xref: /titanic_50/usr/src/cmd/backup/dump/dumpmain.c (revision afd1ac7b1c9a8cdf273c865aa5e9a14620341443)
1 /*
2  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
7 /*	  All Rights Reserved	*/
8 
9 /*
10  * Copyright (c) 1980 Regents of the University of California.
11  * All rights reserved.  The Berkeley software License Agreement
12  * specifies the terms and conditions for redistribution.
13  */
14 
15 #pragma ident	"%Z%%M%	%I%	%E% SMI"
16 
17 #include "dump.h"
18 #include <rmt.h>
19 #include <sys/mtio.h>
20 #include <limits.h>
21 #include <priv_utils.h>
22 #include "roll_log.h"
23 
24 int	notify = 0;		/* notify operator flag */
25 int	blockswritten = 0;	/* number of blocks written on current tape */
26 uint_t	tapeno = 0;		/* current tape number */
27 daddr32_t filenum = 0;		/* current file number on tape */
28 int	density = 0;		/* density in bytes/0.1" */
29 int	tenthsperirg;		/* inter-record-gap in 0.1"'s */
30 uint_t	ntrec = 0;		/* # tape blocks in each tape record */
31 uint_t	saved_ntrec = 0;	/* saved value of ntrec */
32 uint_t	forceflag = 0;		/* forced to change tp_bsize */
33 int	cartridge = 0;		/* assume non-cartridge tape */
34 uint_t	tracks;			/* # tracks on a cartridge tape */
35 int	diskette = 0;		/* assume not dumping to a diskette */
36 int	printsize = 0;		/* just print estimated size and exit */
37 int	mapfd = -1;		/* if >= 0, file descriptor for mmap */
38 int32_t	tp_bsize = TP_BSIZE_MIN; /* tape block record size (frag size) */
39 #ifdef DEBUG
40 int	xflag;			/* debugging switch */
41 #endif
42 
43 char	*myname;
44 
45 /*
46  * This should be struct fs, but there are trailing bits on disk
47  * that we also need to read in as part of it.  It's an array of
48  * longs instead of char to force proper alignment.
49  */
50 static long sblock_buf[SBSIZE/sizeof (long)];
51 
52 #ifdef __STDC__
53 static char *mb(u_offset_t);
54 static void nextstate(int);
55 #else
56 static char *mb();
57 static void nextstate();
58 #endif
59 
60 extern	jmp_buf checkpoint_buf;	/* context for return from checkpoint */
61 #define	FUDGE_FACTOR	0x2000000
62 
63 main(argc, argv)
64 	int	argc;
65 	char	*argv[];
66 {
67 	char		*arg;
68 	int		bflag = 0, i, error = 0, saverr;
69 	double		fetapes = 0.0;
70 	struct	mnttab	*dt;
71 	char		msgbuf[3000], *msgp;
72 	char		kbsbuf[BUFSIZ];
73 	u_offset_t	esize_shift = 0;
74 	int32_t	new_mult = 0;
75 	time32_t	snapdate;
76 
77 	host = NULL;
78 
79 	if (myname = strrchr(argv[0], '/'))
80 		myname++;
81 	else
82 		myname = argv[0];
83 
84 	if (strcmp("hsmdump", myname) == 0) {
85 		msg(gettext("hsmdump emulation is no longer supported.\n"));
86 		Exit(X_ABORT);
87 	}
88 
89 	tape = DEFTAPE;
90 	autoload_period = 12;
91 	autoload_tries = 12;	/* traditional default of ~2.5 minutes */
92 
93 	(void) setlocale(LC_ALL, "");
94 #if !defined(TEXT_DOMAIN)
95 #define	TEXT_DOMAIN "SYS_TEST"
96 #endif  /* TEXT_DOMAIN */
97 	(void) textdomain(TEXT_DOMAIN);
98 
99 	/*
100 	 * If someone strips the set-uid bit, dump will still work for local
101 	 * tapes.  Fail when we try to access a remote tape.
102 	 */
103 	(void) __init_suid_priv(0, PRIV_NET_PRIVADDR, (char *)NULL);
104 
105 	if (sysinfo(SI_HOSTNAME, spcl.c_host, sizeof (spcl.c_host)) < 0) {
106 		saverr = errno;
107 		msg(gettext("Could not get host name: %s\n"),
108 		    strerror(saverr));
109 		bzero(spcl.c_host, sizeof (spcl.c_host));
110 	}
111 
112 	dumppid = getpid();
113 	tsize = 0;	/* no default size, detect EOT dynamically */
114 
115 	disk = NULL;
116 	dname = NULL;
117 	disk_dynamic = 0;
118 	increm = NINCREM;
119 	incno = '9';
120 	uflag = 0;
121 	arg = "u";
122 	tlabel = "none";
123 	if (argc > 1) {
124 		argv++;
125 		argc--;
126 		arg = *argv;
127 		if (*arg == '-')
128 			arg++;
129 	}
130 	while (*arg)
131 	switch (*arg++) {		/* BE CAUTIOUS OF FALLTHROUGHS */
132 	case 'M':
133 		/*
134 		 * This undocumented option causes each process to
135 		 * mkdir debug_chdir/getpid(), and chdir to it.  This is
136 		 * to ease the collection of profiling information and
137 		 * core dumps.
138 		 */
139 		if (argc > 1) {
140 			argv++;
141 			argc--;
142 			debug_chdir = *argv;
143 			msg(gettext(
144 			    "Each process shall try to chdir to %s/<pid>\n"),
145 			    debug_chdir);
146 			child_chdir();
147 		} else {
148 			msg(gettext("Missing move-to-dir (M) name\n"));
149 			dumpabort();
150 			/*NOTREACHED*/
151 		}
152 		break;
153 
154 	case 'w':
155 		lastdump('w');		/* tell us only what has to be done */
156 		exit(0);
157 		break;
158 
159 	case 'W':			/* what to do */
160 		lastdump('W');		/* tell state of what has been done */
161 		exit(0);		/* do nothing else */
162 		break;
163 
164 	case 'T':
165 		if (argc > 1) {
166 			int count;
167 			int multiplier;
168 			char units;
169 
170 			argv++;
171 			argc--;
172 			count = atoi(*argv);
173 			if (count < 1) {
174 				msg(gettext(
175 				    "Unreasonable autoload timeout period\n"));
176 				dumpabort();
177 				/*NOTREACHED*/
178 			}
179 			units = *(*argv + strlen(*argv) - 1);
180 			switch (units) {
181 			case 's':
182 				multiplier = 1;
183 				break;
184 			case 'h':
185 				multiplier = 3600;
186 				break;
187 			case '0': case '1': case '2': case '3': case '4':
188 			case '5': case '6': case '7': case '8': case '9':
189 			case 'm':
190 				multiplier = 60;
191 				break;
192 			default:
193 				msg(gettext(
194 				    "Unknown timeout units indicator `%c'\n"),
195 				    units);
196 				dumpabort();
197 				/*NOTREACHED*/
198 			}
199 			autoload_tries = 1 +
200 			    ((count * multiplier) / autoload_period);
201 		} else {
202 			msg(gettext("Missing autoload timeout period\n"));
203 			dumpabort();
204 			/*NOTREACHED*/
205 		}
206 		break;
207 
208 	case 'f':			/* output file */
209 		if (argc > 1) {
210 			argv++;
211 			argc--;
212 			tape = *argv;
213 			if (*tape == '\0') {
214 				msg(gettext("Bad output device name\n"));
215 				dumpabort();
216 				/*NOTREACHED*/
217 			}
218 		} else {
219 			msg(gettext("Missing output device name\n"));
220 			dumpabort();
221 			/*NOTREACHED*/
222 		}
223 		if (strcmp(tape, "-") == 0 && verify) {
224 			msg(gettext(
225 			"Cannot verify when dumping to standard out.\n"));
226 			dumpabort();
227 			/*NOTREACHED*/
228 		}
229 		break;
230 
231 	case 'd':			/* density, in bits per inch */
232 		if (argc > 1) {
233 			argv++;
234 			argc--;
235 			density = atoi(*argv) / 10;
236 			if (density <= 0) {
237 				msg(gettext(
238 				    "Density must be a positive integer\n"));
239 				dumpabort();
240 				/*NOTREACHED*/
241 			}
242 		} else {
243 			msg(gettext("Missing density\n"));
244 			dumpabort();
245 			/*NOTREACHED*/
246 		}
247 		break;
248 
249 	case 's':			/* tape size, feet */
250 		if (argc > 1) {
251 			argv++;
252 			argc--;
253 			tsize = atol(*argv);
254 			if ((*argv[0] == '-') || (tsize == 0)) {
255 				msg(gettext(
256 			    "Tape size must be a positive integer\n"));
257 				dumpabort();
258 				/*NOTREACHED*/
259 			}
260 		} else {
261 			msg(gettext("Missing tape size\n"));
262 			dumpabort();
263 			/*NOTREACHED*/
264 		}
265 		break;
266 
267 	case 't':			/* tracks */
268 		if (argc > 1) {
269 			argv++;
270 			argc--;
271 			tracks = atoi(*argv);
272 		} else {
273 			msg(gettext("Missing track count\n"));
274 			dumpabort();
275 			/*NOTREACHED*/
276 		}
277 		break;
278 
279 	case 'b':			/* blocks per tape write */
280 		if (argc > 1) {
281 			argv++;
282 			argc--;
283 			bflag++;
284 			/*
285 			 * We save the ntrec in case we need to change
286 			 * tp_bsize later, we will have to recalculate
287 			 * it.
288 			 */
289 			saved_ntrec = ntrec = atoi(*argv);
290 			if (ntrec == 0 || (ntrec&1) || ntrec > (MAXNTREC*2)) {
291 				msg(gettext(
292 		    "Block size must be a positive, even integer <= %d\n"),
293 				    MAXNTREC*2);
294 				dumpabort();
295 				/*NOTREACHED*/
296 			}
297 			ntrec /= (tp_bsize/DEV_BSIZE);
298 		} else {
299 			msg(gettext("Missing blocking factor\n"));
300 			dumpabort();
301 			/*NOTREACHED*/
302 		}
303 		break;
304 
305 	case 'c':			/* Tape is cart. not 9-track */
306 	case 'C':			/* 'C' to be consistent with 'D' */
307 		cartridge++;
308 		break;
309 
310 	case '0':			/* dump level */
311 	case '1':
312 	case '2':
313 	case '3':
314 	case '4':
315 	case '5':
316 	case '6':
317 	case '7':
318 	case '8':
319 	case '9':
320 		incno = arg[-1];
321 		break;
322 
323 	case 'u':			/* update /etc/dumpdates */
324 		uflag++;
325 		break;
326 
327 	case 'n':			/* notify operators */
328 		notify++;
329 		break;
330 
331 	case 'a':			/* create archive file */
332 		archive = 1;
333 		if (argc > 1) {
334 			argv++;
335 			argc--;
336 			if (**argv == '\0') {
337 				msg(gettext("Bad archive file name\n"));
338 				dumpabort();
339 				/*NOTREACHED*/
340 			}
341 			archivefile = strdup(*argv);
342 			if (archivefile == NULL) {
343 				saverr = errno;
344 				msg(gettext("Cannot allocate memory: %s\n"),
345 				    strerror(saverr));
346 				dumpabort();
347 				/*NOTREACHED*/
348 			}
349 		} else {
350 			msg(gettext("Missing archive file name\n"));
351 			dumpabort();
352 			/*NOTREACHED*/
353 		}
354 		break;
355 
356 	case 'v':
357 		verify++;
358 		doingverify++;
359 		if (strcmp(tape, "-") == 0) {
360 			msg(gettext(
361 			"Cannot verify when dumping to standard out.\n"));
362 			dumpabort();
363 			/*NOTREACHED*/
364 		}
365 		break;
366 
367 	case 'D':
368 		diskette++;
369 		break;
370 
371 	case 'N':
372 		if (argc > 1) {
373 			argv++;
374 			argc--;
375 			if (**argv == '\0') {
376 				msg(gettext("Missing name for dumpdates "
377 				    "entry.\n"));
378 				dumpabort();
379 				/*NOTREACHED*/
380 			}
381 			dname = *argv;
382 			if (strlen(dname) > MAXNAMLEN + 2) {
383 				msg(gettext("Dumpdates entry name too "
384 				    "long.\n"));
385 				dumpabort();
386 				/*NOTREACHED*/
387 			}
388 			for (i = 0; i < strlen(dname); i++) {
389 				if (isspace(*(dname+i))) {
390 					msg(gettext("Dumpdates entry name may "
391 					    "not contain white space.\n"));
392 					dumpabort();
393 					/*NOTREACHED*/
394 				}
395 			}
396 		} else {
397 			msg(gettext("Missing name for dumpdates entry.\n"));
398 			dumpabort();
399 			/*NOTREACHED*/
400 		}
401 		break;
402 	case 'L':
403 		if (argc > 1) {
404 			argv++;
405 			argc--;
406 			if (**argv == '\0') {
407 				msg(gettext("Missing tape label name\n"));
408 				dumpabort();
409 				/*NOTREACHED*/
410 			}
411 			tlabel = *argv;
412 			if (strlen(tlabel) > (sizeof (spcl.c_label) - 1)) {
413 				tlabel[sizeof (spcl.c_label) - 1] = '\0';
414 				msg(gettext(
415 		    "Truncating label to maximum supported length: `%s'\n"),
416 				    tlabel);
417 			}
418 		} else {
419 			msg(gettext("Missing tape label name\n"));
420 			dumpabort();
421 			/*NOTREACHED*/
422 		}
423 		break;
424 
425 	case 'l':
426 		autoload++;
427 		break;
428 
429 	case 'o':
430 		offline++;
431 		break;
432 
433 	case 'S':
434 		printsize++;
435 		break;
436 
437 #ifdef DEBUG
438 	case 'z':
439 		xflag++;
440 		break;
441 #endif
442 
443 	default:
444 		msg(gettext("Bad option `%c'\n"), arg[-1]);
445 		dumpabort();
446 		/*NOTREACHED*/
447 	}
448 	if (argc > 1) {
449 		argv++;
450 		argc--;
451 		if (**argv == '\0') {
452 			msg(gettext("Bad disk name\n"));
453 			dumpabort();
454 			/*NOTREACHED*/
455 		}
456 		disk = *argv;
457 		disk_dynamic = 0;
458 	}
459 	if (disk == NULL) {
460 		(void) fprintf(stderr, gettext(
461 	"Usage: %s [0123456789fustdWwnNDCcbavloS [argument]] filesystem\n"),
462 		    myname);
463 		Exit(X_ABORT);
464 	}
465 	if (!filenum)
466 		filenum = 1;
467 
468 	if (signal(SIGINT, interrupt) == SIG_IGN)
469 		(void) signal(SIGINT, SIG_IGN);
470 
471 	if (strcmp(tape, "-") == 0) {
472 		pipeout++;
473 		tape = gettext("standard output");
474 		dumpdev = sdumpdev = strdup(tape);
475 		if (dumpdev == NULL) {
476 			saverr = errno;
477 			msg(gettext("Cannot allocate memory: %s\n"),
478 			    strerror(saverr));
479 			dumpabort();
480 			/*NOTREACHED*/
481 		}
482 		/*CONSTANTCONDITION*/
483 		assert(sizeof (spcl.c_label) > 5);
484 		(void) strcpy(spcl.c_label, "none");
485 	} else if (*tape == '+') {
486 		nextdevice();
487 		(void) strcpy(spcl.c_label, tlabel);
488 	} else {
489 		/* if not already set, set diskette to default */
490 		if (diskette && strcmp(tape, DEFTAPE) == 0)
491 			tape = DISKETTE;
492 		nextdevice();
493 		(void) strcpy(spcl.c_label, tlabel);
494 	}
495 	if (cartridge && diskette) {
496 		error = 1;
497 		msg(gettext("Cannot select both cartridge and diskette\n"));
498 	}
499 	if (density && diskette) {
500 		error = 1;
501 		msg(gettext("Cannot select density of diskette\n"));
502 	}
503 	if (tracks && diskette) {
504 		error = 1;
505 		msg(gettext("Cannot select number of tracks of diskette\n"));
506 	}
507 	if (error) {
508 		dumpabort();
509 		/*NOTREACHED*/
510 	}
511 
512 	/*
513 	 * Determine how to default tape size and density
514 	 *
515 	 *		density				tape size
516 	 * 9-track	1600 bpi (160 bytes/.1")	2300 ft.
517 	 * 9-track	6250 bpi (625 bytes/.1")	2300 ft.
518 	 *
519 	 * Most Sun-2's came with 4 track (20MB) cartridge tape drives,
520 	 * while most other machines (Sun-3's and non-Sun's) come with
521 	 * 9 track (45MB) cartridge tape drives.  Some Sun-2's came with
522 	 * 9 track drives, but there is no way for the software to detect
523 	 * which drive type is installed.  Sigh...  We make the gross
524 	 * assumption that #ifdef mc68010 will test for a Sun-2.
525 	 *
526 	 * cartridge	8000 bpi (100 bytes/.1")	425 * tracks ft.
527 	 */
528 	if (density == 0)
529 		density = cartridge ? 100 : 625;
530 	if (tracks == 0)
531 		tracks = 9;
532 	if (!bflag) {
533 		if (cartridge)
534 			ntrec = CARTRIDGETREC;
535 		else if (diskette)
536 			ntrec = NTREC;
537 		else if (density >= 625)
538 			ntrec = HIGHDENSITYTREC;
539 		else
540 			ntrec = NTREC;
541 		/*
542 		 * save ntrec in case we have to change tp_bsize later.
543 		 */
544 		saved_ntrec = (ntrec * (tp_bsize/DEV_BSIZE));
545 	}
546 	if (!diskette) {
547 		tsize *= 12L*10L;
548 		if (cartridge)
549 			tsize *= tracks;
550 	}
551 	rmtinit(msg, Exit);
552 	if (host) {
553 		char	*cp = strchr(host, '@');
554 		if (cp == (char *)0)
555 			cp = host;
556 		else
557 			cp++;
558 
559 		if (rmthost(host, ntrec) == 0) {
560 			msg(gettext("Cannot connect to tape host `%s'\n"), cp);
561 			dumpabort();
562 			/*NOTREACHED*/
563 		}
564 	}
565 	if (signal(SIGHUP, sigAbort) == SIG_IGN)
566 		(void) signal(SIGHUP, SIG_IGN);
567 	if (signal(SIGTRAP, sigAbort) == SIG_IGN)
568 		(void) signal(SIGTRAP, SIG_IGN);
569 	if (signal(SIGFPE, sigAbort) == SIG_IGN)
570 		(void) signal(SIGFPE, SIG_IGN);
571 	if (signal(SIGBUS, sigAbort) == SIG_IGN)
572 		(void) signal(SIGBUS, SIG_IGN);
573 	if (signal(SIGSEGV, sigAbort) == SIG_IGN)
574 		(void) signal(SIGSEGV, SIG_IGN);
575 	if (signal(SIGTERM, sigAbort) == SIG_IGN)
576 		(void) signal(SIGTERM, SIG_IGN);
577 	if (signal(SIGUSR1, sigAbort) == SIG_IGN)
578 		(void) signal(SIGUSR1, SIG_IGN);
579 	if (signal(SIGPIPE, sigAbort) == SIG_IGN)
580 		(void) signal(SIGPIPE, SIG_IGN);
581 
582 	mnttabread();		/* /etc/fstab, /etc/mtab snarfed */
583 
584 	/*
585 	 *	disk can be either the full special file name,
586 	 *	the suffix of the special file name,
587 	 *	the special name missing the leading '/',
588 	 *	the file system name with or without the leading '/'.
589 	 *	NB:  we attempt to avoid dumping the block device
590 	 *	(using rawname) because specfs and the vm system
591 	 *	are not necessarily in sync.
592 	 */
593 
594 	/*
595 	 * Attempt to roll the log before doing the dump.  There's nothing
596 	 * the user can do if we are unable to roll the log, so we'll silently
597 	 * ignore failures.
598 	 */
599 	if ((rl_roll_log(disk) != RL_SUCCESS) && (disk[0] != '/')) {
600 		/* Try it again with leading '/'. */
601 		char	*slashed;
602 
603 		slashed = (char *)malloc(strlen(disk) + 2);
604 		if (slashed != (char *)NULL) {
605 			(void) sprintf(slashed, "%c%s", '/', disk);
606 			(void) rl_roll_log(slashed);
607 			free(slashed);
608 		}
609 	}
610 	dt = mnttabsearch(disk, 0);
611 	if (dt != 0) {
612 		filesystem = dt->mnt_mountp;
613 		if (disk_dynamic) {
614 			/* LINTED: disk is not NULL */
615 			free(disk);
616 		}
617 		disk = rawname(dt->mnt_special);
618 		disk_dynamic = (disk != dt->mnt_special);
619 
620 		(void) strncpy(spcl.c_dev, dt->mnt_special,
621 		    sizeof (spcl.c_dev));
622 		spcl.c_dev[sizeof (spcl.c_dev) - 1] = '\0';
623 		(void) strncpy(spcl.c_filesys, dt->mnt_mountp,
624 		    sizeof (spcl.c_filesys));
625 		spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0';
626 	} else {
627 		(void) strncpy(spcl.c_dev, disk, sizeof (spcl.c_dev));
628 		spcl.c_dev[sizeof (spcl.c_dev) - 1] = '\0';
629 #ifdef PARTIAL
630 		/* check for partial filesystem dump */
631 		partial_check();
632 		dt = mnttabsearch(disk, 1);
633 		if (dt != 0) {
634 			filesystem = dt->mnt_mountp;
635 			if (disk_dynamic)
636 				free(disk);
637 			disk = rawname(dt->mnt_special);
638 			disk_dynamic = (disk != dt->mnt_special);
639 
640 			(void) strncpy(spcl.c_filesys,
641 			    "a partial file system", sizeof (spcl.c_filesys));
642 			spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0';
643 		}
644 		else
645 #endif /* PARTIAL */
646 		{
647 			char *old_disk = disk;
648 
649 			(void) strncpy(spcl.c_filesys,
650 			    "an unlisted file system",
651 			    sizeof (spcl.c_filesys));
652 			spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0';
653 
654 			disk = rawname(old_disk);
655 			if (disk != old_disk) {
656 				if (disk_dynamic)
657 					free(old_disk);
658 				disk_dynamic = 1;
659 			}
660 			/*
661 			 * If disk == old_disk, then disk_dynamic's state
662 			 * does not change.
663 			 */
664 		}
665 	}
666 
667 	fi = open64(disk, O_RDONLY);
668 
669 	if (fi < 0) {
670 		saverr = errno;
671 		msg(gettext("Cannot open dump device `%s': %s\n"),
672 			disk, strerror(saverr));
673 		Exit(X_ABORT);
674 	}
675 
676 	if (sscanf(&incno, "%1d", &spcl.c_level) != 1) {
677 		msg(gettext("Bad dump level `%c' specified\n"), incno);
678 		dumpabort();
679 		/*NOTREACHED*/
680 	}
681 	getitime();		/* /etc/dumpdates snarfed */
682 
683 	sblock = (struct fs *)&sblock_buf;
684 	sync();
685 
686 	bread((diskaddr_t)SBLOCK, (uchar_t *)sblock, (long)SBSIZE);
687 	if ((sblock->fs_magic != FS_MAGIC) &&
688 	    (sblock->fs_magic != MTB_UFS_MAGIC)) {
689 		msg(gettext(
690 	    "Warning - super-block on device `%s' is corrupt - run fsck\n"),
691 		    disk);
692 		dumpabort();
693 		/*NOTREACHED*/
694 	}
695 
696 	if (sblock->fs_magic == FS_MAGIC &&
697 	    (sblock->fs_version != UFS_EFISTYLE4NONEFI_VERSION_2 &&
698 	    sblock->fs_version != UFS_VERSION_MIN)) {
699 		msg(gettext("Unrecognized UFS version: %d\n"),
700 		    sblock->fs_version);
701 		dumpabort();
702 		/*NOTREACHED*/
703 	}
704 
705 	if (sblock->fs_magic == MTB_UFS_MAGIC &&
706 	    (sblock->fs_version < MTB_UFS_VERSION_MIN ||
707 	    sblock->fs_version > MTB_UFS_VERSION_1)) {
708 		msg(gettext("Unrecognized UFS version: %d\n"),
709 		    sblock->fs_version);
710 		dumpabort();
711 		/*NOTREACHED*/
712 	}
713 
714 	/*
715 	 * Try to set up for using mmap(2).  It only works on the block
716 	 * device, but if we can use it, things go somewhat faster.  If
717 	 * we can't open it, we'll silently fall back to the old method
718 	 * (read/memcpy). We also only try this if it's been cleanly
719 	 * unmounted. Dumping a live filesystem this way runs into
720 	 * buffer consistency problems. Of course, we don't support
721 	 * running dump on a mounted filesystem, but some people do it
722 	 * anyway.
723 	 */
724 	if (sblock->fs_clean == FSCLEAN) {
725 		char *block = unrawname(disk);
726 
727 		if (block != NULL) {
728 			mapfd = open(block, O_RDONLY, 0);
729 			free(block);
730 		}
731 	}
732 
733 restart:
734 	bread((diskaddr_t)SBLOCK, (uchar_t *)sblock, (long)SBSIZE);
735 	if ((sblock->fs_magic != FS_MAGIC) &&
736 	    (sblock->fs_magic != MTB_UFS_MAGIC)) {	/* paranoia */
737 		msg(gettext("bad super-block magic number, run fsck\n"));
738 		dumpabort();
739 		/*NOTREACHED*/
740 	}
741 
742 	if (sblock->fs_magic == FS_MAGIC &&
743 	    (sblock->fs_version != UFS_EFISTYLE4NONEFI_VERSION_2 &&
744 	    sblock->fs_version != UFS_VERSION_MIN)) {
745 		msg(gettext("Unrecognized UFS version: %d\n"),
746 		    sblock->fs_version);
747 		dumpabort();
748 		/*NOTREACHED*/
749 	}
750 
751 	if (sblock->fs_magic == MTB_UFS_MAGIC &&
752 	    (sblock->fs_version < MTB_UFS_VERSION_MIN ||
753 	    sblock->fs_version > MTB_UFS_VERSION_1)) {
754 		msg(gettext("Unrecognized UFS version: %d\n"),
755 		    sblock->fs_version);
756 		dumpabort();
757 		/*NOTREACHED*/
758 	}
759 
760 	if (!doingactive)
761 		allocino();
762 
763 	/* XXX should sanity-check the super block before trusting/using it */
764 
765 	/* LINTED XXX time truncated - tolerate until tape format changes */
766 	spcl.c_date = (time32_t)time((time_t *)NULL);
767 	bcopy(&(spcl.c_shadow), c_shadow_save, sizeof (c_shadow_save));
768 
769 	snapdate = is_fssnap_dump(disk);
770 	if (snapdate)
771 		spcl.c_date = snapdate;
772 
773 	if (!printsize) {
774 		msg(gettext("Date of this level %c dump: %s\n"),
775 		    incno, prdate(spcl.c_date));
776 		msg(gettext("Date of last level %c dump: %s\n"),
777 			(uchar_t)lastincno, prdate(spcl.c_ddate));
778 		msg(gettext("Dumping %s "), disk);
779 		if (filesystem != 0)
780 			msgtail("(%.*s:%s) ",
781 			    /* LINTED unsigned -> signed cast ok */
782 			    (int)sizeof (spcl.c_host), spcl.c_host, filesystem);
783 		msgtail(gettext("to %s.\n"), sdumpdev);
784 	}
785 
786 	esize = f_esize = o_esize = 0;
787 	msiz = roundup(d_howmany(sblock->fs_ipg * sblock->fs_ncg, NBBY),
788 		TP_BSIZE_MAX);
789 	if (!doingactive) {
790 		clrmap = (uchar_t *)xcalloc(msiz, sizeof (*clrmap));
791 		filmap = (uchar_t *)xcalloc(msiz, sizeof (*filmap));
792 		dirmap = (uchar_t *)xcalloc(msiz, sizeof (*dirmap));
793 		nodmap = (uchar_t *)xcalloc(msiz, sizeof (*nodmap));
794 		shamap = (uchar_t *)xcalloc(msiz, sizeof (*shamap));
795 		activemap = (uchar_t *)xcalloc(msiz, sizeof (*activemap));
796 	} else {
797 		if (clrmap == NULL || filmap == NULL || dirmap == NULL ||
798 		    nodmap == NULL || shamap == NULL || activemap == NULL) {
799 			msg(gettext(
800 	    "Internal error: NULL map pointer while re-dumping active files"));
801 			dumpabort();
802 			/*NOTREACHED*/
803 		}
804 		bzero(clrmap, msiz);
805 		bzero(filmap, msiz);
806 		bzero(dirmap, msiz);
807 		bzero(nodmap, msiz);
808 		bzero(shamap, msiz);
809 		/* retain active map */
810 	}
811 
812 	dumpstate = DS_INIT;
813 	dumptoarchive = 1;
814 
815 	/*
816 	 * Read cylinder group inode-used bitmaps to avoid reading clear inodes.
817 	 */
818 	{
819 		uchar_t *clrp = clrmap;
820 		struct cg *cgp =
821 		    (struct cg *)xcalloc((uint_t)sblock->fs_cgsize, 1);
822 
823 		for (i = 0; i < sblock->fs_ncg; i++) {
824 			bread(fsbtodb(sblock, cgtod(sblock, i)),
825 			    (uchar_t *)cgp, sblock->fs_cgsize);
826 			bcopy(cg_inosused(cgp), clrp,
827 			    (int)sblock->fs_ipg / NBBY);
828 			clrp += sblock->fs_ipg / NBBY;
829 		}
830 		free((char *)cgp);
831 		/* XXX right-shift clrmap one bit.  why? */
832 		for (i = 0; clrp > clrmap; i <<= NBBY) {
833 			i |= *--clrp & ((1<<NBBY) - 1);
834 			*clrp = i >> 1;
835 		}
836 	}
837 
838 	if (!printsize) {
839 		msgp = gettext("Mapping (Pass I) [regular files]\n");
840 		msg(msgp);
841 	}
842 
843 	ino = 0;
844 #ifdef PARTIAL
845 	if (partial_mark(argc, argv)) {
846 #endif /* PARTIAL */
847 		if (!doingactive)
848 			pass(mark, clrmap);	/* mark updates 'x'_esize */
849 		else
850 			pass(active_mark, clrmap);	/* updates 'x'_esize */
851 #ifdef PARTIAL
852 	}
853 #endif /* PARTIAL */
854 	do {
855 		if (!printsize) {
856 			msgp = gettext("Mapping (Pass II) [directories]\n");
857 			msg(msgp);
858 		}
859 		nadded = 0;
860 		ino = 0;
861 		pass(add, dirmap);
862 	} while (nadded);
863 
864 	ino = 0; /* adjust estimated size for shadow inodes */
865 	pass(markshad, nodmap);
866 	ino = 0;
867 	pass(estshad, shamap);
868 	freeshad();
869 
870 	bmapest(clrmap);
871 	bmapest(nodmap);
872 	esize = o_esize + f_esize;
873 	if (diskette) {
874 		/* estimate number of floppies */
875 		if (tsize != 0)
876 			fetapes = (double)(esize + ntrec) / (double)tsize;
877 	} else if (cartridge) {
878 		/*
879 		 * Estimate number of tapes, assuming streaming stops at
880 		 * the end of each block written, and not in mid-block.
881 		 * Assume no erroneous blocks; this can be compensated for
882 		 * with an artificially low tape size.
883 		 */
884 		tenthsperirg = 16;	/* actually 15.48, says Archive */
885 		if (tsize != 0)
886 			fetapes = ((double)esize /* blocks */
887 			    * (tp_bsize		/* bytes/block */
888 			    * (1.0/density))	/* 0.1" / byte */
889 			    +
890 			    (double)esize	/* blocks */
891 			    * (1.0/ntrec)	/* streaming-stops per block */
892 			    * tenthsperirg)	/* 0.1" / streaming-stop */
893 			    * (1.0 / tsize);	/* tape / 0.1" */
894 	} else {
895 		/* Estimate number of tapes, for old fashioned 9-track tape */
896 #ifdef sun
897 		/* sun has long irg's */
898 		tenthsperirg = (density == 625) ? 6 : 12;
899 #else
900 		tenthsperirg = (density == 625) ? 5 : 8;
901 #endif
902 		if (tsize != 0)
903 			fetapes = ((double)esize /* blocks */
904 			    * (tp_bsize		/* bytes / block */
905 			    * (1.0/density))	/* 0.1" / byte */
906 			    +
907 			    (double)esize	/* blocks */
908 			    * (1.0/ntrec)	/* IRG's / block */
909 			    * tenthsperirg)	/* 0.1" / IRG */
910 			    * (1.0 / tsize);	/* tape / 0.1" */
911 	}
912 
913 	etapes = fetapes;	/* truncating assignment */
914 	etapes++;
915 	/* count the nodemap on each additional tape */
916 	for (i = 1; i < etapes; i++)
917 		bmapest(nodmap);
918 	/*
919 	 * If the above bmapest is called, it changes o_esize and f_esize.
920 	 * So we will recalculate esize here anyway to make sure.
921 	 * Also, add tape headers and trailer records.
922 	 */
923 	esize = o_esize + f_esize + etapes + ntrec;
924 
925 	/*
926 	 * If the estimated number of tp_bsize tape blocks is greater than
927 	 * INT_MAX we have to adjust tp_bsize and ntrec to handle
928 	 * the larger dump.  esize is an estimate, so we 'fudge'
929 	 * INT_MAX a little.  If tp_bsize is adjusted, it will be adjusted
930 	 * to the size needed for this dump (2048, 4096, 8192, ...)
931 	 */
932 	if (esize > (INT_MAX - FUDGE_FACTOR)) { /* esize is too big */
933 		forceflag++;
934 		esize_shift =
935 		    ((esize + (INT_MAX - FUDGE_FACTOR) - 1)/
936 		    ((u_offset_t)(INT_MAX - FUDGE_FACTOR))) - 1;
937 		if ((esize_shift > ESIZE_SHIFT_MAX) || (ntrec == 0)) {
938 			msgp = gettext(
939 	"Block factor %d ('b' flag) is too small for this size dump.");
940 			msg(msgp, saved_ntrec);
941 			dumpabort();
942 			/*NOTREACHED*/
943 		}
944 		/*
945 		 * recalculate esize from:
946 		 * o_esize - header tape records
947 		 * (f_esize + (num_mult -1)) >> esize_shift - new non-header
948 		 *	tape records for files/maps
949 		 * etapes - TS_TAPE records
950 		 * ntrec - TS_END records
951 		 *
952 		 * ntrec is adjusted so a tape record is still 'b' flag
953 		 * number of DEV_BSIZE (512) in size
954 		 */
955 		new_mult = (tp_bsize << esize_shift)/tp_bsize;
956 		tp_bsize = (tp_bsize << esize_shift);
957 		esize = o_esize + ((f_esize +
958 		    (new_mult - 1)) >> esize_shift) + etapes + ntrec;
959 		ntrec = (saved_ntrec/(tp_bsize/DEV_BSIZE));
960 	}
961 	if (forceflag != 0) {
962 		msgp = gettext(
963 		    "Forcing larger tape block size (%d).\n");
964 		msg(msgp, tp_bsize);
965 	}
966 	alloctape();			/* allocate tape buffers */
967 
968 	assert((tp_bsize / DEV_BSIZE != 0) && (tp_bsize % DEV_BSIZE == 0));
969 	/*
970 	 * If all we wanted was the size estimate,
971 	 * just print it out and exit.
972 	 */
973 	if (printsize) {
974 		(void) printf("%llu\n", esize * tp_bsize);
975 		Exit(0);
976 	}
977 
978 	if (tsize != 0) {
979 		if (diskette)
980 			msgp = gettext(
981 			    "Estimated %lld blocks (%s) on %3.2f diskettes.\n");
982 		else
983 			msgp = gettext(
984 			    "Estimated %lld blocks (%s) on %3.2f tapes.\n");
985 
986 		msg(msgp,
987 		    (esize*(tp_bsize/DEV_BSIZE)), mb(esize), fetapes);
988 	} else {
989 		msgp = gettext("Estimated %lld blocks (%s).\n");
990 		msg(msgp, (esize*(tp_bsize/DEV_BSIZE)), mb(esize));
991 	}
992 
993 	dumpstate = DS_CLRI;
994 
995 	otape(1);			/* bitmap is the first to tape write */
996 	*telapsed = 0;
997 	(void) time(tstart_writing);
998 
999 	/* filmap indicates all non-directory inodes */
1000 	{
1001 		uchar_t *np, *fp, *dp;
1002 		np = nodmap;
1003 		dp = dirmap;
1004 		fp = filmap;
1005 		for (i = 0; i < msiz; i++)
1006 			*fp++ = *np++ ^ *dp++;
1007 	}
1008 
1009 	while (dumpstate != DS_DONE) {
1010 		/*
1011 		 * When we receive EOT notification from
1012 		 * the writer, the signal handler calls
1013 		 * rollforward and then jumps here.
1014 		 */
1015 		(void) setjmp(checkpoint_buf);
1016 		switch (dumpstate) {
1017 		case DS_INIT:
1018 			/*
1019 			 * We get here if a tape error occurred
1020 			 * after releasing the name lock but before
1021 			 * the volume containing the last of the
1022 			 * dir info was completed.  We have to start
1023 			 * all over in this case.
1024 			 */
1025 			{
1026 				char *rmsg = gettext(
1027 		"Warning - output error occurred after releasing name lock\n\
1028 \tThe dump will restart\n");
1029 				msg(rmsg);
1030 				goto restart;
1031 			}
1032 			/* NOTREACHED */
1033 		case DS_START:
1034 		case DS_CLRI:
1035 			ino = UFSROOTINO;
1036 			dumptoarchive = 1;
1037 			bitmap(clrmap, TS_CLRI);
1038 			nextstate(DS_BITS);
1039 			/* FALLTHROUGH */
1040 		case DS_BITS:
1041 			ino = UFSROOTINO;
1042 			dumptoarchive = 1;
1043 			if (BIT(UFSROOTINO, nodmap))	/* empty dump check */
1044 				bitmap(nodmap, TS_BITS);
1045 			nextstate(DS_DIRS);
1046 			if (!doingverify) {
1047 				msgp = gettext(
1048 					"Dumping (Pass III) [directories]\n");
1049 				msg(msgp);
1050 			}
1051 			/* FALLTHROUGH */
1052 		case DS_DIRS:
1053 			dumptoarchive = 1;
1054 			pass(dirdump, dirmap);
1055 			nextstate(DS_FILES);
1056 			if (!doingverify) {
1057 				msgp = gettext(
1058 					"Dumping (Pass IV) [regular files]\n");
1059 				msg(msgp);
1060 			}
1061 			/* FALLTHROUGH */
1062 		case DS_FILES:
1063 			dumptoarchive = 0;
1064 
1065 			pass(lf_dump, filmap);
1066 
1067 			flushcmds();
1068 			dumpstate = DS_END;	/* don't reset ino */
1069 			/* FALLTHROUGH */
1070 		case DS_END:
1071 			dumptoarchive = 1;
1072 			spcl.c_type = TS_END;
1073 			for (i = 0; i < ntrec; i++) {
1074 				spclrec();
1075 			}
1076 			flusht();
1077 			break;
1078 		case DS_DONE:
1079 			break;
1080 		default:
1081 			msg(gettext("Internal state error\n"));
1082 			dumpabort();
1083 			/*NOTREACHED*/
1084 		}
1085 	}
1086 
1087 	if ((! doingactive) && (! active))
1088 		trewind();
1089 	if (verify && !doingverify) {
1090 		msgp = gettext("Finished writing last dump volume\n");
1091 		msg(msgp);
1092 		Exit(X_VERIFY);
1093 	}
1094 	if (spcl.c_volume > 1)
1095 		(void) snprintf(msgbuf, sizeof (msgbuf),
1096 		    gettext("%lld blocks (%s) on %ld volumes"),
1097 		    ((uint64_t)spcl.c_tapea*(tp_bsize/DEV_BSIZE)),
1098 		    mb((u_offset_t)(unsigned)(spcl.c_tapea)),
1099 		    spcl.c_volume);
1100 	else
1101 		(void) snprintf(msgbuf, sizeof (msgbuf),
1102 		    gettext("%lld blocks (%s) on 1 volume"),
1103 		    ((uint64_t)spcl.c_tapea*(tp_bsize/DEV_BSIZE)),
1104 		    mb((u_offset_t)(unsigned)(spcl.c_tapea)));
1105 	if (timeclock((time_t)0) != (time_t)0) {
1106 		(void) snprintf(kbsbuf, sizeof (kbsbuf),
1107 		    gettext(" at %ld KB/sec"),
1108 		    (long)(((float)spcl.c_tapea / (float)timeclock((time_t)0))
1109 			* 1000.0));
1110 		(void) strcat(msgbuf, kbsbuf);
1111 	}
1112 	(void) strcat(msgbuf, "\n");
1113 	msg(msgbuf);
1114 	(void) timeclock((time_t)-1);
1115 
1116 	if (archive)
1117 		msg(gettext("Archiving dump to `%s'\n"), archivefile);
1118 	if (active && !verify) {
1119 		nextstate(DS_INIT);
1120 		activepass();
1121 		goto restart;
1122 	}
1123 	msgp = gettext("DUMP IS DONE\n");
1124 	msg(msgp);
1125 	broadcast(msgp);
1126 	if (! doingactive)
1127 		putitime();
1128 	Exit(X_FINOK);
1129 #ifdef lint
1130 	return (0);
1131 #endif
1132 }
1133 
1134 void
1135 sigAbort(sig)
1136 	int	sig;
1137 {
1138 	char	*sigtype;
1139 
1140 	switch (sig) {
1141 	case SIGHUP:
1142 		sigtype = "SIGHUP";
1143 		break;
1144 	case SIGTRAP:
1145 		sigtype = "SIGTRAP";
1146 		break;
1147 	case SIGFPE:
1148 		sigtype = "SIGFPE";
1149 		break;
1150 	case SIGBUS:
1151 		msg(gettext("%s  ABORTING!\n"), "SIGBUS()");
1152 		(void) signal(SIGUSR2, SIG_DFL);
1153 		abort();
1154 		/*NOTREACHED*/
1155 	case SIGSEGV:
1156 		msg(gettext("%s  ABORTING!\n"), "SIGSEGV()");
1157 		(void) signal(SIGUSR2, SIG_DFL);
1158 		abort();
1159 		/*NOTREACHED*/
1160 	case SIGALRM:
1161 		sigtype = "SIGALRM";
1162 		break;
1163 	case SIGTERM:
1164 		sigtype = "SIGTERM";
1165 		break;
1166 	case SIGPIPE:
1167 		msg(gettext("Broken pipe\n"));
1168 		dumpabort();
1169 		/*NOTREACHED*/
1170 	default:
1171 		sigtype = "SIGNAL";
1172 		break;
1173 	}
1174 	msg(gettext("%s()  try rewriting\n"), sigtype);
1175 	if (pipeout) {
1176 		msg(gettext("Unknown signal, Cannot recover\n"));
1177 		dumpabort();
1178 		/*NOTREACHED*/
1179 	}
1180 	msg(gettext("Rewriting attempted as response to unknown signal.\n"));
1181 	(void) fflush(stderr);
1182 	(void) fflush(stdout);
1183 	close_rewind();
1184 	Exit(X_REWRITE);
1185 }
1186 
1187 /* Note that returned value is malloc'd if != cp && != NULL */
1188 char *
1189 rawname(cp)
1190 	char *cp;
1191 {
1192 	struct stat64 st;
1193 	char *dp;
1194 	extern char *getfullrawname();
1195 
1196 	if (stat64(cp, &st) < 0 || (st.st_mode & S_IFMT) != S_IFBLK)
1197 		return (cp);
1198 
1199 	dp = getfullrawname(cp);
1200 	if (dp == 0)
1201 		return (0);
1202 	if (*dp == '\0') {
1203 		free(dp);
1204 		return (0);
1205 	}
1206 
1207 	if (stat64(dp, &st) < 0 || (st.st_mode & S_IFMT) != S_IFCHR) {
1208 		free(dp);
1209 		return (cp);
1210 	}
1211 
1212 	return (dp);
1213 }
1214 
1215 static char *
1216 mb(blks)
1217 	u_offset_t blks;
1218 {
1219 	static char buf[16];
1220 
1221 	if (blks < 1024)
1222 		(void) snprintf(buf, sizeof (buf), "%lldKB", blks);
1223 	else
1224 		(void) snprintf(buf, sizeof (buf), "%.2fMB",
1225 		    ((double)(blks*tp_bsize)) / (double)(1024*1024));
1226 	return (buf);
1227 }
1228 
1229 #ifdef signal
1230 void (*nsignal(sig, act))(int)
1231 	int	sig;
1232 	void	(*act)(int);
1233 {
1234 	struct sigaction sa, osa;
1235 
1236 	sa.sa_handler = act;
1237 	(void) sigemptyset(&sa.sa_mask);
1238 	sa.sa_flags = SA_RESTART;
1239 	if (sigaction(sig, &sa, &osa) < 0)
1240 		return ((void (*)(int))-1);
1241 	return (osa.sa_handler);
1242 }
1243 #endif
1244 
1245 static void
1246 nextstate(state)
1247 	int	state;
1248 {
1249 	/* LINTED assigned value never used - kept for documentary purposes */
1250 	dumpstate = state;
1251 	/* LINTED assigned value never used - kept for documentary purposes */
1252 	ino = 0;
1253 	/* LINTED assigned value never used - kept for documentary purposes */
1254 	pos = 0;
1255 	leftover = 0;
1256 }
1257 
1258 /*
1259  * timeclock() function, for keeping track of how much time we've spent
1260  * writing to the tape device.  it always returns the amount of time
1261  * already spent, in milliseconds.  if you pass it a positive, then that's
1262  * telling it that we're writing, so the time counts.  if you pass it a
1263  * zero, then that's telling it we're not writing; perhaps we're waiting
1264  * for user input.
1265  *
1266  * a state of -1 resets everything.
1267  */
1268 time32_t
1269 timeclock(state)
1270 	time32_t state;
1271 {
1272 	static int *currentState = NULL;
1273 	static struct timeval *clockstart;
1274 	static time32_t *emilli;
1275 
1276 	struct timeval current[1];
1277 	int fd, saverr;
1278 
1279 #ifdef DEBUG
1280 	fprintf(stderr, "pid=%d timeclock ", getpid());
1281 	if (state == (time32_t)-1)
1282 		fprintf(stderr, "cleared\n");
1283 	else if (state > 0)
1284 		fprintf(stderr, "ticking\n");
1285 	else
1286 		fprintf(stderr, "paused\n");
1287 #endif /* DEBUG */
1288 
1289 	/* if we haven't setup the shared memory, init */
1290 	if (currentState == (int *)NULL) {
1291 		if ((fd = open("/dev/zero", O_RDWR)) < 0) {
1292 			saverr = errno;
1293 			msg(gettext("Cannot open `%s': %s\n"),
1294 				"/dev/zero", strerror(saverr));
1295 			dumpabort();
1296 			/*NOTREACHED*/
1297 		}
1298 		/*LINTED [mmap always returns an aligned value]*/
1299 		currentState = (int *)mmap((char *)0, getpagesize(),
1300 			PROT_READ|PROT_WRITE, MAP_SHARED, fd, (off_t)0);
1301 		if (currentState == (int *)-1) {
1302 			saverr = errno;
1303 			msg(gettext(
1304 				"Cannot memory map monitor variables: %s\n"),
1305 				strerror(saverr));
1306 			dumpabort();
1307 			/*NOTREACHED*/
1308 		}
1309 		(void) close(fd);
1310 
1311 		/* LINTED currentState is sufficiently aligned */
1312 		clockstart = (struct timeval *)(currentState + 1);
1313 		emilli = (time32_t *)(clockstart + 1);
1314 		/* Note everything is initialized to zero via /dev/zero */
1315 	}
1316 
1317 	if (state == (time32_t)-1) {
1318 		bzero(clockstart, sizeof (*clockstart));
1319 		*currentState = 0;
1320 		*emilli = (time32_t)0;
1321 		return (0);
1322 	}
1323 
1324 	(void) gettimeofday(current, NULL);
1325 
1326 	if (*currentState != 0) {
1327 		current->tv_usec += 1000000;
1328 		current->tv_sec--;
1329 
1330 		/* LINTED: result will fit in a time32_t */
1331 		*emilli += (current->tv_sec - clockstart->tv_sec) * 1000;
1332 		/* LINTED: result will fit in a time32_t */
1333 		*emilli += (current->tv_usec - clockstart->tv_usec) / 1000;
1334 	}
1335 
1336 	if (state != 0)
1337 		bcopy(current, clockstart, sizeof (current));
1338 
1339 	*currentState = state;
1340 
1341 	return (*emilli);
1342 }
1343 
1344 static int
1345 statcmp(const struct stat64 *left, const struct stat64 *right)
1346 {
1347 	int result = 1;
1348 
1349 	if ((left->st_dev == right->st_dev) &&
1350 	    (left->st_ino == right->st_ino) &&
1351 	    (left->st_mode == right->st_mode) &&
1352 	    (left->st_nlink == right->st_nlink) &&
1353 	    (left->st_uid == right->st_uid) &&
1354 	    (left->st_gid == right->st_gid) &&
1355 	    (left->st_rdev == right->st_rdev) &&
1356 	    (left->st_ctim.tv_sec == right->st_ctim.tv_sec) &&
1357 	    (left->st_ctim.tv_nsec == right->st_ctim.tv_nsec) &&
1358 	    (left->st_mtim.tv_sec == right->st_mtim.tv_sec) &&
1359 	    (left->st_mtim.tv_nsec == right->st_mtim.tv_nsec) &&
1360 	    (left->st_blksize == right->st_blksize) &&
1361 	    (left->st_blocks == right->st_blocks)) {
1362 		result = 0;
1363 	}
1364 
1365 	return (result);
1366 }
1367 
1368 /*
1369  * Safely open a file or device.
1370  */
1371 static int
1372 safe_open_common(const char *filename, int mode, int perms, int device)
1373 {
1374 	int fd;
1375 	int working_mode;
1376 	int saverr;
1377 	char *errtext;
1378 	struct stat64 pre_stat, pre_lstat;
1379 	struct stat64 post_stat, post_lstat;
1380 
1381 	/*
1382 	 * Don't want to be spoofed into trashing something we
1383 	 * shouldn't, thus the following rigamarole.  If it doesn't
1384 	 * exist, we create it and proceed.  Otherwise, require that
1385 	 * what's there be a real file with no extraneous links and
1386 	 * owned by whoever ran us.
1387 	 *
1388 	 * The silliness with using both lstat() and fstat() is to avoid
1389 	 * race-condition games with someone replacing the file with a
1390 	 * symlink after we've opened it.  If there was an flstat(),
1391 	 * we wouldn't need the fstat().
1392 	 *
1393 	 * The initial open with the hard-coded flags is ok even if we
1394 	 * are intending to open only for reading.  If it succeeds,
1395 	 * then the file did not exist, and we'll synthesize an appropriate
1396 	 * complaint below.  Otherwise, it does exist, so we won't be
1397 	 * truncating it with the open.
1398 	 */
1399 	if ((fd = open(filename, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL|O_LARGEFILE,
1400 	    perms)) < 0) {
1401 		if (errno == EEXIST) {
1402 			if (lstat64(filename, &pre_lstat) < 0) {
1403 				return (-1);
1404 			}
1405 
1406 			if (stat64(filename, &pre_stat) < 0) {
1407 				return (-1);
1408 			}
1409 
1410 			working_mode = mode & (O_WRONLY|O_RDWR|O_RDONLY);
1411 			working_mode |= O_LARGEFILE;
1412 			if ((fd = open(filename, working_mode)) < 0) {
1413 				if (errno == ENOENT) {
1414 					errtext = gettext(
1415 "Unexpected condition detected: %s used to exist, but doesn't any longer\n");
1416 					msg(errtext, filename);
1417 					syslog(LOG_WARNING, errtext, filename);
1418 					errno = ENOENT;
1419 				}
1420 				return (-1);
1421 			}
1422 
1423 			if (lstat64(filename, &post_lstat) < 0) {
1424 				saverr = errno;
1425 				(void) close(fd);
1426 				errno = saverr;
1427 				return (-1);
1428 			}
1429 
1430 			if (fstat64(fd, &post_stat) < 0) {
1431 				saverr = errno;
1432 				(void) close(fd);
1433 				errno = saverr;
1434 				return (-1);
1435 			}
1436 
1437 			/*
1438 			 * Can't just use memcmp(3C), because the access
1439 			 * time is updated by open(2).
1440 			 */
1441 			if (statcmp(&pre_lstat, &post_lstat) != 0) {
1442 				errtext = gettext(
1443 	    "Unexpected change detected: %s's lstat(2) information changed\n");
1444 				msg(errtext, filename);
1445 				syslog(LOG_WARNING, errtext, filename);
1446 				errno = EPERM;
1447 				return (-1);
1448 			}
1449 
1450 			if (statcmp(&pre_stat, &post_stat) != 0) {
1451 				errtext = gettext(
1452 	    "Unexpected change detected: %s's stat(2) information changed\n"),
1453 				msg(errtext, filename);
1454 				syslog(LOG_WARNING, errtext, filename);
1455 				errno = EPERM;
1456 				return (-1);
1457 			}
1458 
1459 			/*
1460 			 * If inode, device, or type are wrong, bail out.
1461 			 * Note using post_stat instead of post_lstat for the
1462 			 * S_ISCHR() test.  This is to allow the /dev ->
1463 			 * /devices bit to work, as long as the final target
1464 			 * is a character device (i.e., raw disk or tape).
1465 			 */
1466 			if (device && !(S_ISCHR(post_stat.st_mode)) &&
1467 			    !(S_ISFIFO(post_stat.st_mode)) &&
1468 			    !(S_ISREG(post_lstat.st_mode))) {
1469 				errtext = gettext(
1470 	    "Unexpected condition detected: %s is not a supported device\n"),
1471 				msg(errtext, filename);
1472 				syslog(LOG_WARNING, errtext, filename);
1473 				(void) close(fd);
1474 				errno = EPERM;
1475 				return (-1);
1476 			} else if (!device &&
1477 			    (!S_ISREG(post_lstat.st_mode) ||
1478 			    (post_stat.st_ino != post_lstat.st_ino) ||
1479 			    (post_stat.st_dev != post_lstat.st_dev))) {
1480 				errtext = gettext(
1481 	    "Unexpected condition detected: %s is not a regular file\n"),
1482 				msg(errtext, filename);
1483 				syslog(LOG_WARNING, errtext, filename);
1484 				(void) close(fd);
1485 				errno = EPERM;
1486 				return (-1);
1487 			}
1488 
1489 			/*
1490 			 * Bad link count implies someone's linked our
1491 			 * target to something else, which we probably
1492 			 * shouldn't step on.
1493 			 */
1494 			if (post_lstat.st_nlink != 1) {
1495 				errtext = gettext(
1496 	    "Unexpected condition detected: %s must have exactly one link\n"),
1497 				msg(errtext, filename);
1498 				syslog(LOG_WARNING, errtext, filename);
1499 				(void) close(fd);
1500 				errno = EPERM;
1501 				return (-1);
1502 			}
1503 			/*
1504 			 * Root might make a file, but non-root might
1505 			 * need to open it.  If the permissions let us
1506 			 * get this far, then let it through.
1507 			 */
1508 			if (post_lstat.st_uid != getuid() &&
1509 			    post_lstat.st_uid != 0) {
1510 				errtext = gettext(
1511 "Unsupported condition detected: %s must be owned by uid %ld or 0\n"),
1512 				msg(errtext, filename, (long)getuid());
1513 				syslog(LOG_WARNING, errtext, filename,
1514 				    (long)getuid());
1515 				(void) close(fd);
1516 				errno = EPERM;
1517 				return (-1);
1518 			}
1519 			if (mode & O_TRUNC) {
1520 				if (ftruncate(fd, (off_t)0) < 0) {
1521 					msg("ftruncate(%s): %s\n",
1522 					    filename, strerror(errno));
1523 					(void) close(fd);
1524 					return (-1);
1525 				}
1526 			}
1527 		} else {
1528 			/*
1529 			 * Didn't exist, but couldn't open it.
1530 			 */
1531 			return (-1);
1532 		}
1533 	} else {
1534 		/*
1535 		 * If truncating open succeeded for a read-only open,
1536 		 * bail out, as we really shouldn't have succeeded.
1537 		 */
1538 		if (mode & O_RDONLY) {
1539 			/* Undo the O_CREAT */
1540 			(void) unlink(filename);
1541 			msg("open(%s): %s\n",
1542 			    filename, strerror(ENOENT));
1543 			(void) close(fd);
1544 			errno = ENOENT;
1545 			return (-1);
1546 		}
1547 	}
1548 
1549 	return (fd);
1550 }
1551 
1552 /*
1553  * Safely open a file.
1554  */
1555 int
1556 safe_file_open(const char *filename, int mode, int perms)
1557 {
1558 	return (safe_open_common(filename, mode, perms, 0));
1559 }
1560 
1561 /*
1562  * Safely open a device.
1563  */
1564 int
1565 safe_device_open(const char *filename, int mode, int perms)
1566 {
1567 	return (safe_open_common(filename, mode, perms, 1));
1568 }
1569 
1570 /*
1571  * STDIO version of safe_open
1572  */
1573 FILE *
1574 safe_fopen(const char *filename, const char *smode, int perms)
1575 {
1576 	int fd;
1577 	int bmode;
1578 
1579 	/*
1580 	 * accepts only modes  "r", "r+", and "w"
1581 	 */
1582 	if (smode[0] == 'r') {
1583 		if (smode[1] == '\0') {
1584 			bmode = O_RDONLY;
1585 		} else if ((smode[1] == '+') && (smode[2] == '\0')) {
1586 			bmode = O_RDWR;
1587 		}
1588 	} else if ((smode[0] == 'w') && (smode[1] == '\0')) {
1589 		bmode = O_WRONLY;
1590 	} else {
1591 		msg(gettext("internal error: safe_fopen: invalid mode `%s'\n"),
1592 		    smode);
1593 		return (NULL);
1594 	}
1595 
1596 	fd = safe_file_open(filename, bmode, perms);
1597 
1598 	/*
1599 	 * caller is expected to report error.
1600 	 */
1601 	if (fd >= 0)
1602 	    return (fdopen(fd, smode));
1603 
1604 	return ((FILE *)NULL);
1605 }
1606 
1607 void
1608 child_chdir(void)
1609 {
1610 	char name[MAXPATHLEN];
1611 
1612 	if (debug_chdir != NULL) {
1613 		snprintf(name, sizeof (name), "%s/%ld",
1614 		    debug_chdir, (long)getpid());
1615 		if (mkdir(name, 0755) < 0)
1616 			msg("mkdir(%s): %s", name, strerror(errno));
1617 		if (chdir(name) < 0)
1618 			msg("chdir(%s): %s", name, strerror(errno));
1619 	}
1620 }
1621