1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
23 * Copyright (c) 1988, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2019, Joyent, Inc.
25 * Copyright 2016 Toomas Soome <tsoome@me.com>
26 * Copyright (c) 2016, 2017 by Delphix. All rights reserved.
27 * Copyright 2016 Nexenta Systems, Inc.
28 * Copyright 2017 RackTop Systems.
29 */
30
31/*	Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T	*/
32/*	  All Rights Reserved	*/
33
34/*
35 * University Copyright- Copyright (c) 1982, 1986, 1988
36 * The Regents of the University of California
37 * All Rights Reserved
38 *
39 * University Acknowledgment- Portions of this document are derived from
40 * software developed by the University of California, Berkeley, and its
41 * contributors.
42 */
43
44#include <sys/types.h>
45#include <sys/t_lock.h>
46#include <sys/param.h>
47#include <sys/errno.h>
48#include <sys/user.h>
49#include <sys/fstyp.h>
50#include <sys/kmem.h>
51#include <sys/systm.h>
52#include <sys/proc.h>
53#include <sys/mount.h>
54#include <sys/vfs.h>
55#include <sys/vfs_opreg.h>
56#include <sys/fem.h>
57#include <sys/mntent.h>
58#include <sys/stat.h>
59#include <sys/statvfs.h>
60#include <sys/statfs.h>
61#include <sys/cred.h>
62#include <sys/vnode.h>
63#include <sys/rwstlock.h>
64#include <sys/dnlc.h>
65#include <sys/file.h>
66#include <sys/time.h>
67#include <sys/atomic.h>
68#include <sys/cmn_err.h>
69#include <sys/buf.h>
70#include <sys/swap.h>
71#include <sys/debug.h>
72#include <sys/vnode.h>
73#include <sys/modctl.h>
74#include <sys/ddi.h>
75#include <sys/pathname.h>
76#include <sys/bootconf.h>
77#include <sys/dumphdr.h>
78#include <sys/dc_ki.h>
79#include <sys/poll.h>
80#include <sys/sunddi.h>
81#include <sys/sysmacros.h>
82#include <sys/zone.h>
83#include <sys/policy.h>
84#include <sys/ctfs.h>
85#include <sys/objfs.h>
86#include <sys/console.h>
87#include <sys/reboot.h>
88#include <sys/attr.h>
89#include <sys/zio.h>
90#include <sys/spa.h>
91#include <sys/lofi.h>
92#include <sys/bootprops.h>
93
94#include <vm/page.h>
95
96#include <fs/fs_subr.h>
97/* Private interfaces to create vopstats-related data structures */
98extern void		initialize_vopstats(vopstats_t *);
99extern vopstats_t	*get_fstype_vopstats(struct vfs *, struct vfssw *);
100extern vsk_anchor_t	*get_vskstat_anchor(struct vfs *);
101
102static void vfs_clearmntopt_nolock(mntopts_t *, const char *, int);
103static void vfs_setmntopt_nolock(mntopts_t *, const char *,
104    const char *, int, int);
105static int  vfs_optionisset_nolock(const mntopts_t *, const char *, char **);
106static void vfs_freemnttab(struct vfs *);
107static void vfs_freeopt(mntopt_t *);
108static void vfs_swapopttbl_nolock(mntopts_t *, mntopts_t *);
109static void vfs_swapopttbl(mntopts_t *, mntopts_t *);
110static void vfs_copyopttbl_extend(const mntopts_t *, mntopts_t *, int);
111static void vfs_createopttbl_extend(mntopts_t *, const char *,
112    const mntopts_t *);
113static char **vfs_copycancelopt_extend(char **const, int);
114static void vfs_freecancelopt(char **);
115static void getrootfs(char **, char **);
116static int getmacpath(dev_info_t *, void *);
117static void vfs_mnttabvp_setup(void);
118
119struct ipmnt {
120	struct ipmnt	*mip_next;
121	dev_t		mip_dev;
122	struct vfs	*mip_vfsp;
123};
124
125static kmutex_t		vfs_miplist_mutex;
126static struct ipmnt	*vfs_miplist = NULL;
127static struct ipmnt	*vfs_miplist_end = NULL;
128
129static kmem_cache_t *vfs_cache;	/* Pointer to VFS kmem cache */
130
131/*
132 * VFS global data.
133 */
134vnode_t *rootdir;		/* pointer to root inode vnode. */
135vnode_t *devicesdir;		/* pointer to inode of devices root */
136vnode_t	*devdir;		/* pointer to inode of dev root */
137
138char *server_rootpath;		/* root path for diskless clients */
139char *server_hostname;		/* hostname of diskless server */
140
141static struct vfs root;
142static struct vfs devices;
143static struct vfs dev;
144struct vfs *rootvfs = &root;	/* pointer to root vfs; head of VFS list. */
145rvfs_t *rvfs_list;		/* array of vfs ptrs for vfs hash list */
146int vfshsz = 512;		/* # of heads/locks in vfs hash arrays */
147				/* must be power of 2!	*/
148timespec_t vfs_mnttab_ctime;	/* mnttab created time */
149timespec_t vfs_mnttab_mtime;	/* mnttab last modified time */
150char *vfs_dummyfstype = "\0";
151struct pollhead vfs_pollhd;	/* for mnttab pollers */
152struct vnode *vfs_mntdummyvp;	/* to fake mnttab read/write for file events */
153int	mntfstype;		/* will be set once mnt fs is mounted */
154
155/*
156 * Table for generic options recognized in the VFS layer and acted
157 * on at this level before parsing file system specific options.
158 * The nosuid option is stronger than any of the devices and setuid
159 * options, so those are canceled when nosuid is seen.
160 *
161 * All options which are added here need to be added to the
162 * list of standard options in usr/src/cmd/fs.d/fslib.c as well.
163 */
164/*
165 * VFS Mount options table
166 */
167static char *ro_cancel[] = { MNTOPT_RW, NULL };
168static char *rw_cancel[] = { MNTOPT_RO, NULL };
169static char *suid_cancel[] = { MNTOPT_NOSUID, NULL };
170static char *nosuid_cancel[] = { MNTOPT_SUID, MNTOPT_DEVICES, MNTOPT_NODEVICES,
171    MNTOPT_NOSETUID, MNTOPT_SETUID, NULL };
172static char *devices_cancel[] = { MNTOPT_NODEVICES, NULL };
173static char *nodevices_cancel[] = { MNTOPT_DEVICES, NULL };
174static char *setuid_cancel[] = { MNTOPT_NOSETUID, NULL };
175static char *nosetuid_cancel[] = { MNTOPT_SETUID, NULL };
176static char *nbmand_cancel[] = { MNTOPT_NONBMAND, NULL };
177static char *nonbmand_cancel[] = { MNTOPT_NBMAND, NULL };
178static char *exec_cancel[] = { MNTOPT_NOEXEC, NULL };
179static char *noexec_cancel[] = { MNTOPT_EXEC, NULL };
180
181static const mntopt_t mntopts[] = {
182/*
183 *	option name		cancel options		default arg	flags
184 */
185	{ MNTOPT_REMOUNT,	NULL,			NULL,
186		MO_NODISPLAY, (void *)0 },
187	{ MNTOPT_RO,		ro_cancel,		NULL,		0,
188		(void *)0 },
189	{ MNTOPT_RW,		rw_cancel,		NULL,		0,
190		(void *)0 },
191	{ MNTOPT_SUID,		suid_cancel,		NULL,		0,
192		(void *)0 },
193	{ MNTOPT_NOSUID,	nosuid_cancel,		NULL,		0,
194		(void *)0 },
195	{ MNTOPT_DEVICES,	devices_cancel,		NULL,		0,
196		(void *)0 },
197	{ MNTOPT_NODEVICES,	nodevices_cancel,	NULL,		0,
198		(void *)0 },
199	{ MNTOPT_SETUID,	setuid_cancel,		NULL,		0,
200		(void *)0 },
201	{ MNTOPT_NOSETUID,	nosetuid_cancel,	NULL,		0,
202		(void *)0 },
203	{ MNTOPT_NBMAND,	nbmand_cancel,		NULL,		0,
204		(void *)0 },
205	{ MNTOPT_NONBMAND,	nonbmand_cancel,	NULL,		0,
206		(void *)0 },
207	{ MNTOPT_EXEC,		exec_cancel,		NULL,		0,
208		(void *)0 },
209	{ MNTOPT_NOEXEC,	noexec_cancel,		NULL,		0,
210		(void *)0 },
211};
212
213const mntopts_t vfs_mntopts = {
214	sizeof (mntopts) / sizeof (mntopt_t),
215	(mntopt_t *)&mntopts[0]
216};
217
218/*
219 * File system operation dispatch functions.
220 */
221
222int
223fsop_mount(vfs_t *vfsp, vnode_t *mvp, struct mounta *uap, cred_t *cr)
224{
225	return (*(vfsp)->vfs_op->vfs_mount)(vfsp, mvp, uap, cr);
226}
227
228int
229fsop_unmount(vfs_t *vfsp, int flag, cred_t *cr)
230{
231	return (*(vfsp)->vfs_op->vfs_unmount)(vfsp, flag, cr);
232}
233
234int
235fsop_root(vfs_t *vfsp, vnode_t **vpp)
236{
237	refstr_t *mntpt;
238	int ret = (*(vfsp)->vfs_op->vfs_root)(vfsp, vpp);
239	/*
240	 * Make sure this root has a path.  With lofs, it is possible to have
241	 * a NULL mountpoint.
242	 */
243	if (ret == 0 && vfsp->vfs_mntpt != NULL &&
244	    (*vpp)->v_path == vn_vpath_empty) {
245		const char *path;
246
247		mntpt = vfs_getmntpoint(vfsp);
248		path = refstr_value(mntpt);
249		vn_setpath_str(*vpp, path, strlen(path));
250		refstr_rele(mntpt);
251	}
252
253	return (ret);
254}
255
256int
257fsop_statfs(vfs_t *vfsp, statvfs64_t *sp)
258{
259	return (*(vfsp)->vfs_op->vfs_statvfs)(vfsp, sp);
260}
261
262int
263fsop_sync(vfs_t *vfsp, short flag, cred_t *cr)
264{
265	return (*(vfsp)->vfs_op->vfs_sync)(vfsp, flag, cr);
266}
267
268int
269fsop_vget(vfs_t *vfsp, vnode_t **vpp, fid_t *fidp)
270{
271	/*
272	 * In order to handle system attribute fids in a manner
273	 * transparent to the underlying fs, we embed the fid for
274	 * the sysattr parent object in the sysattr fid and tack on
275	 * some extra bytes that only the sysattr layer knows about.
276	 *
277	 * This guarantees that sysattr fids are larger than other fids
278	 * for this vfs. If the vfs supports the sysattr view interface
279	 * (as indicated by VFSFT_SYSATTR_VIEWS), we cannot have a size
280	 * collision with XATTR_FIDSZ.
281	 */
282	if (vfs_has_feature(vfsp, VFSFT_SYSATTR_VIEWS) &&
283	    fidp->fid_len == XATTR_FIDSZ)
284		return (xattr_dir_vget(vfsp, vpp, fidp));
285
286	return (*(vfsp)->vfs_op->vfs_vget)(vfsp, vpp, fidp);
287}
288
289int
290fsop_mountroot(vfs_t *vfsp, enum whymountroot reason)
291{
292	return (*(vfsp)->vfs_op->vfs_mountroot)(vfsp, reason);
293}
294
295void
296fsop_freefs(vfs_t *vfsp)
297{
298	(*(vfsp)->vfs_op->vfs_freevfs)(vfsp);
299}
300
301int
302fsop_vnstate(vfs_t *vfsp, vnode_t *vp, vntrans_t nstate)
303{
304	return ((*(vfsp)->vfs_op->vfs_vnstate)(vfsp, vp, nstate));
305}
306
307int
308fsop_sync_by_kind(int fstype, short flag, cred_t *cr)
309{
310	ASSERT((fstype >= 0) && (fstype < nfstype));
311
312	if (ALLOCATED_VFSSW(&vfssw[fstype]) && VFS_INSTALLED(&vfssw[fstype]))
313		return (*vfssw[fstype].vsw_vfsops.vfs_sync) (NULL, flag, cr);
314	else
315		return (ENOTSUP);
316}
317
318/*
319 * File system initialization.  vfs_setfsops() must be called from a file
320 * system's init routine.
321 */
322
323static int
324fs_copyfsops(const fs_operation_def_t *template, vfsops_t *actual,
325    int *unused_ops)
326{
327	static const fs_operation_trans_def_t vfs_ops_table[] = {
328		VFSNAME_MOUNT, offsetof(vfsops_t, vfs_mount),
329			fs_nosys, fs_nosys,
330
331		VFSNAME_UNMOUNT, offsetof(vfsops_t, vfs_unmount),
332			fs_nosys, fs_nosys,
333
334		VFSNAME_ROOT, offsetof(vfsops_t, vfs_root),
335			fs_nosys, fs_nosys,
336
337		VFSNAME_STATVFS, offsetof(vfsops_t, vfs_statvfs),
338			fs_nosys, fs_nosys,
339
340		VFSNAME_SYNC, offsetof(vfsops_t, vfs_sync),
341			(fs_generic_func_p) fs_sync,
342			(fs_generic_func_p) fs_sync,	/* No errors allowed */
343
344		VFSNAME_VGET, offsetof(vfsops_t, vfs_vget),
345			fs_nosys, fs_nosys,
346
347		VFSNAME_MOUNTROOT, offsetof(vfsops_t, vfs_mountroot),
348			fs_nosys, fs_nosys,
349
350		VFSNAME_FREEVFS, offsetof(vfsops_t, vfs_freevfs),
351			(fs_generic_func_p)(uintptr_t)fs_freevfs,
352			/* Shouldn't fail */
353			(fs_generic_func_p)(uintptr_t)fs_freevfs,
354
355		VFSNAME_VNSTATE, offsetof(vfsops_t, vfs_vnstate),
356			(fs_generic_func_p)fs_nosys,
357			(fs_generic_func_p)fs_nosys,
358
359		NULL, 0, NULL, NULL
360	};
361
362	return (fs_build_vector(actual, unused_ops, vfs_ops_table, template));
363}
364
365void
366zfs_boot_init(void)
367{
368	if (strcmp(rootfs.bo_fstype, MNTTYPE_ZFS) == 0)
369		spa_boot_init();
370}
371
372int
373vfs_setfsops(int fstype, const fs_operation_def_t *template, vfsops_t **actual)
374{
375	int error;
376	int unused_ops;
377
378	/*
379	 * Verify that fstype refers to a valid fs.  Note that
380	 * 0 is valid since it's used to set "stray" ops.
381	 */
382	if ((fstype < 0) || (fstype >= nfstype))
383		return (EINVAL);
384
385	if (!ALLOCATED_VFSSW(&vfssw[fstype]))
386		return (EINVAL);
387
388	/* Set up the operations vector. */
389
390	error = fs_copyfsops(template, &vfssw[fstype].vsw_vfsops, &unused_ops);
391
392	if (error != 0)
393		return (error);
394
395	vfssw[fstype].vsw_flag |= VSW_INSTALLED;
396
397	if (actual != NULL)
398		*actual = &vfssw[fstype].vsw_vfsops;
399
400#if DEBUG
401	if (unused_ops != 0)
402		cmn_err(CE_WARN, "vfs_setfsops: %s: %d operations supplied "
403		    "but not used", vfssw[fstype].vsw_name, unused_ops);
404#endif
405
406	return (0);
407}
408
409int
410vfs_makefsops(const fs_operation_def_t *template, vfsops_t **actual)
411{
412	int error;
413	int unused_ops;
414
415	*actual = (vfsops_t *)kmem_alloc(sizeof (vfsops_t), KM_SLEEP);
416
417	error = fs_copyfsops(template, *actual, &unused_ops);
418	if (error != 0) {
419		kmem_free(*actual, sizeof (vfsops_t));
420		*actual = NULL;
421		return (error);
422	}
423
424	return (0);
425}
426
427/*
428 * Free a vfsops structure created as a result of vfs_makefsops().
429 * NOTE: For a vfsops structure initialized by vfs_setfsops(), use
430 * vfs_freevfsops_by_type().
431 */
432void
433vfs_freevfsops(vfsops_t *vfsops)
434{
435	kmem_free(vfsops, sizeof (vfsops_t));
436}
437
438/*
439 * Since the vfsops structure is part of the vfssw table and wasn't
440 * really allocated, we're not really freeing anything.  We keep
441 * the name for consistency with vfs_freevfsops().  We do, however,
442 * need to take care of a little bookkeeping.
443 * NOTE: For a vfsops structure created by vfs_setfsops(), use
444 * vfs_freevfsops_by_type().
445 */
446int
447vfs_freevfsops_by_type(int fstype)
448{
449
450	/* Verify that fstype refers to a loaded fs (and not fsid 0). */
451	if ((fstype <= 0) || (fstype >= nfstype))
452		return (EINVAL);
453
454	WLOCK_VFSSW();
455	if ((vfssw[fstype].vsw_flag & VSW_INSTALLED) == 0) {
456		WUNLOCK_VFSSW();
457		return (EINVAL);
458	}
459
460	vfssw[fstype].vsw_flag &= ~VSW_INSTALLED;
461	WUNLOCK_VFSSW();
462
463	return (0);
464}
465
466/* Support routines used to reference vfs_op */
467
468/* Set the operations vector for a vfs */
469void
470vfs_setops(vfs_t *vfsp, vfsops_t *vfsops)
471{
472	vfsops_t	*op;
473
474	ASSERT(vfsp != NULL);
475	ASSERT(vfsops != NULL);
476
477	op = vfsp->vfs_op;
478	membar_consumer();
479	if (vfsp->vfs_femhead == NULL &&
480	    atomic_cas_ptr(&vfsp->vfs_op, op, vfsops) == op) {
481		return;
482	}
483	fsem_setvfsops(vfsp, vfsops);
484}
485
486/* Retrieve the operations vector for a vfs */
487vfsops_t *
488vfs_getops(vfs_t *vfsp)
489{
490	vfsops_t	*op;
491
492	ASSERT(vfsp != NULL);
493
494	op = vfsp->vfs_op;
495	membar_consumer();
496	if (vfsp->vfs_femhead == NULL && op == vfsp->vfs_op) {
497		return (op);
498	} else {
499		return (fsem_getvfsops(vfsp));
500	}
501}
502
503/*
504 * Returns non-zero (1) if the vfsops matches that of the vfs.
505 * Returns zero (0) if not.
506 */
507int
508vfs_matchops(vfs_t *vfsp, vfsops_t *vfsops)
509{
510	return (vfs_getops(vfsp) == vfsops);
511}
512
513/*
514 * Returns non-zero (1) if the file system has installed a non-default,
515 * non-error vfs_sync routine.  Returns zero (0) otherwise.
516 */
517int
518vfs_can_sync(vfs_t *vfsp)
519{
520	/* vfs_sync() routine is not the default/error function */
521	return (vfs_getops(vfsp)->vfs_sync != fs_sync);
522}
523
524/*
525 * Initialize a vfs structure.
526 */
527void
528vfs_init(vfs_t *vfsp, vfsops_t *op, void *data)
529{
530	/* Other initialization has been moved to vfs_alloc() */
531	vfsp->vfs_count = 0;
532	vfsp->vfs_next = vfsp;
533	vfsp->vfs_prev = vfsp;
534	vfsp->vfs_zone_next = vfsp;
535	vfsp->vfs_zone_prev = vfsp;
536	vfsp->vfs_lofi_id = 0;
537	sema_init(&vfsp->vfs_reflock, 1, NULL, SEMA_DEFAULT, NULL);
538	vfsimpl_setup(vfsp);
539	vfsp->vfs_data = (data);
540	vfs_setops((vfsp), (op));
541}
542
543/*
544 * Allocate and initialize the vfs implementation private data
545 * structure, vfs_impl_t.
546 */
547void
548vfsimpl_setup(vfs_t *vfsp)
549{
550	int i;
551
552	if (vfsp->vfs_implp != NULL) {
553		return;
554	}
555
556	vfsp->vfs_implp = kmem_alloc(sizeof (vfs_impl_t), KM_SLEEP);
557	/* Note that these are #define'd in vfs.h */
558	vfsp->vfs_vskap = NULL;
559	vfsp->vfs_fstypevsp = NULL;
560
561	/* Set size of counted array, then zero the array */
562	vfsp->vfs_featureset[0] = VFS_FEATURE_MAXSZ - 1;
563	for (i = 1; i <  VFS_FEATURE_MAXSZ; i++) {
564		vfsp->vfs_featureset[i] = 0;
565	}
566}
567
568/*
569 * Release the vfs_impl_t structure, if it exists. Some unbundled
570 * filesystems may not use the newer version of vfs and thus
571 * would not contain this implementation private data structure.
572 */
573void
574vfsimpl_teardown(vfs_t *vfsp)
575{
576	vfs_impl_t	*vip = vfsp->vfs_implp;
577
578	if (vip == NULL)
579		return;
580
581	kmem_free(vfsp->vfs_implp, sizeof (vfs_impl_t));
582	vfsp->vfs_implp = NULL;
583}
584
585/*
586 * VFS system calls: mount, umount, syssync, statfs, fstatfs, statvfs,
587 * fstatvfs, and sysfs moved to common/syscall.
588 */
589
590/*
591 * Update every mounted file system.  We call the vfs_sync operation of
592 * each file system type, passing it a NULL vfsp to indicate that all
593 * mounted file systems of that type should be updated.
594 */
595void
596vfs_sync(int flag)
597{
598	struct vfssw *vswp;
599	RLOCK_VFSSW();
600	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++) {
601		if (ALLOCATED_VFSSW(vswp) && VFS_INSTALLED(vswp)) {
602			vfs_refvfssw(vswp);
603			RUNLOCK_VFSSW();
604			(void) (*vswp->vsw_vfsops.vfs_sync)(NULL, flag,
605			    CRED());
606			vfs_unrefvfssw(vswp);
607			RLOCK_VFSSW();
608		}
609	}
610	RUNLOCK_VFSSW();
611}
612
613void
614sync(void)
615{
616	vfs_sync(0);
617}
618
619/*
620 * External routines.
621 */
622
623krwlock_t vfssw_lock;	/* lock accesses to vfssw */
624
625/*
626 * Lock for accessing the vfs linked list.  Initialized in vfs_mountroot(),
627 * but otherwise should be accessed only via vfs_list_lock() and
628 * vfs_list_unlock().  Also used to protect the timestamp for mods to the list.
629 */
630static krwlock_t vfslist;
631
632/*
633 * Mount devfs on /devices. This is done right after root is mounted
634 * to provide device access support for the system
635 */
636static void
637vfs_mountdevices(void)
638{
639	struct vfssw *vsw;
640	struct vnode *mvp;
641	struct mounta mounta = {	/* fake mounta for devfs_mount() */
642		NULL,
643		NULL,
644		MS_SYSSPACE,
645		NULL,
646		NULL,
647		0,
648		NULL,
649		0
650	};
651
652	/*
653	 * _init devfs module to fill in the vfssw
654	 */
655	if (modload("fs", "devfs") == -1)
656		panic("Cannot _init devfs module");
657
658	/*
659	 * Hold vfs
660	 */
661	RLOCK_VFSSW();
662	vsw = vfs_getvfsswbyname("devfs");
663	VFS_INIT(&devices, &vsw->vsw_vfsops, NULL);
664	VFS_HOLD(&devices);
665
666	/*
667	 * Locate mount point
668	 */
669	if (lookupname("/devices", UIO_SYSSPACE, FOLLOW, NULLVPP, &mvp))
670		panic("Cannot find /devices");
671
672	/*
673	 * Perform the mount of /devices
674	 */
675	if (VFS_MOUNT(&devices, mvp, &mounta, CRED()))
676		panic("Cannot mount /devices");
677
678	RUNLOCK_VFSSW();
679
680	/*
681	 * Set appropriate members and add to vfs list for mnttab display
682	 */
683	vfs_setresource(&devices, "/devices", 0);
684	vfs_setmntpoint(&devices, "/devices", 0);
685
686	/*
687	 * Hold the root of /devices so it won't go away
688	 */
689	if (VFS_ROOT(&devices, &devicesdir))
690		panic("vfs_mountdevices: not devices root");
691
692	if (vfs_lock(&devices) != 0) {
693		VN_RELE(devicesdir);
694		cmn_err(CE_NOTE, "Cannot acquire vfs_lock of /devices");
695		return;
696	}
697
698	if (vn_vfswlock(mvp) != 0) {
699		vfs_unlock(&devices);
700		VN_RELE(devicesdir);
701		cmn_err(CE_NOTE, "Cannot acquire vfswlock of /devices");
702		return;
703	}
704
705	vfs_add(mvp, &devices, 0);
706	vn_vfsunlock(mvp);
707	vfs_unlock(&devices);
708	VN_RELE(devicesdir);
709}
710
711/*
712 * mount the first instance of /dev  to root and remain mounted
713 */
714static void
715vfs_mountdev1(void)
716{
717	struct vfssw *vsw;
718	struct vnode *mvp;
719	struct mounta mounta = {	/* fake mounta for sdev_mount() */
720		NULL,
721		NULL,
722		MS_SYSSPACE | MS_OVERLAY,
723		NULL,
724		NULL,
725		0,
726		NULL,
727		0
728	};
729
730	/*
731	 * _init dev module to fill in the vfssw
732	 */
733	if (modload("fs", "dev") == -1)
734		cmn_err(CE_PANIC, "Cannot _init dev module\n");
735
736	/*
737	 * Hold vfs
738	 */
739	RLOCK_VFSSW();
740	vsw = vfs_getvfsswbyname("dev");
741	VFS_INIT(&dev, &vsw->vsw_vfsops, NULL);
742	VFS_HOLD(&dev);
743
744	/*
745	 * Locate mount point
746	 */
747	if (lookupname("/dev", UIO_SYSSPACE, FOLLOW, NULLVPP, &mvp))
748		cmn_err(CE_PANIC, "Cannot find /dev\n");
749
750	/*
751	 * Perform the mount of /dev
752	 */
753	if (VFS_MOUNT(&dev, mvp, &mounta, CRED()))
754		cmn_err(CE_PANIC, "Cannot mount /dev 1\n");
755
756	RUNLOCK_VFSSW();
757
758	/*
759	 * Set appropriate members and add to vfs list for mnttab display
760	 */
761	vfs_setresource(&dev, "/dev", 0);
762	vfs_setmntpoint(&dev, "/dev", 0);
763
764	/*
765	 * Hold the root of /dev so it won't go away
766	 */
767	if (VFS_ROOT(&dev, &devdir))
768		cmn_err(CE_PANIC, "vfs_mountdev1: not dev root");
769
770	if (vfs_lock(&dev) != 0) {
771		VN_RELE(devdir);
772		cmn_err(CE_NOTE, "Cannot acquire vfs_lock of /dev");
773		return;
774	}
775
776	if (vn_vfswlock(mvp) != 0) {
777		vfs_unlock(&dev);
778		VN_RELE(devdir);
779		cmn_err(CE_NOTE, "Cannot acquire vfswlock of /dev");
780		return;
781	}
782
783	vfs_add(mvp, &dev, 0);
784	vn_vfsunlock(mvp);
785	vfs_unlock(&dev);
786	VN_RELE(devdir);
787}
788
789/*
790 * Mount required filesystem. This is done right after root is mounted.
791 */
792static void
793vfs_mountfs(char *module, char *spec, char *path)
794{
795	struct vnode *mvp;
796	struct mounta mounta;
797	vfs_t *vfsp;
798
799	bzero(&mounta, sizeof (mounta));
800	mounta.flags = MS_SYSSPACE | MS_DATA;
801	mounta.fstype = module;
802	mounta.spec = spec;
803	mounta.dir = path;
804	if (lookupname(path, UIO_SYSSPACE, FOLLOW, NULLVPP, &mvp)) {
805		cmn_err(CE_WARN, "Cannot find %s", path);
806		return;
807	}
808	if (domount(NULL, &mounta, mvp, CRED(), &vfsp))
809		cmn_err(CE_WARN, "Cannot mount %s", path);
810	else
811		VFS_RELE(vfsp);
812	VN_RELE(mvp);
813}
814
815/*
816 * vfs_mountroot is called by main() to mount the root filesystem.
817 */
818void
819vfs_mountroot(void)
820{
821	struct vnode	*rvp = NULL;
822	char		*path;
823	size_t		plen;
824	struct vfssw	*vswp;
825	proc_t		*p;
826
827	rw_init(&vfssw_lock, NULL, RW_DEFAULT, NULL);
828	rw_init(&vfslist, NULL, RW_DEFAULT, NULL);
829
830	/*
831	 * Alloc the vfs hash bucket array and locks
832	 */
833	rvfs_list = kmem_zalloc(vfshsz * sizeof (rvfs_t), KM_SLEEP);
834
835	/*
836	 * Call machine-dependent routine "rootconf" to choose a root
837	 * file system type.
838	 */
839	if (rootconf())
840		panic("vfs_mountroot: cannot mount root");
841	/*
842	 * Get vnode for '/'.  Set up rootdir, u.u_rdir and u.u_cdir
843	 * to point to it.  These are used by lookuppn() so that it
844	 * knows where to start from ('/' or '.').
845	 */
846	vfs_setmntpoint(rootvfs, "/", 0);
847	if (VFS_ROOT(rootvfs, &rootdir))
848		panic("vfs_mountroot: no root vnode");
849
850	/*
851	 * At this point, the process tree consists of p0 and possibly some
852	 * direct children of p0.  (i.e. there are no grandchildren)
853	 *
854	 * Walk through them all, setting their current directory.
855	 */
856	mutex_enter(&pidlock);
857	for (p = practive; p != NULL; p = p->p_next) {
858		ASSERT(p == &p0 || p->p_parent == &p0);
859
860		PTOU(p)->u_cdir = rootdir;
861		VN_HOLD(PTOU(p)->u_cdir);
862		PTOU(p)->u_rdir = NULL;
863	}
864	mutex_exit(&pidlock);
865
866	/*
867	 * Setup the global zone's rootvp, now that it exists.
868	 */
869	global_zone->zone_rootvp = rootdir;
870	VN_HOLD(global_zone->zone_rootvp);
871
872	/*
873	 * Notify the module code that it can begin using the
874	 * root filesystem instead of the boot program's services.
875	 */
876	modrootloaded = 1;
877
878	/*
879	 * Special handling for a ZFS root file system.
880	 */
881	zfs_boot_init();
882
883	/*
884	 * Set up mnttab information for root
885	 */
886	vfs_setresource(rootvfs, rootfs.bo_name, 0);
887
888	/*
889	 * Notify cluster software that the root filesystem is available.
890	 */
891	clboot_mountroot();
892
893	/* Now that we're all done with the root FS, set up its vopstats */
894	if ((vswp = vfs_getvfsswbyvfsops(vfs_getops(rootvfs))) != NULL) {
895		/* Set flag for statistics collection */
896		if (vswp->vsw_flag & VSW_STATS) {
897			initialize_vopstats(&rootvfs->vfs_vopstats);
898			rootvfs->vfs_flag |= VFS_STATS;
899			rootvfs->vfs_fstypevsp =
900			    get_fstype_vopstats(rootvfs, vswp);
901			rootvfs->vfs_vskap = get_vskstat_anchor(rootvfs);
902		}
903		vfs_unrefvfssw(vswp);
904	}
905
906	/*
907	 * Mount /devices, /dev instance 1, /system/contract, /etc/mnttab,
908	 * /etc/svc/volatile, /etc/dfs/sharetab, /system/object, and /proc.
909	 */
910	vfs_mountdevices();
911	vfs_mountdev1();
912
913	vfs_mountfs("ctfs", "ctfs", CTFS_ROOT);
914	vfs_mountfs("proc", "/proc", "/proc");
915	vfs_mountfs("mntfs", "/etc/mnttab", "/etc/mnttab");
916	vfs_mountfs("tmpfs", "/etc/svc/volatile", "/etc/svc/volatile");
917	vfs_mountfs("objfs", "objfs", OBJFS_ROOT);
918	vfs_mountfs("bootfs", "bootfs", "/system/boot");
919
920	if (getzoneid() == GLOBAL_ZONEID) {
921		vfs_mountfs("sharefs", "sharefs", "/etc/dfs/sharetab");
922	}
923
924	if (strcmp(rootfs.bo_fstype, "zfs") != 0) {
925		/*
926		 * Look up the root device via devfs so that a dv_node is
927		 * created for it. The vnode is never VN_RELE()ed.
928		 * We allocate more than MAXPATHLEN so that the
929		 * buffer passed to i_ddi_prompath_to_devfspath() is
930		 * exactly MAXPATHLEN (the function expects a buffer
931		 * of that length).
932		 */
933		plen = strlen("/devices");
934		path = kmem_alloc(plen + MAXPATHLEN, KM_SLEEP);
935		(void) strcpy(path, "/devices");
936
937		if (i_ddi_prompath_to_devfspath(rootfs.bo_name, path + plen)
938		    != DDI_SUCCESS ||
939		    lookupname(path, UIO_SYSSPACE, FOLLOW, NULLVPP, &rvp)) {
940
941			/* NUL terminate in case "path" has garbage */
942			path[plen + MAXPATHLEN - 1] = '\0';
943#ifdef	DEBUG
944			cmn_err(CE_WARN, "!Cannot lookup root device: %s",
945			    path);
946#endif
947		}
948		kmem_free(path, plen + MAXPATHLEN);
949	}
950
951	vfs_mnttabvp_setup();
952}
953
954/*
955 * Check to see if our "block device" is actually a file.  If so,
956 * automatically add a lofi device, and keep track of this fact.
957 */
958static int
959lofi_add(const char *fsname, struct vfs *vfsp,
960    mntopts_t *mntopts, struct mounta *uap)
961{
962	int fromspace = (uap->flags & MS_SYSSPACE) ?
963	    UIO_SYSSPACE : UIO_USERSPACE;
964	struct lofi_ioctl *li = NULL;
965	struct vnode *vp = NULL;
966	struct pathname	pn = { NULL };
967	ldi_ident_t ldi_id;
968	ldi_handle_t ldi_hdl;
969	vfssw_t *vfssw;
970	int id;
971	int err = 0;
972
973	if ((vfssw = vfs_getvfssw(fsname)) == NULL)
974		return (0);
975
976	if (!(vfssw->vsw_flag & VSW_CANLOFI)) {
977		vfs_unrefvfssw(vfssw);
978		return (0);
979	}
980
981	vfs_unrefvfssw(vfssw);
982	vfssw = NULL;
983
984	if (pn_get(uap->spec, fromspace, &pn) != 0)
985		return (0);
986
987	if (lookupname(uap->spec, fromspace, FOLLOW, NULL, &vp) != 0)
988		goto out;
989
990	if (vp->v_type != VREG)
991		goto out;
992
993	/* OK, this is a lofi mount. */
994
995	if ((uap->flags & (MS_REMOUNT|MS_GLOBAL)) ||
996	    vfs_optionisset_nolock(mntopts, MNTOPT_SUID, NULL) ||
997	    vfs_optionisset_nolock(mntopts, MNTOPT_SETUID, NULL) ||
998	    vfs_optionisset_nolock(mntopts, MNTOPT_DEVICES, NULL)) {
999		err = EINVAL;
1000		goto out;
1001	}
1002
1003	ldi_id = ldi_ident_from_anon();
1004	li = kmem_zalloc(sizeof (*li), KM_SLEEP);
1005	(void) strlcpy(li->li_filename, pn.pn_path, MAXPATHLEN);
1006
1007	err = ldi_open_by_name("/dev/lofictl", FREAD | FWRITE, kcred,
1008	    &ldi_hdl, ldi_id);
1009
1010	if (err)
1011		goto out2;
1012
1013	err = ldi_ioctl(ldi_hdl, LOFI_MAP_FILE, (intptr_t)li,
1014	    FREAD | FWRITE | FKIOCTL, kcred, &id);
1015
1016	(void) ldi_close(ldi_hdl, FREAD | FWRITE, kcred);
1017
1018	if (!err)
1019		vfsp->vfs_lofi_id = id;
1020
1021out2:
1022	ldi_ident_release(ldi_id);
1023out:
1024	if (li != NULL)
1025		kmem_free(li, sizeof (*li));
1026	if (vp != NULL)
1027		VN_RELE(vp);
1028	pn_free(&pn);
1029	return (err);
1030}
1031
1032static void
1033lofi_remove(struct vfs *vfsp)
1034{
1035	struct lofi_ioctl *li;
1036	ldi_ident_t ldi_id;
1037	ldi_handle_t ldi_hdl;
1038	int err;
1039
1040	if (vfsp->vfs_lofi_id == 0)
1041		return;
1042
1043	ldi_id = ldi_ident_from_anon();
1044
1045	li = kmem_zalloc(sizeof (*li), KM_SLEEP);
1046	li->li_id = vfsp->vfs_lofi_id;
1047	li->li_cleanup = B_TRUE;
1048
1049	err = ldi_open_by_name("/dev/lofictl", FREAD | FWRITE, kcred,
1050	    &ldi_hdl, ldi_id);
1051
1052	if (err)
1053		goto out;
1054
1055	err = ldi_ioctl(ldi_hdl, LOFI_UNMAP_FILE_MINOR, (intptr_t)li,
1056	    FREAD | FWRITE | FKIOCTL, kcred, NULL);
1057
1058	(void) ldi_close(ldi_hdl, FREAD | FWRITE, kcred);
1059
1060	if (!err)
1061		vfsp->vfs_lofi_id = 0;
1062
1063out:
1064	ldi_ident_release(ldi_id);
1065	kmem_free(li, sizeof (*li));
1066}
1067
1068/*
1069 * Common mount code.  Called from the system call entry point, from autofs,
1070 * nfsv4 trigger mounts, and from pxfs.
1071 *
1072 * Takes the effective file system type, mount arguments, the mount point
1073 * vnode, flags specifying whether the mount is a remount and whether it
1074 * should be entered into the vfs list, and credentials.  Fills in its vfspp
1075 * parameter with the mounted file system instance's vfs.
1076 *
1077 * Note that the effective file system type is specified as a string.  It may
1078 * be null, in which case it's determined from the mount arguments, and may
1079 * differ from the type specified in the mount arguments; this is a hook to
1080 * allow interposition when instantiating file system instances.
1081 *
1082 * The caller is responsible for releasing its own hold on the mount point
1083 * vp (this routine does its own hold when necessary).
1084 * Also note that for remounts, the mount point vp should be the vnode for
1085 * the root of the file system rather than the vnode that the file system
1086 * is mounted on top of.
1087 */
1088int
1089domount(char *fsname, struct mounta *uap, vnode_t *vp, struct cred *credp,
1090    struct vfs **vfspp)
1091{
1092	struct vfssw	*vswp;
1093	vfsops_t	*vfsops;
1094	struct vfs	*vfsp;
1095	struct vnode	*bvp;
1096	dev_t		bdev = 0;
1097	mntopts_t	mnt_mntopts;
1098	int		error = 0;
1099	int		copyout_error = 0;
1100	int		ovflags;
1101	char		*opts = uap->optptr;
1102	char		*inargs = opts;
1103	int		optlen = uap->optlen;
1104	int		remount;
1105	int		rdonly;
1106	int		nbmand = 0;
1107	int		delmip = 0;
1108	int		addmip = 0;
1109	int		splice = ((uap->flags & MS_NOSPLICE) == 0);
1110	int		fromspace = (uap->flags & MS_SYSSPACE) ?
1111	    UIO_SYSSPACE : UIO_USERSPACE;
1112	char		*resource = NULL, *mountpt = NULL;
1113	refstr_t	*oldresource, *oldmntpt;
1114	struct pathname	pn, rpn;
1115	vsk_anchor_t	*vskap;
1116	char fstname[FSTYPSZ];
1117	zone_t		*zone;
1118
1119	/*
1120	 * The v_flag value for the mount point vp is permanently set
1121	 * to VVFSLOCK so that no one bypasses the vn_vfs*locks routine
1122	 * for mount point locking.
1123	 */
1124	mutex_enter(&vp->v_lock);
1125	vp->v_flag |= VVFSLOCK;
1126	mutex_exit(&vp->v_lock);
1127
1128	mnt_mntopts.mo_count = 0;
1129	/*
1130	 * Find the ops vector to use to invoke the file system-specific mount
1131	 * method.  If the fsname argument is non-NULL, use it directly.
1132	 * Otherwise, dig the file system type information out of the mount
1133	 * arguments.
1134	 *
1135	 * A side effect is to hold the vfssw entry.
1136	 *
1137	 * Mount arguments can be specified in several ways, which are
1138	 * distinguished by flag bit settings.  The preferred way is to set
1139	 * MS_OPTIONSTR, indicating an 8 argument mount with the file system
1140	 * type supplied as a character string and the last two arguments
1141	 * being a pointer to a character buffer and the size of the buffer.
1142	 * On entry, the buffer holds a null terminated list of options; on
1143	 * return, the string is the list of options the file system
1144	 * recognized. If MS_DATA is set arguments five and six point to a
1145	 * block of binary data which the file system interprets.
1146	 * A further wrinkle is that some callers don't set MS_FSS and MS_DATA
1147	 * consistently with these conventions.  To handle them, we check to
1148	 * see whether the pointer to the file system name has a numeric value
1149	 * less than 256.  If so, we treat it as an index.
1150	 */
1151	if (fsname != NULL) {
1152		if ((vswp = vfs_getvfssw(fsname)) == NULL) {
1153			return (EINVAL);
1154		}
1155	} else if (uap->flags & (MS_OPTIONSTR | MS_DATA | MS_FSS)) {
1156		size_t n;
1157		uint_t fstype;
1158
1159		fsname = fstname;
1160
1161		if ((fstype = (uintptr_t)uap->fstype) < 256) {
1162			RLOCK_VFSSW();
1163			if (fstype == 0 || fstype >= nfstype ||
1164			    !ALLOCATED_VFSSW(&vfssw[fstype])) {
1165				RUNLOCK_VFSSW();
1166				return (EINVAL);
1167			}
1168			(void) strcpy(fsname, vfssw[fstype].vsw_name);
1169			RUNLOCK_VFSSW();
1170			if ((vswp = vfs_getvfssw(fsname)) == NULL)
1171				return (EINVAL);
1172		} else {
1173			/*
1174			 * Handle either kernel or user address space.
1175			 */
1176			if (uap->flags & MS_SYSSPACE) {
1177				error = copystr(uap->fstype, fsname,
1178				    FSTYPSZ, &n);
1179			} else {
1180				error = copyinstr(uap->fstype, fsname,
1181				    FSTYPSZ, &n);
1182			}
1183			if (error) {
1184				if (error == ENAMETOOLONG)
1185					return (EINVAL);
1186				return (error);
1187			}
1188			if ((vswp = vfs_getvfssw(fsname)) == NULL)
1189				return (EINVAL);
1190		}
1191	} else {
1192		if ((vswp = vfs_getvfsswbyvfsops(vfs_getops(rootvfs))) == NULL)
1193			return (EINVAL);
1194		fsname = vswp->vsw_name;
1195	}
1196	if (!VFS_INSTALLED(vswp))
1197		return (EINVAL);
1198
1199	if ((error = secpolicy_fs_allowed_mount(fsname)) != 0)  {
1200		vfs_unrefvfssw(vswp);
1201		return (error);
1202	}
1203
1204	vfsops = &vswp->vsw_vfsops;
1205
1206	vfs_copyopttbl(&vswp->vsw_optproto, &mnt_mntopts);
1207	/*
1208	 * Fetch mount options and parse them for generic vfs options
1209	 */
1210	if (uap->flags & MS_OPTIONSTR) {
1211		/*
1212		 * Limit the buffer size
1213		 */
1214		if (optlen < 0 || optlen > MAX_MNTOPT_STR) {
1215			error = EINVAL;
1216			goto errout;
1217		}
1218		if ((uap->flags & MS_SYSSPACE) == 0) {
1219			inargs = kmem_alloc(MAX_MNTOPT_STR, KM_SLEEP);
1220			inargs[0] = '\0';
1221			if (optlen) {
1222				error = copyinstr(opts, inargs, (size_t)optlen,
1223				    NULL);
1224				if (error) {
1225					goto errout;
1226				}
1227			}
1228		}
1229		vfs_parsemntopts(&mnt_mntopts, inargs, 0);
1230	}
1231	/*
1232	 * Flag bits override the options string.
1233	 */
1234	if (uap->flags & MS_REMOUNT)
1235		vfs_setmntopt_nolock(&mnt_mntopts, MNTOPT_REMOUNT, NULL, 0, 0);
1236	if (uap->flags & MS_RDONLY)
1237		vfs_setmntopt_nolock(&mnt_mntopts, MNTOPT_RO, NULL, 0, 0);
1238	if (uap->flags & MS_NOSUID)
1239		vfs_setmntopt_nolock(&mnt_mntopts, MNTOPT_NOSUID, NULL, 0, 0);
1240
1241	/*
1242	 * Check if this is a remount; must be set in the option string and
1243	 * the file system must support a remount option.
1244	 */
1245	if (remount = vfs_optionisset_nolock(&mnt_mntopts,
1246	    MNTOPT_REMOUNT, NULL)) {
1247		if (!(vswp->vsw_flag & VSW_CANREMOUNT)) {
1248			error = ENOTSUP;
1249			goto errout;
1250		}
1251		uap->flags |= MS_REMOUNT;
1252	}
1253
1254	/*
1255	 * uap->flags and vfs_optionisset() should agree.
1256	 */
1257	if (rdonly = vfs_optionisset_nolock(&mnt_mntopts, MNTOPT_RO, NULL)) {
1258		uap->flags |= MS_RDONLY;
1259	}
1260	if (vfs_optionisset_nolock(&mnt_mntopts, MNTOPT_NOSUID, NULL)) {
1261		uap->flags |= MS_NOSUID;
1262	}
1263	nbmand = vfs_optionisset_nolock(&mnt_mntopts, MNTOPT_NBMAND, NULL);
1264	ASSERT(splice || !remount);
1265	/*
1266	 * If we are splicing the fs into the namespace,
1267	 * perform mount point checks.
1268	 *
1269	 * We want to resolve the path for the mount point to eliminate
1270	 * '.' and ".." and symlinks in mount points; we can't do the
1271	 * same for the resource string, since it would turn
1272	 * "/dev/dsk/c0t0d0s0" into "/devices/pci@...".  We need to do
1273	 * this before grabbing vn_vfswlock(), because otherwise we
1274	 * would deadlock with lookuppn().
1275	 */
1276	if (splice) {
1277		ASSERT(vp->v_count > 0);
1278
1279		/*
1280		 * Pick up mount point and device from appropriate space.
1281		 */
1282		if (pn_get(uap->spec, fromspace, &pn) == 0) {
1283			resource = kmem_alloc(pn.pn_pathlen + 1,
1284			    KM_SLEEP);
1285			(void) strcpy(resource, pn.pn_path);
1286			pn_free(&pn);
1287		}
1288		/*
1289		 * Do a lookupname prior to taking the
1290		 * writelock. Mark this as completed if
1291		 * successful for later cleanup and addition to
1292		 * the mount in progress table.
1293		 */
1294		if ((vswp->vsw_flag & VSW_MOUNTDEV) &&
1295		    (uap->flags & MS_GLOBAL) == 0 &&
1296		    lookupname(uap->spec, fromspace,
1297		    FOLLOW, NULL, &bvp) == 0) {
1298			addmip = 1;
1299		}
1300
1301		if ((error = pn_get(uap->dir, fromspace, &pn)) == 0) {
1302			pathname_t *pnp;
1303
1304			if (*pn.pn_path != '/') {
1305				error = EINVAL;
1306				pn_free(&pn);
1307				goto errout;
1308			}
1309			pn_alloc(&rpn);
1310			/*
1311			 * Kludge to prevent autofs from deadlocking with
1312			 * itself when it calls domount().
1313			 *
1314			 * If autofs is calling, it is because it is doing
1315			 * (autofs) mounts in the process of an NFS mount.  A
1316			 * lookuppn() here would cause us to block waiting for
1317			 * said NFS mount to complete, which can't since this
1318			 * is the thread that was supposed to doing it.
1319			 */
1320			if (fromspace == UIO_USERSPACE) {
1321				if ((error = lookuppn(&pn, &rpn, FOLLOW, NULL,
1322				    NULL)) == 0) {
1323					pnp = &rpn;
1324				} else {
1325					/*
1326					 * The file disappeared or otherwise
1327					 * became inaccessible since we opened
1328					 * it; might as well fail the mount
1329					 * since the mount point is no longer
1330					 * accessible.
1331					 */
1332					pn_free(&rpn);
1333					pn_free(&pn);
1334					goto errout;
1335				}
1336			} else {
1337				pnp = &pn;
1338			}
1339			mountpt = kmem_alloc(pnp->pn_pathlen + 1, KM_SLEEP);
1340			(void) strcpy(mountpt, pnp->pn_path);
1341
1342			/*
1343			 * If the addition of the zone's rootpath
1344			 * would push us over a total path length
1345			 * of MAXPATHLEN, we fail the mount with
1346			 * ENAMETOOLONG, which is what we would have
1347			 * gotten if we were trying to perform the same
1348			 * mount in the global zone.
1349			 *
1350			 * strlen() doesn't count the trailing
1351			 * '\0', but zone_rootpathlen counts both a
1352			 * trailing '/' and the terminating '\0'.
1353			 */
1354			if ((curproc->p_zone->zone_rootpathlen - 1 +
1355			    strlen(mountpt)) > MAXPATHLEN ||
1356			    (resource != NULL &&
1357			    (curproc->p_zone->zone_rootpathlen - 1 +
1358			    strlen(resource)) > MAXPATHLEN)) {
1359				error = ENAMETOOLONG;
1360			}
1361
1362			pn_free(&rpn);
1363			pn_free(&pn);
1364		}
1365
1366		if (error)
1367			goto errout;
1368
1369		/*
1370		 * Prevent path name resolution from proceeding past
1371		 * the mount point.
1372		 */
1373		if (vn_vfswlock(vp) != 0) {
1374			error = EBUSY;
1375			goto errout;
1376		}
1377
1378		/*
1379		 * Verify that it's legitimate to establish a mount on
1380		 * the prospective mount point.
1381		 */
1382		if (vn_mountedvfs(vp) != NULL) {
1383			/*
1384			 * The mount point lock was obtained after some
1385			 * other thread raced through and established a mount.
1386			 */
1387			vn_vfsunlock(vp);
1388			error = EBUSY;
1389			goto errout;
1390		}
1391		if (vp->v_flag & VNOMOUNT) {
1392			vn_vfsunlock(vp);
1393			error = EINVAL;
1394			goto errout;
1395		}
1396	}
1397	if ((uap->flags & (MS_DATA | MS_OPTIONSTR)) == 0) {
1398		uap->dataptr = NULL;
1399		uap->datalen = 0;
1400	}
1401
1402	/*
1403	 * If this is a remount, we don't want to create a new VFS.
1404	 * Instead, we pass the existing one with a remount flag.
1405	 */
1406	if (remount) {
1407		/*
1408		 * Confirm that the mount point is the root vnode of the
1409		 * file system that is being remounted.
1410		 * This can happen if the user specifies a different
1411		 * mount point directory pathname in the (re)mount command.
1412		 *
1413		 * Code below can only be reached if splice is true, so it's
1414		 * safe to do vn_vfsunlock() here.
1415		 */
1416		if ((vp->v_flag & VROOT) == 0) {
1417			vn_vfsunlock(vp);
1418			error = ENOENT;
1419			goto errout;
1420		}
1421		/*
1422		 * Disallow making file systems read-only unless file system
1423		 * explicitly allows it in its vfssw.  Ignore other flags.
1424		 */
1425		if (rdonly && vn_is_readonly(vp) == 0 &&
1426		    (vswp->vsw_flag & VSW_CANRWRO) == 0) {
1427			vn_vfsunlock(vp);
1428			error = EINVAL;
1429			goto errout;
1430		}
1431		/*
1432		 * Disallow changing the NBMAND disposition of the file
1433		 * system on remounts.
1434		 */
1435		if ((nbmand && ((vp->v_vfsp->vfs_flag & VFS_NBMAND) == 0)) ||
1436		    (!nbmand && (vp->v_vfsp->vfs_flag & VFS_NBMAND))) {
1437			vn_vfsunlock(vp);
1438			error = EINVAL;
1439			goto errout;
1440		}
1441		vfsp = vp->v_vfsp;
1442		ovflags = vfsp->vfs_flag;
1443		vfsp->vfs_flag |= VFS_REMOUNT;
1444		vfsp->vfs_flag &= ~VFS_RDONLY;
1445	} else {
1446		vfsp = vfs_alloc(KM_SLEEP);
1447		VFS_INIT(vfsp, vfsops, NULL);
1448	}
1449
1450	VFS_HOLD(vfsp);
1451
1452	if ((error = lofi_add(fsname, vfsp, &mnt_mntopts, uap)) != 0) {
1453		if (!remount) {
1454			if (splice)
1455				vn_vfsunlock(vp);
1456			vfs_free(vfsp);
1457		} else {
1458			vn_vfsunlock(vp);
1459			VFS_RELE(vfsp);
1460		}
1461		goto errout;
1462	}
1463
1464	/*
1465	 * PRIV_SYS_MOUNT doesn't mean you can become root.
1466	 */
1467	if (vfsp->vfs_lofi_id != 0) {
1468		uap->flags |= MS_NOSUID;
1469		vfs_setmntopt_nolock(&mnt_mntopts, MNTOPT_NOSUID, NULL, 0, 0);
1470	}
1471
1472	/*
1473	 * The vfs_reflock is not used anymore the code below explicitly
1474	 * holds it preventing others accesing it directly.
1475	 */
1476	if ((sema_tryp(&vfsp->vfs_reflock) == 0) &&
1477	    !(vfsp->vfs_flag & VFS_REMOUNT))
1478		cmn_err(CE_WARN,
1479		    "mount type %s couldn't get vfs_reflock", vswp->vsw_name);
1480
1481	/*
1482	 * Lock the vfs. If this is a remount we want to avoid spurious umount
1483	 * failures that happen as a side-effect of fsflush() and other mount
1484	 * and unmount operations that might be going on simultaneously and
1485	 * may have locked the vfs currently. To not return EBUSY immediately
1486	 * here we use vfs_lock_wait() instead vfs_lock() for the remount case.
1487	 */
1488	if (!remount) {
1489		if (error = vfs_lock(vfsp)) {
1490			vfsp->vfs_flag = ovflags;
1491
1492			lofi_remove(vfsp);
1493
1494			if (splice)
1495				vn_vfsunlock(vp);
1496			vfs_free(vfsp);
1497			goto errout;
1498		}
1499	} else {
1500		vfs_lock_wait(vfsp);
1501	}
1502
1503	/*
1504	 * Add device to mount in progress table, global mounts require special
1505	 * handling. It is possible that we have already done the lookupname
1506	 * on a spliced, non-global fs. If so, we don't want to do it again
1507	 * since we cannot do a lookupname after taking the
1508	 * wlock above. This case is for a non-spliced, non-global filesystem.
1509	 */
1510	if (!addmip) {
1511		if ((vswp->vsw_flag & VSW_MOUNTDEV) &&
1512		    (uap->flags & MS_GLOBAL) == 0 &&
1513		    lookupname(uap->spec, fromspace, FOLLOW, NULL, &bvp) == 0) {
1514			addmip = 1;
1515		}
1516	}
1517
1518	if (addmip) {
1519		vnode_t *lvp = NULL;
1520
1521		error = vfs_get_lofi(vfsp, &lvp);
1522		if (error > 0) {
1523			lofi_remove(vfsp);
1524
1525			if (splice)
1526				vn_vfsunlock(vp);
1527			vfs_unlock(vfsp);
1528
1529			if (remount) {
1530				VFS_RELE(vfsp);
1531			} else {
1532				vfs_free(vfsp);
1533			}
1534
1535			goto errout;
1536		} else if (error == -1) {
1537			bdev = bvp->v_rdev;
1538			VN_RELE(bvp);
1539		} else {
1540			bdev = lvp->v_rdev;
1541			VN_RELE(lvp);
1542			VN_RELE(bvp);
1543		}
1544
1545		vfs_addmip(bdev, vfsp);
1546		addmip = 0;
1547		delmip = 1;
1548	}
1549	/*
1550	 * Invalidate cached entry for the mount point.
1551	 */
1552	if (splice)
1553		dnlc_purge_vp(vp);
1554
1555	/*
1556	 * If have an option string but the filesystem doesn't supply a
1557	 * prototype options table, create a table with the global
1558	 * options and sufficient room to accept all the options in the
1559	 * string.  Then parse the passed in option string
1560	 * accepting all the options in the string.  This gives us an
1561	 * option table with all the proper cancel properties for the
1562	 * global options.
1563	 *
1564	 * Filesystems that supply a prototype options table are handled
1565	 * earlier in this function.
1566	 */
1567	if (uap->flags & MS_OPTIONSTR) {
1568		if (!(vswp->vsw_flag & VSW_HASPROTO)) {
1569			mntopts_t tmp_mntopts;
1570
1571			tmp_mntopts.mo_count = 0;
1572			vfs_createopttbl_extend(&tmp_mntopts, inargs,
1573			    &mnt_mntopts);
1574			vfs_parsemntopts(&tmp_mntopts, inargs, 1);
1575			vfs_swapopttbl_nolock(&mnt_mntopts, &tmp_mntopts);
1576			vfs_freeopttbl(&tmp_mntopts);
1577		}
1578	}
1579
1580	/*
1581	 * Serialize with zone state transitions.
1582	 * See vfs_list_add; zone mounted into is:
1583	 *	zone_find_by_path(refstr_value(vfsp->vfs_mntpt))
1584	 * not the zone doing the mount (curproc->p_zone), but if we're already
1585	 * inside a NGZ, then we know what zone we are.
1586	 */
1587	if (INGLOBALZONE(curproc)) {
1588		zone = zone_find_by_path(mountpt);
1589		ASSERT(zone != NULL);
1590	} else {
1591		zone = curproc->p_zone;
1592		/*
1593		 * zone_find_by_path does a hold, so do one here too so that
1594		 * we can do a zone_rele after mount_completed.
1595		 */
1596		zone_hold(zone);
1597	}
1598	mount_in_progress(zone);
1599	/*
1600	 * Instantiate (or reinstantiate) the file system.  If appropriate,
1601	 * splice it into the file system name space.
1602	 *
1603	 * We want VFS_MOUNT() to be able to override the vfs_resource
1604	 * string if necessary (ie, mntfs), and also for a remount to
1605	 * change the same (necessary when remounting '/' during boot).
1606	 * So we set up vfs_mntpt and vfs_resource to what we think they
1607	 * should be, then hand off control to VFS_MOUNT() which can
1608	 * override this.
1609	 *
1610	 * For safety's sake, when changing vfs_resource or vfs_mntpt of
1611	 * a vfs which is on the vfs list (i.e. during a remount), we must
1612	 * never set those fields to NULL. Several bits of code make
1613	 * assumptions that the fields are always valid.
1614	 */
1615	vfs_swapopttbl(&mnt_mntopts, &vfsp->vfs_mntopts);
1616	if (remount) {
1617		if ((oldresource = vfsp->vfs_resource) != NULL)
1618			refstr_hold(oldresource);
1619		if ((oldmntpt = vfsp->vfs_mntpt) != NULL)
1620			refstr_hold(oldmntpt);
1621	}
1622	vfs_setresource(vfsp, resource, 0);
1623	vfs_setmntpoint(vfsp, mountpt, 0);
1624
1625	/*
1626	 * going to mount on this vnode, so notify.
1627	 */
1628	vnevent_mountedover(vp, NULL);
1629	error = VFS_MOUNT(vfsp, vp, uap, credp);
1630
1631	if (uap->flags & MS_RDONLY)
1632		vfs_setmntopt(vfsp, MNTOPT_RO, NULL, 0);
1633	if (uap->flags & MS_NOSUID)
1634		vfs_setmntopt(vfsp, MNTOPT_NOSUID, NULL, 0);
1635	if (uap->flags & MS_GLOBAL)
1636		vfs_setmntopt(vfsp, MNTOPT_GLOBAL, NULL, 0);
1637
1638	if (error) {
1639		lofi_remove(vfsp);
1640
1641		if (remount) {
1642			/* put back pre-remount options */
1643			vfs_swapopttbl(&mnt_mntopts, &vfsp->vfs_mntopts);
1644			vfs_setmntpoint(vfsp, refstr_value(oldmntpt),
1645			    VFSSP_VERBATIM);
1646			if (oldmntpt)
1647				refstr_rele(oldmntpt);
1648			vfs_setresource(vfsp, refstr_value(oldresource),
1649			    VFSSP_VERBATIM);
1650			if (oldresource)
1651				refstr_rele(oldresource);
1652			vfsp->vfs_flag = ovflags;
1653			vfs_unlock(vfsp);
1654			VFS_RELE(vfsp);
1655		} else {
1656			vfs_unlock(vfsp);
1657			vfs_freemnttab(vfsp);
1658			vfs_free(vfsp);
1659		}
1660	} else {
1661		/*
1662		 * Set the mount time to now
1663		 */
1664		vfsp->vfs_mtime = ddi_get_time();
1665		if (remount) {
1666			vfsp->vfs_flag &= ~VFS_REMOUNT;
1667			if (oldresource)
1668				refstr_rele(oldresource);
1669			if (oldmntpt)
1670				refstr_rele(oldmntpt);
1671		} else if (splice) {
1672			/*
1673			 * Link vfsp into the name space at the mount
1674			 * point. Vfs_add() is responsible for
1675			 * holding the mount point which will be
1676			 * released when vfs_remove() is called.
1677			 */
1678			vfs_add(vp, vfsp, uap->flags);
1679		} else {
1680			/*
1681			 * Hold the reference to file system which is
1682			 * not linked into the name space.
1683			 */
1684			vfsp->vfs_zone = NULL;
1685			VFS_HOLD(vfsp);
1686			vfsp->vfs_vnodecovered = NULL;
1687		}
1688		/*
1689		 * Set flags for global options encountered
1690		 */
1691		if (vfs_optionisset(vfsp, MNTOPT_RO, NULL))
1692			vfsp->vfs_flag |= VFS_RDONLY;
1693		else
1694			vfsp->vfs_flag &= ~VFS_RDONLY;
1695		if (vfs_optionisset(vfsp, MNTOPT_NOSUID, NULL)) {
1696			vfsp->vfs_flag |= (VFS_NOSETUID|VFS_NODEVICES);
1697		} else {
1698			if (vfs_optionisset(vfsp, MNTOPT_NODEVICES, NULL))
1699				vfsp->vfs_flag |= VFS_NODEVICES;
1700			else
1701				vfsp->vfs_flag &= ~VFS_NODEVICES;
1702			if (vfs_optionisset(vfsp, MNTOPT_NOSETUID, NULL))
1703				vfsp->vfs_flag |= VFS_NOSETUID;
1704			else
1705				vfsp->vfs_flag &= ~VFS_NOSETUID;
1706		}
1707		if (vfs_optionisset(vfsp, MNTOPT_NBMAND, NULL))
1708			vfsp->vfs_flag |= VFS_NBMAND;
1709		else
1710			vfsp->vfs_flag &= ~VFS_NBMAND;
1711
1712		if (vfs_optionisset(vfsp, MNTOPT_XATTR, NULL))
1713			vfsp->vfs_flag |= VFS_XATTR;
1714		else
1715			vfsp->vfs_flag &= ~VFS_XATTR;
1716
1717		if (vfs_optionisset(vfsp, MNTOPT_NOEXEC, NULL))
1718			vfsp->vfs_flag |= VFS_NOEXEC;
1719		else
1720			vfsp->vfs_flag &= ~VFS_NOEXEC;
1721
1722		/*
1723		 * Now construct the output option string of options
1724		 * we recognized.
1725		 */
1726		if (uap->flags & MS_OPTIONSTR) {
1727			vfs_list_read_lock();
1728			copyout_error = vfs_buildoptionstr(
1729			    &vfsp->vfs_mntopts, inargs, optlen);
1730			vfs_list_unlock();
1731			if (copyout_error == 0 &&
1732			    (uap->flags & MS_SYSSPACE) == 0) {
1733				copyout_error = copyoutstr(inargs, opts,
1734				    optlen, NULL);
1735			}
1736		}
1737
1738		/*
1739		 * If this isn't a remount, set up the vopstats before
1740		 * anyone can touch this. We only allow spliced file
1741		 * systems (file systems which are in the namespace) to
1742		 * have the VFS_STATS flag set.
1743		 * NOTE: PxFS mounts the underlying file system with
1744		 * MS_NOSPLICE set and copies those vfs_flags to its private
1745		 * vfs structure. As a result, PxFS should never have
1746		 * the VFS_STATS flag or else we might access the vfs
1747		 * statistics-related fields prior to them being
1748		 * properly initialized.
1749		 */
1750		if (!remount && (vswp->vsw_flag & VSW_STATS) && splice) {
1751			initialize_vopstats(&vfsp->vfs_vopstats);
1752			/*
1753			 * We need to set vfs_vskap to NULL because there's
1754			 * a chance it won't be set below.  This is checked
1755			 * in teardown_vopstats() so we can't have garbage.
1756			 */
1757			vfsp->vfs_vskap = NULL;
1758			vfsp->vfs_flag |= VFS_STATS;
1759			vfsp->vfs_fstypevsp = get_fstype_vopstats(vfsp, vswp);
1760		}
1761
1762		if (vswp->vsw_flag & VSW_XID)
1763			vfsp->vfs_flag |= VFS_XID;
1764
1765		vfs_unlock(vfsp);
1766	}
1767	mount_completed(zone);
1768	zone_rele(zone);
1769	if (splice)
1770		vn_vfsunlock(vp);
1771
1772	if ((error == 0) && (copyout_error == 0)) {
1773		if (!remount) {
1774			/*
1775			 * Don't call get_vskstat_anchor() while holding
1776			 * locks since it allocates memory and calls
1777			 * VFS_STATVFS().  For NFS, the latter can generate
1778			 * an over-the-wire call.
1779			 */
1780			vskap = get_vskstat_anchor(vfsp);
1781			/* Only take the lock if we have something to do */
1782			if (vskap != NULL) {
1783				vfs_lock_wait(vfsp);
1784				if (vfsp->vfs_flag & VFS_STATS) {
1785					vfsp->vfs_vskap = vskap;
1786				}
1787				vfs_unlock(vfsp);
1788			}
1789		}
1790		/* Return vfsp to caller. */
1791		*vfspp = vfsp;
1792	}
1793errout:
1794	vfs_freeopttbl(&mnt_mntopts);
1795	if (resource != NULL)
1796		kmem_free(resource, strlen(resource) + 1);
1797	if (mountpt != NULL)
1798		kmem_free(mountpt, strlen(mountpt) + 1);
1799	/*
1800	 * It is possible we errored prior to adding to mount in progress
1801	 * table. Must free vnode we acquired with successful lookupname.
1802	 */
1803	if (addmip)
1804		VN_RELE(bvp);
1805	if (delmip)
1806		vfs_delmip(vfsp);
1807	ASSERT(vswp != NULL);
1808	vfs_unrefvfssw(vswp);
1809	if (inargs != opts)
1810		kmem_free(inargs, MAX_MNTOPT_STR);
1811	if (copyout_error) {
1812		lofi_remove(vfsp);
1813		VFS_RELE(vfsp);
1814		error = copyout_error;
1815	}
1816	return (error);
1817}
1818
1819static void
1820vfs_setpath(
1821    struct vfs *vfsp,		/* vfs being updated */
1822    refstr_t **refp,		/* Ref-count string to contain the new path */
1823    const char *newpath,	/* Path to add to refp (above) */
1824    uint32_t flag)		/* flag */
1825{
1826	size_t len;
1827	refstr_t *ref;
1828	zone_t *zone = curproc->p_zone;
1829	char *sp;
1830	int have_list_lock = 0;
1831
1832	ASSERT(!VFS_ON_LIST(vfsp) || vfs_lock_held(vfsp));
1833
1834	/*
1835	 * New path must be less than MAXPATHLEN because mntfs
1836	 * will only display up to MAXPATHLEN bytes. This is currently
1837	 * safe, because domount() uses pn_get(), and other callers
1838	 * similarly cap the size to fewer than MAXPATHLEN bytes.
1839	 */
1840
1841	ASSERT(strlen(newpath) < MAXPATHLEN);
1842
1843	/* mntfs requires consistency while vfs list lock is held */
1844
1845	if (VFS_ON_LIST(vfsp)) {
1846		have_list_lock = 1;
1847		vfs_list_lock();
1848	}
1849
1850	if (*refp != NULL)
1851		refstr_rele(*refp);
1852
1853	/*
1854	 * If we are in a non-global zone then we prefix the supplied path,
1855	 * newpath, with the zone's root path, with two exceptions. The first
1856	 * is where we have been explicitly directed to avoid doing so; this
1857	 * will be the case following a failed remount, where the path supplied
1858	 * will be a saved version which must now be restored. The second
1859	 * exception is where newpath is not a pathname but a descriptive name,
1860	 * e.g. "procfs".
1861	 */
1862	if (zone == global_zone || (flag & VFSSP_VERBATIM) || *newpath != '/') {
1863		ref = refstr_alloc(newpath);
1864		goto out;
1865	}
1866
1867	/*
1868	 * Truncate the trailing '/' in the zoneroot, and merge
1869	 * in the zone's rootpath with the "newpath" (resource
1870	 * or mountpoint) passed in.
1871	 *
1872	 * The size of the required buffer is thus the size of
1873	 * the buffer required for the passed-in newpath
1874	 * (strlen(newpath) + 1), plus the size of the buffer
1875	 * required to hold zone_rootpath (zone_rootpathlen)
1876	 * minus one for one of the now-superfluous NUL
1877	 * terminations, minus one for the trailing '/'.
1878	 *
1879	 * That gives us:
1880	 *
1881	 * (strlen(newpath) + 1) + zone_rootpathlen - 1 - 1
1882	 *
1883	 * Which is what we have below.
1884	 */
1885
1886	len = strlen(newpath) + zone->zone_rootpathlen - 1;
1887	sp = kmem_alloc(len, KM_SLEEP);
1888
1889	/*
1890	 * Copy everything including the trailing slash, which
1891	 * we then overwrite with the NUL character.
1892	 */
1893
1894	(void) strcpy(sp, zone->zone_rootpath);
1895	sp[zone->zone_rootpathlen - 2] = '\0';
1896	(void) strcat(sp, newpath);
1897
1898	ref = refstr_alloc(sp);
1899	kmem_free(sp, len);
1900out:
1901	*refp = ref;
1902
1903	if (have_list_lock) {
1904		vfs_mnttab_modtimeupd();
1905		vfs_list_unlock();
1906	}
1907}
1908
1909/*
1910 * Record a mounted resource name in a vfs structure.
1911 * If vfsp is already mounted, caller must hold the vfs lock.
1912 */
1913void
1914vfs_setresource(struct vfs *vfsp, const char *resource, uint32_t flag)
1915{
1916	if (resource == NULL || resource[0] == '\0')
1917		resource = VFS_NORESOURCE;
1918	vfs_setpath(vfsp, &vfsp->vfs_resource, resource, flag);
1919}
1920
1921/*
1922 * Record a mount point name in a vfs structure.
1923 * If vfsp is already mounted, caller must hold the vfs lock.
1924 */
1925void
1926vfs_setmntpoint(struct vfs *vfsp, const char *mntpt, uint32_t flag)
1927{
1928	if (mntpt == NULL || mntpt[0] == '\0')
1929		mntpt = VFS_NOMNTPT;
1930	vfs_setpath(vfsp, &vfsp->vfs_mntpt, mntpt, flag);
1931}
1932
1933/* Returns the vfs_resource. Caller must call refstr_rele() when finished. */
1934
1935refstr_t *
1936vfs_getresource(const struct vfs *vfsp)
1937{
1938	refstr_t *resource;
1939
1940	vfs_list_read_lock();
1941	resource = vfsp->vfs_resource;
1942	refstr_hold(resource);
1943	vfs_list_unlock();
1944
1945	return (resource);
1946}
1947
1948/* Returns the vfs_mntpt. Caller must call refstr_rele() when finished. */
1949
1950refstr_t *
1951vfs_getmntpoint(const struct vfs *vfsp)
1952{
1953	refstr_t *mntpt;
1954
1955	vfs_list_read_lock();
1956	mntpt = vfsp->vfs_mntpt;
1957	refstr_hold(mntpt);
1958	vfs_list_unlock();
1959
1960	return (mntpt);
1961}
1962
1963/*
1964 * Create an empty options table with enough empty slots to hold all
1965 * The options in the options string passed as an argument.
1966 * Potentially prepend another options table.
1967 *
1968 * Note: caller is responsible for locking the vfs list, if needed,
1969 *       to protect mops.
1970 */
1971static void
1972vfs_createopttbl_extend(mntopts_t *mops, const char *opts,
1973    const mntopts_t *mtmpl)
1974{
1975	const char *s = opts;
1976	uint_t count;
1977
1978	if (opts == NULL || *opts == '\0') {
1979		count = 0;
1980	} else {
1981		count = 1;
1982
1983		/*
1984		 * Count number of options in the string
1985		 */
1986		for (s = strchr(s, ','); s != NULL; s = strchr(s, ',')) {
1987			count++;
1988			s++;
1989		}
1990	}
1991	vfs_copyopttbl_extend(mtmpl, mops, count);
1992}
1993
1994/*
1995 * Create an empty options table with enough empty slots to hold all
1996 * The options in the options string passed as an argument.
1997 *
1998 * This function is *not* for general use by filesystems.
1999 *
2000 * Note: caller is responsible for locking the vfs list, if needed,
2001 *       to protect mops.
2002 */
2003void
2004vfs_createopttbl(mntopts_t *mops, const char *opts)
2005{
2006	vfs_createopttbl_extend(mops, opts, NULL);
2007}
2008
2009
2010/*
2011 * Swap two mount options tables
2012 */
2013static void
2014vfs_swapopttbl_nolock(mntopts_t *optbl1, mntopts_t *optbl2)
2015{
2016	uint_t tmpcnt;
2017	mntopt_t *tmplist;
2018
2019	tmpcnt = optbl2->mo_count;
2020	tmplist = optbl2->mo_list;
2021	optbl2->mo_count = optbl1->mo_count;
2022	optbl2->mo_list = optbl1->mo_list;
2023	optbl1->mo_count = tmpcnt;
2024	optbl1->mo_list = tmplist;
2025}
2026
2027static void
2028vfs_swapopttbl(mntopts_t *optbl1, mntopts_t *optbl2)
2029{
2030	vfs_list_lock();
2031	vfs_swapopttbl_nolock(optbl1, optbl2);
2032	vfs_mnttab_modtimeupd();
2033	vfs_list_unlock();
2034}
2035
2036static char **
2037vfs_copycancelopt_extend(char **const moc, int extend)
2038{
2039	int i = 0;
2040	int j;
2041	char **result;
2042
2043	if (moc != NULL) {
2044		for (; moc[i] != NULL; i++)
2045			/* count number of options to cancel */;
2046	}
2047
2048	if (i + extend == 0)
2049		return (NULL);
2050
2051	result = kmem_alloc((i + extend + 1) * sizeof (char *), KM_SLEEP);
2052
2053	for (j = 0; j < i; j++) {
2054		result[j] = kmem_alloc(strlen(moc[j]) + 1, KM_SLEEP);
2055		(void) strcpy(result[j], moc[j]);
2056	}
2057	for (; j <= i + extend; j++)
2058		result[j] = NULL;
2059
2060	return (result);
2061}
2062
2063static void
2064vfs_copyopt(const mntopt_t *s, mntopt_t *d)
2065{
2066	char *sp, *dp;
2067
2068	d->mo_flags = s->mo_flags;
2069	d->mo_data = s->mo_data;
2070	sp = s->mo_name;
2071	if (sp != NULL) {
2072		dp = kmem_alloc(strlen(sp) + 1, KM_SLEEP);
2073		(void) strcpy(dp, sp);
2074		d->mo_name = dp;
2075	} else {
2076		d->mo_name = NULL; /* should never happen */
2077	}
2078
2079	d->mo_cancel = vfs_copycancelopt_extend(s->mo_cancel, 0);
2080
2081	sp = s->mo_arg;
2082	if (sp != NULL) {
2083		dp = kmem_alloc(strlen(sp) + 1, KM_SLEEP);
2084		(void) strcpy(dp, sp);
2085		d->mo_arg = dp;
2086	} else {
2087		d->mo_arg = NULL;
2088	}
2089}
2090
2091/*
2092 * Copy a mount options table, possibly allocating some spare
2093 * slots at the end.  It is permissible to copy_extend the NULL table.
2094 */
2095static void
2096vfs_copyopttbl_extend(const mntopts_t *smo, mntopts_t *dmo, int extra)
2097{
2098	uint_t i, count;
2099	mntopt_t *motbl;
2100
2101	/*
2102	 * Clear out any existing stuff in the options table being initialized
2103	 */
2104	vfs_freeopttbl(dmo);
2105	count = (smo == NULL) ? 0 : smo->mo_count;
2106	if ((count + extra) == 0)	/* nothing to do */
2107		return;
2108	dmo->mo_count = count + extra;
2109	motbl = kmem_zalloc((count + extra) * sizeof (mntopt_t), KM_SLEEP);
2110	dmo->mo_list = motbl;
2111	for (i = 0; i < count; i++) {
2112		vfs_copyopt(&smo->mo_list[i], &motbl[i]);
2113	}
2114	for (i = count; i < count + extra; i++) {
2115		motbl[i].mo_flags = MO_EMPTY;
2116	}
2117}
2118
2119/*
2120 * Copy a mount options table.
2121 *
2122 * This function is *not* for general use by filesystems.
2123 *
2124 * Note: caller is responsible for locking the vfs list, if needed,
2125 *       to protect smo and dmo.
2126 */
2127void
2128vfs_copyopttbl(const mntopts_t *smo, mntopts_t *dmo)
2129{
2130	vfs_copyopttbl_extend(smo, dmo, 0);
2131}
2132
2133static char **
2134vfs_mergecancelopts(const mntopt_t *mop1, const mntopt_t *mop2)
2135{
2136	int c1 = 0;
2137	int c2 = 0;
2138	char **result;
2139	char **sp1, **sp2, **dp;
2140
2141	/*
2142	 * First we count both lists of cancel options.
2143	 * If either is NULL or has no elements, we return a copy of
2144	 * the other.
2145	 */
2146	if (mop1->mo_cancel != NULL) {
2147		for (; mop1->mo_cancel[c1] != NULL; c1++)
2148			/* count cancel options in mop1 */;
2149	}
2150
2151	if (c1 == 0)
2152		return (vfs_copycancelopt_extend(mop2->mo_cancel, 0));
2153
2154	if (mop2->mo_cancel != NULL) {
2155		for (; mop2->mo_cancel[c2] != NULL; c2++)
2156			/* count cancel options in mop2 */;
2157	}
2158
2159	result = vfs_copycancelopt_extend(mop1->mo_cancel, c2);
2160
2161	if (c2 == 0)
2162		return (result);
2163
2164	/*
2165	 * When we get here, we've got two sets of cancel options;
2166	 * we need to merge the two sets.  We know that the result
2167	 * array has "c1+c2+1" entries and in the end we might shrink
2168	 * it.
2169	 * Result now has a copy of the c1 entries from mop1; we'll
2170	 * now lookup all the entries of mop2 in mop1 and copy it if
2171	 * it is unique.
2172	 * This operation is O(n^2) but it's only called once per
2173	 * filesystem per duplicate option.  This is a situation
2174	 * which doesn't arise with the filesystems in ON and
2175	 * n is generally 1.
2176	 */
2177
2178	dp = &result[c1];
2179	for (sp2 = mop2->mo_cancel; *sp2 != NULL; sp2++) {
2180		for (sp1 = mop1->mo_cancel; *sp1 != NULL; sp1++) {
2181			if (strcmp(*sp1, *sp2) == 0)
2182				break;
2183		}
2184		if (*sp1 == NULL) {
2185			/*
2186			 * Option *sp2 not found in mop1, so copy it.
2187			 * The calls to vfs_copycancelopt_extend()
2188			 * guarantee that there's enough room.
2189			 */
2190			*dp = kmem_alloc(strlen(*sp2) + 1, KM_SLEEP);
2191			(void) strcpy(*dp++, *sp2);
2192		}
2193	}
2194	if (dp != &result[c1+c2]) {
2195		size_t bytes = (dp - result + 1) * sizeof (char *);
2196		char **nres = kmem_alloc(bytes, KM_SLEEP);
2197
2198		bcopy(result, nres, bytes);
2199		kmem_free(result, (c1 + c2 + 1) * sizeof (char *));
2200		result = nres;
2201	}
2202	return (result);
2203}
2204
2205/*
2206 * Merge two mount option tables (outer and inner) into one.  This is very
2207 * similar to "merging" global variables and automatic variables in C.
2208 *
2209 * This isn't (and doesn't have to be) fast.
2210 *
2211 * This function is *not* for general use by filesystems.
2212 *
2213 * Note: caller is responsible for locking the vfs list, if needed,
2214 *       to protect omo, imo & dmo.
2215 */
2216void
2217vfs_mergeopttbl(const mntopts_t *omo, const mntopts_t *imo, mntopts_t *dmo)
2218{
2219	uint_t i, count;
2220	mntopt_t *mop, *motbl;
2221	uint_t freeidx;
2222
2223	/*
2224	 * First determine how much space we need to allocate.
2225	 */
2226	count = omo->mo_count;
2227	for (i = 0; i < imo->mo_count; i++) {
2228		if (imo->mo_list[i].mo_flags & MO_EMPTY)
2229			continue;
2230		if (vfs_hasopt(omo, imo->mo_list[i].mo_name) == NULL)
2231			count++;
2232	}
2233	ASSERT(count >= omo->mo_count &&
2234	    count <= omo->mo_count + imo->mo_count);
2235	motbl = kmem_alloc(count * sizeof (mntopt_t), KM_SLEEP);
2236	for (i = 0; i < omo->mo_count; i++)
2237		vfs_copyopt(&omo->mo_list[i], &motbl[i]);
2238	freeidx = omo->mo_count;
2239	for (i = 0; i < imo->mo_count; i++) {
2240		if (imo->mo_list[i].mo_flags & MO_EMPTY)
2241			continue;
2242		if ((mop = vfs_hasopt(omo, imo->mo_list[i].mo_name)) != NULL) {
2243			char **newcanp;
2244			uint_t index = mop - omo->mo_list;
2245
2246			newcanp = vfs_mergecancelopts(mop, &motbl[index]);
2247
2248			vfs_freeopt(&motbl[index]);
2249			vfs_copyopt(&imo->mo_list[i], &motbl[index]);
2250
2251			vfs_freecancelopt(motbl[index].mo_cancel);
2252			motbl[index].mo_cancel = newcanp;
2253		} else {
2254			/*
2255			 * If it's a new option, just copy it over to the first
2256			 * free location.
2257			 */
2258			vfs_copyopt(&imo->mo_list[i], &motbl[freeidx++]);
2259		}
2260	}
2261	dmo->mo_count = count;
2262	dmo->mo_list = motbl;
2263}
2264
2265/*
2266 * Functions to set and clear mount options in a mount options table.
2267 */
2268
2269/*
2270 * Clear a mount option, if it exists.
2271 *
2272 * The update_mnttab arg indicates whether mops is part of a vfs that is on
2273 * the vfs list.
2274 */
2275static void
2276vfs_clearmntopt_nolock(mntopts_t *mops, const char *opt, int update_mnttab)
2277{
2278	struct mntopt *mop;
2279	uint_t i, count;
2280
2281	ASSERT(!update_mnttab || RW_WRITE_HELD(&vfslist));
2282
2283	count = mops->mo_count;
2284	for (i = 0; i < count; i++) {
2285		mop = &mops->mo_list[i];
2286
2287		if (mop->mo_flags & MO_EMPTY)
2288			continue;
2289		if (strcmp(opt, mop->mo_name))
2290			continue;
2291		mop->mo_flags &= ~MO_SET;
2292		if (mop->mo_arg != NULL) {
2293			kmem_free(mop->mo_arg, strlen(mop->mo_arg) + 1);
2294		}
2295		mop->mo_arg = NULL;
2296		if (update_mnttab)
2297			vfs_mnttab_modtimeupd();
2298		break;
2299	}
2300}
2301
2302void
2303vfs_clearmntopt(struct vfs *vfsp, const char *opt)
2304{
2305	int gotlock = 0;
2306
2307	if (VFS_ON_LIST(vfsp)) {
2308		gotlock = 1;
2309		vfs_list_lock();
2310	}
2311	vfs_clearmntopt_nolock(&vfsp->vfs_mntopts, opt, gotlock);
2312	if (gotlock)
2313		vfs_list_unlock();
2314}
2315
2316
2317/*
2318 * Set a mount option on.  If it's not found in the table, it's silently
2319 * ignored.  If the option has MO_IGNORE set, it is still set unless the
2320 * VFS_NOFORCEOPT bit is set in the flags.  Also, VFS_DISPLAY/VFS_NODISPLAY flag
2321 * bits can be used to toggle the MO_NODISPLAY bit for the option.
2322 * If the VFS_CREATEOPT flag bit is set then the first option slot with
2323 * MO_EMPTY set is created as the option passed in.
2324 *
2325 * The update_mnttab arg indicates whether mops is part of a vfs that is on
2326 * the vfs list.
2327 */
2328static void
2329vfs_setmntopt_nolock(mntopts_t *mops, const char *opt,
2330    const char *arg, int flags, int update_mnttab)
2331{
2332	mntopt_t *mop;
2333	uint_t i, count;
2334	char *sp;
2335
2336	ASSERT(!update_mnttab || RW_WRITE_HELD(&vfslist));
2337
2338	if (flags & VFS_CREATEOPT) {
2339		if (vfs_hasopt(mops, opt) != NULL) {
2340			flags &= ~VFS_CREATEOPT;
2341		}
2342	}
2343	count = mops->mo_count;
2344	for (i = 0; i < count; i++) {
2345		mop = &mops->mo_list[i];
2346
2347		if (mop->mo_flags & MO_EMPTY) {
2348			if ((flags & VFS_CREATEOPT) == 0)
2349				continue;
2350			sp = kmem_alloc(strlen(opt) + 1, KM_SLEEP);
2351			(void) strcpy(sp, opt);
2352			mop->mo_name = sp;
2353			if (arg != NULL)
2354				mop->mo_flags = MO_HASVALUE;
2355			else
2356				mop->mo_flags = 0;
2357		} else if (strcmp(opt, mop->mo_name)) {
2358			continue;
2359		}
2360		if ((mop->mo_flags & MO_IGNORE) && (flags & VFS_NOFORCEOPT))
2361			break;
2362		if (arg != NULL && (mop->mo_flags & MO_HASVALUE) != 0) {
2363			sp = kmem_alloc(strlen(arg) + 1, KM_SLEEP);
2364			(void) strcpy(sp, arg);
2365		} else {
2366			sp = NULL;
2367		}
2368		if (mop->mo_arg != NULL)
2369			kmem_free(mop->mo_arg, strlen(mop->mo_arg) + 1);
2370		mop->mo_arg = sp;
2371		if (flags & VFS_DISPLAY)
2372			mop->mo_flags &= ~MO_NODISPLAY;
2373		if (flags & VFS_NODISPLAY)
2374			mop->mo_flags |= MO_NODISPLAY;
2375		mop->mo_flags |= MO_SET;
2376		if (mop->mo_cancel != NULL) {
2377			char **cp;
2378
2379			for (cp = mop->mo_cancel; *cp != NULL; cp++)
2380				vfs_clearmntopt_nolock(mops, *cp, 0);
2381		}
2382		if (update_mnttab)
2383			vfs_mnttab_modtimeupd();
2384		break;
2385	}
2386}
2387
2388void
2389vfs_setmntopt(struct vfs *vfsp, const char *opt, const char *arg, int flags)
2390{
2391	int gotlock = 0;
2392
2393	if (VFS_ON_LIST(vfsp)) {
2394		gotlock = 1;
2395		vfs_list_lock();
2396	}
2397	vfs_setmntopt_nolock(&vfsp->vfs_mntopts, opt, arg, flags, gotlock);
2398	if (gotlock)
2399		vfs_list_unlock();
2400}
2401
2402
2403/*
2404 * Add a "tag" option to a mounted file system's options list.
2405 *
2406 * Note: caller is responsible for locking the vfs list, if needed,
2407 *       to protect mops.
2408 */
2409static mntopt_t *
2410vfs_addtag(mntopts_t *mops, const char *tag)
2411{
2412	uint_t count;
2413	mntopt_t *mop, *motbl;
2414
2415	count = mops->mo_count + 1;
2416	motbl = kmem_zalloc(count * sizeof (mntopt_t), KM_SLEEP);
2417	if (mops->mo_count) {
2418		size_t len = (count - 1) * sizeof (mntopt_t);
2419
2420		bcopy(mops->mo_list, motbl, len);
2421		kmem_free(mops->mo_list, len);
2422	}
2423	mops->mo_count = count;
2424	mops->mo_list = motbl;
2425	mop = &motbl[count - 1];
2426	mop->mo_flags = MO_TAG;
2427	mop->mo_name = kmem_alloc(strlen(tag) + 1, KM_SLEEP);
2428	(void) strcpy(mop->mo_name, tag);
2429	return (mop);
2430}
2431
2432/*
2433 * Allow users to set arbitrary "tags" in a vfs's mount options.
2434 * Broader use within the kernel is discouraged.
2435 */
2436int
2437vfs_settag(uint_t major, uint_t minor, const char *mntpt, const char *tag,
2438    cred_t *cr)
2439{
2440	vfs_t *vfsp;
2441	mntopts_t *mops;
2442	mntopt_t *mop;
2443	int found = 0;
2444	dev_t dev = makedevice(major, minor);
2445	int err = 0;
2446	char *buf = kmem_alloc(MAX_MNTOPT_STR, KM_SLEEP);
2447
2448	/*
2449	 * Find the desired mounted file system
2450	 */
2451	vfs_list_lock();
2452	vfsp = rootvfs;
2453	do {
2454		if (vfsp->vfs_dev == dev &&
2455		    strcmp(mntpt, refstr_value(vfsp->vfs_mntpt)) == 0) {
2456			found = 1;
2457			break;
2458		}
2459		vfsp = vfsp->vfs_next;
2460	} while (vfsp != rootvfs);
2461
2462	if (!found) {
2463		err = EINVAL;
2464		goto out;
2465	}
2466	err = secpolicy_fs_config(cr, vfsp);
2467	if (err != 0)
2468		goto out;
2469
2470	mops = &vfsp->vfs_mntopts;
2471	/*
2472	 * Add tag if it doesn't already exist
2473	 */
2474	if ((mop = vfs_hasopt(mops, tag)) == NULL) {
2475		int len;
2476
2477		(void) vfs_buildoptionstr(mops, buf, MAX_MNTOPT_STR);
2478		len = strlen(buf);
2479		if (len + strlen(tag) + 2 > MAX_MNTOPT_STR) {
2480			err = ENAMETOOLONG;
2481			goto out;
2482		}
2483		mop = vfs_addtag(mops, tag);
2484	}
2485	if ((mop->mo_flags & MO_TAG) == 0) {
2486		err = EINVAL;
2487		goto out;
2488	}
2489	vfs_setmntopt_nolock(mops, tag, NULL, 0, 1);
2490out:
2491	vfs_list_unlock();
2492	kmem_free(buf, MAX_MNTOPT_STR);
2493	return (err);
2494}
2495
2496/*
2497 * Allow users to remove arbitrary "tags" in a vfs's mount options.
2498 * Broader use within the kernel is discouraged.
2499 */
2500int
2501vfs_clrtag(uint_t major, uint_t minor, const char *mntpt, const char *tag,
2502    cred_t *cr)
2503{
2504	vfs_t *vfsp;
2505	mntopt_t *mop;
2506	int found = 0;
2507	dev_t dev = makedevice(major, minor);
2508	int err = 0;
2509
2510	/*
2511	 * Find the desired mounted file system
2512	 */
2513	vfs_list_lock();
2514	vfsp = rootvfs;
2515	do {
2516		if (vfsp->vfs_dev == dev &&
2517		    strcmp(mntpt, refstr_value(vfsp->vfs_mntpt)) == 0) {
2518			found = 1;
2519			break;
2520		}
2521		vfsp = vfsp->vfs_next;
2522	} while (vfsp != rootvfs);
2523
2524	if (!found) {
2525		err = EINVAL;
2526		goto out;
2527	}
2528	err = secpolicy_fs_config(cr, vfsp);
2529	if (err != 0)
2530		goto out;
2531
2532	if ((mop = vfs_hasopt(&vfsp->vfs_mntopts, tag)) == NULL) {
2533		err = EINVAL;
2534		goto out;
2535	}
2536	if ((mop->mo_flags & MO_TAG) == 0) {
2537		err = EINVAL;
2538		goto out;
2539	}
2540	vfs_clearmntopt_nolock(&vfsp->vfs_mntopts, tag, 1);
2541out:
2542	vfs_list_unlock();
2543	return (err);
2544}
2545
2546/*
2547 * Function to parse an option string and fill in a mount options table.
2548 * Unknown options are silently ignored.  The input option string is modified
2549 * by replacing separators with nulls.  If the create flag is set, options
2550 * not found in the table are just added on the fly.  The table must have
2551 * an option slot marked MO_EMPTY to add an option on the fly.
2552 *
2553 * This function is *not* for general use by filesystems.
2554 *
2555 * Note: caller is responsible for locking the vfs list, if needed,
2556 *       to protect mops..
2557 */
2558void
2559vfs_parsemntopts(mntopts_t *mops, char *osp, int create)
2560{
2561	char *s = osp, *p, *nextop, *valp, *cp, *ep;
2562	int setflg = VFS_NOFORCEOPT;
2563
2564	if (osp == NULL)
2565		return;
2566	while (*s != '\0') {
2567		p = strchr(s, ',');	/* find next option */
2568		if (p == NULL) {
2569			cp = NULL;
2570			p = s + strlen(s);
2571		} else {
2572			cp = p;		/* save location of comma */
2573			*p++ = '\0';	/* mark end and point to next option */
2574		}
2575		nextop = p;
2576		p = strchr(s, '=');	/* look for value */
2577		if (p == NULL) {
2578			valp = NULL;	/* no value supplied */
2579		} else {
2580			ep = p;		/* save location of equals */
2581			*p++ = '\0';	/* end option and point to value */
2582			valp = p;
2583		}
2584		/*
2585		 * set option into options table
2586		 */
2587		if (create)
2588			setflg |= VFS_CREATEOPT;
2589		vfs_setmntopt_nolock(mops, s, valp, setflg, 0);
2590		if (cp != NULL)
2591			*cp = ',';	/* restore the comma */
2592		if (valp != NULL)
2593			*ep = '=';	/* restore the equals */
2594		s = nextop;
2595	}
2596}
2597
2598/*
2599 * Function to inquire if an option exists in a mount options table.
2600 * Returns a pointer to the option if it exists, else NULL.
2601 *
2602 * This function is *not* for general use by filesystems.
2603 *
2604 * Note: caller is responsible for locking the vfs list, if needed,
2605 *       to protect mops.
2606 */
2607struct mntopt *
2608vfs_hasopt(const mntopts_t *mops, const char *opt)
2609{
2610	struct mntopt *mop;
2611	uint_t i, count;
2612
2613	count = mops->mo_count;
2614	for (i = 0; i < count; i++) {
2615		mop = &mops->mo_list[i];
2616
2617		if (mop->mo_flags & MO_EMPTY)
2618			continue;
2619		if (strcmp(opt, mop->mo_name) == 0)
2620			return (mop);
2621	}
2622	return (NULL);
2623}
2624
2625/*
2626 * Function to inquire if an option is set in a mount options table.
2627 * Returns non-zero if set and fills in the arg pointer with a pointer to
2628 * the argument string or NULL if there is no argument string.
2629 */
2630static int
2631vfs_optionisset_nolock(const mntopts_t *mops, const char *opt, char **argp)
2632{
2633	struct mntopt *mop;
2634	uint_t i, count;
2635
2636	count = mops->mo_count;
2637	for (i = 0; i < count; i++) {
2638		mop = &mops->mo_list[i];
2639
2640		if (mop->mo_flags & MO_EMPTY)
2641			continue;
2642		if (strcmp(opt, mop->mo_name))
2643			continue;
2644		if ((mop->mo_flags & MO_SET) == 0)
2645			return (0);
2646		if (argp != NULL && (mop->mo_flags & MO_HASVALUE) != 0)
2647			*argp = mop->mo_arg;
2648		return (1);
2649	}
2650	return (0);
2651}
2652
2653
2654int
2655vfs_optionisset(const struct vfs *vfsp, const char *opt, char **argp)
2656{
2657	int ret;
2658
2659	vfs_list_read_lock();
2660	ret = vfs_optionisset_nolock(&vfsp->vfs_mntopts, opt, argp);
2661	vfs_list_unlock();
2662	return (ret);
2663}
2664
2665
2666/*
2667 * Construct a comma separated string of the options set in the given
2668 * mount table, return the string in the given buffer.  Return non-zero if
2669 * the buffer would overflow.
2670 *
2671 * This function is *not* for general use by filesystems.
2672 *
2673 * Note: caller is responsible for locking the vfs list, if needed,
2674 *       to protect mp.
2675 */
2676int
2677vfs_buildoptionstr(const mntopts_t *mp, char *buf, int len)
2678{
2679	char *cp;
2680	uint_t i;
2681
2682	buf[0] = '\0';
2683	cp = buf;
2684	for (i = 0; i < mp->mo_count; i++) {
2685		struct mntopt *mop;
2686
2687		mop = &mp->mo_list[i];
2688		if (mop->mo_flags & MO_SET) {
2689			int optlen, comma = 0;
2690
2691			if (buf[0] != '\0')
2692				comma = 1;
2693			optlen = strlen(mop->mo_name);
2694			if (strlen(buf) + comma + optlen + 1 > len)
2695				goto err;
2696			if (comma)
2697				*cp++ = ',';
2698			(void) strcpy(cp, mop->mo_name);
2699			cp += optlen;
2700			/*
2701			 * Append option value if there is one
2702			 */
2703			if (mop->mo_arg != NULL) {
2704				int arglen;
2705
2706				arglen = strlen(mop->mo_arg);
2707				if (strlen(buf) + arglen + 2 > len)
2708					goto err;
2709				*cp++ = '=';
2710				(void) strcpy(cp, mop->mo_arg);
2711				cp += arglen;
2712			}
2713		}
2714	}
2715	return (0);
2716err:
2717	return (EOVERFLOW);
2718}
2719
2720static void
2721vfs_freecancelopt(char **moc)
2722{
2723	if (moc != NULL) {
2724		int ccnt = 0;
2725		char **cp;
2726
2727		for (cp = moc; *cp != NULL; cp++) {
2728			kmem_free(*cp, strlen(*cp) + 1);
2729			ccnt++;
2730		}
2731		kmem_free(moc, (ccnt + 1) * sizeof (char *));
2732	}
2733}
2734
2735static void
2736vfs_freeopt(mntopt_t *mop)
2737{
2738	if (mop->mo_name != NULL)
2739		kmem_free(mop->mo_name, strlen(mop->mo_name) + 1);
2740
2741	vfs_freecancelopt(mop->mo_cancel);
2742
2743	if (mop->mo_arg != NULL)
2744		kmem_free(mop->mo_arg, strlen(mop->mo_arg) + 1);
2745}
2746
2747/*
2748 * Free a mount options table
2749 *
2750 * This function is *not* for general use by filesystems.
2751 *
2752 * Note: caller is responsible for locking the vfs list, if needed,
2753 *       to protect mp.
2754 */
2755void
2756vfs_freeopttbl(mntopts_t *mp)
2757{
2758	uint_t i, count;
2759
2760	count = mp->mo_count;
2761	for (i = 0; i < count; i++) {
2762		vfs_freeopt(&mp->mo_list[i]);
2763	}
2764	if (count) {
2765		kmem_free(mp->mo_list, sizeof (mntopt_t) * count);
2766		mp->mo_count = 0;
2767		mp->mo_list = NULL;
2768	}
2769}
2770
2771
2772/* ARGSUSED */
2773static int
2774vfs_mntdummyread(vnode_t *vp, uio_t *uio, int ioflag, cred_t *cred,
2775    caller_context_t *ct)
2776{
2777	return (0);
2778}
2779
2780/* ARGSUSED */
2781static int
2782vfs_mntdummywrite(vnode_t *vp, uio_t *uio, int ioflag, cred_t *cred,
2783    caller_context_t *ct)
2784{
2785	return (0);
2786}
2787
2788/*
2789 * The dummy vnode is currently used only by file events notification
2790 * module which is just interested in the timestamps.
2791 */
2792/* ARGSUSED */
2793static int
2794vfs_mntdummygetattr(vnode_t *vp, vattr_t *vap, int flags, cred_t *cr,
2795    caller_context_t *ct)
2796{
2797	bzero(vap, sizeof (vattr_t));
2798	vap->va_type = VREG;
2799	vap->va_nlink = 1;
2800	vap->va_ctime = vfs_mnttab_ctime;
2801	/*
2802	 * it is ok to just copy mtime as the time will be monotonically
2803	 * increasing.
2804	 */
2805	vap->va_mtime = vfs_mnttab_mtime;
2806	vap->va_atime = vap->va_mtime;
2807	return (0);
2808}
2809
2810static void
2811vfs_mnttabvp_setup(void)
2812{
2813	vnode_t *tvp;
2814	vnodeops_t *vfs_mntdummyvnops;
2815	const fs_operation_def_t mnt_dummyvnodeops_template[] = {
2816		VOPNAME_READ,		{ .vop_read = vfs_mntdummyread },
2817		VOPNAME_WRITE,		{ .vop_write = vfs_mntdummywrite },
2818		VOPNAME_GETATTR,	{ .vop_getattr = vfs_mntdummygetattr },
2819		VOPNAME_VNEVENT,	{ .vop_vnevent = fs_vnevent_support },
2820		NULL,			NULL
2821	};
2822
2823	if (vn_make_ops("mnttab", mnt_dummyvnodeops_template,
2824	    &vfs_mntdummyvnops) != 0) {
2825		cmn_err(CE_WARN, "vfs_mnttabvp_setup: vn_make_ops failed");
2826		/* Shouldn't happen, but not bad enough to panic */
2827		return;
2828	}
2829
2830	/*
2831	 * A global dummy vnode is allocated to represent mntfs files.
2832	 * The mntfs file (/etc/mnttab) can be monitored for file events
2833	 * and receive an event when mnttab changes. Dummy VOP calls
2834	 * will be made on this vnode. The file events notification module
2835	 * intercepts this vnode and delivers relevant events.
2836	 */
2837	tvp = vn_alloc(KM_SLEEP);
2838	tvp->v_flag = VNOMOUNT|VNOMAP|VNOSWAP|VNOCACHE;
2839	vn_setops(tvp, vfs_mntdummyvnops);
2840	tvp->v_type = VREG;
2841	/*
2842	 * The mnt dummy ops do not reference v_data.
2843	 * No other module intercepting this vnode should either.
2844	 * Just set it to point to itself.
2845	 */
2846	tvp->v_data = (caddr_t)tvp;
2847	tvp->v_vfsp = rootvfs;
2848	vfs_mntdummyvp = tvp;
2849}
2850
2851/*
2852 * performs fake read/write ops
2853 */
2854static void
2855vfs_mnttab_rwop(int rw)
2856{
2857	struct uio	uio;
2858	struct iovec	iov;
2859	char	buf[1];
2860
2861	if (vfs_mntdummyvp == NULL)
2862		return;
2863
2864	bzero(&uio, sizeof (uio));
2865	bzero(&iov, sizeof (iov));
2866	iov.iov_base = buf;
2867	iov.iov_len = 0;
2868	uio.uio_iov = &iov;
2869	uio.uio_iovcnt = 1;
2870	uio.uio_loffset = 0;
2871	uio.uio_segflg = UIO_SYSSPACE;
2872	uio.uio_resid = 0;
2873	if (rw) {
2874		(void) VOP_WRITE(vfs_mntdummyvp, &uio, 0, kcred, NULL);
2875	} else {
2876		(void) VOP_READ(vfs_mntdummyvp, &uio, 0, kcred, NULL);
2877	}
2878}
2879
2880/*
2881 * Generate a write operation.
2882 */
2883void
2884vfs_mnttab_writeop(void)
2885{
2886	vfs_mnttab_rwop(1);
2887}
2888
2889/*
2890 * Generate a read operation.
2891 */
2892void
2893vfs_mnttab_readop(void)
2894{
2895	vfs_mnttab_rwop(0);
2896}
2897
2898/*
2899 * Free any mnttab information recorded in the vfs struct.
2900 * The vfs must not be on the vfs list.
2901 */
2902static void
2903vfs_freemnttab(struct vfs *vfsp)
2904{
2905	ASSERT(!VFS_ON_LIST(vfsp));
2906
2907	/*
2908	 * Free device and mount point information
2909	 */
2910	if (vfsp->vfs_mntpt != NULL) {
2911		refstr_rele(vfsp->vfs_mntpt);
2912		vfsp->vfs_mntpt = NULL;
2913	}
2914	if (vfsp->vfs_resource != NULL) {
2915		refstr_rele(vfsp->vfs_resource);
2916		vfsp->vfs_resource = NULL;
2917	}
2918	/*
2919	 * Now free mount options information
2920	 */
2921	vfs_freeopttbl(&vfsp->vfs_mntopts);
2922}
2923
2924/*
2925 * Return the last mnttab modification time
2926 */
2927void
2928vfs_mnttab_modtime(timespec_t *ts)
2929{
2930	ASSERT(RW_LOCK_HELD(&vfslist));
2931	*ts = vfs_mnttab_mtime;
2932}
2933
2934/*
2935 * See if mnttab is changed
2936 */
2937void
2938vfs_mnttab_poll(timespec_t *old, struct pollhead **phpp)
2939{
2940	int changed;
2941
2942	*phpp = (struct pollhead *)NULL;
2943
2944	/*
2945	 * Note: don't grab vfs list lock before accessing vfs_mnttab_mtime.
2946	 * Can lead to deadlock against vfs_mnttab_modtimeupd(). It is safe
2947	 * to not grab the vfs list lock because tv_sec is monotonically
2948	 * increasing.
2949	 */
2950
2951	changed = (old->tv_nsec != vfs_mnttab_mtime.tv_nsec) ||
2952	    (old->tv_sec != vfs_mnttab_mtime.tv_sec);
2953	if (!changed) {
2954		*phpp = &vfs_pollhd;
2955	}
2956}
2957
2958/* Provide a unique and monotonically-increasing timestamp. */
2959void
2960vfs_mono_time(timespec_t *ts)
2961{
2962	static volatile hrtime_t hrt;		/* The saved time. */
2963	hrtime_t	newhrt, oldhrt;		/* For effecting the CAS. */
2964	timespec_t	newts;
2965
2966	/*
2967	 * Try gethrestime() first, but be prepared to fabricate a sensible
2968	 * answer at the first sign of any trouble.
2969	 */
2970	gethrestime(&newts);
2971	newhrt = ts2hrt(&newts);
2972	for (;;) {
2973		oldhrt = hrt;
2974		if (newhrt <= hrt)
2975			newhrt = hrt + 1;
2976		if (atomic_cas_64((uint64_t *)&hrt, oldhrt, newhrt) == oldhrt)
2977			break;
2978	}
2979	hrt2ts(newhrt, ts);
2980}
2981
2982/*
2983 * Update the mnttab modification time and wake up any waiters for
2984 * mnttab changes
2985 */
2986void
2987vfs_mnttab_modtimeupd()
2988{
2989	hrtime_t oldhrt, newhrt;
2990
2991	ASSERT(RW_WRITE_HELD(&vfslist));
2992	oldhrt = ts2hrt(&vfs_mnttab_mtime);
2993	gethrestime(&vfs_mnttab_mtime);
2994	newhrt = ts2hrt(&vfs_mnttab_mtime);
2995	if (oldhrt == (hrtime_t)0)
2996		vfs_mnttab_ctime = vfs_mnttab_mtime;
2997	/*
2998	 * Attempt to provide unique mtime (like uniqtime but not).
2999	 */
3000	if (newhrt == oldhrt) {
3001		newhrt++;
3002		hrt2ts(newhrt, &vfs_mnttab_mtime);
3003	}
3004	pollwakeup(&vfs_pollhd, (short)POLLRDBAND);
3005	vfs_mnttab_writeop();
3006}
3007
3008int
3009dounmount(struct vfs *vfsp, int flag, cred_t *cr)
3010{
3011	vnode_t *coveredvp;
3012	int error;
3013	extern void teardown_vopstats(vfs_t *);
3014
3015	/*
3016	 * Get covered vnode. This will be NULL if the vfs is not linked
3017	 * into the file system name space (i.e., domount() with MNT_NOSPICE).
3018	 */
3019	coveredvp = vfsp->vfs_vnodecovered;
3020	ASSERT(coveredvp == NULL || vn_vfswlock_held(coveredvp));
3021
3022	/*
3023	 * Purge all dnlc entries for this vfs.
3024	 */
3025	(void) dnlc_purge_vfsp(vfsp, 0);
3026
3027	/* For forcible umount, skip VFS_SYNC() since it may hang */
3028	if ((flag & MS_FORCE) == 0)
3029		(void) VFS_SYNC(vfsp, 0, cr);
3030
3031	/*
3032	 * Lock the vfs to maintain fs status quo during unmount.  This
3033	 * has to be done after the sync because ufs_update tries to acquire
3034	 * the vfs_reflock.
3035	 */
3036	vfs_lock_wait(vfsp);
3037
3038	if (error = VFS_UNMOUNT(vfsp, flag, cr)) {
3039		vfs_unlock(vfsp);
3040		if (coveredvp != NULL)
3041			vn_vfsunlock(coveredvp);
3042	} else if (coveredvp != NULL) {
3043		teardown_vopstats(vfsp);
3044		/*
3045		 * vfs_remove() will do a VN_RELE(vfsp->vfs_vnodecovered)
3046		 * when it frees vfsp so we do a VN_HOLD() so we can
3047		 * continue to use coveredvp afterwards.
3048		 */
3049		VN_HOLD(coveredvp);
3050		vfs_remove(vfsp);
3051		vn_vfsunlock(coveredvp);
3052		VN_RELE(coveredvp);
3053	} else {
3054		teardown_vopstats(vfsp);
3055		/*
3056		 * Release the reference to vfs that is not linked
3057		 * into the name space.
3058		 */
3059		vfs_unlock(vfsp);
3060		VFS_RELE(vfsp);
3061	}
3062	return (error);
3063}
3064
3065
3066/*
3067 * Vfs_unmountall() is called by uadmin() to unmount all
3068 * mounted file systems (except the root file system) during shutdown.
3069 * It follows the existing locking protocol when traversing the vfs list
3070 * to sync and unmount vfses. Even though there should be no
3071 * other thread running while the system is shutting down, it is prudent
3072 * to still follow the locking protocol.
3073 */
3074void
3075vfs_unmountall(void)
3076{
3077	struct vfs *vfsp;
3078	struct vfs *prev_vfsp = NULL;
3079	int error;
3080
3081	/*
3082	 * Toss all dnlc entries now so that the per-vfs sync
3083	 * and unmount operations don't have to slog through
3084	 * a bunch of uninteresting vnodes over and over again.
3085	 */
3086	dnlc_purge();
3087
3088	vfs_list_lock();
3089	for (vfsp = rootvfs->vfs_prev; vfsp != rootvfs; vfsp = prev_vfsp) {
3090		prev_vfsp = vfsp->vfs_prev;
3091
3092		if (vfs_lock(vfsp) != 0)
3093			continue;
3094		error = vn_vfswlock(vfsp->vfs_vnodecovered);
3095		vfs_unlock(vfsp);
3096		if (error)
3097			continue;
3098
3099		vfs_list_unlock();
3100
3101		(void) VFS_SYNC(vfsp, SYNC_CLOSE, CRED());
3102		(void) dounmount(vfsp, 0, CRED());
3103
3104		/*
3105		 * Since we dropped the vfslist lock above we must
3106		 * verify that next_vfsp still exists, else start over.
3107		 */
3108		vfs_list_lock();
3109		for (vfsp = rootvfs->vfs_prev;
3110		    vfsp != rootvfs; vfsp = vfsp->vfs_prev)
3111			if (vfsp == prev_vfsp)
3112				break;
3113		if (vfsp == rootvfs && prev_vfsp != rootvfs)
3114			prev_vfsp = rootvfs->vfs_prev;
3115	}
3116	vfs_list_unlock();
3117}
3118
3119/*
3120 * Called to add an entry to the end of the vfs mount in progress list
3121 */
3122void
3123vfs_addmip(dev_t dev, struct vfs *vfsp)
3124{
3125	struct ipmnt *mipp;
3126
3127	mipp = (struct ipmnt *)kmem_alloc(sizeof (struct ipmnt), KM_SLEEP);
3128	mipp->mip_next = NULL;
3129	mipp->mip_dev = dev;
3130	mipp->mip_vfsp = vfsp;
3131	mutex_enter(&vfs_miplist_mutex);
3132	if (vfs_miplist_end != NULL)
3133		vfs_miplist_end->mip_next = mipp;
3134	else
3135		vfs_miplist = mipp;
3136	vfs_miplist_end = mipp;
3137	mutex_exit(&vfs_miplist_mutex);
3138}
3139
3140/*
3141 * Called to remove an entry from the mount in progress list
3142 * Either because the mount completed or it failed.
3143 */
3144void
3145vfs_delmip(struct vfs *vfsp)
3146{
3147	struct ipmnt *mipp, *mipprev;
3148
3149	mutex_enter(&vfs_miplist_mutex);
3150	mipprev = NULL;
3151	for (mipp = vfs_miplist;
3152	    mipp && mipp->mip_vfsp != vfsp; mipp = mipp->mip_next) {
3153		mipprev = mipp;
3154	}
3155	if (mipp == NULL)
3156		return; /* shouldn't happen */
3157	if (mipp == vfs_miplist_end)
3158		vfs_miplist_end = mipprev;
3159	if (mipprev == NULL)
3160		vfs_miplist = mipp->mip_next;
3161	else
3162		mipprev->mip_next = mipp->mip_next;
3163	mutex_exit(&vfs_miplist_mutex);
3164	kmem_free(mipp, sizeof (struct ipmnt));
3165}
3166
3167/*
3168 * vfs_add is called by a specific filesystem's mount routine to add
3169 * the new vfs into the vfs list/hash and to cover the mounted-on vnode.
3170 * The vfs should already have been locked by the caller.
3171 *
3172 * coveredvp is NULL if this is the root.
3173 */
3174void
3175vfs_add(vnode_t *coveredvp, struct vfs *vfsp, int mflag)
3176{
3177	int newflag;
3178
3179	ASSERT(vfs_lock_held(vfsp));
3180	VFS_HOLD(vfsp);
3181	newflag = vfsp->vfs_flag;
3182	if (mflag & MS_RDONLY)
3183		newflag |= VFS_RDONLY;
3184	else
3185		newflag &= ~VFS_RDONLY;
3186	if (mflag & MS_NOSUID)
3187		newflag |= (VFS_NOSETUID|VFS_NODEVICES);
3188	else
3189		newflag &= ~(VFS_NOSETUID|VFS_NODEVICES);
3190	if (mflag & MS_NOMNTTAB)
3191		newflag |= VFS_NOMNTTAB;
3192	else
3193		newflag &= ~VFS_NOMNTTAB;
3194
3195	if (coveredvp != NULL) {
3196		ASSERT(vn_vfswlock_held(coveredvp));
3197		coveredvp->v_vfsmountedhere = vfsp;
3198		VN_HOLD(coveredvp);
3199	}
3200	vfsp->vfs_vnodecovered = coveredvp;
3201	vfsp->vfs_flag = newflag;
3202
3203	vfs_list_add(vfsp);
3204}
3205
3206/*
3207 * Remove a vfs from the vfs list, null out the pointer from the
3208 * covered vnode to the vfs (v_vfsmountedhere), and null out the pointer
3209 * from the vfs to the covered vnode (vfs_vnodecovered). Release the
3210 * reference to the vfs and to the covered vnode.
3211 *
3212 * Called from dounmount after it's confirmed with the file system
3213 * that the unmount is legal.
3214 */
3215void
3216vfs_remove(struct vfs *vfsp)
3217{
3218	vnode_t *vp;
3219
3220	ASSERT(vfs_lock_held(vfsp));
3221
3222	/*
3223	 * Can't unmount root.  Should never happen because fs will
3224	 * be busy.
3225	 */
3226	if (vfsp == rootvfs)
3227		panic("vfs_remove: unmounting root");
3228
3229	vfs_list_remove(vfsp);
3230
3231	/*
3232	 * Unhook from the file system name space.
3233	 */
3234	vp = vfsp->vfs_vnodecovered;
3235	ASSERT(vn_vfswlock_held(vp));
3236	vp->v_vfsmountedhere = NULL;
3237	vfsp->vfs_vnodecovered = NULL;
3238	VN_RELE(vp);
3239
3240	/*
3241	 * Release lock and wakeup anybody waiting.
3242	 */
3243	vfs_unlock(vfsp);
3244	VFS_RELE(vfsp);
3245}
3246
3247/*
3248 * Lock a filesystem to prevent access to it while mounting,
3249 * unmounting and syncing.  Return EBUSY immediately if lock
3250 * can't be acquired.
3251 */
3252int
3253vfs_lock(vfs_t *vfsp)
3254{
3255	vn_vfslocks_entry_t *vpvfsentry;
3256
3257	vpvfsentry = vn_vfslocks_getlock(vfsp);
3258	if (rwst_tryenter(&vpvfsentry->ve_lock, RW_WRITER))
3259		return (0);
3260
3261	vn_vfslocks_rele(vpvfsentry);
3262	return (EBUSY);
3263}
3264
3265int
3266vfs_rlock(vfs_t *vfsp)
3267{
3268	vn_vfslocks_entry_t *vpvfsentry;
3269
3270	vpvfsentry = vn_vfslocks_getlock(vfsp);
3271
3272	if (rwst_tryenter(&vpvfsentry->ve_lock, RW_READER))
3273		return (0);
3274
3275	vn_vfslocks_rele(vpvfsentry);
3276	return (EBUSY);
3277}
3278
3279void
3280vfs_lock_wait(vfs_t *vfsp)
3281{
3282	vn_vfslocks_entry_t *vpvfsentry;
3283
3284	vpvfsentry = vn_vfslocks_getlock(vfsp);
3285	rwst_enter(&vpvfsentry->ve_lock, RW_WRITER);
3286}
3287
3288void
3289vfs_rlock_wait(vfs_t *vfsp)
3290{
3291	vn_vfslocks_entry_t *vpvfsentry;
3292
3293	vpvfsentry = vn_vfslocks_getlock(vfsp);
3294	rwst_enter(&vpvfsentry->ve_lock, RW_READER);
3295}
3296
3297/*
3298 * Unlock a locked filesystem.
3299 */
3300void
3301vfs_unlock(vfs_t *vfsp)
3302{
3303	vn_vfslocks_entry_t *vpvfsentry;
3304
3305	/*
3306	 * vfs_unlock will mimic sema_v behaviour to fix 4748018.
3307	 * And these changes should remain for the patch changes as it is.
3308	 */
3309	if (panicstr)
3310		return;
3311
3312	/*
3313	 * ve_refcount needs to be dropped twice here.
3314	 * 1. To release refernce after a call to vfs_locks_getlock()
3315	 * 2. To release the reference from the locking routines like
3316	 *    vfs_rlock_wait/vfs_wlock_wait/vfs_wlock etc,.
3317	 */
3318
3319	vpvfsentry = vn_vfslocks_getlock(vfsp);
3320	vn_vfslocks_rele(vpvfsentry);
3321
3322	rwst_exit(&vpvfsentry->ve_lock);
3323	vn_vfslocks_rele(vpvfsentry);
3324}
3325
3326/*
3327 * Utility routine that allows a filesystem to construct its
3328 * fsid in "the usual way" - by munging some underlying dev_t and
3329 * the filesystem type number into the 64-bit fsid.  Note that
3330 * this implicitly relies on dev_t persistence to make filesystem
3331 * id's persistent.
3332 *
3333 * There's nothing to prevent an individual fs from constructing its
3334 * fsid in a different way, and indeed they should.
3335 *
3336 * Since we want fsids to be 32-bit quantities (so that they can be
3337 * exported identically by either 32-bit or 64-bit APIs, as well as
3338 * the fact that fsid's are "known" to NFS), we compress the device
3339 * number given down to 32-bits, and panic if that isn't possible.
3340 */
3341void
3342vfs_make_fsid(fsid_t *fsi, dev_t dev, int val)
3343{
3344	if (!cmpldev((dev32_t *)&fsi->val[0], dev))
3345		panic("device number too big for fsid!");
3346	fsi->val[1] = val;
3347}
3348
3349int
3350vfs_lock_held(vfs_t *vfsp)
3351{
3352	int held;
3353	vn_vfslocks_entry_t *vpvfsentry;
3354
3355	/*
3356	 * vfs_lock_held will mimic sema_held behaviour
3357	 * if panicstr is set. And these changes should remain
3358	 * for the patch changes as it is.
3359	 */
3360	if (panicstr)
3361		return (1);
3362
3363	vpvfsentry = vn_vfslocks_getlock(vfsp);
3364	held = rwst_lock_held(&vpvfsentry->ve_lock, RW_WRITER);
3365
3366	vn_vfslocks_rele(vpvfsentry);
3367	return (held);
3368}
3369
3370struct _kthread *
3371vfs_lock_owner(vfs_t *vfsp)
3372{
3373	struct _kthread *owner;
3374	vn_vfslocks_entry_t *vpvfsentry;
3375
3376	/*
3377	 * vfs_wlock_held will mimic sema_held behaviour
3378	 * if panicstr is set. And these changes should remain
3379	 * for the patch changes as it is.
3380	 */
3381	if (panicstr)
3382		return (NULL);
3383
3384	vpvfsentry = vn_vfslocks_getlock(vfsp);
3385	owner = rwst_owner(&vpvfsentry->ve_lock);
3386
3387	vn_vfslocks_rele(vpvfsentry);
3388	return (owner);
3389}
3390
3391/*
3392 * vfs list locking.
3393 *
3394 * Rather than manipulate the vfslist lock directly, we abstract into lock
3395 * and unlock routines to allow the locking implementation to be changed for
3396 * clustering.
3397 *
3398 * Whenever the vfs list is modified through its hash links, the overall list
3399 * lock must be obtained before locking the relevant hash bucket.  But to see
3400 * whether a given vfs is on the list, it suffices to obtain the lock for the
3401 * hash bucket without getting the overall list lock.  (See getvfs() below.)
3402 */
3403
3404void
3405vfs_list_lock()
3406{
3407	rw_enter(&vfslist, RW_WRITER);
3408}
3409
3410void
3411vfs_list_read_lock()
3412{
3413	rw_enter(&vfslist, RW_READER);
3414}
3415
3416void
3417vfs_list_unlock()
3418{
3419	rw_exit(&vfslist);
3420}
3421
3422/*
3423 * Low level worker routines for adding entries to and removing entries from
3424 * the vfs list.
3425 */
3426
3427static void
3428vfs_hash_add(struct vfs *vfsp, int insert_at_head)
3429{
3430	int vhno;
3431	struct vfs **hp;
3432	dev_t dev;
3433
3434	ASSERT(RW_WRITE_HELD(&vfslist));
3435
3436	dev = expldev(vfsp->vfs_fsid.val[0]);
3437	vhno = VFSHASH(getmajor(dev), getminor(dev));
3438
3439	mutex_enter(&rvfs_list[vhno].rvfs_lock);
3440
3441	/*
3442	 * Link into the hash table, inserting it at the end, so that LOFS
3443	 * with the same fsid as UFS (or other) file systems will not hide the
3444	 * UFS.
3445	 */
3446	if (insert_at_head) {
3447		vfsp->vfs_hash = rvfs_list[vhno].rvfs_head;
3448		rvfs_list[vhno].rvfs_head = vfsp;
3449	} else {
3450		for (hp = &rvfs_list[vhno].rvfs_head; *hp != NULL;
3451		    hp = &(*hp)->vfs_hash)
3452			continue;
3453		/*
3454		 * hp now contains the address of the pointer to update
3455		 * to effect the insertion.
3456		 */
3457		vfsp->vfs_hash = NULL;
3458		*hp = vfsp;
3459	}
3460
3461	rvfs_list[vhno].rvfs_len++;
3462	mutex_exit(&rvfs_list[vhno].rvfs_lock);
3463}
3464
3465
3466static void
3467vfs_hash_remove(struct vfs *vfsp)
3468{
3469	int vhno;
3470	struct vfs *tvfsp;
3471	dev_t dev;
3472
3473	ASSERT(RW_WRITE_HELD(&vfslist));
3474
3475	dev = expldev(vfsp->vfs_fsid.val[0]);
3476	vhno = VFSHASH(getmajor(dev), getminor(dev));
3477
3478	mutex_enter(&rvfs_list[vhno].rvfs_lock);
3479
3480	/*
3481	 * Remove from hash.
3482	 */
3483	if (rvfs_list[vhno].rvfs_head == vfsp) {
3484		rvfs_list[vhno].rvfs_head = vfsp->vfs_hash;
3485		rvfs_list[vhno].rvfs_len--;
3486		goto foundit;
3487	}
3488	for (tvfsp = rvfs_list[vhno].rvfs_head; tvfsp != NULL;
3489	    tvfsp = tvfsp->vfs_hash) {
3490		if (tvfsp->vfs_hash == vfsp) {
3491			tvfsp->vfs_hash = vfsp->vfs_hash;
3492			rvfs_list[vhno].rvfs_len--;
3493			goto foundit;
3494		}
3495	}
3496	cmn_err(CE_WARN, "vfs_list_remove: vfs not found in hash");
3497
3498foundit:
3499
3500	mutex_exit(&rvfs_list[vhno].rvfs_lock);
3501}
3502
3503
3504void
3505vfs_list_add(struct vfs *vfsp)
3506{
3507	zone_t *zone;
3508
3509	/*
3510	 * Typically, the vfs_t will have been created on behalf of the file
3511	 * system in vfs_init, where it will have been provided with a
3512	 * vfs_impl_t. This, however, might be lacking if the vfs_t was created
3513	 * by an unbundled file system. We therefore check for such an example
3514	 * before stamping the vfs_t with its creation time for the benefit of
3515	 * mntfs.
3516	 */
3517	if (vfsp->vfs_implp == NULL)
3518		vfsimpl_setup(vfsp);
3519	vfs_mono_time(&vfsp->vfs_hrctime);
3520
3521	/*
3522	 * The zone that owns the mount is the one that performed the mount.
3523	 * Note that this isn't necessarily the same as the zone mounted into.
3524	 * The corresponding zone_rele_ref() will be done when the vfs_t
3525	 * is being free'd.
3526	 */
3527	vfsp->vfs_zone = curproc->p_zone;
3528	zone_init_ref(&vfsp->vfs_implp->vi_zone_ref);
3529	zone_hold_ref(vfsp->vfs_zone, &vfsp->vfs_implp->vi_zone_ref,
3530	    ZONE_REF_VFS);
3531
3532	/*
3533	 * Find the zone mounted into, and put this mount on its vfs list.
3534	 */
3535	zone = zone_find_by_path(refstr_value(vfsp->vfs_mntpt));
3536	ASSERT(zone != NULL);
3537	/*
3538	 * Special casing for the root vfs.  This structure is allocated
3539	 * statically and hooked onto rootvfs at link time.  During the
3540	 * vfs_mountroot call at system startup time, the root file system's
3541	 * VFS_MOUNTROOT routine will call vfs_add with this root vfs struct
3542	 * as argument.  The code below must detect and handle this special
3543	 * case.  The only apparent justification for this special casing is
3544	 * to ensure that the root file system appears at the head of the
3545	 * list.
3546	 *
3547	 * XXX:	I'm assuming that it's ok to do normal list locking when
3548	 *	adding the entry for the root file system (this used to be
3549	 *	done with no locks held).
3550	 */
3551	vfs_list_lock();
3552	/*
3553	 * Link into the vfs list proper.
3554	 */
3555	if (vfsp == &root) {
3556		/*
3557		 * Assert: This vfs is already on the list as its first entry.
3558		 * Thus, there's nothing to do.
3559		 */
3560		ASSERT(rootvfs == vfsp);
3561		/*
3562		 * Add it to the head of the global zone's vfslist.
3563		 */
3564		ASSERT(zone == global_zone);
3565		ASSERT(zone->zone_vfslist == NULL);
3566		zone->zone_vfslist = vfsp;
3567	} else {
3568		/*
3569		 * Link to end of list using vfs_prev (as rootvfs is now a
3570		 * doubly linked circular list) so list is in mount order for
3571		 * mnttab use.
3572		 */
3573		rootvfs->vfs_prev->vfs_next = vfsp;
3574		vfsp->vfs_prev = rootvfs->vfs_prev;
3575		rootvfs->vfs_prev = vfsp;
3576		vfsp->vfs_next = rootvfs;
3577
3578		/*
3579		 * Do it again for the zone-private list (which may be NULL).
3580		 */
3581		if (zone->zone_vfslist == NULL) {
3582			ASSERT(zone != global_zone);
3583			zone->zone_vfslist = vfsp;
3584		} else {
3585			zone->zone_vfslist->vfs_zone_prev->vfs_zone_next = vfsp;
3586			vfsp->vfs_zone_prev = zone->zone_vfslist->vfs_zone_prev;
3587			zone->zone_vfslist->vfs_zone_prev = vfsp;
3588			vfsp->vfs_zone_next = zone->zone_vfslist;
3589		}
3590	}
3591
3592	/*
3593	 * Link into the hash table, inserting it at the end, so that LOFS
3594	 * with the same fsid as UFS (or other) file systems will not hide
3595	 * the UFS.
3596	 */
3597	vfs_hash_add(vfsp, 0);
3598
3599	/*
3600	 * update the mnttab modification time
3601	 */
3602	vfs_mnttab_modtimeupd();
3603	vfs_list_unlock();
3604	zone_rele(zone);
3605}
3606
3607void
3608vfs_list_remove(struct vfs *vfsp)
3609{
3610	zone_t *zone;
3611
3612	zone = zone_find_by_path(refstr_value(vfsp->vfs_mntpt));
3613	ASSERT(zone != NULL);
3614	/*
3615	 * Callers are responsible for preventing attempts to unmount the
3616	 * root.
3617	 */
3618	ASSERT(vfsp != rootvfs);
3619
3620	vfs_list_lock();
3621
3622	/*
3623	 * Remove from hash.
3624	 */
3625	vfs_hash_remove(vfsp);
3626
3627	/*
3628	 * Remove from vfs list.
3629	 */
3630	vfsp->vfs_prev->vfs_next = vfsp->vfs_next;
3631	vfsp->vfs_next->vfs_prev = vfsp->vfs_prev;
3632	vfsp->vfs_next = vfsp->vfs_prev = NULL;
3633
3634	/*
3635	 * Remove from zone-specific vfs list.
3636	 */
3637	if (zone->zone_vfslist == vfsp)
3638		zone->zone_vfslist = vfsp->vfs_zone_next;
3639
3640	if (vfsp->vfs_zone_next == vfsp) {
3641		ASSERT(vfsp->vfs_zone_prev == vfsp);
3642		ASSERT(zone->zone_vfslist == vfsp);
3643		zone->zone_vfslist = NULL;
3644	}
3645
3646	vfsp->vfs_zone_prev->vfs_zone_next = vfsp->vfs_zone_next;
3647	vfsp->vfs_zone_next->vfs_zone_prev = vfsp->vfs_zone_prev;
3648	vfsp->vfs_zone_next = vfsp->vfs_zone_prev = NULL;
3649
3650	/*
3651	 * update the mnttab modification time
3652	 */
3653	vfs_mnttab_modtimeupd();
3654	vfs_list_unlock();
3655	zone_rele(zone);
3656}
3657
3658struct vfs *
3659getvfs(fsid_t *fsid)
3660{
3661	struct vfs *vfsp;
3662	int val0 = fsid->val[0];
3663	int val1 = fsid->val[1];
3664	dev_t dev = expldev(val0);
3665	int vhno = VFSHASH(getmajor(dev), getminor(dev));
3666	kmutex_t *hmp = &rvfs_list[vhno].rvfs_lock;
3667
3668	mutex_enter(hmp);
3669	for (vfsp = rvfs_list[vhno].rvfs_head; vfsp; vfsp = vfsp->vfs_hash) {
3670		if (vfsp->vfs_fsid.val[0] == val0 &&
3671		    vfsp->vfs_fsid.val[1] == val1) {
3672			VFS_HOLD(vfsp);
3673			mutex_exit(hmp);
3674			return (vfsp);
3675		}
3676	}
3677	mutex_exit(hmp);
3678	return (NULL);
3679}
3680
3681/*
3682 * Search the vfs mount in progress list for a specified device/vfs entry.
3683 * Returns 0 if the first entry in the list that the device matches has the
3684 * given vfs pointer as well.  If the device matches but a different vfs
3685 * pointer is encountered in the list before the given vfs pointer then
3686 * a 1 is returned.
3687 */
3688
3689int
3690vfs_devmounting(dev_t dev, struct vfs *vfsp)
3691{
3692	int retval = 0;
3693	struct ipmnt *mipp;
3694
3695	mutex_enter(&vfs_miplist_mutex);
3696	for (mipp = vfs_miplist; mipp != NULL; mipp = mipp->mip_next) {
3697		if (mipp->mip_dev == dev) {
3698			if (mipp->mip_vfsp != vfsp)
3699				retval = 1;
3700			break;
3701		}
3702	}
3703	mutex_exit(&vfs_miplist_mutex);
3704	return (retval);
3705}
3706
3707/*
3708 * Search the vfs list for a specified device.  Returns 1, if entry is found
3709 * or 0 if no suitable entry is found.
3710 */
3711
3712int
3713vfs_devismounted(dev_t dev)
3714{
3715	struct vfs *vfsp;
3716	int found;
3717
3718	vfs_list_read_lock();
3719	vfsp = rootvfs;
3720	found = 0;
3721	do {
3722		if (vfsp->vfs_dev == dev) {
3723			found = 1;
3724			break;
3725		}
3726		vfsp = vfsp->vfs_next;
3727	} while (vfsp != rootvfs);
3728
3729	vfs_list_unlock();
3730	return (found);
3731}
3732
3733/*
3734 * Search the vfs list for a specified device.  Returns a pointer to it
3735 * or NULL if no suitable entry is found. The caller of this routine
3736 * is responsible for releasing the returned vfs pointer.
3737 */
3738struct vfs *
3739vfs_dev2vfsp(dev_t dev)
3740{
3741	struct vfs *vfsp;
3742	int found;
3743
3744	vfs_list_read_lock();
3745	vfsp = rootvfs;
3746	found = 0;
3747	do {
3748		/*
3749		 * The following could be made more efficient by making
3750		 * the entire loop use vfs_zone_next if the call is from
3751		 * a zone.  The only callers, however, ustat(2) and
3752		 * umount2(2), don't seem to justify the added
3753		 * complexity at present.
3754		 */
3755		if (vfsp->vfs_dev == dev &&
3756		    ZONE_PATH_VISIBLE(refstr_value(vfsp->vfs_mntpt),
3757		    curproc->p_zone)) {
3758			VFS_HOLD(vfsp);
3759			found = 1;
3760			break;
3761		}
3762		vfsp = vfsp->vfs_next;
3763	} while (vfsp != rootvfs);
3764	vfs_list_unlock();
3765	return (found ? vfsp: NULL);
3766}
3767
3768/*
3769 * Search the vfs list for a specified mntpoint.  Returns a pointer to it
3770 * or NULL if no suitable entry is found. The caller of this routine
3771 * is responsible for releasing the returned vfs pointer.
3772 *
3773 * Note that if multiple mntpoints match, the last one matching is
3774 * returned in an attempt to return the "top" mount when overlay
3775 * mounts are covering the same mount point.  This is accomplished by starting
3776 * at the end of the list and working our way backwards, stopping at the first
3777 * matching mount.
3778 */
3779struct vfs *
3780vfs_mntpoint2vfsp(const char *mp)
3781{
3782	struct vfs *vfsp;
3783	struct vfs *retvfsp = NULL;
3784	zone_t *zone = curproc->p_zone;
3785	struct vfs *list;
3786
3787	vfs_list_read_lock();
3788	if (getzoneid() == GLOBAL_ZONEID) {
3789		/*
3790		 * The global zone may see filesystems in any zone.
3791		 */
3792		vfsp = rootvfs->vfs_prev;
3793		do {
3794			if (strcmp(refstr_value(vfsp->vfs_mntpt), mp) == 0) {
3795				retvfsp = vfsp;
3796				break;
3797			}
3798			vfsp = vfsp->vfs_prev;
3799		} while (vfsp != rootvfs->vfs_prev);
3800	} else if ((list = zone->zone_vfslist) != NULL) {
3801		const char *mntpt;
3802
3803		vfsp = list->vfs_zone_prev;
3804		do {
3805			mntpt = refstr_value(vfsp->vfs_mntpt);
3806			mntpt = ZONE_PATH_TRANSLATE(mntpt, zone);
3807			if (strcmp(mntpt, mp) == 0) {
3808				retvfsp = vfsp;
3809				break;
3810			}
3811			vfsp = vfsp->vfs_zone_prev;
3812		} while (vfsp != list->vfs_zone_prev);
3813	}
3814	if (retvfsp)
3815		VFS_HOLD(retvfsp);
3816	vfs_list_unlock();
3817	return (retvfsp);
3818}
3819
3820/*
3821 * Search the vfs list for a specified vfsops.
3822 * if vfs entry is found then return 1, else 0.
3823 */
3824int
3825vfs_opsinuse(vfsops_t *ops)
3826{
3827	struct vfs *vfsp;
3828	int found;
3829
3830	vfs_list_read_lock();
3831	vfsp = rootvfs;
3832	found = 0;
3833	do {
3834		if (vfs_getops(vfsp) == ops) {
3835			found = 1;
3836			break;
3837		}
3838		vfsp = vfsp->vfs_next;
3839	} while (vfsp != rootvfs);
3840	vfs_list_unlock();
3841	return (found);
3842}
3843
3844/*
3845 * Allocate an entry in vfssw for a file system type
3846 */
3847struct vfssw *
3848allocate_vfssw(const char *type)
3849{
3850	struct vfssw *vswp;
3851
3852	if (type[0] == '\0' || strlen(type) + 1 > _ST_FSTYPSZ) {
3853		/*
3854		 * The vfssw table uses the empty string to identify an
3855		 * available entry; we cannot add any type which has
3856		 * a leading NUL. The string length is limited to
3857		 * the size of the st_fstype array in struct stat.
3858		 */
3859		return (NULL);
3860	}
3861
3862	ASSERT(VFSSW_WRITE_LOCKED());
3863	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++)
3864		if (!ALLOCATED_VFSSW(vswp)) {
3865			vswp->vsw_name = kmem_alloc(strlen(type) + 1, KM_SLEEP);
3866			(void) strcpy(vswp->vsw_name, type);
3867			ASSERT(vswp->vsw_count == 0);
3868			vswp->vsw_count = 1;
3869			mutex_init(&vswp->vsw_lock, NULL, MUTEX_DEFAULT, NULL);
3870			return (vswp);
3871		}
3872	return (NULL);
3873}
3874
3875/*
3876 * Impose additional layer of translation between vfstype names
3877 * and module names in the filesystem.
3878 */
3879static const char *
3880vfs_to_modname(const char *vfstype)
3881{
3882	if (strcmp(vfstype, "proc") == 0) {
3883		vfstype = "procfs";
3884	} else if (strcmp(vfstype, "fd") == 0) {
3885		vfstype = "fdfs";
3886	} else if (strncmp(vfstype, "nfs", 3) == 0) {
3887		vfstype = "nfs";
3888	}
3889
3890	return (vfstype);
3891}
3892
3893/*
3894 * Find a vfssw entry given a file system type name.
3895 * Try to autoload the filesystem if it's not found.
3896 * If it's installed, return the vfssw locked to prevent unloading.
3897 */
3898struct vfssw *
3899vfs_getvfssw(const char *type)
3900{
3901	struct vfssw *vswp;
3902	const char *modname;
3903
3904	RLOCK_VFSSW();
3905	vswp = vfs_getvfsswbyname(type);
3906	modname = vfs_to_modname(type);
3907
3908	if (rootdir == NULL) {
3909		/*
3910		 * If we haven't yet loaded the root file system, then our
3911		 * _init won't be called until later. Allocate vfssw entry,
3912		 * because mod_installfs won't be called.
3913		 */
3914		if (vswp == NULL) {
3915			RUNLOCK_VFSSW();
3916			WLOCK_VFSSW();
3917			if ((vswp = vfs_getvfsswbyname(type)) == NULL) {
3918				if ((vswp = allocate_vfssw(type)) == NULL) {
3919					WUNLOCK_VFSSW();
3920					return (NULL);
3921				}
3922			}
3923			WUNLOCK_VFSSW();
3924			RLOCK_VFSSW();
3925		}
3926		if (!VFS_INSTALLED(vswp)) {
3927			RUNLOCK_VFSSW();
3928			(void) modloadonly("fs", modname);
3929		} else
3930			RUNLOCK_VFSSW();
3931		return (vswp);
3932	}
3933
3934	/*
3935	 * Try to load the filesystem.  Before calling modload(), we drop
3936	 * our lock on the VFS switch table, and pick it up after the
3937	 * module is loaded.  However, there is a potential race:  the
3938	 * module could be unloaded after the call to modload() completes
3939	 * but before we pick up the lock and drive on.  Therefore,
3940	 * we keep reloading the module until we've loaded the module
3941	 * _and_ we have the lock on the VFS switch table.
3942	 */
3943	while (vswp == NULL || !VFS_INSTALLED(vswp)) {
3944		RUNLOCK_VFSSW();
3945		if (modload("fs", modname) == -1)
3946			return (NULL);
3947		RLOCK_VFSSW();
3948		if (vswp == NULL)
3949			if ((vswp = vfs_getvfsswbyname(type)) == NULL)
3950				break;
3951	}
3952	RUNLOCK_VFSSW();
3953
3954	return (vswp);
3955}
3956
3957/*
3958 * Find a vfssw entry given a file system type name.
3959 */
3960struct vfssw *
3961vfs_getvfsswbyname(const char *type)
3962{
3963	struct vfssw *vswp;
3964
3965	ASSERT(VFSSW_LOCKED());
3966	if (type == NULL || *type == '\0')
3967		return (NULL);
3968
3969	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++) {
3970		if (strcmp(type, vswp->vsw_name) == 0) {
3971			vfs_refvfssw(vswp);
3972			return (vswp);
3973		}
3974	}
3975
3976	return (NULL);
3977}
3978
3979/*
3980 * Find a vfssw entry given a set of vfsops.
3981 */
3982struct vfssw *
3983vfs_getvfsswbyvfsops(vfsops_t *vfsops)
3984{
3985	struct vfssw *vswp;
3986
3987	RLOCK_VFSSW();
3988	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++) {
3989		if (ALLOCATED_VFSSW(vswp) && &vswp->vsw_vfsops == vfsops) {
3990			vfs_refvfssw(vswp);
3991			RUNLOCK_VFSSW();
3992			return (vswp);
3993		}
3994	}
3995	RUNLOCK_VFSSW();
3996
3997	return (NULL);
3998}
3999
4000/*
4001 * Reference a vfssw entry.
4002 */
4003void
4004vfs_refvfssw(struct vfssw *vswp)
4005{
4006
4007	mutex_enter(&vswp->vsw_lock);
4008	vswp->vsw_count++;
4009	mutex_exit(&vswp->vsw_lock);
4010}
4011
4012/*
4013 * Unreference a vfssw entry.
4014 */
4015void
4016vfs_unrefvfssw(struct vfssw *vswp)
4017{
4018
4019	mutex_enter(&vswp->vsw_lock);
4020	vswp->vsw_count--;
4021	mutex_exit(&vswp->vsw_lock);
4022}
4023
4024static int sync_retries = 20;	/* number of retries when not making progress */
4025static int sync_triesleft;	/* portion of sync_retries remaining */
4026
4027static pgcnt_t old_pgcnt, new_pgcnt;
4028static int new_bufcnt, old_bufcnt;
4029
4030/*
4031 * Sync all of the mounted filesystems, and then wait for the actual i/o to
4032 * complete.  We wait by counting the number of dirty pages and buffers,
4033 * pushing them out using bio_busy() and page_busy(), and then counting again.
4034 * This routine is used during the uadmin A_SHUTDOWN code.  It should only
4035 * be used after some higher-level mechanism has quiesced the system so that
4036 * new writes are not being initiated while we are waiting for completion.
4037 *
4038 * To ensure finite running time, our algorithm uses sync_triesleft (a progress
4039 * counter used by the vfs_syncall() loop below). It is declared above so
4040 * it can be found easily in the debugger.
4041 *
4042 * The sync_triesleft counter is updated by vfs_syncall() itself.  If we make
4043 * sync_retries consecutive calls to bio_busy() and page_busy() without
4044 * decreasing either the number of dirty buffers or dirty pages below the
4045 * lowest count we have seen so far, we give up and return from vfs_syncall().
4046 *
4047 * Each loop iteration ends with a call to delay() one second to allow time for
4048 * i/o completion and to permit the user time to read our progress messages.
4049 */
4050void
4051vfs_syncall(void)
4052{
4053	if (rootdir == NULL && !modrootloaded)
4054		return; /* no filesystems have been loaded yet */
4055
4056	printf("syncing file systems...");
4057	sync();
4058
4059	sync_triesleft = sync_retries;
4060
4061	old_bufcnt = new_bufcnt = INT_MAX;
4062	old_pgcnt = new_pgcnt = ULONG_MAX;
4063
4064	while (sync_triesleft > 0) {
4065		old_bufcnt = MIN(old_bufcnt, new_bufcnt);
4066		old_pgcnt = MIN(old_pgcnt, new_pgcnt);
4067
4068		new_bufcnt = bio_busy(B_TRUE);
4069		new_pgcnt = page_busy(B_TRUE);
4070
4071		if (new_bufcnt == 0 && new_pgcnt == 0)
4072			break;
4073
4074		if (new_bufcnt < old_bufcnt || new_pgcnt < old_pgcnt)
4075			sync_triesleft = sync_retries;
4076		else
4077			sync_triesleft--;
4078
4079		if (new_bufcnt)
4080			printf(" [%d]", new_bufcnt);
4081		if (new_pgcnt)
4082			printf(" %lu", new_pgcnt);
4083
4084		delay(hz);
4085	}
4086
4087	if (new_bufcnt != 0 || new_pgcnt != 0)
4088		printf(" done (not all i/o completed)\n");
4089	else
4090		printf(" done\n");
4091
4092	delay(hz);
4093}
4094
4095/*
4096 * Map VFS flags to statvfs flags.  These shouldn't really be separate
4097 * flags at all.
4098 */
4099uint_t
4100vf_to_stf(uint_t vf)
4101{
4102	uint_t stf = 0;
4103
4104	if (vf & VFS_RDONLY)
4105		stf |= ST_RDONLY;
4106	if (vf & VFS_NOSETUID)
4107		stf |= ST_NOSUID;
4108	if (vf & VFS_NOTRUNC)
4109		stf |= ST_NOTRUNC;
4110
4111	return (stf);
4112}
4113
4114/*
4115 * Entries for (illegal) fstype 0.
4116 */
4117/* ARGSUSED */
4118int
4119vfsstray_sync(struct vfs *vfsp, short arg, struct cred *cr)
4120{
4121	cmn_err(CE_PANIC, "stray vfs operation");
4122	return (0);
4123}
4124
4125/*
4126 * Entries for (illegal) fstype 0.
4127 */
4128int
4129vfsstray(void)
4130{
4131	cmn_err(CE_PANIC, "stray vfs operation");
4132	return (0);
4133}
4134
4135/*
4136 * Support for dealing with forced UFS unmount and its interaction with
4137 * LOFS. Could be used by any filesystem.
4138 * See bug 1203132.
4139 */
4140int
4141vfs_EIO(void)
4142{
4143	return (EIO);
4144}
4145
4146/*
4147 * We've gotta define the op for sync separately, since the compiler gets
4148 * confused if we mix and match ANSI and normal style prototypes when
4149 * a "short" argument is present and spits out a warning.
4150 */
4151/*ARGSUSED*/
4152int
4153vfs_EIO_sync(struct vfs *vfsp, short arg, struct cred *cr)
4154{
4155	return (EIO);
4156}
4157
4158vfs_t EIO_vfs;
4159vfsops_t *EIO_vfsops;
4160
4161/*
4162 * Called from startup() to initialize all loaded vfs's
4163 */
4164void
4165vfsinit(void)
4166{
4167	struct vfssw *vswp;
4168	int error;
4169	extern int vopstats_enabled;
4170	extern void vopstats_startup();
4171
4172	static const fs_operation_def_t EIO_vfsops_template[] = {
4173		VFSNAME_MOUNT,		{ .error = vfs_EIO },
4174		VFSNAME_UNMOUNT,	{ .error = vfs_EIO },
4175		VFSNAME_ROOT,		{ .error = vfs_EIO },
4176		VFSNAME_STATVFS,	{ .error = vfs_EIO },
4177		VFSNAME_SYNC,		{ .vfs_sync = vfs_EIO_sync },
4178		VFSNAME_VGET,		{ .error = vfs_EIO },
4179		VFSNAME_MOUNTROOT,	{ .error = vfs_EIO },
4180		VFSNAME_FREEVFS,	{ .error = vfs_EIO },
4181		VFSNAME_VNSTATE,	{ .error = vfs_EIO },
4182		NULL, NULL
4183	};
4184
4185	static const fs_operation_def_t stray_vfsops_template[] = {
4186		VFSNAME_MOUNT,		{ .error = vfsstray },
4187		VFSNAME_UNMOUNT,	{ .error = vfsstray },
4188		VFSNAME_ROOT,		{ .error = vfsstray },
4189		VFSNAME_STATVFS,	{ .error = vfsstray },
4190		VFSNAME_SYNC,		{ .vfs_sync = vfsstray_sync },
4191		VFSNAME_VGET,		{ .error = vfsstray },
4192		VFSNAME_MOUNTROOT,	{ .error = vfsstray },
4193		VFSNAME_FREEVFS,	{ .error = vfsstray },
4194		VFSNAME_VNSTATE,	{ .error = vfsstray },
4195		NULL, NULL
4196	};
4197
4198	/* Create vfs cache */
4199	vfs_cache = kmem_cache_create("vfs_cache", sizeof (struct vfs),
4200	    sizeof (uintptr_t), NULL, NULL, NULL, NULL, NULL, 0);
4201
4202	/* Initialize the vnode cache (file systems may use it during init). */
4203	vn_create_cache();
4204
4205	/* Setup event monitor framework */
4206	fem_init();
4207
4208	/* Initialize the dummy stray file system type. */
4209	error = vfs_setfsops(0, stray_vfsops_template, NULL);
4210
4211	/* Initialize the dummy EIO file system. */
4212	error = vfs_makefsops(EIO_vfsops_template, &EIO_vfsops);
4213	if (error != 0) {
4214		cmn_err(CE_WARN, "vfsinit: bad EIO vfs ops template");
4215		/* Shouldn't happen, but not bad enough to panic */
4216	}
4217
4218	VFS_INIT(&EIO_vfs, EIO_vfsops, (caddr_t)NULL);
4219
4220	/*
4221	 * Default EIO_vfs.vfs_flag to VFS_UNMOUNTED so a lookup
4222	 * on this vfs can immediately notice it's invalid.
4223	 */
4224	EIO_vfs.vfs_flag |= VFS_UNMOUNTED;
4225
4226	/*
4227	 * Call the init routines of non-loadable filesystems only.
4228	 * Filesystems which are loaded as separate modules will be
4229	 * initialized by the module loading code instead.
4230	 */
4231
4232	for (vswp = &vfssw[1]; vswp < &vfssw[nfstype]; vswp++) {
4233		RLOCK_VFSSW();
4234		if (vswp->vsw_init != NULL)
4235			(void) (*vswp->vsw_init)(vswp - vfssw, vswp->vsw_name);
4236		RUNLOCK_VFSSW();
4237	}
4238
4239	vopstats_startup();
4240
4241	if (vopstats_enabled) {
4242		/* EIO_vfs can collect stats, but we don't retrieve them */
4243		initialize_vopstats(&EIO_vfs.vfs_vopstats);
4244		EIO_vfs.vfs_fstypevsp = NULL;
4245		EIO_vfs.vfs_vskap = NULL;
4246		EIO_vfs.vfs_flag |= VFS_STATS;
4247	}
4248
4249	xattr_init();
4250
4251	reparse_point_init();
4252}
4253
4254vfs_t *
4255vfs_alloc(int kmflag)
4256{
4257	vfs_t *vfsp;
4258
4259	vfsp = kmem_cache_alloc(vfs_cache, kmflag);
4260
4261	/*
4262	 * Do the simplest initialization here.
4263	 * Everything else gets done in vfs_init()
4264	 */
4265	bzero(vfsp, sizeof (vfs_t));
4266	return (vfsp);
4267}
4268
4269void
4270vfs_free(vfs_t *vfsp)
4271{
4272	/*
4273	 * One would be tempted to assert that "vfsp->vfs_count == 0".
4274	 * The problem is that this gets called out of domount() with
4275	 * a partially initialized vfs and a vfs_count of 1.  This is
4276	 * also called from vfs_rele() with a vfs_count of 0.  We can't
4277	 * call VFS_RELE() from domount() if VFS_MOUNT() hasn't successfully
4278	 * returned.  This is because VFS_MOUNT() fully initializes the
4279	 * vfs structure and its associated data.  VFS_RELE() will call
4280	 * VFS_FREEVFS() which may panic the system if the data structures
4281	 * aren't fully initialized from a successful VFS_MOUNT()).
4282	 */
4283
4284	/* If FEM was in use, make sure everything gets cleaned up */
4285	if (vfsp->vfs_femhead) {
4286		ASSERT(vfsp->vfs_femhead->femh_list == NULL);
4287		mutex_destroy(&vfsp->vfs_femhead->femh_lock);
4288		kmem_free(vfsp->vfs_femhead, sizeof (*(vfsp->vfs_femhead)));
4289		vfsp->vfs_femhead = NULL;
4290	}
4291
4292	if (vfsp->vfs_implp)
4293		vfsimpl_teardown(vfsp);
4294	sema_destroy(&vfsp->vfs_reflock);
4295	kmem_cache_free(vfs_cache, vfsp);
4296}
4297
4298/*
4299 * Increments the vfs reference count by one atomically.
4300 */
4301void
4302vfs_hold(vfs_t *vfsp)
4303{
4304	atomic_inc_32(&vfsp->vfs_count);
4305	ASSERT(vfsp->vfs_count != 0);
4306}
4307
4308/*
4309 * Decrements the vfs reference count by one atomically. When
4310 * vfs reference count becomes zero, it calls the file system
4311 * specific vfs_freevfs() to free up the resources.
4312 */
4313void
4314vfs_rele(vfs_t *vfsp)
4315{
4316	ASSERT(vfsp->vfs_count != 0);
4317	if (atomic_dec_32_nv(&vfsp->vfs_count) == 0) {
4318		VFS_FREEVFS(vfsp);
4319		lofi_remove(vfsp);
4320		if (vfsp->vfs_zone)
4321			zone_rele_ref(&vfsp->vfs_implp->vi_zone_ref,
4322			    ZONE_REF_VFS);
4323		vfs_freemnttab(vfsp);
4324		vfs_free(vfsp);
4325	}
4326}
4327
4328/*
4329 * Generic operations vector support.
4330 *
4331 * This is used to build operations vectors for both the vfs and vnode.
4332 * It's normally called only when a file system is loaded.
4333 *
4334 * There are many possible algorithms for this, including the following:
4335 *
4336 *   (1) scan the list of known operations; for each, see if the file system
4337 *       includes an entry for it, and fill it in as appropriate.
4338 *
4339 *   (2) set up defaults for all known operations.  scan the list of ops
4340 *       supplied by the file system; for each which is both supplied and
4341 *       known, fill it in.
4342 *
4343 *   (3) sort the lists of known ops & supplied ops; scan the list, filling
4344 *       in entries as we go.
4345 *
4346 * we choose (1) for simplicity, and because performance isn't critical here.
4347 * note that (2) could be sped up using a precomputed hash table on known ops.
4348 * (3) could be faster than either, but only if the lists were very large or
4349 * supplied in sorted order.
4350 *
4351 */
4352
4353int
4354fs_build_vector(void *vector, int *unused_ops,
4355    const fs_operation_trans_def_t *translation,
4356    const fs_operation_def_t *operations)
4357{
4358	int i, num_trans, num_ops, used;
4359
4360	/*
4361	 * Count the number of translations and the number of supplied
4362	 * operations.
4363	 */
4364
4365	{
4366		const fs_operation_trans_def_t *p;
4367
4368		for (num_trans = 0, p = translation;
4369		    p->name != NULL;
4370		    num_trans++, p++)
4371			;
4372	}
4373
4374	{
4375		const fs_operation_def_t *p;
4376
4377		for (num_ops = 0, p = operations;
4378		    p->name != NULL;
4379		    num_ops++, p++)
4380			;
4381	}
4382
4383	/* Walk through each operation known to our caller.  There will be */
4384	/* one entry in the supplied "translation table" for each. */
4385
4386	used = 0;
4387
4388	for (i = 0; i < num_trans; i++) {
4389		int j, found;
4390		char *curname;
4391		fs_generic_func_p result;
4392		fs_generic_func_p *location;
4393
4394		curname = translation[i].name;
4395
4396		/* Look for a matching operation in the list supplied by the */
4397		/* file system. */
4398
4399		found = 0;
4400
4401		for (j = 0; j < num_ops; j++) {
4402			if (strcmp(operations[j].name, curname) == 0) {
4403				used++;
4404				found = 1;
4405				break;
4406			}
4407		}
4408
4409		/*
4410		 * If the file system is using a "placeholder" for default
4411		 * or error functions, grab the appropriate function out of
4412		 * the translation table.  If the file system didn't supply
4413		 * this operation at all, use the default function.
4414		 */
4415
4416		if (found) {
4417			result = operations[j].func.fs_generic;
4418			if (result == fs_default) {
4419				result = translation[i].defaultFunc;
4420			} else if (result == fs_error) {
4421				result = translation[i].errorFunc;
4422			} else if (result == NULL) {
4423				/* Null values are PROHIBITED */
4424				return (EINVAL);
4425			}
4426		} else {
4427			result = translation[i].defaultFunc;
4428		}
4429
4430		/* Now store the function into the operations vector. */
4431
4432		location = (fs_generic_func_p *)
4433		    (((char *)vector) + translation[i].offset);
4434
4435		*location = result;
4436	}
4437
4438	*unused_ops = num_ops - used;
4439
4440	return (0);
4441}
4442
4443/* Placeholder functions, should never be called. */
4444
4445int
4446fs_error(void)
4447{
4448	cmn_err(CE_PANIC, "fs_error called");
4449	return (0);
4450}
4451
4452int
4453fs_default(void)
4454{
4455	cmn_err(CE_PANIC, "fs_default called");
4456	return (0);
4457}
4458
4459#ifdef __sparc
4460
4461/*
4462 * Part of the implementation of booting off a mirrored root
4463 * involves a change of dev_t for the root device.  To
4464 * accomplish this, first remove the existing hash table
4465 * entry for the root device, convert to the new dev_t,
4466 * then re-insert in the hash table at the head of the list.
4467 */
4468void
4469vfs_root_redev(vfs_t *vfsp, dev_t ndev, int fstype)
4470{
4471	vfs_list_lock();
4472
4473	vfs_hash_remove(vfsp);
4474
4475	vfsp->vfs_dev = ndev;
4476	vfs_make_fsid(&vfsp->vfs_fsid, ndev, fstype);
4477
4478	vfs_hash_add(vfsp, 1);
4479
4480	vfs_list_unlock();
4481}
4482
4483#else /* x86 NEWBOOT */
4484
4485#if defined(__x86)
4486extern int hvmboot_rootconf();
4487#endif /* __x86 */
4488
4489extern ib_boot_prop_t *iscsiboot_prop;
4490
4491int
4492rootconf()
4493{
4494	int error;
4495	struct vfssw *vsw;
4496	extern void pm_init();
4497	char *fstyp, *fsmod;
4498	int ret = -1;
4499
4500	getrootfs(&fstyp, &fsmod);
4501
4502#if defined(__x86)
4503	/*
4504	 * hvmboot_rootconf() is defined in the hvm_bootstrap misc module,
4505	 * which lives in /platform/i86hvm, and hence is only available when
4506	 * booted in an x86 hvm environment.  If the hvm_bootstrap misc module
4507	 * is not available then the modstub for this function will return 0.
4508	 * If the hvm_bootstrap misc module is available it will be loaded
4509	 * and hvmboot_rootconf() will be invoked.
4510	 */
4511	if (error = hvmboot_rootconf())
4512		return (error);
4513#endif /* __x86 */
4514
4515	if (error = clboot_rootconf())
4516		return (error);
4517
4518	if (modload("fs", fsmod) == -1)
4519		panic("Cannot _init %s module", fsmod);
4520
4521	RLOCK_VFSSW();
4522	vsw = vfs_getvfsswbyname(fstyp);
4523	RUNLOCK_VFSSW();
4524	if (vsw == NULL) {
4525		cmn_err(CE_CONT, "Cannot find %s filesystem\n", fstyp);
4526		return (ENXIO);
4527	}
4528	VFS_INIT(rootvfs, &vsw->vsw_vfsops, 0);
4529	VFS_HOLD(rootvfs);
4530
4531	/* always mount readonly first */
4532	rootvfs->vfs_flag |= VFS_RDONLY;
4533
4534	pm_init();
4535
4536	if (netboot && iscsiboot_prop) {
4537		cmn_err(CE_WARN, "NFS boot and iSCSI boot"
4538		    " shouldn't happen in the same time");
4539		return (EINVAL);
4540	}
4541
4542	if (netboot || iscsiboot_prop) {
4543		ret = strplumb();
4544		if (ret != 0) {
4545			cmn_err(CE_WARN, "Cannot plumb network device %d", ret);
4546			return (EFAULT);
4547		}
4548	}
4549
4550	if ((ret == 0) && iscsiboot_prop) {
4551		ret = modload("drv", "iscsi");
4552		/* -1 indicates fail */
4553		if (ret == -1) {
4554			cmn_err(CE_WARN, "Failed to load iscsi module");
4555			iscsi_boot_prop_free();
4556			return (EINVAL);
4557		} else {
4558			if (!i_ddi_attach_pseudo_node("iscsi")) {
4559				cmn_err(CE_WARN,
4560				    "Failed to attach iscsi driver");
4561				iscsi_boot_prop_free();
4562				return (ENODEV);
4563			}
4564		}
4565	}
4566
4567	error = VFS_MOUNTROOT(rootvfs, ROOT_INIT);
4568	vfs_unrefvfssw(vsw);
4569	rootdev = rootvfs->vfs_dev;
4570
4571	if (error)
4572		cmn_err(CE_CONT, "Cannot mount root on %s fstype %s\n",
4573		    rootfs.bo_name, fstyp);
4574	else
4575		cmn_err(CE_CONT, "?root on %s fstype %s\n",
4576		    rootfs.bo_name, fstyp);
4577	return (error);
4578}
4579
4580/*
4581 * XXX this is called by nfs only and should probably be removed
4582 * If booted with ASKNAME, prompt on the console for a filesystem
4583 * name and return it.
4584 */
4585void
4586getfsname(char *askfor, char *name, size_t namelen)
4587{
4588	if (boothowto & RB_ASKNAME) {
4589		printf("%s name: ", askfor);
4590		console_gets(name, namelen);
4591	}
4592}
4593
4594/*
4595 * Init the root filesystem type (rootfs.bo_fstype) from the "fstype"
4596 * property.
4597 *
4598 * Filesystem types starting with the prefix "nfs" are diskless clients;
4599 * init the root filename name (rootfs.bo_name), too.
4600 *
4601 * If we are booting via NFS we currently have these options:
4602 *	nfs -	dynamically choose NFS V2, V3, or V4 (default)
4603 *	nfs2 -	force NFS V2
4604 *	nfs3 -	force NFS V3
4605 *	nfs4 -	force NFS V4
4606 * Because we need to maintain backward compatibility with the naming
4607 * convention that the NFS V2 filesystem name is "nfs" (see vfs_conf.c)
4608 * we need to map "nfs" => "nfsdyn" and "nfs2" => "nfs".  The dynamic
4609 * nfs module will map the type back to either "nfs", "nfs3", or "nfs4".
4610 * This is only for root filesystems, all other uses will expect
4611 * that "nfs" == NFS V2.
4612 */
4613static void
4614getrootfs(char **fstypp, char **fsmodp)
4615{
4616	char *propstr = NULL;
4617
4618	/*
4619	 * Check fstype property; for diskless it should be one of "nfs",
4620	 * "nfs2", "nfs3" or "nfs4".
4621	 */
4622	if (ddi_prop_lookup_string(DDI_DEV_T_ANY, ddi_root_node(),
4623	    DDI_PROP_DONTPASS, "fstype", &propstr)
4624	    == DDI_SUCCESS) {
4625		(void) strncpy(rootfs.bo_fstype, propstr, BO_MAXFSNAME);
4626		ddi_prop_free(propstr);
4627
4628	/*
4629	 * if the boot property 'fstype' is not set, but 'zfs-bootfs' is set,
4630	 * assume the type of this root filesystem is 'zfs'.
4631	 */
4632	} else if (ddi_prop_lookup_string(DDI_DEV_T_ANY, ddi_root_node(),
4633	    DDI_PROP_DONTPASS, "zfs-bootfs", &propstr)
4634	    == DDI_SUCCESS) {
4635		(void) strncpy(rootfs.bo_fstype, "zfs", BO_MAXFSNAME);
4636		ddi_prop_free(propstr);
4637	}
4638
4639	if (strncmp(rootfs.bo_fstype, "nfs", 3) != 0) {
4640		*fstypp = *fsmodp = rootfs.bo_fstype;
4641		return;
4642	}
4643
4644	++netboot;
4645
4646	if (strcmp(rootfs.bo_fstype, "nfs2") == 0)
4647		(void) strcpy(rootfs.bo_fstype, "nfs");
4648	else if (strcmp(rootfs.bo_fstype, "nfs") == 0)
4649		(void) strcpy(rootfs.bo_fstype, "nfsdyn");
4650
4651	/*
4652	 * check if path to network interface is specified in bootpath
4653	 * or by a hypervisor domain configuration file.
4654	 * XXPV - enable strlumb_get_netdev_path()
4655	 */
4656	if (ddi_prop_exists(DDI_DEV_T_ANY, ddi_root_node(), DDI_PROP_DONTPASS,
4657	    "xpv-nfsroot")) {
4658		(void) strcpy(rootfs.bo_name, "/xpvd/xnf@0");
4659	} else if (ddi_prop_lookup_string(DDI_DEV_T_ANY, ddi_root_node(),
4660	    DDI_PROP_DONTPASS, "bootpath", &propstr)
4661	    == DDI_SUCCESS) {
4662		(void) strncpy(rootfs.bo_name, propstr, BO_MAXOBJNAME);
4663		ddi_prop_free(propstr);
4664	} else {
4665		rootfs.bo_name[0] = '\0';
4666	}
4667	*fstypp = rootfs.bo_fstype;
4668	*fsmodp = "nfs";
4669}
4670#endif
4671
4672/*
4673 * VFS feature routines
4674 */
4675
4676#define	VFTINDEX(feature)	(((feature) >> 32) & 0xFFFFFFFF)
4677#define	VFTBITS(feature)	((feature) & 0xFFFFFFFFLL)
4678
4679/* Register a feature in the vfs */
4680void
4681vfs_set_feature(vfs_t *vfsp, vfs_feature_t feature)
4682{
4683	/* Note that vfs_featureset[] is found in *vfsp->vfs_implp */
4684	if (vfsp->vfs_implp == NULL)
4685		return;
4686
4687	vfsp->vfs_featureset[VFTINDEX(feature)] |= VFTBITS(feature);
4688}
4689
4690void
4691vfs_clear_feature(vfs_t *vfsp, vfs_feature_t feature)
4692{
4693	/* Note that vfs_featureset[] is found in *vfsp->vfs_implp */
4694	if (vfsp->vfs_implp == NULL)
4695		return;
4696	vfsp->vfs_featureset[VFTINDEX(feature)] &= VFTBITS(~feature);
4697}
4698
4699/*
4700 * Query a vfs for a feature.
4701 * Returns 1 if feature is present, 0 if not
4702 */
4703int
4704vfs_has_feature(vfs_t *vfsp, vfs_feature_t feature)
4705{
4706	int	ret = 0;
4707
4708	/* Note that vfs_featureset[] is found in *vfsp->vfs_implp */
4709	if (vfsp->vfs_implp == NULL)
4710		return (ret);
4711
4712	if (vfsp->vfs_featureset[VFTINDEX(feature)] & VFTBITS(feature))
4713		ret = 1;
4714
4715	return (ret);
4716}
4717
4718/*
4719 * Propagate feature set from one vfs to another
4720 */
4721void
4722vfs_propagate_features(vfs_t *from, vfs_t *to)
4723{
4724	int i;
4725
4726	if (to->vfs_implp == NULL || from->vfs_implp == NULL)
4727		return;
4728
4729	for (i = 1; i <= to->vfs_featureset[0]; i++) {
4730		to->vfs_featureset[i] = from->vfs_featureset[i];
4731	}
4732}
4733
4734#define	LOFINODE_PATH "/dev/lofi/%d"
4735
4736/*
4737 * Return the vnode for the lofi node if there's a lofi mount in place.
4738 * Returns -1 when there's no lofi node, 0 on success, and > 0 on
4739 * failure.
4740 */
4741int
4742vfs_get_lofi(vfs_t *vfsp, vnode_t **vpp)
4743{
4744	char *path = NULL;
4745	int strsize;
4746	int err;
4747
4748	if (vfsp->vfs_lofi_id == 0) {
4749		*vpp = NULL;
4750		return (-1);
4751	}
4752
4753	strsize = snprintf(NULL, 0, LOFINODE_PATH, vfsp->vfs_lofi_id);
4754	path = kmem_alloc(strsize + 1, KM_SLEEP);
4755	(void) snprintf(path, strsize + 1, LOFINODE_PATH, vfsp->vfs_lofi_id);
4756
4757	/*
4758	 * We may be inside a zone, so we need to use the /dev path, but
4759	 * it's created asynchronously, so we wait here.
4760	 */
4761	for (;;) {
4762		err = lookupname(path, UIO_SYSSPACE, FOLLOW, NULLVPP, vpp);
4763
4764		if (err != ENOENT)
4765			break;
4766
4767		if ((err = delay_sig(hz / 8)) == EINTR)
4768			break;
4769	}
4770
4771	if (err)
4772		*vpp = NULL;
4773
4774	kmem_free(path, strsize + 1);
4775	return (err);
4776}
4777