2 #include "../port/lib.h"
6 #include "../port/error.h"
8 int chandebug=0; /* toggled by sysr1 */
9 #define DBG if(chandebug)iprint
17 static struct Chanalloc
25 typedef struct Elemlist Elemlist;
29 char *aname; /* original name */
30 char *name; /* copy of name, so '/' can be overwritten */
39 #define SEP(c) ((c) == 0 || (c) == '/')
42 dumpmount(void) /* DEBUGGING */
49 print("no process for dumpmount\n");
54 print("no pgrp for dumpmount\n");
63 he = &pg->mnthash[MNTHASH];
64 for(h = pg->mnthash; h < he; h++){
65 for(f = *h; f != nil; f = f->hash){
66 print("head: %#p: %s %#llux.%lud %C %lud -> \n", f,
67 f->from->path->s, f->from->qid.path,
68 f->from->qid.vers, devtab[f->from->type]->dc,
70 for(t = f->mount; t != nil; t = t->next)
71 print("\t%#p: %s (umh %#p) (path %#.8llux dev %C %lud)\n",
72 t, t->to->path->s, t->to->umh, t->to->qid.path, devtab[t->to->type]->dc, t->to->dev);
87 return "<nil path.s>";
94 return p[0]=='.' && p[1]=='.' && p[2]=='\0';
105 } while(!cmpswap(&r->ref, old, new));
117 panic("decref pc=%#p", getcallerpc(&r));
119 } while(!cmpswap(&r->ref, old, new));
124 * Rather than strncpy, which zeros the rest of the buffer, kstrcpy
125 * truncates if necessary, always zero terminates, does not zero fill,
126 * and puts ... at the end of the string if it's too long. Usually used to
127 * save a string in up->genbuf;
130 kstrcpy(char *s, char *t, int ns)
140 /* too long, truncate */
144 /* append ... if there is space */
148 /* look for first byte of UTF-8 sequence by skipping continuation bytes */
149 while(ns>0 && (s[--ns]&0xC0)==0x80)
165 * Atomically replace *p with copy of s
168 kstrdup(char **p, char *s)
174 /* if it's a user, we can wait for memory; if not, something's very wrong */
180 panic("kstrdup: no memory");
182 setmalloctag(t, getcallerpc(&p));
195 todinit(); /* avoid later reentry causing infinite recursion */
196 for(i=0; devtab[i] != nil; i++)
200 static void closeproc(void*);
207 for(i=0; devtab[i] != nil; i++)
209 kproc("closeproc", closeproc, nil);
213 chandevshutdown(void)
217 /* shutdown in reverse order */
218 for(i=0; devtab[i] != nil; i++)
220 for(i--; i >= 0; i--)
221 devtab[i]->shutdown();
232 chanalloc.free = c->next;
236 c = smalloc(sizeof(Chan));
238 c->link = chanalloc.list;
242 c->fid = ++chanalloc.fid;
245 /* if you get an error before associating with a dev,
246 close calls rootclose, a nop */
266 memset(&c->mqid, 0, sizeof(c->mqid));
280 p = smalloc(sizeof(Path));
283 p->alen = i+PATHSLOP;
284 p->s = smalloc(p->alen);
285 memmove(p->s, s, i+1);
290 * Cannot use newpath for arbitrary names because the mtpt
291 * array will not be populated correctly. The names #/ and / are
292 * allowed, but other names with / in them draw warnings.
294 if(strchr(s, '/') != nil && strcmp(s, "#/") != 0 && strcmp(s, "/") != 0)
295 print("newpath: %s from %#p\n", s, getcallerpc(&s));
298 p->malen = PATHMSLOP;
299 p->mtpt = smalloc(p->malen*sizeof p->mtpt[0]);
309 pp = smalloc(sizeof(Path));
312 DBG("copypath %s %p => %p\n", p->s, p, pp);
316 pp->s = smalloc(p->alen);
317 memmove(pp->s, p->s, p->len+1);
320 pp->malen = p->malen;
321 pp->mtpt = smalloc(p->malen*sizeof pp->mtpt[0]);
322 for(i=0; i<pp->mlen; i++){
323 pp->mtpt[i] = p->mtpt[i];
324 if(pp->mtpt[i] != nil)
339 DBG("pathclose %p %s ref=%ld =>", p, p->s, p->ref);
340 for(i=0; i<p->mlen; i++)
341 DBG(" %p", p->mtpt[i]);
348 for(i=0; i<p->mlen; i++)
349 if(p->mtpt[i] != nil)
356 * In place, rewrite name to compress multiple /, eliminate ., and process ..
357 * (Really only called to remove a trailing .. that has been added.
358 * Otherwise would need to update n->mtpt as well.)
361 fixdotdotname(Path *p)
366 r = strchr(p->s, '/');
372 * The correct name is #i rather than #i/,
373 * but the correct name of #/ is #/.
375 if(strcmp(r, "/")==0 && p->s[1] != '/')
379 p->len = strlen(p->s);
397 addelem(Path *p, char *s, Chan *from)
403 if(s[0]=='.' && s[1]=='\0')
409 if(p->len+1+i+1 > p->alen){
410 a = p->len+1+i+1 + PATHSLOP;
412 memmove(t, p->s, p->len+1);
417 /* don't insert extra slash if one is present */
418 if(p->len>0 && p->s[p->len-1]!='/' && s[0]!='/')
419 p->s[p->len++] = '/';
420 memmove(p->s+p->len, s, i+1);
424 DBG("addelem %s .. => rm %p\n", p->s, p->mtpt[p->mlen-1]);
425 if(p->mlen > 1 && (c = p->mtpt[--p->mlen]) != nil){
426 p->mtpt[p->mlen] = nil;
430 if(p->mlen >= p->malen){
431 p->malen = p->mlen+1+PATHMSLOP;
432 tt = smalloc(p->malen*sizeof tt[0]);
433 memmove(tt, p->mtpt, p->mlen*sizeof tt[0]);
437 DBG("addelem %s %s => add %p\n", p->s, s, from);
438 p->mtpt[p->mlen++] = from;
450 if(c->dirrock != nil){
477 c->next = chanalloc.free;
483 * Queue a chan to be closed by one of the clunk procs.
498 return clunkq.head != nil;
507 if(clunkq.head != nil)
508 clunkq.tail->next = c;
524 clunkq.head = c->next;
541 tsleep(&clunkq.r, clunkwork, nil, 500);
546 if(clunkq.q.head != nil) {
553 if(clunkq.q.head == nil) {
555 kproc("closeproc", closeproc, nil);
562 devtab[c->type]->close(c);
572 if(c == nil || c->ref < 1 || c->flag&CFREE)
573 panic("cclose %#p", getcallerpc(&c));
575 DBG("cclose %p name=%s ref=%ld\n", c, chanpath(c), c->ref);
580 if(devtab[c->type]->dc == L'M')
581 if((c->flag&(CRCLOSE|CCACHE)) == CCACHE)
582 if((c->qid.type&(QTEXCL|QTMOUNT|QTAUTH)) == 0)
583 if((clunkq.nqueued - clunkq.nclosed) < 64){
589 devtab[c->type]->close(c);
598 if(c == nil || c->ref < 1 || c->flag&CFREE)
599 panic("ccloseq %#p", getcallerpc(&c));
601 DBG("ccloseq %p name=%s ref=%ld\n", c, chanpath(c), c->ref);
610 * Make sure we have the only copy of c. (Copy on write.)
629 return a.path==b.path && a.vers==b.vers;
633 eqchan(Chan *a, Chan *b, int skipvers)
635 if(a->qid.path != b->qid.path)
637 if(!skipvers && a->qid.vers!=b->qid.vers)
639 if(a->type != b->type)
647 eqchantdqid(Chan *a, int type, int dev, Qid qid, int skipvers)
649 if(a->qid.path != qid.path)
651 if(!skipvers && a->qid.vers!=qid.vers)
665 mh = smalloc(sizeof(Mhead));
673 cmount(Chan **newp, Chan *old, int flag, char *spec)
678 Mount *nm, *f, *um, **h;
681 if(QTDIR & (old->qid.type^(*newp)->qid.type))
685 print("cmount: unexpected umh, caller %#p\n", getcallerpc(&newp));
689 if((old->qid.type&QTDIR) == 0 && order != MREPL)
696 * Not allowed to bind when the old directory is itself a union.
697 * (Maybe it should be allowed, but I don't see what the semantics
700 * We need to check mh->mount->next to tell unions apart from
701 * simple mount points, so that things like
706 * The check of mount->mflag allows things like
710 * This is far more complicated than it should be, but I don't
711 * see an easier way at the moment.
713 if((flag&MCREATE) != 0 && mh != nil && mh->mount != nil
714 && (mh->mount->next != nil || (mh->mount->mflag&MCREATE) == 0))
720 l = &MOUNTH(pg, old->qid);
721 for(m = *l; m != nil; m = m->hash){
722 if(eqchan(m->from, old, 1))
729 * nothing mounted here yet. create a mount
730 * head and add to the hash table.
736 * if this is a union mount, add the old
737 * node to the mount chain.
740 m->mount = newmount(m, old, 0, 0);
749 nm = newmount(m, new, flag, spec);
750 if(mh != nil && mh->mount != nil){
752 * copy a union when binding it onto a directory
759 for(um = um->next; um != nil; um = um->next){
760 f = newmount(m, um->to, flg, um->spec);
766 if(m->mount != nil && order == MREPL){
772 nm->mflag |= MCREATE;
774 if(m->mount != nil && order == MAFTER){
775 for(f = m->mount; f->next != nil; f = f->next)
779 for(f = nm; f->next != nil; f = f->next)
791 cunmount(Chan *mnt, Chan *mounted)
797 if(mnt->umh != nil) /* should not happen */
798 print("cunmount newp extra umh %p has %p\n", mnt, mnt->umh);
801 * It _can_ happen that mounted->umh is non-nil,
802 * because mounted is the result of namec(Aopen)
803 * (see sysfile.c:/^sysunmount).
804 * If we open a union directory, it will have a umh.
805 * Although surprising, this is okay, since the
806 * cclose will take care of freeing the umh.
812 l = &MOUNTH(pg, mnt->qid);
813 for(m = *l; m != nil; m = m->hash){
814 if(eqchan(m->from, mnt, 1))
837 for(f = *p; f != nil; f = f->next){
838 /* BUG: Needs to be 2 pass */
839 if(eqchan(f->to, mounted, 1) ||
840 (f->to->mchan != nil && eqchan(f->to->mchan, mounted, 1))){
869 if(c == nil || c->ref < 1 || c->flag&CFREE)
870 panic("cclone: %#p", getcallerpc(&c));
871 wq = devtab[c->type]->walk(c, nil, nil, 0);
873 error("clone failed");
876 if((nc->path = c->path) != nil)
881 /* also used by sysfile.c:/^mountfix */
883 findmount(Chan **cp, Mhead **mp, int type, int dev, Qid qid)
890 for(m = MOUNTH(pg, qid); m != nil; m = m->hash){
893 print("m %p m->from 0\n", m);
897 if(eqchantdqid(m->from, type, dev, qid, 1)){
907 incref(m->mount->to);
920 * Calls findmount but also updates path.
923 domount(Chan **cp, Mhead **mp, Path **path)
928 if(findmount(cp, mp, (*cp)->type, (*cp)->dev, (*cp)->qid) == 0)
935 print("domount: path %s has mlen==%d\n", p->s, p->mlen);
937 lc = &p->mtpt[p->mlen-1];
938 DBG("domount %p %s => add %p (was %p)\n", p, p->s, (*mp)->from, p->mtpt[p->mlen-1]);
950 * If c is the right-hand-side of a mount point, returns the left hand side.
951 * Changes name to reflect the fact that we've uncrossed the mountpoint,
952 * so name had better be ours to change!
955 undomount(Chan *c, Path *path)
959 if(path->ref != 1 || path->mlen == 0)
960 print("undomount: path %s ref %ld mlen %d caller %#p\n",
961 path->s, path->ref, path->mlen, getcallerpc(&c));
963 if(path->mlen > 0 && (nc = path->mtpt[path->mlen-1]) != nil){
964 DBG("undomount %p %s => remove %p\n", path, path->s, nc);
966 path->mtpt[path->mlen-1] = nil;
973 * Call dev walk but catch errors.
976 ewalk(Chan *c, Chan *nc, char **name, int nname)
982 wq = devtab[c->type]->walk(c, nc, name, nname);
988 * Either walks all the way or not at all. No partial results in *cp.
989 * *nerror is the number of names to display in an error message.
991 static char Edoesnotexist[] = "does not exist";
993 walk(Chan **cp, char **names, int nnames, int nomount, int *nerror)
995 int dev, didmount, dotdot, i, n, nhave, ntry, type;
1009 * While we haven't gotten all the way down the path:
1010 * 1. step through a mount point, if any
1011 * 2. send a walk request for initial dotdot or initial prefix without dotdot
1012 * 3. move to the first mountpoint along the way.
1015 * Each time through the loop:
1017 * If didmount==0, c is on the undomount side of the mount point.
1018 * If didmount==1, c is on the domount side of the mount point.
1019 * Either way, c's full path is path.
1022 for(nhave=0; nhave<nnames; nhave+=n){
1023 if((c->qid.type&QTDIR) == 0){
1028 kstrcpy(up->errstr, Enotdir, ERRMAX);
1033 ntry = nnames - nhave;
1037 for(i=0; i<ntry; i++){
1038 if(isdotdot(names[nhave+i])){
1048 if(!dotdot && !nomount && !didmount)
1049 domount(&c, &mh, &path);
1054 if((wq = ewalk(c, nil, names+nhave, ntry)) == nil){
1055 /* try a union mount, if any */
1056 if(mh != nil && !nomount){
1058 * mh->mount->to == c, so start at mh->mount->next
1061 if((f = mh->mount) != nil)
1063 for(; f != nil; f = f->next)
1064 if((wq = ewalk(f->to, nil, names+nhave, ntry)) != nil){
1084 assert(wq->nqid == 1);
1085 assert(wq->clone != nil);
1087 path = addelem(path, "..", nil);
1088 nc = undomount(wq->clone, path);
1095 for(i=0; i<wq->nqid && i<ntry-1; i++){
1096 if(findmount(&nc, &nmh, type, dev, wq->qid[i])){
1102 if(nc == nil){ /* no mount points along path */
1103 if(wq->clone == nil){
1106 if(wq->nqid == 0 || (wq->qid[wq->nqid-1].type&QTDIR) != 0){
1108 *nerror = nhave+wq->nqid+1;
1109 kstrcpy(up->errstr, Edoesnotexist, ERRMAX);
1112 *nerror = nhave+wq->nqid;
1113 kstrcpy(up->errstr, Enotdir, ERRMAX);
1122 }else{ /* stopped early, at a mount point */
1124 if(wq->clone != nil){
1132 if(i==n-1 && nmh!=nil)
1134 path = addelem(path, names[nhave+i], mtpt);
1148 if(c->umh != nil){ //BUG
1149 print("walk umh\n");
1165 * c is a mounted non-creatable directory. find a creatable one.
1168 createdir(Chan *c, Mhead *m)
1178 for(f = m->mount; f != nil; f = f->next){
1179 if(f->to != nil && (f->mflag&MCREATE) != 0){
1197 growparse(Elemlist *e)
1203 if((e->nelems % Delta) == 0){
1204 new = smalloc((e->nelems+Delta) * sizeof(char*));
1205 memmove(new, e->elems, e->nelems*sizeof(char*));
1208 inew = smalloc((e->nelems+Delta+1) * sizeof(int));
1209 memmove(inew, e->off, (e->nelems+1)*sizeof(int));
1216 * The name is known to be valid.
1217 * Copy the name so slashes can be overwritten.
1218 * An empty string will set nelem=0.
1219 * A path ending in / or /. or /.//./ etc. will have
1220 * e.mustbedir = 1, so that we correctly
1221 * reject, e.g., "/adm/users/." when /adm/users is a file
1222 * rather than a directory.
1225 parsename(char *aname, Elemlist *e)
1229 kstrdup(&e->name, aname);
1233 e->off = smalloc(sizeof(int));
1234 e->off[0] = skipslash(name) - name;
1236 name = skipslash(name);
1238 e->off[e->nelems] = name+strlen(name) - e->name;
1243 e->elems[e->nelems++] = name;
1244 slash = utfrune(name, '/');
1246 e->off[e->nelems] = name+strlen(name) - e->name;
1250 e->off[e->nelems] = slash - e->name;
1258 print("parsename %s:", e->name);
1259 for(i=0; i<=e->nelems; i++)
1260 print(" %d", e->off[i]);
1266 memrchr(void *va, int c, long n)
1271 for(e=a+n-1; e>a; e--)
1278 namelenerror(char *aname, int len, char *err)
1280 char *ename, *name, *next;
1284 * If the name is short enough, just use the whole thing.
1286 errlen = strlen(err);
1287 if(len < ERRMAX/3 || len+errlen < 2*ERRMAX/3)
1288 snprint(up->genbuf, sizeof up->genbuf, "%.*s",
1289 utfnlen(aname, len), aname);
1292 * Print a suffix of the name, but try to get a little info.
1298 next = memrchr(aname, '/', name-aname);
1302 }while(len < ERRMAX/3 || len + errlen < 2*ERRMAX/3);
1305 * If the name is ridiculously long, chop it.
1308 name = ename-ERRMAX/4;
1310 panic("bad math in namelenerror");
1311 /* walk out of current UTF sequence */
1312 for(i=0; (*name&0xC0)==0x80 && i<UTFmax; i++)
1315 snprint(up->genbuf, sizeof up->genbuf, "...%.*s",
1316 utfnlen(name, ename-name), name);
1318 snprint(up->errstr, ERRMAX, "%#q %s", up->genbuf, err);
1323 nameerror(char *name, char *err)
1325 namelenerror(name, strlen(name), err);
1329 * Turn a name into a channel.
1330 * &name[0] is known to be a valid address. It may be a kernel address.
1332 * Opening with amode Aopen, Acreate, Aremove, or Aaccess guarantees
1333 * that the result will be the only reference to that particular fid.
1334 * This is necessary since we might pass the result to
1335 * devtab[]->remove().
1337 * Opening Atodir or Amount does not guarantee this.
1339 * Under certain circumstances, opening Aaccess will cause
1340 * an unnecessary clone in order to get a cunique Chan so it
1341 * can attach the correct name. Sysstat and sys_stat need the
1342 * correct name so they can rewrite the stat info.
1345 namec(char *aname, int amode, int omode, ulong perm)
1347 int len, n, t, nomount;
1353 char *createerr, tmperrbuf[ERRMAX];
1356 if(aname[0] == '\0')
1357 error("empty file name");
1358 aname = validnamedup(aname, 1);
1363 DBG("namec %s %d %d\n", aname, amode, omode);
1367 * Find the starting off point (the current slash, the root of
1368 * a device tree, or the current dot) as well as the name to
1369 * evaluate starting there.
1380 up->genbuf[0] = '\0';
1382 while(*name != '\0' && (*name != '/' || n < 2)){
1383 if(n >= sizeof(up->genbuf)-1)
1385 up->genbuf[n++] = *name++;
1387 up->genbuf[n] = '\0';
1389 * noattach is sandboxing.
1391 * the OK exceptions are:
1392 * | it only gives access to pipes you create
1393 * d this process's file descriptors
1394 * e this process's environment
1395 * the iffy exceptions are:
1396 * c time and pid, but also cons and consctl
1397 * p control of your own processes (and unfortunately
1398 * any others left unprotected)
1400 n = chartorune(&r, up->genbuf+1)+1;
1401 /* actually / is caught by parsing earlier */
1402 if(up->pgrp->noattach && utfrune("|decp", r)==nil)
1407 c = devtab[t]->attach(up->genbuf+n);
1417 e.prefix = name - aname;
1428 * Prepare nice error, showing first e.nerror elements of name.
1432 strcpy(tmperrbuf, up->errstr);
1433 if(e.off[e.nerror]==0)
1434 print("nerror=%d but off=%d\n",
1435 e.nerror, e.off[e.nerror]);
1437 print("showing %d+%d/%d (of %d) of %s (%d %d)\n", e.prefix, e.off[e.nerror], e.nerror, e.nelems, aname, e.off[0], e.off[1]);
1438 len = e.prefix+e.off[e.nerror];
1440 namelenerror(aname, len, tmperrbuf);
1444 * Build a list of elements in the name.
1446 parsename(name, &e);
1451 if(amode == Acreate){
1452 /* perm must have DMDIR if last element is / or /. */
1453 if(e.mustbedir && !(perm&DMDIR)){
1454 e.nerror = e.nelems;
1455 error("create without DMDIR");
1458 /* don't try to walk the last path element just yet. */
1464 if(walk(&c, e.elems, e.nelems, nomount, &e.nerror) < 0){
1465 if(e.nerror < 0 || e.nerror > e.nelems){
1466 print("namec %s walk error nerror=%d\n", aname, e.nerror);
1472 if(e.mustbedir && (c->qid.type&QTDIR) == 0)
1473 error("not a directory");
1475 if(amode == Aopen && (omode&3) == OEXEC && (c->qid.type&QTDIR) != 0)
1476 error("cannot exec directory");
1480 /* no need to maintain path - cannot dotdot an Abind */
1483 domount(&c, &m, nil);
1493 /* save&update the name; domount might change c */
1502 domount(&c, &m, &path);
1504 /* our own copy to open or remove */
1507 /* now it's our copy anyway, we can put the name back */
1512 /* record whether c is on a mount point */
1524 print("cunique umh Open\n");
1528 /* only save the mount head if it's a multiple element union */
1529 if(m != nil && m->mount != nil && m->mount->next != nil)
1534 /* save registers else error() in open has wrong value of c saved */
1537 c = devtab[c->type]->open(c, omode&~OCEXEC);
1549 * Directories (e.g. for cd) are left before the mount point,
1550 * so one may mount on / or . and see the effect.
1552 if((c->qid.type&QTDIR) == 0)
1558 * When mounting on an already mounted upon directory,
1559 * one wants subsequent mounts to be attached to the
1560 * original directory, not the replacement. Don't domount.
1566 * We've already walked all but the last element.
1567 * If the last exists, try to open it OTRUNC.
1568 * If omode&OEXCL is set, just give up.
1572 if(walk(&c, e.elems+e.nelems-1, 1, nomount, nil) == 0){
1580 * The semantics of the create(2) system call are that if the
1581 * file exists and can be written, it is to be opened with truncation.
1582 * On the other hand, the create(5) message fails if the file exists.
1583 * If we get two create(2) calls happening simultaneously,
1584 * they might both get here and send create(5) messages, but only
1585 * one of the messages will succeed. To provide the expected create(2)
1586 * semantics, the call with the failed message needs to try the above
1587 * walk again, opening for truncation. This correctly solves the
1588 * create/create race, in the sense that any observable outcome can
1589 * be explained as one happening before the other.
1590 * The create/create race is quite common. For example, it happens
1591 * when two rc subshells simultaneously update the same
1592 * environment variable.
1594 * The implementation still admits a create/create/remove race:
1595 * (A) walk to file, fails
1596 * (B) walk to file, fails
1597 * (A) create file, succeeds, returns
1598 * (B) create file, fails
1599 * (A) remove file, succeeds, returns
1600 * (B) walk to file, return failure.
1602 * This is hardly as common as the create/create race, and is really
1603 * not too much worse than what might happen if (B) got a hold of a
1604 * file descriptor and then the file was removed -- either way (B) can't do
1605 * anything with the result of the create call. So we don't care about this race.
1607 * Applications that care about more fine-grained decision of the races
1608 * can use the OEXCL flag to get at the underlying create(5) semantics;
1609 * by default we provide the common case.
1611 * We need to stay behind the mount point in case we
1612 * need to do the first walk again (should the create fail).
1614 * We also need to cross the mount point and find the directory
1615 * in the union in which we should be creating.
1617 * The channel staying behind is c, the one moving forward is cnew.
1620 cnew = nil; /* is this assignment necessary? */
1621 if(!waserror()){ /* try create */
1622 if(!nomount && findmount(&cnew, &m, c->type, c->dev, c->qid))
1623 cnew = createdir(cnew, m);
1630 * We need our own copy of the Chan because we're
1631 * about to send a create, which will move it. Once we have
1632 * our own copy, we can fix the name, which might be wrong
1633 * if findmount gave us a new Chan.
1635 cnew = cunique(cnew);
1636 pathclose(cnew->path);
1637 cnew->path = c->path;
1640 cnew = devtab[cnew->type]->create(cnew, e.elems[e.nelems-1], omode&~(OEXCL|OCEXEC), perm);
1643 cnew->flag |= CCEXEC;
1645 cnew->flag |= CRCLOSE;
1650 c->path = addelem(c->path, e.elems[e.nelems-1], nil);
1661 createerr = up->errstr;
1662 up->errstr = tmperrbuf;
1663 /* note: we depend that walk does not error */
1664 if(walk(&c, e.elems+e.nelems-1, 1, nomount, nil) < 0){
1665 up->errstr = createerr;
1666 error(createerr); /* report true error */
1668 up->errstr = createerr;
1673 panic("unknown namec access %d", amode);
1676 /* place final element in genbuf for e.g. exec */
1678 kstrcpy(up->genbuf, e.elems[e.nelems-1], sizeof up->genbuf);
1680 kstrcpy(up->genbuf, ".", sizeof up->genbuf);
1684 poperror(); /* e c */
1686 poperror(); /* aname */
1692 * name is valid. skip leading / and ./ as much as possible
1695 skipslash(char *name)
1697 while(name[0]=='/' || (name[0]=='.' && (name[1]==0 || name[1]=='/')))
1703 /*NUL*/ 1, 1, 1, 1, 1, 1, 1, 1,
1704 /*BKS*/ 1, 1, 1, 1, 1, 1, 1, 1,
1705 /*DLE*/ 1, 1, 1, 1, 1, 1, 1, 1,
1706 /*CAN*/ 1, 1, 1, 1, 1, 1, 1, 1,
1712 * Check that the name
1713 * a) is in valid memory.
1714 * b) is shorter than 2^16 bytes, so it can fit in a 9P string field.
1715 * c) contains no frogs.
1716 * The first byte is known to be addressible by the requester, so the
1717 * routine works for kernel and user memory both.
1718 * The parameter slashok flags whether a slash character is an error
1719 * or a valid character.
1721 * The parameter dup flags whether the string should be copied
1722 * out of user space before being scanned the second time.
1723 * (Otherwise a malicious thread could remove the NUL, causing us
1724 * to access unchecked addresses.)
1727 validname0(char *aname, int slashok, int dup, uintptr pc)
1729 char *ename, *name, *s;
1734 if((uintptr)name < KZERO){
1736 print("warning: validname called from %#p with user pointer", pc);
1737 ename = vmemchr(name, 0, (1<<16));
1739 ename = memchr(name, 0, (1<<16));
1741 if(ename==nil || ename-name>=(1<<16))
1742 error("name too long");
1748 memmove(s, name, n);
1752 setmalloctag(s, pc);
1756 /* all characters above '~' are ok */
1759 name += chartorune(&r, name);
1762 if(!slashok || c!='/'){
1763 snprint(up->genbuf, sizeof(up->genbuf), "%s: %q", Ebadchar, aname);
1774 validname(char *aname, int slashok)
1776 validname0(aname, slashok, 0, getcallerpc(&aname));
1780 validnamedup(char *aname, int slashok)
1782 return validname0(aname, slashok, 1, getcallerpc(&aname));
1788 if(c->qid.type & QTDIR)
1794 * This is necessary because there are many
1795 * pointers to the top of a given mount list:
1797 * - the mhead in the namespace hash table
1798 * - the mhead in chans returned from findmount:
1799 * used in namec and then by unionread.
1800 * - the mhead in chans returned from createdir:
1801 * used in the open/create race protect, which is gone.
1803 * The RWlock in the Mhead protects the mount list it contains.
1804 * The mount list is deleted when we cunmount.
1805 * The RWlock ensures that nothing is using the mount list at that time.
1807 * It is okay to replace c->mh with whatever you want as
1808 * long as you are sure you have a unique reference to it.
1810 * This comment might belong somewhere else.
1815 if(m != nil && decref(m) == 0){
1816 m->mount = (Mount*)0xCafeBeef;