1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1980, 1986, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <sys/param.h>
33 #include <sys/disk.h>
34 #include <sys/stat.h>
35 #define FSTYPENAMES
36 #include <sys/disklabel.h>
37 #include <sys/file.h>
38 #include <sys/sysctl.h>
39
40 #include <ufs/ufs/dinode.h>
41 #include <ufs/ffs/fs.h>
42
43 #include <ctype.h>
44 #include <err.h>
45 #include <errno.h>
46 #include <limits.h>
47 #include <stdint.h>
48 #include <string.h>
49
50 #include "fsck.h"
51
52 struct inohash *inphash; /* hash list of directory inode info */
53 struct inoinfo **inpsort; /* disk order list of directory inodes */
54 struct inode snaplist[FSMAXSNAP + 1]; /* list of active snapshots */
55 int snapcnt; /* number of active snapshots */
56 char *copybuf; /* buffer to copy snapshot blocks */
57
58 static int sbhashfailed;
59 #define POWEROF2(num) (((num) & ((num) - 1)) == 0)
60
61 static void saverecovery(int readfd, int writefd);
62 static int chkrecovery(int devfd);
63 static int getlbnblkno(struct inodesc *);
64 static int checksnapinfo(struct inode *);
65
66 /*
67 * Read in a superblock finding an alternate if necessary.
68 * Return 1 if successful, 0 if unsuccessful, -1 if file system
69 * is already clean (ckclean and preen mode only).
70 */
71 int
setup(char * dev)72 setup(char *dev)
73 {
74 long i, bmapsize;
75 struct inode ip;
76
77 /*
78 * We are expected to have an open file descriptor and a superblock.
79 */
80 if (fsreadfd < 0 || havesb == 0) {
81 if (debug) {
82 if (fsreadfd < 0)
83 printf("setup: missing fsreadfd\n");
84 else
85 printf("setup: missing superblock\n");
86 }
87 return (0);
88 }
89 if (preen == 0)
90 printf("** %s", dev);
91 if (bkgrdflag == 0 &&
92 (nflag || (fswritefd = open(dev, O_WRONLY)) < 0)) {
93 fswritefd = -1;
94 if (preen)
95 pfatal("NO WRITE ACCESS");
96 printf(" (NO WRITE)");
97 }
98 if (preen == 0)
99 printf("\n");
100 if (sbhashfailed != 0) {
101 pwarn("SUPERBLOCK CHECK HASH FAILED");
102 if (fswritefd == -1)
103 pwarn("OPENED READONLY SO CANNOT CORRECT CHECK HASH\n");
104 else if (preen || reply("CORRECT CHECK HASH") != 0) {
105 if (preen)
106 printf(" (CORRECTED)\n");
107 sblock.fs_clean = 0;
108 sbdirty();
109 }
110 }
111 if (skipclean && ckclean && sblock.fs_clean) {
112 pwarn("FILE SYSTEM CLEAN; SKIPPING CHECKS\n");
113 return (-1);
114 }
115 maxfsblock = sblock.fs_size;
116 maxino = sblock.fs_ncg * sblock.fs_ipg;
117 /*
118 * Check and potentially fix certain fields in the super block.
119 */
120 if (sblock.fs_optim != FS_OPTTIME && sblock.fs_optim != FS_OPTSPACE) {
121 pfatal("UNDEFINED OPTIMIZATION IN SUPERBLOCK");
122 if (reply("SET TO DEFAULT") == 1) {
123 sblock.fs_optim = FS_OPTTIME;
124 sbdirty();
125 }
126 }
127 if ((sblock.fs_minfree < 0 || sblock.fs_minfree > 99)) {
128 pfatal("IMPOSSIBLE MINFREE=%d IN SUPERBLOCK",
129 sblock.fs_minfree);
130 if (reply("SET TO DEFAULT") == 1) {
131 sblock.fs_minfree = 10;
132 sbdirty();
133 }
134 }
135 if (sblock.fs_magic == FS_UFS1_MAGIC &&
136 sblock.fs_old_inodefmt < FS_44INODEFMT) {
137 pwarn("Format of file system is too old.\n");
138 pwarn("Must update to modern format using a version of fsck\n");
139 pfatal("from before 2002 with the command ``fsck -c 2''\n");
140 exit(EEXIT);
141 }
142 if (preen == 0 && yflag == 0 && sblock.fs_magic == FS_UFS2_MAGIC &&
143 fswritefd != -1 && chkrecovery(fsreadfd) == 0 &&
144 reply("SAVE DATA TO FIND ALTERNATE SUPERBLOCKS") != 0)
145 saverecovery(fsreadfd, fswritefd);
146 /*
147 * allocate and initialize the necessary maps
148 */
149 bufinit();
150 bmapsize = roundup(howmany(maxfsblock, CHAR_BIT), sizeof(short));
151 blockmap = Calloc((unsigned)bmapsize, sizeof (char));
152 if (blockmap == NULL) {
153 printf("cannot alloc %u bytes for blockmap\n",
154 (unsigned)bmapsize);
155 goto badsb;
156 }
157 inostathead = Calloc(sblock.fs_ncg, sizeof(struct inostatlist));
158 if (inostathead == NULL) {
159 printf("cannot alloc %u bytes for inostathead\n",
160 (unsigned)(sizeof(struct inostatlist) * (sblock.fs_ncg)));
161 goto badsb;
162 }
163 numdirs = sblock.fs_cstotal.cs_ndir;
164 dirhash = MAX(numdirs / 2, 1);
165 inplast = 0;
166 listmax = numdirs + 10;
167 inpsort = (struct inoinfo **)Calloc(listmax, sizeof(struct inoinfo *));
168 inphash = (struct inohash *)Calloc(dirhash, sizeof(struct inohash));
169 if (inpsort == NULL || inphash == NULL) {
170 printf("cannot alloc %ju bytes for inphash\n",
171 (uintmax_t)numdirs * sizeof(struct inoinfo *));
172 goto badsb;
173 }
174 if (sblock.fs_flags & FS_DOSOFTDEP)
175 usedsoftdep = 1;
176 else
177 usedsoftdep = 0;
178 /*
179 * Collect any snapshot inodes so that we can allow them to
180 * claim any blocks that we free. The code for doing this is
181 * imported here and into inode.c from sys/ufs/ffs/ffs_snapshot.c.
182 */
183 for (snapcnt = 0; snapcnt < FSMAXSNAP; snapcnt++) {
184 if (sblock.fs_snapinum[snapcnt] == 0)
185 break;
186 ginode(sblock.fs_snapinum[snapcnt], &ip);
187 if ((DIP(ip.i_dp, di_mode) & IFMT) == IFREG &&
188 (DIP(ip.i_dp, di_flags) & SF_SNAPSHOT) != 0 &&
189 checksnapinfo(&ip)) {
190 if (debug)
191 printf("Load snapshot %jd\n",
192 (intmax_t)sblock.fs_snapinum[snapcnt]);
193 snaplist[snapcnt] = ip;
194 continue;
195 }
196 printf("Removing non-snapshot inode %ju from snapshot list\n",
197 (uintmax_t)sblock.fs_snapinum[snapcnt]);
198 irelse(&ip);
199 for (i = snapcnt + 1; i < FSMAXSNAP; i++) {
200 if (sblock.fs_snapinum[i] == 0)
201 break;
202 sblock.fs_snapinum[i - 1] = sblock.fs_snapinum[i];
203 }
204 sblock.fs_snapinum[i - 1] = 0;
205 snapcnt--;
206 sbdirty();
207 }
208 if (snapcnt > 0 && copybuf == NULL) {
209 copybuf = Balloc(sblock.fs_bsize);
210 if (copybuf == NULL)
211 errx(EEXIT, "cannot allocate space for snapshot "
212 "copy buffer");
213 }
214 return (1);
215
216 badsb:
217 ckfini(0);
218 return (0);
219 }
220
221 /*
222 * Check for valid snapshot information.
223 *
224 * Each snapshot has a list of blocks that have been copied. This list
225 * is consulted before checking the snapshot inode. Its purpose is to
226 * speed checking of commonly checked blocks and to avoid recursive
227 * checks of the snapshot inode. In particular, the list must contain
228 * the superblock, the superblock summary information, and all the
229 * cylinder group blocks. The list may contain other commonly checked
230 * pointers such as those of the blocks that contain the snapshot inodes.
231 * The list is sorted into block order to allow binary search lookup.
232 *
233 * The twelve direct direct block pointers of the snapshot are always
234 * copied, so we test for them first before checking the list itself
235 * (i.e., they are not in the list).
236 *
237 * The checksnapinfo() routine needs to ensure that the list contains at
238 * least the super block, its summary information, and the cylinder groups.
239 * Here we check the list first for the superblock, zero or more cylinder
240 * groups up to the location of the superblock summary information, the
241 * summary group information, and any remaining cylinder group maps that
242 * follow it. We skip over any other entries in the list.
243 */
244 #define CHKBLKINLIST(chkblk) \
245 /* All UFS_NDADDR blocks are copied */ \
246 if ((chkblk) >= UFS_NDADDR) { \
247 /* Skip over blocks that are not of interest */ \
248 while (*blkp < (chkblk) && blkp < lastblkp) \
249 blkp++; \
250 /* Fail if end of list and not all blocks found */ \
251 if (blkp >= lastblkp) { \
252 pwarn("UFS%d snapshot inode %jd failed: " \
253 "improper block list length (%jd)\n", \
254 sblock.fs_magic == FS_UFS1_MAGIC ? 1 : 2, \
255 (intmax_t)snapip->i_number, \
256 (intmax_t)(lastblkp - &snapblklist[0])); \
257 status = 0; \
258 } \
259 /* Fail if block we seek is missing */ \
260 else if (*blkp++ != (chkblk)) { \
261 pwarn("UFS%d snapshot inode %jd failed: " \
262 "block list (%jd) != %s (%jd)\n", \
263 sblock.fs_magic == FS_UFS1_MAGIC ? 1 : 2, \
264 (intmax_t)snapip->i_number, \
265 (intmax_t)blkp[-1], #chkblk, \
266 (intmax_t)chkblk); \
267 status = 0; \
268 } \
269 }
270
271 static int
checksnapinfo(struct inode * snapip)272 checksnapinfo(struct inode *snapip)
273 {
274 struct fs *fs;
275 struct bufarea *bp;
276 struct inodesc idesc;
277 daddr_t *snapblklist, *blkp, *lastblkp, csblkno;
278 int cg, loc, len, status;
279 ufs_lbn_t lbn;
280 size_t size;
281
282 fs = &sblock;
283 memset(&idesc, 0, sizeof(struct inodesc));
284 idesc.id_type = ADDR;
285 idesc.id_func = getlbnblkno;
286 idesc.id_number = snapip->i_number;
287 lbn = howmany(fs->fs_size, fs->fs_frag);
288 idesc.id_parent = lbn; /* sought after blkno */
289 if ((ckinode(snapip->i_dp, &idesc) & FOUND) == 0)
290 return (0);
291 size = fragroundup(fs,
292 DIP(snapip->i_dp, di_size) - lblktosize(fs, lbn));
293 bp = getdatablk(idesc.id_parent, size, BT_DATA);
294 if (bp->b_errs != 0)
295 return (0);
296 snapblklist = (daddr_t *)bp->b_un.b_buf;
297 /*
298 * snapblklist[0] is the size of the list
299 * snapblklist[1] is the first element of the list
300 *
301 * We need to be careful to bound the size of the list and verify
302 * that we have not run off the end of it if it or its size has
303 * been corrupted.
304 */
305 blkp = &snapblklist[1];
306 lastblkp = &snapblklist[MAX(0,
307 MIN(snapblklist[0] + 1, size / sizeof(daddr_t)))];
308 status = 1;
309 /* Check that the superblock is listed. */
310 CHKBLKINLIST(lblkno(fs, fs->fs_sblockloc));
311 if (status == 0)
312 goto out;
313 /*
314 * Calculate where the summary information is located.
315 * Usually it is in the first cylinder group, but growfs
316 * may move it to the first cylinder group that it adds.
317 *
318 * Check all cylinder groups up to the summary information.
319 */
320 csblkno = fragstoblks(fs, fs->fs_csaddr);
321 for (cg = 0; cg < fs->fs_ncg; cg++) {
322 if (fragstoblks(fs, cgtod(fs, cg)) > csblkno)
323 break;
324 CHKBLKINLIST(fragstoblks(fs, cgtod(fs, cg)));
325 if (status == 0)
326 goto out;
327 }
328 /* Check the summary information block(s). */
329 len = howmany(fs->fs_cssize, fs->fs_bsize);
330 for (loc = 0; loc < len; loc++) {
331 CHKBLKINLIST(csblkno + loc);
332 if (status == 0)
333 goto out;
334 }
335 /* Check the remaining cylinder groups. */
336 for (; cg < fs->fs_ncg; cg++) {
337 CHKBLKINLIST(fragstoblks(fs, cgtod(fs, cg)));
338 if (status == 0)
339 goto out;
340 }
341 out:
342 brelse(bp);
343 return (status);
344 }
345
346 /*
347 * Return the block number associated with a specified inode lbn.
348 * Requested lbn is in id_parent. If found, block is returned in
349 * id_parent.
350 */
351 static int
getlbnblkno(struct inodesc * idesc)352 getlbnblkno(struct inodesc *idesc)
353 {
354
355 if (idesc->id_lbn < idesc->id_parent)
356 return (KEEPON);
357 idesc->id_parent = idesc->id_blkno;
358 return (STOP | FOUND);
359 }
360
361 /*
362 * Open a device or file to be checked by fsck.
363 */
364 int
openfilesys(char * dev)365 openfilesys(char *dev)
366 {
367 struct stat statb;
368 int saved_fsreadfd;
369
370 if (stat(dev, &statb) < 0)
371 return (0);
372 if ((statb.st_mode & S_IFMT) != S_IFCHR &&
373 (statb.st_mode & S_IFMT) != S_IFBLK) {
374 if (bkgrdflag != 0 && (statb.st_flags & SF_SNAPSHOT) == 0) {
375 pwarn("BACKGROUND FSCK LACKS A SNAPSHOT\n");
376 return (0);
377 }
378 if (bkgrdflag != 0) {
379 cursnapshot = statb.st_ino;
380 } else {
381 pwarn("%s IS NOT A DISK DEVICE\n", dev);
382 if (preen || reply("CONTINUE") == 0)
383 return (0);
384 }
385 }
386 saved_fsreadfd = fsreadfd;
387 if ((fsreadfd = open(dev, O_RDONLY)) < 0) {
388 fsreadfd = saved_fsreadfd;
389 return (0);
390 }
391 if (saved_fsreadfd != -1)
392 close(saved_fsreadfd);
393 return (1);
394 }
395
396 /*
397 * Read in the super block and its summary info.
398 */
399 int
readsb(void)400 readsb(void)
401 {
402 struct fs *fs;
403
404 sbhashfailed = 0;
405 readcnt[sblk.b_type]++;
406 /*
407 * If bflag is given, then check just that superblock.
408 */
409 if (bflag) {
410 switch (sbget(fsreadfd, &fs, bflag * dev_bsize, 0)) {
411 case 0:
412 goto goodsb;
413 case EINTEGRITY:
414 printf("Check hash failed for superblock at %jd\n",
415 bflag);
416 return (0);
417 case ENOENT:
418 printf("%jd is not a file system superblock\n", bflag);
419 return (0);
420 case EIO:
421 default:
422 printf("I/O error reading %jd\n", bflag);
423 return (0);
424 }
425 }
426 /*
427 * Check for the standard superblock and use it if good.
428 */
429 if (sbget(fsreadfd, &fs, UFS_STDSB, UFS_NOMSG) == 0)
430 goto goodsb;
431 /*
432 * Check if the only problem is a check-hash failure.
433 */
434 skipclean = 0;
435 if (sbget(fsreadfd, &fs, UFS_STDSB, UFS_NOMSG | UFS_NOHASHFAIL) == 0) {
436 sbhashfailed = 1;
437 goto goodsb;
438 }
439 /*
440 * Do an exhaustive search for a usable superblock.
441 */
442 switch (sbsearch(fsreadfd, &fs, 0)) {
443 case 0:
444 goto goodsb;
445 case ENOENT:
446 printf("SEARCH FOR ALTERNATE SUPER-BLOCK FAILED. "
447 "YOU MUST USE THE\n-b OPTION TO FSCK TO SPECIFY "
448 "THE LOCATION OF AN ALTERNATE\nSUPER-BLOCK TO "
449 "SUPPLY NEEDED INFORMATION; SEE fsck_ffs(8).\n");
450 return (0);
451 case EIO:
452 default:
453 printf("I/O error reading a usable superblock\n");
454 return (0);
455 }
456
457 goodsb:
458 memcpy(&sblock, fs, fs->fs_sbsize);
459 free(fs);
460 /*
461 * Compute block size that the file system is based on,
462 * according to fsbtodb, and adjust superblock block number
463 * so we can tell if this is an alternate later.
464 */
465 dev_bsize = sblock.fs_fsize / fsbtodb(&sblock, 1);
466 sblk.b_bno = sblock.fs_sblockactualloc / dev_bsize;
467 sblk.b_size = SBLOCKSIZE;
468 /*
469 * If not yet done, update UFS1 superblock with new wider fields.
470 */
471 if (sblock.fs_magic == FS_UFS1_MAGIC &&
472 sblock.fs_maxbsize != sblock.fs_bsize) {
473 sblock.fs_maxbsize = sblock.fs_bsize;
474 sblock.fs_time = sblock.fs_old_time;
475 sblock.fs_size = sblock.fs_old_size;
476 sblock.fs_dsize = sblock.fs_old_dsize;
477 sblock.fs_csaddr = sblock.fs_old_csaddr;
478 sblock.fs_cstotal.cs_ndir = sblock.fs_old_cstotal.cs_ndir;
479 sblock.fs_cstotal.cs_nbfree = sblock.fs_old_cstotal.cs_nbfree;
480 sblock.fs_cstotal.cs_nifree = sblock.fs_old_cstotal.cs_nifree;
481 sblock.fs_cstotal.cs_nffree = sblock.fs_old_cstotal.cs_nffree;
482 }
483 havesb = 1;
484 return (1);
485 }
486
487 void
sblock_init(void)488 sblock_init(void)
489 {
490
491 fsreadfd = -1;
492 fswritefd = -1;
493 fsmodified = 0;
494 lfdir = 0;
495 initbarea(&sblk, BT_SUPERBLK);
496 sblk.b_un.b_buf = Balloc(SBLOCKSIZE);
497 if (sblk.b_un.b_buf == NULL)
498 errx(EEXIT, "cannot allocate space for superblock");
499 dev_bsize = secsize = DEV_BSIZE;
500 }
501
502 /*
503 * Check to see if recovery information exists.
504 * Return 1 if it exists or cannot be created.
505 * Return 0 if it does not exist and can be created.
506 */
507 static int
chkrecovery(int devfd)508 chkrecovery(int devfd)
509 {
510 struct fsrecovery *fsr;
511 char *fsrbuf;
512 u_int secsize, rdsize;
513
514 /*
515 * Could not determine if backup material exists, so do not
516 * offer to create it.
517 */
518 fsrbuf = NULL;
519 rdsize = sblock.fs_fsize;
520 if (ioctl(devfd, DIOCGSECTORSIZE, &secsize) == -1 ||
521 rdsize % secsize != 0 ||
522 (fsrbuf = Balloc(rdsize)) == NULL ||
523 blread(devfd, fsrbuf, (SBLOCK_UFS2 - rdsize) / dev_bsize,
524 rdsize) != 0) {
525 free(fsrbuf);
526 return (1);
527 }
528 /*
529 * Recovery material has already been created, so do not
530 * need to create it again.
531 */
532 fsr = (struct fsrecovery *)&fsrbuf[rdsize - sizeof *fsr];
533 if (fsr->fsr_magic == FS_UFS2_MAGIC) {
534 free(fsrbuf);
535 return (1);
536 }
537 /*
538 * Recovery material has not been created and can be if desired.
539 */
540 free(fsrbuf);
541 return (0);
542 }
543
544 /*
545 * Read the last filesystem-size piece of the boot block, replace the
546 * last 20 bytes with the recovery information, then write it back.
547 * The recovery information only works for UFS2 filesystems.
548 */
549 static void
saverecovery(int readfd,int writefd)550 saverecovery(int readfd, int writefd)
551 {
552 struct fsrecovery *fsr;
553 char *fsrbuf;
554 u_int secsize, rdsize;
555
556 fsrbuf = NULL;
557 rdsize = sblock.fs_fsize;
558 if (sblock.fs_magic != FS_UFS2_MAGIC ||
559 ioctl(readfd, DIOCGSECTORSIZE, &secsize) == -1 ||
560 rdsize % secsize != 0 ||
561 (fsrbuf = Balloc(rdsize)) == NULL ||
562 blread(readfd, fsrbuf, (SBLOCK_UFS2 - rdsize) / dev_bsize,
563 rdsize) != 0) {
564 printf("RECOVERY DATA COULD NOT BE CREATED\n");
565 free(fsrbuf);
566 return;
567 }
568 fsr = (struct fsrecovery *)&fsrbuf[rdsize - sizeof *fsr];
569 fsr->fsr_magic = sblock.fs_magic;
570 fsr->fsr_fpg = sblock.fs_fpg;
571 fsr->fsr_fsbtodb = sblock.fs_fsbtodb;
572 fsr->fsr_sblkno = sblock.fs_sblkno;
573 fsr->fsr_ncg = sblock.fs_ncg;
574 blwrite(writefd, fsrbuf, (SBLOCK_UFS2 - rdsize) / dev_bsize, rdsize);
575 free(fsrbuf);
576 }
577