1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 28 /* All Rights Reserved */ 29 30 /* 31 * Copyright (c) 1980 Regents of the University of California. 32 * All rights reserved. The Berkeley software License Agreement 33 * specifies the terms and conditions for redistribution. 34 */ 35 36 #pragma ident "%Z%%M% %I% %E% SMI" 37 38 #include "dump.h" 39 #include <rmt.h> 40 #include <sys/mtio.h> 41 #include <limits.h> 42 #include <priv_utils.h> 43 #include "roll_log.h" 44 #include <unistd.h> 45 46 int notify = 0; /* notify operator flag */ 47 int blockswritten = 0; /* number of blocks written on current tape */ 48 uint_t tapeno = 0; /* current tape number */ 49 daddr32_t filenum = 0; /* current file number on tape */ 50 int density = 0; /* density in bytes/0.1" */ 51 int tenthsperirg; /* inter-record-gap in 0.1"'s */ 52 uint_t ntrec = 0; /* # tape blocks in each tape record */ 53 uint_t saved_ntrec = 0; /* saved value of ntrec */ 54 uint_t forceflag = 0; /* forced to change tp_bsize */ 55 int cartridge = 0; /* assume non-cartridge tape */ 56 uint_t tracks; /* # tracks on a cartridge tape */ 57 int diskette = 0; /* assume not dumping to a diskette */ 58 int printsize = 0; /* just print estimated size and exit */ 59 int mapfd = -1; /* if >= 0, file descriptor for mmap */ 60 int32_t tp_bsize = TP_BSIZE_MIN; /* tape block record size (frag size) */ 61 #ifdef DEBUG 62 int xflag; /* debugging switch */ 63 #endif 64 65 char *myname; 66 67 /* 68 * This should be struct fs, but there are trailing bits on disk 69 * that we also need to read in as part of it. It's an array of 70 * longs instead of char to force proper alignment. 71 */ 72 static long sblock_buf[SBSIZE/sizeof (long)]; 73 74 #ifdef __STDC__ 75 static char *mb(u_offset_t); 76 static void nextstate(int); 77 #else 78 static char *mb(); 79 static void nextstate(); 80 #endif 81 82 extern jmp_buf checkpoint_buf; /* context for return from checkpoint */ 83 #define FUDGE_FACTOR 0x2000000 84 85 int 86 main(int argc, char *argv[]) 87 { 88 char *arg; 89 int bflag = 0, i, error = 0, saverr; 90 double fetapes = 0.0; 91 struct mnttab *dt; 92 char msgbuf[3000], *msgp; 93 char kbsbuf[BUFSIZ]; 94 u_offset_t esize_shift = 0; 95 int32_t new_mult = 0; 96 time32_t snapdate; 97 98 host = NULL; 99 100 if (myname = strrchr(argv[0], '/')) 101 myname++; 102 else 103 myname = argv[0]; 104 105 if (strcmp("hsmdump", myname) == 0) { 106 msg(gettext("hsmdump emulation is no longer supported.\n")); 107 Exit(X_ABORT); 108 } 109 110 tape = DEFTAPE; 111 autoload_period = 12; 112 autoload_tries = 12; /* traditional default of ~2.5 minutes */ 113 114 (void) setlocale(LC_ALL, ""); 115 #if !defined(TEXT_DOMAIN) 116 #define TEXT_DOMAIN "SYS_TEST" 117 #endif /* TEXT_DOMAIN */ 118 (void) textdomain(TEXT_DOMAIN); 119 120 /* 121 * If someone strips the set-uid bit, dump will still work for local 122 * tapes. Fail when we try to access a remote tape. 123 */ 124 (void) __init_suid_priv(0, PRIV_NET_PRIVADDR, (char *)NULL); 125 126 if (sysinfo(SI_HOSTNAME, spcl.c_host, sizeof (spcl.c_host)) < 0) { 127 saverr = errno; 128 msg(gettext("Could not get host name: %s\n"), 129 strerror(saverr)); 130 bzero(spcl.c_host, sizeof (spcl.c_host)); 131 } 132 133 dumppid = getpid(); 134 tsize = 0; /* no default size, detect EOT dynamically */ 135 136 disk = NULL; 137 dname = NULL; 138 disk_dynamic = 0; 139 increm = NINCREM; 140 incno = '9'; 141 uflag = 0; 142 arg = "u"; 143 tlabel = "none"; 144 if (argc > 1) { 145 argv++; 146 argc--; 147 arg = *argv; 148 if (*arg == '-') 149 arg++; 150 } 151 while (*arg) 152 switch (*arg++) { /* BE CAUTIOUS OF FALLTHROUGHS */ 153 case 'M': 154 /* 155 * This undocumented option causes each process to 156 * mkdir debug_chdir/getpid(), and chdir to it. This is 157 * to ease the collection of profiling information and 158 * core dumps. 159 */ 160 if (argc > 1) { 161 argv++; 162 argc--; 163 debug_chdir = *argv; 164 msg(gettext( 165 "Each process shall try to chdir to %s/<pid>\n"), 166 debug_chdir); 167 child_chdir(); 168 } else { 169 msg(gettext("Missing move-to-dir (M) name\n")); 170 dumpabort(); 171 /*NOTREACHED*/ 172 } 173 break; 174 175 case 'w': 176 lastdump('w'); /* tell us only what has to be done */ 177 exit(0); 178 break; 179 180 case 'W': /* what to do */ 181 lastdump('W'); /* tell state of what has been done */ 182 exit(0); /* do nothing else */ 183 break; 184 185 case 'T': 186 if (argc > 1) { 187 int count; 188 int multiplier; 189 char units; 190 191 argv++; 192 argc--; 193 count = atoi(*argv); 194 if (count < 1) { 195 msg(gettext( 196 "Unreasonable autoload timeout period\n")); 197 dumpabort(); 198 /*NOTREACHED*/ 199 } 200 units = *(*argv + strlen(*argv) - 1); 201 switch (units) { 202 case 's': 203 multiplier = 1; 204 break; 205 case 'h': 206 multiplier = 3600; 207 break; 208 case '0': case '1': case '2': case '3': case '4': 209 case '5': case '6': case '7': case '8': case '9': 210 case 'm': 211 multiplier = 60; 212 break; 213 default: 214 msg(gettext( 215 "Unknown timeout units indicator `%c'\n"), 216 units); 217 dumpabort(); 218 /*NOTREACHED*/ 219 } 220 autoload_tries = 1 + 221 ((count * multiplier) / autoload_period); 222 } else { 223 msg(gettext("Missing autoload timeout period\n")); 224 dumpabort(); 225 /*NOTREACHED*/ 226 } 227 break; 228 229 case 'f': /* output file */ 230 if (argc > 1) { 231 argv++; 232 argc--; 233 tape = *argv; 234 if (*tape == '\0') { 235 msg(gettext("Bad output device name\n")); 236 dumpabort(); 237 /*NOTREACHED*/ 238 } 239 } else { 240 msg(gettext("Missing output device name\n")); 241 dumpabort(); 242 /*NOTREACHED*/ 243 } 244 if (strcmp(tape, "-") == 0 && verify) { 245 msg(gettext( 246 "Cannot verify when dumping to standard out.\n")); 247 dumpabort(); 248 /*NOTREACHED*/ 249 } 250 break; 251 252 case 'd': /* density, in bits per inch */ 253 if (argc > 1) { 254 argv++; 255 argc--; 256 density = atoi(*argv) / 10; 257 if (density <= 0) { 258 msg(gettext( 259 "Density must be a positive integer\n")); 260 dumpabort(); 261 /*NOTREACHED*/ 262 } 263 } else { 264 msg(gettext("Missing density\n")); 265 dumpabort(); 266 /*NOTREACHED*/ 267 } 268 break; 269 270 case 's': /* tape size, feet */ 271 if (argc > 1) { 272 argv++; 273 argc--; 274 tsize = atol(*argv); 275 if ((*argv[0] == '-') || (tsize == 0)) { 276 msg(gettext( 277 "Tape size must be a positive integer\n")); 278 dumpabort(); 279 /*NOTREACHED*/ 280 } 281 } else { 282 msg(gettext("Missing tape size\n")); 283 dumpabort(); 284 /*NOTREACHED*/ 285 } 286 break; 287 288 case 't': /* tracks */ 289 if (argc > 1) { 290 argv++; 291 argc--; 292 tracks = atoi(*argv); 293 } else { 294 msg(gettext("Missing track count\n")); 295 dumpabort(); 296 /*NOTREACHED*/ 297 } 298 break; 299 300 case 'b': /* blocks per tape write */ 301 if (argc > 1) { 302 argv++; 303 argc--; 304 bflag++; 305 /* 306 * We save the ntrec in case we need to change 307 * tp_bsize later, we will have to recalculate 308 * it. 309 */ 310 saved_ntrec = ntrec = atoi(*argv); 311 if (ntrec == 0 || (ntrec&1) || ntrec > (MAXNTREC*2)) { 312 msg(gettext( 313 "Block size must be a positive, even integer <= %d\n"), 314 MAXNTREC*2); 315 dumpabort(); 316 /*NOTREACHED*/ 317 } 318 ntrec /= (tp_bsize/DEV_BSIZE); 319 } else { 320 msg(gettext("Missing blocking factor\n")); 321 dumpabort(); 322 /*NOTREACHED*/ 323 } 324 break; 325 326 case 'c': /* Tape is cart. not 9-track */ 327 case 'C': /* 'C' to be consistent with 'D' */ 328 cartridge++; 329 break; 330 331 case '0': /* dump level */ 332 case '1': 333 case '2': 334 case '3': 335 case '4': 336 case '5': 337 case '6': 338 case '7': 339 case '8': 340 case '9': 341 incno = arg[-1]; 342 break; 343 344 case 'u': /* update /etc/dumpdates */ 345 uflag++; 346 break; 347 348 case 'n': /* notify operators */ 349 notify++; 350 break; 351 352 case 'a': /* create archive file */ 353 archive = 1; 354 if (argc > 1) { 355 argv++; 356 argc--; 357 if (**argv == '\0') { 358 msg(gettext("Bad archive file name\n")); 359 dumpabort(); 360 /*NOTREACHED*/ 361 } 362 archivefile = strdup(*argv); 363 if (archivefile == NULL) { 364 saverr = errno; 365 msg(gettext("Cannot allocate memory: %s\n"), 366 strerror(saverr)); 367 dumpabort(); 368 /*NOTREACHED*/ 369 } 370 } else { 371 msg(gettext("Missing archive file name\n")); 372 dumpabort(); 373 /*NOTREACHED*/ 374 } 375 break; 376 377 case 'v': 378 verify++; 379 doingverify++; 380 if (strcmp(tape, "-") == 0) { 381 msg(gettext( 382 "Cannot verify when dumping to standard out.\n")); 383 dumpabort(); 384 /*NOTREACHED*/ 385 } 386 break; 387 388 case 'D': 389 diskette++; 390 break; 391 392 case 'N': 393 if (argc > 1) { 394 argv++; 395 argc--; 396 if (**argv == '\0') { 397 msg(gettext("Missing name for dumpdates " 398 "entry.\n")); 399 dumpabort(); 400 /*NOTREACHED*/ 401 } 402 dname = *argv; 403 if (strlen(dname) > MAXNAMLEN + 2) { 404 msg(gettext("Dumpdates entry name too " 405 "long.\n")); 406 dumpabort(); 407 /*NOTREACHED*/ 408 } 409 for (i = 0; i < strlen(dname); i++) { 410 if (isspace(*(dname+i))) { 411 msg(gettext("Dumpdates entry name may " 412 "not contain white space.\n")); 413 dumpabort(); 414 /*NOTREACHED*/ 415 } 416 } 417 } else { 418 msg(gettext("Missing name for dumpdates entry.\n")); 419 dumpabort(); 420 /*NOTREACHED*/ 421 } 422 break; 423 case 'L': 424 if (argc > 1) { 425 argv++; 426 argc--; 427 if (**argv == '\0') { 428 msg(gettext("Missing tape label name\n")); 429 dumpabort(); 430 /*NOTREACHED*/ 431 } 432 tlabel = *argv; 433 if (strlen(tlabel) > (sizeof (spcl.c_label) - 1)) { 434 tlabel[sizeof (spcl.c_label) - 1] = '\0'; 435 msg(gettext( 436 "Truncating label to maximum supported length: `%s'\n"), 437 tlabel); 438 } 439 } else { 440 msg(gettext("Missing tape label name\n")); 441 dumpabort(); 442 /*NOTREACHED*/ 443 } 444 break; 445 446 case 'l': 447 autoload++; 448 break; 449 450 case 'o': 451 offline++; 452 break; 453 454 case 'S': 455 printsize++; 456 break; 457 458 #ifdef DEBUG 459 case 'z': 460 xflag++; 461 break; 462 #endif 463 464 default: 465 msg(gettext("Bad option `%c'\n"), arg[-1]); 466 dumpabort(); 467 /*NOTREACHED*/ 468 } 469 if (argc > 1) { 470 argv++; 471 argc--; 472 if (**argv == '\0') { 473 msg(gettext("Bad disk name\n")); 474 dumpabort(); 475 /*NOTREACHED*/ 476 } 477 disk = *argv; 478 disk_dynamic = 0; 479 } 480 if (disk == NULL) { 481 (void) fprintf(stderr, gettext( 482 "Usage: %s [0123456789fustdWwnNDCcbavloS [argument]] filesystem\n"), 483 myname); 484 Exit(X_ABORT); 485 } 486 if (!filenum) 487 filenum = 1; 488 489 if (signal(SIGINT, interrupt) == SIG_IGN) 490 (void) signal(SIGINT, SIG_IGN); 491 492 if (strcmp(tape, "-") == 0) { 493 pipeout++; 494 tape = gettext("standard output"); 495 dumpdev = sdumpdev = strdup(tape); 496 if (dumpdev == NULL) { 497 saverr = errno; 498 msg(gettext("Cannot allocate memory: %s\n"), 499 strerror(saverr)); 500 dumpabort(); 501 /*NOTREACHED*/ 502 } 503 /*CONSTANTCONDITION*/ 504 assert(sizeof (spcl.c_label) > 5); 505 (void) strcpy(spcl.c_label, "none"); 506 } else if (*tape == '+') { 507 nextdevice(); 508 (void) strcpy(spcl.c_label, tlabel); 509 } else { 510 /* if not already set, set diskette to default */ 511 if (diskette && strcmp(tape, DEFTAPE) == 0) 512 tape = DISKETTE; 513 nextdevice(); 514 (void) strcpy(spcl.c_label, tlabel); 515 } 516 if (cartridge && diskette) { 517 error = 1; 518 msg(gettext("Cannot select both cartridge and diskette\n")); 519 } 520 if (density && diskette) { 521 error = 1; 522 msg(gettext("Cannot select density of diskette\n")); 523 } 524 if (tracks && diskette) { 525 error = 1; 526 msg(gettext("Cannot select number of tracks of diskette\n")); 527 } 528 if (error) { 529 dumpabort(); 530 /*NOTREACHED*/ 531 } 532 533 /* 534 * Determine how to default tape size and density 535 * 536 * density tape size 537 * 9-track 1600 bpi (160 bytes/.1") 2300 ft. 538 * 9-track 6250 bpi (625 bytes/.1") 2300 ft. 539 * 540 * Most Sun-2's came with 4 track (20MB) cartridge tape drives, 541 * while most other machines (Sun-3's and non-Sun's) come with 542 * 9 track (45MB) cartridge tape drives. Some Sun-2's came with 543 * 9 track drives, but there is no way for the software to detect 544 * which drive type is installed. Sigh... We make the gross 545 * assumption that #ifdef mc68010 will test for a Sun-2. 546 * 547 * cartridge 8000 bpi (100 bytes/.1") 425 * tracks ft. 548 */ 549 if (density == 0) 550 density = cartridge ? 100 : 625; 551 if (tracks == 0) 552 tracks = 9; 553 if (!bflag) { 554 if (cartridge) 555 ntrec = CARTRIDGETREC; 556 else if (diskette) 557 ntrec = NTREC; 558 else if (density >= 625) 559 ntrec = HIGHDENSITYTREC; 560 else 561 ntrec = NTREC; 562 /* 563 * save ntrec in case we have to change tp_bsize later. 564 */ 565 saved_ntrec = (ntrec * (tp_bsize/DEV_BSIZE)); 566 } 567 if (!diskette) { 568 tsize *= 12L*10L; 569 if (cartridge) 570 tsize *= tracks; 571 } 572 rmtinit(msg, Exit); 573 if (host) { 574 char *cp = strchr(host, '@'); 575 if (cp == (char *)0) 576 cp = host; 577 else 578 cp++; 579 580 if (rmthost(host, ntrec) == 0) { 581 msg(gettext("Cannot connect to tape host `%s'\n"), cp); 582 dumpabort(); 583 /*NOTREACHED*/ 584 } 585 } 586 if (signal(SIGHUP, sigAbort) == SIG_IGN) 587 (void) signal(SIGHUP, SIG_IGN); 588 if (signal(SIGTRAP, sigAbort) == SIG_IGN) 589 (void) signal(SIGTRAP, SIG_IGN); 590 if (signal(SIGFPE, sigAbort) == SIG_IGN) 591 (void) signal(SIGFPE, SIG_IGN); 592 if (signal(SIGBUS, sigAbort) == SIG_IGN) 593 (void) signal(SIGBUS, SIG_IGN); 594 if (signal(SIGSEGV, sigAbort) == SIG_IGN) 595 (void) signal(SIGSEGV, SIG_IGN); 596 if (signal(SIGTERM, sigAbort) == SIG_IGN) 597 (void) signal(SIGTERM, SIG_IGN); 598 if (signal(SIGUSR1, sigAbort) == SIG_IGN) 599 (void) signal(SIGUSR1, SIG_IGN); 600 if (signal(SIGPIPE, sigAbort) == SIG_IGN) 601 (void) signal(SIGPIPE, SIG_IGN); 602 603 mnttabread(); /* /etc/fstab, /etc/mtab snarfed */ 604 605 /* 606 * disk can be either the full special file name, 607 * the suffix of the special file name, 608 * the special name missing the leading '/', 609 * the file system name with or without the leading '/'. 610 * NB: we attempt to avoid dumping the block device 611 * (using rawname) because specfs and the vm system 612 * are not necessarily in sync. 613 */ 614 615 /* 616 * Attempt to roll the log if its root user before doing the dump. 617 * There's nothing the user can do if we are unable to roll the log, 618 * so we'll silently ignore failures. 619 */ 620 if (getuid() == 0 && rl_roll_log(disk) != RL_SUCCESS && 621 disk[0] != '/') { 622 /* Try it again with leading '/'. */ 623 char *slashed; 624 625 slashed = (char *)malloc(strlen(disk) + 2); 626 if (slashed != (char *)NULL) { 627 (void) sprintf(slashed, "%c%s", '/', disk); 628 (void) rl_roll_log(slashed); 629 free(slashed); 630 } 631 } 632 dt = mnttabsearch(disk, 0); 633 if (dt != 0) { 634 filesystem = dt->mnt_mountp; 635 if (disk_dynamic) { 636 /* LINTED: disk is not NULL */ 637 free(disk); 638 } 639 disk = rawname(dt->mnt_special); 640 disk_dynamic = (disk != dt->mnt_special); 641 642 (void) strncpy(spcl.c_dev, dt->mnt_special, 643 sizeof (spcl.c_dev)); 644 spcl.c_dev[sizeof (spcl.c_dev) - 1] = '\0'; 645 (void) strncpy(spcl.c_filesys, dt->mnt_mountp, 646 sizeof (spcl.c_filesys)); 647 spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0'; 648 } else { 649 (void) strncpy(spcl.c_dev, disk, sizeof (spcl.c_dev)); 650 spcl.c_dev[sizeof (spcl.c_dev) - 1] = '\0'; 651 #ifdef PARTIAL 652 /* check for partial filesystem dump */ 653 partial_check(); 654 dt = mnttabsearch(disk, 1); 655 if (dt != 0) { 656 filesystem = dt->mnt_mountp; 657 if (disk_dynamic) 658 free(disk); 659 disk = rawname(dt->mnt_special); 660 disk_dynamic = (disk != dt->mnt_special); 661 662 (void) strncpy(spcl.c_filesys, 663 "a partial file system", sizeof (spcl.c_filesys)); 664 spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0'; 665 } 666 else 667 #endif /* PARTIAL */ 668 { 669 char *old_disk = disk; 670 671 (void) strncpy(spcl.c_filesys, 672 "an unlisted file system", 673 sizeof (spcl.c_filesys)); 674 spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0'; 675 676 disk = rawname(old_disk); 677 if (disk != old_disk) { 678 if (disk_dynamic) 679 free(old_disk); 680 disk_dynamic = 1; 681 } 682 /* 683 * If disk == old_disk, then disk_dynamic's state 684 * does not change. 685 */ 686 } 687 } 688 689 fi = open64(disk, O_RDONLY); 690 691 if (fi < 0) { 692 saverr = errno; 693 msg(gettext("Cannot open dump device `%s': %s\n"), 694 disk, strerror(saverr)); 695 Exit(X_ABORT); 696 } 697 698 if (sscanf(&incno, "%1d", &spcl.c_level) != 1) { 699 msg(gettext("Bad dump level `%c' specified\n"), incno); 700 dumpabort(); 701 /*NOTREACHED*/ 702 } 703 getitime(); /* /etc/dumpdates snarfed */ 704 705 sblock = (struct fs *)&sblock_buf; 706 sync(); 707 708 bread((diskaddr_t)SBLOCK, (uchar_t *)sblock, (long)SBSIZE); 709 if ((sblock->fs_magic != FS_MAGIC) && 710 (sblock->fs_magic != MTB_UFS_MAGIC)) { 711 msg(gettext( 712 "Warning - super-block on device `%s' is corrupt - run fsck\n"), 713 disk); 714 dumpabort(); 715 /*NOTREACHED*/ 716 } 717 718 if (sblock->fs_magic == FS_MAGIC && 719 (sblock->fs_version != UFS_EFISTYLE4NONEFI_VERSION_2 && 720 sblock->fs_version != UFS_VERSION_MIN)) { 721 msg(gettext("Unrecognized UFS version: %d\n"), 722 sblock->fs_version); 723 dumpabort(); 724 /*NOTREACHED*/ 725 } 726 727 if (sblock->fs_magic == MTB_UFS_MAGIC && 728 (sblock->fs_version < MTB_UFS_VERSION_MIN || 729 sblock->fs_version > MTB_UFS_VERSION_1)) { 730 msg(gettext("Unrecognized UFS version: %d\n"), 731 sblock->fs_version); 732 dumpabort(); 733 /*NOTREACHED*/ 734 } 735 736 /* 737 * Try to set up for using mmap(2). It only works on the block 738 * device, but if we can use it, things go somewhat faster. If 739 * we can't open it, we'll silently fall back to the old method 740 * (read/memcpy). We also only try this if it's been cleanly 741 * unmounted. Dumping a live filesystem this way runs into 742 * buffer consistency problems. Of course, we don't support 743 * running dump on a mounted filesystem, but some people do it 744 * anyway. 745 */ 746 if (sblock->fs_clean == FSCLEAN) { 747 char *block = unrawname(disk); 748 749 if (block != NULL) { 750 mapfd = open(block, O_RDONLY, 0); 751 free(block); 752 } 753 } 754 755 restart: 756 bread((diskaddr_t)SBLOCK, (uchar_t *)sblock, (long)SBSIZE); 757 if ((sblock->fs_magic != FS_MAGIC) && 758 (sblock->fs_magic != MTB_UFS_MAGIC)) { /* paranoia */ 759 msg(gettext("bad super-block magic number, run fsck\n")); 760 dumpabort(); 761 /*NOTREACHED*/ 762 } 763 764 if (sblock->fs_magic == FS_MAGIC && 765 (sblock->fs_version != UFS_EFISTYLE4NONEFI_VERSION_2 && 766 sblock->fs_version != UFS_VERSION_MIN)) { 767 msg(gettext("Unrecognized UFS version: %d\n"), 768 sblock->fs_version); 769 dumpabort(); 770 /*NOTREACHED*/ 771 } 772 773 if (sblock->fs_magic == MTB_UFS_MAGIC && 774 (sblock->fs_version < MTB_UFS_VERSION_MIN || 775 sblock->fs_version > MTB_UFS_VERSION_1)) { 776 msg(gettext("Unrecognized UFS version: %d\n"), 777 sblock->fs_version); 778 dumpabort(); 779 /*NOTREACHED*/ 780 } 781 782 if (!doingactive) 783 allocino(); 784 785 /* XXX should sanity-check the super block before trusting/using it */ 786 787 /* LINTED XXX time truncated - tolerate until tape format changes */ 788 spcl.c_date = (time32_t)time((time_t *)NULL); 789 bcopy(&(spcl.c_shadow), c_shadow_save, sizeof (c_shadow_save)); 790 791 snapdate = is_fssnap_dump(disk); 792 if (snapdate) 793 spcl.c_date = snapdate; 794 795 if (!printsize) { 796 msg(gettext("Date of this level %c dump: %s\n"), 797 incno, prdate(spcl.c_date)); 798 msg(gettext("Date of last level %c dump: %s\n"), 799 (uchar_t)lastincno, prdate(spcl.c_ddate)); 800 msg(gettext("Dumping %s "), disk); 801 if (filesystem != 0) 802 msgtail("(%.*s:%s) ", 803 /* LINTED unsigned -> signed cast ok */ 804 (int)sizeof (spcl.c_host), spcl.c_host, filesystem); 805 msgtail(gettext("to %s.\n"), sdumpdev); 806 } 807 808 esize = f_esize = o_esize = 0; 809 msiz = roundup(d_howmany(sblock->fs_ipg * sblock->fs_ncg, NBBY), 810 TP_BSIZE_MAX); 811 if (!doingactive) { 812 clrmap = (uchar_t *)xcalloc(msiz, sizeof (*clrmap)); 813 filmap = (uchar_t *)xcalloc(msiz, sizeof (*filmap)); 814 dirmap = (uchar_t *)xcalloc(msiz, sizeof (*dirmap)); 815 nodmap = (uchar_t *)xcalloc(msiz, sizeof (*nodmap)); 816 shamap = (uchar_t *)xcalloc(msiz, sizeof (*shamap)); 817 activemap = (uchar_t *)xcalloc(msiz, sizeof (*activemap)); 818 } else { 819 if (clrmap == NULL || filmap == NULL || dirmap == NULL || 820 nodmap == NULL || shamap == NULL || activemap == NULL) { 821 msg(gettext( 822 "Internal error: NULL map pointer while re-dumping active files")); 823 dumpabort(); 824 /*NOTREACHED*/ 825 } 826 bzero(clrmap, msiz); 827 bzero(filmap, msiz); 828 bzero(dirmap, msiz); 829 bzero(nodmap, msiz); 830 bzero(shamap, msiz); 831 /* retain active map */ 832 } 833 834 dumpstate = DS_INIT; 835 dumptoarchive = 1; 836 837 /* 838 * Read cylinder group inode-used bitmaps to avoid reading clear inodes. 839 */ 840 { 841 uchar_t *clrp = clrmap; 842 struct cg *cgp = 843 (struct cg *)xcalloc((uint_t)sblock->fs_cgsize, 1); 844 845 for (i = 0; i < sblock->fs_ncg; i++) { 846 bread(fsbtodb(sblock, cgtod(sblock, i)), 847 (uchar_t *)cgp, sblock->fs_cgsize); 848 bcopy(cg_inosused(cgp), clrp, 849 (int)sblock->fs_ipg / NBBY); 850 clrp += sblock->fs_ipg / NBBY; 851 } 852 free((char *)cgp); 853 /* XXX right-shift clrmap one bit. why? */ 854 for (i = 0; clrp > clrmap; i <<= NBBY) { 855 i |= *--clrp & ((1<<NBBY) - 1); 856 *clrp = i >> 1; 857 } 858 } 859 860 if (!printsize) { 861 msgp = gettext("Mapping (Pass I) [regular files]\n"); 862 msg(msgp); 863 } 864 865 ino = 0; 866 #ifdef PARTIAL 867 if (partial_mark(argc, argv)) { 868 #endif /* PARTIAL */ 869 if (!doingactive) 870 pass(mark, clrmap); /* mark updates 'x'_esize */ 871 else 872 pass(active_mark, clrmap); /* updates 'x'_esize */ 873 #ifdef PARTIAL 874 } 875 #endif /* PARTIAL */ 876 do { 877 if (!printsize) { 878 msgp = gettext("Mapping (Pass II) [directories]\n"); 879 msg(msgp); 880 } 881 nadded = 0; 882 ino = 0; 883 pass(add, dirmap); 884 } while (nadded); 885 886 ino = 0; /* adjust estimated size for shadow inodes */ 887 pass(markshad, nodmap); 888 ino = 0; 889 pass(estshad, shamap); 890 freeshad(); 891 892 bmapest(clrmap); 893 bmapest(nodmap); 894 esize = o_esize + f_esize; 895 if (diskette) { 896 /* estimate number of floppies */ 897 if (tsize != 0) 898 fetapes = (double)(esize + ntrec) / (double)tsize; 899 } else if (cartridge) { 900 /* 901 * Estimate number of tapes, assuming streaming stops at 902 * the end of each block written, and not in mid-block. 903 * Assume no erroneous blocks; this can be compensated for 904 * with an artificially low tape size. 905 */ 906 tenthsperirg = 16; /* actually 15.48, says Archive */ 907 if (tsize != 0) 908 fetapes = ((double)esize /* blocks */ 909 * (tp_bsize /* bytes/block */ 910 * (1.0/density)) /* 0.1" / byte */ 911 + 912 (double)esize /* blocks */ 913 * (1.0/ntrec) /* streaming-stops per block */ 914 * tenthsperirg) /* 0.1" / streaming-stop */ 915 * (1.0 / tsize); /* tape / 0.1" */ 916 } else { 917 /* Estimate number of tapes, for old fashioned 9-track tape */ 918 #ifdef sun 919 /* sun has long irg's */ 920 tenthsperirg = (density == 625) ? 6 : 12; 921 #else 922 tenthsperirg = (density == 625) ? 5 : 8; 923 #endif 924 if (tsize != 0) 925 fetapes = ((double)esize /* blocks */ 926 * (tp_bsize /* bytes / block */ 927 * (1.0/density)) /* 0.1" / byte */ 928 + 929 (double)esize /* blocks */ 930 * (1.0/ntrec) /* IRG's / block */ 931 * tenthsperirg) /* 0.1" / IRG */ 932 * (1.0 / tsize); /* tape / 0.1" */ 933 } 934 935 etapes = fetapes; /* truncating assignment */ 936 etapes++; 937 /* count the nodemap on each additional tape */ 938 for (i = 1; i < etapes; i++) 939 bmapest(nodmap); 940 /* 941 * If the above bmapest is called, it changes o_esize and f_esize. 942 * So we will recalculate esize here anyway to make sure. 943 * Also, add tape headers and trailer records. 944 */ 945 esize = o_esize + f_esize + etapes + ntrec; 946 947 /* 948 * If the estimated number of tp_bsize tape blocks is greater than 949 * INT_MAX we have to adjust tp_bsize and ntrec to handle 950 * the larger dump. esize is an estimate, so we 'fudge' 951 * INT_MAX a little. If tp_bsize is adjusted, it will be adjusted 952 * to the size needed for this dump (2048, 4096, 8192, ...) 953 */ 954 if (esize > (INT_MAX - FUDGE_FACTOR)) { /* esize is too big */ 955 forceflag++; 956 esize_shift = 957 ((esize + (INT_MAX - FUDGE_FACTOR) - 1)/ 958 ((u_offset_t)(INT_MAX - FUDGE_FACTOR))) - 1; 959 if ((esize_shift > ESIZE_SHIFT_MAX) || (ntrec == 0)) { 960 msgp = gettext( 961 "Block factor %d ('b' flag) is too small for this size dump."); 962 msg(msgp, saved_ntrec); 963 dumpabort(); 964 /*NOTREACHED*/ 965 } 966 /* 967 * recalculate esize from: 968 * o_esize - header tape records 969 * (f_esize + (num_mult -1)) >> esize_shift - new non-header 970 * tape records for files/maps 971 * etapes - TS_TAPE records 972 * ntrec - TS_END records 973 * 974 * ntrec is adjusted so a tape record is still 'b' flag 975 * number of DEV_BSIZE (512) in size 976 */ 977 new_mult = (tp_bsize << esize_shift)/tp_bsize; 978 tp_bsize = (tp_bsize << esize_shift); 979 esize = o_esize + ((f_esize + 980 (new_mult - 1)) >> esize_shift) + etapes + ntrec; 981 ntrec = (saved_ntrec/(tp_bsize/DEV_BSIZE)); 982 } 983 if (forceflag != 0) { 984 msgp = gettext( 985 "Forcing larger tape block size (%d).\n"); 986 msg(msgp, tp_bsize); 987 } 988 alloctape(); /* allocate tape buffers */ 989 990 assert((tp_bsize / DEV_BSIZE != 0) && (tp_bsize % DEV_BSIZE == 0)); 991 /* 992 * If all we wanted was the size estimate, 993 * just print it out and exit. 994 */ 995 if (printsize) { 996 (void) printf("%llu\n", esize * tp_bsize); 997 Exit(0); 998 } 999 1000 if (tsize != 0) { 1001 if (diskette) 1002 msgp = gettext( 1003 "Estimated %lld blocks (%s) on %3.2f diskettes.\n"); 1004 else 1005 msgp = gettext( 1006 "Estimated %lld blocks (%s) on %3.2f tapes.\n"); 1007 1008 msg(msgp, 1009 (esize*(tp_bsize/DEV_BSIZE)), mb(esize), fetapes); 1010 } else { 1011 msgp = gettext("Estimated %lld blocks (%s).\n"); 1012 msg(msgp, (esize*(tp_bsize/DEV_BSIZE)), mb(esize)); 1013 } 1014 1015 dumpstate = DS_CLRI; 1016 1017 otape(1); /* bitmap is the first to tape write */ 1018 *telapsed = 0; 1019 (void) time(tstart_writing); 1020 1021 /* filmap indicates all non-directory inodes */ 1022 { 1023 uchar_t *np, *fp, *dp; 1024 np = nodmap; 1025 dp = dirmap; 1026 fp = filmap; 1027 for (i = 0; i < msiz; i++) 1028 *fp++ = *np++ ^ *dp++; 1029 } 1030 1031 while (dumpstate != DS_DONE) { 1032 /* 1033 * When we receive EOT notification from 1034 * the writer, the signal handler calls 1035 * rollforward and then jumps here. 1036 */ 1037 (void) setjmp(checkpoint_buf); 1038 switch (dumpstate) { 1039 case DS_INIT: 1040 /* 1041 * We get here if a tape error occurred 1042 * after releasing the name lock but before 1043 * the volume containing the last of the 1044 * dir info was completed. We have to start 1045 * all over in this case. 1046 */ 1047 { 1048 char *rmsg = gettext( 1049 "Warning - output error occurred after releasing name lock\n\ 1050 \tThe dump will restart\n"); 1051 msg(rmsg); 1052 goto restart; 1053 } 1054 /* NOTREACHED */ 1055 case DS_START: 1056 case DS_CLRI: 1057 ino = UFSROOTINO; 1058 dumptoarchive = 1; 1059 bitmap(clrmap, TS_CLRI); 1060 nextstate(DS_BITS); 1061 /* FALLTHROUGH */ 1062 case DS_BITS: 1063 ino = UFSROOTINO; 1064 dumptoarchive = 1; 1065 if (BIT(UFSROOTINO, nodmap)) /* empty dump check */ 1066 bitmap(nodmap, TS_BITS); 1067 nextstate(DS_DIRS); 1068 if (!doingverify) { 1069 msgp = gettext( 1070 "Dumping (Pass III) [directories]\n"); 1071 msg(msgp); 1072 } 1073 /* FALLTHROUGH */ 1074 case DS_DIRS: 1075 dumptoarchive = 1; 1076 pass(dirdump, dirmap); 1077 nextstate(DS_FILES); 1078 if (!doingverify) { 1079 msgp = gettext( 1080 "Dumping (Pass IV) [regular files]\n"); 1081 msg(msgp); 1082 } 1083 /* FALLTHROUGH */ 1084 case DS_FILES: 1085 dumptoarchive = 0; 1086 1087 pass(lf_dump, filmap); 1088 1089 flushcmds(); 1090 dumpstate = DS_END; /* don't reset ino */ 1091 /* FALLTHROUGH */ 1092 case DS_END: 1093 dumptoarchive = 1; 1094 spcl.c_type = TS_END; 1095 for (i = 0; i < ntrec; i++) { 1096 spclrec(); 1097 } 1098 flusht(); 1099 break; 1100 case DS_DONE: 1101 break; 1102 default: 1103 msg(gettext("Internal state error\n")); 1104 dumpabort(); 1105 /*NOTREACHED*/ 1106 } 1107 } 1108 1109 if ((! doingactive) && (! active)) 1110 trewind(); 1111 if (verify && !doingverify) { 1112 msgp = gettext("Finished writing last dump volume\n"); 1113 msg(msgp); 1114 Exit(X_VERIFY); 1115 } 1116 if (spcl.c_volume > 1) 1117 (void) snprintf(msgbuf, sizeof (msgbuf), 1118 gettext("%lld blocks (%s) on %ld volumes"), 1119 ((uint64_t)spcl.c_tapea*(tp_bsize/DEV_BSIZE)), 1120 mb((u_offset_t)(unsigned)(spcl.c_tapea)), 1121 spcl.c_volume); 1122 else 1123 (void) snprintf(msgbuf, sizeof (msgbuf), 1124 gettext("%lld blocks (%s) on 1 volume"), 1125 ((uint64_t)spcl.c_tapea*(tp_bsize/DEV_BSIZE)), 1126 mb((u_offset_t)(unsigned)(spcl.c_tapea))); 1127 if (timeclock((time_t)0) != (time_t)0) { 1128 (void) snprintf(kbsbuf, sizeof (kbsbuf), 1129 gettext(" at %ld KB/sec"), 1130 (long)(((float)spcl.c_tapea / (float)timeclock((time_t)0)) 1131 * 1000.0)); 1132 (void) strcat(msgbuf, kbsbuf); 1133 } 1134 (void) strcat(msgbuf, "\n"); 1135 msg(msgbuf); 1136 (void) timeclock((time_t)-1); 1137 1138 if (archive) 1139 msg(gettext("Archiving dump to `%s'\n"), archivefile); 1140 if (active && !verify) { 1141 nextstate(DS_INIT); 1142 activepass(); 1143 goto restart; 1144 } 1145 msgp = gettext("DUMP IS DONE\n"); 1146 msg(msgp); 1147 broadcast(msgp); 1148 if (! doingactive) 1149 putitime(); 1150 Exit(X_FINOK); 1151 1152 /*NOTREACHED*/ 1153 return (0); 1154 } 1155 1156 void 1157 sigAbort(int sig) 1158 { 1159 char *sigtype; 1160 1161 switch (sig) { 1162 case SIGHUP: 1163 sigtype = "SIGHUP"; 1164 break; 1165 case SIGTRAP: 1166 sigtype = "SIGTRAP"; 1167 break; 1168 case SIGFPE: 1169 sigtype = "SIGFPE"; 1170 break; 1171 case SIGBUS: 1172 msg(gettext("%s ABORTING!\n"), "SIGBUS()"); 1173 (void) signal(SIGUSR2, SIG_DFL); 1174 abort(); 1175 /*NOTREACHED*/ 1176 case SIGSEGV: 1177 msg(gettext("%s ABORTING!\n"), "SIGSEGV()"); 1178 (void) signal(SIGUSR2, SIG_DFL); 1179 abort(); 1180 /*NOTREACHED*/ 1181 case SIGALRM: 1182 sigtype = "SIGALRM"; 1183 break; 1184 case SIGTERM: 1185 sigtype = "SIGTERM"; 1186 break; 1187 case SIGPIPE: 1188 msg(gettext("Broken pipe\n")); 1189 dumpabort(); 1190 /*NOTREACHED*/ 1191 default: 1192 sigtype = "SIGNAL"; 1193 break; 1194 } 1195 msg(gettext("%s() try rewriting\n"), sigtype); 1196 if (pipeout) { 1197 msg(gettext("Unknown signal, Cannot recover\n")); 1198 dumpabort(); 1199 /*NOTREACHED*/ 1200 } 1201 msg(gettext("Rewriting attempted as response to unknown signal.\n")); 1202 (void) fflush(stderr); 1203 (void) fflush(stdout); 1204 close_rewind(); 1205 Exit(X_REWRITE); 1206 } 1207 1208 /* Note that returned value is malloc'd if != cp && != NULL */ 1209 char * 1210 rawname(char *cp) 1211 { 1212 struct stat64 st; 1213 char *dp; 1214 extern char *getfullrawname(); 1215 1216 if (stat64(cp, &st) < 0 || (st.st_mode & S_IFMT) != S_IFBLK) 1217 return (cp); 1218 1219 dp = getfullrawname(cp); 1220 if (dp == 0) 1221 return (0); 1222 if (*dp == '\0') { 1223 free(dp); 1224 return (0); 1225 } 1226 1227 if (stat64(dp, &st) < 0 || (st.st_mode & S_IFMT) != S_IFCHR) { 1228 free(dp); 1229 return (cp); 1230 } 1231 1232 return (dp); 1233 } 1234 1235 static char * 1236 mb(u_offset_t blks) 1237 { 1238 static char buf[16]; 1239 1240 if (blks < 1024) 1241 (void) snprintf(buf, sizeof (buf), "%lldKB", blks); 1242 else 1243 (void) snprintf(buf, sizeof (buf), "%.2fMB", 1244 ((double)(blks*tp_bsize)) / (double)(1024*1024)); 1245 return (buf); 1246 } 1247 1248 #ifdef signal 1249 void (*nsignal(int sig, void (*act)(int)))(int) 1250 { 1251 struct sigaction sa, osa; 1252 1253 sa.sa_handler = act; 1254 (void) sigemptyset(&sa.sa_mask); 1255 sa.sa_flags = SA_RESTART; 1256 if (sigaction(sig, &sa, &osa) < 0) 1257 return ((void (*)(int))-1); 1258 return (osa.sa_handler); 1259 } 1260 #endif 1261 1262 static void 1263 nextstate(int state) 1264 { 1265 /* LINTED assigned value never used - kept for documentary purposes */ 1266 dumpstate = state; 1267 /* LINTED assigned value never used - kept for documentary purposes */ 1268 ino = 0; 1269 /* LINTED assigned value never used - kept for documentary purposes */ 1270 pos = 0; 1271 leftover = 0; 1272 } 1273 1274 /* 1275 * timeclock() function, for keeping track of how much time we've spent 1276 * writing to the tape device. it always returns the amount of time 1277 * already spent, in milliseconds. if you pass it a positive, then that's 1278 * telling it that we're writing, so the time counts. if you pass it a 1279 * zero, then that's telling it we're not writing; perhaps we're waiting 1280 * for user input. 1281 * 1282 * a state of -1 resets everything. 1283 */ 1284 time32_t 1285 timeclock(time32_t state) 1286 { 1287 static int *currentState = NULL; 1288 static struct timeval *clockstart; 1289 static time32_t *emilli; 1290 1291 struct timeval current[1]; 1292 int fd, saverr; 1293 1294 #ifdef DEBUG 1295 fprintf(stderr, "pid=%d timeclock ", getpid()); 1296 if (state == (time32_t)-1) 1297 fprintf(stderr, "cleared\n"); 1298 else if (state > 0) 1299 fprintf(stderr, "ticking\n"); 1300 else 1301 fprintf(stderr, "paused\n"); 1302 #endif /* DEBUG */ 1303 1304 /* if we haven't setup the shared memory, init */ 1305 if (currentState == (int *)NULL) { 1306 if ((fd = open("/dev/zero", O_RDWR)) < 0) { 1307 saverr = errno; 1308 msg(gettext("Cannot open `%s': %s\n"), 1309 "/dev/zero", strerror(saverr)); 1310 dumpabort(); 1311 /*NOTREACHED*/ 1312 } 1313 /*LINTED [mmap always returns an aligned value]*/ 1314 currentState = (int *)mmap((char *)0, getpagesize(), 1315 PROT_READ|PROT_WRITE, MAP_SHARED, fd, (off_t)0); 1316 if (currentState == (int *)-1) { 1317 saverr = errno; 1318 msg(gettext( 1319 "Cannot memory map monitor variables: %s\n"), 1320 strerror(saverr)); 1321 dumpabort(); 1322 /*NOTREACHED*/ 1323 } 1324 (void) close(fd); 1325 1326 /* LINTED currentState is sufficiently aligned */ 1327 clockstart = (struct timeval *)(currentState + 1); 1328 emilli = (time32_t *)(clockstart + 1); 1329 /* Note everything is initialized to zero via /dev/zero */ 1330 } 1331 1332 if (state == (time32_t)-1) { 1333 bzero(clockstart, sizeof (*clockstart)); 1334 *currentState = 0; 1335 *emilli = (time32_t)0; 1336 return (0); 1337 } 1338 1339 (void) gettimeofday(current, NULL); 1340 1341 if (*currentState != 0) { 1342 current->tv_usec += 1000000; 1343 current->tv_sec--; 1344 1345 /* LINTED: result will fit in a time32_t */ 1346 *emilli += (current->tv_sec - clockstart->tv_sec) * 1000; 1347 /* LINTED: result will fit in a time32_t */ 1348 *emilli += (current->tv_usec - clockstart->tv_usec) / 1000; 1349 } 1350 1351 if (state != 0) 1352 bcopy(current, clockstart, sizeof (current)); 1353 1354 *currentState = state; 1355 1356 return (*emilli); 1357 } 1358 1359 static int 1360 statcmp(const struct stat64 *left, const struct stat64 *right) 1361 { 1362 int result = 1; 1363 1364 if ((left->st_dev == right->st_dev) && 1365 (left->st_ino == right->st_ino) && 1366 (left->st_mode == right->st_mode) && 1367 (left->st_nlink == right->st_nlink) && 1368 (left->st_uid == right->st_uid) && 1369 (left->st_gid == right->st_gid) && 1370 (left->st_rdev == right->st_rdev) && 1371 (left->st_ctim.tv_sec == right->st_ctim.tv_sec) && 1372 (left->st_ctim.tv_nsec == right->st_ctim.tv_nsec) && 1373 (left->st_mtim.tv_sec == right->st_mtim.tv_sec) && 1374 (left->st_mtim.tv_nsec == right->st_mtim.tv_nsec)) { 1375 /* 1376 * Unlike in the ufsrestore version 1377 * st_blocks and st_blksiz are not 1378 * compared. The reason for this is 1379 * problems with zfs dump files. Zfs 1380 * changes it's statistics in those 1381 * fields. 1382 */ 1383 result = 0; 1384 } 1385 1386 return (result); 1387 } 1388 1389 /* 1390 * Safely open a file or device. 1391 */ 1392 static int 1393 safe_open_common(const char *filename, int mode, int perms, int device) 1394 { 1395 int fd; 1396 int working_mode; 1397 int saverr; 1398 char *errtext; 1399 struct stat64 pre_stat, pre_lstat; 1400 struct stat64 post_stat, post_lstat; 1401 1402 /* 1403 * Don't want to be spoofed into trashing something we 1404 * shouldn't, thus the following rigamarole. If it doesn't 1405 * exist, we create it and proceed. Otherwise, require that 1406 * what's there be a real file with no extraneous links and 1407 * owned by whoever ran us. 1408 * 1409 * The silliness with using both lstat() and fstat() is to avoid 1410 * race-condition games with someone replacing the file with a 1411 * symlink after we've opened it. If there was an flstat(), 1412 * we wouldn't need the fstat(). 1413 * 1414 * The initial open with the hard-coded flags is ok even if we 1415 * are intending to open only for reading. If it succeeds, 1416 * then the file did not exist, and we'll synthesize an appropriate 1417 * complaint below. Otherwise, it does exist, so we won't be 1418 * truncating it with the open. 1419 */ 1420 if ((fd = open(filename, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL|O_LARGEFILE, 1421 perms)) < 0) { 1422 if (errno == EEXIST) { 1423 if (lstat64(filename, &pre_lstat) < 0) { 1424 return (-1); 1425 } 1426 1427 if (stat64(filename, &pre_stat) < 0) { 1428 return (-1); 1429 } 1430 1431 working_mode = mode & (O_WRONLY|O_RDWR|O_RDONLY); 1432 working_mode |= O_LARGEFILE; 1433 if ((fd = open(filename, working_mode)) < 0) { 1434 if (errno == ENOENT) { 1435 errtext = gettext( 1436 "Unexpected condition detected: %s used to exist, but doesn't any longer\n"); 1437 msg(errtext, filename); 1438 syslog(LOG_WARNING, errtext, filename); 1439 errno = ENOENT; 1440 } 1441 return (-1); 1442 } 1443 1444 if (lstat64(filename, &post_lstat) < 0) { 1445 saverr = errno; 1446 (void) close(fd); 1447 errno = saverr; 1448 return (-1); 1449 } 1450 1451 if (fstat64(fd, &post_stat) < 0) { 1452 saverr = errno; 1453 (void) close(fd); 1454 errno = saverr; 1455 return (-1); 1456 } 1457 1458 /* 1459 * Can't just use memcmp(3C), because the access 1460 * time is updated by open(2). 1461 */ 1462 if (statcmp(&pre_lstat, &post_lstat) != 0) { 1463 errtext = gettext("Unexpected change detected: " 1464 "%s's lstat(2) information changed\n"); 1465 msg(errtext, filename); 1466 syslog(LOG_WARNING, errtext, filename); 1467 errno = EPERM; 1468 return (-1); 1469 } 1470 1471 if (statcmp(&pre_stat, &post_stat) != 0) { 1472 errtext = gettext("Unexpected change detected: " 1473 "%s's stat(2) information changed\n"), 1474 msg(errtext, filename); 1475 syslog(LOG_WARNING, errtext, filename); 1476 errno = EPERM; 1477 return (-1); 1478 } 1479 1480 /* 1481 * If inode, device, or type are wrong, bail out. 1482 * Note using post_stat instead of post_lstat for the 1483 * S_ISCHR() test. This is to allow the /dev -> 1484 * /devices bit to work, as long as the final target 1485 * is a character device (i.e., raw disk or tape). 1486 */ 1487 if (device && !(S_ISCHR(post_stat.st_mode)) && 1488 !(S_ISFIFO(post_stat.st_mode)) && 1489 !(S_ISREG(post_lstat.st_mode))) { 1490 errtext = gettext("Unexpected condition " 1491 "detected: %s is not a supported device\n"), 1492 msg(errtext, filename); 1493 syslog(LOG_WARNING, errtext, filename); 1494 (void) close(fd); 1495 errno = EPERM; 1496 return (-1); 1497 } else if (!device && 1498 (!S_ISREG(post_lstat.st_mode) || 1499 (post_stat.st_ino != post_lstat.st_ino) || 1500 (post_stat.st_dev != post_lstat.st_dev))) { 1501 errtext = gettext("Unexpected condition " 1502 "detected: %s is not a regular file\n"), 1503 msg(errtext, filename); 1504 syslog(LOG_WARNING, errtext, filename); 1505 (void) close(fd); 1506 errno = EPERM; 1507 return (-1); 1508 } 1509 1510 /* 1511 * Bad link count implies someone's linked our 1512 * target to something else, which we probably 1513 * shouldn't step on. 1514 */ 1515 if (post_lstat.st_nlink != 1) { 1516 errtext = gettext("Unexpected condition " 1517 "detected: %s must have exactly one " 1518 "link\n"), msg(errtext, filename); 1519 syslog(LOG_WARNING, errtext, filename); 1520 (void) close(fd); 1521 errno = EPERM; 1522 return (-1); 1523 } 1524 /* 1525 * Root might make a file, but non-root might 1526 * need to open it. If the permissions let us 1527 * get this far, then let it through. 1528 */ 1529 if (post_lstat.st_uid != getuid() && 1530 post_lstat.st_uid != 0) { 1531 errtext = gettext("Unsupported " 1532 "condition detected: %s " 1533 "must be owned by uid %ld or 0\n"), 1534 msg(errtext, filename, (long)getuid()); 1535 syslog(LOG_WARNING, errtext, filename, 1536 (long)getuid()); 1537 (void) close(fd); 1538 errno = EPERM; 1539 return (-1); 1540 } 1541 if (mode & O_TRUNC) { 1542 if (ftruncate(fd, (off_t)0) < 0) { 1543 msg("ftruncate(%s): %s\n", 1544 filename, strerror(errno)); 1545 (void) close(fd); 1546 return (-1); 1547 } 1548 } 1549 } else { 1550 /* 1551 * Didn't exist, but couldn't open it. 1552 */ 1553 return (-1); 1554 } 1555 } else { 1556 /* 1557 * If truncating open succeeded for a read-only open, 1558 * bail out, as we really shouldn't have succeeded. 1559 */ 1560 if (mode & O_RDONLY) { 1561 /* Undo the O_CREAT */ 1562 (void) unlink(filename); 1563 msg("open(%s): %s\n", 1564 filename, strerror(ENOENT)); 1565 (void) close(fd); 1566 errno = ENOENT; 1567 return (-1); 1568 } 1569 } 1570 1571 return (fd); 1572 } 1573 1574 /* 1575 * Safely open a file. 1576 */ 1577 int 1578 safe_file_open(const char *filename, int mode, int perms) 1579 { 1580 return (safe_open_common(filename, mode, perms, 0)); 1581 } 1582 1583 /* 1584 * Safely open a device. 1585 */ 1586 int 1587 safe_device_open(const char *filename, int mode, int perms) 1588 { 1589 return (safe_open_common(filename, mode, perms, 1)); 1590 } 1591 1592 /* 1593 * STDIO version of safe_open 1594 */ 1595 FILE * 1596 safe_fopen(const char *filename, const char *smode, int perms) 1597 { 1598 int fd; 1599 int bmode; 1600 1601 /* 1602 * accepts only modes "r", "r+", and "w" 1603 */ 1604 if (smode[0] == 'r') { 1605 if (smode[1] == '\0') { 1606 bmode = O_RDONLY; 1607 } else if ((smode[1] == '+') && (smode[2] == '\0')) { 1608 bmode = O_RDWR; 1609 } 1610 } else if ((smode[0] == 'w') && (smode[1] == '\0')) { 1611 bmode = O_WRONLY; 1612 } else { 1613 msg(gettext("internal error: safe_fopen: invalid mode `%s'\n"), 1614 smode); 1615 return (NULL); 1616 } 1617 1618 fd = safe_file_open(filename, bmode, perms); 1619 1620 /* 1621 * caller is expected to report error. 1622 */ 1623 if (fd >= 0) 1624 return (fdopen(fd, smode)); 1625 1626 return ((FILE *)NULL); 1627 } 1628 1629 void 1630 child_chdir(void) 1631 { 1632 char name[MAXPATHLEN]; 1633 1634 if (debug_chdir != NULL) { 1635 snprintf(name, sizeof (name), "%s/%ld", 1636 debug_chdir, (long)getpid()); 1637 if (mkdir(name, 0755) < 0) 1638 msg("mkdir(%s): %s", name, strerror(errno)); 1639 if (chdir(name) < 0) 1640 msg("chdir(%s): %s", name, strerror(errno)); 1641 } 1642 } 1643