1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2019 Google LLC
5 * Copyright (C) 1995, 1996, 1997 Wolfgang Solfrank
6 * Copyright (c) 1995 Martin Husemann
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29
30 #include <sys/cdefs.h>
31 #ifndef lint
32 __RCSID("$NetBSD: fat.c,v 1.18 2006/06/05 16:51:18 christos Exp $");
33 #endif /* not lint */
34
35 #include <sys/endian.h>
36 #include <sys/queue.h>
37 #include <sys/limits.h>
38 #include <sys/mman.h>
39 #include <sys/param.h>
40
41 #include <assert.h>
42 #include <stdbool.h>
43 #include <stdlib.h>
44 #include <string.h>
45 #include <ctype.h>
46 #include <stdio.h>
47 #include <unistd.h>
48
49 #include "ext.h"
50 #include "fsutil.h"
51
52 static int _readfat(struct fat_descriptor *);
53 static inline struct bootblock* boot_of_(struct fat_descriptor *);
54 static inline int fd_of_(struct fat_descriptor *);
55 static inline bool valid_cl(struct fat_descriptor *, cl_t);
56
57
58 /*
59 * Head bitmap for FAT scanning.
60 *
61 * FAT32 have up to 2^28 = 256M entries, and FAT16/12 have much less.
62 * For each cluster, we use 1 bit to represent if it's a head cluster
63 * (the first cluster of a cluster chain).
64 *
65 * Head bitmap
66 * ===========
67 * Initially, we set all bits to 1. In readfat(), we traverse the
68 * whole FAT and mark each cluster identified as "next" cluster as
69 * 0. After the scan, we have a bitmap with 1's to indicate the
70 * corresponding cluster was a "head" cluster.
71 *
72 * We use head bitmap to identify lost chains: a head cluster that was
73 * not being claimed by any file or directories is the head cluster of
74 * a lost chain.
75 *
76 * Handle of lost chains
77 * =====================
78 * At the end of scanning, we can easily find all lost chain's heads
79 * by finding out the 1's in the head bitmap.
80 */
81
82 typedef struct long_bitmap {
83 unsigned long *map;
84 size_t count; /* Total set bits in the map */
85 } long_bitmap_t;
86
87 static inline void
bitmap_clear(long_bitmap_t * lbp,cl_t cl)88 bitmap_clear(long_bitmap_t *lbp, cl_t cl)
89 {
90 cl_t i = cl / LONG_BIT;
91 unsigned long clearmask = ~(1UL << (cl % LONG_BIT));
92
93 assert((lbp->map[i] & ~clearmask) != 0);
94 lbp->map[i] &= clearmask;
95 lbp->count--;
96 }
97
98 static inline bool
bitmap_get(long_bitmap_t * lbp,cl_t cl)99 bitmap_get(long_bitmap_t *lbp, cl_t cl)
100 {
101 cl_t i = cl / LONG_BIT;
102 unsigned long usedbit = 1UL << (cl % LONG_BIT);
103
104 return ((lbp->map[i] & usedbit) == usedbit);
105 }
106
107 static inline bool
bitmap_none_in_range(long_bitmap_t * lbp,cl_t cl)108 bitmap_none_in_range(long_bitmap_t *lbp, cl_t cl)
109 {
110 cl_t i = cl / LONG_BIT;
111
112 return (lbp->map[i] == 0);
113 }
114
115 static inline size_t
bitmap_count(long_bitmap_t * lbp)116 bitmap_count(long_bitmap_t *lbp)
117 {
118 return (lbp->count);
119 }
120
121 static int
bitmap_ctor(long_bitmap_t * lbp,size_t bits,bool allone)122 bitmap_ctor(long_bitmap_t *lbp, size_t bits, bool allone)
123 {
124 size_t bitmap_size = roundup2(bits, LONG_BIT) / (LONG_BIT / 8);
125
126 free(lbp->map);
127 lbp->map = calloc(1, bitmap_size);
128 if (lbp->map == NULL)
129 return FSFATAL;
130
131 if (allone) {
132 memset(lbp->map, 0xff, bitmap_size);
133 lbp->count = bits;
134 } else {
135 lbp->count = 0;
136 }
137 return FSOK;
138 }
139
140 static void
bitmap_dtor(long_bitmap_t * lbp)141 bitmap_dtor(long_bitmap_t *lbp)
142 {
143 free(lbp->map);
144 lbp->map = NULL;
145 }
146
147 /*
148 * FAT32 can be as big as 256MiB (2^26 entries * 4 bytes), when we
149 * can not ask the kernel to manage the access, use a simple LRU
150 * cache with chunk size of 128 KiB to manage it.
151 */
152 struct fat32_cache_entry {
153 TAILQ_ENTRY(fat32_cache_entry) entries;
154 uint8_t *chunk; /* pointer to chunk */
155 off_t addr; /* offset */
156 bool dirty; /* dirty bit */
157 };
158
159 static const size_t fat32_cache_chunk_size = 131072; /* MAXPHYS */
160 static const size_t fat32_cache_size = 4194304;
161 static const size_t fat32_cache_entries = 32; /* XXXgcc: cache_size / cache_chunk_size */
162
163 /*
164 * FAT table descriptor, represents a FAT table that is already loaded
165 * into memory.
166 */
167 struct fat_descriptor {
168 struct bootblock *boot;
169 uint8_t *fatbuf;
170 cl_t (*get)(struct fat_descriptor *, cl_t);
171 int (*set)(struct fat_descriptor *, cl_t, cl_t);
172 long_bitmap_t headbitmap;
173 int fd;
174 bool is_mmapped;
175 bool use_cache;
176 size_t fatsize;
177
178 size_t fat32_cached_chunks;
179 TAILQ_HEAD(cachehead, fat32_cache_entry) fat32_cache_head;
180 struct fat32_cache_entry *fat32_cache_allentries;
181 off_t fat32_offset;
182 off_t fat32_lastaddr;
183 };
184
185 void
fat_clear_cl_head(struct fat_descriptor * fat,cl_t cl)186 fat_clear_cl_head(struct fat_descriptor *fat, cl_t cl)
187 {
188 bitmap_clear(&fat->headbitmap, cl);
189 }
190
191 bool
fat_is_cl_head(struct fat_descriptor * fat,cl_t cl)192 fat_is_cl_head(struct fat_descriptor *fat, cl_t cl)
193 {
194 return (bitmap_get(&fat->headbitmap, cl));
195 }
196
197 static inline bool
fat_is_cl_head_in_range(struct fat_descriptor * fat,cl_t cl)198 fat_is_cl_head_in_range(struct fat_descriptor *fat, cl_t cl)
199 {
200 return (!(bitmap_none_in_range(&fat->headbitmap, cl)));
201 }
202
203 static size_t
fat_get_head_count(struct fat_descriptor * fat)204 fat_get_head_count(struct fat_descriptor *fat)
205 {
206 return (bitmap_count(&fat->headbitmap));
207 }
208
209 /*
210 * FAT12 accessors.
211 *
212 * FAT12s are sufficiently small, expect it to always fit in the RAM.
213 */
214 static inline uint8_t *
fat_get_fat12_ptr(struct fat_descriptor * fat,cl_t cl)215 fat_get_fat12_ptr(struct fat_descriptor *fat, cl_t cl)
216 {
217 return (fat->fatbuf + ((cl + (cl >> 1))));
218 }
219
220 static cl_t
fat_get_fat12_next(struct fat_descriptor * fat,cl_t cl)221 fat_get_fat12_next(struct fat_descriptor *fat, cl_t cl)
222 {
223 const uint8_t *p;
224 cl_t retval;
225
226 p = fat_get_fat12_ptr(fat, cl);
227 retval = le16dec(p);
228 /* Odd cluster: lower 4 bits belongs to the subsequent cluster */
229 if ((cl & 1) == 1)
230 retval >>= 4;
231 retval &= CLUST12_MASK;
232
233 if (retval >= (CLUST_BAD & CLUST12_MASK))
234 retval |= ~CLUST12_MASK;
235
236 return (retval);
237 }
238
239 static int
fat_set_fat12_next(struct fat_descriptor * fat,cl_t cl,cl_t nextcl)240 fat_set_fat12_next(struct fat_descriptor *fat, cl_t cl, cl_t nextcl)
241 {
242 uint8_t *p;
243
244 /* Truncate 'nextcl' value, if needed */
245 nextcl &= CLUST12_MASK;
246
247 p = fat_get_fat12_ptr(fat, cl);
248
249 /*
250 * Read in the 4 bits from the subsequent (for even clusters)
251 * or the preceding (for odd clusters) cluster and combine
252 * it to the nextcl value for encoding
253 */
254 if ((cl & 1) == 0) {
255 nextcl |= ((p[1] & 0xf0) << 8);
256 } else {
257 nextcl <<= 4;
258 nextcl |= (p[0] & 0x0f);
259 }
260
261 le16enc(p, (uint16_t)nextcl);
262
263 return (0);
264 }
265
266 /*
267 * FAT16 accessors.
268 *
269 * FAT16s are sufficiently small, expect it to always fit in the RAM.
270 */
271 static inline uint8_t *
fat_get_fat16_ptr(struct fat_descriptor * fat,cl_t cl)272 fat_get_fat16_ptr(struct fat_descriptor *fat, cl_t cl)
273 {
274 return (fat->fatbuf + (cl << 1));
275 }
276
277 static cl_t
fat_get_fat16_next(struct fat_descriptor * fat,cl_t cl)278 fat_get_fat16_next(struct fat_descriptor *fat, cl_t cl)
279 {
280 const uint8_t *p;
281 cl_t retval;
282
283 p = fat_get_fat16_ptr(fat, cl);
284 retval = le16dec(p) & CLUST16_MASK;
285
286 if (retval >= (CLUST_BAD & CLUST16_MASK))
287 retval |= ~CLUST16_MASK;
288
289 return (retval);
290 }
291
292 static int
fat_set_fat16_next(struct fat_descriptor * fat,cl_t cl,cl_t nextcl)293 fat_set_fat16_next(struct fat_descriptor *fat, cl_t cl, cl_t nextcl)
294 {
295 uint8_t *p;
296
297 /* Truncate 'nextcl' value, if needed */
298 nextcl &= CLUST16_MASK;
299
300 p = fat_get_fat16_ptr(fat, cl);
301
302 le16enc(p, (uint16_t)nextcl);
303
304 return (0);
305 }
306
307 /*
308 * FAT32 accessors.
309 */
310 static inline uint8_t *
fat_get_fat32_ptr(struct fat_descriptor * fat,cl_t cl)311 fat_get_fat32_ptr(struct fat_descriptor *fat, cl_t cl)
312 {
313 return (fat->fatbuf + (cl << 2));
314 }
315
316 static cl_t
fat_get_fat32_next(struct fat_descriptor * fat,cl_t cl)317 fat_get_fat32_next(struct fat_descriptor *fat, cl_t cl)
318 {
319 const uint8_t *p;
320 cl_t retval;
321
322 p = fat_get_fat32_ptr(fat, cl);
323 retval = le32dec(p) & CLUST32_MASK;
324
325 if (retval >= (CLUST_BAD & CLUST32_MASK))
326 retval |= ~CLUST32_MASK;
327
328 return (retval);
329 }
330
331 static int
fat_set_fat32_next(struct fat_descriptor * fat,cl_t cl,cl_t nextcl)332 fat_set_fat32_next(struct fat_descriptor *fat, cl_t cl, cl_t nextcl)
333 {
334 uint8_t *p;
335
336 /* Truncate 'nextcl' value, if needed */
337 nextcl &= CLUST32_MASK;
338
339 p = fat_get_fat32_ptr(fat, cl);
340
341 le32enc(p, (uint32_t)nextcl);
342
343 return (0);
344 }
345
346 static inline size_t
fat_get_iosize(struct fat_descriptor * fat,off_t address)347 fat_get_iosize(struct fat_descriptor *fat, off_t address)
348 {
349
350 if (address == fat->fat32_lastaddr) {
351 return (fat->fatsize & ((off_t)fat32_cache_chunk_size - 1));
352 } else {
353 return (fat32_cache_chunk_size);
354 }
355 }
356
357 static int
fat_flush_fat32_cache_entry(struct fat_descriptor * fat,struct fat32_cache_entry * entry)358 fat_flush_fat32_cache_entry(struct fat_descriptor *fat,
359 struct fat32_cache_entry *entry)
360 {
361 int fd;
362 off_t fat_addr;
363 size_t writesize;
364
365 fd = fd_of_(fat);
366
367 if (!entry->dirty)
368 return (FSOK);
369
370 writesize = fat_get_iosize(fat, entry->addr);
371
372 fat_addr = fat->fat32_offset + entry->addr;
373 if (lseek(fd, fat_addr, SEEK_SET) != fat_addr ||
374 (size_t)write(fd, entry->chunk, writesize) != writesize) {
375 pfatal("Unable to write FAT");
376 return (FSFATAL);
377 }
378
379 entry->dirty = false;
380 return (FSOK);
381 }
382
383 static struct fat32_cache_entry *
fat_get_fat32_cache_entry(struct fat_descriptor * fat,off_t addr,bool writing)384 fat_get_fat32_cache_entry(struct fat_descriptor *fat, off_t addr,
385 bool writing)
386 {
387 int fd;
388 struct fat32_cache_entry *entry, *first;
389 off_t fat_addr;
390 size_t rwsize;
391
392 addr &= ~(fat32_cache_chunk_size - 1);
393
394 first = TAILQ_FIRST(&fat->fat32_cache_head);
395
396 /*
397 * Cache hit: if we already have the chunk, move it to list head
398 */
399 TAILQ_FOREACH(entry, &fat->fat32_cache_head, entries) {
400 if (entry->addr == addr) {
401 if (writing) {
402 entry->dirty = true;
403 }
404 if (entry != first) {
405
406 TAILQ_REMOVE(&fat->fat32_cache_head, entry, entries);
407 TAILQ_INSERT_HEAD(&fat->fat32_cache_head, entry, entries);
408 }
409 return (entry);
410 }
411 }
412
413 /*
414 * Cache miss: detach the chunk at tail of list, overwrite with
415 * the located chunk, and populate with data from disk.
416 */
417 entry = TAILQ_LAST(&fat->fat32_cache_head, cachehead);
418 TAILQ_REMOVE(&fat->fat32_cache_head, entry, entries);
419 if (fat_flush_fat32_cache_entry(fat, entry) != FSOK) {
420 return (NULL);
421 }
422
423 rwsize = fat_get_iosize(fat, addr);
424 fat_addr = fat->fat32_offset + addr;
425 entry->addr = addr;
426 fd = fd_of_(fat);
427 if (lseek(fd, fat_addr, SEEK_SET) != fat_addr ||
428 (size_t)read(fd, entry->chunk, rwsize) != rwsize) {
429 pfatal("Unable to read FAT");
430 return (NULL);
431 }
432 if (writing) {
433 entry->dirty = true;
434 }
435 TAILQ_INSERT_HEAD(&fat->fat32_cache_head, entry, entries);
436
437 return (entry);
438 }
439
440 static inline uint8_t *
fat_get_fat32_cached_ptr(struct fat_descriptor * fat,cl_t cl,bool writing)441 fat_get_fat32_cached_ptr(struct fat_descriptor *fat, cl_t cl, bool writing)
442 {
443 off_t addr, off;
444 struct fat32_cache_entry *entry;
445
446 addr = cl << 2;
447 entry = fat_get_fat32_cache_entry(fat, addr, writing);
448
449 if (entry != NULL) {
450 off = addr & (fat32_cache_chunk_size - 1);
451 return (entry->chunk + off);
452 } else {
453 return (NULL);
454 }
455 }
456
457
458 static cl_t
fat_get_fat32_cached_next(struct fat_descriptor * fat,cl_t cl)459 fat_get_fat32_cached_next(struct fat_descriptor *fat, cl_t cl)
460 {
461 const uint8_t *p;
462 cl_t retval;
463
464 p = fat_get_fat32_cached_ptr(fat, cl, false);
465 if (p != NULL) {
466 retval = le32dec(p) & CLUST32_MASK;
467 if (retval >= (CLUST_BAD & CLUST32_MASK))
468 retval |= ~CLUST32_MASK;
469 } else {
470 retval = CLUST_DEAD;
471 }
472
473 return (retval);
474 }
475
476 static int
fat_set_fat32_cached_next(struct fat_descriptor * fat,cl_t cl,cl_t nextcl)477 fat_set_fat32_cached_next(struct fat_descriptor *fat, cl_t cl, cl_t nextcl)
478 {
479 uint8_t *p;
480
481 /* Truncate 'nextcl' value, if needed */
482 nextcl &= CLUST32_MASK;
483
484 p = fat_get_fat32_cached_ptr(fat, cl, true);
485 if (p != NULL) {
486 le32enc(p, (uint32_t)nextcl);
487 return FSOK;
488 } else {
489 return FSFATAL;
490 }
491 }
492
fat_get_cl_next(struct fat_descriptor * fat,cl_t cl)493 cl_t fat_get_cl_next(struct fat_descriptor *fat, cl_t cl)
494 {
495
496 if (!valid_cl(fat, cl)) {
497 pfatal("Invalid cluster: %ud", cl);
498 return CLUST_DEAD;
499 }
500
501 return (fat->get(fat, cl));
502 }
503
fat_set_cl_next(struct fat_descriptor * fat,cl_t cl,cl_t nextcl)504 int fat_set_cl_next(struct fat_descriptor *fat, cl_t cl, cl_t nextcl)
505 {
506
507 if (rdonly) {
508 pwarn(" (NO WRITE)\n");
509 return FSFATAL;
510 }
511
512 if (!valid_cl(fat, cl)) {
513 pfatal("Invalid cluster: %ud", cl);
514 return FSFATAL;
515 }
516
517 return (fat->set(fat, cl, nextcl));
518 }
519
520 static inline struct bootblock*
boot_of_(struct fat_descriptor * fat)521 boot_of_(struct fat_descriptor *fat) {
522
523 return (fat->boot);
524 }
525
526 struct bootblock*
fat_get_boot(struct fat_descriptor * fat)527 fat_get_boot(struct fat_descriptor *fat) {
528
529 return (boot_of_(fat));
530 }
531
532 static inline int
fd_of_(struct fat_descriptor * fat)533 fd_of_(struct fat_descriptor *fat)
534 {
535 return (fat->fd);
536 }
537
538 int
fat_get_fd(struct fat_descriptor * fat)539 fat_get_fd(struct fat_descriptor * fat)
540 {
541 return (fd_of_(fat));
542 }
543
544 /*
545 * Whether a cl is in valid data range.
546 */
547 bool
fat_is_valid_cl(struct fat_descriptor * fat,cl_t cl)548 fat_is_valid_cl(struct fat_descriptor *fat, cl_t cl)
549 {
550
551 return (valid_cl(fat, cl));
552 }
553
554 static inline bool
valid_cl(struct fat_descriptor * fat,cl_t cl)555 valid_cl(struct fat_descriptor *fat, cl_t cl)
556 {
557 const struct bootblock *boot = boot_of_(fat);
558
559 return (cl >= CLUST_FIRST && cl < boot->NumClusters);
560 }
561
562 /*
563 * The first 2 FAT entries contain pseudo-cluster numbers with the following
564 * layout:
565 *
566 * 31...... ........ ........ .......0
567 * rrrr1111 11111111 11111111 mmmmmmmm FAT32 entry 0
568 * rrrrsh11 11111111 11111111 11111xxx FAT32 entry 1
569 *
570 * 11111111 mmmmmmmm FAT16 entry 0
571 * sh111111 11111xxx FAT16 entry 1
572 *
573 * r = reserved
574 * m = BPB media ID byte
575 * s = clean flag (1 = dismounted; 0 = still mounted)
576 * h = hard error flag (1 = ok; 0 = I/O error)
577 * x = any value ok
578 */
579 int
checkdirty(int fs,struct bootblock * boot)580 checkdirty(int fs, struct bootblock *boot)
581 {
582 off_t off;
583 u_char *buffer;
584 int ret = 0;
585 size_t len;
586
587 if (boot->ClustMask != CLUST16_MASK && boot->ClustMask != CLUST32_MASK)
588 return 0;
589
590 off = boot->bpbResSectors;
591 off *= boot->bpbBytesPerSec;
592
593 buffer = malloc(len = boot->bpbBytesPerSec);
594 if (buffer == NULL) {
595 perr("No space for FAT sectors (%zu)", len);
596 return 1;
597 }
598
599 if (lseek(fs, off, SEEK_SET) != off) {
600 perr("Unable to read FAT");
601 goto err;
602 }
603
604 if ((size_t)read(fs, buffer, boot->bpbBytesPerSec) !=
605 boot->bpbBytesPerSec) {
606 perr("Unable to read FAT");
607 goto err;
608 }
609
610 /*
611 * If we don't understand the FAT, then the file system must be
612 * assumed to be unclean.
613 */
614 if (buffer[0] != boot->bpbMedia || buffer[1] != 0xff)
615 goto err;
616 if (boot->ClustMask == CLUST16_MASK) {
617 if ((buffer[2] & 0xf8) != 0xf8 || (buffer[3] & 0x3f) != 0x3f)
618 goto err;
619 } else {
620 if (buffer[2] != 0xff || (buffer[3] & 0x0f) != 0x0f
621 || (buffer[4] & 0xf8) != 0xf8 || buffer[5] != 0xff
622 || buffer[6] != 0xff || (buffer[7] & 0x03) != 0x03)
623 goto err;
624 }
625
626 /*
627 * Now check the actual clean flag (and the no-error flag).
628 */
629 if (boot->ClustMask == CLUST16_MASK) {
630 if ((buffer[3] & 0xc0) == 0xc0)
631 ret = 1;
632 } else {
633 if ((buffer[7] & 0x0c) == 0x0c)
634 ret = 1;
635 }
636
637 err:
638 free(buffer);
639 return ret;
640 }
641
642 int
cleardirty(struct fat_descriptor * fat)643 cleardirty(struct fat_descriptor *fat)
644 {
645 int fd, ret = FSERROR;
646 struct bootblock *boot;
647 u_char *buffer;
648 size_t len;
649 off_t off;
650
651 boot = boot_of_(fat);
652 fd = fd_of_(fat);
653
654 if (boot->ClustMask != CLUST16_MASK && boot->ClustMask != CLUST32_MASK)
655 return 0;
656
657 off = boot->bpbResSectors;
658 off *= boot->bpbBytesPerSec;
659
660 buffer = malloc(len = boot->bpbBytesPerSec);
661 if (buffer == NULL) {
662 perr("No memory for FAT sectors (%zu)", len);
663 return 1;
664 }
665
666 if ((size_t)pread(fd, buffer, len, off) != len) {
667 perr("Unable to read FAT");
668 goto err;
669 }
670
671 if (boot->ClustMask == CLUST16_MASK) {
672 buffer[3] |= 0x80;
673 } else {
674 buffer[7] |= 0x08;
675 }
676
677 if ((size_t)pwrite(fd, buffer, len, off) != len) {
678 perr("Unable to write FAT");
679 goto err;
680 }
681
682 ret = FSOK;
683
684 err:
685 free(buffer);
686 return ret;
687 }
688
689 /*
690 * Read a FAT from disk. Returns 1 if successful, 0 otherwise.
691 */
692 static int
_readfat(struct fat_descriptor * fat)693 _readfat(struct fat_descriptor *fat)
694 {
695 int fd;
696 size_t i;
697 off_t off;
698 size_t readsize;
699 struct bootblock *boot;
700 struct fat32_cache_entry *entry;
701
702 boot = boot_of_(fat);
703 fd = fd_of_(fat);
704 fat->fatsize = boot->FATsecs * boot->bpbBytesPerSec;
705
706 off = boot->bpbResSectors;
707 off *= boot->bpbBytesPerSec;
708
709 fat->is_mmapped = false;
710 fat->use_cache = false;
711
712 /* Attempt to mmap() first */
713 if (allow_mmap) {
714 fat->fatbuf = mmap(NULL, fat->fatsize,
715 PROT_READ | (rdonly ? 0 : PROT_WRITE),
716 MAP_SHARED, fd_of_(fat), off);
717 if (fat->fatbuf != MAP_FAILED) {
718 fat->is_mmapped = true;
719 return 1;
720 }
721 }
722
723 /*
724 * Unfortunately, we were unable to mmap().
725 *
726 * Only use the cache manager when it's necessary, that is,
727 * when the FAT is sufficiently large; in that case, only
728 * read in the first 4 MiB of FAT into memory, and split the
729 * buffer into chunks and insert to the LRU queue to populate
730 * the cache with data.
731 */
732 if (boot->ClustMask == CLUST32_MASK &&
733 fat->fatsize >= fat32_cache_size) {
734 readsize = fat32_cache_size;
735 fat->use_cache = true;
736
737 fat->fat32_offset = boot->bpbResSectors * boot->bpbBytesPerSec;
738 fat->fat32_lastaddr = fat->fatsize & ~(fat32_cache_chunk_size);
739 } else {
740 readsize = fat->fatsize;
741 }
742 fat->fatbuf = malloc(readsize);
743 if (fat->fatbuf == NULL) {
744 perr("No space for FAT (%zu)", readsize);
745 return 0;
746 }
747
748 if (lseek(fd, off, SEEK_SET) != off) {
749 perr("Unable to read FAT");
750 goto err;
751 }
752 if ((size_t)read(fd, fat->fatbuf, readsize) != readsize) {
753 perr("Unable to read FAT");
754 goto err;
755 }
756
757 /*
758 * When cache is used, split the buffer into chunks, and
759 * connect the buffer into the cache.
760 */
761 if (fat->use_cache) {
762 TAILQ_INIT(&fat->fat32_cache_head);
763 entry = calloc(fat32_cache_entries, sizeof(*entry));
764 if (entry == NULL) {
765 perr("No space for FAT cache (%zu of %zu)",
766 fat32_cache_entries, sizeof(entry));
767 goto err;
768 }
769 for (i = 0; i < fat32_cache_entries; i++) {
770 entry[i].addr = fat32_cache_chunk_size * i;
771 entry[i].chunk = &fat->fatbuf[entry[i].addr];
772 TAILQ_INSERT_TAIL(&fat->fat32_cache_head,
773 &entry[i], entries);
774 }
775 fat->fat32_cache_allentries = entry;
776 }
777
778 return 1;
779
780 err:
781 free(fat->fatbuf);
782 fat->fatbuf = NULL;
783 return 0;
784 }
785
786 static void
releasefat(struct fat_descriptor * fat)787 releasefat(struct fat_descriptor *fat)
788 {
789 if (fat->is_mmapped) {
790 munmap(fat->fatbuf, fat->fatsize);
791 } else {
792 if (fat->use_cache) {
793 free(fat->fat32_cache_allentries);
794 fat->fat32_cache_allentries = NULL;
795 }
796 free(fat->fatbuf);
797 }
798 fat->fatbuf = NULL;
799 bitmap_dtor(&fat->headbitmap);
800 }
801
802 /*
803 * Read or map a FAT and populate head bitmap
804 */
805 int
readfat(int fs,struct bootblock * boot,struct fat_descriptor ** fp)806 readfat(int fs, struct bootblock *boot, struct fat_descriptor **fp)
807 {
808 struct fat_descriptor *fat;
809 u_char *buffer, *p;
810 cl_t cl, nextcl;
811 int ret = FSOK;
812
813 boot->NumFree = boot->NumBad = 0;
814
815 fat = calloc(1, sizeof(struct fat_descriptor));
816 if (fat == NULL) {
817 perr("No space for FAT descriptor");
818 return FSFATAL;
819 }
820
821 fat->fd = fs;
822 fat->boot = boot;
823
824 if (!_readfat(fat)) {
825 free(fat);
826 return FSFATAL;
827 }
828 buffer = fat->fatbuf;
829
830 /* Populate accessors */
831 switch(boot->ClustMask) {
832 case CLUST12_MASK:
833 fat->get = fat_get_fat12_next;
834 fat->set = fat_set_fat12_next;
835 break;
836 case CLUST16_MASK:
837 fat->get = fat_get_fat16_next;
838 fat->set = fat_set_fat16_next;
839 break;
840 case CLUST32_MASK:
841 if (fat->is_mmapped || !fat->use_cache) {
842 fat->get = fat_get_fat32_next;
843 fat->set = fat_set_fat32_next;
844 } else {
845 fat->get = fat_get_fat32_cached_next;
846 fat->set = fat_set_fat32_cached_next;
847 }
848 break;
849 default:
850 pfatal("Invalid ClustMask: %d", boot->ClustMask);
851 releasefat(fat);
852 free(fat);
853 return FSFATAL;
854 }
855
856 if (bitmap_ctor(&fat->headbitmap, boot->NumClusters,
857 true) != FSOK) {
858 perr("No space for head bitmap for FAT clusters (%zu)",
859 (size_t)boot->NumClusters);
860 releasefat(fat);
861 free(fat);
862 return FSFATAL;
863 }
864
865 if (buffer[0] != boot->bpbMedia
866 || buffer[1] != 0xff || buffer[2] != 0xff
867 || (boot->ClustMask == CLUST16_MASK && buffer[3] != 0xff)
868 || (boot->ClustMask == CLUST32_MASK
869 && ((buffer[3]&0x0f) != 0x0f
870 || buffer[4] != 0xff || buffer[5] != 0xff
871 || buffer[6] != 0xff || (buffer[7]&0x0f) != 0x0f))) {
872
873 /* Windows 95 OSR2 (and possibly any later) changes
874 * the FAT signature to 0xXXffff7f for FAT16 and to
875 * 0xXXffff0fffffff07 for FAT32 upon boot, to know that the
876 * file system is dirty if it doesn't reboot cleanly.
877 * Check this special condition before errorring out.
878 */
879 if (buffer[0] == boot->bpbMedia && buffer[1] == 0xff
880 && buffer[2] == 0xff
881 && ((boot->ClustMask == CLUST16_MASK && buffer[3] == 0x7f)
882 || (boot->ClustMask == CLUST32_MASK
883 && buffer[3] == 0x0f && buffer[4] == 0xff
884 && buffer[5] == 0xff && buffer[6] == 0xff
885 && buffer[7] == 0x07)))
886 ret |= FSDIRTY;
887 else {
888 /* just some odd byte sequence in FAT */
889
890 switch (boot->ClustMask) {
891 case CLUST32_MASK:
892 pwarn("%s (%02x%02x%02x%02x%02x%02x%02x%02x)\n",
893 "FAT starts with odd byte sequence",
894 buffer[0], buffer[1], buffer[2], buffer[3],
895 buffer[4], buffer[5], buffer[6], buffer[7]);
896 break;
897 case CLUST16_MASK:
898 pwarn("%s (%02x%02x%02x%02x)\n",
899 "FAT starts with odd byte sequence",
900 buffer[0], buffer[1], buffer[2], buffer[3]);
901 break;
902 default:
903 pwarn("%s (%02x%02x%02x)\n",
904 "FAT starts with odd byte sequence",
905 buffer[0], buffer[1], buffer[2]);
906 break;
907 }
908
909 if (ask(1, "Correct")) {
910 ret |= FSFATMOD;
911 p = buffer;
912
913 *p++ = (u_char)boot->bpbMedia;
914 *p++ = 0xff;
915 *p++ = 0xff;
916 switch (boot->ClustMask) {
917 case CLUST16_MASK:
918 *p++ = 0xff;
919 break;
920 case CLUST32_MASK:
921 *p++ = 0x0f;
922 *p++ = 0xff;
923 *p++ = 0xff;
924 *p++ = 0xff;
925 *p++ = 0x0f;
926 break;
927 default:
928 break;
929 }
930 /*
931 * In cache mode the header lives in
932 * fat32_cache_allentries[0]. Mark it
933 * dirty so it is flushed to disk (either
934 * on eviction or in writefat()) before
935 * copyfat() copies the primary FAT to
936 * backup copies.
937 */
938 if (fat->use_cache)
939 fat->fat32_cache_allentries[0].dirty =
940 true;
941 }
942 }
943 }
944
945 /*
946 * Traverse the FAT table and populate head map. Initially, we
947 * consider all clusters as possible head cluster (beginning of
948 * a file or directory), and traverse the whole allocation table
949 * by marking every non-head nodes as such (detailed below) and
950 * fix obvious issues while we walk.
951 *
952 * For each "next" cluster, the possible values are:
953 *
954 * a) CLUST_FREE or CLUST_BAD. The *current* cluster can't be a
955 * head node.
956 * b) An out-of-range value. The only fix would be to truncate at
957 * the cluster.
958 * c) A valid cluster. It means that cluster (nextcl) is not a
959 * head cluster. Note that during the scan, every cluster is
960 * expected to be seen for at most once, and when we saw them
961 * twice, it means a cross-linked chain which should be
962 * truncated at the current cluster.
963 *
964 * After scan, the remaining set bits indicates all possible
965 * head nodes, because they were never claimed by any other
966 * node as the next node, but we do not know if these chains
967 * would end with a valid EOF marker. We will check that in
968 * checkchain() at a later time when checking directories,
969 * where these head nodes would be marked as non-head.
970 *
971 * In the final pass, all head nodes should be cleared, and if
972 * there is still head nodes, these would be leaders of lost
973 * chain.
974 */
975 for (cl = CLUST_FIRST; cl < boot->NumClusters; cl++) {
976 nextcl = fat_get_cl_next(fat, cl);
977
978 /* Check if the next cluster number is valid */
979 if (nextcl == CLUST_FREE) {
980 /* Save a hint for next free cluster */
981 if (boot->FSNext == 0) {
982 boot->FSNext = cl;
983 }
984 if (fat_is_cl_head(fat, cl)) {
985 fat_clear_cl_head(fat, cl);
986 }
987 boot->NumFree++;
988 } else if (nextcl == CLUST_BAD) {
989 if (fat_is_cl_head(fat, cl)) {
990 fat_clear_cl_head(fat, cl);
991 }
992 boot->NumBad++;
993 } else if (!valid_cl(fat, nextcl) && nextcl < CLUST_RSRVD) {
994 pwarn("Cluster %u continues with out of range "
995 "cluster number %u\n",
996 cl,
997 nextcl & boot->ClustMask);
998 if (ask(0, "Truncate")) {
999 ret |= fat_set_cl_next(fat, cl, CLUST_EOF);
1000 ret |= FSFATMOD;
1001 }
1002 } else if (valid_cl(fat, nextcl)) {
1003 if (fat_is_cl_head(fat, nextcl)) {
1004 fat_clear_cl_head(fat, nextcl);
1005 } else {
1006 pwarn("Cluster %u crossed another chain at %u\n",
1007 cl, nextcl);
1008 if (ask(0, "Truncate")) {
1009 ret |= fat_set_cl_next(fat, cl, CLUST_EOF);
1010 ret |= FSFATMOD;
1011 }
1012 }
1013 }
1014
1015 }
1016
1017 if (ret & FSFATAL) {
1018 releasefat(fat);
1019 free(fat);
1020 *fp = NULL;
1021 } else
1022 *fp = fat;
1023 return ret;
1024 }
1025
1026 /*
1027 * Get type of reserved cluster
1028 */
1029 const char *
rsrvdcltype(cl_t cl)1030 rsrvdcltype(cl_t cl)
1031 {
1032 if (cl == CLUST_FREE)
1033 return "free";
1034 if (cl < CLUST_BAD)
1035 return "reserved";
1036 if (cl > CLUST_BAD)
1037 return "as EOF";
1038 return "bad";
1039 }
1040
1041 /*
1042 * Examine a cluster chain for errors and count its size.
1043 */
1044 int
checkchain(struct fat_descriptor * fat,cl_t head,size_t * chainsize)1045 checkchain(struct fat_descriptor *fat, cl_t head, size_t *chainsize)
1046 {
1047 cl_t prev_cl, current_cl, next_cl;
1048 const char *op;
1049
1050 /*
1051 * We expect that the caller to give us a real, unvisited 'head'
1052 * cluster, and it must be a valid cluster. While scanning the
1053 * FAT table, we already excluded all clusters that was claimed
1054 * as a "next" cluster. Assert all the three conditions.
1055 */
1056 assert(valid_cl(fat, head));
1057 assert(fat_is_cl_head(fat, head));
1058
1059 /*
1060 * Immediately mark the 'head' cluster that we are about to visit.
1061 */
1062 fat_clear_cl_head(fat, head);
1063
1064 /*
1065 * The allocation of a non-zero sized file or directory is
1066 * represented as a singly linked list, and the tail node
1067 * would be the EOF marker (>=CLUST_EOFS).
1068 *
1069 * With a valid head node at hand, we expect all subsequent
1070 * cluster to be either a not yet seen and valid cluster (we
1071 * would continue counting), or the EOF marker (we conclude
1072 * the scan of this chain).
1073 *
1074 * For all other cases, the chain is invalid, and the only
1075 * viable fix would be to truncate at the current node (mark
1076 * it as EOF) when the next node violates that.
1077 */
1078 *chainsize = 0;
1079 prev_cl = current_cl = head;
1080 for (next_cl = fat_get_cl_next(fat, current_cl);
1081 valid_cl(fat, next_cl);
1082 prev_cl = current_cl, current_cl = next_cl, next_cl = fat_get_cl_next(fat, current_cl))
1083 (*chainsize)++;
1084
1085 /* A natural end */
1086 if (next_cl >= CLUST_EOFS) {
1087 (*chainsize)++;
1088 return FSOK;
1089 }
1090
1091 /*
1092 * The chain ended with an out-of-range cluster number.
1093 *
1094 * If the current node is e.g. CLUST_FREE, CLUST_BAD, etc.,
1095 * it should not be present in a chain and we has to truncate
1096 * at the previous node.
1097 *
1098 * If the current cluster points to an invalid cluster, the
1099 * current cluster might have useful data and we truncate at
1100 * the current cluster instead.
1101 */
1102 if (next_cl == CLUST_FREE || next_cl >= CLUST_RSRVD) {
1103 pwarn("Cluster chain starting at %u ends with cluster marked %s\n",
1104 head, rsrvdcltype(next_cl));
1105 current_cl = prev_cl;
1106 } else {
1107 pwarn("Cluster chain starting at %u ends with cluster out of range (%u)\n",
1108 head,
1109 next_cl & boot_of_(fat)->ClustMask);
1110 (*chainsize)++;
1111 }
1112
1113 if (*chainsize > 0) {
1114 op = "Truncate";
1115 next_cl = CLUST_EOF;
1116 } else {
1117 op = "Clear";
1118 next_cl = CLUST_FREE;
1119 }
1120 if (ask(0, "%s", op)) {
1121 return (fat_set_cl_next(fat, current_cl, next_cl) | FSFATMOD);
1122 } else {
1123 return (FSERROR);
1124 }
1125 }
1126
1127 /*
1128 * Clear cluster chain from head.
1129 */
1130 void
clearchain(struct fat_descriptor * fat,cl_t head)1131 clearchain(struct fat_descriptor *fat, cl_t head)
1132 {
1133 cl_t current_cl, next_cl;
1134 struct bootblock *boot = boot_of_(fat);
1135
1136 current_cl = head;
1137
1138 while (valid_cl(fat, current_cl)) {
1139 next_cl = fat_get_cl_next(fat, current_cl);
1140 (void)fat_set_cl_next(fat, current_cl, CLUST_FREE);
1141 boot->NumFree++;
1142 current_cl = next_cl;
1143 }
1144
1145 }
1146
1147 /*
1148 * Overwrite the n-th FAT with FAT0
1149 */
1150 static int
copyfat(struct fat_descriptor * fat,int n)1151 copyfat(struct fat_descriptor *fat, int n)
1152 {
1153 size_t rwsize, tailsize, blobs, i;
1154 off_t dst_off, src_off;
1155 struct bootblock *boot;
1156 int ret, fd;
1157
1158 ret = FSOK;
1159 fd = fd_of_(fat);
1160 boot = boot_of_(fat);
1161
1162 blobs = howmany(fat->fatsize, fat32_cache_size);
1163 tailsize = fat->fatsize % fat32_cache_size;
1164 if (tailsize == 0) {
1165 tailsize = fat32_cache_size;
1166 }
1167 rwsize = fat32_cache_size;
1168
1169 src_off = fat->fat32_offset;
1170 dst_off = boot->bpbResSectors + n * boot->FATsecs;
1171 dst_off *= boot->bpbBytesPerSec;
1172
1173 for (i = 0; i < blobs;
1174 i++, src_off += fat32_cache_size, dst_off += fat32_cache_size) {
1175 if (i == blobs - 1) {
1176 rwsize = tailsize;
1177 }
1178 if ((lseek(fd, src_off, SEEK_SET) != src_off ||
1179 (size_t)read(fd, fat->fatbuf, rwsize) != rwsize) &&
1180 ret == FSOK) {
1181 perr("Unable to read FAT0");
1182 ret = FSFATAL;
1183 continue;
1184 }
1185 if ((lseek(fd, dst_off, SEEK_SET) != dst_off ||
1186 (size_t)write(fd, fat->fatbuf, rwsize) != rwsize) &&
1187 ret == FSOK) {
1188 perr("Unable to write FAT %d", n);
1189 ret = FSERROR;
1190 }
1191 }
1192 return (ret);
1193 }
1194
1195 /*
1196 * Write out FAT
1197 */
1198 int
writefat(struct fat_descriptor * fat)1199 writefat(struct fat_descriptor *fat)
1200 {
1201 u_int i;
1202 size_t writesz;
1203 off_t dst_base;
1204 int ret = FSOK, fd;
1205 struct bootblock *boot;
1206 struct fat32_cache_entry *entry;
1207
1208 boot = boot_of_(fat);
1209 fd = fd_of_(fat);
1210
1211 if (fat->use_cache) {
1212 /*
1213 * Attempt to flush all in-flight cache, and bail out
1214 * if we encountered an error (but only emit error
1215 * message once). Stop proceeding with copyfat()
1216 * if any flush failed.
1217 */
1218 TAILQ_FOREACH(entry, &fat->fat32_cache_head, entries) {
1219 if (fat_flush_fat32_cache_entry(fat, entry) != FSOK) {
1220 if (ret == FSOK) {
1221 perr("Unable to write FAT");
1222 ret = FSFATAL;
1223 }
1224 }
1225 }
1226 if (ret != FSOK)
1227 return (ret);
1228
1229 /* Update backup copies of FAT, error is not fatal */
1230 for (i = 1; i < boot->bpbFATs; i++) {
1231 if (copyfat(fat, i) != FSOK)
1232 ret = FSERROR;
1233 }
1234 } else {
1235 writesz = fat->fatsize;
1236
1237 for (i = fat->is_mmapped ? 1 : 0; i < boot->bpbFATs; i++) {
1238 dst_base = boot->bpbResSectors + i * boot->FATsecs;
1239 dst_base *= boot->bpbBytesPerSec;
1240 if ((lseek(fd, dst_base, SEEK_SET) != dst_base ||
1241 (size_t)write(fd, fat->fatbuf, writesz) != writesz) &&
1242 ret == FSOK) {
1243 perr("Unable to write FAT %d", i);
1244 ret = ((i == 0) ? FSFATAL : FSERROR);
1245 }
1246 }
1247 }
1248
1249 return ret;
1250 }
1251
1252 /*
1253 * Check a complete in-memory FAT for lost cluster chains
1254 */
1255 int
checklost(struct fat_descriptor * fat)1256 checklost(struct fat_descriptor *fat)
1257 {
1258 cl_t head;
1259 int mod = FSOK;
1260 int dosfs, ret;
1261 size_t chains, chainlength;
1262 struct bootblock *boot;
1263
1264 dosfs = fd_of_(fat);
1265 boot = boot_of_(fat);
1266
1267 /*
1268 * At this point, we have already traversed all directories.
1269 * All remaining chain heads in the bitmap are heads of lost
1270 * chains.
1271 */
1272 chains = fat_get_head_count(fat);
1273 for (head = CLUST_FIRST;
1274 chains > 0 && head < boot->NumClusters;
1275 ) {
1276 /*
1277 * We expect the bitmap to be very sparse, so skip if
1278 * the range is full of 0's
1279 */
1280 if (head % LONG_BIT == 0 &&
1281 !fat_is_cl_head_in_range(fat, head)) {
1282 head += LONG_BIT;
1283 continue;
1284 }
1285 if (fat_is_cl_head(fat, head)) {
1286 ret = checkchain(fat, head, &chainlength);
1287 if (ret != FSERROR && chainlength > 0) {
1288 pwarn("Lost cluster chain at cluster %u\n"
1289 "%zd Cluster(s) lost\n",
1290 head, chainlength);
1291 mod |= ret = reconnect(fat, head,
1292 chainlength);
1293 }
1294 if (mod & FSFATAL)
1295 break;
1296 if (ret == FSERROR && ask(0, "Clear")) {
1297 clearchain(fat, head);
1298 mod |= FSFATMOD;
1299 }
1300 chains--;
1301 }
1302 head++;
1303 }
1304
1305 finishlf();
1306
1307 if (boot->bpbFSInfo) {
1308 ret = 0;
1309 if (boot->FSFree != 0xffffffffU &&
1310 boot->FSFree != boot->NumFree) {
1311 pwarn("Free space in FSInfo block (%u) not correct (%u)\n",
1312 boot->FSFree, boot->NumFree);
1313 if (ask(1, "Fix")) {
1314 boot->FSFree = boot->NumFree;
1315 ret = 1;
1316 }
1317 }
1318 if (boot->FSNext != 0xffffffffU &&
1319 (boot->FSNext >= boot->NumClusters ||
1320 (boot->NumFree && fat_get_cl_next(fat, boot->FSNext) != CLUST_FREE))) {
1321 pwarn("Next free cluster in FSInfo block (%u) %s\n",
1322 boot->FSNext,
1323 (boot->FSNext >= boot->NumClusters) ? "invalid" : "not free");
1324 if (ask(1, "Fix"))
1325 for (head = CLUST_FIRST; head < boot->NumClusters; head++)
1326 if (fat_get_cl_next(fat, head) == CLUST_FREE) {
1327 boot->FSNext = head;
1328 ret = 1;
1329 break;
1330 }
1331 }
1332 if (ret)
1333 mod |= writefsinfo(dosfs, boot);
1334 }
1335
1336 return mod;
1337 }
1338