+ /*
+ * Insert name into cache (as non-existent) if appropriate.
+ */
+ if (ndp->ni_makeentry)
+ cache_enter(ndp);
+ return (ENOENT);
+
+found:
+ if (numdirpasses == 2)
+ nchstats.ncs_pass2++;
+ /*
+ * Check that directory length properly reflects presence
+ * of this entry.
+ */
+ if (entryoffsetinblock + DIRSIZ(ep) > dp->i_size) {
+ dirbad(dp, ndp->ni_offset, "i_size too small");
+ dp->i_size = entryoffsetinblock + DIRSIZ(ep);
+ dp->i_flag |= IUPD|ICHG;
+ }
+
+ /*
+ * Found component in pathname.
+ * If the final component of path name, save information
+ * in the cache as to where the entry was found.
+ */
+ if (*ndp->ni_next == '\0' && flag == LOOKUP)
+ dp->i_diroff = ndp->ni_offset &~ (DIRBLKSIZ - 1);
+
+ /*
+ * If deleting, and at end of pathname, return
+ * parameters which can be used to remove file.
+ * If the wantparent flag isn't set, we return only
+ * the directory (in ndp->ni_dvp), otherwise we go
+ * on and lock the inode, being careful with ".".
+ */
+ if (flag == DELETE && *ndp->ni_next == 0) {
+ /*
+ * Write access to directory required to delete files.
+ */
+ if (error = ufs_access(vdp, VWRITE, ndp->ni_cred))
+ return (error);
+ /*
+ * Return pointer to current entry in ndp->ni_offset,
+ * and distance past previous entry (if there
+ * is a previous entry in this block) in ndp->ni_count.
+ * Save directory inode pointer in ndp->ni_dvp for dirremove().
+ */
+ if ((ndp->ni_offset&(DIRBLKSIZ-1)) == 0)
+ ndp->ni_count = 0;
+ else
+ ndp->ni_count = ndp->ni_offset - prevoff;
+ if (dp->i_number == ndp->ni_dent.d_ino) {
+ VREF(vdp);
+ ndp->ni_vp = vdp;
+ return (0);
+ }
+ if (error = iget(dp, ndp->ni_dent.d_ino, &tdp))
+ return (error);
+ /*
+ * If directory is "sticky", then user must own
+ * the directory, or the file in it, else she
+ * may not delete it (unless she's root). This
+ * implements append-only directories.
+ */
+ if ((dp->i_mode & ISVTX) &&
+ ndp->ni_cred->cr_uid != 0 &&
+ ndp->ni_cred->cr_uid != dp->i_uid &&
+ tdp->i_uid != ndp->ni_cred->cr_uid) {
+ iput(tdp);
+ return (EPERM);
+ }
+ ndp->ni_vp = ITOV(tdp);
+ if (!lockparent)
+ IUNLOCK(dp);
+ return (0);
+ }
+
+ /*
+ * If rewriting (RENAME), return the inode and the
+ * information required to rewrite the present directory
+ * Must get inode of directory entry to verify it's a
+ * regular file, or empty directory.
+ */
+ if (flag == RENAME && wantparent && *ndp->ni_next == 0) {
+ if (error = ufs_access(vdp, VWRITE, ndp->ni_cred))
+ return (error);
+ /*
+ * Careful about locking second inode.
+ * This can only occur if the target is ".".
+ */
+ if (dp->i_number == ndp->ni_dent.d_ino)
+ return (EISDIR);
+ if (error = iget(dp, ndp->ni_dent.d_ino, &tdp))
+ return (error);
+ ndp->ni_vp = ITOV(tdp);
+ if (!lockparent)
+ IUNLOCK(dp);
+ return (0);
+ }
+
+ /*
+ * Step through the translation in the name. We do not `iput' the
+ * directory because we may need it again if a symbolic link
+ * is relative to the current directory. Instead we save it
+ * unlocked as "pdp". We must get the target inode before unlocking
+ * the directory to insure that the inode will not be removed
+ * before we get it. We prevent deadlock by always fetching
+ * inodes from the root, moving down the directory tree. Thus
+ * when following backward pointers ".." we must unlock the
+ * parent directory before getting the requested directory.
+ * There is a potential race condition here if both the current
+ * and parent directories are removed before the `iget' for the
+ * inode associated with ".." returns. We hope that this occurs
+ * infrequently since we cannot avoid this race condition without
+ * implementing a sophisticated deadlock detection algorithm.
+ * Note also that this simple deadlock detection scheme will not
+ * work if the file system has any hard links other than ".."
+ * that point backwards in the directory structure.
+ */
+ pdp = dp;
+ if (ndp->ni_isdotdot) {
+ IUNLOCK(pdp); /* race to get the inode */
+ if (error = iget(dp, ndp->ni_dent.d_ino, &tdp)) {
+ ILOCK(pdp);
+ return (error);
+ }
+ if (lockparent && *ndp->ni_next == '\0')
+ ILOCK(pdp);
+ ndp->ni_vp = ITOV(tdp);
+ } else if (dp->i_number == ndp->ni_dent.d_ino) {
+ VREF(vdp); /* we want ourself, ie "." */
+ ndp->ni_vp = vdp;
+ } else {
+ if (error = iget(dp, ndp->ni_dent.d_ino, &tdp))
+ return (error);
+ if (!lockparent || *ndp->ni_next != '\0')
+ IUNLOCK(pdp);
+ ndp->ni_vp = ITOV(tdp);
+ }
+
+ /*
+ * Insert name into cache if appropriate.
+ */
+ if (ndp->ni_makeentry)
+ cache_enter(ndp);
+ return (0);
+}
+
+
+dirbad(ip, offset, how)
+ struct inode *ip;
+ off_t offset;
+ char *how;
+{
+
+ printf("%s: bad dir ino %d at offset %d: %s\n",
+ ip->i_fs->fs_fsmnt, ip->i_number, offset, how);
+ panic("bad dir");
+}
+
+/*
+ * Do consistency checking on a directory entry:
+ * record length must be multiple of 4
+ * entry must fit in rest of its DIRBLKSIZ block
+ * record must be large enough to contain entry
+ * name is not longer than MAXNAMLEN
+ * name must be as long as advertised, and null terminated
+ */
+dirbadentry(ep, entryoffsetinblock)
+ register struct direct *ep;
+ int entryoffsetinblock;
+{
+ register int i;
+
+ if ((ep->d_reclen & 0x3) != 0 ||
+ ep->d_reclen > DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1)) ||
+ ep->d_reclen < DIRSIZ(ep) || ep->d_namlen > MAXNAMLEN)
+ return (1);
+ for (i = 0; i < ep->d_namlen; i++)
+ if (ep->d_name[i] == '\0')
+ return (1);
+ return (ep->d_name[i]);
+}
+
+/*
+ * Write a directory entry after a call to namei, using the parameters
+ * which it left in nameidata. The argument ip is the inode which the
+ * new directory entry will refer to. The nameidata field ndp->ni_dvp
+ * is a pointer to the directory to be written, which was left locked by
+ * namei. Remaining parameters (ndp->ni_offset, ndp->ni_count) indicate
+ * how the space for the new entry is to be gotten.
+ */
+direnter(ip, ndp)
+ struct inode *ip;
+ register struct nameidata *ndp;
+{
+ register struct direct *ep, *nep;
+ register struct inode *dp = VTOI(ndp->ni_dvp);
+ struct buf *bp;
+ int loc, spacefree, error = 0;
+ u_int dsize;
+ int newentrysize;
+ char *dirbuf;
+
+ ndp->ni_dent.d_ino = ip->i_number;
+ newentrysize = DIRSIZ(&ndp->ni_dent);
+ if (ndp->ni_count == 0) {
+ /*
+ * If ndp->ni_count is 0, then namei could find no space in the
+ * directory. In this case ndp->ni_offset will be on a directory
+ * block boundary and we will write the new entry into a fresh
+ * block.
+ */
+ if (ndp->ni_offset&(DIRBLKSIZ-1))
+ panic("wdir: newblk");
+ ndp->ni_dent.d_reclen = DIRBLKSIZ;
+ ndp->ni_count = newentrysize;
+ ndp->ni_resid = newentrysize;
+ ndp->ni_base = (caddr_t)&ndp->ni_dent;
+ ndp->ni_uioseg = UIO_SYSSPACE;
+ error =
+ ufs_write(ndp->ni_dvp, &ndp->ni_uio, IO_SYNC, ndp->ni_cred);
+ if (DIRBLKSIZ > dp->i_fs->fs_fsize)
+ panic("wdir: blksize"); /* XXX - should grow w/balloc */
+ else
+ dp->i_size = roundup(dp->i_size, DIRBLKSIZ);
+ iput(dp);
+ return (error);
+ }
+
+ /*
+ * If ndp->ni_count is non-zero, then namei found space for the new
+ * entry in the range ndp->ni_offset to ndp->ni_offset + ndp->ni_count.
+ * in the directory. To use this space, we may have to compact
+ * the entries located there, by copying them together towards
+ * the beginning of the block, leaving the free space in
+ * one usable chunk at the end.
+ */
+
+ /*
+ * Increase size of directory if entry eats into new space.
+ * This should never push the size past a new multiple of
+ * DIRBLKSIZE.
+ *
+ * N.B. - THIS IS AN ARTIFACT OF 4.2 AND SHOULD NEVER HAPPEN.
+ */
+ if (ndp->ni_offset + ndp->ni_count > dp->i_size)
+ dp->i_size = ndp->ni_offset + ndp->ni_count;
+ /*
+ * Get the block containing the space for the new directory entry.
+ */
+ if (error = blkatoff(dp, ndp->ni_offset, (char **)&dirbuf, &bp)) {
+ iput(dp);
+ return (error);
+ }
+ /*
+ * Find space for the new entry. In the simple case, the
+ * entry at offset base will have the space. If it does
+ * not, then namei arranged that compacting the region
+ * ndp->ni_offset to ndp->ni_offset+ndp->ni_count would yield the space.
+ */
+ ep = (struct direct *)dirbuf;
+ dsize = DIRSIZ(ep);
+ spacefree = ep->d_reclen - dsize;
+ for (loc = ep->d_reclen; loc < ndp->ni_count; ) {
+ nep = (struct direct *)(dirbuf + loc);
+ if (ep->d_ino) {
+ /* trim the existing slot */
+ ep->d_reclen = dsize;
+ ep = (struct direct *)((char *)ep + dsize);
+ } else {
+ /* overwrite; nothing there; header is ours */
+ spacefree += dsize;
+ }
+ dsize = DIRSIZ(nep);
+ spacefree += nep->d_reclen - dsize;
+ loc += nep->d_reclen;
+ bcopy((caddr_t)nep, (caddr_t)ep, dsize);
+ }
+ /*
+ * Update the pointer fields in the previous entry (if any),
+ * copy in the new entry, and write out the block.
+ */
+ if (ep->d_ino == 0) {
+ if (spacefree + dsize < newentrysize)
+ panic("wdir: compact1");
+ ndp->ni_dent.d_reclen = spacefree + dsize;
+ } else {
+ if (spacefree < newentrysize)
+ panic("wdir: compact2");
+ ndp->ni_dent.d_reclen = spacefree;
+ ep->d_reclen = dsize;
+ ep = (struct direct *)((char *)ep + dsize);
+ }
+ bcopy((caddr_t)&ndp->ni_dent, (caddr_t)ep, (u_int)newentrysize);
+ error = bwrite(bp);
+ dp->i_flag |= IUPD|ICHG;
+ if (!error && ndp->ni_endoff && ndp->ni_endoff < dp->i_size)
+ error = itrunc(dp, (u_long)ndp->ni_endoff, IO_SYNC);