xref: /freebsd/bin/pax/ar_io.c (revision d27ba3088424e53eabc0b0186ed122ec43119501)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1992 Keith Muller.
5  * Copyright (c) 1992, 1993
6  *	The Regents of the University of California.  All rights reserved.
7  *
8  * This code is derived from software contributed to Berkeley by
9  * Keith Muller of the University of California, San Diego.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  * 2. Redistributions in binary form must reproduce the above copyright
17  *    notice, this list of conditions and the following disclaimer in the
18  *    documentation and/or other materials provided with the distribution.
19  * 3. Neither the name of the University nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #ifndef lint
37 #if 0
38 static char sccsid[] = "@(#)ar_io.c	8.2 (Berkeley) 4/18/94";
39 #endif
40 #endif /* not lint */
41 #include <sys/cdefs.h>
42 __FBSDID("$FreeBSD$");
43 
44 #include <sys/types.h>
45 #include <sys/ioctl.h>
46 #include <sys/mtio.h>
47 #include <sys/stat.h>
48 #include <sys/wait.h>
49 #include <err.h>
50 #include <errno.h>
51 #include <fcntl.h>
52 #include <signal.h>
53 #include <stdint.h>
54 #include <stdio.h>
55 #include <string.h>
56 #include <stdlib.h>
57 #include <unistd.h>
58 #include "pax.h"
59 #include "options.h"
60 #include "extern.h"
61 
62 /*
63  * Routines which deal directly with the archive I/O device/file.
64  */
65 
66 #define DMOD		0666		/* default mode of created archives */
67 #define EXT_MODE	O_RDONLY	/* open mode for list/extract */
68 #define AR_MODE		(O_WRONLY | O_CREAT | O_TRUNC)	/* mode for archive */
69 #define APP_MODE	O_RDWR		/* mode for append */
70 
71 static char none[] = "<NONE>";		/* pseudo name for no file */
72 static char stdo[] = "<STDOUT>";	/* pseudo name for stdout */
73 static char stdn[] = "<STDIN>";		/* pseudo name for stdin */
74 static int arfd = -1;			/* archive file descriptor */
75 static int artyp = ISREG;		/* archive type: file/FIFO/tape */
76 static int arvol = 1;			/* archive volume number */
77 static int lstrval = -1;		/* return value from last i/o */
78 static int io_ok;			/* i/o worked on volume after resync */
79 static int did_io;			/* did i/o ever occur on volume? */
80 static int done;			/* set via tty termination */
81 static struct stat arsb;		/* stat of archive device at open */
82 static int invld_rec;			/* tape has out of spec record size */
83 static int wr_trail = 1;		/* trailer was rewritten in append */
84 static int can_unlnk = 0;		/* do we unlink null archives?  */
85 const char *arcname;		  	/* printable name of archive */
86 const char *gzip_program;		/* name of gzip program */
87 static pid_t zpid = -1; 		/* pid of child process */
88 
89 static int get_phys(void);
90 static void ar_start_gzip(int, const char *, int);
91 
92 /*
93  * ar_open()
94  *	Opens the next archive volume. Determines the type of the device and
95  *	sets up block sizes as required by the archive device and the format.
96  *	Note: we may be called with name == NULL on the first open only.
97  * Return:
98  *	-1 on failure, 0 otherwise
99  */
100 
101 int
102 ar_open(const char *name)
103 {
104 	struct mtget mb;
105 
106 	if (arfd != -1)
107 		(void)close(arfd);
108 	arfd = -1;
109 	can_unlnk = did_io = io_ok = invld_rec = 0;
110 	artyp = ISREG;
111 	flcnt = 0;
112 
113 	/*
114 	 * open based on overall operation mode
115 	 */
116 	switch (act) {
117 	case LIST:
118 	case EXTRACT:
119 		if (name == NULL) {
120 			arfd = STDIN_FILENO;
121 			arcname = stdn;
122 		} else if ((arfd = open(name, EXT_MODE, DMOD)) < 0)
123 			syswarn(0, errno, "Failed open to read on %s", name);
124 		if (arfd != -1 && gzip_program != NULL)
125 			ar_start_gzip(arfd, gzip_program, 0);
126 		break;
127 	case ARCHIVE:
128 		if (name == NULL) {
129 			arfd = STDOUT_FILENO;
130 			arcname = stdo;
131 		} else if ((arfd = open(name, AR_MODE, DMOD)) < 0)
132 			syswarn(0, errno, "Failed open to write on %s", name);
133 		else
134 			can_unlnk = 1;
135 		if (arfd != -1 && gzip_program != NULL)
136 			ar_start_gzip(arfd, gzip_program, 1);
137 		break;
138 	case APPND:
139 		if (name == NULL) {
140 			arfd = STDOUT_FILENO;
141 			arcname = stdo;
142 		} else if ((arfd = open(name, APP_MODE, DMOD)) < 0)
143 			syswarn(0, errno, "Failed open to read/write on %s",
144 				name);
145 		break;
146 	case COPY:
147 		/*
148 		 * arfd not used in COPY mode
149 		 */
150 		arcname = none;
151 		lstrval = 1;
152 		return(0);
153 	}
154 	if (arfd < 0)
155 		return(-1);
156 
157 	if (chdname != NULL)
158 		if (chdir(chdname) != 0) {
159 			syswarn(1, errno, "Failed chdir to %s", chdname);
160 			return(-1);
161 		}
162 	/*
163 	 * set up is based on device type
164 	 */
165 	if (fstat(arfd, &arsb) < 0) {
166 		syswarn(0, errno, "Failed stat on %s", arcname);
167 		(void)close(arfd);
168 		arfd = -1;
169 		can_unlnk = 0;
170 		return(-1);
171 	}
172 	if (S_ISDIR(arsb.st_mode)) {
173 		paxwarn(0, "Cannot write an archive on top of a directory %s",
174 		    arcname);
175 		(void)close(arfd);
176 		arfd = -1;
177 		can_unlnk = 0;
178 		return(-1);
179 	}
180 
181 	if (S_ISCHR(arsb.st_mode))
182 		artyp = ioctl(arfd, MTIOCGET, &mb) ? ISCHR : ISTAPE;
183 	else if (S_ISBLK(arsb.st_mode))
184 		artyp = ISBLK;
185 	else if ((lseek(arfd, (off_t)0L, SEEK_CUR) == -1) && (errno == ESPIPE))
186 		artyp = ISPIPE;
187 	else
188 		artyp = ISREG;
189 
190 	/*
191 	 * make sure we beyond any doubt that we only can unlink regular files
192 	 * we created
193 	 */
194 	if (artyp != ISREG)
195 		can_unlnk = 0;
196 	/*
197 	 * if we are writing, we are done
198 	 */
199 	if (act == ARCHIVE) {
200 		blksz = rdblksz = wrblksz;
201 		lstrval = 1;
202 		return(0);
203 	}
204 
205 	/*
206 	 * set default blksz on read. APPNDs writes rdblksz on the last volume
207 	 * On all new archive volumes, we shift to wrblksz (if the user
208 	 * specified one, otherwise we will continue to use rdblksz). We
209 	 * must to set blocksize based on what kind of device the archive is
210 	 * stored.
211 	 */
212 	switch(artyp) {
213 	case ISTAPE:
214 		/*
215 		 * Tape drives come in at least two flavors. Those that support
216 		 * variable sized records and those that have fixed sized
217 		 * records. They must be treated differently. For tape drives
218 		 * that support variable sized records, we must make large
219 		 * reads to make sure we get the entire record, otherwise we
220 		 * will just get the first part of the record (up to size we
221 		 * asked). Tapes with fixed sized records may or may not return
222 		 * multiple records in a single read. We really do not care
223 		 * what the physical record size is UNLESS we are going to
224 		 * append. (We will need the physical block size to rewrite
225 		 * the trailer). Only when we are appending do we go to the
226 		 * effort to figure out the true PHYSICAL record size.
227 		 */
228 		blksz = rdblksz = MAXBLK;
229 		break;
230 	case ISPIPE:
231 	case ISBLK:
232 	case ISCHR:
233 		/*
234 		 * Blocksize is not a major issue with these devices (but must
235 		 * be kept a multiple of 512). If the user specified a write
236 		 * block size, we use that to read. Under append, we must
237 		 * always keep blksz == rdblksz. Otherwise we go ahead and use
238 		 * the device optimal blocksize as (and if) returned by stat
239 		 * and if it is within pax specs.
240 		 */
241 		if ((act == APPND) && wrblksz) {
242 			blksz = rdblksz = wrblksz;
243 			break;
244 		}
245 
246 		if ((arsb.st_blksize > 0) && (arsb.st_blksize < MAXBLK) &&
247 		    ((arsb.st_blksize % BLKMULT) == 0))
248 			rdblksz = arsb.st_blksize;
249 		else
250 			rdblksz = DEVBLK;
251 		/*
252 		 * For performance go for large reads when we can without harm
253 		 */
254 		if ((act == APPND) || (artyp == ISCHR))
255 			blksz = rdblksz;
256 		else
257 			blksz = MAXBLK;
258 		break;
259 	case ISREG:
260 		/*
261 		 * if the user specified wrblksz works, use it. Under appends
262 		 * we must always keep blksz == rdblksz
263 		 */
264 		if ((act == APPND) && wrblksz && ((arsb.st_size%wrblksz)==0)){
265 			blksz = rdblksz = wrblksz;
266 			break;
267 		}
268 		/*
269 		 * See if we can find the blocking factor from the file size
270 		 */
271 		for (rdblksz = MAXBLK; rdblksz > 0; rdblksz -= BLKMULT)
272 			if ((arsb.st_size % rdblksz) == 0)
273 				break;
274 		/*
275 		 * When we cannot find a match, we may have a flawed archive.
276 		 */
277 		if (rdblksz <= 0)
278 			rdblksz = FILEBLK;
279 		/*
280 		 * for performance go for large reads when we can
281 		 */
282 		if (act == APPND)
283 			blksz = rdblksz;
284 		else
285 			blksz = MAXBLK;
286 		break;
287 	default:
288 		/*
289 		 * should never happen, worse case, slow...
290 		 */
291 		blksz = rdblksz = BLKMULT;
292 		break;
293 	}
294 	lstrval = 1;
295 	return(0);
296 }
297 
298 /*
299  * ar_close()
300  *	closes archive device, increments volume number, and prints i/o summary
301  */
302 void
303 ar_close(void)
304 {
305 	int status;
306 
307 	if (arfd < 0) {
308 		did_io = io_ok = flcnt = 0;
309 		return;
310 	}
311 
312 	/*
313 	 * Close archive file. This may take a LONG while on tapes (we may be
314 	 * forced to wait for the rewind to complete) so tell the user what is
315 	 * going on (this avoids the user hitting control-c thinking pax is
316 	 * broken).
317 	 */
318 	if (vflag && (artyp == ISTAPE)) {
319 		if (vfpart)
320 			(void)putc('\n', listf);
321 		(void)fprintf(listf,
322 			"%s: Waiting for tape drive close to complete...",
323 			argv0);
324 		(void)fflush(listf);
325 	}
326 
327 	/*
328 	 * if nothing was written to the archive (and we created it), we remove
329 	 * it
330 	 */
331 	if (can_unlnk && (fstat(arfd, &arsb) == 0) && (S_ISREG(arsb.st_mode)) &&
332 	    (arsb.st_size == 0)) {
333 		(void)unlink(arcname);
334 		can_unlnk = 0;
335 	}
336 
337 	/*
338 	 * for a quick extract/list, pax frequently exits before the child
339 	 * process is done
340 	 */
341 	if ((act == LIST || act == EXTRACT) && nflag && zpid > 0)
342 		kill(zpid, SIGINT);
343 
344 	(void)close(arfd);
345 
346 	/* Do not exit before child to ensure data integrity */
347 	if (zpid > 0)
348 		waitpid(zpid, &status, 0);
349 
350 	if (vflag && (artyp == ISTAPE)) {
351 		(void)fputs("done.\n", listf);
352 		vfpart = 0;
353 		(void)fflush(listf);
354 	}
355 	arfd = -1;
356 
357 	if (!io_ok && !did_io) {
358 		flcnt = 0;
359 		return;
360 	}
361 	did_io = io_ok = 0;
362 
363 	/*
364 	 * The volume number is only increased when the last device has data
365 	 * and we have already determined the archive format.
366 	 */
367 	if (frmt != NULL)
368 		++arvol;
369 
370 	if (!vflag) {
371 		flcnt = 0;
372 		return;
373 	}
374 
375 	/*
376 	 * Print out a summary of I/O for this archive volume.
377 	 */
378 	if (vfpart) {
379 		(void)putc('\n', listf);
380 		vfpart = 0;
381 	}
382 
383 	/*
384 	 * If we have not determined the format yet, we just say how many bytes
385 	 * we have skipped over looking for a header to id. There is no way we
386 	 * could have written anything yet.
387 	 */
388 	if (frmt == NULL) {
389 #	ifdef NET2_STAT
390 		(void)fprintf(listf, "%s: unknown format, %lu bytes skipped.\n",
391 		    argv0, rdcnt);
392 #	else
393 		(void)fprintf(listf, "%s: unknown format, %ju bytes skipped.\n",
394 		    argv0, (uintmax_t)rdcnt);
395 #	endif
396 		(void)fflush(listf);
397 		flcnt = 0;
398 		return;
399 	}
400 
401 	if (strcmp(NM_CPIO, argv0) == 0)
402 		(void)fprintf(listf, "%llu blocks\n",
403 		    (unsigned long long)((rdcnt ? rdcnt : wrcnt) / 5120));
404 	else if (strcmp(NM_TAR, argv0) != 0)
405 		(void)fprintf(listf,
406 #	ifdef NET2_STAT
407 		    "%s: %s vol %d, %lu files, %lu bytes read, %lu bytes written.\n",
408 		    argv0, frmt->name, arvol-1, flcnt, rdcnt, wrcnt);
409 #	else
410 		    "%s: %s vol %d, %ju files, %ju bytes read, %ju bytes written.\n",
411 		    argv0, frmt->name, arvol-1, (uintmax_t)flcnt,
412 		    (uintmax_t)rdcnt, (uintmax_t)wrcnt);
413 #	endif
414 	(void)fflush(listf);
415 	flcnt = 0;
416 }
417 
418 /*
419  * ar_drain()
420  *	drain any archive format independent padding from an archive read
421  *	from a socket or a pipe. This is to prevent the process on the
422  *	other side of the pipe from getting a SIGPIPE (pax will stop
423  *	reading an archive once a format dependent trailer is detected).
424  */
425 void
426 ar_drain(void)
427 {
428 	int res;
429 	char drbuf[MAXBLK];
430 
431 	/*
432 	 * we only drain from a pipe/socket. Other devices can be closed
433 	 * without reading up to end of file. We sure hope that pipe is closed
434 	 * on the other side so we will get an EOF.
435 	 */
436 	if ((artyp != ISPIPE) || (lstrval <= 0))
437 		return;
438 
439 	/*
440 	 * keep reading until pipe is drained
441 	 */
442 	while ((res = read(arfd, drbuf, sizeof(drbuf))) > 0)
443 		;
444 	lstrval = res;
445 }
446 
447 /*
448  * ar_set_wr()
449  *	Set up device right before switching from read to write in an append.
450  *	device dependent code (if required) to do this should be added here.
451  *	For all archive devices we are already positioned at the place we want
452  *	to start writing when this routine is called.
453  * Return:
454  *	0 if all ready to write, -1 otherwise
455  */
456 
457 int
458 ar_set_wr(void)
459 {
460 	off_t cpos;
461 
462 	/*
463 	 * we must make sure the trailer is rewritten on append, ar_next()
464 	 * will stop us if the archive containing the trailer was not written
465 	 */
466 	wr_trail = 0;
467 
468 	/*
469 	 * Add any device dependent code as required here
470 	 */
471 	if (artyp != ISREG)
472 		return(0);
473 	/*
474 	 * Ok we have an archive in a regular file. If we were rewriting a
475 	 * file, we must get rid of all the stuff after the current offset
476 	 * (it was not written by pax).
477 	 */
478 	if (((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0) ||
479 	    (ftruncate(arfd, cpos) < 0)) {
480 		syswarn(1, errno, "Unable to truncate archive file");
481 		return(-1);
482 	}
483 	return(0);
484 }
485 
486 /*
487  * ar_app_ok()
488  *	check if the last volume in the archive allows appends. We cannot check
489  *	this until we are ready to write since there is no spec that says all
490  *	volumes in a single archive have to be of the same type...
491  * Return:
492  *	0 if we can append, -1 otherwise.
493  */
494 
495 int
496 ar_app_ok(void)
497 {
498 	if (artyp == ISPIPE) {
499 		paxwarn(1, "Cannot append to an archive obtained from a pipe.");
500 		return(-1);
501 	}
502 
503 	if (!invld_rec)
504 		return(0);
505 	paxwarn(1,"Cannot append, device record size %d does not support %s spec",
506 		rdblksz, argv0);
507 	return(-1);
508 }
509 
510 /*
511  * ar_read()
512  *	read up to a specified number of bytes from the archive into the
513  *	supplied buffer. When dealing with tapes we may not always be able to
514  *	read what we want.
515  * Return:
516  *	Number of bytes in buffer. 0 for end of file, -1 for a read error.
517  */
518 
519 int
520 ar_read(char *buf, int cnt)
521 {
522 	int res = 0;
523 
524 	/*
525 	 * if last i/o was in error, no more reads until reset or new volume
526 	 */
527 	if (lstrval <= 0)
528 		return(lstrval);
529 
530 	/*
531 	 * how we read must be based on device type
532 	 */
533 	switch (artyp) {
534 	case ISTAPE:
535 		if ((res = read(arfd, buf, cnt)) > 0) {
536 			/*
537 			 * CAUTION: tape systems may not always return the same
538 			 * sized records so we leave blksz == MAXBLK. The
539 			 * physical record size that a tape drive supports is
540 			 * very hard to determine in a uniform and portable
541 			 * manner.
542 			 */
543 			io_ok = 1;
544 			if (res != rdblksz) {
545 				/*
546 				 * Record size changed. If this is happens on
547 				 * any record after the first, we probably have
548 				 * a tape drive which has a fixed record size
549 				 * we are getting multiple records in a single
550 				 * read). Watch out for record blocking that
551 				 * violates pax spec (must be a multiple of
552 				 * BLKMULT).
553 				 */
554 				rdblksz = res;
555 				if (rdblksz % BLKMULT)
556 					invld_rec = 1;
557 			}
558 			return(res);
559 		}
560 		break;
561 	case ISREG:
562 	case ISBLK:
563 	case ISCHR:
564 	case ISPIPE:
565 	default:
566 		/*
567 		 * Files are so easy to deal with. These other things cannot
568 		 * be trusted at all. So when we are dealing with character
569 		 * devices and pipes we just take what they have ready for us
570 		 * and return. Trying to do anything else with them runs the
571 		 * risk of failure.
572 		 */
573 		if ((res = read(arfd, buf, cnt)) > 0) {
574 			io_ok = 1;
575 			return(res);
576 		}
577 		break;
578 	}
579 
580 	/*
581 	 * We are in trouble at this point, something is broken...
582 	 */
583 	lstrval = res;
584 	if (res < 0)
585 		syswarn(1, errno, "Failed read on archive volume %d", arvol);
586 	else
587 		paxwarn(0, "End of archive volume %d reached", arvol);
588 	return(res);
589 }
590 
591 /*
592  * ar_write()
593  *	Write a specified number of bytes in supplied buffer to the archive
594  *	device so it appears as a single "block". Deals with errors and tries
595  *	to recover when faced with short writes.
596  * Return:
597  *	Number of bytes written. 0 indicates end of volume reached and with no
598  *	flaws (as best that can be detected). A -1 indicates an unrecoverable
599  *	error in the archive occurred.
600  */
601 
602 int
603 ar_write(char *buf, int bsz)
604 {
605 	int res;
606 	off_t cpos;
607 
608 	/*
609 	 * do not allow pax to create a "bad" archive. Once a write fails on
610 	 * an archive volume prevent further writes to it.
611 	 */
612 	if (lstrval <= 0)
613 		return(lstrval);
614 
615 	if ((res = write(arfd, buf, bsz)) == bsz) {
616 		wr_trail = 1;
617 		io_ok = 1;
618 		return(bsz);
619 	}
620 	/*
621 	 * write broke, see what we can do with it. We try to send any partial
622 	 * writes that may violate pax spec to the next archive volume.
623 	 */
624 	if (res < 0)
625 		lstrval = res;
626 	else
627 		lstrval = 0;
628 
629 	switch (artyp) {
630 	case ISREG:
631 		if ((res > 0) && (res % BLKMULT)) {
632 			/*
633 		 	 * try to fix up partial writes which are not BLKMULT
634 			 * in size by forcing the runt record to next archive
635 			 * volume
636 		 	 */
637 			if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0)
638 				break;
639 			cpos -= (off_t)res;
640 			if (ftruncate(arfd, cpos) < 0)
641 				break;
642 			res = lstrval = 0;
643 			break;
644 		}
645 		if (res >= 0)
646 			break;
647 		/*
648 		 * if file is out of space, handle it like a return of 0
649 		 */
650 		if ((errno == ENOSPC) || (errno == EFBIG) || (errno == EDQUOT))
651 			res = lstrval = 0;
652 		break;
653 	case ISTAPE:
654 	case ISCHR:
655 	case ISBLK:
656 		if (res >= 0)
657 			break;
658 		if (errno == EACCES) {
659 			paxwarn(0, "Write failed, archive is write protected.");
660 			res = lstrval = 0;
661 			return(0);
662 		}
663 		/*
664 		 * see if we reached the end of media, if so force a change to
665 		 * the next volume
666 		 */
667 		if ((errno == ENOSPC) || (errno == EIO) || (errno == ENXIO))
668 			res = lstrval = 0;
669 		break;
670 	case ISPIPE:
671 	default:
672 		/*
673 		 * we cannot fix errors to these devices
674 		 */
675 		break;
676 	}
677 
678 	/*
679 	 * Better tell the user the bad news...
680 	 * if this is a block aligned archive format, we may have a bad archive
681 	 * if the format wants the header to start at a BLKMULT boundary. While
682 	 * we can deal with the mis-aligned data, it violates spec and other
683 	 * archive readers will likely fail. If the format is not block
684 	 * aligned, the user may be lucky (and the archive is ok).
685 	 */
686 	if (res >= 0) {
687 		if (res > 0)
688 			wr_trail = 1;
689 		io_ok = 1;
690 	}
691 
692 	/*
693 	 * If we were trying to rewrite the trailer and it didn't work, we
694 	 * must quit right away.
695 	 */
696 	if (!wr_trail && (res <= 0)) {
697 		paxwarn(1,"Unable to append, trailer re-write failed. Quitting.");
698 		return(res);
699 	}
700 
701 	if (res == 0)
702 		paxwarn(0, "End of archive volume %d reached", arvol);
703 	else if (res < 0)
704 		syswarn(1, errno, "Failed write to archive volume: %d", arvol);
705 	else if (!frmt->blkalgn || ((res % frmt->blkalgn) == 0))
706 		paxwarn(0,"WARNING: partial archive write. Archive MAY BE FLAWED");
707 	else
708 		paxwarn(1,"WARNING: partial archive write. Archive IS FLAWED");
709 	return(res);
710 }
711 
712 /*
713  * ar_rdsync()
714  *	Try to move past a bad spot on a flawed archive as needed to continue
715  *	I/O. Clears error flags to allow I/O to continue.
716  * Return:
717  *	0 when ok to try i/o again, -1 otherwise.
718  */
719 
720 int
721 ar_rdsync(void)
722 {
723 	long fsbz;
724 	off_t cpos;
725 	off_t mpos;
726 	struct mtop mb;
727 
728 	/*
729 	 * Fail resync attempts at user request (done) or this is going to be
730 	 * an update/append to an existing archive. If last i/o hit media end,
731 	 * we need to go to the next volume not try a resync.
732 	 */
733 	if ((done > 0) || (lstrval == 0))
734 		return(-1);
735 
736 	if ((act == APPND) || (act == ARCHIVE)) {
737 		paxwarn(1, "Cannot allow updates to an archive with flaws.");
738 		return(-1);
739 	}
740 	if (io_ok)
741 		did_io = 1;
742 
743 	switch(artyp) {
744 	case ISTAPE:
745 		/*
746 		 * if the last i/o was a successful data transfer, we assume
747 		 * the fault is just a bad record on the tape that we are now
748 		 * past. If we did not get any data since the last resync try
749 		 * to move the tape forward one PHYSICAL record past any
750 		 * damaged tape section. Some tape drives are stubborn and need
751 		 * to be pushed.
752 		 */
753 		if (io_ok) {
754 			io_ok = 0;
755 			lstrval = 1;
756 			break;
757 		}
758 		mb.mt_op = MTFSR;
759 		mb.mt_count = 1;
760 		if (ioctl(arfd, MTIOCTOP, &mb) < 0)
761 			break;
762 		lstrval = 1;
763 		break;
764 	case ISREG:
765 	case ISCHR:
766 	case ISBLK:
767 		/*
768 		 * try to step over the bad part of the device.
769 		 */
770 		io_ok = 0;
771 		if (((fsbz = arsb.st_blksize) <= 0) || (artyp != ISREG))
772 			fsbz = BLKMULT;
773 		if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0)
774 			break;
775 		mpos = fsbz - (cpos % (off_t)fsbz);
776 		if (lseek(arfd, mpos, SEEK_CUR) < 0)
777 			break;
778 		lstrval = 1;
779 		break;
780 	case ISPIPE:
781 	default:
782 		/*
783 		 * cannot recover on these archive device types
784 		 */
785 		io_ok = 0;
786 		break;
787 	}
788 	if (lstrval <= 0) {
789 		paxwarn(1, "Unable to recover from an archive read failure.");
790 		return(-1);
791 	}
792 	paxwarn(0, "Attempting to recover from an archive read failure.");
793 	return(0);
794 }
795 
796 /*
797  * ar_fow()
798  *	Move the I/O position within the archive forward the specified number of
799  *	bytes as supported by the device. If we cannot move the requested
800  *	number of bytes, return the actual number of bytes moved in skipped.
801  * Return:
802  *	0 if moved the requested distance, -1 on complete failure, 1 on
803  *	partial move (the amount moved is in skipped)
804  */
805 
806 int
807 ar_fow(off_t sksz, off_t *skipped)
808 {
809 	off_t cpos;
810 	off_t mpos;
811 
812 	*skipped = 0;
813 	if (sksz <= 0)
814 		return(0);
815 
816 	/*
817 	 * we cannot move forward at EOF or error
818 	 */
819 	if (lstrval <= 0)
820 		return(lstrval);
821 
822 	/*
823 	 * Safer to read forward on devices where it is hard to find the end of
824 	 * the media without reading to it. With tapes we cannot be sure of the
825 	 * number of physical blocks to skip (we do not know physical block
826 	 * size at this point), so we must only read forward on tapes!
827 	 */
828 	if (artyp != ISREG)
829 		return(0);
830 
831 	/*
832 	 * figure out where we are in the archive
833 	 */
834 	if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) >= 0) {
835 		/*
836 	 	 * we can be asked to move farther than there are bytes in this
837 		 * volume, if so, just go to file end and let normal buf_fill()
838 		 * deal with the end of file (it will go to next volume by
839 		 * itself)
840 	 	 */
841 		if ((mpos = cpos + sksz) > arsb.st_size) {
842 			*skipped = arsb.st_size - cpos;
843 			mpos = arsb.st_size;
844 		} else
845 			*skipped = sksz;
846 		if (lseek(arfd, mpos, SEEK_SET) >= 0)
847 			return(0);
848 	}
849 	syswarn(1, errno, "Forward positioning operation on archive failed");
850 	lstrval = -1;
851 	return(-1);
852 }
853 
854 /*
855  * ar_rev()
856  *	move the i/o position within the archive backwards the specified byte
857  *	count as supported by the device. With tapes drives we RESET rdblksz to
858  *	the PHYSICAL blocksize.
859  *	NOTE: We should only be called to move backwards so we can rewrite the
860  *	last records (the trailer) of an archive (APPEND).
861  * Return:
862  *	0 if moved the requested distance, -1 on complete failure
863  */
864 
865 int
866 ar_rev(off_t sksz)
867 {
868 	off_t cpos;
869 	struct mtop mb;
870 	int phyblk;
871 
872 	/*
873 	 * make sure we do not have try to reverse on a flawed archive
874 	 */
875 	if (lstrval < 0)
876 		return(lstrval);
877 
878 	switch(artyp) {
879 	case ISPIPE:
880 		if (sksz <= 0)
881 			break;
882 		/*
883 		 * cannot go backwards on these critters
884 		 */
885 		paxwarn(1, "Reverse positioning on pipes is not supported.");
886 		lstrval = -1;
887 		return(-1);
888 	case ISREG:
889 	case ISBLK:
890 	case ISCHR:
891 	default:
892 		if (sksz <= 0)
893 			break;
894 
895 		/*
896 		 * For things other than files, backwards movement has a very
897 		 * high probability of failure as we really do not know the
898 		 * true attributes of the device we are talking to (the device
899 		 * may not even have the ability to lseek() in any direction).
900 		 * First we figure out where we are in the archive.
901 		 */
902 		if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0) {
903 			syswarn(1, errno,
904 			   "Unable to obtain current archive byte offset");
905 			lstrval = -1;
906 			return(-1);
907 		}
908 
909 		/*
910 		 * we may try to go backwards past the start when the archive
911 		 * is only a single record. If this happens and we are on a
912 		 * multi volume archive, we need to go to the end of the
913 		 * previous volume and continue our movement backwards from
914 		 * there.
915 		 */
916 		if ((cpos -= sksz) < (off_t)0L) {
917 			if (arvol > 1) {
918 				/*
919 				 * this should never happen
920 				 */
921 				paxwarn(1,"Reverse position on previous volume.");
922 				lstrval = -1;
923 				return(-1);
924 			}
925 			cpos = (off_t)0L;
926 		}
927 		if (lseek(arfd, cpos, SEEK_SET) < 0) {
928 			syswarn(1, errno, "Unable to seek archive backwards");
929 			lstrval = -1;
930 			return(-1);
931 		}
932 		break;
933 	case ISTAPE:
934 		/*
935 	 	 * Calculate and move the proper number of PHYSICAL tape
936 		 * blocks. If the sksz is not an even multiple of the physical
937 		 * tape size, we cannot do the move (this should never happen).
938 		 * (We also cannot handler trailers spread over two vols).
939 		 * get_phys() also makes sure we are in front of the filemark.
940 	 	 */
941 		if ((phyblk = get_phys()) <= 0) {
942 			lstrval = -1;
943 			return(-1);
944 		}
945 
946 		/*
947 		 * make sure future tape reads only go by physical tape block
948 		 * size (set rdblksz to the real size).
949 		 */
950 		rdblksz = phyblk;
951 
952 		/*
953 		 * if no movement is required, just return (we must be after
954 		 * get_phys() so the physical blocksize is properly set)
955 		 */
956 		if (sksz <= 0)
957 			break;
958 
959 		/*
960 		 * ok we have to move. Make sure the tape drive can do it.
961 		 */
962 		if (sksz % phyblk) {
963 			paxwarn(1,
964 			    "Tape drive unable to backspace requested amount");
965 			lstrval = -1;
966 			return(-1);
967 		}
968 
969 		/*
970 		 * move backwards the requested number of bytes
971 		 */
972 		mb.mt_op = MTBSR;
973 		mb.mt_count = sksz/phyblk;
974 		if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
975 			syswarn(1,errno, "Unable to backspace tape %d blocks.",
976 			    mb.mt_count);
977 			lstrval = -1;
978 			return(-1);
979 		}
980 		break;
981 	}
982 	lstrval = 1;
983 	return(0);
984 }
985 
986 /*
987  * get_phys()
988  *	Determine the physical block size on a tape drive. We need the physical
989  *	block size so we know how many bytes we skip over when we move with
990  *	mtio commands. We also make sure we are BEFORE THE TAPE FILEMARK when
991  *	return.
992  *	This is one really SLOW routine...
993  * Return:
994  *	physical block size if ok (ok > 0), -1 otherwise
995  */
996 
997 static int
998 get_phys(void)
999 {
1000 	int padsz = 0;
1001 	int res;
1002 	int phyblk;
1003 	struct mtop mb;
1004 	char scbuf[MAXBLK];
1005 
1006 	/*
1007 	 * move to the file mark, and then back up one record and read it.
1008 	 * this should tell us the physical record size the tape is using.
1009 	 */
1010 	if (lstrval == 1) {
1011 		/*
1012 		 * we know we are at file mark when we get back a 0 from
1013 		 * read()
1014 		 */
1015 		while ((res = read(arfd, scbuf, sizeof(scbuf))) > 0)
1016 			padsz += res;
1017 		if (res < 0) {
1018 			syswarn(1, errno, "Unable to locate tape filemark.");
1019 			return(-1);
1020 		}
1021 	}
1022 
1023 	/*
1024 	 * move backwards over the file mark so we are at the end of the
1025 	 * last record.
1026 	 */
1027 	mb.mt_op = MTBSF;
1028 	mb.mt_count = 1;
1029 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1030 		syswarn(1, errno, "Unable to backspace over tape filemark.");
1031 		return(-1);
1032 	}
1033 
1034 	/*
1035 	 * move backwards so we are in front of the last record and read it to
1036 	 * get physical tape blocksize.
1037 	 */
1038 	mb.mt_op = MTBSR;
1039 	mb.mt_count = 1;
1040 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1041 		syswarn(1, errno, "Unable to backspace over last tape block.");
1042 		return(-1);
1043 	}
1044 	if ((phyblk = read(arfd, scbuf, sizeof(scbuf))) <= 0) {
1045 		syswarn(1, errno, "Cannot determine archive tape blocksize.");
1046 		return(-1);
1047 	}
1048 
1049 	/*
1050 	 * read forward to the file mark, then back up in front of the filemark
1051 	 * (this is a bit paranoid, but should be safe to do).
1052 	 */
1053 	while ((res = read(arfd, scbuf, sizeof(scbuf))) > 0)
1054 		;
1055 	if (res < 0) {
1056 		syswarn(1, errno, "Unable to locate tape filemark.");
1057 		return(-1);
1058 	}
1059 	mb.mt_op = MTBSF;
1060 	mb.mt_count = 1;
1061 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1062 		syswarn(1, errno, "Unable to backspace over tape filemark.");
1063 		return(-1);
1064 	}
1065 
1066 	/*
1067 	 * set lstrval so we know that the filemark has not been seen
1068 	 */
1069 	lstrval = 1;
1070 
1071 	/*
1072 	 * return if there was no padding
1073 	 */
1074 	if (padsz == 0)
1075 		return(phyblk);
1076 
1077 	/*
1078 	 * make sure we can move backwards over the padding. (this should
1079 	 * never fail).
1080 	 */
1081 	if (padsz % phyblk) {
1082 		paxwarn(1, "Tape drive unable to backspace requested amount");
1083 		return(-1);
1084 	}
1085 
1086 	/*
1087 	 * move backwards over the padding so the head is where it was when
1088 	 * we were first called (if required).
1089 	 */
1090 	mb.mt_op = MTBSR;
1091 	mb.mt_count = padsz/phyblk;
1092 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1093 		syswarn(1,errno,"Unable to backspace tape over %d pad blocks",
1094 		    mb.mt_count);
1095 		return(-1);
1096 	}
1097 	return(phyblk);
1098 }
1099 
1100 /*
1101  * ar_next()
1102  *	prompts the user for the next volume in this archive. For some devices
1103  *	we may allow the media to be changed. Otherwise a new archive is
1104  *	prompted for. By pax spec, if there is no controlling tty or an eof is
1105  *	read on tty input, we must quit pax.
1106  * Return:
1107  *	0 when ready to continue, -1 when all done
1108  */
1109 
1110 int
1111 ar_next(void)
1112 {
1113 	static char *arcbuf;
1114 	char buf[PAXPATHLEN+2];
1115 	sigset_t o_mask;
1116 
1117 	/*
1118 	 * WE MUST CLOSE THE DEVICE. A lot of devices must see last close, (so
1119 	 * things like writing EOF etc will be done) (Watch out ar_close() can
1120 	 * also be called via a signal handler, so we must prevent a race.
1121 	 */
1122 	if (sigprocmask(SIG_BLOCK, &s_mask, &o_mask) < 0)
1123 		syswarn(0, errno, "Unable to set signal mask");
1124 	ar_close();
1125 	if (sigprocmask(SIG_SETMASK, &o_mask, NULL) < 0)
1126 		syswarn(0, errno, "Unable to restore signal mask");
1127 
1128 	if (done || !wr_trail || Oflag || strcmp(NM_TAR, argv0) == 0)
1129 		return(-1);
1130 
1131 	tty_prnt("\nATTENTION! %s archive volume change required.\n", argv0);
1132 
1133 	/*
1134 	 * if i/o is on stdin or stdout, we cannot reopen it (we do not know
1135 	 * the name), the user will be forced to type it in.
1136 	 */
1137 	if (strcmp(arcname, stdo) && strcmp(arcname, stdn) && (artyp != ISREG)
1138 	    && (artyp != ISPIPE)) {
1139 		if (artyp == ISTAPE) {
1140 			tty_prnt("%s ready for archive tape volume: %d\n",
1141 				arcname, arvol);
1142 			tty_prnt("Load the NEXT TAPE on the tape drive");
1143 		} else {
1144 			tty_prnt("%s ready for archive volume: %d\n",
1145 				arcname, arvol);
1146 			tty_prnt("Load the NEXT STORAGE MEDIA (if required)");
1147 		}
1148 
1149 		if ((act == ARCHIVE) || (act == APPND))
1150 			tty_prnt(" and make sure it is WRITE ENABLED.\n");
1151 		else
1152 			tty_prnt("\n");
1153 
1154 		for(;;) {
1155 			tty_prnt("Type \"y\" to continue, \".\" to quit %s,",
1156 				argv0);
1157 			tty_prnt(" or \"s\" to switch to new device.\nIf you");
1158 			tty_prnt(" cannot change storage media, type \"s\"\n");
1159 			tty_prnt("Is the device ready and online? > ");
1160 
1161 			if ((tty_read(buf,sizeof(buf))<0) || !strcmp(buf,".")){
1162 				done = 1;
1163 				lstrval = -1;
1164 				tty_prnt("Quitting %s!\n", argv0);
1165 				vfpart = 0;
1166 				return(-1);
1167 			}
1168 
1169 			if ((buf[0] == '\0') || (buf[1] != '\0')) {
1170 				tty_prnt("%s unknown command, try again\n",buf);
1171 				continue;
1172 			}
1173 
1174 			switch (buf[0]) {
1175 			case 'y':
1176 			case 'Y':
1177 				/*
1178 				 * we are to continue with the same device
1179 				 */
1180 				if (ar_open(arcname) >= 0)
1181 					return(0);
1182 				tty_prnt("Cannot re-open %s, try again\n",
1183 					arcname);
1184 				continue;
1185 			case 's':
1186 			case 'S':
1187 				/*
1188 				 * user wants to open a different device
1189 				 */
1190 				tty_prnt("Switching to a different archive\n");
1191 				break;
1192 			default:
1193 				tty_prnt("%s unknown command, try again\n",buf);
1194 				continue;
1195 			}
1196 			break;
1197 		}
1198 	} else
1199 		tty_prnt("Ready for archive volume: %d\n", arvol);
1200 
1201 	/*
1202 	 * have to go to a different archive
1203 	 */
1204 	for (;;) {
1205 		tty_prnt("Input archive name or \".\" to quit %s.\n", argv0);
1206 		tty_prnt("Archive name > ");
1207 
1208 		if ((tty_read(buf, sizeof(buf)) < 0) || !strcmp(buf, ".")) {
1209 			done = 1;
1210 			lstrval = -1;
1211 			tty_prnt("Quitting %s!\n", argv0);
1212 			vfpart = 0;
1213 			return(-1);
1214 		}
1215 		if (buf[0] == '\0') {
1216 			tty_prnt("Empty file name, try again\n");
1217 			continue;
1218 		}
1219 		if (!strcmp(buf, "..")) {
1220 			tty_prnt("Illegal file name: .. try again\n");
1221 			continue;
1222 		}
1223 		if (strlen(buf) > PAXPATHLEN) {
1224 			tty_prnt("File name too long, try again\n");
1225 			continue;
1226 		}
1227 
1228 		/*
1229 		 * try to open new archive
1230 		 */
1231 		if (ar_open(buf) >= 0) {
1232 			free(arcbuf);
1233 			if ((arcbuf = strdup(buf)) == NULL) {
1234 				done = 1;
1235 				lstrval = -1;
1236 				paxwarn(0, "Cannot save archive name.");
1237 				return(-1);
1238 			}
1239 			arcname = arcbuf;
1240 			break;
1241 		}
1242 		tty_prnt("Cannot open %s, try again\n", buf);
1243 		continue;
1244 	}
1245 	return(0);
1246 }
1247 
1248 /*
1249  * ar_start_gzip()
1250  * starts the gzip compression/decompression process as a child, using magic
1251  * to keep the fd the same in the calling function (parent).
1252  */
1253 void
1254 ar_start_gzip(int fd, const char *gzip_prog, int wr)
1255 {
1256 	int fds[2];
1257 	const char *gzip_flags;
1258 
1259 	if (pipe(fds) < 0)
1260 		err(1, "could not pipe");
1261 	zpid = fork();
1262 	if (zpid < 0)
1263 		err(1, "could not fork");
1264 
1265 	/* parent */
1266 	if (zpid) {
1267 		if (wr)
1268 			dup2(fds[1], fd);
1269 		else
1270 			dup2(fds[0], fd);
1271 		close(fds[0]);
1272 		close(fds[1]);
1273 	} else {
1274 		if (wr) {
1275 			dup2(fds[0], STDIN_FILENO);
1276 			dup2(fd, STDOUT_FILENO);
1277 			gzip_flags = "-c";
1278 		} else {
1279 			dup2(fds[1], STDOUT_FILENO);
1280 			dup2(fd, STDIN_FILENO);
1281 			gzip_flags = "-dc";
1282 		}
1283 		close(fds[0]);
1284 		close(fds[1]);
1285 		if (execlp(gzip_prog, gzip_prog, gzip_flags,
1286 		    (char *)NULL) < 0)
1287 			err(1, "could not exec");
1288 		/* NOTREACHED */
1289 	}
1290 }
1291