2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1982, 1986, 1989, 1993
5 * The Regents of the University of California. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 #include <sys/param.h>
33 #include <sys/endian.h>
34 #include <sys/limits.h>
41 #include <sys/errno.h>
42 #include <ufs/ufs/dinode.h>
43 #include <ufs/ffs/fs.h>
45 uint32_t calculate_crc32c(uint32_t, const void *, size_t);
46 uint32_t ffs_calc_sbhash(struct fs *);
48 #define UFS_MALLOC(size, type, flags) malloc(size)
49 #define UFS_FREE(ptr, type) free(ptr)
50 #define maxphys MAXPHYS
53 #include <sys/systm.h>
54 #include <sys/gsb_crc32.h>
56 #include <sys/malloc.h>
57 #include <sys/mount.h>
58 #include <sys/vnode.h>
61 #include <sys/ucred.h>
63 #include <ufs/ufs/quota.h>
64 #include <ufs/ufs/inode.h>
65 #include <ufs/ufs/extattr.h>
66 #include <ufs/ufs/ufsmount.h>
67 #include <ufs/ufs/ufs_extern.h>
68 #include <ufs/ffs/ffs_extern.h>
69 #include <ufs/ffs/fs.h>
71 #define UFS_MALLOC(size, type, flags) malloc(size, type, flags)
72 #define UFS_FREE(ptr, type) free(ptr, type)
77 * Verify an inode check-hash.
80 ffs_verify_dinode_ckhash(struct fs *fs, struct ufs2_dinode *dip)
82 uint32_t ckhash, save_ckhash;
85 * Return success if unallocated or we are not doing inode check-hash.
87 if (dip->di_mode == 0 || (fs->fs_metackhash & CK_INODE) == 0)
90 * Exclude di_ckhash from the crc32 calculation, e.g., always use
91 * a check-hash value of zero when calculating the check-hash.
93 save_ckhash = dip->di_ckhash;
95 ckhash = calculate_crc32c(~0L, (void *)dip, sizeof(*dip));
96 dip->di_ckhash = save_ckhash;
97 if (save_ckhash == ckhash)
103 * Update an inode check-hash.
106 ffs_update_dinode_ckhash(struct fs *fs, struct ufs2_dinode *dip)
109 if (dip->di_mode == 0 || (fs->fs_metackhash & CK_INODE) == 0)
112 * Exclude old di_ckhash from the crc32 calculation, e.g., always use
113 * a check-hash value of zero when calculating the new check-hash.
116 dip->di_ckhash = calculate_crc32c(~0L, (void *)dip, sizeof(*dip));
120 * These are the low-level functions that actually read and write
121 * the superblock and its associated data.
123 static off_t sblock_try[] = SBLOCKSEARCH;
124 static int readsuper(void *, struct fs **, off_t, int,
125 int (*)(void *, off_t, void **, int));
126 static int validate_sblock(struct fs *, int);
129 * Read a superblock from the devfd device.
131 * If an alternate superblock is specified, it is read. Otherwise the
132 * set of locations given in the SBLOCKSEARCH list is searched for a
133 * superblock. Memory is allocated for the superblock by the readfunc and
134 * is returned. If filltype is non-NULL, additional memory is allocated
135 * of type filltype and filled in with the superblock summary information.
136 * All memory is freed when any error is returned.
138 * If a superblock is found, zero is returned. Otherwise one of the
139 * following error values is returned:
140 * EIO: non-existent or truncated superblock.
141 * EIO: error reading summary information.
142 * ENOENT: no usable known superblock found.
143 * EILSEQ: filesystem with wrong byte order found.
144 * ENOMEM: failed to allocate space for the superblock.
145 * EINVAL: The previous newfs operation on this volume did not complete.
146 * The administrator must complete newfs before using this volume.
149 ffs_sbget(void *devfd, struct fs **fsp, off_t sblock, int flags,
150 struct malloc_type *filltype,
151 int (*readfunc)(void *devfd, off_t loc, void **bufp, int size))
154 struct fs_summary_info *fs_si;
163 if (sblock != UFS_STDSB) {
164 if ((error = readsuper(devfd, &fs, sblock,
165 flags | UFS_ALTSBLK, readfunc)) != 0) {
167 UFS_FREE(fs, filltype);
171 for (i = 0; sblock_try[i] != -1; i++) {
172 if ((error = readsuper(devfd, &fs, sblock_try[i],
173 flags, readfunc)) == 0) {
174 if ((flags & UFS_NOCSUM) != 0) {
181 UFS_FREE(fs, filltype);
188 if (sblock_try[i] == -1)
192 * Read in the superblock summary information.
194 size = fs->fs_cssize;
195 blks = howmany(size, fs->fs_fsize);
196 if (fs->fs_contigsumsize > 0)
197 size += fs->fs_ncg * sizeof(int32_t);
198 size += fs->fs_ncg * sizeof(uint8_t);
199 if ((fs_si = UFS_MALLOC(sizeof(*fs_si), filltype, M_NOWAIT)) == NULL) {
200 UFS_FREE(fs, filltype);
203 bzero(fs_si, sizeof(*fs_si));
205 if ((space = UFS_MALLOC(size, filltype, M_NOWAIT)) == NULL) {
206 UFS_FREE(fs->fs_si, filltype);
207 UFS_FREE(fs, filltype);
210 fs->fs_csp = (struct csum *)space;
211 for (i = 0; i < blks; i += fs->fs_frag) {
213 if (i + fs->fs_frag > blks)
214 size = (blks - i) * fs->fs_fsize;
216 error = (*readfunc)(devfd,
217 dbtob(fsbtodb(fs, fs->fs_csaddr + i)), (void **)&buf, size);
220 UFS_FREE(buf, filltype);
221 UFS_FREE(fs->fs_csp, filltype);
222 UFS_FREE(fs->fs_si, filltype);
223 UFS_FREE(fs, filltype);
226 memcpy(space, buf, size);
227 UFS_FREE(buf, filltype);
230 if (fs->fs_contigsumsize > 0) {
231 fs->fs_maxcluster = lp = (int32_t *)space;
232 for (i = 0; i < fs->fs_ncg; i++)
233 *lp++ = fs->fs_contigsumsize;
234 space = (uint8_t *)lp;
236 size = fs->fs_ncg * sizeof(uint8_t);
237 fs->fs_contigdirs = (uint8_t *)space;
238 bzero(fs->fs_contigdirs, size);
244 * Try to read a superblock from the location specified by sblockloc.
245 * Return zero on success or an errno on failure.
248 readsuper(void *devfd, struct fs **fsp, off_t sblockloc, int flags,
249 int (*readfunc)(void *devfd, off_t loc, void **bufp, int size))
255 error = (*readfunc)(devfd, sblockloc, (void **)fsp, SBLOCKSIZE);
259 if (fs->fs_magic == FS_BAD_MAGIC)
262 * For UFS1 with a 65536 block size, the first backup superblock
263 * is at the same location as the UFS2 superblock. Since SBLOCK_UFS2
264 * is the first location checked, the first backup is the superblock
265 * that will be accessed. Here we fail the lookup so that we can
266 * retry with the correct location for the UFS1 superblock.
268 if (fs->fs_magic == FS_UFS1_MAGIC && (flags & UFS_ALTSBLK) == 0 &&
269 fs->fs_bsize == SBLOCK_UFS2 && sblockloc == SBLOCK_UFS2)
271 if ((error = validate_sblock(fs, flags)) > 0)
274 * If the filesystem has been run on a kernel without
275 * metadata check hashes, disable them.
277 if ((fs->fs_flags & FS_METACKHASH) == 0)
278 fs->fs_metackhash = 0;
280 * Clear any check-hashes that are not maintained
281 * by this kernel. Also clear any unsupported flags.
283 fs->fs_metackhash &= CK_SUPPORTED;
284 fs->fs_flags &= FS_SUPPORTED;
285 if (fs->fs_ckhash != (ckhash = ffs_calc_sbhash(fs))) {
286 if ((flags & (UFS_NOMSG | UFS_NOHASHFAIL)) ==
287 (UFS_NOMSG | UFS_NOHASHFAIL))
289 if ((flags & UFS_NOMSG) != 0)
292 res = uprintf("Superblock check-hash failed: recorded "
293 "check-hash 0x%x != computed check-hash 0x%x%s\n",
294 fs->fs_ckhash, ckhash,
295 (flags & UFS_NOHASHFAIL) != 0 ? " (Ignored)" : "");
300 * Print check-hash failure if no controlling terminal
301 * in kernel or always if in user-mode (libufs).
304 printf("Superblock check-hash failed: recorded "
305 "check-hash 0x%x != computed check-hash "
306 "0x%x%s\n", fs->fs_ckhash, ckhash,
307 (flags & UFS_NOHASHFAIL) ? " (Ignored)" : "");
308 if ((flags & UFS_NOHASHFAIL) != 0)
312 /* Have to set for old filesystems that predate this field */
313 fs->fs_sblockactualloc = sblockloc;
314 /* Not yet any summary information */
320 * Verify the filesystem values.
322 #define ILOG2(num) (fls(num) - 1)
323 #ifdef STANDALONE_SMALL
324 #define MPRINT(...) do { } while (0)
326 #define MPRINT(...) if (prtmsg) printf(__VA_ARGS__)
328 #define FCHK(lhs, op, rhs, fmt) \
330 MPRINT("UFS%d superblock failed: %s (" #fmt ") %s %s (" \
331 #fmt ")\n", fs->fs_magic == FS_UFS1_MAGIC ? 1 : 2, \
332 #lhs, (intmax_t)lhs, #op, #rhs, (intmax_t)rhs); \
338 #define WCHK(lhs, op, rhs, fmt) \
340 MPRINT("UFS%d superblock failed: %s (" #fmt ") %s %s (" \
341 #fmt ")%s\n", fs->fs_magic == FS_UFS1_MAGIC ? 1 : 2,\
342 #lhs, (intmax_t)lhs, #op, #rhs, (intmax_t)rhs, wmsg);\
348 #define FCHK2(lhs1, op1, rhs1, lhs2, op2, rhs2, fmt) \
349 if (lhs1 op1 rhs1 && lhs2 op2 rhs2) { \
350 MPRINT("UFS%d superblock failed: %s (" #fmt ") %s %s (" \
351 #fmt ") && %s (" #fmt ") %s %s (" #fmt ")\n", \
352 fs->fs_magic == FS_UFS1_MAGIC ? 1 : 2, #lhs1, \
353 (intmax_t)lhs1, #op1, #rhs1, (intmax_t)rhs1, #lhs2, \
354 (intmax_t)lhs2, #op2, #rhs2, (intmax_t)rhs2); \
362 validate_sblock(struct fs *fs, int flags)
364 uint64_t i, sectorsize;
365 uint64_t maxfilesize, sizepb;
366 int error, prtmsg, warnerr;
370 sectorsize = dbtob(1);
371 prtmsg = ((flags & UFS_NOMSG) == 0);
372 warnerr = (flags & UFS_NOWARNFAIL) == UFS_NOWARNFAIL ? 0 : ENOENT;
373 wmsg = warnerr ? "" : " (Ignored)";
375 * Check for endian mismatch between machine and filesystem.
377 if (((fs->fs_magic != FS_UFS2_MAGIC) &&
378 (bswap32(fs->fs_magic) == FS_UFS2_MAGIC)) ||
379 ((fs->fs_magic != FS_UFS1_MAGIC) &&
380 (bswap32(fs->fs_magic) == FS_UFS1_MAGIC))) {
381 MPRINT("UFS superblock failed due to endian mismatch "
382 "between machine and filesystem\n");
386 * If just validating for recovery, then do just the minimal
387 * checks needed for the superblock fields needed to find
388 * alternate superblocks.
390 if ((flags & UFS_FSRONLY) == UFS_FSRONLY &&
391 (fs->fs_magic == FS_UFS1_MAGIC || fs->fs_magic == FS_UFS2_MAGIC)) {
392 error = -1; /* fail on first error */
393 if (fs->fs_magic == FS_UFS2_MAGIC) {
394 FCHK(fs->fs_sblockloc, !=, SBLOCK_UFS2, %#jx);
395 } else if (fs->fs_magic == FS_UFS1_MAGIC) {
396 FCHK(fs->fs_sblockloc, <, 0, %jd);
397 FCHK(fs->fs_sblockloc, >, SBLOCK_UFS1, %jd);
398 FCHK(fs->fs_old_ncyl, !=, fs->fs_ncg, %jd);
400 FCHK(fs->fs_frag, <, 1, %jd);
401 FCHK(fs->fs_frag, >, MAXFRAG, %jd);
402 FCHK(fs->fs_bsize, <, MINBSIZE, %jd);
403 FCHK(fs->fs_bsize, >, MAXBSIZE, %jd);
404 FCHK(fs->fs_bsize, <, roundup(sizeof(struct fs), DEV_BSIZE),
406 FCHK(fs->fs_fsize, <, sectorsize, %jd);
407 FCHK(fs->fs_fsize * fs->fs_frag, !=, fs->fs_bsize, %jd);
408 FCHK(powerof2(fs->fs_fsize), ==, 0, %jd);
409 FCHK(fs->fs_sbsize, >, SBLOCKSIZE, %jd);
410 FCHK(fs->fs_sbsize, <, (signed)sizeof(struct fs), %jd);
411 FCHK(fs->fs_sbsize % sectorsize, !=, 0, %jd);
412 FCHK(fs->fs_fpg, <, 3 * fs->fs_frag, %jd);
413 FCHK(fs->fs_ncg, <, 1, %jd);
414 FCHK(fs->fs_fsbtodb, !=, ILOG2(fs->fs_fsize / sectorsize), %jd);
415 FCHK(fs->fs_old_cgoffset, <, 0, %jd);
416 FCHK2(fs->fs_old_cgoffset, >, 0, ~fs->fs_old_cgmask, <, 0, %jd);
417 FCHK(fs->fs_old_cgoffset * (~fs->fs_old_cgmask), >, fs->fs_fpg,
419 FCHK(fs->fs_sblkno, !=, roundup(
420 howmany(fs->fs_sblockloc + SBLOCKSIZE, fs->fs_fsize),
422 FCHK(CGSIZE(fs), >, fs->fs_bsize, %jd);
423 /* Only need to validate these if reading in csum data */
424 if ((flags & UFS_NOCSUM) != 0)
426 FCHK((uint64_t)fs->fs_ipg * fs->fs_ncg, >,
427 (((int64_t)(1)) << 32) - INOPB(fs), %jd);
428 FCHK(fs->fs_cstotal.cs_nifree, <, 0, %jd);
429 FCHK(fs->fs_cstotal.cs_nifree, >,
430 (uint64_t)fs->fs_ipg * fs->fs_ncg, %jd);
431 FCHK(fs->fs_cstotal.cs_ndir, >,
432 ((uint64_t)fs->fs_ipg * fs->fs_ncg) -
433 fs->fs_cstotal.cs_nifree, %jd);
434 FCHK(fs->fs_size, <, 8 * fs->fs_frag, %jd);
435 FCHK(fs->fs_size, <=, ((int64_t)fs->fs_ncg - 1) * fs->fs_fpg,
437 FCHK(fs->fs_size, >, (int64_t)fs->fs_ncg * fs->fs_fpg, %jd);
438 FCHK(fs->fs_csaddr, <, 0, %jd);
439 FCHK(fs->fs_cssize, !=,
440 fragroundup(fs, fs->fs_ncg * sizeof(struct csum)), %jd);
441 FCHK(fs->fs_csaddr + howmany(fs->fs_cssize, fs->fs_fsize), >,
443 FCHK(fs->fs_csaddr, <, cgdmin(fs, dtog(fs, fs->fs_csaddr)),
445 FCHK(dtog(fs, fs->fs_csaddr + howmany(fs->fs_cssize,
446 fs->fs_fsize)), >, dtog(fs, fs->fs_csaddr), %jd);
449 if (fs->fs_magic == FS_UFS2_MAGIC) {
450 if ((flags & UFS_ALTSBLK) == 0)
451 FCHK2(fs->fs_sblockactualloc, !=, SBLOCK_UFS2,
452 fs->fs_sblockactualloc, !=, 0, %jd);
453 FCHK(fs->fs_sblockloc, !=, SBLOCK_UFS2, %#jx);
454 FCHK(fs->fs_maxsymlinklen, !=, ((UFS_NDADDR + UFS_NIADDR) *
455 sizeof(ufs2_daddr_t)), %jd);
456 FCHK(fs->fs_nindir, !=, fs->fs_bsize / sizeof(ufs2_daddr_t),
458 FCHK(fs->fs_inopb, !=,
459 fs->fs_bsize / sizeof(struct ufs2_dinode), %jd);
460 } else if (fs->fs_magic == FS_UFS1_MAGIC) {
461 if ((flags & UFS_ALTSBLK) == 0)
462 FCHK(fs->fs_sblockactualloc, >, SBLOCK_UFS1, %jd);
463 FCHK(fs->fs_sblockloc, <, 0, %jd);
464 FCHK(fs->fs_sblockloc, >, SBLOCK_UFS1, %jd);
465 FCHK(fs->fs_nindir, !=, fs->fs_bsize / sizeof(ufs1_daddr_t),
467 FCHK(fs->fs_inopb, !=,
468 fs->fs_bsize / sizeof(struct ufs1_dinode), %jd);
469 FCHK(fs->fs_maxsymlinklen, !=, ((UFS_NDADDR + UFS_NIADDR) *
470 sizeof(ufs1_daddr_t)), %jd);
471 WCHK(fs->fs_old_inodefmt, !=, FS_44INODEFMT, %jd);
472 WCHK(fs->fs_old_rotdelay, !=, 0, %jd);
473 WCHK(fs->fs_old_rps, !=, 60, %jd);
474 WCHK(fs->fs_old_nspf, !=, fs->fs_fsize / sectorsize, %jd);
475 FCHK(fs->fs_old_cpg, !=, 1, %jd);
476 WCHK(fs->fs_old_interleave, !=, 1, %jd);
477 WCHK(fs->fs_old_trackskew, !=, 0, %jd);
478 WCHK(fs->fs_old_cpc, !=, 0, %jd);
479 WCHK(fs->fs_old_postblformat, !=, 1, %jd);
480 FCHK(fs->fs_old_nrpos, !=, 1, %jd);
481 WCHK(fs->fs_old_spc, !=, fs->fs_fpg * fs->fs_old_nspf, %jd);
482 WCHK(fs->fs_old_nsect, !=, fs->fs_old_spc, %jd);
483 WCHK(fs->fs_old_npsect, !=, fs->fs_old_spc, %jd);
484 FCHK(fs->fs_old_ncyl, !=, fs->fs_ncg, %jd);
486 /* Bad magic number, so assume not a superblock */
489 FCHK(fs->fs_bsize, <, MINBSIZE, %jd);
490 FCHK(fs->fs_bsize, >, MAXBSIZE, %jd);
491 FCHK(fs->fs_bsize, <, roundup(sizeof(struct fs), DEV_BSIZE), %jd);
492 FCHK(powerof2(fs->fs_bsize), ==, 0, %jd);
493 FCHK(fs->fs_frag, <, 1, %jd);
494 FCHK(fs->fs_frag, >, MAXFRAG, %jd);
495 FCHK(fs->fs_frag, !=, numfrags(fs, fs->fs_bsize), %jd);
496 FCHK(fs->fs_fsize, <, sectorsize, %jd);
497 FCHK(fs->fs_fsize * fs->fs_frag, !=, fs->fs_bsize, %jd);
498 FCHK(powerof2(fs->fs_fsize), ==, 0, %jd);
499 FCHK(fs->fs_fpg, <, 3 * fs->fs_frag, %jd);
500 FCHK(fs->fs_ncg, <, 1, %jd);
501 FCHK(fs->fs_ipg, <, fs->fs_inopb, %jd);
502 FCHK((uint64_t)fs->fs_ipg * fs->fs_ncg, >,
503 (((int64_t)(1)) << 32) - INOPB(fs), %jd);
504 FCHK(fs->fs_cstotal.cs_nifree, <, 0, %jd);
505 FCHK(fs->fs_cstotal.cs_nifree, >, (uint64_t)fs->fs_ipg * fs->fs_ncg,
507 FCHK(fs->fs_cstotal.cs_ndir, <, 0, %jd);
508 FCHK(fs->fs_cstotal.cs_ndir, >,
509 ((uint64_t)fs->fs_ipg * fs->fs_ncg) - fs->fs_cstotal.cs_nifree,
511 FCHK(fs->fs_sbsize, >, SBLOCKSIZE, %jd);
512 FCHK(fs->fs_sbsize, <, (signed)sizeof(struct fs), %jd);
513 /* fix for misconfigured filesystems */
514 if (fs->fs_maxbsize == 0)
515 fs->fs_maxbsize = fs->fs_bsize;
516 FCHK(fs->fs_maxbsize, <, fs->fs_bsize, %jd);
517 FCHK(powerof2(fs->fs_maxbsize), ==, 0, %jd);
518 FCHK(fs->fs_maxbsize, >, FS_MAXCONTIG * fs->fs_bsize, %jd);
519 FCHK(fs->fs_bmask, !=, ~(fs->fs_bsize - 1), %#jx);
520 FCHK(fs->fs_fmask, !=, ~(fs->fs_fsize - 1), %#jx);
521 FCHK(fs->fs_qbmask, !=, ~fs->fs_bmask, %#jx);
522 FCHK(fs->fs_qfmask, !=, ~fs->fs_fmask, %#jx);
523 FCHK(fs->fs_bshift, !=, ILOG2(fs->fs_bsize), %jd);
524 FCHK(fs->fs_fshift, !=, ILOG2(fs->fs_fsize), %jd);
525 FCHK(fs->fs_fragshift, !=, ILOG2(fs->fs_frag), %jd);
526 FCHK(fs->fs_fsbtodb, !=, ILOG2(fs->fs_fsize / sectorsize), %jd);
527 FCHK(fs->fs_old_cgoffset, <, 0, %jd);
528 FCHK2(fs->fs_old_cgoffset, >, 0, ~fs->fs_old_cgmask, <, 0, %jd);
529 FCHK(fs->fs_old_cgoffset * (~fs->fs_old_cgmask), >, fs->fs_fpg, %jd);
530 FCHK(CGSIZE(fs), >, fs->fs_bsize, %jd);
532 * If anything has failed up to this point, it is usafe to proceed
533 * as checks below may divide by zero or make other fatal calculations.
534 * So if we have any errors at this point, give up.
538 FCHK(fs->fs_sbsize % sectorsize, !=, 0, %jd);
539 FCHK(fs->fs_ipg % fs->fs_inopb, !=, 0, %jd);
540 FCHK(fs->fs_sblkno, !=, roundup(
541 howmany(fs->fs_sblockloc + SBLOCKSIZE, fs->fs_fsize),
543 FCHK(fs->fs_cblkno, !=, fs->fs_sblkno +
544 roundup(howmany(SBLOCKSIZE, fs->fs_fsize), fs->fs_frag), %jd);
545 FCHK(fs->fs_iblkno, !=, fs->fs_cblkno + fs->fs_frag, %jd);
546 FCHK(fs->fs_dblkno, !=, fs->fs_iblkno + fs->fs_ipg / INOPF(fs), %jd);
547 FCHK(fs->fs_cgsize, >, fs->fs_bsize, %jd);
548 FCHK(fs->fs_cgsize, <, fs->fs_fsize, %jd);
549 FCHK(fs->fs_cgsize % fs->fs_fsize, !=, 0, %jd);
551 * This test is valid, however older versions of growfs failed
552 * to correctly update fs_dsize so will fail this test. Thus we
553 * exclude it from the requirements.
556 WCHK(fs->fs_dsize, !=, fs->fs_size - fs->fs_sblkno -
557 fs->fs_ncg * (fs->fs_dblkno - fs->fs_sblkno) -
558 howmany(fs->fs_cssize, fs->fs_fsize), %jd);
560 WCHK(fs->fs_metaspace, <, 0, %jd);
561 WCHK(fs->fs_metaspace, >, fs->fs_fpg / 2, %jd);
562 WCHK(fs->fs_minfree, >, 99, %jd%%);
563 maxfilesize = fs->fs_bsize * UFS_NDADDR - 1;
564 for (sizepb = fs->fs_bsize, i = 0; i < UFS_NIADDR; i++) {
565 sizepb *= NINDIR(fs);
566 maxfilesize += sizepb;
568 WCHK(fs->fs_maxfilesize, !=, maxfilesize, %jd);
570 * These values have a tight interaction with each other that
571 * makes it hard to tightly bound them. So we can only check
572 * that they are within a broader possible range.
574 * The size cannot always be accurately determined, but ensure
575 * that it is consistent with the number of cylinder groups (fs_ncg)
576 * and the number of fragments per cylinder group (fs_fpg). Ensure
577 * that the summary information size is correct and that it starts
578 * and ends in the data area of the same cylinder group.
580 FCHK(fs->fs_size, <, 8 * fs->fs_frag, %jd);
581 FCHK(fs->fs_size, <=, ((int64_t)fs->fs_ncg - 1) * fs->fs_fpg, %jd);
582 FCHK(fs->fs_size, >, (int64_t)fs->fs_ncg * fs->fs_fpg, %jd);
584 * If we are not requested to read in the csum data stop here
585 * as the correctness of the remaining values is only important
586 * to bound the space needed to be allocated to hold the csum data.
588 if ((flags & UFS_NOCSUM) != 0)
590 FCHK(fs->fs_csaddr, <, 0, %jd);
591 FCHK(fs->fs_cssize, !=,
592 fragroundup(fs, fs->fs_ncg * sizeof(struct csum)), %jd);
593 FCHK(fs->fs_csaddr + howmany(fs->fs_cssize, fs->fs_fsize), >,
595 FCHK(fs->fs_csaddr, <, cgdmin(fs, dtog(fs, fs->fs_csaddr)), %jd);
596 FCHK(dtog(fs, fs->fs_csaddr + howmany(fs->fs_cssize, fs->fs_fsize)), >,
597 dtog(fs, fs->fs_csaddr), %jd);
599 * With file system clustering it is possible to allocate
600 * many contiguous blocks. The kernel variable maxphys defines
601 * the maximum transfer size permitted by the controller and/or
602 * buffering. The fs_maxcontig parameter controls the maximum
603 * number of blocks that the filesystem will read or write
604 * in a single transfer. It is calculated when the filesystem
605 * is created as maxphys / fs_bsize. The loader uses a maxphys
606 * of 128K even when running on a system that supports larger
607 * values. If the filesystem was built on a system that supports
608 * a larger maxphys (1M is typical) it will have configured
609 * fs_maxcontig for that larger system. So we bound the upper
610 * allowable limit for fs_maxconfig to be able to at least
611 * work with a 1M maxphys on the smallest block size filesystem:
612 * 1M / 4096 == 256. There is no harm in allowing the mounting of
613 * filesystems that make larger than maxphys I/O requests because
614 * those (mostly 32-bit machines) can (very slowly) handle I/O
615 * requests that exceed maxphys.
617 WCHK(fs->fs_maxcontig, <, 0, %jd);
618 WCHK(fs->fs_maxcontig, >, MAX(256, maxphys / fs->fs_bsize), %jd);
619 FCHK2(fs->fs_maxcontig, ==, 0, fs->fs_contigsumsize, !=, 0, %jd);
620 FCHK2(fs->fs_maxcontig, >, 1, fs->fs_contigsumsize, !=,
621 MIN(fs->fs_maxcontig, FS_MAXCONTIG), %jd);
626 * Make an extensive search to find a superblock. If the superblock
627 * in the standard place cannot be used, try looking for one of the
628 * backup superblocks.
630 * Flags are made up of the following or'ed together options:
632 * UFS_NOMSG indicates that superblock inconsistency error messages
633 * should not be printed.
635 * UFS_NOCSUM causes only the superblock itself to be returned, but does
636 * not read in any auxillary data structures like the cylinder group
637 * summary information.
640 ffs_sbsearch(void *devfd, struct fs **fsp, int reqflags,
641 struct malloc_type *filltype,
642 int (*readfunc)(void *devfd, off_t loc, void **bufp, int size))
644 struct fsrecovery *fsr;
648 long nocsum, flags, msg, cg;
652 msg = (reqflags & UFS_NOMSG) == 0;
653 nocsum = reqflags & UFS_NOCSUM;
655 * Try normal superblock read and return it if it works.
657 * Suppress messages if it fails until we find out if
658 * failure can be avoided.
660 flags = UFS_NOMSG | nocsum;
661 error = ffs_sbget(devfd, fsp, UFS_STDSB, flags, filltype, readfunc);
663 * If successful or endian error, no need to try further.
665 if (error == 0 || error == EILSEQ) {
666 if (msg && error == EILSEQ)
667 printf("UFS superblock failed due to endian mismatch "
668 "between machine and filesystem\n");
672 * First try: ignoring hash failures.
674 flags |= UFS_NOHASHFAIL;
677 if (ffs_sbget(devfd, fsp, UFS_STDSB, flags, filltype, readfunc) == 0)
680 * Next up is to check if fields of the superblock that are
681 * needed to find backup superblocks are usable.
684 printf("Attempted recovery for standard superblock: failed\n");
685 flags = UFS_FSRONLY | UFS_NOHASHFAIL | UFS_NOCSUM | UFS_NOMSG;
686 if (ffs_sbget(devfd, &protofs, UFS_STDSB, flags, filltype,
689 printf("Attempt extraction of recovery data from "
690 "standard superblock.\n");
693 * Final desperation is to see if alternate superblock
694 * parameters have been saved in the boot area.
697 printf("Attempted extraction of recovery data from "
698 "standard superblock: failed\nAttempt to find "
699 "boot zone recovery data.\n");
701 * Look to see if recovery information has been saved.
702 * If so we can generate a prototype superblock based
703 * on that information.
705 * We need fragments-per-group, number of cylinder groups,
706 * location of the superblock within the cylinder group, and
707 * the conversion from filesystem fragments to disk blocks.
709 * When building a UFS2 filesystem, newfs(8) stores these
710 * details at the end of the boot block area at the start
711 * of the filesystem partition. If they have been overwritten
712 * by a boot block, we fail. But usually they are there
713 * and we can use them.
715 * We could ask the underlying device for its sector size,
716 * but some devices lie. So we just try a plausible range.
720 for (secsize = dbtob(1); secsize <= SBLOCKSIZE; secsize *= 2)
721 if ((error = (*readfunc)(devfd, (SBLOCK_UFS2 - secsize),
722 &fsrbuf, secsize)) == 0)
726 cp = fsrbuf; /* type change to keep compiler happy */
727 fsr = (struct fsrecovery *)&cp[secsize - sizeof *fsr];
728 if (fsr->fsr_magic != FS_UFS2_MAGIC ||
729 (protofs = UFS_MALLOC(SBLOCKSIZE, filltype, M_NOWAIT))
731 UFS_FREE(fsrbuf, filltype);
734 memset(protofs, 0, sizeof(struct fs));
735 protofs->fs_fpg = fsr->fsr_fpg;
736 protofs->fs_fsbtodb = fsr->fsr_fsbtodb;
737 protofs->fs_sblkno = fsr->fsr_sblkno;
738 protofs->fs_magic = fsr->fsr_magic;
739 protofs->fs_ncg = fsr->fsr_ncg;
740 UFS_FREE(fsrbuf, filltype);
743 * Scan looking for alternative superblocks.
748 for (cg = 0; cg < protofs->fs_ncg; cg++) {
749 sblk = fsbtodb(protofs, cgsblock(protofs, cg));
751 printf("Try cg %ld at sblock loc %jd\n", cg,
753 if (ffs_sbget(devfd, fsp, dbtob(sblk), flags, filltype,
756 printf("Succeeded with alternate superblock "
757 "at %jd\n", (intmax_t)sblk);
758 UFS_FREE(protofs, filltype);
762 UFS_FREE(protofs, filltype);
764 * Our alternate superblock strategies failed. Our last ditch effort
765 * is to see if the standard superblock has only non-critical errors.
768 flags = UFS_NOWARNFAIL | UFS_NOMSG | nocsum;
770 printf("Finding an alternate superblock failed.\nCheck for "
771 "only non-critical errors in standard superblock\n");
774 if (ffs_sbget(devfd, fsp, UFS_STDSB, flags, filltype, readfunc) != 0) {
776 printf("Failed, superblock has critical errors\n");
780 printf("Success, using standard superblock with "
781 "non-critical errors.\n");
786 * Write a superblock to the devfd device from the memory pointed to by fs.
787 * Write out the superblock summary information if it is present.
789 * If the write is successful, zero is returned. Otherwise one of the
790 * following error values is returned:
791 * EIO: failed to write superblock.
792 * EIO: failed to write superblock summary information.
795 ffs_sbput(void *devfd, struct fs *fs, off_t loc,
796 int (*writefunc)(void *devfd, off_t loc, void *buf, int size))
798 int i, error, blks, size;
802 * If there is summary information, write it first, so if there
803 * is an error, the superblock will not be marked as clean.
805 if (fs->fs_si != NULL && fs->fs_csp != NULL) {
806 blks = howmany(fs->fs_cssize, fs->fs_fsize);
807 space = (uint8_t *)fs->fs_csp;
808 for (i = 0; i < blks; i += fs->fs_frag) {
810 if (i + fs->fs_frag > blks)
811 size = (blks - i) * fs->fs_fsize;
812 if ((error = (*writefunc)(devfd,
813 dbtob(fsbtodb(fs, fs->fs_csaddr + i)),
822 struct fs_summary_info *fs_si;
824 fs->fs_time = time(NULL);
825 /* Clear the pointers for the duration of writing. */
828 fs->fs_ckhash = ffs_calc_sbhash(fs);
829 error = (*writefunc)(devfd, loc, fs, fs->fs_sbsize);
833 fs->fs_time = time_second;
834 fs->fs_ckhash = ffs_calc_sbhash(fs);
835 error = (*writefunc)(devfd, loc, fs, fs->fs_sbsize);
841 * Calculate the check-hash for a superblock.
844 ffs_calc_sbhash(struct fs *fs)
846 uint32_t ckhash, save_ckhash;
849 * A filesystem that was using a superblock ckhash may be moved
850 * to an older kernel that does not support ckhashes. The
851 * older kernel will clear the FS_METACKHASH flag indicating
852 * that it does not update hashes. When the disk is moved back
853 * to a kernel capable of ckhashes it disables them on mount:
855 * if ((fs->fs_flags & FS_METACKHASH) == 0)
856 * fs->fs_metackhash = 0;
858 * This leaves (fs->fs_metackhash & CK_SUPERBLOCK) == 0) with an
859 * old stale value in the fs->fs_ckhash field. Thus the need to
860 * just accept what is there.
862 if ((fs->fs_metackhash & CK_SUPERBLOCK) == 0)
863 return (fs->fs_ckhash);
865 save_ckhash = fs->fs_ckhash;
868 * If newly read from disk, the caller is responsible for
869 * verifying that fs->fs_sbsize <= SBLOCKSIZE.
871 ckhash = calculate_crc32c(~0L, (void *)fs, fs->fs_sbsize);
872 fs->fs_ckhash = save_ckhash;
877 * Update the frsum fields to reflect addition or deletion
881 ffs_fragacct(struct fs *fs, int fragmap, int32_t fraglist[], int cnt)
887 inblk = (int)(fragtbl[fs->fs_frag][fragmap]) << 1;
889 for (siz = 1; siz < fs->fs_frag; siz++) {
890 if ((inblk & (1 << (siz + (fs->fs_frag % NBBY)))) == 0)
893 subfield = inside[siz];
894 for (pos = siz; pos <= fs->fs_frag; pos++) {
895 if ((fragmap & field) == subfield) {
896 fraglist[siz] += cnt;
910 * check if a block is available
913 ffs_isblock(struct fs *fs, unsigned char *cp, ufs1_daddr_t h)
917 switch ((int)fs->fs_frag) {
919 return (cp[h] == 0xff);
921 mask = 0x0f << ((h & 0x1) << 2);
922 return ((cp[h >> 1] & mask) == mask);
924 mask = 0x03 << ((h & 0x3) << 1);
925 return ((cp[h >> 2] & mask) == mask);
927 mask = 0x01 << (h & 0x7);
928 return ((cp[h >> 3] & mask) == mask);
931 panic("ffs_isblock");
939 * check if a block is free
942 ffs_isfreeblock(struct fs *fs, uint8_t *cp, ufs1_daddr_t h)
945 switch ((int)fs->fs_frag) {
949 return ((cp[h >> 1] & (0x0f << ((h & 0x1) << 2))) == 0);
951 return ((cp[h >> 2] & (0x03 << ((h & 0x3) << 1))) == 0);
953 return ((cp[h >> 3] & (0x01 << (h & 0x7))) == 0);
956 panic("ffs_isfreeblock");
964 * take a block out of the map
967 ffs_clrblock(struct fs *fs, uint8_t *cp, ufs1_daddr_t h)
970 switch ((int)fs->fs_frag) {
975 cp[h >> 1] &= ~(0x0f << ((h & 0x1) << 2));
978 cp[h >> 2] &= ~(0x03 << ((h & 0x3) << 1));
981 cp[h >> 3] &= ~(0x01 << (h & 0x7));
985 panic("ffs_clrblock");
992 * put a block into the map
995 ffs_setblock(struct fs *fs, unsigned char *cp, ufs1_daddr_t h)
998 switch ((int)fs->fs_frag) {
1003 cp[h >> 1] |= (0x0f << ((h & 0x1) << 2));
1006 cp[h >> 2] |= (0x03 << ((h & 0x3) << 1));
1009 cp[h >> 3] |= (0x01 << (h & 0x7));
1013 panic("ffs_setblock");
1020 * Update the cluster map because of an allocation or free.
1022 * Cnt == 1 means free; cnt == -1 means allocating.
1025 ffs_clusteracct(struct fs *fs, struct cg *cgp, ufs1_daddr_t blkno, int cnt)
1029 uint8_t *freemapp, *mapp;
1030 int i, start, end, forw, back, map;
1033 if (fs->fs_contigsumsize <= 0)
1035 freemapp = cg_clustersfree(cgp);
1036 sump = cg_clustersum(cgp);
1038 * Allocate or clear the actual block.
1041 setbit(freemapp, blkno);
1043 clrbit(freemapp, blkno);
1045 * Find the size of the cluster going forward.
1048 end = start + fs->fs_contigsumsize;
1049 if (end >= cgp->cg_nclusterblks)
1050 end = cgp->cg_nclusterblks;
1051 mapp = &freemapp[start / NBBY];
1053 bit = 1U << (start % NBBY);
1054 for (i = start; i < end; i++) {
1055 if ((map & bit) == 0)
1057 if ((i & (NBBY - 1)) != (NBBY - 1)) {
1066 * Find the size of the cluster going backward.
1069 end = start - fs->fs_contigsumsize;
1072 mapp = &freemapp[start / NBBY];
1074 bit = 1U << (start % NBBY);
1075 for (i = start; i > end; i--) {
1076 if ((map & bit) == 0)
1078 if ((i & (NBBY - 1)) != 0) {
1082 bit = 1U << (NBBY - 1);
1087 * Account for old cluster and the possibly new forward and
1090 i = back + forw + 1;
1091 if (i > fs->fs_contigsumsize)
1092 i = fs->fs_contigsumsize;
1099 * Update cluster summary information.
1101 lp = &sump[fs->fs_contigsumsize];
1102 for (i = fs->fs_contigsumsize; i > 0; i--)
1105 fs->fs_maxcluster[cgp->cg_cgx] = i;
projects / FreeBSD / FreeBSD.git / blob