projects / unix-history / blobdiff
? search:
summary | tags | clone url | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
KTRACE code
[unix-history] / usr / src / sys / kern / vfs_lookup.c
diff --git a/usr/src/sys/kern/vfs_lookup.c b/usr/src/sys/kern/vfs_lookup.c
index b2cd4c9..60e571f 100644 (file)
--- a/usr/src/sys/kern/vfs_lookup.c
+++ b/usr/src/sys/kern/vfs_lookup.c
@@ -1,20 +1,30 @@
-/*     vfs_lookup.c    6.7     84/06/27        */
+/*
+ * Copyright (c) 1982, 1986 Regents of the University of California.
+ * All rights reserved.  The Berkeley software License Agreement
+ * specifies the terms and conditions for redistribution.
+ *
+ *     @(#)vfs_lookup.c        7.6 (Berkeley) %G%
+ */
 
 
-#include "../h/param.h"
-#include "../h/systm.h"
-#include "../h/inode.h"
-#include "../h/fs.h"
-#include "../h/mount.h"
-#include "../h/dir.h"
-#include "../h/user.h"
-#include "../h/buf.h"
-#include "../h/conf.h"
-#include "../h/uio.h"
-#include "../h/nami.h"
-#include "../h/kernel.h"
+#include "param.h"
+#include "systm.h"
+#include "inode.h"
+#include "fs.h"
+#include "mount.h"
+#include "dir.h"
+#include "user.h"
+#include "buf.h"
+#include "conf.h"
+#include "uio.h"
+#include "kernel.h"
+#include "malloc.h"
+#ifdef KTRACE
+#include "proc.h"
+#include "ktrace.h"
+#endif
 
 struct buf *blkatoff();
 
 struct buf *blkatoff();
-int    dirchk = 0;
+int    dirchk = 1;
 
 /*
  * Structures associated with name cacheing.
 
 /*
  * Structures associated with name cacheing.
@@ -27,58 +37,55 @@ int dirchk = 0;
 #define        NHASH(h, i, d)  ((unsigned)((h) + (i) + 13 * (int)(d)) & ((NCHHASH)-1))
 #endif
 
 #define        NHASH(h, i, d)  ((unsigned)((h) + (i) + 13 * (int)(d)) & ((NCHHASH)-1))
 #endif
 
-union  nchash  {
-       union   nchash  *nch_head[2];
-       struct  nch     *nch_chain[2];
+union nchash {
+       union   nchash *nch_head[2];
+       struct  namecache *nch_chain[2];
 } nchash[NCHHASH];
 #define        nch_forw        nch_chain[0]
 #define        nch_back        nch_chain[1]
 
 } nchash[NCHHASH];
 #define        nch_forw        nch_chain[0]
 #define        nch_back        nch_chain[1]
 
-struct nch     *nchhead, **nchtail;    /* LRU chain pointers */
+struct namecache *nchhead, **nchtail;  /* LRU chain pointers */
 struct nchstats nchstats;              /* cache effectiveness statistics */
 
 /*
 struct nchstats nchstats;              /* cache effectiveness statistics */
 
 /*
- * Convert a pathname into a pointer to a locked inode,
- * with side effects usable in creating and removing files.
+ * Convert a pathname into a pointer to a locked inode.
  * This is a very central and rather complicated routine.
  * This is a very central and rather complicated routine.
- *
- * The func argument gives the routine which returns successive
- * characters of the name to be translated. 
- *
- * The flag argument is (LOOKUP, CREATE, DELETE) depending on whether
- * the name is to be (looked up, created, deleted).  If flag has
- * LOCKPARENT or'ed into it and the target of the pathname exists,
- * namei returns both the target and its parent directory locked. 
  * If the file system is not maintained in a strict tree hierarchy,
  * If the file system is not maintained in a strict tree hierarchy,
- * this can result in a deadlock situation.  When creating and
+ * this can result in a deadlock situation (see comments in code below).
+ *
+ * The flag argument is LOOKUP, CREATE, or DELETE depending on whether
+ * the name is to be looked up, created, or deleted. When CREATE or
+ * DELETE is specified, information usable in creating or deleteing a
+ * directory entry is also calculated. If flag has LOCKPARENT or'ed
+ * into it and the target of the pathname exists, namei returns both
+ * the target and its parent directory locked. When creating and
  * LOCKPARENT is specified, the target may not be ".".  When deleting
  * and LOCKPARENT is specified, the target may be ".", but the caller
  * must check to insure it does an irele and iput instead of two iputs.
  *
  * LOCKPARENT is specified, the target may not be ".".  When deleting
  * and LOCKPARENT is specified, the target may be ".", but the caller
  * must check to insure it does an irele and iput instead of two iputs.
  *
- * The follow argument is 1 when symbolic links are to be followed
+ * The FOLLOW flag is set when symbolic links are to be followed
  * when they occur at the end of the name translation process.
  * when they occur at the end of the name translation process.
+ * Symbolic links are always followed for all other pathname
+ * components other than the last.
  *
  *
- * Name caching works as follows:
+ * The segflg defines whether the name is to be copied from user
+ * space or kernel space.
  *
  *
- *     names found by directory scans are retained in a cache
- *     for future reference.  It is managed LRU, so frequently
- *     used names will hang around.  Cache is indexed by hash value
- *     obtained from (ino,dev,name) where ino & dev refer to the
- *     directory containing name.
+ * Name caching works as follows:
  *
  *
- *     For simplicity (and economy of storage), names longer than
- *     some (small) maximum length are not cached, they occur
- *     infrequently in any case, and are almost never of interest.
+ * Names found by directory scans are retained in a cache
+ * for future reference.  It is managed LRU, so frequently
+ * used names will hang around.  Cache is indexed by hash value
+ * obtained from (ino,dev,name) where ino & dev refer to the
+ * directory containing name.
  *
  *
- *     Upon reaching the last segment of a path, if the reference
- *     is for DELETE, or NOCACHE is set (rewrite), and the
- *     name is located in the cache, it will be dropped.
+ * For simplicity (and economy of storage), names longer than
+ * a maximum length of NCHNAMLEN are not cached; they occur
+ * infrequently in any case, and are almost never of interest.
  *
  *
- *     We must be sure never to enter the name ".." into the cache
- *     because of the extremely kludgey way that rename() alters
- *     ".." in a situation like
- *             mv a/x b/x
- *     where x is a directory, and x/.. is the ".." in question.
+ * Upon reaching the last segment of a path, if the reference
+ * is for DELETE, or NOCACHE is set (rewrite), and the
+ * name is located in the cache, it will be dropped.
  *
  * Overall outline of namei:
  *
  *
  * Overall outline of namei:
  *
@@ -87,7 +94,7 @@ struct        nchstats nchstats;              /* cache effectiveness statistics */
  * dirloop:
  *     check accessibility of directory
  * dirloop2:
  * dirloop:
  *     check accessibility of directory
  * dirloop2:
- *     copy next component of name to u.u_dent
+ *     copy next component of name to ndp->ni_dent
  *     handle degenerate case where name is null string
  *     look for name in cache, if found, then if at end of path
  *       and deleting or creating, drop it, else to haveino
  *     handle degenerate case where name is null string
  *     look for name in cache, if found, then if at end of path
  *       and deleting or creating, drop it, else to haveino
@@ -97,10 +104,11 @@ struct     nchstats nchstats;              /* cache effectiveness statistics */
  *     else return error
  * found:
  *     if at end of path and deleting, return information to allow delete
  *     else return error
  * found:
  *     if at end of path and deleting, return information to allow delete
- *     if at end of path and rewriting (create and LOCKPARENT), lock target
+ *     if at end of path and rewriting (CREATE and LOCKPARENT), lock target
  *       inode and return info to allow rewrite
  *     if .. and on mounted filesys, look in mount table for parent
  *       inode and return info to allow rewrite
  *     if .. and on mounted filesys, look in mount table for parent
- *     if not at end, if neither creating nor deleting, add name to cache
+ *     if not at end, add name to cache; if at end and neither creating
+ *       nor deleting, add name to cache
  * haveino:
  *     if symbolic link, massage name in buffer and continue at dirloop
  *     if more components of name, do next level at dirloop
  * haveino:
  *     if symbolic link, massage name in buffer and continue at dirloop
  *     if more components of name, do next level at dirloop
@@ -110,18 +118,18 @@ struct    nchstats nchstats;              /* cache effectiveness statistics */
  *      but unlocked.
  */
 struct inode *
  *      but unlocked.
  */
 struct inode *
-namei(func, flag, follow)
-       int (*func)(), flag, follow;
+namei(ndp)
+       register struct nameidata *ndp;
 {
        register char *cp;              /* pointer into pathname argument */
 /* these variables refer to things which must be freed or unlocked */
        register struct inode *dp = 0;  /* the directory we are searching */
 {
        register char *cp;              /* pointer into pathname argument */
 /* these variables refer to things which must be freed or unlocked */
        register struct inode *dp = 0;  /* the directory we are searching */
-       register struct nch *ncp;       /* cache slot for entry */
+       register struct namecache *ncp; /* cache slot for entry */
        register struct fs *fs;         /* file system that directory is in */
        register struct buf *bp = 0;    /* a buffer of directory entries */
        register struct direct *ep;     /* the current directory entry */
        int entryoffsetinblock;         /* offset of ep in bp's buffer */
        register struct fs *fs;         /* file system that directory is in */
        register struct buf *bp = 0;    /* a buffer of directory entries */
        register struct direct *ep;     /* the current directory entry */
        int entryoffsetinblock;         /* offset of ep in bp's buffer */
-       register struct buf *nbp;       /* buffer storing path name argument */
+       register caddr_t nbp;           /* buffer storing path name argument */
 /* these variables hold information about the search for a slot */
        enum {NONE, COMPACT, FOUND} slotstatus;
        int slotoffset = -1;            /* offset of area with free space */
 /* these variables hold information about the search for a slot */
        enum {NONE, COMPACT, FOUND} slotstatus;
        int slotoffset = -1;            /* offset of area with free space */
@@ -131,44 +139,46 @@ namei(func, flag, follow)
 /* */
        int numdirpasses;               /* strategy for directory search */
        int endsearch;                  /* offset to end directory search */
 /* */
        int numdirpasses;               /* strategy for directory search */
        int endsearch;                  /* offset to end directory search */
-       int prevoff;                    /* u.u_offset of previous entry */
+       int prevoff;                    /* ndp->ni_offset of previous entry */
        int nlink = 0;                  /* number of symbolic links taken */
        struct inode *pdp;              /* saved dp during symlink work */
        int nlink = 0;                  /* number of symbolic links taken */
        struct inode *pdp;              /* saved dp during symlink work */
-       int i;
+       int error, i;
        int lockparent;
        int lockparent;
-       int docache;
+       int docache;                    /* == 0 do not cache last component */
+       int makeentry;                  /* != 0 if name to be added to cache */
        unsigned hash;                  /* value of name hash for entry */
        union nchash *nhp;              /* cache chain head for entry */
        int isdotdot;                   /* != 0 if current name is ".." */
        unsigned hash;                  /* value of name hash for entry */
        union nchash *nhp;              /* cache chain head for entry */
        int isdotdot;                   /* != 0 if current name is ".." */
+       int flag;                       /* op ie, LOOKUP, CREATE, or DELETE */
+       off_t enduseful;                /* pointer past last used dir slot */
 
 
-       lockparent = flag & LOCKPARENT;
-       docache = (flag & NOCACHE) ^ NOCACHE;
-       flag &= ~(LOCKPARENT|NOCACHE);
-       if (flag == DELETE)
+       lockparent = ndp->ni_nameiop & LOCKPARENT;
+       docache = (ndp->ni_nameiop & NOCACHE) ^ NOCACHE;
+       flag = ndp->ni_nameiop &~ (LOCKPARENT|NOCACHE|FOLLOW);
+       if (flag == DELETE || lockparent)
                docache = 0;
        /*
         * Get a buffer for the name to be translated, and copy the
         * name into the buffer.
         */
                docache = 0;
        /*
         * Get a buffer for the name to be translated, and copy the
         * name into the buffer.
         */
-       nbp = geteblk(MAXPATHLEN);
-       for (cp = nbp->b_un.b_addr; *cp = (*func)(); ) {
-               if ((*cp&0377) == ('/'|0200) || (*cp&0200) && flag != DELETE) {
-                       u.u_error = EPERM;
-                       goto bad;
-               }
-               cp++;
-               if (cp >= nbp->b_un.b_addr + MAXPATHLEN) {
-                       u.u_error = ENOENT;
-                       goto bad;
-               }
-       }
-       if (u.u_error)
+       MALLOC(nbp, caddr_t, MAXPATHLEN, M_NAMEI, M_WAITOK);
+       if (ndp->ni_segflg == UIO_SYSSPACE)
+               error = copystr(ndp->ni_dirp, nbp, MAXPATHLEN, (u_int *)0);
+       else
+               error = copyinstr(ndp->ni_dirp, nbp, MAXPATHLEN, (u_int *)0);
+       if (error) {
+               u.u_error = error;
                goto bad;
                goto bad;
+       }
+#ifdef KTRACE
+       if (KTRPOINT(u.u_procp, KTR_NAMEI))
+               ktrnamei(u.u_procp->p_tracep, nbp);
+#endif
 
        /*
         * Get starting directory.
         */
 
        /*
         * Get starting directory.
         */
-       cp = nbp->b_un.b_addr;
+       cp = nbp;
        if (*cp == '/') {
                while (*cp == '/')
                        cp++;
        if (*cp == '/') {
                while (*cp == '/')
                        cp++;
@@ -177,9 +187,10 @@ namei(func, flag, follow)
        } else
                dp = u.u_cdir;
        fs = dp->i_fs;
        } else
                dp = u.u_cdir;
        fs = dp->i_fs;
-       ilock(dp);
+       ILOCK(dp);
        dp->i_count++;
        dp->i_count++;
-       u.u_pdir = (struct inode *)0xc0000000;          /* illegal */
+       ndp->ni_pdir = (struct inode *)0xc0000000;              /* illegal */
+       ndp->ni_endoff = 0;
 
        /*
         * We come to dirloop to search a new directory.
 
        /*
         * We come to dirloop to search a new directory.
@@ -199,34 +210,73 @@ dirloop:
 
 dirloop2:
        /*
 
 dirloop2:
        /*
-        * Copy next component of name to u.u_dent.
+        * Copy next component of name to ndp->ni_dent.
         */
        hash = 0;
        for (i = 0; *cp != 0 && *cp != '/'; cp++) {
                if (i >= MAXNAMLEN) {
         */
        hash = 0;
        for (i = 0; *cp != 0 && *cp != '/'; cp++) {
                if (i >= MAXNAMLEN) {
-                       u.u_error = ENOENT;
+                       u.u_error = ENAMETOOLONG;
                        goto bad;
                }
                        goto bad;
                }
-               u.u_dent.d_name[i++] = *cp;
+               if (*cp & 0200)
+                       if ((*cp&0377) == ('/'|0200) || flag != DELETE) {
+                               u.u_error = EINVAL;
+                               goto bad;
+                       }
+               ndp->ni_dent.d_name[i++] = *cp;
                hash += (unsigned char)*cp * i;
        }
                hash += (unsigned char)*cp * i;
        }
-       u.u_dent.d_namlen = i;
-       u.u_dent.d_name[i] = 0;
+       ndp->ni_dent.d_namlen = i;
+       ndp->ni_dent.d_name[i] = '\0';
+       isdotdot = (i == 2 &&
+               ndp->ni_dent.d_name[0] == '.' && ndp->ni_dent.d_name[1] == '.');
+       makeentry = 1;
+       if (*cp == '\0' && docache == 0)
+               makeentry = 0;
 
        /*
         * Check for degenerate name (e.g. / or "")
         * which is a way of talking about a directory,
         * e.g. like "/." or ".".
         */
 
        /*
         * Check for degenerate name (e.g. / or "")
         * which is a way of talking about a directory,
         * e.g. like "/." or ".".
         */
-       if (u.u_dent.d_name[0] == 0) {
+       if (ndp->ni_dent.d_name[0] == '\0') {
                if (flag != LOOKUP || lockparent) {
                        u.u_error = EISDIR;
                        goto bad;
                }
                if (flag != LOOKUP || lockparent) {
                        u.u_error = EISDIR;
                        goto bad;
                }
-               brelse(nbp);
+               FREE(nbp, M_NAMEI);
                return (dp);
        }
 
                return (dp);
        }
 
+       /*
+        * Special handling for ".." allowing chdir out of mounted
+        * file system: indirect .. in root inode to reevaluate
+        * in directory file system was mounted on.
+        */
+       if (isdotdot) {
+               for (;;) {
+                       if (dp == u.u_rdir || dp == rootdir) {
+                               ndp->ni_dent.d_ino = dp->i_number;
+                               pdp = dp;
+                               dp->i_count++;
+                               goto haveino;
+                       }
+                       if (dp->i_number != ROOTINO)
+                               break;
+                       for (i = 1; i < NMOUNT; i++) {
+                               if (mount[i].m_fs != NULL &&
+                                   mount[i].m_dev == dp->i_dev) {
+                                       iput(dp);
+                                       dp = mount[i].m_inodp;
+                                       ILOCK(dp);
+                                       dp->i_count++;
+                                       fs = dp->i_fs;
+                                       break;
+                               }
+                       }
+               }
+       }
+
        /*
         * We now have a segment name to search for, and a directory to search.
         *
        /*
         * We now have a segment name to search for, and a directory to search.
         *
@@ -237,94 +287,103 @@ dirloop2:
         * holding long names (which would either waste space, or
         * add greatly to the complexity).
         */
         * holding long names (which would either waste space, or
         * add greatly to the complexity).
         */
-       if (u.u_dent.d_namlen > NCHNAMLEN) {
+       if (ndp->ni_dent.d_namlen > NCHNAMLEN) {
                nchstats.ncs_long++;
                nchstats.ncs_long++;
-               docache = 0;
+               makeentry = 0;
        } else {
                nhp = &nchash[NHASH(hash, dp->i_number, dp->i_dev)];
        } else {
                nhp = &nchash[NHASH(hash, dp->i_number, dp->i_dev)];
-               for (ncp = nhp->nch_forw; ncp != (struct nch *)nhp;
+               for (ncp = nhp->nch_forw; ncp != (struct namecache *)nhp;
                    ncp = ncp->nc_forw) {
                        if (ncp->nc_ino == dp->i_number &&
                            ncp->nc_dev == dp->i_dev &&
                    ncp = ncp->nc_forw) {
                        if (ncp->nc_ino == dp->i_number &&
                            ncp->nc_dev == dp->i_dev &&
-                           ncp->nc_nlen == u.u_dent.d_namlen &&
-                           !bcmp(ncp->nc_name, u.u_dent.d_name, ncp->nc_nlen))
+                           ncp->nc_nlen == ndp->ni_dent.d_namlen &&
+                           !bcmp(ncp->nc_name, ndp->ni_dent.d_name,
+                               (unsigned)ncp->nc_nlen))
                                break;
                }
                                break;
                }
-
-               if (ncp == (struct nch *)nhp) {
+               if (ncp == (struct namecache *)nhp) {
                        nchstats.ncs_miss++;
                        ncp = NULL;
                } else {
                        if (ncp->nc_id != ncp->nc_ip->i_id)
                                nchstats.ncs_falsehits++;
                        nchstats.ncs_miss++;
                        ncp = NULL;
                } else {
                        if (ncp->nc_id != ncp->nc_ip->i_id)
                                nchstats.ncs_falsehits++;
-                       else if (*cp == '/' || docache) {
-
-                               nchstats.ncs_goodhits++;
-
-                                       /*
-                                        * move this slot to end of LRU
-                                        * chain, if not already there
-                                        */
+                       else if (!makeentry)
+                               nchstats.ncs_badhits++;
+                       else {
+                               /*
+                                * move this slot to end of LRU
+                                * chain, if not already there
+                                */
                                if (ncp->nc_nxt) {
                                if (ncp->nc_nxt) {
-                                               /* remove from LRU chain */
+                                       /* remove from LRU chain */
                                        *ncp->nc_prev = ncp->nc_nxt;
                                        ncp->nc_nxt->nc_prev = ncp->nc_prev;
 
                                        *ncp->nc_prev = ncp->nc_nxt;
                                        ncp->nc_nxt->nc_prev = ncp->nc_prev;
 
-                                               /* and replace at end of it */
+                                       /* and replace at end of it */
                                        ncp->nc_nxt = NULL;
                                        ncp->nc_prev = nchtail;
                                        *nchtail = ncp;
                                        nchtail = &ncp->nc_nxt;
                                }
 
                                        ncp->nc_nxt = NULL;
                                        ncp->nc_prev = nchtail;
                                        *nchtail = ncp;
                                        nchtail = &ncp->nc_nxt;
                                }
 
+                               /*
+                                * Get the next inode in the path.
+                                * See comment above other `IUNLOCK' code for
+                                * an explaination of the locking protocol.
+                                */
                                pdp = dp;
                                pdp = dp;
-                               dp = ncp->nc_ip;
+                               if (!isdotdot || dp != u.u_rdir)
+                                       dp = ncp->nc_ip;
                                if (dp == NULL)
                                if (dp == NULL)
-                                       panic("nami: null cache ino");
+                                       panic("namei: null cache ino");
                                if (pdp == dp)
                                        dp->i_count++;
                                if (pdp == dp)
                                        dp->i_count++;
-                               else if (dp->i_count) {
-                                       dp->i_count++;
-                                       ilock(dp);
-                                       iunlock(pdp);
+                               else if (isdotdot) {
+                                       IUNLOCK(pdp);
+                                       igrab(dp);
                                } else {
                                        igrab(dp);
                                } else {
                                        igrab(dp);
-                                       iunlock(pdp);
+                                       IUNLOCK(pdp);
                                }
 
                                }
 
-                               u.u_dent.d_ino = dp->i_number;
-                               /* u_dent.d_reclen is garbage ... */
-
-                               goto haveino;
-                       } else
-                               nchstats.ncs_badhits++;
+                               /*
+                                * Verify that the inode that we got
+                                * did not change while we were waiting
+                                * for it to be locked.
+                                */
+                               if (ncp->nc_id != ncp->nc_ip->i_id) {
+                                       iput(dp);
+                                       ILOCK(pdp);
+                                       dp = pdp;
+                                       nchstats.ncs_falsehits++;
+                               } else {
+                                       ndp->ni_dent.d_ino = dp->i_number;
+                                       /* ni_dent.d_reclen is garbage ... */
+                                       nchstats.ncs_goodhits++;
+                                       goto haveino;
+                               }
+                       }
 
                        /*
                         * Last component and we are renaming or deleting,
                         * the cache entry is invalid, or otherwise don't
                         * want cache entry to exist.
                         */
 
                        /*
                         * Last component and we are renaming or deleting,
                         * the cache entry is invalid, or otherwise don't
                         * want cache entry to exist.
                         */
-
-                               /* remove from LRU chain */
+                       /* remove from LRU chain */
                        *ncp->nc_prev = ncp->nc_nxt;
                        if (ncp->nc_nxt)
                                ncp->nc_nxt->nc_prev = ncp->nc_prev;
                        else
                                nchtail = ncp->nc_prev;
                        *ncp->nc_prev = ncp->nc_nxt;
                        if (ncp->nc_nxt)
                                ncp->nc_nxt->nc_prev = ncp->nc_prev;
                        else
                                nchtail = ncp->nc_prev;
-
-                               /* remove from hash chain */
-                       remque(ncp);
-
-                               /* insert at head of LRU list (first to grab) */
+                       remque(ncp);            /* remove from hash chain */
+                       /* insert at head of LRU list (first to grab) */
                        ncp->nc_nxt = nchhead;
                        ncp->nc_prev = &nchhead;
                        nchhead->nc_prev = &ncp->nc_nxt;
                        nchhead = ncp;
                        ncp->nc_nxt = nchhead;
                        ncp->nc_prev = &nchhead;
                        nchhead->nc_prev = &ncp->nc_nxt;
                        nchhead = ncp;
-
-                               /* and make a dummy hash chain */
+                       /* and make a dummy hash chain */
                        ncp->nc_forw = ncp;
                        ncp->nc_back = ncp;
                        ncp->nc_forw = ncp;
                        ncp->nc_back = ncp;
-
                        ncp = NULL;
                }
        }
                        ncp = NULL;
                }
        }
@@ -339,7 +398,7 @@ dirloop2:
        if (flag == CREATE && *cp == 0) {
                slotstatus = NONE;
                slotfreespace = 0;
        if (flag == CREATE && *cp == 0) {
                slotstatus = NONE;
                slotfreespace = 0;
-               slotneeded = DIRSIZ(&u.u_dent);
+               slotneeded = DIRSIZ(&ndp->ni_dent);
        }
        /*
         * If this is the same directory that this process
        }
        /*
         * If this is the same directory that this process
@@ -353,17 +412,15 @@ dirloop2:
         */
        if (flag != LOOKUP || dp->i_number != u.u_ncache.nc_inumber ||
            dp->i_dev != u.u_ncache.nc_dev) {
         */
        if (flag != LOOKUP || dp->i_number != u.u_ncache.nc_inumber ||
            dp->i_dev != u.u_ncache.nc_dev) {
-               u.u_offset = 0;
+               ndp->ni_offset = 0;
                numdirpasses = 1;
        } else {
                numdirpasses = 1;
        } else {
-               if ((dp->i_flag & ICHG) || dp->i_ctime >= u.u_ncache.nc_time) {
-                       u.u_ncache.nc_prevoffset &= ~(DIRBLKSIZ - 1);
-                       u.u_ncache.nc_time = time.tv_sec;
-               }
-               u.u_offset = u.u_ncache.nc_prevoffset;
-               entryoffsetinblock = blkoff(fs, u.u_offset);
+               if (u.u_ncache.nc_prevoffset > dp->i_size)
+                       u.u_ncache.nc_prevoffset = 0;
+               ndp->ni_offset = u.u_ncache.nc_prevoffset;
+               entryoffsetinblock = blkoff(fs, ndp->ni_offset);
                if (entryoffsetinblock != 0) {
                if (entryoffsetinblock != 0) {
-                       bp = blkatoff(dp, u.u_offset, (char **)0);
+                       bp = blkatoff(dp, ndp->ni_offset, (char **)0);
                        if (bp == 0)
                                goto bad;
                }
                        if (bp == 0)
                                goto bad;
                }
@@ -371,53 +428,48 @@ dirloop2:
                nchstats.ncs_2passes++;
        }
        endsearch = roundup(dp->i_size, DIRBLKSIZ);
                nchstats.ncs_2passes++;
        }
        endsearch = roundup(dp->i_size, DIRBLKSIZ);
+       enduseful = 0;
 
 
+#ifdef NAMEI_DIAGNOSTIC
+       printf("{%s}:\n", ndp->ni_dent.d_name);
+#endif
 searchloop:
 searchloop:
-       while (u.u_offset < endsearch) {
+       while (ndp->ni_offset < endsearch) {
                /*
                 * If offset is on a block boundary,
                 * read the next directory block.
                 * Release previous if it exists.
                 */
                /*
                 * If offset is on a block boundary,
                 * read the next directory block.
                 * Release previous if it exists.
                 */
-               if (blkoff(fs, u.u_offset) == 0) {
+               if (blkoff(fs, ndp->ni_offset) == 0) {
                        if (bp != NULL)
                                brelse(bp);
                        if (bp != NULL)
                                brelse(bp);
-                       bp = blkatoff(dp, u.u_offset, (char **)0);
+                       bp = blkatoff(dp, ndp->ni_offset, (char **)0);
                        if (bp == 0)
                                goto bad;
                        entryoffsetinblock = 0;
                }
                        if (bp == 0)
                                goto bad;
                        entryoffsetinblock = 0;
                }
-
                /*
                 * If still looking for a slot, and at a DIRBLKSIZE
                /*
                 * If still looking for a slot, and at a DIRBLKSIZE
-                * boundary, have to start looking for free space
-                * again.
+                * boundary, have to start looking for free space again.
                 */
                if (slotstatus == NONE &&
                    (entryoffsetinblock&(DIRBLKSIZ-1)) == 0) {
                        slotoffset = -1;
                        slotfreespace = 0;
                }
                 */
                if (slotstatus == NONE &&
                    (entryoffsetinblock&(DIRBLKSIZ-1)) == 0) {
                        slotoffset = -1;
                        slotfreespace = 0;
                }
-
                /*
                /*
-                * Get pointer to next entry, and do consistency checking:
-                *      record length must be multiple of 4
-                *      record length must not be zero
-                *      entry must fit in rest of this DIRBLKSIZ block
-                *      record must be large enough to contain name
-                * When dirchk is set we also check:
-                *      name is not longer than MAXNAMLEN
-                *      name must be as long as advertised, and null terminated
-                * Checking last two conditions is done only when dirchk is
-                * set, to save time.
+                * Get pointer to next entry.
+                * Full validation checks are slow, so we only check
+                * enough to insure forward progress through the
+                * directory. Complete checks can be run by patching
+                * "dirchk" to be true.
                 */
                ep = (struct direct *)(bp->b_un.b_addr + entryoffsetinblock);
                 */
                ep = (struct direct *)(bp->b_un.b_addr + entryoffsetinblock);
-               i = DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1));
-               if ((ep->d_reclen & 0x3) || ep->d_reclen == 0 ||
-                   ep->d_reclen > i || DIRSIZ(ep) > ep->d_reclen ||
-                   dirchk && (ep->d_namlen > MAXNAMLEN || dirbadname(ep))) {
-                       dirbad(dp, "mangled entry");
-                       u.u_offset += i;
+               if (ep->d_reclen == 0 ||
+                   dirchk && dirbadentry(ep, entryoffsetinblock)) {
+                       dirbad(dp, ndp->ni_offset, "mangled entry");
+                       i = DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1));
+                       ndp->ni_offset += i;
                        entryoffsetinblock += i;
                        continue;
                }
                        entryoffsetinblock += i;
                        continue;
                }
@@ -436,17 +488,16 @@ searchloop:
                        if (size > 0) {
                                if (size >= slotneeded) {
                                        slotstatus = FOUND;
                        if (size > 0) {
                                if (size >= slotneeded) {
                                        slotstatus = FOUND;
-                                       slotoffset = u.u_offset;
+                                       slotoffset = ndp->ni_offset;
                                        slotsize = ep->d_reclen;
                                } else if (slotstatus == NONE) {
                                        slotfreespace += size;
                                        if (slotoffset == -1)
                                        slotsize = ep->d_reclen;
                                } else if (slotstatus == NONE) {
                                        slotfreespace += size;
                                        if (slotoffset == -1)
-                                               slotoffset = u.u_offset;
+                                               slotoffset = ndp->ni_offset;
                                        if (slotfreespace >= slotneeded) {
                                                slotstatus = COMPACT;
                                        if (slotfreespace >= slotneeded) {
                                                slotstatus = COMPACT;
-                                               slotsize =
-                                                   u.u_offset+ep->d_reclen -
-                                                     slotoffset;
+                                               slotsize = ndp->ni_offset +
+                                                     ep->d_reclen - slotoffset;
                                        }
                                }
                        }
                                        }
                                }
                        }
@@ -456,14 +507,23 @@ searchloop:
                 * Check for a name match.
                 */
                if (ep->d_ino) {
                 * Check for a name match.
                 */
                if (ep->d_ino) {
-                       if (ep->d_namlen == u.u_dent.d_namlen &&
-                           !bcmp(u.u_dent.d_name, ep->d_name, ep->d_namlen))
+#ifdef NAMEI_DIAGNOSTIC
+                       printf("{%s} ", ep->d_name);
+#endif
+                       if (ep->d_namlen == ndp->ni_dent.d_namlen &&
+                           !bcmp(ndp->ni_dent.d_name, ep->d_name,
+                               (unsigned)ep->d_namlen))
                                goto found;
                }
                                goto found;
                }
-               prevoff = u.u_offset;
-               u.u_offset += ep->d_reclen;
+               prevoff = ndp->ni_offset;
+               ndp->ni_offset += ep->d_reclen;
                entryoffsetinblock += ep->d_reclen;
                entryoffsetinblock += ep->d_reclen;
+               if (ep->d_ino)
+                       enduseful = ndp->ni_offset;
        }
        }
+#ifdef NAMEI_DIAGNOSTIC
+       printf("\nnotfound\n");
+#endif
 /* notfound: */
        /*
         * If we started in the middle of the directory and failed
 /* notfound: */
        /*
         * If we started in the middle of the directory and failed
@@ -471,7 +531,7 @@ searchloop:
         */
        if (numdirpasses == 2) {
                numdirpasses--;
         */
        if (numdirpasses == 2) {
                numdirpasses--;
-               u.u_offset = 0;
+               ndp->ni_offset = 0;
                endsearch = u.u_ncache.nc_prevoffset;
                goto searchloop;
        }
                endsearch = u.u_ncache.nc_prevoffset;
                goto searchloop;
        }
@@ -490,36 +550,43 @@ searchloop:
                /*
                 * Return an indication of where the new directory
                 * entry should be put.  If we didn't find a slot,
                /*
                 * Return an indication of where the new directory
                 * entry should be put.  If we didn't find a slot,
-                * then set u.u_count to 0 indicating that the
-                * new slot belongs at the end of the directory.
-                * If we found a slot, then the new entry can be
-                * put in the range [u.u_offset..u.u_offset+u.u_count)
+                * then set ndp->ni_count to 0 indicating that the new
+                * slot belongs at the end of the directory. If we found
+                * a slot, then the new entry can be put in the range
+                * [ndp->ni_offset .. ndp->ni_offset + ndp->ni_count)
                 */
                if (slotstatus == NONE) {
                 */
                if (slotstatus == NONE) {
-                       u.u_offset = roundup(dp->i_size, DIRBLKSIZ);
-                       u.u_count = 0;
+                       ndp->ni_offset = roundup(dp->i_size, DIRBLKSIZ);
+                       ndp->ni_count = 0;
+                       enduseful = ndp->ni_offset;
                } else {
                } else {
-                       u.u_offset = slotoffset;
-                       u.u_count = slotsize;
+                       ndp->ni_offset = slotoffset;
+                       ndp->ni_count = slotsize;
+                       if (enduseful < slotoffset + slotsize)
+                               enduseful = slotoffset + slotsize;
                }
                }
+               ndp->ni_endoff = roundup(enduseful, DIRBLKSIZ);
                dp->i_flag |= IUPD|ICHG;
                if (bp)
                        brelse(bp);
                dp->i_flag |= IUPD|ICHG;
                if (bp)
                        brelse(bp);
-               brelse(nbp);
+               FREE(nbp, M_NAMEI);
                /*
                 * We return with the directory locked, so that
                 * the parameters we set up above will still be
                 * valid if we actually decide to do a direnter().
                 * We return NULL to indicate that the entry doesn't
                 * currently exist, leaving a pointer to the (locked)
                /*
                 * We return with the directory locked, so that
                 * the parameters we set up above will still be
                 * valid if we actually decide to do a direnter().
                 * We return NULL to indicate that the entry doesn't
                 * currently exist, leaving a pointer to the (locked)
-                * directory inode in u.u_pdir.
+                * directory inode in ndp->ni_pdir.
                 */
                 */
-               u.u_pdir = dp;
+               ndp->ni_pdir = dp;
                return (NULL);
        }
        u.u_error = ENOENT;
        goto bad;
 found:
                return (NULL);
        }
        u.u_error = ENOENT;
        goto bad;
 found:
+#ifdef NAMEI_DIAGNOSTIC
+       printf("\nfound\n");
+#endif
        if (numdirpasses == 2)
                nchstats.ncs_pass2++;
        /*
        if (numdirpasses == 2)
                nchstats.ncs_pass2++;
        /*
@@ -527,7 +594,7 @@ found:
         * of this entry.
         */
        if (entryoffsetinblock + DIRSIZ(ep) > dp->i_size) {
         * of this entry.
         */
        if (entryoffsetinblock + DIRSIZ(ep) > dp->i_size) {
-               dirbad(dp, "i_size too small");
+               dirbad(dp, ndp->ni_offset, "i_size too small");
                dp->i_size = entryoffsetinblock + DIRSIZ(ep);
                dp->i_flag |= IUPD|ICHG;
        }
                dp->i_size = entryoffsetinblock + DIRSIZ(ep);
                dp->i_flag |= IUPD|ICHG;
        }
@@ -538,16 +605,16 @@ found:
         * in the cache as to where the entry was found.
         */
        if (*cp == '\0' && flag == LOOKUP) {
         * in the cache as to where the entry was found.
         */
        if (*cp == '\0' && flag == LOOKUP) {
-               u.u_ncache.nc_prevoffset = u.u_offset;
+               u.u_ncache.nc_prevoffset = ndp->ni_offset &~ (DIRBLKSIZ - 1);
                u.u_ncache.nc_inumber = dp->i_number;
                u.u_ncache.nc_dev = dp->i_dev;
                u.u_ncache.nc_inumber = dp->i_number;
                u.u_ncache.nc_dev = dp->i_dev;
-               u.u_ncache.nc_time = time.tv_sec;
        }
        /*
        }
        /*
-        * Save directory entry in u.u_dent,
+        * Save directory entry's inode number and reclen in ndp->ni_dent,
         * and release directory buffer.
         */
         * and release directory buffer.
         */
-       bcopy((caddr_t)ep, (caddr_t)&u.u_dent, (u_int)DIRSIZ(ep));
+       ndp->ni_dent.d_ino = ep->d_ino;
+       ndp->ni_dent.d_reclen = ep->d_reclen;
        brelse(bp);
        bp = NULL;
 
        brelse(bp);
        bp = NULL;
 
@@ -555,7 +622,7 @@ found:
         * If deleting, and at end of pathname, return
         * parameters which can be used to remove file.
         * If the lockparent flag isn't set, we return only
         * If deleting, and at end of pathname, return
         * parameters which can be used to remove file.
         * If the lockparent flag isn't set, we return only
-        * the directory (in u.u_pdir), otherwise we go
+        * the directory (in ndp->ni_pdir), otherwise we go
         * on and lock the inode, being careful with ".".
         */
        if (flag == DELETE && *cp == 0) {
         * on and lock the inode, being careful with ".".
         */
        if (flag == DELETE && *cp == 0) {
@@ -564,24 +631,24 @@ found:
                 */
                if (access(dp, IWRITE))
                        goto bad;
                 */
                if (access(dp, IWRITE))
                        goto bad;
-               u.u_pdir = dp;          /* for dirremove() */
+               ndp->ni_pdir = dp;              /* for dirremove() */
                /*
                /*
-                * Return pointer to current entry in u.u_offset,
+                * Return pointer to current entry in ndp->ni_offset,
                 * and distance past previous entry (if there
                 * and distance past previous entry (if there
-                * is a previous entry in this block) in u.u_count.
-                * Save directory inode pointer in u.u_pdir for dirremove().
+                * is a previous entry in this block) in ndp->ni_count.
+                * Save directory inode pointer in ndp->ni_pdir for dirremove().
                 */
                 */
-               if ((u.u_offset&(DIRBLKSIZ-1)) == 0)
-                       u.u_count = 0;
+               if ((ndp->ni_offset&(DIRBLKSIZ-1)) == 0)
+                       ndp->ni_count = 0;
                else
                else
-                       u.u_count = u.u_offset - prevoff;
+                       ndp->ni_count = ndp->ni_offset - prevoff;
                if (lockparent) {
                if (lockparent) {
-                       if (dp->i_number == u.u_dent.d_ino)
+                       if (dp->i_number == ndp->ni_dent.d_ino)
                                dp->i_count++;
                        else {
                                dp->i_count++;
                        else {
-                               dp = iget(dp->i_dev, fs, u.u_dent.d_ino);
+                               dp = iget(dp->i_dev, fs, ndp->ni_dent.d_ino);
                                if (dp == NULL) {
                                if (dp == NULL) {
-                                       iput(u.u_pdir);
+                                       iput(ndp->ni_pdir);
                                        goto bad;
                                }
                                /*
                                        goto bad;
                                }
                                /*
@@ -590,46 +657,20 @@ found:
                                 * may not delete it (unless he's root). This
                                 * implements append-only directories.
                                 */
                                 * may not delete it (unless he's root). This
                                 * implements append-only directories.
                                 */
-                               if ((u.u_pdir->i_mode & ISVTX) &&
+                               if ((ndp->ni_pdir->i_mode & ISVTX) &&
                                    u.u_uid != 0 &&
                                    u.u_uid != 0 &&
-                                   u.u_uid != u.u_pdir->i_uid &&
+                                   u.u_uid != ndp->ni_pdir->i_uid &&
                                    dp->i_uid != u.u_uid) {
                                    dp->i_uid != u.u_uid) {
-                                       iput(u.u_pdir);
+                                       iput(ndp->ni_pdir);
                                        u.u_error = EPERM;
                                        goto bad;
                                }
                        }
                }
                                        u.u_error = EPERM;
                                        goto bad;
                                }
                        }
                }
-               brelse(nbp);
+               FREE(nbp, M_NAMEI);
                return (dp);
        }
 
                return (dp);
        }
 
-       /*
-        * Special handling for ".." allowing chdir out of mounted
-        * file system: indirect .. in root inode to reevaluate
-        * in directory file system was mounted on.
-        */
-       isdotdot = 0;
-       if (bcmp(u.u_dent.d_name, "..", 3) == 0) {
-               isdotdot++;
-               if (dp == u.u_rdir)
-                       u.u_dent.d_ino = dp->i_number;
-               else if (u.u_dent.d_ino == ROOTINO &&
-                  dp->i_number == ROOTINO) {
-                       for (i = 1; i < NMOUNT; i++)
-                       if (mount[i].m_bufp != NULL &&
-                          mount[i].m_dev == dp->i_dev) {
-                               iput(dp);
-                               dp = mount[i].m_inodp;
-                               ilock(dp);
-                               dp->i_count++;
-                               fs = dp->i_fs;
-                               cp -= 2;     /* back over .. */
-                               goto dirloop2;
-                       }
-               }
-       }
-
        /*
         * If rewriting (rename), return the inode and the
         * information required to rewrite the present directory
        /*
         * If rewriting (rename), return the inode and the
         * information required to rewrite the present directory
@@ -639,21 +680,21 @@ found:
        if ((flag == CREATE && lockparent) && *cp == 0) {
                if (access(dp, IWRITE))
                        goto bad;
        if ((flag == CREATE && lockparent) && *cp == 0) {
                if (access(dp, IWRITE))
                        goto bad;
-               u.u_pdir = dp;          /* for dirrewrite() */
+               ndp->ni_pdir = dp;              /* for dirrewrite() */
                /*
                 * Careful about locking second inode. 
                 * This can only occur if the target is ".". 
                 */
                /*
                 * Careful about locking second inode. 
                 * This can only occur if the target is ".". 
                 */
-               if (dp->i_number == u.u_dent.d_ino) {
+               if (dp->i_number == ndp->ni_dent.d_ino) {
                        u.u_error = EISDIR;             /* XXX */
                        goto bad;
                }
                        u.u_error = EISDIR;             /* XXX */
                        goto bad;
                }
-               dp = iget(dp->i_dev, fs, u.u_dent.d_ino);
+               dp = iget(dp->i_dev, fs, ndp->ni_dent.d_ino);
                if (dp == NULL) {
                if (dp == NULL) {
-                       iput(u.u_pdir);
+                       iput(ndp->ni_pdir);
                        goto bad;
                }
                        goto bad;
                }
-               brelse(nbp);
+               FREE(nbp, M_NAMEI);
                return (dp);
        }
 
                return (dp);
        }
 
@@ -679,61 +720,52 @@ found:
         */
        pdp = dp;
        if (isdotdot) {
         */
        pdp = dp;
        if (isdotdot) {
-               iunlock(pdp);   /* race to get the inode */
-               dp = iget(dp->i_dev, fs, u.u_dent.d_ino);
+               IUNLOCK(pdp);   /* race to get the inode */
+               dp = iget(dp->i_dev, fs, ndp->ni_dent.d_ino);
                if (dp == NULL)
                        goto bad2;
                if (dp == NULL)
                        goto bad2;
-       } else if (dp->i_number == u.u_dent.d_ino) {
+       } else if (dp->i_number == ndp->ni_dent.d_ino) {
                dp->i_count++;  /* we want ourself, ie "." */
        } else {
                dp->i_count++;  /* we want ourself, ie "." */
        } else {
-               dp = iget(dp->i_dev, fs, u.u_dent.d_ino);
-               iunlock(pdp);
+               dp = iget(dp->i_dev, fs, ndp->ni_dent.d_ino);
+               IUNLOCK(pdp);
                if (dp == NULL)
                        goto bad2;
        }
 
        /*
                if (dp == NULL)
                        goto bad2;
        }
 
        /*
-        * insert name into cache (if we want it, and it isn't "." or "..")
-        *
-        * all other cases where making a cache entry would be wrong
-        * have already departed from the code sequence somewhere above.
+        * Insert name into cache if appropriate.
         */
         */
-       if (docache) {
+       if (makeentry) {
                if (ncp != NULL)
                if (ncp != NULL)
-                       panic("nami: duplicating cache");
-
-                       /*
-                        * free the cache slot at head of lru chain
-                        */
+                       panic("namei: duplicating cache");
+               /*
+                * Free the cache slot at head of lru chain.
+                */
                if (ncp = nchhead) {
                if (ncp = nchhead) {
-                               /* remove from lru chain */
+                       /* remove from lru chain */
                        *ncp->nc_prev = ncp->nc_nxt;
                        if (ncp->nc_nxt)
                                ncp->nc_nxt->nc_prev = ncp->nc_prev;
                        else
                                nchtail = ncp->nc_prev;
                        *ncp->nc_prev = ncp->nc_nxt;
                        if (ncp->nc_nxt)
                                ncp->nc_nxt->nc_prev = ncp->nc_prev;
                        else
                                nchtail = ncp->nc_prev;
-
-                               /* remove from old hash chain */
-                       remque(ncp);
-
-                               /* grab the inode we just found */
+                       remque(ncp);            /* remove from old hash chain */
+                       /* grab the inode we just found */
                        ncp->nc_ip = dp;
                        ncp->nc_ip = dp;
-
-                               /* fill in cache info */
+                       /* fill in cache info */
                        ncp->nc_ino = pdp->i_number;    /* parents inum */
                        ncp->nc_dev = pdp->i_dev;       /* & device */
                        ncp->nc_idev = dp->i_dev;       /* our device */
                        ncp->nc_id = dp->i_id;          /* identifier */
                        ncp->nc_ino = pdp->i_number;    /* parents inum */
                        ncp->nc_dev = pdp->i_dev;       /* & device */
                        ncp->nc_idev = dp->i_dev;       /* our device */
                        ncp->nc_id = dp->i_id;          /* identifier */
-                       ncp->nc_nlen = u.u_dent.d_namlen;
-                       bcopy(u.u_dent.d_name, ncp->nc_name, ncp->nc_nlen);
-
-                               /* link at end of lru chain */
+                       ncp->nc_nlen = ndp->ni_dent.d_namlen;
+                       bcopy(ndp->ni_dent.d_name, ncp->nc_name,
+                           (unsigned)ncp->nc_nlen);
+                       /* link at end of lru chain */
                        ncp->nc_nxt = NULL;
                        ncp->nc_prev = nchtail;
                        *nchtail = ncp;
                        nchtail = &ncp->nc_nxt;
                        ncp->nc_nxt = NULL;
                        ncp->nc_prev = nchtail;
                        *nchtail = ncp;
                        nchtail = &ncp->nc_nxt;
-
-                               /* and insert on hash chain */
+                       /* and insert on hash chain */
                        insque(ncp, nhp);
                }
        }
                        insque(ncp, nhp);
                }
        }
@@ -744,21 +776,25 @@ haveino:
        /*
         * Check for symbolic link
         */
        /*
         * Check for symbolic link
         */
-       if ((dp->i_mode & IFMT) == IFLNK && (follow || *cp == '/')) {
+       if ((dp->i_mode & IFMT) == IFLNK &&
+           ((ndp->ni_nameiop & FOLLOW) || *cp == '/')) {
                u_int pathlen = strlen(cp) + 1;
 
                u_int pathlen = strlen(cp) + 1;
 
-               if (dp->i_size + pathlen >= MAXPATHLEN - 1 ||
-                   ++nlink > MAXSYMLINKS) {
+               if (dp->i_size + pathlen >= MAXPATHLEN - 1) {
+                       u.u_error = ENAMETOOLONG;
+                       goto bad2;
+               }
+               if (++nlink > MAXSYMLINKS) {
                        u.u_error = ELOOP;
                        goto bad2;
                }
                        u.u_error = ELOOP;
                        goto bad2;
                }
-               ovbcopy(cp, nbp->b_un.b_addr + dp->i_size, pathlen);
+               ovbcopy(cp, nbp + dp->i_size, pathlen);
                u.u_error =
                u.u_error =
-                   rdwri(UIO_READ, dp, nbp->b_un.b_addr, (int)dp->i_size,
-                       0, 1, (int *)0);
+                   rdwri(UIO_READ, dp, nbp, (int)dp->i_size,
+                       (off_t)0, 1, (int *)0);
                if (u.u_error)
                        goto bad2;
                if (u.u_error)
                        goto bad2;
-               cp = nbp->b_un.b_addr;
+               cp = nbp;
                iput(dp);
                if (*cp == '/') {
                        irele(pdp);
                iput(dp);
                if (*cp == '/') {
                        irele(pdp);
@@ -766,11 +802,11 @@ haveino:
                                cp++;
                        if ((dp = u.u_rdir) == NULL)
                                dp = rootdir;
                                cp++;
                        if ((dp = u.u_rdir) == NULL)
                                dp = rootdir;
-                       ilock(dp);
+                       ILOCK(dp);
                        dp->i_count++;
                } else {
                        dp = pdp;
                        dp->i_count++;
                } else {
                        dp = pdp;
-                       ilock(dp);
+                       ILOCK(dp);
                }
                fs = dp->i_fs;
                goto dirloop;
                }
                fs = dp->i_fs;
                goto dirloop;
@@ -786,9 +822,9 @@ haveino:
                irele(pdp);
                goto dirloop;
        }
                irele(pdp);
                goto dirloop;
        }
-       brelse(nbp);
+       FREE(nbp, M_NAMEI);
        if (lockparent)
        if (lockparent)
-               u.u_pdir = pdp;
+               ndp->ni_pdir = pdp;
        else
                irele(pdp);
        return (dp);
        else
                irele(pdp);
        return (dp);
@@ -799,27 +835,41 @@ bad:
                brelse(bp);
        if (dp)
                iput(dp);
                brelse(bp);
        if (dp)
                iput(dp);
-       brelse(nbp);
+       FREE(nbp, M_NAMEI);
        return (NULL);
 }
 
 
        return (NULL);
 }
 
 
-dirbad(ip, how)
+dirbad(ip, offset, how)
        struct inode *ip;
        struct inode *ip;
+       off_t offset;
        char *how;
 {
 
        printf("%s: bad dir ino %d at offset %d: %s\n",
        char *how;
 {
 
        printf("%s: bad dir ino %d at offset %d: %s\n",
-           ip->i_fs->fs_fsmnt, ip->i_number, u.u_offset, how);
+           ip->i_fs->fs_fsmnt, ip->i_number, offset, how);
 }
 
 }
 
-dirbadname(ep)
+/*
+ * Do consistency checking on a directory entry:
+ *     record length must be multiple of 4
+ *     entry must fit in rest of its DIRBLKSIZ block
+ *     record must be large enough to contain entry
+ *     name is not longer than MAXNAMLEN
+ *     name must be as long as advertised, and null terminated
+ */
+dirbadentry(ep, entryoffsetinblock)
        register struct direct *ep;
        register struct direct *ep;
+       int entryoffsetinblock;
 {
        register int i;
 
 {
        register int i;
 
+       if ((ep->d_reclen & 0x3) != 0 ||
+           ep->d_reclen > DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1)) ||
+           ep->d_reclen < DIRSIZ(ep) || ep->d_namlen > MAXNAMLEN)
+               return (1);
        for (i = 0; i < ep->d_namlen; i++)
        for (i = 0; i < ep->d_namlen; i++)
-               if (ep->d_name[i] == 0)
+               if (ep->d_name[i] == '\0')
                        return (1);
        return (ep->d_name[i]);
 }
                        return (1);
        return (ep->d_name[i]);
 }
@@ -827,43 +877,48 @@ dirbadname(ep)
 /*
  * Write a directory entry after a call to namei, using the parameters
  * which it left in the u. area.  The argument ip is the inode which
 /*
  * Write a directory entry after a call to namei, using the parameters
  * which it left in the u. area.  The argument ip is the inode which
- * the new directory entry will refer to.  The u. area field u.u_pdir is
+ * the new directory entry will refer to.  The u. area field ndp->ni_pdir is
  * a pointer to the directory to be written, which was left locked by
  * a pointer to the directory to be written, which was left locked by
- * namei.  Remaining parameters (u.u_offset, u.u_count) indicate
+ * namei.  Remaining parameters (ndp->ni_offset, ndp->ni_count) indicate
  * how the space for the new entry is to be gotten.
  */
  * how the space for the new entry is to be gotten.
  */
-direnter(ip)
+direnter(ip, ndp)
        struct inode *ip;
        struct inode *ip;
+       register struct nameidata *ndp;
 {
        register struct direct *ep, *nep;
 {
        register struct direct *ep, *nep;
+       register struct inode *dp = ndp->ni_pdir;
        struct buf *bp;
        int loc, spacefree, error = 0;
        u_int dsize;
        int newentrysize;
        char *dirbuf;
 
        struct buf *bp;
        int loc, spacefree, error = 0;
        u_int dsize;
        int newentrysize;
        char *dirbuf;
 
-       u.u_dent.d_ino = ip->i_number;
-       u.u_segflg = 1;
-       newentrysize = DIRSIZ(&u.u_dent);
-       if (u.u_count == 0) {
+       ndp->ni_dent.d_ino = ip->i_number;
+       newentrysize = DIRSIZ(&ndp->ni_dent);
+       if (ndp->ni_count == 0) {
                /*
                /*
-                * If u.u_count is 0, then namei could find no space in the
-                * directory.  In this case u.u_offset will be on a directory
+                * If ndp->ni_count is 0, then namei could find no space in the
+                * directory. In this case ndp->ni_offset will be on a directory
                 * block boundary and we will write the new entry into a fresh
                 * block.
                 */
                 * block boundary and we will write the new entry into a fresh
                 * block.
                 */
-               if (u.u_offset&(DIRBLKSIZ-1))
+               if (ndp->ni_offset&(DIRBLKSIZ-1))
                        panic("wdir: newblk");
                        panic("wdir: newblk");
-               u.u_dent.d_reclen = DIRBLKSIZ;
-               error = rdwri(UIO_WRITE, u.u_pdir, (caddr_t)&u.u_dent,
-                   newentrysize, u.u_offset, 1, (int *)0);
-               iput(u.u_pdir);
+               ndp->ni_dent.d_reclen = DIRBLKSIZ;
+               error = rdwri(UIO_WRITE, dp, (caddr_t)&ndp->ni_dent,
+                   newentrysize, ndp->ni_offset, 1, (int *)0);
+               if (DIRBLKSIZ > dp->i_fs->fs_fsize)
+                       panic("wdir: blksize"); /* XXX - should grow w/bmap() */
+               else
+                       dp->i_size = roundup(dp->i_size, DIRBLKSIZ);
+               iput(dp);
                return (error);
        }
 
        /*
                return (error);
        }
 
        /*
-        * If u.u_count is non-zero, then namei found space for the
-        * new entry in the range u.u_offset to u.u_offset+u.u_count.
+        * If ndp->ni_count is non-zero, then namei found space for the new
+        * entry in the range ndp->ni_offset to ndp->ni_offset + ndp->ni_count.
         * in the directory.  To use this space, we may have to compact
         * the entries located there, by copying them together towards
         * the beginning of the block, leaving the free space in
         * in the directory.  To use this space, we may have to compact
         * the entries located there, by copying them together towards
         * the beginning of the block, leaving the free space in
@@ -874,30 +929,30 @@ direnter(ip)
         * Increase size of directory if entry eats into new space.
         * This should never push the size past a new multiple of
         * DIRBLKSIZE.
         * Increase size of directory if entry eats into new space.
         * This should never push the size past a new multiple of
         * DIRBLKSIZE.
+        *
+        * N.B. - THIS IS AN ARTIFACT OF 4.2 AND SHOULD NEVER HAPPEN.
         */
         */
-       if (u.u_offset + u.u_count > u.u_pdir->i_size)
-               u.u_pdir->i_size = u.u_offset + u.u_count;
-
+       if (ndp->ni_offset + ndp->ni_count > dp->i_size)
+               dp->i_size = ndp->ni_offset + ndp->ni_count;
        /*
         * Get the block containing the space for the new directory
         * entry.  Should return error by result instead of u.u_error.
         */
        /*
         * Get the block containing the space for the new directory
         * entry.  Should return error by result instead of u.u_error.
         */
-       bp = blkatoff(u.u_pdir, u.u_offset, (char **)&dirbuf);
+       bp = blkatoff(dp, ndp->ni_offset, (char **)&dirbuf);
        if (bp == 0) {
        if (bp == 0) {
-               iput(u.u_pdir);
+               iput(dp);
                return (u.u_error);
        }
                return (u.u_error);
        }
-
        /*
         * Find space for the new entry.  In the simple case, the
         * entry at offset base will have the space.  If it does
         * not, then namei arranged that compacting the region
        /*
         * Find space for the new entry.  In the simple case, the
         * entry at offset base will have the space.  If it does
         * not, then namei arranged that compacting the region
-        * u.u_offset to u.u_offset+u.u_count would yield the space.
+        * ndp->ni_offset to ndp->ni_offset+ndp->ni_count would yield the space.
         */
        ep = (struct direct *)dirbuf;
        dsize = DIRSIZ(ep);
        spacefree = ep->d_reclen - dsize;
         */
        ep = (struct direct *)dirbuf;
        dsize = DIRSIZ(ep);
        spacefree = ep->d_reclen - dsize;
-       for (loc = ep->d_reclen; loc < u.u_count; ) {
+       for (loc = ep->d_reclen; loc < ndp->ni_count; ) {
                nep = (struct direct *)(dirbuf + loc);
                if (ep->d_ino) {
                        /* trim the existing slot */
                nep = (struct direct *)(dirbuf + loc);
                if (ep->d_ino) {
                        /* trim the existing slot */
@@ -919,26 +974,28 @@ direnter(ip)
        if (ep->d_ino == 0) {
                if (spacefree + dsize < newentrysize)
                        panic("wdir: compact1");
        if (ep->d_ino == 0) {
                if (spacefree + dsize < newentrysize)
                        panic("wdir: compact1");
-               u.u_dent.d_reclen = spacefree + dsize;
+               ndp->ni_dent.d_reclen = spacefree + dsize;
        } else {
                if (spacefree < newentrysize)
                        panic("wdir: compact2");
        } else {
                if (spacefree < newentrysize)
                        panic("wdir: compact2");
-               u.u_dent.d_reclen = spacefree;
+               ndp->ni_dent.d_reclen = spacefree;
                ep->d_reclen = dsize;
                ep = (struct direct *)((char *)ep + dsize);
        }
                ep->d_reclen = dsize;
                ep = (struct direct *)((char *)ep + dsize);
        }
-       bcopy((caddr_t)&u.u_dent, (caddr_t)ep, (u_int)newentrysize);
+       bcopy((caddr_t)&ndp->ni_dent, (caddr_t)ep, (u_int)newentrysize);
        bwrite(bp);
        bwrite(bp);
-       u.u_pdir->i_flag |= IUPD|ICHG;
-       iput(u.u_pdir);
+       dp->i_flag |= IUPD|ICHG;
+       if (ndp->ni_endoff && ndp->ni_endoff < dp->i_size)
+               itrunc(dp, (u_long)ndp->ni_endoff);
+       iput(dp);
        return (error);
 }
 
 /*
  * Remove a directory entry after a call to namei, using the
  * parameters which it left in the u. area.  The u. entry
        return (error);
 }
 
 /*
  * Remove a directory entry after a call to namei, using the
  * parameters which it left in the u. area.  The u. entry
- * u_offset contains the offset into the directory of the
- * entry to be eliminated.  The u_count field contains the
+ * ni_offset contains the offset into the directory of the
+ * entry to be eliminated.  The ni_count field contains the
  * size of the previous record in the directory.  If this
  * is 0, the first entry is being deleted, so we need only
  * zero the inode number to mark the entry as free.  If the
  * size of the previous record in the directory.  If this
  * is 0, the first entry is being deleted, so we need only
  * zero the inode number to mark the entry as free.  If the
@@ -946,27 +1003,28 @@ direnter(ip)
  * the space of the now empty record by adding the record size
  * to the size of the previous entry.
  */
  * the space of the now empty record by adding the record size
  * to the size of the previous entry.
  */
-dirremove()
+dirremove(ndp)
+       register struct nameidata *ndp;
 {
 {
-       register struct inode *dp = u.u_pdir;
+       register struct inode *dp = ndp->ni_pdir;
        register struct buf *bp;
        struct direct *ep;
 
        register struct buf *bp;
        struct direct *ep;
 
-       if (u.u_count == 0) {
+       if (ndp->ni_count == 0) {
                /*
                 * First entry in block: set d_ino to zero.
                 */
                /*
                 * First entry in block: set d_ino to zero.
                 */
-               u.u_dent.d_ino = 0;
-               (void) rdwri(UIO_WRITE, dp, (caddr_t)&u.u_dent,
-                   (int)DIRSIZ(&u.u_dent), u.u_offset, 1, (int *)0);
+               ndp->ni_dent.d_ino = 0;
+               (void) rdwri(UIO_WRITE, dp, (caddr_t)&ndp->ni_dent,
+                   (int)DIRSIZ(&ndp->ni_dent), ndp->ni_offset, 1, (int *)0);
        } else {
                /*
                 * Collapse new free space into previous entry.
                 */
        } else {
                /*
                 * Collapse new free space into previous entry.
                 */
-               bp = blkatoff(dp, (int)(u.u_offset - u.u_count), (char **)&ep);
+               bp = blkatoff(dp, ndp->ni_offset - ndp->ni_count, (char **)&ep);
                if (bp == 0)
                        return (0);
                if (bp == 0)
                        return (0);
-               ep->d_reclen += u.u_dent.d_reclen;
+               ep->d_reclen += ndp->ni_dent.d_reclen;
                bwrite(bp);
                dp->i_flag |= IUPD|ICHG;
        }
                bwrite(bp);
                dp->i_flag |= IUPD|ICHG;
        }
@@ -978,13 +1036,14 @@ dirremove()
  * supplied.  The parameters describing the directory entry are
  * set up by a call to namei.
  */
  * supplied.  The parameters describing the directory entry are
  * set up by a call to namei.
  */
-dirrewrite(dp, ip)
+dirrewrite(dp, ip, ndp)
        struct inode *dp, *ip;
        struct inode *dp, *ip;
+       struct nameidata *ndp;
 {
 
 {
 
-       u.u_dent.d_ino = ip->i_number;
-       u.u_error = rdwri(UIO_WRITE, dp, (caddr_t)&u.u_dent,
-               (int)DIRSIZ(&u.u_dent), u.u_offset, 1, (int *)0);
+       ndp->ni_dent.d_ino = ip->i_number;
+       u.u_error = rdwri(UIO_WRITE, dp, (caddr_t)&ndp->ni_dent,
+               (int)DIRSIZ(&ndp->ni_dent), ndp->ni_offset, 1, (int *)0);
        iput(dp);
 }
 
        iput(dp);
 }
 
@@ -1002,20 +1061,28 @@ blkatoff(ip, offset, res)
 {
        register struct fs *fs = ip->i_fs;
        daddr_t lbn = lblkno(fs, offset);
 {
        register struct fs *fs = ip->i_fs;
        daddr_t lbn = lblkno(fs, offset);
-       int base = blkoff(fs, offset);
        int bsize = blksize(fs, ip, lbn);
        int bsize = blksize(fs, ip, lbn);
-       daddr_t bn = fsbtodb(fs, bmap(ip, lbn, B_WRITE, base, bsize));
        register struct buf *bp;
        register struct buf *bp;
+       daddr_t bn;
 
 
+       bn = bmap(ip, lbn, B_READ, bsize);
        if (u.u_error)
                return (0);
        if (u.u_error)
                return (0);
-       bp = bread(ip->i_dev, bn, bsize);
+       if (bn == (daddr_t)-1) {
+               dirbad(ip, offset, "hole in dir");
+               return (0);
+       }
+#ifdef SECSIZE
+       bp = bread(ip->i_dev, fsbtodb(fs, bn), bsize, fs->fs_dbsize);
+#else SECSIZE
+       bp = bread(ip->i_dev, fsbtodb(fs, bn), bsize);
+#endif SECSIZE
        if (bp->b_flags & B_ERROR) {
                brelse(bp);
                return (0);
        }
        if (res)
        if (bp->b_flags & B_ERROR) {
                brelse(bp);
                return (0);
        }
        if (res)
-               *res = bp->b_un.b_addr + base;
+               *res = bp->b_un.b_addr + blkoff(fs, offset);
        return (bp);
 }
 
        return (bp);
 }
 
@@ -1028,8 +1095,9 @@ blkatoff(ip, offset, res)
  *
  * NB: does not handle corrupted directories.
  */
  *
  * NB: does not handle corrupted directories.
  */
-dirempty(ip)
+dirempty(ip, parentino)
        register struct inode *ip;
        register struct inode *ip;
+       ino_t parentino;
 {
        register off_t off;
        struct dirtemplate dbuf;
 {
        register off_t off;
        struct dirtemplate dbuf;
@@ -1046,6 +1114,9 @@ dirempty(ip)
                 */
                if (error || count != 0)
                        return (0);
                 */
                if (error || count != 0)
                        return (0);
+               /* avoid infinite loops */
+               if (dp->d_reclen == 0)
+                       return (0);
                /* skip empty entries */
                if (dp->d_ino == 0)
                        continue;
                /* skip empty entries */
                if (dp->d_ino == 0)
                        continue;
@@ -1059,7 +1130,9 @@ dirempty(ip)
                 * 1 implies ".", 2 implies ".." if second
                 * char is also "."
                 */
                 * 1 implies ".", 2 implies ".." if second
                 * char is also "."
                 */
-               if (dp->d_namlen == 1 || dp->d_name[1] == '.')
+               if (dp->d_namlen == 1)
+                       continue;
+               if (dp->d_name[1] == '.' && dp->d_ino == parentino)
                        continue;
                return (0);
        }
                        continue;
                return (0);
        }
@@ -1096,7 +1169,8 @@ checkpath(source, target)
                if (error != 0)
                        break;
                if (dirbuf.dotdot_namlen != 2 ||
                if (error != 0)
                        break;
                if (dirbuf.dotdot_namlen != 2 ||
-                   bcmp(dirbuf.dotdot_name, "..", 3) != 0) {
+                   dirbuf.dotdot_name[0] != '.' ||
+                   dirbuf.dotdot_name[1] != '.') {
                        error = ENOTDIR;
                        break;
                }
                        error = ENOTDIR;
                        break;
                }
@@ -1128,23 +1202,19 @@ out:
 nchinit()
 {
        register union nchash *nchp;
 nchinit()
 {
        register union nchash *nchp;
-       register struct nch *ncp;
+       register struct namecache *ncp;
 
        nchhead = 0;
        nchtail = &nchhead;
 
        nchhead = 0;
        nchtail = &nchhead;
-
-       for (ncp = nch; ncp < &nch[nchsize]; ncp++) {
+       for (ncp = namecache; ncp < &namecache[nchsize]; ncp++) {
                ncp->nc_forw = ncp;                     /* hash chain */
                ncp->nc_back = ncp;
                ncp->nc_forw = ncp;                     /* hash chain */
                ncp->nc_back = ncp;
-
                ncp->nc_nxt = NULL;                     /* lru chain */
                *nchtail = ncp;
                ncp->nc_prev = nchtail;
                nchtail = &ncp->nc_nxt;
                ncp->nc_nxt = NULL;                     /* lru chain */
                *nchtail = ncp;
                ncp->nc_prev = nchtail;
                nchtail = &ncp->nc_nxt;
-
                /* all else is zero already */
        }
                /* all else is zero already */
        }
-
        for (nchp = nchash; nchp < &nchash[NCHHASH]; nchp++) {
                nchp->nch_head[0] = nchp;
                nchp->nch_head[1] = nchp;
        for (nchp = nchash; nchp < &nchash[NCHHASH]; nchp++) {
                nchp->nch_head[0] = nchp;
                nchp->nch_head[1] = nchp;
@@ -1162,42 +1232,45 @@ nchinit()
 nchinval(dev)
        register dev_t dev;
 {
 nchinval(dev)
        register dev_t dev;
 {
-       register struct nch *ncp, *nxtcp;
+       register struct namecache *ncp, *nxtcp;
 
        for (ncp = nchhead; ncp; ncp = nxtcp) {
                nxtcp = ncp->nc_nxt;
 
        for (ncp = nchhead; ncp; ncp = nxtcp) {
                nxtcp = ncp->nc_nxt;
-
                if (ncp->nc_ip == NULL ||
                    (ncp->nc_idev != dev && ncp->nc_dev != dev))
                        continue;
                if (ncp->nc_ip == NULL ||
                    (ncp->nc_idev != dev && ncp->nc_dev != dev))
                        continue;
-
+               /* free the resources we had */
                ncp->nc_idev = NODEV;
                ncp->nc_dev = NODEV;
                ncp->nc_idev = NODEV;
                ncp->nc_dev = NODEV;
+               ncp->nc_id = NULL;
                ncp->nc_ino = 0;
                ncp->nc_ino = 0;
-
-                       /* remove the entry from its hash chain */
-               remque(ncp);
-                       /* and make a dummy one */
-               ncp->nc_forw = ncp;
+               ncp->nc_ip = NULL;
+               remque(ncp);            /* remove entry from its hash chain */
+               ncp->nc_forw = ncp;     /* and make a dummy one */
                ncp->nc_back = ncp;
                ncp->nc_back = ncp;
-
-                       /* delete this entry from LRU chain */
+               /* delete this entry from LRU chain */
                *ncp->nc_prev = nxtcp;
                if (nxtcp)
                        nxtcp->nc_prev = ncp->nc_prev;
                else
                        nchtail = ncp->nc_prev;
                *ncp->nc_prev = nxtcp;
                if (nxtcp)
                        nxtcp->nc_prev = ncp->nc_prev;
                else
                        nchtail = ncp->nc_prev;
-
-                       /* free the inode we had */
-               irele(ncp->nc_ip);
-               ncp->nc_ip = NULL;
-
-                       /* cause rescan of list, it may have altered */
+               /* cause rescan of list, it may have altered */
                nxtcp = nchhead;
                nxtcp = nchhead;
-                       /* put the now-free entry at head of LRU */
+               /* put the now-free entry at head of LRU */
                ncp->nc_nxt = nxtcp;
                ncp->nc_prev = &nchhead;
                nxtcp->nc_prev = &ncp->nc_nxt;
                nchhead = ncp;
        }
 }
                ncp->nc_nxt = nxtcp;
                ncp->nc_prev = &nchhead;
                nxtcp->nc_prev = &ncp->nc_nxt;
                nchhead = ncp;
        }
 }
+
+/*
+ * Name cache invalidation of all entries.
+ */
+cacheinvalall()
+{
+       register struct namecache *ncp;
+
+       for (ncp = namecache; ncp < &namecache[nchsize]; ncp++)
+               ncp->nc_id = 0;
+}
Continuous source code history from original PDP-7 UNIX to FreeBSD 2, the first fully unencumbered FreeBSD release.