1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1982, 1986, 1989, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <sys/param.h>
33 #include <sys/endian.h>
34 #include <sys/limits.h>
35
36 #ifndef _KERNEL
37 #include <stdbool.h>
38 #include <stdio.h>
39 #include <string.h>
40 #include <stdlib.h>
41 #include <time.h>
42 #include <sys/errno.h>
43 #include <ufs/ufs/dinode.h>
44 #include <ufs/ffs/fs.h>
45
46 uint32_t calculate_crc32c(uint32_t, const void *, size_t);
47 uint32_t ffs_calc_sbhash(struct fs *);
48 struct malloc_type;
49 #define UFS_MALLOC(size, type, flags) malloc(size)
50 #define UFS_FREE(ptr, type) free(ptr)
51 #define maxphys MAXPHYS
52
53 #else /* _KERNEL */
54 #include <sys/systm.h>
55 #include <sys/gsb_crc32.h>
56 #include <sys/lock.h>
57 #include <sys/malloc.h>
58 #include <sys/mount.h>
59 #include <sys/vnode.h>
60 #include <sys/bio.h>
61 #include <sys/buf.h>
62 #include <sys/ucred.h>
63 #include <sys/sysctl.h>
64
65 #include <ufs/ufs/quota.h>
66 #include <ufs/ufs/inode.h>
67 #include <ufs/ufs/extattr.h>
68 #include <ufs/ufs/ufsmount.h>
69 #include <ufs/ufs/ufs_extern.h>
70 #include <ufs/ffs/ffs_extern.h>
71 #include <ufs/ffs/fs.h>
72
73 #define UFS_MALLOC(size, type, flags) malloc(size, type, flags)
74 #define UFS_FREE(ptr, type) free(ptr, type)
75
76 #endif /* _KERNEL */
77
78 /*
79 * Verify an inode check-hash.
80 */
81 int
ffs_verify_dinode_ckhash(struct fs * fs,struct ufs2_dinode * dip)82 ffs_verify_dinode_ckhash(struct fs *fs, struct ufs2_dinode *dip)
83 {
84 uint32_t ckhash, save_ckhash;
85
86 /*
87 * Return success if unallocated or we are not doing inode check-hash.
88 */
89 if (dip->di_mode == 0 || (fs->fs_metackhash & CK_INODE) == 0)
90 return (0);
91 /*
92 * Exclude di_ckhash from the crc32 calculation, e.g., always use
93 * a check-hash value of zero when calculating the check-hash.
94 */
95 save_ckhash = dip->di_ckhash;
96 dip->di_ckhash = 0;
97 ckhash = calculate_crc32c(~0L, (void *)dip, sizeof(*dip));
98 dip->di_ckhash = save_ckhash;
99 if (save_ckhash == ckhash)
100 return (0);
101 return (EINVAL);
102 }
103
104 /*
105 * Update an inode check-hash.
106 */
107 void
ffs_update_dinode_ckhash(struct fs * fs,struct ufs2_dinode * dip)108 ffs_update_dinode_ckhash(struct fs *fs, struct ufs2_dinode *dip)
109 {
110
111 if (dip->di_mode == 0 || (fs->fs_metackhash & CK_INODE) == 0)
112 return;
113 /*
114 * Exclude old di_ckhash from the crc32 calculation, e.g., always use
115 * a check-hash value of zero when calculating the new check-hash.
116 */
117 dip->di_ckhash = 0;
118 dip->di_ckhash = calculate_crc32c(~0L, (void *)dip, sizeof(*dip));
119 }
120
121 /*
122 * These are the low-level functions that actually read and write
123 * the superblock and its associated data.
124 */
125 static off_t sblock_try[] = SBLOCKSEARCH;
126 static int readsuper(void *, struct fs **, off_t, int,
127 int (*)(void *, off_t, void **, int));
128 static void ffs_oldfscompat_read(struct fs *, ufs2_daddr_t);
129 static int validate_sblock(struct fs *, int);
130
131 /*
132 * Read a superblock from the devfd device.
133 *
134 * If an alternate superblock is specified, it is read. Otherwise the
135 * set of locations given in the SBLOCKSEARCH list is searched for a
136 * superblock. Memory is allocated for the superblock by the readfunc and
137 * is returned. If filltype is non-NULL, additional memory is allocated
138 * of type filltype and filled in with the superblock summary information.
139 * All memory is freed when any error is returned.
140 *
141 * If a superblock is found, zero is returned. Otherwise one of the
142 * following error values is returned:
143 * EIO: non-existent or truncated superblock.
144 * EIO: error reading summary information.
145 * ENOENT: no usable known superblock found.
146 * EILSEQ: filesystem with wrong byte order found.
147 * ENOMEM: failed to allocate space for the superblock.
148 * EINVAL: The previous newfs operation on this volume did not complete.
149 * The administrator must complete newfs before using this volume.
150 */
151 int
ffs_sbget(void * devfd,struct fs ** fsp,off_t sblock,int flags,struct malloc_type * filltype,int (* readfunc)(void * devfd,off_t loc,void ** bufp,int size))152 ffs_sbget(void *devfd, struct fs **fsp, off_t sblock, int flags,
153 struct malloc_type *filltype,
154 int (*readfunc)(void *devfd, off_t loc, void **bufp, int size))
155 {
156 struct fs *fs;
157 struct fs_summary_info *fs_si;
158 int i, error;
159 uint64_t size, blks;
160 uint8_t *space;
161 int32_t *lp;
162 char *buf;
163
164 fs = NULL;
165 *fsp = NULL;
166 if (sblock != UFS_STDSB) {
167 if ((error = readsuper(devfd, &fs, sblock,
168 flags | UFS_ALTSBLK, readfunc)) != 0) {
169 if (fs != NULL)
170 UFS_FREE(fs, filltype);
171 return (error);
172 }
173 } else {
174 for (i = 0; sblock_try[i] != -1; i++) {
175 if ((error = readsuper(devfd, &fs, sblock_try[i],
176 flags, readfunc)) == 0) {
177 if ((flags & UFS_NOCSUM) != 0) {
178 *fsp = fs;
179 return (0);
180 }
181 break;
182 }
183 if (fs != NULL) {
184 UFS_FREE(fs, filltype);
185 fs = NULL;
186 }
187 if (error == ENOENT)
188 continue;
189 return (error);
190 }
191 if (sblock_try[i] == -1)
192 return (ENOENT);
193 }
194 /*
195 * Read in the superblock summary information.
196 */
197 size = fs->fs_cssize;
198 blks = howmany(size, fs->fs_fsize);
199 if (fs->fs_contigsumsize > 0)
200 size += fs->fs_ncg * sizeof(int32_t);
201 size += fs->fs_ncg * sizeof(uint8_t);
202 if ((fs_si = UFS_MALLOC(sizeof(*fs_si), filltype, M_NOWAIT)) == NULL) {
203 UFS_FREE(fs, filltype);
204 return (ENOMEM);
205 }
206 bzero(fs_si, sizeof(*fs_si));
207 fs->fs_si = fs_si;
208 if ((space = UFS_MALLOC(size, filltype, M_NOWAIT)) == NULL) {
209 UFS_FREE(fs->fs_si, filltype);
210 UFS_FREE(fs, filltype);
211 return (ENOMEM);
212 }
213 fs->fs_csp = (struct csum *)space;
214 for (i = 0; i < blks; i += fs->fs_frag) {
215 size = fs->fs_bsize;
216 if (i + fs->fs_frag > blks)
217 size = (blks - i) * fs->fs_fsize;
218 buf = NULL;
219 error = (*readfunc)(devfd,
220 dbtob(fsbtodb(fs, fs->fs_csaddr + i)), (void **)&buf, size);
221 if (error) {
222 if (buf != NULL)
223 UFS_FREE(buf, filltype);
224 UFS_FREE(fs->fs_csp, filltype);
225 UFS_FREE(fs->fs_si, filltype);
226 UFS_FREE(fs, filltype);
227 return (error);
228 }
229 memcpy(space, buf, size);
230 UFS_FREE(buf, filltype);
231 space += size;
232 }
233 if (fs->fs_contigsumsize > 0) {
234 fs->fs_maxcluster = lp = (int32_t *)space;
235 for (i = 0; i < fs->fs_ncg; i++)
236 *lp++ = fs->fs_contigsumsize;
237 space = (uint8_t *)lp;
238 }
239 size = fs->fs_ncg * sizeof(uint8_t);
240 fs->fs_contigdirs = (uint8_t *)space;
241 bzero(fs->fs_contigdirs, size);
242 *fsp = fs;
243 return (0);
244 }
245
246 /*
247 * Try to read a superblock from the location specified by sblockloc.
248 * Return zero on success or an errno on failure.
249 */
250 static int
readsuper(void * devfd,struct fs ** fsp,off_t sblockloc,int flags,int (* readfunc)(void * devfd,off_t loc,void ** bufp,int size))251 readsuper(void *devfd, struct fs **fsp, off_t sblockloc, int flags,
252 int (*readfunc)(void *devfd, off_t loc, void **bufp, int size))
253 {
254 struct fs *fs;
255 int error, res;
256 uint32_t ckhash;
257
258 error = (*readfunc)(devfd, sblockloc, (void **)fsp, SBLOCKSIZE);
259 if (error != 0)
260 return (error);
261 fs = *fsp;
262 if (fs->fs_magic == FS_BAD_MAGIC)
263 return (EINVAL);
264 /*
265 * For UFS1 with a 65536 block size, the first backup superblock
266 * is at the same location as the UFS2 superblock. Since SBLOCK_UFS2
267 * is the first location checked, the first backup is the superblock
268 * that will be accessed. Here we fail the lookup so that we can
269 * retry with the correct location for the UFS1 superblock.
270 */
271 if (fs->fs_magic == FS_UFS1_MAGIC && (flags & UFS_ALTSBLK) == 0 &&
272 fs->fs_bsize == SBLOCK_UFS2 && sblockloc == SBLOCK_UFS2)
273 return (ENOENT);
274 ffs_oldfscompat_read(fs, sblockloc);
275 if ((error = validate_sblock(fs, flags)) > 0)
276 return (error);
277 /*
278 * If the filesystem has been run on a kernel without
279 * metadata check hashes, disable them.
280 */
281 if ((fs->fs_flags & FS_METACKHASH) == 0)
282 fs->fs_metackhash = 0;
283 /*
284 * Clear any check-hashes that are not maintained
285 * by this kernel. Also clear any unsupported flags.
286 */
287 fs->fs_metackhash &= CK_SUPPORTED;
288 fs->fs_flags &= FS_SUPPORTED;
289 if (fs->fs_ckhash != (ckhash = ffs_calc_sbhash(fs))) {
290 if ((flags & (UFS_NOMSG | UFS_NOHASHFAIL)) ==
291 (UFS_NOMSG | UFS_NOHASHFAIL))
292 return (0);
293 if ((flags & UFS_NOMSG) != 0)
294 return (EINTEGRITY);
295 #ifdef _KERNEL
296 res = uprintf("Superblock check-hash failed: recorded "
297 "check-hash 0x%x != computed check-hash 0x%x%s\n",
298 fs->fs_ckhash, ckhash,
299 (flags & UFS_NOHASHFAIL) != 0 ? " (Ignored)" : "");
300 #else
301 res = 0;
302 #endif
303 /*
304 * Print check-hash failure if no controlling terminal
305 * in kernel or always if in user-mode (libufs).
306 */
307 if (res == 0)
308 printf("Superblock check-hash failed: recorded "
309 "check-hash 0x%x != computed check-hash "
310 "0x%x%s\n", fs->fs_ckhash, ckhash,
311 (flags & UFS_NOHASHFAIL) ? " (Ignored)" : "");
312 if ((flags & UFS_NOHASHFAIL) != 0)
313 return (0);
314 return (EINTEGRITY);
315 }
316 /* Have to set for old filesystems that predate this field */
317 fs->fs_sblockactualloc = sblockloc;
318 /* Not yet any summary information */
319 fs->fs_si = NULL;
320 return (0);
321 }
322
323 /*
324 * Sanity checks for loading old filesystem superblocks.
325 * See ffs_oldfscompat_write below for unwound actions.
326 *
327 * XXX - Parts get retired eventually.
328 * Unfortunately new bits get added.
329 */
330 static void
ffs_oldfscompat_read(struct fs * fs,ufs2_daddr_t sblockloc)331 ffs_oldfscompat_read(struct fs *fs, ufs2_daddr_t sblockloc)
332 {
333 uint64_t maxfilesize;
334
335 /*
336 * If not yet done, update fs_flags location and value of fs_sblockloc.
337 */
338 if ((fs->fs_old_flags & FS_FLAGS_UPDATED) == 0) {
339 fs->fs_flags = fs->fs_old_flags;
340 fs->fs_old_flags |= FS_FLAGS_UPDATED;
341 fs->fs_sblockloc = sblockloc;
342 }
343 switch (fs->fs_magic) {
344 case FS_UFS2_MAGIC:
345 /* No changes for now */
346 break;
347
348 case FS_UFS1_MAGIC:
349 /*
350 * If not yet done, update UFS1 superblock with new wider fields
351 */
352 if (fs->fs_maxbsize != fs->fs_bsize) {
353 fs->fs_maxbsize = fs->fs_bsize;
354 fs->fs_time = fs->fs_old_time;
355 fs->fs_size = fs->fs_old_size;
356 fs->fs_dsize = fs->fs_old_dsize;
357 fs->fs_csaddr = fs->fs_old_csaddr;
358 fs->fs_cstotal.cs_ndir = fs->fs_old_cstotal.cs_ndir;
359 fs->fs_cstotal.cs_nbfree = fs->fs_old_cstotal.cs_nbfree;
360 fs->fs_cstotal.cs_nifree = fs->fs_old_cstotal.cs_nifree;
361 fs->fs_cstotal.cs_nffree = fs->fs_old_cstotal.cs_nffree;
362 }
363 if (fs->fs_old_inodefmt < FS_44INODEFMT) {
364 fs->fs_maxfilesize = ((uint64_t)1 << 31) - 1;
365 fs->fs_qbmask = ~fs->fs_bmask;
366 fs->fs_qfmask = ~fs->fs_fmask;
367 }
368 fs->fs_save_maxfilesize = fs->fs_maxfilesize;
369 maxfilesize = (uint64_t)0x80000000 * fs->fs_bsize - 1;
370 if (fs->fs_maxfilesize > maxfilesize)
371 fs->fs_maxfilesize = maxfilesize;
372 break;
373 }
374 /* Compatibility for old filesystems */
375 if (fs->fs_avgfilesize <= 0)
376 fs->fs_avgfilesize = AVFILESIZ;
377 if (fs->fs_avgfpdir <= 0)
378 fs->fs_avgfpdir = AFPDIR;
379 }
380
381 /*
382 * Unwinding superblock updates for old filesystems.
383 * See ffs_oldfscompat_read above for details.
384 *
385 * XXX - Parts get retired eventually.
386 * Unfortunately new bits get added.
387 */
388 void
ffs_oldfscompat_write(struct fs * fs)389 ffs_oldfscompat_write(struct fs *fs)
390 {
391
392 switch (fs->fs_magic) {
393 case FS_UFS1_MAGIC:
394 if (fs->fs_sblockloc != SBLOCK_UFS1 &&
395 (fs->fs_old_flags & FS_FLAGS_UPDATED) == 0) {
396 printf(
397 "WARNING: %s: correcting fs_sblockloc from %jd to %d\n",
398 fs->fs_fsmnt, fs->fs_sblockloc, SBLOCK_UFS1);
399 fs->fs_sblockloc = SBLOCK_UFS1;
400 }
401 /*
402 * Copy back UFS2 updated fields that UFS1 inspects.
403 */
404 fs->fs_old_time = fs->fs_time;
405 fs->fs_old_cstotal.cs_ndir = fs->fs_cstotal.cs_ndir;
406 fs->fs_old_cstotal.cs_nbfree = fs->fs_cstotal.cs_nbfree;
407 fs->fs_old_cstotal.cs_nifree = fs->fs_cstotal.cs_nifree;
408 fs->fs_old_cstotal.cs_nffree = fs->fs_cstotal.cs_nffree;
409 if (fs->fs_save_maxfilesize != 0)
410 fs->fs_maxfilesize = fs->fs_save_maxfilesize;
411 break;
412 case FS_UFS2_MAGIC:
413 if (fs->fs_sblockloc != SBLOCK_UFS2 &&
414 (fs->fs_old_flags & FS_FLAGS_UPDATED) == 0) {
415 printf(
416 "WARNING: %s: correcting fs_sblockloc from %jd to %d\n",
417 fs->fs_fsmnt, fs->fs_sblockloc, SBLOCK_UFS2);
418 fs->fs_sblockloc = SBLOCK_UFS2;
419 }
420 break;
421 }
422 }
423
424 /*
425 * Sanity checks for loading old filesystem inodes.
426 *
427 * XXX - Parts get retired eventually.
428 * Unfortunately new bits get added.
429 */
430 static int prttimechgs = 0;
431 #ifdef _KERNEL
432 SYSCTL_NODE(_vfs, OID_AUTO, ffs, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
433 "FFS filesystem");
434 SYSCTL_INT(_vfs_ffs, OID_AUTO, prttimechgs, CTLFLAG_RWTUN, &prttimechgs, 0,
435 "print UFS1 time changes made to inodes");
436 #endif /* _KERNEL */
437 bool
ffs_oldfscompat_inode_read(struct fs * fs,union dinodep dp,time_t now)438 ffs_oldfscompat_inode_read(struct fs *fs, union dinodep dp, time_t now)
439 {
440 bool change;
441
442 change = false;
443 switch (fs->fs_magic) {
444 case FS_UFS2_MAGIC:
445 /* No changes for now */
446 break;
447
448 case FS_UFS1_MAGIC:
449 /*
450 * With the change to unsigned time values in UFS1, times set
451 * before Jan 1, 1970 will appear to be in the future. Check
452 * for future times and set them to be the current time.
453 */
454 if (dp.dp1->di_ctime > now) {
455 if (prttimechgs)
456 printf("ctime %ud changed to %ld\n",
457 dp.dp1->di_ctime, (long)now);
458 dp.dp1->di_ctime = now;
459 change = true;
460 }
461 if (dp.dp1->di_mtime > now) {
462 if (prttimechgs)
463 printf("mtime %ud changed to %ld\n",
464 dp.dp1->di_mtime, (long)now);
465 dp.dp1->di_mtime = now;
466 dp.dp1->di_ctime = now;
467 change = true;
468 }
469 if (dp.dp1->di_atime > now) {
470 if (prttimechgs)
471 printf("atime %ud changed to %ld\n",
472 dp.dp1->di_atime, (long)now);
473 dp.dp1->di_atime = now;
474 dp.dp1->di_ctime = now;
475 change = true;
476 }
477 break;
478 }
479 return (change);
480 }
481
482 /*
483 * Verify the filesystem values.
484 */
485 #define ILOG2(num) (fls(num) - 1)
486 #ifdef STANDALONE_SMALL
487 #define MPRINT(...) do { } while (0)
488 #else
489 #define MPRINT(...) if (prtmsg) printf(__VA_ARGS__)
490 #endif
491 #define FCHK(lhs, op, rhs, fmt) \
492 if (lhs op rhs) { \
493 MPRINT("UFS%d superblock failed: %s (" #fmt ") %s %s (" \
494 #fmt ")\n", fs->fs_magic == FS_UFS1_MAGIC ? 1 : 2, \
495 #lhs, (intmax_t)lhs, #op, #rhs, (intmax_t)rhs); \
496 if (error < 0) \
497 return (ENOENT); \
498 if (error == 0) \
499 error = ENOENT; \
500 }
501 #define WCHK(lhs, op, rhs, fmt) \
502 if (lhs op rhs) { \
503 MPRINT("UFS%d superblock failed: %s (" #fmt ") %s %s (" \
504 #fmt ")%s\n", fs->fs_magic == FS_UFS1_MAGIC ? 1 : 2,\
505 #lhs, (intmax_t)lhs, #op, #rhs, (intmax_t)rhs, wmsg);\
506 if (error == 0) \
507 error = warnerr; \
508 if (warnerr == 0) \
509 lhs = rhs; \
510 }
511 #define FCHK2(lhs1, op1, rhs1, lhs2, op2, rhs2, fmt) \
512 if (lhs1 op1 rhs1 && lhs2 op2 rhs2) { \
513 MPRINT("UFS%d superblock failed: %s (" #fmt ") %s %s (" \
514 #fmt ") && %s (" #fmt ") %s %s (" #fmt ")\n", \
515 fs->fs_magic == FS_UFS1_MAGIC ? 1 : 2, #lhs1, \
516 (intmax_t)lhs1, #op1, #rhs1, (intmax_t)rhs1, #lhs2, \
517 (intmax_t)lhs2, #op2, #rhs2, (intmax_t)rhs2); \
518 if (error < 0) \
519 return (ENOENT); \
520 if (error == 0) \
521 error = ENOENT; \
522 }
523
524 static int
validate_sblock(struct fs * fs,int flags)525 validate_sblock(struct fs *fs, int flags)
526 {
527 uint64_t i, sectorsize;
528 uint64_t maxfilesize, sizepb;
529 int error, prtmsg, warnerr;
530 char *wmsg;
531
532 error = 0;
533 sectorsize = dbtob(1);
534 prtmsg = ((flags & UFS_NOMSG) == 0);
535 warnerr = (flags & UFS_NOWARNFAIL) == UFS_NOWARNFAIL ? 0 : ENOENT;
536 wmsg = warnerr ? "" : " (Ignored)";
537 /*
538 * Check for endian mismatch between machine and filesystem.
539 */
540 if (((fs->fs_magic != FS_UFS2_MAGIC) &&
541 (bswap32(fs->fs_magic) == FS_UFS2_MAGIC)) ||
542 ((fs->fs_magic != FS_UFS1_MAGIC) &&
543 (bswap32(fs->fs_magic) == FS_UFS1_MAGIC))) {
544 MPRINT("UFS superblock failed due to endian mismatch "
545 "between machine and filesystem\n");
546 return(EILSEQ);
547 }
548 /*
549 * If just validating for recovery, then do just the minimal
550 * checks needed for the superblock fields needed to find
551 * alternate superblocks.
552 */
553 if ((flags & UFS_FSRONLY) == UFS_FSRONLY &&
554 (fs->fs_magic == FS_UFS1_MAGIC || fs->fs_magic == FS_UFS2_MAGIC)) {
555 error = -1; /* fail on first error */
556 if (fs->fs_magic == FS_UFS2_MAGIC) {
557 FCHK(fs->fs_sblockloc, !=, SBLOCK_UFS2, %#jx);
558 } else if (fs->fs_magic == FS_UFS1_MAGIC) {
559 FCHK(fs->fs_sblockloc, <, 0, %jd);
560 FCHK(fs->fs_sblockloc, >, SBLOCK_UFS1, %jd);
561 }
562 FCHK(fs->fs_frag, <, 1, %jd);
563 FCHK(fs->fs_frag, >, MAXFRAG, %jd);
564 FCHK(fs->fs_bsize, <, MINBSIZE, %jd);
565 FCHK(fs->fs_bsize, >, MAXBSIZE, %jd);
566 FCHK(fs->fs_bsize, <, roundup(sizeof(struct fs), DEV_BSIZE),
567 %jd);
568 FCHK(fs->fs_fsize, <, sectorsize, %jd);
569 FCHK(fs->fs_fsize * fs->fs_frag, !=, fs->fs_bsize, %jd);
570 FCHK(powerof2(fs->fs_fsize), ==, 0, %jd);
571 FCHK(fs->fs_sbsize, >, SBLOCKSIZE, %jd);
572 FCHK(fs->fs_sbsize, <, (signed)sizeof(struct fs), %jd);
573 FCHK(fs->fs_sbsize % sectorsize, !=, 0, %jd);
574 FCHK(fs->fs_fpg, <, 3 * fs->fs_frag, %jd);
575 FCHK(fs->fs_ncg, <, 1, %jd);
576 FCHK(fs->fs_fsbtodb, !=, ILOG2(fs->fs_fsize / sectorsize), %jd);
577 FCHK(fs->fs_old_cgoffset, <, 0, %jd);
578 FCHK2(fs->fs_old_cgoffset, >, 0, ~fs->fs_old_cgmask, <, 0, %jd);
579 FCHK(fs->fs_old_cgoffset * (~fs->fs_old_cgmask), >, fs->fs_fpg,
580 %jd);
581 FCHK(fs->fs_sblkno, !=, roundup(
582 howmany(fs->fs_sblockloc + SBLOCKSIZE, fs->fs_fsize),
583 fs->fs_frag), %jd);
584 FCHK(CGSIZE(fs), >, fs->fs_bsize, %jd);
585 /* Only need to validate these if reading in csum data */
586 if ((flags & UFS_NOCSUM) != 0)
587 return (error);
588 FCHK((uint64_t)fs->fs_ipg * fs->fs_ncg, >,
589 (((int64_t)(1)) << 32) - INOPB(fs), %jd);
590 FCHK(fs->fs_cstotal.cs_nifree, <, 0, %jd);
591 FCHK(fs->fs_cstotal.cs_nifree, >,
592 (uint64_t)fs->fs_ipg * fs->fs_ncg, %jd);
593 FCHK(fs->fs_cstotal.cs_ndir, >,
594 ((uint64_t)fs->fs_ipg * fs->fs_ncg) -
595 fs->fs_cstotal.cs_nifree, %jd);
596 FCHK(fs->fs_size, <, 8 * fs->fs_frag, %jd);
597 FCHK(fs->fs_size, <=, ((int64_t)fs->fs_ncg - 1) * fs->fs_fpg,
598 %jd);
599 FCHK(fs->fs_size, >, (int64_t)fs->fs_ncg * fs->fs_fpg, %jd);
600 FCHK(fs->fs_csaddr, <, 0, %jd);
601 FCHK(fs->fs_cssize, !=,
602 fragroundup(fs, fs->fs_ncg * sizeof(struct csum)), %jd);
603 FCHK(fs->fs_csaddr + howmany(fs->fs_cssize, fs->fs_fsize), >,
604 fs->fs_size, %jd);
605 FCHK(fs->fs_csaddr, <, cgdmin(fs, dtog(fs, fs->fs_csaddr)),
606 %jd);
607 FCHK(dtog(fs, fs->fs_csaddr + howmany(fs->fs_cssize,
608 fs->fs_fsize)), >, dtog(fs, fs->fs_csaddr), %jd);
609 return (error);
610 }
611 if (fs->fs_magic == FS_UFS2_MAGIC) {
612 if ((flags & UFS_ALTSBLK) == 0)
613 FCHK2(fs->fs_sblockactualloc, !=, SBLOCK_UFS2,
614 fs->fs_sblockactualloc, !=, 0, %jd);
615 FCHK(fs->fs_sblockloc, !=, SBLOCK_UFS2, %#jx);
616 FCHK(fs->fs_maxsymlinklen, !=, ((UFS_NDADDR + UFS_NIADDR) *
617 sizeof(ufs2_daddr_t)), %jd);
618 FCHK(fs->fs_nindir, !=, fs->fs_bsize / sizeof(ufs2_daddr_t),
619 %jd);
620 FCHK(fs->fs_inopb, !=,
621 fs->fs_bsize / sizeof(struct ufs2_dinode), %jd);
622 } else if (fs->fs_magic == FS_UFS1_MAGIC) {
623 if ((flags & UFS_ALTSBLK) == 0)
624 FCHK(fs->fs_sblockactualloc, >, SBLOCK_UFS1, %jd);
625 FCHK(fs->fs_sblockloc, <, 0, %jd);
626 FCHK(fs->fs_sblockloc, >, SBLOCK_UFS1, %jd);
627 FCHK(fs->fs_nindir, !=, fs->fs_bsize / sizeof(ufs1_daddr_t),
628 %jd);
629 FCHK(fs->fs_inopb, !=,
630 fs->fs_bsize / sizeof(struct ufs1_dinode), %jd);
631 FCHK(fs->fs_maxsymlinklen, !=, ((UFS_NDADDR + UFS_NIADDR) *
632 sizeof(ufs1_daddr_t)), %jd);
633 WCHK(fs->fs_old_inodefmt, !=, FS_44INODEFMT, %jd);
634 WCHK(fs->fs_old_rotdelay, !=, 0, %jd);
635 WCHK(fs->fs_old_rps, !=, 60, %jd);
636 WCHK(fs->fs_old_nspf, !=, fs->fs_fsize / sectorsize, %jd);
637 WCHK(fs->fs_old_interleave, !=, 1, %jd);
638 WCHK(fs->fs_old_trackskew, !=, 0, %jd);
639 WCHK(fs->fs_old_cpc, !=, 0, %jd);
640 WCHK(fs->fs_old_postblformat, !=, 1, %jd);
641 FCHK(fs->fs_old_nrpos, !=, 1, %jd);
642 WCHK(fs->fs_old_nsect, !=, fs->fs_old_spc, %jd);
643 WCHK(fs->fs_old_npsect, !=, fs->fs_old_spc, %jd);
644 } else {
645 /* Bad magic number, so assume not a superblock */
646 return (ENOENT);
647 }
648 FCHK(fs->fs_bsize, <, MINBSIZE, %jd);
649 FCHK(fs->fs_bsize, >, MAXBSIZE, %jd);
650 FCHK(fs->fs_bsize, <, roundup(sizeof(struct fs), DEV_BSIZE), %jd);
651 FCHK(powerof2(fs->fs_bsize), ==, 0, %jd);
652 FCHK(fs->fs_frag, <, 1, %jd);
653 FCHK(fs->fs_frag, >, MAXFRAG, %jd);
654 FCHK(fs->fs_frag, !=, numfrags(fs, fs->fs_bsize), %jd);
655 FCHK(fs->fs_fsize, <, sectorsize, %jd);
656 FCHK(fs->fs_fsize * fs->fs_frag, !=, fs->fs_bsize, %jd);
657 FCHK(powerof2(fs->fs_fsize), ==, 0, %jd);
658 FCHK(fs->fs_fpg, <, 3 * fs->fs_frag, %jd);
659 FCHK(fs->fs_ncg, <, 1, %jd);
660 FCHK(fs->fs_ipg, <, fs->fs_inopb, %jd);
661 FCHK((uint64_t)fs->fs_ipg * fs->fs_ncg, >,
662 (((int64_t)(1)) << 32) - INOPB(fs), %jd);
663 FCHK(fs->fs_cstotal.cs_nifree, <, 0, %jd);
664 FCHK(fs->fs_cstotal.cs_nifree, >, (uint64_t)fs->fs_ipg * fs->fs_ncg,
665 %jd);
666 FCHK(fs->fs_cstotal.cs_ndir, <, 0, %jd);
667 FCHK(fs->fs_cstotal.cs_ndir, >,
668 ((uint64_t)fs->fs_ipg * fs->fs_ncg) - fs->fs_cstotal.cs_nifree,
669 %jd);
670 FCHK(fs->fs_sbsize, >, SBLOCKSIZE, %jd);
671 FCHK(fs->fs_sbsize, <, (signed)sizeof(struct fs), %jd);
672 /* fix for misconfigured filesystems */
673 if (fs->fs_maxbsize == 0)
674 fs->fs_maxbsize = fs->fs_bsize;
675 FCHK(fs->fs_maxbsize, <, fs->fs_bsize, %jd);
676 FCHK(powerof2(fs->fs_maxbsize), ==, 0, %jd);
677 FCHK(fs->fs_maxbsize, >, FS_MAXCONTIG * fs->fs_bsize, %jd);
678 FCHK(fs->fs_bmask, !=, ~(fs->fs_bsize - 1), %#jx);
679 FCHK(fs->fs_fmask, !=, ~(fs->fs_fsize - 1), %#jx);
680 FCHK(fs->fs_qbmask, !=, ~fs->fs_bmask, %#jx);
681 FCHK(fs->fs_qfmask, !=, ~fs->fs_fmask, %#jx);
682 FCHK(fs->fs_bshift, !=, ILOG2(fs->fs_bsize), %jd);
683 FCHK(fs->fs_fshift, !=, ILOG2(fs->fs_fsize), %jd);
684 FCHK(fs->fs_fragshift, !=, ILOG2(fs->fs_frag), %jd);
685 FCHK(fs->fs_fsbtodb, !=, ILOG2(fs->fs_fsize / sectorsize), %jd);
686 FCHK(fs->fs_old_cgoffset, <, 0, %jd);
687 FCHK2(fs->fs_old_cgoffset, >, 0, ~fs->fs_old_cgmask, <, 0, %jd);
688 FCHK(fs->fs_old_cgoffset * (~fs->fs_old_cgmask), >, fs->fs_fpg, %jd);
689 FCHK(CGSIZE(fs), >, fs->fs_bsize, %jd);
690 /*
691 * If anything has failed up to this point, it is usafe to proceed
692 * as checks below may divide by zero or make other fatal calculations.
693 * So if we have any errors at this point, give up.
694 */
695 if (error)
696 return (error);
697 FCHK(fs->fs_sbsize % sectorsize, !=, 0, %jd);
698 FCHK(fs->fs_ipg % fs->fs_inopb, !=, 0, %jd);
699 FCHK(fs->fs_sblkno, !=, roundup(
700 howmany(fs->fs_sblockloc + SBLOCKSIZE, fs->fs_fsize),
701 fs->fs_frag), %jd);
702 FCHK(fs->fs_cblkno, !=, fs->fs_sblkno +
703 roundup(howmany(SBLOCKSIZE, fs->fs_fsize), fs->fs_frag), %jd);
704 FCHK(fs->fs_iblkno, !=, fs->fs_cblkno + fs->fs_frag, %jd);
705 FCHK(fs->fs_dblkno, !=, fs->fs_iblkno + fs->fs_ipg / INOPF(fs), %jd);
706 FCHK(fs->fs_cgsize, >, fs->fs_bsize, %jd);
707 FCHK(fs->fs_cgsize, <, fs->fs_fsize, %jd);
708 FCHK(fs->fs_cgsize % fs->fs_fsize, !=, 0, %jd);
709 /*
710 * This test is valid, however older versions of growfs failed
711 * to correctly update fs_dsize so will fail this test. Thus we
712 * exclude it from the requirements.
713 */
714 #ifdef notdef
715 WCHK(fs->fs_dsize, !=, fs->fs_size - fs->fs_sblkno -
716 fs->fs_ncg * (fs->fs_dblkno - fs->fs_sblkno) -
717 howmany(fs->fs_cssize, fs->fs_fsize), %jd);
718 #endif
719 WCHK(fs->fs_metaspace, <, 0, %jd);
720 WCHK(fs->fs_metaspace, >, fs->fs_fpg / 2, %jd);
721 WCHK(fs->fs_minfree, >, 99, %jd%%);
722 maxfilesize = fs->fs_bsize * UFS_NDADDR - 1;
723 for (sizepb = fs->fs_bsize, i = 0; i < UFS_NIADDR; i++) {
724 sizepb *= NINDIR(fs);
725 maxfilesize += sizepb;
726 }
727 WCHK(fs->fs_maxfilesize, >, maxfilesize, %jd);
728 /*
729 * These values have a tight interaction with each other that
730 * makes it hard to tightly bound them. So we can only check
731 * that they are within a broader possible range.
732 *
733 * The size cannot always be accurately determined, but ensure
734 * that it is consistent with the number of cylinder groups (fs_ncg)
735 * and the number of fragments per cylinder group (fs_fpg). Ensure
736 * that the summary information size is correct and that it starts
737 * and ends in the data area of the same cylinder group.
738 */
739 FCHK(fs->fs_size, <, 8 * fs->fs_frag, %jd);
740 FCHK(fs->fs_size, <=, ((int64_t)fs->fs_ncg - 1) * fs->fs_fpg, %jd);
741 FCHK(fs->fs_size, >, (int64_t)fs->fs_ncg * fs->fs_fpg, %jd);
742 /*
743 * If we are not requested to read in the csum data stop here
744 * as the correctness of the remaining values is only important
745 * to bound the space needed to be allocated to hold the csum data.
746 */
747 if ((flags & UFS_NOCSUM) != 0)
748 return (error);
749 FCHK(fs->fs_csaddr, <, 0, %jd);
750 FCHK(fs->fs_cssize, !=,
751 fragroundup(fs, fs->fs_ncg * sizeof(struct csum)), %jd);
752 FCHK(fs->fs_csaddr + howmany(fs->fs_cssize, fs->fs_fsize), >,
753 fs->fs_size, %jd);
754 FCHK(fs->fs_csaddr, <, cgdmin(fs, dtog(fs, fs->fs_csaddr)), %jd);
755 FCHK(dtog(fs, fs->fs_csaddr + howmany(fs->fs_cssize, fs->fs_fsize)), >,
756 dtog(fs, fs->fs_csaddr), %jd);
757 /*
758 * With file system clustering it is possible to allocate
759 * many contiguous blocks. The kernel variable maxphys defines
760 * the maximum transfer size permitted by the controller and/or
761 * buffering. The fs_maxcontig parameter controls the maximum
762 * number of blocks that the filesystem will read or write
763 * in a single transfer. It is calculated when the filesystem
764 * is created as maxphys / fs_bsize. The loader uses a maxphys
765 * of 128K even when running on a system that supports larger
766 * values. If the filesystem was built on a system that supports
767 * a larger maxphys (1M is typical) it will have configured
768 * fs_maxcontig for that larger system. So we bound the upper
769 * allowable limit for fs_maxconfig to be able to at least
770 * work with a 1M maxphys on the smallest block size filesystem:
771 * 1M / 4096 == 256. There is no harm in allowing the mounting of
772 * filesystems that make larger than maxphys I/O requests because
773 * those (mostly 32-bit machines) can (very slowly) handle I/O
774 * requests that exceed maxphys.
775 */
776 WCHK(fs->fs_maxcontig, <, 0, %jd);
777 WCHK(fs->fs_maxcontig, >, MAX(256, maxphys / fs->fs_bsize), %jd);
778 FCHK2(fs->fs_maxcontig, ==, 0, fs->fs_contigsumsize, !=, 0, %jd);
779 FCHK2(fs->fs_maxcontig, >, 1, fs->fs_contigsumsize, !=,
780 MIN(fs->fs_maxcontig, FS_MAXCONTIG), %jd);
781 return (error);
782 }
783
784 /*
785 * Make an extensive search to find a superblock. If the superblock
786 * in the standard place cannot be used, try looking for one of the
787 * backup superblocks.
788 *
789 * Flags are made up of the following or'ed together options:
790 *
791 * UFS_NOMSG indicates that superblock inconsistency error messages
792 * should not be printed.
793 *
794 * UFS_NOCSUM causes only the superblock itself to be returned, but does
795 * not read in any auxillary data structures like the cylinder group
796 * summary information.
797 */
798 int
ffs_sbsearch(void * devfd,struct fs ** fsp,int reqflags,struct malloc_type * filltype,int (* readfunc)(void * devfd,off_t loc,void ** bufp,int size))799 ffs_sbsearch(void *devfd, struct fs **fsp, int reqflags,
800 struct malloc_type *filltype,
801 int (*readfunc)(void *devfd, off_t loc, void **bufp, int size))
802 {
803 struct fsrecovery *fsr;
804 struct fs *protofs;
805 void *fsrbuf;
806 char *cp;
807 long nocsum, flags, msg, cg;
808 off_t sblk, secsize;
809 int error;
810
811 msg = (reqflags & UFS_NOMSG) == 0;
812 nocsum = reqflags & UFS_NOCSUM;
813 /*
814 * Try normal superblock read and return it if it works.
815 *
816 * Suppress messages if it fails until we find out if
817 * failure can be avoided.
818 */
819 flags = UFS_NOMSG | nocsum;
820 error = ffs_sbget(devfd, fsp, UFS_STDSB, flags, filltype, readfunc);
821 /*
822 * If successful or endian error, no need to try further.
823 */
824 if (error == 0 || error == EILSEQ) {
825 if (msg && error == EILSEQ)
826 printf("UFS superblock failed due to endian mismatch "
827 "between machine and filesystem\n");
828 return (error);
829 }
830 /*
831 * First try: ignoring hash failures.
832 */
833 flags |= UFS_NOHASHFAIL;
834 if (msg)
835 flags &= ~UFS_NOMSG;
836 if (ffs_sbget(devfd, fsp, UFS_STDSB, flags, filltype, readfunc) == 0)
837 return (0);
838 /*
839 * Next up is to check if fields of the superblock that are
840 * needed to find backup superblocks are usable.
841 */
842 if (msg)
843 printf("Attempted recovery for standard superblock: failed\n");
844 flags = UFS_FSRONLY | UFS_NOHASHFAIL | UFS_NOCSUM | UFS_NOMSG;
845 if (ffs_sbget(devfd, &protofs, UFS_STDSB, flags, filltype,
846 readfunc) == 0) {
847 if (msg)
848 printf("Attempt extraction of recovery data from "
849 "standard superblock.\n");
850 } else {
851 /*
852 * Final desperation is to see if alternate superblock
853 * parameters have been saved in the boot area.
854 */
855 if (msg)
856 printf("Attempted extraction of recovery data from "
857 "standard superblock: failed\nAttempt to find "
858 "boot zone recovery data.\n");
859 /*
860 * Look to see if recovery information has been saved.
861 * If so we can generate a prototype superblock based
862 * on that information.
863 *
864 * We need fragments-per-group, number of cylinder groups,
865 * location of the superblock within the cylinder group, and
866 * the conversion from filesystem fragments to disk blocks.
867 *
868 * When building a UFS2 filesystem, newfs(8) stores these
869 * details at the end of the boot block area at the start
870 * of the filesystem partition. If they have been overwritten
871 * by a boot block, we fail. But usually they are there
872 * and we can use them.
873 *
874 * We could ask the underlying device for its sector size,
875 * but some devices lie. So we just try a plausible range.
876 */
877 error = ENOENT;
878 fsrbuf = NULL;
879 for (secsize = dbtob(1); secsize <= SBLOCKSIZE; secsize *= 2)
880 if ((error = (*readfunc)(devfd, (SBLOCK_UFS2 - secsize),
881 &fsrbuf, secsize)) == 0)
882 break;
883 if (error != 0)
884 goto trynowarn;
885 cp = fsrbuf; /* type change to keep compiler happy */
886 fsr = (struct fsrecovery *)&cp[secsize - sizeof *fsr];
887 if (fsr->fsr_magic != FS_UFS2_MAGIC ||
888 (protofs = UFS_MALLOC(SBLOCKSIZE, filltype, M_NOWAIT))
889 == NULL) {
890 UFS_FREE(fsrbuf, filltype);
891 goto trynowarn;
892 }
893 memset(protofs, 0, sizeof(struct fs));
894 protofs->fs_fpg = fsr->fsr_fpg;
895 protofs->fs_fsbtodb = fsr->fsr_fsbtodb;
896 protofs->fs_sblkno = fsr->fsr_sblkno;
897 protofs->fs_magic = fsr->fsr_magic;
898 protofs->fs_ncg = fsr->fsr_ncg;
899 UFS_FREE(fsrbuf, filltype);
900 }
901 /*
902 * Scan looking for alternative superblocks.
903 */
904 flags = nocsum;
905 if (!msg)
906 flags |= UFS_NOMSG;
907 for (cg = 0; cg < protofs->fs_ncg; cg++) {
908 sblk = fsbtodb(protofs, cgsblock(protofs, cg));
909 if (msg)
910 printf("Try cg %ld at sblock loc %jd\n", cg,
911 (intmax_t)sblk);
912 if (ffs_sbget(devfd, fsp, dbtob(sblk), flags, filltype,
913 readfunc) == 0) {
914 if (msg)
915 printf("Succeeded with alternate superblock "
916 "at %jd\n", (intmax_t)sblk);
917 UFS_FREE(protofs, filltype);
918 return (0);
919 }
920 }
921 UFS_FREE(protofs, filltype);
922 /*
923 * Our alternate superblock strategies failed. Our last ditch effort
924 * is to see if the standard superblock has only non-critical errors.
925 */
926 trynowarn:
927 flags = UFS_NOWARNFAIL | UFS_NOMSG | nocsum;
928 if (msg) {
929 printf("Finding an alternate superblock failed.\nCheck for "
930 "only non-critical errors in standard superblock\n");
931 flags &= ~UFS_NOMSG;
932 }
933 if (ffs_sbget(devfd, fsp, UFS_STDSB, flags, filltype, readfunc) != 0) {
934 if (msg)
935 printf("Failed, superblock has critical errors\n");
936 return (ENOENT);
937 }
938 if (msg)
939 printf("Success, using standard superblock with "
940 "non-critical errors.\n");
941 return (0);
942 }
943
944 /*
945 * Write a superblock to the devfd device from the memory pointed to by fs.
946 * Write out the superblock summary information if it is present.
947 *
948 * If the write is successful, zero is returned. Otherwise one of the
949 * following error values is returned:
950 * EIO: failed to write superblock.
951 * EIO: failed to write superblock summary information.
952 */
953 int
ffs_sbput(void * devfd,struct fs * fs,off_t loc,int (* writefunc)(void * devfd,off_t loc,void * buf,int size))954 ffs_sbput(void *devfd, struct fs *fs, off_t loc,
955 int (*writefunc)(void *devfd, off_t loc, void *buf, int size))
956 {
957 struct fs_summary_info *fs_si;
958 int i, error, blks, size;
959 uint8_t *space;
960
961 /*
962 * If there is summary information, write it first, so if there
963 * is an error, the superblock will not be marked as clean.
964 */
965 if (fs->fs_si != NULL && fs->fs_csp != NULL) {
966 blks = howmany(fs->fs_cssize, fs->fs_fsize);
967 space = (uint8_t *)fs->fs_csp;
968 for (i = 0; i < blks; i += fs->fs_frag) {
969 size = fs->fs_bsize;
970 if (i + fs->fs_frag > blks)
971 size = (blks - i) * fs->fs_fsize;
972 if ((error = (*writefunc)(devfd,
973 dbtob(fsbtodb(fs, fs->fs_csaddr + i)),
974 space, size)) != 0)
975 return (error);
976 space += size;
977 }
978 }
979 fs->fs_fmod = 0;
980 ffs_oldfscompat_write(fs);
981 #ifdef _KERNEL
982 fs->fs_time = time_second;
983 #else /* User Code */
984 fs->fs_time = time(NULL);
985 #endif
986 /* Clear the pointers for the duration of writing. */
987 fs_si = fs->fs_si;
988 fs->fs_si = NULL;
989 fs->fs_ckhash = ffs_calc_sbhash(fs);
990 error = (*writefunc)(devfd, loc, fs, fs->fs_sbsize);
991 /*
992 * A negative error code is returned when a copy of the
993 * superblock has been made which is discarded when the I/O
994 * is done. So the fs_si field does not and indeed cannot be
995 * restored after the write is done. Convert the error code
996 * back to its usual positive value when returning it.
997 */
998 if (error < 0)
999 return (-error - 1);
1000 fs->fs_si = fs_si;
1001 return (error);
1002 }
1003
1004 /*
1005 * Calculate the check-hash for a superblock.
1006 */
1007 uint32_t
ffs_calc_sbhash(struct fs * fs)1008 ffs_calc_sbhash(struct fs *fs)
1009 {
1010 uint32_t ckhash, save_ckhash;
1011
1012 /*
1013 * A filesystem that was using a superblock ckhash may be moved
1014 * to an older kernel that does not support ckhashes. The
1015 * older kernel will clear the FS_METACKHASH flag indicating
1016 * that it does not update hashes. When the disk is moved back
1017 * to a kernel capable of ckhashes it disables them on mount:
1018 *
1019 * if ((fs->fs_flags & FS_METACKHASH) == 0)
1020 * fs->fs_metackhash = 0;
1021 *
1022 * This leaves (fs->fs_metackhash & CK_SUPERBLOCK) == 0) with an
1023 * old stale value in the fs->fs_ckhash field. Thus the need to
1024 * just accept what is there.
1025 */
1026 if ((fs->fs_metackhash & CK_SUPERBLOCK) == 0)
1027 return (fs->fs_ckhash);
1028
1029 save_ckhash = fs->fs_ckhash;
1030 fs->fs_ckhash = 0;
1031 /*
1032 * If newly read from disk, the caller is responsible for
1033 * verifying that fs->fs_sbsize <= SBLOCKSIZE.
1034 */
1035 ckhash = calculate_crc32c(~0L, (void *)fs, fs->fs_sbsize);
1036 fs->fs_ckhash = save_ckhash;
1037 return (ckhash);
1038 }
1039
1040 /*
1041 * Update the frsum fields to reflect addition or deletion
1042 * of some frags.
1043 */
1044 void
ffs_fragacct(struct fs * fs,int fragmap,int32_t fraglist[],int cnt)1045 ffs_fragacct(struct fs *fs, int fragmap, int32_t fraglist[], int cnt)
1046 {
1047 int inblk;
1048 int field, subfield;
1049 int siz, pos;
1050
1051 inblk = (int)(fragtbl[fs->fs_frag][fragmap]) << 1;
1052 fragmap <<= 1;
1053 for (siz = 1; siz < fs->fs_frag; siz++) {
1054 if ((inblk & (1 << (siz + (fs->fs_frag % NBBY)))) == 0)
1055 continue;
1056 field = around[siz];
1057 subfield = inside[siz];
1058 for (pos = siz; pos <= fs->fs_frag; pos++) {
1059 if ((fragmap & field) == subfield) {
1060 fraglist[siz] += cnt;
1061 pos += siz;
1062 field <<= siz;
1063 subfield <<= siz;
1064 }
1065 field <<= 1;
1066 subfield <<= 1;
1067 }
1068 }
1069 }
1070
1071 /*
1072 * block operations
1073 *
1074 * check if a block is available
1075 */
1076 int
ffs_isblock(struct fs * fs,unsigned char * cp,ufs1_daddr_t h)1077 ffs_isblock(struct fs *fs, unsigned char *cp, ufs1_daddr_t h)
1078 {
1079 unsigned char mask;
1080
1081 switch ((int)fs->fs_frag) {
1082 case 8:
1083 return (cp[h] == 0xff);
1084 case 4:
1085 mask = 0x0f << ((h & 0x1) << 2);
1086 return ((cp[h >> 1] & mask) == mask);
1087 case 2:
1088 mask = 0x03 << ((h & 0x3) << 1);
1089 return ((cp[h >> 2] & mask) == mask);
1090 case 1:
1091 mask = 0x01 << (h & 0x7);
1092 return ((cp[h >> 3] & mask) == mask);
1093 default:
1094 #ifdef _KERNEL
1095 panic("ffs_isblock");
1096 #endif
1097 break;
1098 }
1099 return (0);
1100 }
1101
1102 /*
1103 * check if a block is free
1104 */
1105 int
ffs_isfreeblock(struct fs * fs,uint8_t * cp,ufs1_daddr_t h)1106 ffs_isfreeblock(struct fs *fs, uint8_t *cp, ufs1_daddr_t h)
1107 {
1108
1109 switch ((int)fs->fs_frag) {
1110 case 8:
1111 return (cp[h] == 0);
1112 case 4:
1113 return ((cp[h >> 1] & (0x0f << ((h & 0x1) << 2))) == 0);
1114 case 2:
1115 return ((cp[h >> 2] & (0x03 << ((h & 0x3) << 1))) == 0);
1116 case 1:
1117 return ((cp[h >> 3] & (0x01 << (h & 0x7))) == 0);
1118 default:
1119 #ifdef _KERNEL
1120 panic("ffs_isfreeblock");
1121 #endif
1122 break;
1123 }
1124 return (0);
1125 }
1126
1127 /*
1128 * take a block out of the map
1129 */
1130 void
ffs_clrblock(struct fs * fs,uint8_t * cp,ufs1_daddr_t h)1131 ffs_clrblock(struct fs *fs, uint8_t *cp, ufs1_daddr_t h)
1132 {
1133
1134 switch ((int)fs->fs_frag) {
1135 case 8:
1136 cp[h] = 0;
1137 return;
1138 case 4:
1139 cp[h >> 1] &= ~(0x0f << ((h & 0x1) << 2));
1140 return;
1141 case 2:
1142 cp[h >> 2] &= ~(0x03 << ((h & 0x3) << 1));
1143 return;
1144 case 1:
1145 cp[h >> 3] &= ~(0x01 << (h & 0x7));
1146 return;
1147 default:
1148 #ifdef _KERNEL
1149 panic("ffs_clrblock");
1150 #endif
1151 break;
1152 }
1153 }
1154
1155 /*
1156 * put a block into the map
1157 */
1158 void
ffs_setblock(struct fs * fs,unsigned char * cp,ufs1_daddr_t h)1159 ffs_setblock(struct fs *fs, unsigned char *cp, ufs1_daddr_t h)
1160 {
1161
1162 switch ((int)fs->fs_frag) {
1163 case 8:
1164 cp[h] = 0xff;
1165 return;
1166 case 4:
1167 cp[h >> 1] |= (0x0f << ((h & 0x1) << 2));
1168 return;
1169 case 2:
1170 cp[h >> 2] |= (0x03 << ((h & 0x3) << 1));
1171 return;
1172 case 1:
1173 cp[h >> 3] |= (0x01 << (h & 0x7));
1174 return;
1175 default:
1176 #ifdef _KERNEL
1177 panic("ffs_setblock");
1178 #endif
1179 break;
1180 }
1181 }
1182
1183 /*
1184 * Update the cluster map because of an allocation or free.
1185 *
1186 * Cnt == 1 means free; cnt == -1 means allocating.
1187 */
1188 void
ffs_clusteracct(struct fs * fs,struct cg * cgp,ufs1_daddr_t blkno,int cnt)1189 ffs_clusteracct(struct fs *fs, struct cg *cgp, ufs1_daddr_t blkno, int cnt)
1190 {
1191 int32_t *sump;
1192 int32_t *lp;
1193 uint8_t *freemapp, *mapp;
1194 int i, start, end, forw, back, map;
1195 uint64_t bit;
1196
1197 if (fs->fs_contigsumsize <= 0)
1198 return;
1199 freemapp = cg_clustersfree(cgp);
1200 sump = cg_clustersum(cgp);
1201 /*
1202 * Allocate or clear the actual block.
1203 */
1204 if (cnt > 0)
1205 setbit(freemapp, blkno);
1206 else
1207 clrbit(freemapp, blkno);
1208 /*
1209 * Find the size of the cluster going forward.
1210 */
1211 start = blkno + 1;
1212 end = start + fs->fs_contigsumsize;
1213 if (end >= cgp->cg_nclusterblks)
1214 end = cgp->cg_nclusterblks;
1215 mapp = &freemapp[start / NBBY];
1216 map = *mapp++;
1217 bit = 1U << (start % NBBY);
1218 for (i = start; i < end; i++) {
1219 if ((map & bit) == 0)
1220 break;
1221 if ((i & (NBBY - 1)) != (NBBY - 1)) {
1222 bit <<= 1;
1223 } else {
1224 map = *mapp++;
1225 bit = 1;
1226 }
1227 }
1228 forw = i - start;
1229 /*
1230 * Find the size of the cluster going backward.
1231 */
1232 start = blkno - 1;
1233 end = start - fs->fs_contigsumsize;
1234 if (end < 0)
1235 end = -1;
1236 mapp = &freemapp[start / NBBY];
1237 map = *mapp--;
1238 bit = 1U << (start % NBBY);
1239 for (i = start; i > end; i--) {
1240 if ((map & bit) == 0)
1241 break;
1242 if ((i & (NBBY - 1)) != 0) {
1243 bit >>= 1;
1244 } else {
1245 map = *mapp--;
1246 bit = 1U << (NBBY - 1);
1247 }
1248 }
1249 back = start - i;
1250 /*
1251 * Account for old cluster and the possibly new forward and
1252 * back clusters.
1253 */
1254 i = back + forw + 1;
1255 if (i > fs->fs_contigsumsize)
1256 i = fs->fs_contigsumsize;
1257 sump[i] += cnt;
1258 if (back > 0)
1259 sump[back] -= cnt;
1260 if (forw > 0)
1261 sump[forw] -= cnt;
1262 /*
1263 * Update cluster summary information.
1264 */
1265 lp = &sump[fs->fs_contigsumsize];
1266 for (i = fs->fs_contigsumsize; i > 0; i--)
1267 if (*lp-- > 0)
1268 break;
1269 fs->fs_maxcluster[cgp->cg_cgx] = i;
1270 }
1271