+ if (alp->commonattr & ATTR_CMN_EXTENDED_SECURITY) {
+ if (VATTR_IS_SUPPORTED(vap, va_acl) && (vap->va_acl != NULL)) {
+ struct kauth_filesec fsec;
+ /*
+ * We want to return a kauth_filesec (for now), but all we have is a kauth_acl.
+ */
+ fsec.fsec_magic = KAUTH_FILESEC_MAGIC;
+ fsec.fsec_owner = kauth_null_guid;
+ fsec.fsec_group = kauth_null_guid;
+ attrlist_pack_variable2(abp, &fsec, __offsetof(struct kauth_filesec, fsec_acl), vap->va_acl, KAUTH_ACL_COPYSIZE(vap->va_acl));
+ abp->actual.commonattr |= ATTR_CMN_EXTENDED_SECURITY;
+ } else if (!return_valid || pack_invalid) {
+ attrlist_pack_variable(abp, NULL, 0);
+ }
+ }
+ if (alp->commonattr & ATTR_CMN_UUID) {
+ if (VATTR_IS_SUPPORTED(vap, va_uuuid)) {
+ ATTR_PACK(abp, vap->va_uuuid);
+ abp->actual.commonattr |= ATTR_CMN_UUID;
+ } else if (!return_valid || pack_invalid) {
+ ATTR_PACK(abp, kauth_null_guid);
+ }
+ }
+ if (alp->commonattr & ATTR_CMN_GRPUUID) {
+ if (VATTR_IS_SUPPORTED(vap, va_guuid)) {
+ ATTR_PACK(abp, vap->va_guuid);
+ abp->actual.commonattr |= ATTR_CMN_GRPUUID;
+ } else if (!return_valid || pack_invalid) {
+ ATTR_PACK(abp, kauth_null_guid);
+ }
+ }
+ if (alp->commonattr & ATTR_CMN_FILEID) {
+ ATTR_PACK8((*abp), vap->va_fileid);
+ abp->actual.commonattr |= ATTR_CMN_FILEID;
+ }
+ if (alp->commonattr & ATTR_CMN_PARENTID) {
+ ATTR_PACK8((*abp), vap->va_parentid);
+ abp->actual.commonattr |= ATTR_CMN_PARENTID;
+ }
+
+ if (alp->commonattr & ATTR_CMN_FULLPATH) {
+ if (vp) {
+ attrlist_pack_string(abp, fullpathptr, fullpathlen);
+ abp->actual.commonattr |= ATTR_CMN_FULLPATH;
+ }
+ }
+
+ if (alp->commonattr & ATTR_CMN_ADDEDTIME) {
+ if (VATTR_IS_SUPPORTED(vap, va_addedtime)) {
+ ATTR_PACK_TIME((*abp), vap->va_addedtime, proc_is64);
+ abp->actual.commonattr |= ATTR_CMN_ADDEDTIME;
+ } else if (!return_valid || pack_invalid) {
+ struct timespec zerotime = {.tv_sec = 0, .tv_nsec = 0};
+
+ ATTR_PACK_TIME((*abp), zerotime, proc_is64);
+ }
+ }
+ if (alp->commonattr & ATTR_CMN_DATA_PROTECT_FLAGS) {
+ if (VATTR_IS_SUPPORTED(vap, va_dataprotect_class)) {
+ ATTR_PACK4((*abp), vap->va_dataprotect_class);
+ abp->actual.commonattr |= ATTR_CMN_DATA_PROTECT_FLAGS;
+ } else if (!return_valid || pack_invalid) {
+ ATTR_PACK4((*abp), 0);
+ }
+ }
+out:
+ return error;
+}
+
+static errno_t
+attr_pack_dir(struct vnode *vp, struct attrlist *alp, struct _attrlist_buf *abp,
+ struct vnode_attr *vap, int return_valid, int pack_invalid)
+{
+ if (alp->dirattr & ATTR_DIR_LINKCOUNT) { /* full count of entries */
+ ATTR_PACK4((*abp), (uint32_t)vap->va_dirlinkcount);
+ abp->actual.dirattr |= ATTR_DIR_LINKCOUNT;
+ }
+ if (alp->dirattr & ATTR_DIR_ENTRYCOUNT) {
+ ATTR_PACK4((*abp), (uint32_t)vap->va_nchildren);
+ abp->actual.dirattr |= ATTR_DIR_ENTRYCOUNT;
+ }
+ if (alp->dirattr & ATTR_DIR_MOUNTSTATUS) {
+ uint32_t mntstat;
+
+ if (vp) {
+ /*
+ * The vnode that is passed down may either be a
+ * top level vnode of a mount stack or a mounted
+ * on vnode. In either case, the directory should
+ * be reported as a mount point.
+ */
+ if ((vp->v_flag & VROOT) || vnode_mountedhere(vp)) {
+ mntstat = DIR_MNTSTATUS_MNTPOINT;
+ } else {
+ mntstat = 0;
+ }
+#if CONFIG_TRIGGERS
+ /*
+ * Report back on active vnode triggers
+ * that can directly trigger a mount
+ */
+ if (vp->v_resolve &&
+ !(vp->v_resolve->vr_flags & VNT_NO_DIRECT_MOUNT)) {
+ mntstat |= DIR_MNTSTATUS_TRIGGER;
+ }
+#endif
+ } else {
+ mntstat = 0;
+ }
+
+ ATTR_PACK4((*abp), mntstat);
+ abp->actual.dirattr |= ATTR_DIR_MOUNTSTATUS;
+ }
+ if (alp->dirattr & ATTR_DIR_ALLOCSIZE) {
+ if (VATTR_IS_SUPPORTED(vap, va_data_alloc)) {
+ ATTR_PACK8((*abp), vap->va_data_alloc);
+ abp->actual.dirattr |= ATTR_DIR_ALLOCSIZE;
+ } else if (VATTR_IS_SUPPORTED(vap, va_total_alloc)) {
+ ATTR_PACK8((*abp), vap->va_total_alloc);
+ abp->actual.dirattr |= ATTR_DIR_ALLOCSIZE;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+ if (alp->dirattr & ATTR_DIR_IOBLOCKSIZE) {
+ if (VATTR_IS_SUPPORTED(vap, va_iosize)) {
+ ATTR_PACK4((*abp), vap->va_iosize);
+ abp->actual.dirattr |= ATTR_DIR_IOBLOCKSIZE;
+ } else if (!return_valid || pack_invalid) {
+ ATTR_PACK4((*abp), 0);
+ }
+ }
+ /*
+ * If the filesystem does not support datalength
+ * or dataallocsize, then we infer that totalsize and
+ * totalalloc are substitutes.
+ */
+ if (alp->dirattr & ATTR_DIR_DATALENGTH) {
+ if (VATTR_IS_SUPPORTED(vap, va_data_size)) {
+ ATTR_PACK8((*abp), vap->va_data_size);
+ abp->actual.dirattr |= ATTR_DIR_DATALENGTH;
+ } else if (VATTR_IS_SUPPORTED(vap, va_total_size)) {
+ ATTR_PACK8((*abp), vap->va_total_size);
+ abp->actual.dirattr |= ATTR_DIR_DATALENGTH;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+
+ return 0;
+}
+
+/*
+ * The is_bulk parameter differentiates whether the function is called from
+ * getattrlist or getattrlistbulk. When coming in from getattrlistbulk,
+ * the corresponding va_* values are expected to be the values filled and no
+ * attempt is made to retrieve them by calling back into the filesystem.
+ */
+static errno_t
+attr_pack_file(vfs_context_t ctx, struct vnode *vp, struct attrlist *alp,
+ struct _attrlist_buf *abp, struct vnode_attr *vap, int return_valid,
+ int pack_invalid, int is_bulk)
+{
+ size_t rsize = 0;
+ uint64_t rlength = 0;
+ uint64_t ralloc = 0;
+ int error = 0;
+
+ /*
+ * Pre-fetch the rsrc attributes now so we only get them once.
+ * Fetch the resource fork size/allocation via xattr interface
+ */
+ if (vp && !is_bulk &&
+ (alp->fileattr & (ATTR_FILE_TOTALSIZE | ATTR_FILE_ALLOCSIZE |
+ ATTR_FILE_RSRCLENGTH | ATTR_FILE_RSRCALLOCSIZE))) {
+ error = vn_getxattr(vp, XATTR_RESOURCEFORK_NAME, NULL,
+ &rsize, XATTR_NOSECURITY, ctx);
+ if (error) {
+ if ((error == ENOENT) || (error == ENOATTR) ||
+ (error == ENOTSUP) || (error == EPERM) ||
+ (error == EACCES)) {
+ rsize = 0;
+ error = 0;
+ } else {
+ goto out;
+ }
+ }
+ rlength = rsize;
+
+ if (alp->fileattr & (ATTR_FILE_RSRCALLOCSIZE |
+ ATTR_FILE_ALLOCSIZE)) {
+ uint32_t blksize;
+
+ blksize = vp->v_mount->mnt_vfsstat.f_bsize;
+
+ if (blksize == 0) {
+ blksize = 512;
+ }
+ ralloc = roundup(rsize, blksize);
+ }
+ }
+
+ if (alp->fileattr & ATTR_FILE_LINKCOUNT) {
+ ATTR_PACK4((*abp), (uint32_t)vap->va_nlink);
+ abp->actual.fileattr |= ATTR_FILE_LINKCOUNT;
+ }
+ /*
+ * Note the following caveats for the TOTALSIZE and ALLOCSIZE attributes:
+ * We infer that if the filesystem does not support va_data_size or va_data_alloc
+ * it must not know about alternate forks. So when we need to gather
+ * the total size or total alloc, it's OK to substitute the total size for
+ * the data size below. This is because it is likely a flat filesystem and we must
+ * be using AD files to store the rsrc fork and EAs.
+ *
+ * Additionally, note that getattrlist is barred from being called on
+ * resource fork paths. (Search for CN_ALLOWRSRCFORK). So if the filesystem does
+ * support va_data_size, it is guaranteed to represent the data fork's size. This
+ * is an important distinction to make because when we call vnode_getattr on
+ * an HFS resource fork vnode, to get the size, it will vend out the resource
+ * fork's size (it only gets the size of the passed-in vnode).
+ */
+ if (alp->fileattr & ATTR_FILE_TOTALSIZE) {
+ if (!is_bulk) {
+ uint64_t totalsize = rlength;
+
+ if (VATTR_IS_SUPPORTED(vap, va_data_size)) {
+ totalsize += vap->va_data_size;
+ } else if (VATTR_IS_SUPPORTED(vap, va_total_size)) {
+ totalsize += vap->va_total_size;
+ }
+
+ ATTR_PACK8((*abp), totalsize);
+ abp->actual.fileattr |= ATTR_FILE_TOTALSIZE;
+ } else if (VATTR_IS_SUPPORTED(vap, va_total_size)) {
+ ATTR_PACK8((*abp), vap->va_total_size);
+ abp->actual.fileattr |= ATTR_FILE_TOTALSIZE;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+ if (alp->fileattr & ATTR_FILE_ALLOCSIZE) {
+ if (!is_bulk) {
+ uint64_t totalalloc = ralloc;
+
+ /*
+ * If data_alloc is supported, then it must represent the
+ * data fork size.
+ */
+ if (VATTR_IS_SUPPORTED(vap, va_data_alloc)) {
+ totalalloc += vap->va_data_alloc;
+ } else if (VATTR_IS_SUPPORTED(vap, va_total_alloc)) {
+ totalalloc += vap->va_total_alloc;
+ }
+
+ ATTR_PACK8((*abp), totalalloc);
+ abp->actual.fileattr |= ATTR_FILE_ALLOCSIZE;
+ } else if (VATTR_IS_SUPPORTED(vap, va_total_alloc)) {
+ ATTR_PACK8((*abp), vap->va_total_alloc);
+ abp->actual.fileattr |= ATTR_FILE_ALLOCSIZE;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+ if (alp->fileattr & ATTR_FILE_IOBLOCKSIZE) {
+ if (VATTR_IS_SUPPORTED(vap, va_iosize)) {
+ ATTR_PACK4((*abp), vap->va_iosize);
+ abp->actual.fileattr |= ATTR_FILE_IOBLOCKSIZE;
+ } else if (!return_valid || pack_invalid) {
+ ATTR_PACK4((*abp), 0);
+ }
+ }
+ if (alp->fileattr & ATTR_FILE_CLUMPSIZE) {
+ if (!return_valid || pack_invalid) {
+ ATTR_PACK4((*abp), 0); /* this value is deprecated */
+ abp->actual.fileattr |= ATTR_FILE_CLUMPSIZE;
+ }
+ }
+ if (alp->fileattr & ATTR_FILE_DEVTYPE) {
+ if (vp && (vp->v_type == VCHR || vp->v_type == VBLK)) {
+ uint32_t dev;
+
+ if (vp->v_specinfo != NULL) {
+ dev = vp->v_specinfo->si_rdev;
+ } else if (VATTR_IS_SUPPORTED(vap, va_rdev)) {
+ dev = vap->va_rdev;
+ } else {
+ dev = 0;
+ }
+ ATTR_PACK4((*abp), dev);
+ abp->actual.fileattr |= ATTR_FILE_DEVTYPE;
+ } else if (vp) {
+ ATTR_PACK4((*abp), 0);
+ abp->actual.fileattr |= ATTR_FILE_DEVTYPE;
+ } else if (VATTR_IS_SUPPORTED(vap, va_rdev)) {
+ ATTR_PACK4((*abp), vap->va_rdev);
+ abp->actual.fileattr |= ATTR_FILE_DEVTYPE;
+ } else if (!return_valid || pack_invalid) {
+ ATTR_PACK4((*abp), 0);
+ }
+ }
+ /*
+ * If the filesystem does not support datalength
+ * or dataallocsize, then we infer that totalsize and
+ * totalalloc are substitutes.
+ */
+ if (alp->fileattr & ATTR_FILE_DATALENGTH) {
+ if (VATTR_IS_SUPPORTED(vap, va_data_size)) {
+ ATTR_PACK8((*abp), vap->va_data_size);
+ abp->actual.fileattr |= ATTR_FILE_DATALENGTH;
+ } else if (VATTR_IS_SUPPORTED(vap, va_total_size)) {
+ ATTR_PACK8((*abp), vap->va_total_size);
+ abp->actual.fileattr |= ATTR_FILE_DATALENGTH;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+ if (alp->fileattr & ATTR_FILE_DATAALLOCSIZE) {
+ if (VATTR_IS_SUPPORTED(vap, va_data_alloc)) {
+ ATTR_PACK8((*abp), vap->va_data_alloc);
+ abp->actual.fileattr |= ATTR_FILE_DATAALLOCSIZE;
+ } else if (VATTR_IS_SUPPORTED(vap, va_total_alloc)) {
+ ATTR_PACK8((*abp), vap->va_total_alloc);
+ abp->actual.fileattr |= ATTR_FILE_DATAALLOCSIZE;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+ /* already got the resource fork size/allocation above */
+ if (alp->fileattr & ATTR_FILE_RSRCLENGTH) {
+ if (!is_bulk) {
+ ATTR_PACK8((*abp), rlength);
+ abp->actual.fileattr |= ATTR_FILE_RSRCLENGTH;
+ } else if (VATTR_IS_SUPPORTED(vap, va_rsrc_length)) {
+ ATTR_PACK8((*abp), vap->va_rsrc_length);
+ abp->actual.fileattr |= ATTR_FILE_RSRCLENGTH;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+ if (alp->fileattr & ATTR_FILE_RSRCALLOCSIZE) {
+ if (!is_bulk) {
+ ATTR_PACK8((*abp), ralloc);
+ abp->actual.fileattr |= ATTR_FILE_RSRCALLOCSIZE;
+ } else if (VATTR_IS_SUPPORTED(vap, va_rsrc_alloc)) {
+ ATTR_PACK8((*abp), vap->va_rsrc_alloc);
+ abp->actual.fileattr |= ATTR_FILE_RSRCALLOCSIZE;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+out:
+ return error;
+}
+
+/*
+ * Pack FORKATTR attributes into a user buffer.
+ * alp is a pointer to the bitmap of attributes required.
+ * abp is the state of the attribute filling operation.
+ * The attribute data (along with some other fields that are required
+ * are in ad.
+ */
+static errno_t
+attr_pack_common_extended(mount_t mp, struct vnode *vp, struct attrlist *alp,
+ struct _attrlist_buf *abp, const char *relpathptr, ssize_t relpathlen,
+ const char *REALpathptr, ssize_t REALpathlen,
+ struct vnode_attr *vap, int return_valid, int pack_invalid)
+{
+ if (vp && (alp->forkattr & ATTR_CMNEXT_RELPATH)) {
+ attrlist_pack_string(abp, relpathptr, relpathlen);
+ abp->actual.forkattr |= ATTR_CMNEXT_RELPATH;
+ }
+
+ if (alp->forkattr & ATTR_CMNEXT_PRIVATESIZE) {
+ if (VATTR_IS_SUPPORTED(vap, va_private_size)) {
+ ATTR_PACK8((*abp), vap->va_private_size);
+ abp->actual.forkattr |= ATTR_CMNEXT_PRIVATESIZE;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+
+ if (alp->forkattr & ATTR_CMNEXT_LINKID) {
+ uint64_t linkid;
+
+ if (VATTR_IS_SUPPORTED(vap, va_linkid)) {
+ linkid = vap->va_linkid;
+ } else {
+ linkid = vap->va_fileid;
+ }
+
+ ATTR_PACK8((*abp), linkid);
+ abp->actual.forkattr |= ATTR_CMNEXT_LINKID;
+ }
+
+ if (vp && (alp->forkattr & ATTR_CMNEXT_NOFIRMLINKPATH)) {
+ attrlist_pack_string(abp, REALpathptr, REALpathlen);
+ abp->actual.forkattr |= ATTR_CMNEXT_NOFIRMLINKPATH;
+ }
+
+ if (alp->forkattr & ATTR_CMNEXT_REALDEVID) {
+ if (mp) {
+ ATTR_PACK4((*abp),
+ mp->mnt_vfsstat.f_fsid.val[0]);
+ abp->actual.forkattr |= ATTR_CMNEXT_REALDEVID;
+ } else if (vp) {
+ ATTR_PACK4((*abp),
+ vp->v_mount->mnt_vfsstat.f_fsid.val[0]);
+ abp->actual.forkattr |= ATTR_CMNEXT_REALDEVID;
+ } else if (VATTR_IS_SUPPORTED(vap, va_fsid)) {
+ ATTR_PACK4((*abp), vap->va_fsid);
+ abp->actual.forkattr |= ATTR_CMN_DEVID;
+ } else if (!return_valid || pack_invalid) {
+ ATTR_PACK4((*abp), 0);
+ }
+ }
+
+ if (alp->forkattr & ATTR_CMNEXT_REALFSID) {
+ if (mp) {
+ ATTR_PACK8((*abp),
+ mp->mnt_vfsstat.f_fsid);
+ abp->actual.forkattr |= ATTR_CMNEXT_REALFSID;
+ } else if (vp) {
+ ATTR_PACK8((*abp),
+ vp->v_mount->mnt_vfsstat.f_fsid);
+ abp->actual.forkattr |= ATTR_CMNEXT_REALFSID;
+ } else if (VATTR_IS_SUPPORTED(vap, va_fsid64)) {
+ ATTR_PACK8((*abp), vap->va_fsid64);
+ abp->actual.forkattr |= ATTR_CMN_FSID;
+ } else if (!return_valid || pack_invalid) {
+ fsid_t fsid = {{0}};
+
+ ATTR_PACK8((*abp), fsid);
+ }
+ }
+
+ if (alp->forkattr & ATTR_CMNEXT_CLONEID) {
+ if (VATTR_IS_SUPPORTED(vap, va_clone_id)) {
+ ATTR_PACK8((*abp), vap->va_clone_id);
+ abp->actual.forkattr |= ATTR_CMNEXT_CLONEID;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+
+ if (alp->forkattr & ATTR_CMNEXT_EXT_FLAGS) {
+ if (VATTR_IS_SUPPORTED(vap, va_extflags)) {
+ ATTR_PACK8((*abp), vap->va_extflags);
+ abp->actual.forkattr |= ATTR_CMNEXT_EXT_FLAGS;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+
+ if (alp->forkattr & ATTR_CMNEXT_RECURSIVE_GENCOUNT) {
+ if (VATTR_IS_SUPPORTED(vap, va_recursive_gencount)) {
+ ATTR_PACK8((*abp), vap->va_recursive_gencount);
+ abp->actual.forkattr |= ATTR_CMNEXT_RECURSIVE_GENCOUNT;
+ } else if (!return_valid || pack_invalid) {
+ uint64_t zero_val = 0;
+ ATTR_PACK8((*abp), zero_val);
+ }
+ }
+
+ return 0;
+}
+
+static void
+vattr_get_alt_data(vnode_t vp, struct attrlist *alp, struct vnode_attr *vap,
+ int return_valid, int is_bulk,
+#if !CONFIG_FIRMLINKS
+ __unused
+#endif
+ int is_realdev, vfs_context_t ctx)
+{
+ /*
+ * There are a couple of special cases.
+ * If we are after object IDs, we can make do with va_fileid.
+ */
+ if ((alp->commonattr &
+ (ATTR_CMN_OBJID | ATTR_CMN_OBJPERMANENTID | ATTR_CMN_FILEID)) &&
+ !VATTR_IS_SUPPORTED(vap, va_linkid)) {
+ /* forget we wanted this */
+ VATTR_CLEAR_ACTIVE(vap, va_linkid);
+ }
+
+ /*
+ * A filesystem may not support va_fsid64. If it is not available, then we'll
+ * synthesize it from the mount.
+ */
+ if ((alp->commonattr & ATTR_CMN_FSID) && !VATTR_IS_SUPPORTED(vap, va_fsid64)) {
+ VATTR_CLEAR_ACTIVE(vap, va_fsid64);
+ }
+
+ /* Same for fsid */
+ if ((alp->commonattr & ATTR_CMN_FSID) && !VATTR_IS_SUPPORTED(vap, va_fsid)) {
+ VATTR_CLEAR_ACTIVE(vap, va_fsid);
+ }
+
+ /* We request the fsid64 for the devid */
+ if ((alp->commonattr & ATTR_CMN_DEVID) && !VATTR_IS_SUPPORTED(vap, va_fsid)) {
+ VATTR_CLEAR_ACTIVE(vap, va_fsid);
+ }
+
+
+ /*
+ * Many filesystems don't know their parent object id.
+ * If necessary, attempt to derive it from the vnode.
+ */
+ if ((alp->commonattr & (ATTR_CMN_PAROBJID | ATTR_CMN_PARENTID)) && vp) {
+ vnode_t dvp;
+
+#if CONFIG_FIRMLINKS
+ /* If this is a firmlink target, we get the fileid of the firmlink parent. */
+ if (!is_realdev && (vp->v_flag & VFMLINKTARGET) && ((dvp = vp->v_fmlink) != NULL) && (vnode_get(dvp) == 0)) {
+ struct vnode_attr lva;
+
+ VATTR_INIT(&lva);
+ VATTR_WANTED(&lva, va_parentid);
+ VATTR_WANTED(&lva, va_fsid);
+ if (vnode_getattr(dvp, &lva, ctx) == 0 &&
+ VATTR_IS_SUPPORTED(&lva, va_parentid) &&
+ VATTR_IS_SUPPORTED(&lva, va_fsid) &&
+ (lva.va_fsid == (uint32_t)vp->v_mount->mnt_vfsstat.f_fsid.val[0])) {
+ vap->va_parentid = lva.va_parentid;
+ VATTR_SET_SUPPORTED(vap, va_parentid);
+ }
+ vnode_put(dvp);
+ } else
+#endif /* CONFIG_FIRMLINKS */
+ if (!VATTR_IS_SUPPORTED(vap, va_parentid) && !is_bulk) {
+ if ((dvp = vnode_getparent(vp)) != NULLVP) {
+ struct vnode_attr lva;
+
+ VATTR_INIT(&lva);
+ VATTR_WANTED(&lva, va_fileid);
+ if (vnode_getattr(dvp, &lva, ctx) == 0 &&
+ VATTR_IS_SUPPORTED(vap, va_fileid)) {
+ vap->va_parentid = lva.va_fileid;
+ VATTR_SET_SUPPORTED(vap, va_parentid);
+ }
+ vnode_put(dvp);
+ }
+ }
+ }
+
+ /*
+ * And we can report datasize/alloc from total.
+ */
+ if ((alp->fileattr & ATTR_FILE_DATALENGTH) &&
+ !VATTR_IS_SUPPORTED(vap, va_data_size)) {
+ VATTR_CLEAR_ACTIVE(vap, va_data_size);
+ }
+
+ if ((alp->fileattr & ATTR_FILE_DATAALLOCSIZE) &&
+ !VATTR_IS_SUPPORTED(vap, va_data_alloc)) {
+ VATTR_CLEAR_ACTIVE(vap, va_data_alloc);
+ }
+
+ /*
+ * If we don't have an encoding, go with UTF-8
+ */
+ if ((alp->commonattr & ATTR_CMN_SCRIPT) &&
+ !VATTR_IS_SUPPORTED(vap, va_encoding) && !return_valid) {
+ VATTR_RETURN(vap, va_encoding,
+ 0x7e /* kTextEncodingMacUnicode */);
+ }
+
+ /*
+ * If we don't have a name, we'll get one from the vnode or
+ * mount point.
+ */
+ if ((alp->commonattr & ATTR_CMN_NAME) &&
+ !VATTR_IS_SUPPORTED(vap, va_name)) {
+ VATTR_CLEAR_ACTIVE(vap, va_name);
+ }
+
+ /* If va_dirlinkcount isn't supported use a default of 1. */
+ if ((alp->dirattr & ATTR_DIR_LINKCOUNT) &&
+ !VATTR_IS_SUPPORTED(vap, va_dirlinkcount)) {
+ VATTR_RETURN(vap, va_dirlinkcount, 1);
+ }
+}
+
+struct _attrlist_paths {
+ char *fullpathptr;
+ ssize_t *fullpathlenp;
+ char *relpathptr;
+ ssize_t *relpathlenp;
+ char *REALpathptr;
+ ssize_t *REALpathlenp;
+};
+
+static errno_t
+calc_varsize(vnode_t vp, struct attrlist *alp, struct vnode_attr *vap,
+ ssize_t *varsizep, struct _attrlist_paths *pathsp, const char **vnamep,
+ const char **cnpp, ssize_t *cnlp)
+{
+ int error = 0;
+
+ *varsizep = 0; /* length count */
+ /* We may need to fix up the name attribute if requested */
+ if (alp->commonattr & ATTR_CMN_NAME) {
+ if (VATTR_IS_SUPPORTED(vap, va_name)) {
+ vap->va_name[MAXPATHLEN - 1] = '\0'; /* Ensure nul-termination */
+ *cnpp = vap->va_name;
+ *cnlp = strlen(*cnpp);
+ } else if (vp) {
+ /* Filesystem did not support getting the name */
+ if (vnode_isvroot(vp)) {
+ if (vp->v_mount->mnt_vfsstat.f_mntonname[1] == 0x00 &&
+ vp->v_mount->mnt_vfsstat.f_mntonname[0] == '/') {
+ /* special case for boot volume. Use root name when it's
+ * available (which is the volume name) or just the mount on
+ * name of "/". we must do this for binary compatibility with
+ * pre Tiger code. returning nothing for the boot volume name
+ * breaks installers - 3961058
+ */
+ *cnpp = *vnamep = vnode_getname(vp);
+ if (*cnpp == NULL) {
+ /* just use "/" as name */
+ *cnpp = &vp->v_mount->mnt_vfsstat.f_mntonname[0];
+ }
+ *cnlp = strlen(*cnpp);
+ } else {
+ getattrlist_findnamecomp(vp->v_mount->mnt_vfsstat.f_mntonname, cnpp, cnlp);
+ }
+ } else {
+ *cnpp = *vnamep = vnode_getname(vp);
+ *cnlp = 0;
+ if (*cnpp != NULL) {
+ *cnlp = strlen(*cnpp);
+ }
+ }
+ } else {
+ *cnlp = 0;
+ }
+ *varsizep += roundup(*cnlp + 1, 4);
+ }
+
+ /*
+ * Compute the full path to this vnode, if necessary. This attribute is almost certainly
+ * not supported by any filesystem, so build the path to this vnode at this time.
+ */
+ if (vp && (alp->commonattr & ATTR_CMN_FULLPATH)) {
+ int len = MAXPATHLEN;
+ int err;
+
+ /* call build_path making sure NOT to use the cache-only behavior */
+ err = build_path(vp, pathsp->fullpathptr, len, &len, 0, vfs_context_current());
+ if (err) {
+ error = err;
+ goto out;
+ }
+ if (pathsp->fullpathptr) {
+ *(pathsp->fullpathlenp) = strlen(pathsp->fullpathptr);
+ } else {
+ *(pathsp->fullpathlenp) = 0;
+ }
+ *varsizep += roundup(((*(pathsp->fullpathlenp)) + 1), 4);
+ }
+
+ /*
+ * Compute this vnode's volume relative path.
+ */
+ if (vp && (alp->forkattr & ATTR_CMNEXT_RELPATH)) {
+ int len;
+ int err;
+
+ /* call build_path making sure NOT to use the cache-only behavior */
+ err = build_path(vp, pathsp->relpathptr, MAXPATHLEN, &len, BUILDPATH_VOLUME_RELATIVE, vfs_context_current());
+ if (err) {
+ error = err;
+ goto out;
+ }
+
+ //`len' includes trailing null
+ *(pathsp->relpathlenp) = len - 1;
+ *varsizep += roundup(len, 4);
+ }
+
+ /*
+ * Compute this vnode's real (firmlink free) path.
+ */
+ if (vp && (alp->forkattr & ATTR_CMNEXT_NOFIRMLINKPATH)) {
+ int len;
+ int err;
+
+ /* call build_path making sure NOT to use the cache-only behavior */
+ err = build_path(vp, pathsp->REALpathptr, MAXPATHLEN, &len, BUILDPATH_NO_FIRMLINK, vfs_context_current());
+ if (err) {
+ error = err;
+ goto out;
+ }
+
+ //`len' includes trailing null
+ *(pathsp->REALpathlenp) = len - 1;
+ *varsizep += roundup(len, 4);
+ }
+
+ /*
+ * We have a kauth_acl_t but we will be returning a kauth_filesec_t.
+ *
+ * XXX This needs to change at some point; since the blob is opaque in
+ * user-space this is OK.
+ */
+ if ((alp->commonattr & ATTR_CMN_EXTENDED_SECURITY) &&
+ VATTR_IS_SUPPORTED(vap, va_acl) &&
+ (vap->va_acl != NULL)) {
+ /*
+ * Since we have a kauth_acl_t (not a kauth_filesec_t), we have to check against
+ * KAUTH_FILESEC_NOACL ourselves
+ */
+ if (vap->va_acl->acl_entrycount == KAUTH_FILESEC_NOACL) {
+ *varsizep += roundup((KAUTH_FILESEC_SIZE(0)), 4);
+ } else {
+ *varsizep += roundup((KAUTH_FILESEC_SIZE(vap->va_acl->acl_entrycount)), 4);
+ }
+ }
+
+out:
+ return error;
+}
+
+static errno_t
+vfs_attr_pack_internal(mount_t mp, vnode_t vp, uio_t auio, struct attrlist *alp,
+ uint64_t options, struct vnode_attr *vap, __unused void *fndesc,
+ vfs_context_t ctx, int is_bulk, enum vtype vtype, ssize_t fixedsize)
+{
+ struct _attrlist_buf ab;
+ struct _attrlist_paths apaths = {.fullpathptr = NULL, .fullpathlenp = NULL,
+ .relpathptr = NULL, .relpathlenp = NULL,
+ .REALpathptr = NULL, .REALpathlenp = NULL};
+ ssize_t buf_size;
+ size_t copy_size;
+ ssize_t varsize;
+ const char *vname = NULL;
+ const char *cnp;
+ ssize_t cnl;
+ char *fullpathptr;
+ ssize_t fullpathlen;
+ char *relpathptr;
+ ssize_t relpathlen;
+ char *REALpathptr;
+ ssize_t REALpathlen;
+ int error;
+ int proc_is64;
+ int return_valid;
+ int pack_invalid;
+ int is_realdev;
+ int alloc_local_buf;
+ const int use_fork = options & FSOPT_ATTR_CMN_EXTENDED;
+
+ proc_is64 = proc_is64bit(vfs_context_proc(ctx));
+ ab.base = NULL;
+ cnp = "unknown";
+ cnl = 0;
+ fullpathptr = NULL;
+ fullpathlen = 0;
+ relpathptr = NULL;
+ relpathlen = 0;
+ REALpathptr = NULL;
+ REALpathlen = 0;
+ error = 0;
+ alloc_local_buf = 0;
+
+ buf_size = (ssize_t)uio_resid(auio);
+ if ((buf_size <= 0) || (uio_iovcnt(auio) > 1)) {
+ return EINVAL;
+ }
+
+ copy_size = 0;
+ /* Check for special packing semantics */
+ return_valid = (alp->commonattr & ATTR_CMN_RETURNED_ATTRS) ? 1 : 0;
+ pack_invalid = (options & FSOPT_PACK_INVAL_ATTRS) ? 1 : 0;
+ is_realdev = options & FSOPT_RETURN_REALDEV ? 1 : 0;
+
+ if (pack_invalid) {
+ /* Generate a valid mask for post processing */
+ bcopy(&(alp->commonattr), &ab.valid, sizeof(attribute_set_t));
+ }
+
+ /* did we ask for something the filesystem doesn't support? */
+ if (vap->va_active &&
+ (!VATTR_ALL_SUPPORTED(vap)
+#if CONFIG_FIRMLINKS
+ /* For firmlink targets we have to overide what the FS returned for parentid */
+ ||
+ (!is_realdev && vp && (vp->v_flag & VFMLINKTARGET) && vp->v_fmlink &&
+ (alp->commonattr & (ATTR_CMN_PAROBJID | ATTR_CMN_PARENTID)))
+#endif
+ )) {
+ // this disables the selectors that were not supported by the filesystem
+ vattr_get_alt_data(vp, alp, vap, return_valid, is_bulk, is_realdev,
+ ctx);
+
+ /* check again */
+ if (!VATTR_ALL_SUPPORTED(vap)) {
+ if (return_valid && pack_invalid) {
+ /* Fix up valid mask for post processing */
+ getattrlist_fixupattrs(&ab.valid, vap, use_fork);
+
+ /* Force packing of everything asked for */
+ vap->va_supported = vap->va_active;
+ } else if (return_valid) {
+ /* Adjust the requested attributes */
+ getattrlist_fixupattrs(
+ (attribute_set_t *)&(alp->commonattr), vap, use_fork);
+ } else {
+ error = EINVAL;
+ }
+ }
+
+ if (error) {
+ goto out;
+ }
+ }
+
+ //if a path is requested, allocate a temporary buffer to build it
+ if (vp && (alp->commonattr & (ATTR_CMN_FULLPATH))) {
+ fullpathptr = (char*) zalloc_flags(ZV_NAMEI, Z_WAITOK | Z_ZERO);
+ apaths.fullpathptr = fullpathptr;
+ apaths.fullpathlenp = &fullpathlen;
+ }
+
+ // only interpret fork attributes if they're used as new common attributes
+ if (vp && use_fork) {
+ if (alp->forkattr & (ATTR_CMNEXT_RELPATH)) {
+ relpathptr = (char*) zalloc_flags(ZV_NAMEI, Z_WAITOK | Z_ZERO);
+ apaths.relpathptr = relpathptr;
+ apaths.relpathlenp = &relpathlen;
+ }
+
+ if (alp->forkattr & (ATTR_CMNEXT_NOFIRMLINKPATH)) {
+ REALpathptr = (char*) zalloc_flags(ZV_NAMEI, Z_WAITOK | Z_ZERO);
+ apaths.REALpathptr = REALpathptr;
+ apaths.REALpathlenp = &REALpathlen;
+ }
+ }
+
+ /*
+ * Compute variable-space requirements.
+ */
+ error = calc_varsize(vp, alp, vap, &varsize, &apaths, &vname, &cnp, &cnl);
+ if (error) {
+ goto out;
+ }
+
+ /*
+ * Allocate a target buffer for attribute results.
+ *
+ * Note that we won't ever copy out more than the caller requested, even though
+ * we might have to allocate more than they offer so that the diagnostic checks
+ * don't result in a panic if the caller's buffer is too small.
+ */
+ ab.allocated = fixedsize + varsize;
+ /* Cast 'allocated' to an unsigned to verify allocation size */
+ if (((size_t)ab.allocated) > ATTR_MAX_BUFFER) {
+ error = ENOMEM;
+ VFS_DEBUG(ctx, vp, "ATTRLIST - ERROR: buffer size too large (%d limit %d)", ab.allocated, ATTR_MAX_BUFFER);
+ goto out;
+ }
+
+ /*
+ * Special handling for bulk calls, align to 8 (and only if enough
+ * space left.
+ */
+ if (is_bulk) {
+ if (buf_size < ab.allocated) {
+ goto out;
+ } else {
+ uint32_t newlen;
+
+ newlen = (ab.allocated + 7) & ~0x07;
+ /* Align only if enough space for alignment */
+ if (newlen <= (uint32_t)buf_size) {
+ ab.allocated = newlen;
+ }
+ }
+ }
+
+ /*
+ * See if we can reuse buffer passed in i.e. it is a kernel buffer
+ * and big enough.
+ */
+ if (uio_isuserspace(auio) || (buf_size < ab.allocated)) {
+ ab.base = kheap_alloc(KHEAP_TEMP, ab.allocated, Z_ZERO | Z_WAITOK);
+ alloc_local_buf = 1;
+ } else {
+ /*
+ * In case this is a kernel buffer and sufficiently
+ * big, this function will try to use that buffer
+ * instead of allocating another buffer and bcopy'ing
+ * into it.
+ *
+ * The calculation below figures out where to start
+ * writing in the buffer and once all the data has been
+ * filled in, uio_resid is updated to reflect the usage
+ * of the buffer.
+ *
+ * uio_offset cannot be used here to determine the
+ * starting location as uio_offset could be set to a
+ * value which has nothing to do the location
+ * in the buffer.
+ */
+ ab.base = (char *)uio_curriovbase(auio) +
+ ((ssize_t)uio_curriovlen(auio) - buf_size);
+ bzero(ab.base, ab.allocated);
+ }
+
+ if (ab.base == NULL) {
+ error = ENOMEM;
+ VFS_DEBUG(ctx, vp, "ATTRLIST - ERROR: could not allocate %d for copy buffer", ab.allocated);
+ goto out;
+ }
+
+
+ /* set the S_IFMT bits for the mode */
+ if (alp->commonattr & ATTR_CMN_ACCESSMASK) {
+ if (vp) {
+ switch (vp->v_type) {
+ case VREG:
+ vap->va_mode |= S_IFREG;
+ break;
+ case VDIR:
+ vap->va_mode |= S_IFDIR;
+ break;
+ case VBLK:
+ vap->va_mode |= S_IFBLK;
+ break;
+ case VCHR:
+ vap->va_mode |= S_IFCHR;
+ break;
+ case VLNK:
+ vap->va_mode |= S_IFLNK;
+ break;
+ case VSOCK:
+ vap->va_mode |= S_IFSOCK;
+ break;
+ case VFIFO:
+ vap->va_mode |= S_IFIFO;
+ break;
+ default:
+ error = EBADF;
+ goto out;
+ }
+ }
+ }
+
+ /*
+ * Pack results into the destination buffer.
+ */
+ ab.fixedcursor = ab.base + sizeof(uint32_t);
+ if (return_valid) {
+ ab.fixedcursor += sizeof(attribute_set_t);
+ bzero(&ab.actual, sizeof(ab.actual));
+ }
+ ab.varcursor = ab.base + fixedsize;
+ ab.needed = ab.allocated;
+
+ /* common attributes ************************************************/
+ error = attr_pack_common(ctx, (options & FSOPT_RETURN_REALDEV ? mp : NULL),
+ vp, alp, &ab, vap, proc_is64, cnp, cnl, fullpathptr, fullpathlen,
+ return_valid, pack_invalid, vtype, is_bulk);
+
+ /* directory attributes *********************************************/
+ if (!error && alp->dirattr && (vtype == VDIR)) {
+ error = attr_pack_dir(vp, alp, &ab, vap, return_valid, pack_invalid);
+ }
+
+ /* file attributes **************************************************/
+ if (!error && alp->fileattr && (vtype != VDIR)) {
+ error = attr_pack_file(ctx, vp, alp, &ab, vap, return_valid,
+ pack_invalid, is_bulk);
+ }
+
+ /* common extended attributes *****************************************/
+ if (!error && use_fork) {
+ error = attr_pack_common_extended(mp, vp, alp, &ab, relpathptr, relpathlen,
+ REALpathptr, REALpathlen, vap, return_valid, pack_invalid);
+ }
+
+ if (error) {
+ goto out;
+ }
+
+ /* diagnostic */
+ if (!return_valid && (ab.fixedcursor - ab.base) != fixedsize) {
+ panic("packed field size mismatch; allocated %ld but packed %ld for common %08x vol %08x",
+ fixedsize, (long) (ab.fixedcursor - ab.base), alp->commonattr, alp->volattr);
+ }
+ if (!return_valid && ab.varcursor != (ab.base + ab.needed)) {
+ panic("packed variable field size mismatch; used %ld but expected %ld", (long) (ab.varcursor - ab.base), ab.needed);
+ }
+
+ /*
+ * In the compatible case, we report the smaller of the required and returned sizes.
+ * If the FSOPT_REPORT_FULLSIZE option is supplied, we report the full (required) size
+ * of the result buffer, even if we copied less out. The caller knows how big a buffer
+ * they gave us, so they can always check for truncation themselves.
+ */
+ *(uint32_t *)ab.base = (options & FSOPT_REPORT_FULLSIZE) ? (uint32_t)ab.needed : (uint32_t)lmin(ab.allocated, ab.needed);
+
+ /* Return attribute set output if requested. */
+ if (return_valid) {
+ ab.actual.commonattr |= ATTR_CMN_RETURNED_ATTRS;
+ if (pack_invalid) {
+ /* Only report the attributes that are valid */
+ ab.actual.commonattr &= ab.valid.commonattr;
+ ab.actual.dirattr &= ab.valid.dirattr;
+ ab.actual.fileattr &= ab.valid.fileattr;
+ }
+ bcopy(&ab.actual, ab.base + sizeof(uint32_t), sizeof(ab.actual));
+ }
+
+ copy_size = lmin(buf_size, ab.allocated);
+
+ /* Only actually copyout as much out as the user buffer can hold */
+ if (alloc_local_buf) {
+ error = uiomove(ab.base, (int)copy_size, auio);
+ } else {
+ off_t orig_offset = uio_offset(auio);
+
+ /*
+ * The buffer in the uio struct was used directly
+ * (i.e. it was a kernel buffer and big enough
+ * to hold the data required) in order to avoid
+ * un-needed allocation and copies.
+ *
+ * At this point, update the resid value to what it
+ * would be if this was the result of a uiomove. The
+ * offset is also incremented, though it may not
+ * mean anything to the caller but that is what
+ * uiomove does as well.
+ */
+ uio_setresid(auio, buf_size - copy_size);
+ uio_setoffset(auio, orig_offset + (off_t)copy_size);
+ }
+
+out:
+ if (vname) {
+ vnode_putname(vname);
+ }
+ if (fullpathptr) {
+ zfree(ZV_NAMEI, fullpathptr);
+ }
+ if (relpathptr) {
+ zfree(ZV_NAMEI, relpathptr);
+ }
+ if (REALpathptr) {
+ zfree(ZV_NAMEI, REALpathptr);
+ }
+ if (alloc_local_buf) {
+ kheap_free(KHEAP_TEMP, ab.base, ab.allocated);
+ }
+ return error;
+}
+
+errno_t
+vfs_attr_pack_ext(mount_t mp, vnode_t vp, uio_t uio, struct attrlist *alp, uint64_t options,
+ struct vnode_attr *vap, __unused void *fndesc, vfs_context_t ctx)
+{
+ int error;
+ ssize_t fixedsize;
+ uint64_t orig_active;
+ struct attrlist orig_al;
+ enum vtype v_type;
+
+ if (vp) {
+ v_type = vnode_vtype(vp);
+ } else {
+ v_type = vap->va_objtype;
+ }
+
+ orig_al = *alp;
+ orig_active = vap->va_active;
+ vap->va_active = 0;
+
+ error = getattrlist_setupvattr_all(alp, vap, v_type, &fixedsize,
+ proc_is64bit(vfs_context_proc(ctx)), options & FSOPT_ATTR_CMN_EXTENDED);
+
+ if (error) {
+ VFS_DEBUG(ctx, vp,
+ "ATTRLIST - ERROR: setup for request failed");
+ goto out;
+ }
+
+ error = vfs_attr_pack_internal(mp, vp, uio, alp,
+ options | FSOPT_REPORT_FULLSIZE, vap, NULL, ctx, 1, v_type,
+ fixedsize);
+
+ VATTR_CLEAR_SUPPORTED_ALL(vap);
+ vap->va_active = orig_active;
+ *alp = orig_al;
+out:
+ return error;
+}
+
+errno_t
+vfs_attr_pack(vnode_t vp, uio_t uio, struct attrlist *alp, uint64_t options,
+ struct vnode_attr *vap, __unused void *fndesc, vfs_context_t ctx)
+{
+ return vfs_attr_pack_ext(NULL, vp, uio, alp, options, vap, fndesc, ctx);
+}
+
+/*
+ * Obtain attribute information about a filesystem object.
+ *
+ * Note: The alt_name parameter can be used by the caller to pass in the vnode
+ * name obtained from some authoritative source (eg. readdir vnop); where
+ * filesystems' getattr vnops do not support ATTR_CMN_NAME, the alt_name will be
+ * used as the ATTR_CMN_NAME attribute returned in vnode_attr.va_name.
+ *
+ */
+static int
+getattrlist_internal(vfs_context_t ctx, vnode_t vp, struct attrlist *alp,
+ user_addr_t attributeBuffer, size_t bufferSize, uint64_t options,
+ enum uio_seg segflg, char* authoritative_name, struct ucred *file_cred)
+{
+ struct vnode_attr *va;
+ kauth_action_t action;
+ ssize_t fixedsize;
+ char *va_name;
+ int proc_is64;
+ int error;
+ int return_valid;
+ int pack_invalid;
+ int vtype = 0;
+ uio_t auio;
+ char uio_buf[UIO_SIZEOF(1)];
+ // must be true for fork attributes to be used as new common attributes
+ const int use_fork = (options & FSOPT_ATTR_CMN_EXTENDED) != 0;
+
+ if (bufferSize < sizeof(uint32_t)) {
+ return ERANGE;
+ }
+
+ proc_is64 = proc_is64bit(vfs_context_proc(ctx));
+
+ if (segflg == UIO_USERSPACE) {
+ if (proc_is64) {
+ segflg = UIO_USERSPACE64;
+ } else {
+ segflg = UIO_USERSPACE32;
+ }
+ }
+ auio = uio_createwithbuffer(1, 0, segflg, UIO_READ,
+ &uio_buf[0], sizeof(uio_buf));
+ uio_addiov(auio, attributeBuffer, bufferSize);
+
+ va = kheap_alloc(KHEAP_TEMP, sizeof(struct vnode_attr), Z_WAITOK);
+ VATTR_INIT(va);
+ va_name = NULL;
+
+ if (alp->bitmapcount != ATTR_BIT_MAP_COUNT) {
+ error = EINVAL;
+ goto out;
+ }
+
+ VFS_DEBUG(ctx, vp, "%p ATTRLIST - %s request common %08x vol %08x file %08x dir %08x fork %08x %sfollow on '%s'",
+ vp, vfs_context_proc(ctx)->p_comm, alp->commonattr, alp->volattr, alp->fileattr, alp->dirattr, alp->forkattr,
+ (options & FSOPT_NOFOLLOW) ? "no":"", vp->v_name);
+
+#if CONFIG_MACF
+ error = mac_vnode_check_getattrlist(ctx, vp, alp);
+ if (error) {
+ goto out;
+ }
+#endif /* MAC */
+
+ /*
+ * It is legal to request volume or file attributes, but not both.
+ *
+ * 26903449 fork attributes can also be requested, but only if they're
+ * interpreted as new, common attributes
+ */
+ if (alp->volattr) {
+ if (alp->fileattr || alp->dirattr || (alp->forkattr && !use_fork)) {
+ error = EINVAL;
+ VFS_DEBUG(ctx, vp, "ATTRLIST - ERROR: mixed volume/file/directory attributes");
+ goto out;
+ }
+ /* handle volume attribute request */
+ error = getvolattrlist(ctx, vp, alp, attributeBuffer,
+ bufferSize, options, segflg, proc_is64);
+ goto out;
+ }
+
+ /*
+ * ATTR_CMN_GEN_COUNT and ATTR_CMN_DOCUMENT_ID reuse the bits
+ * originally allocated to ATTR_CMN_NAMEDATTRCOUNT and
+ * ATTR_CMN_NAMEDATTRLIST.
+ */
+ if ((alp->commonattr & (ATTR_CMN_GEN_COUNT | ATTR_CMN_DOCUMENT_ID)) &&
+ !(options & FSOPT_ATTR_CMN_EXTENDED)) {
+ error = EINVAL;
+ goto out;
+ }
+
+ /* common extended attributes require FSOPT_ATTR_CMN_EXTENDED option */
+ if (!(use_fork) && (alp->forkattr & ATTR_CMNEXT_VALIDMASK)) {
+ error = EINVAL;
+ goto out;
+ }
+
+ /* FSOPT_ATTR_CMN_EXTENDED requires forkattrs are not referenced */
+ if ((options & FSOPT_ATTR_CMN_EXTENDED) && (alp->forkattr & (ATTR_FORK_VALIDMASK))) {
+ error = EINVAL;
+ goto out;
+ }
+
+ /* Check for special packing semantics */
+ return_valid = (alp->commonattr & ATTR_CMN_RETURNED_ATTRS) ? 1 : 0;
+ pack_invalid = (options & FSOPT_PACK_INVAL_ATTRS) ? 1 : 0;
+ if (pack_invalid) {
+ /* FSOPT_PACK_INVAL_ATTRS requires ATTR_CMN_RETURNED_ATTRS */
+ if (!return_valid || (alp->forkattr && !use_fork)) {
+ error = EINVAL;
+ goto out;
+ }
+ /* Keep invalid attrs from being uninitialized */
+ bzero(va, sizeof(*va));
+ }
+
+ /* Pick up the vnode type. If the FS is bad and changes vnode types on us, we
+ * will have a valid snapshot that we can work from here.
+ */
+ vtype = vp->v_type;
+
+ /*
+ * Set up the vnode_attr structure and authorise.
+ */
+ if ((error = getattrlist_setupvattr(alp, va, &fixedsize, &action, proc_is64, (vtype == VDIR), use_fork)) != 0) {
+ VFS_DEBUG(ctx, vp, "ATTRLIST - ERROR: setup for request failed");
+ goto out;
+ }
+ if ((error = vnode_authorize(vp, NULL, action, ctx)) != 0) {
+ VFS_DEBUG(ctx, vp, "ATTRLIST - ERROR: authorisation failed/denied");
+ goto out;
+ }
+
+
+ if (va->va_active != 0) {
+ uint64_t va_active = va->va_active;
+
+ /*
+ * If we're going to ask for va_name, allocate a buffer to point it at
+ */
+ if (VATTR_IS_ACTIVE(va, va_name)) {
+ va_name = zalloc(ZV_NAMEI);
+ /*
+ * If we have an authoritative_name, prefer that name.
+ *
+ * N.B. Since authoritative_name implies this is coming from getattrlistbulk,
+ * we know the name is authoritative. For /dev/fd, we want to use the file
+ * descriptor as the name not the underlying name of the associate vnode in a
+ * particular file system.
+ */
+ if (authoritative_name) {
+ /* Don't ask the file system */
+ VATTR_CLEAR_ACTIVE(va, va_name);
+ strlcpy(va_name, authoritative_name, MAXPATHLEN);
+ }
+ }
+
+ va->va_name = authoritative_name ? NULL : va_name;
+
+ if (options & FSOPT_RETURN_REALDEV) {
+ va->va_vaflags |= VA_REALFSID;
+ }
+
+ /*
+ * Call the filesystem.
+ */
+ if ((error = vnode_getattr(vp, va, ctx)) != 0) {
+ VFS_DEBUG(ctx, vp, "ATTRLIST - ERROR: filesystem returned %d", error);
+ goto out;
+ }
+#if CONFIG_MACF
+ /*
+ * Give MAC polices a chance to reject or filter the
+ * attributes returned by the filesystem. Note that MAC
+ * policies are consulted *after* calling the filesystem
+ * because filesystems can return more attributes than
+ * were requested so policies wouldn't be authoritative
+ * is consulted beforehand. This also gives policies an
+ * opportunity to change the values of attributes
+ * retrieved.
+ */
+ error = mac_vnode_check_getattr(ctx, file_cred, vp, va);
+ if (error) {
+ VFS_DEBUG(ctx, vp, "ATTRLIST - ERROR: MAC framework returned %d", error);
+ goto out;
+ }
+#else
+ (void)file_cred;
+#endif
+
+ /*
+ * It we ask for the name, i.e., vname is non null and
+ * we have an authoritative name, then reset va_name is
+ * active and if needed set va_name is supported.
+ *
+ * A (buggy) filesystem may change fields which belong
+ * to us. We try to deal with that here as well.
+ */
+ va->va_active = va_active;
+ if (authoritative_name && va_name) {
+ VATTR_SET_ACTIVE(va, va_name);
+ if (!(VATTR_IS_SUPPORTED(va, va_name))) {
+ VATTR_SET_SUPPORTED(va, va_name);
+ }
+ }
+ va->va_name = va_name;
+ }
+
+ error = vfs_attr_pack_internal(vp->v_mount, vp, auio, alp, options, va, NULL, ctx,
+ 0, vtype, fixedsize);
+
+out:
+ if (va_name) {
+ zfree(ZV_NAMEI, va_name);
+ }
+ if (VATTR_IS_SUPPORTED(va, va_acl) && (va->va_acl != NULL)) {
+ kauth_acl_free(va->va_acl);
+ }
+ kheap_free(KHEAP_TEMP, va, sizeof(struct vnode_attr));
+
+ VFS_DEBUG(ctx, vp, "ATTRLIST - returning %d", error);
+ return error;
+}
+
+int
+fgetattrlist(proc_t p, struct fgetattrlist_args *uap, __unused int32_t *retval)
+{
+ vfs_context_t ctx;
+ vnode_t vp;
+ int error;
+ struct attrlist al;
+ struct fileproc *fp;
+
+ ctx = vfs_context_current();
+ vp = NULL;
+ fp = NULL;
+ error = 0;
+
+ if ((error = fp_get_ftype(p, uap->fd, DTYPE_VNODE, EINVAL, &fp)) != 0) {
+ return error;
+ }
+ vp = (struct vnode *)fp->fp_glob->fg_data;
+
+ if ((error = vnode_getwithref(vp)) != 0) {
+ goto out;
+ }
+
+ /*
+ * Fetch the attribute request.
+ */
+ error = copyin(uap->alist, &al, sizeof(al));
+ if (error) {
+ goto out_vnode_put;
+ }
+
+ /* Default to using the vnode's name. */
+ error = getattrlist_internal(ctx, vp, &al, uap->attributeBuffer,
+ uap->bufferSize, uap->options,
+ (IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : \
+ UIO_USERSPACE32), NULL,
+ fp->fp_glob->fg_cred);
+
+out_vnode_put:
+ vnode_put(vp);
+out:
+ fp_drop(p, uap->fd, fp, 0);
+
+ return error;
+}
+
+static int
+getattrlistat_internal(vfs_context_t ctx, user_addr_t path,
+ struct attrlist *alp, user_addr_t attributeBuffer, size_t bufferSize,
+ uint64_t options, enum uio_seg segflg, enum uio_seg pathsegflg, int fd)
+{
+ struct nameidata nd;
+ vnode_t vp;
+ int32_t nameiflags;
+ int error;
+
+ nameiflags = 0;
+ /*
+ * Look up the file.
+ */
+ if (!(options & FSOPT_NOFOLLOW)) {
+ nameiflags |= FOLLOW;
+ }
+
+ nameiflags |= AUDITVNPATH1;
+ NDINIT(&nd, LOOKUP, OP_GETATTR, nameiflags, pathsegflg,
+ path, ctx);
+
+ error = nameiat(&nd, fd);
+
+ if (error) {
+ return error;
+ }
+
+ vp = nd.ni_vp;
+
+ error = getattrlist_internal(ctx, vp, alp, attributeBuffer,
+ bufferSize, options, segflg, NULL, NOCRED);
+
+ /* Retain the namei reference until the getattrlist completes. */
+ nameidone(&nd);
+ vnode_put(vp);
+ return error;
+}
+
+int
+getattrlist(proc_t p, struct getattrlist_args *uap, __unused int32_t *retval)
+{
+ enum uio_seg segflg;
+ struct attrlist al;
+ int error;
+
+ segflg = IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32;
+
+ /*
+ * Fetch the attribute request.
+ */
+ error = copyin(uap->alist, &al, sizeof(al));
+ if (error) {
+ return error;
+ }
+
+ return getattrlistat_internal(vfs_context_current(),
+ CAST_USER_ADDR_T(uap->path), &al,
+ CAST_USER_ADDR_T(uap->attributeBuffer), uap->bufferSize,
+ (uint64_t)uap->options, segflg, segflg, AT_FDCWD);
+}
+
+int
+getattrlistat(proc_t p, struct getattrlistat_args *uap, __unused int32_t *retval)
+{
+ enum uio_seg segflg;
+ struct attrlist al;
+ int error;
+
+ segflg = IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32;
+
+ /*
+ * Fetch the attribute request.
projects / apple / xnu.git / blobdiff