summaryrefslogtreecommitdiff
path: root/sys/kern
diff options
context:
space:
mode:
authorPedro Martelletto <pedro@cvs.openbsd.org>2006-04-28 08:34:33 +0000
committerPedro Martelletto <pedro@cvs.openbsd.org>2006-04-28 08:34:33 +0000
commit0bdb047ec5670145e985e420e3ba4595992b9bff (patch)
tree8f047f676dc677500801fcfdefbd84cba6727d69 /sys/kern
parent9a44d6cb0c0f84f90f1e8f1a44ffb747edf1184b (diff)
Instrumentation for an in-kernel getcwd() implementation.
Not yet activated. Diff by marius@ long ago, from NetBSD. Okay miod@ and krw@.
Diffstat (limited to 'sys/kern')
-rw-r--r--sys/kern/syscalls.master3
-rw-r--r--sys/kern/vfs_getcwd.c560
2 files changed, 562 insertions, 1 deletions
diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master
index 5e231f2975c..623b21011e3 100644
--- a/sys/kern/syscalls.master
+++ b/sys/kern/syscalls.master
@@ -1,4 +1,4 @@
-; $OpenBSD: syscalls.master,v 1.81 2005/12/30 04:02:17 tedu Exp $
+; $OpenBSD: syscalls.master,v 1.82 2006/04/28 08:34:31 pedro Exp $
; $NetBSD: syscalls.master,v 1.32 1996/04/23 10:24:21 mycroft Exp $
; @(#)syscalls.master 8.2 (Berkeley) 1/13/94
@@ -608,3 +608,4 @@
302 UNIMPL
303 UNIMPL
#endif
+304 STD { int sys___getcwd(char *buf, size_t len); }
diff --git a/sys/kern/vfs_getcwd.c b/sys/kern/vfs_getcwd.c
new file mode 100644
index 00000000000..a4c81329801
--- /dev/null
+++ b/sys/kern/vfs_getcwd.c
@@ -0,0 +1,560 @@
+/* $OpenBSD: vfs_getcwd.c,v 1.1 2006/04/28 08:34:31 pedro Exp $ */
+/* $NetBSD: vfs_getcwd.c,v 1.3.2.3 1999/07/11 10:24:09 sommerfeld Exp $ */
+
+/*
+ * Copyright (c) 1999 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Bill Sommerfeld.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the NetBSD
+ * Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/namei.h>
+#include <sys/filedesc.h>
+#include <sys/kernel.h>
+#include <sys/file.h>
+#include <sys/stat.h>
+#include <sys/vnode.h>
+#include <sys/mount.h>
+#include <sys/proc.h>
+#include <sys/uio.h>
+#include <sys/malloc.h>
+#include <sys/dirent.h>
+#include <ufs/ufs/dir.h> /* XXX only for DIRBLKSIZ */
+
+#include <sys/syscallargs.h>
+
+static int getcwd_scandir(struct vnode **, struct vnode **,
+ char **, char *, struct proc *);
+static int getcwd_getcache(struct vnode **, struct vnode **, char **, char *);
+static int getcwd_common(struct vnode *, struct vnode *,
+ char **, char *, int, int, struct proc *);
+
+static int vn_isunder(struct vnode *, struct vnode *, struct proc *);
+
+#define DIRENT_MINSIZE (sizeof(struct dirent) - (MAXNAMLEN+1) + 4)
+
+/*
+ * Vnode variable naming conventions in this file:
+ *
+ * rvp: the current root we're aiming towards.
+ * lvp, *lvpp: the "lower" vnode
+ * uvp, *uvpp: the "upper" vnode.
+ *
+ * Since all the vnodes we're dealing with are directories, and the
+ * lookups are going *up* in the filesystem rather than *down*, the
+ * usual "pvp" (parent) or "dvp" (directory) naming conventions are
+ * too confusing.
+ */
+
+/*
+ * XXX: is EINVAL the right thing to return if a directory is
+ * malformed?
+ */
+
+
+/*
+ * Find parent vnode of *lvpp, return in *uvpp
+ *
+ * If we care about the name, scan it looking for name of directory
+ * entry pointing at lvp.
+ *
+ * Place the name in the buffer which starts at bufp, immediately
+ * before *bpp, and move bpp backwards to point at the start of it.
+ *
+ * On entry, *lvpp is a locked vnode reference; on exit, it is vput and NULL'ed
+ * On exit, *uvpp is either NULL or is a locked vnode reference.
+ */
+static int
+getcwd_scandir(struct vnode **lvpp, struct vnode **uvpp,
+ char **bpp, char *bufp, struct proc *p)
+{
+ int error = 0;
+ int eofflag;
+ off_t off;
+ int tries;
+ struct uio uio;
+ struct iovec iov;
+ char *dirbuf = NULL;
+ int dirbuflen;
+ ino_t fileno;
+ struct vattr va;
+ struct vnode *uvp = NULL;
+ struct vnode *lvp = *lvpp;
+ struct componentname cn;
+ int len, reclen;
+ tries = 0;
+
+ /*
+ * If we want the filename, get some info we need while the
+ * current directory is still locked.
+ */
+ if (bufp != NULL) {
+ error = VOP_GETATTR(lvp, &va, p->p_ucred, p);
+ if (error) {
+ vput(lvp);
+ *lvpp = NULL;
+ *uvpp = NULL;
+ return error;
+ }
+ }
+
+ /*
+ * Ok, we have to do it the hard way..
+ * Next, get parent vnode using lookup of ..
+ */
+ cn.cn_nameiop = LOOKUP;
+ cn.cn_flags = ISLASTCN | ISDOTDOT | RDONLY;
+ cn.cn_proc = p;
+ cn.cn_cred = p->p_ucred;
+ cn.cn_pnbuf = NULL;
+ cn.cn_nameptr = "..";
+ cn.cn_namelen = 2;
+ cn.cn_hash = 0;
+ cn.cn_consume = 0;
+
+ /*
+ * At this point, lvp is locked and will be unlocked by the lookup.
+ * On successful return, *uvpp will be locked
+ */
+ error = VOP_LOOKUP(lvp, uvpp, &cn);
+ if (error) {
+ vput(lvp);
+ *lvpp = NULL;
+ *uvpp = NULL;
+ return error;
+ }
+ uvp = *uvpp;
+
+ /* If we don't care about the pathname, we're done */
+ if (bufp == NULL) {
+ vrele(lvp);
+ *lvpp = NULL;
+ return 0;
+ }
+
+ fileno = va.va_fileid;
+
+ dirbuflen = DIRBLKSIZ;
+ if (dirbuflen < va.va_blocksize)
+ dirbuflen = va.va_blocksize;
+ dirbuf = (char *)malloc(dirbuflen, M_TEMP, M_WAITOK);
+
+ off = 0;
+ do {
+ char *cpos;
+ struct dirent *dp;
+
+ /* call VOP_READDIR of parent */
+ iov.iov_base = dirbuf;
+ iov.iov_len = dirbuflen;
+
+ uio.uio_iov = &iov;
+ uio.uio_iovcnt = 1;
+ uio.uio_offset = off;
+ uio.uio_resid = dirbuflen;
+ uio.uio_segflg = UIO_SYSSPACE;
+ uio.uio_rw = UIO_READ;
+ uio.uio_procp = p;
+
+ eofflag = 0;
+
+ error = VOP_READDIR(uvp, &uio, p->p_ucred, &eofflag, 0, 0);
+
+ off = uio.uio_offset;
+
+ /*
+ * Try again if NFS tosses its cookies.
+ */
+ if (error == EINVAL && tries < 3) {
+ tries++;
+ off = 0;
+ continue;
+ } else if (error != 0) {
+ /*
+ * We simply bail on error, even if we don't
+ * have eofflag yet. This is the exact
+ * behavior of the old userland getcwd()
+ */
+ goto out;
+ }
+
+ /* No error */
+ cpos = dirbuf;
+ tries = 0;
+
+ /* scan directory page looking for matching vnode */
+ for (len = (dirbuflen - uio.uio_resid); len > 0;
+ len -= reclen) {
+ dp = (struct dirent *)cpos;
+ reclen = dp->d_reclen;
+
+ /* check for malformed directory.. */
+ if (reclen < DIRENT_MINSIZE) {
+ error = EINVAL;
+ goto out;
+ }
+ /*
+ * XXX should perhaps do VOP_LOOKUP to
+ * check that we got back to the right place,
+ * but getting the locking games for that
+ * right would be heinous.
+ */
+ if (dp->d_fileno == fileno) {
+ char *bp = *bpp;
+ bp -= dp->d_namlen;
+
+ if (bp <= bufp) {
+ error = ERANGE;
+ goto out;
+ }
+ bcopy(dp->d_name, bp, dp->d_namlen);
+ error = 0;
+ *bpp = bp;
+ goto out;
+ }
+ cpos += reclen;
+ }
+
+ } while (!eofflag);
+
+ error = ENOENT;
+
+out:
+ vrele(lvp);
+ *lvpp = NULL;
+ free(dirbuf, M_TEMP);
+ return error;
+}
+
+/*
+ * Look in the vnode-to-name reverse cache to see if
+ * we can find things the easy way.
+ *
+ * XXX vget failure path is untested.
+ *
+ * On entry, *lvpp is a locked vnode reference.
+ * On exit, one of the following is the case:
+ * 0) Both *lvpp and *uvpp are NULL and failure is returned.
+ * 1) *uvpp is NULL, *lvpp remains locked and -1 is returned (cache miss)
+ * 2) *uvpp is a locked vnode reference, *lvpp is vput and NULL'ed
+ * and 0 is returned (cache hit)
+ */
+
+static int
+getcwd_getcache(struct vnode **lvpp, struct vnode **uvpp,
+ char **bpp, char *bufp)
+{
+ struct vnode *lvp, *uvp = NULL;
+ int error;
+ int vpid;
+ struct proc *p = curproc;
+
+ lvp = *lvpp;
+
+ /*
+ * This returns 0 on a cache hit, -1 on a clean cache miss, or
+ * an errno on other failure.
+ */
+ error = cache_revlookup(lvp, uvpp, bpp, bufp);
+ if (error) {
+ if (error != -1) {
+ vput(lvp);
+ *lvpp = NULL;
+ *uvpp = NULL;
+ }
+ return error;
+ }
+ uvp = *uvpp;
+ vpid = uvp->v_id;
+
+ /*
+ * Since we're going up, we have to release the current lock
+ * before we take the parent lock.
+ */
+
+ VOP_UNLOCK(lvp, 0, p);
+
+ error = vget(uvp, LK_EXCLUSIVE | LK_RETRY, p);
+ if (error != 0)
+ *uvpp = NULL;
+ /*
+ * Verify that vget succeeded, and check that vnode capability
+ * didn't change while we were waiting for the lock.
+ *
+ * XXX: this is kind of nasty to have to check here. It
+ * should really be done in cache_revlookup() (see comments
+ * there, too).
+ */
+ if (error || (vpid != uvp->v_id)) {
+ /*
+ * Oops, we missed. If the vget failed, or the
+ * capability changed, try to get our lock back; if
+ * that works, tell caller to try things the hard way,
+ * otherwise give up.
+ */
+ if (!error)
+ vput(uvp);
+ *uvpp = NULL;
+
+ error = vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY, p);
+
+ if (!error)
+ return -1;
+ }
+ vrele(lvp);
+ *lvpp = NULL;
+ return (error);
+}
+
+/*
+ * common routine shared by sys___getcwd() and vn_isunder()
+ */
+
+#define GETCWD_CHECK_ACCESS 0x0001
+
+static int
+getcwd_common(struct vnode *lvp, struct vnode *rvp,
+ char **bpp, char *bufp, int limit, int flags, struct proc *p)
+{
+ struct filedesc *fdp = p->p_fd;
+ struct vnode *uvp = NULL;
+ char *bp = NULL;
+ int error;
+ int perms = VEXEC;
+
+ if (rvp == NULL) {
+ rvp = fdp->fd_rdir;
+ if (rvp == NULL)
+ rvp = rootvnode;
+ }
+
+ VREF(rvp);
+ VREF(lvp);
+
+ /*
+ * Error handling invariant:
+ * Before a `goto out':
+ * lvp is either NULL, or locked and held.
+ * uvp is either NULL, or locked and held.
+ */
+
+ error = vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY, p);
+ if (error) {
+ vrele(lvp);
+ lvp = NULL;
+ goto out;
+ }
+ if (bufp)
+ bp = *bpp;
+ /*
+ * this loop will terminate when one of the following happens:
+ * - we hit the root
+ * - getdirentries or lookup fails
+ * - we run out of space in the buffer.
+ */
+ if (lvp == rvp) {
+ if (bp)
+ *(--bp) = '/';
+ goto out;
+ }
+ do {
+ if (lvp->v_type != VDIR) {
+ error = ENOTDIR;
+ goto out;
+ }
+
+ /*
+ * access check here is optional, depending on
+ * whether or not caller cares.
+ */
+ if (flags & GETCWD_CHECK_ACCESS) {
+ error = VOP_ACCESS(lvp, perms, p->p_ucred, p);
+ if (error)
+ goto out;
+ perms = VEXEC|VREAD;
+ }
+
+ /*
+ * step up if we're a covered vnode..
+ */
+ while (lvp->v_flag & VROOT) {
+ struct vnode *tvp;
+
+ if (lvp == rvp)
+ goto out;
+
+ tvp = lvp;
+ lvp = lvp->v_mount->mnt_vnodecovered;
+ vput(tvp);
+ /*
+ * hodie natus est radici frater
+ */
+ if (lvp == NULL) {
+ error = ENOENT;
+ goto out;
+ }
+ VREF(lvp);
+ error = vn_lock(lvp, LK_EXCLUSIVE | LK_RETRY, p);
+ if (error != 0) {
+ vrele(lvp);
+ lvp = NULL;
+ goto out;
+ }
+ }
+ /*
+ * Look in the name cache; if that fails, look in the
+ * directory..
+ */
+ error = getcwd_getcache(&lvp, &uvp, &bp, bufp);
+ if (error == -1)
+ error = getcwd_scandir(&lvp, &uvp, &bp, bufp, p);
+ if (error)
+ goto out;
+#ifdef DIAGNOSTIC
+ if (lvp != NULL)
+ panic("getcwd: oops, forgot to null lvp");
+ if (bufp && (bp <= bufp)) {
+ panic("getcwd: oops, went back too far");
+ }
+#endif
+ if (bp)
+ *(--bp) = '/';
+ lvp = uvp;
+ uvp = NULL;
+ limit--;
+ } while ((lvp != rvp) && (limit > 0));
+
+out:
+ if (bpp)
+ *bpp = bp;
+ if (uvp)
+ vput(uvp);
+ if (lvp)
+ vput(lvp);
+ vrele(rvp);
+ return error;
+}
+
+/*
+ * Check if one directory can be found inside another in the directory
+ * hierarchy.
+ *
+ * Intended to be used in chroot, chdir, fchdir, etc., to ensure that
+ * chroot() actually means something.
+ */
+static int
+vn_isunder(struct vnode *lvp, struct vnode *rvp, struct proc *p)
+{
+ int error;
+
+ error = getcwd_common(lvp, rvp, NULL, NULL, MAXPATHLEN/2, 0, p);
+
+ if (!error)
+ return 1;
+ else
+ return 0;
+}
+
+/*
+ * Returns true if proc p1's root directory equal to or under p2's
+ * root directory.
+ *
+ * Intended to be used from ptrace/procfs sorts of things.
+ */
+
+int
+proc_isunder(struct proc *p1, struct proc *p2)
+{
+ struct vnode *r1 = p1->p_fd->fd_rdir;
+ struct vnode *r2 = p2->p_fd->fd_rdir;
+
+ if (r1 == NULL)
+ return (r2 == NULL);
+ else if (r2 == NULL)
+ return 1;
+ else
+ return vn_isunder(r1, r2, p2);
+}
+
+/*
+ * Find pathname of process's current directory.
+ *
+ * Use vfs vnode-to-name reverse cache; if that fails, fall back
+ * to reading directory contents.
+ */
+
+int
+sys___getcwd(struct proc *p, void *v, register_t *retval)
+{
+ register struct sys___getcwd_args /* {
+ syscallarg(char *) buf;
+ syscallarg(size_t) len;
+ } */ *uap = v;
+
+ int error;
+ char *path;
+ char *bp, *bend;
+ int len = SCARG(uap, len);
+ int lenused;
+
+ if (len > MAXPATHLEN*4)
+ len = MAXPATHLEN*4;
+ else if (len < 2)
+ return ERANGE;
+
+ path = (char *)malloc(len, M_TEMP, M_WAITOK);
+
+ bp = &path[len];
+ bend = bp;
+ *(--bp) = '\0';
+
+ /*
+ * 5th argument here is "max number of vnodes to traverse".
+ * Since each entry takes up at least 2 bytes in the output
+ * buffer, limit it to N/2 vnodes for an N byte buffer.
+ */
+ error = getcwd_common(p->p_fd->fd_cdir, NULL, &bp, path, len/2,
+ GETCWD_CHECK_ACCESS, p);
+
+ if (error)
+ goto out;
+ lenused = bend - bp;
+ *retval = lenused;
+ /* put the result into user buffer */
+ error = copyout(bp, SCARG(uap, buf), lenused);
+
+out:
+ free(path, M_TEMP);
+ return error;
+}