lofs_vfsops.c revision 45916cd2fec6e79bca5dee0421bd39e3c2910d1e
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <sys/pathname.h>
#include <sys/sysmacros.h>
/*
* This is the loadable module wrapper.
*/
static mntopts_t lofs_mntopts;
static int lofsinit(int, char *);
"lofs",
};
/*
* Stuff needed to support "zonedevfs" mode.
*/
static major_t lofs_major;
static minor_t lofs_minor;
static kmutex_t lofs_minor_lock;
/*
* LOFS mount options table
*/
/*
* option name cancel option default arg flags
* private data
*/
(void *)0 },
(void *)0 },
(void *)0 },
(void *)0 },
(void *)0 },
(void *)0 },
};
static mntopts_t lofs_mntopts = {
};
/*
* Module linkage information for the kernel.
*/
};
static struct modlinkage modlinkage = {
};
/*
* This is the module initialization routine.
*/
int
_init(void)
{
int status;
if (status != 0) {
/*
* Cleanup previously initialized work.
*/
}
return (status);
}
/*
* Don't allow the lofs module to be unloaded for now.
* There is a memory leak if it gets unloaded.
*/
int
_fini(void)
{
return (EBUSY);
}
int
{
}
static int lofsfstype;
/*
* lo mount vfsop
* Set up mount info record and attach it to vfs struct.
*/
/*ARGSUSED*/
static int
{
int error;
struct vnode *realrootvp;
int is_zonedevfs = 0;
int nodev;
return (EPERM);
/*
* Loopback devices which get "nodevices" added can be done without
* "nodevices" set because we cannot import devices into a zone
* with loopback. Note that we have all zone privileges when
* this happens; if not, we'd have gotten "nosuid".
*/
/*
* We must ensure that only the global zone applies the 'zonedevfs'
* option; we don't want non-global zones to be able to establish
* lofs mounts using the special dev_t we use to ensure that the
* contents of a zone's /dev cannot be victim to link(2) or rename(2).
* See below, where we set all of this up.
*
* Since this is more like a privilege check, we use crgetzoneid(cr)
* instead of getzoneid().
*/
return (EPERM);
return (EBUSY);
}
/*
* Find real root, and make vfs point to real vfs
*/
&realrootvp))
return (error);
/*
* Enforce MAC policy if needed.
*
* Loopback mounts must not allow writing up. The dominance test
* is intended to prevent a global zone caller from accidentally
* creating write-up conditions between two labeled zones.
* Local zones can't violate MAC on their own without help from
* the global zone because they can't name a pathname that
* they don't already have.
*
* The special case check for the NET_MAC_AWARE process flag is
* to support the case of the automounter in the global zone. We
* permit automounting of local zone directories such as home
* directories, into the global zone as required by setlabel,
* zonecopy, and saving of desktop sessions. Such mounts are
* trusted not to expose the contents of one zone's directories
* to another by leaking them through the global zone.
*/
void *specname;
} else {
NULL);
if (error) {
return (error);
}
}
/*
* Special case for zone devfs: the zone for /dev will
* incorrectly appear as the global zone since it's not
* under the zone rootpath. So for zone devfs check allow
* read-write mounts.
*/
/*
* We know at this point that the labels aren't equal
* because the zone pointers aren't equal, and zones
* can't share a label.
*
* If the source is the global zone then making
* it available to a local zone must be done in
* read-only mode as the label will become admin_low.
*
* If it is a mount between local zones then if
* the current process is in the global zone and has
* the NET_MAC_AWARE flag, then regular read-write
* access is allowed. If it's in some other zone, but
* the label on the mount point dominates the original
* source, then allow the mount as read-only
* ("read-down").
*/
/* make the mount read-only */
} else { /* cross-zone mount */
/* LINTED: no consequent */
/* Allow the mount as read-write */
} else if (bldominates(
/* make the mount read-only */
} else {
return (EACCES);
}
}
}
}
/*
* realrootvp may be an AUTOFS node, in which case we
* perform a VOP_ACCESS() to trigger the mount of the
* intended filesystem, so we loopback mount the intended
* filesystem instead of the AUTOFS filesystem.
*/
/*
* We're interested in the top most filesystem.
* This is specially important when uap->spec is a trigger
* AUTOFS node, since we're really interested in mounting the
* filesystem AUTOFS mounted as result of the VOP_ACCESS()
* call not the AUTOFS node itself.
*/
return (error);
}
}
/*
* Allocate a vfs info struct and attach it
*/
/*
* Set mount flags to be inherited by loopback vfs's
*/
}
}
}
}
/*
* Permissive flags are added to the "deny" bitmap.
*/
}
}
/*
* Propagate inheritable mount flags from the real vfs.
*/
/*
* Permissive flags such as VFS_XATTR, as opposed to restrictive flags
* such as VFS_RDONLY, are handled differently. An explicit
* MNTOPT_NOXATTR should override the underlying filesystem's VFS_XATTR.
*/
vfsp->vfs_bcount = 0;
/*
* Test to see if we need to be in "zone /dev" mode. In zonedevfs
* mode, we pull a nasty trick; we make sure that the lofs dev_t does
* *not* reflect the underlying device, so that no renames or links
* can occur to or from the /dev hierarchy.
*/
if (is_zonedevfs) {
do {
} while (vfs_devismounted(dev));
} else {
}
}
/*
* Setup the hashtable. If the root of this mount isn't a directory,
* there's no point in allocating a large hashtable. A table with one
* bucket is sufficient.
*/
else
/*
* Make the root vnode
*/
#ifdef LODEBUG
#endif
return (0);
}
/*
* Undo loopback mount
*/
static int
{
return (EPERM);
/*
* Forced unmount is not supported by this file system
* and thus, ENOTSUP, is being returned.
*/
return (ENOTSUP);
#ifdef LODEBUG
#endif
#ifdef LODEBUG
#endif
return (EBUSY);
}
return (0);
}
/*
* Find root of lofs mount.
*/
static int
{
#ifdef LODEBUG
#endif
/*
* If the root of the filesystem is a special file, return the specvp
* version of the vnode. We don't save the specvp vnode in our
* hashtable since that's exclusively for lnodes.
*/
return (ENOSYS);
} else {
}
return (0);
}
/*
* Get file system statistics.
*/
static int
{
#ifdef LODEBUG
#endif
/*
* Using realrootvp->v_vfsp (instead of the realvfsp that was
* cached) is necessary to make lofs work woth forced UFS unmounts.
* In the case of a forced unmount, UFS stores a set of dummy vfsops
* in all the (i)vnodes in the filesystem. The dummy ops simply
* returns back EIO.
*/
if (realrootvp != NULL)
else
return (EIO);
}
/*
* LOFS doesn't have any data or metadata to flush, pending I/O on the
* underlying filesystem will be flushed when such filesystem is synched.
*/
/* ARGSUSED */
static int
short flag,
{
#ifdef LODEBUG
#endif
return (0);
}
/*
* Obtain the vnode from the underlying filesystem.
*/
static int
{
#ifdef LODEBUG
#endif
if (realrootvp != NULL)
else
return (EIO);
}
/*
* Free mount-specific data.
*/
static void
{
}
static int
{
static const fs_operation_def_t lo_vfsops_template[] = {
};
int error;
if (error != 0) {
return (error);
}
if (error != 0) {
(void) vfs_freevfsops_by_type(fstyp);
return (error);
}
lofsfstype = fstyp;
(void) vfs_freevfsops_by_type(fstyp);
return (ENXIO);
}
lofs_minor = 0;
return (0);
}