check ip before dereferencing (can only happen when called to mount root)

[unix-history] / usr / src / sys / ufs / lfs / lfs_vfsops.c
diff --git a/usr/src/sys/ufs/lfs/lfs_vfsops.c b/usr/src/sys/ufs/lfs/lfs_vfsops.c

index 5e3e176..7111b02 100644 (file)
--- a/usr/src/sys/ufs/lfs/lfs_vfsops.c
+++ b/usr/src/sys/ufs/lfs/lfs_vfsops.c
@@ -1,17 +1,28 @@
-/*     lfs_vfsops.c    4.1     83/05/27        */
+/*
+ * Copyright (c) 1982, 1986 Regents of the University of California.
+ * All rights reserved.  The Berkeley software License Agreement
+ * specifies the terms and conditions for redistribution.
+ *
+ *     @(#)lfs_vfsops.c        7.4 (Berkeley) %G%
+ */
  
  
-#include "../h/param.h"
-#include "../h/systm.h"
-#include "../h/dir.h"
-#include "../h/user.h"
-#include "../h/inode.h"
-#include "../h/proc.h"
-#include "../h/fs.h"
-#include "../h/buf.h"
-#include "../h/mount.h"
-#include "../h/file.h"
-#include "../h/nami.h"
-#include "../h/conf.h"
+#include "param.h"
+#include "systm.h"
+#include "dir.h"
+#include "user.h"
+#include "inode.h"
+#include "proc.h"
+#include "fs.h"
+#include "buf.h"
+#include "mount.h"
+#include "file.h"
+#include "conf.h"
+#include "ioctl.h"
+#include "disklabel.h"
+#include "stat.h"
+#include "ioctl.h"
+#include "disklabel.h"
+#include "stat.h"
  
  smount()
  {
  
  smount()
  {
@@ -19,36 +30,39 @@ smount()
                 char    *fspec;
                 char    *freg;
                 int     ronly;
                 char    *fspec;
                 char    *freg;
                 int     ronly;
-       } *uap;
+       } *uap = (struct a *)u.u_ap;
         dev_t dev;
         register struct inode *ip;
         register struct fs *fs;
         dev_t dev;
         register struct inode *ip;
         register struct fs *fs;
-       register char *cp;
+       register struct nameidata *ndp = &u.u_nd;
+       u_int len;
  
  
-       uap = (struct a *)u.u_ap;
-       u.u_error = getmdev(&dev);
+       u.u_error = getmdev(&dev, uap->fspec);
         if (u.u_error)
                 return;
         if (u.u_error)
                 return;
-       u.u_dirp = (caddr_t)uap->freg;
-       ip = namei(uchar, LOOKUP, 1);
+       ndp->ni_nameiop = LOOKUP | FOLLOW;
+       ndp->ni_segflg = UIO_USERSPACE;
+       ndp->ni_dirp = (caddr_t)uap->freg;
+       ip = namei(ndp);
         if (ip == NULL)
                 return;
         if (ip == NULL)
                 return;
-       if (ip->i_count!=1 || (ip->i_mode&IFMT) != IFDIR) {
+       if (ip->i_count != 1) {
                 iput(ip);
                 u.u_error = EBUSY;
                 return;
         }
                 iput(ip);
                 u.u_error = EBUSY;
                 return;
         }
+       if ((ip->i_mode&IFMT) != IFDIR) {
+               iput(ip);
+               u.u_error = ENOTDIR;
+               return;
+       }
         fs = mountfs(dev, uap->ronly, ip);
         if (fs == 0)
                 return;
         fs = mountfs(dev, uap->ronly, ip);
         if (fs == 0)
                 return;
-       u.u_dirp = uap->freg;
-       for (cp = fs->fs_fsmnt; cp < &fs->fs_fsmnt[sizeof(fs->fs_fsmnt) - 2]; )
-               if ((*cp++ = uchar()) == 0)
-                       u.u_dirp--;             /* get 0 again */
-       *cp = 0;
+       (void) copyinstr(uap->freg, fs->fs_fsmnt, sizeof(fs->fs_fsmnt)-1, &len);
+       bzero(fs->fs_fsmnt + len, sizeof (fs->fs_fsmnt) - len);
  }
  
  }
  
-/* this routine has lousy error codes */
  /* this routine has races if running twice */
  struct fs *
  mountfs(dev, ronly, ip)
  /* this routine has races if running twice */
  struct fs *
  mountfs(dev, ronly, ip)
@@ -60,33 +74,71 @@ mountfs(dev, ronly, ip)
         struct buf *tp = 0;
         register struct buf *bp = 0;
         register struct fs *fs;
         struct buf *tp = 0;
         register struct buf *bp = 0;
         register struct fs *fs;
-       int blks;
+       struct partinfo dpart;
+       int havepart = 0, blks;
         caddr_t space;
         int i, size;
         caddr_t space;
         int i, size;
+       register error;
+       int needclose = 0;
  
  
-       u.u_error =
-           (*bdevsw[major(dev)].d_open)(dev, ronly ? FREAD : FREAD|FWRITE);
-       if (u.u_error) {
-               u.u_error = EIO;
+       error =
+           (*bdevsw[major(dev)].d_open)(dev, ronly ? FREAD : FREAD|FWRITE,
+               S_IFBLK);
+       if (error)
                 goto out;
                 goto out;
-       }
+       needclose = 1;
+       if ((*bdevsw[major(dev)].d_ioctl)(dev, DIOCGPART,
+           (caddr_t)&dpart, FREAD) == 0) {
+               havepart = 1;
+               size = dpart.disklab->d_secsize;
+       } else
+               size = DEV_BSIZE;
+#ifdef SECSIZE
+       /*
+        * If possible, determine hardware sector size
+        * and adjust fsbtodb to correspond.
+        */
+#endif SECSIZE
+       if ((*bdevsw[major(dev)].d_ioctl)(dev, DIOCGPART,
+           (caddr_t)&dpart, FREAD) == 0) {
+               havepart = 1;
+               size = dpart.disklab->d_secsize;
+#ifdef SECSIZE
+               if (size < MINSECSIZE) {
+                       error = EINVAL;
+                       goto out;
+               }
+#endif SECSIZE
+       } else
+               size = DEV_BSIZE;
+#ifdef SECSIZE
+       tp = bread(dev, (daddr_t)(SBOFF / size), SBSIZE, size);
+#else SECSIZE
         tp = bread(dev, SBLOCK, SBSIZE);
         tp = bread(dev, SBLOCK, SBSIZE);
+#endif SECSIZE
         if (tp->b_flags & B_ERROR)
                 goto out;
         for (mp = &mount[0]; mp < &mount[NMOUNT]; mp++)
                 if (mp->m_bufp != 0 && dev == mp->m_dev) {
                         mp = 0;
         if (tp->b_flags & B_ERROR)
                 goto out;
         for (mp = &mount[0]; mp < &mount[NMOUNT]; mp++)
                 if (mp->m_bufp != 0 && dev == mp->m_dev) {
                         mp = 0;
+                       error = EBUSY;
                         goto out;
                 }
         for (mp = &mount[0]; mp < &mount[NMOUNT]; mp++)
                 if (mp->m_bufp == 0)
                         goto found;
         mp = 0;
                         goto out;
                 }
         for (mp = &mount[0]; mp < &mount[NMOUNT]; mp++)
                 if (mp->m_bufp == 0)
                         goto found;
         mp = 0;
+       error = EMFILE;         /* needs translation */
         goto out;
  found:
         mp->m_bufp = tp;        /* just to reserve this slot */
         mp->m_dev = NODEV;
         fs = tp->b_un.b_fs;
         goto out;
  found:
         mp->m_bufp = tp;        /* just to reserve this slot */
         mp->m_dev = NODEV;
         fs = tp->b_un.b_fs;
+       if (fs->fs_magic != FS_MAGIC || fs->fs_bsize > MAXBSIZE ||
+           fs->fs_bsize < sizeof(struct fs)) {
+               error = EINVAL;         /* also needs translation */
+               goto out;
+       }
         bp = geteblk((int)fs->fs_sbsize);
         mp->m_bufp = bp;
         bcopy((caddr_t)tp->b_un.b_addr, (caddr_t)bp->b_un.b_addr,
         bp = geteblk((int)fs->fs_sbsize);
         mp->m_bufp = bp;
         bcopy((caddr_t)tp->b_un.b_addr, (caddr_t)bp->b_un.b_addr,
@@ -94,26 +146,62 @@ found:
         brelse(tp);
         tp = 0;
         fs = bp->b_un.b_fs;
         brelse(tp);
         tp = 0;
         fs = bp->b_un.b_fs;
-       if (fs->fs_magic != FS_MAGIC || fs->fs_bsize > MAXBSIZE)
-               goto out;
         fs->fs_ronly = (ronly != 0);
         if (ronly == 0)
                 fs->fs_fmod = 1;
         fs->fs_ronly = (ronly != 0);
         if (ronly == 0)
                 fs->fs_fmod = 1;
+       if (havepart) {
+               dpart.part->p_fstype = FS_BSDFFS;
+               dpart.part->p_fsize = fs->fs_fsize;
+               dpart.part->p_frag = fs->fs_frag;
+               fs->fs_dbsize = size;
+       }
+#ifdef SECSIZE
+       /*
+        * If we have a disk label, force per-partition
+        * filesystem information to be correct
+        * and set correct current fsbtodb shift.
+        */
+#endif SECSIZE
+       if (havepart) {
+               dpart.part->p_fstype = FS_BSDFFS;
+               dpart.part->p_fsize = fs->fs_fsize;
+               dpart.part->p_frag = fs->fs_frag;
+#ifdef SECSIZE
+#ifdef tahoe
+               /*
+                * Save the original fsbtodb shift to restore on updates.
+                * (Console doesn't understand fsbtodb changes.)
+                */
+               fs->fs_sparecon[0] = fs->fs_fsbtodb;
+#endif
+               i = fs->fs_fsize / size;
+               for (fs->fs_fsbtodb = 0; i > 1; i >>= 1)
+                       fs->fs_fsbtodb++;
+#endif SECSIZE
+               fs->fs_dbsize = size;
+       }
         blks = howmany(fs->fs_cssize, fs->fs_fsize);
         space = wmemall(vmemall, (int)fs->fs_cssize);
         blks = howmany(fs->fs_cssize, fs->fs_fsize);
         space = wmemall(vmemall, (int)fs->fs_cssize);
-       if (space == 0)
+       if (space == 0) {
+               error = ENOMEM;
                 goto out;
                 goto out;
+       }
         for (i = 0; i < blks; i += fs->fs_frag) {
                 size = fs->fs_bsize;
                 if (i + fs->fs_frag > blks)
                         size = (blks - i) * fs->fs_fsize;
         for (i = 0; i < blks; i += fs->fs_frag) {
                 size = fs->fs_bsize;
                 if (i + fs->fs_frag > blks)
                         size = (blks - i) * fs->fs_fsize;
+#ifdef SECSIZE
+               tp = bread(dev, fsbtodb(fs, fs->fs_csaddr + i), size,
+                   fs->fs_dbsize);
+#else SECSIZE
                 tp = bread(dev, fsbtodb(fs, fs->fs_csaddr + i), size);
                 tp = bread(dev, fsbtodb(fs, fs->fs_csaddr + i), size);
+#endif SECSIZE
                 if (tp->b_flags&B_ERROR) {
                         wmemfree(space, (int)fs->fs_cssize);
                         goto out;
                 }
                 bcopy((caddr_t)tp->b_un.b_addr, space, (u_int)size);
                 if (tp->b_flags&B_ERROR) {
                         wmemfree(space, (int)fs->fs_cssize);
                         goto out;
                 }
                 bcopy((caddr_t)tp->b_un.b_addr, space, (u_int)size);
-               fs->fs_csp[i / fs->fs_frag] = (struct csum *)space;
+               fs->fs_csp[fragstoblks(fs, i)] = (struct csum *)space;
                 space += size;
                 brelse(tp);
                 tp = 0;
                 space += size;
                 brelse(tp);
                 tp = 0;
@@ -122,11 +210,24 @@ found:
         mp->m_dev = dev;
         if (ip) {
                 ip->i_flag |= IMOUNT;
         mp->m_dev = dev;
         if (ip) {
                 ip->i_flag |= IMOUNT;
+               cacheinval(ip);
                 iunlock(ip);
         }
                 iunlock(ip);
         }
+       /* Sanity checks for old file systems.                     XXX */
+       fs->fs_npsect = MAX(fs->fs_npsect, fs->fs_nsect);       /* XXX */
+       fs->fs_interleave = MAX(fs->fs_interleave, 1);          /* XXX */
+
+
         return (fs);
  out:
         return (fs);
  out:
-       u.u_error = EBUSY;
+       if (error == 0)
+               error = EIO;
+       if (needclose && ip)
+               (void) closei((dev_t)ip->i_rdev, IFBLK,
+                   ronly? FREAD : FREAD|FWRITE);
+       if (needclose)
+               (void) closei((dev_t)ip->i_rdev, IFBLK,
+                   ronly? FREAD : FREAD|FWRITE);
         if (ip)
                 iput(ip);
         if (mp)
         if (ip)
                 iput(ip);
         if (mp)
@@ -135,6 +236,7 @@ out:
                 brelse(bp);
         if (tp)
                 brelse(tp);
                 brelse(bp);
         if (tp)
                 brelse(tp);
+       u.u_error = error;
         return (0);
  }
  
         return (0);
  }
  
@@ -142,21 +244,24 @@ umount()
  {
         struct a {
                 char    *fspec;
  {
         struct a {
                 char    *fspec;
-       };
+       } *uap = (struct a *)u.u_ap;
  
  
-       u.u_error = unmount1(0);
+       u.u_error = unmount1(uap->fspec, 0);
  }
  
  }
  
-unmount1(forcibly)
+unmount1(fname, forcibly)
+       caddr_t fname;
         int forcibly;
  {
         dev_t dev;
         register struct mount *mp;
         int forcibly;
  {
         dev_t dev;
         register struct mount *mp;
-       int stillopen, flag, error;
+       int error;
         register struct inode *ip;
         register struct fs *fs;
  
         register struct inode *ip;
         register struct fs *fs;
  
-       error = getmdev(&dev);
+       forcibly = 0;                                   /* XXX */
+       forcibly = 0;                                   /* XXX */
+       error = getmdev(&dev, fname);
         if (error)
                 return (error);
         for (mp = &mount[0]; mp < &mount[NMOUNT]; mp++)
         if (error)
                 return (error);
         for (mp = &mount[0]; mp < &mount[NMOUNT]; mp++)
@@ -165,38 +270,33 @@ unmount1(forcibly)
         return (EINVAL);
  found:
         xumount(dev);   /* remove unused sticky files from text table */
         return (EINVAL);
  found:
         xumount(dev);   /* remove unused sticky files from text table */
+       nchinval(dev);  /* flush the name cache */
         update();
  #ifdef QUOTA
         update();
  #ifdef QUOTA
-       if ((stillopen = iflush(dev, mp->m_qinod)) < 0 && !forcibly)
+       if ((error = iflush(dev, mp->m_qinod)) && !forcibly)
  #else
  #else
-       if ((stillopen = iflush(dev)) < 0 && !forcibly)
+       if ((error = iflush(dev)) && !forcibly)
  #endif
  #endif
-               return (EBUSY);
-       if (stillopen < 0)
-               return (EBUSY);                 /* XXX */
+               return (error);
  #ifdef QUOTA
         closedq(mp);
         /*
          * Here we have to iflush again to get rid of the quota inode.
  #ifdef QUOTA
         closedq(mp);
         /*
          * Here we have to iflush again to get rid of the quota inode.
-        * A drag, but it would be ugly to cheat, & this doesn't happen often
+        * A drag, but it would be ugly to cheat, & this doesn't happen often.
          */
         (void)iflush(dev, (struct inode *)NULL);
  #endif
         ip = mp->m_inodp;
         ip->i_flag &= ~IMOUNT;
          */
         (void)iflush(dev, (struct inode *)NULL);
  #endif
         ip = mp->m_inodp;
         ip->i_flag &= ~IMOUNT;
-       irele(ip);
         fs = mp->m_bufp->b_un.b_fs;
         wmemfree((caddr_t)fs->fs_csp[0], (int)fs->fs_cssize);
         fs = mp->m_bufp->b_un.b_fs;
         wmemfree((caddr_t)fs->fs_csp[0], (int)fs->fs_cssize);
-       flag = !fs->fs_ronly;
         brelse(mp->m_bufp);
         mp->m_bufp = 0;
         mp->m_dev = 0;
         mpurge(mp - &mount[0]);
         brelse(mp->m_bufp);
         mp->m_bufp = 0;
         mp->m_dev = 0;
         mpurge(mp - &mount[0]);
-       if (!stillopen) {
-               (*bdevsw[major(dev)].d_close)(dev, flag);
-               binval(dev);
-       }
-       return (0);
+       error = closei(dev, IFBLK, fs->fs_ronly? FREAD : FREAD|FWRITE);
+       irele(ip);
+       return (error);
  }
  
  sbupdate(mp)
  }
  
  sbupdate(mp)
@@ -208,8 +308,20 @@ sbupdate(mp)
         caddr_t space;
         int i, size;
  
         caddr_t space;
         int i, size;
  
+#ifdef SECSIZE
+       bp = getblk(mp->m_dev, (daddr_t)fsbtodb(fs, SBOFF / fs->fs_fsize),
+           (int)fs->fs_sbsize, fs->fs_dbsize);
+#else SECSIZE
         bp = getblk(mp->m_dev, SBLOCK, (int)fs->fs_sbsize);
         bp = getblk(mp->m_dev, SBLOCK, (int)fs->fs_sbsize);
+#endif SECSIZE
         bcopy((caddr_t)fs, bp->b_un.b_addr, (u_int)fs->fs_sbsize);
         bcopy((caddr_t)fs, bp->b_un.b_addr, (u_int)fs->fs_sbsize);
+#ifdef SECSIZE
+#ifdef tahoe
+       /* restore standard fsbtodb shift */
+       bp->b_un.b_fs->fs_fsbtodb = fs->fs_sparecon[0];
+       bp->b_un.b_fs->fs_sparecon[0] = 0;
+#endif
+#endif SECSIZE
         bwrite(bp);
         blks = howmany(fs->fs_cssize, fs->fs_fsize);
         space = (caddr_t)fs->fs_csp[0];
         bwrite(bp);
         blks = howmany(fs->fs_cssize, fs->fs_fsize);
         space = (caddr_t)fs->fs_csp[0];
@@ -217,7 +329,12 @@ sbupdate(mp)
                 size = fs->fs_bsize;
                 if (i + fs->fs_frag > blks)
                         size = (blks - i) * fs->fs_fsize;
                 size = fs->fs_bsize;
                 if (i + fs->fs_frag > blks)
                         size = (blks - i) * fs->fs_fsize;
+#ifdef SECSIZE
+               bp = getblk(mp->m_dev, fsbtodb(fs, fs->fs_csaddr + i), size,
+                   fs->fs_dbsize);
+#else SECSIZE
                 bp = getblk(mp->m_dev, fsbtodb(fs, fs->fs_csaddr + i), size);
                 bp = getblk(mp->m_dev, fsbtodb(fs, fs->fs_csaddr + i), size);
+#endif SECSIZE
                 bcopy(space, bp->b_un.b_addr, (u_int)size);
                 space += size;
                 bwrite(bp);
                 bcopy(space, bp->b_un.b_addr, (u_int)size);
                 space += size;
                 bwrite(bp);
@@ -229,23 +346,33 @@ sbupdate(mp)
   * Check that the user's argument is a reasonable
   * thing on which to mount, and return the device number if so.
   */
   * Check that the user's argument is a reasonable
   * thing on which to mount, and return the device number if so.
   */
-getmdev(pdev)
+getmdev(pdev, fname)
+       caddr_t fname;
         dev_t *pdev;
  {
         dev_t dev;
         register struct inode *ip;
         dev_t *pdev;
  {
         dev_t dev;
         register struct inode *ip;
+       register struct nameidata *ndp = &u.u_nd;
  
         if (!suser())
                 return (u.u_error);
  
         if (!suser())
                 return (u.u_error);
-       ip = namei(uchar, LOOKUP, 1);
-       if (ip == NULL)
+       ndp->ni_nameiop = LOOKUP | FOLLOW;
+       ndp->ni_segflg = UIO_USERSPACE;
+       ndp->ni_dirp = fname;
+       ip = namei(ndp);
+       if (ip == NULL) {
+               if (u.u_error == ENOENT)
+                       return (ENODEV); /* needs translation */
                 return (u.u_error);
                 return (u.u_error);
-       if ((ip->i_mode&IFMT) != IFBLK)
+       }
+       if ((ip->i_mode&IFMT) != IFBLK) {
+               iput(ip);
                 return (ENOTBLK);
                 return (ENOTBLK);
+       }
         dev = (dev_t)ip->i_rdev;
         dev = (dev_t)ip->i_rdev;
+       iput(ip);
         if (major(dev) >= nblkdev)
                 return (ENXIO);
         if (major(dev) >= nblkdev)
                 return (ENXIO);
-       iput(ip);
         *pdev = dev;
         return (0);
  }
         *pdev = dev;
         return (0);
  }