akaros/kern/src/ns/chan.c
<<
>>
Prefs
   1/* Copyright © 1994-1999 Lucent Technologies Inc.  All rights reserved.
   2 * Portions Copyright © 1997-1999 Vita Nuova Limited
   3 * Portions Copyright © 2000-2007 Vita Nuova Holdings Limited
   4 *                                (www.vitanuova.com)
   5 * Revisions Copyright © 2000-2007 Lucent Technologies Inc. and others
   6 *
   7 * Modified for the Akaros operating system:
   8 * Copyright (c) 2013-2014 The Regents of the University of California
   9 * Copyright (c) 2013-2015 Google Inc.
  10 *
  11 * Permission is hereby granted, free of charge, to any person obtaining a copy
  12 * of this software and associated documentation files (the "Software"), to deal
  13 * in the Software without restriction, including without limitation the rights
  14 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  15 * copies of the Software, and to permit persons to whom the Software is
  16 * furnished to do so, subject to the following conditions:
  17 *
  18 * The above copyright notice and this permission notice shall be included in
  19 * all copies or substantial portions of the Software.
  20 *
  21 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  22 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  23 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
  24 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  25 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  26 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  27 * SOFTWARE. */
  28
  29#include <slab.h>
  30#include <kmalloc.h>
  31#include <kref.h>
  32#include <string.h>
  33#include <stdio.h>
  34#include <assert.h>
  35#include <error.h>
  36#include <cpio.h>
  37#include <pmap.h>
  38#include <smp.h>
  39#include <syscall.h>
  40
  41struct chan *kern_slash;
  42
  43char *channame(struct chan *c)
  44{       /* DEBUGGING */
  45        if (c == NULL)
  46                return "<NULL chan>";
  47        if (c->name == NULL)
  48                return "<NULL name>";
  49        if (c->name->s == NULL)
  50                return "<NULL name.s>";
  51        return c->name->s;
  52}
  53
  54enum {
  55        CNAMESLOP = 20
  56};
  57
  58struct {
  59        spinlock_t lock;
  60        int fid;
  61        struct chan *free;
  62        struct chan *list;
  63} chanalloc;
  64
  65typedef struct Elemlist Elemlist;
  66
  67struct Elemlist {
  68        char *name;             /* copy of name, so '/' can be overwritten */
  69        int ARRAY_SIZEs;
  70        char **elems;
  71        int *off;
  72        int mustbedir;
  73};
  74
  75struct walk_helper {
  76        bool can_mount;
  77        bool no_follow;
  78        unsigned int nr_loops;
  79};
  80#define WALK_MAX_NR_LOOPS 8
  81
  82static struct chan *walk_symlink(struct chan *symlink, struct walk_helper *wh,
  83                                 unsigned int nr_names_left);
  84
  85#define SEP(c) ((c) == 0 || (c) == '/')
  86void cleancname(struct cname *);
  87
  88int isdotdot(char *p)
  89{
  90        return p[0] == '.' && p[1] == '.' && p[2] == '\0';
  91}
  92
  93int emptystr(char *s)
  94{
  95        if (s == NULL)
  96                return 1;
  97        if (s[0] == '\0')
  98                return 1;
  99        return 0;
 100}
 101
 102/*
 103 * Atomically replace *p with copy of s
 104 */
 105void kstrdup(char **p, char *s)
 106{
 107        int n;
 108        char *t, *prev;
 109
 110        n = strlen(s) + 1;
 111        /* if it's a user, we can wait for memory; if not, something's very
 112         * wrong */
 113        if (current) {
 114                t = kzmalloc(n, 0);
 115        } else {
 116                t = kzmalloc(n, 0);
 117                if (t == NULL)
 118                        panic("kstrdup: no memory");
 119        }
 120        memmove(t, s, n);
 121
 122        prev = atomic_swap_ptr((void**)p, t);
 123        kfree(prev);
 124}
 125
 126static void chan_release(struct kref *kref)
 127{
 128        struct chan *c = container_of(kref, struct chan, ref);
 129        ERRSTACK(1);
 130
 131        /* We can be called from RCU callbacks, but close methods can block.  In
 132         * those cases, and any other context that cannot block, we need to
 133         * defer our work to a kernel message. */
 134        if (!can_block(this_pcpui_ptr())) {
 135                run_as_rkm(chan_release, kref);
 136                return;
 137        }
 138        /* this style discards the error from close().  picture it as
 139         * if (waserror()) { } else { close(); } chanfree_no_matter_what();  */
 140        if (!waserror()) {
 141                printd("releasing chan %p, type %d\n", c, c->type);
 142                /* -1 means there is no dev yet.  wants a noop for close() */
 143                if (c->type != -1)
 144                        devtab[c->type].close(c);
 145        }
 146        /* need to poperror regardless of whether we error'd or not */
 147        poperror();
 148        /* and chan free no matter what */
 149        chanfree(c);
 150}
 151
 152struct chan *newchan(void)
 153{
 154        struct chan *c;
 155
 156        spin_lock(&(&chanalloc)->lock);
 157        c = chanalloc.free;
 158        if (c != 0)
 159                chanalloc.free = c->next;
 160        spin_unlock(&(&chanalloc)->lock);
 161
 162        if (c == NULL) {
 163                c = kzmalloc(sizeof(struct chan), 0);
 164                spin_lock(&(&chanalloc)->lock);
 165                c->fid = ++chanalloc.fid;
 166                c->link = chanalloc.list;
 167                chanalloc.list = c;
 168                spin_unlock(&(&chanalloc)->lock);
 169                spinlock_init(&c->lock);
 170                qlock_init(&c->umqlock);
 171        }
 172
 173        /* if you get an error before associating with a dev, cclose skips
 174         * calling the dev's close */
 175        c->type = -1;
 176        c->flag = 0;
 177        kref_init(&c->ref, chan_release, 1);
 178        c->dev = 0;
 179        c->offset = 0;
 180        c->iounit = 0;
 181        c->umh = 0;
 182        c->uri = 0;
 183        c->dri = 0;
 184        c->aux = 0;
 185        c->mchan = 0;
 186        c->mcp = 0;
 187        c->mux = 0;
 188        c->mqid.path = 0;
 189        c->mqid.vers = 0;
 190        c->mqid.type = 0;
 191        c->name = 0;
 192        c->buf = NULL;
 193        c->mountpoint = NULL;
 194        return c;
 195}
 196
 197static void __cname_release(struct kref *kref)
 198{
 199        struct cname *n = container_of(kref, struct cname, ref);
 200        kfree(n->s);
 201        kfree(n);
 202}
 203
 204struct cname *newcname(char *s)
 205{
 206        struct cname *n;
 207        int i;
 208
 209        n = kzmalloc(sizeof(*n), 0);
 210        i = strlen(s);
 211        n->len = i;
 212        n->alen = i + CNAMESLOP;
 213        n->s = kzmalloc(n->alen, 0);
 214        memmove(n->s, s, i + 1);
 215        kref_init(&n->ref, __cname_release, 1);
 216        return n;
 217}
 218
 219void cnameclose(struct cname *n)
 220{
 221        if (n == NULL)
 222                return;
 223        kref_put(&n->ref);
 224}
 225
 226struct cname *addelem(struct cname *n, char *s)
 227{
 228        int i, a;
 229        char *t;
 230        struct cname *new;
 231
 232        if (s[0] == '.' && s[1] == '\0')
 233                return n;
 234
 235        if (kref_refcnt(&n->ref) > 1) {
 236                /* copy on write */
 237                new = newcname(n->s);
 238                cnameclose(n);
 239                n = new;
 240        }
 241
 242        i = strlen(s);
 243        if (n->len + 1 + i + 1 > n->alen) {
 244                a = n->len + 1 + i + 1 + CNAMESLOP;
 245                t = kzmalloc(a, 0);
 246                memmove(t, n->s, n->len + 1);
 247                kfree(n->s);
 248                n->s = t;
 249                n->alen = a;
 250        }
 251        /* don't insert extra slash if one is present */
 252        if (n->len > 0 && n->s[n->len - 1] != '/' && s[0] != '/')
 253                n->s[n->len++] = '/';
 254        memmove(n->s + n->len, s, i + 1);
 255        n->len += i;
 256        if (isdotdot(s))
 257                cleancname(n);
 258        return n;
 259}
 260
 261void chanfree(struct chan *c)
 262{
 263        c->flag = CFREE;
 264
 265        if (c->umh != NULL) {
 266                putmhead(c->umh);
 267                c->umh = NULL;
 268        }
 269        if (c->umc != NULL) {
 270                cclose(c->umc);
 271                c->umc = NULL;
 272        }
 273        if (c->mux != NULL) {
 274                //
 275                muxclose(c->mux);
 276                c->mux = NULL;
 277        }
 278        if (c->mchan != NULL) {
 279                cclose(c->mchan);
 280                c->mchan = NULL;
 281        }
 282
 283        cnameclose(c->name);
 284        if (c->buf)
 285                kfree(c->buf);
 286        c->buf = NULL;
 287        c->bufused = 0;
 288        c->ateof = 0;
 289
 290        spin_lock(&(&chanalloc)->lock);
 291        c->next = chanalloc.free;
 292        chanalloc.free = c;
 293        spin_unlock(&(&chanalloc)->lock);
 294}
 295
 296void cclose(struct chan *c)
 297{
 298        if (c == 0)
 299                return;
 300
 301        if (c->flag & CFREE)
 302                panic("double cclose %p.  maybe kfunc channame and hexdump", c);
 303
 304        kref_put(&c->ref);
 305}
 306
 307/* convenience wrapper for interposition.  if you do use this, don't forget
 308 * about the kref_get_not_zero in plan9setup() */
 309void chan_incref(struct chan *c)
 310{
 311        kref_get(&c->ref, 1);
 312}
 313
 314/*
 315 * Make sure we have the only copy of c.  (Copy on write.)
 316 */
 317struct chan *cunique(struct chan *c)
 318{
 319        struct chan *nc;
 320
 321        if (kref_refcnt(&c->ref) != 1) {
 322                nc = cclone(c);
 323                cclose(c);
 324                c = nc;
 325        }
 326
 327        return c;
 328}
 329
 330int eqqid(struct qid a, struct qid b)
 331{
 332        return a.path == b.path && a.vers == b.vers;
 333}
 334
 335int eqchan(struct chan *a, struct chan *b, int pathonly)
 336{
 337        if (a->qid.path != b->qid.path)
 338                return 0;
 339        if (!pathonly && a->qid.vers != b->qid.vers)
 340                return 0;
 341        if (a->type != b->type)
 342                return 0;
 343        if (a->dev != b->dev)
 344                return 0;
 345        return 1;
 346}
 347
 348int eqchantdqid(struct chan *a, int type, int dev, struct qid qid, int pathonly)
 349{
 350        if (a->qid.path != qid.path)
 351                return 0;
 352        if (!pathonly && a->qid.vers != qid.vers)
 353                return 0;
 354        if (a->type != type)
 355                return 0;
 356        if (a->dev != dev)
 357                return 0;
 358        return 1;
 359}
 360
 361static void mh_release(struct kref *kref)
 362{
 363        struct mhead *mh = container_of(kref, struct mhead, ref);
 364
 365        mh->mount = (struct mount *)0xCafeBeef;
 366        kfree(mh);
 367}
 368
 369struct mhead *newmhead(struct chan *from)
 370{
 371        struct mhead *mh;
 372
 373        mh = kzmalloc(sizeof(struct mhead), 0);
 374        kref_init(&mh->ref, mh_release, 1);
 375        rwinit(&mh->lock);
 376        mh->from = from;
 377        chan_incref(from);
 378
 379/*
 380        n = from->name->len;
 381        if(n >= sizeof(mh->fromname))
 382                n = sizeof(mh->fromname)-1;
 383        memmove(mh->fromname, from->name->s, n);
 384        mh->fromname[n] = 0;
 385*/
 386        return mh;
 387}
 388
 389int cmount(struct chan *new, struct chan *old, int flag, char *spec)
 390{
 391        ERRSTACK(1);
 392        struct pgrp *pg;
 393        int order, flg;
 394        struct mhead *m, **l, *mh;
 395        struct mount *nm, *f, *um, **h;
 396
 397        /* Can't bind pointing to a symlink, since it vastly complicates namec
 398         * and walk.  In particular, walk() only follows mounts on the
 399         * intermediate path elements.  Grep 'ntry - 1'.  Because of that,
 400         * walk() can end on a symlink.  Having domount() follow symlinks is a
 401         * pain: undomount. */
 402        if (new->qid.type & QTSYMLINK)
 403                error(EINVAL, "cannot bind a symlink");
 404
 405        /* Can bind anything onto a symlink's name.  Otherwise, both the old and
 406         * the new must agree on whether or not it is a directory. */
 407        if (!(old->qid.type & QTSYMLINK) &&
 408            (QTDIR & (old->qid.type ^ new->qid.type)))
 409                error(EINVAL, ERROR_FIXME);
 410
 411        if (old->umh)
 412                printd("cmount old extra umh\n");
 413
 414        order = flag & MORDER;
 415
 416        if ((old->qid.type & QTDIR) == 0 && order != MREPL)
 417                error(EINVAL, ERROR_FIXME);
 418
 419        mh = new->umh;
 420
 421        /*
 422         * Not allowed to bind when the old directory
 423         * is itself a union.  (Maybe it should be allowed, but I don't see
 424         * what the semantics would be.)
 425         *
 426         * We need to check mh->mount->next to tell unions apart from
 427         * simple mount points, so that things like
 428         *  mount -c fd /root
 429         *  bind -c /root /
 430         * work.  The check of mount->mflag catches things like
 431         *  mount fd /root
 432         *  bind -c /root /
 433         *
 434         * This is far more complicated than it should be, but I don't
 435         * see an easier way at the moment.     -rsc
 436         */
 437        if ((flag & MCREATE) && mh && mh->mount
 438                && (mh->mount->next || !(mh->mount->mflag & MCREATE)))
 439                error(EEXIST, ERROR_FIXME);
 440
 441        pg = current->pgrp;
 442        wlock(&pg->ns);
 443
 444        l = &MOUNTH(pg, old->qid);
 445        for (m = *l; m; m = m->hash) {
 446                if (eqchan(m->from, old, 1))
 447                        break;
 448                l = &m->hash;
 449        }
 450
 451        if (m == NULL) {
 452                /*
 453                 *  nothing mounted here yet.  create a mount
 454                 *  head and add to the hash table.
 455                 */
 456                m = newmhead(old);
 457                *l = m;
 458
 459                /*
 460                 *  if this is a union mount, add the old
 461                 *  node to the mount chain.
 462                 */
 463                if (order != MREPL)
 464                        m->mount = newmount(m, old, 0, 0);
 465        }
 466        wlock(&m->lock);
 467        if (waserror()) {
 468                wunlock(&m->lock);
 469                nexterror();
 470        }
 471        wunlock(&pg->ns);
 472
 473        nm = newmount(m, new, flag, spec);
 474        if (mh != NULL && mh->mount != NULL) {
 475                /*
 476                 *  copy a union when binding it onto a directory
 477                 */
 478                flg = order;
 479                if (order == MREPL)
 480                        flg = MAFTER;
 481                h = &nm->next;
 482                um = mh->mount;
 483                for (um = um->next; um; um = um->next) {
 484                        f = newmount(m, um->to, flg, um->spec);
 485                        *h = f;
 486                        h = &f->next;
 487                }
 488        }
 489
 490        if (m->mount && order == MREPL) {
 491                mountfree(m->mount);
 492                m->mount = 0;
 493        }
 494
 495        if (flag & MCREATE)
 496                nm->mflag |= MCREATE;
 497
 498        if (m->mount && order == MAFTER) {
 499                for (f = m->mount; f->next; f = f->next) ;
 500                f->next = nm;
 501        } else {
 502                for (f = nm; f->next; f = f->next) ;
 503                f->next = m->mount;
 504                m->mount = nm;
 505        }
 506
 507        wunlock(&m->lock);
 508        poperror();
 509        return nm->mountid;
 510}
 511
 512void cunmount(struct chan *mnt, struct chan *mounted)
 513{
 514        struct pgrp *pg;
 515        struct mhead *m, **l;
 516        struct mount *f, **p;
 517
 518        if (mnt->umh)   /* should not happen */
 519                printd("cunmount newp extra umh %p has %p\n", mnt, mnt->umh);
 520
 521        /*
 522         * It _can_ happen that mounted->umh is non-NULL,
 523         * because mounted is the result of namec(Aopen)
 524         * (see sysfile.c:/^sysunmount).
 525         * If we open a union directory, it will have a umh.
 526         * Although surprising, this is okay, since the
 527         * cclose will take care of freeing the umh.
 528         */
 529
 530        pg = current->pgrp;
 531        wlock(&pg->ns);
 532
 533        l = &MOUNTH(pg, mnt->qid);
 534        for (m = *l; m; m = m->hash) {
 535                if (eqchan(m->from, mnt, 1))
 536                        break;
 537                l = &m->hash;
 538        }
 539
 540        if (m == 0) {
 541                wunlock(&pg->ns);
 542                error(ENOENT, ERROR_FIXME);
 543        }
 544
 545        wlock(&m->lock);
 546        if (mounted == 0) {
 547                *l = m->hash;
 548                wunlock(&pg->ns);
 549                mountfree(m->mount);
 550                m->mount = NULL;
 551                cclose(m->from);
 552                wunlock(&m->lock);
 553                putmhead(m);
 554                return;
 555        }
 556
 557        p = &m->mount;
 558        for (f = *p; f; f = f->next) {
 559                /* BUG: Needs to be 2 pass */
 560                if (eqchan(f->to, mounted, 1) ||
 561                        (f->to->mchan && eqchan(f->to->mchan, mounted, 1))) {
 562                        *p = f->next;
 563                        f->next = 0;
 564                        mountfree(f);
 565                        if (m->mount == NULL) {
 566                                *l = m->hash;
 567                                cclose(m->from);
 568                                wunlock(&m->lock);
 569                                wunlock(&pg->ns);
 570                                putmhead(m);
 571                                return;
 572                        }
 573                        wunlock(&m->lock);
 574                        wunlock(&pg->ns);
 575                        return;
 576                }
 577                p = &f->next;
 578        }
 579        wunlock(&m->lock);
 580        wunlock(&pg->ns);
 581        error(ENOENT, ERROR_FIXME);
 582}
 583
 584struct chan *cclone(struct chan *c)
 585{
 586        struct chan *nc;
 587        struct walkqid *wq;
 588
 589        wq = devtab[c->type].walk(c, NULL, NULL, 0);
 590        if (wq == NULL)
 591                error(EFAIL, "clone failed");
 592        nc = wq->clone;
 593        kfree(wq);
 594        nc->name = c->name;
 595        if (c->name)
 596                kref_get(&c->name->ref, 1);
 597        return nc;
 598}
 599
 600/* Helper: is something mounted on the chan? */
 601static bool is_mount_point(struct chan *c)
 602{
 603        struct pgrp *pg;
 604        struct mhead *m;
 605        int type = c->type;
 606        int dev = c->dev;
 607        struct qid qid = c->qid;
 608
 609        if (!current)
 610                return false;
 611        pg = current->pgrp;
 612        rlock(&pg->ns);
 613        for (m = MOUNTH(pg, qid); m; m = m->hash) {
 614                rlock(&m->lock);
 615                if (!m->from) {
 616                        runlock(&m->lock);
 617                        continue;
 618                }
 619                if (eqchantdqid(m->from, type, dev, qid, 1)) {
 620                        runlock(&m->lock);
 621                        runlock(&pg->ns);
 622                        return true;
 623                }
 624                runlock(&m->lock);
 625        }
 626        runlock(&pg->ns);
 627        return false;
 628}
 629
 630int findmount(struct chan **cp, struct mhead **mp, int type, int dev,
 631              struct qid qid)
 632{
 633        struct pgrp *pg;
 634        struct mhead *m;
 635
 636        if (!current)
 637                return 0;
 638        pg = current->pgrp;
 639        rlock(&pg->ns);
 640        for (m = MOUNTH(pg, qid); m; m = m->hash) {
 641                rlock(&m->lock);
 642                if (m->from == NULL) {
 643                        printd("m %p m->from 0\n", m);
 644                        runlock(&m->lock);
 645                        continue;
 646                }
 647                if (eqchantdqid(m->from, type, dev, qid, 1)) {
 648                        runlock(&pg->ns);
 649                        if (mp != NULL) {
 650                                kref_get(&m->ref, 1);
 651                                if (*mp != NULL)
 652                                        putmhead(*mp);
 653                                *mp = m;
 654                        }
 655                        if (*cp != NULL)
 656                                cclose(*cp);
 657                        chan_incref(m->mount->to);
 658                        *cp = m->mount->to;
 659                        runlock(&m->lock);
 660                        return 1;
 661                }
 662                runlock(&m->lock);
 663        }
 664
 665        runlock(&pg->ns);
 666        return 0;
 667}
 668
 669int domount(struct chan **cp, struct mhead **mp)
 670{
 671        return findmount(cp, mp, (*cp)->type, (*cp)->dev, (*cp)->qid);
 672}
 673
 674struct chan *undomount(struct chan *c, struct cname *name)
 675{
 676        ERRSTACK(1);
 677        struct chan *nc;
 678        struct pgrp *pg;
 679        struct mount *t;
 680        struct mhead **h, **he, *f;
 681
 682        if (!current)
 683                return c;
 684        pg = current->pgrp;
 685        rlock(&pg->ns);
 686        if (waserror()) {
 687                runlock(&pg->ns);
 688                nexterror();
 689        }
 690
 691        he = &pg->mnthash[MNTHASH];
 692        for (h = pg->mnthash; h < he; h++) {
 693                for (f = *h; f; f = f->hash) {
 694                        if (strcmp(f->from->name->s, name->s) != 0)
 695                                continue;
 696                        for (t = f->mount; t; t = t->next) {
 697                                if (eqchan(c, t->to, 1)) {
 698                                        /*
 699                                         * We want to come out on the left hand
 700                                         * side of the mount point using the
 701                                         * element of the union that we entered
 702                                         * on.  To do this, find the element
 703                                         * that has a from name of c->name->s.
 704                                         */
 705                                        if (strcmp(t->head->from->name->s,
 706                                                   name->s) != 0)
 707                                                continue;
 708                                        nc = t->head->from;
 709                                        chan_incref(nc);
 710                                        cclose(c);
 711                                        c = nc;
 712                                        break;
 713                                }
 714                        }
 715                }
 716        }
 717        poperror();
 718        runlock(&pg->ns);
 719        return c;
 720}
 721
 722/*
 723 * Either walks all the way or not at all.  No partial results in *cp.
 724 * *nerror is the number of names to display in an error message.
 725 */
 726int walk(struct chan **cp, char **names, int nnames, struct walk_helper *wh,
 727         int *nerror)
 728{
 729        int dev, dotdot, i, n, nhave, ntry, type;
 730        struct chan *c, *nc, *lastmountpoint = NULL;
 731        struct cname *cname;
 732        struct mount *f;
 733        struct mhead *mh, *nmh;
 734        struct walkqid *wq;
 735
 736        c = *cp;
 737        chan_incref(c);
 738        cname = c->name;
 739        kref_get(&cname->ref, 1);
 740        mh = NULL;
 741
 742        /*
 743         * While we haven't gotten all the way down the path:
 744         *    1. step through a mount point, if any
 745         *    2. send a walk request for initial dotdot or initial prefix
 746         *    without dotdot
 747         *    3. move to the first mountpoint along the way.
 748         *    4. repeat.
 749         *
 750         * An invariant is that each time through the loop, c is on the
 751         * undomount side of the mount point, and c's name is cname.
 752         */
 753        for (nhave = 0; nhave < nnames; nhave += n) {
 754                /* We only allow symlink when they are first and it's .. (see
 755                 * below) */
 756                if ((c->qid.type & (QTDIR | QTSYMLINK)) == 0) {
 757                        if (nerror)
 758                                *nerror = nhave;
 759                        cnameclose(cname);
 760                        cclose(c);
 761                        set_error(ENOTDIR, ERROR_FIXME);
 762                        if (mh != NULL)
 763                                putmhead(mh);
 764                        return -1;
 765                }
 766                ntry = nnames - nhave;
 767                if (ntry > MAXWELEM)
 768                        ntry = MAXWELEM;
 769                dotdot = 0;
 770                for (i = 0; i < ntry; i++) {
 771                        if (isdotdot(names[nhave + i])) {
 772                                if (i == 0) {
 773                                        dotdot = 1;
 774                                        ntry = 1;
 775                                } else
 776                                        ntry = i;
 777                                break;
 778                        }
 779                }
 780
 781                if (!dotdot && wh->can_mount)
 782                        domount(&c, &mh);
 783                /* Bug - the only time we walk from a symlink should be during
 784                 * walk_symlink, which should have given us a dotdot. */
 785                if ((c->qid.type & QTSYMLINK) && !dotdot)
 786                        panic("Got a walk from a symlink that wasn't ..!");
 787
 788                type = c->type;
 789                dev = c->dev;
 790
 791                if ((wq = devtab[type].walk(c, NULL, names + nhave, ntry)) ==
 792                    NULL) {
 793                        /* try a union mount, if any */
 794                        if (mh && wh->can_mount) {
 795                                /*
 796                                 * mh->mount == c, so start at mh->mount->next
 797                                 */
 798                                rlock(&mh->lock);
 799                                for (f = mh->mount->next; f; f = f->next)
 800                                        if ((wq =
 801                                             devtab[f->to->type].walk(f->to,
 802                                                                      NULL,
 803                                                                      names +
 804                                                                      nhave,
 805                                                                      ntry)) !=
 806                                            NULL)
 807                                                break;
 808                                runlock(&mh->lock);
 809                                if (f != NULL) {
 810                                        type = f->to->type;
 811                                        dev = f->to->dev;
 812                                }
 813                        }
 814                        if (wq == NULL) {
 815                                cclose(c);
 816                                cnameclose(cname);
 817                                if (nerror)
 818                                        *nerror = nhave + 1;
 819                                if (mh != NULL)
 820                                        putmhead(mh);
 821                                return -1;
 822                        }
 823                }
 824
 825                nmh = NULL;
 826                if (dotdot) {
 827                        assert(wq->nqid == 1);
 828                        assert(wq->clone != NULL);
 829
 830                        cname = addelem(cname, "..");
 831                        nc = undomount(wq->clone, cname);
 832                        n = 1;
 833                } else {
 834                        nc = NULL;
 835                        if (wh->can_mount)
 836                                for (i = 0; i < wq->nqid && i < ntry - 1; i++)
 837                                        if (findmount(&nc, &nmh, type, dev,
 838                                                      wq->qid[i]))
 839                                                break;
 840                        if (nc == NULL) {       /* no mount points along path */
 841                                if (wq->clone == NULL) {
 842                                        cclose(c);
 843                                        cnameclose(cname);
 844                                        if (wq->nqid == 0 ||
 845                                            (wq->qid[wq->nqid - 1].type &
 846                                             QTDIR)) {
 847                                                if (nerror)
 848                                                        *nerror = nhave +
 849                                                                wq->nqid + 1;
 850                                                set_error(ENOENT,
 851                                                          "walk failed");
 852                                        } else {
 853                                                if (nerror)
 854                                                        *nerror = nhave +
 855                                                                wq->nqid;
 856                                                set_error(ENOTDIR,
 857                                                          "walk failed");
 858                                        }
 859                                        kfree(wq);
 860                                        if (mh != NULL)
 861                                                putmhead(mh);
 862                                        return -1;
 863                                }
 864                                n = wq->nqid;
 865                                nc = wq->clone;
 866                        } else {        /* stopped early, at a mount point */
 867                                if (wq->clone != NULL) {
 868                                        cclose(wq->clone);
 869                                        wq->clone = NULL;
 870                                }
 871                                lastmountpoint = nc;
 872                                n = i + 1;
 873                        }
 874                        if (nc->qid.type & QTSYMLINK) {
 875                                struct chan *old_nc = nc;
 876
 877                                nc = walk_symlink(old_nc, wh,
 878                                                  nnames - nhave - n);
 879                                if (!nc) {
 880                                        /* walk_symlink() set error.
 881                                         * This seems to be the standard
 882                                         * walk() error-cleanup. */
 883                                        if (nerror)
 884                                                *nerror = nhave + n;
 885                                        cclose(c);
 886                                        cclose(old_nc);
 887                                        cnameclose(cname);
 888                                        kfree(wq);
 889                                        if (mh != NULL)
 890                                                putmhead(mh);
 891                                        return -1;
 892                                }
 893                        }
 894                        for (i = 0; i < n; i++)
 895                                cname = addelem(cname, names[nhave + i]);
 896                }
 897                cclose(c);
 898                c = nc;
 899                putmhead(mh);
 900                mh = nmh;
 901                kfree(wq);
 902        }
 903
 904        putmhead(mh);
 905
 906        c = cunique(c);
 907
 908        if (c->umh != NULL) {   //BUG
 909                printd("walk umh\n");
 910                putmhead(c->umh);
 911                c->umh = NULL;
 912        }
 913
 914        cnameclose(c->name);
 915        c->name = cname;
 916        c->mountpoint = lastmountpoint;
 917
 918        cclose(*cp);
 919        *cp = c;
 920        if (nerror)
 921                *nerror = 0;
 922        return 0;
 923}
 924
 925/*
 926 * c is a mounted non-creatable directory.  find a creatable one.
 927 */
 928struct chan *createdir(struct chan *c, struct mhead *m)
 929{
 930        ERRSTACK(1);
 931        struct chan *nc;
 932        struct mount *f;
 933
 934        rlock(&m->lock);
 935        if (waserror()) {
 936                runlock(&m->lock);
 937                nexterror();
 938        }
 939        for (f = m->mount; f; f = f->next) {
 940                if (f->mflag & MCREATE) {
 941                        nc = cclone(f->to);
 942                        runlock(&m->lock);
 943                        poperror();
 944                        cclose(c);
 945                        return nc;
 946                }
 947        }
 948        error(EPERM, ERROR_FIXME);
 949        poperror();
 950        return 0;
 951}
 952
 953/*
 954 * In place, rewrite name to compress multiple /, eliminate ., and process ..
 955 */
 956void cleancname(struct cname *n)
 957{
 958        char *p;
 959
 960        if (n->s[0] == '#') {
 961                p = strchr(n->s, '/');
 962                if (p == NULL)
 963                        return;
 964                cleanname(p);
 965
 966                /*
 967                 * The correct name is #i rather than #i/,
 968                 * but the correct name of #/ is #/.
 969                 */
 970                if (strcmp(p, "/") == 0 && n->s[1] != '/')
 971                        *p = '\0';
 972        } else
 973                cleanname(n->s);
 974        n->len = strlen(n->s);
 975}
 976
 977static void growparse(Elemlist * e)
 978{
 979        char **new;
 980        int *inew;
 981        enum { Delta = 8 };
 982
 983        if (e->ARRAY_SIZEs % Delta == 0) {
 984                new = kzmalloc((e->ARRAY_SIZEs + Delta) * sizeof(char *), 0);
 985                memmove(new, e->elems, e->ARRAY_SIZEs * sizeof(char *));
 986                kfree(e->elems);
 987                e->elems = new;
 988                inew = kzmalloc((e->ARRAY_SIZEs + Delta + 1) * sizeof(int), 0);
 989                memmove(inew, e->off, e->ARRAY_SIZEs * sizeof(int));
 990                kfree(e->off);
 991                e->off = inew;
 992        }
 993}
 994
 995/*
 996 * The name is known to be valid.
 997 * Copy the name so slashes can be overwritten.
 998 * An empty string will set ARRAY_SIZE=0.
 999 * A path ending in / or /. or /.//./ etc. will have
1000 * e.mustbedir = 1, so that we correctly
1001 * reject, e.g., "/adm/users/." when /adm/users is a file
1002 * rather than a directory.
1003 */
1004static void parsename(char *name, Elemlist * e)
1005{
1006        char *slash;
1007
1008        kstrdup(&e->name, name);
1009        name = e->name;
1010        e->ARRAY_SIZEs = 0;
1011        e->elems = NULL;
1012        e->off = kzmalloc(sizeof(int), 0);
1013        e->off[0] = skipslash(name) - name;
1014        for (;;) {
1015                name = skipslash(name);
1016                if (*name == '\0') {
1017                        e->mustbedir = 1;
1018                        break;
1019                }
1020                growparse(e);
1021
1022                e->elems[e->ARRAY_SIZEs++] = name;
1023                /* we may want to do this again some day
1024                   slash = utfrune(name, '/');
1025                 */
1026                slash = strchr(name, '/');
1027                if (slash == NULL) {
1028                        e->off[e->ARRAY_SIZEs] = name + strlen(name) - e->name;
1029                        e->mustbedir = 0;
1030                        break;
1031                }
1032                e->off[e->ARRAY_SIZEs] = slash - e->name;
1033                *slash++ = '\0';
1034                name = slash;
1035        }
1036}
1037
1038void *memrchr(void *va, int c, long n)
1039{
1040        uint8_t *a, *e;
1041
1042        a = va;
1043        for (e = a + n - 1; e > a; e--)
1044                if (*e == c)
1045                        return e;
1046        return NULL;
1047}
1048
1049/*
1050 * Turn a name into a channel.
1051 * &name[0] is known to be a valid address.  It may be a kernel address.
1052 *
1053 * Opening with amode Aopen, Acreate, or Aremove guarantees
1054 * that the result will be the only reference to that particular fid.
1055 * This is necessary since we might pass the result to
1056 * devtab[].remove().
1057 *
1058 * Opening Atodir, Amount, or Aaccess does not guarantee this.
1059 *
1060 * Opening Aaccess can, under certain conditions, return a
1061 * correct Chan* but with an incorrect struct cname attached.
1062 * Since the functions that open Aaccess (sysstat, syswstat, sys_stat)
1063 * do not use the struct cname*, this avoids an unnecessary clone.
1064 *
1065 * The classic namec() is broken into a front end to get the starting point and
1066 * a __namec_from, which does the guts of the lookup.  */
1067static struct chan *__namec_from(struct chan *c, char *aname, int amode,
1068                                 int omode, uint32_t perm,
1069                                 struct walk_helper *wh, void *ext)
1070{
1071        ERRSTACK(2);
1072        int len, npath;
1073        struct chan *cnew, *renamee;
1074        struct cname *cname;
1075        Elemlist e;
1076        struct mhead *m;
1077        char tmperrbuf[ERRMAX];
1078        int saved_errno;
1079        // Rune r;
1080
1081        static_assert(!(CINTERNAL_FLAGS & CEXTERNAL_FLAGS));
1082
1083        e.name = NULL;
1084        e.elems = NULL;
1085        e.off = NULL;
1086        e.ARRAY_SIZEs = 0;
1087        if (waserror()) {
1088                cclose(c);
1089                kfree(e.name);
1090                kfree(e.elems);
1091                kfree(e.off);
1092                //dumpmount();
1093                nexterror();
1094        }
1095
1096        /*
1097         * Build a list of elements in the path.
1098         */
1099        parsename(aname, &e);
1100
1101        if (e.mustbedir)
1102                omode &= ~O_NOFOLLOW;
1103
1104        switch (amode) {
1105        case Acreate:
1106                /* perm must have DMDIR if last element is / or /. */
1107                if (e.mustbedir && !(perm & DMDIR)) {
1108                        npath = e.ARRAY_SIZEs;
1109                        error(EINVAL, "create without DMDIR");
1110                }
1111                /* don't try to walk the last path element just yet. */
1112                if (e.ARRAY_SIZEs == 0)
1113                        error(EEXIST, ERROR_FIXME);
1114                e.ARRAY_SIZEs--;
1115                /* We're dropping the last element, which O_NOFOLLOW applied to.
1116                 * Not sure if there are any legit reasons to have O_NOFOLLOW
1117                 * with create.*/
1118                omode &= ~O_NOFOLLOW;
1119                break;
1120        case Arename:
1121                if (e.ARRAY_SIZEs == 0)
1122                        error(EINVAL, "rename needs at least one name");
1123                e.ARRAY_SIZEs--;
1124                omode &= ~O_NOFOLLOW;
1125                break;
1126        /* the difference for stat and lstat (Aaccess) are handled in sysfile.c
1127         */
1128        case Abind:
1129        case Amount:
1130        case Aremove:
1131                omode |= O_NOFOLLOW;
1132                break;
1133        }
1134
1135        if (omode & O_NOFOLLOW)
1136                wh->no_follow = true;
1137
1138        if (walk(&c, e.elems, e.ARRAY_SIZEs, wh, &npath) < 0) {
1139                if (npath < 0 || npath > e.ARRAY_SIZEs) {
1140                        printd("namec %s walk error npath=%d\n", aname, npath);
1141                        error(EFAIL, "walk failed");
1142                }
1143                /* Old plan 9 errors would jump here for the magic error
1144                 * parsing. */
1145NameError:
1146                if (current_errstr()[0]) {
1147                        /* errstr is set, just stick with it and error out */
1148                        error_jmp();
1149                } else {
1150                        error(EFAIL, "Name to chan lookup failed");
1151                }
1152                /* brho: skipping the namec custom error string business, since
1153                 * it hides the underlying failure.  implement this if you want
1154                 * the old stuff. */
1155#if 0
1156                strlcpy(tmperrbuf, current->errstr, sizeof(tmperrbuf));
1157                // prefix was name - aname, the start pt
1158                len = prefix + e.off[npath];
1159                if (len < ERRMAX / 3 || (name = memrchr(aname, '/', len)) ==
1160                    NULL || name == aname)
1161                        snprintf(get_cur_genbuf(), sizeof current->genbuf,
1162                                 "%.*s", len, aname);
1163                else
1164                        snprintf(get_cur_genbuf(), sizeof current->genbuf,
1165                                 "...%.*s", (int)(len - (name - aname)), name);
1166                snprintf(current->errstr, ERRMAX, "%#q %s", get_cur_genbuf(),
1167                                 tmperrbuf);
1168#endif
1169        }
1170
1171        if (e.mustbedir && !(c->qid.type & QTDIR)) {
1172                npath = e.ARRAY_SIZEs;
1173                error(ENOTDIR, "not a dir, but mustbedir.  trailing slash?");
1174        }
1175
1176        if ((amode == Aopen) && (omode & O_EXEC) && (c->qid.type & QTDIR)) {
1177                npath = e.ARRAY_SIZEs;
1178                error(EFAIL, "cannot exec directory");
1179        }
1180
1181        switch (amode) {
1182        case Aaccess:
1183                if (wh->can_mount)
1184                        domount(&c, NULL);
1185                break;
1186
1187        case Abind:
1188                m = NULL;
1189                if (wh->can_mount)
1190                        domount(&c, &m);
1191                if (c->umh != NULL)
1192                        putmhead(c->umh);
1193                c->umh = m;
1194                break;
1195
1196        case Aremove:
1197        case Aopen:
1198Open:
1199                /* save the name; domount might change c */
1200                cname = c->name;
1201                kref_get(&cname->ref, 1);
1202                m = NULL;
1203                if (wh->can_mount)
1204                        domount(&c, &m);
1205
1206                /* our own copy to open or remove */
1207                c = cunique(c);
1208
1209                /* now it's our copy anyway, we can put the name back */
1210                cnameclose(c->name);
1211                c->name = cname;
1212
1213                switch (amode) {
1214                case Aremove:
1215                        putmhead(m);
1216                        break;
1217
1218                case Aopen:
1219                case Acreate:
1220                        if (c->umh != NULL) {
1221                                printd("cunique umh\n");
1222                                putmhead(c->umh);
1223                                c->umh = NULL;
1224                        }
1225
1226                        /* only save the mount head if it's a multiple element
1227                         * union */
1228                        if (m && m->mount && m->mount->next)
1229                                c->umh = m;
1230                        else
1231                                putmhead(m);
1232                        /* here is where convert omode/vfs flags to c->flags.
1233                         * careful, O_CLOEXEC and O_REMCLO are in there.  might
1234                         * need to change that. */
1235                        c->flag |= omode & CEXTERNAL_FLAGS;
1236                        c = devtab[c->type].open(c,
1237                                                 omode & ~O_CLOEXEC);
1238                        /* if you get this from a dev, in the dev's open, you
1239                         * are probably saving mode directly, without passing it
1240                         * through openmode. */
1241                        if (c->mode & O_TRUNC)
1242                                error(EFAIL,
1243                                      "Device %s open failed to clear O_TRUNC",
1244                                      devtab[c->type].name);
1245                        break;
1246                }
1247                break;
1248
1249        case Atodir:
1250                /*
1251                 * Directories (e.g. for cd) are left before the mount point,
1252                 * so one may mount on / or . and see the effect.
1253                 */
1254                if (!(c->qid.type & QTDIR))
1255                        error(ENOTDIR, ERROR_FIXME);
1256                break;
1257
1258        case Amount:
1259                /*
1260                 * When mounting on an already mounted upon directory,
1261                 * one wants subsequent mounts to be attached to the
1262                 * original directory, not the replacement.  Don't domount.
1263                 */
1264                break;
1265
1266        case Arename:
1267                /* We already walked to the parent of new_path, which is in c.
1268                 * We're a lot like create here - need to find mounts, etc.  On
1269                 * the way out, we putmhead if we have an m, and clean up our
1270                 * chans.  On success, c becomes cnew (thus close the old c).
1271                 * On failure, we just close cnew. */
1272                if (!(c->qid.type & QTDIR))
1273                        error(ENOTDIR, "rename target parent is not a dir");
1274                e.ARRAY_SIZEs++;
1275                m = NULL;
1276                cnew = NULL;
1277                if (waserror()) {
1278                        /* rename or createdir failed */
1279                        cclose(cnew);
1280                        if (m)
1281                                putmhead(m);
1282                        nexterror();    /* safe since we're in a waserror() */
1283                }
1284                if (wh->can_mount && findmount(&cnew, &m, c->type, c->dev,
1285                                               c->qid)) {
1286                        cnew = createdir(cnew, m);
1287                } else {
1288                        cnew = c;
1289                        chan_incref(cnew);
1290                }
1291                cnew = cunique(cnew);
1292                cnameclose(cnew->name);
1293                cnew->name = c->name;
1294                kref_get(&cnew->name->ref, 1);
1295                /* At this point, we have our new_path parent chan (cnew) and
1296                 * the renamee chan */
1297                renamee = ext;
1298                if (cnew->type != renamee->type)
1299                        error(EXDEV, "can't rename across device types");
1300
1301                devtab[cnew->type].rename(renamee, cnew,
1302                                          e.elems[e.ARRAY_SIZEs - 1], 0);
1303                poperror();
1304
1305                if (m)
1306                        putmhead(m);
1307                cclose(c);
1308                c = cnew;
1309                c->name = addelem(c->name, e.elems[e.ARRAY_SIZEs - 1]);
1310                break;
1311
1312        case Acreate:
1313                /*
1314                 * We've already walked all but the last element.
1315                 * If the last exists, try to open it OTRUNC.
1316                 * If omode&OEXCL is set, just give up.
1317                 */
1318                e.ARRAY_SIZEs++;
1319                if (walk(&c, e.elems + e.ARRAY_SIZEs - 1, 1, wh, NULL) == 0) {
1320                        if (omode & O_EXCL)
1321                                error(EEXIST, ERROR_FIXME);
1322                        omode |= O_TRUNC;
1323                        goto Open;
1324                }
1325
1326                /*
1327                 * The semantics of the create(2) system call are that if the
1328                 * file exists and can be written, it is to be opened with
1329                 * truncation.  On the other hand, the create(5) message fails
1330                 * if the file exists.
1331                 *
1332                 * If we get two create(2) calls happening simultaneously, they
1333                 * might both get here and send create(5) messages, but only one
1334                 * of the messages will succeed.  To provide the expected
1335                 * create(2) semantics, the call with the failed message needs
1336                 * to try the above walk again, opening for truncation.  This
1337                 * correctly solves the create/create race, in the sense that
1338                 * any observable outcome can be explained as one happening
1339                 * before the other.  The create/create race is quite common.
1340                 * For example, it happens when two rc subshells simultaneously
1341                 * update the same environment variable.
1342                 *
1343                 * The implementation still admits a create/create/remove race:
1344                 * (A) walk to file, fails
1345                 * (B) walk to file, fails
1346                 * (A) create file, succeeds, returns
1347                 * (B) create file, fails
1348                 * (A) remove file, succeeds, returns
1349                 * (B) walk to file, return failure.
1350                 *
1351                 * This is hardly as common as the create/create race, and is
1352                 * really not too much worse than what might happen if (B) got a
1353                 * hold of a file descriptor and then the file was removed --
1354                 * either way (B) can't do anything with the result of the
1355                 * create call.  So we don't care about this race.
1356                 *
1357                 * Applications that care about more fine-grained decision of
1358                 * the races can use the OEXCL flag to get at the underlying
1359                 * create(5) semantics; by default we provide the common case.
1360                 *
1361                 * We need to stay behind the mount point in case we
1362                 * need to do the first walk again (should the create fail).
1363                 *
1364                 * We also need to cross the mount point and find the directory
1365                 * in the union in which we should be creating.
1366                 *
1367                 * The channel staying behind is c, the one moving forward is
1368                 * cnew.
1369                 */
1370                m = NULL;
1371                cnew = NULL;    /* is this assignment necessary? */
1372                /* discard error */
1373                if (!waserror()) {      /* try create */
1374                        if (wh->can_mount &&
1375                            findmount(&cnew, &m, c->type, c->dev, c->qid))
1376                                cnew = createdir(cnew, m);
1377                        else {
1378                                cnew = c;
1379                                chan_incref(cnew);
1380                        }
1381
1382                        /*
1383                         * We need our own copy of the Chan because we're about
1384                         * to send a create, which will move it.  Once we have
1385                         * our own copy, we can fix the name, which might be
1386                         * wrong if findmount gave us a new Chan.
1387                         */
1388                        cnew = cunique(cnew);
1389                        cnameclose(cnew->name);
1390                        cnew->name = c->name;
1391                        kref_get(&cnew->name->ref, 1);
1392
1393                        cnew->flag |= omode & CEXTERNAL_FLAGS;
1394                        devtab[cnew->type].create(cnew,
1395                                                  e.elems[e.ARRAY_SIZEs - 1],
1396                                                  omode & ~(O_EXCL | O_CLOEXEC),
1397                                                  perm, ext);
1398                        poperror();
1399
1400                        if (m)
1401                                putmhead(m);
1402                        cclose(c);
1403                        c = cnew;
1404                        c->name = addelem(c->name, e.elems[e.ARRAY_SIZEs - 1]);
1405                        break;
1406                }
1407
1408                /* create failed */
1409                cclose(cnew);
1410                if (m)
1411                        putmhead(m);
1412                if (omode & O_EXCL)
1413                        nexterror();    /* safe since we're in a waserror() */
1414                poperror();     /* matching the if(!waserror) */
1415
1416                /* save error, so walk doesn't clobber our existing errstr */
1417                strlcpy(tmperrbuf, current_errstr(), sizeof(tmperrbuf));
1418                saved_errno = get_errno();
1419                /* note: we depend that walk does not error */
1420                if (walk(&c, e.elems + e.ARRAY_SIZEs - 1, 1, wh, NULL) < 0) {
1421                        set_errno(saved_errno);
1422                        /* Report the error we had originally */
1423                        error(EFAIL, tmperrbuf);
1424                }
1425                strlcpy(current_errstr(), tmperrbuf, MAX_ERRSTR_LEN);
1426                omode |= O_TRUNC;
1427                goto Open;
1428
1429        default:
1430                panic("unknown namec access %d\n", amode);
1431        }
1432
1433        poperror();
1434
1435        if (e.ARRAY_SIZEs > 0)
1436                strlcpy(get_cur_genbuf(), e.elems[e.ARRAY_SIZEs - 1],
1437                        GENBUF_SZ);
1438        else
1439                strlcpy(get_cur_genbuf(), ".", GENBUF_SZ);
1440
1441        kfree(e.name);
1442        kfree(e.elems);
1443        kfree(e.off);
1444
1445        return c;
1446}
1447
1448struct chan *namec(char *name, int amode, int omode, uint32_t perm, void *ext)
1449{
1450        struct walk_helper wh = {.can_mount = true};
1451        struct chan *c;
1452        char *devname, *devspec;
1453        int n, devtype;
1454
1455        if (name[0] == '\0')
1456                error(EFAIL, "empty file name");
1457        validname(name, 1);
1458        /*
1459         * Find the starting off point (the current slash, the root of
1460         * a device tree, or the current dot) as well as the name to
1461         * evaluate starting there.
1462         */
1463        switch (name[0]) {
1464        case '/':
1465                if (current)
1466                        c = current->slash;
1467                else
1468                        c = kern_slash;
1469                chan_incref(c);
1470                break;
1471
1472        case '#':
1473                wh.can_mount = false;
1474                devname = get_cur_genbuf();
1475                devname[0] = '\0';
1476                n = 0;
1477                name++; /* drop the # */
1478                while ((*name != '\0') && (*name != '/')) {
1479                        if (n >= GENBUF_SZ - 1)
1480                                error(ENAMETOOLONG, ERROR_FIXME);
1481                        devname[n++] = *name++;
1482                }
1483                devname[n] = '\0';
1484                /* for a name #foo.spec, devname = foo\0, devspec = spec\0.
1485                 * genbuf contains foo\0spec\0.  for no spec, devspec = \0 */
1486                devspec = strchr(devname, '.');
1487                if (devspec) {
1488                        *devspec = '\0';
1489                        devspec++;
1490                } else {
1491                        devspec = &devname[n];
1492                }
1493                /* These devices have special attach functions that treat the
1494                 * char * as a blob pointer */
1495                if (!strcmp(devname, "mnt"))
1496                        error(EINVAL, "can't namec-attach #mnt");
1497                if (!strcmp(devname, "gtfs"))
1498                        error(EINVAL, "can't namec-attach #gtfs");
1499                /* TODO: deal with this "nodevs" business. */
1500                #if 0
1501                /*
1502                 *  the nodevs exceptions are
1503                 *  |  it only gives access to pipes you create
1504                 *  e  this process's environment
1505                 *  s  private file2chan creation space
1506                 *  D private secure sockets name space
1507                 *  a private TLS name space
1508                 */
1509                if (current->pgrp->nodevs &&
1510                        //          (utfrune("|esDa", r) == NULL
1511                        ((strchr("|esDa", get_cur_genbuf()[1]) == NULL)
1512                         || (get_cur_genbuf()[1] == 's' // || r == 's'
1513                                 && get_cur_genbuf()[n] != '\0')))
1514                        error(EINVAL, ERROR_FIXME);
1515                #endif
1516                devtype = devno(devname, 1);
1517                if (devtype == -1)
1518                        error(EFAIL, "Unknown #device %s (spec %s)", devname,
1519                              devspec);
1520                c = devtab[devtype].attach(devspec);
1521                break;
1522        default:
1523                /* this case also covers \0 */
1524                c = current->dot;
1525                if (!c)
1526                        panic("no dot!");
1527                chan_incref(c);
1528                break;
1529        }
1530        return __namec_from(c, name, amode, omode, perm, &wh, ext);
1531}
1532
1533struct chan *namec_from(struct chan *c, char *name, int amode, int omode,
1534                        uint32_t perm, void *ext)
1535{
1536        struct walk_helper wh = {.can_mount = true};
1537
1538        if (name[0] == '\0') {
1539                /* Our responsibility to cclose 'c' on our error */
1540                cclose(c);
1541                error(EFAIL, "empty file name");
1542        }
1543        validname(name, 1);
1544        return __namec_from(c, name, amode, omode, perm, &wh, ext);
1545}
1546
1547/*
1548 * name is valid. skip leading / and ./ as much as possible
1549 */
1550char *skipslash(char *name)
1551{
1552        while (name[0] == '/'
1553                   || (name[0] == '.' && (name[1] == 0 || name[1] == '/')))
1554                name++;
1555        return name;
1556}
1557
1558char isfrog[256] = {
1559         /*NUL*/ 1, 1, 1, 1, 1, 1, 1, 1,
1560         /*BKS*/ 1, 1, 1, 1, 1, 1, 1, 1,
1561         /*DLE*/ 1, 1, 1, 1, 1, 1, 1, 1,
1562         /*CAN*/ 1, 1, 1, 1, 1, 1, 1, 1,
1563        ['/'] 1,
1564        [0x7f] 1,
1565};
1566
1567/*
1568 * Check that the name
1569 *  a) is in valid memory.
1570 *  b) is shorter than 2^16 bytes, so it can fit in a 9P string field.
1571 *  c) contains no frogs.
1572 * The first byte is known to be addressible by the requester, so the
1573 * routine works for kernel and user memory both.
1574 * The parameter slashok flags whether a slash character is an error
1575 * or a valid character.
1576 */
1577void validname(char *aname, int slashok)
1578{
1579        char *ename, *name;
1580        int c;
1581
1582        name = aname;
1583        ename = memchr(name, 0, (1 << 16));
1584
1585        if (ename == NULL || ename - name >= (1 << 16))
1586                error(EINVAL, "Name too long");
1587
1588        while (*name) {
1589                /* all characters above '~' are ok */
1590                c = *(uint8_t *) name;
1591#if 0
1592                if (c >= Runeself)
1593                        name += chartorune(&r, name);
1594#endif
1595                if (c >= 0x7f) {
1596                        error(EFAIL, "Akaros doesn't do UTF-8");
1597                } else {
1598                        if (isfrog[c])
1599                                if (!slashok || c != '/') {
1600                                        error(EINVAL, "%s (%p), at char %c",
1601                                              aname, aname, c);
1602                                }
1603                        name++;
1604                }
1605        }
1606}
1607
1608void isdir(struct chan *c)
1609{
1610        if (c->qid.type & QTDIR)
1611                return;
1612        error(ENOTDIR, ERROR_FIXME);
1613}
1614
1615/*
1616 * This is necessary because there are many
1617 * pointers to the top of a given mount list:
1618 *
1619 *      - the mhead in the namespace hash table
1620 *      - the mhead in chans returned from findmount:
1621 *        used in namec and then by unionread.
1622 *      - the mhead in chans returned from createdir:
1623 *        used in the open/create race protect, which is gone.
1624 *
1625 * The RWlock in the Mhead protects the mount list it contains.
1626 * The mount list is deleted when we cunmount.
1627 * The RWlock ensures that nothing is using the mount list at that time.
1628 *
1629 * It is okay to replace c->mh with whatever you want as
1630 * long as you are sure you have a unique reference to it.
1631 *
1632 * This comment might belong somewhere else.
1633 */
1634void putmhead(struct mhead *m)
1635{
1636        if (m)
1637                kref_put(&m->ref);
1638}
1639
1640/* Given s, make a copy of a string with padding bytes in front.  Returns a
1641 * pointer to the start of the string and the memory to free in str_store.
1642 *
1643 * Free str_store with kfree. */
1644static char *pad_and_strdup(char *s, int padding, char **str_store)
1645{
1646        char *store = kzmalloc(strlen(s) + 1 + padding, MEM_WAIT);
1647
1648        strlcpy(store + padding, s, strlen(s) + 1);
1649        *str_store = store;
1650        return store + padding;
1651}
1652
1653/* Walks a symlink c.  Returns the target chan, which could be the symlink
1654 * itself, if we're NO_FOLLOW.  On success, we'll decref the symlink and give
1655 * you a ref counted result.
1656 *
1657 * Returns NULL on error, and does not close the symlink.  Like regular walk, it
1658 * is all or nothing. */
1659static struct chan *walk_symlink(struct chan *symlink, struct walk_helper *wh,
1660                                 unsigned int nr_names_left)
1661{
1662        struct dir *dir;
1663        char *link_name, *link_store;
1664        struct chan *from;
1665        bool old_nofollow;
1666        Elemlist e = {0};
1667
1668        /* mildly expensive: need to rlock the namespace */
1669        if (is_mount_point(symlink))
1670                return symlink;
1671        if (!nr_names_left && wh->no_follow)
1672                return symlink;
1673        if (wh->nr_loops >= WALK_MAX_NR_LOOPS) {
1674                set_error(ELOOP, "too many nested symlinks in walk");
1675                return NULL;
1676        }
1677        dir = chandirstat(symlink);
1678        if (!dir) {
1679                /* Should propagate the error from dev.stat() */
1680                return NULL;
1681        }
1682        if (!(dir->mode & DMSYMLINK)) {
1683                set_error(ELOOP, "symlink isn't a symlink!");
1684                kfree(dir);
1685                return NULL;
1686        }
1687        link_name = pad_and_strdup(dir->ext, 3, &link_store);
1688        kfree(dir);
1689
1690        if (link_name[0] == '/') {
1691                if (current)
1692                        from = current->slash;
1693                else
1694                        from = kern_slash;
1695        } else {
1696                from = symlink;
1697                link_name -= 3;
1698                strncpy(link_name, "../", 3);
1699                if (!from->name)
1700                        from->name = newcname("");
1701        }
1702        /* we close this ref on failure or it gets walked to the result. */
1703        chan_incref(from);
1704
1705        parsename(link_name, &e);
1706        kfree(link_store);
1707
1708        wh->nr_loops++;
1709        /* no_follow applies to the outermost walk, i.e. the one that the
1710         * original namec performs.  At this point, we've decided that we're
1711         * going to try and follow a symlink: even if its no_follow, that only
1712         * applies to the last link in the original path.  Our sub-walks are not
1713         * no_follow.
1714         *
1715         * Note the other wh vars need to stay with the walk: nr_loops,
1716         * since its our method of detecting symlink loops, and can_mount, which
1717         * is a property of the overall namec() call. */
1718        old_nofollow = wh->no_follow;
1719        wh->no_follow = false;
1720        if (walk(&from, e.elems, e.ARRAY_SIZEs, wh, NULL) < 0) {
1721                cclose(from);
1722                from = NULL;
1723        } else {
1724                /* We can still have a successful walk and have the new 'from'
1725                 * be a symlink.  We'd need walk_symlink to return a symlink
1726                 * chan, which happens if the symlink is a mount point. */
1727                cclose(symlink);
1728        }
1729        wh->no_follow = old_nofollow;
1730        wh->nr_loops--;
1731
1732        kfree(e.name);
1733        kfree(e.elems);
1734        kfree(e.off);
1735        return from;
1736}
1737