xref: /freebsd/bin/pax/ar_io.c (revision 35c0a8c449fd2b7f75029ebed5e10852240f0865)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1992 Keith Muller.
5  * Copyright (c) 1992, 1993
6  *	The Regents of the University of California.  All rights reserved.
7  *
8  * This code is derived from software contributed to Berkeley by
9  * Keith Muller of the University of California, San Diego.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  * 2. Redistributions in binary form must reproduce the above copyright
17  *    notice, this list of conditions and the following disclaimer in the
18  *    documentation and/or other materials provided with the distribution.
19  * 3. Neither the name of the University nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #include <sys/types.h>
37 #include <sys/ioctl.h>
38 #include <sys/mtio.h>
39 #include <sys/stat.h>
40 #include <sys/wait.h>
41 #include <err.h>
42 #include <errno.h>
43 #include <fcntl.h>
44 #include <signal.h>
45 #include <stdint.h>
46 #include <stdio.h>
47 #include <string.h>
48 #include <stdlib.h>
49 #include <unistd.h>
50 #include "pax.h"
51 #include "options.h"
52 #include "extern.h"
53 
54 /*
55  * Routines which deal directly with the archive I/O device/file.
56  */
57 
58 #define DMOD		0666		/* default mode of created archives */
59 #define EXT_MODE	O_RDONLY	/* open mode for list/extract */
60 #define AR_MODE		(O_WRONLY | O_CREAT | O_TRUNC)	/* mode for archive */
61 #define APP_MODE	O_RDWR		/* mode for append */
62 
63 static char none[] = "<NONE>";		/* pseudo name for no file */
64 static char stdo[] = "<STDOUT>";	/* pseudo name for stdout */
65 static char stdn[] = "<STDIN>";		/* pseudo name for stdin */
66 static int arfd = -1;			/* archive file descriptor */
67 static int artyp = ISREG;		/* archive type: file/FIFO/tape */
68 static int arvol = 1;			/* archive volume number */
69 static int lstrval = -1;		/* return value from last i/o */
70 static int io_ok;			/* i/o worked on volume after resync */
71 static int did_io;			/* did i/o ever occur on volume? */
72 static int done;			/* set via tty termination */
73 static struct stat arsb;		/* stat of archive device at open */
74 static int invld_rec;			/* tape has out of spec record size */
75 static int wr_trail = 1;		/* trailer was rewritten in append */
76 static int can_unlnk = 0;		/* do we unlink null archives?  */
77 const char *arcname;		  	/* printable name of archive */
78 const char *gzip_program;		/* name of gzip program */
79 static pid_t zpid = -1; 		/* pid of child process */
80 
81 static int get_phys(void);
82 static void ar_start_gzip(int, const char *, int);
83 
84 /*
85  * ar_open()
86  *	Opens the next archive volume. Determines the type of the device and
87  *	sets up block sizes as required by the archive device and the format.
88  *	Note: we may be called with name == NULL on the first open only.
89  * Return:
90  *	-1 on failure, 0 otherwise
91  */
92 
93 int
94 ar_open(const char *name)
95 {
96 	struct mtget mb;
97 
98 	if (arfd != -1)
99 		(void)close(arfd);
100 	arfd = -1;
101 	can_unlnk = did_io = io_ok = invld_rec = 0;
102 	artyp = ISREG;
103 	flcnt = 0;
104 
105 	/*
106 	 * open based on overall operation mode
107 	 */
108 	switch (act) {
109 	case LIST:
110 	case EXTRACT:
111 		if (name == NULL) {
112 			arfd = STDIN_FILENO;
113 			arcname = stdn;
114 		} else if ((arfd = open(name, EXT_MODE, DMOD)) < 0)
115 			syswarn(0, errno, "Failed open to read on %s", name);
116 		if (arfd != -1 && gzip_program != NULL)
117 			ar_start_gzip(arfd, gzip_program, 0);
118 		break;
119 	case ARCHIVE:
120 		if (name == NULL) {
121 			arfd = STDOUT_FILENO;
122 			arcname = stdo;
123 		} else if ((arfd = open(name, AR_MODE, DMOD)) < 0)
124 			syswarn(0, errno, "Failed open to write on %s", name);
125 		else
126 			can_unlnk = 1;
127 		if (arfd != -1 && gzip_program != NULL)
128 			ar_start_gzip(arfd, gzip_program, 1);
129 		break;
130 	case APPND:
131 		if (name == NULL) {
132 			arfd = STDOUT_FILENO;
133 			arcname = stdo;
134 		} else if ((arfd = open(name, APP_MODE, DMOD)) < 0)
135 			syswarn(0, errno, "Failed open to read/write on %s",
136 				name);
137 		break;
138 	case COPY:
139 		/*
140 		 * arfd not used in COPY mode
141 		 */
142 		arcname = none;
143 		lstrval = 1;
144 		return(0);
145 	}
146 	if (arfd < 0)
147 		return(-1);
148 
149 	if (chdname != NULL)
150 		if (chdir(chdname) != 0) {
151 			syswarn(1, errno, "Failed chdir to %s", chdname);
152 			return(-1);
153 		}
154 	/*
155 	 * set up is based on device type
156 	 */
157 	if (fstat(arfd, &arsb) < 0) {
158 		syswarn(0, errno, "Failed stat on %s", arcname);
159 		(void)close(arfd);
160 		arfd = -1;
161 		can_unlnk = 0;
162 		return(-1);
163 	}
164 	if (S_ISDIR(arsb.st_mode)) {
165 		paxwarn(0, "Cannot write an archive on top of a directory %s",
166 		    arcname);
167 		(void)close(arfd);
168 		arfd = -1;
169 		can_unlnk = 0;
170 		return(-1);
171 	}
172 
173 	if (S_ISCHR(arsb.st_mode))
174 		artyp = ioctl(arfd, MTIOCGET, &mb) ? ISCHR : ISTAPE;
175 	else if (S_ISBLK(arsb.st_mode))
176 		artyp = ISBLK;
177 	else if ((lseek(arfd, (off_t)0L, SEEK_CUR) == -1) && (errno == ESPIPE))
178 		artyp = ISPIPE;
179 	else
180 		artyp = ISREG;
181 
182 	/*
183 	 * make sure we beyond any doubt that we only can unlink regular files
184 	 * we created
185 	 */
186 	if (artyp != ISREG)
187 		can_unlnk = 0;
188 	/*
189 	 * if we are writing, we are done
190 	 */
191 	if (act == ARCHIVE) {
192 		blksz = rdblksz = wrblksz;
193 		lstrval = 1;
194 		return(0);
195 	}
196 
197 	/*
198 	 * set default blksz on read. APPNDs writes rdblksz on the last volume
199 	 * On all new archive volumes, we shift to wrblksz (if the user
200 	 * specified one, otherwise we will continue to use rdblksz). We
201 	 * must set blocksize based on what kind of device the archive is
202 	 * stored.
203 	 */
204 	switch(artyp) {
205 	case ISTAPE:
206 		/*
207 		 * Tape drives come in at least two flavors. Those that support
208 		 * variable sized records and those that have fixed sized
209 		 * records. They must be treated differently. For tape drives
210 		 * that support variable sized records, we must make large
211 		 * reads to make sure we get the entire record, otherwise we
212 		 * will just get the first part of the record (up to size we
213 		 * asked). Tapes with fixed sized records may or may not return
214 		 * multiple records in a single read. We really do not care
215 		 * what the physical record size is UNLESS we are going to
216 		 * append. (We will need the physical block size to rewrite
217 		 * the trailer). Only when we are appending do we go to the
218 		 * effort to figure out the true PHYSICAL record size.
219 		 */
220 		blksz = rdblksz = MAXBLK;
221 		break;
222 	case ISPIPE:
223 	case ISBLK:
224 	case ISCHR:
225 		/*
226 		 * Blocksize is not a major issue with these devices (but must
227 		 * be kept a multiple of 512). If the user specified a write
228 		 * block size, we use that to read. Under append, we must
229 		 * always keep blksz == rdblksz. Otherwise we go ahead and use
230 		 * the device optimal blocksize as (and if) returned by stat
231 		 * and if it is within pax specs.
232 		 */
233 		if ((act == APPND) && wrblksz) {
234 			blksz = rdblksz = wrblksz;
235 			break;
236 		}
237 
238 		if ((arsb.st_blksize > 0) && (arsb.st_blksize < MAXBLK) &&
239 		    ((arsb.st_blksize % BLKMULT) == 0))
240 			rdblksz = arsb.st_blksize;
241 		else
242 			rdblksz = DEVBLK;
243 		/*
244 		 * For performance go for large reads when we can without harm
245 		 */
246 		if ((act == APPND) || (artyp == ISCHR))
247 			blksz = rdblksz;
248 		else
249 			blksz = MAXBLK;
250 		break;
251 	case ISREG:
252 		/*
253 		 * if the user specified wrblksz works, use it. Under appends
254 		 * we must always keep blksz == rdblksz
255 		 */
256 		if ((act == APPND) && wrblksz && ((arsb.st_size%wrblksz)==0)){
257 			blksz = rdblksz = wrblksz;
258 			break;
259 		}
260 		/*
261 		 * See if we can find the blocking factor from the file size
262 		 */
263 		for (rdblksz = MAXBLK; rdblksz > 0; rdblksz -= BLKMULT)
264 			if ((arsb.st_size % rdblksz) == 0)
265 				break;
266 		/*
267 		 * When we cannot find a match, we may have a flawed archive.
268 		 */
269 		if (rdblksz <= 0)
270 			rdblksz = FILEBLK;
271 		/*
272 		 * for performance go for large reads when we can
273 		 */
274 		if (act == APPND)
275 			blksz = rdblksz;
276 		else
277 			blksz = MAXBLK;
278 		break;
279 	default:
280 		/*
281 		 * should never happen, worst case, slow...
282 		 */
283 		blksz = rdblksz = BLKMULT;
284 		break;
285 	}
286 	lstrval = 1;
287 	return(0);
288 }
289 
290 /*
291  * ar_close()
292  *	closes archive device, increments volume number, and prints i/o summary
293  */
294 void
295 ar_close(void)
296 {
297 	int status;
298 
299 	if (arfd < 0) {
300 		did_io = io_ok = flcnt = 0;
301 		return;
302 	}
303 
304 	/*
305 	 * Close archive file. This may take a LONG while on tapes (we may be
306 	 * forced to wait for the rewind to complete) so tell the user what is
307 	 * going on (this avoids the user hitting control-c thinking pax is
308 	 * broken).
309 	 */
310 	if (vflag && (artyp == ISTAPE)) {
311 		if (vfpart)
312 			(void)putc('\n', listf);
313 		(void)fprintf(listf,
314 			"%s: Waiting for tape drive close to complete...",
315 			argv0);
316 		(void)fflush(listf);
317 	}
318 
319 	/*
320 	 * if nothing was written to the archive (and we created it), we remove
321 	 * it
322 	 */
323 	if (can_unlnk && (fstat(arfd, &arsb) == 0) && (S_ISREG(arsb.st_mode)) &&
324 	    (arsb.st_size == 0)) {
325 		(void)unlink(arcname);
326 		can_unlnk = 0;
327 	}
328 
329 	/*
330 	 * for a quick extract/list, pax frequently exits before the child
331 	 * process is done
332 	 */
333 	if ((act == LIST || act == EXTRACT) && nflag && zpid > 0)
334 		kill(zpid, SIGINT);
335 
336 	(void)close(arfd);
337 
338 	/* Do not exit before child to ensure data integrity */
339 	if (zpid > 0)
340 		waitpid(zpid, &status, 0);
341 
342 	if (vflag && (artyp == ISTAPE)) {
343 		(void)fputs("done.\n", listf);
344 		vfpart = 0;
345 		(void)fflush(listf);
346 	}
347 	arfd = -1;
348 
349 	if (!io_ok && !did_io) {
350 		flcnt = 0;
351 		return;
352 	}
353 	did_io = io_ok = 0;
354 
355 	/*
356 	 * The volume number is only increased when the last device has data
357 	 * and we have already determined the archive format.
358 	 */
359 	if (frmt != NULL)
360 		++arvol;
361 
362 	if (!vflag) {
363 		flcnt = 0;
364 		return;
365 	}
366 
367 	/*
368 	 * Print out a summary of I/O for this archive volume.
369 	 */
370 	if (vfpart) {
371 		(void)putc('\n', listf);
372 		vfpart = 0;
373 	}
374 
375 	/*
376 	 * If we have not determined the format yet, we just say how many bytes
377 	 * we have skipped over looking for a header to id. There is no way we
378 	 * could have written anything yet.
379 	 */
380 	if (frmt == NULL) {
381 		(void)fprintf(listf, "%s: unknown format, %ju bytes skipped.\n",
382 		    argv0, (uintmax_t)rdcnt);
383 		(void)fflush(listf);
384 		flcnt = 0;
385 		return;
386 	}
387 
388 	if (strcmp(NM_CPIO, argv0) == 0)
389 		(void)fprintf(listf, "%llu blocks\n",
390 		    (unsigned long long)((rdcnt ? rdcnt : wrcnt) / 5120));
391 	else if (strcmp(NM_TAR, argv0) != 0)
392 		(void)fprintf(listf,
393 		    "%s: %s vol %d, %ju files, %ju bytes read, %ju bytes written.\n",
394 		    argv0, frmt->name, arvol-1, (uintmax_t)flcnt,
395 		    (uintmax_t)rdcnt, (uintmax_t)wrcnt);
396 	(void)fflush(listf);
397 	flcnt = 0;
398 }
399 
400 /*
401  * ar_drain()
402  *	drain any archive format independent padding from an archive read
403  *	from a socket or a pipe. This is to prevent the process on the
404  *	other side of the pipe from getting a SIGPIPE (pax will stop
405  *	reading an archive once a format dependent trailer is detected).
406  */
407 void
408 ar_drain(void)
409 {
410 	int res;
411 	char drbuf[MAXBLK];
412 
413 	/*
414 	 * we only drain from a pipe/socket. Other devices can be closed
415 	 * without reading up to end of file. We sure hope that pipe is closed
416 	 * on the other side so we will get an EOF.
417 	 */
418 	if ((artyp != ISPIPE) || (lstrval <= 0))
419 		return;
420 
421 	/*
422 	 * keep reading until pipe is drained
423 	 */
424 	while ((res = read(arfd, drbuf, sizeof(drbuf))) > 0)
425 		;
426 	lstrval = res;
427 }
428 
429 /*
430  * ar_set_wr()
431  *	Set up device right before switching from read to write in an append.
432  *	device dependent code (if required) to do this should be added here.
433  *	For all archive devices we are already positioned at the place we want
434  *	to start writing when this routine is called.
435  * Return:
436  *	0 if all ready to write, -1 otherwise
437  */
438 
439 int
440 ar_set_wr(void)
441 {
442 	off_t cpos;
443 
444 	/*
445 	 * we must make sure the trailer is rewritten on append, ar_next()
446 	 * will stop us if the archive containing the trailer was not written
447 	 */
448 	wr_trail = 0;
449 
450 	/*
451 	 * Add any device dependent code as required here
452 	 */
453 	if (artyp != ISREG)
454 		return(0);
455 	/*
456 	 * Ok we have an archive in a regular file. If we were rewriting a
457 	 * file, we must get rid of all the stuff after the current offset
458 	 * (it was not written by pax).
459 	 */
460 	if (((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0) ||
461 	    (ftruncate(arfd, cpos) < 0)) {
462 		syswarn(1, errno, "Unable to truncate archive file");
463 		return(-1);
464 	}
465 	return(0);
466 }
467 
468 /*
469  * ar_app_ok()
470  *	check if the last volume in the archive allows appends. We cannot check
471  *	this until we are ready to write since there is no spec that says all
472  *	volumes in a single archive have to be of the same type...
473  * Return:
474  *	0 if we can append, -1 otherwise.
475  */
476 
477 int
478 ar_app_ok(void)
479 {
480 	if (artyp == ISPIPE) {
481 		paxwarn(1, "Cannot append to an archive obtained from a pipe.");
482 		return(-1);
483 	}
484 
485 	if (!invld_rec)
486 		return(0);
487 	paxwarn(1,"Cannot append, device record size %d does not support %s spec",
488 		rdblksz, argv0);
489 	return(-1);
490 }
491 
492 /*
493  * ar_read()
494  *	read up to a specified number of bytes from the archive into the
495  *	supplied buffer. When dealing with tapes we may not always be able to
496  *	read what we want.
497  * Return:
498  *	Number of bytes in buffer. 0 for end of file, -1 for a read error.
499  */
500 
501 int
502 ar_read(char *buf, int cnt)
503 {
504 	int res = 0;
505 
506 	/*
507 	 * if last i/o was in error, no more reads until reset or new volume
508 	 */
509 	if (lstrval <= 0)
510 		return(lstrval);
511 
512 	/*
513 	 * how we read must be based on device type
514 	 */
515 	switch (artyp) {
516 	case ISTAPE:
517 		if ((res = read(arfd, buf, cnt)) > 0) {
518 			/*
519 			 * CAUTION: tape systems may not always return the same
520 			 * sized records so we leave blksz == MAXBLK. The
521 			 * physical record size that a tape drive supports is
522 			 * very hard to determine in a uniform and portable
523 			 * manner.
524 			 */
525 			io_ok = 1;
526 			if (res != rdblksz) {
527 				/*
528 				 * Record size changed. If this happens on
529 				 * any record after the first, we probably have
530 				 * a tape drive which has a fixed record size
531 				 * (we are getting multiple records in a single
532 				 * read). Watch out for record blocking that
533 				 * violates pax spec (must be a multiple of
534 				 * BLKMULT).
535 				 */
536 				rdblksz = res;
537 				if (rdblksz % BLKMULT)
538 					invld_rec = 1;
539 			}
540 			return(res);
541 		}
542 		break;
543 	case ISREG:
544 	case ISBLK:
545 	case ISCHR:
546 	case ISPIPE:
547 	default:
548 		/*
549 		 * Files are so easy to deal with. These other things cannot
550 		 * be trusted at all. So when we are dealing with character
551 		 * devices and pipes we just take what they have ready for us
552 		 * and return. Trying to do anything else with them runs the
553 		 * risk of failure.
554 		 */
555 		if ((res = read(arfd, buf, cnt)) > 0) {
556 			io_ok = 1;
557 			return(res);
558 		}
559 		break;
560 	}
561 
562 	/*
563 	 * We are in trouble at this point, something is broken...
564 	 */
565 	lstrval = res;
566 	if (res < 0)
567 		syswarn(1, errno, "Failed read on archive volume %d", arvol);
568 	else
569 		paxwarn(0, "End of archive volume %d reached", arvol);
570 	return(res);
571 }
572 
573 /*
574  * ar_write()
575  *	Write a specified number of bytes in supplied buffer to the archive
576  *	device so it appears as a single "block". Deals with errors and tries
577  *	to recover when faced with short writes.
578  * Return:
579  *	Number of bytes written. 0 indicates end of volume reached and with no
580  *	flaws (as best that can be detected). A -1 indicates an unrecoverable
581  *	error in the archive occurred.
582  */
583 
584 int
585 ar_write(char *buf, int bsz)
586 {
587 	int res;
588 	off_t cpos;
589 
590 	/*
591 	 * do not allow pax to create a "bad" archive. Once a write fails on
592 	 * an archive volume prevent further writes to it.
593 	 */
594 	if (lstrval <= 0)
595 		return(lstrval);
596 
597 	if ((res = write(arfd, buf, bsz)) == bsz) {
598 		wr_trail = 1;
599 		io_ok = 1;
600 		return(bsz);
601 	}
602 	/*
603 	 * write broke, see what we can do with it. We try to send any partial
604 	 * writes that may violate pax spec to the next archive volume.
605 	 */
606 	if (res < 0)
607 		lstrval = res;
608 	else
609 		lstrval = 0;
610 
611 	switch (artyp) {
612 	case ISREG:
613 		if ((res > 0) && (res % BLKMULT)) {
614 			/*
615 		 	 * try to fix up partial writes which are not BLKMULT
616 			 * in size by forcing the runt record to next archive
617 			 * volume
618 		 	 */
619 			if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0)
620 				break;
621 			cpos -= (off_t)res;
622 			if (ftruncate(arfd, cpos) < 0)
623 				break;
624 			res = lstrval = 0;
625 			break;
626 		}
627 		if (res >= 0)
628 			break;
629 		/*
630 		 * if file is out of space, handle it like a return of 0
631 		 */
632 		if ((errno == ENOSPC) || (errno == EFBIG) || (errno == EDQUOT))
633 			res = lstrval = 0;
634 		break;
635 	case ISTAPE:
636 	case ISCHR:
637 	case ISBLK:
638 		if (res >= 0)
639 			break;
640 		if (errno == EACCES) {
641 			paxwarn(0, "Write failed, archive is write protected.");
642 			res = lstrval = 0;
643 			return(0);
644 		}
645 		/*
646 		 * see if we reached the end of media, if so force a change to
647 		 * the next volume
648 		 */
649 		if ((errno == ENOSPC) || (errno == EIO) || (errno == ENXIO))
650 			res = lstrval = 0;
651 		break;
652 	case ISPIPE:
653 	default:
654 		/*
655 		 * we cannot fix errors to these devices
656 		 */
657 		break;
658 	}
659 
660 	/*
661 	 * Better tell the user the bad news...
662 	 * if this is a block aligned archive format, we may have a bad archive
663 	 * if the format wants the header to start at a BLKMULT boundary. While
664 	 * we can deal with the mis-aligned data, it violates spec and other
665 	 * archive readers will likely fail. If the format is not block
666 	 * aligned, the user may be lucky (and the archive is ok).
667 	 */
668 	if (res >= 0) {
669 		if (res > 0)
670 			wr_trail = 1;
671 		io_ok = 1;
672 	}
673 
674 	/*
675 	 * If we were trying to rewrite the trailer and it didn't work, we
676 	 * must quit right away.
677 	 */
678 	if (!wr_trail && (res <= 0)) {
679 		paxwarn(1,"Unable to append, trailer re-write failed. Quitting.");
680 		return(res);
681 	}
682 
683 	if (res == 0)
684 		paxwarn(0, "End of archive volume %d reached", arvol);
685 	else if (res < 0)
686 		syswarn(1, errno, "Failed write to archive volume: %d", arvol);
687 	else if (!frmt->blkalgn || ((res % frmt->blkalgn) == 0))
688 		paxwarn(0,"WARNING: partial archive write. Archive MAY BE FLAWED");
689 	else
690 		paxwarn(1,"WARNING: partial archive write. Archive IS FLAWED");
691 	return(res);
692 }
693 
694 /*
695  * ar_rdsync()
696  *	Try to move past a bad spot on a flawed archive as needed to continue
697  *	I/O. Clears error flags to allow I/O to continue.
698  * Return:
699  *	0 when ok to try i/o again, -1 otherwise.
700  */
701 
702 int
703 ar_rdsync(void)
704 {
705 	long fsbz;
706 	off_t cpos;
707 	off_t mpos;
708 	struct mtop mb;
709 
710 	/*
711 	 * Fail resync attempts at user request (done) or if this is going to be
712 	 * an update/append to an existing archive. If last i/o hit media end,
713 	 * we need to go to the next volume not try a resync.
714 	 */
715 	if ((done > 0) || (lstrval == 0))
716 		return(-1);
717 
718 	if ((act == APPND) || (act == ARCHIVE)) {
719 		paxwarn(1, "Cannot allow updates to an archive with flaws.");
720 		return(-1);
721 	}
722 	if (io_ok)
723 		did_io = 1;
724 
725 	switch(artyp) {
726 	case ISTAPE:
727 		/*
728 		 * if the last i/o was a successful data transfer, we assume
729 		 * the fault is just a bad record on the tape that we are now
730 		 * past. If we did not get any data since the last resync try
731 		 * to move the tape forward one PHYSICAL record past any
732 		 * damaged tape section. Some tape drives are stubborn and need
733 		 * to be pushed.
734 		 */
735 		if (io_ok) {
736 			io_ok = 0;
737 			lstrval = 1;
738 			break;
739 		}
740 		mb.mt_op = MTFSR;
741 		mb.mt_count = 1;
742 		if (ioctl(arfd, MTIOCTOP, &mb) < 0)
743 			break;
744 		lstrval = 1;
745 		break;
746 	case ISREG:
747 	case ISCHR:
748 	case ISBLK:
749 		/*
750 		 * try to step over the bad part of the device.
751 		 */
752 		io_ok = 0;
753 		if (((fsbz = arsb.st_blksize) <= 0) || (artyp != ISREG))
754 			fsbz = BLKMULT;
755 		if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0)
756 			break;
757 		mpos = fsbz - (cpos % (off_t)fsbz);
758 		if (lseek(arfd, mpos, SEEK_CUR) < 0)
759 			break;
760 		lstrval = 1;
761 		break;
762 	case ISPIPE:
763 	default:
764 		/*
765 		 * cannot recover on these archive device types
766 		 */
767 		io_ok = 0;
768 		break;
769 	}
770 	if (lstrval <= 0) {
771 		paxwarn(1, "Unable to recover from an archive read failure.");
772 		return(-1);
773 	}
774 	paxwarn(0, "Attempting to recover from an archive read failure.");
775 	return(0);
776 }
777 
778 /*
779  * ar_fow()
780  *	Move the I/O position within the archive forward the specified number of
781  *	bytes as supported by the device. If we cannot move the requested
782  *	number of bytes, return the actual number of bytes moved in skipped.
783  * Return:
784  *	0 if moved the requested distance, -1 on complete failure, 1 on
785  *	partial move (the amount moved is in skipped)
786  */
787 
788 int
789 ar_fow(off_t sksz, off_t *skipped)
790 {
791 	off_t cpos;
792 	off_t mpos;
793 
794 	*skipped = 0;
795 	if (sksz <= 0)
796 		return(0);
797 
798 	/*
799 	 * we cannot move forward at EOF or error
800 	 */
801 	if (lstrval <= 0)
802 		return(lstrval);
803 
804 	/*
805 	 * Safer to read forward on devices where it is hard to find the end of
806 	 * the media without reading to it. With tapes we cannot be sure of the
807 	 * number of physical blocks to skip (we do not know physical block
808 	 * size at this point), so we must only read forward on tapes!
809 	 */
810 	if (artyp != ISREG)
811 		return(0);
812 
813 	/*
814 	 * figure out where we are in the archive
815 	 */
816 	if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) >= 0) {
817 		/*
818 	 	 * we can be asked to move farther than there are bytes in this
819 		 * volume, if so, just go to file end and let normal buf_fill()
820 		 * deal with the end of file (it will go to next volume by
821 		 * itself)
822 	 	 */
823 		if ((mpos = cpos + sksz) > arsb.st_size) {
824 			*skipped = arsb.st_size - cpos;
825 			mpos = arsb.st_size;
826 		} else
827 			*skipped = sksz;
828 		if (lseek(arfd, mpos, SEEK_SET) >= 0)
829 			return(0);
830 	}
831 	syswarn(1, errno, "Forward positioning operation on archive failed");
832 	lstrval = -1;
833 	return(-1);
834 }
835 
836 /*
837  * ar_rev()
838  *	move the i/o position within the archive backwards the specified byte
839  *	count as supported by the device. With tapes drives we RESET rdblksz to
840  *	the PHYSICAL blocksize.
841  *	NOTE: We should only be called to move backwards so we can rewrite the
842  *	last records (the trailer) of an archive (APPEND).
843  * Return:
844  *	0 if moved the requested distance, -1 on complete failure
845  */
846 
847 int
848 ar_rev(off_t sksz)
849 {
850 	off_t cpos;
851 	struct mtop mb;
852 	int phyblk;
853 
854 	/*
855 	 * make sure we do not have try to reverse on a flawed archive
856 	 */
857 	if (lstrval < 0)
858 		return(lstrval);
859 
860 	switch(artyp) {
861 	case ISPIPE:
862 		if (sksz <= 0)
863 			break;
864 		/*
865 		 * cannot go backwards on these critters
866 		 */
867 		paxwarn(1, "Reverse positioning on pipes is not supported.");
868 		lstrval = -1;
869 		return(-1);
870 	case ISREG:
871 	case ISBLK:
872 	case ISCHR:
873 	default:
874 		if (sksz <= 0)
875 			break;
876 
877 		/*
878 		 * For things other than files, backwards movement has a very
879 		 * high probability of failure as we really do not know the
880 		 * true attributes of the device we are talking to (the device
881 		 * may not even have the ability to lseek() in any direction).
882 		 * First we figure out where we are in the archive.
883 		 */
884 		if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0) {
885 			syswarn(1, errno,
886 			   "Unable to obtain current archive byte offset");
887 			lstrval = -1;
888 			return(-1);
889 		}
890 
891 		/*
892 		 * we may try to go backwards past the start when the archive
893 		 * is only a single record. If this happens and we are on a
894 		 * multi volume archive, we need to go to the end of the
895 		 * previous volume and continue our movement backwards from
896 		 * there.
897 		 */
898 		if ((cpos -= sksz) < (off_t)0L) {
899 			if (arvol > 1) {
900 				/*
901 				 * this should never happen
902 				 */
903 				paxwarn(1,"Reverse position on previous volume.");
904 				lstrval = -1;
905 				return(-1);
906 			}
907 			cpos = (off_t)0L;
908 		}
909 		if (lseek(arfd, cpos, SEEK_SET) < 0) {
910 			syswarn(1, errno, "Unable to seek archive backwards");
911 			lstrval = -1;
912 			return(-1);
913 		}
914 		break;
915 	case ISTAPE:
916 		/*
917 		 * Calculate and move the proper number of PHYSICAL tape
918 		 * blocks. If the sksz is not an even multiple of the physical
919 		 * tape size, we cannot do the move (this should never happen).
920 		 * (We also cannot handle trailers spread over two vols).
921 		 * get_phys() also makes sure we are in front of the filemark.
922 		 */
923 		if ((phyblk = get_phys()) <= 0) {
924 			lstrval = -1;
925 			return(-1);
926 		}
927 
928 		/*
929 		 * make sure future tape reads only go by physical tape block
930 		 * size (set rdblksz to the real size).
931 		 */
932 		rdblksz = phyblk;
933 
934 		/*
935 		 * if no movement is required, just return (we must be after
936 		 * get_phys() so the physical blocksize is properly set)
937 		 */
938 		if (sksz <= 0)
939 			break;
940 
941 		/*
942 		 * ok we have to move. Make sure the tape drive can do it.
943 		 */
944 		if (sksz % phyblk) {
945 			paxwarn(1,
946 			    "Tape drive unable to backspace requested amount");
947 			lstrval = -1;
948 			return(-1);
949 		}
950 
951 		/*
952 		 * move backwards the requested number of bytes
953 		 */
954 		mb.mt_op = MTBSR;
955 		mb.mt_count = sksz/phyblk;
956 		if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
957 			syswarn(1,errno, "Unable to backspace tape %d blocks.",
958 			    mb.mt_count);
959 			lstrval = -1;
960 			return(-1);
961 		}
962 		break;
963 	}
964 	lstrval = 1;
965 	return(0);
966 }
967 
968 /*
969  * get_phys()
970  *	Determine the physical block size on a tape drive. We need the physical
971  *	block size so we know how many bytes we skip over when we move with
972  *	mtio commands. We also make sure we are BEFORE THE TAPE FILEMARK when
973  *	return.
974  *	This is one really SLOW routine...
975  * Return:
976  *	physical block size if ok (ok > 0), -1 otherwise
977  */
978 
979 static int
980 get_phys(void)
981 {
982 	int padsz = 0;
983 	int res;
984 	int phyblk;
985 	struct mtop mb;
986 	char scbuf[MAXBLK];
987 
988 	/*
989 	 * move to the file mark, and then back up one record and read it.
990 	 * this should tell us the physical record size the tape is using.
991 	 */
992 	if (lstrval == 1) {
993 		/*
994 		 * we know we are at file mark when we get back a 0 from
995 		 * read()
996 		 */
997 		while ((res = read(arfd, scbuf, sizeof(scbuf))) > 0)
998 			padsz += res;
999 		if (res < 0) {
1000 			syswarn(1, errno, "Unable to locate tape filemark.");
1001 			return(-1);
1002 		}
1003 	}
1004 
1005 	/*
1006 	 * move backwards over the file mark so we are at the end of the
1007 	 * last record.
1008 	 */
1009 	mb.mt_op = MTBSF;
1010 	mb.mt_count = 1;
1011 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1012 		syswarn(1, errno, "Unable to backspace over tape filemark.");
1013 		return(-1);
1014 	}
1015 
1016 	/*
1017 	 * move backwards so we are in front of the last record and read it to
1018 	 * get physical tape blocksize.
1019 	 */
1020 	mb.mt_op = MTBSR;
1021 	mb.mt_count = 1;
1022 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1023 		syswarn(1, errno, "Unable to backspace over last tape block.");
1024 		return(-1);
1025 	}
1026 	if ((phyblk = read(arfd, scbuf, sizeof(scbuf))) <= 0) {
1027 		syswarn(1, errno, "Cannot determine archive tape blocksize.");
1028 		return(-1);
1029 	}
1030 
1031 	/*
1032 	 * read forward to the file mark, then back up in front of the filemark
1033 	 * (this is a bit paranoid, but should be safe to do).
1034 	 */
1035 	while ((res = read(arfd, scbuf, sizeof(scbuf))) > 0)
1036 		;
1037 	if (res < 0) {
1038 		syswarn(1, errno, "Unable to locate tape filemark.");
1039 		return(-1);
1040 	}
1041 	mb.mt_op = MTBSF;
1042 	mb.mt_count = 1;
1043 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1044 		syswarn(1, errno, "Unable to backspace over tape filemark.");
1045 		return(-1);
1046 	}
1047 
1048 	/*
1049 	 * set lstrval so we know that the filemark has not been seen
1050 	 */
1051 	lstrval = 1;
1052 
1053 	/*
1054 	 * return if there was no padding
1055 	 */
1056 	if (padsz == 0)
1057 		return(phyblk);
1058 
1059 	/*
1060 	 * make sure we can move backwards over the padding. (this should
1061 	 * never fail).
1062 	 */
1063 	if (padsz % phyblk) {
1064 		paxwarn(1, "Tape drive unable to backspace requested amount");
1065 		return(-1);
1066 	}
1067 
1068 	/*
1069 	 * move backwards over the padding so the head is where it was when
1070 	 * we were first called (if required).
1071 	 */
1072 	mb.mt_op = MTBSR;
1073 	mb.mt_count = padsz/phyblk;
1074 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1075 		syswarn(1,errno,"Unable to backspace tape over %d pad blocks",
1076 		    mb.mt_count);
1077 		return(-1);
1078 	}
1079 	return(phyblk);
1080 }
1081 
1082 /*
1083  * ar_next()
1084  *	prompts the user for the next volume in this archive. For some devices
1085  *	we may allow the media to be changed. Otherwise a new archive is
1086  *	prompted for. By pax spec, if there is no controlling tty or an eof is
1087  *	read on tty input, we must quit pax.
1088  * Return:
1089  *	0 when ready to continue, -1 when all done
1090  */
1091 
1092 int
1093 ar_next(void)
1094 {
1095 	static char *arcbuf;
1096 	char buf[PAXPATHLEN+2];
1097 	sigset_t o_mask;
1098 
1099 	/*
1100 	 * WE MUST CLOSE THE DEVICE. A lot of devices must see last close, (so
1101 	 * things like writing EOF etc will be done) (Watch out ar_close() can
1102 	 * also be called via a signal handler, so we must prevent a race.
1103 	 */
1104 	if (sigprocmask(SIG_BLOCK, &s_mask, &o_mask) < 0)
1105 		syswarn(0, errno, "Unable to set signal mask");
1106 	ar_close();
1107 	if (sigprocmask(SIG_SETMASK, &o_mask, NULL) < 0)
1108 		syswarn(0, errno, "Unable to restore signal mask");
1109 
1110 	if (done || !wr_trail || Oflag || strcmp(NM_TAR, argv0) == 0)
1111 		return(-1);
1112 
1113 	tty_prnt("\nATTENTION! %s archive volume change required.\n", argv0);
1114 
1115 	/*
1116 	 * if i/o is on stdin or stdout, we cannot reopen it (we do not know
1117 	 * the name), the user will be forced to type it in.
1118 	 */
1119 	if (strcmp(arcname, stdo) && strcmp(arcname, stdn) && (artyp != ISREG)
1120 	    && (artyp != ISPIPE)) {
1121 		if (artyp == ISTAPE) {
1122 			tty_prnt("%s ready for archive tape volume: %d\n",
1123 				arcname, arvol);
1124 			tty_prnt("Load the NEXT TAPE on the tape drive");
1125 		} else {
1126 			tty_prnt("%s ready for archive volume: %d\n",
1127 				arcname, arvol);
1128 			tty_prnt("Load the NEXT STORAGE MEDIA (if required)");
1129 		}
1130 
1131 		if ((act == ARCHIVE) || (act == APPND))
1132 			tty_prnt(" and make sure it is WRITE ENABLED.\n");
1133 		else
1134 			tty_prnt("\n");
1135 
1136 		for(;;) {
1137 			tty_prnt("Type \"y\" to continue, \".\" to quit %s,",
1138 				argv0);
1139 			tty_prnt(" or \"s\" to switch to new device.\nIf you");
1140 			tty_prnt(" cannot change storage media, type \"s\"\n");
1141 			tty_prnt("Is the device ready and online? > ");
1142 
1143 			if ((tty_read(buf,sizeof(buf))<0) || !strcmp(buf,".")){
1144 				done = 1;
1145 				lstrval = -1;
1146 				tty_prnt("Quitting %s!\n", argv0);
1147 				vfpart = 0;
1148 				return(-1);
1149 			}
1150 
1151 			if ((buf[0] == '\0') || (buf[1] != '\0')) {
1152 				tty_prnt("%s unknown command, try again\n",buf);
1153 				continue;
1154 			}
1155 
1156 			switch (buf[0]) {
1157 			case 'y':
1158 			case 'Y':
1159 				/*
1160 				 * we are to continue with the same device
1161 				 */
1162 				if (ar_open(arcname) >= 0)
1163 					return(0);
1164 				tty_prnt("Cannot re-open %s, try again\n",
1165 					arcname);
1166 				continue;
1167 			case 's':
1168 			case 'S':
1169 				/*
1170 				 * user wants to open a different device
1171 				 */
1172 				tty_prnt("Switching to a different archive\n");
1173 				break;
1174 			default:
1175 				tty_prnt("%s unknown command, try again\n",buf);
1176 				continue;
1177 			}
1178 			break;
1179 		}
1180 	} else
1181 		tty_prnt("Ready for archive volume: %d\n", arvol);
1182 
1183 	/*
1184 	 * have to go to a different archive
1185 	 */
1186 	for (;;) {
1187 		tty_prnt("Input archive name or \".\" to quit %s.\n", argv0);
1188 		tty_prnt("Archive name > ");
1189 
1190 		if ((tty_read(buf, sizeof(buf)) < 0) || !strcmp(buf, ".")) {
1191 			done = 1;
1192 			lstrval = -1;
1193 			tty_prnt("Quitting %s!\n", argv0);
1194 			vfpart = 0;
1195 			return(-1);
1196 		}
1197 		if (buf[0] == '\0') {
1198 			tty_prnt("Empty file name, try again\n");
1199 			continue;
1200 		}
1201 		if (!strcmp(buf, "..")) {
1202 			tty_prnt("Illegal file name: .. try again\n");
1203 			continue;
1204 		}
1205 		if (strlen(buf) > PAXPATHLEN) {
1206 			tty_prnt("File name too long, try again\n");
1207 			continue;
1208 		}
1209 
1210 		/*
1211 		 * try to open new archive
1212 		 */
1213 		if (ar_open(buf) >= 0) {
1214 			free(arcbuf);
1215 			if ((arcbuf = strdup(buf)) == NULL) {
1216 				done = 1;
1217 				lstrval = -1;
1218 				paxwarn(0, "Cannot save archive name.");
1219 				return(-1);
1220 			}
1221 			arcname = arcbuf;
1222 			break;
1223 		}
1224 		tty_prnt("Cannot open %s, try again\n", buf);
1225 		continue;
1226 	}
1227 	return(0);
1228 }
1229 
1230 /*
1231  * ar_start_gzip()
1232  * starts the gzip compression/decompression process as a child, using magic
1233  * to keep the fd the same in the calling function (parent).
1234  */
1235 void
1236 ar_start_gzip(int fd, const char *gzip_prog, int wr)
1237 {
1238 	int fds[2];
1239 	const char *gzip_flags;
1240 
1241 	if (pipe(fds) < 0)
1242 		err(1, "could not pipe");
1243 	zpid = fork();
1244 	if (zpid < 0)
1245 		err(1, "could not fork");
1246 
1247 	/* parent */
1248 	if (zpid) {
1249 		if (wr)
1250 			dup2(fds[1], fd);
1251 		else
1252 			dup2(fds[0], fd);
1253 		close(fds[0]);
1254 		close(fds[1]);
1255 	} else {
1256 		if (wr) {
1257 			dup2(fds[0], STDIN_FILENO);
1258 			dup2(fd, STDOUT_FILENO);
1259 			gzip_flags = "-c";
1260 		} else {
1261 			dup2(fds[1], STDOUT_FILENO);
1262 			dup2(fd, STDIN_FILENO);
1263 			gzip_flags = "-dc";
1264 		}
1265 		close(fds[0]);
1266 		close(fds[1]);
1267 		if (execlp(gzip_prog, gzip_prog, gzip_flags,
1268 		    (char *)NULL) < 0)
1269 			err(1, "could not exec");
1270 		/* NOTREACHED */
1271 	}
1272 }
1273