1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1980, 1986, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/param.h> 33 #include <sys/disk.h> 34 #include <sys/stat.h> 35 #define FSTYPENAMES 36 #include <sys/disklabel.h> 37 #include <sys/file.h> 38 #include <sys/sysctl.h> 39 40 #include <ufs/ufs/dinode.h> 41 #include <ufs/ffs/fs.h> 42 43 #include <ctype.h> 44 #include <err.h> 45 #include <errno.h> 46 #include <limits.h> 47 #include <stdint.h> 48 #include <string.h> 49 50 #include "fsck.h" 51 52 struct inohash *inphash; /* hash list of directory inode info */ 53 struct inoinfo **inpsort; /* disk order list of directory inodes */ 54 struct inode snaplist[FSMAXSNAP + 1]; /* list of active snapshots */ 55 int snapcnt; /* number of active snapshots */ 56 char *copybuf; /* buffer to copy snapshot blocks */ 57 58 static int sbhashfailed; 59 #define POWEROF2(num) (((num) & ((num) - 1)) == 0) 60 61 static void saverecovery(int readfd, int writefd); 62 static int chkrecovery(int devfd); 63 static int getlbnblkno(struct inodesc *); 64 static int checksnapinfo(struct inode *); 65 66 /* 67 * Read in a superblock finding an alternate if necessary. 68 * Return 1 if successful, 0 if unsuccessful, -1 if file system 69 * is already clean (ckclean and preen mode only). 70 */ 71 int 72 setup(char *dev) 73 { 74 long i, bmapsize; 75 struct inode ip; 76 77 /* 78 * We are expected to have an open file descriptor and a superblock. 79 */ 80 if (fsreadfd < 0 || havesb == 0) { 81 if (debug) { 82 if (fsreadfd < 0) 83 printf("setup: missing fsreadfd\n"); 84 else 85 printf("setup: missing superblock\n"); 86 } 87 return (0); 88 } 89 if (preen == 0) 90 printf("** %s", dev); 91 if (bkgrdflag == 0 && 92 (nflag || (fswritefd = open(dev, O_WRONLY)) < 0)) { 93 fswritefd = -1; 94 if (preen) 95 pfatal("NO WRITE ACCESS"); 96 printf(" (NO WRITE)"); 97 } 98 if (preen == 0) 99 printf("\n"); 100 if (sbhashfailed != 0) { 101 pwarn("SUPERBLOCK CHECK HASH FAILED"); 102 if (fswritefd == -1) 103 pwarn("OPENED READONLY SO CANNOT CORRECT CHECK HASH\n"); 104 else if (preen || reply("CORRECT CHECK HASH") != 0) { 105 if (preen) 106 printf(" (CORRECTED)\n"); 107 sblock.fs_clean = 0; 108 sbdirty(); 109 } 110 } 111 if (skipclean && ckclean && sblock.fs_clean) { 112 pwarn("FILE SYSTEM CLEAN; SKIPPING CHECKS\n"); 113 return (-1); 114 } 115 maxfsblock = sblock.fs_size; 116 maxino = sblock.fs_ncg * sblock.fs_ipg; 117 /* 118 * Check and potentially fix certain fields in the super block. 119 */ 120 if (sblock.fs_optim != FS_OPTTIME && sblock.fs_optim != FS_OPTSPACE) { 121 pfatal("UNDEFINED OPTIMIZATION IN SUPERBLOCK"); 122 if (reply("SET TO DEFAULT") == 1) { 123 sblock.fs_optim = FS_OPTTIME; 124 sbdirty(); 125 } 126 } 127 if ((sblock.fs_minfree < 0 || sblock.fs_minfree > 99)) { 128 pfatal("IMPOSSIBLE MINFREE=%d IN SUPERBLOCK", 129 sblock.fs_minfree); 130 if (reply("SET TO DEFAULT") == 1) { 131 sblock.fs_minfree = 10; 132 sbdirty(); 133 } 134 } 135 if (sblock.fs_magic == FS_UFS1_MAGIC && 136 sblock.fs_old_inodefmt < FS_44INODEFMT) { 137 pwarn("Format of file system is too old.\n"); 138 pwarn("Must update to modern format using a version of fsck\n"); 139 pfatal("from before 2002 with the command ``fsck -c 2''\n"); 140 exit(EEXIT); 141 } 142 if (preen == 0 && yflag == 0 && sblock.fs_magic == FS_UFS2_MAGIC && 143 fswritefd != -1 && chkrecovery(fsreadfd) == 0 && 144 reply("SAVE DATA TO FIND ALTERNATE SUPERBLOCKS") != 0) 145 saverecovery(fsreadfd, fswritefd); 146 /* 147 * allocate and initialize the necessary maps 148 */ 149 bufinit(); 150 bmapsize = roundup(howmany(maxfsblock, CHAR_BIT), sizeof(short)); 151 blockmap = Calloc((unsigned)bmapsize, sizeof (char)); 152 if (blockmap == NULL) { 153 printf("cannot alloc %u bytes for blockmap\n", 154 (unsigned)bmapsize); 155 goto badsb; 156 } 157 inostathead = Calloc(sblock.fs_ncg, sizeof(struct inostatlist)); 158 if (inostathead == NULL) { 159 printf("cannot alloc %u bytes for inostathead\n", 160 (unsigned)(sizeof(struct inostatlist) * (sblock.fs_ncg))); 161 goto badsb; 162 } 163 numdirs = sblock.fs_cstotal.cs_ndir; 164 dirhash = MAX(numdirs / 2, 1); 165 inplast = 0; 166 listmax = numdirs + 10; 167 inpsort = (struct inoinfo **)Calloc(listmax, sizeof(struct inoinfo *)); 168 inphash = (struct inohash *)Calloc(dirhash, sizeof(struct inohash)); 169 if (inpsort == NULL || inphash == NULL) { 170 printf("cannot alloc %ju bytes for inphash\n", 171 (uintmax_t)numdirs * sizeof(struct inoinfo *)); 172 goto badsb; 173 } 174 if (sblock.fs_flags & FS_DOSOFTDEP) 175 usedsoftdep = 1; 176 else 177 usedsoftdep = 0; 178 /* 179 * Collect any snapshot inodes so that we can allow them to 180 * claim any blocks that we free. The code for doing this is 181 * imported here and into inode.c from sys/ufs/ffs/ffs_snapshot.c. 182 */ 183 for (snapcnt = 0; snapcnt < FSMAXSNAP; snapcnt++) { 184 if (sblock.fs_snapinum[snapcnt] == 0) 185 break; 186 ginode(sblock.fs_snapinum[snapcnt], &ip); 187 if ((DIP(ip.i_dp, di_mode) & IFMT) == IFREG && 188 (DIP(ip.i_dp, di_flags) & SF_SNAPSHOT) != 0 && 189 checksnapinfo(&ip)) { 190 if (debug) 191 printf("Load snapshot %jd\n", 192 (intmax_t)sblock.fs_snapinum[snapcnt]); 193 snaplist[snapcnt] = ip; 194 continue; 195 } 196 printf("Removing non-snapshot inode %ju from snapshot list\n", 197 (uintmax_t)sblock.fs_snapinum[snapcnt]); 198 irelse(&ip); 199 for (i = snapcnt + 1; i < FSMAXSNAP; i++) { 200 if (sblock.fs_snapinum[i] == 0) 201 break; 202 sblock.fs_snapinum[i - 1] = sblock.fs_snapinum[i]; 203 } 204 sblock.fs_snapinum[i - 1] = 0; 205 snapcnt--; 206 sbdirty(); 207 } 208 if (snapcnt > 0 && copybuf == NULL) { 209 copybuf = Balloc(sblock.fs_bsize); 210 if (copybuf == NULL) 211 errx(EEXIT, "cannot allocate space for snapshot " 212 "copy buffer"); 213 } 214 return (1); 215 216 badsb: 217 ckfini(0); 218 return (0); 219 } 220 221 /* 222 * Check for valid snapshot information. 223 * 224 * Each snapshot has a list of blocks that have been copied. This list 225 * is consulted before checking the snapshot inode. Its purpose is to 226 * speed checking of commonly checked blocks and to avoid recursive 227 * checks of the snapshot inode. In particular, the list must contain 228 * the superblock, the superblock summary information, and all the 229 * cylinder group blocks. The list may contain other commonly checked 230 * pointers such as those of the blocks that contain the snapshot inodes. 231 * The list is sorted into block order to allow binary search lookup. 232 * 233 * The twelve direct direct block pointers of the snapshot are always 234 * copied, so we test for them first before checking the list itself 235 * (i.e., they are not in the list). 236 * 237 * The checksnapinfo() routine needs to ensure that the list contains at 238 * least the super block, its summary information, and the cylinder groups. 239 * Here we check the list first for the superblock, zero or more cylinder 240 * groups up to the location of the superblock summary information, the 241 * summary group information, and any remaining cylinder group maps that 242 * follow it. We skip over any other entries in the list. 243 */ 244 #define CHKBLKINLIST(chkblk) \ 245 /* All UFS_NDADDR blocks are copied */ \ 246 if ((chkblk) >= UFS_NDADDR) { \ 247 /* Skip over blocks that are not of interest */ \ 248 while (*blkp < (chkblk) && blkp < lastblkp) \ 249 blkp++; \ 250 /* Fail if end of list and not all blocks found */ \ 251 if (blkp >= lastblkp) { \ 252 pwarn("UFS%d snapshot inode %jd failed: " \ 253 "improper block list length (%jd)\n", \ 254 sblock.fs_magic == FS_UFS1_MAGIC ? 1 : 2, \ 255 (intmax_t)snapip->i_number, \ 256 (intmax_t)(lastblkp - &snapblklist[0])); \ 257 status = 0; \ 258 } \ 259 /* Fail if block we seek is missing */ \ 260 else if (*blkp++ != (chkblk)) { \ 261 pwarn("UFS%d snapshot inode %jd failed: " \ 262 "block list (%jd) != %s (%jd)\n", \ 263 sblock.fs_magic == FS_UFS1_MAGIC ? 1 : 2, \ 264 (intmax_t)snapip->i_number, \ 265 (intmax_t)blkp[-1], #chkblk, \ 266 (intmax_t)chkblk); \ 267 status = 0; \ 268 } \ 269 } 270 271 static int 272 checksnapinfo(struct inode *snapip) 273 { 274 struct fs *fs; 275 struct bufarea *bp; 276 struct inodesc idesc; 277 daddr_t *snapblklist, *blkp, *lastblkp, csblkno; 278 int cg, loc, len, status; 279 ufs_lbn_t lbn; 280 size_t size; 281 282 fs = &sblock; 283 memset(&idesc, 0, sizeof(struct inodesc)); 284 idesc.id_type = ADDR; 285 idesc.id_func = getlbnblkno; 286 idesc.id_number = snapip->i_number; 287 lbn = howmany(fs->fs_size, fs->fs_frag); 288 idesc.id_parent = lbn; /* sought after blkno */ 289 if ((ckinode(snapip->i_dp, &idesc) & FOUND) == 0) 290 return (0); 291 size = fragroundup(fs, 292 DIP(snapip->i_dp, di_size) - lblktosize(fs, lbn)); 293 bp = getdatablk(idesc.id_parent, size, BT_DATA); 294 if (bp->b_errs != 0) 295 return (0); 296 snapblklist = (daddr_t *)bp->b_un.b_buf; 297 /* 298 * snapblklist[0] is the size of the list 299 * snapblklist[1] is the first element of the list 300 * 301 * We need to be careful to bound the size of the list and verify 302 * that we have not run off the end of it if it or its size has 303 * been corrupted. 304 */ 305 blkp = &snapblklist[1]; 306 lastblkp = &snapblklist[MAX(0, 307 MIN(snapblklist[0] + 1, size / sizeof(daddr_t)))]; 308 status = 1; 309 /* Check that the superblock is listed. */ 310 CHKBLKINLIST(lblkno(fs, fs->fs_sblockloc)); 311 if (status == 0) 312 goto out; 313 /* 314 * Calculate where the summary information is located. 315 * Usually it is in the first cylinder group, but growfs 316 * may move it to the first cylinder group that it adds. 317 * 318 * Check all cylinder groups up to the summary information. 319 */ 320 csblkno = fragstoblks(fs, fs->fs_csaddr); 321 for (cg = 0; cg < fs->fs_ncg; cg++) { 322 if (fragstoblks(fs, cgtod(fs, cg)) > csblkno) 323 break; 324 CHKBLKINLIST(fragstoblks(fs, cgtod(fs, cg))); 325 if (status == 0) 326 goto out; 327 } 328 /* Check the summary information block(s). */ 329 len = howmany(fs->fs_cssize, fs->fs_bsize); 330 for (loc = 0; loc < len; loc++) { 331 CHKBLKINLIST(csblkno + loc); 332 if (status == 0) 333 goto out; 334 } 335 /* Check the remaining cylinder groups. */ 336 for (; cg < fs->fs_ncg; cg++) { 337 CHKBLKINLIST(fragstoblks(fs, cgtod(fs, cg))); 338 if (status == 0) 339 goto out; 340 } 341 out: 342 brelse(bp); 343 return (status); 344 } 345 346 /* 347 * Return the block number associated with a specified inode lbn. 348 * Requested lbn is in id_parent. If found, block is returned in 349 * id_parent. 350 */ 351 static int 352 getlbnblkno(struct inodesc *idesc) 353 { 354 355 if (idesc->id_lbn < idesc->id_parent) 356 return (KEEPON); 357 idesc->id_parent = idesc->id_blkno; 358 return (STOP | FOUND); 359 } 360 361 /* 362 * Open a device or file to be checked by fsck. 363 */ 364 int 365 openfilesys(char *dev) 366 { 367 struct stat statb; 368 int saved_fsreadfd; 369 370 if (stat(dev, &statb) < 0) 371 return (0); 372 if ((statb.st_mode & S_IFMT) != S_IFCHR && 373 (statb.st_mode & S_IFMT) != S_IFBLK) { 374 if (bkgrdflag != 0 && (statb.st_flags & SF_SNAPSHOT) == 0) { 375 pwarn("BACKGROUND FSCK LACKS A SNAPSHOT\n"); 376 return (0); 377 } 378 if (bkgrdflag != 0) { 379 cursnapshot = statb.st_ino; 380 } else { 381 pwarn("%s IS NOT A DISK DEVICE\n", dev); 382 if (preen || reply("CONTINUE") == 0) 383 return (0); 384 } 385 } 386 saved_fsreadfd = fsreadfd; 387 if ((fsreadfd = open(dev, O_RDONLY)) < 0) { 388 fsreadfd = saved_fsreadfd; 389 return (0); 390 } 391 if (saved_fsreadfd != -1) 392 close(saved_fsreadfd); 393 return (1); 394 } 395 396 /* 397 * Read in the super block and its summary info. 398 */ 399 int 400 readsb(void) 401 { 402 struct fs *fs; 403 404 sbhashfailed = 0; 405 readcnt[sblk.b_type]++; 406 /* 407 * If bflag is given, then check just that superblock. 408 */ 409 if (bflag) { 410 switch (sbget(fsreadfd, &fs, bflag * dev_bsize, 0)) { 411 case 0: 412 goto goodsb; 413 case EINTEGRITY: 414 printf("Check hash failed for superblock at %jd\n", 415 bflag); 416 return (0); 417 case ENOENT: 418 printf("%jd is not a file system superblock\n", bflag); 419 return (0); 420 case EIO: 421 default: 422 printf("I/O error reading %jd\n", bflag); 423 return (0); 424 } 425 } 426 /* 427 * Check for the standard superblock and use it if good. 428 */ 429 if (sbget(fsreadfd, &fs, UFS_STDSB, UFS_NOMSG) == 0) 430 goto goodsb; 431 /* 432 * Check if the only problem is a check-hash failure. 433 */ 434 skipclean = 0; 435 if (sbget(fsreadfd, &fs, UFS_STDSB, UFS_NOMSG | UFS_NOHASHFAIL) == 0) { 436 sbhashfailed = 1; 437 goto goodsb; 438 } 439 /* 440 * Do an exhaustive search for a usable superblock. 441 */ 442 switch (sbsearch(fsreadfd, &fs, 0)) { 443 case 0: 444 goto goodsb; 445 case ENOENT: 446 printf("SEARCH FOR ALTERNATE SUPER-BLOCK FAILED. " 447 "YOU MUST USE THE\n-b OPTION TO FSCK TO SPECIFY " 448 "THE LOCATION OF AN ALTERNATE\nSUPER-BLOCK TO " 449 "SUPPLY NEEDED INFORMATION; SEE fsck_ffs(8).\n"); 450 return (0); 451 case EIO: 452 default: 453 printf("I/O error reading a usable superblock\n"); 454 return (0); 455 } 456 457 goodsb: 458 memcpy(&sblock, fs, fs->fs_sbsize); 459 free(fs); 460 /* 461 * Compute block size that the file system is based on, 462 * according to fsbtodb, and adjust superblock block number 463 * so we can tell if this is an alternate later. 464 */ 465 dev_bsize = sblock.fs_fsize / fsbtodb(&sblock, 1); 466 sblk.b_bno = sblock.fs_sblockactualloc / dev_bsize; 467 sblk.b_size = SBLOCKSIZE; 468 /* 469 * If not yet done, update UFS1 superblock with new wider fields. 470 */ 471 if (sblock.fs_magic == FS_UFS1_MAGIC && 472 sblock.fs_maxbsize != sblock.fs_bsize) { 473 sblock.fs_maxbsize = sblock.fs_bsize; 474 sblock.fs_time = sblock.fs_old_time; 475 sblock.fs_size = sblock.fs_old_size; 476 sblock.fs_dsize = sblock.fs_old_dsize; 477 sblock.fs_csaddr = sblock.fs_old_csaddr; 478 sblock.fs_cstotal.cs_ndir = sblock.fs_old_cstotal.cs_ndir; 479 sblock.fs_cstotal.cs_nbfree = sblock.fs_old_cstotal.cs_nbfree; 480 sblock.fs_cstotal.cs_nifree = sblock.fs_old_cstotal.cs_nifree; 481 sblock.fs_cstotal.cs_nffree = sblock.fs_old_cstotal.cs_nffree; 482 } 483 havesb = 1; 484 return (1); 485 } 486 487 void 488 sblock_init(void) 489 { 490 491 fsreadfd = -1; 492 fswritefd = -1; 493 fsmodified = 0; 494 lfdir = 0; 495 initbarea(&sblk, BT_SUPERBLK); 496 sblk.b_un.b_buf = Balloc(SBLOCKSIZE); 497 if (sblk.b_un.b_buf == NULL) 498 errx(EEXIT, "cannot allocate space for superblock"); 499 dev_bsize = secsize = DEV_BSIZE; 500 } 501 502 /* 503 * Check to see if recovery information exists. 504 * Return 1 if it exists or cannot be created. 505 * Return 0 if it does not exist and can be created. 506 */ 507 static int 508 chkrecovery(int devfd) 509 { 510 struct fsrecovery *fsr; 511 char *fsrbuf; 512 u_int secsize, rdsize; 513 514 /* 515 * Could not determine if backup material exists, so do not 516 * offer to create it. 517 */ 518 fsrbuf = NULL; 519 rdsize = sblock.fs_fsize; 520 if (ioctl(devfd, DIOCGSECTORSIZE, &secsize) == -1 || 521 rdsize % secsize != 0 || 522 (fsrbuf = Balloc(rdsize)) == NULL || 523 blread(devfd, fsrbuf, (SBLOCK_UFS2 - rdsize) / dev_bsize, 524 rdsize) != 0) { 525 free(fsrbuf); 526 return (1); 527 } 528 /* 529 * Recovery material has already been created, so do not 530 * need to create it again. 531 */ 532 fsr = (struct fsrecovery *)&fsrbuf[rdsize - sizeof *fsr]; 533 if (fsr->fsr_magic == FS_UFS2_MAGIC) { 534 free(fsrbuf); 535 return (1); 536 } 537 /* 538 * Recovery material has not been created and can be if desired. 539 */ 540 free(fsrbuf); 541 return (0); 542 } 543 544 /* 545 * Read the last filesystem-size piece of the boot block, replace the 546 * last 20 bytes with the recovery information, then write it back. 547 * The recovery information only works for UFS2 filesystems. 548 */ 549 static void 550 saverecovery(int readfd, int writefd) 551 { 552 struct fsrecovery *fsr; 553 char *fsrbuf; 554 u_int secsize, rdsize; 555 556 fsrbuf = NULL; 557 rdsize = sblock.fs_fsize; 558 if (sblock.fs_magic != FS_UFS2_MAGIC || 559 ioctl(readfd, DIOCGSECTORSIZE, &secsize) == -1 || 560 rdsize % secsize != 0 || 561 (fsrbuf = Balloc(rdsize)) == NULL || 562 blread(readfd, fsrbuf, (SBLOCK_UFS2 - rdsize) / dev_bsize, 563 rdsize) != 0) { 564 printf("RECOVERY DATA COULD NOT BE CREATED\n"); 565 free(fsrbuf); 566 return; 567 } 568 fsr = (struct fsrecovery *)&fsrbuf[rdsize - sizeof *fsr]; 569 fsr->fsr_magic = sblock.fs_magic; 570 fsr->fsr_fpg = sblock.fs_fpg; 571 fsr->fsr_fsbtodb = sblock.fs_fsbtodb; 572 fsr->fsr_sblkno = sblock.fs_sblkno; 573 fsr->fsr_ncg = sblock.fs_ncg; 574 blwrite(writefd, fsrbuf, (SBLOCK_UFS2 - rdsize) / dev_bsize, rdsize); 575 free(fsrbuf); 576 } 577