setup.c revision 355d6bb5e62a215a9bcf820ac85c1fc62bed2f3f
/*
* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
/* All Rights Reserved */
/*
* Copyright (c) 1980, 1986, 1990 The Regents of the University of California.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that: (1) source distributions retain this entire copyright
* notice and comment, and (2) distributions including binaries display
* the following acknowledgement: ``This product includes software
* developed by the University of California, Berkeley and its contributors''
* in the documentation or other materials provided with the distribution
* and in all advertising materials mentioning features or use of this
* software. Neither the name of the University nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#define DKTYPENAMES
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <malloc.h>
#include <limits.h>
#include <wait.h>
#include <sys/sysmacros.h>
#include <sys/int_const.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#include "roll_log.h"
#include "fsck.h"
/*
* The size of a cylinder group is calculated by CGSIZE. The maximum size
* is limited by the fact that cylinder groups are at most one block.
* Its size is derived from the size of the maps maintained in the
* cylinder group and the (struct cg) size.
*/
/* base cg */ (sizeof (struct cg) + \
/*
* Methods of determining where alternate superblocks should
* be. MAX_SB_STYLES must be the last one, and the others need
* to be positive.
*/
typedef enum {
} calcsb_t;
static caddr_t calcsb_names[] = {
"<UNKNOWN>", "MKFS", "NEWFS", "<OUT OF RANGE>"
};
static int checksb(int);
static void flush_fs(void);
static void sblock_init(void);
static void uncreate_maps(void);
static int
read_super_block(int listerr)
{
int fd;
if (mount_point != NULL) {
if (fd == -1) {
errexit("fsck: open mount point error: %s",
/* NOTREACHED */
}
/* get the latest super block */
errexit("fsck: ioctl _FIOGETSUPERBLOCK error: %s",
/* NOTREACHED */
}
} else {
SBSIZE);
}
/*
* Don't let trash from the disk trip us up later
* in ungetsummaryinfo().
*/
/*
* Rudimentary consistency checks. Can't really call
* checksb() here, because there may be outstanding
* deltas that still need to be applied.
*/
err = "MAGIC NUMBER WRONG";
goto fail;
}
err = "UNRECOGNIZED VERSION";
goto fail;
}
err = "NCG OUT OF RANGE";
goto fail;
}
err = "CPG OUT OF RANGE";
goto fail;
}
err = "NCYL IS INCONSISTENT WITH NCG*CPG";
goto fail;
}
err = "SIZE OUT OF RANGE";
goto fail;
}
return (1);
fail:
return (0);
}
static void
flush_fs()
{
int fd;
if (mount_point != NULL) {
if (fd == -1) {
errexit("fsck: open mount point error: %s",
/* NOTREACHED */
}
errexit("fsck: ioctl _FIOFFS error: %s",
/* NOTREACHED */
}
}
}
/*
* Roll the embedded log, if any, and set up the global variables
* islog and islogok.
*/
static int
{
void *buf;
void *ud_buf;
int badlog;
if (bflag != 0)
return (1); /* can't roll log while alternate sb specified */
/*
* Roll the log, if any. A bad sb implies we'll be using
* an alternate sb as far as logging goes, so just fail back
* to the caller if we can't read the default sb. Suppress
* complaints, because the caller will be reading the same
* superblock again and running full verification on it, so
* whatever is bad will be reported then.
*/
badlog = 0;
if (!read_super_block(0))
return (1);
/*
* Roll the log in 3 cases:
* 1. If it's unmounted (mount_point == NULL) and it's not marked
* as fully rolled (sblock.fs_rolled != FS_ALL_ROLLED)
* 2. If it's mounted and anything other than a sanity
* check fsck (mflag) is being done, as we have the current
* super block. Note, only a sanity check is done for
* ufs_flush() gets called, leading to a slower boot.
* 3. If anything other then a sanity check (mflag) is being done
* to a mounted filesystem while it is in read-only state
* (e.g. root during early boot stages) we have to detect this
* and have to roll the log as well. NB. the read-only mount
* will flip fs_clean from FSLOG to FSSTABLE and marks the
* log as FS_NEED_ROLL.
*/
int roll_log_err = 0;
/*
* roll the log without a mount
*/
flush_fs();
}
roll_log_err = 1;
}
if (roll_log_err) {
/*
* There are two cases where we want to set
* an error code and return:
* - We're preening
* - We're not on a live root and the user
* chose *not* to ignore the log
* Otherwise, we want to mark the log as bad
* and continue to check the filesystem. This
* has the side effect of destroying the log.
*/
"DISCARDING THE LOG MAY DISCARD PENDING TRANSACTIONS.\n"
"DISCARD THE LOG AND CONTINUE") == 0)) {
return (0);
}
++badlog;
}
}
/* Logging UFS may be enabled */
++islog;
/* log is not okay; check the fs */
return (1);
/*
* If logging or (stable and mounted) then continue
*/
return (1);
/* get the log allocation block */
return (1);
}
return (1);
}
/* log allocation block is not okay; check the fs */
return (1);
}
/* get the log state block(s) */
dev_bsize)) {
}
return (1);
}
/* log state is okay; don't need to check the fs */
++islogok;
}
}
return (1);
}
/*
* - given a pathname, determine the pathname to actually check
* - if a directory
* - if it is in mnttab, set devstr to the special (block) name
* - if it is in vfstab, set devstr to the special (block) name
* - if it has not been found, bail
* - a file is used as-is, clear rflag
* - a device is converted to block version (so can search mnttab)
*/
static void
{
}
switch (mode) {
case S_IFDIR:
/*
* The check_*() routines update devstr with the name.
*/
devstr[0] = '\0';
"fsck: could not find mountpoint %s in mnttab nor vfstab",
dev);
}
break;
case S_IFREG:
rflag = 0;
break;
case S_IFCHR:
case S_IFBLK:
break;
default:
/* NOTREACHED */
}
}
/*
* Reports the index of the magic filesystem that mntp names.
* If it does not correspond any of them, returns zero (hence
* the backwards loop).
*/
static int
{
int corefs;
break;
return (corefs);
}
/*
* - set mount_point to NULL
* - if name is mounted (search mnttab)
* - if it is a device, clear rflag
* - if mounted on /, /usr, or /var, set corefs
* - if corefs and read-only, set hotroot and continue
* - if errorlocked, continue
* - if preening, bail
* - ask user whether to continue, bail if not
* - if it is a device and not mounted and rflag, convert
* name to raw version
*/
static int
{
int corefs = 0;
int is_dev = 0;
}
is_dev = 1;
/*
* mounted() will update mount_point when returning true.
*/
mount_point = NULL;
if (is_dev)
rflag = 0;
hotroot++;
} else if (errorlocked) {
goto carry_on;
} else if (preen) {
pfatal("%s IS CURRENTLY MOUNTED%s.",
} else {
pwarn("%s IS CURRENTLY MOUNTED READ/%s.",
if (reply("CONTINUE") == 0) {
errexit("Program terminated");
}
}
}
return (corefs);
}
static int
{
int retval = 0;
retval = -1;
goto finish;
}
if (errorlocked) {
(void) printf(" error-lock comment: \"%s\" ",
fflag = 1;
}
fswritefd = -1;
pfatal("(NO WRITE ACCESS)\n");
(void) printf(" (NO WRITE)");
}
if (!preen)
(void) printf("\n");
else if (debug)
if (hotroot)
(void) printf(" and is mounted read-%s",
if (errorlocked)
(void) printf(" and is error-locked");
(void) printf(".\n");
}
return (retval);
}
static int
{
int cg = 0;
int retval = 0;
int first;
int found;
/*
* Check the superblock, looking for alternates if necessary.
* In more-recent times, some UFS instances get created with
* only the first ten and last ten superblock backups. Since
* if we can't get the necessary information from any of those,
* the odds are also against us for the ones in between, we'll
* just look at those twenty to save time.
*/
retval = -1;
goto finish;
}
if (reply("LOOK FOR ALTERNATE SUPERBLOCKS WITH %s",
calcsb_names[style]) == 0)
continue;
first = 1;
found = 0;
continue;
}
if (debug) {
(void) printf(
"debug: calcsb(%s) gave fpg %d, cgoffset %d, ",
(void) printf("cgmask 0x%x, sblk %d, ncg %d\n",
}
if (debug)
(void) printf(
"debug: trying block %lld\n",
(longlong_t)bflag);
if (read_super_block(0) && checksb(0)) {
(void) printf(
"FOUND ALTERNATE SUPERBLOCK %d WITH %s\n",
if (reply(
"USE ALTERNATE SUPERBLOCK") == 1) {
found = 1;
break;
}
}
first = 0;
cg = 9;
else
}
}
if (found)
break;
}
/*
* Didn't find one? Try to fake it.
*/
if (style >= MAX_SB_STYLES) {
pwarn("SEARCH FOR ALTERNATE SUPERBLOCKS FAILED.\n");
style++) {
if (reply("USE GENERIC SUPERBLOCK FROM %s",
break;
}
/*
*/
if (style < MAX_SB_STYLES)
bflag = 0;
}
}
/*
* Still no luck? Tell the user they're on their own.
*/
if (style >= MAX_SB_STYLES) {
pwarn("SEARCH FOR ALTERNATE SUPERBLOCKS FAILED. "
"YOU MUST USE THE -o b OPTION\n"
"TO FSCK TO SPECIFY THE LOCATION OF A VALID "
"ALTERNATE SUPERBLOCK TO\n"
"SUPPLY NEEDED INFORMATION; SEE fsck(1M).\n");
bflag = 0;
retval = -1;
goto finish;
}
/*
* Need to make sure a human really wants us to use
* this. -y mode could've gotten us this far, so
* we need to ask something that has to be answered
* in the negative.
*
* Note that we can't get here when preening.
*/
if (!found) {
pwarn("CALCULATED GENERIC SUPERBLOCK WITH %s\n",
} else {
pwarn("FOUND ALTERNATE SUPERBLOCK AT %d USING %s\n",
}
pwarn("If filesystem was created with manually-specified ");
pwarn("geometry, using\nauto-discovered superblock may ");
pwarn("result in irrecoverable damage to\nfilesystem and ");
pwarn("user data.\n");
if (cg >= 0) {
pwarn("Please verify that the indicated block "
"contains a proper\nsuperblock for the "
"filesystem (see fsdb(1M)).\n");
if (yflag)
pwarn("\nFSCK was running in YES "
"mode. If you wish to run in "
"that mode using\nthe alternate "
"superblock, run "
"`fsck -y -o b=%d %s'.\n",
}
retval = -1;
goto finish;
}
/*
* Pretend we found it as an alternate, so everything
* gets updated when we clean up at the end.
*/
if (!found) {
havesb = 1;
}
}
return (retval);
}
/*
* Check and potentially fix certain fields in the super block.
*/
static void
fixup_superblock(void)
{
/*
* Kernel looks for FS_OPTTIME, and assumes that if that's not
* what's there, it must be FS_OPTSPACE, so not fixing does not
* require setting iscorrupt.
*/
pfatal("UNDEFINED OPTIMIZATION IN SUPERBLOCK");
sbdirty();
}
}
pfatal("IMPOSSIBLE MINFREE=%d IN SUPERBLOCK",
sbdirty();
} else if (sblock.fs_minfree < 0) {
/*
* Kernel uses minfree without verification,
* and a negative value would do bad things.
*/
iscorrupt = 1;
}
}
}
static int
{
int retval = 0;
/* do this right away to prevent any other fscks on this fs */
case FSBAD:
break;
case FSFIX:
if (preen)
errexit("ERROR-LOCKED; MARKED \"FSFIX\"\n");
if (reply("marked FSFIX, CONTINUE") == 0) {
retval = -1;
goto finish;
}
break;
case FSCLEAN:
if (preen)
errexit("ERROR-LOCKED; MARKED \"FSCLEAN\"\n");
if (reply("marked FSCLEAN, CONTINUE") == 0) {
retval = -1;
goto finish;
}
break;
default:
if (preen) {
if (debug)
pwarn("ERRORLOCKED; NOT MARKED \"FSBAD\"\n");
else
errexit("ERRORLOCKED; NOT MARKED \"FSBAD\"\n");
} else {
(void) printf("error-locked but not marked \"FSBAD\";");
if (reply(" CONTINUE") == 0) {
retval = -1;
goto finish;
}
}
break;
}
if (!do_errorlock(LOCKFS_ELOCK)) {
if (preen) {
retval = -1;
goto finish;
}
if (reply("error-lock reset failed; CONTINUE") == 0) {
retval = -1;
goto finish;
}
}
sbdirty();
return (retval);
}
static void
getsummaryinfo(void)
{
int failed;
int asked;
int i, j;
/*
* read in the summary info.
*/
"cannot allocate %u bytes for cylinder group summary info\n",
asked = 0;
size);
pfatal("BAD SUMMARY INFORMATION");
if (reply("CONTINUE") == 0) {
ckfini();
}
asked = 1;
}
}
}
/*
* Reverses the effects of getsummaryinfo().
*/
static void
ungetsummaryinfo(void)
{
}
}
/*
* Allocate and initialize the global tables.
* It is the responsibility of the caller to clean up and allocations
* if an error is returned.
*/
static int
create_and_init_maps(void)
{
int retval = 0;
sizeof (short));
(void) printf("cannot alloc %lld bytes for blockmap\n",
retval = -1;
goto finish;
}
(void) printf("cannot alloc %lld bytes for statemap\n",
retval = -1;
goto finish;
}
(void) printf("cannot alloc %lld bytes for lncntp\n",
retval = -1;
goto finish;
}
/*
* If we had to fake up a superblock, it won't show that there
* are any directories at all. This causes problems when we
* use numdirs to calculate hash keys, so use something at least
* vaguely plausible.
*/
if (numdirs == 0)
sizeof (struct inoinfo *));
sizeof (struct inoinfo *));
(void) printf("cannot alloc %lld bytes for inphead\n",
retval = -1;
goto finish;
}
if (debug) {
errexit("create_and_init_maps: listmax overflowed\n");
errexit("create_and_init_maps: numdirs overflowed\n");
}
sizeof (struct inoinfo *));
sizeof (struct inoinfo *));
(void) printf("cannot alloc %lld bytes for aclphead\n",
retval = -1;
goto finish;
}
if (debug) {
errexit("create_and_init_maps: aclmax overflowed\n");
errexit("create_and_init_maps: numacls overflowed\n");
}
aclplast = 0L;
inplast = 0L;
return (retval);
}
{
int corefs;
havesb = 0;
sblock_init();
goto cleanup;
/*
* Check log state
*/
goto cleanup;
/*
* Flush fs if we're going to do anything other than a sanity check.
* Note, if logging then the fs was already flushed in logsetup().
*/
flush_fs();
goto cleanup;
if (errorlocked &&
(initial_error_state_adjust() == -1))
goto cleanup;
/*
* asblk could be dirty because we found a mismatch between
* the primary superblock and one of its backups in checksb().
*/
}
/*
* if not error-locked, using the standard superblock,
* not bad log, not forced, preening, and is clean;
* stop checking
*/
if (!errorlocked && (bflag == 0) &&
iscorrupt = 0;
printclean();
goto cleanup;
}
if (create_and_init_maps() == -1)
goto nomaps;
bufinit();
return (devstr);
ckfini();
/* FALLTHROUGH */
unbufinit();
/*
* Can't get rid of the superblock buffer, because our
* caller references it to generate the summary statistics.
*/
return (NULL);
}
/*
* Undoes the allocations in create_and_init_maps()
*/
static void
uncreate_maps(void)
{
/*
* No ordering dependency amongst these, so they are here in
* the same order they were calculated.
*/
}
/*
* mkfs limits the size of the inode map to be no more than a third of
* the cylinder group space. We'll use that value for sanity checking
* the superblock's inode per group value.
*/
/*
* Check the super block and its summary info.
*/
static int
{
/*
* When the fs check is successfully completed, the alternate super
* block at sblk.b_bno will be overwritten by ckfini() with the
* repaired super block.
*/
/*
* Sanity-check some of the values we are going to use later
* in allocation requests.
*/
if (verbose)
(void) printf(
"Found %d directories, should be between 1 and %d inclusive.\n",
err = "NUMBER OF DIRECTORIES OUT OF RANGE";
goto failedsb;
}
err = "ROTATIONAL POSITION TABLE SIZE OUT OF RANGE";
goto failedsb;
}
err = "SIZE OF CYLINDER GROUP SUMMARY AREA WRONG";
goto failedsb;
}
err = "INOPB NONSENSICAL RELATIVE TO BSIZE";
goto failedsb;
}
err = "BLOCK SIZE LARGER THAN MAXIMUM SUPPORTED";
goto failedsb;
}
err = "FRAGS PER BLOCK OR FRAG SIZE WRONG";
goto failedsb;
}
err = "NUMBER OF DATA BLOCKS OUT OF RANGE";
goto failedsb;
}
#if 0
err = "FILESYSTEM SIZE LARGER THAN DEVICE";
goto failedsb;
}
#endif
/*
* Check that the number of inodes per group isn't less than or
* equal to zero. Also makes sure it isn't more than the
* maximum number mkfs enforces.
*/
err = "INODES PER GROUP OUT OF RANGE";
goto failedsb;
}
err = "CG HEADER LARGER THAN ONE BLOCK";
goto failedsb;
}
/*
* Set all possible fields that could differ, then do check
* of whole super block against an alternate super block.
* When an alternate super-block is specified this check is skipped.
*/
return (0);
}
if (bflag != 0) {
/*
* Invalidate clean flag and state information.
* Note that we couldn't return until after the
* above getblk(), because we're going to want to
* update asblk when everything's done.
*/
sblock.fs_reclaim = 0;
sbdirty();
havesb = 1;
return (1);
}
/*
* The following should not have to be copied.
*/
err = "BAD VALUES IN SUPER BLOCK";
goto failedsb;
}
havesb = 1;
return (1);
return (0);
}
static void
{
if (!listerr)
return;
if (preen)
(void) printf("BAD SUPERBLOCK AT BLOCK %d: %s\n",
if (preen) {
"USE AN ALTERNATE SUPERBLOCK TO SUPPLY NEEDED INFORMATION;\n");
pwarn("e.g. fsck [-F ufs] -o b=# [special ...] \n");
"where # is the alternate super block. SEE fsck_ufs(1M). \n");
}
/* we're expected to return if not preening */
}
/*
* Write out the super block into each of the alternate super blocks.
*/
void
write_altsb(int fd)
{
int cylno;
}
static void
sblock_init(void)
{
fsmodified = 0;
if (errorlocked)
isdirty = 1;
lfdir = 0;
/*
* May have buffer left over from previous filesystem check.
*/
errexit("cannot allocate space for superblock\n");
/*
* Could get the actual sector size from the device here,
* but considering how much would need to change in the rest
* of the system before it'd be a problem for us, it's not
* worth worrying about right now.
*/
}
/*
* Calculate a prototype superblock based on information in the disk label.
* When done the cgsblock macro can be calculated and the fs_ncg field
* can be used. Do NOT attempt to use other macros without verifying that
* their needed information is available!
*
* In BSD, the disk label includes all sorts of useful information,
* like cpg. Solaris doesn't have that, and deriving it (as well as
* some other parameters) is difficult. Rather than duplicate the
* code, just ask mkfs what it would've come up with by default.
* Ideally, we'd just link in the code, but given the source base
* involved, it's more practical to just get a binary dump.
*
* The one minor drawback to the above approach is that newfs and mkfs
* will produce vastly different layouts for the same partition if
* they're allowed to default everything. So, if the superblock that
* mkfs gives us doesn't work for guessing where the alternates are,
* we need to try newfs.
*/
static int
{
#define FROM_CHILD 0
#define TO_FSCK 1
#define CMD_IDX 0
#define DEV_IDX 3
#define SIZE_IDX 4
int child_pipe[2];
"", /* CMD_IDX */
"-o",
"calcbinsb,N",
NULL, /* DEV_IDX */
NULL, /* SIZE_IDX */
};
"", /* CMD_IDX */
"-B",
"-N",
NULL, /* DEV_IDX */
};
int pending, transferred;
int devnull;
switch (style) {
case MKFS_STYLE:
if (debug)
(void) printf("calcsb() going with style MKFS\n");
break;
case NEWFS_STYLE:
if (debug)
(void) printf("calcsb() going with style NEWFS\n");
break;
default:
if (debug)
(void) printf("calcsb() doesn't undestand style %d\n",
style);
return (0);
}
/*
* Normally, only use the stock versions of the utilities.
* However, if we're debugging, the odds are that we're
* using experimental versions of them as well, so allow
* some flexibility.
*/
if (style == MKFS_STYLE) {
if (size == 0)
return (0);
} else if (style == NEWFS_STYLE) {
/*
* Make sure that newfs will find the right version of mkfs.
*/
/* mkfs_path is always initialized, despite lint's concerns */
return (0);
/*
* If no location data for mkfs, don't need to do
* anything about PATH.
*/
/*
* Just want the dir, so discard the executable name.
*/
*slash = '\0';
/*
* newfs uses system() to find mkfs, so make sure
* that the one we want to use is first on the
* list. Don't free path_new upon success, as it
* has become part of the environment.
*/
return (0);
}
}
} else {
/*
* Bad search style, quietly return failure.
*/
if (debug) {
(void) printf("calcsb: got bad style number %d\n",
(int)style);
}
return (0);
}
if (pipe(child_pipe) < 0) {
return (0);
}
switch (fork()) {
case -1:
return (0);
case 0:
(void) printf(
"calcsb: could not rename file descriptor: %s\n",
}
if (devnull == -1) {
}
(void) printf(
"calcsb: could not rename file descriptor: %s\n",
}
(void) printf("calcsb: could not exec %s: %s\n",
/* NOTREACHED */
default:
break;
}
do {
pending -= transferred;
target += transferred;
} while ((pending > 0) && (transferred > 0));
if (pending > 0) {
if (transferred < 0)
"calcsb: binary read of superblock from %s failed: %s\n",
else
"calcsb: short read of superblock from %s\n",
return (0);
}
return (0);
return (1);
}