 * Return the vnode for the lofi node if there's a lofi mount in place.
4736 * Returns -1 when there's no lofi node, 0 on success, and > 0 on
4737 * failure.
4738 */
4739int
4740vfs_get_lofi(vfs_t *vfsp, vnode_t **vpp)
4741{
4742	char *path = NULL;
4743	int strsize;
4744	int err;
4745
4746	if (vfsp->vfs_lofi_id == 0) {
4747		*vpp = NULL;
4748		return (-1);
4749	}
4750
4751	strsize = snprintf(NULL, 0, LOFINODE_PATH, vfsp->vfs_lofi_id);
4752	path = kmem_alloc(strsize + 1, KM_SLEEP);
4753	(void) snprintf(path, strsize + 1, LOFINODE_PATH, vfsp->vfs_lofi_id);
4754
4755	/*
4756	 * We may be inside a zone, so we need to use the /dev path, but
4757	 * it's created asynchronously, so we wait here.
4758	 */
4759	for (;;) {
4760		err = lookupname(path, UIO_SYSSPACE, FOLLOW, NULLVPP, vpp);
4761
4762		if (err != ENOENT)
4763			break;
4764
4765		if ((err = delay_sig(hz / 8)) == EINTR)
4766			break;
4767	}
4768
4769	if (err)
4770		*vpp = NULL;
4771
4772	kmem_free(path, strsize + 1);
4773	return (err);
4774}
4775