]> git.saurik.com Git - apple/xnu.git/blob - bsd/hfs/hfs_cnode.c
projects / apple / xnu.git / blob
? search:


016df24e0f6ee39cfeee98fe22151838680d49c5
[apple/xnu.git] / bsd / hfs / hfs_cnode.c
1 /*
2 * Copyright (c) 2002-2008 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 #include <sys/param.h>
29 #include <sys/systm.h>
30 #include <sys/proc.h>
31 #include <sys/vnode.h>
32 #include <sys/mount.h>
33 #include <sys/kernel.h>
34 #include <sys/malloc.h>
35 #include <sys/time.h>
36 #include <sys/ubc.h>
37 #include <sys/quota.h>
38 #include <sys/kdebug.h>
39 #include <libkern/OSByteOrder.h>
40
41 #include <kern/locks.h>
42
43 #include <miscfs/specfs/specdev.h>
44 #include <miscfs/fifofs/fifo.h>
45
46 #include <hfs/hfs.h>
47 #include <hfs/hfs_catalog.h>
48 #include <hfs/hfs_cnode.h>
49 #include <hfs/hfs_quota.h>
50 #include <hfs/hfs_format.h>
51
52 extern int prtactive;
53
54 extern lck_attr_t * hfs_lock_attr;
55 extern lck_grp_t * hfs_mutex_group;
56 extern lck_grp_t * hfs_rwlock_group;
57
58 static void hfs_reclaim_cnode(struct cnode *);
59 static int hfs_cnode_teardown (struct vnode *vp, vfs_context_t ctx, int reclaim);
60 static int hfs_isordered(struct cnode *, struct cnode *);
61
62 __inline__ int hfs_checkdeleted (struct cnode *cp) {
63 return ((cp->c_flag & (C_DELETED | C_NOEXISTS)) ? ENOENT : 0);
64 }
65
66
67 /*
68 * Function used by a special fcntl() that decorates a cnode/vnode that
69 * indicates it is backing another filesystem, like a disk image.
70 *
71 * the argument 'val' indicates whether or not to set the bit in the cnode flags
72 *
73 * Returns non-zero on failure. 0 on success
74 */
75 int hfs_set_backingstore (struct vnode *vp, int val) {
76 struct cnode *cp = NULL;
77 int err = 0;
78
79 cp = VTOC(vp);
80 if (!vnode_isreg(vp) && !vnode_isdir(vp)) {
81 return EINVAL;
82 }
83
84 /* lock the cnode */
85 err = hfs_lock (cp, HFS_EXCLUSIVE_LOCK);
86 if (err) {
87 return err;
88 }
89
90 if (val) {
91 cp->c_flag |= C_BACKINGSTORE;
92 }
93 else {
94 cp->c_flag &= ~C_BACKINGSTORE;
95 }
96
97 /* unlock everything */
98 hfs_unlock (cp);
99
100 return err;
101 }
102
103 /*
104 * Function used by a special fcntl() that check to see if a cnode/vnode
105 * indicates it is backing another filesystem, like a disk image.
106 *
107 * the argument 'val' is an output argument for whether or not the bit is set
108 *
109 * Returns non-zero on failure. 0 on success
110 */
111
112 int hfs_is_backingstore (struct vnode *vp, int *val) {
113 struct cnode *cp = NULL;
114 int err = 0;
115
116 if (!vnode_isreg(vp) && !vnode_isdir(vp)) {
117 *val = 0;
118 return 0;
119 }
120
121 cp = VTOC(vp);
122
123 /* lock the cnode */
124 err = hfs_lock (cp, HFS_SHARED_LOCK);
125 if (err) {
126 return err;
127 }
128
129 if (cp->c_flag & C_BACKINGSTORE) {
130 *val = 1;
131 }
132 else {
133 *val = 0;
134 }
135
136 /* unlock everything */
137 hfs_unlock (cp);
138
139 return err;
140 }
141
142
143 /*
144 * hfs_cnode_teardown
145 *
146 * This is an internal function that is invoked from both hfs_vnop_inactive
147 * and hfs_vnop_reclaim. As VNOP_INACTIVE is not necessarily called from vnodes
148 * being recycled and reclaimed, it is important that we do any post-processing
149 * necessary for the cnode in both places. Important tasks include things such as
150 * releasing the blocks from an open-unlinked file when all references to it have dropped,
151 * and handling resource forks separately from data forks.
152 *
153 * Note that we take only the vnode as an argument here (rather than the cnode).
154 * Recall that each cnode supports two forks (rsrc/data), and we can always get the right
155 * cnode from either of the vnodes, but the reverse is not true -- we can't determine which
156 * vnode we need to reclaim if only the cnode is supplied.
157 *
158 * This function is idempotent and safe to call from both hfs_vnop_inactive and hfs_vnop_reclaim
159 * if both are invoked right after the other. In the second call, most of this function's if()
160 * conditions will fail, since they apply generally to cnodes still marked with C_DELETED.
161 * As a quick check to see if this function is necessary, determine if the cnode is already
162 * marked C_NOEXISTS. If it is, then it is safe to skip this function. The only tasks that
163 * remain for cnodes marked in such a fashion is to teardown their fork references and
164 * release all directory hints and hardlink origins. However, both of those are done
165 * in hfs_vnop_reclaim. hfs_update, by definition, is not necessary if the cnode's catalog
166 * entry is no longer there.
167 *
168 * 'reclaim' argument specifies whether or not we were called from hfs_vnop_reclaim. If we are
169 * invoked from hfs_vnop_reclaim, we can not call functions that cluster_push since the UBC info
170 * is totally gone by that point.
171 *
172 * Assumes that both truncate and cnode locks for 'cp' are held.
173 */
174 static
175 int hfs_cnode_teardown (struct vnode *vp, vfs_context_t ctx, int reclaim) {
176
177 int forkcount = 0;
178 enum vtype v_type;
179 struct cnode *cp;
180 int error = 0;
181 int started_tr = 0;
182 struct hfsmount *hfsmp = VTOHFS(vp);
183 struct proc *p = vfs_context_proc(ctx);
184 int truncated = 0;
185 cat_cookie_t cookie;
186 int cat_reserve = 0;
187 int lockflags;
188 int ea_error = 0;
189
190 v_type = vnode_vtype(vp);
191 cp = VTOC(vp);
192
193 if (cp->c_datafork) {
194 ++forkcount;
195 }
196 if (cp->c_rsrcfork) {
197 ++forkcount;
198 }
199
200
201 /*
202 * Skip the call to ubc_setsize if we're being invoked on behalf of reclaim.
203 * The dirty regions would have already been synced to disk, so informing UBC
204 * that they can toss the pages doesn't help anyone at this point.
205 *
206 * Note that this is a performance problem if the vnode goes straight to reclaim
207 * (and skips inactive), since there would be no way for anyone to notify the UBC
208 * that all pages in this file are basically useless.
209 */
210 if (reclaim == 0) {
211 /*
212 * Check whether we are tearing down a cnode with only one remaining fork.
213 * If there are blocks in its filefork, then we need to unlock the cnode
214 * before calling ubc_setsize. The cluster layer may re-enter the filesystem
215 * (i.e. VNOP_BLOCKMAP), and if we retain the cnode lock, we could double-lock
216 * panic.
217 */
218
219 if ((v_type == VREG || v_type == VLNK) &&
220 (cp->c_flag & C_DELETED) &&
221 (VTOF(vp)->ff_blocks != 0) && (forkcount == 1)) {
222 hfs_unlock(cp);
223 /* ubc_setsize just fails if we were to call this from VNOP_RECLAIM */
224 ubc_setsize(vp, 0);
225 (void) hfs_lock(cp, HFS_FORCE_LOCK);
226 }
227 }
228
229 /*
230 * Push file data out for normal files that haven't been evicted from
231 * the namespace. We only do this if this function was not called from reclaim,
232 * because by that point the UBC information has been totally torn down.
233 *
234 * There should also be no way that a normal file that has NOT been deleted from
235 * the namespace to skip INACTIVE and go straight to RECLAIM. That race only happens
236 * when the file becomes open-unlinked.
237 */
238 if ((v_type == VREG) &&
239 (!ISSET(cp->c_flag, C_DELETED)) &&
240 (!ISSET(cp->c_flag, C_NOEXISTS)) &&
241 (VTOF(vp)->ff_blocks) &&
242 (reclaim == 0)) {
243 hfs_filedone(vp, ctx);
244 }
245 /*
246 * Remove any directory hints or cached origins
247 */
248 if (v_type == VDIR) {
249 hfs_reldirhints(cp, 0);
250 }
251 if (cp->c_flag & C_HARDLINK) {
252 hfs_relorigins(cp);
253 }
254
255 /*
256 * This check is slightly complicated. We should only truncate data
257 * in very specific cases for open-unlinked files. This is because
258 * we want to ensure that the resource fork continues to be available
259 * if the caller has the data fork open. However, this is not symmetric;
260 * someone who has the resource fork open need not be able to access the data
261 * fork once the data fork has gone inactive.
262 *
263 * If we're the last fork, then we have cleaning up to do.
264 *
265 * A) last fork, and vp == c_vp
266 * Truncate away own fork data. If rsrc fork is not in core, truncate it too.
267 *
268 * B) last fork, and vp == c_rsrc_vp
269 * Truncate ourselves, assume data fork has been cleaned due to C).
270 *
271 * If we're not the last fork, then things are a little different:
272 *
273 * C) not the last fork, vp == c_vp
274 * Truncate ourselves. Once the file has gone out of the namespace,
275 * it cannot be further opened. Further access to the rsrc fork may
276 * continue, however.
277 *
278 * D) not the last fork, vp == c_rsrc_vp
279 * Don't enter the block below, just clean up vnode and push it out of core.
280 */
281
282 if ((v_type == VREG || v_type == VLNK) &&
283 (cp->c_flag & C_DELETED) &&
284 ((forkcount == 1) || (!VNODE_IS_RSRC(vp)))) {
285
286 /* Truncate away our own fork data. (Case A, B, C above) */
287 if (VTOF(vp)->ff_blocks != 0) {
288 /*
289 * Since we're already inside a transaction,
290 * tell hfs_truncate to skip the ubc_setsize.
291 *
292 * This truncate call (and the one below) is fine from VNOP_RECLAIM's
293 * context because we're only removing blocks, not zero-filling new
294 * ones. The C_DELETED check above makes things much simpler.
295 */
296 error = hfs_truncate(vp, (off_t)0, IO_NDELAY, 1, 0, ctx);
297 if (error) {
298 goto out;
299 }
300 truncated = 1;
301 }
302
303 /*
304 * Truncate away the resource fork, if we represent the data fork and
305 * it is the last fork. That means, by definition, the rsrc fork is not in
306 * core. So we bring it into core, and then truncate it away.
307 *
308 * This is invoked via case A above only.
309 */
310 if ((cp->c_blocks > 0) && (forkcount == 1) && (vp != cp->c_rsrc_vp)) {
311 struct vnode *rvp = NULLVP;
312
313 /*
314 * It is safe for us to pass FALSE to the argument can_drop_lock
315 * on this call to hfs_vgetrsrc. We know that the resource fork does not
316 * exist in core, so we'll have to go to the catalog to retrieve its
317 * information. That will attach the resource fork vnode to our cnode.
318 */
319 error = hfs_vgetrsrc(hfsmp, vp, &rvp, FALSE, FALSE);
320 if (error) {
321 goto out;
322 }
323 /*
324 * Defer the vnode_put and ubc_setsize on rvp until hfs_unlock().
325 *
326 * By bringing the vnode into core above, we may force hfs_vnop_reclaim
327 * to only partially finish if that's what called us. Bringing the
328 * resource fork into core results in a new rsrc vnode that will get
329 * immediately marked for termination below. It will get recycled/reclaimed
330 * as soon as possible, but that could cause another round of inactive and reclaim.
331 */
332 cp->c_flag |= C_NEED_RVNODE_PUT | C_NEED_RSRC_SETSIZE;
333 error = hfs_truncate(rvp, (off_t)0, IO_NDELAY, 1, 0, ctx);
334 if (error) {
335 goto out;
336 }
337
338 /*
339 * Note that the following call to vnode_recycle is safe from within the
340 * context of hfs_vnop_inactive or hfs_vnop_reclaim. It is being invoked
341 * on the RSRC fork vp (which is not our current vnode) As such, we hold
342 * an iocount on it and vnode_recycle will just add the MARKTERM bit at this
343 * point.
344 */
345 vnode_recycle(rvp); /* all done with this vnode */
346 }
347 }
348
349 /*
350 * If we represent the last fork (or none in the case of a dir),
351 * and the cnode has become open-unlinked,
352 * AND it has EA's, then we need to get rid of them.
353 *
354 * Note that this must happen outside of any other transactions
355 * because it starts/ends its own transactions and grabs its
356 * own locks. This is to prevent a file with a lot of attributes
357 * from creating a transaction that is too large (which panics).
358 */
359 if ((cp->c_attr.ca_recflags & kHFSHasAttributesMask) != 0 &&
360 (cp->c_flag & C_DELETED) &&
361 (forkcount <= 1)) {
362
363 ea_error = hfs_removeallattr(hfsmp, cp->c_fileid);
364 }
365
366
367 /*
368 * If the cnode represented an open-unlinked file, then now
369 * actually remove the cnode's catalog entry and release all blocks
370 * it may have been using.
371 */
372 if ((cp->c_flag & C_DELETED) && (forkcount <= 1)) {
373 /*
374 * Mark cnode in transit so that no one can get this
375 * cnode from cnode hash.
376 */
377 // hfs_chash_mark_in_transit(hfsmp, cp);
378 // XXXdbg - remove the cnode from the hash table since it's deleted
379 // otherwise someone could go to sleep on the cnode and not
380 // be woken up until this vnode gets recycled which could be
381 // a very long time...
382 hfs_chashremove(hfsmp, cp);
383
384 cp->c_flag |= C_NOEXISTS; // XXXdbg
385 cp->c_rdev = 0;
386
387 if (started_tr == 0) {
388 if (hfs_start_transaction(hfsmp) != 0) {
389 error = EINVAL;
390 goto out;
391 }
392 started_tr = 1;
393 }
394
395 /*
396 * Reserve some space in the Catalog file.
397 */
398 if ((error = cat_preflight(hfsmp, CAT_DELETE, &cookie, p))) {
399 goto out;
400 }
401 cat_reserve = 1;
402
403 lockflags = hfs_systemfile_lock(hfsmp, SFL_CATALOG | SFL_ATTRIBUTE, HFS_EXCLUSIVE_LOCK);
404
405 if (cp->c_blocks > 0) {
406 printf("hfs_inactive: deleting non-empty%sfile %d, "
407 "blks %d\n", VNODE_IS_RSRC(vp) ? " rsrc " : " ",
408 (int)cp->c_fileid, (int)cp->c_blocks);
409 }
410
411 //
412 // release the name pointer in the descriptor so that
413 // cat_delete() will use the file-id to do the deletion.
414 // in the case of hard links this is imperative (in the
415 // case of regular files the fileid and cnid are the
416 // same so it doesn't matter).
417 //
418 cat_releasedesc(&cp->c_desc);
419
420 /*
421 * The descriptor name may be zero,
422 * in which case the fileid is used.
423 */
424 error = cat_delete(hfsmp, &cp->c_desc, &cp->c_attr);
425
426 if (error && truncated && (error != ENXIO))
427 printf("hfs_inactive: couldn't delete a truncated file!");
428
429 /* Update HFS Private Data dir */
430 if (error == 0) {
431 hfsmp->hfs_private_attr[FILE_HARDLINKS].ca_entries--;
432 if (vnode_isdir(vp)) {
433 DEC_FOLDERCOUNT(hfsmp, hfsmp->hfs_private_attr[FILE_HARDLINKS]);
434 }
435 (void)cat_update(hfsmp, &hfsmp->hfs_private_desc[FILE_HARDLINKS],
436 &hfsmp->hfs_private_attr[FILE_HARDLINKS], NULL, NULL);
437 }
438
439 hfs_systemfile_unlock(hfsmp, lockflags);
440
441 if (error) {
442 goto out;
443 }
444
445 #if QUOTA
446 if (hfsmp->hfs_flags & HFS_QUOTAS)
447 (void)hfs_chkiq(cp, -1, NOCRED, 0);
448 #endif /* QUOTA */
449
450 /* Already set C_NOEXISTS at the beginning of this block */
451 cp->c_flag &= ~C_DELETED;
452 cp->c_touch_chgtime = TRUE;
453 cp->c_touch_modtime = TRUE;
454
455 if (error == 0)
456 hfs_volupdate(hfsmp, (v_type == VDIR) ? VOL_RMDIR : VOL_RMFILE, 0);
457 }
458
459 /*
460 * A file may have had delayed allocations, in which case hfs_update
461 * would not have updated the catalog record (cat_update). We need
462 * to do that now, before we lose our fork data. We also need to
463 * force the update, or hfs_update will again skip the cat_update.
464 *
465 * If the file has C_NOEXISTS set, then we can skip the hfs_update call
466 * because the catalog entry has already been removed. There would be no point
467 * to looking up the entry in the catalog to modify it when we already know it's gone
468 */
469 if ((!ISSET(cp->c_flag, C_NOEXISTS)) &&
470 ((cp->c_flag & C_MODIFIED) || cp->c_touch_acctime ||
471 cp->c_touch_chgtime || cp->c_touch_modtime)) {
472
473 if ((cp->c_flag & C_MODIFIED) || cp->c_touch_modtime){
474 cp->c_flag |= C_FORCEUPDATE;
475 }
476 hfs_update(vp, 0);
477 }
478
479 out:
480 if (cat_reserve)
481 cat_postflight(hfsmp, &cookie, p);
482
483 // XXXdbg - have to do this because a goto could have come here
484 if (started_tr) {
485 hfs_end_transaction(hfsmp);
486 started_tr = 0;
487 }
488
489
490 return error;
491 }
492
493
494
495 /*
496 * hfs_vnop_inactive
497 *
498 * The last usecount on the vnode has gone away, so we need to tear down
499 * any remaining data still residing in the cnode. If necessary, write out
500 * remaining blocks or delete the cnode's entry in the catalog.
501 */
502 int
503 hfs_vnop_inactive(struct vnop_inactive_args *ap)
504 {
505 struct vnode *vp = ap->a_vp;
506 struct cnode *cp;
507 struct hfsmount *hfsmp = VTOHFS(vp);
508 struct proc *p = vfs_context_proc(ap->a_context);
509 int error = 0;
510 int took_trunc_lock = 0;
511 enum vtype v_type;
512
513 v_type = vnode_vtype(vp);
514 cp = VTOC(vp);
515
516 if ((hfsmp->hfs_flags & HFS_READ_ONLY) || vnode_issystem(vp) ||
517 (hfsmp->hfs_freezing_proc == p)) {
518 error = 0;
519 goto inactive_done;
520 }
521
522 /*
523 * For safety, do NOT call vnode_recycle from inside this function. This can cause
524 * problems in the following scenario:
525 *
526 * vnode_create -> vnode_reclaim_internal -> vclean -> VNOP_INACTIVE
527 *
528 * If we're being invoked as a result of a reclaim that was already in-flight, then we
529 * cannot call vnode_recycle again. Being in reclaim means that there are no usecounts or
530 * iocounts by definition. As a result, if we were to call vnode_recycle, it would immediately
531 * try to re-enter reclaim again and panic.
532 *
533 * Currently, there are three things that can cause us (VNOP_INACTIVE) to get called.
534 * 1) last usecount goes away on the vnode (vnode_rele)
535 * 2) last iocount goes away on a vnode that previously had usecounts but didn't have
536 * vnode_recycle called (vnode_put)
537 * 3) vclean by way of reclaim
538 *
539 * In this function we would generally want to call vnode_recycle to speed things
540 * along to ensure that we don't leak blocks due to open-unlinked files. However, by
541 * virtue of being in this function already, we can call hfs_cnode_teardown, which
542 * will release blocks held by open-unlinked files, and mark them C_NOEXISTS so that
543 * there's no entry in the catalog and no backing store anymore. If that's the case,
544 * then we really don't care all that much when the vnode actually goes through reclaim.
545 * Further, the HFS VNOPs that manipulated the namespace in order to create the open-
546 * unlinked file in the first place should have already called vnode_recycle on the vnode
547 * to guarantee that it would go through reclaim in a speedy way.
548 */
549
550 if (cp->c_flag & C_NOEXISTS) {
551 /*
552 * If the cnode has already had its cat entry removed, then
553 * just skip to the end. We don't need to do anything here.
554 */
555 error = 0;
556 goto inactive_done;
557 }
558
559 if ((v_type == VREG || v_type == VLNK)) {
560 hfs_lock_truncate(cp, HFS_EXCLUSIVE_LOCK);
561 took_trunc_lock = 1;
562 }
563
564 (void) hfs_lock(cp, HFS_FORCE_LOCK);
565
566 /*
567 * Call cnode_teardown to push out dirty blocks to disk, release open-unlinked
568 * files' blocks from being in use, and move the cnode from C_DELETED to C_NOEXISTS.
569 */
570 error = hfs_cnode_teardown (vp, ap->a_context, 0);
571
572 /*
573 * Drop the truncate lock before unlocking the cnode
574 * (which can potentially perform a vnode_put and
575 * recycle the vnode which in turn might require the
576 * truncate lock)
577 */
578 if (took_trunc_lock) {
579 hfs_unlock_truncate(cp, 0);
580 }
581
582 hfs_unlock(cp);
583
584 inactive_done:
585
586 return error;
587 }
588
589
590 /*
591 * File clean-up (zero fill and shrink peof).
592 */
593
594 int
595 hfs_filedone(struct vnode *vp, vfs_context_t context)
596 {
597 struct cnode *cp;
598 struct filefork *fp;
599 struct hfsmount *hfsmp;
600 struct rl_entry *invalid_range;
601 off_t leof;
602 u_int32_t blks, blocksize;
603 int cluster_flags = IO_CLOSE;
604 int cluster_zero_flags = IO_HEADZEROFILL | IO_NOZERODIRTY | IO_NOCACHE;
605
606 cp = VTOC(vp);
607 fp = VTOF(vp);
608 hfsmp = VTOHFS(vp);
609 leof = fp->ff_size;
610
611 if ((hfsmp->hfs_flags & HFS_READ_ONLY) || (fp->ff_blocks == 0))
612 return (0);
613
614 /*
615 * If we are being invoked from F_SWAPDATAEXTENTS, then we
616 * need to issue synchronous IO; Unless we are sure that all
617 * of the data has been written to the disk, we won't know
618 * that all of the blocks have been allocated properly.
619 */
620 if (cp->c_flag & C_SWAPINPROGRESS) {
621 cluster_flags |= IO_SYNC;
622 }
623
624 hfs_unlock(cp);
625 (void) cluster_push(vp, cluster_flags);
626 hfs_lock(cp, HFS_FORCE_LOCK);
627
628 /*
629 * Explicitly zero out the areas of file
630 * that are currently marked invalid.
631 */
632 while ((invalid_range = TAILQ_FIRST(&fp->ff_invalidranges))) {
633 off_t start = invalid_range->rl_start;
634 off_t end = invalid_range->rl_end;
635
636 /* The range about to be written must be validated
637 * first, so that VNOP_BLOCKMAP() will return the
638 * appropriate mapping for the cluster code:
639 */
640 rl_remove(start, end, &fp->ff_invalidranges);
641
642 hfs_unlock(cp);
643 (void) cluster_write(vp, (struct uio *) 0,
644 leof, end + 1, start, (off_t)0, cluster_zero_flags);
645 hfs_lock(cp, HFS_FORCE_LOCK);
646 cp->c_flag |= C_MODIFIED;
647 }
648 cp->c_flag &= ~C_ZFWANTSYNC;
649 cp->c_zftimeout = 0;
650 blocksize = VTOVCB(vp)->blockSize;
651 blks = leof / blocksize;
652 if (((off_t)blks * (off_t)blocksize) != leof)
653 blks++;
654 /*
655 * Shrink the peof to the smallest size neccessary to contain the leof.
656 */
657 if (blks < fp->ff_blocks)
658 (void) hfs_truncate(vp, leof, IO_NDELAY, 0, 0, context);
659 hfs_unlock(cp);
660 (void) cluster_push(vp, cluster_flags);
661 hfs_lock(cp, HFS_FORCE_LOCK);
662
663 /*
664 * If the hfs_truncate didn't happen to flush the vnode's
665 * information out to disk, force it to be updated now that
666 * all invalid ranges have been zero-filled and validated:
667 */
668 if (cp->c_flag & C_MODIFIED) {
669 hfs_update(vp, 0);
670 }
671 return (0);
672 }
673
674
675 /*
676 * Reclaim a cnode so that it can be used for other purposes.
677 */
678 int
679 hfs_vnop_reclaim(struct vnop_reclaim_args *ap)
680 {
681 struct vnode *vp = ap->a_vp;
682 struct cnode *cp;
683 struct filefork *fp = NULL;
684 struct filefork *altfp = NULL;
685 struct hfsmount *hfsmp = VTOHFS(vp);
686 vfs_context_t ctx = ap->a_context;
687 int reclaim_cnode = 0;
688 int err = 0;
689 enum vtype v_type;
690
691 v_type = vnode_vtype(vp);
692 cp = VTOC(vp);
693
694 /*
695 * We don't take the truncate lock since by the time reclaim comes along,
696 * all dirty pages have been synced and nobody should be competing
697 * with us for this thread.
698 */
699 (void) hfs_lock (cp, HFS_FORCE_LOCK);
700
701 /*
702 * Sync to disk any remaining data in the cnode/vnode. This includes
703 * a call to hfs_update if the cnode has outbound data.
704 *
705 * If C_NOEXISTS is set on the cnode, then there's nothing teardown needs to do
706 * because the catalog entry for this cnode is already gone.
707 */
708 if (!ISSET(cp->c_flag, C_NOEXISTS)) {
709 err = hfs_cnode_teardown(vp, ctx, 1);
710 }
711
712 /*
713 * Keep track of an inactive hot file.
714 */
715 if (!vnode_isdir(vp) &&
716 !vnode_issystem(vp) &&
717 !(cp->c_flag & (C_DELETED | C_NOEXISTS)) ) {
718 (void) hfs_addhotfile(vp);
719 }
720 vnode_removefsref(vp);
721
722 /*
723 * Find file fork for this vnode (if any)
724 * Also check if another fork is active
725 */
726 if (cp->c_vp == vp) {
727 fp = cp->c_datafork;
728 altfp = cp->c_rsrcfork;
729
730 cp->c_datafork = NULL;
731 cp->c_vp = NULL;
732 } else if (cp->c_rsrc_vp == vp) {
733 fp = cp->c_rsrcfork;
734 altfp = cp->c_datafork;
735
736 cp->c_rsrcfork = NULL;
737 cp->c_rsrc_vp = NULL;
738 } else {
739 panic("hfs_vnop_reclaim: vp points to wrong cnode (vp=%p cp->c_vp=%p cp->c_rsrc_vp=%p)\n", vp, cp->c_vp, cp->c_rsrc_vp);
740 }
741 /*
742 * On the last fork, remove the cnode from its hash chain.
743 */
744 if (altfp == NULL) {
745 /* If we can't remove it then the cnode must persist! */
746 if (hfs_chashremove(hfsmp, cp) == 0)
747 reclaim_cnode = 1;
748 /*
749 * Remove any directory hints
750 */
751 if (vnode_isdir(vp)) {
752 hfs_reldirhints(cp, 0);
753 }
754
755 if(cp->c_flag & C_HARDLINK) {
756 hfs_relorigins(cp);
757 }
758 }
759 /* Release the file fork and related data */
760 if (fp) {
761 /* Dump cached symlink data */
762 if (vnode_islnk(vp) && (fp->ff_symlinkptr != NULL)) {
763 FREE(fp->ff_symlinkptr, M_TEMP);
764 }
765 FREE_ZONE(fp, sizeof(struct filefork), M_HFSFORK);
766 }
767
768 /*
769 * If there was only one active fork then we can release the cnode.
770 */
771 if (reclaim_cnode) {
772 hfs_chashwakeup(hfsmp, cp, H_ALLOC | H_TRANSIT);
773 hfs_reclaim_cnode(cp);
774 }
775 else {
776 /*
777 * cnode in use. If it is a directory, it could have
778 * no live forks. Just release the lock.
779 */
780 hfs_unlock(cp);
781 }
782
783 vnode_clearfsnode(vp);
784 return (0);
785 }
786
787
788 extern int (**hfs_vnodeop_p) (void *);
789 extern int (**hfs_std_vnodeop_p) (void *);
790 extern int (**hfs_specop_p) (void *);
791 #if FIFO
792 extern int (**hfs_fifoop_p) (void *);
793 #endif
794
795 /*
796 * hfs_getnewvnode - get new default vnode
797 *
798 * The vnode is returned with an iocount and the cnode locked
799 */
800 int
801 hfs_getnewvnode(
802 struct hfsmount *hfsmp,
803 struct vnode *dvp,
804 struct componentname *cnp,
805 struct cat_desc *descp,
806 int flags,
807 struct cat_attr *attrp,
808 struct cat_fork *forkp,
809 struct vnode **vpp,
810 int *out_flags)
811 {
812 struct mount *mp = HFSTOVFS(hfsmp);
813 struct vnode *vp = NULL;
814 struct vnode **cvpp;
815 struct vnode *tvp = NULLVP;
816 struct cnode *cp = NULL;
817 struct filefork *fp = NULL;
818 int hfs_standard = 0;
819 int retval;
820 int issystemfile;
821 int wantrsrc;
822 int hflags = 0;
823 struct vnode_fsparam vfsp;
824 enum vtype vtype;
825 #if QUOTA
826 int i;
827 #endif /* QUOTA */
828
829 hfs_standard = (hfsmp->hfs_flags & HFS_STANDARD);
830
831 if (attrp->ca_fileid == 0) {
832 *vpp = NULL;
833 return (ENOENT);
834 }
835
836 #if !FIFO
837 if (IFTOVT(attrp->ca_mode) == VFIFO) {
838 *vpp = NULL;
839 return (ENOTSUP);
840 }
841 #endif /* !FIFO */
842 vtype = IFTOVT(attrp->ca_mode);
843 issystemfile = (descp->cd_flags & CD_ISMETA) && (vtype == VREG);
844 wantrsrc = flags & GNV_WANTRSRC;
845
846 /* Zero out the out_flags */
847 *out_flags = 0;
848
849 #ifdef HFS_CHECK_LOCK_ORDER
850 /*
851 * The only case were its permissible to hold the parent cnode
852 * lock is during a create operation (hfs_makenode) or when
853 * we don't need the cnode lock (GNV_SKIPLOCK).
854 */
855 if ((dvp != NULL) &&
856 (flags & (GNV_CREATE | GNV_SKIPLOCK)) == 0 &&
857 VTOC(dvp)->c_lockowner == current_thread()) {
858 panic("hfs_getnewvnode: unexpected hold of parent cnode %p", VTOC(dvp));
859 }
860 #endif /* HFS_CHECK_LOCK_ORDER */
861
862 /*
863 * Get a cnode (new or existing)
864 */
865 cp = hfs_chash_getcnode(hfsmp, attrp->ca_fileid, vpp, wantrsrc,
866 (flags & GNV_SKIPLOCK), out_flags, &hflags);
867
868 /*
869 * If the id is no longer valid for lookups we'll get back a NULL cp.
870 */
871 if (cp == NULL) {
872 return (ENOENT);
873 }
874
875 /*
876 * If we get a cnode/vnode pair out of hfs_chash_getcnode, then update the
877 * descriptor in the cnode as needed if the cnode represents a hardlink.
878 * We want the caller to get the most up-to-date copy of the descriptor
879 * as possible. However, we only do anything here if there was a valid vnode.
880 * If there isn't a vnode, then the cnode is brand new and needs to be initialized
881 * as it doesn't have a descriptor or cat_attr yet.
882 *
883 * If we are about to replace the descriptor with the user-supplied one, then validate
884 * that the descriptor correctly acknowledges this item is a hardlink. We could be
885 * subject to a race where the calling thread invoked cat_lookup, got a valid lookup
886 * result but the file was not yet a hardlink. With sufficient delay between there
887 * and here, we might accidentally copy in the raw inode ID into the descriptor in the
888 * call below. If the descriptor's CNID is the same as the fileID then it must
889 * not yet have been a hardlink when the lookup occurred.
890 */
891
892 if (!(hfs_checkdeleted(cp))) {
893 if ((cp->c_flag & C_HARDLINK) && descp->cd_nameptr && descp->cd_namelen > 0) {
894 /* If cnode is uninitialized, its c_attr will be zeroed out; cnids wont match. */
895 if ((descp->cd_cnid == cp->c_attr.ca_fileid) &&
896 (attrp->ca_linkcount != cp->c_attr.ca_linkcount)){
897 if ((flags & GNV_SKIPLOCK) == 0) {
898 /*
899 * Then we took the lock. Drop it before calling
900 * vnode_put, which may invoke hfs_vnop_inactive and need to take
901 * the cnode lock again.
902 */
903 hfs_unlock(cp);
904 }
905
906 /*
907 * Emit ERECYCLE and GNV_CAT_ATTRCHANGED to
908 * force a re-drive in the lookup routine.
909 * Drop the iocount on the vnode obtained from
910 * chash_getcnode if needed.
911 */
912 if (*vpp != NULL) {
913 vnode_put (*vpp);
914 *vpp = NULL;
915 }
916
917 /*
918 * If we raced with VNOP_RECLAIM for this vnode, the hash code could
919 * have observed it after the c_vp or c_rsrc_vp fields had been torn down;
920 * the hash code peeks at those fields without holding the cnode lock because
921 * it needs to be fast. As a result, we may have set H_ATTACH in the chash
922 * call above. Since we're bailing out, unset whatever flags we just set, and
923 * wake up all waiters for this cnode.
924 */
925 if (hflags) {
926 hfs_chashwakeup(hfsmp, cp, hflags);
927 }
928
929 *out_flags = GNV_CAT_ATTRCHANGED;
930 return ERECYCLE;
931 }
932 else {
933 /* Otherwise, CNID != fileid. Go ahead and copy in the new descriptor */
934 replace_desc(cp, descp);
935 }
936 }
937 }
938
939
940 /* Check if we found a matching vnode */
941 if (*vpp != NULL) {
942 return (0);
943 }
944
945 /*
946 * If this is a new cnode then initialize it.
947 */
948 if (ISSET(cp->c_hflag, H_ALLOC)) {
949 lck_rw_init(&cp->c_truncatelock, hfs_rwlock_group, hfs_lock_attr);
950 #if HFS_COMPRESSION
951 cp->c_decmp = NULL;
952 #endif
953
954 /* Make sure its still valid (ie exists on disk). */
955 if (!(flags & GNV_CREATE)) {
956 int error = 0;
957 if (!hfs_valid_cnode (hfsmp, dvp, (wantrsrc ? NULL : cnp), cp->c_fileid, attrp, &error)) {
958 hfs_chash_abort(hfsmp, cp);
959 hfs_reclaim_cnode(cp);
960 *vpp = NULL;
961 /*
962 * If we hit this case, that means that the entry was there in the catalog when
963 * we did a cat_lookup earlier. Think hfs_lookup. However, in between the time
964 * that we checked the catalog and the time we went to get a vnode/cnode for it,
965 * it had been removed from the namespace and the vnode totally reclaimed. As a result,
966 * it's not there in the catalog during the check in hfs_valid_cnode and we bubble out
967 * an ENOENT. To indicate to the caller that they should really double-check the
968 * entry (it could have been renamed over and gotten a new fileid), we mark a bit
969 * in the output flags.
970 */
971 if (error == ENOENT) {
972 *out_flags = GNV_CAT_DELETED;
973 return ENOENT;
974 }
975
976 /*
977 * Also, we need to protect the cat_attr acquired during hfs_lookup and passed into
978 * this function as an argument because the catalog may have changed w.r.t hardlink
979 * link counts and the firstlink field. If that validation check fails, then let
980 * lookup re-drive itself to get valid/consistent data with the same failure condition below.
981 */
982 if (error == ERECYCLE) {
983 *out_flags = GNV_CAT_ATTRCHANGED;
984 return (ERECYCLE);
985 }
986 }
987 }
988 bcopy(attrp, &cp->c_attr, sizeof(struct cat_attr));
989 bcopy(descp, &cp->c_desc, sizeof(struct cat_desc));
990
991 /* The name was inherited so clear descriptor state... */
992 descp->cd_namelen = 0;
993 descp->cd_nameptr = NULL;
994 descp->cd_flags &= ~CD_HASBUF;
995
996 /* Tag hardlinks */
997 if ((vtype == VREG || vtype == VDIR) &&
998 ((descp->cd_cnid != attrp->ca_fileid) ||
999 (attrp->ca_recflags & kHFSHasLinkChainMask))) {
1000 cp->c_flag |= C_HARDLINK;
1001 }
1002 /*
1003 * Fix-up dir link counts.
1004 *
1005 * Earlier versions of Leopard used ca_linkcount for posix
1006 * nlink support (effectively the sub-directory count + 2).
1007 * That is now accomplished using the ca_dircount field with
1008 * the corresponding kHFSHasFolderCountMask flag.
1009 *
1010 * For directories the ca_linkcount is the true link count,
1011 * tracking the number of actual hardlinks to a directory.
1012 *
1013 * We only do this if the mount has HFS_FOLDERCOUNT set;
1014 * at the moment, we only set that for HFSX volumes.
1015 */
1016 if ((hfsmp->hfs_flags & HFS_FOLDERCOUNT) &&
1017 (vtype == VDIR) &&
1018 !(attrp->ca_recflags & kHFSHasFolderCountMask) &&
1019 (cp->c_attr.ca_linkcount > 1)) {
1020 if (cp->c_attr.ca_entries == 0)
1021 cp->c_attr.ca_dircount = 0;
1022 else
1023 cp->c_attr.ca_dircount = cp->c_attr.ca_linkcount - 2;
1024
1025 cp->c_attr.ca_linkcount = 1;
1026 cp->c_attr.ca_recflags |= kHFSHasFolderCountMask;
1027 if ( !(hfsmp->hfs_flags & HFS_READ_ONLY) )
1028 cp->c_flag |= C_MODIFIED;
1029 }
1030 #if QUOTA
1031 if (hfsmp->hfs_flags & HFS_QUOTAS) {
1032 for (i = 0; i < MAXQUOTAS; i++)
1033 cp->c_dquot[i] = NODQUOT;
1034 }
1035 #endif /* QUOTA */
1036 /* Mark the output flag that we're vending a new cnode */
1037 *out_flags |= GNV_NEW_CNODE;
1038 }
1039
1040 if (vtype == VDIR) {
1041 if (cp->c_vp != NULL)
1042 panic("hfs_getnewvnode: orphaned vnode (data)");
1043 cvpp = &cp->c_vp;
1044 } else {
1045 if (forkp && attrp->ca_blocks < forkp->cf_blocks)
1046 panic("hfs_getnewvnode: bad ca_blocks (too small)");
1047 /*
1048 * Allocate and initialize a file fork...
1049 */
1050 MALLOC_ZONE(fp, struct filefork *, sizeof(struct filefork),
1051 M_HFSFORK, M_WAITOK);
1052 fp->ff_cp = cp;
1053 if (forkp)
1054 bcopy(forkp, &fp->ff_data, sizeof(struct cat_fork));
1055 else
1056 bzero(&fp->ff_data, sizeof(struct cat_fork));
1057 rl_init(&fp->ff_invalidranges);
1058 fp->ff_sysfileinfo = 0;
1059
1060 if (wantrsrc) {
1061 if (cp->c_rsrcfork != NULL)
1062 panic("hfs_getnewvnode: orphaned rsrc fork");
1063 if (cp->c_rsrc_vp != NULL)
1064 panic("hfs_getnewvnode: orphaned vnode (rsrc)");
1065 cp->c_rsrcfork = fp;
1066 cvpp = &cp->c_rsrc_vp;
1067 if ( (tvp = cp->c_vp) != NULLVP )
1068 cp->c_flag |= C_NEED_DVNODE_PUT;
1069 } else {
1070 if (cp->c_datafork != NULL)
1071 panic("hfs_getnewvnode: orphaned data fork");
1072 if (cp->c_vp != NULL)
1073 panic("hfs_getnewvnode: orphaned vnode (data)");
1074 cp->c_datafork = fp;
1075 cvpp = &cp->c_vp;
1076 if ( (tvp = cp->c_rsrc_vp) != NULLVP)
1077 cp->c_flag |= C_NEED_RVNODE_PUT;
1078 }
1079 }
1080 if (tvp != NULLVP) {
1081 /*
1082 * grab an iocount on the vnode we weren't
1083 * interested in (i.e. we want the resource fork
1084 * but the cnode already has the data fork)
1085 * to prevent it from being
1086 * recycled by us when we call vnode_create
1087 * which will result in a deadlock when we
1088 * try to take the cnode lock in hfs_vnop_fsync or
1089 * hfs_vnop_reclaim... vnode_get can be called here
1090 * because we already hold the cnode lock which will
1091 * prevent the vnode from changing identity until
1092 * we drop it.. vnode_get will not block waiting for
1093 * a change of state... however, it will return an
1094 * error if the current iocount == 0 and we've already
1095 * started to terminate the vnode... we don't need/want to
1096 * grab an iocount in the case since we can't cause
1097 * the fileystem to be re-entered on this thread for this vp
1098 *
1099 * the matching vnode_put will happen in hfs_unlock
1100 * after we've dropped the cnode lock
1101 */
1102 if ( vnode_get(tvp) != 0)
1103 cp->c_flag &= ~(C_NEED_RVNODE_PUT | C_NEED_DVNODE_PUT);
1104 }
1105 vfsp.vnfs_mp = mp;
1106 vfsp.vnfs_vtype = vtype;
1107 vfsp.vnfs_str = "hfs";
1108 if ((cp->c_flag & C_HARDLINK) && (vtype == VDIR)) {
1109 vfsp.vnfs_dvp = NULL; /* no parent for me! */
1110 vfsp.vnfs_cnp = NULL; /* no name for me! */
1111 } else {
1112 vfsp.vnfs_dvp = dvp;
1113 vfsp.vnfs_cnp = cnp;
1114 }
1115 vfsp.vnfs_fsnode = cp;
1116
1117 /*
1118 * Special Case HFS Standard VNOPs from HFS+, since
1119 * HFS standard is readonly/deprecated as of 10.6
1120 */
1121
1122 #if FIFO
1123 if (vtype == VFIFO )
1124 vfsp.vnfs_vops = hfs_fifoop_p;
1125 else
1126 #endif
1127 if (vtype == VBLK || vtype == VCHR)
1128 vfsp.vnfs_vops = hfs_specop_p;
1129 else if (hfs_standard)
1130 vfsp.vnfs_vops = hfs_std_vnodeop_p;
1131 else
1132 vfsp.vnfs_vops = hfs_vnodeop_p;
1133
1134 if (vtype == VBLK || vtype == VCHR)
1135 vfsp.vnfs_rdev = attrp->ca_rdev;
1136 else
1137 vfsp.vnfs_rdev = 0;
1138
1139 if (forkp)
1140 vfsp.vnfs_filesize = forkp->cf_size;
1141 else
1142 vfsp.vnfs_filesize = 0;
1143
1144 vfsp.vnfs_flags = VNFS_ADDFSREF;
1145 if (dvp == NULLVP || cnp == NULL || !(cnp->cn_flags & MAKEENTRY) || (flags & GNV_NOCACHE))
1146 vfsp.vnfs_flags |= VNFS_NOCACHE;
1147
1148 /* Tag system files */
1149 vfsp.vnfs_marksystem = issystemfile;
1150
1151 /* Tag root directory */
1152 if (descp->cd_cnid == kHFSRootFolderID)
1153 vfsp.vnfs_markroot = 1;
1154 else
1155 vfsp.vnfs_markroot = 0;
1156
1157 if ((retval = vnode_create(VNCREATE_FLAVOR, VCREATESIZE, &vfsp, cvpp))) {
1158 if (fp) {
1159 if (fp == cp->c_datafork)
1160 cp->c_datafork = NULL;
1161 else
1162 cp->c_rsrcfork = NULL;
1163
1164 FREE_ZONE(fp, sizeof(struct filefork), M_HFSFORK);
1165 }
1166 /*
1167 * If this is a newly created cnode or a vnode reclaim
1168 * occurred during the attachment, then cleanup the cnode.
1169 */
1170 if ((cp->c_vp == NULL) && (cp->c_rsrc_vp == NULL)) {
1171 hfs_chash_abort(hfsmp, cp);
1172 hfs_reclaim_cnode(cp);
1173 }
1174 else {
1175 hfs_chashwakeup(hfsmp, cp, H_ALLOC | H_ATTACH);
1176 if ((flags & GNV_SKIPLOCK) == 0){
1177 hfs_unlock(cp);
1178 }
1179 }
1180 *vpp = NULL;
1181 return (retval);
1182 }
1183 vp = *cvpp;
1184 vnode_settag(vp, VT_HFS);
1185 if (cp->c_flag & C_HARDLINK) {
1186 vnode_setmultipath(vp);
1187 }
1188 /*
1189 * Tag resource fork vnodes as needing an VNOP_INACTIVE
1190 * so that any deferred removes (open unlinked files)
1191 * have the chance to process the resource fork.
1192 */
1193 if (VNODE_IS_RSRC(vp)) {
1194 int err;
1195 KERNEL_DEBUG_CONSTANT((FSDBG_CODE(DBG_FSRW, 37)), cp->c_vp, cp->c_rsrc_vp, 0, 0, 0);
1196
1197 /* Force VL_NEEDINACTIVE on this vnode */
1198 err = vnode_ref(vp);
1199 if (err == 0) {
1200 vnode_rele(vp);
1201 }
1202 }
1203 hfs_chashwakeup(hfsmp, cp, H_ALLOC | H_ATTACH);
1204
1205 /*
1206 * Stop tracking an active hot file.
1207 */
1208 if (!(flags & GNV_CREATE) && (vtype != VDIR) && !issystemfile) {
1209 (void) hfs_removehotfile(vp);
1210 }
1211
1212 #if CONFIG_PROTECT
1213 if (!issystemfile && (*out_flags & GNV_NEW_CNODE))
1214 cp_entry_init(cp, mp);
1215 #endif
1216
1217 *vpp = vp;
1218 return (0);
1219 }
1220
1221
1222 static void
1223 hfs_reclaim_cnode(struct cnode *cp)
1224 {
1225 #if QUOTA
1226 int i;
1227
1228 for (i = 0; i < MAXQUOTAS; i++) {
1229 if (cp->c_dquot[i] != NODQUOT) {
1230 dqreclaim(cp->c_dquot[i]);
1231 cp->c_dquot[i] = NODQUOT;
1232 }
1233 }
1234 #endif /* QUOTA */
1235
1236 /*
1237 * If the descriptor has a name then release it
1238 */
1239 if ((cp->c_desc.cd_flags & CD_HASBUF) && (cp->c_desc.cd_nameptr != 0)) {
1240 const char *nameptr;
1241
1242 nameptr = (const char *) cp->c_desc.cd_nameptr;
1243 cp->c_desc.cd_nameptr = 0;
1244 cp->c_desc.cd_flags &= ~CD_HASBUF;
1245 cp->c_desc.cd_namelen = 0;
1246 vfs_removename(nameptr);
1247 }
1248
1249 /*
1250 * We only call this function if we are in hfs_vnop_reclaim and
1251 * attempting to reclaim a cnode with only one live fork. Because the vnode
1252 * went through reclaim, any future attempts to use this item will have to
1253 * go through lookup again, which will need to create a new vnode. Thus,
1254 * destroying the locks below (while they were still held during our parent
1255 * function hfs_vnop_reclaim) is safe.
1256 */
1257
1258 lck_rw_destroy(&cp->c_rwlock, hfs_rwlock_group);
1259 lck_rw_destroy(&cp->c_truncatelock, hfs_rwlock_group);
1260 #if HFS_COMPRESSION
1261 if (cp->c_decmp) {
1262 decmpfs_cnode_destroy(cp->c_decmp);
1263 FREE_ZONE(cp->c_decmp, sizeof(*(cp->c_decmp)), M_DECMPFS_CNODE);
1264 }
1265 #endif
1266 #if CONFIG_PROTECT
1267 cp_entry_destroy(cp);
1268 #endif
1269
1270
1271 bzero(cp, sizeof(struct cnode));
1272 FREE_ZONE(cp, sizeof(struct cnode), M_HFSNODE);
1273 }
1274
1275
1276 /*
1277 * hfs_valid_cnode
1278 *
1279 * This function is used to validate data that is stored in-core against what is contained
1280 * in the catalog. Common uses include validating that the parent-child relationship still exist
1281 * for a specific directory entry (guaranteeing it has not been renamed into a different spot) at
1282 * the point of the check.
1283 */
1284 int
1285 hfs_valid_cnode(struct hfsmount *hfsmp, struct vnode *dvp, struct componentname *cnp,
1286 cnid_t cnid, struct cat_attr *cattr, int *error)
1287 {
1288 struct cat_attr attr;
1289 struct cat_desc cndesc;
1290 int stillvalid = 0;
1291 int lockflags;
1292
1293 /* System files are always valid */
1294 if (cnid < kHFSFirstUserCatalogNodeID) {
1295 *error = 0;
1296 return (1);
1297 }
1298
1299 /* XXX optimization: check write count in dvp */
1300
1301 lockflags = hfs_systemfile_lock(hfsmp, SFL_CATALOG, HFS_SHARED_LOCK);
1302
1303 if (dvp && cnp) {
1304 int lookup = 0;
1305 struct cat_fork fork;
1306
1307 bzero(&cndesc, sizeof(cndesc));
1308 cndesc.cd_nameptr = (const u_int8_t *)cnp->cn_nameptr;
1309 cndesc.cd_namelen = cnp->cn_namelen;
1310 cndesc.cd_parentcnid = VTOC(dvp)->c_fileid;
1311 cndesc.cd_hint = VTOC(dvp)->c_childhint;
1312
1313 /*
1314 * We have to be careful when calling cat_lookup. The result argument
1315 * 'attr' may get different results based on whether or not you ask
1316 * for the filefork to be supplied as output. This is because cat_lookupbykey
1317 * will attempt to do basic validation/smoke tests against the resident
1318 * extents if there are no overflow extent records, but it needs someplace
1319 * in memory to store the on-disk fork structures.
1320 *
1321 * Since hfs_lookup calls cat_lookup with a filefork argument, we should
1322 * do the same here, to verify that block count differences are not
1323 * due to calling the function with different styles. cat_lookupbykey
1324 * will request the volume be fsck'd if there is true on-disk corruption
1325 * where the number of blocks does not match the number generated by
1326 * summing the number of blocks in the resident extents.
1327 */
1328
1329 lookup = cat_lookup (hfsmp, &cndesc, 0, NULL, &attr, &fork, NULL);
1330 if ((lookup == 0) && (cnid == attr.ca_fileid)) {
1331 stillvalid = 1;
1332 *error = 0;
1333 }
1334 else {
1335 *error = ENOENT;
1336 }
1337
1338 /*
1339 * In hfs_getnewvnode, we may encounter a time-of-check vs. time-of-vnode creation
1340 * race. Specifically, if there is no vnode/cnode pair for the directory entry
1341 * being looked up, we have to go to the catalog. But since we don't hold any locks (aside
1342 * from the dvp in 'shared' mode) there is nothing to protect us against the catalog record
1343 * changing in between the time we do the cat_lookup there and the time we re-grab the
1344 * catalog lock above to do another cat_lookup.
1345 *
1346 * However, we need to check more than just the CNID and parent-child name relationships above.
1347 * Hardlinks can suffer the same race in the following scenario: Suppose we do a
1348 * cat_lookup, and find a leaf record and a raw inode for a hardlink. Now, we have
1349 * the cat_attr in hand (passed in above). But in between then and now, the vnode was
1350 * created by a competing hfs_getnewvnode call, and is manipulated and reclaimed before we get
1351 * a chance to do anything. This is possible if there are a lot of threads thrashing around
1352 * with the cnode hash. In this case, if we don't check/validate the cat_attr in-hand, we will
1353 * blindly stuff it into the cnode, which will make the in-core data inconsistent with what is
1354 * on disk. So validate the cat_attr below, if required. This race cannot happen if the cnode/vnode
1355 * already exists, as it does in the case of rename and delete.
1356 */
1357 if (stillvalid && cattr != NULL) {
1358 if (cattr->ca_linkcount != attr.ca_linkcount) {
1359 stillvalid = 0;
1360 *error = ERECYCLE;
1361 goto notvalid;
1362 }
1363
1364 if (cattr->ca_union1.cau_linkref != attr.ca_union1.cau_linkref) {
1365 stillvalid = 0;
1366 *error = ERECYCLE;
1367 goto notvalid;
1368 }
1369
1370 if (cattr->ca_union3.cau_firstlink != attr.ca_union3.cau_firstlink) {
1371 stillvalid = 0;
1372 *error = ERECYCLE;
1373 goto notvalid;
1374 }
1375
1376 if (cattr->ca_union2.cau_blocks != attr.ca_union2.cau_blocks) {
1377 stillvalid = 0;
1378 *error = ERECYCLE;
1379 goto notvalid;
1380 }
1381 }
1382 } else {
1383 if (cat_idlookup(hfsmp, cnid, 0, NULL, NULL, NULL) == 0) {
1384 stillvalid = 1;
1385 *error = 0;
1386 }
1387 else {
1388 *error = ENOENT;
1389 }
1390 }
1391 notvalid:
1392 hfs_systemfile_unlock(hfsmp, lockflags);
1393
1394 return (stillvalid);
1395 }
1396
1397 /*
1398 * Per HI and Finder requirements, HFS should add in the
1399 * date/time that a particular directory entry was added
1400 * to the containing directory.
1401 * This is stored in the extended Finder Info for the
1402 * item in question.
1403 *
1404 * Note that this field is also set explicitly in the hfs_vnop_setxattr code.
1405 * We must ignore user attempts to set this part of the finderinfo, and
1406 * so we need to save a local copy of the date added, write in the user
1407 * finderinfo, then stuff the value back in.
1408 */
1409 void hfs_write_dateadded (struct cat_attr *attrp, u_int32_t dateadded) {
1410 u_int8_t *finfo = NULL;
1411
1412 /* overlay the FinderInfo to the correct pointer, and advance */
1413 finfo = (u_int8_t*)attrp->ca_finderinfo;
1414 finfo = finfo + 16;
1415
1416 /*
1417 * Make sure to write it out as big endian, since that's how
1418 * finder info is defined.
1419 *
1420 * NOTE: This is a Unix-epoch timestamp, not a HFS/Traditional Mac timestamp.
1421 */
1422 if (S_ISREG(attrp->ca_mode)) {
1423 struct FndrExtendedFileInfo *extinfo = (struct FndrExtendedFileInfo *)finfo;
1424 extinfo->date_added = OSSwapHostToBigInt32(dateadded);
1425 attrp->ca_recflags |= kHFSHasDateAddedMask;
1426 }
1427 else if (S_ISDIR(attrp->ca_mode)) {
1428 struct FndrExtendedDirInfo *extinfo = (struct FndrExtendedDirInfo *)finfo;
1429 extinfo->date_added = OSSwapHostToBigInt32(dateadded);
1430 attrp->ca_recflags |= kHFSHasDateAddedMask;
1431 }
1432
1433 /* If it were neither directory/file, then we'd bail out */
1434 return;
1435 }
1436
1437 u_int32_t hfs_get_dateadded (struct cnode *cp) {
1438 u_int8_t *finfo = NULL;
1439 u_int32_t dateadded = 0;
1440
1441 if ((cp->c_attr.ca_recflags & kHFSHasDateAddedMask) == 0) {
1442 /* Date added was never set. Return 0. */
1443 return dateadded;
1444 }
1445
1446
1447 /* overlay the FinderInfo to the correct pointer, and advance */
1448 finfo = (u_int8_t*)cp->c_finderinfo;
1449 finfo = finfo + 16;
1450
1451 /*
1452 * FinderInfo is written out in big endian... make sure to convert it to host
1453 * native before we use it.
1454 */
1455 if (S_ISREG(cp->c_attr.ca_mode)) {
1456 struct FndrExtendedFileInfo *extinfo = (struct FndrExtendedFileInfo *)finfo;
1457 dateadded = OSSwapBigToHostInt32 (extinfo->date_added);
1458 }
1459 else if (S_ISDIR(cp->c_attr.ca_mode)) {
1460 struct FndrExtendedDirInfo *extinfo = (struct FndrExtendedDirInfo *)finfo;
1461 dateadded = OSSwapBigToHostInt32 (extinfo->date_added);
1462 }
1463
1464 return dateadded;
1465 }
1466
1467
1468
1469 /*
1470 * Touch cnode times based on c_touch_xxx flags
1471 *
1472 * cnode must be locked exclusive
1473 *
1474 * This will also update the volume modify time
1475 */
1476 void
1477 hfs_touchtimes(struct hfsmount *hfsmp, struct cnode* cp)
1478 {
1479 vfs_context_t ctx;
1480 /* don't modify times if volume is read-only */
1481 if (hfsmp->hfs_flags & HFS_READ_ONLY) {
1482 cp->c_touch_acctime = FALSE;
1483 cp->c_touch_chgtime = FALSE;
1484 cp->c_touch_modtime = FALSE;
1485 return;
1486 }
1487 else if (hfsmp->hfs_flags & HFS_STANDARD) {
1488 /* HFS Standard doesn't support access times */
1489 cp->c_touch_acctime = FALSE;
1490 }
1491
1492 ctx = vfs_context_current();
1493 /*
1494 * Skip access time updates if:
1495 * . MNT_NOATIME is set
1496 * . a file system freeze is in progress
1497 * . a file system resize is in progress
1498 * . the vnode associated with this cnode is marked for rapid aging
1499 */
1500 if (cp->c_touch_acctime) {
1501 if ((vfs_flags(hfsmp->hfs_mp) & MNT_NOATIME) ||
1502 (hfsmp->hfs_freezing_proc != NULL) ||
1503 (hfsmp->hfs_flags & HFS_RESIZE_IN_PROGRESS) ||
1504 (cp->c_vp && ((vnode_israge(cp->c_vp) || (vfs_ctx_skipatime(ctx)))))) {
1505
1506 cp->c_touch_acctime = FALSE;
1507 }
1508 }
1509 if (cp->c_touch_acctime || cp->c_touch_chgtime ||
1510 cp->c_touch_modtime || (cp->c_flag & C_NEEDS_DATEADDED)) {
1511 struct timeval tv;
1512 int touchvol = 0;
1513
1514 microtime(&tv);
1515
1516 if (cp->c_touch_acctime) {
1517 cp->c_atime = tv.tv_sec;
1518 /*
1519 * When the access time is the only thing changing
1520 * then make sure its sufficiently newer before
1521 * committing it to disk.
1522 */
1523 if ((((u_int32_t)cp->c_atime - (u_int32_t)(cp)->c_attr.ca_atimeondisk) >
1524 ATIME_ONDISK_ACCURACY)) {
1525 cp->c_flag |= C_MODIFIED;
1526 }
1527 cp->c_touch_acctime = FALSE;
1528 }
1529 if (cp->c_touch_modtime) {
1530 cp->c_mtime = tv.tv_sec;
1531 cp->c_touch_modtime = FALSE;
1532 cp->c_flag |= C_MODIFIED;
1533 touchvol = 1;
1534 #if 1
1535 /*
1536 * HFS dates that WE set must be adjusted for DST
1537 */
1538 if ((hfsmp->hfs_flags & HFS_STANDARD) && gTimeZone.tz_dsttime) {
1539 cp->c_mtime += 3600;
1540 }
1541 #endif
1542 }
1543 if (cp->c_touch_chgtime) {
1544 cp->c_ctime = tv.tv_sec;
1545 cp->c_touch_chgtime = FALSE;
1546 cp->c_flag |= C_MODIFIED;
1547 touchvol = 1;
1548 }
1549
1550 if (cp->c_flag & C_NEEDS_DATEADDED) {
1551 hfs_write_dateadded (&(cp->c_attr), tv.tv_sec);
1552 cp->c_flag |= C_MODIFIED;
1553 /* untwiddle the bit */
1554 cp->c_flag &= ~C_NEEDS_DATEADDED;
1555 touchvol = 1;
1556 }
1557
1558 /* Touch the volume modtime if needed */
1559 if (touchvol) {
1560 MarkVCBDirty(hfsmp);
1561 HFSTOVCB(hfsmp)->vcbLsMod = tv.tv_sec;
1562 }
1563 }
1564 }
1565
1566 /*
1567 * Lock a cnode.
1568 */
1569 int
1570 hfs_lock(struct cnode *cp, enum hfslocktype locktype)
1571 {
1572 void * thread = current_thread();
1573
1574 if (cp->c_lockowner == thread) {
1575 /*
1576 * Only the extents and bitmap file's support lock recursion.
1577 */
1578 if ((cp->c_fileid == kHFSExtentsFileID) ||
1579 (cp->c_fileid == kHFSAllocationFileID)) {
1580 cp->c_syslockcount++;
1581 } else {
1582 panic("hfs_lock: locking against myself!");
1583 }
1584 } else if (locktype == HFS_SHARED_LOCK) {
1585 lck_rw_lock_shared(&cp->c_rwlock);
1586 cp->c_lockowner = HFS_SHARED_OWNER;
1587
1588 } else /* HFS_EXCLUSIVE_LOCK */ {
1589 lck_rw_lock_exclusive(&cp->c_rwlock);
1590 cp->c_lockowner = thread;
1591
1592 /*
1593 * Only the extents and bitmap file's support lock recursion.
1594 */
1595 if ((cp->c_fileid == kHFSExtentsFileID) ||
1596 (cp->c_fileid == kHFSAllocationFileID)) {
1597 cp->c_syslockcount = 1;
1598 }
1599 }
1600
1601 #ifdef HFS_CHECK_LOCK_ORDER
1602 /*
1603 * Regular cnodes (non-system files) cannot be locked
1604 * while holding the journal lock or a system file lock.
1605 */
1606 if (!(cp->c_desc.cd_flags & CD_ISMETA) &&
1607 ((cp->c_fileid > kHFSFirstUserCatalogNodeID) || (cp->c_fileid == kHFSRootFolderID))) {
1608 vnode_t vp = NULLVP;
1609
1610 /* Find corresponding vnode. */
1611 if (cp->c_vp != NULLVP && VTOC(cp->c_vp) == cp) {
1612 vp = cp->c_vp;
1613 } else if (cp->c_rsrc_vp != NULLVP && VTOC(cp->c_rsrc_vp) == cp) {
1614 vp = cp->c_rsrc_vp;
1615 }
1616 if (vp != NULLVP) {
1617 struct hfsmount *hfsmp = VTOHFS(vp);
1618
1619 if (hfsmp->jnl && (journal_owner(hfsmp->jnl) == thread)) {
1620 /* This will eventually be a panic here. */
1621 printf("hfs_lock: bad lock order (cnode after journal)\n");
1622 }
1623 if (hfsmp->hfs_catalog_cp && hfsmp->hfs_catalog_cp->c_lockowner == thread) {
1624 panic("hfs_lock: bad lock order (cnode after catalog)");
1625 }
1626 if (hfsmp->hfs_attribute_cp && hfsmp->hfs_attribute_cp->c_lockowner == thread) {
1627 panic("hfs_lock: bad lock order (cnode after attribute)");
1628 }
1629 if (hfsmp->hfs_extents_cp && hfsmp->hfs_extents_cp->c_lockowner == thread) {
1630 panic("hfs_lock: bad lock order (cnode after extents)");
1631 }
1632 }
1633 }
1634 #endif /* HFS_CHECK_LOCK_ORDER */
1635
1636 /*
1637 * Skip cnodes that no longer exist (were deleted).
1638 */
1639 if ((locktype != HFS_FORCE_LOCK) &&
1640 ((cp->c_desc.cd_flags & CD_ISMETA) == 0) &&
1641 (cp->c_flag & C_NOEXISTS)) {
1642 hfs_unlock(cp);
1643 return (ENOENT);
1644 }
1645 return (0);
1646 }
1647
1648 /*
1649 * Lock a pair of cnodes.
1650 */
1651 int
1652 hfs_lockpair(struct cnode *cp1, struct cnode *cp2, enum hfslocktype locktype)
1653 {
1654 struct cnode *first, *last;
1655 int error;
1656
1657 /*
1658 * If cnodes match then just lock one.
1659 */
1660 if (cp1 == cp2) {
1661 return hfs_lock(cp1, locktype);
1662 }
1663
1664 /*
1665 * Lock in cnode address order.
1666 */
1667 if (cp1 < cp2) {
1668 first = cp1;
1669 last = cp2;
1670 } else {
1671 first = cp2;
1672 last = cp1;
1673 }
1674
1675 if ( (error = hfs_lock(first, locktype))) {
1676 return (error);
1677 }
1678 if ( (error = hfs_lock(last, locktype))) {
1679 hfs_unlock(first);
1680 return (error);
1681 }
1682 return (0);
1683 }
1684
1685 /*
1686 * Check ordering of two cnodes. Return true if they are are in-order.
1687 */
1688 static int
1689 hfs_isordered(struct cnode *cp1, struct cnode *cp2)
1690 {
1691 if (cp1 == cp2)
1692 return (0);
1693 if (cp1 == NULL || cp2 == (struct cnode *)0xffffffff)
1694 return (1);
1695 if (cp2 == NULL || cp1 == (struct cnode *)0xffffffff)
1696 return (0);
1697 /*
1698 * Locking order is cnode address order.
1699 */
1700 return (cp1 < cp2);
1701 }
1702
1703 /*
1704 * Acquire 4 cnode locks.
1705 * - locked in cnode address order (lesser address first).
1706 * - all or none of the locks are taken
1707 * - only one lock taken per cnode (dup cnodes are skipped)
1708 * - some of the cnode pointers may be null
1709 */
1710 int
1711 hfs_lockfour(struct cnode *cp1, struct cnode *cp2, struct cnode *cp3,
1712 struct cnode *cp4, enum hfslocktype locktype, struct cnode **error_cnode)
1713 {
1714 struct cnode * a[3];
1715 struct cnode * b[3];
1716 struct cnode * list[4];
1717 struct cnode * tmp;
1718 int i, j, k;
1719 int error;
1720 if (error_cnode) {
1721 *error_cnode = NULL;
1722 }
1723
1724 if (hfs_isordered(cp1, cp2)) {
1725 a[0] = cp1; a[1] = cp2;
1726 } else {
1727 a[0] = cp2; a[1] = cp1;
1728 }
1729 if (hfs_isordered(cp3, cp4)) {
1730 b[0] = cp3; b[1] = cp4;
1731 } else {
1732 b[0] = cp4; b[1] = cp3;
1733 }
1734 a[2] = (struct cnode *)0xffffffff; /* sentinel value */
1735 b[2] = (struct cnode *)0xffffffff; /* sentinel value */
1736
1737 /*
1738 * Build the lock list, skipping over duplicates
1739 */
1740 for (i = 0, j = 0, k = 0; (i < 2 || j < 2); ) {
1741 tmp = hfs_isordered(a[i], b[j]) ? a[i++] : b[j++];
1742 if (k == 0 || tmp != list[k-1])
1743 list[k++] = tmp;
1744 }
1745
1746 /*
1747 * Now we can lock using list[0 - k].
1748 * Skip over NULL entries.
1749 */
1750 for (i = 0; i < k; ++i) {
1751 if (list[i])
1752 if ((error = hfs_lock(list[i], locktype))) {
1753 /* Only stuff error_cnode if requested */
1754 if (error_cnode) {
1755 *error_cnode = list[i];
1756 }
1757 /* Drop any locks we acquired. */
1758 while (--i >= 0) {
1759 if (list[i])
1760 hfs_unlock(list[i]);
1761 }
1762 return (error);
1763 }
1764 }
1765 return (0);
1766 }
1767
1768
1769 /*
1770 * Unlock a cnode.
1771 */
1772 void
1773 hfs_unlock(struct cnode *cp)
1774 {
1775 vnode_t rvp = NULLVP;
1776 vnode_t vp = NULLVP;
1777 u_int32_t c_flag;
1778 void *lockowner;
1779
1780 /*
1781 * Only the extents and bitmap file's support lock recursion.
1782 */
1783 if ((cp->c_fileid == kHFSExtentsFileID) ||
1784 (cp->c_fileid == kHFSAllocationFileID)) {
1785 if (--cp->c_syslockcount > 0) {
1786 return;
1787 }
1788 }
1789 c_flag = cp->c_flag;
1790 cp->c_flag &= ~(C_NEED_DVNODE_PUT | C_NEED_RVNODE_PUT | C_NEED_DATA_SETSIZE | C_NEED_RSRC_SETSIZE);
1791
1792 if (c_flag & (C_NEED_DVNODE_PUT | C_NEED_DATA_SETSIZE)) {
1793 vp = cp->c_vp;
1794 }
1795 if (c_flag & (C_NEED_RVNODE_PUT | C_NEED_RSRC_SETSIZE)) {
1796 rvp = cp->c_rsrc_vp;
1797 }
1798
1799 lockowner = cp->c_lockowner;
1800 if (lockowner == current_thread()) {
1801 cp->c_lockowner = NULL;
1802 lck_rw_unlock_exclusive(&cp->c_rwlock);
1803 } else {
1804 lck_rw_unlock_shared(&cp->c_rwlock);
1805 }
1806
1807 /* Perform any vnode post processing after cnode lock is dropped. */
1808 if (vp) {
1809 if (c_flag & C_NEED_DATA_SETSIZE)
1810 ubc_setsize(vp, 0);
1811 if (c_flag & C_NEED_DVNODE_PUT)
1812 vnode_put(vp);
1813 }
1814 if (rvp) {
1815 if (c_flag & C_NEED_RSRC_SETSIZE)
1816 ubc_setsize(rvp, 0);
1817 if (c_flag & C_NEED_RVNODE_PUT)
1818 vnode_put(rvp);
1819 }
1820 }
1821
1822 /*
1823 * Unlock a pair of cnodes.
1824 */
1825 void
1826 hfs_unlockpair(struct cnode *cp1, struct cnode *cp2)
1827 {
1828 hfs_unlock(cp1);
1829 if (cp2 != cp1)
1830 hfs_unlock(cp2);
1831 }
1832
1833 /*
1834 * Unlock a group of cnodes.
1835 */
1836 void
1837 hfs_unlockfour(struct cnode *cp1, struct cnode *cp2, struct cnode *cp3, struct cnode *cp4)
1838 {
1839 struct cnode * list[4];
1840 int i, k = 0;
1841
1842 if (cp1) {
1843 hfs_unlock(cp1);
1844 list[k++] = cp1;
1845 }
1846 if (cp2) {
1847 for (i = 0; i < k; ++i) {
1848 if (list[i] == cp2)
1849 goto skip1;
1850 }
1851 hfs_unlock(cp2);
1852 list[k++] = cp2;
1853 }
1854 skip1:
1855 if (cp3) {
1856 for (i = 0; i < k; ++i) {
1857 if (list[i] == cp3)
1858 goto skip2;
1859 }
1860 hfs_unlock(cp3);
1861 list[k++] = cp3;
1862 }
1863 skip2:
1864 if (cp4) {
1865 for (i = 0; i < k; ++i) {
1866 if (list[i] == cp4)
1867 return;
1868 }
1869 hfs_unlock(cp4);
1870 }
1871 }
1872
1873
1874 /*
1875 * Protect a cnode against a truncation.
1876 *
1877 * Used mainly by read/write since they don't hold the
1878 * cnode lock across calls to the cluster layer.
1879 *
1880 * The process doing a truncation must take the lock
1881 * exclusive. The read/write processes can take it
1882 * shared. The locktype argument is the same as supplied to
1883 * hfs_lock.
1884 */
1885 void
1886 hfs_lock_truncate(struct cnode *cp, enum hfslocktype locktype)
1887 {
1888 void * thread = current_thread();
1889
1890 if (cp->c_truncatelockowner == thread) {
1891 /*
1892 * Only HFS_RECURSE_TRUNCLOCK is allowed to recurse.
1893 *
1894 * This is needed on the hfs_vnop_pagein path where we need to ensure
1895 * the file does not change sizes while we are paging in. However,
1896 * we may already hold the lock exclusive due to another
1897 * VNOP from earlier in the call stack. So if we already hold
1898 * the truncate lock exclusive, allow it to proceed, but ONLY if
1899 * it's in the recursive case.
1900 */
1901 if (locktype != HFS_RECURSE_TRUNCLOCK) {
1902 panic("hfs_lock_truncate: cnode %p locked!", cp);
1903 }
1904 }
1905 /* HFS_RECURSE_TRUNCLOCK takes a shared lock if it is not already locked */
1906 else if ((locktype == HFS_SHARED_LOCK) || (locktype == HFS_RECURSE_TRUNCLOCK)) {
1907 lck_rw_lock_shared(&cp->c_truncatelock);
1908 cp->c_truncatelockowner = HFS_SHARED_OWNER;
1909 }
1910 else { /* must be an HFS_EXCLUSIVE_LOCK */
1911 lck_rw_lock_exclusive(&cp->c_truncatelock);
1912 cp->c_truncatelockowner = thread;
1913 }
1914 }
1915
1916
1917 /*
1918 * Attempt to get the truncate lock. If it cannot be acquired, error out.
1919 * This function is needed in the degenerate hfs_vnop_pagein during force unmount
1920 * case. To prevent deadlocks while a VM copy object is moving pages, HFS vnop pagein will
1921 * temporarily need to disable V2 semantics.
1922 */
1923 int hfs_try_trunclock (struct cnode *cp, enum hfslocktype locktype) {
1924 void * thread = current_thread();
1925 boolean_t didlock = false;
1926
1927 if (cp->c_truncatelockowner == thread) {
1928 /*
1929 * Only HFS_RECURSE_TRUNCLOCK is allowed to recurse.
1930 *
1931 * This is needed on the hfs_vnop_pagein path where we need to ensure
1932 * the file does not change sizes while we are paging in. However,
1933 * we may already hold the lock exclusive due to another
1934 * VNOP from earlier in the call stack. So if we already hold
1935 * the truncate lock exclusive, allow it to proceed, but ONLY if
1936 * it's in the recursive case.
1937 */
1938 if (locktype != HFS_RECURSE_TRUNCLOCK) {
1939 panic("hfs_lock_truncate: cnode %p locked!", cp);
1940 }
1941 }
1942 /* HFS_RECURSE_TRUNCLOCK takes a shared lock if it is not already locked */
1943 else if ((locktype == HFS_SHARED_LOCK) || (locktype == HFS_RECURSE_TRUNCLOCK)) {
1944 didlock = lck_rw_try_lock(&cp->c_truncatelock, LCK_RW_TYPE_SHARED);
1945 if (didlock) {
1946 cp->c_truncatelockowner = HFS_SHARED_OWNER;
1947 }
1948 }
1949 else { /* must be an HFS_EXCLUSIVE_LOCK */
1950 didlock = lck_rw_try_lock (&cp->c_truncatelock, LCK_RW_TYPE_EXCLUSIVE);
1951 if (didlock) {
1952 cp->c_truncatelockowner = thread;
1953 }
1954 }
1955
1956 return didlock;
1957 }
1958
1959
1960 /*
1961 * Unlock the truncate lock, which protects against size changes.
1962 *
1963 * The been_recursed argument is used when we may need to return
1964 * from this function without actually unlocking the truncate lock.
1965 */
1966 void
1967 hfs_unlock_truncate(struct cnode *cp, int been_recursed)
1968 {
1969 void *thread = current_thread();
1970
1971 /*
1972 * If been_recursed is nonzero AND the current lock owner of the
1973 * truncate lock is our current thread, then we must have recursively
1974 * taken the lock earlier on. If the lock were unlocked,
1975 * HFS_RECURSE_TRUNCLOCK took a shared lock and it would fall through
1976 * to the SHARED case below.
1977 *
1978 * If been_recursed is zero (most of the time) then we check the
1979 * lockowner field to infer whether the lock was taken exclusively or
1980 * shared in order to know what underlying lock routine to call.
1981 */
1982 if (been_recursed) {
1983 if (cp->c_truncatelockowner == thread) {
1984 return;
1985 }
1986 }
1987
1988 /* HFS_LOCK_EXCLUSIVE */
1989 if (thread == cp->c_truncatelockowner) {
1990 cp->c_truncatelockowner = NULL;
1991 lck_rw_unlock_exclusive(&cp->c_truncatelock);
1992 }
1993 /* HFS_LOCK_SHARED */
1994 else {
1995 lck_rw_unlock_shared(&cp->c_truncatelock);
1996 }
1997 }
mirror of XNU