pc_vfsops.c revision 93239add0c8984cfe653afea733fc9254f021160
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <sys/vfs_opreg.h>
#include <sys/pathname.h>
#include <sys/sysmacros.h>
/*
* The majority of PC media use a 512 sector size, but
* occasionally you will run across a 1k sector size.
* For media with a 1k sector size, fd_strategy() requires
* the I/O size to be a 1k multiple; so when the sector size
* is not yet known, always read 1k.
*/
static int pcfs_pseudo_floppy(dev_t);
static int pcfsinit(int, char *);
struct cred *);
static int pc_syncfsnodes(struct pcfs *);
/*
* pcfs mount options table
*/
/*
* option name cancel option default arg flags opt data
*/
};
static mntopts_t pcfs_mntopts = {
};
int pcfsdebuglevel = 0;
/*
* pcfslock: protects the list of mounted pc filesystems "pc_mounttab.
* pcfs_lock: (inside per filesystem structure "pcfs")
* per filesystem lock. Most of the vfsops and vnodeops are
* protected by this lock.
* pcnodes_lock: protects the pcnode hash table "pcdhead", "pcfhead".
*
* Lock hierarchy: pcfslock > pcfs_lock > pcnodes_lock
*
* pcfs_mountcount: used to prevent module unloads while there is still
* pcfs state from a former mount hanging around. With
* forced umount support, the filesystem module must not
* be allowed to go away before the last VFS_FREEVFS()
* call has been made.
* Since this is just an atomic counter, there's no need
* for locking.
*/
static int pcfstype;
"pcfs",
};
"PC filesystem",
&vfw
};
static struct modlinkage modlinkage = {
&modlfs,
};
int
_init(void)
{
int error;
#if !defined(lint)
/* make sure the on-disk structures are sane */
#endif
if (error) {
}
return (error);
}
int
_fini(void)
{
int error;
/*
* If a forcedly unmounted instance is still hanging around,
* we cannot allow the module to be unloaded because that would
* cause panics once the VFS framework decides it's time to call
* into VFS_FREEVFS().
*/
if (pcfs_mountcount)
return (EBUSY);
if (error)
return (error);
/*
* Tear down the operations vectors
*/
(void) vfs_freevfsops_by_type(pcfstype);
return (0);
}
int
{
}
/* ARGSUSED1 */
static int
{
static const fs_operation_def_t pcfs_vfsops_template[] = {
};
int error;
if (error != 0) {
return (error);
}
if (error != 0) {
(void) vfs_freevfsops_by_type(fstype);
return (error);
}
if (error != 0) {
(void) vfs_freevfsops_by_type(fstype);
return (error);
}
(void) pc_init();
pcfs_mountcount = 0;
return (0);
}
/*
* Define some special logical drives we use internal to this file.
*/
#define BOOT_PARTITION_DRIVE 99
#define PRIMARY_DOS_DRIVE 1
#define UNPARTITIONED_DRIVE 0
static int
int *dos_ldrive,
{
char *c;
int error;
/*
* Resolve path name of special file being mounted.
*/
return (error);
}
*dos_ldrive = -1;
if (error =
/*
* If there's no device node, the name specified most likely
* maps to a PCFS-style "partition specifier" to select a
* checks in such cases unless an explicit :A or :B is
* requested.
*/
/*
* Split the pathname string at the last ':' separator.
* If there's no ':' in the device name, or the ':' is the
* last character in the string, the name is invalid and
* the error from the previous lookup will be returned.
*/
goto devlookup_done;
*c++ = '\0';
/*
* PCFS partition name suffixes can be:
* - "boot" to indicate the X86BOOT partition
* - a drive letter [c-z] for the "DOS logical drive"
* - a drive number 1..24 for the "DOS logical drive"
* - a "floppy name letter", 'a' or 'b' (just strip this)
*/
if (strcasecmp(c, "boot") == 0) {
/*
* The Solaris boot partition is requested.
*/
/*
* All digits - parse the partition number.
*/
long drvnum = 0;
/*
* A number alright - in the allowed range ?
*/
}
if (error)
goto devlookup_done;
*dos_ldrive = (int)drvnum;
} else if (strlen(c) == 1) {
/*
* A single trailing character was specified.
* - [c-zC-Z] means a harddisk partition, and
* we retrieve the partition number.
* - [abAB] means a floppy drive, so we swallow
* the "drive specifier" and test later
* whether the physical device is a floppy or
* PCMCIA pseudofloppy (sram card).
*/
*c = tolower(*c);
if (*c == 'a' || *c == 'b') {
} else if (*c < 'c' || *c > 'z') {
goto devlookup_done;
} else {
}
} else {
/*
* Can't parse this - pass through previous error.
*/
goto devlookup_done;
}
} else {
}
if (error)
return (error);
/*
* Verify caller's permission to open the device special file.
*/
} else {
}
if (error > 0) {
goto out;
} else if (error == 0) {
} else {
goto out;
}
goto out;
}
goto out;
out:
return (error);
}
static int
int dos_ldrive,
int *remounting,
{
int remount = *remounting;
/*
* Ensure that this logical drive isn't already mounted, unless
* this is a REMOUNT request.
* Note: The framework will perform this check if the "...:c"
* PCFS-style "logical drive" syntax has not been used and an
* actually existing physical device is backing this filesystem.
* Once all block device drivers support PC-style partitioning,
* this codeblock can be dropped.
*/
if (dos_ldrive) {
if (remount) {
return (0);
} else {
return (EBUSY);
}
}
/*
* Assign a unique device number for the vfs
* The old way (getudev() + a constantly incrementing
* major number) was wrong because it changes vfs_dev
* across mounts and reboots, which breaks nfs file handles.
* UFS just uses the real dev_t. We can't do that because
* of the way pcfs opens fdisk partitons (the :c and :d
* partitions are on the same dev_t). Though that _might_
* actually be ok, since the file handle contains an
* absolute block number, it's probably better to make them
* different. So I think we should retain the original
* dev_t, but come up with a different minor number based
* on the logical drive that will _always_ come up the same.
* For now, we steal the upper 6 bits.
*/
#ifdef notdef
/* what should we do here? */
printf("whoops - upper bits used!\n");
#endif
return (EBUSY);
}
if (vfs_devismounted(*pseudodev)) {
if (remount) {
return (0);
} else {
return (EBUSY);
}
}
} else {
return (EBUSY);
}
if (vfs_devismounted(*pseudodev))
if (remount) {
return (0);
} else {
return (EBUSY);
}
}
/*
* This is not a remount. Even if MS_REMOUNT was requested,
* the caller needs to proceed as it would on an ordinary
* mount.
*/
*remounting = 0;
return (0);
}
/*
* Get the PCFS-specific mount options from the VFS framework.
* For "timezone" and "secsize", we need to parse the number
* ourselves and ensure its validity.
* Note: "secsize" is deliberately undocumented at this time,
* it's a workaround for devices (particularly: lofi image files)
* that don't support the DKIOCGMEDIAINFO ioctl for autodetection.
*/
static void
{
char *c;
char *endptr;
long l;
/*
* A number alright - in the allowed range ?
*/
if (l <= -12*3600 || l >= 12*3600) {
"'timezone' mount option - %ld "
"is out of range. Assuming 0.", l);
l = 0;
}
} else {
"'timezone' mount option - argument %s "
"is not a valid number. Assuming 0.", c);
l = 0;
}
fsp->pcfs_secondswest = l;
}
/*
* The "secsize=..." mount option is a workaround for the lack of
* lofi(7d) support for DKIOCGMEDIAINFO. If PCFS wants to parse the
* partition table of a disk image and it has been partitioned with
* sector sizes other than 512 bytes, we'd fail on loopback'ed disk
* images.
* That should really be fixed in lofi ... this is a workaround.
*/
/*
* A number alright - a valid sector size as well ?
*/
if (!VALID_SECSIZE(l)) {
"'secsize' mount option - %ld is "
"unsupported. Autodetecting.", l);
l = 0;
}
} else {
"'secsize' mount option - argument %s "
"is not a valid number. Autodetecting.", c);
l = 0;
}
fsp->pcfs_secsize = l;
}
}
/*
* vfs operations
*/
/*
* pcfs_mount - backend for VFS_MOUNT() on PCFS.
*/
static int
{
int dos_ldrive = 0;
int error;
int remounting;
return (error);
return (ENOTDIR);
return (EBUSY);
}
/*
* PCFS doesn't do mount arguments anymore - everything's a mount
* option these days. In order not to break existing callers, we
* don't reject it yet, just warn that the data (if any) is ignored.
*/
"mount argument structures instead of mount options. "
"Ignoring mount(2) 'dataptr' argument.");
/*
* This is needed early, to make sure the access / open calls
* are done using the correct mode. Processing this mount option
* only when calling pcfs_parse_mntopts() would lead us to attempt
* a readonly mount attempt might fail because of that.
*/
}
/*
* For most filesystems, this is just a lookupname() on the
* mount pathname string. PCFS historically has to do its own
* partition table parsing because not all Solaris architectures
* support all styles of partitioning that PC media can have, and
* hence PCFS understands "device names" that don't map to actual
* physical device nodes. Parsing the "PCFS syntax" for device
* names is done in pcfs_device_identify() - see there.
*
* Once all block device drivers that can host FAT filesystems have
* been enhanced to create device nodes for all PC-style partitions,
* this code can go away.
*/
return (error);
/*
* As with looking up the actual device to mount, PCFS cannot rely
* on just the checks done by vfs_ismounted() whether a given device
* is mounted already. The additional check against the "PCFS syntax"
* is done in pcfs_device_ismounted().
*/
&pseudodev))
return (error);
if (remounting)
return (0);
/*
* Mount the filesystem.
* An instance structure is required before the attempt to locate
* and parse the FAT BPB. This is because mount options may change
* the behaviour of the filesystem type matching code. Precreate
* it and fill it in to a degree that allows parsing the mount
* options.
*/
return (EBUSY);
}
if (error) {
return (error);
}
/*
* This is the actual "mount" - the PCFS superblock check.
*
* Find the requested logical drive and the FAT BPB therein.
* Check device type and flag the instance if media is removeable.
*
* Initializes most members of the filesystem instance structure.
* Returns EINVAL if no valid BPB can be found. Other errors may
* occur after I/O failures, or when invalid / unparseable partition
* tables are encountered.
*/
goto errout;
/*
* Now that the BPB has been parsed, this structural information
* is available and known to be valid. Initialize the VFS.
*/
vfsp->vfs_bcount = 0;
/*
* Validate that we can access the FAT and that it is, to the
* degree we can verify here, self-consistent.
*/
goto errout;
/*
* Record the time of the mount, to return as an "approximate"
* timestamp for the FAT root directory. Since FAT roots don't
* have timestamps, this is less confusing to the user than
* claiming "zero" / Jan/01/1970.
*/
/*
* Fix up the mount options. Because "noatime" is made default on
* removeable media only, a fixed disk will have neither "atime"
* nor "noatime" set. We set the options explicitly depending on
* the PCFS_NOATIME flag, to inform the user of what applies.
* Mount option cancellation will take care that the mutually
* exclusive 'other' is cleared.
*/
NULL, 0);
/*
* All clear - insert the FS instance into PCFS' list.
*/
pc_mounttab = fsp;
return (0);
return (error);
}
static int
int flag,
{
return (EPERM);
/*
* We don't have to lock fsp because the VVFSLOCK in vfs layer will
* prevent lookuppn from crossing the mount point.
* If this is not a forced umount request and there's ongoing I/O,
* don't allow the mount to proceed.
*/
else if (fsp->pcfs_nrefs)
return (EBUSY);
/*
* If this is a forced umount request or if the fs instance has
* been marked as beyond recovery, allow the umount to proceed
* regardless of state. pc_diskchanged() forcibly releases all
*/
}
/* now there should be no pcp node on pcfhead or pcdhead. */
if (fsp == pc_mounttab) {
} else {
}
/*
* Since we support VFS_FREEVFS(), there's no need to
* free the fsp right now. The framework will tell us
* when the right time to do so has arrived by calling
* into pcfs_freevfs.
*/
return (0);
}
/*
* find root of pcfs
*/
static int
{
int error;
return (error);
return (0);
}
/*
* Get file system statistics.
*/
static int
{
int error;
if (error)
return (error);
#ifdef notdef
#endif /* notdef */
return (0);
}
static int
{
int error;
return (error);
break;
}
if (error)
break;
hp++;
}
}
return (error);
}
/*
* Flush any pending I/O.
*/
/*ARGSUSED*/
static int
short flag,
{
int error = 0;
/* this prevents the filesystem from being umounted. */
} else {
}
} else {
fsp = pc_mounttab;
break;
}
if (error) break;
}
}
return (error);
}
int
{
int err;
return (EIO);
fsp->pcfs_count++;
} else {
panic("pc_lockfs");
/*
* We check the IRRECOV bit again just in case somebody
* snuck past the initial check but then got held up before
* they could grab the lock. (And in the meantime someone
* had grabbed the lock and set the bit)
*/
return (err);
}
}
fsp->pcfs_count++;
}
return (0);
}
void
{
panic("pc_unlockfs");
if (--fsp->pcfs_count < 0)
panic("pc_unlockfs: count");
if (fsp->pcfs_count == 0) {
fsp->pcfs_owner = 0;
}
}
int
{
int nfat;
int error = 0;
struct fat_od_fsi *fsinfo_disk;
return (0);
/*
* write out all copies of FATs
*/
if (error) {
return (EIO);
}
}
/*
* Write out fsinfo sector.
*/
}
}
if (error) {
return (EIO);
}
}
return (0);
}
void
{
int mount_cnt = 0;
panic("pc_invalfat");
/*
* Release FAT
*/
/*
* Invalidate all the blocks associated with the device.
* Not needed if stateless.
*/
mount_cnt++;
if (!mount_cnt)
/*
* close mounted device
*/
}
void
{
}
/*
* The problem with supporting NFS on the PCFS filesystem is that there
* is no good place to keep the generation number. The only possible
* place is inside a directory entry. There are a few words that we
* time of the file - but it seems wrong to use them. In addition, directory
* entries come and go. If a directory is removed completely, its directory
* blocks are freed and the generation numbers are lost. Whereas in ufs,
* inode blocks are dedicated for inodes, so the generation numbers are
* permanently kept on the disk.
*/
static int
{
int eoffset;
int error;
if (error) {
return (error);
}
if (pcfid->pcfid_block == 0) {
return (0);
}
return (EINVAL);
}
fsp->pcfs_clsize);
} else {
/*
* root directory. A better code structure would
* significantly improve maintainability here ...
*/
}
if (error)
return (error);
}
/*
* Ok, if this is a valid file handle that we gave out,
* then simply ensuring that the creation time matches,
* the entry has not been deleted, and it has a valid first
* character should be enough.
*
* Unfortunately, verifying that the <blkno, offset> _still_
* refers to a directory entry is not easy, since we'd have
* to search _all_ directories starting from root to find it.
* That's a high price to pay just in case somebody is forging
* file handles. So instead we verify that as much of the
* entry is valid as we can:
*
* 1. The starting cluster is 0 (unallocated) or valid
* 2. It is not an LFN entry
* 3. It is not hidden (unless mounted as such)
* 4. It is not the label
*/
/*
* if the starting cluster is valid, but not valid according
* to pc_validcl(), force it to be to simplify the following if.
*/
if (cn == 0)
if (cn >= PCF_LASTCLUSTER32)
} else {
if (cn >= PCF_LASTCLUSTER)
}
(PCDL_IS_LFN(ep)) ||
return (EINVAL);
}
} else {
}
return (0);
}
/*
* Unfortunately, FAT32 fat's can be pretty big (On a 1 gig jaz drive, about
* a meg), so we can't bread() it all in at once. This routine reads a
* fat a chunk at a time.
*/
static int
{
return (EIO);
}
}
return (0);
}
/*
* We write the FAT out a _lot_, in order to make sure that it
* is up-to-date. But on a FAT32 system (large drive, small clusters)
* the FAT might be a couple of megabytes, and writing it all out just
* because we created or deleted a small file is painful (especially
* since we do it for each alternate FAT too). So instead, for FAT16 and
* FAT32 we only write out the bit that has changed. We don't clear
* the 'updated' fields here because the caller might be writing out
* several FATs, so the caller must use pc_clear_fatchanges() after
* all FATs have been updated.
* This function doesn't take "start" from fsp->pcfs_dosstart because
* callers can use it to write either the primary or any of the alternate
* FAT tables.
*/
static int
{
int error;
continue;
}
if (error) {
return (error);
}
}
return (0);
}
/*
* Mark the FAT cluster that 'cn' is stored in as modified.
*/
void
{
/* which fat block is the cluster number stored in? */
size = sizeof (pc_cluster32_t);
size = sizeof (pc_cluster16_t);
} else {
/* does this field wrap into the next fat cluster? */
}
}
}
/*
* return whether the FAT cluster 'bn' is updated and needs to
* be written out.
*/
int
{
}
/*
* Implementation of VFS_FREEVFS() to support forced umounts.
* This is called by the vfs framework after umount, to trigger
* the release of any resources still associated with the given
* vfs_t once the need to keep them has gone away.
*/
void
{
/*
* Purging the FAT closes the device - can't do any more
* I/O after this.
*/
/*
* Allow _fini() to succeed now, if so desired.
*/
}
/*
* PC-style partition parsing and FAT BPB identification/validation code.
* The partition parsers here assume:
* - a FAT filesystem will be in a partition that has one of a set of
* recognized partition IDs
* - the user wants the 'numbering' (C:, D:, ...) that one would get
* on MSDOS 6.x.
* That means any non-FAT partition type (NTFS, HPFS, or any Linux fs)
* will not factor in the enumeration.
* These days, such assumptions should be revisited. FAT is no longer the
* only game in 'PC town'.
*/
/*
* isDosDrive()
* Boolean function. Give it the systid field for an fdisk partition
* and it decides if that's a systid that describes a DOS drive. We
*/
static int
{
}
/*
* isDosExtended()
* Boolean function. Give it the systid field for an fdisk partition
* and it decides if that's a systid that describes an extended DOS
* partition.
*/
static int
{
}
/*
* isBootPart()
* Boolean function. Give it the systid field for an fdisk partition
* and it decides if that's a systid that describes a Solaris boot
* partition.
*/
static int
{
}
/*
* noLogicalDrive()
* Display error message about not being able to find a logical
* drive.
*/
static void
noLogicalDrive(int ldrive)
{
if (ldrive == BOOT_PARTITION_DRIVE) {
} else {
}
}
/*
* findTheDrive()
* Discover offset of the requested logical drive, and return
* that offset (startSector), the systid of that drive (sysid),
* and a buffer pointer (bp), with the buffer contents being
* the first sector of the logical drive (i.e., the sector that
* contains the BPB for that drive).
*
* Note: this code is not capable of addressing >2TB disks, as it uses
* daddr_t not diskaddr_t, some of the calculations would overflow
*/
FD_NUMPART * sizeof (struct ipart))
static int
{
int logicalDriveCount = 0; /* Count of logical drives seen */
int driveIndex; /* computed FDISK table index */
int i;
/*
* Count of drives in the current extended partition's
* FDISK table, and indexes of the drives themselves.
*/
int extndDrives[FD_NUMPART];
int numDrives = 0;
/*
* Count of drives (beyond primary) in master boot record's
* FDISK table, and indexes of the drives themselves.
*/
int extraDrives[FD_NUMPART];
int numExtraDrives = 0;
/*
* "ldrive == 0" should never happen, as this is a request to
* mount the physical device (and ignore partitioning). The code
* in pcfs_mount() should have made sure that a logical drive number
* is at least 1, meaning we're looking for drive "C:". It is not
* safe (and a bug in the callers of this function) to request logical
* drive number 0; we could ASSERT() but a graceful EIO is a more
* polite way.
*/
if (ldrive == 0) {
return (EIO);
}
/*
* Copy from disk block into memory aligned structure for fdisk usage.
*/
/*
* This check is ok because a FAT BPB and a master boot record (MBB)
* have the same signature, in the same position within the block.
*/
"device (%x.%x):%d\n",
return (EINVAL);
}
/*
* Get a summary of what is in the Master FDISK table.
* Normally we expect to find one partition marked as a DOS drive.
* This partition is the one Windows calls the primary dos partition.
* If the machine has any logical drives then we also expect
* to find a partition marked as an extended DOS partition.
*
* Sometimes we'll find multiple partitions marked as DOS drives.
* The Solaris fdisk program allows these partitions
* to be created, but Windows fdisk no longer does. We still need
* to support these, though, since Windows does. We also need to fix
* our fdisk to behave like the Windows version.
*
* It turns out that some off-the-shelf media have *only* an
* Extended partition, so we need to deal with that case as well.
*
* Only a single (the first) Extended or Boot Partition will
* be recognized. Any others will be ignored.
*/
for (i = 0; i < FD_NUMPART; i++) {
if (primaryPart < 0) {
primaryPart = i;
} else {
extraDrives[numExtraDrives++] = i;
}
continue;
}
extendedPart = i;
continue;
}
bootPart = i;
continue;
}
}
if (ldrive == BOOT_PARTITION_DRIVE) {
if (bootPart < 0) {
return (EINVAL);
}
goto found;
}
goto found;
}
/*
* We are not looking for the C: drive (or the primary drive
* was not found), so we had better have an extended partition
* or extra drives in the Master FDISK table.
*/
if ((extendedPart < 0) && (numExtraDrives == 0)) {
return (EINVAL);
}
if (extendedPart >= 0) {
do {
/*
* If the seek would not cause us to change
* position on the drive, then we're out of
* extended partitions to examine.
*/
break;
/*
* Seek the next extended partition, and find
* logical drives within it.
*/
/*
* bread() block numbers are multiples of DEV_BSIZE
* but the device sector size (the unit of partitioning)
* might be larger than that; pcfs_get_device_info()
* has calculated the multiplicator for us.
*/
return (EIO);
}
"extended partition table signature err, "
"device (%x.%x):%d, LBA %u",
return (EINVAL);
}
/*
* Count up drives, and track where the next
* extended partition is in case we need it. We
* are expecting only one extended partition. If
* there is more than one we'll only go to the
* first one we see, but warn about ignoring.
*/
numDrives = 0;
for (i = 0; i < FD_NUMPART; i++) {
extndDrives[numDrives++] = i;
/*
* Already found an extended
* partition in this table.
*/
"!pcfs: ignoring unexpected"
" additional extended"
" partition");
} else {
diskblk = xstartsect +
}
}
}
/*
* The number of logical drives we've found thus
* far is enough to get us to the one we were
* searching for.
*/
startsec =
"values bad");
return (EINVAL);
}
goto found;
} else {
/*
* We ran out of extended dos partition
* drives. The only hope now is to go
* back to extra drives defined in the master
* fdisk table. But we overwrote that table
* already, so we must load it in again.
*/
fsp->pcfs_secsize);
return (EIO);
}
}
}
/*
* Still haven't found the drive, is it an extra
* drive defined in the main FDISK table?
*/
goto found;
}
/*
* Still haven't found the drive, and there is
* nowhere else to look.
*/
return (EINVAL);
/*
* We need this value in units of sectorsize, because PCFS' internal
* offset calculations go haywire for > 512Byte sectors unless all
* pcfs_.*start values are in units of sectors.
* So, assign before the capacity check (that's done in DEV_BSIZE)
*/
/*
* convert from device sectors to proper units:
* - starting sector: DEV_BSIZE (as argument to bread())
* - media size: Bytes
*/
/*
* some additional validation / warnings in case the partition table
* and the actual media capacity are not in accordance ...
*/
if (fsp->pcfs_mediasize != 0) {
"!pcfs: partition size (LBA start %u, %lld bytes, "
"device (%x.%x):%d) smaller than "
"mediasize (%lld bytes).\n"
"filesystem may be truncated, access errors "
"may result.\n",
}
} else {
}
return (0);
}
static fattype_t
{
if (ncl <= 4096) {
if (bpb_get_FatSz16(bpb) == 0)
return (FAT_UNKNOWN);
return (FAT12);
return (FAT12);
return (FAT16);
switch (bpb_get_Media(bpb)) {
case SS8SPT:
case DS8SPT:
case SS9SPT:
case DS9SPT:
case DS18SPT:
case DS9_15SPT:
/*
* Is this reliable - all floppies are FAT12 ?
*/
return (FAT12);
case MD_FIXED:
/*
* Is this reliable - disks are always FAT16 ?
*/
return (FAT16);
default:
break;
}
} else if (ncl <= 65536) {
return (FAT32);
return (FAT32);
return (FAT32);
return (FAT16);
return (FAT16);
}
/*
* We don't know
*/
return (FAT_UNKNOWN);
}
/*
* Check to see if the BPB we found is correct.
*
* This looks far more complicated that it needs to be for pure structural
* validation. The reason for this is that parseBPB() is also used for
* debugging purposes (mdb dcmd) and we therefore want a bitmap of which
* BPB fields (do not) have 'known good' values, even if we (do not) reject
* the BPB when attempting to mount the filesystem.
*
* Real-world usage of FAT shows there are a lot of corner-case situations
* and, following the specification strictly, invalid filesystems out there.
* Known are situations such as:
* instead of the zero in one of the fields mandated by the spec
* - filesystems that claim to be larger than the partition they're in
* - filesystems without valid media descriptor
* - FAT32 filesystems with RootEntCnt != 0
* - FAT32 filesystems with less than 65526 clusters
* - FAT32 filesystems without valid FSI sector
* - FAT32 filesystems with FAT size in fatsec16 instead of fatsec32
*
* Such filesystems are accessible by PCFS - if it'd know to start with that
* the filesystem should be treated as a specific FAT type. Before S10, it
* ignored the BPB; now it ignores the partition type for anything else but
* logical drive enumeration, which can result in rejection of (invalid)
* FAT32 - if the partition ID says FAT32, but the filesystem, for example
* has less than 65526 clusters.
*
* Without a "force this fs as FAT{12,16,32}" tunable or mount option, it's
* not possible to allow all such mostly-compliant filesystems in unless one
* accepts false positives (definitely invalid filesystems that cause problems
* later). This at least allows to pinpoint why the mount failed.
*
* Due to the use of FAT on removeable media, all relaxations of the rules
* here need to be carefully evaluated wrt. to potential effects on PCFS
* resilience. A faulty/"mis-crafted" filesystem must not cause a panic, so
* beware.
*/
static int
{
uint64_t validflags = 0;
if (!VALID_SECSIZE(secsize))
"autodetected media block size %d\n",
if (fsp->pcfs_ldrive) {
/*
* We've already attempted to parse the partition
* table. If the block size used for that don't match
* the PCFS sector size, we're hosed one way or the
* other. Just try what happens.
*/
PC_DPRINTF1(3,
"!pcfs: Using autodetected secsize %d\n",
(int)secsize);
} else {
/*
* This allows mounting lofi images of PCFS partitions
* with sectorsize != DEV_BSIZE. We can't parse the
* partition table on whole-disk images unless the
* (undocumented) "secsize=..." mount option is used,
* but at least this allows us to mount if we have
* an image of a partition.
*/
PC_DPRINTF1(3,
"!pcfs: Using BPB secsize %d\n", (int)secsize);
}
}
if (fsp->pcfs_mediasize == 0) {
/*
* This is not an error because not all devices support the
* partitioned. If we have not been able to figure out the
* size of the underlaying medium, we have to trust the BPB.
*/
"on device (%x.%x):%d, trusting BPB totsec (%lld Bytes)\n",
"!pcfs: autodetected mediasize (%lld Bytes) smaller than "
"FAT BPB mediasize (%lld Bytes).\n"
"truncated filesystem on device (%x.%x):%d, access errors "
"possible.\n",
(long long)fsp->pcfs_mediasize,
fsp->pcfs_ldrive);
} else {
/*
* This is actually ok. A FAT needs not occupy the maximum
* space available in its partition, it can be shorter.
*/
}
/*
* Since we let just about anything pass through this function,
* fence against divide-by-zero here.
*/
if (secsize)
else
rdirsec = 0;
/*
* This assignment is necessary before pc_dbdaddr() can first be
* used. Must initialize the value here.
*/
/*
* Remember: All PCFS offset calculations in sectors. Before I/O
* is done, convert to DEV_BSIZE units via pc_dbdaddr(). This is
* necessary so that media with > 512Byte sector sizes work correctly.
*/
/*
* 'totsec' is taken directly from the BPB and guaranteed to fit
* into a 32bit unsigned integer. The calculation of 'datasec',
* on the other hand, could underflow for incorrect values in
* We also check that the BPB conforms to the FAT specification's
* requirement that either of the 16/32bit total sector counts
* must be zero.
*/
if (totsec != 0 &&
if (VALID_SECSIZE(secsize))
/*
* Try to determine which FAT format to use.
*
* Calculate the number of clusters in order to determine
* the type of FAT we are looking at. This is the only
* recommended way of determining FAT type, though there
* are other hints in the data, this is the best way.
*
* Since we let just about "anything" pass through this function
* without early exits, fence against divide-by-zero here.
*
* datasec was already validated against UINT32_MAX so we know
* the result will not overflow the 32bit calculation.
*/
else
ncl = 0;
/*
* From the Microsoft FAT specification:
* In the following example, when it says <, it does not mean <=.
* Note also that the numbers are correct. The first number for
* FAT12 is 4085; the second number for FAT16 is 65525. These numbers
* and the '<' signs are not wrong.
*
* We "specialdetect" the corner cases, and use at least one "extra"
* criterion to decide whether it's FAT16 or FAT32 if the cluster
* count is dangerously close to the boundaries.
*/
if (ncl <= PCF_FIRSTCLUSTER) {
type = FAT_UNKNOWN;
} else if (ncl < 4085) {
} else if (ncl <= 4096) {
} else if (ncl < 65525) {
} else if (ncl <= 65536) {
} else if (ncl < PCF_LASTCLUSTER32) {
} else {
type = FAT_UNKNOWN;
}
/* Do some final sanity checks for each specific type of FAT */
switch (type) {
case FAT12:
if (rec != 0)
bpb_get_TotSec16(bpb) == 0)
bpb_get_TotSec32(bpb) == 0)
if (ncl < 4085)
fsp->pcfs_fsistart = 0;
type = FAT_UNKNOWN;
break;
case FAT16:
if (rec != 0)
bpb_get_TotSec16(bpb) == 0)
bpb_get_TotSec32(bpb) == 0)
fsp->pcfs_fsistart = 0;
type = FAT_UNKNOWN;
break;
case FAT32:
if (rec == 0)
if (bpb_get_TotSec16(bpb) == 0)
if (bpb_get_FatSz16(bpb) == 0)
if (validflags & BPB_FSISEC_OK)
/*
* Current PCFS code only works if 'pcfs_rdirstart'
* contains the root cluster number on FAT32.
* That's a mis-use and would better be changed.
*/
type = FAT_UNKNOWN;
break;
case FAT_QUESTIONABLE:
goto recheck;
default:
break;
}
if (valid)
*valid = validflags;
if (type != FAT_UNKNOWN) {
return (1);
}
return (0);
}
/*
* Detect the device's native block size (sector size).
*
* Test whether the device is:
* - a floppy device from a known controller type via DKIOCINFO
* - a real floppy using the fd(7d) driver and capable of fdio(7I) ioctls
* - a PCMCIA sram memory card (pseudofloppy) using pcram(7d)
* - a USB floppy drive (identified by drive geometry)
*
* Detecting a floppy will make PCFS metadata updates on such media synchronous,
* to minimize risks due to slow I/O and user hotplugging / device ejection.
*
* This might be a bit wasteful on kernel stack space; if anyone's
* bothered by this, kmem_alloc/kmem_free the ioctl arguments...
*/
static void
{
int error;
union {
} arg; /* save stackspace ... */
goto out;
if (error)
goto out;
/*
* Not sure if this could possibly happen. It'd be a bit like
* VOP_OPEN() changing the passed-in vnode ptr. We're just not
* expecting it, needs some thought if triggered ...
*/
/*
* Check for removeable/hotpluggable media.
*/
isremoveable = 0;
}
ishotpluggable = 0;
}
/*
* Make sure we don't use "half-initialized" values if the ioctls fail.
*/
fsp->pcfs_mediasize = 0;
} else {
}
if (fsp->pcfs_secsize == 0) {
fsp->pcfs_sdshift =
} else {
"%d, device (%x.%x), different from user-provided "
"%d. User override - ignoring autodetect result.\n",
fsp->pcfs_secsize);
}
"%d, device (%x.%x), invalid (not 512, 1024, 2048, 4096). "
"Ignoring autodetect result.\n",
}
/*
* We treat the following media types as a floppy by default.
*/
isfloppy =
/*
* if this device understands fdio(7I) requests it's
* obviously a floppy drive.
*/
if (!isfloppy &&
isfloppy = 1;
/*
* some devices (PCMCIA pseudofloppies) we like to treat
* as floppies, but they don't understand fdio(7I) requests.
*/
if (!isfloppy &&
isfloppy = 1;
/*
* This is the "final fallback" test - media with
* 2 heads and 80 cylinders are assumed to be floppies.
* This is normally true for USB floppy drives ...
*/
if (!isfloppy &&
isfloppy = 1;
/*
* This is similar to the "old" PCFS code that sets this flag
* just based on the media descriptor being 0xf8 (MD_FIXED).
* Should be re-worked. We really need some specialcasing for
* removeable media.
*/
if (!isfloppy) {
}
/*
* We automatically disable access time updates if the medium is
* request access time updates (via the "atime" mount option).
* The majority of flash-based media should fit this category.
* Minimizing write access extends the lifetime of your memory stick !
*/
}
out:
if (fsp->pcfs_secsize == 0) {
"device (%x.%x) failed, no user-provided fallback. "
"Using %d bytes.\n",
fsp->pcfs_sdshift = 0;
}
}
/*
* Get the FAT type for the DOS medium.
*
* -------------------------
* According to Microsoft:
* The FAT type one of FAT12, FAT16, or FAT32 is determined by the
* count of clusters on the volume and nothing else.
* -------------------------
*
*/
static int
{
int error = 0;
/*
* Detect the native block size of the medium, and attempt to
* detect whether the medium is removeable.
* We do treat removeable media (floppies, PCMCIA memory cards,
* USB and FireWire disks) differently wrt. to the frequency
* and synchronicity of FAT updates.
* We need to know the media block size in order to be able to
* parse the partition table.
*/
/*
* Unpartitioned media (floppies and some removeable devices)
* don't have a partition table, the FAT BPB is at disk block 0.
* Start out by reading block 0.
*/
fsp->pcfs_dosstart = 0;
goto out;
/*
* If a logical drive number is requested, parse the partition table
* and attempt to locate it. Otherwise, proceed immediately to the
* BPB check. findTheDrive(), if successful, returns the disk block
* number where the requested partition starts in "startsec".
*/
if (fsp->pcfs_ldrive != 0) {
"device (%x,%x):%d to find BPB\n",
goto out;
fsp->pcfs_secsize);
goto out;
}
/*
* Validate the BPB and fill in the instance structure.
*/
"device (%x.%x):%d, disk LBA %u\n",
goto out;
}
out:
/*
* Release the buffer used
*/
return (error);
}
/*
* Get the file allocation table.
* If there is an old FAT, invalidate it.
*/
int
{
int error;
int fat_changemapsize;
int flags = 0;
int nfat;
int altfat_mustmatch = 0;
/*
* There is a FAT in core.
* If there are open file pcnodes or we have modified it or
* it hasn't timed out yet use the in core FAT.
* Otherwise invalidate it and get a new one
*/
#ifdef notdef
if (fsp->pcfs_frefs ||
return (0);
} else {
}
#endif /* notdef */
return (0);
}
/*
* Get FAT and check it for validity
*/
if (error) {
goto out;
}
/*
* The only definite signature check is that the
* media descriptor byte should match the first byte
* of the FAT block.
*/
"media descriptor %x, FAT[0] lowbyte %x\n",
altfat_mustmatch = 1;
}
/*
* Get alternate FATs and check for consistency
* This is an inlined version of pc_readfat().
* Since we're only comparing FAT and alternate FAT,
* there's no reason to let pc_readfat() copy data out
* of the buf. Instead, compare in-situ, one cluster
* at a time.
*/
"!pcfs: alternate FAT #%d (start LBA %p)"
" read error at offset %ld on device"
" (%x.%x):%d",
fsp->pcfs_ldrive);
goto out;
}
"!pcfs: alternate FAT #%d (start LBA %p)"
" corrupted at offset %ld on device"
" (%x.%x):%d",
fsp->pcfs_ldrive);
if (altfat_mustmatch) {
goto out;
}
}
}
}
/*
* Retrieve FAT32 fsinfo sector.
* A failure to read this is not fatal to accessing the volume.
* It simply means operations that count or search free blocks
* will have to do a full FAT walk, vs. a possibly quicker lookup
* of the summary information.
* Hence, we log a message but return success overall after this point.
*/
struct fat_od_fsi *fsinfo_disk;
!FSISIG_OK(fsinfo_disk)) {
"!pcfs: error reading fat32 fsinfo from "
"device (%x.%x):%d, block %lld",
} else {
}
}
else
return (0);
out:
if (bp)
if (fatp)
if (fat_changemap)
if (flags) {
}
return (error);
}